Commit e6499c6f4b5f56a16f8b8ef60529c1da28b13aea
Committed by
Trond Myklebust
1 parent
2d3fe01c36
Exists in
master
and in
20 other branches
NFS: Fall back on old idmapper if request_key() fails
This patch removes the CONFIG_NFS_USE_NEW_IDMAPPER compile option. First, the idmapper will attempt to map the id using /sbin/request-key and nfsidmap. If this fails (if /etc/request-key.conf is not configured properly) then the idmapper will call the legacy code to perform the mapping. I left a comment stating where the legacy code begins to make it easier for somebody to remove in the future. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Showing 4 changed files with 37 additions and 82 deletions Side-by-side Diff
fs/nfs/Kconfig
... | ... | @@ -132,15 +132,4 @@ |
132 | 132 | select DNS_RESOLVER |
133 | 133 | select KEYS |
134 | 134 | default y |
135 | - | |
136 | -config NFS_USE_NEW_IDMAPPER | |
137 | - bool "Use the new idmapper upcall routine" | |
138 | - depends on NFS_V4 && KEYS | |
139 | - help | |
140 | - Say Y here if you want NFS to use the new idmapper upcall functions. | |
141 | - You will need /sbin/request-key (usually provided by the keyutils | |
142 | - package). For details, read | |
143 | - <file:Documentation/filesystems/nfs/idmapper.txt>. | |
144 | - | |
145 | - If you are unsure, say N. |
fs/nfs/idmap.c
... | ... | @@ -142,8 +142,6 @@ |
142 | 142 | return snprintf(buf, buflen, "%u", id); |
143 | 143 | } |
144 | 144 | |
145 | -#ifdef CONFIG_NFS_USE_NEW_IDMAPPER | |
146 | - | |
147 | 145 | #include <linux/cred.h> |
148 | 146 | #include <linux/sunrpc/sched.h> |
149 | 147 | #include <linux/nfs4.h> |
... | ... | @@ -169,7 +167,7 @@ |
169 | 167 | .read = user_read, |
170 | 168 | }; |
171 | 169 | |
172 | -int nfs_idmap_init(void) | |
170 | +static int nfs_idmap_init_keyring(void) | |
173 | 171 | { |
174 | 172 | struct cred *cred; |
175 | 173 | struct key *keyring; |
... | ... | @@ -211,7 +209,7 @@ |
211 | 209 | return ret; |
212 | 210 | } |
213 | 211 | |
214 | -void nfs_idmap_quit(void) | |
212 | +static void nfs_idmap_quit_keyring(void) | |
215 | 213 | { |
216 | 214 | key_revoke(id_resolver_cache->thread_keyring); |
217 | 215 | unregister_key_type(&key_type_id_resolver); |
... | ... | @@ -328,43 +326,7 @@ |
328 | 326 | return ret; |
329 | 327 | } |
330 | 328 | |
331 | -int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid) | |
332 | -{ | |
333 | - if (nfs_map_string_to_numeric(name, namelen, uid)) | |
334 | - return 0; | |
335 | - return nfs_idmap_lookup_id(name, namelen, "uid", uid); | |
336 | -} | |
337 | - | |
338 | -int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid) | |
339 | -{ | |
340 | - if (nfs_map_string_to_numeric(name, namelen, gid)) | |
341 | - return 0; | |
342 | - return nfs_idmap_lookup_id(name, namelen, "gid", gid); | |
343 | -} | |
344 | - | |
345 | -int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen) | |
346 | -{ | |
347 | - int ret = -EINVAL; | |
348 | - | |
349 | - if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) | |
350 | - ret = nfs_idmap_lookup_name(uid, "user", buf, buflen); | |
351 | - if (ret < 0) | |
352 | - ret = nfs_map_numeric_to_string(uid, buf, buflen); | |
353 | - return ret; | |
354 | -} | |
355 | -int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen) | |
356 | -{ | |
357 | - int ret = -EINVAL; | |
358 | - | |
359 | - if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) | |
360 | - ret = nfs_idmap_lookup_name(gid, "group", buf, buflen); | |
361 | - if (ret < 0) | |
362 | - ret = nfs_map_numeric_to_string(gid, buf, buflen); | |
363 | - return ret; | |
364 | -} | |
365 | - | |
366 | -#else /* CONFIG_NFS_USE_NEW_IDMAPPER not defined */ | |
367 | - | |
329 | +/* idmap classic begins here */ | |
368 | 330 | #include <linux/module.h> |
369 | 331 | #include <linux/mutex.h> |
370 | 332 | #include <linux/init.h> |
371 | 333 | |
... | ... | @@ -600,12 +562,21 @@ |
600 | 562 | |
601 | 563 | int nfs_idmap_init(void) |
602 | 564 | { |
603 | - return rpc_pipefs_notifier_register(&nfs_idmap_block); | |
565 | + int ret; | |
566 | + ret = nfs_idmap_init_keyring(); | |
567 | + if (ret != 0) | |
568 | + goto out; | |
569 | + ret = rpc_pipefs_notifier_register(&nfs_idmap_block); | |
570 | + if (ret != 0) | |
571 | + nfs_idmap_quit_keyring(); | |
572 | +out: | |
573 | + return ret; | |
604 | 574 | } |
605 | 575 | |
606 | 576 | void nfs_idmap_quit(void) |
607 | 577 | { |
608 | 578 | rpc_pipefs_notifier_unregister(&nfs_idmap_block); |
579 | + nfs_idmap_quit_keyring(); | |
609 | 580 | } |
610 | 581 | |
611 | 582 | /* |
