summaryrefslogtreecommitdiffstats
path: root/fs/nfsd/nfs4proc.c
AgeCommit message (Collapse)AuthorFilesLines
2012-04-19Merge branch 'for-3.4' of git://linux-nfs.org/~bfields/linuxLinus Torvalds1-4/+4
Pull nfsd bugfixes from J. Bruce Fields: "One bugfix, and one minor header fix from Jeff Layton while we're here" * 'for-3.4' of git://linux-nfs.org/~bfields/linux: nfsd: include cld.h in the headers_install target nfsd: don't fail unchecked creates of non-special files
2012-04-13nfsd: fix b0rken error value for setattr on read-only mountAl Viro1-3/+4
..._want_write() returns -EROFS on failure, _not_ an NFS error value. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-04-11nfsd: don't fail unchecked creates of non-special filesJ. Bruce Fields1-4/+4
Allow a v3 unchecked open of a non-regular file succeed as if it were a lookup; typically a client in such a case will want to fall back on a local open, so succeeding and giving it the filehandle is more useful than failing with nfserr_exist, which makes it appear that nothing at all exists by that name. Similarly for v4, on an open-create, return the same errors we would on an attempt to open a non-regular file, instead of returning nfserr_exist. This fixes a problem found doing a v4 open of a symlink with O_RDONLY|O_CREAT, which resulted in the current client returning EEXIST. Thanks also to Trond for analysis. Cc: stable@kernel.org Reported-by: Orion Poplawski <orion@cora.nwra.com> Tested-by: Orion Poplawski <orion@cora.nwra.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-03-26nfsd: convert nfs4_client->cl_cb_flags to a generic flags fieldJeff Layton1-1/+2
We'll need a way to flag the nfs4_client as already being recorded on stable storage so that we don't continually upcall. Currently, that's recorded in the cl_firststate field of the client struct. Using an entire u32 to store a flag is rather wasteful though. The cl_cb_flags field is only using 2 bits right now, so repurpose that to a generic flags field. Rename NFSD4_CLIENT_KILL to NFSD4_CLIENT_CB_KILL to make it evident that it's part of the callback flags. Add a mask that we can use for existing checks that look to see whether any flags are set, so that the new flags don't interfere. Convert all references to cl_firstate to the NFSD4_CLIENT_STABLE flag, and add a new NFSD4_CLIENT_RECLAIM_COMPLETE flag. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-03-20NFSD: Fix nfs4_verifier memory alignmentChuck Lever1-8/+11
Clean up due to code review. The nfs4_verifier's data field is not guaranteed to be u32-aligned. Casting an array of chars to a u32 * is considered generally hazardous. We can fix most of this by using a __be32 array to generate the verifier's contents and then byte-copying it into the verifier field. However, there is one spot where there is a backwards compatibility constraint: the do_nfsd_create() call expects a verifier which is 32-bit aligned. Fix this spot by forcing the alignment of the create verifier in the nfsd4_open args structure. Also, sizeof(nfs4_verifer) is the size of the in-core verifier data structure, but NFS4_VERIFIER_SIZE is the number of octets in an XDR'd verifier. The two are not interchangeable, even if they happen to have the same value. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-03-20NFSD: Fix warnings when NFSD_DEBUG is not definedTrond Myklebust1-0/+4
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-03-06nfsd4: reduce do_open_lookup() stack usageJ. Bruce Fields1-10/+14
I get 320 bytes for struct svc_fh on x86_64, really a little large to be putting on the stack; kmalloc() instead. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-03-06nfsd4: delay setting current filehandle till successJ. Bruce Fields1-5/+3
Compound processing stops on error, so the current filehandle won't be used on error. Thus the order here doesn't really matter. It'll be more convenient to do it later, though. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-17nfsd41: split out share_access want and signal flags while decodingBenny Halevy1-3/+0
Signed-off-by: Benny Halevy <bhalevy@tonian.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: use current stateid by valueTigran Mkrtchyan1-3/+9
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: consume current stateid on DELEGRETURN and OPENDOWNGRADETigran Mkrtchyan1-0/+3
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: handle current stateid in SETATTR and FREE_STATEIDTigran Mkrtchyan1-0/+1
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: mark LOOKUP, LOOKUPP and CREATE to invalidate current stateidTigran Mkrtchyan1-3/+3
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: save and restore current stateid with current fhTigran Mkrtchyan1-0/+2
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: mark PUTFH, PUTPUBFH and PUTROOTFH to clear current stateidTigran Mkrtchyan1-3/+6
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: consume current stateid on read and writeTigran Mkrtchyan1-0/+2
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: handle current stateid on lock and lockuTigran Mkrtchyan1-0/+2
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-02-15nfsd41: handle current stateid in open and closeTigran Mkrtchyan1-4/+26
Signed-off-by: Tigran Mkrtchyan <kofemann@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-01-14Merge branch 'for-3.3' of git://linux-nfs.org/~bfields/linuxLinus Torvalds1-4/+3
* 'for-3.3' of git://linux-nfs.org/~bfields/linux: (31 commits) nfsd4: nfsd4_create_clid_dir return value is unused NFSD: Change name of extended attribute containing junction svcrpc: don't revert to SVC_POOL_DEFAULT on nfsd shutdown svcrpc: fix double-free on shutdown of nfsd after changing pool mode nfsd4: be forgiving in the absence of the recovery directory nfsd4: fix spurious 4.1 post-reboot failures NFSD: forget_delegations should use list_for_each_entry_safe NFSD: Only reinitilize the recall_lru list under the recall lock nfsd4: initialize special stateid's at compile time NFSd: use network-namespace-aware cache registering routines SUNRPC: create svc_xprt in proper network namespace svcrpc: update outdated BKL comment nfsd41: allow non-reclaim open-by-fh's in 4.1 svcrpc: avoid memory-corruption on pool shutdown svcrpc: destroy server sockets all at once svcrpc: make svc_delete_xprt static nfsd: Fix oops when parsing a 0 length export nfsd4: Use kmemdup rather than duplicating its implementation nfsd4: add a separate (lockowner, inode) lookup nfsd4: fix CONFIG_NFSD_FAULT_INJECTION compile error ...
2012-01-03new helpers: fh_{want,drop}_write()Al Viro1-2/+2
A bunch of places in nfsd does mnt_{want,drop}_write on vfsmount of export of given fhandle. Switched to obvious inlined helpers... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-12-06nfsd41: allow non-reclaim open-by-fh's in 4.1Mi Jinlong1-4/+3
With NFSv4.0 it was safe to assume that open-by-filehandles were always reclaims. With NFSv4.1 there are non-reclaim open-by-filehandle operations, so we should ensure we're only insisting on reclaims in the OPEN_CLAIM_PREVIOUS case. Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-10-24nfs41: implement DESTROY_CLIENTID operationMi Jinlong1-1/+1
According to rfc5661 18.50, implement DESTROY_CLIENTID operation. Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-10-19nfsd4: implement new 4.1 open reclaim typesJ. Bruce Fields1-12/+3
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-10-17nfsd4: warn on open failure after createJ. Bruce Fields1-3/+4
If we create the object and then return failure to the client, we're left with an unexpected file in the filesystem. I'm trying to eliminate such cases but not 100% sure I have so an assertion might be helpful for now. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-10-17nfsd4: clean up open owners on OPEN failureJ. Bruce Fields1-0/+1
If process_open1() creates a new open owner, but the open later fails, the current code will leave the open owner around. It won't be on the close_lru list, and the client isn't expected to send a CLOSE, so it will hang around as long as the client does. Similarly, if process_open1() removes an existing open owner from the close lru, anticipating that an open owner that previously had no associated stateid's now will, but the open subsequently fails, then we'll again be left with the same leak. Fix both problems. Reported-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-10-11nfsd4: more robust ignoring of WANT bits in OPENJ. Bruce Fields1-0/+3
Mask out the WANT bits right at the start instead of on each use. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-09-20nfsd4: make op_cacheresult another flagJ. Bruce Fields1-25/+25
I'm not sure why I used a new field for this originally. Also, the differences between some of these flags are a little subtle; add some comments to explain. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-09-16nfsd4: replace oo_confirmed by flag bitJ. Bruce Fields1-2/+2
I want at least one more bit here. So, let's haul out the caps lock key and add a flags field. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-09-16nfsd41: try to check reply size before operationMi Jinlong1-18/+229
For checking the size of reply before calling a operation, we need try to get maxsize of the operation's reply. v3: using new method as Bruce said, "we could handle operations in two different ways: - For operations that actually change something (write, rename, open, close, ...), do it the way we're doing it now: be very careful to estimate the size of the response before even processing the operation. - For operations that don't change anything (read, getattr, ...) just go ahead and do the operation. If you realize after the fact that the response is too large, then return the error at that point. So we'd add another flag to op_flags: say, OP_MODIFIES_SOMETHING. And for operations with OP_MODIFIES_SOMETHING set, we'd do the first thing. For operations without it set, we'd do the second." Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> [bfields@redhat.com: crash, don't attempt to handle, undefined op_rsize_bop] Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-09-07nfsd4: split stateowners into open and lockownersJ. Bruce Fields1-9/+9
The stateowner has some fields that only make sense for openowners, and some that only make sense for lockowners, and I find it a lot clearer if those are separated out. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-09-01nfsd4: drop most stateowner refcountingJ. Bruce Fields1-4/+2
Maybe we'll bring it back some day, but we don't have much real use for it now. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-09-01nfsd4: extend state lock over seqid replay logicJ. Bruce Fields1-2/+3
There are currently a couple races in the seqid replay code: a retransmission could come while we're still encoding the original reply, or a new seqid-mutating call could come as we're encoding a replay. So, extend the state lock over the encoding (both encoding of a replayed reply and caching of the original encoded reply). I really hate doing this, and previously added the stateowner reference-counting code to avoid it (which was insufficient)--but I don't see a less complicated alternative at the moment. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-08-27nfsd4: stop using nfserr_resource for transitory errorsJ. Bruce Fields1-1/+1
The server is returning nfserr_resource for both permanent errors and for errors (like allocation failures) that might be resolved by retrying later. Save nfserr_resource for the former and use delay/jukebox for the latter. Cc: stable@kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-08-27nfsd4: permit read opens of executable-only filesJ. Bruce Fields1-0/+2
A client that wants to execute a file must be able to read it. Read opens over nfs are therefore implicitly allowed for executable files even when those files are not readable. NFSv2/v3 get this right by using a passed-in NFSD_MAY_OWNER_OVERRIDE on read requests, but NFSv4 has gotten this wrong ever since dc730e173785e29b297aa605786c94adaffe2544 "nfsd4: fix owner-override on open", when we realized that the file owner shouldn't override permissions on non-reclaim NFSv4 opens. So we can't use NFSD_MAY_OWNER_OVERRIDE to tell nfsd_permission to allow reads of executable files. So, do the same thing we do whenever we encounter another weird NFS permission nit: define yet another NFSD_MAY_* flag. The industry's future standardization on 128-bit processors will be motivated primarily by the need for integers with enough bits for all the NFSD_MAY_* flags. Reported-by: Leonardo Borda <leonardoborda@gmail.com> Cc: stable@kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-08-26nfsd4: it's OK to return nfserr_symlinkJ. Bruce Fields1-14/+1
The nfsd4 code has a bunch of special exceptions for error returns which map nfserr_symlink to other errors. In fact, the spec makes it clear that nfserr_symlink is to be preferred over less specific errors where possible. The patch that introduced it back in 2.6.4 is "kNFSd: correct symlink related error returns.", which claims that these special exceptions are represent an NFSv4 break from v2/v3 tradition--when in fact the symlink error was introduced with v4. I suspect what happened was pynfs tests were written that were overly faithful to the (known-incomplete) rfc3530 error return lists, and then code was fixed up mindlessly to make the tests pass. Delete these unnecessary exceptions. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-08-19nfsd4: return nfserr_symlink on v4 OPEN of non-regular fileJ. Bruce Fields1-0/+21
Without this, an attempt to open a device special file without first stat'ing it will fail. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-08-16nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir()Bernd Schubert1-1/+1
Fan Yong <yong.fan@whamcloud.com> noticed setting FMODE_32bithash wouldn't work with nfsd v4, as nfsd4_readdir() checks for 32 bit cookies. However, according to RFC 3530 cookies have a 64 bit type and cookies are also defined as u64 in 'struct nfsd4_readdir'. So remove the test for >32-bit values. Cc: stable@kernel.org Signed-off-by: Bernd Schubert <bernd.schubert@itwm.fraunhofer.de> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-07-18nfsd: turn on reply cache for NFSv4J. Bruce Fields1-10/+22
It's sort of ridiculous that we've never had a working reply cache for NFSv4. On the other hand, we may still not: our current reply cache is likely not very good, especially in the TCP case (which is the only case that matters for v4). What we really need here is some serious testing. Anyway, here's a start. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-07-18nfsd4: call nfsd4_release_compoundargs from pc_releaseJ. Bruce Fields1-1/+1
This simplifies cleanup a bit. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-07-15nfsd41: Deny new lock before RECLAIM_COMPLETE doneMi Jinlong1-0/+9
Before nfs41 client's RECLAIM_COMPLETE done, nfs server should deny any new locks or opens. rfc5661: " Whenever a client establishes a new client ID and before it does the first non-reclaim operation that obtains a lock, it MUST send a RECLAIM_COMPLETE with rca_one_fs set to FALSE, even if there are no locks to reclaim. If non-reclaim locking operations are done before the RECLAIM_COMPLETE, an NFS4ERR_GRACE error will be returned. " Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-07-15NFSD: Added TEST_STATEID operationBryan Schumaker1-0/+5
This operation is used by the client to check the validity of a list of stateids. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-07-15NFSD: added FREE_STATEID operationBryan Schumaker1-0/+5
This operation is used by the client to tell the server to free a stateid. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-07-15NFSD: allow OP_DESTROY_CLIENTID to be only op in COMPOUNDBenny Halevy1-0/+5
DESTROY_CLIENTID MAY be preceded with a SEQUENCE operation as long as the client ID derived from the session ID of SEQUENCE is not the same as the client ID to be destroyed. If the client IDs are the same, then the server MUST return NFS4ERR_CLIENTID_BUSY. (that's not implemented yet) If DESTROY_CLIENTID is not prefixed by SEQUENCE, it MUST be the only operation in the COMPOUND request (otherwise, the server MUST return NFS4ERR_NOT_ONLY_OP). This fixes the error return; before, we returned NFS4ERR_OP_NOT_IN_SESSION; after this patch, we return NFS4ERR_NOTSUPP. Signed-off-by: Benny Halevy <benny@tonian.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-04-29nfsd41: make sure nfs server process OPEN with EXCLUSIVE4_1 correctlyMi Jinlong1-2/+2
The NFS server uses nfsd_create_v3 to handle EXCLUSIVE4_1 opens, but that function is not prepared to handle them. Rename nfsd_create_v3() to do_nfsd_create(), and add handling of EXCLUSIVE4_1. Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-04-29nfsd4: fix wrongsec handling for PUTFH + op casesJ. Bruce Fields1-5/+54
When PUTFH is followed by an operation that uses the filehandle, and when the current client is using a security flavor that is inconsistent with the given filehandle, we have a choice: we can return WRONGSEC either when the current filehandle is set using the PUTFH, or when the filehandle is first used by the following operation. Follow the recommendations of RFC 5661 in making this choice. (Our current behavior prevented the client from doing security negotiation by returning WRONGSEC on PUTFH+SECINFO_NO_NAME.) Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-04-11nfsd4: make fh_verify responsibility of nfsd_lookup_dentry callerJ. Bruce Fields1-0/+3
The secinfo caller actually won't want this. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-04-11nfsd4: introduce OPDESC helperJ. Bruce Fields1-1/+6
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-03-07nfsd41: modify the members value of nfsd4_op_flagsMi Jinlong1-2/+2
The members of nfsd4_op_flags, (ALLOWED_WITHOUT_FH | ALLOWED_ON_ABSENT_FS) equals to ALLOWED_AS_FIRST_OP, maybe that's not what we want. OP_PUTROOTFH with op_flags = ALLOWED_WITHOUT_FH | ALLOWED_ON_ABSENT_FS, can't appears as the first operation with out SEQUENCE ops. This patch modify the wrong value of ALLOWED_WITHOUT_FH etc which was introduced by f9bb94c4. Cc: stable@kernel.org Reviewed-by: Benny Halevy <bhalevy@panasas.com> Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-01-11nfsd4: support BIND_CONN_TO_SESSIONJ. Bruce Fields1-2/+7
Basic xdr and processing for BIND_CONN_TO_SESSION. This adds a connection to the list of connections associated with a session. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-01-04nfsd: remove some unnecessary dropit handlingJ. Bruce Fields1-4/+0
We no longer need a few of these special cases. Signed-off-by: J. Bruce Fields <bfields@redhat.com>