projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'for-grant' of git://sources.calxeda.com/kernel/linux into devicetree...
[deliverable/linux.git] / net / sunrpc / auth.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/net/sunrpc/auth.c
3 *
4 * Generic RPC client authentication API.
5 *
6 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
7 */
8
9#include <linux/types.h>
10#include <linux/sched.h>
11#include <linux/module.h>
12#include <linux/slab.h>
13#include <linux/errno.h>
25337fdc 14#include <linux/hash.h>
1da177e4
LT		 15#include <linux/sunrpc/clnt.h>
16#include <linux/spinlock.h>
17
18#ifdef RPC_DEBUG
19# define RPCDBG_FACILITY RPCDBG_AUTH
20#endif
21
241269bd
TM		 22#define RPC_CREDCACHE_DEFAULT_HASHBITS (4)
23struct rpc_cred_cache {
24 struct hlist_head *hashtable;
25 unsigned int hashbits;
26 spinlock_t lock;
27};
28
29static unsigned int auth_hashbits = RPC_CREDCACHE_DEFAULT_HASHBITS;
30
fc1b356f 31static DEFINE_SPINLOCK(rpc_authflavor_lock);
f1c0a861 32static const struct rpc_authops *auth_flavors[RPC_AUTH_MAXFLAVOR] = {
1da177e4
LT		 33 &authnull_ops, /* AUTH_NULL */
34 &authunix_ops, /* AUTH_UNIX */
35 NULL, /* others can be loadable modules */
36};
37
e092bdcd 38static LIST_HEAD(cred_unused);
f5c2187c 39static unsigned long number_cred_unused;
e092bdcd 40
db5fe265 41#define MAX_HASHTABLE_BITS (14)
8e4e15d4 42static int param_set_hashtbl_sz(const char *val, const struct kernel_param *kp)
241269bd
TM		 43{
44 unsigned long num;
45 unsigned int nbits;
46 int ret;
47
48 if (!val)
49 goto out_inval;
50 ret = strict_strtoul(val, 0, &num);
51 if (ret == -EINVAL)
52 goto out_inval;
53 nbits = fls(num);
54 if (num > (1U << nbits))
55 nbits++;
56 if (nbits > MAX_HASHTABLE_BITS || nbits < 2)
57 goto out_inval;
58 *(unsigned int *)kp->arg = nbits;
59 return 0;
60out_inval:
61 return -EINVAL;
62}
63
8e4e15d4 64static int param_get_hashtbl_sz(char *buffer, const struct kernel_param *kp)
241269bd
TM		 65{
66 unsigned int nbits;
67
68 nbits = *(unsigned int *)kp->arg;
69 return sprintf(buffer, "%u", 1U << nbits);
70}
71
72#define param_check_hashtbl_sz(name, p) __param_check(name, p, unsigned int);
73
8e4e15d4
SR		 74static struct kernel_param_ops param_ops_hashtbl_sz = {
75 .set = param_set_hashtbl_sz,
76 .get = param_get_hashtbl_sz,
77};
78
241269bd
TM		 79module_param_named(auth_hashtable_size, auth_hashbits, hashtbl_sz, 0644);
80MODULE_PARM_DESC(auth_hashtable_size, "RPC credential cache hashtable size");
81
1da177e4
LT		 82static u32
83pseudoflavor_to_flavor(u32 flavor) {
84 if (flavor >= RPC_AUTH_MAXFLAVOR)
85 return RPC_AUTH_GSS;
86 return flavor;
87}
88
89int
f1c0a861 90rpcauth_register(const struct rpc_authops *ops)
1da177e4
LT		 91{
92 rpc_authflavor_t flavor;
fc1b356f 93 int ret = -EPERM;
1da177e4
LT		 94
95 if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
96 return -EINVAL;
fc1b356f
TM		 97 spin_lock(&rpc_authflavor_lock);
98 if (auth_flavors[flavor] == NULL) {
99 auth_flavors[flavor] = ops;
100 ret = 0;
101 }
102 spin_unlock(&rpc_authflavor_lock);
103 return ret;
1da177e4 104}
e8914c65 105EXPORT_SYMBOL_GPL(rpcauth_register);
1da177e4
LT		 106
107int
f1c0a861 108rpcauth_unregister(const struct rpc_authops *ops)
1da177e4
LT		 109{
110 rpc_authflavor_t flavor;
fc1b356f 111 int ret = -EPERM;
1da177e4
LT		 112
113 if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
114 return -EINVAL;
fc1b356f
TM		 115 spin_lock(&rpc_authflavor_lock);
116 if (auth_flavors[flavor] == ops) {
117 auth_flavors[flavor] = NULL;
118 ret = 0;
119 }
120 spin_unlock(&rpc_authflavor_lock);
121 return ret;
1da177e4 122}
e8914c65 123EXPORT_SYMBOL_GPL(rpcauth_unregister);
1da177e4
LT		 124
125struct rpc_auth *
126rpcauth_create(rpc_authflavor_t pseudoflavor, struct rpc_clnt *clnt)
127{
128 struct rpc_auth *auth;
f1c0a861 129 const struct rpc_authops *ops;
1da177e4
LT		 130 u32 flavor = pseudoflavor_to_flavor(pseudoflavor);
131
f344f6df
OK		 132 auth = ERR_PTR(-EINVAL);
133 if (flavor >= RPC_AUTH_MAXFLAVOR)
134 goto out;
135
f344f6df
OK		 136 if ((ops = auth_flavors[flavor]) == NULL)
137 request_module("rpc-auth-%u", flavor);
fc1b356f
TM		 138 spin_lock(&rpc_authflavor_lock);
139 ops = auth_flavors[flavor];
140 if (ops == NULL || !try_module_get(ops->owner)) {
141 spin_unlock(&rpc_authflavor_lock);
f344f6df 142 goto out;
fc1b356f
TM		 143 }
144 spin_unlock(&rpc_authflavor_lock);
1da177e4 145 auth = ops->create(clnt, pseudoflavor);
fc1b356f 146 module_put(ops->owner);
6a19275a
BF		 147 if (IS_ERR(auth))
148 return auth;
1da177e4 149 if (clnt->cl_auth)
de7a8ce3 150 rpcauth_release(clnt->cl_auth);
1da177e4 151 clnt->cl_auth = auth;
f344f6df
OK		 152
153out:
1da177e4
LT		 154 return auth;
155}
e8914c65 156EXPORT_SYMBOL_GPL(rpcauth_create);
1da177e4
LT		 157
158void
de7a8ce3 159rpcauth_release(struct rpc_auth *auth)
1da177e4
LT		 160{
161 if (!atomic_dec_and_test(&auth->au_count))
162 return;
163 auth->au_ops->destroy(auth);
164}
165
166static DEFINE_SPINLOCK(rpc_credcache_lock);
167
31be5bf1
TM		 168static void
169rpcauth_unhash_cred_locked(struct rpc_cred *cred)
170{
171 hlist_del_rcu(&cred->cr_hash);
172 smp_mb__before_clear_bit();
173 clear_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags);
174}
175
f0380f3d 176static int
9499b434
TM		 177rpcauth_unhash_cred(struct rpc_cred *cred)
178{
179 spinlock_t *cache_lock;
f0380f3d 180 int ret;
9499b434
TM		 181
182 cache_lock = &cred->cr_auth->au_credcache->lock;
183 spin_lock(cache_lock);
f0380f3d
TM		 184 ret = atomic_read(&cred->cr_count) == 0;
185 if (ret)
9499b434
TM		 186 rpcauth_unhash_cred_locked(cred);
187 spin_unlock(cache_lock);
f0380f3d 188 return ret;
9499b434
TM		 189}
190
1da177e4
LT		 191/*
192 * Initialize RPC credential cache
193 */
194int
f5c2187c 195rpcauth_init_credcache(struct rpc_auth *auth)
1da177e4
LT		 196{
197 struct rpc_cred_cache *new;
988664a0 198 unsigned int hashsize;
1da177e4 199
8b3a7005 200 new = kmalloc(sizeof(*new), GFP_KERNEL);
1da177e4 201 if (!new)
241269bd
TM		 202 goto out_nocache;
203 new->hashbits = auth_hashbits;
988664a0 204 hashsize = 1U << new->hashbits;
241269bd
TM		 205 new->hashtable = kcalloc(hashsize, sizeof(new->hashtable[0]), GFP_KERNEL);
206 if (!new->hashtable)
207 goto out_nohashtbl;
9499b434 208 spin_lock_init(&new->lock);
1da177e4
LT		 209 auth->au_credcache = new;
210 return 0;
241269bd
TM		 211out_nohashtbl:
212 kfree(new);
213out_nocache:
214 return -ENOMEM;
1da177e4 215}
e8914c65 216EXPORT_SYMBOL_GPL(rpcauth_init_credcache);
1da177e4
LT		 217
218/*
219 * Destroy a list of credentials
220 */
221static inline
e092bdcd 222void rpcauth_destroy_credlist(struct list_head *head)
1da177e4
LT		 223{
224 struct rpc_cred *cred;
225
e092bdcd
TM		 226 while (!list_empty(head)) {
227 cred = list_entry(head->next, struct rpc_cred, cr_lru);
228 list_del_init(&cred->cr_lru);
1da177e4
LT		 229 put_rpccred(cred);
230 }
231}
232
233/*
234 * Clear the RPC credential cache, and delete those credentials
235 * that are not referenced.
