Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-04 04:02:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

SUNRPC: Refactor nfsd4_do_encode_secinfo()

Browse Source 
Clean up.  This matches a similar API for the client side, and
keeps ULP fingers out the of the GSS mech switch.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
This commit is contained in:
Chuck Lever 2013-03-16 15:55:10 -04:00 committed by Trond Myklebust
parent 83523d083a
commit a77c806fb9
6 changed files with 87 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
fs/nfsd/nfs4xdr.c
View File

@ -3138,10 +3138,9 @@ nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_
static __be32 static __be32
nfsd4_do_encode_secinfo(struct nfsd4_compoundres *resp, nfsd4_do_encode_secinfo(struct nfsd4_compoundres *resp,
__be32 nfserr,struct svc_export *exp) __be32 nfserr, struct svc_export *exp)
{ {
int i = 0; u32 i, nflavs;
u32 nflavs;
struct exp_flavor_info *flavs; struct exp_flavor_info *flavs;
struct exp_flavor_info def_flavs[2]; struct exp_flavor_info def_flavs[2];
__be32 *p; __be32 *p;
@ -3172,30 +3171,29 @@ nfsd4_do_encode_secinfo(struct nfsd4_compoundres *resp,
WRITE32(nflavs); WRITE32(nflavs);
ADJUST_ARGS(); ADJUST_ARGS();
for (i = 0; i < nflavs; i++) { for (i = 0; i < nflavs; i++) {
u32 flav = flavs[i].pseudoflavor; struct rpcsec_gss_info info;
struct gss_api_mech *gm = gss_mech_get_by_pseudoflavor(flav);
if (gm) { if (rpcauth_get_gssinfo(flavs[i].pseudoflavor, &info) == 0) {
RESERVE_SPACE(4); RESERVE_SPACE(4);
WRITE32(RPC_AUTH_GSS); WRITE32(RPC_AUTH_GSS);
ADJUST_ARGS(); ADJUST_ARGS();
RESERVE_SPACE(4 + gm->gm_oid.len); RESERVE_SPACE(4 + info.oid.len);
WRITE32(gm->gm_oid.len); WRITE32(info.oid.len);
WRITEMEM(gm->gm_oid.data, gm->gm_oid.len); WRITEMEM(info.oid.data, info.oid.len);
ADJUST_ARGS(); ADJUST_ARGS();
RESERVE_SPACE(4); RESERVE_SPACE(4);
WRITE32(0); /* qop */ WRITE32(info.qop);
ADJUST_ARGS(); ADJUST_ARGS();
RESERVE_SPACE(4); RESERVE_SPACE(4);
WRITE32(gss_pseudoflavor_to_service(gm, flav)); WRITE32(info.service);
ADJUST_ARGS(); ADJUST_ARGS();
gss_mech_put(gm);
} else { } else {
RESERVE_SPACE(4); RESERVE_SPACE(4);
WRITE32(flav); WRITE32(flavs[i].pseudoflavor);
ADJUST_ARGS(); ADJUST_ARGS();
} }
} }
out: out:
if (exp) if (exp)
exp_put(exp); exp_put(exp);

4
include/linux/sunrpc/auth.h
View File

@ -106,6 +106,8 @@ struct rpc_authops {
void (*pipes_destroy)(struct rpc_auth *); void (*pipes_destroy)(struct rpc_auth *);
int (*list_pseudoflavors)(rpc_authflavor_t *, int); int (*list_pseudoflavors)(rpc_authflavor_t *, int);
rpc_authflavor_t (*info2flavor)(struct rpcsec_gss_info *); rpc_authflavor_t (*info2flavor)(struct rpcsec_gss_info *);
int (*flavor2info)(rpc_authflavor_t,
struct rpcsec_gss_info *);
}; };
struct rpc_credops { struct rpc_credops {
@ -142,6 +144,8 @@ struct rpc_auth * rpcauth_create(rpc_authflavor_t, struct rpc_clnt *);
void rpcauth_release(struct rpc_auth *); void rpcauth_release(struct rpc_auth *);
rpc_authflavor_t rpcauth_get_pseudoflavor(rpc_authflavor_t, rpc_authflavor_t rpcauth_get_pseudoflavor(rpc_authflavor_t,
struct rpcsec_gss_info *); struct rpcsec_gss_info *);
int rpcauth_get_gssinfo(rpc_authflavor_t,
struct rpcsec_gss_info *);
int rpcauth_list_flavors(rpc_authflavor_t *, int); int rpcauth_list_flavors(rpc_authflavor_t *, int);
struct rpc_cred * rpcauth_lookup_credcache(struct rpc_auth *, struct auth_cred *, int); struct rpc_cred * rpcauth_lookup_credcache(struct rpc_auth *, struct auth_cred *, int);
void rpcauth_init_cred(struct rpc_cred *, const struct auth_cred *, struct rpc_auth *, const struct rpc_credops *); void rpcauth_init_cred(struct rpc_cred *, const struct auth_cred *, struct rpc_auth *, const struct rpc_credops *);

3
include/linux/sunrpc/gss_api.h
View File

@ -133,6 +133,9 @@ void gss_mech_unregister(struct gss_api_mech *);
/* Given a GSS security tuple, look up a pseudoflavor */ /* Given a GSS security tuple, look up a pseudoflavor */
rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *); rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *);
/* Given a pseudoflavor, look up a GSS security tuple */
int gss_mech_flavor2info(rpc_authflavor_t, struct rpcsec_gss_info *);
/* Returns a reference to a mechanism, given a name like "krb5" etc. */ /* Returns a reference to a mechanism, given a name like "krb5" etc. */
struct gss_api_mech *gss_mech_get_by_name(const char *); struct gss_api_mech *gss_mech_get_by_name(const char *);

35
net/sunrpc/auth.c
View File

@ -158,6 +158,41 @@ rpcauth_get_pseudoflavor(rpc_authflavor_t flavor, struct rpcsec_gss_info *info)
} }
EXPORT_SYMBOL_GPL(rpcauth_get_pseudoflavor); EXPORT_SYMBOL_GPL(rpcauth_get_pseudoflavor);
/**
* rpcauth_get_gssinfo - find GSS tuple matching a GSS pseudoflavor
* @pseudoflavor: GSS pseudoflavor to match
* @info: rpcsec_gss_info structure to fill in
*
* Returns zero and fills in "info" if pseudoflavor matches a
* supported mechanism.
*/
int
rpcauth_get_gssinfo(rpc_authflavor_t pseudoflavor, struct rpcsec_gss_info *info)
{
rpc_authflavor_t flavor = pseudoflavor_to_flavor(pseudoflavor);
const struct rpc_authops *ops;
int result;
ops = auth_flavors[flavor];
if (ops == NULL)
request_module("rpc-auth-%u", flavor);
spin_lock(&rpc_authflavor_lock);
ops = auth_flavors[flavor];
if (ops == NULL || !try_module_get(ops->owner)) {
spin_unlock(&rpc_authflavor_lock);
return -ENOENT;
}
spin_unlock(&rpc_authflavor_lock);
result = -ENOENT;
if (ops->flavor2info != NULL)
result = ops->flavor2info(pseudoflavor, info);
module_put(ops->owner);
return result;
}
EXPORT_SYMBOL_GPL(rpcauth_get_gssinfo);
/** /**
* rpcauth_list_flavors - discover registered flavors and pseudoflavors * rpcauth_list_flavors - discover registered flavors and pseudoflavors
* @array: array to fill in * @array: array to fill in

1
net/sunrpc/auth_gss/auth_gss.c
View File

@ -1642,6 +1642,7 @@ static const struct rpc_authops authgss_ops = {
.pipes_destroy = gss_pipes_dentries_destroy, .pipes_destroy = gss_pipes_dentries_destroy,
.list_pseudoflavors = gss_mech_list_pseudoflavors, .list_pseudoflavors = gss_mech_list_pseudoflavors,
.info2flavor = gss_mech_info2flavor, .info2flavor = gss_mech_info2flavor,
.flavor2info = gss_mech_flavor2info,
}; };
static const struct rpc_credops gss_credops = { static const struct rpc_credops gss_credops = {

35
net/sunrpc/auth_gss/gss_mech_switch.c
View File

@ -240,8 +240,6 @@ gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
return gm; return gm;
} }
EXPORT_SYMBOL_GPL(gss_mech_get_by_pseudoflavor);
/** /**
* gss_mech_list_pseudoflavors - Discover registered GSS pseudoflavors * gss_mech_list_pseudoflavors - Discover registered GSS pseudoflavors
* @array: array to fill in * @array: array to fill in
@ -315,6 +313,39 @@ rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *info)
return pseudoflavor; return pseudoflavor;
} }
/**
* gss_mech_flavor2info - look up a GSS tuple for a given pseudoflavor
* @pseudoflavor: GSS pseudoflavor to match
* @info: rpcsec_gss_info structure to fill in
*
* Returns zero and fills in "info" if pseudoflavor matches a
* supported mechanism. Otherwise a negative errno is returned.
*/
int gss_mech_flavor2info(rpc_authflavor_t pseudoflavor,
struct rpcsec_gss_info *info)
{
struct gss_api_mech *gm;
int i;
gm = gss_mech_get_by_pseudoflavor(pseudoflavor);
if (gm == NULL)
return -ENOENT;
for (i = 0; i < gm->gm_pf_num; i++) {
if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) {
memcpy(info->oid.data, gm->gm_oid.data, gm->gm_oid.len);
info->oid.len = gm->gm_oid.len;
info->qop = gm->gm_pfs[i].qop;
info->service = gm->gm_pfs[i].service;
gss_mech_put(gm);
return 0;
}
}
gss_mech_put(gm);
return -ENOENT;
}
u32 u32
gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor) gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor)
{ {