Bug 486756 - nfs server rejecting large writes when sec=krb5i/p is specified
nfs server rejecting large writes when sec=krb5i/p is specified
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.4
All Linux
low Severity medium
: rc
: ---
Assigned To: Peter Staubach
Red Hat Kernel QE team
cthon09
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-02-21 15:28 EST by Jeff Layton
Modified: 2011-12-13 05:46 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-02 05:02:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
binary wireshark capture (8.22 KB, application/octet-stream)
2009-02-21 15:31 EST, Jeff Layton
no flags Details
patch -- change conditional on length check (2.33 KB, patch)
2009-02-22 17:11 EST, Jeff Layton
no flags Details | Diff
Proposed patch (1.19 KB, patch)
2009-04-21 14:01 EDT, Peter Staubach
no flags Details | Diff

  None (edit)
Description Jeff Layton 2009-02-21 15:28:40 EST
This is a server side problem. Mount up an export with sec=krb5i:

    # mount -t nfs -o sec=krb5i server:/export /mnt/server

...now, do a large write. I used test5 from connectathon suite:

    # cd /mnt/server
    # env NFSTESTDIR=`pwd` strace /root/cthon04/basic/test5 -s

relevant strace info:

open("bigfile", O_WRONLY|O_CREAT|O_TRUNC|O_SYNC, 0666) = 3
stat("bigfile", {st_mode=S_IFREG|0666, st_size=0, ...}) = 0
write(3, "\0\0\0\0\1\0\0\0\2\0\0\0\3\0\0\0\4\0\0\0\5\0\0\0\6\0\0\0\7\0\0\0\10"..., 8192) = -1 EIO (Input/output error)

...the capture shows that the server had a problem decoding the args:

    Accept State: procedure can't decode params (4)

...this happens on all versions of nfs and when sec=krb5i or krb5p is used. sec=krb5 seems to be unaffected.
Comment 1 Jeff Layton 2009-02-21 15:31:12 EST
Created attachment 332830 [details]
binary wireshark capture

Binary capture of the problem. See frames 53 and 54.
Comment 2 RHEL Product and Program Management 2009-02-21 15:49:54 EST
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 3 Jeff Layton 2009-02-21 18:33:35 EST
Reassigning to Peter...

I backed out the patch for bug 228854 and this problem went away. For reference, this is commit 7880f3a898df1feefd7f43458be3d18aedde7765 in dzickus' git tree.
Comment 4 Jeff Layton 2009-02-22 17:11:15 EST
Created attachment 332876 [details]
patch -- change conditional on length check

This patch is backported from upstream and seems to fix the problem.
Comment 5 Peter Staubach 2009-04-21 14:01:38 EDT
Created attachment 340595 [details]
Proposed patch

Here is the patch as ported to RHEL-5.
Comment 6 Don Zickus 2009-04-27 11:59:38 EDT
in kernel-2.6.18-141.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5

Please do NOT transition this bugzilla state to VERIFIED until our QE team
has sent specific instructions indicating when to do so.  However feel free
to provide a comment indicating that this fix has been verified.
Comment 9 errata-xmlrpc 2009-09-02 05:02:16 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2009-1243.html

Note You need to log in before you can comment on or make changes to this bug.