[Labeled-nfs] Client process label operation (OP_PUTCLIENTLABEL)
Matthew N. Dodd
Matthew.Dodd at sparta.com
Wed Dec 5 10:32:42 EST 2007
So, as an alternative to a new RPCSEC flavor, encoding the requesting
process label in all client compound operations was suggested.
Attached is a patch that demonstrates one way of doing this.
For demonstration purposes I'm forcing the addition of a
OP_PUTCLIENTLABEL in encode_compound_hdr(), which covers all NFSv4
operations sent to the server. This is ideal as it involves the least
amount of code change.
I'd like to make this behavior conditional on
'server->caps & NFS_CAP_SECURITY_LABEL' (added in other patches).
My problem is that there appears to be no way of performing conditional
operations based on server capabilities in nfs/nfs4xdr.c as the context
passed in by the RPC dispatch doesn't have any way of producing a
'struct nfs_server'.
I'd like to avoid having to change every operation argument.
Opaque data pointers in 'struct rpc_xprt' might help.
Ideas?
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: nfs-putclientlabel.patch
Url: http://linux-nfs.org/pipermail/labeled-nfs/attachments/20071205/ab71af38/attachment.txt
More information about the Labeled-nfs
mailing list