|
This patch introduces two caches using the new infrastucture, and the
concept of a 'domain'.
A 'domain' refers to a collection of clients that all have the same
view of the nfs server, and all have the same access rights (modulo
different users on the clients). For AUTH_UNIX (and AUTH_NULL), the
domain is determined from the IP address. For other authentication
styles, the domain might be determined directly from the credentials.
Each auth flavour knows how to allocate and free it's domain-specific
infomation.
auth_domain_cache maps a name to a domain which is owned by
an auth flavour.
ip_map_cache is a cache specific to AUTH_UNIX which maps
IP address to domain.
With this patch, svcauth_unix.c is created to store all
auth_unix related code.
The IP address lookup code is removed from nfsd/exports.c
sunrpc module initilisation is moved out of stats.c into sunrpc_syms
which seemed to be the most central .c file. It now registers these
two caches.
Now that the caches are being used, nfsd needs to call cache_clean
periodically.
|
|
lockd currently asks nfsd for a 'client handle' for each
request.
This is used as a key for finding (or creating) a 'nlm_host'
structure, so that there is only one of these per client...almost.
There can currently be up to 4 nlm_hosts for a given client,
depending on protocol (udp/tcp) or version (v1 or v4).
But this isn't handled very well.
So the question is: is there any advantage in having only on
nlm_host per real host, or have we simply have one for each IP
address that makes requests, whether they are separate hosts or not.
The nlm_host structure is used:
1/ to hold a lockd rpc client for talking to the
remote lockd. Having multiple lockd clients cannot hurt
except possibly to waste a little space.
2/ to identify resources to free when we receive notification
from statd that a client has restarted.
As statd gets a hostname and looks up all IP addresses,
and then sends a notification for each IP for which it has
a registration, there is no need to minimise the number
of nlm_host structures (each of which register for monitoring).
3/ to identify resources to free when a client sends a
"free_all" request. If a client uses multiple IP addresses to
create locks, and then sends free_all from just one IP address
we will loose here.
However it is not clear that a client would ever want to send
a free_all request, and the linux client doesn't seem to, so
there is unlikely to be any loss here.
This patch does not ask nfsd for a client identifier, but rather
finds an nlm_host based on IP, version, protocol (udp/tcp) and
whether we are acting as NFS server or client.
All of this information is then placed in the cookie that is
passed to statd and returned by statd when the client restarts.
Previously only the IP address was passing the cookie, so possibly
not all nlm_host structures would have been found.
Because of these changes, lockd does not need to know
anything about the nfsd export table, so the interface to
nfsd is much more narrow.
Another consequence is that when nfsd is told to delete a client,
it cannot tell lockd to forget all the locks for that client.
However it is not clear that lockd should ever forget any locks
unless it is told to shutdown (or simulate a shutdown), and in
anycase, the current nfsd admin tools never tell nfsd to delete
a client anyway.
|
