1. 06 May, 2013 3 commits
    • Weston Andros Adamson's avatar
      NFSv3: match sec= flavor against server list · d497ab97
      Weston Andros Adamson authored
      Older linux clients match the 'sec=' mount option flavor against the server's
      flavor list (if available) and return EPERM if the specified flavor or AUTH_NULL
      (which "matches" any flavor) is not found.
      
      Recent changes skip this step and allow the vfs mount even though no operations
      will succeed, creating a 'dud' mount.
      
      This patch reverts back to the old behavior of matching specified flavors
      against the server list and also returns EPERM when no sec= is specified and
      none of the flavors returned by the server are supported by the client.
      
      Example of behavior change:
      
      the server's /etc/exports:
      
      /export/krb5      *(sec=krb5,rw,no_root_squash)
      
      old client behavior:
      
      $ uname -a
      Linux one.apikia.fake 3.8.8-202.fc18.x86_64 #1 SMP Wed Apr 17 23:25:17 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
      $ sudo mount -v -o sec=sys,vers=3 zero:/export/krb5 /mnt
      mount.nfs: timeout set for Sun May  5 17:32:04 2013
      mount.nfs: trying text-based options 'sec=sys,vers=3,addr=192.168.100.10'
      mount.nfs: prog 100003, trying vers=3, prot=6
      mount.nfs: trying 192.168.100.10 prog 100003 vers 3 prot TCP port 2049
      mount.nfs: prog 100005, trying vers=3, prot=17
      mount.nfs: trying 192.168.100.10 prog 100005 vers 3 prot UDP port 20048
      mount.nfs: mount(2): Permission denied
      mount.nfs: access denied by server while mounting zero:/export/krb5
      
      recently changed behavior:
      
      $ uname -a
      Linux one.apikia.fake 3.9.0-testing+ #2 SMP Fri May 3 20:29:32 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux
      $ sudo mount -v -o sec=sys,vers=3 zero:/export/krb5 /mnt
      mount.nfs: timeout set for Sun May  5 17:37:17 2013
      mount.nfs: trying text-based options 'sec=sys,vers=3,addr=192.168.100.10'
      mount.nfs: prog 100003, trying vers=3, prot=6
      mount.nfs: trying 192.168.100.10 prog 100003 vers 3 prot TCP port 2049
      mount.nfs: prog 100005, trying vers=3, prot=17
      mount.nfs: trying 192.168.100.10 prog 100005 vers 3 prot UDP port 20048
      $ ls /mnt
      ls: cannot open directory /mnt: Permission denied
      $ sudo ls /mnt
      ls: cannot open directory /mnt: Permission denied
      $ sudo df /mnt
      df: ‘/mnt’: Permission denied
      df: no file systems processed
      $ sudo umount /mnt
      $
      Signed-off-by: default avatarWeston Andros Adamson <dros@netapp.com>
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      d497ab97
    • Trond Myklebust's avatar
      NFSv4.1: Ensure that we free the lock stateid on the server · c8b2d0bf
      Trond Myklebust authored
      This ensures that the server doesn't need to keep huge numbers of
      lock stateids waiting around for the final CLOSE.
      See section 8.2.4 in RFC5661.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      c8b2d0bf
    • Trond Myklebust's avatar
      NFSv4: Convert nfs41_free_stateid to use an asynchronous RPC call · 7c1d5fae
      Trond Myklebust authored
      The main reason for doing this is will be to allow for an asynchronous
      RPC mode that we can use for freeing lock stateids as per section
      8.2.4 of RFC5661.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      7c1d5fae
  2. 03 May, 2013 2 commits
  3. 29 Apr, 2013 2 commits
  4. 23 Apr, 2013 5 commits
    • Trond Myklebust's avatar
      Merge branch 'bugfixes' into linux-next · b0212b84
      Trond Myklebust authored
      Fix up a conflict between the linux-next branch and mainline.
      Conflicts:
      	fs/nfs/nfs4proc.c
      b0212b84
    • Trond Myklebust's avatar
      Merge branch 'rpcsec_gss-from_cel' into linux-next · bd1d421a
      Trond Myklebust authored
      * rpcsec_gss-from_cel: (21 commits)
        NFS: Retry SETCLIENTID with AUTH_SYS instead of AUTH_NONE
        NFSv4: Don't clear the machine cred when client establish returns EACCES
        NFSv4: Fix issues in nfs4_discover_server_trunking
        NFSv4: Fix the fallback to AUTH_NULL if krb5i is not available
        NFS: Use server-recommended security flavor by default (NFSv3)
        SUNRPC: Don't recognize RPC_AUTH_MAXFLAVOR
        NFS: Use "krb5i" to establish NFSv4 state whenever possible
        NFS: Try AUTH_UNIX when PUTROOTFH gets NFS4ERR_WRONGSEC
        NFS: Use static list of security flavors during root FH lookup recovery
        NFS: Avoid PUTROOTFH when managing leases
        NFS: Clean up nfs4_proc_get_rootfh
        NFS: Handle missing rpc.gssd when looking up root FH
        SUNRPC: Remove EXPORT_SYMBOL_GPL() from GSS mech switch
        SUNRPC: Make gss_mech_get() static
        SUNRPC: Refactor nfsd4_do_encode_secinfo()
        SUNRPC: Consider qop when looking up pseudoflavors
        SUNRPC: Load GSS kernel module by OID
        SUNRPC: Introduce rpcauth_get_pseudoflavor()
        SUNRPC: Define rpcsec_gss_info structure
        NFS: Remove unneeded forward declaration
        ...
      bd1d421a
    • Trond Myklebust's avatar
      NFSv4: Don't recheck permissions on open in case of recovery cached open · bdeca1b7
      Trond Myklebust authored
      If we already checked the user access permissions on the original open,
      then don't bother checking again on recovery. Doing so can cause a
      deadlock with NFSv4.1, since the may_open() operation is not privileged.
      Furthermore, we can't report an access permission failure here anyway.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      bdeca1b7
    • Trond Myklebust's avatar
      NFSv4.1: Don't do a delegated open for NFS4_OPEN_CLAIM_DELEG_CUR_FH modes · cd4c9be2
      Trond Myklebust authored
      If we're in a delegation recall situation, we can't do a delegated open.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      cd4c9be2
    • Trond Myklebust's avatar
      NFSv4.1: Use the more efficient open_noattr call for open-by-filehandle · 8188df17
      Trond Myklebust authored
      When we're doing open-by-filehandle in NFSv4.1, we shouldn't need to
      do the cache consistency revalidation on the directory. It is
      therefore more efficient to just use open_noattr, which returns the
      file attributes, but not the directory attributes.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      8188df17
  5. 22 Apr, 2013 2 commits
    • Chuck Lever's avatar
      NFS: Retry SETCLIENTID with AUTH_SYS instead of AUTH_NONE · 79d852bf
      Chuck Lever authored
      Recently I changed the SETCLIENTID code to use AUTH_GSS(krb5i), and
      then retry with AUTH_NONE if that didn't work.  This was to enable
      Kerberos NFS mounts to work without forcing Linux NFS clients to
      have a keytab on hand.
      
      Rick Macklem reports that the FreeBSD server accepts AUTH_NONE only
      for NULL operations (thus certainly not for SETCLIENTID).  Falling
      back to AUTH_NONE means our proposed 3.10 NFS client will not
      interoperate with FreeBSD servers over NFSv4 unless Kerberos is
      fully configured on both ends.
      
      If the Linux client falls back to using AUTH_SYS instead for
      SETCLIENTID, all should work fine as long as the NFS server is
      configured to allow AUTH_SYS for SETCLIENTID.
      
      This may still prevent access to Kerberos-only FreeBSD servers by
      Linux clients with no keytab.  Rick is of the opinion that the
      security settings the server applies to its pseudo-fs should also
      apply to the SETCLIENTID operation.
      
      Linux and Solaris NFS servers do not place that limitation on
      SETCLIENTID.  The security settings for the server's pseudo-fs are
      determined automatically as the union of security flavors allowed on
      real exports, as recommended by RFC 3530bis; and the flavors allowed
      for SETCLIENTID are all flavors supported by the respective server
      implementation.
      Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      79d852bf
    • Trond Myklebust's avatar
      NFSv4: Ensure that we clear the NFS_OPEN_STATE flag when appropriate · fd068b20
      Trond Myklebust authored
      We should always clear it before initiating file recovery.
      Also ensure that we clear it after a CLOSE and/or after TEST_STATEID fails.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      fd068b20
  6. 21 Apr, 2013 1 commit
  7. 20 Apr, 2013 2 commits
  8. 19 Apr, 2013 1 commit
  9. 16 Apr, 2013 1 commit
  10. 14 Apr, 2013 3 commits
  11. 12 Apr, 2013 1 commit
  12. 11 Apr, 2013 1 commit
  13. 10 Apr, 2013 2 commits
  14. 09 Apr, 2013 3 commits
  15. 08 Apr, 2013 1 commit
    • Trond Myklebust's avatar
      NFSv4: Handle timeouts correctly when probing for lease validity · bc7a05ca
      Trond Myklebust authored
      When we send a RENEW or SEQUENCE operation in order to probe if the
      lease is still valid, we want it to be able to time out since the
      lease we are probing is likely to time out too. Currently, because
      we use soft mount semantics for these RPC calls, the return value
      is EIO, which causes the state manager to exit with an "unhandled
      error" message.
      This patch changes the call semantics, so that the RPC layer returns
      ETIMEDOUT instead of EIO. We then have the state manager default to
      a simple retry instead of exiting.
      Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
      bc7a05ca
  16. 05 Apr, 2013 10 commits