<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/fs/nfsd, branch v2.6.26</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>nfsd: reorder printk in do_probe_callback to avoid use-after-free</title>
<updated>2008-05-18T23:13:07+00:00</updated>
<author>
<name>J. Bruce Fields</name>
<email>bfields@citi.umich.edu</email>
</author>
<published>2008-05-05T23:47:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=88dd0be3874566796fa4ffbdf927a53c4a6a2f4b'/>
<id>88dd0be3874566796fa4ffbdf927a53c4a6a2f4b</id>
<content type='text'>
We're currently dereferencing the client after we drop our reference
count to it.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
We're currently dereferencing the client after we drop our reference
count to it.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>fs: replace remaining __FUNCTION__ occurrences</title>
<updated>2008-04-30T15:29:54+00:00</updated>
<author>
<name>Harvey Harrison</name>
<email>harvey.harrison@gmail.com</email>
</author>
<published>2008-04-30T07:55:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=8e24eea728068bbeb6a3c500b848f883a20bf225'/>
<id>8e24eea728068bbeb6a3c500b848f883a20bf225</id>
<content type='text'>
__FUNCTION__ is gcc-specific, use __func__

Signed-off-by: Harvey Harrison &lt;harvey.harrison@gmail.com&gt;
Signed-off-by: Andrew Morton &lt;akpm@linux-foundation.org&gt;
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
__FUNCTION__ is gcc-specific, use __func__

Signed-off-by: Harvey Harrison &lt;harvey.harrison@gmail.com&gt;
Signed-off-by: Andrew Morton &lt;akpm@linux-foundation.org&gt;
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>nfsd: use proc_create to setup de-&gt;proc_fops</title>
<updated>2008-04-29T15:06:20+00:00</updated>
<author>
<name>Denis V. Lunev</name>
<email>den@openvz.org</email>
</author>
<published>2008-04-29T08:02:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=9ef2db2630652d68dfd336088648adae7ef0bcd4'/>
<id>9ef2db2630652d68dfd336088648adae7ef0bcd4</id>
<content type='text'>
Use proc_create() to make sure that -&gt;proc_fops be setup before gluing PDE to
main tree.

Signed-off-by: Denis V. Lunev &lt;den@openvz.org&gt;
Cc: Neil Brown &lt;neilb@suse.de&gt;
Cc: "J. Bruce Fields" &lt;bfields@fieldses.org&gt;
Cc: Alexey Dobriyan &lt;adobriyan@gmail.com&gt;
Cc: "Eric W. Biederman" &lt;ebiederm@xmission.com&gt;
Signed-off-by: Andrew Morton &lt;akpm@linux-foundation.org&gt;
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Use proc_create() to make sure that -&gt;proc_fops be setup before gluing PDE to
main tree.

Signed-off-by: Denis V. Lunev &lt;den@openvz.org&gt;
Cc: Neil Brown &lt;neilb@suse.de&gt;
Cc: "J. Bruce Fields" &lt;bfields@fieldses.org&gt;
Cc: Alexey Dobriyan &lt;adobriyan@gmail.com&gt;
Cc: "Eric W. Biederman" &lt;ebiederm@xmission.com&gt;
Signed-off-by: Andrew Morton &lt;akpm@linux-foundation.org&gt;
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>nfsd: don't allow setting ctime over v4</title>
<updated>2008-04-25T17:00:11+00:00</updated>
<author>
<name>J. Bruce Fields</name>
<email>bfields@citi.umich.edu</email>
</author>
<published>2008-04-24T20:59:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e36cd4a2873c398ba188f16e4087cce7f00a1506'/>
<id>e36cd4a2873c398ba188f16e4087cce7f00a1506</id>
<content type='text'>
Presumably this is left over from earlier drafts of v4, which listed
TIME_METADATA as writeable.  It's read-only in rfc 3530, and shouldn't
be modifiable anyway.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Presumably this is left over from earlier drafts of v4, which listed
TIME_METADATA as writeable.  It's read-only in rfc 3530, and shouldn't
be modifiable anyway.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>locks: don't call -&gt;copy_lock methods on return of conflicting locks</title>
<updated>2008-04-25T17:00:11+00:00</updated>
<author>
<name>J. Bruce Fields</name>
<email>bfields@citi.umich.edu</email>
</author>
<published>2008-04-24T14:08:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=1a747ee0cc11a198f9e2435add821bd0dfedb7c1'/>
<id>1a747ee0cc11a198f9e2435add821bd0dfedb7c1</id>
<content type='text'>
The file_lock structure is used both as a heavy-weight representation of
an active lock, with pointers to reference-counted structures, etc., and
as a simple container for parameters that describe a file lock.

