20 Jan, 2021
1 commit
-
commit 078000d02d57f02dde61de4901f289672e98c8bc upstream.
If the inode is being evicted, it should be safe to run return-on-close,
so we should do it to ensure we don't inadvertently leak layout segments.Fixes: 1c5bd76d17cc ("pNFS: Enable layoutreturn operation for return-on-close")
Signed-off-by: Trond Myklebust
Signed-off-by: Greg Kroah-Hartman
06 Jan, 2021
1 commit
-
[ Upstream commit b6d49ecd1081740b6e632366428b960461f8158b ]
When returning the layout in nfs4_evict_inode(), we need to ensure that
the layout is actually done being freed before we can proceed to free the
inode itself.Signed-off-by: Trond Myklebust
Signed-off-by: Sasha Levin
12 Aug, 2020
1 commit
-
The current mirrored read failover code is correctly resetting the mirror
index between failed reads, however it is not able to actually flip the
RPC call over to the next RPC client.
The end result is that we keep resending the RPC call to the same client
over and over.The fix is to use the pnfs_read_resend_pnfs() mechanism to schedule a
new RPC call, but we need to add the ability to pass in a mirror
index so that we always retry the next mirror in the list.Fixes: 166bd5b889ac ("pNFS/flexfiles: Fix layoutstats handling during read failovers")
Signed-off-by: Trond Myklebust
28 Mar, 2020
7 commits
-
When starting to read or write with a layout segment, check that the
range matches our request.Signed-off-by: Trond Myklebust
-
Move the pNFS commit related operations into a separate structure
that can be carried by the pnfs_ds_commit_info.Signed-off-by: Trond Myklebust
-
Lift filelayout_search_commit_reqs() into the generic pnfs/nfs code,
and add support for commit arrays.Signed-off-by: Trond Myklebust
-
Enable adding and lookup of per-layout segment commits in filelayout
and flexfilelayout.Signed-off-by: Trond Myklebust
-
Ensure that both the file and flexfiles layout types clean up when
freeing the layout segments.Signed-off-by: Trond Myklebust
-
Add a pNFS callback to allow the O_DIRECT code to release the DS
commitinfo when freeing the dreq.Signed-off-by: Trond Myklebust
-
When we have multiple layout segments with different lists of mirrored
data, we need to track the commits on a per layout segment basis.
This patch adds a list to support this tracking in struct
pnfs_ds_commit_info.Signed-off-by: Trond Myklebust
26 Mar, 2020
1 commit
-
Signed-off-by: Trond Myklebust
16 Mar, 2020
3 commits
-
When we receive a CB_RECALL_ANY that asks us to return flexfiles
layouts, we iterate through all the layouts and look at whether or
not there are active open file descriptors that might need them
for I/O. If there are no such descriptors, we return the layouts.Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
If the cred assigned to the layout that we're updating differs from
the one used to retrieve the new layout segment, then we need to
update the layout plh_lc_cred field.Signed-off-by: Trond Myklebust
15 Jan, 2020
1 commit
-
If the attempt to do pNFS fails, then record what action we
take to recover (resend, reset to pnfs or reset to mds).Signed-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker
21 Sep, 2019
2 commits
-
If a LAYOUTRETURN receives a reply of NFS4ERR_OLD_STATEID then assume we've
missed an update, and just bump the stateid.Signed-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker -
Both close and delegreturn have identical code to handle pNFS
return-on-close. This patch refactors that code and places it
in pnfs.cSigned-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker
26 Apr, 2019
1 commit
-
Add a helper for when we remove the explicit pointer to the open
context.Signed-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker
02 Mar, 2019
1 commit
-
If we notice that a DS may be down, we should attempt to read from the
other mirrors first before we go back to retry the dead DS.Signed-off-by: Trond Myklebust
24 Feb, 2019
1 commit
-
If a bulk layout recall or a metadata server reboot coincides with a
umount, then holding a reference to an inode is unsafe unless we
also hold a reference to the super block.Fixes: fd9a8d7160937 ("NFSv4.1: Fix bulk recall and destroy of layouts")
Signed-off-by: Trond Myklebust
20 Dec, 2018
1 commit
-
SUNRPC has two sorts of credentials, both of which appear as
"struct rpc_cred".
There are "generic credentials" which are supplied by clients
such as NFS and passed in 'struct rpc_message' to indicate
which user should be used to authorize the request, and there
are low-level credentials such as AUTH_NULL, AUTH_UNIX, AUTH_GSS
which describe the credential to be sent over the wires.This patch replaces all the generic credentials by 'struct cred'
pointers - the credential structure used throughout Linux.For machine credentials, there is a special 'struct cred *' pointer
which is statically allocated and recognized where needed as
having a special meaning. A look-up of a low-level cred will
map this to a machine credential.Signed-off-by: NeilBrown
Acked-by: J. Bruce Fields
Signed-off-by: Anna Schumaker
01 Oct, 2018
1 commit
-
For the 'files' and 'flexfiles' layout types, we do not expect the reply
to be any larger than 4k. The block and scsi layout types are a little more
greedy, so we keep allocating the maximum response size for now.Signed-off-by: Trond Myklebust
17 Aug, 2018
1 commit
-
When we update the layout stateid in nfs4_layoutreturn_refresh_stateid, we
should also update the range in order to let the server know we're actually
returning everything.Fixes: 16c278dbfa63 ("pnfs: Fix handling of NFS4ERR_OLD_STATEID replies...")
Signed-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker
09 Aug, 2018
1 commit
-
If the server tells us that out layoutreturn raced with another layout
update, then we must ensure that the new layout segments are not in use
before we resend with an updated layout stateid.Signed-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker
19 Jun, 2018
1 commit
-
If the layout was invalidated due to a reboot, then don't try to send
a layoutreturn for it.Signed-off-by: Trond Myklebust
01 Jun, 2018
5 commits
-
The flag was not always being cleared after LAYOUTGET on OPEN.
Signed-off-by: Fred Isaman
Signed-off-by: Trond Myklebust -
Move the actual freeing of the struct nfs4_layoutget into fs/nfs/pnfs.c
where it can be reused by the layoutget on open code.Signed-off-by: Trond Myklebust
-
This triggers when have no pre-existing inode to attach to.
The preexisting case is saved for later.Signed-off-by: Fred Isaman
Signed-off-by: Trond Myklebust -
They work better in the new alloc_init function.
Signed-off-by: Fred Isaman
Signed-off-by: Trond Myklebust -
Driver can set flag to allow LAYOUTGET to be sent with OPEN.
