git://git.whamcloud.com - fs/lustre-release.git/commit

author	Aurelien Degremont <adegremont@nvidia.com>
	Tue, 5 Mar 2024 08:29:23 +0000 (09:29 +0100)
committer	Andreas Dilger <adilger@whamcloud.com>
	Sat, 30 Mar 2024 07:20:33 +0000 (07:20 +0000)
commit	100989d52a93ece38155ffa010b12a6f08e01633
tree	0a49435603aad40f2c73e88393a60ac3326a9aa3	tree \| snapshot
parent	05d673edce0a6ee728651fea4d50169de6d3979d	commit \| diff

LU-17612 sec: return keyring errors to userspace

In current code, Linux keyring errors, when using GSS Kerberos,
are all masked under a generic ECONNREFUSED error. That makes
it hard to understand the root cause of the problem
for the I/O caller.

Update the code to propagate errors from request_key() up to
the application.

struct ptlrpc_cli_ctx * gss_sec_lookup_ctx_kr(...) is modified
to now returns a NULL pointer or -errval. This is tested by callers
and propagated. NULL values are still converted to ECONNREFUSED.

Lustre-change: https://review.whamcloud.com/54296
Lustre-commit: cd8625792f10d51fceca4717544ff8016609c3be

Test-Parameters: trivial
Test-Parameters: kerberos=true testlist=sanity-krb5
Test-Parameters: testgroup=review-dne-selinux-ssk-part-2
Change-Id: I13792f141a961036bc9f7629a4a2db692e245c41
Signed-off-by: Aurelien Degremont <adegremont@nvidia.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/c/ex/lustre-release/+/54556
Reviewed-by: Sebastien Buisson <sbuisson@ddn.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

lustre/ptlrpc/gss/gss_keyring.c		diff \| blob \| history
lustre/ptlrpc/sec.c		diff \| blob \| history