diff options
| author | Dan McDonald <danmcd@joyent.com> | 2020-04-14 15:33:41 -0400 |
|---|---|---|
| committer | Dan McDonald <danmcd@joyent.com> | 2020-08-14 18:39:21 -0400 |
| commit | 06260e34c28df0a3a191e42e1b51c9de745b3510 (patch) | |
| tree | d11db92b78b2f318a9ccd710507ed200afd601c9 | |
| parent | 4e81fcfe0bcce62e29d80c1e391d9a241c0ee3b1 (diff) | |
| download | illumos-joyent-06260e34c28df0a3a191e42e1b51c9de745b3510.tar.gz | |
12505 Answer KEBE question about cred in unexport()
Reviewed by: Gordon Ross <gordon.w.ross@gmail.com>
Reviewed by: Evan Layton <elayton@tintri.com>
Approved by: Robert Mustacchi <rm@fingolfin.org>
| -rw-r--r-- | usr/src/uts/common/fs/nfs/nfs4_srv_ns.c | 1 | ||||
| -rw-r--r-- | usr/src/uts/common/fs/nfs/nfs_export.c | 27 |
2 files changed, 16 insertions, 12 deletions
diff --git a/usr/src/uts/common/fs/nfs/nfs4_srv_ns.c b/usr/src/uts/common/fs/nfs/nfs4_srv_ns.c index 920ebeca53..b719b0e2ca 100644 --- a/usr/src/uts/common/fs/nfs/nfs4_srv_ns.c +++ b/usr/src/uts/common/fs/nfs/nfs4_srv_ns.c @@ -660,7 +660,6 @@ treeclimb_export(struct exportinfo *exip) if (error) break; - /* XXX KEBE ASKS DO WE NEED THIS?!? */ ASSERT3U(exip->exi_zoneid, ==, curzone->zone_id); /* * The root of the file system, or the zone's root for diff --git a/usr/src/uts/common/fs/nfs/nfs_export.c b/usr/src/uts/common/fs/nfs/nfs_export.c index 080dfe1adf..b18912d154 100644 --- a/usr/src/uts/common/fs/nfs/nfs_export.c +++ b/usr/src/uts/common/fs/nfs/nfs_export.c @@ -85,7 +85,7 @@ static bool_t exi_id_overflow; avl_tree_t exi_id_tree; kmutex_t nfs_exi_id_lock; -static int unexport(nfs_export_t *, exportinfo_t *); +static int unexport(nfs_export_t *, exportinfo_t *, cred_t *); static void exportfree(exportinfo_t *); static int loadindex(exportdata_t *); @@ -975,7 +975,15 @@ nfs_export_zone_shutdown(nfs_globals_t *ng) nfs_export_t *ne = ng->nfs_export; struct exportinfo *exi, *nexi; int i, errors; + zoneid_t zoneid = ng->nfs_zoneid; + cred_t *cr; + /* + * Use the zone's credential. Since this is a zone shutdown method, + * the zone_t should still be around for a zone_get_kcred() call. + */ + cr = zone_get_kcred(zoneid); + VERIFY(cr != NULL); rw_enter(&ne->exported_lock, RW_READER); errors = 0; @@ -986,7 +994,7 @@ nfs_export_zone_shutdown(nfs_globals_t *ng) exi_hold(exi); while (exi != NULL) { - + ASSERT3U(zoneid, ==, exi->exi_zoneid); /* * Get and hold next export before * dropping the rwlock and unexport @@ -1002,7 +1010,7 @@ nfs_export_zone_shutdown(nfs_globals_t *ng) * create/destroy handling. */ if (exi != ne->exi_root && - unexport(ne, exi) != 0) + unexport(ne, exi, cr) != 0) errors++; exi_rele(exi); @@ -1016,6 +1024,7 @@ nfs_export_zone_shutdown(nfs_globals_t *ng) } rw_exit(&ne->exported_lock); + crfree(cr); } void @@ -1286,7 +1295,7 @@ exportfs(struct exportfs_args *args, model_t model, cred_t *cr) pn_free(&lookpn); if (ex1 == NULL) return (EINVAL); - error = unexport(ne, ex1); + error = unexport(ne, ex1, cr); exi_rele(ex1); return (error); } @@ -1886,7 +1895,7 @@ export_unlink(nfs_export_t *ne, struct exportinfo *exi) * Unexport an exported filesystem */ static int -unexport(nfs_export_t *ne, struct exportinfo *exi) +unexport(nfs_export_t *ne, struct exportinfo *exi, cred_t *cr) { struct secinfo cursec[MAX_FLAVORS]; int curcnt; @@ -1954,18 +1963,14 @@ unexport(nfs_export_t *ne, struct exportinfo *exi) * the public filehandle to the root. */ - /* - * XXX KEBE ASKS --> Should CRED() instead be - * exi->exi_zone->zone_kcred? - */ if (exi == ne->exi_public) { ne->exi_public = ne->exi_root; - nfslog_share_record(ne->exi_public, CRED()); + nfslog_share_record(ne->exi_public, cr); } if (exi->exi_export.ex_flags & EX_LOG) - nfslog_unshare_record(exi, CRED()); + nfslog_unshare_record(exi, cr); exi_rele(exi); return (0); |