Date: Thu, 4 Oct 2018 00:10:55 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Brooks Davis <brooks@freebsd.org> Cc: "freebsd-current@FreeBSD.org" <freebsd-current@FreeBSD.org>, Josh Paetzel <josh@tcbug.org> Subject: Re: which way to update export_args structure? Message-ID: <YTOPR0101MB18207FF25BA5D93F86C2B8C8DDE90@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <20181003155133.GA57729@spindle.one-eyed-alien.net> References: <YTOPR0101MB182021549F8CF8277477A4C5DDE90@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM>, <20181003155133.GA57729@spindle.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Brooks Davis wrote:
>On Wed, Oct 03, 2018 at 12:40:27AM +0000, Rick Macklem wrote:
>> Hi,
>>
>> I am working on updating "struct export_args" to fix/add a few things.
>> One of these is that "ex_flags" is an int, but the flags are defined in =
mount.h
>> as MNT_xx bits that now exceed 32bits (mnt_flag is now uint64_t).
>> For now, this doesn't break anything, since the flags used by ex_flags a=
re
>> all defined in the low order 32bits but...it seems like this should be a=
ddressed
>> by a new version of "struct export_args".
>>
>> I have two versions of the updated structure:
>> A)
>> struct export_args {
>> uint64_t ex_flags; /* export related flags */
>> uid_t ex_root; /* mapping for root uid */
>> struct xucred ex_anon; /* mapping for anonymous user */
>> struct sockaddr *ex_addr; /* net address to which exported *=
/
>> u_char ex_addrlen; /* and the net address length */
>> struct sockaddr *ex_mask; /* mask of valid bits in saddr */
>> u_char ex_masklen; /* and the smask length */
>> char *ex_indexfile; /* index file for WebNFS URLs */
>> int ex_numsecflavors; /* security flavor count */
>> int ex_secflavors[MAXSECFLAVORS]; /* list of security flavors =
*/
>> int32_t ex_fsid; /* mnt_stat.f_fsid.val[0] if */
>> /* MNT_EXPORTFSID set in ex_flags6=
4 */
>> gid_t *ex_suppgroups; /* Supplemental groups if */
>> /* ex_anon.cr_ngroups > XU_NGROUPS=
*/
>> };
>> B)
>> struct export_args {
>> int ex_flags; /* export related flags */
>> uid_t ex_root; /* mapping for root uid */
>> struct xucred ex_anon; /* mapping for anonymous user */
>> struct sockaddr *ex_addr; /* net address to which exported *=
/
>> u_char ex_addrlen; /* and the net address length */
>> struct sockaddr *ex_mask; /* mask of valid bits in saddr */
>> u_char ex_masklen; /* and the smask length */
>> char *ex_indexfile; /* index file for WebNFS URLs */
>> int ex_numsecflavors; /* security flavor count */
>> int ex_secflavors[MAXSECFLAVORS]; /* list of security flavors =
*/
>> uint64_t ex_flagshighbits; /* High order bits of mnt_flag */
>> int32_t ex_fsid; /* mnt_stat.f_fsid.val[0] if */
>> /* MNT_EXPORTFSID set in ex_flags6=
4 */
>> gid_t *ex_suppgroups; /* Supplemental groups if */
>> /* ex_anon.cr_ngroups > XU_NGROUPS=
*/
>> };
>>
>> A) does the obvious thing. Unfortunately, this changes the vfs KABI
>> (specifically the function vfs_oexport_conv()) such that a file system
>> module compiled with an unpatched mount.h could crash a patched system.
>> As such, I think it couldn't be MFC'd and would be stuck in head/current
>> until FreeBSD13 (or FreeBSD14 if 13 gets skipped over;-).
>>
>> B) doesn't change any fields, but adds a second ex_flagshighbits for the=
high
>> order bit. Since it only adds fields where none of those bits are used a=
fter
>> the exports are processed by vfs_export() and, as such, will not break
>> the VFS KABI, since vfs_domount_update() differentiates which version
>> of export_args is being used.
>> As such, I believe this version can be MFC'd. However, it does seem conf=
using
>> to have the two ex_flags fields for the low and high 32bits.
>
>I see you've found a way to do compatibility for a new ABI. If you
>wanted to avoid changing the struct size, there is 3 bytes of usable
>padding after each ex_addrlen and ex_masklen.
Actually, you want the size to change, since that is how the code detects
a different version of the struct. (Take a look around line# 1037 of vfs_mo=
unt.c).
The additions are a lot more than 6bytes. The reason I was a little hesitan=
t to
change ex_flags to 64bits is that it makes the compatibility code a little =
messier,
but it isn't that bad.
The tricky one is vfs_oexport_conv(), because it doesn't know the size of t=
he
struct being passed in via a pointer. My current solution is to have this f=
unction
remain in place for old file system binaries only and add a new function wi=
th
a different name (and takes a struct length argument as well as the pointer=
)
for the new code. This function is only used by three file systems to handl=
e the
old pre-nmount(2) syscall.
>One general question: why does export_args still exist as an interface
>between userspace and the kernel? It's passed via nmount so it seems
>like the individual entries should be elements in the vector instead.
>This would be much friendlier if one wanted to do 32-bit compat support
>for mountd.
Not sure what you are thinking of here. Right now "struct export_args" is t=
he data
for a mount option called "export". vfs_getopt() returns the length along w=
ith
the structure data and that length can be used to differentiate versions of=
the
structure. (Already done once by dfr@ and this would be a second revision.)
If you are thinking that each field should be a separate option, I suppose =
that
could be done?
Josh Paetzel has volunteered to update mountd.c, so he might have some
comments w.r.t. how easy it would be to make all of the structure fields
separate options?
(I don't think the kernel changes would be that hard. Just a bunch of vfs_g=
etopt()
calls for the new option names.)
rick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YTOPR0101MB18207FF25BA5D93F86C2B8C8DDE90>