1. 01 9月, 2013 2 次提交
  2. 30 8月, 2013 5 次提交
  3. 15 7月, 2013 1 次提交
  4. 14 7月, 2013 1 次提交
  5. 11 7月, 2013 1 次提交
  6. 29 6月, 2013 4 次提交
  7. 04 5月, 2013 1 次提交
  8. 26 4月, 2013 2 次提交
    • S
      SUNRPC: Add RPC based upcall mechanism for RPCGSS auth · 1d658336
      Simo Sorce 提交于
      This patch implements a sunrpc client to use the services of the gssproxy
      userspace daemon.
      
      In particular it allows to perform calls in user space using an RPC
      call instead of custom hand-coded upcall/downcall messages.
      
      Currently only accept_sec_context is implemented as that is all is needed for
      the server case.
      
      File server modules like NFS and CIFS can use full gssapi services this way,
      once init_sec_context is also implemented.
      
      For the NFS server case this code allow to lift the limit of max 2k krb5
      tickets. This limit is prevents legitimate kerberos deployments from using krb5
      authentication with the Linux NFS server as they have normally ticket that are
      many kilobytes large.
      
      It will also allow to lift the limitation on the size of the credential set
      (uid,gid,gids) passed down from user space for users that have very many groups
      associated. Currently the downcall mechanism used by rpc.svcgssd is limited
      to around 2k secondary groups of the 65k allowed by kernel structures.
      Signed-off-by: NSimo Sorce <simo@redhat.com>
      [bfields: containerization, concurrent upcalls, misc. fixes and cleanup]
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      1d658336
    • J
      SUNRPC: allow disabling idle timeout · 33d90ac0
      J. Bruce Fields 提交于
      In the gss-proxy case we don't want to have to reconnect at random--we
      want to connect only on gss-proxy startup when we can steal gss-proxy's
      context to do the connect in the right namespace.
      
      So, provide a flag that allows the rpc_create caller to turn off the
      idle timeout.
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      33d90ac0
  9. 15 4月, 2013 2 次提交
  10. 06 4月, 2013 2 次提交
  11. 26 3月, 2013 1 次提交
  12. 03 3月, 2013 1 次提交
  13. 01 3月, 2013 1 次提交
  14. 05 2月, 2013 1 次提交
  15. 01 2月, 2013 2 次提交
  16. 11 1月, 2013 1 次提交
  17. 05 1月, 2013 1 次提交
    • T
      SUNRPC: Partial revert of commit 168e4b39 · 360e1a53
      Trond Myklebust 提交于
      Partially revert commit (SUNRPC: add WARN_ON_ONCE for potential deadlock).
      The looping behaviour has been tracked down to a knownn issue with
      workqueues, and a workaround has now been implemented.
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      Cc: Weston Andros Adamson <dros@netapp.com>
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Bruce Fields <bfields@fieldses.org>
      Cc: stable@vger.kernel.org [>= 3.7]
      360e1a53
  18. 18 12月, 2012 1 次提交
  19. 13 12月, 2012 1 次提交
    • A
      SUNRPC handle EKEYEXPIRED in call_refreshresult · eb96d5c9
      Andy Adamson 提交于
      Currently, when an RPCSEC_GSS context has expired or is non-existent
      and the users (Kerberos) credentials have also expired or are non-existent,
      the client receives the -EKEYEXPIRED error and tries to refresh the context
      forever.  If an application is performing I/O, or other work against the share,
      the application hangs, and the user is not prompted to refresh/establish their
      credentials. This can result in a denial of service for other users.
      
      Users are expected to manage their Kerberos credential lifetimes to mitigate
      this issue.
      
      Move the -EKEYEXPIRED handling into the RPC layer. Try tk_cred_retry number
      of times to refresh the gss_context, and then return -EACCES to the application.
      Signed-off-by: NAndy Adamson <andros@netapp.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      eb96d5c9
  20. 05 11月, 2012 8 次提交
  21. 02 10月, 2012 1 次提交
    • C
      SUNRPC: Introduce rpc_clone_client_set_auth() · ba9b584c
      Chuck Lever 提交于
      An ULP is supposed to be able to replace a GSS rpc_auth object with
      another GSS rpc_auth object using rpcauth_create().  However,
      rpcauth_create() in 3.5 reliably fails with -EEXIST in this case.
      This is because when gss_create() attempts to create the upcall pipes,
      sometimes they are already there.  For example if a pipe FS mount
      event occurs, or a previous GSS flavor was in use for this rpc_clnt.
      
      It turns out that's not the only problem here.  While working on a
      fix for the above problem, we noticed that replacing an rpc_clnt's
      rpc_auth is not safe, since dereferencing the cl_auth field is not
      protected in any way.
      
      So we're deprecating the ability of rpcauth_create() to switch an
      rpc_clnt's security flavor during normal operation.  Instead, let's
      add a fresh API that clones an rpc_clnt and gives the clone a new
      flavor before it's used.
      
      This makes immediate use of the new __rpc_clone_client() helper.
      
      This can be used in a similar fashion to rpcauth_create() when a
      client is hunting for the correct security flavor.  Instead of
      replacing an rpc_clnt's security flavor in a loop, the ULP replaces
      the whole rpc_clnt.
      
      To fix the -EEXIST problem, any ULP logic that relies on replacing
      an rpc_clnt's rpc_auth with rpcauth_create() must be changed to use
      this API instead.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      ba9b584c