Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp5108878rwl; Sun, 8 Jan 2023 08:42:57 -0800 (PST) X-Google-Smtp-Source: AMrXdXvzMmMNiay0kFtdwN3PesHjhs4MPvrAdQ9BHKvtyqM084FE3OcscO2MrskXoWZEbu+sJ+lz X-Received: by 2002:a17:907:d48a:b0:7c0:dac7:36ea with SMTP id vj10-20020a170907d48a00b007c0dac736eamr57649941ejc.66.1673196177286; Sun, 08 Jan 2023 08:42:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673196177; cv=none; d=google.com; s=arc-20160816; b=n2ID/ENOPupYf1h0BceSRBAxK7notRr/Wjdmu4pRmYqFBJZ+MBeIAIsbeCHarUBoql DfRRFNdFqollbfO9I+v28y+tWqh6nJiSnLWBT1UE8JNanFyoUbBAR6vmPgCLRpbucjSV 1iVKI/mPgUhTtePJouwta4Z+AIt3qMTq/fzXQaSDiBZSWL3ryeMGAjXLca8io5pF+Yuw MIM6WrlY//CmA87NUkqavSCFCrIKA4IPOD4JCt1yA+5PTM5hj3BEVbMRaWgMAclSJazl vFutD9KJ62KLEyM+nNfl/unIRkXBvVFu7Q/Lp61vNE0Z6aIxCckLF9OP9YO0olGUYFGN 7AwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:message-id:date:to:from:subject:dkim-signature; bh=h2DB+FoQFTT2t4lgS4f513fi6bNMshFCGcRZ+k5Muj4=; b=yLYXUDamUlc4seVHfAyOw9pXivZ3r/RzzdSJRwKjS6dwVKiNG6iO5y8CG9U5J/LVb2 r5lzXwru0g/xiF2rUrCtYXl3qc/HQU9Jtu8Hsh3Jesj9dCfODLWbzgUHBEXJf0HEed6G aigtutqi9mOS15lmyocyFBYeO4FjukyBbLPCQm1YM72ZT98Gbj+vbhdy15thk8cTQHkW sNy4tYKrydxZPOBSMyF+oIqjUoAQ/tDOiJKMx3J8iw5ee+RCidang6k2j73vZ4FxRqNV Z47Nn4NVx+JKQupHCNBgr2KPlanw/UeIkhZzlxrgp12uvJ3lZb2u9dkehByUV1x6qTXj LcSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Tc55Dk67; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id rh19-20020a17090720f300b007ae2368c8b7si5754230ejb.138.2023.01.08.08.42.33; Sun, 08 Jan 2023 08:42:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Tc55Dk67; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232624AbjAHQcz (ORCPT + 99 others); Sun, 8 Jan 2023 11:32:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60396 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234019AbjAHQ23 (ORCPT ); Sun, 8 Jan 2023 11:28:29 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 336AF5FF3 for ; Sun, 8 Jan 2023 08:28:28 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id C26C7B801BB for ; Sun, 8 Jan 2023 16:28:26 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3E11CC433D2 for ; Sun, 8 Jan 2023 16:28:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1673195305; bh=CJm/KRSSFn0HmKyWetudSHd9SMez/ZvnPSOW1/bCx7M=; h=Subject:From:To:Date:From; b=Tc55Dk671REokTRm//DyI4pz69KI+SqLEKqh/FTF2mFHlDNAjHnZJlzfbiOVY29BB ytxw9NUnJZsLxdYON5nRJuGCaIohDpHIJViIDYtzIq5b/0tbB6DNvX0Sswdcko5/w4 4EqNjHObKdPlh9CKysRJfGOhxfqimmYuMuMxhBllePm2PTSvTHkZFLrwuv8MCAJGJ4 BHVFFUzlnNPsJaxNuMkwUzTQiR0+Pq5jDEB1b1LcOQXsej8sODlOZZPdxhZdU2OCG6 eorhrCelyo8r3ZSAL4YYo/oJdmDpjij3n9hNnRUMmC1xXFIWg6e0LVdw6NQF4ogY1m Mz2WJelTLiieg== Subject: [PATCH v1 00/27] Server-side RPC reply header parsing overhaul From: Chuck Lever To: linux-nfs@vger.kernel.org Date: Sun, 08 Jan 2023 11:28:24 -0500 Message-ID: <167319499150.7490.2294168831574653380.stgit@bazille.1015granger.net> User-Agent: StGit/1.5 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org The purpose of this series is to replace