15 Dec, 2015
2 commits
-
commit 34ed9872e745fa56f10e9bef2cf3d2336c6c8816 upstream.
We've observed the nfsd server in a state where there are
multiple delegations on the same nfs4_file for the same client.
The nfs client does attempt to DELEGRETURN these when they are presented to
it - but apparently under some (unknown) circumstances the client does not
manage to return all of them. This leads to the eventual
attempt to CB_RECALL more than one delegation with the same nfs
filehandle to the same client. The first recall will succeed, but the
next recall will fail with NFS4ERR_BADHANDLE. This leads to the server
having delegations on cl_revoked that the client has no way to FREE
or DELEGRETURN, with resulting inability to recover. The state manager
on the server will continually assert SEQ4_STATUS_RECALLABLE_STATE_REVOKED,
and the state manager on the client will be looping unable to satisfy
the server.List discussion also reports a race between OPEN and DELEGRETURN that
will be avoided by only sending the delegation once to the
client. This is also logically in accordance with RFC5561 9.1.1 and 10.2.So, let's:
1.) Not hand out duplicate delegations.
2.) Only send them to the client once.RFC 5561:
9.1.1:
"Delegations and layouts, on the other hand, are not associated with a
specific owner but are associated with the client as a whole
(identified by a client ID)."10.2:
"...the stateid for a delegation is associated with a client ID and may be
used on behalf of all the open-owners for the given client. A
delegation is made to the client as a whole and not to any specific
process or thread of control within it."Reported-by: Eric Meddaugh
Cc: Trond Myklebust
Cc: Olga Kornievskaia
Signed-off-by: Andrew Elble
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman -
commit 35a92fe8770ce54c5eb275cd76128645bea2d200 upstream.
Andrew was seeing a race occur when an OPEN and OPEN_DOWNGRADE were
running in parallel. The server would receive the OPEN_DOWNGRADE first
and check its seqid, but then an OPEN would race in and bump it. The
OPEN_DOWNGRADE would then complete and bump the seqid again. The result
was that the OPEN_DOWNGRADE would be applied after the OPEN, even though
it should have been rejected since the seqid changed.The only recourse we have here I think is to serialize operations that
bump the seqid in a stateid, particularly when we're given a seqid in
the call. To address this, we add a new rw_semaphore to the
nfs4_ol_stateid struct. We do a down_write prior to checking the seqid
after looking up the stateid to ensure that nothing else is going to
bump it while we're operating on it.In the case of OPEN, we do a down_read, as the call doesn't contain a
seqid. Those can run in parallel -- we just need to serialize them when
there is a concurrent OPEN_DOWNGRADE or CLOSE.LOCK and LOCKU however always take the write lock as there is no
opportunity for parallelizing those.Reported-and-Tested-by: Andrew W Elble
Signed-off-by: Jeff Layton
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman
27 Oct, 2015
1 commit
-
commit 8c3ad9cb7343dc5f61b8cf3cdbe1016c5e7c2c8b upstream.
Recent Linux clients have started to send GETLAYOUT requests with
minlength less than blocksize.Servers aren't really allowed to impose this kind of restriction on
layouts; see RFC 5661 section 18.43.3 for details.This has been observed to cause indefinite hangs on fsx runs on some
clients.Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman
30 Sep, 2015
3 commits
-
commit 3fcbbd244ed1d20dc0eb7d48d729503992fa9b7d upstream.
It's possible that a DELEGRETURN could race with (e.g.) client expiry,
in which case we could end up putting the delegation hash reference more
than once.Have unhash_delegation_locked return a bool that indicates whether it
was already unhashed. In the case of destroy_delegation we only
conditionally put the hash reference if that returns true.The other callers of unhash_delegation_locked call it while walking
list_heads that shouldn't yet be detached. If we find that it doesn't
return true in those cases, then throw a WARN_ON as that indicates that
we have a partially hashed delegation, and that something is likely very
wrong.Tested-by: Andrew W Elble
Tested-by: Anna Schumaker
Signed-off-by: Jeff Layton
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman -
commit e85687393f3ee0a77ccca016f903d1558bb69258 upstream.
