1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include <linux/string_helpers.h> 46 #include "xdr4.h" 47 #include "xdr4cb.h" 48 #include "vfs.h" 49 #include "current_stateid.h" 50 51 #include "netns.h" 52 #include "pnfs.h" 53 #include "filecache.h" 54 #include "trace.h" 55 56 #define NFSDDBG_FACILITY NFSDDBG_PROC 57 58 #define all_ones {{~0,~0},~0} 59 static const stateid_t one_stateid = { 60 .si_generation = ~0, 61 .si_opaque = all_ones, 62 }; 63 static const stateid_t zero_stateid = { 64 /* all fields zero */ 65 }; 66 static const stateid_t currentstateid = { 67 .si_generation = 1, 68 }; 69 static const stateid_t close_stateid = { 70 .si_generation = 0xffffffffU, 71 }; 72 73 static u64 current_sessionid = 1; 74 75 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 76 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 77 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 78 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 79 80 /* forward declarations */ 81 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 82 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 83 void nfsd4_end_grace(struct nfsd_net *nn); 84 static void _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps); 85 86 /* Locking: */ 87 88 /* 89 * Currently used for the del_recall_lru and file hash table. In an 90 * effort to decrease the scope of the client_mutex, this spinlock may 91 * eventually cover more: 92 */ 93 static DEFINE_SPINLOCK(state_lock); 94 95 enum nfsd4_st_mutex_lock_subclass { 96 OPEN_STATEID_MUTEX = 0, 97 LOCK_STATEID_MUTEX = 1, 98 }; 99 100 /* 101 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 102 * the refcount on the open stateid to drop. 103 */ 104 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 105 106 /* 107 * A waitqueue where a writer to clients/#/ctl destroying a client can 108 * wait for cl_rpc_users to drop to 0 and then for the client to be 109 * unhashed. 110 */ 111 static DECLARE_WAIT_QUEUE_HEAD(expiry_wq); 112 113 static struct kmem_cache *client_slab; 114 static struct kmem_cache *openowner_slab; 115 static struct kmem_cache *lockowner_slab; 116 static struct kmem_cache *file_slab; 117 static struct kmem_cache *stateid_slab; 118 static struct kmem_cache *deleg_slab; 119 static struct kmem_cache *odstate_slab; 120 121 static void free_session(struct nfsd4_session *); 122 123 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 124 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 125 126 static bool is_session_dead(struct nfsd4_session *ses) 127 { 128 return ses->se_flags & NFS4_SESSION_DEAD; 129 } 130 131 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 132 { 133 if (atomic_read(&ses->se_ref) > ref_held_by_me) 134 return nfserr_jukebox; 135 ses->se_flags |= NFS4_SESSION_DEAD; 136 return nfs_ok; 137 } 138 139 static bool is_client_expired(struct nfs4_client *clp) 140 { 141 return clp->cl_time == 0; 142 } 143 144 static __be32 get_client_locked(struct nfs4_client *clp) 145 { 146 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 147 148 lockdep_assert_held(&nn->client_lock); 149 150 if (is_client_expired(clp)) 151 return nfserr_expired; 152 atomic_inc(&clp->cl_rpc_users); 153 return nfs_ok; 154 } 155 156 /* must be called under the client_lock */ 157 static inline void 158 renew_client_locked(struct nfs4_client *clp) 159 { 160 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 161 162 if (is_client_expired(clp)) { 163 WARN_ON(1); 164 printk("%s: client (clientid %08x/%08x) already expired\n", 165 __func__, 166 clp->cl_clientid.cl_boot, 167 clp->cl_clientid.cl_id); 168 return; 169 } 170 171 list_move_tail(&clp->cl_lru, &nn->client_lru); 172 clp->cl_time = ktime_get_boottime_seconds(); 173 } 174 175 static void put_client_renew_locked(struct nfs4_client *clp) 176 { 177 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 178 179 lockdep_assert_held(&nn->client_lock); 180 181 if (!atomic_dec_and_test(&clp->cl_rpc_users)) 182 return; 183 if (!is_client_expired(clp)) 184 renew_client_locked(clp); 185 else 186 wake_up_all(&expiry_wq); 187 } 188 189 static void put_client_renew(struct nfs4_client *clp) 190 { 191 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 192 193 if (!atomic_dec_and_lock(&clp->cl_rpc_users, &nn->client_lock)) 194 return; 195 if (!is_client_expired(clp)) 196 renew_client_locked(clp); 197 else 198 wake_up_all(&expiry_wq); 199 spin_unlock(&nn->client_lock); 200 } 201 202 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 203 { 204 __be32 status; 205 206 if (is_session_dead(ses)) 207 return nfserr_badsession; 208 status = get_client_locked(ses->se_client); 209 if (status) 210 return status; 211 atomic_inc(&ses->se_ref); 212 return nfs_ok; 213 } 214 215 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 216 { 217 struct nfs4_client *clp = ses->se_client; 218 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 219 220 lockdep_assert_held(&nn->client_lock); 221 222 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 223 free_session(ses); 224 put_client_renew_locked(clp); 225 } 226 227 static void nfsd4_put_session(struct nfsd4_session *ses) 228 { 229 struct nfs4_client *clp = ses->se_client; 230 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 231 232 spin_lock(&nn->client_lock); 233 nfsd4_put_session_locked(ses); 234 spin_unlock(&nn->client_lock); 235 } 236 237 static struct nfsd4_blocked_lock * 238 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 239 struct nfsd_net *nn) 240 { 241 struct nfsd4_blocked_lock *cur, *found = NULL; 242 243 spin_lock(&nn->blocked_locks_lock); 244 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 245 if (fh_match(fh, &cur->nbl_fh)) { 246 list_del_init(&cur->nbl_list); 247 list_del_init(&cur->nbl_lru); 248 found = cur; 249 break; 250 } 251 } 252 spin_unlock(&nn->blocked_locks_lock); 253 if (found) 254 locks_delete_block(&found->nbl_lock); 255 return found; 256 } 257 258 static struct nfsd4_blocked_lock * 259 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 260 struct nfsd_net *nn) 261 { 262 struct nfsd4_blocked_lock *nbl; 263 264 nbl = find_blocked_lock(lo, fh, nn); 265 if (!nbl) { 266 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 267 if (nbl) { 268 INIT_LIST_HEAD(&nbl->nbl_list); 269 INIT_LIST_HEAD(&nbl->nbl_lru); 270 fh_copy_shallow(&nbl->nbl_fh, fh); 271 locks_init_lock(&nbl->nbl_lock); 272 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 273 &nfsd4_cb_notify_lock_ops, 274 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 275 } 276 } 277 return nbl; 278 } 279 280 static void 281 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 282 { 283 locks_delete_block(&nbl->nbl_lock); 284 locks_release_private(&nbl->nbl_lock); 285 kfree(nbl); 286 } 287 288 static void 289 remove_blocked_locks(struct nfs4_lockowner *lo) 290 { 291 struct nfs4_client *clp = lo->lo_owner.so_client; 292 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 293 struct nfsd4_blocked_lock *nbl; 294 LIST_HEAD(reaplist); 295 296 /* Dequeue all blocked locks */ 297 spin_lock(&nn->blocked_locks_lock); 298 while (!list_empty(&lo->lo_blocked)) { 299 nbl = list_first_entry(&lo->lo_blocked, 300 struct nfsd4_blocked_lock, 301 nbl_list); 302 list_del_init(&nbl->nbl_list); 303 list_move(&nbl->nbl_lru, &reaplist); 304 } 305 spin_unlock(&nn->blocked_locks_lock); 306 307 /* Now free them */ 308 while (!list_empty(&reaplist)) { 309 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 310 nbl_lru); 311 list_del_init(&nbl->nbl_lru); 312 free_blocked_lock(nbl); 313 } 314 } 315 316 static void 317 nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb) 318 { 319 struct nfsd4_blocked_lock *nbl = container_of(cb, 320 struct nfsd4_blocked_lock, nbl_cb); 321 locks_delete_block(&nbl->nbl_lock); 322 } 323 324 static int 325 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 326 { 327 /* 328 * Since this is just an optimization, we don't try very hard if it 329 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 330 * just quit trying on anything else. 331 */ 332 switch (task->tk_status) { 333 case -NFS4ERR_DELAY: 334 rpc_delay(task, 1 * HZ); 335 return 0; 336 default: 337 return 1; 338 } 339 } 340 341 static void 342 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 343 { 344 struct nfsd4_blocked_lock *nbl = container_of(cb, 345 struct nfsd4_blocked_lock, nbl_cb); 346 347 free_blocked_lock(nbl); 348 } 349 350 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 351 .prepare = nfsd4_cb_notify_lock_prepare, 352 .done = nfsd4_cb_notify_lock_done, 353 .release = nfsd4_cb_notify_lock_release, 354 }; 355 356 static inline struct nfs4_stateowner * 357 nfs4_get_stateowner(struct nfs4_stateowner *sop) 358 { 359 atomic_inc(&sop->so_count); 360 return sop; 361 } 362 363 static int 364 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 365 { 366 return (sop->so_owner.len == owner->len) && 367 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 368 } 369 370 static struct nfs4_openowner * 371 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 372 struct nfs4_client *clp) 373 { 374 struct nfs4_stateowner *so; 375 376 lockdep_assert_held(&clp->cl_lock); 377 378 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 379 so_strhash) { 380 if (!so->so_is_open_owner) 381 continue; 382 if (same_owner_str(so, &open->op_owner)) 383 return openowner(nfs4_get_stateowner(so)); 384 } 385 return NULL; 386 } 387 388 static struct nfs4_openowner * 389 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 390 struct nfs4_client *clp) 391 { 392 struct nfs4_openowner *oo; 393 394 spin_lock(&clp->cl_lock); 395 oo = find_openstateowner_str_locked(hashval, open, clp); 396 spin_unlock(&clp->cl_lock); 397 return oo; 398 } 399 400 static inline u32 401 opaque_hashval(const void *ptr, int nbytes) 402 { 403 unsigned char *cptr = (unsigned char *) ptr; 404 405 u32 x = 0; 406 while (nbytes--) { 407 x *= 37; 408 x += *cptr++; 409 } 410 return x; 411 } 412 413 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 414 { 415 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 416 417 kmem_cache_free(file_slab, fp); 418 } 419 420 void 421 put_nfs4_file(struct nfs4_file *fi) 422 { 423 might_lock(&state_lock); 424 425 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 426 hlist_del_rcu(&fi->fi_hash); 427 spin_unlock(&state_lock); 428 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 429 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 430 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 431 } 432 } 433 434 static struct nfsd_file * 435 __nfs4_get_fd(struct nfs4_file *f, int oflag) 436 { 437 if (f->fi_fds[oflag]) 438 return nfsd_file_get(f->fi_fds[oflag]); 439 return NULL; 440 } 441 442 static struct nfsd_file * 443 find_writeable_file_locked(struct nfs4_file *f) 444 { 445 struct nfsd_file *ret; 446 447 lockdep_assert_held(&f->fi_lock); 448 449 ret = __nfs4_get_fd(f, O_WRONLY); 450 if (!ret) 451 ret = __nfs4_get_fd(f, O_RDWR); 452 return ret; 453 } 454 455 static struct nfsd_file * 456 find_writeable_file(struct nfs4_file *f) 457 { 458 struct nfsd_file *ret; 459 460 spin_lock(&f->fi_lock); 461 ret = find_writeable_file_locked(f); 462 spin_unlock(&f->fi_lock); 463 464 return ret; 465 } 466 467 static struct nfsd_file * 468 find_readable_file_locked(struct nfs4_file *f) 469 { 470 struct nfsd_file *ret; 471 472 lockdep_assert_held(&f->fi_lock); 473 474 ret = __nfs4_get_fd(f, O_RDONLY); 475 if (!ret) 476 ret = __nfs4_get_fd(f, O_RDWR); 477 return ret; 478 } 479 480 static struct nfsd_file * 481 find_readable_file(struct nfs4_file *f) 482 { 483 struct nfsd_file *ret; 484 485 spin_lock(&f->fi_lock); 486 ret = find_readable_file_locked(f); 487 spin_unlock(&f->fi_lock); 488 489 return ret; 490 } 491 492 struct nfsd_file * 493 find_any_file(struct nfs4_file *f) 494 { 495 struct nfsd_file *ret; 496 497 if (!f) 498 return NULL; 499 spin_lock(&f->fi_lock); 500 ret = __nfs4_get_fd(f, O_RDWR); 501 if (!ret) { 502 ret = __nfs4_get_fd(f, O_WRONLY); 503 if (!ret) 504 ret = __nfs4_get_fd(f, O_RDONLY); 505 } 506 spin_unlock(&f->fi_lock); 507 return ret; 508 } 509 510 static atomic_long_t num_delegations; 511 unsigned long max_delegations; 512 513 /* 514 * Open owner state (share locks) 515 */ 516 517 /* hash tables for lock and open owners */ 518 #define OWNER_HASH_BITS 8 519 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 520 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 521 522 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 523 { 524 unsigned int ret; 525 526 ret = opaque_hashval(ownername->data, ownername->len); 527 return ret & OWNER_HASH_MASK; 528 } 529 530 /* hash table for nfs4_file */ 531 #define FILE_HASH_BITS 8 532 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 533 534 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 535 { 536 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 537 } 538 539 static unsigned int file_hashval(struct knfsd_fh *fh) 540 { 541 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 542 } 543 544 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 545 546 static void 547 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 548 { 549 lockdep_assert_held(&fp->fi_lock); 550 551 if (access & NFS4_SHARE_ACCESS_WRITE) 552 atomic_inc(&fp->fi_access[O_WRONLY]); 553 if (access & NFS4_SHARE_ACCESS_READ) 554 atomic_inc(&fp->fi_access[O_RDONLY]); 555 } 556 557 static __be32 558 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 559 { 560 lockdep_assert_held(&fp->fi_lock); 561 562 /* Does this access mode make sense? */ 563 if (access & ~NFS4_SHARE_ACCESS_BOTH) 564 return nfserr_inval; 565 566 /* Does it conflict with a deny mode already set? */ 567 if ((access & fp->fi_share_deny) != 0) 568 return nfserr_share_denied; 569 570 __nfs4_file_get_access(fp, access); 571 return nfs_ok; 572 } 573 574 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 575 { 576 /* Common case is that there is no deny mode. */ 577 if (deny) { 578 /* Does this deny mode make sense? */ 579 if (deny & ~NFS4_SHARE_DENY_BOTH) 580 return nfserr_inval; 581 582 if ((deny & NFS4_SHARE_DENY_READ) && 583 atomic_read(&fp->fi_access[O_RDONLY])) 584 return nfserr_share_denied; 585 586 if ((deny & NFS4_SHARE_DENY_WRITE) && 587 atomic_read(&fp->fi_access[O_WRONLY])) 588 return nfserr_share_denied; 589 } 590 return nfs_ok; 591 } 592 593 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 594 { 595 might_lock(&fp->fi_lock); 596 597 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 598 struct nfsd_file *f1 = NULL; 599 struct nfsd_file *f2 = NULL; 600 601 swap(f1, fp->fi_fds[oflag]); 602 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 603 swap(f2, fp->fi_fds[O_RDWR]); 604 spin_unlock(&fp->fi_lock); 605 if (f1) 606 nfsd_file_put(f1); 607 if (f2) 608 nfsd_file_put(f2); 609 } 610 } 611 612 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 613 { 614 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 615 616 if (access & NFS4_SHARE_ACCESS_WRITE) 617 __nfs4_file_put_access(fp, O_WRONLY); 618 if (access & NFS4_SHARE_ACCESS_READ) 619 __nfs4_file_put_access(fp, O_RDONLY); 620 } 621 622 /* 623 * Allocate a new open/delegation state counter. This is needed for 624 * pNFS for proper return on close semantics. 625 * 626 * Note that we only allocate it for pNFS-enabled exports, otherwise 627 * all pointers to struct nfs4_clnt_odstate are always NULL. 628 */ 629 static struct nfs4_clnt_odstate * 630 alloc_clnt_odstate(struct nfs4_client *clp) 631 { 632 struct nfs4_clnt_odstate *co; 633 634 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 635 if (co) { 636 co->co_client = clp; 637 refcount_set(&co->co_odcount, 1); 638 } 639 return co; 640 } 641 642 static void 643 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 644 { 645 struct nfs4_file *fp = co->co_file; 646 647 lockdep_assert_held(&fp->fi_lock); 648 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 649 } 650 651 static inline void 652 get_clnt_odstate(struct nfs4_clnt_odstate *co) 653 { 654 if (co) 655 refcount_inc(&co->co_odcount); 656 } 657 658 static void 659 put_clnt_odstate(struct nfs4_clnt_odstate *co) 660 { 661 struct