aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* SUNRPC: Remove the obsolete auth-only interface for pipefs dentry managementTrond Myklebust2013-09-01
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* RPCSEC_GSS: Switch auth_gss to use the new framework for pipefs dentriesTrond Myklebust2013-09-01
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a framework to clean up management of rpc_pipefs directoriesTrond Myklebust2013-08-30
| | | | | | | | | | | | | | The current system requires everyone to set up notifiers, manage directory locking, etc. What we really want to do is have the rpc_client create its directory, and then create all the entries. This patch will allow the RPCSEC_GSS and NFS code to register all the objects that they want to have appear in the directory, and then have the sunrpc code call them back to actually create/destroy their pipefs dentries when the rpc_client creates/destroys the parent. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Fix a potentially Oopsable condition in __nfs_idmap_unregisterTrond Myklebust2013-08-30
| | | | | | | Ensure that __nfs_idmap_unregister can be called twice without consequences. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* RPCSEC_GSS: Fix an Oopsable condition when creating/destroying pipefs objectsTrond Myklebust2013-08-30
| | | | | | | | | If an error condition occurs on rpc_pipefs creation, or the user mounts rpc_pipefs and then unmounts it, then the dentries in struct gss_auth need to be reset to NULL so that a second call to gss_pipes_dentries_destroy doesn't try to free them again. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* RPCSEC_GSS: Further cleanupsTrond Myklebust2013-08-30
| | | | | | | Don't pass the rpc_client as a parameter, when what we really want is the net namespace. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Replace clnt->cl_principalTrond Myklebust2013-08-30
| | | | | | | | The clnt->cl_principal is being used exclusively to store the service target name for RPCSEC_GSS/krb5 callbacks. Replace it with something that is stored only in the RPCSEC_GSS-specific code. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* RPCSEC_GSS: Clean up upcall message allocationTrond Myklebust2013-08-30
| | | | | | | | | | Optimise away gss_encode_msg: we don't need to look up the pipe version a second time. Save the gss target name in struct gss_auth. It is a property of the auth cache itself, and doesn't really belong in the rpc_client. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Cleanup rpc_setup_pipedirTrond Myklebust2013-08-30
| | | | | | The directory name is _always_ clnt->cl_program->pipe_dir_name. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Remove unused struct rpc_clnt field cl_protnameTrond Myklebust2013-08-30
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Deprecate rpc_client->cl_protnameTrond Myklebust2013-08-30
| | | | | | | It just duplicates the cl_program->name, and is not used in any fast paths where the extra dereference will cause a hit. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Fix up two use-after-free issues with the new tracing codeTrond Myklebust2013-08-30
| | | | | | | | We don't want to pass the context argument to trace_nfs_atomic_open_exit() after it has been released. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: remove incorrect "Lock reclaim failed!" warning.NeilBrown2013-08-22
| | | | | | | | | | | | | | | | | | | | After reclaiming state that was lost, the NFS client tries to reclaim any locks, and then checks that each one has NFS_LOCK_INITIALIZED set (which means that the server has confirmed the lock). However if the client holds a delegation, nfs_reclaim_locks() simply aborts (or more accurately it called nfs_lock_reclaim() and that returns without doing anything). This is because when a delegation is held, the server doesn't need to know about locks. So if a delegation is held, NFS_LOCK_INITIALIZED is not expected, and its absence is certainly not an error. So don't print the warnings if NFS_DELGATED_STATE is set. Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4.1: Add tracepoints for debugging test_stateid eventsTrond Myklebust2013-08-22
| | | | | | Add tracepoints to detect issues with the TEST_STATEID operation. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4.1: Add tracepoints for debugging slot table operationsTrond Myklebust2013-08-22
| | | | | | | Add tracepoints to nfs41_setup_sequence and nfs41_sequence_done to track session and slot table state changes. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4.1: Add tracepoints for debugging layoutget/return/commitTrond Myklebust2013-08-22
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging reads and writesTrond Myklebust2013-08-22
| | | | | | | Set up tracepoints to track read, write and commit, as well as pNFS reads and writes and commits to the data server. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging getattrTrond Myklebust2013-08-22
