An error occurred fetching the project authors.
- 14 Dec, 2009 1 commit
-
-
Boaz Harrosh authored
Now that the headers are fixed and carry their own wait, all fs/nfsd/ source files can include a minimal set of headers. and still compile just fine. This patch should improve the compilation speed of the nfsd module. Signed-off-by:
Boaz Harrosh <bharrosh@panasas.com> Signed-off-by:
J. Bruce Fields <bfields@citi.umich.edu>
-
- 28 Sep, 2009 1 commit
-
-
J. Bruce Fields authored
We really shouldn't hit this case at all, and forthcoming kernel and nfs-utils changes should eliminate this case; if it does happen, consider it a bug rather than reporting an error that doesn't really make sense for the operation (since there's no reason for a server to be accepting v4 traffic yet have no root filehandle). Also move some exp_pseudoroot code into a helper function while we're here. Signed-off-by:
-
- 23 Sep, 2009 1 commit
-
-
James Morris authored
Make all seq_operations structs const, to help mitigate against revectoring user-triggerable function pointers. This is derived from the grsecurity patch, although generated from scratch because it's simpler than extracting the changes from there. Signed-off-by:
James Morris <jmorris@namei.org> Acked-by:
Serge Hallyn <serue@us.ibm.com> Acked-by:
Casey Schaufler <casey@schaufler-ca.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
- 03 Sep, 2009 1 commit
-
-
Trond Myklebust authored
nfsd4_path() allocates a temporary filehandle and then fails to free it before the function exits, leaking reference counts to the dentry and export that it refers to. Also, nfsd4_lookupp() puts the result of exp_pseudoroot() in a temporary filehandle which it releases on success of exp_pseudoroot() but not on failure; fix exp_pseudoroot to ensure that on failure it releases the filehandle before returning. Signed-off-by:
Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by:
-
- 09 Aug, 2009 1 commit
-
-
Trond Myklebust authored
For events that are rare, such as referral DNS lookups, it makes limited sense to have a daemon constantly listening for upcalls on a channel. An alternative in those cases might simply be to run the app that fills the cache using call_usermodehelper_exec() and friends. The following patch allows the cache_detail to specify alternative upcall mechanisms for these particular cases. Signed-off-by:
-
- 12 Jun, 2009 4 commits
-
-
Al Viro authored
Signed-off-by:Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Signed-off-by: -
Al Viro authored
... and lose the always-NULL last argument (non-NULL case had been split off a while ago). Signed-off-by: -
Al Viro authored
Signed-off-by:
-
- 23 Apr, 2009 1 commit
-
-
Roel Kluin authored
Signed-off-by:
Roel Kluin <roel.kluin@gmail.com> Signed-off-by:
-
- 23 Oct, 2008 2 commits
-
-
Al Viro authored
Signed-off-by: -
Al Viro authored
clean up the exit paths, get rid of nameidata Signed-off-by:
-
- 22 Oct, 2008 2 commits
-
-
J. Bruce Fields authored
We might as well do all of these at the end. Fix up a couple minor style nits while we're there. Signed-off-by: -
Krishna Kumar authored
Drop reference to export key on error. Compile tested. Signed-off-by:
Krishna Kumar <krkumar2@in.ibm.com> Signed-off-by:
-
- 30 Jul, 2008 1 commit
-
-
Julia Lawall authored
Once clp is assigned, it never becomes NULL, so we can make a label for it in the error handling code. Because the call to path_lookup follows the call to auth_domain_find, its error handling code should jump to this new label. The semantic match that finds this problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // <smpl> @r@ expression x,E; statement S; position p1,p2,p3; @@ ( if ((x = auth_domain_find@p1(...)) == NULL || ...) S | x = auth_domain_find@p1(...) ... when != x if (x == NULL || ...) S ) <... if@p3 (...) { ... when != auth_domain_put(x) when != if (x) { ... auth_domain_put(x); ...} return@p2 ...; } ...> ( return x; | return 0; | x = E | E = x | auth_domain_put(x) ) @exists@ position r.p1,r.p2,r.p3; expression x; int ret != 0; statement S; @@ * x = auth_domain_find@p1(...) <... * if@p3 (...) S ...> * return@p2 \(NULL\|ret\); // </smpl> Signed-off-by:
Julia Lawall <julia@diku.dk> Signed-off-by:
-
- 23 Apr, 2008 1 commit
-
-
Aurélien Charbon authored
This adds IPv6 support to the interfaces that are used to express nfsd exports. All addressed are stored internally as IPv6; backwards compatibility is maintained using mapped addresses. Thanks to Bruce Fields, Brian Haley, Neil Brown and Hideaki Joshifuji for comments Signed-off-by:
Aurelien Charbon <aurelien.charbon@bull.net> Cc: Neil Brown <neilb@suse.de> Cc: Brian Haley <brian.haley@hp.com> Cc: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@linux-ipv6.org> Signed-off-by:
-
- 15 Feb, 2008 6 commits
-
-
Jan Blunck authored
d_path() is used on a <dentry,vfsmount> pair. Lets use a struct path to reflect this. [akpm@linux-foundation.org: fix build in mm/memory.c] Signed-off-by:
Jan Blunck <jblunck@suse.de> Acked-by:
Bryan Wu <bryan.wu@analog.com> Acked-by:
