From af233e1f5f30fbf3b16901d0c028f28a64337d7d Mon Sep 17 00:00:00 2001
From: Sebastien Buisson <sbuisson@ddn.com>
Date: Tue, 5 Dec 2023 17:02:21 +0100
Subject: [PATCH] LU-17317 gss: no cache flush for rsi and rsc

RPCSEC init and RPCSEC context caches hold gss-related information
of security contexts established between network peers. These cache
entries are tightly coupled with contexts handled in the sptlrpc layer
so they must not be purged directly. They are inserted into the cache
when sptlrpc security contexts are established, and removed when the
corresponding security contexts are destroyed.

Lustre-change: https://review.whamcloud.com/53377
Lustre-commit: 3615fa4a86be793652d53c94818c5aeb81e2257e

Test-Parameters: trivial
Test-Parameters: kerberos=true testlist=sanity-krb5
Test-Parameters: testgroup=review-dne-selinux-ssk-part-2
Fixes: 4daf43ac3c ("LU-17015 gss: support large kerberos token for rpc sec init")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I903f75a4b5229286fcaed3e9d96b5eee7f653f15
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/c/ex/lustre-release/+/53334
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
---
 lustre/ptlrpc/gss/gss_internal.h   |  2 --
 lustre/ptlrpc/gss/gss_svc_upcall.c | 16 ----------------
 lustre/ptlrpc/gss/lproc_gss.c      | 34 ----------------------------------
 3 files changed, 52 deletions(-)

diff --git a/lustre/ptlrpc/gss/gss_internal.h b/lustre/ptlrpc/gss/gss_internal.h
index 7ee4054..c648bea 100644
--- a/lustre/ptlrpc/gss/gss_internal.h
+++ b/lustre/ptlrpc/gss/gss_internal.h
@@ -467,14 +467,12 @@ extern struct upcall_cache_ops rsi_upcall_cache_ops;
 extern struct upcall_cache *rsicache;
 struct gss_rsi *rsi_entry_get(struct upcall_cache *cache, struct gss_rsi *rsi);
 void rsi_entry_put(struct upcall_cache *cache, struct gss_rsi *rsi);
-void rsi_flush(struct upcall_cache *cache, int hash);
 #define RSC_UPCALL_PATH "NONE"
 #define UC_RSCCACHE_HASH_SIZE 1024
 extern struct upcall_cache_ops rsc_upcall_cache_ops;
 extern struct upcall_cache *rsccache;
 struct gss_rsc *rsc_entry_get(struct upcall_cache *cache, struct gss_rsc *rsc);
 void rsc_entry_put(struct upcall_cache *cache, struct gss_rsc *rsc);
-void rsc_flush(struct upcall_cache *cache, int hash);
 void __rsc_free(struct gss_rsc *rsc);
 
 #endif /* __PTLRPC_GSS_GSS_INTERNAL_H_ */
diff --git a/lustre/ptlrpc/gss/gss_svc_upcall.c b/lustre/ptlrpc/gss/gss_svc_upcall.c
index cc13d53..cc74319 100644
--- a/lustre/ptlrpc/gss/gss_svc_upcall.c
+++ b/lustre/ptlrpc/gss/gss_svc_upcall.c
@@ -431,14 +431,6 @@ void rsi_entry_put(struct upcall_cache *cache, struct gss_rsi *rsi)
 	upcall_cache_put_entry(cache, rsi->si_uc_entry);
 }
 
-void rsi_flush(struct upcall_cache *cache, int hash)
-{
-	if (hash < 0)
-		upcall_cache_flush_idle(cache);
-	else
-		upcall_cache_flush_one(cache, (__u64)hash, NULL);
-}
-
 struct upcall_cache_ops rsi_upcall_cache_ops = {
 	.init_entry	  = rsi_entry_init,
 	.free_entry	  = rsi_entry_free,
@@ -637,14 +629,6 @@ void rsc_entry_put(struct upcall_cache *cache, struct gss_rsc *rsc)
 	upcall_cache_put_entry(cache, rsc->sc_uc_entry);
 }
 
-void rsc_flush(struct upcall_cache *cache, int hash)
-{
-	if (hash < 0)
-		upcall_cache_flush_idle(cache);
-	else
-		upcall_cache_flush_one(cache, (__u64)hash, NULL);
-}
-
 struct upcall_cache_ops rsc_upcall_cache_ops = {
 	.init_entry	  = rsc_entry_init,
 	.free_entry	  = rsc_entry_free,
diff --git a/lustre/ptlrpc/gss/lproc_gss.c b/lustre/ptlrpc/gss/lproc_gss.c
index 421aa9a..ed29f3e 100644
--- a/lustre/ptlrpc/gss/lproc_gss.c
+++ b/lustre/ptlrpc/gss/lproc_gss.c
@@ -229,21 +229,6 @@ out:
 }
 LPROC_SEQ_FOPS(rsi_upcall);
 
-static ssize_t lprocfs_rsi_flush_seq_write(struct file *file,
-					   const char __user *buffer,
-					   size_t count, void *data)
-{
-	int hash, rc;
-
-	rc = kstrtoint_from_user(buffer, count, 0, &hash);
-	if (rc)
-		return rc;
-
-	rsi_flush(rsicache, hash);
-	return count;
-}
-LPROC_SEQ_FOPS_WR_ONLY(gss, rsi_flush);
-
 static ssize_t lprocfs_rsi_info_seq_write(struct file *file,
 					  const char __user *buffer,
 					  size_t count, void *data)
@@ -346,21 +331,6 @@ static ssize_t rsi_acquire_expire_seq_write(struct file *file,
 }
 LPROC_SEQ_FOPS(rsi_acquire_expire);
 
-static ssize_t lprocfs_rsc_flush_seq_write(struct file *file,
-					   const char __user *buffer,
-					   size_t count, void *data)
-{
-	int hash, rc;
-
-	rc = kstrtoint_from_user(buffer, count, 0, &hash);
-	if (rc)
-		return rc;
-
-	rsc_flush(rsccache, hash);
-	return count;
-}
-LPROC_SEQ_FOPS_WR_ONLY(gss, rsc_flush);
-
 static ssize_t lprocfs_rsc_info_seq_write(struct file *file,
 					  const char __user *buffer,
 					  size_t count, void *data)
@@ -474,16 +444,12 @@ static struct lprocfs_vars gss_lprocfs_vars[] = {
 #endif
 	{ .name	=	"rsi_upcall",
 	  .fops	=	&rsi_upcall_fops },
-	{ .name =	"rsi_flush",
-	  .fops =	&gss_rsi_flush_fops },
 	{ .name =	"rsi_info",
 	  .fops =	&gss_rsi_info_fops },
 	{ .name	=	"rsi_entry_expire",
 	  .fops	=	&rsi_entry_expire_fops },
 	{ .name	=	"rsi_acquire_expire",
 	  .fops	=	&rsi_acquire_expire_fops },
-	{ .name =	"rsc_flush",
-	  .fops =	&gss_rsc_flush_fops },
 	{ .name =	"rsc_info",
 	  .fops =	&gss_rsc_info_fops },
 	{ NULL }
-- 
1.8.3.1