The conflicting lock returned from __posix_lock_file is an example of
the latter; so don't call the filesystem or lock manager callbacks when
copying to it.  This also saves the need for an unnecessary
locks_init_lock in the nfsv4 server.

Thanks to Trond for pointing out the error.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
Cc: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The file_lock structure is used both as a heavy-weight representation of
an active lock, with pointers to reference-counted structures, etc., and
as a simple container for parameters that describe a file lock.

The conflicting lock returned from __posix_lock_file is an example of
the latter; so don't call the filesystem or lock manager callbacks when
copying to it.  This also saves the need for an unnecessary
locks_init_lock in the nfsv4 server.

Thanks to Trond for pointing out the error.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
Cc: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>lockd: unlock lockd locks held for a certain filesystem</title>
<updated>2008-04-25T17:00:11+00:00</updated>
<author>
<name>Wendy Cheng</name>
<email>wcheng@redhat.com</email>
</author>
<published>2008-01-17T16:10:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=17efa372cfe4d189705edf6cd4fbe283827a5dc7'/>
<id>17efa372cfe4d189705edf6cd4fbe283827a5dc7</id>
<content type='text'>
Add /proc/fs/nfsd/unlock_filesystem, which allows e.g.:

shell&gt; echo /mnt/sfs1 &gt; /proc/fs/nfsd/unlock_filesystem

so that a filesystem can be unmounted before allowing a peer nfsd to
take over nfs service for the filesystem.

Signed-off-by: S. Wendy Cheng &lt;wcheng@redhat.com&gt;
Cc: Lon Hohberger  &lt;lhh@redhat.com&gt;
Cc: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;

 fs/lockd/svcsubs.c          |   66 +++++++++++++++++++++++++++++++++++++++-----
 fs/nfsd/nfsctl.c            |   65 +++++++++++++++++++++++++++++++++++++++++++
 include/linux/lockd/lockd.h |    7 ++++
 3 files changed, 131 insertions(+), 7 deletions(-)
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add /proc/fs/nfsd/unlock_filesystem, which allows e.g.:

shell&gt; echo /mnt/sfs1 &gt; /proc/fs/nfsd/unlock_filesystem

so that a filesystem can be unmounted before allowing a peer nfsd to
take over nfs service for the filesystem.

Signed-off-by: S. Wendy Cheng &lt;wcheng@redhat.com&gt;
Cc: Lon Hohberger  &lt;lhh@redhat.com&gt;
Cc: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;

 fs/lockd/svcsubs.c          |   66 +++++++++++++++++++++++++++++++++++++++-----
 fs/nfsd/nfsctl.c            |   65 +++++++++++++++++++++++++++++++++++++++++++
 include/linux/lockd/lockd.h |    7 ++++
 3 files changed, 131 insertions(+), 7 deletions(-)
</pre>
</div>
</content>
</entry>
<entry>
<title>lockd: unlock lockd locks associated with a given server ip</title>
<updated>2008-04-25T17:00:10+00:00</updated>
<author>
<name>Wendy Cheng</name>
<email>wcheng@redhat.com</email>
</author>
<published>2008-01-17T16:10:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=4373ea84c84d8a96e99d3da99e813d3e36d1bd11'/>
<id>4373ea84c84d8a96e99d3da99e813d3e36d1bd11</id>
<content type='text'>
For high-availability NFS service, we generally need to be able to drop
file locks held on the exported filesystem before moving clients to a
new server.  Currently the only way to do that is by shutting down lockd
entirely, which is often undesireable (for example, if you want to
continue exporting other filesystems).

This patch allows the administrator to release all locks held by clients
accessing the client through a given server ip address, by echoing that
address to a new file, /proc/fs/nfsd/unlock_ip, as in:

shell&gt; echo 10.1.1.2 &gt; /proc/fs/nfsd/unlock_ip

The expected sequence of events can be:
1. Tear down the IP address
2. Unexport the path
3. Write IP to /proc/fs/nfsd/unlock_ip to unlock files
4. Signal peer to begin take-over.

For now we only support IPv4 addresses and NFSv2/v3 (NFSv4 locks are not
affected).

Also, if unmounting the filesystem is required, we assume at step 3 that
clients using the given server ip are the only clients holding locks on
the given filesystem; otherwise, an additional patch is required to
allow revoking all locks held by lockd on a given filesystem.

Signed-off-by: S. Wendy Cheng &lt;wcheng@redhat.com&gt;
Cc: Lon Hohberger  &lt;lhh@redhat.com&gt;
Cc: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;

 fs/lockd/svcsubs.c          |   66 +++++++++++++++++++++++++++++++++++++++-----
 fs/nfsd/nfsctl.c            |   65 +++++++++++++++++++++++++++++++++++++++++++
 include/linux/lockd/lockd.h |    7 ++++
 3 files changed, 131 insertions(+), 7 deletions(-)
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
For high-availability NFS service, we generally need to be able to drop
file locks held on the exported filesystem before moving clients to a
new server.  Currently the only way to do that is by shutting down lockd
entirely, which is often undesireable (for example, if you want to
continue exporting other filesystems).

This patch allows the administrator to release all locks held by clients
accessing the client through a given server ip address, by echoing that
address to a new file, /proc/fs/nfsd/unlock_ip, as in:

shell&gt; echo 10.1.1.2 &gt; /proc/fs/nfsd/unlock_ip

The expected sequence of events can be:
1. Tear down the IP address
2. Unexport the path
3. Write IP to /proc/fs/nfsd/unlock_ip to unlock files
4. Signal peer to begin take-over.

For now we only support IPv4 addresses and NFSv2/v3 (NFSv4 locks are not
affected).

Also, if unmounting the filesystem is required, we assume at step 3 that
clients using the given server ip are the only clients holding locks on
the given filesystem; otherwise, an additional patch is required to
allow revoking all locks held by lockd on a given filesystem.

Signed-off-by: S. Wendy Cheng &lt;wcheng@redhat.com&gt;
Cc: Lon Hohberger  &lt;lhh@redhat.com&gt;
Cc: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;

 fs/lockd/svcsubs.c          |   66 +++++++++++++++++++++++++++++++++++++++-----
 fs/nfsd/nfsctl.c            |   65 +++++++++++++++++++++++++++++++++++++++++++
 include/linux/lockd/lockd.h |    7 ++++
 3 files changed, 131 insertions(+), 7 deletions(-)
</pre>
</div>
</content>
</entry>
<entry>
<title>knfsd: clear both setuid and setgid whenever a chown is done</title>
<updated>2008-04-23T20:13:43+00:00</updated>
<author>
<name>Jeff Layton</name>
<email>jlayton@redhat.com</email>
</author>
<published>2008-04-16T20:28:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=ca456252db0521e5e88024fa2b67535e9739e030'/>
<id>ca456252db0521e5e88024fa2b67535e9739e030</id>
<content type='text'>
Currently, knfsd only clears the setuid bit if the owner of a file is
changed on a SETATTR call, and only clears the setgid bit if the group
is changed. POSIX says this in the spec for chown():

    "If the specified file is a regular file, one or more of the
     S_IXUSR, S_IXGRP, or S_IXOTH bits of the file mode are set, and the
     process does not have appropriate privileges, the set-user-ID
     (S_ISUID) and set-group-ID (S_ISGID) bits of the file mode shall
     be cleared upon successful return from chown()."

If I'm reading this correctly, then knfsd is doing this wrong. It should
be clearing both the setuid and setgid bit on any SETATTR that changes
the uid or gid. This wasn't really as noticable before, but now that the
ATTR_KILL_S*ID bits are a no-op for the NFS client, it's more evident.

This patch corrects the nfsd_setattr logic so that this occurs. It also
does a bit of cleanup to the function.

There is also one small behavioral change. If a SETATTR call comes in
that changes the uid/gid and the mode, then we now only clear the setgid
bit if the group execute bit isn't set. The setgid bit without a group
execute bit signifies mandatory locking and we likely don't want to
clear the bit in that case. Since there is no call in POSIX that should
generate a SETATTR call like this, then this should rarely happen, but
it's worth noting.

Signed-off-by: Jeff Layton &lt;jlayton@redhat.com&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Currently, knfsd only clears the setuid bit if the owner of a file is
changed on a SETATTR call, and only clears the setgid bit if the group
is changed. POSIX says this in the spec for chown():

    "If the specified file is a regular file, one or more of the
     S_IXUSR, S_IXGRP, or S_IXOTH bits of the file mode are set, and the
     process does not have appropriate privileges, the set-user-ID
     (S_ISUID) and set-group-ID (S_ISGID) bits of the file mode shall
     be cleared upon successful return from chown()."

If I'm reading this correctly, then knfsd is doing this wrong. It should
be clearing both the setuid and setgid bit on any SETATTR that changes
the uid or gid. This wasn't really as noticable before, but now that the
ATTR_KILL_S*ID bits are a no-op for the NFS client, it's more evident.

This patch corrects the nfsd_setattr logic so that this occurs. It also
does a bit of cleanup to the function.

There is also one small behavioral change. If a SETATTR call comes in
that changes the uid/gid and the mode, then we now only clear the setgid
bit if the group execute bit isn't set. The setgid bit without a group
execute bit signifies mandatory locking and we likely don't want to
clear the bit in that case. Since there is no call in POSIX that should
generate a SETATTR call like this, then this should rarely happen, but
it's worth noting.

Signed-off-by: Jeff Layton &lt;jlayton@redhat.com&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>knfsd: get rid of imode variable in nfsd_setattr</title>
<updated>2008-04-23T20:13:43+00:00</updated>
<author>
<name>Jeff Layton</name>
<email>jlayton@redhat.com</email>
</author>
<published>2008-04-16T20:28:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=dee3209d993f17081d2c58d6470dfc8d6662078b'/>
<id>dee3209d993f17081d2c58d6470dfc8d6662078b</id>
<content type='text'>
...it's not really needed.

Signed-off-by: Jeff Layton &lt;jlayton@redhat.com&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
...it's not really needed.

Signed-off-by: Jeff Layton &lt;jlayton@redhat.com&gt;
Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>nfsd: use static memory for callback program and stats</title>
<updated>2008-04-23T20:13:42+00:00</updated>
<author>
<name>Olga Kornievskaia</name>
<email>aglo@citi.umich.edu</email>
</author>
<published>2008-03-28T20:04:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=ff7d9756b501744540be65e172d27ee321d86103'/>
<id>ff7d9756b501744540be65e172d27ee321d86103</id>
<content type='text'>
There's no need to dynamically allocate this memory, and doing so may
create the possibility of races on shutdown of the rpc client.  (We've
witnessed it only after adding rpcsec_gss support to the server, after
which the rpc code can send destroys calls that expect to still be able
to access the rpc_stats structure after it has been destroyed.)

Such races are in theory possible if the module containing this "static"
memory is removed very quickly after an rpc client is destroyed, but
we haven't seen that happen.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
There's no need to dynamically allocate this memory, and doing so may
create the possibility of races on shutdown of the rpc client.  (We've
witnessed it only after adding rpcsec_gss support to the server, after
which the rpc code can send destroys calls that expect to still be able
to access the rpc_stats structure after it has been destroyed.)

Such races are in theory possible if the module containing this "static"
memory is removed very quickly after an rpc client is destroyed, but
we haven't seen that happen.

Signed-off-by: J. Bruce Fields &lt;bfields@citi.umich.edu&gt;
</pre>
</div>
</content>
</entry>
</feed>
