| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Jul 2013 17:59:33 +0000
From: "Myklebust, Trond" <Trond.Myklebust@...app.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
CC: Linux NFS mailing list <linux-nfs@...r.kernel.org>,
Linux linux-kernel <linux-kernel@...r.kernel.org>,
James Morris <james.l.morris@...cle.com>
Subject: [GIT PULL] Please pull NFS client updates
Hi Linus,
The following changes since commit f722406faae2d073cc1d01063d1123c35425939e:
Linux 3.10-rc1 (2013-05-11 17:14:08 -0700)
are available in the git repository at:
git://git.linux-nfs.org/projects/trondmy/linux-nfs.git tags/nfs-for-3.11-1
for you to fetch changes up to 959d921f5eb8878ea16049a7f6e9bcbb6dfbcb88:
Merge branch 'labeled-nfs' into linux-next (2013-06-28 16:29:51 -0400)
----------------------------------------------------------------
NFS client updates for Linux 3.11
Feature highlights include:
- Add basic client support for NFSv4.2
- Add basic client support for Labeled NFS (selinux for NFSv4.2)
- Fix the use of credentials in NFSv4.1 stateful operations, and
add support for NFSv4.1 state protection.
Bugfix highlights:
- Fix another NFSv4 open state recovery race
- Fix an NFSv4.1 back channel session regression
- Various rpc_pipefs races
- Fix another issue with NFSv3 auth negotiation
Please note that Labeled NFS does require some additional support from
the security subsystem. The relevant changesets have all been reviewed
and acked by James Morris.
----------------------------------------------------------------
Andy Adamson (6):
NFSv4.1 Fix a pNFS session draining deadlock
NFSv4.1 end back channel session draining
NFSv4.1 Fix gdia_maxcount calculation to fit in ca_maxresponsesize
NFSv4.1 use pnfs_device maxcount for the blocklayout gdia_maxcount
NFSv4.1 use pnfs_device maxcount for the objectlayout gdia_maxcount
NFSv4.1 Refactor nfs4_init_session and nfs4_init_channel_attrs
Bryan Schumaker (4):
NFS: Make callbacks minor version generic
NFS: Add in v4.2 callback operation
NFS: Apply v4.1 capabilities to v4.2
NFS: Improve legacy idmapping fallback
Chuck Lever (3):
NFS: Fix SETCLIENTID fallback if GSS is not available
NFS: Fix security flavor negotiation with legacy binary mounts
NFS: Set NFS_CS_MIGRATION for NFSv4 mounts
David Quigley (10):
Security: Add hook to calculate context based on a negative dentry.
Security: Add Hook to test if the particular xattr is part of a MAC model.
LSM: Add flags field to security_sb_set_mnt_opts for in kernel mount data.
SELinux: Add new labeling type native labels
NFSv4: Add label recommended attribute and NFSv4 flags
NFSv4: Extend fattr bitmaps to support all 3 words
NFS:Add labels to client function prototypes
NFS: Add label lifecycle management
NFS: Client implementation of Labeled-NFS
NFS: Extend NFS xattr handlers to accept the security namespace
Djalal Harouni (1):
NFSv4: SETCLIENTID add the format string for the NETID
Jeff Layton (5):
rpc_pipefs: only set rpc_dentry_ops if d_op isn't already set
nfs: refactor "need_mount" code out of nfs_try_mount
nfs: move server_authlist into nfs_try_mount_request
nfs: have nfs_mount fake up a auth_flavs list when the server didn't provide it
nfs: have NFSv3 try server-specified auth flavors in turn
Stanislav Kinsbursky (4):
SUNRPC: fix races on PipeFS MOUNT notifications
SUNRPC: fix races on PipeFS UMOUNT notifications
SUNRPC: split client creation routine into setup and registration
SUNRPC: PipeFS MOUNT notification optimization for dying clients
Steve Dickson (4):
NFS: Add NFSv4.2 protocol constants
NFSv4.2: Added NFS v4.2 support to the NFS client
NFSv4: Introduce new label structure
Kconfig: Add Kconfig entry for Labeled NFS V4 client
Trond Myklebust (26):
SUNRPC: Fix a bug in gss_create_upcall
SUNRPC: Faster detection if gssd is actually running
SUNRPC: Convert auth_gss pipe detection to work in namespaces
SUNRPC: Prevent an rpc_task wakeup race
NFSv4: Fix a thinko in nfs4_try_open_cached
NFSv4.1: Ensure that layoutget is called using the layout credential
NFSv4.1: Ensure that layoutreturn uses the correct credential
NFSv4.1: Ensure that reclaim_complete uses the right credential
NFSv4.1: Ensure that test_stateid and free_stateid use correct credentials
NFSv4.1: Use layout credentials for get_deviceinfo calls
NFSv4.1: Enable state protection
NFSv4.1: Simplify setting the layout header credential
SUNRPC: Fix a potential race in rpc_execute
SUNRPC: Remove unused function rpc_queue_empty
SUNRPC: Remove the unused helpers task_for_each() and task_for_first()
SUNRPC: Remove unused functions rpc_task_set/has_priority
SUNRPC: Remove redundant call to rpc_set_running() in __rpc_execute()
NFSv4: Remove redundant check for FMODE_EXEC in nfs_finish_open
NFSv4: Cleanup: pass the nfs_open_context to nfs4_do_open
NFSv4: Refactor _nfs4_open_and_get_state to set ctx->state
NFSv4: Move dentry instantiation into the NFSv4-specific atomic open code
NFSv4: Close another NFSv4 recovery race
NFSv4: Move the DNS resolver into the NFSv4 module
NFSv4.1: layout segment comparison helpers should take 'const' parameters
NFSv4.1: Clean up layout segment comparison helper names
Merge branch 'labeled-nfs' into linux-next
fs/nfs/Kconfig | 14 +
fs/nfs/Makefile | 6 +-
fs/nfs/blocklayout/blocklayout.c | 3 +-
fs/nfs/callback.c | 1 +
fs/nfs/callback.h | 3 +
fs/nfs/callback_proc.c | 5 +-
fs/nfs/callback_xdr.c | 54 ++-
fs/nfs/client.c | 4 +-
fs/nfs/dir.c | 75 ++--
fs/nfs/dns_resolve.c | 32 +-
fs/nfs/getroot.c | 2 +-
fs/nfs/idmap.c | 56 ++-
fs/nfs/inode.c | 136 +++++--
fs/nfs/internal.h | 3 +-
fs/nfs/mount_clnt.c | 14 +-
fs/nfs/namespace.c | 2 +-
fs/nfs/nfs3proc.c | 7 +-
fs/nfs/nfs4_fs.h | 8 +-
fs/nfs/nfs4client.c | 17 +-
fs/nfs/nfs4file.c | 1 -
fs/nfs/nfs4filelayout.c | 3 +-
fs/nfs/nfs4filelayout.h | 3 +-
fs/nfs/nfs4filelayoutdev.c | 8 +-
fs/nfs/nfs4proc.c | 691 ++++++++++++++++++++++++++++++------
fs/nfs/nfs4session.c | 44 +--
fs/nfs/nfs4session.h | 20 +-
fs/nfs/nfs4state.c | 51 +--
fs/nfs/nfs4super.c | 14 +-
fs/nfs/nfs4xdr.c | 182 ++++++++--
fs/nfs/objlayout/objlayout.c | 4 +-
fs/nfs/pnfs.c | 42 +--
fs/nfs/pnfs.h | 6 +-
fs/nfs/proc.c | 13 +-
fs/nfs/super.c | 201 ++++++-----
fs/nfsd/nfsd.h | 6 +
include/linux/nfs4.h | 22 ++
include/linux/nfs_fs.h | 27 +-
include/linux/nfs_fs_sb.h | 8 +-
include/linux/nfs_xdr.h | 20 +-
include/linux/security.h | 57 ++-
include/linux/sunrpc/sched.h | 20 --
net/sunrpc/auth_gss/auth_gss.c | 62 ++--
net/sunrpc/clnt.c | 71 ++--
net/sunrpc/netns.h | 4 +
net/sunrpc/rpc_pipe.c | 13 +-
net/sunrpc/sched.c | 27 +-
security/capability.c | 19 +-
security/security.c | 24 +-
security/selinux/hooks.c | 92 ++++-
security/selinux/include/security.h | 2 +
security/selinux/ss/policydb.c | 5 +-
security/smack/smack_lsm.c | 11 +
52 files changed, 1631 insertions(+), 584 deletions(-)
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@...app.com
www.netapp.com
Powered by blists - more mailing lists