Commit efc36aa5 authored by NeilBrown's avatar NeilBrown Committed by Linus Torvalds

[PATCH] knfsd: Change the store of auth_domains to not be a 'cache'

The 'auth_domain's are simply handles on internal data structures.  They do
not cache information from user-space, and forcing them into the mold of a
'cache' misrepresents their true nature and causes confusion.
Signed-off-by: default avatarNeil Brown <neilb@suse.de>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 3e7b1919
...@@ -242,7 +242,7 @@ static inline int svc_expkey_match (struct svc_expkey *a, struct svc_expkey *b) ...@@ -242,7 +242,7 @@ static inline int svc_expkey_match (struct svc_expkey *a, struct svc_expkey *b)
static inline void svc_expkey_init(struct svc_expkey *new, struct svc_expkey *item) static inline void svc_expkey_init(struct svc_expkey *new, struct svc_expkey *item)
{ {
cache_get(&item->ek_client->h); kref_get(&item->ek_client->ref);
new->ek_client = item->ek_client; new->ek_client = item->ek_client;
new->ek_fsidtype = item->ek_fsidtype; new->ek_fsidtype = item->ek_fsidtype;
new->ek_fsid[0] = item->ek_fsid[0]; new->ek_fsid[0] = item->ek_fsid[0];
...@@ -474,7 +474,7 @@ static inline int svc_export_match(struct svc_export *a, struct svc_export *b) ...@@ -474,7 +474,7 @@ static inline int svc_export_match(struct svc_export *a, struct svc_export *b)
} }
static inline void svc_export_init(struct svc_export *new, struct svc_export *item) static inline void svc_export_init(struct svc_export *new, struct svc_export *item)
{ {
cache_get(&item->ex_client->h); kref_get(&item->ex_client->ref);
new->ex_client = item->ex_client; new->ex_client = item->ex_client;
new->ex_dentry = dget(item->ex_dentry); new->ex_dentry = dget(item->ex_dentry);
new->ex_mnt = mntget(item->ex_mnt); new->ex_mnt = mntget(item->ex_mnt);
...@@ -1129,7 +1129,6 @@ exp_delclient(struct nfsctl_client *ncp) ...@@ -1129,7 +1129,6 @@ exp_delclient(struct nfsctl_client *ncp)
*/ */
if (dom) { if (dom) {
err = auth_unix_forget_old(dom); err = auth_unix_forget_old(dom);
dom->h.expiry_time = get_seconds();
auth_domain_put(dom); auth_domain_put(dom);
} }
......
...@@ -45,9 +45,10 @@ struct svc_rqst; /* forward decl */ ...@@ -45,9 +45,10 @@ struct svc_rqst; /* forward decl */
* of ip addresses to the given client. * of ip addresses to the given client.
*/ */
struct auth_domain { struct auth_domain {
struct cache_head h; struct kref ref;
struct hlist_node hash;
char *name; char *name;
int flavour; struct auth_ops *flavour;
}; };
/* /*
...@@ -86,6 +87,9 @@ struct auth_domain { ...@@ -86,6 +87,9 @@ struct auth_domain {
* *
* domain_release() * domain_release()
* This call releases a domain. * This call releases a domain.
* set_client()
* Givens a pending request (struct svc_rqst), finds and assigns
* an appropriate 'auth_domain' as the client.
*/ */
struct auth_ops { struct auth_ops {
char * name; char * name;
...@@ -117,7 +121,7 @@ extern void svc_auth_unregister(rpc_authflavor_t flavor); ...@@ -117,7 +121,7 @@ extern void svc_auth_unregister(rpc_authflavor_t flavor);
extern struct auth_domain *unix_domain_find(char *name); extern struct auth_domain *unix_domain_find(char *name);
extern void auth_domain_put(struct auth_domain *item); extern void auth_domain_put(struct auth_domain *item);
extern int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom); extern int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom);
extern struct auth_domain *auth_domain_lookup(struct auth_domain *item, int set); extern struct auth_domain *auth_domain_lookup(char *name, struct auth_domain *new);
extern struct auth_domain *auth_domain_find(char *name); extern struct auth_domain *auth_domain_find(char *name);
extern struct auth_domain *auth_unix_lookup(struct in_addr addr); extern struct auth_domain *auth_unix_lookup(struct in_addr addr);
extern int auth_unix_forget_old(struct auth_domain *dom); extern int auth_unix_forget_old(struct auth_domain *dom);
...@@ -160,8 +164,6 @@ static inline unsigned long hash_mem(char *buf, int length, int bits) ...@@ -160,8 +164,6 @@ static inline unsigned long hash_mem(char *buf, int length, int bits)
