1. 15 May, 2023 1 commit
  2. 14 May, 2023 3 commits
    • Chuck Lever's avatar
      SUNRPC: Fix trace_svc_register() call site · 07a27305
      Chuck Lever authored
      The trace event recorded incorrect values for the registered family,
      protocol, and port because the arguments are in the wrong order.
      
      Fixes: b4af5932 ("SUNRPC: Trace server-side rpcbind registration events")
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      07a27305
    • NeilBrown's avatar
      SUNRPC: always free ctxt when freeing deferred request · 948f072a
      NeilBrown authored
      Since the ->xprt_ctxt pointer was added to svc_deferred_req, it has not
      been sufficient to use kfree() to free a deferred request.  We may need
      to free the ctxt as well.
      
      As freeing the ctxt is all that ->xpo_release_rqst() does, we repurpose
      it to explicit do that even when the ctxt is not stored in an rqst.
      So we now have ->xpo_release_ctxt() which is given an xprt and a ctxt,
      which may have been taken either from an rqst or from a dreq.  The
      caller is now responsible for clearing that pointer after the call to
      ->xpo_release_ctxt.
      
      We also clear dr->xprt_ctxt when the ctxt is moved into a new rqst when
      revisiting a deferred request.  This ensures there is only one pointer
      to the ctxt, so the risk of double freeing in future is reduced.  The
      new code in svc_xprt_release which releases both the ctxt and any
      rq_deferred depends on this.
      
      Fixes: 773f91b2 ("SUNRPC: Fix NFSD's request deferral on RDMA transports")
      Signed-off-by: default avatarNeilBrown <neilb@suse.de>
      Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      948f072a
    • NeilBrown's avatar
      SUNRPC: double free xprt_ctxt while still in use · eb8d3a2c
      NeilBrown authored
      When an RPC request is deferred, the rq_xprt_ctxt pointer is moved out
      of the svc_rqst into the svc_deferred_req.
      When the deferred request is revisited, the pointer is copied into
      the new svc_rqst - and also remains in the svc_deferred_req.
      
      In the (rare?) case that the request is deferred a second time, the old
      svc_deferred_req is reused - it still has all the correct content.
      However in that case the rq_xprt_ctxt pointer is NOT cleared so that
      when xpo_release_xprt is called, the ctxt is freed (UDP) or possible
      added to a free list (RDMA).
      When the deferred request is revisited for a second time, it will
      reference this ctxt which may be invalid, and the free the object a
      second time which is likely to oops.
      
      So change svc_defer() to *always* clear rq_xprt_ctxt, and assert that
      the value is now stored in the svc_deferred_req.
      
      Fixes: 773f91b2 ("SUNRPC: Fix NFSD's request deferral on RDMA transports")
      Signed-off-by: default avatarNeilBrown <neilb@suse.de>
      Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      eb8d3a2c
  3. 06 May, 2023 1 commit
  4. 03 May, 2023 1 commit
  5. 02 May, 2023 3 commits
    • Tom Rix's avatar
      lockd: define nlm_port_min,max with CONFIG_SYSCTL · fc412a61
      Tom Rix authored
      gcc with W=1 and ! CONFIG_SYSCTL
      fs/lockd/svc.c:80:51: error: ‘nlm_port_max’ defined but not used [-Werror=unused-const-variable=]
         80 | static const int                nlm_port_min = 0, nlm_port_max = 65535;
            |                                                   ^~~~~~~~~~~~
      fs/lockd/svc.c:80:33: error: ‘nlm_port_min’ defined but not used [-Werror=unused-const-variable=]
         80 | static const int                nlm_port_min = 0, nlm_port_max = 65535;
            |                                 ^~~~~~~~~~~~
      
      The only use of these variables is when CONFIG_SYSCTL
      is defined, so their definition should be likewise conditional.
      Signed-off-by: default avatarTom Rix <trix@redhat.com>
      Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      fc412a61
    • Tom Rix's avatar
      nfsd: define exports_proc_ops with CONFIG_PROC_FS · 340086da
      Tom Rix authored
      gcc with W=1 and ! CONFIG_PROC_FS
      fs/nfsd/nfsctl.c:161:30: error: ‘exports_proc_ops’
        defined but not used [-Werror=unused-const-variable=]
        161 | static const struct proc_ops exports_proc_ops = {
            |                              ^~~~~~~~~~~~~~~~
      
      The only use of exports_proc_ops is when CONFIG_PROC_FS
      is defined, so its definition should be likewise conditional.
      Signed-off-by: default avatarTom Rix <trix@redhat.com>
      Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      340086da
    • Ard Biesheuvel's avatar
      SUNRPC: Avoid relying on crypto API to derive CBC-CTS output IV · af97b7df
      Ard Biesheuvel authored
      Scott reports SUNRPC self-test failures regarding the output IV on arm64
      when using the SIMD accelerated implementation of AES in CBC mode with
      ciphertext stealing ("cts(cbc(aes))" in crypto API speak).
      
      These failures are the result of the fact that, while RFC 3962 does
      specify what the output IV should be and includes test vectors for it,
      the general concept of an output IV is poorly defined, and generally,
      not specified by the various algorithms implemented by the crypto API.
      Only algorithms that support transparent chaining (e.g., CBC mode on a
      block boundary) have requirements on the output IV, but ciphertext
      stealing (CTS) is fundamentally about how to encapsulate CBC in a way
      where the length of the entire message may not be an integral multiple
      of the cipher block size, and the concept of an output IV does not exist
      here because it has no defined purpose past the end of the message.
      
      The generic CTS template takes advantage of this chaining capability of
      the CBC implementations, and as a result, happens to return an output
      IV, simply because it passes its IV buffer directly to the encapsulated
      CBC implementation, which operates on full blocks only, and always
      returns an IV. This output IV happens to match how RFC 3962 defines it,
      even though the CTS template itself does not contain any output IV logic
      whatsoever, and, for this reason, lacks any test vectors that exercise
      this accidental output IV generation.
      
      The arm64 SIMD implementation of cts(cbc(aes)) does not use the generic
      CTS template at all, but instead, implements the CBC mode and ciphertext
      stealing directly, and therefore does not encapsule a CBC implementation
      that returns an output IV in the same way. The arm64 SIMD implementation
      complies with the specification and passes all internal tests, but when
      invoked by the SUNRPC code, fails to produce the expected output IV and
      causes its selftests to fail.
      
      Given that the output IV is defined as the penultimate block (where the
      final block may smaller than the block size), we can quite easily derive
      it in the caller by copying the appropriate slice of ciphertext after
      encryption.
      
      Cc: Trond Myklebust <trond.myklebust@hammerspace.com>
      Cc: Anna Schumaker <anna@kernel.org>
      Cc: Chuck Lever <chuck.lever@oracle.com>
      Cc: Jeff Layton <jlayton@kernel.org>
      Reported-by: default avatarScott Mayhew <smayhew@redhat.com>
      Tested-by: default avatarScott Mayhew <smayhew@redhat.com>
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      af97b7df
  6. 27 Apr, 2023 7 commits
    • Chuck Lever's avatar
      NFSD: Handle new xprtsec= export option · 9280c577
      Chuck Lever authored
      Enable administrators to require clients to use transport layer
      security when accessing particular exports.
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      9280c577
    • Chuck Lever's avatar
      SUNRPC: Support TLS handshake in the server-side TCP socket code · b3cbf98e
      Chuck Lever authored
      This patch adds opportunitistic RPC-with-TLS to the Linux in-kernel
      NFS server. If the client requests RPC-with-TLS and the user space
      handshake agent is running, the server will set up a TLS session.
      
      There are no policy settings yet. For example, the server cannot
      yet require the use of RPC-with-TLS to access its data.
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      b3cbf98e
    • Chuck Lever's avatar
      NFSD: Clean up xattr memory allocation flags · 22b620ec
      Chuck Lever authored
      Tetsuo Handa points out:
      > Since GFP_KERNEL is "GFP_NOFS | __GFP_FS", usage like
      > "GFP_KERNEL | GFP_NOFS" does not make sense.
      
      The original intent was to hold the inode lock while estimating
      the buffer requirements for the requested information. Frank van
      der Linden, the author of NFSD's xattr code, says:
      
      > ... you need inode_lock to get an atomic view of an xattr. Since
      > both nfsd_getxattr and nfsd_listxattr to the standard trick of
      > querying the xattr length with a NULL buf argument (just getting
      > the length back), allocating the right buffer size, and then
      > querying again, they need to hold the inode lock to avoid having
      > the xattr changed from under them while doing that.
      >
      > From that then flows the requirement that GFP_FS could cause
      > problems while holding i_rwsem, so I added GFP_NOFS.
      
      However, Dave Chinner states:
      > You can do GFP_KERNEL allocations holding the i_rwsem just fine.
      > All that it requires is the caller holds a reference to the
      > inode ...
      
      Since these code paths acquire a dentry, they do indeed hold a
      reference. It is therefore safe to use GFP_KERNEL for these memory
      allocations. In particular, that's what this code is already doing;
      but now the C source code looks sane too.
      
      At a later time we can revisit in order to remove the inode lock in
      favor of simply retrying if the estimated buffer size is too small.
      Reported-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      22b620ec
    • Dai Ngo's avatar
      NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop · 147abcac
      Dai Ngo authored
      The following request sequence to the same file causes the NFS client and
      server getting into an infinite loop with COMMIT and NFS4ERR_DELAY:
      
      OPEN
      REMOVE
      WRITE
      COMMIT
      
      Problem reported by recall11, recall12, recall14, recall20, recall22,
      recall40, recall42, recall48, recall50 of nfstest suite.
      
      This patch restores the handling of race condition in nfsd_file_do_acquire
      with unlink to that prior of the regression.
      
      Fixes: ac3a2585 ("nfsd: rework refcounting in filecache")
      Signed-off-by: default avatarDai Ngo <dai.ngo@oracle.com>
      Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      147abcac
    • Chuck Lever's avatar
      SUNRPC: Clear rq_xid when receiving a new RPC Call · 695bc1f3
      Chuck Lever authored
      This is an eye-catcher for tracepoints that record the XID: it means
      svc_rqst() has not received a full RPC Call with an XID yet.
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      695bc1f3
    • Chuck Lever's avatar
      SUNRPC: Recognize control messages in server-side TCP socket code · 5e052dda
      Chuck Lever authored
      To support kTLS, the server-side TCP socket receive path needs to
      watch for CMSGs.
      Acked-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      5e052dda
    • Chuck Lever's avatar
      SUNRPC: Be even lazier about releasing pages · 6a0cdf56
      Chuck Lever authored
      A single RPC transaction that touches only a couple of pages means
      rq_pvec will not be even close to full in svc_xpt_release(). This is
      a common case.
      
      Instead, just leave the pages in rq_pvec until it is completely
      full. This improves the efficiency of the batch release mechanism
      on workloads that involve small RPC messages.
      
      The rq_pvec is also fully emptied just before thread exit.
      Reviewed-by: default avatarCalum Mackay <calum.mackay@oracle.com>
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      6a0cdf56
  7. 26 Apr, 2023 24 commits