lockd: Pass the user cred from knfsd when starting the lockd server

author Trond Myklebust <trondmy@gmail.com>

Tue, 9 Apr 2019 16:13:39 +0000 (12:13 -0400)

committer J. Bruce Fields <bfields@redhat.com>

Wed, 24 Apr 2019 13:46:35 +0000 (09:46 -0400)
author Trond Myklebust <trondmy@gmail.com>
Tue, 9 Apr 2019 16:13:39 +0000 (12:13 -0400)
committer J. Bruce Fields <bfields@redhat.com>
Wed, 24 Apr 2019 13:46:35 +0000 (09:46 -0400)
diff --git a/fs/lockd/clntlock.c b/fs/lockd/clntlock.c

index c2a128678e6e596ffebdc43db0989bbbd83ee1f4..d61b72b693cf11c5e3aff60fdd7b8d3e0ff6edf2 100644 (file)
--- a/fs/lockd/clntlock.c
+++ b/fs/lockd/clntlock.c
@@ -56,7 +56,7 @@ struct nlm_host *nlmclnt_init(const struct nlmclnt_initdata *nlm_init)
         u32 nlm_version = (nlm_init->nfs_version == 2) ? 1 : 4;
         int status;
  
-       status = lockd_up(nlm_init->net);
+       status = lockd_up(nlm_init->net, nlm_init->cred);
         if (status < 0)
                 return ERR_PTR(status);
  
@@ -241,7 +241,7 @@ reclaimer(void *ptr)
         allow_signal(SIGKILL);
  
         down_write(&host->h_rwsem);
-       lockd_up(net);  /* note: this cannot fail as lockd is already running */
+       lockd_up(net, NULL);    /* note: this cannot fail as lockd is already running */
  
         dprintk("lockd: reclaiming locks for host %s\n", host->h_name);
  
diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c

index 82aa0f35e43d9fb60341b6d9bb263d4b0518843d..3056f3a0c27079706230ea56b9a064b17d75cd76 100644 (file)
--- a/fs/lockd/svc.c
+++ b/fs/lockd/svc.c
@@ -188,9 +188,9 @@ lockd(void *vrqstp)
  
  static int create_lockd_listener(struct svc_serv *serv, const char *name,
                                  struct net *net, const int family,
-                                const unsigned short port)
+                                const unsigned short port,
+                                const struct cred *cred)
  {
-       const struct cred *cred = current_cred();
         struct svc_xprt *xprt;
  
         xprt = svc_find_xprt(serv, name, net, family, 0);
@@ -202,15 +202,17 @@ static int create_lockd_listener(struct svc_serv *serv, const char *name,
  }
  
  static int create_lockd_family(struct svc_serv *serv, struct net *net,
-                              const int family)
+                              const int family, const struct cred *cred)
  {
         int err;
  
-       err = create_lockd_listener(serv, "udp", net, family, nlm_udpport);
+       err = create_lockd_listener(serv, "udp", net, family, nlm_udpport,
+                       cred);
         if (err < 0)
                 return err;
  
-       return create_lockd_listener(serv, "tcp", net, family, nlm_tcpport);
+       return create_lockd_listener(serv, "tcp", net, family, nlm_tcpport,
+                       cred);
  }
  
  /*
@@ -223,16 +225,17 @@ static int create_lockd_family(struct svc_serv *serv, struct net *net,
   * Returns zero if all listeners are available; otherwise a
   * negative errno value is returned.
   */
-static int make_socks(struct svc_serv *serv, struct net *net)
+static int make_socks(struct svc_serv *serv, struct net *net,
+               const struct cred *cred)
  {
         static int warned;
         int err;
  
-       err = create_lockd_family(serv, net, PF_INET);
+       err = create_lockd_family(serv, net, PF_INET, cred);
         if (err < 0)
                 goto out_err;
  
-       err = create_lockd_family(serv, net, PF_INET6);
+       err = create_lockd_family(serv, net, PF_INET6, cred);
         if (err < 0 && err != -EAFNOSUPPORT)
                 goto out_err;
  
@@ -247,7 +250,8 @@ out_err:
         return err;
  }
  
-static int lockd_up_net(struct svc_serv *serv, struct net *net)
+static int lockd_up_net(struct svc_serv *serv, struct net *net,
+               const struct cred *cred)
  {
         struct lockd_net *ln = net_generic(net, lockd_net_id);
         int error;
@@ -259,7 +263,7 @@ static int lockd_up_net(struct svc_serv *serv, struct net *net)
         if (error)
                 goto err_bind;
  
-       error = make_socks(serv, net);
+       error = make_socks(serv, net, cred);
         if (error < 0)
                 goto err_bind;
         set_grace_period(net);
@@ -462,7 +466,7 @@ static struct svc_serv *lockd_create_svc(void)
  /*
   * Bring up the lockd process if it's not already up.
   */
-int lockd_up(struct net *net)
+int lockd_up(struct net *net, const struct cred *cred)
  {
         struct svc_serv *serv;
         int error;
@@ -475,7 +479,7 @@ int lockd_up(struct net *net)
                 goto err_create;
         }
  
-       error = lockd_up_net(serv, net);
+       error = lockd_up_net(serv, net, cred);
         if (error < 0) {
                 lockd_unregister_notifiers();
                 goto err_put;
diff --git a/fs/nfs/client.c b/fs/nfs/client.c

index 90d71fda65cecfb3958cc4391240e2a09bac783e..92d07d99829dfd7018bd6503fa333780eded055e 100644 (file)
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -552,6 +552,7 @@ static int nfs_start_lockd(struct nfs_server *server)
                                         1 : 0,
                 .net            = clp->cl_net,
                 .nlmclnt_ops    = clp->cl_nfs_mod->rpc_ops->nlmclnt_ops,
+               .cred           = current_cred(),
         };
  
         if (nlm_init.nfs_version > 3)
diff --git a/fs/nfsd/nfssvc.c b/fs/nfsd/nfssvc.c

index 32e4d8a334e3043a49f3a5a5621473cf28982116..18d94ea984ba4add43d1af0ca90ed155fc67c700 100644 (file)
--- a/fs/nfsd/nfssvc.c
+++ b/fs/nfsd/nfssvc.c
@@ -364,7 +364,7 @@ static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cre
                 goto out_socks;
  
         if (nfsd_needs_lockd(nn) && !nn->lockd_up) {
-               ret = lockd_up(net);
+               ret = lockd_up(net, cred);
                 if (ret)
                         goto out_socks;
                 nn->lockd_up = 1;
diff --git a/include/linux/lockd/bind.h b/include/linux/lockd/bind.h

index 053a4ef3d43175df329ab8b5e2758ce67c50cf7d..0520c0cd73f42ef33c67c97fbad3ca277be67f48 100644 (file)
--- a/include/linux/lockd/bind.h
+++ b/include/linux/lockd/bind.h
@@ -46,6 +46,7 @@ struct nlmclnt_initdata {
         int                     noresvport;
         struct net              *net;
         const struct nlmclnt_operations *nlmclnt_ops;
+       const struct cred       *cred;
  };
  
  /*
@@ -75,7 +76,7 @@ struct nlmclnt_operations {
  };
  
  extern int     nlmclnt_proc(struct nlm_host *host, int cmd, struct file_lock *fl, void *data);
-extern int     lockd_up(struct net *net);
+extern int     lockd_up(struct net *net, const struct cred *cred);
  extern void    lockd_down(struct net *net);
  
  #endif /* LINUX_LOCKD_BIND_H */
author	Trond Myklebust <trondmy@gmail.com>
	Tue, 9 Apr 2019 16:13:39 +0000 (12:13 -0400)
committer	J. Bruce Fields <bfields@redhat.com>
	Wed, 24 Apr 2019 13:46:35 +0000 (09:46 -0400)
fs/lockd/clntlock.c		patch \| blob \| blame \| history
fs/lockd/svc.c		patch \| blob \| blame \| history
fs/nfs/client.c		patch \| blob \| blame \| history
fs/nfsd/nfssvc.c		patch \| blob \| blame \| history
include/linux/lockd/bind.h		patch \| blob \| blame \| history