Linux kernel documentation tree maintained by Jonathan Corbet http://mirrors.hust.edu.cn/git/lwn.git/atom?h=docs-5.3 2019-05-21T08:50:45+00:00 2019-05-21T08:50:45+00:00 Thomas Gleixner tglx@linutronix.de 2019-05-19T12:08:55+00:00 urn:sha1:457c89965399115e5cd8bf38f9c597293405703d Add SPDX license identifiers to all files which: - Have no license information of any form - Have EXPORT_.*_SYMBOL_GPL inside which was used in the initial scan/conversion to ignore the file These files fall under the project license, GPL v2 only. The resulting SPDX license identifier is: GPL-2.0-only Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-04-24T13:46:35+00:00 Trond Myklebust trondmy@gmail.com 2019-04-09T16:13:40+00:00 urn:sha1:ccfe51a5161c17d24157c08f9963f351a89268fa gid_parse() is part of a downcall, so uids and gids should be assumed encoded using the current user namespace. svcauth_unix_accept() is, on the other hand, decoding uids and gids from the wire, so we assume those are encoded to match the user namespace of the server process. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2018-10-29T20:58:04+00:00 Trond Myklebust trondmy@gmail.com 2018-10-01T14:41:46+00:00 urn:sha1:fd5d2f78261bedd3a40feb1474323fddb88398b8 Convert structs ip_map and unix_gid to use RCU protected lookups. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2018-10-03T15:32:59+00:00 Trond Myklebust trondmy@gmail.com 2018-10-01T14:41:44+00:00 urn:sha1:608a0ab2f54ab0e301ad76a41aad979ea0d02670 Avoid taking the global auth_domain_lock in most lookups of the auth domain by adding an RCU protected lookup. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2017-12-15T00:00:49+00:00 Thiago Rafael Becker thiago.becker@gmail.com 2017-12-14T23:33:12+00:00 urn:sha1:bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758 In testing, we found that nfsd threads may call set_groups in parallel for the same entry cached in auth.unix.gid, racing in the call of groups_sort, corrupting the groups for that entry and leading to permission denials for the client. This patch: - Make groups_sort globally visible. - Move the call to groups_sort to the modifiers of group_info - Remove the call to groups_sort from set_groups Link: http://lkml.kernel.org/r/20171211151420.18655-1-thiago.becker@gmail.com Signed-off-by: Thiago Rafael Becker <thiago.becker@gmail.com> Reviewed-by: Matthew Wilcox <mawilcox@microsoft.com> Reviewed-by: NeilBrown <neilb@suse.com> Acked-by: "J. Bruce Fields" <bfields@fieldses.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2017-11-27T21:45:11+00:00 Bhumika Goyal bhumirks@gmail.com 2017-10-17T16:14:26+00:00 urn:sha1:ee24eac3ebb781c12a654985e33ecaa07f4d0f95 Make these const as they are only getting passed to the function cache_create_net having the argument as const. Signed-off-by: Bhumika Goyal <bhumirks@gmail.com> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2017-02-08T22:02:45+00:00 Kinglong Mee kinglongmee@gmail.com 2017-02-07T13:48:11+00:00 urn:sha1:5786461bd8ea81433d81297215ee814a9a33ce7a NFS_NGROUPS has been move to sunrpc, rename to UNX_NGROUPS. Signed-off-by: Kinglong Mee <kinglongmee@gmail.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2016-10-08T01:46:30+00:00 Alexey Dobriyan adobriyan@gmail.com 2016-10-08T00:03:12+00:00 urn:sha1:81243eacfa400f5f7b89f4c2323d0de9982bb0fb Current supplementary groups code can massively overallocate memory and is implemented in a way so that access to individual gid is done via 2D array. If number of gids is <= 32, memory allocation is more or less tolerable (140/148 bytes). But if it is not, code allocates full page (!) regardless and, what's even more fun, doesn't reuse small 32-entry array. 2D array means dependent shifts, loads and LEAs without possibility to optimize them (gid is never known at compile time). All of the above is unnecessary. Switch to the usual trailing-zero-len-array scheme. Memory is allocated with kmalloc/vmalloc() and only as much as needed. Accesses become simpler (LEA 8(gi,idx,4) or even without displacement). Maximum number of gids is 65536 which translates to 256KB+8 bytes. I think kernel can handle such allocation. On my usual desktop system with whole 9 (nine) aux groups, struct group_info shrinks from 148 bytes to 44 bytes, yay! Nice side effects: - "gi->gid[i]" is shorter than "GROUP_AT(gi, i)", less typing, - fix little mess in net/ipv4/ping.c should have been using GROUP_AT macro but this point becomes moot, - aux group allocation is persistent and should be accounted as such. Link: http://lkml.kernel.org/r/20160817201927.GA2096@p183.telecom.by Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Cc: Vasily Kulikov <segoon@openwall.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2015-11-24T17:39:16+00:00 J. Bruce Fields bfields@redhat.com 2015-11-20T20:45:35+00:00 urn:sha1:6496500cf15f29ac8afc565e2e4b6f92a1324860 Minor cleanup, no change in behavior. Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2013-07-08T21:27:23+00:00 J. Bruce Fields bfields@redhat.com 2013-07-08T17:44:45+00:00 urn:sha1:0979292bfa301cb87d936b69af428090d2feea1b As of f025adf191924e3a75ce80e130afcd2485b53bb8 "sunrpc: Properly decode kuids and kgids in RPC_AUTH_UNIX credentials" any rpc containing a -1 (0xffff) uid or gid would fail with a badcred error. Commit afe3c3fd5392b2f0066930abc5dbd3f4b14a0f13 "svcrpc: fix failures to handle -1 uid's and gid's" fixed part of the problem, but overlooked the gid upcall--the kernel can request supplementary gid's for the -1 uid, but mountd's attempt write a response will get -EINVAL. Symptoms were nfsd failing to reply to the first attempt to use a newly negotiated krb5 context. Reported-by: Sven Geggus <lists@fuchsschwanzdomain.de> Tested-by: Sven Geggus <lists@fuchsschwanzdomain.de> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>