236 */
237void
3ab9bb72 238rpcauth_clear_credcache(struct rpc_cred_cache *cache)
1da177e4 239{
e092bdcd
TM		 240 LIST_HEAD(free);
241 struct hlist_head *head;
1da177e4 242 struct rpc_cred *cred;
988664a0 243 unsigned int hashsize = 1U << cache->hashbits;
1da177e4
LT		 244 int i;
245
246 spin_lock(&rpc_credcache_lock);
9499b434 247 spin_lock(&cache->lock);
988664a0 248 for (i = 0; i < hashsize; i++) {
e092bdcd
TM		 249 head = &cache->hashtable[i];
250 while (!hlist_empty(head)) {
251 cred = hlist_entry(head->first, struct rpc_cred, cr_hash);
252 get_rpccred(cred);
f5c2187c
TM		 253 if (!list_empty(&cred->cr_lru)) {
254 list_del(&cred->cr_lru);
255 number_cred_unused--;
256 }
257 list_add_tail(&cred->cr_lru, &free);
31be5bf1 258 rpcauth_unhash_cred_locked(cred);
1da177e4
LT		 259 }
260 }
9499b434 261 spin_unlock(&cache->lock);
1da177e4
LT		 262 spin_unlock(&rpc_credcache_lock);
263 rpcauth_destroy_credlist(&free);
264}
265
3ab9bb72
TM		 266/*
267 * Destroy the RPC credential cache
268 */
269void
270rpcauth_destroy_credcache(struct rpc_auth *auth)
271{
272 struct rpc_cred_cache *cache = auth->au_credcache;
273
274 if (cache) {
275 auth->au_credcache = NULL;
276 rpcauth_clear_credcache(cache);
241269bd 277 kfree(cache->hashtable);
3ab9bb72
TM		 278 kfree(cache);
279 }
280}
e8914c65 281EXPORT_SYMBOL_GPL(rpcauth_destroy_credcache);
3ab9bb72 282
d2b83141
TM		 283
284#define RPC_AUTH_EXPIRY_MORATORIUM (60 * HZ)
285
e092bdcd
TM		 286/*
287 * Remove stale credentials. Avoid sleeping inside the loop.
288 */
f5c2187c
TM		 289static int
290rpcauth_prune_expired(struct list_head *free, int nr_to_scan)
1da177e4 291{
9499b434 292 spinlock_t *cache_lock;
eac0d18d 293 struct rpc_cred *cred, *next;
d2b83141 294 unsigned long expired = jiffies - RPC_AUTH_EXPIRY_MORATORIUM;
e092bdcd 295
eac0d18d
TM		 296 list_for_each_entry_safe(cred, next, &cred_unused, cr_lru) {
297
20673406
TM		 298 if (nr_to_scan-- == 0)
299 break;
93a05e65
TM		 300 /*
301 * Enforce a 60 second garbage collection moratorium
302 * Note that the cred_unused list must be time-ordered.
303 */
3d7b0894 304 if (time_in_range(cred->cr_expire, expired, jiffies) &&
eac0d18d 305 test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags) != 0)
93a05e65 306 return 0;
eac0d18d 307
e092bdcd 308 list_del_init(&cred->cr_lru);
f5c2187c 309 number_cred_unused--;
e092bdcd
TM		 310 if (atomic_read(&cred->cr_count) != 0)
311 continue;
eac0d18d 312
9499b434
TM		 313 cache_lock = &cred->cr_auth->au_credcache->lock;
314 spin_lock(cache_lock);
315 if (atomic_read(&cred->cr_count) == 0) {
316 get_rpccred(cred);
317 list_add_tail(&cred->cr_lru, free);
318 rpcauth_unhash_cred_locked(cred);
319 }
320 spin_unlock(cache_lock);
1da177e4 321 }
93a05e65 322 return (number_cred_unused / 100) * sysctl_vfs_cache_pressure;
1da177e4
LT		 323}
324
325/*
f5c2187c 326 * Run memory cache shrinker.
1da177e4 327 */
f5c2187c 328static int
1495f230 329rpcauth_cache_shrinker(struct shrinker *shrink, struct shrink_control *sc)
1da177e4 330{
f5c2187c
TM		 331 LIST_HEAD(free);
332 int res;
1495f230
YH		 333 int nr_to_scan = sc->nr_to_scan;
334 gfp_t gfp_mask = sc->gfp_mask;
f5c2187c 335
d300a41e
TM		 336 if ((gfp_mask & GFP_KERNEL) != GFP_KERNEL)
337 return (nr_to_scan == 0) ? 0 : -1;
f5c2187c
TM		 338 if (list_empty(&cred_unused))
339 return 0;
31be5bf1 340 spin_lock(&rpc_credcache_lock);
93a05e65 341 res = rpcauth_prune_expired(&free, nr_to_scan);
31be5bf1 342 spin_unlock(&rpc_credcache_lock);
f5c2187c
TM		 343 rpcauth_destroy_credlist(&free);
344 return res;
1da177e4
LT		 345}
346
347/*
348 * Look up a process' credentials in the authentication cache
349 */
350struct rpc_cred *
351rpcauth_lookup_credcache(struct rpc_auth *auth, struct auth_cred * acred,
8a317760 352 int flags)
1da177e4 353{
e092bdcd 354 LIST_HEAD(free);
1da177e4 355 struct rpc_cred_cache *cache = auth->au_credcache;
e092bdcd 356 struct hlist_node *pos;
31be5bf1
TM		 357 struct rpc_cred *cred = NULL,
358 *entry, *new;
25337fdc
TM		 359 unsigned int nr;
360
988664a0 361 nr = hash_long(acred->uid, cache->hashbits);
1da177e4 362
31be5bf1
TM		 363 rcu_read_lock();
364 hlist_for_each_entry_rcu(entry, pos, &cache->hashtable[nr], cr_hash) {
e092bdcd
TM		 365 if (!entry->cr_ops->crmatch(acred, entry, flags))
366 continue;
9499b434 367 spin_lock(&cache->lock);
31be5bf1 368 if (test_bit(RPCAUTH_CRED_HASHED, &entry->cr_flags) == 0) {
9499b434 369 spin_unlock(&cache->lock);
31be5bf1
TM		 370 continue;
371 }
e092bdcd 372 cred = get_rpccred(entry);
9499b434 373 spin_unlock(&cache->lock);
e092bdcd 374 break;
1da177e4 375 }
31be5bf1
TM		 376 rcu_read_unlock();
377
9499b434 378 if (cred != NULL)
31be5bf1 379 goto found;
1da177e4 380
31be5bf1
TM		 381 new = auth->au_ops->crcreate(auth, acred, flags);
382 if (IS_ERR(new)) {
383 cred = new;
384 goto out;
385 }
1da177e4 386
9499b434 387 spin_lock(&cache->lock);
31be5bf1
TM		 388 hlist_for_each_entry(entry, pos, &cache->hashtable[nr], cr_hash) {
389 if (!entry->cr_ops->crmatch(acred, entry, flags))
390 continue;
391 cred = get_rpccred(entry);
392 break;
393 }
394 if (cred == NULL) {
5fe4755e 395 cred = new;
31be5bf1
TM		 396 set_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags);
397 hlist_add_head_rcu(&cred->cr_hash, &cache->hashtable[nr]);
398 } else
399 list_add_tail(&new->cr_lru, &free);
9499b434 400 spin_unlock(&cache->lock);
31be5bf1 401found:
f64f9e71
JP		 402 if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags) &&
403 cred->cr_ops->cr_init != NULL &&
404 !(flags & RPCAUTH_LOOKUP_NEW)) {
fba3bad4
TM		 405 int res = cred->cr_ops->cr_init(auth, cred);
406 if (res < 0) {
407 put_rpccred(cred);
408 cred = ERR_PTR(res);
409 }
1da177e4 410 }
31be5bf1
TM		 411 rpcauth_destroy_credlist(&free);
412out:
413 return cred;
1da177e4 414}
e8914c65 415EXPORT_SYMBOL_GPL(rpcauth_lookup_credcache);
1da177e4
LT		 416
417struct rpc_cred *
8a317760 418rpcauth_lookupcred(struct rpc_auth *auth, int flags)
1da177e4 419{
86a264ab 420 struct auth_cred acred;
1da177e4 421 struct rpc_cred *ret;
86a264ab 422 const struct cred *cred = current_cred();
1da177e4 423
46121cf7 424 dprintk("RPC: looking up %s cred\n",
1da177e4 425 auth->au_ops->au_name);
86a264ab
DH		 426
427 memset(&acred, 0, sizeof(acred));
428 acred.uid = cred->fsuid;
429 acred.gid = cred->fsgid;
430 acred.group_info = get_group_info(((struct cred *)cred)->group_info);
431
8a317760 432 ret = auth->au_ops->lookup_cred(auth, &acred, flags);
1da177e4
LT		 433 put_group_info(acred.group_info);
434 return ret;
435}
436
5fe4755e
TM		 437void
438rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred,
439 struct rpc_auth *auth, const struct rpc_credops *ops)
440{
441 INIT_HLIST_NODE(&cred->cr_hash);
e092bdcd 442 INIT_LIST_HEAD(&cred->cr_lru);
5fe4755e
TM		 443 atomic_set(&cred->cr_count, 1);
444 cred->cr_auth = auth;
445 cred->cr_ops = ops;
446 cred->cr_expire = jiffies;
447#ifdef RPC_DEBUG
448 cred->cr_magic = RPCAUTH_CRED_MAGIC;
449#endif
450 cred->cr_uid = acred->uid;
451}
e8914c65 452EXPORT_SYMBOL_GPL(rpcauth_init_cred);
5fe4755e 453
8572b8e2 454struct rpc_cred *
5d351754 455rpcauth_generic_bind_cred(struct rpc_task *task, struct rpc_cred *cred, int lookupflags)
4ccda2cd 456{
4ccda2cd
TM		 457 dprintk("RPC: %5u holding %s cred %p\n", task->tk_pid,
458 cred->cr_auth->au_ops->au_name, cred);
8572b8e2 459 return get_rpccred(cred);
4ccda2cd 460}
5c691044 461EXPORT_SYMBOL_GPL(rpcauth_generic_bind_cred);
4ccda2cd 462
8572b8e2 463static struct rpc_cred *
5d351754 464rpcauth_bind_root_cred(struct rpc_task *task, int lookupflags)
1da177e4 465{
1be27f36 466 struct rpc_auth *auth = task->tk_client->cl_auth;
1da177e4 467 struct auth_cred acred = {
af093835
TM		 468 .uid = 0,
469 .gid = 0,
1da177e4 470 };
1da177e4 471
46121cf7 472 dprintk("RPC: %5u looking up %s cred\n",
1be27f36 473 task->tk_pid, task->tk_client->cl_auth->au_ops->au_name);
8572b8e2 474 return auth->au_ops->lookup_cred(auth, &acred, lookupflags);
af093835
TM		 475}
476
8572b8e2 477static struct rpc_cred *
5d351754 478rpcauth_bind_new_cred(struct rpc_task *task, int lookupflags)
af093835
TM		 479{
480 struct rpc_auth *auth = task->tk_client->cl_auth;
af093835
TM		 481
482 dprintk("RPC: %5u looking up %s cred\n",
483 task->tk_pid, auth->au_ops->au_name);
8572b8e2 484 return rpcauth_lookupcred(auth, lookupflags);
1da177e4
LT		 485}
486
a17c2153 487static int
4ccda2cd 488rpcauth_bindcred(struct rpc_task *task, struct rpc_cred *cred, int flags)
1da177e4 489{
a17c2153 490 struct rpc_rqst *req = task->tk_rqstp;
8572b8e2 491 struct rpc_cred *new;
5d351754
TM		 492 int lookupflags = 0;
493
494 if (flags & RPC_TASK_ASYNC)
495 lookupflags |= RPCAUTH_LOOKUP_NEW;
4ccda2cd 496 if (cred != NULL)
8572b8e2 497 new = cred->cr_ops->crbind(task, cred, lookupflags);
4ccda2cd 498 else if (flags & RPC_TASK_ROOTCREDS)
8572b8e2 499 new = rpcauth_bind_root_cred(task, lookupflags);
4ccda2cd 500 else
8572b8e2
TM		 501 new = rpcauth_bind_new_cred(task, lookupflags);
502 if (IS_ERR(new))
503 return PTR_ERR(new);
a17c2153
TM		 504 if (req->rq_cred != NULL)
505 put_rpccred(req->rq_cred);
506 req->rq_cred = new;
8572b8e2 507 return 0;
1da177e4
LT		 508}
509
510void
511put_rpccred(struct rpc_cred *cred)
512{
e092bdcd 513 /* Fast path for unhashed credentials */
f0380f3d
TM		 514 if (test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags) == 0) {
515 if (atomic_dec_and_test(&cred->cr_count))
516 cred->cr_ops->crdestroy(cred);
1da177e4 517 return;
f0380f3d
TM		 518 }
519
e092bdcd
TM		 520 if (!atomic_dec_and_lock(&cred->cr_count, &rpc_credcache_lock))
521 return;
f5c2187c
TM		 522 if (!list_empty(&cred->cr_lru)) {
523 number_cred_unused--;
e092bdcd 524 list_del_init(&cred->cr_lru);
f5c2187c 525 }
5f707eb4 526 if (test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags) != 0) {
f0380f3d
TM		 527 if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0) {
528 cred->cr_expire = jiffies;
529 list_add_tail(&cred->cr_lru, &cred_unused);
530 number_cred_unused++;
531 goto out_nodestroy;
532 }
533 if (!rpcauth_unhash_cred(cred)) {
534 /* We were hashed and someone looked us up... */
535 goto out_nodestroy;
536 }
e092bdcd
TM		 537 }
538 spin_unlock(&rpc_credcache_lock);
1da177e4 539 cred->cr_ops->crdestroy(cred);
f0380f3d
TM		 540 return;
541out_nodestroy:
542 spin_unlock(&rpc_credcache_lock);
1da177e4 543}
e8914c65 544EXPORT_SYMBOL_GPL(put_rpccred);
1da177e4 545
d8ed029d
AD		 546__be32 *
547rpcauth_marshcred(struct rpc_task *task, __be32 *p)
1da177e4 548{
a17c2153 549 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4 550
46121cf7 551 dprintk("RPC: %5u marshaling %s cred %p\n",
1be27f36 552 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
0bbacc40 553
1da177e4
LT		 554 return cred->cr_ops->crmarshal(task, p);
555}
556
d8ed029d
AD		 557__be32 *
558rpcauth_checkverf(struct rpc_task *task, __be32 *p)
1da177e4 559{
a17c2153 560 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4 561
46121cf7 562 dprintk("RPC: %5u validating %s cred %p\n",
1be27f36 563 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
0bbacc40 564
1da177e4
LT		 565 return cred->cr_ops->crvalidate(task, p);
566}
567
9f06c719
CL		 568static void rpcauth_wrap_req_encode(kxdreproc_t encode, struct rpc_rqst *rqstp,
569 __be32 *data, void *obj)
570{
571 struct xdr_stream xdr;
572
573 xdr_init_encode(&xdr, &rqstp->rq_snd_buf, data);
574 encode(rqstp, &xdr, obj);
575}
576
1da177e4 577int
9f06c719 578rpcauth_wrap_req(struct rpc_task *task, kxdreproc_t encode, void *rqstp,
d8ed029d 579 __be32 *data, void *obj)
1da177e4 580{
a17c2153 581 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4 582
46121cf7 583 dprintk("RPC: %5u using %s cred %p to wrap rpc data\n",
1da177e4
LT		 584 task->tk_pid, cred->cr_ops->cr_name, cred);
585 if (cred->cr_ops->crwrap_req)
