1 /* 2 * linux/fs/nfs/callback_xdr.c 3 * 4 * Copyright (C) 2004 Trond Myklebust 5 * 6 * NFSv4 callback encode/decode procedures 7 */ 8 #include <linux/kernel.h> 9 #include <linux/sunrpc/svc.h> 10 #include <linux/nfs4.h> 11 #include <linux/nfs_fs.h> 12 #include <linux/ratelimit.h> 13 #include <linux/printk.h> 14 #include <linux/slab.h> 15 #include <linux/sunrpc/bc_xprt.h> 16 #include "nfs4_fs.h" 17 #include "callback.h" 18 #include "internal.h" 19 #include "nfs4session.h" 20 21 #define CB_OP_TAGLEN_MAXSZ (512) 22 #define CB_OP_HDR_RES_MAXSZ (2 * 4) // opcode, status 23 #define CB_OP_GETATTR_BITMAP_MAXSZ (4 * 4) // bitmap length, 3 bitmaps 24 #define CB_OP_GETATTR_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ + \ 25 CB_OP_GETATTR_BITMAP_MAXSZ + \ 26 /* change, size, ctime, mtime */\ 27 (2 + 2 + 3 + 3) * 4) 28 #define CB_OP_RECALL_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ) 29 30 #if defined(CONFIG_NFS_V4_1) 31 #define CB_OP_LAYOUTRECALL_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ) 32 #define CB_OP_DEVICENOTIFY_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ) 33 #define CB_OP_SEQUENCE_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ + \ 34 NFS4_MAX_SESSIONID_LEN + \ 35 (1 + 3) * 4) // seqid, 3 slotids 36 #define CB_OP_RECALLANY_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ) 37 #define CB_OP_RECALLSLOT_RES_MAXSZ (CB_OP_HDR_RES_MAXSZ) 38 #endif /* CONFIG_NFS_V4_1 */ 39 40 #define NFSDBG_FACILITY NFSDBG_CALLBACK 41 42 /* Internal error code */ 43 #define NFS4ERR_RESOURCE_HDR 11050 44 45 typedef __be32 (*callback_process_op_t)(void *, void *, 46 struct cb_process_state *); 47 typedef __be32 (*callback_decode_arg_t)(struct svc_rqst *, struct xdr_stream *, void *); 48 typedef __be32 (*callback_encode_res_t)(struct svc_rqst *, struct xdr_stream *, void *); 49 50 51 struct callback_op { 52 callback_process_op_t process_op; 53 callback_decode_arg_t decode_args; 54 callback_encode_res_t encode_res; 55 long res_maxsize; 56 }; 57 58 static struct callback_op callback_ops[]; 59 60 static __be32 nfs4_callback_null(struct svc_rqst *rqstp, void *argp, void *resp) 61 { 62 return htonl(NFS4_OK); 63 } 64 65 static int nfs4_decode_void(struct svc_rqst *rqstp, __be32 *p, void *dummy) 66 { 67 return xdr_argsize_check(rqstp, p); 68 } 69 70 static int nfs4_encode_void(struct svc_rqst *rqstp, __be32 *p, void *dummy) 71 { 72 return xdr_ressize_check(rqstp, p); 73 } 74 75 static __be32 *read_buf(struct xdr_stream *xdr, int nbytes) 76 { 77 __be32 *p; 78 79 p = xdr_inline_decode(xdr, nbytes); 80 if (unlikely(p == NULL)) 81 printk(KERN_WARNING "NFS: NFSv4 callback reply buffer overflowed " 82 "or truncated request.\n"); 83 return p; 84 } 85 86 static __be32 decode_string(struct xdr_stream *xdr, unsigned int *len, const char **str) 87 { 88 __be32 *p; 89 90 p = read_buf(xdr, 4); 91 if (unlikely(p == NULL)) 92 return htonl(NFS4ERR_RESOURCE); 93 *len = ntohl(*p); 94 95 if (*len != 0) { 96 p = read_buf(xdr, *len); 97 if (unlikely(p == NULL)) 98 return htonl(NFS4ERR_RESOURCE); 99 *str = (const char *)p; 100 } else 101 *str = NULL; 102 103 return 0; 104 } 105 106 static __be32 decode_fh(struct xdr_stream *xdr, struct nfs_fh *fh) 107 { 108 __be32 *p; 109 110 p = read_buf(xdr, 4); 111 if (unlikely(p == NULL)) 112 return htonl(NFS4ERR_RESOURCE); 113 fh->size = ntohl(*p); 114 if (fh->size > NFS4_FHSIZE) 115 return htonl(NFS4ERR_BADHANDLE); 116 p = read_buf(xdr, fh->size); 117 if (unlikely(p == NULL)) 118 return htonl(NFS4ERR_RESOURCE); 119 memcpy(&fh->data[0], p, fh->size); 120 memset(&fh->data[fh->size], 0, sizeof(fh->data) - fh->size); 121 return 0; 122 } 123 124 static __be32 decode_bitmap(struct xdr_stream *xdr, uint32_t *bitmap) 125 { 126 __be32 *p; 127 unsigned int attrlen; 128 129 p = read_buf(xdr, 4); 130 if (unlikely(p == NULL)) 131 return htonl(NFS4ERR_RESOURCE); 132 attrlen = ntohl(*p); 133 p = read_buf(xdr, attrlen << 2); 134 if (unlikely(p == NULL)) 135 return htonl(NFS4ERR_RESOURCE); 136 if (likely(attrlen > 0)) 137 bitmap[0] = ntohl(*p++); 138 if (attrlen > 1) 139 bitmap[1] = ntohl(*p); 140 return 0; 141 } 142 143 static __be32 decode_stateid(struct xdr_stream *xdr, nfs4_stateid *stateid) 144 { 145 __be32 *p; 146 147 p = read_buf(xdr, NFS4_STATEID_SIZE); 148 if (unlikely(p == NULL)) 149 return htonl(NFS4ERR_RESOURCE); 150 memcpy(stateid, p, NFS4_STATEID_SIZE); 151 return 0; 152 } 153 154 static __be32 decode_compound_hdr_arg(struct xdr_stream *xdr, struct cb_compound_hdr_arg *hdr) 155 { 156 __be32 *p; 157 __be32 status; 158 159 status = decode_string(xdr, &hdr->taglen, &hdr->tag); 160 if (unlikely(status != 0)) 161 return status; 162 /* We do not like overly long tags! */ 163 if (hdr->taglen > CB_OP_TAGLEN_MAXSZ) { 164 printk("NFS: NFSv4 CALLBACK %s: client sent tag of length %u\n", 165 __func__, hdr->taglen); 166 return htonl(NFS4ERR_RESOURCE); 167 } 168 p = read_buf(xdr, 12); 169 if (unlikely(p == NULL)) 170 return htonl(NFS4ERR_RESOURCE); 171 hdr->minorversion = ntohl(*p++); 172 /* Check for minor version support */ 173 if (hdr->minorversion <= NFS4_MAX_MINOR_VERSION) { 174 hdr->cb_ident = ntohl(*p++); /* ignored by v4.1 and v4.2 */ 175 } else { 176 pr_warn_ratelimited("NFS: %s: NFSv4 server callback with " 177 "illegal minor version %u!\n", 178 __func__, hdr->minorversion); 179 return htonl(NFS4ERR_MINOR_VERS_MISMATCH); 180 } 181 hdr->nops = ntohl(*p); 182 dprintk("%s: minorversion %d nops %d\n", __func__, 183 hdr->minorversion, hdr->nops); 184 return 0; 185 } 186 187 static __be32 decode_op_hdr(struct xdr_stream *xdr, unsigned int *op) 188 { 189 __be32 *p; 190 p = read_buf(xdr, 4); 191 if (unlikely(p == NULL)) 192 return htonl(NFS4ERR_RESOURCE_HDR); 193 *op = ntohl(*p); 194 return 0; 195 } 196 197 static __be32 decode_getattr_args(struct svc_rqst *rqstp, struct xdr_stream *xdr, struct cb_getattrargs *args) 198 { 199 __be32 status; 200 201 status = decode_fh(xdr, &args->fh); 202 if (unlikely(status != 0)) 203 goto out; 204 status = decode_bitmap(xdr, args->bitmap); 205 out: 206 dprintk("%s: exit with status = %d\n", __func__, ntohl(status)); 207 return status; 208 } 209 210 static __be32 decode_recall_args(struct svc_rqst *rqstp, struct xdr_stream *xdr, struct cb_recallargs *args) 211 { 212 __be32 *p; 213 __be32 status; 214 215 status = decode_stateid(xdr, &args->stateid); 216 if (unlikely(status != 0)) 217 goto out; 218 p = read_buf(xdr, 4); 219 if (unlikely(p == NULL)) { 220 status = htonl(NFS4ERR_RESOURCE); 221 goto out; 222 } 223 args->truncate = ntohl(*p); 224 status = decode_fh(xdr, &args->fh); 225 out: 226 dprintk("%s: exit with status = %d\n", __func__, ntohl(status)); 227 return status; 228 } 229 230 #if defined(CONFIG_NFS_V4_1) 231 232 static __be32 decode_layoutrecall_args(struct svc_rqst *rqstp, 233 struct xdr_stream *xdr, 234 struct cb_layoutrecallargs *args) 235 { 236 __be32 *p; 237 __be32 status = 0; 238 uint32_t iomode; 239 240 p = read_buf(xdr, 4 * sizeof(uint32_t)); 241 if (unlikely(p == NULL)) { 242 status = htonl(NFS4ERR_BADXDR); 243 goto out; 244 } 245 246 args->cbl_layout_type = ntohl(*p++); 247 /* Depite the spec's xdr, iomode really belongs in the FILE switch, 248 * as it is unusable and ignored with the other types. 249 */ 250 iomode = ntohl(*p++); 251 args->cbl_layoutchanged = ntohl(*p++); 252 args->cbl_recall_type = ntohl(*p++); 253 254 if (args->cbl_recall_type == RETURN_FILE) { 255 args->cbl_range.iomode = iomode; 256 status = decode_fh(xdr, &args->cbl_fh); 257 if (unlikely(status != 0)) 258 goto out; 259 260 p = read_buf(xdr, 2 * sizeof(uint64_t)); 261 if (unlikely(p == NULL)) { 262 status = htonl(NFS4ERR_BADXDR); 263 goto out; 264 } 265 p = xdr_decode_hyper(p, &args->cbl_range.offset); 266 p = xdr_decode_hyper(p, &args->cbl_range.length); 267 status = decode_stateid(xdr, &args->cbl_stateid); 268 if (unlikely(status != 0)) 269 goto out; 270 } else if (args->cbl_recall_type == RETURN_FSID) { 271 p = read_buf(xdr, 2 * sizeof(uint64_t)); 272 if (unlikely(p == NULL)) { 273 status = htonl(NFS4ERR_BADXDR); 274 goto out; 275 } 276 p = xdr_decode_hyper(p, &args->cbl_fsid.major); 277 p = xdr_decode_hyper(p, &args->cbl_fsid.minor); 278 } else if (args->cbl_recall_type != RETURN_ALL) { 279 status = htonl(NFS4ERR_BADXDR); 280 goto out; 281 } 282 dprintk("%s: ltype 0x%x iomode %d changed %d recall_type %d\n", 283 __func__, 284 args->cbl_layout_type, iomode, 285 args->cbl_layoutchanged, args->cbl_recall_type); 286 out: 287 dprintk("%s: exit with status = %d\n", __func__, ntohl(status)); 288 return status; 289 } 290 291 static 292 __be32 decode_devicenotify_args(struct svc_rqst *rqstp, 293 struct xdr_stream *xdr, 294 struct cb_devicenotifyargs *args) 295 { 296 __be32 *p; 297 __be32 status = 0; 298 u32 tmp; 299 int n, i; 300 args->ndevs = 0; 301 302 /* Num of device notifications */ 303 p = read_buf(xdr, sizeof(uint32_t)); 304 if (unlikely(p == NULL)) { 305 status = htonl(NFS4ERR_BADXDR); 306 goto out; 307 } 308 n = ntohl(*p++); 309 if (n <= 0) 310 goto out; 311 if (n > ULONG_MAX / sizeof(*args->devs)) { 312 status = htonl(NFS4ERR_BADXDR); 313 goto out; 314 } 315 316 args->devs = kmalloc_array(n, sizeof(*args->devs), GFP_KERNEL); 317 if (!args->devs) { 318 status = htonl(NFS4ERR_DELAY); 319 goto out; 320 } 321 322 /* Decode each dev notification */ 323 for (i = 0; i < n; i++) { 324 struct cb_devicenotifyitem *dev = &args->devs[i]; 325 326 p = read_buf(xdr, (4 * sizeof(uint32_t)) + NFS4_DEVICEID4_SIZE); 327 if (unlikely(p == NULL)) { 328 status = htonl(NFS4ERR_BADXDR); 329 goto err; 330 } 331 332 tmp = ntohl(*p++); /* bitmap size */ 333 if (tmp != 1) { 334 status = htonl(NFS4ERR_INVAL); 335 goto err; 336 } 337 dev->cbd_notify_type = ntohl(*p++); 338 if (dev->cbd_notify_type != NOTIFY_DEVICEID4_CHANGE && 339 dev->cbd_notify_type != NOTIFY_DEVICEID4_DELETE) { 340 status = htonl(NFS4ERR_INVAL); 341 goto err; 342 } 343 344 tmp = ntohl(*p++); /* opaque size */ 345 if (((dev->cbd_notify_type == NOTIFY_DEVICEID4_CHANGE) && 346 (tmp != NFS4_DEVICEID4_SIZE + 8)) || 347 ((dev->cbd_notify_type == NOTIFY_DEVICEID4_DELETE) && 348 (tmp != NFS4_DEVICEID4_SIZE + 4))) { 349 status = htonl(NFS4ERR_INVAL); 350 goto err; 351 } 352 dev->cbd_layout_type = ntohl(*p++); 353 memcpy(dev->cbd_dev_id.data, p, NFS4_DEVICEID4_SIZE); 354 p += XDR_QUADLEN(NFS4_DEVICEID4_SIZE); 355 356 if (dev->cbd_layout_type == NOTIFY_DEVICEID4_CHANGE) { 357 p = read_buf(xdr, sizeof(uint32_t)); 358 if (unlikely(p == NULL)) { 359 status = htonl(NFS4ERR_BADXDR); 360 goto err; 361 } 362 dev->cbd_immediate = ntohl(*p++); 363 } else { 364 dev->cbd_immediate = 0; 365 } 366 367 args->ndevs++; 368 369 dprintk("%s: type %d layout 0x%x immediate %d\n", 370 __func__, dev->cbd_notify_type, dev->cbd_layout_type, 371 dev->cbd_immediate); 372 } 373 out: 374 dprintk("%s: status %d ndevs %d\n", 375 __func__, ntohl(status), args->ndevs); 376 return status; 377 err: 378 kfree(args->devs); 379 goto out; 380 } 381 382 static __be32 decode_sessionid(struct xdr_stream *xdr, 383 struct nfs4_sessionid *sid) 384 { 385 __be32 *p; 386 387 p = read_buf(xdr, NFS4_MAX_SESSIONID_LEN); 388 if (unlikely(p == NULL)) 389 return htonl(NFS4ERR_RESOURCE); 390 391 memcpy(sid->data, p, NFS4_MAX_SESSIONID_LEN); 392 return 0; 393 } 394 395 static __be32 decode_rc_list(struct xdr_stream *xdr, 396 struct referring_call_list *rc_list) 397 { 398 __be32 *p; 399 int i; 400 __be32 status; 401 402 status = decode_sessionid(xdr, &rc_list->rcl_sessionid); 403 if (status) 404 goto out; 405 406 status = htonl(NFS4ERR_RESOURCE); 407 p = read_buf(xdr, sizeof(uint32_t)); 408 if (unlikely(p == NULL)) 409 goto out; 410 411 rc_list->rcl_nrefcalls = ntohl(*p++); 412 if (rc_list->rcl_nrefcalls) { 413 p = read_buf(xdr, 414 rc_list->rcl_nrefcalls * 2 * sizeof(uint32_t)); 415 if (unlikely(p == NULL)) 416 goto out; 417 rc_list->rcl_refcalls = kmalloc_array(rc_list->rcl_nrefcalls, 418 sizeof(*rc_list->rcl_refcalls), 419 GFP_KERNEL); 420 if (unlikely(rc_list->rcl_refcalls == NULL)) 421 goto out; 422 for (i = 0; i < rc_list->rcl_nrefcalls; i++) { 423 rc_list->rcl_refcalls[i].rc_sequenceid = ntohl(*p++); 424 rc_list->rcl_refcalls[i].rc_slotid = ntohl(*p++); 425 } 426 } 427 status = 0; 428 429 out: 430 return status; 431 } 432 433 static __be32 decode_cb_sequence_args(struct svc_rqst *rqstp, 434 struct xdr_stream *xdr, 435 struct cb_sequenceargs *args) 436 { 437 __be32 *p; 438 int i; 439 __be32 status; 440 441 status = decode_sessionid(xdr, &args->csa_sessionid); 442 if (status) 443 goto out; 444 445 status = htonl(NFS4ERR_RESOURCE); 446 p = read_buf(xdr, 5 * sizeof(uint32_t)); 447 if (unlikely(p == NULL)) 448 goto out; 449 450 args->csa_addr = svc_addr(rqstp); 451 args->csa_sequenceid = ntohl(*p++); 452 args->csa_slotid = ntohl(*p++); 453 args->csa_highestslotid = ntohl(*p++); 454 args->csa_cachethis = ntohl(*p++); 455 args->csa_nrclists = ntohl(*p++); 456 args->csa_rclists = NULL; 457 if (args->csa_nrclists) { 458 args->csa_rclists = kmalloc_array(args->csa_nrclists, 459 sizeof(*args->csa_rclists), 460 GFP_KERNEL); 461 if (unlikely(args->csa_rclists == NULL)) 462 goto out; 463 464 for (i = 0; i < args->csa_nrclists; i++) { 465 status = decode_rc_list(xdr, &args->csa_rclists[i]); 466 if (status) { 467 args->csa_nrclists = i; 468 goto out_free; 469 } 470 } 471 } 472 status = 0; 473 474 dprintk("%s: sessionid %x:%x:%x:%x sequenceid %u slotid %u " 475 "highestslotid %u cachethis %d nrclists %u\n", 476 __func__, 477 ((u32 *)&args->csa_sessionid)[0], 478 ((u32 *)&args->csa_sessionid)[1], 479 ((u32 *)&args->csa_sessionid)[2], 480 ((u32 *)&args->csa_sessionid)[3], 481 args->csa_sequenceid, args->csa_slotid, 482 args->csa_highestslotid, args->csa_cachethis, 483 args->csa_nrclists); 484 out: 485 dprintk("%s: exit with status = %d\n", __func__, ntohl(status)); 486 return status; 487 488 out_free: 489 for (i = 0; i < args->csa_nrclists; i++) 490 kfree(args->csa_rclists[i].rcl_refcalls); 491 kfree(args->csa_rclists); 492 goto out; 493 } 494 495 static __be32 decode_recallany_args(struct svc_rqst *rqstp, 496 struct xdr_stream *xdr, 497 struct cb_recallanyargs *args) 498 { 499 uint32_t bitmap[2]; 500 __be32 *p, status; 501 502 p = read_buf(xdr, 4); 503 if (unlikely(p == NULL)) 504 return htonl(NFS4ERR_BADXDR); 505 args->craa_objs_to_keep = ntohl(*p++); 506 status = decode_bitmap(xdr, bitmap); 507 if (unlikely(status)) 508 return status; 509 args->craa_type_mask = bitmap[0]; 510 511 return 0; 512 } 513 514 static __be32 decode_recallslot_args(struct svc_rqst *rqstp, 515 struct xdr_stream *xdr, 516 struct cb_recallslotargs *args) 517 { 518 __be32 *p; 519 520 p = read_buf(xdr, 4); 521 if (unlikely(p == NULL)) 522 return htonl(NFS4ERR_BADXDR); 523 args->crsa_target_highest_slotid = ntohl(*p++); 524 return 0; 525 } 526 527 #endif /* CONFIG_NFS_V4_1 */ 528 529 static __be32 encode_string(struct xdr_stream *xdr, unsigned int len, const char *str) 530 { 531 __be32 *p; 532 533 p = xdr_reserve_space(xdr, 4 + len); 534 if (unlikely(p == NULL)) 535 return htonl(NFS4ERR_RESOURCE); 536 xdr_encode_opaque(p, str, len); 537 return 0; 538 } 539 540 #define CB_SUPPORTED_ATTR0 (FATTR4_WORD0_CHANGE|FATTR4_WORD0_SIZE) 541 #define CB_SUPPORTED_ATTR1 (FATTR4_WORD1_TIME_METADATA|FATTR4_WORD1_TIME_MODIFY) 542 static __be32 encode_attr_bitmap(struct xdr_stream *xdr, const uint32_t *bitmap, __be32 **savep) 543 { 544 __be32 bm[2]; 545 __be32 *p; 546 547 bm[0] = htonl(bitmap[0] & CB_SUPPORTED_ATTR0); 548 bm[1] = htonl(bitmap[1] & CB_SUPPORTED_ATTR1); 549 if (bm[1] != 0) { 550 p = xdr_reserve_space(xdr, 16); 551 if (unlikely(p == NULL)) 552 return htonl(NFS4ERR_RESOURCE); 553 *p++ = htonl(2); 554 *p++ = bm[0]; 555 *p++ = bm[1]; 556 } else if (bm[0] != 0) { 557 p = xdr_reserve_space(xdr, 12); 558 if (unlikely(p == NULL)) 559 return htonl(NFS4ERR_RESOURCE); 560 *p++ = htonl(1); 561 *p++ = bm[0]; 562 } else { 563 p = xdr_reserve_space(xdr, 8); 564 if (unlikely(p == NULL)) 565 return htonl(NFS4ERR_RESOURCE); 566 *p++ = htonl(0); 567 } 568 *savep = p; 569 return 0; 570 } 571 572 static __be32 encode_attr_change(struct xdr_stream *xdr, const uint32_t *bitmap, uint64_t change) 573 { 574 __be32 *p; 575 576 if (!(bitmap[0] & FATTR4_WORD0_CHANGE)) 577 return 0; 578 p = xdr_reserve_space(xdr, 8); 579 if (unlikely(!p)) 580 return htonl(NFS4ERR_RESOURCE); 581 p = xdr_encode_hyper(p, change); 582 return 0; 583 } 584 585 static __be32 encode_attr_size(struct xdr_stream *xdr, const uint32_t *bitmap, uint64_t size) 586 { 587 __be32 *p; 588 589 if (!(bitmap[0] & FATTR4_WORD0_SIZE)) 590 return 0; 591 p = xdr_reserve_space(xdr, 8); 592 if (unlikely(!p)) 593 return htonl(NFS4ERR_RESOURCE); 594 p = xdr_encode_hyper(p, size); 595 return 0; 596 } 597 598 static __be32 encode_attr_time(struct xdr_stream *xdr, const struct timespec *time) 599 { 600 __be32 *p; 601 602 p = xdr_reserve_space(xdr, 12); 603 if (unlikely(!p)) 604 return htonl(NFS4ERR_RESOURCE); 605 p = xdr_encode_hyper(p, time->tv_sec); 606 *p = htonl(time->tv_nsec); 607 return 0; 608 } 609 610 static __be32 encode_attr_ctime(struct xdr_stream *xdr, const uint32_t *bitmap, const struct timespec *time) 611 { 612 if (!(bitmap[1] & FATTR4_WORD1_TIME_METADATA)) 613 return 0; 614 return encode_attr_time(xdr,time); 615 } 616 617 static __be32 encode_attr_mtime(struct xdr_stream *xdr, const uint32_t *bitmap, const struct timespec *time) 618 { 619 if (!(bitmap[1] & FATTR4_WORD1_TIME_MODIFY)) 620 return 0; 621 return encode_attr_time(xdr,time); 622 } 623 624 static __be32 encode_compound_hdr_res(struct xdr_stream *xdr, struct cb_compound_hdr_res *hdr) 625 { 626 __be32 status; 627 628 hdr->status = xdr_reserve_space(xdr, 4); 629 if (unlikely(hdr->status == NULL)) 630 return htonl(NFS4ERR_RESOURCE); 631 status = encode_string(xdr, hdr->taglen, hdr->tag); 632 if (unlikely(status != 0)) 633 return status; 634 hdr->nops = xdr_reserve_space(xdr, 4); 635 if (unlikely(hdr->nops == NULL)) 636 return htonl(NFS4ERR_RESOURCE); 637 return 0; 638 } 639 640 static __be32 encode_op_hdr(struct xdr_stream *xdr, uint32_t op, __be32 res) 641 { 642 __be32 *p; 643 644 p = xdr_reserve_space(xdr, 8); 645 if (unlikely(p == NULL)) 646 return htonl(NFS4ERR_RESOURCE_HDR); 647 *p++ = htonl(op); 648 *p = res; 649 return 0; 650 } 651 652 static __be32 encode_getattr_res(struct svc_rqst *rqstp, struct xdr_stream *xdr, const struct cb_getattrres *res) 653 { 654 __be32 *savep = NULL; 655 __be32 status = res->status; 656 657 if (unlikely(status != 0)) 658 goto out; 659 status = encode_attr_bitmap(xdr, res->bitmap, &savep); 660 if (unlikely(status != 0)) 661 goto out; 662 status = encode_attr_change(xdr, res->bitmap, res->change_attr); 663 if (unlikely(status != 0)) 664 goto out; 665 status = encode_attr_size(xdr, res->bitmap, res->size); 666 if (unlikely(status != 0)) 667 goto out; 668 status = encode_attr_ctime(xdr, res->bitmap, &res->ctime); 669 if (unlikely(status != 0)) 670 goto out; 671 status = encode_attr_mtime(xdr, res->bitmap, &res->mtime); 672 *savep = htonl((unsigned int)((char *)xdr->p - (char *)(savep+1))); 673 out: 674 dprintk("%s: exit with status = %d\n", __func__, ntohl(status)); 675 return status; 676 } 677 678 #if defined(CONFIG_NFS_V4_1) 679 680 static __be32 encode_sessionid(struct xdr_stream *xdr, 681 const struct nfs4_sessionid *sid) 682 { 683 __be32 *p; 684 685 p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN); 686 if (unlikely(p == NULL)) 687 return htonl(NFS4ERR_RESOURCE); 688 689 memcpy(p, sid, NFS4_MAX_SESSIONID_LEN); 690 return 0; 691 } 692 693 static __be32 encode_cb_sequence_res(struct svc_rqst *rqstp, 694 struct xdr_stream *xdr, 695 const struct cb_sequenceres *res) 696 { 697 __be32 *p; 698 __be32 status = res->csr_status; 699 700 if (unlikely(status != 0)) 701 goto out; 702 703 status = encode_sessionid(xdr, &res->csr_sessionid); 704 if (status) 705 goto out; 706 707 p = xdr_reserve_space(xdr, 4 * sizeof(uint32_t)); 708 if (unlikely(p == NULL)) 709 return htonl(NFS4ERR_RESOURCE); 710 711 *p++ = htonl(res->csr_sequenceid); 712 *p++ = htonl(res->csr_slotid); 713 *p++ = htonl(res->csr_highestslotid); 714 *p++ = htonl(res->csr_target_highestslotid); 715 out: 716 dprintk("%s: exit with status = %d\n", __func__, ntohl(status)); 717 return status; 718 } 719 720 static __be32 721 preprocess_nfs41_op(int nop, unsigned int op_nr, struct callback_op **op) 722 { 723 if (op_nr == OP_CB_SEQUENCE) { 724 if (nop != 0) 725 return htonl(NFS4ERR_SEQUENCE_POS); 726 } else { 727 if (nop == 0) 728 return htonl(NFS4ERR_OP_NOT_IN_SESSION); 729 } 730 731 switch (op_nr) { 732 case OP_CB_GETATTR: 733 case OP_CB_RECALL: 734 case OP_CB_SEQUENCE: 735 case OP_CB_RECALL_ANY: 736 case OP_CB_RECALL_SLOT: 737 case OP_CB_LAYOUTRECALL: 738 case OP_CB_NOTIFY_DEVICEID: 739 *op = &callback_ops[op_nr]; 740 break; 741 742 case OP_CB_NOTIFY: 743 case OP_CB_PUSH_DELEG: 744 case OP_CB_RECALLABLE_OBJ_AVAIL: 745 case OP_CB_WANTS_CANCELLED: 746 case OP_CB_NOTIFY_LOCK: 747 return htonl(NFS4ERR_NOTSUPP); 748 749 default: 750 return htonl(NFS4ERR_OP_ILLEGAL); 751 } 752 753 return htonl(NFS_OK); 754 } 755 756 static void nfs4_callback_free_slot(struct nfs4_session *session) 757 { 758 struct nfs4_slot_table *tbl = &session->bc_slot_table; 759 760 spin_lock(&tbl->slot_tbl_lock); 761 /* 762 * Let the state manager know callback processing done. 763 * A single slot, so highest used slotid is either 0 or -1 764 */ 765 tbl->highest_used_slotid = NFS4_NO_SLOT; 766 nfs4_slot_tbl_drain_complete(tbl); 767 spin_unlock(&tbl->slot_tbl_lock); 768 } 769 770 static void nfs4_cb_free_slot(struct cb_process_state *cps) 771 { 772 if (cps->slotid != NFS4_NO_SLOT) 773 nfs4_callback_free_slot(cps->clp->cl_session); 774 } 775 776 #else /* CONFIG_NFS_V4_1 */ 777 778 static __be32 779 preprocess_nfs41_op(int nop, unsigned int op_nr, struct callback_op **op) 780 { 781 return htonl(NFS4ERR_MINOR_VERS_MISMATCH); 782 } 783 784 static void nfs4_cb_free_slot(struct cb_process_state *cps) 785 { 786 } 787 #endif /* CONFIG_NFS_V4_1 */ 788 789 #ifdef CONFIG_NFS_V4_2 790 static __be32 791 preprocess_nfs42_op(int nop, unsigned int op_nr, struct callback_op **op) 792 { 793 __be32 status = preprocess_nfs41_op(nop, op_nr, op); 794 if (status != htonl(NFS4ERR_OP_ILLEGAL)) 795 return status; 796 797 if (op_nr == OP_CB_OFFLOAD) 798 return htonl(NFS4ERR_NOTSUPP); 799 return htonl(NFS4ERR_OP_ILLEGAL); 800 } 801 #else /* CONFIG_NFS_V4_2 */ 802 static __be32 803 preprocess_nfs42_op(int nop, unsigned int op_nr, struct callback_op **op) 804 { 805 return htonl(NFS4ERR_MINOR_VERS_MISMATCH); 806 } 807 #endif /* CONFIG_NFS_V4_2 */ 808 809 static __be32 810 preprocess_nfs4_op(unsigned int op_nr, struct callback_op **op) 811 { 812 switch (op_nr) { 813 case OP_CB_GETATTR: 814 case OP_CB_RECALL: 815 *op = &callback_ops[op_nr]; 816 break; 817 default: 818 return htonl(NFS4ERR_OP_ILLEGAL); 819 } 820 821 return htonl(NFS_OK); 822 } 823 824 static __be32 process_op(int nop, struct svc_rqst *rqstp, 825 struct xdr_stream *xdr_in, void *argp, 826 struct xdr_stream *xdr_out, void *resp, 827 struct cb_process_state *cps) 828 { 829 struct callback_op *op = &callback_ops[0]; 830 unsigned int op_nr; 831 __be32 status; 832 long maxlen; 833 __be32 res; 834 835 dprintk("%s: start\n", __func__); 836 status = decode_op_hdr(xdr_in, &op_nr); 837 if (unlikely(status)) 838 return status; 839 840 dprintk("%s: minorversion=%d nop=%d op_nr=%u\n", 841 __func__, cps->minorversion, nop, op_nr); 842 843 switch (cps->minorversion) { 844 case 0: 845 status = preprocess_nfs4_op(op_nr, &op); 846 break; 847 case 1: 848 status = preprocess_nfs41_op(nop, op_nr, &op); 849 break; 850 case 2: 851 status = preprocess_nfs42_op(nop, op_nr, &op); 852 break; 853 default: 854 status = htonl(NFS4ERR_MINOR_VERS_MISMATCH); 855 } 856 857 if (status == htonl(NFS4ERR_OP_ILLEGAL)) 858 op_nr = OP_CB_ILLEGAL; 859 if (status) 860 goto encode_hdr; 861 862 if (cps->drc_status) { 863 status = cps->drc_status; 864 goto encode_hdr; 865 } 866 867 maxlen = xdr_out->end - xdr_out->p; 868 if (maxlen > 0 && maxlen < PAGE_SIZE) { 869 status = op->decode_args(rqstp, xdr_in, argp); 870 if (likely(status == 0)) 871 status = op->process_op(argp, resp, cps); 872 } else 873 status = htonl(NFS4ERR_RESOURCE); 874 875 encode_hdr: 876 res = encode_op_hdr(xdr_out, op_nr, status); 877 if (unlikely(res)) 878 return res; 879 if (op->encode_res != NULL && status == 0) 880 status = op->encode_res(rqstp, xdr_out, resp); 881 dprintk("%s: done, status = %d\n", __func__, ntohl(status)); 882 return status; 883 } 884 885 /* 886 * Decode, process and encode a COMPOUND 887 */ 888 static __be32 nfs4_callback_compound(struct svc_rqst *rqstp, void *argp, void *resp) 889 { 890 struct cb_compound_hdr_arg hdr_arg = { 0 }; 891 struct cb_compound_hdr_res hdr_res = { NULL }; 892 struct xdr_stream xdr_in, xdr_out; 893 struct xdr_buf *rq_arg = &rqstp->rq_arg; 894 __be32 *p, status; 895 struct cb_process_state cps = { 896 .drc_status = 0, 897 .clp = NULL, 898 .slotid = NFS4_NO_SLOT, 899 .net = SVC_NET(rqstp), 900 }; 901 unsigned int nops = 0; 902 903 dprintk("%s: start\n", __func__); 904 905 rq_arg->len = rq_arg->head[0].iov_len + rq_arg->page_len; 906 xdr_init_decode(&xdr_in, rq_arg, rq_arg->head[0].iov_base); 907 908 p = (__be32*)((char *)rqstp->rq_res.head[0].iov_base + rqstp->rq_res.head[0].iov_len); 909 xdr_init_encode(&xdr_out, &rqstp->rq_res, p); 910 911 status = decode_compound_hdr_arg(&xdr_in, &hdr_arg); 912 if (status == htonl(NFS4ERR_RESOURCE)) 913 return rpc_garbage_args; 914 915 if (hdr_arg.minorversion == 0) { 916 cps.clp = nfs4_find_client_ident(SVC_NET(rqstp), hdr_arg.cb_ident); 917 if (!cps.clp || !check_gss_callback_principal(cps.clp, rqstp)) 918 return rpc_drop_reply; 919 } 920 921 cps.minorversion = hdr_arg.minorversion; 922 hdr_res.taglen = hdr_arg.taglen; 923 hdr_res.tag = hdr_arg.tag; 924 if (encode_compound_hdr_res(&xdr_out, &hdr_res) != 0) 925 return rpc_system_err; 926 927 while (status == 0 && nops != hdr_arg.nops) { 928 status = process_op(nops, rqstp, &xdr_in, 929 argp, &xdr_out, resp, &cps); 930 nops++; 931 } 932 933 /* Buffer overflow in decode_ops_hdr or encode_ops_hdr. Return 934 * resource error in cb_compound status without returning op */ 935 if (unlikely(status == htonl(NFS4ERR_RESOURCE_HDR))) { 936 status = htonl(NFS4ERR_RESOURCE); 937 nops--; 938 } 939 940 *hdr_res.status = status; 941 *hdr_res.nops = htonl(nops); 942 nfs4_cb_free_slot(&cps); 943 nfs_put_client(cps.clp); 944 dprintk("%s: done, status = %u\n", __func__, ntohl(status)); 945 return rpc_success; 946 } 947 948 /* 949 * Define NFS4 callback COMPOUND ops. 950 */ 951 static struct callback_op callback_ops[] = { 952 [0] = { 953 .res_maxsize = CB_OP_HDR_RES_MAXSZ, 954 }, 955 [OP_CB_GETATTR] = { 956 .process_op = (callback_process_op_t)nfs4_callback_getattr, 957 .decode_args = (callback_decode_arg_t)decode_getattr_args, 958 .encode_res = (callback_encode_res_t)encode_getattr_res, 959 .res_maxsize = CB_OP_GETATTR_RES_MAXSZ, 960 }, 961 [OP_CB_RECALL] = { 962 .process_op = (callback_process_op_t)nfs4_callback_recall, 963 .decode_args = (callback_decode_arg_t)decode_recall_args, 964 .res_maxsize = CB_OP_RECALL_RES_MAXSZ, 965 }, 966 #if defined(CONFIG_NFS_V4_1) 967 [OP_CB_LAYOUTRECALL] = { 968 .process_op = (callback_process_op_t)nfs4_callback_layoutrecall, 969 .decode_args = 970 (callback_decode_arg_t)decode_layoutrecall_args, 971 .res_maxsize = CB_OP_LAYOUTRECALL_RES_MAXSZ, 972 }, 973 [OP_CB_NOTIFY_DEVICEID] = { 974 .process_op = (callback_process_op_t)nfs4_callback_devicenotify, 975 .decode_args = 976 (callback_decode_arg_t)decode_devicenotify_args, 977 .res_maxsize = CB_OP_DEVICENOTIFY_RES_MAXSZ, 978 }, 979 [OP_CB_SEQUENCE] = { 980 .process_op = (callback_process_op_t)nfs4_callback_sequence, 981 .decode_args = (callback_decode_arg_t)decode_cb_sequence_args, 982 .encode_res = (callback_encode_res_t)encode_cb_sequence_res, 983 .res_maxsize = CB_OP_SEQUENCE_RES_MAXSZ, 984 }, 985 [OP_CB_RECALL_ANY] = { 986 .process_op = (callback_process_op_t)nfs4_callback_recallany, 987 .decode_args = (callback_decode_arg_t)decode_recallany_args, 988 .res_maxsize = CB_OP_RECALLANY_RES_MAXSZ, 989 }, 990 [OP_CB_RECALL_SLOT] = { 991 .process_op = (callback_process_op_t)nfs4_callback_recallslot, 992 .decode_args = (callback_decode_arg_t)decode_recallslot_args, 993 .res_maxsize = CB_OP_RECALLSLOT_RES_MAXSZ, 994 }, 995 #endif /* CONFIG_NFS_V4_1 */ 996 }; 997 998 /* 999 * Define NFS4 callback procedures 1000 */ 1001 static struct svc_procedure nfs4_callback_procedures1[] = { 1002 [CB_NULL] = { 1003 .pc_func = nfs4_callback_null, 1004 .pc_decode = (kxdrproc_t)nfs4_decode_void, 1005 .pc_encode = (kxdrproc_t)nfs4_encode_void, 1006 .pc_xdrressize = 1, 1007 }, 1008 [CB_COMPOUND] = { 1009 .pc_func = nfs4_callback_compound, 1010 .pc_encode = (kxdrproc_t)nfs4_encode_void, 1011 .pc_argsize = 256, 1012 .pc_ressize = 256, 1013 .pc_xdrressize = NFS4_CALLBACK_BUFSIZE, 1014 } 1015 }; 1016 1017 struct svc_version nfs4_callback_version1 = { 1018 .vs_vers = 1, 1019 .vs_nproc = ARRAY_SIZE(nfs4_callback_procedures1), 1020 .vs_proc = nfs4_callback_procedures1, 1021 .vs_xdrsize = NFS4_CALLBACK_XDRSIZE, 1022 .vs_dispatch = NULL, 1023 .vs_hidden = 1, 1024 }; 1025 1026 struct svc_version nfs4_callback_version4 = { 1027 .vs_vers = 4, 1028 .vs_nproc = ARRAY_SIZE(nfs4_callback_procedures1), 1029 .vs_proc = nfs4_callback_procedures1, 1030 .vs_xdrsize = NFS4_CALLBACK_XDRSIZE, 1031 .vs_dispatch = NULL, 1032 .vs_hidden = 1, 1033 }; 1034