2017-11-01 22:08:43 +08:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
|
2012-10-09 16:49:02 +08:00
|
|
|
/*
|
|
|
|
* include/linux/nfsd/export.h
|
|
|
|
*
|
|
|
|
* Public declarations for NFS exports. The definitions for the
|
|
|
|
* syscall interface are in nfsctl.h
|
|
|
|
*
|
|
|
|
* Copyright (C) 1995-1997 Olaf Kirch <okir@monad.swb.de>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _UAPINFSD_EXPORT_H
|
|
|
|
#define _UAPINFSD_EXPORT_H
|
|
|
|
|
|
|
|
# include <linux/types.h>
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Important limits for the exports stuff.
|
|
|
|
*/
|
|
|
|
#define NFSCLNT_IDMAX 1024
|
|
|
|
#define NFSCLNT_ADDRMAX 16
|
|
|
|
#define NFSCLNT_KEYMAX 32
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Export flags.
|
2015-04-01 16:37:05 +08:00
|
|
|
*
|
|
|
|
* Please update the expflags[] array in fs/nfsd/export.c when adding
|
|
|
|
* a new flag.
|
2012-10-09 16:49:02 +08:00
|
|
|
*/
|
|
|
|
#define NFSEXP_READONLY 0x0001
|
|
|
|
#define NFSEXP_INSECURE_PORT 0x0002
|
|
|
|
#define NFSEXP_ROOTSQUASH 0x0004
|
|
|
|
#define NFSEXP_ALLSQUASH 0x0008
|
|
|
|
#define NFSEXP_ASYNC 0x0010
|
|
|
|
#define NFSEXP_GATHERED_WRITES 0x0020
|
nfsd: allow turning off nfsv3 readdir_plus
One of our customer's application only needs file names, not file
attributes. With directories having 10K+ inodes (assuming buffer cache
has directory blocks cached having file names, but inode cache is
limited and hence need eviction of older cached inodes), older inodes
are evicted periodically. So if they keep on doing readdir(2) from NSF
client on multiple directories, some directory's files are periodically
removed from inode cache and hence new readdir(2) on same directory
requires disk access to bring back inodes again to inode cache.
As READDIRPLUS request fetches attributes also, doing getattr on each
file on server, it causes unnecessary disk accesses. If READDIRPLUS on
NFS client is returned with -ENOTSUPP, NFS client uses READDIR request
which just gets the names of the files in a directory, not attributes,
hence avoiding disk accesses on server.
There's already a corresponding client-side mount option, but an export
option reduces the need for configuration across multiple clients.
This flag affects NFSv3 only. If it turns out it's needed for NFSv4 as
well then we may have to figure out how to extend the behavior to NFSv4,
but it's not currently obvious how to do that.
Signed-off-by: Rajesh Ghanekar <rajesh_ghanekar@symantec.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2014-08-02 10:17:30 +08:00
|
|
|
#define NFSEXP_NOREADDIRPLUS 0x0040
|
2017-01-04 01:30:11 +08:00
|
|
|
#define NFSEXP_SECURITY_LABEL 0x0080
|
|
|
|
/* 0x100 currently unused */
|
2012-10-09 16:49:02 +08:00
|
|
|
#define NFSEXP_NOHIDE 0x0200
|
|
|
|
#define NFSEXP_NOSUBTREECHECK 0x0400
|
|
|
|
#define NFSEXP_NOAUTHNLM 0x0800 /* Don't authenticate NLM requests - just trust */
|
|
|
|
#define NFSEXP_MSNFS 0x1000 /* do silly things that MS clients expect; no longer supported */
|
|
|
|
#define NFSEXP_FSID 0x2000
|
|
|
|
#define NFSEXP_CROSSMOUNT 0x4000
|
|
|
|
#define NFSEXP_NOACL 0x8000 /* reserved for possible ACL related use */
|
|
|
|
/*
|
|
|
|
* The NFSEXP_V4ROOT flag causes the kernel to give access only to NFSv4
|
|
|
|
* clients, and only to the single directory that is the root of the
|
|
|
|
* export; further lookup and readdir operations are treated as if every
|
|
|
|
* subdirectory was a mountpoint, and ignored if they are not themselves
|
|
|
|
* exported. This is used by nfsd and mountd to construct the NFSv4
|
|
|
|
* pseudofilesystem, which provides access only to paths leading to each
|
|
|
|
* exported filesystem.
