On Jul 16, 2012, at 2:44 PM, Myklebust, Trond wrote: > On Wed, 2012-06-27 at 16:05 -0400, andros@xxxxxxxxxx wrote: >> From: Andy Adamson <andros@xxxxxxxxxx> >> >> When an RPCSEC_GSS context has expired or is non-existent, and the user >> (Kerberos) credentials have also expired or are non-existent, the client >> retries to refresh the context for ever and the application >> hangs. The user is not prompted to refresh/establish their credentials. >> >> Move the -EKEYEXPIRED handling into the RPC layer. Try tk_cred_retry number >> of times to refresh the gss_context, and then pass -EPERM to application. >> >> Signed-off-by: Andy Adamson <andros@xxxxxxxxxx> >> --- >> fs/nfs/nfs4proc.c | 2 -- >> net/sunrpc/clnt.c | 4 ++++ >> 2 files changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c >> index 5a7b372..2f291b3 100644 >> --- a/fs/nfs/nfs4proc.c >> +++ b/fs/nfs/nfs4proc.c >> @@ -342,7 +342,6 @@ static int nfs4_handle_exception(struct nfs_server *server, int errorcode, struc >> } >> case -NFS4ERR_GRACE: >> case -NFS4ERR_DELAY: >> - case -EKEYEXPIRED: >> ret = nfs4_delay(server->client, &exception->timeout); >> if (ret != 0) >> break; >> @@ -3939,7 +3938,6 @@ nfs4_async_handle_error(struct rpc_task *task, const struct nfs_server *server, >> case -NFS4ERR_DELAY: >> nfs_inc_server_stats(server, NFSIOS_DELAY); >> case -NFS4ERR_GRACE: >> - case -EKEYEXPIRED: >> rpc_delay(task, NFS4_POLL_RETRY_MAX); >> task->tk_status = 0; >> return -EAGAIN; >> diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c >> index f56f045..a94fc0c 100644 >> --- a/net/sunrpc/clnt.c >> +++ b/net/sunrpc/clnt.c >> @@ -1334,8 +1334,12 @@ call_refreshresult(struct rpc_task *task) >> return; >> case -ETIMEDOUT: >> rpc_delay(task, 3*HZ); >> + case -EKEYEXPIRED: >> + status = -EPERM; > > This needs to be EACCES… Agreed. I'll also remove all -EKEYEXPIRED handling from NFS. -->Andy > >> + goto cred_retry; >> case -EAGAIN: >> status = -EACCES; >> +cred_retry: >> if (!task->tk_cred_retry) >> break; >> task->tk_cred_retry--; > > -- > Trond Myklebust > Linux NFS client maintainer > > NetApp > Trond.Myklebust@xxxxxxxxxx > www.netapp.com > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
