[PATCH] knfsd: Change the store of auth_domains to not be a 'cache'
The 'auth_domain's are simply handles on internal data structures. They do not cache information from user-space, and forcing them into the mold of a 'cache' misrepresents their true nature and causes confusion. Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
3e7b191980
commit
efc36aa560
|
@ -242,7 +242,7 @@ static inline int svc_expkey_match (struct svc_expkey *a, struct svc_expkey *b)
|
||||||
|
|
||||||
static inline void svc_expkey_init(struct svc_expkey *new, struct svc_expkey *item)
|
static inline void svc_expkey_init(struct svc_expkey *new, struct svc_expkey *item)
|
||||||
{
|
{
|
||||||
cache_get(&item->ek_client->h);
|
kref_get(&item->ek_client->ref);
|
||||||
new->ek_client = item->ek_client;
|
new->ek_client = item->ek_client;
|
||||||
new->ek_fsidtype = item->ek_fsidtype;
|
new->ek_fsidtype = item->ek_fsidtype;
|
||||||
new->ek_fsid[0] = item->ek_fsid[0];
|
new->ek_fsid[0] = item->ek_fsid[0];
|
||||||
|
@ -474,7 +474,7 @@ static inline int svc_export_match(struct svc_export *a, struct svc_export *b)
|
||||||
}
|
}
|
||||||
static inline void svc_export_init(struct svc_export *new, struct svc_export *item)
|
static inline void svc_export_init(struct svc_export *new, struct svc_export *item)
|
||||||
{
|
{
|
||||||
cache_get(&item->ex_client->h);
|
kref_get(&item->ex_client->ref);
|
||||||
new->ex_client = item->ex_client;
|
new->ex_client = item->ex_client;
|
||||||
new->ex_dentry = dget(item->ex_dentry);
|
new->ex_dentry = dget(item->ex_dentry);
|
||||||
new->ex_mnt = mntget(item->ex_mnt);
|
new->ex_mnt = mntget(item->ex_mnt);
|
||||||
|
@ -1129,7 +1129,6 @@ exp_delclient(struct nfsctl_client *ncp)
|
||||||
*/
|
*/
|
||||||
if (dom) {
|
if (dom) {
|
||||||
err = auth_unix_forget_old(dom);
|
err = auth_unix_forget_old(dom);
|
||||||
dom->h.expiry_time = get_seconds();
|
|
||||||
auth_domain_put(dom);
|
auth_domain_put(dom);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -45,9 +45,10 @@ struct svc_rqst; /* forward decl */
|
||||||
* of ip addresses to the given client.
|
* of ip addresses to the given client.
|
||||||
*/
|
*/
|
||||||
struct auth_domain {
|
struct auth_domain {
|
||||||
struct cache_head h;
|
struct kref ref;
|
||||||
|
struct hlist_node hash;
|
||||||
char *name;
|
char *name;
|
||||||
int flavour;
|
struct auth_ops *flavour;
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -86,6 +87,9 @@ struct auth_domain {
|
||||||
*
|
*
|
||||||
* domain_release()
|
* domain_release()
|
||||||
* This call releases a domain.
|
* This call releases a domain.
|
||||||
|
* set_client()
|
||||||
|
* Givens a pending request (struct svc_rqst), finds and assigns
|
||||||
|
* an appropriate 'auth_domain' as the client.
