Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3645611pxj; Tue, 11 May 2021 08:50:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyWvaU2UqlO7CL/DD7vgOQZEQjPkIrezyqqjWd0jxYNyual35hxv+Qv3kzSXtqNoWXChcBq X-Received: by 2002:a50:bec7:: with SMTP id e7mr38072470edk.295.1620748202469; Tue, 11 May 2021 08:50:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620748202; cv=none; d=google.com; s=arc-20160816; b=hunrarGYaJFjIHhR9P0Bt6tjvW1F0QGwVApPOAo8voSBJPtaVKWdaGZZLfrjGC2qaa 0rAh+pcxL3HTjUiQzFXbwVWkwjtCiNQfgM7Ec8iUvgNiXkmlgOQ4MIHkU5oaorPRS1An hyzmrfJkmbtaNyFsp8l1fRfAelvDuEDhjqv2uqlkD8W7Mn7hv37BSpf/vk5AjvHh+nc6 hEPU5GS0DhHfyBJBdFKBJXmyYjTg1DhyAmmCDs/Mh9wwjb3SANvkkRDU3CrLbq4k+CEd tCYltN5uCx0+RAECO+2VSRB+hfk3ufe46sMBNsqtSinJrA4vb9H1LTtLa+EGl8DIqzvn NUGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:dkim-filter; bh=r/VAXEuHs0VCPjQI6V+vptmbTHgOydnZvii7BBsPXmc=; b=kAllIzh4cTXx2OyXiSXGXacWZxTJtFLmmSO+RJlYR6IQqcbB5iQXCY2CQtRQT9341L 5sfWS+OyTMNGZxzfzFga5HfTIxLlH9dMNIzDg59PxRd0etyOt6KO0aimxhlELk33m19K O2098D4VmPHg9gzyBaF6CcA0lDnFj5+mTHPVYgijCA2C00WxDu1Rh6kzzQM5ME2CSVyp unn/uXTBv9ajYuX/t9M6RiDmEQ8hPj7exHE4T0mIHNHOHfMdy5hdYrDtlEfJRiD5BexV Iu+i2MQ9+1nKXxXpZiPh/v4vWI6G02PIrTW/PCVOgjwKPd+UxFcNdTSei3heLAYQdfls tmzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@fieldses.org header.s=default header.b=nDlqzI47; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id he6si17713205ejc.564.2021.05.11.08.49.33; Tue, 11 May 2021 08:50:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@fieldses.org header.s=default header.b=nDlqzI47; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231783AbhEKPuc (ORCPT + 99 others); Tue, 11 May 2021 11:50:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38850 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231561AbhEKPuc (ORCPT ); Tue, 11 May 2021 11:50:32 -0400 Received: from fieldses.org (fieldses.org [IPv6:2600:3c00:e000:2f7::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 407F6C061574 for ; Tue, 11 May 2021 08:49:26 -0700 (PDT) Received: by fieldses.org (Postfix, from userid 2815) id 3A8464183; Tue, 11 May 2021 11:49:25 -0400 (EDT) DKIM-Filter: OpenDKIM Filter v2.11.0 fieldses.org 3A8464183 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fieldses.org; s=default; t=1620748165; bh=r/VAXEuHs0VCPjQI6V+vptmbTHgOydnZvii7BBsPXmc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=nDlqzI47zW5yG8dH6zInxrG7a1uMO30+vwuLXLHrXqaEVJDYOmPRnoc6W+X4SQvhx RtmWFJZv2gKcmKAZWBByZ8wYfa0dYrit49TDuJl3dyNubmtE7S+jbPkU9p5LHLSYnx iLh70gD3dnU0xcFrD3FhSKdZquij5XqvHGsfUuz0= Date: Tue, 11 May 2021 11:49:25 -0400 From: "J. Bruce Fields" To: Chuck Lever Cc: dwysocha@redhat.com, linux-nfs@vger.kernel.org Subject: Re: [PATCH RFC 15/21] NFSD: Add nfsd_clid_verf_mismatch tracepoint Message-ID: <20210511154925.GA5416@fieldses.org> References: <162066179690.94415.203187037032448300.stgit@klimt.1015granger.net> <162066199008.94415.3881243902817026664.stgit@klimt.1015granger.