1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include "xdr4.h" 46 #include "xdr4cb.h" 47 #include "vfs.h" 48 #include "current_stateid.h" 49 50 #include "netns.h" 51 #include "pnfs.h" 52 53 #define NFSDDBG_FACILITY NFSDDBG_PROC 54 55 #define all_ones {{~0,~0},~0} 56 static const stateid_t one_stateid = { 57 .si_generation = ~0, 58 .si_opaque = all_ones, 59 }; 60 static const stateid_t zero_stateid = { 61 /* all fields zero */ 62 }; 63 static const stateid_t currentstateid = { 64 .si_generation = 1, 65 }; 66 static const stateid_t close_stateid = { 67 .si_generation = 0xffffffffU, 68 }; 69 70 static u64 current_sessionid = 1; 71 72 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 73 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 74 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 75 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 76 77 /* forward declarations */ 78 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 79 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 80 81 /* Locking: */ 82 83 /* 84 * Currently used for the del_recall_lru and file hash table. In an 85 * effort to decrease the scope of the client_mutex, this spinlock may 86 * eventually cover more: 87 */ 88 static DEFINE_SPINLOCK(state_lock); 89 90 enum nfsd4_st_mutex_lock_subclass { 91 OPEN_STATEID_MUTEX = 0, 92 LOCK_STATEID_MUTEX = 1, 93 }; 94 95 /* 96 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 97 * the refcount on the open stateid to drop. 98 */ 99 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 100 101 static struct kmem_cache *client_slab; 102 static struct kmem_cache *openowner_slab; 103 static struct kmem_cache *lockowner_slab; 104 static struct kmem_cache *file_slab; 105 static struct kmem_cache *stateid_slab; 106 static struct kmem_cache *deleg_slab; 107 static struct kmem_cache *odstate_slab; 108 109 static void free_session(struct nfsd4_session *); 110 111 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 112 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 113 114 static bool is_session_dead(struct nfsd4_session *ses) 115 { 116 return ses->se_flags & NFS4_SESSION_DEAD; 117 } 118 119 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 120 { 121 if (atomic_read(&ses->se_ref) > ref_held_by_me) 122 return nfserr_jukebox; 123 ses->se_flags |= NFS4_SESSION_DEAD; 124 return nfs_ok; 125 } 126 127 static bool is_client_expired(struct nfs4_client *clp) 128 { 129 return clp->cl_time == 0; 130 } 131 132 static __be32 get_client_locked(struct nfs4_client *clp) 133 { 134 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 135 136 lockdep_assert_held(&nn->client_lock); 137 138 if (is_client_expired(clp)) 139 return nfserr_expired; 140 atomic_inc(&clp->cl_refcount); 141 return nfs_ok; 142 } 143 144 /* must be called under the client_lock */ 145 static inline void 146 renew_client_locked(struct nfs4_client *clp) 147 { 148 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 149 150 if (is_client_expired(clp)) { 151 WARN_ON(1); 152 printk("%s: client (clientid %08x/%08x) already expired\n", 153 __func__, 154 clp->cl_clientid.cl_boot, 155 clp->cl_clientid.cl_id); 156 return; 157 } 158 159 dprintk("renewing client (clientid %08x/%08x)\n", 160 clp->cl_clientid.cl_boot, 161 clp->cl_clientid.cl_id); 162 list_move_tail(&clp->cl_lru, &nn->client_lru); 163 clp->cl_time = get_seconds(); 164 } 165 166 static void put_client_renew_locked(struct nfs4_client *clp) 167 { 168 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 169 170 lockdep_assert_held(&nn->client_lock); 171 172 if (!atomic_dec_and_test(&clp->cl_refcount)) 173 return; 174 if (!is_client_expired(clp)) 175 renew_client_locked(clp); 176 } 177 178 static void put_client_renew(struct nfs4_client *clp) 179 { 180 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 181 182 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock)) 183 return; 184 if (!is_client_expired(clp)) 185 renew_client_locked(clp); 186 spin_unlock(&nn->client_lock); 187 } 188 189 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 190 { 191 __be32 status; 192 193 if (is_session_dead(ses)) 194 return nfserr_badsession; 195 status = get_client_locked(ses->se_client); 196 if (status) 197 return status; 198 atomic_inc(&ses->se_ref); 199 return nfs_ok; 200 } 201 202 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 203 { 204 struct nfs4_client *clp = ses->se_client; 205 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 206 207 lockdep_assert_held(&nn->client_lock); 208 209 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 210 free_session(ses); 211 put_client_renew_locked(clp); 212 } 213 214 static void nfsd4_put_session(struct nfsd4_session *ses) 215 { 216 struct nfs4_client *clp = ses->se_client; 217 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 218 219 spin_lock(&nn->client_lock); 220 nfsd4_put_session_locked(ses); 221 spin_unlock(&nn->client_lock); 222 } 223 224 static struct nfsd4_blocked_lock * 225 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 226 struct nfsd_net *nn) 227 { 228 struct nfsd4_blocked_lock *cur, *found = NULL; 229 230 spin_lock(&nn->blocked_locks_lock); 231 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 232 if (fh_match(fh, &cur->nbl_fh)) { 233 list_del_init(&cur->nbl_list); 234 list_del_init(&cur->nbl_lru); 235 found = cur; 236 break; 237 } 238 } 239 spin_unlock(&nn->blocked_locks_lock); 240 if (found) 241 posix_unblock_lock(&found->nbl_lock); 242 return found; 243 } 244 245 static struct nfsd4_blocked_lock * 246 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 247 struct nfsd_net *nn) 248 { 249 struct nfsd4_blocked_lock *nbl; 250 251 nbl = find_blocked_lock(lo, fh, nn); 252 if (!nbl) { 253 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 254 if (nbl) { 255 fh_copy_shallow(&nbl->nbl_fh, fh); 256 locks_init_lock(&nbl->nbl_lock); 257 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 258 &nfsd4_cb_notify_lock_ops, 259 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 260 } 261 } 262 return nbl; 263 } 264 265 static void 266 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 267 { 268 locks_release_private(&nbl->nbl_lock); 269 kfree(nbl); 270 } 271 272 static void 273 remove_blocked_locks(struct nfs4_lockowner *lo) 274 { 275 struct nfs4_client *clp = lo->lo_owner.so_client; 276 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 277 struct nfsd4_blocked_lock *nbl; 278 LIST_HEAD(reaplist); 279 280 /* Dequeue all blocked locks */ 281 spin_lock(&nn->blocked_locks_lock); 282 while (!list_empty(&lo->lo_blocked)) { 283 nbl = list_first_entry(&lo->lo_blocked, 284 struct nfsd4_blocked_lock, 285 nbl_list); 286 list_del_init(&nbl->nbl_list); 287 list_move(&nbl->nbl_lru, &reaplist); 288 } 289 spin_unlock(&nn->blocked_locks_lock); 290 291 /* Now free them */ 292 while (!list_empty(&reaplist)) { 293 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 294 nbl_lru); 295 list_del_init(&nbl->nbl_lru); 296 posix_unblock_lock(&nbl->nbl_lock); 297 free_blocked_lock(nbl); 298 } 299 } 300 301 static int 302 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 303 { 304 /* 305 * Since this is just an optimization, we don't try very hard if it 306 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 307 * just quit trying on anything else. 308 */ 309 switch (task->tk_status) { 310 case -NFS4ERR_DELAY: 311 rpc_delay(task, 1 * HZ); 312 return 0; 313 default: 314 return 1; 315 } 316 } 317 318 static void 319 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 320 { 321 struct nfsd4_blocked_lock *nbl = container_of(cb, 322 struct nfsd4_blocked_lock, nbl_cb); 323 324 free_blocked_lock(nbl); 325 } 326 327 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 328 .done = nfsd4_cb_notify_lock_done, 329 .release = nfsd4_cb_notify_lock_release, 330 }; 331 332 static inline struct nfs4_stateowner * 333 nfs4_get_stateowner(struct nfs4_stateowner *sop) 334 { 335 atomic_inc(&sop->so_count); 336 return sop; 337 } 338 339 static int 340 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 341 { 342 return (sop->so_owner.len == owner->len) && 343 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 344 } 345 346 static struct nfs4_openowner * 347 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 348 struct nfs4_client *clp) 349 { 350 struct nfs4_stateowner *so; 351 352 lockdep_assert_held(&clp->cl_lock); 353 354 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 355 so_strhash) { 356 if (!so->so_is_open_owner) 357 continue; 358 if (same_owner_str(so, &open->op_owner)) 359 return openowner(nfs4_get_stateowner(so)); 360 } 361 return NULL; 362 } 363 364 static struct nfs4_openowner * 365 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 366 struct nfs4_client *clp) 367 { 368 struct nfs4_openowner *oo; 369 370 spin_lock(&clp->cl_lock); 371 oo = find_openstateowner_str_locked(hashval, open, clp); 372 spin_unlock(&clp->cl_lock); 373 return oo; 374 } 375 376 static inline u32 377 opaque_hashval(const void *ptr, int nbytes) 378 { 379 unsigned char *cptr = (unsigned char *) ptr; 380 381 u32 x = 0; 382 while (nbytes--) { 383 x *= 37; 384 x += *cptr++; 385 } 386 return x; 387 } 388 389 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 390 { 391 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 392 393 kmem_cache_free(file_slab, fp); 394 } 395 396 void 397 put_nfs4_file(struct nfs4_file *fi) 398 { 399 might_lock(&state_lock); 400 401 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 402 hlist_del_rcu(&fi->fi_hash); 403 spin_unlock(&state_lock); 404 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 405 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 406 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 407 } 408 } 409 410 static struct file * 411 __nfs4_get_fd(struct nfs4_file *f, int oflag) 412 { 413 if (f->fi_fds[oflag]) 414 return get_file(f->fi_fds[oflag]); 415 return NULL; 416 } 417 418 static struct file * 419 find_writeable_file_locked(struct nfs4_file *f) 420 { 421 struct file *ret; 422 423 lockdep_assert_held(&f->fi_lock); 424 425 ret = __nfs4_get_fd(f, O_WRONLY); 426 if (!ret) 427 ret = __nfs4_get_fd(f, O_RDWR); 428 return ret; 429 } 430 431 static struct file * 432 find_writeable_file(struct nfs4_file *f) 433 { 434 struct file *ret; 435 436 spin_lock(&f->fi_lock); 437 ret = find_writeable_file_locked(f); 438 spin_unlock(&f->fi_lock); 439 440 return ret; 441 } 442 443 static struct file *find_readable_file_locked(struct nfs4_file *f) 444 { 445 struct file *ret; 446 447 lockdep_assert_held(&f->fi_lock); 448 449 ret = __nfs4_get_fd(f, O_RDONLY); 450 if (!ret) 451 ret = __nfs4_get_fd(f, O_RDWR); 452 return ret; 453 } 454 455 static struct file * 456 find_readable_file(struct nfs4_file *f) 457 { 458 struct file *ret; 459 460 spin_lock(&f->fi_lock); 461 ret = find_readable_file_locked(f); 462 spin_unlock(&f->fi_lock); 463 464 return ret; 465 } 466 467 struct file * 468 find_any_file(struct nfs4_file *f) 469 { 470 struct file *ret; 471 472 spin_lock(&f->fi_lock); 473 ret = __nfs4_get_fd(f, O_RDWR); 474 if (!ret) { 475 ret = __nfs4_get_fd(f, O_WRONLY); 476 if (!ret) 477 ret = __nfs4_get_fd(f, O_RDONLY); 478 } 479 spin_unlock(&f->fi_lock); 480 return ret; 481 } 482 483 static atomic_long_t num_delegations; 484 unsigned long max_delegations; 485 486 /* 487 * Open owner state (share locks) 488 */ 489 490 /* hash tables for lock and open owners */ 491 #define OWNER_HASH_BITS 8 492 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 493 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 494 495 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 496 { 497 unsigned int ret; 498 499 ret = opaque_hashval(ownername->data, ownername->len); 500 return ret & OWNER_HASH_MASK; 501 } 502 503 /* hash table for nfs4_file */ 504 #define FILE_HASH_BITS 8 505 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 506 507 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 508 { 509 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 510 } 511 512 static unsigned int file_hashval(struct knfsd_fh *fh) 513 { 514 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 515 } 516 517 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 518 519 static void 520 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 521 { 522 lockdep_assert_held(&fp->fi_lock); 523 524 if (access & NFS4_SHARE_ACCESS_WRITE) 525 atomic_inc(&fp->fi_access[O_WRONLY]); 526 if (access & NFS4_SHARE_ACCESS_READ) 527 atomic_inc(&fp->fi_access[O_RDONLY]); 528 } 529 530 static __be32 531 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 532 { 533 lockdep_assert_held(&fp->fi_lock); 534 535 /* Does this access mode make sense? */ 536 if (access & ~NFS4_SHARE_ACCESS_BOTH) 537 return nfserr_inval; 538 539 /* Does it conflict with a deny mode already set? */ 540 if ((access & fp->fi_share_deny) != 0) 541 return nfserr_share_denied; 542 543 __nfs4_file_get_access(fp, access); 544 return nfs_ok; 545 } 546 547 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 548 { 549 /* Common case is that there is no deny mode. */ 550 if (deny) { 551 /* Does this deny mode make sense? */ 552 if (deny & ~NFS4_SHARE_DENY_BOTH) 553 return nfserr_inval; 554 555 if ((deny & NFS4_SHARE_DENY_READ) && 556 atomic_read(&fp->fi_access[O_RDONLY])) 557 return nfserr_share_denied; 558 559 if ((deny & NFS4_SHARE_DENY_WRITE) && 560 atomic_read(&fp->fi_access[O_WRONLY])) 561 return nfserr_share_denied; 562 } 563 return nfs_ok; 564 } 565 566 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 567 { 568 might_lock(&fp->fi_lock); 569 570 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 571 struct file *f1 = NULL; 572 struct file *f2 = NULL; 573 574 swap(f1, fp->fi_fds[oflag]); 575 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 576 swap(f2, fp->fi_fds[O_RDWR]); 577 spin_unlock(&fp->fi_lock); 578 if (f1) 579 fput(f1); 580 if (f2) 581 fput(f2); 582 } 583 } 584 585 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 586 { 587 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 588 589 if (access & NFS4_SHARE_ACCESS_WRITE) 590 __nfs4_file_put_access(fp, O_WRONLY); 591 if (access & NFS4_SHARE_ACCESS_READ) 592 __nfs4_file_put_access(fp, O_RDONLY); 593 } 594 595 /* 596 * Allocate a new open/delegation state counter. This is needed for 597 * pNFS for proper return on close semantics. 598 * 599 * Note that we only allocate it for pNFS-enabled exports, otherwise 600 * all pointers to struct nfs4_clnt_odstate are always NULL. 601 */ 602 static struct nfs4_clnt_odstate * 603 alloc_clnt_odstate(struct nfs4_client *clp) 604 { 605 struct nfs4_clnt_odstate *co; 606 607 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 608 if (co) { 609 co->co_client = clp; 610 refcount_set(&co->co_odcount, 1); 611 } 612 return co; 613 } 614 615 static void 616 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 617 { 618 struct nfs4_file *fp = co->co_file; 619 620 lockdep_assert_held(&fp->fi_lock); 621 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 622 } 623 624 static inline void 625 get_clnt_odstate(struct nfs4_clnt_odstate *co) 626 { 627 if (co) 628 refcount_inc(&co->co_odcount); 629 } 630 631 static void 632 put_clnt_odstate(struct nfs4_clnt_odstate *co) 633 { 634 struct nfs4_file *fp; 635 636 if (!co) 637 return; 638 639 fp = co->co_file; 640 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 641 list_del(&co->co_perfile); 642 spin_unlock(&fp->fi_lock); 643 644 nfsd4_return_all_file_layouts(co->co_client, fp); 645 kmem_cache_free(odstate_slab, co); 646 } 647 } 648 649 static struct nfs4_clnt_odstate * 650 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 651 { 652 struct nfs4_clnt_odstate *co; 653 struct nfs4_client *cl; 654 655 if (!new) 656 return NULL; 657 658 cl = new->co_client; 659 660 spin_lock(&fp->fi_lock); 661 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 662 if (co->co_client == cl) { 663 get_clnt_odstate(co); 664 goto out; 665 } 666 } 667 co = new; 668 co->co_file = fp; 669 hash_clnt_odstate_locked(new); 670 out: 671 spin_unlock(&fp->fi_lock); 672 return co; 673 } 674 675 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 676 void (*sc_free)(struct nfs4_stid *)) 677 { 678 struct nfs4_stid *stid; 679 int new_id; 680 681 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 682 if (!stid) 683 return NULL; 684 685 idr_preload(GFP_KERNEL); 686 spin_lock(&cl->cl_lock); 687 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT); 688 spin_unlock(&cl->cl_lock); 689 idr_preload_end(); 690 if (new_id < 0) 691 goto out_free; 692 693 stid->sc_free = sc_free; 694 stid->sc_client = cl; 695 stid->sc_stateid.si_opaque.so_id = new_id; 696 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 697 /* Will be incremented before return to client: */ 698 refcount_set(&stid->sc_count, 1); 699 spin_lock_init(&stid->sc_lock); 700 701 /* 702 * It shouldn't be a problem to reuse an opaque stateid value. 703 * I don't think it is for 4.1. But with 4.0 I worry that, for 704 * example, a stray write retransmission could be accepted by 705 * the server when it should have been rejected. Therefore, 706 * adopt a trick from the sctp code to attempt to maximize the 707 * amount of time until an id is reused, by ensuring they always 708 * "increase" (mod INT_MAX): 709 */ 710 return stid; 711 out_free: 712 kmem_cache_free(slab, stid); 713 return NULL; 714 } 715 716 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 717 { 718 struct nfs4_stid *stid; 719 720 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 721 if (!stid) 722 return NULL; 723 724 return openlockstateid(stid); 725 } 726 727 static void nfs4_free_deleg(struct nfs4_stid *stid) 728 { 729 kmem_cache_free(deleg_slab, stid); 730 atomic_long_dec(&num_delegations); 731 } 732 733 /* 734 * When we recall a delegation, we should be careful not to hand it 735 * out again straight away. 736 * To ensure this we keep a pair of bloom filters ('new' and 'old') 737 * in which the filehandles of recalled delegations are "stored". 738 * If a filehandle appear in either filter, a delegation is blocked. 739 * When a delegation is recalled, the filehandle is stored in the "new" 740 * filter. 741 * Every 30 seconds we swap the filters and clear the "new" one, 742 * unless both are empty of course. 743 * 744 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 745 * low 3 bytes as hash-table indices. 746 * 747 * 'blocked_delegations_lock', which is always taken in block_delegations(), 748 * is used to manage concurrent access. Testing does not need the lock 749 * except when swapping the two filters. 750 */ 751 static DEFINE_SPINLOCK(blocked_delegations_lock); 752 static struct bloom_pair { 753 int entries, old_entries; 754 time_t swap_time; 755 int new; /* index into 'set' */ 756 DECLARE_BITMAP(set[2], 256); 757 } blocked_delegations; 758 759 static int delegation_blocked(struct knfsd_fh *fh) 760 { 761 u32 hash; 762 struct bloom_pair *bd = &blocked_delegations; 763 764 if (bd->entries == 0) 765 return 0; 766 if (seconds_since_boot() - bd->swap_time > 30) { 767 spin_lock(&blocked_delegations_lock); 768 if (seconds_since_boot() - bd->swap_time > 30) { 769 bd->entries -= bd->old_entries; 770 bd->old_entries = bd->entries; 771 memset(bd->set[bd->new], 0, 772 sizeof(bd->set[0])); 773 bd->new = 1-bd->new; 774 bd->swap_time = seconds_since_boot(); 775 } 776 spin_unlock(&blocked_delegations_lock); 777 } 778 hash = jhash(&fh->fh_base, fh->fh_size, 0); 779 if (test_bit(hash&255, bd->set[0]) && 780 test_bit((hash>>8)&255, bd->set[0]) && 781 test_bit((hash>>16)&255, bd->set[0])) 782 return 1; 783 784 if (test_bit(hash&255, bd->set[1]) && 785 test_bit((hash>>8)&255, bd->set[1]) && 786 test_bit((hash>>16)&255, bd->set[1])) 787 return 1; 788 789 return 0; 790 } 791 792 static void block_delegations(struct knfsd_fh *fh) 793 { 794 u32 hash; 795 struct bloom_pair *bd = &blocked_delegations; 796 797 hash = jhash(&fh->fh_base, fh->fh_size, 0); 798 799 spin_lock(&blocked_delegations_lock); 800 __set_bit(hash&255, bd->set[bd->new]); 801 __set_bit((hash>>8)&255, bd->set[bd->new]); 802 __set_bit((hash>>16)&255, bd->set[bd->new]); 803 if (bd->entries == 0) 804 bd->swap_time = seconds_since_boot(); 805 bd->entries += 1; 806 spin_unlock(&blocked_delegations_lock); 807 } 808 809 static struct nfs4_delegation * 810 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 811 struct svc_fh *current_fh, 812 struct nfs4_clnt_odstate *odstate) 813 { 814 struct nfs4_delegation *dp; 815 long n; 816 817 dprintk("NFSD alloc_init_deleg\n"); 818 n = atomic_long_inc_return(&num_delegations); 819 if (n < 0 || n > max_delegations) 820 goto out_dec; 821 if (delegation_blocked(¤t_fh->fh_handle)) 822 goto out_dec; 823 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 824 if (dp == NULL) 825 goto out_dec; 826 827 /* 828 * delegation seqid's are never incremented. The 4.1 special 829 * meaning of seqid 0 isn't meaningful, really, but let's avoid 830 * 0 anyway just for consistency and use 1: 831 */ 832 dp->dl_stid.sc_stateid.si_generation = 1; 833 INIT_LIST_HEAD(&dp->dl_perfile); 834 INIT_LIST_HEAD(&dp->dl_perclnt); 835 INIT_LIST_HEAD(&dp->dl_recall_lru); 836 dp->dl_clnt_odstate = odstate; 837 get_clnt_odstate(odstate); 838 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 839 dp->dl_retries = 1; 840 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 841 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 842 get_nfs4_file(fp); 843 dp->dl_stid.sc_file = fp; 844 return dp; 845 out_dec: 846 atomic_long_dec(&num_delegations); 847 return NULL; 848 } 849 850 void 851 nfs4_put_stid(struct nfs4_stid *s) 852 { 853 struct nfs4_file *fp = s->sc_file; 854 struct nfs4_client *clp = s->sc_client; 855 856 might_lock(&clp->cl_lock); 857 858 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 859 wake_up_all(&close_wq); 860 return; 861 } 862 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 863 spin_unlock(&clp->cl_lock); 864 s->sc_free(s); 865 if (fp) 866 put_nfs4_file(fp); 867 } 868 869 void 870 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 871 { 872 stateid_t *src = &stid->sc_stateid; 873 874 spin_lock(&stid->sc_lock); 875 if (unlikely(++src->si_generation == 0)) 876 src->si_generation = 1; 877 memcpy(dst, src, sizeof(*dst)); 878 spin_unlock(&stid->sc_lock); 879 } 880 881 static void put_deleg_file(struct nfs4_file *fp) 882 { 883 struct file *filp = NULL; 884 885 spin_lock(&fp->fi_lock); 886 if (--fp->fi_delegees == 0) 887 swap(filp, fp->fi_deleg_file); 888 spin_unlock(&fp->fi_lock); 889 890 if (filp) 891 fput(filp); 892 } 893 894 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 895 { 896 struct nfs4_file *fp = dp->dl_stid.sc_file; 897 struct file *filp = fp->fi_deleg_file; 898 899 WARN_ON_ONCE(!fp->fi_delegees); 900 901 vfs_setlease(filp, F_UNLCK, NULL, (void **)&dp); 902 put_deleg_file(fp); 903 } 904 905 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 906 { 907 put_clnt_odstate(dp->dl_clnt_odstate); 908 nfs4_unlock_deleg_lease(dp); 909 nfs4_put_stid(&dp->dl_stid); 910 } 911 912 void nfs4_unhash_stid(struct nfs4_stid *s) 913 { 914 s->sc_type = 0; 915 } 916 917 /** 918 * nfs4_delegation_exists - Discover if this delegation already exists 919 * @clp: a pointer to the nfs4_client we're granting a delegation to 920 * @fp: a pointer to the nfs4_file we're granting a delegation on 921 * 922 * Return: 923 * On success: true iff an existing delegation is found 924 */ 925 926 static bool 927 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 928 { 929 struct nfs4_delegation *searchdp = NULL; 930 struct nfs4_client *searchclp = NULL; 931 932 lockdep_assert_held(&state_lock); 933 lockdep_assert_held(&fp->fi_lock); 934 935 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 936 searchclp = searchdp->dl_stid.sc_client; 937 if (clp == searchclp) { 938 return true; 939 } 940 } 941 return false; 942 } 943 944 /** 945 * hash_delegation_locked - Add a delegation to the appropriate lists 946 * @dp: a pointer to the nfs4_delegation we are adding. 947 * @fp: a pointer to the nfs4_file we're granting a delegation on 948 * 949 * Return: 950 * On success: NULL if the delegation was successfully hashed. 951 * 952 * On error: -EAGAIN if one was previously granted to this 953 * nfs4_client for this nfs4_file. Delegation is not hashed. 954 * 955 */ 956 957 static int 958 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 959 { 960 struct nfs4_client *clp = dp->dl_stid.sc_client; 961 962 lockdep_assert_held(&state_lock); 963 lockdep_assert_held(&fp->fi_lock); 964 965 if (nfs4_delegation_exists(clp, fp)) 966 return -EAGAIN; 967 refcount_inc(&dp->dl_stid.sc_count); 968 dp->dl_stid.sc_type = NFS4_DELEG_STID; 969 list_add(&dp->dl_perfile, &fp->fi_delegations); 970 list_add(&dp->dl_perclnt, &clp->cl_delegations); 971 return 0; 972 } 973 974 static bool 975 unhash_delegation_locked(struct nfs4_delegation *dp) 976 { 977 struct nfs4_file *fp = dp->dl_stid.sc_file; 978 979 lockdep_assert_held(&state_lock); 980 981 if (list_empty(&dp->dl_perfile)) 982 return false; 983 984 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 985 /* Ensure that deleg break won't try to requeue it */ 986 ++dp->dl_time; 987 spin_lock(&fp->fi_lock); 988 list_del_init(&dp->dl_perclnt); 989 list_del_init(&dp->dl_recall_lru); 990 list_del_init(&dp->dl_perfile); 991 spin_unlock(&fp->fi_lock); 992 return true; 993 } 994 995 static void destroy_delegation(struct nfs4_delegation *dp) 996 { 997 bool unhashed; 998 999 spin_lock(&state_lock); 1000 unhashed = unhash_delegation_locked(dp); 1001 spin_unlock(&state_lock); 1002 if (unhashed) 1003 destroy_unhashed_deleg(dp); 1004 } 1005 1006 static void revoke_delegation(struct nfs4_delegation *dp) 1007 { 1008 struct nfs4_client *clp = dp->dl_stid.sc_client; 1009 1010 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1011 1012 if (clp->cl_minorversion) { 1013 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 1014 refcount_inc(&dp->dl_stid.sc_count); 1015 spin_lock(&clp->cl_lock); 1016 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1017 spin_unlock(&clp->cl_lock); 1018 } 1019 destroy_unhashed_deleg(dp); 1020 } 1021 1022 /* 1023 * SETCLIENTID state 1024 */ 1025 1026 static unsigned int clientid_hashval(u32 id) 1027 { 1028 return id & CLIENT_HASH_MASK; 1029 } 1030 1031 static unsigned int clientstr_hashval(const char *name) 1032 { 1033 return opaque_hashval(name, 8) & CLIENT_HASH_MASK; 1034 } 1035 1036 /* 1037 * We store the NONE, READ, WRITE, and BOTH bits separately in the 1038 * st_{access,deny}_bmap field of the stateid, in order to track not 1039 * only what share bits are currently in force, but also what 1040 * combinations of share bits previous opens have used. This allows us 1041 * to enforce the recommendation of rfc 3530 14.2.19 that the server 1042 * return an error if the client attempt to downgrade to a combination 1043 * of share bits not explicable by closing some of its previous opens. 