Commit Graph

242 Commits

Author SHA1 Message Date
brooks
c0f74adc04 Correct a type-mismatch between xdr_long and the variable "bad".
Way back in r28911 (August 1997, CVS rev 1.22) we imported a NetBSD
information leak fix via OpenBSD.  Unfortunatly we failed to track the
followup commit that fixed the type of the error code.  Apply the change
from int to long now.

Reviewed by:	emaste
Found by:	CHERI
Obtained from:	CheriBSD
MFC after:	3 days
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25779
2020-07-22 23:39:58 +00:00
brooks
a90c65d635 Avoid reading one byte before the path buffer.
This happens when there's only one component (e.g. "/foo"). This
(mostly-harmless) bug has been present since June 1990 when it was
commited to mountd.c SCCS version 5.9.

Note: the bug is on the second changed line, the first line is changed
for visual consistency.

Reviewed by:	cem, emaste, mckusick, rmacklem
Found with:	CHERI
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25759
2020-07-22 21:44:51 +00:00
rmacklem
39ad463b50 Make use of the UID_NOBODY and GID_NOGROUP definitions in sys/conf.h.
r362214 exposed UID_NOBODY and GID_NOGROUP to userspace, so use them
instead of the numbers.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D25281
2020-06-16 02:35:30 +00:00
rmacklem
1bfe4e8613 Modify mountd to use the new struct export_args committed by r362158.
r362158 modified struct export_args for make the ex_flags field 64bits
and also changed the anonymous credentials to allow more than 16 groups.
This patch fixes mountd.c to use the new structure.
It does allocate larger exportlist and grouplist structures now.
That will be fixed in a future commit.
The only visible change will be that the credentials provided for the
-maproot and -mapall exports options can now have more than 16 groups.

Reviewed by:	kib, freqlabs
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D25088
2020-06-14 00:40:00 +00:00
rmacklem
e44ddca6f1 Fix a bug where XU_NGROUPS + 1 groups might be copied.
r361780 fixed the code so that it would only remove the duplicate when
it actually existed. However, that might have resulted in XU_NGROUPS + 1
groups being copied, running off the end of the array. This patch fixes
the problem.

Spotted during code inspection for other mountd changes.

MFC after:	2 weeks
2020-06-09 05:01:23 +00:00
rmacklem
e2cdf84049 Fix mountd so that it will not lose SIGHUPs that indicate "reload exports".
Without this patch, if a SIGHUP is handled while the process is executing
get_exportlist(), that SIGHUP is essentially ignored because the got_sighup
variable is reset to 0 after get_exportlist().
This results in the exports file(s) not being reloaded until another SIGHUP
signal is sent to mountd.
This patch fixes this by resetting got_sighup to zero before the
get_exportlist() call while SIGHUP is blocked.
It also defines a delay time of 250msec before doing another exports reload
if there are RPC request(s) to process. This prevents repeated exports reloads
from delaying handling of RPC requests significantly.

PR:		246597
Reported by:	patrykkotlowski@gmail.com
Tested by:	patrykkotlowski@gmail.com
Reviewed by:	markj
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D25127
2020-06-06 00:40:02 +00:00
rmacklem
0b31143acc Fix mountd to handle getgrouplist() not returning groups[0] == groups[1].
Prior to r174547, getgrouplist(3) always returned a groups list with
element 0 and 1 set to the basegid argument, so long as ngroups was > 1.
Post-r174547 this is not the case. r328304 disabled the deduplication that
removed the duplicate, but the duplicate still does not occur unless the
group for a user in the password database is also entered in the group
database.
This patch fixes mountd so that it handles the case where a user specified
with the -maproot or -mapall exports option has a getgrouplist(3) groups
list where groups[0] != groups[1].
Found while testing another mountd patch.

MFC after:	2 weeks
2020-06-04 00:28:20 +00:00
freqlabs
30596480c9 Deduplicate fsid comparisons
Comparing fsid_t objects requires internal knowledge of the fsid structure
and yet this is duplicated across a number of places in the code.

Simplify by creating a fsidcmp function (macro).

Reviewed by:	mjg, rmacklem
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D24749
2020-05-21 01:55:35 +00:00
markj
f40af767aa Add a reference to the NFSv3 RFC.
PR:		239721
Submitted by:	Gordon Bergling <gbergling@gmail.com>
MFC after:	3 days
2019-08-08 21:08:13 +00:00
mav
1669b01720 Fix strsep_quote() on strings without quotes.
For strings without quotes and escapes dstptr and srcptr are equal, so
zeroing *dstptr before checking *srcptr is not a good idea.  In practice
it means that in -maproot=65534:65533 everything after the colon is lost.

The problem was there since r293305, but before r346976 it was covered by
improper strsep_quote() usage.

PR:		238725
MFC after:	3 days
Sponsored by:	iXsystems, Inc.
2019-06-25 17:00:53 +00:00
rmacklem
05eac2f211 r348590 had mention of "-I" in a comment that no longer applied to the patch.
Take "-I" out of the comment line, since the patch no longer uses the "-I"
option.

MFC after:	1 month
2019-06-03 23:07:46 +00:00
rmacklem
2b3f398e4e Modify mountd so that it incrementally updates the kernel exports upon a reload.
Without this patch, mountd would delete/load all exports from the exports
file(s) when it receives a SIGHUP. This works fine for small exports file(s),
but can take several seconds to do when there are large numbers (10000+) of
exported file systems. Most of this time is spent doing the system calls
that delete/export each of these file systems. When the "-S" option
has been specified (the default these days), the nfsd threads are suspended
for several seconds while the reload is done.

This patch changes mountd so that it only does system calls for file systems
where the exports have been changed/added/deleted as compared to the exports
done for the previous load/reload of the exports file(s).
Basically, when SIGHUP is posted to mountd, it saves the exportlist structures
from the previous load and creates a new set of structures from the current
exports file(s). Then it compares the current with the previous and only does
system calls for cases that have been changed/added/deleted.
The nfsd threads do not need to be suspended until the comparison step is
being done. This results in a suspension period of milliseconds for a server
with 10000+ exported file systems.

There is some code using a LOGDEBUG() macro that allow runtime debugging
output via syslog(LOG_DEBUG,...) that can be enabled by creating a file
called /var/log/mountd.debug. This code is expected to be replaced with
code that uses dtrace by cy@ in the near future, once issues w.r.t. dtrace
in stable/12 have been resolved.

The patch should not change the usage of the exports file(s), but improves
the performance of reloading large exports file(s) where there are only a
small number of changes done to the file(s).

Tested by:	pen@lysator.liu.se
PR:		237860
Reviewed by:	kib
MFC after:	1 month
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D20487
2019-06-03 22:58:51 +00:00
rmacklem
66fe452845 Replace a single linked list with a hash table of lists.
mountd.c uses a single linked list of "struct exportlist" structures,
where there is one of these for each exported file system on the NFS server.
This list gets long if there are a large number of file systems exported and
the list must be searched for each line in the exports file(s) when
SIGHUP causes the exports file(s) to be reloaded.
A simple benchmark that traverses SLIST() elements and compares two 32bit
fields in the structure for equal (which is what the search is)
appears to take a couple of nsec. So, for a server with 72000 exported file
systems, this can take about 5sec during reload of the exports file(s).
By replacing the single linked list with a hash table with a target of
10 elements per list, the time should be reduced to less than 1msec.
Peter Errikson (who has a server with 72000+ exported file systems) ran
a test program using 5 hashes to see how they worked.
fnv_32_buf(fsid,..., 0)
fnv_32_buf(fsid,..., FNV1_32_INIT)
hash32_buf(fsid,..., 0)
hash32_buf(fsid,..., HASHINIT)
- plus simply using the low order bits of fsid.val[0].
The first three behaved about equally well, with the first one being
slightly better than the others.
It has an average variation of about 4.5% about the target list length
and that is what this patch uses.
Peter Errikson also tested this hash table version and found that the
performance wasn't measurably improved by a larger hash table, so a
load factor of 10 appears adequate.

Tested by:	pen@lysator.liu.se (with other patches)
PR:		237860
MFC after:	1 month
2019-05-31 01:28:48 +00:00
dchagin
a25b408b04 Complete LOCAL_PEERCRED support. Cache pid of the remote process in the
struct xucred. Do not bump XUCRED_VERSION as struct layout is not changed.

PR:		215202
Reviewed by:	tijl
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D20415
2019-05-30 14:24:26 +00:00
rmacklem
1d91d4ba68 Replace global list for grouplist with list(s) for each exportlist element.
In mountd.c, the grouplist structures are linked into a single global
linked list headed by "grphead". The only use of this linked list is
to free all list elements when the exportlist elements are also all being
free'd at the time the exports are being reloaded.
This patch replaces this one global linked list head with a list head in
each exportlist structure, where the grouplist elements for that exported
file system are linked.
The only change is that now the grouplist elements are free'd with the
associated exportlist element as they are free'd instead of all grouplist
elements being free'd after the exportlist elements are free'd. This
change should have no effect in practice.
This is being done, since a future patch that will add a "-I" option for
incrementally updating the exports in the kernel needs to know which
grouplist elements are associated with each exported file system and
having them linked into a list headed by the exportlist element does that.

MFC after:	1 month
2019-05-14 22:00:47 +00:00
rmacklem
947c947081 Factor code into two new functions in preparation for a future commit.
Factor code into two functions.
read_exportfile() a functon  which reads the exports file(s) and calls
get_exportlist_one() to process each of them.
delete_export() a function which deletes the exports in the kernel for a file
system.
The contents of these functions is just the same code as was used to do the
operations, moved into separate functions. As such, there is no semantic change.
This is being done in preparation for a future commit that will add an
option to do incremental changes of kernel exports upon receiving SIGHUP.

MFC after:	1 month
2019-05-11 22:41:58 +00:00
rmacklem
ae62693aba Factor out some exportlist list operations into separate functions.
This patch moves the code that removes and frees all exportlist elements
out into a separate function called free_exports().
It does the same for the insertion of a new exportlist entry into a list.
It also adds a second argument to ex_search() for the list to use.
None of these changes have any semantic effect. They are being done to
prepare the code for future patches that convert the single linked list
for the exportlist to a hash table of lists and a patch that will do
incremental changes of exports in the kernel.
And it fixes the argument for SLIST_HEAD_INITIALIZER() to be a pointer,
which doesn't really matter, since SLIST_HEAD_INITIALIZER() doesn't use
the argument.

MFC after:	1 month
2019-05-10 23:52:17 +00:00
mav
b79e2c5dca Respect quotes and escapes when splitting exports fields.
Without this r293305 was still unable to handle names with spaces.

MFC after:	1 week
Sponsored by:	iXsystems, Inc.
2019-04-30 21:38:38 +00:00
cracauer
48cc2cb19f Bump .Dd for today's edit.
Thank you Enji Cooper
2019-02-11 16:31:15 +00:00
cracauer
f47b0a3159 Clarify NFSv4 /etc/exports semantics, with working example.
The existing wording has been confusing users for years.
2019-02-11 15:51:28 +00:00
sef
9840df76dd Reduce number of DNS queries in mountd.
As reported by a FreeNAS user (see https://redmine.ixsystems.com/issues/55728),
mountd does more calls to getnameinfo() than it needs to; this changes it to
only call it for the RPC calls it needs the name information for.

Reported by:	Dave Flowers
Reviewed by:	imp, mav
Approved by:	mav (mentor)
MFC after:	2 weeks
Sponsored by:	iXsystems Inc
Differential Revision:	https://reviews.freebsd.org/D18430
2018-12-06 18:21:48 +00:00
sef
2ca9bd53e7 mountd has no way to configure the listen queue depth; rather than add a new
option, we pass -1 down to listen, which causes it to use the
kern.ipc.soacceptqueue sysctl.

Approved by:	mav
MFC after:	2 weeks
Sponsored by:	iXsystems Inc
2018-11-14 19:06:43 +00:00
avg
5c07adbdc3 mountd: fix a crash when getgrouplist reports too many groups
Previously the code only warned about the condition and then happily
proceeded to use the too large value resulting in the array
out-of-bounds access.

Obtained from:	Panzura (Chuanbo Zheng)
MFC after:	10 days
Sponsored by:	Panzura
2018-04-16 09:17:36 +00:00
rpokala
739005fe70 mountd: Return proper errno values in a few error paths
When attempting to mount a non-directory which exists, return ENOTDIR instead
of ENOENT. If stat() or statfs() failed, don't pass part of the invalid
(struct statfs) to ex_search(). In that same case, preserve the value of "bad"
rather than overwriting with EACCES.

Submitted by:	Bruce Leverett (Panasas)
Reviewed by:	rmacklem
MFC after:	1 week
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D14438
2018-02-21 00:19:02 +00:00
cem
d0186d4924 mountd(8): Produce vaguely meaningful error messages
Sponsored by:	Dell EMC Isilon
2018-02-08 01:34:35 +00:00
pfg
872b698bd4 General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
bdrewery
a598c4b809 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
manu
4dde44884f mountd: Convert mountlist to SLIST
Use SLIST from sys/queue.h instead of homebrew linked list for mountlist.

Reviewed by:	bapt, rmacklem
MFC after:	1 week
Sponsored by:	Gandi.net
Differential Revision:	https://reviews.freebsd.org/D12504
2017-10-04 08:48:05 +00:00
manu
bc78dac94d mountd: Convert exportlist to SLIST
Use SLIST from sys/queue.h instead of homebrew linked list for the exportlist.

Reviewed by:	bapt, rmacklem
MFC after:	1 week
Sponsored by:	Gandi.net
Differential Revision:	https://reviews.freebsd.org/D12502
2017-10-04 08:43:56 +00:00
manu
e41366bcde mountd: Avoid memory leak by freeing dp_dirp
Introduced in r324007, the data alloced by strdup was never free'ed.
While here, remove cast to caddr_t when freeing dp.

Reported by:	bde
MFC after:	1 week
X MFC With:	r324007
2017-09-26 12:15:13 +00:00
manu
08db33b929 mountd: Remove unneeded cast
Reported by:	kib
MFC after:	1 week
X MFC With:	r324007
2017-09-26 11:11:17 +00:00
manu
b5f772e784 mountd: Replace malloc+strcpy to strdup
Reviewed by:	bapt
MFC after:	1 week
Sponsored by:	Gandi.net
Differential Revision:	https://reviews.freebsd.org/D12503
2017-09-26 09:18:18 +00:00
rmacklem
d6d737b0c0 Update the exports.5 man page to reflect the change in default uid/gid
made by r318262.

This is a content change.
2017-05-20 23:25:07 +00:00
rmacklem
8fe18be13a Change the default uid/gid values for nobody/nogroup to 65534/65533.
The default values found in /etc/passwd and /etc/group are 65534, 65533.
In mountd.c, the defaults were -2, which was 65534 back when uid_t was 16bits.
Without this patch, a file created by root on an NFS exported volume without
the "-root=" export option will end up owned by uid 4**32 - 2.
When discussed on freebsd-current@, it seemed that users preferred the
values being changed to 65534/65533.
I have not added code to acquire these values from the databases, since
the mountd daemon might get "stuck" during startup waiting for a non-responsive
password database server.

Discussed on:	freebsd-current
2017-05-14 00:38:41 +00:00
ngie
ba4a75dd95 usr.sbin: normalize paths using SRCTOP-relative paths or :H when possible
This simplifies make logic/output

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-04 11:38:03 +00:00
imp
7e6cabd06e Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
rmacklem
6946fcda45 Fix the man page to reflect the change done by r307890 to mountd.c
so that the "-n" option uses the sysctl for the new NFS server.
This is a content change.

PR:		213450
Submitted by:	rs@bytecamp.net
MFC after:	2 weeks
2016-10-25 00:59:23 +00:00
rmacklem
98386c04cf mountd(8) was erroneously setting the sysctl for the old NFS server
when the new/default NFS server was running, for the "-n" option.

This patch fixes the problem for head and stable/11. For stable/10 the
patch will need to be modified when MFC'd, since the stable/10 mountd.c
handles both old and new NFS servers.
Since the new NFS server uses vfs.nfsd.nfs_privport == 0 by default,
there wouldn't have been many users affected by the code not setting
it to 0 when the "-n" option was specified.

PR:		213450
Submitted by:	rs@bytecamp.net
MFC after:	2 weeks
2016-10-25 00:52:42 +00:00
araujo
b9642c7349 Use MIN macro from sys/param.h.
MFC after:	2 weeks.
2016-05-02 01:49:42 +00:00
pfg
26c891f034 Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
jpaetzel
57f950f661 Allow /etc/exports to contain usernames/groups with spaces in them.
If you are getting your users/groups from a directory service such
as LDAP or AD it's possible for those usernames or groupnames to
contain spaces.

Submitted by:	Sean E. Fagan
Reviewed by:	rmacklem
MFC after:	1 week
Sponsored by:	iXsystems
2016-01-07 05:34:39 +00:00
uqs
11e0dd6c90 Fix type mismatches for malloc(3) and Co.
This is rather pedantic, as for most architectures it holds that
sizeof(type *) == sizeof(type **)

Found by:	clang static analyzer
Reviewed by:	ed
Differential Revision: https://reviews.freebsd.org/D4722
2015-12-29 11:24:41 +00:00
trasz
b8c5808ce8 Staticize some stuff in mountd(8); no functional changes.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-07-04 08:40:48 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
sjg
65145fa4c8 Merge sync of head 2015-05-27 01:19:58 +00:00
rmacklem
8df65c37f2 Add a warning message to mountd for exported file
systems that are automounted, since that configuration
isn't supported. This still allows the export, since
two emails I received felt that this should not be
disabled. It sends the message to syslog(LOG_ERR..), so that
it goes to the same places as the other messages related
to /etc/exports problems, even though it is a warning and not an error.

Reviewed by:	trasz
MFC after:	2 weeks
2015-05-16 12:05:26 +00:00
trasz
3bcd59aa88 Remove oldnfs leftovers from mountd(8).
Reviewed by:	rmacklem@
Sponsored by:	The FreeBSD Foundation
2015-04-29 12:33:00 +00:00
sjg
ec15646849 No need to delete export from filesystems which are not exported. 2015-04-18 19:52:39 +00:00
kib
7a1bb0de5f Mountd iterating over the mount points may race with the parallel
unmount, which causes error from nmount(2) call when performing
MNT_DELEXPORT over the directory which ceased to be a mount point.

The race is legitimate and innocent, but results in the chatty mountd.
Silence it by providing an distinguished error code for the situation,
and ignoring the error in mountd loop.

Based on the patch by:	Andreas Longwitz <longwitz@incore.de>
Prodded and tested by:	bdrewery
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2015-02-10 18:00:32 +00:00