user/sven/linux.git/net/ceph, branch v4.9.5Linux Kernel
https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.9.52017-01-09T07:32:24Zlibceph: verify authorize reply on connect2017-01-09T07:32:24ZIlya Dryomovidryomov@gmail.com2016-12-02T15:35:09Zurn:sha1:fc6cb9c303e289e0772cd9db593db9acd15cd678
commit 5c056fdc5b474329037f2aa18401bd73033e0ce0 upstream.
After sending an authorizer (ceph_x_authorize_a + ceph_x_authorize_b),
the client gets back a ceph_x_authorize_reply, which it is supposed to
verify to ensure the authenticity and protect against replay attacks.
The code for doing this is there (ceph_x_verify_authorizer_reply(),
ceph_auth_verify_authorizer_reply() + plumbing), but it is never
invoked by the the messenger.
AFAICT this goes back to 2009, when ceph authentication protocols
support was added to the kernel client in 4e7a5dcd1bba ("ceph:
negotiate authentication protocol; implement AUTH_NONE protocol").
The second param of ceph_connection_operations::verify_authorizer_reply
is unused all the way down. Pass 0 to facilitate backporting, and kill
it in the next commit.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
libceph: initialize last_linger_id with a large integer2016-11-10T19:13:08ZIlya Dryomovidryomov@gmail.com2016-11-08T14:15:24Zurn:sha1:264048afab27d7c27eedf5394714e0b396d787f7
osdc->last_linger_id is a counter for lreq->linger_id, which is used
for watch cookies. Starting with a large integer should ease the task
of telling apart kernel and userspace clients.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
libceph: fix legacy layout decode with pool 02016-11-10T19:13:08ZYan, Zhengzyan@redhat.com2016-11-09T08:42:48Zurn:sha1:3890dce1d3a8b9fe3bc36de99496792e468cd079
If your data pool was pool 0, ceph_file_layout_from_legacy()
transform that to -1 unconditionally, which broke upgrades.
We only want do that for a fully zeroed ceph_file_layout,
so that it still maps to a file_layout_t. If any fields
are set, though, we trust the fl_pgpool to be a valid pool.
Fixes: 7627151ea30bc ("libceph: define new ceph_file_layout structure")
Link: http://tracker.ceph.com/issues/17825
Signed-off-by: Yan, Zheng <zyan@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
mm: replace get_user_pages_unlocked() write/force parameters with gup_flags2016-10-18T21:13:37ZLorenzo Stoakeslstoakes@gmail.com2016-10-13T00:20:13Zurn:sha1:c164154f66f0c9b02673f07aa4f044f1d9c70274
This removes the 'write' and 'force' use from get_user_pages_unlocked()
and replaces them with 'gup_flags' to make the use of FOLL_FORCE
explicit in callers as use of this flag can result in surprising
behaviour (and hence bugs) within the mm subsystem.
Signed-off-by: Lorenzo Stoakes <lstoakes@gmail.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
crush: remove redundant local variable2016-10-05T21:02:10ZIlya Dryomovidryomov@gmail.com2016-09-27T10:35:55Zurn:sha1:64f77566e1c84990d6c448bb3960f899521c0b7d
Remove extra x1 variable, it's just temporary placeholder that
clutters the code unnecessarily.
Reflects ceph.git commit 0d19408d91dd747340d70287b4ef9efd89e95c6b.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
crush: don't normalize input of crush_ln iteratively2016-10-05T21:02:04ZIlya Dryomovidryomov@gmail.com2016-09-27T10:30:09Zurn:sha1:74a5293832b3c1f7cb8f86fb9af9ee747138d355
Use __builtin_clz() supported by GCC and Clang to figure out
how many bits we should shift instead of shifting by a bit
in a loop until the value gets normalized. Improves performance
of this function by up to 3x in worst-case scenario and overall
straw2 performance by ~10%.
Reflects ceph.git commit 110de33ca497d94fc4737e5154d3fe781fa84a0a.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
libceph: ceph_build_auth() doesn't need ceph_auth_build_hello()2016-10-03T14:13:50ZIlya Dryomovidryomov@gmail.com2016-09-23T07:57:57Zurn:sha1:464691bd52b46a565153ec2a3b8b9984dacd4a00
A static bug finder (EBA) on Linux 4.7:
Double lock in net/ceph/auth.c
second lock at 108: mutex_lock(& ac->mutex); [ceph_auth_build_hello]
after calling from 263: ret = ceph_auth_build_hello(ac, msg_buf, msg_len);
if ! ac->protocol -> true at 262
first lock at 261: mutex_lock(& ac->mutex); [ceph_build_auth]
ceph_auth_build_hello() is never called, because the protocol is always
initialized, whether we are checking existing tickets (in delayed_work())
or getting new ones after invalidation (in invalidate_authorizer()).
Reported-by: Iago Abal <iari@itu.dk>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
libceph: use CEPH_AUTH_UNKNOWN in ceph_auth_build_hello()2016-10-03T14:13:50ZIlya Dryomovidryomov@gmail.com2016-09-23T07:57:56Zurn:sha1:fdc723e77bcf17ec2646fdef031e7f135968a9b7
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
rbd: add 'client_addr' sysfs rbd device attribute2016-08-24T21:49:16ZIlya Dryomovidryomov@gmail.com2016-08-18T16:38:43Zurn:sha1:005a07bf0a92e7f0e73fc9a6c9acc992c5dbd00c
Export client addr/nonce, so userspace can check if a image is being
blacklisted.
Signed-off-by: Mike Christie <mchristi@redhat.com>
[idryomov@gmail.com: ceph_client_addr(), endianess fix]
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
rbd: support for exclusive-lock feature2016-08-24T21:49:16ZIlya Dryomovidryomov@gmail.com2016-08-12T14:40:02Zurn:sha1:ed95b21a4b0a71ef89306cdeb427d53cc9cb343f
Add basic support for RBD_FEATURE_EXCLUSIVE_LOCK feature. Maintenance
operations (resize, snapshot create, etc) are offloaded to librbd via
returning -EOPNOTSUPP - librbd should request the lock and execute the
operation.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Mike Christie <mchristi@redhat.com>
Tested-by: Mike Christie <mchristi@redhat.com>