| Age | Commit message (Collapse) | Author |
|---|
|
This adds few more places where it is possible freeze kernel threads.
From: Nigel Cunningham <ncunningham@cyclades.com>
Signed-off-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The atomic_dec in nul_destroy() is harmless, but can trigger an underflow
error if the atomic_dec_and_test() debugging is turned on.
Problem diagnosed by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
The RPC client now reports the maximum payload size supported by the chosen
transport method. This is something a little less than 64KB for RPC over
UDP, and about 2GB - 1 for RPC over TCP. The effective rsize and wsize
values are not allowed to exceed the reported maximum RPC payload size.
Signed-off-by: Chuck Lever <cel@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Remove broken_suid mount option (retry RPC after dropping privileges
upon EACCES): no longer used and questionable w.r.t. security.
Signed-off-by: Frank van Maarseveen <frankvm@frankvm.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
So we can distinguish between ENOMEM and EACCES errors.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Ensure that credentials that are referenced by an RPC task, but that
have been booted out of the credcache may still be refreshed.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
gc_flavor is used only for looking up the security service, which is an
integer value that never changes. Store the latter instead of the former.
Fix up a couple of dodgy casts between gss_cred and rpc_cred. Replace them
with the appropriate container_of().
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
- Document the format of the gssd downcalls
- Separate out "uid" field from rest of GSS context data struct
since it will not be needed for the keyring-based contexts.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
AUTH_UNIX credentials really only depend on the process uid/gid/groups
information. In particular there is no dependency on any strict rpc_client
specific information. Might as well share them all between all RPC clients.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
There is only one AUTH_NULL "credential".
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
This will make initialization of statically allocated caches simpler.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
The cr_auth field is currently used only in order to figure out the name
of the credential's flavour in debugging printks. Replace with a dedicated
pointer in the statically allocated rpc_credops instead.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Some RPC authentication flavours are not related to the uid (AUTH_NULL
springs to mind). This patch moves control over the caching mechanism
into the auth-specific code.
Also ensure that expired creds are removed from the cache.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Move the initialization of auth->au_count into the flavour-specific code.
Move the kfree(auth) into the flavour-specific code.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
The sunrpc module itself is referenced by other sources, so only the
auth_gss credcaches need to increment their module refcount.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Sun's RPC library portmap client therefore defaults to AUTH_UNIX. Change our
in-kernel client to follow that convention.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
RPC call async is supposed to return an error if and only if
it failed to run the rpc_task.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Currently, if we restart an RPC call after having set an RPC delay (for
instance in the case where an NFS EJUKEBOX error has occurred) the call
to rpc_delete_timer() at the top of the rpc_execute() loop will
kill off our timer.
This patch causes rpc_delete_timer() to detect if the rpc_task is still
queued on a wait queue, and refuse to delete the timer if this is the case.
Problem diagnosed by Jan Sanislo and Olaf Kirch.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
instead.
This patch should fix a problem that has been experienced on at-least one
busy NFS server, but it has not had lots of testing yet. If -mm could provide
that .....
The rpc auth cache currently differentiates between a reference due to
being in a hash chain (signalled by CACHE_HASHED flag) and any other
reference (counted in refcnt).
This is an artificial difference due to an historical accident, and it
makes cache_put unsafe.
This patch removes the distinction so now existance in a hash chain is
counted just like any other reference. Thus a race window in cache_put is
closed.
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
The pg_authenticate (now pg_authenticate_obsolete) callback was only being
used by the nfs4 client callback code to circumvent the svcauth_unix code's
insistence on checking all requests against the export table. With that
problem solved, we no longer need it.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
pg_add_client method
svcauth_null_accept() and svcauth_unix_accept() are currently hard-wired to
check the source ip address on an incoming request against the export table,
which make sense for nfsd but not necessarily for other rpc-based services.
So instead we have the accept() method call a program-specific
pg_authenticate() method. We also move the call to this method into
svc_process instead of calling it from the flavor-specific accept() routines.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Later patches remove pg_authenticate and use the name for a different purpose;
so rename it to pg_authenticate_obsolete for now.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Add a set_client method to the server rpc auth_ops struct, used to set the
client (for the purposes of nfsd export authorization) using flavor-specific
information.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
RPC: Fix a module refcount leak in RPCSEC_GSS
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This patch is from Nigel's swsusp2, it kills ugly #include <suspend.h> from
all over the tree, and makes code slightly nicer. I only left those parts
that do not change any code.
