mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-12 03:26:26 +00:00
sunrpc: parse and return errors reported by gssd
The kernel currently ignores any error code sent by gssd and always considers it to be -EACCES. In order to better handle the situation of an expired KRB5 TGT, the kernel needs to be able to parse and deal with the errors that gssd sends. Aside from -EACCES the only error we care about is -EKEYEXPIRED, which we're using to indicate that the upper layers should retry the call a little later. To maintain backward compatibility with older gssd's, any error other than -EKEYEXPIRED is interpreted as -EACCES. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
This commit is contained in:
parent
ac73fddfc5
commit
dc5ddce956
1 changed files with 9 additions and 2 deletions
|
@ -206,8 +206,14 @@ gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct
|
||||||
ctx->gc_win = window_size;
|
ctx->gc_win = window_size;
|
||||||
/* gssd signals an error by passing ctx->gc_win = 0: */
|
/* gssd signals an error by passing ctx->gc_win = 0: */
|
||||||
if (ctx->gc_win == 0) {
|
if (ctx->gc_win == 0) {
|
||||||
/* in which case, p points to an error code which we ignore */
|
/*
|
||||||
p = ERR_PTR(-EACCES);
|
* in which case, p points to an error code. Anything other
|
||||||
|
* than -EKEYEXPIRED gets converted to -EACCES.
|
||||||
|
*/
|
||||||
|
p = simple_get_bytes(p, end, &ret, sizeof(ret));
|
||||||
|
if (!IS_ERR(p))
|
||||||
|
p = (ret == -EKEYEXPIRED) ? ERR_PTR(-EKEYEXPIRED) :
|
||||||
|
ERR_PTR(-EACCES);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* copy the opaque wire context */
|
/* copy the opaque wire context */
|
||||||
|
@ -646,6 +652,7 @@ gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
|
||||||
err = PTR_ERR(p);
|
err = PTR_ERR(p);
|
||||||
switch (err) {
|
switch (err) {
|
||||||
case -EACCES:
|
case -EACCES:
|
||||||
|
case -EKEYEXPIRED:
|
||||||
gss_msg->msg.errno = err;
|
gss_msg->msg.errno = err;
|
||||||
err = mlen;
|
err = mlen;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue