04 Feb, 2009
1 commit
-
Fix sunrpc/rdma build dependencies.
Survives 12 build combinations of INET, IPV6, SUNRPC,
INFINIBAND, and INFINIBAND_ADDR_TRANS.ERROR: "rdma_destroy_id" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_connect" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_destroy_qp" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_create_id" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_create_qp" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_resolve_route" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_disconnect" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_resolve_addr" [net/sunrpc/xprtrdma/xprtrdma.ko] undefined!
ERROR: "rdma_accept" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!
ERROR: "rdma_destroy_id" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!
ERROR: "rdma_listen" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!
ERROR: "rdma_create_id" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!
ERROR: "rdma_create_qp" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!
ERROR: "rdma_bind_addr" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!
ERROR: "rdma_disconnect" [net/sunrpc/xprtrdma/svcrdma.ko] undefined!Signed-off-by: Randy Dunlap
Signed-off-by: David S. Miller
28 Jan, 2009
1 commit
-
We forgot to update this when adding server-side support.
Signed-off-by: J. Bruce Fields
22 Jan, 2009
1 commit
-
Signed-off-by: Alexey Dobriyan
08 Jan, 2009
3 commits
-
Signed-off-by: Trond Myklebust
Signed-off-by: J. Bruce Fields -
A race between svc_revisit and svc_delete_xprt can result in
deferred requests holding references on a transport that can never be
recovered because dead transports are not enqueued for subsequent
processing.Check for XPT_DEAD in revisit to clean up completing deferrals on a dead
transport and sweep a transport's deferred queue to do the same for queued
but unprocessed deferrals.Signed-off-by: Tom Tucker
Signed-off-by: J. Bruce Fields -
The rqstp structure has a pointer to a svc_deferred_req record
that is allocated when requests are deferred. This record is common
to all transports and can be freed in common code.Move the kfree of the rq_deferred to the common svc_xprt_release
function.This also fixes a memory leak in the RDMA transport which does not
kfree the dr structure in it's version of the xpo_release_rqst callback.Signed-off-by: Tom Tucker
Signed-off-by: J. Bruce Fields
07 Jan, 2009
2 commits
-
We want to ensure that connected sockets close down the connection when we
set XPT_CLOSE, so that we don't keep it hanging while cleaning up all the
stuff that is keeping a reference to the socket.Signed-off-by: Trond Myklebust
Signed-off-by: J. Bruce Fields -
svc_check_conn_limits() attempts to prevent denial of service attacks
by having the service close old connections once it reaches a
threshold. This threshold is based on the number of threads in the
service:(serv->sv_nrthreads + 3) * 20
Once we reach this, we drop the oldest connections and a printk pops
to warn the admin that they should increase the number of threads.Increasing the number of threads isn't an option however for services
like lockd. We don't want to eliminate this check entirely for such
services but we need some way to increase this limit.This patch adds a sv_maxconn field to the svc_serv struct. When it's
set to 0, we use the current method to calculate the max number of
connections. RPC services can then set this on an as-needed basis.Signed-off-by: Jeff Layton
Acked-by: Neil Brown
Signed-off-by: J. Bruce Fields
06 Jan, 2009
1 commit
-
... and don't bother in callers. Don't bother with zeroing i_blocks,
while we are at it - it's already been zeroed.i_mode is not worth the effort; it has no common default value.
Signed-off-by: Al Viro
31 Dec, 2008
1 commit
29 Dec, 2008
1 commit
-
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1429 commits)
net: Allow dependancies of FDDI & Tokenring to be modular.
igb: Fix build warning when DCA is disabled.
net: Fix warning fallout from recent NAPI interface changes.
gro: Fix potential use after free
sfc: If AN is enabled, always read speed/duplex from the AN advertising bits
sfc: When disabling the NIC, close the device rather than unregistering it
sfc: SFT9001: Add cable diagnostics
sfc: Add support for multiple PHY self-tests
sfc: Merge top-level functions for self-tests
sfc: Clean up PHY mode management in loopback self-test
sfc: Fix unreliable link detection in some loopback modes
sfc: Generate unique names for per-NIC workqueues
802.3ad: use standard ethhdr instead of ad_header
802.3ad: generalize out mac address initializer
802.3ad: initialize ports LACPDU from const initializer
802.3ad: remove typedef around ad_system
802.3ad: turn ports is_individual into a bool
802.3ad: turn ports is_enabled into a bool
802.3ad: make ntt bool
ixgbe: Fix set_ringparam in ixgbe to use the same memory pools.
...Fixed trivial IPv4/6 address printing conflicts in fs/cifs/connect.c due
to the conversion to %pI (in this networking merge) and the addition of
doing IPv6 addresses (from the earlier merge of CIFS).
