JIRA: https://issues.redhat.com/browse/RHEL-72352
CVE: CVE-2024-53173
commit 2fdb05dc0931250574f0cb0ebeb5ed8e20f4a889
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Fri Nov 8 12:13:31 2024 -0500
NFSv4.0: Fix a use-after-free problem in the asynchronous open()
Yang Erkun reports that when two threads are opening files at the same
time, and are forced to abort before a reply is seen, then the call to
nfs_release_seqid() in nfs4_opendata_free() can result in a
use-after-free of the pointer to the defunct rpc task of the other
thread.
The fix is to ensure that if the RPC call is aborted before the call to
nfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()
in nfs4_open_release() before the rpc_task is freed.
Reported-by: Yang Erkun <yangerkun@huawei.com>
Fixes: 24ac23ab88 ("NFSv4: Convert open() into an asynchronous RPC call")
Reviewed-by: Yang Erkun <yangerkun@huawei.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit d054c5eb2890633935c23c371f45fb2d6b3b4b64
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Wed Oct 23 09:35:43 2024 -0400
NFS: Fix attribute delegation behaviour on exclusive create
When the client does an exclusive create and the server decides to store
the verifier in the timestamps, a SETATTR is subsequently sent to fix up
those timestamps. When that is the case, suppress the exceptions for
attribute delegations in nfs4_bitmap_copy_adjust().
Fixes: 32215c1f893a ("NFSv4: Don't request atime/mtime/size if they are delegated to us")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Anna Schumaker <anna.schumaker@oracle.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 615e693b14ba22e1332c3bd5a4e038284bbc3e07
Author: Roi Azarzar <roi.azarzar@vastdata.com>
Date: Sun Sep 15 10:27:35 2024 +0000
NFSv4.2: Fix detection of "Proxying of Times" server support
According to draft-ietf-nfsv4-delstid-07:
If a server informs the client via the fattr4_open_arguments
attribute that it supports
OPEN_ARGS_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS and it returns a valid
delegation stateid for an OPEN operation which sets the
OPEN4_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS flag, then it MUST query the
client via a CB_GETATTR for the fattr4_time_deleg_access (see
Section 5.2) attribute and fattr4_time_deleg_modify attribute (see
Section 5.2).
Thus, we should look that the server supports proxying of times via
OPEN4_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS.
We want to be extra pedantic and continue to check that FATTR4_TIME_DELEG_ACCESS
and FATTR4_TIME_DELEG_MODIFY are set. The server needs to expose both for the
client to correctly detect "Proxying of Times" support.
Signed-off-by: Roi Azarzar <roi.azarzar@vastdata.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Fixes: dcb3c20f7419 ("NFSv4: Add a capability for delegated attributes")
Signed-off-by: Anna Schumaker <anna.schumaker@oracle.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit d72b7963115bea971a28eaa2cb76722c023f9fdf
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Wed Aug 21 14:05:01 2024 -0400
NFSv4: Fix clearing of layout segments in layoutreturn
Make sure that we clear the layout segments in cases where we see a
fatal error, and also in the case where the layout is invalid.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit cb78f9b7d0c0c9f86d8c0ac9c46b8b684d8785a9
Author: Jeff Layton <jlayton@kernel.org>
Date: Thu Aug 15 10:18:41 2024 -0400
nfs: fix the fetch of FATTR4_OPEN_ARGUMENTS
The client doesn't properly request FATTR4_OPEN_ARGUMENTS in the initial
SERVER_CAPS getattr. Add FATTR4_WORD2_OPEN_ARGUMENTS to the initial
request.
