[pnfs] cl_ex_cred questions

[Benny Halevy]

Hey Andy and Ricardo,

While porting to 2.6.26 I looked into the renewal cred mechanism,
originally introduced in these commits:
c7f59a0f "nfs41: sessions exchange_id AUTH_SYS root cred"
c55e803a "nfs41: Move NULL credential checking from the reclaimer into nfs4_init_clientid()."

One problem I saw is that there seems to be a leak of the cred
the caller passes establish_id().

Previously, reclaimer() passed the creds down to nfs4_init_client
and then dereferenced the cred using put_rpccred.

Then, commit c55e803a moved the responsibility to call put_rpccred
from the caller to the callee, via ops->establish_clid. *But*, only
nfs4_init_clientid is doing that, not _nfs4_proc_exchange_id.

I think this is wrongly coded and the caller should put the creds
it got.  The callee can always take a ref count on the cred if
it wishes to keep it (and using get_rpccred, not by atomic_inc of
cr_count as currently coded).

Second question is what creds should exchange_id use?
and what creds it should keep for renewal?

Currently, it always uses the creds it received from the caller
to send the exchange_id rpc and if it succeeded and
clnt->cl_auth->au_flavor == RPC_AUTH_UNIX && current->fsuid == 0
it gets a new set of creds using rpcauth_lookupcred.

Note that we take an extra ref count on these creds
and that seems to be yet another leak since it's being
put only once in nfs_free_client...

Why do we need to call rpcauth_lookupcred(), why not
just keep the creds used for the successful exchange_id?

What happens if cl_ex_cred is not NULL on entry to
_nfs4_proc_exchange_id()?  Can't this happen?
Shouldn't we reuse it for sending the exchange_id?
Also, we set cl_ex_cred unconditionally. If it wasn't
null, we step on the previous value and YAL (yet another leak ;-)

Last question is in case the auth_sys condition is false,
cl_ex_creds may be left as NULL. Then what?
get_state_renewal_cred will just return NULL and we might
get into an endless renewal loop.

Benny