SUNRPC handle EKEYEXPIRED in call_refreshresult

Currently, when an RPCSEC_GSS context has expired or is non-existent and the users (Kerberos) credentials have also expired or are non-existent, the client receives the -EKEYEXPIRED error and tries to refresh the context forever. If an application is performing I/O, or other work against the share, the application hangs, and the user is not prompted to refresh/establish their credentials. This can result in a denial of service for other users. Users are expected to manage their Kerberos credential lifetimes to mitigate this issue. Move the -EKEYEXPIRED handling into the RPC layer. Try tk_cred_retry number of times to refresh the gss_context, and then return -EACCES to the application. Signed-off-by: Andy Adamson <andros@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
author: Andy Adamson <andros@netapp.com> 2012-11-27 10:34:19 -0500
committer: Trond Myklebust <Trond.Myklebust@netapp.com> 2012-12-12 15:36:02 -0500
commit: eb96d5c97b0825d542e9c4ba5e0a22b519355166 (patch)
tree: 62c98e2bdbcc7334a7043725d1fd81a589a75177 /net/sunrpc
parent: 620038f6d2304475dce800dc5c75fc335a19613a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index c69e199b1082..55e174f2d02f 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -1381,6 +1381,7 @@ call_refreshresult(struct rpc_task *task)
 		return;
 	case -ETIMEDOUT:
 		rpc_delay(task, 3*HZ);
+	case -EKEYEXPIRED:
 	case -EAGAIN:
 		status = -EACCES;
 		if (!task->tk_cred_retry)
author	Andy Adamson <andros@netapp.com>	2012-11-27 10:34:19 -0500
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	2012-12-12 15:36:02 -0500
commit	eb96d5c97b0825d542e9c4ba5e0a22b519355166 (patch)
tree	62c98e2bdbcc7334a7043725d1fd81a589a75177 /net/sunrpc
parent	620038f6d2304475dce800dc5c75fc335a19613a (diff)