From: Mike Snitzer <snitzer@kernel.org>
To: linux-nfs@vger.kernel.org
Cc: Jeff Layton <jlayton@kernel.org>,
Chuck Lever <chuck.lever@oracle.com>,
Anna Schumaker <anna@kernel.org>,
Trond Myklebust <trondmy@hammerspace.com>,
NeilBrown <neilb@suse.de>,
linux-fsdevel@vger.kernel.org
Subject: [PATCH v13 07/19] SUNRPC: add rpcauth_map_clnt_to_svc_cred_local
Date: Fri, 23 Aug 2024 14:14:05 -0400 [thread overview]
Message-ID: <20240823181423.20458-8-snitzer@kernel.org> (raw)
In-Reply-To: <20240823181423.20458-1-snitzer@kernel.org>
From: Weston Andros Adamson <dros@primarydata.com>
Add new funtion rpcauth_map_clnt_to_svc_cred_local which maps a
generic cred to a svc_cred suitable for use in nfsd.
This is needed by the localio code to map nfs client creds to nfs
server credentials.
Following from net/sunrpc/auth_unix.c:unx_marshal() it is clear that
->fsuid and ->fsgid must be used (rather than ->uid and ->gid). In
addition, these uid and gid must be translated with from_kuid_munged()
so local client uses correct uid and gid when acting as local server.
Suggested-by: NeilBrown <neilb@suse.de> # to approximate unx_marshal()
Signed-off-by: Weston Andros Adamson <dros@primarydata.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Co-developed-by: Mike Snitzer <snitzer@kernel.org>
Signed-off-by: Mike Snitzer <snitzer@kernel.org>
---
include/linux/sunrpc/auth.h | 4 ++++
net/sunrpc/auth.c | 22 ++++++++++++++++++++++
2 files changed, 26 insertions(+)
diff --git a/include/linux/sunrpc/auth.h b/include/linux/sunrpc/auth.h
index 61e58327b1aa..4cfb68f511db 100644
--- a/include/linux/sunrpc/auth.h
+++ b/include/linux/sunrpc/auth.h
@@ -11,6 +11,7 @@
#define _LINUX_SUNRPC_AUTH_H
#include <linux/sunrpc/sched.h>
+#include <linux/sunrpc/svcauth.h>
#include <linux/sunrpc/msg_prot.h>
#include <linux/sunrpc/xdr.h>
@@ -184,6 +185,9 @@ int rpcauth_uptodatecred(struct rpc_task *);
int rpcauth_init_credcache(struct rpc_auth *);
void rpcauth_destroy_credcache(struct rpc_auth *);
void rpcauth_clear_credcache(struct rpc_cred_cache *);
+void rpcauth_map_clnt_to_svc_cred_local(struct rpc_clnt *clnt,
+ const struct cred *,
+ struct svc_cred *);
char * rpcauth_stringify_acceptor(struct rpc_cred *);
static inline
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index 04534ea537c8..3b6d91b36589 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -17,6 +17,7 @@
#include <linux/sunrpc/clnt.h>
#include <linux/sunrpc/gss_api.h>
#include <linux/spinlock.h>
+#include <linux/user_namespace.h>
#include <trace/events/sunrpc.h>
@@ -308,6 +309,27 @@ rpcauth_init_credcache(struct rpc_auth *auth)
}
EXPORT_SYMBOL_GPL(rpcauth_init_credcache);
+void
+rpcauth_map_clnt_to_svc_cred_local(struct rpc_clnt *clnt,
+ const struct cred *cred,
+ struct svc_cred *svc)
+{
+ struct user_namespace *userns = clnt->cl_cred ?
+ clnt->cl_cred->user_ns : &init_user_ns;
+
+ memset(svc, 0, sizeof(struct svc_cred));
+
+ svc->cr_uid = KUIDT_INIT(from_kuid_munged(userns, cred->fsuid));
+ svc->cr_gid = KGIDT_INIT(from_kgid_munged(userns, cred->fsgid));
+ svc->cr_flavor = clnt->cl_auth->au_flavor;
+ if (cred->group_info)
+ svc->cr_group_info = get_group_info(cred->group_info);
+ /* These aren't relevant for local (network is bypassed) */
+ svc->cr_principal = NULL;
+ svc->cr_gss_mech = NULL;
+}
+EXPORT_SYMBOL_GPL(rpcauth_map_clnt_to_svc_cred_local);
+
char *
rpcauth_stringify_acceptor(struct rpc_cred *cred)
{
--
2.44.0
next prev parent reply other threads:[~2024-08-23 18:14 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-23 18:13 [PATCH v13 00/19] nfs/nfsd: add support for localio Mike Snitzer
2024-08-23 18:13 ` [PATCH v13 01/19] nfs_common: factor out nfs_errtbl and nfs_stat_to_errno Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 02/19] nfs_common: factor out nfs4_errtbl and nfs4_stat_to_errno Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 03/19] nfs: factor out {encode,decode}_opaque_fixed to nfs_xdr.h Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 04/19] nfsd: factor out __fh_verify to allow NULL rqstp to be passed Mike Snitzer
2024-08-25 15:32 ` Chuck Lever
2024-08-25 23:44 ` NeilBrown
2024-08-26 14:51 ` Chuck Lever
2024-08-28 17:01 ` Chuck Lever
2024-08-29 0:30 ` Mike Snitzer
2024-08-29 0:32 ` Mike Snitzer
2024-08-27 18:58 ` Mike Snitzer
2024-08-27 19:26 ` Chuck Lever
2024-08-27 19:35 ` Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 05/19] nfsd: add nfsd_file_acquire_local() Mike Snitzer
2024-08-25 15:18 ` Chuck Lever
2024-08-23 18:14 ` [PATCH v13 06/19] SUNRPC: remove call_allocate() BUG_ONs Mike Snitzer
2024-08-23 18:14 ` Mike Snitzer [this message]
2024-08-25 15:17 ` [PATCH v13 07/19] SUNRPC: add rpcauth_map_clnt_to_svc_cred_local Chuck Lever
2024-08-27 16:08 ` Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 08/19] SUNRPC: replace program list with program array Mike Snitzer
2024-08-25 15:14 ` Chuck Lever
2024-08-23 18:14 ` [PATCH v13 09/19] nfs_common: add NFS LOCALIO auxiliary protocol enablement Mike Snitzer
2024-08-26 0:32 ` NeilBrown
2024-08-27 17:45 ` Mike Snitzer
2024-08-27 21:25 ` NeilBrown
2024-08-23 18:14 ` [PATCH v13 10/19] nfsd: add localio support Mike Snitzer
2024-08-25 15:13 ` Chuck Lever
2024-08-26 0:53 ` NeilBrown
2024-08-26 20:03 ` Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 11/19] nfsd: implement server support for NFS_LOCALIO_PROGRAM Mike Snitzer
2024-08-25 15:09 ` Chuck Lever
2024-08-23 18:14 ` [PATCH v13 12/19] nfs: pass struct nfsd_file to nfs_init_pgio and nfs_init_commit Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 13/19] nfs: add localio support Mike Snitzer
2024-08-26 1:21 ` NeilBrown
2024-08-23 18:14 ` [PATCH v13 14/19] nfs: enable localio for non-pNFS IO Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 15/19] pnfs/flexfiles: enable localio support Mike Snitzer
2024-08-26 1:39 ` NeilBrown
2024-08-26 15:38 ` Mike Snitzer
2024-08-27 21:27 ` NeilBrown
2024-08-23 18:14 ` [PATCH v13 16/19] nfs/localio: use dedicated workqueues for filesystem read and write Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 17/19] nfs: implement client support for NFS_LOCALIO_PROGRAM Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 18/19] nfs: add Documentation/filesystems/nfs/localio.rst Mike Snitzer
2024-08-23 18:14 ` [PATCH v13 19/19] nfs: add FAQ section to Documentation/filesystems/nfs/localio.rst Mike Snitzer
2024-08-26 1:56 ` NeilBrown
2024-08-26 14:16 ` Chuck Lever III
2024-08-26 14:50 ` Trond Myklebust
2024-08-27 21:49 ` NeilBrown
2024-08-27 22:24 ` Trond Myklebust
2024-08-27 23:41 ` NeilBrown
2024-08-28 0:08 ` Trond Myklebust
2024-08-28 4:26 ` Mike Snitzer
2024-08-25 15:46 ` [PATCH v13 00/19] nfs/nfsd: add support for localio Chuck Lever
2024-08-27 16:56 ` Mike Snitzer
2024-08-26 1:59 ` NeilBrown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240823181423.20458-8-snitzer@kernel.org \
--to=snitzer@kernel.org \
--cc=anna@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=jlayton@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=neilb@suse.de \
--cc=trondmy@hammerspace.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).