1. 08 May, 2017 1 commit
  2. 05 May, 2017 4 commits
  3. 03 May, 2017 1 commit
  4. 02 May, 2017 3 commits
  5. 29 Apr, 2017 3 commits
  6. 28 Apr, 2017 4 commits
    • Trond Myklebust's avatar
      pNFS: Ensure we check layout validity before marking it for return · bdebfccd
      Trond Myklebust authored
      pnfs_error_mark_layout_for_return needs to check that the layout is
      valid before calling pnfs_set_plh_return_info().
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      bdebfccd
    • Olga Kornievskaia's avatar
      NFS4.1 handle interrupted slot reuse from ERR_DELAY · 88bd4f86
      Olga Kornievskaia authored
      If the RPC slot was interrupted and server replied to the next
      operation on the "reused" slot with ERR_DELAY, don't clear out
      the "interrupted" flag until we properly recover.
      Signed-off-by: default avatarOlga Kornievskaia <kolga@netapp.com>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      88bd4f86
    • Pan Bian's avatar
      NFSv4: check return value of xdr_inline_decode · 4edabfd7
      Pan Bian authored
      Function xdr_inline_decode() will return a NULL pointer if the input
      buffer does not have long enough buffer to decode nbytes of data.
      However, in function decode_op_map(), the return value of
      xdr_inline_decode() is not validated before it is used. This patch adds
      a check to the return value of xdr_inline_decode().
      Signed-off-by: default avatarPan Bian <bianpan2016@163.com>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      4edabfd7
    • Artem Savkov's avatar
      nfs/filelayout: fix NULL pointer dereference in fl_pnfs_update_layout() · 209aa230
      Artem Savkov authored
      Calling pnfs_put_lset on an IS_ERR pointer results in a NULL pointer
      dereference like the one below. At the same time the check of retvalue
      of filelayout_check_deviceid() sets lseg to error, but does not free it
      before that.
      
      [ 3000.636161] BUG: unable to handle kernel NULL pointer dereference at 000000000000003c
      [ 3000.636970] IP: pnfs_put_lseg+0x29/0x100 [nfsv4]
      [ 3000.637420] PGD 4f23b067
      [ 3000.637421] PUD 4a0f4067
      [ 3000.637679] PMD 0
      [ 3000.637937]
      [ 3000.638287] Oops: 0000 [#1] SMP
      [ 3000.638591] Modules linked in: nfs_layout_nfsv41_files nfsv3 nfnetlink_queue nfnetlink_log nfnetlink bluetooth rfkill rpcsec_gss_krb5 nfsv4 nfs fscache binfmt_misc arc4 md4 nls_utf8 cifs ccm dns_resolver rpcrdma ib_isert iscsi_target_mod ib_iser rdma_cm iw_cm libiscsi scsi_transport_iscsi ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib ib_ucm ib_uverbs ib_umad ib_cm ib_core nls_koi8_u nls_cp932 ts_kmp nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcspkr virtio_balloon ppdev virtio_rng parport_pc i2c_piix4 parport acpi_cpufreq nfsd auth_rpcgss nfs_acl lockd grace sunrpc xfs libcrc32c ata_generic pata_acpi virtio_blk virtio_net cirrus drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops crc32c_intel ata_piix ttm libata drm serio_raw
      [ 3000.645245]  i2c_core virtio_pci virtio_ring virtio floppy dm_mirror dm_region_hash dm_log dm_mod [last unloaded: xt_u32]
      [ 3000.646360] CPU: 1 PID: 26402 Comm: date Not tainted 4.11.0-rc7.1.el7.test.x86_64 #1
      [ 3000.647092] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
      [ 3000.647638] task: ffff8800415ada00 task.stack: ffffc90000ff0000
      [ 3000.648207] RIP: 0010:pnfs_put_lseg+0x29/0x100 [nfsv4]
      [ 3000.648696] RSP: 0018:ffffc90000ff39b8 EFLAGS: 00010246
      [ 3000.649193] RAX: 0000000000000000 RBX: fffffffffffffff4 RCX: 00000000000d43be
      [ 3000.649859] RDX: 00000000000d43bd RSI: 0000000000000000 RDI: fffffffffffffff4
      [ 3000.650530] RBP: ffffc90000ff39d8 R08: 000000000001e320 R09: ffffffffa05c35ce
      [ 3000.651203] R10: ffff88007fd1e320 R11: ffffea0001283d80 R12: 0000000001400040
      [ 3000.651875] R13: ffff88004f77d9f0 R14: ffffc90000ff3cd8 R15: ffff8800417ade00
      [ 3000.652546] FS:  00007fac4d5cd740(0000) GS:ffff88007fd00000(0000) knlGS:0000000000000000
      [ 3000.653304] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [ 3000.653849] CR2: 000000000000003c CR3: 000000004f080000 CR4: 00000000000406e0
      [ 3000.654527] Call Trace:
      [ 3000.654771]  fl_pnfs_update_layout.constprop.20+0x10c/0x150 [nfs_layout_nfsv41_files]
      [ 3000.655505]  filelayout_pg_init_write+0x21d/0x270 [nfs_layout_nfsv41_files]
      [ 3000.656195]  __nfs_pageio_add_request+0x11c/0x490 [nfs]
      [ 3000.656698]  nfs_pageio_add_request+0xac/0x260 [nfs]
      [ 3000.657180]  nfs_do_writepage+0x109/0x2e0 [nfs]
      [ 3000.657616]  nfs_writepages_callback+0x16/0x30 [nfs]
      [ 3000.658096]  write_cache_pages+0x26f/0x510
      [ 3000.658495]  ? nfs_do_writepage+0x2e0/0x2e0 [nfs]
      [ 3000.658946]  ? _raw_spin_unlock_bh+0x1e/0x20
      [ 3000.659357]  ? wb_wakeup_delayed+0x5f/0x70
      [ 3000.659748]  ? __mark_inode_dirty+0x2eb/0x360
      [ 3000.660170]  nfs_writepages+0x84/0xd0 [nfs]
      [ 3000.660575]  ? nfs_updatepage+0x571/0xb70 [nfs]
      [ 3000.661012]  do_writepages+0x1e/0x30
      [ 3000.661358]  __filemap_fdatawrite_range+0xc6/0x100
      [ 3000.661819]  filemap_write_and_wait_range+0x41/0x90
      [ 3000.662292]  nfs_file_fsync+0x34/0x1f0 [nfs]
      [ 3000.662704]  vfs_fsync_range+0x3d/0xb0
      [ 3000.663065]  vfs_fsync+0x1c/0x20
      [ 3000.663385]  nfs4_file_flush+0x57/0x80 [nfsv4]
      [ 3000.663813]  filp_close+0x2f/0x70
      [ 3000.664132]  __close_fd+0x9a/0xc0
      [ 3000.664453]  SyS_close+0x23/0x50
      [ 3000.664785]  do_syscall_64+0x67/0x180
      [ 3000.665162]  entry_SYSCALL64_slow_path+0x25/0x25
      [ 3000.665600] RIP: 0033:0x7fac4d0e1e90
      [ 3000.665946] RSP: 002b:00007ffd54e90c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
      [ 3000.666679] RAX: ffffffffffffffda RBX: 00007fac4d3b5400 RCX: 00007fac4d0e1e90
      [ 3000.667349] RDX: 0000000000000000 RSI: 00007fac4d5d9000 RDI: 0000000000000001
      [ 3000.668031] RBP: 0000000000000000 R08: 00007fac4d3b6a00 R09: 00007fac4d5cd740
      [ 3000.668709] R10: 00007ffd54e909e0 R11: 0000000000000246 R12: 0000000000000000
      [ 3000.669385] R13: 00007fac4d3b5e80 R14: 0000000000000000 R15: 0000000000000000
      [ 3000.670061] Code: 00 00 66 66 66 66 90 55 48 85 ff 48 89 e5 41 56 41 55 41 54 53 48 89 fb 0f 84 97 00 00 00 f6 05 16 8f bc ff 10 0f 85 a6 00 00 00 <4c> 8b 63 48 48 8d 7b 38 49 8b 84 24 90 00 00 00 4c 8d a8 88 00
      [ 3000.671831] RIP: pnfs_put_lseg+0x29/0x100 [nfsv4] RSP: ffffc90000ff39b8
      [ 3000.672462] CR2: 000000000000003c
      Signed-off-by: default avatarArtem Savkov <asavkov@redhat.com>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      209aa230
  7. 26 Apr, 2017 2 commits
  8. 25 Apr, 2017 18 commits
  9. 21 Apr, 2017 4 commits
    • Benjamin Coddington's avatar
      NFS: Always wait for I/O completion before unlock · f30cb757
      Benjamin Coddington authored
      NFS attempts to wait for read and write completion before unlocking in
      order to ensure that the data returned was protected by the lock.  When
      this waiting is interrupted by a signal, the unlock may be skipped, and
      messages similar to the following are seen in the kernel ring buffer:
      
      [20.167876] Leaked locks on dev=0x0:0x2b ino=0x8dd4c3:
      [20.168286] POSIX: fl_owner=ffff880078b06940 fl_flags=0x1 fl_type=0x0 fl_pid=20183
      [20.168727] POSIX: fl_owner=ffff880078b06680 fl_flags=0x1 fl_type=0x0 fl_pid=20185
      
      For NFSv3, the missing unlock will cause the server to refuse conflicting
      locks indefinitely.  For NFSv4, the leftover lock will be removed by the
      server after the lease timeout.
      
      This patch fixes this issue by skipping the usual wait in
      nfs_iocounter_wait if the FL_CLOSE flag is set when signaled.  Instead, the
      wait happens in the unlock RPC task on the NFS UOC rpc_waitqueue.
      
      For NFSv3, use lockd's new nlmclnt_operations along with
      nfs_async_iocounter_wait to defer NLM's unlock task until the lock
      context's iocounter reaches zero.
      
      For NFSv4, call nfs_async_iocounter_wait() directly from unlock's
      current rpc_call_prepare.
      Signed-off-by: default avatarBenjamin Coddington <bcodding@redhat.com>
      Reviewed-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      f30cb757
    • Benjamin Coddington's avatar
      lockd: Introduce nlmclnt_operations · b1ece737
      Benjamin Coddington authored
      NFS would enjoy the ability to modify the behavior of the NLM client's
      unlock RPC task in order to delay the transmission of the unlock until IO
      that was submitted under that lock has completed.  This ability can ensure
      that the NLM client will always complete the transmission of an unlock even
      if the waiting caller has been interrupted with fatal signal.
      
      For this purpose, a pointer to a struct nlmclnt_operations can be assigned
      in a nfs_module's nfs_rpc_ops that will install those nlmclnt_operations on
      the nlm_host.  The struct nlmclnt_operations defines three callback
      operations that will be used in a following patch:
      
      nlmclnt_alloc_call - used to call back after a successful allocation of
      	a struct nlm_rqst in nlmclnt_proc().
      
      nlmclnt_unlock_prepare - used to call back during NLM unlock's
      	rpc_call_prepare.  The NLM client defers calling rpc_call_start()
      	until this callback returns false.
      
      nlmclnt_release_call - used to call back when the NLM client's struct
      	nlm_rqst is freed.
      Signed-off-by: default avatarBenjamin Coddington <bcodding@redhat.com>
      Reviewed-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      b1ece737
    • Benjamin Coddington's avatar
      NFS: Add an iocounter wait function for async RPC tasks · 7d6ddf88
      Benjamin Coddington authored
      By sleeping on a new NFS Unlock-On-Close waitqueue, rpc tasks may wait for
      a lock context's iocounter to reach zero.  The rpc waitqueue is only woken
      when the open_context has the NFS_CONTEXT_UNLOCK flag set in order to
      mitigate spurious wake-ups for any iocounter reaching zero.
      Signed-off-by: default avatarBenjamin Coddington <bcodding@redhat.com>
      Reviewed-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      7d6ddf88
    • Benjamin Coddington's avatar
      locks: Set FL_CLOSE when removing flock locks on close() · 50f2112c
      Benjamin Coddington authored
      Set FL_CLOSE in fl_flags as in locks_remove_posix() when clearing locks.
      NFS will check for this flag to ensure an unlock is sent in a following
      patch.
      
      Fuse handles flock and posix locks differently for FL_CLOSE, and so
      requires a fixup to retain the existing behavior for flock.
      Signed-off-by: default avatarBenjamin Coddington <bcodding@redhat.com>
      Reviewed-by: default avatarJeff Layton <jlayton@redhat.com>
      Acked-by: default avatarMiklos Szeredi <miklos@szeredi.hu>
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
      50f2112c