Christoph Hellwig <hch@infradead.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: "J. Bruce Fields" <bfields@fieldses.org> Cc: Neil Brown <neilb@suse.de> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by:
-
Jan Blunck authored
seq_path() is always called with a dentry and a vfsmount from a struct path. Make seq_path() take it directly as an argument. Signed-off-by:
-
Jan Blunck authored
I'm embedding struct path into struct svc_expkey. Signed-off-by:
"J. Bruce Fields" <bfields@fieldses.org> Cc: Neil Brown <neilb@suse.de> Cc: Christoph Hellwig <hch@lst.de> Signed-off-by:
-
Jan Blunck authored
I'm embedding struct path into struct svc_export. [akpm@linux-foundation.org: coding-style fixes] [ezk@cs.sunysb.edu: NFSD: fix wrong mnt_writer count in rename] Signed-off-by:
Erez Zadok <ezk@cs.sunysb.edu> Signed-off-by:
-
Jan Blunck authored
* Add path_put() functions for releasing a reference to the dentry and vfsmount of a struct path in the right order * Switch from path_release(nd) to path_put(&nd->path) * Rename dput_path() to path_put_conditional() [akpm@linux-foundation.org: fix cifs] Signed-off-by:
Andreas Gruenbacher <agruen@suse.de> Acked-by:
Christoph Hellwig <hch@lst.de> Cc: <linux-fsdevel@vger.kernel.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Steven French <sfrench@us.ibm.com> Signed-off-by:
-
Jan Blunck authored
This is the central patch of a cleanup series. In most cases there is no good reason why someone would want to use a dentry for itself. This series reflects that fact and embeds a struct path into nameidata. Together with the other patches of this series - it enforced the correct order of getting/releasing the reference count on <dentry,vfsmount> pairs - it prepares the VFS for stacking support since it is essential to have a struct path in every place where the stack can be traversed - it reduces the overall code size: without patch series: text data bss dec hex filename 5321639 858418 715768 6895825 6938d1 vmlinux with patch series: text data bss dec hex filename 5320026 858418 715768 6894212 693284 vmlinux This patch: Switch from nd->{dentry,mnt} to nd->path.{dentry,mnt} everywhere. [akpm@linux-foundation.org: coding-style fixes] [akpm@linux-foundation.org: fix cifs] [akpm@linux-foundation.org: fix smack] Signed-off-by:
-
- 07 Feb, 2008 1 commit
-
-
David Howells authored
Convert instances of ERR_PTR(PTR_ERR(p)) to ERR_CAST(p) using: perl -spi -e 's/ERR_PTR[(]PTR_ERR[(](.*)[)][)]/ERR_CAST(\1)/' `grep -rl 'ERR_PTR[(]*PTR_ERR' fs crypto net security` Signed-off-by:
David Howells <dhowells@redhat.com> Signed-off-by:
-
- 01 Feb, 2008 3 commits
-
-
J. Bruce Fields authored
Neither EPERM and ENOENT map to valid errors for PUTROOTFH according to rfc 3530, and, if anything, ENOENT is likely to be slightly more informative; so don't bother mapping ENOENT to EPERM. (Probably this was originally done because one likely cause was that there is an fsid=0 export but that it isn't permitted to this particular client. Now that we allow WRONGSEC returns, this is somewhat less likely.) In the long term we should work to make this situation less likely, perhaps by turning off nfsv4 service entirely in the absence of the pseudofs root, or constructing a pseudofilesystem root ourselves in the kernel as necessary. Thanks to Benny Halevy <bhalevy@panasas.com> for pointing out this problem. Signed-off-by: -
J. Bruce Fields authored
Newer server features such as nfsv4 and gss depend on proc to work, so a failure to initialize the proc files they need should be treated as fatal. Thanks to Andrew Morton for style fix and compile fix in case where CONFIG_NFSD_V4 is undefined. Cc: Andrew Morton <akpm@linux-foundation.org> Acked-by:
NeilBrown <neilb@suse.de> Signed-off-by:
-
J. Bruce Fields authored
There's really nothing much the caller can do if cache unregistration fails. And indeed, all any caller does in this case is print an error and continue. So just return void and move the printk's inside cache_unregister. Acked-by:
-
- 22 Oct, 2007 1 commit
-
-
Christoph Hellwig authored
Now that all filesystems are converted remove support for the old methods. Signed-off-by:
-
- 16 Oct, 2007 1 commit
-
-
Adrian Bunk authored
This patch makes the following needlessly global functions static: - exp_get_by_name() - exp_parent() - exp_find() Signed-off-by:
Adrian Bunk <bunk@stusta.de> Cc: Neil Brown <neilb@suse.de> Cc: "J. Bruce Fields" <bfields@fieldses.org> Signed-off-by:
-
- 31 Jul, 2007 1 commit
-
-
J. Bruce Fields authored
A succesful downcall with a negative result (which indicates that the given filesystem is not exported to the given user) should not return an error. Currently mountd is depending on stdio to write these downcalls. With some versions of libc this appears to cause subsequent writes to attempt to write all accumulated data (for which writes previously failed) along with any new data. This can prevent the kernel from seeing responses to later downcalls. Symptoms will be that nfsd fails to respond to certain requests. Signed-off-by:
-
- 22 Jul, 2007 1 commit
-
-
J. Bruce Fields authored
For display purposes, treat uid's and gid's as unsigned ints for now. Also fix a typo. Signed-off-by:
-
- 19 Jul, 2007 1 commit
-
-
J. Bruce Fields authored
I converted the various export-returning functions to return -ENOENT instead of NULL, but missed a few cases. This particular case could cause actual bugs in the case of a krb5 client that doesn't match any ip-based client and that is trying to access a filesystem not exported to krb5 clients. Signed-off-by:
-
- 17 Jul, 2007 9 commits
-
-
J. Bruce Fields authored
Add secinfo information to the display in proc/net/sunrpc/nfsd.export/content. Signed-off-by:
-
J. Bruce Fields authored
Factor out some code to be shared by secinfo display code. Remove some unnecessary conditional printing of commas where we know the condition is true. Signed-off-by:
-
Andy Adamson authored
Make the first actual use of the secinfo information by using it to return nfserr_wrongsec when an export is found that doesn't allow the flavor used on this request. Signed-off-by:
Andy Adamson <andros@citi.umich.edu> Signed-off-by:
-
J. Bruce Fields authored
With this patch, we fall back on using the gss/pseudoflavor only if we fail to find a matching auth_unix export that has a secinfo list. As long as sec= options aren't used, there's still no change in behavior here (except possibly for some additional auth_unix cache lookups, whose results will be ignored). The sec= option, however, is not actually enforced yet; later patches will add the necessary checks. Signed-off-by:
-
J. Bruce Fields authored
We want it to be possible for users to restrict exports both by IP address and by pseudoflavor. The pseudoflavor information has previously been passed using special auth_domains stored in the rq_client field. After the preceding patch that stored the pseudoflavor in rq_pflavor, that's now superfluous; so now we use rq_client for the ip information, as auth_null and auth_unix do. However, we keep around the special auth_domain in the rq_gssclient field for backwards compatibility purposes, so we can still do upcalls using the old "gss/pseudoflavor" auth_domain if upcalls using the unix domain to give us an appropriate export. This allows us to continue supporting old mountd. In fact, for this first patch, we always use the "gss/pseudoflavor" auth_domain (and only it) if it is available; thus rq_client is ignored in the auth_gss case, and this patch on its own makes no change in behavior; that will be left to later patches. Note on idmap: I'm almost tempted to just replace the auth_domain in the idmap upcall by a dummy value--no version of idmapd has ever used it, and it's unlikely anyone really wants to perform idmapping differently depending on the where the client is (they may want to perform *credential* mapping differently, but that's a different matter--the idmapper just handles id's used in getattr and setattr). But I'm updating the idmapd code anyway, just out of general backwards-compatibility paranoia. Signed-off-by:
-
J. Bruce Fields authored
Split the callers of exp_get_by_name(), exp_find(), and exp_parent() into those that are processing requests and those that are doing other stuff (like looking up filehandles for mountd). No change in behavior, just a (fairly pointless, on its own) cleanup. (Note this has the effect of making nfsd_cross_mnt() pass rqstp->rq_client instead of exp->ex_client into exp_find_by_name(). However, the two should have the same value at this point.) Signed-off-by:
-
J. Bruce Fields authored
We're passing three arguments to exp_pseudoroot, two of which are just fields of the svc_rqst. Soon we'll want to pass in a third field as well. So let's just give up and pass in the whole struct svc_rqst. Also sneak in some minor style cleanups while we're at it. Signed-off-by:
-
Andy Adamson authored
We add a list of pseudoflavors to each export downcall, which will be used both as a list of security flavors allowed on that export, and (in the order given) as the list of pseudoflavors to return on secinfo calls. This patch parses the new downcall information and adds it to the export structure, but doesn't use it for anything yet. Signed-off-by:
-
J. Bruce Fields authored
Currently exp_find(), exp_get_by_name(), and friends, return an export on success, and on failure return: errors -EAGAIN (drop this request pending an upcall) or -ETIMEDOUT (an upcall has timed out), or return NULL, which can mean either that there was a memory allocation failure, or that an export was not found, or that a passed-in export lacks an auth_domain. Many callers seem to assume that NULL means that an export was not found, which may lead to bugs in the case of a memory allocation failure. Modify these functions to distinguish between the two NULL cases by returning either -ENOENT or -ENOMEM. They now never return NULL. We get to simplify some code in the process. We return -ENOENT in the case of a missing auth_domain. This case should probably be removed (or converted to a bug) after confirming that it can never happen. Signed-off-by:
-
