Commit 1ebede86 authored by NeilBrown's avatar NeilBrown Committed by J. Bruce Fields

sunrpc: close connection when a request is irretrievably lost.

If we drop a request in the sunrpc layer, either due kmalloc failure,
or due to a cache miss when we could not queue the request for later
replay, then close the connection to encourage the client to retry sooner.

Note that if the drop happens in the NFS layer, NFSERR_JUKEBOX
(aka NFS4ERR_DELAY) is returned to guide the client concerning
replay.
Signed-off-by: default avatarNeilBrown <neilb@suse.de>
Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent 06497524
...@@ -108,9 +108,13 @@ struct auth_ops { ...@@ -108,9 +108,13 @@ struct auth_ops {
#define SVC_NEGATIVE 4 #define SVC_NEGATIVE 4
#define SVC_OK 5 #define SVC_OK 5
#define SVC_DROP 6 #define SVC_DROP 6
#define SVC_DENIED 7 #define SVC_CLOSE 7 /* Like SVC_DROP, but request is definitely
#define SVC_PENDING 8 * lost so if there is a tcp connection, it
#define SVC_COMPLETE 9 * should be closed
*/
#define SVC_DENIED 8
#define SVC_PENDING 9
#define SVC_COMPLETE 10
extern int svc_authenticate(struct svc_rqst *rqstp, __be32 *authp); extern int svc_authenticate(struct svc_rqst *rqstp, __be32 *authp);
......
...@@ -964,7 +964,7 @@ svcauth_gss_set_client(struct svc_rqst *rqstp) ...@@ -964,7 +964,7 @@ svcauth_gss_set_client(struct svc_rqst *rqstp)
if (rqstp->rq_gssclient == NULL) if (rqstp->rq_gssclient == NULL)
return SVC_DENIED; return SVC_DENIED;
stat = svcauth_unix_set_client(rqstp); stat = svcauth_unix_set_client(rqstp);
if (stat == SVC_DROP) if (stat == SVC_DROP || stat == SVC_CLOSE)
return stat; return stat;
return SVC_OK; return SVC_OK;
} }
...@@ -1018,7 +1018,7 @@ static int svcauth_gss_handle_init(struct svc_rqst *rqstp, ...@@ -1018,7 +1018,7 @@ static int svcauth_gss_handle_init(struct svc_rqst *rqstp,
return SVC_DENIED; return SVC_DENIED;
memset(&rsikey, 0, sizeof(rsikey)); memset(&rsikey, 0, sizeof(rsikey));
if (dup_netobj(&rsikey.in_handle, &gc->gc_ctx)) if (dup_netobj(&rsikey.in_handle, &gc->gc_ctx))
return SVC_DROP; return SVC_CLOSE;
*authp = rpc_autherr_badverf; *authp = rpc_autherr_badverf;
if (svc_safe_getnetobj(argv, &tmpobj)) { if (svc_safe_getnetobj(argv, &tmpobj)) {
kfree(rsikey.in_handle.data); kfree(rsikey.in_handle.data);
...@@ -1026,22 +1026,22 @@ static int svcauth_gss_handle_init(struct svc_rqst *rqstp, ...@@ -1026,22 +1026,22 @@ static int svcauth_gss_handle_init(struct svc_rqst *rqstp,
} }
if (dup_netobj(&rsikey.in_token, &tmpobj)) { if (dup_netobj(&rsikey.in_token, &tmpobj)) {
kfree(rsikey.in_handle.data); kfree(rsikey.in_handle.data);
return SVC_DROP; return SVC_CLOSE;
} }
/* Perform upcall, or find upcall result: */ /* Perform upcall, or find upcall result: */
rsip = rsi_lookup(&rsikey); rsip = rsi_lookup(&rsikey);
rsi_free(&rsikey); rsi_free(&rsikey);
if (!rsip) if (!rsip)
return SVC_DROP; return SVC_CLOSE;
switch (cache_check(&rsi_cache, &rsip->h, &rqstp->rq_chandle)) { switch (cache_check(&rsi_cache, &rsip->h, &rqstp->rq_chandle)) {
case -EAGAIN: case -EAGAIN:
case -ETIMEDOUT: case -ETIMEDOUT:
case -ENOENT: case -ENOENT:
/* No upcall result: */ /* No upcall result: */
return SVC_DROP; return SVC_CLOSE;
case 0: case 0:
ret = SVC_DROP; ret = SVC_CLOSE;
/* Got an answer to the upcall; use it: */ /* Got an answer to the upcall; use it: */
if (gss_write_init_verf(rqstp, rsip)) if (gss_write_init_verf(rqstp, rsip))
goto out; goto out;
......
...@@ -1055,6 +1055,9 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) ...@@ -1055,6 +1055,9 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv)
goto err_bad; goto err_bad;
case SVC_DENIED: case SVC_DENIED:
goto err_bad_auth; goto err_bad_auth;
case SVC_CLOSE:
if (test_bit(XPT_TEMP, &rqstp->rq_xprt->xpt_flags))
svc_close_xprt(rqstp->rq_xprt);
case SVC_DROP: case SVC_DROP:
goto dropit; goto dropit;
case SVC_COMPLETE: case SVC_COMPLETE:
......
...@@ -674,6 +674,8 @@ static struct group_info *unix_gid_find(uid_t uid, struct svc_rqst *rqstp) ...@@ -674,6 +674,8 @@ static struct group_info *unix_gid_find(uid_t uid, struct svc_rqst *rqstp)
switch (ret) { switch (ret) {
case -ENOENT: case -ENOENT:
return ERR_PTR(-ENOENT); return ERR_PTR(-ENOENT);
case -ETIMEDOUT:
return ERR_PTR(-ESHUTDOWN);
case 0: case 0:
gi = get_group_info(ug->gi); gi = get_group_info(ug->gi);
cache_put(&ug->h, &unix_gid_cache); cache_put(&ug->h, &unix_gid_cache);
...@@ -720,8 +722,9 @@ svcauth_unix_set_client(struct svc_rqst *rqstp) ...@@ -720,8 +722,9 @@ svcauth_unix_set_client(struct svc_rqst *rqstp)
switch (cache_check(&ip_map_cache, &ipm->h, &rqstp->rq_chandle)) { switch (cache_check(&ip_map_cache, &ipm->h, &rqstp->rq_chandle)) {
default: default:
BUG(); BUG();
case -EAGAIN:
case -ETIMEDOUT: case -ETIMEDOUT:
return SVC_CLOSE;
case -EAGAIN:
return SVC_DROP; return SVC_DROP;
case -ENOENT: case -ENOENT:
return SVC_DENIED; return SVC_DENIED;
...@@ -736,6 +739,8 @@ svcauth_unix_set_client(struct svc_rqst *rqstp) ...@@ -736,6 +739,8 @@ svcauth_unix_set_client(struct svc_rqst *rqstp)
switch (PTR_ERR(gi)) { switch (PTR_ERR(gi)) {
case -EAGAIN: case -EAGAIN:
return SVC_DROP; return SVC_DROP;
case -ESHUTDOWN:
return SVC_CLOSE;
case -ENOENT: case -ENOENT:
break; break;
default: default:
...@@ -776,7 +781,7 @@ svcauth_null_accept(struct svc_rqst *rqstp, __be32 *authp) ...@@ -776,7 +781,7 @@ svcauth_null_accept(struct svc_rqst *rqstp, __be32 *authp)
cred->cr_gid = (gid_t) -1; cred->cr_gid = (gid_t) -1;
cred->cr_group_info = groups_alloc(0); cred->cr_group_info = groups_alloc(0);
if (cred->cr_group_info == NULL) if (cred->cr_group_info == NULL)
return SVC_DROP; /* kmalloc failure - client must retry */ return SVC_CLOSE; /* kmalloc failure - client must retry */
/* Put NULL verifier */ /* Put NULL verifier */
svc_putnl(resv, RPC_AUTH_NULL); svc_putnl(resv, RPC_AUTH_NULL);
...@@ -840,7 +845,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) ...@@ -840,7 +845,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp)
goto badcred; goto badcred;
cred->cr_group_info = groups_alloc(slen); cred->cr_group_info = groups_alloc(slen);
if (cred->cr_group_info == NULL) if (cred->cr_group_info == NULL)
return SVC_DROP; return SVC_CLOSE;
for (i = 0; i < slen; i++) for (i = 0; i < slen; i++)
GROUP_AT(cred->cr_group_info, i) = svc_getnl(argv); GROUP_AT(cred->cr_group_info, i) = svc_getnl(argv);
if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment