1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/hash.h> 45 #include "xdr4.h" 46 #include "xdr4cb.h" 47 #include "vfs.h" 48 #include "current_stateid.h" 49 50 #include "netns.h" 51 52 #define NFSDDBG_FACILITY NFSDDBG_PROC 53 54 #define all_ones {{~0,~0},~0} 55 static const stateid_t one_stateid = { 56 .si_generation = ~0, 57 .si_opaque = all_ones, 58 }; 59 static const stateid_t zero_stateid = { 60 /* all fields zero */ 61 }; 62 static const stateid_t currentstateid = { 63 .si_generation = 1, 64 }; 65 66 static u64 current_sessionid = 1; 67 68 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 69 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 70 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 71 72 /* forward declarations */ 73 static int check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner); 74 75 /* Locking: */ 76 77 /* Currently used for almost all code touching nfsv4 state: */ 78 static DEFINE_MUTEX(client_mutex); 79 80 /* 81 * Currently used for the del_recall_lru and file hash table. In an 82 * effort to decrease the scope of the client_mutex, this spinlock may 83 * eventually cover more: 84 */ 85 static DEFINE_SPINLOCK(state_lock); 86 87 static struct kmem_cache *openowner_slab; 88 static struct kmem_cache *lockowner_slab; 89 static struct kmem_cache *file_slab; 90 static struct kmem_cache *stateid_slab; 91 static struct kmem_cache *deleg_slab; 92 93 void 94 nfs4_lock_state(void) 95 { 96 mutex_lock(&client_mutex); 97 } 98 99 static void free_session(struct nfsd4_session *); 100 101 static bool is_session_dead(struct nfsd4_session *ses) 102 { 103 return ses->se_flags & NFS4_SESSION_DEAD; 104 } 105 106 void nfsd4_put_session(struct nfsd4_session *ses) 107 { 108 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 109 free_session(ses); 110 } 111 112 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 113 { 114 if (atomic_read(&ses->se_ref) > ref_held_by_me) 115 return nfserr_jukebox; 116 ses->se_flags |= NFS4_SESSION_DEAD; 117 return nfs_ok; 118 } 119 120 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 121 { 122 if (is_session_dead(ses)) 123 return nfserr_badsession; 124 atomic_inc(&ses->se_ref); 125 return nfs_ok; 126 } 127 128 void 129 nfs4_unlock_state(void) 130 { 131 mutex_unlock(&client_mutex); 132 } 133 134 static bool is_client_expired(struct nfs4_client *clp) 135 { 136 return clp->cl_time == 0; 137 } 138 139 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 140 { 141 if (atomic_read(&clp->cl_refcount)) 142 return nfserr_jukebox; 143 clp->cl_time = 0; 144 return nfs_ok; 145 } 146 147 static __be32 mark_client_expired(struct nfs4_client *clp) 148 { 149 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 150 __be32 ret; 151 152 spin_lock(&nn->client_lock); 153 ret = mark_client_expired_locked(clp); 154 spin_unlock(&nn->client_lock); 155 return ret; 156 } 157 158 static __be32 get_client_locked(struct nfs4_client *clp) 159 { 160 if (is_client_expired(clp)) 161 return nfserr_expired; 162 atomic_inc(&clp->cl_refcount); 163 return nfs_ok; 164 } 165 166 /* must be called under the client_lock */ 167 static inline void 168 renew_client_locked(struct nfs4_client *clp) 169 { 170 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 171 172 if (is_client_expired(clp)) { 173 WARN_ON(1); 174 printk("%s: client (clientid %08x/%08x) already expired\n", 175 __func__, 176 clp->cl_clientid.cl_boot, 177 clp->cl_clientid.cl_id); 178 return; 179 } 180 181 dprintk("renewing client (clientid %08x/%08x)\n", 182 clp->cl_clientid.cl_boot, 183 clp->cl_clientid.cl_id); 184 list_move_tail(&clp->cl_lru, &nn->client_lru); 185 clp->cl_time = get_seconds(); 186 } 187 188 static inline void 189 renew_client(struct nfs4_client *clp) 190 { 191 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 192 193 spin_lock(&nn->client_lock); 194 renew_client_locked(clp); 195 spin_unlock(&nn->client_lock); 196 } 197 198 static void put_client_renew_locked(struct nfs4_client *clp) 199 { 200 if (!atomic_dec_and_test(&clp->cl_refcount)) 201 return; 202 if (!is_client_expired(clp)) 203 renew_client_locked(clp); 204 } 205 206 void put_client_renew(struct nfs4_client *clp) 207 { 208 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 209 210 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock)) 211 return; 212 if (!is_client_expired(clp)) 213 renew_client_locked(clp); 214 spin_unlock(&nn->client_lock); 215 } 216 217 218 static inline u32 219 opaque_hashval(const void *ptr, int nbytes) 220 { 221 unsigned char *cptr = (unsigned char *) ptr; 222 223 u32 x = 0; 224 while (nbytes--) { 225 x *= 37; 226 x += *cptr++; 227 } 228 return x; 229 } 230 231 static void nfsd4_free_file(struct nfs4_file *f) 232 { 233 kmem_cache_free(file_slab, f); 234 } 235 236 static inline void 237 put_nfs4_file(struct nfs4_file *fi) 238 { 239 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) { 240 hlist_del(&fi->fi_hash); 241 spin_unlock(&state_lock); 242 iput(fi->fi_inode); 243 nfsd4_free_file(fi); 244 } 245 } 246 247 static inline void 248 get_nfs4_file(struct nfs4_file *fi) 249 { 250 atomic_inc(&fi->fi_ref); 251 } 252 253 static int num_delegations; 254 unsigned long max_delegations; 255 256 /* 257 * Open owner state (share locks) 258 */ 259 260 /* hash tables for lock and open owners */ 261 #define OWNER_HASH_BITS 8 262 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 263 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 264 265 static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername) 266 { 267 unsigned int ret; 268 269 ret = opaque_hashval(ownername->data, ownername->len); 270 ret += clientid; 271 return ret & OWNER_HASH_MASK; 272 } 273 274 /* hash table for nfs4_file */ 275 #define FILE_HASH_BITS 8 276 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 277 278 static unsigned int file_hashval(struct inode *ino) 279 { 280 /* XXX: why are we hashing on inode pointer, anyway? */ 281 return hash_ptr(ino, FILE_HASH_BITS); 282 } 283 284 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 285 286 static void __nfs4_file_get_access(struct nfs4_file *fp, int oflag) 287 { 288 WARN_ON_ONCE(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR])); 289 atomic_inc(&fp->fi_access[oflag]); 290 } 291 292 static void nfs4_file_get_access(struct nfs4_file *fp, int oflag) 293 { 294 if (oflag == O_RDWR) { 295 __nfs4_file_get_access(fp, O_RDONLY); 296 __nfs4_file_get_access(fp, O_WRONLY); 297 } else 298 __nfs4_file_get_access(fp, oflag); 299 } 300 301 static void nfs4_file_put_fd(struct nfs4_file *fp, int oflag) 302 { 303 if (fp->fi_fds[oflag]) { 304 fput(fp->fi_fds[oflag]); 305 fp->fi_fds[oflag] = NULL; 306 } 307 } 308 309 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 310 { 311 if (atomic_dec_and_test(&fp->fi_access[oflag])) { 312 nfs4_file_put_fd(fp, oflag); 313 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 314 nfs4_file_put_fd(fp, O_RDWR); 315 } 316 } 317 318 static void nfs4_file_put_access(struct nfs4_file *fp, int oflag) 319 { 320 if (oflag == O_RDWR) { 321 __nfs4_file_put_access(fp, O_RDONLY); 322 __nfs4_file_put_access(fp, O_WRONLY); 323 } else 324 __nfs4_file_put_access(fp, oflag); 325 } 326 327 static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct 328 kmem_cache *slab) 329 { 330 struct idr *stateids = &cl->cl_stateids; 331 struct nfs4_stid *stid; 332 int new_id; 333 334 stid = kmem_cache_alloc(slab, GFP_KERNEL); 335 if (!stid) 336 return NULL; 337 338 new_id = idr_alloc_cyclic(stateids, stid, 0, 0, GFP_KERNEL); 339 if (new_id < 0) 340 goto out_free; 341 stid->sc_client = cl; 342 stid->sc_type = 0; 343 stid->sc_stateid.si_opaque.so_id = new_id; 344 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 345 /* Will be incremented before return to client: */ 346 stid->sc_stateid.si_generation = 0; 347 348 /* 349 * It shouldn't be a problem to reuse an opaque stateid value. 350 * I don't think it is for 4.1. But with 4.0 I worry that, for 351 * example, a stray write retransmission could be accepted by 352 * the server when it should have been rejected. Therefore, 353 * adopt a trick from the sctp code to attempt to maximize the 354 * amount of time until an id is reused, by ensuring they always 355 * "increase" (mod INT_MAX): 356 */ 357 return stid; 358 out_free: 359 kmem_cache_free(slab, stid); 360 return NULL; 361 } 362 363 static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp) 364 { 365 return openlockstateid(nfs4_alloc_stid(clp, stateid_slab)); 366 } 367 368 /* 369 * When we recall a delegation, we should be careful not to hand it 370 * out again straight away. 371 * To ensure this we keep a pair of bloom filters ('new' and 'old') 372 * in which the filehandles of recalled delegations are "stored". 373 * If a filehandle appear in either filter, a delegation is blocked. 374 * When a delegation is recalled, the filehandle is stored in the "new" 375 * filter. 376 * Every 30 seconds we swap the filters and clear the "new" one, 377 * unless both are empty of course. 378 * 379 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 380 * low 3 bytes as hash-table indices. 381 * 382 * 'state_lock', which is always held when block_delegations() is called, 383 * is used to manage concurrent access. Testing does not need the lock 384 * except when swapping the two filters. 385 */ 386 static struct bloom_pair { 387 int entries, old_entries; 388 time_t swap_time; 389 int new; /* index into 'set' */ 390 DECLARE_BITMAP(set[2], 256); 391 } blocked_delegations; 392 393 static int delegation_blocked(struct knfsd_fh *fh) 394 { 395 u32 hash; 396 struct bloom_pair *bd = &blocked_delegations; 397 398 if (bd->entries == 0) 399 return 0; 400 if (seconds_since_boot() - bd->swap_time > 30) { 401 spin_lock(&state_lock); 402 if (seconds_since_boot() - bd->swap_time > 30) { 403 bd->entries -= bd->old_entries; 404 bd->old_entries = bd->entries; 405 memset(bd->set[bd->new], 0, 406 sizeof(bd->set[0])); 407 bd->new = 1-bd->new; 408 bd->swap_time = seconds_since_boot(); 409 } 410 spin_unlock(&state_lock); 411 } 412 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0); 413 if (test_bit(hash&255, bd->set[0]) && 414 test_bit((hash>>8)&255, bd->set[0]) && 415 test_bit((hash>>16)&255, bd->set[0])) 416 return 1; 417 418 if (test_bit(hash&255, bd->set[1]) && 419 test_bit((hash>>8)&255, bd->set[1]) && 420 test_bit((hash>>16)&255, bd->set[1])) 421 return 1; 422 423 return 0; 424 } 425 426 static void block_delegations(struct knfsd_fh *fh) 427 { 428 u32 hash; 429 struct bloom_pair *bd = &blocked_delegations; 430 431 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0); 432 433 __set_bit(hash&255, bd->set[bd->new]); 434 __set_bit((hash>>8)&255, bd->set[bd->new]); 435 __set_bit((hash>>16)&255, bd->set[bd->new]); 436 if (bd->entries == 0) 437 bd->swap_time = seconds_since_boot(); 438 bd->entries += 1; 439 } 440 441 static struct nfs4_delegation * 442 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh) 443 { 444 struct nfs4_delegation *dp; 445 446 dprintk("NFSD alloc_init_deleg\n"); 447 if (num_delegations > max_delegations) 448 return NULL; 449 if (delegation_blocked(¤t_fh->fh_handle)) 450 return NULL; 451 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab)); 452 if (dp == NULL) 453 return dp; 454 /* 455 * delegation seqid's are never incremented. The 4.1 special 456 * meaning of seqid 0 isn't meaningful, really, but let's avoid 457 * 0 anyway just for consistency and use 1: 458 */ 459 dp->dl_stid.sc_stateid.si_generation = 1; 460 num_delegations++; 461 INIT_LIST_HEAD(&dp->dl_perfile); 462 INIT_LIST_HEAD(&dp->dl_perclnt); 463 INIT_LIST_HEAD(&dp->dl_recall_lru); 464 dp->dl_file = NULL; 465 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 466 fh_copy_shallow(&dp->dl_fh, ¤t_fh->fh_handle); 467 dp->dl_time = 0; 468 atomic_set(&dp->dl_count, 1); 469 nfsd4_init_callback(&dp->dl_recall); 470 return dp; 471 } 472 473 static void remove_stid(struct nfs4_stid *s) 474 { 475 struct idr *stateids = &s->sc_client->cl_stateids; 476 477 idr_remove(stateids, s->sc_stateid.si_opaque.so_id); 478 } 479 480 static void nfs4_free_stid(struct kmem_cache *slab, struct nfs4_stid *s) 481 { 482 kmem_cache_free(slab, s); 483 } 484 485 void 486 nfs4_put_delegation(struct nfs4_delegation *dp) 487 { 488 if (atomic_dec_and_test(&dp->dl_count)) { 489 nfs4_free_stid(deleg_slab, &dp->dl_stid); 490 num_delegations--; 491 } 492 } 493 494 static void nfs4_put_deleg_lease(struct nfs4_file *fp) 495 { 496 if (!fp->fi_lease) 497 return; 498 if (atomic_dec_and_test(&fp->fi_delegees)) { 499 vfs_setlease(fp->fi_deleg_file, F_UNLCK, &fp->fi_lease); 500 fp->fi_lease = NULL; 501 fput(fp->fi_deleg_file); 502 fp->fi_deleg_file = NULL; 503 } 504 } 505 506 static void unhash_stid(struct nfs4_stid *s) 507 { 508 s->sc_type = 0; 509 } 510 511 static void 512 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 513 { 514 lockdep_assert_held(&state_lock); 515 516 dp->dl_stid.sc_type = NFS4_DELEG_STID; 517 list_add(&dp->dl_perfile, &fp->fi_delegations); 518 list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations); 519 } 520 521 /* Called under the state lock. */ 522 static void 523 unhash_delegation(struct nfs4_delegation *dp) 524 { 525 spin_lock(&state_lock); 526 list_del_init(&dp->dl_perclnt); 527 list_del_init(&dp->dl_perfile); 528 list_del_init(&dp->dl_recall_lru); 529 spin_unlock(&state_lock); 530 if (dp->dl_file) { 531 nfs4_put_deleg_lease(dp->dl_file); 532 put_nfs4_file(dp->dl_file); 533 dp->dl_file = NULL; 534 } 535 } 536 537 538 539 static void destroy_revoked_delegation(struct nfs4_delegation *dp) 540 { 541 list_del_init(&dp->dl_recall_lru); 542 remove_stid(&dp->dl_stid); 543 nfs4_put_delegation(dp); 544 } 545 546 static void destroy_delegation(struct nfs4_delegation *dp) 547 { 548 unhash_delegation(dp); 549 remove_stid(&dp->dl_stid); 550 nfs4_put_delegation(dp); 551 } 552 553 static void revoke_delegation(struct nfs4_delegation *dp) 554 { 555 struct nfs4_client *clp = dp->dl_stid.sc_client; 556 557 if (clp->cl_minorversion == 0) 558 destroy_delegation(dp); 559 else { 560 unhash_delegation(dp); 561 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 562 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 563 } 564 } 565 566 /* 567 * SETCLIENTID state 568 */ 569 570 static unsigned int clientid_hashval(u32 id) 571 { 572 return id & CLIENT_HASH_MASK; 573 } 574 575 static unsigned int clientstr_hashval(const char *name) 576 { 577 return opaque_hashval(name, 8) & CLIENT_HASH_MASK; 578 } 579 580 /* 581 * We store the NONE, READ, WRITE, and BOTH bits separately in the 582 * st_{access,deny}_bmap field of the stateid, in order to track not 583 * only what share bits are currently in force, but also what 584 * combinations of share bits previous opens have used. This allows us 585 * to enforce the recommendation of rfc 3530 14.2.19 that the server 586 * return an error if the client attempt to downgrade to a combination 587 * of share bits not explicable by closing some of its previous opens. 588 * 589 * XXX: This enforcement is actually incomplete, since we don't keep 590 * track of access/deny bit combinations; so, e.g., we allow: 591 * 592 * OPEN allow read, deny write 593 * OPEN allow both, deny none 594 * DOWNGRADE allow read, deny none 595 * 596 * which we should reject. 597 */ 598 static unsigned int 599 bmap_to_share_mode(unsigned long bmap) { 600 int i; 601 unsigned int access = 0; 602 603 for (i = 1; i < 4; i++) { 604 if (test_bit(i, &bmap)) 605 access |= i; 606 } 607 return access; 608 } 609 610 static bool 611 test_share(struct nfs4_ol_stateid *stp, struct nfsd4_open *open) { 612 unsigned int access, deny; 613 614 access = bmap_to_share_mode(stp->st_access_bmap); 615 deny = bmap_to_share_mode(stp->st_deny_bmap); 616 if ((access & open->op_share_deny) || (deny & open->op_share_access)) 617 return false; 618 return true; 619 } 620 621 /* set share access for a given stateid */ 622 static inline void 623 set_access(u32 access, struct nfs4_ol_stateid *stp) 624 { 625 __set_bit(access, &stp->st_access_bmap); 626 } 627 628 /* clear share access for a given stateid */ 629 static inline void 630 clear_access(u32 access, struct nfs4_ol_stateid *stp) 631 { 632 __clear_bit(access, &stp->st_access_bmap); 633 } 634 635 /* test whether a given stateid has access */ 636 static inline bool 637 test_access(u32 access, struct nfs4_ol_stateid *stp) 638 { 639 return test_bit(access, &stp->st_access_bmap); 640 } 641 642 /* set share deny for a given stateid */ 643 static inline void 644 set_deny(u32 access, struct nfs4_ol_stateid *stp) 645 { 646 __set_bit(access, &stp->st_deny_bmap); 647 } 648 649 /* clear share deny for a given stateid */ 650 static inline void 651 clear_deny(u32 access, struct nfs4_ol_stateid *stp) 652 { 653 __clear_bit(access, &stp->st_deny_bmap); 654 } 655 656 /* test whether a given stateid is denying specific access */ 657 static inline bool 658 test_deny(u32 access, struct nfs4_ol_stateid *stp) 659 { 660 return test_bit(access, &stp->st_deny_bmap); 661 } 662 663 static int nfs4_access_to_omode(u32 access) 664 { 665 switch (access & NFS4_SHARE_ACCESS_BOTH) { 666 case NFS4_SHARE_ACCESS_READ: 667 return O_RDONLY; 668 case NFS4_SHARE_ACCESS_WRITE: 669 return O_WRONLY; 670 case NFS4_SHARE_ACCESS_BOTH: 671 return O_RDWR; 672 } 673 WARN_ON_ONCE(1); 674 return O_RDONLY; 675 } 676 677 /* release all access and file references for a given stateid */ 678 static void 679 release_all_access(struct nfs4_ol_stateid *stp) 680 { 681 int i; 682 683 for (i = 1; i < 4; i++) { 684 if (test_access(i, stp)) 685 nfs4_file_put_access(stp->st_file, 686 nfs4_access_to_omode(i)); 687 clear_access(i, stp); 688 } 689 } 690 691 static void unhash_generic_stateid(struct nfs4_ol_stateid *stp) 692 { 693 list_del(&stp->st_perfile); 694 list_del(&stp->st_perstateowner); 695 } 696 697 static void close_generic_stateid(struct nfs4_ol_stateid *stp) 698 { 699 release_all_access(stp); 700 put_nfs4_file(stp->st_file); 701 stp->st_file = NULL; 702 } 703 704 static void free_generic_stateid(struct nfs4_ol_stateid *stp) 705 { 706 remove_stid(&stp->st_stid); 707 nfs4_free_stid(stateid_slab, &stp->st_stid); 708 } 709 710 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 711 { 712 struct file *file; 713 714 unhash_generic_stateid(stp); 715 unhash_stid(&stp->st_stid); 716 file = find_any_file(stp->st_file); 717 if (file) 718 locks_remove_posix(file, (fl_owner_t)lockowner(stp->st_stateowner)); 719 close_generic_stateid(stp); 720 free_generic_stateid(stp); 721 } 722 723 static void unhash_lockowner(struct nfs4_lockowner *lo) 724 { 725 struct nfs4_ol_stateid *stp; 726 727 list_del(&lo->lo_owner.so_strhash); 728 list_del(&lo->lo_perstateid); 729 list_del(&lo->lo_owner_ino_hash); 730 while (!list_empty(&lo->lo_owner.so_stateids)) { 731 stp = list_first_entry(&lo->lo_owner.so_stateids, 732 struct nfs4_ol_stateid, st_perstateowner); 733 release_lock_stateid(stp); 734 } 735 } 736 737 static void nfs4_free_lockowner(struct nfs4_lockowner *lo) 738 { 739 kfree(lo->lo_owner.so_owner.data); 740 kmem_cache_free(lockowner_slab, lo); 741 } 742 743 static void release_lockowner(struct nfs4_lockowner *lo) 744 { 745 unhash_lockowner(lo); 746 nfs4_free_lockowner(lo); 747 } 748 749 static void 750 release_stateid_lockowners(struct nfs4_ol_stateid *open_stp) 751 { 752 struct nfs4_lockowner *lo; 753 754 while (!list_empty(&open_stp->st_lockowners)) { 755 lo = list_entry(open_stp->st_lockowners.next, 756 struct nfs4_lockowner, lo_perstateid); 757 release_lockowner(lo); 758 } 759 } 760 761 static void unhash_open_stateid(struct nfs4_ol_stateid *stp) 762 { 763 unhash_generic_stateid(stp); 764 release_stateid_lockowners(stp); 765 close_generic_stateid(stp); 766 } 767 768 static void release_open_stateid(struct nfs4_ol_stateid *stp) 769 { 770 unhash_open_stateid(stp); 771 free_generic_stateid(stp); 772 } 773 774 static void unhash_openowner(struct nfs4_openowner *oo) 775 { 776 struct nfs4_ol_stateid *stp; 777 778 list_del(&oo->oo_owner.so_strhash); 779 list_del(&oo->oo_perclient); 780 while (!list_empty(&oo->oo_owner.so_stateids)) { 781 stp = list_first_entry(&oo->oo_owner.so_stateids, 782 struct nfs4_ol_stateid, st_perstateowner); 783 release_open_stateid(stp); 784 } 785 } 786 787 static void release_last_closed_stateid(struct nfs4_openowner *oo) 788 { 789 struct nfs4_ol_stateid *s = oo->oo_last_closed_stid; 790 791 if (s) { 792 free_generic_stateid(s); 793 oo->oo_last_closed_stid = NULL; 794 } 795 } 796 797 static void nfs4_free_openowner(struct nfs4_openowner *oo) 798 { 799 kfree(oo->oo_owner.so_owner.data); 800 kmem_cache_free(openowner_slab, oo); 801 } 802 803 static void release_openowner(struct nfs4_openowner *oo) 804 { 805 unhash_openowner(oo); 806 list_del(&oo->oo_close_lru); 807 release_last_closed_stateid(oo); 808 nfs4_free_openowner(oo); 809 } 810 811 static inline int 812 hash_sessionid(struct nfs4_sessionid *sessionid) 813 { 814 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 815 816 return sid->sequence % SESSION_HASH_SIZE; 817 } 818 819 #ifdef NFSD_DEBUG 820 static inline void 821 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 822 { 823 u32 *ptr = (u32 *)(&sessionid->data[0]); 824 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 825 } 826 #else 827 static inline void 828 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 829 { 830 } 831 #endif 832 833 /* 834 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 835 * won't be used for replay. 836 */ 837 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 838 { 839 struct nfs4_stateowner *so = cstate->replay_owner; 840 841 if (nfserr == nfserr_replay_me) 842 return; 843 844 if (!seqid_mutating_err(ntohl(nfserr))) { 845 cstate->replay_owner = NULL; 846 return; 847 } 848 if (!so) 849 return; 850 if (so->so_is_open_owner) 851 release_last_closed_stateid(openowner(so)); 852 so->so_seqid++; 853 return; 854 } 855 856 static void 857 gen_sessionid(struct nfsd4_session *ses) 858 { 859 struct nfs4_client *clp = ses->se_client; 860 struct nfsd4_sessionid *sid; 861 862 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 863 sid->clientid = clp->cl_clientid; 864 sid->sequence = current_sessionid++; 865 sid->reserved = 0; 866 } 867 868 /* 869 * The protocol defines ca_maxresponssize_cached to include the size of 870 * the rpc header, but all we need to cache is the data starting after 871 * the end of the initial SEQUENCE operation--the rest we regenerate 872 * each time. Therefore we can advertise a ca_maxresponssize_cached 873 * value that is the number of bytes in our cache plus a few additional 874 * bytes. In order to stay on the safe side, and not promise more than 875 * we can cache, those additional bytes must be the minimum possible: 24 876 * bytes of rpc header (xid through accept state, with AUTH_NULL 877 * verifier), 12 for the compound header (with zero-length tag), and 44 878 * for the SEQUENCE op response: 879 */ 880 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 881 882 static void 883 free_session_slots(struct nfsd4_session *ses) 884 { 885 int i; 886 887 for (i = 0; i < ses->se_fchannel.maxreqs; i++) 888 kfree(ses->se_slots[i]); 889 } 890 891 /* 892 * We don't actually need to cache the rpc and session headers, so we 893 * can allocate a little less for each slot: 894 */ 895 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 896 { 897 u32 size; 898 899 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 900 size = 0; 901 else 902 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 903 return size + sizeof(struct nfsd4_slot); 904 } 905 906 /* 907 * XXX: If we run out of reserved DRC memory we could (up to a point) 908 * re-negotiate active sessions and reduce their slot usage to make 909 * room for new connections. For now we just fail the create session. 910 */ 911 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca) 912 { 913 u32 slotsize = slot_bytes(ca); 914 u32 num = ca->maxreqs; 915 int avail; 916 917 spin_lock(&nfsd_drc_lock); 918 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, 919 nfsd_drc_max_mem - nfsd_drc_mem_used); 920 num = min_t(int, num, avail / slotsize); 921 nfsd_drc_mem_used += num * slotsize; 922 spin_unlock(&nfsd_drc_lock); 923 924 return num; 925 } 926 927 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 928 { 929 int slotsize = slot_bytes(ca); 930 931 spin_lock(&nfsd_drc_lock); 932 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 933 spin_unlock(&nfsd_drc_lock); 934 } 935 936 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 937 struct nfsd4_channel_attrs *battrs) 938 { 939 int numslots = fattrs->maxreqs; 940 int slotsize = slot_bytes(fattrs); 941 struct nfsd4_session *new; 942 int mem, i; 943 944 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 945 + sizeof(struct nfsd4_session) > PAGE_SIZE); 946 mem = numslots * sizeof(struct nfsd4_slot *); 947 948 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 949 if (!new) 950 return NULL; 951 /* allocate each struct nfsd4_slot and data cache in one piece */ 952 for (i = 0; i < numslots; i++) { 953 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 954 if (!new->se_slots[i]) 955 goto out_free; 956 } 957 958 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 959 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 960 961 return new; 962 out_free: 963 while (i--) 964 kfree(new->se_slots[i]); 965 kfree(new); 966 return NULL; 967 } 968 969 static void free_conn(struct nfsd4_conn *c) 970 { 971 svc_xprt_put(c->cn_xprt); 972 kfree(c); 973 } 974 975 static void nfsd4_conn_lost(struct svc_xpt_user *u) 976 { 977 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 978 struct nfs4_client *clp = c->cn_session->se_client; 979 980 spin_lock(&clp->cl_lock); 981 if (!list_empty(&c->cn_persession)) { 982 list_del(&c->cn_persession); 983 free_conn(c); 984 } 985 nfsd4_probe_callback(clp); 986 spin_unlock(&clp->cl_lock); 987 } 988 989 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 990 { 991 struct nfsd4_conn *conn; 992 993 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 994 if (!conn) 995 return NULL; 996 svc_xprt_get(rqstp->rq_xprt); 997 conn->cn_xprt = rqstp->rq_xprt; 998 conn->cn_flags = flags; 999 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1000 return conn; 1001 } 1002 1003 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1004 { 1005 conn->cn_session = ses; 1006 list_add(&conn->cn_persession, &ses->se_conns); 1007 } 1008 1009 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1010 { 1011 struct nfs4_client *clp = ses->se_client; 1012 1013 spin_lock(&clp->cl_lock); 1014 __nfsd4_hash_conn(conn, ses); 1015 spin_unlock(&clp->cl_lock); 1016 } 1017 1018 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1019 { 1020 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1021 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1022 } 1023 1024 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1025 { 1026 int ret; 1027 1028 nfsd4_hash_conn(conn, ses); 1029 ret = nfsd4_register_conn(conn); 1030 if (ret) 1031 /* oops; xprt is already down: */ 1032 nfsd4_conn_lost(&conn->cn_xpt_user); 1033 if (conn->cn_flags & NFS4_CDFC4_BACK) { 1034 /* callback channel may be back up */ 1035 nfsd4_probe_callback(ses->se_client); 1036 } 1037 } 1038 1039 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1040 { 1041 u32 dir = NFS4_CDFC4_FORE; 1042 1043 if (cses->flags & SESSION4_BACK_CHAN) 1044 dir |= NFS4_CDFC4_BACK; 1045 return alloc_conn(rqstp, dir); 1046 } 1047 1048 /* must be called under client_lock */ 1049 static void nfsd4_del_conns(struct nfsd4_session *s) 1050 { 1051 struct nfs4_client *clp = s->se_client; 1052 struct nfsd4_conn *c; 1053 1054 spin_lock(&clp->cl_lock); 1055 while (!list_empty(&s->se_conns)) { 1056 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1057 list_del_init(&c->cn_persession); 1058 spin_unlock(&clp->cl_lock); 1059 1060 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1061 free_conn(c); 1062 1063 spin_lock(&clp->cl_lock); 1064 } 1065 spin_unlock(&clp->cl_lock); 1066 } 1067 1068 static void __free_session(struct nfsd4_session *ses) 1069 { 1070 free_session_slots(ses); 1071 kfree(ses); 1072 } 1073 1074 static void free_session(struct nfsd4_session *ses) 1075 { 1076 struct nfsd_net *nn = net_generic(ses->se_client->net, nfsd_net_id); 1077 1078 lockdep_assert_held(&nn->client_lock); 1079 nfsd4_del_conns(ses); 1080 nfsd4_put_drc_mem(&ses->se_fchannel); 1081 __free_session(ses); 1082 } 1083 1084 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1085 { 1086 int idx; 1087 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1088 1089 new->se_client = clp; 1090 gen_sessionid(new); 1091 1092 INIT_LIST_HEAD(&new->se_conns); 1093 1094 new->se_cb_seq_nr = 1; 1095 new->se_flags = cses->flags; 1096 new->se_cb_prog = cses->callback_prog; 1097 new->se_cb_sec = cses->cb_sec; 1098 atomic_set(&new->se_ref, 0); 1099 idx = hash_sessionid(&new->se_sessionid); 1100 spin_lock(&nn->client_lock); 1101 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1102 spin_lock(&clp->cl_lock); 1103 list_add(&new->se_perclnt, &clp->cl_sessions); 1104 spin_unlock(&clp->cl_lock); 1105 spin_unlock(&nn->client_lock); 1106 1107 if (cses->flags & SESSION4_BACK_CHAN) { 1108 struct sockaddr *sa = svc_addr(rqstp); 1109 /* 1110 * This is a little silly; with sessions there's no real 1111 * use for the callback address. Use the peer address 1112 * as a reasonable default for now, but consider fixing 1113 * the rpc client not to require an address in the 1114 * future: 1115 */ 1116 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1117 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1118 } 1119 } 1120 1121 /* caller must hold client_lock */ 1122 static struct nfsd4_session * 1123 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1124 { 1125 struct nfsd4_session *elem; 1126 int idx; 1127 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1128 1129 dump_sessionid(__func__, sessionid); 1130 idx = hash_sessionid(sessionid); 1131 /* Search in the appropriate list */ 1132 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1133 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1134 NFS4_MAX_SESSIONID_LEN)) { 1135 return elem; 1136 } 1137 } 1138 1139 dprintk("%s: session not found\n", __func__); 1140 return NULL; 1141 } 1142 1143 /* caller must hold client_lock */ 1144 static void 1145 unhash_session(struct nfsd4_session *ses) 1146 { 1147 list_del(&ses->se_hash); 1148 spin_lock(&ses->se_client->cl_lock); 1149 list_del(&ses->se_perclnt); 1150 spin_unlock(&ses->se_client->cl_lock); 1151 } 1152 1153 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1154 static int 1155 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1156 { 1157 if (clid->cl_boot == nn->boot_time) 1158 return 0; 1159 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n", 1160 clid->cl_boot, clid->cl_id, nn->boot_time); 1161 return 1; 1162 } 1163 1164 /* 1165 * XXX Should we use a slab cache ? 1166 * This type of memory management is somewhat inefficient, but we use it 1167 * anyway since SETCLIENTID is not a common operation. 1168 */ 1169 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1170 { 1171 struct nfs4_client *clp; 1172 1173 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL); 1174 if (clp == NULL) 1175 return NULL; 1176 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1177 if (clp->cl_name.data == NULL) { 1178 kfree(clp); 1179 return NULL; 1180 } 1181 clp->cl_name.len = name.len; 1182 INIT_LIST_HEAD(&clp->cl_sessions); 1183 idr_init(&clp->cl_stateids); 1184 atomic_set(&clp->cl_refcount, 0); 1185 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1186 INIT_LIST_HEAD(&clp->cl_idhash); 1187 INIT_LIST_HEAD(&clp->cl_openowners); 1188 INIT_LIST_HEAD(&clp->cl_delegations); 1189 INIT_LIST_HEAD(&clp->cl_lru); 1190 INIT_LIST_HEAD(&clp->cl_callbacks); 1191 INIT_LIST_HEAD(&clp->cl_revoked); 1192 spin_lock_init(&clp->cl_lock); 1193 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1194 return clp; 1195 } 1196 1197 static void 1198 free_client(struct nfs4_client *clp) 1199 { 1200 struct nfsd_net __maybe_unused *nn = net_generic(clp->net, nfsd_net_id); 1201 1202 lockdep_assert_held(&nn->client_lock); 1203 while (!list_empty(&clp->cl_sessions)) { 1204 struct nfsd4_session *ses; 1205 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1206 se_perclnt); 1207 list_del(&ses->se_perclnt); 1208 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 1209 free_session(ses); 1210 } 1211 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1212 free_svc_cred(&clp->cl_cred); 1213 kfree(clp->cl_name.data); 1214 idr_destroy(&clp->cl_stateids); 1215 kfree(clp); 1216 } 1217 1218 /* must be called under the client_lock */ 1219 static inline void 1220 unhash_client_locked(struct nfs4_client *clp) 1221 { 1222 struct nfsd4_session *ses; 1223 1224 list_del(&clp->cl_lru); 1225 spin_lock(&clp->cl_lock); 1226 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1227 list_del_init(&ses->se_hash); 1228 spin_unlock(&clp->cl_lock); 1229 } 1230 1231 static void 1232 destroy_client(struct nfs4_client *clp) 1233 { 1234 struct nfs4_openowner *oo; 1235 struct nfs4_delegation *dp; 1236 struct list_head reaplist; 1237 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1238 1239 INIT_LIST_HEAD(&reaplist); 1240 spin_lock(&state_lock); 1241 while (!list_empty(&clp->cl_delegations)) { 1242 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1243 list_del_init(&dp->dl_perclnt); 1244 list_move(&dp->dl_recall_lru, &reaplist); 1245 } 1246 spin_unlock(&state_lock); 1247 while (!list_empty(&reaplist)) { 1248 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1249 destroy_delegation(dp); 1250 } 1251 list_splice_init(&clp->cl_revoked, &reaplist); 1252 while (!list_empty(&reaplist)) { 1253 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1254 destroy_revoked_delegation(dp); 1255 } 1256 while (!list_empty(&clp->cl_openowners)) { 1257 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1258 release_openowner(oo); 1259 } 1260 nfsd4_shutdown_callback(clp); 1261 if (clp->cl_cb_conn.cb_xprt) 1262 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1263 list_del(&clp->cl_idhash); 1264 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1265 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1266 else 1267 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1268 spin_lock(&nn->client_lock); 1269 unhash_client_locked(clp); 1270 WARN_ON_ONCE(atomic_read(&clp->cl_refcount)); 1271 free_client(clp); 1272 spin_unlock(&nn->client_lock); 1273 } 1274 1275 static void expire_client(struct nfs4_client *clp) 1276 { 1277 nfsd4_client_record_remove(clp); 1278 destroy_client(clp); 1279 } 1280 1281 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 1282 { 1283 memcpy(target->cl_verifier.data, source->data, 1284 sizeof(target->cl_verifier.data)); 1285 } 1286 1287 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 1288 { 1289 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 1290 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 1291 } 1292 1293 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 1294 { 1295 if (source->cr_principal) { 1296 target->cr_principal = 1297 kstrdup(source->cr_principal, GFP_KERNEL); 1298 if (target->cr_principal == NULL) 1299 return -ENOMEM; 1300 } else 1301 target->cr_principal = NULL; 1302 target->cr_flavor = source->cr_flavor; 1303 target->cr_uid = source->cr_uid; 1304 target->cr_gid = source->cr_gid; 1305 target->cr_group_info = source->cr_group_info; 1306 get_group_info(target->cr_group_info); 1307 target->cr_gss_mech = source->cr_gss_mech; 1308 if (source->cr_gss_mech) 1309 gss_mech_get(source->cr_gss_mech); 1310 return 0; 1311 } 1312 1313 static long long 1314 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 1315 { 1316 long long res; 1317 1318 res = o1->len - o2->len; 1319 if (res) 1320 return res; 1321 return (long long)memcmp(o1->data, o2->data, o1->len); 1322 } 1323 1324 static int same_name(const char *n1, const char *n2) 1325 { 1326 return 0 == memcmp(n1, n2, HEXDIR_LEN); 1327 } 1328 1329 static int 1330 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 1331 { 1332 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 1333 } 1334 1335 static int 1336 same_clid(clientid_t *cl1, clientid_t *cl2) 1337 { 1338 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 1339 } 1340 1341 static bool groups_equal(struct group_info *g1, struct group_info *g2) 1342 { 1343 int i; 1344 1345 if (g1->ngroups != g2->ngroups) 1346 return false; 1347 for (i=0; i<g1->ngroups; i++) 1348 if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i))) 1349 return false; 1350 return true; 1351 } 1352 1353 /* 1354 * RFC 3530 language requires clid_inuse be returned when the 1355 * "principal" associated with a requests differs from that previously 1356 * used. We use uid, gid's, and gss principal string as our best 1357 * approximation. We also don't want to allow non-gss use of a client 1358 * established using gss: in theory cr_principal should catch that 1359 * change, but in practice cr_principal can be null even in the gss case 1360 * since gssd doesn't always pass down a principal string. 1361 */ 1362 static bool is_gss_cred(struct svc_cred *cr) 1363 { 1364 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 1365 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 1366 } 1367 1368 1369 static bool 1370 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 1371 { 1372 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 1373 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 1374 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 1375 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 1376 return false; 1377 if (cr1->cr_principal == cr2->cr_principal) 1378 return true; 1379 if (!cr1->cr_principal || !cr2->cr_principal) 1380 return false; 1381 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 1382 } 1383 1384 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 1385 { 1386 struct svc_cred *cr = &rqstp->rq_cred; 1387 u32 service; 1388 1389 if (!cr->cr_gss_mech) 1390 return false; 1391 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 1392 return service == RPC_GSS_SVC_INTEGRITY || 1393 service == RPC_GSS_SVC_PRIVACY; 1394 } 1395 1396 static bool mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 1397 { 1398 struct svc_cred *cr = &rqstp->rq_cred; 1399 1400 if (!cl->cl_mach_cred) 1401 return true; 1402 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 1403 return false; 1404 if (!svc_rqst_integrity_protected(rqstp)) 1405 return false; 1406 if (!cr->cr_principal) 1407 return false; 1408 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 1409 } 1410 1411 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 1412 { 1413 static u32 current_clientid = 1; 1414 1415 clp->cl_clientid.cl_boot = nn->boot_time; 1416 clp->cl_clientid.cl_id = current_clientid++; 1417 } 1418 1419 static void gen_confirm(struct nfs4_client *clp) 1420 { 1421 __be32 verf[2]; 1422 static u32 i; 1423 1424 verf[0] = (__be32)get_seconds(); 1425 verf[1] = (__be32)i++; 1426 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 1427 } 1428 1429 static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t) 1430 { 1431 struct nfs4_stid *ret; 1432 1433 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 1434 if (!ret || !ret->sc_type) 1435 return NULL; 1436 return ret; 1437 } 1438 1439 static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 1440 { 1441 struct nfs4_stid *s; 1442 1443 s = find_stateid(cl, t); 1444 if (!s) 1445 return NULL; 1446 if (typemask & s->sc_type) 1447 return s; 1448 return NULL; 1449 } 1450 1451 static struct nfs4_client *create_client(struct xdr_netobj name, 1452 struct svc_rqst *rqstp, nfs4_verifier *verf) 1453 { 1454 struct nfs4_client *clp; 1455 struct sockaddr *sa = svc_addr(rqstp); 1456 int ret; 1457 struct net *net = SVC_NET(rqstp); 1458 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1459 1460 clp = alloc_client(name); 1461 if (clp == NULL) 1462 return NULL; 1463 1464 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 1465 if (ret) { 1466 spin_lock(&nn->client_lock); 1467 free_client(clp); 1468 spin_unlock(&nn->client_lock); 1469 return NULL; 1470 } 1471 nfsd4_init_callback(&clp->cl_cb_null); 1472 clp->cl_time = get_seconds(); 1473 clear_bit(0, &clp->cl_cb_slot_busy); 1474 copy_verf(clp, verf); 1475 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 1476 gen_confirm(clp); 1477 clp->cl_cb_session = NULL; 1478 clp->net = net; 1479 return clp; 1480 } 1481 1482 static void 1483 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 1484 { 1485 struct rb_node **new = &(root->rb_node), *parent = NULL; 1486 struct nfs4_client *clp; 1487 1488 while (*new) { 1489 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 1490 parent = *new; 1491 1492 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 1493 new = &((*new)->rb_left); 1494 else 1495 new = &((*new)->rb_right); 1496 } 1497 1498 rb_link_node(&new_clp->cl_namenode, parent, new); 1499 rb_insert_color(&new_clp->cl_namenode, root); 1500 } 1501 1502 static struct nfs4_client * 1503 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 1504 { 1505 long long cmp; 1506 struct rb_node *node = root->rb_node; 1507 struct nfs4_client *clp; 1508 1509 while (node) { 1510 clp = rb_entry(node, struct nfs4_client, cl_namenode); 1511 cmp = compare_blob(&clp->cl_name, name); 1512 if (cmp > 0) 1513 node = node->rb_left; 1514 else if (cmp < 0) 1515 node = node->rb_right; 1516 else 1517 return clp; 1518 } 1519 return NULL; 1520 } 1521 1522 static void 1523 add_to_unconfirmed(struct nfs4_client *clp) 1524 { 1525 unsigned int idhashval; 1526 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1527 1528 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 1529 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 1530 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 1531 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 1532 renew_client(clp); 1533 } 1534 1535 static void 1536 move_to_confirmed(struct nfs4_client *clp) 1537 { 1538 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 1539 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1540 1541 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 1542 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 1543 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1544 add_clp_to_name_tree(clp, &nn->conf_name_tree); 1545 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 1546 renew_client(clp); 1547 } 1548 1549 static struct nfs4_client * 1550 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 1551 { 1552 struct nfs4_client *clp; 1553 unsigned int idhashval = clientid_hashval(clid->cl_id); 1554 1555 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 1556 if (same_clid(&clp->cl_clientid, clid)) { 1557 if ((bool)clp->cl_minorversion != sessions) 1558 return NULL; 1559 renew_client(clp); 1560 return clp; 1561 } 1562 } 1563 return NULL; 1564 } 1565 1566 static struct nfs4_client * 1567 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 1568 { 1569 struct list_head *tbl = nn->conf_id_hashtbl; 1570 1571 return find_client_in_id_table(tbl, clid, sessions); 1572 } 1573 1574 static struct nfs4_client * 1575 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 1576 { 1577 struct list_head *tbl = nn->unconf_id_hashtbl; 1578 1579 return find_client_in_id_table(tbl, clid, sessions); 1580 } 1581 1582 static bool clp_used_exchangeid(struct nfs4_client *clp) 1583 { 1584 return clp->cl_exchange_flags != 0; 1585 } 1586 1587 static struct nfs4_client * 1588 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 1589 { 1590 return find_clp_in_name_tree(name, &nn->conf_name_tree); 1591 } 1592 1593 static struct nfs4_client * 1594 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 1595 { 1596 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 1597 } 1598 1599 static void 1600 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 1601 { 1602 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 1603 struct sockaddr *sa = svc_addr(rqstp); 1604 u32 scopeid = rpc_get_scope_id(sa); 1605 unsigned short expected_family; 1606 1607 /* Currently, we only support tcp and tcp6 for the callback channel */ 1608 if (se->se_callback_netid_len == 3 && 1609 !memcmp(se->se_callback_netid_val, "tcp", 3)) 1610 expected_family = AF_INET; 1611 else if (se->se_callback_netid_len == 4 && 1612 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 1613 expected_family = AF_INET6; 1614 else 1615 goto out_err; 1616 1617 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 1618 se->se_callback_addr_len, 1619 (struct sockaddr *)&conn->cb_addr, 1620 sizeof(conn->cb_addr)); 1621 1622 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 1623 goto out_err; 1624 1625 if (conn->cb_addr.ss_family == AF_INET6) 1626 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 1627 1628 conn->cb_prog = se->se_callback_prog; 1629 conn->cb_ident = se->se_callback_ident; 1630 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 1631 return; 1632 out_err: 1633 conn->cb_addr.ss_family = AF_UNSPEC; 1634 conn->cb_addrlen = 0; 1635 dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) " 1636 "will not receive delegations\n", 1637 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 1638 1639 return; 1640 } 1641 1642 /* 1643 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 1644 */ 1645 void 1646 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 1647 { 1648 struct xdr_buf *buf = resp->xdr.buf; 1649 struct nfsd4_slot *slot = resp->cstate.slot; 1650 unsigned int base; 1651 1652 dprintk("--> %s slot %p\n", __func__, slot); 1653 1654 slot->sl_opcnt = resp->opcnt; 1655 slot->sl_status = resp->cstate.status; 1656 1657 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 1658 if (nfsd4_not_cached(resp)) { 1659 slot->sl_datalen = 0; 1660 return; 1661 } 1662 base = resp->cstate.data_offset; 1663 slot->sl_datalen = buf->len - base; 1664 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 1665 WARN("%s: sessions DRC could not cache compound\n", __func__); 1666 return; 1667 } 1668 1669 /* 1670 * Encode the replay sequence operation from the slot values. 1671 * If cachethis is FALSE encode the uncached rep error on the next 1672 * operation which sets resp->p and increments resp->opcnt for 1673 * nfs4svc_encode_compoundres. 1674 * 1675 */ 1676 static __be32 1677 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 1678 struct nfsd4_compoundres *resp) 1679 { 1680 struct nfsd4_op *op; 1681 struct nfsd4_slot *slot = resp->cstate.slot; 1682 1683 /* Encode the replayed sequence operation */ 1684 op = &args->ops[resp->opcnt - 1]; 1685 nfsd4_encode_operation(resp, op); 1686 1687 /* Return nfserr_retry_uncached_rep in next operation. */ 1688 if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) { 1689 op = &args->ops[resp->opcnt++]; 1690 op->status = nfserr_retry_uncached_rep; 1691 nfsd4_encode_operation(resp, op); 1692 } 1693 return op->status; 1694 } 1695 1696 /* 1697 * The sequence operation is not cached because we can use the slot and 1698 * session values. 1699 */ 1700 static __be32 1701 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 1702 struct nfsd4_sequence *seq) 1703 { 1704 struct nfsd4_slot *slot = resp->cstate.slot; 1705 struct xdr_stream *xdr = &resp->xdr; 1706 __be32 *p; 1707 __be32 status; 1708 1709 dprintk("--> %s slot %p\n", __func__, slot); 1710 1711 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 1712 if (status) 1713 return status; 1714 1715 p = xdr_reserve_space(xdr, slot->sl_datalen); 1716 if (!p) { 1717 WARN_ON_ONCE(1); 1718 return nfserr_serverfault; 1719 } 1720 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 1721 xdr_commit_encode(xdr); 1722 1723 resp->opcnt = slot->sl_opcnt; 1724 return slot->sl_status; 1725 } 1726 1727 /* 1728 * Set the exchange_id flags returned by the server. 1729 */ 1730 static void 1731 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 1732 { 1733 /* pNFS is not supported */ 1734 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 1735 1736 /* Referrals are supported, Migration is not. */ 1737 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 1738 1739 /* set the wire flags to return to client. */ 1740 clid->flags = new->cl_exchange_flags; 1741 } 1742 1743 static bool client_has_state(struct nfs4_client *clp) 1744 { 1745 /* 1746 * Note clp->cl_openowners check isn't quite right: there's no 1747 * need to count owners without stateid's. 1748 * 1749 * Also note we should probably be using this in 4.0 case too. 1750 */ 1751 return !list_empty(&clp->cl_openowners) 1752 || !list_empty(&clp->cl_delegations) 1753 || !list_empty(&clp->cl_sessions); 1754 } 1755 1756 __be32 1757 nfsd4_exchange_id(struct svc_rqst *rqstp, 1758 struct nfsd4_compound_state *cstate, 1759 struct nfsd4_exchange_id *exid) 1760 { 1761 struct nfs4_client *unconf, *conf, *new; 1762 __be32 status; 1763 char addr_str[INET6_ADDRSTRLEN]; 1764 nfs4_verifier verf = exid->verifier; 1765 struct sockaddr *sa = svc_addr(rqstp); 1766 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 1767 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1768 1769 rpc_ntop(sa, addr_str, sizeof(addr_str)); 1770 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 1771 "ip_addr=%s flags %x, spa_how %d\n", 1772 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 1773 addr_str, exid->flags, exid->spa_how); 1774 1775 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 1776 return nfserr_inval; 1777 1778 switch (exid->spa_how) { 1779 case SP4_MACH_CRED: 1780 if (!svc_rqst_integrity_protected(rqstp)) 1781 return nfserr_inval; 1782 case SP4_NONE: 1783 break; 1784 default: /* checked by xdr code */ 1785 WARN_ON_ONCE(1); 1786 case SP4_SSV: 1787 return nfserr_encr_alg_unsupp; 1788 } 1789 1790 /* Cases below refer to rfc 5661 section 18.35.4: */ 1791 nfs4_lock_state(); 1792 conf = find_confirmed_client_by_name(&exid->clname, nn); 1793 if (conf) { 1794 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 1795 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 1796 1797 if (update) { 1798 if (!clp_used_exchangeid(conf)) { /* buggy client */ 1799 status = nfserr_inval; 1800 goto out; 1801 } 1802 if (!mach_creds_match(conf, rqstp)) { 1803 status = nfserr_wrong_cred; 1804 goto out; 1805 } 1806 if (!creds_match) { /* case 9 */ 1807 status = nfserr_perm; 1808 goto out; 1809 } 1810 if (!verfs_match) { /* case 8 */ 1811 status = nfserr_not_same; 1812 goto out; 1813 } 1814 /* case 6 */ 1815 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 1816 new = conf; 1817 goto out_copy; 1818 } 1819 if (!creds_match) { /* case 3 */ 1820 if (client_has_state(conf)) { 1821 status = nfserr_clid_inuse; 1822 goto out; 1823 } 1824 expire_client(conf); 1825 goto out_new; 1826 } 1827 if (verfs_match) { /* case 2 */ 1828 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 1829 new = conf; 1830 goto out_copy; 1831 } 1832 /* case 5, client reboot */ 1833 goto out_new; 1834 } 1835 1836 if (update) { /* case 7 */ 1837 status = nfserr_noent; 1838 goto out; 1839 } 1840 1841 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 1842 if (unconf) /* case 4, possible retry or client restart */ 1843 expire_client(unconf); 1844 1845 /* case 1 (normal case) */ 1846 out_new: 1847 new = create_client(exid->clname, rqstp, &verf); 1848 if (new == NULL) { 1849 status = nfserr_jukebox; 1850 goto out; 1851 } 1852 new->cl_minorversion = cstate->minorversion; 1853 new->cl_mach_cred = (exid->spa_how == SP4_MACH_CRED); 1854 1855 gen_clid(new, nn); 1856 add_to_unconfirmed(new); 1857 out_copy: 1858 exid->clientid.cl_boot = new->cl_clientid.cl_boot; 1859 exid->clientid.cl_id = new->cl_clientid.cl_id; 1860 1861 exid->seqid = new->cl_cs_slot.sl_seqid + 1; 1862 nfsd4_set_ex_flags(new, exid); 1863 1864 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 1865 new->cl_cs_slot.sl_seqid, new->cl_exchange_flags); 1866 status = nfs_ok; 1867 1868 out: 1869 nfs4_unlock_state(); 1870 return status; 1871 } 1872 1873 static __be32 1874 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 1875 { 1876 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 1877 slot_seqid); 1878 1879 /* The slot is in use, and no response has been sent. */ 1880 if (slot_inuse) { 1881 if (seqid == slot_seqid) 1882 return nfserr_jukebox; 1883 else 1884 return nfserr_seq_misordered; 1885 } 1886 /* Note unsigned 32-bit arithmetic handles wraparound: */ 1887 if (likely(seqid == slot_seqid + 1)) 1888 return nfs_ok; 1889 if (seqid == slot_seqid) 1890 return nfserr_replay_cache; 1891 return nfserr_seq_misordered; 1892 } 1893 1894 /* 1895 * Cache the create session result into the create session single DRC 1896 * slot cache by saving the xdr structure. sl_seqid has been set. 1897 * Do this for solo or embedded create session operations. 1898 */ 1899 static void 1900 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 1901 struct nfsd4_clid_slot *slot, __be32 nfserr) 1902 { 1903 slot->sl_status = nfserr; 1904 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 1905 } 1906 1907 static __be32 1908 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 1909 struct nfsd4_clid_slot *slot) 1910 { 1911 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 1912 return slot->sl_status; 1913 } 1914 1915 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 1916 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 1917 1 + /* MIN tag is length with zero, only length */ \ 1918 3 + /* version, opcount, opcode */ \ 1919 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 1920 /* seqid, slotID, slotID, cache */ \ 1921 4 ) * sizeof(__be32)) 1922 1923 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 1924 2 + /* verifier: AUTH_NULL, length 0 */\ 1925 1 + /* status */ \ 1926 1 + /* MIN tag is length with zero, only length */ \ 1927 3 + /* opcount, opcode, opstatus*/ \ 1928 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 1929 /* seqid, slotID, slotID, slotID, status */ \ 1930 5 ) * sizeof(__be32)) 1931 1932 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 1933 { 1934 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 1935 1936 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 1937 return nfserr_toosmall; 1938 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 1939 return nfserr_toosmall; 1940 ca->headerpadsz = 0; 1941 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 1942 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 1943 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 1944 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 1945 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 1946 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 1947 /* 1948 * Note decreasing slot size below client's request may make it 1949 * difficult for client to function correctly, whereas 1950 * decreasing the number of slots will (just?) affect 1951 * performance. When short on memory we therefore prefer to 1952 * decrease number of slots instead of their size. Clients that 1953 * request larger slots than they need will get poor results: 1954 */ 1955 ca->maxreqs = nfsd4_get_drc_mem(ca); 1956 if (!ca->maxreqs) 1957 return nfserr_jukebox; 1958 1959 return nfs_ok; 1960 } 1961 1962 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 1963 RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32)) 1964 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 1965 RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32)) 1966 1967 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 1968 { 1969 ca->headerpadsz = 0; 1970 1971 /* 1972 * These RPC_MAX_HEADER macros are overkill, especially since we 1973 * don't even do gss on the backchannel yet. But this is still 1974 * less than 1k. Tighten up this estimate in the unlikely event 1975 * it turns out to be a problem for some client: 1976 */ 1977 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 1978 return nfserr_toosmall; 1979 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 1980 return nfserr_toosmall; 1981 ca->maxresp_cached = 0; 1982 if (ca->maxops < 2) 1983 return nfserr_toosmall; 1984 1985 return nfs_ok; 1986 } 1987 1988 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 1989 { 1990 switch (cbs->flavor) { 1991 case RPC_AUTH_NULL: 1992 case RPC_AUTH_UNIX: 1993 return nfs_ok; 1994 default: 1995 /* 1996 * GSS case: the spec doesn't allow us to return this 1997 * error. But it also doesn't allow us not to support 1998 * GSS. 1999 * I'd rather this fail hard than return some error the 2000 * client might think it can already handle: 2001 */ 2002 return nfserr_encr_alg_unsupp; 2003 } 2004 } 2005 2006 __be32 2007 nfsd4_create_session(struct svc_rqst *rqstp, 2008 struct nfsd4_compound_state *cstate, 2009 struct nfsd4_create_session *cr_ses) 2010 { 2011 struct sockaddr *sa = svc_addr(rqstp); 2012 struct nfs4_client *conf, *unconf; 2013 struct nfsd4_session *new; 2014 struct nfsd4_conn *conn; 2015 struct nfsd4_clid_slot *cs_slot = NULL; 2016 __be32 status = 0; 2017 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2018 2019 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 2020 return nfserr_inval; 2021 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 2022 if (status) 2023 return status; 2024 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 2025 if (status) 2026 return status; 2027 status = check_backchannel_attrs(&cr_ses->back_channel); 2028 if (status) 2029 goto out_release_drc_mem; 2030 status = nfserr_jukebox; 2031 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 2032 if (!new) 2033 goto out_release_drc_mem; 2034 conn = alloc_conn_from_crses(rqstp, cr_ses); 2035 if (!conn) 2036 goto out_free_session; 2037 2038 nfs4_lock_state(); 2039 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2040 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2041 WARN_ON_ONCE(conf && unconf); 2042 2043 if (conf) { 2044 status = nfserr_wrong_cred; 2045 if (!mach_creds_match(conf, rqstp)) 2046 goto out_free_conn; 2047 cs_slot = &conf->cl_cs_slot; 2048 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2049 if (status == nfserr_replay_cache) { 2050 status = nfsd4_replay_create_session(cr_ses, cs_slot); 2051 goto out_free_conn; 2052 } else if (cr_ses->seqid != cs_slot->sl_seqid + 1) { 2053 status = nfserr_seq_misordered; 2054 goto out_free_conn; 2055 } 2056 } else if (unconf) { 2057 struct nfs4_client *old; 2058 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2059 