| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Michael Kerrisk <mtk.manpages@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Acked-by: Dave Jones <davej@redhat.com>
|
|
We'd like to prevent local buffer overflows caused by malicious or
broken servers. New xdr_stream style decoders can do that.
For efficiency, we also eventually want to be able to pass xdr_streams
from call_decode() to all XDR decoding functions, rather than building
an xdr_stream in every XDR decoding function in the kernel.
Static helper functions are left without the "inline" directive. This
allows the compiler to choose automatically how to optimize these for
size or speed.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Tested-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
We're interested in taking advantage of the safety benefits of
xdr_streams. These data structures allow more careful checking for
buffer overflow while encoding. More careful type checking is also
introduced in the new functions.
For efficiency, we also eventually want to be able to pass xdr_streams
from call_encode() to all XDR encoding functions, rather than building
an xdr_stream in every XDR encoding function in the kernel. To do
this means all encoders must be ready to handle a passed-in
xdr_stream.
The new encoders follow the modern paradigm for XDR encoders: BUG on
error, and always return a zero status code.
Static helper functions are left without the "inline" directive. This
allows the compiler to choose automatically how to optimize these for
size or speed.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Tested-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Clean up: Relocate MNT program procedure number definitions to the
only file that uses them. Relocate the version number definitions,
which are shared, to nfs.h. Remove duplicate program number
definitions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
Thanks to Robert Day for pointing out that these two defines are unused.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Cc: Trond Myklebust <trond@netapp.com>Trond Myklebust <trond@netapp.com>
Cc: Neil Brown <neilb@suse.de>
Cc: "Robert P. J. Day" <rpjday@crashcourse.ca>
|
|
Define the new NFSv4 data structure for passing user information
from the 'mount' program in nfs4_mount.h.
If CONFIG_NFS_V4 is defined
Add code to parse the mount structure into the superblock.
Declare the NFSv4 filesystem to the VFS.
|
|
Now that all the hooks are in place, this large patch imports all
of the new code for the NFSv4 server.
This patch makes almost no changes to the existing nfsd codebase
(these have been taken care of by the preceding patches).
One aspect of the NFSv4 code deserves comment. The most natural scheme
for processing a COMPOUND request would seem to be:
1a. XDR decode phase, decode args of all operations
2a. processing phase, process all operations
3a. XDR encode phase, encode results of all operations
However, we use a scheme which works as follows:
1b. XDR decode phase, decode args of all operations
2b. For each operation,
process the operation
encode the result
To see what is wrong with the first scheme, consider a COMPOUND
of the form READ REMOVE. Since the last bit of processing for
the READ request occurs in XDR encode, we might discover in step
3a that the READ request should return an error. Therefore, the
REMOVE request should not be processed at all. This is a fatal
problem, since the REMOVE was already been done in step 2a!
Another type of problem would occur in a COMPOUND of the form
READ WRITE. Assume that both operations succeed. Under scheme
(a), the WRITE is actually performed _before_ the READ (since
the "real" READ is really done during XDR encode). This is
certainly incorrect if the READ and WRITE ranges overlap.
These examples might seem a little artificial, but nevertheless
it does seem that in order to process a COMPOUND correctly in
all cases, we need to use scheme (b) instead of scheme (a).
(To construct less artificial examples, just substitute GETATTR
for READ in the examples above. This works because the "real"
GETATTR is done during XDR encode: one would really have to
bend over backwards in order to arrange things otherwise.)
|
|
|
