diff options
| author | Sachin Prabhu <sprabhu@redhat.com> | 2016-05-17 18:20:13 -0500 |
|---|---|---|
| committer | Steve French <smfrench@gmail.com> | 2016-05-19 21:56:30 -0500 |
| commit | b74cb9a80268be5c80cf4c87c74debf0ff2129ac (patch) | |
| tree | 7c9c541cbc5bd3f2177d1bec48781db404a84d8d /fs/cifs/cifsproto.h | |
| parent | 03b979dd0323ace8e29a0561cd5232f73a060c09 (diff) | |
cifs: Create dedicated keyring for spnego operations
The session key is the default keyring set for request_key operations.
This session key is revoked when the user owning the session logs out.
Any long running daemon processes started by this session ends up with
revoked session keyring which prevents these processes from using the
request_key mechanism from obtaining the krb5 keys.
The problem has been reported by a large number of autofs users. The
problem is also seen with multiuser mounts where the share may be used
by processes run by a user who has since logged out. A reproducer using
automount is available on the Red Hat bz.
The patch creates a new keyring which is used to cache cifs spnego
upcalls.
Red Hat bz: 1267754
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reported-by: Scott Mayhew <smayhew@redhat.com>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs/cifsproto.h')
| -rw-r--r-- | fs/cifs/cifsproto.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 0f9a6bc4ba43..1243bd326591 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -58,6 +58,8 @@ do { \ } while (0) extern int init_cifs_idmap(void); extern void exit_cifs_idmap(void); +extern int init_cifs_spnego(void); +extern void exit_cifs_spnego(void); extern char *build_path_from_dentry(struct dentry *); extern char *cifs_build_path_to_root(struct smb_vol *vol, struct cifs_sb_info *cifs_sb, |