#
347040 |
|
03-May-2019 |
rmacklem |
MFC: r346365 Fix the NFSv4.0 server so that it does not support NFSv4.1 attributes.
During inspection of a packet trace, I noticed that an NFSv4.0 mount reported that it supported attributes that are only defined for NFSv4.1. In practice, this bug appears to be benign, since NFSv4.0 clients will not use attributes that were added for NFSv4.1. However, this was not correct and this patch fixes the NFSv4.0 server so that it only supports attributes defined for NFSv4.0. It also adds a definition for NFSv4.1 attributes that can only be set, although it is only defined as 0 for now. This is anticipation of the addition of support for the NFSv4.1 mode+mask attribute soon.
|
#
346466 |
|
21-Apr-2019 |
rmacklem |
MFC: r345992, r346087 Add INET6 support for the upcalls to the nfsuserd daemon.
The kernel code uses UDP to do upcalls to the nfsuserd(8) daemon to get updates to the username<->uid and groupname<->gid mappings. A change to AF_LOCAL last year had to be reverted, since it could result in vnode locking issues on the AF_LOCAL socket. This patch adds INET6 support and the required #ifdef INET and INET6 to the code.
|
#
336846 |
|
28-Jul-2018 |
rmacklem |
MFC: r334492 Add the BindConnectiontoSession operation to the NFSv4.1 server.
Under some fairly unusual circumstances, the Linux NFSv4.1 client is doing a BindConnectiontoSession operation for TCP connections. It is also used by the ESXi6.5 NFSv4.1 client. This patch adds this operation to the NFSv4.1 server.
PR: 226493
|
#
321877 |
|
01-Aug-2017 |
trasz |
MFC r320359:
Add vfs.nfsd.nfsd_enable_uidtostring, which works just like vfs.nfsd.nfsd_enable_stringtouid, but in reverse - when set to 1, it forces the NFSv4 server to return numeric UIDs and GIDs instead of "user@domain" strings. This helps with clients that can't translate returned identifiers, eg when rerooting.
The same can be achieved by just never running nfsuserd(8), but the sysctl is useful to toggle the behaviour back and forth without rebooting.
MFC r320409:
Revert part of r320359, as suggested by rmacklem@. That case is only used for nfsuserd -manage-gids and shouldn't depend on sysctl.
MFC r321196:
Rename vfs.nfsd.enable_uidtostring to vfs.nfs.enable_uidtostring. It applies to both NFS client and NFS server, and is useful for both. This is different from vfs.nfsd.enable_stringtouid, which is specific to server side.
Sponsored by: DARPA, AFRL
|
#
317917 |
|
07-May-2017 |
rmacklem |
MFC: r317269 Set default uid/gid to nobody/nogroup for NFSv4 mapping.
The default uid/gid for NFSv4 are set by the nfsuserd(8) daemon. However, they were 0 until the nfsuserd(8) was run. Since it is possible to use NFSv4 without running the nfsuserd(8) daemon, set them to nobody/nogroup initially. Without this patch, the values would be set by the nfsuserd(8) daemon and left changed even if the nfsuserd(8) daemon was killed. The default values of 0 meant that setting a group to "wheel" would fail even when done by root. It also adds a definition of GID_NOGROUP to sys/conf.h.
|
#
317429 |
|
26-Apr-2017 |
rmacklem |
MFC: r316692 Set initial values for nfsstatfs in the NFSv4 client.
The AmazonEFS NFSv4.1 server does not support the FILES_FREE and FILES_TOTAL attributes. As such, an NFSv4.1 mount to the server would return garbage for these values. This patch initializes the fields of the nfsstatfs structure, so that "df" and friends will at least return consistent bogus values.
|
#
317419 |
|
25-Apr-2017 |
rmacklem |
MFC: r316666 Fix the NFSv4.1 client for NFSERR_BADSESSION recovery via ReclaimComplete.
