mirror of https://github.com/torvalds/linux.git
NFS: Have struct nfs_client carry a TLS policy field
The new field is used to match struct nfs_clients that have the same TLS policy setting. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
This commit is contained in:
Chuck Lever
Trond Myklebust
parent
75eb6af7ac
commit
6c0a8c5fcf
|
|
@ -184,6 +184,7 @@ struct nfs_client *nfs_alloc_client(const struct nfs_client_initdata *cl_init)
|
||||||
clp->cl_net = get_net(cl_init->net);
|
clp->cl_net = get_net(cl_init->net);
|
||||||
|
|
||||||
clp->cl_principal = "*";
|
clp->cl_principal = "*";
|
||||||
|
clp->cl_xprtsec = cl_init->xprtsec;
|
||||||
return clp;
|
return clp;
|
||||||
|
|
||||||
error_cleanup:
|
error_cleanup:
|
||||||
|
|
@ -326,6 +327,10 @@ static struct nfs_client *nfs_match_client(const struct nfs_client_initdata *dat
|
||||||
sap))
|
sap))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
/* Match the xprt security policy */
|
||||||
|
if (clp->cl_xprtsec.policy != data->xprtsec.policy)
|
||||||
|
continue;
|
||||||
|
|
||||||
refcount_inc(&clp->cl_count);
|
refcount_inc(&clp->cl_count);
|
||||||
return clp;
|
return clp;
|
||||||
}
|
}
|
||||||
|
|
@ -675,6 +680,9 @@ static int nfs_init_server(struct nfs_server *server,
|
||||||
.cred = server->cred,
|
.cred = server->cred,
|
||||||
.nconnect = ctx->nfs_server.nconnect,
|
.nconnect = ctx->nfs_server.nconnect,
|
||||||
.init_flags = (1UL << NFS_CS_REUSEPORT),
|
.init_flags = (1UL << NFS_CS_REUSEPORT),
|
||||||
|
.xprtsec = {
|
||||||
|
.policy = RPC_XPRTSEC_NONE,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
struct nfs_client *clp;
|
struct nfs_client *clp;
|
||||||
int error;
|
int error;
|
||||||
|
|
|
||||||
|
|
@ -81,6 +81,7 @@ struct nfs_client_initdata {
|
||||||
struct net *net;
|
struct net *net;
|
||||||
const struct rpc_timeout *timeparms;
|
const struct rpc_timeout *timeparms;
|
||||||
const struct cred *cred;
|
const struct cred *cred;
|
||||||
|
struct xprtsec_parms xprtsec;
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
|
|
@ -93,6 +93,7 @@ struct nfs_client *nfs3_set_ds_client(struct nfs_server *mds_srv,
|
||||||
.net = mds_clp->cl_net,
|
.net = mds_clp->cl_net,
|
||||||
.timeparms = &ds_timeout,
|
.timeparms = &ds_timeout,
|
||||||
.cred = mds_srv->cred,
|
.cred = mds_srv->cred,
|
||||||
|
.xprtsec = mds_clp->cl_xprtsec,
|
||||||
};
|
};
|
||||||
struct nfs_client *clp;
|
struct nfs_client *clp;
|
||||||
char buf[INET6_ADDRSTRLEN + 1];
|
char buf[INET6_ADDRSTRLEN + 1];
|
||||||
|
|
|
||||||
|
|
@ -896,7 +896,8 @@ static int nfs4_set_client(struct nfs_server *server,
|
||||||
int proto, const struct rpc_timeout *timeparms,
|
int proto, const struct rpc_timeout *timeparms,
|
||||||
u32 minorversion, unsigned int nconnect,
|
u32 minorversion, unsigned int nconnect,
|
||||||
unsigned int max_connect,
|
unsigned int max_connect,
|
||||||
struct net *net)
|
struct net *net,
|
||||||
|
struct xprtsec_parms *xprtsec)
|
||||||
{
|
{
|
||||||
struct nfs_client_initdata cl_init = {
|
struct nfs_client_initdata cl_init = {
|
||||||
.hostname = hostname,
|
.hostname = hostname,
|
||||||
|
|
@ -909,6 +910,7 @@ static int nfs4_set_client(struct nfs_server *server,
|
||||||
.net = net,
|
.net = net,
|
||||||
.timeparms = timeparms,
|
.timeparms = timeparms,
|
||||||
.cred = server->cred,
|
.cred = server->cred,
|
||||||
|
.xprtsec = *xprtsec,
|
||||||
};
|
};
|
||||||
struct nfs_client *clp;
|
struct nfs_client *clp;
|
||||||
|
|
||||||
|
|
@ -978,6 +980,7 @@ struct nfs_client *nfs4_set_ds_client(struct nfs_server *mds_srv,
|
||||||
.net = mds_clp->cl_net,
|
.net = mds_clp->cl_net,
|
||||||
.timeparms = &ds_timeout,
|
.timeparms = &ds_timeout,
|
||||||
.cred = mds_srv->cred,
|
.cred = mds_srv->cred,
|
||||||
|
.xprtsec = mds_srv->nfs_client->cl_xprtsec,
|
||||||
};
|
};
|
||||||
char buf[INET6_ADDRSTRLEN + 1];
