Commit Graph

3414 Commits

Author SHA1 Message Date
Conrad Meyer
5ecc225fc5 nfsd: Fix use-after-free in NFS4 lock test service
Trivial use-after-free where stp was freed too soon in the non-error path.
To fix, simply move its release to the end of the routine.

Reported by:	Coverity
CID:		1006105
Sponsored by:	EMC / Isilon Storage Division
2016-05-12 05:03:12 +00:00
Konstantin Belousov
b6a60ae74a Use vfs_hash_ref(9) to eliminate LK_EXCLOTHER kludge. As a
consequence, the nfs client override of VOP_LOCK1() is no longer
needed.

Reviewed and tested by:	rmacklem
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-05-11 06:35:46 +00:00
Rick Macklem
de2413b95e Don't increment srvrpccnt[] for the NFSv4.1 operations.
When support for NFSv4.1 was added to the NFS server, it broke
the server rpc count stats, since newnfsstats.srvrpccnt[] doesn't
have entries for the new NFSv4.1 operations.
Without this patch, the code was incrementing bogus entries in
newnfsstats for the new NFSv4.1 operations.
This patch is an interim fix. The nfsstats structure needs to be
updated and that will come in a future commit.

Reported by:	cem
MFC after:	2 weeks
2016-05-07 22:45:08 +00:00
Pedro F. Giffuni
ee58b56452 nfsserver: minor spelling fix in comment.
No functional change.
2016-05-06 23:40:37 +00:00
Rick Macklem
8eabbbe24b Give mountd -S priority over outstanding RPC requests when suspending the nfsd.
It was reported via email that under certain heavy RPC loads
long delays before the exports would be updated was observed
when using "mountd -S". This patch reverses the priority between
the exclusive lock request to suspend the nfsd threads and the
shared lock request for performing RPCs.
As such, when mountd attempts to suspend the nfsd threads, it
gets priority over outstanding RPC requests to do this.
I suspect that the case reported was an artificial test load,
but this patch did fix the problem for the reporter.

Reported and Tested by:	josephlai@qnap.com
MFC after:	2 weeks
2016-05-06 23:26:17 +00:00
Ed Maste
8edac6eee6 Add nid_namelen bounds check to nfssvc system call
This is only allowed by root and only used by the nfs daemon, which
should not provide an incorrect value. However, it's still good
practice to validate data provided by userland.

PR:		206626
Reported by:	CTurt <cturt@hardenedbsd.org>
Reviewed by:	rmacklem
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D6201
2016-05-06 21:19:28 +00:00
Ed Maste
58fef175e4 Rationalize license numbering in fdescfs(5) 2016-04-30 16:01:37 +00:00
Pedro F. Giffuni
4ed3c0e713 sys: Make use of our rounddown() macro when sys/param.h is available.
No functional change.
2016-04-30 14:41:18 +00:00
Ed Maste
799e4e488f ANSIfy fdescfs(5) 2016-04-30 12:44:03 +00:00
Pedro F. Giffuni
b3a15ddd5b sys/fs: spelling fixes in comments.
No functional change.
2016-04-29 20:51:24 +00:00
Pedro F. Giffuni
91a25a7d6d fs/ext2fs: spelling fixes on comment.
No functional change.
2016-04-29 20:45:50 +00:00
Pedro F. Giffuni
a96c9b30e2 NFS: spelling fixes on comments.
No funcional change.
2016-04-29 16:07:25 +00:00
Pedro F. Giffuni
b114da42af sys/devfs: unsign an index to prevent signed integer overflow.
cdp_maxdirent in struct:cdev_priv is of type u_int.  Use the same
type for the corresponding index in devfs_revoke().

MFC after:	1 week
2016-04-28 02:39:43 +00:00
Kristof Provost
66527f742b msdosfs: Prevent buffer overflow when expanding win95 names
In win2unixfn() we expand Windows 95 style long names. In some cases that
requires moving the data in the nbp->nb_buf buffer backwards to make room. That
code failed to check for overflows, leading to a stack overflow in win2unixfn().

We now check for this event, and mark the entire conversion as failed in that
case. This means we present the 8 character, dos style, name instead.

