commit 3cca9dbeab3b159c27c1dc48e791139744baf6d0 Author: Benjamin Coddington Date: Mon Mar 24 15:47:43 2025 -0400 nfs(5): Add new rdirplus functionality, clarify The proposed kernel [patch][1] will modify the rdirplus mount option to accept optional string values of "none" and "force". Update the man page to reflect these changes and clarify the current client's behavior for the default. [1]: https://lore.kernel.org/linux-nfs/8c33cd92be52255b0dd0a7489c9e5cc35434ec95.1741876784.git.bcodding@redhat.com/T/#u Signed-off-by: Benjamin Coddington Signed-off-by: Steve Dickson commit 20515b8c76ac02fe6a3415b3051de77d958d2927 Author: Alexander Kanavin Date: Mon Mar 24 09:07:27 2025 -0400 xcommon.c: fix a formatting error with clang Specifically, this happens: | xcommon.c:101:24: error: format string is not a string literal [-Werror,-Wformat-nonliteral] | 101 | vfprintf (stderr, fmt2, args); | | ^~~~ A similar approach (print \n seprately) is already used elsewhere in the same file. Signed-off-by: Alexander Kanavin Signed-off-by: Steve Dickson commit 7511a77fc7eb7bd3ae38fcf54d49a47c25c3ed50 Author: Scott Mayhew Date: Mon Mar 24 08:59:24 2025 -0400 gssd.man: add documentation for use-gss-proxy nfs.conf option Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 0dbabc1f7b56cf8875fbc21b6c7d75fd27a66ba3 Author: Dan Aloni Date: Mon Mar 24 08:54:16 2025 -0400 nfs.man: add noalignwrite Signed-off-by: Dan Aloni Signed-off-by: Steve Dickson commit 12f1b6cec28782ee19692cc52e24f6d8995c65ed Author: zhangjian Date: Mon Mar 24 08:48:41 2025 -0400 nfsdcld: fix cld pipe read size When nfsd inits failed for detecting cld version in nfsd4_client_tracking_init, kernel may assume nfsdcld support version 1 message format and try to upcall with v1 message size to nfsdcld. There exists one error case in the following process, causeing nfsd hunging for nfsdcld replay: kernel write to pipe->msgs (v1 msg length) |--------- first msg --------|-------- second message -------| nfsdcld read from pipe->msgs (v2 msg length) |------------ first msg --------------|---second message-----| | valid message | ignore | wrong message | When two nfsd kernel thread add two upcall messages to cld pipe with v1 version cld_msg (size == 1034) concurrently?but nfsdcld reads with v2 version size(size == 1067), 33 bytes of the second message will be read and merged with first message. The 33 bytes in second message will be ignored. Nfsdcld will then read 1001 bytes in second message, which cause FATAL in cld_messaged_size checking. Nfsd kernel thread will hang for it forever until nfs server restarts. Signed-off-by: zhangjian Reviewed-by: Scott Mayhew Signed-off-by: Steve Dickson commit 1cd9e3c0d290646e80750249914396566dd6b800 Author: Olga Kornievskaia Date: Mon Mar 24 08:43:43 2025 -0400 gssd: do not use krb5_cc_initialize When gssd refreshes machine credentials, it uses the krb5_get_init_creds_keytab() and then to save the received credentials in a ticket cache, it proceeds to initialize the credential cache via a krb5_cc_initialize() before storing the received credentials into it. krb5_cc_initialize() is not concurrency safe. two gssd upcalls by uid=0, one for krb5i auth flavor and another for krb5p, would enter into krb5_cc_initialize() and one of them would fail, leading to an upcall failure and NFS operation error. Instead it was proposed that gssd changes its design to do what kinit does and forgo the use of krb5_cc_initialize and instead setup the output cache via krb5_get_init_creds_opt_set_out_cache() prior to calling krb5_get_init_creds_keytab() which would then store credentials automatically. https://mailman.mit.edu/pipermail/krbdev/2025-February/013708.html Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 9b3f949331c6541a358fc28bac323533f94d7e0b Author: Olga Kornievskaia Date: Mon Mar 24 08:40:32 2025 -0400 gssd: unconditionally use krb5_get_init_creds_opt_alloc Modern kerberos API uses krb5_get_init_creds_opt_alloc() for managing its options for credential data structure. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit a51e9fe288c49642cc88c44575ca9b332231de0f Author: Scott Mayhew Date: Wed Mar 19 14:23:01 2025 -0400 nfsdctl: ensure autostart honors the default nfs.conf versX.Y settings Yongcheng noted that after disabling a versX.Y option in /etc/nfs.conf, and starting nfsd, subsequently commenting out that option and restarting nfsd would not result in it being re-enabled. Reported-by: Yongcheng Yang Fixes: 03b2e2a1 ("nfsdctl: tweak the nfs.conf version handling") Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit cf953d4d1a01779bcccef21ad983d7d6840c4741 Author: Olga Kornievskaia Date: Wed Mar 19 14:19:27 2025 -0400 nfsdctl: dont ignore rdma listener return Don't ignore return code of adding rdma listener. If nfs.conf has asked for "rdma=y" but adding the listener fails, don't ignore the failure. Note in soft-rdma-provider environment (such as soft iwarp, soft roce), when no address-constraints are used, an "any" listener is created and rdma-enabling is done independently. Fixes: e3b72007ab31 ("nfs-utils: nfsdctl: cleanup listeners if some failed") Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit f61c2ff8d25cadabe0646e7a011f3c6b70da1f2f Author: Jeff Layton Date: Wed Mar 19 14:17:42 2025 -0400 nfsdctl: add necessary bits to configure lockd The legacy rpc.nfsd program would configure the nlm_grace_period to match the NFSv4 grace period when starting the server. This adds similar functionality to the autostart subcommand using the new lockd netlink configuration interfaces. In addition, if lockd's udp or tcp listener ports are specified, also configure them before starting the server. A "nlm" subcommand is also added that will display the current lockd config settings in the current net ns. In the future, we could add the ability to set these values using the "nlm" subcommand, but for now I didn't see a real use-case for that, so I left it out. Link: https://issues.redhat.com/browse/RHEL-71698 Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 61b1f4799218b12762799f5ae5a91f36e163fb35 Author: Jeff Layton Date: Wed Mar 19 11:40:23 2025 -0400 nfsdctl: fix the --version option Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 5f4c9a8137e13b03fc30326da860fd52430a4970 Author: Jeff Layton Date: Wed Mar 19 11:38:37 2025 -0400 nfsdctl: convert to xlog() Convert all of the fprintf(stderr, ...) calls to xlog(L_ERROR, ...) calls. Change the -d option to not take an argument, and add a -s option that will make nfsdctl log to syslog instead of stderr. Also remove the extraneous error message in run_commandline, and add a couple of trivial debug messages when the program starts and ends Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 55ea6139402da92e1664847417885d0527b26bc8 Author: Olga Kornievskaia Date: Thu Feb 6 06:58:43 2025 -0500 nfsdctl: fix host-limited add listener If in nfs.conf there was "host=" configuration that limited knfsd to listen on a particular hostname, then add_listener() had to fit :: into 144bytes to create a listener or be truncated which leads to failure of said listener creation. Instead allocate needed memory dynamically to allow for long hostname values. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 8b02f0d5590e0610f81bd53aa08155732af3af77 Author: Olga Kornievskaia Date: Thu Feb 6 06:56:21 2025 -0500 nfsdctl: cleanup listeners if some failed If we couldn't start some listeners, then make sure to remove already added listeners. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 7f0fd95e9b5d176818e812c08d4509eb2e380315 Author: Olga Kornievskaia Date: Thu Feb 6 06:51:12 2025 -0500 nfsdctl: fix autostart During nfsdctl autostart the nfsdctl reads the nfs.conf file and tries to setup the listeners and start knfsd threads. However, if we failed to start a listener, it currently ignores the error and starts the threads anyway. Suggesting that if we fail to start a UDP/TCP listener then do not start threads. At the moment ignoring the failure of adding an RDMA listener (because default config might have rdma=y set but not RDMA-enabled interface is available and previously we did not fail the start of knfsd in that case). Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 6f9e987772558b054a0fed89450d95f8e47f71dd Author: Olga Kornievskaia Date: Thu Feb 6 06:47:48 2025 -0500 nfsdctl: fix update_listeners When adding a listener via an nfsdctl listener command and passing in a hostname that is longer then 62bytes it leads to a buffer overlow problem. Instead allocate the needed buffer to be the size of the supplied command-line argument. Fixes: 8c32613d5311 ("nfsdctl: add the nfsdctl utility to nfs-utils") Reviewed-by: Jeff Layton Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 8c5a1ad1da5e5e8b3ef83caabf5c42948911a561 Author: Andrej Kozemcak Date: Thu Feb 6 06:30:44 2025 -0500 systemd: mount nfsd after load kernel module Systemd should load nfs kernel module before it try mount nfsd file systemd. In some systems systemd try mount nfsd file system before the nfs kernel module was loaded, which end with error. Signed-off-by: Andrej Kozemcak Signed-off-by: Steve Dickson commit 26f8410ded99e54d68a318bce9d0b70dcb286b29 Author: Frank Sorenson Date: Wed Feb 5 17:44:03 2025 -0500 mountstats/nfsiostat: merge and rework the infinite and counted loops We always want to print at least once, so move the first print before the interval/count tests. The infinite loop and counted loop are nearly identical, so we merge them, and break out of the loop if necessary. By decrementing the count and checking at the beginning of the loop, we also fix a bug where we sleep and parse the mountstats file one extra time after count iterations. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 21238e5c0f38e80abe32e10ea53b1d765130f36d Author: Frank Sorenson Date: Wed Feb 5 17:41:45 2025 -0500 mountstats/nfsiostat: Move the checks for empty mountpoint list into the print function The test for empty device list and 'No NFS mount points found' message terminate the program immediately if no nfs mounts are present during a particular iteration. However, if multiple iterations are specified, it makes more sense to simply output the message and sleep for the next iteration, since there may be nfs mounts next time through. If we move the test and message into the print function, we still get the message when appropriate, don't terminate on an empty list, and also eliminate two extra copies of the same test and message. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 17a1fcb26b4f919442a6caa71bb6ca6661af0ce6 Author: Frank Sorenson Date: Wed Feb 5 17:39:39 2025 -0500 mountstats: filter for nfs mounts in a function, each iostat iteration Currently, 'mountstats iostat' filters for nfs mounts when first parsing mountstats, and never re-verifies the list when printing multiple iterations. As a result, new nfs mountpoints are never detected, and unmounts result in a crash. nfsiostat covers both new mounts and unmounts by filtering the list of devices in a function during each iteration. Align the scripts by copying the nfsiostat filtering function, and filter each iteration. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 1bd30a9d113bb0b52962c1e4b2605a42c0db3ef7 Author: Frank Sorenson Date: Wed Feb 5 17:37:50 2025 -0500 nfsiostat: make comment explain mount/unmount more broadly The comment explaining the need to recheck the devices list suggests that nfs mounts/unmounts may occur when automount is involved, but they can happen for other reasons as well. Make the comment explain the issue more broadly. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 2b9251ed33eeba23fc87538edbe481f865c9a988 Author: Frank Sorenson Date: Wed Feb 5 17:36:35 2025 -0500 nfsiostat: fix crash when filtering mountstats after unmount If an unmount occurs between iterations, the filter function will crash when referencing the 'device' in the new mountstats. Verify it exists before trying to access it. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 9836adbca78494b8486a15dc60d732accb3611d9 Author: Frank Sorenson Date: Wed Feb 5 17:34:40 2025 -0500 nfsiostat: mirror how mountstats iostat prints the stats Currently, nfsiostat assumes that if old mountstats are provided, then 'old' will contain all the new devices as well, and will therefore crash if outputting multiple iterations and a new nfs mount occurs between iterations. 'mountstats iostat' covers the new-nfs-mount situation by checking that the old mountstats contains the device before referencing it. It also verifies both old and new mountpoints are the same type. Therefore, make the nfsiostat output function like mountstats. However nfsiostat also has to allow sorting, so we can't just output the full/diff stats as we go. Instead, put the stats to output into a list to display, sort the list if necessary, then output the stats at the end. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 687916d3fbe98549b073cfb89dff6ff9ff131f97 Author: Frank Sorenson Date: Wed Feb 5 17:32:49 2025 -0500 mountstats: when printing iostats, verify that old and new types are the same It's not sufficient to verify that old and new are not autofs; both should be the same fstype, in order to cover other potential mismatches. This prevents crashes when a path is a mountpoint, but not nfs or autofs. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 936a19cc16504a52e9e1ba852b950962893ce4a2 Author: Frank Sorenson Date: Wed Feb 5 17:31:24 2025 -0500 mountstats/nfsiostat: add a function to return the fstype We'll need to get the DeviceData fstype when printing iostats with multiple iterations, so we can verify that old and new mountpoints are the same. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit 155c53435685dbb693a44758b101d2c382fafa00 Author: Frank Sorenson Date: Sat Jan 25 11:23:27 2025 -0500 nfsiostat: skip argv[0] when parsing command-line Just skip argv[0] entirely while looping through the command-line arguments. Signed-off-by: Frank Sorenson Signed-off-by: Steve Dickson commit a08b94b9b6c13ad6785c7393b5e6323d9cf3d01f Author: Anna Schumaker Date: Tue Jan 21 08:27:26 2025 -0500 rpcctl: Add remaining missing docstrings Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit 5826cd2e12a728ee7d6a4c5436c666a4437f3817 Author: Anna Schumaker Date: Tue Jan 21 08:25:21 2025 -0500 rpcctl: Add missing docstrings to the XprtSwitch class Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit b75d44e574df7384a01cb5cb536c7040cffb26f9 Author: Anna Schumaker Date: Tue Jan 21 08:23:39 2025 -0500 rpcctl: Add missing docstrings to the Xprt class Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit 166e28a6464aa46503903789c96b8527e69306b8 Author: Anna Schumaker Date: Tue Jan 21 08:22:19 2025 -0500 rpcctl: Fix flake8 ambiguous-variable-name error Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit 8651db29646863e3073e36139523298379b89e74 Author: Anna Schumaker Date: Tue Jan 21 08:18:34 2025 -0500 rpcctl: Fix flake8 bare exception error Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit b52d8e6224e2793a62828fced0c6b95ac91a17e1 Author: Anna Schumaker Date: Tue Jan 21 08:17:14 2025 -0500 rpcctl: Fix flake8 line-too-long errors Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit bfc5353abf3a7f2e4d87ccb2758e6c5bf98d8bc9 Author: Anna Schumaker Date: Tue Jan 21 08:15:29 2025 -0500 rpcctl: Fix flake8 whitespace errors Signed-off-by: Anna Schumaker Signed-off-by: Steve Dickson commit 8d98abce41e86f41a4a4512a59bfc9ec55b53f7e Author: Scott Mayhew Date: Fri Jan 17 10:47:40 2025 -0500 nfsd: fix version sanity check rpc.nfsd's version sanity check needs to check both the major and minor versions before failing with a "no version specified" error. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 03b2e2a15041a3dbb07b8ac06d99800087627843 Author: Scott Mayhew Date: Fri Jan 17 10:41:37 2025 -0500 nfsdctl: tweak the nfs.conf version handling I noticed I was getting different results when comparing nfsdctl's config file handling versus rpc.nfsd's. First, the vers4 config option was being treated as a mask, e.g. if vers4=n and vers4.2=y then end result was still that all minorversions were disabled. Change it so that vers4=n would initially toggle off all minorversions, but individual v4.x=y would turn that minorversion back on. Second, don't make assumptions about what default should be passed to conf_get_bool. Instead, test both possible values and only update the nfsd_versions array if an option was explicitly specified. Finally, add a check so that 'nfsdctl autostart' will error out if no versions or minorversions are enabled. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 1e8acef8665b6ed32fadfaf71d0f22b966728c6b Author: Scott Mayhew Date: Fri Jan 17 10:36:14 2025 -0500 nfsdctl: tweak the version subcommand behavior The section for the 'nfsdctl version' subcommand on the man page states that the minorversion is optional, and if omitted it will cause all minorversions to be enabled/disabled. Make it work that way. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit cd90f29257904f36509ea5a04a86f42398fbe94a Author: Christopher Bii Date: Wed Jan 15 12:10:48 2025 -0500 NFS export symlink vulnerability fix Replaced dangerous use of realpath within support/nfs/export.c with nfsd_realpath variant that is executed within the chrooted thread rather than main thread. Implemented nfsd_path.h methods to work securely within chrooted thread using nfsd_run_task() help Signed-off-by: Christopher Bii Signed-off-by: Steve Dickson commit e29f6e549b7c42ebdf181bb079020c736fce1311 Author: Joshua Kaldon Date: Wed Jan 15 04:51:03 2025 -0500 Patch for broken libnfsimapd static and regex plugins. It appears that the makefile does not add nfsidmap_common.c in the sources. nfs-utils (1:2.8.2-1.1~0.1) UNRELEASED; urgency=medium . Non-maintainer upload. Fix issue with static and regex plugins missing symbol get_grnam_buflen. Signed-off-by: Steve Dickson commit 968f7b646ff70ff1d4669138c617ae5f1591e9b6 Author: Steve Dickson Date: Sat Jan 11 04:51:33 2025 -0500 nfsdcltrack related manpage and configure file cleanup Reported-by: Yongcheng Yang Reviewed-by: Jeff Layton Fixes: https://issues.redhat.com/browse/RHEL-73500 Signed-off-by: Steve Dickson commit 65f4cc3a6ce1472ee4092c4bbf4b19beb0a8217b Author: Salvatore Bonaccorso Date: Fri Jan 3 12:28:47 2025 -0500 systemd/nfs.systemd.man: Fix small wording typos The wording about what is required when configuration changes are done contained small wording typos. Change the sentence to "When configuration changes are made, ...". Fixes: 1b5881d5b9f3 ("Add nfs.systemd man page") Signed-off-by: Salvatore Bonaccorso Signed-off-by: Steve Dickson commit 307a75f56b565fcb07cbe26d31178cb03ee62b80 Author: Scott Mayhew Date: Fri Jan 3 12:26:39 2025 -0500 conffile: add 'arg' argument to conf_remove_now() Commit 9350a97a added an optional 'arg' to section names, but the logic to remove configurations wasn't updated to check the 'arg' argument. This wasn't really a problem until commit 15e17993 updated conf_parse_line() to call conf_set() with override=1, the end result being that we'll only remember the last value seen for any given section/tag combination. Fixes: 9350a97a ("Added an conditional argument to the Section names") Fixes: 15e17993 ("conffile: process config.d directory config files.") Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 2ba39567ebb2a6394645ba9392a161f7a6164dd7 Author: Yongcheng Yang Date: Fri Jan 3 12:23:21 2025 -0500 nfsdctl: manpage fix a few typos Reviewed-by: Benjamin Coddington Signed-off-by: Yongcheng Yang Signed-off-by: Steve Dickson commit 5f5c0412480f48125d09cfb6a915c5f4a62b49fe Author: Khem Raj Date: Fri Jan 3 12:19:43 2025 -0500 Fix typecast warning with clang Fixes file.c:200:8: error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] Signed-off-by: Khem Raj Signed-off-by: Steve Dickson commit 772f7d8641f162614bba7533fedda4d3b7fc65b4 Author: Wang Mingyu Date: Fri Jan 3 12:13:00 2025 -0500 Fix const qualifier error file.c: In function nsm_make_temp_pathname: file.c:200:22: warning: assignment discards const qualifier from pointer target type [-Wdiscarded-qualifiers] 200 | base = pathname; | ^ Signed-off-by: Wang Mingyu Signed-off-by: Steve Dickson