Return-Path: linux-nfs-owner@vger.kernel.org Received: from mx12.netapp.com ([216.240.18.77]:60339 "EHLO mx12.netapp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755276Ab3EHQnz convert rfc822-to-8bit (ORCPT ); Wed, 8 May 2013 12:43:55 -0400 From: "Myklebust, Trond" To: Steve Dickson CC: "J. Bruce Fields" , "David P. Quigley" , Linux NFS list , "Linux FS devel list" , Linux Security List , SELinux List Subject: Re: [PATCH 13/17] NFS: Client implementation of Labeled-NFS Date: Wed, 8 May 2013 16:43:53 +0000 Message-ID: <1368031432.5978.3.camel@leira.trondhjem.org> References: <1367240239-19326-1-git-send-email-SteveD@redhat.com> <1367240239-19326-14-git-send-email-SteveD@redhat.com> <1367435005.4189.36.camel@leira.trondhjem.org> <518A7FA6.4090703@RedHat.com> In-Reply-To: <518A7FA6.4090703@RedHat.com> Content-Type: text/plain; charset=US-ASCII MIME-Version: 1.0 Sender: linux-nfs-owner@vger.kernel.org List-ID: On Wed, 2013-05-08 at 12:39 -0400, Steve Dickson wrote: > > On 01/05/13 15:03, Myklebust, Trond wrote: > >> @@ -2409,10 +2468,26 @@ static int _nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *f > >> > server->caps |= NFS_CAP_CTIME; > >> > if (res.attr_bitmask[1] & FATTR4_WORD1_TIME_MODIFY) > >> > server->caps |= NFS_CAP_MTIME; > >> > +#ifdef CONFIG_NFS_V4_SECURITY_LABEL > >> > + if (res.attr_bitmask[2] & FATTR4_WORD2_SECURITY_LABEL) > >> > + server->caps |= NFS_CAP_SECURITY_LABEL; > >> > +#endif > >> > + memcpy(server->attr_bitmask_nl, res.attr_bitmask, > >> > + sizeof(server->attr_bitmask)); > >> > + > >> > + if (server->caps & NFS_CAP_SECURITY_LABEL) > >> > + server->attr_bitmask_nl[2] &= ~FATTR4_WORD2_SECURITY_LABEL; > >> > > >> > memcpy(server->cache_consistency_bitmask, res.attr_bitmask, sizeof(server->cache_consistency_bitmask)); > >> > server->cache_consistency_bitmask[0] &= FATTR4_WORD0_CHANGE|FATTR4_WORD0_SIZE; > >> > - server->cache_consistency_bitmask[1] &= FATTR4_WORD1_TIME_METADATA|FATTR4_WORD1_TIME_MODIFY; > >> > + server->cache_consistency_bitmask[1] &= FATTR4_WORD1_TIME_METADATA | > >> > + FATTR4_WORD1_TIME_MODIFY; > >> > +#ifdef CONFIG_NFS_V4_SECURITY_LABEL > >> > + server->cache_consistency_bitmask[2] &= FATTR4_WORD2_SECURITY_LABEL; > > Why? How is the security label relevant to cache consistency? > Its used to the set label bit in the GETATTR that goes out with ACCESS compound. The GETATTR that goes out with ACCESS is only there in order to get the change attribute so that we know when to invalidate the access cache. It is _only_ for cache consistency. Why do we need to fetch the label too? -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@netapp.com www.netapp.com