When an open or lock stateid is hashed, we take an extra reference to
it. When we unhash it, we drop that reference. The code however does
not properly account for the case where we have two callers concurrently
trying to unhash the stateid. This can lead to list corruption and the
hash reference being put more than once.Fix this by having unhash_ol_stateid use list_del_init on the st_perfile
list_head, and then testing to see if that list_head is empty before
releasing the hash reference. This means that some of the unhashing
wrappers now become bool return functions so we can test to see whether
the stateid was unhashed before we put the reference.Reported-by: Andrew W Elble
Tested-by: Andrew W Elble
Reported-by: Anna Schumaker
Tested-by: Anna Schumaker
Signed-off-by: Jeff Layton
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman -
commit 6896f15aabde505b35888039af93d1d182a0108a upstream.
Currently we'll respond correctly to a request for either
FS_LAYOUT_TYPES or LAYOUT_TYPES, but not to a request for both
attributes simultaneously.Signed-off-by: Kinglong Mee
Reviewed-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman
17 Aug, 2015
3 commits
-
commit 8fcd461db7c09337b6d2e22d25eb411123f379e3 upstream.
Currently, preprocess_stateid_op calls nfs4_check_olstateid which
verifies that the open stateid corresponds to the current filehandle in the
call by calling nfs4_check_fh.If the stateid is a NFS4_DELEG_STID however, then no such check is done.
This could cause incorrect enforcement of permissions, because the
nfsd_permission() call in nfs4_check_file uses current the current
filehandle, but any subsequent IO operation will use the file descriptor
in the stateid.Move the call to nfs4_check_fh into nfs4_check_file instead so that it
can be done for all stateid types.Signed-off-by: Jeff Layton
[bfields: moved fh check to avoid NULL deref in special stateid case]
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman -
commit a0649b2d3fffb1cde8745568c767f3a55a3462bc upstream.
Split out two self contained helpers to make the function more readable.
Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields
Cc: Jeff Layton
Signed-off-by: Greg Kroah-Hartman -
commit c2227a39a078473115910512aa0f8d53bd915e60 upstream.
On an absent filesystem (one served by another server), we need to be
able to handle requests for certain attributest (like fs_locations, so
the client can find out which server does have the filesystem), but
others we can't.We forgot to take that into account when adding another attribute
bitmask work for the SECURITY_LABEL attribute.There an export entry with the "refer" option can result in:
[ 88.414272] kernel BUG at fs/nfsd/nfs4xdr.c:2249!
[ 88.414828] invalid opcode: 0000 [#1] SMP
[ 88.415368] Modules linked in: rpcsec_gss_krb5 nfsv4 dns_resolver nfs fscache nfsd xfs libcrc32c iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi iosf_mbi ppdev btrfs coretemp crct10dif_pclmul crc32_pclmul crc32c_intel xor ghash_clmulni_intel raid6_pq vmw_balloon parport_pc parport i2c_piix4 shpchp vmw_vmci acpi_cpufreq auth_rpcgss nfs_acl lockd grace sunrpc vmwgfx drm_kms_helper ttm drm mptspi mptscsih serio_raw mptbase e1000 scsi_transport_spi ata_generic pata_acpi [last unloaded: nfsd]
[ 88.417827] CPU: 0 PID: 2116 Comm: nfsd Not tainted 4.0.7-300.fc22.x86_64 #1
[ 88.418448] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/20/2014
[ 88.419093] task: ffff880079146d50 ti: ffff8800785d8000 task.ti: ffff8800785d8000
[ 88.419729] RIP: 0010:[] [] nfsd4_encode_fattr+0x820/0x1f00 [nfsd]
[ 88.420376] RSP: 0000:ffff8800785db998 EFLAGS: 00010206
[ 88.421027] RAX: 0000000000000001 RBX: 000000000018091a RCX: ffff88006668b980
[ 88.421676] RDX: 00000000fffef7fc RSI: 0000000000000000 RDI: ffff880078d05000
[ 88.422315] RBP: ffff8800785dbb58 R08: ffff880078d043f8 R09: ffff880078d4a000
[ 88.422968] R10: 0000000000010000 R11: 0000000000000002 R12: 0000000000b0a23a
[ 88.423612] R13: ffff880078d05000 R14: ffff880078683100 R15: ffff88006668b980
[ 88.424295] FS: 0000000000000000(0000) GS:ffff88007c600000(0000) knlGS:0000000000000000
[ 88.424944] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 88.425597] CR2: 00007f40bc370f90 CR3: 0000000035af5000 CR4: 00000000001407f0
[ 88.426285] Stack:
[ 88.426921] ffff8800785dbaa8 ffffffffa049e4af ffff8800785dba08 ffffffff813298f0
[ 88.427585] ffff880078683300 ffff8800769b0de8 0000089d00000001 0000000087f805e0
[ 88.428228] ffff880000000000 ffff880079434a00 0000000000000000 ffff88006668b980
[ 88.428877] Call Trace:
[ 88.429527] [] ? exp_get_by_name+0x7f/0xb0 [nfsd]
[ 88.430168] [] ? inode_doinit_with_dentry+0x210/0x6a0
[ 88.430807] [] ? d_lookup+0x2e/0x60
[ 88.431449] [] ? dput+0x33/0x230
[ 88.432097] [] ? mntput+0x24/0x40
[ 88.432719] [] ? path_put+0x22/0x30
[ 88.433340] [] ? nfsd_cross_mnt+0xb7/0x1c0 [nfsd]
[ 88.433954] [] nfsd4_encode_dirent+0x1b0/0x3d0 [nfsd]
[ 88.434601] [] ? nfsd4_encode_getattr+0x40/0x40 [nfsd]
[ 88.435172] [] nfsd_readdir+0x1c1/0x2a0 [nfsd]
[ 88.435710] [] ? nfsd_direct_splice_actor+0x20/0x20 [nfsd]
[ 88.436447] [] nfsd4_encode_readdir+0x120/0x220 [nfsd]
[ 88.437011] [] nfsd4_encode_operation+0x7d/0x190 [nfsd]
[ 88.437566] [] nfsd4_proc_compound+0x24d/0x6f0 [nfsd]
[ 88.438157] [] nfsd_dispatch+0xc3/0x220 [nfsd]
[ 88.438680] [] svc_process_common+0x43b/0x690 [sunrpc]
[ 88.439192] [] svc_process+0x103/0x1b0 [sunrpc]
[ 88.439694] [] nfsd+0x117/0x190 [nfsd]
[ 88.440194] [] ? nfsd_destroy+0x90/0x90 [nfsd]
[ 88.440697] [] kthread+0xd8/0xf0
[ 88.441260] [] ? kthread_worker_fn+0x180/0x180
[ 88.441762] [] ret_from_fork+0x58/0x90
[ 88.442322] [] ? kthread_worker_fn+0x180/0x180
[ 88.442879] Code: 0f 84 93 05 00 00 83 f8 ea c7 85 a0 fe ff ff 00 00 27 30 0f 84 ba fe ff ff 85 c0 0f 85 a5 fe ff ff e9 e3 f9 ff ff 0f 1f 44 00 00 0b 66 0f 1f 44 00 00 be 04 00 00 00 4c 89 ef 4c 89 8d 68 fe
[ 88.444052] RIP [] nfsd4_encode_fattr+0x820/0x1f00 [nfsd]
[ 88.444658] RSP
[ 88.445232] ---[ end trace 6cb9d0487d94a29f ]---Signed-off-by: Kinglong Mee
Signed-off-by: J. Bruce Fields
Signed-off-by: Greg Kroah-Hartman
05 May, 2015
6 commits
-
With sessions in v4.1 or later we don't need to manually probe the backchannel
connection, so we can declare it up instantly after setting up the RPC client.Note that we really should split nfsd4_run_cb_work in the long run, this is
just the least intrusive fix for now.Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
Checking the rpc_client pointer is not a reliable way to detect
backchannel changes: cl_cb_client is changed only after shutting down
the rpc client, so the condition cl_cb_client = tk_client will always be
true.Check the RPC_TASK_KILLED flag instead, and rewrite the code to avoid
the buggy cl_callbacks list and fix the lifetime rules due to double
calls of the ->prepare callback operations method for this retry case.Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
We must only increment the sequence id if the client has seen and responded
to a request. If we failed to deliver it to the client we must resend with
the same sequence id. So just like the client track errors at the transport
level differently from those returned in the XDR.Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
For the sake of forgetful clients, the server should return the layouts
to the file system on 'last close' of a file (assuming that there are no
delegations outstanding to that particular client) or on delegreturn
(assuming that there are no opens on a file from that particular
client).In theory the information is all there in current data structures, but
it's not efficiently available; nfs4_file->fi_ref includes references on
the file across all clients, but we need a per-(client, file) count.
Walking through lots of stateid's to calculate this on each close or
delegreturn would be painful.This patch introduces infrastructure to maintain per-client opens and
delegation counters on a per-file basis.[hch: ported to the mainline pNFS support, merged various fixes from Jeff]
Signed-off-by: Sachin Bhamare
Signed-off-by: Jeff Layton
Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
If we find a non-confirmed openowner we jump to exit the function, but do
not set an error value. Fix this by factoring out a helper to do the
check and properly set the error from nfsd4_validate_stateid.Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
Commit df52699e4fcef ("NFSv4.1: Don't cache deviceids that have no
notifications") causes the Linux NFS client to stop caching deviceid's
unless a server pretends to support deviceid notifications. While this
behavior is stupid and the language around this area in rfc5661 is a
mess carified by an errata that I submittted, Trond insists on this
behavior. Not caching deviceids degrades block layout performance
massively as a GETDEVICEINFO is fairly expensive.So add this hack to make the Linux client happy again.
Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields
27 Apr, 2015
1 commit
-
Pull fourth vfs update from Al Viro:
"d_inode() annotations from David Howells (sat in for-next since before
the beginning of merge window) + four assorted fixes"* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
RCU pathwalk breakage when running into a symlink overmounting something
fix I_DIO_WAKEUP definition
direct-io: only inc/dec inode->i_dio_count for file systems
fs/9p: fix readdir()
VFS: assorted d_backing_inode() annotations
VFS: fs/inode.c helpers: d_inode() annotations
VFS: fs/cachefiles: d_backing_inode() annotations
VFS: fs library helpers: d_inode() annotations
VFS: assorted weird filesystems: d_inode() annotations
VFS: normal filesystems (and lustre): d_inode() annotations
VFS: security/: d_inode() annotations
VFS: security/: d_backing_inode() annotations
VFS: net/: d_inode() annotations
VFS: net/unix: d_backing_inode() annotations
VFS: kernel/: d_inode() annotations
VFS: audit: d_backing_inode() annotations
VFS: Fix up some ->d_inode accesses in the chelsio driver
VFS: Cachefiles should perform fs modifications on the top layer only
VFS: AF_UNIX sockets should call mknod on the top layer only
24 Apr, 2015
1 commit
-
Pull nfsd updates from Bruce Fields:
"A quiet cycle this time; this is basically entirely bugfixes.The few that aren't cc'd to stable are cleanup or seemed unlikely to
affect anyone much"* 'for-4.1' of git://linux-nfs.org/~bfields/linux:
uapi: Remove kernel internal declaration
nfsd: fix nsfd startup race triggering BUG_ON
nfsd: eliminate NFSD_DEBUG
nfsd4: fix READ permission checking
nfsd4: disallow SEEK with special stateids
nfsd4: disallow ALLOCATE with special stateids
nfsd: add NFSEXP_PNFS to the exflags array
nfsd: Remove duplicate macro define for max sec label length
nfsd: allow setting acls with unenforceable DENYs
nfsd: NFSD_FAULT_INJECTION depends on DEBUG_FS
nfsd: remove unused status arg to nfsd4_cleanup_open_state
nfsd: remove bogus setting of status in nfsd4_process_open2
NFSD: Use correct reply size calculating function
NFSD: Using path_equal() for checking two paths
22 Apr, 2015
5 commits
-
nfsd triggered a BUG_ON in net_generic(...) when rpc_pipefs_event(...)
in fs/nfsd/nfs4recover.c was called before assigning ntfsd_net_id.
The following was observed on a MIPS 32-core processor:
kernel: Call Trace:
kernel: [] rpc_pipefs_event+0x7c/0x158 [nfsd]
kernel: [] notifier_call_chain+0x70/0xb8
kernel: [] __blocking_notifier_call_chain+0x4c/0x70
kernel: [] rpc_fill_super+0xf8/0x1a0
kernel: [] mount_ns+0xb4/0xf0
kernel: [] mount_fs+0x50/0x1f8
kernel: [] vfs_kern_mount+0x58/0xf0
kernel: [] do_mount+0x27c/0xa28
kernel: [] SyS_mount+0x98/0xe8
kernel: [] handle_sys64+0x44/0x68
kernel:
kernel:
Code: 0040f809 00000000 2e020001 3c12c00d
3c02801a de100000 6442eb98 0040f809
kernel: ---[ end trace 7471374335809536 ]---Fixed this behaviour by calling register_pernet_subsys(&nfsd_net_ops) before
registering rpc_pipefs_event(...) with the notifier chain.Signed-off-by: Giuseppe Cantavenera
Signed-off-by: Lorenzo Restelli
Reviewed-by: Kinlong Mee
Cc: stable@vger.kernel.org
Signed-off-by: J. Bruce Fields -
Commit f895b252d4edf ("sunrpc: eliminate RPC_DEBUG") introduced
use of IS_ENABLED() in a uapi header which leads to a build
failure for userspace apps trying to use :linux/nfsd/debug.h:18:15: error: missing binary operator before token "("
#if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
^Since this was only used to define NFSD_DEBUG if CONFIG_SUNRPC_DEBUG
is enabled, replace instances of NFSD_DEBUG with CONFIG_SUNRPC_DEBUG.Cc: stable@vger.kernel.org
Fixes: f895b252d4edf "sunrpc: eliminate RPC_DEBUG"
Signed-off-by: Mark Salter
Reviewed-by: Jeff Layton
Signed-off-by: J. Bruce Fields -
In the case we already have a struct file (derived from a stateid), we
still need to do permission-checking; otherwise an unauthorized user
could gain access to a file by sniffing or guessing somebody else's
stateid.Cc: stable@vger.kernel.org
Fixes: dc97618ddda9 "nfsd4: separate splice and readv cases"
Signed-off-by: J. Bruce Fields -
If the client uses a special stateid then we'll pass a NULL file to
vfs_llseek.Fixes: 24bab491220f " NFSD: Implement SEEK"
Cc: Anna Schumaker
Cc: stable@vger.kernel.org
Reported-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
vfs_fallocate will hit a NULL dereference if the client tries an
ALLOCATE or DEALLOCATE with a special stateid. Fix that. (We also
depend on the open to have broken any conflicting leases or delegations
for us.)(If it turns out we need to allow special stateid's then we could do a
temporary open here in the special-stateid case, as we do for read and
write. For now I'm assuming it's not necessary.)Fixes: 95d871f03cae "nfsd: Add ALLOCATE support"
Cc: stable@vger.kernel.org
Cc: Anna Schumaker
Signed-off-by: J. Bruce Fields
16 Apr, 2015
3 commits
-
Merge second patchbomb from Andrew Morton:
- the rest of MM
- various misc bits
- add ability to run /sbin/reboot at reboot time
- printk/vsprintf changes
- fiddle with seq_printf() return value
* akpm: (114 commits)
parisc: remove use of seq_printf return value
lru_cache: remove use of seq_printf return value
tracing: remove use of seq_printf return value
cgroup: remove use of seq_printf return value
proc: remove use of seq_printf return value
s390: remove use of seq_printf return value
cris fasttimer: remove use of seq_printf return value
cris: remove use of seq_printf return value
openrisc: remove use of seq_printf return value
ARM: plat-pxa: remove use of seq_printf return value
nios2: cpuinfo: remove use of seq_printf return value
microblaze: mb: remove use of seq_printf return value
ipc: remove use of seq_printf return value
rtc: remove use of seq_printf return value
power: wakeup: remove use of seq_printf return value
x86: mtrr: if: remove use of seq_printf return value
linux/bitmap.h: improve BITMAP_{LAST,FIRST}_WORD_MASK
MAINTAINERS: CREDITS: remove Stefano Brivio from B43
.mailmap: add Ricardo Ribalda
CREDITS: add Ricardo Ribalda Delgado
... -
There are a lot of embedded systems that run most or all of their
functionality in init, running as root:root. For these systems,
supporting multiple users is not necessary.This patch adds a new symbol, CONFIG_MULTIUSER, that makes support for
non-root users, non-root groups, and capabilities optional. It is enabled
under CONFIG_EXPERT menu.When this symbol is not defined, UID and GID are zero in any possible case
and processes always have all capabilities.The following syscalls are compiled out: setuid, setregid, setgid,
setreuid, setresuid, getresuid, setresgid, getresgid, setgroups,
getgroups, setfsuid, setfsgid, capget, capset.Also, groups.c is compiled out completely.
In kernel/capability.c, capable function was moved in order to avoid
adding two ifdef blocks.This change saves about 25 KB on a defconfig build. The most minimal
kernels have total text sizes in the high hundreds of kB rather than
low MB. (The 25k goes down a bit with allnoconfig, but not that much.The kernel was booted in Qemu. All the common functionalities work.
Adding users/groups is not possible, failing with -ENOSYS.Bloat-o-meter output:
add/remove: 7/87 grow/shrink: 19/397 up/down: 1675/-26325 (-24650)[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Iulia Manda
Reviewed-by: Josh Triplett
Acked-by: Geert Uytterhoeven
Tested-by: Paul E. McKenney
Reviewed-by: Paul E. McKenney
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
that's the bulk of filesystem drivers dealing with inodes of their own
Signed-off-by: David Howells
Signed-off-by: Al Viro
03 Apr, 2015
2 commits
-
Signed-off-by: J. Bruce Fields
-
The current prototypes for these operations are somewhat awkward as they
deal with fl_owners but take struct file_lock arguments. In the future,
we'll want to be able to take references without necessarily dealing
with a struct file_lock.Change them to take fl_owner_t arguments instead and have the callers
deal with assigning the values to the file_lock structs.Signed-off-by: Jeff Layton
01 Apr, 2015
7 commits
-
NFS4_MAXLABELLEN has defined for sec label max length, use it directly.
Signed-off-by: Kinglong Mee
Signed-off-by: J. Bruce Fields -
We've been refusing ACLs that DENY permissions that we can't effectively
deny. (For example, we can't deny permission to read attributes.)Andreas points out that any DENY of Window's "read", "write", or
"modify" permissions would trigger this. That would be annoying.So maybe we should be a little less paranoid, and ignore entirely the
permissions that are meaningless to us.Reported-by: Andreas Gruenbacher
Signed-off-by: J. Bruce Fields -
NFSD_FAULT_INJECTION depends on DEBUG_FS, otherwise the debugfs_create_*
interface may return unexpected error -ENODEV, and cause system crash.Signed-off-by: Chengyu Song
Signed-off-by: J. Bruce Fields -
Signed-off-by: Jeff Layton
Reviewed-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
status is always reset after this (and it doesn't make much sense there
anyway).Signed-off-by: Jeff Layton
Reviewed-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
ALLOCATE/DEALLOCATE only reply one status value to client,
so, using nfsd4_only_status_rsize for reply size calculating.Signed-off-by: Kinglong Mee
Reviewed-by: Anna Schumaker
Signed-off-by: J. Bruce Fields -
Signed-off-by: Kinglong Mee
Signed-off-by: J. Bruce Fields
31 Mar, 2015
1 commit
-
Turns out sending out layouts to any client is a bad idea if they
can't get at the storage device, so require explicit admin action
to enable pNFS.Signed-off-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields
26 Mar, 2015
5 commits
-
With return layout as, (seg is return layout, lo is record layout)
seg->offset offset and layout_end(seg) < layout_end(lo),
nfsd should update lo's offset to seg's end,
and,
seg->offset > lo->offset and layout_end(seg) >= layout_end(lo),
nfsd should update lo's end to seg's offset.Fixes: 9cf514ccfa ("nfsd: implement pNFS operations")
Signed-off-by: Kinglong Mee
Reviewed-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
Signed-off-by: Kinglong Mee
Reviewed-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
When testing pnfs with nfsd_debug on, nfsd print a negative number
of layout length and foff in nfsd4_block_proc_layoutget as,
"GET: -xxxx:-xxx 2"Signed-off-by: Kinglong Mee
Reviewed-by: Christoph Hellwig
Signed-off-by: J. Bruce Fields -
alloc_init_lock_stateowner can return an already freed entry if there is
a race to put openowners in the hashtable.Noticed by inspection after Jeff Layton fixed the same bug for open
owners. Depending on client behavior, this one may be trickier to
trigger in practice.Fixes: c58c6610ec24 "nfsd: Protect adding/removing lock owners using client_lock"
Cc:
Cc: Trond Myklebust
Acked-by: Jeff Layton
Signed-off-by: J. Bruce Fields -
alloc_init_open_stateowner can return an already freed entry if there is
a race to put openowners in the hashtable.In commit 7ffb588086e9, we changed it so that we allocate and initialize
an openowner, and then check to see if a matching one got stuffed into
the hashtable in the meantime. If it did, then we free the one we just
allocated and take a reference on the one already there. There is a bug
here though. The code will then return the pointer to the one that was
allocated (and has now been freed).This wasn't evident before as this race almost never occurred. The Linux
kernel client used to serialize requests for a single openowner. That
has changed now with v4.0 kernels, and this race can now easily occur.Fixes: 7ffb588086e9
Cc: # v3.17+
Cc: Trond Myklebust
Reported-by: Christoph Hellwig
Reviewed-by: Christoph Hellwig
Signed-off-by: Jeff Layton
Signed-off-by: J. Bruce Fields