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <162066199008.94415.3881243902817026664.stgit@klimt.1015granger.net> User-Agent: Mutt/1.5.21 (2010-09-15) Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Mon, May 10, 2021 at 11:53:10AM -0400, Chuck Lever wrote: > Record when a client presents a different boot verifier than the > one we know about. Typically this is a sign the client has > rebooted, but sometimes it signals a conflicting client ID, which > the client's administrator will need to address. Yes. I suspect this is much more common that the cred mismatch case, unfortunately. Without kerberos, we just don't have much to go on--we're not supposed to use IP address, and the auth_unix cred itself probably doesn't vary much across clients. (Patch looks fine, just commenting on that because it's a confusing point.) --b. > > Signed-off-by: Chuck Lever > --- > fs/nfsd/nfs4state.c | 11 ++++++++--- > fs/nfsd/trace.h | 32 ++++++++++++++++++++++++++++++++ > 2 files changed, 40 insertions(+), 3 deletions(-) > > diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c > index 4feadb683a2d..56ca79f55da4 100644 > --- a/fs/nfsd/nfs4state.c > +++ b/fs/nfsd/nfs4state.c > @@ -3193,6 +3193,7 @@ nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, > goto out_copy; > } > /* case 5, client reboot */ > + trace_nfsd_clid_verf_mismatch(conf, rqstp, &verf); > conf = NULL; > goto out_new; > } > @@ -3988,9 +3989,13 @@ nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, > if (unconf) > unhash_client_locked(unconf); > /* We need to handle only case 1: probable callback update */ > - if (conf && same_verf(&conf->cl_verifier, &clverifier)) { > - copy_clid(new, conf); > - gen_confirm(new, nn); > + if (conf) { > + if (same_verf(&conf->cl_verifier, &clverifier)) { > + copy_clid(new, conf); > + gen_confirm(new, nn); > + } else > + trace_nfsd_clid_verf_mismatch(conf, rqstp, > + &clverifier); > } > new->cl_minorversion = 0; > gen_callback(new, setclid, rqstp); > diff --git a/fs/nfsd/trace.h b/fs/nfsd/trace.h > index 80fd6ca6ae46..2c0392f30a86 100644 > --- a/fs/nfsd/trace.h > +++ b/fs/nfsd/trace.h > @@ -592,6 +592,38 @@ TRACE_EVENT(nfsd_clid_cred_mismatch, > ) > ) > > +TRACE_EVENT(nfsd_clid_verf_mismatch, > + TP_PROTO( > + const struct nfs4_client *clp, > + const struct svc_rqst *rqstp, > + const nfs4_verifier *verf > + ), > + TP_ARGS(clp, rqstp, verf), > + TP_STRUCT__entry( > + __field(u32, cl_boot) > + __field(u32, cl_id) > + __array(unsigned char, cl_verifier, NFS4_VERIFIER_SIZE) > + __array(unsigned char, new_verifier, NFS4_VERIFIER_SIZE) > + __array(unsigned char, addr, sizeof(struct sockaddr_in6)) > + ), > + TP_fast_assign( > + __entry->cl_boot = clp->cl_clientid.cl_boot; > + __entry->cl_id = clp->cl_clientid.cl_id; > + memcpy(__entry->cl_verifier, (void *)&clp->cl_verifier, > + NFS4_VERIFIER_SIZE); > + memcpy(__entry->new_verifier, (void *)verf, > + NFS4_VERIFIER_SIZE); > + memcpy(__entry->addr, &rqstp->rq_xprt->xpt_remote, > + sizeof(struct sockaddr_in6)); > + ), > + TP_printk("client %08x:%08x verf=0x%s, updated=0x%s from addr=%pISpc", > + __entry->cl_boot, __entry->cl_id, > + __print_hex_str(__entry->cl_verifier, NFS4_VERIFIER_SIZE), > + __print_hex_str(__entry->new_verifier, NFS4_VERIFIER_SIZE), > + __entry->addr > + ) > +); > + > TRACE_EVENT(nfsd_clid_inuse_err, > TP_PROTO(const struct nfs4_client *clp), > TP_ARGS(clp), >