aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* nfsd4: reject bad forechannel attrs earlierJ. Bruce Fields2012-10-01
| | | | | | This could simplify the logic a little later. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: enforce per-client sessions/no-sessions distinctionJ. Bruce Fields2012-10-01
| | | | | | | | | Something like creating a client with setclientid and then trying to confirm it with create_session may not crash the server, but I'm not completely positive of that, and in any case it's obviously bad client behavior. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: set cl_minorversion at create timeJ. Bruce Fields2012-10-01
| | | | | | And remove some mostly obsolete comments. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: don't pin clientids to pseudoflavorsJ. Bruce Fields2012-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | I added cr_flavor to the data compared in same_creds without any justification, in d5497fc693a446ce9100fcf4117c3f795ddfd0d2 "nfsd4: move rq_flavor into svc_cred". Recent client changes then started making mount -osec=krb5 server:/export /mnt/ echo "hello" >/mnt/TMP umount /mnt/ mount -osec=krb5i server:/export /mnt/ echo "hello" >/mnt/TMP to fail due to a clid_inuse on the second open. Mounting sequentially like this with different flavors probably isn't that common outside artificial tests. Also, the real bug here may be that the server isn't just destroying the former clientid in this case (because it isn't good enough at recognizing when the old state is gone). But it prompted some discussion and a look back at the spec, and I think the check was probably wrong. Fix and document. Cc: stable@kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: fix bind_conn_to_session xdr commentJ. Bruce Fields2012-09-25
| | | | Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: cast readlink() bug argumentJ. Bruce Fields2012-09-10
| | | | | | As we already do in readv, writev. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSD: pass null terminated buf to kstrtouint()Malahal Naineni2012-09-10
| | | | | | | | | The 'buf' is prepared with null termination with intention of using it for this purpose, but 'name' is passed instead! Signed-off-by: Malahal Naineni <malahal@us.ibm.com> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: remove duplicate init in nfsd4_cb_recallNamjae Jeon2012-09-10
| | | | | | | | remove duplicate init in nfsd4_cb_recall Signed-off-by: Namjae Jeon <linkinjeon@gmail.com> Signed-off-by: Vivek Trivedi <vtrivedi018@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: eliminate redundant nfs4_free_stateidJ. Bruce Fields2012-09-10
| | | | | | | Somehow we ended up with identical functions "nfs4_free_stateid" and "free_generic_stateid". Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* fs/nfsd/nfs4idmap.c: adjust inconsistent IS_ERR and PTR_ERRJulia Lawall2012-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | Change the call to PTR_ERR to access the value just tested by IS_ERR. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // <smpl> @@ expression e,e1; @@ ( if (IS_ERR(e)) { ... PTR_ERR(e) ... } | if (IS_ERR(e=e1)) { ... PTR_ERR(e) ... } | *if (IS_ERR(e)) { ... * PTR_ERR(e1) ... } ) // </smpl> Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: remove unused listener-removal interfacesJ. Bruce Fields2012-09-10
| | | | | | | | | | | | | | | | | | | You can use nfsd/portlist to give nfsd additional sockets to listen on. In theory you can also remove listening sockets this way. But nobody's ever done that as far as I can tell. Also this was partially broken in 2.6.25, by a217813f9067b785241cb7f31956e51d2071703a "knfsd: Support adding transports by writing portlist file". (Note that we decide whether to take the "delfd" case by checking for a digit--but what's actually expected in that case is something made by svc_one_sock_name(), which won't begin with a digit.) So, let's just rip out this stuff. Acked-by: NeilBrown <neilb@suse.de> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: fix nfs4 stateid leakJ. Bruce Fields2012-09-10
| | | | | | | | | | | | Processes that open and close multiple files may end up setting this oo_last_closed_stid without freeing what was previously pointed to. This can result in a major leak, visible for example by watching the nfsd4_stateids line of /proc/slabinfo. Reported-by: Cyril B. <cbay@excellency.fr> Tested-by: Cyril B. <cbay@excellency.fr> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: document kernel interfaces for nfsd configurationJ. Bruce Fields2012-08-21