For the ReclaimComplete operation, the RPC layer should not loop on NFSERR_BADSESSION. If it does, the recovery thread (nfscl) can get stuck looping and will not do a recovery. This patch fixes it so it does not loop. This bug only affects NFSv4.1 and only when a server reboots.
|
#
317404 |
|
25-Apr-2017 |
rmacklem |
MFC: r310491 Fix NFSv4.1 client recovery from NFS4ERR_BAD_SESSION errors.
For most NFSv4.1 servers, a NFS4ERR_BAD_SESSION error is a rare failure that indicates that the server has lost session/open/lock state. However, recent testing by cperciva@ against the AmazonEFS server found several problems with client recovery from this due to it generating this failure frequently. Briefly, the problems fixed are: - If all session slots were in use at the time of the failure, some processes would continue to loop waiting for a slot on the old session forever. - If an RPC that doesn't use open/lock state failed with NFS4ERR_BAD_SESSION, it would fail the RPC/syscall instead of initiating recovery and then looping to retry the RPC. - If a successful reply to an RPC for an old session wasn't processed until after a new session was created for a NFS4ERR_BAD_SESSION error, it would erroneously update the new session and corrupt it. - The use of the first element of the session list in the nfs mount structure (which is always the current metadata session) was slightly racey. With changes for the above problems it became more racey, so all uses of this head pointer was wrapped with a NFSLOCKMNT()/NFSUNLOCKMNT(). - Although the kernel malloc() usually allocates more bytes than requested and, as such, this wouldn't have caused problems, the allocation of a session structure was 1 byte smaller than it should have been. (Null termination byte for the string not included in byte count.)
There are probably still problems with a pNFS data server that fails with NFS4ERR_BAD_SESSION, but I have no server that does this to test against (the AmazonEFS server doesn't do pNFS), so I can't fix these yet.
Although this patch is fairly large, it should only affect the handling of NFS4ERR_BAD_SESSION error replies from an NFSv4.1 server. Thanks go to cperciva@ for the extension testing he did to help isolate/fix these problems.
|
#
310322 |
|
20-Dec-2016 |
cperciva |
MFC r308708: Reduce verbosity of warnings about truncating NFS fileids to 32-bit inode numbers.
|
#
306809 |
|
07-Oct-2016 |
emaste |
MFC r299199: Add nid_namelen bounds check to nfssvc system call
This is only allowed by root and only used by the nfs daemon, which should not provide an incorrect value. However, it's still good practice to validate data provided by userland.
PR: 206626
|
#
292307 |
|
15-Dec-2015 |
rmacklem |
MFC: r291638 Fix the memory leak that occurs when the nfscommon.ko module is unloaded. This leak was introduced by r291527 (r292223 in stable/10). Since the nfscommon.ko module is rarely unloaded, this leak would not have been much of an issue.
|
#
292223 |
|
14-Dec-2015 |
rmacklem |
MFC: r291527 Add kernel support to the NFS server for the "-manage-gids" option that will be added to the nfsuserd daemon in a future commit. It modifies the cache used by NFSv4 for name<-->id translation (both username/uid and group/gid) to support this. When "-manage-gids" is set, the server looks up each uid for the RPC and uses the list of groups cached in the server instead of the list of groups provided in the RPC request. The cached group list is acquired for the cache by the nfsuserd daemon via getgrouplist(3). This avoids the 16 groups limit for the list in the RPC request. Since the cache is now used for every RPC when "-manage-gids" is enabled, the code also modifies the cache to use a separate mutex for each hash list instead of a single global mutex.
|
#
276327 |
|
28-Dec-2014 |
peterj |
MFH r275941: Adjust the test of a KASSERT to better match the intent.
This assertion was added in r246213 as a guard against corrupted mbufs arriving from drivers, the key distinguishing factor of said mbufs being that they had a negative length. Given we're in a while loop specifically designed to skip over zero-length mbufs, panicking on a zero-length mbuf seems incorrect.
