17 Sep, 2014
1 commit
-
A previous patch added a ->match_preparse() method to the key type. This is
allowed to override the function called by the iteration algorithm.
Therefore, we can just set a default that simply checks for an exact match of
the key description with the original criterion data and allow match_preparse
to override it as needed.The key_type::match op is then redundant and can be removed, as can the
user_match() function.Signed-off-by: David Howells
Acked-by: Vivek Goyal
23 Jul, 2014
2 commits
-
Signed-off-by: David Howells
-
Make use of key preparsing in user-defined and logon keys so that quota size
determination can take place prior to keyring locking when a key is being
added.Also the idmapper key types need to change to match as they use the
user-defined key type routines.Signed-off-by: David Howells
Acked-by: Steve Dickson
Acked-by: Jeff Layton
18 Jul, 2014
1 commit
-
Special kernel keys, such as those used to hold DNS results for AFS, CIFS and
NFS and those used to hold idmapper results for NFS, used to be
'invalidateable' with key_revoke(). However, since the default permissions for
keys were reduced:Commit: 96b5c8fea6c0861621051290d705ec2e971963f1
KEYS: Reduce initial permissions on keysit has become impossible to do this.
Add a key flag (KEY_FLAG_ROOT_CAN_INVAL) that will permit a key to be
invalidated by root. This should not be used for system keyrings as the
garbage collector will try and remove any invalidate key. For system keyrings,
KEY_FLAG_ROOT_CAN_CLEAR can be used instead.After this, from userspace, keyctl_invalidate() and "keyctl invalidate" can be
used by any possessor of CAP_SYS_ADMIN (typically root) to invalidate DNS and
idmapper keys. Invalidated keys are immediately garbage collected and will be
immediately rerequested if needed again.Signed-off-by: David Howells
Tested-by: Steve Dickson
01 Sep, 2013
1 commit
-
Signed-off-by: Trond Myklebust
30 Aug, 2013
1 commit
-
Ensure that __nfs_idmap_unregister can be called twice without
consequences.Signed-off-by: Trond Myklebust
22 Aug, 2013
2 commits
-
Add tracepoints to help debug uid/gid mappings to username/group.
Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
Cc: Bryan Schumaker
29 Jun, 2013
1 commit
-
Fallback should happen only when the request_key() call fails, because
this indicates that there was a problem running the nfsidmap program.
We shouldn't call the legacy code if the error was elsewhere.Signed-off-by: Bryan Schumaker
Signed-off-by: Trond Myklebust
21 Mar, 2013
1 commit
-
Functions like nfs_map_uid_to_name() and nfs_map_gid_to_group() are
expected to return a string without any terminating NUL character.
Regression introduced by commit 57e62324e469e092ecc6c94a7a86fe4bd6ac5172
(NFS: Store the legacy idmapper result in the keyring).Reported-by: Dave Chiluk
Signed-off-by: Trond Myklebust
Cc: Bryan Schumaker
Cc: stable@vger.kernel.org [>=3.4]
27 Feb, 2013
1 commit
-
Pull vfs pile (part one) from Al Viro:
"Assorted stuff - cleaning namei.c up a bit, fixing ->d_name/->d_parent
locking violations, etc.The most visible changes here are death of FS_REVAL_DOT (replaced with
"has ->d_weak_revalidate()") and a new helper getting from struct file
to inode. Some bits of preparation to xattr method interface changes.Misc patches by various people sent this cycle *and* ocfs2 fixes from
several cycles ago that should've been upstream right then.PS: the next vfs pile will be xattr stuff."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (46 commits)
saner proc_get_inode() calling conventions
proc: avoid extra pde_put() in proc_fill_super()
fs: change return values from -EACCES to -EPERM
fs/exec.c: make bprm_mm_init() static
ocfs2/dlm: use GFP_ATOMIC inside a spin_lock
ocfs2: fix possible use-after-free with AIO
ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code path
get_empty_filp()/alloc_file() leave both ->f_pos and ->f_version zero
target: writev() on single-element vector is pointless
export kernel_write(), convert open-coded instances
fs: encode_fh: return FILEID_INVALID if invalid fid_type
kill f_vfsmnt
vfs: kill FS_REVAL_DOT by adding a d_weak_revalidate dentry op
nfsd: handle vfs_getattr errors in acl protocol
switch vfs_getattr() to struct path
default SET_PERSONALITY() in linux/elf.h
ceph: prepopulate inodes only when request is aborted
d_hash_and_lookup(): export, switch open-coded instances
9p: switch v9fs_set_create_acl() to inode+fid, do it before d_instantiate()
9p: split dropping the acls from v9fs_set_create_acl()
...