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging the idmapperTrond Myklebust2013-08-22
| | | | | | Add tracepoints to help debug uid/gid mappings to username/group. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging delegationsTrond Myklebust2013-08-22
| | | | | | | Set up tracepoints to track when delegations are set, reclaimed, returned by the client, or recalled by the server. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging renameTrond Myklebust2013-08-22
| | | | | | Add tracepoints to debug renames. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging inode manipulationsTrond Myklebust2013-08-22
| | | | | | | | Set up basic tracepoints for debugging NFSv4 setattr, access, readlink, readdir, get_acl set_acl get_security_label, and set_security_label. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging lookup/create operationsTrond Myklebust2013-08-22
| | | | | | | Set up basic tracepoints for debugging NFSv4 lookup, unlink/remove, symlink, mkdir, mknod, fs_locations and secinfo. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging file lockingTrond Myklebust2013-08-22
| | | | | | Set up basic tracepoints for debugging NFSv4 file lock/unlock Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging file openTrond Myklebust2013-08-22
| | | | | | Set up basic tracepoints for debugging NFSv4 file open/close Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Add tracepoints for debugging state management problemsTrond Myklebust2013-08-22
| | | | | | | Set up basic tracepoints for debugging client id creation/destruction and session creation/destruction. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Add tracepoints for debugging NFS hard linksTrond Myklebust2013-08-22
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Add tracepoints for debugging NFS rename and sillyrename issuesTrond Myklebust2013-08-22
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Add tracepoints for debugging directory changesTrond Myklebust2013-08-22
| | | | | | Add tracepoints for mknod, mkdir, rmdir, remove (unlink) and symlink. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Add tracepoints for debugging generic file create eventsTrond Myklebust2013-08-22
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Add event tracing for generic NFS lookupsTrond Myklebust2013-08-22
| | | | | | Add tracepoints for lookup, lookup_revalidate and atomic_open Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Pass in lookup flags from nfs_atomic_open to nfs_lookupTrond Myklebust2013-08-22
| | | | | | | When doing an open of a directory, ensure that we do pass the lookup flags from nfs_atomic_open into nfs_lookup. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Add event tracing for generic NFS eventsTrond Myklebust2013-08-22
| | | | | | | | | | | Add tracepoints for inode attribute updates, attribute revalidation, writeback start/end fsync start/end, attribute change start/end, permission check start/end. The intention is to enable performance tracing using 'perf'as well as improving debugging. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: refactor code for calculating the crc32 hash of a filehandleTrond Myklebust2013-08-22
| | | | | | | We want to be able to display the crc32 hash of the filehandle in tracepoints. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Clean up nfs_sillyrename()Trond Myklebust2013-08-22
| | | | | | | Optimise for the case where we only do one lookup. Clean up the code so it is obvious that silly[] is not a dynamic array. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Fix an incorrect pointer declaration in decode_first_pnfs_layout_typeTrond Myklebust2013-08-22
| | | | | | | We always encode to __be32 format in XDR: silences a sparse warning. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Andy Adamson <andros@netapp.com>
* NFSv4: Deal with a sparse warning in nfs_idmap_get_key()Trond Myklebust2013-08-22
| | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Bryan Schumaker <bjschuma@netapp.com>
* NFSv4: Deal with some more sparse warningsTrond Myklebust2013-08-22
| | | | | | | | Technically, we don't really need to convert these time stamps, since they are actually cookies. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Chuck Lever <Chuck.Lever@oracle.com>
* NFSv4: Deal with a sparse warning in nfs4_opendata_allocTrond Myklebust2013-08-22
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv3: Deal with a sparse warning in nfs3_proc_createTrond Myklebust2013-08-21
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Remove the NFSv4 "open optimisation" from nfs_permissionTrond Myklebust2013-08-20
| | | | | | | | Ever since commit 6168f62cb (Add ACCESS operation to OPEN compound) the NFSv4 atomic open has primed the access cache, and so nfs_permission will no longer do an RPC call on the wire. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4.1 Use clientid management rpc_clnt for secinfo_no_nameAndy Adamson2013-08-08
