Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp346139ybl;
        Wed, 21 Aug 2019 20:40:53 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyacz7xwBbdrHXV6f54/sD+5sRlHGXDYoxSbhZkeQo+zPPhq8vGg04eRGackfKR1maPoImT
X-Received: by 2002:a17:902:2aa8:: with SMTP id j37mr24742314plb.272.1566445253304;
        Wed, 21 Aug 2019 20:40:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1566445253; cv=none;
        d=google.com; s=arc-20160816;
        b=ZxeUnkzTFq7vIY3Zh7zBw6BRNmmxcSS/7u2zEkT0rRM0e5JKkPx7OMtJrwGF9mwWh8
         66dlcOG7wGD4IicLtgco+PH25o3hxyDz4I/5j3garGcNxmwjc52i74tWrCc0J+V/Cyxd
         BO1K0PGMYtUPfKWwiPFPaTHU/pDHb50JOYQCR0baebj7+szLXDujrAlb5Avdeoasff16
         9T26USq+mzB7KclZLRxiyM5lb5i1NH/g7d/3aha8TbIJRcRRuwcXoYeUxji71bqeoI/k
         NcN4WlD6AZbtnV3gY8lK053jUojKPjyR2Ovr1UEnprhZ4uPl02GzYKau2cF0Ka70IKir
         2aFw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=dlm4U2JqQUZpRUOkEmtPRTA5XF/mpUkYKvQJQ6UeoXA=;
        b=KQSTfEBrI1ZLE+OEGsfA8uW549lXVUM52OkufA54aiuZNt8hL+7JqvCKuRYBny+6Db
         VhKEP23Z1h6UsNGYYFxqdl+/9KJg21PMW4rAFP1JNtVHhByIQ1alW3SdLn81pAg5jpiG
         cgud/vyqtFoIpEr2Cly1SlKbhM7RvYRxSUDQz26c+MzOjVOFJZHPcVfXsgvgQHD65GB1
         wCWMblUKCtAk5XnYPv3at+ZV/8P8vPBz9HJyyNFMpsTbQhZX8MZmNIqjVTmqiumqP9lc
         NKFAJ7+mjf3PCIAGWe6fPHSq8uNn9TYVVZ3J30ccPk9/hi8fK/3KzJgtVqXX9H5b/sm4
         q0Ew==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@delphix.com header.s=google header.b=WrV6Wopc;
       spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=delphix.com
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u3si15420167pgm.122.2019.08.21.20.40.27;
        Wed, 21 Aug 2019 20:40:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@delphix.com header.s=google header.b=WrV6Wopc;
       spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=delphix.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730337AbfHVDeG (ORCPT <rfc822;rosenp@gmail.com> + 99 others);
        Wed, 21 Aug 2019 23:34:06 -0400
Received: from mail-io1-f66.google.com ([209.85.166.66]:41563 "EHLO
        mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728332AbfHVDeF (ORCPT
        <rfc822;linux-nfs@vger.kernel.org>); Wed, 21 Aug 2019 23:34:05 -0400
Received: by mail-io1-f66.google.com with SMTP id j5so9005334ioj.8
        for <linux-nfs@vger.kernel.org>; Wed, 21 Aug 2019 20:34:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=delphix.com; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
        bh=dlm4U2JqQUZpRUOkEmtPRTA5XF/mpUkYKvQJQ6UeoXA=;
        b=WrV6WopcQdYeiVIzTFXNpjNHGUYKDdLKa3mrLdrpxySXEjZsTMWFBYuPfisg+qY97/
         5DfAAi7FtkfqgAssNoNQw31VX8gmmoqYp36Q7bRRlVeZ5q705CZyJlDsb8T15YvtdjfQ
         Y8IDoqcPmXM8LoPA5cjjsSZJNErC0+Jp4iDpA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=dlm4U2JqQUZpRUOkEmtPRTA5XF/mpUkYKvQJQ6UeoXA=;
        b=J7Wjavy763AmNP3QyphQzz+fXpzKw9j4lmAZ9W5YBtyreByO3q3vWjtZZQewGSPB2o
         UdFl/vfj3WjxrotWcA9vPnSPzM+6lh+m/UlBlOgAPttGPweqvT05PhYyM3inL+TMzXCC
         y9xOyoGZ/i1GrkBq37wtGtnAPCNuz3pbjw1/OSByuY6ySNaJW+y0VyzL/TqkL/0STJV3
         PmMWL+juDpjSKqfwVl0516sSUfKixDZ89GPqGl5MmuPzF3Dq9oSd6VAlHA1j14yP48wu
         ycc6IxAkbj/exchjKQCEfPEg0DlDV91n4f5PXeYohm2iyVljJpwiOpqa5eohiH0TseUM
         6Zsw==
X-Gm-Message-State: APjAAAWIMgwWdJPYtvhS4ApxjerbITUKa55YV8hZw/gcjqJIvfXeKT4x
        YfQJhhl/1tufarCK6zd4XFvbL1nPEVWJbDEfJTAFVHD7
X-Received: by 2002:a5e:c113:: with SMTP id v19mr11639690iol.219.1566444844549;
 Wed, 21 Aug 2019 20:34:04 -0700 (PDT)
MIME-Version: 1.0
References: <CANHi-RdNP6X1cyqN9z4SfHeC+NmAU+j9a1B03=rASF7_bDDGLQ@mail.gmail.com>
In-Reply-To: <CANHi-RdNP6X1cyqN9z4SfHeC+NmAU+j9a1B03=rASF7_bDDGLQ@mail.gmail.com>
From:   John Gallagher <john.gallagher@delphix.com>
Date:   Wed, 21 Aug 2019 20:33:28 -0700
Message-ID: <CANHi-RfcCLQuwpMi=g7ZSYdMa2VNRWWA82c3yrbs5AgtMOESMA@mail.gmail.com>
Subject: Re: Clients mounting subdirectories with NFSv3 can prevent unmounts
 on server
To:     linux-nfs@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

On Sun, Aug 4, 2019 at 2:09 PM John Gallagher
<john.gallagher@delphix.com> wrote:
>
> If a client mounts a subdirectory of an export using NFSv3, the server can end
> up with invalid (CACHE_VALID bit unset) entries in its export cache. These
> entries indirectly have a reference to the struct mount* containing the export,
> preventing the filesystem containing the export from being unmounted, even
> after the export has been unexported:
>
>     /tmp# mount --bind foo bar
>     /tmp# exportfs -o fsid=7 '*:/tmp/bar'
>     /tmp# mount -t nfs -o vers=3 localhost:/tmp/bar/a /mnt/a
>     /tmp# umount /mnt/a
>     /tmp# exportfs -u '*:/tmp/bar'
>     /tmp# umount /tmp/bar
>     umount: /tmp/bar: target is busy.
>     /tmp# cat /proc/net/rpc/nfsd.export/content
>     #path domain(flags)
>     # /tmp/bar/a    *()
>
> It looks like what's happening is that when rpc.mountd does a downcall to get a
> filehandle corresponding to a particular path, exp_parent() traverses the
> elements in the given path looking for one which is in the export cache. If
> there isn't a valid entry in the cache for the given path, which there won't be
> for a subdirectory of an export, then sunrpc_cache_lookup_rcu() inserts an
> new, invalid entry.

Looking into this a bit further, it seems that this is a regression, probably
introduced by d6fc8821c2d2aba4cc18447a467f543e46e7367d in 4.13. That commit
adds the additional check of the CACHE_VALID bit in cache_is_expired() which
prevents these entries from ever being considered expired, and therefore from
ever being flushed. I can think of at least a few possible approaches for
fixing this:

 1. Prevent exp_parent() from adding these entries. I suspect they aren't
    very useful anyway, since, being invalid, they aren't actually caching any
    info from userspace. Perhaps we could add a new helper function for caches
    which does lookups without adding a new entry when it doesn't find an
    existing entry.
 2. Find a way to make the check in cache_is_expired() more specific, so that
    it solves the issue from d6fc8821, but still allows these entries to be
    considered expired when we flush the cache.
 3. Find some alternate way to solve the issue from d6fc8821 which doesn't
    affect the way caches are flushed.

I haven't looked at the issue solved by d6fc8821 yet, so I don't know how
practical 2 and 3 are. Suggestions on what approach might be best would be
welcome. Once I get an idea on how best to proceed, I'd be happy to put a patch
together.

-John