PR: 204643
Differential Revision:	https://reviews.freebsd.org/D6015
2016-04-26 20:36:32 +00:00
Pedro F. Giffuni
55e0987aea sys: extend use of the howmany() macro when available.
We have a howmany() macro in the <sys/param.h> header that is
convenient to re-use as it makes things easier to read.
2016-04-26 15:38:17 +00:00
Pedro F. Giffuni
ee7ae58a45 ext2fs: make use of the howmany() macro when available.
We have a howmany() macro in the <sys/param.h> header that is
convenient to re-use as it makes things easier to read.

MFC after:	2 weeks
2016-04-26 01:41:15 +00:00
Rick Macklem
ae03cbd7f3 Allow the NFSv4 server to reply NFSERR_WRONGSEC for the SetClientID operation.
It was reported via email that a Linux client couldn't do a Kerberized
NFS mount when only "sec=krb5" was specified for the exports. The Linux
client attempted a mount via krb5i and the server replied NFSERR_SERVERFAULT.
Although NFSERR_WRONGSEC isn't listed as an error for SetClientID, I
think it is the correct reply, so this patch enables that.
I do not know if this fixes the mount attempt, but adding "krb5i" to the
list of allowed security flavours does allow the mount to work.

Reported by:	joef@spectralogic.com
MFC after:	2 weeks
2016-04-23 21:18:45 +00:00
Pedro F. Giffuni
4cb92c4cf4 ext2_htree_release(): prevent signed integer overflow in a loop.
h_levels_num, as most data structs in ext2fs, is unsigned so
the index that addresses it has to be unsigned as well.

To get to overflow here we would probably be considering a
degenerate case though.

MFC after:	5 days
2016-04-23 18:28:59 +00:00
Rick Macklem
0533d72612 Fix a LOR in the NFSv4.1 server.
The ordering of acquisition of the state and session mutexes was
reversed in two cases executed when an NFSv4.1 client created/freed
a session. Since clients will typically do this only when mounting
and dismounting, the likelyhood of causing a deadlock was low but possible.
This can only occur for NFSv4.1 mounts, since the others do not
use sessions.
This was detected while testing the pNFS server/client where the
client crashed during dismounting.
The patch also reorders the unlocks, although that isn't necessary
for correct operation.

MFC after:	2 weeks
2016-04-23 01:22:04 +00:00
Pedro F. Giffuni
d9c9c81c08 sys: use our roundup2/rounddown2() macros when param.h is available.
rounddown2 tends to produce longer lines than the original code
and when the code has a high indentation level it was not really
advantageous to do the replacement.

This tries to strike a balance between readability using the macros
and flexibility of having the expressions, so not everything is
converted.
2016-04-21 19:57:40 +00:00
Pedro F. Giffuni
02abd40029 kernel: use our nitems() macro when it is available through param.h.
No functional change, only trivial cases are done in this sweep,

Discussed in:	freebsd-current
2016-04-19 23:48:27 +00:00
Pedro F. Giffuni
0d3e502f92 fs misc: for pointers replace 0 with NULL.
Mostly cosmetical, no functional change.

Found with devel/coccinelle.
2016-04-15 17:28:24 +00:00
Rick Macklem
13c581fc54 If the VOP_SETATTR() call that saves the exclusive create verifier failed,
the NFS server would leave the newly created vnode locked. This could
result in a file system that would not unmount and processes wedged,
waiting for the file to be unlocked.
Since this VOP_SETATTR() never fails for most file systems, this bug
doesn't normally manifest itself. I found it during testing of an
exported GlusterFS file system, which can fail.
This patch adds the vput() and changes the error to the correct NFS one.

MFC after:	2 weeks
2016-04-12 20:23:09 +00:00
Rick Macklem
84aa8a8ad1 Bruce Evans reported that there was a performance regression between
the old and new NFS clients. He did a good job of isolating the problem
which was caused by the new NFS client not setting the post write mtime
correctly. The new NFS client code was cloned from the old client, but
was incorrect, because the mtime in the nfs vnode's cache wasn't yet
updated. This patch fixes this problem. The patch also adds missing mutex
locking.

Reported and tested by:	bde
MFC after:	2 weeks
2016-04-11 21:55:21 +00:00
Pedro F. Giffuni
e45e8680ed ext2fs: replace 0 with NULL for pointers.
While here do late initialization of ebap, similar as was
done in UFS.

Found with devel/coccinelle.

MFC after:	2 weeks
2016-04-11 00:12:24 +00:00
Pedro F. Giffuni
74b8d63dcc Cleanup unnecessary semicolons from the kernel.
Found with devel/coccinelle.
2016-04-10 23:07:00 +00:00
Kevin Lo
2b3506d919 Fix comment. 2016-04-08 04:29:05 +00:00
Edward Tomasz Napierala
ae34b6ff96 Add four new RCTL resources - readbps, readiops, writebps and writeiops,
for limiting disk (actually filesystem) IO.

Note that in some cases these limits are not quite precise. It's ok,
as long as it's within some reasonable bounds.

Testing - and review of the code, in particular the VFS and VM parts - is
very welcome.

MFC after:	1 month
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5080
2016-04-07 04:23:25 +00:00
Kevin Lo
df04a188af Update comment: Linux does set a randomized generation number of an inode
on ext2/3/4.

While here use arc4random() instead of random().

Reviewed by:	pfg
MFC after:	3 days
2016-04-01 03:21:01 +00:00
Konstantin Belousov
cc4916adf2 Do not access buffer if bread(9) or cluster_read(9) failed. On error,
the functions free the buffer and set the pointer to NULL.  Also
remove useless call to brelse(9) on the error path.

PR:	208275
Submitted by:	Fabian Keil <fk@fabiankeil.de>
MFC after:	2 weeks
2016-03-29 19:59:44 +00:00
Kevin Lo
98a768596e Update superblock and inode structs for ext4.
Reviewed by:	pfg
2016-03-28 07:44:55 +00:00
Edward Tomasz Napierala
42ed64e39b Speed up lookups in autofs(5) by using red-black trees instead of linear
searches.

Reviewed by:	kib@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5627
2016-03-24 13:34:39 +00:00
Edward Tomasz Napierala
f8eecb9709 Pacify Coverity in a better way, to avoid write-only variable when building
without INVARIANTS.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-03-16 14:00:45 +00:00
Edward Tomasz Napierala
ee4256cf01 Pacify Coverity.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-03-15 20:42:36 +00:00
Edward Tomasz Napierala
49d8ebfe0e Remove name length limitation from autofs(5). The linear search with
strlens is somewhat suboptimal, but it's a temporary measure that will
be replaced with red-black trees later on.

PR:		204417
Reviewed by:	kib@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5266
2016-03-13 14:17:23 +00:00
Edward Tomasz Napierala
7571d31339 Use S_BLKSIZE instead of magic constant.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-03-12 09:33:26 +00:00
Edward Tomasz Napierala
f69db55151 Remove cn_consume from 'struct componentname'. It was never set to anything
other than 0.

Reviewed by:	kib@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5611
2016-03-12 08:50:38 +00:00
Edward Tomasz Napierala
213ed83855 Fix autofs triggering problem. Assume you have an NFS server,
192.168.1.1, with share "share". This commit fixes a problem
where "mkdir /net/192.168.1.1/share/meh" would return spurious
error instead of creating the directory if the target filesystem
wasn't mounted yet; subsequent attempts would work correctly.

The failure scenario is kind of complicated to explain, but it all
boils down to calling VOP_MKDIR() for the target filesystem (NFS)
with wrong dvp - the autofs vnode instead of the filesystem root
mounted over it.

Reviewed by:	kib@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5442
2016-03-12 07:54:42 +00:00
Konstantin Belousov
ffc161df9f Do not perform unneccessary shared recursion on the allproc_lock in
pfs_visible().  The recursion does not cause deadlock because the sx
implementation does not prefer exclusive waiters over the shared, but
this is an implementation detail.

Reported by:	pho, Matthew Bryan <matthew.bryan@isilon.com>
Reviewed by:	jhb
Tested by:	pho
Approved by:	des (pseudofs maintainer)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2016-03-11 11:51:38 +00:00
Konstantin Belousov
f36aa2b792 Pass MNTK_NO_IOPF and MNTK_UNMAPPED_BUFS flags from the lower
filesystem to the nullfs mount.

MNTK_NO_IOPF must be present on the nullfs struct mount so that struct
file fo_read and fo_write fops operate in the mode requested by the
lower mount.

MNTK_UNMAPPED_BUFS allows VOP_GETPAGES() to use unmapped buffers.  It
does not matter for VOP_GETPAGES() calls from vm_fault() since handle
of the vm_object always points to the lower vnode.  But it may be
useful for other situations where VOP_GETPAGES() is used.

Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2016-03-04 17:24:28 +00:00
Pedro F. Giffuni
308c3c240f Ext2: cleanup setting of ctime/mtime/birthtime.
This adopts the same change as r291936 for UFS.
Directly clear IN_ACCESS or IN_UPDATE when user supplied the time, and
copy the value into the inode.

This keeps the behaviour cleaner and is consistent with UFS.

Reviewed by:	bde
MFC after:	1 month (only 10)
2016-02-19 15:53:08 +00:00
Konstantin Belousov
830cd4b810 After nullfs rmdir operation, reclaim the directory vnode which was
unlinked.  Otherwise the vnode stays cached, causing leak.  This is
similar to r292961 for regular files.

Reported and tested by:	pho (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-02-17 19:43:03 +00:00
Pedro F. Giffuni
00e24e4173 ext2fs: Remove panics for rename() race conditions.
Sync with r84642 from UFS:

The panics are inappropriate because the IN_RENAME flag only fixes a
few of the huge number of race conditions that can result in the
source path becoming invalid even prior to the VOP_RENAME() call.

Found accidentally while checking an issue from PVS Static Analysis.

MFC after:	3 days
2016-02-14 19:52:50 +00:00
Pedro F. Giffuni
e296c1df6f cd9660: More "check for NULL" cleaunps.
Cleanup some checks for NULL. Most of these were always unnecessary and
starting with r294954 brelse() doesn't need any NULL checks at all.

For now keep the checks somewhat consistent with NetBSD in case we want to
merge the cleanups to older versions.
2016-02-12 22:46:14 +00:00
Mark Johnston
785eb42adf Clear the cookie pointer on error in tmpfs_readdir().
It is otherwise left dangling, and callers that request cookies always free
the cookie buffer, even when VOP_READDIR(9) returns an error. This results
in a double free if tmpfs_readdir() returns an error to the NFS server or
the Linux getdents(2) emulation code.

Reported by:	pho
MFC after:	1 week
Security:	double free of malloc(9)-backed memory
Sponsored by:	EMC / Isilon Storage Division
2016-02-12 20:43:53 +00:00
Pedro F. Giffuni
a633908d21 Ext4: Use boolean type instead of '0' and '1'
There are precedents of uses of bool in the kernel and
it is incorrect style to use integers as replacement for
a boolean type.
2016-02-11 15:27:14 +00:00
Pedro F. Giffuni
78f6ea5440 Ext4: fix handling of files with sparse blocks before extent's index.
This is ongoing work from Damjan Jovanovic to improve ext4 read support
with sparse files:

Keep track of the first and last block in each extent as it descends down
the extent tree, thus being able to work out that some blocks are sparse
earlier. This solves an issue on r293680.

In ext4_bmapext() start supporting the runb parameter, which appears to be
the number of adjacent blocks prior to the block being converted in the
same way that runp is the number of blocks after, speding up random access
to mmaped files.

PR:	206652
2016-02-11 00:34:11 +00:00
Pedro F. Giffuni
9da20ec3a0 Revert r295359:
CID 1018688 is a false positive.

The initialization is done by calling vn_start_write(... &mp, flags).
mp is only an output parameter unless (flags & V_MNTREF), and fdesc
doesn't put V_MNTREF in flags.

Pointed out by:	bde
2016-02-07 15:40:01 +00:00
Pedro F. Giffuni
db7e4ae81a msdosfs_rename: yet another unused value.
As with r295355, it seems to be left over from a cleanup
in r33548. The code is not in NetBSD either.

Thanks to bde for checking out the history.
2016-02-07 15:36:16 +00:00
Pedro F. Giffuni
062b0cc0e6 cd9660: Drop an unnecessary check for NULL.
This was unnecessary and also confused Coverity.

Confirmed on:	NetBSD
CID:		978558
2016-02-07 03:48:40 +00:00