| | | | | | | | | | As per RFC 5661 Security Considerations Commit 4edaa308 "NFS: Use "krb5i" to establish NFSv4 state whenever possible" uses the nfs_client cl_rpcclient for all clientid management operations. Signed-off-by: Andy Adamson <andros@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4.1 Use clientid management rpc_clnt for secinfoAndy Adamson2013-08-08
| | | | | | | | | | As per RFC 3530 and RFC 5661 Security Considerations Commit 4edaa308 "NFS: Use "krb5i" to establish NFSv4 state whenever possible" uses the nfs_client cl_rpcclient for all clientid management operations. Signed-off-by: Andy Adamson <andros@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4.1 Increase NFS4_DEF_SLOT_TABLE_SIZEAndy Adamson2013-08-07
| | | | | | | | | | Increase NFS4_DEF_SLOT_TABLE_SIZE which is used as the client ca_maxreequests value in CREATE_SESSION. Current non-dynamic session slot server implementations use the client ca_maxrequests as a maximum slot number: 64 session slots can handle most workloads. Signed-off-by: Andy Adamson <andros@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS Remove unused authflavour parameter from init_clientAndy Adamson2013-08-07
| | | | | Signed-off-by: Andy Adamson <andros@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Never use user credentials for lease renewalChuck Lever2013-08-07
| | | | | | | | | | | | | Never try to use a non-UID 0 user credential for lease management, as that credential can change out from under us. The server will block NFSv4 lease recovery with NFS4ERR_CLID_INUSE. Since the mechanism to acquire a credential for lease management is now the same for all minor versions, replace the minor version- specific callout with a single function. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFS: Use root's credential for lease management when keytab is missingChuck Lever2013-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 05f4c350 "NFS: Discover NFSv4 server trunking when mounting" Fri Sep 14 17:24:32 2012 introduced Uniform Client String support, which forces our NFS client to establish a client ID immediately during a mount operation rather than waiting until a user wants to open a file. Normally machine credentials (eg. from a keytab) are used to perform a mount operation that is protected by Kerberos. Before 05fc350, SETCLIENTID used a machine credential, or fell back to a regular user's credential if no keytab is available. On clients that don't have a keytab, performing SETCLIENTID early means there's no user credential to fall back on, since no regular user has kinit'd yet. 05f4c350 seems to have broken the ability to mount with sec=krb5 on clients that don't have a keytab in kernels 3.7 - 3.10. To address this regression, commit 4edaa308 (NFS: Use "krb5i" to establish NFSv4 state whenever possible), Sat Mar 16 15:56:20 2013, was merged in 3.10. This commit forces the NFS client to fall back to AUTH_SYS for lease management operations if no keytab is available. Neil Brown noticed that, since root is required to kinit to do a sec=krb5 mount when a client doesn't have a keytab, we can try to use root's Kerberos credential before AUTH_SYS. Now, when determining a principal and flavor to use for lease management, the NFS client tries in this order: 1. Flavor: AUTH_GSS, krb5i Principal: service principal (via keytab) 2. Flavor: AUTH_GSS, krb5i Principal: user principal established for UID 0 (via kinit) 3. Flavor: AUTH_SYS Principal: UID 0 / GID 0 Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Refuse mount attempts with proto=udpTrond Myklebust2013-08-07
| | | | | | RFC3530 disallows the use of udp as a transport protocol for NFSv4. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* nfs: verify open flags before allowing an atomic openJeff Layton2013-08-07
| | | | | | | | | | Currently, you can open a NFSv4 file with O_APPEND|O_DIRECT, but cannot fcntl(F_SETFL,...) with those flags. This flag combination is explicitly forbidden on NFSv3 opens, and it seems like it should also be on NFSv4. Reported-by: Chao Ye <cye@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Fix nfs4_init_uniform_client_string for net namespacesTrond Myklebust2013-07-24
| | | | | | | | | | | | | | | | Commit 6f2ea7f2a (NFS: Add nfs4_unique_id boot parameter) introduces a boot parameter that allows client administrators to set a string identifier for use by the EXCHANGE_ID and SETCLIENTID arguments in order to make them more globally unique. Unfortunately, that uniquifier is no longer globally unique in the presence of net namespaces, since each container expects to be able to set up their own lease when mounting a new NFSv4/4.1 partition. The fix is to add back in the container-specific hostname in addition to the unique id. Cc: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>