Date: Sun, 30 May 2010 21:48:49 +0300 From: Efstratios Karatzas <gpf.kira@gmail.com> To: soc-status@freebsd.org Subject: weekly update #1 Message-ID: <AANLkTimUERQm7ySeUBtsHApw1wTE6notyQ_6iTV1qKsS@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
- audit support for current NFS implementation in sys/nfs* is complete. (Complete at least till I get some feedback and change how things work.) We are now auditing all of the RPCs and keeping track of the following information (more or less) - type of RPC - date/time of event - credentials of the user who issued the RPC. - ip address + port that the rpc came from, otherwise the credentials don't make much sense. - attributes of the file that was the target of the rpc and some various flags - full path for the file in question - recreating 'a' working path from a vnode is done using two KPIs: the old vn_fullpath() KPI that uses the name cache and vn_fullpath_nocache() that does not. vn_fullpath_nocache() was coded for this project and resides in sys/kern/vfs_cache.c The hardest part of finding a working path for a file from a vnode is finding a parent directory with the file as a child. This is done by using VOP_GETPARENT() that was coded to solve this problem. In case of directories, we just VOP_VPTOCNP() our way up the filesystem. - VOP_GETPARENT: If the fs is UFS, a parent directory inode number is stored inside the file handle that is used to reference that file in NFS. This was done by altering VOP_VPTOFH(). In ZFS this is not required, as the parent directory znode number is kept by the filesystem itself. This VOP is also able to search the entiry filesystem to find a parent directory for a file, if a parent hint does not cut it. Exhaustive search for UFS kernel panics for the time beign due to some locks that are held. Besides that, the VOP, as well as the new KPI work just fine as far as I can tell. - added a new VFS op, VFS_FHHINT that retrieves the parent directory ino_t "hint" from the file handle. In retrospect, perhaps I should have altered VFS_FHTOVP and have the hint returned via a new argument. - added a new argument, 'c', to praudit so that user credentials (usid, gpid) will not be matched against local user credentials. They are instead printed in "raw numeric form". - Last but not least, all coded is tested with UFS & ZFS. For any new VOPs of VFS that I add, I also add default implementations and make sure that they are called when a different fs is exported via NFS, so that we won't kernel panic or anything. Hope I'm not forgetting anything. Note: This is not actually the weekly update because community bonding period(=?) was used for coding. Note2: I have skipped over a lot of details, please refer to the p4 comments or the code itself for more info. -- Efstratios "GPF" Karatzas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimUERQm7ySeUBtsHApw1wTE6notyQ_6iTV1qKsS>