612 | 583 | |
613 | 584 | |
614 | 585 | |
615 | 586 | |
616 | 587 | |
... | ... | @@ -930,19 +901,27 @@ |
930 | 901 | int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid) |
931 | 902 | { |
932 | 903 | struct idmap *idmap = server->nfs_client->cl_idmap; |
904 | + int ret = -EINVAL; | |
933 | 905 | |
934 | 906 | if (nfs_map_string_to_numeric(name, namelen, uid)) |
935 | 907 | return 0; |
936 | - return nfs_idmap_id(idmap, &idmap->idmap_user_hash, name, namelen, uid); | |
908 | + ret = nfs_idmap_lookup_id(name, namelen, "uid", uid); | |
909 | + if (ret < 0) | |
910 | + ret = nfs_idmap_id(idmap, &idmap->idmap_user_hash, name, namelen, uid); | |
911 | + return ret; | |
937 | 912 | } |
938 | 913 | |
939 | -int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid) | |
914 | +int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid) | |
940 | 915 | { |
941 | 916 | struct idmap *idmap = server->nfs_client->cl_idmap; |
917 | + int ret = -EINVAL; | |
942 | 918 | |
943 | - if (nfs_map_string_to_numeric(name, namelen, uid)) | |
919 | + if (nfs_map_string_to_numeric(name, namelen, gid)) | |
944 | 920 | return 0; |
945 | - return nfs_idmap_id(idmap, &idmap->idmap_group_hash, name, namelen, uid); | |
921 | + ret = nfs_idmap_lookup_id(name, namelen, "gid", gid); | |
922 | + if (ret < 0) | |
923 | + ret = nfs_idmap_id(idmap, &idmap->idmap_group_hash, name, namelen, gid); | |
924 | + return ret; | |
946 | 925 | } |
947 | 926 | |
948 | 927 | int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen) |
949 | 928 | |
950 | 929 | |
951 | 930 | |
952 | 931 | |
... | ... | @@ -950,23 +929,27 @@ |
950 | 929 | struct idmap *idmap = server->nfs_client->cl_idmap; |
951 | 930 | int ret = -EINVAL; |
952 | 931 | |
953 | - if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) | |
954 | - ret = nfs_idmap_name(idmap, &idmap->idmap_user_hash, uid, buf); | |
932 | + if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) { | |
933 | + ret = nfs_idmap_lookup_name(uid, "user", buf, buflen); | |
934 | + if (ret < 0) | |
935 | + ret = nfs_idmap_name(idmap, &idmap->idmap_user_hash, uid, buf); | |
936 | + } | |
955 | 937 | if (ret < 0) |
956 | 938 | ret = nfs_map_numeric_to_string(uid, buf, buflen); |
957 | 939 | return ret; |
958 | 940 | } |
959 | -int nfs_map_gid_to_group(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen) | |
941 | +int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen) | |
960 | 942 | { |
961 | 943 | struct idmap *idmap = server->nfs_client->cl_idmap; |
962 | 944 | int ret = -EINVAL; |
963 | 945 | |
964 | - if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) | |
965 | - ret = nfs_idmap_name(idmap, &idmap->idmap_group_hash, uid, buf); | |
946 | + if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) { | |
947 | + ret = nfs_idmap_lookup_name(gid, "group", buf, buflen); | |
948 | + if (ret < 0) | |
949 | + ret = nfs_idmap_name(idmap, &idmap->idmap_group_hash, gid, buf); | |
950 | + } | |
966 | 951 | if (ret < 0) |
967 | - ret = nfs_map_numeric_to_string(uid, buf, buflen); | |
952 | + ret = nfs_map_numeric_to_string(gid, buf, buflen); | |
968 | 953 | return ret; |
969 | 954 | } |
970 | - | |
971 | -#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */ |
fs/nfs/sysctl.c
... | ... | @@ -32,7 +32,6 @@ |
32 | 32 | .extra1 = (int *)&nfs_set_port_min, |
33 | 33 | .extra2 = (int *)&nfs_set_port_max, |
34 | 34 | }, |
35 | -#ifndef CONFIG_NFS_USE_NEW_IDMAPPER | |
36 | 35 | { |
37 | 36 | .procname = "idmap_cache_timeout", |
38 | 37 | .data = &nfs_idmap_cache_timeout, |
... | ... | @@ -40,7 +39,6 @@ |
40 | 39 | .mode = 0644, |
41 | 40 | .proc_handler = proc_dointvec_jiffies, |
42 | 41 | }, |
43 | -#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */ | |
44 | 42 | #endif |
45 | 43 | { |
46 | 44 | .procname = "nfs_mountpoint_timeout", |
include/linux/nfs_idmap.h
... | ... | @@ -82,23 +82,8 @@ |
82 | 82 | {} |
83 | 83 | #endif |
84 | 84 | |
85 | -#ifdef CONFIG_NFS_USE_NEW_IDMAPPER | |
86 | - | |
87 | -static inline int nfs_idmap_new(struct nfs_client *clp) | |
88 | -{ | |
89 | - return 0; | |
90 | -} | |
91 | - | |
92 | -static inline void nfs_idmap_delete(struct nfs_client *clp) | |
93 | -{ | |
94 | -} | |
95 | - | |
96 | -#else /* CONFIG_NFS_USE_NEW_IDMAPPER not set */ | |
97 | - | |
98 | 85 | int nfs_idmap_new(struct nfs_client *); |
99 | 86 | void nfs_idmap_delete(struct nfs_client *); |
100 | - | |
101 | -#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */ | |
102 | 87 | |
103 | 88 | void nfs_fattr_init_names(struct nfs_fattr *fattr, |
104 | 89 | struct nfs4_string *owner_name, |