summaryrefslogtreecommitdiffstats
path: root/fs/nfsd/state.h
Commit message (Collapse)AuthorAgeFilesLines
* nfsd: Modify nfsd4_cb_sec to use kuids and kgidsEric W. Biederman2013-02-131-2/+2
| | | | | | | | | | | | | Change uid and gid in struct nfsd4_cb_sec to be of type kuid_t and kgid_t. In nfsd4_decode_cb_sec when reading uids and gids off the wire convert them to kuids and kgids, and if they don't convert to valid kuids or valid kuids ignore RPC_AUTH_UNIX and don't fill in any of the fields. Cc: "J. Bruce Fields" <bfields@fieldses.org> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
* NFSD: Forget state for a specific clientBryan Schumaker2012-12-031-0/+1
| | | | | | | | Write the client's ip address to any state file and all appropriate state for that client will be forgotten. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSD: Reading a fault injection file prints a state countBryan Schumaker2012-12-031-0/+5
| | | | | | | | | | I also log basic information that I can figure out about the type of state (such as number of locks for each client IP address). This can be useful for checking that state was actually dropped and later for checking if the client was able to recover. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSD: Fault injection operations take a per-client forget functionBryan Schumaker2012-12-031-5/+7
| | | | | | | | | | The eventual goal is to forget state based on ip address, so it makes sense to call this function in a for-each-client loop until the correct amount of state is forgotten. I also use this patch as an opportunity to rename the forget function from "func()" to "forget()". Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSD: Fold fault_inject.h into state.hBryan Schumaker2012-11-281-0/+15
| | | | | | | | | | There were only a small number of functions in this file and since they all affect stored state I think it makes sense to put them in state.h instead. I also dropped most static inline declarations since there are no callers when fault injection is not enabled. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: pass nfsd_net instead of net to grace endersStanislav Kinsbursky2012-11-151-1/+1
| | | | | | | Passing net context looks as overkill. Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: use service net instead of hard-coded init_netStanislav Kinsbursky2012-11-151-1/+1
| | | | | | | | This patch replaces init_net by SVC_NET(), where possible and also passes proper context to nested functions where required. Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: make reclaim_str_hashtbl allocated per netStanislav Kinsbursky2012-11-151-5/+7
| | | | | | | | | | | This hash holds nfs4_clients info, which are network namespace aware. So let's make it allocated per network namespace. Note: this hash is used only by legacy tracker. So let's allocate hash in tracker init. Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: make nfs4_client network namespace dependentStanislav Kinsbursky2012-11-151-0/+1
| | | | | | | And use it's net where possible. Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: get rid of cl_recdir fieldJeff Layton2012-11-121-2/+0
| | | | | | | | | | | | | Remove the cl_recdir field from the nfs4_client struct. Instead, just compute it on the fly when and if it's needed, which is now only when the legacy client tracking code is in effect. The error handling in the legacy client tracker is also changed to handle the case where md5 is unavailable. In that case, we'll warn the admin with a KERN_ERR message and disable the client tracking. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: move the confirmed and unconfirmed hlists to a rbtreeJeff Layton2012-11-121-1/+2
| | | | | | | | | | | | The current code requires that we md5 hash the name in order to store the client in the confirmed and unconfirmed trees. Change it instead to store the clients in a pair of rbtrees, and simply compare the cl_names directly instead of hashing them. This also necessitates that we add a new flag to the clp->cl_flags field to indicate which tree the client is currently in. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: don't search for client by hash on legacy reboot recovery gracedoneJeff Layton2012-11-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | When nfsd starts, the legacy reboot recovery code creates a tracking struct for each directory in the v4recoverydir. When the grace period ends, it basically does a "readdir" on the directory again, and matches each dentry in there to an existing client id to see if it should be removed or not. If the matching client doesn't exist, or hasn't reclaimed its state then it will remove that dentry. This is pretty inefficient since it involves doing a lot of hash-bucket searching. It also means that we have to keep relying on being able to search for a nfs4_client by md5 hashed cl_recdir name. Instead, add a pointer to the nfs4_client that indicates the association between the nfs4_client_reclaim and nfs4_client. When a reclaim operation comes in, we set the pointer to make that association. On gracedone, the legacy client tracker will keep the recdir around iff: 1/ there is a reclaim record for the directory ...and... 2/ there's an association between the reclaim record and a client record -- that is, a create or check operation was performed on the client that matches that directory. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: make nfs4_client_to_reclaim return a pointer to the reclaim recordJeff Layton2012-11-121-1/+1
| | | | | | | Later callers will need to make changes to the record. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: break out reclaim record removal into separate functionJeff Layton2012-11-121-0/+1
| | | | | | | We'll need to be able to call this from nfs4recover.c eventually. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: have nfsd4_find_reclaim_client take a char * argumentJeff Layton2012-11-121-1/+1
| | | | | | | | | Currently, it takes a client pointer, but later we're going to need to search for these records without knowing whether a matching client even exists. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: remove unused argument to nfs4_has_reclaimed_stateJeff Layton2012-11-101-1/+1
| | | | | Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: backchannel should use client-provided security flavorJ. Bruce Fields2012-11-071-0/+1
| | | | | | | For now this only adds support for AUTH_NULL. (Previously we assumed AUTH_UNIX.) We'll also need AUTH_GSS, which is trickier. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: common helper to initialize callback workJ. Bruce Fields2012-11-071-1/+1
| | | | | | | I've found it confusing having the only references to nfsd4_do_callback_rpc() in a different file. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: implement backchannel_ctl operationJ. Bruce Fields2012-11-071-0/+5
| | | | | | This operation is mandatory for servers to implement. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: use callback security parameters in create_sessionJ. Bruce Fields2012-11-071-0/+1
| | | | | | | | | | | | | | | | We're currently ignoring the callback security parameters specified in create_session, and just assuming the client wants auth_sys, because that's all the current linux client happens to care about. But this could cause us callbacks to fail to a client that wanted something different. For now, all we're doing is no longer ignoring the uid and gid passed in the auth_sys case. Further patches will add support for auth_null and gss (and possibly use more of the auth_sys information; the spec wants us to use exactly the credential we're passed, though it's hard to imagine why a client would care). Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: clean up callback security parsingJ. Bruce Fields2012-11-071-2/+7
| | | | | | Move the callback parsing into a separate function. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: enforce per-client sessions/no-sessions distinctionJ. Bruce Fields2012-10-011-1/+1
| | | | | | | | | Something like creating a client with setclientid and then trying to confirm it with create_session may not crash the server, but I'm not completely positive of that, and in any case it's obviously bad client behavior. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: trivial comment updatesJeff Layton2012-08-201-5/+1
| | | | | | | locks.c doesn't use the BKL anymore and there is no fi_perfile field. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: fix security flavor of NFSv4.0 callbackJ. Bruce Fields2012-08-201-1/+0
| | | | | | | | | | | | | | | | | Commit d5497fc693a446ce9100fcf4117c3f795ddfd0d2 "nfsd4: move rq_flavor into svc_cred" forgot to remove cl_flavor from the client, leaving two places (cl_flavor and cl_cred.cr_flavor) for the flavor to be stored. After that patch, the latter was the one that was updated, but the former was the one that the callback used. Symptoms were a long delay on utime(). This is because the utime() generated a setattr which recalled a delegation, but the cb_recall was ignored by the client because it had the wrong security flavor. Cc: stable@vger.kernel.org Tested-by: Jamie Heilman <jamie@audible.transient.net> Reported-by: Jamie Heilman <jamie@audible.transient.net> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSd: make boot_time variable per network namespaceStanislav Kinsbursky2012-07-271-0/+1
| | | | | | | NFSd's boot_time represents grace period start point in time. Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* LockD: pass actual network namespace to grace period management functionsStanislav Kinsbursky2012-07-271-1/+2
