From owner-freebsd-current@freebsd.org Wed Oct 3 15:51:35 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EF7B610A3AFD for ; Wed, 3 Oct 2018 15:51:34 +0000 (UTC) (envelope-from brooks@spindle.one-eyed-alien.net) Received: from spindle.one-eyed-alien.net (spindle.one-eyed-alien.net [199.48.129.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9718A828CE for ; Wed, 3 Oct 2018 15:51:34 +0000 (UTC) (envelope-from brooks@spindle.one-eyed-alien.net) Received: by spindle.one-eyed-alien.net (Postfix, from userid 3001) id 1CC073C475F; Wed, 3 Oct 2018 15:51:33 +0000 (UTC) Date: Wed, 3 Oct 2018 15:51:33 +0000 From: Brooks Davis To: Rick Macklem Cc: "freebsd-current@FreeBSD.org" , Josh Paetzel Subject: Re: which way to update export_args structure? Message-ID: <20181003155133.GA57729@spindle.one-eyed-alien.net> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Oct 2018 15:51:35 -0000 --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 03, 2018 at 12:40:27AM +0000, Rick Macklem wrote: > Hi, >=20 > I am working on updating "struct export_args" to fix/add a few things. > One of these is that "ex_flags" is an int, but the flags are defined in m= ount.h > as MNT_xx bits that now exceed 32bits (mnt_flag is now uint64_t). > For now, this doesn't break anything, since the flags used by ex_flags are > all defined in the low order 32bits but...it seems like this should be ad= dressed > by a new version of "struct export_args". >=20 > I have two versions of the updated structure: > A) > struct export_args { > uint64_t ex_flags; /* export related flags */ > uid_t ex_root; /* mapping for root uid */ > struct xucred ex_anon; /* mapping for anonymous user */ > struct sockaddr *ex_addr; /* net address to which exported */ > u_char ex_addrlen; /* and the net address length */ > struct sockaddr *ex_mask; /* mask of valid bits in saddr */ > u_char ex_masklen; /* and the smask length */ > char *ex_indexfile; /* index file for WebNFS URLs */ > int ex_numsecflavors; /* security flavor count */ > int ex_secflavors[MAXSECFLAVORS]; /* list of security flavors */ > int32_t ex_fsid; /* mnt_stat.f_fsid.val[0] if */ > /* MNT_EXPORTFSID set in ex_flags64 */ > gid_t *ex_suppgroups; /* Supplemental groups if */ > /* ex_anon.cr_ngroups > XU_NGROUPS */ > }; > B) > struct export_args { > int ex_flags; /* export related flags */ > uid_t ex_root; /* mapping for root uid */ > struct xucred ex_anon; /* mapping for anonymous user */ > struct sockaddr *ex_addr; /* net address to which exported */ > u_char ex_addrlen; /* and the net address length */ > struct sockaddr *ex_mask; /* mask of valid bits in saddr */ > u_char ex_masklen; /* and the smask length */ > char *ex_indexfile; /* index file for WebNFS URLs */ > int ex_numsecflavors; /* security flavor count */ > int ex_secflavors[MAXSECFLAVORS]; /* list of security flavors */ > uint64_t ex_flagshighbits; /* High order bits of mnt_flag */ > int32_t ex_fsid; /* mnt_stat.f_fsid.val[0] if */ > /* MNT_EXPORTFSID set in ex_flags64 */ > gid_t *ex_suppgroups; /* Supplemental groups if */ > /* ex_anon.cr_ngroups > XU_NGROUPS */ > }; >=20 > A) does the obvious thing. Unfortunately, this changes the vfs KABI > (specifically the function vfs_oexport_conv()) such that a file system > module compiled with an unpatched mount.h could crash a patched system. > As such, I think it couldn't be MFC'd and would be stuck in head/current > until FreeBSD13 (or FreeBSD14 if 13 gets skipped over;-). >=20 > B) doesn't change any fields, but adds a second ex_flagshighbits for the = high > order bit. Since it only adds fields where none of those bits are used af= ter > the exports are processed by vfs_export() and, as such, will not break > the VFS KABI, since vfs_domount_update() differentiates which version > of export_args is being used. > As such, I believe this version can be MFC'd. However, it does seem confu= sing > to have the two ex_flags fields for the low and high 32bits. I see you've found a way to do compatibility for a new ABI. If you wanted to avoid changing the struct size, there is 3 bytes of usable padding after each ex_addrlen and ex_masklen. One general question: why does export_args still exist as an interface between userspace and the kernel? It's passed via nmount so it seems like the individual entries should be elements in the vector instead. This would be much friendlier if one wanted to do 32-bit compat support for mountd. -- Brooks --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJbtOWEAAoJEKzQXbSebgfA+jEH/iEJa8hdXopLWA8ECi5CHeoN qg+T05dBwCFkp0u87n2+rq+GWnxYho8y+Hh3orqF2p4l4KcG/f7TMo/L56nKBVyz jrPS1If9vBJEPqwyEzaKQAYrxr28v8o6uovaKH1zcWvQbhIJzBWRG5RICgPySMtF FQynUHa0xLxEg3OgBD79TOPTuJc4IeeI94veKDF6eAezHgXuba5OTi6lIlGi+Lgh eg2QXaaUkri+lOcpt3Qbhm8S54/DFPxlVxzaihgwACNPUsybjkOcK2TBh02ItlBc yuFkzYbIRstHiDLle3IRHaUmrRHbcmqh6MNraXiKLNOoo1ZlGSCqbRR3DRVb7kI= =ZMKq -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS--