git.baikalelectronics.ru Git - kernel.git/commit

author	Sachin Prabhu <sprabhu@redhat.com>
	Tue, 17 May 2016 23:20:13 +0000 (18:20 -0500)
committer	Steve French <smfrench@gmail.com>
	Fri, 20 May 2016 02:56:30 +0000 (21:56 -0500)
commit	f6bb4a8f5627cf70cc92297e99d506c01bff74fa
tree	7c9c541cbc5bd3f2177d1bec48781db404a84d8d	tree \| snapshot
parent	29a102ef192394f31bd0d2b90b8460325e383ea8	commit \| diff

cifs: Create dedicated keyring for spnego operations

The session key is the default keyring set for request_key operations.
This session key is revoked when the user owning the session logs out.
Any long running daemon processes started by this session ends up with
revoked session keyring which prevents these processes from using the
request_key mechanism from obtaining the krb5 keys.

The problem has been reported by a large number of autofs users. The
problem is also seen with multiuser mounts where the share may be used
by processes run by a user who has since logged out. A reproducer using
automount is available on the Red Hat bz.

The patch creates a new keyring which is used to cache cifs spnego
upcalls.

Red Hat bz: 1267754

Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reported-by: Scott Mayhew <smayhew@redhat.com>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <smfrench@gmail.com>

fs/cifs/cifs_spnego.c		diff \| blob \| history
fs/cifs/cifsfs.c		diff \| blob \| history
fs/cifs/cifsproto.h		diff \| blob \| history