From: Trond Myklebust <Trond.Myklebust@netapp.com>
To: David Howells <dhowells@redhat.com>
Cc: viro@ftp.linux.org.uk, hch@infradead.org, kwc@citi.umich.edu,
jlayton@redhat.com, nickpiggin@yahoo.com.au,
linux-fsdevel@vger.kernel.org
Subject: Re: Caching semi-digested credentials in struct cred
Date: Wed, 24 Oct 2007 15:39:24 -0400 [thread overview]
Message-ID: <1193254764.7515.27.camel@heimdal.trondhjem.org> (raw)
In-Reply-To: <3818.1193251318@redhat.com>
On Wed, 2007-10-24 at 19:41 +0100, David Howells wrote:
> > Use the credential struct as the unique lookup key for an rpc_cred.
>
> That's not good enough. A cred struct may map to several rpc_creds as I
> mentioned above. I suppose the nfs_client struct address could be added to the
> lookup key.
Huh? The RPC cred lookup function takes a pointer to an rpc_auth struct,
which should already be tied to an rpc_client. Passing an nfs_client is
completely unnecessary aside from being a massive layering violation.
> Furthermore, a cred struct may end up referring to different rpc_creds for the
> same domain if a key in the keyrings changes - unless I add something to make a
> COW mirror of the keyring contents from the keyrings.
In the case where keyrings are enabled and a key changes, then we should
revalidate the rpc_cred and either dump it (replacing it with a new
cred) or reuse it. We can only cache so much garbage...
> > If looking up rpc creds is a performance issue, then that needs to be
> > addressed separately. It should have nothing to do with the design of a
> > generic credential.
>
> If there's a cred -> rpc_cred mapping, then it might make sense to root the
> mapping in the cred struct and to make it generic. NFS is just one of the
> kernel services that might want to use this.
Possibly, but I'm not accepting any single patch that completely
rewrites the basic security model of NFS in one fell swoop. If you want
to change the cred->rpc_cred mapping, then that will be done in
incremental patches.
Your first step is therefore to get the generic cred working with the
_existing_ RPC security model.
Trond
next prev parent reply other threads:[~2007-10-24 19:39 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1193237038.7508.4.camel@heimdal.trondhjem.org>
[not found] ` <1192634425.7573.5.camel@heimdal.trondhjem.org>
[not found] ` <7004.1192630004@redhat.com>
[not found] ` <1248.1193234419@redhat.com>
2007-10-24 17:10 ` Caching semi-digested credentials in struct cred David Howells
2007-10-24 17:52 ` Trond Myklebust
2007-10-24 18:41 ` David Howells
2007-10-24 19:39 ` Trond Myklebust [this message]
2007-10-24 22:22 ` David Howells
2007-10-24 23:09 ` Trond Myklebust
2007-10-25 15:45 ` David Howells
2007-10-25 15:59 ` Trond Myklebust
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1193254764.7515.27.camel@heimdal.trondhjem.org \
--to=trond.myklebust@netapp.com \
--cc=dhowells@redhat.com \
--cc=hch@infradead.org \
--cc=jlayton@redhat.com \
--cc=kwc@citi.umich.edu \
--cc=linux-fsdevel@vger.kernel.org \
--cc=nickpiggin@yahoo.com.au \
--cc=viro@ftp.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).