Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp8986615ybi; Tue, 23 Jul 2019 19:31:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqwdi5TKFlCuXcxlWhACPXZta+Au9+apdWykf3KKNmEKy+RjISAZfiu3jImityRtYkTM0070 X-Received: by 2002:a63:2f44:: with SMTP id v65mr77631746pgv.185.1563935460100; Tue, 23 Jul 2019 19:31:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563935460; cv=none; d=google.com; s=arc-20160816; b=wDjjX/cBIaOVeIFfHcePzSSctge3roC9CqOp5hBZzfKPg4eCS5/RFZk+oG3+whsCE0 d/EER910wamItoptU8V8Cehc7K5nElKAxmPvHNbCJ+nZLkCgjE5O8DQujHjWyl0LUzNm M0bDcm4AqiTwxb0PaaEhKsjuJrHGcr2nG/RfYFhvEUPn2DMm6Pq+z+2LJY/oM/MrHzqL uVtY7FCLA0TsnR7+YWAILyAND8XkrOvY1Y20cmvVSQDFGdP5hQRjbju7q0iarcDNhn20 sx3AZl22goNglPn69UDWEZHZWQm7o2QfB2lYYz3HiUEFTh+saBr1BoxgX5O4nP436woU zjhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=Uk2cVWMoD/g7VUYDF2z6hNt7oEvjAYwAZkieTZ0L8e8=; b=FDQMpsIlVnOV8CRm7lsl4BFzZu0GzAoVcQWvJZay+6sGuBTovzqOn2CYhNDJiqU39Q VH6BmKyZNyhaadBxzBx7sw+kykULEu2zKUGBhtIk0oySg2+FWeVpQqj2ybBpnGtukrDJ c3ZLZhymfGOWNBuWa8ZZ/GGLILGvsbwevSDpq25aohAMMIlzeGPyXbxSCIaogVqw1OKT H4MwfRXj0+xSPsilBYsRDC9ZPUtcMY9fdphOA4GryhgCkN9p09IdkH1zFUujYvkPWyS7 oLT12yDM22ZeMFLRvc2ehjxhGfsvCwePCxafHWoyJxUVmqTfw7G4oceFzC290jtDKvgH OGnQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g127si3890463pgc.128.2019.07.23.19.30.46; Tue, 23 Jul 2019 19:31:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389107AbfGWU6r (ORCPT + 99 others); Tue, 23 Jul 2019 16:58:47 -0400 Received: from fieldses.org ([173.255.197.46]:34480 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389103AbfGWU6r (ORCPT ); Tue, 23 Jul 2019 16:58:47 -0400 Received: by fieldses.org (Postfix, from userid 2815) id 4E8B82011; Tue, 23 Jul 2019 16:58:46 -0400 (EDT) Date: Tue, 23 Jul 2019 16:58:46 -0400 From: "J. Bruce Fields" To: Olga Kornievskaia Cc: "J. Bruce Fields" , linux-nfs Subject: Re: [PATCH v4 5/8] NFSD check stateids against copy stateids Message-ID: <20190723205846.GB19559@fieldses.org> References: <20190708192352.12614-1-olga.kornievskaia@gmail.com> <20190708192352.12614-6-olga.kornievskaia@gmail.com> <20190719220116.GA24373@fieldses.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Mon, Jul 22, 2019 at 04:24:08PM -0400, Olga Kornievskaia wrote: > On Fri, Jul 19, 2019 at 6:01 PM J. Bruce Fields wrote: > > > > On Mon, Jul 08, 2019 at 03:23:49PM -0400, Olga Kornievskaia wrote: > > > Incoming stateid (used by a READ) could be a saved copy stateid. > > > On first use make it active and check that the copy has started > > > within the allowable lease time. > > > > > > Signed-off-by: Olga Kornievskaia > > > --- > > > fs/nfsd/nfs4state.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ > > > 1 file changed, 45 insertions(+) > > > > > > diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c > > > index 2555eb9..b786625 100644 > > > --- a/fs/nfsd/nfs4state.c > > > +++ b/fs/nfsd/nfs4state.c > > > @@ -5232,6 +5232,49 @@ static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) > > > > > > return 0; > > > } > > > +/* > > > + * A READ from an inter server to server COPY will have a > > > + * copy stateid. Return the parent nfs4_stid. > > > + */ > > > +static __be32 _find_cpntf_state(struct nfsd_net *nn, stateid_t *st, > > > + struct nfs4_cpntf_state **cps) > > > +{ > > > + struct nfs4_cpntf_state *state = NULL; > > > + > > > + if (st->si_opaque.so_clid.cl_id != nn->s2s_cp_cl_id) > > > + return nfserr_bad_stateid; > > > + spin_lock(&nn->s2s_cp_lock); > > > + state = idr_find(&nn->s2s_cp_stateids, st->si_opaque.so_id); > > > + if (state) > > > + refcount_inc(&state->cp_p_stid->sc_count); > > > + spin_unlock(&nn->s2s_cp_lock); > > > + if (!state) > > > + return nfserr_bad_stateid; > > > + *cps = state; > > > + return 0; > > > +} > > > + > > > +static __be32 find_cpntf_state(struct nfsd_net *nn, stateid_t *st, > > > + struct nfs4_stid **stid) > > > +{ > > > + __be32 status; > > > + struct nfs4_cpntf_state *cps = NULL; > > > + > > > + status = _find_cpntf_state(nn, st, &cps); > > > + if (status) > > > + return status; > > > + > > > + /* Did the inter server to server copy start in time? */ > > > + if (cps->cp_active == false && !time_after(cps->cp_timeout, jiffies)) { > > > + nfs4_put_stid(cps->cp_p_stid); > > > + return nfserr_partner_no_auth; > > > > I wonder whether instead of checking the time we should instead be > > destroying copy stateid's as they expire, so the fact that you were > > still able to look up the stateid suggests that it's good. Or would > > that result in returning the wrong error here? Just curious. > > In order to destroy copy stateid as they expire we need some thread > monitoring the copies and then remove the expired one. It would be just another thing to do in the laundromat thread. So when do we free these things? The only free_cpntf_state() caller I can find is in nfsd4_offload_cancel, but I think the client only calls those in case of interrupts or other unusual events. What about a copy that terminates normally? > That seems like > a lot more work than what's currently there. The spec says that the > use of the copy has to start without a certain timeout and that's what > this is suppose to enforce. If the client took too long start the > copy, it'll get an error. I don't think it matters what error code is > returned BAD_STATEID or PARTNER_NO_AUTH both imply the stateid is bad. > > > > > > + } else > > > + cps->cp_active = true; > > > + > > > + *stid = cps->cp_p_stid; > > > > What guarantees that cp_p_stid still points to a valid stateid? (E.g. > > if this is an open stateid that has since been closed.) > > A copy (or copy_notify) stateid takes a reference on the parent, thus > we guaranteed that pointer is still a valid stateid. I only see a reference count taken when one is looked up, in find_internal_cpntf_state. That's too late. --b. > > > > > --b. > > > > > + > > > + return nfs_ok; > > > +} > > > > > > /* > > > * Checks for stateid operations > > > @@ -5264,6 +5307,8 @@ static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) > > > status = nfsd4_lookup_stateid(cstate, stateid, > > > NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, > > > &s, nn); > > > + if (status == nfserr_bad_stateid) > > > + status = find_cpntf_state(nn, stateid, &s); > > > if (status) > > > return status; > > > status = nfsd4_stid_check_stateid_generation(stateid, s, > > > -- > > > 1.8.3.1