nfsd: disallow file locking and delegations for NFSv4 reexport

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

We do not and cannot support file locking with NFS reexport over
NFSv4.x for the same reason we don't do it for NFSv3: NFS reexport
server reboot cannot allow clients to recover locks because the source
NFS server has not rebooted, and so it is not in grace. Since the
source NFS server is not in grace, it cannot offer any guarantees that
the file won't have been changed between the locks getting lost and
any attempt to recover/reclaim them. The same applies to delegations
and any associated locks, so disallow them too.

Clients are no longer allowed to get file locks or delegations from a
reexport server, any attempts will fail with operation not supported.

Update the "Reboot recovery" section accordingly in
Documentation/filesystems/nfs/reexport.rst

Signed-off-by: Mike Snitzer <snitzer@kernel.org>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

authored by

Mike Snitzer and committed by

Chuck Lever 1 year ago 9254c8ae fbfdc9fc

+40 -5

4 changed files

expand all

Documentation

filesystems

nfs

reexport.rst

nfs

export.c

nfsd

nfs4state.c

include

linux

exportfs.h

+7 -3

Documentation/filesystems/nfs/reexport.rst

··· 26 26 --------------- 27 27 28 28 The NFS protocol's normal reboot recovery mechanisms don't work for the 29 - case when the reexport server reboots. Clients will lose any locks 30 - they held before the reboot, and further IO will result in errors. 31 - Closing and reopening files should clear the errors. 29 + case when the reexport server reboots because the source server has not 30 + rebooted, and so it is not in grace. Since the source server is not in 31 + grace, it cannot offer any guarantees that the file won't have been 32 + changed between the locks getting lost and any attempt to recover them. 33 + The same applies to delegations and any associated locks. Clients are 34 + not allowed to get file locks or delegations from a reexport server, any 35 + attempts will fail with operation not supported. 32 36 33 37 Filehandle limits 34 38 -----------------

+2 -1

fs/nfs/export.c

··· 154 154 EXPORT_OP_CLOSE_BEFORE_UNLINK | 155 155 EXPORT_OP_REMOTE_FS | 156 156 EXPORT_OP_NOATOMIC_ATTR | 157 - EXPORT_OP_FLUSH_ON_CLOSE, 157 + EXPORT_OP_FLUSH_ON_CLOSE | 158 + EXPORT_OP_NOLOCKS, 158 159 };

+18

fs/nfsd/nfs4state.c

··· 6010 6010 if (!nf) 6011 6011 return ERR_PTR(-EAGAIN); 6012 6012 6013 + /* 6014 + * File delegations and associated locks cannot be recovered if the 6015 + * export is from an NFS proxy server. 6016 + */ 6017 + if (exportfs_cannot_lock(nf->nf_file->f_path.mnt->mnt_sb->s_export_op)) { 6018 + nfsd_file_put(nf); 6019 + return ERR_PTR(-EOPNOTSUPP); 6020 + } 6021 + 6013 6022 spin_lock(&state_lock); 6014 6023 spin_lock(&fp->fi_lock); 6015 6024 if (nfs4_delegation_exists(clp, fp)) ··· 8157 8148 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 8158 8149 if (status != nfs_ok) 8159 8150 return status; 8151 + if (exportfs_cannot_lock(cstate->current_fh.fh_dentry->d_sb->s_export_op)) { 8152 + status = nfserr_notsupp; 8153 + goto out; 8154 + } 8160 8155 8161 8156 if (lock->lk_is_new) { 8162 8157 if (nfsd4_has_session(cstate)) ··· 8500 8487 status = nfserr_lock_range; 8501 8488 goto put_stateid; 8502 8489 } 8490 + if (exportfs_cannot_lock(nf->nf_file->f_path.mnt->mnt_sb->s_export_op)) { 8491 + status = nfserr_notsupp; 8492 + goto put_file; 8493 + } 8494 + 8503 8495 file_lock = locks_alloc_lock(); 8504 8496 if (!file_lock) { 8505 8497 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);

+13 -1

include/linux/exportfs.h

··· 279 279 atomic attribute updates 280 280 */ 281 281 #define EXPORT_OP_FLUSH_ON_CLOSE (0x20) /* fs flushes file data on close */ 282 - #define EXPORT_OP_ASYNC_LOCK (0x40) /* fs can do async lock request */ 282 + #define EXPORT_OP_NOLOCKS (0x40) /* no file locking support */ 283 283 unsigned long flags; 284 284 }; 285 + 286 + /** 287 + * exportfs_cannot_lock() - check if export implements file locking 288 + * @export_ops: the nfs export operations to check 289 + * 290 + * Returns true if the export does not support file locking. 291 + */ 292 + static inline bool 293 + exportfs_cannot_lock(const struct export_operations *export_ops) 294 + { 295 + return export_ops->flags & EXPORT_OP_NOLOCKS; 296 + } 285 297 286 298 extern int exportfs_encode_inode_fh(struct inode *inode, struct fid *fid, 287 299 int *max_len, struct inode *parent,