Found wdiff, but it reported no recognisable version. Falling back to builtin diff colouring... Diff: draft-pre-ch-14.txt - draft-ietf-nfsv4-minorversion1-22.txt
 draft-pre-ch-14.txt   draft-ietf-nfsv4-minorversion1-22.txt 
skipping to change at page 7, line 37 skipping to change at page 7, line 37
14. Internationalization . . . . . . . . . . . . . . . . . . . . 317 14. Internationalization . . . . . . . . . . . . . . . . . . . . 317
14.1. Stringprep profile for the utf8str_cs type . . . . . . . 318 14.1. Stringprep profile for the utf8str_cs type . . . . . . . 318
14.2. Stringprep profile for the utf8str_cis type . . . . . . 319 14.2. Stringprep profile for the utf8str_cis type . . . . . . 319
14.3. Stringprep profile for the utf8str_mixed type . . . . . 321 14.3. Stringprep profile for the utf8str_mixed type . . . . . 321
14.4. UTF-8 Capabilities . . . . . . . . . . . . . . . . . . . 322 14.4. UTF-8 Capabilities . . . . . . . . . . . . . . . . . . . 322
14.5. UTF-8 Related Errors . . . . . . . . . . . . . . . . . . 322 14.5. UTF-8 Related Errors . . . . . . . . . . . . . . . . . . 322
15. Error Values . . . . . . . . . . . . . . . . . . . . . . . . 323 15. Error Values . . . . . . . . . . . . . . . . . . . . . . . . 323
15.1. Error Definitions . . . . . . . . . . . . . . . . . . . 323 15.1. Error Definitions . . . . . . . . . . . . . . . . . . . 323
15.1.1. General Errors . . . . . . . . . . . . . . . . . . . 325 15.1.1. General Errors . . . . . . . . . . . . . . . . . . . 325
15.1.2. Filehandle Errors . . . . . . . . . . . . . . . . . 327 15.1.2. Filehandle Errors . . . . . . . . . . . . . . . . . 327
15.1.3. Compound Structure Errors . . . . . . . . . . . . . 328 15.1.3. Compound Structure Errors . . . . . . . . . . . . . 329
15.1.4. File System Errors . . . . . . . . . . . . . . . . . 330 15.1.4. File System Errors . . . . . . . . . . . . . . . . . 330
15.1.5. State Management Errors . . . . . . . . . . . . . . 332 15.1.5. State Management Errors . . . . . . . . . . . . . . 332
15.1.6. Security Errors . . . . . . . . . . . . . . . . . . 333 15.1.6. Security Errors . . . . . . . . . . . . . . . . . . 333
15.1.7. Name Errors . . . . . . . . . . . . . . . . . . . . 334 15.1.7. Name Errors . . . . . . . . . . . . . . . . . . . . 334
15.1.8. Locking Errors . . . . . . . . . . . . . . . . . . . 334 15.1.8. Locking Errors . . . . . . . . . . . . . . . . . . . 334
15.1.9. Reclaim Errors . . . . . . . . . . . . . . . . . . . 336 15.1.9. Reclaim Errors . . . . . . . . . . . . . . . . . . . 336
15.1.10. pNFS Errors . . . . . . . . . . . . . . . . . . . . 336 15.1.10. pNFS Errors . . . . . . . . . . . . . . . . . . . . 336
15.1.11. Session Use Errors . . . . . . . . . . . . . . . . . 338 15.1.11. Session Use Errors . . . . . . . . . . . . . . . . . 338
15.1.12. Session Management Errors . . . . . . . . . . . . . 339 15.1.12. Session Management Errors . . . . . . . . . . . . . 339
15.1.13. Client Management Errors . . . . . . . . . . . . . . 339 15.1.13. Client Management Errors . . . . . . . . . . . . . . 339
skipping to change at page 65, line 21 skipping to change at page 65, line 21
(XORed) with the argument to SET_SSV. Each time a new principal (XORed) with the argument to SET_SSV. Each time a new principal
uses a client ID for the first time, the client SHOULD send a uses a client ID for the first time, the client SHOULD send a
SET_SSV with that principal's RPCSEC_GSS credentials, with SET_SSV with that principal's RPCSEC_GSS credentials, with
RPCSEC_GSS service set to RPC_GSS_SVC_PRIVACY. RPCSEC_GSS service set to RPC_GSS_SVC_PRIVACY.
Here are the types of attacks that can be attempted by an attacker Here are the types of attacks that can be attempted by an attacker
named Eve on a victim named Bob, and how SP4_SSV protection foils named Eve on a victim named Bob, and how SP4_SSV protection foils
each attack: each attack:
o Suppose Eve is the first user to log into a legitimate client. o Suppose Eve is the first user to log into a legitimate client.
Eve's use of an NFSv4.1 file system will cause an SSV to be Eve's use of an NFSv4.1 file system will cause the legitimate
created via the legitimate client's NFSv4.1 implementation. The client to create a client ID with SP4_SSV protection, specifying
SET_SSV that creates the SSV will be protected by the RPCSEC_GSS that the BIND_CONN_TO_SESSION operation MUST use the SSV
context created by the legitimate client which uses Eve's GSS credential. Eve's use of the file system also causes an SSV to be
principal and credentials. Eve can eavesdrop on the network while created. The SET_SSV operation that creates the SSV will be
her RPCSEC_GSS context is created, and the SET_SSV using her protected by the RPCSEC_GSS context created by the legitimate
context is sent. Even if the legitimate client sends the SET_SSV client which uses Eve's GSS principal and credentials. Eve can
with RPC_GSS_SVC_PRIVACY, because Eve knows her own credentials, eavesdrop on the network while her RPCSEC_GSS context is created,
she can decrypt the SSV. Eve can compute an RPCSEC_GSS credential and the SET_SSV using her context is sent. Even if the legitimate
that BIND_CONN_TO_SESSION will accept, and so associate a new client sends the SET_SSV with RPC_GSS_SVC_PRIVACY, because Eve
connection with the legitimate session. Eve can change the slot knows her own credentials, she can decrypt the SSV. Eve can
id and sequence state of a legitimate session, and/or the SSV compute an RPCSEC_GSS credential that BIND_CONN_TO_SESSION will
state, in such a way that when Bob accesses the server via the accept, and so associate a new connection with the legitimate
same legitimate client, the legitimate client will be unable to session. Eve can change the slot id and sequence state of a
use the session. legitimate session, and/or the SSV state, in such a way that when
Bob accesses the server via the same legitimate client, the
legitimate client will be unable to use the session.
The client's only recourse is to create a new client ID for Bob to The client's only recourse is to create a new client ID for Bob to
use, and establish a new SSV for the client ID. The client will use, and establish a new SSV for the client ID. The client will
be unable to delete the old client ID, and will let the lease on be unable to delete the old client ID, and will let the lease on
old client ID expire. the old client ID expire.
Once the legitimate client establishes an SSV over the new session Once the legitimate client establishes an SSV over the new session
using Bob's RPCSEC_GSS context, Eve can use the new session via using Bob's RPCSEC_GSS context, Eve can use the new session via
the legitimate client, but she cannot disrupt Bob. Moreover, the legitimate client, but she cannot disrupt Bob. Moreover,
because the client SHOULD have modified the SSV due to Eve using because the client SHOULD have modified the SSV due to Eve using
the new session, Bob cannot get revenge on Eve by associating a the new session, Bob cannot get revenge on Eve by associating a
rogue connection with the session. rogue connection with the session.
The question is how did the legitimate client detect that Eve has The question is how did the legitimate client detect that Eve has
hijacked the old session? When the client detects that a new hijacked the old session? When the client detects that a new
skipping to change at page 66, line 18 skipping to change at page 66, line 20
legitimate client later uses. The server will assume the legitimate client later uses. The server will assume the
SET_SSV sent with Bob's credentials is a retry, and return to SET_SSV sent with Bob's credentials is a retry, and return to
the legitimate client the reply it sent Eve. However, unless the legitimate client the reply it sent Eve. However, unless
Eve can correctly guess the SSV the legitimate client will use, Eve can correctly guess the SSV the legitimate client will use,
the digest verification checks in the SET_SSV response will the digest verification checks in the SET_SSV response will
fail. That is an indication to the client that the session has fail. That is an indication to the client that the session has
apparently been hijacked. apparently been hijacked.
* Alternatively, Eve sent a SET_SSV with a different slot id than * Alternatively, Eve sent a SET_SSV with a different slot id than
the legitimate client uses for its SET_SSV. Then the digest the legitimate client uses for its SET_SSV. Then the digest
verification of the SET_SSV send with Bob's credentials fails verification of the SET_SSV sent with Bob's credentials fails
on the server fails, and the error returned to the client makes on the server, and the error returned to the client makes it
it apparent that the session has been hijacked. apparent that the session has been hijacked.
* Alternatively, Eve sent an operation other than SET_SSV, but * Alternatively, Eve sent an operation other than SET_SSV, but
with the same slot id and sequence that the legitimate client with the same slot id and sequence that the legitimate client
uses for its SET_SSV. The server returns to the legitimate uses for its SET_SSV. The server returns to the legitimate
client the response it sent Eve. The client sees that the client the response it sent Eve. The client sees that the
response is not at all what it expects. The client assumes response is not at all what it expects. The client assumes
either session hijacking or a server bug, and either way either session hijacking or a server bug, and either way
destroys the old session. destroys the old session.
o Eve associates a rogue connection with the session as above, and o Eve associates a rogue connection with the session as above, and
then destroys the session. Again, Bob goes to use the server from then destroys the session. Again, Bob goes to use the server from
the legitimate client, which sends a SET_SSV using Bob's the legitimate client, which sends a SET_SSV using Bob's
credentials. The client receives an error that indicates the credentials. The client receives an error that indicates the
session does not exist. When the client tries to create a new session does not exist. When the client tries to create a new
session, this will fail because the SSV it has does not match that session, this will fail because the SSV it has does not match that
the server has, and now the client knows the session was hijacked. the server has, and now the client knows the session was hijacked.
The legitimate client establishes a new client ID as before. The legitimate client establishes a new client ID.
o If Eve creates a connection before the legitimate client o If Eve creates a connection before the legitimate client
establishes an SSV, because the initial value of the SSV is zero establishes an SSV, because the initial value of the SSV is zero
and therefore known, Eve can send a SET_SSV that will pass the and therefore known, Eve can send a SET_SSV that will pass the
digest verification check. However because the new connection has digest verification check. However because the new connection has
not been associated with the session, the SET_SSV is rejected for not been associated with the session, the SET_SSV is rejected for
that reason. that reason.
In summary, an attacker's disruption of state when SP4_SSV protection In summary, an attacker's disruption of state when SP4_SSV protection
is in use is limited to the formative period of a client ID, its is in use is limited to the formative period of a client ID, its
skipping to change at page 318, line 24 skipping to change at page 318, line 24
14.1.1. Intended applicability of the nfs4_cs_prep profile 14.1.1. Intended applicability of the nfs4_cs_prep profile
The utf8str_cs type is a case sensitive string of UTF-8 characters. The utf8str_cs type is a case sensitive string of UTF-8 characters.
Its primary use in NFSv4.1 is for naming components and pathnames. Its primary use in NFSv4.1 is for naming components and pathnames.
Components and pathnames are stored on the server's file system. Two Components and pathnames are stored on the server's file system. Two
valid distinct UTF-8 strings might be the same after processing via valid distinct UTF-8 strings might be the same after processing via
the utf8str_cs profile. If the strings are two names inside a the utf8str_cs profile. If the strings are two names inside a
directory, the NFSv4.1 server will need to either: directory, the NFSv4.1 server will need to either:
o disallow the creation of a second name if it's post processed form o disallow the creation of a second name if its post processed form
collides with that of an existing name, or collides with that of an existing name, or
o allow the creation of the second name, but arrange so that after o allow the creation of the second name, but arrange so that after
post processing, the second name is different than the post post processing, the second name is different than the post
processed form of the first name. processed form of the first name.
14.1.2. Character repertoire of nfs4_cs_prep 14.1.2. Character repertoire of nfs4_cs_prep
The nfs4_cs_prep profile uses Unicode 3.2, as defined in stringprep's The nfs4_cs_prep profile uses Unicode 3.2, as defined in stringprep's
Appendix A.1 Appendix A.1
skipping to change at page 318, line 46 skipping to change at page 318, line 46
14.1.3. Mapping used by nfs4_cs_prep 14.1.3. Mapping used by nfs4_cs_prep
The nfs4_cs_prep profile specifies mapping using the following tables The nfs4_cs_prep profile specifies mapping using the following tables
from stringprep: from stringprep:
Table B.1 Table B.1
Table B.2 is normally not part of the nfs4_cs_prep profile as it is Table B.2 is normally not part of the nfs4_cs_prep profile as it is
primarily for dealing with case-insensitive comparisons. However, if primarily for dealing with case-insensitive comparisons. However, if
the NFSv4.1 file server supports the case_insensitive file system the NFSv4.1 file server supports the case_insensitive file system
attribute, and if case_insensitive is true, the NFSv4.1 server MUST attribute, and if case_insensitive is TRUE, the NFSv4.1 server MUST
use Table B.2 (in addition to Table B1) when processing utf8str_cs use Table B.2 (in addition to Table B1) when processing utf8str_cs
strings, and the NFSv4.1 client MUST assume Table B.2 (in addition to strings, and the NFSv4.1 client MUST assume Table B.2 (in addition to
Table B.1) are being used. Table B.1) are being used.
If the case_preserving attribute is present and set to FALSE, then If the case_preserving attribute is present and set to FALSE, then
the NFSv4.1 server MUST use table B.2 to map case when processing the NFSv4.1 server MUST use table B.2 to map case when processing
utf8str_cs strings. Whether the server maps from lower to upper case utf8str_cs strings. Whether the server maps from lower to upper case
or the upper to lower case is an implementation dependency. or the upper to lower case is an implementation dependency.
14.1.4. Normalization used by nfs4_cs_prep 14.1.4. Normalization used by nfs4_cs_prep
skipping to change at page 322, line 36 skipping to change at page 322, line 36
typedef uint32_t fs_charset_cap4; typedef uint32_t fs_charset_cap4;
Because some operating environments and file systems do not enforce Because some operating environments and file systems do not enforce
character set encodings, NFSv4.1 supports the fs_charset_cap character set encodings, NFSv4.1 supports the fs_charset_cap
attribute (Section 5.7.2.11) that indicates to the client a file attribute (Section 5.7.2.11) that indicates to the client a file
system's UTF-8 capabilities. The attribute is an integer containing system's UTF-8 capabilities. The attribute is an integer containing
a pair of flags. The first flag is FSCHARSET_CAP4_CONTAINS_NON_UTF8, a pair of flags. The first flag is FSCHARSET_CAP4_CONTAINS_NON_UTF8,
which, if set to one tells the client the file system contains non- which, if set to one tells the client the file system contains non-
UTF-8 characters, and the server will not convert non-UTF characters UTF-8 characters, and the server will not convert non-UTF characters
to UTF-8 if the client reads a symlink or directory, nor will to UTF-8 if the client reads a symlink or directory, nor will
operations that take component names or pathname have the strings operations with component names or pathnames in the arguments convert
converted to UTF-8. The second flag is the strings to UTF-8. The second flag is
FSCHARSET_CAP4_ALLOWS_ONLY_UTF8 which if set to one, indicates that FSCHARSET_CAP4_ALLOWS_ONLY_UTF8 which if set to one, indicates that
the server will accept (and generate) only UTF-8 characters on the the server will accept (and generate) only UTF-8 characters on the
file system. If FSCHARSET_CAP4_ALLOWS_ONLY_UTF8 is set to one, file system. If FSCHARSET_CAP4_ALLOWS_ONLY_UTF8 is set to one,
FSCHARSET_CAP4_CONTAINS_NON_UTF8 MUST be set to zero. FSCHARSET_CAP4_CONTAINS_NON_UTF8 MUST be set to zero.
FSCHARSET_CAP4_ALLOWS_ONLY_UTF8 SHOULD always be set to one. FSCHARSET_CAP4_ALLOWS_ONLY_UTF8 SHOULD always be set to one.
14.5. UTF-8 Related Errors 14.5. UTF-8 Related Errors
Where the client sends an invalid UTF-8 string, the server should Where the client sends an invalid UTF-8 string, the server should
return an NFS4ERR_INVAL (Table 11) error. This includes cases in return NFS4ERR_INVAL (see Table 11). This includes cases in which
which inappropriate prefixes are detected and where the count inappropriate prefixes are detected and where the count includes
includes trailing bytes that do not constitute a full UCS character. trailing bytes that do not constitute a full UCS character.
Where the client supplied string is valid UTF-8 but contains Where the client supplied string is valid UTF-8 but contains
characters that are not supported by the server as a value for that characters that are not supported by the server as a value for that
string (e.g. names containing characters that have more than two string (e.g. names containing characters that have more than two
bytes on a file system that supports Unicode characters only), the bytes on a file system that supports Unicode characters only), the
server should return an NFS4ERR_BADCHAR (Table 11) error. server should return NFS4ERR_BADCHAR.
Where a UTF-8 string is used as a file name, and the file system, Where a UTF-8 string is used as a file name, and the file system,
while supporting all of the characters within the name, does not while supporting all of the characters within the name, does not
allow that particular name to be used, the server should return the allow that particular name to be used, the server should return the
error NFS4ERR_BADNAME (Table 11). This includes situations in which error NFS4ERR_BADNAME (Table 11). This includes situations in which
the server file system imposes a normalization constraint on name the server file system imposes a normalization constraint on name
strings, but will also include such situations as file system strings, but will also include such situations as file system
prohibitions of "." and ".." as file names for certain operations, prohibitions of "." and ".." as file names for certain operations,
and other such constraints. and other such constraints.
skipping to change at page 324, line 13 skipping to change at page 324, line 13
| NFS4ERR_BAD_COOKIE | 10003 | Section 15.1.1.2 | | NFS4ERR_BAD_COOKIE | 10003 | Section 15.1.1.2 |
| NFS4ERR_BAD_HIGH_SLOT | 10077 | Section 15.1.11.3 | | NFS4ERR_BAD_HIGH_SLOT | 10077 | Section 15.1.11.3 |
| NFS4ERR_BAD_RANGE | 10042 | Section 15.1.8.1 | | NFS4ERR_BAD_RANGE | 10042 | Section 15.1.8.1 |
| NFS4ERR_BAD_SEQID | 10026 | Section 15.1.16.1 | | NFS4ERR_BAD_SEQID | 10026 | Section 15.1.16.1 |
| NFS4ERR_BAD_SESSION_DIGEST | 10051 | Section 15.1.12.2 | | NFS4ERR_BAD_SESSION_DIGEST | 10051 | Section 15.1.12.2 |
| NFS4ERR_BAD_STATEID | 10025 | Section 15.1.5.2 | | NFS4ERR_BAD_STATEID | 10025 | Section 15.1.5.2 |
| NFS4ERR_CB_PATH_DOWN | 10048 | Section 15.1.11.4 | | NFS4ERR_CB_PATH_DOWN | 10048 | Section 15.1.11.4 |
| NFS4ERR_CLID_INUSE | 10017 | Section 15.1.13.2 | | NFS4ERR_CLID_INUSE | 10017 | Section 15.1.13.2 |
| NFS4ERR_CLIENTID_BUSY | 10074 | Section 15.1.13.1 | | NFS4ERR_CLIENTID_BUSY | 10074 | Section 15.1.13.1 |
| NFS4ERR_COMPLETE_ALREADY | 10054 | Section 15.1.9.1 | | NFS4ERR_COMPLETE_ALREADY | 10054 | Section 15.1.9.1 |
| NFS4ERR_CONN_BINDING_NOT_ENFORCED | 10073 | Section 15.1.12.3 |
| NFS4ERR_CONN_NOT_BOUND_TO_SESSION | 10055 | Section 15.1.11.6 | | NFS4ERR_CONN_NOT_BOUND_TO_SESSION | 10055 | Section 15.1.11.6 |
| NFS4ERR_DEADLOCK | 10045 | Section 15.1.8.2 | | NFS4ERR_DEADLOCK | 10045 | Section 15.1.8.2 |
| NFS4ERR_DEADSESSION | 10078 | Section 15.1.11.5 | | NFS4ERR_DEADSESSION | 10078 | Section 15.1.11.5 |
| NFS4ERR_DELAY | 10008 | Section 15.1.1.3 | | NFS4ERR_DELAY | 10008 | Section 15.1.1.3 |
| NFS4ERR_DELEG_ALREADY_WANTED | 10056 | Section 15.1.14.1 | | NFS4ERR_DELEG_ALREADY_WANTED | 10056 | Section 15.1.14.1 |
| NFS4ERR_DENIED | 10010 | Section 15.1.8.3 | | NFS4ERR_DENIED | 10010 | Section 15.1.8.3 |
| NFS4ERR_DIRDELEG_UNAVAIL | 10084 | Section 15.1.14.2 | | NFS4ERR_DIRDELEG_UNAVAIL | 10084 | Section 15.1.14.2 |
| NFS4ERR_DQUOT | 69 | Section 15.1.4.2 | | NFS4ERR_DQUOT | 69 | Section 15.1.4.2 |
| NFS4ERR_ENCR_ALG_UNSUPP | 10079 | Section 15.1.13.3 | | NFS4ERR_ENCR_ALG_UNSUPP | 10079 | Section 15.1.13.3 |
| NFS4ERR_EXIST | 17 | Section 15.1.4.3 | | NFS4ERR_EXIST | 17 | Section 15.1.4.3 |
skipping to change at page 326, line 7 skipping to change at page 326, line 7
Table 11 Table 11
15.1.1. General Errors 15.1.1. General Errors
This section deals with errors that are applicable to a broad set of This section deals with errors that are applicable to a broad set of
different purposes. different purposes.
15.1.1.1. NFS4ERR_BADXDR (Error Code 10036) 15.1.1.1. NFS4ERR_BADXDR (Error Code 10036)
The arguments for this op do not match those specified in the XDR The arguments for this operation do not match those specified in the
definition. This includes situations in which the request ends XDR definition. This includes situations in which the request ends
before all the arguments have been seen. Note that this error before all the arguments have been seen. Note that this error
applies when fixed enumerations (these include booleans) have a value applies when fixed enumerations (these include booleans) have a value
within the input stream which is not valid for the enum. A replier within the input stream which is not valid for the enum. A replier
may pre-parse all ops for a Compound procedure before doing any may pre-parse all operations for a Compound procedure before doing
operation execution and return RPC-level XDR errors in that case. any operation execution and return RPC-level XDR errors in that case.
15.1.1.2. NFS4ERR_BAD_COOKIE (Error Code 10003) 15.1.1.2. NFS4ERR_BAD_COOKIE (Error Code 10003)
Used for ops that provide a set of information indexed by some Used for operations that provide a set of information indexed by some
quantity provided by the client or cookie sent by the server for an quantity provided by the client or cookie sent by the server for an
earlier invocation. Where the value cannot be used for its intended earlier invocation. Where the value cannot be used for its intended
purpose, this error results. purpose, this error results.
15.1.1.3. NFS4ERR_DELAY (Error Code 10008) 15.1.1.3. NFS4ERR_DELAY (Error Code 10008)
For any of a number of reasons, the replier could not process this For any of a number of reasons, the replier could not process this
operation in what was deemed a reasonable time. The client should operation in what was deemed a reasonable time. The client should
wait and then try the request with a new slot and sequence value. wait and then try the request with a new slot and sequence value.
skipping to change at page 326, line 39 skipping to change at page 326, line 39
o A server that supports hierarchical storage receives a request to o A server that supports hierarchical storage receives a request to
process a file that had been migrated. process a file that had been migrated.
o An operation requires a delegation recall to proceed and waiting o An operation requires a delegation recall to proceed and waiting
for this delegation recall makes processing this request in a for this delegation recall makes processing this request in a
timely fashion impossible. timely fashion impossible.
In such cases, the error NFS4ERR_DELAY allows these preparatory In such cases, the error NFS4ERR_DELAY allows these preparatory
operations to proceed without holding up client resources such as a operations to proceed without holding up client resources such as a
session slot. The client can then retry the operation in question. session slot. After delaying for period of time, the client can then
re-send the operation in question (but not with the same slot id and
sequence id; one or both MUST be different on the re-send).
Note that without the ability to return NFS4ERR_DELAY and the Note that without the ability to return NFS4ERR_DELAY and the
client's willingness to retry when receiving it, deadlock might well client's willingness to re-send when receiving it, deadlock might
result. If a recall is done, and if the delegation return or well result. E.g., if a recall is done, and if the delegation return
operations preparatory to delegation return are held up by other or operations preparatory to delegation return are held up by other
operations that need the delegation to be returned, session slots operations that need the delegation to be returned, session slots
might not be available. The result could be deadlock. might not be available. The result could be deadlock.
15.1.1.4. NFS4ERR_INVAL (Error Code 22) 15.1.1.4. NFS4ERR_INVAL (Error Code 22)
The arguments for this op are not valid for some reason, even though The arguments for this operation are not valid for some reason, even
they do match those specified in the XDR definition for the request. though they do match those specified in the XDR definition for the
request.
15.1.1.5. NFS4ERR_NOTSUPP (Error Code 10004) 15.1.1.5. NFS4ERR_NOTSUPP (Error Code 10004)
Operation not supported, either because the operation is an OPTIONAL Operation not supported, either because the operation is an OPTIONAL
one and is not supported by this server or because the operation is one and is not supported by this server or because the operation MUST
MUST NOT be implemented in the current minor version. NOT be implemented in the current minor version.
15.1.1.6. NFS4ERR_SERVERFAULT (Error Code 10006) 15.1.1.6. NFS4ERR_SERVERFAULT (Error Code 10006)
An error occurred on the server which does not map to any of the An error occurred on the server which does not map to any of the
specific legal NFSv4.1 protocol error values. The client should specific legal NFSv4.1 protocol error values. The client should
translate this into an appropriate error. UNIX clients may choose to translate this into an appropriate error. UNIX clients may choose to
translate this to EIO. translate this to EIO.
15.1.1.7. NFS4ERR_TOOSMALL (Error Code 10005) 15.1.1.7. NFS4ERR_TOOSMALL (Error Code 10005)
skipping to change at page 329, line 34 skipping to change at page 329, line 42
Certain operations, which are allowed to be executed outside of a Certain operations, which are allowed to be executed outside of a
session, must be the only operation within a COMPOUND. This error session, must be the only operation within a COMPOUND. This error
results when that constraint is not met. results when that constraint is not met.
15.1.3.4. NFS4ERR_OP_ILLEGAL (Error Code 10044) 15.1.3.4. NFS4ERR_OP_ILLEGAL (Error Code 10044)
The operation code is not a valid one for the current Compound The operation code is not a valid one for the current Compound
procedure. The opcode in the result stream matched with this error procedure. The opcode in the result stream matched with this error
is the ILLEGAL value, although the value that appears in the request is the ILLEGAL value, although the value that appears in the request
stream may be different. Where an illegal value appears and the stream may be different. Where an illegal value appears and the
replier pre-parses all ops for a Compound procedure before doing any replier pre-parses all operations for a Compound procedure before
operation execution, an RPC-level XDR error may be returned in this doing any operation execution, an RPC-level XDR error may be returned
case. in this case.
15.1.3.5. NFS4ERR_OP_NOT_IN_SESSION (Error Code 10071) 15.1.3.5. NFS4ERR_OP_NOT_IN_SESSION (Error Code 10071)
Most forward operations and all callback operations are only valid Most forward operations and all callback operations are only valid
within the context of a session, so that the Compound request in within the context of a session, so that the Compound request in
question must begin with a Sequence operation, If an attempt is made question must begin with a Sequence operation. If an attempt is made
to execute these operations outside the context of session, this to execute these operations outside the context of session, this
error results. error results.
15.1.3.6. NFS4ERR_REP_TOO_BIG (Error Code 10066) 15.1.3.6. NFS4ERR_REP_TOO_BIG (Error Code 10066)
The reply to a Compound would exceed the channel's negotiated maximum The reply to a Compound would exceed the channel's negotiated maximum
response size. response size.
15.1.3.7. NFS4ERR_REP_TOO_BIG_TO_CACHE (Error Code 10067) 15.1.3.7. NFS4ERR_REP_TOO_BIG_TO_CACHE (Error Code 10067)
skipping to change at page 333, line 41 skipping to change at page 333, line 47
15.1.6.2. NFS4ERR_PERM (Error Code 1) 15.1.6.2. NFS4ERR_PERM (Error Code 1)
Indicates requester is not the owner. The operation was not allowed Indicates requester is not the owner. The operation was not allowed
because the caller is neither a privileged user (root) nor the owner because the caller is neither a privileged user (root) nor the owner
of the target of the operation. of the target of the operation.
15.1.6.3. NFS4ERR_WRONGSEC (Error Code 10016) 15.1.6.3. NFS4ERR_WRONGSEC (Error Code 10016)
Indicates that the security mechanism being used by the client for Indicates that the security mechanism being used by the client for
the operation does not match the server's security policy. The the operation does not match the server's security policy. The
client should change the security mechanism being used and retry the client should change the security mechanism being used and re-send
operation. SECINFO and SECINFO_NO_NAME can be used to determine the the operation (but not with the same slot id and sequence id; one or
appropriate mechanism. both MUST be different on the re-send). SECINFO and SECINFO_NO_NAME
can be used to determine the appropriate mechanism.
15.1.6.4. NFS4ERR_WRONG_CRED (Error Code 10082) 15.1.6.4. NFS4ERR_WRONG_CRED (Error Code 10082)
An operation manipulating state was attempted by a principal that was An operation manipulating state was attempted by a principal that was
not allowed to modify that piece of state. not allowed to modify that piece of state.
15.1.7. Name Errors 15.1.7. Name Errors
Names in NFSv4 are UTF-8 strings. When the strings are not valid Names in NFSv4 are UTF-8 strings. When the strings are not valid
UTF-8 or are of length zero, the error NFS4ERR_INVAL results. UTF-8 or are of length zero, the error NFS4ERR_INVAL results.
skipping to change at page 334, line 40 skipping to change at page 334, line 45
15.1.8. Locking Errors 15.1.8. Locking Errors
This section deal with errors related to locking, both as to share This section deal with errors related to locking, both as to share
reservations and byte-range locking. It does not deal with errors reservations and byte-range locking. It does not deal with errors
specific to the process of reclaiming locks. Those are dealt with in specific to the process of reclaiming locks. Those are dealt with in
the next section. the next section.
15.1.8.1. NFS4ERR_BAD_RANGE (Error Code 10042) 15.1.8.1. NFS4ERR_BAD_RANGE (Error Code 10042)
The range for a LOCK, LOCKT, or LOCKU operation is not appropriate to The range for a LOCK, LOCKT, or LOCKU operation is not appropriate to
the allowable range of offsets for the server. Specifically, this the allowable range of offsets for the server. E.g., this error
error results when a server which only supports 32-bit ranges results when a server which only supports 32-bit ranges receives a
receives a range that cannot be handled by that server. (See range that cannot be handled by that server. (See Section 18.10.3).
Section 18.10.3).
15.1.8.2. NFS4ERR_DEADLOCK (Error Code 10045) 15.1.8.2. NFS4ERR_DEADLOCK (Error Code 10045)
The server has been able to determine a file locking deadlock The server has been able to determine a file locking deadlock
condition for a blocking lock request. condition for a blocking lock request.
15.1.8.3. NFS4ERR_DENIED (Error Code 10010) 15.1.8.3. NFS4ERR_DENIED (Error Code 10010)
An attempt to lock a file is denied. Since this may be a temporary An attempt to lock a file is denied. Since this may be a temporary
condition, the client is encouraged to retry the lock request until condition, the client is encouraged to re-send the lock request (but
the lock is accepted. See Section 9.6 for a discussion of retry. not with the same slot id and sequence id; one or both MUST be
different on the re-send) until the lock is accepted. See
Section 9.6 for a discussion of the re-send.
15.1.8.4. NFS4ERR_LOCKED (Error Code 10012) 15.1.8.4. NFS4ERR_LOCKED (Error Code 10012)
A read or write operation was attempted on a file where there was a A read or write operation was attempted on a file where there was a
conflict between the I/O and an existing lock: conflict between the I/O and an existing lock:
o There is a share reservation inconsistent with the I/O being done. o There is a share reservation inconsistent with the I/O being done.
o The range to be read or written intersects an existing mandatory o The range to be read or written intersects an existing mandatory
byte range lock. byte range lock.
skipping to change at page 337, line 20 skipping to change at page 337, line 20
The layout specified is invalid in some way. For LAYOUTCOMMIT, this The layout specified is invalid in some way. For LAYOUTCOMMIT, this
indicates that the specified layout is not held by the client or is indicates that the specified layout is not held by the client or is
not of mode LAYOUTIOMODE4_RW. For LAYOUTGET, it indicates that a not of mode LAYOUTIOMODE4_RW. For LAYOUTGET, it indicates that a
layout matching the client's specification as to minimum length layout matching the client's specification as to minimum length
cannot be granted. cannot be granted.
15.1.10.3. NFS4ERR_LAYOUTTRYLATER (Error Code 10058) 15.1.10.3. NFS4ERR_LAYOUTTRYLATER (Error Code 10058)
Layouts are temporarily unavailable for the file. The client should Layouts are temporarily unavailable for the file. The client should
retry later. re-send later (but not with the same slot id and sequence id; one or
both MUST be different on the re-send).
15.1.10.4. NFS4ERR_LAYOUTUNAVAILABLE (Error Code 10059) 15.1.10.4. NFS4ERR_LAYOUTUNAVAILABLE (Error Code 10059)
Returned when layouts are not available for the current file system Returned when layouts are not available for the current file system
or the particular specified file. or the particular specified file.
15.1.10.5. NFS4ERR_NOMATCHING_LAYOUT (Error Code 10060) 15.1.10.5. NFS4ERR_NOMATCHING_LAYOUT (Error Code 10060)
Returned when layouts are recalled and the client has no layouts Returned when layouts are recalled and the client has no layouts
matching the specification of the layouts being recalled. matching the specification of the layouts being recalled.
skipping to change at page 338, line 35 skipping to change at page 338, line 35
15.1.11.3. NFS4ERR_BAD_HIGH_SLOT (Error Code 10077) 15.1.11.3. NFS4ERR_BAD_HIGH_SLOT (Error Code 10077)
The highest_slot argument in a Sequence operation exceeds the The highest_slot argument in a Sequence operation exceeds the
replier's enforced highest_slotid. replier's enforced highest_slotid.
15.1.11.4. NFS4ERR_CB_PATH_DOWN (Error Code 10048) 15.1.11.4. NFS4ERR_CB_PATH_DOWN (Error Code 10048)
There is a problem contacting the client via the callback path. The There is a problem contacting the client via the callback path. The
function of this error has been mostly superseded by the use of function of this error has been mostly superseded by the use of
status flags in the reply to the SEQUENCE SEQUENCE operation (see status flags in the reply to the SEQUENCE operation (see
Section 18.46). Section 18.46).
15.1.11.5. NFS4ERR_DEADSESSION (Error Code 10078) 15.1.11.5. NFS4ERR_DEADSESSION (Error Code 10078)
The specified session is a persistent session which is dead and does The specified session is a persistent session which is dead and does
not accept new requests or perform new operations on existing not accept new requests or perform new operations on existing
requests (in the case in which a request was partially executed requests (in the case in which a request was partially executed
before server restart). before server restart).
15.1.11.6. NFS4ERR_CONN_NOT_BOUND_TO_SESSION (Error Code 10055) 15.1.11.6. NFS4ERR_CONN_NOT_BOUND_TO_SESSION (Error Code 10055)
A Sequence operation was sent on a connection that has not been A Sequence operation was sent on a connection that has not been
associated with the specified session, in an environment where the associated with the specified session, where the client specified
associated client ID specified that connection binding be enforced. that connection association was to be enforced with SP4_MACH_CRED or
SP4_SSV state protection.
15.1.11.7. NFS4ERR_SEQ_FALSE_RETRY (Error Code 10076) 15.1.11.7. NFS4ERR_SEQ_FALSE_RETRY (Error Code 10076)
The requester sent a Sequence operation with a slot id and sequence The requester sent a Sequence operation with a slot id and sequence
id that are in the reply cache, but the replier has detected that the id that are in the reply cache, but the replier has detected that the
retried request is not the same as the original request. retried request is not the same as the original request.
15.1.11.8. NFS4ERR_SEQ_MISORDERED (Error Code 10063) 15.1.11.8. NFS4ERR_SEQ_MISORDERED (Error Code 10063)
The requester sent a Sequence operation with an invalid sequence id. The requester sent a Sequence operation with an invalid sequence id.
skipping to change at page 339, line 27 skipping to change at page 339, line 27
This section deals with errors associated with requests used in This section deals with errors associated with requests used in
session management. session management.
15.1.12.1. NFS4ERR_BACK_CHAN_BUSY (Error Code 10057) 15.1.12.1. NFS4ERR_BACK_CHAN_BUSY (Error Code 10057)
An attempt was made to destroy a session when the session cannot be An attempt was made to destroy a session when the session cannot be
destroyed because the server has callback requests outstanding. destroyed because the server has callback requests outstanding.
15.1.12.2. NFS4ERR_BAD_SESSION_DIGEST (Error Code 10051) 15.1.12.2. NFS4ERR_BAD_SESSION_DIGEST (Error Code 10051)
The digest used in a SET_SSV or BIND_CONN_TO_SESSION request is not The digest used in a SET_SSV request is not valid.
valid.
15.1.12.3. NFS4ERR_CONN_BINDING_NOT_ENFORCED (Error Code 10073)
The client is made an attempt to use enforced connection association,
when it has disabled enforcement when the client ID was created, in
that it did not opt for SP4_SSV state protection when the client ID
using EXCHANGE_ID.
15.1.13. Client Management Errors 15.1.13. Client Management Errors
This sections deals with errors associated with requests used to This sections deals with errors associated with requests used to
create and manage client IDs. create and manage client IDs.
15.1.13.1. NFS4ERR_CLIENTID_BUSY (Error Code 10074) 15.1.13.1. NFS4ERR_CLIENTID_BUSY (Error Code 10074)
The DESTROY_CLIENTID operation has found there are sessions and/or The DESTROY_CLIENTID operation has found there are sessions and/or
unexpired state associated with the client ID to be destroyed. unexpired state associated with the client ID to be destroyed.
15.1.13.2. NFS4ERR_CLID_INUSE (Error Code 10017) 15.1.13.2. NFS4ERR_CLID_INUSE (Error Code 10017)
While processing an EXCHANGE_ID operation, the server was presented While processing an EXCHANGE_ID operation, the server was presented
with a co_ownerid field matches an existing client with valid leased with a co_ownerid field matches an existing client with valid leased
state but the principal issuing the EXCHANGE_ID is different than state but the principal issuing the EXCHANGE_ID is different than
that establishing the existing client. This indicates a (most likely that establishing the existing client. This indicates a (most likely
due to chance) collision between clients. The client should recover due to chance) collision between clients. The client should recover
by changing the co_ownerid and retrying EXCHANGE_ID. by changing the co_ownerid and re-sending EXCHANGE_ID (but not with
the same slot id and sequence id; one or both MUST be different on
the re-send).
15.1.13.3. NFS4ERR_ENCR_ALG_UNSUPP (Error Code 10079) 15.1.13.3. NFS4ERR_ENCR_ALG_UNSUPP (Error Code 10079)
An EXCHANGE_ID was sent which specified state protection via SSV, and An EXCHANGE_ID was sent which specified state protection via SSV, and
where the set of encryption algorithms presented by the client did where the set of encryption algorithms presented by the client did
not include any supported by the server. not include any supported by the server.
15.1.13.4. NFS4ERR_HASH_ALG_UNSUPP (Error Code 10072) 15.1.13.4. NFS4ERR_HASH_ALG_UNSUPP (Error Code 10072)
An EXCHANGE_ID was sent which specified state protection via SSV, and An EXCHANGE_ID was sent which specified state protection via SSV, and
skipping to change at page 340, line 46 skipping to change at page 340, line 44
The client has requested a delegation when it had already registered The client has requested a delegation when it had already registered
that it wants that same delegation. that it wants that same delegation.
15.1.14.2. NFS4ERR_DIRDELEG_UNAVAIL (Error Code 10084) 15.1.14.2. NFS4ERR_DIRDELEG_UNAVAIL (Error Code 10084)
This error is returned when the server is unable or unwilling to This error is returned when the server is unable or unwilling to
provide a requested directory delegation. provide a requested directory delegation.
15.1.14.3. NFS4ERR_RECALLCONFLICT (Error Code 10061) 15.1.14.3. NFS4ERR_RECALLCONFLICT (Error Code 10061)
A recallable object (i.e. a layout, delegation, or device map is A recallable object (i.e. a layout or delegation) is unavailable due
unavailable due to a conflicting recall operation for that object to a conflicting recall operation for that object that is currently
that is currently in progress. in progress.
15.1.14.4. NFS4ERR_REJECT_DELEG (Error Code 10085) 15.1.14.4. NFS4ERR_REJECT_DELEG (Error Code 10085)
The callback operation invoked to deal with a new delegation has The callback operation invoked to deal with a new delegation has
rejected it. rejected it.
15.1.15. Attribute Handling Errors 15.1.15. Attribute Handling Errors
This section deals with errors specific to attribute handling within This section deals with errors specific to attribute handling within
NFSv4. NFSv4.
skipping to change at page 342, line 7 skipping to change at page 341, line 49
the status bits returned by the SEQUENCE operation. the status bits returned by the SEQUENCE operation.
o The new session structure and associated change in locking have o The new session structure and associated change in locking have
made the error unnecessary. made the error unnecessary.
o There has been a restructuring of some errors for NFSv4.1 which o There has been a restructuring of some errors for NFSv4.1 which
resulted in the elimination of certain of the errors. resulted in the elimination of certain of the errors.
15.1.16.1. NFS4ERR_BAD_SEQID (Error Code 10026) 15.1.16.1. NFS4ERR_BAD_SEQID (Error Code 10026)
The sequence number in a locking request is neither the next expected The sequence number (seqid) in a locking request is neither the next
number or the last number processed. These sequence id's are ignored expected number or the last number processed. These seqids are
in NFSv4.1. ignored in NFSv4.1.
15.1.16.2. NFS4ERR_LEASE_MOVED (Error Code 10031) 15.1.16.2. NFS4ERR_LEASE_MOVED (Error Code 10031)
A lease being renewed is associated with a file system that has been A lease being renewed is associated with a file system that has been
migrated to a new server migrated to a new server. The error has been superseded by the
SEQ4_STATUS_LEASE_MOVED status bit (see Section 18.46).
15.1.16.3. NFS4ERR_NXIO (Error Code 5) 15.1.16.3. NFS4ERR_NXIO (Error Code 5)
I/O error. No such device or address. I/O error. No such device or address. This error is for errors
involving block and character device access, but NFSv4.1 is not a
device access protocol.
15.1.16.4. NFS4ERR_RESTOREFH (Error Code 10030) 15.1.16.4. NFS4ERR_RESTOREFH (Error Code 10030)
The RESTOREFH operation does not have a saved filehandle (identified The RESTOREFH operation does not have a saved filehandle (identified
by SAVEFH) to operate upon. by SAVEFH) to operate upon. In NFSv4.1, this error has been
superseded by NFS4ERR_NOFILEHANDLE.
15.1.16.5. NFS4ERR_STALE_STATEID (Error Code 10023) 15.1.16.5. NFS4ERR_STALE_STATEID (Error Code 10023)
A stateid generated by an earlier server instance was used. A stateid generated by an earlier server instance was used. This
error is moot in NFSv4.1 because all operations that take a stateid
MUST be preceded by the SEQUENCE operation, and the earlier server
instance is detected by the session infrastructure that supports
SEQUENCE.
15.2. Operations and their valid errors 15.2. Operations and their valid errors
This section contains a table which gives the valid error returns for This section contains a table which gives the valid error returns for
each protocol operation. The error code NFS4_OK (indicating no each protocol operation. The error code NFS4_OK (indicating no
error) is not listed but should be understood to be returnable by all error) is not listed but should be understood to be returnable by all
operations with two important exceptions: operations with two important exceptions:
o The operations which MUST NOT be implemented: OPEN_CONFIRM, o The operations which MUST NOT be implemented: OPEN_CONFIRM,
RELEASE_LOCKOWNER, RENEW, SETCLIENTID, and SETCLIENTID_CONFIRM. RELEASE_LOCKOWNER, RENEW, SETCLIENTID, and SETCLIENTID_CONFIRM.
skipping to change at page 343, line 24 skipping to change at page 343, line 24
| | NFS4ERR_REP_TOO_BIG_TO_CACHE, | | | NFS4ERR_REP_TOO_BIG_TO_CACHE, |
| | NFS4ERR_REQ_TOO_BIG, NFS4ERR_SERVERFAULT, | | | NFS4ERR_REQ_TOO_BIG, NFS4ERR_SERVERFAULT, |
| | NFS4ERR_STALE, NFS4ERR_TOO_MANY_OPS | | | NFS4ERR_STALE, NFS4ERR_TOO_MANY_OPS |
| BACKCHANNEL_CTL | NFS4ERR_BADXDR, NFS4ERR_DEADSESSION, | | BACKCHANNEL_CTL | NFS4ERR_BADXDR, NFS4ERR_DEADSESSION, |
| | NFS4ERR_DELAY, NFS4ERR_INVAL, | | | NFS4ERR_DELAY, NFS4ERR_INVAL, |
| | NFS4ERR_NOENT, NFS4ERR_REP_TOO_BIG, | | | NFS4ERR_NOENT, NFS4ERR_REP_TOO_BIG, |
| | NFS4ERR_REP_TOO_BIG_TO_CACHE, | | | NFS4ERR_REP_TOO_BIG_TO_CACHE, |
| | NFS4ERR_REQ_TOO_BIG, NFS4ERR_TOO_MANY_OPS | | | NFS4ERR_REQ_TOO_BIG, NFS4ERR_TOO_MANY_OPS |
| BIND_CONN_TO_SESSION | NFS4ERR_BADSESSION, NFS4ERR_BADXDR, | | BIND_CONN_TO_SESSION | NFS4ERR_BADSESSION, NFS4ERR_BADXDR, |
| | NFS4ERR_BAD_SESSION_DIGEST, | | | NFS4ERR_BAD_SESSION_DIGEST, |
| | NFS4ERR_CONN_BINDING_NOT_ENFORCED, |
| | NFS4ERR_DEADSESSION, NFS4ERR_DELAY, | | | NFS4ERR_DEADSESSION, NFS4ERR_DELAY, |
| | NFS4ERR_INVAL, NFS4ERR_NOT_ONLY_OP, | | | NFS4ERR_INVAL, NFS4ERR_NOT_ONLY_OP, |
| | NFS4ERR_REP_TOO_BIG, | | | NFS4ERR_REP_TOO_BIG, |
| | NFS4ERR_REP_TOO_BIG_TO_CACHE, | | | NFS4ERR_REP_TOO_BIG_TO_CACHE, |
| | NFS4ERR_REQ_TOO_BIG, NFS4ERR_SERVERFAULT, | | | NFS4ERR_REQ_TOO_BIG, NFS4ERR_SERVERFAULT, |
| | NFS4ERR_TOO_MANY_OPS | | | NFS4ERR_TOO_MANY_OPS |
| CLOSE | NFS4ERR_ADMIN_REVOKED, NFS4ERR_BADXDR, | | CLOSE | NFS4ERR_ADMIN_REVOKED, NFS4ERR_BADXDR, |
| | NFS4ERR_BAD_STATEID, NFS4ERR_DEADSESSION, | | | NFS4ERR_BAD_STATEID, NFS4ERR_DEADSESSION, |
| | NFS4ERR_DELAY, NFS4ERR_EXPIRED, | | | NFS4ERR_DELAY, NFS4ERR_EXPIRED, |
| | NFS4ERR_FHEXPIRED, NFS4ERR_LOCKS_HELD, | | | NFS4ERR_FHEXPIRED, NFS4ERR_LOCKS_HELD, |
skipping to change at page 356, line 18 skipping to change at page 356, line 18
| | NFS4ERR_REP_TOO_BIG, | | | NFS4ERR_REP_TOO_BIG, |
| | NFS4ERR_REP_TOO_BIG_TO_CACHE, | | | NFS4ERR_REP_TOO_BIG_TO_CACHE, |
| | NFS4ERR_REQ_TOO_BIG, | | | NFS4ERR_REQ_TOO_BIG, |
| | NFS4ERR_RETRY_UNCACHED_REP, | | | NFS4ERR_RETRY_UNCACHED_REP, |
| | NFS4ERR_SEQUENCE_POS, | | | NFS4ERR_SEQUENCE_POS, |
| | NFS4ERR_SEQ_FALSE_RETRY, | | | NFS4ERR_SEQ_FALSE_RETRY, |
| | NFS4ERR_SEQ_MISORDERED, | | | NFS4ERR_SEQ_MISORDERED, |
| | NFS4ERR_TOO_MANY_OPS | | | NFS4ERR_TOO_MANY_OPS |
| SET_SSV | NFS4ERR_BADXDR, | | SET_SSV | NFS4ERR_BADXDR, |
| | NFS4ERR_BAD_SESSION_DIGEST, | | | NFS4ERR_BAD_SESSION_DIGEST, |
| | NFS4ERR_CONN_BINDING_NOT_ENFORCED, |
| | NFS4ERR_DEADSESSION, NFS4ERR_DELAY, | | | NFS4ERR_DEADSESSION, NFS4ERR_DELAY, |
| | NFS4ERR_OP_NOT_IN_SESSION, | | | NFS4ERR_INVAL, NFS4ERR_OP_NOT_IN_SESSION, |
| | NFS4ERR_REP_TOO_BIG, | | | NFS4ERR_REP_TOO_BIG, |
| | NFS4ERR_REP_TOO_BIG_TO_CACHE, | | | NFS4ERR_REP_TOO_BIG_TO_CACHE, |
| | NFS4ERR_REQ_TOO_BIG, NFS4ERR_TOO_MANY_OPS | | | NFS4ERR_REQ_TOO_BIG, NFS4ERR_TOO_MANY_OPS |
| SETATTR | NFS4ERR_ACCESS, NFS4ERR_ADMIN_REVOKED, | | SETATTR | NFS4ERR_ACCESS, NFS4ERR_ADMIN_REVOKED, |
| | NFS4ERR_ATTRNOTSUPP, NFS4ERR_BADCHAR, | | | NFS4ERR_ATTRNOTSUPP, NFS4ERR_BADCHAR, |
| | NFS4ERR_BADOWNER, NFS4ERR_BADXDR, | | | NFS4ERR_BADOWNER, NFS4ERR_BADXDR, |
| | NFS4ERR_BAD_STATEID, NFS4ERR_DEADSESSION, | | | NFS4ERR_BAD_STATEID, NFS4ERR_DEADSESSION, |
| | NFS4ERR_DELAY, NFS4ERR_DELEG_REVOKED, | | | NFS4ERR_DELAY, NFS4ERR_DELEG_REVOKED, |
| | NFS4ERR_DQUOT, NFS4ERR_EXPIRED, | | | NFS4ERR_DQUOT, NFS4ERR_EXPIRED, |
| | NFS4ERR_FBIG, NFS4ERR_FHEXPIRED, | | | NFS4ERR_FBIG, NFS4ERR_FHEXPIRED, |
skipping to change at page 362, line 49 skipping to change at page 362, line 49
| | CB_NOTIFY_LOCK, CB_RECALL, | | | CB_NOTIFY_LOCK, CB_RECALL, |
| | CLOSE, DELEGRETURN, | | | CLOSE, DELEGRETURN, |
| | FREE_STATEID, LAYOUTGET, | | | FREE_STATEID, LAYOUTGET, |
| | LAYOUTRETURN, LOCK, LOCKU, | | | LAYOUTRETURN, LOCK, LOCKU, |
| | OPEN, OPEN_DOWNGRADE, READ, | | | OPEN, OPEN_DOWNGRADE, READ, |
| | SETATTR, WRITE | | | SETATTR, WRITE |
| NFS4ERR_CB_PATH_DOWN | DESTROY_SESSION | | NFS4ERR_CB_PATH_DOWN | DESTROY_SESSION |
| NFS4ERR_CLID_INUSE | EXCHANGE_ID | | NFS4ERR_CLID_INUSE | EXCHANGE_ID |
| NFS4ERR_CLIENTID_BUSY | DESTROY_CLIENTID | | NFS4ERR_CLIENTID_BUSY | DESTROY_CLIENTID |
| NFS4ERR_COMPLETE_ALREADY | RECLAIM_COMPLETE | | NFS4ERR_COMPLETE_ALREADY | RECLAIM_COMPLETE |
| NFS4ERR_CONN_BINDING_NOT_ENFORCED | BIND_CONN_TO_SESSION, SET_SSV |
| NFS4ERR_CONN_NOT_BOUND_TO_SESSION | CB_SEQUENCE, DESTROY_SESSION, | | NFS4ERR_CONN_NOT_BOUND_TO_SESSION | CB_SEQUENCE, DESTROY_SESSION, |
| | SEQUENCE | | | SEQUENCE |
| NFS4ERR_DEADLOCK | LOCK | | NFS4ERR_DEADLOCK | LOCK |
| NFS4ERR_DEADSESSION | ACCESS, BACKCHANNEL_CTL, | | NFS4ERR_DEADSESSION | ACCESS, BACKCHANNEL_CTL, |
| | BIND_CONN_TO_SESSION, CLOSE, | | | BIND_CONN_TO_SESSION, CLOSE, |
| | COMMIT, CREATE, | | | COMMIT, CREATE, |
| | CREATE_SESSION, DELEGPURGE, | | | CREATE_SESSION, DELEGPURGE, |
| | DELEGRETURN, | | | DELEGRETURN, |
| | DESTROY_CLIENTID, | | | DESTROY_CLIENTID, |
| | DESTROY_SESSION, EXCHANGE_ID, | | | DESTROY_SESSION, EXCHANGE_ID, |
skipping to change at page 365, line 47 skipping to change at page 365, line 47
| | GET_DIR_DELEGATION, | | | GET_DIR_DELEGATION, |
| | LAYOUTCOMMIT, LAYOUTGET, | | | LAYOUTCOMMIT, LAYOUTGET, |
| | LAYOUTRETURN, LINK, LOCK, | | | LAYOUTRETURN, LINK, LOCK, |
| | LOCKT, LOCKU, LOOKUP, | | | LOCKT, LOCKU, LOOKUP, |
| | NVERIFY, OPEN, | | | NVERIFY, OPEN, |
| | OPEN_DOWNGRADE, READ, | | | OPEN_DOWNGRADE, READ, |
| | READDIR, READLINK, | | | READDIR, READLINK, |
| | RECLAIM_COMPLETE, REMOVE, | | | RECLAIM_COMPLETE, REMOVE, |
| | RENAME, SECINFO, | | | RENAME, SECINFO, |
| | SECINFO_NO_NAME, SETATTR, | | | SECINFO_NO_NAME, SETATTR, |
| | VERIFY, WANT_DELEGATION, | | | SET_SSV, VERIFY, |
| | WRITE | | | WANT_DELEGATION, WRITE |
| NFS4ERR_IO | ACCESS, COMMIT, CREATE, | | NFS4ERR_IO | ACCESS, COMMIT, CREATE, |
| | GETATTR, GETDEVICELIST, | | | GETATTR, GETDEVICELIST, |
| | GET_DIR_DELEGATION, | | | GET_DIR_DELEGATION, |
| | LAYOUTCOMMIT, LAYOUTGET, | | | LAYOUTCOMMIT, LAYOUTGET, |
| | LINK, LOOKUP, LOOKUPP, | | | LINK, LOOKUP, LOOKUPP, |
| | NVERIFY, OPEN, OPENATTR, | | | NVERIFY, OPEN, OPENATTR, |
| | READ, READDIR, READLINK, | | | READ, READDIR, READLINK, |
| | REMOVE, RENAME, SETATTR, | | | REMOVE, RENAME, SETATTR, |
| | VERIFY, WANT_DELEGATION, | | | VERIFY, WANT_DELEGATION, |
| | WRITE | | | WRITE |
skipping to change at page 439, line 16 skipping to change at page 439, line 16
NFSv3 absolute public filehandle lookup may behave differently than NFSv3 absolute public filehandle lookup may behave differently than
an NFSv4.1 absolute resolution. an NFSv4.1 absolute resolution.
There is a form of security negotiation as described in RFC2755 [42] There is a form of security negotiation as described in RFC2755 [42]
that uses the public filehandle a method of employing SNEGO. This that uses the public filehandle a method of employing SNEGO. This
method is not available with NFSv4.1 as filehandles are not method is not available with NFSv4.1 as filehandles are not
overloaded with special meaning and therefore do not provide the same overloaded with special meaning and therefore do not provide the same
framework as NFSv3. Clients should therefore use the security framework as NFSv3. Clients should therefore use the security
negotiation mechanisms described in this RFC. negotiation mechanisms described in this RFC.
18.20.5. ERRORS
18.21. Operation 24: PUTROOTFH - Set Root Filehandle 18.21. Operation 24: PUTROOTFH - Set Root Filehandle
18.21.1. ARGUMENTS 18.21.1. ARGUMENTS
void; void;
18.21.2. RESULTS 18.21.2. RESULTS
struct PUTROOTFH4res { struct PUTROOTFH4res {
/* /*
skipping to change at page 453, line 40 skipping to change at page 453, line 40
/* /*
* If status is NFS4_OK, * If status is NFS4_OK,
* new CURRENT_FH: value of saved fh * new CURRENT_FH: value of saved fh
*/ */
nfsstat4 status; nfsstat4 status;
}; };
18.27.3. DESCRIPTION 18.27.3. DESCRIPTION
Set the current filehandle to the value in the saved filehandle. If Set the current filehandle to the value in the saved filehandle. If
there is no saved filehandle then return the error NFS4ERR_RESTOREFH. there is no saved filehandle then the server will return the error
NFS4ERR_NOFILEHANDLE.
18.27.4. IMPLEMENTATION 18.27.4. IMPLEMENTATION
Operations like OPEN and LOOKUP use the current filehandle to Operations like OPEN and LOOKUP use the current filehandle to
represent a directory and replace it with a new filehandle. Assuming represent a directory and replace it with a new filehandle. Assuming
the previous filehandle was saved with a SAVEFH operator, the the previous filehandle was saved with a SAVEFH operator, the
previous filehandle can be restored as the current filehandle. This previous filehandle can be restored as the current filehandle. This
is commonly used to obtain post-operation attributes for the is commonly used to obtain post-operation attributes for the
directory, e.g. directory, e.g.
PUTFH (directory filehandle) PUTFH (directory filehandle)
SAVEFH SAVEFH
GETATTR attrbits (pre-op dir attrs) GETATTR attrbits (pre-op dir attrs)
CREATE optbits "foo" attrs CREATE optbits "foo" attrs
GETATTR attrbits (file attributes) GETATTR attrbits (file attributes)
RESTOREFH RESTOREFH
GETATTR attrbits (post-op dir attrs) GETATTR attrbits (post-op dir attrs)
18.27.5. ERRORS
18.28. Operation 32: SAVEFH - Save Current Filehandle 18.28. Operation 32: SAVEFH - Save Current Filehandle
18.28.1. ARGUMENTS 18.28.1. ARGUMENTS
/* CURRENT_FH: */ /* CURRENT_FH: */
void; void;
18.28.2. RESULTS 18.28.2. RESULTS
struct SAVEFH4res { struct SAVEFH4res {
skipping to change at page 478, line 22 skipping to change at page 478, line 22
the result of EXCHANGE_ID) with the machine credential (if the result of EXCHANGE_ID) with the machine credential (if
SP4_MACH_CRED protection is specified) or the SSV-based credential SP4_MACH_CRED protection is specified) or the SSV-based credential
(if SP4_SSV protection is used). The client MUST send the operations (if SP4_SSV protection is used). The client MUST send the operations
with RPCSEC_GSS credentials that specify the RPC_GSS_SVC_INTEGRITY or with RPCSEC_GSS credentials that specify the RPC_GSS_SVC_INTEGRITY or
RPC_GSS_SVC_PRIVACY security service. Typically the first list of RPC_GSS_SVC_PRIVACY security service. Typically the first list of
operations includes EXCHANGE_ID, CREATE_SESSION, DELEGPURGE, operations includes EXCHANGE_ID, CREATE_SESSION, DELEGPURGE,
DESTROY_SESSION, BIND_CONN_TO_SESSION, and DESTROY_CLIENTID. The DESTROY_SESSION, BIND_CONN_TO_SESSION, and DESTROY_CLIENTID. The
client SHOULD NOT specify in this list any operations that require a client SHOULD NOT specify in this list any operations that require a
filehandle because the server's access policies MAY conflict with the filehandle because the server's access policies MAY conflict with the
client's choice, and thus the client would then be unable to access a client's choice, and thus the client would then be unable to access a
subset of the server's namespace. Note that if SP4_SSV protection is subset of the server's namespace.
specified, and the client indicates that CREATE_SESSION must be
protected with SP4_SSV, because the SSV cannot exist without a Note that if SP4_SSV protection is specified, and the client
confirmed client ID, the first CREATE_SESSION MUST instead be sent indicates that CREATE_SESSION must be protected with SP4_SSV, because
using the machine credential, and the server MUST accept the machine the SSV cannot exist without a confirmed client ID, the first
credential. There is a corresponding result, also called CREATE_SESSION MUST instead be sent using the machine credential, and
spo_must_enforce, of the operations the server will require the server MUST accept the machine credential.
SP4_MACH_CRED or SP4_SSV protection for. Normally the server's
result equals the client's argument, but the result MAY be different. There is a corresponding result, also called spo_must_enforce, of the
operations the server will require SP4_MACH_CRED or SP4_SSV
protection for. Normally the server's result equals the client's
argument, but the result MAY be different. If the client requests
one or more operations in the set { EXCHANGE_ID, CREATE_SESSION,
DELEGPURGE, DESTROY_SESSION, BIND_CONN_TO_SESSION, DESTROY_CLIENTID
}, then the result spo_must_enforce MUST include the operations the
client requested from that set.
If spo_must_enforce in the results has BIND_CONN_TO_SESSION set, then
connection binding enforcement is enabled, and the client MUST use
the machine or SSV credential on calls to BIND_CONN_TO_SESSION.
The second list is spo_must_allow and consists of those operations The second list is spo_must_allow and consists of those operations
the client wants to have the option of issuing with the machine the client wants to have the option of issuing with the machine
credential or the SSV-based credential, even if the object the credential or the SSV-based credential, even if the object the
operations are performed on is not owned by the machine or SSV operations are performed on is not owned by the machine or SSV
credential. The corresponding result, also called spo_must_allow, credential.
consists of the operations the server will allow the client to use
SP4_SSV or SP4_MACH_CRED credentials with. Normally the server's The corresponding result, also called spo_must_allow, consists of the
result equals the client's argument, but the result MAY be different. operations the server will allow the client to use SP4_SSV or
SP4_MACH_CRED credentials with. Normally the server's result equals
the client's argument, but the result MAY be different.
The purpose of spo_must_allow is to allow clients to solve the The purpose of spo_must_allow is to allow clients to solve the
following conundrum. Suppose the client ID is confirmed with following conundrum. Suppose the client ID is confirmed with
EXCHGID4_FLAG_BIND_PRINC_STATEID, and it calls OPEN with the EXCHGID4_FLAG_BIND_PRINC_STATEID, and it calls OPEN with the
RPCSEC_GSS credentials of a normal user. Now suppose the user's RPCSEC_GSS credentials of a normal user. Now suppose the user's
credentials expire, and cannot be renewed (e.g. a Kerberos ticket credentials expire, and cannot be renewed (e.g. a Kerberos ticket
granting ticket expires, and the user has logged off and will not be granting ticket expires, and the user has logged off and will not be
acquiring a new ticket granting ticket). The client will be unable acquiring a new ticket granting ticket). The client will be unable
to send CLOSE without the user's credentials, which is to say the to send CLOSE without the user's credentials, which is to say the
client has to either leave the state on the server, or it has to re- client has to either leave the state on the server, or it has to re-
send EXCHANGE_ID with a new verifier to clear all state. That is, send EXCHANGE_ID with a new verifier to clear all state. That is,
skipping to change at page 522, line 20 skipping to change at page 522, line 20
This operation MUST appear as the first operation of any COMPOUND in This operation MUST appear as the first operation of any COMPOUND in
which it appears. The error NFS4ERR_SEQUENCE_POS will be returned which it appears. The error NFS4ERR_SEQUENCE_POS will be returned
when it is found in any position in a COMPOUND beyond the first. when it is found in any position in a COMPOUND beyond the first.
Operations other than SEQUENCE, BIND_CONN_TO_SESSION, EXCHANGE_ID, Operations other than SEQUENCE, BIND_CONN_TO_SESSION, EXCHANGE_ID,
CREATE_SESSION, and DESTROY_SESSION, may not appear as the first CREATE_SESSION, and DESTROY_SESSION, may not appear as the first
operation in a COMPOUND. Such operations MUST yield the error operation in a COMPOUND. Such operations MUST yield the error
NFS4ERR_OP_NOT_IN_SESSION if they do appear at the start of a NFS4ERR_OP_NOT_IN_SESSION if they do appear at the start of a
COMPOUND. COMPOUND.
If SEQUENCE is received on a connection not associated with the If SEQUENCE is received on a connection not associated with the
session via CREATE_SESSION or BIND_CONN_TO_SESSION, and the client session via CREATE_SESSION or BIND_CONN_TO_SESSION, and connection
specified connecting association enforcement when the session was association enforcement is enabled (see Section 18.35), then the
created (see Section 18.36), then the server returns server returns NFS4ERR_CONN_NOT_BOUND_TO_SESSION.
NFS4ERR_CONN_NOT_BOUND_TO_SESSION.
The sa_sessionid argument identifies the session this request applies The sa_sessionid argument identifies the session this request applies
to. The sr_sessionid result MUST equal sa_sessionid. to. The sr_sessionid result MUST equal sa_sessionid.
The sa_slotid argument is the index in the reply cache for the The sa_slotid argument is the index in the reply cache for the
request. The sa_sequenceid field is the sequence number of the request. The sa_sequenceid field is the sequence number of the
request for the reply cache entry (slot). The sr_slotid result MUST request for the reply cache entry (slot). The sr_slotid result MUST
equal sa_slotid. The sr_sequenceid result MUST equal sa_sequenceid. equal sa_slotid. The sr_sequenceid result MUST equal sa_sequenceid.
The sa_highest_slotid argument is the highest slot id the client has The sa_highest_slotid argument is the highest slot id the client has
skipping to change at page 527, line 31 skipping to change at page 527, line 31
18.47.3. DESCRIPTION 18.47.3. DESCRIPTION
This operation is used to update the SSV for a client ID. Before This operation is used to update the SSV for a client ID. Before
SET_SSV is called the first time on a client ID, the SSV is zero (0). SET_SSV is called the first time on a client ID, the SSV is zero (0).
The SSV is the key used for the SSV GSS mechanism (Section 2.10.8) The SSV is the key used for the SSV GSS mechanism (Section 2.10.8)
SET_SSV MUST be preceded by a SEQUENCE operation in the same SET_SSV MUST be preceded by a SEQUENCE operation in the same
COMPOUND. It MUST NOT be used if the client did not opt for SP4_SSV COMPOUND. It MUST NOT be used if the client did not opt for SP4_SSV
state protection when the client ID was created (see Section 18.35); state protection when the client ID was created (see Section 18.35);
the server returns NFS4ERR_CONN_BINDING_NOT_ENFORCED in that case. the server returns NFS4ERR_INVAL in that case.
ssa_digest is computed as the output of the HMAC RFC2104 [11] using ssa_digest is computed as the output of the HMAC RFC2104 [11] using
the subkey derived from the SSV4_SUBKEY_MIC_I2T and current SSV as the subkey derived from the SSV4_SUBKEY_MIC_I2T and current SSV as
the key (See Section 2.10.8 for a description of subkeys), and an XDR the key (See Section 2.10.8 for a description of subkeys), and an XDR
encoded value of data type ssa_digest_input4. The field sdi_seqargs encoded value of data type ssa_digest_input4. The field sdi_seqargs
is equal to the arguments of the SEQUENCE operation for the COMPOUND is equal to the arguments of the SEQUENCE operation for the COMPOUND
procedure that SET_SSV is within. procedure that SET_SSV is within.
The argument ssa_ssv is XORed with the current SSV to produce the new The argument ssa_ssv is XORed with the current SSV to produce the new
SSV. The argument ssa_ssv SHOULD be generated randomly. SSV. The argument ssa_ssv SHOULD be generated randomly.
skipping to change at page 530, line 20 skipping to change at page 530, line 20
o Special stateids are always considered invalid (they result in the o Special stateids are always considered invalid (they result in the
error code NFS4ERR_BAD_STATEID). error code NFS4ERR_BAD_STATEID).
All stateids are interpreted as being associated with the client for All stateids are interpreted as being associated with the client for
the current session. Any possible association with a previous the current session. Any possible association with a previous
instance of the client (as stale stateids) is not considered. instance of the client (as stale stateids) is not considered.
The errors which are validly returned within the status_code array The errors which are validly returned within the status_code array
are: NFS4ERR_OK, NFS4ERR_BAD_STATEID, NFS4ERR_OLD_STATEID, are: NFS4ERR_OK, NFS4ERR_BAD_STATEID, NFS4ERR_OLD_STATEID,
NFS4ERR_EXPIRED, NFS4ERR_ADMIN_REVOKED, and NFS4ERR_DELEG_REVOKED. NFS4ERR_EXPIRED, NFS4ERR_ADMIN_REVOKED, and NFS4ERR_DELEG_REVOKED.
[[Comment.4: _LAYOUT_REVOKED]].
18.48.4. IMPLEMENTATION 18.48.4. IMPLEMENTATION
See Section 8.2.2 and Section 8.2.4 for a discussion of stateid See Section 8.2.2 and Section 8.2.4 for a discussion of stateid
structure, lifetime, and validation. structure, lifetime, and validation.
18.49. Operation 56: WANT_DELEGATION - Request Delegation 18.49. Operation 56: WANT_DELEGATION - Request Delegation
18.49.1. ARGUMENT 18.49.1. ARGUMENT
 End of changes. 47 change blocks. 
110 lines changed or deleted 126 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/