Re: [PATCH 2.5.30+] Second attempt at a shared credentials patch

[Trond Myklebust <trond.myklebust@fys.uio.no>]

>>>>> " " == Dave McCracken <dmccr@us.ibm.com> writes:

     > This patch allows tasks to share credentials via a flag to
     > clone().

     > This version fixes the problem with exec() that Linus found.
     > Tasks that call exec() get their own copy of the credentials at
     > that point.

     > The URL is here because it's too big to include in email:

     > http://www.ibm.com/linux/ltc/patches/misc/cred-2.5.30-3.diff.gz

What the hell is that change to fs/nfs/dir.c below all about? Try
mounting an NFSv2 partition with that applied...

Instead of doing this as one big unreadable monolithic patch and
risking getting things wrong like in the above case, it would be nice
if you could go via a set of wrapper functions:

#define get_current_uid() (current->uid)
#define set_current_uid(a) current->uid = a
.
.
.

...

That would allow you to make the changes to the lower level filesystem
code in smaller babysteps, and make the actual move to 'struct cred' a
trivial patch...


As I argued before when Ben first presented this, that will also allow
us the flexibility to change the structure at a later date. Several
filesystems could benefit from a shared *BSD-style 'struct ucred' to
replace the tuple current->{ fsuid, fsgid, groups }.

Cheers,
  Trond

diff -Nru a/fs/nfs/dir.c b/fs/nfs/dir.c
--- a/fs/nfs/dir.c      Wed Aug  7 09:08:23 2002
+++ b/fs/nfs/dir.c      Wed Aug  7 09:08:23 2002
@@ -1237,9 +1237,6 @@

        lock_kernel();

-       if (!NFS_PROTO(inode)->access)
-               goto out_notsup;
-
        cred = rpcauth_lookupcred(NFS_CLIENT(inode)->cl_auth, 0);
        if (cache->cred == cred
            && time_before(jiffies, cache->jiffies + NFS_ATTRTIMEO(inode))) {