1044 * 1045 * XXX: This enforcement is actually incomplete, since we don't keep 1046 * track of access/deny bit combinations; so, e.g., we allow: 1047 * 1048 * OPEN allow read, deny write 1049 * OPEN allow both, deny none 1050 * DOWNGRADE allow read, deny none 1051 * 1052 * which we should reject. 1053 */ 1054 static unsigned int 1055 bmap_to_share_mode(unsigned long bmap) { 1056 int i; 1057 unsigned int access = 0; 1058 1059 for (i = 1; i < 4; i++) { 1060 if (test_bit(i, &bmap)) 1061 access |= i; 1062 } 1063 return access; 1064 } 1065 1066 /* set share access for a given stateid */ 1067 static inline void 1068 set_access(u32 access, struct nfs4_ol_stateid *stp) 1069 { 1070 unsigned char mask = 1 << access; 1071 1072 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1073 stp->st_access_bmap |= mask; 1074 } 1075 1076 /* clear share access for a given stateid */ 1077 static inline void 1078 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1079 { 1080 unsigned char mask = 1 << access; 1081 1082 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1083 stp->st_access_bmap &= ~mask; 1084 } 1085 1086 /* test whether a given stateid has access */ 1087 static inline bool 1088 test_access(u32 access, struct nfs4_ol_stateid *stp) 1089 { 1090 unsigned char mask = 1 << access; 1091 1092 return (bool)(stp->st_access_bmap & mask); 1093 } 1094 1095 /* set share deny for a given stateid */ 1096 static inline void 1097 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1098 { 1099 unsigned char mask = 1 << deny; 1100 1101 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1102 stp->st_deny_bmap |= mask; 1103 } 1104 1105 /* clear share deny for a given stateid */ 1106 static inline void 1107 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1108 { 1109 unsigned char mask = 1 << deny; 1110 1111 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1112 stp->st_deny_bmap &= ~mask; 1113 } 1114 1115 /* test whether a given stateid is denying specific access */ 1116 static inline bool 1117 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1118 { 1119 unsigned char mask = 1 << deny; 1120 1121 return (bool)(stp->st_deny_bmap & mask); 1122 } 1123 1124 static int nfs4_access_to_omode(u32 access) 1125 { 1126 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1127 case NFS4_SHARE_ACCESS_READ: 1128 return O_RDONLY; 1129 case NFS4_SHARE_ACCESS_WRITE: 1130 return O_WRONLY; 1131 case NFS4_SHARE_ACCESS_BOTH: 1132 return O_RDWR; 1133 } 1134 WARN_ON_ONCE(1); 1135 return O_RDONLY; 1136 } 1137 1138 /* 1139 * A stateid that had a deny mode associated with it is being released 1140 * or downgraded. Recalculate the deny mode on the file. 1141 */ 1142 static void 1143 recalculate_deny_mode(struct nfs4_file *fp) 1144 { 1145 struct nfs4_ol_stateid *stp; 1146 1147 spin_lock(&fp->fi_lock); 1148 fp->fi_share_deny = 0; 1149 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1150 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1151 spin_unlock(&fp->fi_lock); 1152 } 1153 1154 static void 1155 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1156 { 1157 int i; 1158 bool change = false; 1159 1160 for (i = 1; i < 4; i++) { 1161 if ((i & deny) != i) { 1162 change = true; 1163 clear_deny(i, stp); 1164 } 1165 } 1166 1167 /* Recalculate per-file deny mode if there was a change */ 1168 if (change) 1169 recalculate_deny_mode(stp->st_stid.sc_file); 1170 } 1171 1172 /* release all access and file references for a given stateid */ 1173 static void 1174 release_all_access(struct nfs4_ol_stateid *stp) 1175 { 1176 int i; 1177 struct nfs4_file *fp = stp->st_stid.sc_file; 1178 1179 if (fp && stp->st_deny_bmap != 0) 1180 recalculate_deny_mode(fp); 1181 1182 for (i = 1; i < 4; i++) { 1183 if (test_access(i, stp)) 1184 nfs4_file_put_access(stp->st_stid.sc_file, i); 1185 clear_access(i, stp); 1186 } 1187 } 1188 1189 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1190 { 1191 kfree(sop->so_owner.data); 1192 sop->so_ops->so_free(sop); 1193 } 1194 1195 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1196 { 1197 struct nfs4_client *clp = sop->so_client; 1198 1199 might_lock(&clp->cl_lock); 1200 1201 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1202 return; 1203 sop->so_ops->so_unhash(sop); 1204 spin_unlock(&clp->cl_lock); 1205 nfs4_free_stateowner(sop); 1206 } 1207 1208 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1209 { 1210 struct nfs4_file *fp = stp->st_stid.sc_file; 1211 1212 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1213 1214 if (list_empty(&stp->st_perfile)) 1215 return false; 1216 1217 spin_lock(&fp->fi_lock); 1218 list_del_init(&stp->st_perfile); 1219 spin_unlock(&fp->fi_lock); 1220 list_del(&stp->st_perstateowner); 1221 return true; 1222 } 1223 1224 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1225 { 1226 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1227 1228 put_clnt_odstate(stp->st_clnt_odstate); 1229 release_all_access(stp); 1230 if (stp->st_stateowner) 1231 nfs4_put_stateowner(stp->st_stateowner); 1232 kmem_cache_free(stateid_slab, stid); 1233 } 1234 1235 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1236 { 1237 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1238 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1239 struct file *file; 1240 1241 file = find_any_file(stp->st_stid.sc_file); 1242 if (file) 1243 filp_close(file, (fl_owner_t)lo); 1244 nfs4_free_ol_stateid(stid); 1245 } 1246 1247 /* 1248 * Put the persistent reference to an already unhashed generic stateid, while 1249 * holding the cl_lock. If it's the last reference, then put it onto the 1250 * reaplist for later destruction. 1251 */ 1252 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1253 struct list_head *reaplist) 1254 { 1255 struct nfs4_stid *s = &stp->st_stid; 1256 struct nfs4_client *clp = s->sc_client; 1257 1258 lockdep_assert_held(&clp->cl_lock); 1259 1260 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1261 1262 if (!refcount_dec_and_test(&s->sc_count)) { 1263 wake_up_all(&close_wq); 1264 return; 1265 } 1266 1267 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1268 list_add(&stp->st_locks, reaplist); 1269 } 1270 1271 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1272 { 1273 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1274 1275 list_del_init(&stp->st_locks); 1276 nfs4_unhash_stid(&stp->st_stid); 1277 return unhash_ol_stateid(stp); 1278 } 1279 1280 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1281 { 1282 struct nfs4_client *clp = stp->st_stid.sc_client; 1283 bool unhashed; 1284 1285 spin_lock(&clp->cl_lock); 1286 unhashed = unhash_lock_stateid(stp); 1287 spin_unlock(&clp->cl_lock); 1288 if (unhashed) 1289 nfs4_put_stid(&stp->st_stid); 1290 } 1291 1292 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1293 { 1294 struct nfs4_client *clp = lo->lo_owner.so_client; 1295 1296 lockdep_assert_held(&clp->cl_lock); 1297 1298 list_del_init(&lo->lo_owner.so_strhash); 1299 } 1300 1301 /* 1302 * Free a list of generic stateids that were collected earlier after being 1303 * fully unhashed. 1304 */ 1305 static void 1306 free_ol_stateid_reaplist(struct list_head *reaplist) 1307 { 1308 struct nfs4_ol_stateid *stp; 1309 struct nfs4_file *fp; 1310 1311 might_sleep(); 1312 1313 while (!list_empty(reaplist)) { 1314 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1315 st_locks); 1316 list_del(&stp->st_locks); 1317 fp = stp->st_stid.sc_file; 1318 stp->st_stid.sc_free(&stp->st_stid); 1319 if (fp) 1320 put_nfs4_file(fp); 1321 } 1322 } 1323 1324 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1325 struct list_head *reaplist) 1326 { 1327 struct nfs4_ol_stateid *stp; 1328 1329 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1330 1331 while (!list_empty(&open_stp->st_locks)) { 1332 stp = list_entry(open_stp->st_locks.next, 1333 struct nfs4_ol_stateid, st_locks); 1334 WARN_ON(!unhash_lock_stateid(stp)); 1335 put_ol_stateid_locked(stp, reaplist); 1336 } 1337 } 1338 1339 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1340 struct list_head *reaplist) 1341 { 1342 bool unhashed; 1343 1344 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1345 1346 unhashed = unhash_ol_stateid(stp); 1347 release_open_stateid_locks(stp, reaplist); 1348 return unhashed; 1349 } 1350 1351 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1352 { 1353 LIST_HEAD(reaplist); 1354 1355 spin_lock(&stp->st_stid.sc_client->cl_lock); 1356 if (unhash_open_stateid(stp, &reaplist)) 1357 put_ol_stateid_locked(stp, &reaplist); 1358 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1359 free_ol_stateid_reaplist(&reaplist); 1360 } 1361 1362 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1363 { 1364 struct nfs4_client *clp = oo->oo_owner.so_client; 1365 1366 lockdep_assert_held(&clp->cl_lock); 1367 1368 list_del_init(&oo->oo_owner.so_strhash); 1369 list_del_init(&oo->oo_perclient); 1370 } 1371 1372 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1373 { 1374 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1375 nfsd_net_id); 1376 struct nfs4_ol_stateid *s; 1377 1378 spin_lock(&nn->client_lock); 1379 s = oo->oo_last_closed_stid; 1380 if (s) { 1381 list_del_init(&oo->oo_close_lru); 1382 oo->oo_last_closed_stid = NULL; 1383 } 1384 spin_unlock(&nn->client_lock); 1385 if (s) 1386 nfs4_put_stid(&s->st_stid); 1387 } 1388 1389 static void release_openowner(struct nfs4_openowner *oo) 1390 { 1391 struct nfs4_ol_stateid *stp; 1392 struct nfs4_client *clp = oo->oo_owner.so_client; 1393 struct list_head reaplist; 1394 1395 INIT_LIST_HEAD(&reaplist); 1396 1397 spin_lock(&clp->cl_lock); 1398 unhash_openowner_locked(oo); 1399 while (!list_empty(&oo->oo_owner.so_stateids)) { 1400 stp = list_first_entry(&oo->oo_owner.so_stateids, 1401 struct nfs4_ol_stateid, st_perstateowner); 1402 if (unhash_open_stateid(stp, &reaplist)) 1403 put_ol_stateid_locked(stp, &reaplist); 1404 } 1405 spin_unlock(&clp->cl_lock); 1406 free_ol_stateid_reaplist(&reaplist); 1407 release_last_closed_stateid(oo); 1408 nfs4_put_stateowner(&oo->oo_owner); 1409 } 1410 1411 static inline int 1412 hash_sessionid(struct nfs4_sessionid *sessionid) 1413 { 1414 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1415 1416 return sid->sequence % SESSION_HASH_SIZE; 1417 } 1418 1419 #ifdef CONFIG_SUNRPC_DEBUG 1420 static inline void 1421 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1422 { 1423 u32 *ptr = (u32 *)(&sessionid->data[0]); 1424 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1425 } 1426 #else 1427 static inline void 1428 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1429 { 1430 } 1431 #endif 1432 1433 /* 1434 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1435 * won't be used for replay. 1436 */ 1437 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1438 { 1439 struct nfs4_stateowner *so = cstate->replay_owner; 1440 1441 if (nfserr == nfserr_replay_me) 1442 return; 1443 1444 if (!seqid_mutating_err(ntohl(nfserr))) { 1445 nfsd4_cstate_clear_replay(cstate); 1446 return; 1447 } 1448 if (!so) 1449 return; 1450 if (so->so_is_open_owner) 1451 release_last_closed_stateid(openowner(so)); 1452 so->so_seqid++; 1453 return; 1454 } 1455 1456 static void 1457 gen_sessionid(struct nfsd4_session *ses) 1458 { 1459 struct nfs4_client *clp = ses->se_client; 1460 struct nfsd4_sessionid *sid; 1461 1462 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1463 sid->clientid = clp->cl_clientid; 1464 sid->sequence = current_sessionid++; 1465 sid->reserved = 0; 1466 } 1467 1468 /* 1469 * The protocol defines ca_maxresponssize_cached to include the size of 1470 * the rpc header, but all we need to cache is the data starting after 1471 * the end of the initial SEQUENCE operation--the rest we regenerate 1472 * each time. Therefore we can advertise a ca_maxresponssize_cached 1473 * value that is the number of bytes in our cache plus a few additional 1474 * bytes. In order to stay on the safe side, and not promise more than 1475 * we can cache, those additional bytes must be the minimum possible: 24 1476 * bytes of rpc header (xid through accept state, with AUTH_NULL 1477 * verifier), 12 for the compound header (with zero-length tag), and 44 1478 * for the SEQUENCE op response: 1479 */ 1480 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1481 1482 static void 1483 free_session_slots(struct nfsd4_session *ses) 1484 { 1485 int i; 1486 1487 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1488 free_svc_cred(&ses->se_slots[i]->sl_cred); 1489 kfree(ses->se_slots[i]); 1490 } 1491 } 1492 1493 /* 1494 * We don't actually need to cache the rpc and session headers, so we 1495 * can allocate a little less for each slot: 1496 */ 1497 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1498 { 1499 u32 size; 1500 1501 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1502 size = 0; 1503 else 1504 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1505 return size + sizeof(struct nfsd4_slot); 1506 } 1507 1508 /* 1509 * XXX: If we run out of reserved DRC memory we could (up to a point) 1510 * re-negotiate active sessions and reduce their slot usage to make 1511 * room for new connections. For now we just fail the create session. 1512 */ 1513 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca) 1514 { 1515 u32 slotsize = slot_bytes(ca); 1516 u32 num = ca->maxreqs; 1517 int avail; 1518 1519 spin_lock(&nfsd_drc_lock); 1520 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, 1521 nfsd_drc_max_mem - nfsd_drc_mem_used); 1522 /* 1523 * Never use more than a third of the remaining memory, 1524 * unless it's the only way to give this client a slot: 1525 */ 1526 avail = clamp_t(int, avail, slotsize, avail/3); 1527 num = min_t(int, num, avail / slotsize); 1528 nfsd_drc_mem_used += num * slotsize; 1529 spin_unlock(&nfsd_drc_lock); 1530 1531 return num; 1532 } 1533 1534 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1535 { 1536 int slotsize = slot_bytes(ca); 1537 1538 spin_lock(&nfsd_drc_lock); 1539 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1540 spin_unlock(&nfsd_drc_lock); 1541 } 1542 1543 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1544 struct nfsd4_channel_attrs *battrs) 1545 { 1546 int numslots = fattrs->maxreqs; 1547 int slotsize = slot_bytes(fattrs); 1548 struct nfsd4_session *new; 1549 int mem, i; 1550 1551 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1552 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1553 mem = numslots * sizeof(struct nfsd4_slot *); 1554 1555 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1556 if (!new) 1557 return NULL; 1558 /* allocate each struct nfsd4_slot and data cache in one piece */ 1559 for (i = 0; i < numslots; i++) { 1560 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1561 if (!new->se_slots[i]) 1562 goto out_free; 1563 } 1564 1565 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1566 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1567 1568 return new; 1569 out_free: 1570 while (i--) 1571 kfree(new->se_slots[i]); 1572 kfree(new); 1573 return NULL; 1574 } 1575 1576 static void free_conn(struct nfsd4_conn *c) 1577 { 1578 svc_xprt_put(c->cn_xprt); 1579 kfree(c); 1580 } 1581 1582 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1583 { 1584 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1585 struct nfs4_client *clp = c->cn_session->se_client; 1586 1587 spin_lock(&clp->cl_lock); 1588 if (!list_empty(&c->cn_persession)) { 1589 list_del(&c->cn_persession); 1590 free_conn(c); 1591 } 1592 nfsd4_probe_callback(clp); 1593 spin_unlock(&clp->cl_lock); 1594 } 1595 1596 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1597 { 1598 struct nfsd4_conn *conn; 1599 1600 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1601 if (!conn) 1602 return NULL; 1603 svc_xprt_get(rqstp->rq_xprt); 1604 conn->cn_xprt = rqstp->rq_xprt; 1605 conn->cn_flags = flags; 1606 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1607 return conn; 1608 } 1609 1610 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1611 { 1612 conn->cn_session = ses; 1613 list_add(&conn->cn_persession, &ses->se_conns); 1614 } 1615 1616 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1617 { 1618 struct nfs4_client *clp = ses->se_client; 1619 1620 spin_lock(&clp->cl_lock); 1621 __nfsd4_hash_conn(conn, ses); 1622 spin_unlock(&clp->cl_lock); 1623 } 1624 1625 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1626 { 1627 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1628 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1629 } 1630 1631 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1632 { 1633 int ret; 1634 1635 nfsd4_hash_conn(conn, ses); 1636 ret = nfsd4_register_conn(conn); 1637 if (ret) 1638 /* oops; xprt is already down: */ 1639 nfsd4_conn_lost(&conn->cn_xpt_user); 1640 /* We may have gained or lost a callback channel: */ 1641 nfsd4_probe_callback_sync(ses->se_client); 1642 } 1643 1644 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1645 { 1646 u32 dir = NFS4_CDFC4_FORE; 1647 1648 if (cses->flags & SESSION4_BACK_CHAN) 1649 dir |= NFS4_CDFC4_BACK; 1650 return alloc_conn(rqstp, dir); 1651 } 1652 1653 /* must be called under client_lock */ 1654 static void nfsd4_del_conns(struct nfsd4_session *s) 1655 { 1656 struct nfs4_client *clp = s->se_client; 1657 struct nfsd4_conn *c; 1658 1659 spin_lock(&clp->cl_lock); 1660 while (!list_empty(&s->se_conns)) { 1661 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1662 list_del_init(&c->cn_persession); 1663 spin_unlock(&clp->cl_lock); 1664 1665 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1666 free_conn(c); 1667 1668 spin_lock(&clp->cl_lock); 1669 } 1670 spin_unlock(&clp->cl_lock); 1671 } 1672 1673 static void __free_session(struct nfsd4_session *ses) 1674 { 1675 free_session_slots(ses); 1676 kfree(ses); 1677 } 1678 1679 static void free_session(struct nfsd4_session *ses) 1680 { 1681 nfsd4_del_conns(ses); 1682 nfsd4_put_drc_mem(&ses->se_fchannel); 1683 __free_session(ses); 1684 } 1685 1686 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1687 { 1688 int idx; 1689 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1690 1691 new->se_client = clp; 1692 gen_sessionid(new); 1693 1694 INIT_LIST_HEAD(&new->se_conns); 1695 1696 new->se_cb_seq_nr = 1; 1697 new->se_flags = cses->flags; 1698 new->se_cb_prog = cses->callback_prog; 1699 new->se_cb_sec = cses->cb_sec; 1700 atomic_set(&new->se_ref, 0); 1701 idx = hash_sessionid(&new->se_sessionid); 1702 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1703 spin_lock(&clp->cl_lock); 1704 list_add(&new->se_perclnt, &clp->cl_sessions); 1705 spin_unlock(&clp->cl_lock); 1706 1707 { 1708 struct sockaddr *sa = svc_addr(rqstp); 1709 /* 1710 * This is a little silly; with sessions there's no real 1711 * use for the callback address. Use the peer address 1712 * as a reasonable default for now, but consider fixing 1713 * the rpc client not to require an address in the 1714 * future: 1715 */ 1716 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1717 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1718 } 1719 } 1720 1721 /* caller must hold client_lock */ 1722 static struct nfsd4_session * 1723 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1724 { 1725 struct nfsd4_session *elem; 1726 int idx; 1727 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1728 1729 lockdep_assert_held(&nn->client_lock); 1730 1731 dump_sessionid(__func__, sessionid); 1732 idx = hash_sessionid(sessionid); 1733 /* Search in the appropriate list */ 1734 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1735 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1736 NFS4_MAX_SESSIONID_LEN)) { 1737 return elem; 1738 } 1739 } 1740 1741 dprintk("%s: session not found\n", __func__); 1742 return NULL; 1743 } 1744 1745 static struct nfsd4_session * 1746 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1747 __be32 *ret) 1748 { 1749 struct nfsd4_session *session; 1750 __be32 status = nfserr_badsession; 1751 1752 session = __find_in_sessionid_hashtbl(sessionid, net); 1753 if (!session) 1754 goto out; 1755 status = nfsd4_get_session_locked(session); 1756 if (status) 1757 session = NULL; 1758 out: 1759 *ret = status; 1760 return session; 1761 } 1762 1763 /* caller must hold client_lock */ 1764 static void 1765 unhash_session(struct nfsd4_session *ses) 1766 { 1767 struct nfs4_client *clp = ses->se_client; 1768 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1769 1770 lockdep_assert_held(&nn->client_lock); 1771 1772 list_del(&ses->se_hash); 1773 spin_lock(&ses->se_client->cl_lock); 1774 list_del(&ses->se_perclnt); 1775 spin_unlock(&ses->se_client->cl_lock); 1776 } 1777 1778 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1779 static int 1780 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1781 { 1782 /* 1783 * We're assuming the clid was not given out from a boot 1784 * precisely 2^32 (about 136 years) before this one. That seems 1785 * a safe assumption: 1786 */ 1787 if (clid->cl_boot == (u32)nn->boot_time) 1788 return 0; 1789 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n", 1790 clid->cl_boot, clid->cl_id, nn->boot_time); 1791 return 1; 1792 } 1793 1794 /* 1795 * XXX Should we use a slab cache ? 1796 * This type of memory management is somewhat inefficient, but we use it 1797 * anyway since SETCLIENTID is not a common operation. 1798 */ 1799 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1800 { 1801 struct nfs4_client *clp; 1802 int i; 1803 1804 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 1805 if (clp == NULL) 1806 return NULL; 1807 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1808 if (clp->cl_name.data == NULL) 1809 goto err_no_name; 1810 clp->cl_ownerstr_hashtbl = kmalloc(sizeof(struct list_head) * 1811 OWNER_HASH_SIZE, GFP_KERNEL); 1812 if (!clp->cl_ownerstr_hashtbl) 1813 goto err_no_hashtbl; 1814 for (i = 0; i < OWNER_HASH_SIZE; i++) 1815 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1816 clp->cl_name.len = name.len; 1817 INIT_LIST_HEAD(&clp->cl_sessions); 1818 idr_init(&clp->cl_stateids); 1819 atomic_set(&clp->cl_refcount, 0); 1820 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1821 INIT_LIST_HEAD(&clp->cl_idhash); 1822 INIT_LIST_HEAD(&clp->cl_openowners); 1823 INIT_LIST_HEAD(&clp->cl_delegations); 1824 INIT_LIST_HEAD(&clp->cl_lru); 1825 INIT_LIST_HEAD(&clp->cl_revoked); 1826 #ifdef CONFIG_NFSD_PNFS 1827 INIT_LIST_HEAD(&clp->cl_lo_states); 1828 #endif 1829 spin_lock_init(&clp->cl_lock); 1830 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1831 return clp; 1832 err_no_hashtbl: 1833 kfree(clp->cl_name.data); 1834 err_no_name: 1835 kmem_cache_free(client_slab, clp); 1836 return NULL; 1837 } 1838 1839 static void 1840 free_client(struct nfs4_client *clp) 1841 { 1842 while (!list_empty(&clp->cl_sessions)) { 1843 struct nfsd4_session *ses; 1844 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1845 se_perclnt); 1846 list_del(&ses->se_perclnt); 1847 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 1848 free_session(ses); 1849 } 1850 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1851 free_svc_cred(&clp->cl_cred); 1852 kfree(clp->cl_ownerstr_hashtbl); 1853 kfree(clp->cl_name.data); 1854 idr_destroy(&clp->cl_stateids); 1855 kmem_cache_free(client_slab, clp); 1856 } 1857 1858 /* must be called under the client_lock */ 1859 static void 1860 unhash_client_locked(struct nfs4_client *clp) 1861 { 1862 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1863 struct nfsd4_session *ses; 1864 1865 lockdep_assert_held(&nn->client_lock); 1866 1867 /* Mark the client as expired! */ 1868 clp->cl_time = 0; 1869 /* Make it invisible */ 1870 if (!list_empty(&clp->cl_idhash)) { 1871 list_del_init(&clp->cl_idhash); 1872 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1873 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1874 else 1875 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1876 } 1877 list_del_init(&clp->cl_lru); 1878 spin_lock(&clp->cl_lock); 1879 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1880 list_del_init(&ses->se_hash); 1881 spin_unlock(&clp->cl_lock); 1882 } 1883 1884 static void 1885 unhash_client(struct nfs4_client *clp) 1886 { 1887 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1888 1889 spin_lock(&nn->client_lock); 1890 unhash_client_locked(clp); 1891 spin_unlock(&nn->client_lock); 1892 } 1893 1894 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 1895 { 1896 if (atomic_read(&clp->cl_refcount)) 1897 return nfserr_jukebox; 1898 unhash_client_locked(clp); 1899 return nfs_ok; 1900 } 1901 1902 static void 1903 __destroy_client(struct nfs4_client *clp) 1904 { 1905 int i; 1906 struct nfs4_openowner *oo; 1907 struct nfs4_delegation *dp; 1908 struct list_head reaplist; 1909 1910 INIT_LIST_HEAD(&reaplist); 1911 spin_lock(&state_lock); 1912 while (!list_empty(&clp->cl_delegations)) { 1913 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1914 WARN_ON(!unhash_delegation_locked(dp)); 1915 list_add(&dp->dl_recall_lru, &reaplist); 1916 } 1917 spin_unlock(&state_lock); 1918 while (!list_empty(&reaplist)) { 1919 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1920 list_del_init(&dp->dl_recall_lru); 1921 destroy_unhashed_deleg(dp); 1922 } 1923 while (!list_empty(&clp->cl_revoked)) { 1924 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 1925 list_del_init(&dp->dl_recall_lru); 1926 nfs4_put_stid(&dp->dl_stid); 1927 } 1928 while (!list_empty(&clp->cl_openowners)) { 1929 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1930 nfs4_get_stateowner(&oo->oo_owner); 1931 release_openowner(oo); 1932 } 1933 for (i = 0; i < OWNER_HASH_SIZE; i++) { 1934 struct nfs4_stateowner *so, *tmp; 1935 1936 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 1937 so_strhash) { 1938 /* Should be no openowners at this point */ 1939 WARN_ON_ONCE(so->so_is_open_owner); 1940 remove_blocked_locks(lockowner(so)); 1941 } 1942 } 1943 nfsd4_return_all_client_layouts(clp); 1944 nfsd4_shutdown_callback(clp); 1945 if (clp->cl_cb_conn.cb_xprt) 1946 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1947 free_client(clp); 1948 } 1949 1950 static void 1951 destroy_client(struct nfs4_client *clp) 1952 { 1953 unhash_client(clp); 1954 __destroy_client(clp); 1955 } 1956 1957 static void expire_client(struct nfs4_client *clp) 1958 { 1959 unhash_client(clp); 1960 nfsd4_client_record_remove(clp); 1961 __destroy_client(clp); 1962 } 1963 1964 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 1965 { 1966 memcpy(target->cl_verifier.data, source->data, 1967 sizeof(target->cl_verifier.data)); 1968 } 1969 1970 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 1971 { 1972 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 1973 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 1974 } 1975 1976 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 1977 { 1978 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 1979 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 1980 GFP_KERNEL); 1981 if ((source->cr_principal && ! target->cr_principal) || 1982 (source->cr_raw_principal && ! target->cr_raw_principal)) 1983 return -ENOMEM; 1984 1985 target->cr_flavor = source->cr_flavor; 1986 target->cr_uid = source->cr_uid; 1987 target->cr_gid = source->cr_gid; 1988 target->cr_group_info = source->cr_group_info; 1989 get_group_info(target->cr_group_info); 1990 target->cr_gss_mech = source->cr_gss_mech; 1991 if (source->cr_gss_mech) 1992 gss_mech_get(source->cr_gss_mech); 1993 return 0; 1994 } 1995 1996 static int 1997 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 1998 { 1999 if (o1->len < o2->len) 2000 return -1; 2001 if (o1->len > o2->len) 2002 return 1; 2003 return memcmp(o1->data, o2->data, o1->len); 2004 } 2005 2006 static int same_name(const char *n1, const char *n2) 2007 { 2008 return 0 == memcmp(n1, n2, HEXDIR_LEN); 2009 } 2010 2011 static int 2012 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2013 { 2014 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2015 } 2016 2017 static int 2018 same_clid(clientid_t *cl1, clientid_t *cl2) 2019 { 2020 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2021 } 2022 2023 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2024 { 2025 int i; 2026 2027 if (g1->ngroups != g2->ngroups) 2028 return false; 2029 for (i=0; i<g1->ngroups; i++) 2030 if (!gid_eq(g1->gid[i], g2->gid[i])) 2031 return false; 2032 return true; 2033 } 2034 2035 /* 2036 * RFC 3530 language requires clid_inuse be returned when the 2037 * "principal" associated with a requests differs from that previously 2038 * used. We use uid, gid's, and gss principal string as our best 2039 * approximation. We also don't want to allow non-gss use of a client 2040 * established using gss: in theory cr_principal should catch that 2041 * change, but in practice cr_principal can be null even in the gss case 2042 * since gssd doesn't always pass down a principal string. 2043 */ 2044 static bool is_gss_cred(struct svc_cred *cr) 2045 { 2046 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2047 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2048 } 2049 2050 2051 static bool 2052 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2053 { 2054 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2055 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2056 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2057 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2058 return false; 2059 if (cr1->cr_principal == cr2->cr_principal) 2060 return true; 2061 if (!cr1->cr_principal || !cr2->cr_principal) 2062 return false; 2063 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2064 } 2065 2066 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2067 { 2068 struct svc_cred *cr = &rqstp->rq_cred; 2069 u32 service; 2070 2071 if (!cr->cr_gss_mech) 2072 return false; 2073 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2074 return service == RPC_GSS_SVC_INTEGRITY || 2075 service == RPC_GSS_SVC_PRIVACY; 2076 } 2077 2078 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2079 { 2080 struct svc_cred *cr = &rqstp->rq_cred; 2081 2082 if (!cl->cl_mach_cred) 2083 return true; 2084 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2085 return false; 2086 if (!svc_rqst_integrity_protected(rqstp)) 2087 return false; 2088 if (cl->cl_cred.cr_raw_principal) 2089 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2090 cr->cr_raw_principal); 2091 if (!cr->cr_principal) 2092 return false; 2093 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2094 } 2095 2096 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2097 { 2098 __be32 verf[2]; 2099 2100 /* 2101 * This is opaque to client, so no need to byte-swap. Use 2102 * __force to keep sparse happy 2103 */ 2104 verf[0] = (__force __be32)get_seconds(); 2105 verf[1] = (__force __be32)nn->clverifier_counter++; 2106 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2107 } 2108 2109 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2110 { 2111 clp->cl_clientid.cl_boot = nn->boot_time; 2112 clp->cl_clientid.cl_id = nn->clientid_counter++; 2113 gen_confirm(clp, nn); 2114 } 2115 2116 static struct nfs4_stid * 2117 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2118 { 2119 struct nfs4_stid *ret; 2120 2121 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2122 if (!ret || !ret->sc_type) 2123 return NULL; 2124 return ret; 2125 } 2126 2127 static struct nfs4_stid * 2128 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2129 { 2130 struct nfs4_stid *s; 2131 2132 spin_lock(&cl->cl_lock); 2133 s = find_stateid_locked(cl, t); 2134 if (s != NULL) { 2135 if (typemask & s->sc_type) 2136 refcount_inc(&s->sc_count); 2137 else 2138 s = NULL; 2139 } 2140 spin_unlock(&cl->cl_lock); 2141 return s; 2142 } 2143 2144 static struct nfs4_client *create_client(struct xdr_netobj name, 2145 struct svc_rqst *rqstp, nfs4_verifier *verf) 2146 { 2147 struct nfs4_client *clp; 2148 struct sockaddr *sa = svc_addr(rqstp); 2149 int ret; 2150 struct net *net = SVC_NET(rqstp); 2151 2152 clp = alloc_client(name); 2153 if (clp == NULL) 2154 return NULL; 2155 2156 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2157 if (ret) { 2158 free_client(clp); 2159 return NULL; 2160 } 2161 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2162 clp->cl_time = get_seconds(); 2163 clear_bit(0, &clp->cl_cb_slot_busy); 2164 copy_verf(clp, verf); 2165 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 2166 clp->cl_cb_session = NULL; 2167 clp->net = net; 2168 return clp; 2169 } 2170 2171 static void 2172 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2173 { 2174 struct rb_node **new = &(root->rb_node), *parent = NULL; 2175 struct nfs4_client *clp; 2176 2177 while (*new) { 2178 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2179 parent = *new; 2180 2181 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2182 new = &((*new)->rb_left); 2183 else 2184 new = &((*new)->rb_right); 2185 } 2186 2187 rb_link_node(&new_clp->cl_namenode, parent, new); 2188 rb_insert_color(&new_clp->cl_namenode, root); 2189 } 2190 2191 static struct nfs4_client * 2192 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2193 { 2194 int cmp; 2195 struct rb_node *node = root->rb_node; 2196 struct nfs4_client *clp; 2197 2198 while (node) { 2199 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2200 cmp = compare_blob(&clp->cl_name, name); 2201 if (cmp > 0) 2202 node = node->rb_left; 2203 else if (cmp < 0) 2204 node = node->rb_right; 2205 else 2206 return clp; 2207 } 2208 return NULL; 2209 } 2210 2211 static void 2212 add_to_unconfirmed(struct nfs4_client *clp) 2213 { 2214 unsigned int idhashval; 2215 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2216 2217 lockdep_assert_held(&nn->client_lock); 2218 2219 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2220 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2221 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2222 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2223 renew_client_locked(clp); 2224 } 2225 2226 static void 2227 move_to_confirmed(struct nfs4_client *clp) 2228 { 2229 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2230 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2231 2232 lockdep_assert_held(&nn->client_lock); 2233 2234 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2235 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2236 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2237 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2238 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2239 renew_client_locked(clp); 2240 } 2241 2242 static struct nfs4_client * 2243 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2244 { 2245 struct nfs4_client *clp; 2246 unsigned int idhashval = clientid_hashval(clid->cl_id); 2247 2248 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2249 if (same_clid(&clp->cl_clientid, clid)) { 2250 if ((bool)clp->cl_minorversion != sessions) 2251 return NULL; 2252 renew_client_locked(clp); 2253 return clp; 2254 } 2255 } 2256 return NULL; 2257 } 2258 2259 static struct nfs4_client * 2260 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2261 { 2262 struct list_head *tbl = nn->conf_id_hashtbl; 2263 2264 lockdep_assert_held(&nn->client_lock); 2265 return find_client_in_id_table(tbl, clid, sessions); 2266 } 2267 2268 static struct nfs4_client * 2269 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2270 { 2271 struct list_head *tbl = nn->unconf_id_hashtbl; 2272 2273 lockdep_assert_held(&nn->client_lock); 2274 return find_client_in_id_table(tbl, clid, sessions); 2275 } 2276 2277 static bool clp_used_exchangeid(struct nfs4_client *clp) 2278 { 2279 return clp->cl_exchange_flags != 0; 2280 } 2281 2282 static struct nfs4_client * 2283 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2284 { 2285 lockdep_assert_held(&nn->client_lock); 2286 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2287 } 2288 2289 static struct nfs4_client * 2290 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2291 { 2292 lockdep_assert_held(&nn->client_lock); 2293 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2294 } 2295 2296 static void 2297 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2298 { 2299 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2300 struct sockaddr *sa = svc_addr(rqstp); 2301 u32 scopeid = rpc_get_scope_id(sa); 2302 unsigned short expected_family; 2303 2304 /* Currently, we only support tcp and tcp6 for the callback channel */ 2305 if (se->se_callback_netid_len == 3 && 2306 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2307 expected_family = AF_INET; 2308 else if (se->se_callback_netid_len == 4 && 2309 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2310 expected_family = AF_INET6; 2311 else 2312 goto out_err; 2313 2314 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2315 se->se_callback_addr_len, 2316 (struct sockaddr *)&conn->cb_addr, 2317 sizeof(conn->cb_addr)); 2318 2319 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2320 goto out_err; 2321 2322 if (conn->cb_addr.ss_family == AF_INET6) 2323 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2324 2325 conn->cb_prog = se->se_callback_prog; 2326 conn->cb_ident = se->se_callback_ident; 2327 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2328 return; 2329 out_err: 2330 conn->cb_addr.ss_family = AF_UNSPEC; 2331 conn->cb_addrlen = 0; 2332 dprintk("NFSD: this client (clientid %08x/%08x) " 2333 "will not receive delegations\n", 2334 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 2335 2336 return; 2337 } 2338 2339 /* 2340 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2341 */ 2342 static void 2343 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2344 { 2345 struct xdr_buf *buf = resp->xdr.buf; 2346 struct nfsd4_slot *slot = resp->cstate.slot; 2347 unsigned int base; 2348 2349 dprintk("--> %s slot %p\n", __func__, slot); 2350 2351 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2352 slot->sl_opcnt = resp->opcnt; 2353 slot->sl_status = resp->cstate.status; 2354 free_svc_cred(&slot->sl_cred); 2355 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2356 2357 if (!nfsd4_cache_this(resp)) { 2358 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2359 return; 2360 } 2361 slot->sl_flags |= NFSD4_SLOT_CACHED; 2362 2363 base = resp->cstate.data_offset; 2364 slot->sl_datalen = buf->len - base; 2365 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2366 WARN(1, "%s: sessions DRC could not cache compound\n", 2367 __func__); 2368 return; 2369 } 2370 2371 /* 2372 * Encode the replay sequence operation from the slot values. 2373 * If cachethis is FALSE encode the uncached rep error on the next 2374 * operation which sets resp->p and increments resp->opcnt for 2375 * nfs4svc_encode_compoundres. 2376 * 2377 */ 2378 static __be32 2379 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2380 struct nfsd4_compoundres *resp) 2381 { 2382 struct nfsd4_op *op; 2383 struct nfsd4_slot *slot = resp->cstate.slot; 2384 2385 /* Encode the replayed sequence operation */ 2386 op = &args->ops[resp->opcnt - 1]; 2387 nfsd4_encode_operation(resp, op); 2388 2389 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2390 return op->status; 2391 if (args->opcnt == 1) { 2392 /* 2393 * The original operation wasn't a solo sequence--we 2394 * always cache those--so this retry must not match the 2395 * original: 2396 */ 2397 op->status = nfserr_seq_false_retry; 2398 } else { 2399 op = &args->ops[resp->opcnt++]; 2400 op->status = nfserr_retry_uncached_rep; 2401 nfsd4_encode_operation(resp, op); 2402 } 2403 return op->status; 2404 } 2405 2406 /* 2407 * The sequence operation is not cached because we can use the slot and 2408 * session values. 2409 */ 2410 static __be32 2411 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2412 struct nfsd4_sequence *seq) 2413 { 2414 struct nfsd4_slot *slot = resp->cstate.slot; 2415 struct xdr_stream *xdr = &resp->xdr; 2416 __be32 *p; 2417 __be32 status; 2418 2419 dprintk("--> %s slot %p\n", __func__, slot); 2420 2421 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2422 if (status) 2423 return status; 2424 2425 p = xdr_reserve_space(xdr, slot->sl_datalen); 2426 if (!p) { 2427 WARN_ON_ONCE(1); 2428 return nfserr_serverfault; 2429 } 2430 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2431 xdr_commit_encode(xdr); 2432 2433 resp->opcnt = slot->sl_opcnt; 2434 return slot->sl_status; 2435 } 2436 2437 /* 2438 * Set the exchange_id flags returned by the server. 2439 */ 2440 static void 2441 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2442 { 2443 #ifdef CONFIG_NFSD_PNFS 2444 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2445 #else 2446 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2447 #endif 2448 2449 /* Referrals are supported, Migration is not. */ 2450 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2451 2452 /* set the wire flags to return to client. */ 2453 clid->flags = new->cl_exchange_flags; 2454 } 2455 2456 static bool client_has_openowners(struct nfs4_client *clp) 2457 { 2458 struct nfs4_openowner *oo; 2459 2460 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 2461 if (!list_empty(&oo->oo_owner.so_stateids)) 2462 return true; 2463 } 2464 return false; 2465 } 2466 2467 static bool client_has_state(struct nfs4_client *clp) 2468 { 2469 return client_has_openowners(clp) 2470 #ifdef CONFIG_NFSD_PNFS 2471 || !list_empty(&clp->cl_lo_states) 2472 #endif 2473 || !list_empty(&clp->cl_delegations) 2474 || !list_empty(&clp->cl_sessions); 2475 } 2476 2477 __be32 2478 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 2479 union nfsd4_op_u *u) 2480 { 2481 struct nfsd4_exchange_id *exid = &u->exchange_id; 2482 struct nfs4_client *conf, *new; 2483 struct nfs4_client *unconf = NULL; 2484 __be32 status; 2485 char addr_str[INET6_ADDRSTRLEN]; 2486 nfs4_verifier verf = exid->verifier; 2487 struct sockaddr *sa = svc_addr(rqstp); 2488 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 2489 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2490 2491 rpc_ntop(sa, addr_str, sizeof(addr_str)); 2492 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 2493 "ip_addr=%s flags %x, spa_how %d\n", 2494 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 2495 addr_str, exid->flags, exid->spa_how); 2496 2497 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 2498 return nfserr_inval; 2499 2500 new = create_client(exid->clname, rqstp, &verf); 2501 if (new == NULL) 2502 return nfserr_jukebox; 2503 2504 switch (exid->spa_how) { 2505 case SP4_MACH_CRED: 2506 exid->spo_must_enforce[0] = 0; 2507 exid->spo_must_enforce[1] = ( 2508 1 << (OP_BIND_CONN_TO_SESSION - 32) | 2509 1 << (OP_EXCHANGE_ID - 32) | 2510 1 << (OP_CREATE_SESSION - 32) | 2511 1 << (OP_DESTROY_SESSION - 32) | 2512 1 << (OP_DESTROY_CLIENTID - 32)); 2513 2514 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 2515 1 << (OP_OPEN_DOWNGRADE) | 2516 1 << (OP_LOCKU) | 2517 1 << (OP_DELEGRETURN)); 2518 2519 exid->spo_must_allow[1] &= ( 2520 1 << (OP_TEST_STATEID - 32) | 2521 1 << (OP_FREE_STATEID - 32)); 2522 if (!svc_rqst_integrity_protected(rqstp)) { 2523 status = nfserr_inval; 2524 goto out_nolock; 2525 } 2526 /* 2527 * Sometimes userspace doesn't give us a principal. 2528 * Which is a bug, really. Anyway, we can't enforce 2529 * MACH_CRED in that case, better to give up now: 2530 */ 2531 if (!new->cl_cred.cr_principal && 2532 !new->cl_cred.cr_raw_principal) { 2533 status = nfserr_serverfault; 2534 goto out_nolock; 2535 } 2536 new->cl_mach_cred = true; 2537 case SP4_NONE: 2538 break; 2539 default: /* checked by xdr code */ 2540 WARN_ON_ONCE(1); 2541 case SP4_SSV: 2542 status = nfserr_encr_alg_unsupp; 2543 goto out_nolock; 2544 } 2545 2546 /* Cases below refer to rfc 5661 section 18.35.4: */ 2547 spin_lock(&nn->client_lock); 2548 conf = find_confirmed_client_by_name(&exid->clname, nn); 2549 if (conf) { 2550 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 2551 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 2552 2553 if (update) { 2554 if (!clp_used_exchangeid(conf)) { /* buggy client */ 2555 status = nfserr_inval; 2556 goto out; 2557 } 2558 if (!nfsd4_mach_creds_match(conf, rqstp)) { 2559 status = nfserr_wrong_cred; 2560 goto out; 2561 } 2562 if (!creds_match) { /* case 9 */ 2563 status = nfserr_perm; 2564 goto out; 2565 } 2566 if (!verfs_match) { /* case 8 */ 2567 status = nfserr_not_same; 2568 goto out; 2569 } 2570 /* case 6 */ 2571 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 2572 goto out_copy; 2573 } 2574 if (!creds_match) { /* case 3 */ 2575 if (client_has_state(conf)) { 2576 status = nfserr_clid_inuse; 2577 goto out; 2578 } 2579 goto out_new; 2580 } 2581 if (verfs_match) { /* case 2 */ 2582 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 2583 goto out_copy; 2584 } 2585 /* case 5, client reboot */ 2586 conf = NULL; 2587 goto out_new; 2588 } 2589 2590 if (update) { /* case 7 */ 2591 status = nfserr_noent; 2592 goto out; 2593 } 2594 2595 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 2596 if (unconf) /* case 4, possible retry or client restart */ 2597 unhash_client_locked(unconf); 2598 2599 /* case 1 (normal case) */ 2600 out_new: 2601 if (conf) { 2602 status = mark_client_expired_locked(conf); 2603 if (status) 2604 goto out; 2605 } 2606 new->cl_minorversion = cstate->minorversion; 2607 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 2608 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 2609 2610 gen_clid(new, nn); 2611 add_to_unconfirmed(new); 2612 swap(new, conf); 2613 out_copy: 2614 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 2615 exid->clientid.cl_id = conf->cl_clientid.cl_id; 2616 2617 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 2618 nfsd4_set_ex_flags(conf, exid); 2619 2620 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 2621 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 2622 status = nfs_ok; 2623 2624 out: 2625 spin_unlock(&nn->client_lock); 2626 out_nolock: 2627 if (new) 2628 expire_client(new); 2629 if (unconf) 2630 expire_client(unconf); 2631 return status; 2632 } 2633 2634 static __be32 2635 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 2636 { 2637 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 2638 slot_seqid); 2639 2640 /* The slot is in use, and no response has been sent. */ 2641 if (slot_inuse) { 2642 if (seqid == slot_seqid) 2643 return nfserr_jukebox; 2644 else 2645 return nfserr_seq_misordered; 2646 } 2647 /* Note unsigned 32-bit arithmetic handles wraparound: */ 2648 if (likely(seqid == slot_seqid + 1)) 2649 return nfs_ok; 2650 if (seqid == slot_seqid) 2651 return nfserr_replay_cache; 2652 return nfserr_seq_misordered; 2653 } 2654 2655 /* 2656 * Cache the create session result into the create session single DRC 2657 * slot cache by saving the xdr structure. sl_seqid has been set. 2658 * Do this for solo or embedded create session operations. 2659 */ 2660 static void 2661 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 2662 struct nfsd4_clid_slot *slot, __be32 nfserr) 2663 { 2664 slot->sl_status = nfserr; 2665 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 2666 } 2667 2668 static __be32 2669 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 2670 struct nfsd4_clid_slot *slot) 2671 { 2672 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 2673 return slot->sl_status; 2674 } 2675 2676 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 2677 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 2678 1 + /* MIN tag is length with zero, only length */ \ 2679 3 + /* version, opcount, opcode */ \ 2680 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2681 /* seqid, slotID, slotID, cache */ \ 2682 4 ) * sizeof(__be32)) 2683 2684 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 2685 2 + /* verifier: AUTH_NULL, length 0 */\ 2686 1 + /* status */ \ 2687 1 + /* MIN tag is length with zero, only length */ \ 2688 3 + /* opcount, opcode, opstatus*/ \ 2689 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2690 /* seqid, slotID, slotID, slotID, status */ \ 2691 5 ) * sizeof(__be32)) 2692 2693 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 2694 { 2695 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 2696 2697 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 2698 return nfserr_toosmall; 2699 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 2700 return nfserr_toosmall; 2701 ca->headerpadsz = 0; 2702 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 2703 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 2704 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 2705 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 2706 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 2707 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 2708 /* 2709 * Note decreasing slot size below client's request may make it 2710 * difficult for client to function correctly, whereas 2711 * decreasing the number of slots will (just?) affect 2712 * performance. When short on memory we therefore prefer to 2713 * decrease number of slots instead of their size. Clients that 2714 * request larger slots than they need will get poor results: 2715 */ 2716 ca->maxreqs = nfsd4_get_drc_mem(ca); 2717 if (!ca->maxreqs) 2718 return nfserr_jukebox; 2719 2720 return nfs_ok; 2721 } 2722 2723 /* 2724 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 2725 * These are based on similar macros in linux/sunrpc/msg_prot.h . 2726 */ 2727 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 2728 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 2729 2730 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 2731 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 2732 2733 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 2734 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 2735 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 2736 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 2737 sizeof(__be32)) 2738 2739 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 2740 { 2741 ca->headerpadsz = 0; 2742 2743 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 2744 return nfserr_toosmall; 2745 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 2746 return nfserr_toosmall; 2747 ca->maxresp_cached = 0; 2748 if (ca->maxops < 2) 2749 return nfserr_toosmall; 2750 2751 return nfs_ok; 2752 } 2753 2754 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 2755 { 2756 switch (cbs->flavor) { 2757 case RPC_AUTH_NULL: 2758 case RPC_AUTH_UNIX: 2759 return nfs_ok; 2760 default: 2761 /* 2762 * GSS case: the spec doesn't allow us to return this 2763 * error. But it also doesn't allow us not to support 2764 * GSS. 2765 * I'd rather this fail hard than return some error the 2766 * client might think it can already handle: 2767 */ 2768 return nfserr_encr_alg_unsupp; 2769 } 2770 } 2771 2772 __be32 2773 nfsd4_create_session(struct svc_rqst *rqstp, 2774 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 2775 { 2776 struct nfsd4_create_session *cr_ses = &u->create_session; 2777 struct sockaddr *sa = svc_addr(rqstp); 2778 struct nfs4_client *conf, *unconf; 2779 struct nfs4_client *old = NULL; 2780 struct nfsd4_session *new; 2781 struct nfsd4_conn *conn; 2782 struct nfsd4_clid_slot *cs_slot = NULL; 2783 __be32 status = 0; 2784 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2785 2786 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 2787 return nfserr_inval; 2788 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 2789 if (status) 2790 return status; 2791 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 2792 if (status) 2793 return status; 2794 status = check_backchannel_attrs(&cr_ses->back_channel); 2795 if (status) 2796 goto out_release_drc_mem; 2797 status = nfserr_jukebox; 2798 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 2799 if (!new) 2800 goto out_release_drc_mem; 2801 conn = alloc_conn_from_crses(rqstp, cr_ses); 2802 if (!conn) 2803 goto out_free_session; 2804 2805 spin_lock(&nn->client_lock); 2806 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2807 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2808 WARN_ON_ONCE(conf && unconf); 2809 2810 if (conf) { 2811 status = nfserr_wrong_cred; 2812 if (!nfsd4_mach_creds_match(conf, rqstp)) 2813 goto out_free_conn; 2814 cs_slot = &conf->cl_cs_slot; 2815 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2816 if (status) { 2817 if (status == nfserr_replay_cache) 2818 status = nfsd4_replay_create_session(cr_ses, cs_slot); 2819 goto out_free_conn; 2820 } 2821 } else if (unconf) { 2822 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2823 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2824 status = nfserr_clid_inuse; 2825 goto out_free_conn; 2826 } 2827 status = nfserr_wrong_cred; 2828 if (!nfsd4_mach_creds_match(unconf, rqstp)) 2829 goto out_free_conn; 2830 cs_slot = &unconf->cl_cs_slot; 2831 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2832 if (status) { 2833 /* an unconfirmed replay returns misordered */ 2834 status = nfserr_seq_misordered; 2835 goto out_free_conn; 2836 } 2837 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2838 if (old) { 2839 status = mark_client_expired_locked(old); 2840 if (status) { 2841 old = NULL; 2842 goto out_free_conn; 2843 } 2844 } 2845 move_to_confirmed(unconf); 2846 conf = unconf; 2847 } else { 2848 status = nfserr_stale_clientid; 2849 goto out_free_conn; 2850 } 2851 status = nfs_ok; 2852 /* Persistent sessions are not supported */ 2853 cr_ses->flags &= ~SESSION4_PERSIST; 2854 /* Upshifting from TCP to RDMA is not supported */ 2855 cr_ses->flags &= ~SESSION4_RDMA; 2856 2857 init_session(rqstp, new, conf, cr_ses); 2858 nfsd4_get_session_locked(new); 2859 2860 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2861 NFS4_MAX_SESSIONID_LEN); 2862 cs_slot->sl_seqid++; 2863 cr_ses->seqid = cs_slot->sl_seqid; 2864 2865 /* cache solo and embedded create sessions under the client_lock */ 2866 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2867 spin_unlock(&nn->client_lock); 2868 /* init connection and backchannel */ 2869 nfsd4_init_conn(rqstp, conn, new); 2870 nfsd4_put_session(new); 2871 if (old) 2872 expire_client(old); 2873 return status; 2874 out_free_conn: 2875 spin_unlock(&nn->client_lock); 2876 free_conn(conn); 2877 if (old) 2878 expire_client(old); 2879 out_free_session: 2880 __free_session(new); 2881 out_release_drc_mem: 2882 nfsd4_put_drc_mem(&cr_ses->fore_channel); 2883 return status; 2884 } 2885 2886 static __be32 nfsd4_map_bcts_dir(u32 *dir) 2887 { 2888 switch (*dir) { 2889 case NFS4_CDFC4_FORE: 2890 case NFS4_CDFC4_BACK: 2891 return nfs_ok; 2892 case NFS4_CDFC4_FORE_OR_BOTH: 2893 case NFS4_CDFC4_BACK_OR_BOTH: 2894 *dir = NFS4_CDFC4_BOTH; 2895 return nfs_ok; 2896 }; 2897 return nfserr_inval; 2898 } 2899 2900 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 2901 struct nfsd4_compound_state *cstate, 2902 union nfsd4_op_u *u) 2903 { 2904 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 2905 struct nfsd4_session *session = cstate->session; 2906 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2907 __be32 status; 2908 2909 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 2910 if (status) 2911 return status; 2912 spin_lock(&nn->client_lock); 2913 session->se_cb_prog = bc->bc_cb_program; 2914 session->se_cb_sec = bc->bc_cb_sec; 2915 spin_unlock(&nn->client_lock); 2916 2917 nfsd4_probe_callback(session->se_client); 2918 2919 return nfs_ok; 2920 } 2921 2922 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 2923 struct nfsd4_compound_state *cstate, 2924 union nfsd4_op_u *u) 2925 { 2926 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 2927 __be32 status; 2928 struct nfsd4_conn *conn; 2929 struct nfsd4_session *session; 2930 struct net *net = SVC_NET(rqstp); 2931 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2932 2933 if (!nfsd4_last_compound_op(rqstp)) 2934 return nfserr_not_only_op; 2935 spin_lock(&nn->client_lock); 2936 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 2937 spin_unlock(&nn->client_lock); 2938 if (!session) 2939 goto out_no_session; 2940 status = nfserr_wrong_cred; 2941 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 2942 goto out; 2943 status = nfsd4_map_bcts_dir(&bcts->dir); 2944 if (status) 2945 goto out; 2946 conn = alloc_conn(rqstp, bcts->dir); 2947 status = nfserr_jukebox; 2948 if (!conn) 2949 goto out; 2950 nfsd4_init_conn(rqstp, conn, session); 2951 status = nfs_ok; 2952 out: 2953 nfsd4_put_session(session); 2954 out_no_session: 2955 return status; 2956 } 2957 2958 static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid) 2959 { 2960 if (!session) 2961 return false; 2962 return !memcmp(sid, &session->se_sessionid, sizeof(*sid)); 2963 } 2964 2965 __be32 2966 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 2967 union nfsd4_op_u *u) 2968 { 2969 struct nfsd4_destroy_session *sessionid = &u->destroy_session; 2970 struct nfsd4_session *ses; 2971 __be32 status; 2972 int ref_held_by_me = 0; 2973 struct net *net = SVC_NET(r); 2974 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2975 2976 status = nfserr_not_only_op; 2977 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) { 2978 if (!nfsd4_last_compound_op(r)) 2979 goto out; 2980 ref_held_by_me++; 2981 } 2982 dump_sessionid(__func__, &sessionid->sessionid); 2983 spin_lock(&nn->client_lock); 2984 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status); 2985 if (!ses) 2986 goto out_client_lock; 2987 status = nfserr_wrong_cred; 2988 if (!nfsd4_mach_creds_match(ses->se_client, r)) 2989 goto out_put_session; 2990 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 2991 if (status) 2992 goto out_put_session; 2993 unhash_session(ses); 2994 spin_unlock(&nn->client_lock); 2995 2996 nfsd4_probe_callback_sync(ses->se_client); 2997 2998 spin_lock(&nn->client_lock); 2999 status = nfs_ok; 3000 out_put_session: 3001 nfsd4_put_session_locked(ses); 3002 out_client_lock: 3003 spin_unlock(&nn->client_lock); 3004 out: 3005 return status; 3006 } 3007 3008 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3009 { 3010 struct nfsd4_conn *c; 3011 3012 list_for_each_entry(c, &s->se_conns, cn_persession) { 3013 if (c->cn_xprt == xpt) { 3014 return c; 3015 } 3016 } 3017 return NULL; 3018 } 3019 3020 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 3021 { 3022 struct nfs4_client *clp = ses->se_client; 3023 struct nfsd4_conn *c; 3024 __be32 status = nfs_ok; 3025 int ret; 3026 3027 spin_lock(&clp->cl_lock); 3028 c = __nfsd4_find_conn(new->cn_xprt, ses); 3029 if (c) 3030 goto out_free; 3031 status = nfserr_conn_not_bound_to_session; 3032 if (clp->cl_mach_cred) 3033 goto out_free; 3034 __nfsd4_hash_conn(new, ses); 3035 spin_unlock(&clp->cl_lock); 3036 ret = nfsd4_register_conn(new); 3037 if (ret) 3038 /* oops; xprt is already down: */ 3039 nfsd4_conn_lost(&new->cn_xpt_user); 3040 return nfs_ok; 3041 out_free: 3042 spin_unlock(&clp->cl_lock); 3043 free_conn(new); 3044 return status; 3045 } 3046 3047 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 3048 { 3049 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3050 3051 return args->opcnt > session->se_fchannel.maxops; 3052 } 3053 3054 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3055 struct nfsd4_session *session) 3056 { 3057 struct xdr_buf *xb = &rqstp->rq_arg; 3058 3059 return xb->len > session->se_fchannel.maxreq_sz; 3060 } 3061 3062 static bool replay_matches_cache(struct svc_rqst *rqstp, 3063 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3064 { 3065 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3066 3067 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3068 (bool)seq->cachethis) 3069 return false; 3070 /* 3071 * If there's an error than the reply can have fewer ops than 3072 * the call. But if we cached a reply with *more* ops than the 3073 * call you're sending us now, then this new call is clearly not 3074 * really a replay of the old one: 3075 */ 3076 if (slot->sl_opcnt < argp->opcnt) 3077 return false; 3078 /* This is the only check explicitly called by spec: */ 3079 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3080 return false; 3081 /* 3082 * There may be more comparisons we could actually do, but the 3083 * spec doesn't require us to catch every case where the calls 3084 * don't match (that would require caching the call as well as 3085 * the reply), so we don't bother. 3086 */ 3087 return true; 3088 } 3089 3090 __be32 3091 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3092 union nfsd4_op_u *u) 3093 { 3094 struct nfsd4_sequence *seq = &u->sequence; 3095 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3096 struct xdr_stream *xdr = &resp->xdr; 3097 struct nfsd4_session *session; 3098 struct nfs4_client *clp; 3099 struct nfsd4_slot *slot; 3100 struct nfsd4_conn *conn; 3101 __be32 status; 3102 int buflen; 3103 struct net *net = SVC_NET(rqstp); 3104 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3105 3106 if (resp->opcnt != 1) 3107 return nfserr_sequence_pos; 3108 3109 /* 3110 * Will be either used or freed by nfsd4_sequence_check_conn 3111 * below. 3112 */ 3113 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3114 if (!conn) 3115 return nfserr_jukebox; 3116 3117 spin_lock(&nn->client_lock); 3118 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3119 if (!session) 3120 goto out_no_session; 3121 clp = session->se_client; 3122 3123 status = nfserr_too_many_ops; 3124 if (nfsd4_session_too_many_ops(rqstp, session)) 3125 goto out_put_session; 3126 3127 status = nfserr_req_too_big; 3128 if (nfsd4_request_too_big(rqstp, session)) 3129 goto out_put_session; 3130 3131 status = nfserr_badslot; 3132 if (seq->slotid >= session->se_fchannel.maxreqs) 3133 goto out_put_session; 3134 3135 slot = session->se_slots[seq->slotid]; 3136 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3137 3138 /* We do not negotiate the number of slots yet, so set the 3139 * maxslots to the session maxreqs which is used to encode 3140 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3141 seq->maxslots = session->se_fchannel.maxreqs; 3142 3143 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3144 slot->sl_flags & NFSD4_SLOT_INUSE); 3145 if (status == nfserr_replay_cache) { 3146 status = nfserr_seq_misordered; 3147 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3148 goto out_put_session; 3149 status = nfserr_seq_false_retry; 3150 if (!replay_matches_cache(rqstp, seq, slot)) 3151 goto out_put_session; 3152 cstate->slot = slot; 3153 cstate->session = session; 3154 cstate->clp = clp; 3155 /* Return the cached reply status and set cstate->status 3156 * for nfsd4_proc_compound processing */ 3157 status = nfsd4_replay_cache_entry(resp, seq); 3158 cstate->status = nfserr_replay_cache; 3159 goto out; 3160 } 3161 if (status) 3162 goto out_put_session; 3163 3164 status = nfsd4_sequence_check_conn(conn, session); 3165 conn = NULL; 3166 if (status) 3167 goto out_put_session; 3168 3169 buflen = (seq->cachethis) ? 3170 session->se_fchannel.maxresp_cached : 3171 session->se_fchannel.maxresp_sz; 3172 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3173 nfserr_rep_too_big; 3174 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3175 goto out_put_session; 3176 svc_reserve(rqstp, buflen); 3177 3178 status = nfs_ok; 3179 /* Success! bump slot seqid */ 3180 slot->sl_seqid = seq->seqid; 3181 slot->sl_flags |= NFSD4_SLOT_INUSE; 3182 if (seq->cachethis) 3183 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3184 else 3185 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3186 3187 cstate->slot = slot; 3188 cstate->session = session; 3189 cstate->clp = clp; 3190 3191 out: 3192 switch (clp->cl_cb_state) { 3193 case NFSD4_CB_DOWN: 3194 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3195 break; 3196 case NFSD4_CB_FAULT: 3197 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3198 break; 3199 default: 3200 seq->status_flags = 0; 3201 } 3202 if (!list_empty(&clp->cl_revoked)) 3203 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3204 out_no_session: 3205 if (conn) 3206 free_conn(conn); 3207 spin_unlock(&nn->client_lock); 3208 return status; 3209 out_put_session: 3210 nfsd4_put_session_locked(session); 3211 goto out_no_session; 3212 } 3213 3214 void 3215 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3216 { 3217 struct nfsd4_compound_state *cs = &resp->cstate; 3218 3219 if (nfsd4_has_session(cs)) { 3220 if (cs->status != nfserr_replay_cache) { 3221 nfsd4_store_cache_entry(resp); 3222 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3223 } 3224 /* Drop session reference that was taken in nfsd4_sequence() */ 3225 nfsd4_put_session(cs->session); 3226 } else if (cs->clp) 3227 put_client_renew(cs->clp); 3228 } 3229 3230 __be32 3231 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3232 struct nfsd4_compound_state *cstate, 3233 union nfsd4_op_u *u) 3234 { 3235 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3236 struct nfs4_client *conf, *unconf; 3237 struct nfs4_client *clp = NULL; 3238 __be32 status = 0; 3239 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3240 3241 spin_lock(&nn->client_lock); 3242 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3243 conf = find_confirmed_client(&dc->clientid, true, nn); 3244 WARN_ON_ONCE(conf && unconf); 3245 3246 if (conf) { 3247 if (client_has_state(conf)) { 3248 status = nfserr_clientid_busy; 3249 goto out; 3250 } 3251 status = mark_client_expired_locked(conf); 3252 if (status) 3253 goto out; 3254 clp = conf; 3255 } else if (unconf) 3256 clp = unconf; 3257 else { 3258 status = nfserr_stale_clientid; 3259 goto out; 3260 } 3261 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3262 clp = NULL; 3263 status = nfserr_wrong_cred; 3264 goto out; 3265 } 3266 unhash_client_locked(clp); 3267 out: 3268 spin_unlock(&nn->client_lock); 3269 if (clp) 3270 expire_client(clp); 3271 return status; 3272 } 3273 3274 __be32 3275 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3276 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3277 { 3278 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3279 __be32 status = 0; 3280 3281 if (rc->rca_one_fs) { 3282 if (!cstate->current_fh.fh_dentry) 3283 return nfserr_nofilehandle; 3284 /* 3285 * We don't take advantage of the rca_one_fs case. 3286 * That's OK, it's optional, we can safely ignore it. 3287 */ 3288 return nfs_ok; 3289 } 3290 3291 status = nfserr_complete_already; 3292 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3293 &cstate->session->se_client->cl_flags)) 3294 goto out; 3295 3296 status = nfserr_stale_clientid; 3297 if (is_client_expired(cstate->session->se_client)) 3298 /* 3299 * The following error isn't really legal. 3300 * But we only get here if the client just explicitly 3301 * destroyed the client. Surely it no longer cares what 3302 * error it gets back on an operation for the dead 3303 * client. 3304 */ 3305 goto out; 3306 3307 status = nfs_ok; 3308 nfsd4_client_record_create(cstate->session->se_client); 3309 out: 3310 return status; 3311 } 3312 3313 __be32 3314 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3315 union nfsd4_op_u *u) 3316 { 3317 struct nfsd4_setclientid *setclid = &u->setclientid; 3318 struct xdr_netobj clname = setclid->se_name; 3319 nfs4_verifier clverifier = setclid->se_verf; 3320 struct nfs4_client *conf, *new; 3321 struct nfs4_client *unconf = NULL; 3322 __be32 status; 3323 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3324 3325 new = create_client(clname, rqstp, &clverifier); 3326 if (new == NULL) 3327 return nfserr_jukebox; 3328 /* Cases below refer to rfc 3530 section 14.2.33: */ 3329 spin_lock(&nn->client_lock); 3330 conf = find_confirmed_client_by_name(&clname, nn); 3331 if (conf && client_has_state(conf)) { 3332 /* case 0: */ 3333 status = nfserr_clid_inuse; 3334 if (clp_used_exchangeid(conf)) 3335 goto out; 3336 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3337 char addr_str[INET6_ADDRSTRLEN]; 3338 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 3339 sizeof(addr_str)); 3340 dprintk("NFSD: setclientid: string in use by client " 3341 "at %s\n", addr_str); 3342 goto out; 3343 } 3344 } 3345 unconf = find_unconfirmed_client_by_name(&clname, nn); 3346 if (unconf) 3347 unhash_client_locked(unconf); 3348 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3349 /* case 1: probable callback update */ 3350 copy_clid(new, conf); 3351 gen_confirm(new, nn); 3352 } else /* case 4 (new client) or cases 2, 3 (client reboot): */ 3353 gen_clid(new, nn); 3354 new->cl_minorversion = 0; 3355 gen_callback(new, setclid, rqstp); 3356 add_to_unconfirmed(new); 3357 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3358 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3359 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3360 new = NULL; 3361 status = nfs_ok; 3362 out: 3363 spin_unlock(&nn->client_lock); 3364 if (new) 3365 free_client(new); 3366 if (unconf) 3367 expire_client(unconf); 3368 return status; 3369 } 3370 3371 3372 __be32 3373 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3374 struct nfsd4_compound_state *cstate, 3375 union nfsd4_op_u *u) 3376 { 3377 struct nfsd4_setclientid_confirm *setclientid_confirm = 3378 &u->setclientid_confirm; 3379 struct nfs4_client *conf, *unconf; 3380 struct nfs4_client *old = NULL; 3381 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3382 clientid_t * clid = &setclientid_confirm->sc_clientid; 3383 __be32 status; 3384 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3385 3386 if (STALE_CLIENTID(clid, nn)) 3387 return nfserr_stale_clientid; 3388 3389 spin_lock(&nn->client_lock); 3390 conf = find_confirmed_client(clid, false, nn); 3391 unconf = find_unconfirmed_client(clid, false, nn); 3392 /* 3393 * We try hard to give out unique clientid's, so if we get an 3394 * attempt to confirm the same clientid with a different cred, 3395 * the client may be buggy; this should never happen. 3396 * 3397 * Nevertheless, RFC 7530 recommends INUSE for this case: 3398 */ 3399 status = nfserr_clid_inuse; 3400 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3401 goto out; 3402 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3403 goto out; 3404 /* cases below refer to rfc 3530 section 14.2.34: */ 3405 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3406 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3407 /* case 2: probable retransmit */ 3408 status = nfs_ok; 3409 } else /* case 4: client hasn't noticed we rebooted yet? */ 3410 status = nfserr_stale_clientid; 3411 goto out; 3412 } 3413 status = nfs_ok; 3414 if (conf) { /* case 1: callback update */ 3415 old = unconf; 3416 unhash_client_locked(old); 3417 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3418 } else { /* case 3: normal case; new or rebooted client */ 3419 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3420 if (old) { 3421 status = nfserr_clid_inuse; 3422 if (client_has_state(old) 3423 && !same_creds(&unconf->cl_cred, 3424 &old->cl_cred)) 3425 goto out; 3426 status = mark_client_expired_locked(old); 3427 if (status) { 3428 old = NULL; 3429 goto out; 3430 } 3431 } 3432 move_to_confirmed(unconf); 3433 conf = unconf; 3434 } 3435 get_client_locked(conf); 3436 spin_unlock(&nn->client_lock); 3437 nfsd4_probe_callback(conf); 3438 spin_lock(&nn->client_lock); 3439 put_client_renew_locked(conf); 3440 out: 3441 spin_unlock(&nn->client_lock); 3442 if (old) 3443 expire_client(old); 3444 return status; 3445 } 3446 3447 static struct nfs4_file *nfsd4_alloc_file(void) 3448 { 3449 return kmem_cache_alloc(file_slab, GFP_KERNEL); 3450 } 3451 3452 /* OPEN Share state helper functions */ 3453 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 3454 struct nfs4_file *fp) 3455 { 3456 lockdep_assert_held(&state_lock); 3457 3458 refcount_set(&fp->fi_ref, 1); 3459 spin_lock_init(&fp->fi_lock); 3460 INIT_LIST_HEAD(&fp->fi_stateids); 3461 INIT_LIST_HEAD(&fp->fi_delegations); 3462 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 3463 fh_copy_shallow(&fp->fi_fhandle, fh); 3464 fp->fi_deleg_file = NULL; 3465 fp->fi_had_conflict = false; 3466 fp->fi_share_deny = 0; 3467 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 3468 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 3469 #ifdef CONFIG_NFSD_PNFS 3470 INIT_LIST_HEAD(&fp->fi_lo_states); 3471 atomic_set(&fp->fi_lo_recalls, 0); 3472 #endif 3473 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 3474 } 3475 3476 void 3477 nfsd4_free_slabs(void) 3478 { 3479 kmem_cache_destroy(client_slab); 3480 kmem_cache_destroy(openowner_slab); 3481 kmem_cache_destroy(lockowner_slab); 3482 kmem_cache_destroy(file_slab); 3483 kmem_cache_destroy(stateid_slab); 3484 kmem_cache_destroy(deleg_slab); 3485 kmem_cache_destroy(odstate_slab); 3486 } 3487 3488 int 3489 nfsd4_init_slabs(void) 3490 { 3491 client_slab = kmem_cache_create("nfsd4_clients", 3492 sizeof(struct nfs4_client), 0, 0, NULL); 3493 if (client_slab == NULL) 3494 goto out; 3495 openowner_slab = kmem_cache_create("nfsd4_openowners", 3496 sizeof(struct nfs4_openowner), 0, 0, NULL); 3497 if (openowner_slab == NULL) 3498 goto out_free_client_slab; 3499 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 3500 sizeof(struct nfs4_lockowner), 0, 0, NULL); 3501 if (lockowner_slab == NULL) 3502 goto out_free_openowner_slab; 3503 file_slab = kmem_cache_create("nfsd4_files", 3504 sizeof(struct nfs4_file), 0, 0, NULL); 3505 if (file_slab == NULL) 3506 goto out_free_lockowner_slab; 3507 stateid_slab = kmem_cache_create("nfsd4_stateids", 3508 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 3509 if (stateid_slab == NULL) 3510 goto out_free_file_slab; 3511 deleg_slab = kmem_cache_create("nfsd4_delegations", 3512 sizeof(struct nfs4_delegation), 0, 0, NULL); 3513 if (deleg_slab == NULL) 3514 goto out_free_stateid_slab; 3515 odstate_slab = kmem_cache_create("nfsd4_odstate", 3516 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 3517 if (odstate_slab == NULL) 3518 goto out_free_deleg_slab; 3519 return 0; 3520 3521 out_free_deleg_slab: 3522 kmem_cache_destroy(deleg_slab); 3523 out_free_stateid_slab: 3524 kmem_cache_destroy(stateid_slab); 3525 out_free_file_slab: 3526 kmem_cache_destroy(file_slab); 3527 out_free_lockowner_slab: 3528 kmem_cache_destroy(lockowner_slab); 3529 out_free_openowner_slab: 3530 kmem_cache_destroy(openowner_slab); 3531 out_free_client_slab: 3532 kmem_cache_destroy(client_slab); 3533 out: 3534 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 3535 return -ENOMEM; 3536 } 3537 3538 static void init_nfs4_replay(struct nfs4_replay *rp) 3539 { 3540 rp->rp_status = nfserr_serverfault; 3541 rp->rp_buflen = 0; 3542 rp->rp_buf = rp->rp_ibuf; 3543 mutex_init(&rp->rp_mutex); 3544 } 3545 3546 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 3547 struct nfs4_stateowner *so) 3548 { 3549 if (!nfsd4_has_session(cstate)) { 3550 mutex_lock(&so->so_replay.rp_mutex); 3551 cstate->replay_owner = nfs4_get_stateowner(so); 3552 } 3553 } 3554 3555 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 3556 { 3557 struct nfs4_stateowner *so = cstate->replay_owner; 3558 3559 if (so != NULL) { 3560 cstate->replay_owner = NULL; 3561 mutex_unlock(&so->so_replay.rp_mutex); 3562 nfs4_put_stateowner(so); 3563 } 3564 } 3565 3566 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 3567 { 3568 struct nfs4_stateowner *sop; 3569 3570 sop = kmem_cache_alloc(slab, GFP_KERNEL); 3571 if (!sop) 3572 return NULL; 3573 3574 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL); 3575 if (!sop->so_owner.data) { 3576 kmem_cache_free(slab, sop); 3577 return NULL; 3578 } 3579 sop->so_owner.len = owner->len; 3580 3581 INIT_LIST_HEAD(&sop->so_stateids); 3582 sop->so_client = clp; 3583 init_nfs4_replay(&sop->so_replay); 3584 atomic_set(&sop->so_count, 1); 3585 return sop; 3586 } 3587 3588 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 3589 { 3590 lockdep_assert_held(&clp->cl_lock); 3591 3592 list_add(&oo->oo_owner.so_strhash, 3593 &clp->cl_ownerstr_hashtbl[strhashval]); 3594 list_add(&oo->oo_perclient, &clp->cl_openowners); 3595 } 3596 3597 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 3598 { 3599 unhash_openowner_locked(openowner(so)); 3600 } 3601 3602 static void nfs4_free_openowner(struct nfs4_stateowner *so) 3603 { 3604 struct nfs4_openowner *oo = openowner(so); 3605 3606 kmem_cache_free(openowner_slab, oo); 3607 } 3608 3609 static const struct nfs4_stateowner_operations openowner_ops = { 3610 .so_unhash = nfs4_unhash_openowner, 3611 .so_free = nfs4_free_openowner, 3612 }; 3613 3614 static struct nfs4_ol_stateid * 3615 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3616 { 3617 struct nfs4_ol_stateid *local, *ret = NULL; 3618 struct nfs4_openowner *oo = open->op_openowner; 3619 3620 lockdep_assert_held(&fp->fi_lock); 3621 3622 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3623 /* ignore lock owners */ 3624 if (local->st_stateowner->so_is_open_owner == 0) 3625 continue; 3626 if (local->st_stateowner != &oo->oo_owner) 3627 continue; 3628 if (local->st_stid.sc_type == NFS4_OPEN_STID) { 3629 ret = local; 3630 refcount_inc(&ret->st_stid.sc_count); 3631 break; 3632 } 3633 } 3634 return ret; 3635 } 3636 3637 static __be32 3638 nfsd4_verify_open_stid(struct nfs4_stid *s) 3639 { 3640 __be32 ret = nfs_ok; 3641 3642 switch (s->sc_type) { 3643 default: 3644 break; 3645 case 0: 3646 case NFS4_CLOSED_STID: 3647 case NFS4_CLOSED_DELEG_STID: 3648 ret = nfserr_bad_stateid; 3649 break; 3650 case NFS4_REVOKED_DELEG_STID: 3651 ret = nfserr_deleg_revoked; 3652 } 3653 return ret; 3654 } 3655 3656 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 3657 static __be32 3658 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 3659 { 3660 __be32 ret; 3661 3662 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 3663 ret = nfsd4_verify_open_stid(&stp->st_stid); 3664 if (ret != nfs_ok) 3665 mutex_unlock(&stp->st_mutex); 3666 return ret; 3667 } 3668 3669 static struct nfs4_ol_stateid * 3670 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3671 { 3672 struct nfs4_ol_stateid *stp; 3673 for (;;) { 3674 spin_lock(&fp->fi_lock); 3675 stp = nfsd4_find_existing_open(fp, open); 3676 spin_unlock(&fp->fi_lock); 3677 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 3678 break; 3679 nfs4_put_stid(&stp->st_stid); 3680 } 3681 return stp; 3682 } 3683 3684 static struct nfs4_openowner * 3685 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 3686 struct nfsd4_compound_state *cstate) 3687 { 3688 struct nfs4_client *clp = cstate->clp; 3689 struct nfs4_openowner *oo, *ret; 3690 3691 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 3692 if (!oo) 3693 return NULL; 3694 oo->oo_owner.so_ops = &openowner_ops; 3695 oo->oo_owner.so_is_open_owner = 1; 3696 oo->oo_owner.so_seqid = open->op_seqid; 3697 oo->oo_flags = 0; 3698 if (nfsd4_has_session(cstate)) 3699 oo->oo_flags |= NFS4_OO_CONFIRMED; 3700 oo->oo_time = 0; 3701 oo->oo_last_closed_stid = NULL; 3702 INIT_LIST_HEAD(&oo->oo_close_lru); 3703 spin_lock(&clp->cl_lock); 3704 ret = find_openstateowner_str_locked(strhashval, open, clp); 3705 if (ret == NULL) { 3706 hash_openowner(oo, clp, strhashval); 3707 ret = oo; 3708 } else 3709 nfs4_free_stateowner(&oo->oo_owner); 3710 3711 spin_unlock(&clp->cl_lock); 3712 return ret; 3713 } 3714 3715 static struct nfs4_ol_stateid * 3716 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 3717 { 3718 3719 struct nfs4_openowner *oo = open->op_openowner; 3720 struct nfs4_ol_stateid *retstp = NULL; 3721 struct nfs4_ol_stateid *stp; 3722 3723 stp = open->op_stp; 3724 /* We are moving these outside of the spinlocks to avoid the warnings */ 3725 mutex_init(&stp->st_mutex); 3726 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 3727 3728 retry: 3729 spin_lock(&oo->oo_owner.so_client->cl_lock); 3730 spin_lock(&fp->fi_lock); 3731 3732 retstp = nfsd4_find_existing_open(fp, open); 3733 if (retstp) 3734 goto out_unlock; 3735 3736 open->op_stp = NULL; 3737 refcount_inc(&stp->st_stid.sc_count); 3738 stp->st_stid.sc_type = NFS4_OPEN_STID; 3739 INIT_LIST_HEAD(&stp->st_locks); 3740 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 3741 get_nfs4_file(fp); 3742 stp->st_stid.sc_file = fp; 3743 stp->st_access_bmap = 0; 3744 stp->st_deny_bmap = 0; 3745 stp->st_openstp = NULL; 3746 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 3747 list_add(&stp->st_perfile, &fp->fi_stateids); 3748 3749 out_unlock: 3750 spin_unlock(&fp->fi_lock); 3751 spin_unlock(&oo->oo_owner.so_client->cl_lock); 3752 if (retstp) { 3753 /* Handle races with CLOSE */ 3754 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 3755 nfs4_put_stid(&retstp->st_stid); 3756 goto retry; 3757 } 3758 /* To keep mutex tracking happy */ 3759 mutex_unlock(&stp->st_mutex); 3760 stp = retstp; 3761 } 3762 return stp; 3763 } 3764 3765 /* 3766 * In the 4.0 case we need to keep the owners around a little while to handle 3767 * CLOSE replay. We still do need to release any file access that is held by 3768 * them before returning however. 3769 */ 3770 static void 3771 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 3772 { 3773 struct nfs4_ol_stateid *last; 3774 struct nfs4_openowner *oo = openowner(s->st_stateowner); 3775 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 3776 nfsd_net_id); 3777 3778 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 3779 3780 /* 3781 * We know that we hold one reference via nfsd4_close, and another 3782 * "persistent" reference for the client. If the refcount is higher 3783 * than 2, then there are still calls in progress that are using this 3784 * stateid. We can't put the sc_file reference until they are finished. 3785 * Wait for the refcount to drop to 2. Since it has been unhashed, 3786 * there should be no danger of the refcount going back up again at 3787 * this point. 3788 */ 3789 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 3790 3791 release_all_access(s); 3792 if (s->st_stid.sc_file) { 3793 put_nfs4_file(s->st_stid.sc_file); 3794 s->st_stid.sc_file = NULL; 3795 } 3796 3797 spin_lock(&nn->client_lock); 3798 last = oo->oo_last_closed_stid; 3799 oo->oo_last_closed_stid = s; 3800 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 3801 oo->oo_time = get_seconds(); 3802 spin_unlock(&nn->client_lock); 3803 if (last) 3804 nfs4_put_stid(&last->st_stid); 3805 } 3806 3807 /* search file_hashtbl[] for file */ 3808 static struct nfs4_file * 3809 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 3810 { 3811 struct nfs4_file *fp; 3812 3813 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) { 3814 if (fh_match(&fp->fi_fhandle, fh)) { 3815 if (refcount_inc_not_zero(&fp->fi_ref)) 3816 return fp; 3817 } 3818 } 3819 return NULL; 3820 } 3821 3822 struct nfs4_file * 3823 find_file(struct knfsd_fh *fh) 3824 { 3825 struct nfs4_file *fp; 3826 unsigned int hashval = file_hashval(fh); 3827 3828 rcu_read_lock(); 3829 fp = find_file_locked(fh, hashval); 3830 rcu_read_unlock(); 3831 return fp; 3832 } 3833 3834 static struct nfs4_file * 3835 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 3836 { 3837 struct nfs4_file *fp; 3838 unsigned int hashval = file_hashval(fh); 3839 3840 rcu_read_lock(); 3841 fp = find_file_locked(fh, hashval); 3842 rcu_read_unlock(); 3843 if (fp) 3844 return fp; 3845 3846 spin_lock(&state_lock); 3847 fp = find_file_locked(fh, hashval); 3848 if (likely(fp == NULL)) { 3849 nfsd4_init_file(fh, hashval, new); 3850 fp = new; 3851 } 3852 spin_unlock(&state_lock); 3853 3854 return fp; 3855 } 3856 3857 /* 3858 * Called to check deny when READ with all zero stateid or 3859 * WRITE with all zero or all one stateid 3860 */ 3861 static __be32 3862 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 3863 { 3864 struct nfs4_file *fp; 3865 __be32 ret = nfs_ok; 3866 3867 fp = find_file(¤t_fh->fh_handle); 3868 if (!fp) 3869 return ret; 3870 /* Check for conflicting share reservations */ 3871 spin_lock(&fp->fi_lock); 3872 if (fp->fi_share_deny & deny_type) 3873 ret = nfserr_locked; 3874 spin_unlock(&fp->fi_lock); 3875 put_nfs4_file(fp); 3876 return ret; 3877 } 3878 3879 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 3880 { 3881 struct nfs4_delegation *dp = cb_to_delegation(cb); 3882 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 3883 nfsd_net_id); 3884 3885 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 3886 3887 /* 3888 * We can't do this in nfsd_break_deleg_cb because it is 3889 * already holding inode->i_lock. 3890 * 3891 * If the dl_time != 0, then we know that it has already been 3892 * queued for a lease break. Don't queue it again. 3893 */ 3894 spin_lock(&state_lock); 3895 if (dp->dl_time == 0) { 3896 dp->dl_time = get_seconds(); 3897 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 3898 } 3899 spin_unlock(&state_lock); 3900 } 3901 3902 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 3903 struct rpc_task *task) 3904 { 3905 struct nfs4_delegation *dp = cb_to_delegation(cb); 3906 3907 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 3908 return 1; 3909 3910 switch (task->tk_status) { 3911 case 0: 3912 return 1; 3913 case -EBADHANDLE: 3914 case -NFS4ERR_BAD_STATEID: 3915 /* 3916 * Race: client probably got cb_recall before open reply 3917 * granting delegation. 3918 */ 3919 if (dp->dl_retries--) { 3920 rpc_delay(task, 2 * HZ); 3921 return 0; 3922 } 3923 /*FALLTHRU*/ 3924 default: 3925 return -1; 3926 } 3927 } 3928 3929 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 3930 { 3931 struct nfs4_delegation *dp = cb_to_delegation(cb); 3932 3933 nfs4_put_stid(&dp->dl_stid); 3934 } 3935 3936 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 3937 .prepare = nfsd4_cb_recall_prepare, 3938 .done = nfsd4_cb_recall_done, 3939 .release = nfsd4_cb_recall_release, 3940 }; 3941 3942 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 3943 { 3944 /* 3945 * We're assuming the state code never drops its reference 3946 * without first removing the lease. Since we're in this lease 3947 * callback (and since the lease code is serialized by the kernel 3948 * lock) we know the server hasn't removed the lease yet, we know 3949 * it's safe to take a reference. 3950 */ 3951 refcount_inc(&dp->dl_stid.sc_count); 3952 nfsd4_run_cb(&dp->dl_recall); 3953 } 3954 3955 /* Called from break_lease() with i_lock held. */ 3956 static bool 3957 nfsd_break_deleg_cb(struct file_lock *fl) 3958 { 3959 bool ret = false; 3960 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner; 3961 struct nfs4_file *fp = dp->dl_stid.sc_file; 3962 3963 /* 3964 * We don't want the locks code to timeout the lease for us; 3965 * we'll remove it ourself if a delegation isn't returned 3966 * in time: 3967 */ 3968 fl->fl_break_time = 0; 3969 3970 spin_lock(&fp->fi_lock); 3971 fp->fi_had_conflict = true; 3972 nfsd_break_one_deleg(dp); 3973 spin_unlock(&fp->fi_lock); 3974 return ret; 3975 } 3976 3977 static int 3978 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 3979 struct list_head *dispose) 3980 { 3981 if (arg & F_UNLCK) 3982 return lease_modify(onlist, arg, dispose); 3983 else 3984 return -EAGAIN; 3985 } 3986 3987 static const struct lock_manager_operations nfsd_lease_mng_ops = { 3988 .lm_break = nfsd_break_deleg_cb, 3989 .lm_change = nfsd_change_deleg_cb, 3990 }; 3991 3992 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 3993 { 3994 if (nfsd4_has_session(cstate)) 3995 return nfs_ok; 3996 if (seqid == so->so_seqid - 1) 3997 return nfserr_replay_me; 3998 if (seqid == so->so_seqid) 3999 return nfs_ok; 4000 return nfserr_bad_seqid; 4001 } 4002 4003 static __be32 lookup_clientid(clientid_t *clid, 4004 struct nfsd4_compound_state *cstate, 4005 struct nfsd_net *nn) 4006 { 4007 struct nfs4_client *found; 4008 4009 if (cstate->clp) { 4010 found = cstate->clp; 4011 if (!same_clid(&found->cl_clientid, clid)) 4012 return nfserr_stale_clientid; 4013 return nfs_ok; 4014 } 4015 4016 if (STALE_CLIENTID(clid, nn)) 4017 return nfserr_stale_clientid; 4018 4019 /* 4020 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 4021 * cached already then we know this is for is for v4.0 and "sessions" 4022 * will be false. 4023 */ 4024 WARN_ON_ONCE(cstate->session); 4025 spin_lock(&nn->client_lock); 4026 found = find_confirmed_client(clid, false, nn); 4027 if (!found) { 4028 spin_unlock(&nn->client_lock); 4029 return nfserr_expired; 4030 } 4031 atomic_inc(&found->cl_refcount); 4032 spin_unlock(&nn->client_lock); 4033 4034 /* Cache the nfs4_client in cstate! */ 4035 cstate->clp = found; 4036 return nfs_ok; 4037 } 4038 4039 __be32 4040 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 4041 struct nfsd4_open *open, struct nfsd_net *nn) 4042 { 4043 clientid_t *clientid = &open->op_clientid; 4044 struct nfs4_client *clp = NULL; 4045 unsigned int strhashval; 4046 struct nfs4_openowner *oo = NULL; 4047 __be32 status; 4048 4049 if (STALE_CLIENTID(&open->op_clientid, nn)) 4050 return nfserr_stale_clientid; 4051 /* 4052 * In case we need it later, after we've already created the 4053 * file and don't want to risk a further failure: 4054 */ 4055 open->op_file = nfsd4_alloc_file(); 4056 if (open->op_file == NULL) 4057 return nfserr_jukebox; 4058 4059 status = lookup_clientid(clientid, cstate, nn); 4060 if (status) 4061 return status; 4062 clp = cstate->clp; 4063 4064 strhashval = ownerstr_hashval(&open->op_owner); 4065 oo = find_openstateowner_str(strhashval, open, clp); 4066 open->op_openowner = oo; 4067 if (!oo) { 4068 goto new_owner; 4069 } 4070 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4071 /* Replace unconfirmed owners without checking for replay. */ 4072 release_openowner(oo); 4073 open->op_openowner = NULL; 4074 goto new_owner; 4075 } 4076 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 4077 if (status) 4078 return status; 4079 goto alloc_stateid; 4080 new_owner: 4081 oo = alloc_init_open_stateowner(strhashval, open, cstate); 4082 if (oo == NULL) 4083 return nfserr_jukebox; 4084 open->op_openowner = oo; 4085 alloc_stateid: 4086 open->op_stp = nfs4_alloc_open_stateid(clp); 4087 if (!open->op_stp) 4088 return nfserr_jukebox; 4089 4090 if (nfsd4_has_session(cstate) && 4091 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 4092 open->op_odstate = alloc_clnt_odstate(clp); 4093 if (!open->op_odstate) 4094 return nfserr_jukebox; 4095 } 4096 4097 return nfs_ok; 4098 } 4099 4100 static inline __be32 4101 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4102 { 4103 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4104 return nfserr_openmode; 4105 else 4106 return nfs_ok; 4107 } 4108 4109 static int share_access_to_flags(u32 share_access) 4110 { 4111 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4112 } 4113 4114 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4115 { 4116 struct nfs4_stid *ret; 4117 4118 ret = find_stateid_by_type(cl, s, 4119 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4120 if (!ret) 4121 return NULL; 4122 return delegstateid(ret); 4123 } 4124 4125 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4126 { 4127 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4128 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4129 } 4130 4131 static __be32 4132 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4133 struct nfs4_delegation **dp) 4134 { 4135 int flags; 4136 __be32 status = nfserr_bad_stateid; 4137 struct nfs4_delegation *deleg; 4138 4139 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4140 if (deleg == NULL) 4141 goto out; 4142 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4143 nfs4_put_stid(&deleg->dl_stid); 4144 if (cl->cl_minorversion) 4145 status = nfserr_deleg_revoked; 4146 goto out; 4147 } 4148 flags = share_access_to_flags(open->op_share_access); 4149 status = nfs4_check_delegmode(deleg, flags); 4150 if (status) { 4151 nfs4_put_stid(&deleg->dl_stid); 4152 goto out; 4153 } 4154 *dp = deleg; 4155 out: 4156 if (!nfsd4_is_deleg_cur(open)) 4157 return nfs_ok; 4158 if (status) 4159 return status; 4160 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4161 return nfs_ok; 4162 } 4163 4164 static inline int nfs4_access_to_access(u32 nfs4_access) 4165 { 4166 int flags = 0; 4167 4168 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4169 flags |= NFSD_MAY_READ; 4170 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4171 flags |= NFSD_MAY_WRITE; 4172 return flags; 4173 } 4174 4175 static inline __be32 4176 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4177 struct nfsd4_open *open) 4178 { 4179 struct iattr iattr = { 4180 .ia_valid = ATTR_SIZE, 4181 .ia_size = 0, 4182 }; 4183 if (!open->op_truncate) 4184 return 0; 4185 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4186 return nfserr_inval; 4187 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 4188 } 4189 4190 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4191 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4192 struct nfsd4_open *open) 4193 { 4194 struct file *filp = NULL; 4195 __be32 status; 4196 int oflag = nfs4_access_to_omode(open->op_share_access); 4197 int access = nfs4_access_to_access(open->op_share_access); 4198 unsigned char old_access_bmap, old_deny_bmap; 4199 4200 spin_lock(&fp->fi_lock); 4201 4202 /* 4203 * Are we trying to set a deny mode that would conflict with 4204 * current access? 4205 */ 4206 status = nfs4_file_check_deny(fp, open->op_share_deny); 4207 if (status != nfs_ok) { 4208 spin_unlock(&fp->fi_lock); 4209 goto out; 4210 } 4211 4212 /* set access to the file */ 4213 status = nfs4_file_get_access(fp, open->op_share_access); 4214 if (status != nfs_ok) { 4215 spin_unlock(&fp->fi_lock); 4216 goto out; 4217 } 4218 4219 /* Set access bits in stateid */ 4220 old_access_bmap = stp->st_access_bmap; 4221 set_access(open->op_share_access, stp); 4222 4223 /* Set new deny mask */ 4224 old_deny_bmap = stp->st_deny_bmap; 4225 set_deny(open->op_share_deny, stp); 4226 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4227 4228 if (!fp->fi_fds[oflag]) { 4229 spin_unlock(&fp->fi_lock); 4230 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp); 4231 if (status) 4232 goto out_put_access; 4233 spin_lock(&fp->fi_lock); 4234 if (!fp->fi_fds[oflag]) { 4235 fp->fi_fds[oflag] = filp; 4236 filp = NULL; 4237 } 4238 } 4239 spin_unlock(&fp->fi_lock); 4240 if (filp) 4241 fput(filp); 4242 4243 status = nfsd4_truncate(rqstp, cur_fh, open); 4244 if (status) 4245 goto out_put_access; 4246 out: 4247 return status; 4248 out_put_access: 4249 stp->st_access_bmap = old_access_bmap; 4250 nfs4_file_put_access(fp, open->op_share_access); 4251 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4252 goto out; 4253 } 4254 4255 static __be32 4256 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4257 { 4258 __be32 status; 4259 unsigned char old_deny_bmap = stp->st_deny_bmap; 4260 4261 if (!test_access(open->op_share_access, stp)) 4262 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4263 4264 /* test and set deny mode */ 4265 spin_lock(&fp->fi_lock); 4266 status = nfs4_file_check_deny(fp, open->op_share_deny); 4267 if (status == nfs_ok) { 4268 set_deny(open->op_share_deny, stp); 4269 fp->fi_share_deny |= 4270 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4271 } 4272 spin_unlock(&fp->fi_lock); 4273 4274 if (status != nfs_ok) 4275 return status; 4276 4277 status = nfsd4_truncate(rqstp, cur_fh, open); 4278 if (status != nfs_ok) 4279 reset_union_bmap_deny(old_deny_bmap, stp); 4280 return status; 4281 } 4282 4283 /* Should we give out recallable state?: */ 4284 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4285 { 4286 if (clp->cl_cb_state == NFSD4_CB_UP) 4287 return true; 4288 /* 4289 * In the sessions case, since we don't have to establish a 4290 * separate connection for callbacks, we assume it's OK 4291 * until we hear otherwise: 4292 */ 4293 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4294 } 4295 4296 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 4297 int flag) 4298 { 4299 struct file_lock *fl; 4300 4301 fl = locks_alloc_lock(); 4302 if (!fl) 4303 return NULL; 4304 fl->fl_lmops = &nfsd_lease_mng_ops; 4305 fl->fl_flags = FL_DELEG; 4306 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4307 fl->fl_end = OFFSET_MAX; 4308 fl->fl_owner = (fl_owner_t)dp; 4309 fl->fl_pid = current->tgid; 4310 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file; 4311 return fl; 4312 } 4313 4314 static struct nfs4_delegation * 4315 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4316 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4317 { 4318 int status = 0; 4319 struct nfs4_delegation *dp; 4320 struct file *filp; 4321 struct file_lock *fl; 4322 4323 /* 4324 * The fi_had_conflict and nfs_get_existing_delegation checks 4325 * here are just optimizations; we'll need to recheck them at 4326 * the end: 4327 */ 4328 if (fp->fi_had_conflict) 4329 return ERR_PTR(-EAGAIN); 4330 4331 filp = find_readable_file(fp); 4332 if (!filp) { 4333 /* We should always have a readable file here */ 4334 WARN_ON_ONCE(1); 4335 return ERR_PTR(-EBADF); 4336 } 4337 spin_lock(&state_lock); 4338 spin_lock(&fp->fi_lock); 4339 if (nfs4_delegation_exists(clp, fp)) 4340 status = -EAGAIN; 4341 else if (!fp->fi_deleg_file) { 4342 fp->fi_deleg_file = filp; 4343 /* increment early to prevent fi_deleg_file from being 4344 * cleared */ 4345 fp->fi_delegees = 1; 4346 filp = NULL; 4347 } else 4348 fp->fi_delegees++; 4349 spin_unlock(&fp->fi_lock); 4350 spin_unlock(&state_lock); 4351 if (filp) 4352 fput(filp); 4353 if (status) 4354 return ERR_PTR(status); 4355 4356 status = -ENOMEM; 4357 dp = alloc_init_deleg(clp, fp, fh, odstate); 4358 if (!dp) 4359 goto out_delegees; 4360 4361 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 4362 if (!fl) 4363 goto out_stid; 4364 4365 status = vfs_setlease(fp->fi_deleg_file, fl->fl_type, &fl, NULL); 4366 if (fl) 4367 locks_free_lock(fl); 4368 if (status) 4369 goto out_clnt_odstate; 4370 4371 spin_lock(&state_lock); 4372 spin_lock(&fp->fi_lock); 4373 if (fp->fi_had_conflict) 4374 status = -EAGAIN; 4375 else 4376 status = hash_delegation_locked(dp, fp); 4377 spin_unlock(&fp->fi_lock); 4378 spin_unlock(&state_lock); 4379 4380 if (status) 4381 destroy_unhashed_deleg(dp); 4382 return dp; 4383 out_clnt_odstate: 4384 put_clnt_odstate(dp->dl_clnt_odstate); 4385 out_stid: 4386 nfs4_put_stid(&dp->dl_stid); 4387 out_delegees: 4388 put_deleg_file(fp); 4389 return ERR_PTR(status); 4390 } 4391 4392 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 4393 { 4394 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4395 if (status == -EAGAIN) 4396 open->op_why_no_deleg = WND4_CONTENTION; 4397 else { 4398 open->op_why_no_deleg = WND4_RESOURCE; 4399 switch (open->op_deleg_want) { 4400 case NFS4_SHARE_WANT_READ_DELEG: 4401 case NFS4_SHARE_WANT_WRITE_DELEG: 4402 case NFS4_SHARE_WANT_ANY_DELEG: 4403 break; 4404 case NFS4_SHARE_WANT_CANCEL: 4405 open->op_why_no_deleg = WND4_CANCELLED; 4406 break; 4407 case NFS4_SHARE_WANT_NO_DELEG: 4408 WARN_ON_ONCE(1); 4409 } 4410 } 4411 } 4412 4413 /* 4414 * Attempt to hand out a delegation. 4415 * 4416 * Note we don't support write delegations, and won't until the vfs has 4417 * proper support for them. 4418 */ 4419 static void 4420 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 4421 struct nfs4_ol_stateid *stp) 4422 { 4423 struct nfs4_delegation *dp; 4424 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 4425 struct nfs4_client *clp = stp->st_stid.sc_client; 4426 int cb_up; 4427 int status = 0; 4428 4429 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 4430 open->op_recall = 0; 4431 switch (open->op_claim_type) { 4432 case NFS4_OPEN_CLAIM_PREVIOUS: 4433 if (!cb_up) 4434 open->op_recall = 1; 4435 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 4436 goto out_no_deleg; 4437 break; 4438 case NFS4_OPEN_CLAIM_NULL: 4439 case NFS4_OPEN_CLAIM_FH: 4440 /* 4441 * Let's not give out any delegations till everyone's 4442 * had the chance to reclaim theirs, *and* until 4443 * NLM locks have all been reclaimed: 4444 */ 4445 if (locks_in_grace(clp->net)) 4446 goto out_no_deleg; 4447 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 4448 goto out_no_deleg; 4449 /* 4450 * Also, if the file was opened for write or 4451 * create, there's a good chance the client's 4452 * about to write to it, resulting in an 4453 * immediate recall (since we don't support 4454 * write delegations): 4455 */ 4456 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 4457 goto out_no_deleg; 4458 if (open->op_create == NFS4_OPEN_CREATE) 4459 goto out_no_deleg; 4460 break; 4461 default: 4462 goto out_no_deleg; 4463 } 4464 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 4465 if (IS_ERR(dp)) 4466 goto out_no_deleg; 4467 4468 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 4469 4470 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 4471 STATEID_VAL(&dp->dl_stid.sc_stateid)); 4472 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 4473 nfs4_put_stid(&dp->dl_stid); 4474 return; 4475 out_no_deleg: 4476 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 4477 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 4478 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 4479 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 4480 open->op_recall = 1; 4481 } 4482 4483 /* 4.1 client asking for a delegation? */ 4484 if (open->op_deleg_want) 4485 nfsd4_open_deleg_none_ext(open, status); 4486 return; 4487 } 4488 4489 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 4490 struct nfs4_delegation *dp) 4491 { 4492 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 4493 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4494 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4495 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 4496 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 4497 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4498 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4499 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 4500 } 4501 /* Otherwise the client must be confused wanting a delegation 4502 * it already has, therefore we don't return 4503 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 4504 */ 4505 } 4506 4507 __be32 4508 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 4509 { 4510 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4511 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 4512 struct nfs4_file *fp = NULL; 4513 struct nfs4_ol_stateid *stp = NULL; 4514 struct nfs4_delegation *dp = NULL; 4515 __be32 status; 4516 bool new_stp = false; 4517 4518 /* 4519 * Lookup file; if found, lookup stateid and check open request, 4520 * and check for delegations in the process of being recalled. 4521 * If not found, create the nfs4_file struct 4522 */ 4523 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 4524 if (fp != open->op_file) { 4525 status = nfs4_check_deleg(cl, open, &dp); 4526 if (status) 4527 goto out; 4528 stp = nfsd4_find_and_lock_existing_open(fp, open); 4529 } else { 4530 open->op_file = NULL; 4531 status = nfserr_bad_stateid; 4532 if (nfsd4_is_deleg_cur(open)) 4533 goto out; 4534 } 4535 4536 if (!stp) { 4537 stp = init_open_stateid(fp, open); 4538 if (!open->op_stp) 4539 new_stp = true; 4540 } 4541 4542 /* 4543 * OPEN the file, or upgrade an existing OPEN. 4544 * If truncate fails, the OPEN fails. 4545 * 4546 * stp is already locked. 4547 */ 4548 if (!new_stp) { 4549 /* Stateid was found, this is an OPEN upgrade */ 4550 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 4551 if (status) { 4552 mutex_unlock(&stp->st_mutex); 4553 goto out; 4554 } 4555 } else { 4556 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 4557 if (status) { 4558 stp->st_stid.sc_type = NFS4_CLOSED_STID; 4559 release_open_stateid(stp); 4560 mutex_unlock(&stp->st_mutex); 4561 goto out; 4562 } 4563 4564 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 4565 open->op_odstate); 4566 if (stp->st_clnt_odstate == open->op_odstate) 4567 open->op_odstate = NULL; 4568 } 4569 4570 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 4571 mutex_unlock(&stp->st_mutex); 4572 4573 if (nfsd4_has_session(&resp->cstate)) { 4574 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 4575 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4576 open->op_why_no_deleg = WND4_NOT_WANTED; 4577 goto nodeleg; 4578 } 4579 } 4580 4581 /* 4582 * Attempt to hand out a delegation. No error return, because the 4583 * OPEN succeeds even if we fail. 4584 */ 4585 nfs4_open_delegation(current_fh, open, stp); 4586 nodeleg: 4587 status = nfs_ok; 4588 4589 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 4590 STATEID_VAL(&stp->st_stid.sc_stateid)); 4591 out: 4592 /* 4.1 client trying to upgrade/downgrade delegation? */ 4593 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 4594 open->op_deleg_want) 4595 nfsd4_deleg_xgrade_none_ext(open, dp); 4596 4597 if (fp) 4598 put_nfs4_file(fp); 4599 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 4600 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4601 /* 4602 * To finish the open response, we just need to set the rflags. 4603 */ 4604 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 4605 if (nfsd4_has_session(&resp->cstate)) 4606 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 4607 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 4608 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 4609 4610 if (dp) 4611 nfs4_put_stid(&dp->dl_stid); 4612 if (stp) 4613 nfs4_put_stid(&stp->st_stid); 4614 4615 return status; 4616 } 4617 4618 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 4619 struct nfsd4_open *open) 4620 { 4621 if (open->op_openowner) { 4622 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 4623 4624 nfsd4_cstate_assign_replay(cstate, so); 4625 nfs4_put_stateowner(so); 4626 } 4627 if (open->op_file) 4628 kmem_cache_free(file_slab, open->op_file); 4629 if (open->op_stp) 4630 nfs4_put_stid(&open->op_stp->st_stid); 4631 if (open->op_odstate) 4632 kmem_cache_free(odstate_slab, open->op_odstate); 4633 } 4634 4635 __be32 4636 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4637 union nfsd4_op_u *u) 4638 { 4639 clientid_t *clid = &u->renew; 4640 struct nfs4_client *clp; 4641 __be32 status; 4642 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4643 4644 dprintk("process_renew(%08x/%08x): starting\n", 4645 clid->cl_boot, clid->cl_id); 4646 status = lookup_clientid(clid, cstate, nn); 4647 if (status) 4648 goto out; 4649 clp = cstate->clp; 4650 status = nfserr_cb_path_down; 4651 if (!list_empty(&clp->cl_delegations) 4652 && clp->cl_cb_state != NFSD4_CB_UP) 4653 goto out; 4654 status = nfs_ok; 4655 out: 4656 return status; 4657 } 4658 4659 void 4660 nfsd4_end_grace(struct nfsd_net *nn) 4661 { 4662 /* do nothing if grace period already ended */ 4663 if (nn->grace_ended) 4664 return; 4665 4666 dprintk("NFSD: end of grace period\n"); 4667 nn->grace_ended = true; 4668 /* 4669 * If the server goes down again right now, an NFSv4 4670 * client will still be allowed to reclaim after it comes back up, 4671 * even if it hasn't yet had a chance to reclaim state this time. 4672 * 4673 */ 4674 nfsd4_record_grace_done(nn); 4675 /* 4676 * At this point, NFSv4 clients can still reclaim. But if the 4677 * server crashes, any that have not yet reclaimed will be out 4678 * of luck on the next boot. 4679 * 4680 * (NFSv4.1+ clients are considered to have reclaimed once they 4681 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 4682 * have reclaimed after their first OPEN.) 4683 */ 4684 locks_end_grace(&nn->nfsd4_manager); 4685 /* 4686 * At this point, and once lockd and/or any other containers 4687 * exit their grace period, further reclaims will fail and 4688 * regular locking can resume. 4689 */ 4690 } 4691 4692 static time_t 4693 nfs4_laundromat(struct nfsd_net *nn) 4694 { 4695 struct nfs4_client *clp; 4696 struct nfs4_openowner *oo; 4697 struct nfs4_delegation *dp; 4698 struct nfs4_ol_stateid *stp; 4699 struct nfsd4_blocked_lock *nbl; 4700 struct list_head *pos, *next, reaplist; 4701 time_t cutoff = get_seconds() - nn->nfsd4_lease; 4702 time_t t, new_timeo = nn->nfsd4_lease; 4703 4704 dprintk("NFSD: laundromat service - starting\n"); 4705 nfsd4_end_grace(nn); 4706 INIT_LIST_HEAD(&reaplist); 4707 spin_lock(&nn->client_lock); 4708 list_for_each_safe(pos, next, &nn->client_lru) { 4709 clp = list_entry(pos, struct nfs4_client, cl_lru); 4710 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) { 4711 t = clp->cl_time - cutoff; 4712 new_timeo = min(new_timeo, t); 4713 break; 4714 } 4715 if (mark_client_expired_locked(clp)) { 4716 dprintk("NFSD: client in use (clientid %08x)\n", 4717 clp->cl_clientid.cl_id); 4718 continue; 4719 } 4720 list_add(&clp->cl_lru, &reaplist); 4721 } 4722 spin_unlock(&nn->client_lock); 4723 list_for_each_safe(pos, next, &reaplist) { 4724 clp = list_entry(pos, struct nfs4_client, cl_lru); 4725 dprintk("NFSD: purging unused client (clientid %08x)\n", 4726 clp->cl_clientid.cl_id); 4727 list_del_init(&clp->cl_lru); 4728 expire_client(clp); 4729 } 4730 spin_lock(&state_lock); 4731 list_for_each_safe(pos, next, &nn->del_recall_lru) { 4732 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 4733 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) { 4734 t = dp->dl_time - cutoff; 4735 new_timeo = min(new_timeo, t); 4736 break; 4737 } 4738 WARN_ON(!unhash_delegation_locked(dp)); 4739 list_add(&dp->dl_recall_lru, &reaplist); 4740 } 4741 spin_unlock(&state_lock); 4742 while (!list_empty(&reaplist)) { 4743 dp = list_first_entry(&reaplist, struct nfs4_delegation, 4744 dl_recall_lru); 4745 list_del_init(&dp->dl_recall_lru); 4746 revoke_delegation(dp); 4747 } 4748 4749 spin_lock(&nn->client_lock); 4750 while (!list_empty(&nn->close_lru)) { 4751 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 4752 oo_close_lru); 4753 if (time_after((unsigned long)oo->oo_time, 4754 (unsigned long)cutoff)) { 4755 t = oo->oo_time - cutoff; 4756 new_timeo = min(new_timeo, t); 4757 break; 4758 } 4759 list_del_init(&oo->oo_close_lru); 4760 stp = oo->oo_last_closed_stid; 4761 oo->oo_last_closed_stid = NULL; 4762 spin_unlock(&nn->client_lock); 4763 nfs4_put_stid(&stp->st_stid); 4764 spin_lock(&nn->client_lock); 4765 } 4766 spin_unlock(&nn->client_lock); 4767 4768 /* 4769 * It's possible for a client to try and acquire an already held lock 4770 * that is being held for a long time, and then lose interest in it. 4771 * So, we clean out any un-revisited request after a lease period 4772 * under the assumption that the client is no longer interested. 4773 * 4774 * RFC5661, sec. 9.6 states that the client must not rely on getting 4775 * notifications and must continue to poll for locks, even when the 4776 * server supports them. Thus this shouldn't lead to clients blocking 4777 * indefinitely once the lock does become free. 4778 */ 4779 BUG_ON(!list_empty(&reaplist)); 4780 spin_lock(&nn->blocked_locks_lock); 4781 while (!list_empty(&nn->blocked_locks_lru)) { 4782 nbl = list_first_entry(&nn->blocked_locks_lru, 4783 struct nfsd4_blocked_lock, nbl_lru); 4784 if (time_after((unsigned long)nbl->nbl_time, 4785 (unsigned long)cutoff)) { 4786 t = nbl->nbl_time - cutoff; 4787 new_timeo = min(new_timeo, t); 4788 break; 4789 } 4790 list_move(&nbl->nbl_lru, &reaplist); 4791 list_del_init(&nbl->nbl_list); 4792 } 4793 spin_unlock(&nn->blocked_locks_lock); 4794 4795 while (!list_empty(&reaplist)) { 4796 nbl = list_first_entry(&reaplist, 4797 struct nfsd4_blocked_lock, nbl_lru); 4798 list_del_init(&nbl->nbl_lru); 4799 posix_unblock_lock(&nbl->nbl_lock); 4800 free_blocked_lock(nbl); 4801 } 4802 4803 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 4804 return new_timeo; 4805 } 4806 4807 static struct workqueue_struct *laundry_wq; 4808 static void laundromat_main(struct work_struct *); 4809 4810 static void 4811 laundromat_main(struct work_struct *laundry) 4812 { 4813 time_t t; 4814 struct delayed_work *dwork = to_delayed_work(laundry); 4815 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 4816 laundromat_work); 4817 4818 t = nfs4_laundromat(nn); 4819 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t); 4820 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 4821 } 4822 4823 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 4824 { 4825 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 4826 return nfserr_bad_stateid; 4827 return nfs_ok; 4828 } 4829 4830 static inline int 4831 access_permit_read(struct nfs4_ol_stateid *stp) 4832 { 4833 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 4834 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 4835 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 4836 } 4837 4838 static inline int 4839 access_permit_write(struct nfs4_ol_stateid *stp) 4840 { 4841 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 4842 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 4843 } 4844 4845 static 4846 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 4847 { 4848 __be32 status = nfserr_openmode; 4849 4850 /* For lock stateid's, we test the parent open, not the lock: */ 4851 if (stp->st_openstp) 4852 stp = stp->st_openstp; 4853 if ((flags & WR_STATE) && !access_permit_write(stp)) 4854 goto out; 4855 if ((flags & RD_STATE) && !access_permit_read(stp)) 4856 goto out; 4857 status = nfs_ok; 4858 out: 4859 return status; 4860 } 4861 4862 static inline __be32 4863 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 4864 { 4865 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 4866 return nfs_ok; 4867 else if (opens_in_grace(net)) { 4868 /* Answer in remaining cases depends on existence of 4869 * conflicting state; so we must wait out the grace period. */ 4870 return nfserr_grace; 4871 } else if (flags & WR_STATE) 4872 return nfs4_share_conflict(current_fh, 4873 NFS4_SHARE_DENY_WRITE); 4874 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 4875 return nfs4_share_conflict(current_fh, 4876 NFS4_SHARE_DENY_READ); 4877 } 4878 4879 /* 4880 * Allow READ/WRITE during grace period on recovered state only for files 4881 * that are not able to provide mandatory locking. 4882 */ 4883 static inline int 4884 grace_disallows_io(struct net *net, struct inode *inode) 4885 { 4886 return opens_in_grace(net) && mandatory_lock(inode); 4887 } 4888 4889 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 4890 { 4891 /* 4892 * When sessions are used the stateid generation number is ignored 4893 * when it is zero. 4894 */ 4895 if (has_session && in->si_generation == 0) 4896 return nfs_ok; 4897 4898 if (in->si_generation == ref->si_generation) 4899 return nfs_ok; 4900 4901 /* If the client sends us a stateid from the future, it's buggy: */ 4902 if (nfsd4_stateid_generation_after(in, ref)) 4903 return nfserr_bad_stateid; 4904 /* 4905 * However, we could see a stateid from the past, even from a 4906 * non-buggy client. For example, if the client sends a lock 4907 * while some IO is outstanding, the lock may bump si_generation 4908 * while the IO is still in flight. The client could avoid that 4909 * situation by waiting for responses on all the IO requests, 4910 * but better performance may result in retrying IO that 4911 * receives an old_stateid error if requests are rarely 4912 * reordered in flight: 4913 */ 4914 return nfserr_old_stateid; 4915 } 4916 4917 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 4918 { 4919 __be32 ret; 4920 4921 spin_lock(&s->sc_lock); 4922 ret = nfsd4_verify_open_stid(s); 4923 if (ret == nfs_ok) 4924 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 4925 spin_unlock(&s->sc_lock); 4926 return ret; 4927 } 4928 4929 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 4930 { 4931 if (ols->st_stateowner->so_is_open_owner && 4932 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 4933 return nfserr_bad_stateid; 4934 return nfs_ok; 4935 } 4936 4937 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 4938 { 4939 struct nfs4_stid *s; 4940 __be32 status = nfserr_bad_stateid; 4941 4942 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 4943 CLOSE_STATEID(stateid)) 4944 return status; 4945 /* Client debugging aid. */ 4946 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 4947 char addr_str[INET6_ADDRSTRLEN]; 4948 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str, 4949 sizeof(addr_str)); 4950 pr_warn_ratelimited("NFSD: client %s testing state ID " 4951 "with incorrect client ID\n", addr_str); 4952 return status; 4953 } 4954 spin_lock(&cl->cl_lock); 4955 s = find_stateid_locked(cl, stateid); 4956 if (!s) 4957 goto out_unlock; 4958 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 4959 if (status) 4960 goto out_unlock; 4961 switch (s->sc_type) { 4962 case NFS4_DELEG_STID: 4963 status = nfs_ok; 4964 break; 4965 case NFS4_REVOKED_DELEG_STID: 4966 status = nfserr_deleg_revoked; 4967 break; 4968 case NFS4_OPEN_STID: 4969 case NFS4_LOCK_STID: 4970 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 4971 break; 4972 default: 4973 printk("unknown stateid type %x\n", s->sc_type); 4974 /* Fallthrough */ 4975 case NFS4_CLOSED_STID: 4976 case NFS4_CLOSED_DELEG_STID: 4977 status = nfserr_bad_stateid; 4978 } 4979 out_unlock: 4980 spin_unlock(&cl->cl_lock); 4981 return status; 4982 } 4983 4984 __be32 4985 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 4986 stateid_t *stateid, unsigned char typemask, 4987 struct nfs4_stid **s, struct nfsd_net *nn) 4988 { 4989 __be32 status; 4990 bool return_revoked = false; 4991 4992 /* 4993 * only return revoked delegations if explicitly asked. 4994 * otherwise we report revoked or bad_stateid status. 4995 */ 4996 if (typemask & NFS4_REVOKED_DELEG_STID) 4997 return_revoked = true; 4998 else if (typemask & NFS4_DELEG_STID) 4999 typemask |= NFS4_REVOKED_DELEG_STID; 5000 5001 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5002 CLOSE_STATEID(stateid)) 5003 return nfserr_bad_stateid; 5004 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); 5005 if (status == nfserr_stale_clientid) { 5006 if (cstate->session) 5007 return nfserr_bad_stateid; 5008 return nfserr_stale_stateid; 5009 } 5010 if (status) 5011 return status; 5012 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 5013 if (!*s) 5014 return nfserr_bad_stateid; 5015 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 5016 nfs4_put_stid(*s); 5017 if (cstate->minorversion) 5018 return nfserr_deleg_revoked; 5019 return nfserr_bad_stateid; 5020 } 5021 return nfs_ok; 5022 } 5023 5024 static struct file * 5025 nfs4_find_file(struct nfs4_stid *s, int flags) 5026 { 5027 if (!s) 5028 return NULL; 5029 5030 switch (s->sc_type) { 5031 case NFS4_DELEG_STID: 5032 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 5033 return NULL; 5034 return get_file(s->sc_file->fi_deleg_file); 5035 case NFS4_OPEN_STID: 5036 case NFS4_LOCK_STID: 5037 if (flags & RD_STATE) 5038 return find_readable_file(s->sc_file); 5039 else 5040 return find_writeable_file(s->sc_file); 5041 break; 5042 } 5043 5044 return NULL; 5045 } 5046 5047 static __be32 5048 nfs4_check_olstateid(struct svc_fh *fhp, struct nfs4_ol_stateid *ols, int flags) 5049 { 5050 __be32 status; 5051 5052 status = nfsd4_check_openowner_confirmed(ols); 5053 if (status) 5054 return status; 5055 return nfs4_check_openmode(ols, flags); 5056 } 5057 5058 static __be32 5059 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 5060 struct file **filpp, bool *tmp_file, int flags) 5061 { 5062 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 5063 struct file *file; 5064 __be32 status; 5065 5066 file = nfs4_find_file(s, flags); 5067 if (file) { 5068 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 5069 acc | NFSD_MAY_OWNER_OVERRIDE); 5070 if (status) { 5071 fput(file); 5072 return status; 5073 } 5074 5075 *filpp = file; 5076 } else { 5077 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp); 5078 if (status) 5079 return status; 5080 5081 if (tmp_file) 5082 *tmp_file = true; 5083 } 5084 5085 return 0; 5086 } 5087 5088 /* 5089 * Checks for stateid operations 5090 */ 5091 __be32 5092 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5093 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5094 stateid_t *stateid, int flags, struct file **filpp, bool *tmp_file) 5095 { 5096 struct inode *ino = d_inode(fhp->fh_dentry); 5097 struct net *net = SVC_NET(rqstp); 5098 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5099 struct nfs4_stid *s = NULL; 5100 __be32 status; 5101 5102 if (filpp) 5103 *filpp = NULL; 5104 if (tmp_file) 5105 *tmp_file = false; 5106 5107 if (grace_disallows_io(net, ino)) 5108 return nfserr_grace; 5109 5110 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5111 status = check_special_stateids(net, fhp, stateid, flags); 5112 goto done; 5113 } 5114 5115 status = nfsd4_lookup_stateid(cstate, stateid, 5116 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5117 &s, nn); 5118 if (status) 5119 return status; 5120 status = nfsd4_stid_check_stateid_generation(stateid, s, 5121 nfsd4_has_session(cstate)); 5122 if (status) 5123 goto out; 5124 5125 switch (s->sc_type) { 5126 case NFS4_DELEG_STID: 5127 status = nfs4_check_delegmode(delegstateid(s), flags); 5128 break; 5129 case NFS4_OPEN_STID: 5130 case NFS4_LOCK_STID: 5131 status = nfs4_check_olstateid(fhp, openlockstateid(s), flags); 5132 break; 5133 default: 5134 status = nfserr_bad_stateid; 5135 break; 5136 } 5137 if (status) 5138 goto out; 5139 status = nfs4_check_fh(fhp, s); 5140 5141 done: 5142 if (!status && filpp) 5143 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags); 5144 out: 5145 if (s) 5146 nfs4_put_stid(s); 5147 return status; 5148 } 5149 5150 /* 5151 * Test if the stateid is valid 5152 */ 5153 __be32 5154 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5155 union nfsd4_op_u *u) 5156 { 5157 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5158 struct nfsd4_test_stateid_id *stateid; 5159 struct nfs4_client *cl = cstate->session->se_client; 5160 5161 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5162 stateid->ts_id_status = 5163 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5164 5165 return nfs_ok; 5166 } 5167 5168 static __be32 5169 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5170 { 5171 struct nfs4_ol_stateid *stp = openlockstateid(s); 5172 __be32 ret; 5173 5174 ret = nfsd4_lock_ol_stateid(stp); 5175 if (ret) 5176 goto out_put_stid; 5177 5178 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5179 if (ret) 5180 goto out; 5181 5182 ret = nfserr_locks_held; 5183 if (check_for_locks(stp->st_stid.sc_file, 5184 lockowner(stp->st_stateowner))) 5185 goto out; 5186 5187 release_lock_stateid(stp); 5188 ret = nfs_ok; 5189 5190 out: 5191 mutex_unlock(&stp->st_mutex); 5192 out_put_stid: 5193 nfs4_put_stid(s); 5194 return ret; 5195 } 5196 5197 __be32 5198 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5199 union nfsd4_op_u *u) 5200 { 5201 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5202 stateid_t *stateid = &free_stateid->fr_stateid; 5203 struct nfs4_stid *s; 5204 struct nfs4_delegation *dp; 5205 struct nfs4_client *cl = cstate->session->se_client; 5206 __be32 ret = nfserr_bad_stateid; 5207 5208 spin_lock(&cl->cl_lock); 5209 s = find_stateid_locked(cl, stateid); 5210 if (!s) 5211 goto out_unlock; 5212 spin_lock(&s->sc_lock); 5213 switch (s->sc_type) { 5214 case NFS4_DELEG_STID: 5215 ret = nfserr_locks_held; 5216 break; 5217 case NFS4_OPEN_STID: 5218 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5219 if (ret) 5220 break; 5221 ret = nfserr_locks_held; 5222 break; 5223 case NFS4_LOCK_STID: 5224 spin_unlock(&s->sc_lock); 5225 refcount_inc(&s->sc_count); 5226 spin_unlock(&cl->cl_lock); 5227 ret = nfsd4_free_lock_stateid(stateid, s); 5228 goto out; 5229 case NFS4_REVOKED_DELEG_STID: 5230 spin_unlock(&s->sc_lock); 5231 dp = delegstateid(s); 5232 list_del_init(&dp->dl_recall_lru); 5233 spin_unlock(&cl->cl_lock); 5234 nfs4_put_stid(s); 5235 ret = nfs_ok; 5236 goto out; 5237 /* Default falls through and returns nfserr_bad_stateid */ 5238 } 5239 spin_unlock(&s->sc_lock); 5240 out_unlock: 5241 spin_unlock(&cl->cl_lock); 5242 out: 5243 return ret; 5244 } 5245 5246 static inline int 5247 setlkflg (int type) 5248 { 5249 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5250 RD_STATE : WR_STATE; 5251 } 5252 5253 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5254 { 5255 struct svc_fh *current_fh = &cstate->current_fh; 5256 struct nfs4_stateowner *sop = stp->st_stateowner; 5257 __be32 status; 5258 5259 status = nfsd4_check_seqid(cstate, sop, seqid); 5260 if (status) 5261 return status; 5262 status = nfsd4_lock_ol_stateid(stp); 5263 if (status != nfs_ok) 5264 return status; 5265 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5266 if (status == nfs_ok) 5267 status = nfs4_check_fh(current_fh, &stp->st_stid); 5268 if (status != nfs_ok) 5269 mutex_unlock(&stp->st_mutex); 5270 return status; 5271 } 5272 5273 /* 5274 * Checks for sequence id mutating operations. 5275 */ 5276 static __be32 5277 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5278 stateid_t *stateid, char typemask, 5279 struct nfs4_ol_stateid **stpp, 5280 struct nfsd_net *nn) 5281 { 5282 __be32 status; 5283 struct nfs4_stid *s; 5284 struct nfs4_ol_stateid *stp = NULL; 5285 5286 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 5287 seqid, STATEID_VAL(stateid)); 5288 5289 *stpp = NULL; 5290 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 5291 if (status) 5292 return status; 5293 stp = openlockstateid(s); 5294 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 5295 5296 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 5297 if (!status) 5298 *stpp = stp; 5299 else 5300 nfs4_put_stid(&stp->st_stid); 5301 return status; 5302 } 5303 5304 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5305 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 5306 { 5307 __be32 status; 5308 struct nfs4_openowner *oo; 5309 struct nfs4_ol_stateid *stp; 5310 5311 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 5312 NFS4_OPEN_STID, &stp, nn); 5313 if (status) 5314 return status; 5315 oo = openowner(stp->st_stateowner); 5316 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5317 mutex_unlock(&stp->st_mutex); 5318 nfs4_put_stid(&stp->st_stid); 5319 return nfserr_bad_stateid; 5320 } 5321 *stpp = stp; 5322 return nfs_ok; 5323 } 5324 5325 __be32 5326 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5327 union nfsd4_op_u *u) 5328 { 5329 struct nfsd4_open_confirm *oc = &u->open_confirm; 5330 __be32 status; 5331 struct nfs4_openowner *oo; 5332 struct nfs4_ol_stateid *stp; 5333 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5334 5335 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 5336 cstate->current_fh.fh_dentry); 5337 5338 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 5339 if (status) 5340 return status; 5341 5342 status = nfs4_preprocess_seqid_op(cstate, 5343 oc->oc_seqid, &oc->oc_req_stateid, 5344 NFS4_OPEN_STID, &stp, nn); 5345 if (status) 5346 goto out; 5347 oo = openowner(stp->st_stateowner); 5348 status = nfserr_bad_stateid; 5349 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 5350 mutex_unlock(&stp->st_mutex); 5351 goto put_stateid; 5352 } 5353 oo->oo_flags |= NFS4_OO_CONFIRMED; 5354 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 5355 mutex_unlock(&stp->st_mutex); 5356 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 5357 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 5358 5359 nfsd4_client_record_create(oo->oo_owner.so_client); 5360 status = nfs_ok; 5361 put_stateid: 5362 nfs4_put_stid(&stp->st_stid); 5363 out: 5364 nfsd4_bump_seqid(cstate, status); 5365 return status; 5366 } 5367 5368 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 5369 { 5370 if (!test_access(access, stp)) 5371 return; 5372 nfs4_file_put_access(stp->st_stid.sc_file, access); 5373 clear_access(access, stp); 5374 } 5375 5376 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 5377 { 5378 switch (to_access) { 5379 case NFS4_SHARE_ACCESS_READ: 5380 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 5381 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5382 break; 5383 case NFS4_SHARE_ACCESS_WRITE: 5384 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 5385 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5386 break; 5387 case NFS4_SHARE_ACCESS_BOTH: 5388 break; 5389 default: 5390 WARN_ON_ONCE(1); 5391 } 5392 } 5393 5394 __be32 5395 nfsd4_open_downgrade(struct svc_rqst *rqstp, 5396 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 5397 { 5398 struct nfsd4_open_downgrade *od = &u->open_downgrade; 5399 __be32 status; 5400 struct nfs4_ol_stateid *stp; 5401 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5402 5403 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 5404 cstate->current_fh.fh_dentry); 5405 5406 /* We don't yet support WANT bits: */ 5407 if (od->od_deleg_want) 5408 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 5409 od->od_deleg_want); 5410 5411 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 5412 &od->od_stateid, &stp, nn); 5413 if (status) 5414 goto out; 5415 status = nfserr_inval; 5416 if (!test_access(od->od_share_access, stp)) { 5417 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 5418 stp->st_access_bmap, od->od_share_access); 5419 goto put_stateid; 5420 } 5421 if (!test_deny(od->od_share_deny, stp)) { 5422 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 5423 stp->st_deny_bmap, od->od_share_deny); 5424 goto put_stateid; 5425 } 5426 nfs4_stateid_downgrade(stp, od->od_share_access); 5427 reset_union_bmap_deny(od->od_share_deny, stp); 5428 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 5429 status = nfs_ok; 5430 put_stateid: 5431 mutex_unlock(&stp->st_mutex); 5432 nfs4_put_stid(&stp->st_stid); 5433 out: 5434 nfsd4_bump_seqid(cstate, status); 5435 return status; 5436 } 5437 5438 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 5439 { 5440 struct nfs4_client *clp = s->st_stid.sc_client; 5441 bool unhashed; 5442 LIST_HEAD(reaplist); 5443 5444 spin_lock(&clp->cl_lock); 5445 unhashed = unhash_open_stateid(s, &reaplist); 5446 5447 if (clp->cl_minorversion) { 5448 if (unhashed) 5449 put_ol_stateid_locked(s, &reaplist); 5450 spin_unlock(&clp->cl_lock); 5451 free_ol_stateid_reaplist(&reaplist); 5452 } else { 5453 spin_unlock(&clp->cl_lock); 5454 free_ol_stateid_reaplist(&reaplist); 5455 if (unhashed) 5456 move_to_close_lru(s, clp->net); 5457 } 5458 } 5459 5460 /* 5461 * nfs4_unlock_state() called after encode 5462 */ 5463 __be32 5464 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5465 union nfsd4_op_u *u) 5466 { 5467 struct nfsd4_close *close = &u->close; 5468 __be32 status; 5469 struct nfs4_ol_stateid *stp; 5470 struct net *net = SVC_NET(rqstp); 5471 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5472 5473 dprintk("NFSD: nfsd4_close on file %pd\n", 5474 cstate->current_fh.fh_dentry); 5475 5476 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 5477 &close->cl_stateid, 5478 NFS4_OPEN_STID|NFS4_CLOSED_STID, 5479 &stp, nn); 5480 nfsd4_bump_seqid(cstate, status); 5481 if (status) 5482 goto out; 5483 5484 stp->st_stid.sc_type = NFS4_CLOSED_STID; 5485 5486 /* 5487 * Technically we don't _really_ have to increment or copy it, since 5488 * it should just be gone after this operation and we clobber the 5489 * copied value below, but we continue to do so here just to ensure 5490 * that racing ops see that there was a state change. 5491 */ 5492 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 5493 5494 nfsd4_close_open_stateid(stp); 5495 mutex_unlock(&stp->st_mutex); 5496 5497 /* v4.1+ suggests that we send a special stateid in here, since the 5498 * clients should just ignore this anyway. Since this is not useful 5499 * for v4.0 clients either, we set it to the special close_stateid 5500 * universally. 5501 * 5502 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 5503 */ 5504 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 5505 5506 /* put reference from nfs4_preprocess_seqid_op */ 5507 nfs4_put_stid(&stp->st_stid); 5508 out: 5509 return status; 5510 } 5511 5512 __be32 5513 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5514 union nfsd4_op_u *u) 5515 { 5516 struct nfsd4_delegreturn *dr = &u->delegreturn; 5517 struct nfs4_delegation *dp; 5518 stateid_t *stateid = &dr->dr_stateid; 5519 struct nfs4_stid *s; 5520 __be32 status; 5521 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5522 5523 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 5524 return status; 5525 5526 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 5527 if (status) 5528 goto out; 5529 dp = delegstateid(s); 5530 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 5531 if (status) 5532 goto put_stateid; 5533 5534 destroy_delegation(dp); 5535 put_stateid: 5536 nfs4_put_stid(&dp->dl_stid); 5537 out: 5538 return status; 5539 } 5540 5541 static inline u64 5542 end_offset(u64 start, u64 len) 5543 { 5544 u64 end; 5545 5546 end = start + len; 5547 return end >= start ? end: NFS4_MAX_UINT64; 5548 } 5549 5550 /* last octet in a range */ 5551 static inline u64 5552 last_byte_offset(u64 start, u64 len) 5553 { 5554 u64 end; 5555 5556 WARN_ON_ONCE(!len); 5557 end = start + len; 5558 return end > start ? end - 1: NFS4_MAX_UINT64; 5559 } 5560 5561 /* 5562 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 5563 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 5564 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 5565 * locking, this prevents us from being completely protocol-compliant. The 5566 * real solution to this problem is to start using unsigned file offsets in 5567 * the VFS, but this is a very deep change! 5568 */ 5569 static inline void 5570 nfs4_transform_lock_offset(struct file_lock *lock) 5571 { 5572 if (lock->fl_start < 0) 5573 lock->fl_start = OFFSET_MAX; 5574 if (lock->fl_end < 0) 5575 lock->fl_end = OFFSET_MAX; 5576 } 5577 5578 static fl_owner_t 5579 nfsd4_fl_get_owner(fl_owner_t owner) 5580 { 5581 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5582 5583 nfs4_get_stateowner(&lo->lo_owner); 5584 return owner; 5585 } 5586 5587 static void 5588 nfsd4_fl_put_owner(fl_owner_t owner) 5589 { 5590 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5591 5592 if (lo) 5593 nfs4_put_stateowner(&lo->lo_owner); 5594 } 5595 5596 static void 5597 nfsd4_lm_notify(struct file_lock *fl) 5598 { 5599 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 5600 struct net *net = lo->lo_owner.so_client->net; 5601 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5602 struct nfsd4_blocked_lock *nbl = container_of(fl, 5603 struct nfsd4_blocked_lock, nbl_lock); 5604 bool queue = false; 5605 5606 /* An empty list means that something else is going to be using it */ 5607 spin_lock(&nn->blocked_locks_lock); 5608 if (!list_empty(&nbl->nbl_list)) { 5609 list_del_init(&nbl->nbl_list); 5610 list_del_init(&nbl->nbl_lru); 5611 queue = true; 5612 } 5613 spin_unlock(&nn->blocked_locks_lock); 5614 5615 if (queue) 5616 nfsd4_run_cb(&nbl->nbl_cb); 5617 } 5618 5619 static const struct lock_manager_operations nfsd_posix_mng_ops = { 5620 .lm_notify = nfsd4_lm_notify, 5621 .lm_get_owner = nfsd4_fl_get_owner, 5622 .lm_put_owner = nfsd4_fl_put_owner, 5623 }; 5624 5625 static inline void 5626 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 5627 { 5628 struct nfs4_lockowner *lo; 5629 5630 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 5631 lo = (struct nfs4_lockowner *) fl->fl_owner; 5632 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data, 5633 lo->lo_owner.so_owner.len, GFP_KERNEL); 5634 if (!deny->ld_owner.data) 5635 /* We just don't care that much */ 5636 goto nevermind; 5637 deny->ld_owner.len = lo->lo_owner.so_owner.len; 5638 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 5639 } else { 5640 nevermind: 5641 deny->ld_owner.len = 0; 5642 deny->ld_owner.data = NULL; 5643 deny->ld_clientid.cl_boot = 0; 5644 deny->ld_clientid.cl_id = 0; 5645 } 5646 deny->ld_start = fl->fl_start; 5647 deny->ld_length = NFS4_MAX_UINT64; 5648 if (fl->fl_end != NFS4_MAX_UINT64) 5649 deny->ld_length = fl->fl_end - fl->fl_start + 1; 5650 deny->ld_type = NFS4_READ_LT; 5651 if (fl->fl_type != F_RDLCK) 5652 deny->ld_type = NFS4_WRITE_LT; 5653 } 5654 5655 static struct nfs4_lockowner * 5656 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 5657 { 5658 unsigned int strhashval = ownerstr_hashval(owner); 5659 struct nfs4_stateowner *so; 5660 5661 lockdep_assert_held(&clp->cl_lock); 5662 5663 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 5664 so_strhash) { 5665 if (so->so_is_open_owner) 5666 continue; 5667 if (same_owner_str(so, owner)) 5668 return lockowner(nfs4_get_stateowner(so)); 5669 } 5670 return NULL; 5671 } 5672 5673 static struct nfs4_lockowner * 5674 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 5675 { 5676 struct nfs4_lockowner *lo; 5677 5678 spin_lock(&clp->cl_lock); 5679 lo = find_lockowner_str_locked(clp, owner); 5680 spin_unlock(&clp->cl_lock); 5681 return lo; 5682 } 5683 5684 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 5685 { 5686 unhash_lockowner_locked(lockowner(sop)); 5687 } 5688 5689 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 5690 { 5691 struct nfs4_lockowner *lo = lockowner(sop); 5692 5693 kmem_cache_free(lockowner_slab, lo); 5694 } 5695 5696 static const struct nfs4_stateowner_operations lockowner_ops = { 5697 .so_unhash = nfs4_unhash_lockowner, 5698 .so_free = nfs4_free_lockowner, 5699 }; 5700 5701 /* 5702 * Alloc a lock owner structure. 5703 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 5704 * occurred. 5705 * 5706 * strhashval = ownerstr_hashval 5707 */ 5708 static struct nfs4_lockowner * 5709 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 5710 struct nfs4_ol_stateid *open_stp, 5711 struct nfsd4_lock *lock) 5712 { 5713 struct nfs4_lockowner *lo, *ret; 5714 5715 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 5716 if (!lo) 5717 return NULL; 5718 INIT_LIST_HEAD(&lo->lo_blocked); 5719 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 5720 lo->lo_owner.so_is_open_owner = 0; 5721 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 5722 lo->lo_owner.so_ops = &lockowner_ops; 5723 spin_lock(&clp->cl_lock); 5724 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 5725 if (ret == NULL) { 5726 list_add(&lo->lo_owner.so_strhash, 5727 &clp->cl_ownerstr_hashtbl[strhashval]); 5728 ret = lo; 5729 } else 5730 nfs4_free_stateowner(&lo->lo_owner); 5731 5732 spin_unlock(&clp->cl_lock); 5733 return ret; 5734 } 5735 5736 static struct nfs4_ol_stateid * 5737 find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) 5738 { 5739 struct nfs4_ol_stateid *lst; 5740 struct nfs4_client *clp = lo->lo_owner.so_client; 5741 5742 lockdep_assert_held(&clp->cl_lock); 5743 5744 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { 5745 if (lst->st_stid.sc_type != NFS4_LOCK_STID) 5746 continue; 5747 if (lst->st_stid.sc_file == fp) { 5748 refcount_inc(&lst->st_stid.sc_count); 5749 return lst; 5750 } 5751 } 5752 return NULL; 5753 } 5754 5755 static struct nfs4_ol_stateid * 5756 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 5757 struct nfs4_file *fp, struct inode *inode, 5758 struct nfs4_ol_stateid *open_stp) 5759 { 5760 struct nfs4_client *clp = lo->lo_owner.so_client; 5761 struct nfs4_ol_stateid *retstp; 5762 5763 mutex_init(&stp->st_mutex); 5764 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 5765 retry: 5766 spin_lock(&clp->cl_lock); 5767 spin_lock(&fp->fi_lock); 5768 retstp = find_lock_stateid(lo, fp); 5769 if (retstp) 5770 goto out_unlock; 5771 5772 refcount_inc(&stp->st_stid.sc_count); 5773 stp->st_stid.sc_type = NFS4_LOCK_STID; 5774 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 5775 get_nfs4_file(fp); 5776 stp->st_stid.sc_file = fp; 5777 stp->st_access_bmap = 0; 5778 stp->st_deny_bmap = open_stp->st_deny_bmap; 5779 stp->st_openstp = open_stp; 5780 list_add(&stp->st_locks, &open_stp->st_locks); 5781 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 5782 list_add(&stp->st_perfile, &fp->fi_stateids); 5783 out_unlock: 5784 spin_unlock(&fp->fi_lock); 5785 spin_unlock(&clp->cl_lock); 5786 if (retstp) { 5787 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 5788 nfs4_put_stid(&retstp->st_stid); 5789 goto retry; 5790 } 5791 /* To keep mutex tracking happy */ 5792 mutex_unlock(&stp->st_mutex); 5793 stp = retstp; 5794 } 5795 return stp; 5796 } 5797 5798 static struct nfs4_ol_stateid * 5799 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 5800 struct inode *inode, struct nfs4_ol_stateid *ost, 5801 bool *new) 5802 { 5803 struct nfs4_stid *ns = NULL; 5804 struct nfs4_ol_stateid *lst; 5805 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5806 struct nfs4_client *clp = oo->oo_owner.so_client; 5807 5808 *new = false; 5809 spin_lock(&clp->cl_lock); 5810 lst = find_lock_stateid(lo, fi); 5811 spin_unlock(&clp->cl_lock); 5812 if (lst != NULL) { 5813 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 5814 goto out; 5815 nfs4_put_stid(&lst->st_stid); 5816 } 5817 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 5818 if (ns == NULL) 5819 return NULL; 5820 5821 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 5822 if (lst == openlockstateid(ns)) 5823 *new = true; 5824 else 5825 nfs4_put_stid(ns); 5826 out: 5827 return lst; 5828 } 5829 5830 static int 5831 check_lock_length(u64 offset, u64 length) 5832 { 5833 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 5834 (length > ~offset))); 5835 } 5836 5837 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 5838 { 5839 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 5840 5841 lockdep_assert_held(&fp->fi_lock); 5842 5843 if (test_access(access, lock_stp)) 5844 return; 5845 __nfs4_file_get_access(fp, access); 5846 set_access(access, lock_stp); 5847 } 5848 5849 static __be32 5850 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 5851 struct nfs4_ol_stateid *ost, 5852 struct nfsd4_lock *lock, 5853 struct nfs4_ol_stateid **plst, bool *new) 5854 { 5855 __be32 status; 5856 struct nfs4_file *fi = ost->st_stid.sc_file; 5857 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5858 struct nfs4_client *cl = oo->oo_owner.so_client; 5859 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 5860 struct nfs4_lockowner *lo; 5861 struct nfs4_ol_stateid *lst; 5862 unsigned int strhashval; 5863 5864 lo = find_lockowner_str(cl, &lock->lk_new_owner); 5865 if (!lo) { 5866 strhashval = ownerstr_hashval(&lock->lk_new_owner); 5867 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 5868 if (lo == NULL) 5869 return nfserr_jukebox; 5870 } else { 5871 /* with an existing lockowner, seqids must be the same */ 5872 status = nfserr_bad_seqid; 5873 if (!cstate->minorversion && 5874 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 5875 goto out; 5876 } 5877 5878 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 5879 if (lst == NULL) { 5880 status = nfserr_jukebox; 5881 goto out; 5882 } 5883 5884 status = nfs_ok; 5885 *plst = lst; 5886 out: 5887 nfs4_put_stateowner(&lo->lo_owner); 5888 return status; 5889 } 5890 5891 /* 5892 * LOCK operation 5893 */ 5894 __be32 5895 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5896 union nfsd4_op_u *u) 5897 { 5898 struct nfsd4_lock *lock = &u->lock; 5899 struct nfs4_openowner *open_sop = NULL; 5900 struct nfs4_lockowner *lock_sop = NULL; 5901 struct nfs4_ol_stateid *lock_stp = NULL; 5902 struct nfs4_ol_stateid *open_stp = NULL; 5903 struct nfs4_file *fp; 5904 struct file *filp = NULL; 5905 struct nfsd4_blocked_lock *nbl = NULL; 5906 struct file_lock *file_lock = NULL; 5907 struct file_lock *conflock = NULL; 5908 __be32 status = 0; 5909 int lkflg; 5910 int err; 5911 bool new = false; 5912 unsigned char fl_type; 5913 unsigned int fl_flags = FL_POSIX; 5914 struct net *net = SVC_NET(rqstp); 5915 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5916 5917 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 5918 (long long) lock->lk_offset, 5919 (long long) lock->lk_length); 5920 5921 if (check_lock_length(lock->lk_offset, lock->lk_length)) 5922 return nfserr_inval; 5923 5924 if ((status = fh_verify(rqstp, &cstate->current_fh, 5925 S_IFREG, NFSD_MAY_LOCK))) { 5926 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 5927 return status; 5928 } 5929 5930 if (lock->lk_is_new) { 5931 if (nfsd4_has_session(cstate)) 5932 /* See rfc 5661 18.10.3: given clientid is ignored: */ 5933 memcpy(&lock->lk_new_clientid, 5934 &cstate->session->se_client->cl_clientid, 5935 sizeof(clientid_t)); 5936 5937 status = nfserr_stale_clientid; 5938 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 5939 goto out; 5940 5941 /* validate and update open stateid and open seqid */ 5942 status = nfs4_preprocess_confirmed_seqid_op(cstate, 5943 lock->lk_new_open_seqid, 5944 &lock->lk_new_open_stateid, 5945 &open_stp, nn); 5946 if (status) 5947 goto out; 5948 mutex_unlock(&open_stp->st_mutex); 5949 open_sop = openowner(open_stp->st_stateowner); 5950 status = nfserr_bad_stateid; 5951 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 5952 &lock->lk_new_clientid)) 5953 goto out; 5954 status = lookup_or_create_lock_state(cstate, open_stp, lock, 5955 &lock_stp, &new); 5956 } else { 5957 status = nfs4_preprocess_seqid_op(cstate, 5958 lock->lk_old_lock_seqid, 5959 &lock->lk_old_lock_stateid, 5960 NFS4_LOCK_STID, &lock_stp, nn); 5961 } 5962 if (status) 5963 goto out; 5964 lock_sop = lockowner(lock_stp->st_stateowner); 5965 5966 lkflg = setlkflg(lock->lk_type); 5967 status = nfs4_check_openmode(lock_stp, lkflg); 5968 if (status) 5969 goto out; 5970 5971 status = nfserr_grace; 5972 if (locks_in_grace(net) && !lock->lk_reclaim) 5973 goto out; 5974 status = nfserr_no_grace; 5975 if (!locks_in_grace(net) && lock->lk_reclaim) 5976 goto out; 5977 5978 fp = lock_stp->st_stid.sc_file; 5979 switch (lock->lk_type) { 5980 case NFS4_READW_LT: 5981 if (nfsd4_has_session(cstate)) 5982 fl_flags |= FL_SLEEP; 5983 /* Fallthrough */ 5984 case NFS4_READ_LT: 5985 spin_lock(&fp->fi_lock); 5986 filp = find_readable_file_locked(fp); 5987 if (filp) 5988 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 5989 spin_unlock(&fp->fi_lock); 5990 fl_type = F_RDLCK; 5991 break; 5992 case NFS4_WRITEW_LT: 5993 if (nfsd4_has_session(cstate)) 5994 fl_flags |= FL_SLEEP; 5995 /* Fallthrough */ 5996 case NFS4_WRITE_LT: 5997 spin_lock(&fp->fi_lock); 5998 filp = find_writeable_file_locked(fp); 5999 if (filp) 6000 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 6001 spin_unlock(&fp->fi_lock); 6002 fl_type = F_WRLCK; 6003 break; 6004 default: 6005 status = nfserr_inval; 6006 goto out; 6007 } 6008 6009 if (!filp) { 6010 status = nfserr_openmode; 6011 goto out; 6012 } 6013 6014 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 6015 if (!nbl) { 6016 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 6017 status = nfserr_jukebox; 6018 goto out; 6019 } 6020 6021 file_lock = &nbl->nbl_lock; 6022 file_lock->fl_type = fl_type; 6023 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 6024 file_lock->fl_pid = current->tgid; 6025 file_lock->fl_file = filp; 6026 file_lock->fl_flags = fl_flags; 6027 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6028 file_lock->fl_start = lock->lk_offset; 6029 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 6030 nfs4_transform_lock_offset(file_lock); 6031 6032 conflock = locks_alloc_lock(); 6033 if (!conflock) { 6034 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6035 status = nfserr_jukebox; 6036 goto out; 6037 } 6038 6039 if (fl_flags & FL_SLEEP) { 6040 nbl->nbl_time = jiffies; 6041 spin_lock(&nn->blocked_locks_lock); 6042 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 6043 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 6044 spin_unlock(&nn->blocked_locks_lock); 6045 } 6046 6047 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock); 6048 switch (err) { 6049 case 0: /* success! */ 6050 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 6051 status = 0; 6052 break; 6053 case FILE_LOCK_DEFERRED: 6054 nbl = NULL; 6055 /* Fallthrough */ 6056 case -EAGAIN: /* conflock holds conflicting lock */ 6057 status = nfserr_denied; 6058 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 6059 nfs4_set_lock_denied(conflock, &lock->lk_denied); 6060 break; 6061 case -EDEADLK: 6062 status = nfserr_deadlock; 6063 break; 6064 default: 6065 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 6066 status = nfserrno(err); 6067 break; 6068 } 6069 out: 6070 if (nbl) { 6071 /* dequeue it if we queued it before */ 6072 if (fl_flags & FL_SLEEP) { 6073 spin_lock(&nn->blocked_locks_lock); 6074 list_del_init(&nbl->nbl_list); 6075 list_del_init(&nbl->nbl_lru); 6076 spin_unlock(&nn->blocked_locks_lock); 6077 } 6078 free_blocked_lock(nbl); 6079 } 6080 if (filp) 6081 fput(filp); 6082 if (lock_stp) { 6083 /* Bump seqid manually if the 4.0 replay owner is openowner */ 6084 if (cstate->replay_owner && 6085 cstate->replay_owner != &lock_sop->lo_owner && 6086 seqid_mutating_err(ntohl(status))) 6087 lock_sop->lo_owner.so_seqid++; 6088 6089 /* 6090 * If this is a new, never-before-used stateid, and we are 6091 * returning an error, then just go ahead and release it. 6092 */ 6093 if (status && new) 6094 release_lock_stateid(lock_stp); 6095 6096 mutex_unlock(&lock_stp->st_mutex); 6097 6098 nfs4_put_stid(&lock_stp->st_stid); 6099 } 6100 if (open_stp) 6101 nfs4_put_stid(&open_stp->st_stid); 6102 nfsd4_bump_seqid(cstate, status); 6103 if (conflock) 6104 locks_free_lock(conflock); 6105 return status; 6106 } 6107 6108 /* 6109 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6110 * so we do a temporary open here just to get an open file to pass to 6111 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6112 * inode operation.) 6113 */ 6114 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6115 { 6116 struct file *file; 6117 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 6118 if (!err) { 6119 err = nfserrno(vfs_test_lock(file, lock)); 6120 fput(file); 6121 } 6122 return err; 6123 } 6124 6125 /* 6126 * LOCKT operation 6127 */ 6128 __be32 6129 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6130 union nfsd4_op_u *u) 6131 { 6132 struct nfsd4_lockt *lockt = &u->lockt; 6133 struct file_lock *file_lock = NULL; 6134 struct nfs4_lockowner *lo = NULL; 6135 __be32 status; 6136 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6137 6138 if (locks_in_grace(SVC_NET(rqstp))) 6139 return nfserr_grace; 6140 6141 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6142 return nfserr_inval; 6143 6144 if (!nfsd4_has_session(cstate)) { 6145 status = lookup_clientid(&lockt->lt_clientid, cstate, nn); 6146 if (status) 6147 goto out; 6148 } 6149 6150 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6151 goto out; 6152 6153 file_lock = locks_alloc_lock(); 6154 if (!file_lock) { 6155 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6156 status = nfserr_jukebox; 6157 goto out; 6158 } 6159 6160 switch (lockt->lt_type) { 6161 case NFS4_READ_LT: 6162 case NFS4_READW_LT: 6163 file_lock->fl_type = F_RDLCK; 6164 break; 6165 case NFS4_WRITE_LT: 6166 case NFS4_WRITEW_LT: 6167 file_lock->fl_type = F_WRLCK; 6168 break; 6169 default: 6170 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6171 status = nfserr_inval; 6172 goto out; 6173 } 6174 6175 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6176 if (lo) 6177 file_lock->fl_owner = (fl_owner_t)lo; 6178 file_lock->fl_pid = current->tgid; 6179 file_lock->fl_flags = FL_POSIX; 6180 6181 file_lock->fl_start = lockt->lt_offset; 6182 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6183 6184 nfs4_transform_lock_offset(file_lock); 6185 6186 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6187 if (status) 6188 goto out; 6189 6190 if (file_lock->fl_type != F_UNLCK) { 6191 status = nfserr_denied; 6192 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6193 } 6194 out: 6195 if (lo) 6196 nfs4_put_stateowner(&lo->lo_owner); 6197 if (file_lock) 6198 locks_free_lock(file_lock); 6199 return status; 6200 } 6201 6202 __be32 6203 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6204 union nfsd4_op_u *u) 6205 { 6206 struct nfsd4_locku *locku = &u->locku; 6207 struct nfs4_ol_stateid *stp; 6208 struct file *filp = NULL; 6209 struct file_lock *file_lock = NULL; 6210 __be32 status; 6211 int err; 6212 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6213 6214 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6215 (long long) locku->lu_offset, 6216 (long long) locku->lu_length); 6217 6218 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6219 return nfserr_inval; 6220 6221 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6222 &locku->lu_stateid, NFS4_LOCK_STID, 6223 &stp, nn); 6224 if (status) 6225 goto out; 6226 filp = find_any_file(stp->st_stid.sc_file); 6227 if (!filp) { 6228 status = nfserr_lock_range; 6229 goto put_stateid; 6230 } 6231 file_lock = locks_alloc_lock(); 6232 if (!file_lock) { 6233 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6234 status = nfserr_jukebox; 6235 goto fput; 6236 } 6237 6238 file_lock->fl_type = F_UNLCK; 6239 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6240 file_lock->fl_pid = current->tgid; 6241 file_lock->fl_file = filp; 6242 file_lock->fl_flags = FL_POSIX; 6243 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6244 file_lock->fl_start = locku->lu_offset; 6245 6246 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6247 locku->lu_length); 6248 nfs4_transform_lock_offset(file_lock); 6249 6250 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL); 6251 if (err) { 6252 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6253 goto out_nfserr; 6254 } 6255 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6256 fput: 6257 fput(filp); 6258 put_stateid: 6259 mutex_unlock(&stp->st_mutex); 6260 nfs4_put_stid(&stp->st_stid); 6261 out: 6262 nfsd4_bump_seqid(cstate, status); 6263 if (file_lock) 6264 locks_free_lock(file_lock); 6265 return status; 6266 6267 out_nfserr: 6268 status = nfserrno(err); 6269 goto fput; 6270 } 6271 6272 /* 6273 * returns 6274 * true: locks held by lockowner 6275 * false: no locks held by lockowner 6276 */ 6277 static bool 6278 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 6279 { 6280 struct file_lock *fl; 6281 int status = false; 6282 struct file *filp = find_any_file(fp); 6283 struct inode *inode; 6284 struct file_lock_context *flctx; 6285 6286 if (!filp) { 6287 /* Any valid lock stateid should have some sort of access */ 6288 WARN_ON_ONCE(1); 6289 return status; 6290 } 6291 6292 inode = file_inode(filp); 6293 flctx = inode->i_flctx; 6294 6295 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 6296 spin_lock(&flctx->flc_lock); 6297 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 6298 if (fl->fl_owner == (fl_owner_t)lowner) { 6299 status = true; 6300 break; 6301 } 6302 } 6303 spin_unlock(&flctx->flc_lock); 6304 } 6305 fput(filp); 6306 return status; 6307 } 6308 6309 __be32 6310 nfsd4_release_lockowner(struct svc_rqst *rqstp, 6311 struct nfsd4_compound_state *cstate, 6312 union nfsd4_op_u *u) 6313 { 6314 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 6315 clientid_t *clid = &rlockowner->rl_clientid; 6316 struct nfs4_stateowner *sop; 6317 struct nfs4_lockowner *lo = NULL; 6318 struct nfs4_ol_stateid *stp; 6319 struct xdr_netobj *owner = &rlockowner->rl_owner; 6320 unsigned int hashval = ownerstr_hashval(owner); 6321 __be32 status; 6322 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6323 struct nfs4_client *clp; 6324 LIST_HEAD (reaplist); 6325 6326 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 6327 clid->cl_boot, clid->cl_id); 6328 6329 status = lookup_clientid(clid, cstate, nn); 6330 if (status) 6331 return status; 6332 6333 clp = cstate->clp; 6334 /* Find the matching lock stateowner */ 6335 spin_lock(&clp->cl_lock); 6336 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 6337 so_strhash) { 6338 6339 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 6340 continue; 6341 6342 /* see if there are still any locks associated with it */ 6343 lo = lockowner(sop); 6344 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 6345 if (check_for_locks(stp->st_stid.sc_file, lo)) { 6346 status = nfserr_locks_held; 6347 spin_unlock(&clp->cl_lock); 6348 return status; 6349 } 6350 } 6351 6352 nfs4_get_stateowner(sop); 6353 break; 6354 } 6355 if (!lo) { 6356 spin_unlock(&clp->cl_lock); 6357 return status; 6358 } 6359 6360 unhash_lockowner_locked(lo); 6361 while (!list_empty(&lo->lo_owner.so_stateids)) { 6362 stp = list_first_entry(&lo->lo_owner.so_stateids, 6363 struct nfs4_ol_stateid, 6364 st_perstateowner); 6365 WARN_ON(!unhash_lock_stateid(stp)); 6366 put_ol_stateid_locked(stp, &reaplist); 6367 } 6368 spin_unlock(&clp->cl_lock); 6369 free_ol_stateid_reaplist(&reaplist); 6370 remove_blocked_locks(lo); 6371 nfs4_put_stateowner(&lo->lo_owner); 6372 6373 return status; 6374 } 6375 6376 static inline struct nfs4_client_reclaim * 6377 alloc_reclaim(void) 6378 { 6379 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 6380 } 6381 6382 bool 6383 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn) 6384 { 6385 struct nfs4_client_reclaim *crp; 6386 6387 crp = nfsd4_find_reclaim_client(name, nn); 6388 return (crp && crp->cr_clp); 6389 } 6390 6391 /* 6392 * failure => all reset bets are off, nfserr_no_grace... 6393 */ 6394 struct nfs4_client_reclaim * 6395 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn) 6396 { 6397 unsigned int strhashval; 6398 struct nfs4_client_reclaim *crp; 6399 6400 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name); 6401 crp = alloc_reclaim(); 6402 if (crp) { 6403 strhashval = clientstr_hashval(name); 6404 INIT_LIST_HEAD(&crp->cr_strhash); 6405 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 6406 memcpy(crp->cr_recdir, name, HEXDIR_LEN); 6407 crp->cr_clp = NULL; 6408 nn->reclaim_str_hashtbl_size++; 6409 } 6410 return crp; 6411 } 6412 6413 void 6414 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 6415 { 6416 list_del(&crp->cr_strhash); 6417 kfree(crp); 6418 nn->reclaim_str_hashtbl_size--; 6419 } 6420 6421 void 6422 nfs4_release_reclaim(struct nfsd_net *nn) 6423 { 6424 struct nfs4_client_reclaim *crp = NULL; 6425 int i; 6426 6427 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 6428 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 6429 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 6430 struct nfs4_client_reclaim, cr_strhash); 6431 nfs4_remove_reclaim_record(crp, nn); 6432 } 6433 } 6434 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 6435 } 6436 6437 /* 6438 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 6439 struct nfs4_client_reclaim * 6440 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn) 6441 { 6442 unsigned int strhashval; 6443 struct nfs4_client_reclaim *crp = NULL; 6444 6445 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir); 6446 6447 strhashval = clientstr_hashval(recdir); 6448 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 6449 if (same_name(crp->cr_recdir, recdir)) { 6450 return crp; 6451 } 6452 } 6453 return NULL; 6454 } 6455 6456 /* 6457 * Called from OPEN. Look for clientid in reclaim list. 6458 */ 6459 __be32 6460 nfs4_check_open_reclaim(clientid_t *clid, 6461 struct nfsd4_compound_state *cstate, 6462 struct nfsd_net *nn) 6463 { 6464 __be32 status; 6465 6466 /* find clientid in conf_id_hashtbl */ 6467 status = lookup_clientid(clid, cstate, nn); 6468 if (status) 6469 return nfserr_reclaim_bad; 6470 6471 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 6472 return nfserr_no_grace; 6473 6474 if (nfsd4_client_record_check(cstate->clp)) 6475 return nfserr_reclaim_bad; 6476 6477 return nfs_ok; 6478 } 6479 6480 #ifdef CONFIG_NFSD_FAULT_INJECTION 6481 static inline void 6482 put_client(struct nfs4_client *clp) 6483 { 6484 atomic_dec(&clp->cl_refcount); 6485 } 6486 6487 static struct nfs4_client * 6488 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 6489 { 6490 struct nfs4_client *clp; 6491 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6492 nfsd_net_id); 6493 6494 if (!nfsd_netns_ready(nn)) 6495 return NULL; 6496 6497 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6498 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 6499 return clp; 6500 } 6501 return NULL; 6502 } 6503 6504 u64 6505 nfsd_inject_print_clients(void) 6506 { 6507 struct nfs4_client *clp; 6508 u64 count = 0; 6509 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6510 nfsd_net_id); 6511 char buf[INET6_ADDRSTRLEN]; 6512 6513 if (!nfsd_netns_ready(nn)) 6514 return 0; 6515 6516 spin_lock(&nn->client_lock); 6517 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6518 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6519 pr_info("NFS Client: %s\n", buf); 6520 ++count; 6521 } 6522 spin_unlock(&nn->client_lock); 6523 6524 return count; 6525 } 6526 6527 u64 6528 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 6529 { 6530 u64 count = 0; 6531 struct nfs4_client *clp; 6532 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6533 nfsd_net_id); 6534 6535 if (!nfsd_netns_ready(nn)) 6536 return count; 6537 6538 spin_lock(&nn->client_lock); 6539 clp = nfsd_find_client(addr, addr_size); 6540 if (clp) { 6541 if (mark_client_expired_locked(clp) == nfs_ok) 6542 ++count; 6543 else 6544 clp = NULL; 6545 } 6546 spin_unlock(&nn->client_lock); 6547 6548 if (clp) 6549 expire_client(clp); 6550 6551 return count; 6552 } 6553 6554 u64 6555 nfsd_inject_forget_clients(u64 max) 6556 { 6557 u64 count = 0; 6558 struct nfs4_client *clp, *next; 6559 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6560 nfsd_net_id); 6561 LIST_HEAD(reaplist); 6562 6563 if (!nfsd_netns_ready(nn)) 6564 return count; 6565 6566 spin_lock(&nn->client_lock); 6567 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 6568 if (mark_client_expired_locked(clp) == nfs_ok) { 6569 list_add(&clp->cl_lru, &reaplist); 6570 if (max != 0 && ++count >= max) 6571 break; 6572 } 6573 } 6574 spin_unlock(&nn->client_lock); 6575 6576 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 6577 expire_client(clp); 6578 6579 return count; 6580 } 6581 6582 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 6583 const char *type) 6584 { 6585 char buf[INET6_ADDRSTRLEN]; 6586 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6587 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 6588 } 6589 6590 static void 6591 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 6592 struct list_head *collect) 6593 { 6594 struct nfs4_client *clp = lst->st_stid.sc_client; 6595 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6596 nfsd_net_id); 6597 6598 if (!collect) 6599 return; 6600 6601 lockdep_assert_held(&nn->client_lock); 6602 atomic_inc(&clp->cl_refcount); 6603 list_add(&lst->st_locks, collect); 6604 } 6605 6606 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 6607 struct list_head *collect, 6608 bool (*func)(struct nfs4_ol_stateid *)) 6609 { 6610 struct nfs4_openowner *oop; 6611 struct nfs4_ol_stateid *stp, *st_next; 6612 struct nfs4_ol_stateid *lst, *lst_next; 6613 u64 count = 0; 6614 6615 spin_lock(&clp->cl_lock); 6616 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 6617 list_for_each_entry_safe(stp, st_next, 6618 &oop->oo_owner.so_stateids, st_perstateowner) { 6619 list_for_each_entry_safe(lst, lst_next, 6620 &stp->st_locks, st_locks) { 6621 if (func) { 6622 if (func(lst)) 6623 nfsd_inject_add_lock_to_list(lst, 6624 collect); 6625 } 6626 ++count; 6627 /* 6628 * Despite the fact that these functions deal 6629 * with 64-bit integers for "count", we must 6630 * ensure that it doesn't blow up the 6631 * clp->cl_refcount. Throw a warning if we 6632 * start to approach INT_MAX here. 6633 */ 6634 WARN_ON_ONCE(count == (INT_MAX / 2)); 6635 if (count == max) 6636 goto out; 6637 } 6638 } 6639 } 6640 out: 6641 spin_unlock(&clp->cl_lock); 6642 6643 return count; 6644 } 6645 6646 static u64 6647 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 6648 u64 max) 6649 { 6650 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 6651 } 6652 6653 static u64 6654 nfsd_print_client_locks(struct nfs4_client *clp) 6655 { 6656 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 6657 nfsd_print_count(clp, count, "locked files"); 6658 return count; 6659 } 6660 6661 u64 6662 nfsd_inject_print_locks(void) 6663 { 6664 struct nfs4_client *clp; 6665 u64 count = 0; 6666 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6667 nfsd_net_id); 6668 6669 if (!nfsd_netns_ready(nn)) 6670 return 0; 6671 6672 spin_lock(&nn->client_lock); 6673 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6674 count += nfsd_print_client_locks(clp); 6675 spin_unlock(&nn->client_lock); 6676 6677 return count; 6678 } 6679 6680 static void 6681 nfsd_reap_locks(struct list_head *reaplist) 6682 { 6683 struct nfs4_client *clp; 6684 struct nfs4_ol_stateid *stp, *next; 6685 6686 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 6687 list_del_init(&stp->st_locks); 6688 clp = stp->st_stid.sc_client; 6689 nfs4_put_stid(&stp->st_stid); 6690 put_client(clp); 6691 } 6692 } 6693 6694 u64 6695 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 6696 { 6697 unsigned int count = 0; 6698 struct nfs4_client *clp; 6699 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6700 nfsd_net_id); 6701 LIST_HEAD(reaplist); 6702 6703 if (!nfsd_netns_ready(nn)) 6704 return count; 6705 6706 spin_lock(&nn->client_lock); 6707 clp = nfsd_find_client(addr, addr_size); 6708 if (clp) 6709 count = nfsd_collect_client_locks(clp, &reaplist, 0); 6710 spin_unlock(&nn->client_lock); 6711 nfsd_reap_locks(&reaplist); 6712 return count; 6713 } 6714 6715 u64 6716 nfsd_inject_forget_locks(u64 max) 6717 { 6718 u64 count = 0; 6719 struct nfs4_client *clp; 6720 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6721 nfsd_net_id); 6722 LIST_HEAD(reaplist); 6723 6724 if (!nfsd_netns_ready(nn)) 6725 return count; 6726 6727 spin_lock(&nn->client_lock); 6728 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6729 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 6730 if (max != 0 && count >= max) 6731 break; 6732 } 6733 spin_unlock(&nn->client_lock); 6734 nfsd_reap_locks(&reaplist); 6735 return count; 6736 } 6737 6738 static u64 6739 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 6740 struct list_head *collect, 6741 void (*func)(struct nfs4_openowner *)) 6742 { 6743 struct nfs4_openowner *oop, *next; 6744 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6745 nfsd_net_id); 6746 u64 count = 0; 6747 6748 lockdep_assert_held(&nn->client_lock); 6749 6750 spin_lock(&clp->cl_lock); 6751 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 6752 if (func) { 6753 func(oop); 6754 if (collect) { 6755 atomic_inc(&clp->cl_refcount); 6756 list_add(&oop->oo_perclient, collect); 6757 } 6758 } 6759 ++count; 6760 /* 6761 * Despite the fact that these functions deal with 6762 * 64-bit integers for "count", we must ensure that 6763 * it doesn't blow up the clp->cl_refcount. Throw a 6764 * warning if we start to approach INT_MAX here. 6765 */ 6766 WARN_ON_ONCE(count == (INT_MAX / 2)); 6767 if (count == max) 6768 break; 6769 } 6770 spin_unlock(&clp->cl_lock); 6771 6772 return count; 6773 } 6774 6775 static u64 6776 nfsd_print_client_openowners(struct nfs4_client *clp) 6777 { 6778 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 6779 6780 nfsd_print_count(clp, count, "openowners"); 6781 return count; 6782 } 6783 6784 static u64 6785 nfsd_collect_client_openowners(struct nfs4_client *clp, 6786 struct list_head *collect, u64 max) 6787 { 6788 return nfsd_foreach_client_openowner(clp, max, collect, 6789 unhash_openowner_locked); 6790 } 6791 6792 u64 6793 nfsd_inject_print_openowners(void) 6794 { 6795 struct nfs4_client *clp; 6796 u64 count = 0; 6797 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6798 nfsd_net_id); 6799 6800 if (!nfsd_netns_ready(nn)) 6801 return 0; 6802 6803 spin_lock(&nn->client_lock); 6804 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6805 count += nfsd_print_client_openowners(clp); 6806 spin_unlock(&nn->client_lock); 6807 6808 return count; 6809 } 6810 6811 static void 6812 nfsd_reap_openowners(struct list_head *reaplist) 6813 { 6814 struct nfs4_client *clp; 6815 struct nfs4_openowner *oop, *next; 6816 6817 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 6818 list_del_init(&oop->oo_perclient); 6819 clp = oop->oo_owner.so_client; 6820 release_openowner(oop); 6821 put_client(clp); 6822 } 6823 } 6824 6825 u64 6826 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 6827 size_t addr_size) 6828 { 6829 unsigned int count = 0; 6830 struct nfs4_client *clp; 6831 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6832 nfsd_net_id); 6833 LIST_HEAD(reaplist); 6834 6835 if (!nfsd_netns_ready(nn)) 6836 return count; 6837 6838 spin_lock(&nn->client_lock); 6839 clp = nfsd_find_client(addr, addr_size); 6840 if (clp) 6841 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 6842 spin_unlock(&nn->client_lock); 6843 nfsd_reap_openowners(&reaplist); 6844 return count; 6845 } 6846 6847 u64 6848 nfsd_inject_forget_openowners(u64 max) 6849 { 6850 u64 count = 0; 6851 struct nfs4_client *clp; 6852 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6853 nfsd_net_id); 6854 LIST_HEAD(reaplist); 6855 6856 if (!nfsd_netns_ready(nn)) 6857 return count; 6858 6859 spin_lock(&nn->client_lock); 6860 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6861 count += nfsd_collect_client_openowners(clp, &reaplist, 6862 max - count); 6863 if (max != 0 && count >= max) 6864 break; 6865 } 6866 spin_unlock(&nn->client_lock); 6867 nfsd_reap_openowners(&reaplist); 6868 return count; 6869 } 6870 6871 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 6872 struct list_head *victims) 6873 { 6874 struct nfs4_delegation *dp, *next; 6875 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6876 nfsd_net_id); 6877 u64 count = 0; 6878 6879 lockdep_assert_held(&nn->client_lock); 6880 6881 spin_lock(&state_lock); 6882 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 6883 if (victims) { 6884 /* 6885 * It's not safe to mess with delegations that have a 6886 * non-zero dl_time. They might have already been broken 6887 * and could be processed by the laundromat outside of 6888 * the state_lock. Just leave them be. 6889 */ 6890 if (dp->dl_time != 0) 6891 continue; 6892 6893 atomic_inc(&clp->cl_refcount); 6894 WARN_ON(!unhash_delegation_locked(dp)); 6895 list_add(&dp->dl_recall_lru, victims); 6896 } 6897 ++count; 6898 /* 6899 * Despite the fact that these functions deal with 6900 * 64-bit integers for "count", we must ensure that 6901 * it doesn't blow up the clp->cl_refcount. Throw a 6902 * warning if we start to approach INT_MAX here. 6903 */ 6904 WARN_ON_ONCE(count == (INT_MAX / 2)); 6905 if (count == max) 6906 break; 6907 } 6908 spin_unlock(&state_lock); 6909 return count; 6910 } 6911 6912 static u64 6913 nfsd_print_client_delegations(struct nfs4_client *clp) 6914 { 6915 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 6916 6917 nfsd_print_count(clp, count, "delegations"); 6918 return count; 6919 } 6920 6921 u64 6922 nfsd_inject_print_delegations(void) 6923 { 6924 struct nfs4_client *clp; 6925 u64 count = 0; 6926 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6927 nfsd_net_id); 6928 6929 if (!nfsd_netns_ready(nn)) 6930 return 0; 6931 6932 spin_lock(&nn->client_lock); 6933 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6934 count += nfsd_print_client_delegations(clp); 6935 spin_unlock(&nn->client_lock); 6936 6937 return count; 6938 } 6939 6940 static void 6941 nfsd_forget_delegations(struct list_head *reaplist) 6942 { 6943 struct nfs4_client *clp; 6944 struct nfs4_delegation *dp, *next; 6945 6946 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 6947 list_del_init(&dp->dl_recall_lru); 6948 clp = dp->dl_stid.sc_client; 6949 revoke_delegation(dp); 6950 put_client(clp); 6951 } 6952 } 6953 6954 u64 6955 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 6956 size_t addr_size) 6957 { 6958 u64 count = 0; 6959 struct nfs4_client *clp; 6960 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6961 nfsd_net_id); 6962 LIST_HEAD(reaplist); 6963 6964 if (!nfsd_netns_ready(nn)) 6965 return count; 6966 6967 spin_lock(&nn->client_lock); 6968 clp = nfsd_find_client(addr, addr_size); 6969 if (clp) 6970 count = nfsd_find_all_delegations(clp, 0, &reaplist); 6971 spin_unlock(&nn->client_lock); 6972 6973 nfsd_forget_delegations(&reaplist); 6974 return count; 6975 } 6976 6977 u64 6978 nfsd_inject_forget_delegations(u64 max) 6979 { 6980 u64 count = 0; 6981 struct nfs4_client *clp; 6982 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6983 nfsd_net_id); 6984 LIST_HEAD(reaplist); 6985 6986 if (!nfsd_netns_ready(nn)) 6987 return count; 6988 6989 spin_lock(&nn->client_lock); 6990 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6991 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 6992 if (max != 0 && count >= max) 6993 break; 6994 } 6995 spin_unlock(&nn->client_lock); 6996 nfsd_forget_delegations(&reaplist); 6997 return count; 6998 } 6999 7000 static void 7001 nfsd_recall_delegations(struct list_head *reaplist) 7002 { 7003 struct nfs4_client *clp; 7004 struct nfs4_delegation *dp, *next; 7005 7006 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7007 list_del_init(&dp->dl_recall_lru); 7008 clp = dp->dl_stid.sc_client; 7009 /* 7010 * We skipped all entries that had a zero dl_time before, 7011 * so we can now reset the dl_time back to 0. If a delegation 7012 * break comes in now, then it won't make any difference since 7013 * we're recalling it either way. 7014 */ 7015 spin_lock(&state_lock); 7016 dp->dl_time = 0; 7017 spin_unlock(&state_lock); 7018 nfsd_break_one_deleg(dp); 7019 put_client(clp); 7020 } 7021 } 7022 7023 u64 7024 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 7025 size_t addr_size) 7026 { 7027 u64 count = 0; 7028 struct nfs4_client *clp; 7029 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7030 nfsd_net_id); 7031 LIST_HEAD(reaplist); 7032 7033 if (!nfsd_netns_ready(nn)) 7034 return count; 7035 7036 spin_lock(&nn->client_lock); 7037 clp = nfsd_find_client(addr, addr_size); 7038 if (clp) 7039 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7040 spin_unlock(&nn->client_lock); 7041 7042 nfsd_recall_delegations(&reaplist); 7043 return count; 7044 } 7045 7046 u64 7047 nfsd_inject_recall_delegations(u64 max) 7048 { 7049 u64 count = 0; 7050 struct nfs4_client *clp, *next; 7051 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7052 nfsd_net_id); 7053 LIST_HEAD(reaplist); 7054 7055 if (!nfsd_netns_ready(nn)) 7056 return count; 7057 7058 spin_lock(&nn->client_lock); 7059 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7060 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7061 if (max != 0 && ++count >= max) 7062 break; 7063 } 7064 spin_unlock(&nn->client_lock); 7065 nfsd_recall_delegations(&reaplist); 7066 return count; 7067 } 7068 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 7069 7070 /* 7071 * Since the lifetime of a delegation isn't limited to that of an open, a 7072 * client may quite reasonably hang on to a delegation as long as it has 7073 * the inode cached. This becomes an obvious problem the first time a 7074 * client's inode cache approaches the size of the server's total memory. 7075 * 7076 * For now we avoid this problem by imposing a hard limit on the number 7077 * of delegations, which varies according to the server's memory size. 7078 */ 7079 static void 7080 set_max_delegations(void) 7081 { 7082 /* 7083 * Allow at most 4 delegations per megabyte of RAM. Quick 7084 * estimates suggest that in the worst case (where every delegation 7085 * is for a different inode), a delegation could take about 1.5K, 7086 * giving a worst case usage of about 6% of memory. 7087 */ 7088 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 7089 } 7090 7091 static int nfs4_state_create_net(struct net *net) 7092 { 7093 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7094 int i; 7095 7096 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) * 7097 CLIENT_HASH_SIZE, GFP_KERNEL); 7098 if (!nn->conf_id_hashtbl) 7099 goto err; 7100 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) * 7101 CLIENT_HASH_SIZE, GFP_KERNEL); 7102 if (!nn->unconf_id_hashtbl) 7103 goto err_unconf_id; 7104 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) * 7105 SESSION_HASH_SIZE, GFP_KERNEL); 7106 if (!nn->sessionid_hashtbl) 7107 goto err_sessionid; 7108 7109 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7110 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7111 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7112 } 7113 for (i = 0; i < SESSION_HASH_SIZE; i++) 7114 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7115 nn->conf_name_tree = RB_ROOT; 7116 nn->unconf_name_tree = RB_ROOT; 7117 nn->boot_time = get_seconds(); 7118 nn->grace_ended = false; 7119 nn->nfsd4_manager.block_opens = true; 7120 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 7121 INIT_LIST_HEAD(&nn->client_lru); 7122 INIT_LIST_HEAD(&nn->close_lru); 7123 INIT_LIST_HEAD(&nn->del_recall_lru); 7124 spin_lock_init(&nn->client_lock); 7125 7126 spin_lock_init(&nn->blocked_locks_lock); 7127 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7128 7129 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7130 get_net(net); 7131 7132 return 0; 7133 7134 err_sessionid: 7135 kfree(nn->unconf_id_hashtbl); 7136 err_unconf_id: 7137 kfree(nn->conf_id_hashtbl); 7138 err: 7139 return -ENOMEM; 7140 } 7141 7142 static void 7143 nfs4_state_destroy_net(struct net *net) 7144 { 7145 int i; 7146 struct nfs4_client *clp = NULL; 7147 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7148 7149 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7150 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7151 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7152 destroy_client(clp); 7153 } 7154 } 7155 7156 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 7157 7158 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7159 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7160 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7161 destroy_client(clp); 7162 } 7163 } 7164 7165 kfree(nn->sessionid_hashtbl); 7166 kfree(nn->unconf_id_hashtbl); 7167 kfree(nn->conf_id_hashtbl); 7168 put_net(net); 7169 } 7170 7171 int 7172 nfs4_state_start_net(struct net *net) 7173 { 7174 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7175 int ret; 7176 7177 ret = nfs4_state_create_net(net); 7178 if (ret) 7179 return ret; 7180 locks_start_grace(net, &nn->nfsd4_manager); 7181 nfsd4_client_tracking_init(net); 7182 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %x)\n", 7183 nn->nfsd4_grace, net->ns.inum); 7184 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7185 return 0; 7186 } 7187 7188 /* initialization to perform when the nfsd service is started: */ 7189 7190 int 7191 nfs4_state_start(void) 7192 { 7193 int ret; 7194 7195 ret = set_callback_cred(); 7196 if (ret) 7197 return ret; 7198 7199 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7200 if (laundry_wq == NULL) { 7201 ret = -ENOMEM; 7202 goto out_cleanup_cred; 7203 } 7204 ret = nfsd4_create_callback_queue(); 7205 if (ret) 7206 goto out_free_laundry; 7207 7208 set_max_delegations(); 7209 return 0; 7210 7211 out_free_laundry: 7212 destroy_workqueue(laundry_wq); 7213 out_cleanup_cred: 7214 cleanup_callback_cred(); 7215 return ret; 7216 } 7217 7218 void 7219 nfs4_state_shutdown_net(struct net *net) 7220 { 7221 struct nfs4_delegation *dp = NULL; 7222 struct list_head *pos, *next, reaplist; 7223 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7224 7225 cancel_delayed_work_sync(&nn->laundromat_work); 7226 locks_end_grace(&nn->nfsd4_manager); 7227 7228 INIT_LIST_HEAD(&reaplist); 7229 spin_lock(&state_lock); 7230 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7231 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7232 WARN_ON(!unhash_delegation_locked(dp)); 7233 list_add(&dp->dl_recall_lru, &reaplist); 7234 } 7235 spin_unlock(&state_lock); 7236 list_for_each_safe(pos, next, &reaplist) { 7237 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7238 list_del_init(&dp->dl_recall_lru); 7239 destroy_unhashed_deleg(dp); 7240 } 7241 7242 nfsd4_client_tracking_exit(net); 7243 nfs4_state_destroy_net(net); 7244 } 7245 7246 void 7247 nfs4_state_shutdown(void) 7248 { 7249 destroy_workqueue(laundry_wq); 7250 nfsd4_destroy_callback_queue(); 7251 cleanup_callback_cred(); 7252 } 7253 7254 static void 7255 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7256 { 7257 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid)) 7258 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 7259 } 7260 7261 static void 7262 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7263 { 7264 if (cstate->minorversion) { 7265 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 7266 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7267 } 7268 } 7269 7270 void 7271 clear_current_stateid(struct nfsd4_compound_state *cstate) 7272 { 7273 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7274 } 7275 7276 /* 7277 * functions to set current state id 7278 */ 7279 void 7280 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 7281 union nfsd4_op_u *u) 7282 { 7283 put_stateid(cstate, &u->open_downgrade.od_stateid); 7284 } 7285 7286 void 7287 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 7288 union nfsd4_op_u *u) 7289 { 7290 put_stateid(cstate, &u->open.op_stateid); 7291 } 7292 7293 void 7294 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 7295 union nfsd4_op_u *u) 7296 { 7297 put_stateid(cstate, &u->close.cl_stateid); 7298 } 7299 7300 void 7301 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 7302 union nfsd4_op_u *u) 7303 { 7304 put_stateid(cstate, &u->lock.lk_resp_stateid); 7305 } 7306 7307 /* 7308 * functions to consume current state id 7309 */ 7310 7311 void 7312 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 7313 union nfsd4_op_u *u) 7314 { 7315 get_stateid(cstate, &u->open_downgrade.od_stateid); 7316 } 7317 7318 void 7319 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 7320 union nfsd4_op_u *u) 7321 { 7322 get_stateid(cstate, &u->delegreturn.dr_stateid); 7323 } 7324 7325 void 7326 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 7327 union nfsd4_op_u *u) 7328 { 7329 get_stateid(cstate, &u->free_stateid.fr_stateid); 7330 } 7331 7332 void 7333 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 7334 union nfsd4_op_u *u) 7335 { 7336 get_stateid(cstate, &u->setattr.sa_stateid); 7337 } 7338 7339 void 7340 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 7341 union nfsd4_op_u *u) 7342 { 7343 get_stateid(cstate, &u->close.cl_stateid); 7344 } 7345 7346 void 7347 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 7348 union nfsd4_op_u *u) 7349 { 7350 get_stateid(cstate, &u->locku.lu_stateid); 7351 } 7352 7353 void 7354 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 7355 union nfsd4_op_u *u) 7356 { 7357 get_stateid(cstate, &u->read.rd_stateid); 7358 } 7359 7360 void 7361 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 7362 union nfsd4_op_u *u) 7363 { 7364 get_stateid(cstate, &u->write.wr_stateid); 7365 } 7366