1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include "xdr4.h" 46 #include "xdr4cb.h" 47 #include "vfs.h" 48 #include "current_stateid.h" 49 50 #include "netns.h" 51 #include "pnfs.h" 52 53 #define NFSDDBG_FACILITY NFSDDBG_PROC 54 55 #define all_ones {{~0,~0},~0} 56 static const stateid_t one_stateid = { 57 .si_generation = ~0, 58 .si_opaque = all_ones, 59 }; 60 static const stateid_t zero_stateid = { 61 /* all fields zero */ 62 }; 63 static const stateid_t currentstateid = { 64 .si_generation = 1, 65 }; 66 static const stateid_t close_stateid = { 67 .si_generation = 0xffffffffU, 68 }; 69 70 static u64 current_sessionid = 1; 71 72 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 73 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 74 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 75 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 76 77 /* forward declarations */ 78 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 79 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 80 81 /* Locking: */ 82 83 /* 84 * Currently used for the del_recall_lru and file hash table. In an 85 * effort to decrease the scope of the client_mutex, this spinlock may 86 * eventually cover more: 87 */ 88 static DEFINE_SPINLOCK(state_lock); 89 90 enum nfsd4_st_mutex_lock_subclass { 91 OPEN_STATEID_MUTEX = 0, 92 LOCK_STATEID_MUTEX = 1, 93 }; 94 95 /* 96 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 97 * the refcount on the open stateid to drop. 98 */ 99 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 100 101 static struct kmem_cache *client_slab; 102 static struct kmem_cache *openowner_slab; 103 static struct kmem_cache *lockowner_slab; 104 static struct kmem_cache *file_slab; 105 static struct kmem_cache *stateid_slab; 106 static struct kmem_cache *deleg_slab; 107 static struct kmem_cache *odstate_slab; 108 109 static void free_session(struct nfsd4_session *); 110 111 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 112 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 113 114 static bool is_session_dead(struct nfsd4_session *ses) 115 { 116 return ses->se_flags & NFS4_SESSION_DEAD; 117 } 118 119 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 120 { 121 if (atomic_read(&ses->se_ref) > ref_held_by_me) 122 return nfserr_jukebox; 123 ses->se_flags |= NFS4_SESSION_DEAD; 124 return nfs_ok; 125 } 126 127 static bool is_client_expired(struct nfs4_client *clp) 128 { 129 return clp->cl_time == 0; 130 } 131 132 static __be32 get_client_locked(struct nfs4_client *clp) 133 { 134 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 135 136 lockdep_assert_held(&nn->client_lock); 137 138 if (is_client_expired(clp)) 139 return nfserr_expired; 140 atomic_inc(&clp->cl_refcount); 141 return nfs_ok; 142 } 143 144 /* must be called under the client_lock */ 145 static inline void 146 renew_client_locked(struct nfs4_client *clp) 147 { 148 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 149 150 if (is_client_expired(clp)) { 151 WARN_ON(1); 152 printk("%s: client (clientid %08x/%08x) already expired\n", 153 __func__, 154 clp->cl_clientid.cl_boot, 155 clp->cl_clientid.cl_id); 156 return; 157 } 158 159 dprintk("renewing client (clientid %08x/%08x)\n", 160 clp->cl_clientid.cl_boot, 161 clp->cl_clientid.cl_id); 162 list_move_tail(&clp->cl_lru, &nn->client_lru); 163 clp->cl_time = get_seconds(); 164 } 165 166 static void put_client_renew_locked(struct nfs4_client *clp) 167 { 168 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 169 170 lockdep_assert_held(&nn->client_lock); 171 172 if (!atomic_dec_and_test(&clp->cl_refcount)) 173 return; 174 if (!is_client_expired(clp)) 175 renew_client_locked(clp); 176 } 177 178 static void put_client_renew(struct nfs4_client *clp) 179 { 180 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 181 182 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock)) 183 return; 184 if (!is_client_expired(clp)) 185 renew_client_locked(clp); 186 spin_unlock(&nn->client_lock); 187 } 188 189 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 190 { 191 __be32 status; 192 193 if (is_session_dead(ses)) 194 return nfserr_badsession; 195 status = get_client_locked(ses->se_client); 196 if (status) 197 return status; 198 atomic_inc(&ses->se_ref); 199 return nfs_ok; 200 } 201 202 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 203 { 204 struct nfs4_client *clp = ses->se_client; 205 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 206 207 lockdep_assert_held(&nn->client_lock); 208 209 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 210 free_session(ses); 211 put_client_renew_locked(clp); 212 } 213 214 static void nfsd4_put_session(struct nfsd4_session *ses) 215 { 216 struct nfs4_client *clp = ses->se_client; 217 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 218 219 spin_lock(&nn->client_lock); 220 nfsd4_put_session_locked(ses); 221 spin_unlock(&nn->client_lock); 222 } 223 224 static struct nfsd4_blocked_lock * 225 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 226 struct nfsd_net *nn) 227 { 228 struct nfsd4_blocked_lock *cur, *found = NULL; 229 230 spin_lock(&nn->blocked_locks_lock); 231 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 232 if (fh_match(fh, &cur->nbl_fh)) { 233 list_del_init(&cur->nbl_list); 234 list_del_init(&cur->nbl_lru); 235 found = cur; 236 break; 237 } 238 } 239 spin_unlock(&nn->blocked_locks_lock); 240 if (found) 241 locks_delete_block(&found->nbl_lock); 242 return found; 243 } 244 245 static struct nfsd4_blocked_lock * 246 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 247 struct nfsd_net *nn) 248 { 249 struct nfsd4_blocked_lock *nbl; 250 251 nbl = find_blocked_lock(lo, fh, nn); 252 if (!nbl) { 253 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 254 if (nbl) { 255 fh_copy_shallow(&nbl->nbl_fh, fh); 256 locks_init_lock(&nbl->nbl_lock); 257 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 258 &nfsd4_cb_notify_lock_ops, 259 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 260 } 261 } 262 return nbl; 263 } 264 265 static void 266 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 267 { 268 locks_delete_block(&nbl->nbl_lock); 269 locks_release_private(&nbl->nbl_lock); 270 kfree(nbl); 271 } 272 273 static void 274 remove_blocked_locks(struct nfs4_lockowner *lo) 275 { 276 struct nfs4_client *clp = lo->lo_owner.so_client; 277 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 278 struct nfsd4_blocked_lock *nbl; 279 LIST_HEAD(reaplist); 280 281 /* Dequeue all blocked locks */ 282 spin_lock(&nn->blocked_locks_lock); 283 while (!list_empty(&lo->lo_blocked)) { 284 nbl = list_first_entry(&lo->lo_blocked, 285 struct nfsd4_blocked_lock, 286 nbl_list); 287 list_del_init(&nbl->nbl_list); 288 list_move(&nbl->nbl_lru, &reaplist); 289 } 290 spin_unlock(&nn->blocked_locks_lock); 291 292 /* Now free them */ 293 while (!list_empty(&reaplist)) { 294 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 295 nbl_lru); 296 list_del_init(&nbl->nbl_lru); 297 free_blocked_lock(nbl); 298 } 299 } 300 301 static void 302 nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb) 303 { 304 struct nfsd4_blocked_lock *nbl = container_of(cb, 305 struct nfsd4_blocked_lock, nbl_cb); 306 locks_delete_block(&nbl->nbl_lock); 307 } 308 309 static int 310 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 311 { 312 /* 313 * Since this is just an optimization, we don't try very hard if it 314 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 315 * just quit trying on anything else. 316 */ 317 switch (task->tk_status) { 318 case -NFS4ERR_DELAY: 319 rpc_delay(task, 1 * HZ); 320 return 0; 321 default: 322 return 1; 323 } 324 } 325 326 static void 327 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 328 { 329 struct nfsd4_blocked_lock *nbl = container_of(cb, 330 struct nfsd4_blocked_lock, nbl_cb); 331 332 free_blocked_lock(nbl); 333 } 334 335 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 336 .prepare = nfsd4_cb_notify_lock_prepare, 337 .done = nfsd4_cb_notify_lock_done, 338 .release = nfsd4_cb_notify_lock_release, 339 }; 340 341 static inline struct nfs4_stateowner * 342 nfs4_get_stateowner(struct nfs4_stateowner *sop) 343 { 344 atomic_inc(&sop->so_count); 345 return sop; 346 } 347 348 static int 349 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 350 { 351 return (sop->so_owner.len == owner->len) && 352 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 353 } 354 355 static struct nfs4_openowner * 356 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 357 struct nfs4_client *clp) 358 { 359 struct nfs4_stateowner *so; 360 361 lockdep_assert_held(&clp->cl_lock); 362 363 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 364 so_strhash) { 365 if (!so->so_is_open_owner) 366 continue; 367 if (same_owner_str(so, &open->op_owner)) 368 return openowner(nfs4_get_stateowner(so)); 369 } 370 return NULL; 371 } 372 373 static struct nfs4_openowner * 374 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 375 struct nfs4_client *clp) 376 { 377 struct nfs4_openowner *oo; 378 379 spin_lock(&clp->cl_lock); 380 oo = find_openstateowner_str_locked(hashval, open, clp); 381 spin_unlock(&clp->cl_lock); 382 return oo; 383 } 384 385 static inline u32 386 opaque_hashval(const void *ptr, int nbytes) 387 { 388 unsigned char *cptr = (unsigned char *) ptr; 389 390 u32 x = 0; 391 while (nbytes--) { 392 x *= 37; 393 x += *cptr++; 394 } 395 return x; 396 } 397 398 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 399 { 400 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 401 402 kmem_cache_free(file_slab, fp); 403 } 404 405 void 406 put_nfs4_file(struct nfs4_file *fi) 407 { 408 might_lock(&state_lock); 409 410 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 411 hlist_del_rcu(&fi->fi_hash); 412 spin_unlock(&state_lock); 413 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 414 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 415 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 416 } 417 } 418 419 static struct file * 420 __nfs4_get_fd(struct nfs4_file *f, int oflag) 421 { 422 if (f->fi_fds[oflag]) 423 return get_file(f->fi_fds[oflag]); 424 return NULL; 425 } 426 427 static struct file * 428 find_writeable_file_locked(struct nfs4_file *f) 429 { 430 struct file *ret; 431 432 lockdep_assert_held(&f->fi_lock); 433 434 ret = __nfs4_get_fd(f, O_WRONLY); 435 if (!ret) 436 ret = __nfs4_get_fd(f, O_RDWR); 437 return ret; 438 } 439 440 static struct file * 441 find_writeable_file(struct nfs4_file *f) 442 { 443 struct file *ret; 444 445 spin_lock(&f->fi_lock); 446 ret = find_writeable_file_locked(f); 447 spin_unlock(&f->fi_lock); 448 449 return ret; 450 } 451 452 static struct file *find_readable_file_locked(struct nfs4_file *f) 453 { 454 struct file *ret; 455 456 lockdep_assert_held(&f->fi_lock); 457 458 ret = __nfs4_get_fd(f, O_RDONLY); 459 if (!ret) 460 ret = __nfs4_get_fd(f, O_RDWR); 461 return ret; 462 } 463 464 static struct file * 465 find_readable_file(struct nfs4_file *f) 466 { 467 struct file *ret; 468 469 spin_lock(&f->fi_lock); 470 ret = find_readable_file_locked(f); 471 spin_unlock(&f->fi_lock); 472 473 return ret; 474 } 475 476 struct file * 477 find_any_file(struct nfs4_file *f) 478 { 479 struct file *ret; 480 481 spin_lock(&f->fi_lock); 482 ret = __nfs4_get_fd(f, O_RDWR); 483 if (!ret) { 484 ret = __nfs4_get_fd(f, O_WRONLY); 485 if (!ret) 486 ret = __nfs4_get_fd(f, O_RDONLY); 487 } 488 spin_unlock(&f->fi_lock); 489 return ret; 490 } 491 492 static atomic_long_t num_delegations; 493 unsigned long max_delegations; 494 495 /* 496 * Open owner state (share locks) 497 */ 498 499 /* hash tables for lock and open owners */ 500 #define OWNER_HASH_BITS 8 501 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 502 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 503 504 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 505 { 506 unsigned int ret; 507 508 ret = opaque_hashval(ownername->data, ownername->len); 509 return ret & OWNER_HASH_MASK; 510 } 511 512 /* hash table for nfs4_file */ 513 #define FILE_HASH_BITS 8 514 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 515 516 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 517 { 518 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 519 } 520 521 static unsigned int file_hashval(struct knfsd_fh *fh) 522 { 523 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 524 } 525 526 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 527 528 static void 529 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 530 { 531 lockdep_assert_held(&fp->fi_lock); 532 533 if (access & NFS4_SHARE_ACCESS_WRITE) 534 atomic_inc(&fp->fi_access[O_WRONLY]); 535 if (access & NFS4_SHARE_ACCESS_READ) 536 atomic_inc(&fp->fi_access[O_RDONLY]); 537 } 538 539 static __be32 540 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 541 { 542 lockdep_assert_held(&fp->fi_lock); 543 544 /* Does this access mode make sense? */ 545 if (access & ~NFS4_SHARE_ACCESS_BOTH) 546 return nfserr_inval; 547 548 /* Does it conflict with a deny mode already set? */ 549 if ((access & fp->fi_share_deny) != 0) 550 return nfserr_share_denied; 551 552 __nfs4_file_get_access(fp, access); 553 return nfs_ok; 554 } 555 556 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 557 { 558 /* Common case is that there is no deny mode. */ 559 if (deny) { 560 /* Does this deny mode make sense? */ 561 if (deny & ~NFS4_SHARE_DENY_BOTH) 562 return nfserr_inval; 563 564 if ((deny & NFS4_SHARE_DENY_READ) && 565 atomic_read(&fp->fi_access[O_RDONLY])) 566 return nfserr_share_denied; 567 568 if ((deny & NFS4_SHARE_DENY_WRITE) && 569 atomic_read(&fp->fi_access[O_WRONLY])) 570 return nfserr_share_denied; 571 } 572 return nfs_ok; 573 } 574 575 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 576 { 577 might_lock(&fp->fi_lock); 578 579 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 580 struct file *f1 = NULL; 581 struct file *f2 = NULL; 582 583 swap(f1, fp->fi_fds[oflag]); 584 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 585 swap(f2, fp->fi_fds[O_RDWR]); 586 spin_unlock(&fp->fi_lock); 587 if (f1) 588 fput(f1); 589 if (f2) 590 fput(f2); 591 } 592 } 593 594 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 595 { 596 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 597 598 if (access & NFS4_SHARE_ACCESS_WRITE) 599 __nfs4_file_put_access(fp, O_WRONLY); 600 if (access & NFS4_SHARE_ACCESS_READ) 601 __nfs4_file_put_access(fp, O_RDONLY); 602 } 603 604 /* 605 * Allocate a new open/delegation state counter. This is needed for 606 * pNFS for proper return on close semantics. 607 * 608 * Note that we only allocate it for pNFS-enabled exports, otherwise 609 * all pointers to struct nfs4_clnt_odstate are always NULL. 610 */ 611 static struct nfs4_clnt_odstate * 612 alloc_clnt_odstate(struct nfs4_client *clp) 613 { 614 struct nfs4_clnt_odstate *co; 615 616 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 617 if (co) { 618 co->co_client = clp; 619 refcount_set(&co->co_odcount, 1); 620 } 621 return co; 622 } 623 624 static void 625 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 626 { 627 struct nfs4_file *fp = co->co_file; 628 629 lockdep_assert_held(&fp->fi_lock); 630 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 631 } 632 633 static inline void 634 get_clnt_odstate(struct nfs4_clnt_odstate *co) 635 { 636 if (co) 637 refcount_inc(&co->co_odcount); 638 } 639 640 static void 641 put_clnt_odstate(struct nfs4_clnt_odstate *co) 642 { 643 struct nfs4_file *fp; 644 645 if (!co) 646 return; 647 648 fp = co->co_file; 649 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 650 list_del(&co->co_perfile); 651 spin_unlock(&fp->fi_lock); 652 653 nfsd4_return_all_file_layouts(co->co_client, fp); 654 kmem_cache_free(odstate_slab, co); 655 } 656 } 657 658 static struct nfs4_clnt_odstate * 659 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 660 { 661 struct nfs4_clnt_odstate *co; 662 struct nfs4_client *cl; 663 664 if (!new) 665 return NULL; 666 667 cl = new->co_client; 668 669 spin_lock(&fp->fi_lock); 670 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 671 if (co->co_client == cl) { 672 get_clnt_odstate(co); 673 goto out; 674 } 675 } 676 co = new; 677 co->co_file = fp; 678 hash_clnt_odstate_locked(new); 679 out: 680 spin_unlock(&fp->fi_lock); 681 return co; 682 } 683 684 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 685 void (*sc_free)(struct nfs4_stid *)) 686 { 687 struct nfs4_stid *stid; 688 int new_id; 689 690 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 691 if (!stid) 692 return NULL; 693 694 idr_preload(GFP_KERNEL); 695 spin_lock(&cl->cl_lock); 696 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT); 697 spin_unlock(&cl->cl_lock); 698 idr_preload_end(); 699 if (new_id < 0) 700 goto out_free; 701 702 stid->sc_free = sc_free; 703 stid->sc_client = cl; 704 stid->sc_stateid.si_opaque.so_id = new_id; 705 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 706 /* Will be incremented before return to client: */ 707 refcount_set(&stid->sc_count, 1); 708 spin_lock_init(&stid->sc_lock); 709 710 /* 711 * It shouldn't be a problem to reuse an opaque stateid value. 712 * I don't think it is for 4.1. But with 4.0 I worry that, for 713 * example, a stray write retransmission could be accepted by 714 * the server when it should have been rejected. Therefore, 715 * adopt a trick from the sctp code to attempt to maximize the 716 * amount of time until an id is reused, by ensuring they always 717 * "increase" (mod INT_MAX): 718 */ 719 return stid; 720 out_free: 721 kmem_cache_free(slab, stid); 722 return NULL; 723 } 724 725 /* 726 * Create a unique stateid_t to represent each COPY. 727 */ 728 int nfs4_init_cp_state(struct nfsd_net *nn, struct nfsd4_copy *copy) 729 { 730 int new_id; 731 732 idr_preload(GFP_KERNEL); 733 spin_lock(&nn->s2s_cp_lock); 734 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, copy, 0, 0, GFP_NOWAIT); 735 spin_unlock(&nn->s2s_cp_lock); 736 idr_preload_end(); 737 if (new_id < 0) 738 return 0; 739 copy->cp_stateid.si_opaque.so_id = new_id; 740 copy->cp_stateid.si_opaque.so_clid.cl_boot = nn->boot_time; 741 copy->cp_stateid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id; 742 return 1; 743 } 744 745 void nfs4_free_cp_state(struct nfsd4_copy *copy) 746 { 747 struct nfsd_net *nn; 748 749 nn = net_generic(copy->cp_clp->net, nfsd_net_id); 750 spin_lock(&nn->s2s_cp_lock); 751 idr_remove(&nn->s2s_cp_stateids, copy->cp_stateid.si_opaque.so_id); 752 spin_unlock(&nn->s2s_cp_lock); 753 } 754 755 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 756 { 757 struct nfs4_stid *stid; 758 759 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 760 if (!stid) 761 return NULL; 762 763 return openlockstateid(stid); 764 } 765 766 static void nfs4_free_deleg(struct nfs4_stid *stid) 767 { 768 kmem_cache_free(deleg_slab, stid); 769 atomic_long_dec(&num_delegations); 770 } 771 772 /* 773 * When we recall a delegation, we should be careful not to hand it 774 * out again straight away. 775 * To ensure this we keep a pair of bloom filters ('new' and 'old') 776 * in which the filehandles of recalled delegations are "stored". 777 * If a filehandle appear in either filter, a delegation is blocked. 778 * When a delegation is recalled, the filehandle is stored in the "new" 779 * filter. 780 * Every 30 seconds we swap the filters and clear the "new" one, 781 * unless both are empty of course. 782 * 783 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 784 * low 3 bytes as hash-table indices. 785 * 786 * 'blocked_delegations_lock', which is always taken in block_delegations(), 787 * is used to manage concurrent access. Testing does not need the lock 788 * except when swapping the two filters. 789 */ 790 static DEFINE_SPINLOCK(blocked_delegations_lock); 791 static struct bloom_pair { 792 int entries, old_entries; 793 time_t swap_time; 794 int new; /* index into 'set' */ 795 DECLARE_BITMAP(set[2], 256); 796 } blocked_delegations; 797 798 static int delegation_blocked(struct knfsd_fh *fh) 799 { 800 u32 hash; 801 struct bloom_pair *bd = &blocked_delegations; 802 803 if (bd->entries == 0) 804 return 0; 805 if (seconds_since_boot() - bd->swap_time > 30) { 806 spin_lock(&blocked_delegations_lock); 807 if (seconds_since_boot() - bd->swap_time > 30) { 808 bd->entries -= bd->old_entries; 809 bd->old_entries = bd->entries; 810 memset(bd->set[bd->new], 0, 811 sizeof(bd->set[0])); 812 bd->new = 1-bd->new; 813 bd->swap_time = seconds_since_boot(); 814 } 815 spin_unlock(&blocked_delegations_lock); 816 } 817 hash = jhash(&fh->fh_base, fh->fh_size, 0); 818 if (test_bit(hash&255, bd->set[0]) && 819 test_bit((hash>>8)&255, bd->set[0]) && 820 test_bit((hash>>16)&255, bd->set[0])) 821 return 1; 822 823 if (test_bit(hash&255, bd->set[1]) && 824 test_bit((hash>>8)&255, bd->set[1]) && 825 test_bit((hash>>16)&255, bd->set[1])) 826 return 1; 827 828 return 0; 829 } 830 831 static void block_delegations(struct knfsd_fh *fh) 832 { 833 u32 hash; 834 struct bloom_pair *bd = &blocked_delegations; 835 836 hash = jhash(&fh->fh_base, fh->fh_size, 0); 837 838 spin_lock(&blocked_delegations_lock); 839 __set_bit(hash&255, bd->set[bd->new]); 840 __set_bit((hash>>8)&255, bd->set[bd->new]); 841 __set_bit((hash>>16)&255, bd->set[bd->new]); 842 if (bd->entries == 0) 843 bd->swap_time = seconds_since_boot(); 844 bd->entries += 1; 845 spin_unlock(&blocked_delegations_lock); 846 } 847 848 static struct nfs4_delegation * 849 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 850 struct svc_fh *current_fh, 851 struct nfs4_clnt_odstate *odstate) 852 { 853 struct nfs4_delegation *dp; 854 long n; 855 856 dprintk("NFSD alloc_init_deleg\n"); 857 n = atomic_long_inc_return(&num_delegations); 858 if (n < 0 || n > max_delegations) 859 goto out_dec; 860 if (delegation_blocked(¤t_fh->fh_handle)) 861 goto out_dec; 862 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 863 if (dp == NULL) 864 goto out_dec; 865 866 /* 867 * delegation seqid's are never incremented. The 4.1 special 868 * meaning of seqid 0 isn't meaningful, really, but let's avoid 869 * 0 anyway just for consistency and use 1: 870 */ 871 dp->dl_stid.sc_stateid.si_generation = 1; 872 INIT_LIST_HEAD(&dp->dl_perfile); 873 INIT_LIST_HEAD(&dp->dl_perclnt); 874 INIT_LIST_HEAD(&dp->dl_recall_lru); 875 dp->dl_clnt_odstate = odstate; 876 get_clnt_odstate(odstate); 877 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 878 dp->dl_retries = 1; 879 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 880 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 881 get_nfs4_file(fp); 882 dp->dl_stid.sc_file = fp; 883 return dp; 884 out_dec: 885 atomic_long_dec(&num_delegations); 886 return NULL; 887 } 888 889 void 890 nfs4_put_stid(struct nfs4_stid *s) 891 { 892 struct nfs4_file *fp = s->sc_file; 893 struct nfs4_client *clp = s->sc_client; 894 895 might_lock(&clp->cl_lock); 896 897 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 898 wake_up_all(&close_wq); 899 return; 900 } 901 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 902 spin_unlock(&clp->cl_lock); 903 s->sc_free(s); 904 if (fp) 905 put_nfs4_file(fp); 906 } 907 908 void 909 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 910 { 911 stateid_t *src = &stid->sc_stateid; 912 913 spin_lock(&stid->sc_lock); 914 if (unlikely(++src->si_generation == 0)) 915 src->si_generation = 1; 916 memcpy(dst, src, sizeof(*dst)); 917 spin_unlock(&stid->sc_lock); 918 } 919 920 static void put_deleg_file(struct nfs4_file *fp) 921 { 922 struct file *filp = NULL; 923 924 spin_lock(&fp->fi_lock); 925 if (--fp->fi_delegees == 0) 926 swap(filp, fp->fi_deleg_file); 927 spin_unlock(&fp->fi_lock); 928 929 if (filp) 930 fput(filp); 931 } 932 933 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 934 { 935 struct nfs4_file *fp = dp->dl_stid.sc_file; 936 struct file *filp = fp->fi_deleg_file; 937 938 WARN_ON_ONCE(!fp->fi_delegees); 939 940 vfs_setlease(filp, F_UNLCK, NULL, (void **)&dp); 941 put_deleg_file(fp); 942 } 943 944 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 945 { 946 put_clnt_odstate(dp->dl_clnt_odstate); 947 nfs4_unlock_deleg_lease(dp); 948 nfs4_put_stid(&dp->dl_stid); 949 } 950 951 void nfs4_unhash_stid(struct nfs4_stid *s) 952 { 953 s->sc_type = 0; 954 } 955 956 /** 957 * nfs4_delegation_exists - Discover if this delegation already exists 958 * @clp: a pointer to the nfs4_client we're granting a delegation to 959 * @fp: a pointer to the nfs4_file we're granting a delegation on 960 * 961 * Return: 962 * On success: true iff an existing delegation is found 963 */ 964 965 static bool 966 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 967 { 968 struct nfs4_delegation *searchdp = NULL; 969 struct nfs4_client *searchclp = NULL; 970 971 lockdep_assert_held(&state_lock); 972 lockdep_assert_held(&fp->fi_lock); 973 974 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 975 searchclp = searchdp->dl_stid.sc_client; 976 if (clp == searchclp) { 977 return true; 978 } 979 } 980 return false; 981 } 982 983 /** 984 * hash_delegation_locked - Add a delegation to the appropriate lists 985 * @dp: a pointer to the nfs4_delegation we are adding. 986 * @fp: a pointer to the nfs4_file we're granting a delegation on 987 * 988 * Return: 989 * On success: NULL if the delegation was successfully hashed. 990 * 991 * On error: -EAGAIN if one was previously granted to this 992 * nfs4_client for this nfs4_file. Delegation is not hashed. 993 * 994 */ 995 996 static int 997 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 998 { 999 struct nfs4_client *clp = dp->dl_stid.sc_client; 1000 1001 lockdep_assert_held(&state_lock); 1002 lockdep_assert_held(&fp->fi_lock); 1003 1004 if (nfs4_delegation_exists(clp, fp)) 1005 return -EAGAIN; 1006 refcount_inc(&dp->dl_stid.sc_count); 1007 dp->dl_stid.sc_type = NFS4_DELEG_STID; 1008 list_add(&dp->dl_perfile, &fp->fi_delegations); 1009 list_add(&dp->dl_perclnt, &clp->cl_delegations); 1010 return 0; 1011 } 1012 1013 static bool 1014 unhash_delegation_locked(struct nfs4_delegation *dp) 1015 { 1016 struct nfs4_file *fp = dp->dl_stid.sc_file; 1017 1018 lockdep_assert_held(&state_lock); 1019 1020 if (list_empty(&dp->dl_perfile)) 1021 return false; 1022 1023 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 1024 /* Ensure that deleg break won't try to requeue it */ 1025 ++dp->dl_time; 1026 spin_lock(&fp->fi_lock); 1027 list_del_init(&dp->dl_perclnt); 1028 list_del_init(&dp->dl_recall_lru); 1029 list_del_init(&dp->dl_perfile); 1030 spin_unlock(&fp->fi_lock); 1031 return true; 1032 } 1033 1034 static void destroy_delegation(struct nfs4_delegation *dp) 1035 { 1036 bool unhashed; 1037 1038 spin_lock(&state_lock); 1039 unhashed = unhash_delegation_locked(dp); 1040 spin_unlock(&state_lock); 1041 if (unhashed) 1042 destroy_unhashed_deleg(dp); 1043 } 1044 1045 static void revoke_delegation(struct nfs4_delegation *dp) 1046 { 1047 struct nfs4_client *clp = dp->dl_stid.sc_client; 1048 1049 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1050 1051 if (clp->cl_minorversion) { 1052 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 1053 refcount_inc(&dp->dl_stid.sc_count); 1054 spin_lock(&clp->cl_lock); 1055 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1056 spin_unlock(&clp->cl_lock); 1057 } 1058 destroy_unhashed_deleg(dp); 1059 } 1060 1061 /* 1062 * SETCLIENTID state 1063 */ 1064 1065 static unsigned int clientid_hashval(u32 id) 1066 { 1067 return id & CLIENT_HASH_MASK; 1068 } 1069 1070 static unsigned int clientstr_hashval(const char *name) 1071 { 1072 return opaque_hashval(name, 8) & CLIENT_HASH_MASK; 1073 } 1074 1075 /* 1076 * We store the NONE, READ, WRITE, and BOTH bits separately in the 1077 * st_{access,deny}_bmap field of the stateid, in order to track not 1078 * only what share bits are currently in force, but also what 1079 * combinations of share bits previous opens have used. This allows us 1080 * to enforce the recommendation of rfc 3530 14.2.19 that the server 1081 * return an error if the client attempt to downgrade to a combination 1082 * of share bits not explicable by closing some of its previous opens. 1083 * 1084 * XXX: This enforcement is actually incomplete, since we don't keep 1085 * track of access/deny bit combinations; so, e.g., we allow: 1086 * 1087 * OPEN allow read, deny write 1088 * OPEN allow both, deny none 1089 * DOWNGRADE allow read, deny none 1090 * 1091 * which we should reject. 1092 */ 1093 static unsigned int 1094 bmap_to_share_mode(unsigned long bmap) { 1095 int i; 1096 unsigned int access = 0; 1097 1098 for (i = 1; i < 4; i++) { 1099 if (test_bit(i, &bmap)) 1100 access |= i; 1101 } 1102 return access; 1103 } 1104 1105 /* set share access for a given stateid */ 1106 static inline void 1107 set_access(u32 access, struct nfs4_ol_stateid *stp) 1108 { 1109 unsigned char mask = 1 << access; 1110 1111 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1112 stp->st_access_bmap |= mask; 1113 } 1114 1115 /* clear share access for a given stateid */ 1116 static inline void 1117 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1118 { 1119 unsigned char mask = 1 << access; 1120 1121 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1122 stp->st_access_bmap &= ~mask; 1123 } 1124 1125 /* test whether a given stateid has access */ 1126 static inline bool 1127 test_access(u32 access, struct nfs4_ol_stateid *stp) 1128 { 1129 unsigned char mask = 1 << access; 1130 1131 return (bool)(stp->st_access_bmap & mask); 1132 } 1133 1134 /* set share deny for a given stateid */ 1135 static inline void 1136 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1137 { 1138 unsigned char mask = 1 << deny; 1139 1140 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1141 stp->st_deny_bmap |= mask; 1142 } 1143 1144 /* clear share deny for a given stateid */ 1145 static inline void 1146 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1147 { 1148 unsigned char mask = 1 << deny; 1149 1150 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1151 stp->st_deny_bmap &= ~mask; 1152 } 1153 1154 /* test whether a given stateid is denying specific access */ 1155 static inline bool 1156 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1157 { 1158 unsigned char mask = 1 << deny; 1159 1160 return (bool)(stp->st_deny_bmap & mask); 1161 } 1162 1163 static int nfs4_access_to_omode(u32 access) 1164 { 1165 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1166 case NFS4_SHARE_ACCESS_READ: 1167 return O_RDONLY; 1168 case NFS4_SHARE_ACCESS_WRITE: 1169 return O_WRONLY; 1170 case NFS4_SHARE_ACCESS_BOTH: 1171 return O_RDWR; 1172 } 1173 WARN_ON_ONCE(1); 1174 return O_RDONLY; 1175 } 1176 1177 /* 1178 * A stateid that had a deny mode associated with it is being released 1179 * or downgraded. Recalculate the deny mode on the file. 1180 */ 1181 static void 1182 recalculate_deny_mode(struct nfs4_file *fp) 1183 { 1184 struct nfs4_ol_stateid *stp; 1185 1186 spin_lock(&fp->fi_lock); 1187 fp->fi_share_deny = 0; 1188 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1189 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1190 spin_unlock(&fp->fi_lock); 1191 } 1192 1193 static void 1194 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1195 { 1196 int i; 1197 bool change = false; 1198 1199 for (i = 1; i < 4; i++) { 1200 if ((i & deny) != i) { 1201 change = true; 1202 clear_deny(i, stp); 1203 } 1204 } 1205 1206 /* Recalculate per-file deny mode if there was a change */ 1207 if (change) 1208 recalculate_deny_mode(stp->st_stid.sc_file); 1209 } 1210 1211 /* release all access and file references for a given stateid */ 1212 static void 1213 release_all_access(struct nfs4_ol_stateid *stp) 1214 { 1215 int i; 1216 struct nfs4_file *fp = stp->st_stid.sc_file; 1217 1218 if (fp && stp->st_deny_bmap != 0) 1219 recalculate_deny_mode(fp); 1220 1221 for (i = 1; i < 4; i++) { 1222 if (test_access(i, stp)) 1223 nfs4_file_put_access(stp->st_stid.sc_file, i); 1224 clear_access(i, stp); 1225 } 1226 } 1227 1228 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1229 { 1230 kfree(sop->so_owner.data); 1231 sop->so_ops->so_free(sop); 1232 } 1233 1234 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1235 { 1236 struct nfs4_client *clp = sop->so_client; 1237 1238 might_lock(&clp->cl_lock); 1239 1240 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1241 return; 1242 sop->so_ops->so_unhash(sop); 1243 spin_unlock(&clp->cl_lock); 1244 nfs4_free_stateowner(sop); 1245 } 1246 1247 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1248 { 1249 struct nfs4_file *fp = stp->st_stid.sc_file; 1250 1251 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1252 1253 if (list_empty(&stp->st_perfile)) 1254 return false; 1255 1256 spin_lock(&fp->fi_lock); 1257 list_del_init(&stp->st_perfile); 1258 spin_unlock(&fp->fi_lock); 1259 list_del(&stp->st_perstateowner); 1260 return true; 1261 } 1262 1263 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1264 { 1265 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1266 1267 put_clnt_odstate(stp->st_clnt_odstate); 1268 release_all_access(stp); 1269 if (stp->st_stateowner) 1270 nfs4_put_stateowner(stp->st_stateowner); 1271 kmem_cache_free(stateid_slab, stid); 1272 } 1273 1274 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1275 { 1276 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1277 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1278 struct file *file; 1279 1280 file = find_any_file(stp->st_stid.sc_file); 1281 if (file) 1282 filp_close(file, (fl_owner_t)lo); 1283 nfs4_free_ol_stateid(stid); 1284 } 1285 1286 /* 1287 * Put the persistent reference to an already unhashed generic stateid, while 1288 * holding the cl_lock. If it's the last reference, then put it onto the 1289 * reaplist for later destruction. 1290 */ 1291 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1292 struct list_head *reaplist) 1293 { 1294 struct nfs4_stid *s = &stp->st_stid; 1295 struct nfs4_client *clp = s->sc_client; 1296 1297 lockdep_assert_held(&clp->cl_lock); 1298 1299 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1300 1301 if (!refcount_dec_and_test(&s->sc_count)) { 1302 wake_up_all(&close_wq); 1303 return; 1304 } 1305 1306 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1307 list_add(&stp->st_locks, reaplist); 1308 } 1309 1310 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1311 { 1312 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1313 1314 list_del_init(&stp->st_locks); 1315 nfs4_unhash_stid(&stp->st_stid); 1316 return unhash_ol_stateid(stp); 1317 } 1318 1319 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1320 { 1321 struct nfs4_client *clp = stp->st_stid.sc_client; 1322 bool unhashed; 1323 1324 spin_lock(&clp->cl_lock); 1325 unhashed = unhash_lock_stateid(stp); 1326 spin_unlock(&clp->cl_lock); 1327 if (unhashed) 1328 nfs4_put_stid(&stp->st_stid); 1329 } 1330 1331 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1332 { 1333 struct nfs4_client *clp = lo->lo_owner.so_client; 1334 1335 lockdep_assert_held(&clp->cl_lock); 1336 1337 list_del_init(&lo->lo_owner.so_strhash); 1338 } 1339 1340 /* 1341 * Free a list of generic stateids that were collected earlier after being 1342 * fully unhashed. 1343 */ 1344 static void 1345 free_ol_stateid_reaplist(struct list_head *reaplist) 1346 { 1347 struct nfs4_ol_stateid *stp; 1348 struct nfs4_file *fp; 1349 1350 might_sleep(); 1351 1352 while (!list_empty(reaplist)) { 1353 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1354 st_locks); 1355 list_del(&stp->st_locks); 1356 fp = stp->st_stid.sc_file; 1357 stp->st_stid.sc_free(&stp->st_stid); 1358 if (fp) 1359 put_nfs4_file(fp); 1360 } 1361 } 1362 1363 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1364 struct list_head *reaplist) 1365 { 1366 struct nfs4_ol_stateid *stp; 1367 1368 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1369 1370 while (!list_empty(&open_stp->st_locks)) { 1371 stp = list_entry(open_stp->st_locks.next, 1372 struct nfs4_ol_stateid, st_locks); 1373 WARN_ON(!unhash_lock_stateid(stp)); 1374 put_ol_stateid_locked(stp, reaplist); 1375 } 1376 } 1377 1378 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1379 struct list_head *reaplist) 1380 { 1381 bool unhashed; 1382 1383 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1384 1385 unhashed = unhash_ol_stateid(stp); 1386 release_open_stateid_locks(stp, reaplist); 1387 return unhashed; 1388 } 1389 1390 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1391 { 1392 LIST_HEAD(reaplist); 1393 1394 spin_lock(&stp->st_stid.sc_client->cl_lock); 1395 if (unhash_open_stateid(stp, &reaplist)) 1396 put_ol_stateid_locked(stp, &reaplist); 1397 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1398 free_ol_stateid_reaplist(&reaplist); 1399 } 1400 1401 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1402 { 1403 struct nfs4_client *clp = oo->oo_owner.so_client; 1404 1405 lockdep_assert_held(&clp->cl_lock); 1406 1407 list_del_init(&oo->oo_owner.so_strhash); 1408 list_del_init(&oo->oo_perclient); 1409 } 1410 1411 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1412 { 1413 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1414 nfsd_net_id); 1415 struct nfs4_ol_stateid *s; 1416 1417 spin_lock(&nn->client_lock); 1418 s = oo->oo_last_closed_stid; 1419 if (s) { 1420 list_del_init(&oo->oo_close_lru); 1421 oo->oo_last_closed_stid = NULL; 1422 } 1423 spin_unlock(&nn->client_lock); 1424 if (s) 1425 nfs4_put_stid(&s->st_stid); 1426 } 1427 1428 static void release_openowner(struct nfs4_openowner *oo) 1429 { 1430 struct nfs4_ol_stateid *stp; 1431 struct nfs4_client *clp = oo->oo_owner.so_client; 1432 struct list_head reaplist; 1433 1434 INIT_LIST_HEAD(&reaplist); 1435 1436 spin_lock(&clp->cl_lock); 1437 unhash_openowner_locked(oo); 1438 while (!list_empty(&oo->oo_owner.so_stateids)) { 1439 stp = list_first_entry(&oo->oo_owner.so_stateids, 1440 struct nfs4_ol_stateid, st_perstateowner); 1441 if (unhash_open_stateid(stp, &reaplist)) 1442 put_ol_stateid_locked(stp, &reaplist); 1443 } 1444 spin_unlock(&clp->cl_lock); 1445 free_ol_stateid_reaplist(&reaplist); 1446 release_last_closed_stateid(oo); 1447 nfs4_put_stateowner(&oo->oo_owner); 1448 } 1449 1450 static inline int 1451 hash_sessionid(struct nfs4_sessionid *sessionid) 1452 { 1453 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1454 1455 return sid->sequence % SESSION_HASH_SIZE; 1456 } 1457 1458 #ifdef CONFIG_SUNRPC_DEBUG 1459 static inline void 1460 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1461 { 1462 u32 *ptr = (u32 *)(&sessionid->data[0]); 1463 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1464 } 1465 #else 1466 static inline void 1467 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1468 { 1469 } 1470 #endif 1471 1472 /* 1473 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1474 * won't be used for replay. 1475 */ 1476 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1477 { 1478 struct nfs4_stateowner *so = cstate->replay_owner; 1479 1480 if (nfserr == nfserr_replay_me) 1481 return; 1482 1483 if (!seqid_mutating_err(ntohl(nfserr))) { 1484 nfsd4_cstate_clear_replay(cstate); 1485 return; 1486 } 1487 if (!so) 1488 return; 1489 if (so->so_is_open_owner) 1490 release_last_closed_stateid(openowner(so)); 1491 so->so_seqid++; 1492 return; 1493 } 1494 1495 static void 1496 gen_sessionid(struct nfsd4_session *ses) 1497 { 1498 struct nfs4_client *clp = ses->se_client; 1499 struct nfsd4_sessionid *sid; 1500 1501 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1502 sid->clientid = clp->cl_clientid; 1503 sid->sequence = current_sessionid++; 1504 sid->reserved = 0; 1505 } 1506 1507 /* 1508 * The protocol defines ca_maxresponssize_cached to include the size of 1509 * the rpc header, but all we need to cache is the data starting after 1510 * the end of the initial SEQUENCE operation--the rest we regenerate 1511 * each time. Therefore we can advertise a ca_maxresponssize_cached 1512 * value that is the number of bytes in our cache plus a few additional 1513 * bytes. In order to stay on the safe side, and not promise more than 1514 * we can cache, those additional bytes must be the minimum possible: 24 1515 * bytes of rpc header (xid through accept state, with AUTH_NULL 1516 * verifier), 12 for the compound header (with zero-length tag), and 44 1517 * for the SEQUENCE op response: 1518 */ 1519 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1520 1521 static void 1522 free_session_slots(struct nfsd4_session *ses) 1523 { 1524 int i; 1525 1526 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1527 free_svc_cred(&ses->se_slots[i]->sl_cred); 1528 kfree(ses->se_slots[i]); 1529 } 1530 } 1531 1532 /* 1533 * We don't actually need to cache the rpc and session headers, so we 1534 * can allocate a little less for each slot: 1535 */ 1536 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1537 { 1538 u32 size; 1539 1540 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1541 size = 0; 1542 else 1543 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1544 return size + sizeof(struct nfsd4_slot); 1545 } 1546 1547 /* 1548 * XXX: If we run out of reserved DRC memory we could (up to a point) 1549 * re-negotiate active sessions and reduce their slot usage to make 1550 * room for new connections. For now we just fail the create session. 1551 */ 1552 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca) 1553 { 1554 u32 slotsize = slot_bytes(ca); 1555 u32 num = ca->maxreqs; 1556 unsigned long avail, total_avail; 1557 1558 spin_lock(&nfsd_drc_lock); 1559 total_avail = nfsd_drc_max_mem - nfsd_drc_mem_used; 1560 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, total_avail); 1561 /* 1562 * Never use more than a third of the remaining memory, 1563 * unless it's the only way to give this client a slot: 1564 */ 1565 avail = clamp_t(int, avail, slotsize, total_avail/3); 1566 num = min_t(int, num, avail / slotsize); 1567 nfsd_drc_mem_used += num * slotsize; 1568 spin_unlock(&nfsd_drc_lock); 1569 1570 return num; 1571 } 1572 1573 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1574 { 1575 int slotsize = slot_bytes(ca); 1576 1577 spin_lock(&nfsd_drc_lock); 1578 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1579 spin_unlock(&nfsd_drc_lock); 1580 } 1581 1582 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1583 struct nfsd4_channel_attrs *battrs) 1584 { 1585 int numslots = fattrs->maxreqs; 1586 int slotsize = slot_bytes(fattrs); 1587 struct nfsd4_session *new; 1588 int mem, i; 1589 1590 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1591 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1592 mem = numslots * sizeof(struct nfsd4_slot *); 1593 1594 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1595 if (!new) 1596 return NULL; 1597 /* allocate each struct nfsd4_slot and data cache in one piece */ 1598 for (i = 0; i < numslots; i++) { 1599 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1600 if (!new->se_slots[i]) 1601 goto out_free; 1602 } 1603 1604 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1605 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1606 1607 return new; 1608 out_free: 1609 while (i--) 1610 kfree(new->se_slots[i]); 1611 kfree(new); 1612 return NULL; 1613 } 1614 1615 static void free_conn(struct nfsd4_conn *c) 1616 { 1617 svc_xprt_put(c->cn_xprt); 1618 kfree(c); 1619 } 1620 1621 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1622 { 1623 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1624 struct nfs4_client *clp = c->cn_session->se_client; 1625 1626 spin_lock(&clp->cl_lock); 1627 if (!list_empty(&c->cn_persession)) { 1628 list_del(&c->cn_persession); 1629 free_conn(c); 1630 } 1631 nfsd4_probe_callback(clp); 1632 spin_unlock(&clp->cl_lock); 1633 } 1634 1635 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1636 { 1637 struct nfsd4_conn *conn; 1638 1639 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1640 if (!conn) 1641 return NULL; 1642 svc_xprt_get(rqstp->rq_xprt); 1643 conn->cn_xprt = rqstp->rq_xprt; 1644 conn->cn_flags = flags; 1645 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1646 return conn; 1647 } 1648 1649 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1650 { 1651 conn->cn_session = ses; 1652 list_add(&conn->cn_persession, &ses->se_conns); 1653 } 1654 1655 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1656 { 1657 struct nfs4_client *clp = ses->se_client; 1658 1659 spin_lock(&clp->cl_lock); 1660 __nfsd4_hash_conn(conn, ses); 1661 spin_unlock(&clp->cl_lock); 1662 } 1663 1664 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1665 { 1666 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1667 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1668 } 1669 1670 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1671 { 1672 int ret; 1673 1674 nfsd4_hash_conn(conn, ses); 1675 ret = nfsd4_register_conn(conn); 1676 if (ret) 1677 /* oops; xprt is already down: */ 1678 nfsd4_conn_lost(&conn->cn_xpt_user); 1679 /* We may have gained or lost a callback channel: */ 1680 nfsd4_probe_callback_sync(ses->se_client); 1681 } 1682 1683 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1684 { 1685 u32 dir = NFS4_CDFC4_FORE; 1686 1687 if (cses->flags & SESSION4_BACK_CHAN) 1688 dir |= NFS4_CDFC4_BACK; 1689 return alloc_conn(rqstp, dir); 1690 } 1691 1692 /* must be called under client_lock */ 1693 static void nfsd4_del_conns(struct nfsd4_session *s) 1694 { 1695 struct nfs4_client *clp = s->se_client; 1696 struct nfsd4_conn *c; 1697 1698 spin_lock(&clp->cl_lock); 1699 while (!list_empty(&s->se_conns)) { 1700 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1701 list_del_init(&c->cn_persession); 1702 spin_unlock(&clp->cl_lock); 1703 1704 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1705 free_conn(c); 1706 1707 spin_lock(&clp->cl_lock); 1708 } 1709 spin_unlock(&clp->cl_lock); 1710 } 1711 1712 static void __free_session(struct nfsd4_session *ses) 1713 { 1714 free_session_slots(ses); 1715 kfree(ses); 1716 } 1717 1718 static void free_session(struct nfsd4_session *ses) 1719 { 1720 nfsd4_del_conns(ses); 1721 nfsd4_put_drc_mem(&ses->se_fchannel); 1722 __free_session(ses); 1723 } 1724 1725 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1726 { 1727 int idx; 1728 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1729 1730 new->se_client = clp; 1731 gen_sessionid(new); 1732 1733 INIT_LIST_HEAD(&new->se_conns); 1734 1735 new->se_cb_seq_nr = 1; 1736 new->se_flags = cses->flags; 1737 new->se_cb_prog = cses->callback_prog; 1738 new->se_cb_sec = cses->cb_sec; 1739 atomic_set(&new->se_ref, 0); 1740 idx = hash_sessionid(&new->se_sessionid); 1741 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1742 spin_lock(&clp->cl_lock); 1743 list_add(&new->se_perclnt, &clp->cl_sessions); 1744 spin_unlock(&clp->cl_lock); 1745 1746 { 1747 struct sockaddr *sa = svc_addr(rqstp); 1748 /* 1749 * This is a little silly; with sessions there's no real 1750 * use for the callback address. Use the peer address 1751 * as a reasonable default for now, but consider fixing 1752 * the rpc client not to require an address in the 1753 * future: 1754 */ 1755 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1756 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1757 } 1758 } 1759 1760 /* caller must hold client_lock */ 1761 static struct nfsd4_session * 1762 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1763 { 1764 struct nfsd4_session *elem; 1765 int idx; 1766 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1767 1768 lockdep_assert_held(&nn->client_lock); 1769 1770 dump_sessionid(__func__, sessionid); 1771 idx = hash_sessionid(sessionid); 1772 /* Search in the appropriate list */ 1773 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1774 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1775 NFS4_MAX_SESSIONID_LEN)) { 1776 return elem; 1777 } 1778 } 1779 1780 dprintk("%s: session not found\n", __func__); 1781 return NULL; 1782 } 1783 1784 static struct nfsd4_session * 1785 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1786 __be32 *ret) 1787 { 1788 struct nfsd4_session *session; 1789 __be32 status = nfserr_badsession; 1790 1791 session = __find_in_sessionid_hashtbl(sessionid, net); 1792 if (!session) 1793 goto out; 1794 status = nfsd4_get_session_locked(session); 1795 if (status) 1796 session = NULL; 1797 out: 1798 *ret = status; 1799 return session; 1800 } 1801 1802 /* caller must hold client_lock */ 1803 static void 1804 unhash_session(struct nfsd4_session *ses) 1805 { 1806 struct nfs4_client *clp = ses->se_client; 1807 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1808 1809 lockdep_assert_held(&nn->client_lock); 1810 1811 list_del(&ses->se_hash); 1812 spin_lock(&ses->se_client->cl_lock); 1813 list_del(&ses->se_perclnt); 1814 spin_unlock(&ses->se_client->cl_lock); 1815 } 1816 1817 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1818 static int 1819 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1820 { 1821 /* 1822 * We're assuming the clid was not given out from a boot 1823 * precisely 2^32 (about 136 years) before this one. That seems 1824 * a safe assumption: 1825 */ 1826 if (clid->cl_boot == (u32)nn->boot_time) 1827 return 0; 1828 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n", 1829 clid->cl_boot, clid->cl_id, nn->boot_time); 1830 return 1; 1831 } 1832 1833 /* 1834 * XXX Should we use a slab cache ? 1835 * This type of memory management is somewhat inefficient, but we use it 1836 * anyway since SETCLIENTID is not a common operation. 1837 */ 1838 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1839 { 1840 struct nfs4_client *clp; 1841 int i; 1842 1843 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 1844 if (clp == NULL) 1845 return NULL; 1846 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1847 if (clp->cl_name.data == NULL) 1848 goto err_no_name; 1849 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE, 1850 sizeof(struct list_head), 1851 GFP_KERNEL); 1852 if (!clp->cl_ownerstr_hashtbl) 1853 goto err_no_hashtbl; 1854 for (i = 0; i < OWNER_HASH_SIZE; i++) 1855 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1856 clp->cl_name.len = name.len; 1857 INIT_LIST_HEAD(&clp->cl_sessions); 1858 idr_init(&clp->cl_stateids); 1859 atomic_set(&clp->cl_refcount, 0); 1860 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1861 INIT_LIST_HEAD(&clp->cl_idhash); 1862 INIT_LIST_HEAD(&clp->cl_openowners); 1863 INIT_LIST_HEAD(&clp->cl_delegations); 1864 INIT_LIST_HEAD(&clp->cl_lru); 1865 INIT_LIST_HEAD(&clp->cl_revoked); 1866 #ifdef CONFIG_NFSD_PNFS 1867 INIT_LIST_HEAD(&clp->cl_lo_states); 1868 #endif 1869 INIT_LIST_HEAD(&clp->async_copies); 1870 spin_lock_init(&clp->async_lock); 1871 spin_lock_init(&clp->cl_lock); 1872 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1873 return clp; 1874 err_no_hashtbl: 1875 kfree(clp->cl_name.data); 1876 err_no_name: 1877 kmem_cache_free(client_slab, clp); 1878 return NULL; 1879 } 1880 1881 static void 1882 free_client(struct nfs4_client *clp) 1883 { 1884 while (!list_empty(&clp->cl_sessions)) { 1885 struct nfsd4_session *ses; 1886 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1887 se_perclnt); 1888 list_del(&ses->se_perclnt); 1889 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 1890 free_session(ses); 1891 } 1892 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1893 free_svc_cred(&clp->cl_cred); 1894 kfree(clp->cl_ownerstr_hashtbl); 1895 kfree(clp->cl_name.data); 1896 idr_destroy(&clp->cl_stateids); 1897 kmem_cache_free(client_slab, clp); 1898 } 1899 1900 /* must be called under the client_lock */ 1901 static void 1902 unhash_client_locked(struct nfs4_client *clp) 1903 { 1904 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1905 struct nfsd4_session *ses; 1906 1907 lockdep_assert_held(&nn->client_lock); 1908 1909 /* Mark the client as expired! */ 1910 clp->cl_time = 0; 1911 /* Make it invisible */ 1912 if (!list_empty(&clp->cl_idhash)) { 1913 list_del_init(&clp->cl_idhash); 1914 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1915 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1916 else 1917 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1918 } 1919 list_del_init(&clp->cl_lru); 1920 spin_lock(&clp->cl_lock); 1921 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1922 list_del_init(&ses->se_hash); 1923 spin_unlock(&clp->cl_lock); 1924 } 1925 1926 static void 1927 unhash_client(struct nfs4_client *clp) 1928 { 1929 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1930 1931 spin_lock(&nn->client_lock); 1932 unhash_client_locked(clp); 1933 spin_unlock(&nn->client_lock); 1934 } 1935 1936 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 1937 { 1938 if (atomic_read(&clp->cl_refcount)) 1939 return nfserr_jukebox; 1940 unhash_client_locked(clp); 1941 return nfs_ok; 1942 } 1943 1944 static void 1945 __destroy_client(struct nfs4_client *clp) 1946 { 1947 int i; 1948 struct nfs4_openowner *oo; 1949 struct nfs4_delegation *dp; 1950 struct list_head reaplist; 1951 1952 INIT_LIST_HEAD(&reaplist); 1953 spin_lock(&state_lock); 1954 while (!list_empty(&clp->cl_delegations)) { 1955 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1956 WARN_ON(!unhash_delegation_locked(dp)); 1957 list_add(&dp->dl_recall_lru, &reaplist); 1958 } 1959 spin_unlock(&state_lock); 1960 while (!list_empty(&reaplist)) { 1961 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1962 list_del_init(&dp->dl_recall_lru); 1963 destroy_unhashed_deleg(dp); 1964 } 1965 while (!list_empty(&clp->cl_revoked)) { 1966 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 1967 list_del_init(&dp->dl_recall_lru); 1968 nfs4_put_stid(&dp->dl_stid); 1969 } 1970 while (!list_empty(&clp->cl_openowners)) { 1971 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1972 nfs4_get_stateowner(&oo->oo_owner); 1973 release_openowner(oo); 1974 } 1975 for (i = 0; i < OWNER_HASH_SIZE; i++) { 1976 struct nfs4_stateowner *so, *tmp; 1977 1978 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 1979 so_strhash) { 1980 /* Should be no openowners at this point */ 1981 WARN_ON_ONCE(so->so_is_open_owner); 1982 remove_blocked_locks(lockowner(so)); 1983 } 1984 } 1985 nfsd4_return_all_client_layouts(clp); 1986 nfsd4_shutdown_copy(clp); 1987 nfsd4_shutdown_callback(clp); 1988 if (clp->cl_cb_conn.cb_xprt) 1989 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1990 free_client(clp); 1991 } 1992 1993 static void 1994 destroy_client(struct nfs4_client *clp) 1995 { 1996 unhash_client(clp); 1997 __destroy_client(clp); 1998 } 1999 2000 static void expire_client(struct nfs4_client *clp) 2001 { 2002 unhash_client(clp); 2003 nfsd4_client_record_remove(clp); 2004 __destroy_client(clp); 2005 } 2006 2007 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 2008 { 2009 memcpy(target->cl_verifier.data, source->data, 2010 sizeof(target->cl_verifier.data)); 2011 } 2012 2013 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 2014 { 2015 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 2016 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 2017 } 2018 2019 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 2020 { 2021 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 2022 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 2023 GFP_KERNEL); 2024 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL); 2025 if ((source->cr_principal && !target->cr_principal) || 2026 (source->cr_raw_principal && !target->cr_raw_principal) || 2027 (source->cr_targ_princ && !target->cr_targ_princ)) 2028 return -ENOMEM; 2029 2030 target->cr_flavor = source->cr_flavor; 2031 target->cr_uid = source->cr_uid; 2032 target->cr_gid = source->cr_gid; 2033 target->cr_group_info = source->cr_group_info; 2034 get_group_info(target->cr_group_info); 2035 target->cr_gss_mech = source->cr_gss_mech; 2036 if (source->cr_gss_mech) 2037 gss_mech_get(source->cr_gss_mech); 2038 return 0; 2039 } 2040 2041 static int 2042 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 2043 { 2044 if (o1->len < o2->len) 2045 return -1; 2046 if (o1->len > o2->len) 2047 return 1; 2048 return memcmp(o1->data, o2->data, o1->len); 2049 } 2050 2051 static int same_name(const char *n1, const char *n2) 2052 { 2053 return 0 == memcmp(n1, n2, HEXDIR_LEN); 2054 } 2055 2056 static int 2057 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2058 { 2059 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2060 } 2061 2062 static int 2063 same_clid(clientid_t *cl1, clientid_t *cl2) 2064 { 2065 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2066 } 2067 2068 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2069 { 2070 int i; 2071 2072 if (g1->ngroups != g2->ngroups) 2073 return false; 2074 for (i=0; i<g1->ngroups; i++) 2075 if (!gid_eq(g1->gid[i], g2->gid[i])) 2076 return false; 2077 return true; 2078 } 2079 2080 /* 2081 * RFC 3530 language requires clid_inuse be returned when the 2082 * "principal" associated with a requests differs from that previously 2083 * used. We use uid, gid's, and gss principal string as our best 2084 * approximation. We also don't want to allow non-gss use of a client 2085 * established using gss: in theory cr_principal should catch that 2086 * change, but in practice cr_principal can be null even in the gss case 2087 * since gssd doesn't always pass down a principal string. 2088 */ 2089 static bool is_gss_cred(struct svc_cred *cr) 2090 { 2091 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2092 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2093 } 2094 2095 2096 static bool 2097 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2098 { 2099 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2100 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2101 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2102 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2103 return false; 2104 /* XXX: check that cr_targ_princ fields match ? */ 2105 if (cr1->cr_principal == cr2->cr_principal) 2106 return true; 2107 if (!cr1->cr_principal || !cr2->cr_principal) 2108 return false; 2109 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2110 } 2111 2112 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2113 { 2114 struct svc_cred *cr = &rqstp->rq_cred; 2115 u32 service; 2116 2117 if (!cr->cr_gss_mech) 2118 return false; 2119 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2120 return service == RPC_GSS_SVC_INTEGRITY || 2121 service == RPC_GSS_SVC_PRIVACY; 2122 } 2123 2124 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2125 { 2126 struct svc_cred *cr = &rqstp->rq_cred; 2127 2128 if (!cl->cl_mach_cred) 2129 return true; 2130 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2131 return false; 2132 if (!svc_rqst_integrity_protected(rqstp)) 2133 return false; 2134 if (cl->cl_cred.cr_raw_principal) 2135 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2136 cr->cr_raw_principal); 2137 if (!cr->cr_principal) 2138 return false; 2139 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2140 } 2141 2142 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2143 { 2144 __be32 verf[2]; 2145 2146 /* 2147 * This is opaque to client, so no need to byte-swap. Use 2148 * __force to keep sparse happy 2149 */ 2150 verf[0] = (__force __be32)get_seconds(); 2151 verf[1] = (__force __be32)nn->clverifier_counter++; 2152 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2153 } 2154 2155 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2156 { 2157 clp->cl_clientid.cl_boot = nn->boot_time; 2158 clp->cl_clientid.cl_id = nn->clientid_counter++; 2159 gen_confirm(clp, nn); 2160 } 2161 2162 static struct nfs4_stid * 2163 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2164 { 2165 struct nfs4_stid *ret; 2166 2167 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2168 if (!ret || !ret->sc_type) 2169 return NULL; 2170 return ret; 2171 } 2172 2173 static struct nfs4_stid * 2174 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2175 { 2176 struct nfs4_stid *s; 2177 2178 spin_lock(&cl->cl_lock); 2179 s = find_stateid_locked(cl, t); 2180 if (s != NULL) { 2181 if (typemask & s->sc_type) 2182 refcount_inc(&s->sc_count); 2183 else 2184 s = NULL; 2185 } 2186 spin_unlock(&cl->cl_lock); 2187 return s; 2188 } 2189 2190 static struct nfs4_client *create_client(struct xdr_netobj name, 2191 struct svc_rqst *rqstp, nfs4_verifier *verf) 2192 { 2193 struct nfs4_client *clp; 2194 struct sockaddr *sa = svc_addr(rqstp); 2195 int ret; 2196 struct net *net = SVC_NET(rqstp); 2197 2198 clp = alloc_client(name); 2199 if (clp == NULL) 2200 return NULL; 2201 2202 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2203 if (ret) { 2204 free_client(clp); 2205 return NULL; 2206 } 2207 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2208 clp->cl_time = get_seconds(); 2209 clear_bit(0, &clp->cl_cb_slot_busy); 2210 copy_verf(clp, verf); 2211 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 2212 clp->cl_cb_session = NULL; 2213 clp->net = net; 2214 return clp; 2215 } 2216 2217 static void 2218 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2219 { 2220 struct rb_node **new = &(root->rb_node), *parent = NULL; 2221 struct nfs4_client *clp; 2222 2223 while (*new) { 2224 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2225 parent = *new; 2226 2227 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2228 new = &((*new)->rb_left); 2229 else 2230 new = &((*new)->rb_right); 2231 } 2232 2233 rb_link_node(&new_clp->cl_namenode, parent, new); 2234 rb_insert_color(&new_clp->cl_namenode, root); 2235 } 2236 2237 static struct nfs4_client * 2238 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2239 { 2240 int cmp; 2241 struct rb_node *node = root->rb_node; 2242 struct nfs4_client *clp; 2243 2244 while (node) { 2245 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2246 cmp = compare_blob(&clp->cl_name, name); 2247 if (cmp > 0) 2248 node = node->rb_left; 2249 else if (cmp < 0) 2250 node = node->rb_right; 2251 else 2252 return clp; 2253 } 2254 return NULL; 2255 } 2256 2257 static void 2258 add_to_unconfirmed(struct nfs4_client *clp) 2259 { 2260 unsigned int idhashval; 2261 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2262 2263 lockdep_assert_held(&nn->client_lock); 2264 2265 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2266 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2267 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2268 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2269 renew_client_locked(clp); 2270 } 2271 2272 static void 2273 move_to_confirmed(struct nfs4_client *clp) 2274 { 2275 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2276 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2277 2278 lockdep_assert_held(&nn->client_lock); 2279 2280 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2281 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2282 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2283 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2284 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2285 renew_client_locked(clp); 2286 } 2287 2288 static struct nfs4_client * 2289 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2290 { 2291 struct nfs4_client *clp; 2292 unsigned int idhashval = clientid_hashval(clid->cl_id); 2293 2294 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2295 if (same_clid(&clp->cl_clientid, clid)) { 2296 if ((bool)clp->cl_minorversion != sessions) 2297 return NULL; 2298 renew_client_locked(clp); 2299 return clp; 2300 } 2301 } 2302 return NULL; 2303 } 2304 2305 static struct nfs4_client * 2306 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2307 { 2308 struct list_head *tbl = nn->conf_id_hashtbl; 2309 2310 lockdep_assert_held(&nn->client_lock); 2311 return find_client_in_id_table(tbl, clid, sessions); 2312 } 2313 2314 static struct nfs4_client * 2315 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2316 { 2317 struct list_head *tbl = nn->unconf_id_hashtbl; 2318 2319 lockdep_assert_held(&nn->client_lock); 2320 return find_client_in_id_table(tbl, clid, sessions); 2321 } 2322 2323 static bool clp_used_exchangeid(struct nfs4_client *clp) 2324 { 2325 return clp->cl_exchange_flags != 0; 2326 } 2327 2328 static struct nfs4_client * 2329 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2330 { 2331 lockdep_assert_held(&nn->client_lock); 2332 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2333 } 2334 2335 static struct nfs4_client * 2336 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2337 { 2338 lockdep_assert_held(&nn->client_lock); 2339 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2340 } 2341 2342 static void 2343 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2344 { 2345 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2346 struct sockaddr *sa = svc_addr(rqstp); 2347 u32 scopeid = rpc_get_scope_id(sa); 2348 unsigned short expected_family; 2349 2350 /* Currently, we only support tcp and tcp6 for the callback channel */ 2351 if (se->se_callback_netid_len == 3 && 2352 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2353 expected_family = AF_INET; 2354 else if (se->se_callback_netid_len == 4 && 2355 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2356 expected_family = AF_INET6; 2357 else 2358 goto out_err; 2359 2360 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2361 se->se_callback_addr_len, 2362 (struct sockaddr *)&conn->cb_addr, 2363 sizeof(conn->cb_addr)); 2364 2365 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2366 goto out_err; 2367 2368 if (conn->cb_addr.ss_family == AF_INET6) 2369 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2370 2371 conn->cb_prog = se->se_callback_prog; 2372 conn->cb_ident = se->se_callback_ident; 2373 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2374 return; 2375 out_err: 2376 conn->cb_addr.ss_family = AF_UNSPEC; 2377 conn->cb_addrlen = 0; 2378 dprintk("NFSD: this client (clientid %08x/%08x) " 2379 "will not receive delegations\n", 2380 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 2381 2382 return; 2383 } 2384 2385 /* 2386 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2387 */ 2388 static void 2389 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2390 { 2391 struct xdr_buf *buf = resp->xdr.buf; 2392 struct nfsd4_slot *slot = resp->cstate.slot; 2393 unsigned int base; 2394 2395 dprintk("--> %s slot %p\n", __func__, slot); 2396 2397 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2398 slot->sl_opcnt = resp->opcnt; 2399 slot->sl_status = resp->cstate.status; 2400 free_svc_cred(&slot->sl_cred); 2401 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2402 2403 if (!nfsd4_cache_this(resp)) { 2404 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2405 return; 2406 } 2407 slot->sl_flags |= NFSD4_SLOT_CACHED; 2408 2409 base = resp->cstate.data_offset; 2410 slot->sl_datalen = buf->len - base; 2411 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2412 WARN(1, "%s: sessions DRC could not cache compound\n", 2413 __func__); 2414 return; 2415 } 2416 2417 /* 2418 * Encode the replay sequence operation from the slot values. 2419 * If cachethis is FALSE encode the uncached rep error on the next 2420 * operation which sets resp->p and increments resp->opcnt for 2421 * nfs4svc_encode_compoundres. 2422 * 2423 */ 2424 static __be32 2425 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2426 struct nfsd4_compoundres *resp) 2427 { 2428 struct nfsd4_op *op; 2429 struct nfsd4_slot *slot = resp->cstate.slot; 2430 2431 /* Encode the replayed sequence operation */ 2432 op = &args->ops[resp->opcnt - 1]; 2433 nfsd4_encode_operation(resp, op); 2434 2435 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2436 return op->status; 2437 if (args->opcnt == 1) { 2438 /* 2439 * The original operation wasn't a solo sequence--we 2440 * always cache those--so this retry must not match the 2441 * original: 2442 */ 2443 op->status = nfserr_seq_false_retry; 2444 } else { 2445 op = &args->ops[resp->opcnt++]; 2446 op->status = nfserr_retry_uncached_rep; 2447 nfsd4_encode_operation(resp, op); 2448 } 2449 return op->status; 2450 } 2451 2452 /* 2453 * The sequence operation is not cached because we can use the slot and 2454 * session values. 2455 */ 2456 static __be32 2457 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2458 struct nfsd4_sequence *seq) 2459 { 2460 struct nfsd4_slot *slot = resp->cstate.slot; 2461 struct xdr_stream *xdr = &resp->xdr; 2462 __be32 *p; 2463 __be32 status; 2464 2465 dprintk("--> %s slot %p\n", __func__, slot); 2466 2467 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2468 if (status) 2469 return status; 2470 2471 p = xdr_reserve_space(xdr, slot->sl_datalen); 2472 if (!p) { 2473 WARN_ON_ONCE(1); 2474 return nfserr_serverfault; 2475 } 2476 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2477 xdr_commit_encode(xdr); 2478 2479 resp->opcnt = slot->sl_opcnt; 2480 return slot->sl_status; 2481 } 2482 2483 /* 2484 * Set the exchange_id flags returned by the server. 2485 */ 2486 static void 2487 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2488 { 2489 #ifdef CONFIG_NFSD_PNFS 2490 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2491 #else 2492 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2493 #endif 2494 2495 /* Referrals are supported, Migration is not. */ 2496 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2497 2498 /* set the wire flags to return to client. */ 2499 clid->flags = new->cl_exchange_flags; 2500 } 2501 2502 static bool client_has_openowners(struct nfs4_client *clp) 2503 { 2504 struct nfs4_openowner *oo; 2505 2506 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 2507 if (!list_empty(&oo->oo_owner.so_stateids)) 2508 return true; 2509 } 2510 return false; 2511 } 2512 2513 static bool client_has_state(struct nfs4_client *clp) 2514 { 2515 return client_has_openowners(clp) 2516 #ifdef CONFIG_NFSD_PNFS 2517 || !list_empty(&clp->cl_lo_states) 2518 #endif 2519 || !list_empty(&clp->cl_delegations) 2520 || !list_empty(&clp->cl_sessions) 2521 || !list_empty(&clp->async_copies); 2522 } 2523 2524 __be32 2525 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 2526 union nfsd4_op_u *u) 2527 { 2528 struct nfsd4_exchange_id *exid = &u->exchange_id; 2529 struct nfs4_client *conf, *new; 2530 struct nfs4_client *unconf = NULL; 2531 __be32 status; 2532 char addr_str[INET6_ADDRSTRLEN]; 2533 nfs4_verifier verf = exid->verifier; 2534 struct sockaddr *sa = svc_addr(rqstp); 2535 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 2536 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2537 2538 rpc_ntop(sa, addr_str, sizeof(addr_str)); 2539 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 2540 "ip_addr=%s flags %x, spa_how %d\n", 2541 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 2542 addr_str, exid->flags, exid->spa_how); 2543 2544 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 2545 return nfserr_inval; 2546 2547 new = create_client(exid->clname, rqstp, &verf); 2548 if (new == NULL) 2549 return nfserr_jukebox; 2550 2551 switch (exid->spa_how) { 2552 case SP4_MACH_CRED: 2553 exid->spo_must_enforce[0] = 0; 2554 exid->spo_must_enforce[1] = ( 2555 1 << (OP_BIND_CONN_TO_SESSION - 32) | 2556 1 << (OP_EXCHANGE_ID - 32) | 2557 1 << (OP_CREATE_SESSION - 32) | 2558 1 << (OP_DESTROY_SESSION - 32) | 2559 1 << (OP_DESTROY_CLIENTID - 32)); 2560 2561 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 2562 1 << (OP_OPEN_DOWNGRADE) | 2563 1 << (OP_LOCKU) | 2564 1 << (OP_DELEGRETURN)); 2565 2566 exid->spo_must_allow[1] &= ( 2567 1 << (OP_TEST_STATEID - 32) | 2568 1 << (OP_FREE_STATEID - 32)); 2569 if (!svc_rqst_integrity_protected(rqstp)) { 2570 status = nfserr_inval; 2571 goto out_nolock; 2572 } 2573 /* 2574 * Sometimes userspace doesn't give us a principal. 2575 * Which is a bug, really. Anyway, we can't enforce 2576 * MACH_CRED in that case, better to give up now: 2577 */ 2578 if (!new->cl_cred.cr_principal && 2579 !new->cl_cred.cr_raw_principal) { 2580 status = nfserr_serverfault; 2581 goto out_nolock; 2582 } 2583 new->cl_mach_cred = true; 2584 case SP4_NONE: 2585 break; 2586 default: /* checked by xdr code */ 2587 WARN_ON_ONCE(1); 2588 case SP4_SSV: 2589 status = nfserr_encr_alg_unsupp; 2590 goto out_nolock; 2591 } 2592 2593 /* Cases below refer to rfc 5661 section 18.35.4: */ 2594 spin_lock(&nn->client_lock); 2595 conf = find_confirmed_client_by_name(&exid->clname, nn); 2596 if (conf) { 2597 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 2598 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 2599 2600 if (update) { 2601 if (!clp_used_exchangeid(conf)) { /* buggy client */ 2602 status = nfserr_inval; 2603 goto out; 2604 } 2605 if (!nfsd4_mach_creds_match(conf, rqstp)) { 2606 status = nfserr_wrong_cred; 2607 goto out; 2608 } 2609 if (!creds_match) { /* case 9 */ 2610 status = nfserr_perm; 2611 goto out; 2612 } 2613 if (!verfs_match) { /* case 8 */ 2614 status = nfserr_not_same; 2615 goto out; 2616 } 2617 /* case 6 */ 2618 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 2619 goto out_copy; 2620 } 2621 if (!creds_match) { /* case 3 */ 2622 if (client_has_state(conf)) { 2623 status = nfserr_clid_inuse; 2624 goto out; 2625 } 2626 goto out_new; 2627 } 2628 if (verfs_match) { /* case 2 */ 2629 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 2630 goto out_copy; 2631 } 2632 /* case 5, client reboot */ 2633 conf = NULL; 2634 goto out_new; 2635 } 2636 2637 if (update) { /* case 7 */ 2638 status = nfserr_noent; 2639 goto out; 2640 } 2641 2642 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 2643 if (unconf) /* case 4, possible retry or client restart */ 2644 unhash_client_locked(unconf); 2645 2646 /* case 1 (normal case) */ 2647 out_new: 2648 if (conf) { 2649 status = mark_client_expired_locked(conf); 2650 if (status) 2651 goto out; 2652 } 2653 new->cl_minorversion = cstate->minorversion; 2654 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 2655 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 2656 2657 gen_clid(new, nn); 2658 add_to_unconfirmed(new); 2659 swap(new, conf); 2660 out_copy: 2661 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 2662 exid->clientid.cl_id = conf->cl_clientid.cl_id; 2663 2664 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 2665 nfsd4_set_ex_flags(conf, exid); 2666 2667 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 2668 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 2669 status = nfs_ok; 2670 2671 out: 2672 spin_unlock(&nn->client_lock); 2673 out_nolock: 2674 if (new) 2675 expire_client(new); 2676 if (unconf) 2677 expire_client(unconf); 2678 return status; 2679 } 2680 2681 static __be32 2682 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 2683 { 2684 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 2685 slot_seqid); 2686 2687 /* The slot is in use, and no response has been sent. */ 2688 if (slot_inuse) { 2689 if (seqid == slot_seqid) 2690 return nfserr_jukebox; 2691 else 2692 return nfserr_seq_misordered; 2693 } 2694 /* Note unsigned 32-bit arithmetic handles wraparound: */ 2695 if (likely(seqid == slot_seqid + 1)) 2696 return nfs_ok; 2697 if (seqid == slot_seqid) 2698 return nfserr_replay_cache; 2699 return nfserr_seq_misordered; 2700 } 2701 2702 /* 2703 * Cache the create session result into the create session single DRC 2704 * slot cache by saving the xdr structure. sl_seqid has been set. 2705 * Do this for solo or embedded create session operations. 2706 */ 2707 static void 2708 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 2709 struct nfsd4_clid_slot *slot, __be32 nfserr) 2710 { 2711 slot->sl_status = nfserr; 2712 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 2713 } 2714 2715 static __be32 2716 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 2717 struct nfsd4_clid_slot *slot) 2718 { 2719 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 2720 return slot->sl_status; 2721 } 2722 2723 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 2724 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 2725 1 + /* MIN tag is length with zero, only length */ \ 2726 3 + /* version, opcount, opcode */ \ 2727 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2728 /* seqid, slotID, slotID, cache */ \ 2729 4 ) * sizeof(__be32)) 2730 2731 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 2732 2 + /* verifier: AUTH_NULL, length 0 */\ 2733 1 + /* status */ \ 2734 1 + /* MIN tag is length with zero, only length */ \ 2735 3 + /* opcount, opcode, opstatus*/ \ 2736 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2737 /* seqid, slotID, slotID, slotID, status */ \ 2738 5 ) * sizeof(__be32)) 2739 2740 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 2741 { 2742 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 2743 2744 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 2745 return nfserr_toosmall; 2746 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 2747 return nfserr_toosmall; 2748 ca->headerpadsz = 0; 2749 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 2750 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 2751 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 2752 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 2753 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 2754 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 2755 /* 2756 * Note decreasing slot size below client's request may make it 2757 * difficult for client to function correctly, whereas 2758 * decreasing the number of slots will (just?) affect 2759 * performance. When short on memory we therefore prefer to 2760 * decrease number of slots instead of their size. Clients that 2761 * request larger slots than they need will get poor results: 2762 */ 2763 ca->maxreqs = nfsd4_get_drc_mem(ca); 2764 if (!ca->maxreqs) 2765 return nfserr_jukebox; 2766 2767 return nfs_ok; 2768 } 2769 2770 /* 2771 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 2772 * These are based on similar macros in linux/sunrpc/msg_prot.h . 2773 */ 2774 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 2775 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 2776 2777 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 2778 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 2779 2780 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 2781 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 2782 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 2783 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 2784 sizeof(__be32)) 2785 2786 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 2787 { 2788 ca->headerpadsz = 0; 2789 2790 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 2791 return nfserr_toosmall; 2792 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 2793 return nfserr_toosmall; 2794 ca->maxresp_cached = 0; 2795 if (ca->maxops < 2) 2796 return nfserr_toosmall; 2797 2798 return nfs_ok; 2799 } 2800 2801 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 2802 { 2803 switch (cbs->flavor) { 2804 case RPC_AUTH_NULL: 2805 case RPC_AUTH_UNIX: 2806 return nfs_ok; 2807 default: 2808 /* 2809 * GSS case: the spec doesn't allow us to return this 2810 * error. But it also doesn't allow us not to support 2811 * GSS. 2812 * I'd rather this fail hard than return some error the 2813 * client might think it can already handle: 2814 */ 2815 return nfserr_encr_alg_unsupp; 2816 } 2817 } 2818 2819 __be32 2820 nfsd4_create_session(struct svc_rqst *rqstp, 2821 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 2822 { 2823 struct nfsd4_create_session *cr_ses = &u->create_session; 2824 struct sockaddr *sa = svc_addr(rqstp); 2825 struct nfs4_client *conf, *unconf; 2826 struct nfs4_client *old = NULL; 2827 struct nfsd4_session *new; 2828 struct nfsd4_conn *conn; 2829 struct nfsd4_clid_slot *cs_slot = NULL; 2830 __be32 status = 0; 2831 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2832 2833 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 2834 return nfserr_inval; 2835 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 2836 if (status) 2837 return status; 2838 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 2839 if (status) 2840 return status; 2841 status = check_backchannel_attrs(&cr_ses->back_channel); 2842 if (status) 2843 goto out_release_drc_mem; 2844 status = nfserr_jukebox; 2845 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 2846 if (!new) 2847 goto out_release_drc_mem; 2848 conn = alloc_conn_from_crses(rqstp, cr_ses); 2849 if (!conn) 2850 goto out_free_session; 2851 2852 spin_lock(&nn->client_lock); 2853 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2854 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2855 WARN_ON_ONCE(conf && unconf); 2856 2857 if (conf) { 2858 status = nfserr_wrong_cred; 2859 if (!nfsd4_mach_creds_match(conf, rqstp)) 2860 goto out_free_conn; 2861 cs_slot = &conf->cl_cs_slot; 2862 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2863 if (status) { 2864 if (status == nfserr_replay_cache) 2865 status = nfsd4_replay_create_session(cr_ses, cs_slot); 2866 goto out_free_conn; 2867 } 2868 } else if (unconf) { 2869 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2870 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2871 status = nfserr_clid_inuse; 2872 goto out_free_conn; 2873 } 2874 status = nfserr_wrong_cred; 2875 if (!nfsd4_mach_creds_match(unconf, rqstp)) 2876 goto out_free_conn; 2877 cs_slot = &unconf->cl_cs_slot; 2878 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2879 if (status) { 2880 /* an unconfirmed replay returns misordered */ 2881 status = nfserr_seq_misordered; 2882 goto out_free_conn; 2883 } 2884 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2885 if (old) { 2886 status = mark_client_expired_locked(old); 2887 if (status) { 2888 old = NULL; 2889 goto out_free_conn; 2890 } 2891 } 2892 move_to_confirmed(unconf); 2893 conf = unconf; 2894 } else { 2895 status = nfserr_stale_clientid; 2896 goto out_free_conn; 2897 } 2898 status = nfs_ok; 2899 /* Persistent sessions are not supported */ 2900 cr_ses->flags &= ~SESSION4_PERSIST; 2901 /* Upshifting from TCP to RDMA is not supported */ 2902 cr_ses->flags &= ~SESSION4_RDMA; 2903 2904 init_session(rqstp, new, conf, cr_ses); 2905 nfsd4_get_session_locked(new); 2906 2907 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2908 NFS4_MAX_SESSIONID_LEN); 2909 cs_slot->sl_seqid++; 2910 cr_ses->seqid = cs_slot->sl_seqid; 2911 2912 /* cache solo and embedded create sessions under the client_lock */ 2913 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2914 spin_unlock(&nn->client_lock); 2915 /* init connection and backchannel */ 2916 nfsd4_init_conn(rqstp, conn, new); 2917 nfsd4_put_session(new); 2918 if (old) 2919 expire_client(old); 2920 return status; 2921 out_free_conn: 2922 spin_unlock(&nn->client_lock); 2923 free_conn(conn); 2924 if (old) 2925 expire_client(old); 2926 out_free_session: 2927 __free_session(new); 2928 out_release_drc_mem: 2929 nfsd4_put_drc_mem(&cr_ses->fore_channel); 2930 return status; 2931 } 2932 2933 static __be32 nfsd4_map_bcts_dir(u32 *dir) 2934 { 2935 switch (*dir) { 2936 case NFS4_CDFC4_FORE: 2937 case NFS4_CDFC4_BACK: 2938 return nfs_ok; 2939 case NFS4_CDFC4_FORE_OR_BOTH: 2940 case NFS4_CDFC4_BACK_OR_BOTH: 2941 *dir = NFS4_CDFC4_BOTH; 2942 return nfs_ok; 2943 }; 2944 return nfserr_inval; 2945 } 2946 2947 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 2948 struct nfsd4_compound_state *cstate, 2949 union nfsd4_op_u *u) 2950 { 2951 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 2952 struct nfsd4_session *session = cstate->session; 2953 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2954 __be32 status; 2955 2956 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 2957 if (status) 2958 return status; 2959 spin_lock(&nn->client_lock); 2960 session->se_cb_prog = bc->bc_cb_program; 2961 session->se_cb_sec = bc->bc_cb_sec; 2962 spin_unlock(&nn->client_lock); 2963 2964 nfsd4_probe_callback(session->se_client); 2965 2966 return nfs_ok; 2967 } 2968 2969 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 2970 struct nfsd4_compound_state *cstate, 2971 union nfsd4_op_u *u) 2972 { 2973 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 2974 __be32 status; 2975 struct nfsd4_conn *conn; 2976 struct nfsd4_session *session; 2977 struct net *net = SVC_NET(rqstp); 2978 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2979 2980 if (!nfsd4_last_compound_op(rqstp)) 2981 return nfserr_not_only_op; 2982 spin_lock(&nn->client_lock); 2983 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 2984 spin_unlock(&nn->client_lock); 2985 if (!session) 2986 goto out_no_session; 2987 status = nfserr_wrong_cred; 2988 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 2989 goto out; 2990 status = nfsd4_map_bcts_dir(&bcts->dir); 2991 if (status) 2992 goto out; 2993 conn = alloc_conn(rqstp, bcts->dir); 2994 status = nfserr_jukebox; 2995 if (!conn) 2996 goto out; 2997 nfsd4_init_conn(rqstp, conn, session); 2998 status = nfs_ok; 2999 out: 3000 nfsd4_put_session(session); 3001 out_no_session: 3002 return status; 3003 } 3004 3005 static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid) 3006 { 3007 if (!cstate->session) 3008 return false; 3009 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid)); 3010 } 3011 3012 __be32 3013 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 3014 union nfsd4_op_u *u) 3015 { 3016 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid; 3017 struct nfsd4_session *ses; 3018 __be32 status; 3019 int ref_held_by_me = 0; 3020 struct net *net = SVC_NET(r); 3021 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3022 3023 status = nfserr_not_only_op; 3024 if (nfsd4_compound_in_session(cstate, sessionid)) { 3025 if (!nfsd4_last_compound_op(r)) 3026 goto out; 3027 ref_held_by_me++; 3028 } 3029 dump_sessionid(__func__, sessionid); 3030 spin_lock(&nn->client_lock); 3031 ses = find_in_sessionid_hashtbl(sessionid, net, &status); 3032 if (!ses) 3033 goto out_client_lock; 3034 status = nfserr_wrong_cred; 3035 if (!nfsd4_mach_creds_match(ses->se_client, r)) 3036 goto out_put_session; 3037 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 3038 if (status) 3039 goto out_put_session; 3040 unhash_session(ses); 3041 spin_unlock(&nn->client_lock); 3042 3043 nfsd4_probe_callback_sync(ses->se_client); 3044 3045 spin_lock(&nn->client_lock); 3046 status = nfs_ok; 3047 out_put_session: 3048 nfsd4_put_session_locked(ses); 3049 out_client_lock: 3050 spin_unlock(&nn->client_lock); 3051 out: 3052 return status; 3053 } 3054 3055 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3056 { 3057 struct nfsd4_conn *c; 3058 3059 list_for_each_entry(c, &s->se_conns, cn_persession) { 3060 if (c->cn_xprt == xpt) { 3061 return c; 3062 } 3063 } 3064 return NULL; 3065 } 3066 3067 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 3068 { 3069 struct nfs4_client *clp = ses->se_client; 3070 struct nfsd4_conn *c; 3071 __be32 status = nfs_ok; 3072 int ret; 3073 3074 spin_lock(&clp->cl_lock); 3075 c = __nfsd4_find_conn(new->cn_xprt, ses); 3076 if (c) 3077 goto out_free; 3078 status = nfserr_conn_not_bound_to_session; 3079 if (clp->cl_mach_cred) 3080 goto out_free; 3081 __nfsd4_hash_conn(new, ses); 3082 spin_unlock(&clp->cl_lock); 3083 ret = nfsd4_register_conn(new); 3084 if (ret) 3085 /* oops; xprt is already down: */ 3086 nfsd4_conn_lost(&new->cn_xpt_user); 3087 return nfs_ok; 3088 out_free: 3089 spin_unlock(&clp->cl_lock); 3090 free_conn(new); 3091 return status; 3092 } 3093 3094 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 3095 { 3096 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3097 3098 return args->opcnt > session->se_fchannel.maxops; 3099 } 3100 3101 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3102 struct nfsd4_session *session) 3103 { 3104 struct xdr_buf *xb = &rqstp->rq_arg; 3105 3106 return xb->len > session->se_fchannel.maxreq_sz; 3107 } 3108 3109 static bool replay_matches_cache(struct svc_rqst *rqstp, 3110 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3111 { 3112 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3113 3114 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3115 (bool)seq->cachethis) 3116 return false; 3117 /* 3118 * If there's an error than the reply can have fewer ops than 3119 * the call. But if we cached a reply with *more* ops than the 3120 * call you're sending us now, then this new call is clearly not 3121 * really a replay of the old one: 3122 */ 3123 if (slot->sl_opcnt < argp->opcnt) 3124 return false; 3125 /* This is the only check explicitly called by spec: */ 3126 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3127 return false; 3128 /* 3129 * There may be more comparisons we could actually do, but the 3130 * spec doesn't require us to catch every case where the calls 3131 * don't match (that would require caching the call as well as 3132 * the reply), so we don't bother. 3133 */ 3134 return true; 3135 } 3136 3137 __be32 3138 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3139 union nfsd4_op_u *u) 3140 { 3141 struct nfsd4_sequence *seq = &u->sequence; 3142 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3143 struct xdr_stream *xdr = &resp->xdr; 3144 struct nfsd4_session *session; 3145 struct nfs4_client *clp; 3146 struct nfsd4_slot *slot; 3147 struct nfsd4_conn *conn; 3148 __be32 status; 3149 int buflen; 3150 struct net *net = SVC_NET(rqstp); 3151 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3152 3153 if (resp->opcnt != 1) 3154 return nfserr_sequence_pos; 3155 3156 /* 3157 * Will be either used or freed by nfsd4_sequence_check_conn 3158 * below. 3159 */ 3160 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3161 if (!conn) 3162 return nfserr_jukebox; 3163 3164 spin_lock(&nn->client_lock); 3165 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3166 if (!session) 3167 goto out_no_session; 3168 clp = session->se_client; 3169 3170 status = nfserr_too_many_ops; 3171 if (nfsd4_session_too_many_ops(rqstp, session)) 3172 goto out_put_session; 3173 3174 status = nfserr_req_too_big; 3175 if (nfsd4_request_too_big(rqstp, session)) 3176 goto out_put_session; 3177 3178 status = nfserr_badslot; 3179 if (seq->slotid >= session->se_fchannel.maxreqs) 3180 goto out_put_session; 3181 3182 slot = session->se_slots[seq->slotid]; 3183 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3184 3185 /* We do not negotiate the number of slots yet, so set the 3186 * maxslots to the session maxreqs which is used to encode 3187 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3188 seq->maxslots = session->se_fchannel.maxreqs; 3189 3190 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3191 slot->sl_flags & NFSD4_SLOT_INUSE); 3192 if (status == nfserr_replay_cache) { 3193 status = nfserr_seq_misordered; 3194 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3195 goto out_put_session; 3196 status = nfserr_seq_false_retry; 3197 if (!replay_matches_cache(rqstp, seq, slot)) 3198 goto out_put_session; 3199 cstate->slot = slot; 3200 cstate->session = session; 3201 cstate->clp = clp; 3202 /* Return the cached reply status and set cstate->status 3203 * for nfsd4_proc_compound processing */ 3204 status = nfsd4_replay_cache_entry(resp, seq); 3205 cstate->status = nfserr_replay_cache; 3206 goto out; 3207 } 3208 if (status) 3209 goto out_put_session; 3210 3211 status = nfsd4_sequence_check_conn(conn, session); 3212 conn = NULL; 3213 if (status) 3214 goto out_put_session; 3215 3216 buflen = (seq->cachethis) ? 3217 session->se_fchannel.maxresp_cached : 3218 session->se_fchannel.maxresp_sz; 3219 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3220 nfserr_rep_too_big; 3221 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3222 goto out_put_session; 3223 svc_reserve(rqstp, buflen); 3224 3225 status = nfs_ok; 3226 /* Success! bump slot seqid */ 3227 slot->sl_seqid = seq->seqid; 3228 slot->sl_flags |= NFSD4_SLOT_INUSE; 3229 if (seq->cachethis) 3230 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3231 else 3232 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3233 3234 cstate->slot = slot; 3235 cstate->session = session; 3236 cstate->clp = clp; 3237 3238 out: 3239 switch (clp->cl_cb_state) { 3240 case NFSD4_CB_DOWN: 3241 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3242 break; 3243 case NFSD4_CB_FAULT: 3244 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3245 break; 3246 default: 3247 seq->status_flags = 0; 3248 } 3249 if (!list_empty(&clp->cl_revoked)) 3250 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3251 out_no_session: 3252 if (conn) 3253 free_conn(conn); 3254 spin_unlock(&nn->client_lock); 3255 return status; 3256 out_put_session: 3257 nfsd4_put_session_locked(session); 3258 goto out_no_session; 3259 } 3260 3261 void 3262 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3263 { 3264 struct nfsd4_compound_state *cs = &resp->cstate; 3265 3266 if (nfsd4_has_session(cs)) { 3267 if (cs->status != nfserr_replay_cache) { 3268 nfsd4_store_cache_entry(resp); 3269 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3270 } 3271 /* Drop session reference that was taken in nfsd4_sequence() */ 3272 nfsd4_put_session(cs->session); 3273 } else if (cs->clp) 3274 put_client_renew(cs->clp); 3275 } 3276 3277 __be32 3278 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3279 struct nfsd4_compound_state *cstate, 3280 union nfsd4_op_u *u) 3281 { 3282 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3283 struct nfs4_client *conf, *unconf; 3284 struct nfs4_client *clp = NULL; 3285 __be32 status = 0; 3286 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3287 3288 spin_lock(&nn->client_lock); 3289 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3290 conf = find_confirmed_client(&dc->clientid, true, nn); 3291 WARN_ON_ONCE(conf && unconf); 3292 3293 if (conf) { 3294 if (client_has_state(conf)) { 3295 status = nfserr_clientid_busy; 3296 goto out; 3297 } 3298 status = mark_client_expired_locked(conf); 3299 if (status) 3300 goto out; 3301 clp = conf; 3302 } else if (unconf) 3303 clp = unconf; 3304 else { 3305 status = nfserr_stale_clientid; 3306 goto out; 3307 } 3308 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3309 clp = NULL; 3310 status = nfserr_wrong_cred; 3311 goto out; 3312 } 3313 unhash_client_locked(clp); 3314 out: 3315 spin_unlock(&nn->client_lock); 3316 if (clp) 3317 expire_client(clp); 3318 return status; 3319 } 3320 3321 __be32 3322 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3323 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3324 { 3325 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3326 __be32 status = 0; 3327 3328 if (rc->rca_one_fs) { 3329 if (!cstate->current_fh.fh_dentry) 3330 return nfserr_nofilehandle; 3331 /* 3332 * We don't take advantage of the rca_one_fs case. 3333 * That's OK, it's optional, we can safely ignore it. 3334 */ 3335 return nfs_ok; 3336 } 3337 3338 status = nfserr_complete_already; 3339 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3340 &cstate->session->se_client->cl_flags)) 3341 goto out; 3342 3343 status = nfserr_stale_clientid; 3344 if (is_client_expired(cstate->session->se_client)) 3345 /* 3346 * The following error isn't really legal. 3347 * But we only get here if the client just explicitly 3348 * destroyed the client. Surely it no longer cares what 3349 * error it gets back on an operation for the dead 3350 * client. 3351 */ 3352 goto out; 3353 3354 status = nfs_ok; 3355 nfsd4_client_record_create(cstate->session->se_client); 3356 out: 3357 return status; 3358 } 3359 3360 __be32 3361 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3362 union nfsd4_op_u *u) 3363 { 3364 struct nfsd4_setclientid *setclid = &u->setclientid; 3365 struct xdr_netobj clname = setclid->se_name; 3366 nfs4_verifier clverifier = setclid->se_verf; 3367 struct nfs4_client *conf, *new; 3368 struct nfs4_client *unconf = NULL; 3369 __be32 status; 3370 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3371 3372 new = create_client(clname, rqstp, &clverifier); 3373 if (new == NULL) 3374 return nfserr_jukebox; 3375 /* Cases below refer to rfc 3530 section 14.2.33: */ 3376 spin_lock(&nn->client_lock); 3377 conf = find_confirmed_client_by_name(&clname, nn); 3378 if (conf && client_has_state(conf)) { 3379 /* case 0: */ 3380 status = nfserr_clid_inuse; 3381 if (clp_used_exchangeid(conf)) 3382 goto out; 3383 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3384 char addr_str[INET6_ADDRSTRLEN]; 3385 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 3386 sizeof(addr_str)); 3387 dprintk("NFSD: setclientid: string in use by client " 3388 "at %s\n", addr_str); 3389 goto out; 3390 } 3391 } 3392 unconf = find_unconfirmed_client_by_name(&clname, nn); 3393 if (unconf) 3394 unhash_client_locked(unconf); 3395 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3396 /* case 1: probable callback update */ 3397 copy_clid(new, conf); 3398 gen_confirm(new, nn); 3399 } else /* case 4 (new client) or cases 2, 3 (client reboot): */ 3400 gen_clid(new, nn); 3401 new->cl_minorversion = 0; 3402 gen_callback(new, setclid, rqstp); 3403 add_to_unconfirmed(new); 3404 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3405 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3406 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3407 new = NULL; 3408 status = nfs_ok; 3409 out: 3410 spin_unlock(&nn->client_lock); 3411 if (new) 3412 free_client(new); 3413 if (unconf) 3414 expire_client(unconf); 3415 return status; 3416 } 3417 3418 3419 __be32 3420 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3421 struct nfsd4_compound_state *cstate, 3422 union nfsd4_op_u *u) 3423 { 3424 struct nfsd4_setclientid_confirm *setclientid_confirm = 3425 &u->setclientid_confirm; 3426 struct nfs4_client *conf, *unconf; 3427 struct nfs4_client *old = NULL; 3428 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3429 clientid_t * clid = &setclientid_confirm->sc_clientid; 3430 __be32 status; 3431 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3432 3433 if (STALE_CLIENTID(clid, nn)) 3434 return nfserr_stale_clientid; 3435 3436 spin_lock(&nn->client_lock); 3437 conf = find_confirmed_client(clid, false, nn); 3438 unconf = find_unconfirmed_client(clid, false, nn); 3439 /* 3440 * We try hard to give out unique clientid's, so if we get an 3441 * attempt to confirm the same clientid with a different cred, 3442 * the client may be buggy; this should never happen. 3443 * 3444 * Nevertheless, RFC 7530 recommends INUSE for this case: 3445 */ 3446 status = nfserr_clid_inuse; 3447 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3448 goto out; 3449 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3450 goto out; 3451 /* cases below refer to rfc 3530 section 14.2.34: */ 3452 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3453 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3454 /* case 2: probable retransmit */ 3455 status = nfs_ok; 3456 } else /* case 4: client hasn't noticed we rebooted yet? */ 3457 status = nfserr_stale_clientid; 3458 goto out; 3459 } 3460 status = nfs_ok; 3461 if (conf) { /* case 1: callback update */ 3462 old = unconf; 3463 unhash_client_locked(old); 3464 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3465 } else { /* case 3: normal case; new or rebooted client */ 3466 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3467 if (old) { 3468 status = nfserr_clid_inuse; 3469 if (client_has_state(old) 3470 && !same_creds(&unconf->cl_cred, 3471 &old->cl_cred)) 3472 goto out; 3473 status = mark_client_expired_locked(old); 3474 if (status) { 3475 old = NULL; 3476 goto out; 3477 } 3478 } 3479 move_to_confirmed(unconf); 3480 conf = unconf; 3481 } 3482 get_client_locked(conf); 3483 spin_unlock(&nn->client_lock); 3484 nfsd4_probe_callback(conf); 3485 spin_lock(&nn->client_lock); 3486 put_client_renew_locked(conf); 3487 out: 3488 spin_unlock(&nn->client_lock); 3489 if (old) 3490 expire_client(old); 3491 return status; 3492 } 3493 3494 static struct nfs4_file *nfsd4_alloc_file(void) 3495 { 3496 return kmem_cache_alloc(file_slab, GFP_KERNEL); 3497 } 3498 3499 /* OPEN Share state helper functions */ 3500 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 3501 struct nfs4_file *fp) 3502 { 3503 lockdep_assert_held(&state_lock); 3504 3505 refcount_set(&fp->fi_ref, 1); 3506 spin_lock_init(&fp->fi_lock); 3507 INIT_LIST_HEAD(&fp->fi_stateids); 3508 INIT_LIST_HEAD(&fp->fi_delegations); 3509 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 3510 fh_copy_shallow(&fp->fi_fhandle, fh); 3511 fp->fi_deleg_file = NULL; 3512 fp->fi_had_conflict = false; 3513 fp->fi_share_deny = 0; 3514 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 3515 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 3516 #ifdef CONFIG_NFSD_PNFS 3517 INIT_LIST_HEAD(&fp->fi_lo_states); 3518 atomic_set(&fp->fi_lo_recalls, 0); 3519 #endif 3520 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 3521 } 3522 3523 void 3524 nfsd4_free_slabs(void) 3525 { 3526 kmem_cache_destroy(client_slab); 3527 kmem_cache_destroy(openowner_slab); 3528 kmem_cache_destroy(lockowner_slab); 3529 kmem_cache_destroy(file_slab); 3530 kmem_cache_destroy(stateid_slab); 3531 kmem_cache_destroy(deleg_slab); 3532 kmem_cache_destroy(odstate_slab); 3533 } 3534 3535 int 3536 nfsd4_init_slabs(void) 3537 { 3538 client_slab = kmem_cache_create("nfsd4_clients", 3539 sizeof(struct nfs4_client), 0, 0, NULL); 3540 if (client_slab == NULL) 3541 goto out; 3542 openowner_slab = kmem_cache_create("nfsd4_openowners", 3543 sizeof(struct nfs4_openowner), 0, 0, NULL); 3544 if (openowner_slab == NULL) 3545 goto out_free_client_slab; 3546 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 3547 sizeof(struct nfs4_lockowner), 0, 0, NULL); 3548 if (lockowner_slab == NULL) 3549 goto out_free_openowner_slab; 3550 file_slab = kmem_cache_create("nfsd4_files", 3551 sizeof(struct nfs4_file), 0, 0, NULL); 3552 if (file_slab == NULL) 3553 goto out_free_lockowner_slab; 3554 stateid_slab = kmem_cache_create("nfsd4_stateids", 3555 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 3556 if (stateid_slab == NULL) 3557 goto out_free_file_slab; 3558 deleg_slab = kmem_cache_create("nfsd4_delegations", 3559 sizeof(struct nfs4_delegation), 0, 0, NULL); 3560 if (deleg_slab == NULL) 3561 goto out_free_stateid_slab; 3562 odstate_slab = kmem_cache_create("nfsd4_odstate", 3563 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 3564 if (odstate_slab == NULL) 3565 goto out_free_deleg_slab; 3566 return 0; 3567 3568 out_free_deleg_slab: 3569 kmem_cache_destroy(deleg_slab); 3570 out_free_stateid_slab: 3571 kmem_cache_destroy(stateid_slab); 3572 out_free_file_slab: 3573 kmem_cache_destroy(file_slab); 3574 out_free_lockowner_slab: 3575 kmem_cache_destroy(lockowner_slab); 3576 out_free_openowner_slab: 3577 kmem_cache_destroy(openowner_slab); 3578 out_free_client_slab: 3579 kmem_cache_destroy(client_slab); 3580 out: 3581 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 3582 return -ENOMEM; 3583 } 3584 3585 static void init_nfs4_replay(struct nfs4_replay *rp) 3586 { 3587 rp->rp_status = nfserr_serverfault; 3588 rp->rp_buflen = 0; 3589 rp->rp_buf = rp->rp_ibuf; 3590 mutex_init(&rp->rp_mutex); 3591 } 3592 3593 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 3594 struct nfs4_stateowner *so) 3595 { 3596 if (!nfsd4_has_session(cstate)) { 3597 mutex_lock(&so->so_replay.rp_mutex); 3598 cstate->replay_owner = nfs4_get_stateowner(so); 3599 } 3600 } 3601 3602 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 3603 { 3604 struct nfs4_stateowner *so = cstate->replay_owner; 3605 3606 if (so != NULL) { 3607 cstate->replay_owner = NULL; 3608 mutex_unlock(&so->so_replay.rp_mutex); 3609 nfs4_put_stateowner(so); 3610 } 3611 } 3612 3613 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 3614 { 3615 struct nfs4_stateowner *sop; 3616 3617 sop = kmem_cache_alloc(slab, GFP_KERNEL); 3618 if (!sop) 3619 return NULL; 3620 3621 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL); 3622 if (!sop->so_owner.data) { 3623 kmem_cache_free(slab, sop); 3624 return NULL; 3625 } 3626 sop->so_owner.len = owner->len; 3627 3628 INIT_LIST_HEAD(&sop->so_stateids); 3629 sop->so_client = clp; 3630 init_nfs4_replay(&sop->so_replay); 3631 atomic_set(&sop->so_count, 1); 3632 return sop; 3633 } 3634 3635 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 3636 { 3637 lockdep_assert_held(&clp->cl_lock); 3638 3639 list_add(&oo->oo_owner.so_strhash, 3640 &clp->cl_ownerstr_hashtbl[strhashval]); 3641 list_add(&oo->oo_perclient, &clp->cl_openowners); 3642 } 3643 3644 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 3645 { 3646 unhash_openowner_locked(openowner(so)); 3647 } 3648 3649 static void nfs4_free_openowner(struct nfs4_stateowner *so) 3650 { 3651 struct nfs4_openowner *oo = openowner(so); 3652 3653 kmem_cache_free(openowner_slab, oo); 3654 } 3655 3656 static const struct nfs4_stateowner_operations openowner_ops = { 3657 .so_unhash = nfs4_unhash_openowner, 3658 .so_free = nfs4_free_openowner, 3659 }; 3660 3661 static struct nfs4_ol_stateid * 3662 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3663 { 3664 struct nfs4_ol_stateid *local, *ret = NULL; 3665 struct nfs4_openowner *oo = open->op_openowner; 3666 3667 lockdep_assert_held(&fp->fi_lock); 3668 3669 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3670 /* ignore lock owners */ 3671 if (local->st_stateowner->so_is_open_owner == 0) 3672 continue; 3673 if (local->st_stateowner != &oo->oo_owner) 3674 continue; 3675 if (local->st_stid.sc_type == NFS4_OPEN_STID) { 3676 ret = local; 3677 refcount_inc(&ret->st_stid.sc_count); 3678 break; 3679 } 3680 } 3681 return ret; 3682 } 3683 3684 static __be32 3685 nfsd4_verify_open_stid(struct nfs4_stid *s) 3686 { 3687 __be32 ret = nfs_ok; 3688 3689 switch (s->sc_type) { 3690 default: 3691 break; 3692 case 0: 3693 case NFS4_CLOSED_STID: 3694 case NFS4_CLOSED_DELEG_STID: 3695 ret = nfserr_bad_stateid; 3696 break; 3697 case NFS4_REVOKED_DELEG_STID: 3698 ret = nfserr_deleg_revoked; 3699 } 3700 return ret; 3701 } 3702 3703 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 3704 static __be32 3705 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 3706 { 3707 __be32 ret; 3708 3709 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 3710 ret = nfsd4_verify_open_stid(&stp->st_stid); 3711 if (ret != nfs_ok) 3712 mutex_unlock(&stp->st_mutex); 3713 return ret; 3714 } 3715 3716 static struct nfs4_ol_stateid * 3717 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3718 { 3719 struct nfs4_ol_stateid *stp; 3720 for (;;) { 3721 spin_lock(&fp->fi_lock); 3722 stp = nfsd4_find_existing_open(fp, open); 3723 spin_unlock(&fp->fi_lock); 3724 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 3725 break; 3726 nfs4_put_stid(&stp->st_stid); 3727 } 3728 return stp; 3729 } 3730 3731 static struct nfs4_openowner * 3732 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 3733 struct nfsd4_compound_state *cstate) 3734 { 3735 struct nfs4_client *clp = cstate->clp; 3736 struct nfs4_openowner *oo, *ret; 3737 3738 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 3739 if (!oo) 3740 return NULL; 3741 oo->oo_owner.so_ops = &openowner_ops; 3742 oo->oo_owner.so_is_open_owner = 1; 3743 oo->oo_owner.so_seqid = open->op_seqid; 3744 oo->oo_flags = 0; 3745 if (nfsd4_has_session(cstate)) 3746 oo->oo_flags |= NFS4_OO_CONFIRMED; 3747 oo->oo_time = 0; 3748 oo->oo_last_closed_stid = NULL; 3749 INIT_LIST_HEAD(&oo->oo_close_lru); 3750 spin_lock(&clp->cl_lock); 3751 ret = find_openstateowner_str_locked(strhashval, open, clp); 3752 if (ret == NULL) { 3753 hash_openowner(oo, clp, strhashval); 3754 ret = oo; 3755 } else 3756 nfs4_free_stateowner(&oo->oo_owner); 3757 3758 spin_unlock(&clp->cl_lock); 3759 return ret; 3760 } 3761 3762 static struct nfs4_ol_stateid * 3763 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 3764 { 3765 3766 struct nfs4_openowner *oo = open->op_openowner; 3767 struct nfs4_ol_stateid *retstp = NULL; 3768 struct nfs4_ol_stateid *stp; 3769 3770 stp = open->op_stp; 3771 /* We are moving these outside of the spinlocks to avoid the warnings */ 3772 mutex_init(&stp->st_mutex); 3773 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 3774 3775 retry: 3776 spin_lock(&oo->oo_owner.so_client->cl_lock); 3777 spin_lock(&fp->fi_lock); 3778 3779 retstp = nfsd4_find_existing_open(fp, open); 3780 if (retstp) 3781 goto out_unlock; 3782 3783 open->op_stp = NULL; 3784 refcount_inc(&stp->st_stid.sc_count); 3785 stp->st_stid.sc_type = NFS4_OPEN_STID; 3786 INIT_LIST_HEAD(&stp->st_locks); 3787 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 3788 get_nfs4_file(fp); 3789 stp->st_stid.sc_file = fp; 3790 stp->st_access_bmap = 0; 3791 stp->st_deny_bmap = 0; 3792 stp->st_openstp = NULL; 3793 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 3794 list_add(&stp->st_perfile, &fp->fi_stateids); 3795 3796 out_unlock: 3797 spin_unlock(&fp->fi_lock); 3798 spin_unlock(&oo->oo_owner.so_client->cl_lock); 3799 if (retstp) { 3800 /* Handle races with CLOSE */ 3801 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 3802 nfs4_put_stid(&retstp->st_stid); 3803 goto retry; 3804 } 3805 /* To keep mutex tracking happy */ 3806 mutex_unlock(&stp->st_mutex); 3807 stp = retstp; 3808 } 3809 return stp; 3810 } 3811 3812 /* 3813 * In the 4.0 case we need to keep the owners around a little while to handle 3814 * CLOSE replay. We still do need to release any file access that is held by 3815 * them before returning however. 3816 */ 3817 static void 3818 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 3819 { 3820 struct nfs4_ol_stateid *last; 3821 struct nfs4_openowner *oo = openowner(s->st_stateowner); 3822 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 3823 nfsd_net_id); 3824 3825 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 3826 3827 /* 3828 * We know that we hold one reference via nfsd4_close, and another 3829 * "persistent" reference for the client. If the refcount is higher 3830 * than 2, then there are still calls in progress that are using this 3831 * stateid. We can't put the sc_file reference until they are finished. 3832 * Wait for the refcount to drop to 2. Since it has been unhashed, 3833 * there should be no danger of the refcount going back up again at 3834 * this point. 3835 */ 3836 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 3837 3838 release_all_access(s); 3839 if (s->st_stid.sc_file) { 3840 put_nfs4_file(s->st_stid.sc_file); 3841 s->st_stid.sc_file = NULL; 3842 } 3843 3844 spin_lock(&nn->client_lock); 3845 last = oo->oo_last_closed_stid; 3846 oo->oo_last_closed_stid = s; 3847 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 3848 oo->oo_time = get_seconds(); 3849 spin_unlock(&nn->client_lock); 3850 if (last) 3851 nfs4_put_stid(&last->st_stid); 3852 } 3853 3854 /* search file_hashtbl[] for file */ 3855 static struct nfs4_file * 3856 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 3857 { 3858 struct nfs4_file *fp; 3859 3860 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) { 3861 if (fh_match(&fp->fi_fhandle, fh)) { 3862 if (refcount_inc_not_zero(&fp->fi_ref)) 3863 return fp; 3864 } 3865 } 3866 return NULL; 3867 } 3868 3869 struct nfs4_file * 3870 find_file(struct knfsd_fh *fh) 3871 { 3872 struct nfs4_file *fp; 3873 unsigned int hashval = file_hashval(fh); 3874 3875 rcu_read_lock(); 3876 fp = find_file_locked(fh, hashval); 3877 rcu_read_unlock(); 3878 return fp; 3879 } 3880 3881 static struct nfs4_file * 3882 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 3883 { 3884 struct nfs4_file *fp; 3885 unsigned int hashval = file_hashval(fh); 3886 3887 rcu_read_lock(); 3888 fp = find_file_locked(fh, hashval); 3889 rcu_read_unlock(); 3890 if (fp) 3891 return fp; 3892 3893 spin_lock(&state_lock); 3894 fp = find_file_locked(fh, hashval); 3895 if (likely(fp == NULL)) { 3896 nfsd4_init_file(fh, hashval, new); 3897 fp = new; 3898 } 3899 spin_unlock(&state_lock); 3900 3901 return fp; 3902 } 3903 3904 /* 3905 * Called to check deny when READ with all zero stateid or 3906 * WRITE with all zero or all one stateid 3907 */ 3908 static __be32 3909 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 3910 { 3911 struct nfs4_file *fp; 3912 __be32 ret = nfs_ok; 3913 3914 fp = find_file(¤t_fh->fh_handle); 3915 if (!fp) 3916 return ret; 3917 /* Check for conflicting share reservations */ 3918 spin_lock(&fp->fi_lock); 3919 if (fp->fi_share_deny & deny_type) 3920 ret = nfserr_locked; 3921 spin_unlock(&fp->fi_lock); 3922 put_nfs4_file(fp); 3923 return ret; 3924 } 3925 3926 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 3927 { 3928 struct nfs4_delegation *dp = cb_to_delegation(cb); 3929 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 3930 nfsd_net_id); 3931 3932 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 3933 3934 /* 3935 * We can't do this in nfsd_break_deleg_cb because it is 3936 * already holding inode->i_lock. 3937 * 3938 * If the dl_time != 0, then we know that it has already been 3939 * queued for a lease break. Don't queue it again. 3940 */ 3941 spin_lock(&state_lock); 3942 if (dp->dl_time == 0) { 3943 dp->dl_time = get_seconds(); 3944 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 3945 } 3946 spin_unlock(&state_lock); 3947 } 3948 3949 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 3950 struct rpc_task *task) 3951 { 3952 struct nfs4_delegation *dp = cb_to_delegation(cb); 3953 3954 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 3955 return 1; 3956 3957 switch (task->tk_status) { 3958 case 0: 3959 return 1; 3960 case -EBADHANDLE: 3961 case -NFS4ERR_BAD_STATEID: 3962 /* 3963 * Race: client probably got cb_recall before open reply 3964 * granting delegation. 3965 */ 3966 if (dp->dl_retries--) { 3967 rpc_delay(task, 2 * HZ); 3968 return 0; 3969 } 3970 /*FALLTHRU*/ 3971 default: 3972 return -1; 3973 } 3974 } 3975 3976 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 3977 { 3978 struct nfs4_delegation *dp = cb_to_delegation(cb); 3979 3980 nfs4_put_stid(&dp->dl_stid); 3981 } 3982 3983 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 3984 .prepare = nfsd4_cb_recall_prepare, 3985 .done = nfsd4_cb_recall_done, 3986 .release = nfsd4_cb_recall_release, 3987 }; 3988 3989 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 3990 { 3991 /* 3992 * We're assuming the state code never drops its reference 3993 * without first removing the lease. Since we're in this lease 3994 * callback (and since the lease code is serialized by the 3995 * i_lock) we know the server hasn't removed the lease yet, and 3996 * we know it's safe to take a reference. 3997 */ 3998 refcount_inc(&dp->dl_stid.sc_count); 3999 nfsd4_run_cb(&dp->dl_recall); 4000 } 4001 4002 /* Called from break_lease() with i_lock held. */ 4003 static bool 4004 nfsd_break_deleg_cb(struct file_lock *fl) 4005 { 4006 bool ret = false; 4007 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner; 4008 struct nfs4_file *fp = dp->dl_stid.sc_file; 4009 4010 /* 4011 * We don't want the locks code to timeout the lease for us; 4012 * we'll remove it ourself if a delegation isn't returned 4013 * in time: 4014 */ 4015 fl->fl_break_time = 0; 4016 4017 spin_lock(&fp->fi_lock); 4018 fp->fi_had_conflict = true; 4019 nfsd_break_one_deleg(dp); 4020 spin_unlock(&fp->fi_lock); 4021 return ret; 4022 } 4023 4024 static int 4025 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 4026 struct list_head *dispose) 4027 { 4028 if (arg & F_UNLCK) 4029 return lease_modify(onlist, arg, dispose); 4030 else 4031 return -EAGAIN; 4032 } 4033 4034 static const struct lock_manager_operations nfsd_lease_mng_ops = { 4035 .lm_break = nfsd_break_deleg_cb, 4036 .lm_change = nfsd_change_deleg_cb, 4037 }; 4038 4039 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 4040 { 4041 if (nfsd4_has_session(cstate)) 4042 return nfs_ok; 4043 if (seqid == so->so_seqid - 1) 4044 return nfserr_replay_me; 4045 if (seqid == so->so_seqid) 4046 return nfs_ok; 4047 return nfserr_bad_seqid; 4048 } 4049 4050 static __be32 lookup_clientid(clientid_t *clid, 4051 struct nfsd4_compound_state *cstate, 4052 struct nfsd_net *nn) 4053 { 4054 struct nfs4_client *found; 4055 4056 if (cstate->clp) { 4057 found = cstate->clp; 4058 if (!same_clid(&found->cl_clientid, clid)) 4059 return nfserr_stale_clientid; 4060 return nfs_ok; 4061 } 4062 4063 if (STALE_CLIENTID(clid, nn)) 4064 return nfserr_stale_clientid; 4065 4066 /* 4067 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 4068 * cached already then we know this is for is for v4.0 and "sessions" 4069 * will be false. 4070 */ 4071 WARN_ON_ONCE(cstate->session); 4072 spin_lock(&nn->client_lock); 4073 found = find_confirmed_client(clid, false, nn); 4074 if (!found) { 4075 spin_unlock(&nn->client_lock); 4076 return nfserr_expired; 4077 } 4078 atomic_inc(&found->cl_refcount); 4079 spin_unlock(&nn->client_lock); 4080 4081 /* Cache the nfs4_client in cstate! */ 4082 cstate->clp = found; 4083 return nfs_ok; 4084 } 4085 4086 __be32 4087 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 4088 struct nfsd4_open *open, struct nfsd_net *nn) 4089 { 4090 clientid_t *clientid = &open->op_clientid; 4091 struct nfs4_client *clp = NULL; 4092 unsigned int strhashval; 4093 struct nfs4_openowner *oo = NULL; 4094 __be32 status; 4095 4096 if (STALE_CLIENTID(&open->op_clientid, nn)) 4097 return nfserr_stale_clientid; 4098 /* 4099 * In case we need it later, after we've already created the 4100 * file and don't want to risk a further failure: 4101 */ 4102 open->op_file = nfsd4_alloc_file(); 4103 if (open->op_file == NULL) 4104 return nfserr_jukebox; 4105 4106 status = lookup_clientid(clientid, cstate, nn); 4107 if (status) 4108 return status; 4109 clp = cstate->clp; 4110 4111 strhashval = ownerstr_hashval(&open->op_owner); 4112 oo = find_openstateowner_str(strhashval, open, clp); 4113 open->op_openowner = oo; 4114 if (!oo) { 4115 goto new_owner; 4116 } 4117 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4118 /* Replace unconfirmed owners without checking for replay. */ 4119 release_openowner(oo); 4120 open->op_openowner = NULL; 4121 goto new_owner; 4122 } 4123 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 4124 if (status) 4125 return status; 4126 goto alloc_stateid; 4127 new_owner: 4128 oo = alloc_init_open_stateowner(strhashval, open, cstate); 4129 if (oo == NULL) 4130 return nfserr_jukebox; 4131 open->op_openowner = oo; 4132 alloc_stateid: 4133 open->op_stp = nfs4_alloc_open_stateid(clp); 4134 if (!open->op_stp) 4135 return nfserr_jukebox; 4136 4137 if (nfsd4_has_session(cstate) && 4138 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 4139 open->op_odstate = alloc_clnt_odstate(clp); 4140 if (!open->op_odstate) 4141 return nfserr_jukebox; 4142 } 4143 4144 return nfs_ok; 4145 } 4146 4147 static inline __be32 4148 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4149 { 4150 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4151 return nfserr_openmode; 4152 else 4153 return nfs_ok; 4154 } 4155 4156 static int share_access_to_flags(u32 share_access) 4157 { 4158 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4159 } 4160 4161 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4162 { 4163 struct nfs4_stid *ret; 4164 4165 ret = find_stateid_by_type(cl, s, 4166 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4167 if (!ret) 4168 return NULL; 4169 return delegstateid(ret); 4170 } 4171 4172 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4173 { 4174 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4175 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4176 } 4177 4178 static __be32 4179 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4180 struct nfs4_delegation **dp) 4181 { 4182 int flags; 4183 __be32 status = nfserr_bad_stateid; 4184 struct nfs4_delegation *deleg; 4185 4186 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4187 if (deleg == NULL) 4188 goto out; 4189 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4190 nfs4_put_stid(&deleg->dl_stid); 4191 if (cl->cl_minorversion) 4192 status = nfserr_deleg_revoked; 4193 goto out; 4194 } 4195 flags = share_access_to_flags(open->op_share_access); 4196 status = nfs4_check_delegmode(deleg, flags); 4197 if (status) { 4198 nfs4_put_stid(&deleg->dl_stid); 4199 goto out; 4200 } 4201 *dp = deleg; 4202 out: 4203 if (!nfsd4_is_deleg_cur(open)) 4204 return nfs_ok; 4205 if (status) 4206 return status; 4207 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4208 return nfs_ok; 4209 } 4210 4211 static inline int nfs4_access_to_access(u32 nfs4_access) 4212 { 4213 int flags = 0; 4214 4215 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4216 flags |= NFSD_MAY_READ; 4217 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4218 flags |= NFSD_MAY_WRITE; 4219 return flags; 4220 } 4221 4222 static inline __be32 4223 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4224 struct nfsd4_open *open) 4225 { 4226 struct iattr iattr = { 4227 .ia_valid = ATTR_SIZE, 4228 .ia_size = 0, 4229 }; 4230 if (!open->op_truncate) 4231 return 0; 4232 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4233 return nfserr_inval; 4234 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 4235 } 4236 4237 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4238 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4239 struct nfsd4_open *open) 4240 { 4241 struct file *filp = NULL; 4242 __be32 status; 4243 int oflag = nfs4_access_to_omode(open->op_share_access); 4244 int access = nfs4_access_to_access(open->op_share_access); 4245 unsigned char old_access_bmap, old_deny_bmap; 4246 4247 spin_lock(&fp->fi_lock); 4248 4249 /* 4250 * Are we trying to set a deny mode that would conflict with 4251 * current access? 4252 */ 4253 status = nfs4_file_check_deny(fp, open->op_share_deny); 4254 if (status != nfs_ok) { 4255 spin_unlock(&fp->fi_lock); 4256 goto out; 4257 } 4258 4259 /* set access to the file */ 4260 status = nfs4_file_get_access(fp, open->op_share_access); 4261 if (status != nfs_ok) { 4262 spin_unlock(&fp->fi_lock); 4263 goto out; 4264 } 4265 4266 /* Set access bits in stateid */ 4267 old_access_bmap = stp->st_access_bmap; 4268 set_access(open->op_share_access, stp); 4269 4270 /* Set new deny mask */ 4271 old_deny_bmap = stp->st_deny_bmap; 4272 set_deny(open->op_share_deny, stp); 4273 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4274 4275 if (!fp->fi_fds[oflag]) { 4276 spin_unlock(&fp->fi_lock); 4277 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp); 4278 if (status) 4279 goto out_put_access; 4280 spin_lock(&fp->fi_lock); 4281 if (!fp->fi_fds[oflag]) { 4282 fp->fi_fds[oflag] = filp; 4283 filp = NULL; 4284 } 4285 } 4286 spin_unlock(&fp->fi_lock); 4287 if (filp) 4288 fput(filp); 4289 4290 status = nfsd4_truncate(rqstp, cur_fh, open); 4291 if (status) 4292 goto out_put_access; 4293 out: 4294 return status; 4295 out_put_access: 4296 stp->st_access_bmap = old_access_bmap; 4297 nfs4_file_put_access(fp, open->op_share_access); 4298 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4299 goto out; 4300 } 4301 4302 static __be32 4303 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4304 { 4305 __be32 status; 4306 unsigned char old_deny_bmap = stp->st_deny_bmap; 4307 4308 if (!test_access(open->op_share_access, stp)) 4309 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4310 4311 /* test and set deny mode */ 4312 spin_lock(&fp->fi_lock); 4313 status = nfs4_file_check_deny(fp, open->op_share_deny); 4314 if (status == nfs_ok) { 4315 set_deny(open->op_share_deny, stp); 4316 fp->fi_share_deny |= 4317 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4318 } 4319 spin_unlock(&fp->fi_lock); 4320 4321 if (status != nfs_ok) 4322 return status; 4323 4324 status = nfsd4_truncate(rqstp, cur_fh, open); 4325 if (status != nfs_ok) 4326 reset_union_bmap_deny(old_deny_bmap, stp); 4327 return status; 4328 } 4329 4330 /* Should we give out recallable state?: */ 4331 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4332 { 4333 if (clp->cl_cb_state == NFSD4_CB_UP) 4334 return true; 4335 /* 4336 * In the sessions case, since we don't have to establish a 4337 * separate connection for callbacks, we assume it's OK 4338 * until we hear otherwise: 4339 */ 4340 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4341 } 4342 4343 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 4344 int flag) 4345 { 4346 struct file_lock *fl; 4347 4348 fl = locks_alloc_lock(); 4349 if (!fl) 4350 return NULL; 4351 fl->fl_lmops = &nfsd_lease_mng_ops; 4352 fl->fl_flags = FL_DELEG; 4353 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4354 fl->fl_end = OFFSET_MAX; 4355 fl->fl_owner = (fl_owner_t)dp; 4356 fl->fl_pid = current->tgid; 4357 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file; 4358 return fl; 4359 } 4360 4361 static struct nfs4_delegation * 4362 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4363 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4364 { 4365 int status = 0; 4366 struct nfs4_delegation *dp; 4367 struct file *filp; 4368 struct file_lock *fl; 4369 4370 /* 4371 * The fi_had_conflict and nfs_get_existing_delegation checks 4372 * here are just optimizations; we'll need to recheck them at 4373 * the end: 4374 */ 4375 if (fp->fi_had_conflict) 4376 return ERR_PTR(-EAGAIN); 4377 4378 filp = find_readable_file(fp); 4379 if (!filp) { 4380 /* We should always have a readable file here */ 4381 WARN_ON_ONCE(1); 4382 return ERR_PTR(-EBADF); 4383 } 4384 spin_lock(&state_lock); 4385 spin_lock(&fp->fi_lock); 4386 if (nfs4_delegation_exists(clp, fp)) 4387 status = -EAGAIN; 4388 else if (!fp->fi_deleg_file) { 4389 fp->fi_deleg_file = filp; 4390 /* increment early to prevent fi_deleg_file from being 4391 * cleared */ 4392 fp->fi_delegees = 1; 4393 filp = NULL; 4394 } else 4395 fp->fi_delegees++; 4396 spin_unlock(&fp->fi_lock); 4397 spin_unlock(&state_lock); 4398 if (filp) 4399 fput(filp); 4400 if (status) 4401 return ERR_PTR(status); 4402 4403 status = -ENOMEM; 4404 dp = alloc_init_deleg(clp, fp, fh, odstate); 4405 if (!dp) 4406 goto out_delegees; 4407 4408 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 4409 if (!fl) 4410 goto out_clnt_odstate; 4411 4412 status = vfs_setlease(fp->fi_deleg_file, fl->fl_type, &fl, NULL); 4413 if (fl) 4414 locks_free_lock(fl); 4415 if (status) 4416 goto out_clnt_odstate; 4417 4418 spin_lock(&state_lock); 4419 spin_lock(&fp->fi_lock); 4420 if (fp->fi_had_conflict) 4421 status = -EAGAIN; 4422 else 4423 status = hash_delegation_locked(dp, fp); 4424 spin_unlock(&fp->fi_lock); 4425 spin_unlock(&state_lock); 4426 4427 if (status) 4428 goto out_unlock; 4429 4430 return dp; 4431 out_unlock: 4432 vfs_setlease(fp->fi_deleg_file, F_UNLCK, NULL, (void **)&dp); 4433 out_clnt_odstate: 4434 put_clnt_odstate(dp->dl_clnt_odstate); 4435 nfs4_put_stid(&dp->dl_stid); 4436 out_delegees: 4437 put_deleg_file(fp); 4438 return ERR_PTR(status); 4439 } 4440 4441 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 4442 { 4443 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4444 if (status == -EAGAIN) 4445 open->op_why_no_deleg = WND4_CONTENTION; 4446 else { 4447 open->op_why_no_deleg = WND4_RESOURCE; 4448 switch (open->op_deleg_want) { 4449 case NFS4_SHARE_WANT_READ_DELEG: 4450 case NFS4_SHARE_WANT_WRITE_DELEG: 4451 case NFS4_SHARE_WANT_ANY_DELEG: 4452 break; 4453 case NFS4_SHARE_WANT_CANCEL: 4454 open->op_why_no_deleg = WND4_CANCELLED; 4455 break; 4456 case NFS4_SHARE_WANT_NO_DELEG: 4457 WARN_ON_ONCE(1); 4458 } 4459 } 4460 } 4461 4462 /* 4463 * Attempt to hand out a delegation. 4464 * 4465 * Note we don't support write delegations, and won't until the vfs has 4466 * proper support for them. 4467 */ 4468 static void 4469 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 4470 struct nfs4_ol_stateid *stp) 4471 { 4472 struct nfs4_delegation *dp; 4473 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 4474 struct nfs4_client *clp = stp->st_stid.sc_client; 4475 int cb_up; 4476 int status = 0; 4477 4478 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 4479 open->op_recall = 0; 4480 switch (open->op_claim_type) { 4481 case NFS4_OPEN_CLAIM_PREVIOUS: 4482 if (!cb_up) 4483 open->op_recall = 1; 4484 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 4485 goto out_no_deleg; 4486 break; 4487 case NFS4_OPEN_CLAIM_NULL: 4488 case NFS4_OPEN_CLAIM_FH: 4489 /* 4490 * Let's not give out any delegations till everyone's 4491 * had the chance to reclaim theirs, *and* until 4492 * NLM locks have all been reclaimed: 4493 */ 4494 if (locks_in_grace(clp->net)) 4495 goto out_no_deleg; 4496 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 4497 goto out_no_deleg; 4498 /* 4499 * Also, if the file was opened for write or 4500 * create, there's a good chance the client's 4501 * about to write to it, resulting in an 4502 * immediate recall (since we don't support 4503 * write delegations): 4504 */ 4505 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 4506 goto out_no_deleg; 4507 if (open->op_create == NFS4_OPEN_CREATE) 4508 goto out_no_deleg; 4509 break; 4510 default: 4511 goto out_no_deleg; 4512 } 4513 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 4514 if (IS_ERR(dp)) 4515 goto out_no_deleg; 4516 4517 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 4518 4519 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 4520 STATEID_VAL(&dp->dl_stid.sc_stateid)); 4521 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 4522 nfs4_put_stid(&dp->dl_stid); 4523 return; 4524 out_no_deleg: 4525 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 4526 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 4527 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 4528 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 4529 open->op_recall = 1; 4530 } 4531 4532 /* 4.1 client asking for a delegation? */ 4533 if (open->op_deleg_want) 4534 nfsd4_open_deleg_none_ext(open, status); 4535 return; 4536 } 4537 4538 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 4539 struct nfs4_delegation *dp) 4540 { 4541 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 4542 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4543 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4544 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 4545 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 4546 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4547 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4548 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 4549 } 4550 /* Otherwise the client must be confused wanting a delegation 4551 * it already has, therefore we don't return 4552 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 4553 */ 4554 } 4555 4556 __be32 4557 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 4558 { 4559 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4560 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 4561 struct nfs4_file *fp = NULL; 4562 struct nfs4_ol_stateid *stp = NULL; 4563 struct nfs4_delegation *dp = NULL; 4564 __be32 status; 4565 bool new_stp = false; 4566 4567 /* 4568 * Lookup file; if found, lookup stateid and check open request, 4569 * and check for delegations in the process of being recalled. 4570 * If not found, create the nfs4_file struct 4571 */ 4572 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 4573 if (fp != open->op_file) { 4574 status = nfs4_check_deleg(cl, open, &dp); 4575 if (status) 4576 goto out; 4577 stp = nfsd4_find_and_lock_existing_open(fp, open); 4578 } else { 4579 open->op_file = NULL; 4580 status = nfserr_bad_stateid; 4581 if (nfsd4_is_deleg_cur(open)) 4582 goto out; 4583 } 4584 4585 if (!stp) { 4586 stp = init_open_stateid(fp, open); 4587 if (!open->op_stp) 4588 new_stp = true; 4589 } 4590 4591 /* 4592 * OPEN the file, or upgrade an existing OPEN. 4593 * If truncate fails, the OPEN fails. 4594 * 4595 * stp is already locked. 4596 */ 4597 if (!new_stp) { 4598 /* Stateid was found, this is an OPEN upgrade */ 4599 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 4600 if (status) { 4601 mutex_unlock(&stp->st_mutex); 4602 goto out; 4603 } 4604 } else { 4605 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 4606 if (status) { 4607 stp->st_stid.sc_type = NFS4_CLOSED_STID; 4608 release_open_stateid(stp); 4609 mutex_unlock(&stp->st_mutex); 4610 goto out; 4611 } 4612 4613 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 4614 open->op_odstate); 4615 if (stp->st_clnt_odstate == open->op_odstate) 4616 open->op_odstate = NULL; 4617 } 4618 4619 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 4620 mutex_unlock(&stp->st_mutex); 4621 4622 if (nfsd4_has_session(&resp->cstate)) { 4623 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 4624 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4625 open->op_why_no_deleg = WND4_NOT_WANTED; 4626 goto nodeleg; 4627 } 4628 } 4629 4630 /* 4631 * Attempt to hand out a delegation. No error return, because the 4632 * OPEN succeeds even if we fail. 4633 */ 4634 nfs4_open_delegation(current_fh, open, stp); 4635 nodeleg: 4636 status = nfs_ok; 4637 4638 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 4639 STATEID_VAL(&stp->st_stid.sc_stateid)); 4640 out: 4641 /* 4.1 client trying to upgrade/downgrade delegation? */ 4642 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 4643 open->op_deleg_want) 4644 nfsd4_deleg_xgrade_none_ext(open, dp); 4645 4646 if (fp) 4647 put_nfs4_file(fp); 4648 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 4649 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4650 /* 4651 * To finish the open response, we just need to set the rflags. 