1. 01 Dec, 2021 1 commit
    • Rick Macklem's avatar
      nfsd: Sanity check the ACL attribute · fd020f19
      Rick Macklem authored
      When an ACL is presented to the NFSv4 server in
      Setattr or Verify, parsing of the ACL assumed a
      sane acecnt and sane sizes for the "who" strings.
      This patch adds sanity checks for these.
      
      The patch also fixes handling of an error
      return from nfsrv_dissectacl() for one broken
      case.
      
      Reported by:	rtm@lcs.mit.edu
      Tested by:	rtm@lcs.mit.edu
      PR:	260111
      MFC after:	2 weeks
      fd020f19
  2. 28 Nov, 2021 1 commit
    • Rick Macklem's avatar
      nfs: Quiet a few "unused" warnings · 638b90a1
      Rick Macklem authored
      For most of these warnings, the variable is loaded
      with data parsed out of an RPC messages.  In case
      the data is useful in the future, I just marked
      these with __unused.
      638b90a1
  3. 11 Nov, 2021 1 commit
    • Rick Macklem's avatar
      nfscl: Add a LayoutError RPC for NFSv4.2 pNFS mounts · 44744f75
      Rick Macklem authored
      If a pNFS server's DS runs out of disk space, it replies
      NFSERR_NOSPC to the client doing writing.  For the Linux
      client, it then sends a LayoutError RPC to the MDS server to
      tell it about the error.  This patch adds the same to the
      FreeBSD NFSv4.2 pNFS client, to maintain Linux compatible
      behaviour, particlularily for non-FreeBSD pNFS servers.
      
      MFC after:	2 weeks
      44744f75
  4. 08 Nov, 2021 1 commit
    • Rick Macklem's avatar
      nfsd: Fix f_bavail and f_ffree for NFSv4 when negative · d70ca5b0
      Rick Macklem authored
      Since the NFS Space_available and Files_available are unsigned,
      the NFSv3 server sets them to 0 when negative, so that they
      do not appear to be large positive values for non-FreeBSD clients.
      This patch fixes the NFSv4 server to do the same.
      
      Found during a recent IEFT NFSv4 working group testing event.
      
      MFC after:	2 weeks
      d70ca5b0
  5. 20 Oct, 2021 1 commit
  6. 11 Sep, 2021 1 commit
    • Rick Macklem's avatar
      nfscl: Make vfs.nfs.maxcopyrange larger by default · 55089ef4
      Rick Macklem authored
      As of commit 103b2075, the NFSv4.2 server will limit the size
      of a Copy operation based upon a 1 second timeout.  The Linux 5.2
      kernel server also limits Copy operation size to 4Mbytes.
      As such, the NFSv4.2 client can attempt a large Copy without
      resulting in a long RPC RTT for these servers.
      
      This patch changes vfs.nfs.maxcopyrange to 64bits and sets
      the default to the maximum possible size of SSIZE_MAX, since
      a larger size makes the Copy operation more efficient and
      allows for copying to complete with fewer RPCs.
      The sysctl may be need to be made smaller for other non-FreeBSD
      NFSv4.2 servers.
      
      MFC after:	2 weeks
      55089ef4
  7. 12 Aug, 2021 1 commit
    • Rick Macklem's avatar
      nfscl: Add a Lookup+Open RPC for NFSv4.1/4.2 · 3ad1e1c1
      Rick Macklem authored
      This patch adds a Lookup+Open compound RPC to the NFSv4.1/4.2
      NFS client, which can be used by nfs_lookup() so that a
      subsequent Open RPC is not required.
      It uses the cn_flags OPENREAD, OPENWRITE added by commit c18c74a8.
      This reduced the number of RPCs by about 15% for a kernel
      build over NFS.
      
      For now, use of Lookup+Open is only done when the "oneopenown"
      mount option is used.  It may be possible for Lookup+Open to
      be used for non-oneopenown NFSv4.1/4.2 mounts, but that will
      require extensive further testing to determine if it works.
      
      While here, I've added the changes to the nfscommon module
      that are needed to implement the Deallocate NFSv4.2 operation.
      This avoids needing another cycle of changes to the internal
      KAPI between the NFS modules.
      
      This commit has changed the internal KAPI between the NFS
      modules and, as such, all need to be rebuilt from sources.
      I have not bumped __FreeBSD_version, since it was bumped a
      few days ago.
      3ad1e1c1
  8. 16 Jul, 2021 1 commit
    • Rick Macklem's avatar
      nfsd: Add sysctl to set maximum I/O size up to 1Mbyte · ee29e6f3
      Rick Macklem authored
      Since MAXPHYS now allows the FreeBSD NFS client
      to do 1Mbyte I/O operations, add a sysctl called vfs.nfsd.srvmaxio
      so that the maximum NFS server I/O size can be set up to 1Mbyte.
      The Linux NFS client can also do 1Mbyte I/O operations.
      
      The default of 128Kbytes for the maximum I/O size has
      not been changed for two reasons:
      - kern.ipc.maxsockbuf must be increased to support 1Mbyte I/O
      - The limited benchmarking I can do actually shows a drop in I/O rate
        when the I/O size is above 256Kbytes.
      However, daveb@spectralogic.com reports seeing an increase
      in I/O rate for the 1Mbyte I/O size vs 128Kbytes using a Linux client.
      
      Reviewed by:	asomers
      MFC after:	2 weeks
      Differential Revision:	https://reviews.freebsd.org/D30826
      ee29e6f3
  9. 09 Jul, 2021 1 commit
    • Rick Macklem's avatar
      nfscl: Add a Linux compatible "nconnect" mount option · 1e0a518d
      Rick Macklem authored
      Linux has had an "nconnect" NFS mount option for some time.
      It specifies that N (up to 16) TCP connections are to created for a mount,
      instead of just one TCP connection.
      
      A discussion on freebsd-net@ indicated that this could improve
      client<-->server network bandwidth, if either the client or server
      have one of the following:
      - multiple network ports aggregated to-gether with lagg/lacp.
      - a fast NIC that is using multiple queues
      It does result in using more IP port#s and might increase server
      peak load for a client.
      
      One difference from the Linux implementation is that this implementation
      uses the first TCP connection for all RPCs composed of small messages
      and uses the additional TCP connections for RPCs that normally have
      large messages (Read/Readdir/Write).  The Linux implementation spreads
      all RPCs across all TCP connections in a round robin fashion, whereas
      this implementation spreads Read/Readdir/Write across the additional
      TCP connections in a round robin fashion.
      
      Reviewed by:	markj
      MFC after:	2 weeks
      Differential Revision:	https://reviews.freebsd.org/D30970
      1e0a518d
  10. 31 May, 2021 1 commit
    • Rick Macklem's avatar
      nfsd: Add support for the NFSv4.1/4.2 Secinfo_no_name operation · 947bd247
      Rick Macklem authored
      The Linux client is now attempting to use the Secinfo_no_name
      operation for NFSv4.1/4.2 mounts.  Although it does not seem to
      mind the NFSERR_NOTSUPP reply, adding support for it seems
      reasonable.
      
      I also noticed that "savflag" needed to be 64bits in
      nfsrvd_secinfo() since nd_flag in now 64bits, so I changed
      the declaration of it there.  I also added code to set "vp" NULL
      after performing Secinfo/Secinfo_no_name, since these
      operations consume the current FH, which is represented
      by "vp" in nfsrvd_compound().
      
      Fixing when the server replies NFSERR_WRONGSEC so that
      it conforms to RFC5661 Sec. 2.6 still needs to be done
      in a future commit.
      
      MFC after:	2 weeks
      947bd247
  11. 08 May, 2021 1 commit
    • Rick Macklem's avatar
      nfscl: Add support for va_birthtime to NFSv4 · dd02d9d6
      Rick Macklem authored
      There is a NFSv4 file attribute called TimeCreate
      that can be used for va_birthtime.
      r362175 added some support for use of TimeCreate.
      This patch completes support of va_birthtime by adding
      support for setting this attribute to the server.
      It also eanbles the client to
      acquire and set the attribute for a NFSv4
      server that supports the attribute.
      
      Reviewed by:	markj
      MFC after:	2 weeks
      Differential Revision:	https://reviews.freebsd.org/D30156
      dd02d9d6
  12. 26 Apr, 2021 1 commit
    • Rick Macklem's avatar
      nfsd: fix the slot sequence# when a callback fails · 87597731
      Rick Macklem authored
      Commit 4281bfec patched the server so that the
      callback session slot would be free'd for reuse when
      a callback attempt fails.
      However, this can often result in the sequence# for
      the session slot to be advanced such that the client
      end will reply NFSERR_SEQMISORDERED.
      
      To avoid the NFSERR_SEQMISORDERED client reply,
      this patch negates the sequence# advance for the
      case where the callback has failed.
      The common case is a failed back channel, where
      the callback cannot be sent to the client, and
      not advancing the sequence# is correct for this
      case.  For the uncommon case where the client's
      reply to the callback is lost, not advancing the
      sequence# will indicate to the client that the
      next callback is a retry and not a new callback.
      But, since the FreeBSD server always sets "csa_cachethis"
      false in the callback sequence operation, a retry
      and a new callback should be handled the same way
      by the client, so this should not matter.
      
      Until you have this patch in your NFSv4.1/4.2 server,
      you should consider avoiding the use of delegations.
      Even with this patch, interoperation with the
      Linux NFSv4.1/4.2 client in kernel versions prior
      to 5.3 can result in frequent 15second delays if
      delegations are enabled.  This occurs because, for
      kernels prior to 5.3, the Linux client does a TCP
      reconnect every time it sees multiple concurrent
      callbacks and then it takes 15seconds to recover
      the back channel after doing so.
      
      MFC after:	2 weeks
      87597731
  13. 20 Apr, 2021 1 commit
  14. 15 Apr, 2021 1 commit
    • Rick Macklem's avatar
      Revert "nfsd: cut the Linux NFSv4.1/4.2 some slack w.r.t. RFC5661" · 34256484
      Rick Macklem authored
      This reverts commit 9edaceca.
      
      It turns out that the Linux client intentionally does an NFSv4.1
      RPC with only a Sequence operation in it and with "seqid + 1"
      for the slot.  This is used to re-synchronize the slot's seqid
      and the client expects the NFS4ERR_SEQ_MISORDERED error reply.
      
      As such, revert the patch, so that the server remains RFC5661
      compliant.
      34256484
  15. 11 Apr, 2021 2 commits
    • Rick Macklem's avatar
      nfsd: cut the Linux NFSv4.1/4.2 some slack w.r.t. RFC5661 · 9edaceca
      Rick Macklem authored
      Recent testing of network partitioning a FreeBSD NFSv4.1
      server from a Linux NFSv4.1 client identified problems
      with both the FreeBSD server and Linux client.
      
      Sometimes, after some Linux NFSv4.1/4.2 clients establish
      a new TCP connection, they will advance the sequence number
      for a session slot by 2 instead of 1.
      RFC5661 specifies that a server should reply
      NFS4ERR_SEQ_MISORDERED for this case.
      This might result in a system call error in the client and
      seems to disable future use of the slot by the client.
      Since advancing the sequence number by 2 seems harmless,
      allow this case if vfs.nfs.linuxseqsesshack is non-zero.
      
      Note that, if the order of RPCs is actually reversed,
      a subsequent RPC with a smaller sequence number value
      for the slot will be received.  This will result in
      a NFS4ERR_SEQ_MISORDERED reply.
      This has not been observed during testing.
      Setting vfs.nfs.linuxseqsesshack to 0 will provide
      RFC5661 compliant behaviour.
      
      This fix affects the fairly rare case where a NFSv4
      Linux client does a TCP reconnect and then apparently
      erroneously increments the sequence number for the
      session slot twice during the reconnect cycle.
      
      PR:	254816
      MFC after:	2 weeks
      9edaceca
    • Rick Macklem's avatar
      nfsv4 client: do the BindConnectionToSession as required · 7763814f
      Rick Macklem authored
      During a recent testing event, it was reported that the NFSv4.1/4.2
      server erroneously bound the back channel to a new TCP connection.
      RFC5661 specifies that the fore channel is implicitly bound to a
      new TCP connection when an RPC with Sequence (almost any of them)
      is done on it.  For the back channel to be bound to the new TCP
      connection, an explicit BindConnectionToSession must be done as
      the first RPC on the new connection.
      
      Since new TCP connections are created by the "reconnect" layer
      (sys/rpc/clnt_rc.c) of the krpc, this patch adds an optional
      upcall done by the krpc whenever a new connection is created.
      The patch also adds the specific upcall function that does a
      BindConnectionToSession and configures the krpc to call it
      when required.
      
      This is necessary for correct interoperability with NFSv4.1/NFSv4.2
      servers when the nfscbd daemon is running.
      
      If doing NFSv4.1/NFSv4.2 mounts without this patch, it is
      recommended that the nfscbd daemon not be running and that
      the "pnfs" mount option not be specified.
      
      PR:	254840
      Comments by:	asomers
      MFC after:	2 weeks
      Differential Revision:	https://reviews.freebsd.org/D29475
      7763814f
  16. 10 Apr, 2021 1 commit
    • Rick Macklem's avatar
      nfsd: fix replies from session cache for multiple retries · 22cefe3d
      Rick Macklem authored
      Recent testing of network partitioning a FreeBSD NFSv4.1
      server from a Linux NFSv4.1 client identified problems
      with both the FreeBSD server and Linux client.
      
      Commit 05a39c2c fixed replying with the cached reply in
      in the session slot if same session slot sequence#.
      However, the code uses the reply and, as such,
      will fail for a subsequent retry of the RPC.
      A subsequent retry would be an extremely rare event,
      but this patch fixes this, so long as m_copym(..M_NOWAIT)
      does not fail, which should also be a rare event.
      
      This fix affects the exceedingly rare case where a NFSv4
      client retries a non-idempotent RPC, such as a lock
      operation, multiple times.  Note that retries only occur
      after the client has needed to create a new TCP connection,
      with a new TCP connection for each retry.
      
      MFC after:	2 weeks
      22cefe3d
  17. 19 Mar, 2021 1 commit
    • Rick Macklem's avatar
      nfsv4 client: fix forced dismount when sleeping on nfsv4lck · 5f742d38
      Rick Macklem authored
      During a recent NFSv4 testing event a test server caused a hang
      where "umount -N" failed.  The renew thread was sleeping on "nfsv4lck"
      and the "umount" was sleeping, waiting for the renew thread to
      terminate.
      
      This is the first of two patches that is hoped to fix the renew thread
      so that it will terminate when "umount -N" is done on the mount.
      
      nfsv4_lock() checks for forced dismount, but only after it wakes up
      from msleep().  Without this patch, a wakeup() call was required.
      This patch adds a 1second timeout on the msleep(), so that it will
      wake up and see the forced dismount flag.  Normally a wakeup()
      will occur in less than 1second, but if a premature return from
      msleep() does occur, it will simply loop around and msleep() again.
      
      While here, replace the nfsmsleep() wrapper that was used for portability
      with the actual msleep() call and make the same change for nfsv4_getref().
      
      MFC after:	2 weeks
      5f742d38
  18. 17 Dec, 2020 1 commit
  19. 01 Sep, 2020 1 commit
  20. 18 Aug, 2020 1 commit
  21. 11 Aug, 2020 1 commit
    • Rick Macklem's avatar
      Add an argument to newnfs_connect() that indicates use TLS for the connection. · 02511d21
      Rick Macklem authored
      For NFSv4.0, the server creates a server->client TCP connection for callbacks.
      If the client mount on the server is using TLS, enable TLS for this callback
      TCP connection.
      TLS connections from clients will not be supported until the kernel RPC
      changes are committed.
      
      Since this changes the internal ABI between the NFS kernel modules that
      will require a version bump, delete newnfs_trimtrailing(), which is no
      longer used.
      
      Since LCL_TLSCB is not yet set, these changes should not have any semantic
      affect at this time.
      02511d21
  22. 26 Jul, 2020 1 commit
    • Rick Macklem's avatar
      Fix the NFSv4 client so that it checks for support of TimeCreate before · 194d8704
      Rick Macklem authored
      trying to set it.
      
      r362490 added support for setting of the TimeCreate (va_birthtime) attribute,
      but it does so without checking to see if the server supports the attribute.
      This could result in NFSERR_ATTRNOTSUPP error replies to the Setattr operation.
      This patch adds code to check that the server supports TimeCreate before
      attempting to do a Setattr of it to avoid these error returns.
      194d8704
  23. 07 Jul, 2020 1 commit
    • Rick Macklem's avatar
      Add support for ext_pgs mbufs to nfsrvd_rephead(). · 022346fa
      Rick Macklem authored
      This is another in the series of commits that add support to the NFS client
      and server for building RPC messages in ext_pgs mbufs with anonymous pages.
      This is useful so that the entire mbuf list does not need to be
      copied before calling sosend() when NFS over TLS is enabled.
      
      Since ND_EXTPG is never set yet, there is no semantic change at this time.
      022346fa
  24. 05 Jul, 2020 1 commit
    • Rick Macklem's avatar
      Add support for ext_pgs mbufs to nfsm_strtom(). · 34fc29e0
      Rick Macklem authored
      Also, add a new function nfsm_add_ext_pgs() which will either add a page
      or add a new ext_pgs mbuf with a page to the mbuf list. Used by nfsm_strtom().
      This is another in the series of commits that add support to the NFS client
      and server for building RPC messages in ext_pgs mbufs with anonymous pages.
      This is useful so that the entire mbuf list does not need to be
      copied before calling sosend() when NFS over TLS is enabled.
      
      Since ND_EXTPG is never set yet, there is no semantic change at this time.
      34fc29e0
  25. 04 Jul, 2020 1 commit
    • Rick Macklem's avatar
      Add support for ext_pgs mbufs to nfscl_reqstart() and nfsm_set(). · dccb5806
      Rick Macklem authored
      This is another in the series of commits that add support to the NFS client
      and server for building RPC messages in ext_pgs mbufs with anonymous pages.
      This is useful so that the entire mbuf list does not need to be
      copied before calling sosend() when NFS over TLS is enabled.
      
      Since ND_EXTPG is never set yet, there is no semantic change at this time.
      dccb5806
  26. 26 Jun, 2020 1 commit
    • Rick Macklem's avatar
      Add a boolean argument to nfscl_reqstart() to indicate that ext_pgs mbufs · 4476c1de
      Rick Macklem authored
      should be used.
      
      For KERN_TLS (and possibly some other future network interface) the mbuf
      list passed into sosend() must be ext_pgs mbufs. The krpc could simply
      copy all the mbuf data into ext_pgs mbufs before calling sosend(), but
      that would be inefficient for large RPC messages.
      This patch adds an argument to nfscl_reqstart() to indicate that it should
      fill the RPC message into ext_pgs mbufs.
      It also adds fields to "struct nfsrv_descript" needed for building NFS RPC
      messages in ext_pgs mbufs, along with new flags for this.
      
      Since the argument is always "false", this commit should not result in any
      semantic change. However, this commit prepares the code
      for future commits that will add support for building of NFS RPC messages
      in ext_pgs mbufs.
      4476c1de
  27. 22 Jun, 2020 1 commit
  28. 17 Jun, 2020 1 commit
  29. 14 Jun, 2020 1 commit
  30. 18 May, 2020 1 commit
  31. 12 May, 2020 1 commit
  32. 08 May, 2020 1 commit
  33. 06 May, 2020 1 commit
    • Rick Macklem's avatar
      Delete unused function newnfs_trimleading. · 04d6c514
      Rick Macklem authored
      The NFS function called newnfs_trimleading() has not been used by the
      code in long time. To give you a clue, it still had a K&R style function
      declaration.
      Delete it, since it is just cruft, as a part of the NFS mbuf handling
      cleanup in preparation for adding ext_pgs mbuf support.
      The ext_pgs mbuf support for the build/send side is needed by
      nfs-over-tls.
      04d6c514
  34. 05 May, 2020 1 commit
    • Rick Macklem's avatar
      Revert r360514, to avoid unnecessary churn of the sources. · 3973ef1d
      Rick Macklem authored
      r360514 prepared the NFS code for changes to handle ext_pgs mbufs on
      the receive side. However, at this time, KERN_TLS does not pass
      ext_pgs mbufs up through soreceive(). As such, as this time, only
      the send/build side of the NFS mbuf code needs to handle ext_pgs mbufs.
      Revert r360514 since the rather extensive changes required for receive
      side ext_pgs mbufs are not yet needed.
      This avoids unnecessary churn of the sources.
      3973ef1d
  35. 01 May, 2020 1 commit
    • Rick Macklem's avatar
      Factor some code out of nfsm_dissct() into separate functions. · 0c9cd5ca
      Rick Macklem authored
      Factoring some of the code in nfsm_dissct() out into separate functions
      allows these functions to be used elsewhere in the NFS mbuf handling code.
      Other uses of these functions will be done in future commits.
      It also makes it easier to add support for ext_pgs mbufs, which is needed
      for nfs-over-tls under development in base/projects/nfs-over-tls.
      
      Although the algorithm in nfsm_dissct() is somewhat re-written by this
      patch, the semantics of nfsm_dissct() should not have changed.
      0c9cd5ca
  36. 25 Apr, 2020 1 commit
    • Rick Macklem's avatar
      Remove Mac OS/X macros that did nothing for FreeBSD. · e4a458bb
      Rick Macklem authored
      The macros CAST_USER_ADDR_T() and CAST_DOWN() were used for the Mac OS/X
      port. The first of these macros was a no-op for FreeBSD and the second
      is no longer used.
      This patch gets rid of them. It also deletes the "mbuf_t" typedef which
      is no longer used in the FreeBSD code from nfskpiport.h
      
      This patch should not change semantics.
      e4a458bb
  37. 17 Apr, 2020 1 commit
    • Rick Macklem's avatar
      Replace all instances of the typedef mbuf_t with "struct mbuf *". · ae070589
      Rick Macklem authored
      The typedef mbuf_t was used for the Mac OS/X port of the code long ago.
      Since this port is no longer used and the use of mbuf_t obscures what
      the code does (and is not consistent with style(9)), it is no longer needed.
      This patch replaces all instances of mbuf_t with "struct mbuf *", so that
      it is no longer used.
      
      This patch should not result in any semantic change.
      ae070589
  38. 09 Apr, 2020 1 commit
    • Rick Macklem's avatar
      Replace mbuf macros with the code they would generate in the NFS code. · c948a17a
      Rick Macklem authored
      When the code was ported to Mac OS/X, mbuf handling functions were
      converted to using the Mac OS/X accessor functions. For FreeBSD, they
      are a simple set of macros in sys/fs/nfs/nfskpiport.h.
      Since porting to Mac OS/X is no longer a consideration, replacement of
      these macros with the code generated by them makes the code more
      readable.
      When support for external page mbufs is added as needed by the KERN_TLS,
      the patch becomes simpler if done without the macros.
      
      This patch should not result in any semantic change.
      This conversion will be committed one file at a time.
      c948a17a
  39. 03 Jan, 2020 1 commit