the svc_put* macros in the Linux kernel server's RPC reply header construction code with xdr_stream helpers. I've measured no change in CPU utilization after the overhaul. Memory safety: Buffer bounds checking after encoding each XDR item is more memory-safe than the current mechanism. Subsequent memory safety improvements to the common xdr_stream helpers will benefit all who use them. Audit friendliness: The new code has additional comments and other clean-up to help align it with the relevant RPC protocol specifications. The use of common helpers also makes the encoders easier to audit and maintain. I've split the full series in half to make it easier to review. The patches posted here are the second half, handling RPC reply header encoding. Note that another benefit of this work is that we are taking one or two more strides closer to greater commonality between the client and server implementations of RPCSEC GSS. --- Chuck Lever (27): SUNRPC: Clean up svcauth_gss_release() SUNRPC: Rename automatic variables in svcauth_gss_wrap_resp_integ() SUNRPC: Record gss_get_mic() errors in svcauth_gss_wrap_integ() SUNRPC: Replace checksum construction in svcauth_gss_wrap_integ() SUNRPC: Convert svcauth_gss_wrap_integ() to use xdr_stream() SUNRPC: Rename automatic variables in svcauth_gss_wrap_resp_priv() SUNRPC: Record gss_wrap() errors in svcauth_gss_wrap_priv() SUNRPC: Add @head and @tail variables in svcauth_gss_wrap_priv() SUNRPC: Convert svcauth_gss_wrap_priv() to use xdr_stream() SUNRPC: Check rq_auth_stat when preparing to wrap a response SUNRPC: Remove the rpc_stat variable in svc_process_common() SUNRPC: Add XDR encoding helper for opaque_auth SUNRPC: Push svcxdr_init_encode() into svc_process_common() SUNRPC: Move svcxdr_init_encode() into ->accept methods SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_null_accept() SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_unix_accept() SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_tls_accept() SUNRPC: Convert unwrap data paths to use xdr_stream for replies SUNRPC: Use xdr_stream to encode replies in server-side GSS upcall helpers SUNRPC: Use xdr_stream for encoding GSS reply verifiers SUNRPC: Hoist init_encode out of svc_authenticate() SUNRPC: Convert RPC Reply header encoding to use xdr_stream SUNRPC: Final clean-up of svc_process_common() SUNRPC: Remove no-longer-used helper functions SUNRPC: Refactor RPC server dispatch method SUNRPC: Set rq_accept_statp inside ->accept methods SUNRPC: Go back to using gsd->body_start fs/lockd/svc.c | 5 +- fs/nfs/callback_xdr.c | 6 +- fs/nfsd/nfscache.c | 4 +- fs/nfsd/nfsd.h | 2 +- fs/nfsd/nfssvc.c | 10 +- include/linux/sunrpc/svc.h | 116 +++---- include/linux/sunrpc/xdr.h | 23 ++ include/trace/events/rpcgss.h | 22 ++ net/sunrpc/auth_gss/svcauth_gss.c | 505 +++++++++++++++--------------- net/sunrpc/svc.c | 91 +++--- net/sunrpc/svcauth_unix.c | 40 ++- net/sunrpc/xdr.c | 29 ++ 12 files changed, 451 insertions(+), 402 deletions(-) -- Chuck Lever