1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include "xdr4.h" 46 #include "xdr4cb.h" 47 #include "vfs.h" 48 #include "current_stateid.h" 49 50 #include "netns.h" 51 #include "pnfs.h" 52 53 #define NFSDDBG_FACILITY NFSDDBG_PROC 54 55 #define all_ones {{~0,~0},~0} 56 static const stateid_t one_stateid = { 57 .si_generation = ~0, 58 .si_opaque = all_ones, 59 }; 60 static const stateid_t zero_stateid = { 61 /* all fields zero */ 62 }; 63 static const stateid_t currentstateid = { 64 .si_generation = 1, 65 }; 66 static const stateid_t close_stateid = { 67 .si_generation = 0xffffffffU, 68 }; 69 70 static u64 current_sessionid = 1; 71 72 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 73 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 74 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 75 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 76 77 /* forward declarations */ 78 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 79 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 80 81 /* Locking: */ 82 83 /* 84 * Currently used for the del_recall_lru and file hash table. In an 85 * effort to decrease the scope of the client_mutex, this spinlock may 86 * eventually cover more: 87 */ 88 static DEFINE_SPINLOCK(state_lock); 89 90 enum nfsd4_st_mutex_lock_subclass { 91 OPEN_STATEID_MUTEX = 0, 92 LOCK_STATEID_MUTEX = 1, 93 }; 94 95 /* 96 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 97 * the refcount on the open stateid to drop. 98 */ 99 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 100 101 static struct kmem_cache *client_slab; 102 static struct kmem_cache *openowner_slab; 103 static struct kmem_cache *lockowner_slab; 104 static struct kmem_cache *file_slab; 105 static struct kmem_cache *stateid_slab; 106 static struct kmem_cache *deleg_slab; 107 static struct kmem_cache *odstate_slab; 108 109 static void free_session(struct nfsd4_session *); 110 111 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 112 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 113 114 static bool is_session_dead(struct nfsd4_session *ses) 115 { 116 return ses->se_flags & NFS4_SESSION_DEAD; 117 } 118 119 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 120 { 121 if (atomic_read(&ses->se_ref) > ref_held_by_me) 122 return nfserr_jukebox; 123 ses->se_flags |= NFS4_SESSION_DEAD; 124 return nfs_ok; 125 } 126 127 static bool is_client_expired(struct nfs4_client *clp) 128 { 129 return clp->cl_time == 0; 130 } 131 132 static __be32 get_client_locked(struct nfs4_client *clp) 133 { 134 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 135 136 lockdep_assert_held(&nn->client_lock); 137 138 if (is_client_expired(clp)) 139 return nfserr_expired; 140 atomic_inc(&clp->cl_refcount); 141 return nfs_ok; 142 } 143 144 /* must be called under the client_lock */ 145 static inline void 146 renew_client_locked(struct nfs4_client *clp) 147 { 148 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 149 150 if (is_client_expired(clp)) { 151 WARN_ON(1); 152 printk("%s: client (clientid %08x/%08x) already expired\n", 153 __func__, 154 clp->cl_clientid.cl_boot, 155 clp->cl_clientid.cl_id); 156 return; 157 } 158 159 dprintk("renewing client (clientid %08x/%08x)\n", 160 clp->cl_clientid.cl_boot, 161 clp->cl_clientid.cl_id); 162 list_move_tail(&clp->cl_lru, &nn->client_lru); 163 clp->cl_time = get_seconds(); 164 } 165 166 static void put_client_renew_locked(struct nfs4_client *clp) 167 { 168 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 169 170 lockdep_assert_held(&nn->client_lock); 171 172 if (!atomic_dec_and_test(&clp->cl_refcount)) 173 return; 174 if (!is_client_expired(clp)) 175 renew_client_locked(clp); 176 } 177 178 static void put_client_renew(struct nfs4_client *clp) 179 { 180 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 181 182 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock)) 183 return; 184 if (!is_client_expired(clp)) 185 renew_client_locked(clp); 186 spin_unlock(&nn->client_lock); 187 } 188 189 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 190 { 191 __be32 status; 192 193 if (is_session_dead(ses)) 194 return nfserr_badsession; 195 status = get_client_locked(ses->se_client); 196 if (status) 197 return status; 198 atomic_inc(&ses->se_ref); 199 return nfs_ok; 200 } 201 202 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 203 { 204 struct nfs4_client *clp = ses->se_client; 205 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 206 207 lockdep_assert_held(&nn->client_lock); 208 209 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 210 free_session(ses); 211 put_client_renew_locked(clp); 212 } 213 214 static void nfsd4_put_session(struct nfsd4_session *ses) 215 { 216 struct nfs4_client *clp = ses->se_client; 217 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 218 219 spin_lock(&nn->client_lock); 220 nfsd4_put_session_locked(ses); 221 spin_unlock(&nn->client_lock); 222 } 223 224 static struct nfsd4_blocked_lock * 225 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 226 struct nfsd_net *nn) 227 { 228 struct nfsd4_blocked_lock *cur, *found = NULL; 229 230 spin_lock(&nn->blocked_locks_lock); 231 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 232 if (fh_match(fh, &cur->nbl_fh)) { 233 list_del_init(&cur->nbl_list); 234 list_del_init(&cur->nbl_lru); 235 found = cur; 236 break; 237 } 238 } 239 spin_unlock(&nn->blocked_locks_lock); 240 if (found) 241 locks_delete_block(&found->nbl_lock); 242 return found; 243 } 244 245 static struct nfsd4_blocked_lock * 246 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 247 struct nfsd_net *nn) 248 { 249 struct nfsd4_blocked_lock *nbl; 250 251 nbl = find_blocked_lock(lo, fh, nn); 252 if (!nbl) { 253 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 254 if (nbl) { 255 fh_copy_shallow(&nbl->nbl_fh, fh); 256 locks_init_lock(&nbl->nbl_lock); 257 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 258 &nfsd4_cb_notify_lock_ops, 259 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 260 } 261 } 262 return nbl; 263 } 264 265 static void 266 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 267 { 268 locks_delete_block(&nbl->nbl_lock); 269 locks_release_private(&nbl->nbl_lock); 270 kfree(nbl); 271 } 272 273 static void 274 remove_blocked_locks(struct nfs4_lockowner *lo) 275 { 276 struct nfs4_client *clp = lo->lo_owner.so_client; 277 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 278 struct nfsd4_blocked_lock *nbl; 279 LIST_HEAD(reaplist); 280 281 /* Dequeue all blocked locks */ 282 spin_lock(&nn->blocked_locks_lock); 283 while (!list_empty(&lo->lo_blocked)) { 284 nbl = list_first_entry(&lo->lo_blocked, 285 struct nfsd4_blocked_lock, 286 nbl_list); 287 list_del_init(&nbl->nbl_list); 288 list_move(&nbl->nbl_lru, &reaplist); 289 } 290 spin_unlock(&nn->blocked_locks_lock); 291 292 /* Now free them */ 293 while (!list_empty(&reaplist)) { 294 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 295 nbl_lru); 296 list_del_init(&nbl->nbl_lru); 297 free_blocked_lock(nbl); 298 } 299 } 300 301 static void 302 nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb) 303 { 304 struct nfsd4_blocked_lock *nbl = container_of(cb, 305 struct nfsd4_blocked_lock, nbl_cb); 306 locks_delete_block(&nbl->nbl_lock); 307 } 308 309 static int 310 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 311 { 312 /* 313 * Since this is just an optimization, we don't try very hard if it 314 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 315 * just quit trying on anything else. 316 */ 317 switch (task->tk_status) { 318 case -NFS4ERR_DELAY: 319 rpc_delay(task, 1 * HZ); 320 return 0; 321 default: 322 return 1; 323 } 324 } 325 326 static void 327 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 328 { 329 struct nfsd4_blocked_lock *nbl = container_of(cb, 330 struct nfsd4_blocked_lock, nbl_cb); 331 332 free_blocked_lock(nbl); 333 } 334 335 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 336 .prepare = nfsd4_cb_notify_lock_prepare, 337 .done = nfsd4_cb_notify_lock_done, 338 .release = nfsd4_cb_notify_lock_release, 339 }; 340 341 static inline struct nfs4_stateowner * 342 nfs4_get_stateowner(struct nfs4_stateowner *sop) 343 { 344 atomic_inc(&sop->so_count); 345 return sop; 346 } 347 348 static int 349 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 350 { 351 return (sop->so_owner.len == owner->len) && 352 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 353 } 354 355 static struct nfs4_openowner * 356 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 357 struct nfs4_client *clp) 358 { 359 struct nfs4_stateowner *so; 360 361 lockdep_assert_held(&clp->cl_lock); 362 363 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 364 so_strhash) { 365 if (!so->so_is_open_owner) 366 continue; 367 if (same_owner_str(so, &open->op_owner)) 368 return openowner(nfs4_get_stateowner(so)); 369 } 370 return NULL; 371 } 372 373 static struct nfs4_openowner * 374 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 375 struct nfs4_client *clp) 376 { 377 struct nfs4_openowner *oo; 378 379 spin_lock(&clp->cl_lock); 380 oo = find_openstateowner_str_locked(hashval, open, clp); 381 spin_unlock(&clp->cl_lock); 382 return oo; 383 } 384 385 static inline u32 386 opaque_hashval(const void *ptr, int nbytes) 387 { 388 unsigned char *cptr = (unsigned char *) ptr; 389 390 u32 x = 0; 391 while (nbytes--) { 392 x *= 37; 393 x += *cptr++; 394 } 395 return x; 396 } 397 398 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 399 { 400 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 401 402 kmem_cache_free(file_slab, fp); 403 } 404 405 void 406 put_nfs4_file(struct nfs4_file *fi) 407 { 408 might_lock(&state_lock); 409 410 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 411 hlist_del_rcu(&fi->fi_hash); 412 spin_unlock(&state_lock); 413 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 414 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 415 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 416 } 417 } 418 419 static struct file * 420 __nfs4_get_fd(struct nfs4_file *f, int oflag) 421 { 422 if (f->fi_fds[oflag]) 423 return get_file(f->fi_fds[oflag]); 424 return NULL; 425 } 426 427 static struct file * 428 find_writeable_file_locked(struct nfs4_file *f) 429 { 430 struct file *ret; 431 432 lockdep_assert_held(&f->fi_lock); 433 434 ret = __nfs4_get_fd(f, O_WRONLY); 435 if (!ret) 436 ret = __nfs4_get_fd(f, O_RDWR); 437 return ret; 438 } 439 440 static struct file * 441 find_writeable_file(struct nfs4_file *f) 442 { 443 struct file *ret; 444 445 spin_lock(&f->fi_lock); 446 ret = find_writeable_file_locked(f); 447 spin_unlock(&f->fi_lock); 448 449 return ret; 450 } 451 452 static struct file *find_readable_file_locked(struct nfs4_file *f) 453 { 454 struct file *ret; 455 456 lockdep_assert_held(&f->fi_lock); 457 458 ret = __nfs4_get_fd(f, O_RDONLY); 459 if (!ret) 460 ret = __nfs4_get_fd(f, O_RDWR); 461 return ret; 462 } 463 464 static struct file * 465 find_readable_file(struct nfs4_file *f) 466 { 467 struct file *ret; 468 469 spin_lock(&f->fi_lock); 470 ret = find_readable_file_locked(f); 471 spin_unlock(&f->fi_lock); 472 473 return ret; 474 } 475 476 struct file * 477 find_any_file(struct nfs4_file *f) 478 { 479 struct file *ret; 480 481 spin_lock(&f->fi_lock); 482 ret = __nfs4_get_fd(f, O_RDWR); 483 if (!ret) { 484 ret = __nfs4_get_fd(f, O_WRONLY); 485 if (!ret) 486 ret = __nfs4_get_fd(f, O_RDONLY); 487 } 488 spin_unlock(&f->fi_lock); 489 return ret; 490 } 491 492 static atomic_long_t num_delegations; 493 unsigned long max_delegations; 494 495 /* 496 * Open owner state (share locks) 497 */ 498 499 /* hash tables for lock and open owners */ 500 #define OWNER_HASH_BITS 8 501 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 502 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 503 504 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 505 { 506 unsigned int ret; 507 508 ret = opaque_hashval(ownername->data, ownername->len); 509 return ret & OWNER_HASH_MASK; 510 } 511 512 /* hash table for nfs4_file */ 513 #define FILE_HASH_BITS 8 514 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 515 516 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 517 { 518 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 519 } 520 521 static unsigned int file_hashval(struct knfsd_fh *fh) 522 { 523 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 524 } 525 526 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 527 528 static void 529 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 530 { 531 lockdep_assert_held(&fp->fi_lock); 532 533 if (access & NFS4_SHARE_ACCESS_WRITE) 534 atomic_inc(&fp->fi_access[O_WRONLY]); 535 if (access & NFS4_SHARE_ACCESS_READ) 536 atomic_inc(&fp->fi_access[O_RDONLY]); 537 } 538 539 static __be32 540 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 541 { 542 lockdep_assert_held(&fp->fi_lock); 543 544 /* Does this access mode make sense? */ 545 if (access & ~NFS4_SHARE_ACCESS_BOTH) 546 return nfserr_inval; 547 548 /* Does it conflict with a deny mode already set? */ 549 if ((access & fp->fi_share_deny) != 0) 550 return nfserr_share_denied; 551 552 __nfs4_file_get_access(fp, access); 553 return nfs_ok; 554 } 555 556 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 557 { 558 /* Common case is that there is no deny mode. */ 559 if (deny) { 560 /* Does this deny mode make sense? */ 561 if (deny & ~NFS4_SHARE_DENY_BOTH) 562 return nfserr_inval; 563 564 if ((deny & NFS4_SHARE_DENY_READ) && 565 atomic_read(&fp->fi_access[O_RDONLY])) 566 return nfserr_share_denied; 567 568 if ((deny & NFS4_SHARE_DENY_WRITE) && 569 atomic_read(&fp->fi_access[O_WRONLY])) 570 return nfserr_share_denied; 571 } 572 return nfs_ok; 573 } 574 575 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 576 { 577 might_lock(&fp->fi_lock); 578 579 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 580 struct file *f1 = NULL; 581 struct file *f2 = NULL; 582 583 swap(f1, fp->fi_fds[oflag]); 584 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 585 swap(f2, fp->fi_fds[O_RDWR]); 586 spin_unlock(&fp->fi_lock); 587 if (f1) 588 fput(f1); 589 if (f2) 590 fput(f2); 591 } 592 } 593 594 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 595 { 596 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 597 598 if (access & NFS4_SHARE_ACCESS_WRITE) 599 __nfs4_file_put_access(fp, O_WRONLY); 600 if (access & NFS4_SHARE_ACCESS_READ) 601 __nfs4_file_put_access(fp, O_RDONLY); 602 } 603 604 /* 605 * Allocate a new open/delegation state counter. This is needed for 606 * pNFS for proper return on close semantics. 607 * 608 * Note that we only allocate it for pNFS-enabled exports, otherwise 609 * all pointers to struct nfs4_clnt_odstate are always NULL. 610 */ 611 static struct nfs4_clnt_odstate * 612 alloc_clnt_odstate(struct nfs4_client *clp) 613 { 614 struct nfs4_clnt_odstate *co; 615 616 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 617 if (co) { 618 co->co_client = clp; 619 refcount_set(&co->co_odcount, 1); 620 } 621 return co; 622 } 623 624 static void 625 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 626 { 627 struct nfs4_file *fp = co->co_file; 628 629 lockdep_assert_held(&fp->fi_lock); 630 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 631 } 632 633 static inline void 634 get_clnt_odstate(struct nfs4_clnt_odstate *co) 635 { 636 if (co) 637 refcount_inc(&co->co_odcount); 638 } 639 640 static void 641 put_clnt_odstate(struct nfs4_clnt_odstate *co) 642 { 643 struct nfs4_file *fp; 644 645 if (!co) 646 return; 647 648 fp = co->co_file; 649 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 650 list_del(&co->co_perfile); 651 spin_unlock(&fp->fi_lock); 652 653 nfsd4_return_all_file_layouts(co->co_client, fp); 654 kmem_cache_free(odstate_slab, co); 655 } 656 } 657 658 static struct nfs4_clnt_odstate * 659 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 660 { 661 struct nfs4_clnt_odstate *co; 662 struct nfs4_client *cl; 663 664 if (!new) 665 return NULL; 666 667 cl = new->co_client; 668 669 spin_lock(&fp->fi_lock); 670 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 671 if (co->co_client == cl) { 672 get_clnt_odstate(co); 673 goto out; 674 } 675 } 676 co = new; 677 co->co_file = fp; 678 hash_clnt_odstate_locked(new); 679 out: 680 spin_unlock(&fp->fi_lock); 681 return co; 682 } 683 684 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 685 void (*sc_free)(struct nfs4_stid *)) 686 { 687 struct nfs4_stid *stid; 688 int new_id; 689 690 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 691 if (!stid) 692 return NULL; 693 694 idr_preload(GFP_KERNEL); 695 spin_lock(&cl->cl_lock); 696 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT); 697 spin_unlock(&cl->cl_lock); 698 idr_preload_end(); 699 if (new_id < 0) 700 goto out_free; 701 702 stid->sc_free = sc_free; 703 stid->sc_client = cl; 704 stid->sc_stateid.si_opaque.so_id = new_id; 705 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 706 /* Will be incremented before return to client: */ 707 refcount_set(&stid->sc_count, 1); 708 spin_lock_init(&stid->sc_lock); 709 710 /* 711 * It shouldn't be a problem to reuse an opaque stateid value. 712 * I don't think it is for 4.1. But with 4.0 I worry that, for 713 * example, a stray write retransmission could be accepted by 714 * the server when it should have been rejected. Therefore, 715 * adopt a trick from the sctp code to attempt to maximize the 716 * amount of time until an id is reused, by ensuring they always 717 * "increase" (mod INT_MAX): 718 */ 719 return stid; 720 out_free: 721 kmem_cache_free(slab, stid); 722 return NULL; 723 } 724 725 /* 726 * Create a unique stateid_t to represent each COPY. 727 */ 728 int nfs4_init_cp_state(struct nfsd_net *nn, struct nfsd4_copy *copy) 729 { 730 int new_id; 731 732 idr_preload(GFP_KERNEL); 733 spin_lock(&nn->s2s_cp_lock); 734 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, copy, 0, 0, GFP_NOWAIT); 735 spin_unlock(&nn->s2s_cp_lock); 736 idr_preload_end(); 737 if (new_id < 0) 738 return 0; 739 copy->cp_stateid.si_opaque.so_id = new_id; 740 copy->cp_stateid.si_opaque.so_clid.cl_boot = nn->boot_time; 741 copy->cp_stateid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id; 742 return 1; 743 } 744 745 void nfs4_free_cp_state(struct nfsd4_copy *copy) 746 { 747 struct nfsd_net *nn; 748 749 nn = net_generic(copy->cp_clp->net, nfsd_net_id); 750 spin_lock(&nn->s2s_cp_lock); 751 idr_remove(&nn->s2s_cp_stateids, copy->cp_stateid.si_opaque.so_id); 752 spin_unlock(&nn->s2s_cp_lock); 753 } 754 755 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 756 { 757 struct nfs4_stid *stid; 758 759 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 760 if (!stid) 761 return NULL; 762 763 return openlockstateid(stid); 764 } 765 766 static void nfs4_free_deleg(struct nfs4_stid *stid) 767 { 768 kmem_cache_free(deleg_slab, stid); 769 atomic_long_dec(&num_delegations); 770 } 771 772 /* 773 * When we recall a delegation, we should be careful not to hand it 774 * out again straight away. 775 * To ensure this we keep a pair of bloom filters ('new' and 'old') 776 * in which the filehandles of recalled delegations are "stored". 777 * If a filehandle appear in either filter, a delegation is blocked. 778 * When a delegation is recalled, the filehandle is stored in the "new" 779 * filter. 780 * Every 30 seconds we swap the filters and clear the "new" one, 781 * unless both are empty of course. 782 * 783 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 784 * low 3 bytes as hash-table indices. 785 * 786 * 'blocked_delegations_lock', which is always taken in block_delegations(), 787 * is used to manage concurrent access. Testing does not need the lock 788 * except when swapping the two filters. 789 */ 790 static DEFINE_SPINLOCK(blocked_delegations_lock); 791 static struct bloom_pair { 792 int entries, old_entries; 793 time_t swap_time; 794 int new; /* index into 'set' */ 795 DECLARE_BITMAP(set[2], 256); 796 } blocked_delegations; 797 798 static int delegation_blocked(struct knfsd_fh *fh) 799 { 800 u32 hash; 801 struct bloom_pair *bd = &blocked_delegations; 802 803 if (bd->entries == 0) 804 return 0; 805 if (seconds_since_boot() - bd->swap_time > 30) { 806 spin_lock(&blocked_delegations_lock); 807 if (seconds_since_boot() - bd->swap_time > 30) { 808 bd->entries -= bd->old_entries; 809 bd->old_entries = bd->entries; 810 memset(bd->set[bd->new], 0, 811 sizeof(bd->set[0])); 812 bd->new = 1-bd->new; 813 bd->swap_time = seconds_since_boot(); 814 } 815 spin_unlock(&blocked_delegations_lock); 816 } 817 hash = jhash(&fh->fh_base, fh->fh_size, 0); 818 if (test_bit(hash&255, bd->set[0]) && 819 test_bit((hash>>8)&255, bd->set[0]) && 820 test_bit((hash>>16)&255, bd->set[0])) 821 return 1; 822 823 if (test_bit(hash&255, bd->set[1]) && 824 test_bit((hash>>8)&255, bd->set[1]) && 825 test_bit((hash>>16)&255, bd->set[1])) 826 return 1; 827 828 return 0; 829 } 830 831 static void block_delegations(struct knfsd_fh *fh) 832 { 833 u32 hash; 834 struct bloom_pair *bd = &blocked_delegations; 835 836 hash = jhash(&fh->fh_base, fh->fh_size, 0); 837 838 spin_lock(&blocked_delegations_lock); 839 __set_bit(hash&255, bd->set[bd->new]); 840 __set_bit((hash>>8)&255, bd->set[bd->new]); 841 __set_bit((hash>>16)&255, bd->set[bd->new]); 842 if (bd->entries == 0) 843 bd->swap_time = seconds_since_boot(); 844 bd->entries += 1; 845 spin_unlock(&blocked_delegations_lock); 846 } 847 848 static struct nfs4_delegation * 849 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 850 struct svc_fh *current_fh, 851 struct nfs4_clnt_odstate *odstate) 852 { 853 struct nfs4_delegation *dp; 854 long n; 855 856 dprintk("NFSD alloc_init_deleg\n"); 857 n = atomic_long_inc_return(&num_delegations); 858 if (n < 0 || n > max_delegations) 859 goto out_dec; 860 if (delegation_blocked(¤t_fh->fh_handle)) 861 goto out_dec; 862 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 863 if (dp == NULL) 864 goto out_dec; 865 866 /* 867 * delegation seqid's are never incremented. The 4.1 special 868 * meaning of seqid 0 isn't meaningful, really, but let's avoid 869 * 0 anyway just for consistency and use 1: 870 */ 871 dp->dl_stid.sc_stateid.si_generation = 1; 872 INIT_LIST_HEAD(&dp->dl_perfile); 873 INIT_LIST_HEAD(&dp->dl_perclnt); 874 INIT_LIST_HEAD(&dp->dl_recall_lru); 875 dp->dl_clnt_odstate = odstate; 876 get_clnt_odstate(odstate); 877 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 878 dp->dl_retries = 1; 879 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 880 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 881 get_nfs4_file(fp); 882 dp->dl_stid.sc_file = fp; 883 return dp; 884 out_dec: 885 atomic_long_dec(&num_delegations); 886 return NULL; 887 } 888 889 void 890 nfs4_put_stid(struct nfs4_stid *s) 891 { 892 struct nfs4_file *fp = s->sc_file; 893 struct nfs4_client *clp = s->sc_client; 894 895 might_lock(&clp->cl_lock); 896 897 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 898 wake_up_all(&close_wq); 899 return; 900 } 901 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 902 spin_unlock(&clp->cl_lock); 903 s->sc_free(s); 904 if (fp) 905 put_nfs4_file(fp); 906 } 907 908 void 909 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 910 { 911 stateid_t *src = &stid->sc_stateid; 912 913 spin_lock(&stid->sc_lock); 914 if (unlikely(++src->si_generation == 0)) 915 src->si_generation = 1; 916 memcpy(dst, src, sizeof(*dst)); 917 spin_unlock(&stid->sc_lock); 918 } 919 920 static void put_deleg_file(struct nfs4_file *fp) 921 { 922 struct file *filp = NULL; 923 924 spin_lock(&fp->fi_lock); 925 if (--fp->fi_delegees == 0) 926 swap(filp, fp->fi_deleg_file); 927 spin_unlock(&fp->fi_lock); 928 929 if (filp) 930 fput(filp); 931 } 932 933 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 934 { 935 struct nfs4_file *fp = dp->dl_stid.sc_file; 936 struct file *filp = fp->fi_deleg_file; 937 938 WARN_ON_ONCE(!fp->fi_delegees); 939 940 vfs_setlease(filp, F_UNLCK, NULL, (void **)&dp); 941 put_deleg_file(fp); 942 } 943 944 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 945 { 946 put_clnt_odstate(dp->dl_clnt_odstate); 947 nfs4_unlock_deleg_lease(dp); 948 nfs4_put_stid(&dp->dl_stid); 949 } 950 951 void nfs4_unhash_stid(struct nfs4_stid *s) 952 { 953 s->sc_type = 0; 954 } 955 956 /** 957 * nfs4_delegation_exists - Discover if this delegation already exists 958 * @clp: a pointer to the nfs4_client we're granting a delegation to 959 * @fp: a pointer to the nfs4_file we're granting a delegation on 960 * 961 * Return: 962 * On success: true iff an existing delegation is found 963 */ 964 965 static bool 966 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 967 { 968 struct nfs4_delegation *searchdp = NULL; 969 struct nfs4_client *searchclp = NULL; 970 971 lockdep_assert_held(&state_lock); 972 lockdep_assert_held(&fp->fi_lock); 973 974 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 975 searchclp = searchdp->dl_stid.sc_client; 976 if (clp == searchclp) { 977 return true; 978 } 979 } 980 return false; 981 } 982 983 /** 984 * hash_delegation_locked - Add a delegation to the appropriate lists 985 * @dp: a pointer to the nfs4_delegation we are adding. 986 * @fp: a pointer to the nfs4_file we're granting a delegation on 987 * 988 * Return: 989 * On success: NULL if the delegation was successfully hashed. 990 * 991 * On error: -EAGAIN if one was previously granted to this 992 * nfs4_client for this nfs4_file. Delegation is not hashed. 993 * 994 */ 995 996 static int 997 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 998 { 999 struct nfs4_client *clp = dp->dl_stid.sc_client; 1000 1001 lockdep_assert_held(&state_lock); 1002 lockdep_assert_held(&fp->fi_lock); 1003 1004 if (nfs4_delegation_exists(clp, fp)) 1005 return -EAGAIN; 1006 refcount_inc(&dp->dl_stid.sc_count); 1007 dp->dl_stid.sc_type = NFS4_DELEG_STID; 1008 list_add(&dp->dl_perfile, &fp->fi_delegations); 1009 list_add(&dp->dl_perclnt, &clp->cl_delegations); 1010 return 0; 1011 } 1012 1013 static bool 1014 unhash_delegation_locked(struct nfs4_delegation *dp) 1015 { 1016 struct nfs4_file *fp = dp->dl_stid.sc_file; 1017 1018 lockdep_assert_held(&state_lock); 1019 1020 if (list_empty(&dp->dl_perfile)) 1021 return false; 1022 1023 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 1024 /* Ensure that deleg break won't try to requeue it */ 1025 ++dp->dl_time; 1026 spin_lock(&fp->fi_lock); 1027 list_del_init(&dp->dl_perclnt); 1028 list_del_init(&dp->dl_recall_lru); 1029 list_del_init(&dp->dl_perfile); 1030 spin_unlock(&fp->fi_lock); 1031 return true; 1032 } 1033 1034 static void destroy_delegation(struct nfs4_delegation *dp) 1035 { 1036 bool unhashed; 1037 1038 spin_lock(&state_lock); 1039 unhashed = unhash_delegation_locked(dp); 1040 spin_unlock(&state_lock); 1041 if (unhashed) 1042 destroy_unhashed_deleg(dp); 1043 } 1044 1045 static void revoke_delegation(struct nfs4_delegation *dp) 1046 { 1047 struct nfs4_client *clp = dp->dl_stid.sc_client; 1048 1049 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1050 1051 if (clp->cl_minorversion) { 1052 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 1053 refcount_inc(&dp->dl_stid.sc_count); 1054 spin_lock(&clp->cl_lock); 1055 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1056 spin_unlock(&clp->cl_lock); 1057 } 1058 destroy_unhashed_deleg(dp); 1059 } 1060 1061 /* 1062 * SETCLIENTID state 1063 */ 1064 1065 static unsigned int clientid_hashval(u32 id) 1066 { 1067 return id & CLIENT_HASH_MASK; 1068 } 1069 1070 static unsigned int clientstr_hashval(const char *name) 1071 { 1072 return opaque_hashval(name, 8) & CLIENT_HASH_MASK; 1073 } 1074 1075 /* 1076 * We store the NONE, READ, WRITE, and BOTH bits separately in the 1077 * st_{access,deny}_bmap field of the stateid, in order to track not 1078 * only what share bits are currently in force, but also what 1079 * combinations of share bits previous opens have used. This allows us 1080 * to enforce the recommendation of rfc 3530 14.2.19 that the server 1081 * return an error if the client attempt to downgrade to a combination 1082 * of share bits not explicable by closing some of its previous opens. 1083 * 1084 * XXX: This enforcement is actually incomplete, since we don't keep 1085 * track of access/deny bit combinations; so, e.g., we allow: 1086 * 1087 * OPEN allow read, deny write 1088 * OPEN allow both, deny none 1089 * DOWNGRADE allow read, deny none 1090 * 1091 * which we should reject. 1092 */ 1093 static unsigned int 1094 bmap_to_share_mode(unsigned long bmap) { 1095 int i; 1096 unsigned int access = 0; 1097 1098 for (i = 1; i < 4; i++) { 1099 if (test_bit(i, &bmap)) 1100 access |= i; 1101 } 1102 return access; 1103 } 1104 1105 /* set share access for a given stateid */ 1106 static inline void 1107 set_access(u32 access, struct nfs4_ol_stateid *stp) 1108 { 1109 unsigned char mask = 1 << access; 1110 1111 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1112 stp->st_access_bmap |= mask; 1113 } 1114 1115 /* clear share access for a given stateid */ 1116 static inline void 1117 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1118 { 1119 unsigned char mask = 1 << access; 1120 1121 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1122 stp->st_access_bmap &= ~mask; 1123 } 1124 1125 /* test whether a given stateid has access */ 1126 static inline bool 1127 test_access(u32 access, struct nfs4_ol_stateid *stp) 1128 { 1129 unsigned char mask = 1 << access; 1130 1131 return (bool)(stp->st_access_bmap & mask); 1132 } 1133 1134 /* set share deny for a given stateid */ 1135 static inline void 1136 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1137 { 1138 unsigned char mask = 1 << deny; 1139 1140 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1141 stp->st_deny_bmap |= mask; 1142 } 1143 1144 /* clear share deny for a given stateid */ 1145 static inline void 1146 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1147 { 1148 unsigned char mask = 1 << deny; 1149 1150 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1151 stp->st_deny_bmap &= ~mask; 1152 } 1153 1154 /* test whether a given stateid is denying specific access */ 1155 static inline bool 1156 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1157 { 1158 unsigned char mask = 1 << deny; 1159 1160 return (bool)(stp->st_deny_bmap & mask); 1161 } 1162 1163 static int nfs4_access_to_omode(u32 access) 1164 { 1165 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1166 case NFS4_SHARE_ACCESS_READ: 1167 return O_RDONLY; 1168 case NFS4_SHARE_ACCESS_WRITE: 1169 return O_WRONLY; 1170 case NFS4_SHARE_ACCESS_BOTH: 1171 return O_RDWR; 1172 } 1173 WARN_ON_ONCE(1); 1174 return O_RDONLY; 1175 } 1176 1177 /* 1178 * A stateid that had a deny mode associated with it is being released 1179 * or downgraded. Recalculate the deny mode on the file. 1180 */ 1181 static void 1182 recalculate_deny_mode(struct nfs4_file *fp) 1183 { 1184 struct nfs4_ol_stateid *stp; 1185 1186 spin_lock(&fp->fi_lock); 1187 fp->fi_share_deny = 0; 1188 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1189 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1190 spin_unlock(&fp->fi_lock); 1191 } 1192 1193 static void 1194 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1195 { 1196 int i; 1197 bool change = false; 1198 1199 for (i = 1; i < 4; i++) { 1200 if ((i & deny) != i) { 1201 change = true; 1202 clear_deny(i, stp); 1203 } 1204 } 1205 1206 /* Recalculate per-file deny mode if there was a change */ 1207 if (change) 1208 recalculate_deny_mode(stp->st_stid.sc_file); 1209 } 1210 1211 /* release all access and file references for a given stateid */ 1212 static void 1213 release_all_access(struct nfs4_ol_stateid *stp) 1214 { 1215 int i; 1216 struct nfs4_file *fp = stp->st_stid.sc_file; 1217 1218 if (fp && stp->st_deny_bmap != 0) 1219 recalculate_deny_mode(fp); 1220 1221 for (i = 1; i < 4; i++) { 1222 if (test_access(i, stp)) 1223 nfs4_file_put_access(stp->st_stid.sc_file, i); 1224 clear_access(i, stp); 1225 } 1226 } 1227 1228 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1229 { 1230 kfree(sop->so_owner.data); 1231 sop->so_ops->so_free(sop); 1232 } 1233 1234 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1235 { 1236 struct nfs4_client *clp = sop->so_client; 1237 1238 might_lock(&clp->cl_lock); 1239 1240 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1241 return; 1242 sop->so_ops->so_unhash(sop); 1243 spin_unlock(&clp->cl_lock); 1244 nfs4_free_stateowner(sop); 1245 } 1246 1247 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1248 { 1249 struct nfs4_file *fp = stp->st_stid.sc_file; 1250 1251 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1252 1253 if (list_empty(&stp->st_perfile)) 1254 return false; 1255 1256 spin_lock(&fp->fi_lock); 1257 list_del_init(&stp->st_perfile); 1258 spin_unlock(&fp->fi_lock); 1259 list_del(&stp->st_perstateowner); 1260 return true; 1261 } 1262 1263 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1264 { 1265 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1266 1267 put_clnt_odstate(stp->st_clnt_odstate); 1268 release_all_access(stp); 1269 if (stp->st_stateowner) 1270 nfs4_put_stateowner(stp->st_stateowner); 1271 kmem_cache_free(stateid_slab, stid); 1272 } 1273 1274 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1275 { 1276 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1277 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1278 struct file *file; 1279 1280 file = find_any_file(stp->st_stid.sc_file); 1281 if (file) 1282 filp_close(file, (fl_owner_t)lo); 1283 nfs4_free_ol_stateid(stid); 1284 } 1285 1286 /* 1287 * Put the persistent reference to an already unhashed generic stateid, while 1288 * holding the cl_lock. If it's the last reference, then put it onto the 1289 * reaplist for later destruction. 1290 */ 1291 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1292 struct list_head *reaplist) 1293 { 1294 struct nfs4_stid *s = &stp->st_stid; 1295 struct nfs4_client *clp = s->sc_client; 1296 1297 lockdep_assert_held(&clp->cl_lock); 1298 1299 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1300 1301 if (!refcount_dec_and_test(&s->sc_count)) { 1302 wake_up_all(&close_wq); 1303 return; 1304 } 1305 1306 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1307 list_add(&stp->st_locks, reaplist); 1308 } 1309 1310 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1311 { 1312 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1313 1314 list_del_init(&stp->st_locks); 1315 nfs4_unhash_stid(&stp->st_stid); 1316 return unhash_ol_stateid(stp); 1317 } 1318 1319 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1320 { 1321 struct nfs4_client *clp = stp->st_stid.sc_client; 1322 bool unhashed; 1323 1324 spin_lock(&clp->cl_lock); 1325 unhashed = unhash_lock_stateid(stp); 1326 spin_unlock(&clp->cl_lock); 1327 if (unhashed) 1328 nfs4_put_stid(&stp->st_stid); 1329 } 1330 1331 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1332 { 1333 struct nfs4_client *clp = lo->lo_owner.so_client; 1334 1335 lockdep_assert_held(&clp->cl_lock); 1336 1337 list_del_init(&lo->lo_owner.so_strhash); 1338 } 1339 1340 /* 1341 * Free a list of generic stateids that were collected earlier after being 1342 * fully unhashed. 1343 */ 1344 static void 1345 free_ol_stateid_reaplist(struct list_head *reaplist) 1346 { 1347 struct nfs4_ol_stateid *stp; 1348 struct nfs4_file *fp; 1349 1350 might_sleep(); 1351 1352 while (!list_empty(reaplist)) { 1353 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1354 st_locks); 1355 list_del(&stp->st_locks); 1356 fp = stp->st_stid.sc_file; 1357 stp->st_stid.sc_free(&stp->st_stid); 1358 if (fp) 1359 put_nfs4_file(fp); 1360 } 1361 } 1362 1363 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1364 struct list_head *reaplist) 1365 { 1366 struct nfs4_ol_stateid *stp; 1367 1368 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1369 1370 while (!list_empty(&open_stp->st_locks)) { 1371 stp = list_entry(open_stp->st_locks.next, 1372 struct nfs4_ol_stateid, st_locks); 1373 WARN_ON(!unhash_lock_stateid(stp)); 1374 put_ol_stateid_locked(stp, reaplist); 1375 } 1376 } 1377 1378 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1379 struct list_head *reaplist) 1380 { 1381 bool unhashed; 1382 1383 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1384 1385 unhashed = unhash_ol_stateid(stp); 1386 release_open_stateid_locks(stp, reaplist); 1387 return unhashed; 1388 } 1389 1390 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1391 { 1392 LIST_HEAD(reaplist); 1393 1394 spin_lock(&stp->st_stid.sc_client->cl_lock); 1395 if (unhash_open_stateid(stp, &reaplist)) 1396 put_ol_stateid_locked(stp, &reaplist); 1397 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1398 free_ol_stateid_reaplist(&reaplist); 1399 } 1400 1401 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1402 { 1403 struct nfs4_client *clp = oo->oo_owner.so_client; 1404 1405 lockdep_assert_held(&clp->cl_lock); 1406 1407 list_del_init(&oo->oo_owner.so_strhash); 1408 list_del_init(&oo->oo_perclient); 1409 } 1410 1411 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1412 { 1413 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1414 nfsd_net_id); 1415 struct nfs4_ol_stateid *s; 1416 1417 spin_lock(&nn->client_lock); 1418 s = oo->oo_last_closed_stid; 1419 if (s) { 1420 list_del_init(&oo->oo_close_lru); 1421 oo->oo_last_closed_stid = NULL; 1422 } 1423 spin_unlock(&nn->client_lock); 1424 if (s) 1425 nfs4_put_stid(&s->st_stid); 1426 } 1427 1428 static void release_openowner(struct nfs4_openowner *oo) 1429 { 1430 struct nfs4_ol_stateid *stp; 1431 struct nfs4_client *clp = oo->oo_owner.so_client; 1432 struct list_head reaplist; 1433 1434 INIT_LIST_HEAD(&reaplist); 1435 1436 spin_lock(&clp->cl_lock); 1437 unhash_openowner_locked(oo); 1438 while (!list_empty(&oo->oo_owner.so_stateids)) { 1439 stp = list_first_entry(&oo->oo_owner.so_stateids, 1440 struct nfs4_ol_stateid, st_perstateowner); 1441 if (unhash_open_stateid(stp, &reaplist)) 1442 put_ol_stateid_locked(stp, &reaplist); 1443 } 1444 spin_unlock(&clp->cl_lock); 1445 free_ol_stateid_reaplist(&reaplist); 1446 release_last_closed_stateid(oo); 1447 nfs4_put_stateowner(&oo->oo_owner); 1448 } 1449 1450 static inline int 1451 hash_sessionid(struct nfs4_sessionid *sessionid) 1452 { 1453 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1454 1455 return sid->sequence % SESSION_HASH_SIZE; 1456 } 1457 1458 #ifdef CONFIG_SUNRPC_DEBUG 1459 static inline void 1460 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1461 { 1462 u32 *ptr = (u32 *)(&sessionid->data[0]); 1463 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1464 } 1465 #else 1466 static inline void 1467 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1468 { 1469 } 1470 #endif 1471 1472 /* 1473 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1474 * won't be used for replay. 1475 */ 1476 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1477 { 1478 struct nfs4_stateowner *so = cstate->replay_owner; 1479 1480 if (nfserr == nfserr_replay_me) 1481 return; 1482 1483 if (!seqid_mutating_err(ntohl(nfserr))) { 1484 nfsd4_cstate_clear_replay(cstate); 1485 return; 1486 } 1487 if (!so) 1488 return; 1489 if (so->so_is_open_owner) 1490 release_last_closed_stateid(openowner(so)); 1491 so->so_seqid++; 1492 return; 1493 } 1494 1495 static void 1496 gen_sessionid(struct nfsd4_session *ses) 1497 { 1498 struct nfs4_client *clp = ses->se_client; 1499 struct nfsd4_sessionid *sid; 1500 1501 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1502 sid->clientid = clp->cl_clientid; 1503 sid->sequence = current_sessionid++; 1504 sid->reserved = 0; 1505 } 1506 1507 /* 1508 * The protocol defines ca_maxresponssize_cached to include the size of 1509 * the rpc header, but all we need to cache is the data starting after 1510 * the end of the initial SEQUENCE operation--the rest we regenerate 1511 * each time. Therefore we can advertise a ca_maxresponssize_cached 1512 * value that is the number of bytes in our cache plus a few additional 1513 * bytes. In order to stay on the safe side, and not promise more than 1514 * we can cache, those additional bytes must be the minimum possible: 24 1515 * bytes of rpc header (xid through accept state, with AUTH_NULL 1516 * verifier), 12 for the compound header (with zero-length tag), and 44 1517 * for the SEQUENCE op response: 1518 */ 1519 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1520 1521 static void 1522 free_session_slots(struct nfsd4_session *ses) 1523 { 1524 int i; 1525 1526 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1527 free_svc_cred(&ses->se_slots[i]->sl_cred); 1528 kfree(ses->se_slots[i]); 1529 } 1530 } 1531 1532 /* 1533 * We don't actually need to cache the rpc and session headers, so we 1534 * can allocate a little less for each slot: 1535 */ 1536 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1537 { 1538 u32 size; 1539 1540 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1541 size = 0; 1542 else 1543 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1544 return size + sizeof(struct nfsd4_slot); 1545 } 1546 1547 /* 1548 * XXX: If we run out of reserved DRC memory we could (up to a point) 1549 * re-negotiate active sessions and reduce their slot usage to make 1550 * room for new connections. For now we just fail the create session. 1551 */ 1552 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca) 1553 { 1554 u32 slotsize = slot_bytes(ca); 1555 u32 num = ca->maxreqs; 1556 unsigned long avail, total_avail; 1557 1558 spin_lock(&nfsd_drc_lock); 1559 total_avail = nfsd_drc_max_mem - nfsd_drc_mem_used; 1560 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, total_avail); 1561 /* 1562 * Never use more than a third of the remaining memory, 1563 * unless it's the only way to give this client a slot: 1564 */ 1565 avail = clamp_t(int, avail, slotsize, total_avail/3); 1566 num = min_t(int, num, avail / slotsize); 1567 nfsd_drc_mem_used += num * slotsize; 1568 spin_unlock(&nfsd_drc_lock); 1569 1570 return num; 1571 } 1572 1573 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1574 { 1575 int slotsize = slot_bytes(ca); 1576 1577 spin_lock(&nfsd_drc_lock); 1578 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1579 spin_unlock(&nfsd_drc_lock); 1580 } 1581 1582 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1583 struct nfsd4_channel_attrs *battrs) 1584 { 1585 int numslots = fattrs->maxreqs; 1586 int slotsize = slot_bytes(fattrs); 1587 struct nfsd4_session *new; 1588 int mem, i; 1589 1590 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1591 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1592 mem = numslots * sizeof(struct nfsd4_slot *); 1593 1594 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1595 if (!new) 1596 return NULL; 1597 /* allocate each struct nfsd4_slot and data cache in one piece */ 1598 for (i = 0; i < numslots; i++) { 1599 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1600 if (!new->se_slots[i]) 1601 goto out_free; 1602 } 1603 1604 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1605 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1606 1607 return new; 1608 out_free: 1609 while (i--) 1610 kfree(new->se_slots[i]); 1611 kfree(new); 1612 return NULL; 1613 } 1614 1615 static void free_conn(struct nfsd4_conn *c) 1616 { 1617 svc_xprt_put(c->cn_xprt); 1618 kfree(c); 1619 } 1620 1621 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1622 { 1623 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1624 struct nfs4_client *clp = c->cn_session->se_client; 1625 1626 spin_lock(&clp->cl_lock); 1627 if (!list_empty(&c->cn_persession)) { 1628 list_del(&c->cn_persession); 1629 free_conn(c); 1630 } 1631 nfsd4_probe_callback(clp); 1632 spin_unlock(&clp->cl_lock); 1633 } 1634 1635 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1636 { 1637 struct nfsd4_conn *conn; 1638 1639 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1640 if (!conn) 1641 return NULL; 1642 svc_xprt_get(rqstp->rq_xprt); 1643 conn->cn_xprt = rqstp->rq_xprt; 1644 conn->cn_flags = flags; 1645 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1646 return conn; 1647 } 1648 1649 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1650 { 1651 conn->cn_session = ses; 1652 list_add(&conn->cn_persession, &ses->se_conns); 1653 } 1654 1655 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1656 { 1657 struct nfs4_client *clp = ses->se_client; 1658 1659 spin_lock(&clp->cl_lock); 1660 __nfsd4_hash_conn(conn, ses); 1661 spin_unlock(&clp->cl_lock); 1662 } 1663 1664 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1665 { 1666 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1667 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1668 } 1669 1670 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1671 { 1672 int ret; 1673 1674 nfsd4_hash_conn(conn, ses); 1675 ret = nfsd4_register_conn(conn); 1676 if (ret) 1677 /* oops; xprt is already down: */ 1678 nfsd4_conn_lost(&conn->cn_xpt_user); 1679 /* We may have gained or lost a callback channel: */ 1680 nfsd4_probe_callback_sync(ses->se_client); 1681 } 1682 1683 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1684 { 1685 u32 dir = NFS4_CDFC4_FORE; 1686 1687 if (cses->flags & SESSION4_BACK_CHAN) 1688 dir |= NFS4_CDFC4_BACK; 1689 return alloc_conn(rqstp, dir); 1690 } 1691 1692 /* must be called under client_lock */ 1693 static void nfsd4_del_conns(struct nfsd4_session *s) 1694 { 1695 struct nfs4_client *clp = s->se_client; 1696 struct nfsd4_conn *c; 1697 1698 spin_lock(&clp->cl_lock); 1699 while (!list_empty(&s->se_conns)) { 1700 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1701 list_del_init(&c->cn_persession); 1702 spin_unlock(&clp->cl_lock); 1703 1704 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1705 free_conn(c); 1706 1707 spin_lock(&clp->cl_lock); 1708 } 1709 spin_unlock(&clp->cl_lock); 1710 } 1711 1712 static void __free_session(struct nfsd4_session *ses) 1713 { 1714 free_session_slots(ses); 1715 kfree(ses); 1716 } 1717 1718 static void free_session(struct nfsd4_session *ses) 1719 { 1720 nfsd4_del_conns(ses); 1721 nfsd4_put_drc_mem(&ses->se_fchannel); 1722 __free_session(ses); 1723 } 1724 1725 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1726 { 1727 int idx; 1728 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1729 1730 new->se_client = clp; 1731 gen_sessionid(new); 1732 1733 INIT_LIST_HEAD(&new->se_conns); 1734 1735 new->se_cb_seq_nr = 1; 1736 new->se_flags = cses->flags; 1737 new->se_cb_prog = cses->callback_prog; 1738 new->se_cb_sec = cses->cb_sec; 1739 atomic_set(&new->se_ref, 0); 1740 idx = hash_sessionid(&new->se_sessionid); 1741 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1742 spin_lock(&clp->cl_lock); 1743 list_add(&new->se_perclnt, &clp->cl_sessions); 1744 spin_unlock(&clp->cl_lock); 1745 1746 { 1747 struct sockaddr *sa = svc_addr(rqstp); 1748 /* 1749 * This is a little silly; with sessions there's no real 1750 * use for the callback address. Use the peer address 1751 * as a reasonable default for now, but consider fixing 1752 * the rpc client not to require an address in the 1753 * future: 1754 */ 1755 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1756 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1757 } 1758 } 1759 1760 /* caller must hold client_lock */ 1761 static struct nfsd4_session * 1762 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1763 { 1764 struct nfsd4_session *elem; 1765 int idx; 1766 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1767 1768 lockdep_assert_held(&nn->client_lock); 1769 1770 dump_sessionid(__func__, sessionid); 1771 idx = hash_sessionid(sessionid); 1772 /* Search in the appropriate list */ 1773 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1774 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1775 NFS4_MAX_SESSIONID_LEN)) { 1776 return elem; 1777 } 1778 } 1779 1780 dprintk("%s: session not found\n", __func__); 1781 return NULL; 1782 } 1783 1784 static struct nfsd4_session * 1785 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1786 __be32 *ret) 1787 { 1788 struct nfsd4_session *session; 1789 __be32 status = nfserr_badsession; 1790 1791 session = __find_in_sessionid_hashtbl(sessionid, net); 1792 if (!session) 1793 goto out; 1794 status = nfsd4_get_session_locked(session); 1795 if (status) 1796 session = NULL; 1797 out: 1798 *ret = status; 1799 return session; 1800 } 1801 1802 /* caller must hold client_lock */ 1803 static void 1804 unhash_session(struct nfsd4_session *ses) 1805 { 1806 struct nfs4_client *clp = ses->se_client; 1807 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1808 1809 lockdep_assert_held(&nn->client_lock); 1810 1811 list_del(&ses->se_hash); 1812 spin_lock(&ses->se_client->cl_lock); 1813 list_del(&ses->se_perclnt); 1814 spin_unlock(&ses->se_client->cl_lock); 1815 } 1816 1817 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1818 static int 1819 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1820 { 1821 /* 1822 * We're assuming the clid was not given out from a boot 1823 * precisely 2^32 (about 136 years) before this one. That seems 1824 * a safe assumption: 1825 */ 1826 if (clid->cl_boot == (u32)nn->boot_time) 1827 return 0; 1828 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n", 1829 clid->cl_boot, clid->cl_id, nn->boot_time); 1830 return 1; 1831 } 1832 1833 /* 1834 * XXX Should we use a slab cache ? 1835 * This type of memory management is somewhat inefficient, but we use it 1836 * anyway since SETCLIENTID is not a common operation. 