• Chuck Lever's avatar
    SUNRPC: Introduce rpc_clone_client_set_auth() · ba9b584c
    Chuck Lever authored
    An ULP is supposed to be able to replace a GSS rpc_auth object with
    another GSS rpc_auth object using rpcauth_create().  However,
    rpcauth_create() in 3.5 reliably fails with -EEXIST in this case.
    This is because when gss_create() attempts to create the upcall pipes,
    sometimes they are already there.  For example if a pipe FS mount
    event occurs, or a previous GSS flavor was in use for this rpc_clnt.
    
    It turns out that's not the only problem here.  While working on a
    fix for the above problem, we noticed that replacing an rpc_clnt's
    rpc_auth is not safe, since dereferencing the cl_auth field is not
    protected in any way.
    
    So we're deprecating the ability of rpcauth_create() to switch an
    rpc_clnt's security flavor during normal operation.  Instead, let's
    add a fresh API that clones an rpc_clnt and gives the clone a new
    flavor before it's used.
    
    This makes immediate use of the new __rpc_clone_client() helper.
    
    This can be used in a similar fashion to rpcauth_create() when a
    client is hunting for the correct security flavor.  Instead of
    replacing an rpc_clnt's security flavor in a loop, the ULP replaces
    the whole rpc_clnt.
    
    To fix the -EEXIST problem, any ULP logic that relies on replacing
    an rpc_clnt's rpc_auth with rpcauth_create() must be changed to use
    this API instead.
    Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
    Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
    ba9b584c
clnt.c 53.7 KB