Upstream has changed the way it wants to introduce the new keyring based id mapping. These three patches reflect that change.

Signed-off-by: Steve Dickson steved@redhat.com --- kernel.spec | 6 + linux-3.2-newidmapper-01.patch | 217 ++++++++++++++++++++++++++++++++++++++++ linux-3.2-newidmapper-02.patch | 97 ++++++++++++++++++ linux-3.2-newidmapper-03.patch | 40 ++++++++ 4 files changed, 360 insertions(+), 0 deletions(-) create mode 100644 linux-3.2-newidmapper-01.patch create mode 100644 linux-3.2-newidmapper-02.patch create mode 100644 linux-3.2-newidmapper-03.patch

diff --git a/kernel.spec b/kernel.spec index 5f324c6..4e9e432 100644 --- a/kernel.spec +++ b/kernel.spec @@ -716,6 +716,9 @@ Patch2901: linux-2.6-v4l-dvb-experimental.patch

# NFSv4 Patch1101: linux-3.1-keys-remove-special-keyring.patch +Patch1102: linux-3.2-newidmapper-01.patch +Patch1103: linux-3.2-newidmapper-02.patch +Patch1104: linux-3.2-newidmapper-03.patch

# patches headed upstream Patch12016: disable-i8042-check-on-apple-mac.patch @@ -1325,6 +1328,9 @@ ApplyPatch arm-smsc-support-reading-mac-address-from-device-tree.patch

# NFSv4 ApplyPatch linux-3.1-keys-remove-special-keyring.patch +ApplyPatch linux-3.2-newidmapper-01.patch +ApplyPatch linux-3.2-newidmapper-02.patch +ApplyPatch linux-3.2-newidmapper-03.patch

