Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2942698pxb;
        Sun, 28 Feb 2021 19:24:53 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxqCaBTv/mx/ju0cYUFoVE7sDh0FQF60KVH3RGr2eFhbt/7fPRoQhMrOjn9b5Xol1TDWsUF
X-Received: by 2002:a05:6402:203:: with SMTP id t3mr14429362edv.306.1614569092911;
        Sun, 28 Feb 2021 19:24:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1614569092; cv=none;
        d=google.com; s=arc-20160816;
        b=ezKEFnK6aOt/G5XozOLl8NKhOkOTPhkKGOwbTzazXHGptqBTBbwlPbnkKNLpNYM7hE
         RXBsg5oU6vTDUmwuSd+AFOxLVAPgkxrrDknTWojrYOzjJOEid47ab5DwyII8XNYACAo9
         9s2GC0xsxG6eMKTykFMhPK3iVmJrgXvhvu5fXMOnJGE7BTbrABoK1gZ24qBr0Xrg/g9o
         DvxVuC4qqZAbkiSvovBo2zVZruY41nOhaAnVFfrm+EGQj/wa+L6nEXH8Xt4D4m4Dhd9h
         sWDRI6OAkq8WZnBRyAwh28FHTzEH6mu2KX9dDqrlvmfDW2hMkmlZsVOPZcYzwG6p3OtB
         kF6g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:cc:subject:date:to
         :from;
        bh=zoUUTPliiZGHHhaamjcWcoEAIDcUTW51kyQo1df2yA0=;
        b=zaPAzlw7eV3AmU4QbvxbK3+200YtzFfWVXg2Juzk5J2QAHsR4mI4UUPzPQhDZkczfQ
         iHH5+0MiKm7IcU8ZOBjge5FmcT8Ze8HkMf/2a6yXfZ4HNi5RqOuaGZishNOeAKK41qG6
         Ngo/rtemtaisbZdIvwP8WJf3wlK5NTjPucnaUWqIVp1H4MpOIGfgoM4VscuGCyS42Svk
         Devaa+1QXQYtZsvA0wlMbTbsZRVvpAbJLli9A5B6zPpKJh6znkmjZ3+0y2NjjpCE/g0k
         mzvMgd9aw9mzK6GTCEVQ5iSgxpUjE4GPsiUJjOT6Va+hxGtAm53KAccR/46of4Mne671
         Wz0w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id f21si1504407edy.337.2021.02.28.19.24.30;
        Sun, 28 Feb 2021 19:24:52 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231808AbhCACSi (ORCPT <rfc822;geliangtang@gmail.com>
        + 99 others); Sun, 28 Feb 2021 21:18:38 -0500
Received: from mx2.suse.de ([195.135.220.15]:58506 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S231802AbhCACSh (ORCPT <rfc822;linux-nfs@vger.kernel.org>);
        Sun, 28 Feb 2021 21:18:37 -0500
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
        by mx2.suse.de (Postfix) with ESMTP id 45C0AAF7F;
        Mon,  1 Mar 2021 02:17:56 +0000 (UTC)
From:   NeilBrown <neilb@suse.de>
To:     Steve Dickson <SteveD@RedHat.com>
Date:   Mon, 01 Mar 2021 13:17:15 +1100
Subject: [PATCH 4/5] mountd: add --cache-use-ipaddr option to force use_ipaddr
Cc:     Linux NFS Mailing list <linux-nfs@vger.kernel.org>
Message-ID: <161456503509.22801.5697064120235155947.stgit@noble>
In-Reply-To: <161456493684.22801.323431390819102360.stgit@noble>
References: <161456493684.22801.323431390819102360.stgit@noble>
User-Agent: StGit/0.23
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

From: NeilBrown <neil@brown.name>

When logging authentication requests, it can be easier to read the logs
if clients are always identified by IP address, not intermediate names
like netgroups or subnets.

To allow this, add --cache-use-ipaddr or -i which tell mountd to always
enable use_ipaddr.

Signed-off-by: NeilBrown <neil@brown.name>
---
 support/export/auth.c   |    4 ++++
 utils/mountd/mountd.c   |   10 ++++++++--
 utils/mountd/mountd.man |   18 ++++++++++++++++++
 3 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/support/export/auth.c b/support/export/auth.c
index 0bfa77d18469..cea376300d01 100644
--- a/support/export/auth.c
+++ b/support/export/auth.c
@@ -66,6 +66,10 @@ check_useipaddr(void)
 	int old_use_ipaddr = use_ipaddr;
 	unsigned int len = 0;
 
+	if (use_ipaddr > 1)
+		/* fixed - don't check */
+		return;
+
 	/* add length of m_hostname + 1 for the comma */
 	for (clp = clientlist[MCL_NETGROUP]; clp; clp = clp->m_next)
 		len += (strlen(clp->m_hostname) + 1);
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 9fecf2f04c3b..b9260aeb86a3 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -75,9 +75,10 @@ static struct option longopts[] =
 	{ "manage-gids", 0, 0, 'g' },
 	{ "no-udp", 0, 0, 'u' },
 	{ "log-auth", 0, 0, 'l'},
+	{ "cache-use-ipaddr", 0, 0, 'i'},
 	{ NULL, 0, 0, 0 }
 };
-static char shortopts[] = "o:nFd:p:P:hH:N:V:vurs:t:gl";
+static char shortopts[] = "o:nFd:p:P:hH:N:V:vurs:t:gli";
 
 #define NFSVERSBIT(vers)	(0x1 << (vers - 1))
 #define NFSVERSBIT_ALL		(NFSVERSBIT(2) | NFSVERSBIT(3) | NFSVERSBIT(4))
@@ -681,6 +682,8 @@ read_mountd_conf(char **argv)
 	num_threads = conf_get_num("mountd", "threads", num_threads);
 	reverse_resolve = conf_get_bool("mountd", "reverse-lookup", reverse_resolve);
 	ha_callout_prog = conf_get_str("mountd", "ha-callout");
+	if (conf_get_bool("mountd", "cache-use-ipaddr", 0))
+		use_ipaddr = 2;
 
 	s = conf_get_str("mountd", "state-directory-path");
 	if (s && !state_setup_basedir(argv[0], s))
@@ -803,6 +806,9 @@ main(int argc, char **argv)
 		case 'l':
 			xlog_sconfig("auth", 1);
 			break;
+		case 'i':
+			use_ipaddr = 2;
+			break;
 		case 0:
 			break;
 		case '?':
@@ -918,7 +924,7 @@ usage(const char *prog, int n)
 {
 	fprintf(stderr,
 "Usage: %s [-F|--foreground] [-h|--help] [-v|--version] [-d kind|--debug kind]\n"
-"	[-l|--log-auth]\n"
+"	[-l|--log-auth] [-i|--cache-use-ipaddr]\n"
 "	[-o num|--descriptors num]\n"
 "	[-p|--port port] [-V version|--nfs-version version]\n"
 "	[-N version|--no-nfs-version version] [-n|--no-tcp]\n"
diff --git a/utils/mountd/mountd.man b/utils/mountd/mountd.man
index df4e5356cb05..44d237e56110 100644
--- a/utils/mountd/mountd.man
+++ b/utils/mountd/mountd.man
@@ -118,6 +118,23 @@ section.
 will always log authentication responses to MOUNT requests when NFSv3 is
 used, but to get similar logs for NFSv4, this option is required.
 .TP
+.BR \-i " or " \-\-cache\-use\-ipaddr
+Normally each client IP address is matched against each host identifier
+(name, wildcard, netgroup etc) found in
+.B /etc/exports
+and a combined identity is formed from all matching identifiers.
+Often many clients will map to the same combined identity so performing
+this mapping reduces the number of distinct access details that the
+kernel needs to store.
+Specifying the
+.B \-i
+option suppresses this mapping so that access to each filesystem is
+requested and cached separately for each client IP address.  Doing this
+can increase the burden of updating the cache slightly, but can make the
+log messages produced by the
+.B -l
+option easier to read.
+.TP
 .B \-F " or " \-\-foreground
 Run in foreground (do not daemonize)
 .TP
@@ -248,6 +265,7 @@ Values recognized in the
 .B [mountd]
 section include
 .BR manage-gids ,
+.BR cache\-use\-ipaddr ,
 .BR descriptors ,
 .BR port ,
 .BR threads ,