| | | | | | | Passed network namespace replaced hard-coded init_net Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFSD: TEST_STATEID should not return NFS4ERR_STALE_STATEIDChuck Lever2012-06-201-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | According to RFC 5661, the TEST_STATEID operation is not allowed to return NFS4ERR_STALE_STATEID. In addition, RFC 5661 says: 15.1.16.5. NFS4ERR_STALE_STATEID (Error Code 10023) A stateid generated by an earlier server instance was used. This error is moot in NFSv4.1 because all operations that take a stateid MUST be preceded by the SEQUENCE operation, and the earlier server instance is detected by the session infrastructure that supports SEQUENCE. I triggered NFS4ERR_STALE_STATEID while testing the Linux client's NOGRACE recovery. Bruce suggested an additional test that could be useful to client developers. Lastly, RFC 5661, section 18.48.3 has this: o Special stateids are always considered invalid (they result in the error code NFS4ERR_BAD_STATEID). An explicit check is made for those state IDs to avoid printk noise. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: move principal name into svc_credJ. Bruce Fields2012-05-311-1/+0
| | | | | | | | Instead of keeping the principal name associated with a request in a structure that's private to auth_gss and using an accessor function, move it to svc_cred. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: add nfsd4_client_tracking_ops struct and a way to set itJeff Layton2012-03-261-6/+9
| | | | | | | | | | | | | | | | | | | Abstract out the mechanism that we use to track clients into a set of client name tracking functions. This gives us a mechanism to plug in a new set of client tracking functions without disturbing the callers. It also gives us a way to decide on what tracking scheme to use at runtime. For now, this just looks like pointless abstraction, but later we'll add a new alternate scheme for tracking clients on stable storage. Note too that this patch anticipates the eventual containerization of this code by passing in struct net pointers in places. No attempt is made to containerize the legacy client tracker however. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd: convert nfs4_client->cl_cb_flags to a generic flags fieldJeff Layton2012-03-261-4/+7
| | | | | | | | | | | | | | | | | | | We'll need a way to flag the nfs4_client as already being recorded on stable storage so that we don't continually upcall. Currently, that's recorded in the cl_firststate field of the client struct. Using an entire u32 to store a flag is rather wasteful though. The cl_cb_flags field is only using 2 bits right now, so repurpose that to a generic flags field. Rename NFSD4_CLIENT_KILL to NFSD4_CLIENT_CB_KILL to make it evident that it's part of the callback flags. Add a mask that we can use for existing checks that look to see whether any flags are set, so that the new flags don't interfere. Convert all references to cl_firstate to the NFSD4_CLIENT_STABLE flag, and add a new NFSD4_CLIENT_RECLAIM_COMPLETE flag. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd41: free_session/free_client must be called under the client_lockBenny Halevy2012-03-061-12/+1
| | | | | | | | | | | | | | | The session client is manipulated under the client_lock hence both free_session and nfsd4_del_conns must be called under this lock. This patch adds a BUG_ON that checks this condition in the respective functions and implements the missing locks. nfsd4_{get,put}_session helpers were moved to the C file that uses them so to prevent use from external files and an unlocked version of nfsd4_put_session is provided for external use from nfs4xdr.c Signed-off-by: Benny Halevy <bhalevy@tonian.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: check for uninitialized slotJ. Bruce Fields2012-02-141-0/+1
| | | | | | | This fixes an oops when a buggy client tries to use an initial seqid of 0 on a new slot, which we may misinterpret as a replay. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: rearrange struct nfsd4_slotJ. Bruce Fields2012-02-141-3/+4
| | | | | | | | | | | | | Combine two booleans into a single flag field, move the smaller fields to the end. (In practice this doesn't make the struct any smaller. But we'll be adding another flag here soon.) Remove some debugging code that doesn't look useful, while we're in the neighborhood. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: nfsd4_create_clid_dir return value is unusedJ. Bruce Fields2012-01-051-1/+1
| | | | Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: add a separate (lockowner, inode) lookupJ. Bruce Fields2011-11-151-0/+1
| | | | | | | | | | | | Address the possible performance regression mentioned in "nfsd4: hash lockowners to simplify RELEASE_LOCKOWNER" by providing a separate (lockowner, inode) hash. Really, I doubt this matters much, but I think it's likely we'll change these data structures here and I'd rather that the need for (owner, inode) lookups be well-documented. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd41: use SEQ4_STATUS_BACKCHANNEL_FAULT when cb_sequence is invalidBenny Halevy2011-10-241-0/+1