return hash >> (BITS_PER_LONG - bits); return hash >> (BITS_PER_LONG - bits);
} }
extern struct cache_detail auth_domain_cache, ip_map_cache;
#endif /* __KERNEL__ */ #endif /* __KERNEL__ */
#endif /* _LINUX_SUNRPC_SVCAUTH_H_ */ #endif /* _LINUX_SUNRPC_SVCAUTH_H_ */
...@@ -645,6 +645,8 @@ find_gss_auth_domain(struct gss_ctx *ctx, u32 svc) ...@@ -645,6 +645,8 @@ find_gss_auth_domain(struct gss_ctx *ctx, u32 svc)
return auth_domain_find(name); return auth_domain_find(name);
} }
static struct auth_ops svcauthops_gss;
int int
svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name) svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
{ {
...@@ -655,20 +657,18 @@ svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name) ...@@ -655,20 +657,18 @@ svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
new = kmalloc(sizeof(*new), GFP_KERNEL); new = kmalloc(sizeof(*new), GFP_KERNEL);
if (!new) if (!new)
goto out; goto out;
cache_init(&new->h.h); kref_init(&new->h.ref);
new->h.name = kmalloc(strlen(name) + 1, GFP_KERNEL); new->h.name = kmalloc(strlen(name) + 1, GFP_KERNEL);
if (!new->h.name) if (!new->h.name)
goto out_free_dom; goto out_free_dom;
strcpy(new->h.name, name); strcpy(new->h.name, name);
new->h.flavour = RPC_AUTH_GSS; new->h.flavour = &svcauthops_gss;
new->pseudoflavor = pseudoflavor; new->pseudoflavor = pseudoflavor;
new->h.h.expiry_time = NEVER;
test = auth_domain_lookup(&new->h, 1); test = auth_domain_lookup(name, &new->h);
if (test == &new->h) { if (test != &new->h) { /* XXX Duplicate registration? */
BUG_ON(atomic_dec_and_test(&new->h.h.refcnt));
} else { /* XXX Duplicate registration? */
auth_domain_put(&new->h); auth_domain_put(&new->h);
/* dangling ref-count... */
goto out; goto out;
} }
return 0; return 0;
......
...@@ -142,6 +142,7 @@ EXPORT_SYMBOL(nlm_debug); ...@@ -142,6 +142,7 @@ EXPORT_SYMBOL(nlm_debug);
extern int register_rpc_pipefs(void); extern int register_rpc_pipefs(void);
extern void unregister_rpc_pipefs(void); extern void unregister_rpc_pipefs(void);
extern struct cache_detail ip_map_cache;
static int __init static int __init
init_sunrpc(void) init_sunrpc(void)
...@@ -158,7 +159,6 @@ init_sunrpc(void) ...@@ -158,7 +159,6 @@ init_sunrpc(void)
#ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS
rpc_proc_init(); rpc_proc_init();
#endif #endif
cache_register(&auth_domain_cache);
cache_register(&ip_map_cache); cache_register(&ip_map_cache);
out: out:
return err; return err;
...@@ -169,8 +169,6 @@ cleanup_sunrpc(void) ...@@ -169,8 +169,6 @@ cleanup_sunrpc(void)
{ {
unregister_rpc_pipefs(); unregister_rpc_pipefs();
rpc_destroy_mempool(); rpc_destroy_mempool();
if (cache_unregister(&auth_domain_cache))
printk(KERN_ERR "sunrpc: failed to unregister auth_domain cache\n");
if (cache_unregister(&ip_map_cache)) if (cache_unregister(&ip_map_cache))
printk(KERN_ERR "sunrpc: failed to unregister ip_map cache\n"); printk(KERN_ERR "sunrpc: failed to unregister ip_map cache\n");
#ifdef RPC_DEBUG #ifdef RPC_DEBUG
......
...@@ -106,112 +106,56 @@ svc_auth_unregister(rpc_authflavor_t flavor) ...@@ -106,112 +106,56 @@ svc_auth_unregister(rpc_authflavor_t flavor)
EXPORT_SYMBOL(svc_auth_unregister); EXPORT_SYMBOL(svc_auth_unregister);
/************************************************** /**************************************************
* cache for domain name to auth_domain * 'auth_domains' are stored in a hash table indexed by name.
* Entries are only added by flavours which will normally * When the last reference to an 'auth_domain' is dropped,
* have a structure that 'inherits' from auth_domain. * the object is unhashed and freed.
* e.g. when an IP -> domainname is given to auth_unix, * If auth_domain_lookup fails to find an entry, it will return
* and the domain name doesn't exist, it will create a * it's second argument 'new'. If this is non-null, it will
* auth_unix_domain and add it to this hash table. * have been atomically linked into the table.
* If it finds the name does exist, but isn't AUTH_UNIX,
* it will complain.
*/ */
/*
* Auth auth_domain cache is somewhat different to other caches,
* largely because the entries are possibly of different types:
* each auth flavour has it's own type.
