linux-libre-{pae,xen,knock,grsec}-3.12.7-2: fix 15 seconds nfs hang, #37886 kernel oops => https://bugs.archlinux.org/task/37886

author: André Fabian Silva Delgado <emulatorman@parabola.nu> 2014-01-13 20:38:26 -0200
committer: André Fabian Silva Delgado <emulatorman@parabola.nu> 2014-01-13 20:38:26 -0200
commit: d7d75ce711cf951aa33b86603e486837a402379e (patch)
tree: 30dc2409bc9da729380eed4243a9d871d9973ad9 /kernels/linux-libre-knock
parent: ab7fb4d643a25bdd23969fa487bf07f348d15a55 (diff)
7 files changed, 623 insertions, 2 deletions
diff --git a/kernels/linux-libre-knock/PKGBUILD b/kernels/linux-libre-knock/PKGBUILD
index 0b451888b..64ec61576 100644
--- a/kernels/linux-libre-knock/PKGBUILD
+++ b/kernels/linux-libre-knock/PKGBUILD
@@ -1,4 +1,4 @@
-# $Id: PKGBUILD 203405 2014-01-10 08:45:42Z tpowa $
+# $Id: PKGBUILD 203524 2014-01-12 13:05:55Z tpowa $
 # Maintainer: Tobias Powalowski <tpowa@archlinux.org>
 # Maintainer: Thomas Baechler <thomas@archlinux.org>
 # Maintainer (Parabola): André Silva <emulatorman@parabola.nu>
@@ -13,7 +13,7 @@ _basekernel=3.12
 _sublevel=7
 _knockpatchver=${_basekernel}.4
 pkgver=${_basekernel}.${_sublevel}
-pkgrel=1
+pkgrel=2
 _lxopkgver=${_basekernel}.7 # nearly always the same as pkgver
 arch=('i686' 'x86_64' 'mips64el')
 url="http://linux-libre.fsfla.org/"
@@ -32,6 +32,12 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn
         'boot-logo.patch'
         'change-default-console-loglevel.patch'
         'criu-no-expert.patch'
+        'sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch'
+        'sunrpc-replace-gssd_running-with-more-reliable-check.patch'
+        'nfs-check-gssd-running-before-krb5i-auth.patch'
+        'rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-fails.patch'
+        'sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch'
+        'rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-notification-fails.patch'
         "http://www.linux-libre.fsfla.org/pub/linux-libre/lemote/gnewsense/pool/debuginfo/linux-patches-${_lxopkgver}-gnu_0loongsonlibre_mipsel.tar.bz2")
 md5sums=('254f59707b6676b59ce5ca5c3c698319'
          'c42ff446236915fe1a6e2b6f9724d267'
@@ -44,6 +50,12 @@ md5sums=('254f59707b6676b59ce5ca5c3c698319'
          '44260d2cb1a8b51c119d2ce1f83e457a'
          '98beb36f9b8cf16e58de2483ea9985e3'
          'd50c1ac47394e9aec637002ef3392bd1'
+         'd4a75f77e6bd5d700dcd534cd5f0dfce'
+         'dc86fdc37615c97f03c1e0c31b7b833a'
+         '88eef9d3b5012ef7e82af1af8cc4e517'
+         'cec0bb8981936eab2943b2009b7a6fff'
+         '88d9cddf9e0050a76ec4674f264fb2a1'
+         'cb9016630212ef07b168892fbcfd4e5d'
          '7554da820df91c282656972976d9e0b5')
 if [ "$CARCH" != "mips64el" ]; then
     # don't use the Loongson-specific patches on non-mips64el arches.
@@ -79,6 +91,17 @@ prepare() {
   # patch from fedora
   patch -Np1 -i "${srcdir}/criu-no-expert.patch"
 
+  # fix 15 seocnds nfs delay
+  patch -Np1 -i "${srcdir}/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch"
+  patch -Np1 -i "${srcdir}/sunrpc-replace-gssd_running-with-more-reliable-check.patch"
+  patch -Np1 -i "${srcdir}/nfs-check-gssd-running-before-krb5i-auth.patch"
+  # fix nfs kernel oops
+  # #37866
+  patch -Np1 -i "${srcdir}/rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-fails.patch"
+  patch -Np1 -i "${srcdir}/sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch"
+
+  patch -Np1 -i "${srcdir}/rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-notification-fails.patch"
+
   if [ "$CARCH" == "mips64el" ]; then
     sed -i "s|^EXTRAVERSION.*|EXTRAVERSION =-libre-knock|" Makefile
     sed -r "s|^( SUBLEVEL = ).*|\1$_sublevel|" \
diff --git a/kernels/linux-libre-knock/nfs-check-gssd-running-before-krb5i-auth.patch b/kernels/linux-libre-knock/nfs-check-gssd-running-before-krb5i-auth.patch
new file mode 100644
index 000000000..be81fec76
--- /dev/null
+++ b/kernels/linux-libre-knock/nfs-check-gssd-running-before-krb5i-auth.patch
@@ -0,0 +1,48 @@
+Bugzilla: N/A
+Upstream-status: queued in NFS git tree (for 3.13/3.14?)
+
+Currently, the client will attempt to use krb5i in the SETCLIENTID call
+even if rpc.gssd isn't running. When that fails, it'll then fall back to
+RPC_AUTH_UNIX. This introduced a delay when mounting if rpc.gssd isn't
+running, and causes warning messages to pop up in the ring buffer.
+
+Check to see if rpc.gssd is running before even attempting to use krb5i
+auth, and just silently skip trying to do so if it isn't. In the event
+that the admin is actually trying to mount with krb5*, it will still
+fail at a later stage of the mount attempt.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
+---
+ fs/nfs/nfs4client.c |    7 ++++++-
+ 1 files changed, 6 insertions(+), 1 deletions(-)
+
+diff -up linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c.orig linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c
+--- linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c.orig	2013-09-02 16:46:10.000000000 -0400
++++ linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c	2013-11-21 10:20:27.288286000 -0500
+@@ -10,6 +10,7 @@
+ #include <linux/sunrpc/auth.h>
+ #include <linux/sunrpc/xprt.h>
+ #include <linux/sunrpc/bc_xprt.h>
++#include <linux/sunrpc/rpc_pipe_fs.h>
+ #include "internal.h"
+ #include "callback.h"
+ #include "delegation.h"
+@@ -206,7 +207,11 @@ struct nfs_client *nfs4_init_client(stru
+ 	if (clp->cl_minorversion != 0)
+ 		__set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags);
+ 	__set_bit(NFS_CS_DISCRTRY, &clp->cl_flags);
+-	error = nfs_create_rpc_client(clp, timeparms, RPC_AUTH_GSS_KRB5I);
++
++	error = -EINVAL;
++	if (gssd_running(clp->cl_net))
++		error = nfs_create_rpc_client(clp, timeparms,
++					      RPC_AUTH_GSS_KRB5I);
+ 	if (error == -EINVAL)
+ 		error = nfs_create_rpc_client(clp, timeparms, RPC_AUTH_UNIX);
+ 	if (error < 0)
+
+_______________________________________________
+kernel mailing list
+kernel@lists.fedoraproject.org
+https://admin.fedoraproject.org/mailman/listinfo/kernel
diff --git a/kernels/linux-libre-knock/rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-notification-fails.patch b/kernels/linux-libre-knock/rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-notification-fails.patch
new file mode 100644
index 000000000..ed03f34dd
--- /dev/null
+++ b/kernels/linux-libre-knock/rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-notification-fails.patch
@@ -0,0 +1,50 @@
+Bugzilla: 1037793
+Upstream-status: submitted for 3.14
+
+Currently, it could leak dentry references in some cases. Make sure
+we clean up properly.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+---
+ net/sunrpc/rpc_pipe.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
+index 5d973b2..b185548 100644
+--- a/net/sunrpc/rpc_pipe.c
++++ b/net/sunrpc/rpc_pipe.c
+@@ -1369,6 +1369,18 @@ out:
+ 	return pipe_dentry;
+ }
+ 
++static void
++rpc_gssd_dummy_depopulate(struct dentry *pipe_dentry)
++{
++	struct dentry *clnt_dir = pipe_dentry->d_parent;
++	struct dentry *gssd_dir = clnt_dir->d_parent;
++
++	__rpc_rmpipe(clnt_dir->d_inode, pipe_dentry);
++	__rpc_depopulate(clnt_dir, gssd_dummy_info_file, 0, 1);
++	__rpc_depopulate(gssd_dir, gssd_dummy_clnt_dir, 0, 1);
++	dput(pipe_dentry);
++}
++
+ static int
+ rpc_fill_super(struct super_block *sb, void *data, int silent)
+ {
+@@ -1412,7 +1424,7 @@ rpc_fill_super(struct super_block *sb, void *data, int silent)
+ 	return 0;
+ 
+ err_depopulate:
+-	dput(gssd_dentry);
++	rpc_gssd_dummy_depopulate(gssd_dentry);
+ 	blocking_notifier_call_chain(&rpc_pipefs_notifier_list,
+ 					   RPC_PIPEFS_UMOUNT,
+ 					   sb);
+-- 
+1.8.4.2
+
+--
+To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
+the body of a message to majordomo@vger.kernel.org
+More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff --git a/kernels/linux-libre-knock/rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-fails.patch b/kernels/linux-libre-knock/rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-fails.patch
new file mode 100644
index 000000000..e4b1a255f
--- /dev/null
+++ b/kernels/linux-libre-knock/rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-fails.patch
@@ -0,0 +1,32 @@
+Bugzilla: 1037793
+Upstream-status: submitted for 3.14
+
+In the event that we create the gssd/clntXX dir, but the pipe creation
+subsequently fails, then we should remove the clntXX dir before
+returning.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+---
+ net/sunrpc/rpc_pipe.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
+index 5cd7ad1..0b74c61 100644
+--- a/net/sunrpc/rpc_pipe.c
++++ b/net/sunrpc/rpc_pipe.c
+@@ -1313,6 +1313,8 @@ rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
+ 	}
+ 
+ 	pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data);
++	if (IS_ERR(pipe_dentry))
++		__rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
+ out:
+ 	dput(clnt_dentry);
+ 	dput(gssd_dentry);
+-- 
+1.8.4.2
+
+--
+To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
+the body of a message to majordomo@vger.kernel.org
+More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff --git a/kernels/linux-libre-knock/sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch b/kernels/linux-libre-knock/sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch
new file mode 100644
index 000000000..dd3b5ba2f
--- /dev/null
+++ b/kernels/linux-libre-knock/sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch
@@ -0,0 +1,96 @@
+Bugzilla: 1037793
+Upstream-status: submitted for 3.14
+
+rpc.gssd expects to see an "info" file in each clntXX dir. Since adding
+the dummy gssd pipe, users that run rpc.gssd see a lot of these messages
+spamming the logs:
+
+    rpc.gssd[508]: ERROR: can't open /var/lib/nfs/rpc_pipefs/gssd/clntXX/info: No such file or directory
+    rpc.gssd[508]: ERROR: failed to read service info
+
+Add a dummy gssd/clntXX/info file to help silence these messages.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+---
+ net/sunrpc/rpc_pipe.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 49 insertions(+), 1 deletion(-)
+
+diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
+index 0b74c61..5d973b2 100644
+--- a/net/sunrpc/rpc_pipe.c
++++ b/net/sunrpc/rpc_pipe.c
+@@ -17,6 +17,7 @@
+ #include <linux/fsnotify.h>
+ #include <linux/kernel.h>
+ #include <linux/rcupdate.h>
++#include <linux/utsname.h>
+ 
+ #include <asm/ioctls.h>
+ #include <linux/poll.h>
+@@ -1275,6 +1276,44 @@ static const struct rpc_pipe_ops gssd_dummy_pipe_ops = {
+ 	.downcall	= dummy_downcall,
+ };
+ 
++/*
++ * Here we present a bogus "info" file to keep rpc.gssd happy. We don't expect
++ * that it will ever use this info to handle an upcall, but rpc.gssd expects
++ * that this file will be there and have a certain format.
++ */
++static int
++rpc_show_dummy_info(struct seq_file *m, void *v)
++{
++	seq_printf(m, "RPC server: %s\n", utsname()->nodename);
++	seq_printf(m, "service: foo (1) version 0\n");
++	seq_printf(m, "address: 127.0.0.1\n");
++	seq_printf(m, "protocol: tcp\n");
++	seq_printf(m, "port: 0\n");
++	return 0;
++}
++
++static int
++rpc_dummy_info_open(struct inode *inode, struct file *file)
++{
++	return single_open(file, rpc_show_dummy_info, NULL);
++}
++
++static const struct file_operations rpc_dummy_info_operations = {
++	.owner		= THIS_MODULE,
++	.open		= rpc_dummy_info_open,
++	.read		= seq_read,
++	.llseek		= seq_lseek,
++	.release	= single_release,
++};
++
++static const struct rpc_filelist gssd_dummy_info_file[] = {
++	[0] = {
++		.name = "info",
++		.i_fop = &rpc_dummy_info_operations,
++		.mode = S_IFREG | S_IRUSR,
++	},
++};
++
+ /**
+  * rpc_gssd_dummy_populate - create a dummy gssd pipe
+  * @root:	root of the rpc_pipefs filesystem
+@@ -1312,9 +1351,18 @@ rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
+ 		goto out;
+ 	}
+ 
++	ret = rpc_populate(clnt_dentry, gssd_dummy_info_file, 0, 1, NULL);
++	if (ret) {
++		__rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
++		pipe_dentry = ERR_PTR(ret);
++		goto out;
++	}
++
+ 	pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data);
+-	if (IS_ERR(pipe_dentry))
++	if (IS_ERR(pipe_dentry)) {
++		__rpc_depopulate(clnt_dentry, gssd_dummy_info_file, 0, 1);
+ 		__rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
++	}
+ out:
+ 	dput(clnt_dentry);
+ 	dput(gssd_dentry);
+-- 
+1.8.4.2
diff --git a/kernels/linux-libre-knock/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch b/kernels/linux-libre-knock/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch
new file mode 100644
index 000000000..805498a70
--- /dev/null
+++ b/kernels/linux-libre-knock/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch
@@ -0,0 +1,233 @@
+Bugzilla: N/A
+Upstream-status: queued in NFS git tree (for 3.13/3.14?)
+
+rpc.gssd will naturally hold open any pipe named */clnt*/gssd that shows
+up under rpc_pipefs. That behavior gives us a reliable mechanism to tell
+whether it's actually running or not.
+
+Create a new toplevel "gssd" directory in rpc_pipefs when it's mounted.
+Under that directory create another directory called "clntXX", and then
+within that a pipe called "gssd".
+
+We'll never send an upcall along that pipe, and any downcall written to
+it will just return -EINVAL.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
+---
+ include/linux/sunrpc/rpc_pipe_fs.h |    3 +-
+ net/sunrpc/netns.h                 |    1 +
+ net/sunrpc/rpc_pipe.c              |   93 ++++++++++++++++++++++++++++++++++-
+ net/sunrpc/sunrpc_syms.c           |    8 +++-
+ 4 files changed, 100 insertions(+), 5 deletions(-)
+
+diff -up linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h.orig linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h
+--- linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h.orig	2013-09-02 16:46:10.000000000 -0400
++++ linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h	2013-11-21 10:11:17.893026000 -0500
+@@ -64,7 +64,8 @@ enum {
+ 
+ extern struct dentry *rpc_d_lookup_sb(const struct super_block *sb,
+ 				      const unsigned char *dir_name);
+-extern void rpc_pipefs_init_net(struct net *net);
++extern int rpc_pipefs_init_net(struct net *net);
++extern void rpc_pipefs_exit_net(struct net *net);
+ extern struct super_block *rpc_get_sb_net(const struct net *net);
+ extern void rpc_put_sb_net(const struct net *net);
+ 
+diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h
+--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h.orig	2013-09-02 16:46:10.000000000 -0400
++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h	2013-11-21 10:11:17.897029000 -0500
+@@ -14,6 +14,7 @@ struct sunrpc_net {
+ 	struct cache_detail *rsi_cache;
+ 
+ 	struct super_block *pipefs_sb;
++	struct rpc_pipe *gssd_dummy;
+ 	struct mutex pipefs_sb_lock;
+ 
+ 	struct list_head all_clients;
+diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c
+--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c.orig	2013-09-02 16:46:10.000000000 -0400
++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c	2013-11-21 10:11:17.903026000 -0500
+@@ -38,7 +38,7 @@
+ #define NET_NAME(net)	((net == &init_net) ? " (init_net)" : "")
+ 
+ static struct file_system_type rpc_pipe_fs_type;
+-
++static const struct rpc_pipe_ops gssd_dummy_pipe_ops;
+ 
+ static struct kmem_cache *rpc_inode_cachep __read_mostly;
+ 
+@@ -1019,6 +1019,7 @@ enum {
+ 	RPCAUTH_nfsd4_cb,
+ 	RPCAUTH_cache,
+ 	RPCAUTH_nfsd,
++	RPCAUTH_gssd,
+ 	RPCAUTH_RootEOF
+ };
+ 
+@@ -1055,6 +1056,10 @@ static const struct rpc_filelist files[]
+ 		.name = "nfsd",
+ 		.mode = S_IFDIR | S_IRUGO | S_IXUGO,
+ 	},
++	[RPCAUTH_gssd] = {
++		.name = "gssd",
++		.mode = S_IFDIR | S_IRUGO | S_IXUGO,
++	},
+ };
+ 
+ /*
+@@ -1068,13 +1073,25 @@ struct dentry *rpc_d_lookup_sb(const str
+ }
+ EXPORT_SYMBOL_GPL(rpc_d_lookup_sb);
+ 
+-void rpc_pipefs_init_net(struct net *net)
++int rpc_pipefs_init_net(struct net *net)
+ {
+ 	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
+ 
++	sn->gssd_dummy = rpc_mkpipe_data(&gssd_dummy_pipe_ops, 0);
++	if (IS_ERR(sn->gssd_dummy))
++		return PTR_ERR(sn->gssd_dummy);
++
+ 	mutex_init(&sn->pipefs_sb_lock);
+ 	sn->gssd_running = 1;
+ 	sn->pipe_version = -1;
++	return 0;
++}
++
++void rpc_pipefs_exit_net(struct net *net)
++{
++	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
++
++	rpc_destroy_pipe_data(sn->gssd_dummy);
+ }
+ 
+ /*
+@@ -1104,11 +1121,73 @@ void rpc_put_sb_net(const struct net *ne
+ }
+ EXPORT_SYMBOL_GPL(rpc_put_sb_net);
+ 
++static const struct rpc_filelist gssd_dummy_clnt_dir[] = {
++	[0] = {
++		.name = "clntXX",
++		.mode = S_IFDIR | S_IRUGO | S_IXUGO,
++	},
++};
++
++static ssize_t
++dummy_downcall(struct file *filp, const char __user *src, size_t len)
++{
++	return -EINVAL;
++}
++
++static const struct rpc_pipe_ops gssd_dummy_pipe_ops = {
++	.upcall		= rpc_pipe_generic_upcall,
++	.downcall	= dummy_downcall,
++};
++
++/**
++ * rpc_gssd_dummy_populate - create a dummy gssd pipe
++ * @root:	root of the rpc_pipefs filesystem
++ * @pipe_data:	pipe data created when netns is initialized
++ *
++ * Create a dummy set of directories and a pipe that gssd can hold open to
++ * indicate that it is up and running.
++ */
++static struct dentry *
++rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
++{
++	int ret = 0;
++	struct dentry *gssd_dentry;
++	struct dentry *clnt_dentry = NULL;
++	struct dentry *pipe_dentry = NULL;
++	struct qstr q = QSTR_INIT(files[RPCAUTH_gssd].name,
++				  strlen(files[RPCAUTH_gssd].name));
++
++	/* We should never get this far if "gssd" doesn't exist */
++	gssd_dentry = d_hash_and_lookup(root, &q);
++	if (!gssd_dentry)
++		return ERR_PTR(-ENOENT);
++
++	ret = rpc_populate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1, NULL);
++	if (ret) {
++		pipe_dentry = ERR_PTR(ret);
++		goto out;
++	}
++
++	q.name = gssd_dummy_clnt_dir[0].name;
++	q.len = strlen(gssd_dummy_clnt_dir[0].name);
++	clnt_dentry = d_hash_and_lookup(gssd_dentry, &q);
++	if (!clnt_dentry) {
++		pipe_dentry = ERR_PTR(-ENOENT);
++		goto out;
++	}
++
++	pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data);
++out:
++	dput(clnt_dentry);
++	dput(gssd_dentry);
++	return pipe_dentry;
++}
++
+ static int
+ rpc_fill_super(struct super_block *sb, void *data, int silent)
+ {
+ 	struct inode *inode;
+-	struct dentry *root;
++	struct dentry *root, *gssd_dentry;
+ 	struct net *net = data;
+ 	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
+ 	int err;
+@@ -1126,6 +1205,13 @@ rpc_fill_super(struct super_block *sb, v
+ 		return -ENOMEM;
+ 	if (rpc_populate(root, files, RPCAUTH_lockd, RPCAUTH_RootEOF, NULL))
+ 		return -ENOMEM;
++
++	gssd_dentry = rpc_gssd_dummy_populate(root, sn->gssd_dummy);
++	if (IS_ERR(gssd_dentry)) {
++		__rpc_depopulate(root, files, RPCAUTH_lockd, RPCAUTH_RootEOF);
++		return PTR_ERR(gssd_dentry);
++	}
++
+ 	dprintk("RPC:       sending pipefs MOUNT notification for net %p%s\n",
+ 		net, NET_NAME(net));
+ 	mutex_lock(&sn->pipefs_sb_lock);
+@@ -1140,6 +1226,7 @@ rpc_fill_super(struct super_block *sb, v
+ 	return 0;
+ 
+ err_depopulate:
++	dput(gssd_dentry);
+ 	blocking_notifier_call_chain(&rpc_pipefs_notifier_list,
+ 					   RPC_PIPEFS_UMOUNT,
+ 					   sb);
+diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c
+--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c.orig	2013-09-02 16:46:10.000000000 -0400
++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c	2013-11-21 10:11:17.908026000 -0500
+@@ -44,12 +44,17 @@ static __net_init int sunrpc_init_net(st
+ 	if (err)
+ 		goto err_unixgid;
+ 
+-	rpc_pipefs_init_net(net);
++	err = rpc_pipefs_init_net(net);
++	if (err)
++		goto err_pipefs;
++
+ 	INIT_LIST_HEAD(&sn->all_clients);
+ 	spin_lock_init(&sn->rpc_client_lock);
+ 	spin_lock_init(&sn->rpcb_clnt_lock);
+ 	return 0;
+ 
++err_pipefs:
++	unix_gid_cache_destroy(net);
+ err_unixgid:
+ 	ip_map_cache_destroy(net);
+ err_ipmap:
+@@ -60,6 +65,7 @@ err_proc:
+ 
+ static __net_exit void sunrpc_exit_net(struct net *net)
+ {
++	rpc_pipefs_exit_net(net);
+ 	unix_gid_cache_destroy(net);
+ 	ip_map_cache_destroy(net);
+ 	rpc_proc_exit(net);
+
diff --git a/kernels/linux-libre-knock/sunrpc-replace-gssd_running-with-more-reliable-check.patch b/kernels/linux-libre-knock/sunrpc-replace-gssd_running-with-more-reliable-check.patch
new file mode 100644
index 000000000..8cd5c0090
--- /dev/null
+++ b/kernels/linux-libre-knock/sunrpc-replace-gssd_running-with-more-reliable-check.patch
@@ -0,0 +1,139 @@
+Bugzilla: N/A
+Upstream-status: queued in NFS git tree (for 3.13/3.14?)
+
+Now that we have a more reliable method to tell if gssd is running, we
+can replace the sn->gssd_running flag with a function that will query to
+see if it's up and running.
+
+There's also no need to attempt an upcall that we know will fail, so
+just return -EACCES if gssd isn't running. Finally, fix the warn_gss()
+message not to claim that that the upcall timed out since we don't
+necesarily perform one now when gssd isn't running, and remove the
+extraneous newline from the message.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
+---
+ Fixed up to apply to 3.12.1 by Josh Boyer <jwboyer@fedoraproject.org>
+
+ include/linux/sunrpc/rpc_pipe_fs.h |    2 ++
+ net/sunrpc/auth_gss/auth_gss.c     |   17 +++++++----------
+ net/sunrpc/netns.h                 |    2 --
+ net/sunrpc/rpc_pipe.c              |   14 ++++++++++----
+ 4 files changed, 19 insertions(+), 16 deletions(-)
+
+diff --git a/include/linux/sunrpc/rpc_pipe_fs.h b/include/linux/sunrpc/rpc_pipe_fs.h
+index 85f1342..7f490be 100644
+--- a/include/linux/sunrpc/rpc_pipe_fs.h
++++ b/include/linux/sunrpc/rpc_pipe_fs.h
+@@ -131,5 +131,7 @@ extern int rpc_unlink(struct dentry *);
+ extern int register_rpc_pipefs(void);
+ extern void unregister_rpc_pipefs(void);
+ 
++extern bool gssd_running(struct net *net);
++
+ #endif
+ #endif
+diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
+index 0846566..1ada878 100644
+--- a/net/sunrpc/auth_gss/auth_gss.c
++++ b/net/sunrpc/auth_gss/auth_gss.c
+@@ -517,8 +517,7 @@ static void warn_gssd(void)
+ 	unsigned long now = jiffies;
+ 
+ 	if (time_after(now, ratelimit)) {
+-		printk(KERN_WARNING "RPC: AUTH_GSS upcall timed out.\n"
+-				"Please check user daemon is running.\n");
++		pr_warn("RPC: AUTH_GSS upcall failed. Please check user daemon is running.\n");
+ 		ratelimit = now + 15*HZ;
+ 	}
+ }
+@@ -581,7 +580,6 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
+ 	struct rpc_pipe *pipe;
+ 	struct rpc_cred *cred = &gss_cred->gc_base;
+ 	struct gss_upcall_msg *gss_msg;
+-	unsigned long timeout;
+ 	DEFINE_WAIT(wait);
+ 	int err;
+ 
+@@ -589,17 +587,16 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
+ 		__func__, from_kuid(&init_user_ns, cred->cr_uid));
+ retry:
+ 	err = 0;
+-	/* Default timeout is 15s unless we know that gssd is not running */
+-	timeout = 15 * HZ;
+-	if (!sn->gssd_running)
+-		timeout = HZ >> 2;
++	/* if gssd is down, just skip upcalling altogether */
++	if (!gssd_running(net)) {
++		warn_gssd();
++		return -EACCES;
++	}
+ 	gss_msg = gss_setup_upcall(gss_auth, cred);
+ 	if (PTR_ERR(gss_msg) == -EAGAIN) {
+ 		err = wait_event_interruptible_timeout(pipe_version_waitqueue,
+-				sn->pipe_version >= 0, timeout);
++				sn->pipe_version >= 0, 15 * HZ);
+ 		if (sn->pipe_version < 0) {
+-			if (err == 0)
+-				sn->gssd_running = 0;
+ 			warn_gssd();
+ 			err = -EACCES;
+ 		}
+diff --git a/net/sunrpc/netns.h b/net/sunrpc/netns.h
+index 8a8e841..94e506f 100644
+--- a/net/sunrpc/netns.h
++++ b/net/sunrpc/netns.h
+@@ -33,8 +33,6 @@ struct sunrpc_net {
+ 	int pipe_version;
+ 	atomic_t pipe_users;
+ 	struct proc_dir_entry *use_gssp_proc;
+-
+-	unsigned int gssd_running;
+ };
+ 
+ extern int sunrpc_net_id;
+diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
+index 40aef18..ad444f3 100644
+--- a/net/sunrpc/rpc_pipe.c
++++ b/net/sunrpc/rpc_pipe.c
+@@ -216,14 +216,11 @@ rpc_destroy_inode(struct inode *inode)
+ static int
+ rpc_pipe_open(struct inode *inode, struct file *filp)
+ {
+-	struct net *net = inode->i_sb->s_fs_info;
+-	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
+ 	struct rpc_pipe *pipe;
+ 	int first_open;
+ 	int res = -ENXIO;
+ 
+ 	mutex_lock(&inode->i_mutex);
+-	sn->gssd_running = 1;
+ 	pipe = RPC_I(inode)->pipe;
+ 	if (pipe == NULL)
+ 		goto out;
+@@ -1231,7 +1228,6 @@ int rpc_pipefs_init_net(struct net *net)
+ 		return PTR_ERR(sn->gssd_dummy);
+ 
+ 	mutex_init(&sn->pipefs_sb_lock);
+-	sn->gssd_running = 1;
+ 	sn->pipe_version = -1;
+ 	return 0;
+ }
+@@ -1385,6 +1381,16 @@ err_depopulate:
+ 	return err;
+ }
+ 
++bool
++gssd_running(struct net *net)
++{
++	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
++	struct rpc_pipe *pipe = sn->gssd_dummy;
++
++	return pipe->nreaders || pipe->nwriters;
++}
++EXPORT_SYMBOL_GPL(gssd_running);
++
+ static struct dentry *
+ rpc_mount(struct file_system_type *fs_type,
+ 		int flags, const char *dev_name, void *data)
author	André Fabian Silva Delgado <emulatorman@parabola.nu>	2014-01-13 20:38:26 -0200
committer	André Fabian Silva Delgado <emulatorman@parabola.nu>	2014-01-13 20:38:26 -0200
commit	d7d75ce711cf951aa33b86603e486837a402379e (patch)
tree	30dc2409bc9da729380eed4243a9d871d9973ad9 /kernels/linux-libre-knock
parent	ab7fb4d643a25bdd23969fa487bf07f348d15a55 (diff)