On Mon, Nov 18, 2019 at 1:42 PM Steve Dickson <SteveD@xxxxxxxxxx> wrote: > > > > On 11/8/19 4:32 PM, Olga Kornievskaia wrote: > > From: Olga Kornievskaia <kolga@xxxxxxxxxx> > > > > Add a kernel config CONFIG_NFS_DISABLE_UDP_SUPPORT to disallow NFS > > UDP mounts. > > > > I took the same approach as Chuck's deprecation of DES enc types > > to start with default to still allow but I think the ultimate > > goal is to disable > > > > Question: how do we have folks trying this unless we set it to false? > Exactly... Why not do the opposite? Off by default... instead of > having to set the variable to turn UDP off? OK! v2 will turn this off by default instead. > > steved. > > > > > Signed-off-by: Olga Kornievskaia <kolga@xxxxxxxxxx> > > --- > > fs/nfs/Kconfig | 10 ++++++++++ > > fs/nfs/client.c | 4 ++++ > > fs/nfs/super.c | 8 ++++++++ > > 3 files changed, 22 insertions(+) > > > > diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig > > index 295a7a2..6320113 100644 > > --- a/fs/nfs/Kconfig > > +++ b/fs/nfs/Kconfig > > @@ -196,3 +196,13 @@ config NFS_DEBUG > > depends on NFS_FS && SUNRPC_DEBUG > > select CRC32 > > default y > > + > > +config NFS_DISABLE_UDP_SUPPORT > > + bool "NFS: Disable NFS UDP protocol support" > > + depends on NFS_FS > > + default n > > + help > > + Choose Y here to disable the use of NFS over UDP. NFS over UDP > > + on modern networks (1Gb+) can lead to data corruption caused by > > + fragmentation during high loads. > > + The default is N because many deployments still use UDP. > > diff --git a/fs/nfs/client.c b/fs/nfs/client.c > > index 02110a3..24ca314 100644 > > --- a/fs/nfs/client.c > > +++ b/fs/nfs/client.c > > @@ -474,6 +474,7 @@ void nfs_init_timeout_values(struct rpc_timeout *to, int proto, > > to->to_maxval = to->to_initval; > > to->to_exponential = 0; > > break; > > +#ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT > > case XPRT_TRANSPORT_UDP: > > if (retrans == NFS_UNSPEC_RETRANS) > > to->to_retries = NFS_DEF_UDP_RETRANS; > > @@ -484,6 +485,7 @@ void nfs_init_timeout_values(struct rpc_timeout *to, int proto, > > to->to_maxval = NFS_MAX_UDP_TIMEOUT; > > to->to_exponential = 1; > > break; > > +#endif > > default: > > BUG(); > > } > > @@ -580,8 +582,10 @@ static int nfs_start_lockd(struct nfs_server *server) > > default: > > nlm_init.protocol = IPPROTO_TCP; > > break; > > +#ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT > > case XPRT_TRANSPORT_UDP: > > nlm_init.protocol = IPPROTO_UDP; > > +#endif > > } > > > > host = nlmclnt_init(&nlm_init); > > diff --git a/fs/nfs/super.c b/fs/nfs/super.c > > index a84df7d6..21e59da 100644 > > --- a/fs/nfs/super.c > > +++ b/fs/nfs/super.c > > @@ -1011,7 +1011,9 @@ static void nfs_set_port(struct sockaddr *sap, int *port, > > static void nfs_validate_transport_protocol(struct nfs_parsed_mount_data *mnt) > > { > > switch (mnt->nfs_server.protocol) { > > +#ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT > > case XPRT_TRANSPORT_UDP: > > +#endif > > case XPRT_TRANSPORT_TCP: > > case XPRT_TRANSPORT_RDMA: > > break; > > @@ -1033,8 +1035,10 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt) > > return; > > switch (mnt->nfs_server.protocol) { > > case XPRT_TRANSPORT_UDP: > > +#ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT > > mnt->mount_server.protocol = XPRT_TRANSPORT_UDP; > > break; > > +#endif > > case XPRT_TRANSPORT_TCP: > > case XPRT_TRANSPORT_RDMA: > > mnt->mount_server.protocol = XPRT_TRANSPORT_TCP; > > @@ -2204,6 +2208,10 @@ static int nfs_validate_text_mount_data(void *options, > > #endif /* CONFIG_NFS_V4 */ > > } else { > > nfs_set_mount_transport_protocol(args); > > +#ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT > > + if (args->nfs_server.protocol == XPRT_TRANSPORT_UDP) > > + goto out_invalid_transport_udp; > > +#endif > > if (args->nfs_server.protocol == XPRT_TRANSPORT_RDMA) > > port = NFS_RDMA_PORT; > > } > > >