2008-03-13 17:59:57

by Myklebust, Trond

[permalink] [raw]
Subject: [PATCH 0/6] Implement generic RPC credentials

The NFSv4 protocol allows clients to negotiate security protocols on the
fly in the case where an administrator on the server changes the export
settings and/or in the case where we may have a filesystem migration

Instead of having the NFS client code cache credentials that are tied to
a particular AUTH method it is therefore preferable to have a generic
credential that can be converted into whatever AUTH is in use by the RPC
client when the read/write/sillyrename/... is put on the wire.

We do this by means of a new "generic" credential, which basically just
caches the minimal information that is needed to look up an RPCSEC_GSS,
AUTH_SYS, or AUTH_NULL credential.

We then ensure that when the rpc_init_task attempts to bind this
credential is bound to the task, it results in a lookup of a cred for
whatever auth mechanism is currently the default in task->tk_client.

Trond Myklebust
NFS client maintainer

[email protected]