Bug 486756 - nfs server rejecting large writes when sec=krb5i/p is specified
nfs server rejecting large writes when sec=krb5i/p is specified
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
low Severity medium
: rc
: ---
Assigned To: Peter Staubach
Red Hat Kernel QE team
Depends On:
  Show dependency treegraph
Reported: 2009-02-21 15:28 EST by Jeff Layton
Modified: 2011-12-13 05:46 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-09-02 05:02:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
binary wireshark capture (8.22 KB, application/octet-stream)
2009-02-21 15:31 EST, Jeff Layton
no flags Details
patch -- change conditional on length check (2.33 KB, patch)
2009-02-22 17:11 EST, Jeff Layton
no flags Details | Diff
Proposed patch (1.19 KB, patch)
2009-04-21 14:01 EDT, Peter Staubach
no flags Details | Diff

  None (edit)
Description Jeff Layton 2009-02-21 15:28:40 EST
This is a server side problem. Mount up an export with sec=krb5i:

    # mount -t nfs -o sec=krb5i server:/export /mnt/server

...now, do a large write. I used test5 from connectathon suite:

    # cd /mnt/server
    # env NFSTESTDIR=`pwd` strace /root/cthon04/basic/test5 -s

relevant strace info:

open("bigfile", O_WRONLY|O_CREAT|O_TRUNC|O_SYNC, 0666) = 3
stat("bigfile", {st_mode=S_IFREG|0666, st_size=0, ...}) = 0
write(3, "\0\0\0\0\1\0\0\0\2\0\0\0\3\0\0\0\4\0\0\0\5\0\0\0\6\0\0\0\7\0\0\0\10"..., 8192) = -1 EIO (Input/output error)

...the capture shows that the server had a problem decoding the args:

    Accept State: procedure can't decode params (4)

...this happens on all versions of nfs and when sec=krb5i or krb5p is used. sec=krb5 seems to be unaffected.
Comment 1 Jeff Layton 2009-02-21 15:31:12 EST
Created attachment 332830 [details]
binary wireshark capture

Binary capture of the problem. See frames 53 and 54.
Comment 2 RHEL Product and Program Management 2009-02-21 15:49:54 EST
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
Comment 3 Jeff Layton 2009-02-21 18:33:35 EST
Reassigning to Peter...

I backed out the patch for bug 228854 and this problem went away. For reference, this is commit 7880f3a898df1feefd7f43458be3d18aedde7765 in dzickus' git tree.
Comment 4 Jeff Layton 2009-02-22 17:11:15 EST
Created attachment 332876 [details]
patch -- change conditional on length check

This patch is backported from upstream and seems to fix the problem.
Comment 5 Peter Staubach 2009-04-21 14:01:38 EDT
Created attachment 340595 [details]
Proposed patch

Here is the patch as ported to RHEL-5.
Comment 6 Don Zickus 2009-04-27 11:59:38 EDT
in kernel-2.6.18-141.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5

Please do NOT transition this bugzilla state to VERIFIED until our QE team
has sent specific instructions indicating when to do so.  However feel free
to provide a comment indicating that this fix has been verified.
Comment 9 errata-xmlrpc 2009-09-02 05:02:16 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.