From: Nigel Cunningham <ncunningham@linuxmail.org>
Signed-off-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Use the new lock initializers DEFINE_SPIN_LOCk and DEFINE_RW_LOCK
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
into nuts.davemloft.net:/disk1/BK/net-2.6
|
|
Just noticed while fixing some other sparse-related stuff.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Call a helper function from svcauth_unix_accept() and svcauth_null_accept()
instead of duplicating code.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Fix some discrepencies between the server-side auth_null and auth_unix rpc
code: in particular, make sure we return an auth error in the auth_null case
instead of dropping when we fail to match an export entry, and make sure such
responses are encoded correctly.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This patch corrects a problem that was originally added with the nanosecond
timestamps in stat patch. The problem is that some file systems don't have
enough space in their on disk inode to save nanosecond timestamps, so they
truncate the c/a/mtime to seconds when flushing an dirty node. In core the
inode would have full jiffies granuality.
This can be observed by programs as a timestamp that jumps backwards under
specific loads when an inode is flushed and then reloaded from disk.
The problem was already known when the original patch went in, but it
wasn't deemed important enough at that time. So far there has been only
one report of it causing problems. Now Tridge is worried that it will
break running Excel over samba4 because Excel seems to do very anal
timestamp checking and samba4 will supply 100ns timestamps over the
network.
This patch solves it by putting the time resolution into the superblock of
a fs and always rounding the in core timestamps to that granuality.
This also supercedes some previous ext2/3 hacks to flush the inode less
often when only the subsecond timestamp changes.
I tried to keep the overhead low, in particular it tries to keep divisions
out of fast paths as far as possible.
The patch is quite big but 99% of it is just relatively straight forward
search'n'replace in a lot of fs. Unconverted filesystems will default to a
1ns granuality, but may still show the problem if they continue to use
CURRENT_TIME. I converted all in tree fs.
One possible future extension of this would be to have two time
granualities per superblock - one that specifies the visible resolution,
and the other to specify how often timestamps should be flushed to disk,
which could be tuned with a mount option per fs (e.g. often m/atimes don't
need to be flushed every second). Would be easy to do as an addon if
someone is interested.
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Don't label all retries as "server seeing garbage".
Report correct error for buffer overflows.
Fix incorrect buffer overflow test that was masking
AUTH_REJECTEDCRED, AUTH_REJECTEDVERF,... errors.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Description:
Ethereal and other tools display RPC XIDs in host order. This patch
changes the RPC trace messages that display XIDs to print them in host
order so they can be easily matched to XIDs that appear in Ethereal.
Signed-off-by: Chuck Lever <cel@netapp.com>
Signed-off-by: Trond Myklebust <trond.myklebust@fys.uio.no>
|
|
know there are no pending timers.
Signed-off-by: Trond Myklebust <trond.myklebust@fys.uio.no>
|
|
as a void * when we know perfectly well what it is. And we're passing
some arguments that we don't actually use.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <trond.myklebust@fys.uio.no>
|
|
unwisely revived it for use with the gss code. Having removed that use
from the gss code, it's time to remove all references to it.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <trond.myklebust@fys.uio.no>
|
|
indicate failure of an upcall to get a gss context for that cred,
set the status of waiting tasks to indicate failure.
This solves problems e.g. with creds with the CRED_DEAD flag set
never being refreshed, which caused krb5 mounts to fail after the
context used to do RENEWS expired.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <trond.myklebust@fys.uio.no>
|
|
the cred containing the context non-uptodate, triggering creation of
a new context.
Note that on the send-side operations (get_mic, wrap), we mark the
cred as not uptodate, but continue trying to use it; the server can
complain if it wants to, and the next time through we'll refresh it.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <trond.myklebust@fys.uio.no>
|
|
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
People are worrying about spinlock deadlocks in the debugging code, without
actually worrying about the bugs that triggered the debugging code in the
first place.
Convert to BUG_ON() in order to ensure that bugs are reported.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