|
char buf[INET6_ADDRSTRLEN + 1];
|
||||||
|
|
||||||
|
|
@ -1127,6 +1130,9 @@ static int nfs4_server_common_setup(struct nfs_server *server,
|
||||||
static int nfs4_init_server(struct nfs_server *server, struct fs_context *fc)
|
static int nfs4_init_server(struct nfs_server *server, struct fs_context *fc)
|
||||||
{
|
{
|
||||||
struct nfs_fs_context *ctx = nfs_fc2context(fc);
|
struct nfs_fs_context *ctx = nfs_fc2context(fc);
|
||||||
|
struct xprtsec_parms xprtsec = {
|
||||||
|
.policy = RPC_XPRTSEC_NONE,
|
||||||
|
};
|
||||||
struct rpc_timeout timeparms;
|
struct rpc_timeout timeparms;
|
||||||
int error;
|
int error;
|
||||||
|
|
||||||
|
|
@ -1157,7 +1163,8 @@ static int nfs4_init_server(struct nfs_server *server, struct fs_context *fc)
|
||||||
ctx->minorversion,
|
ctx->minorversion,
|
||||||
ctx->nfs_server.nconnect,
|
ctx->nfs_server.nconnect,
|
||||||
ctx->nfs_server.max_connect,
|
ctx->nfs_server.max_connect,
|
||||||
fc->net_ns);
|
fc->net_ns,
|
||||||
|
&xprtsec);
|
||||||
if (error < 0)
|
if (error < 0)
|
||||||
return error;
|
return error;
|
||||||
|
|
||||||
|
|
@ -1247,7 +1254,8 @@ struct nfs_server *nfs4_create_referral_server(struct fs_context *fc)
|
||||||
parent_client->cl_mvops->minor_version,
|
parent_client->cl_mvops->minor_version,
|
||||||
parent_client->cl_nconnect,
|
parent_client->cl_nconnect,
|
||||||
parent_client->cl_max_connect,
|
parent_client->cl_max_connect,
|
||||||
parent_client->cl_net);
|
parent_client->cl_net,
|
||||||
|
&parent_client->cl_xprtsec);
|
||||||
if (!error)
|
if (!error)
|
||||||
goto init_server;
|
goto init_server;
|
||||||
#endif /* IS_ENABLED(CONFIG_SUNRPC_XPRT_RDMA) */
|
#endif /* IS_ENABLED(CONFIG_SUNRPC_XPRT_RDMA) */
|
||||||
|
|
@ -1263,7 +1271,8 @@ struct nfs_server *nfs4_create_referral_server(struct fs_context *fc)
|
||||||
parent_client->cl_mvops->minor_version,
|
parent_client->cl_mvops->minor_version,
|
||||||
parent_client->cl_nconnect,
|
parent_client->cl_nconnect,
|
||||||
parent_client->cl_max_connect,
|
parent_client->cl_max_connect,
|
||||||
parent_client->cl_net);
|
parent_client->cl_net,
|
||||||
|
&parent_client->cl_xprtsec);
|
||||||
if (error < 0)
|
if (error < 0)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
|
|
@ -1336,7 +1345,8 @@ int nfs4_update_server(struct nfs_server *server, const char *hostname,
|
||||||
error = nfs4_set_client(server, hostname, sap, salen, buf,
|
error = nfs4_set_client(server, hostname, sap, salen, buf,
|
||||||
clp->cl_proto, clnt->cl_timeout,
|
clp->cl_proto, clnt->cl_timeout,
|
||||||
clp->cl_minorversion,
|
clp->cl_minorversion,
|
||||||
clp->cl_nconnect, clp->cl_max_connect, net);
|
clp->cl_nconnect, clp->cl_max_connect,
|
||||||
|
net, &clp->cl_xprtsec);
|
||||||
clear_bit(NFS_MIG_TSM_POSSIBLE, &server->mig_status);
|
clear_bit(NFS_MIG_TSM_POSSIBLE, &server->mig_status);
|
||||||
if (error != 0) {
|
if (error != 0) {
|
||||||
nfs_server_insert_lists(server);
|
nfs_server_insert_lists(server);
|
||||||
|
|
|
||||||
|
|
@ -63,7 +63,8 @@ struct nfs_client {
|
||||||
u32 cl_minorversion;/* NFSv4 minorversion */
|
u32 cl_minorversion;/* NFSv4 minorversion */
|
||||||
unsigned int cl_nconnect; /* Number of connections */
|
unsigned int cl_nconnect; /* Number of connections */
|
||||||
unsigned int cl_max_connect; /* max number of xprts allowed */
|
unsigned int cl_max_connect; /* max number of xprts allowed */
|
||||||
const char * cl_principal; /* used for machine cred */
|
const char * cl_principal; /* used for machine cred */
|
||||||
|
struct xprtsec_parms cl_xprtsec; /* xprt security policy */
|
||||||
|
|
||||||
#if IS_ENABLED(CONFIG_NFS_V4)
|
#if IS_ENABLED(CONFIG_NFS_V4)
|
||||||
struct list_head cl_ds_clients; /* auth flavor data servers */
|
struct list_head cl_ds_clients; /* auth flavor data servers */
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue