| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
- s/preceeded/preceded/
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an NFSv4.n client specifies settings for attributes other
mode during a Open/Create/Exclusive_41, these other attributes
were not being set.
This patch resolves the problem by calling nfsrv_fixsattr()
after the VOP_CREATE() call in nfsvno_open() for this case.
There is no extant NFSv4.n client that currently does this,
as far as I know.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an NFSv4.n client specifies settings for the archive,
hidden and/or system attributes during a Open/Create, the
Open/Create fails for ZFS. This is caused by ZFS doing
a secpolicy_xvattr() call, which fails for non-root.
If this check is bypassed, ZFS panics.
This patch resolves the problem by disabling va_flags
for the VOP_CREATE() call in the NFSv4.n server and
then setting the flags with a subsequent VOP_SETATTR().
This problem only affects FreeBSD-15 and main, since the
archive, system and hidden attributes are not enabled
for FreeBSD-14.
I think a similar problem exists for the NFSv4.n
Open/Create/Exclusive_41, but that will be resolved
in a future commit.
Note that the Linux, Solaris and FreeBSD clients
do not set archive, hidden or system for Open/Create,
so the bug does not affect mounts from those clients.
PR: 292283
Reported by: Aurelien Couderc <aurelien.couderc2002@gmail.com>
Tested by: Aurelien Couderc <aurelien.couderc2002@gmail.com>
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An internet draft (expected to become an RFC someday)
https://datatracker.ietf.org/doc/draft-ietf-nfsv4-posix-acls
describes an extension to NFSv4.2 to handle POSIX draft ACLs.
This is the fifth of several patches that implement the
above draft.
This one mostly adds an extra argument to two functions
in nfscommon.ko. Unfortunately, these functions are
called in many places, so the changes are numerous, but
straightforward.
Since the internal KAPI between the NFS modules is changed
by this commit, all of nfscommon.ko, nfscl.ko and nfsd.ko
must be rebuilt from sources.
There should be no semantics change for the series at
this point.
Fixes: a35bbd5d9f5f ("nfscommon: Add some support for POSIX draft ACLs")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An internet draft (expected to become an RFC someday)
https://datatracker.ietf.org/doc/draft-ietf-nfsv4-posix-acls
describes an extension to NFSv4.2 to handle POSIX draft ACLs.
This is the second of several patches that implement the
above draft.
The only semantics change would be if you have exported
a UFS file system mounted with the "acl" option.
In that case, you would see the acl attribute supported.
This is bogus, but will be handled in the next commit.
Fixes: a35bbd5d9f5f ("nfscommon: Add some support for POSIX draft ACLs")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bugzilla PR reported a crash caused by a synthetic client
doing a Lock operation request with a delegation stateid.
This patch fixes the problem by adding sanity checks
for the type of stateid provided as an argument to the
Lock and LockU operations.
It has been tested with the FreeBSD, Linux and Solaris 11.4
clients. Hopefully, other NFSv4 clients will work ok
as well.
PR: 291080
Tested by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit d6864221d8 added support for the _PC_CASE_INSENSITIVE
name for pathconf, to indicate if case insensitive lookups
are configured.
This patch adds support for it for both NFSv4 and
NFSv3.
It also adds a fsidp argument to nfsv4_fillattr() which
will be used in future commit(s) related to NFSv4.n
directory delegations.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a client were to send a LayoutCommit (seldom
used and only for a pNFS server) with a bogus
cnt, there could be problems with a malloc() call
that uses it.
This patch adds a sanity check for the cnt. Note
that RFC8881 does not specify any upper bound
on the cnt.
Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed by: markj
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53354
|
| |
|
|
|
|
|
|
|
|
|
| |
The archive attribute (UF_ARCHIVE) is listed as deprecated
in RFC8881. However, the Windows NFSv4.1 client folk disagree
with this and say they need support for it.
This patch adds support for it, in a manner similar to what
is done for UF_SYSTEM and UF_HIDDEN.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is defined as a plain use of vref.
Churn generated with coccinelle:
@@
expression vp;
@@
- VREF(vp)
+ vref(vp)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This comment has been obsoleted by commit be1f7435ef21 ("kern: start
tracking cr_gid outside of cr_groups[].").
No functional change.
MFC after: 5 days
MFC to: stable/15
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52264
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 9a3edc8 modified the behaviour of ZFS's
VOP_READDIR() such that it will reply EINVAL for
an offset past EOF on the directory.
This exposed a latent bug in the NFSv4 Readdir
code, which would attempt a Readdir with an
offset beyond EOF for a directory that consists
of only "." and "..". This happened because NFSv4
does not reply "." or ".." to the client and, after
skipping over them, attempted another VOP_READDIR().
This patch fixes the problem by checking the eofflag
for the case where all entries have been skipped over.
Reviewed by: kib
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D52370
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 5b5b7e2ca2fa changed namei()s behaviour such that it
does not free the NAMEI buffer unless returning an error.
The nfsd was not fixed for this. Fortunately, the only
leak would be one NAMEI buffer each time mountd(8) reloads
the exports. (There were also leaks in the pNFS server
configuration, but almost no one uses it.)
This patch fixes the leaks by adding NDFREE_PNBUF() macros
in the appropriate places.
MFC after: 2 weeks
Discussed with: kib
Fixes: 5b5b7e2ca2fa ("vfs: always retain path buffer after lookup")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 37b2cb5ecb0f added VFS support for block cloning.
This patch uses the VFS changes to add support for the
NFSv4.2 Clone operation, which copies ranges within one
or two files via block cloning.
The Clone operation is similar to Copy, but always
completes the "copy on write". It is not allowed to
return partially done. It also allows copying of bytes
ranges within the same file, which the NFSv4.2 Copy
operation does not allow.
Unless COPY_FILE_RANGE_CLONE has been specified for
copy_file_range(2), a failing Clone operation will be
redone with a Copy.
The Clone operation requires that offsets (and length,
if it does not go to EOF in the input file) be aligned
to _PC_CLONE_BLKSIZE. This is similar to what ZFS
implements now.
At this time, ZFS is the only exportable file system
that supports block cloning. As such, the Clone operation
is only supported for ZFS exports at this time.
Fixes: 37b2cb5ecb0f ("vfs: Add support for file cloning to VOP_COPY_FILE_RANGE")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As of FreeBSD 15.0, crsetgroups() *only* sets supplementary groups,
while crsetgroups_and_egid() will do both using an array of the same
style that previous versions used for crsetgroups() -- i.e., the first
element is the egid, and the remainder are supplementary groups.
Unlike the previous iteration of crsetgroups(), crsetgroups_and_egid()
is less prone to misuse as the caller must provide a default egid to use
in case the array is empty. This is particularly useful for groups
being set from data provided by userland.
Reviewed by: olce
Suggested by: olce
Differential Revision: https://reviews.freebsd.org/D51647
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the (mostly) kernel side of de-conflating cr_gid and the
supplemental groups. The pre-existing behavior for getgroups() and
setgroups() is retained to keep the user <-> kernel boundary
functionally the same while we audit use of these syscalls, but we can
remove a lot of the internal special-casing just by reorganizing ucred
like this.
struct xucred has been altered because the cr_gid macro becomes
problematic if ucred has a real cr_gid member but xucred does not. Most
notably, they both also have cr_groups[] members, so the definition
means that we could easily have situations where we end up using the
first supplemental group as the egid in some places. We really can't
change the ABI of xucred, so instead we alias the first member to the
`cr_gid` name and maintain the status quo.
This also fixes the Linux setgroups(2)/getgroups(2) implementation to
more cleanly preserve the group set, now that we don't need to special
case cr_groups[0].
__FreeBSD_version bumped for the `struct ucred` ABI break.
For relnotes: downstreams and out-of-tree modules absolutely must fix
any references to cr_groups[0] in their code. These are almost
exclusively incorrect in the new world, and cr_gid should be used
instead. There is a cr_gid macro available in earlier FreeBSD versions
that can be used to avoid having version-dependant conditionals to refer
to the effective group id. Surrounding code may need adjusted if it
peels off the first element of cr_groups and uses the others as the
supplemental groups, since the supplemental groups start at cr_groups[0]
now if &cr_groups[0] != &cr_gid.
Relnotes: yes (see last paragraph)
Co-authored-by: olce
Differential Revision: https://reviews.freebsd.org/D51489
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
des@ reported a panic in the NFSv4 server, where
nfsv4_fillattr() did a VOP_PATHCONF() without having
"vp" locked.
Relocking the vnode is inefficient and, for Readdir,
may cause deadlocks. As such, this patch handles
VOP_PATHCONF() in the same way that the code checks
for ACL support, by doing the VOP_PATHCONF() before
the calls to nfsv4_filllattr() where the vnode is still locked.
Reported by: des
Reviewed by: kib (earlier version)
Differential Revision: https://reviews.freebsd.org/D51410
Fixes: c5d72d29fe0e ("nfsv4: Add support for the NFSv4 hidden and system attributes")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without this patch, nfsv4_fillattr() relocks the vnode to
test to see if extended attributes are supported.
This is inefficient and could cause deadlocks if Readdir
ever asks for this attribute.
At this time, no extant NFSv4 client asks for this attribute
for Readdir, but this patch fixes the problem in case a
future client does so, by moving the test for extended attribute
support to before the nfsv4_fillattr() call where the vnode
is still locked.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
| |
Without this patch, nfsrvd_openattr() requests an unlocked
vnode via VOP_LOOKUP(). This is not allowed for
"options DEBUG_VFS_LOCKS" kernels, so this patch requests a
locked vnode and then unlocks it.
Fixes: e4c7b2b6053f ("nfsv4: Add support to NFSv4 for named attributes")
|
| |
|
|
|
|
|
|
|
| |
Fixes: ef6ea91593ebff73e2fc201efd9f848b71c5a125
Reported by: des
Reviewed by: markj, rmacklem
Tested by: pho
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D51211
|
| |
|
|
|
|
|
|
|
|
| |
it clashes with ERESTART. Use EJUSTRETURN for the case, as it is often
done in other places in the kernel.
Reviewed by: markj, rmacklem
Tested by: pho
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D51211
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There now appears to be a use for the NFSv4 hidden and system
attributes for the Windows ms-nfs41 client. As such, this
patch implements these using the UF_HIDDEN and UF_SYSTEM
flags. Commit afd5bc630930 added support for _PC_HAS_HIDDENSYSTEM,
to VOP_PATHCONF(), which is used by the server to check for
support of the UF_HIDDEN and UF_SYSTEM flags.
This patch only affects NFSv4 and only when the client/server
on the other end supports the hidden and system attributes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without this patch, the ACE in a NFSv4 delegation reply is
generated from the file's user mode bits. This is correct
in most situations, but not if the file has certain NFSv4 ACLs.
This patch uses the @OWNER ACE in the NFSv4 ACL if it comes
before any deny ACE and returns a "nil access" ACE if a
deny preceeds the @OWNER.
This change affects few NFSv4 clients, since most clients
ignore the delegation access ACE and it only affects cases
where the NFSv4 server is issuing delegations.
Fixes: 8e2a90ac8089 ("nfscommon: Factor out conversion of ae_perm to NFSv4 ACE flags")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFSv4.0 required that a server recall delegations for a file
being removed (or renamed destination) since there was no way for the
server to know if client doing the remove (or rename destination) was
the same one that holds the delegation.
For NFSv4.1/4.2, the server does know which client is doing
the remove (or rename over), since the Sequence operation that
is the first operation in the compound identies the client via
the session.
This patch implements an optimization where the recalls of
delegations are only done when the client holding the delegation
is not the same as the one doing the remove (or rename destination).
Since the Linux knfsd already implements this optimization, it
should be ok for extant clients. However, this patch adds a
new sysctl called vfs.nfsd.recalldeleg which disables this
optimization when set to true/1, just in case it causes grief for
some extant NFSv4.1/4.2 client.
This only affects NFSv4.1/4.2 behaviour when delegations are
enabled (vfs.nfsd.issue_delegations=1).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace priorities specified by a base priority and some hardcoded
offset value by symbolic constants. Hardcoded offsets prevent changing
the difference between priorities without changing their relative
ordering, and is generally a dangerous practice since the resulting
priority may inadvertently belong to a different selection policy's
range.
Since RQ_PPQ is 4, differences of less than 4 are insignificant, so just
remove them. These small differences have not been changed for years,
so it is likely they have no real meaning (besides having no practical
effect). One can still consult the changes history to recover them if
ever needed.
No functional change (intended).
MFC after: 1 month
Event: Kitchener-Waterloo Hackathon 202506
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45390
|
| |
|
|
|
| |
MFC after: 2 weeks
Fixes: 1749465947a8 ("nfsd: Fix accumulating nfslockfile structures")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a NFSv4 client does an exclusive open where the file
already exists, the server returns EEXIST. However,
without this patch, a partially filled in nfslockfile
structure is allocated, but is not referenced by any open
and, as such, never gets freed.
This patch fixes the bug by checking for EEXIST before
calling nfsvno_open().
Reported by: Christoper Iler <ciler@volexity.com>
Tested by: Christoper Iler <ciler@volexity.com>
MFC after: 2 weeks
|
| |
|
|
|
|
| |
PR: 286796
Reviewed by: rmacklem
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFSv4 supports a feature called named attributes, that are
essentially Solaris style extended attributes.
Commits starting with 2ec2ba7e232d added Solaris style extended
attribute support.
This patch uses the Solaris style extended attribute
support to provide support for NFSv4.
Since nfsv4_loadattr() needed an additional argument,
many file are affected, although many in a trivial way.
For the NFSv4 server to support named attributes, ZFS must
be patched and only ZFS file systems support these Solaris
style extended attributes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The grace time of 2 minutes plus when the nfsd is started
is needed for normal operation. It allows client(s) to
recovery open/lock state. However, for testing situations
where there are no client(s) to recover state, it introduces
an unacceptable delay.
The new per-vnet jail sysctl can be set non-zero to disable
the grace period. It should only be used for testing and
can be applied on a per-jail basis. It must be set before
the nfsd is started up.
Requested by: asomers
Tested by: asomers
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes several bugs where some 'struct ucred' in the kernel,
constructed from user input (via nmount(2)) or obtained from other
servers (e.g., gssd(8)), could have an unfilled 'cr_groups' field and
whose 'cr_groups[0]' (or 'cr_gid', which is an alias) was later
accessed, causing an uninitialized access giving random access rights.
Use crsetgroups_fallback() to enforce a fallback group when possible.
For NFS, the chosen fallback group is that of the NFS server in the
current VNET (NFSD_VNET(nfsrv_defaultgid)).
There does not seem to be any sensible fallback available in rpc code
(sys/rpc/svc_auth.c, svc_getcred()) on AUTH_UNIX (TLS or not), so just
fail credential retrieval there. Stock NSS sources, rpc.tlsservd(8) or
rpc.tlsclntd(8) provide non-empty group lists, so will not be impacted.
Discussed with: rmacklem (by mail)
Approved by: markj (mentor)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D46918
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There has been a documented case in the exports(5) man
page forever, which specifies that the -maproot or -mapall
may have a single user entry, followed by a ':'.
This case is defined as specifying no groups (aka cr_ngroups == 0).
This patch fixes the NFS server so that it handles this case correctly.
After MFC'ng this patch to stable/13 and stable/14, I propose that
this unusual case be deprecated and no longer allowed in FreeBSD15.
At that point, this patch can be reverted.
Reviewed by: brooks
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D47204
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nfsrv_freeopen() was being called after the mutex
lock was released, making it possible for other
kernel threads to change the lists while nfsrv_freeopen()
took the nfsstateid out of the lists.
This patch moves the code around
"if (nfsrv_freeopen(stp, vp, 1 p) == 0) {"
into nfsrv_freeopen(), so that it can remove the nfsstateid
structure from all lists before unlocking the mutex.
This should avoid any race between CLOSE and other nfsd threads
updating the NFSv4 state.
The patch does not affect semantics when vfs.nfsd.enable_locallocks=0.
PR: 280978
Tested by: Matthew L. Dailey <matthew.l.dailey@dartmouth.edu>
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit d8a5961 made a change to nfsv4_sattr() that broke
parsing of the setable attributes for a NFSv4 SETATTR.
(It broke out of the code by setting "error" and returning
right away, instead of noting the error in nd_repstat and
allowing parsing of the attributes to continue.)
By returning prematurely, it was possible for SETATTR to return
the error, but with a bogus set of attribute bits set, since
"retbits" had not yet been set to all zeros.
(I am not sure if any client could be affected by this bug.
The patch was done for a failure case detected by a pynfs test
suite and not an actual client.)
While here, the patch also fixes a
few cases where the value of attributes gets set for attributes
after an error has been set in nd_repstat. This would not really
break the protocol, since a SETATTR is allowed to set some attributes
and still return an failure, but should not really be done.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC8275 defines a new attribute as an extension to NFSv4.2
called MODE_UMASK. This patch adds support for this attribute
to the NFSv4.2 client and server.
Since FreeBSD applies the umask above the VFS/VOP layer,
this attribute does not actually have any effect on the
handling of ACL inheritance, which is what it is designed for.
However, future changes to NFSv4.2 require support of it,
so this patch does that, resulting in behaviour identcal to
the mode attribute already supported.
MFC after: 2 months
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit dfaeeacc2cc2 modified clientID handling so that it could be done
with only a mutex lock held when vfs.nfsd.enable_locallocks is 0.
This makes it unsafe to change the setting of vfs.nfsd.enable_locallocks
when nfsd threads are active.
This patch forces all nfsd threads to be blocked when the value
of vfs.nfsd.enable_locallocks is changed, so that it is done safely.
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Feb. 28, a problem was reported on freebsd-stable@ where a
nfsd thread processing an ExchangeID operation was blocked for
a long time by another nfsd thread performing a copy_file_range.
This occurred because the copy_file_range was taking a long time,
but also because handling a clientID requires that all other nfsd
threads be blocked via an exclusive lock, as required by ExchangeID.
This patch allows clientID handling to be done with only a mutex
held (instead of an exclusive lock that blocks all other nfsd threads)
when vfs.nfsd.enable_locallocks is 0. For the case of
vfs.nfsd.enable_locallocks set to 1, the exclusive lock that
blocks all nfsd threads is still required.
This patch does make changing the value of vfs.nfsd.enable_locallocks
somewhat racy. A future commit will ensure any change is done when
all nfsd threads are blocked to avoid this racyness.
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Feb. 28, a problem was reported on freebsd-stable@ where a
nfsd thread processing an ExchangeID operation was blocked for
a long time by another nfsd thread performing a copy_file_range.
This occurred because the copy_file_range was taking a long time,
but also because handling a clientID requires that all other nfsd
threads be blocked via an exclusive lock, as required by ExchangeID.
This patch adds two arguments to nfsv4_cleanclient() so that it
can optionally be called with a mutex held. For this patch, the
first of these arguments is "false" and, as such, there is no
change in semantics. However, this change will allow a future
commit to modify handling of the clientID so that it can be done
with a mutex held while other nfsd threads continue to process
NFS RPCs.
MFC after: 1 month
|
| |
|
|
|
|
|
|
| |
During code inspection, I noticed that
NFSD_VNET_DEFINE(nfsrv_dontlisthead)
is unused, so delete it.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For NFSv4.1/4.2, an atomic upgrade of a delegation from a
read delegation to a write delegation is allowed and can
result in signoficantly improved performance.
This patch adds support for this atomic upgrade, plus fixes
a couple of other delegation related bugs. Since there were
three cases where delegations were being issued, the patch
factors this out into a separate function called
nfsrv_issuedelegations().
This patch should only affect the NFSv4.1/4.2 behaviour
when delegations are enabled, which is not the default.
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC8881 specifies that, when a Link operation occurs on an
NFSv4, that file delegations issued to other clients must
be recalled. Discovered during a recent discussion on nfsv4@ietf.org.
Although I have not observed a problem caused by not doing
the required delegation recall, it is definitely required
by the RFC, so this patch makes the server do the recall.
Tested during a recent NFSv4 IETF Bakeathon event.
MFC after: 1 week
|
| |
|
|
|
|
|
|
| |
This reverts commit f300335d9aebf2e99862bf783978bd44ede23550.
It turns out that the old code was correct and it was wireshark
that was broken and indicated that the RPC's XDR was bogus.
Found during IETF bakeathon testing this week.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This setting causes the NFS server to check that all RPCs are sent from
a privileged (<= 1023) port, rejecting those that are not. This
slightly raises the bar for a user with network access to an
unauthenticated NFS server to access exported NFS filesystems.
Users that use traditional NFS clients (e.g., those provided by FreeBSD
or Linux) should not see any difference, assuming that unprivileged
filesystem mounting is disallowed.
Note that the setting is per-VNET, so may be overridden in VNET jails
without affecting the rest of the system.
Discussed with: freebsd-arch@
Reviewed by: rmacklem, bz, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44906
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If access from unreserved ports is disabled, then a remote host can
cause an NFS server to log a message by sending a packet. This is
useful for diagnosing problems but bad for resiliency in the case where
the server is being spammed with a large number of rejected requests.
Limit prints to once per second (racily).
Reviewed by: rmacklem, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D44819
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFSv4.2 supports a Copy operation, which avoids file data being
read to the client and then written back to the server, if both
input and output files are on the same NFSv4.2 mount for
copy_file_range(2).
Unfortunately, this Copy operation can take a long time under
certain circumstances. If this occurs concurrently with a RPC
that requires an exclusive lock on the nfsd such as ExchangeID
done for a new mount, the result can be an nfsd "stall" until
the Copy completes.
This patch adds a sysctl that can be set to limit the size of
a Copy operation or, if set to 0, disable Copy operations.
The use of this sysctl and other ways to avoid Copy operations
taking too long will be documented in the nfsd.4 man page by
a separate commit.
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
| |
Bump __FreeBSD_version for ZFS use.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D43356
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When I implemented a test patch using Open Claim_Deleg_Cur_FH
I discovered that the NFSv4.1/4.2 server was broken for this
Open option. Fortunately it is never used by the FreeBSD
client and never used by other clients unless delegations
are enabled. (The FreeBSD NFSv4 server does not have delegations
enabled by default.)
Claim_Deleg_Cur_FH was broken because the code mistakenly
assumed a stateID argument, which is not the case.
This patch fixes the bug by changing the XDR parser to not
expect a stateID and to fill most of the stateID in from the
clientID. The clientID is the first two elements of the "other"
array for the stateID and is sufficient to identify which
client the delegation is issued to. Since there is only one
delegation issued to a client per file, this is sufficient to
locate the correct delegation.
If you are running non-FreeBSD NFSv4.1/4.2 mounts against the
FreeBSD server, you need this patch if you have delegations enabled.
PR: 274574
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without this patch, a NFSv4 Readdir operation acquires the vnode for
each entry in the directory. If only the Type, Fileid, Mounted_on_fileid
and ReaddirError attributes are requested by a client, acquiring the vnode
is not necessary for non-directories. Directory vnodes must be acquired
to check for server file system mount points.
This patch avoids acquiring the vnode, as above, resulting in a 3-8%
improvement in Readdir RPC RTT for some simple tests I did.
Note that only non-rdirplus NFSv4 mounts will benefit from this change.
Tested during a recent IETF NFSv4 Bakeathon testing event.
MFC after: 1 month
|
| |
|
|
| |
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
