NFS: Fall back on old idmapper if request_key() fails

This patch removes the CONFIG_NFS_USE_NEW_IDMAPPER compile option.
First, the idmapper will attempt to map the id using /sbin/request-key
and nfsidmap.  If this fails (if /etc/request-key.conf is not configured
properly) then the idmapper will call the legacy code to perform the
mapping.  I left a comment stating where the legacy code begins to make
it easier for somebody to remove in the future.

Signed-off-by: Bryan Schumaker <bjschuma@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig
index dbcd82126aed309026dc55f33754f8209ceaaeb5..021d2cf6938ac988e9e8720c00051dbfe01c99d0 100644 (file)
--- a/fs/nfs/Kconfig
+++ b/fs/nfs/Kconfig
@@ -132,14 +132,3 @@ config NFS_USE_KERNEL_DNS
        select DNS_RESOLVER
        select KEYS
        default y
-
-config NFS_USE_NEW_IDMAPPER
-       bool "Use the new idmapper upcall routine"
-       depends on NFS_V4 && KEYS
-       help
-         Say Y here if you want NFS to use the new idmapper upcall functions.
-         You will need /sbin/request-key (usually provided by the keyutils
-         package).  For details, read
-         <file:Documentation/filesystems/nfs/idmapper.txt>.
-
-         If you are unsure, say N.

diff --git a/fs/nfs/idmap.c b/fs/nfs/idmap.c
index 62264e0b1ddb04e1184f7b131a80398a85eb5369..e0ecd5a7e19a71125dd9c11eb4e3a6d1c03ef46a 100644 (file)
--- a/fs/nfs/idmap.c
+++ b/fs/nfs/idmap.c
@@ -142,8 +142,6 @@ static int nfs_map_numeric_to_string(__u32 id, char *buf, size_t buflen)
        return snprintf(buf, buflen, "%u", id);
 }
 
-#ifdef CONFIG_NFS_USE_NEW_IDMAPPER
-
 #include <linux/cred.h>
 #include <linux/sunrpc/sched.h>
 #include <linux/nfs4.h>
@@ -169,7 +167,7 @@ struct key_type key_type_id_resolver = {
        .read           = user_read,
 };
 
-int nfs_idmap_init(void)
+static int nfs_idmap_init_keyring(void)
 {
        struct cred *cred;
        struct key *keyring;
@@ -211,7 +209,7 @@ failed_put_cred:
        return ret;
 }
 
-void nfs_idmap_quit(void)
+static void nfs_idmap_quit_keyring(void)
 {
        key_revoke(id_resolver_cache->thread_keyring);
        unregister_key_type(&key_type_id_resolver);
@@ -328,43 +326,7 @@ static int nfs_idmap_lookup_id(const char *name, size_t namelen,
        return ret;
 }
 
-int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid)
-{
-       if (nfs_map_string_to_numeric(name, namelen, uid))
-               return 0;
-       return nfs_idmap_lookup_id(name, namelen, "uid", uid);
-}
-
-int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid)
-{
-       if (nfs_map_string_to_numeric(name, namelen, gid))
-               return 0;
-       return nfs_idmap_lookup_id(name, namelen, "gid", gid);
-}
-
-int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen)
-{
-       int ret = -EINVAL;
-
-       if (!(server->caps & NFS_CAP_UIDGID_NOMAP))
-               ret = nfs_idmap_lookup_name(uid, "user", buf, buflen);
-       if (ret < 0)
-               ret = nfs_map_numeric_to_string(uid, buf, buflen);
-       return ret;
-}
-int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen)
-{
-       int ret = -EINVAL;
-
-       if (!(server->caps & NFS_CAP_UIDGID_NOMAP))
-               ret = nfs_idmap_lookup_name(gid, "group", buf, buflen);
-       if (ret < 0)
-               ret = nfs_map_numeric_to_string(gid, buf, buflen);
-       return ret;
-}
-
-#else  /* CONFIG_NFS_USE_NEW_IDMAPPER not defined */
-
+/* idmap classic begins here */
 #include <linux/module.h>
 #include <linux/mutex.h>
 #include <linux/init.h>
@@ -600,12 +562,21 @@ static struct notifier_block nfs_idmap_block = {
 
 int nfs_idmap_init(void)
 {
-       return rpc_pipefs_notifier_register(&nfs_idmap_block);
+       int ret;
+       ret = nfs_idmap_init_keyring();
+       if (ret != 0)
+               goto out;
+       ret = rpc_pipefs_notifier_register(&nfs_idmap_block);
+       if (ret != 0)
+               nfs_idmap_quit_keyring();
+out:
+       return ret;
 }
 
 void nfs_idmap_quit(void)
 {
        rpc_pipefs_notifier_unregister(&nfs_idmap_block);
+       nfs_idmap_quit_keyring();
 }
 