|
||||||
*/
|
*/
|
||||||
struct auth_ops {
|
struct auth_ops {
|
||||||
char * name;
|
char * name;
|
||||||
|
@ -117,7 +121,7 @@ extern void svc_auth_unregister(rpc_authflavor_t flavor);
|
||||||
extern struct auth_domain *unix_domain_find(char *name);
|
extern struct auth_domain *unix_domain_find(char *name);
|
||||||
extern void auth_domain_put(struct auth_domain *item);
|
extern void auth_domain_put(struct auth_domain *item);
|
||||||
extern int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom);
|
extern int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom);
|
||||||
extern struct auth_domain *auth_domain_lookup(struct auth_domain *item, int set);
|
extern struct auth_domain *auth_domain_lookup(char *name, struct auth_domain *new);
|
||||||
extern struct auth_domain *auth_domain_find(char *name);
|
extern struct auth_domain *auth_domain_find(char *name);
|
||||||
extern struct auth_domain *auth_unix_lookup(struct in_addr addr);
|
extern struct auth_domain *auth_unix_lookup(struct in_addr addr);
|
||||||
extern int auth_unix_forget_old(struct auth_domain *dom);
|
extern int auth_unix_forget_old(struct auth_domain *dom);
|
||||||
|
@ -160,8 +164,6 @@ static inline unsigned long hash_mem(char *buf, int length, int bits)
|
||||||
return hash >> (BITS_PER_LONG - bits);
|
return hash >> (BITS_PER_LONG - bits);
|
||||||
}
|
}
|
||||||
|
|
||||||
extern struct cache_detail auth_domain_cache, ip_map_cache;
|
|
||||||
|
|
||||||
#endif /* __KERNEL__ */
|
#endif /* __KERNEL__ */
|
||||||
|
|
||||||
#endif /* _LINUX_SUNRPC_SVCAUTH_H_ */
|
#endif /* _LINUX_SUNRPC_SVCAUTH_H_ */
|
||||||
|
|
|
@ -645,6 +645,8 @@ find_gss_auth_domain(struct gss_ctx *ctx, u32 svc)
|
||||||
return auth_domain_find(name);
|
return auth_domain_find(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static struct auth_ops svcauthops_gss;
|
||||||
|
|
||||||
int
|
int
|
||||||
svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
|
svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
|
||||||
{
|
{
|
||||||
|
@ -655,20 +657,18 @@ svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
|
||||||
new = kmalloc(sizeof(*new), GFP_KERNEL);
|
new = kmalloc(sizeof(*new), GFP_KERNEL);
|
||||||
if (!new)
|
if (!new)
|
||||||
goto out;
|
goto out;
|
||||||
cache_init(&new->h.h);
|
kref_init(&new->h.ref);
|
||||||
new->h.name = kmalloc(strlen(name) + 1, GFP_KERNEL);
|
new->h.name = kmalloc(strlen(name) + 1, GFP_KERNEL);
|
||||||
if (!new->h.name)
|
if (!new->h.name)
|
||||||
goto out_free_dom;
|
goto out_free_dom;
|
||||||
strcpy(new->h.name, name);
|
strcpy(new->h.name, name);
|
||||||
new->h.flavour = RPC_AUTH_GSS;
|
new->h.flavour = &svcauthops_gss;
|
||||||
new->pseudoflavor = pseudoflavor;
|
new->pseudoflavor = pseudoflavor;
|
||||||
new->h.h.expiry_time = NEVER;
|
|
||||||
|
|
||||||
test = auth_domain_lookup(&new->h, 1);
|
test = auth_domain_lookup(name, &new->h);
|
||||||
if (test == &new->h) {
|
if (test != &new->h) { /* XXX Duplicate registration? */
|
||||||
BUG_ON(atomic_dec_and_test(&new->h.h.refcnt));
|
|
||||||
} else { /* XXX Duplicate registration? */
|
|
||||||
auth_domain_put(&new->h);
|
auth_domain_put(&new->h);
|
||||||
|
/* dangling ref-count... */
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -142,6 +142,7 @@ EXPORT_SYMBOL(nlm_debug);
|
||||||
|
|
||||||
extern int register_rpc_pipefs(void);
|
extern int register_rpc_pipefs(void);
|
||||||
extern void unregister_rpc_pipefs(void);
|
extern void unregister_rpc_pipefs(void);
|
||||||
|
extern struct cache_detail ip_map_cache;
|
||||||
|
|
||||||
static int __init
|
static int __init
|
||||||
init_sunrpc(void)
|
init_sunrpc(void)
|
||||||
|
@ -158,7 +159,6 @@ init_sunrpc(void)
|
||||||
#ifdef CONFIG_PROC_FS
|
#ifdef CONFIG_PROC_FS
|
||||||
rpc_proc_init();
|
rpc_proc_init();
|
||||||
#endif
|
#endif
|
||||||
cache_register(&auth_domain_cache);
|
|
||||||
cache_register(&ip_map_cache);
|
cache_register(&ip_map_cache);
|
||||||
out:
|
out:
|
||||||
return err;
|
return err;
|
||||||
|
@ -169,8 +169,6 @@ cleanup_sunrpc(void)
|
||||||
{
|
{
|
||||||
unregister_rpc_pipefs();
|
unregister_rpc_pipefs();
|
||||||
rpc_destroy_mempool();
|
rpc_destroy_mempool();
|
||||||
if (cache_unregister(&auth_domain_cache))
|
|
||||||
printk(KERN_ERR "sunrpc: failed to unregister auth_domain cache\n");
|
|
||||||
if (cache_unregister(&ip_map_cache))
|
if (cache_unregister(&ip_map_cache))
|
||||||
printk(KERN_ERR "sunrpc: failed to unregister ip_map cache\n");
|
printk(KERN_ERR "sunrpc: failed to unregister ip_map cache\n");
|
||||||
#ifdef RPC_DEBUG
|
#ifdef RPC_DEBUG
|
||||||
|
|
|
@ -106,112 +106,56 @@ svc_auth_unregister(rpc_authflavor_t flavor)
|
||||||
EXPORT_SYMBOL(svc_auth_unregister);
|
EXPORT_SYMBOL(svc_auth_unregister);
|
||||||
|
|
||||||
/**************************************************
|
/**************************************************
|
||||||
* cache for domain name to auth_domain
|
* 'auth_domains' are stored in a hash table indexed by name.
|
||||||
* Entries are only added by flavours which will normally
|
* When the last reference to an 'auth_domain' is dropped,
|
||||||
* have a structure that 'inherits' from auth_domain.
|
* the object is unhashed and freed.
|
||||||
* e.g. when an IP -> domainname is given to auth_unix,
|
* If auth_domain_lookup fails to find an entry, it will return
|
||||||
* and the domain name doesn't exist, it will create a
|
* it's second argument 'new'. If this is non-null, it will
|
||||||
* auth_unix_domain and add it to this hash table.
|
* have been atomically linked into the table.
|
||||||
* If it finds the name does exist, but isn't AUTH_UNIX,
|
|
||||||
* it will complain.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
|
||||||
* Auth auth_domain cache is somewhat different to other caches,
|
|
||||||
* largely because the entries are possibly of different types:
|
|
||||||
* each auth flavour has it's own type.
|
|
||||||
* One consequence of this that DefineCacheLookup cannot
|
|
||||||
* allocate a new structure as it cannot know the size.
|
|
||||||
* Notice that the "INIT" code fragment is quite different
|
|
||||||
* from other caches. When auth_domain_lookup might be
|
|
||||||
* creating a new domain, the new domain is passed in
|
|
||||||
* complete and it is used as-is rather than being copied into
|
|
||||||
* another structure.
|
|
||||||
*/
|
|
||||||
#define DN_HASHBITS 6
|
#define DN_HASHBITS 6
|
||||||
#define DN_HASHMAX (1<<DN_HASHBITS)
|
#define DN_HASHMAX (1<<DN_HASHBITS)
|
||||||
#define DN_HASHMASK (DN_HASHMAX-1)
|
#define DN_HASHMASK (DN_HASHMAX-1)
|
||||||
|
|
||||||
static struct cache_head *auth_domain_table[DN_HASHMAX];
|
static struct hlist_head auth_domain_table[DN_HASHMAX];
|
||||||
|
static spinlock_t auth_domain_lock = SPIN_LOCK_UNLOCKED;
|
||||||
static void auth_domain_drop(struct cache_head *item, struct cache_detail *cd)
|
|
||||||
{
|
|
||||||
struct auth_domain *dom = container_of(item, struct auth_domain, h);
|
|
||||||
if (cache_put(item,cd))
|
|
||||||
authtab[dom->flavour]->domain_release(dom);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
struct cache_detail auth_domain_cache = {
|
|
||||||
.owner = THIS_MODULE,
|
|
||||||
.hash_size = DN_HASHMAX,
|
|
||||||
.hash_table = auth_domain_table,
|
|
||||||
.name = "auth.domain",
|
|
||||||
.cache_put = auth_domain_drop,
|
|
||||||
};
|
|
||||||
|
|
||||||
void auth_domain_put(struct auth_domain *dom)
|
void auth_domain_put(struct auth_domain *dom)
|
||||||
{
|
{
|
||||||
auth_domain_drop(&dom->h, &auth_domain_cache);
|
if (atomic_dec_and_lock(&dom->ref.refcount, &auth_domain_lock)) {
|
||||||
}
|
hlist_del(&dom->hash);
|
||||||
|
dom->flavour->domain_release(dom);
|
||||||
static inline int auth_domain_hash(struct auth_domain *item)
|
}
|
||||||
{
|
|
||||||
return hash_str(item->name, DN_HASHBITS);
|
|
||||||
}
|
|
||||||
static inline int auth_domain_match(struct auth_domain *tmp, struct auth_domain *item)
|
|
||||||
{
|
|
||||||
return strcmp(tmp->name, item->name) == 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
struct auth_domain *
|
struct auth_domain *
|
||||||
auth_domain_lookup(struct auth_domain *item, int set)
|
auth_domain_lookup(char *name, struct auth_domain *new)
|
||||||
{
|
{
|
||||||
struct auth_domain *tmp = NULL;
|
struct auth_domain *hp;
|
||||||
struct cache_head **hp, **head;
|
struct hlist_head *head;
|
||||||
head = &auth_domain_cache.hash_table[auth_domain_hash(item)];
|
struct hlist_node *np;
|
||||||
|
|
||||||
if (set)
|
head = &auth_domain_table[hash_str(name, DN_HASHBITS)];
|
||||||
write_lock(&auth_domain_cache.hash_lock);
|
|
||||||
else
|
spin_lock(&auth_domain_lock);
|
||||||
read_lock(&auth_domain_cache.hash_lock);
|
|
||||||
for (hp=head; *hp != NULL; hp = &tmp->h.next) {
|
hlist_for_each_entry(hp, np, head, hash) {
|
||||||
tmp = container_of(*hp, struct auth_domain, h);
|
if (strcmp(hp->name, name)==0) {
|
||||||
if (!auth_domain_match(tmp, item))
|
kref_get(&hp->ref);
|
||||||
continue;
|
spin_unlock(&auth_domain_lock);
|
||||||
if (!set) {
|
return hp;
|
||||||
cache_get(&tmp->h);
|
|
||||||
goto out_noset;
|
|
||||||
}
|
}
|
||||||
*hp = tmp->h.next;
|
|
||||||
tmp->h.next = NULL;
|
|
||||||
auth_domain_drop(&tmp->h, &auth_domain_cache);
|
|
||||||
goto out_set;
|
|
||||||
}
|
}
|
||||||
/* Didn't find anything */
|
if (new) {
|
||||||
if (!set)
|
hlist_add_head(&new->hash, head);
|
||||||
goto out_nada;
|
kref_get(&new->ref);
|
||||||
auth_domain_cache.entries++;
|
}
|
||||||
out_set:
|
spin_unlock(&auth_domain_lock);
|
||||||
item->h.next = *head;
|
return new;
|
||||||
*head = &item->h;
|
|
||||||
cache_get(&item->h);
|
|
||||||
write_unlock(&auth_domain_cache.hash_lock);
|
|
||||||
cache_fresh(&auth_domain_cache, &item->h, item->h.expiry_time);
|
|
||||||
cache_get(&item->h);
|
|
||||||
return item;
|
|
||||||
out_nada:
|
|
||||||
tmp = NULL;
|
|
||||||
out_noset:
|
|
||||||
read_unlock(&auth_domain_cache.hash_lock);
|
|
||||||
return tmp;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
struct auth_domain *auth_domain_find(char *name)
|
struct auth_domain *auth_domain_find(char *name)
|
||||||
{
|
{
|
||||||
struct auth_domain *rv, ad;
|
return auth_domain_lookup(name, NULL);
|
||||||
|
|
||||||
ad.name = name;
|
|
||||||
rv = auth_domain_lookup(&ad, 0);
|
|
||||||
return rv;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,41 +27,35 @@ struct unix_domain {
|
||||||
/* other stuff later */
|
/* other stuff later */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
extern struct auth_ops svcauth_unix;
|
||||||
|
|
||||||
struct auth_domain *unix_domain_find(char *name)
|
struct auth_domain *unix_domain_find(char *name)
|
||||||
{
|
{
|
||||||
struct auth_domain *rv, ud;
|
struct auth_domain *rv;
|
||||||
struct unix_domain *new;
|
struct unix_domain *new = NULL;
|
||||||
|
|
||||||
ud.name = name;
|
rv = auth_domain_lookup(name, NULL);
|
||||||
|
while(1) {
|
||||||
|
if (rv != &new->h) {
|
||||||
|
if (new) auth_domain_put(&new->h);
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
if (rv && rv->flavour != &svcauth_unix) {
|
||||||
|
auth_domain_put(rv);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
if (rv)
|
||||||
|
return rv;
|
||||||
|
|
||||||
rv = auth_domain_lookup(&ud, 0);
|
new = kmalloc(sizeof(*new), GFP_KERNEL);
|
||||||
|
if (new == NULL)
|
||||||
foundit:
|
return NULL;
|
||||||
if (rv && rv->flavour != RPC_AUTH_UNIX) {
|
kref_init(&new->h.ref);
|
||||||
auth_domain_put(rv);
|
new->h.name = kstrdup(name, GFP_KERNEL);
|
||||||
return NULL;
|
new->h.flavour = &svcauth_unix;
|
||||||
|
new->addr_changes = 0;
|
||||||
|
rv = auth_domain_lookup(name, &new->h);
|
||||||
}
|
}
|
||||||
if (rv)
|
|
||||||
return rv;
|
|
||||||
|
|
||||||
new = kmalloc(sizeof(*new), GFP_KERNEL);
|
|
||||||
if (new == NULL)
|
|
||||||
return NULL;
|
|
||||||
cache_init(&new->h.h);
|
|
||||||
new->h.name = kstrdup(name, GFP_KERNEL);
|
|
||||||
new->h.flavour = RPC_AUTH_UNIX;
|
|
||||||
new->addr_changes = 0;
|
|
||||||
new->h.h.expiry_time = NEVER;
|
|
||||||
|
|
||||||
rv = auth_domain_lookup(&new->h, 2);
|
|
||||||
if (rv == &new->h) {
|
|
||||||
if (atomic_dec_and_test(&new->h.h.refcnt)) BUG();
|
|
||||||
} else {
|
|
||||||
auth_domain_put(&new->h);
|
|
||||||
goto foundit;
|
|
||||||
}
|
|
||||||
|
|
||||||
return rv;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void svcauth_unix_domain_release(struct auth_domain *dom)
|
static void svcauth_unix_domain_release(struct auth_domain *dom)
|
||||||
|
@ -130,7 +124,7 @@ static inline void ip_map_init(struct ip_map *new, struct ip_map *item)
|
||||||
}
|
}
|
||||||
static inline void ip_map_update(struct ip_map *new, struct ip_map *item)
|
static inline void ip_map_update(struct ip_map *new, struct ip_map *item)
|
||||||
{
|
{
|
||||||
cache_get(&item->m_client->h.h);
|
kref_get(&item->m_client->h.ref);
|
||||||
new->m_client = item->m_client;
|
new->m_client = item->m_client;
|
||||||
new->m_add_change = item->m_add_change;
|
new->m_add_change = item->m_add_change;
|
||||||
}
|
}
|
||||||
|
@ -272,7 +266,7 @@ int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom)
|
||||||
struct unix_domain *udom;
|
struct unix_domain *udom;
|
||||||
struct ip_map ip, *ipmp;
|
struct ip_map ip, *ipmp;
|
||||||
|
|
||||||
if (dom->flavour != RPC_AUTH_UNIX)
|
if (dom->flavour != &svcauth_unix)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
udom = container_of(dom, struct unix_domain, h);
|
udom = container_of(dom, struct unix_domain, h);
|
||||||
strcpy(ip.m_class, "nfsd");
|
strcpy(ip.m_class, "nfsd");
|
||||||
|
@ -295,7 +289,7 @@ int auth_unix_forget_old(struct auth_domain *dom)
|
||||||
{
|
{
|
||||||
struct unix_domain *udom;
|
struct unix_domain *udom;
|
||||||
|
|
||||||
if (dom->flavour != RPC_AUTH_UNIX)
|
if (dom->flavour != &svcauth_unix)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
udom = container_of(dom, struct unix_domain, h);
|
udom = container_of(dom, struct unix_domain, h);
|
||||||
udom->addr_changes++;
|
udom->addr_changes++;
|
||||||
|
@ -323,7 +317,7 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr)
|
||||||
rv = NULL;
|
rv = NULL;
|
||||||
} else {
|
} else {
|
||||||
rv = &ipm->m_client->h;
|
rv = &ipm->m_client->h;
|
||||||
cache_get(&rv->h);
|
kref_get(&rv->ref);
|
||||||
}
|
}
|
||||||
ip_map_put(&ipm->h, &ip_map_cache);
|
ip_map_put(&ipm->h, &ip_map_cache);
|
||||||
return rv;
|
return rv;
|
||||||
|
@ -332,7 +326,6 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr)
|
||||||
void svcauth_unix_purge(void)
|
void svcauth_unix_purge(void)
|
||||||
{
|
{
|
||||||
cache_purge(&ip_map_cache);
|
cache_purge(&ip_map_cache);
|
||||||
cache_purge(&auth_domain_cache);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
|
@ -361,7 +354,7 @@ svcauth_unix_set_client(struct svc_rqst *rqstp)
|
||||||
return SVC_DENIED;
|
return SVC_DENIED;
|
||||||
case 0:
|
case 0:
|
||||||
rqstp->rq_client = &ipm->m_client->h;
|
rqstp->rq_client = &ipm->m_client->h;
|
||||||
cache_get(&rqstp->rq_client->h);
|
kref_get(&rqstp->rq_client->ref);
|
||||||
ip_map_put(&ipm->h, &ip_map_cache);
|
ip_map_put(&ipm->h, &ip_map_cache);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue