| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7bf4275d-a7a0-4dab-8e5f-eb7b6e965377@huawei.com> Date: Wed, 3 Sep 2025 11:46:36 +0800 From: "zhangjian (CG)" <zhangjian496@...wei.com> To: Benjamin Coddington <bcodding@...hat.com>, Li Lingfeng <lilingfeng3@...wei.com> CC: Jeff Layton <jlayton@...nel.org>, <chuck.lever@...cle.com>, <neil@...wn.name>, <okorniev@...hat.com>, <Dai.Ngo@...cle.com>, <tom@...pey.com>, <linux-nfs@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <yukuai1@...weicloud.com>, <houtao1@...wei.com>, <yi.zhang@...wei.com>, <yangerkun@...wei.com>, <lilingfeng@...weicloud.com> Subject: Re: [PATCH] nfsd: remove long-standing revoked delegations by force Hello every experts. If we can see all delegations on hard-mounted nfs client, which are also on server cl_revoked list, changed from NFS_DELEGATION_RETURN_IF_CLOSED|NFS_DELEGATION_REVOKED|NFS_DELEGATION_TEST_EXPIRED to NFS_DELEGATION_RETURN_IF_CLOSED|NFS_DELEGATION_REVOKED, can we give some hypothesis on this problem ? By the way, this problem can be cover over by decreasing file count on server. Thanks, zhangjian On 2025/9/2 20:43, Benjamin Coddington wrote: > On 2 Sep 2025, at 8:10, Li Lingfeng wrote: > >> Our expected outcome was that the client would release the abnormal >> delegation via TEST_STATEID/FREE_STATEID upon detecting its invalidity. >> However, this problematic delegation is no longer present in the >> client's server->delegations list—whether due to client-side timeouts or >> the server-side bug [1]. > > How does the client timeout TEST_STATEID - are you mounting with 'soft'? > > We should find the server-side bug and fix it rather than write code to > paper over it. I do think the synchronization of state here is a bit > fragile and wish the protocol had a generation, sequence, or marker for > setting SEQ4_STATUS_ bits.. > >>> >>> Should we instead just administratively evict the client since it's >>> clearly not behaving right in this case? >> Thanks for the suggestion. While administratively evicting the client would >> certainly resolve the immediate delegation issue, I'm concerned that approach >> might be a bit heavy-handed. >> The problematic behavior seems isolated to a single delegation. Meanwhile, >> the client itself likely has numerous other open files and active state on >> the server. Forcing a complete client reconnect would tear down all that >> state, which could cause significant application disruption and be perceived >> as a service outage from the client's perspective. >> >> [1] https://lore.kernel.org/all/de669327-c93a-49e5-a53b-bda9e67d34a2@huawei.com/ > > ^^ in this thread you reference v5.10 - there was a knfsd fix for a > cl_revoked leak "3b816601e279", and there have been 3 or 4 fixes to fix > problems and optimize the client walk of delegations since then. Jeff > pointed out that there have been fixes in these areas. Are you finding this > problem still with all those fixes included? > > Ben > >
Powered by blists - more mailing lists