1837 */ 1838 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1839 { 1840 struct nfs4_client *clp; 1841 int i; 1842 1843 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 1844 if (clp == NULL) 1845 return NULL; 1846 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1847 if (clp->cl_name.data == NULL) 1848 goto err_no_name; 1849 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE, 1850 sizeof(struct list_head), 1851 GFP_KERNEL); 1852 if (!clp->cl_ownerstr_hashtbl) 1853 goto err_no_hashtbl; 1854 for (i = 0; i < OWNER_HASH_SIZE; i++) 1855 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1856 clp->cl_name.len = name.len; 1857 INIT_LIST_HEAD(&clp->cl_sessions); 1858 idr_init(&clp->cl_stateids); 1859 atomic_set(&clp->cl_refcount, 0); 1860 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1861 INIT_LIST_HEAD(&clp->cl_idhash); 1862 INIT_LIST_HEAD(&clp->cl_openowners); 1863 INIT_LIST_HEAD(&clp->cl_delegations); 1864 INIT_LIST_HEAD(&clp->cl_lru); 1865 INIT_LIST_HEAD(&clp->cl_revoked); 1866 #ifdef CONFIG_NFSD_PNFS 1867 INIT_LIST_HEAD(&clp->cl_lo_states); 1868 #endif 1869 INIT_LIST_HEAD(&clp->async_copies); 1870 spin_lock_init(&clp->async_lock); 1871 spin_lock_init(&clp->cl_lock); 1872 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1873 return clp; 1874 err_no_hashtbl: 1875 kfree(clp->cl_name.data); 1876 err_no_name: 1877 kmem_cache_free(client_slab, clp); 1878 return NULL; 1879 } 1880 1881 static void 1882 free_client(struct nfs4_client *clp) 1883 { 1884 while (!list_empty(&clp->cl_sessions)) { 1885 struct nfsd4_session *ses; 1886 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1887 se_perclnt); 1888 list_del(&ses->se_perclnt); 1889 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 1890 free_session(ses); 1891 } 1892 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1893 free_svc_cred(&clp->cl_cred); 1894 kfree(clp->cl_ownerstr_hashtbl); 1895 kfree(clp->cl_name.data); 1896 idr_destroy(&clp->cl_stateids); 1897 kmem_cache_free(client_slab, clp); 1898 } 1899 1900 /* must be called under the client_lock */ 1901 static void 1902 unhash_client_locked(struct nfs4_client *clp) 1903 { 1904 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1905 struct nfsd4_session *ses; 1906 1907 lockdep_assert_held(&nn->client_lock); 1908 1909 /* Mark the client as expired! */ 1910 clp->cl_time = 0; 1911 /* Make it invisible */ 1912 if (!list_empty(&clp->cl_idhash)) { 1913 list_del_init(&clp->cl_idhash); 1914 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1915 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1916 else 1917 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1918 } 1919 list_del_init(&clp->cl_lru); 1920 spin_lock(&clp->cl_lock); 1921 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1922 list_del_init(&ses->se_hash); 1923 spin_unlock(&clp->cl_lock); 1924 } 1925 1926 static void 1927 unhash_client(struct nfs4_client *clp) 1928 { 1929 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1930 1931 spin_lock(&nn->client_lock); 1932 unhash_client_locked(clp); 1933 spin_unlock(&nn->client_lock); 1934 } 1935 1936 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 1937 { 1938 if (atomic_read(&clp->cl_refcount)) 1939 return nfserr_jukebox; 1940 unhash_client_locked(clp); 1941 return nfs_ok; 1942 } 1943 1944 static void 1945 __destroy_client(struct nfs4_client *clp) 1946 { 1947 int i; 1948 struct nfs4_openowner *oo; 1949 struct nfs4_delegation *dp; 1950 struct list_head reaplist; 1951 1952 INIT_LIST_HEAD(&reaplist); 1953 spin_lock(&state_lock); 1954 while (!list_empty(&clp->cl_delegations)) { 1955 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1956 WARN_ON(!unhash_delegation_locked(dp)); 1957 list_add(&dp->dl_recall_lru, &reaplist); 1958 } 1959 spin_unlock(&state_lock); 1960 while (!list_empty(&reaplist)) { 1961 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1962 list_del_init(&dp->dl_recall_lru); 1963 destroy_unhashed_deleg(dp); 1964 } 1965 while (!list_empty(&clp->cl_revoked)) { 1966 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 1967 list_del_init(&dp->dl_recall_lru); 1968 nfs4_put_stid(&dp->dl_stid); 1969 } 1970 while (!list_empty(&clp->cl_openowners)) { 1971 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1972 nfs4_get_stateowner(&oo->oo_owner); 1973 release_openowner(oo); 1974 } 1975 for (i = 0; i < OWNER_HASH_SIZE; i++) { 1976 struct nfs4_stateowner *so, *tmp; 1977 1978 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 1979 so_strhash) { 1980 /* Should be no openowners at this point */ 1981 WARN_ON_ONCE(so->so_is_open_owner); 1982 remove_blocked_locks(lockowner(so)); 1983 } 1984 } 1985 nfsd4_return_all_client_layouts(clp); 1986 nfsd4_shutdown_copy(clp); 1987 nfsd4_shutdown_callback(clp); 1988 if (clp->cl_cb_conn.cb_xprt) 1989 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1990 free_client(clp); 1991 } 1992 1993 static void 1994 destroy_client(struct nfs4_client *clp) 1995 { 1996 unhash_client(clp); 1997 __destroy_client(clp); 1998 } 1999 2000 static void expire_client(struct nfs4_client *clp) 2001 { 2002 unhash_client(clp); 2003 nfsd4_client_record_remove(clp); 2004 __destroy_client(clp); 2005 } 2006 2007 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 2008 { 2009 memcpy(target->cl_verifier.data, source->data, 2010 sizeof(target->cl_verifier.data)); 2011 } 2012 2013 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 2014 { 2015 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 2016 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 2017 } 2018 2019 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 2020 { 2021 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 2022 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 2023 GFP_KERNEL); 2024 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL); 2025 if ((source->cr_principal && !target->cr_principal) || 2026 (source->cr_raw_principal && !target->cr_raw_principal) || 2027 (source->cr_targ_princ && !target->cr_targ_princ)) 2028 return -ENOMEM; 2029 2030 target->cr_flavor = source->cr_flavor; 2031 target->cr_uid = source->cr_uid; 2032 target->cr_gid = source->cr_gid; 2033 target->cr_group_info = source->cr_group_info; 2034 get_group_info(target->cr_group_info); 2035 target->cr_gss_mech = source->cr_gss_mech; 2036 if (source->cr_gss_mech) 2037 gss_mech_get(source->cr_gss_mech); 2038 return 0; 2039 } 2040 2041 static int 2042 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 2043 { 2044 if (o1->len < o2->len) 2045 return -1; 2046 if (o1->len > o2->len) 2047 return 1; 2048 return memcmp(o1->data, o2->data, o1->len); 2049 } 2050 2051 static int same_name(const char *n1, const char *n2) 2052 { 2053 return 0 == memcmp(n1, n2, HEXDIR_LEN); 2054 } 2055 2056 static int 2057 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2058 { 2059 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2060 } 2061 2062 static int 2063 same_clid(clientid_t *cl1, clientid_t *cl2) 2064 { 2065 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2066 } 2067 2068 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2069 { 2070 int i; 2071 2072 if (g1->ngroups != g2->ngroups) 2073 return false; 2074 for (i=0; i<g1->ngroups; i++) 2075 if (!gid_eq(g1->gid[i], g2->gid[i])) 2076 return false; 2077 return true; 2078 } 2079 2080 /* 2081 * RFC 3530 language requires clid_inuse be returned when the 2082 * "principal" associated with a requests differs from that previously 2083 * used. We use uid, gid's, and gss principal string as our best 2084 * approximation. We also don't want to allow non-gss use of a client 2085 * established using gss: in theory cr_principal should catch that 2086 * change, but in practice cr_principal can be null even in the gss case 2087 * since gssd doesn't always pass down a principal string. 2088 */ 2089 static bool is_gss_cred(struct svc_cred *cr) 2090 { 2091 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2092 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2093 } 2094 2095 2096 static bool 2097 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2098 { 2099 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2100 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2101 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2102 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2103 return false; 2104 /* XXX: check that cr_targ_princ fields match ? */ 2105 if (cr1->cr_principal == cr2->cr_principal) 2106 return true; 2107 if (!cr1->cr_principal || !cr2->cr_principal) 2108 return false; 2109 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2110 } 2111 2112 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2113 { 2114 struct svc_cred *cr = &rqstp->rq_cred; 2115 u32 service; 2116 2117 if (!cr->cr_gss_mech) 2118 return false; 2119 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2120 return service == RPC_GSS_SVC_INTEGRITY || 2121 service == RPC_GSS_SVC_PRIVACY; 2122 } 2123 2124 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2125 { 2126 struct svc_cred *cr = &rqstp->rq_cred; 2127 2128 if (!cl->cl_mach_cred) 2129 return true; 2130 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2131 return false; 2132 if (!svc_rqst_integrity_protected(rqstp)) 2133 return false; 2134 if (cl->cl_cred.cr_raw_principal) 2135 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2136 cr->cr_raw_principal); 2137 if (!cr->cr_principal) 2138 return false; 2139 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2140 } 2141 2142 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2143 { 2144 __be32 verf[2]; 2145 2146 /* 2147 * This is opaque to client, so no need to byte-swap. Use 2148 * __force to keep sparse happy 2149 */ 2150 verf[0] = (__force __be32)get_seconds(); 2151 verf[1] = (__force __be32)nn->clverifier_counter++; 2152 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2153 } 2154 2155 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2156 { 2157 clp->cl_clientid.cl_boot = nn->boot_time; 2158 clp->cl_clientid.cl_id = nn->clientid_counter++; 2159 gen_confirm(clp, nn); 2160 } 2161 2162 static struct nfs4_stid * 2163 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2164 { 2165 struct nfs4_stid *ret; 2166 2167 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2168 if (!ret || !ret->sc_type) 2169 return NULL; 2170 return ret; 2171 } 2172 2173 static struct nfs4_stid * 2174 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2175 { 2176 struct nfs4_stid *s; 2177 2178 spin_lock(&cl->cl_lock); 2179 s = find_stateid_locked(cl, t); 2180 if (s != NULL) { 2181 if (typemask & s->sc_type) 2182 refcount_inc(&s->sc_count); 2183 else 2184 s = NULL; 2185 } 2186 spin_unlock(&cl->cl_lock); 2187 return s; 2188 } 2189 2190 static struct nfs4_client *create_client(struct xdr_netobj name, 2191 struct svc_rqst *rqstp, nfs4_verifier *verf) 2192 { 2193 struct nfs4_client *clp; 2194 struct sockaddr *sa = svc_addr(rqstp); 2195 int ret; 2196 struct net *net = SVC_NET(rqstp); 2197 2198 clp = alloc_client(name); 2199 if (clp == NULL) 2200 return NULL; 2201 2202 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2203 if (ret) { 2204 free_client(clp); 2205 return NULL; 2206 } 2207 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2208 clp->cl_time = get_seconds(); 2209 clear_bit(0, &clp->cl_cb_slot_busy); 2210 copy_verf(clp, verf); 2211 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 2212 clp->cl_cb_session = NULL; 2213 clp->net = net; 2214 return clp; 2215 } 2216 2217 static void 2218 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2219 { 2220 struct rb_node **new = &(root->rb_node), *parent = NULL; 2221 struct nfs4_client *clp; 2222 2223 while (*new) { 2224 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2225 parent = *new; 2226 2227 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2228 new = &((*new)->rb_left); 2229 else 2230 new = &((*new)->rb_right); 2231 } 2232 2233 rb_link_node(&new_clp->cl_namenode, parent, new); 2234 rb_insert_color(&new_clp->cl_namenode, root); 2235 } 2236 2237 static struct nfs4_client * 2238 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2239 { 2240 int cmp; 2241 struct rb_node *node = root->rb_node; 2242 struct nfs4_client *clp; 2243 2244 while (node) { 2245 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2246 cmp = compare_blob(&clp->cl_name, name); 2247 if (cmp > 0) 2248 node = node->rb_left; 2249 else if (cmp < 0) 2250 node = node->rb_right; 2251 else 2252 return clp; 2253 } 2254 return NULL; 2255 } 2256 2257 static void 2258 add_to_unconfirmed(struct nfs4_client *clp) 2259 { 2260 unsigned int idhashval; 2261 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2262 2263 lockdep_assert_held(&nn->client_lock); 2264 2265 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2266 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2267 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2268 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2269 renew_client_locked(clp); 2270 } 2271 2272 static void 2273 move_to_confirmed(struct nfs4_client *clp) 2274 { 2275 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2276 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2277 2278 lockdep_assert_held(&nn->client_lock); 2279 2280 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2281 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2282 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2283 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2284 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2285 renew_client_locked(clp); 2286 } 2287 2288 static struct nfs4_client * 2289 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2290 { 2291 struct nfs4_client *clp; 2292 unsigned int idhashval = clientid_hashval(clid->cl_id); 2293 2294 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2295 if (same_clid(&clp->cl_clientid, clid)) { 2296 if ((bool)clp->cl_minorversion != sessions) 2297 return NULL; 2298 renew_client_locked(clp); 2299 return clp; 2300 } 2301 } 2302 return NULL; 2303 } 2304 2305 static struct nfs4_client * 2306 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2307 { 2308 struct list_head *tbl = nn->conf_id_hashtbl; 2309 2310 lockdep_assert_held(&nn->client_lock); 2311 return find_client_in_id_table(tbl, clid, sessions); 2312 } 2313 2314 static struct nfs4_client * 2315 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2316 { 2317 struct list_head *tbl = nn->unconf_id_hashtbl; 2318 2319 lockdep_assert_held(&nn->client_lock); 2320 return find_client_in_id_table(tbl, clid, sessions); 2321 } 2322 2323 static bool clp_used_exchangeid(struct nfs4_client *clp) 2324 { 2325 return clp->cl_exchange_flags != 0; 2326 } 2327 2328 static struct nfs4_client * 2329 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2330 { 2331 lockdep_assert_held(&nn->client_lock); 2332 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2333 } 2334 2335 static struct nfs4_client * 2336 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2337 { 2338 lockdep_assert_held(&nn->client_lock); 2339 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2340 } 2341 2342 static void 2343 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2344 { 2345 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2346 struct sockaddr *sa = svc_addr(rqstp); 2347 u32 scopeid = rpc_get_scope_id(sa); 2348 unsigned short expected_family; 2349 2350 /* Currently, we only support tcp and tcp6 for the callback channel */ 2351 if (se->se_callback_netid_len == 3 && 2352 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2353 expected_family = AF_INET; 2354 else if (se->se_callback_netid_len == 4 && 2355 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2356 expected_family = AF_INET6; 2357 else 2358 goto out_err; 2359 2360 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2361 se->se_callback_addr_len, 2362 (struct sockaddr *)&conn->cb_addr, 2363 sizeof(conn->cb_addr)); 2364 2365 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2366 goto out_err; 2367 2368 if (conn->cb_addr.ss_family == AF_INET6) 2369 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2370 2371 conn->cb_prog = se->se_callback_prog; 2372 conn->cb_ident = se->se_callback_ident; 2373 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2374 return; 2375 out_err: 2376 conn->cb_addr.ss_family = AF_UNSPEC; 2377 conn->cb_addrlen = 0; 2378 dprintk("NFSD: this client (clientid %08x/%08x) " 2379 "will not receive delegations\n", 2380 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 2381 2382 return; 2383 } 2384 2385 /* 2386 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2387 */ 2388 static void 2389 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2390 { 2391 struct xdr_buf *buf = resp->xdr.buf; 2392 struct nfsd4_slot *slot = resp->cstate.slot; 2393 unsigned int base; 2394 2395 dprintk("--> %s slot %p\n", __func__, slot); 2396 2397 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2398 slot->sl_opcnt = resp->opcnt; 2399 slot->sl_status = resp->cstate.status; 2400 free_svc_cred(&slot->sl_cred); 2401 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2402 2403 if (!nfsd4_cache_this(resp)) { 2404 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2405 return; 2406 } 2407 slot->sl_flags |= NFSD4_SLOT_CACHED; 2408 2409 base = resp->cstate.data_offset; 2410 slot->sl_datalen = buf->len - base; 2411 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2412 WARN(1, "%s: sessions DRC could not cache compound\n", 2413 __func__); 2414 return; 2415 } 2416 2417 /* 2418 * Encode the replay sequence operation from the slot values. 2419 * If cachethis is FALSE encode the uncached rep error on the next 2420 * operation which sets resp->p and increments resp->opcnt for 2421 * nfs4svc_encode_compoundres. 2422 * 2423 */ 2424 static __be32 2425 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2426 struct nfsd4_compoundres *resp) 2427 { 2428 struct nfsd4_op *op; 2429 struct nfsd4_slot *slot = resp->cstate.slot; 2430 2431 /* Encode the replayed sequence operation */ 2432 op = &args->ops[resp->opcnt - 1]; 2433 nfsd4_encode_operation(resp, op); 2434 2435 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2436 return op->status; 2437 if (args->opcnt == 1) { 2438 /* 2439 * The original operation wasn't a solo sequence--we 2440 * always cache those--so this retry must not match the 2441 * original: 2442 */ 2443 op->status = nfserr_seq_false_retry; 2444 } else { 2445 op = &args->ops[resp->opcnt++]; 2446 op->status = nfserr_retry_uncached_rep; 2447 nfsd4_encode_operation(resp, op); 2448 } 2449 return op->status; 2450 } 2451 2452 /* 2453 * The sequence operation is not cached because we can use the slot and 2454 * session values. 2455 */ 2456 static __be32 2457 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2458 struct nfsd4_sequence *seq) 2459 { 2460 struct nfsd4_slot *slot = resp->cstate.slot; 2461 struct xdr_stream *xdr = &resp->xdr; 2462 __be32 *p; 2463 __be32 status; 2464 2465 dprintk("--> %s slot %p\n", __func__, slot); 2466 2467 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2468 if (status) 2469 return status; 2470 2471 p = xdr_reserve_space(xdr, slot->sl_datalen); 2472 if (!p) { 2473 WARN_ON_ONCE(1); 2474 return nfserr_serverfault; 2475 } 2476 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2477 xdr_commit_encode(xdr); 2478 2479 resp->opcnt = slot->sl_opcnt; 2480 return slot->sl_status; 2481 } 2482 2483 /* 2484 * Set the exchange_id flags returned by the server. 2485 */ 2486 static void 2487 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2488 { 2489 #ifdef CONFIG_NFSD_PNFS 2490 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2491 #else 2492 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2493 #endif 2494 2495 /* Referrals are supported, Migration is not. */ 2496 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2497 2498 /* set the wire flags to return to client. */ 2499 clid->flags = new->cl_exchange_flags; 2500 } 2501 2502 static bool client_has_openowners(struct nfs4_client *clp) 2503 { 2504 struct nfs4_openowner *oo; 2505 2506 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 2507 if (!list_empty(&oo->oo_owner.so_stateids)) 2508 return true; 2509 } 2510 return false; 2511 } 2512 2513 static bool client_has_state(struct nfs4_client *clp) 2514 { 2515 return client_has_openowners(clp) 2516 #ifdef CONFIG_NFSD_PNFS 2517 || !list_empty(&clp->cl_lo_states) 2518 #endif 2519 || !list_empty(&clp->cl_delegations) 2520 || !list_empty(&clp->cl_sessions) 2521 || !list_empty(&clp->async_copies); 2522 } 2523 2524 __be32 2525 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 2526 union nfsd4_op_u *u) 2527 { 2528 struct nfsd4_exchange_id *exid = &u->exchange_id; 2529 struct nfs4_client *conf, *new; 2530 struct nfs4_client *unconf = NULL; 2531 __be32 status; 2532 char addr_str[INET6_ADDRSTRLEN]; 2533 nfs4_verifier verf = exid->verifier; 2534 struct sockaddr *sa = svc_addr(rqstp); 2535 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 2536 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2537 2538 rpc_ntop(sa, addr_str, sizeof(addr_str)); 2539 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 2540 "ip_addr=%s flags %x, spa_how %d\n", 2541 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 2542 addr_str, exid->flags, exid->spa_how); 2543 2544 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 2545 return nfserr_inval; 2546 2547 new = create_client(exid->clname, rqstp, &verf); 2548 if (new == NULL) 2549 return nfserr_jukebox; 2550 2551 switch (exid->spa_how) { 2552 case SP4_MACH_CRED: 2553 exid->spo_must_enforce[0] = 0; 2554 exid->spo_must_enforce[1] = ( 2555 1 << (OP_BIND_CONN_TO_SESSION - 32) | 2556 1 << (OP_EXCHANGE_ID - 32) | 2557 1 << (OP_CREATE_SESSION - 32) | 2558 1 << (OP_DESTROY_SESSION - 32) | 2559 1 << (OP_DESTROY_CLIENTID - 32)); 2560 2561 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 2562 1 << (OP_OPEN_DOWNGRADE) | 2563 1 << (OP_LOCKU) | 2564 1 << (OP_DELEGRETURN)); 2565 2566 exid->spo_must_allow[1] &= ( 2567 1 << (OP_TEST_STATEID - 32) | 2568 1 << (OP_FREE_STATEID - 32)); 2569 if (!svc_rqst_integrity_protected(rqstp)) { 2570 status = nfserr_inval; 2571 goto out_nolock; 2572 } 2573 /* 2574 * Sometimes userspace doesn't give us a principal. 2575 * Which is a bug, really. Anyway, we can't enforce 2576 * MACH_CRED in that case, better to give up now: 2577 */ 2578 if (!new->cl_cred.cr_principal && 2579 !new->cl_cred.cr_raw_principal) { 2580 status = nfserr_serverfault; 2581 goto out_nolock; 2582 } 2583 new->cl_mach_cred = true; 2584 case SP4_NONE: 2585 break; 2586 default: /* checked by xdr code */ 2587 WARN_ON_ONCE(1); 2588 /* fall through */ 2589 case SP4_SSV: 2590 status = nfserr_encr_alg_unsupp; 2591 goto out_nolock; 2592 } 2593 2594 /* Cases below refer to rfc 5661 section 18.35.4: */ 2595 spin_lock(&nn->client_lock); 2596 conf = find_confirmed_client_by_name(&exid->clname, nn); 2597 if (conf) { 2598 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 2599 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 2600 2601 if (update) { 2602 if (!clp_used_exchangeid(conf)) { /* buggy client */ 2603 status = nfserr_inval; 2604 goto out; 2605 } 2606 if (!nfsd4_mach_creds_match(conf, rqstp)) { 2607 status = nfserr_wrong_cred; 2608 goto out; 2609 } 2610 if (!creds_match) { /* case 9 */ 2611 status = nfserr_perm; 2612 goto out; 2613 } 2614 if (!verfs_match) { /* case 8 */ 2615 status = nfserr_not_same; 2616 goto out; 2617 } 2618 /* case 6 */ 2619 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 2620 goto out_copy; 2621 } 2622 if (!creds_match) { /* case 3 */ 2623 if (client_has_state(conf)) { 2624 status = nfserr_clid_inuse; 2625 goto out; 2626 } 2627 goto out_new; 2628 } 2629 if (verfs_match) { /* case 2 */ 2630 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 2631 goto out_copy; 2632 } 2633 /* case 5, client reboot */ 2634 conf = NULL; 2635 goto out_new; 2636 } 2637 2638 if (update) { /* case 7 */ 2639 status = nfserr_noent; 2640 goto out; 2641 } 2642 2643 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 2644 if (unconf) /* case 4, possible retry or client restart */ 2645 unhash_client_locked(unconf); 2646 2647 /* case 1 (normal case) */ 2648 out_new: 2649 if (conf) { 2650 status = mark_client_expired_locked(conf); 2651 if (status) 2652 goto out; 2653 } 2654 new->cl_minorversion = cstate->minorversion; 2655 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 2656 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 2657 2658 gen_clid(new, nn); 2659 add_to_unconfirmed(new); 2660 swap(new, conf); 2661 out_copy: 2662 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 2663 exid->clientid.cl_id = conf->cl_clientid.cl_id; 2664 2665 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 2666 nfsd4_set_ex_flags(conf, exid); 2667 2668 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 2669 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 2670 status = nfs_ok; 2671 2672 out: 2673 spin_unlock(&nn->client_lock); 2674 out_nolock: 2675 if (new) 2676 expire_client(new); 2677 if (unconf) 2678 expire_client(unconf); 2679 return status; 2680 } 2681 2682 static __be32 2683 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 2684 { 2685 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 2686 slot_seqid); 2687 2688 /* The slot is in use, and no response has been sent. */ 2689 if (slot_inuse) { 2690 if (seqid == slot_seqid) 2691 return nfserr_jukebox; 2692 else 2693 return nfserr_seq_misordered; 2694 } 2695 /* Note unsigned 32-bit arithmetic handles wraparound: */ 2696 if (likely(seqid == slot_seqid + 1)) 2697 return nfs_ok; 2698 if (seqid == slot_seqid) 2699 return nfserr_replay_cache; 2700 return nfserr_seq_misordered; 2701 } 2702 2703 /* 2704 * Cache the create session result into the create session single DRC 2705 * slot cache by saving the xdr structure. sl_seqid has been set. 2706 * Do this for solo or embedded create session operations. 2707 */ 2708 static void 2709 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 2710 struct nfsd4_clid_slot *slot, __be32 nfserr) 2711 { 2712 slot->sl_status = nfserr; 2713 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 2714 } 2715 2716 static __be32 2717 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 2718 struct nfsd4_clid_slot *slot) 2719 { 2720 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 2721 return slot->sl_status; 2722 } 2723 2724 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 2725 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 2726 1 + /* MIN tag is length with zero, only length */ \ 2727 3 + /* version, opcount, opcode */ \ 2728 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2729 /* seqid, slotID, slotID, cache */ \ 2730 4 ) * sizeof(__be32)) 2731 2732 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 2733 2 + /* verifier: AUTH_NULL, length 0 */\ 2734 1 + /* status */ \ 2735 1 + /* MIN tag is length with zero, only length */ \ 2736 3 + /* opcount, opcode, opstatus*/ \ 2737 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2738 /* seqid, slotID, slotID, slotID, status */ \ 2739 5 ) * sizeof(__be32)) 2740 2741 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 2742 { 2743 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 2744 2745 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 2746 return nfserr_toosmall; 2747 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 2748 return nfserr_toosmall; 2749 ca->headerpadsz = 0; 2750 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 2751 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 2752 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 2753 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 2754 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 2755 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 2756 /* 2757 * Note decreasing slot size below client's request may make it 2758 * difficult for client to function correctly, whereas 2759 * decreasing the number of slots will (just?) affect 2760 * performance. When short on memory we therefore prefer to 2761 * decrease number of slots instead of their size. Clients that 2762 * request larger slots than they need will get poor results: 2763 */ 2764 ca->maxreqs = nfsd4_get_drc_mem(ca); 2765 if (!ca->maxreqs) 2766 return nfserr_jukebox; 2767 2768 return nfs_ok; 2769 } 2770 2771 /* 2772 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 2773 * These are based on similar macros in linux/sunrpc/msg_prot.h . 2774 */ 2775 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 2776 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 2777 2778 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 2779 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 2780 2781 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 2782 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 2783 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 2784 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 2785 sizeof(__be32)) 2786 2787 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 2788 { 2789 ca->headerpadsz = 0; 2790 2791 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 2792 return nfserr_toosmall; 2793 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 2794 return nfserr_toosmall; 2795 ca->maxresp_cached = 0; 2796 if (ca->maxops < 2) 2797 return nfserr_toosmall; 2798 2799 return nfs_ok; 2800 } 2801 2802 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 2803 { 2804 switch (cbs->flavor) { 2805 case RPC_AUTH_NULL: 2806 case RPC_AUTH_UNIX: 2807 return nfs_ok; 2808 default: 2809 /* 2810 * GSS case: the spec doesn't allow us to return this 2811 * error. But it also doesn't allow us not to support 2812 * GSS. 2813 * I'd rather this fail hard than return some error the 2814 * client might think it can already handle: 2815 */ 2816 return nfserr_encr_alg_unsupp; 2817 } 2818 } 2819 2820 __be32 2821 nfsd4_create_session(struct svc_rqst *rqstp, 2822 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 2823 { 2824 struct nfsd4_create_session *cr_ses = &u->create_session; 2825 struct sockaddr *sa = svc_addr(rqstp); 2826 struct nfs4_client *conf, *unconf; 2827 struct nfs4_client *old = NULL; 2828 struct nfsd4_session *new; 2829 struct nfsd4_conn *conn; 2830 struct nfsd4_clid_slot *cs_slot = NULL; 2831 __be32 status = 0; 2832 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2833 2834 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 2835 return nfserr_inval; 2836 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 2837 if (status) 2838 return status; 2839 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 2840 if (status) 2841 return status; 2842 status = check_backchannel_attrs(&cr_ses->back_channel); 2843 if (status) 2844 goto out_release_drc_mem; 2845 status = nfserr_jukebox; 2846 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 2847 if (!new) 2848 goto out_release_drc_mem; 2849 conn = alloc_conn_from_crses(rqstp, cr_ses); 2850 if (!conn) 2851 goto out_free_session; 2852 2853 spin_lock(&nn->client_lock); 2854 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2855 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2856 WARN_ON_ONCE(conf && unconf); 2857 2858 if (conf) { 2859 status = nfserr_wrong_cred; 2860 if (!nfsd4_mach_creds_match(conf, rqstp)) 2861 goto out_free_conn; 2862 cs_slot = &conf->cl_cs_slot; 2863 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2864 if (status) { 2865 if (status == nfserr_replay_cache) 2866 status = nfsd4_replay_create_session(cr_ses, cs_slot); 2867 goto out_free_conn; 2868 } 2869 } else if (unconf) { 2870 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2871 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2872 status = nfserr_clid_inuse; 2873 goto out_free_conn; 2874 } 2875 status = nfserr_wrong_cred; 2876 if (!nfsd4_mach_creds_match(unconf, rqstp)) 2877 goto out_free_conn; 2878 cs_slot = &unconf->cl_cs_slot; 2879 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2880 if (status) { 2881 /* an unconfirmed replay returns misordered */ 2882 status = nfserr_seq_misordered; 2883 goto out_free_conn; 2884 } 2885 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2886 if (old) { 2887 status = mark_client_expired_locked(old); 2888 if (status) { 2889 old = NULL; 2890 goto out_free_conn; 2891 } 2892 } 2893 move_to_confirmed(unconf); 2894 conf = unconf; 2895 } else { 2896 status = nfserr_stale_clientid; 2897 goto out_free_conn; 2898 } 2899 status = nfs_ok; 2900 /* Persistent sessions are not supported */ 2901 cr_ses->flags &= ~SESSION4_PERSIST; 2902 /* Upshifting from TCP to RDMA is not supported */ 2903 cr_ses->flags &= ~SESSION4_RDMA; 2904 2905 init_session(rqstp, new, conf, cr_ses); 2906 nfsd4_get_session_locked(new); 2907 2908 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2909 NFS4_MAX_SESSIONID_LEN); 2910 cs_slot->sl_seqid++; 2911 cr_ses->seqid = cs_slot->sl_seqid; 2912 2913 /* cache solo and embedded create sessions under the client_lock */ 2914 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2915 spin_unlock(&nn->client_lock); 2916 /* init connection and backchannel */ 2917 nfsd4_init_conn(rqstp, conn, new); 2918 nfsd4_put_session(new); 2919 if (old) 2920 expire_client(old); 2921 return status; 2922 out_free_conn: 2923 spin_unlock(&nn->client_lock); 2924 free_conn(conn); 2925 if (old) 2926 expire_client(old); 2927 out_free_session: 2928 __free_session(new); 2929 out_release_drc_mem: 2930 nfsd4_put_drc_mem(&cr_ses->fore_channel); 2931 return status; 2932 } 2933 2934 static __be32 nfsd4_map_bcts_dir(u32 *dir) 2935 { 2936 switch (*dir) { 2937 case NFS4_CDFC4_FORE: 2938 case NFS4_CDFC4_BACK: 2939 return nfs_ok; 2940 case NFS4_CDFC4_FORE_OR_BOTH: 2941 case NFS4_CDFC4_BACK_OR_BOTH: 2942 *dir = NFS4_CDFC4_BOTH; 2943 return nfs_ok; 2944 }; 2945 return nfserr_inval; 2946 } 2947 2948 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 2949 struct nfsd4_compound_state *cstate, 2950 union nfsd4_op_u *u) 2951 { 2952 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 2953 struct nfsd4_session *session = cstate->session; 2954 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2955 __be32 status; 2956 2957 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 2958 if (status) 2959 return status; 2960 spin_lock(&nn->client_lock); 2961 session->se_cb_prog = bc->bc_cb_program; 2962 session->se_cb_sec = bc->bc_cb_sec; 2963 spin_unlock(&nn->client_lock); 2964 2965 nfsd4_probe_callback(session->se_client); 2966 2967 return nfs_ok; 2968 } 2969 2970 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 2971 struct nfsd4_compound_state *cstate, 2972 union nfsd4_op_u *u) 2973 { 2974 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 2975 __be32 status; 2976 struct nfsd4_conn *conn; 2977 struct nfsd4_session *session; 2978 struct net *net = SVC_NET(rqstp); 2979 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2980 2981 if (!nfsd4_last_compound_op(rqstp)) 2982 return nfserr_not_only_op; 2983 spin_lock(&nn->client_lock); 2984 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 2985 spin_unlock(&nn->client_lock); 2986 if (!session) 2987 goto out_no_session; 2988 status = nfserr_wrong_cred; 2989 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 2990 goto out; 2991 status = nfsd4_map_bcts_dir(&bcts->dir); 2992 if (status) 2993 goto out; 2994 conn = alloc_conn(rqstp, bcts->dir); 2995 status = nfserr_jukebox; 2996 if (!conn) 2997 goto out; 2998 nfsd4_init_conn(rqstp, conn, session); 2999 status = nfs_ok; 3000 out: 3001 nfsd4_put_session(session); 3002 out_no_session: 3003 return status; 3004 } 3005 3006 static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid) 3007 { 3008 if (!cstate->session) 3009 return false; 3010 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid)); 3011 } 3012 3013 __be32 3014 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 3015 union nfsd4_op_u *u) 3016 { 3017 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid; 3018 struct nfsd4_session *ses; 3019 __be32 status; 3020 int ref_held_by_me = 0; 3021 struct net *net = SVC_NET(r); 3022 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3023 3024 status = nfserr_not_only_op; 3025 if (nfsd4_compound_in_session(cstate, sessionid)) { 3026 if (!nfsd4_last_compound_op(r)) 3027 goto out; 3028 ref_held_by_me++; 3029 } 3030 dump_sessionid(__func__, sessionid); 3031 spin_lock(&nn->client_lock); 3032 ses = find_in_sessionid_hashtbl(sessionid, net, &status); 3033 if (!ses) 3034 goto out_client_lock; 3035 status = nfserr_wrong_cred; 3036 if (!nfsd4_mach_creds_match(ses->se_client, r)) 3037 goto out_put_session; 3038 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 3039 if (status) 3040 goto out_put_session; 3041 unhash_session(ses); 3042 spin_unlock(&nn->client_lock); 3043 3044 nfsd4_probe_callback_sync(ses->se_client); 3045 3046 spin_lock(&nn->client_lock); 3047 status = nfs_ok; 3048 out_put_session: 3049 nfsd4_put_session_locked(ses); 3050 out_client_lock: 3051 spin_unlock(&nn->client_lock); 3052 out: 3053 return status; 3054 } 3055 3056 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3057 { 3058 struct nfsd4_conn *c; 3059 3060 list_for_each_entry(c, &s->se_conns, cn_persession) { 3061 if (c->cn_xprt == xpt) { 3062 return c; 3063 } 3064 } 3065 return NULL; 3066 } 3067 3068 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 3069 { 3070 struct nfs4_client *clp = ses->se_client; 3071 struct nfsd4_conn *c; 3072 __be32 status = nfs_ok; 3073 int ret; 3074 3075 spin_lock(&clp->cl_lock); 3076 c = __nfsd4_find_conn(new->cn_xprt, ses); 3077 if (c) 3078 goto out_free; 3079 status = nfserr_conn_not_bound_to_session; 3080 if (clp->cl_mach_cred) 3081 goto out_free; 3082 __nfsd4_hash_conn(new, ses); 3083 spin_unlock(&clp->cl_lock); 3084 ret = nfsd4_register_conn(new); 3085 if (ret) 3086 /* oops; xprt is already down: */ 3087 nfsd4_conn_lost(&new->cn_xpt_user); 3088 return nfs_ok; 3089 out_free: 3090 spin_unlock(&clp->cl_lock); 3091 free_conn(new); 3092 return status; 3093 } 3094 3095 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 3096 { 3097 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3098 3099 return args->opcnt > session->se_fchannel.maxops; 3100 } 3101 3102 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3103 struct nfsd4_session *session) 3104 { 3105 struct xdr_buf *xb = &rqstp->rq_arg; 3106 3107 return xb->len > session->se_fchannel.maxreq_sz; 3108 } 3109 3110 static bool replay_matches_cache(struct svc_rqst *rqstp, 3111 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3112 { 3113 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3114 3115 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3116 (bool)seq->cachethis) 3117 return false; 3118 /* 3119 * If there's an error than the reply can have fewer ops than 3120 * the call. But if we cached a reply with *more* ops than the 3121 * call you're sending us now, then this new call is clearly not 3122 * really a replay of the old one: 3123 */ 3124 if (slot->sl_opcnt < argp->opcnt) 3125 return false; 3126 /* This is the only check explicitly called by spec: */ 3127 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3128 return false; 3129 /* 3130 * There may be more comparisons we could actually do, but the 3131 * spec doesn't require us to catch every case where the calls 3132 * don't match (that would require caching the call as well as 3133 * the reply), so we don't bother. 3134 */ 3135 return true; 3136 } 3137 3138 __be32 3139 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3140 union nfsd4_op_u *u) 3141 { 3142 struct nfsd4_sequence *seq = &u->sequence; 3143 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3144 struct xdr_stream *xdr = &resp->xdr; 3145 struct nfsd4_session *session; 3146 struct nfs4_client *clp; 3147 struct nfsd4_slot *slot; 3148 struct nfsd4_conn *conn; 3149 __be32 status; 3150 int buflen; 3151 struct net *net = SVC_NET(rqstp); 3152 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3153 3154 if (resp->opcnt != 1) 3155 return nfserr_sequence_pos; 3156 3157 /* 3158 * Will be either used or freed by nfsd4_sequence_check_conn 3159 * below. 3160 */ 3161 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3162 if (!conn) 3163 return nfserr_jukebox; 3164 3165 spin_lock(&nn->client_lock); 3166 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3167 if (!session) 3168 goto out_no_session; 3169 clp = session->se_client; 3170 3171 status = nfserr_too_many_ops; 3172 if (nfsd4_session_too_many_ops(rqstp, session)) 3173 goto out_put_session; 3174 3175 status = nfserr_req_too_big; 3176 if (nfsd4_request_too_big(rqstp, session)) 3177 goto out_put_session; 3178 3179 status = nfserr_badslot; 3180 if (seq->slotid >= session->se_fchannel.maxreqs) 3181 goto out_put_session; 3182 3183 slot = session->se_slots[seq->slotid]; 3184 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3185 3186 /* We do not negotiate the number of slots yet, so set the 3187 * maxslots to the session maxreqs which is used to encode 3188 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3189 seq->maxslots = session->se_fchannel.maxreqs; 3190 3191 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3192 slot->sl_flags & NFSD4_SLOT_INUSE); 3193 if (status == nfserr_replay_cache) { 3194 status = nfserr_seq_misordered; 3195 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3196 goto out_put_session; 3197 status = nfserr_seq_false_retry; 3198 if (!replay_matches_cache(rqstp, seq, slot)) 3199 goto out_put_session; 3200 cstate->slot = slot; 3201 cstate->session = session; 3202 cstate->clp = clp; 3203 /* Return the cached reply status and set cstate->status 3204 * for nfsd4_proc_compound processing */ 3205 status = nfsd4_replay_cache_entry(resp, seq); 3206 cstate->status = nfserr_replay_cache; 3207 goto out; 3208 } 3209 if (status) 3210 goto out_put_session; 3211 3212 status = nfsd4_sequence_check_conn(conn, session); 3213 conn = NULL; 3214 if (status) 3215 goto out_put_session; 3216 3217 buflen = (seq->cachethis) ? 3218 session->se_fchannel.maxresp_cached : 3219 session->se_fchannel.maxresp_sz; 3220 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3221 nfserr_rep_too_big; 3222 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3223 goto out_put_session; 3224 svc_reserve(rqstp, buflen); 3225 3226 status = nfs_ok; 3227 /* Success! bump slot seqid */ 3228 slot->sl_seqid = seq->seqid; 3229 slot->sl_flags |= NFSD4_SLOT_INUSE; 3230 if (seq->cachethis) 3231 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3232 else 3233 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3234 3235 cstate->slot = slot; 3236 cstate->session = session; 3237 cstate->clp = clp; 3238 3239 out: 3240 switch (clp->cl_cb_state) { 3241 case NFSD4_CB_DOWN: 3242 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3243 break; 3244 case NFSD4_CB_FAULT: 3245 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3246 break; 3247 default: 3248 seq->status_flags = 0; 3249 } 3250 if (!list_empty(&clp->cl_revoked)) 3251 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3252 out_no_session: 3253 if (conn) 3254 free_conn(conn); 3255 spin_unlock(&nn->client_lock); 3256 return status; 3257 out_put_session: 3258 nfsd4_put_session_locked(session); 3259 goto out_no_session; 3260 } 3261 3262 void 3263 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3264 { 3265 struct nfsd4_compound_state *cs = &resp->cstate; 3266 3267 if (nfsd4_has_session(cs)) { 3268 if (cs->status != nfserr_replay_cache) { 3269 nfsd4_store_cache_entry(resp); 3270 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3271 } 3272 /* Drop session reference that was taken in nfsd4_sequence() */ 3273 nfsd4_put_session(cs->session); 3274 } else if (cs->clp) 3275 put_client_renew(cs->clp); 3276 } 3277 3278 __be32 3279 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3280 struct nfsd4_compound_state *cstate, 3281 union nfsd4_op_u *u) 3282 { 3283 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3284 struct nfs4_client *conf, *unconf; 3285 struct nfs4_client *clp = NULL; 3286 __be32 status = 0; 3287 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3288 3289 spin_lock(&nn->client_lock); 3290 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3291 conf = find_confirmed_client(&dc->clientid, true, nn); 3292 WARN_ON_ONCE(conf && unconf); 3293 3294 if (conf) { 3295 if (client_has_state(conf)) { 3296 status = nfserr_clientid_busy; 3297 goto out; 3298 } 3299 status = mark_client_expired_locked(conf); 3300 if (status) 3301 goto out; 3302 clp = conf; 3303 } else if (unconf) 3304 clp = unconf; 3305 else { 3306 status = nfserr_stale_clientid; 3307 goto out; 3308 } 3309 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3310 clp = NULL; 3311 status = nfserr_wrong_cred; 3312 goto out; 3313 } 3314 unhash_client_locked(clp); 3315 out: 3316 spin_unlock(&nn->client_lock); 3317 if (clp) 3318 expire_client(clp); 3319 return status; 3320 } 3321 3322 __be32 3323 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3324 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3325 { 3326 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3327 __be32 status = 0; 3328 3329 if (rc->rca_one_fs) { 3330 if (!cstate->current_fh.fh_dentry) 3331 return nfserr_nofilehandle; 3332 /* 3333 * We don't take advantage of the rca_one_fs case. 3334 * That's OK, it's optional, we can safely ignore it. 3335 */ 3336 return nfs_ok; 3337 } 3338 3339 status = nfserr_complete_already; 3340 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3341 &cstate->session->se_client->cl_flags)) 3342 goto out; 3343 3344 status = nfserr_stale_clientid; 3345 if (is_client_expired(cstate->session->se_client)) 3346 /* 3347 * The following error isn't really legal. 3348 * But we only get here if the client just explicitly 3349 * destroyed the client. Surely it no longer cares what 3350 * error it gets back on an operation for the dead 3351 * client. 3352 */ 3353 goto out; 3354 3355 status = nfs_ok; 3356 nfsd4_client_record_create(cstate->session->se_client); 3357 out: 3358 return status; 3359 } 3360 3361 __be32 3362 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3363 union nfsd4_op_u *u) 3364 { 3365 struct nfsd4_setclientid *setclid = &u->setclientid; 3366 struct xdr_netobj clname = setclid->se_name; 3367 nfs4_verifier clverifier = setclid->se_verf; 3368 struct nfs4_client *conf, *new; 3369 struct nfs4_client *unconf = NULL; 3370 __be32 status; 3371 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3372 3373 new = create_client(clname, rqstp, &clverifier); 3374 if (new == NULL) 3375 return nfserr_jukebox; 3376 /* Cases below refer to rfc 3530 section 14.2.33: */ 3377 spin_lock(&nn->client_lock); 3378 conf = find_confirmed_client_by_name(&clname, nn); 3379 if (conf && client_has_state(conf)) { 3380 /* case 0: */ 3381 status = nfserr_clid_inuse; 3382 if (clp_used_exchangeid(conf)) 3383 goto out; 3384 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3385 char addr_str[INET6_ADDRSTRLEN]; 3386 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 3387 sizeof(addr_str)); 3388 dprintk("NFSD: setclientid: string in use by client " 3389 "at %s\n", addr_str); 3390 goto out; 3391 } 3392 } 3393 unconf = find_unconfirmed_client_by_name(&clname, nn); 3394 if (unconf) 3395 unhash_client_locked(unconf); 3396 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3397 /* case 1: probable callback update */ 3398 copy_clid(new, conf); 3399 gen_confirm(new, nn); 3400 } else /* case 4 (new client) or cases 2, 3 (client reboot): */ 3401 gen_clid(new, nn); 3402 new->cl_minorversion = 0; 3403 gen_callback(new, setclid, rqstp); 3404 add_to_unconfirmed(new); 3405 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3406 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3407 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3408 new = NULL; 3409 status = nfs_ok; 3410 out: 3411 spin_unlock(&nn->client_lock); 3412 if (new) 3413 free_client(new); 3414 if (unconf) 3415 expire_client(unconf); 3416 return status; 3417 } 3418 3419 3420 __be32 3421 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3422 struct nfsd4_compound_state *cstate, 3423 union nfsd4_op_u *u) 3424 { 3425 struct nfsd4_setclientid_confirm *setclientid_confirm = 3426 &u->setclientid_confirm; 3427 struct nfs4_client *conf, *unconf; 3428 struct nfs4_client *old = NULL; 3429 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3430 clientid_t * clid = &setclientid_confirm->sc_clientid; 3431 __be32 status; 3432 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3433 3434 if (STALE_CLIENTID(clid, nn)) 3435 return nfserr_stale_clientid; 3436 3437 spin_lock(&nn->client_lock); 3438 conf = find_confirmed_client(clid, false, nn); 3439 unconf = find_unconfirmed_client(clid, false, nn); 3440 /* 3441 * We try hard to give out unique clientid's, so if we get an 3442 * attempt to confirm the same clientid with a different cred, 3443 * the client may be buggy; this should never happen. 3444 * 3445 * Nevertheless, RFC 7530 recommends INUSE for this case: 3446 */ 3447 status = nfserr_clid_inuse; 3448 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3449 goto out; 3450 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3451 goto out; 3452 /* cases below refer to rfc 3530 section 14.2.34: */ 3453 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3454 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3455 /* case 2: probable retransmit */ 3456 status = nfs_ok; 3457 } else /* case 4: client hasn't noticed we rebooted yet? */ 3458 status = nfserr_stale_clientid; 3459 goto out; 3460 } 3461 status = nfs_ok; 3462 if (conf) { /* case 1: callback update */ 3463 old = unconf; 3464 unhash_client_locked(old); 3465 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3466 } else { /* case 3: normal case; new or rebooted client */ 3467 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3468 if (old) { 3469 status = nfserr_clid_inuse; 3470 if (client_has_state(old) 3471 && !same_creds(&unconf->cl_cred, 3472 &old->cl_cred)) 3473 goto out; 3474 status = mark_client_expired_locked(old); 3475 if (status) { 3476 old = NULL; 3477 goto out; 3478 } 3479 } 3480 move_to_confirmed(unconf); 3481 conf = unconf; 3482 } 3483 get_client_locked(conf); 3484 spin_unlock(&nn->client_lock); 3485 nfsd4_probe_callback(conf); 3486 spin_lock(&nn->client_lock); 3487 put_client_renew_locked(conf); 3488 out: 3489 spin_unlock(&nn->client_lock); 3490 if (old) 3491 expire_client(old); 3492 return status; 3493 } 3494 3495 static struct nfs4_file *nfsd4_alloc_file(void) 3496 { 3497 return kmem_cache_alloc(file_slab, GFP_KERNEL); 3498 } 3499 3500 /* OPEN Share state helper functions */ 3501 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 3502 struct nfs4_file *fp) 3503 { 3504 lockdep_assert_held(&state_lock); 3505 3506 refcount_set(&fp->fi_ref, 1); 3507 spin_lock_init(&fp->fi_lock); 3508 INIT_LIST_HEAD(&fp->fi_stateids); 3509 INIT_LIST_HEAD(&fp->fi_delegations); 3510 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 3511 fh_copy_shallow(&fp->fi_fhandle, fh); 3512 fp->fi_deleg_file = NULL; 3513 fp->fi_had_conflict = false; 3514 fp->fi_share_deny = 0; 3515 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 3516 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 3517 #ifdef CONFIG_NFSD_PNFS 3518 INIT_LIST_HEAD(&fp->fi_lo_states); 3519 atomic_set(&fp->fi_lo_recalls, 0); 3520 #endif 3521 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 3522 } 3523 3524 void 3525 nfsd4_free_slabs(void) 3526 { 3527 kmem_cache_destroy(client_slab); 3528 kmem_cache_destroy(openowner_slab); 3529 kmem_cache_destroy(lockowner_slab); 3530 kmem_cache_destroy(file_slab); 3531 kmem_cache_destroy(stateid_slab); 3532 kmem_cache_destroy(deleg_slab); 3533 kmem_cache_destroy(odstate_slab); 3534 } 3535 3536 int 3537 nfsd4_init_slabs(void) 3538 { 3539 client_slab = kmem_cache_create("nfsd4_clients", 3540 sizeof(struct nfs4_client), 0, 0, NULL); 3541 if (client_slab == NULL) 3542 goto out; 3543 openowner_slab = kmem_cache_create("nfsd4_openowners", 3544 sizeof(struct nfs4_openowner), 0, 0, NULL); 3545 if (openowner_slab == NULL) 3546 goto out_free_client_slab; 3547 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 3548 sizeof(struct nfs4_lockowner), 0, 0, NULL); 3549 if (lockowner_slab == NULL) 3550 goto out_free_openowner_slab; 3551 file_slab = kmem_cache_create("nfsd4_files", 3552 sizeof(struct nfs4_file), 0, 0, NULL); 3553 if (file_slab == NULL) 3554 goto out_free_lockowner_slab; 3555 stateid_slab = kmem_cache_create("nfsd4_stateids", 3556 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 3557 if (stateid_slab == NULL) 3558 goto out_free_file_slab; 3559 deleg_slab = kmem_cache_create("nfsd4_delegations", 3560 sizeof(struct nfs4_delegation), 0, 0, NULL); 3561 if (deleg_slab == NULL) 3562 goto out_free_stateid_slab; 3563 odstate_slab = kmem_cache_create("nfsd4_odstate", 3564 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 3565 if (odstate_slab == NULL) 3566 goto out_free_deleg_slab; 3567 return 0; 3568 3569 out_free_deleg_slab: 3570 kmem_cache_destroy(deleg_slab); 3571 out_free_stateid_slab: 3572 kmem_cache_destroy(stateid_slab); 3573 out_free_file_slab: 3574 kmem_cache_destroy(file_slab); 3575 out_free_lockowner_slab: 3576 kmem_cache_destroy(lockowner_slab); 3577 out_free_openowner_slab: 3578 kmem_cache_destroy(openowner_slab); 3579 out_free_client_slab: 3580 kmem_cache_destroy(client_slab); 3581 out: 3582 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 3583 return -ENOMEM; 3584 } 3585 3586 static void init_nfs4_replay(struct nfs4_replay *rp) 3587 { 3588 rp->rp_status = nfserr_serverfault; 3589 rp->rp_buflen = 0; 3590 rp->rp_buf = rp->rp_ibuf; 3591 mutex_init(&rp->rp_mutex); 3592 } 3593 3594 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 3595 struct nfs4_stateowner *so) 3596 { 3597 if (!nfsd4_has_session(cstate)) { 3598 mutex_lock(&so->so_replay.rp_mutex); 3599 cstate->replay_owner = nfs4_get_stateowner(so); 3600 } 3601 } 3602 3603 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 3604 { 3605 struct nfs4_stateowner *so = cstate->replay_owner; 3606 3607 if (so != NULL) { 3608 cstate->replay_owner = NULL; 3609 mutex_unlock(&so->so_replay.rp_mutex); 3610 nfs4_put_stateowner(so); 3611 } 3612 } 3613 3614 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 3615 { 3616 struct nfs4_stateowner *sop; 3617 3618 sop = kmem_cache_alloc(slab, GFP_KERNEL); 3619 if (!sop) 3620 return NULL; 3621 3622 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL); 3623 if (!sop->so_owner.data) { 3624 kmem_cache_free(slab, sop); 3625 return NULL; 3626 } 3627 sop->so_owner.len = owner->len; 3628 3629 INIT_LIST_HEAD(&sop->so_stateids); 3630 sop->so_client = clp; 3631 init_nfs4_replay(&sop->so_replay); 3632 atomic_set(&sop->so_count, 1); 3633 return sop; 3634 } 3635 3636 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 3637 { 3638 lockdep_assert_held(&clp->cl_lock); 3639 3640 list_add(&oo->oo_owner.so_strhash, 3641 &clp->cl_ownerstr_hashtbl[strhashval]); 3642 list_add(&oo->oo_perclient, &clp->cl_openowners); 3643 } 3644 3645 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 3646 { 3647 unhash_openowner_locked(openowner(so)); 3648 } 3649 3650 static void nfs4_free_openowner(struct nfs4_stateowner *so) 3651 { 3652 struct nfs4_openowner *oo = openowner(so); 3653 3654 kmem_cache_free(openowner_slab, oo); 3655 } 3656 3657 static const struct nfs4_stateowner_operations openowner_ops = { 3658 .so_unhash = nfs4_unhash_openowner, 3659 .so_free = nfs4_free_openowner, 3660 }; 3661 3662 static struct nfs4_ol_stateid * 3663 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3664 { 3665 struct nfs4_ol_stateid *local, *ret = NULL; 3666 struct nfs4_openowner *oo = open->op_openowner; 3667 3668 lockdep_assert_held(&fp->fi_lock); 3669 3670 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3671 /* ignore lock owners */ 3672 if (local->st_stateowner->so_is_open_owner == 0) 3673 continue; 3674 if (local->st_stateowner != &oo->oo_owner) 3675 continue; 3676 if (local->st_stid.sc_type == NFS4_OPEN_STID) { 3677 ret = local; 3678 refcount_inc(&ret->st_stid.sc_count); 3679 break; 3680 } 3681 } 3682 return ret; 3683 } 3684 3685 static __be32 3686 nfsd4_verify_open_stid(struct nfs4_stid *s) 3687 { 3688 __be32 ret = nfs_ok; 3689 3690 switch (s->sc_type) { 3691 default: 3692 break; 3693 case 0: 3694 case NFS4_CLOSED_STID: 3695 case NFS4_CLOSED_DELEG_STID: 3696 ret = nfserr_bad_stateid; 3697 break; 3698 case NFS4_REVOKED_DELEG_STID: 3699 ret = nfserr_deleg_revoked; 3700 } 3701 return ret; 3702 } 3703 3704 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 3705 static __be32 3706 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 3707 { 3708 __be32 ret; 3709 3710 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 3711 ret = nfsd4_verify_open_stid(&stp->st_stid); 3712 if (ret != nfs_ok) 3713 mutex_unlock(&stp->st_mutex); 3714 return ret; 3715 } 3716 3717 static struct nfs4_ol_stateid * 3718 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3719 { 3720 struct nfs4_ol_stateid *stp; 3721 for (;;) { 3722 spin_lock(&fp->fi_lock); 3723 stp = nfsd4_find_existing_open(fp, open); 3724 spin_unlock(&fp->fi_lock); 3725 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 3726 break; 3727 nfs4_put_stid(&stp->st_stid); 3728 } 3729 return stp; 3730 } 3731 3732 static struct nfs4_openowner * 3733 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 3734 struct nfsd4_compound_state *cstate) 3735 { 3736 struct nfs4_client *clp = cstate->clp; 3737 struct nfs4_openowner *oo, *ret; 3738 3739 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 3740 if (!oo) 3741 return NULL; 3742 oo->oo_owner.so_ops = &openowner_ops; 3743 oo->oo_owner.so_is_open_owner = 1; 3744 oo->oo_owner.so_seqid = open->op_seqid; 3745 oo->oo_flags = 0; 3746 if (nfsd4_has_session(cstate)) 3747 oo->oo_flags |= NFS4_OO_CONFIRMED; 3748 oo->oo_time = 0; 3749 oo->oo_last_closed_stid = NULL; 3750 INIT_LIST_HEAD(&oo->oo_close_lru); 3751 spin_lock(&clp->cl_lock); 3752 ret = find_openstateowner_str_locked(strhashval, open, clp); 3753 if (ret == NULL) { 3754 hash_openowner(oo, clp, strhashval); 3755 ret = oo; 3756 } else 3757 nfs4_free_stateowner(&oo->oo_owner); 3758 3759 spin_unlock(&clp->cl_lock); 3760 return ret; 3761 } 3762 3763 static struct nfs4_ol_stateid * 3764 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 3765 { 3766 3767 struct nfs4_openowner *oo = open->op_openowner; 3768 struct nfs4_ol_stateid *retstp = NULL; 3769 struct nfs4_ol_stateid *stp; 3770 3771 stp = open->op_stp; 3772 /* We are moving these outside of the spinlocks to avoid the warnings */ 3773 mutex_init(&stp->st_mutex); 3774 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 3775 3776 retry: 3777 spin_lock(&oo->oo_owner.so_client->cl_lock); 3778 spin_lock(&fp->fi_lock); 3779 3780 retstp = nfsd4_find_existing_open(fp, open); 3781 if (retstp) 3782 goto out_unlock; 3783 3784 open->op_stp = NULL; 3785 refcount_inc(&stp->st_stid.sc_count); 3786 stp->st_stid.sc_type = NFS4_OPEN_STID; 3787 INIT_LIST_HEAD(&stp->st_locks); 3788 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 3789 get_nfs4_file(fp); 3790 stp->st_stid.sc_file = fp; 3791 stp->st_access_bmap = 0; 3792 stp->st_deny_bmap = 0; 3793 stp->st_openstp = NULL; 3794 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 3795 list_add(&stp->st_perfile, &fp->fi_stateids); 3796 3797 out_unlock: 3798 spin_unlock(&fp->fi_lock); 3799 spin_unlock(&oo->oo_owner.so_client->cl_lock); 3800 if (retstp) { 3801 /* Handle races with CLOSE */ 3802 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 3803 nfs4_put_stid(&retstp->st_stid); 3804 goto retry; 3805 } 3806 /* To keep mutex tracking happy */ 3807 mutex_unlock(&stp->st_mutex); 3808 stp = retstp; 3809 } 3810 return stp; 3811 } 3812 3813 /* 3814 * In the 4.0 case we need to keep the owners around a little while to handle 3815 * CLOSE replay. We still do need to release any file access that is held by 3816 * them before returning however. 3817 */ 3818 static void 3819 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 3820 { 3821 struct nfs4_ol_stateid *last; 3822 struct nfs4_openowner *oo = openowner(s->st_stateowner); 3823 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 3824 nfsd_net_id); 3825 3826 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 3827 3828 /* 3829 * We know that we hold one reference via nfsd4_close, and another 3830 * "persistent" reference for the client. If the refcount is higher 3831 * than 2, then there are still calls in progress that are using this 3832 * stateid. We can't put the sc_file reference until they are finished. 3833 * Wait for the refcount to drop to 2. Since it has been unhashed, 3834 * there should be no danger of the refcount going back up again at 3835 * this point. 3836 */ 3837 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 3838 3839 release_all_access(s); 3840 if (s->st_stid.sc_file) { 3841 put_nfs4_file(s->st_stid.sc_file); 3842 s->st_stid.sc_file = NULL; 3843 } 3844 3845 spin_lock(&nn->client_lock); 3846 last = oo->oo_last_closed_stid; 3847 oo->oo_last_closed_stid = s; 3848 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 3849 oo->oo_time = get_seconds(); 3850 spin_unlock(&nn->client_lock); 3851 if (last) 3852 nfs4_put_stid(&last->st_stid); 3853 } 3854 3855 /* search file_hashtbl[] for file */ 3856 static struct nfs4_file * 3857 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 3858 { 3859 struct nfs4_file *fp; 3860 3861 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) { 3862 if (fh_match(&fp->fi_fhandle, fh)) { 3863 if (refcount_inc_not_zero(&fp->fi_ref)) 3864 return fp; 3865 } 3866 } 3867 return NULL; 3868 } 3869 3870 struct nfs4_file * 3871 find_file(struct knfsd_fh *fh) 3872 { 3873 struct nfs4_file *fp; 3874 unsigned int hashval = file_hashval(fh); 3875 3876 rcu_read_lock(); 3877 fp = find_file_locked(fh, hashval); 3878 rcu_read_unlock(); 3879 return fp; 3880 } 3881 3882 static struct nfs4_file * 3883 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 3884 { 3885 struct nfs4_file *fp; 3886 unsigned int hashval = file_hashval(fh); 3887 3888 rcu_read_lock(); 3889 fp = find_file_locked(fh, hashval); 3890 rcu_read_unlock(); 3891 if (fp) 3892 return fp; 3893 3894 spin_lock(&state_lock); 3895 fp = find_file_locked(fh, hashval); 3896 if (likely(fp == NULL)) { 3897 nfsd4_init_file(fh, hashval, new); 3898 fp = new; 3899 } 3900 spin_unlock(&state_lock); 3901 3902 return fp; 3903 } 3904 3905 /* 3906 * Called to check deny when READ with all zero stateid or 3907 * WRITE with all zero or all one stateid 3908 */ 3909 static __be32 3910 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 3911 { 3912 struct nfs4_file *fp; 3913 __be32 ret = nfs_ok; 3914 3915 fp = find_file(¤t_fh->fh_handle); 3916 if (!fp) 3917 return ret; 3918 /* Check for conflicting share reservations */ 3919 spin_lock(&fp->fi_lock); 3920 if (fp->fi_share_deny & deny_type) 3921 ret = nfserr_locked; 3922 spin_unlock(&fp->fi_lock); 3923 put_nfs4_file(fp); 3924 return ret; 3925 } 3926 3927 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 3928 { 3929 struct nfs4_delegation *dp = cb_to_delegation(cb); 3930 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 3931 nfsd_net_id); 3932 3933 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 3934 3935 /* 3936 * We can't do this in nfsd_break_deleg_cb because it is 3937 * already holding inode->i_lock. 3938 * 3939 * If the dl_time != 0, then we know that it has already been 3940 * queued for a lease break. Don't queue it again. 3941 */ 3942 spin_lock(&state_lock); 3943 if (dp->dl_time == 0) { 3944 dp->dl_time = get_seconds(); 3945 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 3946 } 3947 spin_unlock(&state_lock); 3948 } 3949 3950 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 3951 struct rpc_task *task) 3952 { 3953 struct nfs4_delegation *dp = cb_to_delegation(cb); 3954 3955 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 3956 return 1; 3957 3958 switch (task->tk_status) { 3959 case 0: 3960 return 1; 3961 case -EBADHANDLE: 3962 case -NFS4ERR_BAD_STATEID: 3963 /* 3964 * Race: client probably got cb_recall before open reply 3965 * granting delegation. 3966 */ 3967 if (dp->dl_retries--) { 3968 rpc_delay(task, 2 * HZ); 3969 return 0; 3970 } 3971 /*FALLTHRU*/ 3972 default: 3973 return -1; 3974 } 3975 } 3976 3977 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 3978 { 3979 struct nfs4_delegation *dp = cb_to_delegation(cb); 3980 3981 nfs4_put_stid(&dp->dl_stid); 3982 } 3983 3984 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 3985 .prepare = nfsd4_cb_recall_prepare, 3986 .done = nfsd4_cb_recall_done, 3987 .release = nfsd4_cb_recall_release, 3988 }; 3989 3990 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 3991 { 3992 /* 3993 * We're assuming the state code never drops its reference 3994 * without first removing the lease. Since we're in this lease 3995 * callback (and since the lease code is serialized by the 3996 * i_lock) we know the server hasn't removed the lease yet, and 3997 * we know it's safe to take a reference. 3998 */ 3999 refcount_inc(&dp->dl_stid.sc_count); 4000 nfsd4_run_cb(&dp->dl_recall); 4001 } 4002 4003 /* Called from break_lease() with i_lock held. */ 4004 static bool 4005 nfsd_break_deleg_cb(struct file_lock *fl) 4006 { 4007 bool ret = false; 4008 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner; 4009 struct nfs4_file *fp = dp->dl_stid.sc_file; 4010 4011 /* 4012 * We don't want the locks code to timeout the lease for us; 4013 * we'll remove it ourself if a delegation isn't returned 4014 * in time: 4015 */ 4016 fl->fl_break_time = 0; 4017 4018 spin_lock(&fp->fi_lock); 4019 fp->fi_had_conflict = true; 4020 nfsd_break_one_deleg(dp); 4021 spin_unlock(&fp->fi_lock); 4022 return ret; 4023 } 4024 4025 static int 4026 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 4027 struct list_head *dispose) 4028 { 4029 if (arg & F_UNLCK) 4030 return lease_modify(onlist, arg, dispose); 4031 else 4032 return -EAGAIN; 4033 } 4034 4035 static const struct lock_manager_operations nfsd_lease_mng_ops = { 4036 .lm_break = nfsd_break_deleg_cb, 4037 .lm_change = nfsd_change_deleg_cb, 4038 }; 4039 4040 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 4041 { 4042 if (nfsd4_has_session(cstate)) 4043 return nfs_ok; 4044 if (seqid == so->so_seqid - 1) 4045 return nfserr_replay_me; 4046 if (seqid == so->so_seqid) 4047 return nfs_ok; 4048 return nfserr_bad_seqid; 4049 } 4050 4051 static __be32 lookup_clientid(clientid_t *clid, 4052 struct nfsd4_compound_state *cstate, 4053 struct nfsd_net *nn) 4054 { 4055 struct nfs4_client *found; 4056 4057 if (cstate->clp) { 4058 found = cstate->clp; 4059 if (!same_clid(&found->cl_clientid, clid)) 4060 return nfserr_stale_clientid; 4061 return nfs_ok; 4062 } 4063 4064 if (STALE_CLIENTID(clid, nn)) 4065 return nfserr_stale_clientid; 4066 4067 /* 4068 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 4069 * cached already then we know this is for is for v4.0 and "sessions" 4070 * will be false. 4071 */ 4072 WARN_ON_ONCE(cstate->session); 4073 spin_lock(&nn->client_lock); 4074 found = find_confirmed_client(clid, false, nn); 4075 if (!found) { 4076 spin_unlock(&nn->client_lock); 4077 return nfserr_expired; 4078 } 4079 atomic_inc(&found->cl_refcount); 4080 spin_unlock(&nn->client_lock); 4081 4082 /* Cache the nfs4_client in cstate! */ 4083 cstate->clp = found; 4084 return nfs_ok; 4085 } 4086 4087 __be32 4088 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 4089 struct nfsd4_open *open, struct nfsd_net *nn) 4090 { 4091 clientid_t *clientid = &open->op_clientid; 4092 struct nfs4_client *clp = NULL; 4093 unsigned int strhashval; 4094 struct nfs4_openowner *oo = NULL; 4095 __be32 status; 4096 4097 if (STALE_CLIENTID(&open->op_clientid, nn)) 4098 return nfserr_stale_clientid; 4099 /* 4100 * In case we need it later, after we've already created the 4101 * file and don't want to risk a further failure: 4102 */ 4103 open->op_file = nfsd4_alloc_file(); 4104 if (open->op_file == NULL) 4105 return nfserr_jukebox; 4106 4107 status = lookup_clientid(clientid, cstate, nn); 4108 if (status) 4109 return status; 4110 clp = cstate->clp; 4111 4112 strhashval = ownerstr_hashval(&open->op_owner); 4113 oo = find_openstateowner_str(strhashval, open, clp); 4114 open->op_openowner = oo; 4115 if (!oo) { 4116 goto new_owner; 4117 } 4118 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4119 /* Replace unconfirmed owners without checking for replay. */ 4120 release_openowner(oo); 4121 open->op_openowner = NULL; 4122 goto new_owner; 4123 } 4124 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 4125 if (status) 4126 return status; 4127 goto alloc_stateid; 4128 new_owner: 4129 oo = alloc_init_open_stateowner(strhashval, open, cstate); 4130 if (oo == NULL) 4131 return nfserr_jukebox; 4132 open->op_openowner = oo; 4133 alloc_stateid: 4134 open->op_stp = nfs4_alloc_open_stateid(clp); 4135 if (!open->op_stp) 4136 return nfserr_jukebox; 4137 4138 if (nfsd4_has_session(cstate) && 4139 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 4140 open->op_odstate = alloc_clnt_odstate(clp); 4141 if (!open->op_odstate) 4142 return nfserr_jukebox; 4143 } 4144 4145 return nfs_ok; 4146 } 4147 4148 static inline __be32 4149 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4150 { 4151 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4152 return nfserr_openmode; 4153 else 4154 return nfs_ok; 4155 } 4156 4157 static int share_access_to_flags(u32 share_access) 4158 { 4159 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4160 } 4161 4162 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4163 { 4164 struct nfs4_stid *ret; 4165 4166 ret = find_stateid_by_type(cl, s, 4167 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4168 if (!ret) 4169 return NULL; 4170 return delegstateid(ret); 4171 } 4172 4173 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4174 { 4175 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4176 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4177 } 4178 4179 static __be32 4180 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4181 struct nfs4_delegation **dp) 4182 { 4183 int flags; 4184 __be32 status = nfserr_bad_stateid; 4185 struct nfs4_delegation *deleg; 4186 4187 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4188 if (deleg == NULL) 4189 goto out; 4190 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4191 nfs4_put_stid(&deleg->dl_stid); 4192 if (cl->cl_minorversion) 4193 status = nfserr_deleg_revoked; 4194 goto out; 4195 } 4196 flags = share_access_to_flags(open->op_share_access); 4197 status = nfs4_check_delegmode(deleg, flags); 4198 if (status) { 4199 nfs4_put_stid(&deleg->dl_stid); 4200 goto out; 4201 } 4202 *dp = deleg; 4203 out: 4204 if (!nfsd4_is_deleg_cur(open)) 4205 return nfs_ok; 4206 if (status) 4207 return status; 4208 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4209 return nfs_ok; 4210 } 4211 4212 static inline int nfs4_access_to_access(u32 nfs4_access) 4213 { 4214 int flags = 0; 4215 4216 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4217 flags |= NFSD_MAY_READ; 4218 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4219 flags |= NFSD_MAY_WRITE; 4220 return flags; 4221 } 4222 4223 static inline __be32 4224 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4225 struct nfsd4_open *open) 4226 { 4227 struct iattr iattr = { 4228 .ia_valid = ATTR_SIZE, 4229 .ia_size = 0, 4230 }; 4231 if (!open->op_truncate) 4232 return 0; 4233 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4234 return nfserr_inval; 4235 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 4236 } 4237 4238 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4239 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4240 struct nfsd4_open *open) 4241 { 4242 struct file *filp = NULL; 4243 __be32 status; 4244 int oflag = nfs4_access_to_omode(open->op_share_access); 4245 int access = nfs4_access_to_access(open->op_share_access); 4246 unsigned char old_access_bmap, old_deny_bmap; 4247 4248 spin_lock(&fp->fi_lock); 4249 4250 /* 4251 * Are we trying to set a deny mode that would conflict with 4252 * current access? 4253 */ 4254 status = nfs4_file_check_deny(fp, open->op_share_deny); 4255 if (status != nfs_ok) { 4256 spin_unlock(&fp->fi_lock); 4257 goto out; 4258 } 4259 4260 /* set access to the file */ 4261 status = nfs4_file_get_access(fp, open->op_share_access); 4262 if (status != nfs_ok) { 4263 spin_unlock(&fp->fi_lock); 4264 goto out; 4265 } 4266 4267 /* Set access bits in stateid */ 4268 old_access_bmap = stp->st_access_bmap; 4269 set_access(open->op_share_access, stp); 4270 4271 /* Set new deny mask */ 4272 old_deny_bmap = stp->st_deny_bmap; 4273 set_deny(open->op_share_deny, stp); 4274 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4275 4276 if (!fp->fi_fds[oflag]) { 4277 spin_unlock(&fp->fi_lock); 4278 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp); 4279 if (status) 4280 goto out_put_access; 4281 spin_lock(&fp->fi_lock); 4282 if (!fp->fi_fds[oflag]) { 4283 fp->fi_fds[oflag] = filp; 4284 filp = NULL; 4285 } 4286 } 4287 spin_unlock(&fp->fi_lock); 4288 if (filp) 4289 fput(filp); 4290 4291 status = nfsd4_truncate(rqstp, cur_fh, open); 4292 if (status) 4293 goto out_put_access; 4294 out: 4295 return status; 4296 out_put_access: 4297 stp->st_access_bmap = old_access_bmap; 4298 nfs4_file_put_access(fp, open->op_share_access); 4299 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4300 goto out; 4301 } 4302 4303 static __be32 4304 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4305 { 4306 __be32 status; 4307 unsigned char old_deny_bmap = stp->st_deny_bmap; 4308 4309 if (!test_access(open->op_share_access, stp)) 4310 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4311 4312 /* test and set deny mode */ 4313 spin_lock(&fp->fi_lock); 4314 status = nfs4_file_check_deny(fp, open->op_share_deny); 4315 if (status == nfs_ok) { 4316 set_deny(open->op_share_deny, stp); 4317 fp->fi_share_deny |= 4318 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4319 } 4320 spin_unlock(&fp->fi_lock); 4321 4322 if (status != nfs_ok) 4323 return status; 4324 4325 status = nfsd4_truncate(rqstp, cur_fh, open); 4326 if (status != nfs_ok) 4327 reset_union_bmap_deny(old_deny_bmap, stp); 4328 return status; 4329 } 4330 4331 /* Should we give out recallable state?: */ 4332 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4333 { 4334 if (clp->cl_cb_state == NFSD4_CB_UP) 4335 return true; 4336 /* 4337 * In the sessions case, since we don't have to establish a 4338 * separate connection for callbacks, we assume it's OK 4339 * until we hear otherwise: 4340 */ 4341 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4342 } 4343 4344 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 4345 int flag) 4346 { 4347 struct file_lock *fl; 4348 4349 fl = locks_alloc_lock(); 4350 if (!fl) 4351 return NULL; 4352 fl->fl_lmops = &nfsd_lease_mng_ops; 4353 fl->fl_flags = FL_DELEG; 4354 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4355 fl->fl_end = OFFSET_MAX; 4356 fl->fl_owner = (fl_owner_t)dp; 4357 fl->fl_pid = current->tgid; 4358 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file; 4359 return fl; 4360 } 4361 4362 static struct nfs4_delegation * 4363 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4364 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4365 { 4366 int status = 0; 4367 struct nfs4_delegation *dp; 4368 struct file *filp; 4369 struct file_lock *fl; 4370 4371 /* 4372 * The fi_had_conflict and nfs_get_existing_delegation checks 4373 * here are just optimizations; we'll need to recheck them at 4374 * the end: 4375 */ 4376 if (fp->fi_had_conflict) 4377 return ERR_PTR(-EAGAIN); 4378 4379 filp = find_readable_file(fp); 4380 if (!filp) { 4381 /* We should always have a readable file here */ 4382 WARN_ON_ONCE(1); 4383 return ERR_PTR(-EBADF); 4384 } 4385 spin_lock(&state_lock); 4386 spin_lock(&fp->fi_lock); 4387 if (nfs4_delegation_exists(clp, fp)) 4388 status = -EAGAIN; 4389 else if (!fp->fi_deleg_file) { 4390 fp->fi_deleg_file = filp; 4391 /* increment early to prevent fi_deleg_file from being 4392 * cleared */ 4393 fp->fi_delegees = 1; 4394 filp = NULL; 4395 } else 4396 fp->fi_delegees++; 4397 spin_unlock(&fp->fi_lock); 4398 spin_unlock(&state_lock); 4399 if (filp) 4400 fput(filp); 4401 if (status) 4402 return ERR_PTR(status); 4403 4404 status = -ENOMEM; 4405 dp = alloc_init_deleg(clp, fp, fh, odstate); 4406 if (!dp) 4407 goto out_delegees; 4408 4409 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 4410 if (!fl) 4411 goto out_clnt_odstate; 4412 4413 status = vfs_setlease(fp->fi_deleg_file, fl->fl_type, &fl, NULL); 4414 if (fl) 4415 locks_free_lock(fl); 4416 if (status) 4417 goto out_clnt_odstate; 4418 4419 spin_lock(&state_lock); 4420 spin_lock(&fp->fi_lock); 4421 if (fp->fi_had_conflict) 4422 status = -EAGAIN; 4423 else 4424 status = hash_delegation_locked(dp, fp); 4425 spin_unlock(&fp->fi_lock); 4426 spin_unlock(&state_lock); 4427 4428 if (status) 4429 goto out_unlock; 4430 4431 return dp; 4432 out_unlock: 4433 vfs_setlease(fp->fi_deleg_file, F_UNLCK, NULL, (void **)&dp); 4434 out_clnt_odstate: 4435 put_clnt_odstate(dp->dl_clnt_odstate); 4436 nfs4_put_stid(&dp->dl_stid); 4437 out_delegees: 4438 put_deleg_file(fp); 4439 return ERR_PTR(status); 4440 } 4441 4442 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 4443 { 4444 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4445 if (status == -EAGAIN) 4446 open->op_why_no_deleg = WND4_CONTENTION; 4447 else { 4448 open->op_why_no_deleg = WND4_RESOURCE; 4449 switch (open->op_deleg_want) { 4450 case NFS4_SHARE_WANT_READ_DELEG: 4451 case NFS4_SHARE_WANT_WRITE_DELEG: 4452 case NFS4_SHARE_WANT_ANY_DELEG: 4453 break; 4454 case NFS4_SHARE_WANT_CANCEL: 4455 open->op_why_no_deleg = WND4_CANCELLED; 4456 break; 4457 case NFS4_SHARE_WANT_NO_DELEG: 4458 WARN_ON_ONCE(1); 4459 } 4460 } 4461 } 4462 4463 /* 4464 * Attempt to hand out a delegation. 4465 * 4466 * Note we don't support write delegations, and won't until the vfs has 4467 * proper support for them. 4468 */ 4469 static void 4470 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 4471 struct nfs4_ol_stateid *stp) 4472 { 4473 struct nfs4_delegation *dp; 4474 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 4475 struct nfs4_client *clp = stp->st_stid.sc_client; 4476 int cb_up; 4477 int status = 0; 4478 4479 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 4480 open->op_recall = 0; 4481 switch (open->op_claim_type) { 4482 case NFS4_OPEN_CLAIM_PREVIOUS: 4483 if (!cb_up) 4484 open->op_recall = 1; 4485 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 4486 goto out_no_deleg; 4487 break; 4488 case NFS4_OPEN_CLAIM_NULL: 4489 case NFS4_OPEN_CLAIM_FH: 4490 /* 4491 * Let's not give out any delegations till everyone's 4492 * had the chance to reclaim theirs, *and* until 4493 * NLM locks have all been reclaimed: 4494 */ 4495 if (locks_in_grace(clp->net)) 4496 goto out_no_deleg; 4497 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 4498 goto out_no_deleg; 4499 /* 4500 * Also, if the file was opened for write or 4501 * create, there's a good chance the client's 4502 * about to write to it, resulting in an 4503 * immediate recall (since we don't support 4504 * write delegations): 4505 */ 4506 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 4507 goto out_no_deleg; 4508 if (open->op_create == NFS4_OPEN_CREATE) 4509 goto out_no_deleg; 4510 break; 4511 default: 4512 goto out_no_deleg; 4513 } 4514 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 4515 if (IS_ERR(dp)) 4516 goto out_no_deleg; 4517 4518 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 4519 4520 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 4521 STATEID_VAL(&dp->dl_stid.sc_stateid)); 4522 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 4523 nfs4_put_stid(&dp->dl_stid); 4524 return; 4525 out_no_deleg: 4526 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 4527 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 4528 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 4529 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 4530 open->op_recall = 1; 4531 } 4532 4533 /* 4.1 client asking for a delegation? */ 4534 if (open->op_deleg_want) 4535 nfsd4_open_deleg_none_ext(open, status); 4536 return; 4537 } 4538 4539 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 4540 struct nfs4_delegation *dp) 4541 { 4542 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 4543 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4544 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4545 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 4546 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 4547 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4548 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4549 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 4550 } 4551 /* Otherwise the client must be confused wanting a delegation 4552 * it already has, therefore we don't return 4553 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 4554 */ 4555 } 4556 4557 __be32 4558 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 4559 { 4560 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4561 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 4562 struct nfs4_file *fp = NULL; 4563 struct nfs4_ol_stateid *stp = NULL; 4564 struct nfs4_delegation *dp = NULL; 4565 __be32 status; 4566 bool new_stp = false; 4567 4568 /* 4569 * Lookup file; if found, lookup stateid and check open request, 4570 * and check for delegations in the process of being recalled. 4571 * If not found, create the nfs4_file struct 4572 */ 4573 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 4574 if (fp != open->op_file) { 4575 status = nfs4_check_deleg(cl, open, &dp); 4576 if (status) 4577 goto out; 4578 stp = nfsd4_find_and_lock_existing_open(fp, open); 4579 } else { 4580 open->op_file = NULL; 4581 status = nfserr_bad_stateid; 4582 if (nfsd4_is_deleg_cur(open)) 4583 goto out; 4584 } 4585 4586 if (!stp) { 4587 stp = init_open_stateid(fp, open); 4588 if (!open->op_stp) 4589 new_stp = true; 4590 } 4591 4592 /* 4593 * OPEN the file, or upgrade an existing OPEN. 4594 * If truncate fails, the OPEN fails. 4595 * 4596 * stp is already locked. 4597 */ 4598 if (!new_stp) { 4599 /* Stateid was found, this is an OPEN upgrade */ 4600 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 4601 if (status) { 4602 mutex_unlock(&stp->st_mutex); 4603 goto out; 4604 } 4605 } else { 4606 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 4607 if (status) { 4608 stp->st_stid.sc_type = NFS4_CLOSED_STID; 4609 release_open_stateid(stp); 4610 mutex_unlock(&stp->st_mutex); 4611 goto out; 4612 } 4613 4614 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 4615 open->op_odstate); 4616 if (stp->st_clnt_odstate == open->op_odstate) 4617 open->op_odstate = NULL; 4618 } 4619 4620 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 4621 mutex_unlock(&stp->st_mutex); 4622 4623 if (nfsd4_has_session(&resp->cstate)) { 4624 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 4625 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4626 open->op_why_no_deleg = WND4_NOT_WANTED; 4627 goto nodeleg; 4628 } 4629 } 4630 4631 /* 4632 * Attempt to hand out a delegation. No error return, because the 4633 * OPEN succeeds even if we fail. 4634 */ 4635 nfs4_open_delegation(current_fh, open, stp); 4636 nodeleg: 4637 status = nfs_ok; 4638 4639 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 4640 STATEID_VAL(&stp->st_stid.sc_stateid)); 4641 out: 4642 /* 4.1 client trying to upgrade/downgrade delegation? */ 4643 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 4644 open->op_deleg_want) 4645 nfsd4_deleg_xgrade_none_ext(open, dp); 4646 4647 if (fp) 4648 put_nfs4_file(fp); 4649 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 4650 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4651 /* 4652 * To finish the open response, we just need to set the rflags. 4653 */ 4654 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 4655 if (nfsd4_has_session(&resp->cstate)) 4656 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 4657 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 4658 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 4659 4660 if (dp) 4661 nfs4_put_stid(&dp->dl_stid); 4662 if (stp) 4663 nfs4_put_stid(&stp->st_stid); 4664 4665 return status; 4666 } 4667 4668 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 4669 struct nfsd4_open *open) 4670 { 4671 if (open->op_openowner) { 4672 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 4673 4674 nfsd4_cstate_assign_replay(cstate, so); 4675 nfs4_put_stateowner(so); 4676 } 4677 if (open->op_file) 4678 kmem_cache_free(file_slab, open->op_file); 4679 if (open->op_stp) 4680 nfs4_put_stid(&open->op_stp->st_stid); 4681 if (open->op_odstate) 4682 kmem_cache_free(odstate_slab, open->op_odstate); 4683 } 4684 4685 __be32 4686 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4687 union nfsd4_op_u *u) 4688 { 4689 clientid_t *clid = &u->renew; 4690 struct nfs4_client *clp; 4691 __be32 status; 4692 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4693 4694 dprintk("process_renew(%08x/%08x): starting\n", 4695 clid->cl_boot, clid->cl_id); 4696 status = lookup_clientid(clid, cstate, nn); 4697 if (status) 4698 goto out; 4699 clp = cstate->clp; 4700 status = nfserr_cb_path_down; 4701 if (!list_empty(&clp->cl_delegations) 4702 && clp->cl_cb_state != NFSD4_CB_UP) 4703 goto out; 4704 status = nfs_ok; 4705 out: 4706 return status; 4707 } 4708 4709 void 4710 nfsd4_end_grace(struct nfsd_net *nn) 4711 { 4712 /* do nothing if grace period already ended */ 4713 if (nn->grace_ended) 4714 return; 4715 4716 dprintk("NFSD: end of grace period\n"); 4717 nn->grace_ended = true; 4718 /* 4719 * If the server goes down again right now, an NFSv4 4720 * client will still be allowed to reclaim after it comes back up, 4721 * even if it hasn't yet had a chance to reclaim state this time. 4722 * 4723 */ 4724 nfsd4_record_grace_done(nn); 4725 /* 4726 * At this point, NFSv4 clients can still reclaim. But if the 4727 * server crashes, any that have not yet reclaimed will be out 4728 * of luck on the next boot. 4729 * 4730 * (NFSv4.1+ clients are considered to have reclaimed once they 4731 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 4732 * have reclaimed after their first OPEN.) 4733 */ 4734 locks_end_grace(&nn->nfsd4_manager); 4735 /* 4736 * At this point, and once lockd and/or any other containers 4737 * exit their grace period, further reclaims will fail and 4738 * regular locking can resume. 4739 */ 4740 } 4741 4742 /* 4743 * If we've waited a lease period but there are still clients trying to 4744 * reclaim, wait a little longer to give them a chance to finish. 4745 */ 4746 static bool clients_still_reclaiming(struct nfsd_net *nn) 4747 { 4748 unsigned long now = get_seconds(); 4749 unsigned long double_grace_period_end = nn->boot_time + 4750 2 * nn->nfsd4_lease; 4751 4752 if (!nn->somebody_reclaimed) 4753 return false; 4754 nn->somebody_reclaimed = false; 4755 /* 4756 * If we've given them *two* lease times to reclaim, and they're 4757 * still not done, give up: 4758 */ 4759 if (time_after(now, double_grace_period_end)) 4760 return false; 4761 return true; 4762 } 4763 4764 static time_t 4765 nfs4_laundromat(struct nfsd_net *nn) 4766 { 4767 struct nfs4_client *clp; 4768 struct nfs4_openowner *oo; 4769 struct nfs4_delegation *dp; 4770 struct nfs4_ol_stateid *stp; 4771 struct nfsd4_blocked_lock *nbl; 4772 struct list_head *pos, *next, reaplist; 4773 time_t cutoff = get_seconds() - nn->nfsd4_lease; 4774 time_t t, new_timeo = nn->nfsd4_lease; 4775 4776 dprintk("NFSD: laundromat service - starting\n"); 4777 4778 if (clients_still_reclaiming(nn)) { 4779 new_timeo = 0; 4780 goto out; 4781 } 4782 nfsd4_end_grace(nn); 4783 INIT_LIST_HEAD(&reaplist); 4784 spin_lock(&nn->client_lock); 4785 list_for_each_safe(pos, next, &nn->client_lru) { 4786 clp = list_entry(pos, struct nfs4_client, cl_lru); 4787 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) { 4788 t = clp->cl_time - cutoff; 4789 new_timeo = min(new_timeo, t); 4790 break; 4791 } 4792 if (mark_client_expired_locked(clp)) { 4793 dprintk("NFSD: client in use (clientid %08x)\n", 4794 clp->cl_clientid.cl_id); 4795 continue; 4796 } 4797 list_add(&clp->cl_lru, &reaplist); 4798 } 4799 spin_unlock(&nn->client_lock); 4800 list_for_each_safe(pos, next, &reaplist) { 4801 clp = list_entry(pos, struct nfs4_client, cl_lru); 4802 dprintk("NFSD: purging unused client (clientid %08x)\n", 4803 clp->cl_clientid.cl_id); 4804 list_del_init(&clp->cl_lru); 4805 expire_client(clp); 4806 } 4807 spin_lock(&state_lock); 4808 list_for_each_safe(pos, next, &nn->del_recall_lru) { 4809 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 4810 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) { 4811 t = dp->dl_time - cutoff; 4812 new_timeo = min(new_timeo, t); 4813 break; 4814 } 4815 WARN_ON(!unhash_delegation_locked(dp)); 4816 list_add(&dp->dl_recall_lru, &reaplist); 4817 } 4818 spin_unlock(&state_lock); 4819 while (!list_empty(&reaplist)) { 4820 dp = list_first_entry(&reaplist, struct nfs4_delegation, 4821 dl_recall_lru); 4822 list_del_init(&dp->dl_recall_lru); 4823 revoke_delegation(dp); 4824 } 4825 4826 spin_lock(&nn->client_lock); 4827 while (!list_empty(&nn->close_lru)) { 4828 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 4829 oo_close_lru); 4830 if (time_after((unsigned long)oo->oo_time, 4831 (unsigned long)cutoff)) { 4832 t = oo->oo_time - cutoff; 4833 new_timeo = min(new_timeo, t); 4834 break; 4835 } 4836 list_del_init(&oo->oo_close_lru); 4837 stp = oo->oo_last_closed_stid; 4838 oo->oo_last_closed_stid = NULL; 4839 spin_unlock(&nn->client_lock); 4840 nfs4_put_stid(&stp->st_stid); 4841 spin_lock(&nn->client_lock); 4842 } 4843 spin_unlock(&nn->client_lock); 4844 4845 /* 4846 * It's possible for a client to try and acquire an already held lock 4847 * that is being held for a long time, and then lose interest in it. 4848 * So, we clean out any un-revisited request after a lease period 4849 * under the assumption that the client is no longer interested. 4850 * 4851 * RFC5661, sec. 9.6 states that the client must not rely on getting 4852 * notifications and must continue to poll for locks, even when the 4853 * server supports them. Thus this shouldn't lead to clients blocking 4854 * indefinitely once the lock does become free. 4855 */ 4856 BUG_ON(!list_empty(&reaplist)); 4857 spin_lock(&nn->blocked_locks_lock); 4858 while (!list_empty(&nn->blocked_locks_lru)) { 4859 nbl = list_first_entry(&nn->blocked_locks_lru, 4860 struct nfsd4_blocked_lock, nbl_lru); 4861 if (time_after((unsigned long)nbl->nbl_time, 4862 (unsigned long)cutoff)) { 4863 t = nbl->nbl_time - cutoff; 4864 new_timeo = min(new_timeo, t); 4865 break; 4866 } 4867 list_move(&nbl->nbl_lru, &reaplist); 4868 list_del_init(&nbl->nbl_list); 4869 } 4870 spin_unlock(&nn->blocked_locks_lock); 4871 4872 while (!list_empty(&reaplist)) { 4873 nbl = list_first_entry(&reaplist, 4874 struct nfsd4_blocked_lock, nbl_lru); 4875 list_del_init(&nbl->nbl_lru); 4876 free_blocked_lock(nbl); 4877 } 4878 out: 4879 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 4880 return new_timeo; 4881 } 4882 4883 static struct workqueue_struct *laundry_wq; 4884 static void laundromat_main(struct work_struct *); 4885 4886 static void 4887 laundromat_main(struct work_struct *laundry) 4888 { 4889 time_t t; 4890 struct delayed_work *dwork = to_delayed_work(laundry); 4891 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 4892 laundromat_work); 4893 4894 t = nfs4_laundromat(nn); 4895 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t); 4896 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 4897 } 4898 4899 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 4900 { 4901 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 4902 return nfserr_bad_stateid; 4903 return nfs_ok; 4904 } 4905 4906 static inline int 4907 access_permit_read(struct nfs4_ol_stateid *stp) 4908 { 4909 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 4910 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 4911 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 4912 } 4913 4914 static inline int 4915 access_permit_write(struct nfs4_ol_stateid *stp) 4916 { 4917 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 4918 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 4919 } 4920 4921 static 4922 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 4923 { 4924 __be32 status = nfserr_openmode; 4925 4926 /* For lock stateid's, we test the parent open, not the lock: */ 4927 if (stp->st_openstp) 4928 stp = stp->st_openstp; 4929 if ((flags & WR_STATE) && !access_permit_write(stp)) 4930 goto out; 4931 if ((flags & RD_STATE) && !access_permit_read(stp)) 4932 goto out; 4933 status = nfs_ok; 4934 out: 4935 return status; 4936 } 4937 4938 static inline __be32 4939 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 4940 { 4941 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 4942 return nfs_ok; 4943 else if (opens_in_grace(net)) { 4944 /* Answer in remaining cases depends on existence of 4945 * conflicting state; so we must wait out the grace period. */ 4946 return nfserr_grace; 4947 } else if (flags & WR_STATE) 4948 return nfs4_share_conflict(current_fh, 4949 NFS4_SHARE_DENY_WRITE); 4950 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 4951 return nfs4_share_conflict(current_fh, 4952 NFS4_SHARE_DENY_READ); 4953 } 4954 4955 /* 4956 * Allow READ/WRITE during grace period on recovered state only for files 4957 * that are not able to provide mandatory locking. 4958 */ 4959 static inline int 4960 grace_disallows_io(struct net *net, struct inode *inode) 4961 { 4962 return opens_in_grace(net) && mandatory_lock(inode); 4963 } 4964 4965 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 4966 { 4967 /* 4968 * When sessions are used the stateid generation number is ignored 4969 * when it is zero. 4970 */ 4971 if (has_session && in->si_generation == 0) 4972 return nfs_ok; 4973 4974 if (in->si_generation == ref->si_generation) 4975 return nfs_ok; 4976 4977 /* If the client sends us a stateid from the future, it's buggy: */ 4978 if (nfsd4_stateid_generation_after(in, ref)) 4979 return nfserr_bad_stateid; 4980 /* 4981 * However, we could see a stateid from the past, even from a 4982 * non-buggy client. For example, if the client sends a lock 4983 * while some IO is outstanding, the lock may bump si_generation 4984 * while the IO is still in flight. The client could avoid that 4985 * situation by waiting for responses on all the IO requests, 4986 * but better performance may result in retrying IO that 4987 * receives an old_stateid error if requests are rarely 4988 * reordered in flight: 4989 */ 4990 return nfserr_old_stateid; 4991 } 4992 4993 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 4994 { 4995 __be32 ret; 4996 4997 spin_lock(&s->sc_lock); 4998 ret = nfsd4_verify_open_stid(s); 4999 if (ret == nfs_ok) 5000 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 5001 spin_unlock(&s->sc_lock); 5002 return ret; 5003 } 5004 5005 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 5006 { 5007 if (ols->st_stateowner->so_is_open_owner && 5008 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 5009 return nfserr_bad_stateid; 5010 return nfs_ok; 5011 } 5012 5013 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 5014 { 5015 struct nfs4_stid *s; 5016 __be32 status = nfserr_bad_stateid; 5017 5018 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5019 CLOSE_STATEID(stateid)) 5020 return status; 5021 /* Client debugging aid. */ 5022 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 5023 char addr_str[INET6_ADDRSTRLEN]; 5024 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str, 5025 sizeof(addr_str)); 5026 pr_warn_ratelimited("NFSD: client %s testing state ID " 5027 "with incorrect client ID\n", addr_str); 5028 return status; 5029 } 5030 spin_lock(&cl->cl_lock); 5031 s = find_stateid_locked(cl, stateid); 5032 if (!s) 5033 goto out_unlock; 5034 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 5035 if (status) 5036 goto out_unlock; 5037 switch (s->sc_type) { 5038 case NFS4_DELEG_STID: 5039 status = nfs_ok; 5040 break; 5041 case NFS4_REVOKED_DELEG_STID: 5042 status = nfserr_deleg_revoked; 5043 break; 5044 case NFS4_OPEN_STID: 5045 case NFS4_LOCK_STID: 5046 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 5047 break; 5048 default: 5049 printk("unknown stateid type %x\n", s->sc_type); 5050 /* Fallthrough */ 5051 case NFS4_CLOSED_STID: 5052 case NFS4_CLOSED_DELEG_STID: 5053 status = nfserr_bad_stateid; 5054 } 5055 out_unlock: 5056 spin_unlock(&cl->cl_lock); 5057 return status; 5058 } 5059 5060 __be32 5061 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 5062 stateid_t *stateid, unsigned char typemask, 5063 struct nfs4_stid **s, struct nfsd_net *nn) 5064 { 5065 __be32 status; 5066 bool return_revoked = false; 5067 5068 /* 5069 * only return revoked delegations if explicitly asked. 5070 * otherwise we report revoked or bad_stateid status. 5071 */ 5072 if (typemask & NFS4_REVOKED_DELEG_STID) 5073 return_revoked = true; 5074 else if (typemask & NFS4_DELEG_STID) 5075 typemask |= NFS4_REVOKED_DELEG_STID; 5076 5077 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5078 CLOSE_STATEID(stateid)) 5079 return nfserr_bad_stateid; 5080 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); 5081 if (status == nfserr_stale_clientid) { 5082 if (cstate->session) 5083 return nfserr_bad_stateid; 5084 return nfserr_stale_stateid; 5085 } 5086 if (status) 5087 return status; 5088 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 5089 if (!*s) 5090 return nfserr_bad_stateid; 5091 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 5092 nfs4_put_stid(*s); 5093 if (cstate->minorversion) 5094 return nfserr_deleg_revoked; 5095 return nfserr_bad_stateid; 5096 } 5097 return nfs_ok; 5098 } 5099 5100 static struct file * 5101 nfs4_find_file(struct nfs4_stid *s, int flags) 5102 { 5103 if (!s) 5104 return NULL; 5105 5106 switch (s->sc_type) { 5107 case NFS4_DELEG_STID: 5108 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 5109 return NULL; 5110 return get_file(s->sc_file->fi_deleg_file); 5111 case NFS4_OPEN_STID: 5112 case NFS4_LOCK_STID: 5113 if (flags & RD_STATE) 5114 return find_readable_file(s->sc_file); 5115 else 5116 return find_writeable_file(s->sc_file); 5117 break; 5118 } 5119 5120 return NULL; 5121 } 5122 5123 static __be32 5124 nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags) 5125 { 5126 __be32 status; 5127 5128 status = nfsd4_check_openowner_confirmed(ols); 5129 if (status) 5130 return status; 5131 return nfs4_check_openmode(ols, flags); 5132 } 5133 5134 static __be32 5135 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 5136 struct file **filpp, bool *tmp_file, int flags) 5137 { 5138 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 5139 struct file *file; 5140 __be32 status; 5141 5142 file = nfs4_find_file(s, flags); 5143 if (file) { 5144 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 5145 acc | NFSD_MAY_OWNER_OVERRIDE); 5146 if (status) { 5147 fput(file); 5148 return status; 5149 } 5150 5151 *filpp = file; 5152 } else { 5153 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp); 5154 if (status) 5155 return status; 5156 5157 if (tmp_file) 5158 *tmp_file = true; 5159 } 5160 5161 return 0; 5162 } 5163 5164 /* 5165 * Checks for stateid operations 5166 */ 5167 __be32 5168 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5169 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5170 stateid_t *stateid, int flags, struct file **filpp, bool *tmp_file) 5171 { 5172 struct inode *ino = d_inode(fhp->fh_dentry); 5173 struct net *net = SVC_NET(rqstp); 5174 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5175 struct nfs4_stid *s = NULL; 5176 __be32 status; 5177 5178 if (filpp) 5179 *filpp = NULL; 5180 if (tmp_file) 5181 *tmp_file = false; 5182 5183 if (grace_disallows_io(net, ino)) 5184 return nfserr_grace; 5185 5186 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5187 status = check_special_stateids(net, fhp, stateid, flags); 5188 goto done; 5189 } 5190 5191 status = nfsd4_lookup_stateid(cstate, stateid, 5192 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5193 &s, nn); 5194 if (status) 5195 return status; 5196 status = nfsd4_stid_check_stateid_generation(stateid, s, 5197 nfsd4_has_session(cstate)); 5198 if (status) 5199 goto out; 5200 5201 switch (s->sc_type) { 5202 case NFS4_DELEG_STID: 5203 status = nfs4_check_delegmode(delegstateid(s), flags); 5204 break; 5205 case NFS4_OPEN_STID: 5206 case NFS4_LOCK_STID: 5207 status = nfs4_check_olstateid(openlockstateid(s), flags); 5208 break; 5209 default: 5210 status = nfserr_bad_stateid; 5211 break; 5212 } 5213 if (status) 5214 goto out; 5215 status = nfs4_check_fh(fhp, s); 5216 5217 done: 5218 if (!status && filpp) 5219 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags); 5220 out: 5221 if (s) 5222 nfs4_put_stid(s); 5223 return status; 5224 } 5225 5226 /* 5227 * Test if the stateid is valid 5228 */ 5229 __be32 5230 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5231 union nfsd4_op_u *u) 5232 { 5233 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5234 struct nfsd4_test_stateid_id *stateid; 5235 struct nfs4_client *cl = cstate->session->se_client; 5236 5237 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5238 stateid->ts_id_status = 5239 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5240 5241 return nfs_ok; 5242 } 5243 5244 static __be32 5245 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5246 { 5247 struct nfs4_ol_stateid *stp = openlockstateid(s); 5248 __be32 ret; 5249 5250 ret = nfsd4_lock_ol_stateid(stp); 5251 if (ret) 5252 goto out_put_stid; 5253 5254 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5255 if (ret) 5256 goto out; 5257 5258 ret = nfserr_locks_held; 5259 if (check_for_locks(stp->st_stid.sc_file, 5260 lockowner(stp->st_stateowner))) 5261 goto out; 5262 5263 release_lock_stateid(stp); 5264 ret = nfs_ok; 5265 5266 out: 5267 mutex_unlock(&stp->st_mutex); 5268 out_put_stid: 5269 nfs4_put_stid(s); 5270 return ret; 5271 } 5272 5273 __be32 5274 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5275 union nfsd4_op_u *u) 5276 { 5277 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5278 stateid_t *stateid = &free_stateid->fr_stateid; 5279 struct nfs4_stid *s; 5280 struct nfs4_delegation *dp; 5281 struct nfs4_client *cl = cstate->session->se_client; 5282 __be32 ret = nfserr_bad_stateid; 5283 5284 spin_lock(&cl->cl_lock); 5285 s = find_stateid_locked(cl, stateid); 5286 if (!s) 5287 goto out_unlock; 5288 spin_lock(&s->sc_lock); 5289 switch (s->sc_type) { 5290 case NFS4_DELEG_STID: 5291 ret = nfserr_locks_held; 5292 break; 5293 case NFS4_OPEN_STID: 5294 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5295 if (ret) 5296 break; 5297 ret = nfserr_locks_held; 5298 break; 5299 case NFS4_LOCK_STID: 5300 spin_unlock(&s->sc_lock); 5301 refcount_inc(&s->sc_count); 5302 spin_unlock(&cl->cl_lock); 5303 ret = nfsd4_free_lock_stateid(stateid, s); 5304 goto out; 5305 case NFS4_REVOKED_DELEG_STID: 5306 spin_unlock(&s->sc_lock); 5307 dp = delegstateid(s); 5308 list_del_init(&dp->dl_recall_lru); 5309 spin_unlock(&cl->cl_lock); 5310 nfs4_put_stid(s); 5311 ret = nfs_ok; 5312 goto out; 5313 /* Default falls through and returns nfserr_bad_stateid */ 5314 } 5315 spin_unlock(&s->sc_lock); 5316 out_unlock: 5317 spin_unlock(&cl->cl_lock); 5318 out: 5319 return ret; 5320 } 5321 5322 static inline int 5323 setlkflg (int type) 5324 { 5325 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5326 RD_STATE : WR_STATE; 5327 } 5328 5329 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5330 { 5331 struct svc_fh *current_fh = &cstate->current_fh; 5332 struct nfs4_stateowner *sop = stp->st_stateowner; 5333 __be32 status; 5334 5335 status = nfsd4_check_seqid(cstate, sop, seqid); 5336 if (status) 5337 return status; 5338 status = nfsd4_lock_ol_stateid(stp); 5339 if (status != nfs_ok) 5340 return status; 5341 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5342 if (status == nfs_ok) 5343 status = nfs4_check_fh(current_fh, &stp->st_stid); 5344 if (status != nfs_ok) 5345 mutex_unlock(&stp->st_mutex); 5346 return status; 5347 } 5348 5349 /* 5350 * Checks for sequence id mutating operations. 5351 */ 5352 static __be32 5353 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5354 stateid_t *stateid, char typemask, 5355 struct nfs4_ol_stateid **stpp, 5356 struct nfsd_net *nn) 5357 { 5358 __be32 status; 5359 struct nfs4_stid *s; 5360 struct nfs4_ol_stateid *stp = NULL; 5361 5362 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 5363 seqid, STATEID_VAL(stateid)); 5364 5365 *stpp = NULL; 5366 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 5367 if (status) 5368 return status; 5369 stp = openlockstateid(s); 5370 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 5371 5372 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 5373 if (!status) 5374 *stpp = stp; 5375 else 5376 nfs4_put_stid(&stp->st_stid); 5377 return status; 5378 } 5379 5380 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5381 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 5382 { 5383 __be32 status; 5384 struct nfs4_openowner *oo; 5385 struct nfs4_ol_stateid *stp; 5386 5387 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 5388 NFS4_OPEN_STID, &stp, nn); 5389 if (status) 5390 return status; 5391 oo = openowner(stp->st_stateowner); 5392 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5393 mutex_unlock(&stp->st_mutex); 5394 nfs4_put_stid(&stp->st_stid); 5395 return nfserr_bad_stateid; 5396 } 5397 *stpp = stp; 5398 return nfs_ok; 5399 } 5400 5401 __be32 5402 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5403 union nfsd4_op_u *u) 5404 { 5405 struct nfsd4_open_confirm *oc = &u->open_confirm; 5406 __be32 status; 5407 struct nfs4_openowner *oo; 5408 struct nfs4_ol_stateid *stp; 5409 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5410 5411 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 5412 cstate->current_fh.fh_dentry); 5413 5414 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 5415 if (status) 5416 return status; 5417 5418 status = nfs4_preprocess_seqid_op(cstate, 5419 oc->oc_seqid, &oc->oc_req_stateid, 5420 NFS4_OPEN_STID, &stp, nn); 5421 if (status) 5422 goto out; 5423 oo = openowner(stp->st_stateowner); 5424 status = nfserr_bad_stateid; 5425 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 5426 mutex_unlock(&stp->st_mutex); 5427 goto put_stateid; 5428 } 5429 oo->oo_flags |= NFS4_OO_CONFIRMED; 5430 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 5431 mutex_unlock(&stp->st_mutex); 5432 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 5433 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 5434 5435 nfsd4_client_record_create(oo->oo_owner.so_client); 5436 status = nfs_ok; 5437 put_stateid: 5438 nfs4_put_stid(&stp->st_stid); 5439 out: 5440 nfsd4_bump_seqid(cstate, status); 5441 return status; 5442 } 5443 5444 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 5445 { 5446 if (!test_access(access, stp)) 5447 return; 5448 nfs4_file_put_access(stp->st_stid.sc_file, access); 5449 clear_access(access, stp); 5450 } 5451 5452 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 5453 { 5454 switch (to_access) { 5455 case NFS4_SHARE_ACCESS_READ: 5456 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 5457 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5458 break; 5459 case NFS4_SHARE_ACCESS_WRITE: 5460 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 5461 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5462 break; 5463 case NFS4_SHARE_ACCESS_BOTH: 5464 break; 5465 default: 5466 WARN_ON_ONCE(1); 5467 } 5468 } 5469 5470 __be32 5471 nfsd4_open_downgrade(struct svc_rqst *rqstp, 5472 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 5473 { 5474 struct nfsd4_open_downgrade *od = &u->open_downgrade; 5475 __be32 status; 5476 struct nfs4_ol_stateid *stp; 5477 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5478 5479 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 5480 cstate->current_fh.fh_dentry); 5481 5482 /* We don't yet support WANT bits: */ 5483 if (od->od_deleg_want) 5484 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 5485 od->od_deleg_want); 5486 5487 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 5488 &od->od_stateid, &stp, nn); 5489 if (status) 5490 goto out; 5491 status = nfserr_inval; 5492 if (!test_access(od->od_share_access, stp)) { 5493 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 5494 stp->st_access_bmap, od->od_share_access); 5495 goto put_stateid; 5496 } 5497 if (!test_deny(od->od_share_deny, stp)) { 5498 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 5499 stp->st_deny_bmap, od->od_share_deny); 5500 goto put_stateid; 5501 } 5502 nfs4_stateid_downgrade(stp, od->od_share_access); 5503 reset_union_bmap_deny(od->od_share_deny, stp); 5504 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 5505 status = nfs_ok; 5506 put_stateid: 5507 mutex_unlock(&stp->st_mutex); 5508 nfs4_put_stid(&stp->st_stid); 5509 out: 5510 nfsd4_bump_seqid(cstate, status); 5511 return status; 5512 } 5513 5514 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 5515 { 5516 struct nfs4_client *clp = s->st_stid.sc_client; 5517 bool unhashed; 5518 LIST_HEAD(reaplist); 5519 5520 spin_lock(&clp->cl_lock); 5521 unhashed = unhash_open_stateid(s, &reaplist); 5522 5523 if (clp->cl_minorversion) { 5524 if (unhashed) 5525 put_ol_stateid_locked(s, &reaplist); 5526 spin_unlock(&clp->cl_lock); 5527 free_ol_stateid_reaplist(&reaplist); 5528 } else { 5529 spin_unlock(&clp->cl_lock); 5530 free_ol_stateid_reaplist(&reaplist); 5531 if (unhashed) 5532 move_to_close_lru(s, clp->net); 5533 } 5534 } 5535 5536 /* 5537 * nfs4_unlock_state() called after encode 5538 */ 5539 __be32 5540 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5541 union nfsd4_op_u *u) 5542 { 5543 struct nfsd4_close *close = &u->close; 5544 __be32 status; 5545 struct nfs4_ol_stateid *stp; 5546 struct net *net = SVC_NET(rqstp); 5547 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5548 5549 dprintk("NFSD: nfsd4_close on file %pd\n", 5550 cstate->current_fh.fh_dentry); 5551 5552 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 5553 &close->cl_stateid, 5554 NFS4_OPEN_STID|NFS4_CLOSED_STID, 5555 &stp, nn); 5556 nfsd4_bump_seqid(cstate, status); 5557 if (status) 5558 goto out; 5559 5560 stp->st_stid.sc_type = NFS4_CLOSED_STID; 5561 5562 /* 5563 * Technically we don't _really_ have to increment or copy it, since 5564 * it should just be gone after this operation and we clobber the 5565 * copied value below, but we continue to do so here just to ensure 5566 * that racing ops see that there was a state change. 5567 */ 5568 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 5569 5570 nfsd4_close_open_stateid(stp); 5571 mutex_unlock(&stp->st_mutex); 5572 5573 /* v4.1+ suggests that we send a special stateid in here, since the 5574 * clients should just ignore this anyway. Since this is not useful 5575 * for v4.0 clients either, we set it to the special close_stateid 5576 * universally. 5577 * 5578 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 5579 */ 5580 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 5581 5582 /* put reference from nfs4_preprocess_seqid_op */ 5583 nfs4_put_stid(&stp->st_stid); 5584 out: 5585 return status; 5586 } 5587 5588 __be32 5589 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5590 union nfsd4_op_u *u) 5591 { 5592 struct nfsd4_delegreturn *dr = &u->delegreturn; 5593 struct nfs4_delegation *dp; 5594 stateid_t *stateid = &dr->dr_stateid; 5595 struct nfs4_stid *s; 5596 __be32 status; 5597 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5598 5599 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 5600 return status; 5601 5602 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 5603 if (status) 5604 goto out; 5605 dp = delegstateid(s); 5606 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 5607 if (status) 5608 goto put_stateid; 5609 5610 destroy_delegation(dp); 5611 put_stateid: 5612 nfs4_put_stid(&dp->dl_stid); 5613 out: 5614 return status; 5615 } 5616 5617 static inline u64 5618 end_offset(u64 start, u64 len) 5619 { 5620 u64 end; 5621 5622 end = start + len; 5623 return end >= start ? end: NFS4_MAX_UINT64; 5624 } 5625 5626 /* last octet in a range */ 5627 static inline u64 5628 last_byte_offset(u64 start, u64 len) 5629 { 5630 u64 end; 5631 5632 WARN_ON_ONCE(!len); 5633 end = start + len; 5634 return end > start ? end - 1: NFS4_MAX_UINT64; 5635 } 5636 5637 /* 5638 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 5639 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 5640 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 5641 * locking, this prevents us from being completely protocol-compliant. The 5642 * real solution to this problem is to start using unsigned file offsets in 5643 * the VFS, but this is a very deep change! 5644 */ 5645 static inline void 5646 nfs4_transform_lock_offset(struct file_lock *lock) 5647 { 5648 if (lock->fl_start < 0) 5649 lock->fl_start = OFFSET_MAX; 5650 if (lock->fl_end < 0) 5651 lock->fl_end = OFFSET_MAX; 5652 } 5653 5654 static fl_owner_t 5655 nfsd4_fl_get_owner(fl_owner_t owner) 5656 { 5657 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5658 5659 nfs4_get_stateowner(&lo->lo_owner); 5660 return owner; 5661 } 5662 5663 static void 5664 nfsd4_fl_put_owner(fl_owner_t owner) 5665 { 5666 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5667 5668 if (lo) 5669 nfs4_put_stateowner(&lo->lo_owner); 5670 } 5671 5672 static void 5673 nfsd4_lm_notify(struct file_lock *fl) 5674 { 5675 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 5676 struct net *net = lo->lo_owner.so_client->net; 5677 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5678 struct nfsd4_blocked_lock *nbl = container_of(fl, 5679 struct nfsd4_blocked_lock, nbl_lock); 5680 bool queue = false; 5681 5682 /* An empty list means that something else is going to be using it */ 5683 spin_lock(&nn->blocked_locks_lock); 5684 if (!list_empty(&nbl->nbl_list)) { 5685 list_del_init(&nbl->nbl_list); 5686 list_del_init(&nbl->nbl_lru); 5687 queue = true; 5688 } 5689 spin_unlock(&nn->blocked_locks_lock); 5690 5691 if (queue) 5692 nfsd4_run_cb(&nbl->nbl_cb); 5693 } 5694 5695 static const struct lock_manager_operations nfsd_posix_mng_ops = { 5696 .lm_notify = nfsd4_lm_notify, 5697 .lm_get_owner = nfsd4_fl_get_owner, 5698 .lm_put_owner = nfsd4_fl_put_owner, 5699 }; 5700 5701 static inline void 5702 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 5703 { 5704 struct nfs4_lockowner *lo; 5705 5706 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 5707 lo = (struct nfs4_lockowner *) fl->fl_owner; 5708 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data, 5709 lo->lo_owner.so_owner.len, GFP_KERNEL); 5710 if (!deny->ld_owner.data) 5711 /* We just don't care that much */ 5712 goto nevermind; 5713 deny->ld_owner.len = lo->lo_owner.so_owner.len; 5714 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 5715 } else { 5716 nevermind: 5717 deny->ld_owner.len = 0; 5718 deny->ld_owner.data = NULL; 5719 deny->ld_clientid.cl_boot = 0; 5720 deny->ld_clientid.cl_id = 0; 5721 } 5722 deny->ld_start = fl->fl_start; 5723 deny->ld_length = NFS4_MAX_UINT64; 5724 if (fl->fl_end != NFS4_MAX_UINT64) 5725 deny->ld_length = fl->fl_end - fl->fl_start + 1; 5726 deny->ld_type = NFS4_READ_LT; 5727 if (fl->fl_type != F_RDLCK) 5728 deny->ld_type = NFS4_WRITE_LT; 5729 } 5730 5731 static struct nfs4_lockowner * 5732 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 5733 { 5734 unsigned int strhashval = ownerstr_hashval(owner); 5735 struct nfs4_stateowner *so; 5736 5737 lockdep_assert_held(&clp->cl_lock); 5738 5739 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 5740 so_strhash) { 5741 if (so->so_is_open_owner) 5742 continue; 5743 if (same_owner_str(so, owner)) 5744 return lockowner(nfs4_get_stateowner(so)); 5745 } 5746 return NULL; 5747 } 5748 5749 static struct nfs4_lockowner * 5750 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 5751 { 5752 struct nfs4_lockowner *lo; 5753 5754 spin_lock(&clp->cl_lock); 5755 lo = find_lockowner_str_locked(clp, owner); 5756 spin_unlock(&clp->cl_lock); 5757 return lo; 5758 } 5759 5760 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 5761 { 5762 unhash_lockowner_locked(lockowner(sop)); 5763 } 5764 5765 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 5766 { 5767 struct nfs4_lockowner *lo = lockowner(sop); 5768 5769 kmem_cache_free(lockowner_slab, lo); 5770 } 5771 5772 static const struct nfs4_stateowner_operations lockowner_ops = { 5773 .so_unhash = nfs4_unhash_lockowner, 5774 .so_free = nfs4_free_lockowner, 5775 }; 5776 5777 /* 5778 * Alloc a lock owner structure. 5779 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 5780 * occurred. 5781 * 5782 * strhashval = ownerstr_hashval 5783 */ 5784 static struct nfs4_lockowner * 5785 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 5786 struct nfs4_ol_stateid *open_stp, 5787 struct nfsd4_lock *lock) 5788 { 5789 struct nfs4_lockowner *lo, *ret; 5790 5791 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 5792 if (!lo) 5793 return NULL; 5794 INIT_LIST_HEAD(&lo->lo_blocked); 5795 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 5796 lo->lo_owner.so_is_open_owner = 0; 5797 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 5798 lo->lo_owner.so_ops = &lockowner_ops; 5799 spin_lock(&clp->cl_lock); 5800 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 5801 if (ret == NULL) { 5802 list_add(&lo->lo_owner.so_strhash, 5803 &clp->cl_ownerstr_hashtbl[strhashval]); 5804 ret = lo; 5805 } else 5806 nfs4_free_stateowner(&lo->lo_owner); 5807 5808 spin_unlock(&clp->cl_lock); 5809 return ret; 5810 } 5811 5812 static struct nfs4_ol_stateid * 5813 find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) 5814 { 5815 struct nfs4_ol_stateid *lst; 5816 struct nfs4_client *clp = lo->lo_owner.so_client; 5817 5818 lockdep_assert_held(&clp->cl_lock); 5819 5820 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { 5821 if (lst->st_stid.sc_type != NFS4_LOCK_STID) 5822 continue; 5823 if (lst->st_stid.sc_file == fp) { 5824 refcount_inc(&lst->st_stid.sc_count); 5825 return lst; 5826 } 5827 } 5828 return NULL; 5829 } 5830 5831 static struct nfs4_ol_stateid * 5832 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 5833 struct nfs4_file *fp, struct inode *inode, 5834 struct nfs4_ol_stateid *open_stp) 5835 { 5836 struct nfs4_client *clp = lo->lo_owner.so_client; 5837 struct nfs4_ol_stateid *retstp; 5838 5839 mutex_init(&stp->st_mutex); 5840 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 5841 retry: 5842 spin_lock(&clp->cl_lock); 5843 spin_lock(&fp->fi_lock); 5844 retstp = find_lock_stateid(lo, fp); 5845 if (retstp) 5846 goto out_unlock; 5847 5848 refcount_inc(&stp->st_stid.sc_count); 5849 stp->st_stid.sc_type = NFS4_LOCK_STID; 5850 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 5851 get_nfs4_file(fp); 5852 stp->st_stid.sc_file = fp; 5853 stp->st_access_bmap = 0; 5854 stp->st_deny_bmap = open_stp->st_deny_bmap; 5855 stp->st_openstp = open_stp; 5856 list_add(&stp->st_locks, &open_stp->st_locks); 5857 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 5858 list_add(&stp->st_perfile, &fp->fi_stateids); 5859 out_unlock: 5860 spin_unlock(&fp->fi_lock); 5861 spin_unlock(&clp->cl_lock); 5862 if (retstp) { 5863 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 5864 nfs4_put_stid(&retstp->st_stid); 5865 goto retry; 5866 } 5867 /* To keep mutex tracking happy */ 5868 mutex_unlock(&stp->st_mutex); 5869 stp = retstp; 5870 } 5871 return stp; 5872 } 5873 5874 static struct nfs4_ol_stateid * 5875 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 5876 struct inode *inode, struct nfs4_ol_stateid *ost, 5877 bool *new) 5878 { 5879 struct nfs4_stid *ns = NULL; 5880 struct nfs4_ol_stateid *lst; 5881 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5882 struct nfs4_client *clp = oo->oo_owner.so_client; 5883 5884 *new = false; 5885 spin_lock(&clp->cl_lock); 5886 lst = find_lock_stateid(lo, fi); 5887 spin_unlock(&clp->cl_lock); 5888 if (lst != NULL) { 5889 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 5890 goto out; 5891 nfs4_put_stid(&lst->st_stid); 5892 } 5893 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 5894 if (ns == NULL) 5895 return NULL; 5896 5897 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 5898 if (lst == openlockstateid(ns)) 5899 *new = true; 5900 else 5901 nfs4_put_stid(ns); 5902 out: 5903 return lst; 5904 } 5905 5906 static int 5907 check_lock_length(u64 offset, u64 length) 5908 { 5909 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 5910 (length > ~offset))); 5911 } 5912 5913 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 5914 { 5915 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 5916 5917 lockdep_assert_held(&fp->fi_lock); 5918 5919 if (test_access(access, lock_stp)) 5920 return; 5921 __nfs4_file_get_access(fp, access); 5922 set_access(access, lock_stp); 5923 } 5924 5925 static __be32 5926 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 5927 struct nfs4_ol_stateid *ost, 5928 struct nfsd4_lock *lock, 5929 struct nfs4_ol_stateid **plst, bool *new) 5930 { 5931 __be32 status; 5932 struct nfs4_file *fi = ost->st_stid.sc_file; 5933 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5934 struct nfs4_client *cl = oo->oo_owner.so_client; 5935 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 5936 struct nfs4_lockowner *lo; 5937 struct nfs4_ol_stateid *lst; 5938 unsigned int strhashval; 5939 5940 lo = find_lockowner_str(cl, &lock->lk_new_owner); 5941 if (!lo) { 5942 strhashval = ownerstr_hashval(&lock->lk_new_owner); 5943 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 5944 if (lo == NULL) 5945 return nfserr_jukebox; 5946 } else { 5947 /* with an existing lockowner, seqids must be the same */ 5948 status = nfserr_bad_seqid; 5949 if (!cstate->minorversion && 5950 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 5951 goto out; 5952 } 5953 5954 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 5955 if (lst == NULL) { 5956 status = nfserr_jukebox; 5957 goto out; 5958 } 5959 5960 status = nfs_ok; 5961 *plst = lst; 5962 out: 5963 nfs4_put_stateowner(&lo->lo_owner); 5964 return status; 5965 } 5966 5967 /* 5968 * LOCK operation 5969 */ 5970 __be32 5971 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5972 union nfsd4_op_u *u) 5973 { 5974 struct nfsd4_lock *lock = &u->lock; 5975 struct nfs4_openowner *open_sop = NULL; 5976 struct nfs4_lockowner *lock_sop = NULL; 5977 struct nfs4_ol_stateid *lock_stp = NULL; 5978 struct nfs4_ol_stateid *open_stp = NULL; 5979 struct nfs4_file *fp; 5980 struct file *filp = NULL; 5981 struct nfsd4_blocked_lock *nbl = NULL; 5982 struct file_lock *file_lock = NULL; 5983 struct file_lock *conflock = NULL; 5984 __be32 status = 0; 5985 int lkflg; 5986 int err; 5987 bool new = false; 5988 unsigned char fl_type; 5989 unsigned int fl_flags = FL_POSIX; 5990 struct net *net = SVC_NET(rqstp); 5991 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5992 5993 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 5994 (long long) lock->lk_offset, 5995 (long long) lock->lk_length); 5996 5997 if (check_lock_length(lock->lk_offset, lock->lk_length)) 5998 return nfserr_inval; 5999 6000 if ((status = fh_verify(rqstp, &cstate->current_fh, 6001 S_IFREG, NFSD_MAY_LOCK))) { 6002 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 6003 return status; 6004 } 6005 6006 if (lock->lk_is_new) { 6007 if (nfsd4_has_session(cstate)) 6008 /* See rfc 5661 18.10.3: given clientid is ignored: */ 6009 memcpy(&lock->lk_new_clientid, 6010 &cstate->session->se_client->cl_clientid, 6011 sizeof(clientid_t)); 6012 6013 status = nfserr_stale_clientid; 6014 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 6015 goto out; 6016 6017 /* validate and update open stateid and open seqid */ 6018 status = nfs4_preprocess_confirmed_seqid_op(cstate, 6019 lock->lk_new_open_seqid, 6020 &lock->lk_new_open_stateid, 6021 &open_stp, nn); 6022 if (status) 6023 goto out; 6024 mutex_unlock(&open_stp->st_mutex); 6025 open_sop = openowner(open_stp->st_stateowner); 6026 status = nfserr_bad_stateid; 6027 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 6028 &lock->lk_new_clientid)) 6029 goto out; 6030 status = lookup_or_create_lock_state(cstate, open_stp, lock, 6031 &lock_stp, &new); 6032 } else { 6033 status = nfs4_preprocess_seqid_op(cstate, 6034 lock->lk_old_lock_seqid, 6035 &lock->lk_old_lock_stateid, 6036 NFS4_LOCK_STID, &lock_stp, nn); 6037 } 6038 if (status) 6039 goto out; 6040 lock_sop = lockowner(lock_stp->st_stateowner); 6041 6042 lkflg = setlkflg(lock->lk_type); 6043 status = nfs4_check_openmode(lock_stp, lkflg); 6044 if (status) 6045 goto out; 6046 6047 status = nfserr_grace; 6048 if (locks_in_grace(net) && !lock->lk_reclaim) 6049 goto out; 6050 status = nfserr_no_grace; 6051 if (!locks_in_grace(net) && lock->lk_reclaim) 6052 goto out; 6053 6054 fp = lock_stp->st_stid.sc_file; 6055 switch (lock->lk_type) { 6056 case NFS4_READW_LT: 6057 if (nfsd4_has_session(cstate)) 6058 fl_flags |= FL_SLEEP; 6059 /* Fallthrough */ 6060 case NFS4_READ_LT: 6061 spin_lock(&fp->fi_lock); 6062 filp = find_readable_file_locked(fp); 6063 if (filp) 6064 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 6065 spin_unlock(&fp->fi_lock); 6066 fl_type = F_RDLCK; 6067 break; 6068 case NFS4_WRITEW_LT: 6069 if (nfsd4_has_session(cstate)) 6070 fl_flags |= FL_SLEEP; 6071 /* Fallthrough */ 6072 case NFS4_WRITE_LT: 6073 spin_lock(&fp->fi_lock); 6074 filp = find_writeable_file_locked(fp); 6075 if (filp) 6076 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 6077 spin_unlock(&fp->fi_lock); 6078 fl_type = F_WRLCK; 6079 break; 6080 default: 6081 status = nfserr_inval; 6082 goto out; 6083 } 6084 6085 if (!filp) { 6086 status = nfserr_openmode; 6087 goto out; 6088 } 6089 6090 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 6091 if (!nbl) { 6092 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 6093 status = nfserr_jukebox; 6094 goto out; 6095 } 6096 6097 file_lock = &nbl->nbl_lock; 6098 file_lock->fl_type = fl_type; 6099 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 6100 file_lock->fl_pid = current->tgid; 6101 file_lock->fl_file = filp; 6102 file_lock->fl_flags = fl_flags; 6103 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6104 file_lock->fl_start = lock->lk_offset; 6105 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 6106 nfs4_transform_lock_offset(file_lock); 6107 6108 conflock = locks_alloc_lock(); 6109 if (!conflock) { 6110 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6111 status = nfserr_jukebox; 6112 goto out; 6113 } 6114 6115 if (fl_flags & FL_SLEEP) { 6116 nbl->nbl_time = jiffies; 6117 spin_lock(&nn->blocked_locks_lock); 6118 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 6119 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 6120 spin_unlock(&nn->blocked_locks_lock); 6121 } 6122 6123 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock); 6124 switch (err) { 6125 case 0: /* success! */ 6126 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 6127 status = 0; 6128 if (lock->lk_reclaim) 6129 nn->somebody_reclaimed = true; 6130 break; 6131 case FILE_LOCK_DEFERRED: 6132 nbl = NULL; 6133 /* Fallthrough */ 6134 case -EAGAIN: /* conflock holds conflicting lock */ 6135 status = nfserr_denied; 6136 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 6137 nfs4_set_lock_denied(conflock, &lock->lk_denied); 6138 break; 6139 case -EDEADLK: 6140 status = nfserr_deadlock; 6141 break; 6142 default: 6143 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 6144 status = nfserrno(err); 6145 break; 6146 } 6147 out: 6148 if (nbl) { 6149 /* dequeue it if we queued it before */ 6150 if (fl_flags & FL_SLEEP) { 6151 spin_lock(&nn->blocked_locks_lock); 6152 list_del_init(&nbl->nbl_list); 6153 list_del_init(&nbl->nbl_lru); 6154 spin_unlock(&nn->blocked_locks_lock); 6155 } 6156 free_blocked_lock(nbl); 6157 } 6158 if (filp) 6159 fput(filp); 6160 if (lock_stp) { 6161 /* Bump seqid manually if the 4.0 replay owner is openowner */ 6162 if (cstate->replay_owner && 6163 cstate->replay_owner != &lock_sop->lo_owner && 6164 seqid_mutating_err(ntohl(status))) 6165 lock_sop->lo_owner.so_seqid++; 6166 6167 /* 6168 * If this is a new, never-before-used stateid, and we are 6169 * returning an error, then just go ahead and release it. 6170 */ 6171 if (status && new) 6172 release_lock_stateid(lock_stp); 6173 6174 mutex_unlock(&lock_stp->st_mutex); 6175 6176 nfs4_put_stid(&lock_stp->st_stid); 6177 } 6178 if (open_stp) 6179 nfs4_put_stid(&open_stp->st_stid); 6180 nfsd4_bump_seqid(cstate, status); 6181 if (conflock) 6182 locks_free_lock(conflock); 6183 return status; 6184 } 6185 6186 /* 6187 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6188 * so we do a temporary open here just to get an open file to pass to 6189 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6190 * inode operation.) 6191 */ 6192 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6193 { 6194 struct file *file; 6195 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 6196 if (!err) { 6197 err = nfserrno(vfs_test_lock(file, lock)); 6198 fput(file); 6199 } 6200 return err; 6201 } 6202 6203 /* 6204 * LOCKT operation 6205 */ 6206 __be32 6207 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6208 union nfsd4_op_u *u) 6209 { 6210 struct nfsd4_lockt *lockt = &u->lockt; 6211 struct file_lock *file_lock = NULL; 6212 struct nfs4_lockowner *lo = NULL; 6213 __be32 status; 6214 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6215 6216 if (locks_in_grace(SVC_NET(rqstp))) 6217 return nfserr_grace; 6218 6219 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6220 return nfserr_inval; 6221 6222 if (!nfsd4_has_session(cstate)) { 6223 status = lookup_clientid(&lockt->lt_clientid, cstate, nn); 6224 if (status) 6225 goto out; 6226 } 6227 6228 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6229 goto out; 6230 6231 file_lock = locks_alloc_lock(); 6232 if (!file_lock) { 6233 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6234 status = nfserr_jukebox; 6235 goto out; 6236 } 6237 6238 switch (lockt->lt_type) { 6239 case NFS4_READ_LT: 6240 case NFS4_READW_LT: 6241 file_lock->fl_type = F_RDLCK; 6242 break; 6243 case NFS4_WRITE_LT: 6244 case NFS4_WRITEW_LT: 6245 file_lock->fl_type = F_WRLCK; 6246 break; 6247 default: 6248 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6249 status = nfserr_inval; 6250 goto out; 6251 } 6252 6253 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6254 if (lo) 6255 file_lock->fl_owner = (fl_owner_t)lo; 6256 file_lock->fl_pid = current->tgid; 6257 file_lock->fl_flags = FL_POSIX; 6258 6259 file_lock->fl_start = lockt->lt_offset; 6260 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6261 6262 nfs4_transform_lock_offset(file_lock); 6263 6264 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6265 if (status) 6266 goto out; 6267 6268 if (file_lock->fl_type != F_UNLCK) { 6269 status = nfserr_denied; 6270 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6271 } 6272 out: 6273 if (lo) 6274 nfs4_put_stateowner(&lo->lo_owner); 6275 if (file_lock) 6276 locks_free_lock(file_lock); 6277 return status; 6278 } 6279 6280 __be32 6281 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6282 union nfsd4_op_u *u) 6283 { 6284 struct nfsd4_locku *locku = &u->locku; 6285 struct nfs4_ol_stateid *stp; 6286 struct file *filp = NULL; 6287 struct file_lock *file_lock = NULL; 6288 __be32 status; 6289 int err; 6290 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6291 6292 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6293 (long long) locku->lu_offset, 6294 (long long) locku->lu_length); 6295 6296 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6297 return nfserr_inval; 6298 6299 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6300 &locku->lu_stateid, NFS4_LOCK_STID, 6301 &stp, nn); 6302 if (status) 6303 goto out; 6304 filp = find_any_file(stp->st_stid.sc_file); 6305 if (!filp) { 6306 status = nfserr_lock_range; 6307 goto put_stateid; 6308 } 6309 file_lock = locks_alloc_lock(); 6310 if (!file_lock) { 6311 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6312 status = nfserr_jukebox; 6313 goto fput; 6314 } 6315 6316 file_lock->fl_type = F_UNLCK; 6317 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6318 file_lock->fl_pid = current->tgid; 6319 file_lock->fl_file = filp; 6320 file_lock->fl_flags = FL_POSIX; 6321 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6322 file_lock->fl_start = locku->lu_offset; 6323 6324 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6325 locku->lu_length); 6326 nfs4_transform_lock_offset(file_lock); 6327 6328 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL); 6329 if (err) { 6330 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6331 goto out_nfserr; 6332 } 6333 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6334 fput: 6335 fput(filp); 6336 put_stateid: 6337 mutex_unlock(&stp->st_mutex); 6338 nfs4_put_stid(&stp->st_stid); 6339 out: 6340 nfsd4_bump_seqid(cstate, status); 6341 if (file_lock) 6342 locks_free_lock(file_lock); 6343 return status; 6344 6345 out_nfserr: 6346 status = nfserrno(err); 6347 goto fput; 6348 } 6349 6350 /* 6351 * returns 6352 * true: locks held by lockowner 6353 * false: no locks held by lockowner 6354 */ 6355 static bool 6356 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 6357 { 6358 struct file_lock *fl; 6359 int status = false; 6360 struct file *filp = find_any_file(fp); 6361 struct inode *inode; 6362 struct file_lock_context *flctx; 6363 6364 if (!filp) { 6365 /* Any valid lock stateid should have some sort of access */ 6366 WARN_ON_ONCE(1); 6367 return status; 6368 } 6369 6370 inode = locks_inode(filp); 6371 flctx = inode->i_flctx; 6372 6373 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 6374 spin_lock(&flctx->flc_lock); 6375 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 6376 if (fl->fl_owner == (fl_owner_t)lowner) { 6377 status = true; 6378 break; 6379 } 6380 } 6381 spin_unlock(&flctx->flc_lock); 6382 } 6383 fput(filp); 6384 return status; 6385 } 6386 6387 __be32 6388 nfsd4_release_lockowner(struct svc_rqst *rqstp, 6389 struct nfsd4_compound_state *cstate, 6390 union nfsd4_op_u *u) 6391 { 6392 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 6393 clientid_t *clid = &rlockowner->rl_clientid; 6394 struct nfs4_stateowner *sop; 6395 struct nfs4_lockowner *lo = NULL; 6396 struct nfs4_ol_stateid *stp; 6397 struct xdr_netobj *owner = &rlockowner->rl_owner; 6398 unsigned int hashval = ownerstr_hashval(owner); 6399 __be32 status; 6400 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6401 struct nfs4_client *clp; 6402 LIST_HEAD (reaplist); 6403 6404 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 6405 clid->cl_boot, clid->cl_id); 6406 6407 status = lookup_clientid(clid, cstate, nn); 6408 if (status) 6409 return status; 6410 6411 clp = cstate->clp; 6412 /* Find the matching lock stateowner */ 6413 spin_lock(&clp->cl_lock); 6414 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 6415 so_strhash) { 6416 6417 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 6418 continue; 6419 6420 /* see if there are still any locks associated with it */ 6421 lo = lockowner(sop); 6422 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 6423 if (check_for_locks(stp->st_stid.sc_file, lo)) { 6424 status = nfserr_locks_held; 6425 spin_unlock(&clp->cl_lock); 6426 return status; 6427 } 6428 } 6429 6430 nfs4_get_stateowner(sop); 6431 break; 6432 } 6433 if (!lo) { 6434 spin_unlock(&clp->cl_lock); 6435 return status; 6436 } 6437 6438 unhash_lockowner_locked(lo); 6439 while (!list_empty(&lo->lo_owner.so_stateids)) { 6440 stp = list_first_entry(&lo->lo_owner.so_stateids, 6441 struct nfs4_ol_stateid, 6442 st_perstateowner); 6443 WARN_ON(!unhash_lock_stateid(stp)); 6444 put_ol_stateid_locked(stp, &reaplist); 6445 } 6446 spin_unlock(&clp->cl_lock); 6447 free_ol_stateid_reaplist(&reaplist); 6448 remove_blocked_locks(lo); 6449 nfs4_put_stateowner(&lo->lo_owner); 6450 6451 return status; 6452 } 6453 6454 static inline struct nfs4_client_reclaim * 6455 alloc_reclaim(void) 6456 { 6457 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 6458 } 6459 6460 bool 6461 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn) 6462 { 6463 struct nfs4_client_reclaim *crp; 6464 6465 crp = nfsd4_find_reclaim_client(name, nn); 6466 return (crp && crp->cr_clp); 6467 } 6468 6469 /* 6470 * failure => all reset bets are off, nfserr_no_grace... 6471 */ 6472 struct nfs4_client_reclaim * 6473 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn) 6474 { 6475 unsigned int strhashval; 6476 struct nfs4_client_reclaim *crp; 6477 6478 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name); 6479 crp = alloc_reclaim(); 6480 if (crp) { 6481 strhashval = clientstr_hashval(name); 6482 INIT_LIST_HEAD(&crp->cr_strhash); 6483 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 6484 memcpy(crp->cr_recdir, name, HEXDIR_LEN); 6485 crp->cr_clp = NULL; 6486 nn->reclaim_str_hashtbl_size++; 6487 } 6488 return crp; 6489 } 6490 6491 void 6492 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 6493 { 6494 list_del(&crp->cr_strhash); 6495 kfree(crp); 6496 nn->reclaim_str_hashtbl_size--; 6497 } 6498 6499 void 6500 nfs4_release_reclaim(struct nfsd_net *nn) 6501 { 6502 struct nfs4_client_reclaim *crp = NULL; 6503 int i; 6504 6505 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 6506 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 6507 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 6508 struct nfs4_client_reclaim, cr_strhash); 6509 nfs4_remove_reclaim_record(crp, nn); 6510 } 6511 } 6512 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 6513 } 6514 6515 /* 6516 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 6517 struct nfs4_client_reclaim * 6518 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn) 6519 { 6520 unsigned int strhashval; 6521 struct nfs4_client_reclaim *crp = NULL; 6522 6523 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir); 6524 6525 strhashval = clientstr_hashval(recdir); 6526 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 6527 if (same_name(crp->cr_recdir, recdir)) { 6528 return crp; 6529 } 6530 } 6531 return NULL; 6532 } 6533 6534 /* 6535 * Called from OPEN. Look for clientid in reclaim list. 6536 */ 6537 __be32 6538 nfs4_check_open_reclaim(clientid_t *clid, 6539 struct nfsd4_compound_state *cstate, 6540 struct nfsd_net *nn) 6541 { 6542 __be32 status; 6543 6544 /* find clientid in conf_id_hashtbl */ 6545 status = lookup_clientid(clid, cstate, nn); 6546 if (status) 6547 return nfserr_reclaim_bad; 6548 6549 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 6550 return nfserr_no_grace; 6551 6552 if (nfsd4_client_record_check(cstate->clp)) 6553 return nfserr_reclaim_bad; 6554 6555 return nfs_ok; 6556 } 6557 6558 #ifdef CONFIG_NFSD_FAULT_INJECTION 6559 static inline void 6560 put_client(struct nfs4_client *clp) 6561 { 6562 atomic_dec(&clp->cl_refcount); 6563 } 6564 6565 static struct nfs4_client * 6566 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 6567 { 6568 struct nfs4_client *clp; 6569 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6570 nfsd_net_id); 6571 6572 if (!nfsd_netns_ready(nn)) 6573 return NULL; 6574 6575 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6576 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 6577 return clp; 6578 } 6579 return NULL; 6580 } 6581 6582 u64 6583 nfsd_inject_print_clients(void) 6584 { 6585 struct nfs4_client *clp; 6586 u64 count = 0; 6587 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6588 nfsd_net_id); 6589 char buf[INET6_ADDRSTRLEN]; 6590 6591 if (!nfsd_netns_ready(nn)) 6592 return 0; 6593 6594 spin_lock(&nn->client_lock); 6595 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6596 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6597 pr_info("NFS Client: %s\n", buf); 6598 ++count; 6599 } 6600 spin_unlock(&nn->client_lock); 6601 6602 return count; 6603 } 6604 6605 u64 6606 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 6607 { 6608 u64 count = 0; 6609 struct nfs4_client *clp; 6610 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6611 nfsd_net_id); 6612 6613 if (!nfsd_netns_ready(nn)) 6614 return count; 6615 6616 spin_lock(&nn->client_lock); 6617 clp = nfsd_find_client(addr, addr_size); 6618 if (clp) { 6619 if (mark_client_expired_locked(clp) == nfs_ok) 6620 ++count; 6621 else 6622 clp = NULL; 6623 } 6624 spin_unlock(&nn->client_lock); 6625 6626 if (clp) 6627 expire_client(clp); 6628 6629 return count; 6630 } 6631 6632 u64 6633 nfsd_inject_forget_clients(u64 max) 6634 { 6635 u64 count = 0; 6636 struct nfs4_client *clp, *next; 6637 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6638 nfsd_net_id); 6639 LIST_HEAD(reaplist); 6640 6641 if (!nfsd_netns_ready(nn)) 6642 return count; 6643 6644 spin_lock(&nn->client_lock); 6645 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 6646 if (mark_client_expired_locked(clp) == nfs_ok) { 6647 list_add(&clp->cl_lru, &reaplist); 6648 if (max != 0 && ++count >= max) 6649 break; 6650 } 6651 } 6652 spin_unlock(&nn->client_lock); 6653 6654 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 6655 expire_client(clp); 6656 6657 return count; 6658 } 6659 6660 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 6661 const char *type) 6662 { 6663 char buf[INET6_ADDRSTRLEN]; 6664 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6665 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 6666 } 6667 6668 static void 6669 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 6670 struct list_head *collect) 6671 { 6672 struct nfs4_client *clp = lst->st_stid.sc_client; 6673 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6674 nfsd_net_id); 6675 6676 if (!collect) 6677 return; 6678 6679 lockdep_assert_held(&nn->client_lock); 6680 atomic_inc(&clp->cl_refcount); 6681 list_add(&lst->st_locks, collect); 6682 } 6683 6684 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 6685 struct list_head *collect, 6686 bool (*func)(struct nfs4_ol_stateid *)) 6687 { 6688 struct nfs4_openowner *oop; 6689 struct nfs4_ol_stateid *stp, *st_next; 6690 struct nfs4_ol_stateid *lst, *lst_next; 6691 u64 count = 0; 6692 6693 spin_lock(&clp->cl_lock); 6694 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 6695 list_for_each_entry_safe(stp, st_next, 6696 &oop->oo_owner.so_stateids, st_perstateowner) { 6697 list_for_each_entry_safe(lst, lst_next, 6698 &stp->st_locks, st_locks) { 6699 if (func) { 6700 if (func(lst)) 6701 nfsd_inject_add_lock_to_list(lst, 6702 collect); 6703 } 6704 ++count; 6705 /* 6706 * Despite the fact that these functions deal 6707 * with 64-bit integers for "count", we must 6708 * ensure that it doesn't blow up the 6709 * clp->cl_refcount. Throw a warning if we 6710 * start to approach INT_MAX here. 6711 */ 6712 WARN_ON_ONCE(count == (INT_MAX / 2)); 6713 if (count == max) 6714 goto out; 6715 } 6716 } 6717 } 6718 out: 6719 spin_unlock(&clp->cl_lock); 6720 6721 return count; 6722 } 6723 6724 static u64 6725 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 6726 u64 max) 6727 { 6728 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 6729 } 6730 6731 static u64 6732 nfsd_print_client_locks(struct nfs4_client *clp) 6733 { 6734 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 6735 nfsd_print_count(clp, count, "locked files"); 6736 return count; 6737 } 6738 6739 u64 6740 nfsd_inject_print_locks(void) 6741 { 6742 struct nfs4_client *clp; 6743 u64 count = 0; 6744 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6745 nfsd_net_id); 6746 6747 if (!nfsd_netns_ready(nn)) 6748 return 0; 6749 6750 spin_lock(&nn->client_lock); 6751 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6752 count += nfsd_print_client_locks(clp); 6753 spin_unlock(&nn->client_lock); 6754 6755 return count; 6756 } 6757 6758 static void 6759 nfsd_reap_locks(struct list_head *reaplist) 6760 { 6761 struct nfs4_client *clp; 6762 struct nfs4_ol_stateid *stp, *next; 6763 6764 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 6765 list_del_init(&stp->st_locks); 6766 clp = stp->st_stid.sc_client; 6767 nfs4_put_stid(&stp->st_stid); 6768 put_client(clp); 6769 } 6770 } 6771 6772 u64 6773 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 6774 { 6775 unsigned int count = 0; 6776 struct nfs4_client *clp; 6777 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6778 nfsd_net_id); 6779 LIST_HEAD(reaplist); 6780 6781 if (!nfsd_netns_ready(nn)) 6782 return count; 6783 6784 spin_lock(&nn->client_lock); 6785 clp = nfsd_find_client(addr, addr_size); 6786 if (clp) 6787 count = nfsd_collect_client_locks(clp, &reaplist, 0); 6788 spin_unlock(&nn->client_lock); 6789 nfsd_reap_locks(&reaplist); 6790 return count; 6791 } 6792 6793 u64 6794 nfsd_inject_forget_locks(u64 max) 6795 { 6796 u64 count = 0; 6797 struct nfs4_client *clp; 6798 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6799 nfsd_net_id); 6800 LIST_HEAD(reaplist); 6801 6802 if (!nfsd_netns_ready(nn)) 6803 return count; 6804 6805 spin_lock(&nn->client_lock); 6806 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6807 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 6808 if (max != 0 && count >= max) 6809 break; 6810 } 6811 spin_unlock(&nn->client_lock); 6812 nfsd_reap_locks(&reaplist); 6813 return count; 6814 } 6815 6816 static u64 6817 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 6818 struct list_head *collect, 6819 void (*func)(struct nfs4_openowner *)) 6820 { 6821 struct nfs4_openowner *oop, *next; 6822 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6823 nfsd_net_id); 6824 u64 count = 0; 6825 6826 lockdep_assert_held(&nn->client_lock); 6827 6828 spin_lock(&clp->cl_lock); 6829 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 6830 if (func) { 6831 func(oop); 6832 if (collect) { 6833 atomic_inc(&clp->cl_refcount); 6834 list_add(&oop->oo_perclient, collect); 6835 } 6836 } 6837 ++count; 6838 /* 6839 * Despite the fact that these functions deal with 6840 * 64-bit integers for "count", we must ensure that 6841 * it doesn't blow up the clp->cl_refcount. Throw a 6842 * warning if we start to approach INT_MAX here. 6843 */ 6844 WARN_ON_ONCE(count == (INT_MAX / 2)); 6845 if (count == max) 6846 break; 6847 } 6848 spin_unlock(&clp->cl_lock); 6849 6850 return count; 6851 } 6852 6853 static u64 6854 nfsd_print_client_openowners(struct nfs4_client *clp) 6855 { 6856 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 6857 6858 nfsd_print_count(clp, count, "openowners"); 6859 return count; 6860 } 6861 6862 static u64 6863 nfsd_collect_client_openowners(struct nfs4_client *clp, 6864 struct list_head *collect, u64 max) 6865 { 6866 return nfsd_foreach_client_openowner(clp, max, collect, 6867 unhash_openowner_locked); 6868 } 6869 6870 u64 6871 nfsd_inject_print_openowners(void) 6872 { 6873 struct nfs4_client *clp; 6874 u64 count = 0; 6875 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6876 nfsd_net_id); 6877 6878 if (!nfsd_netns_ready(nn)) 6879 return 0; 6880 6881 spin_lock(&nn->client_lock); 6882 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6883 count += nfsd_print_client_openowners(clp); 6884 spin_unlock(&nn->client_lock); 6885 6886 return count; 6887 } 6888 6889 static void 6890 nfsd_reap_openowners(struct list_head *reaplist) 6891 { 6892 struct nfs4_client *clp; 6893 struct nfs4_openowner *oop, *next; 6894 6895 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 6896 list_del_init(&oop->oo_perclient); 6897 clp = oop->oo_owner.so_client; 6898 release_openowner(oop); 6899 put_client(clp); 6900 } 6901 } 6902 6903 u64 6904 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 6905 size_t addr_size) 6906 { 6907 unsigned int count = 0; 6908 struct nfs4_client *clp; 6909 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6910 nfsd_net_id); 6911 LIST_HEAD(reaplist); 6912 6913 if (!nfsd_netns_ready(nn)) 6914 return count; 6915 6916 spin_lock(&nn->client_lock); 6917 clp = nfsd_find_client(addr, addr_size); 6918 if (clp) 6919 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 6920 spin_unlock(&nn->client_lock); 6921 nfsd_reap_openowners(&reaplist); 6922 return count; 6923 } 6924 6925 u64 6926 nfsd_inject_forget_openowners(u64 max) 6927 { 6928 u64 count = 0; 6929 struct nfs4_client *clp; 6930 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6931 nfsd_net_id); 6932 LIST_HEAD(reaplist); 6933 6934 if (!nfsd_netns_ready(nn)) 6935 return count; 6936 6937 spin_lock(&nn->client_lock); 6938 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6939 count += nfsd_collect_client_openowners(clp, &reaplist, 6940 max - count); 6941 if (max != 0 && count >= max) 6942 break; 6943 } 6944 spin_unlock(&nn->client_lock); 6945 nfsd_reap_openowners(&reaplist); 6946 return count; 6947 } 6948 6949 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 6950 struct list_head *victims) 6951 { 6952 struct nfs4_delegation *dp, *next; 6953 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6954 nfsd_net_id); 6955 u64 count = 0; 6956 6957 lockdep_assert_held(&nn->client_lock); 6958 6959 spin_lock(&state_lock); 6960 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 6961 if (victims) { 6962 /* 6963 * It's not safe to mess with delegations that have a 6964 * non-zero dl_time. They might have already been broken 6965 * and could be processed by the laundromat outside of 6966 * the state_lock. Just leave them be. 6967 */ 6968 if (dp->dl_time != 0) 6969 continue; 6970 6971 atomic_inc(&clp->cl_refcount); 6972 WARN_ON(!unhash_delegation_locked(dp)); 6973 list_add(&dp->dl_recall_lru, victims); 6974 } 6975 ++count; 6976 /* 6977 * Despite the fact that these functions deal with 6978 * 64-bit integers for "count", we must ensure that 6979 * it doesn't blow up the clp->cl_refcount. Throw a 6980 * warning if we start to approach INT_MAX here. 6981 */ 6982 WARN_ON_ONCE(count == (INT_MAX / 2)); 6983 if (count == max) 6984 break; 6985 } 6986 spin_unlock(&state_lock); 6987 return count; 6988 } 6989 6990 static u64 6991 nfsd_print_client_delegations(struct nfs4_client *clp) 6992 { 6993 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 6994 6995 nfsd_print_count(clp, count, "delegations"); 6996 return count; 6997 } 6998 6999 u64 7000 nfsd_inject_print_delegations(void) 7001 { 7002 struct nfs4_client *clp; 7003 u64 count = 0; 7004 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7005 nfsd_net_id); 7006 7007 if (!nfsd_netns_ready(nn)) 7008 return 0; 7009 7010 spin_lock(&nn->client_lock); 7011 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7012 count += nfsd_print_client_delegations(clp); 7013 spin_unlock(&nn->client_lock); 7014 7015 return count; 7016 } 7017 7018 static void 7019 nfsd_forget_delegations(struct list_head *reaplist) 7020 { 7021 struct nfs4_client *clp; 7022 struct nfs4_delegation *dp, *next; 7023 7024 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7025 list_del_init(&dp->dl_recall_lru); 7026 clp = dp->dl_stid.sc_client; 7027 revoke_delegation(dp); 7028 put_client(clp); 7029 } 7030 } 7031 7032 u64 7033 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 7034 size_t addr_size) 7035 { 7036 u64 count = 0; 7037 struct nfs4_client *clp; 7038 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7039 nfsd_net_id); 7040 LIST_HEAD(reaplist); 7041 7042 if (!nfsd_netns_ready(nn)) 7043 return count; 7044 7045 spin_lock(&nn->client_lock); 7046 clp = nfsd_find_client(addr, addr_size); 7047 if (clp) 7048 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7049 spin_unlock(&nn->client_lock); 7050 7051 nfsd_forget_delegations(&reaplist); 7052 return count; 7053 } 7054 7055 u64 7056 nfsd_inject_forget_delegations(u64 max) 7057 { 7058 u64 count = 0; 7059 struct nfs4_client *clp; 7060 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7061 nfsd_net_id); 7062 LIST_HEAD(reaplist); 7063 7064 if (!nfsd_netns_ready(nn)) 7065 return count; 7066 7067 spin_lock(&nn->client_lock); 7068 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7069 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7070 if (max != 0 && count >= max) 7071 break; 7072 } 7073 spin_unlock(&nn->client_lock); 7074 nfsd_forget_delegations(&reaplist); 7075 return count; 7076 } 7077 7078 static void 7079 nfsd_recall_delegations(struct list_head *reaplist) 7080 { 7081 struct nfs4_client *clp; 7082 struct nfs4_delegation *dp, *next; 7083 7084 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7085 list_del_init(&dp->dl_recall_lru); 7086 clp = dp->dl_stid.sc_client; 7087 /* 7088 * We skipped all entries that had a zero dl_time before, 7089 * so we can now reset the dl_time back to 0. If a delegation 7090 * break comes in now, then it won't make any difference since 7091 * we're recalling it either way. 7092 */ 7093 spin_lock(&state_lock); 7094 dp->dl_time = 0; 7095 spin_unlock(&state_lock); 7096 nfsd_break_one_deleg(dp); 7097 put_client(clp); 7098 } 7099 } 7100 7101 u64 7102 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 7103 size_t addr_size) 7104 { 7105 u64 count = 0; 7106 struct nfs4_client *clp; 7107 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7108 nfsd_net_id); 7109 LIST_HEAD(reaplist); 7110 7111 if (!nfsd_netns_ready(nn)) 7112 return count; 7113 7114 spin_lock(&nn->client_lock); 7115 clp = nfsd_find_client(addr, addr_size); 7116 if (clp) 7117 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7118 spin_unlock(&nn->client_lock); 7119 7120 nfsd_recall_delegations(&reaplist); 7121 return count; 7122 } 7123 7124 u64 7125 nfsd_inject_recall_delegations(u64 max) 7126 { 7127 u64 count = 0; 7128 struct nfs4_client *clp, *next; 7129 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7130 nfsd_net_id); 7131 LIST_HEAD(reaplist); 7132 7133 if (!nfsd_netns_ready(nn)) 7134 return count; 7135 7136 spin_lock(&nn->client_lock); 7137 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7138 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7139 if (max != 0 && ++count >= max) 7140 break; 7141 } 7142 spin_unlock(&nn->client_lock); 7143 nfsd_recall_delegations(&reaplist); 7144 return count; 7145 } 7146 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 7147 7148 /* 7149 * Since the lifetime of a delegation isn't limited to that of an open, a 7150 * client may quite reasonably hang on to a delegation as long as it has 7151 * the inode cached. This becomes an obvious problem the first time a 7152 * client's inode cache approaches the size of the server's total memory. 7153 * 7154 * For now we avoid this problem by imposing a hard limit on the number 7155 * of delegations, which varies according to the server's memory size. 7156 */ 7157 static void 7158 set_max_delegations(void) 7159 { 7160 /* 7161 * Allow at most 4 delegations per megabyte of RAM. Quick 7162 * estimates suggest that in the worst case (where every delegation 7163 * is for a different inode), a delegation could take about 1.5K, 7164 * giving a worst case usage of about 6% of memory. 7165 */ 7166 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 7167 } 7168 7169 static int nfs4_state_create_net(struct net *net) 7170 { 7171 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7172 int i; 7173 7174 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7175 sizeof(struct list_head), 7176 GFP_KERNEL); 7177 if (!nn->conf_id_hashtbl) 7178 goto err; 7179 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7180 sizeof(struct list_head), 7181 GFP_KERNEL); 7182 if (!nn->unconf_id_hashtbl) 7183 goto err_unconf_id; 7184 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE, 7185 sizeof(struct list_head), 7186 GFP_KERNEL); 7187 if (!nn->sessionid_hashtbl) 7188 goto err_sessionid; 7189 7190 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7191 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7192 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7193 } 7194 for (i = 0; i < SESSION_HASH_SIZE; i++) 7195 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7196 nn->conf_name_tree = RB_ROOT; 7197 nn->unconf_name_tree = RB_ROOT; 7198 nn->boot_time = get_seconds(); 7199 nn->grace_ended = false; 7200 nn->nfsd4_manager.block_opens = true; 7201 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 7202 INIT_LIST_HEAD(&nn->client_lru); 7203 INIT_LIST_HEAD(&nn->close_lru); 7204 INIT_LIST_HEAD(&nn->del_recall_lru); 7205 spin_lock_init(&nn->client_lock); 7206 spin_lock_init(&nn->s2s_cp_lock); 7207 idr_init(&nn->s2s_cp_stateids); 7208 7209 spin_lock_init(&nn->blocked_locks_lock); 7210 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7211 7212 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7213 get_net(net); 7214 7215 return 0; 7216 7217 err_sessionid: 7218 kfree(nn->unconf_id_hashtbl); 7219 err_unconf_id: 7220 kfree(nn->conf_id_hashtbl); 7221 err: 7222 return -ENOMEM; 7223 } 7224 7225 static void 7226 nfs4_state_destroy_net(struct net *net) 7227 { 7228 int i; 7229 struct nfs4_client *clp = NULL; 7230 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7231 7232 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7233 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7234 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7235 destroy_client(clp); 7236 } 7237 } 7238 7239 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 7240 7241 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7242 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7243 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7244 destroy_client(clp); 7245 } 7246 } 7247 7248 kfree(nn->sessionid_hashtbl); 7249 kfree(nn->unconf_id_hashtbl); 7250 kfree(nn->conf_id_hashtbl); 7251 put_net(net); 7252 } 7253 7254 int 7255 nfs4_state_start_net(struct net *net) 7256 { 7257 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7258 int ret; 7259 7260 ret = nfs4_state_create_net(net); 7261 if (ret) 7262 return ret; 7263 locks_start_grace(net, &nn->nfsd4_manager); 7264 nfsd4_client_tracking_init(net); 7265 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %x)\n", 7266 nn->nfsd4_grace, net->ns.inum); 7267 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7268 return 0; 7269 } 7270 7271 /* initialization to perform when the nfsd service is started: */ 7272 7273 int 7274 nfs4_state_start(void) 7275 { 7276 int ret; 7277 7278 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7279 if (laundry_wq == NULL) { 7280 ret = -ENOMEM; 7281 goto out; 7282 } 7283 ret = nfsd4_create_callback_queue(); 7284 if (ret) 7285 goto out_free_laundry; 7286 7287 set_max_delegations(); 7288 return 0; 7289 7290 out_free_laundry: 7291 destroy_workqueue(laundry_wq); 7292 out: 7293 return ret; 7294 } 7295 7296 void 7297 nfs4_state_shutdown_net(struct net *net) 7298 { 7299 struct nfs4_delegation *dp = NULL; 7300 struct list_head *pos, *next, reaplist; 7301 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7302 7303 cancel_delayed_work_sync(&nn->laundromat_work); 7304 locks_end_grace(&nn->nfsd4_manager); 7305 7306 INIT_LIST_HEAD(&reaplist); 7307 spin_lock(&state_lock); 7308 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7309 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7310 WARN_ON(!unhash_delegation_locked(dp)); 7311 list_add(&dp->dl_recall_lru, &reaplist); 7312 } 7313 spin_unlock(&state_lock); 7314 list_for_each_safe(pos, next, &reaplist) { 7315 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7316 list_del_init(&dp->dl_recall_lru); 7317 destroy_unhashed_deleg(dp); 7318 } 7319 7320 nfsd4_client_tracking_exit(net); 7321 nfs4_state_destroy_net(net); 7322 } 7323 7324 void 7325 nfs4_state_shutdown(void) 7326 { 7327 destroy_workqueue(laundry_wq); 7328 nfsd4_destroy_callback_queue(); 7329 } 7330 7331 static void 7332 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7333 { 7334 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid)) 7335 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 7336 } 7337 7338 static void 7339 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7340 { 7341 if (cstate->minorversion) { 7342 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 7343 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7344 } 7345 } 7346 7347 void 7348 clear_current_stateid(struct nfsd4_compound_state *cstate) 7349 { 7350 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7351 } 7352 7353 /* 7354 * functions to set current state id 7355 */ 7356 void 7357 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 7358 union nfsd4_op_u *u) 7359 { 7360 put_stateid(cstate, &u->open_downgrade.od_stateid); 7361 } 7362 7363 void 7364 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 7365 union nfsd4_op_u *u) 7366 { 7367 put_stateid(cstate, &u->open.op_stateid); 7368 } 7369 7370 void 7371 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 7372 union nfsd4_op_u *u) 7373 { 7374 put_stateid(cstate, &u->close.cl_stateid); 7375 } 7376 7377 void 7378 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 7379 union nfsd4_op_u *u) 7380 { 7381 put_stateid(cstate, &u->lock.lk_resp_stateid); 7382 } 7383 7384 /* 7385 * functions to consume current state id 7386 */ 7387 7388 void 7389 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 7390 union nfsd4_op_u *u) 7391 { 7392 get_stateid(cstate, &u->open_downgrade.od_stateid); 7393 } 7394 7395 void 7396 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 7397 union nfsd4_op_u *u) 7398 { 7399 get_stateid(cstate, &u->delegreturn.dr_stateid); 7400 } 7401 7402 void 7403 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 7404 union nfsd4_op_u *u) 7405 { 7406 get_stateid(cstate, &u->free_stateid.fr_stateid); 7407 } 7408 7409 void 7410 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 7411 union nfsd4_op_u *u) 7412 { 7413 get_stateid(cstate, &u->setattr.sa_stateid); 7414 } 7415 7416 void 7417 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 7418 union nfsd4_op_u *u) 7419 { 7420 get_stateid(cstate, &u->close.cl_stateid); 7421 } 7422 7423 void 7424 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 7425 union nfsd4_op_u *u) 7426 { 7427 get_stateid(cstate, &u->locku.lu_stateid); 7428 } 7429 7430 void 7431 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 7432 union nfsd4_op_u *u) 7433 { 7434 get_stateid(cstate, &u->read.rd_stateid); 7435 } 7436 7437 void 7438 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 7439 union nfsd4_op_u *u) 7440 { 7441 get_stateid(cstate, &u->write.wr_stateid); 7442 } 7443