2007-04-27 06:49:28 +08:00
|
|
|
/* AFS superblock handling
|
|
|
|
*
|
2018-11-02 07:07:27 +08:00
|
|
|
* Copyright (c) 2002, 2007, 2018 Red Hat, Inc. All rights reserved.
|
2005-04-17 06:20:36 +08:00
|
|
|
*
|
|
|
|
* This software may be freely redistributed under the terms of the
|
|
|
|
* GNU General Public License.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
|
|
*
|
|
|
|
* Authors: David Howells <dhowells@redhat.com>
|
2008-06-06 13:46:18 +08:00
|
|
|
* David Woodhouse <dwmw2@infradead.org>
|
2005-04-17 06:20:36 +08:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/module.h>
|
2010-08-11 16:38:04 +08:00
|
|
|
#include <linux/mount.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <linux/init.h>
|
|
|
|
#include <linux/slab.h>
|
|
|
|
#include <linux/fs.h>
|
|
|
|
#include <linux/pagemap.h>
|
2018-11-02 07:07:27 +08:00
|
|
|
#include <linux/fs_parser.h>
|
2007-05-11 13:22:20 +08:00
|
|
|
#include <linux/statfs.h>
|
Detach sched.h from mm.h
First thing mm.h does is including sched.h solely for can_do_mlock() inline
function which has "current" dereference inside. By dealing with can_do_mlock()
mm.h can be detached from sched.h which is good. See below, why.
This patch
a) removes unconditional inclusion of sched.h from mm.h
b) makes can_do_mlock() normal function in mm/mlock.c
c) exports can_do_mlock() to not break compilation
d) adds sched.h inclusions back to files that were getting it indirectly.
e) adds less bloated headers to some files (asm/signal.h, jiffies.h) that were
getting them indirectly
Net result is:
a) mm.h users would get less code to open, read, preprocess, parse, ... if
they don't need sched.h
b) sched.h stops being dependency for significant number of files:
on x86_64 allmodconfig touching sched.h results in recompile of 4083 files,
after patch it's only 3744 (-8.3%).
Cross-compile tested on
all arm defconfigs, all mips defconfigs, all powerpc defconfigs,
alpha alpha-up
arm
i386 i386-up i386-defconfig i386-allnoconfig
ia64 ia64-up
m68k
mips
parisc parisc-up
powerpc powerpc-up
s390 s390-up
sparc sparc-up
sparc64 sparc64-up
um-x86_64
x86_64 x86_64-up x86_64-defconfig x86_64-allnoconfig
as well as my two usual configs.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-21 05:22:52 +08:00
|
|
|
#include <linux/sched.h>
|
2013-01-31 20:23:54 +08:00
|
|
|
#include <linux/nsproxy.h>
|
2017-11-02 23:27:45 +08:00
|
|
|
#include <linux/magic.h>
|
2013-01-31 20:23:54 +08:00
|
|
|
#include <net/net_namespace.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "internal.h"
|
|
|
|
|
2008-07-26 10:45:34 +08:00
|
|
|
static void afs_i_init_once(void *foo);
|
2011-06-13 04:01:21 +08:00
|
|
|
static void afs_kill_super(struct super_block *sb);
|
2005-04-17 06:20:36 +08:00
|
|
|
static struct inode *afs_alloc_inode(struct super_block *sb);
|
|
|
|
static void afs_destroy_inode(struct inode *inode);
|
2019-04-11 03:05:06 +08:00
|
|
|
static void afs_free_inode(struct inode *inode);
|
2007-05-11 13:22:20 +08:00
|
|
|
static int afs_statfs(struct dentry *dentry, struct kstatfs *buf);
|
2017-07-05 23:25:23 +08:00
|
|
|
static int afs_show_devname(struct seq_file *m, struct dentry *root);
|
|
|
|
static int afs_show_options(struct seq_file *m, struct dentry *root);
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_init_fs_context(struct fs_context *fc);
|
2019-09-07 19:23:15 +08:00
|
|
|
static const struct fs_parameter_spec afs_fs_parameters[];
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2006-06-09 21:34:16 +08:00
|
|
|
struct file_system_type afs_fs_type = {
|
2018-11-02 07:07:27 +08:00
|
|
|
.owner = THIS_MODULE,
|
|
|
|
.name = "afs",
|
|
|
|
.init_fs_context = afs_init_fs_context,
|
2019-09-07 19:23:15 +08:00
|
|
|
.parameters = afs_fs_parameters,
|
2018-11-02 07:07:27 +08:00
|
|
|
.kill_sb = afs_kill_super,
|
2019-04-25 21:26:51 +08:00
|
|
|
.fs_flags = FS_RENAME_DOES_D_MOVE,
|
2005-04-17 06:20:36 +08:00
|
|
|
};
|
2013-03-03 11:39:14 +08:00
|
|
|
MODULE_ALIAS_FS("afs");
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2018-05-18 18:46:15 +08:00
|
|
|
int afs_net_id;
|
|
|
|
|
2007-02-12 16:55:41 +08:00
|
|
|
static const struct super_operations afs_super_ops = {
|
2007-05-11 13:22:20 +08:00
|
|
|
.statfs = afs_statfs,
|
2005-04-17 06:20:36 +08:00
|
|
|
.alloc_inode = afs_alloc_inode,
|
2023-11-27 21:58:07 +08:00
|
|
|
.write_inode = netfs_unpin_writeback,
|
2010-08-11 16:38:04 +08:00
|
|
|
.drop_inode = afs_drop_inode,
|
2005-04-17 06:20:36 +08:00
|
|
|
.destroy_inode = afs_destroy_inode,
|
2019-04-11 03:05:06 +08:00
|
|
|
.free_inode = afs_free_inode,
|
2010-06-08 02:34:48 +08:00
|
|
|
.evict_inode = afs_evict_inode,
|
2017-07-05 23:25:23 +08:00
|
|
|
.show_devname = afs_show_devname,
|
|
|
|
.show_options = afs_show_options,
|
2005-04-17 06:20:36 +08:00
|
|
|
};
|
|
|
|
|
2006-12-07 12:33:20 +08:00
|
|
|
static struct kmem_cache *afs_inode_cachep;
|
2005-04-17 06:20:36 +08:00
|
|
|
static atomic_t afs_count_active_inodes;
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
enum afs_param {
|
|
|
|
Opt_autocell,
|
|
|
|
Opt_dyn,
|
2019-04-25 21:26:52 +08:00
|
|
|
Opt_flock,
|
2018-11-02 07:07:27 +08:00
|
|
|
Opt_source,
|
2007-05-03 18:11:29 +08:00
|
|
|
};
|
|
|
|
|
2019-12-17 02:33:32 +08:00
|
|
|
static const struct constant_table afs_param_flock[] = {
|
2019-09-07 10:12:08 +08:00
|
|
|
{"local", afs_flock_mode_local },
|
|
|
|
{"openafs", afs_flock_mode_openafs },
|
|
|
|
{"strict", afs_flock_mode_strict },
|
|
|
|
{"write", afs_flock_mode_write },
|
|
|
|
{}
|
|
|
|
};
|
|
|
|
|
2019-09-07 19:23:15 +08:00
|
|
|
static const struct fs_parameter_spec afs_fs_parameters[] = {
|
2018-11-02 07:07:27 +08:00
|
|
|
fsparam_flag ("autocell", Opt_autocell),
|
|
|
|
fsparam_flag ("dyn", Opt_dyn),
|
2019-09-07 10:12:08 +08:00
|
|
|
fsparam_enum ("flock", Opt_flock, afs_param_flock),
|
2018-11-02 07:07:27 +08:00
|
|
|
fsparam_string("source", Opt_source),
|
|
|
|
{}
|
|
|
|
};
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* initialise the filesystem
|
|
|
|
*/
|
|
|
|
int __init afs_fs_init(void)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
_enter("");
|
|
|
|
|
|
|
|
/* create ourselves an inode cache */
|
|
|
|
atomic_set(&afs_count_active_inodes, 0);
|
|
|
|
|
|
|
|
ret = -ENOMEM;
|
|
|
|
afs_inode_cachep = kmem_cache_create("afs_inode_cache",
|
|
|
|
sizeof(struct afs_vnode),
|
|
|
|
0,
|
2016-01-15 07:18:21 +08:00
|
|
|
SLAB_HWCACHE_ALIGN|SLAB_ACCOUNT,
|
2007-07-20 09:11:58 +08:00
|
|
|
afs_i_init_once);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!afs_inode_cachep) {
|
|
|
|
printk(KERN_NOTICE "kAFS: Failed to allocate inode cache\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* now export our filesystem to lesser mortals */
|
|
|
|
ret = register_filesystem(&afs_fs_type);
|
|
|
|
if (ret < 0) {
|
|
|
|
kmem_cache_destroy(afs_inode_cachep);
|
2007-04-27 06:55:03 +08:00
|
|
|
_leave(" = %d", ret);
|
2005-04-17 06:20:36 +08:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2007-04-27 06:55:03 +08:00
|
|
|
_leave(" = 0");
|
2005-04-17 06:20:36 +08:00
|
|
|
return 0;
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* clean up the filesystem
|
|
|
|
*/
|
2018-05-18 18:46:15 +08:00
|
|
|
void afs_fs_exit(void)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2007-04-27 06:55:03 +08:00
|
|
|
_enter("");
|
|
|
|
|
|
|
|
afs_mntpt_kill_timer();
|
2005-04-17 06:20:36 +08:00
|
|
|
unregister_filesystem(&afs_fs_type);
|
|
|
|
|
|
|
|
if (atomic_read(&afs_count_active_inodes) != 0) {
|
|
|
|
printk("kAFS: %d active inode objects still present\n",
|
|
|
|
atomic_read(&afs_count_active_inodes));
|
|
|
|
BUG();
|
|
|
|
}
|
|
|
|
|
2012-09-26 09:33:07 +08:00
|
|
|
/*
|
|
|
|
* Make sure all delayed rcu free inodes are flushed before we
|
|
|
|
* destroy cache.
|
|
|
|
*/
|
|
|
|
rcu_barrier();
|
2005-04-17 06:20:36 +08:00
|
|
|
kmem_cache_destroy(afs_inode_cachep);
|
2007-04-27 06:55:03 +08:00
|
|
|
_leave("");
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2017-07-05 23:25:23 +08:00
|
|
|
/*
|
|
|
|
* Display the mount device name in /proc/mounts.
|
|
|
|
*/
|
|
|
|
static int afs_show_devname(struct seq_file *m, struct dentry *root)
|
|
|
|
{
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 23:27:50 +08:00
|
|
|
struct afs_super_info *as = AFS_FS_S(root->d_sb);
|
2017-07-05 23:25:23 +08:00
|
|
|
struct afs_volume *volume = as->volume;
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 23:27:50 +08:00
|
|
|
struct afs_cell *cell = as->cell;
|
2017-07-05 23:25:23 +08:00
|
|
|
const char *suf = "";
|
|
|
|
char pref = '%';
|
|
|
|
|
2018-02-06 14:26:30 +08:00
|
|
|
if (as->dyn_root) {
|
|
|
|
seq_puts(m, "none");
|
|
|
|
return 0;
|
|
|
|
}
|
2018-04-06 21:17:25 +08:00
|
|
|
|
2017-07-05 23:25:23 +08:00
|
|
|
switch (volume->type) {
|
|
|
|
case AFSVL_RWVOL:
|
|
|
|
break;
|
|
|
|
case AFSVL_ROVOL:
|
|
|
|
pref = '#';
|
|
|
|
if (volume->type_force)
|
|
|
|
suf = ".readonly";
|
|
|
|
break;
|
|
|
|
case AFSVL_BACKVOL:
|
|
|
|
pref = '#';
|
|
|
|
suf = ".backup";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 23:27:50 +08:00
|
|
|
seq_printf(m, "%c%s:%s%s", pref, cell->name, volume->name, suf);
|
2017-07-05 23:25:23 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Display the mount options in /proc/mounts.
|
|
|
|
*/
|
|
|
|
static int afs_show_options(struct seq_file *m, struct dentry *root)
|
|
|
|
{
|
2018-02-06 14:26:30 +08:00
|
|
|
struct afs_super_info *as = AFS_FS_S(root->d_sb);
|
2019-04-25 21:26:52 +08:00
|
|
|
const char *p = NULL;
|
2018-02-06 14:26:30 +08:00
|
|
|
|
|
|
|
if (as->dyn_root)
|
|
|
|
seq_puts(m, ",dyn");
|
2017-07-05 23:25:23 +08:00
|
|
|
if (test_bit(AFS_VNODE_AUTOCELL, &AFS_FS_I(d_inode(root))->flags))
|
2018-02-06 14:26:30 +08:00
|
|
|
seq_puts(m, ",autocell");
|
2019-04-25 21:26:52 +08:00
|
|
|
switch (as->flock_mode) {
|
|
|
|
case afs_flock_mode_unset: break;
|
|
|
|
case afs_flock_mode_local: p = "local"; break;
|
|
|
|
case afs_flock_mode_openafs: p = "openafs"; break;
|
|
|
|
case afs_flock_mode_strict: p = "strict"; break;
|
|
|
|
case afs_flock_mode_write: p = "write"; break;
|
|
|
|
}
|
|
|
|
if (p)
|
|
|
|
seq_printf(m, ",flock=%s", p);
|
|
|
|
|
2017-07-05 23:25:23 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
2018-11-02 07:07:27 +08:00
|
|
|
* Parse the source name to get cell name, volume name, volume type and R/W
|
|
|
|
* selector.
|
|
|
|
*
|
|
|
|
* This can be one of the following:
|
2007-04-27 06:57:07 +08:00
|
|
|
* "%[cell:]volume[.]" R/W volume
|
2018-11-02 07:07:27 +08:00
|
|
|
* "#[cell:]volume[.]" R/O or R/W volume (R/O parent),
|
|
|
|
* or R/W (R/W parent) volume
|
2007-04-27 06:57:07 +08:00
|
|
|
* "%[cell:]volume.readonly" R/O volume
|
|
|
|
* "#[cell:]volume.readonly" R/O volume
|
|
|
|
* "%[cell:]volume.backup" Backup volume
|
|
|
|
* "#[cell:]volume.backup" Backup volume
|
|
|
|
*/
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_parse_source(struct fs_context *fc, struct fs_parameter *param)
|
2007-04-27 06:57:07 +08:00
|
|
|
{
|
2018-11-02 07:07:27 +08:00
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
2007-04-27 06:57:07 +08:00
|
|
|
struct afs_cell *cell;
|
2018-11-02 07:07:27 +08:00
|
|
|
const char *cellname, *suffix, *name = param->string;
|
2007-04-27 06:57:07 +08:00
|
|
|
int cellnamesz;
|
|
|
|
|
|
|
|
_enter(",%s", name);
|
2018-04-06 21:17:25 +08:00
|
|
|
|
2020-12-09 07:52:03 +08:00
|
|
|
if (fc->source)
|
|
|
|
return invalf(fc, "kAFS: Multiple sources not supported");
|
|
|
|
|
2007-04-27 06:57:07 +08:00
|
|
|
if (!name) {
|
|
|
|
printk(KERN_ERR "kAFS: no volume name specified\n");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((name[0] != '%' && name[0] != '#') || !name[1]) {
|
2018-11-02 07:07:27 +08:00
|
|
|
/* To use dynroot, we don't want to have to provide a source */
|
|
|
|
if (strcmp(name, "none") == 0) {
|
|
|
|
ctx->no_cell = true;
|
|
|
|
return 0;
|
|
|
|
}
|
2007-04-27 06:57:07 +08:00
|
|
|
printk(KERN_ERR "kAFS: unparsable volume name\n");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* determine the type of volume we're looking for */
|
2018-11-02 07:07:27 +08:00
|
|
|
if (name[0] == '%') {
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->type = AFSVL_RWVOL;
|
|
|
|
ctx->force = true;
|
2007-04-27 06:57:07 +08:00
|
|
|
}
|
|
|
|
name++;
|
|
|
|
|
|
|
|
/* split the cell name out if there is one */
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->volname = strchr(name, ':');
|
|
|
|
if (ctx->volname) {
|
2007-04-27 06:57:07 +08:00
|
|
|
cellname = name;
|
2018-11-02 07:07:27 +08:00
|
|
|
cellnamesz = ctx->volname - name;
|
|
|
|
ctx->volname++;
|
2007-04-27 06:57:07 +08:00
|
|
|
} else {
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->volname = name;
|
2007-04-27 06:57:07 +08:00
|
|
|
cellname = NULL;
|
|
|
|
cellnamesz = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* the volume type is further affected by a possible suffix */
|
2018-11-02 07:07:27 +08:00
|
|
|
suffix = strrchr(ctx->volname, '.');
|
2007-04-27 06:57:07 +08:00
|
|
|
if (suffix) {
|
|
|
|
if (strcmp(suffix, ".readonly") == 0) {
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->type = AFSVL_ROVOL;
|
|
|
|
ctx->force = true;
|
2007-04-27 06:57:07 +08:00
|
|
|
} else if (strcmp(suffix, ".backup") == 0) {
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->type = AFSVL_BACKVOL;
|
|
|
|
ctx->force = true;
|
2007-04-27 06:57:07 +08:00
|
|
|
} else if (suffix[1] == 0) {
|
|
|
|
} else {
|
|
|
|
suffix = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->volnamesz = suffix ?
|
|
|
|
suffix - ctx->volname : strlen(ctx->volname);
|
2007-04-27 06:57:07 +08:00
|
|
|
|
|
|
|
_debug("cell %*.*s [%p]",
|
2018-11-02 07:07:27 +08:00
|
|
|
cellnamesz, cellnamesz, cellname ?: "", ctx->cell);
|
2007-04-27 06:57:07 +08:00
|
|
|
|
|
|
|
/* lookup the cell record */
|
2018-11-02 07:07:27 +08:00
|
|
|
if (cellname) {
|
|
|
|
cell = afs_lookup_cell(ctx->net, cellname, cellnamesz,
|
2017-11-02 23:27:50 +08:00
|
|
|
NULL, false);
|
2007-04-27 06:57:07 +08:00
|
|
|
if (IS_ERR(cell)) {
|
2018-11-02 07:07:27 +08:00
|
|
|
pr_err("kAFS: unable to lookup cell '%*.*s'\n",
|
2010-08-11 16:38:04 +08:00
|
|
|
cellnamesz, cellnamesz, cellname ?: "");
|
2007-04-27 06:57:07 +08:00
|
|
|
return PTR_ERR(cell);
|
|
|
|
}
|
2020-10-14 03:51:59 +08:00
|
|
|
afs_unuse_cell(ctx->net, ctx->cell, afs_cell_trace_unuse_parse);
|
|
|
|
afs_see_cell(cell, afs_cell_trace_see_source);
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->cell = cell;
|
2007-04-27 06:57:07 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
_debug("CELL:%s [%p] VOLUME:%*.*s SUFFIX:%s TYPE:%d%s",
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->cell->name, ctx->cell,
|
|
|
|
ctx->volnamesz, ctx->volnamesz, ctx->volname,
|
|
|
|
suffix ?: "-", ctx->type, ctx->force ? " FORCE" : "");
|
|
|
|
|
|
|
|
fc->source = param->string;
|
|
|
|
param->string = NULL;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Parse a single mount parameter.
|
|
|
|
*/
|
|
|
|
static int afs_parse_param(struct fs_context *fc, struct fs_parameter *param)
|
|
|
|
{
|
|
|
|
struct fs_parse_result result;
|
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
|
|
|
int opt;
|
|
|
|
|
2019-09-07 19:23:15 +08:00
|
|
|
opt = fs_parse(fc, afs_fs_parameters, param, &result);
|
2018-11-02 07:07:27 +08:00
|
|
|
if (opt < 0)
|
|
|
|
return opt;
|
|
|
|
|
|
|
|
switch (opt) {
|
|
|
|
case Opt_source:
|
|
|
|
return afs_parse_source(fc, param);
|
|
|
|
|
|
|
|
case Opt_autocell:
|
|
|
|
ctx->autocell = true;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case Opt_dyn:
|
|
|
|
ctx->dyn_root = true;
|
|
|
|
break;
|
|
|
|
|
2019-04-25 21:26:52 +08:00
|
|
|
case Opt_flock:
|
|
|
|
ctx->flock_mode = result.uint_32;
|
|
|
|
break;
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
default:
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
_leave(" = 0");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Validate the options, get the cell key and look up the volume.
|
|
|
|
*/
|
|
|
|
static int afs_validate_fc(struct fs_context *fc)
|
|
|
|
{
|
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
|
|
|
struct afs_volume *volume;
|
afs: Detect cell aliases 1 - Cells with root volumes
Put in the first phase of cell alias detection. This part handles alias
detection for cells that have root.cell volumes (which is expected to be
likely).
When a cell becomes newly active, it is probed for its root.cell volume,
and if it has one, this volume is compared against other root.cell volumes
to find out if the list of fileserver UUIDs have any in common - and if
that's the case, do the address lists of those fileservers have any
addresses in common. If they do, the new cell is adjudged to be an alias
of the old cell and the old cell is used instead.
Comparing is aided by the server list in struct afs_server_list being
sorted in UUID order and the addresses in the fileserver address lists
being sorted in address order.
The cell then retains the afs_volume object for the root.cell volume, even
if it's not mounted for future alias checking.
This necessary because:
(1) Whilst fileservers have UUIDs that are meant to be globally unique, in
practice they are not because cells get cloned without changing the
UUIDs - so afs_server records need to be per cell.
(2) Sometimes the DNS is used to make cell aliases - but if we don't know
they're the same, we may end up with multiple superblocks and multiple
afs_server records for the same thing, impairing our ability to
deliver callback notifications of third party changes
(3) The fileserver RPC API doesn't contain the cell name, so it can't tell
us which cell it's notifying and can't see that a change made to to
one cell should notify the same client that's also accessed as the
other cell.
Reported-by: Jeffrey Altman <jaltman@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-25 17:26:02 +08:00
|
|
|
struct afs_cell *cell;
|
2018-11-02 07:07:27 +08:00
|
|
|
struct key *key;
|
afs: Detect cell aliases 1 - Cells with root volumes
Put in the first phase of cell alias detection. This part handles alias
detection for cells that have root.cell volumes (which is expected to be
likely).
When a cell becomes newly active, it is probed for its root.cell volume,
and if it has one, this volume is compared against other root.cell volumes
to find out if the list of fileserver UUIDs have any in common - and if
that's the case, do the address lists of those fileservers have any
addresses in common. If they do, the new cell is adjudged to be an alias
of the old cell and the old cell is used instead.
Comparing is aided by the server list in struct afs_server_list being
sorted in UUID order and the addresses in the fileserver address lists
being sorted in address order.
The cell then retains the afs_volume object for the root.cell volume, even
if it's not mounted for future alias checking.
This necessary because:
(1) Whilst fileservers have UUIDs that are meant to be globally unique, in
practice they are not because cells get cloned without changing the
UUIDs - so afs_server records need to be per cell.
(2) Sometimes the DNS is used to make cell aliases - but if we don't know
they're the same, we may end up with multiple superblocks and multiple
afs_server records for the same thing, impairing our ability to
deliver callback notifications of third party changes
(3) The fileserver RPC API doesn't contain the cell name, so it can't tell
us which cell it's notifying and can't see that a change made to to
one cell should notify the same client that's also accessed as the
other cell.
Reported-by: Jeffrey Altman <jaltman@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-25 17:26:02 +08:00
|
|
|
int ret;
|
2018-11-02 07:07:27 +08:00
|
|
|
|
|
|
|
if (!ctx->dyn_root) {
|
|
|
|
if (ctx->no_cell) {
|
|
|
|
pr_warn("kAFS: Can only specify source 'none' with -o dyn\n");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!ctx->cell) {
|
|
|
|
pr_warn("kAFS: No cell specified\n");
|
|
|
|
return -EDESTADDRREQ;
|
|
|
|
}
|
|
|
|
|
afs: Detect cell aliases 1 - Cells with root volumes
Put in the first phase of cell alias detection. This part handles alias
detection for cells that have root.cell volumes (which is expected to be
likely).
When a cell becomes newly active, it is probed for its root.cell volume,
and if it has one, this volume is compared against other root.cell volumes
to find out if the list of fileserver UUIDs have any in common - and if
that's the case, do the address lists of those fileservers have any
addresses in common. If they do, the new cell is adjudged to be an alias
of the old cell and the old cell is used instead.
Comparing is aided by the server list in struct afs_server_list being
sorted in UUID order and the addresses in the fileserver address lists
being sorted in address order.
The cell then retains the afs_volume object for the root.cell volume, even
if it's not mounted for future alias checking.
This necessary because:
(1) Whilst fileservers have UUIDs that are meant to be globally unique, in
practice they are not because cells get cloned without changing the
UUIDs - so afs_server records need to be per cell.
(2) Sometimes the DNS is used to make cell aliases - but if we don't know
they're the same, we may end up with multiple superblocks and multiple
afs_server records for the same thing, impairing our ability to
deliver callback notifications of third party changes
(3) The fileserver RPC API doesn't contain the cell name, so it can't tell
us which cell it's notifying and can't see that a change made to to
one cell should notify the same client that's also accessed as the
other cell.
Reported-by: Jeffrey Altman <jaltman@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-25 17:26:02 +08:00
|
|
|
reget_key:
|
2018-11-02 07:07:27 +08:00
|
|
|
/* We try to do the mount securely. */
|
|
|
|
key = afs_request_key(ctx->cell);
|
|
|
|
if (IS_ERR(key))
|
|
|
|
return PTR_ERR(key);
|
|
|
|
|
|
|
|
ctx->key = key;
|
|
|
|
|
|
|
|
if (ctx->volume) {
|
2023-11-08 21:01:11 +08:00
|
|
|
afs_put_volume(ctx->volume, afs_volume_trace_put_validate_fc);
|
2018-11-02 07:07:27 +08:00
|
|
|
ctx->volume = NULL;
|
|
|
|
}
|
|
|
|
|
afs: Detect cell aliases 1 - Cells with root volumes
Put in the first phase of cell alias detection. This part handles alias
detection for cells that have root.cell volumes (which is expected to be
likely).
When a cell becomes newly active, it is probed for its root.cell volume,
and if it has one, this volume is compared against other root.cell volumes
to find out if the list of fileserver UUIDs have any in common - and if
that's the case, do the address lists of those fileservers have any
addresses in common. If they do, the new cell is adjudged to be an alias
of the old cell and the old cell is used instead.
Comparing is aided by the server list in struct afs_server_list being
sorted in UUID order and the addresses in the fileserver address lists
being sorted in address order.
The cell then retains the afs_volume object for the root.cell volume, even
if it's not mounted for future alias checking.
This necessary because:
(1) Whilst fileservers have UUIDs that are meant to be globally unique, in
practice they are not because cells get cloned without changing the
UUIDs - so afs_server records need to be per cell.
(2) Sometimes the DNS is used to make cell aliases - but if we don't know
they're the same, we may end up with multiple superblocks and multiple
afs_server records for the same thing, impairing our ability to
deliver callback notifications of third party changes
(3) The fileserver RPC API doesn't contain the cell name, so it can't tell
us which cell it's notifying and can't see that a change made to to
one cell should notify the same client that's also accessed as the
other cell.
Reported-by: Jeffrey Altman <jaltman@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-25 17:26:02 +08:00
|
|
|
if (test_bit(AFS_CELL_FL_CHECK_ALIAS, &ctx->cell->flags)) {
|
|
|
|
ret = afs_cell_detect_alias(ctx->cell, key);
|
|
|
|
if (ret < 0)
|
|
|
|
return ret;
|
|
|
|
if (ret == 1) {
|
|
|
|
_debug("switch to alias");
|
|
|
|
key_put(ctx->key);
|
|
|
|
ctx->key = NULL;
|
2020-10-14 03:51:59 +08:00
|
|
|
cell = afs_use_cell(ctx->cell->alias_of,
|
|
|
|
afs_cell_trace_use_fc_alias);
|
|
|
|
afs_unuse_cell(ctx->net, ctx->cell, afs_cell_trace_unuse_fc);
|
afs: Detect cell aliases 1 - Cells with root volumes
Put in the first phase of cell alias detection. This part handles alias
detection for cells that have root.cell volumes (which is expected to be
likely).
When a cell becomes newly active, it is probed for its root.cell volume,
and if it has one, this volume is compared against other root.cell volumes
to find out if the list of fileserver UUIDs have any in common - and if
that's the case, do the address lists of those fileservers have any
addresses in common. If they do, the new cell is adjudged to be an alias
of the old cell and the old cell is used instead.
Comparing is aided by the server list in struct afs_server_list being
sorted in UUID order and the addresses in the fileserver address lists
being sorted in address order.
The cell then retains the afs_volume object for the root.cell volume, even
if it's not mounted for future alias checking.
This necessary because:
(1) Whilst fileservers have UUIDs that are meant to be globally unique, in
practice they are not because cells get cloned without changing the
UUIDs - so afs_server records need to be per cell.
(2) Sometimes the DNS is used to make cell aliases - but if we don't know
they're the same, we may end up with multiple superblocks and multiple
afs_server records for the same thing, impairing our ability to
deliver callback notifications of third party changes
(3) The fileserver RPC API doesn't contain the cell name, so it can't tell
us which cell it's notifying and can't see that a change made to to
one cell should notify the same client that's also accessed as the
other cell.
Reported-by: Jeffrey Altman <jaltman@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-25 17:26:02 +08:00
|
|
|
ctx->cell = cell;
|
|
|
|
goto reget_key;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
volume = afs_create_volume(ctx);
|
|
|
|
if (IS_ERR(volume))
|
|
|
|
return PTR_ERR(volume);
|
|
|
|
|
|
|
|
ctx->volume = volume;
|
2023-11-03 00:24:00 +08:00
|
|
|
if (volume->type != AFSVL_RWVOL) {
|
2023-11-02 06:03:28 +08:00
|
|
|
ctx->flock_mode = afs_flock_mode_local;
|
2023-11-03 00:24:00 +08:00
|
|
|
fc->sb_flags |= SB_RDONLY;
|
|
|
|
}
|
2018-11-02 07:07:27 +08:00
|
|
|
}
|
2007-04-27 06:57:07 +08:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* check a superblock to see if it's the one we're looking for
|
|
|
|
*/
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_test_super(struct super_block *sb, struct fs_context *fc)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2018-11-02 07:07:27 +08:00
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 23:27:50 +08:00
|
|
|
struct afs_super_info *as = AFS_FS_S(sb);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
return (as->net_ns == fc->net_ns &&
|
2018-02-06 14:26:30 +08:00
|
|
|
as->volume &&
|
2018-11-02 07:07:27 +08:00
|
|
|
as->volume->vid == ctx->volume->vid &&
|
afs: Fix missing cell comparison in afs_test_super()
Fix missing cell comparison in afs_test_super(). Without this, any pair
volumes that have the same volume ID will share a superblock, no matter the
cell, unless they're in different network namespaces.
Normally, most users will only deal with a single cell and so they won't
see this. Even if they do look into a second cell, they won't see a
problem unless they happen to hit a volume with the same ID as one they've
already got mounted.
Before the patch:
# ls /afs/grand.central.org/archive
linuxdev/ mailman/ moin/ mysql/ pipermail/ stage/ twiki/
# ls /afs/kth.se/
linuxdev/ mailman/ moin/ mysql/ pipermail/ stage/ twiki/
# cat /proc/mounts | grep afs
none /afs afs rw,relatime,dyn,autocell 0 0
#grand.central.org:root.cell /afs/grand.central.org afs ro,relatime 0 0
#grand.central.org:root.archive /afs/grand.central.org/archive afs ro,relatime 0 0
#grand.central.org:root.archive /afs/kth.se afs ro,relatime 0 0
After the patch:
# ls /afs/grand.central.org/archive
linuxdev/ mailman/ moin/ mysql/ pipermail/ stage/ twiki/
# ls /afs/kth.se/
admin/ common/ install/ OldFiles/ service/ system/
bakrestores/ home/ misc/ pkg/ src/ wsadmin/
# cat /proc/mounts | grep afs
none /afs afs rw,relatime,dyn,autocell 0 0
#grand.central.org:root.cell /afs/grand.central.org afs ro,relatime 0 0
#grand.central.org:root.archive /afs/grand.central.org/archive afs ro,relatime 0 0
#kth.se:root.cell /afs/kth.se afs ro,relatime 0 0
Fixes: ^1da177e4c3f4 ("Linux-2.6.12-rc2")
Reported-by: Carsten Jacobi <jacobi@de.ibm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Marc Dionne <marc.dionne@auristor.com>
Tested-by: Jonathan Billings <jsbillings@jsbillings.org>
cc: Todd DeSantis <atd@us.ibm.com>
2019-12-11 16:06:08 +08:00
|
|
|
as->cell == ctx->cell &&
|
2018-06-15 22:19:22 +08:00
|
|
|
!as->dyn_root);
|
2018-02-06 14:26:30 +08:00
|
|
|
}
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_dynroot_test_super(struct super_block *sb, struct fs_context *fc)
|
2018-02-06 14:26:30 +08:00
|
|
|
{
|
2018-06-15 22:19:22 +08:00
|
|
|
struct afs_super_info *as = AFS_FS_S(sb);
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
return (as->net_ns == fc->net_ns &&
|
2018-06-15 22:19:22 +08:00
|
|
|
as->dyn_root);
|
2011-06-13 04:01:21 +08:00
|
|
|
}
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_set_super(struct super_block *sb, struct fs_context *fc)
|
2011-06-13 04:01:21 +08:00
|
|
|
{
|
|
|
|
return set_anon_super(sb, NULL);
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* fill in the superblock
|
|
|
|
*/
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_fill_super(struct super_block *sb, struct afs_fs_context *ctx)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 23:27:50 +08:00
|
|
|
struct afs_super_info *as = AFS_FS_S(sb);
|
2005-04-17 06:20:36 +08:00
|
|
|
struct inode *inode = NULL;
|
|
|
|
int ret;
|
|
|
|
|
2007-04-27 06:55:03 +08:00
|
|
|
_enter("");
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* fill in the superblock */
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
sb->s_blocksize = PAGE_SIZE;
|
|
|
|
sb->s_blocksize_bits = PAGE_SHIFT;
|
2019-11-21 23:37:26 +08:00
|
|
|
sb->s_maxbytes = MAX_LFS_FILESIZE;
|
2005-04-17 06:20:36 +08:00
|
|
|
sb->s_magic = AFS_FS_MAGIC;
|
|
|
|
sb->s_op = &afs_super_ops;
|
2018-02-06 14:26:30 +08:00
|
|
|
if (!as->dyn_root)
|
|
|
|
sb->s_xattr = afs_xattr_handlers;
|
2017-04-12 18:24:36 +08:00
|
|
|
ret = super_setup_bdi(sb);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* allocate the root inode and dentry */
|
2018-02-06 14:26:30 +08:00
|
|
|
if (as->dyn_root) {
|
|
|
|
inode = afs_iget_pseudo_dir(sb, true);
|
|
|
|
} else {
|
2018-10-20 07:57:57 +08:00
|
|
|
sprintf(sb->s_id, "%llu", as->volume->vid);
|
2018-02-06 14:26:30 +08:00
|
|
|
afs_activate_volume(as->volume);
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
inode = afs_root_iget(sb, ctx->key);
|
2018-02-06 14:26:30 +08:00
|
|
|
}
|
|
|
|
|
2007-04-27 06:55:03 +08:00
|
|
|
if (IS_ERR(inode))
|
2011-06-13 04:01:21 +08:00
|
|
|
return PTR_ERR(inode);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
if (ctx->autocell || as->dyn_root)
|
2010-08-11 16:38:04 +08:00
|
|
|
set_bit(AFS_VNODE_AUTOCELL, &AFS_FS_I(inode)->flags);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
ret = -ENOMEM;
|
2012-01-09 11:15:13 +08:00
|
|
|
sb->s_root = d_make_root(inode);
|
|
|
|
if (!sb->s_root)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto error;
|
|
|
|
|
2018-06-15 22:19:22 +08:00
|
|
|
if (as->dyn_root) {
|
2018-04-06 21:17:25 +08:00
|
|
|
sb->s_d_op = &afs_dynroot_dentry_operations;
|
2018-06-15 22:19:22 +08:00
|
|
|
ret = afs_dynroot_populate(sb);
|
|
|
|
if (ret < 0)
|
|
|
|
goto error;
|
|
|
|
} else {
|
2018-04-06 21:17:25 +08:00
|
|
|
sb->s_d_op = &afs_fs_dentry_operations;
|
2020-04-30 08:03:49 +08:00
|
|
|
rcu_assign_pointer(as->volume->sb, sb);
|
2018-06-15 22:19:22 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2007-04-27 06:55:03 +08:00
|
|
|
_leave(" = 0");
|
2005-04-17 06:20:36 +08:00
|
|
|
return 0;
|
|
|
|
|
2007-04-27 06:49:28 +08:00
|
|
|
error:
|
2007-04-27 06:55:03 +08:00
|
|
|
_leave(" = %d", ret);
|
2005-04-17 06:20:36 +08:00
|
|
|
return ret;
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
static struct afs_super_info *afs_alloc_sbi(struct fs_context *fc)
|
2017-11-02 23:27:46 +08:00
|
|
|
{
|
2018-11-02 07:07:27 +08:00
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
2017-11-02 23:27:46 +08:00
|
|
|
struct afs_super_info *as;
|
|
|
|
|
|
|
|
as = kzalloc(sizeof(struct afs_super_info), GFP_KERNEL);
|
|
|
|
if (as) {
|
2018-11-02 07:07:27 +08:00
|
|
|
as->net_ns = get_net(fc->net_ns);
|
2019-04-25 21:26:52 +08:00
|
|
|
as->flock_mode = ctx->flock_mode;
|
2018-11-02 07:07:27 +08:00
|
|
|
if (ctx->dyn_root) {
|
2018-02-06 14:26:30 +08:00
|
|
|
as->dyn_root = true;
|
2018-11-02 07:07:27 +08:00
|
|
|
} else {
|
2020-10-14 03:51:59 +08:00
|
|
|
as->cell = afs_use_cell(ctx->cell, afs_cell_trace_use_sbi);
|
2020-04-30 00:02:04 +08:00
|
|
|
as->volume = afs_get_volume(ctx->volume,
|
|
|
|
afs_volume_trace_get_alloc_sbi);
|
2018-11-02 07:07:27 +08:00
|
|
|
}
|
2017-11-02 23:27:46 +08:00
|
|
|
}
|
|
|
|
return as;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void afs_destroy_sbi(struct afs_super_info *as)
|
|
|
|
{
|
|
|
|
if (as) {
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
struct afs_net *net = afs_net(as->net_ns);
|
2023-11-08 21:01:11 +08:00
|
|
|
afs_put_volume(as->volume, afs_volume_trace_put_destroy_sbi);
|
2020-10-14 03:51:59 +08:00
|
|
|
afs_unuse_cell(net, as->cell, afs_cell_trace_unuse_sbi);
|
2018-05-18 18:46:15 +08:00
|
|
|
put_net(as->net_ns);
|
2017-11-02 23:27:46 +08:00
|
|
|
kfree(as);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-06-15 22:19:22 +08:00
|
|
|
static void afs_kill_super(struct super_block *sb)
|
|
|
|
{
|
|
|
|
struct afs_super_info *as = AFS_FS_S(sb);
|
|
|
|
|
|
|
|
if (as->dyn_root)
|
|
|
|
afs_dynroot_depopulate(sb);
|
2018-11-02 07:07:27 +08:00
|
|
|
|
2018-06-15 22:19:22 +08:00
|
|
|
/* Clear the callback interests (which will do ilookup5) before
|
|
|
|
* deactivating the superblock.
|
|
|
|
*/
|
|
|
|
if (as->volume)
|
2020-04-30 08:03:49 +08:00
|
|
|
rcu_assign_pointer(as->volume->sb, NULL);
|
2018-06-15 22:19:22 +08:00
|
|
|
kill_anon_super(sb);
|
|
|
|
if (as->volume)
|
|
|
|
afs_deactivate_volume(as->volume);
|
|
|
|
afs_destroy_sbi(as);
|
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
2018-11-02 07:07:27 +08:00
|
|
|
* Get an AFS superblock and root directory.
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
2018-11-02 07:07:27 +08:00
|
|
|
static int afs_get_tree(struct fs_context *fc)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2018-11-02 07:07:27 +08:00
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
2005-04-17 06:20:36 +08:00
|
|
|
struct super_block *sb;
|
2011-06-13 04:01:21 +08:00
|
|
|
struct afs_super_info *as;
|
2005-04-17 06:20:36 +08:00
|
|
|
int ret;
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
ret = afs_validate_fc(fc);
|
|
|
|
if (ret)
|
2013-01-31 20:23:54 +08:00
|
|
|
goto error;
|
2007-04-27 06:57:07 +08:00
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
_enter("");
|
2007-04-27 06:57:07 +08:00
|
|
|
|
2017-11-02 23:27:46 +08:00
|
|
|
/* allocate a superblock info record */
|
|
|
|
ret = -ENOMEM;
|
2018-11-02 07:07:27 +08:00
|
|
|
as = afs_alloc_sbi(fc);
|
2017-11-02 23:27:46 +08:00
|
|
|
if (!as)
|
2018-11-02 07:07:27 +08:00
|
|
|
goto error;
|
|
|
|
fc->s_fs_info = as;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* allocate a deviceless superblock */
|
2018-11-02 07:07:27 +08:00
|
|
|
sb = sget_fc(fc,
|
|
|
|
as->dyn_root ? afs_dynroot_test_super : afs_test_super,
|
|
|
|
afs_set_super);
|
2007-04-27 06:55:03 +08:00
|
|
|
if (IS_ERR(sb)) {
|
|
|
|
ret = PTR_ERR(sb);
|
2018-11-02 07:07:27 +08:00
|
|
|
goto error;
|
2007-04-27 06:55:03 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2007-04-27 06:56:24 +08:00
|
|
|
if (!sb->s_root) {
|
|
|
|
/* initial superblock/root creation */
|
|
|
|
_debug("create");
|
2018-11-02 07:07:27 +08:00
|
|
|
ret = afs_fill_super(sb, ctx);
|
2017-11-02 23:27:45 +08:00
|
|
|
if (ret < 0)
|
|
|
|
goto error_sb;
|
2017-11-28 05:05:09 +08:00
|
|
|
sb->s_flags |= SB_ACTIVE;
|
2007-04-27 06:56:24 +08:00
|
|
|
} else {
|
|
|
|
_debug("reuse");
|
2017-11-28 05:05:09 +08:00
|
|
|
ASSERTCMP(sb->s_flags, &, SB_ACTIVE);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2018-11-02 07:07:27 +08:00
|
|
|
fc->root = dget(sb->s_root);
|
2019-04-25 21:26:51 +08:00
|
|
|
trace_afs_get_tree(as->cell, as->volume);
|
2007-04-27 06:55:03 +08:00
|
|
|
_leave(" = 0 [%p]", sb);
|
2018-11-02 07:07:27 +08:00
|
|
|
return 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2017-11-02 23:27:45 +08:00
|
|
|
error_sb:
|
|
|
|
deactivate_locked_super(sb);
|
2007-04-27 06:49:28 +08:00
|
|
|
error:
|
2005-04-17 06:20:36 +08:00
|
|
|
_leave(" = %d", ret);
|
2018-11-02 07:07:27 +08:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void afs_free_fc(struct fs_context *fc)
|
|
|
|
{
|
|
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
|
|
|
|
|
|
|
afs_destroy_sbi(fc->s_fs_info);
|
2023-11-08 21:01:11 +08:00
|
|
|
afs_put_volume(ctx->volume, afs_volume_trace_put_free_fc);
|
2020-10-14 03:51:59 +08:00
|
|
|
afs_unuse_cell(ctx->net, ctx->cell, afs_cell_trace_unuse_fc);
|
2018-11-02 07:07:27 +08:00
|
|
|
key_put(ctx->key);
|
|
|
|
kfree(ctx);
|
|
|
|
}
|
|
|
|
|
|
|
|
static const struct fs_context_operations afs_context_ops = {
|
|
|
|
.free = afs_free_fc,
|
|
|
|
.parse_param = afs_parse_param,
|
|
|
|
.get_tree = afs_get_tree,
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Set up the filesystem mount context.
|
|
|
|
*/
|
|
|
|
static int afs_init_fs_context(struct fs_context *fc)
|
|
|
|
{
|
|
|
|
struct afs_fs_context *ctx;
|
|
|
|
struct afs_cell *cell;
|
|
|
|
|
|
|
|
ctx = kzalloc(sizeof(struct afs_fs_context), GFP_KERNEL);
|
|
|
|
if (!ctx)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
ctx->type = AFSVL_ROVOL;
|
|
|
|
ctx->net = afs_net(fc->net_ns);
|
|
|
|
|
|
|
|
/* Default to the workstation cell. */
|
2020-10-14 03:51:59 +08:00
|
|
|
cell = afs_find_cell(ctx->net, NULL, 0, afs_cell_trace_use_fc);
|
2018-11-02 07:07:27 +08:00
|
|
|
if (IS_ERR(cell))
|
|
|
|
cell = NULL;
|
|
|
|
ctx->cell = cell;
|
|
|
|
|
|
|
|
fc->fs_private = ctx;
|
|
|
|
fc->ops = &afs_context_ops;
|
|
|
|
return 0;
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
2017-12-01 19:40:43 +08:00
|
|
|
* Initialise an inode cache slab element prior to any use. Note that
|
|
|
|
* afs_alloc_inode() *must* reset anything that could incorrectly leak from one
|
|
|
|
* inode to another.
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
2008-07-26 10:45:34 +08:00
|
|
|
static void afs_i_init_once(void *_vnode)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2007-04-27 06:49:28 +08:00
|
|
|
struct afs_vnode *vnode = _vnode;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2007-05-17 13:10:57 +08:00
|
|
|
memset(vnode, 0, sizeof(*vnode));
|
netfs: Fix gcc-12 warning by embedding vfs inode in netfs_i_context
While randstruct was satisfied with using an open-coded "void *" offset
cast for the netfs_i_context <-> inode casting, __builtin_object_size() as
used by FORTIFY_SOURCE was not as easily fooled. This was causing the
following complaint[1] from gcc v12:
In file included from include/linux/string.h:253,
from include/linux/ceph/ceph_debug.h:7,
from fs/ceph/inode.c:2:
In function 'fortify_memset_chk',
inlined from 'netfs_i_context_init' at include/linux/netfs.h:326:2,
inlined from 'ceph_alloc_inode' at fs/ceph/inode.c:463:2:
include/linux/fortify-string.h:242:25: warning: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Wattribute-warning]
242 | __write_overflow_field(p_size_field, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fix this by embedding a struct inode into struct netfs_i_context (which
should perhaps be renamed to struct netfs_inode). The struct inode
vfs_inode fields are then removed from the 9p, afs, ceph and cifs inode
structs and vfs_inode is then simply changed to "netfs.inode" in those
filesystems.
Further, rename netfs_i_context to netfs_inode, get rid of the
netfs_inode() function that converted a netfs_i_context pointer to an
inode pointer (that can now be done with &ctx->inode) and rename the
netfs_i_context() function to netfs_inode() (which is now a wrapper
around container_of()).
Most of the changes were done with:
perl -p -i -e 's/vfs_inode/netfs.inode/'g \
`git grep -l 'vfs_inode' -- fs/{9p,afs,ceph,cifs}/*.[ch]`
Kees suggested doing it with a pair structure[2] and a special
declarator to insert that into the network filesystem's inode
wrapper[3], but I think it's cleaner to embed it - and then it doesn't
matter if struct randomisation reorders things.
Dave Chinner suggested using a filesystem-specific VFS_I() function in
each filesystem to convert that filesystem's own inode wrapper struct
into the VFS inode struct[4].
Version #2:
- Fix a couple of missed name changes due to a disabled cifs option.
- Rename nfs_i_context to nfs_inode
- Use "netfs" instead of "nic" as the member name in per-fs inode wrapper
structs.
[ This also undoes commit 507160f46c55 ("netfs: gcc-12: temporarily
disable '-Wattribute-warning' for now") that is no longer needed ]
Fixes: bc899ee1c898 ("netfs: Add a netfs inode context")
Reported-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Xiubo Li <xiubli@redhat.com>
cc: Jonathan Corbet <corbet@lwn.net>
cc: Eric Van Hensbergen <ericvh@gmail.com>
cc: Latchesar Ionkov <lucho@ionkov.net>
cc: Dominique Martinet <asmadeus@codewreck.org>
cc: Christian Schoenebeck <linux_oss@crudebyte.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Ilya Dryomov <idryomov@gmail.com>
cc: Steve French <smfrench@gmail.com>
cc: William Kucharski <william.kucharski@oracle.com>
cc: "Matthew Wilcox (Oracle)" <willy@infradead.org>
cc: Dave Chinner <david@fromorbit.com>
cc: linux-doc@vger.kernel.org
cc: v9fs-developer@lists.sourceforge.net
cc: linux-afs@lists.infradead.org
cc: ceph-devel@vger.kernel.org
cc: linux-cifs@vger.kernel.org
cc: samba-technical@lists.samba.org
cc: linux-fsdevel@vger.kernel.org
cc: linux-hardening@vger.kernel.org
Link: https://lore.kernel.org/r/d2ad3a3d7bdd794c6efb562d2f2b655fb67756b9.camel@kernel.org/ [1]
Link: https://lore.kernel.org/r/20220517210230.864239-1-keescook@chromium.org/ [2]
Link: https://lore.kernel.org/r/20220518202212.2322058-1-keescook@chromium.org/ [3]
Link: https://lore.kernel.org/r/20220524101205.GI2306852@dread.disaster.area/ [4]
Link: https://lore.kernel.org/r/165296786831.3591209.12111293034669289733.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165305805651.4094995.7763502506786714216.stgit@warthog.procyon.org.uk # v2
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2022-06-10 04:46:04 +08:00
|
|
|
inode_init_once(&vnode->netfs.inode);
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 23:27:50 +08:00
|
|
|
mutex_init(&vnode->io_lock);
|
2018-04-28 03:46:22 +08:00
|
|
|
init_rwsem(&vnode->validate_lock);
|
2017-11-02 23:27:52 +08:00
|
|
|
spin_lock_init(&vnode->wb_lock);
|
2007-05-17 13:10:57 +08:00
|
|
|
spin_lock_init(&vnode->lock);
|
2017-11-02 23:27:52 +08:00
|
|
|
INIT_LIST_HEAD(&vnode->wb_keys);
|
2007-07-16 14:40:12 +08:00
|
|
|
INIT_LIST_HEAD(&vnode->pending_locks);
|
|
|
|
INIT_LIST_HEAD(&vnode->granted_locks);
|
|
|
|
INIT_DELAYED_WORK(&vnode->lock_work, afs_lock_work);
|
2021-12-14 17:22:12 +08:00
|
|
|
INIT_LIST_HEAD(&vnode->cb_mmap_link);
|
2017-11-02 23:27:49 +08:00
|
|
|
seqlock_init(&vnode->cb_lock);
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* allocate an AFS inode struct from our slab cache
|
|
|
|
*/
|
|
|
|
static struct inode *afs_alloc_inode(struct super_block *sb)
|
|
|
|
{
|
|
|
|
struct afs_vnode *vnode;
|
|
|
|
|
2022-03-23 05:41:03 +08:00
|
|
|
vnode = alloc_inode_sb(sb, afs_inode_cachep, GFP_KERNEL);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!vnode)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
atomic_inc(&afs_count_active_inodes);
|
|
|
|
|
2017-12-01 19:40:43 +08:00
|
|
|
/* Reset anything that shouldn't leak from one inode to the next. */
|
2005-04-17 06:20:36 +08:00
|
|
|
memset(&vnode->fid, 0, sizeof(vnode->fid));
|
|
|
|
memset(&vnode->status, 0, sizeof(vnode->status));
|
2021-06-30 05:37:05 +08:00
|
|
|
afs_vnode_set_cache(vnode, NULL);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
vnode->volume = NULL;
|
2017-12-01 19:40:43 +08:00
|
|
|
vnode->lock_key = NULL;
|
|
|
|
vnode->permit_cache = NULL;
|
|
|
|
|
2007-04-27 06:59:35 +08:00
|
|
|
vnode->flags = 1 << AFS_VNODE_UNSET;
|
2017-12-01 19:40:43 +08:00
|
|
|
vnode->lock_state = AFS_VNODE_LOCK_NONE;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2019-04-25 21:26:51 +08:00
|
|
|
init_rwsem(&vnode->rmdir_lock);
|
afs: Fix mmap coherency vs 3rd-party changes
Fix the coherency management of mmap'd data such that 3rd-party changes
become visible as soon as possible after the callback notification is
delivered by the fileserver. This is done by the following means:
(1) When we break a callback on a vnode specified by the CB.CallBack call
from the server, we queue a work item (vnode->cb_work) to go and
clobber all the PTEs mapping to that inode.
This causes the CPU to trip through the ->map_pages() and
->page_mkwrite() handlers if userspace attempts to access the page(s)
again.
(Ideally, this would be done in the service handler for CB.CallBack,
but the server is waiting for our reply before considering, and we
have a list of vnodes, all of which need breaking - and the process of
getting the mmap_lock and stripping the PTEs on all CPUs could be
quite slow.)
(2) Call afs_validate() from the ->map_pages() handler to check to see if
the file has changed and to get a new callback promise from the
server.
Also handle the fileserver telling us that it's dropping all callbacks,
possibly after it's been restarted by sending us a CB.InitCallBackState*
call by the following means:
(3) Maintain a per-cell list of afs files that are currently mmap'd
(cell->fs_open_mmaps).
(4) Add a work item to each server that is invoked if there are any open
mmaps when CB.InitCallBackState happens. This work item goes through
the aforementioned list and invokes the vnode->cb_work work item for
each one that is currently using this server.
This causes the PTEs to be cleared, causing ->map_pages() or
->page_mkwrite() to be called again, thereby calling afs_validate()
again.
I've chosen to simply strip the PTEs at the point of notification reception
rather than invalidate all the pages as well because (a) it's faster, (b)
we may get a notification for other reasons than the data being altered (in
which case we don't want to clobber the pagecache) and (c) we need to ask
the server to find out - and I don't want to wait for the reply before
holding up userspace.
This was tested using the attached test program:
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/mman.h>
int main(int argc, char *argv[])
{
size_t size = getpagesize();
unsigned char *p;
bool mod = (argc == 3);
int fd;
if (argc != 2 && argc != 3) {
fprintf(stderr, "Format: %s <file> [mod]\n", argv[0]);
exit(2);
}
fd = open(argv[1], mod ? O_RDWR : O_RDONLY);
if (fd < 0) {
perror(argv[1]);
exit(1);
}
p = mmap(NULL, size, mod ? PROT_READ|PROT_WRITE : PROT_READ,
MAP_SHARED, fd, 0);
if (p == MAP_FAILED) {
perror("mmap");
exit(1);
}
for (;;) {
if (mod) {
p[0]++;
msync(p, size, MS_ASYNC);
fsync(fd);
}
printf("%02x", p[0]);
fflush(stdout);
sleep(1);
}
}
It runs in two modes: in one mode, it mmaps a file, then sits in a loop
reading the first byte, printing it and sleeping for a second; in the
second mode it mmaps a file, then sits in a loop incrementing the first
byte and flushing, then printing and sleeping.
Two instances of this program can be run on different machines, one doing
the reading and one doing the writing. The reader should see the changes
made by the writer, but without this patch, they aren't because validity
checking is being done lazily - only on entry to the filesystem.
Testing the InitCallBackState change is more complicated. The server has
to be taken offline, the saved callback state file removed and then the
server restarted whilst the reading-mode program continues to run. The
client machine then has to poke the server to trigger the InitCallBackState
call.
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Markus Suvanto <markus.suvanto@gmail.com>
cc: linux-afs@lists.infradead.org
Link: https://lore.kernel.org/r/163111668833.283156.382633263709075739.stgit@warthog.procyon.org.uk/
2021-09-02 23:43:10 +08:00
|
|
|
INIT_WORK(&vnode->cb_work, afs_invalidate_mmap_work);
|
2019-04-25 21:26:51 +08:00
|
|
|
|
netfs: Fix gcc-12 warning by embedding vfs inode in netfs_i_context
While randstruct was satisfied with using an open-coded "void *" offset
cast for the netfs_i_context <-> inode casting, __builtin_object_size() as
used by FORTIFY_SOURCE was not as easily fooled. This was causing the
following complaint[1] from gcc v12:
In file included from include/linux/string.h:253,
from include/linux/ceph/ceph_debug.h:7,
from fs/ceph/inode.c:2:
In function 'fortify_memset_chk',
inlined from 'netfs_i_context_init' at include/linux/netfs.h:326:2,
inlined from 'ceph_alloc_inode' at fs/ceph/inode.c:463:2:
include/linux/fortify-string.h:242:25: warning: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Wattribute-warning]
242 | __write_overflow_field(p_size_field, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fix this by embedding a struct inode into struct netfs_i_context (which
should perhaps be renamed to struct netfs_inode). The struct inode
vfs_inode fields are then removed from the 9p, afs, ceph and cifs inode
structs and vfs_inode is then simply changed to "netfs.inode" in those
filesystems.
Further, rename netfs_i_context to netfs_inode, get rid of the
netfs_inode() function that converted a netfs_i_context pointer to an
inode pointer (that can now be done with &ctx->inode) and rename the
netfs_i_context() function to netfs_inode() (which is now a wrapper
around container_of()).
Most of the changes were done with:
perl -p -i -e 's/vfs_inode/netfs.inode/'g \
`git grep -l 'vfs_inode' -- fs/{9p,afs,ceph,cifs}/*.[ch]`
Kees suggested doing it with a pair structure[2] and a special
declarator to insert that into the network filesystem's inode
wrapper[3], but I think it's cleaner to embed it - and then it doesn't
matter if struct randomisation reorders things.
Dave Chinner suggested using a filesystem-specific VFS_I() function in
each filesystem to convert that filesystem's own inode wrapper struct
into the VFS inode struct[4].
Version #2:
- Fix a couple of missed name changes due to a disabled cifs option.
- Rename nfs_i_context to nfs_inode
- Use "netfs" instead of "nic" as the member name in per-fs inode wrapper
structs.
[ This also undoes commit 507160f46c55 ("netfs: gcc-12: temporarily
disable '-Wattribute-warning' for now") that is no longer needed ]
Fixes: bc899ee1c898 ("netfs: Add a netfs inode context")
Reported-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Xiubo Li <xiubli@redhat.com>
cc: Jonathan Corbet <corbet@lwn.net>
cc: Eric Van Hensbergen <ericvh@gmail.com>
cc: Latchesar Ionkov <lucho@ionkov.net>
cc: Dominique Martinet <asmadeus@codewreck.org>
cc: Christian Schoenebeck <linux_oss@crudebyte.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Ilya Dryomov <idryomov@gmail.com>
cc: Steve French <smfrench@gmail.com>
cc: William Kucharski <william.kucharski@oracle.com>
cc: "Matthew Wilcox (Oracle)" <willy@infradead.org>
cc: Dave Chinner <david@fromorbit.com>
cc: linux-doc@vger.kernel.org
cc: v9fs-developer@lists.sourceforge.net
cc: linux-afs@lists.infradead.org
cc: ceph-devel@vger.kernel.org
cc: linux-cifs@vger.kernel.org
cc: samba-technical@lists.samba.org
cc: linux-fsdevel@vger.kernel.org
cc: linux-hardening@vger.kernel.org
Link: https://lore.kernel.org/r/d2ad3a3d7bdd794c6efb562d2f2b655fb67756b9.camel@kernel.org/ [1]
Link: https://lore.kernel.org/r/20220517210230.864239-1-keescook@chromium.org/ [2]
Link: https://lore.kernel.org/r/20220518202212.2322058-1-keescook@chromium.org/ [3]
Link: https://lore.kernel.org/r/20220524101205.GI2306852@dread.disaster.area/ [4]
Link: https://lore.kernel.org/r/165296786831.3591209.12111293034669289733.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165305805651.4094995.7763502506786714216.stgit@warthog.procyon.org.uk # v2
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2022-06-10 04:46:04 +08:00
|
|
|
_leave(" = %p", &vnode->netfs.inode);
|
|
|
|
return &vnode->netfs.inode;
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2019-04-11 03:05:06 +08:00
|
|
|
static void afs_free_inode(struct inode *inode)
|
2011-01-07 14:49:49 +08:00
|
|
|
{
|
2019-04-11 03:05:06 +08:00
|
|
|
kmem_cache_free(afs_inode_cachep, AFS_FS_I(inode));
|
2011-01-07 14:49:49 +08:00
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* destroy an AFS inode struct
|
|
|
|
*/
|
|
|
|
static void afs_destroy_inode(struct inode *inode)
|
|
|
|
{
|
2007-04-27 06:55:03 +08:00
|
|
|
struct afs_vnode *vnode = AFS_FS_I(inode);
|
|
|
|
|
2018-10-20 07:57:57 +08:00
|
|
|
_enter("%p{%llx:%llu}", inode, vnode->fid.vid, vnode->fid.vnode);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2007-04-27 06:55:03 +08:00
|
|
|
_debug("DESTROY INODE %p", inode);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
atomic_dec(&afs_count_active_inodes);
|
2007-04-27 06:49:28 +08:00
|
|
|
}
|
2007-05-11 13:22:20 +08:00
|
|
|
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
static void afs_get_volume_status_success(struct afs_operation *op)
|
|
|
|
{
|
|
|
|
struct afs_volume_status *vs = &op->volstatus.vs;
|
|
|
|
struct kstatfs *buf = op->volstatus.buf;
|
|
|
|
|
|
|
|
if (vs->max_quota == 0)
|
|
|
|
buf->f_blocks = vs->part_max_blocks;
|
|
|
|
else
|
|
|
|
buf->f_blocks = vs->max_quota;
|
2020-05-02 05:06:02 +08:00
|
|
|
|
|
|
|
if (buf->f_blocks > vs->blocks_in_use)
|
|
|
|
buf->f_bavail = buf->f_bfree =
|
|
|
|
buf->f_blocks - vs->blocks_in_use;
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static const struct afs_operation_ops afs_get_volume_status_operation = {
|
|
|
|
.issue_afs_rpc = afs_fs_get_volume_status,
|
|
|
|
.issue_yfs_rpc = yfs_fs_get_volume_status,
|
|
|
|
.success = afs_get_volume_status_success,
|
|
|
|
};
|
|
|
|
|
2007-05-11 13:22:20 +08:00
|
|
|
/*
|
|
|
|
* return information about an AFS volume
|
|
|
|
*/
|
|
|
|
static int afs_statfs(struct dentry *dentry, struct kstatfs *buf)
|
|
|
|
{
|
2018-02-06 14:26:30 +08:00
|
|
|
struct afs_super_info *as = AFS_FS_S(dentry->d_sb);
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
struct afs_operation *op;
|
2015-03-18 06:25:59 +08:00
|
|
|
struct afs_vnode *vnode = AFS_FS_I(d_inode(dentry));
|
2007-05-11 13:22:20 +08:00
|
|
|
|
2018-02-06 14:26:30 +08:00
|
|
|
buf->f_type = dentry->d_sb->s_magic;
|
|
|
|
buf->f_bsize = AFS_BLOCK_SIZE;
|
|
|
|
buf->f_namelen = AFSNAMEMAX - 1;
|
|
|
|
|
|
|
|
if (as->dyn_root) {
|
|
|
|
buf->f_blocks = 1;
|
|
|
|
buf->f_bavail = 0;
|
|
|
|
buf->f_bfree = 0;
|
|
|
|
return 0;
|
|
|
|
}
|
2018-04-06 21:17:25 +08:00
|
|
|
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
op = afs_alloc_operation(NULL, as->volume);
|
|
|
|
if (IS_ERR(op))
|
|
|
|
return PTR_ERR(op);
|
2007-05-11 13:22:20 +08:00
|
|
|
|
afs: Build an abstraction around an "operation" concept
Turn the afs_operation struct into the main way that most fileserver
operations are managed. Various things are added to the struct, including
the following:
(1) All the parameters and results of the relevant operations are moved
into it, removing corresponding fields from the afs_call struct.
afs_call gets a pointer to the op.
(2) The target volume is made the main focus of the operation, rather than
the target vnode(s), and a bunch of op->vnode->volume are made
op->volume instead.
(3) Two vnode records are defined (op->file[]) for the vnode(s) involved
in most operations. The vnode record (struct afs_vnode_param)
contains:
- The vnode pointer.
- The fid of the vnode to be included in the parameters or that was
returned in the reply (eg. FS.MakeDir).
- The status and callback information that may be returned in the
reply about the vnode.
- Callback break and data version tracking for detecting
simultaneous third-parth changes.
(4) Pointers to dentries to be updated with new inodes.
(5) An operations table pointer. The table includes pointers to functions
for issuing AFS and YFS-variant RPCs, handling the success and abort
of an operation and handling post-I/O-lock local editing of a
directory.
To make this work, the following function restructuring is made:
(A) The rotation loop that issues calls to fileservers that can be found
in each function that wants to issue an RPC (such as afs_mkdir()) is
extracted out into common code, in a new file called fs_operation.c.
(B) The rotation loops, such as the one in afs_mkdir(), are replaced with
a much smaller piece of code that allocates an operation, sets the
parameters and then calls out to the common code to do the actual
work.
(C) The code for handling the success and failure of an operation are
moved into operation functions (as (5) above) and these are called
from the core code at appropriate times.
(D) The pseudo inode getting stuff used by the dynamic root code is moved
over into dynroot.c.
(E) struct afs_iget_data is absorbed into the operation struct and
afs_iget() expects to be given an op pointer and a vnode record.
(F) Point (E) doesn't work for the root dir of a volume, but we know the
FID in advance (it's always vnode 1, unique 1), so a separate inode
getter, afs_root_iget(), is provided to special-case that.
(G) The inode status init/update functions now also take an op and a vnode
record.
(H) The RPC marshalling functions now, for the most part, just take an
afs_operation struct as their only argument. All the data they need
is held there. The result delivery functions write their answers
there as well.
(I) The call is attached to the operation and then the operation core does
the waiting.
And then the new operation code is, for the moment, made to just initialise
the operation, get the appropriate vnode I/O locks and do the same rotation
loop as before.
This lays the foundation for the following changes in the future:
(*) Overhauling the rotation (again).
(*) Support for asynchronous I/O, where the fileserver rotation must be
done asynchronously also.
Signed-off-by: David Howells <dhowells@redhat.com>
2020-04-11 03:51:51 +08:00
|
|
|
afs_op_set_vnode(op, 0, vnode);
|
|
|
|
op->nr_files = 1;
|
|
|
|
op->volstatus.buf = buf;
|
|
|
|
op->ops = &afs_get_volume_status_operation;
|
|
|
|
return afs_do_sync_operation(op);
|
2007-05-11 13:22:20 +08:00
|
|
|
}
|