| | | | | Signed-off-by: Benny Halevy <bhalevy@panasas.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: do idr preallocation with stateid allocationJ. Bruce Fields2011-10-171-2/+2
| | | | | | | | | | | Move idr preallocation out of stateid initialization, into stateid allocation, so that we no longer have to handle any errors from the former. This is a little subtle due to the way the idr code manages these preallocated items--document that in comments. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: clean up open owners on OPEN failureJ. Bruce Fields2011-10-171-0/+1
| | | | | | | | | | | | | | | | | If process_open1() creates a new open owner, but the open later fails, the current code will leave the open owner around. It won't be on the close_lru list, and the client isn't expected to send a CLOSE, so it will hang around as long as the client does. Similarly, if process_open1() removes an existing open owner from the close lru, anticipating that an open owner that previously had no associated stateid's now will, but the open subsequently fails, then we'll again be left with the same leak. Fix both problems. Reported-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: make is_open_owner booleanJ. Bruce Fields2011-10-171-1/+1
| | | | Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: cleanup state.h commentsJ. Bruce Fields2011-10-101-37/+8
| | | | | | These comments are mostly out of date. Reported-by: Bryan Schumaker <bjschuma@netapp.com>
* nfsd4: clean up downgrading codeJ. Bruce Fields2011-10-101-3/+5
| | | | | | | | In response to some review comments, get rid of the somewhat obscure for-loop with bitops, and improve a comment. Reported-by: Steve Dickson <steved@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: look up stateid's per clientidJ. Bruce Fields2011-09-261-1/+3
| | | | | | | | | | | | | | | | Use a separate stateid idr per client, and lookup a stateid by first finding the client, then looking up the stateid relative to that client. Also some minor refactoring. This allows us to improve error returns: we can return expired when the clientid is not found and bad_stateid when the clientid is found but not the stateid, as opposed to returning expired for both cases. I hope this will also help to replace the state lock mostly by a per-client lock, but that hasn't been done yet. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: assume test_stateid always has sessionJ. Bruce Fields2011-09-261-1/+1
| | | | | | | | Test_stateid is 4.1-only and only allowed after a sequence operation, so this check is unnecessary. Cc: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: use idr for stateid'sJ. Bruce Fields2011-09-261-1/+0
| | | | | | | The idr system is designed exactly for generating id and looking up integer id's. Thanks to Trond for pointing it out. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: move client * to nfs4_stateid, add init_stid helperJ. Bruce Fields2011-09-261-1/+1
| | | | | | This will be convenient. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: hash closed stateid's like any otherJ. Bruce Fields2011-09-191-1/+3
| | | | | | | | | | | | | | | | | | | Look up closed stateid's in the stateid hash like any other stateid rather than searching the close lru. This is simpler, and fixes a bug: currently we handle only the case of a close that is the last close for a given stateowner, but not the case of a close for a stateowner that still has active opens on other files. Thus in a case like: open(owner, file1) open(owner, file2) close(owner, file2) close(owner, file2) the final close won't be recognized as a retransmission. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: construct stateid from clientid and counterJ. Bruce Fields2011-09-191-13/+5
| | | | | | | | | Including the full clientid in the on-the-wire stateid allows more reliable detection of bad vs. expired stateid's, simplifies code, and ensures we won't reuse the opaque part of the stateid (as we currently do when the same openowner closes and reopens the same file). Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: match close replays on stateid, not open owner idJ. Bruce Fields2011-09-171-0/+3
| | | | | | | | | Keep around an unhashed copy of the final stateid after the last close using an openowner, and when identifying a replay, match against that stateid instead of just against the open owner id. Free it the next time the seqid is bumped or the stateowner is destroyed. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: replace oo_confirmed by flag bitJ. Bruce Fields2011-09-161-1/+2
| | | | | | | I want at least one more bit here. So, let's haul out the caps lock key and add a flags field. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* nfsd4: hash deleg stateid's like any otherJ. Bruce Fields2011-09-131-0/+5
| | | | | | | It's simpler to look up delegation stateid's in the same hash table as any other stateid. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
OpenPOWER on IntegriCloud