|
|
|
|
*/
|
|
|
|
#define NFSEXP_V4ROOT 0x10000
|
2015-03-31 00:46:29 +08:00
|
|
|
#define NFSEXP_PNFS 0x20000
|
nfsd: implement pNFS operations
Add support for the GETDEVICEINFO, LAYOUTGET, LAYOUTCOMMIT and
LAYOUTRETURN NFSv4.1 operations, as well as backing code to manage
outstanding layouts and devices.
Layout management is very straight forward, with a nfs4_layout_stateid
structure that extends nfs4_stid to manage layout stateids as the
top-level structure. It is linked into the nfs4_file and nfs4_client
structures like the other stateids, and contains a linked list of
layouts that hang of the stateid. The actual layout operations are
implemented in layout drivers that are not part of this commit, but
will be added later.
The worst part of this commit is the management of the pNFS device IDs,
which suffers from a specification that is not sanely implementable due
to the fact that the device-IDs are global and not bound to an export,
and have a small enough size so that we can't store the fsid portion of
a file handle, and must never be reused. As we still do need perform all
export authentication and validation checks on a device ID passed to
GETDEVICEINFO we are caught between a rock and a hard place. To work
around this issue we add a new hash that maps from a 64-bit integer to a
fsid so that we can look up the export to authenticate against it,
a 32-bit integer as a generation that we can bump when changing the device,
and a currently unused 32-bit integer that could be used in the future
to handle more than a single device per export. Entries in this hash
table are never deleted as we can't reuse the ids anyway, and would have
a severe lifetime problem anyway as Linux export structures are temporary
structures that can go away under load.
Parts of the XDR data, structures and marshaling/unmarshaling code, as
well as many concepts are derived from the old pNFS server implementation
from Andy Adamson, Benny Halevy, Dean Hildebrand, Marc Eshel, Fred Isaman,
Mike Sager, Ricardo Labiaga and many others.
Signed-off-by: Christoph Hellwig <hch@lst.de>
2014-05-05 19:11:59 +08:00
|
|
|
|
2012-10-09 16:49:02 +08:00
|
|
|
/* All flags that we claim to support. (Note we don't support NOACL.) */
|
2017-01-04 01:30:11 +08:00
|
|
|
#define NFSEXP_ALLFLAGS 0x3FEFF
|
2012-10-09 16:49:02 +08:00
|
|
|
|
|
|
|
/* The flags that may vary depending on security flavor: */
|
|
|
|
#define NFSEXP_SECINFO_FLAGS (NFSEXP_READONLY | NFSEXP_ROOTSQUASH \
|
|
|
|
| NFSEXP_ALLSQUASH \
|
|
|
|
| NFSEXP_INSECURE_PORT)
|
|
|
|
|
2023-04-21 01:56:31 +08:00
|
|
|
/*
|
|
|
|
* Transport layer security policies that are permitted to access
|
|
|
|
* an export
|
|
|
|
*/
|
|
|
|
#define NFSEXP_XPRTSEC_NONE 0x0001
|
|
|
|
#define NFSEXP_XPRTSEC_TLS 0x0002
|
|
|
|
#define NFSEXP_XPRTSEC_MTLS 0x0004
|
|
|
|
|
|
|
|
#define NFSEXP_XPRTSEC_NUM (3)
|
|
|
|
|
|
|
|
#define NFSEXP_XPRTSEC_ALL (NFSEXP_XPRTSEC_NONE | \
|
|
|
|
NFSEXP_XPRTSEC_TLS | \
|
|
|
|
NFSEXP_XPRTSEC_MTLS)
|
2012-10-09 16:49:02 +08:00
|
|
|
|
|
|
|
#endif /* _UAPINFSD_EXPORT_H */
|