>>>>> " " == Alexander Viro <[EMAIL PROTECTED]> writes:
> Umm... Let's make it pure copy-on-write cache a-la 4.4 and if
> pthreads folks need this craziness with thread-group-wide
> credentials change - let them pay upon changing credentials. I
> really don't see any point in complicating the design to
> support bogus decisions made by pthreads designers. Especially
> if it punishes normal processes. I'll need very serious
> arguments to convince me that it would be a good idea.
> What I mean is quite simple - objects in cred.cache can be
> shared, but to change the contents of object you need to make
> sure that you are the sole owner of that object. I.e.
> modify_cred(cred, ...) {
> if ((*cred)->count > 1) {
> old_cred = *cred; *cred = copy_cred(old_cred);
> put_cred(old_cred);
> } /* modify *cred */
> }
> IOW, no third-part changes of contents. Simple, easy to prove
> the correctness. Pthreads folks can just do modify_cred() for
> process credentials of all memebers of thread group. IMO trying
> to be smart and physically share the credentials for all
> threads is wrong.
Agreed, but in order to allow them to satisfy atomicity, you would
also need an interface to current->cred. I was thinking just an inline
struct ucred *lookup_ucred(struct ucred *task) {
atomic_inc(&task->cred->count);
return task->cred;
}
That way they can stuff in a condition of the form
if (task->flags & CLONE_CRED) {
do lots of locking...
}
if/when they need it.
-----------------------
Anyhow, currently I'm working with basic implementation of the
appended 2 definitions (sorry, MIME...). As you can see it is just
basic *BSD u/pcreds with COW semantics.
This would just replace the mess in struct task with a single pcred
(replacing the unnecessary fsuid/fsgid with the ucred). This info
already suffices to uniquely define AUTH_UNIX in the RPC layer, so as
far as NFS is concerned, one can already get rid of the `struct file
*' credential, and replace it with a single `struct ucred *'
----------------------
The longer term plan is then to add the extra info required by the RPC
layer (kerberos creds, AUTH_SHORT, ...) as a list carried inside the
ucred.
IOW: I want to define something for generic use by networked
filesystems:
struct authinfo {
struct list_header list;
int identifier; /* Who owns me? */
struct auth_ops ops; /* Create,
refresh,
marshall,
destroy */
char data[0] /* Whatever */
}
Upon free_ucred(), the ucred would be responsible for running through
this list, and call 'destroy' on all these extras. All other methods
in auth_ops being, for the moment, defined at the discretion of the
RPC/coda/... layer.
------------------------
Cheers,
Trond
ucred.h
ucred.c
