1 /* 2 * linux/fs/nfs/callback.c 3 * 4 * Copyright (C) 2004 Trond Myklebust 5 * 6 * NFSv4 callback handling 7 */ 8 9 #include <linux/completion.h> 10 #include <linux/ip.h> 11 #include <linux/module.h> 12 #include <linux/smp_lock.h> 13 #include <linux/sunrpc/svc.h> 14 #include <linux/sunrpc/svcsock.h> 15 #include <linux/nfs_fs.h> 16 #include <linux/mutex.h> 17 #include <linux/freezer.h> 18 #include <linux/kthread.h> 19 #include <linux/sunrpc/svcauth_gss.h> 20 21 #include <net/inet_sock.h> 22 23 #include "nfs4_fs.h" 24 #include "callback.h" 25 #include "internal.h" 26 27 #define NFSDBG_FACILITY NFSDBG_CALLBACK 28 29 struct nfs_callback_data { 30 unsigned int users; 31 struct svc_rqst *rqst; 32 struct task_struct *task; 33 }; 34 35 static struct nfs_callback_data nfs_callback_info; 36 static DEFINE_MUTEX(nfs_callback_mutex); 37 static struct svc_program nfs4_callback_program; 38 39 unsigned int nfs_callback_set_tcpport; 40 unsigned short nfs_callback_tcpport; 41 unsigned short nfs_callback_tcpport6; 42 static const int nfs_set_port_min = 0; 43 static const int nfs_set_port_max = 65535; 44 45 static int param_set_port(const char *val, struct kernel_param *kp) 46 { 47 char *endp; 48 int num = simple_strtol(val, &endp, 0); 49 if (endp == val || *endp || num < nfs_set_port_min || num > nfs_set_port_max) 50 return -EINVAL; 51 *((int *)kp->arg) = num; 52 return 0; 53 } 54 55 module_param_call(callback_tcpport, param_set_port, param_get_int, 56 &nfs_callback_set_tcpport, 0644); 57 58 /* 59 * This is the callback kernel thread. 60 */ 61 static int 62 nfs_callback_svc(void *vrqstp) 63 { 64 int err, preverr = 0; 65 struct svc_rqst *rqstp = vrqstp; 66 67 set_freezable(); 68 69 /* 70 * FIXME: do we really need to run this under the BKL? If so, please 71 * add a comment about what it's intended to protect. 72 */ 73 lock_kernel(); 74 while (!kthread_should_stop()) { 75 /* 76 * Listen for a request on the socket 77 */ 78 err = svc_recv(rqstp, MAX_SCHEDULE_TIMEOUT); 79 if (err == -EAGAIN || err == -EINTR) { 80 preverr = err; 81 continue; 82 } 83 if (err < 0) { 84 if (err != preverr) { 85 printk(KERN_WARNING "%s: unexpected error " 86 "from svc_recv (%d)\n", __func__, err); 87 preverr = err; 88 } 89 schedule_timeout_uninterruptible(HZ); 90 continue; 91 } 92 preverr = err; 93 svc_process(rqstp); 94 } 95 unlock_kernel(); 96 return 0; 97 } 98 99 /* 100 * Bring up the callback thread if it is not already up. 101 */ 102 int nfs_callback_up(void) 103 { 104 struct svc_serv *serv = NULL; 105 int ret = 0; 106 107 mutex_lock(&nfs_callback_mutex); 108 if (nfs_callback_info.users++ || nfs_callback_info.task != NULL) 109 goto out; 110 serv = svc_create(&nfs4_callback_program, NFS4_CALLBACK_BUFSIZE, NULL); 111 ret = -ENOMEM; 112 if (!serv) 113 goto out_err; 114 115 ret = svc_create_xprt(serv, "tcp", PF_INET, 116 nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS); 117 if (ret <= 0) 118 goto out_err; 119 nfs_callback_tcpport = ret; 120 dprintk("NFS: Callback listener port = %u (af %u)\n", 121 nfs_callback_tcpport, PF_INET); 122 123 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 124 ret = svc_create_xprt(serv, "tcp", PF_INET6, 125 nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS); 126 if (ret > 0) { 127 nfs_callback_tcpport6 = ret; 128 dprintk("NFS: Callback listener port = %u (af %u)\n", 129 nfs_callback_tcpport6, PF_INET6); 130 } else if (ret != -EAFNOSUPPORT) 131 goto out_err; 132 #endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */ 133 134 nfs_callback_info.rqst = svc_prepare_thread(serv, &serv->sv_pools[0]); 135 if (IS_ERR(nfs_callback_info.rqst)) { 136 ret = PTR_ERR(nfs_callback_info.rqst); 137 nfs_callback_info.rqst = NULL; 138 goto out_err; 139 } 140 141 svc_sock_update_bufs(serv); 142 143 nfs_callback_info.task = kthread_run(nfs_callback_svc, 144 nfs_callback_info.rqst, 145 "nfsv4-svc"); 146 if (IS_ERR(nfs_callback_info.task)) { 147 ret = PTR_ERR(nfs_callback_info.task); 148 svc_exit_thread(nfs_callback_info.rqst); 149 nfs_callback_info.rqst = NULL; 150 nfs_callback_info.task = NULL; 151 goto out_err; 152 } 153 out: 154 /* 155 * svc_create creates the svc_serv with sv_nrthreads == 1, and then 156 * svc_prepare_thread increments that. So we need to call svc_destroy 157 * on both success and failure so that the refcount is 1 when the 158 * thread exits. 159 */ 160 if (serv) 161 svc_destroy(serv); 162 mutex_unlock(&nfs_callback_mutex); 163 return ret; 164 out_err: 165 dprintk("NFS: Couldn't create callback socket or server thread; " 166 "err = %d\n", ret); 167 nfs_callback_info.users--; 168 goto out; 169 } 170 171 /* 172 * Kill the callback thread if it's no longer being used. 173 */ 174 void nfs_callback_down(void) 175 { 176 mutex_lock(&nfs_callback_mutex); 177 nfs_callback_info.users--; 178 if (nfs_callback_info.users == 0 && nfs_callback_info.task != NULL) { 179 kthread_stop(nfs_callback_info.task); 180 svc_exit_thread(nfs_callback_info.rqst); 181 nfs_callback_info.rqst = NULL; 182 nfs_callback_info.task = NULL; 183 } 184 mutex_unlock(&nfs_callback_mutex); 185 } 186 187 static int check_gss_callback_principal(struct nfs_client *clp, 188 struct svc_rqst *rqstp) 189 { 190 struct rpc_clnt *r = clp->cl_rpcclient; 191 char *p = svc_gss_principal(rqstp); 192 193 /* 194 * It might just be a normal user principal, in which case 195 * userspace won't bother to tell us the name at all. 196 */ 197 if (p == NULL) 198 return SVC_DENIED; 199 200 /* Expect a GSS_C_NT_HOSTBASED_NAME like "nfs@serverhostname" */ 201 202 if (memcmp(p, "nfs@", 4) != 0) 203 return SVC_DENIED; 204 p += 4; 205 if (strcmp(p, r->cl_server) != 0) 206 return SVC_DENIED; 207 return SVC_OK; 208 } 209 210 static int nfs_callback_authenticate(struct svc_rqst *rqstp) 211 { 212 struct nfs_client *clp; 213 RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]); 214 int ret = SVC_OK; 215 216 /* Don't talk to strangers */ 217 clp = nfs_find_client(svc_addr(rqstp), 4); 218 if (clp == NULL) 219 return SVC_DROP; 220 221 dprintk("%s: %s NFSv4 callback!\n", __func__, 222 svc_print_addr(rqstp, buf, sizeof(buf))); 223 224 switch (rqstp->rq_authop->flavour) { 225 case RPC_AUTH_NULL: 226 if (rqstp->rq_proc != CB_NULL) 227 ret = SVC_DENIED; 228 break; 229 case RPC_AUTH_UNIX: 230 break; 231 case RPC_AUTH_GSS: 232 ret = check_gss_callback_principal(clp, rqstp); 233 break; 234 default: 235 ret = SVC_DENIED; 236 } 237 nfs_put_client(clp); 238 return ret; 239 } 240 241 /* 242 * Define NFS4 callback program 243 */ 244 static struct svc_version *nfs4_callback_version[] = { 245 [1] = &nfs4_callback_version1, 246 }; 247 248 static struct svc_stat nfs4_callback_stats; 249 250 static struct svc_program nfs4_callback_program = { 251 .pg_prog = NFS4_CALLBACK, /* RPC service number */ 252 .pg_nvers = ARRAY_SIZE(nfs4_callback_version), /* Number of entries */ 253 .pg_vers = nfs4_callback_version, /* version table */ 254 .pg_name = "NFSv4 callback", /* service name */ 255 .pg_class = "nfs", /* authentication class */ 256 .pg_stats = &nfs4_callback_stats, 257 .pg_authenticate = nfs_callback_authenticate, 258 }; 259