tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

SUNRPC: Trace gssproxy upcall results

Record results of a GSS proxy ACCEPT_SEC_CONTEXT upcall and the
svc_authenticate() function to make field debugging of NFS server
Kerberos issues easier.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-by: Bill Baker <bill.baker@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>

authored by

Chuck Lever and committed by
J. Bruce Fields ff27e9f7 5fcaf698

+112 -4
+45
include/trace/events/rpcgss.h
··· 126 126 DEFINE_GSSAPI_EVENT(wrap); 127 127 DEFINE_GSSAPI_EVENT(unwrap); 128 128 129 + TRACE_EVENT(rpcgss_accept_upcall, 130 + TP_PROTO( 131 + __be32 xid, 132 + u32 major_status, 133 + u32 minor_status 134 + ), 135 + 136 + TP_ARGS(xid, major_status, minor_status), 137 + 138 + TP_STRUCT__entry( 139 + __field(u32, xid) 140 + __field(u32, minor_status) 141 + __field(unsigned long, major_status) 142 + ), 143 + 144 + TP_fast_assign( 145 + __entry->xid = be32_to_cpu(xid); 146 + __entry->minor_status = minor_status; 147 + __entry->major_status = major_status; 148 + ), 149 + 150 + TP_printk("xid=0x%08x major_status=%s (0x%08lx) minor_status=%u", 151 + __entry->xid, __entry->major_status == 0 ? "GSS_S_COMPLETE" : 152 + show_gss_status(__entry->major_status), 153 + __entry->major_status, __entry->minor_status 154 + ) 155 + ); 156 + 129 157 130 158 /** 131 159 ** GSS auth unwrap failures ··· 383 355 show_pseudoflavor(__entry->flavor), __entry->error) 384 356 ); 385 357 358 + TRACE_EVENT(rpcgss_oid_to_mech, 359 + TP_PROTO( 360 + const char *oid 361 + ), 362 + 363 + TP_ARGS(oid), 364 + 365 + TP_STRUCT__entry( 366 + __string(oid, oid) 367 + ), 368 + 369 + TP_fast_assign( 370 + __assign_str(oid, oid); 371 + ), 372 + 373 + TP_printk("mech for oid %s was not found", __get_str(oid)) 374 + ); 386 375 387 376 #endif /* _TRACE_RPCGSS_H */ 388 377
+55
include/trace/events/sunrpc.h
··· 14 14 #include <linux/net.h> 15 15 #include <linux/tracepoint.h> 16 16 17 + TRACE_DEFINE_ENUM(RPC_AUTH_OK); 18 + TRACE_DEFINE_ENUM(RPC_AUTH_BADCRED); 19 + TRACE_DEFINE_ENUM(RPC_AUTH_REJECTEDCRED); 20 + TRACE_DEFINE_ENUM(RPC_AUTH_BADVERF); 21 + TRACE_DEFINE_ENUM(RPC_AUTH_REJECTEDVERF); 22 + TRACE_DEFINE_ENUM(RPC_AUTH_TOOWEAK); 23 + TRACE_DEFINE_ENUM(RPCSEC_GSS_CREDPROBLEM); 24 + TRACE_DEFINE_ENUM(RPCSEC_GSS_CTXPROBLEM); 25 + 26 + #define rpc_show_auth_stat(status) \ 27 + __print_symbolic(status, \ 28 + { RPC_AUTH_OK, "AUTH_OK" }, \ 29 + { RPC_AUTH_BADCRED, "BADCRED" }, \ 30 + { RPC_AUTH_REJECTEDCRED, "REJECTEDCRED" }, \ 31 + { RPC_AUTH_BADVERF, "BADVERF" }, \ 32 + { RPC_AUTH_REJECTEDVERF, "REJECTEDVERF" }, \ 33 + { RPC_AUTH_TOOWEAK, "TOOWEAK" }, \ 34 + { RPCSEC_GSS_CREDPROBLEM, "GSS_CREDPROBLEM" }, \ 35 + { RPCSEC_GSS_CTXPROBLEM, "GSS_CTXPROBLEM" }) \ 36 + 17 37 DECLARE_EVENT_CLASS(rpc_task_status, 18 38 19 39 TP_PROTO(const struct rpc_task *task), ··· 884 864 TP_printk("addr=%s xid=0x%08x len=%d flags=%s", 885 865 __get_str(addr), __entry->xid, __entry->len, 886 866 show_rqstp_flags(__entry->flags)) 867 + ); 868 + 869 + #define svc_show_status(status) \ 870 + __print_symbolic(status, \ 871 + { SVC_GARBAGE, "SVC_GARBAGE" }, \ 872 + { SVC_SYSERR, "SVC_SYSERR" }, \ 873 + { SVC_VALID, "SVC_VALID" }, \ 874 + { SVC_NEGATIVE, "SVC_NEGATIVE" }, \ 875 + { SVC_OK, "SVC_OK" }, \ 876 + { SVC_DROP, "SVC_DROP" }, \ 877 + { SVC_CLOSE, "SVC_CLOSE" }, \ 878 + { SVC_DENIED, "SVC_DENIED" }, \ 879 + { SVC_PENDING, "SVC_PENDING" }, \ 880 + { SVC_COMPLETE, "SVC_COMPLETE" }) 881 + 882 + TRACE_EVENT(svc_authenticate, 883 + TP_PROTO(const struct svc_rqst *rqst, int auth_res, __be32 auth_stat), 884 + 885 + TP_ARGS(rqst, auth_res, auth_stat), 886 + 887 + TP_STRUCT__entry( 888 + __field(u32, xid) 889 + __field(unsigned long, svc_status) 890 + __field(unsigned long, auth_stat) 891 + ), 892 + 893 + TP_fast_assign( 894 + __entry->xid = be32_to_cpu(rqst->rq_xid); 895 + __entry->svc_status = auth_res; 896 + __entry->auth_stat = be32_to_cpu(auth_stat); 897 + ), 898 + 899 + TP_printk("xid=0x%08x auth_res=%s auth_stat=%s", 900 + __entry->xid, svc_show_status(__entry->svc_status), 901 + rpc_show_auth_stat(__entry->auth_stat)) 887 902 ); 888 903 889 904 TRACE_EVENT(svc_process,
+3 -1
net/sunrpc/auth_gss/gss_mech_switch.c
··· 20 20 #include <linux/sunrpc/sched.h> 21 21 #include <linux/sunrpc/gss_api.h> 22 22 #include <linux/sunrpc/clnt.h> 23 + #include <trace/events/rpcgss.h> 23 24 24 25 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) 25 26 # define RPCDBG_FACILITY RPCDBG_AUTH ··· 159 158 160 159 if (sprint_oid(obj->data, obj->len, buf, sizeof(buf)) < 0) 161 160 return NULL; 162 - dprintk("RPC: %s(%s)\n", __func__, buf); 163 161 request_module("rpc-auth-gss-%s", buf); 164 162 165 163 rcu_read_lock(); ··· 172 172 } 173 173 } 174 174 rcu_read_unlock(); 175 + if (!gm) 176 + trace_rpcgss_oid_to_mech(buf); 175 177 return gm; 176 178 } 177 179
+5 -3
net/sunrpc/auth_gss/svcauth_gss.c
··· 49 49 #include <linux/sunrpc/svcauth.h> 50 50 #include <linux/sunrpc/svcauth_gss.h> 51 51 #include <linux/sunrpc/cache.h> 52 + 53 + #include <trace/events/rpcgss.h> 54 + 52 55 #include "gss_rpc_upcall.h" 53 56 54 57 ··· 1273 1270 if (status) 1274 1271 goto out; 1275 1272 1276 - dprintk("RPC: svcauth_gss: gss major status = %d " 1277 - "minor status = %d\n", 1278 - ud.major_status, ud.minor_status); 1273 + trace_rpcgss_accept_upcall(rqstp->rq_xid, ud.major_status, 1274 + ud.minor_status); 1279 1275 1280 1276 switch (ud.major_status) { 1281 1277 case GSS_S_CONTINUE_NEEDED:
+2
net/sunrpc/svc.c
··· 1337 1337 auth_stat = rpc_autherr_badcred; 1338 1338 auth_res = progp->pg_authenticate(rqstp); 1339 1339 } 1340 + if (auth_res != SVC_OK) 1341 + trace_svc_authenticate(rqstp, auth_res, auth_stat); 1340 1342 switch (auth_res) { 1341 1343 case SVC_OK: 1342 1344 break;
+2
net/sunrpc/svcauth.c
··· 19 19 #include <linux/err.h> 20 20 #include <linux/hash.h> 21 21 22 + #include <trace/events/sunrpc.h> 23 + 22 24 #define RPCDBG_FACILITY RPCDBG_AUTH 23 25 24 26