From: "J. Bruce Fields" <bfields@fieldses.org>
To: Weston Andros Adamson <dros@primarydata.com>
Cc: Anna Schumaker <Anna.Schumaker@netapp.com>,
Trond Myklebust <Trond.Myklebust@primarydata.com>,
linux-nfs list <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH 0/3] Remove function macros from nfs4_fs.h
Date: Wed, 7 Jan 2015 13:57:32 -0500 [thread overview]
Message-ID: <20150107185732.GD7066@fieldses.org> (raw)
In-Reply-To: <20150107185525.GC7066@fieldses.org>
On Wed, Jan 07, 2015 at 01:55:25PM -0500, J. Bruce Fields wrote:
> On Wed, Jan 07, 2015 at 01:47:53PM -0500, Weston Andros Adamson wrote:
> > Ah, right, but only for state operations that don’t touch the filesystem:
> >
> > OP_BIND_CONN_TO_SESSION
> > OP_EXCHANGE_ID
> > OP_CREATE_SESSION
> > OP_DESTROY_SESSION
> > OP_DESTROY_CLIENTID
> >
> > Which is not that interesting, since the client should already be using the machine cred
> > with these operations.
> >
> > What is interesting is supporting write and commit (and associated ops, i.e. sequence).
> > That way when a client is doing buffered writes and the user cred expires, it can flush the
> > locally cached data. This is what the linux client SP4_MACH_CRED feature focused on.
> >
> > I think implementing SP4_MACH_CRED for these operations has the issue I mentioned
> > earlier: the fh_verify path will have to check credentials against some cached credential
> > (tied to the stateid), because request will contain the machine credential and not the user
> > credential that previous writes (before cred expiration) used.
>
> Oh, I see. Yeah, that sounds like a bigger project.
(And I'd be curious what the security model is.)
--b.
prev parent reply other threads:[~2015-01-07 18:57 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-05 19:17 [PATCH 0/3] Remove function macros from nfs4_fs.h Anna Schumaker
2015-01-05 19:17 ` [PATCH 1/3] nfs: Call nfs4_state_protect() from nfs4_proc_commit_setup() Anna Schumaker
2015-01-05 19:17 ` [PATCH 2/3] nfs: Call nfs4_state_protect_write() from nfs4_proc_write_setup() Anna Schumaker
2015-01-05 19:17 ` [PATCH 3/3] nfs: Remove unused v4 macros Anna Schumaker
2015-01-05 20:31 ` [PATCH 0/3] Remove function macros from nfs4_fs.h Weston Andros Adamson
2015-01-05 21:06 ` Anna Schumaker
2015-01-05 21:51 ` Weston Andros Adamson
2015-01-06 15:02 ` Weston Andros Adamson
2015-01-06 19:08 ` J. Bruce Fields
2015-01-07 18:47 ` Weston Andros Adamson
2015-01-07 18:55 ` J. Bruce Fields
2015-01-07 18:57 ` J. Bruce Fields [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150107185732.GD7066@fieldses.org \
--to=bfields@fieldses.org \
--cc=Anna.Schumaker@netapp.com \
--cc=Trond.Myklebust@primarydata.com \
--cc=dros@primarydata.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox