mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-29 23:24:11 +08:00
626590ea4c
NFS is primarily name-spaced using network namespaces. However it contacts rpcbind (and gss_proxy) using AF_UNIX sockets which are name-spaced using the mount namespaces. This requires a container using NFSv3 (the form that requires rpcbind) to manage both network and mount namespaces, which can seem an unnecessary burden. As NFS is primarily a network service it makes sense to use network namespaces as much as possible, and to prefer to communicate with an rpcbind running in the same network namespace. This can be done, while preserving the benefits of AF_UNIX sockets, by using an abstract socket address. An abstract address has a nul at the start of sun_path, and a length that is exactly the complete size of the sockaddr_un up to the end of the name, NOT including any trailing nul (which is not part of the address). Abstract addresses are local to a network namespace - regular AF_UNIX path names a resolved in the mount namespace ignoring the network namespace. This patch causes rpcb to first try an abstract address before continuing with regular AF_UNIX and then IP addresses. This ensures backwards compatibility. Choosing the name needs some care as the same address will be configured for rpcbind, and needs to be built in to libtirpc for this enhancement to be fully successful. There is no formal standard for choosing abstract addresses. The defacto standard appears to be to use a path name similar to what would be used for a filesystem AF_UNIX address - but with a leading nul. In that case "\0/var/run/rpcbind.sock" seems like the best choice. However at this time /var/run is deprecated in favour of /run, so "\0/run/rpcbind.sock" might be better. Though as we are deliberately moving away from using the filesystem it might seem more sensible to explicitly break the connection and just have "\0rpcbind.socket" using the same name as the systemd unit file.. This patch chooses the second option, which seems least likely to raise objections. Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> |
||
|---|---|---|
| .. | ||
| auth_gss | ||
| xprtrdma | ||
| .kunitconfig | ||
| addr.c | ||
| auth_null.c | ||
| auth_unix.c | ||
| auth.c | ||
| backchannel_rqst.c | ||
| cache.c | ||
| clnt.c | ||
| debugfs.c | ||
| fail.h | ||
| Kconfig | ||
| Makefile | ||
| netns.h | ||
| rpc_pipe.c | ||
| rpcb_clnt.c | ||
| sched.c | ||
| socklib.c | ||
| socklib.h | ||
| stats.c | ||
| sunrpc_syms.c | ||
| sunrpc.h | ||
| svc_xprt.c | ||
| svc.c | ||
| svcauth_unix.c | ||
| svcauth.c | ||
| svcsock.c | ||
| sysctl.c | ||
| sysfs.c | ||
| sysfs.h | ||
| timer.c | ||
| xdr.c | ||
| xprt.c | ||
| xprtmultipath.c | ||
| xprtsock.c | ||