| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Valgrind shows that the memory allocated for ee.e_hostname in
getexportent() is being leaked. While there _is_ a call to xfree(), by
the time it gets called the leak's already happened. Moving the xfree()
call so that it occurs before the assignment that overwrites ee fixes
this.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The daemonization init/ready functions have parameters that are never used,
require the caller to keep track of some pipefds that it has no interest in
and which might not be used in some scenarios. Cleanup both functions a bit.
The idea here is also that these two functions might be good points to
insert more systemd init code later (sd_notify()).
Also, statd had a private copy of the daemonization code for unknown
reasons...so make it use the generic version instead.
Signed-off-by: David H?rdeman <david@hardeman.nu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
All access to kernel is now done using file descriptors.
Signed-off-by: Timo Ter?s <timo.teras@iki.fi>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is experimental. In works fine in that it removes the
vulnerability against a DOS attack. rpc.mountd can be blocked by
a bad client, that sends many RPC requests but never reads the
responses. This might happen intentionally or caused by a wrong
network config (MTU). The patch switches on the nonblocking
mode of libtirpc. In that mode writes can block for a max of 2 seconds.
Attackers are forced to send requests slower, as libtirpc will close
a connection if it finds two requests to read at the same time.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If mountd is built with libtirpc the tcp listeners and the sockets
waiting for UDP messages are not in non-blocking mode. Thus if running
with multiple threads (-t XX), all threads will wake up from select on
a connection request or a UDP message, but only one thread will succeed.
All others will wait on accept() or read() for the next event.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If mountd is built without libtirpc and it is started using "-p XXX"
option, the tcp listeners and the sockets waiting for UDP messages
are not in non-blocking mode. Thus if running with multiple threads (-t XX),
all threads will wake up from select on a connection request or a UDP
message, but only one thread will succeed. All others will wait on
accept() or read() for the next event.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When attempting to establish a local ephemeral endpoint for a TCP or UDP
socket, do not explicitly call bind(2), instead let it happen implicilty
when the socket is first used.
The main motivating factor for this change is when TCP runs out of unique
ephemeral ports (i.e. cannot find any ephemeral ports which are not a
part of *any* TCP connection). In this situation if you explicitly call
bind(2), then the call will fail with EADDRINUSE. However, if you allow the
allocation of an ephemeral port to happen implicitly as part of connect(2)
(or other functions), then ephemeral ports can be reused, so long as
the combination of (local_ip, local_port, remote_ip, remote_port)
is unique for TCP sockets on the system.
This doesn't matter for UDP sockets, but it seemed easiest to treat TCP
and UDP sockets the same.
This can allow mount.nfs(8) to continue to function successfully, even
in the face of misbehaving applications which are creating a large number of
TCP connections.
Signed-off-by: Chris Perl <chris.perl@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Use the standard integer types. This fixes compiling errors with musl libc.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of our customer's application only needs file names, not file
attributes. With directories having 10K+ inodes (assuming buffer cache
has directory blocks cached having file names, but inode cache is
limited and hence need eviction of older cached inodes), older inodes
are evicted periodically. So if they keep on doing readdir(2) from NSF
client on multiple directories, some directory's files are periodically
removed from inode cache and hence new readdir(2) on same directory
requires disk access to bring back inodes again to inode cache.
As READDIRPLUS request fetches attributes also, doing getattr on each
file on server, it causes unnecessary disk accesses. If READDIRPLUS on
NFS client is returned with -ENOTSUPP, NFS client uses READDIR request
which just gets the names of the files in a directory, not attributes,
hence avoiding disk accesses on server.
There's already a corresponding client-side mount option, but an export
option reduces the need for configuration across multiple clients.
This flag affects NFSv3 only. If it turns out it's needed for NFSv4 as
well then we may have to figure out how to extend the behavior to NFSv4,
but it's not currently obvious how to do that.
Signed-off-by: Rajesh Ghanekar <rajesh_ghanekar@symantec.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Errors were logged with xlog_err function relying on errno, but these
functions don't set it.
Fix the problem by introducing xlog_errno which set errno
Signed-off-by: Mateusz Guzik <mguzik@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently have 2 cut-and-paste versions of this code. One for idmapd
and one for svcgssd.[1]
The two are basically equivalent but there are some small differences,
mostly related to how errors in that function are logged. svcgssd uses
printerr() with a priority of 1, which only prints errors if -v was
specified. That doesn't seem to be quite right. Daemonizing errors are
necessarily fatal and should be logged as such. The one for idmapd uses
err(), which always prints to stderr even though we have the xlog
facility set up. Since both have xlog configured at this point, log the
errors using xlog_err() instead.
The only other significant difference I see is that the idmapd version
will open "/" if it's unable to open "/dev/null". I believe that however
was a holdover from an earlier version of that function that did not
error out when we were unable to open a file descriptor. Since the
function does that now, I don't believe we need that fallback anymore.
[1]: technically, we have a third in statd too, but it's different
enough that I don't want to touch it here.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Add the ability to turn off UDP listeners with the
new "-u | --no-udp" flag.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Convert the current code to used the NFSCTL_XXX macros
to turn off the TCP listener.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
exportfs currently exits with a non-zero error for some errors,
but not for others.
It does this by having various support routines set the global
variable "export_errno".
Change this to have 'xlog' set export_errno if an ERROR is
reported. That way all errors will be caught.
Note that the exit error code is changed from 22 (EINVAL)
to the more traditional '1'.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 11ba3b1e01b67b7d19f26fba94fabdb60878e809 (Add a default flavor
to an export's e_secinfo list) breaks the ordering of security flavours
in the secinfo list, by reordering 'sec=sys' to always be the first
secinfo flavour if one fails to set a default 'sec' setting.
An export of the form:
/export -sync,no_subtree_check,mp \
192.168.1.0/24(sec=krb5p:krb5i:krb5,rw,sec=sys,ro)
ends up getting translated by exportfs into the following entry in
/var/lib/nfs/etab:
/export 192.168.1.0/24(ro,sync,wdelay,hide,nocrossmnt,\
secure,root_squash,no_all_squash,\
no_subtree_check,secure_locks,acl,\
mountpoint,anonuid=65534,anongid=65534,\
sec=sys,ro,root_squash,no_all_squash,\
sec=krb5p:krb5i:krb5,rw,root_squash,no_all_squash)
Note how the 'sec=sys' is now listed first...
The fix is to defer adding the default flavour until the call to
secinfo_show, when we can see if it is even needed at all.
With the patch, the above export is now correctly entered in
/var/lib/nfs/etab as:
/export 192.168.1.0/24(ro,sync,wdelay,hide,nocrossmnt,\
secure,root_squash,no_all_squash,\
no_subtree_check,secure_locks,acl,\
mountpoint,anonuid=65534,anongid=65534,\
sec=krb5p:krb5i:krb5,rw,root_squash,no_all_squash,\
sec=sys,ro,root_squash,no_all_squash)
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The 'insecure' flag is listed in /proc/fs/nfsd/export_features
in newer kernels as being a secinfo_flag, however it is not
displayed by secinfo_show.
This patch fixes that, and sets up a framework which should make
it easy to add new flags to /proc/fs/nfsd/export_features and have
them be displayed properly.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nfsmount.conf file has the following format:
[ section "arg" ]
tag = value
conf_get_tag_list() currently doesn't check the arg field so we wind up
getting all the options that fall under a particular section value,
instead of just the ones that match the specific "arg" field. As a
result, we wind up passing options to the mount syscall from sections
that aren't even relevant to the mount operation that is being
performed.
For example, if we have three different server sections, and each
section has an Nfsvers tag, then the string we pass to the mount syscall
will have two extra occurrences of the nfsvers option. Each option
should appear at most 4 times -- once for the system section, once for
the server-specific section, once for the mount-specific section, and
once for the command line mount options.
Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Moves nfs_probe_statd from mount to nfs support lib to share with statd.
Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 91bb95f2689e84856ecdf6fac365489d36709cf9
4set_root: force "fsid=0" for all exports of '/'
set NFSEXP_FSID for the export of "/" if nothing else had any fsid set,
however it didn't also set the flag for all security flavours. So the
kernel complains that the flags on the security flavours don't match and
it rejects the export.
So call fix_pseudoflavor_flags() in write_secinfo() to make sure that
any fiddling that has been done to e_flags gets copied to e_secinfo.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The list of security flavors that mountd allows for the NFSv4
pseudo-fs is constructed from the union of flavors of all current
exports.
exports(5) documents that the default security flavor for an
export, if "sec=" is not specified, is "sys". Suppose
/etc/exports contains:
/a *(rw)
/b *(rw,sec=krb5:krb5i:krb5p)
The resulting security flavor list for the pseudo-fs is missing
"sec=sys". /proc/net/rpc/nfsd.export/content contains:
/a *(rw,root_squash,sync,wdelay,no_subtree_check,
uuid=095c95bc:08e4407a:91ab8601:05fe0bbf)
/b *(rw,root_squash,sync,wdelay,no_subtree_check,
uuid=2a6fe811:0cf044a7:8fc75ebe:65180068,
sec=390003:390004:390005)
/ *(ro,root_squash,sync,no_wdelay,v4root,fsid=0,
uuid=2a6fe811:0cf044a7:8fc75ebe:65180068,
sec=390003:390004:390005)
The root entry is not correct, as there does exist an export whose
unspecified default security flavor is "sys". The security settings
on the root cause sec=sys mount attempts to be incorrectly rejected.
The reason is that when the line in /etc/exports for "/a" is parsed,
the e_secinfo list for that exportent is left empty. Thus the union
of e_secinfo lists created by set_pseudofs_security() is
"krb5:krb5i:krb5p".
I fixed this by ensuring that if no "sec=" option is specified for
an export, its e_secinfo list gets at least an entry for AUTH_UNIX.
[ Yes, we could make the security flavors allowed for the pseudo-fs
a fixed list of all flavors the server supports. That becomes
complicated by the special meaning of AUTH_NULL, and we still have
to check /etc/exports for whether Kerberos flavors should be listed.
I opted for a simple approach for now. ]
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 5604b35a61e22930873ffc4e9971002f578e7978
nfs-utils: Increase the stdio file buffer size for procfs files
changed writes to some sysfs files to be line buffered (_IOLBF) where
they weren't before. While this probably makes sense, it introduced a
bug.
With fully buffered streams, you don't expect to get an error until you
call fflush(). With line buffered streams you can get the error
from fprintf() et al.
qword_eol() only tests the return from fflush(), not from fprintf().
Consequently errors were not noticed.
One result of this is that if you export, with crossmnt, a filesystem
underneath which are mounted non-exportable filesystems (e.g. /proc)
then an 'ls -l' on the client will block indefinitely waiting for a
meaningful 'yes' or 'no' from the server, but will never get one.
This patch changes qword_eol to test both fprintf and fflush.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Removed a number of Wconversion warnings in the mountd code.
Took the opportunity to eliminate some code duplication.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This patch limits the visibility of the symbols in the nfs-utils
conffile.c so that they are only visible to programs linked directly to
it. This forces the objects dynamically loaded via libnfsidmap to use
the functions defined in that shared library instead.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
When the options where prefixed with spaces (instead of tabs)
the second option in the list was missed to so a miscalculation
the the nfsmount.conf parsing code.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Newer arches omitting both nfsctl and nfsservctl which breaks nfsctl.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
In the parsing routine, conf_parse_line(), a string
is not being null terminated which is causing
section of the config file to be ignored.
https://bugzilla.linux-nfs.org/show_bug.cgi?id=205
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
License texts contain multiple address for FSF, some wrong.
So update them and replace COPYING file with
http://www.gnu.org/licenses/gpl-2.0.txt
which has a few changes to preamble and commentary.
Also remove extra COPYING file from utils/statd/
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
At RHEL, if user set port for mountd at /etc/services as
"mount 12345/tcp", mountd should be bind to 12345, but the
latest nfs-utils, mountd get a rand port, not 12345.
This patch make sure mountd be bind to the port which was set
at /etc/service.
Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The fd associated with /proc/fs/nfsd/export_features opened in
get_export_features is not closed.
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
nfs_addmntent is used to append directly to /etc/mtab.
If the write partially fail, e.g. due to RLIMIT_FSIZE,
truncate back to original size and return an error.
See also https://bugzilla.redhat.com/show_bug.cgi?id=697975
(CVE-2011-1749) CVE-2011-1749 nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With commit 1374c3861abdc66f3a1410e26cc85f86760b51dd Neil added a
-test-client- export to test the exportability of filesystems when exportfs
is run. When using the old cache controls (i.e. /proc/fs/nfsd is not
mounted) exportfs will read /proc/fs/nfs/exports to process existing
exports and find these test client entries. The dash at the beginning of
-test-client- will be cause getexportent to look for default options in the
rest of the string, which test-client- will not match:
exportfs: /proc/fs/nfs/exports:1: unknown keyword "test-client-(rw"
This patch resolves that problem (as Steve suggested) by not processing any
default options if we are reading the list of existing exports from the
kernel. Default options are converted to individual exports by exportfs so
the kernel won't have any regardless.
Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Trond Myklebust <Trond.Myklebust@netapp.com>
The fedfs ldap server will specify a ttl for its entries.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
This is a refactoring change only. There should be no change in
behavior.
Original patch had updates to utils/mountd/junctions.c, which no
longer exists. These are not included here.
Create a macro for the default cache TTL, which is used in several
places besides the export cache.
Make e_ttl unsigned.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
conffile.c:258:19: warning: 'j' may be used uninitialized in this function
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
rpcdispatch.c:40:20: warning: comparison between signed and unsigned
integer expressions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
When parsing section's arg at configure file, the pointer
should stop when fetch ']', and give the warning message.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the exportent->e_uuid is initialised in
support/nfs/exports.c:parseopts(), but it is never freed.
Also ensure that exportent->e_uuid is duplicated correctly in
dupexportent().
Adjusted to account for the new export_free() helper.
Also, e_uuid points to memory that is always allocated with strdup(3),
not with xstrdup(). Thus it must be freed via free(3) and not via
xfree().
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Normally, when "-p" is not specified on the mountd command line, the
TI-RPC library chooses random port numbers for each listener. If a
port number _is_ specified on the command line, all the listeners
will get the same port number, so SO_REUSEADDR needs to be set on
each socket.
Thus we can't let TI-RPC create the listener sockets for us in this
case; we must create them ourselves and then set SO_REUSEADDR (and
other socket options) by hand.
Different versions of the same RPC program have to share the same
listener and SVCXPRT, so we have to cache xprts we create, and re-use
them when additional requests for registration come from the
application.
Though it doesn't look like it, this fix was "copied" from the legacy
rpc_init() function. It's more complicated for TI-RPC, of course,
since a TI-RPC application can set up listeners with a nearly
arbitrary number of address families and socket types, not just the
two listeners that legacy RPC applications can set up (one for AF_INET
UDP and one for AF_INET TCP).
See:
https://bugzilla.linux-nfs.org/show_bug.cgi?id=190
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Jim Rees <rees@umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
There are several source files and headers present in the ./utils/idmapd
directory which are also usable in a doimapd daemon. Because of this we
move that support into the support directory such that it can be shared by
both daemons.
Signed-off-by: Jim Rees <rees@umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Minor clean up.
Most modern Linux distributions set UTF-8 locales. Standardize the
character encoding of source files on UTF-8, to squelch vim com-
plaints.
I probably missed a few spots.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is more of a clean-up than a behavioral change.
POSIX requires that a "struct sockaddr" is the same size as a "struct
sockaddr_in". Therefore, a variable or field of type "struct sockaddr"
cannot contain an AF_INET6 address. However, "struct sockaddr *" is
often used to reference a generic (ie non-address family specific)
socket address, generating some confusion about this.
The nfsctl_arg struct uses a struct sockaddr (not a pointer) to pass
the client's IP address to the kernel. This means the legacy nfsctl()
kernel API can never support IPv6. Fortunately for us, this legacy
interface was replaced by a text-based cache interface a few years
back. We don't need to support non-AF_INET addresses here.
The getfh() functions in nfs-utils provide a handy C API for the
kernel's nfsctl interface. The getfh() functions still take a struct
sockaddr *, though, and that can imply that a non-IPv4 address can be
passed via this API. To make it abundantly clear that only IPv4
addresses can be used with this interface, change the synopses of
getfh() and friends to take a struct sockaddr_in * instead of a struct
sockaddr * .
This makes these functions conform with other places in mountd and
exportfs that already grok the difference between a struct sockaddr
and a struct sockaddr_in.
While we're here...
Introduce some nice documenting comments for the get_fh() functions,
and...
Since mountd will support IPv6 in the near future, assert that the
family of client addresses passed to this API is indeed AF_INET, in
order to prevent non-AF_INET addresses from ever being passed to the
legacy nfsctl() interface.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