nfs4_file *fp; 662 663 if (!co) 664 return; 665 666 fp = co->co_file; 667 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 668 list_del(&co->co_perfile); 669 spin_unlock(&fp->fi_lock); 670 671 nfsd4_return_all_file_layouts(co->co_client, fp); 672 kmem_cache_free(odstate_slab, co); 673 } 674 } 675 676 static struct nfs4_clnt_odstate * 677 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 678 { 679 struct nfs4_clnt_odstate *co; 680 struct nfs4_client *cl; 681 682 if (!new) 683 return NULL; 684 685 cl = new->co_client; 686 687 spin_lock(&fp->fi_lock); 688 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 689 if (co->co_client == cl) { 690 get_clnt_odstate(co); 691 goto out; 692 } 693 } 694 co = new; 695 co->co_file = fp; 696 hash_clnt_odstate_locked(new); 697 out: 698 spin_unlock(&fp->fi_lock); 699 return co; 700 } 701 702 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 703 void (*sc_free)(struct nfs4_stid *)) 704 { 705 struct nfs4_stid *stid; 706 int new_id; 707 708 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 709 if (!stid) 710 return NULL; 711 712 idr_preload(GFP_KERNEL); 713 spin_lock(&cl->cl_lock); 714 /* Reserving 0 for start of file in nfsdfs "states" file: */ 715 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 1, 0, GFP_NOWAIT); 716 spin_unlock(&cl->cl_lock); 717 idr_preload_end(); 718 if (new_id < 0) 719 goto out_free; 720 721 stid->sc_free = sc_free; 722 stid->sc_client = cl; 723 stid->sc_stateid.si_opaque.so_id = new_id; 724 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 725 /* Will be incremented before return to client: */ 726 refcount_set(&stid->sc_count, 1); 727 spin_lock_init(&stid->sc_lock); 728 INIT_LIST_HEAD(&stid->sc_cp_list); 729 730 /* 731 * It shouldn't be a problem to reuse an opaque stateid value. 732 * I don't think it is for 4.1. But with 4.0 I worry that, for 733 * example, a stray write retransmission could be accepted by 734 * the server when it should have been rejected. Therefore, 735 * adopt a trick from the sctp code to attempt to maximize the 736 * amount of time until an id is reused, by ensuring they always 737 * "increase" (mod INT_MAX): 738 */ 739 return stid; 740 out_free: 741 kmem_cache_free(slab, stid); 742 return NULL; 743 } 744 745 /* 746 * Create a unique stateid_t to represent each COPY. 747 */ 748 static int nfs4_init_cp_state(struct nfsd_net *nn, copy_stateid_t *stid, 749 unsigned char sc_type) 750 { 751 int new_id; 752 753 stid->stid.si_opaque.so_clid.cl_boot = (u32)nn->boot_time; 754 stid->stid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id; 755 stid->sc_type = sc_type; 756 757 idr_preload(GFP_KERNEL); 758 spin_lock(&nn->s2s_cp_lock); 759 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, stid, 0, 0, GFP_NOWAIT); 760 stid->stid.si_opaque.so_id = new_id; 761 spin_unlock(&nn->s2s_cp_lock); 762 idr_preload_end(); 763 if (new_id < 0) 764 return 0; 765 return 1; 766 } 767 768 int nfs4_init_copy_state(struct nfsd_net *nn, struct nfsd4_copy *copy) 769 { 770 return nfs4_init_cp_state(nn, ©->cp_stateid, NFS4_COPY_STID); 771 } 772 773 struct nfs4_cpntf_state *nfs4_alloc_init_cpntf_state(struct nfsd_net *nn, 774 struct nfs4_stid *p_stid) 775 { 776 struct nfs4_cpntf_state *cps; 777 778 cps = kzalloc(sizeof(struct nfs4_cpntf_state), GFP_KERNEL); 779 if (!cps) 780 return NULL; 781 cps->cpntf_time = ktime_get_boottime_seconds(); 782 refcount_set(&cps->cp_stateid.sc_count, 1); 783 if (!nfs4_init_cp_state(nn, &cps->cp_stateid, NFS4_COPYNOTIFY_STID)) 784 goto out_free; 785 spin_lock(&nn->s2s_cp_lock); 786 list_add(&cps->cp_list, &p_stid->sc_cp_list); 787 spin_unlock(&nn->s2s_cp_lock); 788 return cps; 789 out_free: 790 kfree(cps); 791 return NULL; 792 } 793 794 void nfs4_free_copy_state(struct nfsd4_copy *copy) 795 { 796 struct nfsd_net *nn; 797 798 WARN_ON_ONCE(copy->cp_stateid.sc_type != NFS4_COPY_STID); 799 nn = net_generic(copy->cp_clp->net, nfsd_net_id); 800 spin_lock(&nn->s2s_cp_lock); 801 idr_remove(&nn->s2s_cp_stateids, 802 copy->cp_stateid.stid.si_opaque.so_id); 803 spin_unlock(&nn->s2s_cp_lock); 804 } 805 806 static void nfs4_free_cpntf_statelist(struct net *net, struct nfs4_stid *stid) 807 { 808 struct nfs4_cpntf_state *cps; 809 struct nfsd_net *nn; 810 811 nn = net_generic(net, nfsd_net_id); 812 spin_lock(&nn->s2s_cp_lock); 813 while (!list_empty(&stid->sc_cp_list)) { 814 cps = list_first_entry(&stid->sc_cp_list, 815 struct nfs4_cpntf_state, cp_list); 816 _free_cpntf_state_locked(nn, cps); 817 } 818 spin_unlock(&nn->s2s_cp_lock); 819 } 820 821 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 822 { 823 struct nfs4_stid *stid; 824 825 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 826 if (!stid) 827 return NULL; 828 829 return openlockstateid(stid); 830 } 831 832 static void nfs4_free_deleg(struct nfs4_stid *stid) 833 { 834 kmem_cache_free(deleg_slab, stid); 835 atomic_long_dec(&num_delegations); 836 } 837 838 /* 839 * When we recall a delegation, we should be careful not to hand it 840 * out again straight away. 841 * To ensure this we keep a pair of bloom filters ('new' and 'old') 842 * in which the filehandles of recalled delegations are "stored". 843 * If a filehandle appear in either filter, a delegation is blocked. 844 * When a delegation is recalled, the filehandle is stored in the "new" 845 * filter. 846 * Every 30 seconds we swap the filters and clear the "new" one, 847 * unless both are empty of course. 848 * 849 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 850 * low 3 bytes as hash-table indices. 851 * 852 * 'blocked_delegations_lock', which is always taken in block_delegations(), 853 * is used to manage concurrent access. Testing does not need the lock 854 * except when swapping the two filters. 855 */ 856 static DEFINE_SPINLOCK(blocked_delegations_lock); 857 static struct bloom_pair { 858 int entries, old_entries; 859 time64_t swap_time; 860 int new; /* index into 'set' */ 861 DECLARE_BITMAP(set[2], 256); 862 } blocked_delegations; 863 864 static int delegation_blocked(struct knfsd_fh *fh) 865 { 866 u32 hash; 867 struct bloom_pair *bd = &blocked_delegations; 868 869 if (bd->entries == 0) 870 return 0; 871 if (ktime_get_seconds() - bd->swap_time > 30) { 872 spin_lock(&blocked_delegations_lock); 873 if (ktime_get_seconds() - bd->swap_time > 30) { 874 bd->entries -= bd->old_entries; 875 bd->old_entries = bd->entries; 876 memset(bd->set[bd->new], 0, 877 sizeof(bd->set[0])); 878 bd->new = 1-bd->new; 879 bd->swap_time = ktime_get_seconds(); 880 } 881 spin_unlock(&blocked_delegations_lock); 882 } 883 hash = jhash(&fh->fh_base, fh->fh_size, 0); 884 if (test_bit(hash&255, bd->set[0]) && 885 test_bit((hash>>8)&255, bd->set[0]) && 886 test_bit((hash>>16)&255, bd->set[0])) 887 return 1; 888 889 if (test_bit(hash&255, bd->set[1]) && 890 test_bit((hash>>8)&255, bd->set[1]) && 891 test_bit((hash>>16)&255, bd->set[1])) 892 return 1; 893 894 return 0; 895 } 896 897 static void block_delegations(struct knfsd_fh *fh) 898 { 899 u32 hash; 900 struct bloom_pair *bd = &blocked_delegations; 901 902 hash = jhash(&fh->fh_base, fh->fh_size, 0); 903 904 spin_lock(&blocked_delegations_lock); 905 __set_bit(hash&255, bd->set[bd->new]); 906 __set_bit((hash>>8)&255, bd->set[bd->new]); 907 __set_bit((hash>>16)&255, bd->set[bd->new]); 908 if (bd->entries == 0) 909 bd->swap_time = ktime_get_seconds(); 910 bd->entries += 1; 911 spin_unlock(&blocked_delegations_lock); 912 } 913 914 static struct nfs4_delegation * 915 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 916 struct svc_fh *current_fh, 917 struct nfs4_clnt_odstate *odstate) 918 { 919 struct nfs4_delegation *dp; 920 long n; 921 922 dprintk("NFSD alloc_init_deleg\n"); 923 n = atomic_long_inc_return(&num_delegations); 924 if (n < 0 || n > max_delegations) 925 goto out_dec; 926 if (delegation_blocked(¤t_fh->fh_handle)) 927 goto out_dec; 928 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 929 if (dp == NULL) 930 goto out_dec; 931 932 /* 933 * delegation seqid's are never incremented. The 4.1 special 934 * meaning of seqid 0 isn't meaningful, really, but let's avoid 935 * 0 anyway just for consistency and use 1: 936 */ 937 dp->dl_stid.sc_stateid.si_generation = 1; 938 INIT_LIST_HEAD(&dp->dl_perfile); 939 INIT_LIST_HEAD(&dp->dl_perclnt); 940 INIT_LIST_HEAD(&dp->dl_recall_lru); 941 dp->dl_clnt_odstate = odstate; 942 get_clnt_odstate(odstate); 943 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 944 dp->dl_retries = 1; 945 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 946 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 947 get_nfs4_file(fp); 948 dp->dl_stid.sc_file = fp; 949 return dp; 950 out_dec: 951 atomic_long_dec(&num_delegations); 952 return NULL; 953 } 954 955 void 956 nfs4_put_stid(struct nfs4_stid *s) 957 { 958 struct nfs4_file *fp = s->sc_file; 959 struct nfs4_client *clp = s->sc_client; 960 961 might_lock(&clp->cl_lock); 962 963 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 964 wake_up_all(&close_wq); 965 return; 966 } 967 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 968 nfs4_free_cpntf_statelist(clp->net, s); 969 spin_unlock(&clp->cl_lock); 970 s->sc_free(s); 971 if (fp) 972 put_nfs4_file(fp); 973 } 974 975 void 976 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 977 { 978 stateid_t *src = &stid->sc_stateid; 979 980 spin_lock(&stid->sc_lock); 981 if (unlikely(++src->si_generation == 0)) 982 src->si_generation = 1; 983 memcpy(dst, src, sizeof(*dst)); 984 spin_unlock(&stid->sc_lock); 985 } 986 987 static void put_deleg_file(struct nfs4_file *fp) 988 { 989 struct nfsd_file *nf = NULL; 990 991 spin_lock(&fp->fi_lock); 992 if (--fp->fi_delegees == 0) 993 swap(nf, fp->fi_deleg_file); 994 spin_unlock(&fp->fi_lock); 995 996 if (nf) 997 nfsd_file_put(nf); 998 } 999 1000 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 1001 { 1002 struct nfs4_file *fp = dp->dl_stid.sc_file; 1003 struct nfsd_file *nf = fp->fi_deleg_file; 1004 1005 WARN_ON_ONCE(!fp->fi_delegees); 1006 1007 vfs_setlease(nf->nf_file, F_UNLCK, NULL, (void **)&dp); 1008 put_deleg_file(fp); 1009 } 1010 1011 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 1012 { 1013 put_clnt_odstate(dp->dl_clnt_odstate); 1014 nfs4_unlock_deleg_lease(dp); 1015 nfs4_put_stid(&dp->dl_stid); 1016 } 1017 1018 void nfs4_unhash_stid(struct nfs4_stid *s) 1019 { 1020 s->sc_type = 0; 1021 } 1022 1023 /** 1024 * nfs4_delegation_exists - Discover if this delegation already exists 1025 * @clp: a pointer to the nfs4_client we're granting a delegation to 1026 * @fp: a pointer to the nfs4_file we're granting a delegation on 1027 * 1028 * Return: 1029 * On success: true iff an existing delegation is found 1030 */ 1031 1032 static bool 1033 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 1034 { 1035 struct nfs4_delegation *searchdp = NULL; 1036 struct nfs4_client *searchclp = NULL; 1037 1038 lockdep_assert_held(&state_lock); 1039 lockdep_assert_held(&fp->fi_lock); 1040 1041 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 1042 searchclp = searchdp->dl_stid.sc_client; 1043 if (clp == searchclp) { 1044 return true; 1045 } 1046 } 1047 return false; 1048 } 1049 1050 /** 1051 * hash_delegation_locked - Add a delegation to the appropriate lists 1052 * @dp: a pointer to the nfs4_delegation we are adding. 1053 * @fp: a pointer to the nfs4_file we're granting a delegation on 1054 * 1055 * Return: 1056 * On success: NULL if the delegation was successfully hashed. 1057 * 1058 * On error: -EAGAIN if one was previously granted to this 1059 * nfs4_client for this nfs4_file. Delegation is not hashed. 1060 * 1061 */ 1062 1063 static int 1064 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 1065 { 1066 struct nfs4_client *clp = dp->dl_stid.sc_client; 1067 1068 lockdep_assert_held(&state_lock); 1069 lockdep_assert_held(&fp->fi_lock); 1070 1071 if (nfs4_delegation_exists(clp, fp)) 1072 return -EAGAIN; 1073 refcount_inc(&dp->dl_stid.sc_count); 1074 dp->dl_stid.sc_type = NFS4_DELEG_STID; 1075 list_add(&dp->dl_perfile, &fp->fi_delegations); 1076 list_add(&dp->dl_perclnt, &clp->cl_delegations); 1077 return 0; 1078 } 1079 1080 static bool 1081 unhash_delegation_locked(struct nfs4_delegation *dp) 1082 { 1083 struct nfs4_file *fp = dp->dl_stid.sc_file; 1084 1085 lockdep_assert_held(&state_lock); 1086 1087 if (list_empty(&dp->dl_perfile)) 1088 return false; 1089 1090 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 1091 /* Ensure that deleg break won't try to requeue it */ 1092 ++dp->dl_time; 1093 spin_lock(&fp->fi_lock); 1094 list_del_init(&dp->dl_perclnt); 1095 list_del_init(&dp->dl_recall_lru); 1096 list_del_init(&dp->dl_perfile); 1097 spin_unlock(&fp->fi_lock); 1098 return true; 1099 } 1100 1101 static void destroy_delegation(struct nfs4_delegation *dp) 1102 { 1103 bool unhashed; 1104 1105 spin_lock(&state_lock); 1106 unhashed = unhash_delegation_locked(dp); 1107 spin_unlock(&state_lock); 1108 if (unhashed) 1109 destroy_unhashed_deleg(dp); 1110 } 1111 1112 static void revoke_delegation(struct nfs4_delegation *dp) 1113 { 1114 struct nfs4_client *clp = dp->dl_stid.sc_client; 1115 1116 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1117 1118 if (clp->cl_minorversion) { 1119 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 1120 refcount_inc(&dp->dl_stid.sc_count); 1121 spin_lock(&clp->cl_lock); 1122 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1123 spin_unlock(&clp->cl_lock); 1124 } 1125 destroy_unhashed_deleg(dp); 1126 } 1127 1128 /* 1129 * SETCLIENTID state 1130 */ 1131 1132 static unsigned int clientid_hashval(u32 id) 1133 { 1134 return id & CLIENT_HASH_MASK; 1135 } 1136 1137 static unsigned int clientstr_hashval(struct xdr_netobj name) 1138 { 1139 return opaque_hashval(name.data, 8) & CLIENT_HASH_MASK; 1140 } 1141 1142 /* 1143 * We store the NONE, READ, WRITE, and BOTH bits separately in the 1144 * st_{access,deny}_bmap field of the stateid, in order to track not 1145 * only what share bits are currently in force, but also what 1146 * combinations of share bits previous opens have used. This allows us 1147 * to enforce the recommendation of rfc 3530 14.2.19 that the server 1148 * return an error if the client attempt to downgrade to a combination 1149 * of share bits not explicable by closing some of its previous opens. 1150 * 1151 * XXX: This enforcement is actually incomplete, since we don't keep 1152 * track of access/deny bit combinations; so, e.g., we allow: 1153 * 1154 * OPEN allow read, deny write 1155 * OPEN allow both, deny none 1156 * DOWNGRADE allow read, deny none 1157 * 1158 * which we should reject. 1159 */ 1160 static unsigned int 1161 bmap_to_share_mode(unsigned long bmap) { 1162 int i; 1163 unsigned int access = 0; 1164 1165 for (i = 1; i < 4; i++) { 1166 if (test_bit(i, &bmap)) 1167 access |= i; 1168 } 1169 return access; 1170 } 1171 1172 /* set share access for a given stateid */ 1173 static inline void 1174 set_access(u32 access, struct nfs4_ol_stateid *stp) 1175 { 1176 unsigned char mask = 1 << access; 1177 1178 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1179 stp->st_access_bmap |= mask; 1180 } 1181 1182 /* clear share access for a given stateid */ 1183 static inline void 1184 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1185 { 1186 unsigned char mask = 1 << access; 1187 1188 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1189 stp->st_access_bmap &= ~mask; 1190 } 1191 1192 /* test whether a given stateid has access */ 1193 static inline bool 1194 test_access(u32 access, struct nfs4_ol_stateid *stp) 1195 { 1196 unsigned char mask = 1 << access; 1197 1198 return (bool)(stp->st_access_bmap & mask); 1199 } 1200 1201 /* set share deny for a given stateid */ 1202 static inline void 1203 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1204 { 1205 unsigned char mask = 1 << deny; 1206 1207 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1208 stp->st_deny_bmap |= mask; 1209 } 1210 1211 /* clear share deny for a given stateid */ 1212 static inline void 1213 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1214 { 1215 unsigned char mask = 1 << deny; 1216 1217 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1218 stp->st_deny_bmap &= ~mask; 1219 } 1220 1221 /* test whether a given stateid is denying specific access */ 1222 static inline bool 1223 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1224 { 1225 unsigned char mask = 1 << deny; 1226 1227 return (bool)(stp->st_deny_bmap & mask); 1228 } 1229 1230 static int nfs4_access_to_omode(u32 access) 1231 { 1232 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1233 case NFS4_SHARE_ACCESS_READ: 1234 return O_RDONLY; 1235 case NFS4_SHARE_ACCESS_WRITE: 1236 return O_WRONLY; 1237 case NFS4_SHARE_ACCESS_BOTH: 1238 return O_RDWR; 1239 } 1240 WARN_ON_ONCE(1); 1241 return O_RDONLY; 1242 } 1243 1244 /* 1245 * A stateid that had a deny mode associated with it is being released 1246 * or downgraded. Recalculate the deny mode on the file. 1247 */ 1248 static void 1249 recalculate_deny_mode(struct nfs4_file *fp) 1250 { 1251 struct nfs4_ol_stateid *stp; 1252 1253 spin_lock(&fp->fi_lock); 1254 fp->fi_share_deny = 0; 1255 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1256 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1257 spin_unlock(&fp->fi_lock); 1258 } 1259 1260 static void 1261 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1262 { 1263 int i; 1264 bool change = false; 1265 1266 for (i = 1; i < 4; i++) { 1267 if ((i & deny) != i) { 1268 change = true; 1269 clear_deny(i, stp); 1270 } 1271 } 1272 1273 /* Recalculate per-file deny mode if there was a change */ 1274 if (change) 1275 recalculate_deny_mode(stp->st_stid.sc_file); 1276 } 1277 1278 /* release all access and file references for a given stateid */ 1279 static void 1280 release_all_access(struct nfs4_ol_stateid *stp) 1281 { 1282 int i; 1283 struct nfs4_file *fp = stp->st_stid.sc_file; 1284 1285 if (fp && stp->st_deny_bmap != 0) 1286 recalculate_deny_mode(fp); 1287 1288 for (i = 1; i < 4; i++) { 1289 if (test_access(i, stp)) 1290 nfs4_file_put_access(stp->st_stid.sc_file, i); 1291 clear_access(i, stp); 1292 } 1293 } 1294 1295 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1296 { 1297 kfree(sop->so_owner.data); 1298 sop->so_ops->so_free(sop); 1299 } 1300 1301 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1302 { 1303 struct nfs4_client *clp = sop->so_client; 1304 1305 might_lock(&clp->cl_lock); 1306 1307 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1308 return; 1309 sop->so_ops->so_unhash(sop); 1310 spin_unlock(&clp->cl_lock); 1311 nfs4_free_stateowner(sop); 1312 } 1313 1314 static bool 1315 nfs4_ol_stateid_unhashed(const struct nfs4_ol_stateid *stp) 1316 { 1317 return list_empty(&stp->st_perfile); 1318 } 1319 1320 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1321 { 1322 struct nfs4_file *fp = stp->st_stid.sc_file; 1323 1324 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1325 1326 if (list_empty(&stp->st_perfile)) 1327 return false; 1328 1329 spin_lock(&fp->fi_lock); 1330 list_del_init(&stp->st_perfile); 1331 spin_unlock(&fp->fi_lock); 1332 list_del(&stp->st_perstateowner); 1333 return true; 1334 } 1335 1336 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1337 { 1338 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1339 1340 put_clnt_odstate(stp->st_clnt_odstate); 1341 release_all_access(stp); 1342 if (stp->st_stateowner) 1343 nfs4_put_stateowner(stp->st_stateowner); 1344 kmem_cache_free(stateid_slab, stid); 1345 } 1346 1347 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1348 { 1349 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1350 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1351 struct nfsd_file *nf; 1352 1353 nf = find_any_file(stp->st_stid.sc_file); 1354 if (nf) { 1355 get_file(nf->nf_file); 1356 filp_close(nf->nf_file, (fl_owner_t)lo); 1357 nfsd_file_put(nf); 1358 } 1359 nfs4_free_ol_stateid(stid); 1360 } 1361 1362 /* 1363 * Put the persistent reference to an already unhashed generic stateid, while 1364 * holding the cl_lock. If it's the last reference, then put it onto the 1365 * reaplist for later destruction. 1366 */ 1367 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1368 struct list_head *reaplist) 1369 { 1370 struct nfs4_stid *s = &stp->st_stid; 1371 struct nfs4_client *clp = s->sc_client; 1372 1373 lockdep_assert_held(&clp->cl_lock); 1374 1375 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1376 1377 if (!refcount_dec_and_test(&s->sc_count)) { 1378 wake_up_all(&close_wq); 1379 return; 1380 } 1381 1382 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1383 list_add(&stp->st_locks, reaplist); 1384 } 1385 1386 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1387 { 1388 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1389 1390 if (!unhash_ol_stateid(stp)) 1391 return false; 1392 list_del_init(&stp->st_locks); 1393 nfs4_unhash_stid(&stp->st_stid); 1394 return true; 1395 } 1396 1397 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1398 { 1399 struct nfs4_client *clp = stp->st_stid.sc_client; 1400 bool unhashed; 1401 1402 spin_lock(&clp->cl_lock); 1403 unhashed = unhash_lock_stateid(stp); 1404 spin_unlock(&clp->cl_lock); 1405 if (unhashed) 1406 nfs4_put_stid(&stp->st_stid); 1407 } 1408 1409 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1410 { 1411 struct nfs4_client *clp = lo->lo_owner.so_client; 1412 1413 lockdep_assert_held(&clp->cl_lock); 1414 1415 list_del_init(&lo->lo_owner.so_strhash); 1416 } 1417 1418 /* 1419 * Free a list of generic stateids that were collected earlier after being 1420 * fully unhashed. 