On Mon, Aug 7, 2017 at 12:27 PM, Jeff Layton <jlayton@xxxxxxxxxx> wrote: > On Fri, 2017-08-04 at 10:49 -0400, Olga Kornievskaia wrote: >> Allow a user to call into the file system and ask to destroy FS >> credentials. For instance, when the user logs out after using >> a kerberized NFS share, he destroys Kerberos credentials but NFS >> credentials remain valid until the gss context expires. Allow >> the user (or things like pam) to trigger destruction of such >> credentials. >> >> A userland application would do: >> >> fd = open("/mnt", O_DIRECTORY|O_RDONLY); >> syscall(_NR_destroy_creds, fd); >> >> v2: fixing a hasty IS_DIR check, definition of __NR_destroy_creds >> and order of the patches >> >> Olga Kornievskaia (3): >> VFS adding destroy_creds call >> SUNRPC mark user credentials destroyed >> NFS define vfs destroy_creds functions >> >> arch/x86/entry/syscalls/syscall_32.tbl | 1 + >> arch/x86/entry/syscalls/syscall_64.tbl | 1 + >> fs/nfs/dir.c | 8 ++++++++ >> fs/read_write.c | 22 ++++++++++++++++++++++ >> include/linux/fs.h | 2 ++ >> include/linux/sunrpc/auth.h | 5 +++++ >> include/linux/syscalls.h | 2 +- >> include/uapi/asm-generic/unistd.h | 4 +++- >> kernel/sys_ni.c | 1 + >> net/sunrpc/auth.c | 9 +++++++++ >> net/sunrpc/auth_generic.c | 15 +++++++++++++++ >> net/sunrpc/auth_gss/auth_gss.c | 3 +++ >> 12 files changed, 71 insertions(+), 2 deletions(-) >> > > I think I'd like to see a proposed manpage for this syscall. > And better CC linux-api... > How do you expect this syscall to be used by userland? What will call it > and under what circumstances? > > Also, this looks at first glance like a single-purpose, single- > filesystem call. Would this have any purpose at all outside of NFS? > Would this be usable with CIFS or Ceph in some fashion? > > -- > Jeff Layton <jlayton@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html