23 Feb, 2013
1 commit
-
Signed-off-by: Al Viro
13 Feb, 2013
2 commits
-
Convert nfs_map_name_to_uid to return a kuid_t value.
Convert nfs_map_name_to_gid to return a kgid_t value.
Convert nfs_map_uid_to_name to take a kuid_t paramater.
Convert nfs_map_gid_to_name to take a kgid_t paramater.Tweak nfs_fattr_map_owner_to_name to use a kuid_t intermediate value.
Tweak nfs_fattr_map_group_to_name to use a kgid_t intermediate value.Which makes these functions properly handle kuids and kgids, including
erroring of the generated kuid or kgid is invalid.Cc: "J. Bruce Fields"
Cc: Trond Myklebust
Signed-off-by: "Eric W. Biederman" -
Cc: "J. Bruce Fields"
Cc: Trond Myklebust
Signed-off-by: "Eric W. Biederman"
17 Dec, 2012
1 commit
-
Pull security subsystem updates from James Morris:
"A quiet cycle for the security subsystem with just a few maintenance
updates."* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
Smack: create a sysfs mount point for smackfs
Smack: use select not depends in Kconfig
Yama: remove locking from delete path
Yama: add RCU to drop read locking
drivers/char/tpm: remove tasklet and cleanup
KEYS: Use keyring_alloc() to create special keyrings
KEYS: Reduce initial permissions on keys
KEYS: Make the session and process keyrings per-thread
seccomp: Make syscall skipping and nr changes more consistent
key: Fix resource leak
keys: Fix unreachable code
KEYS: Add payload preparsing opportunity prior to key instantiate or update
03 Oct, 2012
2 commits
-
This prevents a null pointer dereference when
nfs_idmap_complete_pipe_upcall_locked() calls complete_request_key().Fixes a regression caused by commit 0cac12023 (NFSv4: Ensure that
idmap_pipe_downcall sanity-checks the downcall data).Signed-off-by: Bryan Schumaker
Signed-off-by: Trond Myklebust -
Use keyring_alloc() to create special keyrings now that it has a permissions
parameter rather than using key_alloc() + key_instantiate_and_link().Also document and export keyring_alloc() so that modules can use it too.
Signed-off-by: David Howells
02 Oct, 2012
3 commits
-
[nfs] replace strict_str* with kstr* variants
* replace string conversions with newer kstr* functions
Signed-off-by: Daniel Walter
Signed-off-by: Trond Myklebust -
This will allocate memory that has already been zeroed, allowing us to
remove the memset later on.Signed-off-by: Bryan Schumaker
Signed-off-by: Trond Myklebust
29 Sep, 2012
3 commits
-
Use the idmapper upcall data to verify that the legacy idmapper daemon
is indeed responding to an upcall that we sent.Signed-off-by: Trond Myklebust
Cc: Bryan Schumaker -
Replace the BUG_ON(idmap->idmap_key_cons != NULL) with a
WARN_ON_ONCE(). Then get rid of the ACCESS_ONCE(idmap->idmap_key_cons).Then add helper functions for starting, finishing and aborting the
legacy upcall.Signed-off-by: Trond Myklebust
Cc: Bryan Schumaker -
The use of ACCESS_ONCE() is wrong, since the various routines that set/clear
idmap->idmap_key_cons should be strictly ordered w.r.t. each other, and
the idmap->idmap_mutex ensures that only one thread at a time may be in
an upcall situation.Also replace the BUG_ON()s with WARN_ON_ONCE() where appropriate.
Signed-off-by: Trond Myklebust
17 Aug, 2012
2 commits
-
This allows the normal error-paths to handle the error, rather than
making a special call to complete_request_key() just for this instance.Signed-off-by: Bryan Schumaker
Tested-by: William Dauchy
Cc: stable@vger.kernel.org [>= 3.4]
Signed-off-by: Trond Myklebust -
idmap_pipe_downcall already clears this field if the upcall succeeds,
but if it fails (rpc.idmapd isn't running) the field will still be set
on the next call triggering a BUG_ON(). This patch tries to handle all
possible ways that the upcall could fail and clear the idmap key data
for each one.Signed-off-by: Bryan Schumaker
Tested-by: William Dauchy
Cc: stable@vger.kernel.org [>= 3.4]
Signed-off-by: Trond Myklebust
31 Jul, 2012
2 commits
-
Otherwise we break backwards compatibility when v4 becomes a modules.
