lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <F7285657-5A35-42E0-87B4-1EAEE8DDF618@oracle.com>
Date:   Thu, 31 Aug 2023 14:39:35 +0000
From:   Chuck Lever III <chuck.lever@...cle.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
CC:     Linux NFS Mailing List <linux-nfs@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Jeff Layton <jlayton@...nel.org>
Subject: [GIT PULL] nfsd changes for v6.6

Hello Linus-

Aside from observing the significant substance of this PR, one
housekeeping item of note is the first commit in the series,
which is a second fix for c96e2a695e00 ("sunrpc: set the
bv_offset of first bvec in svc_tcp_sendmsg").

The bug was reported during -rc7 and the test results became
available only after the v6.6 merge window opened. Thus I have
rebased the nfsd v6.6 PR on that fix so it can be backported
swiftly and easily to v6.5.y. The reporter has confirmed that
both this small fix and the more significant related changes
in v6.6 do not trigger his qcow2 direct I/O reproducer.

Many and great thanks to all contributors and testers for this
release of nfsd.


-- Pull Request follows --

The following changes since commit 2dde18cd1d8fac735875f2e4987f11817cc0bc2c:

  Linux 6.5 (2023-08-27 14:49:51 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git tags/nfsd-6.6

for you to fetch changes up to b38a6023da6a12b561f0421c6a5a1f7624a1529c:

  Documentation: Add missing documentation for EXPORT_OP flags (2023-08-29 17:45:22 -0400)

----------------------------------------------------------------
NFSD 6.6 Release Notes

I'm thrilled to announce that the Linux in-kernel NFS server now
offers NFSv4 write delegations. A write delegation enables a client
to cache data and metadata for a single file more aggressively,
reducing network round trips and server workload. Many thanks to Dai
Ngo for contributing this facility, and to Jeff Layton and Neil
Brown for reviewing and testing it.

This release also sees the removal of all support for DES- and
triple-DES-based Kerberos encryption types in the kernel's SunRPC
implementation. These encryption types have been deprecated by the
Internet community for years and are considered insecure. This
change affects both the in-kernel NFS client and server.

The server's UDP and TCP socket transports have now fully adopted
David Howells' new bio_vec iterator so that no more than one
sendmsg() call is needed to transmit each RPC message. In
particular, this helps kTLS optimize record boundaries when sending
RPC-with-TLS replies, and it takes the server a baby step closer to
handling file I/O via folios.

We've begun work on overhauling the SunRPC thread scheduler to
remove a costly linked-list walk when looking for an idle RPC
service thread to wake. The pre-requisites are included in this
release. Thanks to Neil Brown for his ongoing work on this
improvement.

----------------------------------------------------------------
Alexander Aring (1):
      lockd: nlm_blocked list race fixes

Chuck Lever (30):
      SUNRPC: Fix the recent bv_offset fix
      NFSD: Report zero space limit for write delegations
      SUNRPC: Remove RPCSEC_GSS_KRB5_ENCTYPES_DES
      SUNRPC: Remove Kunit tests for the DES3 encryption type
      SUNRPC: Remove DES and DES3 enctypes from the supported enctypes list
      SUNRPC: Remove code behind CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED
      SUNRPC: Remove krb5_derive_key_v1()
      SUNRPC: Remove gss_import_v1_context()
      SUNRPC: Remove CONFIG_RPCSEC_GSS_KRB5_CRYPTOSYSTEM
      SUNRPC: Remove the ->import_ctx method
      SUNRPC: Remove net/sunrpc/auth_gss/gss_krb5_seqnum.c
      NFSD: Refactor nfsd_reply_cache_free_locked()
      NFSD: Rename nfsd_reply_cache_alloc()
      NFSD: Replace nfsd_prune_bucket()
      NFSD: Refactor the duplicate reply cache shrinker
      NFSD: Remove svc_rqst::rq_cacherep
      NFSD: Rename struct svc_cacherep
      SUNRPC: Convert svc_tcp_sendmsg to use bio_vecs directly
      SUNRPC: Send RPC message on TCP with a single sock_sendmsg() call
      SUNRPC: Convert svc_udp_sendto() to use the per-socket bio_vec array
      SUNRPC: Revert e0a912e8ddba
      SUNRPC: Reduce thread wake-up rate when receiving large RPC messages
      SUNRPC: change svc_xprt::xpt_flags bits to enum
      SUNRPC: Add enum svc_auth_status
      SUNRPC: Move trace_svc_xprt_enqueue
      SUNRPC: Deduplicate thread wake-up code
      SUNRPC: Count ingress RPC messages per svc_pool
      SUNRPC: Clean up svc_set_num_threads
      NFSD: da_addr_body field missing in some GETDEVICEINFO replies
      Documentation: Add missing documentation for EXPORT_OP flags

Dai Ngo (3):
      locks: allow support for write delegation
      NFSD: handle GETATTR conflict with write delegation
      NFSD: Enable write delegation support

Jeff Layton (5):
      nfsd: add a MODULE_DESCRIPTION
      nfsd: handle failure to collect pre/post-op attrs more sanely
      nfsd: remove unsafe BUG_ON from set_change_info
      nfsd: set missing after_change as before_change + 1
      nfsd: inherit required unset default acls from effective set