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2060 status = nfserr_clid_inuse; 2061 goto out_free_conn; 2062 } 2063 status = nfserr_wrong_cred; 2064 if (!mach_creds_match(unconf, rqstp)) 2065 goto out_free_conn; 2066 cs_slot = &unconf->cl_cs_slot; 2067 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2068 if (status) { 2069 /* an unconfirmed replay returns misordered */ 2070 status = nfserr_seq_misordered; 2071 goto out_free_conn; 2072 } 2073 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2074 if (old) { 2075 status = mark_client_expired(old); 2076 if (status) 2077 goto out_free_conn; 2078 expire_client(old); 2079 } 2080 move_to_confirmed(unconf); 2081 conf = unconf; 2082 } else { 2083 status = nfserr_stale_clientid; 2084 goto out_free_conn; 2085 } 2086 status = nfs_ok; 2087 /* 2088 * We do not support RDMA or persistent sessions 2089 */ 2090 cr_ses->flags &= ~SESSION4_PERSIST; 2091 cr_ses->flags &= ~SESSION4_RDMA; 2092 2093 init_session(rqstp, new, conf, cr_ses); 2094 nfsd4_init_conn(rqstp, conn, new); 2095 2096 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2097 NFS4_MAX_SESSIONID_LEN); 2098 cs_slot->sl_seqid++; 2099 cr_ses->seqid = cs_slot->sl_seqid; 2100 2101 /* cache solo and embedded create sessions under the state lock */ 2102 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2103 nfs4_unlock_state(); 2104 return status; 2105 out_free_conn: 2106 nfs4_unlock_state(); 2107 free_conn(conn); 2108 out_free_session: 2109 __free_session(new); 2110 out_release_drc_mem: 2111 nfsd4_put_drc_mem(&cr_ses->fore_channel); 2112 return status; 2113 } 2114 2115 static __be32 nfsd4_map_bcts_dir(u32 *dir) 2116 { 2117 switch (*dir) { 2118 case NFS4_CDFC4_FORE: 2119 case NFS4_CDFC4_BACK: 2120 return nfs_ok; 2121 case NFS4_CDFC4_FORE_OR_BOTH: 2122 case NFS4_CDFC4_BACK_OR_BOTH: 2123 *dir = NFS4_CDFC4_BOTH; 2124 return nfs_ok; 2125 }; 2126 return nfserr_inval; 2127 } 2128 2129 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_backchannel_ctl *bc) 2130 { 2131 struct nfsd4_session *session = cstate->session; 2132 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2133 __be32 status; 2134 2135 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 2136 if (status) 2137 return status; 2138 spin_lock(&nn->client_lock); 2139 session->se_cb_prog = bc->bc_cb_program; 2140 session->se_cb_sec = bc->bc_cb_sec; 2141 spin_unlock(&nn->client_lock); 2142 2143 nfsd4_probe_callback(session->se_client); 2144 2145 return nfs_ok; 2146 } 2147 2148 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 2149 struct nfsd4_compound_state *cstate, 2150 struct nfsd4_bind_conn_to_session *bcts) 2151 { 2152 __be32 status; 2153 struct nfsd4_conn *conn; 2154 struct nfsd4_session *session; 2155 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2156 2157 if (!nfsd4_last_compound_op(rqstp)) 2158 return nfserr_not_only_op; 2159 nfs4_lock_state(); 2160 spin_lock(&nn->client_lock); 2161 session = find_in_sessionid_hashtbl(&bcts->sessionid, SVC_NET(rqstp)); 2162 spin_unlock(&nn->client_lock); 2163 status = nfserr_badsession; 2164 if (!session) 2165 goto out; 2166 status = nfserr_wrong_cred; 2167 if (!mach_creds_match(session->se_client, rqstp)) 2168 goto out; 2169 status = nfsd4_map_bcts_dir(&bcts->dir); 2170 if (status) 2171 goto out; 2172 conn = alloc_conn(rqstp, bcts->dir); 2173 status = nfserr_jukebox; 2174 if (!conn) 2175 goto out; 2176 nfsd4_init_conn(rqstp, conn, session); 2177 status = nfs_ok; 2178 out: 2179 nfs4_unlock_state(); 2180 return status; 2181 } 2182 2183 static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid) 2184 { 2185 if (!session) 2186 return 0; 2187 return !memcmp(sid, &session->se_sessionid, sizeof(*sid)); 2188 } 2189 2190 __be32 2191 nfsd4_destroy_session(struct svc_rqst *r, 2192 struct nfsd4_compound_state *cstate, 2193 struct nfsd4_destroy_session *sessionid) 2194 { 2195 struct nfsd4_session *ses; 2196 __be32 status; 2197 int ref_held_by_me = 0; 2198 struct nfsd_net *nn = net_generic(SVC_NET(r), nfsd_net_id); 2199 2200 nfs4_lock_state(); 2201 status = nfserr_not_only_op; 2202 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) { 2203 if (!nfsd4_last_compound_op(r)) 2204 goto out; 2205 ref_held_by_me++; 2206 } 2207 dump_sessionid(__func__, &sessionid->sessionid); 2208 spin_lock(&nn->client_lock); 2209 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, SVC_NET(r)); 2210 status = nfserr_badsession; 2211 if (!ses) 2212 goto out_client_lock; 2213 status = nfserr_wrong_cred; 2214 if (!mach_creds_match(ses->se_client, r)) 2215 goto out_client_lock; 2216 nfsd4_get_session_locked(ses); 2217 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 2218 if (status) 2219 goto out_put_session; 2220 unhash_session(ses); 2221 spin_unlock(&nn->client_lock); 2222 2223 nfsd4_probe_callback_sync(ses->se_client); 2224 2225 spin_lock(&nn->client_lock); 2226 status = nfs_ok; 2227 out_put_session: 2228 nfsd4_put_session(ses); 2229 out_client_lock: 2230 spin_unlock(&nn->client_lock); 2231 out: 2232 nfs4_unlock_state(); 2233 return status; 2234 } 2235 2236 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 2237 { 2238 struct nfsd4_conn *c; 2239 2240 list_for_each_entry(c, &s->se_conns, cn_persession) { 2241 if (c->cn_xprt == xpt) { 2242 return c; 2243 } 2244 } 2245 return NULL; 2246 } 2247 2248 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 2249 { 2250 struct nfs4_client *clp = ses->se_client; 2251 struct nfsd4_conn *c; 2252 __be32 status = nfs_ok; 2253 int ret; 2254 2255 spin_lock(&clp->cl_lock); 2256 c = __nfsd4_find_conn(new->cn_xprt, ses); 2257 if (c) 2258 goto out_free; 2259 status = nfserr_conn_not_bound_to_session; 2260 if (clp->cl_mach_cred) 2261 goto out_free; 2262 __nfsd4_hash_conn(new, ses); 2263 spin_unlock(&clp->cl_lock); 2264 ret = nfsd4_register_conn(new); 2265 if (ret) 2266 /* oops; xprt is already down: */ 2267 nfsd4_conn_lost(&new->cn_xpt_user); 2268 return nfs_ok; 2269 out_free: 2270 spin_unlock(&clp->cl_lock); 2271 free_conn(new); 2272 return status; 2273 } 2274 2275 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 2276 { 2277 struct nfsd4_compoundargs *args = rqstp->rq_argp; 2278 2279 return args->opcnt > session->se_fchannel.maxops; 2280 } 2281 2282 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 2283 struct nfsd4_session *session) 2284 { 2285 struct xdr_buf *xb = &rqstp->rq_arg; 2286 2287 return xb->len > session->se_fchannel.maxreq_sz; 2288 } 2289 2290 __be32 2291 nfsd4_sequence(struct svc_rqst *rqstp, 2292 struct nfsd4_compound_state *cstate, 2293 struct nfsd4_sequence *seq) 2294 { 2295 struct nfsd4_compoundres *resp = rqstp->rq_resp; 2296 struct xdr_stream *xdr = &resp->xdr; 2297 struct nfsd4_session *session; 2298 struct nfs4_client *clp; 2299 struct nfsd4_slot *slot; 2300 struct nfsd4_conn *conn; 2301 __be32 status; 2302 int buflen; 2303 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2304 2305 if (resp->opcnt != 1) 2306 return nfserr_sequence_pos; 2307 2308 /* 2309 * Will be either used or freed by nfsd4_sequence_check_conn 2310 * below. 2311 */ 2312 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 2313 if (!conn) 2314 return nfserr_jukebox; 2315 2316 spin_lock(&nn->client_lock); 2317 status = nfserr_badsession; 2318 session = find_in_sessionid_hashtbl(&seq->sessionid, SVC_NET(rqstp)); 2319 if (!session) 2320 goto out_no_session; 2321 clp = session->se_client; 2322 status = get_client_locked(clp); 2323 if (status) 2324 goto out_no_session; 2325 status = nfsd4_get_session_locked(session); 2326 if (status) 2327 goto out_put_client; 2328 2329 status = nfserr_too_many_ops; 2330 if (nfsd4_session_too_many_ops(rqstp, session)) 2331 goto out_put_session; 2332 2333 status = nfserr_req_too_big; 2334 if (nfsd4_request_too_big(rqstp, session)) 2335 goto out_put_session; 2336 2337 status = nfserr_badslot; 2338 if (seq->slotid >= session->se_fchannel.maxreqs) 2339 goto out_put_session; 2340 2341 slot = session->se_slots[seq->slotid]; 2342 dprintk("%s: slotid %d\n", __func__, seq->slotid); 2343 2344 /* We do not negotiate the number of slots yet, so set the 2345 * maxslots to the session maxreqs which is used to encode 2346 * sr_highest_slotid and the sr_target_slot id to maxslots */ 2347 seq->maxslots = session->se_fchannel.maxreqs; 2348 2349 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 2350 slot->sl_flags & NFSD4_SLOT_INUSE); 2351 if (status == nfserr_replay_cache) { 2352 status = nfserr_seq_misordered; 2353 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 2354 goto out_put_session; 2355 cstate->slot = slot; 2356 cstate->session = session; 2357 /* Return the cached reply status and set cstate->status 2358 * for nfsd4_proc_compound processing */ 2359 status = nfsd4_replay_cache_entry(resp, seq); 2360 cstate->status = nfserr_replay_cache; 2361 goto out; 2362 } 2363 if (status) 2364 goto out_put_session; 2365 2366 status = nfsd4_sequence_check_conn(conn, session); 2367 conn = NULL; 2368 if (status) 2369 goto out_put_session; 2370 2371 buflen = (seq->cachethis) ? 2372 session->se_fchannel.maxresp_cached : 2373 session->se_fchannel.maxresp_sz; 2374 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 2375 nfserr_rep_too_big; 2376 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 2377 goto out_put_session; 2378 svc_reserve(rqstp, buflen); 2379 2380 status = nfs_ok; 2381 /* Success! bump slot seqid */ 2382 slot->sl_seqid = seq->seqid; 2383 slot->sl_flags |= NFSD4_SLOT_INUSE; 2384 if (seq->cachethis) 2385 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 2386 else 2387 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 2388 2389 cstate->slot = slot; 2390 cstate->session = session; 2391 2392 out: 2393 switch (clp->cl_cb_state) { 2394 case NFSD4_CB_DOWN: 2395 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 2396 break; 2397 case NFSD4_CB_FAULT: 2398 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 2399 break; 2400 default: 2401 seq->status_flags = 0; 2402 } 2403 if (!list_empty(&clp->cl_revoked)) 2404 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 2405 out_no_session: 2406 if (conn) 2407 free_conn(conn); 2408 spin_unlock(&nn->client_lock); 2409 return status; 2410 out_put_session: 2411 nfsd4_put_session(session); 2412 out_put_client: 2413 put_client_renew_locked(clp); 2414 goto out_no_session; 2415 } 2416 2417 __be32 2418 nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc) 2419 { 2420 struct nfs4_client *conf, *unconf, *clp; 2421 __be32 status = 0; 2422 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2423 2424 nfs4_lock_state(); 2425 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 2426 conf = find_confirmed_client(&dc->clientid, true, nn); 2427 WARN_ON_ONCE(conf && unconf); 2428 2429 if (conf) { 2430 clp = conf; 2431 2432 if (client_has_state(conf)) { 2433 status = nfserr_clientid_busy; 2434 goto out; 2435 } 2436 } else if (unconf) 2437 clp = unconf; 2438 else { 2439 status = nfserr_stale_clientid; 2440 goto out; 2441 } 2442 if (!mach_creds_match(clp, rqstp)) { 2443 status = nfserr_wrong_cred; 2444 goto out; 2445 } 2446 expire_client(clp); 2447 out: 2448 nfs4_unlock_state(); 2449 return status; 2450 } 2451 2452 __be32 2453 nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc) 2454 { 2455 __be32 status = 0; 2456 2457 if (rc->rca_one_fs) { 2458 if (!cstate->current_fh.fh_dentry) 2459 return nfserr_nofilehandle; 2460 /* 2461 * We don't take advantage of the rca_one_fs case. 2462 * That's OK, it's optional, we can safely ignore it. 2463 */ 2464 return nfs_ok; 2465 } 2466 2467 nfs4_lock_state(); 2468 status = nfserr_complete_already; 2469 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 2470 &cstate->session->se_client->cl_flags)) 2471 goto out; 2472 2473 status = nfserr_stale_clientid; 2474 if (is_client_expired(cstate->session->se_client)) 2475 /* 2476 * The following error isn't really legal. 2477 * But we only get here if the client just explicitly 2478 * destroyed the client. Surely it no longer cares what 2479 * error it gets back on an operation for the dead 2480 * client. 2481 */ 2482 goto out; 2483 2484 status = nfs_ok; 2485 nfsd4_client_record_create(cstate->session->se_client); 2486 out: 2487 nfs4_unlock_state(); 2488 return status; 2489 } 2490 2491 __be32 2492 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 2493 struct nfsd4_setclientid *setclid) 2494 { 2495 struct xdr_netobj clname = setclid->se_name; 2496 nfs4_verifier clverifier = setclid->se_verf; 2497 struct nfs4_client *conf, *unconf, *new; 2498 __be32 status; 2499 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2500 2501 /* Cases below refer to rfc 3530 section 14.2.33: */ 2502 nfs4_lock_state(); 2503 conf = find_confirmed_client_by_name(&clname, nn); 2504 if (conf) { 2505 /* case 0: */ 2506 status = nfserr_clid_inuse; 2507 if (clp_used_exchangeid(conf)) 2508 goto out; 2509 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 2510 char addr_str[INET6_ADDRSTRLEN]; 2511 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 2512 sizeof(addr_str)); 2513 dprintk("NFSD: setclientid: string in use by client " 2514 "at %s\n", addr_str); 2515 goto out; 2516 } 2517 } 2518 unconf = find_unconfirmed_client_by_name(&clname, nn); 2519 if (unconf) 2520 expire_client(unconf); 2521 status = nfserr_jukebox; 2522 new = create_client(clname, rqstp, &clverifier); 2523 if (new == NULL) 2524 goto out; 2525 if (conf && same_verf(&conf->cl_verifier, &clverifier)) 2526 /* case 1: probable callback update */ 2527 copy_clid(new, conf); 2528 else /* case 4 (new client) or cases 2, 3 (client reboot): */ 2529 gen_clid(new, nn); 2530 new->cl_minorversion = 0; 2531 gen_callback(new, setclid, rqstp); 2532 add_to_unconfirmed(new); 2533 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 2534 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 2535 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 2536 status = nfs_ok; 2537 out: 2538 nfs4_unlock_state(); 2539 return status; 2540 } 2541 2542 2543 __be32 2544 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 2545 struct nfsd4_compound_state *cstate, 2546 struct nfsd4_setclientid_confirm *setclientid_confirm) 2547 { 2548 struct nfs4_client *conf, *unconf; 2549 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 2550 clientid_t * clid = &setclientid_confirm->sc_clientid; 2551 __be32 status; 2552 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2553 2554 if (STALE_CLIENTID(clid, nn)) 2555 return nfserr_stale_clientid; 2556 nfs4_lock_state(); 2557 2558 conf = find_confirmed_client(clid, false, nn); 2559 unconf = find_unconfirmed_client(clid, false, nn); 2560 /* 2561 * We try hard to give out unique clientid's, so if we get an 2562 * attempt to confirm the same clientid with a different cred, 2563 * there's a bug somewhere. Let's charitably assume it's our 2564 * bug. 2565 */ 2566 status = nfserr_serverfault; 2567 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 2568 goto out; 2569 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 2570 goto out; 2571 /* cases below refer to rfc 3530 section 14.2.34: */ 2572 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 2573 if (conf && !unconf) /* case 2: probable retransmit */ 2574 status = nfs_ok; 2575 else /* case 4: client hasn't noticed we rebooted yet? */ 2576 status = nfserr_stale_clientid; 2577 goto out; 2578 } 2579 status = nfs_ok; 2580 if (conf) { /* case 1: callback update */ 2581 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 2582 nfsd4_probe_callback(conf); 2583 expire_client(unconf); 2584 } else { /* case 3: normal case; new or rebooted client */ 2585 conf = find_confirmed_client_by_name(&unconf->cl_name, nn); 2586 if (conf) { 2587 status = mark_client_expired(conf); 2588 if (status) 2589 goto out; 2590 expire_client(conf); 2591 } 2592 move_to_confirmed(unconf); 2593 nfsd4_probe_callback(unconf); 2594 } 2595 out: 2596 nfs4_unlock_state(); 2597 return status; 2598 } 2599 2600 static struct nfs4_file *nfsd4_alloc_file(void) 2601 { 2602 return kmem_cache_alloc(file_slab, GFP_KERNEL); 2603 } 2604 2605 /* OPEN Share state helper functions */ 2606 static void nfsd4_init_file(struct nfs4_file *fp, struct inode *ino) 2607 { 2608 unsigned int hashval = file_hashval(ino); 2609 2610 atomic_set(&fp->fi_ref, 1); 2611 INIT_LIST_HEAD(&fp->fi_stateids); 2612 INIT_LIST_HEAD(&fp->fi_delegations); 2613 fp->fi_inode = igrab(ino); 2614 fp->fi_had_conflict = false; 2615 fp->fi_lease = NULL; 2616 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 2617 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 2618 spin_lock(&state_lock); 2619 hlist_add_head(&fp->fi_hash, &file_hashtbl[hashval]); 2620 spin_unlock(&state_lock); 2621 } 2622 2623 void 2624 nfsd4_free_slabs(void) 2625 { 2626 kmem_cache_destroy(openowner_slab); 2627 kmem_cache_destroy(lockowner_slab); 2628 kmem_cache_destroy(file_slab); 2629 kmem_cache_destroy(stateid_slab); 2630 kmem_cache_destroy(deleg_slab); 2631 } 2632 2633 int 2634 nfsd4_init_slabs(void) 2635 { 2636 openowner_slab = kmem_cache_create("nfsd4_openowners", 2637 sizeof(struct nfs4_openowner), 0, 0, NULL); 2638 if (openowner_slab == NULL) 2639 goto out; 2640 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 2641 sizeof(struct nfs4_lockowner), 0, 0, NULL); 2642 if (lockowner_slab == NULL) 2643 goto out_free_openowner_slab; 2644 file_slab = kmem_cache_create("nfsd4_files", 2645 sizeof(struct nfs4_file), 0, 0, NULL); 2646 if (file_slab == NULL) 2647 goto out_free_lockowner_slab; 2648 stateid_slab = kmem_cache_create("nfsd4_stateids", 2649 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 2650 if (stateid_slab == NULL) 2651 goto out_free_file_slab; 2652 deleg_slab = kmem_cache_create("nfsd4_delegations", 2653 sizeof(struct nfs4_delegation), 0, 0, NULL); 2654 if (deleg_slab == NULL) 2655 goto out_free_stateid_slab; 2656 return 0; 2657 2658 out_free_stateid_slab: 2659 kmem_cache_destroy(stateid_slab); 2660 out_free_file_slab: 2661 kmem_cache_destroy(file_slab); 2662 out_free_lockowner_slab: 2663 kmem_cache_destroy(lockowner_slab); 2664 out_free_openowner_slab: 2665 kmem_cache_destroy(openowner_slab); 2666 out: 2667 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 2668 return -ENOMEM; 2669 } 2670 2671 static void init_nfs4_replay(struct nfs4_replay *rp) 2672 { 2673 rp->rp_status = nfserr_serverfault; 2674 rp->rp_buflen = 0; 2675 rp->rp_buf = rp->rp_ibuf; 2676 } 2677 2678 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 2679 { 2680 struct nfs4_stateowner *sop; 2681 2682 sop = kmem_cache_alloc(slab, GFP_KERNEL); 2683 if (!sop) 2684 return NULL; 2685 2686 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL); 2687 if (!sop->so_owner.data) { 2688 kmem_cache_free(slab, sop); 2689 return NULL; 2690 } 2691 sop->so_owner.len = owner->len; 2692 2693 INIT_LIST_HEAD(&sop->so_stateids); 2694 sop->so_client = clp; 2695 init_nfs4_replay(&sop->so_replay); 2696 return sop; 2697 } 2698 2699 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 2700 { 2701 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2702 2703 list_add(&oo->oo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]); 2704 list_add(&oo->oo_perclient, &clp->cl_openowners); 2705 } 2706 2707 static struct nfs4_openowner * 2708 alloc_init_open_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfsd4_open *open) { 2709 struct nfs4_openowner *oo; 2710 2711 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 2712 if (!oo) 2713 return NULL; 2714 oo->oo_owner.so_is_open_owner = 1; 2715 oo->oo_owner.so_seqid = open->op_seqid; 