summaryrefslogtreecommitdiff
path: root/fs/nfsd
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.com>2018-12-03 03:30:30 +0300
committerAnna Schumaker <Anna.Schumaker@Netapp.com>2018-12-19 21:52:45 +0300
commit5e16923b432bfe79fdfb7cd95ed8e63f6438b663 (patch)
tree92c842d96a8cacdead34c4f260bd371077f06793 /fs/nfsd
parentecd5f97e1c7cd6124e3c3053beb5f2239aeacf8e (diff)
downloadlinux-5e16923b432bfe79fdfb7cd95ed8e63f6438b663.tar.xz
NFS/SUNRPC: don't lookup machine credential until rpcauth_bindcred().
When NFS creates a machine credential, it is a "generic" credential, not tied to any auth protocol, and is really just a container for the princpal name. This doesn't get linked to a genuine credential until rpcauth_bindcred() is called. The lookup always succeeds, so various places that test if the machine credential is NULL, are pointless. As a step towards getting rid of generic credentials, this patch gets rid of generic machine credentials. The nfs_client and rpc_client just hold a pointer to a constant principal name. When a machine credential is wanted, a special static 'struct rpc_cred' pointer is used. rpcauth_bindcred() recognizes this, finds the principal from the client, and binds the correct credential. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Diffstat (limited to 'fs/nfsd')
-rw-r--r--fs/nfsd/nfs4callback.c12
1 files changed, 4 insertions, 8 deletions
diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
index c032e4c24a8d..1dcee1fd32d9 100644
--- a/fs/nfsd/nfs4callback.c
+++ b/fs/nfsd/nfs4callback.c
@@ -847,14 +847,10 @@ static int max_cb_time(struct net *net)
static struct rpc_cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc_clnt *client, struct nfsd4_session *ses)
{
if (clp->cl_minorversion == 0) {
- char *principal = clp->cl_cred.cr_targ_princ ?
- clp->cl_cred.cr_targ_princ : "nfs";
- struct rpc_cred *cred;
-
- cred = rpc_lookup_machine_cred(principal);
- if (!IS_ERR(cred))
- get_rpccred(cred);
- return cred;
+ client->cl_principal = clp->cl_cred.cr_targ_princ ?
+ clp->cl_cred.cr_targ_princ : "nfs";
+
+ return get_rpccred(rpc_machine_cred());
} else {
struct rpc_auth *auth = client->cl_auth;
struct auth_cred acred = {};