Signed-off-by: Fred Isaman
Signed-off-by: Trond Myklebust
15 Jan, 2018
2 commits
-
PNFS block/SCSI layouts should gracefully handle cases where block devices
are not available when a layout is retrieved, or the block devices are
removed while the client holds a layout.While setting up a layout segment, keep a record of an unavailable or
un-parsable block device in cache with a flag so that subsequent layouts do
not spam the server with GETDEVINFO. We can reuse the current
NFS_DEVICEID_UNAVAILABLE handling with one variation: instead of reusing
the device, we will discard it and send a fresh GETDEVINFO after the
timeout, since the lookup and validation of the device occurs within the
GETDEVINFO response handling.A lookup of a layout segment that references an unavailable device will
return a segment with the NFS_LSEG_UNAVAILABLE flag set. This will allow
the pgio layer to mark the layout with the appropriate fail bit, which
forces subsequent IO to the MDS, and prevents spamming the server with
LAYOUTGET, LAYOUTRETURN.Finally, when IO to a block device fails, look up the block device(s)
referenced by the pgio header, and mark them as unavailable.Signed-off-by: Benjamin Coddington
Signed-off-by: Trond Myklebust -
If there's an error doing I/O to block device, and the client resends the
I/O to the MDS, the MDS must recall the layout from the client before
processing the I/O. Let's preempt that exchange by returning the layout
before falling back to the MDS when there's an error.Signed-off-by: Benjamin Coddington
Signed-off-by: Trond Myklebust
18 Nov, 2017
4 commits
-
If our layoutreturn on close operation returns an NFS4ERR_OLD_STATEID,
then try to update the stateid and retry. We know that there should
be no further LAYOUTGET requests being launched.Signed-off-by: Trond Myklebust
Signed-off-by: Anna Schumaker -
atomic_t variables are currently used to implement reference
counters with the following properties:
- counter is initialized to 1 using atomic_set()
- a resource is freed upon counter reaching zero
- once counter reaches zero, its further
increments aren't allowed
- counter schema uses basic atomic operations
(set, inc, inc_not_zero, dec_and_test, etc.)Such atomic variables should be converted to a newly provided
refcount_t type and API that prevents accidental counter overflows
and underflows. This is important since overflows and underflows
can lead to use-after-free situation and be exploitable.The variable pnfs_layout_hdr.plh_refcount is used as pure reference counter.
Convert it to refcount_t and fix up the operations.Suggested-by: Kees Cook
Reviewed-by: David Windsor
Reviewed-by: Hans Liljestrand
Signed-off-by: Elena Reshetova
Signed-off-by: Anna Schumaker -
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.Signed-off-by: Elena Reshetova
Signed-off-by: Hans Liljestrand
Signed-off-by: Kees Cook
Signed-off-by: David Windsor
Signed-off-by: Anna Schumaker -
atomic_t variables are currently used to implement reference
counters with the following properties:
- counter is initialized to 1 using atomic_set()
- a resource is freed upon counter reaching zero
- once counter reaches zero, its further
increments aren't allowed
- counter schema uses basic atomic operations
(set, inc, inc_not_zero, dec_and_test, etc.)Such atomic variables should be converted to a newly provided
refcount_t type and API that prevents accidental counter overflows
and underflows. This is important since overflows and underflows
can lead to use-after-free situation and be exploitable.The variable nfs4_pnfs_ds.ds_count is used as pure reference counter.
Convert it to refcount_t and fix up the operations.Suggested-by: Kees Cook
Reviewed-by: David Windsor
Reviewed-by: Hans Liljestrand
Signed-off-by: Elena Reshetova
Signed-off-by: Anna Schumaker
15 Aug, 2017
1 commit
-
Now that we no longer hold the inode->i_lock when manipulating the
commit lists, it is safe to call pnfs_put_lseg() again.Signed-off-by: Trond Myklebust
24 May, 2017
1 commit
-
It's possible and acceptable for NFS to attempt to add requests beyond the
range of the current pgio->pg_lseg, a case which should be caught and
limited by the pg_test operation. However, the current handling of this
case replaces pgio->pg_lseg with a new layout segment (after a WARN) within
that pg_test operation. That will cause all the previously added requests
to be submitted with this new layout segment, which may not be valid for
those requests.Fix this problem by only returning zero for the number of bytes to coalesce
from pg_test for this case which allows any previously added requests to
complete on the current layout segment. The check for requests starting
out of range of the layout segment moves to pg_init, so that the
replacement of pgio->pg_lseg will be done when the next request is added.Signed-off-by: Benjamin Coddington
Signed-off-by: Trond Myklebust
25 Apr, 2017
1 commit
-
If we have a layout segment cached in pgio->pg_lseg, we should check it
for validity before reusing it in a new RPC request. Otherwise, if we
recoalesce, we can end up looping forever.Signed-off-by: Trond Myklebust
21 Apr, 2017
1 commit
-
encode_layoutreturn and encode_layoutcommit are now unused. Let's
remove them.Signed-off-by: Trond Myklebust