2716 oo->oo_flags = NFS4_OO_NEW; 2717 oo->oo_time = 0; 2718 oo->oo_last_closed_stid = NULL; 2719 INIT_LIST_HEAD(&oo->oo_close_lru); 2720 hash_openowner(oo, clp, strhashval); 2721 return oo; 2722 } 2723 2724 static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) { 2725 struct nfs4_openowner *oo = open->op_openowner; 2726 2727 stp->st_stid.sc_type = NFS4_OPEN_STID; 2728 INIT_LIST_HEAD(&stp->st_lockowners); 2729 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 2730 list_add(&stp->st_perfile, &fp->fi_stateids); 2731 stp->st_stateowner = &oo->oo_owner; 2732 get_nfs4_file(fp); 2733 stp->st_file = fp; 2734 stp->st_access_bmap = 0; 2735 stp->st_deny_bmap = 0; 2736 set_access(open->op_share_access, stp); 2737 set_deny(open->op_share_deny, stp); 2738 stp->st_openstp = NULL; 2739 } 2740 2741 static void 2742 move_to_close_lru(struct nfs4_openowner *oo, struct net *net) 2743 { 2744 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2745 2746 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 2747 2748 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 2749 oo->oo_time = get_seconds(); 2750 } 2751 2752 static int 2753 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner, 2754 clientid_t *clid) 2755 { 2756 return (sop->so_owner.len == owner->len) && 2757 0 == memcmp(sop->so_owner.data, owner->data, owner->len) && 2758 (sop->so_client->cl_clientid.cl_id == clid->cl_id); 2759 } 2760 2761 static struct nfs4_openowner * 2762 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 2763 bool sessions, struct nfsd_net *nn) 2764 { 2765 struct nfs4_stateowner *so; 2766 struct nfs4_openowner *oo; 2767 struct nfs4_client *clp; 2768 2769 list_for_each_entry(so, &nn->ownerstr_hashtbl[hashval], so_strhash) { 2770 if (!so->so_is_open_owner) 2771 continue; 2772 if (same_owner_str(so, &open->op_owner, &open->op_clientid)) { 2773 oo = openowner(so); 2774 clp = oo->oo_owner.so_client; 2775 if ((bool)clp->cl_minorversion != sessions) 2776 return NULL; 2777 renew_client(oo->oo_owner.so_client); 2778 return oo; 2779 } 2780 } 2781 return NULL; 2782 } 2783 2784 /* search file_hashtbl[] for file */ 2785 static struct nfs4_file * 2786 find_file(struct inode *ino) 2787 { 2788 unsigned int hashval = file_hashval(ino); 2789 struct nfs4_file *fp; 2790 2791 spin_lock(&state_lock); 2792 hlist_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) { 2793 if (fp->fi_inode == ino) { 2794 get_nfs4_file(fp); 2795 spin_unlock(&state_lock); 2796 return fp; 2797 } 2798 } 2799 spin_unlock(&state_lock); 2800 return NULL; 2801 } 2802 2803 /* 2804 * Called to check deny when READ with all zero stateid or 2805 * WRITE with all zero or all one stateid 2806 */ 2807 static __be32 2808 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 2809 { 2810 struct inode *ino = current_fh->fh_dentry->d_inode; 2811 struct nfs4_file *fp; 2812 struct nfs4_ol_stateid *stp; 2813 __be32 ret; 2814 2815 fp = find_file(ino); 2816 if (!fp) 2817 return nfs_ok; 2818 ret = nfserr_locked; 2819 /* Search for conflicting share reservations */ 2820 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) { 2821 if (test_deny(deny_type, stp) || 2822 test_deny(NFS4_SHARE_DENY_BOTH, stp)) 2823 goto out; 2824 } 2825 ret = nfs_ok; 2826 out: 2827 put_nfs4_file(fp); 2828 return ret; 2829 } 2830 2831 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 2832 { 2833 struct nfs4_client *clp = dp->dl_stid.sc_client; 2834 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2835 2836 lockdep_assert_held(&state_lock); 2837 /* We're assuming the state code never drops its reference 2838 * without first removing the lease. Since we're in this lease 2839 * callback (and since the lease code is serialized by the kernel 2840 * lock) we know the server hasn't removed the lease yet, we know 2841 * it's safe to take a reference: */ 2842 atomic_inc(&dp->dl_count); 2843 2844 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 2845 2846 /* Only place dl_time is set; protected by i_lock: */ 2847 dp->dl_time = get_seconds(); 2848 2849 block_delegations(&dp->dl_fh); 2850 2851 nfsd4_cb_recall(dp); 2852 } 2853 2854 /* Called from break_lease() with i_lock held. */ 2855 static void nfsd_break_deleg_cb(struct file_lock *fl) 2856 { 2857 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner; 2858 struct nfs4_delegation *dp; 2859 2860 if (!fp) { 2861 WARN(1, "(%p)->fl_owner NULL\n", fl); 2862 return; 2863 } 2864 if (fp->fi_had_conflict) { 2865 WARN(1, "duplicate break on %p\n", fp); 2866 return; 2867 } 2868 /* 2869 * We don't want the locks code to timeout the lease for us; 2870 * we'll remove it ourself if a delegation isn't returned 2871 * in time: 2872 */ 2873 fl->fl_break_time = 0; 2874 2875 spin_lock(&state_lock); 2876 fp->fi_had_conflict = true; 2877 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile) 2878 nfsd_break_one_deleg(dp); 2879 spin_unlock(&state_lock); 2880 } 2881 2882 static 2883 int nfsd_change_deleg_cb(struct file_lock **onlist, int arg) 2884 { 2885 if (arg & F_UNLCK) 2886 return lease_modify(onlist, arg); 2887 else 2888 return -EAGAIN; 2889 } 2890 2891 static const struct lock_manager_operations nfsd_lease_mng_ops = { 2892 .lm_break = nfsd_break_deleg_cb, 2893 .lm_change = nfsd_change_deleg_cb, 2894 }; 2895 2896 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 2897 { 2898 if (nfsd4_has_session(cstate)) 2899 return nfs_ok; 2900 if (seqid == so->so_seqid - 1) 2901 return nfserr_replay_me; 2902 if (seqid == so->so_seqid) 2903 return nfs_ok; 2904 return nfserr_bad_seqid; 2905 } 2906 2907 __be32 2908 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 2909 struct nfsd4_open *open, struct nfsd_net *nn) 2910 { 2911 clientid_t *clientid = &open->op_clientid; 2912 struct nfs4_client *clp = NULL; 2913 unsigned int strhashval; 2914 struct nfs4_openowner *oo = NULL; 2915 __be32 status; 2916 2917 if (STALE_CLIENTID(&open->op_clientid, nn)) 2918 return nfserr_stale_clientid; 2919 /* 2920 * In case we need it later, after we've already created the 2921 * file and don't want to risk a further failure: 2922 */ 2923 open->op_file = nfsd4_alloc_file(); 2924 if (open->op_file == NULL) 2925 return nfserr_jukebox; 2926 2927 strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner); 2928 oo = find_openstateowner_str(strhashval, open, cstate->minorversion, nn); 2929 open->op_openowner = oo; 2930 if (!oo) { 2931 clp = find_confirmed_client(clientid, cstate->minorversion, 2932 nn); 2933 if (clp == NULL) 2934 return nfserr_expired; 2935 goto new_owner; 2936 } 2937 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 2938 /* Replace unconfirmed owners without checking for replay. */ 2939 clp = oo->oo_owner.so_client; 2940 release_openowner(oo); 2941 open->op_openowner = NULL; 2942 goto new_owner; 2943 } 2944 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 2945 if (status) 2946 return status; 2947 clp = oo->oo_owner.so_client; 2948 goto alloc_stateid; 2949 new_owner: 2950 oo = alloc_init_open_stateowner(strhashval, clp, open); 2951 if (oo == NULL) 2952 return nfserr_jukebox; 2953 open->op_openowner = oo; 2954 alloc_stateid: 2955 open->op_stp = nfs4_alloc_stateid(clp); 2956 if (!open->op_stp) 2957 return nfserr_jukebox; 2958 return nfs_ok; 2959 } 2960 2961 static inline __be32 2962 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 2963 { 2964 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 2965 return nfserr_openmode; 2966 else 2967 return nfs_ok; 2968 } 2969 2970 static int share_access_to_flags(u32 share_access) 2971 { 2972 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 2973 } 2974 2975 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 2976 { 2977 struct nfs4_stid *ret; 2978 2979 ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID); 2980 if (!ret) 2981 return NULL; 2982 return delegstateid(ret); 2983 } 2984 2985 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 2986 { 2987 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 2988 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 2989 } 2990 2991 static __be32 2992 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 2993 struct nfs4_delegation **dp) 2994 { 2995 int flags; 2996 __be32 status = nfserr_bad_stateid; 2997 2998 *dp = find_deleg_stateid(cl, &open->op_delegate_stateid); 2999 if (*dp == NULL) 3000 goto out; 3001 flags = share_access_to_flags(open->op_share_access); 3002 status = nfs4_check_delegmode(*dp, flags); 3003 if (status) 3004 *dp = NULL; 3005 out: 3006 if (!nfsd4_is_deleg_cur(open)) 3007 return nfs_ok; 3008 if (status) 3009 return status; 3010 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 3011 return nfs_ok; 3012 } 3013 3014 static __be32 3015 nfs4_check_open(struct nfs4_file *fp, struct nfsd4_open *open, struct nfs4_ol_stateid **stpp) 3016 { 3017 struct nfs4_ol_stateid *local; 3018 struct nfs4_openowner *oo = open->op_openowner; 3019 3020 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3021 /* ignore lock owners */ 3022 if (local->st_stateowner->so_is_open_owner == 0) 3023 continue; 3024 /* remember if we have seen this open owner */ 3025 if (local->st_stateowner == &oo->oo_owner) 3026 *stpp = local; 3027 /* check for conflicting share reservations */ 3028 if (!test_share(local, open)) 3029 return nfserr_share_denied; 3030 } 3031 return nfs_ok; 3032 } 3033 3034 static inline int nfs4_access_to_access(u32 nfs4_access) 3035 { 3036 int flags = 0; 3037 3038 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 3039 flags |= NFSD_MAY_READ; 3040 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 3041 flags |= NFSD_MAY_WRITE; 3042 return flags; 3043 } 3044 3045 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 3046 struct svc_fh *cur_fh, struct nfsd4_open *open) 3047 { 3048 __be32 status; 3049 int oflag = nfs4_access_to_omode(open->op_share_access); 3050 int access = nfs4_access_to_access(open->op_share_access); 3051 3052 if (!fp->fi_fds[oflag]) { 3053 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, 3054 &fp->fi_fds[oflag]); 3055 if (status) 3056 return status; 3057 } 3058 nfs4_file_get_access(fp, oflag); 3059 3060 return nfs_ok; 3061 } 3062 3063 static inline __be32 3064 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 3065 struct nfsd4_open *open) 3066 { 3067 struct iattr iattr = { 3068 .ia_valid = ATTR_SIZE, 3069 .ia_size = 0, 3070 }; 3071 if (!open->op_truncate) 3072 return 0; 3073 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 3074 return nfserr_inval; 3075 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 3076 } 3077 3078 static __be32 3079 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 3080 { 3081 u32 op_share_access = open->op_share_access; 3082 bool new_access; 3083 __be32 status; 3084 3085 new_access = !test_access(op_share_access, stp); 3086 if (new_access) { 3087 status = nfs4_get_vfs_file(rqstp, fp, cur_fh, open); 3088 if (status) 3089 return status; 3090 } 3091 status = nfsd4_truncate(rqstp, cur_fh, open); 3092 if (status) { 3093 if (new_access) { 3094 int oflag = nfs4_access_to_omode(op_share_access); 3095 nfs4_file_put_access(fp, oflag); 3096 } 3097 return status; 3098 } 3099 /* remember the open */ 3100 set_access(op_share_access, stp); 3101 set_deny(open->op_share_deny, stp); 3102 3103 return nfs_ok; 3104 } 3105 3106 3107 static void 3108 nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session) 3109 { 3110 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 3111 } 3112 3113 /* Should we give out recallable state?: */ 3114 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 3115 { 3116 if (clp->cl_cb_state == NFSD4_CB_UP) 3117 return true; 3118 /* 3119 * In the sessions case, since we don't have to establish a 3120 * separate connection for callbacks, we assume it's OK 3121 * until we hear otherwise: 3122 */ 3123 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 3124 } 3125 3126 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, int flag) 3127 { 3128 struct file_lock *fl; 3129 3130 fl = locks_alloc_lock(); 3131 if (!fl) 3132 return NULL; 3133 locks_init_lock(fl); 3134 fl->fl_lmops = &nfsd_lease_mng_ops; 3135 fl->fl_flags = FL_DELEG; 3136 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 3137 fl->fl_end = OFFSET_MAX; 3138 fl->fl_owner = (fl_owner_t)(dp->dl_file); 3139 fl->fl_pid = current->tgid; 3140 return fl; 3141 } 3142 3143 static int nfs4_setlease(struct nfs4_delegation *dp) 3144 { 3145 struct nfs4_file *fp = dp->dl_file; 3146 struct file_lock *fl; 3147 int status; 3148 3149 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 3150 if (!fl) 3151 return -ENOMEM; 3152 fl->fl_file = find_readable_file(fp); 3153 status = vfs_setlease(fl->fl_file, fl->fl_type, &fl); 3154 if (status) 3155 goto out_free; 3156 fp->fi_lease = fl; 3157 fp->fi_deleg_file = get_file(fl->fl_file); 3158 atomic_set(&fp->fi_delegees, 1); 3159 spin_lock(&state_lock); 3160 hash_delegation_locked(dp, fp); 3161 spin_unlock(&state_lock); 3162 return 0; 3163 out_free: 3164 locks_free_lock(fl); 3165 return status; 3166 } 3167 3168 static int nfs4_set_delegation(struct nfs4_delegation *dp, struct nfs4_file *fp) 3169 { 3170 if (fp->fi_had_conflict) 3171 return -EAGAIN; 3172 get_nfs4_file(fp); 3173 dp->dl_file = fp; 3174 if (!fp->fi_lease) 3175 return nfs4_setlease(dp); 3176 spin_lock(&state_lock); 3177 atomic_inc(&fp->fi_delegees); 3178 if (fp->fi_had_conflict) { 3179 spin_unlock(&state_lock); 3180 return -EAGAIN; 3181 } 3182 hash_delegation_locked(dp, fp); 3183 spin_unlock(&state_lock); 3184 return 0; 3185 } 3186 3187 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 3188 { 3189 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 3190 if (status == -EAGAIN) 3191 open->op_why_no_deleg = WND4_CONTENTION; 3192 else { 3193 open->op_why_no_deleg = WND4_RESOURCE; 3194 switch (open->op_deleg_want) { 3195 case NFS4_SHARE_WANT_READ_DELEG: 3196 case NFS4_SHARE_WANT_WRITE_DELEG: 3197 case NFS4_SHARE_WANT_ANY_DELEG: 3198 break; 3199 case NFS4_SHARE_WANT_CANCEL: 3200 open->op_why_no_deleg = WND4_CANCELLED; 3201 break; 3202 case NFS4_SHARE_WANT_NO_DELEG: 3203 WARN_ON_ONCE(1); 3204 } 3205 } 3206 } 3207 3208 /* 3209 * Attempt to hand out a delegation. 3210 * 3211 * Note we don't support write delegations, and won't until the vfs has 3212 * proper support for them. 3213 */ 3214 static void 3215 nfs4_open_delegation(struct net *net, struct svc_fh *fh, 3216 struct nfsd4_open *open, struct nfs4_ol_stateid *stp) 3217 { 3218 struct nfs4_delegation *dp; 3219 struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner); 3220 int cb_up; 3221 int status = 0; 3222 3223 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 3224 open->op_recall = 0; 3225 switch (open->op_claim_type) { 3226 case NFS4_OPEN_CLAIM_PREVIOUS: 3227 if (!cb_up) 3228 open->op_recall = 1; 3229 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 3230 goto out_no_deleg; 3231 break; 3232 case NFS4_OPEN_CLAIM_NULL: 3233 case NFS4_OPEN_CLAIM_FH: 3234 /* 3235 * Let's not give out any delegations till everyone's 3236 * had the chance to reclaim theirs.... 3237 */ 3238 if (locks_in_grace(net)) 3239 goto out_no_deleg; 3240 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 3241 goto out_no_deleg; 3242 /* 3243 * Also, if the file was opened for write or 3244 * create, there's a good chance the client's 3245 * about to write to it, resulting in an 3246 * immediate recall (since we don't support 3247 * write delegations): 3248 */ 3249 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 3250 goto out_no_deleg; 3251 if (open->op_create == NFS4_OPEN_CREATE) 3252 goto out_no_deleg; 3253 break; 3254 default: 3255 goto out_no_deleg; 3256 } 3257 dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh); 3258 if (dp == NULL) 3259 goto out_no_deleg; 3260 status = nfs4_set_delegation(dp, stp->st_file); 3261 if (status) 3262 goto out_free; 3263 3264 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 3265 3266 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 3267 STATEID_VAL(&dp->dl_stid.sc_stateid)); 3268 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 3269 return; 3270 out_free: 3271 destroy_delegation(dp); 3272 out_no_deleg: 3273 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 3274 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 3275 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 3276 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 3277 open->op_recall = 1; 3278 } 3279 3280 /* 4.1 client asking for a delegation? */ 3281 if (open->op_deleg_want) 3282 nfsd4_open_deleg_none_ext(open, status); 3283 return; 3284 } 3285 3286 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 3287 struct nfs4_delegation *dp) 3288 { 3289 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 3290 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 3291 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 3292 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 3293 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 3294 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 3295 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 3296 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 3297 } 3298 /* Otherwise the client must be confused wanting a delegation 3299 * it already has, therefore we don't return 3300 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 3301 */ 3302 } 3303 3304 /* 3305 * called with nfs4_lock_state() held. 3306 */ 3307 __be32 3308 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 3309 { 3310 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3311 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 3312 struct nfs4_file *fp = NULL; 3313 struct inode *ino = current_fh->fh_dentry->d_inode; 3314 struct nfs4_ol_stateid *stp = NULL; 3315 struct nfs4_delegation *dp = NULL; 3316 __be32 status; 3317 3318 /* 3319 * Lookup file; if found, lookup stateid and check open request, 3320 * and check for delegations in the process of being recalled. 3321 * If not found, create the nfs4_file struct 3322 */ 3323 fp = find_file(ino); 3324 if (fp) { 3325 if ((status = nfs4_check_open(fp, open, &stp))) 3326 goto out; 3327 status = nfs4_check_deleg(cl, open, &dp); 3328 if (status) 3329 goto out; 3330 } else { 3331 status = nfserr_bad_stateid; 3332 if (nfsd4_is_deleg_cur(open)) 3333 goto out; 3334 status = nfserr_jukebox; 3335 fp = open->op_file; 3336 open->op_file = NULL; 3337 nfsd4_init_file(fp, ino); 3338 } 3339 3340 /* 3341 * OPEN the file, or upgrade an existing OPEN. 3342 * If truncate fails, the OPEN fails. 3343 */ 3344 if (stp) { 3345 /* Stateid was found, this is an OPEN upgrade */ 3346 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 3347 if (status) 3348 goto out; 3349 } else { 3350 status = nfs4_get_vfs_file(rqstp, fp, current_fh, open); 3351 if (status) 3352 goto out; 3353 status = nfsd4_truncate(rqstp, current_fh, open); 3354 if (status) 3355 goto out; 3356 stp = open->op_stp; 3357 open->op_stp = NULL; 3358 init_open_stateid(stp, fp, open); 3359 } 3360 update_stateid(&stp->st_stid.sc_stateid); 3361 memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 3362 3363 if (nfsd4_has_session(&resp->cstate)) { 3364 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 3365 3366 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 3367 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 3368 open->op_why_no_deleg = WND4_NOT_WANTED; 3369 goto nodeleg; 3370 } 3371 } 3372 3373 /* 3374 * Attempt to hand out a delegation. No error return, because the 3375 * OPEN succeeds even if we fail. 3376 */ 3377 nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp); 3378 nodeleg: 3379 status = nfs_ok; 3380 3381 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 3382 STATEID_VAL(&stp->st_stid.sc_stateid)); 3383 out: 3384 /* 4.1 client trying to upgrade/downgrade delegation? */ 3385 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 3386 open->op_deleg_want) 3387 nfsd4_deleg_xgrade_none_ext(open, dp); 3388 3389 if (fp) 3390 put_nfs4_file(fp); 3391 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 3392 nfs4_set_claim_prev(open, nfsd4_has_session(&resp->cstate)); 3393 /* 3394 * To finish the open response, we just need to set the rflags. 3395 */ 3396 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 3397 if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) && 3398 !nfsd4_has_session(&resp->cstate)) 3399 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 3400 3401 return status; 3402 } 3403 3404 void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status) 3405 { 3406 if (open->op_openowner) { 3407 struct nfs4_openowner *oo = open->op_openowner; 3408 3409 if (!list_empty(&oo->oo_owner.so_stateids)) 3410 list_del_init(&oo->oo_close_lru); 3411 if (oo->oo_flags & NFS4_OO_NEW) { 3412 if (status) { 3413 release_openowner(oo); 3414 open->op_openowner = NULL; 3415 } else 3416 oo->oo_flags &= ~NFS4_OO_NEW; 3417 } 3418 } 3419 if (open->op_file) 3420 nfsd4_free_file(open->op_file); 3421 if (open->op_stp) 3422 free_generic_stateid(open->op_stp); 3423 } 3424 3425 static __be32 lookup_clientid(clientid_t *clid, bool session, struct nfsd_net *nn, struct nfs4_client **clp) 3426 { 3427 struct nfs4_client *found; 3428 3429 if (STALE_CLIENTID(clid, nn)) 3430 return nfserr_stale_clientid; 3431 found = find_confirmed_client(clid, session, nn); 3432 if (clp) 3433 *clp = found; 3434 return found ? nfs_ok : nfserr_expired; 3435 } 3436 3437 __be32 3438 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3439 clientid_t *clid) 3440 { 3441 struct nfs4_client *clp; 3442 __be32 status; 3443 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3444 3445 nfs4_lock_state(); 3446 dprintk("process_renew(%08x/%08x): starting\n", 3447 clid->cl_boot, clid->cl_id); 3448 status = lookup_clientid(clid, cstate->minorversion, nn, &clp); 3449 if (status) 3450 goto out; 3451 status = nfserr_cb_path_down; 3452 if (!list_empty(&clp->cl_delegations) 3453 && clp->cl_cb_state != NFSD4_CB_UP) 3454 goto out; 3455 status = nfs_ok; 3456 out: 3457 nfs4_unlock_state(); 3458 return status; 3459 } 3460 3461 static void 3462 nfsd4_end_grace(struct nfsd_net *nn) 3463 { 3464 /* do nothing if grace period already ended */ 3465 if (nn->grace_ended) 3466 return; 3467 3468 dprintk("NFSD: end of grace period\n"); 3469 nn->grace_ended = true; 3470 nfsd4_record_grace_done(nn, nn->boot_time); 3471 locks_end_grace(&nn->nfsd4_manager); 3472 /* 3473 * Now that every NFSv4 client has had the chance to recover and 3474 * to see the (possibly new, possibly shorter) lease time, we 3475 * can safely set the next grace time to the current lease time: 3476 */ 3477 nn->nfsd4_grace = nn->nfsd4_lease; 3478 } 3479 3480 static time_t 3481 nfs4_laundromat(struct nfsd_net *nn) 3482 { 3483 struct nfs4_client *clp; 3484 struct nfs4_openowner *oo; 3485 struct nfs4_delegation *dp; 3486 struct list_head *pos, *next, reaplist; 3487 time_t cutoff = get_seconds() - nn->nfsd4_lease; 3488 time_t t, new_timeo = nn->nfsd4_lease; 3489 3490 nfs4_lock_state(); 3491 3492 dprintk("NFSD: laundromat service - starting\n"); 3493 nfsd4_end_grace(nn); 3494 INIT_LIST_HEAD(&reaplist); 3495 spin_lock(&nn->client_lock); 3496 list_for_each_safe(pos, next, &nn->client_lru) { 3497 clp = list_entry(pos, struct nfs4_client, cl_lru); 3498 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) { 3499 t = clp->cl_time - cutoff; 3500 new_timeo = min(new_timeo, t); 3501 break; 3502 } 3503 if (mark_client_expired_locked(clp)) { 3504 dprintk("NFSD: client in use (clientid %08x)\n", 3505 clp->cl_clientid.cl_id); 3506 continue; 3507 } 3508 list_move(&clp->cl_lru, &reaplist); 3509 } 3510 spin_unlock(&nn->client_lock); 3511 list_for_each_safe(pos, next, &reaplist) { 3512 clp = list_entry(pos, struct nfs4_client, cl_lru); 3513 dprintk("NFSD: purging unused client (clientid %08x)\n", 3514 clp->cl_clientid.cl_id); 3515 expire_client(clp); 3516 } 3517 spin_lock(&state_lock); 3518 list_for_each_safe(pos, next, &nn->del_recall_lru) { 3519 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 3520 if (net_generic(dp->dl_stid.sc_client->net, nfsd_net_id) != nn) 3521 continue; 3522 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) { 3523 t = dp->dl_time - cutoff; 3524 new_timeo = min(new_timeo, t); 3525 break; 3526 } 3527 list_move(&dp->dl_recall_lru, &reaplist); 3528 } 3529 spin_unlock(&state_lock); 3530 list_for_each_safe(pos, next, &reaplist) { 3531 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 3532 revoke_delegation(dp); 3533 } 3534 list_for_each_safe(pos, next, &nn->close_lru) { 3535 oo = container_of(pos, struct nfs4_openowner, oo_close_lru); 3536 if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) { 3537 t = oo->oo_time - cutoff; 3538 new_timeo = min(new_timeo, t); 3539 break; 3540 } 3541 release_openowner(oo); 3542 } 3543 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 3544 nfs4_unlock_state(); 3545 return new_timeo; 3546 } 3547 3548 static struct workqueue_struct *laundry_wq; 3549 static void laundromat_main(struct work_struct *); 3550 3551 static void 3552 laundromat_main(struct work_struct *laundry) 3553 { 3554 time_t t; 3555 struct delayed_work *dwork = container_of(laundry, struct delayed_work, 3556 work); 3557 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 3558 laundromat_work); 3559 3560 t = nfs4_laundromat(nn); 3561 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t); 3562 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 3563 } 3564 3565 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp) 3566 { 3567 if (fhp->fh_dentry->d_inode != stp->st_file->fi_inode) 3568 return nfserr_bad_stateid; 3569 return nfs_ok; 3570 } 3571 3572 static inline int 3573 access_permit_read(struct nfs4_ol_stateid *stp) 3574 { 3575 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 3576 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 3577 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 3578 } 3579 3580 static inline int 3581 access_permit_write(struct nfs4_ol_stateid *stp) 3582 { 3583 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 3584 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 3585 } 3586 3587 static 3588 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 3589 { 3590 __be32 status = nfserr_openmode; 3591 3592 /* For lock stateid's, we test the parent open, not the lock: */ 3593 if (stp->st_openstp) 3594 stp = stp->st_openstp; 3595 if ((flags & WR_STATE) && !access_permit_write(stp)) 3596 goto out; 3597 if ((flags & RD_STATE) && !access_permit_read(stp)) 3598 goto out; 3599 status = nfs_ok; 3600 out: 3601 return status; 3602 } 3603 3604 static inline __be32 3605 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 3606 { 3607 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 3608 return nfs_ok; 3609 else if (locks_in_grace(net)) { 3610 /* Answer in remaining cases depends on existence of 3611 * conflicting state; so we must wait out the grace period. */ 3612 return nfserr_grace; 3613 } else if (flags & WR_STATE) 3614 return nfs4_share_conflict(current_fh, 3615 NFS4_SHARE_DENY_WRITE); 3616 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 3617 return nfs4_share_conflict(current_fh, 3618 NFS4_SHARE_DENY_READ); 3619 } 3620 3621 /* 3622 * Allow READ/WRITE during grace period on recovered state only for files 3623 * that are not able to provide mandatory locking. 3624 */ 3625 static inline int 3626 grace_disallows_io(struct net *net, struct inode *inode) 3627 { 3628 return locks_in_grace(net) && mandatory_lock(inode); 3629 } 3630 3631 /* Returns true iff a is later than b: */ 3632 static bool stateid_generation_after(stateid_t *a, stateid_t *b) 3633 { 3634 return (s32)(a->si_generation - b->si_generation) > 0; 3635 } 3636 3637 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 3638 { 3639 /* 3640 * When sessions are used the stateid generation number is ignored 3641 * when it is zero. 3642 */ 3643 if (has_session && in->si_generation == 0) 3644 return nfs_ok; 3645 3646 if (in->si_generation == ref->si_generation) 3647 return nfs_ok; 3648 3649 /* If the client sends us a stateid from the future, it's buggy: */ 3650 if (stateid_generation_after(in, ref)) 3651 return nfserr_bad_stateid; 3652 /* 3653 * However, we could see a stateid from the past, even from a 3654 * non-buggy client. For example, if the client sends a lock 3655 * while some IO is outstanding, the lock may bump si_generation 3656 * while the IO is still in flight. The client could avoid that 3657 * situation by waiting for responses on all the IO requests, 3658 * but better performance may result in retrying IO that 3659 * receives an old_stateid error if requests are rarely 3660 * reordered in flight: 3661 */ 3662 return nfserr_old_stateid; 3663 } 3664 3665 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 3666 { 3667 struct nfs4_stid *s; 3668 struct nfs4_ol_stateid *ols; 3669 __be32 status; 3670 3671 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 3672 return nfserr_bad_stateid; 3673 /* Client debugging aid. */ 3674 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 3675 char addr_str[INET6_ADDRSTRLEN]; 3676 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str, 3677 sizeof(addr_str)); 3678 pr_warn_ratelimited("NFSD: client %s testing state ID " 3679 "with incorrect client ID\n", addr_str); 3680 return nfserr_bad_stateid; 3681 } 3682 s = find_stateid(cl, stateid); 3683 if (!s) 3684 return nfserr_bad_stateid; 3685 status = check_stateid_generation(stateid, &s->sc_stateid, 1); 3686 if (status) 3687 return status; 3688 switch (s->sc_type) { 3689 case NFS4_DELEG_STID: 3690 return nfs_ok; 3691 case NFS4_REVOKED_DELEG_STID: 3692 return nfserr_deleg_revoked; 3693 case NFS4_OPEN_STID: 3694 case NFS4_LOCK_STID: 3695 ols = openlockstateid(s); 3696 if (ols->st_stateowner->so_is_open_owner 3697 && !(openowner(ols->st_stateowner)->oo_flags 3698 & NFS4_OO_CONFIRMED)) 3699 return nfserr_bad_stateid; 3700 return nfs_ok; 3701 default: 3702 printk("unknown stateid type %x\n", s->sc_type); 3703 case NFS4_CLOSED_STID: 3704 return nfserr_bad_stateid; 3705 } 3706 } 3707 3708 static __be32 nfsd4_lookup_stateid(stateid_t *stateid, unsigned char typemask, 3709 struct nfs4_stid **s, bool sessions, 3710 struct nfsd_net *nn) 3711 { 3712 struct nfs4_client *cl; 3713 __be32 status; 3714 3715 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 3716 return nfserr_bad_stateid; 3717 status = lookup_clientid(&stateid->si_opaque.so_clid, sessions, 3718 nn, &cl); 3719 if (status == nfserr_stale_clientid) { 3720 if (sessions) 3721 return nfserr_bad_stateid; 3722 return nfserr_stale_stateid; 3723 } 3724 if (status) 3725 return status; 3726 *s = find_stateid_by_type(cl, stateid, typemask); 3727 if (!*s) 3728 return nfserr_bad_stateid; 3729 return nfs_ok; 3730 } 3731 3732 /* 3733 * Checks for stateid operations 3734 */ 3735 __be32 3736 nfs4_preprocess_stateid_op(struct net *net, struct nfsd4_compound_state *cstate, 3737 stateid_t *stateid, int flags, struct file **filpp) 3738 { 3739 struct nfs4_stid *s; 3740 struct nfs4_ol_stateid *stp = NULL; 3741 struct nfs4_delegation *dp = NULL; 3742 struct svc_fh *current_fh = &cstate->current_fh; 3743 struct inode *ino = current_fh->fh_dentry->d_inode; 3744 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3745 struct file *file = NULL; 3746 __be32 status; 3747 3748 if (filpp) 3749 *filpp = NULL; 3750 3751 if (grace_disallows_io(net, ino)) 3752 return nfserr_grace; 3753 3754 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 3755 return check_special_stateids(net, current_fh, stateid, flags); 3756 3757 nfs4_lock_state(); 3758 3759 status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 3760 &s, cstate->minorversion, nn); 3761 if (status) 3762 goto out; 3763 status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate)); 3764 if (status) 3765 goto out; 3766 switch (s->sc_type) { 3767 case NFS4_DELEG_STID: 3768 dp = delegstateid(s); 3769 status = nfs4_check_delegmode(dp, flags); 3770 if (status) 3771 goto out; 3772 if (filpp) { 3773 file = dp->dl_file->fi_deleg_file; 3774 if (!file) { 3775 WARN_ON_ONCE(1); 3776 status = nfserr_serverfault; 3777 goto out; 3778 } 3779 } 3780 break; 3781 case NFS4_OPEN_STID: 3782 case NFS4_LOCK_STID: 3783 stp = openlockstateid(s); 3784 status = nfs4_check_fh(current_fh, stp); 3785 if (status) 3786 goto out; 3787 if (stp->st_stateowner->so_is_open_owner 3788 && !(openowner(stp->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 3789 goto out; 3790 status = nfs4_check_openmode(stp, flags); 3791 if (status) 3792 goto out; 3793 if (filpp) { 3794 if (flags & RD_STATE) 3795 file = find_readable_file(stp->st_file); 3796 else 3797 file = find_writeable_file(stp->st_file); 3798 } 3799 break; 3800 default: 3801 status = nfserr_bad_stateid; 3802 goto out; 3803 } 3804 status = nfs_ok; 3805 if (file) 3806 *filpp = get_file(file); 3807 out: 3808 nfs4_unlock_state(); 3809 return status; 3810 } 3811 3812 static __be32 3813 nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp) 3814 { 3815 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 3816 3817 if (check_for_locks(stp->st_file, lo)) 3818 return nfserr_locks_held; 3819 /* 3820 * Currently there's a 1-1 lock stateid<->lockowner 3821 * correspondance, and we have to delete the lockowner when we 3822 * delete the lock stateid: 3823 */ 3824 release_lockowner(lo); 3825 return nfs_ok; 3826 } 3827 3828 /* 3829 * Test if the stateid is valid 3830 */ 3831 __be32 3832 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3833 struct nfsd4_test_stateid *test_stateid) 3834 { 3835 struct nfsd4_test_stateid_id *stateid; 3836 struct nfs4_client *cl = cstate->session->se_client; 3837 3838 nfs4_lock_state(); 3839 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 3840 stateid->ts_id_status = 3841 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 3842 nfs4_unlock_state(); 3843 3844 return nfs_ok; 3845 } 3846 3847 __be32 3848 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3849 struct nfsd4_free_stateid *free_stateid) 3850 { 3851 stateid_t *stateid = &free_stateid->fr_stateid; 3852 struct nfs4_stid *s; 3853 struct nfs4_delegation *dp; 3854 struct nfs4_client *cl = cstate->session->se_client; 3855 __be32 ret = nfserr_bad_stateid; 3856 3857 nfs4_lock_state(); 3858 s = find_stateid(cl, stateid); 3859 if (!s) 3860 goto out; 3861 switch (s->sc_type) { 3862 case NFS4_DELEG_STID: 3863 ret = nfserr_locks_held; 3864 goto out; 3865 case NFS4_OPEN_STID: 3866 case NFS4_LOCK_STID: 3867 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 3868 if (ret) 3869 goto out; 3870 if (s->sc_type == NFS4_LOCK_STID) 3871 ret = nfsd4_free_lock_stateid(openlockstateid(s)); 3872 else 3873 ret = nfserr_locks_held; 3874 break; 3875 case NFS4_REVOKED_DELEG_STID: 3876 dp = delegstateid(s); 3877 destroy_revoked_delegation(dp); 3878 ret = nfs_ok; 3879 break; 3880 default: 3881 ret = nfserr_bad_stateid; 3882 } 3883 out: 3884 nfs4_unlock_state(); 3885 return ret; 3886 } 3887 3888 static inline int 3889 setlkflg (int type) 3890 { 3891 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 3892 RD_STATE : WR_STATE; 3893 } 3894 3895 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 3896 { 3897 struct svc_fh *current_fh = &cstate->current_fh; 3898 struct nfs4_stateowner *sop = stp->st_stateowner; 3899 __be32 status; 3900 3901 status = nfsd4_check_seqid(cstate, sop, seqid); 3902 if (status) 3903 return status; 3904 if (stp->st_stid.sc_type == NFS4_CLOSED_STID 3905 || stp->st_stid.sc_type == NFS4_REVOKED_DELEG_STID) 3906 /* 3907 * "Closed" stateid's exist *only* to return 3908 * nfserr_replay_me from the previous step, and 3909 * revoked delegations are kept only for free_stateid. 3910 */ 3911 return nfserr_bad_stateid; 3912 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 3913 if (status) 3914 return status; 3915 return nfs4_check_fh(current_fh, stp); 3916 } 3917 3918 /* 3919 * Checks for sequence id mutating operations. 3920 */ 3921 static __be32 3922 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 3923 stateid_t *stateid, char typemask, 3924 struct nfs4_ol_stateid **stpp, 3925 struct nfsd_net *nn) 3926 { 3927 __be32 status; 3928 struct nfs4_stid *s; 3929 3930 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 3931 seqid, STATEID_VAL(stateid)); 3932 3933 *stpp = NULL; 3934 status = nfsd4_lookup_stateid(stateid, typemask, &s, 3935 cstate->minorversion, nn); 3936 if (status) 3937 return status; 3938 *stpp = openlockstateid(s); 3939 if (!nfsd4_has_session(cstate)) 3940 cstate->replay_owner = (*stpp)->st_stateowner; 3941 3942 return nfs4_seqid_op_checks(cstate, stateid, seqid, *stpp); 3943 } 3944 3945 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 3946 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 3947 { 3948 __be32 status; 3949 struct nfs4_openowner *oo; 3950 3951 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 3952 NFS4_OPEN_STID, stpp, nn); 3953 if (status) 3954 return status; 3955 oo = openowner((*stpp)->st_stateowner); 3956 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) 3957 return nfserr_bad_stateid; 3958 return nfs_ok; 3959 } 3960 3961 __be32 3962 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3963 struct nfsd4_open_confirm *oc) 3964 { 3965 __be32 status; 3966 struct nfs4_openowner *oo; 3967 struct nfs4_ol_stateid *stp; 3968 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3969 3970 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 3971 cstate->current_fh.fh_dentry); 3972 3973 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 3974 if (status) 3975 return status; 3976 3977 nfs4_lock_state(); 3978 3979 status = nfs4_preprocess_seqid_op(cstate, 3980 oc->oc_seqid, &oc->oc_req_stateid, 3981 NFS4_OPEN_STID, &stp, nn); 3982 if (status) 3983 goto out; 3984 oo = openowner(stp->st_stateowner); 3985 status = nfserr_bad_stateid; 3986 if (oo->oo_flags & NFS4_OO_CONFIRMED) 3987 goto out; 3988 oo->oo_flags |= NFS4_OO_CONFIRMED; 3989 update_stateid(&stp->st_stid.sc_stateid); 3990 memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 3991 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 3992 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 3993 3994 nfsd4_client_record_create(oo->oo_owner.so_client); 3995 status = nfs_ok; 3996 out: 3997 nfsd4_bump_seqid(cstate, status); 3998 if (!cstate->replay_owner) 3999 nfs4_unlock_state(); 4000 return status; 4001 } 4002 4003 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 4004 { 4005 if (!test_access(access, stp)) 4006 return; 4007 nfs4_file_put_access(stp->st_file, nfs4_access_to_omode(access)); 4008 clear_access(access, stp); 4009 } 4010 4011 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 4012 { 4013 switch (to_access) { 4014 case NFS4_SHARE_ACCESS_READ: 4015 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 4016 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 4017 break; 4018 case NFS4_SHARE_ACCESS_WRITE: 4019 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 4020 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 4021 break; 4022 case NFS4_SHARE_ACCESS_BOTH: 4023 break; 4024 default: 4025 WARN_ON_ONCE(1); 4026 } 4027 } 4028 4029 static void 4030 reset_union_bmap_deny(unsigned long deny, struct nfs4_ol_stateid *stp) 4031 { 4032 int i; 4033 for (i = 0; i < 4; i++) { 4034 if ((i & deny) != i) 4035 clear_deny(i, stp); 4036 } 4037 } 4038 4039 __be32 4040 nfsd4_open_downgrade(struct svc_rqst *rqstp, 4041 struct nfsd4_compound_state *cstate, 4042 struct nfsd4_open_downgrade *od) 4043 { 4044 __be32 status; 4045 struct nfs4_ol_stateid *stp; 4046 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4047 4048 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 4049 cstate->current_fh.fh_dentry); 4050 4051 /* We don't yet support WANT bits: */ 4052 if (od->od_deleg_want) 4053 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 4054 od->od_deleg_want); 4055 4056 nfs4_lock_state(); 4057 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 4058 &od->od_stateid, &stp, nn); 4059 if (status) 4060 goto out; 4061 status = nfserr_inval; 4062 if (!test_access(od->od_share_access, stp)) { 4063 dprintk("NFSD: access not a subset current bitmap: 0x%lx, input access=%08x\n", 4064 stp->st_access_bmap, od->od_share_access); 4065 goto out; 4066 } 4067 if (!test_deny(od->od_share_deny, stp)) { 4068 dprintk("NFSD:deny not a subset current bitmap: 0x%lx, input deny=%08x\n", 4069 stp->st_deny_bmap, od->od_share_deny); 4070 goto out; 4071 } 4072 nfs4_stateid_downgrade(stp, od->od_share_access); 4073 4074 reset_union_bmap_deny(od->od_share_deny, stp); 4075 4076 update_stateid(&stp->st_stid.sc_stateid); 4077 memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 4078 status = nfs_ok; 4079 out: 4080 nfsd4_bump_seqid(cstate, status); 4081 if (!cstate->replay_owner) 4082 nfs4_unlock_state(); 4083 return status; 4084 } 4085 4086 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 4087 { 4088 unhash_open_stateid(s); 4089 s->st_stid.sc_type = NFS4_CLOSED_STID; 4090 } 4091 4092 /* 4093 * nfs4_unlock_state() called after encode 4094 */ 4095 __be32 4096 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4097 struct nfsd4_close *close) 4098 { 4099 __be32 status; 4100 struct nfs4_openowner *oo; 4101 struct nfs4_ol_stateid *stp; 4102 struct net *net = SVC_NET(rqstp); 4103 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4104 4105 dprintk("NFSD: nfsd4_close on file %pd\n", 4106 cstate->current_fh.fh_dentry); 4107 4108 nfs4_lock_state(); 4109 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 4110 &close->cl_stateid, 4111 NFS4_OPEN_STID|NFS4_CLOSED_STID, 4112 &stp, nn); 4113 nfsd4_bump_seqid(cstate, status); 4114 if (status) 4115 goto out; 4116 oo = openowner(stp->st_stateowner); 4117 update_stateid(&stp->st_stid.sc_stateid); 4118 memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 4119 4120 nfsd4_close_open_stateid(stp); 4121 4122 if (cstate->minorversion) 4123 free_generic_stateid(stp); 4124 else 4125 oo->oo_last_closed_stid = stp; 4126 4127 if (list_empty(&oo->oo_owner.so_stateids)) { 4128 if (cstate->minorversion) 4129 release_openowner(oo); 4130 else { 4131 /* 4132 * In the 4.0 case we need to keep the owners around a 4133 * little while to handle CLOSE replay. 4134 */ 4135 move_to_close_lru(oo, SVC_NET(rqstp)); 4136 } 4137 } 4138 out: 4139 if (!cstate->replay_owner) 4140 nfs4_unlock_state(); 4141 return status; 4142 } 4143 4144 __be32 4145 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4146 struct nfsd4_delegreturn *dr) 4147 { 4148 struct nfs4_delegation *dp; 4149 stateid_t *stateid = &dr->dr_stateid; 4150 struct nfs4_stid *s; 4151 __be32 status; 4152 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4153 4154 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 4155 return status; 4156 4157 nfs4_lock_state(); 4158 status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID, &s, 4159 cstate->minorversion, nn); 4160 if (status) 4161 goto out; 4162 dp = delegstateid(s); 4163 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate)); 4164 if (status) 4165 goto out; 4166 4167 destroy_delegation(dp); 4168 out: 4169 nfs4_unlock_state(); 4170 4171 return status; 4172 } 4173 4174 4175 #define LOFF_OVERFLOW(start, len) ((u64)(len) > ~(u64)(start)) 4176 4177 #define LOCKOWNER_INO_HASH_MASK (LOCKOWNER_INO_HASH_SIZE - 1) 4178 4179 static inline u64 4180 end_offset(u64 start, u64 len) 4181 { 4182 u64 end; 4183 4184 end = start + len; 4185 return end >= start ? end: NFS4_MAX_UINT64; 4186 } 4187 4188 /* last octet in a range */ 4189 static inline u64 4190 last_byte_offset(u64 start, u64 len) 4191 { 4192 u64 end; 4193 4194 WARN_ON_ONCE(!len); 4195 end = start + len; 4196 return end > start ? end - 1: NFS4_MAX_UINT64; 4197 } 4198 4199 static unsigned int lockowner_ino_hashval(struct inode *inode, u32 cl_id, struct xdr_netobj *ownername) 4200 { 4201 return (file_hashval(inode) + cl_id 4202 + opaque_hashval(ownername->data, ownername->len)) 4203 & LOCKOWNER_INO_HASH_MASK; 4204 } 4205 4206 /* 4207 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 4208 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 4209 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 4210 * locking, this prevents us from being completely protocol-compliant. The 4211 * real solution to this problem is to start using unsigned file offsets in 4212 * the VFS, but this is a very deep change! 4213 */ 4214 static inline void 4215 nfs4_transform_lock_offset(struct file_lock *lock) 4216 { 4217 if (lock->fl_start < 0) 4218 lock->fl_start = OFFSET_MAX; 4219 if (lock->fl_end < 0) 4220 lock->fl_end = OFFSET_MAX; 4221 } 4222 4223 /* Hack!: For now, we're defining this just so we can use a pointer to it 4224 * as a unique cookie to identify our (NFSv4's) posix locks. */ 4225 static const struct lock_manager_operations nfsd_posix_mng_ops = { 4226 }; 4227 4228 static inline void 4229 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 4230 { 4231 struct nfs4_lockowner *lo; 4232 4233 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 4234 lo = (struct nfs4_lockowner *) fl->fl_owner; 4235 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data, 4236 lo->lo_owner.so_owner.len, GFP_KERNEL); 4237 if (!deny->ld_owner.data) 4238 /* We just don't care that much */ 4239 goto nevermind; 4240 deny->ld_owner.len = lo->lo_owner.so_owner.len; 4241 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 4242 } else { 4243 nevermind: 4244 deny->ld_owner.len = 0; 4245 deny->ld_owner.data = NULL; 4246 deny->ld_clientid.cl_boot = 0; 4247 deny->ld_clientid.cl_id = 0; 4248 } 4249 deny->ld_start = fl->fl_start; 4250 deny->ld_length = NFS4_MAX_UINT64; 4251 if (fl->fl_end != NFS4_MAX_UINT64) 4252 deny->ld_length = fl->fl_end - fl->fl_start + 1; 4253 deny->ld_type = NFS4_READ_LT; 4254 if (fl->fl_type != F_RDLCK) 4255 deny->ld_type = NFS4_WRITE_LT; 4256 } 4257 4258 static bool same_lockowner_ino(struct nfs4_lockowner *lo, struct inode *inode, clientid_t *clid, struct xdr_netobj *owner) 4259 { 4260 struct nfs4_ol_stateid *lst; 4261 4262 if (!same_owner_str(&lo->lo_owner, owner, clid)) 4263 return false; 4264 if (list_empty(&lo->lo_owner.so_stateids)) { 4265 WARN_ON_ONCE(1); 4266 return false; 4267 } 4268 lst = list_first_entry(&lo->lo_owner.so_stateids, 4269 struct nfs4_ol_stateid, st_perstateowner); 4270 return lst->st_file->fi_inode == inode; 4271 } 4272 4273 static struct nfs4_lockowner * 4274 find_lockowner_str(struct inode *inode, clientid_t *clid, 4275 struct xdr_netobj *owner, struct nfsd_net *nn) 4276 { 4277 unsigned int hashval = lockowner_ino_hashval(inode, clid->cl_id, owner); 4278 struct nfs4_lockowner *lo; 4279 4280 list_for_each_entry(lo, &nn->lockowner_ino_hashtbl[hashval], lo_owner_ino_hash) { 4281 if (same_lockowner_ino(lo, inode, clid, owner)) 4282 return lo; 4283 } 4284 return NULL; 4285 } 4286 4287 static void hash_lockowner(struct nfs4_lockowner *lo, unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp) 4288 { 4289 struct inode *inode = open_stp->st_file->fi_inode; 4290 unsigned int inohash = lockowner_ino_hashval(inode, 4291 clp->cl_clientid.cl_id, &lo->lo_owner.so_owner); 4292 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 4293 4294 list_add(&lo->lo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]); 4295 list_add(&lo->lo_owner_ino_hash, &nn->lockowner_ino_hashtbl[inohash]); 4296 list_add(&lo->lo_perstateid, &open_stp->st_lockowners); 4297 } 4298 4299 /* 4300 * Alloc a lock owner structure. 4301 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 4302 * occurred. 4303 * 4304 * strhashval = ownerstr_hashval 4305 */ 4306 4307 static struct nfs4_lockowner * 4308 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) { 4309 struct nfs4_lockowner *lo; 4310 4311 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 4312 if (!lo) 4313 return NULL; 4314 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 4315 lo->lo_owner.so_is_open_owner = 0; 4316 /* It is the openowner seqid that will be incremented in encode in the 4317 * case of new lockowners; so increment the lock seqid manually: */ 4318 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1; 4319 hash_lockowner(lo, strhashval, clp, open_stp); 4320 return lo; 4321 } 4322 4323 static struct nfs4_ol_stateid * 4324 alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp, struct nfs4_ol_stateid *open_stp) 4325 { 4326 struct nfs4_ol_stateid *stp; 4327 struct nfs4_client *clp = lo->lo_owner.so_client; 4328 4329 stp = nfs4_alloc_stateid(clp); 4330 if (stp == NULL) 4331 return NULL; 4332 stp->st_stid.sc_type = NFS4_LOCK_STID; 4333 list_add(&stp->st_perfile, &fp->fi_stateids); 4334 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 4335 stp->st_stateowner = &lo->lo_owner; 4336 get_nfs4_file(fp); 4337 stp->st_file = fp; 4338 stp->st_access_bmap = 0; 4339 stp->st_deny_bmap = open_stp->st_deny_bmap; 4340 stp->st_openstp = open_stp; 4341 return stp; 4342 } 4343 4344 static int 4345 check_lock_length(u64 offset, u64 length) 4346 { 4347 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 4348 LOFF_OVERFLOW(offset, length))); 4349 } 4350 4351 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 4352 { 4353 struct nfs4_file *fp = lock_stp->st_file; 4354 int oflag = nfs4_access_to_omode(access); 4355 4356 if (test_access(access, lock_stp)) 4357 return; 4358 nfs4_file_get_access(fp, oflag); 4359 set_access(access, lock_stp); 4360 } 4361 4362 static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new) 4363 { 4364 struct nfs4_file *fi = ost->st_file; 4365 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 4366 struct nfs4_client *cl = oo->oo_owner.so_client; 4367 struct nfs4_lockowner *lo; 4368 unsigned int strhashval; 4369 struct nfsd_net *nn = net_generic(cl->net, nfsd_net_id); 4370 4371 lo = find_lockowner_str(fi->fi_inode, &cl->cl_clientid, 4372 &lock->v.new.owner, nn); 4373 if (lo) { 4374 if (!cstate->minorversion) 4375 return nfserr_bad_seqid; 4376 /* XXX: a lockowner always has exactly one stateid: */ 4377 *lst = list_first_entry(&lo->lo_owner.so_stateids, 4378 struct nfs4_ol_stateid, st_perstateowner); 4379 return nfs_ok; 4380 } 4381 strhashval = ownerstr_hashval(cl->cl_clientid.cl_id, 4382 &lock->v.new.owner); 4383 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 4384 if (lo == NULL) 4385 return nfserr_jukebox; 4386 *lst = alloc_init_lock_stateid(lo, fi, ost); 4387 if (*lst == NULL) { 4388 release_lockowner(lo); 4389 return nfserr_jukebox; 4390 } 4391 *new = true; 4392 return nfs_ok; 4393 } 4394 4395 /* 4396 * LOCK operation 4397 */ 4398 __be32 4399 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4400 struct nfsd4_lock *lock) 4401 { 4402 struct nfs4_openowner *open_sop = NULL; 4403 struct nfs4_lockowner *lock_sop = NULL; 4404 struct nfs4_ol_stateid *lock_stp; 4405 struct file *filp = NULL; 4406 struct file_lock *file_lock = NULL; 4407 struct file_lock *conflock = NULL; 4408 __be32 status = 0; 4409 bool new_state = false; 4410 int lkflg; 4411 int err; 4412 struct net *net = SVC_NET(rqstp); 4413 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4414 4415 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 4416 (long long) lock->lk_offset, 4417 (long long) lock->lk_length); 4418 4419 if (check_lock_length(lock->lk_offset, lock->lk_length)) 4420 return nfserr_inval; 4421 4422 if ((status = fh_verify(rqstp, &cstate->current_fh, 4423 S_IFREG, NFSD_MAY_LOCK))) { 4424 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 4425 return status; 4426 } 4427 4428 nfs4_lock_state(); 4429 4430 if (lock->lk_is_new) { 4431 struct nfs4_ol_stateid *open_stp = NULL; 4432 4433 if (nfsd4_has_session(cstate)) 4434 /* See rfc 5661 18.10.3: given clientid is ignored: */ 4435 memcpy(&lock->v.new.clientid, 4436 &cstate->session->se_client->cl_clientid, 4437 sizeof(clientid_t)); 4438 4439 status = nfserr_stale_clientid; 4440 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 4441 goto out; 4442 4443 /* validate and update open stateid and open seqid */ 4444 status = nfs4_preprocess_confirmed_seqid_op(cstate, 4445 lock->lk_new_open_seqid, 4446 &lock->lk_new_open_stateid, 4447 &open_stp, nn); 4448 if (status) 4449 goto out; 4450 open_sop = openowner(open_stp->st_stateowner); 4451 status = nfserr_bad_stateid; 4452 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 4453 &lock->v.new.clientid)) 4454 goto out; 4455 status = lookup_or_create_lock_state(cstate, open_stp, lock, 4456 &lock_stp, &new_state); 4457 } else 4458 status = nfs4_preprocess_seqid_op(cstate, 4459 lock->lk_old_lock_seqid, 4460 &lock->lk_old_lock_stateid, 4461 NFS4_LOCK_STID, &lock_stp, nn); 4462 if (status) 4463 goto out; 4464 lock_sop = lockowner(lock_stp->st_stateowner); 4465 4466 lkflg = setlkflg(lock->lk_type); 4467 status = nfs4_check_openmode(lock_stp, lkflg); 4468 if (status) 4469 goto out; 4470 4471 status = nfserr_grace; 4472 if (locks_in_grace(net) && !lock->lk_reclaim) 4473 goto out; 4474 status = nfserr_no_grace; 4475 if (!locks_in_grace(net) && lock->lk_reclaim) 4476 goto out; 4477 4478 file_lock = locks_alloc_lock(); 4479 if (!file_lock) { 4480 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 4481 status = nfserr_jukebox; 4482 goto out; 4483 } 4484 4485 locks_init_lock(file_lock); 4486 switch (lock->lk_type) { 4487 case NFS4_READ_LT: 4488 case NFS4_READW_LT: 4489 filp = find_readable_file(lock_stp->st_file); 4490 if (filp) 4491 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 4492 file_lock->fl_type = F_RDLCK; 4493 break; 4494 case NFS4_WRITE_LT: 4495 case NFS4_WRITEW_LT: 4496 filp = find_writeable_file(lock_stp->st_file); 4497 if (filp) 4498 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 4499 file_lock->fl_type = F_WRLCK; 4500 break; 4501 default: 4502 status = nfserr_inval; 4503 goto out; 4504 } 4505 if (!filp) { 4506 status = nfserr_openmode; 4507 goto out; 4508 } 4509 file_lock->fl_owner = (fl_owner_t)lock_sop; 4510 file_lock->fl_pid = current->tgid; 4511 file_lock->fl_file = filp; 4512 file_lock->fl_flags = FL_POSIX; 4513 file_lock->fl_lmops = &nfsd_posix_mng_ops; 4514 file_lock->fl_start = lock->lk_offset; 4515 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 4516 nfs4_transform_lock_offset(file_lock); 4517 4518 conflock = locks_alloc_lock(); 4519 if (!conflock) { 4520 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 4521 status = nfserr_jukebox; 4522 goto out; 4523 } 4524 4525 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock); 4526 switch (-err) { 4527 case 0: /* success! */ 4528 update_stateid(&lock_stp->st_stid.sc_stateid); 4529 memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid, 4530 sizeof(stateid_t)); 4531 status = 0; 4532 break; 4533 case (EAGAIN): /* conflock holds conflicting lock */ 4534 status = nfserr_denied; 4535 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 4536 nfs4_set_lock_denied(conflock, &lock->lk_denied); 4537 break; 4538 case (EDEADLK): 4539 status = nfserr_deadlock; 4540 break; 4541 default: 4542 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 4543 status = nfserrno(err); 4544 break; 4545 } 4546 out: 4547 if (status && new_state) 4548 release_lockowner(lock_sop); 4549 nfsd4_bump_seqid(cstate, status); 4550 if (!cstate->replay_owner) 4551 nfs4_unlock_state(); 4552 if (file_lock) 4553 locks_free_lock(file_lock); 4554 if (conflock) 4555 locks_free_lock(conflock); 4556 return status; 4557 } 4558 4559 /* 4560 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 4561 * so we do a temporary open here just to get an open file to pass to 4562 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 4563 * inode operation.) 4564 */ 4565 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 4566 { 4567 struct file *file; 4568 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 4569 if (!err) { 4570 err = nfserrno(vfs_test_lock(file, lock)); 4571 nfsd_close(file); 4572 } 4573 return err; 4574 } 4575 4576 /* 4577 * LOCKT operation 4578 */ 4579 __be32 4580 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4581 struct nfsd4_lockt *lockt) 4582 { 4583 struct inode *inode; 4584 struct file_lock *file_lock = NULL; 4585 struct nfs4_lockowner *lo; 4586 __be32 status; 4587 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4588 4589 if (locks_in_grace(SVC_NET(rqstp))) 4590 return nfserr_grace; 4591 4592 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 4593 return nfserr_inval; 4594 4595 nfs4_lock_state(); 4596 4597 if (!nfsd4_has_session(cstate)) { 4598 status = lookup_clientid(&lockt->lt_clientid, false, nn, NULL); 4599 if (status) 4600 goto out; 4601 } 4602 4603 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 4604 goto out; 4605 4606 inode = cstate->current_fh.fh_dentry->d_inode; 4607 file_lock = locks_alloc_lock(); 4608 if (!file_lock) { 4609 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 4610 status = nfserr_jukebox; 4611 goto out; 4612 } 4613 locks_init_lock(file_lock); 4614 switch (lockt->lt_type) { 4615 case NFS4_READ_LT: 4616 case NFS4_READW_LT: 4617 file_lock->fl_type = F_RDLCK; 4618 break; 4619 case NFS4_WRITE_LT: 4620 case NFS4_WRITEW_LT: 4621 file_lock->fl_type = F_WRLCK; 4622 break; 4623 default: 4624 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 4625 status = nfserr_inval; 4626 goto out; 4627 } 4628 4629 lo = find_lockowner_str(inode, &lockt->lt_clientid, &lockt->lt_owner, nn); 4630 if (lo) 4631 file_lock->fl_owner = (fl_owner_t)lo; 4632 file_lock->fl_pid = current->tgid; 4633 file_lock->fl_flags = FL_POSIX; 4634 4635 file_lock->fl_start = lockt->lt_offset; 4636 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 4637 4638 nfs4_transform_lock_offset(file_lock); 4639 4640 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 4641 if (status) 4642 goto out; 4643 4644 if (file_lock->fl_type != F_UNLCK) { 4645 status = nfserr_denied; 4646 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 4647 } 4648 out: 4649 nfs4_unlock_state(); 4650 if (file_lock) 4651 locks_free_lock(file_lock); 4652 return status; 4653 } 4654 4655 __be32 4656 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4657 struct nfsd4_locku *locku) 4658 { 4659 struct nfs4_ol_stateid *stp; 4660 struct file *filp = NULL; 4661 struct file_lock *file_lock = NULL; 4662 __be32 status; 4663 int err; 4664 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4665 4666 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 4667 (long long) locku->lu_offset, 4668 (long long) locku->lu_length); 4669 4670 if (check_lock_length(locku->lu_offset, locku->lu_length)) 4671 return nfserr_inval; 4672 4673 nfs4_lock_state(); 4674 4675 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 4676 &locku->lu_stateid, NFS4_LOCK_STID, 4677 &stp, nn); 4678 if (status) 4679 goto out; 4680 filp = find_any_file(stp->st_file); 4681 if (!filp) { 4682 status = nfserr_lock_range; 4683 goto out; 4684 } 4685 file_lock = locks_alloc_lock(); 4686 if (!file_lock) { 4687 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 4688 status = nfserr_jukebox; 4689 goto out; 4690 } 4691 locks_init_lock(file_lock); 4692 file_lock->fl_type = F_UNLCK; 4693 file_lock->fl_owner = (fl_owner_t)lockowner(stp->st_stateowner); 4694 file_lock->fl_pid = current->tgid; 4695 file_lock->fl_file = filp; 4696 file_lock->fl_flags = FL_POSIX; 4697 file_lock->fl_lmops = &nfsd_posix_mng_ops; 4698 file_lock->fl_start = locku->lu_offset; 4699 4700 file_lock->fl_end = last_byte_offset(locku->lu_offset, 4701 locku->lu_length); 4702 nfs4_transform_lock_offset(file_lock); 4703 4704 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL); 4705 if (err) { 4706 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 4707 goto out_nfserr; 4708 } 4709 update_stateid(&stp->st_stid.sc_stateid); 4710 memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 4711 4712 out: 4713 nfsd4_bump_seqid(cstate, status); 4714 if (!cstate->replay_owner) 4715 nfs4_unlock_state(); 4716 if (file_lock) 4717 locks_free_lock(file_lock); 4718 return status; 4719 4720 out_nfserr: 4721 status = nfserrno(err); 4722 goto out; 4723 } 4724 4725 /* 4726 * returns 4727 * 1: locks held by lockowner 4728 * 0: no locks held by lockowner 4729 */ 4730 static int 4731 check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner) 4732 { 4733 struct file_lock **flpp; 4734 struct inode *inode = filp->fi_inode; 4735 int status = 0; 4736 4737 spin_lock(&inode->i_lock); 4738 for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) { 4739 if ((*flpp)->fl_owner == (fl_owner_t)lowner) { 4740 status = 1; 4741 goto out; 4742 } 4743 } 4744 out: 4745 spin_unlock(&inode->i_lock); 4746 return status; 4747 } 4748 4749 __be32 4750 nfsd4_release_lockowner(struct svc_rqst *rqstp, 4751 struct nfsd4_compound_state *cstate, 4752 struct nfsd4_release_lockowner *rlockowner) 4753 { 4754 clientid_t *clid = &rlockowner->rl_clientid; 4755 struct nfs4_stateowner *sop; 4756 struct nfs4_lockowner *lo; 4757 struct nfs4_ol_stateid *stp; 4758 struct xdr_netobj *owner = &rlockowner->rl_owner; 4759 struct list_head matches; 4760 unsigned int hashval = ownerstr_hashval(clid->cl_id, owner); 4761 __be32 status; 4762 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4763 4764 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 4765 clid->cl_boot, clid->cl_id); 4766 4767 nfs4_lock_state(); 4768 4769 status = lookup_clientid(clid, cstate->minorversion, nn, NULL); 4770 if (status) 4771 goto out; 4772 4773 status = nfserr_locks_held; 4774 INIT_LIST_HEAD(&matches); 4775 4776 list_for_each_entry(sop, &nn->ownerstr_hashtbl[hashval], so_strhash) { 4777 if (sop->so_is_open_owner) 4778 continue; 4779 if (!same_owner_str(sop, owner, clid)) 4780 continue; 4781 list_for_each_entry(stp, &sop->so_stateids, 4782 st_perstateowner) { 4783 lo = lockowner(sop); 4784 if (check_for_locks(stp->st_file, lo)) 4785 goto out; 4786 list_add(&lo->lo_list, &matches); 4787 } 4788 } 4789 /* Clients probably won't expect us to return with some (but not all) 4790 * of the lockowner state released; so don't release any until all 4791 * have been checked. */ 4792 status = nfs_ok; 4793 while (!list_empty(&matches)) { 4794 lo = list_entry(matches.next, struct nfs4_lockowner, 4795 lo_list); 4796 /* unhash_stateowner deletes so_perclient only 4797 * for openowners. */ 4798 list_del(&lo->lo_list); 4799 release_lockowner(lo); 4800 } 4801 out: 4802 nfs4_unlock_state(); 4803 return status; 4804 } 4805 4806 static inline struct nfs4_client_reclaim * 4807 alloc_reclaim(void) 4808 { 4809 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 4810 } 4811 4812 bool 4813 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn) 4814 { 4815 struct nfs4_client_reclaim *crp; 4816 4817 crp = nfsd4_find_reclaim_client(name, nn); 4818 return (crp && crp->cr_clp); 4819 } 4820 4821 /* 4822 * failure => all reset bets are off, nfserr_no_grace... 4823 */ 4824 struct nfs4_client_reclaim * 4825 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn) 4826 { 4827 unsigned int strhashval; 4828 struct nfs4_client_reclaim *crp; 4829 4830 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name); 4831 crp = alloc_reclaim(); 4832 if (crp) { 4833 strhashval = clientstr_hashval(name); 4834 INIT_LIST_HEAD(&crp->cr_strhash); 4835 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 4836 memcpy(crp->cr_recdir, name, HEXDIR_LEN); 4837 crp->cr_clp = NULL; 4838 nn->reclaim_str_hashtbl_size++; 4839 } 4840 return crp; 4841 } 4842 4843 void 4844 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 4845 { 4846 list_del(&crp->cr_strhash); 4847 kfree(crp); 4848 nn->reclaim_str_hashtbl_size--; 4849 } 4850 4851 void 4852 nfs4_release_reclaim(struct nfsd_net *nn) 4853 { 4854 struct nfs4_client_reclaim *crp = NULL; 4855 int i; 4856 4857 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 4858 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 4859 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 4860 struct nfs4_client_reclaim, cr_strhash); 4861 nfs4_remove_reclaim_record(crp, nn); 4862 } 4863 } 4864 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 4865 } 4866 4867 /* 4868 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 4869 struct nfs4_client_reclaim * 4870 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn) 4871 { 4872 unsigned int strhashval; 4873 struct nfs4_client_reclaim *crp = NULL; 4874 4875 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir); 4876 4877 strhashval = clientstr_hashval(recdir); 4878 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 4879 if (same_name(crp->cr_recdir, recdir)) { 4880 return crp; 4881 } 4882 } 4883 return NULL; 4884 } 4885 4886 /* 4887 * Called from OPEN. Look for clientid in reclaim list. 4888 */ 4889 __be32 4890 nfs4_check_open_reclaim(clientid_t *clid, bool sessions, struct nfsd_net *nn) 4891 { 4892 struct nfs4_client *clp; 4893 4894 /* find clientid in conf_id_hashtbl */ 4895 clp = find_confirmed_client(clid, sessions, nn); 4896 if (clp == NULL) 4897 return nfserr_reclaim_bad; 4898 4899 return nfsd4_client_record_check(clp) ? nfserr_reclaim_bad : nfs_ok; 4900 } 4901 4902 #ifdef CONFIG_NFSD_FAULT_INJECTION 4903 4904 u64 nfsd_forget_client(struct nfs4_client *clp, u64 max) 4905 { 4906 if (mark_client_expired(clp)) 4907 return 0; 4908 expire_client(clp); 4909 return 1; 4910 } 4911 4912 u64 nfsd_print_client(struct nfs4_client *clp, u64 num) 4913 { 4914 char buf[INET6_ADDRSTRLEN]; 4915 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 4916 printk(KERN_INFO "NFS Client: %s\n", buf); 4917 return 1; 4918 } 4919 4920 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 4921 const char *type) 4922 { 4923 char buf[INET6_ADDRSTRLEN]; 4924 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 4925 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 4926 } 4927 4928 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_lockowner *)) 4929 { 4930 struct nfs4_openowner *oop; 4931 struct nfs4_lockowner *lop, *lo_next; 4932 struct nfs4_ol_stateid *stp, *st_next; 4933 u64 count = 0; 4934 4935 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 4936 list_for_each_entry_safe(stp, st_next, &oop->oo_owner.so_stateids, st_perstateowner) { 4937 list_for_each_entry_safe(lop, lo_next, &stp->st_lockowners, lo_perstateid) { 4938 if (func) 4939 func(lop); 4940 if (++count == max) 4941 return count; 4942 } 4943 } 4944 } 4945 4946 return count; 4947 } 4948 4949 u64 nfsd_forget_client_locks(struct nfs4_client *clp, u64 max) 4950 { 4951 return nfsd_foreach_client_lock(clp, max, release_lockowner); 4952 } 4953 4954 u64 nfsd_print_client_locks(struct nfs4_client *clp, u64 max) 4955 { 4956 u64 count = nfsd_foreach_client_lock(clp, max, NULL); 4957 nfsd_print_count(clp, count, "locked files"); 4958 return count; 4959 } 4960 4961 static u64 nfsd_foreach_client_open(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_openowner *)) 4962 { 4963 struct nfs4_openowner *oop, *next; 4964 u64 count = 0; 4965 4966 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 4967 if (func) 4968 func(oop); 4969 if (++count == max) 4970 break; 4971 } 4972 4973 return count; 4974 } 4975 4976 u64 nfsd_forget_client_openowners(struct nfs4_client *clp, u64 max) 4977 { 4978 return nfsd_foreach_client_open(clp, max, release_openowner); 4979 } 4980 4981 u64 nfsd_print_client_openowners(struct nfs4_client *clp, u64 max) 4982 { 4983 u64 count = nfsd_foreach_client_open(clp, max, NULL); 4984 nfsd_print_count(clp, count, "open files"); 4985 return count; 4986 } 4987 4988 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 4989 struct list_head *victims) 4990 { 4991 struct nfs4_delegation *dp, *next; 4992 u64 count = 0; 4993 4994 lockdep_assert_held(&state_lock); 4995 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 4996 if (victims) 4997 list_move(&dp->dl_recall_lru, victims); 4998 if (++count == max) 4999 break; 5000 } 5001 return count; 5002 } 5003 5004 u64 nfsd_forget_client_delegations(struct nfs4_client *clp, u64 max) 5005 { 5006 struct nfs4_delegation *dp, *next; 5007 LIST_HEAD(victims); 5008 u64 count; 5009 5010 spin_lock(&state_lock); 5011 count = nfsd_find_all_delegations(clp, max, &victims); 5012 spin_unlock(&state_lock); 5013 5014 list_for_each_entry_safe(dp, next, &victims, dl_recall_lru) 5015 revoke_delegation(dp); 5016 5017 return count; 5018 } 5019 5020 u64 nfsd_recall_client_delegations(struct nfs4_client *clp, u64 max) 5021 { 5022 struct nfs4_delegation *dp, *next; 5023 LIST_HEAD(victims); 5024 u64 count; 5025 5026 spin_lock(&state_lock); 5027 count = nfsd_find_all_delegations(clp, max, &victims); 5028 list_for_each_entry_safe(dp, next, &victims, dl_recall_lru) 5029 nfsd_break_one_deleg(dp); 5030 spin_unlock(&state_lock); 5031 5032 return count; 5033 } 5034 5035 u64 nfsd_print_client_delegations(struct nfs4_client *clp, u64 max) 5036 { 5037 u64 count = 0; 5038 5039 spin_lock(&state_lock); 5040 count = nfsd_find_all_delegations(clp, max, NULL); 5041 spin_unlock(&state_lock); 5042 5043 nfsd_print_count(clp, count, "delegations"); 5044 return count; 5045 } 5046 5047 u64 nfsd_for_n_state(u64 max, u64 (*func)(struct nfs4_client *, u64)) 5048 { 5049 struct nfs4_client *clp, *next; 5050 u64 count = 0; 5051 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id); 5052 5053 if (!nfsd_netns_ready(nn)) 5054 return 0; 5055 5056 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 5057 count += func(clp, max - count); 5058 if ((max != 0) && (count >= max)) 5059 break; 5060 } 5061 5062 return count; 5063 } 5064 5065 struct nfs4_client *nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 5066 { 5067 struct nfs4_client *clp; 5068 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id); 5069 5070 if (!nfsd_netns_ready(nn)) 5071 return NULL; 5072 5073 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 5074 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 5075 return clp; 5076 } 5077 return NULL; 5078 } 5079 5080 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 5081 5082 /* 5083 * Since the lifetime of a delegation isn't limited to that of an open, a 5084 * client may quite reasonably hang on to a delegation as long as it has 5085 * the inode cached. This becomes an obvious problem the first time a 5086 * client's inode cache approaches the size of the server's total memory. 5087 * 5088 * For now we avoid this problem by imposing a hard limit on the number 5089 * of delegations, which varies according to the server's memory size. 5090 */ 5091 static void 5092 set_max_delegations(void) 5093 { 5094 /* 5095 * Allow at most 4 delegations per megabyte of RAM. Quick 5096 * estimates suggest that in the worst case (where every delegation 5097 * is for a different inode), a delegation could take about 1.5K, 5098 * giving a worst case usage of about 6% of memory. 5099 */ 5100 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 5101 } 5102 5103 static int nfs4_state_create_net(struct net *net) 5104 { 5105 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5106 int i; 5107 5108 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) * 5109 CLIENT_HASH_SIZE, GFP_KERNEL); 5110 if (!nn->conf_id_hashtbl) 5111 goto err; 5112 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) * 5113 CLIENT_HASH_SIZE, GFP_KERNEL); 5114 if (!nn->unconf_id_hashtbl) 5115 goto err_unconf_id; 5116 nn->ownerstr_hashtbl = kmalloc(sizeof(struct list_head) * 5117 OWNER_HASH_SIZE, GFP_KERNEL); 5118 if (!nn->ownerstr_hashtbl) 5119 goto err_ownerstr; 5120 nn->lockowner_ino_hashtbl = kmalloc(sizeof(struct list_head) * 5121 LOCKOWNER_INO_HASH_SIZE, GFP_KERNEL); 5122 if (!nn->lockowner_ino_hashtbl) 5123 goto err_lockowner_ino; 5124 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) * 5125 SESSION_HASH_SIZE, GFP_KERNEL); 5126 if (!nn->sessionid_hashtbl) 5127 goto err_sessionid; 5128 5129 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 5130 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 5131 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 5132 } 5133 for (i = 0; i < OWNER_HASH_SIZE; i++) 5134 INIT_LIST_HEAD(&nn->ownerstr_hashtbl[i]); 5135 for (i = 0; i < LOCKOWNER_INO_HASH_SIZE; i++) 5136 INIT_LIST_HEAD(&nn->lockowner_ino_hashtbl[i]); 5137 for (i = 0; i < SESSION_HASH_SIZE; i++) 5138 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 5139 nn->conf_name_tree = RB_ROOT; 5140 nn->unconf_name_tree = RB_ROOT; 5141 INIT_LIST_HEAD(&nn->client_lru); 5142 INIT_LIST_HEAD(&nn->close_lru); 5143 INIT_LIST_HEAD(&nn->del_recall_lru); 5144 spin_lock_init(&nn->client_lock); 5145 5146 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 5147 get_net(net); 5148 5149 return 0; 5150 5151 err_sessionid: 5152 kfree(nn->lockowner_ino_hashtbl); 5153 err_lockowner_ino: 5154 kfree(nn->ownerstr_hashtbl); 5155 err_ownerstr: 5156 kfree(nn->unconf_id_hashtbl); 5157 err_unconf_id: 5158 kfree(nn->conf_id_hashtbl); 5159 err: 5160 return -ENOMEM; 5161 } 5162 5163 static void 5164 nfs4_state_destroy_net(struct net *net) 5165 { 5166 int i; 5167 struct nfs4_client *clp = NULL; 5168 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5169 5170 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 5171 while (!list_empty(&nn->conf_id_hashtbl[i])) { 5172 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 5173 destroy_client(clp); 5174 } 5175 } 5176 5177 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 5178 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 5179 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 5180 destroy_client(clp); 5181 } 5182 } 5183 5184 kfree(nn->sessionid_hashtbl); 5185 kfree(nn->lockowner_ino_hashtbl); 5186 kfree(nn->ownerstr_hashtbl); 5187 kfree(nn->unconf_id_hashtbl); 5188 kfree(nn->conf_id_hashtbl); 5189 put_net(net); 5190 } 5191 5192 int 5193 nfs4_state_start_net(struct net *net) 5194 { 5195 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5196 int ret; 5197 5198 ret = nfs4_state_create_net(net); 5199 if (ret) 5200 return ret; 5201 nfsd4_client_tracking_init(net); 5202 nn->boot_time = get_seconds(); 5203 locks_start_grace(net, &nn->nfsd4_manager); 5204 nn->grace_ended = false; 5205 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %p)\n", 5206 nn->nfsd4_grace, net); 5207 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 5208 return 0; 5209 } 5210 5211 /* initialization to perform when the nfsd service is started: */ 5212 5213 int 5214 nfs4_state_start(void) 5215 { 5216 int ret; 5217 5218 ret = set_callback_cred(); 5219 if (ret) 5220 return -ENOMEM; 5221 laundry_wq = create_singlethread_workqueue("nfsd4"); 5222 if (laundry_wq == NULL) { 5223 ret = -ENOMEM; 5224 goto out_recovery; 5225 } 5226 ret = nfsd4_create_callback_queue(); 5227 if (ret) 5228 goto out_free_laundry; 5229 5230 set_max_delegations(); 5231 5232 return 0; 5233 5234 out_free_laundry: 5235 destroy_workqueue(laundry_wq); 5236 out_recovery: 5237 return ret; 5238 } 5239 5240 void 5241 nfs4_state_shutdown_net(struct net *net) 5242 { 5243 struct nfs4_delegation *dp = NULL; 5244 struct list_head *pos, *next, reaplist; 5245 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5246 5247 cancel_delayed_work_sync(&nn->laundromat_work); 5248 locks_end_grace(&nn->nfsd4_manager); 5249 5250 nfs4_lock_state(); 5251 INIT_LIST_HEAD(&reaplist); 5252 spin_lock(&state_lock); 5253 list_for_each_safe(pos, next, &nn->del_recall_lru) { 5254 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 5255 list_move(&dp->dl_recall_lru, &reaplist); 5256 } 5257 spin_unlock(&state_lock); 5258 list_for_each_safe(pos, next, &reaplist) { 5259 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 5260 destroy_delegation(dp); 5261 } 5262 5263 nfsd4_client_tracking_exit(net); 5264 nfs4_state_destroy_net(net); 5265 nfs4_unlock_state(); 5266 } 5267 5268 void 5269 nfs4_state_shutdown(void) 5270 { 5271 destroy_workqueue(laundry_wq); 5272 nfsd4_destroy_callback_queue(); 5273 } 5274 5275 static void 5276 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 5277 { 5278 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid)) 5279 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 5280 } 5281 5282 static void 5283 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 5284 { 5285 if (cstate->minorversion) { 5286 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 5287 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 5288 } 5289 } 5290 5291 void 5292 clear_current_stateid(struct nfsd4_compound_state *cstate) 5293 { 5294 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 5295 } 5296 5297 /* 5298 * functions to set current state id 5299 */ 5300 void 5301 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp) 5302 { 5303 put_stateid(cstate, &odp->od_stateid); 5304 } 5305 5306 void 5307 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open) 5308 { 5309 put_stateid(cstate, &open->op_stateid); 5310 } 5311 5312 void 5313 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close) 5314 { 5315 put_stateid(cstate, &close->cl_stateid); 5316 } 5317 5318 void 5319 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock) 5320 { 5321 put_stateid(cstate, &lock->lk_resp_stateid); 5322 } 5323 5324 /* 5325 * functions to consume current state id 5326 */ 5327 5328 void 5329 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp) 5330 { 5331 get_stateid(cstate, &odp->od_stateid); 5332 } 5333 5334 void 5335 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp) 5336 { 5337 get_stateid(cstate, &drp->dr_stateid); 5338 } 5339 5340 void 5341 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp) 5342 { 5343 get_stateid(cstate, &fsp->fr_stateid); 5344 } 5345 5346 void 5347 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr) 5348 { 5349 get_stateid(cstate, &setattr->sa_stateid); 5350 } 5351 5352 void 5353 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close) 5354 { 5355 get_stateid(cstate, &close->cl_stateid); 5356 } 5357 5358 void 5359 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku) 5360 { 5361 get_stateid(cstate, &locku->lu_stateid); 5362 } 5363 5364 void 5365 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read) 5366 { 5367 get_stateid(cstate, &read->rd_stateid); 5368 } 5369 5370 void 5371 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write) 5372 { 5373 get_stateid(cstate, &write->wr_stateid); 5374 } 5375