# USB

diff --git a/linux-3.2-newidmapper-01.patch b/linux-3.2-newidmapper-01.patch new file mode 100644 index 0000000..9afbb93 --- /dev/null +++ b/linux-3.2-newidmapper-01.patch @@ -0,0 +1,217 @@ +commit e6499c6f4b5f56a16f8b8ef60529c1da28b13aea +Author: Bryan Schumaker bjschuma@netapp.com +Date: Thu Jan 26 16:54:23 2012 -0500 + + NFS: Fall back on old idmapper if request_key() fails + + This patch removes the CONFIG_NFS_USE_NEW_IDMAPPER compile option. + First, the idmapper will attempt to map the id using /sbin/request-key + and nfsidmap. If this fails (if /etc/request-key.conf is not configured + properly) then the idmapper will call the legacy code to perform the + mapping. I left a comment stating where the legacy code begins to make + it easier for somebody to remove in the future. + + Signed-off-by: Bryan Schumaker bjschuma@netapp.com + Signed-off-by: Trond Myklebust Trond.Myklebust@netapp.com + +diff -up linux-3.2.noarch/fs/nfs/idmap.c.orig linux-3.2.noarch/fs/nfs/idmap.c +--- linux-3.2.noarch/fs/nfs/idmap.c.orig 2012-01-27 10:07:07.209851446 -0500 ++++ linux-3.2.noarch/fs/nfs/idmap.c 2012-01-27 10:15:42.914563082 -0500 +@@ -142,8 +142,6 @@ static int nfs_map_numeric_to_string(__u + return snprintf(buf, buflen, "%u", id); + } + +-#ifdef CONFIG_NFS_USE_NEW_IDMAPPER +- + #include <linux/cred.h> + #include <linux/sunrpc/sched.h> + #include <linux/nfs4.h> +@@ -328,43 +326,7 @@ static int nfs_idmap_lookup_id(const cha + return ret; + } + +-int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid) +-{ +- if (nfs_map_string_to_numeric(name, namelen, uid)) +- return 0; +- return nfs_idmap_lookup_id(name, namelen, "uid", uid); +-} +- +-int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid) +-{ +- if (nfs_map_string_to_numeric(name, namelen, gid)) +- return 0; +- return nfs_idmap_lookup_id(name, namelen, "gid", gid); +-} +- +-int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen) +-{ +- int ret = -EINVAL; +- +- if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) +- ret = nfs_idmap_lookup_name(uid, "user", buf, buflen); +- if (ret < 0) +- ret = nfs_map_numeric_to_string(uid, buf, buflen); +- return ret; +-} +-int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen) +-{ +- int ret = -EINVAL; +- +- if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) +- ret = nfs_idmap_lookup_name(gid, "group", buf, buflen); +- if (ret < 0) +- ret = nfs_map_numeric_to_string(gid, buf, buflen); +- return ret; +-} +- +-#else /* CONFIG_NFS_USE_NEW_IDMAPPER not defined */ +- ++/* idmap classic begins here */ + #include <linux/module.h> + #include <linux/mutex.h> + #include <linux/init.h> +@@ -796,19 +758,27 @@ static unsigned int fnvhash32(const void + int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid) + { + struct idmap *idmap = server->nfs_client->cl_idmap; ++ int ret = -EINVAL; + + if (nfs_map_string_to_numeric(name, namelen, uid)) + return 0; +- return nfs_idmap_id(idmap, &idmap->idmap_user_hash, name, namelen, uid); ++ ret = nfs_idmap_lookup_id(name, namelen, "uid", uid); ++ if (ret < 0) ++ ret = nfs_idmap_id(idmap, &idmap->idmap_user_hash, name, namelen, uid); ++ return ret; + } + +-int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid) ++int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid) + { + struct idmap *idmap = server->nfs_client->cl_idmap; ++ int ret = -EINVAL; + +- if (nfs_map_string_to_numeric(name, namelen, uid)) ++ if (nfs_map_string_to_numeric(name, namelen, gid)) + return 0; +- return nfs_idmap_id(idmap, &idmap->idmap_group_hash, name, namelen, uid); ++ ret = nfs_idmap_lookup_id(name, namelen, "gid", gid); ++ if (ret < 0) ++ ret = nfs_idmap_id(idmap, &idmap->idmap_group_hash, name, namelen, gid); ++ return ret; + } + + int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen) +@@ -816,22 +786,26 @@ int nfs_map_uid_to_name(const struct nfs + struct idmap *idmap = server->nfs_client->cl_idmap; + int ret = -EINVAL; + +- if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) +- ret = nfs_idmap_name(idmap, &idmap->idmap_user_hash, uid, buf); ++ if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) { ++ ret = nfs_idmap_lookup_name(uid, "user", buf, buflen); ++ if (ret < 0) ++ ret = nfs_idmap_name(idmap, &idmap->idmap_user_hash, uid, buf); ++ } + if (ret < 0) + ret = nfs_map_numeric_to_string(uid, buf, buflen); + return ret; + } +-int nfs_map_gid_to_group(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen) ++int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen) + { + struct idmap *idmap = server->nfs_client->cl_idmap; + int ret = -EINVAL; + +- if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) +- ret = nfs_idmap_name(idmap, &idmap->idmap_group_hash, uid, buf); ++ if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) { ++ ret = nfs_idmap_lookup_name(gid, "group", buf, buflen); ++ if (ret < 0) ++ ret = nfs_idmap_name(idmap, &idmap->idmap_group_hash, gid, buf); ++ } + if (ret < 0) +- ret = nfs_map_numeric_to_string(uid, buf, buflen); ++ ret = nfs_map_numeric_to_string(gid, buf, buflen); + return ret; + } +- +-#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */ +diff -up linux-3.2.noarch/fs/nfs/Kconfig.orig linux-3.2.noarch/fs/nfs/Kconfig +--- linux-3.2.noarch/fs/nfs/Kconfig.orig 2012-01-04 18:55:44.000000000 -0500 ++++ linux-3.2.noarch/fs/nfs/Kconfig 2012-01-27 10:15:42.913562572 -0500 +@@ -132,14 +132,3 @@ config NFS_USE_KERNEL_DNS + select DNS_RESOLVER + select KEYS + default y +- +-config NFS_USE_NEW_IDMAPPER +- bool "Use the new idmapper upcall routine" +- depends on NFS_V4 && KEYS +- help +- Say Y here if you want NFS to use the new idmapper upcall functions. +- You will need /sbin/request-key (usually provided by the keyutils +- package). For details, read +- file:Documentation/filesystems/nfs/idmapper.txt. +- +- If you are unsure, say N. +diff -up linux-3.2.noarch/fs/nfs/sysctl.c.orig linux-3.2.noarch/fs/nfs/sysctl.c +--- linux-3.2.noarch/fs/nfs/sysctl.c.orig 2012-01-04 18:55:44.000000000 -0500 ++++ linux-3.2.noarch/fs/nfs/sysctl.c 2012-01-27 10:15:42.914563082 -0500 +@@ -32,7 +32,6 @@ static ctl_table nfs_cb_sysctls[] = { + .extra1 = (int *)&nfs_set_port_min, + .extra2 = (int *)&nfs_set_port_max, + }, +-#ifndef CONFIG_NFS_USE_NEW_IDMAPPER + { + .procname = "idmap_cache_timeout", + .data = &nfs_idmap_cache_timeout, +@@ -40,7 +39,6 @@ static ctl_table nfs_cb_sysctls[] = { + .mode = 0644, + .proc_handler = proc_dointvec_jiffies, + }, +-#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */ + #endif + { + .procname = "nfs_mountpoint_timeout", +diff -up linux-3.2.noarch/include/linux/nfs_idmap.h.orig linux-3.2.noarch/include/linux/nfs_idmap.h +--- linux-3.2.noarch/include/linux/nfs_idmap.h.orig 2012-01-27 10:06:46.783643915 -0500 ++++ linux-3.2.noarch/include/linux/nfs_idmap.h 2012-01-27 10:15:42.915563594 -0500 +@@ -69,36 +69,11 @@ struct nfs_server; + struct nfs_fattr; + struct nfs4_string; + +-#ifdef CONFIG_NFS_USE_NEW_IDMAPPER +- + int nfs_idmap_init(void); + void nfs_idmap_quit(void); +- +-static inline int nfs_idmap_new(struct nfs_client *clp) +-{ +- return 0; +-} +- +-static inline void nfs_idmap_delete(struct nfs_client *clp) +-{ +-} +- +-#else /* CONFIG_NFS_USE_NEW_IDMAPPER not set */ +- +-static inline int nfs_idmap_init(void) +-{ +- return 0; +-} +- +-static inline void nfs_idmap_quit(void) +-{ +-} +- + int nfs_idmap_new(struct nfs_client *); + void nfs_idmap_delete(struct nfs_client *); + +-#endif /* CONFIG_NFS_USE_NEW_IDMAPPER */ +- + void nfs_fattr_init_names(struct nfs_fattr *fattr, + struct nfs4_string *owner_name, + struct nfs4_string *group_name); diff --git a/linux-3.2-newidmapper-02.patch b/linux-3.2-newidmapper-02.patch new file mode 100644 index 0000000..9307ee0 --- /dev/null +++ b/linux-3.2-newidmapper-02.patch @@ -0,0 +1,97 @@ +commit 3cd0f37a2cc9e4d6188df10041a2441eaa41d991 +Author: Bryan Schumaker bjschuma@netapp.com +Date: Thu Jan 26 16:54:24 2012 -0500 + + NFS: Keep idmapper include files in one place + + Signed-off-by: Bryan Schumaker bjschuma@netapp.com + Signed-off-by: Trond Myklebust Trond.Myklebust@netapp.com + +diff -up linux-3.2.noarch/fs/nfs/idmap.c.orig linux-3.2.noarch/fs/nfs/idmap.c +--- linux-3.2.noarch/fs/nfs/idmap.c.orig 2012-01-27 10:15:42.914563082 -0500 ++++ linux-3.2.noarch/fs/nfs/idmap.c 2012-01-27 10:19:22.711401559 -0500 +@@ -39,6 +39,36 @@ + #include <linux/slab.h> + #include <linux/nfs_idmap.h> + #include <linux/nfs_fs.h> ++#include <linux/cred.h> ++#include <linux/sunrpc/sched.h> ++#include <linux/nfs4.h> ++#include <linux/nfs_fs_sb.h> ++#include <linux/keyctl.h> ++#include <linux/key-type.h> ++#include <linux/rcupdate.h> ++#include <linux/err.h> ++#include <keys/user-type.h> ++ ++/* include files needed by legacy idmapper */ ++#include <linux/module.h> ++#include <linux/mutex.h> ++#include <linux/init.h> ++#include <linux/socket.h> ++#include <linux/in.h> ++#include <linux/sched.h> ++#include <linux/sunrpc/clnt.h> ++#include <linux/workqueue.h> ++#include <linux/sunrpc/rpc_pipe_fs.h> ++#include <linux/nfs_fs.h> ++#include "nfs4_fs.h" ++ ++#define NFS_UINT_MAXLEN 11 ++#define IDMAP_HASH_SZ 128 ++ ++/* Default cache timeout is 10 minutes */ ++unsigned int nfs_idmap_cache_timeout = 600 * HZ; ++const struct cred *id_resolver_cache; ++ + + /** + * nfs_fattr_init_names - initialise the nfs_fattr owner_name/group_name fields +@@ -142,21 +172,6 @@ static int nfs_map_numeric_to_string(__u + return snprintf(buf, buflen, "%u", id); + } + +-#include <linux/cred.h> +-#include <linux/sunrpc/sched.h> +-#include <linux/nfs4.h> +-#include <linux/nfs_fs_sb.h> +-#include <linux/keyctl.h> +-#include <linux/key-type.h> +-#include <linux/rcupdate.h> +-#include <linux/err.h> +- +-#include <keys/user-type.h> +- +-#define NFS_UINT_MAXLEN 11 +- +-const struct cred *id_resolver_cache; +- + struct key_type key_type_id_resolver = { + .name = "id_resolver", + .instantiate = user_instantiate, +@@ -327,25 +342,6 @@ static int nfs_idmap_lookup_id(const cha + } + + /* idmap classic begins here */ +-#include <linux/module.h> +-#include <linux/mutex.h> +-#include <linux/init.h> +-#include <linux/socket.h> +-#include <linux/in.h> +-#include <linux/sched.h> +-#include <linux/sunrpc/clnt.h> +-#include <linux/workqueue.h> +-#include <linux/sunrpc/rpc_pipe_fs.h> +- +-#include <linux/nfs_fs.h> +- +-#include "nfs4_fs.h" +- +-#define IDMAP_HASH_SZ 128 +- +-/* Default cache timeout is 10 minutes */ +-unsigned int nfs_idmap_cache_timeout = 600 * HZ; +- + static int param_set_idmap_timeout(const char *val, struct kernel_param *kp) + { + char *endp; diff --git a/linux-3.2-newidmapper-03.patch b/linux-3.2-newidmapper-03.patch new file mode 100644 index 0000000..7018e35 --- /dev/null +++ b/linux-3.2-newidmapper-03.patch @@ -0,0 +1,40 @@ +commit a602bea3e7ccc5ce3da61d2c18245c4058983926 +Author: Bryan Schumaker bjschuma@netapp.com +Date: Thu Jan 26 16:54:25 2012 -0500 + + NFS: Update idmapper documentation + + Signed-off-by: Bryan Schumaker bjschuma@netapp.com + Signed-off-by: Trond Myklebust Trond.Myklebust@netapp.com + +diff -up linux-3.2.noarch/Documentation/filesystems/nfs/idmapper.txt.orig linux-3.2.noarch/Documentation/filesystems/nfs/idmapper.txt +--- linux-3.2.noarch/Documentation/filesystems/nfs/idmapper.txt.orig 2012-01-04 18:55:44.000000000 -0500 ++++ linux-3.2.noarch/Documentation/filesystems/nfs/idmapper.txt 2012-01-27 10:19:55.406740364 -0500 +@@ -4,13 +4,21 @@ ID Mapper + ========= + Id mapper is used by NFS to translate user and group ids into names, and to + translate user and group names into ids. Part of this translation involves +-performing an upcall to userspace to request the information. Id mapper will +-user request-key to perform this upcall and cache the result. The program +-/usr/sbin/nfs.idmap should be called by request-key, and will perform the +-translation and initialize a key with the resulting information. ++performing an upcall to userspace to request the information. There are two ++ways NFS could obtain this information: placing a call to /sbin/request-key ++or by placing a call to the rpc.idmap daemon. ++ ++NFS will attempt to call /sbin/request-key first. If this succeeds, the ++result will be cached using the generic request-key cache. This call should ++only fail if /etc/request-key.conf is not configured for the id_resolver key ++type, see the "Configuring" section below if you wish to use the request-key ++method. ++ ++If the call to /sbin/request-key fails (if /etc/request-key.conf is not ++configured with the id_resolver key type), then the idmapper will ask the ++legacy rpc.idmap daemon for the id mapping. This result will be stored ++in a custom NFS idmap cache. + +- NFS_USE_NEW_IDMAPPER must be selected when configuring the kernel to use this +- feature. + + =========== + Configuring