NeilBrown (12):
      lockd: remove SIGKILL handling
      nfsd: don't allow nfsd threads to be signalled.
      nfsd: Simplify code around svc_exit_thread() call in nfsd()
      nfsd: separate nfsd_last_thread() from nfsd_put()
      SUNRPC: call svc_process() from svc_recv().
      SUNRPC: change svc_recv() to return void.
      SUNRPC: remove timeout arg from svc_recv()
      SUNRPC: change cache_head.flags bits to enum
      SUNRPC: change svc_pool::sp_flags bits to enum
      SUNRPC: change svc_rqst::rq_flags bits to enum
      SUNRPC: make rqst_should_sleep() idempotent()
      SUNRPC: Remove return value of svc_pool_wake_idle_thread()

Su Hui (1):
      fs: lockd: avoid possible wrong NULL parameter

Yue Haibing (2):
      SUNRPC: Remove unused declarations
      SUNRPC: Remove unused declaration rpc_modcount()

YueHaibing (1):
      sunrpc: Remove unused extern declarations

Zhu Wang (1):
      exportfs: remove kernel-doc warnings in exportfs

 Documentation/filesystems/nfs/exporting.rst |  26 +++++++++
 fs/exportfs/expfs.c                         |   1 +
 fs/lockd/mon.c                              |   3 +
 fs/lockd/svc.c                              |  52 ++++-------------
 fs/lockd/svclock.c                          |  18 +++++-
 fs/locks.c                                  |   7 ---
 fs/nfs/callback.c                           |  23 ++------
 fs/nfsd/blocklayoutxdr.c                    |   9 +++
 fs/nfsd/cache.h                             |   8 ++-
 fs/nfsd/flexfilelayoutxdr.c                 |   9 +++
 fs/nfsd/nfs3proc.c                          |   4 +-
 fs/nfsd/nfs4acl.c                           |  34 +++++++++--
 fs/nfsd/nfs4proc.c                          |  51 ++++++++++++++---
 fs/nfsd/nfs4state.c                         | 162 +++++++++++++++++++++++++++++++++++++++++++++-------
 fs/nfsd/nfs4xdr.c                           |  39 +++++++------
 fs/nfsd/nfscache.c                          | 206 ++++++++++++++++++++++++++++++++++++++++++------------------------
 fs/nfsd/nfsctl.c                            |   1 +
 fs/nfsd/nfsd.h                              |   7 ++-
 fs/nfsd/nfsfh.c                             |  26 +++++----
 fs/nfsd/nfsfh.h                             |   6 +-
 fs/nfsd/nfssvc.c                            | 111 +++++++++---------------------------
 fs/nfsd/state.h                             |   3 +
 fs/nfsd/stats.c                             |   2 +
 fs/nfsd/stats.h                             |   7 +++
 fs/nfsd/trace.h                             |  27 ++++++++-
 fs/nfsd/vfs.c                               |  52 +++++++++++------
 fs/nfsd/xdr4.h                              |  11 ----
 include/linux/lockd/lockd.h                 |   4 +-
 include/linux/sunrpc/cache.h                |  12 ++--
 include/linux/sunrpc/stats.h                |  23 +++-----
 include/linux/sunrpc/svc.h                  |  52 ++++++++---------
 include/linux/sunrpc/svc_xprt.h             |  38 +++++++------
 include/linux/sunrpc/svcauth.h              |  53 ++++++++---------
 include/linux/sunrpc/svcsock.h              |   9 +--
 include/linux/sunrpc/xdr.h                  |   2 +
 include/trace/events/sunrpc.h               |  80 ++++++++++++++++----------
 net/sunrpc/.kunitconfig                     |   1 -
 net/sunrpc/Kconfig                          |  35 ------------
 net/sunrpc/auth_gss/Makefile                |   2 +-
 net/sunrpc/auth_gss/gss_krb5_internal.h     |  23 --------
 net/sunrpc/auth_gss/gss_krb5_keys.c         |  84 ---------------------------
 net/sunrpc/auth_gss/gss_krb5_mech.c         | 257 +---------------------------------------------------------------------------------
 net/sunrpc/auth_gss/gss_krb5_seal.c         |  69 ----------------------
 net/sunrpc/auth_gss/gss_krb5_seqnum.c       | 106 ----------------------------------
 net/sunrpc/auth_gss/gss_krb5_test.c         | 196 ---------------------------------------------------------------
 net/sunrpc/auth_gss/gss_krb5_unseal.c       |  77 -------------------------
 net/sunrpc/auth_gss/gss_krb5_wrap.c         | 287 --------------------------------------------------------------------------------------------
 net/sunrpc/auth_gss/svcauth_gss.c           |   7 +--
 net/sunrpc/svc.c                            |  97 +++++++++++++++++++------------
 net/sunrpc/svc_xprt.c                       | 126 +++++++++++++++-------------------------
 net/sunrpc/svcauth.c                        |  35 ++++++++++--
 net/sunrpc/svcauth_unix.c                   |   9 ++-
 net/sunrpc/svcsock.c                        | 131 +++++++++++++++++++-----------------------
 net/sunrpc/xdr.c                            |  50 ++++++++++++++++
 54 files changed, 970 insertions(+), 1800 deletions(-)
 delete mode 100644 net/sunrpc/auth_gss/gss_krb5_seqnum.c

--
Chuck Lever


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