24 Dec, 2008
20 commits
-
This patch extends the new upcall with a "service" field that currently
can have 2 values: "*" or "nfs". These values specify matching rules for
principals in the keytab file. The "*" means that gssd is allowed to use
"root", "nfs", or "host" keytab entries while the other option requires
"nfs".Restricting gssd to use the "nfs" principal is needed for when the
server performs a callback to the client. The server in this case has
to authenticate itself as an "nfs" principal.We also need "service" field to distiguish between two client-side cases
both currently using a uid of 0: the case of regular file access by the
root user, and the case of state-management calls (such as setclientid)
which should use a keytab for authentication. (And the upcall should
fail if an appropriate principal can't be found.)Signed-off: Olga Kornievskaia
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
This patch extends the new upcall by adding a "target" field
communicating who we want to authenticate to (equivalently, the service
principal that we want to acquire a ticket for).Signed-off: Olga Kornievskaia
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
This patch adds server-side support for callbacks other than AUTH_SYS.
Signed-off-by: Olga Kornievskaia
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
This patch adds client-side support to allow for callbacks other than
AUTH_SYS.Signed-off-by: Olga Kornievskaia
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
The rpc client needs to know the principal that the setclientid was done
as, so it can tell gssd who to authenticate to.Signed-off-by: Olga Kornievskaia
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Two principals are involved in krb5 authentication: the target, who we
authenticate *to* (normally the name of the server, like
nfs/server.citi.umich.edu@CITI.UMICH.EDU), and the source, we we
authenticate *as* (normally a user, like bfields@UMICH.EDU)In the case of NFSv4 callbacks, the target of the callback should be the
source of the client's setclientid call, and the source should be the
nfs server's own principal.Therefore we allow svcgssd to pass down the name of the principal that
just authenticated, so that on setclientid we can store that principal
name with the new client, to be used later on callbacks.Signed-off-by: Olga Kornievskaia
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Implement the new upcall. We decide which version of the upcall gssd
will use (new or old), by creating both pipes (the new one named "gssd",
the old one named after the mechanism (e.g., "krb5")), and then waiting
to see which version gssd actually opens.We don't permit pipes of the two different types to be opened at once.
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Keep a pointer to the inode that the message is queued on in the struct
gss_upcall_msg. This will be convenient, especially after we have a
choice of two pipes that an upcall could be queued on.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Introduce a global variable pipe_version which will eventually be used
to keep track of which version of the upcall gssd is using.For now, though, it only keeps track of whether any pipe is open or not;
it is negative if not, zero if one is opened. We use this to wait for
the first gssd to open a pipe.(Minor digression: note this waits only for the very first open of any
pipe, not for the first open of a pipe for a given auth; thus we still
need the RPC_PIPE_WAIT_FOR_OPEN behavior to wait for gssd to open new
pipes that pop up on subsequent mounts.)Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Keep a count of the number of pipes open plus the number of messages on
a pipe. This count isn't used yet.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
I can't see any reason we need to call this until either the kernel or
the last gssd closes the pipe.Also, this allows to guarantee that open_pipe and release_pipe are
called strictly in pairs; open_pipe on gssd's first open, release_pipe
on gssd's last close (or on the close of the kernel side of the pipe, if
that comes first).That will make it very easy for the gss code to keep track of which
pipes gssd is using.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
We want to transition to a new gssd upcall which is text-based and more
easily extensible.To simplify upgrades, as well as testing and debugging, it will help if
we can upgrade gssd (to a version which understands the new upcall)
without having to choose at boot (or module-load) time whether we want
the new or the old upcall.We will do this by providing two different pipes: one named, as
currently, after the mechanism (normally "krb5"), and supporting the
old upcall. One named "gssd" and supporting the new upcall version.We allow gssd to indicate which version it supports by its choice of
which pipe to open.As we have no interest in supporting *simultaneous* use of both
versions, we'll forbid opening both pipes at the same time.So, add a new pipe_open callback to the rpc_pipefs api, which the gss
code can use to track which pipes have been open, and to refuse opens of
incompatible pipes.We only need this to be called on the first open of a given pipe.
