summaryrefslogtreecommitdiffstats
path: root/sys/nfsserver
Commit message (Collapse)AuthorAgeFilesLines
* Use __FBSDID().obrien2003-06-113-3/+0
|
* Protect read-modify-write increment of f_count field with file lock.hsu2003-06-051-1/+1
|
* Add /* FALLTHROUGH */phk2003-05-311-0/+1
| | | | Found by: FlexeLint
* Beat vnode locking in the NFS server code into submission. This changetruckman2003-05-253-114/+203
| | | | | | | | | | is not pretty, but it fixes the code so that it no longer violates the vnode locking rules in the VFS API and doesn't trip any of the locking assertions enabled by the DEBUG_VFS_LOCKS kernel configuration option. There is one report that this patch fixed a "locking against myself" panic on an NFS server that was tripped by a diskless client. Approved by: re (scottl)
* - Acquire the vm_object's lock when performing vm_object_page_clean().alc2003-04-241-0/+4
| | | | | | - Add a parameter to vm_pageout_flush() that tells vm_pageout_flush() whether its caller has locked the vm_object. (This is a temporary measure to bootstrap vm_object locking.)
* - Lock bufs before inspecting their flags.jeff2003-03-131-6/+9
|
* More low-hanging fruit: kill caddr_t in calls to wakeup(9) / [mt]sleep(9).des2003-03-023-12/+12
|
* - Add an interlock argument to BUF_LOCK and BUF_TIMELOCK.jeff2003-02-251-3/+7
| | | | | | | | | | - Remove the buftimelock mutex and acquire the buf's interlock to protect these fields instead. - Hold the vnode interlock while locking bufs on the clean/dirty queues. This reduces some cases from one BUF_LOCK with a LK_NOWAIT and another BUF_LOCK with a LK_TIMEFAIL to a single lock. Reviewed by: arch, mckusick
* Don't use mbuf allocator flags for malloc(9).phk2003-02-221-2/+4
|
* Back out M_* changes, per decision of the TRB.imp2003-02-195-33/+33
| | | | Approved by: trb
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-215-33/+33
| | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
* Bow to the whining masses and change a union back into void *. Retaindillon2003-01-131-1/+1
| | | | | removal of unnecessary casts and throw in some minor cleanups to see if anyone complains, just for the hell of it.
* Change struct file f_data to un_data, a union of the correct structdillon2003-01-121-1/+1
| | | | | | | | | | pointer types, and remove a huge number of casts from code using it. Change struct xfile xf_data to xun_data (ABI is still compatible). If we need to add a #define for f_data and xf_data we can, but I don't think it will be necessary. There are no operational changes in this commit.
* Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,schweikh2003-01-011-2/+2
| | | | especially in troff files.
* Abstract-out the constants for the sequential heuristic.dillon2002-12-281-3/+3
| | | | | | No operational changes. MFC after: 1 day
* In the NFSv3 `fsinfo' procedure reply, don't claim that we supportiedowse2002-12-051-2/+2
| | | | | | | | | | | | | 32k read and write operations on datagram sockets when in fact we reject requests larger than 16k. It must be the case that virtually all clients use data sizes of 16k or less for UDP transport (FreeBSD's client defaults to 8k and never exceeds 16k), as this bug has been present ever since NFSv3 support was added. Reported by: Senthil <lihtnes78@netscape.net> Reviewed by: dillon Approved by: re MFC-after: 1 week
* Permit MAC policies to instrument the access control decisions forrwatson2002-11-041-2/+9
| | | | | | | | | | | system accounting configuration and for nfsd server thread attach. Policies might use this to protect the integrity or confidentiality of accounting data, limit the ability to turn on or off accounting, as well as to prevent inappropriately labeled threads from becoming nfs server threads. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* - Introduce a new macro, since that's what nfs loves, calledjeff2002-10-313-6/+16
| | | | | | | | | | | | | | | | nfsm_srvpathsiz. This macro plucks a length out of an rpc request and verifies that its size does not exceed NFS_MAXPATHLEN. If it does it generates an ENAMETOOLONG response. - Use this macro, and the existing nfsm_srvnamsiz macro in two places where we deal with paths passed in by the client. This fixes a linux interoperability bug. Linux was sending oversized path components which would cause us to ignore the request all together. This causes linux to hang indefinitly while it waits for a response. This could still happen in other cases where we error out with EBADRPC. Sponsored by: Isilon Systems, Inc. Reviewed by: alfred, fabbri@isilon.com, neal@isilon.com
* Set the NOMACCHECK flag for namei()'s generated by the NFS server code.rwatson2002-10-191-0/+1
| | | | | | | We currently don't enforce protections on NFS-originated VOP's. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Correct a problem wherein NFS servers running NFSv2 would not returnrwatson2002-10-031-3/+2
| | | | | | | certain classes of failure responses to the client during a failed remove operation. Submitted by: Ian Dowse <iedowse@maths.tcd.ie>
* - Use incore() instead of gbincore() so we don't have to acquire thejeff2002-09-251-1/+1
| | | | vnode interlock.
* Use m_length() instead of home-rolled versions.phk2002-09-181-6/+1
|
* Make the V2 errno translation more resistent to new errnos.phk2002-08-211-21/+22
|
* - Replace v_flag with v_iflag and v_vflagjeff2002-08-041-3/+3
| | | | | | | | | | | | | | | - v_vflag is protected by the vnode lock and is used when synchronization with VOP calls is needed. - v_iflag is protected by interlock and is used for dealing with vnode management issues. These flags include X/O LOCK, FREE, DOOMED, etc. - All accesses to v_iflag and v_vflag have either been locked or marked with mp_fixme's. - Many ASSERT_VOP_LOCKED calls have been added where the locking was not clear. - Many functions in vfs_subr.c were restructured to provide for stronger locking. Idea stolen from: BSD/OS
* Oops, another unused arg to nfssvc_nfsd(). *blush*peter2002-07-241-3/+3
| | | | Submitted by: jake
* Fully exterminate nfsd_srvargs and nfsd_cargs. They were either unusedpeter2002-07-242-41/+10
| | | | | or giant NOP's. There was a credential in srvargs that was giving rwatson some heartburn. :-)
* Stick a dark comment in about the fact that the NFS server code allocatesrwatson2002-07-241-0/+7
| | | | | | | | a ucred by itself as part of an nfs descriptor, then bzero's the ucred, fails to initialize the mutex, etc. This is very bad, but I don't have time to fix it right now. nfsd should instead hold a cred pointer, and the credential should be properly initialized, probably from a descendent of a kernel process credential.
* sync comment with reality. IN6P_BINDV6ONLY -> IN6P_IPV6_V6ONLY.ume2002-07-221-1/+1
|
* 'recm' was not being unconditionally cleared for each loop, leading todillon2002-07-171-1/+6
| | | | | | | | | | | system lockups (infinite loops) when a zero-length RPC is received. Linux clients will sometimes send zero-length RPC requests. Reorganize the use of recm in the loop. Cc: security@freebsd.org Submitted by: Mike Junk <junk@isilon.com> MFC after: 3 days
* Add IPv6 support.alfred2002-07-155-14/+56
| | | | Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
* Convert old style (type foo *)0 casts to NULLsdillon2002-07-114-46/+45
| | | | | PR: kern/40360 Requested by: Hiten PAndya via direct email
* Replace the global buffer hash table with per-vnode splay trees using adillon2002-07-101-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | methodology similar to the vm_map_entry splay and the VM splay that Alan Cox is working on. Extensive testing has appeared to have shown no increase in overhead. Disadvantages Dirties more cache lines during lookups. Not as fast as a hash table lookup (but still N log N and optimal when there is locality of reference). Advantages vnode->v_dirtyblkhd is now perfectly sorted, making fsync/sync/filesystem syncer operate more efficiently. I get to rip out all the old hacks (some of which were mine) that tried to keep the v_dirtyblkhd tailq sorted. The per-vnode splay tree should be easier to lock / SMPng pushdown on vnodes will be easier. This commit along with another that Alan is working on for the VM page global hash table will allow me to implement ranged fsync(), optimize server-side nfs commit rpcs, and implement partial syncs by the filesystem syncer (aka filesystem syncer would detect that someone is trying to get the vnode lock, remembers its place, and skip to the next vnode). Note that the buffer cache splay is somewhat more complex then other splays due to special handling of background bitmap writes (multiple buffers with the same lblkno in the same vnode), and B_INVAL discontinuities between the old hash table and the existence of the buffer on the v_cleanblkhd list. Suggested by: alc
* Back out my lats commit of locking down a socket, it conflicts with hsu's work.tanimura2002-05-311-6/+2
| | | | Requested by: hsu
* Lock down a socket, milestone 1.tanimura2002-05-201-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a socket buffer. The mutex in the receive buffer also protects the data in struct socket. o Determine the lock strategy for each members in struct socket. o Lock down the following members: - so_count - so_options - so_linger - so_state o Remove *_locked() socket APIs. Make the following socket APIs touching the members above now require a locked socket: - sodisconnect() - soisconnected() - soisconnecting() - soisdisconnected() - soisdisconnecting() - sofree() - soref() - sorele() - sorwakeup() - sotryfree() - sowakeup() - sowwakeup() Reviewed by: alfred
* More s/file system/filesystem/gtrhodes2002-05-162-5/+5
|
* Limit to the maximum allowed reply size the amount of data thatiedowse2002-04-211-0/+4
| | | | | | | | | | | nfsrv_readdir and nfsrv_readdirplus can return. A client request containing an over-large `count' field could trigger the "Bad nfs svc reply" panic in nfs_syscalls.c. Spotted while trying to reproduce kern/37304, which turned out to be fixed in FreeBSD a long time ago. MFC after: 1 week
* Change the suser() API to take advantage of td_ucred as well as do ajhb2002-04-012-3/+3
| | | | | | | | | | | | general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag. Discussed on: smp@
* Remove references to vm_zone.h and switch over to the new uma API.jeff2002-03-201-11/+11
|
* Add a flags parameter to VFS_VGET to pass through the desiredmckusick2002-03-171-2/+4
| | | | | | | | | | | | locking flags when acquiring a vnode. The immediate purpose is to allow polling lock requests (LK_NOWAIT) needed by soft updates to avoid deadlock when enlisting other processes to help with the background cleanup. For the future it will allow the use of shared locks for read access to vnodes. This change touches a lot of files as it affects most filesystems within the system. It has been well tested on FFS, loopback, and CD-ROM filesystems. only lightly on the others, so if you find a problem there, please let me (mckusick@mckusick.com) know.
* Simple p_ucred -> td_ucred changes to start using the per-thread ucredjhb2002-02-272-3/+2
| | | | reference.
* The vnode was not being vput()'d in the EEXIST mknod case on the nfsdillon2002-01-141-0/+2
| | | | | | | | | server side. This can lead to a system deadlock. Reviewed by: iedowse Tested by: Alexey G Misurenko <mag@caravan.ru>, iedowse Bug found with help by: Alexey G Misurenko <mag@caravan.ru> MFC at: earliest convenience
* It is required by VOP_CREATE, VOP_MKNOD, VOP_SYMLINK and VOP_MKDIRiedowse2002-01-131-3/+9
| | | | | | | | | | | | | | | | that va_mode of the supplied attributes is filled in with a valid file mode (i.e not VNOVAL, and only ALLPERM bits set). However, some NFS server op functions didn't guarantee this for all possible request messages: If a V3 client chose not include to a mode specification, we could end up creating an ffs inode with mode 0177777, requiring a manual fsck on the next reboot. Fix this by setting va_mode to 0 before calling the VOP if a mode hasn't been supplied by the client. In nfsrv_symlink(), S_IFMT bits supplied by a V2 client could end up in the va_mode passed to VOP_SYMLINK with similar effects. We now use the macro nfstov_mode() to correctly mask the bits.
* Fix a few NFSv2 issues that slipped in during the big cleanup. Theiedowse2002-01-121-33/+28
| | | | | | | | | | | | | | semantics of the nfsm_reply() macro were changed so that the caller has to explicitly handle the V2 error case, whereas before, nfsm_reply() did a `goto nfsmout' then. A few server ops (setattr, readlink, create, mkdir) weren't updated to match, so errors in the V2 case could cause protocol hangs and leaked mbufs. Correct some comments that describe the old nfsm_reply behaviour. [older, harmless nit] Remove the unnecessary `nfsmreply0' label in nfsrv_create(), since for its users, the main `ereply' label does the same thing.
* The macro nfsm_reply() is supposed to allocate a reply in all cases,iedowse2002-01-111-2/+2
| | | | | | | | | | | | | but since the nfs cleanup, it hasn't done so in the case where `error' is EBADRPC. Callers of this macro expect it to initialise *mrq, and the `nfsmout' exit point expects a reply to be allocated if error == 0. When nfsm_reply() was called with error = EBADRPC, whatever junk was in *mrq (often a stale pointer to an old reply mbuf) would be assumed to be a valid reply and passed to pru_sosend(), causing a crash sooner or later. Fix this by allocating a reply even in the EBADRPC case like we used to do. This bug was specific to -current.
* Rename some variables that end up shadowing their namesakes in the NFS clientmsmith2002-01-085-73/+74
| | | | | | code. Reviewed by: peter
* Avoid passing the variable `tl' to functions that just use it foriedowse2001-12-183-96/+82
| | | | | | | | | | | | | temporary storage. In the old NFS code it wasn't at all clear if the value of `tl' was used across or after macro calls, but I'm fairly confident that the convention was to keep its use local. Each ex-macro function now uses a local version of this variable, so all of the double-indirection goes away. The only exception to the `local use' rule for `tl' is nfsm_clget(), which is left unchanged by this commit. Reviewed by: peter
* When VOP_SYMLINK fails, the value of *vpp is junk, so we must NULLiedowse2001-12-041-3/+2
| | | | | | | | | | | out nd.ni_vp to prevent the resource cleanup code at the end of nfsrv_symlink from trying to vrele it. This fixes a "vrele: negative ref cnt" panic that can occur when a symlink is attempted on an NFS filesystem with no free space. Found locally, but the symptoms correspond to those in the PR referenced below. PR: kern/26878 MFC after: 3 days
* Give struct socket structures a ref counting interface similar todillon2001-11-171-2/+5
| | | | | | | vnodes. This will hopefully serve as a base from which we can expand the MP code. We currently do not attempt to obtain any mutex or SX locks, but the door is open to add them when we nail down exactly how that part of it is going to work.
* Fix a leftover client comment, long line fix.peter2001-11-151-6/+4
|
* Now that nfsm_reply() does not usually set 'error' to 0, we neediedowse2001-10-251-0/+1
| | | | | | | | | | | | to do it explicitly in nfsrv_noop so that the reply gets sent back to the client. This fixes the generation of a selection of RPC error replies (RPC_PROGMISMATCH, RPC_PROGUNAVAIL, RPC_PROCUNAVAIL etc.) that are used by some clients to detect support for optional protocols and features. Reviewed by: peter Reported by: Thomas Quinot <quinot@inf.enst.fr> PR: kern/31479
OpenPOWER on IntegriCloud