Suggested by: rmacklem MFH go-ahead: benno Approved by: grog (co-mentor)
|
#
269398 |
|
01-Aug-2014 |
rmacklem |
MFC: r268115 Merge the NFSv4.1 server code in projects/nfsv4.1-server over into head. The code is not believed to have any effect on the semantics of non-NFSv4.1 server behaviour. It is a rather large merge, but I am hoping that there will not be any regressions for the NFS server.
|
#
265714 |
|
08-May-2014 |
rmacklem |
MFC: r265252 The new draft specification for NFSv4.0 specifies that a server should either accept owner and owner_group strings that are just the digits of the uid/gid or return NFS4ERR_BADOWNER. This patch adds a sysctl vfs.nfsd.enable_stringtouid, which can be set to enable the server w.r.t. accepting numeric string. It also ensures that NFS4ERR_BADOWNER is returned if numeric uid/gid strings are not enabled. This fixes the server for recent Linux nfs4 clients that use numeric uid/gid strings by default.
|
#
265434 |
|
06-May-2014 |
rmacklem |
MFC: r264672 Modify the Lookup RPC for NFSv4 so that it acquires directory attributes. This allows the client to cache directory names when they are looked up, reducing the Lookup RPC count by about 40% for software builds.
|
#
260143 |
|
31-Dec-2013 |
rmacklem |
MFC: r259801 The NFSv4 client was passing both the p and cred arguments to nfsv4_fillattr() as NULLs for the Getattr callback. This caused nfsv4_fillattr() to not fill in the Change attribute for the reply. I believe this was a violation of the RFC, but had little effect on server behaviour. This patch passes a non-NULL p argument to fix this.
|
#
259238 |
|
11-Dec-2013 |
rmacklem |
MFC: r257901 Fix an NFSv4.1 client specific case where a forced dismount would hang. The hang occurred in nfsv4_setsequence() when it couldn't find an available session slot and is fixed by checking for a forced dismount in progress and just returning for this case.
|
#
276327 |
|
28-Dec-2014 |
peterj |
MFH r275941: Adjust the test of a KASSERT to better match the intent.
This assertion was added in r246213 as a guard against corrupted mbufs arriving from drivers, the key distinguishing factor of said mbufs being that they had a negative length. Given we're in a while loop specifically designed to skip over zero-length mbufs, panicking on a zero-length mbuf seems incorrect.
Suggested by: rmacklem MFH go-ahead: benno Approved by: grog (co-mentor)
|
#
269398 |
|
01-Aug-2014 |
rmacklem |
MFC: r268115 Merge the NFSv4.1 server code in projects/nfsv4.1-server over into head. The code is not believed to have any effect on the semantics of non-NFSv4.1 server behaviour. It is a rather large merge, but I am hoping that there will not be any regressions for the NFS server.
|
#
265714 |
|
08-May-2014 |
rmacklem |
MFC: r265252 The new draft specification for NFSv4.0 specifies that a server should either accept owner and owner_group strings that are just the digits of the uid/gid or return NFS4ERR_BADOWNER. This patch adds a sysctl vfs.nfsd.enable_stringtouid, which can be set to enable the server w.r.t. accepting numeric string. It also ensures that NFS4ERR_BADOWNER is returned if numeric uid/gid strings are not enabled. This fixes the server for recent Linux nfs4 clients that use numeric uid/gid strings by default.
|
#
265434 |
|
06-May-2014 |
rmacklem |
MFC: r264672 Modify the Lookup RPC for NFSv4 so that it acquires directory attributes. This allows the client to cache directory names when they are looked up, reducing the Lookup RPC count by about 40% for software builds.
|
#
260143 |
|
31-Dec-2013 |
rmacklem |
MFC: r259801 The NFSv4 client was passing both the p and cred arguments to nfsv4_fillattr() as NULLs for the Getattr callback. This caused nfsv4_fillattr() to not fill in the Change attribute for the reply. I believe this was a violation of the RFC, but had little effect on server behaviour. This patch passes a non-NULL p argument to fix this.
|
#
259238 |
|
11-Dec-2013 |
rmacklem |
MFC: r257901 Fix an NFSv4.1 client specific case where a forced dismount would hang. The hang occurred in nfsv4_setsequence() when it couldn't find an available session slot and is fixed by checking for a forced dismount in progress and just returning for this case.
|