On Tue, Mar 20, 2018 at 01:35:51PM +0000, David Howells wrote:
> J. Bruce Fields <bfields@xxxxxxxxxx> wrote:
>
> > @@ -139,6 +139,9 @@ struct cred {
> > struct key *thread_keyring; /* keyring private to this thread */
> > struct key *request_key_auth; /* assumed request_key authority */
> > #endif
> > +#ifdef CONFIG_FILE_LOCKING
> > + void *lease_breaker; /* identify NFS client breaking a delegation */
> > +#endif
> > #ifdef CONFIG_SECURITY
> > void *security; /* subjective LSM security */
> > #endif
>
> Sorry, but ewww.
I'm sure you're right, but, to make sure I understand:
> Two reasons for that comment:
>
> (1) The cred struct may get retained long past where you expect if it gets
> attached to another process or a file descriptor.
How would that happen in the case of a knfsd thread?
> (2) The ->lease_breaker pointer needs lifetime management in cred.c. It will
> potentially get copied around and may need cleaning up.
Hm, OK.
> Can you stick your breaker identity in a key struct as Jeff suggested?
Probably so. I'm unfamiliar with the keyring code. How would you
recommend doing that?
--b.