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
I want to add a little more code here, so it'll be convenient to have
this flatter.Also, I'll want to add another error condition, so it'll be more
convenient to return -ENOMEM than NULL in the error case. The only
caller is already converting NULL to -ENOMEM anyway.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
We'll want to call this from elsewhere soon. And this is a bit nicer
anyway.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
We're just about to kfree() gss_auth, so there's no point to setting any
of its fields.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
There's a bit of a chicken and egg problem when it comes to destroying
auth_gss credentials. When we destroy the last instance of a GSSAPI RPC
credential, we should send a NULL RPC call with a GSS procedure of
RPCSEC_GSS_DESTROY to hint to the server that it can destroy those
creds.This isn't happening because we're setting clearing the uptodate bit on
the credentials and then setting the operations to the gss_nullops. When
we go to do the RPC call, we try to refresh the creds. That fails with
-EACCES and the call fails.Fix this by not clearing the UPTODATE bit for the credentials and adding
a new crdestroy op for gss_nullops that just tears down the cred without
trying to destroy the context.The only difference between this patch and the first one is the removal
of some minor formatting deltas.Signed-off-by: Jeff Layton
Signed-off-by: Trond Myklebust -
Hi.
I've been looking at a bugzilla which describes a problem where
a customer was advised to use either the "noac" or "actimeo=0"
mount options to solve a consistency problem that they were
seeing in the file attributes. It turned out that this solution
did not work reliably for them because sometimes, the local
attribute cache was believed to be valid and not timed out.
(With an attribute cache timeout of 0, the cache should always
appear to be timed out.)In looking at this situation, it appears to me that the problem
is that the attribute cache timeout code has an off-by-one
error in it. It is assuming that the cache is valid in the
region, [read_cache_jiffies, read_cache_jiffies + attrtimeo]. The
cache should be considered valid only in the region,
[read_cache_jiffies, read_cache_jiffies + attrtimeo). With this
change, the options, "noac" and "actimeo=0", work as originally
expected.This problem was previously addressed by special casing the
attrtimeo == 0 case. However, since the problem is only an off-
by-one error, the cleaner solution is address the off-by-one
error and thus, not require the special case.Thanx...
ps
Signed-off-by: Peter Staubach
Signed-off-by: Trond Myklebust -
Signed-off-by: Trond Myklebust
-
We've never considered the sunrpc code as part of any ABI to be used by
out-of-tree modules.Signed-off-by: Trond Myklebust
-
Somehow, this escaped the previous purge. There should be no need to keep
any extra locks in the XDR callbacks.The NFS client XDR code only writes into private objects, whereas all reads
of shared objects are confined to fields that do not change, such as
filehandles...Ditto for lockd, the NFSv2/v3 client mount code, and rpcbind.
The nfsd XDR code may require the BKL, but since it does a synchronous RPC
call from a thread that already holds the lock, that issue is moot.Signed-off-by: Trond Myklebust
16 Dec, 2008
1 commit
-
Conflicts:
drivers/net/e1000e/ich8lan.c
15 Dec, 2008
1 commit
-
Signed-off-by: Ilpo Järvinen
Signed-off-by: David S. Miller
11 Dec, 2008
1 commit
-
Sparse asked whether these could be static.
Signed-off-by: Roel Kluin
Signed-off-by: David S. Miller
04 Dec, 2008
2 commits
-
Conflicts:
fs/nfsd/nfs4recover.cManually fixed above to use new creds API functions, e.g.
nfs4_save_creds().Signed-off-by: James Morris
-
* 'for-2.6.28' of git://linux-nfs.org/~bfields/linux:
NLM: client-side nlm_lookup_host() should avoid matching on srcaddr
nfsd: use of unitialized list head on error exit in nfs4recover.c
Add a reference to sunrpc in svc_addsock
nfsd: clean up grace period on early exit
26 Nov, 2008
2 commits
-
fix this warning:
net/sunrpc/xprtrdma/verbs.c: In function ‘rpcrdma_conn_upcall’:
net/sunrpc/xprtrdma/verbs.c:279: warning: unused variable ‘addr’Signed-off-by: Ingo Molnar
Signed-off-by: David S. Miller -
this warning:
net/sunrpc/xprtrdma/svc_rdma_transport.c: In function ‘svc_rdma_accept’:
net/sunrpc/xprtrdma/svc_rdma_transport.c:830: warning: ‘dma_mr_acc’ may be used uninitialized in this functiontriggers because GCC does not recognize the (correct) flow connection
between need_dma_mr and dma_mr_acc.Annotate it.
Signed-off-by: Ingo Molnar
Signed-off-by: David S. Miller
25 Nov, 2008
1 commit
-
The svc_addsock function adds transport instances without taking a
reference on the sunrpc.ko module, however, the generic transport
destruction code drops a reference when a transport instance
is destroyed.Add a try_module_get call to the svc_addsock function for transport
instances added by this function.Signed-off-by: Tom Tucker
Signed-off-by: J. Bruce Fields
Tested-by: Jeff Moyer
21 Nov, 2008
1 commit
-
Conflicts:
drivers/net/ixgbe/ixgbe_main.c
include/net/mac80211.h
net/phonet/af_phonet.c