1. 17 7月, 2014 2 次提交
  2. 11 7月, 2014 4 次提交
    • J
      nfsd: make deny mode enforcement more efficient and close races in it · baeb4ff0
      Jeff Layton 提交于
      The current enforcement of deny modes is both inefficient and scattered
      across several places, which makes it hard to guarantee atomicity. The
      inefficiency is a problem now, and the lack of atomicity will mean races
      once the client_mutex is removed.
      
      First, we address the inefficiency. We have to track deny modes on a
      per-stateid basis to ensure that open downgrades are sane, but when the
      server goes to enforce them it has to walk the entire list of stateids
      and check against each one.
      
      Instead of doing that, maintain a per-nfs4_file deny mode. When a file
      is opened, we simply set any deny bits in that mode that were specified
      in the OPEN call. We can then use that unified deny mode to do a simple
      check to see whether there are any conflicts without needing to walk the
      entire stateid list.
      
      The only time we'll need to walk the entire list of stateids is when a
      stateid that has a deny mode on it is being released, or one is having
      its deny mode downgraded. In that case, we must walk the entire list and
      recalculate the fi_share_deny field. Since deny modes are pretty rare
      today, this should be very rare under normal workloads.
      
      To address the potential for races once the client_mutex is removed,
      protect fi_share_deny with the fi_lock. In nfs4_get_vfs_file, check to
      make sure that any deny mode we want to apply won't conflict with
      existing access. If that's ok, then have nfs4_file_get_access check that
      new access to the file won't conflict with existing deny modes.
      
      If that also passes, then get file access references, set the correct
      access and deny bits in the stateid, and update the fi_share_deny field.
      If opening the file or truncating it fails, then unwind the whole mess
      and return the appropriate error.
      Signed-off-by: NJeff Layton <jlayton@primarydata.com>
      Reviewed-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      baeb4ff0
    • J
      nfsd: shrink st_access_bmap and st_deny_bmap · c11c591f
      Jeff Layton 提交于
      We never use anything above bit #3, so an unsigned long for each is
      wasteful. Shrink them to a char each, and add some WARN_ON_ONCE calls if
      we try to set or clear bits that would go outside those sizes.
      
      Note too that because atomic bitops work on unsigned longs, we have to
      abandon their use here. That shouldn't be a problem though since we
      don't really care about the atomicity in this code anyway. Using them
      was just a convenient way to flip bits.
      Signed-off-by: NJeff Layton <jlayton@primarydata.com>
      Reviewed-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      c11c591f
    • T
      nfsd: Add locking to the nfs4_file->fi_fds[] array · de18643d
      Trond Myklebust 提交于
      Preparation for removal of the client_mutex, which currently protects
      this array. While we don't actually need the find_*_file_locked variants
      just yet, a later patch will. So go ahead and add them now to reduce
      future churn in this code.
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      Signed-off-by: NJeff Layton <jlayton@primarydata.com>
      Reviewed-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      de18643d
    • T
      nfsd: Add fine grained protection for the nfs4_file->fi_stateids list · 1d31a253
      Trond Myklebust 提交于
      Access to this list is currently serialized by the client_mutex. Add
      finer grained locking around this list in preparation for its removal.
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      Reviewed-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      1d31a253
  3. 10 7月, 2014 4 次提交
  4. 09 7月, 2014 2 次提交
  5. 23 5月, 2014 1 次提交
  6. 07 5月, 2014 2 次提交
  7. 02 7月, 2013 1 次提交
  8. 16 4月, 2013 1 次提交
    • J
      nfsd4: implement SEQ4_STATUS_RECALLABLE_STATE_REVOKED · 3bd64a5b
      J. Bruce Fields 提交于
      A 4.1 server must notify a client that has had any state revoked using
      the SEQ4_STATUS_RECALLABLE_STATE_REVOKED flag.  The client can figure
      out exactly which state is the problem using CHECK_STATEID and then free
      it using FREE_STATEID.  The status flag will be unset once all such
      revoked stateids are freed.
      
      Our server's only recallable state is delegations.  So we keep with each
      4.1 client a list of delegations that have timed out and been recalled,
      but haven't yet been freed by FREE_STATEID.
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      3bd64a5b
  9. 08 4月, 2013 1 次提交
    • J
      nfsd4: cleanup handling of nfsv4.0 closed stateid's · 9411b1d4
      J. Bruce Fields 提交于
      Closed stateid's are kept around a little while to handle close replays
      in the 4.0 case.  So we stash them in the last-used stateid in the
      oo_last_closed_stateid field of the open owner.  We can free that in
      encode_seqid_op_tail once the seqid on the open owner is next
      incremented.  But we don't want to do that on the close itself; so we
      set NFS4_OO_PURGE_CLOSE flag set on the open owner, skip freeing it the
      first time through encode_seqid_op_tail, then when we see that flag set
      next time we free it.
      
      This is unnecessarily baroque.
      
      Instead, just move the logic that increments the seqid out of the xdr
      code and into the operation code itself.
      
      The justification given for the current placement is that we need to
      wait till the last minute to be sure we know whether the status is a
      sequence-id-mutating error or not, but examination of the code shows
      that can't actually happen.
      Reported-by: NYanchuan Nian <ycnian@gmail.com>
      Tested-by: NYanchuan Nian <ycnian@gmail.com>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      9411b1d4
  10. 04 4月, 2013 1 次提交
  11. 03 4月, 2013 3 次提交
    • J
      nfsd4: don't destroy in-use session · 66b2b9b2
      J. Bruce Fields 提交于
      This changes session destruction to be similar to client destruction in
      that attempts to destroy a session while in use (which should be rare
      corner cases) result in DELAY.  This simplifies things somewhat and
      helps meet a coming 4.2 requirement.
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      66b2b9b2
    • J
      nfsd4: don't destroy in-use clients · 221a6876
      J. Bruce Fields 提交于
      When a setclientid_confirm or create_session confirms a client after a
      client reboot, it also destroys any previous state held by that client.
      
      The shutdown of that previous state must be careful not to free the
      client out from under threads processing other requests that refer to
      the client.
      
      This is a particular problem in the NFSv4.1 case when we hold a
      reference to a session (hence a client) throughout compound processing.
      
      The server attempts to handle this by unhashing the client at the time
      it's destroyed, then delaying the final free to the end.  But this still
      leaves some races in the current code.
      
      I believe it's simpler just to fail the attempt to destroy the client by
      returning NFS4ERR_DELAY.  This is a case that should never happen
      anyway.
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      221a6876
    • J
      nfsd4: fix race on client shutdown · b0a9d3ab
      J. Bruce Fields 提交于
      Dropping the session's reference count after the client's means we leave
      a window where the session's se_client pointer is NULL.  An xpt_user
      callback that encounters such a session may then crash:
      
      [  303.956011] BUG: unable to handle kernel NULL pointer dereference at 0000000000000318
      [  303.959061] IP: [<ffffffff81481a8e>] _raw_spin_lock+0x1e/0x40
      [  303.959061] PGD 37811067 PUD 3d498067 PMD 0
      [  303.959061] Oops: 0002 [#8] PREEMPT SMP
      [  303.959061] Modules linked in: md5 nfsd auth_rpcgss nfs_acl snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_page_alloc microcode psmouse snd_timer serio_raw pcspkr evdev snd soundcore i2c_piix4 i2c_core intel_agp intel_gtt processor button nfs lockd sunrpc fscache ata_generic pata_acpi ata_piix uhci_hcd libata btrfs usbcore usb_common crc32c scsi_mod libcrc32c zlib_deflate floppy virtio_balloon virtio_net virtio_pci virtio_blk virtio_ring virtio
      [  303.959061] CPU 0
      [  303.959061] Pid: 264, comm: nfsd Tainted: G      D      3.8.0-ARCH+ #156 Bochs Bochs
      [  303.959061] RIP: 0010:[<ffffffff81481a8e>]  [<ffffffff81481a8e>] _raw_spin_lock+0x1e/0x40
      [  303.959061] RSP: 0018:ffff880037877dd8  EFLAGS: 00010202
      [  303.959061] RAX: 0000000000000100 RBX: ffff880037a2b698 RCX: ffff88003d879278
      [  303.959061] RDX: ffff88003d879278 RSI: dead000000100100 RDI: 0000000000000318
      [  303.959061] RBP: ffff880037877dd8 R08: ffff88003c5a0f00 R09: 0000000000000002
      [  303.959061] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
      [  303.959061] R13: 0000000000000318 R14: ffff880037a2b680 R15: ffff88003c1cbe00
      [  303.959061] FS:  0000000000000000(0000) GS:ffff88003fc00000(0000) knlGS:0000000000000000
      [  303.959061] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
      [  303.959061] CR2: 0000000000000318 CR3: 000000003d49c000 CR4: 00000000000006f0
      [  303.959061] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      [  303.959061] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      [  303.959061] Process nfsd (pid: 264, threadinfo ffff880037876000, task ffff88003c1fd0a0)
      [  303.959061] Stack:
      [  303.959061]  ffff880037877e08 ffffffffa03772ec ffff88003d879000 ffff88003d879278
      [  303.959061]  ffff88003d879080 0000000000000000 ffff880037877e38 ffffffffa0222a1f
      [  303.959061]  0000000000107ac0 ffff88003c22e000 ffff88003d879000 ffff88003c1cbe00
      [  303.959061] Call Trace:
      [  303.959061]  [<ffffffffa03772ec>] nfsd4_conn_lost+0x3c/0xa0 [nfsd]
      [  303.959061]  [<ffffffffa0222a1f>] svc_delete_xprt+0x10f/0x180 [sunrpc]
      [  303.959061]  [<ffffffffa0223d96>] svc_recv+0xe6/0x580 [sunrpc]
      [  303.959061]  [<ffffffffa03587c5>] nfsd+0xb5/0x140 [nfsd]
      [  303.959061]  [<ffffffffa0358710>] ? nfsd_destroy+0x90/0x90 [nfsd]
      [  303.959061]  [<ffffffff8107ae00>] kthread+0xc0/0xd0
      [  303.959061]  [<ffffffff81010000>] ? perf_trace_xen_mmu_set_pte_at+0x50/0x100
      [  303.959061]  [<ffffffff8107ad40>] ? kthread_freezable_should_stop+0x70/0x70
      [  303.959061]  [<ffffffff814898ec>] ret_from_fork+0x7c/0xb0
      [  303.959061]  [<ffffffff8107ad40>] ? kthread_freezable_should_stop+0x70/0x70
      [  303.959061] Code: ff ff 5d c3 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 65 48 8b 04 25 f0 c6 00 00 48 89 e5 83 80 44 e0 ff ff 01 b8 00 01 00 00 <3e> 66 0f c1 07 0f b6 d4 38 c2 74 0f 66 0f 1f 44 00 00 f3 90 0f
      [  303.959061] RIP  [<ffffffff81481a8e>] _raw_spin_lock+0x1e/0x40
      [  303.959061]  RSP <ffff880037877dd8>
      [  303.959061] CR2: 0000000000000318
      [  304.001218] ---[ end trace 2d809cd4a7931f5a ]---
      [  304.001903] note: nfsd[264] exited with preempt_count 2
      Reported-by: NBryan Schumaker <bjschuma@netapp.com>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      b0a9d3ab
  12. 13 2月, 2013 1 次提交
    • E
      nfsd: Modify nfsd4_cb_sec to use kuids and kgids · 03bc6d1c
      Eric W. Biederman 提交于
      Change uid and gid in struct nfsd4_cb_sec to be of type kuid_t and
      kgid_t.
      
      In nfsd4_decode_cb_sec when reading uids and gids off the wire convert
      them to kuids and kgids, and if they don't convert to valid kuids or
      valid kuids ignore RPC_AUTH_UNIX and don't fill in any of the fields.
      
      Cc: "J. Bruce Fields" <bfields@fieldses.org>
      Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      03bc6d1c
  13. 03 12月, 2012 3 次提交
  14. 29 11月, 2012 1 次提交
  15. 15 11月, 2012 4 次提交
  16. 13 11月, 2012 6 次提交
  17. 11 11月, 2012 1 次提交
  18. 08 11月, 2012 2 次提交