lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140130143054.GY15937@n2100.arm.linux.org.uk>
Date:	Thu, 30 Jan 2014 14:30:54 +0000
From:	Russell King - ARM Linux <linux@....linux.org.uk>
To:	Trond Myklebust <trond.myklebust@...marydata.com>
Cc:	linuxnfs <linux-nfs@...r.kernel.org>,
	Christoph Hellwig <hch@....de>,
	Viro Alexander <viro@...iv.linux.org.uk>,
	linux-arm-kernel@...ts.infradead.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: NFS client broken in Linus' tip

On Thu, Jan 30, 2014 at 09:17:00AM -0500, Trond Myklebust wrote:
> 
> On Jan 30, 2014, at 9:08, Russell King - ARM Linux <linux@....linux.org.uk> wrote:
> 
> > I just booted Linus' tip (plus a few other patches to imx-drm and imx
> > code), and stumbled into this interesting scenario:
> > 
> > # touch test
> > touch: cannot touch `test': Operation not supported
> > 
> > I also tried mkdir and mknod, all result in the same error.  Hard and
> > symlinks links are creatable.
> > 
> > However, I can chmod existing files and rename them.  Files can also be
> > deleted, and the combination of this has left me without a /etc/mtab !
> > 
> > The machine is a iMX6 based ARM, running root-nfs, which was mounted via
> > ubuntu's initramfs (so not using the kernel's built-in root-nfs.)
> > 
> > /proc/mounts for the root mount gives:
> > 192.168.1.123:/var/boot/ci / nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nolock,proto=tcp,port=2049,timeo=7,retrans=10,sec=sys,local_lock=all,addr=192.168.1.123 0 0
> > 
> > CONFIG_NFS_FS=y
> > CONFIG_NFS_V2=y
> > CONFIG_NFS_V3=y
> > CONFIG_NFS_V3_ACL=y
> > CONFIG_NFS_V4=y
> > # CONFIG_NFS_SWAP is not set
> > # CONFIG_NFS_V4_1 is not set
> > CONFIG_ROOT_NFS=y
> > # CONFIG_NFS_USE_LEGACY_DNS is not set
> > CONFIG_NFS_USE_KERNEL_DNS=y
> > # CONFIG_NFSD is not set
> > CONFIG_LOCKD=y
> > CONFIG_LOCKD_V4=y
> > CONFIG_NFS_ACL_SUPPORT=y
> > CONFIG_NFS_COMMON=y
> > CONFIG_SUNRPC=y
> > CONFIG_SUNRPC_GSS=y
> > 
> > tcpdumping, I see:
> > 
> > 13:59:51.713523 IP 192.168.1.252.1341245608 > 192.168.1.123.2049: 132 lookup fh Unknown/010007011040840000000000CC238FC8FBA0475D9D9F8356B4C44166CDC38700 "test"
> > 13:59:51.714345 IP 192.168.1.123.2049 > 192.168.1.252.1341245608: reply ok 120 lookup ERROR: No such file or directory
> > 13:59:51.751303 IP 192.168.1.252.797 > 192.168.1.123.nfs: . ack 3381 win 2625 <nop,nop,timestamp 474136 3431312924>
> > 
> > which is the only NFS packet(s) I see which mention "test".
> > 
> > and stracing touch:
> > 
> > open("test", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE, 0666) = -1 EOPNOTSUPP (Operation not supported)
> > utimensat(AT_FDCWD, "test", NULL, 0)    = -1 ENOENT (No such file or directory)
> > write(2, "touch: ", 7touch: )                  = 7
> > write(2, "cannot touch `test'", 19cannot touch `test')     = 19
> > write(2, ": Operation not supported", 25: Operation not supported) = 25
> > write(2, "\n", 1
> > )                       = 1
> > 
> > I think it's down to this:
> > 
> > commit 013cdf1088d7235da9477a2375654921d9b9ba9f
> > Author: Christoph Hellwig <hch@...radead.org>
> > Date:   Fri Dec 20 05:16:53 2013 -0800
> > 
> >    nfs: use generic posix ACL infrastructure for v3 Posix ACLs
> > 
> >    This causes a small behaviour change in that we don't bother to set
> >    ACLs on file creation if the mode bit can express the access permissions
> >    fully, and thus behaving identical to local filesystems.
> > 
> >    Signed-off-by: Christoph Hellwig <hch@....de>
> >    Signed-off-by: Al Viro <viro@...iv.linux.org.uk>
> > 
> > which adds:
> > 
> > +       status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
> > +       if (status)
> > +               goto out;
> 
> Right, this should clearly not cause nfs4_proc_create to fail if it
> returns EOPNOTSUPP.

NFS3 :)

> > into nfs3_proc_create(), but this ends up calling down into nfs3_get_acl(),
> > which does this:
> > 
> >        if (!nfs_server_capable(inode, NFS_CAP_ACLS))
> >                return ERR_PTR(-EOPNOTSUPP);
> 
> Just for completeness sake: is the server you were running against supposed to support POSIX acls?

The server is an old 3.1.8 kernel with this NFS config:

CONFIG_NFS_FS=m
CONFIG_NFS_V3=y
# CONFIG_NFS_V3_ACL is not set
# CONFIG_NFS_V4 is not set
# CONFIG_NFS_FSCACHE is not set
CONFIG_NFSD=m
CONFIG_NFSD_V3=y
# CONFIG_NFSD_V3_ACL is not set
# CONFIG_NFSD_V4 is not set
CONFIG_LOCKD=m
CONFIG_LOCKD_V4=y
CONFIG_NFS_COMMON=y

which has worked fine with NFS clients for the last 1800 odd days... until
now.

-- 
FTTC broadband for 0.8mile line: 5.8Mbps down 500kbps up.  Estimation
in database were 13.1 to 19Mbit for a good line, about 7.5+ for a bad.
Estimate before purchase was "up to 13.2Mbit".
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