* One consequence of this that DefineCacheLookup cannot
* allocate a new structure as it cannot know the size.
* Notice that the "INIT" code fragment is quite different
* from other caches. When auth_domain_lookup might be
* creating a new domain, the new domain is passed in
* complete and it is used as-is rather than being copied into
* another structure.
*/
#define DN_HASHBITS 6 #define DN_HASHBITS 6
#define DN_HASHMAX (1<<DN_HASHBITS) #define DN_HASHMAX (1<<DN_HASHBITS)
#define DN_HASHMASK (DN_HASHMAX-1) #define DN_HASHMASK (DN_HASHMAX-1)
static struct cache_head *auth_domain_table[DN_HASHMAX]; static struct hlist_head auth_domain_table[DN_HASHMAX];
static spinlock_t auth_domain_lock = SPIN_LOCK_UNLOCKED;
static void auth_domain_drop(struct cache_head *item, struct cache_detail *cd)
{
struct auth_domain *dom = container_of(item, struct auth_domain, h);
if (cache_put(item,cd))
authtab[dom->flavour]->domain_release(dom);
}
struct cache_detail auth_domain_cache = {
.owner = THIS_MODULE,
.hash_size = DN_HASHMAX,
.hash_table = auth_domain_table,
.name = "auth.domain",
.cache_put = auth_domain_drop,
};
void auth_domain_put(struct auth_domain *dom) void auth_domain_put(struct auth_domain *dom)
{ {
auth_domain_drop(&dom->h, &auth_domain_cache); if (atomic_dec_and_lock(&dom->ref.refcount, &auth_domain_lock)) {
} hlist_del(&dom->hash);
dom->flavour->domain_release(dom);
static inline int auth_domain_hash(struct auth_domain *item) }
{
return hash_str(item->name, DN_HASHBITS);
}
static inline int auth_domain_match(struct auth_domain *tmp, struct auth_domain *item)
{
return strcmp(tmp->name, item->name) == 0;
} }
struct auth_domain * struct auth_domain *
auth_domain_lookup(struct auth_domain *item, int set) auth_domain_lookup(char *name, struct auth_domain *new)
{ {
struct auth_domain *tmp = NULL; struct auth_domain *hp;
struct cache_head **hp, **head; struct hlist_head *head;
head = &auth_domain_cache.hash_table[auth_domain_hash(item)]; struct hlist_node *np;
if (set) head = &auth_domain_table[hash_str(name, DN_HASHBITS)];
write_lock(&auth_domain_cache.hash_lock);
else spin_lock(&auth_domain_lock);
read_lock(&auth_domain_cache.hash_lock);
for (hp=head; *hp != NULL; hp = &tmp->h.next) { hlist_for_each_entry(hp, np, head, hash) {
tmp = container_of(*hp, struct auth_domain, h); if (strcmp(hp->name, name)==0) {
if (!auth_domain_match(tmp, item)) kref_get(&hp->ref);
continue; spin_unlock(&auth_domain_lock);
if (!set) { return hp;
cache_get(&tmp->h); }
goto out_noset;
} }
*hp = tmp->h.next; if (new) {
tmp->h.next = NULL; hlist_add_head(&new->hash, head);
auth_domain_drop(&tmp->h, &auth_domain_cache); kref_get(&new->ref);
goto out_set;
} }
/* Didn't find anything */ spin_unlock(&auth_domain_lock);
if (!set) return new;
goto out_nada;
auth_domain_cache.entries++;
out_set:
item->h.next = *head;
*head = &item->h;
cache_get(&item->h);
write_unlock(&auth_domain_cache.hash_lock);
cache_fresh(&auth_domain_cache, &item->h, item->h.expiry_time);
cache_get(&item->h);
return item;
out_nada:
tmp = NULL;
out_noset:
read_unlock(&auth_domain_cache.hash_lock);
return tmp;
} }
struct auth_domain *auth_domain_find(char *name) struct auth_domain *auth_domain_find(char *name)
{ {
struct auth_domain *rv, ad; return auth_domain_lookup(name, NULL);
ad.name = name;
rv = auth_domain_lookup(&ad, 0);
return rv;
} }
...@@ -27,17 +27,20 @@ struct unix_domain { ...@@ -27,17 +27,20 @@ struct unix_domain {
/* other stuff later */ /* other stuff later */
}; };
extern struct auth_ops svcauth_unix;
struct auth_domain *unix_domain_find(char *name) struct auth_domain *unix_domain_find(char *name)
{ {
struct auth_domain *rv, ud; struct auth_domain *rv;
struct unix_domain *new; struct unix_domain *new = NULL;
ud.name = name;
rv = auth_domain_lookup(&ud, 0);
foundit: rv = auth_domain_lookup(name, NULL);
if (rv && rv->flavour != RPC_AUTH_UNIX) { while(1) {
if (rv != &new->h) {
if (new) auth_domain_put(&new->h);
return rv;
}
if (rv && rv->flavour != &svcauth_unix) {
auth_domain_put(rv); auth_domain_put(rv);
return NULL; return NULL;
} }
...@@ -47,21 +50,12 @@ struct auth_domain *unix_domain_find(char *name) ...@@ -47,21 +50,12 @@ struct auth_domain *unix_domain_find(char *name)
new = kmalloc(sizeof(*new), GFP_KERNEL); new = kmalloc(sizeof(*new), GFP_KERNEL);
if (new == NULL) if (new == NULL)
return NULL; return NULL;
cache_init(&new->h.h); kref_init(&new->h.ref);
new->h.name = kstrdup(name, GFP_KERNEL); new->h.name = kstrdup(name, GFP_KERNEL);
new->h.flavour = RPC_AUTH_UNIX; new->h.flavour = &svcauth_unix;
new->addr_changes = 0; new->addr_changes = 0;
new->h.h.expiry_time = NEVER; rv = auth_domain_lookup(name, &new->h);
rv = auth_domain_lookup(&new->h, 2);
if (rv == &new->h) {
if (atomic_dec_and_test(&new->h.h.refcnt)) BUG();
} else {
auth_domain_put(&new->h);
goto foundit;
} }
return rv;
} }
static void svcauth_unix_domain_release(struct auth_domain *dom) static void svcauth_unix_domain_release(struct auth_domain *dom)
...@@ -130,7 +124,7 @@ static inline void ip_map_init(struct ip_map *new, struct ip_map *item) ...@@ -130,7 +124,7 @@ static inline void ip_map_init(struct ip_map *new, struct ip_map *item)
} }
static inline void ip_map_update(struct ip_map *new, struct ip_map *item) static inline void ip_map_update(struct ip_map *new, struct ip_map *item)
{ {
cache_get(&item->m_client->h.h); kref_get(&item->m_client->h.ref);
new->m_client = item->m_client; new->m_client = item->m_client;
new->m_add_change = item->m_add_change; new->m_add_change = item->m_add_change;
} }
...@@ -272,7 +266,7 @@ int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom) ...@@ -272,7 +266,7 @@ int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom)
struct unix_domain *udom; struct unix_domain *udom;
struct ip_map ip, *ipmp; struct ip_map ip, *ipmp;
if (dom->flavour != RPC_AUTH_UNIX) if (dom->flavour != &svcauth_unix)
return -EINVAL; return -EINVAL;
udom = container_of(dom, struct unix_domain, h); udom = container_of(dom, struct unix_domain, h);
strcpy(ip.m_class, "nfsd"); strcpy(ip.m_class, "nfsd");
...@@ -295,7 +289,7 @@ int auth_unix_forget_old(struct auth_domain *dom) ...@@ -295,7 +289,7 @@ int auth_unix_forget_old(struct auth_domain *dom)
{ {
struct unix_domain *udom; struct unix_domain *udom;
if (dom->flavour != RPC_AUTH_UNIX) if (dom->flavour != &svcauth_unix)
return -EINVAL; return -EINVAL;
udom = container_of(dom, struct unix_domain, h); udom = container_of(dom, struct unix_domain, h);
udom->addr_changes++; udom->addr_changes++;
...@@ -323,7 +317,7 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr) ...@@ -323,7 +317,7 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr)
rv = NULL; rv = NULL;
} else { } else {
rv = &ipm->m_client->h; rv = &ipm->m_client->h;
cache_get(&rv->h); kref_get(&rv->ref);
} }
ip_map_put(&ipm->h, &ip_map_cache); ip_map_put(&ipm->h, &ip_map_cache);
return rv; return rv;
...@@ -332,7 +326,6 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr) ...@@ -332,7 +326,6 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr)
void svcauth_unix_purge(void) void svcauth_unix_purge(void)
{ {
cache_purge(&ip_map_cache); cache_purge(&ip_map_cache);
cache_purge(&auth_domain_cache);
} }
static int static int
...@@ -361,7 +354,7 @@ svcauth_unix_set_client(struct svc_rqst *rqstp) ...@@ -361,7 +354,7 @@ svcauth_unix_set_client(struct svc_rqst *rqstp)
return SVC_DENIED; return SVC_DENIED;
case 0: case 0:
rqstp->rq_client = &ipm->m_client->h; rqstp->rq_client = &ipm->m_client->h;
cache_get(&rqstp->rq_client->h); kref_get(&rqstp->rq_client->ref);
ip_map_put(&ipm->h, &ip_map_cache); ip_map_put(&ipm->h, &ip_map_cache);
break; break;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment