1. 26 4月, 2017 1 次提交
    • J
      nfsd: check for oversized NFSv2/v3 arguments · e6838a29
      J. Bruce Fields 提交于
      A client can append random data to the end of an NFSv2 or NFSv3 RPC call
      without our complaining; we'll just stop parsing at the end of the
      expected data and ignore the rest.
      
      Encoded arguments and replies are stored together in an array of pages,
      and if a call is too large it could leave inadequate space for the
      reply.  This is normally OK because NFS RPC's typically have either
      short arguments and long replies (like READ) or long arguments and short
      replies (like WRITE).  But a client that sends an incorrectly long reply
      can violate those assumptions.  This was observed to cause crashes.
      
      Also, several operations increment rq_next_page in the decode routine
      before checking the argument size, which can leave rq_next_page pointing
      well past the end of the page array, causing trouble later in
      svc_free_pages.
      
      So, following a suggestion from Neil Brown, add a central check to
      enforce our expectation that no NFSv2/v3 call has both a large call and
      a large reply.
      
      As followup we may also want to rewrite the encoding routines to check
      more carefully that they aren't running off the end of the page array.
      
      We may also consider rejecting calls that have any extra garbage
      appended.  That would be safer, and within our rights by spec, but given
      the age of our server and the NFS protocol, and the fact that we've
      never enforced this before, we may need to balance that against the
      possibility of breaking some oddball client.
      Reported-by: NTuomas Haanpää <thaan@synopsys.com>
      Reported-by: NAri Kauppi <ari@synopsys.com>
      Cc: stable@vger.kernel.org
      Reviewed-by: NNeilBrown <neilb@suse.com>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      e6838a29
  2. 11 3月, 2017 2 次提交
  3. 02 3月, 2017 1 次提交
  4. 28 2月, 2017 1 次提交
  5. 01 2月, 2017 1 次提交
  6. 16 12月, 2016 1 次提交
  7. 27 9月, 2016 1 次提交
  8. 07 1月, 2016 1 次提交
    • K
      nfsd: Fix nfsd leaks sunrpc module references · 691412b4
      Kinglong Mee 提交于
      Stefan Hajnoczi reports,
      nfsd leaks 3 references to the sunrpc module here:
      
        # echo -n "asdf 1234" >/proc/fs/nfsd/portlist
        bash: echo: write error: Protocol not supported
      
      Now stop nfsd and try unloading the kernel modules:
      
        # systemctl stop nfs-server
        # systemctl stop nfs
        # systemctl stop proc-fs-nfsd.mount
        # systemctl stop var-lib-nfs-rpc_pipefs.mount
        # rmmod nfsd
        # rmmod nfs_acl
        # rmmod lockd
        # rmmod auth_rpcgss
        # rmmod sunrpc
        rmmod: ERROR: Module sunrpc is in use
        # lsmod | grep rpc
        sunrpc                315392  3
      
      It is caused by nfsd don't cleanup rpcb program for nfsd
      when destroying svc service after creating xprt fail.
      Reported-by: NStefan Hajnoczi <stefanha@redhat.com>
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      691412b4
  9. 23 12月, 2015 1 次提交
  10. 11 8月, 2015 5 次提交
  11. 10 2月, 2015 1 次提交
  12. 10 12月, 2014 1 次提交
  13. 02 8月, 2014 1 次提交
  14. 09 7月, 2014 1 次提交
    • J
      nfsd: add a new /proc/fs/nfsd/max_connections file · 5b8db00b
      Jeff Layton 提交于
      Currently, the maximum number of connections that nfsd will allow
      is based on the number of threads spawned. While this is fine for a
      default, there really isn't a clear relationship between the two.
      
      The number of threads corresponds to the number of concurrent requests
      that we want to allow the server to process at any given time. The
      connection limit corresponds to the maximum number of clients that we
      want to allow the server to handle. These are two entirely different
      quantities.
      
      Break the dependency on increasing threads in order to allow for more
      connections, by adding a new per-net parameter that can be set to a
      non-zero value. The default is still to base it on the number of threads,
      so there should be no behavior change for anyone who doesn't use it.
      
      Cc: Trond Myklebust <trond.myklebust@primarydata.com>
      Signed-off-by: NJeff Layton <jlayton@primarydata.com>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      5b8db00b
  15. 23 6月, 2014 1 次提交
  16. 23 5月, 2014 1 次提交
    • N
      nfsd: Only set PF_LESS_THROTTLE when really needed. · 8658452e
      NeilBrown 提交于
      PF_LESS_THROTTLE has a very specific use case: to avoid deadlocks
      and live-locks while writing to the page cache in a loop-back
      NFS mount situation.
      
      It therefore makes sense to *only* set PF_LESS_THROTTLE in this
      situation.
      We now know when a request came from the local-host so it could be a
      loop-back mount.  We already know when we are handling write requests,
      and when we are doing anything else.
      
      So combine those two to allow nfsd to still be throttled (like any
      other process) in every situation except when it is known to be
      problematic.
      Signed-off-by: NNeilBrown <neilb@suse.de>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      8658452e
  17. 07 1月, 2014 1 次提交
  18. 04 1月, 2014 1 次提交
  19. 13 7月, 2013 1 次提交
    • J
      nfsd4: fix minorversion support interface · 35f7a14f
      J. Bruce Fields 提交于
      You can turn on or off support for minorversions using e.g.
      
      	echo "-4.2" >/proc/fs/nfsd/versions
      
      However, the current implementation is a little wonky.  For example, the
      above will turn off 4.2 support, but it will also turn *on* 4.1 support.
      
      This didn't matter as long as we only had 2 minorversions, which was
      true till very recently.
      
      And do a little cleanup here.
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      35f7a14f
  20. 09 7月, 2013 1 次提交
  21. 24 2月, 2013 1 次提交
  22. 16 2月, 2013 1 次提交
    • S
      nfsd: containerize NFSd filesystem · 11f77942
      Stanislav Kinsbursky 提交于
      This patch makes NFSD file system superblock to be created per net.
      This makes possible to get proper network namespace from superblock instead of
      using hard-coded "init_net".
      
      Note: NFSd fs super-block holds network namespace. This garantees, that
      network namespace won't disappear from underneath of it.
      This, obviously, means, that in case of kill of a container's "init" (which is not a mount
      namespace, but network namespace creator) netowrk namespace won't be
      destroyed.
      Signed-off-by: NStanislav Kinsbursky <skinsbursky@parallels.com>
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      11f77942
  23. 04 2月, 2013 1 次提交
  24. 11 12月, 2012 12 次提交