1. 29 5月, 2014 2 次提交
  2. 18 3月, 2014 1 次提交
  3. 31 1月, 2014 1 次提交
  4. 07 12月, 2013 1 次提交
  5. 05 11月, 2013 1 次提交
    • T
      NFSv4.2: encode_readdir - only ask for labels when doing readdirplus · d204c5d2
      Trond Myklebust 提交于
      Currently, if the server is doing NFSv4.2 and supports labeled NFS, then
      our on-the-wire READDIR request ends up asking for the label information,
      which is then ignored unless we're doing readdirplus.
      This patch ensures that READDIR doesn't ask the server for label information
      at all unless the readdir->bitmask contains the FATTR4_WORD2_SECURITY_LABEL
      attribute, and the readdir->plus flag is set.
      
      While we're at it, optimise away the 3rd bitmap field if it is zero.
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      d204c5d2
  6. 29 10月, 2013 2 次提交
    • C
      NFS: Add method to detect whether an FSID is still on the server · 44c99933
      Chuck Lever 提交于
      Introduce a mechanism for probing a server to determine if an FSID
      is present or absent.
      
      The on-the-wire compound is different between minor version 0 and 1.
      Minor version 0 appends a RENEW operation to identify which client
      ID is probing.  Minor version 1 has a SEQUENCE operation in the
      compound which effectively carries the same information.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      44c99933
    • C
      NFS: Add method to retrieve fs_locations during migration recovery · b03d735b
      Chuck Lever 提交于
      The nfs4_proc_fs_locations() function is invoked during referral
      processing to perform a GETATTR(fs_locations) on an object's parent
      directory in order to discover the target of the referral.  It
      performs a LOOKUP in the compound, so the client needs to know the
      parent's file handle a priori.
      
      Unfortunately this function is not adequate for handling migration
      recovery.  We need to probe fs_locations information on an FSID, but
      there's no parent directory available for many operations that
      can return NFS4ERR_MOVED.
      
      Another subtlety: recovering from NFS4ERR_LEASE_MOVED is a process
      of walking over a list of known FSIDs that reside on the server, and
      probing whether they have migrated.  Once the server has detected
      that the client has probed all migrated file systems, it stops
      returning NFS4ERR_LEASE_MOVED.
      
      A minor version zero server needs to know what client ID is
      requesting fs_locations information so it can clear the flag that
      forces it to continue returning NFS4ERR_LEASE_MOVED.  This flag is
      set per client ID and per FSID.  However, the client ID is not an
      argument of either the PUTFH or GETATTR operations.  Later minor
      versions have client ID information embedded in the compound's
      SEQUENCE operation.
      
      Therefore, by convention, minor version zero clients send a RENEW
      operation in the same compound as the GETATTR(fs_locations), since
      RENEW's one argument is a clientid4.  This allows a minor version
      zero server to identify correctly the client that is probing for a
      migration.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      b03d735b
  7. 11 9月, 2013 1 次提交
  8. 05 9月, 2013 1 次提交
    • W
      nfs4.1: Minimal SP4_MACH_CRED implementation · 2031cd1a
      Weston Andros Adamson 提交于
      This is a minimal client side implementation of SP4_MACH_CRED.  It will
      attempt to negotiate SP4_MACH_CRED iff the EXCHANGE_ID is using
      krb5i or krb5p auth.  SP4_MACH_CRED will be used if the server supports the
      minimal operations:
      
       BIND_CONN_TO_SESSION
       EXCHANGE_ID
       CREATE_SESSION
       DESTROY_SESSION
       DESTROY_CLIENTID
      
      This patch only includes the EXCHANGE_ID negotiation code because
      the client will already use the machine cred for these operations.
      
      If the server doesn't support SP4_MACH_CRED or doesn't support the minimal
      operations, the exchange id will be resent with SP4_NONE.
      Signed-off-by: NWeston Andros Adamson <dros@netapp.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      2031cd1a
  9. 04 9月, 2013 1 次提交
  10. 22 8月, 2013 2 次提交
  11. 24 7月, 2013 2 次提交
  12. 18 7月, 2013 1 次提交
  13. 29 6月, 2013 1 次提交
  14. 09 6月, 2013 2 次提交
  15. 07 5月, 2013 1 次提交
  16. 20 4月, 2013 1 次提交
  17. 17 4月, 2013 1 次提交
  18. 30 3月, 2013 2 次提交
    • C
      NFS: Avoid PUTROOTFH when managing leases · 83ca7f5a
      Chuck Lever 提交于
      Currently, the compound operation the Linux NFS client sends to the
      server to confirm a client ID looks like this:
      
      	{ SETCLIENTID_CONFIRM; PUTROOTFH; GETATTR(lease_time) }
      
      Once the lease is confirmed, it makes sense to know how long before
      the client will have to renew it.  And, performing these operations
      in the same compound saves a round trip.
      
      Unfortunately, this arrangement assumes that the security flavor
      used for establishing a client ID can also be used to access the
      server's pseudo-fs.
      
      If the server requires a different security flavor to access its
      pseudo-fs than it allowed for the client's SETCLIENTID operation,
      the PUTROOTFH in this compound fails with NFS4ERR_WRONGSEC.  Even
      though the SETCLIENTID_CONFIRM succeeded, our client's trunking
      detection logic interprets the failure of the compound as a failure
      by the server to confirm the client ID.
      
      As part of server trunking detection, the client then begins another
      SETCLIENTID pass with the same nfs4_client_id.  This fails with
      NFS4ERR_CLID_INUSE because the first SETCLIENTID/SETCLIENTID_CONFIRM
      already succeeded in confirming that client ID -- it was the
      PUTROOTFH operation that caused the SETCLIENTID_CONFIRM compound to
      fail.
      
      To address this issue, separate the "establish client ID" step from
      the "accessing the server's pseudo-fs root" step.  The first access
      of the server's pseudo-fs may require retrying the PUTROOTFH
      operation with different security flavors.  This access is done in
      nfs4_proc_get_rootfh().
      
      That leaves the matter of how to retrieve the server's lease time.
      nfs4_proc_fsinfo() already retrieves the lease time value, though
      none of its callers do anything with the retrieved value (nor do
      they mark the lease as "renewed").
      
      Note that NFSv4.1 state recovery invokes nfs4_proc_get_lease_time()
      using the lease management security flavor.  This may cause some
      heartburn if that security flavor isn't the same as the security
      flavor the server requires for accessing the pseudo-fs.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Cc: Bryan Schumaker <bjschuma@netapp.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      83ca7f5a
    • C
      SUNRPC: Define rpcsec_gss_info structure · fb15b26f
      Chuck Lever 提交于
      The NFSv4 SECINFO procedure returns a list of security flavors.  Any
      GSS flavor also has a GSS tuple containing an OID, a quality-of-
      protection value, and a service value, which specifies a particular
      GSS pseudoflavor.
      
      For simplicity and efficiency, I'd like to return each GSS tuple
      from the NFSv4 SECINFO XDR decoder and pass it straight into the RPC
      client.
      
      Define a data structure that is visible to both the NFS client and
      the RPC client.  Take structure and field names from the relevant
      standards to avoid confusion.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      fb15b26f
  19. 29 3月, 2013 1 次提交
    • T
      NFSv4: Fix Oopses in the fs_locations code · 809b426c
      Trond Myklebust 提交于
      If the server sends us a pathname with more components than the client
      limit of NFS4_PATHNAME_MAXCOMPONENTS, more server entries than the client
      limit of NFS4_FS_LOCATION_MAXSERVERS, or sends a total number of
      fs_locations entries than the client limit of NFS4_FS_LOCATIONS_MAXENTRIES
      then we will currently Oops because the limit checks are done _after_ we've
      decoded the data into the arrays.
      
      Reported-by: fanchaoting<fanchaoting@cn.fujitsu.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      809b426c
  20. 26 3月, 2013 2 次提交
  21. 13 2月, 2013 1 次提交
    • E
      nfs: Convert nfs4xdr to use kuids and kgids · e5782076
      Eric W. Biederman 提交于
      When reading uids and gids off the wire convert them to
      kuids and kgids.
      
      When putting kuids and kgids onto the wire first convert
      them to uids and gids the other side will understand.
      
      When printing kuids and kgids convert them to values in
      the initial user namespace then use normal printf formats.
      
      Cc: "J. Bruce Fields" <bfields@fieldses.org>
      Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      e5782076
  22. 06 12月, 2012 3 次提交
  23. 27 11月, 2012 3 次提交
  24. 22 11月, 2012 1 次提交
  25. 05 11月, 2012 1 次提交
  26. 03 10月, 2012 2 次提交
  27. 02 10月, 2012 1 次提交
    • W
      NFSv4: Add ACCESS operation to OPEN compound · 6168f62c
      Weston Andros Adamson 提交于
      The OPEN operation has no way to differentiate an open for read and an
      open for execution - both look like read to the server. This allowed
      users to read files that didn't have READ access but did have EXEC access,
      which is obviously wrong.
      
      This patch adds an ACCESS call to the OPEN compound to handle the
      difference between OPENs for reading and execution.  Since we're going
      through the trouble of calling ACCESS, we check all possible access bits
      and cache the results hopefully avoiding an ACCESS call in the future.
      Signed-off-by: NWeston Andros Adamson <dros@netapp.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      6168f62c
  28. 29 9月, 2012 1 次提交