Signed-off-by: Trond Myklebust -
Fix a number of bugs in the NFS idmapper code:
(1) Only registered key types can be passed to the core keys code, so
register the legacy idmapper key type.This is a requirement because the unregister function cleans up keys
belonging to that key type so that there aren't dangling pointers to the
module left behind - including the key->type pointer.(2) Rename the legacy key type. You can't have two key types with the same
name, and (1) would otherwise require that.(3) complete_request_key() must be called in the error path of
nfs_idmap_legacy_upcall().(4) There is one idmap struct for each nfs_client struct. This means that
idmap->idmap_key_cons is shared without the use of a lock. This is a
problem because key_instantiate_and_link() - as called indirectly by
idmap_pipe_downcall() - releases anyone waiting for the key to be
instantiated.What happens is that idmap_pipe_downcall() running in the rpc.idmapd
thread, releases the NFS filesystem in whatever thread that is running in
to continue. This may then make another idmapper call, overwriting
idmap_key_cons before idmap_pipe_downcall() gets the chance to call
complete_request_key().I *think* that reading idmap_key_cons only once, before
key_instantiate_and_link() is called, and then caching the result in a
variable is sufficient.Bug (4) is the cause of:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [< (null)>] (null)
PGD 0
Oops: 0010 [#1] SMP
CPU 1
Modules linked in: ppdev parport_pc lp parport ip6table_filter ip6_tables ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack nfs fscache xt_CHECKSUM auth_rpcgss iptable_mangle nfs_acl bridge stp llc lockd be2iscsi iscsi_boot_sysfs bnx2i cnic uio cxgb4i cxgb4 cxgb3i libcxgbi cxgb3 mdio ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi snd_hda_codec_realtek snd_usb_audio snd_hda_intel snd_hda_codec snd_seq snd_pcm snd_hwdep snd_usbmidi_lib snd_rawmidi snd_timer uvcvideo videobuf2_core videodev media videobuf2_vmalloc snd_seq_device videobuf2_memops e1000e vhost_net iTCO_wdt joydev coretemp snd soundcore macvtap macvlan i2c_i801 snd_page_alloc tun iTCO_vendor_support microcode kvm_intel kvm sunrpc hid_logitech_dj usb_storage i915 drm_kms_helper drm i2c_algo_bit i2c_core video [last unloaded: scsi_wait_scan]
Pid: 1229, comm: rpc.idmapd Not tainted 3.4.2-1.fc16.x86_64 #1 Gateway DX4710-UB801A/G33M05G1
RIP: 0010:[] [< (null)>] (null)
RSP: 0018:ffff8801a3645d40 EFLAGS: 00010246
RAX: ffff880077707e30 RBX: ffff880077707f50 RCX: ffff8801a18ccd80
RDX: 0000000000000006 RSI: ffff8801a3645e75 RDI: ffff880077707f50
RBP: ffff8801a3645d88 R08: ffff8801a430f9c0 R09: ffff8801a3645db0
R10: 000000000000000a R11: 0000000000000246 R12: ffff8801a18ccd80
R13: ffff8801a3645e75 R14: ffff8801a430f9c0 R15: 0000000000000006
FS: 00007fb6fb51a700(0000) GS:ffff8801afc80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000001a49b0000 CR4: 00000000000027e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process rpc.idmapd (pid: 1229, threadinfo ffff8801a3644000, task ffff8801a3bf9710)
Stack:
ffffffff81260878 ffff8801a3645db0 ffff8801a3645db0 ffff880077707a90
ffff880077707f50 ffff8801a18ccd80 0000000000000006 ffff8801a3645e75
ffff8801a430f9c0 ffff8801a3645dd8 ffffffff81260983 ffff8801a3645de8
Call Trace:
[] ? __key_instantiate_and_link+0x58/0x100
[] key_instantiate_and_link+0x63/0xa0
[] idmap_pipe_downcall+0x1cb/0x1e0 [nfs]
[] rpc_pipe_write+0x67/0x90 [sunrpc]
[] vfs_write+0xb3/0x180
[] sys_write+0x4a/0x90
[] system_call_fastpath+0x16/0x1b
Code: Bad RIP value.
RIP [< (null)>] (null)
RSP
CR2: 0000000000000000Signed-off-by: David Howells
Reviewed-by: Steve Dickson
Signed-off-by: Trond Myklebust
Cc: stable@vger.kernel.org [>= 3.4]
21 Jun, 2012
1 commit
-
It was initially coded under the assumption that there would only be one
request at a time, so use a lock to enforce this requirement..Signed-off-by: Bryan Schumaker
CC: stable@vger.kernel.org [3.4+]
Signed-off-by: Trond Myklebust
24 May, 2012
2 commits
-
Ensure that a process that uses the nfs_client->cl_cons_state test
for whether the initialisation process is finished does not read
stale data.Signed-off-by: Trond Myklebust
-
Since the struct nfs_client gets added to the global nfs_client_list
before it is initialised, it is possible that rpc_pipefs_event can
end up trying to create idmapper entries on such a thing.The solution is to have the mount notification wait for the
initialisation of each nfs_client to complete, and then to
skip any entries for which the it failed.Reported-by: Stanislav Kinsbursky
Signed-off-by: Trond Myklebust
Acked-by: Stanislav Kinsbursky
23 May, 2012
1 commit
-
Clean up: When naming fields and data types, follow established
conventions to facilitate accurate grep/cscope searches.Introduced by commit e50a7a1a "NFS: make NFS client allocated per
network namespace context," Tue Jan 10, 2012.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust
15 May, 2012
1 commit
-
Obviously we should check for NULL here instead of IS_ERR().
Signed-off-by: Dan Carpenter
Cc: stable@vger.kernel.org [3.4]
Signed-off-by: Trond Myklebust
29 Apr, 2012
1 commit
-
This is bug fix.
Notifier callback is called from SUNRPC module. So before dereferencing NFS
module we have to make sure, that it's alive.Signed-off-by: Stanislav Kinsbursky
Signed-off-by: Trond Myklebust
23 Mar, 2012
1 commit
-
Pull NFS client updates for Linux 3.4 from Trond Myklebust:
"New features include:
- Add NFS client support for containers.This should enable most of the necessary functionality, including
lockd support, and support for rpc.statd, NFSv4 idmapper and
RPCSEC_GSS upcalls into the correct network namespace from which
the mount system call was issued.- NFSv4 idmapper scalability improvements
Base the idmapper cache on the keyring interface to allow
concurrent access to idmapper entries. Start the process of
migrating users from the single-threaded daemon-based approach to
the multi-threaded request-key based approach.- NFSv4.1 implementation id.
Allows the NFSv4.1 client and server to mutually identify each
other for logging and debugging purposes.- Support the 'vers=4.1' mount option for mounting NFSv4.1 instead of
having to use the more counterintuitive 'vers=4,minorversion=1'.- SUNRPC tracepoints.
Start the process of adding tracepoints in order to improve
debugging of the RPC layer.- pNFS object layout support for autologin.
Important bugfixes include:
- Fix a bug in rpc_wake_up/rpc_wake_up_status that caused them to
fail to wake up all tasks when applied to priority waitqueues.- Ensure that we handle read delegations correctly, when we try to
truncate a file.- A number of fixes for NFSv4 state manager loops (mostly to do with
delegation recovery)."* tag 'nfs-for-3.4-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs: (224 commits)
NFS: fix sb->s_id in nfs debug prints
xprtrdma: Remove assumption that each segment is ls_state in release_lockowner
NFS: ncommit count is being double decremented
SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up()
Try using machine credentials for RENEW calls
NFSv4.1: Fix a few issues in filelayout_commit_pagelist
NFSv4.1: Clean ups and bugfixes for the pNFS read/writeback/commit code
...
13 Mar, 2012
1 commit
-
This function could fail to queue the upcall if rpc.idmapd is not running,
causing a warning message to be printed. Instead, I want to check the
return value and revoke the key if the upcall can't be run.Signed-off-by: Bryan Schumaker
Signed-off-by: Trond Myklebust
12 Mar, 2012
1 commit
-
Fix a number of "warning: symbol 'foo' was not declared. Should it be
static?" conditions.Fix 2 cases of "warning: Using plain integer as NULL pointer"
fs/nfs/delegation.c:263:31: warning: restricted fmode_t degrades to integer
- We want to allow upgrades to a WRITE delegation, but should otherwise
consider servers that hand out duplicate delegations to be borken.Signed-off-by: Trond Myklebust
02 Mar, 2012
1 commit
-
This patch removes the old hashmap-based caching and instead uses a
"request key actor" to place an upcall to the legacy idmapper rather
than going through /sbin/request-key. This will only be used as a
fallback if /etc/request-key.conf isn't configured to use nfsidmap.Signed-off-by: Bryan Schumaker
Signed-off-by: Trond Myklebust
28 Feb, 2012
1 commit
-
v3:
1) Lookup for client is performed from the beginning of the list on each PipeFS
event handling operation.Lockdep is sad otherwise, because inode mutex is taken on PipeFS dentry
creation, which can be called on mount notification, where this per-net client
lock is taken on clients list walk.Signed-off-by: Stanislav Kinsbursky
Signed-off-by: Trond Myklebust
15 Feb, 2012
2 commits
-
Don't allocate the legacy idmapper tables until we actually need
them.Signed-off-by: Trond Myklebust
Reviewed-by: Jeff Layton -
Instead of pre-allocating the storage for all the strings, we can
significantly reduce the size of that table by doing the allocation
when we do the downcall.Signed-off-by: Trond Myklebust
Reviewed-by: Jeff Layton