4652 */ 4653 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 4654 if (nfsd4_has_session(&resp->cstate)) 4655 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 4656 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 4657 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 4658 4659 if (dp) 4660 nfs4_put_stid(&dp->dl_stid); 4661 if (stp) 4662 nfs4_put_stid(&stp->st_stid); 4663 4664 return status; 4665 } 4666 4667 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 4668 struct nfsd4_open *open) 4669 { 4670 if (open->op_openowner) { 4671 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 4672 4673 nfsd4_cstate_assign_replay(cstate, so); 4674 nfs4_put_stateowner(so); 4675 } 4676 if (open->op_file) 4677 kmem_cache_free(file_slab, open->op_file); 4678 if (open->op_stp) 4679 nfs4_put_stid(&open->op_stp->st_stid); 4680 if (open->op_odstate) 4681 kmem_cache_free(odstate_slab, open->op_odstate); 4682 } 4683 4684 __be32 4685 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4686 union nfsd4_op_u *u) 4687 { 4688 clientid_t *clid = &u->renew; 4689 struct nfs4_client *clp; 4690 __be32 status; 4691 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4692 4693 dprintk("process_renew(%08x/%08x): starting\n", 4694 clid->cl_boot, clid->cl_id); 4695 status = lookup_clientid(clid, cstate, nn); 4696 if (status) 4697 goto out; 4698 clp = cstate->clp; 4699 status = nfserr_cb_path_down; 4700 if (!list_empty(&clp->cl_delegations) 4701 && clp->cl_cb_state != NFSD4_CB_UP) 4702 goto out; 4703 status = nfs_ok; 4704 out: 4705 return status; 4706 } 4707 4708 void 4709 nfsd4_end_grace(struct nfsd_net *nn) 4710 { 4711 /* do nothing if grace period already ended */ 4712 if (nn->grace_ended) 4713 return; 4714 4715 dprintk("NFSD: end of grace period\n"); 4716 nn->grace_ended = true; 4717 /* 4718 * If the server goes down again right now, an NFSv4 4719 * client will still be allowed to reclaim after it comes back up, 4720 * even if it hasn't yet had a chance to reclaim state this time. 4721 * 4722 */ 4723 nfsd4_record_grace_done(nn); 4724 /* 4725 * At this point, NFSv4 clients can still reclaim. But if the 4726 * server crashes, any that have not yet reclaimed will be out 4727 * of luck on the next boot. 4728 * 4729 * (NFSv4.1+ clients are considered to have reclaimed once they 4730 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 4731 * have reclaimed after their first OPEN.) 4732 */ 4733 locks_end_grace(&nn->nfsd4_manager); 4734 /* 4735 * At this point, and once lockd and/or any other containers 4736 * exit their grace period, further reclaims will fail and 4737 * regular locking can resume. 4738 */ 4739 } 4740 4741 /* 4742 * If we've waited a lease period but there are still clients trying to 4743 * reclaim, wait a little longer to give them a chance to finish. 4744 */ 4745 static bool clients_still_reclaiming(struct nfsd_net *nn) 4746 { 4747 unsigned long now = get_seconds(); 4748 unsigned long double_grace_period_end = nn->boot_time + 4749 2 * nn->nfsd4_lease; 4750 4751 if (!nn->somebody_reclaimed) 4752 return false; 4753 nn->somebody_reclaimed = false; 4754 /* 4755 * If we've given them *two* lease times to reclaim, and they're 4756 * still not done, give up: 4757 */ 4758 if (time_after(now, double_grace_period_end)) 4759 return false; 4760 return true; 4761 } 4762 4763 static time_t 4764 nfs4_laundromat(struct nfsd_net *nn) 4765 { 4766 struct nfs4_client *clp; 4767 struct nfs4_openowner *oo; 4768 struct nfs4_delegation *dp; 4769 struct nfs4_ol_stateid *stp; 4770 struct nfsd4_blocked_lock *nbl; 4771 struct list_head *pos, *next, reaplist; 4772 time_t cutoff = get_seconds() - nn->nfsd4_lease; 4773 time_t t, new_timeo = nn->nfsd4_lease; 4774 4775 dprintk("NFSD: laundromat service - starting\n"); 4776 4777 if (clients_still_reclaiming(nn)) { 4778 new_timeo = 0; 4779 goto out; 4780 } 4781 nfsd4_end_grace(nn); 4782 INIT_LIST_HEAD(&reaplist); 4783 spin_lock(&nn->client_lock); 4784 list_for_each_safe(pos, next, &nn->client_lru) { 4785 clp = list_entry(pos, struct nfs4_client, cl_lru); 4786 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) { 4787 t = clp->cl_time - cutoff; 4788 new_timeo = min(new_timeo, t); 4789 break; 4790 } 4791 if (mark_client_expired_locked(clp)) { 4792 dprintk("NFSD: client in use (clientid %08x)\n", 4793 clp->cl_clientid.cl_id); 4794 continue; 4795 } 4796 list_add(&clp->cl_lru, &reaplist); 4797 } 4798 spin_unlock(&nn->client_lock); 4799 list_for_each_safe(pos, next, &reaplist) { 4800 clp = list_entry(pos, struct nfs4_client, cl_lru); 4801 dprintk("NFSD: purging unused client (clientid %08x)\n", 4802 clp->cl_clientid.cl_id); 4803 list_del_init(&clp->cl_lru); 4804 expire_client(clp); 4805 } 4806 spin_lock(&state_lock); 4807 list_for_each_safe(pos, next, &nn->del_recall_lru) { 4808 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 4809 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) { 4810 t = dp->dl_time - cutoff; 4811 new_timeo = min(new_timeo, t); 4812 break; 4813 } 4814 WARN_ON(!unhash_delegation_locked(dp)); 4815 list_add(&dp->dl_recall_lru, &reaplist); 4816 } 4817 spin_unlock(&state_lock); 4818 while (!list_empty(&reaplist)) { 4819 dp = list_first_entry(&reaplist, struct nfs4_delegation, 4820 dl_recall_lru); 4821 list_del_init(&dp->dl_recall_lru); 4822 revoke_delegation(dp); 4823 } 4824 4825 spin_lock(&nn->client_lock); 4826 while (!list_empty(&nn->close_lru)) { 4827 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 4828 oo_close_lru); 4829 if (time_after((unsigned long)oo->oo_time, 4830 (unsigned long)cutoff)) { 4831 t = oo->oo_time - cutoff; 4832 new_timeo = min(new_timeo, t); 4833 break; 4834 } 4835 list_del_init(&oo->oo_close_lru); 4836 stp = oo->oo_last_closed_stid; 4837 oo->oo_last_closed_stid = NULL; 4838 spin_unlock(&nn->client_lock); 4839 nfs4_put_stid(&stp->st_stid); 4840 spin_lock(&nn->client_lock); 4841 } 4842 spin_unlock(&nn->client_lock); 4843 4844 /* 4845 * It's possible for a client to try and acquire an already held lock 4846 * that is being held for a long time, and then lose interest in it. 4847 * So, we clean out any un-revisited request after a lease period 4848 * under the assumption that the client is no longer interested. 4849 * 4850 * RFC5661, sec. 9.6 states that the client must not rely on getting 4851 * notifications and must continue to poll for locks, even when the 4852 * server supports them. Thus this shouldn't lead to clients blocking 4853 * indefinitely once the lock does become free. 4854 */ 4855 BUG_ON(!list_empty(&reaplist)); 4856 spin_lock(&nn->blocked_locks_lock); 4857 while (!list_empty(&nn->blocked_locks_lru)) { 4858 nbl = list_first_entry(&nn->blocked_locks_lru, 4859 struct nfsd4_blocked_lock, nbl_lru); 4860 if (time_after((unsigned long)nbl->nbl_time, 4861 (unsigned long)cutoff)) { 4862 t = nbl->nbl_time - cutoff; 4863 new_timeo = min(new_timeo, t); 4864 break; 4865 } 4866 list_move(&nbl->nbl_lru, &reaplist); 4867 list_del_init(&nbl->nbl_list); 4868 } 4869 spin_unlock(&nn->blocked_locks_lock); 4870 4871 while (!list_empty(&reaplist)) { 4872 nbl = list_first_entry(&reaplist, 4873 struct nfsd4_blocked_lock, nbl_lru); 4874 list_del_init(&nbl->nbl_lru); 4875 free_blocked_lock(nbl); 4876 } 4877 out: 4878 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 4879 return new_timeo; 4880 } 4881 4882 static struct workqueue_struct *laundry_wq; 4883 static void laundromat_main(struct work_struct *); 4884 4885 static void 4886 laundromat_main(struct work_struct *laundry) 4887 { 4888 time_t t; 4889 struct delayed_work *dwork = to_delayed_work(laundry); 4890 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 4891 laundromat_work); 4892 4893 t = nfs4_laundromat(nn); 4894 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t); 4895 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 4896 } 4897 4898 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 4899 { 4900 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 4901 return nfserr_bad_stateid; 4902 return nfs_ok; 4903 } 4904 4905 static inline int 4906 access_permit_read(struct nfs4_ol_stateid *stp) 4907 { 4908 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 4909 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 4910 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 4911 } 4912 4913 static inline int 4914 access_permit_write(struct nfs4_ol_stateid *stp) 4915 { 4916 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 4917 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 4918 } 4919 4920 static 4921 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 4922 { 4923 __be32 status = nfserr_openmode; 4924 4925 /* For lock stateid's, we test the parent open, not the lock: */ 4926 if (stp->st_openstp) 4927 stp = stp->st_openstp; 4928 if ((flags & WR_STATE) && !access_permit_write(stp)) 4929 goto out; 4930 if ((flags & RD_STATE) && !access_permit_read(stp)) 4931 goto out; 4932 status = nfs_ok; 4933 out: 4934 return status; 4935 } 4936 4937 static inline __be32 4938 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 4939 { 4940 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 4941 return nfs_ok; 4942 else if (opens_in_grace(net)) { 4943 /* Answer in remaining cases depends on existence of 4944 * conflicting state; so we must wait out the grace period. */ 4945 return nfserr_grace; 4946 } else if (flags & WR_STATE) 4947 return nfs4_share_conflict(current_fh, 4948 NFS4_SHARE_DENY_WRITE); 4949 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 4950 return nfs4_share_conflict(current_fh, 4951 NFS4_SHARE_DENY_READ); 4952 } 4953 4954 /* 4955 * Allow READ/WRITE during grace period on recovered state only for files 4956 * that are not able to provide mandatory locking. 4957 */ 4958 static inline int 4959 grace_disallows_io(struct net *net, struct inode *inode) 4960 { 4961 return opens_in_grace(net) && mandatory_lock(inode); 4962 } 4963 4964 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 4965 { 4966 /* 4967 * When sessions are used the stateid generation number is ignored 4968 * when it is zero. 4969 */ 4970 if (has_session && in->si_generation == 0) 4971 return nfs_ok; 4972 4973 if (in->si_generation == ref->si_generation) 4974 return nfs_ok; 4975 4976 /* If the client sends us a stateid from the future, it's buggy: */ 4977 if (nfsd4_stateid_generation_after(in, ref)) 4978 return nfserr_bad_stateid; 4979 /* 4980 * However, we could see a stateid from the past, even from a 4981 * non-buggy client. For example, if the client sends a lock 4982 * while some IO is outstanding, the lock may bump si_generation 4983 * while the IO is still in flight. The client could avoid that 4984 * situation by waiting for responses on all the IO requests, 4985 * but better performance may result in retrying IO that 4986 * receives an old_stateid error if requests are rarely 4987 * reordered in flight: 4988 */ 4989 return nfserr_old_stateid; 4990 } 4991 4992 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 4993 { 4994 __be32 ret; 4995 4996 spin_lock(&s->sc_lock); 4997 ret = nfsd4_verify_open_stid(s); 4998 if (ret == nfs_ok) 4999 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 5000 spin_unlock(&s->sc_lock); 5001 return ret; 5002 } 5003 5004 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 5005 { 5006 if (ols->st_stateowner->so_is_open_owner && 5007 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 5008 return nfserr_bad_stateid; 5009 return nfs_ok; 5010 } 5011 5012 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 5013 { 5014 struct nfs4_stid *s; 5015 __be32 status = nfserr_bad_stateid; 5016 5017 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5018 CLOSE_STATEID(stateid)) 5019 return status; 5020 /* Client debugging aid. */ 5021 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 5022 char addr_str[INET6_ADDRSTRLEN]; 5023 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str, 5024 sizeof(addr_str)); 5025 pr_warn_ratelimited("NFSD: client %s testing state ID " 5026 "with incorrect client ID\n", addr_str); 5027 return status; 5028 } 5029 spin_lock(&cl->cl_lock); 5030 s = find_stateid_locked(cl, stateid); 5031 if (!s) 5032 goto out_unlock; 5033 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 5034 if (status) 5035 goto out_unlock; 5036 switch (s->sc_type) { 5037 case NFS4_DELEG_STID: 5038 status = nfs_ok; 5039 break; 5040 case NFS4_REVOKED_DELEG_STID: 5041 status = nfserr_deleg_revoked; 5042 break; 5043 case NFS4_OPEN_STID: 5044 case NFS4_LOCK_STID: 5045 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 5046 break; 5047 default: 5048 printk("unknown stateid type %x\n", s->sc_type); 5049 /* Fallthrough */ 5050 case NFS4_CLOSED_STID: 5051 case NFS4_CLOSED_DELEG_STID: 5052 status = nfserr_bad_stateid; 5053 } 5054 out_unlock: 5055 spin_unlock(&cl->cl_lock); 5056 return status; 5057 } 5058 5059 __be32 5060 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 5061 stateid_t *stateid, unsigned char typemask, 5062 struct nfs4_stid **s, struct nfsd_net *nn) 5063 { 5064 __be32 status; 5065 bool return_revoked = false; 5066 5067 /* 5068 * only return revoked delegations if explicitly asked. 5069 * otherwise we report revoked or bad_stateid status. 5070 */ 5071 if (typemask & NFS4_REVOKED_DELEG_STID) 5072 return_revoked = true; 5073 else if (typemask & NFS4_DELEG_STID) 5074 typemask |= NFS4_REVOKED_DELEG_STID; 5075 5076 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5077 CLOSE_STATEID(stateid)) 5078 return nfserr_bad_stateid; 5079 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); 5080 if (status == nfserr_stale_clientid) { 5081 if (cstate->session) 5082 return nfserr_bad_stateid; 5083 return nfserr_stale_stateid; 5084 } 5085 if (status) 5086 return status; 5087 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 5088 if (!*s) 5089 return nfserr_bad_stateid; 5090 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 5091 nfs4_put_stid(*s); 5092 if (cstate->minorversion) 5093 return nfserr_deleg_revoked; 5094 return nfserr_bad_stateid; 5095 } 5096 return nfs_ok; 5097 } 5098 5099 static struct file * 5100 nfs4_find_file(struct nfs4_stid *s, int flags) 5101 { 5102 if (!s) 5103 return NULL; 5104 5105 switch (s->sc_type) { 5106 case NFS4_DELEG_STID: 5107 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 5108 return NULL; 5109 return get_file(s->sc_file->fi_deleg_file); 5110 case NFS4_OPEN_STID: 5111 case NFS4_LOCK_STID: 5112 if (flags & RD_STATE) 5113 return find_readable_file(s->sc_file); 5114 else 5115 return find_writeable_file(s->sc_file); 5116 break; 5117 } 5118 5119 return NULL; 5120 } 5121 5122 static __be32 5123 nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags) 5124 { 5125 __be32 status; 5126 5127 status = nfsd4_check_openowner_confirmed(ols); 5128 if (status) 5129 return status; 5130 return nfs4_check_openmode(ols, flags); 5131 } 5132 5133 static __be32 5134 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 5135 struct file **filpp, bool *tmp_file, int flags) 5136 { 5137 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 5138 struct file *file; 5139 __be32 status; 5140 5141 file = nfs4_find_file(s, flags); 5142 if (file) { 5143 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 5144 acc | NFSD_MAY_OWNER_OVERRIDE); 5145 if (status) { 5146 fput(file); 5147 return status; 5148 } 5149 5150 *filpp = file; 5151 } else { 5152 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp); 5153 if (status) 5154 return status; 5155 5156 if (tmp_file) 5157 *tmp_file = true; 5158 } 5159 5160 return 0; 5161 } 5162 5163 /* 5164 * Checks for stateid operations 5165 */ 5166 __be32 5167 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5168 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5169 stateid_t *stateid, int flags, struct file **filpp, bool *tmp_file) 5170 { 5171 struct inode *ino = d_inode(fhp->fh_dentry); 5172 struct net *net = SVC_NET(rqstp); 5173 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5174 struct nfs4_stid *s = NULL; 5175 __be32 status; 5176 5177 if (filpp) 5178 *filpp = NULL; 5179 if (tmp_file) 5180 *tmp_file = false; 5181 5182 if (grace_disallows_io(net, ino)) 5183 return nfserr_grace; 5184 5185 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5186 status = check_special_stateids(net, fhp, stateid, flags); 5187 goto done; 5188 } 5189 5190 status = nfsd4_lookup_stateid(cstate, stateid, 5191 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5192 &s, nn); 5193 if (status) 5194 return status; 5195 status = nfsd4_stid_check_stateid_generation(stateid, s, 5196 nfsd4_has_session(cstate)); 5197 if (status) 5198 goto out; 5199 5200 switch (s->sc_type) { 5201 case NFS4_DELEG_STID: 5202 status = nfs4_check_delegmode(delegstateid(s), flags); 5203 break; 5204 case NFS4_OPEN_STID: 5205 case NFS4_LOCK_STID: 5206 status = nfs4_check_olstateid(openlockstateid(s), flags); 5207 break; 5208 default: 5209 status = nfserr_bad_stateid; 5210 break; 5211 } 5212 if (status) 5213 goto out; 5214 status = nfs4_check_fh(fhp, s); 5215 5216 done: 5217 if (!status && filpp) 5218 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags); 5219 out: 5220 if (s) 5221 nfs4_put_stid(s); 5222 return status; 5223 } 5224 5225 /* 5226 * Test if the stateid is valid 5227 */ 5228 __be32 5229 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5230 union nfsd4_op_u *u) 5231 { 5232 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5233 struct nfsd4_test_stateid_id *stateid; 5234 struct nfs4_client *cl = cstate->session->se_client; 5235 5236 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5237 stateid->ts_id_status = 5238 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5239 5240 return nfs_ok; 5241 } 5242 5243 static __be32 5244 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5245 { 5246 struct nfs4_ol_stateid *stp = openlockstateid(s); 5247 __be32 ret; 5248 5249 ret = nfsd4_lock_ol_stateid(stp); 5250 if (ret) 5251 goto out_put_stid; 5252 5253 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5254 if (ret) 5255 goto out; 5256 5257 ret = nfserr_locks_held; 5258 if (check_for_locks(stp->st_stid.sc_file, 5259 lockowner(stp->st_stateowner))) 5260 goto out; 5261 5262 release_lock_stateid(stp); 5263 ret = nfs_ok; 5264 5265 out: 5266 mutex_unlock(&stp->st_mutex); 5267 out_put_stid: 5268 nfs4_put_stid(s); 5269 return ret; 5270 } 5271 5272 __be32 5273 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5274 union nfsd4_op_u *u) 5275 { 5276 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5277 stateid_t *stateid = &free_stateid->fr_stateid; 5278 struct nfs4_stid *s; 5279 struct nfs4_delegation *dp; 5280 struct nfs4_client *cl = cstate->session->se_client; 5281 __be32 ret = nfserr_bad_stateid; 5282 5283 spin_lock(&cl->cl_lock); 5284 s = find_stateid_locked(cl, stateid); 5285 if (!s) 5286 goto out_unlock; 5287 spin_lock(&s->sc_lock); 5288 switch (s->sc_type) { 5289 case NFS4_DELEG_STID: 5290 ret = nfserr_locks_held; 5291 break; 5292 case NFS4_OPEN_STID: 5293 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5294 if (ret) 5295 break; 5296 ret = nfserr_locks_held; 5297 break; 5298 case NFS4_LOCK_STID: 5299 spin_unlock(&s->sc_lock); 5300 refcount_inc(&s->sc_count); 5301 spin_unlock(&cl->cl_lock); 5302 ret = nfsd4_free_lock_stateid(stateid, s); 5303 goto out; 5304 case NFS4_REVOKED_DELEG_STID: 5305 spin_unlock(&s->sc_lock); 5306 dp = delegstateid(s); 5307 list_del_init(&dp->dl_recall_lru); 5308 spin_unlock(&cl->cl_lock); 5309 nfs4_put_stid(s); 5310 ret = nfs_ok; 5311 goto out; 5312 /* Default falls through and returns nfserr_bad_stateid */ 5313 } 5314 spin_unlock(&s->sc_lock); 5315 out_unlock: 5316 spin_unlock(&cl->cl_lock); 5317 out: 5318 return ret; 5319 } 5320 5321 static inline int 5322 setlkflg (int type) 5323 { 5324 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5325 RD_STATE : WR_STATE; 5326 } 5327 5328 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5329 { 5330 struct svc_fh *current_fh = &cstate->current_fh; 5331 struct nfs4_stateowner *sop = stp->st_stateowner; 5332 __be32 status; 5333 5334 status = nfsd4_check_seqid(cstate, sop, seqid); 5335 if (status) 5336 return status; 5337 status = nfsd4_lock_ol_stateid(stp); 5338 if (status != nfs_ok) 5339 return status; 5340 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5341 if (status == nfs_ok) 5342 status = nfs4_check_fh(current_fh, &stp->st_stid); 5343 if (status != nfs_ok) 5344 mutex_unlock(&stp->st_mutex); 5345 return status; 5346 } 5347 5348 /* 5349 * Checks for sequence id mutating operations. 5350 */ 5351 static __be32 5352 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5353 stateid_t *stateid, char typemask, 5354 struct nfs4_ol_stateid **stpp, 5355 struct nfsd_net *nn) 5356 { 5357 __be32 status; 5358 struct nfs4_stid *s; 5359 struct nfs4_ol_stateid *stp = NULL; 5360 5361 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 5362 seqid, STATEID_VAL(stateid)); 5363 5364 *stpp = NULL; 5365 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 5366 if (status) 5367 return status; 5368 stp = openlockstateid(s); 5369 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 5370 5371 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 5372 if (!status) 5373 *stpp = stp; 5374 else 5375 nfs4_put_stid(&stp->st_stid); 5376 return status; 5377 } 5378 5379 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5380 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 5381 { 5382 __be32 status; 5383 struct nfs4_openowner *oo; 5384 struct nfs4_ol_stateid *stp; 5385 5386 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 5387 NFS4_OPEN_STID, &stp, nn); 5388 if (status) 5389 return status; 5390 oo = openowner(stp->st_stateowner); 5391 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5392 mutex_unlock(&stp->st_mutex); 5393 nfs4_put_stid(&stp->st_stid); 5394 return nfserr_bad_stateid; 5395 } 5396 *stpp = stp; 5397 return nfs_ok; 5398 } 5399 5400 __be32 5401 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5402 union nfsd4_op_u *u) 5403 { 5404 struct nfsd4_open_confirm *oc = &u->open_confirm; 5405 __be32 status; 5406 struct nfs4_openowner *oo; 5407 struct nfs4_ol_stateid *stp; 5408 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5409 5410 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 5411 cstate->current_fh.fh_dentry); 5412 5413 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 5414 if (status) 5415 return status; 5416 5417 status = nfs4_preprocess_seqid_op(cstate, 5418 oc->oc_seqid, &oc->oc_req_stateid, 5419 NFS4_OPEN_STID, &stp, nn); 5420 if (status) 5421 goto out; 5422 oo = openowner(stp->st_stateowner); 5423 status = nfserr_bad_stateid; 5424 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 5425 mutex_unlock(&stp->st_mutex); 5426 goto put_stateid; 5427 } 5428 oo->oo_flags |= NFS4_OO_CONFIRMED; 5429 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 5430 mutex_unlock(&stp->st_mutex); 5431 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 5432 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 5433 5434 nfsd4_client_record_create(oo->oo_owner.so_client); 5435 status = nfs_ok; 5436 put_stateid: 5437 nfs4_put_stid(&stp->st_stid); 5438 out: 5439 nfsd4_bump_seqid(cstate, status); 5440 return status; 5441 } 5442 5443 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 5444 { 5445 if (!test_access(access, stp)) 5446 return; 5447 nfs4_file_put_access(stp->st_stid.sc_file, access); 5448 clear_access(access, stp); 5449 } 5450 5451 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 5452 { 5453 switch (to_access) { 5454 case NFS4_SHARE_ACCESS_READ: 5455 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 5456 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5457 break; 5458 case NFS4_SHARE_ACCESS_WRITE: 5459 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 5460 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5461 break; 5462 case NFS4_SHARE_ACCESS_BOTH: 5463 break; 5464 default: 5465 WARN_ON_ONCE(1); 5466 } 5467 } 5468 5469 __be32 5470 nfsd4_open_downgrade(struct svc_rqst *rqstp, 5471 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 5472 { 5473 struct nfsd4_open_downgrade *od = &u->open_downgrade; 5474 __be32 status; 5475 struct nfs4_ol_stateid *stp; 5476 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5477 5478 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 5479 cstate->current_fh.fh_dentry); 5480 5481 /* We don't yet support WANT bits: */ 5482 if (od->od_deleg_want) 5483 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 5484 od->od_deleg_want); 5485 5486 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 5487 &od->od_stateid, &stp, nn); 5488 if (status) 5489 goto out; 5490 status = nfserr_inval; 5491 if (!test_access(od->od_share_access, stp)) { 5492 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 5493 stp->st_access_bmap, od->od_share_access); 5494 goto put_stateid; 5495 } 5496 if (!test_deny(od->od_share_deny, stp)) { 5497 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 5498 stp->st_deny_bmap, od->od_share_deny); 5499 goto put_stateid; 5500 } 5501 nfs4_stateid_downgrade(stp, od->od_share_access); 5502 reset_union_bmap_deny(od->od_share_deny, stp); 5503 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 5504 status = nfs_ok; 5505 put_stateid: 5506 mutex_unlock(&stp->st_mutex); 5507 nfs4_put_stid(&stp->st_stid); 5508 out: 5509 nfsd4_bump_seqid(cstate, status); 5510 return status; 5511 } 5512 5513 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 5514 { 5515 struct nfs4_client *clp = s->st_stid.sc_client; 5516 bool unhashed; 5517 LIST_HEAD(reaplist); 5518 5519 spin_lock(&clp->cl_lock); 5520 unhashed = unhash_open_stateid(s, &reaplist); 5521 5522 if (clp->cl_minorversion) { 5523 if (unhashed) 5524 put_ol_stateid_locked(s, &reaplist); 5525 spin_unlock(&clp->cl_lock); 5526 free_ol_stateid_reaplist(&reaplist); 5527 } else { 5528 spin_unlock(&clp->cl_lock); 5529 free_ol_stateid_reaplist(&reaplist); 5530 if (unhashed) 5531 move_to_close_lru(s, clp->net); 5532 } 5533 } 5534 5535 /* 5536 * nfs4_unlock_state() called after encode 5537 */ 5538 __be32 5539 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5540 union nfsd4_op_u *u) 5541 { 5542 struct nfsd4_close *close = &u->close; 5543 __be32 status; 5544 struct nfs4_ol_stateid *stp; 5545 struct net *net = SVC_NET(rqstp); 5546 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5547 5548 dprintk("NFSD: nfsd4_close on file %pd\n", 5549 cstate->current_fh.fh_dentry); 5550 5551 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 5552 &close->cl_stateid, 5553 NFS4_OPEN_STID|NFS4_CLOSED_STID, 5554 &stp, nn); 5555 nfsd4_bump_seqid(cstate, status); 5556 if (status) 5557 goto out; 5558 5559 stp->st_stid.sc_type = NFS4_CLOSED_STID; 5560 5561 /* 5562 * Technically we don't _really_ have to increment or copy it, since 5563 * it should just be gone after this operation and we clobber the 5564 * copied value below, but we continue to do so here just to ensure 5565 * that racing ops see that there was a state change. 5566 */ 5567 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 5568 5569 nfsd4_close_open_stateid(stp); 5570 mutex_unlock(&stp->st_mutex); 5571 5572 /* v4.1+ suggests that we send a special stateid in here, since the 5573 * clients should just ignore this anyway. Since this is not useful 5574 * for v4.0 clients either, we set it to the special close_stateid 5575 * universally. 5576 * 5577 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 5578 */ 5579 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 5580 5581 /* put reference from nfs4_preprocess_seqid_op */ 5582 nfs4_put_stid(&stp->st_stid); 5583 out: 5584 return status; 5585 } 5586 5587 __be32 5588 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5589 union nfsd4_op_u *u) 5590 { 5591 struct nfsd4_delegreturn *dr = &u->delegreturn; 5592 struct nfs4_delegation *dp; 5593 stateid_t *stateid = &dr->dr_stateid; 5594 struct nfs4_stid *s; 5595 __be32 status; 5596 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5597 5598 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 5599 return status; 5600 5601 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 5602 if (status) 5603 goto out; 5604 dp = delegstateid(s); 5605 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 5606 if (status) 5607 goto put_stateid; 5608 5609 destroy_delegation(dp); 5610 put_stateid: 5611 nfs4_put_stid(&dp->dl_stid); 5612 out: 5613 return status; 5614 } 5615 5616 static inline u64 5617 end_offset(u64 start, u64 len) 5618 { 5619 u64 end; 5620 5621 end = start + len; 5622 return end >= start ? end: NFS4_MAX_UINT64; 5623 } 5624 5625 /* last octet in a range */ 5626 static inline u64 5627 last_byte_offset(u64 start, u64 len) 5628 { 5629 u64 end; 5630 5631 WARN_ON_ONCE(!len); 5632 end = start + len; 5633 return end > start ? end - 1: NFS4_MAX_UINT64; 5634 } 5635 5636 /* 5637 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 5638 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 5639 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 5640 * locking, this prevents us from being completely protocol-compliant. The 5641 * real solution to this problem is to start using unsigned file offsets in 5642 * the VFS, but this is a very deep change! 5643 */ 5644 static inline void 5645 nfs4_transform_lock_offset(struct file_lock *lock) 5646 { 5647 if (lock->fl_start < 0) 5648 lock->fl_start = OFFSET_MAX; 5649 if (lock->fl_end < 0) 5650 lock->fl_end = OFFSET_MAX; 5651 } 5652 5653 static fl_owner_t 5654 nfsd4_fl_get_owner(fl_owner_t owner) 5655 { 5656 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5657 5658 nfs4_get_stateowner(&lo->lo_owner); 5659 return owner; 5660 } 5661 5662 static void 5663 nfsd4_fl_put_owner(fl_owner_t owner) 5664 { 5665 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5666 5667 if (lo) 5668 nfs4_put_stateowner(&lo->lo_owner); 5669 } 5670 5671 static void 5672 nfsd4_lm_notify(struct file_lock *fl) 5673 { 5674 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 5675 struct net *net = lo->lo_owner.so_client->net; 5676 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5677 struct nfsd4_blocked_lock *nbl = container_of(fl, 5678 struct nfsd4_blocked_lock, nbl_lock); 5679 bool queue = false; 5680 5681 /* An empty list means that something else is going to be using it */ 5682 spin_lock(&nn->blocked_locks_lock); 5683 if (!list_empty(&nbl->nbl_list)) { 5684 list_del_init(&nbl->nbl_list); 5685 list_del_init(&nbl->nbl_lru); 5686 queue = true; 5687 } 5688 spin_unlock(&nn->blocked_locks_lock); 5689 5690 if (queue) 5691 nfsd4_run_cb(&nbl->nbl_cb); 5692 } 5693 5694 static const struct lock_manager_operations nfsd_posix_mng_ops = { 5695 .lm_notify = nfsd4_lm_notify, 5696 .lm_get_owner = nfsd4_fl_get_owner, 5697 .lm_put_owner = nfsd4_fl_put_owner, 5698 }; 5699 5700 static inline void 5701 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 5702 { 5703 struct nfs4_lockowner *lo; 5704 5705 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 5706 lo = (struct nfs4_lockowner *) fl->fl_owner; 5707 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data, 5708 lo->lo_owner.so_owner.len, GFP_KERNEL); 5709 if (!deny->ld_owner.data) 5710 /* We just don't care that much */ 5711 goto nevermind; 5712 deny->ld_owner.len = lo->lo_owner.so_owner.len; 5713 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 5714 } else { 5715 nevermind: 5716 deny->ld_owner.len = 0; 5717 deny->ld_owner.data = NULL; 5718 deny->ld_clientid.cl_boot = 0; 5719 deny->ld_clientid.cl_id = 0; 5720 } 5721 deny->ld_start = fl->fl_start; 5722 deny->ld_length = NFS4_MAX_UINT64; 5723 if (fl->fl_end != NFS4_MAX_UINT64) 5724 deny->ld_length = fl->fl_end - fl->fl_start + 1; 5725 deny->ld_type = NFS4_READ_LT; 5726 if (fl->fl_type != F_RDLCK) 5727 deny->ld_type = NFS4_WRITE_LT; 5728 } 5729 5730 static struct nfs4_lockowner * 5731 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 5732 { 5733 unsigned int strhashval = ownerstr_hashval(owner); 5734 struct nfs4_stateowner *so; 5735 5736 lockdep_assert_held(&clp->cl_lock); 5737 5738 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 5739 so_strhash) { 5740 if (so->so_is_open_owner) 5741 continue; 5742 if (same_owner_str(so, owner)) 5743 return lockowner(nfs4_get_stateowner(so)); 5744 } 5745 return NULL; 5746 } 5747 5748 static struct nfs4_lockowner * 5749 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 5750 { 5751 struct nfs4_lockowner *lo; 5752 5753 spin_lock(&clp->cl_lock); 5754 lo = find_lockowner_str_locked(clp, owner); 5755 spin_unlock(&clp->cl_lock); 5756 return lo; 5757 } 5758 5759 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 5760 { 5761 unhash_lockowner_locked(lockowner(sop)); 5762 } 5763 5764 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 5765 { 5766 struct nfs4_lockowner *lo = lockowner(sop); 5767 5768 kmem_cache_free(lockowner_slab, lo); 5769 } 5770 5771 static const struct nfs4_stateowner_operations lockowner_ops = { 5772 .so_unhash = nfs4_unhash_lockowner, 5773 .so_free = nfs4_free_lockowner, 5774 }; 5775 5776 /* 5777 * Alloc a lock owner structure. 5778 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 5779 * occurred. 5780 * 5781 * strhashval = ownerstr_hashval 5782 */ 5783 static struct nfs4_lockowner * 5784 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 5785 struct nfs4_ol_stateid *open_stp, 5786 struct nfsd4_lock *lock) 5787 { 5788 struct nfs4_lockowner *lo, *ret; 5789 5790 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 5791 if (!lo) 5792 return NULL; 5793 INIT_LIST_HEAD(&lo->lo_blocked); 5794 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 5795 lo->lo_owner.so_is_open_owner = 0; 5796 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 5797 lo->lo_owner.so_ops = &lockowner_ops; 5798 spin_lock(&clp->cl_lock); 5799 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 5800 if (ret == NULL) { 5801 list_add(&lo->lo_owner.so_strhash, 5802 &clp->cl_ownerstr_hashtbl[strhashval]); 5803 ret = lo; 5804 } else 5805 nfs4_free_stateowner(&lo->lo_owner); 5806 5807 spin_unlock(&clp->cl_lock); 5808 return ret; 5809 } 5810 5811 static struct nfs4_ol_stateid * 5812 find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) 5813 { 5814 struct nfs4_ol_stateid *lst; 5815 struct nfs4_client *clp = lo->lo_owner.so_client; 5816 5817 lockdep_assert_held(&clp->cl_lock); 5818 5819 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { 5820 if (lst->st_stid.sc_type != NFS4_LOCK_STID) 5821 continue; 5822 if (lst->st_stid.sc_file == fp) { 5823 refcount_inc(&lst->st_stid.sc_count); 5824 return lst; 5825 } 5826 } 5827 return NULL; 5828 } 5829 5830 static struct nfs4_ol_stateid * 5831 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 5832 struct nfs4_file *fp, struct inode *inode, 5833 struct nfs4_ol_stateid *open_stp) 5834 { 5835 struct nfs4_client *clp = lo->lo_owner.so_client; 5836 struct nfs4_ol_stateid *retstp; 5837 5838 mutex_init(&stp->st_mutex); 5839 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 5840 retry: 5841 spin_lock(&clp->cl_lock); 5842 spin_lock(&fp->fi_lock); 5843 retstp = find_lock_stateid(lo, fp); 5844 if (retstp) 5845 goto out_unlock; 5846 5847 refcount_inc(&stp->st_stid.sc_count); 5848 stp->st_stid.sc_type = NFS4_LOCK_STID; 5849 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 5850 get_nfs4_file(fp); 5851 stp->st_stid.sc_file = fp; 5852 stp->st_access_bmap = 0; 5853 stp->st_deny_bmap = open_stp->st_deny_bmap; 5854 stp->st_openstp = open_stp; 5855 list_add(&stp->st_locks, &open_stp->st_locks); 5856 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 5857 list_add(&stp->st_perfile, &fp->fi_stateids); 5858 out_unlock: 5859 spin_unlock(&fp->fi_lock); 5860 spin_unlock(&clp->cl_lock); 5861 if (retstp) { 5862 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 5863 nfs4_put_stid(&retstp->st_stid); 5864 goto retry; 5865 } 5866 /* To keep mutex tracking happy */ 5867 mutex_unlock(&stp->st_mutex); 5868 stp = retstp; 5869 } 5870 return stp; 5871 } 5872 5873 static struct nfs4_ol_stateid * 5874 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 5875 struct inode *inode, struct nfs4_ol_stateid *ost, 5876 bool *new) 5877 { 5878 struct nfs4_stid *ns = NULL; 5879 struct nfs4_ol_stateid *lst; 5880 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5881 struct nfs4_client *clp = oo->oo_owner.so_client; 5882 5883 *new = false; 5884 spin_lock(&clp->cl_lock); 5885 lst = find_lock_stateid(lo, fi); 5886 spin_unlock(&clp->cl_lock); 5887 if (lst != NULL) { 5888 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 5889 goto out; 5890 nfs4_put_stid(&lst->st_stid); 5891 } 5892 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 5893 if (ns == NULL) 5894 return NULL; 5895 5896 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 5897 if (lst == openlockstateid(ns)) 5898 *new = true; 5899 else 5900 nfs4_put_stid(ns); 5901 out: 5902 return lst; 5903 } 5904 5905 static int 5906 check_lock_length(u64 offset, u64 length) 5907 { 5908 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 5909 (length > ~offset))); 5910 } 5911 5912 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 5913 { 5914 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 5915 5916 lockdep_assert_held(&fp->fi_lock); 5917 5918 if (test_access(access, lock_stp)) 5919 return; 5920 __nfs4_file_get_access(fp, access); 5921 set_access(access, lock_stp); 5922 } 5923 5924 static __be32 5925 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 5926 struct nfs4_ol_stateid *ost, 5927 struct nfsd4_lock *lock, 5928 struct nfs4_ol_stateid **plst, bool *new) 5929 { 5930 __be32 status; 5931 struct nfs4_file *fi = ost->st_stid.sc_file; 5932 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5933 struct nfs4_client *cl = oo->oo_owner.so_client; 5934 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 5935 struct nfs4_lockowner *lo; 5936 struct nfs4_ol_stateid *lst; 5937 unsigned int strhashval; 5938 5939 lo = find_lockowner_str(cl, &lock->lk_new_owner); 5940 if (!lo) { 5941 strhashval = ownerstr_hashval(&lock->lk_new_owner); 5942 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 5943 if (lo == NULL) 5944 return nfserr_jukebox; 5945 } else { 5946 /* with an existing lockowner, seqids must be the same */ 5947 status = nfserr_bad_seqid; 5948 if (!cstate->minorversion && 5949 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 5950 goto out; 5951 } 5952 5953 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 5954 if (lst == NULL) { 5955 status = nfserr_jukebox; 5956 goto out; 5957 } 5958 5959 status = nfs_ok; 5960 *plst = lst; 5961 out: 5962 nfs4_put_stateowner(&lo->lo_owner); 5963 return status; 5964 } 5965 5966 /* 5967 * LOCK operation 5968 */ 5969 __be32 5970 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5971 union nfsd4_op_u *u) 5972 { 5973 struct nfsd4_lock *lock = &u->lock; 5974 struct nfs4_openowner *open_sop = NULL; 5975 struct nfs4_lockowner *lock_sop = NULL; 5976 struct nfs4_ol_stateid *lock_stp = NULL; 5977 struct nfs4_ol_stateid *open_stp = NULL; 5978 struct nfs4_file *fp; 5979 struct file *filp = NULL; 5980 struct nfsd4_blocked_lock *nbl = NULL; 5981 struct file_lock *file_lock = NULL; 5982 struct file_lock *conflock = NULL; 5983 __be32 status = 0; 5984 int lkflg; 5985 int err; 5986 bool new = false; 5987 unsigned char fl_type; 5988 unsigned int fl_flags = FL_POSIX; 5989 struct net *net = SVC_NET(rqstp); 5990 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5991 5992 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 5993 (long long) lock->lk_offset, 5994 (long long) lock->lk_length); 5995 5996 if (check_lock_length(lock->lk_offset, lock->lk_length)) 5997 return nfserr_inval; 5998 5999 if ((status = fh_verify(rqstp, &cstate->current_fh, 6000 S_IFREG, NFSD_MAY_LOCK))) { 6001 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 6002 return status; 6003 } 6004 6005 if (lock->lk_is_new) { 6006 if (nfsd4_has_session(cstate)) 6007 /* See rfc 5661 18.10.3: given clientid is ignored: */ 6008 memcpy(&lock->lk_new_clientid, 6009 &cstate->session->se_client->cl_clientid, 6010 sizeof(clientid_t)); 6011 6012 status = nfserr_stale_clientid; 6013 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 6014 goto out; 6015 6016 /* validate and update open stateid and open seqid */ 6017 status = nfs4_preprocess_confirmed_seqid_op(cstate, 6018 lock->lk_new_open_seqid, 6019 &lock->lk_new_open_stateid, 6020 &open_stp, nn); 6021 if (status) 6022 goto out; 6023 mutex_unlock(&open_stp->st_mutex); 6024 open_sop = openowner(open_stp->st_stateowner); 6025 status = nfserr_bad_stateid; 6026 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 6027 &lock->lk_new_clientid)) 6028 goto out; 6029 status = lookup_or_create_lock_state(cstate, open_stp, lock, 6030 &lock_stp, &new); 6031 } else { 6032 status = nfs4_preprocess_seqid_op(cstate, 6033 lock->lk_old_lock_seqid, 6034 &lock->lk_old_lock_stateid, 6035 NFS4_LOCK_STID, &lock_stp, nn); 6036 } 6037 if (status) 6038 goto out; 6039 lock_sop = lockowner(lock_stp->st_stateowner); 6040 6041 lkflg = setlkflg(lock->lk_type); 6042 status = nfs4_check_openmode(lock_stp, lkflg); 6043 if (status) 6044 goto out; 6045 6046 status = nfserr_grace; 6047 if (locks_in_grace(net) && !lock->lk_reclaim) 6048 goto out; 6049 status = nfserr_no_grace; 6050 if (!locks_in_grace(net) && lock->lk_reclaim) 6051 goto out; 6052 6053 fp = lock_stp->st_stid.sc_file; 6054 switch (lock->lk_type) { 6055 case NFS4_READW_LT: 6056 if (nfsd4_has_session(cstate)) 6057 fl_flags |= FL_SLEEP; 6058 /* Fallthrough */ 6059 case NFS4_READ_LT: 6060 spin_lock(&fp->fi_lock); 6061 filp = find_readable_file_locked(fp); 6062 if (filp) 6063 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 6064 spin_unlock(&fp->fi_lock); 6065 fl_type = F_RDLCK; 6066 break; 6067 case NFS4_WRITEW_LT: 6068 if (nfsd4_has_session(cstate)) 6069 fl_flags |= FL_SLEEP; 6070 /* Fallthrough */ 6071 case NFS4_WRITE_LT: 6072 spin_lock(&fp->fi_lock); 6073 filp = find_writeable_file_locked(fp); 6074 if (filp) 6075 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 6076 spin_unlock(&fp->fi_lock); 6077 fl_type = F_WRLCK; 6078 break; 6079 default: 6080 status = nfserr_inval; 6081 goto out; 6082 } 6083 6084 if (!filp) { 6085 status = nfserr_openmode; 6086 goto out; 6087 } 6088 6089 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 6090 if (!nbl) { 6091 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 6092 status = nfserr_jukebox; 6093 goto out; 6094 } 6095 6096 file_lock = &nbl->nbl_lock; 6097 file_lock->fl_type = fl_type; 6098 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 6099 file_lock->fl_pid = current->tgid; 6100 file_lock->fl_file = filp; 6101 file_lock->fl_flags = fl_flags; 6102 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6103 file_lock->fl_start = lock->lk_offset; 6104 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 6105 nfs4_transform_lock_offset(file_lock); 6106 6107 conflock = locks_alloc_lock(); 6108 if (!conflock) { 6109 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6110 status = nfserr_jukebox; 6111 goto out; 6112 } 6113 6114 if (fl_flags & FL_SLEEP) { 6115 nbl->nbl_time = jiffies; 6116 spin_lock(&nn->blocked_locks_lock); 6117 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 6118 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 6119 spin_unlock(&nn->blocked_locks_lock); 6120 } 6121 6122 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock); 6123 switch (err) { 6124 case 0: /* success! */ 6125 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 6126 status = 0; 6127 if (lock->lk_reclaim) 6128 nn->somebody_reclaimed = true; 6129 break; 6130 case FILE_LOCK_DEFERRED: 6131 nbl = NULL; 6132 /* Fallthrough */ 6133 case -EAGAIN: /* conflock holds conflicting lock */ 6134 status = nfserr_denied; 6135 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 6136 nfs4_set_lock_denied(conflock, &lock->lk_denied); 6137 break; 6138 case -EDEADLK: 6139 status = nfserr_deadlock; 6140 break; 6141 default: 6142 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 6143 status = nfserrno(err); 6144 break; 6145 } 6146 out: 6147 if (nbl) { 6148 /* dequeue it if we queued it before */ 6149 if (fl_flags & FL_SLEEP) { 6150 spin_lock(&nn->blocked_locks_lock); 6151 list_del_init(&nbl->nbl_list); 6152 list_del_init(&nbl->nbl_lru); 6153 spin_unlock(&nn->blocked_locks_lock); 6154 } 6155 free_blocked_lock(nbl); 6156 } 6157 if (filp) 6158 fput(filp); 6159 if (lock_stp) { 6160 /* Bump seqid manually if the 4.0 replay owner is openowner */ 6161 if (cstate->replay_owner && 6162 cstate->replay_owner != &lock_sop->lo_owner && 6163 seqid_mutating_err(ntohl(status))) 6164 lock_sop->lo_owner.so_seqid++; 6165 6166 /* 6167 * If this is a new, never-before-used stateid, and we are 6168 * returning an error, then just go ahead and release it. 6169 */ 6170 if (status && new) 6171 release_lock_stateid(lock_stp); 6172 6173 mutex_unlock(&lock_stp->st_mutex); 6174 6175 nfs4_put_stid(&lock_stp->st_stid); 6176 } 6177 if (open_stp) 6178 nfs4_put_stid(&open_stp->st_stid); 6179 nfsd4_bump_seqid(cstate, status); 6180 if (conflock) 6181 locks_free_lock(conflock); 6182 return status; 6183 } 6184 6185 /* 6186 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6187 * so we do a temporary open here just to get an open file to pass to 6188 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6189 * inode operation.) 6190 */ 6191 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6192 { 6193 struct file *file; 6194 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 6195 if (!err) { 6196 err = nfserrno(vfs_test_lock(file, lock)); 6197 fput(file); 6198 } 6199 return err; 6200 } 6201 6202 /* 6203 * LOCKT operation 6204 */ 6205 __be32 6206 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6207 union nfsd4_op_u *u) 6208 { 6209 struct nfsd4_lockt *lockt = &u->lockt; 6210 struct file_lock *file_lock = NULL; 6211 struct nfs4_lockowner *lo = NULL; 6212 __be32 status; 6213 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6214 6215 if (locks_in_grace(SVC_NET(rqstp))) 6216 return nfserr_grace; 6217 6218 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6219 return nfserr_inval; 6220 6221 if (!nfsd4_has_session(cstate)) { 6222 status = lookup_clientid(&lockt->lt_clientid, cstate, nn); 6223 if (status) 6224 goto out; 6225 } 6226 6227 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6228 goto out; 6229 6230 file_lock = locks_alloc_lock(); 6231 if (!file_lock) { 6232 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6233 status = nfserr_jukebox; 6234 goto out; 6235 } 6236 6237 switch (lockt->lt_type) { 6238 case NFS4_READ_LT: 6239 case NFS4_READW_LT: 6240 file_lock->fl_type = F_RDLCK; 6241 break; 6242 case NFS4_WRITE_LT: 6243 case NFS4_WRITEW_LT: 6244 file_lock->fl_type = F_WRLCK; 6245 break; 6246 default: 6247 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6248 status = nfserr_inval; 6249 goto out; 6250 } 6251 6252 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6253 if (lo) 6254 file_lock->fl_owner = (fl_owner_t)lo; 6255 file_lock->fl_pid = current->tgid; 6256 file_lock->fl_flags = FL_POSIX; 6257 6258 file_lock->fl_start = lockt->lt_offset; 6259 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6260 6261 nfs4_transform_lock_offset(file_lock); 6262 6263 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6264 if (status) 6265 goto out; 6266 6267 if (file_lock->fl_type != F_UNLCK) { 6268 status = nfserr_denied; 6269 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6270 } 6271 out: 6272 if (lo) 6273 nfs4_put_stateowner(&lo->lo_owner); 6274 if (file_lock) 6275 locks_free_lock(file_lock); 6276 return status; 6277 } 6278 6279 __be32 6280 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6281 union nfsd4_op_u *u) 6282 { 6283 struct nfsd4_locku *locku = &u->locku; 6284 struct nfs4_ol_stateid *stp; 6285 struct file *filp = NULL; 6286 struct file_lock *file_lock = NULL; 6287 __be32 status; 6288 int err; 6289 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6290 6291 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6292 (long long) locku->lu_offset, 6293 (long long) locku->lu_length); 6294 6295 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6296 return nfserr_inval; 6297 6298 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6299 &locku->lu_stateid, NFS4_LOCK_STID, 6300 &stp, nn); 6301 if (status) 6302 goto out; 6303 filp = find_any_file(stp->st_stid.sc_file); 6304 if (!filp) { 6305 status = nfserr_lock_range; 6306 goto put_stateid; 6307 } 6308 file_lock = locks_alloc_lock(); 6309 if (!file_lock) { 6310 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6311 status = nfserr_jukebox; 6312 goto fput; 6313 } 6314 6315 file_lock->fl_type = F_UNLCK; 6316 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6317 file_lock->fl_pid = current->tgid; 6318 file_lock->fl_file = filp; 6319 file_lock->fl_flags = FL_POSIX; 6320 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6321 file_lock->fl_start = locku->lu_offset; 6322 6323 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6324 locku->lu_length); 6325 nfs4_transform_lock_offset(file_lock); 6326 6327 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL); 6328 if (err) { 6329 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6330 goto out_nfserr; 6331 } 6332 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6333 fput: 6334 fput(filp); 6335 put_stateid: 6336 mutex_unlock(&stp->st_mutex); 6337 nfs4_put_stid(&stp->st_stid); 6338 out: 6339 nfsd4_bump_seqid(cstate, status); 6340 if (file_lock) 6341 locks_free_lock(file_lock); 6342 return status; 6343 6344 out_nfserr: 6345 status = nfserrno(err); 6346 goto fput; 6347 } 6348 6349 /* 6350 * returns 6351 * true: locks held by lockowner 6352 * false: no locks held by lockowner 6353 */ 6354 static bool 6355 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 6356 { 6357 struct file_lock *fl; 6358 int status = false; 6359 struct file *filp = find_any_file(fp); 6360 struct inode *inode; 6361 struct file_lock_context *flctx; 6362 6363 if (!filp) { 6364 /* Any valid lock stateid should have some sort of access */ 6365 WARN_ON_ONCE(1); 6366 return status; 6367 } 6368 6369 inode = locks_inode(filp); 6370 flctx = inode->i_flctx; 6371 6372 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 6373 spin_lock(&flctx->flc_lock); 6374 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 6375 if (fl->fl_owner == (fl_owner_t)lowner) { 6376 status = true; 6377 break; 6378 } 6379 } 6380 spin_unlock(&flctx->flc_lock); 6381 } 6382 fput(filp); 6383 return status; 6384 } 6385 6386 __be32 6387 nfsd4_release_lockowner(struct svc_rqst *rqstp, 6388 struct nfsd4_compound_state *cstate, 6389 union nfsd4_op_u *u) 6390 { 6391 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 6392 clientid_t *clid = &rlockowner->rl_clientid; 6393 struct nfs4_stateowner *sop; 6394 struct nfs4_lockowner *lo = NULL; 6395 struct nfs4_ol_stateid *stp; 6396 struct xdr_netobj *owner = &rlockowner->rl_owner; 6397 unsigned int hashval = ownerstr_hashval(owner); 6398 __be32 status; 6399 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6400 struct nfs4_client *clp; 6401 LIST_HEAD (reaplist); 6402 6403 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 6404 clid->cl_boot, clid->cl_id); 6405 6406 status = lookup_clientid(clid, cstate, nn); 6407 if (status) 6408 return status; 6409 6410 clp = cstate->clp; 6411 /* Find the matching lock stateowner */ 6412 spin_lock(&clp->cl_lock); 6413 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 6414 so_strhash) { 6415 6416 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 6417 continue; 6418 6419 /* see if there are still any locks associated with it */ 6420 lo = lockowner(sop); 6421 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 6422 if (check_for_locks(stp->st_stid.sc_file, lo)) { 6423 status = nfserr_locks_held; 6424 spin_unlock(&clp->cl_lock); 6425 return status; 6426 } 6427 } 6428 6429 nfs4_get_stateowner(sop); 6430 break; 6431 } 6432 if (!lo) { 6433 spin_unlock(&clp->cl_lock); 6434 return status; 6435 } 6436 6437 unhash_lockowner_locked(lo); 6438 while (!list_empty(&lo->lo_owner.so_stateids)) { 6439 stp = list_first_entry(&lo->lo_owner.so_stateids, 6440 struct nfs4_ol_stateid, 6441 st_perstateowner); 6442 WARN_ON(!unhash_lock_stateid(stp)); 6443 put_ol_stateid_locked(stp, &reaplist); 6444 } 6445 spin_unlock(&clp->cl_lock); 6446 free_ol_stateid_reaplist(&reaplist); 6447 remove_blocked_locks(lo); 6448 nfs4_put_stateowner(&lo->lo_owner); 6449 6450 return status; 6451 } 6452 6453 static inline struct nfs4_client_reclaim * 6454 alloc_reclaim(void) 6455 { 6456 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 6457 } 6458 6459 bool 6460 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn) 6461 { 6462 struct nfs4_client_reclaim *crp; 6463 6464 crp = nfsd4_find_reclaim_client(name, nn); 6465 return (crp && crp->cr_clp); 6466 } 6467 6468 /* 6469 * failure => all reset bets are off, nfserr_no_grace... 6470 */ 6471 struct nfs4_client_reclaim * 6472 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn) 6473 { 6474 unsigned int strhashval; 6475 struct nfs4_client_reclaim *crp; 6476 6477 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name); 6478 crp = alloc_reclaim(); 6479 if (crp) { 6480 strhashval = clientstr_hashval(name); 6481 INIT_LIST_HEAD(&crp->cr_strhash); 6482 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 6483 memcpy(crp->cr_recdir, name, HEXDIR_LEN); 6484 crp->cr_clp = NULL; 6485 nn->reclaim_str_hashtbl_size++; 6486 } 6487 return crp; 6488 } 6489 6490 void 6491 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 6492 { 6493 list_del(&crp->cr_strhash); 6494 kfree(crp); 6495 nn->reclaim_str_hashtbl_size--; 6496 } 6497 6498 void 6499 nfs4_release_reclaim(struct nfsd_net *nn) 6500 { 6501 struct nfs4_client_reclaim *crp = NULL; 6502 int i; 6503 6504 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 6505 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 6506 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 6507 struct nfs4_client_reclaim, cr_strhash); 6508 nfs4_remove_reclaim_record(crp, nn); 6509 } 6510 } 6511 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 6512 } 6513 6514 /* 6515 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 6516 struct nfs4_client_reclaim * 6517 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn) 6518 { 6519 unsigned int strhashval; 6520 struct nfs4_client_reclaim *crp = NULL; 6521 6522 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir); 6523 6524 strhashval = clientstr_hashval(recdir); 6525 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 6526 if (same_name(crp->cr_recdir, recdir)) { 6527 return crp; 6528 } 6529 } 6530 return NULL; 6531 } 6532 6533 /* 6534 * Called from OPEN. Look for clientid in reclaim list. 6535 */ 6536 __be32 6537 nfs4_check_open_reclaim(clientid_t *clid, 6538 struct nfsd4_compound_state *cstate, 6539 struct nfsd_net *nn) 6540 { 6541 __be32 status; 6542 6543 /* find clientid in conf_id_hashtbl */ 6544 status = lookup_clientid(clid, cstate, nn); 6545 if (status) 6546 return nfserr_reclaim_bad; 6547 6548 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 6549 return nfserr_no_grace; 6550 6551 if (nfsd4_client_record_check(cstate->clp)) 6552 return nfserr_reclaim_bad; 6553 6554 return nfs_ok; 6555 } 6556 6557 #ifdef CONFIG_NFSD_FAULT_INJECTION 6558 static inline void 6559 put_client(struct nfs4_client *clp) 6560 { 6561 atomic_dec(&clp->cl_refcount); 6562 } 6563 6564 static struct nfs4_client * 6565 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 6566 { 6567 struct nfs4_client *clp; 6568 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6569 nfsd_net_id); 6570 6571 if (!nfsd_netns_ready(nn)) 6572 return NULL; 6573 6574 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6575 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 6576 return clp; 6577 } 6578 return NULL; 6579 } 6580 6581 u64 6582 nfsd_inject_print_clients(void) 6583 { 6584 struct nfs4_client *clp; 6585 u64 count = 0; 6586 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6587 nfsd_net_id); 6588 char buf[INET6_ADDRSTRLEN]; 6589 6590 if (!nfsd_netns_ready(nn)) 6591 return 0; 6592 6593 spin_lock(&nn->client_lock); 6594 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6595 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6596 pr_info("NFS Client: %s\n", buf); 6597 ++count; 6598 } 6599 spin_unlock(&nn->client_lock); 6600 6601 return count; 6602 } 6603 6604 u64 6605 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 6606 { 6607 u64 count = 0; 6608 struct nfs4_client *clp; 6609 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6610 nfsd_net_id); 6611 6612 if (!nfsd_netns_ready(nn)) 6613 return count; 6614 6615 spin_lock(&nn->client_lock); 6616 clp = nfsd_find_client(addr, addr_size); 6617 if (clp) { 6618 if (mark_client_expired_locked(clp) == nfs_ok) 6619 ++count; 6620 else 6621 clp = NULL; 6622 } 6623 spin_unlock(&nn->client_lock); 6624 6625 if (clp) 6626 expire_client(clp); 6627 6628 return count; 6629 } 6630 6631 u64 6632 nfsd_inject_forget_clients(u64 max) 6633 { 6634 u64 count = 0; 6635 struct nfs4_client *clp, *next; 6636 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6637 nfsd_net_id); 6638 LIST_HEAD(reaplist); 6639 6640 if (!nfsd_netns_ready(nn)) 6641 return count; 6642 6643 spin_lock(&nn->client_lock); 6644 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 6645 if (mark_client_expired_locked(clp) == nfs_ok) { 6646 list_add(&clp->cl_lru, &reaplist); 6647 if (max != 0 && ++count >= max) 6648 break; 6649 } 6650 } 6651 spin_unlock(&nn->client_lock); 6652 6653 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 6654 expire_client(clp); 6655 6656 return count; 6657 } 6658 6659 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 6660 const char *type) 6661 { 6662 char buf[INET6_ADDRSTRLEN]; 6663 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6664 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 6665 } 6666 6667 static void 6668 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 6669 struct list_head *collect) 6670 { 6671 struct nfs4_client *clp = lst->st_stid.sc_client; 6672 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6673 nfsd_net_id); 6674 6675 if (!collect) 6676 return; 6677 6678 lockdep_assert_held(&nn->client_lock); 6679 atomic_inc(&clp->cl_refcount); 6680 list_add(&lst->st_locks, collect); 6681 } 6682 6683 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 6684 struct list_head *collect, 6685 bool (*func)(struct nfs4_ol_stateid *)) 6686 { 6687 struct nfs4_openowner *oop; 6688 struct nfs4_ol_stateid *stp, *st_next; 6689 struct nfs4_ol_stateid *lst, *lst_next; 6690 u64 count = 0; 6691 6692 spin_lock(&clp->cl_lock); 6693 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 6694 list_for_each_entry_safe(stp, st_next, 6695 &oop->oo_owner.so_stateids, st_perstateowner) { 6696 list_for_each_entry_safe(lst, lst_next, 6697 &stp->st_locks, st_locks) { 6698 if (func) { 6699 if (func(lst)) 6700 nfsd_inject_add_lock_to_list(lst, 6701 collect); 6702 } 6703 ++count; 6704 /* 6705 * Despite the fact that these functions deal 6706 * with 64-bit integers for "count", we must 6707 * ensure that it doesn't blow up the 6708 * clp->cl_refcount. Throw a warning if we 6709 * start to approach INT_MAX here. 6710 */ 6711 WARN_ON_ONCE(count == (INT_MAX / 2)); 6712 if (count == max) 6713 goto out; 6714 } 6715 } 6716 } 6717 out: 6718 spin_unlock(&clp->cl_lock); 6719 6720 return count; 6721 } 6722 6723 static u64 6724 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 6725 u64 max) 6726 { 6727 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 6728 } 6729 6730 static u64 6731 nfsd_print_client_locks(struct nfs4_client *clp) 6732 { 6733 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 6734 nfsd_print_count(clp, count, "locked files"); 6735 return count; 6736 } 6737 6738 u64 6739 nfsd_inject_print_locks(void) 6740 { 6741 struct nfs4_client *clp; 6742 u64 count = 0; 6743 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6744 nfsd_net_id); 6745 6746 if (!nfsd_netns_ready(nn)) 6747 return 0; 6748 6749 spin_lock(&nn->client_lock); 6750 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6751 count += nfsd_print_client_locks(clp); 6752 spin_unlock(&nn->client_lock); 6753 6754 return count; 6755 } 6756 6757 static void 6758 nfsd_reap_locks(struct list_head *reaplist) 6759 { 6760 struct nfs4_client *clp; 6761 struct nfs4_ol_stateid *stp, *next; 6762 6763 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 6764 list_del_init(&stp->st_locks); 6765 clp = stp->st_stid.sc_client; 6766 nfs4_put_stid(&stp->st_stid); 6767 put_client(clp); 6768 } 6769 } 6770 6771 u64 6772 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 6773 { 6774 unsigned int count = 0; 6775 struct nfs4_client *clp; 6776 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6777 nfsd_net_id); 6778 LIST_HEAD(reaplist); 6779 6780 if (!nfsd_netns_ready(nn)) 6781 return count; 6782 6783 spin_lock(&nn->client_lock); 6784 clp = nfsd_find_client(addr, addr_size); 6785 if (clp) 6786 count = nfsd_collect_client_locks(clp, &reaplist, 0); 6787 spin_unlock(&nn->client_lock); 6788 nfsd_reap_locks(&reaplist); 6789 return count; 6790 } 6791 6792 u64 6793 nfsd_inject_forget_locks(u64 max) 6794 { 6795 u64 count = 0; 6796 struct nfs4_client *clp; 6797 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6798 nfsd_net_id); 6799 LIST_HEAD(reaplist); 6800 6801 if (!nfsd_netns_ready(nn)) 6802 return count; 6803 6804 spin_lock(&nn->client_lock); 6805 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6806 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 6807 if (max != 0 && count >= max) 6808 break; 6809 } 6810 spin_unlock(&nn->client_lock); 6811 nfsd_reap_locks(&reaplist); 6812 return count; 6813 } 6814 6815 static u64 6816 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 6817 struct list_head *collect, 6818 void (*func)(struct nfs4_openowner *)) 6819 { 6820 struct nfs4_openowner *oop, *next; 6821 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6822 nfsd_net_id); 6823 u64 count = 0; 6824 6825 lockdep_assert_held(&nn->client_lock); 6826 6827 spin_lock(&clp->cl_lock); 6828 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 6829 if (func) { 6830 func(oop); 6831 if (collect) { 6832 atomic_inc(&clp->cl_refcount); 6833 list_add(&oop->oo_perclient, collect); 6834 } 6835 } 6836 ++count; 6837 /* 6838 * Despite the fact that these functions deal with 6839 * 64-bit integers for "count", we must ensure that 6840 * it doesn't blow up the clp->cl_refcount. Throw a 6841 * warning if we start to approach INT_MAX here. 6842 */ 6843 WARN_ON_ONCE(count == (INT_MAX / 2)); 6844 if (count == max) 6845 break; 6846 } 6847 spin_unlock(&clp->cl_lock); 6848 6849 return count; 6850 } 6851 6852 static u64 6853 nfsd_print_client_openowners(struct nfs4_client *clp) 6854 { 6855 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 6856 6857 nfsd_print_count(clp, count, "openowners"); 6858 return count; 6859 } 6860 6861 static u64 6862 nfsd_collect_client_openowners(struct nfs4_client *clp, 6863 struct list_head *collect, u64 max) 6864 { 6865 return nfsd_foreach_client_openowner(clp, max, collect, 6866 unhash_openowner_locked); 6867 } 6868 6869 u64 6870 nfsd_inject_print_openowners(void) 6871 { 6872 struct nfs4_client *clp; 6873 u64 count = 0; 6874 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6875 nfsd_net_id); 6876 6877 if (!nfsd_netns_ready(nn)) 6878 return 0; 6879 6880 spin_lock(&nn->client_lock); 6881 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6882 count += nfsd_print_client_openowners(clp); 6883 spin_unlock(&nn->client_lock); 6884 6885 return count; 6886 } 6887 6888 static void 6889 nfsd_reap_openowners(struct list_head *reaplist) 6890 { 6891 struct nfs4_client *clp; 6892 struct nfs4_openowner *oop, *next; 6893 6894 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 6895 list_del_init(&oop->oo_perclient); 6896 clp = oop->oo_owner.so_client; 6897 release_openowner(oop); 6898 put_client(clp); 6899 } 6900 } 6901 6902 u64 6903 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 6904 size_t addr_size) 6905 { 6906 unsigned int count = 0; 6907 struct nfs4_client *clp; 6908 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6909 nfsd_net_id); 6910 LIST_HEAD(reaplist); 6911 6912 if (!nfsd_netns_ready(nn)) 6913 return count; 6914 6915 spin_lock(&nn->client_lock); 6916 clp = nfsd_find_client(addr, addr_size); 6917 if (clp) 6918 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 6919 spin_unlock(&nn->client_lock); 6920 nfsd_reap_openowners(&reaplist); 6921 return count; 6922 } 6923 6924 u64 6925 nfsd_inject_forget_openowners(u64 max) 6926 { 6927 u64 count = 0; 6928 struct nfs4_client *clp; 6929 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6930 nfsd_net_id); 6931 LIST_HEAD(reaplist); 6932 6933 if (!nfsd_netns_ready(nn)) 6934 return count; 6935 6936 spin_lock(&nn->client_lock); 6937 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6938 count += nfsd_collect_client_openowners(clp, &reaplist, 6939 max - count); 6940 if (max != 0 && count >= max) 6941 break; 6942 } 6943 spin_unlock(&nn->client_lock); 6944 nfsd_reap_openowners(&reaplist); 6945 return count; 6946 } 6947 6948 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 6949 struct list_head *victims) 6950 { 6951 struct nfs4_delegation *dp, *next; 6952 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6953 nfsd_net_id); 6954 u64 count = 0; 6955 6956 lockdep_assert_held(&nn->client_lock); 6957 6958 spin_lock(&state_lock); 6959 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 6960 if (victims) { 6961 /* 6962 * It's not safe to mess with delegations that have a 6963 * non-zero dl_time. They might have already been broken 6964 * and could be processed by the laundromat outside of 6965 * the state_lock. Just leave them be. 6966 */ 6967 if (dp->dl_time != 0) 6968 continue; 6969 6970 atomic_inc(&clp->cl_refcount); 6971 WARN_ON(!unhash_delegation_locked(dp)); 6972 list_add(&dp->dl_recall_lru, victims); 6973 } 6974 ++count; 6975 /* 6976 * Despite the fact that these functions deal with 6977 * 64-bit integers for "count", we must ensure that 6978 * it doesn't blow up the clp->cl_refcount. Throw a 6979 * warning if we start to approach INT_MAX here. 6980 */ 6981 WARN_ON_ONCE(count == (INT_MAX / 2)); 6982 if (count == max) 6983 break; 6984 } 6985 spin_unlock(&state_lock); 6986 return count; 6987 } 6988 6989 static u64 6990 nfsd_print_client_delegations(struct nfs4_client *clp) 6991 { 6992 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 6993 6994 nfsd_print_count(clp, count, "delegations"); 6995 return count; 6996 } 6997 6998 u64 6999 nfsd_inject_print_delegations(void) 7000 { 7001 struct nfs4_client *clp; 7002 u64 count = 0; 7003 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7004 nfsd_net_id); 7005 7006 if (!nfsd_netns_ready(nn)) 7007 return 0; 7008 7009 spin_lock(&nn->client_lock); 7010 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7011 count += nfsd_print_client_delegations(clp); 7012 spin_unlock(&nn->client_lock); 7013 7014 return count; 7015 } 7016 7017 static void 7018 nfsd_forget_delegations(struct list_head *reaplist) 7019 { 7020 struct nfs4_client *clp; 7021 struct nfs4_delegation *dp, *next; 7022 7023 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7024 list_del_init(&dp->dl_recall_lru); 7025 clp = dp->dl_stid.sc_client; 7026 revoke_delegation(dp); 7027 put_client(clp); 7028 } 7029 } 7030 7031 u64 7032 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 7033 size_t addr_size) 7034 { 7035 u64 count = 0; 7036 struct nfs4_client *clp; 7037 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7038 nfsd_net_id); 7039 LIST_HEAD(reaplist); 7040 7041 if (!nfsd_netns_ready(nn)) 7042 return count; 7043 7044 spin_lock(&nn->client_lock); 7045 clp = nfsd_find_client(addr, addr_size); 7046 if (clp) 7047 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7048 spin_unlock(&nn->client_lock); 7049 7050 nfsd_forget_delegations(&reaplist); 7051 return count; 7052 } 7053 7054 u64 7055 nfsd_inject_forget_delegations(u64 max) 7056 { 7057 u64 count = 0; 7058 struct nfs4_client *clp; 7059 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7060 nfsd_net_id); 7061 LIST_HEAD(reaplist); 7062 7063 if (!nfsd_netns_ready(nn)) 7064 return count; 7065 7066 spin_lock(&nn->client_lock); 7067 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7068 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7069 if (max != 0 && count >= max) 7070 break; 7071 } 7072 spin_unlock(&nn->client_lock); 7073 nfsd_forget_delegations(&reaplist); 7074 return count; 7075 } 7076 7077 static void 7078 nfsd_recall_delegations(struct list_head *reaplist) 7079 { 7080 struct nfs4_client *clp; 7081 struct nfs4_delegation *dp, *next; 7082 7083 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7084 list_del_init(&dp->dl_recall_lru); 7085 clp = dp->dl_stid.sc_client; 7086 /* 7087 * We skipped all entries that had a zero dl_time before, 7088 * so we can now reset the dl_time back to 0. If a delegation 7089 * break comes in now, then it won't make any difference since 7090 * we're recalling it either way. 7091 */ 7092 spin_lock(&state_lock); 7093 dp->dl_time = 0; 7094 spin_unlock(&state_lock); 7095 nfsd_break_one_deleg(dp); 7096 put_client(clp); 7097 } 7098 } 7099 7100 u64 7101 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 7102 size_t addr_size) 7103 { 7104 u64 count = 0; 7105 struct nfs4_client *clp; 7106 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7107 nfsd_net_id); 7108 LIST_HEAD(reaplist); 7109 7110 if (!nfsd_netns_ready(nn)) 7111 return count; 7112 7113 spin_lock(&nn->client_lock); 7114 clp = nfsd_find_client(addr, addr_size); 7115 if (clp) 7116 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7117 spin_unlock(&nn->client_lock); 7118 7119 nfsd_recall_delegations(&reaplist); 7120 return count; 7121 } 7122 7123 u64 7124 nfsd_inject_recall_delegations(u64 max) 7125 { 7126 u64 count = 0; 7127 struct nfs4_client *clp, *next; 7128 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7129 nfsd_net_id); 7130 LIST_HEAD(reaplist); 7131 7132 if (!nfsd_netns_ready(nn)) 7133 return count; 7134 7135 spin_lock(&nn->client_lock); 7136 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7137 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7138 if (max != 0 && ++count >= max) 7139 break; 7140 } 7141 spin_unlock(&nn->client_lock); 7142 nfsd_recall_delegations(&reaplist); 7143 return count; 7144 } 7145 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 7146 7147 /* 7148 * Since the lifetime of a delegation isn't limited to that of an open, a 7149 * client may quite reasonably hang on to a delegation as long as it has 7150 * the inode cached. This becomes an obvious problem the first time a 7151 * client's inode cache approaches the size of the server's total memory. 7152 * 7153 * For now we avoid this problem by imposing a hard limit on the number 7154 * of delegations, which varies according to the server's memory size. 7155 */ 7156 static void 7157 set_max_delegations(void) 7158 { 7159 /* 7160 * Allow at most 4 delegations per megabyte of RAM. Quick 7161 * estimates suggest that in the worst case (where every delegation 7162 * is for a different inode), a delegation could take about 1.5K, 7163 * giving a worst case usage of about 6% of memory. 7164 */ 7165 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 7166 } 7167 7168 static int nfs4_state_create_net(struct net *net) 7169 { 7170 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7171 int i; 7172 7173 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7174 sizeof(struct list_head), 7175 GFP_KERNEL); 7176 if (!nn->conf_id_hashtbl) 7177 goto err; 7178 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7179 sizeof(struct list_head), 7180 GFP_KERNEL); 7181 if (!nn->unconf_id_hashtbl) 7182 goto err_unconf_id; 7183 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE, 7184 sizeof(struct list_head), 7185 GFP_KERNEL); 7186 if (!nn->sessionid_hashtbl) 7187 goto err_sessionid; 7188 7189 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7190 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7191 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7192 } 7193 for (i = 0; i < SESSION_HASH_SIZE; i++) 7194 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7195 nn->conf_name_tree = RB_ROOT; 7196 nn->unconf_name_tree = RB_ROOT; 7197 nn->boot_time = get_seconds(); 7198 nn->grace_ended = false; 7199 nn->nfsd4_manager.block_opens = true; 7200 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 7201 INIT_LIST_HEAD(&nn->client_lru); 7202 INIT_LIST_HEAD(&nn->close_lru); 7203 INIT_LIST_HEAD(&nn->del_recall_lru); 7204 spin_lock_init(&nn->client_lock); 7205 spin_lock_init(&nn->s2s_cp_lock); 7206 idr_init(&nn->s2s_cp_stateids); 7207 7208 spin_lock_init(&nn->blocked_locks_lock); 7209 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7210 7211 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7212 get_net(net); 7213 7214 return 0; 7215 7216 err_sessionid: 7217 kfree(nn->unconf_id_hashtbl); 7218 err_unconf_id: 7219 kfree(nn->conf_id_hashtbl); 7220 err: 7221 return -ENOMEM; 7222 } 7223 7224 static void 7225 nfs4_state_destroy_net(struct net *net) 7226 { 7227 int i; 7228 struct nfs4_client *clp = NULL; 7229 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7230 7231 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7232 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7233 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7234 destroy_client(clp); 7235 } 7236 } 7237 7238 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 7239 7240 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7241 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7242 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7243 destroy_client(clp); 7244 } 7245 } 7246 7247 kfree(nn->sessionid_hashtbl); 7248 kfree(nn->unconf_id_hashtbl); 7249 kfree(nn->conf_id_hashtbl); 7250 put_net(net); 7251 } 7252 7253 int 7254 nfs4_state_start_net(struct net *net) 7255 { 7256 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7257 int ret; 7258 7259 ret = nfs4_state_create_net(net); 7260 if (ret) 7261 return ret; 7262 locks_start_grace(net, &nn->nfsd4_manager); 7263 nfsd4_client_tracking_init(net); 7264 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %x)\n", 7265 nn->nfsd4_grace, net->ns.inum); 7266 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7267 return 0; 7268 } 7269 7270 /* initialization to perform when the nfsd service is started: */ 7271 7272 int 7273 nfs4_state_start(void) 7274 { 7275 int ret; 7276 7277 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7278 if (laundry_wq == NULL) { 7279 ret = -ENOMEM; 7280 goto out; 7281 } 7282 ret = nfsd4_create_callback_queue(); 7283 if (ret) 7284 goto out_free_laundry; 7285 7286 set_max_delegations(); 7287 return 0; 7288 7289 out_free_laundry: 7290 destroy_workqueue(laundry_wq); 7291 out: 7292 return ret; 7293 } 7294 7295 void 7296 nfs4_state_shutdown_net(struct net *net) 7297 { 7298 struct nfs4_delegation *dp = NULL; 7299 struct list_head *pos, *next, reaplist; 7300 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7301 7302 cancel_delayed_work_sync(&nn->laundromat_work); 7303 locks_end_grace(&nn->nfsd4_manager); 7304 7305 INIT_LIST_HEAD(&reaplist); 7306 spin_lock(&state_lock); 7307 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7308 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7309 WARN_ON(!unhash_delegation_locked(dp)); 7310 list_add(&dp->dl_recall_lru, &reaplist); 7311 } 7312 spin_unlock(&state_lock); 7313 list_for_each_safe(pos, next, &reaplist) { 7314 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7315 list_del_init(&dp->dl_recall_lru); 7316 destroy_unhashed_deleg(dp); 7317 } 7318 7319 nfsd4_client_tracking_exit(net); 7320 nfs4_state_destroy_net(net); 7321 } 7322 7323 void 7324 nfs4_state_shutdown(void) 7325 { 7326 destroy_workqueue(laundry_wq); 7327 nfsd4_destroy_callback_queue(); 7328 } 7329 7330 static void 7331 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7332 { 7333 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid)) 7334 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 7335 } 7336 7337 static void 7338 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7339 { 7340 if (cstate->minorversion) { 7341 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 7342 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7343 } 7344 } 7345 7346 void 7347 clear_current_stateid(struct nfsd4_compound_state *cstate) 7348 { 7349 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7350 } 7351 7352 /* 7353 * functions to set current state id 7354 */ 7355 void 7356 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 7357 union nfsd4_op_u *u) 7358 { 7359 put_stateid(cstate, &u->open_downgrade.od_stateid); 7360 } 7361 7362 void 7363 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 7364 union nfsd4_op_u *u) 7365 { 7366 put_stateid(cstate, &u->open.op_stateid); 7367 } 7368 7369 void 7370 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 7371 union nfsd4_op_u *u) 7372 { 7373 put_stateid(cstate, &u->close.cl_stateid); 7374 } 7375 7376 void 7377 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 7378 union nfsd4_op_u *u) 7379 { 7380 put_stateid(cstate, &u->lock.lk_resp_stateid); 7381 } 7382 7383 /* 7384 * functions to consume current state id 7385 */ 7386 7387 void 7388 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 7389 union nfsd4_op_u *u) 7390 { 7391 get_stateid(cstate, &u->open_downgrade.od_stateid); 7392 } 7393 7394 void 7395 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 7396 union nfsd4_op_u *u) 7397 { 7398 get_stateid(cstate, &u->delegreturn.dr_stateid); 7399 } 7400 7401 void 7402 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 7403 union nfsd4_op_u *u) 7404 { 7405 get_stateid(cstate, &u->free_stateid.fr_stateid); 7406 } 7407 7408 void 7409 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 7410 union nfsd4_op_u *u) 7411 { 7412 get_stateid(cstate, &u->setattr.sa_stateid); 7413 } 7414 7415 void 7416 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 7417 union nfsd4_op_u *u) 7418 { 7419 get_stateid(cstate, &u->close.cl_stateid); 7420 } 7421 7422 void 7423 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 7424 union nfsd4_op_u *u) 7425 { 7426 get_stateid(cstate, &u->locku.lu_stateid); 7427 } 7428 7429 void 7430 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 7431 union nfsd4_op_u *u) 7432 { 7433 get_stateid(cstate, &u->read.rd_stateid); 7434 } 7435 7436 void 7437 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 7438 union nfsd4_op_u *u) 7439 { 7440 get_stateid(cstate, &u->write.wr_stateid); 7441 } 7442