2 * linux/net/sunrpc/auth.c
4 * Generic RPC client authentication API.
6 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
9 #include <linux/types.h>
10 #include <linux/sched.h>
11 #include <linux/cred.h>
12 #include <linux/module.h>
13 #include <linux/slab.h>
14 #include <linux/errno.h>
15 #include <linux/hash.h>
16 #include <linux/sunrpc/clnt.h>
17 #include <linux/sunrpc/gss_api.h>
18 #include <linux/spinlock.h>
20 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
21 # define RPCDBG_FACILITY RPCDBG_AUTH
24 #define RPC_CREDCACHE_DEFAULT_HASHBITS (4)
25 struct rpc_cred_cache {
26 struct hlist_head *hashtable;
27 unsigned int hashbits;
31 static unsigned int auth_hashbits = RPC_CREDCACHE_DEFAULT_HASHBITS;
33 static const struct rpc_authops __rcu *auth_flavors[RPC_AUTH_MAXFLAVOR] = {
34 [RPC_AUTH_NULL] = (const struct rpc_authops __force __rcu *)&authnull_ops,
35 [RPC_AUTH_UNIX] = (const struct rpc_authops __force __rcu *)&authunix_ops,
36 NULL, /* others can be loadable modules */
39 static LIST_HEAD(cred_unused);
40 static unsigned long number_cred_unused;
42 static struct cred machine_cred = {
43 .usage = ATOMIC_INIT(1),
44 #ifdef CONFIG_DEBUG_CREDENTIALS
50 * Return the machine_cred pointer to be used whenever
51 * the a generic machine credential is needed.
53 const struct cred *rpc_machine_cred(void)
57 EXPORT_SYMBOL_GPL(rpc_machine_cred);
59 #define MAX_HASHTABLE_BITS (14)
60 static int param_set_hashtbl_sz(const char *val, const struct kernel_param *kp)
68 ret = kstrtoul(val, 0, &num);
72 if (nbits > MAX_HASHTABLE_BITS || nbits < 2)
74 *(unsigned int *)kp->arg = nbits;
80 static int param_get_hashtbl_sz(char *buffer, const struct kernel_param *kp)
84 nbits = *(unsigned int *)kp->arg;
85 return sprintf(buffer, "%u", 1U << nbits);
88 #define param_check_hashtbl_sz(name, p) __param_check(name, p, unsigned int);
90 static const struct kernel_param_ops param_ops_hashtbl_sz = {
91 .set = param_set_hashtbl_sz,
92 .get = param_get_hashtbl_sz,
95 module_param_named(auth_hashtable_size, auth_hashbits, hashtbl_sz, 0644);
96 MODULE_PARM_DESC(auth_hashtable_size, "RPC credential cache hashtable size");
98 static unsigned long auth_max_cred_cachesize = ULONG_MAX;
99 module_param(auth_max_cred_cachesize, ulong, 0644);
100 MODULE_PARM_DESC(auth_max_cred_cachesize, "RPC credential maximum total cache size");
103 pseudoflavor_to_flavor(u32 flavor) {
104 if (flavor > RPC_AUTH_MAXFLAVOR)
110 rpcauth_register(const struct rpc_authops *ops)
112 const struct rpc_authops *old;
113 rpc_authflavor_t flavor;
115 if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
117 old = cmpxchg((const struct rpc_authops ** __force)&auth_flavors[flavor], NULL, ops);
118 if (old == NULL || old == ops)
122 EXPORT_SYMBOL_GPL(rpcauth_register);
125 rpcauth_unregister(const struct rpc_authops *ops)
127 const struct rpc_authops *old;
128 rpc_authflavor_t flavor;
130 if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
133 old = cmpxchg((const struct rpc_authops ** __force)&auth_flavors[flavor], ops, NULL);
134 if (old == ops || old == NULL)
138 EXPORT_SYMBOL_GPL(rpcauth_unregister);
140 static const struct rpc_authops *
141 rpcauth_get_authops(rpc_authflavor_t flavor)
143 const struct rpc_authops *ops;
145 if (flavor >= RPC_AUTH_MAXFLAVOR)
149 ops = rcu_dereference(auth_flavors[flavor]);
152 request_module("rpc-auth-%u", flavor);
154 ops = rcu_dereference(auth_flavors[flavor]);
158 if (!try_module_get(ops->owner))
166 rpcauth_put_authops(const struct rpc_authops *ops)
168 module_put(ops->owner);
172 * rpcauth_get_pseudoflavor - check if security flavor is supported
173 * @flavor: a security flavor
174 * @info: a GSS mech OID, quality of protection, and service value
176 * Verifies that an appropriate kernel module is available or already loaded.
177 * Returns an equivalent pseudoflavor, or RPC_AUTH_MAXFLAVOR if "flavor" is
178 * not supported locally.
181 rpcauth_get_pseudoflavor(rpc_authflavor_t flavor, struct rpcsec_gss_info *info)
183 const struct rpc_authops *ops = rpcauth_get_authops(flavor);
184 rpc_authflavor_t pseudoflavor;
187 return RPC_AUTH_MAXFLAVOR;
188 pseudoflavor = flavor;
189 if (ops->info2flavor != NULL)
190 pseudoflavor = ops->info2flavor(info);
192 rpcauth_put_authops(ops);
195 EXPORT_SYMBOL_GPL(rpcauth_get_pseudoflavor);
198 * rpcauth_get_gssinfo - find GSS tuple matching a GSS pseudoflavor
199 * @pseudoflavor: GSS pseudoflavor to match
200 * @info: rpcsec_gss_info structure to fill in
202 * Returns zero and fills in "info" if pseudoflavor matches a
203 * supported mechanism.
206 rpcauth_get_gssinfo(rpc_authflavor_t pseudoflavor, struct rpcsec_gss_info *info)
208 rpc_authflavor_t flavor = pseudoflavor_to_flavor(pseudoflavor);
209 const struct rpc_authops *ops;
212 ops = rpcauth_get_authops(flavor);
217 if (ops->flavor2info != NULL)
218 result = ops->flavor2info(pseudoflavor, info);
220 rpcauth_put_authops(ops);
223 EXPORT_SYMBOL_GPL(rpcauth_get_gssinfo);
226 * rpcauth_list_flavors - discover registered flavors and pseudoflavors
227 * @array: array to fill in
228 * @size: size of "array"
230 * Returns the number of array items filled in, or a negative errno.
232 * The returned array is not sorted by any policy. Callers should not
233 * rely on the order of the items in the returned array.
236 rpcauth_list_flavors(rpc_authflavor_t *array, int size)
238 const struct rpc_authops *ops;
239 rpc_authflavor_t flavor, pseudos[4];
240 int i, len, result = 0;
243 for (flavor = 0; flavor < RPC_AUTH_MAXFLAVOR; flavor++) {
244 ops = rcu_dereference(auth_flavors[flavor]);
245 if (result >= size) {
252 if (ops->list_pseudoflavors == NULL) {
253 array[result++] = ops->au_flavor;
256 len = ops->list_pseudoflavors(pseudos, ARRAY_SIZE(pseudos));
261 for (i = 0; i < len; i++) {
262 if (result >= size) {
266 array[result++] = pseudos[i];
271 dprintk("RPC: %s returns %d\n", __func__, result);
274 EXPORT_SYMBOL_GPL(rpcauth_list_flavors);
277 rpcauth_create(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt)
279 struct rpc_auth *auth = ERR_PTR(-EINVAL);
280 const struct rpc_authops *ops;
281 u32 flavor = pseudoflavor_to_flavor(args->pseudoflavor);
283 ops = rpcauth_get_authops(flavor);
287 auth = ops->create(args, clnt);
289 rpcauth_put_authops(ops);
293 rpcauth_release(clnt->cl_auth);
294 clnt->cl_auth = auth;
299 EXPORT_SYMBOL_GPL(rpcauth_create);
302 rpcauth_release(struct rpc_auth *auth)
304 if (!refcount_dec_and_test(&auth->au_count))
306 auth->au_ops->destroy(auth);
309 static DEFINE_SPINLOCK(rpc_credcache_lock);
312 * On success, the caller is responsible for freeing the reference
313 * held by the hashtable
316 rpcauth_unhash_cred_locked(struct rpc_cred *cred)
318 if (!test_and_clear_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags))
320 hlist_del_rcu(&cred->cr_hash);
325 rpcauth_unhash_cred(struct rpc_cred *cred)
327 spinlock_t *cache_lock;
330 if (!test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags))
332 cache_lock = &cred->cr_auth->au_credcache->lock;
333 spin_lock(cache_lock);
334 ret = rpcauth_unhash_cred_locked(cred);
335 spin_unlock(cache_lock);
340 * Initialize RPC credential cache
343 rpcauth_init_credcache(struct rpc_auth *auth)
345 struct rpc_cred_cache *new;
346 unsigned int hashsize;
348 new = kmalloc(sizeof(*new), GFP_KERNEL);
351 new->hashbits = auth_hashbits;
352 hashsize = 1U << new->hashbits;
353 new->hashtable = kcalloc(hashsize, sizeof(new->hashtable[0]), GFP_KERNEL);
356 spin_lock_init(&new->lock);
357 auth->au_credcache = new;
364 EXPORT_SYMBOL_GPL(rpcauth_init_credcache);
367 rpcauth_stringify_acceptor(struct rpc_cred *cred)
369 if (!cred->cr_ops->crstringify_acceptor)
371 return cred->cr_ops->crstringify_acceptor(cred);
373 EXPORT_SYMBOL_GPL(rpcauth_stringify_acceptor);
376 * Destroy a list of credentials
379 void rpcauth_destroy_credlist(struct list_head *head)
381 struct rpc_cred *cred;
383 while (!list_empty(head)) {
384 cred = list_entry(head->next, struct rpc_cred, cr_lru);
385 list_del_init(&cred->cr_lru);
391 rpcauth_lru_add_locked(struct rpc_cred *cred)
393 if (!list_empty(&cred->cr_lru))
395 number_cred_unused++;
396 list_add_tail(&cred->cr_lru, &cred_unused);
400 rpcauth_lru_add(struct rpc_cred *cred)
402 if (!list_empty(&cred->cr_lru))
404 spin_lock(&rpc_credcache_lock);
405 rpcauth_lru_add_locked(cred);
406 spin_unlock(&rpc_credcache_lock);
410 rpcauth_lru_remove_locked(struct rpc_cred *cred)
412 if (list_empty(&cred->cr_lru))
414 number_cred_unused--;
415 list_del_init(&cred->cr_lru);
419 rpcauth_lru_remove(struct rpc_cred *cred)
421 if (list_empty(&cred->cr_lru))
423 spin_lock(&rpc_credcache_lock);
424 rpcauth_lru_remove_locked(cred);
425 spin_unlock(&rpc_credcache_lock);
429 * Clear the RPC credential cache, and delete those credentials
430 * that are not referenced.
433 rpcauth_clear_credcache(struct rpc_cred_cache *cache)
436 struct hlist_head *head;
437 struct rpc_cred *cred;
438 unsigned int hashsize = 1U << cache->hashbits;
441 spin_lock(&rpc_credcache_lock);
442 spin_lock(&cache->lock);
443 for (i = 0; i < hashsize; i++) {
444 head = &cache->hashtable[i];
445 while (!hlist_empty(head)) {
446 cred = hlist_entry(head->first, struct rpc_cred, cr_hash);
447 rpcauth_unhash_cred_locked(cred);
448 /* Note: We now hold a reference to cred */
449 rpcauth_lru_remove_locked(cred);
450 list_add_tail(&cred->cr_lru, &free);
453 spin_unlock(&cache->lock);
454 spin_unlock(&rpc_credcache_lock);
455 rpcauth_destroy_credlist(&free);
459 * Destroy the RPC credential cache
462 rpcauth_destroy_credcache(struct rpc_auth *auth)
464 struct rpc_cred_cache *cache = auth->au_credcache;
467 auth->au_credcache = NULL;
468 rpcauth_clear_credcache(cache);
469 kfree(cache->hashtable);
473 EXPORT_SYMBOL_GPL(rpcauth_destroy_credcache);
476 #define RPC_AUTH_EXPIRY_MORATORIUM (60 * HZ)
479 * Remove stale credentials. Avoid sleeping inside the loop.
482 rpcauth_prune_expired(struct list_head *free, int nr_to_scan)
484 struct rpc_cred *cred, *next;
485 unsigned long expired = jiffies - RPC_AUTH_EXPIRY_MORATORIUM;
488 list_for_each_entry_safe(cred, next, &cred_unused, cr_lru) {
490 if (nr_to_scan-- == 0)
492 if (refcount_read(&cred->cr_count) > 1) {
493 rpcauth_lru_remove_locked(cred);
497 * Enforce a 60 second garbage collection moratorium
498 * Note that the cred_unused list must be time-ordered.
500 if (!time_in_range(cred->cr_expire, expired, jiffies))
502 if (!rpcauth_unhash_cred(cred))
505 rpcauth_lru_remove_locked(cred);
507 list_add_tail(&cred->cr_lru, free);
509 return freed ? freed : SHRINK_STOP;
513 rpcauth_cache_do_shrink(int nr_to_scan)
518 spin_lock(&rpc_credcache_lock);
519 freed = rpcauth_prune_expired(&free, nr_to_scan);
520 spin_unlock(&rpc_credcache_lock);
521 rpcauth_destroy_credlist(&free);
527 * Run memory cache shrinker.
530 rpcauth_cache_shrink_scan(struct shrinker *shrink, struct shrink_control *sc)
533 if ((sc->gfp_mask & GFP_KERNEL) != GFP_KERNEL)
536 /* nothing left, don't come back */
537 if (list_empty(&cred_unused))
540 return rpcauth_cache_do_shrink(sc->nr_to_scan);
544 rpcauth_cache_shrink_count(struct shrinker *shrink, struct shrink_control *sc)
547 return number_cred_unused * sysctl_vfs_cache_pressure / 100;
551 rpcauth_cache_enforce_limit(void)
554 unsigned int nr_to_scan;
556 if (number_cred_unused <= auth_max_cred_cachesize)
558 diff = number_cred_unused - auth_max_cred_cachesize;
560 if (diff < nr_to_scan)
562 rpcauth_cache_do_shrink(nr_to_scan);
566 * Look up a process' credentials in the authentication cache
569 rpcauth_lookup_credcache(struct rpc_auth *auth, struct auth_cred * acred,
570 int flags, gfp_t gfp)
573 struct rpc_cred_cache *cache = auth->au_credcache;
574 struct rpc_cred *cred = NULL,
578 nr = auth->au_ops->hash_cred(acred, cache->hashbits);
581 hlist_for_each_entry_rcu(entry, &cache->hashtable[nr], cr_hash) {
582 if (!entry->cr_ops->crmatch(acred, entry, flags))
584 cred = get_rpccred(entry);
593 new = auth->au_ops->crcreate(auth, acred, flags, gfp);
599 spin_lock(&cache->lock);
600 hlist_for_each_entry(entry, &cache->hashtable[nr], cr_hash) {
601 if (!entry->cr_ops->crmatch(acred, entry, flags))
603 cred = get_rpccred(entry);
609 set_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags);
610 refcount_inc(&cred->cr_count);
611 hlist_add_head_rcu(&cred->cr_hash, &cache->hashtable[nr]);
613 list_add_tail(&new->cr_lru, &free);
614 spin_unlock(&cache->lock);
615 rpcauth_cache_enforce_limit();
617 if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags) &&
618 cred->cr_ops->cr_init != NULL &&
619 !(flags & RPCAUTH_LOOKUP_NEW)) {
620 int res = cred->cr_ops->cr_init(auth, cred);
626 rpcauth_destroy_credlist(&free);
630 EXPORT_SYMBOL_GPL(rpcauth_lookup_credcache);
633 rpcauth_lookupcred(struct rpc_auth *auth, int flags)
635 struct auth_cred acred;
636 struct rpc_cred *ret;
637 const struct cred *cred = current_cred();
639 dprintk("RPC: looking up %s cred\n",
640 auth->au_ops->au_name);
642 memset(&acred, 0, sizeof(acred));
644 ret = auth->au_ops->lookup_cred(auth, &acred, flags);
647 EXPORT_SYMBOL_GPL(rpcauth_lookupcred);
650 rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred,
651 struct rpc_auth *auth, const struct rpc_credops *ops)
653 INIT_HLIST_NODE(&cred->cr_hash);
654 INIT_LIST_HEAD(&cred->cr_lru);
655 refcount_set(&cred->cr_count, 1);
656 cred->cr_auth = auth;
659 cred->cr_expire = jiffies;
660 cred->cr_cred = get_cred(acred->cred);
662 EXPORT_SYMBOL_GPL(rpcauth_init_cred);
664 static struct rpc_cred *
665 rpcauth_bind_root_cred(struct rpc_task *task, int lookupflags)
667 struct rpc_auth *auth = task->tk_client->cl_auth;
668 struct auth_cred acred = {
669 .cred = get_task_cred(&init_task),
671 struct rpc_cred *ret;
673 dprintk("RPC: %5u looking up %s cred\n",
674 task->tk_pid, task->tk_client->cl_auth->au_ops->au_name);
675 ret = auth->au_ops->lookup_cred(auth, &acred, lookupflags);
676 put_cred(acred.cred);
680 static struct rpc_cred *
681 rpcauth_bind_machine_cred(struct rpc_task *task, int lookupflags)
683 struct rpc_auth *auth = task->tk_client->cl_auth;
684 struct auth_cred acred = {
685 .principal = task->tk_client->cl_principal,
686 .cred = init_task.cred,
689 if (!acred.principal)
691 dprintk("RPC: %5u looking up %s machine cred\n",
692 task->tk_pid, task->tk_client->cl_auth->au_ops->au_name);
693 return auth->au_ops->lookup_cred(auth, &acred, lookupflags);
696 static struct rpc_cred *
697 rpcauth_bind_new_cred(struct rpc_task *task, int lookupflags)
699 struct rpc_auth *auth = task->tk_client->cl_auth;
701 dprintk("RPC: %5u looking up %s cred\n",
702 task->tk_pid, auth->au_ops->au_name);
703 return rpcauth_lookupcred(auth, lookupflags);
707 rpcauth_bindcred(struct rpc_task *task, const struct cred *cred, int flags)
709 struct rpc_rqst *req = task->tk_rqstp;
710 struct rpc_cred *new = NULL;
712 struct rpc_auth *auth = task->tk_client->cl_auth;
713 struct auth_cred acred = {
717 if (flags & RPC_TASK_ASYNC)
718 lookupflags |= RPCAUTH_LOOKUP_NEW;
719 if (task->tk_op_cred)
720 /* Task must use exactly this rpc_cred */
721 new = get_rpccred(task->tk_op_cred);
722 else if (cred != NULL && cred != &machine_cred)
723 new = auth->au_ops->lookup_cred(auth, &acred, lookupflags);
724 else if (cred == &machine_cred)
725 new = rpcauth_bind_machine_cred(task, lookupflags);
727 /* If machine cred couldn't be bound, try a root cred */
730 else if (cred == &machine_cred || (flags & RPC_TASK_ROOTCREDS))
731 new = rpcauth_bind_root_cred(task, lookupflags);
732 else if (flags & RPC_TASK_NULLCREDS)
733 new = authnull_ops.lookup_cred(NULL, NULL, 0);
735 new = rpcauth_bind_new_cred(task, lookupflags);
738 put_rpccred(req->rq_cred);
744 put_rpccred(struct rpc_cred *cred)
749 if (refcount_dec_and_test(&cred->cr_count))
751 if (refcount_read(&cred->cr_count) != 1 ||
752 !test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags))
754 if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0) {
755 cred->cr_expire = jiffies;
756 rpcauth_lru_add(cred);
758 if (unlikely(!test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags)))
759 rpcauth_lru_remove(cred);
760 } else if (rpcauth_unhash_cred(cred)) {
761 rpcauth_lru_remove(cred);
762 if (refcount_dec_and_test(&cred->cr_count))
770 cred->cr_ops->crdestroy(cred);
772 EXPORT_SYMBOL_GPL(put_rpccred);
775 rpcauth_marshcred(struct rpc_task *task, __be32 *p)
777 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
779 dprintk("RPC: %5u marshaling %s cred %p\n",
780 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
782 return cred->cr_ops->crmarshal(task, p);
786 rpcauth_checkverf(struct rpc_task *task, __be32 *p)
788 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
790 dprintk("RPC: %5u validating %s cred %p\n",
791 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
793 return cred->cr_ops->crvalidate(task, p);
796 static void rpcauth_wrap_req_encode(kxdreproc_t encode, struct rpc_rqst *rqstp,
797 __be32 *data, void *obj)
799 struct xdr_stream xdr;
801 xdr_init_encode(&xdr, &rqstp->rq_snd_buf, data);
802 encode(rqstp, &xdr, obj);
806 rpcauth_wrap_req(struct rpc_task *task, kxdreproc_t encode, void *rqstp,
807 __be32 *data, void *obj)
809 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
811 dprintk("RPC: %5u using %s cred %p to wrap rpc data\n",
812 task->tk_pid, cred->cr_ops->cr_name, cred);
813 if (cred->cr_ops->crwrap_req)
814 return cred->cr_ops->crwrap_req(task, encode, rqstp, data, obj);
815 /* By default, we encode the arguments normally. */
816 rpcauth_wrap_req_encode(encode, rqstp, data, obj);
821 rpcauth_unwrap_req_decode(kxdrdproc_t decode, struct rpc_rqst *rqstp,
822 __be32 *data, void *obj)
824 struct xdr_stream xdr;
826 xdr_init_decode(&xdr, &rqstp->rq_rcv_buf, data);
827 return decode(rqstp, &xdr, obj);
831 rpcauth_unwrap_resp(struct rpc_task *task, kxdrdproc_t decode, void *rqstp,
832 __be32 *data, void *obj)
834 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
836 dprintk("RPC: %5u using %s cred %p to unwrap rpc data\n",
837 task->tk_pid, cred->cr_ops->cr_name, cred);
838 if (cred->cr_ops->crunwrap_resp)
839 return cred->cr_ops->crunwrap_resp(task, decode, rqstp,
841 /* By default, we decode the arguments normally. */
842 return rpcauth_unwrap_req_decode(decode, rqstp, data, obj);
846 rpcauth_xmit_need_reencode(struct rpc_task *task)
848 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
850 if (!cred || !cred->cr_ops->crneed_reencode)
852 return cred->cr_ops->crneed_reencode(task);
856 rpcauth_refreshcred(struct rpc_task *task)
858 struct rpc_cred *cred;
861 cred = task->tk_rqstp->rq_cred;
863 err = rpcauth_bindcred(task, task->tk_msg.rpc_cred, task->tk_flags);
866 cred = task->tk_rqstp->rq_cred;
868 dprintk("RPC: %5u refreshing %s cred %p\n",
869 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
871 err = cred->cr_ops->crrefresh(task);
874 task->tk_status = err;
879 rpcauth_invalcred(struct rpc_task *task)
881 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
883 dprintk("RPC: %5u invalidating %s cred %p\n",
884 task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
886 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
890 rpcauth_uptodatecred(struct rpc_task *task)
892 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
894 return cred == NULL ||
895 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0;
898 static struct shrinker rpc_cred_shrinker = {
899 .count_objects = rpcauth_cache_shrink_count,
900 .scan_objects = rpcauth_cache_shrink_scan,
901 .seeks = DEFAULT_SEEKS,
904 int __init rpcauth_init_module(void)
908 err = rpc_init_authunix();
911 err = register_shrinker(&rpc_cred_shrinker);
916 rpc_destroy_authunix();
921 void rpcauth_remove_module(void)
923 rpc_destroy_authunix();
924 unregister_shrinker(&rpc_cred_shrinker);