586 return cred->cr_ops->crwrap_req(task, encode, rqstp, data, obj);
587 /* By default, we encode the arguments normally. */
9f06c719
CL		 588 rpcauth_wrap_req_encode(encode, rqstp, data, obj);
589 return 0;
1da177e4
LT		 590}
591
bf269551
CL		 592static int
593rpcauth_unwrap_req_decode(kxdrdproc_t decode, struct rpc_rqst *rqstp,
594 __be32 *data, void *obj)
595{
596 struct xdr_stream xdr;
597
598 xdr_init_decode(&xdr, &rqstp->rq_rcv_buf, data);
599 return decode(rqstp, &xdr, obj);
600}
601
1da177e4 602int
bf269551 603rpcauth_unwrap_resp(struct rpc_task *task, kxdrdproc_t decode, void *rqstp,
d8ed029d 604 __be32 *data, void *obj)
1da177e4 605{
a17c2153 606 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4 607
46121cf7 608 dprintk("RPC: %5u using %s cred %p to unwrap rpc data\n",
1da177e4
LT		 609 task->tk_pid, cred->cr_ops->cr_name, cred);
610 if (cred->cr_ops->crunwrap_resp)
611 return cred->cr_ops->crunwrap_resp(task, decode, rqstp,
612 data, obj);
613 /* By default, we decode the arguments normally. */
bf269551 614 return rpcauth_unwrap_req_decode(decode, rqstp, data, obj);
1da177e4
LT		 615}
616
617int
618rpcauth_refreshcred(struct rpc_task *task)
619{
9a84d380 620 struct rpc_cred *cred;
1da177e4
LT		 621 int err;
622
a17c2153
TM		 623 cred = task->tk_rqstp->rq_cred;
624 if (cred == NULL) {
625 err = rpcauth_bindcred(task, task->tk_msg.rpc_cred, task->tk_flags);
626 if (err < 0)
627 goto out;
628 cred = task->tk_rqstp->rq_cred;
f81c6224 629 }
46121cf7 630 dprintk("RPC: %5u refreshing %s cred %p\n",
1be27f36 631 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
0bbacc40 632
1da177e4 633 err = cred->cr_ops->crrefresh(task);
a17c2153 634out:
1da177e4
LT		 635 if (err < 0)
636 task->tk_status = err;
637 return err;
638}
639
640void
641rpcauth_invalcred(struct rpc_task *task)
642{
a17c2153 643 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
fc432dd9 644
46121cf7 645 dprintk("RPC: %5u invalidating %s cred %p\n",
1be27f36 646 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
fc432dd9
TM		 647 if (cred)
648 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 649}
650
651int
652rpcauth_uptodatecred(struct rpc_task *task)
653{
a17c2153 654 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
fc432dd9
TM		 655
656 return cred == NULL ||
657 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0;
1da177e4 658}
f5c2187c 659
8e1f936b
RR		 660static struct shrinker rpc_cred_shrinker = {
661 .shrink = rpcauth_cache_shrinker,
662 .seeks = DEFAULT_SEEKS,
663};
f5c2187c 664
5d8d9a4d 665int __init rpcauth_init_module(void)
f5c2187c 666{
5d8d9a4d
TM		 667 int err;
668
669 err = rpc_init_authunix();
670 if (err < 0)
671 goto out1;
672 err = rpc_init_generic_auth();
673 if (err < 0)
674 goto out2;
8e1f936b 675 register_shrinker(&rpc_cred_shrinker);
5d8d9a4d
TM		 676 return 0;
677out2:
678 rpc_destroy_authunix();
679out1:
680 return err;
f5c2187c
TM		 681}
682
c135e84a 683void rpcauth_remove_module(void)
f5c2187c 684{
5d8d9a4d
TM		 685 rpc_destroy_authunix();
686 rpc_destroy_generic_auth();
8e1f936b 687 unregister_shrinker(&rpc_cred_shrinker);
f5c2187c 688}
Linux kernel - Deliverables
This page took 0.527049 seconds and 5 git commands to generate.