 /*
@@ -930,19 +901,27 @@ static unsigned int fnvhash32(const void *buf, size_t buflen)
 int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid)
 {
        struct idmap *idmap = server->nfs_client->cl_idmap;
+       int ret = -EINVAL;
 
        if (nfs_map_string_to_numeric(name, namelen, uid))
                return 0;
-       return nfs_idmap_id(idmap, &idmap->idmap_user_hash, name, namelen, uid);
+       ret = nfs_idmap_lookup_id(name, namelen, "uid", uid);
+       if (ret < 0)
+               ret = nfs_idmap_id(idmap, &idmap->idmap_user_hash, name, namelen, uid);
+       return ret;
 }
 
-int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid)
+int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid)
 {
        struct idmap *idmap = server->nfs_client->cl_idmap;
+       int ret = -EINVAL;
 
-       if (nfs_map_string_to_numeric(name, namelen, uid))
+       if (nfs_map_string_to_numeric(name, namelen, gid))
                return 0;
-       return nfs_idmap_id(idmap, &idmap->idmap_group_hash, name, namelen, uid);
+       ret = nfs_idmap_lookup_id(name, namelen, "gid", gid);
+       if (ret < 0)
+               ret = nfs_idmap_id(idmap, &idmap->idmap_group_hash, name, namelen, gid);
+       return ret;
 }
 
 int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen)
@@ -950,22 +929,26 @@ int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, s
        struct idmap *idmap = server->nfs_client->cl_idmap;
        int ret = -EINVAL;
 
-       if (!(server->caps & NFS_CAP_UIDGID_NOMAP))
-               ret = nfs_idmap_name(idmap, &idmap->idmap_user_hash, uid, buf);
+       if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) {
+               ret = nfs_idmap_lookup_name(uid, "user", buf, buflen);
+               if (ret < 0)
+                       ret = nfs_idmap_name(idmap, &idmap->idmap_user_hash, uid, buf);
+       }
        if (ret < 0)
                ret = nfs_map_numeric_to_string(uid, buf, buflen);
        return ret;
 }
-int nfs_map_gid_to_group(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen)
+int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen)
 {
        struct idmap *idmap = server->nfs_client->cl_idmap;
        int ret = -EINVAL;
 
-       if (!(server->caps & NFS_CAP_UIDGID_NOMAP))
-               ret = nfs_idmap_name(idmap, &idmap->idmap_group_hash, uid, buf);
+       if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) {
+               ret = nfs_idmap_lookup_name(gid, "group", buf, buflen);
+               if (ret < 0)
+                       ret = nfs_idmap_name(idmap, &idmap->idmap_group_hash, gid, buf);
+       }
        if (ret < 0)
-               ret = nfs_map_numeric_to_string(uid, buf, buflen);
+               ret = nfs_map_numeric_to_string(gid, buf, buflen);
        return ret;
 }
-
-#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */

diff --git a/fs/nfs/sysctl.c b/fs/nfs/sysctl.c
index 978aaeb8a0936617ed19cde6c5995e247b77af4c..ad4d2e787b2041d17eaacc4a1ce8097f0cc13aca 100644 (file)
--- a/fs/nfs/sysctl.c
+++ b/fs/nfs/sysctl.c
@@ -32,7 +32,6 @@ static ctl_table nfs_cb_sysctls[] = {
                .extra1 = (int *)&nfs_set_port_min,
                .extra2 = (int *)&nfs_set_port_max,
        },
-#ifndef CONFIG_NFS_USE_NEW_IDMAPPER
        {
                .procname = "idmap_cache_timeout",
                .data = &nfs_idmap_cache_timeout,
@@ -40,7 +39,6 @@ static ctl_table nfs_cb_sysctls[] = {
                .mode = 0644,
                .proc_handler = proc_dointvec_jiffies,
        },
-#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */
 #endif
        {
                .procname       = "nfs_mountpoint_timeout",

diff --git a/include/linux/nfs_idmap.h b/include/linux/nfs_idmap.h
index 3c9eeb7da646229eb70411d385f2da2901bacc45..7eed2012d288926a6317e53ead4eb7880796c7ca 100644 (file)
--- a/include/linux/nfs_idmap.h
+++ b/include/linux/nfs_idmap.h
@@ -82,24 +82,9 @@ static inline void nfs_idmap_quit(void)
 {}
 #endif
 
-#ifdef CONFIG_NFS_USE_NEW_IDMAPPER
-
-static inline int nfs_idmap_new(struct nfs_client *clp)
-{
-       return 0;
-}
-
-static inline void nfs_idmap_delete(struct nfs_client *clp)
-{
-}
-
-#else /* CONFIG_NFS_USE_NEW_IDMAPPER not set */
-
 int nfs_idmap_new(struct nfs_client *);
 void nfs_idmap_delete(struct nfs_client *);
 
-#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */
-
 void nfs_fattr_init_names(struct nfs_fattr *fattr,
                struct nfs4_string *owner_name,
                struct nfs4_string *group_name);