1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include "xdr4.h" 46 #include "xdr4cb.h" 47 #include "vfs.h" 48 #include "current_stateid.h" 49 50 #include "netns.h" 51 #include "pnfs.h" 52 53 #define NFSDDBG_FACILITY NFSDDBG_PROC 54 55 #define all_ones {{~0,~0},~0} 56 static const stateid_t one_stateid = { 57 .si_generation = ~0, 58 .si_opaque = all_ones, 59 }; 60 static const stateid_t zero_stateid = { 61 /* all fields zero */ 62 }; 63 static const stateid_t currentstateid = { 64 .si_generation = 1, 65 }; 66 67 static u64 current_sessionid = 1; 68 69 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 70 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 71 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 72 73 /* forward declarations */ 74 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 75 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 76 77 /* Locking: */ 78 79 /* 80 * Currently used for the del_recall_lru and file hash table. In an 81 * effort to decrease the scope of the client_mutex, this spinlock may 82 * eventually cover more: 83 */ 84 static DEFINE_SPINLOCK(state_lock); 85 86 /* 87 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 88 * the refcount on the open stateid to drop. 89 */ 90 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 91 92 static struct kmem_cache *openowner_slab; 93 static struct kmem_cache *lockowner_slab; 94 static struct kmem_cache *file_slab; 95 static struct kmem_cache *stateid_slab; 96 static struct kmem_cache *deleg_slab; 97 static struct kmem_cache *odstate_slab; 98 99 static void free_session(struct nfsd4_session *); 100 101 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 102 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 103 104 static bool is_session_dead(struct nfsd4_session *ses) 105 { 106 return ses->se_flags & NFS4_SESSION_DEAD; 107 } 108 109 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 110 { 111 if (atomic_read(&ses->se_ref) > ref_held_by_me) 112 return nfserr_jukebox; 113 ses->se_flags |= NFS4_SESSION_DEAD; 114 return nfs_ok; 115 } 116 117 static bool is_client_expired(struct nfs4_client *clp) 118 { 119 return clp->cl_time == 0; 120 } 121 122 static __be32 get_client_locked(struct nfs4_client *clp) 123 { 124 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 125 126 lockdep_assert_held(&nn->client_lock); 127 128 if (is_client_expired(clp)) 129 return nfserr_expired; 130 atomic_inc(&clp->cl_refcount); 131 return nfs_ok; 132 } 133 134 /* must be called under the client_lock */ 135 static inline void 136 renew_client_locked(struct nfs4_client *clp) 137 { 138 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 139 140 if (is_client_expired(clp)) { 141 WARN_ON(1); 142 printk("%s: client (clientid %08x/%08x) already expired\n", 143 __func__, 144 clp->cl_clientid.cl_boot, 145 clp->cl_clientid.cl_id); 146 return; 147 } 148 149 dprintk("renewing client (clientid %08x/%08x)\n", 150 clp->cl_clientid.cl_boot, 151 clp->cl_clientid.cl_id); 152 list_move_tail(&clp->cl_lru, &nn->client_lru); 153 clp->cl_time = get_seconds(); 154 } 155 156 static void put_client_renew_locked(struct nfs4_client *clp) 157 { 158 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 159 160 lockdep_assert_held(&nn->client_lock); 161 162 if (!atomic_dec_and_test(&clp->cl_refcount)) 163 return; 164 if (!is_client_expired(clp)) 165 renew_client_locked(clp); 166 } 167 168 static void put_client_renew(struct nfs4_client *clp) 169 { 170 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 171 172 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock)) 173 return; 174 if (!is_client_expired(clp)) 175 renew_client_locked(clp); 176 spin_unlock(&nn->client_lock); 177 } 178 179 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 180 { 181 __be32 status; 182 183 if (is_session_dead(ses)) 184 return nfserr_badsession; 185 status = get_client_locked(ses->se_client); 186 if (status) 187 return status; 188 atomic_inc(&ses->se_ref); 189 return nfs_ok; 190 } 191 192 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 193 { 194 struct nfs4_client *clp = ses->se_client; 195 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 196 197 lockdep_assert_held(&nn->client_lock); 198 199 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 200 free_session(ses); 201 put_client_renew_locked(clp); 202 } 203 204 static void nfsd4_put_session(struct nfsd4_session *ses) 205 { 206 struct nfs4_client *clp = ses->se_client; 207 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 208 209 spin_lock(&nn->client_lock); 210 nfsd4_put_session_locked(ses); 211 spin_unlock(&nn->client_lock); 212 } 213 214 static struct nfsd4_blocked_lock * 215 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 216 struct nfsd_net *nn) 217 { 218 struct nfsd4_blocked_lock *cur, *found = NULL; 219 220 spin_lock(&nn->blocked_locks_lock); 221 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 222 if (fh_match(fh, &cur->nbl_fh)) { 223 list_del_init(&cur->nbl_list); 224 list_del_init(&cur->nbl_lru); 225 found = cur; 226 break; 227 } 228 } 229 spin_unlock(&nn->blocked_locks_lock); 230 if (found) 231 posix_unblock_lock(&found->nbl_lock); 232 return found; 233 } 234 235 static struct nfsd4_blocked_lock * 236 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 237 struct nfsd_net *nn) 238 { 239 struct nfsd4_blocked_lock *nbl; 240 241 nbl = find_blocked_lock(lo, fh, nn); 242 if (!nbl) { 243 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 244 if (nbl) { 245 fh_copy_shallow(&nbl->nbl_fh, fh); 246 locks_init_lock(&nbl->nbl_lock); 247 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 248 &nfsd4_cb_notify_lock_ops, 249 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 250 } 251 } 252 return nbl; 253 } 254 255 static void 256 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 257 { 258 locks_release_private(&nbl->nbl_lock); 259 kfree(nbl); 260 } 261 262 static int 263 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 264 { 265 /* 266 * Since this is just an optimization, we don't try very hard if it 267 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 268 * just quit trying on anything else. 269 */ 270 switch (task->tk_status) { 271 case -NFS4ERR_DELAY: 272 rpc_delay(task, 1 * HZ); 273 return 0; 274 default: 275 return 1; 276 } 277 } 278 279 static void 280 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 281 { 282 struct nfsd4_blocked_lock *nbl = container_of(cb, 283 struct nfsd4_blocked_lock, nbl_cb); 284 285 free_blocked_lock(nbl); 286 } 287 288 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 289 .done = nfsd4_cb_notify_lock_done, 290 .release = nfsd4_cb_notify_lock_release, 291 }; 292 293 static inline struct nfs4_stateowner * 294 nfs4_get_stateowner(struct nfs4_stateowner *sop) 295 { 296 atomic_inc(&sop->so_count); 297 return sop; 298 } 299 300 static int 301 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 302 { 303 return (sop->so_owner.len == owner->len) && 304 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 305 } 306 307 static struct nfs4_openowner * 308 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 309 struct nfs4_client *clp) 310 { 311 struct nfs4_stateowner *so; 312 313 lockdep_assert_held(&clp->cl_lock); 314 315 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 316 so_strhash) { 317 if (!so->so_is_open_owner) 318 continue; 319 if (same_owner_str(so, &open->op_owner)) 320 return openowner(nfs4_get_stateowner(so)); 321 } 322 return NULL; 323 } 324 325 static struct nfs4_openowner * 326 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 327 struct nfs4_client *clp) 328 { 329 struct nfs4_openowner *oo; 330 331 spin_lock(&clp->cl_lock); 332 oo = find_openstateowner_str_locked(hashval, open, clp); 333 spin_unlock(&clp->cl_lock); 334 return oo; 335 } 336 337 static inline u32 338 opaque_hashval(const void *ptr, int nbytes) 339 { 340 unsigned char *cptr = (unsigned char *) ptr; 341 342 u32 x = 0; 343 while (nbytes--) { 344 x *= 37; 345 x += *cptr++; 346 } 347 return x; 348 } 349 350 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 351 { 352 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 353 354 kmem_cache_free(file_slab, fp); 355 } 356 357 void 358 put_nfs4_file(struct nfs4_file *fi) 359 { 360 might_lock(&state_lock); 361 362 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 363 hlist_del_rcu(&fi->fi_hash); 364 spin_unlock(&state_lock); 365 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 366 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 367 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 368 } 369 } 370 371 static struct file * 372 __nfs4_get_fd(struct nfs4_file *f, int oflag) 373 { 374 if (f->fi_fds[oflag]) 375 return get_file(f->fi_fds[oflag]); 376 return NULL; 377 } 378 379 static struct file * 380 find_writeable_file_locked(struct nfs4_file *f) 381 { 382 struct file *ret; 383 384 lockdep_assert_held(&f->fi_lock); 385 386 ret = __nfs4_get_fd(f, O_WRONLY); 387 if (!ret) 388 ret = __nfs4_get_fd(f, O_RDWR); 389 return ret; 390 } 391 392 static struct file * 393 find_writeable_file(struct nfs4_file *f) 394 { 395 struct file *ret; 396 397 spin_lock(&f->fi_lock); 398 ret = find_writeable_file_locked(f); 399 spin_unlock(&f->fi_lock); 400 401 return ret; 402 } 403 404 static struct file *find_readable_file_locked(struct nfs4_file *f) 405 { 406 struct file *ret; 407 408 lockdep_assert_held(&f->fi_lock); 409 410 ret = __nfs4_get_fd(f, O_RDONLY); 411 if (!ret) 412 ret = __nfs4_get_fd(f, O_RDWR); 413 return ret; 414 } 415 416 static struct file * 417 find_readable_file(struct nfs4_file *f) 418 { 419 struct file *ret; 420 421 spin_lock(&f->fi_lock); 422 ret = find_readable_file_locked(f); 423 spin_unlock(&f->fi_lock); 424 425 return ret; 426 } 427 428 struct file * 429 find_any_file(struct nfs4_file *f) 430 { 431 struct file *ret; 432 433 spin_lock(&f->fi_lock); 434 ret = __nfs4_get_fd(f, O_RDWR); 435 if (!ret) { 436 ret = __nfs4_get_fd(f, O_WRONLY); 437 if (!ret) 438 ret = __nfs4_get_fd(f, O_RDONLY); 439 } 440 spin_unlock(&f->fi_lock); 441 return ret; 442 } 443 444 static atomic_long_t num_delegations; 445 unsigned long max_delegations; 446 447 /* 448 * Open owner state (share locks) 449 */ 450 451 /* hash tables for lock and open owners */ 452 #define OWNER_HASH_BITS 8 453 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 454 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 455 456 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 457 { 458 unsigned int ret; 459 460 ret = opaque_hashval(ownername->data, ownername->len); 461 return ret & OWNER_HASH_MASK; 462 } 463 464 /* hash table for nfs4_file */ 465 #define FILE_HASH_BITS 8 466 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 467 468 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 469 { 470 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 471 } 472 473 static unsigned int file_hashval(struct knfsd_fh *fh) 474 { 475 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 476 } 477 478 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 479 480 static void 481 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 482 { 483 lockdep_assert_held(&fp->fi_lock); 484 485 if (access & NFS4_SHARE_ACCESS_WRITE) 486 atomic_inc(&fp->fi_access[O_WRONLY]); 487 if (access & NFS4_SHARE_ACCESS_READ) 488 atomic_inc(&fp->fi_access[O_RDONLY]); 489 } 490 491 static __be32 492 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 493 { 494 lockdep_assert_held(&fp->fi_lock); 495 496 /* Does this access mode make sense? */ 497 if (access & ~NFS4_SHARE_ACCESS_BOTH) 498 return nfserr_inval; 499 500 /* Does it conflict with a deny mode already set? */ 501 if ((access & fp->fi_share_deny) != 0) 502 return nfserr_share_denied; 503 504 __nfs4_file_get_access(fp, access); 505 return nfs_ok; 506 } 507 508 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 509 { 510 /* Common case is that there is no deny mode. */ 511 if (deny) { 512 /* Does this deny mode make sense? */ 513 if (deny & ~NFS4_SHARE_DENY_BOTH) 514 return nfserr_inval; 515 516 if ((deny & NFS4_SHARE_DENY_READ) && 517 atomic_read(&fp->fi_access[O_RDONLY])) 518 return nfserr_share_denied; 519 520 if ((deny & NFS4_SHARE_DENY_WRITE) && 521 atomic_read(&fp->fi_access[O_WRONLY])) 522 return nfserr_share_denied; 523 } 524 return nfs_ok; 525 } 526 527 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 528 { 529 might_lock(&fp->fi_lock); 530 531 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 532 struct file *f1 = NULL; 533 struct file *f2 = NULL; 534 535 swap(f1, fp->fi_fds[oflag]); 536 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 537 swap(f2, fp->fi_fds[O_RDWR]); 538 spin_unlock(&fp->fi_lock); 539 if (f1) 540 fput(f1); 541 if (f2) 542 fput(f2); 543 } 544 } 545 546 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 547 { 548 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 549 550 if (access & NFS4_SHARE_ACCESS_WRITE) 551 __nfs4_file_put_access(fp, O_WRONLY); 552 if (access & NFS4_SHARE_ACCESS_READ) 553 __nfs4_file_put_access(fp, O_RDONLY); 554 } 555 556 /* 557 * Allocate a new open/delegation state counter. This is needed for 558 * pNFS for proper return on close semantics. 559 * 560 * Note that we only allocate it for pNFS-enabled exports, otherwise 561 * all pointers to struct nfs4_clnt_odstate are always NULL. 562 */ 563 static struct nfs4_clnt_odstate * 564 alloc_clnt_odstate(struct nfs4_client *clp) 565 { 566 struct nfs4_clnt_odstate *co; 567 568 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 569 if (co) { 570 co->co_client = clp; 571 refcount_set(&co->co_odcount, 1); 572 } 573 return co; 574 } 575 576 static void 577 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 578 { 579 struct nfs4_file *fp = co->co_file; 580 581 lockdep_assert_held(&fp->fi_lock); 582 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 583 } 584 585 static inline void 586 get_clnt_odstate(struct nfs4_clnt_odstate *co) 587 { 588 if (co) 589 refcount_inc(&co->co_odcount); 590 } 591 592 static void 593 put_clnt_odstate(struct nfs4_clnt_odstate *co) 594 { 595 struct nfs4_file *fp; 596 597 if (!co) 598 return; 599 600 fp = co->co_file; 601 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 602 list_del(&co->co_perfile); 603 spin_unlock(&fp->fi_lock); 604 605 nfsd4_return_all_file_layouts(co->co_client, fp); 606 kmem_cache_free(odstate_slab, co); 607 } 608 } 609 610 static struct nfs4_clnt_odstate * 611 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 612 { 613 struct nfs4_clnt_odstate *co; 614 struct nfs4_client *cl; 615 616 if (!new) 617 return NULL; 618 619 cl = new->co_client; 620 621 spin_lock(&fp->fi_lock); 622 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 623 if (co->co_client == cl) { 624 get_clnt_odstate(co); 625 goto out; 626 } 627 } 628 co = new; 629 co->co_file = fp; 630 hash_clnt_odstate_locked(new); 631 out: 632 spin_unlock(&fp->fi_lock); 633 return co; 634 } 635 636 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 637 void (*sc_free)(struct nfs4_stid *)) 638 { 639 struct nfs4_stid *stid; 640 int new_id; 641 642 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 643 if (!stid) 644 return NULL; 645 646 idr_preload(GFP_KERNEL); 647 spin_lock(&cl->cl_lock); 648 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT); 649 spin_unlock(&cl->cl_lock); 650 idr_preload_end(); 651 if (new_id < 0) 652 goto out_free; 653 654 stid->sc_free = sc_free; 655 stid->sc_client = cl; 656 stid->sc_stateid.si_opaque.so_id = new_id; 657 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 658 /* Will be incremented before return to client: */ 659 refcount_set(&stid->sc_count, 1); 660 spin_lock_init(&stid->sc_lock); 661 662 /* 663 * It shouldn't be a problem to reuse an opaque stateid value. 664 * I don't think it is for 4.1. But with 4.0 I worry that, for 665 * example, a stray write retransmission could be accepted by 666 * the server when it should have been rejected. Therefore, 667 * adopt a trick from the sctp code to attempt to maximize the 668 * amount of time until an id is reused, by ensuring they always 669 * "increase" (mod INT_MAX): 670 */ 671 return stid; 672 out_free: 673 kmem_cache_free(slab, stid); 674 return NULL; 675 } 676 677 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 678 { 679 struct nfs4_stid *stid; 680 681 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 682 if (!stid) 683 return NULL; 684 685 return openlockstateid(stid); 686 } 687 688 static void nfs4_free_deleg(struct nfs4_stid *stid) 689 { 690 kmem_cache_free(deleg_slab, stid); 691 atomic_long_dec(&num_delegations); 692 } 693 694 /* 695 * When we recall a delegation, we should be careful not to hand it 696 * out again straight away. 697 * To ensure this we keep a pair of bloom filters ('new' and 'old') 698 * in which the filehandles of recalled delegations are "stored". 699 * If a filehandle appear in either filter, a delegation is blocked. 700 * When a delegation is recalled, the filehandle is stored in the "new" 701 * filter. 702 * Every 30 seconds we swap the filters and clear the "new" one, 703 * unless both are empty of course. 704 * 705 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 706 * low 3 bytes as hash-table indices. 707 * 708 * 'blocked_delegations_lock', which is always taken in block_delegations(), 709 * is used to manage concurrent access. Testing does not need the lock 710 * except when swapping the two filters. 711 */ 712 static DEFINE_SPINLOCK(blocked_delegations_lock); 713 static struct bloom_pair { 714 int entries, old_entries; 715 time_t swap_time; 716 int new; /* index into 'set' */ 717 DECLARE_BITMAP(set[2], 256); 718 } blocked_delegations; 719 720 static int delegation_blocked(struct knfsd_fh *fh) 721 { 722 u32 hash; 723 struct bloom_pair *bd = &blocked_delegations; 724 725 if (bd->entries == 0) 726 return 0; 727 if (seconds_since_boot() - bd->swap_time > 30) { 728 spin_lock(&blocked_delegations_lock); 729 if (seconds_since_boot() - bd->swap_time > 30) { 730 bd->entries -= bd->old_entries; 731 bd->old_entries = bd->entries; 732 memset(bd->set[bd->new], 0, 733 sizeof(bd->set[0])); 734 bd->new = 1-bd->new; 735 bd->swap_time = seconds_since_boot(); 736 } 737 spin_unlock(&blocked_delegations_lock); 738 } 739 hash = jhash(&fh->fh_base, fh->fh_size, 0); 740 if (test_bit(hash&255, bd->set[0]) && 741 test_bit((hash>>8)&255, bd->set[0]) && 742 test_bit((hash>>16)&255, bd->set[0])) 743 return 1; 744 745 if (test_bit(hash&255, bd->set[1]) && 746 test_bit((hash>>8)&255, bd->set[1]) && 747 test_bit((hash>>16)&255, bd->set[1])) 748 return 1; 749 750 return 0; 751 } 752 753 static void block_delegations(struct knfsd_fh *fh) 754 { 755 u32 hash; 756 struct bloom_pair *bd = &blocked_delegations; 757 758 hash = jhash(&fh->fh_base, fh->fh_size, 0); 759 760 spin_lock(&blocked_delegations_lock); 761 __set_bit(hash&255, bd->set[bd->new]); 762 __set_bit((hash>>8)&255, bd->set[bd->new]); 763 __set_bit((hash>>16)&255, bd->set[bd->new]); 764 if (bd->entries == 0) 765 bd->swap_time = seconds_since_boot(); 766 bd->entries += 1; 767 spin_unlock(&blocked_delegations_lock); 768 } 769 770 static struct nfs4_delegation * 771 alloc_init_deleg(struct nfs4_client *clp, struct svc_fh *current_fh, 772 struct nfs4_clnt_odstate *odstate) 773 { 774 struct nfs4_delegation *dp; 775 long n; 776 777 dprintk("NFSD alloc_init_deleg\n"); 778 n = atomic_long_inc_return(&num_delegations); 779 if (n < 0 || n > max_delegations) 780 goto out_dec; 781 if (delegation_blocked(¤t_fh->fh_handle)) 782 goto out_dec; 783 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 784 if (dp == NULL) 785 goto out_dec; 786 787 /* 788 * delegation seqid's are never incremented. The 4.1 special 789 * meaning of seqid 0 isn't meaningful, really, but let's avoid 790 * 0 anyway just for consistency and use 1: 791 */ 792 dp->dl_stid.sc_stateid.si_generation = 1; 793 INIT_LIST_HEAD(&dp->dl_perfile); 794 INIT_LIST_HEAD(&dp->dl_perclnt); 795 INIT_LIST_HEAD(&dp->dl_recall_lru); 796 dp->dl_clnt_odstate = odstate; 797 get_clnt_odstate(odstate); 798 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 799 dp->dl_retries = 1; 800 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 801 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 802 return dp; 803 out_dec: 804 atomic_long_dec(&num_delegations); 805 return NULL; 806 } 807 808 void 809 nfs4_put_stid(struct nfs4_stid *s) 810 { 811 struct nfs4_file *fp = s->sc_file; 812 struct nfs4_client *clp = s->sc_client; 813 814 might_lock(&clp->cl_lock); 815 816 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 817 wake_up_all(&close_wq); 818 return; 819 } 820 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 821 spin_unlock(&clp->cl_lock); 822 s->sc_free(s); 823 if (fp) 824 put_nfs4_file(fp); 825 } 826 827 void 828 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 829 { 830 stateid_t *src = &stid->sc_stateid; 831 832 spin_lock(&stid->sc_lock); 833 if (unlikely(++src->si_generation == 0)) 834 src->si_generation = 1; 835 memcpy(dst, src, sizeof(*dst)); 836 spin_unlock(&stid->sc_lock); 837 } 838 839 static void nfs4_put_deleg_lease(struct nfs4_file *fp) 840 { 841 struct file *filp = NULL; 842 843 spin_lock(&fp->fi_lock); 844 if (fp->fi_deleg_file && --fp->fi_delegees == 0) 845 swap(filp, fp->fi_deleg_file); 846 spin_unlock(&fp->fi_lock); 847 848 if (filp) { 849 vfs_setlease(filp, F_UNLCK, NULL, (void **)&fp); 850 fput(filp); 851 } 852 } 853 854 void nfs4_unhash_stid(struct nfs4_stid *s) 855 { 856 s->sc_type = 0; 857 } 858 859 /** 860 * nfs4_get_existing_delegation - Discover if this delegation already exists 861 * @clp: a pointer to the nfs4_client we're granting a delegation to 862 * @fp: a pointer to the nfs4_file we're granting a delegation on 863 * 864 * Return: 865 * On success: NULL if an existing delegation was not found. 866 * 867 * On error: -EAGAIN if one was previously granted to this nfs4_client 868 * for this nfs4_file. 869 * 870 */ 871 872 static int 873 nfs4_get_existing_delegation(struct nfs4_client *clp, struct nfs4_file *fp) 874 { 875 struct nfs4_delegation *searchdp = NULL; 876 struct nfs4_client *searchclp = NULL; 877 878 lockdep_assert_held(&state_lock); 879 lockdep_assert_held(&fp->fi_lock); 880 881 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 882 searchclp = searchdp->dl_stid.sc_client; 883 if (clp == searchclp) { 884 return -EAGAIN; 885 } 886 } 887 return 0; 888 } 889 890 /** 891 * hash_delegation_locked - Add a delegation to the appropriate lists 892 * @dp: a pointer to the nfs4_delegation we are adding. 893 * @fp: a pointer to the nfs4_file we're granting a delegation on 894 * 895 * Return: 896 * On success: NULL if the delegation was successfully hashed. 897 * 898 * On error: -EAGAIN if one was previously granted to this 899 * nfs4_client for this nfs4_file. Delegation is not hashed. 900 * 901 */ 902 903 static int 904 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 905 { 906 int status; 907 struct nfs4_client *clp = dp->dl_stid.sc_client; 908 909 lockdep_assert_held(&state_lock); 910 lockdep_assert_held(&fp->fi_lock); 911 912 status = nfs4_get_existing_delegation(clp, fp); 913 if (status) 914 return status; 915 ++fp->fi_delegees; 916 refcount_inc(&dp->dl_stid.sc_count); 917 dp->dl_stid.sc_type = NFS4_DELEG_STID; 918 list_add(&dp->dl_perfile, &fp->fi_delegations); 919 list_add(&dp->dl_perclnt, &clp->cl_delegations); 920 return 0; 921 } 922 923 static bool 924 unhash_delegation_locked(struct nfs4_delegation *dp) 925 { 926 struct nfs4_file *fp = dp->dl_stid.sc_file; 927 928 lockdep_assert_held(&state_lock); 929 930 if (list_empty(&dp->dl_perfile)) 931 return false; 932 933 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 934 /* Ensure that deleg break won't try to requeue it */ 935 ++dp->dl_time; 936 spin_lock(&fp->fi_lock); 937 list_del_init(&dp->dl_perclnt); 938 list_del_init(&dp->dl_recall_lru); 939 list_del_init(&dp->dl_perfile); 940 spin_unlock(&fp->fi_lock); 941 return true; 942 } 943 944 static void destroy_delegation(struct nfs4_delegation *dp) 945 { 946 bool unhashed; 947 948 spin_lock(&state_lock); 949 unhashed = unhash_delegation_locked(dp); 950 spin_unlock(&state_lock); 951 if (unhashed) { 952 put_clnt_odstate(dp->dl_clnt_odstate); 953 nfs4_put_deleg_lease(dp->dl_stid.sc_file); 954 nfs4_put_stid(&dp->dl_stid); 955 } 956 } 957 958 static void revoke_delegation(struct nfs4_delegation *dp) 959 { 960 struct nfs4_client *clp = dp->dl_stid.sc_client; 961 962 WARN_ON(!list_empty(&dp->dl_recall_lru)); 963 964 put_clnt_odstate(dp->dl_clnt_odstate); 965 nfs4_put_deleg_lease(dp->dl_stid.sc_file); 966 967 if (clp->cl_minorversion == 0) 968 nfs4_put_stid(&dp->dl_stid); 969 else { 970 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 971 spin_lock(&clp->cl_lock); 972 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 973 spin_unlock(&clp->cl_lock); 974 } 975 } 976 977 /* 978 * SETCLIENTID state 979 */ 980 981 static unsigned int clientid_hashval(u32 id) 982 { 983 return id & CLIENT_HASH_MASK; 984 } 985 986 static unsigned int clientstr_hashval(const char *name) 987 { 988 return opaque_hashval(name, 8) & CLIENT_HASH_MASK; 989 } 990 991 /* 992 * We store the NONE, READ, WRITE, and BOTH bits separately in the 993 * st_{access,deny}_bmap field of the stateid, in order to track not 994 * only what share bits are currently in force, but also what 995 * combinations of share bits previous opens have used. This allows us 996 * to enforce the recommendation of rfc 3530 14.2.19 that the server 997 * return an error if the client attempt to downgrade to a combination 998 * of share bits not explicable by closing some of its previous opens. 999 * 1000 * XXX: This enforcement is actually incomplete, since we don't keep 1001 * track of access/deny bit combinations; so, e.g., we allow: 1002 * 1003 * OPEN allow read, deny write 1004 * OPEN allow both, deny none 1005 * DOWNGRADE allow read, deny none 1006 * 1007 * which we should reject. 1008 */ 1009 static unsigned int 1010 bmap_to_share_mode(unsigned long bmap) { 1011 int i; 1012 unsigned int access = 0; 1013 1014 for (i = 1; i < 4; i++) { 1015 if (test_bit(i, &bmap)) 1016 access |= i; 1017 } 1018 return access; 1019 } 1020 1021 /* set share access for a given stateid */ 1022 static inline void 1023 set_access(u32 access, struct nfs4_ol_stateid *stp) 1024 { 1025 unsigned char mask = 1 << access; 1026 1027 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1028 stp->st_access_bmap |= mask; 1029 } 1030 1031 /* clear share access for a given stateid */ 1032 static inline void 1033 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1034 { 1035 unsigned char mask = 1 << access; 1036 1037 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1038 stp->st_access_bmap &= ~mask; 1039 } 1040 1041 /* test whether a given stateid has access */ 1042 static inline bool 1043 test_access(u32 access, struct nfs4_ol_stateid *stp) 1044 { 1045 unsigned char mask = 1 << access; 1046 1047 return (bool)(stp->st_access_bmap & mask); 1048 } 1049 1050 /* set share deny for a given stateid */ 1051 static inline void 1052 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1053 { 1054 unsigned char mask = 1 << deny; 1055 1056 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1057 stp->st_deny_bmap |= mask; 1058 } 1059 1060 /* clear share deny for a given stateid */ 1061 static inline void 1062 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1063 { 1064 unsigned char mask = 1 << deny; 1065 1066 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1067 stp->st_deny_bmap &= ~mask; 1068 } 1069 1070 /* test whether a given stateid is denying specific access */ 1071 static inline bool 1072 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1073 { 1074 unsigned char mask = 1 << deny; 1075 1076 return (bool)(stp->st_deny_bmap & mask); 1077 } 1078 1079 static int nfs4_access_to_omode(u32 access) 1080 { 1081 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1082 case NFS4_SHARE_ACCESS_READ: 1083 return O_RDONLY; 1084 case NFS4_SHARE_ACCESS_WRITE: 1085 return O_WRONLY; 1086 case NFS4_SHARE_ACCESS_BOTH: 1087 return O_RDWR; 1088 } 1089 WARN_ON_ONCE(1); 1090 return O_RDONLY; 1091 } 1092 1093 /* 1094 * A stateid that had a deny mode associated with it is being released 1095 * or downgraded. Recalculate the deny mode on the file. 1096 */ 1097 static void 1098 recalculate_deny_mode(struct nfs4_file *fp) 1099 { 1100 struct nfs4_ol_stateid *stp; 1101 1102 spin_lock(&fp->fi_lock); 1103 fp->fi_share_deny = 0; 1104 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1105 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1106 spin_unlock(&fp->fi_lock); 1107 } 1108 1109 static void 1110 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1111 { 1112 int i; 1113 bool change = false; 1114 1115 for (i = 1; i < 4; i++) { 1116 if ((i & deny) != i) { 1117 change = true; 1118 clear_deny(i, stp); 1119 } 1120 } 1121 1122 /* Recalculate per-file deny mode if there was a change */ 1123 if (change) 1124 recalculate_deny_mode(stp->st_stid.sc_file); 1125 } 1126 1127 /* release all access and file references for a given stateid */ 1128 static void 1129 release_all_access(struct nfs4_ol_stateid *stp) 1130 { 1131 int i; 1132 struct nfs4_file *fp = stp->st_stid.sc_file; 1133 1134 if (fp && stp->st_deny_bmap != 0) 1135 recalculate_deny_mode(fp); 1136 1137 for (i = 1; i < 4; i++) { 1138 if (test_access(i, stp)) 1139 nfs4_file_put_access(stp->st_stid.sc_file, i); 1140 clear_access(i, stp); 1141 } 1142 } 1143 1144 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1145 { 1146 kfree(sop->so_owner.data); 1147 sop->so_ops->so_free(sop); 1148 } 1149 1150 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1151 { 1152 struct nfs4_client *clp = sop->so_client; 1153 1154 might_lock(&clp->cl_lock); 1155 1156 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1157 return; 1158 sop->so_ops->so_unhash(sop); 1159 spin_unlock(&clp->cl_lock); 1160 nfs4_free_stateowner(sop); 1161 } 1162 1163 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1164 { 1165 struct nfs4_file *fp = stp->st_stid.sc_file; 1166 1167 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1168 1169 if (list_empty(&stp->st_perfile)) 1170 return false; 1171 1172 spin_lock(&fp->fi_lock); 1173 list_del_init(&stp->st_perfile); 1174 spin_unlock(&fp->fi_lock); 1175 list_del(&stp->st_perstateowner); 1176 return true; 1177 } 1178 1179 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1180 { 1181 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1182 1183 put_clnt_odstate(stp->st_clnt_odstate); 1184 release_all_access(stp); 1185 if (stp->st_stateowner) 1186 nfs4_put_stateowner(stp->st_stateowner); 1187 kmem_cache_free(stateid_slab, stid); 1188 } 1189 1190 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1191 { 1192 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1193 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1194 struct file *file; 1195 1196 file = find_any_file(stp->st_stid.sc_file); 1197 if (file) 1198 filp_close(file, (fl_owner_t)lo); 1199 nfs4_free_ol_stateid(stid); 1200 } 1201 1202 /* 1203 * Put the persistent reference to an already unhashed generic stateid, while 1204 * holding the cl_lock. If it's the last reference, then put it onto the 1205 * reaplist for later destruction. 1206 */ 1207 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1208 struct list_head *reaplist) 1209 { 1210 struct nfs4_stid *s = &stp->st_stid; 1211 struct nfs4_client *clp = s->sc_client; 1212 1213 lockdep_assert_held(&clp->cl_lock); 1214 1215 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1216 1217 if (!refcount_dec_and_test(&s->sc_count)) { 1218 wake_up_all(&close_wq); 1219 return; 1220 } 1221 1222 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1223 list_add(&stp->st_locks, reaplist); 1224 } 1225 1226 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1227 { 1228 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1229 1230 list_del_init(&stp->st_locks); 1231 nfs4_unhash_stid(&stp->st_stid); 1232 return unhash_ol_stateid(stp); 1233 } 1234 1235 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1236 { 1237 struct nfs4_client *clp = stp->st_stid.sc_client; 1238 bool unhashed; 1239 1240 spin_lock(&clp->cl_lock); 1241 unhashed = unhash_lock_stateid(stp); 1242 spin_unlock(&clp->cl_lock); 1243 if (unhashed) 1244 nfs4_put_stid(&stp->st_stid); 1245 } 1246 1247 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1248 { 1249 struct nfs4_client *clp = lo->lo_owner.so_client; 1250 1251 lockdep_assert_held(&clp->cl_lock); 1252 1253 list_del_init(&lo->lo_owner.so_strhash); 1254 } 1255 1256 /* 1257 * Free a list of generic stateids that were collected earlier after being 1258 * fully unhashed. 1259 */ 1260 static void 1261 free_ol_stateid_reaplist(struct list_head *reaplist) 1262 { 1263 struct nfs4_ol_stateid *stp; 1264 struct nfs4_file *fp; 1265 1266 might_sleep(); 1267 1268 while (!list_empty(reaplist)) { 1269 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1270 st_locks); 1271 list_del(&stp->st_locks); 1272 fp = stp->st_stid.sc_file; 1273 stp->st_stid.sc_free(&stp->st_stid); 1274 if (fp) 1275 put_nfs4_file(fp); 1276 } 1277 } 1278 1279 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1280 struct list_head *reaplist) 1281 { 1282 struct nfs4_ol_stateid *stp; 1283 1284 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1285 1286 while (!list_empty(&open_stp->st_locks)) { 1287 stp = list_entry(open_stp->st_locks.next, 1288 struct nfs4_ol_stateid, st_locks); 1289 WARN_ON(!unhash_lock_stateid(stp)); 1290 put_ol_stateid_locked(stp, reaplist); 1291 } 1292 } 1293 1294 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1295 struct list_head *reaplist) 1296 { 1297 bool unhashed; 1298 1299 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1300 1301 unhashed = unhash_ol_stateid(stp); 1302 release_open_stateid_locks(stp, reaplist); 1303 return unhashed; 1304 } 1305 1306 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1307 { 1308 LIST_HEAD(reaplist); 1309 1310 spin_lock(&stp->st_stid.sc_client->cl_lock); 1311 if (unhash_open_stateid(stp, &reaplist)) 1312 put_ol_stateid_locked(stp, &reaplist); 1313 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1314 free_ol_stateid_reaplist(&reaplist); 1315 } 1316 1317 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1318 { 1319 struct nfs4_client *clp = oo->oo_owner.so_client; 1320 1321 lockdep_assert_held(&clp->cl_lock); 1322 1323 list_del_init(&oo->oo_owner.so_strhash); 1324 list_del_init(&oo->oo_perclient); 1325 } 1326 1327 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1328 { 1329 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1330 nfsd_net_id); 1331 struct nfs4_ol_stateid *s; 1332 1333 spin_lock(&nn->client_lock); 1334 s = oo->oo_last_closed_stid; 1335 if (s) { 1336 list_del_init(&oo->oo_close_lru); 1337 oo->oo_last_closed_stid = NULL; 1338 } 1339 spin_unlock(&nn->client_lock); 1340 if (s) 1341 nfs4_put_stid(&s->st_stid); 1342 } 1343 1344 static void release_openowner(struct nfs4_openowner *oo) 1345 { 1346 struct nfs4_ol_stateid *stp; 1347 struct nfs4_client *clp = oo->oo_owner.so_client; 1348 struct list_head reaplist; 1349 1350 INIT_LIST_HEAD(&reaplist); 1351 1352 spin_lock(&clp->cl_lock); 1353 unhash_openowner_locked(oo); 1354 while (!list_empty(&oo->oo_owner.so_stateids)) { 1355 stp = list_first_entry(&oo->oo_owner.so_stateids, 1356 struct nfs4_ol_stateid, st_perstateowner); 1357 if (unhash_open_stateid(stp, &reaplist)) 1358 put_ol_stateid_locked(stp, &reaplist); 1359 } 1360 spin_unlock(&clp->cl_lock); 1361 free_ol_stateid_reaplist(&reaplist); 1362 release_last_closed_stateid(oo); 1363 nfs4_put_stateowner(&oo->oo_owner); 1364 } 1365 1366 static inline int 1367 hash_sessionid(struct nfs4_sessionid *sessionid) 1368 { 1369 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1370 1371 return sid->sequence % SESSION_HASH_SIZE; 1372 } 1373 1374 #ifdef CONFIG_SUNRPC_DEBUG 1375 static inline void 1376 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1377 { 1378 u32 *ptr = (u32 *)(&sessionid->data[0]); 1379 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1380 } 1381 #else 1382 static inline void 1383 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1384 { 1385 } 1386 #endif 1387 1388 /* 1389 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1390 * won't be used for replay. 1391 */ 1392 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1393 { 1394 struct nfs4_stateowner *so = cstate->replay_owner; 1395 1396 if (nfserr == nfserr_replay_me) 1397 return; 1398 1399 if (!seqid_mutating_err(ntohl(nfserr))) { 1400 nfsd4_cstate_clear_replay(cstate); 1401 return; 1402 } 1403 if (!so) 1404 return; 1405 if (so->so_is_open_owner) 1406 release_last_closed_stateid(openowner(so)); 1407 so->so_seqid++; 1408 return; 1409 } 1410 1411 static void 1412 gen_sessionid(struct nfsd4_session *ses) 1413 { 1414 struct nfs4_client *clp = ses->se_client; 1415 struct nfsd4_sessionid *sid; 1416 1417 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1418 sid->clientid = clp->cl_clientid; 1419 sid->sequence = current_sessionid++; 1420 sid->reserved = 0; 1421 } 1422 1423 /* 1424 * The protocol defines ca_maxresponssize_cached to include the size of 1425 * the rpc header, but all we need to cache is the data starting after 1426 * the end of the initial SEQUENCE operation--the rest we regenerate 1427 * each time. Therefore we can advertise a ca_maxresponssize_cached 1428 * value that is the number of bytes in our cache plus a few additional 1429 * bytes. In order to stay on the safe side, and not promise more than 1430 * we can cache, those additional bytes must be the minimum possible: 24 1431 * bytes of rpc header (xid through accept state, with AUTH_NULL 1432 * verifier), 12 for the compound header (with zero-length tag), and 44 1433 * for the SEQUENCE op response: 1434 */ 1435 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1436 1437 static void 1438 free_session_slots(struct nfsd4_session *ses) 1439 { 1440 int i; 1441 1442 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1443 free_svc_cred(&ses->se_slots[i]->sl_cred); 1444 kfree(ses->se_slots[i]); 1445 } 1446 } 1447 1448 /* 1449 * We don't actually need to cache the rpc and session headers, so we 1450 * can allocate a little less for each slot: 1451 */ 1452 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1453 { 1454 u32 size; 1455 1456 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1457 size = 0; 1458 else 1459 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1460 return size + sizeof(struct nfsd4_slot); 1461 } 1462 1463 /* 1464 * XXX: If we run out of reserved DRC memory we could (up to a point) 1465 * re-negotiate active sessions and reduce their slot usage to make 1466 * room for new connections. For now we just fail the create session. 1467 */ 1468 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca) 1469 { 1470 u32 slotsize = slot_bytes(ca); 1471 u32 num = ca->maxreqs; 1472 int avail; 1473 1474 spin_lock(&nfsd_drc_lock); 1475 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, 1476 nfsd_drc_max_mem - nfsd_drc_mem_used); 1477 /* 1478 * Never use more than a third of the remaining memory, 1479 * unless it's the only way to give this client a slot: 1480 */ 1481 avail = clamp_t(int, avail, slotsize, avail/3); 1482 num = min_t(int, num, avail / slotsize); 1483 nfsd_drc_mem_used += num * slotsize; 1484 spin_unlock(&nfsd_drc_lock); 1485 1486 return num; 1487 } 1488 1489 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1490 { 1491 int slotsize = slot_bytes(ca); 1492 1493 spin_lock(&nfsd_drc_lock); 1494 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1495 spin_unlock(&nfsd_drc_lock); 1496 } 1497 1498 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1499 struct nfsd4_channel_attrs *battrs) 1500 { 1501 int numslots = fattrs->maxreqs; 1502 int slotsize = slot_bytes(fattrs); 1503 struct nfsd4_session *new; 1504 int mem, i; 1505 1506 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1507 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1508 mem = numslots * sizeof(struct nfsd4_slot *); 1509 1510 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1511 if (!new) 1512 return NULL; 1513 /* allocate each struct nfsd4_slot and data cache in one piece */ 1514 for (i = 0; i < numslots; i++) { 1515 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1516 if (!new->se_slots[i]) 1517 goto out_free; 1518 } 1519 1520 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1521 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1522 1523 return new; 1524 out_free: 1525 while (i--) 1526 kfree(new->se_slots[i]); 1527 kfree(new); 1528 return NULL; 1529 } 1530 1531 static void free_conn(struct nfsd4_conn *c) 1532 { 1533 svc_xprt_put(c->cn_xprt); 1534 kfree(c); 1535 } 1536 1537 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1538 { 1539 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1540 struct nfs4_client *clp = c->cn_session->se_client; 1541 1542 spin_lock(&clp->cl_lock); 1543 if (!list_empty(&c->cn_persession)) { 1544 list_del(&c->cn_persession); 1545 free_conn(c); 1546 } 1547 nfsd4_probe_callback(clp); 1548 spin_unlock(&clp->cl_lock); 1549 } 1550 1551 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1552 { 1553 struct nfsd4_conn *conn; 1554 1555 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1556 if (!conn) 1557 return NULL; 1558 svc_xprt_get(rqstp->rq_xprt); 1559 conn->cn_xprt = rqstp->rq_xprt; 1560 conn->cn_flags = flags; 1561 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1562 return conn; 1563 } 1564 1565 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1566 { 1567 conn->cn_session = ses; 1568 list_add(&conn->cn_persession, &ses->se_conns); 1569 } 1570 1571 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1572 { 1573 struct nfs4_client *clp = ses->se_client; 1574 1575 spin_lock(&clp->cl_lock); 1576 __nfsd4_hash_conn(conn, ses); 1577 spin_unlock(&clp->cl_lock); 1578 } 1579 1580 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1581 { 1582 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1583 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1584 } 1585 1586 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1587 { 1588 int ret; 1589 1590 nfsd4_hash_conn(conn, ses); 1591 ret = nfsd4_register_conn(conn); 1592 if (ret) 1593 /* oops; xprt is already down: */ 1594 nfsd4_conn_lost(&conn->cn_xpt_user); 1595 /* We may have gained or lost a callback channel: */ 1596 nfsd4_probe_callback_sync(ses->se_client); 1597 } 1598 1599 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1600 { 1601 u32 dir = NFS4_CDFC4_FORE; 1602 1603 if (cses->flags & SESSION4_BACK_CHAN) 1604 dir |= NFS4_CDFC4_BACK; 1605 return alloc_conn(rqstp, dir); 1606 } 1607 1608 /* must be called under client_lock */ 1609 static void nfsd4_del_conns(struct nfsd4_session *s) 1610 { 1611 struct nfs4_client *clp = s->se_client; 1612 struct nfsd4_conn *c; 1613 1614 spin_lock(&clp->cl_lock); 1615 while (!list_empty(&s->se_conns)) { 1616 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1617 list_del_init(&c->cn_persession); 1618 spin_unlock(&clp->cl_lock); 1619 1620 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1621 free_conn(c); 1622 1623 spin_lock(&clp->cl_lock); 1624 } 1625 spin_unlock(&clp->cl_lock); 1626 } 1627 1628 static void __free_session(struct nfsd4_session *ses) 1629 { 1630 free_session_slots(ses); 1631 kfree(ses); 1632 } 1633 1634 static void free_session(struct nfsd4_session *ses) 1635 { 1636 nfsd4_del_conns(ses); 1637 nfsd4_put_drc_mem(&ses->se_fchannel); 1638 __free_session(ses); 1639 } 1640 1641 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1642 { 1643 int idx; 1644 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1645 1646 new->se_client = clp; 1647 gen_sessionid(new); 1648 1649 INIT_LIST_HEAD(&new->se_conns); 1650 1651 new->se_cb_seq_nr = 1; 1652 new->se_flags = cses->flags; 1653 new->se_cb_prog = cses->callback_prog; 1654 new->se_cb_sec = cses->cb_sec; 1655 atomic_set(&new->se_ref, 0); 1656 idx = hash_sessionid(&new->se_sessionid); 1657 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1658 spin_lock(&clp->cl_lock); 1659 list_add(&new->se_perclnt, &clp->cl_sessions); 1660 spin_unlock(&clp->cl_lock); 1661 1662 { 1663 struct sockaddr *sa = svc_addr(rqstp); 1664 /* 1665 * This is a little silly; with sessions there's no real 1666 * use for the callback address. Use the peer address 1667 * as a reasonable default for now, but consider fixing 1668 * the rpc client not to require an address in the 1669 * future: 1670 */ 1671 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1672 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1673 } 1674 } 1675 1676 /* caller must hold client_lock */ 1677 static struct nfsd4_session * 1678 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1679 { 1680 struct nfsd4_session *elem; 1681 int idx; 1682 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1683 1684 lockdep_assert_held(&nn->client_lock); 1685 1686 dump_sessionid(__func__, sessionid); 1687 idx = hash_sessionid(sessionid); 1688 /* Search in the appropriate list */ 1689 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1690 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1691 NFS4_MAX_SESSIONID_LEN)) { 1692 return elem; 1693 } 1694 } 1695 1696 dprintk("%s: session not found\n", __func__); 1697 return NULL; 1698 } 1699 1700 static struct nfsd4_session * 1701 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1702 __be32 *ret) 1703 { 1704 struct nfsd4_session *session; 1705 __be32 status = nfserr_badsession; 1706 1707 session = __find_in_sessionid_hashtbl(sessionid, net); 1708 if (!session) 1709 goto out; 1710 status = nfsd4_get_session_locked(session); 1711 if (status) 1712 session = NULL; 1713 out: 1714 *ret = status; 1715 return session; 1716 } 1717 1718 /* caller must hold client_lock */ 1719 static void 1720 unhash_session(struct nfsd4_session *ses) 1721 { 1722 struct nfs4_client *clp = ses->se_client; 1723 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1724 1725 lockdep_assert_held(&nn->client_lock); 1726 1727 list_del(&ses->se_hash); 1728 spin_lock(&ses->se_client->cl_lock); 1729 list_del(&ses->se_perclnt); 1730 spin_unlock(&ses->se_client->cl_lock); 1731 } 1732 1733 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1734 static int 1735 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1736 { 1737 /* 1738 * We're assuming the clid was not given out from a boot 1739 * precisely 2^32 (about 136 years) before this one. That seems 1740 * a safe assumption: 1741 */ 1742 if (clid->cl_boot == (u32)nn->boot_time) 1743 return 0; 1744 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n", 1745 clid->cl_boot, clid->cl_id, nn->boot_time); 1746 return 1; 1747 } 1748 1749 /* 1750 * XXX Should we use a slab cache ? 1751 * This type of memory management is somewhat inefficient, but we use it 1752 * anyway since SETCLIENTID is not a common operation. 1753 */ 1754 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1755 { 1756 struct nfs4_client *clp; 1757 int i; 1758 1759 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL); 1760 if (clp == NULL) 1761 return NULL; 1762 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1763 if (clp->cl_name.data == NULL) 1764 goto err_no_name; 1765 clp->cl_ownerstr_hashtbl = kmalloc(sizeof(struct list_head) * 1766 OWNER_HASH_SIZE, GFP_KERNEL); 1767 if (!clp->cl_ownerstr_hashtbl) 1768 goto err_no_hashtbl; 1769 for (i = 0; i < OWNER_HASH_SIZE; i++) 1770 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1771 clp->cl_name.len = name.len; 1772 INIT_LIST_HEAD(&clp->cl_sessions); 1773 idr_init(&clp->cl_stateids); 1774 atomic_set(&clp->cl_refcount, 0); 1775 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1776 INIT_LIST_HEAD(&clp->cl_idhash); 1777 INIT_LIST_HEAD(&clp->cl_openowners); 1778 INIT_LIST_HEAD(&clp->cl_delegations); 1779 INIT_LIST_HEAD(&clp->cl_lru); 1780 INIT_LIST_HEAD(&clp->cl_revoked); 1781 #ifdef CONFIG_NFSD_PNFS 1782 INIT_LIST_HEAD(&clp->cl_lo_states); 1783 #endif 1784 spin_lock_init(&clp->cl_lock); 1785 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1786 return clp; 1787 err_no_hashtbl: 1788 kfree(clp->cl_name.data); 1789 err_no_name: 1790 kfree(clp); 1791 return NULL; 1792 } 1793 1794 static void 1795 free_client(struct nfs4_client *clp) 1796 { 1797 while (!list_empty(&clp->cl_sessions)) { 1798 struct nfsd4_session *ses; 1799 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1800 se_perclnt); 1801 list_del(&ses->se_perclnt); 1802 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 1803 free_session(ses); 1804 } 1805 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1806 free_svc_cred(&clp->cl_cred); 1807 kfree(clp->cl_ownerstr_hashtbl); 1808 kfree(clp->cl_name.data); 1809 idr_destroy(&clp->cl_stateids); 1810 kfree(clp); 1811 } 1812 1813 /* must be called under the client_lock */ 1814 static void 1815 unhash_client_locked(struct nfs4_client *clp) 1816 { 1817 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1818 struct nfsd4_session *ses; 1819 1820 lockdep_assert_held(&nn->client_lock); 1821 1822 /* Mark the client as expired! */ 1823 clp->cl_time = 0; 1824 /* Make it invisible */ 1825 if (!list_empty(&clp->cl_idhash)) { 1826 list_del_init(&clp->cl_idhash); 1827 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1828 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1829 else 1830 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1831 } 1832 list_del_init(&clp->cl_lru); 1833 spin_lock(&clp->cl_lock); 1834 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1835 list_del_init(&ses->se_hash); 1836 spin_unlock(&clp->cl_lock); 1837 } 1838 1839 static void 1840 unhash_client(struct nfs4_client *clp) 1841 { 1842 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1843 1844 spin_lock(&nn->client_lock); 1845 unhash_client_locked(clp); 1846 spin_unlock(&nn->client_lock); 1847 } 1848 1849 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 1850 { 1851 if (atomic_read(&clp->cl_refcount)) 1852 return nfserr_jukebox; 1853 unhash_client_locked(clp); 1854 return nfs_ok; 1855 } 1856 1857 static void 1858 __destroy_client(struct nfs4_client *clp) 1859 { 1860 struct nfs4_openowner *oo; 1861 struct nfs4_delegation *dp; 1862 struct list_head reaplist; 1863 1864 INIT_LIST_HEAD(&reaplist); 1865 spin_lock(&state_lock); 1866 while (!list_empty(&clp->cl_delegations)) { 1867 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1868 WARN_ON(!unhash_delegation_locked(dp)); 1869 list_add(&dp->dl_recall_lru, &reaplist); 1870 } 1871 spin_unlock(&state_lock); 1872 while (!list_empty(&reaplist)) { 1873 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1874 list_del_init(&dp->dl_recall_lru); 1875 put_clnt_odstate(dp->dl_clnt_odstate); 1876 nfs4_put_deleg_lease(dp->dl_stid.sc_file); 1877 nfs4_put_stid(&dp->dl_stid); 1878 } 1879 while (!list_empty(&clp->cl_revoked)) { 1880 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 1881 list_del_init(&dp->dl_recall_lru); 1882 nfs4_put_stid(&dp->dl_stid); 1883 } 1884 while (!list_empty(&clp->cl_openowners)) { 1885 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1886 nfs4_get_stateowner(&oo->oo_owner); 1887 release_openowner(oo); 1888 } 1889 nfsd4_return_all_client_layouts(clp); 1890 nfsd4_shutdown_callback(clp); 1891 if (clp->cl_cb_conn.cb_xprt) 1892 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1893 free_client(clp); 1894 } 1895 1896 static void 1897 destroy_client(struct nfs4_client *clp) 1898 { 1899 unhash_client(clp); 1900 __destroy_client(clp); 1901 } 1902 1903 static void expire_client(struct nfs4_client *clp) 1904 { 1905 unhash_client(clp); 1906 nfsd4_client_record_remove(clp); 1907 __destroy_client(clp); 1908 } 1909 1910 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 1911 { 1912 memcpy(target->cl_verifier.data, source->data, 1913 sizeof(target->cl_verifier.data)); 1914 } 1915 1916 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 1917 { 1918 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 1919 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 1920 } 1921 1922 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 1923 { 1924 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 1925 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 1926 GFP_KERNEL); 1927 if ((source->cr_principal && ! target->cr_principal) || 1928 (source->cr_raw_principal && ! target->cr_raw_principal)) 1929 return -ENOMEM; 1930 1931 target->cr_flavor = source->cr_flavor; 1932 target->cr_uid = source->cr_uid; 1933 target->cr_gid = source->cr_gid; 1934 target->cr_group_info = source->cr_group_info; 1935 get_group_info(target->cr_group_info); 1936 target->cr_gss_mech = source->cr_gss_mech; 1937 if (source->cr_gss_mech) 1938 gss_mech_get(source->cr_gss_mech); 1939 return 0; 1940 } 1941 1942 static int 1943 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 1944 { 1945 if (o1->len < o2->len) 1946 return -1; 1947 if (o1->len > o2->len) 1948 return 1; 1949 return memcmp(o1->data, o2->data, o1->len); 1950 } 1951 1952 static int same_name(const char *n1, const char *n2) 1953 { 1954 return 0 == memcmp(n1, n2, HEXDIR_LEN); 1955 } 1956 1957 static int 1958 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 1959 { 1960 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 1961 } 1962 1963 static int 1964 same_clid(clientid_t *cl1, clientid_t *cl2) 1965 { 1966 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 1967 } 1968 1969 static bool groups_equal(struct group_info *g1, struct group_info *g2) 1970 { 1971 int i; 1972 1973 if (g1->ngroups != g2->ngroups) 1974 return false; 1975 for (i=0; i<g1->ngroups; i++) 1976 if (!gid_eq(g1->gid[i], g2->gid[i])) 1977 return false; 1978 return true; 1979 } 1980 1981 /* 1982 * RFC 3530 language requires clid_inuse be returned when the 1983 * "principal" associated with a requests differs from that previously 1984 * used. We use uid, gid's, and gss principal string as our best 1985 * approximation. We also don't want to allow non-gss use of a client 1986 * established using gss: in theory cr_principal should catch that 1987 * change, but in practice cr_principal can be null even in the gss case 1988 * since gssd doesn't always pass down a principal string. 1989 */ 1990 static bool is_gss_cred(struct svc_cred *cr) 1991 { 1992 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 1993 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 1994 } 1995 1996 1997 static bool 1998 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 1999 { 2000 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2001 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2002 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2003 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2004 return false; 2005 if (cr1->cr_principal == cr2->cr_principal) 2006 return true; 2007 if (!cr1->cr_principal || !cr2->cr_principal) 2008 return false; 2009 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2010 } 2011 2012 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2013 { 2014 struct svc_cred *cr = &rqstp->rq_cred; 2015 u32 service; 2016 2017 if (!cr->cr_gss_mech) 2018 return false; 2019 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2020 return service == RPC_GSS_SVC_INTEGRITY || 2021 service == RPC_GSS_SVC_PRIVACY; 2022 } 2023 2024 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2025 { 2026 struct svc_cred *cr = &rqstp->rq_cred; 2027 2028 if (!cl->cl_mach_cred) 2029 return true; 2030 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2031 return false; 2032 if (!svc_rqst_integrity_protected(rqstp)) 2033 return false; 2034 if (cl->cl_cred.cr_raw_principal) 2035 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2036 cr->cr_raw_principal); 2037 if (!cr->cr_principal) 2038 return false; 2039 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2040 } 2041 2042 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2043 { 2044 __be32 verf[2]; 2045 2046 /* 2047 * This is opaque to client, so no need to byte-swap. Use 2048 * __force to keep sparse happy 2049 */ 2050 verf[0] = (__force __be32)get_seconds(); 2051 verf[1] = (__force __be32)nn->clverifier_counter++; 2052 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2053 } 2054 2055 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2056 { 2057 clp->cl_clientid.cl_boot = nn->boot_time; 2058 clp->cl_clientid.cl_id = nn->clientid_counter++; 2059 gen_confirm(clp, nn); 2060 } 2061 2062 static struct nfs4_stid * 2063 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2064 { 2065 struct nfs4_stid *ret; 2066 2067 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2068 if (!ret || !ret->sc_type) 2069 return NULL; 2070 return ret; 2071 } 2072 2073 static struct nfs4_stid * 2074 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2075 { 2076 struct nfs4_stid *s; 2077 2078 spin_lock(&cl->cl_lock); 2079 s = find_stateid_locked(cl, t); 2080 if (s != NULL) { 2081 if (typemask & s->sc_type) 2082 refcount_inc(&s->sc_count); 2083 else 2084 s = NULL; 2085 } 2086 spin_unlock(&cl->cl_lock); 2087 return s; 2088 } 2089 2090 static struct nfs4_client *create_client(struct xdr_netobj name, 2091 struct svc_rqst *rqstp, nfs4_verifier *verf) 2092 { 2093 struct nfs4_client *clp; 2094 struct sockaddr *sa = svc_addr(rqstp); 2095 int ret; 2096 struct net *net = SVC_NET(rqstp); 2097 2098 clp = alloc_client(name); 2099 if (clp == NULL) 2100 return NULL; 2101 2102 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2103 if (ret) { 2104 free_client(clp); 2105 return NULL; 2106 } 2107 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2108 clp->cl_time = get_seconds(); 2109 clear_bit(0, &clp->cl_cb_slot_busy); 2110 copy_verf(clp, verf); 2111 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 2112 clp->cl_cb_session = NULL; 2113 clp->net = net; 2114 return clp; 2115 } 2116 2117 static void 2118 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2119 { 2120 struct rb_node **new = &(root->rb_node), *parent = NULL; 2121 struct nfs4_client *clp; 2122 2123 while (*new) { 2124 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2125 parent = *new; 2126 2127 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2128 new = &((*new)->rb_left); 2129 else 2130 new = &((*new)->rb_right); 2131 } 2132 2133 rb_link_node(&new_clp->cl_namenode, parent, new); 2134 rb_insert_color(&new_clp->cl_namenode, root); 2135 } 2136 2137 static struct nfs4_client * 2138 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2139 { 2140 int cmp; 2141 struct rb_node *node = root->rb_node; 2142 struct nfs4_client *clp; 2143 2144 while (node) { 2145 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2146 cmp = compare_blob(&clp->cl_name, name); 2147 if (cmp > 0) 2148 node = node->rb_left; 2149 else if (cmp < 0) 2150 node = node->rb_right; 2151 else 2152 return clp; 2153 } 2154 return NULL; 2155 } 2156 2157 static void 2158 add_to_unconfirmed(struct nfs4_client *clp) 2159 { 2160 unsigned int idhashval; 2161 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2162 2163 lockdep_assert_held(&nn->client_lock); 2164 2165 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2166 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2167 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2168 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2169 renew_client_locked(clp); 2170 } 2171 2172 static void 2173 move_to_confirmed(struct nfs4_client *clp) 2174 { 2175 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2176 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2177 2178 lockdep_assert_held(&nn->client_lock); 2179 2180 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2181 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2182 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2183 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2184 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2185 renew_client_locked(clp); 2186 } 2187 2188 static struct nfs4_client * 2189 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2190 { 2191 struct nfs4_client *clp; 2192 unsigned int idhashval = clientid_hashval(clid->cl_id); 2193 2194 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2195 if (same_clid(&clp->cl_clientid, clid)) { 2196 if ((bool)clp->cl_minorversion != sessions) 2197 return NULL; 2198 renew_client_locked(clp); 2199 return clp; 2200 } 2201 } 2202 return NULL; 2203 } 2204 2205 static struct nfs4_client * 2206 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2207 { 2208 struct list_head *tbl = nn->conf_id_hashtbl; 2209 2210 lockdep_assert_held(&nn->client_lock); 2211 return find_client_in_id_table(tbl, clid, sessions); 2212 } 2213 2214 static struct nfs4_client * 2215 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2216 { 2217 struct list_head *tbl = nn->unconf_id_hashtbl; 2218 2219 lockdep_assert_held(&nn->client_lock); 2220 return find_client_in_id_table(tbl, clid, sessions); 2221 } 2222 2223 static bool clp_used_exchangeid(struct nfs4_client *clp) 2224 { 2225 return clp->cl_exchange_flags != 0; 2226 } 2227 2228 static struct nfs4_client * 2229 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2230 { 2231 lockdep_assert_held(&nn->client_lock); 2232 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2233 } 2234 2235 static struct nfs4_client * 2236 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2237 { 2238 lockdep_assert_held(&nn->client_lock); 2239 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2240 } 2241 2242 static void 2243 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2244 { 2245 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2246 struct sockaddr *sa = svc_addr(rqstp); 2247 u32 scopeid = rpc_get_scope_id(sa); 2248 unsigned short expected_family; 2249 2250 /* Currently, we only support tcp and tcp6 for the callback channel */ 2251 if (se->se_callback_netid_len == 3 && 2252 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2253 expected_family = AF_INET; 2254 else if (se->se_callback_netid_len == 4 && 2255 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2256 expected_family = AF_INET6; 2257 else 2258 goto out_err; 2259 2260 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2261 se->se_callback_addr_len, 2262 (struct sockaddr *)&conn->cb_addr, 2263 sizeof(conn->cb_addr)); 2264 2265 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2266 goto out_err; 2267 2268 if (conn->cb_addr.ss_family == AF_INET6) 2269 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2270 2271 conn->cb_prog = se->se_callback_prog; 2272 conn->cb_ident = se->se_callback_ident; 2273 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2274 return; 2275 out_err: 2276 conn->cb_addr.ss_family = AF_UNSPEC; 2277 conn->cb_addrlen = 0; 2278 dprintk("NFSD: this client (clientid %08x/%08x) " 2279 "will not receive delegations\n", 2280 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 2281 2282 return; 2283 } 2284 2285 /* 2286 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2287 */ 2288 static void 2289 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2290 { 2291 struct xdr_buf *buf = resp->xdr.buf; 2292 struct nfsd4_slot *slot = resp->cstate.slot; 2293 unsigned int base; 2294 2295 dprintk("--> %s slot %p\n", __func__, slot); 2296 2297 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2298 slot->sl_opcnt = resp->opcnt; 2299 slot->sl_status = resp->cstate.status; 2300 free_svc_cred(&slot->sl_cred); 2301 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2302 2303 if (!nfsd4_cache_this(resp)) { 2304 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2305 return; 2306 } 2307 slot->sl_flags |= NFSD4_SLOT_CACHED; 2308 2309 base = resp->cstate.data_offset; 2310 slot->sl_datalen = buf->len - base; 2311 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2312 WARN(1, "%s: sessions DRC could not cache compound\n", 2313 __func__); 2314 return; 2315 } 2316 2317 /* 2318 * Encode the replay sequence operation from the slot values. 2319 * If cachethis is FALSE encode the uncached rep error on the next 2320 * operation which sets resp->p and increments resp->opcnt for 2321 * nfs4svc_encode_compoundres. 2322 * 2323 */ 2324 static __be32 2325 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2326 struct nfsd4_compoundres *resp) 2327 { 2328 struct nfsd4_op *op; 2329 struct nfsd4_slot *slot = resp->cstate.slot; 2330 2331 /* Encode the replayed sequence operation */ 2332 op = &args->ops[resp->opcnt - 1]; 2333 nfsd4_encode_operation(resp, op); 2334 2335 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2336 return op->status; 2337 if (args->opcnt == 1) { 2338 /* 2339 * The original operation wasn't a solo sequence--we 2340 * always cache those--so this retry must not match the 2341 * original: 2342 */ 2343 op->status = nfserr_seq_false_retry; 2344 } else { 2345 op = &args->ops[resp->opcnt++]; 2346 op->status = nfserr_retry_uncached_rep; 2347 nfsd4_encode_operation(resp, op); 2348 } 2349 return op->status; 2350 } 2351 2352 /* 2353 * The sequence operation is not cached because we can use the slot and 2354 * session values. 2355 */ 2356 static __be32 2357 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2358 struct nfsd4_sequence *seq) 2359 { 2360 struct nfsd4_slot *slot = resp->cstate.slot; 2361 struct xdr_stream *xdr = &resp->xdr; 2362 __be32 *p; 2363 __be32 status; 2364 2365 dprintk("--> %s slot %p\n", __func__, slot); 2366 2367 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2368 if (status) 2369 return status; 2370 2371 p = xdr_reserve_space(xdr, slot->sl_datalen); 2372 if (!p) { 2373 WARN_ON_ONCE(1); 2374 return nfserr_serverfault; 2375 } 2376 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2377 xdr_commit_encode(xdr); 2378 2379 resp->opcnt = slot->sl_opcnt; 2380 return slot->sl_status; 2381 } 2382 2383 /* 2384 * Set the exchange_id flags returned by the server. 2385 */ 2386 static void 2387 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2388 { 2389 #ifdef CONFIG_NFSD_PNFS 2390 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2391 #else 2392 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2393 #endif 2394 2395 /* Referrals are supported, Migration is not. */ 2396 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2397 2398 /* set the wire flags to return to client. */ 2399 clid->flags = new->cl_exchange_flags; 2400 } 2401 2402 static bool client_has_openowners(struct nfs4_client *clp) 2403 { 2404 struct nfs4_openowner *oo; 2405 2406 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 2407 if (!list_empty(&oo->oo_owner.so_stateids)) 2408 return true; 2409 } 2410 return false; 2411 } 2412 2413 static bool client_has_state(struct nfs4_client *clp) 2414 { 2415 return client_has_openowners(clp) 2416 #ifdef CONFIG_NFSD_PNFS 2417 || !list_empty(&clp->cl_lo_states) 2418 #endif 2419 || !list_empty(&clp->cl_delegations) 2420 || !list_empty(&clp->cl_sessions); 2421 } 2422 2423 __be32 2424 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 2425 union nfsd4_op_u *u) 2426 { 2427 struct nfsd4_exchange_id *exid = &u->exchange_id; 2428 struct nfs4_client *conf, *new; 2429 struct nfs4_client *unconf = NULL; 2430 __be32 status; 2431 char addr_str[INET6_ADDRSTRLEN]; 2432 nfs4_verifier verf = exid->verifier; 2433 struct sockaddr *sa = svc_addr(rqstp); 2434 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 2435 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2436 2437 rpc_ntop(sa, addr_str, sizeof(addr_str)); 2438 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 2439 "ip_addr=%s flags %x, spa_how %d\n", 2440 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 2441 addr_str, exid->flags, exid->spa_how); 2442 2443 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 2444 return nfserr_inval; 2445 2446 new = create_client(exid->clname, rqstp, &verf); 2447 if (new == NULL) 2448 return nfserr_jukebox; 2449 2450 switch (exid->spa_how) { 2451 case SP4_MACH_CRED: 2452 exid->spo_must_enforce[0] = 0; 2453 exid->spo_must_enforce[1] = ( 2454 1 << (OP_BIND_CONN_TO_SESSION - 32) | 2455 1 << (OP_EXCHANGE_ID - 32) | 2456 1 << (OP_CREATE_SESSION - 32) | 2457 1 << (OP_DESTROY_SESSION - 32) | 2458 1 << (OP_DESTROY_CLIENTID - 32)); 2459 2460 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 2461 1 << (OP_OPEN_DOWNGRADE) | 2462 1 << (OP_LOCKU) | 2463 1 << (OP_DELEGRETURN)); 2464 2465 exid->spo_must_allow[1] &= ( 2466 1 << (OP_TEST_STATEID - 32) | 2467 1 << (OP_FREE_STATEID - 32)); 2468 if (!svc_rqst_integrity_protected(rqstp)) { 2469 status = nfserr_inval; 2470 goto out_nolock; 2471 } 2472 /* 2473 * Sometimes userspace doesn't give us a principal. 2474 * Which is a bug, really. Anyway, we can't enforce 2475 * MACH_CRED in that case, better to give up now: 2476 */ 2477 if (!new->cl_cred.cr_principal && 2478 !new->cl_cred.cr_raw_principal) { 2479 status = nfserr_serverfault; 2480 goto out_nolock; 2481 } 2482 new->cl_mach_cred = true; 2483 case SP4_NONE: 2484 break; 2485 default: /* checked by xdr code */ 2486 WARN_ON_ONCE(1); 2487 case SP4_SSV: 2488 status = nfserr_encr_alg_unsupp; 2489 goto out_nolock; 2490 } 2491 2492 /* Cases below refer to rfc 5661 section 18.35.4: */ 2493 spin_lock(&nn->client_lock); 2494 conf = find_confirmed_client_by_name(&exid->clname, nn); 2495 if (conf) { 2496 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 2497 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 2498 2499 if (update) { 2500 if (!clp_used_exchangeid(conf)) { /* buggy client */ 2501 status = nfserr_inval; 2502 goto out; 2503 } 2504 if (!nfsd4_mach_creds_match(conf, rqstp)) { 2505 status = nfserr_wrong_cred; 2506 goto out; 2507 } 2508 if (!creds_match) { /* case 9 */ 2509 status = nfserr_perm; 2510 goto out; 2511 } 2512 if (!verfs_match) { /* case 8 */ 2513 status = nfserr_not_same; 2514 goto out; 2515 } 2516 /* case 6 */ 2517 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 2518 goto out_copy; 2519 } 2520 if (!creds_match) { /* case 3 */ 2521 if (client_has_state(conf)) { 2522 status = nfserr_clid_inuse; 2523 goto out; 2524 } 2525 goto out_new; 2526 } 2527 if (verfs_match) { /* case 2 */ 2528 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 2529 goto out_copy; 2530 } 2531 /* case 5, client reboot */ 2532 conf = NULL; 2533 goto out_new; 2534 } 2535 2536 if (update) { /* case 7 */ 2537 status = nfserr_noent; 2538 goto out; 2539 } 2540 2541 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 2542 if (unconf) /* case 4, possible retry or client restart */ 2543 unhash_client_locked(unconf); 2544 2545 /* case 1 (normal case) */ 2546 out_new: 2547 if (conf) { 2548 status = mark_client_expired_locked(conf); 2549 if (status) 2550 goto out; 2551 } 2552 new->cl_minorversion = cstate->minorversion; 2553 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 2554 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 2555 2556 gen_clid(new, nn); 2557 add_to_unconfirmed(new); 2558 swap(new, conf); 2559 out_copy: 2560 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 2561 exid->clientid.cl_id = conf->cl_clientid.cl_id; 2562 2563 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 2564 nfsd4_set_ex_flags(conf, exid); 2565 2566 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 2567 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 2568 status = nfs_ok; 2569 2570 out: 2571 spin_unlock(&nn->client_lock); 2572 out_nolock: 2573 if (new) 2574 expire_client(new); 2575 if (unconf) 2576 expire_client(unconf); 2577 return status; 2578 } 2579 2580 static __be32 2581 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 2582 { 2583 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 2584 slot_seqid); 2585 2586 /* The slot is in use, and no response has been sent. */ 2587 if (slot_inuse) { 2588 if (seqid == slot_seqid) 2589 return nfserr_jukebox; 2590 else 2591 return nfserr_seq_misordered; 2592 } 2593 /* Note unsigned 32-bit arithmetic handles wraparound: */ 2594 if (likely(seqid == slot_seqid + 1)) 2595 return nfs_ok; 2596 if (seqid == slot_seqid) 2597 return nfserr_replay_cache; 2598 return nfserr_seq_misordered; 2599 } 2600 2601 /* 2602 * Cache the create session result into the create session single DRC 2603 * slot cache by saving the xdr structure. sl_seqid has been set. 2604 * Do this for solo or embedded create session operations. 2605 */ 2606 static void 2607 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 2608 struct nfsd4_clid_slot *slot, __be32 nfserr) 2609 { 2610 slot->sl_status = nfserr; 2611 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 2612 } 2613 2614 static __be32 2615 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 2616 struct nfsd4_clid_slot *slot) 2617 { 2618 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 2619 return slot->sl_status; 2620 } 2621 2622 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 2623 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 2624 1 + /* MIN tag is length with zero, only length */ \ 2625 3 + /* version, opcount, opcode */ \ 2626 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2627 /* seqid, slotID, slotID, cache */ \ 2628 4 ) * sizeof(__be32)) 2629 2630 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 2631 2 + /* verifier: AUTH_NULL, length 0 */\ 2632 1 + /* status */ \ 2633 1 + /* MIN tag is length with zero, only length */ \ 2634 3 + /* opcount, opcode, opstatus*/ \ 2635 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2636 /* seqid, slotID, slotID, slotID, status */ \ 2637 5 ) * sizeof(__be32)) 2638 2639 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 2640 { 2641 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 2642 2643 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 2644 return nfserr_toosmall; 2645 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 2646 return nfserr_toosmall; 2647 ca->headerpadsz = 0; 2648 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 2649 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 2650 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 2651 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 2652 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 2653 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 2654 /* 2655 * Note decreasing slot size below client's request may make it 2656 * difficult for client to function correctly, whereas 2657 * decreasing the number of slots will (just?) affect 2658 * performance. When short on memory we therefore prefer to 2659 * decrease number of slots instead of their size. Clients that 2660 * request larger slots than they need will get poor results: 2661 */ 2662 ca->maxreqs = nfsd4_get_drc_mem(ca); 2663 if (!ca->maxreqs) 2664 return nfserr_jukebox; 2665 2666 return nfs_ok; 2667 } 2668 2669 /* 2670 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 2671 * These are based on similar macros in linux/sunrpc/msg_prot.h . 2672 */ 2673 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 2674 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 2675 2676 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 2677 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 2678 2679 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 2680 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 2681 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 2682 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 2683 sizeof(__be32)) 2684 2685 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 2686 { 2687 ca->headerpadsz = 0; 2688 2689 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 2690 return nfserr_toosmall; 2691 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 2692 return nfserr_toosmall; 2693 ca->maxresp_cached = 0; 2694 if (ca->maxops < 2) 2695 return nfserr_toosmall; 2696 2697 return nfs_ok; 2698 } 2699 2700 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 2701 { 2702 switch (cbs->flavor) { 2703 case RPC_AUTH_NULL: 2704 case RPC_AUTH_UNIX: 2705 return nfs_ok; 2706 default: 2707 /* 2708 * GSS case: the spec doesn't allow us to return this 2709 * error. But it also doesn't allow us not to support 2710 * GSS. 2711 * I'd rather this fail hard than return some error the 2712 * client might think it can already handle: 2713 */ 2714 return nfserr_encr_alg_unsupp; 2715 } 2716 } 2717 2718 __be32 2719 nfsd4_create_session(struct svc_rqst *rqstp, 2720 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 2721 { 2722 struct nfsd4_create_session *cr_ses = &u->create_session; 2723 struct sockaddr *sa = svc_addr(rqstp); 2724 struct nfs4_client *conf, *unconf; 2725 struct nfs4_client *old = NULL; 2726 struct nfsd4_session *new; 2727 struct nfsd4_conn *conn; 2728 struct nfsd4_clid_slot *cs_slot = NULL; 2729 __be32 status = 0; 2730 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2731 2732 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 2733 return nfserr_inval; 2734 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 2735 if (status) 2736 return status; 2737 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 2738 if (status) 2739 return status; 2740 status = check_backchannel_attrs(&cr_ses->back_channel); 2741 if (status) 2742 goto out_release_drc_mem; 2743 status = nfserr_jukebox; 2744 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 2745 if (!new) 2746 goto out_release_drc_mem; 2747 conn = alloc_conn_from_crses(rqstp, cr_ses); 2748 if (!conn) 2749 goto out_free_session; 2750 2751 spin_lock(&nn->client_lock); 2752 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2753 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2754 WARN_ON_ONCE(conf && unconf); 2755 2756 if (conf) { 2757 status = nfserr_wrong_cred; 2758 if (!nfsd4_mach_creds_match(conf, rqstp)) 2759 goto out_free_conn; 2760 cs_slot = &conf->cl_cs_slot; 2761 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2762 if (status) { 2763 if (status == nfserr_replay_cache) 2764 status = nfsd4_replay_create_session(cr_ses, cs_slot); 2765 goto out_free_conn; 2766 } 2767 } else if (unconf) { 2768 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2769 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2770 status = nfserr_clid_inuse; 2771 goto out_free_conn; 2772 } 2773 status = nfserr_wrong_cred; 2774 if (!nfsd4_mach_creds_match(unconf, rqstp)) 2775 goto out_free_conn; 2776 cs_slot = &unconf->cl_cs_slot; 2777 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2778 if (status) { 2779 /* an unconfirmed replay returns misordered */ 2780 status = nfserr_seq_misordered; 2781 goto out_free_conn; 2782 } 2783 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2784 if (old) { 2785 status = mark_client_expired_locked(old); 2786 if (status) { 2787 old = NULL; 2788 goto out_free_conn; 2789 } 2790 } 2791 move_to_confirmed(unconf); 2792 conf = unconf; 2793 } else { 2794 status = nfserr_stale_clientid; 2795 goto out_free_conn; 2796 } 2797 status = nfs_ok; 2798 /* Persistent sessions are not supported */ 2799 cr_ses->flags &= ~SESSION4_PERSIST; 2800 /* Upshifting from TCP to RDMA is not supported */ 2801 cr_ses->flags &= ~SESSION4_RDMA; 2802 2803 init_session(rqstp, new, conf, cr_ses); 2804 nfsd4_get_session_locked(new); 2805 2806 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2807 NFS4_MAX_SESSIONID_LEN); 2808 cs_slot->sl_seqid++; 2809 cr_ses->seqid = cs_slot->sl_seqid; 2810 2811 /* cache solo and embedded create sessions under the client_lock */ 2812 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2813 spin_unlock(&nn->client_lock); 2814 /* init connection and backchannel */ 2815 nfsd4_init_conn(rqstp, conn, new); 2816 nfsd4_put_session(new); 2817 if (old) 2818 expire_client(old); 2819 return status; 2820 out_free_conn: 2821 spin_unlock(&nn->client_lock); 2822 free_conn(conn); 2823 if (old) 2824 expire_client(old); 2825 out_free_session: 2826 __free_session(new); 2827 out_release_drc_mem: 2828 nfsd4_put_drc_mem(&cr_ses->fore_channel); 2829 return status; 2830 } 2831 2832 static __be32 nfsd4_map_bcts_dir(u32 *dir) 2833 { 2834 switch (*dir) { 2835 case NFS4_CDFC4_FORE: 2836 case NFS4_CDFC4_BACK: 2837 return nfs_ok; 2838 case NFS4_CDFC4_FORE_OR_BOTH: 2839 case NFS4_CDFC4_BACK_OR_BOTH: 2840 *dir = NFS4_CDFC4_BOTH; 2841 return nfs_ok; 2842 }; 2843 return nfserr_inval; 2844 } 2845 2846 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 2847 struct nfsd4_compound_state *cstate, 2848 union nfsd4_op_u *u) 2849 { 2850 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 2851 struct nfsd4_session *session = cstate->session; 2852 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2853 __be32 status; 2854 2855 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 2856 if (status) 2857 return status; 2858 spin_lock(&nn->client_lock); 2859 session->se_cb_prog = bc->bc_cb_program; 2860 session->se_cb_sec = bc->bc_cb_sec; 2861 spin_unlock(&nn->client_lock); 2862 2863 nfsd4_probe_callback(session->se_client); 2864 2865 return nfs_ok; 2866 } 2867 2868 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 2869 struct nfsd4_compound_state *cstate, 2870 union nfsd4_op_u *u) 2871 { 2872 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 2873 __be32 status; 2874 struct nfsd4_conn *conn; 2875 struct nfsd4_session *session; 2876 struct net *net = SVC_NET(rqstp); 2877 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2878 2879 if (!nfsd4_last_compound_op(rqstp)) 2880 return nfserr_not_only_op; 2881 spin_lock(&nn->client_lock); 2882 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 2883 spin_unlock(&nn->client_lock); 2884 if (!session) 2885 goto out_no_session; 2886 status = nfserr_wrong_cred; 2887 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 2888 goto out; 2889 status = nfsd4_map_bcts_dir(&bcts->dir); 2890 if (status) 2891 goto out; 2892 conn = alloc_conn(rqstp, bcts->dir); 2893 status = nfserr_jukebox; 2894 if (!conn) 2895 goto out; 2896 nfsd4_init_conn(rqstp, conn, session); 2897 status = nfs_ok; 2898 out: 2899 nfsd4_put_session(session); 2900 out_no_session: 2901 return status; 2902 } 2903 2904 static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid) 2905 { 2906 if (!session) 2907 return 0; 2908 return !memcmp(sid, &session->se_sessionid, sizeof(*sid)); 2909 } 2910 2911 __be32 2912 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 2913 union nfsd4_op_u *u) 2914 { 2915 struct nfsd4_destroy_session *sessionid = &u->destroy_session; 2916 struct nfsd4_session *ses; 2917 __be32 status; 2918 int ref_held_by_me = 0; 2919 struct net *net = SVC_NET(r); 2920 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2921 2922 status = nfserr_not_only_op; 2923 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) { 2924 if (!nfsd4_last_compound_op(r)) 2925 goto out; 2926 ref_held_by_me++; 2927 } 2928 dump_sessionid(__func__, &sessionid->sessionid); 2929 spin_lock(&nn->client_lock); 2930 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status); 2931 if (!ses) 2932 goto out_client_lock; 2933 status = nfserr_wrong_cred; 2934 if (!nfsd4_mach_creds_match(ses->se_client, r)) 2935 goto out_put_session; 2936 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 2937 if (status) 2938 goto out_put_session; 2939 unhash_session(ses); 2940 spin_unlock(&nn->client_lock); 2941 2942 nfsd4_probe_callback_sync(ses->se_client); 2943 2944 spin_lock(&nn->client_lock); 2945 status = nfs_ok; 2946 out_put_session: 2947 nfsd4_put_session_locked(ses); 2948 out_client_lock: 2949 spin_unlock(&nn->client_lock); 2950 out: 2951 return status; 2952 } 2953 2954 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 2955 { 2956 struct nfsd4_conn *c; 2957 2958 list_for_each_entry(c, &s->se_conns, cn_persession) { 2959 if (c->cn_xprt == xpt) { 2960 return c; 2961 } 2962 } 2963 return NULL; 2964 } 2965 2966 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 2967 { 2968 struct nfs4_client *clp = ses->se_client; 2969 struct nfsd4_conn *c; 2970 __be32 status = nfs_ok; 2971 int ret; 2972 2973 spin_lock(&clp->cl_lock); 2974 c = __nfsd4_find_conn(new->cn_xprt, ses); 2975 if (c) 2976 goto out_free; 2977 status = nfserr_conn_not_bound_to_session; 2978 if (clp->cl_mach_cred) 2979 goto out_free; 2980 __nfsd4_hash_conn(new, ses); 2981 spin_unlock(&clp->cl_lock); 2982 ret = nfsd4_register_conn(new); 2983 if (ret) 2984 /* oops; xprt is already down: */ 2985 nfsd4_conn_lost(&new->cn_xpt_user); 2986 return nfs_ok; 2987 out_free: 2988 spin_unlock(&clp->cl_lock); 2989 free_conn(new); 2990 return status; 2991 } 2992 2993 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 2994 { 2995 struct nfsd4_compoundargs *args = rqstp->rq_argp; 2996 2997 return args->opcnt > session->se_fchannel.maxops; 2998 } 2999 3000 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3001 struct nfsd4_session *session) 3002 { 3003 struct xdr_buf *xb = &rqstp->rq_arg; 3004 3005 return xb->len > session->se_fchannel.maxreq_sz; 3006 } 3007 3008 static bool replay_matches_cache(struct svc_rqst *rqstp, 3009 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3010 { 3011 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3012 3013 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3014 (bool)seq->cachethis) 3015 return false; 3016 /* 3017 * If there's an error than the reply can have fewer ops than 3018 * the call. But if we cached a reply with *more* ops than the 3019 * call you're sending us now, then this new call is clearly not 3020 * really a replay of the old one: 3021 */ 3022 if (slot->sl_opcnt < argp->opcnt) 3023 return false; 3024 /* This is the only check explicitly called by spec: */ 3025 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3026 return false; 3027 /* 3028 * There may be more comparisons we could actually do, but the 3029 * spec doesn't require us to catch every case where the calls 3030 * don't match (that would require caching the call as well as 3031 * the reply), so we don't bother. 3032 */ 3033 return true; 3034 } 3035 3036 __be32 3037 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3038 union nfsd4_op_u *u) 3039 { 3040 struct nfsd4_sequence *seq = &u->sequence; 3041 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3042 struct xdr_stream *xdr = &resp->xdr; 3043 struct nfsd4_session *session; 3044 struct nfs4_client *clp; 3045 struct nfsd4_slot *slot; 3046 struct nfsd4_conn *conn; 3047 __be32 status; 3048 int buflen; 3049 struct net *net = SVC_NET(rqstp); 3050 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3051 3052 if (resp->opcnt != 1) 3053 return nfserr_sequence_pos; 3054 3055 /* 3056 * Will be either used or freed by nfsd4_sequence_check_conn 3057 * below. 3058 */ 3059 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3060 if (!conn) 3061 return nfserr_jukebox; 3062 3063 spin_lock(&nn->client_lock); 3064 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3065 if (!session) 3066 goto out_no_session; 3067 clp = session->se_client; 3068 3069 status = nfserr_too_many_ops; 3070 if (nfsd4_session_too_many_ops(rqstp, session)) 3071 goto out_put_session; 3072 3073 status = nfserr_req_too_big; 3074 if (nfsd4_request_too_big(rqstp, session)) 3075 goto out_put_session; 3076 3077 status = nfserr_badslot; 3078 if (seq->slotid >= session->se_fchannel.maxreqs) 3079 goto out_put_session; 3080 3081 slot = session->se_slots[seq->slotid]; 3082 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3083 3084 /* We do not negotiate the number of slots yet, so set the 3085 * maxslots to the session maxreqs which is used to encode 3086 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3087 seq->maxslots = session->se_fchannel.maxreqs; 3088 3089 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3090 slot->sl_flags & NFSD4_SLOT_INUSE); 3091 if (status == nfserr_replay_cache) { 3092 status = nfserr_seq_misordered; 3093 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3094 goto out_put_session; 3095 status = nfserr_seq_false_retry; 3096 if (!replay_matches_cache(rqstp, seq, slot)) 3097 goto out_put_session; 3098 cstate->slot = slot; 3099 cstate->session = session; 3100 cstate->clp = clp; 3101 /* Return the cached reply status and set cstate->status 3102 * for nfsd4_proc_compound processing */ 3103 status = nfsd4_replay_cache_entry(resp, seq); 3104 cstate->status = nfserr_replay_cache; 3105 goto out; 3106 } 3107 if (status) 3108 goto out_put_session; 3109 3110 status = nfsd4_sequence_check_conn(conn, session); 3111 conn = NULL; 3112 if (status) 3113 goto out_put_session; 3114 3115 buflen = (seq->cachethis) ? 3116 session->se_fchannel.maxresp_cached : 3117 session->se_fchannel.maxresp_sz; 3118 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3119 nfserr_rep_too_big; 3120 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3121 goto out_put_session; 3122 svc_reserve(rqstp, buflen); 3123 3124 status = nfs_ok; 3125 /* Success! bump slot seqid */ 3126 slot->sl_seqid = seq->seqid; 3127 slot->sl_flags |= NFSD4_SLOT_INUSE; 3128 if (seq->cachethis) 3129 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3130 else 3131 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3132 3133 cstate->slot = slot; 3134 cstate->session = session; 3135 cstate->clp = clp; 3136 3137 out: 3138 switch (clp->cl_cb_state) { 3139 case NFSD4_CB_DOWN: 3140 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3141 break; 3142 case NFSD4_CB_FAULT: 3143 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3144 break; 3145 default: 3146 seq->status_flags = 0; 3147 } 3148 if (!list_empty(&clp->cl_revoked)) 3149 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3150 out_no_session: 3151 if (conn) 3152 free_conn(conn); 3153 spin_unlock(&nn->client_lock); 3154 return status; 3155 out_put_session: 3156 nfsd4_put_session_locked(session); 3157 goto out_no_session; 3158 } 3159 3160 void 3161 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3162 { 3163 struct nfsd4_compound_state *cs = &resp->cstate; 3164 3165 if (nfsd4_has_session(cs)) { 3166 if (cs->status != nfserr_replay_cache) { 3167 nfsd4_store_cache_entry(resp); 3168 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3169 } 3170 /* Drop session reference that was taken in nfsd4_sequence() */ 3171 nfsd4_put_session(cs->session); 3172 } else if (cs->clp) 3173 put_client_renew(cs->clp); 3174 } 3175 3176 __be32 3177 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3178 struct nfsd4_compound_state *cstate, 3179 union nfsd4_op_u *u) 3180 { 3181 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3182 struct nfs4_client *conf, *unconf; 3183 struct nfs4_client *clp = NULL; 3184 __be32 status = 0; 3185 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3186 3187 spin_lock(&nn->client_lock); 3188 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3189 conf = find_confirmed_client(&dc->clientid, true, nn); 3190 WARN_ON_ONCE(conf && unconf); 3191 3192 if (conf) { 3193 if (client_has_state(conf)) { 3194 status = nfserr_clientid_busy; 3195 goto out; 3196 } 3197 status = mark_client_expired_locked(conf); 3198 if (status) 3199 goto out; 3200 clp = conf; 3201 } else if (unconf) 3202 clp = unconf; 3203 else { 3204 status = nfserr_stale_clientid; 3205 goto out; 3206 } 3207 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3208 clp = NULL; 3209 status = nfserr_wrong_cred; 3210 goto out; 3211 } 3212 unhash_client_locked(clp); 3213 out: 3214 spin_unlock(&nn->client_lock); 3215 if (clp) 3216 expire_client(clp); 3217 return status; 3218 } 3219 3220 __be32 3221 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3222 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3223 { 3224 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3225 __be32 status = 0; 3226 3227 if (rc->rca_one_fs) { 3228 if (!cstate->current_fh.fh_dentry) 3229 return nfserr_nofilehandle; 3230 /* 3231 * We don't take advantage of the rca_one_fs case. 3232 * That's OK, it's optional, we can safely ignore it. 3233 */ 3234 return nfs_ok; 3235 } 3236 3237 status = nfserr_complete_already; 3238 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3239 &cstate->session->se_client->cl_flags)) 3240 goto out; 3241 3242 status = nfserr_stale_clientid; 3243 if (is_client_expired(cstate->session->se_client)) 3244 /* 3245 * The following error isn't really legal. 3246 * But we only get here if the client just explicitly 3247 * destroyed the client. Surely it no longer cares what 3248 * error it gets back on an operation for the dead 3249 * client. 3250 */ 3251 goto out; 3252 3253 status = nfs_ok; 3254 nfsd4_client_record_create(cstate->session->se_client); 3255 out: 3256 return status; 3257 } 3258 3259 __be32 3260 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3261 union nfsd4_op_u *u) 3262 { 3263 struct nfsd4_setclientid *setclid = &u->setclientid; 3264 struct xdr_netobj clname = setclid->se_name; 3265 nfs4_verifier clverifier = setclid->se_verf; 3266 struct nfs4_client *conf, *new; 3267 struct nfs4_client *unconf = NULL; 3268 __be32 status; 3269 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3270 3271 new = create_client(clname, rqstp, &clverifier); 3272 if (new == NULL) 3273 return nfserr_jukebox; 3274 /* Cases below refer to rfc 3530 section 14.2.33: */ 3275 spin_lock(&nn->client_lock); 3276 conf = find_confirmed_client_by_name(&clname, nn); 3277 if (conf && client_has_state(conf)) { 3278 /* case 0: */ 3279 status = nfserr_clid_inuse; 3280 if (clp_used_exchangeid(conf)) 3281 goto out; 3282 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3283 char addr_str[INET6_ADDRSTRLEN]; 3284 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 3285 sizeof(addr_str)); 3286 dprintk("NFSD: setclientid: string in use by client " 3287 "at %s\n", addr_str); 3288 goto out; 3289 } 3290 } 3291 unconf = find_unconfirmed_client_by_name(&clname, nn); 3292 if (unconf) 3293 unhash_client_locked(unconf); 3294 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3295 /* case 1: probable callback update */ 3296 copy_clid(new, conf); 3297 gen_confirm(new, nn); 3298 } else /* case 4 (new client) or cases 2, 3 (client reboot): */ 3299 gen_clid(new, nn); 3300 new->cl_minorversion = 0; 3301 gen_callback(new, setclid, rqstp); 3302 add_to_unconfirmed(new); 3303 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3304 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3305 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3306 new = NULL; 3307 status = nfs_ok; 3308 out: 3309 spin_unlock(&nn->client_lock); 3310 if (new) 3311 free_client(new); 3312 if (unconf) 3313 expire_client(unconf); 3314 return status; 3315 } 3316 3317 3318 __be32 3319 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3320 struct nfsd4_compound_state *cstate, 3321 union nfsd4_op_u *u) 3322 { 3323 struct nfsd4_setclientid_confirm *setclientid_confirm = 3324 &u->setclientid_confirm; 3325 struct nfs4_client *conf, *unconf; 3326 struct nfs4_client *old = NULL; 3327 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3328 clientid_t * clid = &setclientid_confirm->sc_clientid; 3329 __be32 status; 3330 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3331 3332 if (STALE_CLIENTID(clid, nn)) 3333 return nfserr_stale_clientid; 3334 3335 spin_lock(&nn->client_lock); 3336 conf = find_confirmed_client(clid, false, nn); 3337 unconf = find_unconfirmed_client(clid, false, nn); 3338 /* 3339 * We try hard to give out unique clientid's, so if we get an 3340 * attempt to confirm the same clientid with a different cred, 3341 * the client may be buggy; this should never happen. 3342 * 3343 * Nevertheless, RFC 7530 recommends INUSE for this case: 3344 */ 3345 status = nfserr_clid_inuse; 3346 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3347 goto out; 3348 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3349 goto out; 3350 /* cases below refer to rfc 3530 section 14.2.34: */ 3351 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3352 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3353 /* case 2: probable retransmit */ 3354 status = nfs_ok; 3355 } else /* case 4: client hasn't noticed we rebooted yet? */ 3356 status = nfserr_stale_clientid; 3357 goto out; 3358 } 3359 status = nfs_ok; 3360 if (conf) { /* case 1: callback update */ 3361 old = unconf; 3362 unhash_client_locked(old); 3363 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3364 } else { /* case 3: normal case; new or rebooted client */ 3365 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3366 if (old) { 3367 status = nfserr_clid_inuse; 3368 if (client_has_state(old) 3369 && !same_creds(&unconf->cl_cred, 3370 &old->cl_cred)) 3371 goto out; 3372 status = mark_client_expired_locked(old); 3373 if (status) { 3374 old = NULL; 3375 goto out; 3376 } 3377 } 3378 move_to_confirmed(unconf); 3379 conf = unconf; 3380 } 3381 get_client_locked(conf); 3382 spin_unlock(&nn->client_lock); 3383 nfsd4_probe_callback(conf); 3384 spin_lock(&nn->client_lock); 3385 put_client_renew_locked(conf); 3386 out: 3387 spin_unlock(&nn->client_lock); 3388 if (old) 3389 expire_client(old); 3390 return status; 3391 } 3392 3393 static struct nfs4_file *nfsd4_alloc_file(void) 3394 { 3395 return kmem_cache_alloc(file_slab, GFP_KERNEL); 3396 } 3397 3398 /* OPEN Share state helper functions */ 3399 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 3400 struct nfs4_file *fp) 3401 { 3402 lockdep_assert_held(&state_lock); 3403 3404 refcount_set(&fp->fi_ref, 1); 3405 spin_lock_init(&fp->fi_lock); 3406 INIT_LIST_HEAD(&fp->fi_stateids); 3407 INIT_LIST_HEAD(&fp->fi_delegations); 3408 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 3409 fh_copy_shallow(&fp->fi_fhandle, fh); 3410 fp->fi_deleg_file = NULL; 3411 fp->fi_had_conflict = false; 3412 fp->fi_share_deny = 0; 3413 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 3414 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 3415 #ifdef CONFIG_NFSD_PNFS 3416 INIT_LIST_HEAD(&fp->fi_lo_states); 3417 atomic_set(&fp->fi_lo_recalls, 0); 3418 #endif 3419 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 3420 } 3421 3422 void 3423 nfsd4_free_slabs(void) 3424 { 3425 kmem_cache_destroy(odstate_slab); 3426 kmem_cache_destroy(openowner_slab); 3427 kmem_cache_destroy(lockowner_slab); 3428 kmem_cache_destroy(file_slab); 3429 kmem_cache_destroy(stateid_slab); 3430 kmem_cache_destroy(deleg_slab); 3431 } 3432 3433 int 3434 nfsd4_init_slabs(void) 3435 { 3436 openowner_slab = kmem_cache_create("nfsd4_openowners", 3437 sizeof(struct nfs4_openowner), 0, 0, NULL); 3438 if (openowner_slab == NULL) 3439 goto out; 3440 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 3441 sizeof(struct nfs4_lockowner), 0, 0, NULL); 3442 if (lockowner_slab == NULL) 3443 goto out_free_openowner_slab; 3444 file_slab = kmem_cache_create("nfsd4_files", 3445 sizeof(struct nfs4_file), 0, 0, NULL); 3446 if (file_slab == NULL) 3447 goto out_free_lockowner_slab; 3448 stateid_slab = kmem_cache_create("nfsd4_stateids", 3449 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 3450 if (stateid_slab == NULL) 3451 goto out_free_file_slab; 3452 deleg_slab = kmem_cache_create("nfsd4_delegations", 3453 sizeof(struct nfs4_delegation), 0, 0, NULL); 3454 if (deleg_slab == NULL) 3455 goto out_free_stateid_slab; 3456 odstate_slab = kmem_cache_create("nfsd4_odstate", 3457 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 3458 if (odstate_slab == NULL) 3459 goto out_free_deleg_slab; 3460 return 0; 3461 3462 out_free_deleg_slab: 3463 kmem_cache_destroy(deleg_slab); 3464 out_free_stateid_slab: 3465 kmem_cache_destroy(stateid_slab); 3466 out_free_file_slab: 3467 kmem_cache_destroy(file_slab); 3468 out_free_lockowner_slab: 3469 kmem_cache_destroy(lockowner_slab); 3470 out_free_openowner_slab: 3471 kmem_cache_destroy(openowner_slab); 3472 out: 3473 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 3474 return -ENOMEM; 3475 } 3476 3477 static void init_nfs4_replay(struct nfs4_replay *rp) 3478 { 3479 rp->rp_status = nfserr_serverfault; 3480 rp->rp_buflen = 0; 3481 rp->rp_buf = rp->rp_ibuf; 3482 mutex_init(&rp->rp_mutex); 3483 } 3484 3485 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 3486 struct nfs4_stateowner *so) 3487 { 3488 if (!nfsd4_has_session(cstate)) { 3489 mutex_lock(&so->so_replay.rp_mutex); 3490 cstate->replay_owner = nfs4_get_stateowner(so); 3491 } 3492 } 3493 3494 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 3495 { 3496 struct nfs4_stateowner *so = cstate->replay_owner; 3497 3498 if (so != NULL) { 3499 cstate->replay_owner = NULL; 3500 mutex_unlock(&so->so_replay.rp_mutex); 3501 nfs4_put_stateowner(so); 3502 } 3503 } 3504 3505 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 3506 { 3507 struct nfs4_stateowner *sop; 3508 3509 sop = kmem_cache_alloc(slab, GFP_KERNEL); 3510 if (!sop) 3511 return NULL; 3512 3513 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL); 3514 if (!sop->so_owner.data) { 3515 kmem_cache_free(slab, sop); 3516 return NULL; 3517 } 3518 sop->so_owner.len = owner->len; 3519 3520 INIT_LIST_HEAD(&sop->so_stateids); 3521 sop->so_client = clp; 3522 init_nfs4_replay(&sop->so_replay); 3523 atomic_set(&sop->so_count, 1); 3524 return sop; 3525 } 3526 3527 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 3528 { 3529 lockdep_assert_held(&clp->cl_lock); 3530 3531 list_add(&oo->oo_owner.so_strhash, 3532 &clp->cl_ownerstr_hashtbl[strhashval]); 3533 list_add(&oo->oo_perclient, &clp->cl_openowners); 3534 } 3535 3536 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 3537 { 3538 unhash_openowner_locked(openowner(so)); 3539 } 3540 3541 static void nfs4_free_openowner(struct nfs4_stateowner *so) 3542 { 3543 struct nfs4_openowner *oo = openowner(so); 3544 3545 kmem_cache_free(openowner_slab, oo); 3546 } 3547 3548 static const struct nfs4_stateowner_operations openowner_ops = { 3549 .so_unhash = nfs4_unhash_openowner, 3550 .so_free = nfs4_free_openowner, 3551 }; 3552 3553 static struct nfs4_ol_stateid * 3554 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3555 { 3556 struct nfs4_ol_stateid *local, *ret = NULL; 3557 struct nfs4_openowner *oo = open->op_openowner; 3558 3559 lockdep_assert_held(&fp->fi_lock); 3560 3561 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3562 /* ignore lock owners */ 3563 if (local->st_stateowner->so_is_open_owner == 0) 3564 continue; 3565 if (local->st_stateowner == &oo->oo_owner) { 3566 ret = local; 3567 refcount_inc(&ret->st_stid.sc_count); 3568 break; 3569 } 3570 } 3571 return ret; 3572 } 3573 3574 static struct nfs4_openowner * 3575 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 3576 struct nfsd4_compound_state *cstate) 3577 { 3578 struct nfs4_client *clp = cstate->clp; 3579 struct nfs4_openowner *oo, *ret; 3580 3581 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 3582 if (!oo) 3583 return NULL; 3584 oo->oo_owner.so_ops = &openowner_ops; 3585 oo->oo_owner.so_is_open_owner = 1; 3586 oo->oo_owner.so_seqid = open->op_seqid; 3587 oo->oo_flags = 0; 3588 if (nfsd4_has_session(cstate)) 3589 oo->oo_flags |= NFS4_OO_CONFIRMED; 3590 oo->oo_time = 0; 3591 oo->oo_last_closed_stid = NULL; 3592 INIT_LIST_HEAD(&oo->oo_close_lru); 3593 spin_lock(&clp->cl_lock); 3594 ret = find_openstateowner_str_locked(strhashval, open, clp); 3595 if (ret == NULL) { 3596 hash_openowner(oo, clp, strhashval); 3597 ret = oo; 3598 } else 3599 nfs4_free_stateowner(&oo->oo_owner); 3600 3601 spin_unlock(&clp->cl_lock); 3602 return ret; 3603 } 3604 3605 static struct nfs4_ol_stateid * 3606 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 3607 { 3608 3609 struct nfs4_openowner *oo = open->op_openowner; 3610 struct nfs4_ol_stateid *retstp = NULL; 3611 struct nfs4_ol_stateid *stp; 3612 3613 stp = open->op_stp; 3614 /* We are moving these outside of the spinlocks to avoid the warnings */ 3615 mutex_init(&stp->st_mutex); 3616 mutex_lock(&stp->st_mutex); 3617 3618 spin_lock(&oo->oo_owner.so_client->cl_lock); 3619 spin_lock(&fp->fi_lock); 3620 3621 retstp = nfsd4_find_existing_open(fp, open); 3622 if (retstp) 3623 goto out_unlock; 3624 3625 open->op_stp = NULL; 3626 refcount_inc(&stp->st_stid.sc_count); 3627 stp->st_stid.sc_type = NFS4_OPEN_STID; 3628 INIT_LIST_HEAD(&stp->st_locks); 3629 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 3630 get_nfs4_file(fp); 3631 stp->st_stid.sc_file = fp; 3632 stp->st_access_bmap = 0; 3633 stp->st_deny_bmap = 0; 3634 stp->st_openstp = NULL; 3635 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 3636 list_add(&stp->st_perfile, &fp->fi_stateids); 3637 3638 out_unlock: 3639 spin_unlock(&fp->fi_lock); 3640 spin_unlock(&oo->oo_owner.so_client->cl_lock); 3641 if (retstp) { 3642 mutex_lock(&retstp->st_mutex); 3643 /* To keep mutex tracking happy */ 3644 mutex_unlock(&stp->st_mutex); 3645 stp = retstp; 3646 } 3647 return stp; 3648 } 3649 3650 /* 3651 * In the 4.0 case we need to keep the owners around a little while to handle 3652 * CLOSE replay. We still do need to release any file access that is held by 3653 * them before returning however. 3654 */ 3655 static void 3656 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 3657 { 3658 struct nfs4_ol_stateid *last; 3659 struct nfs4_openowner *oo = openowner(s->st_stateowner); 3660 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 3661 nfsd_net_id); 3662 3663 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 3664 3665 /* 3666 * We know that we hold one reference via nfsd4_close, and another 3667 * "persistent" reference for the client. If the refcount is higher 3668 * than 2, then there are still calls in progress that are using this 3669 * stateid. We can't put the sc_file reference until they are finished. 3670 * Wait for the refcount to drop to 2. Since it has been unhashed, 3671 * there should be no danger of the refcount going back up again at 3672 * this point. 3673 */ 3674 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 3675 3676 release_all_access(s); 3677 if (s->st_stid.sc_file) { 3678 put_nfs4_file(s->st_stid.sc_file); 3679 s->st_stid.sc_file = NULL; 3680 } 3681 3682 spin_lock(&nn->client_lock); 3683 last = oo->oo_last_closed_stid; 3684 oo->oo_last_closed_stid = s; 3685 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 3686 oo->oo_time = get_seconds(); 3687 spin_unlock(&nn->client_lock); 3688 if (last) 3689 nfs4_put_stid(&last->st_stid); 3690 } 3691 3692 /* search file_hashtbl[] for file */ 3693 static struct nfs4_file * 3694 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 3695 { 3696 struct nfs4_file *fp; 3697 3698 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) { 3699 if (fh_match(&fp->fi_fhandle, fh)) { 3700 if (refcount_inc_not_zero(&fp->fi_ref)) 3701 return fp; 3702 } 3703 } 3704 return NULL; 3705 } 3706 3707 struct nfs4_file * 3708 find_file(struct knfsd_fh *fh) 3709 { 3710 struct nfs4_file *fp; 3711 unsigned int hashval = file_hashval(fh); 3712 3713 rcu_read_lock(); 3714 fp = find_file_locked(fh, hashval); 3715 rcu_read_unlock(); 3716 return fp; 3717 } 3718 3719 static struct nfs4_file * 3720 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 3721 { 3722 struct nfs4_file *fp; 3723 unsigned int hashval = file_hashval(fh); 3724 3725 rcu_read_lock(); 3726 fp = find_file_locked(fh, hashval); 3727 rcu_read_unlock(); 3728 if (fp) 3729 return fp; 3730 3731 spin_lock(&state_lock); 3732 fp = find_file_locked(fh, hashval); 3733 if (likely(fp == NULL)) { 3734 nfsd4_init_file(fh, hashval, new); 3735 fp = new; 3736 } 3737 spin_unlock(&state_lock); 3738 3739 return fp; 3740 } 3741 3742 /* 3743 * Called to check deny when READ with all zero stateid or 3744 * WRITE with all zero or all one stateid 3745 */ 3746 static __be32 3747 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 3748 { 3749 struct nfs4_file *fp; 3750 __be32 ret = nfs_ok; 3751 3752 fp = find_file(¤t_fh->fh_handle); 3753 if (!fp) 3754 return ret; 3755 /* Check for conflicting share reservations */ 3756 spin_lock(&fp->fi_lock); 3757 if (fp->fi_share_deny & deny_type) 3758 ret = nfserr_locked; 3759 spin_unlock(&fp->fi_lock); 3760 put_nfs4_file(fp); 3761 return ret; 3762 } 3763 3764 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 3765 { 3766 struct nfs4_delegation *dp = cb_to_delegation(cb); 3767 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 3768 nfsd_net_id); 3769 3770 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 3771 3772 /* 3773 * We can't do this in nfsd_break_deleg_cb because it is 3774 * already holding inode->i_lock. 3775 * 3776 * If the dl_time != 0, then we know that it has already been 3777 * queued for a lease break. Don't queue it again. 3778 */ 3779 spin_lock(&state_lock); 3780 if (dp->dl_time == 0) { 3781 dp->dl_time = get_seconds(); 3782 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 3783 } 3784 spin_unlock(&state_lock); 3785 } 3786 3787 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 3788 struct rpc_task *task) 3789 { 3790 struct nfs4_delegation *dp = cb_to_delegation(cb); 3791 3792 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 3793 return 1; 3794 3795 switch (task->tk_status) { 3796 case 0: 3797 return 1; 3798 case -EBADHANDLE: 3799 case -NFS4ERR_BAD_STATEID: 3800 /* 3801 * Race: client probably got cb_recall before open reply 3802 * granting delegation. 3803 */ 3804 if (dp->dl_retries--) { 3805 rpc_delay(task, 2 * HZ); 3806 return 0; 3807 } 3808 /*FALLTHRU*/ 3809 default: 3810 return -1; 3811 } 3812 } 3813 3814 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 3815 { 3816 struct nfs4_delegation *dp = cb_to_delegation(cb); 3817 3818 nfs4_put_stid(&dp->dl_stid); 3819 } 3820 3821 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 3822 .prepare = nfsd4_cb_recall_prepare, 3823 .done = nfsd4_cb_recall_done, 3824 .release = nfsd4_cb_recall_release, 3825 }; 3826 3827 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 3828 { 3829 /* 3830 * We're assuming the state code never drops its reference 3831 * without first removing the lease. Since we're in this lease 3832 * callback (and since the lease code is serialized by the kernel 3833 * lock) we know the server hasn't removed the lease yet, we know 3834 * it's safe to take a reference. 3835 */ 3836 refcount_inc(&dp->dl_stid.sc_count); 3837 nfsd4_run_cb(&dp->dl_recall); 3838 } 3839 3840 /* Called from break_lease() with i_lock held. */ 3841 static bool 3842 nfsd_break_deleg_cb(struct file_lock *fl) 3843 { 3844 bool ret = false; 3845 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner; 3846 struct nfs4_delegation *dp; 3847 3848 if (!fp) { 3849 WARN(1, "(%p)->fl_owner NULL\n", fl); 3850 return ret; 3851 } 3852 if (fp->fi_had_conflict) { 3853 WARN(1, "duplicate break on %p\n", fp); 3854 return ret; 3855 } 3856 /* 3857 * We don't want the locks code to timeout the lease for us; 3858 * we'll remove it ourself if a delegation isn't returned 3859 * in time: 3860 */ 3861 fl->fl_break_time = 0; 3862 3863 spin_lock(&fp->fi_lock); 3864 fp->fi_had_conflict = true; 3865 /* 3866 * If there are no delegations on the list, then return true 3867 * so that the lease code will go ahead and delete it. 3868 */ 3869 if (list_empty(&fp->fi_delegations)) 3870 ret = true; 3871 else 3872 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile) 3873 nfsd_break_one_deleg(dp); 3874 spin_unlock(&fp->fi_lock); 3875 return ret; 3876 } 3877 3878 static int 3879 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 3880 struct list_head *dispose) 3881 { 3882 if (arg & F_UNLCK) 3883 return lease_modify(onlist, arg, dispose); 3884 else 3885 return -EAGAIN; 3886 } 3887 3888 static const struct lock_manager_operations nfsd_lease_mng_ops = { 3889 .lm_break = nfsd_break_deleg_cb, 3890 .lm_change = nfsd_change_deleg_cb, 3891 }; 3892 3893 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 3894 { 3895 if (nfsd4_has_session(cstate)) 3896 return nfs_ok; 3897 if (seqid == so->so_seqid - 1) 3898 return nfserr_replay_me; 3899 if (seqid == so->so_seqid) 3900 return nfs_ok; 3901 return nfserr_bad_seqid; 3902 } 3903 3904 static __be32 lookup_clientid(clientid_t *clid, 3905 struct nfsd4_compound_state *cstate, 3906 struct nfsd_net *nn) 3907 { 3908 struct nfs4_client *found; 3909 3910 if (cstate->clp) { 3911 found = cstate->clp; 3912 if (!same_clid(&found->cl_clientid, clid)) 3913 return nfserr_stale_clientid; 3914 return nfs_ok; 3915 } 3916 3917 if (STALE_CLIENTID(clid, nn)) 3918 return nfserr_stale_clientid; 3919 3920 /* 3921 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 3922 * cached already then we know this is for is for v4.0 and "sessions" 3923 * will be false. 3924 */ 3925 WARN_ON_ONCE(cstate->session); 3926 spin_lock(&nn->client_lock); 3927 found = find_confirmed_client(clid, false, nn); 3928 if (!found) { 3929 spin_unlock(&nn->client_lock); 3930 return nfserr_expired; 3931 } 3932 atomic_inc(&found->cl_refcount); 3933 spin_unlock(&nn->client_lock); 3934 3935 /* Cache the nfs4_client in cstate! */ 3936 cstate->clp = found; 3937 return nfs_ok; 3938 } 3939 3940 __be32 3941 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 3942 struct nfsd4_open *open, struct nfsd_net *nn) 3943 { 3944 clientid_t *clientid = &open->op_clientid; 3945 struct nfs4_client *clp = NULL; 3946 unsigned int strhashval; 3947 struct nfs4_openowner *oo = NULL; 3948 __be32 status; 3949 3950 if (STALE_CLIENTID(&open->op_clientid, nn)) 3951 return nfserr_stale_clientid; 3952 /* 3953 * In case we need it later, after we've already created the 3954 * file and don't want to risk a further failure: 3955 */ 3956 open->op_file = nfsd4_alloc_file(); 3957 if (open->op_file == NULL) 3958 return nfserr_jukebox; 3959 3960 status = lookup_clientid(clientid, cstate, nn); 3961 if (status) 3962 return status; 3963 clp = cstate->clp; 3964 3965 strhashval = ownerstr_hashval(&open->op_owner); 3966 oo = find_openstateowner_str(strhashval, open, clp); 3967 open->op_openowner = oo; 3968 if (!oo) { 3969 goto new_owner; 3970 } 3971 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 3972 /* Replace unconfirmed owners without checking for replay. */ 3973 release_openowner(oo); 3974 open->op_openowner = NULL; 3975 goto new_owner; 3976 } 3977 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 3978 if (status) 3979 return status; 3980 goto alloc_stateid; 3981 new_owner: 3982 oo = alloc_init_open_stateowner(strhashval, open, cstate); 3983 if (oo == NULL) 3984 return nfserr_jukebox; 3985 open->op_openowner = oo; 3986 alloc_stateid: 3987 open->op_stp = nfs4_alloc_open_stateid(clp); 3988 if (!open->op_stp) 3989 return nfserr_jukebox; 3990 3991 if (nfsd4_has_session(cstate) && 3992 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 3993 open->op_odstate = alloc_clnt_odstate(clp); 3994 if (!open->op_odstate) 3995 return nfserr_jukebox; 3996 } 3997 3998 return nfs_ok; 3999 } 4000 4001 static inline __be32 4002 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4003 { 4004 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4005 return nfserr_openmode; 4006 else 4007 return nfs_ok; 4008 } 4009 4010 static int share_access_to_flags(u32 share_access) 4011 { 4012 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4013 } 4014 4015 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4016 { 4017 struct nfs4_stid *ret; 4018 4019 ret = find_stateid_by_type(cl, s, 4020 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4021 if (!ret) 4022 return NULL; 4023 return delegstateid(ret); 4024 } 4025 4026 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4027 { 4028 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4029 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4030 } 4031 4032 static __be32 4033 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4034 struct nfs4_delegation **dp) 4035 { 4036 int flags; 4037 __be32 status = nfserr_bad_stateid; 4038 struct nfs4_delegation *deleg; 4039 4040 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4041 if (deleg == NULL) 4042 goto out; 4043 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4044 nfs4_put_stid(&deleg->dl_stid); 4045 if (cl->cl_minorversion) 4046 status = nfserr_deleg_revoked; 4047 goto out; 4048 } 4049 flags = share_access_to_flags(open->op_share_access); 4050 status = nfs4_check_delegmode(deleg, flags); 4051 if (status) { 4052 nfs4_put_stid(&deleg->dl_stid); 4053 goto out; 4054 } 4055 *dp = deleg; 4056 out: 4057 if (!nfsd4_is_deleg_cur(open)) 4058 return nfs_ok; 4059 if (status) 4060 return status; 4061 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4062 return nfs_ok; 4063 } 4064 4065 static inline int nfs4_access_to_access(u32 nfs4_access) 4066 { 4067 int flags = 0; 4068 4069 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4070 flags |= NFSD_MAY_READ; 4071 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4072 flags |= NFSD_MAY_WRITE; 4073 return flags; 4074 } 4075 4076 static inline __be32 4077 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4078 struct nfsd4_open *open) 4079 { 4080 struct iattr iattr = { 4081 .ia_valid = ATTR_SIZE, 4082 .ia_size = 0, 4083 }; 4084 if (!open->op_truncate) 4085 return 0; 4086 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4087 return nfserr_inval; 4088 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 4089 } 4090 4091 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4092 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4093 struct nfsd4_open *open) 4094 { 4095 struct file *filp = NULL; 4096 __be32 status; 4097 int oflag = nfs4_access_to_omode(open->op_share_access); 4098 int access = nfs4_access_to_access(open->op_share_access); 4099 unsigned char old_access_bmap, old_deny_bmap; 4100 4101 spin_lock(&fp->fi_lock); 4102 4103 /* 4104 * Are we trying to set a deny mode that would conflict with 4105 * current access? 4106 */ 4107 status = nfs4_file_check_deny(fp, open->op_share_deny); 4108 if (status != nfs_ok) { 4109 spin_unlock(&fp->fi_lock); 4110 goto out; 4111 } 4112 4113 /* set access to the file */ 4114 status = nfs4_file_get_access(fp, open->op_share_access); 4115 if (status != nfs_ok) { 4116 spin_unlock(&fp->fi_lock); 4117 goto out; 4118 } 4119 4120 /* Set access bits in stateid */ 4121 old_access_bmap = stp->st_access_bmap; 4122 set_access(open->op_share_access, stp); 4123 4124 /* Set new deny mask */ 4125 old_deny_bmap = stp->st_deny_bmap; 4126 set_deny(open->op_share_deny, stp); 4127 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4128 4129 if (!fp->fi_fds[oflag]) { 4130 spin_unlock(&fp->fi_lock); 4131 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp); 4132 if (status) 4133 goto out_put_access; 4134 spin_lock(&fp->fi_lock); 4135 if (!fp->fi_fds[oflag]) { 4136 fp->fi_fds[oflag] = filp; 4137 filp = NULL; 4138 } 4139 } 4140 spin_unlock(&fp->fi_lock); 4141 if (filp) 4142 fput(filp); 4143 4144 status = nfsd4_truncate(rqstp, cur_fh, open); 4145 if (status) 4146 goto out_put_access; 4147 out: 4148 return status; 4149 out_put_access: 4150 stp->st_access_bmap = old_access_bmap; 4151 nfs4_file_put_access(fp, open->op_share_access); 4152 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4153 goto out; 4154 } 4155 4156 static __be32 4157 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4158 { 4159 __be32 status; 4160 unsigned char old_deny_bmap = stp->st_deny_bmap; 4161 4162 if (!test_access(open->op_share_access, stp)) 4163 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4164 4165 /* test and set deny mode */ 4166 spin_lock(&fp->fi_lock); 4167 status = nfs4_file_check_deny(fp, open->op_share_deny); 4168 if (status == nfs_ok) { 4169 set_deny(open->op_share_deny, stp); 4170 fp->fi_share_deny |= 4171 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4172 } 4173 spin_unlock(&fp->fi_lock); 4174 4175 if (status != nfs_ok) 4176 return status; 4177 4178 status = nfsd4_truncate(rqstp, cur_fh, open); 4179 if (status != nfs_ok) 4180 reset_union_bmap_deny(old_deny_bmap, stp); 4181 return status; 4182 } 4183 4184 /* Should we give out recallable state?: */ 4185 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4186 { 4187 if (clp->cl_cb_state == NFSD4_CB_UP) 4188 return true; 4189 /* 4190 * In the sessions case, since we don't have to establish a 4191 * separate connection for callbacks, we assume it's OK 4192 * until we hear otherwise: 4193 */ 4194 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4195 } 4196 4197 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag) 4198 { 4199 struct file_lock *fl; 4200 4201 fl = locks_alloc_lock(); 4202 if (!fl) 4203 return NULL; 4204 fl->fl_lmops = &nfsd_lease_mng_ops; 4205 fl->fl_flags = FL_DELEG; 4206 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4207 fl->fl_end = OFFSET_MAX; 4208 fl->fl_owner = (fl_owner_t)fp; 4209 fl->fl_pid = current->tgid; 4210 return fl; 4211 } 4212 4213 /** 4214 * nfs4_setlease - Obtain a delegation by requesting lease from vfs layer 4215 * @dp: a pointer to the nfs4_delegation we're adding. 4216 * 4217 * Return: 4218 * On success: Return code will be 0 on success. 4219 * 4220 * On error: -EAGAIN if there was an existing delegation. 4221 * nonzero if there is an error in other cases. 4222 * 4223 */ 4224 4225 static int nfs4_setlease(struct nfs4_delegation *dp) 4226 { 4227 struct nfs4_file *fp = dp->dl_stid.sc_file; 4228 struct file_lock *fl; 4229 struct file *filp; 4230 int status = 0; 4231 4232 fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ); 4233 if (!fl) 4234 return -ENOMEM; 4235 filp = find_readable_file(fp); 4236 if (!filp) { 4237 /* We should always have a readable file here */ 4238 WARN_ON_ONCE(1); 4239 locks_free_lock(fl); 4240 return -EBADF; 4241 } 4242 fl->fl_file = filp; 4243 status = vfs_setlease(filp, fl->fl_type, &fl, NULL); 4244 if (fl) 4245 locks_free_lock(fl); 4246 if (status) 4247 goto out_fput; 4248 spin_lock(&state_lock); 4249 spin_lock(&fp->fi_lock); 4250 /* Did the lease get broken before we took the lock? */ 4251 status = -EAGAIN; 4252 if (fp->fi_had_conflict) 4253 goto out_unlock; 4254 /* Race breaker */ 4255 if (fp->fi_deleg_file) { 4256 status = hash_delegation_locked(dp, fp); 4257 goto out_unlock; 4258 } 4259 fp->fi_deleg_file = filp; 4260 fp->fi_delegees = 0; 4261 status = hash_delegation_locked(dp, fp); 4262 spin_unlock(&fp->fi_lock); 4263 spin_unlock(&state_lock); 4264 if (status) { 4265 /* Should never happen, this is a new fi_deleg_file */ 4266 WARN_ON_ONCE(1); 4267 goto out_fput; 4268 } 4269 return 0; 4270 out_unlock: 4271 spin_unlock(&fp->fi_lock); 4272 spin_unlock(&state_lock); 4273 out_fput: 4274 fput(filp); 4275 return status; 4276 } 4277 4278 static struct nfs4_delegation * 4279 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4280 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4281 { 4282 int status; 4283 struct nfs4_delegation *dp; 4284 4285 if (fp->fi_had_conflict) 4286 return ERR_PTR(-EAGAIN); 4287 4288 spin_lock(&state_lock); 4289 spin_lock(&fp->fi_lock); 4290 status = nfs4_get_existing_delegation(clp, fp); 4291 spin_unlock(&fp->fi_lock); 4292 spin_unlock(&state_lock); 4293 4294 if (status) 4295 return ERR_PTR(status); 4296 4297 dp = alloc_init_deleg(clp, fh, odstate); 4298 if (!dp) 4299 return ERR_PTR(-ENOMEM); 4300 4301 get_nfs4_file(fp); 4302 spin_lock(&state_lock); 4303 spin_lock(&fp->fi_lock); 4304 dp->dl_stid.sc_file = fp; 4305 if (!fp->fi_deleg_file) { 4306 spin_unlock(&fp->fi_lock); 4307 spin_unlock(&state_lock); 4308 status = nfs4_setlease(dp); 4309 goto out; 4310 } 4311 if (fp->fi_had_conflict) { 4312 status = -EAGAIN; 4313 goto out_unlock; 4314 } 4315 status = hash_delegation_locked(dp, fp); 4316 out_unlock: 4317 spin_unlock(&fp->fi_lock); 4318 spin_unlock(&state_lock); 4319 out: 4320 if (status) { 4321 put_clnt_odstate(dp->dl_clnt_odstate); 4322 nfs4_put_stid(&dp->dl_stid); 4323 return ERR_PTR(status); 4324 } 4325 return dp; 4326 } 4327 4328 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 4329 { 4330 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4331 if (status == -EAGAIN) 4332 open->op_why_no_deleg = WND4_CONTENTION; 4333 else { 4334 open->op_why_no_deleg = WND4_RESOURCE; 4335 switch (open->op_deleg_want) { 4336 case NFS4_SHARE_WANT_READ_DELEG: 4337 case NFS4_SHARE_WANT_WRITE_DELEG: 4338 case NFS4_SHARE_WANT_ANY_DELEG: 4339 break; 4340 case NFS4_SHARE_WANT_CANCEL: 4341 open->op_why_no_deleg = WND4_CANCELLED; 4342 break; 4343 case NFS4_SHARE_WANT_NO_DELEG: 4344 WARN_ON_ONCE(1); 4345 } 4346 } 4347 } 4348 4349 /* 4350 * Attempt to hand out a delegation. 4351 * 4352 * Note we don't support write delegations, and won't until the vfs has 4353 * proper support for them. 4354 */ 4355 static void 4356 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 4357 struct nfs4_ol_stateid *stp) 4358 { 4359 struct nfs4_delegation *dp; 4360 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 4361 struct nfs4_client *clp = stp->st_stid.sc_client; 4362 int cb_up; 4363 int status = 0; 4364 4365 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 4366 open->op_recall = 0; 4367 switch (open->op_claim_type) { 4368 case NFS4_OPEN_CLAIM_PREVIOUS: 4369 if (!cb_up) 4370 open->op_recall = 1; 4371 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 4372 goto out_no_deleg; 4373 break; 4374 case NFS4_OPEN_CLAIM_NULL: 4375 case NFS4_OPEN_CLAIM_FH: 4376 /* 4377 * Let's not give out any delegations till everyone's 4378 * had the chance to reclaim theirs, *and* until 4379 * NLM locks have all been reclaimed: 4380 */ 4381 if (locks_in_grace(clp->net)) 4382 goto out_no_deleg; 4383 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 4384 goto out_no_deleg; 4385 /* 4386 * Also, if the file was opened for write or 4387 * create, there's a good chance the client's 4388 * about to write to it, resulting in an 4389 * immediate recall (since we don't support 4390 * write delegations): 4391 */ 4392 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 4393 goto out_no_deleg; 4394 if (open->op_create == NFS4_OPEN_CREATE) 4395 goto out_no_deleg; 4396 break; 4397 default: 4398 goto out_no_deleg; 4399 } 4400 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 4401 if (IS_ERR(dp)) 4402 goto out_no_deleg; 4403 4404 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 4405 4406 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 4407 STATEID_VAL(&dp->dl_stid.sc_stateid)); 4408 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 4409 nfs4_put_stid(&dp->dl_stid); 4410 return; 4411 out_no_deleg: 4412 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 4413 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 4414 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 4415 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 4416 open->op_recall = 1; 4417 } 4418 4419 /* 4.1 client asking for a delegation? */ 4420 if (open->op_deleg_want) 4421 nfsd4_open_deleg_none_ext(open, status); 4422 return; 4423 } 4424 4425 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 4426 struct nfs4_delegation *dp) 4427 { 4428 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 4429 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4430 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4431 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 4432 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 4433 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4434 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4435 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 4436 } 4437 /* Otherwise the client must be confused wanting a delegation 4438 * it already has, therefore we don't return 4439 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 4440 */ 4441 } 4442 4443 __be32 4444 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 4445 { 4446 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4447 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 4448 struct nfs4_file *fp = NULL; 4449 struct nfs4_ol_stateid *stp = NULL; 4450 struct nfs4_delegation *dp = NULL; 4451 __be32 status; 4452 4453 /* 4454 * Lookup file; if found, lookup stateid and check open request, 4455 * and check for delegations in the process of being recalled. 4456 * If not found, create the nfs4_file struct 4457 */ 4458 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 4459 if (fp != open->op_file) { 4460 status = nfs4_check_deleg(cl, open, &dp); 4461 if (status) 4462 goto out; 4463 spin_lock(&fp->fi_lock); 4464 stp = nfsd4_find_existing_open(fp, open); 4465 spin_unlock(&fp->fi_lock); 4466 } else { 4467 open->op_file = NULL; 4468 status = nfserr_bad_stateid; 4469 if (nfsd4_is_deleg_cur(open)) 4470 goto out; 4471 } 4472 4473 /* 4474 * OPEN the file, or upgrade an existing OPEN. 4475 * If truncate fails, the OPEN fails. 4476 */ 4477 if (stp) { 4478 /* Stateid was found, this is an OPEN upgrade */ 4479 mutex_lock(&stp->st_mutex); 4480 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 4481 if (status) { 4482 mutex_unlock(&stp->st_mutex); 4483 goto out; 4484 } 4485 } else { 4486 /* stp is returned locked. */ 4487 stp = init_open_stateid(fp, open); 4488 /* See if we lost the race to some other thread */ 4489 if (stp->st_access_bmap != 0) { 4490 status = nfs4_upgrade_open(rqstp, fp, current_fh, 4491 stp, open); 4492 if (status) { 4493 mutex_unlock(&stp->st_mutex); 4494 goto out; 4495 } 4496 goto upgrade_out; 4497 } 4498 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 4499 if (status) { 4500 mutex_unlock(&stp->st_mutex); 4501 release_open_stateid(stp); 4502 goto out; 4503 } 4504 4505 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 4506 open->op_odstate); 4507 if (stp->st_clnt_odstate == open->op_odstate) 4508 open->op_odstate = NULL; 4509 } 4510 upgrade_out: 4511 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 4512 mutex_unlock(&stp->st_mutex); 4513 4514 if (nfsd4_has_session(&resp->cstate)) { 4515 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 4516 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4517 open->op_why_no_deleg = WND4_NOT_WANTED; 4518 goto nodeleg; 4519 } 4520 } 4521 4522 /* 4523 * Attempt to hand out a delegation. No error return, because the 4524 * OPEN succeeds even if we fail. 4525 */ 4526 nfs4_open_delegation(current_fh, open, stp); 4527 nodeleg: 4528 status = nfs_ok; 4529 4530 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 4531 STATEID_VAL(&stp->st_stid.sc_stateid)); 4532 out: 4533 /* 4.1 client trying to upgrade/downgrade delegation? */ 4534 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 4535 open->op_deleg_want) 4536 nfsd4_deleg_xgrade_none_ext(open, dp); 4537 4538 if (fp) 4539 put_nfs4_file(fp); 4540 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 4541 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4542 /* 4543 * To finish the open response, we just need to set the rflags. 4544 */ 4545 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 4546 if (nfsd4_has_session(&resp->cstate)) 4547 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 4548 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 4549 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 4550 4551 if (dp) 4552 nfs4_put_stid(&dp->dl_stid); 4553 if (stp) 4554 nfs4_put_stid(&stp->st_stid); 4555 4556 return status; 4557 } 4558 4559 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 4560 struct nfsd4_open *open) 4561 { 4562 if (open->op_openowner) { 4563 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 4564 4565 nfsd4_cstate_assign_replay(cstate, so); 4566 nfs4_put_stateowner(so); 4567 } 4568 if (open->op_file) 4569 kmem_cache_free(file_slab, open->op_file); 4570 if (open->op_stp) 4571 nfs4_put_stid(&open->op_stp->st_stid); 4572 if (open->op_odstate) 4573 kmem_cache_free(odstate_slab, open->op_odstate); 4574 } 4575 4576 __be32 4577 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4578 union nfsd4_op_u *u) 4579 { 4580 clientid_t *clid = &u->renew; 4581 struct nfs4_client *clp; 4582 __be32 status; 4583 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4584 4585 dprintk("process_renew(%08x/%08x): starting\n", 4586 clid->cl_boot, clid->cl_id); 4587 status = lookup_clientid(clid, cstate, nn); 4588 if (status) 4589 goto out; 4590 clp = cstate->clp; 4591 status = nfserr_cb_path_down; 4592 if (!list_empty(&clp->cl_delegations) 4593 && clp->cl_cb_state != NFSD4_CB_UP) 4594 goto out; 4595 status = nfs_ok; 4596 out: 4597 return status; 4598 } 4599 4600 void 4601 nfsd4_end_grace(struct nfsd_net *nn) 4602 { 4603 /* do nothing if grace period already ended */ 4604 if (nn->grace_ended) 4605 return; 4606 4607 dprintk("NFSD: end of grace period\n"); 4608 nn->grace_ended = true; 4609 /* 4610 * If the server goes down again right now, an NFSv4 4611 * client will still be allowed to reclaim after it comes back up, 4612 * even if it hasn't yet had a chance to reclaim state this time. 4613 * 4614 */ 4615 nfsd4_record_grace_done(nn); 4616 /* 4617 * At this point, NFSv4 clients can still reclaim. But if the 4618 * server crashes, any that have not yet reclaimed will be out 4619 * of luck on the next boot. 4620 * 4621 * (NFSv4.1+ clients are considered to have reclaimed once they 4622 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 4623 * have reclaimed after their first OPEN.) 4624 */ 4625 locks_end_grace(&nn->nfsd4_manager); 4626 /* 4627 * At this point, and once lockd and/or any other containers 4628 * exit their grace period, further reclaims will fail and 4629 * regular locking can resume. 4630 */ 4631 } 4632 4633 static time_t 4634 nfs4_laundromat(struct nfsd_net *nn) 4635 { 4636 struct nfs4_client *clp; 4637 struct nfs4_openowner *oo; 4638 struct nfs4_delegation *dp; 4639 struct nfs4_ol_stateid *stp; 4640 struct nfsd4_blocked_lock *nbl; 4641 struct list_head *pos, *next, reaplist; 4642 time_t cutoff = get_seconds() - nn->nfsd4_lease; 4643 time_t t, new_timeo = nn->nfsd4_lease; 4644 4645 dprintk("NFSD: laundromat service - starting\n"); 4646 nfsd4_end_grace(nn); 4647 INIT_LIST_HEAD(&reaplist); 4648 spin_lock(&nn->client_lock); 4649 list_for_each_safe(pos, next, &nn->client_lru) { 4650 clp = list_entry(pos, struct nfs4_client, cl_lru); 4651 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) { 4652 t = clp->cl_time - cutoff; 4653 new_timeo = min(new_timeo, t); 4654 break; 4655 } 4656 if (mark_client_expired_locked(clp)) { 4657 dprintk("NFSD: client in use (clientid %08x)\n", 4658 clp->cl_clientid.cl_id); 4659 continue; 4660 } 4661 list_add(&clp->cl_lru, &reaplist); 4662 } 4663 spin_unlock(&nn->client_lock); 4664 list_for_each_safe(pos, next, &reaplist) { 4665 clp = list_entry(pos, struct nfs4_client, cl_lru); 4666 dprintk("NFSD: purging unused client (clientid %08x)\n", 4667 clp->cl_clientid.cl_id); 4668 list_del_init(&clp->cl_lru); 4669 expire_client(clp); 4670 } 4671 spin_lock(&state_lock); 4672 list_for_each_safe(pos, next, &nn->del_recall_lru) { 4673 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 4674 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) { 4675 t = dp->dl_time - cutoff; 4676 new_timeo = min(new_timeo, t); 4677 break; 4678 } 4679 WARN_ON(!unhash_delegation_locked(dp)); 4680 list_add(&dp->dl_recall_lru, &reaplist); 4681 } 4682 spin_unlock(&state_lock); 4683 while (!list_empty(&reaplist)) { 4684 dp = list_first_entry(&reaplist, struct nfs4_delegation, 4685 dl_recall_lru); 4686 list_del_init(&dp->dl_recall_lru); 4687 revoke_delegation(dp); 4688 } 4689 4690 spin_lock(&nn->client_lock); 4691 while (!list_empty(&nn->close_lru)) { 4692 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 4693 oo_close_lru); 4694 if (time_after((unsigned long)oo->oo_time, 4695 (unsigned long)cutoff)) { 4696 t = oo->oo_time - cutoff; 4697 new_timeo = min(new_timeo, t); 4698 break; 4699 } 4700 list_del_init(&oo->oo_close_lru); 4701 stp = oo->oo_last_closed_stid; 4702 oo->oo_last_closed_stid = NULL; 4703 spin_unlock(&nn->client_lock); 4704 nfs4_put_stid(&stp->st_stid); 4705 spin_lock(&nn->client_lock); 4706 } 4707 spin_unlock(&nn->client_lock); 4708 4709 /* 4710 * It's possible for a client to try and acquire an already held lock 4711 * that is being held for a long time, and then lose interest in it. 4712 * So, we clean out any un-revisited request after a lease period 4713 * under the assumption that the client is no longer interested. 4714 * 4715 * RFC5661, sec. 9.6 states that the client must not rely on getting 4716 * notifications and must continue to poll for locks, even when the 4717 * server supports them. Thus this shouldn't lead to clients blocking 4718 * indefinitely once the lock does become free. 4719 */ 4720 BUG_ON(!list_empty(&reaplist)); 4721 spin_lock(&nn->blocked_locks_lock); 4722 while (!list_empty(&nn->blocked_locks_lru)) { 4723 nbl = list_first_entry(&nn->blocked_locks_lru, 4724 struct nfsd4_blocked_lock, nbl_lru); 4725 if (time_after((unsigned long)nbl->nbl_time, 4726 (unsigned long)cutoff)) { 4727 t = nbl->nbl_time - cutoff; 4728 new_timeo = min(new_timeo, t); 4729 break; 4730 } 4731 list_move(&nbl->nbl_lru, &reaplist); 4732 list_del_init(&nbl->nbl_list); 4733 } 4734 spin_unlock(&nn->blocked_locks_lock); 4735 4736 while (!list_empty(&reaplist)) { 4737 nbl = list_first_entry(&nn->blocked_locks_lru, 4738 struct nfsd4_blocked_lock, nbl_lru); 4739 list_del_init(&nbl->nbl_lru); 4740 posix_unblock_lock(&nbl->nbl_lock); 4741 free_blocked_lock(nbl); 4742 } 4743 4744 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 4745 return new_timeo; 4746 } 4747 4748 static struct workqueue_struct *laundry_wq; 4749 static void laundromat_main(struct work_struct *); 4750 4751 static void 4752 laundromat_main(struct work_struct *laundry) 4753 { 4754 time_t t; 4755 struct delayed_work *dwork = to_delayed_work(laundry); 4756 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 4757 laundromat_work); 4758 4759 t = nfs4_laundromat(nn); 4760 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t); 4761 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 4762 } 4763 4764 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 4765 { 4766 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 4767 return nfserr_bad_stateid; 4768 return nfs_ok; 4769 } 4770 4771 static inline int 4772 access_permit_read(struct nfs4_ol_stateid *stp) 4773 { 4774 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 4775 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 4776 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 4777 } 4778 4779 static inline int 4780 access_permit_write(struct nfs4_ol_stateid *stp) 4781 { 4782 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 4783 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 4784 } 4785 4786 static 4787 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 4788 { 4789 __be32 status = nfserr_openmode; 4790 4791 /* For lock stateid's, we test the parent open, not the lock: */ 4792 if (stp->st_openstp) 4793 stp = stp->st_openstp; 4794 if ((flags & WR_STATE) && !access_permit_write(stp)) 4795 goto out; 4796 if ((flags & RD_STATE) && !access_permit_read(stp)) 4797 goto out; 4798 status = nfs_ok; 4799 out: 4800 return status; 4801 } 4802 4803 static inline __be32 4804 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 4805 { 4806 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 4807 return nfs_ok; 4808 else if (opens_in_grace(net)) { 4809 /* Answer in remaining cases depends on existence of 4810 * conflicting state; so we must wait out the grace period. */ 4811 return nfserr_grace; 4812 } else if (flags & WR_STATE) 4813 return nfs4_share_conflict(current_fh, 4814 NFS4_SHARE_DENY_WRITE); 4815 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 4816 return nfs4_share_conflict(current_fh, 4817 NFS4_SHARE_DENY_READ); 4818 } 4819 4820 /* 4821 * Allow READ/WRITE during grace period on recovered state only for files 4822 * that are not able to provide mandatory locking. 4823 */ 4824 static inline int 4825 grace_disallows_io(struct net *net, struct inode *inode) 4826 { 4827 return opens_in_grace(net) && mandatory_lock(inode); 4828 } 4829 4830 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 4831 { 4832 /* 4833 * When sessions are used the stateid generation number is ignored 4834 * when it is zero. 4835 */ 4836 if (has_session && in->si_generation == 0) 4837 return nfs_ok; 4838 4839 if (in->si_generation == ref->si_generation) 4840 return nfs_ok; 4841 4842 /* If the client sends us a stateid from the future, it's buggy: */ 4843 if (nfsd4_stateid_generation_after(in, ref)) 4844 return nfserr_bad_stateid; 4845 /* 4846 * However, we could see a stateid from the past, even from a 4847 * non-buggy client. For example, if the client sends a lock 4848 * while some IO is outstanding, the lock may bump si_generation 4849 * while the IO is still in flight. The client could avoid that 4850 * situation by waiting for responses on all the IO requests, 4851 * but better performance may result in retrying IO that 4852 * receives an old_stateid error if requests are rarely 4853 * reordered in flight: 4854 */ 4855 return nfserr_old_stateid; 4856 } 4857 4858 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 4859 { 4860 if (ols->st_stateowner->so_is_open_owner && 4861 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 4862 return nfserr_bad_stateid; 4863 return nfs_ok; 4864 } 4865 4866 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 4867 { 4868 struct nfs4_stid *s; 4869 __be32 status = nfserr_bad_stateid; 4870 4871 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 4872 return status; 4873 /* Client debugging aid. */ 4874 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 4875 char addr_str[INET6_ADDRSTRLEN]; 4876 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str, 4877 sizeof(addr_str)); 4878 pr_warn_ratelimited("NFSD: client %s testing state ID " 4879 "with incorrect client ID\n", addr_str); 4880 return status; 4881 } 4882 spin_lock(&cl->cl_lock); 4883 s = find_stateid_locked(cl, stateid); 4884 if (!s) 4885 goto out_unlock; 4886 status = check_stateid_generation(stateid, &s->sc_stateid, 1); 4887 if (status) 4888 goto out_unlock; 4889 switch (s->sc_type) { 4890 case NFS4_DELEG_STID: 4891 status = nfs_ok; 4892 break; 4893 case NFS4_REVOKED_DELEG_STID: 4894 status = nfserr_deleg_revoked; 4895 break; 4896 case NFS4_OPEN_STID: 4897 case NFS4_LOCK_STID: 4898 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 4899 break; 4900 default: 4901 printk("unknown stateid type %x\n", s->sc_type); 4902 /* Fallthrough */ 4903 case NFS4_CLOSED_STID: 4904 case NFS4_CLOSED_DELEG_STID: 4905 status = nfserr_bad_stateid; 4906 } 4907 out_unlock: 4908 spin_unlock(&cl->cl_lock); 4909 return status; 4910 } 4911 4912 __be32 4913 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 4914 stateid_t *stateid, unsigned char typemask, 4915 struct nfs4_stid **s, struct nfsd_net *nn) 4916 { 4917 __be32 status; 4918 bool return_revoked = false; 4919 4920 /* 4921 * only return revoked delegations if explicitly asked. 4922 * otherwise we report revoked or bad_stateid status. 4923 */ 4924 if (typemask & NFS4_REVOKED_DELEG_STID) 4925 return_revoked = true; 4926 else if (typemask & NFS4_DELEG_STID) 4927 typemask |= NFS4_REVOKED_DELEG_STID; 4928 4929 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 4930 return nfserr_bad_stateid; 4931 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); 4932 if (status == nfserr_stale_clientid) { 4933 if (cstate->session) 4934 return nfserr_bad_stateid; 4935 return nfserr_stale_stateid; 4936 } 4937 if (status) 4938 return status; 4939 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 4940 if (!*s) 4941 return nfserr_bad_stateid; 4942 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 4943 nfs4_put_stid(*s); 4944 if (cstate->minorversion) 4945 return nfserr_deleg_revoked; 4946 return nfserr_bad_stateid; 4947 } 4948 return nfs_ok; 4949 } 4950 4951 static struct file * 4952 nfs4_find_file(struct nfs4_stid *s, int flags) 4953 { 4954 if (!s) 4955 return NULL; 4956 4957 switch (s->sc_type) { 4958 case NFS4_DELEG_STID: 4959 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 4960 return NULL; 4961 return get_file(s->sc_file->fi_deleg_file); 4962 case NFS4_OPEN_STID: 4963 case NFS4_LOCK_STID: 4964 if (flags & RD_STATE) 4965 return find_readable_file(s->sc_file); 4966 else 4967 return find_writeable_file(s->sc_file); 4968 break; 4969 } 4970 4971 return NULL; 4972 } 4973 4974 static __be32 4975 nfs4_check_olstateid(struct svc_fh *fhp, struct nfs4_ol_stateid *ols, int flags) 4976 { 4977 __be32 status; 4978 4979 status = nfsd4_check_openowner_confirmed(ols); 4980 if (status) 4981 return status; 4982 return nfs4_check_openmode(ols, flags); 4983 } 4984 4985 static __be32 4986 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 4987 struct file **filpp, bool *tmp_file, int flags) 4988 { 4989 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 4990 struct file *file; 4991 __be32 status; 4992 4993 file = nfs4_find_file(s, flags); 4994 if (file) { 4995 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 4996 acc | NFSD_MAY_OWNER_OVERRIDE); 4997 if (status) { 4998 fput(file); 4999 return status; 5000 } 5001 5002 *filpp = file; 5003 } else { 5004 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp); 5005 if (status) 5006 return status; 5007 5008 if (tmp_file) 5009 *tmp_file = true; 5010 } 5011 5012 return 0; 5013 } 5014 5015 /* 5016 * Checks for stateid operations 5017 */ 5018 __be32 5019 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5020 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5021 stateid_t *stateid, int flags, struct file **filpp, bool *tmp_file) 5022 { 5023 struct inode *ino = d_inode(fhp->fh_dentry); 5024 struct net *net = SVC_NET(rqstp); 5025 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5026 struct nfs4_stid *s = NULL; 5027 __be32 status; 5028 5029 if (filpp) 5030 *filpp = NULL; 5031 if (tmp_file) 5032 *tmp_file = false; 5033 5034 if (grace_disallows_io(net, ino)) 5035 return nfserr_grace; 5036 5037 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5038 status = check_special_stateids(net, fhp, stateid, flags); 5039 goto done; 5040 } 5041 5042 status = nfsd4_lookup_stateid(cstate, stateid, 5043 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5044 &s, nn); 5045 if (status) 5046 return status; 5047 status = check_stateid_generation(stateid, &s->sc_stateid, 5048 nfsd4_has_session(cstate)); 5049 if (status) 5050 goto out; 5051 5052 switch (s->sc_type) { 5053 case NFS4_DELEG_STID: 5054 status = nfs4_check_delegmode(delegstateid(s), flags); 5055 break; 5056 case NFS4_OPEN_STID: 5057 case NFS4_LOCK_STID: 5058 status = nfs4_check_olstateid(fhp, openlockstateid(s), flags); 5059 break; 5060 default: 5061 status = nfserr_bad_stateid; 5062 break; 5063 } 5064 if (status) 5065 goto out; 5066 status = nfs4_check_fh(fhp, s); 5067 5068 done: 5069 if (!status && filpp) 5070 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags); 5071 out: 5072 if (s) 5073 nfs4_put_stid(s); 5074 return status; 5075 } 5076 5077 /* 5078 * Test if the stateid is valid 5079 */ 5080 __be32 5081 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5082 union nfsd4_op_u *u) 5083 { 5084 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5085 struct nfsd4_test_stateid_id *stateid; 5086 struct nfs4_client *cl = cstate->session->se_client; 5087 5088 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5089 stateid->ts_id_status = 5090 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5091 5092 return nfs_ok; 5093 } 5094 5095 static __be32 5096 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5097 { 5098 struct nfs4_ol_stateid *stp = openlockstateid(s); 5099 __be32 ret; 5100 5101 mutex_lock(&stp->st_mutex); 5102 5103 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5104 if (ret) 5105 goto out; 5106 5107 ret = nfserr_locks_held; 5108 if (check_for_locks(stp->st_stid.sc_file, 5109 lockowner(stp->st_stateowner))) 5110 goto out; 5111 5112 release_lock_stateid(stp); 5113 ret = nfs_ok; 5114 5115 out: 5116 mutex_unlock(&stp->st_mutex); 5117 nfs4_put_stid(s); 5118 return ret; 5119 } 5120 5121 __be32 5122 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5123 union nfsd4_op_u *u) 5124 { 5125 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5126 stateid_t *stateid = &free_stateid->fr_stateid; 5127 struct nfs4_stid *s; 5128 struct nfs4_delegation *dp; 5129 struct nfs4_client *cl = cstate->session->se_client; 5130 __be32 ret = nfserr_bad_stateid; 5131 5132 spin_lock(&cl->cl_lock); 5133 s = find_stateid_locked(cl, stateid); 5134 if (!s) 5135 goto out_unlock; 5136 switch (s->sc_type) { 5137 case NFS4_DELEG_STID: 5138 ret = nfserr_locks_held; 5139 break; 5140 case NFS4_OPEN_STID: 5141 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5142 if (ret) 5143 break; 5144 ret = nfserr_locks_held; 5145 break; 5146 case NFS4_LOCK_STID: 5147 refcount_inc(&s->sc_count); 5148 spin_unlock(&cl->cl_lock); 5149 ret = nfsd4_free_lock_stateid(stateid, s); 5150 goto out; 5151 case NFS4_REVOKED_DELEG_STID: 5152 dp = delegstateid(s); 5153 list_del_init(&dp->dl_recall_lru); 5154 spin_unlock(&cl->cl_lock); 5155 nfs4_put_stid(s); 5156 ret = nfs_ok; 5157 goto out; 5158 /* Default falls through and returns nfserr_bad_stateid */ 5159 } 5160 out_unlock: 5161 spin_unlock(&cl->cl_lock); 5162 out: 5163 return ret; 5164 } 5165 5166 static inline int 5167 setlkflg (int type) 5168 { 5169 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5170 RD_STATE : WR_STATE; 5171 } 5172 5173 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5174 { 5175 struct svc_fh *current_fh = &cstate->current_fh; 5176 struct nfs4_stateowner *sop = stp->st_stateowner; 5177 __be32 status; 5178 5179 status = nfsd4_check_seqid(cstate, sop, seqid); 5180 if (status) 5181 return status; 5182 if (stp->st_stid.sc_type == NFS4_CLOSED_STID 5183 || stp->st_stid.sc_type == NFS4_REVOKED_DELEG_STID) 5184 /* 5185 * "Closed" stateid's exist *only* to return 5186 * nfserr_replay_me from the previous step, and 5187 * revoked delegations are kept only for free_stateid. 5188 */ 5189 return nfserr_bad_stateid; 5190 mutex_lock(&stp->st_mutex); 5191 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5192 if (status == nfs_ok) 5193 status = nfs4_check_fh(current_fh, &stp->st_stid); 5194 if (status != nfs_ok) 5195 mutex_unlock(&stp->st_mutex); 5196 return status; 5197 } 5198 5199 /* 5200 * Checks for sequence id mutating operations. 5201 */ 5202 static __be32 5203 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5204 stateid_t *stateid, char typemask, 5205 struct nfs4_ol_stateid **stpp, 5206 struct nfsd_net *nn) 5207 { 5208 __be32 status; 5209 struct nfs4_stid *s; 5210 struct nfs4_ol_stateid *stp = NULL; 5211 5212 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 5213 seqid, STATEID_VAL(stateid)); 5214 5215 *stpp = NULL; 5216 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 5217 if (status) 5218 return status; 5219 stp = openlockstateid(s); 5220 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 5221 5222 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 5223 if (!status) 5224 *stpp = stp; 5225 else 5226 nfs4_put_stid(&stp->st_stid); 5227 return status; 5228 } 5229 5230 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5231 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 5232 { 5233 __be32 status; 5234 struct nfs4_openowner *oo; 5235 struct nfs4_ol_stateid *stp; 5236 5237 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 5238 NFS4_OPEN_STID, &stp, nn); 5239 if (status) 5240 return status; 5241 oo = openowner(stp->st_stateowner); 5242 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5243 mutex_unlock(&stp->st_mutex); 5244 nfs4_put_stid(&stp->st_stid); 5245 return nfserr_bad_stateid; 5246 } 5247 *stpp = stp; 5248 return nfs_ok; 5249 } 5250 5251 __be32 5252 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5253 union nfsd4_op_u *u) 5254 { 5255 struct nfsd4_open_confirm *oc = &u->open_confirm; 5256 __be32 status; 5257 struct nfs4_openowner *oo; 5258 struct nfs4_ol_stateid *stp; 5259 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5260 5261 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 5262 cstate->current_fh.fh_dentry); 5263 5264 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 5265 if (status) 5266 return status; 5267 5268 status = nfs4_preprocess_seqid_op(cstate, 5269 oc->oc_seqid, &oc->oc_req_stateid, 5270 NFS4_OPEN_STID, &stp, nn); 5271 if (status) 5272 goto out; 5273 oo = openowner(stp->st_stateowner); 5274 status = nfserr_bad_stateid; 5275 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 5276 mutex_unlock(&stp->st_mutex); 5277 goto put_stateid; 5278 } 5279 oo->oo_flags |= NFS4_OO_CONFIRMED; 5280 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 5281 mutex_unlock(&stp->st_mutex); 5282 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 5283 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 5284 5285 nfsd4_client_record_create(oo->oo_owner.so_client); 5286 status = nfs_ok; 5287 put_stateid: 5288 nfs4_put_stid(&stp->st_stid); 5289 out: 5290 nfsd4_bump_seqid(cstate, status); 5291 return status; 5292 } 5293 5294 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 5295 { 5296 if (!test_access(access, stp)) 5297 return; 5298 nfs4_file_put_access(stp->st_stid.sc_file, access); 5299 clear_access(access, stp); 5300 } 5301 5302 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 5303 { 5304 switch (to_access) { 5305 case NFS4_SHARE_ACCESS_READ: 5306 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 5307 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5308 break; 5309 case NFS4_SHARE_ACCESS_WRITE: 5310 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 5311 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5312 break; 5313 case NFS4_SHARE_ACCESS_BOTH: 5314 break; 5315 default: 5316 WARN_ON_ONCE(1); 5317 } 5318 } 5319 5320 __be32 5321 nfsd4_open_downgrade(struct svc_rqst *rqstp, 5322 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 5323 { 5324 struct nfsd4_open_downgrade *od = &u->open_downgrade; 5325 __be32 status; 5326 struct nfs4_ol_stateid *stp; 5327 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5328 5329 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 5330 cstate->current_fh.fh_dentry); 5331 5332 /* We don't yet support WANT bits: */ 5333 if (od->od_deleg_want) 5334 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 5335 od->od_deleg_want); 5336 5337 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 5338 &od->od_stateid, &stp, nn); 5339 if (status) 5340 goto out; 5341 status = nfserr_inval; 5342 if (!test_access(od->od_share_access, stp)) { 5343 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 5344 stp->st_access_bmap, od->od_share_access); 5345 goto put_stateid; 5346 } 5347 if (!test_deny(od->od_share_deny, stp)) { 5348 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 5349 stp->st_deny_bmap, od->od_share_deny); 5350 goto put_stateid; 5351 } 5352 nfs4_stateid_downgrade(stp, od->od_share_access); 5353 reset_union_bmap_deny(od->od_share_deny, stp); 5354 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 5355 status = nfs_ok; 5356 put_stateid: 5357 mutex_unlock(&stp->st_mutex); 5358 nfs4_put_stid(&stp->st_stid); 5359 out: 5360 nfsd4_bump_seqid(cstate, status); 5361 return status; 5362 } 5363 5364 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 5365 { 5366 struct nfs4_client *clp = s->st_stid.sc_client; 5367 bool unhashed; 5368 LIST_HEAD(reaplist); 5369 5370 s->st_stid.sc_type = NFS4_CLOSED_STID; 5371 spin_lock(&clp->cl_lock); 5372 unhashed = unhash_open_stateid(s, &reaplist); 5373 5374 if (clp->cl_minorversion) { 5375 if (unhashed) 5376 put_ol_stateid_locked(s, &reaplist); 5377 spin_unlock(&clp->cl_lock); 5378 free_ol_stateid_reaplist(&reaplist); 5379 } else { 5380 spin_unlock(&clp->cl_lock); 5381 free_ol_stateid_reaplist(&reaplist); 5382 if (unhashed) 5383 move_to_close_lru(s, clp->net); 5384 } 5385 } 5386 5387 /* 5388 * nfs4_unlock_state() called after encode 5389 */ 5390 __be32 5391 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5392 union nfsd4_op_u *u) 5393 { 5394 struct nfsd4_close *close = &u->close; 5395 __be32 status; 5396 struct nfs4_ol_stateid *stp; 5397 struct net *net = SVC_NET(rqstp); 5398 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5399 5400 dprintk("NFSD: nfsd4_close on file %pd\n", 5401 cstate->current_fh.fh_dentry); 5402 5403 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 5404 &close->cl_stateid, 5405 NFS4_OPEN_STID|NFS4_CLOSED_STID, 5406 &stp, nn); 5407 nfsd4_bump_seqid(cstate, status); 5408 if (status) 5409 goto out; 5410 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 5411 mutex_unlock(&stp->st_mutex); 5412 5413 nfsd4_close_open_stateid(stp); 5414 5415 /* put reference from nfs4_preprocess_seqid_op */ 5416 nfs4_put_stid(&stp->st_stid); 5417 out: 5418 return status; 5419 } 5420 5421 __be32 5422 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5423 union nfsd4_op_u *u) 5424 { 5425 struct nfsd4_delegreturn *dr = &u->delegreturn; 5426 struct nfs4_delegation *dp; 5427 stateid_t *stateid = &dr->dr_stateid; 5428 struct nfs4_stid *s; 5429 __be32 status; 5430 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5431 5432 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 5433 return status; 5434 5435 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 5436 if (status) 5437 goto out; 5438 dp = delegstateid(s); 5439 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate)); 5440 if (status) 5441 goto put_stateid; 5442 5443 destroy_delegation(dp); 5444 put_stateid: 5445 nfs4_put_stid(&dp->dl_stid); 5446 out: 5447 return status; 5448 } 5449 5450 static inline u64 5451 end_offset(u64 start, u64 len) 5452 { 5453 u64 end; 5454 5455 end = start + len; 5456 return end >= start ? end: NFS4_MAX_UINT64; 5457 } 5458 5459 /* last octet in a range */ 5460 static inline u64 5461 last_byte_offset(u64 start, u64 len) 5462 { 5463 u64 end; 5464 5465 WARN_ON_ONCE(!len); 5466 end = start + len; 5467 return end > start ? end - 1: NFS4_MAX_UINT64; 5468 } 5469 5470 /* 5471 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 5472 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 5473 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 5474 * locking, this prevents us from being completely protocol-compliant. The 5475 * real solution to this problem is to start using unsigned file offsets in 5476 * the VFS, but this is a very deep change! 