| | | | | | | | | These are only needed by nfs-utils. But I needed to remind myself how they worked recently and thought this might be helpful. It's short and incomplete for now as I was only interested in startup, shutdown, and configuration of listening sockets. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: split up svc_handle_xprtJ. Bruce Fields2012-08-21
| | | | | | Move initialization of newly accepted socket into a helper. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: break up svc_recvJ. Bruce Fields2012-08-21
| | | | | | | | | | | | Matter of taste, I suppose, but svc_recv breaks up naturally into: allocate pages and setup arg dequeue (wait for, if necessary) next socket do something with that socket And I find it easier to read when it doesn't go on for pages and pages. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: make svc_xprt_received staticJ. Bruce Fields2012-08-21
| | | | | | | | | | Note this isn't used outside svc_xprt.c. May as well move it so we don't need a declaration while we're here. Also remove an outdated comment. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: remove handling of unknown errors from svc_recvJ. Bruce Fields2012-08-21
| | | | | | | | | svc_recv() returns only -EINTR or -EAGAIN. If we really want to worry about the case where it has a bug that causes it to return something else, we could stick a WARN() in svc_recv. But it's silly to require every caller to have all this boilerplate to handle that case. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: make xpo_recvfrom return only >=0J. Bruce Fields2012-08-21
| | | | | | | | | | The only errors returned from xpo_recvfrom have been -EAGAIN and -EAFNOSUPPORT. The latter was removed by a previous patch. That leaves only -EAGAIN, which is treated just like 0 by the caller (svc_recv). So, just ditch -EAGAIN and return 0 instead. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: don't bother checking bad svc_addr_len resultJ. Bruce Fields2012-08-21
| | | | | | | | | None of the callers should see an unsupported address family (only one of them even bothers to check for that case), so just check for the buggy case in svc_addr_len and don't bother elsewhere. Acked-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: minor udp code cleanupJ. Bruce Fields2012-08-21
| | | | | | Order the code in a more boring way. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: allow configuring nfsd to listen on 5-digit portsJ. Bruce Fields2012-08-21
| | | | | | Note a 16-bit value can require up to 5 digits. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: remove redundant "port" argumentJ. Bruce Fields2012-08-21
| | | | | | | | | "port" in all these functions is always NFS_PORT. nfsd can already be run on a nonstandard port using the "nfsd/portlist" interface. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: share some setup of listening socketsJ. Bruce Fields2012-08-21
| | | | | | There's some duplicate code here. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: make svc_create_xprt enqueue on clearing XPT_BUSYJ. Bruce Fields2012-08-21
| | | | | | | | Whenever we clear XPT_BUSY we should call svc_xprt_enqueue(). Without that we may fail to notice any events (such as new connections) that arrived while XPT_BUSY was set. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: clean up control flowJ. Bruce Fields2012-08-21
| | | | | | | | | | | | | | | | | | | Mainly, use the kernel standard err = -ERROR; if (something_bad) goto out; normal case; rather than if (something_bad) err = -ERROR else { normal case; } Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: standardize svc_setup_socket return conventionJ. Bruce Fields2012-08-21
| | | | | | | Use the kernel-standard ptr-or-error return convention instead of passing a pointer to the error. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: fix xpt_list traversal locking on shutdownJ. Bruce Fields2012-08-21
| | | | | | | Server threads are not running at this point, but svc_age_temp_xprts still may be, so we need this locking. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* knfsd: don't allocate file_locks on the stackJeff Layton2012-08-21
| | | | | | | | | | | | | | struct file_lock is pretty large and really ought not live on the stack. On my x86_64 machine, they're almost 200 bytes each. (gdb) p sizeof(struct file_lock) $1 = 192 ...allocate them dynamically instead. Reported-by: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* knfsd: remove bogus BUG_ON() call from nfsd4_lockuJeff Layton2012-08-21
| | | | | | | | The code checks for a NULL filp and handles it gracefully just before this BUG_ON. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: nfsd_process_n_delegations should be staticJ. Bruce Fields2012-08-21
| | | | Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSD: Swap the struct nfs4_operation getter and setterBryan Schumaker2012-08-20
| | | | | | | | stateid_setter should be matched to op_set_currentstateid, rather than op_get_currentstateid. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: do_nfsd_create verf argument is a u32J. Bruce Fields2012-08-20
| | | | | | | The types here are actually a bit of a mess. For now cast as we do in the v4 case. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: declare nfs4_recoverydir properlyJ. Bruce Fields2012-08-20
| | | | Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: nfsaclsvc_encode_voidres staticJ. Bruce Fields2012-08-20
| | | | Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: trivial comment updatesJeff Layton2012-08-20
| | | | | | | locks.c doesn't use the BKL anymore and there is no fi_perfile field. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* vfs: don't treat fl_type as a bitmapJeff Layton2012-08-20
| | | | | | | | | | | | | | The rules for fl_type are rather convoluted. Typically it's treated as holding specific values, except in the case of LOCK_MAND, in which case it can be or'ed with LOCK_READ|LOCK_WRITE. On some arches F_WRLCK == 2 and F_UNLCK == 3, so and'ing with F_WRLCK will also catch the F_UNLCK case. It's unlikely in either case here that we'd ever see F_UNLCK since those shouldn't end up on any lists, but it's still best to be consistent. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: fix svc_xprt_enqueue/svc_recv busy-loopingJ. Bruce Fields2012-08-20
| | | | | | | | | | | | | | | | | | | | | | | The rpc server tries to ensure that there will be room to send a reply before it receives a request. It does this by tracking, in xpt_reserved, an upper bound on the total size of the replies that is has already committed to for the socket. Currently it is adding in the estimate for a new reply *before* it checks whether there is space available. If it finds that there is not space, it then subtracts the estimate back out. This may lead the subsequent svc_xprt_enqueue to decide that there is space after all. The results is a svc_recv() that will repeatedly return -EAGAIN, causing server threads to loop without doing any actual work. Cc: stable@vger.kernel.org Reported-by: Michael Tokarev <mjt@tls.msk.ru> Tested-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: sends on closed socket should stop immediatelyJ. Bruce Fields2012-08-20
| | | | | | | | | | | | | | | | | | | svc_tcp_sendto sets XPT_CLOSE if we fail to transmit the entire reply. However, the XPT_CLOSE won't be acted on immediately. Meanwhile other threads could send further replies before the socket is really shut down. This can manifest as data corruption: for example, if a truncated read reply is followed by another rpc reply, that second reply will look to the client like further read data. Symptoms were data corruption preceded by svc_tcp_sendto logging something like kernel: rpc-srv/tcp: nfsd: sent only 963696 when sending 1048708 bytes - shutting down socket Cc: stable@vger.kernel.org Reported-by: Malahal Naineni <malahal@us.ibm.com> Tested-by: Malahal Naineni <malahal@us.ibm.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* svcrpc: fix BUG() in svc_tcp_clear_pagesJ. Bruce Fields2012-08-20
| | | | | | | | | | | | | | | | | | Examination of svc_tcp_clear_pages shows that it assumes sk_tcplen is consistent with sk_pages[] (in particular, sk_pages[n] can't be NULL if sk_tcplen would lead us to expect n pages of data). svc_tcp_restore_pages zeroes out sk_pages[] while leaving sk_tcplen. This is OK, since both functions are serialized by XPT_BUSY. However, that means the inconsistency must be repaired before dropping XPT_BUSY. Therefore we should be ensuring that svc_tcp_save_pages repairs the problem before exiting svc_tcp_recv_record on error. Symptoms were a BUG() in svc_tcp_clear_pages. Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: fix security flavor of NFSv4.0 callbackJ. Bruce Fields2012-08-20
| | | | | | | | | | | | | | | | | Commit d5497fc693a446ce9100fcf4117c3f795ddfd0d2 "nfsd4: move rq_flavor into svc_cred" forgot to remove cl_flavor from the client, leaving two places (cl_flavor and cl_cred.cr_flavor) for the flavor to be stored. After that patch, the latter was the one that was updated, but the former was the one that the callback used. Symptoms were a long delay on utime(). This is because the utime() generated a setattr which recalled a delegation, but the cb_recall was ignored by the client because it had the wrong security flavor. Cc: stable@vger.kernel.org Tested-by: Jamie Heilman <jamie@audible.transient.net> Reported-by: Jamie Heilman <jamie@audible.transient.net> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* Linux 3.6-rc2Linus Torvalds2012-08-16
|
* autofs4 - fix get_next_positive_subdir()Ian Kent2012-08-16
| | | | | | | | | | | | | | | | | | Following a report of a crash during an automount expire I found that the locking in fs/autofs4/expire.c:get_next_positive_subdir() was wrong. Not only is the locking wrong but the function is more complex than it needs to be. The function is meant to calculate (and dget) the next entry in the list of directories contained in the root of an autofs mount point (an autofs indirect mount to be precise). The main problem was that the d_lock of the owner of the list was not being taken when walking the list, which lead to list corruption under load. The only other lock that needs to be taken is against the next dentry candidate so it can be checked for usability. Signed-off-by: Ian Kent <raven@themaw.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Merge tag 'vfio-for-v3.6-rc1' of git://github.com/awilliam/linux-vfioLinus Torvalds2012-08-16
|\ | | | | | | | | | | | | | | | | Pull VFIO fix from Alex Williamson: "Just a trivial patch to include vfio.h in the installed headers so we can complete userspace integration into QEMU." * tag 'vfio-for-v3.6-rc1' of git://github.com/awilliam/linux-vfio: vfio: Include vfio.h in installed headers
| * vfio: Include vfio.h in installed headersAlex Williamson2012-08-07
| | | | | | | | Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
* | Merge branch 'for-linus' of ↵Linus Torvalds2012-08-16
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse Pull fuse updates from Miklos Szeredi. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse: fuse: verify all ioctl retry iov elements fuse: add missing INIT flag descriptions fuse: add missing INIT flags fuse: update attributes on aio_read fuse: invalidate inode mapping if mtime changes fuse: add FUSE_AUTO_INVAL_DATA init flag
| * | fuse: verify all ioctl retry iov elementsZach Brown2012-08-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 7572777eef78ebdee1ecb7c258c0ef94d35bad16 attempted to verify that the total iovec from the client doesn't overflow iov_length() but it only checked the first element. The iovec could still overflow by starting with a small element. The obvious fix is to check all the elements. The overflow case doesn't look dangerous to the kernel as the copy is limited by the length after the overflow. This fix restores the intention of returning an error instead of successfully copying less than the iovec represented. I found this by code inspection. I built it but don't have a test case. I'm cc:ing stable because the initial commit did as well. Signed-off-by: Zach Brown <zab@redhat.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> CC: <stable@vger.kernel.org> [2.6.37+]
| * | fuse: add missing INIT flag descriptionsMiklos Szeredi2012-07-18
| | | | | | | | | | | | Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
| * | fuse: add missing INIT flagsMiklos Szeredi2012-07-18
| | | | | | | | | | | | | | | | | | | | | Add missing flags that userspace derived from the protocol version number. This makes the protocol more flexible. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
| * | fuse: update attributes on aio_readBrian Foster2012-07-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A fuse-based network filesystem might allow for the inode and/or file data to change unexpectedly. A local client that opens and repeatedly reads a file might never pick up on such changes and indefinitely return stale data. Always invoke fuse_update_attributes() in the read path to cause an attr revalidation when the attributes expire. This leads to a page cache invalidation if necessary and ensures fuse issues new read requests to the fuse client. The original logic (reval only on reads beyond EOF) is preserved unless the client specifies FUSE_AUTO_INVAL_DATA on init. Signed-off-by: Brian Foster <bfoster@redhat.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
| * | fuse: invalidate inode mapping if mtime changesBrian Foster2012-07-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently invalidate the inode address space mapping if the file size changes unexpectedly. In the case of a fuse network filesystem, a portion of a file could be overwritten remotely without changing the file size. Compare the old mtime as well to detect this condition and invalidate the mapping if the file has been updated. The original logic (to ignore changes in mtime) is preserved unless the client specifies FUSE_AUTO_INVAL_DATA on init. Signed-off-by: Brian Foster <bfoster@redhat.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>