Fixes: 707f13b3d081 (NFSv4: Add support for the FATTR4_OPEN_ARGUMENTS attribute)
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 42375c2bfa3f7673f438e6dbf9acf17f69a98f77
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Thu Jun 13 01:00:53 2024 -0400
NFSv4/pnfs: Give nfs4_proc_layoutreturn() a flags argument
Replace the boolean in nfs4_proc_layoutreturn() with a set of flags that
will allow us to craft a version that is appropriate for reboot
recovery.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit bbbff6d5edd1079b9984da927d9cd4d49095fca9
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Thu Jun 13 01:00:52 2024 -0400
NFSv4/pNFS: Retry the layout return later in case of a timeout or reboot
If the layout return failed due to a timeout or reboot, then leave the
layout segments on the list so that the layout return gets replayed
later.
The exception would be if we're freeing the inode.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit cf453bfe92fd5a2a189305130c5e076b9871ec43
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Sun Jun 16 21:21:37 2024 -0400
NFSv4: Don't send delegation-related share access modes to CLOSE
When we set the new share access modes for CLOSE in nfs4_close_prepare().
we should only set a mode of NFS4_SHARE_ACCESS_READ, NFS4_SHARE_ACCESS_WRITE
or NFS4_SHARE_ACCESS_BOTH. Currently, we may also be passing in the NFSv4.1
share modes for controlling delegation requests in OPEN, which is wrong.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit adb4b42d19aea91826621a8d0bac94cf2c08f8bc
Author: Lance Shelton <lance.shelton@primarydata.com>
Date: Sun Jun 16 21:21:36 2024 -0400
Return the delegation when deleting sillyrenamed files
Add a callback to return the delegation in order to allow generic NFS
code to return the delegation when appropriate.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit d79ed371d51c57b2af74781466f1c0e821964b48
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:35 2024 -0400
NFSv4: Ask for a delegation or an open stateid in OPEN
Turn on the optimisation to allow the client to request that the server
not return the open stateid when it returns a delegation.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 1f0a6b3fa7a9405b74516611afa005075a21e810
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:34 2024 -0400
NFSv4: Add support for OPEN4_RESULT_NO_OPEN_STATEID
If the server returns a delegation stateid only, then don't try to set
an open stateid.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit d2a00cceb93a4df2afaceb836297628d0aeec7ad
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:33 2024 -0400
NFSv4: Detect support for OPEN4_SHARE_ACCESS_WANT_OPEN_XOR_DELEGATION
If the server supports the NFSv4.2 protocol extension to optimise away
returning a stateid when it returns a delegation, then we cache that
information in another capability flag.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 707f13b3d081ea811c40014e7b61f2c487ee9a4f
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:32 2024 -0400
NFSv4: Add support for the FATTR4_OPEN_ARGUMENTS attribute
Query the server for the OPEN arguments that it supports so that
we can figure out which extensions we can use.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 32215c1f893a11c5b0c6e1d70907cb40b54925ab
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:31 2024 -0400
NFSv4: Don't request atime/mtime/size if they are delegated to us
If the timestamps and size are delegated to the client, then it is
authoritative w.r.t. their values, so we should not be requesting those
values from the server.
Note that this allows us to optimise away most GETATTR calls if the only
changes to the attributes are the result of read() or write().
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
Conflicts:
fs/nfs/nfs4proc.c: Code difference because RHEL does not have
077c212f0344 ("fs: new accessor methods for atime and mtime")
commit b81aca09617cd768d07601a0ac96135d00b82bfe
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:29 2024 -0400
NFSv4: Delegreturn must set m/atime when they are delegated
If the atime or mtime attributes were delegated, then we need to
propagate their new values back to the server when returning the
delegation.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit e3e9d44de13f91fae4565c7d6dfc7ec3eb03b108
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:28 2024 -0400
NFSv4: Enable attribute delegations
If we see that the server supports attribute delegations, then request
them by setting the appropriate OPEN arguments.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit dcb3c20f741993efbd95be78aab93fac29516323
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:27 2024 -0400
NFSv4: Add a capability for delegated attributes
Cache whether or not the server may have support for delegated
attributes in a capability flag.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 86e1c54d152e2799671e149d6e4d1c1a4a2be857
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:26 2024 -0400
NFSv4: Add recovery of attribute delegations
After a reboot of the NFSv4.2 server, the recovery code needs to specify
whether the delegation to be recovered is an attribute delegation or
not.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit e12912d94137ab36ee704a91f465ff15c8b423da
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:25 2024 -0400
NFSv4: Add support for delegated atime and mtime attributes
Ensure that we update the mtime and atime correctly when we read
or write data to the file and when we truncate. Let the server manage
ctime on other attribute updates.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 4201916f2ab13577d45876f4bc784be55e4a83da
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:24 2024 -0400
NFSv4: Add a flags argument to the 'have_delegation' callback
This argument will be used to allow the caller to specify whether or not
they need to know that this is an attribute delegation.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 90f9ae74422d7e7447cb0ea21e1227142b58c52a
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:22 2024 -0400
NFSv4: Plumb in XDR support for the new delegation-only setattr op
We want to send the updated atime and mtime as part of the delegreturn
compound. Add a special structure to hold those variables.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 7cca0e962eb50b5321317a491d9fe6578ca8419f
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:20 2024 -0400
NFSv4: Refactor nfs4_opendata_check_deleg()
Modify it to no longer depend directly on the struct opendata.
This will enable sharing with WANT_DELEGATION.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 820620516993c151c88e9b59edc79ed12d1c31cd
Author: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Sun Jun 16 21:21:19 2024 -0400
NFSv4: Clean up open delegation return structure
Instead of having the fields open coded in the struct nfs_openres,
add a separate structure for them so that we can reuse that code
for the WANT_DELEGATION case.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 0460253913e50a2aec911fe83090d60397f17664
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Sat Feb 24 15:59:28 2024 -0500
NFSv4: nfs4_do_open() is incorrectly triggering state recovery
We're seeing spurious calls to nfs4_schedule_stateid_recovery() from
nfs4_do_open() in situations where there is no trigger coming from the
server.
In theory the code path being triggered is supposed to notice that state
recovery happened while we were processing the open call result from the
server, before the open stateid is published. However in the years since
that code was added, we've also added the 'session draining' mechanism,
which ensures that the state recovery will wait until all the session
slots have been returned. In nfs4_do_open() the session slot is only
returned on exit of the function, so we don't need the legacy mechanism.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-59704
commit 7e5ae43b2d0eb89560bf7da7c9c745d31bf72ffe
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Fri Feb 2 15:21:13 2024 -0500
NFSv4.1: add tracepoint to trunked nfs4_exchange_id calls
Add a tracepoint to track when the client sends EXCHANGE_ID to test
a new transport for session trunking.
nfs4_detect_session_trunking() tests for trunking and returns
EINVAL if trunking can't be done, add EINVAL mapping to
show_nfs4_status() in tracepoints.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-33888
Status: Linus
Conflicts: The cifs source has been moved in CentOS Stream so manually
apply rejected hunk to fs/smb/client/xattr.c.
Dropped hunks for ntfs3 because the source is not present in
the CentOS Stream source tree.
CentOS Stream commit 98ba731fc7 ("ovl: Move xattr support
to new xattrs.c file") moved ovl_own_xattr_set(), manually apply
changes.
CentOS Stream commit 67e2fcb2f3 ("evm: don't copy up
'security.evm' xattr") is present causing hunk #1 against
include/linux/evm.h to be rejected, manually apply.
Upstream commit 5d1ef2ce13a90 ("ima: Introduce
ima_get_current_hash_algo()") is not present in CentOS Stream
which causes fuzz 1 for hunk #1 against include/linux/ima.h.
There's a reject of hunk #1 for include/linux/lsm_hooks.h but
I can't see any reason for it, manually applied the hunk.
CentOS Stream does not have upstream commit ce5bb5a86e5eb
("ima: Return int in the functions to measure a buffer") which
results in a reject of hunk #2 against security/integrity/ima/ima.h
and hunks #8 and #11 against security/integrity/ima/ima_main.c, so
manually apply hunks. There also appears to be a whitespace
mismatch causing hunk #7 to report fuzz 2 on application.
CentOS Stream does not have upstream commit c7423dbdbc9ec
("ima: Handle -ESTALE returned by ima_filter_rule_match()")
which results in a reject of hunk #3 against
security/integrity/ima/ima_policy.c, so manually apply hunk.
commit 39f60c1ccee72caa0104145b5dbf5d37cce1ea39
Author: Christian Brauner <brauner@kernel.org>
Date: Fri Jan 13 12:49:23 2023 +0100
fs: port xattr to mnt_idmap
Convert to struct mnt_idmap.
Last cycle we merged the necessary infrastructure in
256c8aed2b42 ("fs: introduce dedicated idmap type for mounts").
This is just the conversion to struct mnt_idmap.
Currently we still pass around the plain namespace that was attached to a
mount. This is in general pretty convenient but it makes it easy to
conflate namespaces that are relevant on the filesystem with namespaces
that are relevent on the mount level. Especially for non-vfs developers
without detailed knowledge in this area this can be a potential source for
bugs.
Once the conversion to struct mnt_idmap is done all helpers down to the
really low-level helpers will take a struct mnt_idmap argument instead of
two namespace arguments. This way it becomes impossible to conflate the two
eliminating the possibility of any bugs. All of the vfs and all filesystems
only operate on struct mnt_idmap.
Acked-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Ian Kent <ikent@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-53004
commit 4840c00003a2275668a13b82c9f5b1aed80183aa
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Mon Jun 24 09:28:27 2024 -0400
NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server
Previously in order to mark the communication with the DS server,
we tried to use NFS_CS_DS in cl_flags. However, this flag would
only be saved for the DS server and in case where DS equals MDS,
the client would not find a matching nfs_client in nfs_match_client
that represents the MDS (but is also a DS).
Instead, don't rely on the NFS_CS_DS but instead use NFS_CS_PNFS.
Fixes: 379e4adfddd6 ("NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-53004
commit 28568c906c1bb5f7560e18082ed7d6295860f1c2
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Wed May 29 15:44:35 2024 -0400
NFSv4.1 enforce rootpath check in fs_location query
In commit 4ca9f31a2be66 ("NFSv4.1 test and add 4.1 trunking transport"),
we introduce the ability to query the NFS server for possible trunking
locations of the existing filesystem. However, we never checked the
returned file system path for these alternative locations. According
to the RFC, the server can say that the filesystem currently known
under "fs_root" of fs_location also resides under these server
locations under the following "rootpath" pathname. The client cannot
handle trunking a filesystem that reside under different location
under different paths other than what the main path is. This patch
enforces the check that fs_root path and rootpath path in fs_location
reply is the same.
Fixes: 4ca9f31a2be6 ("NFSv4.1 test and add 4.1 trunking transport")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-53004
commit f06d1b10cb016d5aaecdb1804fefca025387bd10
Author: Anna Schumaker <Anna.Schumaker@Netapp.com>
Date: Thu Apr 25 16:24:29 2024 -0400
NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS
Olga showed me a case where the client was sending multiple READ_PLUS
calls to the server in parallel, and the server replied
NFS4ERR_OPNOTSUPP to each. The client would fall back to READ for the
first reply, but fail to retry the other calls.
I fix this by removing the test for NFS_CAP_READ_PLUS in
nfs4_read_plus_not_supported(). This allows us to reschedule any
READ_PLUS call that has a NFS4ERR_OPNOTSUPP return value, even after the
capability has been cleared.
Reported-by: Olga Kornievskaia <kolga@netapp.com>
Fixes: c567552612 ("NFS: Add READ_PLUS data segment support")
Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 251a658bbfceafb4d58c76b77682c8bf7bcfad65
Author: Jorge Mora <jmora1300@gmail.com>
Date: Thu Jan 25 07:56:12 2024 -0700
NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
A call to listxattr() with a buffer size = 0 returns the actual
size of the buffer needed for a subsequent call. When size > 0,
nfs4_listxattr() does not return an error because either
generic_listxattr() or nfs4_listxattr_nfs4_label() consumes
exactly all the bytes then size is 0 when calling
nfs4_listxattr_nfs4_user() which then triggers the following
kernel BUG:
[ 99.403778] kernel BUG at mm/usercopy.c:102!
[ 99.404063] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP
[ 99.408463] CPU: 0 PID: 3310 Comm: python3 Not tainted 6.6.0-61.fc40.aarch64 #1
[ 99.415827] Call trace:
[ 99.415985] usercopy_abort+0x70/0xa0
[ 99.416227] __check_heap_object+0x134/0x158
[ 99.416505] check_heap_object+0x150/0x188
[ 99.416696] __check_object_size.part.0+0x78/0x168
[ 99.416886] __check_object_size+0x28/0x40
[ 99.417078] listxattr+0x8c/0x120
[ 99.417252] path_listxattr+0x78/0xe0
[ 99.417476] __arm64_sys_listxattr+0x28/0x40
[ 99.417723] invoke_syscall+0x78/0x100
[ 99.417929] el0_svc_common.constprop.0+0x48/0xf0
[ 99.418186] do_el0_svc+0x24/0x38
[ 99.418376] el0_svc+0x3c/0x110
[ 99.418554] el0t_64_sync_handler+0x120/0x130
[ 99.418788] el0t_64_sync+0x194/0x198
[ 99.418994] Code: aa0003e3 d000a3e0 91310000 97f49bdb (d4210000)
Issue is reproduced when generic_listxattr() returns 'system.nfs4_acl',
thus calling lisxattr() with size = 16 will trigger the bug.
Add check on nfs4_listxattr() to return ERANGE error when it is
called with size > 0 and the return value is greater than size.
Fixes: 012a211abd ("NFSv4.2: hook in the user extended attribute handlers")
Signed-off-by: Jorge Mora <mora@netapp.com>
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 956fd46f97d238032cb5fa4771cdaccc6e760f9a
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Sun Sep 24 13:14:15 2023 -0400
NFSv4: Fix a state manager thread deadlock regression
Commit 4dc73c679114 reintroduces the deadlock that was fixed by commit
aeabb3c961 ("NFSv4: Fix a NFSv4 state manager deadlock") because it
prevents the setup of new threads to handle reboot recovery, while the
older recovery thread is stuck returning delegations.
Fixes: 4dc73c679114 ("NFSv4: keep state manager thread active if swap is enabled")
Cc: stable@vger.kernel.org
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 037e56a22ff37f9a9c2330b66cff55d3d1ff9b90
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Wed Nov 15 13:55:29 2023 -0500
NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
Once the client has processed the CB_LAYOUTRECALL, but has not yet
successfully returned the layout, the server is supposed to switch to
returning NFS4ERR_RETURNCONFLICT. This patch ensures that we handle
that return value correctly.
Fixes: 183d9e7b11 ("pnfs: rework LAYOUTGET retry handling")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit f003a717ae9086b1e8a4663124a96862df7282e7
Author: Matthew Wilcox (Oracle) <willy@infradead.org>
Date: Fri Sep 15 18:33:33 2023 +0100
nfs: Convert nfs_symlink() to use a folio
Use the folio APIs, saving about four calls to compound_head().
Convert back to a page in each of the individual protocol implementations.
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 5cc7688bae7f0757c39c1d3dfdd827b724061067
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Fri Oct 13 11:04:10 2023 -0400
NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
If the client is doing pnfs IO and Kerberos is configured and EXCHANGEID
successfully negotiated SP4_MACH_CRED and WRITE/COMMIT are on the
list of state protected operations, then we need to make sure to
choose the DS's rpc_client structure instead of the MDS's one.
Fixes: fb91fb0ee7 ("NFS: Move call to nfs4_state_protect_write() to nfs4_write_setup()")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 6bd1a77dc72dea0b0d8b6014f231143984d18f6d
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Fri Sep 15 15:21:16 2023 -0400
NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking
Currently when client sends an EXCHANGE_ID for a possible trunked
connection, for any error that happened, the trunk will be thrown
out. However, an NFS4ERR_DELAY is a transient error that should be
retried instead.
Fixes: e818bd085baf ("NFSv4.1 remove xprt from xprt_switch if session trunking test fails")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 6e7434abcd07e8beb67fdc4af6207ae0490d5274
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Sat Sep 9 19:16:53 2023 -0400
NFSv4/pnfs: Allow layoutget to return EAGAIN for softerr mounts
If we're using the 'softerr' mount option, we may want to allow
layoutget to return EAGAIN to allow knfsd server threads to return a
JUKEBOX/DELAY error to the client instead of busy waiting.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit 5b9d31ae1c925bb5f15975e31b31ff5ae3c81f8f
Author: Trond Myklebust <trond.myklebust@hammerspace.com>
Date: Sat Sep 9 12:23:01 2023 -0400
NFSv4: Add a parameter to limit the number of retries after NFS4ERR_DELAY
When using a 'softerr' mount, the NFSv4 client can get stuck waiting
forever while the server just returns NFS4ERR_DELAY. Among other things,
this causes the knfsd server threads to busy wait.
Add a parameter that tells the NFSv4 client how many times to retry
before giving up.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34875
commit f496647e3b09945f54bdbe78a998130cf736b4fc
Author: Wedson Almeida Filho <walmeida@microsoft.com>
Date: Sat Sep 30 02:00:22 2023 -0300
nfs: move nfs4_xattr_handlers to .rodata
This makes it harder for accidental or malicious changes to
nfs4_xattr_handlers at runtime.
Cc: Trond Myklebust <trond.myklebust@hammerspace.com>
Cc: Anna Schumaker <anna@kernel.org>
Cc: linux-nfs@vger.kernel.org
Signed-off-by: Wedson Almeida Filho <walmeida@microsoft.com>
Link: https://lore.kernel.org/r/20230930050033.41174-19-wedsonaf@gmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-36683
Upstream Status: RHEL only
This reverts commit 08637d76a2 which is a
revert of "Merge: cgroup: Backport upstream cgroup commits up to v6.8"
Signed-off-by: Waiman Long <longman@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-24133
commit 6bd1a77dc72dea0b0d8b6014f231143984d18f6d
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Fri Sep 15 15:21:16 2023 -0400
NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking
Currently when client sends an EXCHANGE_ID for a possible trunked
connection, for any error that happened, the trunk will be thrown
out. However, an NFS4ERR_DELAY is a transient error that should be
retried instead.
Fixes: e818bd085baf ("NFSv4.1 remove xprt from xprt_switch if session trunking test fails")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34600
Conflicts:
1) A merge conflict in the kernel/signal.c hunk due to the presence
of RHEL-only commit 975d318867 ("signal: Don't disable preemption
in ptrace_stop() on PREEMPT_RT.").
2) A merge conflict in the kernel/time/hrtimer.c hunk due to the
presence of RHEL-only commit 5f76194136 ("time/hrtimer: Embed
hrtimer mode into hrtimer_sleeper").
3) The fs/cifs/inode.c hunk was applied to fs/smb/client/inode.c due
to the presence of upstream commit 38c8a9a52082 ("smb: move client
and server files to common directory fs/smb").
4) Similarly, the fs/cifs/transport.c hunk was applied to
fs/smb/client/transport.c manually due to the presence of
a later upstream commit d527f51331ca ("cifs: Fix UAF in
cifs_demultiplex_thread()").
Note that all the prerequiste patches in the same patch series
(https://lore.kernel.org/lkml/20220822111816.760285417@infradead.org/)
had already been merged into RHEL9.
commit f5d39b020809146cc28e6e73369bf8065e0310aa
Author: Peter Zijlstra <peterz@infradead.org>
Date: Mon, 22 Aug 2022 13:18:22 +0200
freezer,sched: Rewrite core freezer logic
Rewrite the core freezer to behave better wrt thawing and be simpler
in general.
By replacing PF_FROZEN with TASK_FROZEN, a special block state, it is
ensured frozen tasks stay frozen until thawed and don't randomly wake
up early, as is currently possible.
As such, it does away with PF_FROZEN and PF_FREEZER_SKIP, freeing up
two PF_flags (yay!).
Specifically; the current scheme works a little like:
freezer_do_not_count();
schedule();
freezer_count();
And either the task is blocked, or it lands in try_to_freezer()
through freezer_count(). Now, when it is blocked, the freezer
considers it frozen and continues.
However, on thawing, once pm_freezing is cleared, freezer_count()
stops working, and any random/spurious wakeup will let a task run
before its time.
That is, thawing tries to thaw things in explicit order; kernel
threads and workqueues before doing bringing SMP back before userspace
etc.. However due to the above mentioned races it is entirely possible
for userspace tasks to thaw (by accident) before SMP is back.
This can be a fatal problem in asymmetric ISA architectures (eg ARMv9)
where the userspace task requires a special CPU to run.
As said; replace this with a special task state TASK_FROZEN and add
the following state transitions:
TASK_FREEZABLE -> TASK_FROZEN
__TASK_STOPPED -> TASK_FROZEN
__TASK_TRACED -> TASK_FROZEN
The new TASK_FREEZABLE can be set on any state part of TASK_NORMAL
(IOW. TASK_INTERRUPTIBLE and TASK_UNINTERRUPTIBLE) -- any such state
is already required to deal with spurious wakeups and the freezer
causes one such when thawing the task (since the original state is
lost).
The special __TASK_{STOPPED,TRACED} states *can* be restored since
their canonical state is in ->jobctl.
With this, frozen tasks need an explicit TASK_FROZEN wakeup and are
free of undue (early / spurious) wakeups.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Link: https://lore.kernel.org/r/20220822114649.055452969@infradead.org
Signed-off-by: Waiman Long <longman@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-7936
commit 379e4adfddd6a2f95a4f2029b8ddcbacf92b21f9
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Mon Oct 9 10:59:01 2023 -0400
NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
This patches fixes commit 51d674a5e488 "NFSv4.1: use
EXCHGID4_FLAG_USE_PNFS_DS for DS server", purpose of that
commit was to mark EXCHANGE_ID to the DS with the appropriate
flag.
However, connection to MDS can return both EXCHGID4_FLAG_USE_PNFS_DS
and EXCHGID4_FLAG_USE_PNFS_MDS set but previous patch would only
remember the USE_PNFS_DS and for the 2nd EXCHANGE_ID send that
to the MDS.
Instead, just mark the pnfs path exclusively.
Fixes: 51d674a5e488 ("NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Jeffrey Layton <jlayton@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-7936
commit 4506f23e117161a20104c8fa04f33e1ca63c26af
Author: Olga Kornievskaia <kolga@netapp.com>
Date: Thu Jul 13 15:54:16 2023 -0400
NFSv4.1: fix zero value filehandle in post open getattr
Currently, if the OPEN compound experiencing an error and needs to
get the file attributes separately, it will send a stand alone
GETATTR but it would use the filehandle from the results of
the OPEN compound. In case of the CLAIM_FH OPEN, nfs_openres's fh
is zero value. That generate a GETATTR that's sent with a zero
value filehandle, and results in the server returning an error.
Instead, for the CLAIM_FH OPEN, take the filehandle that was used
in the PUTFH of the OPEN compound.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Jeffrey Layton <jlayton@redhat.com>
Benjamin Coddington
Scott Mayhew
Ian Kent
Lucas Zampieri
CKI Backport Bot
Waiman Long
Jeffrey Layton