5477 */ 5478 static inline void 5479 nfs4_transform_lock_offset(struct file_lock *lock) 5480 { 5481 if (lock->fl_start < 0) 5482 lock->fl_start = OFFSET_MAX; 5483 if (lock->fl_end < 0) 5484 lock->fl_end = OFFSET_MAX; 5485 } 5486 5487 static fl_owner_t 5488 nfsd4_fl_get_owner(fl_owner_t owner) 5489 { 5490 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5491 5492 nfs4_get_stateowner(&lo->lo_owner); 5493 return owner; 5494 } 5495 5496 static void 5497 nfsd4_fl_put_owner(fl_owner_t owner) 5498 { 5499 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5500 5501 if (lo) 5502 nfs4_put_stateowner(&lo->lo_owner); 5503 } 5504 5505 static void 5506 nfsd4_lm_notify(struct file_lock *fl) 5507 { 5508 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 5509 struct net *net = lo->lo_owner.so_client->net; 5510 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5511 struct nfsd4_blocked_lock *nbl = container_of(fl, 5512 struct nfsd4_blocked_lock, nbl_lock); 5513 bool queue = false; 5514 5515 /* An empty list means that something else is going to be using it */ 5516 spin_lock(&nn->blocked_locks_lock); 5517 if (!list_empty(&nbl->nbl_list)) { 5518 list_del_init(&nbl->nbl_list); 5519 list_del_init(&nbl->nbl_lru); 5520 queue = true; 5521 } 5522 spin_unlock(&nn->blocked_locks_lock); 5523 5524 if (queue) 5525 nfsd4_run_cb(&nbl->nbl_cb); 5526 } 5527 5528 static const struct lock_manager_operations nfsd_posix_mng_ops = { 5529 .lm_notify = nfsd4_lm_notify, 5530 .lm_get_owner = nfsd4_fl_get_owner, 5531 .lm_put_owner = nfsd4_fl_put_owner, 5532 }; 5533 5534 static inline void 5535 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 5536 { 5537 struct nfs4_lockowner *lo; 5538 5539 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 5540 lo = (struct nfs4_lockowner *) fl->fl_owner; 5541 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data, 5542 lo->lo_owner.so_owner.len, GFP_KERNEL); 5543 if (!deny->ld_owner.data) 5544 /* We just don't care that much */ 5545 goto nevermind; 5546 deny->ld_owner.len = lo->lo_owner.so_owner.len; 5547 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 5548 } else { 5549 nevermind: 5550 deny->ld_owner.len = 0; 5551 deny->ld_owner.data = NULL; 5552 deny->ld_clientid.cl_boot = 0; 5553 deny->ld_clientid.cl_id = 0; 5554 } 5555 deny->ld_start = fl->fl_start; 5556 deny->ld_length = NFS4_MAX_UINT64; 5557 if (fl->fl_end != NFS4_MAX_UINT64) 5558 deny->ld_length = fl->fl_end - fl->fl_start + 1; 5559 deny->ld_type = NFS4_READ_LT; 5560 if (fl->fl_type != F_RDLCK) 5561 deny->ld_type = NFS4_WRITE_LT; 5562 } 5563 5564 static struct nfs4_lockowner * 5565 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 5566 { 5567 unsigned int strhashval = ownerstr_hashval(owner); 5568 struct nfs4_stateowner *so; 5569 5570 lockdep_assert_held(&clp->cl_lock); 5571 5572 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 5573 so_strhash) { 5574 if (so->so_is_open_owner) 5575 continue; 5576 if (same_owner_str(so, owner)) 5577 return lockowner(nfs4_get_stateowner(so)); 5578 } 5579 return NULL; 5580 } 5581 5582 static struct nfs4_lockowner * 5583 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 5584 { 5585 struct nfs4_lockowner *lo; 5586 5587 spin_lock(&clp->cl_lock); 5588 lo = find_lockowner_str_locked(clp, owner); 5589 spin_unlock(&clp->cl_lock); 5590 return lo; 5591 } 5592 5593 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 5594 { 5595 unhash_lockowner_locked(lockowner(sop)); 5596 } 5597 5598 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 5599 { 5600 struct nfs4_lockowner *lo = lockowner(sop); 5601 5602 kmem_cache_free(lockowner_slab, lo); 5603 } 5604 5605 static const struct nfs4_stateowner_operations lockowner_ops = { 5606 .so_unhash = nfs4_unhash_lockowner, 5607 .so_free = nfs4_free_lockowner, 5608 }; 5609 5610 /* 5611 * Alloc a lock owner structure. 5612 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 5613 * occurred. 5614 * 5615 * strhashval = ownerstr_hashval 5616 */ 5617 static struct nfs4_lockowner * 5618 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 5619 struct nfs4_ol_stateid *open_stp, 5620 struct nfsd4_lock *lock) 5621 { 5622 struct nfs4_lockowner *lo, *ret; 5623 5624 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 5625 if (!lo) 5626 return NULL; 5627 INIT_LIST_HEAD(&lo->lo_blocked); 5628 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 5629 lo->lo_owner.so_is_open_owner = 0; 5630 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 5631 lo->lo_owner.so_ops = &lockowner_ops; 5632 spin_lock(&clp->cl_lock); 5633 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 5634 if (ret == NULL) { 5635 list_add(&lo->lo_owner.so_strhash, 5636 &clp->cl_ownerstr_hashtbl[strhashval]); 5637 ret = lo; 5638 } else 5639 nfs4_free_stateowner(&lo->lo_owner); 5640 5641 spin_unlock(&clp->cl_lock); 5642 return ret; 5643 } 5644 5645 static void 5646 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 5647 struct nfs4_file *fp, struct inode *inode, 5648 struct nfs4_ol_stateid *open_stp) 5649 { 5650 struct nfs4_client *clp = lo->lo_owner.so_client; 5651 5652 lockdep_assert_held(&clp->cl_lock); 5653 5654 refcount_inc(&stp->st_stid.sc_count); 5655 stp->st_stid.sc_type = NFS4_LOCK_STID; 5656 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 5657 get_nfs4_file(fp); 5658 stp->st_stid.sc_file = fp; 5659 stp->st_access_bmap = 0; 5660 stp->st_deny_bmap = open_stp->st_deny_bmap; 5661 stp->st_openstp = open_stp; 5662 mutex_init(&stp->st_mutex); 5663 list_add(&stp->st_locks, &open_stp->st_locks); 5664 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 5665 spin_lock(&fp->fi_lock); 5666 list_add(&stp->st_perfile, &fp->fi_stateids); 5667 spin_unlock(&fp->fi_lock); 5668 } 5669 5670 static struct nfs4_ol_stateid * 5671 find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) 5672 { 5673 struct nfs4_ol_stateid *lst; 5674 struct nfs4_client *clp = lo->lo_owner.so_client; 5675 5676 lockdep_assert_held(&clp->cl_lock); 5677 5678 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { 5679 if (lst->st_stid.sc_file == fp) { 5680 refcount_inc(&lst->st_stid.sc_count); 5681 return lst; 5682 } 5683 } 5684 return NULL; 5685 } 5686 5687 static struct nfs4_ol_stateid * 5688 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 5689 struct inode *inode, struct nfs4_ol_stateid *ost, 5690 bool *new) 5691 { 5692 struct nfs4_stid *ns = NULL; 5693 struct nfs4_ol_stateid *lst; 5694 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5695 struct nfs4_client *clp = oo->oo_owner.so_client; 5696 5697 spin_lock(&clp->cl_lock); 5698 lst = find_lock_stateid(lo, fi); 5699 if (lst == NULL) { 5700 spin_unlock(&clp->cl_lock); 5701 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 5702 if (ns == NULL) 5703 return NULL; 5704 5705 spin_lock(&clp->cl_lock); 5706 lst = find_lock_stateid(lo, fi); 5707 if (likely(!lst)) { 5708 lst = openlockstateid(ns); 5709 init_lock_stateid(lst, lo, fi, inode, ost); 5710 ns = NULL; 5711 *new = true; 5712 } 5713 } 5714 spin_unlock(&clp->cl_lock); 5715 if (ns) 5716 nfs4_put_stid(ns); 5717 return lst; 5718 } 5719 5720 static int 5721 check_lock_length(u64 offset, u64 length) 5722 { 5723 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 5724 (length > ~offset))); 5725 } 5726 5727 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 5728 { 5729 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 5730 5731 lockdep_assert_held(&fp->fi_lock); 5732 5733 if (test_access(access, lock_stp)) 5734 return; 5735 __nfs4_file_get_access(fp, access); 5736 set_access(access, lock_stp); 5737 } 5738 5739 static __be32 5740 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 5741 struct nfs4_ol_stateid *ost, 5742 struct nfsd4_lock *lock, 5743 struct nfs4_ol_stateid **plst, bool *new) 5744 { 5745 __be32 status; 5746 struct nfs4_file *fi = ost->st_stid.sc_file; 5747 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5748 struct nfs4_client *cl = oo->oo_owner.so_client; 5749 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 5750 struct nfs4_lockowner *lo; 5751 struct nfs4_ol_stateid *lst; 5752 unsigned int strhashval; 5753 bool hashed; 5754 5755 lo = find_lockowner_str(cl, &lock->lk_new_owner); 5756 if (!lo) { 5757 strhashval = ownerstr_hashval(&lock->lk_new_owner); 5758 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 5759 if (lo == NULL) 5760 return nfserr_jukebox; 5761 } else { 5762 /* with an existing lockowner, seqids must be the same */ 5763 status = nfserr_bad_seqid; 5764 if (!cstate->minorversion && 5765 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 5766 goto out; 5767 } 5768 5769 retry: 5770 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 5771 if (lst == NULL) { 5772 status = nfserr_jukebox; 5773 goto out; 5774 } 5775 5776 mutex_lock(&lst->st_mutex); 5777 5778 /* See if it's still hashed to avoid race with FREE_STATEID */ 5779 spin_lock(&cl->cl_lock); 5780 hashed = !list_empty(&lst->st_perfile); 5781 spin_unlock(&cl->cl_lock); 5782 5783 if (!hashed) { 5784 mutex_unlock(&lst->st_mutex); 5785 nfs4_put_stid(&lst->st_stid); 5786 goto retry; 5787 } 5788 status = nfs_ok; 5789 *plst = lst; 5790 out: 5791 nfs4_put_stateowner(&lo->lo_owner); 5792 return status; 5793 } 5794 5795 /* 5796 * LOCK operation 5797 */ 5798 __be32 5799 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5800 union nfsd4_op_u *u) 5801 { 5802 struct nfsd4_lock *lock = &u->lock; 5803 struct nfs4_openowner *open_sop = NULL; 5804 struct nfs4_lockowner *lock_sop = NULL; 5805 struct nfs4_ol_stateid *lock_stp = NULL; 5806 struct nfs4_ol_stateid *open_stp = NULL; 5807 struct nfs4_file *fp; 5808 struct file *filp = NULL; 5809 struct nfsd4_blocked_lock *nbl = NULL; 5810 struct file_lock *file_lock = NULL; 5811 struct file_lock *conflock = NULL; 5812 __be32 status = 0; 5813 int lkflg; 5814 int err; 5815 bool new = false; 5816 unsigned char fl_type; 5817 unsigned int fl_flags = FL_POSIX; 5818 struct net *net = SVC_NET(rqstp); 5819 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5820 5821 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 5822 (long long) lock->lk_offset, 5823 (long long) lock->lk_length); 5824 5825 if (check_lock_length(lock->lk_offset, lock->lk_length)) 5826 return nfserr_inval; 5827 5828 if ((status = fh_verify(rqstp, &cstate->current_fh, 5829 S_IFREG, NFSD_MAY_LOCK))) { 5830 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 5831 return status; 5832 } 5833 5834 if (lock->lk_is_new) { 5835 if (nfsd4_has_session(cstate)) 5836 /* See rfc 5661 18.10.3: given clientid is ignored: */ 5837 memcpy(&lock->lk_new_clientid, 5838 &cstate->session->se_client->cl_clientid, 5839 sizeof(clientid_t)); 5840 5841 status = nfserr_stale_clientid; 5842 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 5843 goto out; 5844 5845 /* validate and update open stateid and open seqid */ 5846 status = nfs4_preprocess_confirmed_seqid_op(cstate, 5847 lock->lk_new_open_seqid, 5848 &lock->lk_new_open_stateid, 5849 &open_stp, nn); 5850 if (status) 5851 goto out; 5852 mutex_unlock(&open_stp->st_mutex); 5853 open_sop = openowner(open_stp->st_stateowner); 5854 status = nfserr_bad_stateid; 5855 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 5856 &lock->lk_new_clientid)) 5857 goto out; 5858 status = lookup_or_create_lock_state(cstate, open_stp, lock, 5859 &lock_stp, &new); 5860 } else { 5861 status = nfs4_preprocess_seqid_op(cstate, 5862 lock->lk_old_lock_seqid, 5863 &lock->lk_old_lock_stateid, 5864 NFS4_LOCK_STID, &lock_stp, nn); 5865 } 5866 if (status) 5867 goto out; 5868 lock_sop = lockowner(lock_stp->st_stateowner); 5869 5870 lkflg = setlkflg(lock->lk_type); 5871 status = nfs4_check_openmode(lock_stp, lkflg); 5872 if (status) 5873 goto out; 5874 5875 status = nfserr_grace; 5876 if (locks_in_grace(net) && !lock->lk_reclaim) 5877 goto out; 5878 status = nfserr_no_grace; 5879 if (!locks_in_grace(net) && lock->lk_reclaim) 5880 goto out; 5881 5882 fp = lock_stp->st_stid.sc_file; 5883 switch (lock->lk_type) { 5884 case NFS4_READW_LT: 5885 if (nfsd4_has_session(cstate)) 5886 fl_flags |= FL_SLEEP; 5887 /* Fallthrough */ 5888 case NFS4_READ_LT: 5889 spin_lock(&fp->fi_lock); 5890 filp = find_readable_file_locked(fp); 5891 if (filp) 5892 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 5893 spin_unlock(&fp->fi_lock); 5894 fl_type = F_RDLCK; 5895 break; 5896 case NFS4_WRITEW_LT: 5897 if (nfsd4_has_session(cstate)) 5898 fl_flags |= FL_SLEEP; 5899 /* Fallthrough */ 5900 case NFS4_WRITE_LT: 5901 spin_lock(&fp->fi_lock); 5902 filp = find_writeable_file_locked(fp); 5903 if (filp) 5904 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 5905 spin_unlock(&fp->fi_lock); 5906 fl_type = F_WRLCK; 5907 break; 5908 default: 5909 status = nfserr_inval; 5910 goto out; 5911 } 5912 5913 if (!filp) { 5914 status = nfserr_openmode; 5915 goto out; 5916 } 5917 5918 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 5919 if (!nbl) { 5920 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 5921 status = nfserr_jukebox; 5922 goto out; 5923 } 5924 5925 file_lock = &nbl->nbl_lock; 5926 file_lock->fl_type = fl_type; 5927 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 5928 file_lock->fl_pid = current->tgid; 5929 file_lock->fl_file = filp; 5930 file_lock->fl_flags = fl_flags; 5931 file_lock->fl_lmops = &nfsd_posix_mng_ops; 5932 file_lock->fl_start = lock->lk_offset; 5933 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 5934 nfs4_transform_lock_offset(file_lock); 5935 5936 conflock = locks_alloc_lock(); 5937 if (!conflock) { 5938 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 5939 status = nfserr_jukebox; 5940 goto out; 5941 } 5942 5943 if (fl_flags & FL_SLEEP) { 5944 nbl->nbl_time = jiffies; 5945 spin_lock(&nn->blocked_locks_lock); 5946 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 5947 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 5948 spin_unlock(&nn->blocked_locks_lock); 5949 } 5950 5951 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock); 5952 switch (err) { 5953 case 0: /* success! */ 5954 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 5955 status = 0; 5956 break; 5957 case FILE_LOCK_DEFERRED: 5958 nbl = NULL; 5959 /* Fallthrough */ 5960 case -EAGAIN: /* conflock holds conflicting lock */ 5961 status = nfserr_denied; 5962 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 5963 nfs4_set_lock_denied(conflock, &lock->lk_denied); 5964 break; 5965 case -EDEADLK: 5966 status = nfserr_deadlock; 5967 break; 5968 default: 5969 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 5970 status = nfserrno(err); 5971 break; 5972 } 5973 out: 5974 if (nbl) { 5975 /* dequeue it if we queued it before */ 5976 if (fl_flags & FL_SLEEP) { 5977 spin_lock(&nn->blocked_locks_lock); 5978 list_del_init(&nbl->nbl_list); 5979 list_del_init(&nbl->nbl_lru); 5980 spin_unlock(&nn->blocked_locks_lock); 5981 } 5982 free_blocked_lock(nbl); 5983 } 5984 if (filp) 5985 fput(filp); 5986 if (lock_stp) { 5987 /* Bump seqid manually if the 4.0 replay owner is openowner */ 5988 if (cstate->replay_owner && 5989 cstate->replay_owner != &lock_sop->lo_owner && 5990 seqid_mutating_err(ntohl(status))) 5991 lock_sop->lo_owner.so_seqid++; 5992 5993 mutex_unlock(&lock_stp->st_mutex); 5994 5995 /* 5996 * If this is a new, never-before-used stateid, and we are 5997 * returning an error, then just go ahead and release it. 5998 */ 5999 if (status && new) 6000 release_lock_stateid(lock_stp); 6001 6002 nfs4_put_stid(&lock_stp->st_stid); 6003 } 6004 if (open_stp) 6005 nfs4_put_stid(&open_stp->st_stid); 6006 nfsd4_bump_seqid(cstate, status); 6007 if (conflock) 6008 locks_free_lock(conflock); 6009 return status; 6010 } 6011 6012 /* 6013 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6014 * so we do a temporary open here just to get an open file to pass to 6015 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6016 * inode operation.) 6017 */ 6018 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6019 { 6020 struct file *file; 6021 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 6022 if (!err) { 6023 err = nfserrno(vfs_test_lock(file, lock)); 6024 fput(file); 6025 } 6026 return err; 6027 } 6028 6029 /* 6030 * LOCKT operation 6031 */ 6032 __be32 6033 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6034 union nfsd4_op_u *u) 6035 { 6036 struct nfsd4_lockt *lockt = &u->lockt; 6037 struct file_lock *file_lock = NULL; 6038 struct nfs4_lockowner *lo = NULL; 6039 __be32 status; 6040 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6041 6042 if (locks_in_grace(SVC_NET(rqstp))) 6043 return nfserr_grace; 6044 6045 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6046 return nfserr_inval; 6047 6048 if (!nfsd4_has_session(cstate)) { 6049 status = lookup_clientid(&lockt->lt_clientid, cstate, nn); 6050 if (status) 6051 goto out; 6052 } 6053 6054 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6055 goto out; 6056 6057 file_lock = locks_alloc_lock(); 6058 if (!file_lock) { 6059 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6060 status = nfserr_jukebox; 6061 goto out; 6062 } 6063 6064 switch (lockt->lt_type) { 6065 case NFS4_READ_LT: 6066 case NFS4_READW_LT: 6067 file_lock->fl_type = F_RDLCK; 6068 break; 6069 case NFS4_WRITE_LT: 6070 case NFS4_WRITEW_LT: 6071 file_lock->fl_type = F_WRLCK; 6072 break; 6073 default: 6074 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6075 status = nfserr_inval; 6076 goto out; 6077 } 6078 6079 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6080 if (lo) 6081 file_lock->fl_owner = (fl_owner_t)lo; 6082 file_lock->fl_pid = current->tgid; 6083 file_lock->fl_flags = FL_POSIX; 6084 6085 file_lock->fl_start = lockt->lt_offset; 6086 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6087 6088 nfs4_transform_lock_offset(file_lock); 6089 6090 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6091 if (status) 6092 goto out; 6093 6094 if (file_lock->fl_type != F_UNLCK) { 6095 status = nfserr_denied; 6096 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6097 } 6098 out: 6099 if (lo) 6100 nfs4_put_stateowner(&lo->lo_owner); 6101 if (file_lock) 6102 locks_free_lock(file_lock); 6103 return status; 6104 } 6105 6106 __be32 6107 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6108 union nfsd4_op_u *u) 6109 { 6110 struct nfsd4_locku *locku = &u->locku; 6111 struct nfs4_ol_stateid *stp; 6112 struct file *filp = NULL; 6113 struct file_lock *file_lock = NULL; 6114 __be32 status; 6115 int err; 6116 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6117 6118 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6119 (long long) locku->lu_offset, 6120 (long long) locku->lu_length); 6121 6122 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6123 return nfserr_inval; 6124 6125 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6126 &locku->lu_stateid, NFS4_LOCK_STID, 6127 &stp, nn); 6128 if (status) 6129 goto out; 6130 filp = find_any_file(stp->st_stid.sc_file); 6131 if (!filp) { 6132 status = nfserr_lock_range; 6133 goto put_stateid; 6134 } 6135 file_lock = locks_alloc_lock(); 6136 if (!file_lock) { 6137 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6138 status = nfserr_jukebox; 6139 goto fput; 6140 } 6141 6142 file_lock->fl_type = F_UNLCK; 6143 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6144 file_lock->fl_pid = current->tgid; 6145 file_lock->fl_file = filp; 6146 file_lock->fl_flags = FL_POSIX; 6147 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6148 file_lock->fl_start = locku->lu_offset; 6149 6150 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6151 locku->lu_length); 6152 nfs4_transform_lock_offset(file_lock); 6153 6154 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL); 6155 if (err) { 6156 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6157 goto out_nfserr; 6158 } 6159 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6160 fput: 6161 fput(filp); 6162 put_stateid: 6163 mutex_unlock(&stp->st_mutex); 6164 nfs4_put_stid(&stp->st_stid); 6165 out: 6166 nfsd4_bump_seqid(cstate, status); 6167 if (file_lock) 6168 locks_free_lock(file_lock); 6169 return status; 6170 6171 out_nfserr: 6172 status = nfserrno(err); 6173 goto fput; 6174 } 6175 6176 /* 6177 * returns 6178 * true: locks held by lockowner 6179 * false: no locks held by lockowner 6180 */ 6181 static bool 6182 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 6183 { 6184 struct file_lock *fl; 6185 int status = false; 6186 struct file *filp = find_any_file(fp); 6187 struct inode *inode; 6188 struct file_lock_context *flctx; 6189 6190 if (!filp) { 6191 /* Any valid lock stateid should have some sort of access */ 6192 WARN_ON_ONCE(1); 6193 return status; 6194 } 6195 6196 inode = file_inode(filp); 6197 flctx = inode->i_flctx; 6198 6199 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 6200 spin_lock(&flctx->flc_lock); 6201 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 6202 if (fl->fl_owner == (fl_owner_t)lowner) { 6203 status = true; 6204 break; 6205 } 6206 } 6207 spin_unlock(&flctx->flc_lock); 6208 } 6209 fput(filp); 6210 return status; 6211 } 6212 6213 __be32 6214 nfsd4_release_lockowner(struct svc_rqst *rqstp, 6215 struct nfsd4_compound_state *cstate, 6216 union nfsd4_op_u *u) 6217 { 6218 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 6219 clientid_t *clid = &rlockowner->rl_clientid; 6220 struct nfs4_stateowner *sop; 6221 struct nfs4_lockowner *lo = NULL; 6222 struct nfs4_ol_stateid *stp; 6223 struct xdr_netobj *owner = &rlockowner->rl_owner; 6224 unsigned int hashval = ownerstr_hashval(owner); 6225 __be32 status; 6226 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6227 struct nfs4_client *clp; 6228 LIST_HEAD (reaplist); 6229 6230 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 6231 clid->cl_boot, clid->cl_id); 6232 6233 status = lookup_clientid(clid, cstate, nn); 6234 if (status) 6235 return status; 6236 6237 clp = cstate->clp; 6238 /* Find the matching lock stateowner */ 6239 spin_lock(&clp->cl_lock); 6240 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 6241 so_strhash) { 6242 6243 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 6244 continue; 6245 6246 /* see if there are still any locks associated with it */ 6247 lo = lockowner(sop); 6248 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 6249 if (check_for_locks(stp->st_stid.sc_file, lo)) { 6250 status = nfserr_locks_held; 6251 spin_unlock(&clp->cl_lock); 6252 return status; 6253 } 6254 } 6255 6256 nfs4_get_stateowner(sop); 6257 break; 6258 } 6259 if (!lo) { 6260 spin_unlock(&clp->cl_lock); 6261 return status; 6262 } 6263 6264 unhash_lockowner_locked(lo); 6265 while (!list_empty(&lo->lo_owner.so_stateids)) { 6266 stp = list_first_entry(&lo->lo_owner.so_stateids, 6267 struct nfs4_ol_stateid, 6268 st_perstateowner); 6269 WARN_ON(!unhash_lock_stateid(stp)); 6270 put_ol_stateid_locked(stp, &reaplist); 6271 } 6272 spin_unlock(&clp->cl_lock); 6273 free_ol_stateid_reaplist(&reaplist); 6274 nfs4_put_stateowner(&lo->lo_owner); 6275 6276 return status; 6277 } 6278 6279 static inline struct nfs4_client_reclaim * 6280 alloc_reclaim(void) 6281 { 6282 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 6283 } 6284 6285 bool 6286 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn) 6287 { 6288 struct nfs4_client_reclaim *crp; 6289 6290 crp = nfsd4_find_reclaim_client(name, nn); 6291 return (crp && crp->cr_clp); 6292 } 6293 6294 /* 6295 * failure => all reset bets are off, nfserr_no_grace... 6296 */ 6297 struct nfs4_client_reclaim * 6298 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn) 6299 { 6300 unsigned int strhashval; 6301 struct nfs4_client_reclaim *crp; 6302 6303 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name); 6304 crp = alloc_reclaim(); 6305 if (crp) { 6306 strhashval = clientstr_hashval(name); 6307 INIT_LIST_HEAD(&crp->cr_strhash); 6308 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 6309 memcpy(crp->cr_recdir, name, HEXDIR_LEN); 6310 crp->cr_clp = NULL; 6311 nn->reclaim_str_hashtbl_size++; 6312 } 6313 return crp; 6314 } 6315 6316 void 6317 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 6318 { 6319 list_del(&crp->cr_strhash); 6320 kfree(crp); 6321 nn->reclaim_str_hashtbl_size--; 6322 } 6323 6324 void 6325 nfs4_release_reclaim(struct nfsd_net *nn) 6326 { 6327 struct nfs4_client_reclaim *crp = NULL; 6328 int i; 6329 6330 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 6331 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 6332 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 6333 struct nfs4_client_reclaim, cr_strhash); 6334 nfs4_remove_reclaim_record(crp, nn); 6335 } 6336 } 6337 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 6338 } 6339 6340 /* 6341 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 6342 struct nfs4_client_reclaim * 6343 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn) 6344 { 6345 unsigned int strhashval; 6346 struct nfs4_client_reclaim *crp = NULL; 6347 6348 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir); 6349 6350 strhashval = clientstr_hashval(recdir); 6351 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 6352 if (same_name(crp->cr_recdir, recdir)) { 6353 return crp; 6354 } 6355 } 6356 return NULL; 6357 } 6358 6359 /* 6360 * Called from OPEN. Look for clientid in reclaim list. 6361 */ 6362 __be32 6363 nfs4_check_open_reclaim(clientid_t *clid, 6364 struct nfsd4_compound_state *cstate, 6365 struct nfsd_net *nn) 6366 { 6367 __be32 status; 6368 6369 /* find clientid in conf_id_hashtbl */ 6370 status = lookup_clientid(clid, cstate, nn); 6371 if (status) 6372 return nfserr_reclaim_bad; 6373 6374 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 6375 return nfserr_no_grace; 6376 6377 if (nfsd4_client_record_check(cstate->clp)) 6378 return nfserr_reclaim_bad; 6379 6380 return nfs_ok; 6381 } 6382 6383 #ifdef CONFIG_NFSD_FAULT_INJECTION 6384 static inline void 6385 put_client(struct nfs4_client *clp) 6386 { 6387 atomic_dec(&clp->cl_refcount); 6388 } 6389 6390 static struct nfs4_client * 6391 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 6392 { 6393 struct nfs4_client *clp; 6394 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6395 nfsd_net_id); 6396 6397 if (!nfsd_netns_ready(nn)) 6398 return NULL; 6399 6400 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6401 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 6402 return clp; 6403 } 6404 return NULL; 6405 } 6406 6407 u64 6408 nfsd_inject_print_clients(void) 6409 { 6410 struct nfs4_client *clp; 6411 u64 count = 0; 6412 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6413 nfsd_net_id); 6414 char buf[INET6_ADDRSTRLEN]; 6415 6416 if (!nfsd_netns_ready(nn)) 6417 return 0; 6418 6419 spin_lock(&nn->client_lock); 6420 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6421 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6422 pr_info("NFS Client: %s\n", buf); 6423 ++count; 6424 } 6425 spin_unlock(&nn->client_lock); 6426 6427 return count; 6428 } 6429 6430 u64 6431 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 6432 { 6433 u64 count = 0; 6434 struct nfs4_client *clp; 6435 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6436 nfsd_net_id); 6437 6438 if (!nfsd_netns_ready(nn)) 6439 return count; 6440 6441 spin_lock(&nn->client_lock); 6442 clp = nfsd_find_client(addr, addr_size); 6443 if (clp) { 6444 if (mark_client_expired_locked(clp) == nfs_ok) 6445 ++count; 6446 else 6447 clp = NULL; 6448 } 6449 spin_unlock(&nn->client_lock); 6450 6451 if (clp) 6452 expire_client(clp); 6453 6454 return count; 6455 } 6456 6457 u64 6458 nfsd_inject_forget_clients(u64 max) 6459 { 6460 u64 count = 0; 6461 struct nfs4_client *clp, *next; 6462 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6463 nfsd_net_id); 6464 LIST_HEAD(reaplist); 6465 6466 if (!nfsd_netns_ready(nn)) 6467 return count; 6468 6469 spin_lock(&nn->client_lock); 6470 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 6471 if (mark_client_expired_locked(clp) == nfs_ok) { 6472 list_add(&clp->cl_lru, &reaplist); 6473 if (max != 0 && ++count >= max) 6474 break; 6475 } 6476 } 6477 spin_unlock(&nn->client_lock); 6478 6479 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 6480 expire_client(clp); 6481 6482 return count; 6483 } 6484 6485 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 6486 const char *type) 6487 { 6488 char buf[INET6_ADDRSTRLEN]; 6489 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6490 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 6491 } 6492 6493 static void 6494 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 6495 struct list_head *collect) 6496 { 6497 struct nfs4_client *clp = lst->st_stid.sc_client; 6498 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6499 nfsd_net_id); 6500 6501 if (!collect) 6502 return; 6503 6504 lockdep_assert_held(&nn->client_lock); 6505 atomic_inc(&clp->cl_refcount); 6506 list_add(&lst->st_locks, collect); 6507 } 6508 6509 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 6510 struct list_head *collect, 6511 bool (*func)(struct nfs4_ol_stateid *)) 6512 { 6513 struct nfs4_openowner *oop; 6514 struct nfs4_ol_stateid *stp, *st_next; 6515 struct nfs4_ol_stateid *lst, *lst_next; 6516 u64 count = 0; 6517 6518 spin_lock(&clp->cl_lock); 6519 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 6520 list_for_each_entry_safe(stp, st_next, 6521 &oop->oo_owner.so_stateids, st_perstateowner) { 6522 list_for_each_entry_safe(lst, lst_next, 6523 &stp->st_locks, st_locks) { 6524 if (func) { 6525 if (func(lst)) 6526 nfsd_inject_add_lock_to_list(lst, 6527 collect); 6528 } 6529 ++count; 6530 /* 6531 * Despite the fact that these functions deal 6532 * with 64-bit integers for "count", we must 6533 * ensure that it doesn't blow up the 6534 * clp->cl_refcount. Throw a warning if we 6535 * start to approach INT_MAX here. 6536 */ 6537 WARN_ON_ONCE(count == (INT_MAX / 2)); 6538 if (count == max) 6539 goto out; 6540 } 6541 } 6542 } 6543 out: 6544 spin_unlock(&clp->cl_lock); 6545 6546 return count; 6547 } 6548 6549 static u64 6550 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 6551 u64 max) 6552 { 6553 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 6554 } 6555 6556 static u64 6557 nfsd_print_client_locks(struct nfs4_client *clp) 6558 { 6559 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 6560 nfsd_print_count(clp, count, "locked files"); 6561 return count; 6562 } 6563 6564 u64 6565 nfsd_inject_print_locks(void) 6566 { 6567 struct nfs4_client *clp; 6568 u64 count = 0; 6569 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6570 nfsd_net_id); 6571 6572 if (!nfsd_netns_ready(nn)) 6573 return 0; 6574 6575 spin_lock(&nn->client_lock); 6576 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6577 count += nfsd_print_client_locks(clp); 6578 spin_unlock(&nn->client_lock); 6579 6580 return count; 6581 } 6582 6583 static void 6584 nfsd_reap_locks(struct list_head *reaplist) 6585 { 6586 struct nfs4_client *clp; 6587 struct nfs4_ol_stateid *stp, *next; 6588 6589 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 6590 list_del_init(&stp->st_locks); 6591 clp = stp->st_stid.sc_client; 6592 nfs4_put_stid(&stp->st_stid); 6593 put_client(clp); 6594 } 6595 } 6596 6597 u64 6598 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 6599 { 6600 unsigned int count = 0; 6601 struct nfs4_client *clp; 6602 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6603 nfsd_net_id); 6604 LIST_HEAD(reaplist); 6605 6606 if (!nfsd_netns_ready(nn)) 6607 return count; 6608 6609 spin_lock(&nn->client_lock); 6610 clp = nfsd_find_client(addr, addr_size); 6611 if (clp) 6612 count = nfsd_collect_client_locks(clp, &reaplist, 0); 6613 spin_unlock(&nn->client_lock); 6614 nfsd_reap_locks(&reaplist); 6615 return count; 6616 } 6617 6618 u64 6619 nfsd_inject_forget_locks(u64 max) 6620 { 6621 u64 count = 0; 6622 struct nfs4_client *clp; 6623 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6624 nfsd_net_id); 6625 LIST_HEAD(reaplist); 6626 6627 if (!nfsd_netns_ready(nn)) 6628 return count; 6629 6630 spin_lock(&nn->client_lock); 6631 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6632 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 6633 if (max != 0 && count >= max) 6634 break; 6635 } 6636 spin_unlock(&nn->client_lock); 6637 nfsd_reap_locks(&reaplist); 6638 return count; 6639 } 6640 6641 static u64 6642 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 6643 struct list_head *collect, 6644 void (*func)(struct nfs4_openowner *)) 6645 { 6646 struct nfs4_openowner *oop, *next; 6647 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6648 nfsd_net_id); 6649 u64 count = 0; 6650 6651 lockdep_assert_held(&nn->client_lock); 6652 6653 spin_lock(&clp->cl_lock); 6654 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 6655 if (func) { 6656 func(oop); 6657 if (collect) { 6658 atomic_inc(&clp->cl_refcount); 6659 list_add(&oop->oo_perclient, collect); 6660 } 6661 } 6662 ++count; 6663 /* 6664 * Despite the fact that these functions deal with 6665 * 64-bit integers for "count", we must ensure that 6666 * it doesn't blow up the clp->cl_refcount. Throw a 6667 * warning if we start to approach INT_MAX here. 6668 */ 6669 WARN_ON_ONCE(count == (INT_MAX / 2)); 6670 if (count == max) 6671 break; 6672 } 6673 spin_unlock(&clp->cl_lock); 6674 6675 return count; 6676 } 6677 6678 static u64 6679 nfsd_print_client_openowners(struct nfs4_client *clp) 6680 { 6681 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 6682 6683 nfsd_print_count(clp, count, "openowners"); 6684 return count; 6685 } 6686 6687 static u64 6688 nfsd_collect_client_openowners(struct nfs4_client *clp, 6689 struct list_head *collect, u64 max) 6690 { 6691 return nfsd_foreach_client_openowner(clp, max, collect, 6692 unhash_openowner_locked); 6693 } 6694 6695 u64 6696 nfsd_inject_print_openowners(void) 6697 { 6698 struct nfs4_client *clp; 6699 u64 count = 0; 6700 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6701 nfsd_net_id); 6702 6703 if (!nfsd_netns_ready(nn)) 6704 return 0; 6705 6706 spin_lock(&nn->client_lock); 6707 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6708 count += nfsd_print_client_openowners(clp); 6709 spin_unlock(&nn->client_lock); 6710 6711 return count; 6712 } 6713 6714 static void 6715 nfsd_reap_openowners(struct list_head *reaplist) 6716 { 6717 struct nfs4_client *clp; 6718 struct nfs4_openowner *oop, *next; 6719 6720 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 6721 list_del_init(&oop->oo_perclient); 6722 clp = oop->oo_owner.so_client; 6723 release_openowner(oop); 6724 put_client(clp); 6725 } 6726 } 6727 6728 u64 6729 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 6730 size_t addr_size) 6731 { 6732 unsigned int count = 0; 6733 struct nfs4_client *clp; 6734 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6735 nfsd_net_id); 6736 LIST_HEAD(reaplist); 6737 6738 if (!nfsd_netns_ready(nn)) 6739 return count; 6740 6741 spin_lock(&nn->client_lock); 6742 clp = nfsd_find_client(addr, addr_size); 6743 if (clp) 6744 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 6745 spin_unlock(&nn->client_lock); 6746 nfsd_reap_openowners(&reaplist); 6747 return count; 6748 } 6749 6750 u64 6751 nfsd_inject_forget_openowners(u64 max) 6752 { 6753 u64 count = 0; 6754 struct nfs4_client *clp; 6755 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6756 nfsd_net_id); 6757 LIST_HEAD(reaplist); 6758 6759 if (!nfsd_netns_ready(nn)) 6760 return count; 6761 6762 spin_lock(&nn->client_lock); 6763 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6764 count += nfsd_collect_client_openowners(clp, &reaplist, 6765 max - count); 6766 if (max != 0 && count >= max) 6767 break; 6768 } 6769 spin_unlock(&nn->client_lock); 6770 nfsd_reap_openowners(&reaplist); 6771 return count; 6772 } 6773 6774 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 6775 struct list_head *victims) 6776 { 6777 struct nfs4_delegation *dp, *next; 6778 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6779 nfsd_net_id); 6780 u64 count = 0; 6781 6782 lockdep_assert_held(&nn->client_lock); 6783 6784 spin_lock(&state_lock); 6785 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 6786 if (victims) { 6787 /* 6788 * It's not safe to mess with delegations that have a 6789 * non-zero dl_time. They might have already been broken 6790 * and could be processed by the laundromat outside of 6791 * the state_lock. Just leave them be. 6792 */ 6793 if (dp->dl_time != 0) 6794 continue; 6795 6796 atomic_inc(&clp->cl_refcount); 6797 WARN_ON(!unhash_delegation_locked(dp)); 6798 list_add(&dp->dl_recall_lru, victims); 6799 } 6800 ++count; 6801 /* 6802 * Despite the fact that these functions deal with 6803 * 64-bit integers for "count", we must ensure that 6804 * it doesn't blow up the clp->cl_refcount. Throw a 6805 * warning if we start to approach INT_MAX here. 6806 */ 6807 WARN_ON_ONCE(count == (INT_MAX / 2)); 6808 if (count == max) 6809 break; 6810 } 6811 spin_unlock(&state_lock); 6812 return count; 6813 } 6814 6815 static u64 6816 nfsd_print_client_delegations(struct nfs4_client *clp) 6817 { 6818 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 6819 6820 nfsd_print_count(clp, count, "delegations"); 6821 return count; 6822 } 6823 6824 u64 6825 nfsd_inject_print_delegations(void) 6826 { 6827 struct nfs4_client *clp; 6828 u64 count = 0; 6829 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6830 nfsd_net_id); 6831 6832 if (!nfsd_netns_ready(nn)) 6833 return 0; 6834 6835 spin_lock(&nn->client_lock); 6836 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6837 count += nfsd_print_client_delegations(clp); 6838 spin_unlock(&nn->client_lock); 6839 6840 return count; 6841 } 6842 6843 static void 6844 nfsd_forget_delegations(struct list_head *reaplist) 6845 { 6846 struct nfs4_client *clp; 6847 struct nfs4_delegation *dp, *next; 6848 6849 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 6850 list_del_init(&dp->dl_recall_lru); 6851 clp = dp->dl_stid.sc_client; 6852 revoke_delegation(dp); 6853 put_client(clp); 6854 } 6855 } 6856 6857 u64 6858 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 6859 size_t addr_size) 6860 { 6861 u64 count = 0; 6862 struct nfs4_client *clp; 6863 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6864 nfsd_net_id); 6865 LIST_HEAD(reaplist); 6866 6867 if (!nfsd_netns_ready(nn)) 6868 return count; 6869 6870 spin_lock(&nn->client_lock); 6871 clp = nfsd_find_client(addr, addr_size); 6872 if (clp) 6873 count = nfsd_find_all_delegations(clp, 0, &reaplist); 6874 spin_unlock(&nn->client_lock); 6875 6876 nfsd_forget_delegations(&reaplist); 6877 return count; 6878 } 6879 6880 u64 6881 nfsd_inject_forget_delegations(u64 max) 6882 { 6883 u64 count = 0; 6884 struct nfs4_client *clp; 6885 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6886 nfsd_net_id); 6887 LIST_HEAD(reaplist); 6888 6889 if (!nfsd_netns_ready(nn)) 6890 return count; 6891 6892 spin_lock(&nn->client_lock); 6893 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6894 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 6895 if (max != 0 && count >= max) 6896 break; 6897 } 6898 spin_unlock(&nn->client_lock); 6899 nfsd_forget_delegations(&reaplist); 6900 return count; 6901 } 6902 6903 static void 6904 nfsd_recall_delegations(struct list_head *reaplist) 6905 { 6906 struct nfs4_client *clp; 6907 struct nfs4_delegation *dp, *next; 6908 6909 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 6910 list_del_init(&dp->dl_recall_lru); 6911 clp = dp->dl_stid.sc_client; 6912 /* 6913 * We skipped all entries that had a zero dl_time before, 6914 * so we can now reset the dl_time back to 0. If a delegation 6915 * break comes in now, then it won't make any difference since 6916 * we're recalling it either way. 6917 */ 6918 spin_lock(&state_lock); 6919 dp->dl_time = 0; 6920 spin_unlock(&state_lock); 6921 nfsd_break_one_deleg(dp); 6922 put_client(clp); 6923 } 6924 } 6925 6926 u64 6927 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 6928 size_t addr_size) 6929 { 6930 u64 count = 0; 6931 struct nfs4_client *clp; 6932 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6933 nfsd_net_id); 6934 LIST_HEAD(reaplist); 6935 6936 if (!nfsd_netns_ready(nn)) 6937 return count; 6938 6939 spin_lock(&nn->client_lock); 6940 clp = nfsd_find_client(addr, addr_size); 6941 if (clp) 6942 count = nfsd_find_all_delegations(clp, 0, &reaplist); 6943 spin_unlock(&nn->client_lock); 6944 6945 nfsd_recall_delegations(&reaplist); 6946 return count; 6947 } 6948 6949 u64 6950 nfsd_inject_recall_delegations(u64 max) 6951 { 6952 u64 count = 0; 6953 struct nfs4_client *clp, *next; 6954 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6955 nfsd_net_id); 6956 LIST_HEAD(reaplist); 6957 6958 if (!nfsd_netns_ready(nn)) 6959 return count; 6960 6961 spin_lock(&nn->client_lock); 6962 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 6963 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 6964 if (max != 0 && ++count >= max) 6965 break; 6966 } 6967 spin_unlock(&nn->client_lock); 6968 nfsd_recall_delegations(&reaplist); 6969 return count; 6970 } 6971 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 6972 6973 /* 6974 * Since the lifetime of a delegation isn't limited to that of an open, a 6975 * client may quite reasonably hang on to a delegation as long as it has 6976 * the inode cached. This becomes an obvious problem the first time a 6977 * client's inode cache approaches the size of the server's total memory. 6978 * 6979 * For now we avoid this problem by imposing a hard limit on the number 6980 * of delegations, which varies according to the server's memory size. 6981 */ 6982 static void 6983 set_max_delegations(void) 6984 { 6985 /* 6986 * Allow at most 4 delegations per megabyte of RAM. Quick 6987 * estimates suggest that in the worst case (where every delegation 6988 * is for a different inode), a delegation could take about 1.5K, 6989 * giving a worst case usage of about 6% of memory. 6990 */ 6991 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 6992 } 6993 6994 static int nfs4_state_create_net(struct net *net) 6995 { 6996 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6997 int i; 6998 6999 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) * 7000 CLIENT_HASH_SIZE, GFP_KERNEL); 7001 if (!nn->conf_id_hashtbl) 7002 goto err; 7003 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) * 7004 CLIENT_HASH_SIZE, GFP_KERNEL); 7005 if (!nn->unconf_id_hashtbl) 7006 goto err_unconf_id; 7007 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) * 7008 SESSION_HASH_SIZE, GFP_KERNEL); 7009 if (!nn->sessionid_hashtbl) 7010 goto err_sessionid; 7011 7012 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7013 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7014 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7015 } 7016 for (i = 0; i < SESSION_HASH_SIZE; i++) 7017 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7018 nn->conf_name_tree = RB_ROOT; 7019 nn->unconf_name_tree = RB_ROOT; 7020 INIT_LIST_HEAD(&nn->client_lru); 7021 INIT_LIST_HEAD(&nn->close_lru); 7022 INIT_LIST_HEAD(&nn->del_recall_lru); 7023 spin_lock_init(&nn->client_lock); 7024 7025 spin_lock_init(&nn->blocked_locks_lock); 7026 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7027 7028 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7029 get_net(net); 7030 7031 return 0; 7032 7033 err_sessionid: 7034 kfree(nn->unconf_id_hashtbl); 7035 err_unconf_id: 7036 kfree(nn->conf_id_hashtbl); 7037 err: 7038 return -ENOMEM; 7039 } 7040 7041 static void 7042 nfs4_state_destroy_net(struct net *net) 7043 { 7044 int i; 7045 struct nfs4_client *clp = NULL; 7046 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7047 7048 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7049 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7050 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7051 destroy_client(clp); 7052 } 7053 } 7054 7055 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7056 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7057 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7058 destroy_client(clp); 7059 } 7060 } 7061 7062 kfree(nn->sessionid_hashtbl); 7063 kfree(nn->unconf_id_hashtbl); 7064 kfree(nn->conf_id_hashtbl); 7065 put_net(net); 7066 } 7067 7068 int 7069 nfs4_state_start_net(struct net *net) 7070 { 7071 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7072 int ret; 7073 7074 ret = nfs4_state_create_net(net); 7075 if (ret) 7076 return ret; 7077 nn->boot_time = get_seconds(); 7078 nn->grace_ended = false; 7079 nn->nfsd4_manager.block_opens = true; 7080 locks_start_grace(net, &nn->nfsd4_manager); 7081 nfsd4_client_tracking_init(net); 7082 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %x)\n", 7083 nn->nfsd4_grace, net->ns.inum); 7084 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7085 return 0; 7086 } 7087 7088 /* initialization to perform when the nfsd service is started: */ 7089 7090 int 7091 nfs4_state_start(void) 7092 { 7093 int ret; 7094 7095 ret = set_callback_cred(); 7096 if (ret) 7097 return ret; 7098 7099 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7100 if (laundry_wq == NULL) { 7101 ret = -ENOMEM; 7102 goto out_cleanup_cred; 7103 } 7104 ret = nfsd4_create_callback_queue(); 7105 if (ret) 7106 goto out_free_laundry; 7107 7108 set_max_delegations(); 7109 return 0; 7110 7111 out_free_laundry: 7112 destroy_workqueue(laundry_wq); 7113 out_cleanup_cred: 7114 cleanup_callback_cred(); 7115 return ret; 7116 } 7117 7118 void 7119 nfs4_state_shutdown_net(struct net *net) 7120 { 7121 struct nfs4_delegation *dp = NULL; 7122 struct list_head *pos, *next, reaplist; 7123 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7124 struct nfsd4_blocked_lock *nbl; 7125 7126 cancel_delayed_work_sync(&nn->laundromat_work); 7127 locks_end_grace(&nn->nfsd4_manager); 7128 7129 INIT_LIST_HEAD(&reaplist); 7130 spin_lock(&state_lock); 7131 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7132 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7133 WARN_ON(!unhash_delegation_locked(dp)); 7134 list_add(&dp->dl_recall_lru, &reaplist); 7135 } 7136 spin_unlock(&state_lock); 7137 list_for_each_safe(pos, next, &reaplist) { 7138 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7139 list_del_init(&dp->dl_recall_lru); 7140 put_clnt_odstate(dp->dl_clnt_odstate); 7141 nfs4_put_deleg_lease(dp->dl_stid.sc_file); 7142 nfs4_put_stid(&dp->dl_stid); 7143 } 7144 7145 BUG_ON(!list_empty(&reaplist)); 7146 spin_lock(&nn->blocked_locks_lock); 7147 while (!list_empty(&nn->blocked_locks_lru)) { 7148 nbl = list_first_entry(&nn->blocked_locks_lru, 7149 struct nfsd4_blocked_lock, nbl_lru); 7150 list_move(&nbl->nbl_lru, &reaplist); 7151 list_del_init(&nbl->nbl_list); 7152 } 7153 spin_unlock(&nn->blocked_locks_lock); 7154 7155 while (!list_empty(&reaplist)) { 7156 nbl = list_first_entry(&nn->blocked_locks_lru, 7157 struct nfsd4_blocked_lock, nbl_lru); 7158 list_del_init(&nbl->nbl_lru); 7159 posix_unblock_lock(&nbl->nbl_lock); 7160 free_blocked_lock(nbl); 7161 } 7162 7163 nfsd4_client_tracking_exit(net); 7164 nfs4_state_destroy_net(net); 7165 } 7166 7167 void 7168 nfs4_state_shutdown(void) 7169 { 7170 destroy_workqueue(laundry_wq); 7171 nfsd4_destroy_callback_queue(); 7172 cleanup_callback_cred(); 7173 } 7174 7175 static void 7176 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7177 { 7178 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid)) 7179 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 7180 } 7181 7182 static void 7183 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7184 { 7185 if (cstate->minorversion) { 7186 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 7187 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7188 } 7189 } 7190 7191 void 7192 clear_current_stateid(struct nfsd4_compound_state *cstate) 7193 { 7194 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7195 } 7196 7197 /* 7198 * functions to set current state id 7199 */ 7200 void 7201 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 7202 union nfsd4_op_u *u) 7203 { 7204 put_stateid(cstate, &u->open_downgrade.od_stateid); 7205 } 7206 7207 void 7208 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 7209 union nfsd4_op_u *u) 7210 { 7211 put_stateid(cstate, &u->open.op_stateid); 7212 } 7213 7214 void 7215 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 7216 union nfsd4_op_u *u) 7217 { 7218 put_stateid(cstate, &u->close.cl_stateid); 7219 } 7220 7221 void 7222 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 7223 union nfsd4_op_u *u) 7224 { 7225 put_stateid(cstate, &u->lock.lk_resp_stateid); 7226 } 7227 7228 /* 7229 * functions to consume current state id 7230 */ 7231 7232 void 7233 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 7234 union nfsd4_op_u *u) 7235 { 7236 get_stateid(cstate, &u->open_downgrade.od_stateid); 7237 } 7238 7239 void 7240 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 7241 union nfsd4_op_u *u) 7242 { 7243 get_stateid(cstate, &u->delegreturn.dr_stateid); 7244 } 7245 7246 void 7247 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 7248 union nfsd4_op_u *u) 7249 { 7250 get_stateid(cstate, &u->free_stateid.fr_stateid); 7251 } 7252 7253 void 7254 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 7255 union nfsd4_op_u *u) 7256 { 7257 get_stateid(cstate, &u->setattr.sa_stateid); 7258 } 7259 7260 void 7261 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 7262 union nfsd4_op_u *u) 7263 { 7264 get_stateid(cstate, &u->close.cl_stateid); 7265 } 7266 7267 void 7268 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 7269 union nfsd4_op_u *u) 7270 { 7271 get_stateid(cstate, &u->locku.lu_stateid); 7272 } 7273 7274 void 7275 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 7276 union nfsd4_op_u *u) 7277 { 7278 get_stateid(cstate, &u->read.rd_stateid); 7279 } 7280 7281 void 7282 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 7283 union nfsd4_op_u *u) 7284 { 7285 get_stateid(cstate, &u->write.wr_stateid); 7286 } 7287