1421 */ 1422 static void 1423 free_ol_stateid_reaplist(struct list_head *reaplist) 1424 { 1425 struct nfs4_ol_stateid *stp; 1426 struct nfs4_file *fp; 1427 1428 might_sleep(); 1429 1430 while (!list_empty(reaplist)) { 1431 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1432 st_locks); 1433 list_del(&stp->st_locks); 1434 fp = stp->st_stid.sc_file; 1435 stp->st_stid.sc_free(&stp->st_stid); 1436 if (fp) 1437 put_nfs4_file(fp); 1438 } 1439 } 1440 1441 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1442 struct list_head *reaplist) 1443 { 1444 struct nfs4_ol_stateid *stp; 1445 1446 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1447 1448 while (!list_empty(&open_stp->st_locks)) { 1449 stp = list_entry(open_stp->st_locks.next, 1450 struct nfs4_ol_stateid, st_locks); 1451 WARN_ON(!unhash_lock_stateid(stp)); 1452 put_ol_stateid_locked(stp, reaplist); 1453 } 1454 } 1455 1456 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1457 struct list_head *reaplist) 1458 { 1459 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1460 1461 if (!unhash_ol_stateid(stp)) 1462 return false; 1463 release_open_stateid_locks(stp, reaplist); 1464 return true; 1465 } 1466 1467 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1468 { 1469 LIST_HEAD(reaplist); 1470 1471 spin_lock(&stp->st_stid.sc_client->cl_lock); 1472 if (unhash_open_stateid(stp, &reaplist)) 1473 put_ol_stateid_locked(stp, &reaplist); 1474 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1475 free_ol_stateid_reaplist(&reaplist); 1476 } 1477 1478 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1479 { 1480 struct nfs4_client *clp = oo->oo_owner.so_client; 1481 1482 lockdep_assert_held(&clp->cl_lock); 1483 1484 list_del_init(&oo->oo_owner.so_strhash); 1485 list_del_init(&oo->oo_perclient); 1486 } 1487 1488 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1489 { 1490 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1491 nfsd_net_id); 1492 struct nfs4_ol_stateid *s; 1493 1494 spin_lock(&nn->client_lock); 1495 s = oo->oo_last_closed_stid; 1496 if (s) { 1497 list_del_init(&oo->oo_close_lru); 1498 oo->oo_last_closed_stid = NULL; 1499 } 1500 spin_unlock(&nn->client_lock); 1501 if (s) 1502 nfs4_put_stid(&s->st_stid); 1503 } 1504 1505 static void release_openowner(struct nfs4_openowner *oo) 1506 { 1507 struct nfs4_ol_stateid *stp; 1508 struct nfs4_client *clp = oo->oo_owner.so_client; 1509 struct list_head reaplist; 1510 1511 INIT_LIST_HEAD(&reaplist); 1512 1513 spin_lock(&clp->cl_lock); 1514 unhash_openowner_locked(oo); 1515 while (!list_empty(&oo->oo_owner.so_stateids)) { 1516 stp = list_first_entry(&oo->oo_owner.so_stateids, 1517 struct nfs4_ol_stateid, st_perstateowner); 1518 if (unhash_open_stateid(stp, &reaplist)) 1519 put_ol_stateid_locked(stp, &reaplist); 1520 } 1521 spin_unlock(&clp->cl_lock); 1522 free_ol_stateid_reaplist(&reaplist); 1523 release_last_closed_stateid(oo); 1524 nfs4_put_stateowner(&oo->oo_owner); 1525 } 1526 1527 static inline int 1528 hash_sessionid(struct nfs4_sessionid *sessionid) 1529 { 1530 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1531 1532 return sid->sequence % SESSION_HASH_SIZE; 1533 } 1534 1535 #ifdef CONFIG_SUNRPC_DEBUG 1536 static inline void 1537 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1538 { 1539 u32 *ptr = (u32 *)(&sessionid->data[0]); 1540 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1541 } 1542 #else 1543 static inline void 1544 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1545 { 1546 } 1547 #endif 1548 1549 /* 1550 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1551 * won't be used for replay. 1552 */ 1553 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1554 { 1555 struct nfs4_stateowner *so = cstate->replay_owner; 1556 1557 if (nfserr == nfserr_replay_me) 1558 return; 1559 1560 if (!seqid_mutating_err(ntohl(nfserr))) { 1561 nfsd4_cstate_clear_replay(cstate); 1562 return; 1563 } 1564 if (!so) 1565 return; 1566 if (so->so_is_open_owner) 1567 release_last_closed_stateid(openowner(so)); 1568 so->so_seqid++; 1569 return; 1570 } 1571 1572 static void 1573 gen_sessionid(struct nfsd4_session *ses) 1574 { 1575 struct nfs4_client *clp = ses->se_client; 1576 struct nfsd4_sessionid *sid; 1577 1578 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1579 sid->clientid = clp->cl_clientid; 1580 sid->sequence = current_sessionid++; 1581 sid->reserved = 0; 1582 } 1583 1584 /* 1585 * The protocol defines ca_maxresponssize_cached to include the size of 1586 * the rpc header, but all we need to cache is the data starting after 1587 * the end of the initial SEQUENCE operation--the rest we regenerate 1588 * each time. Therefore we can advertise a ca_maxresponssize_cached 1589 * value that is the number of bytes in our cache plus a few additional 1590 * bytes. In order to stay on the safe side, and not promise more than 1591 * we can cache, those additional bytes must be the minimum possible: 24 1592 * bytes of rpc header (xid through accept state, with AUTH_NULL 1593 * verifier), 12 for the compound header (with zero-length tag), and 44 1594 * for the SEQUENCE op response: 1595 */ 1596 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1597 1598 static void 1599 free_session_slots(struct nfsd4_session *ses) 1600 { 1601 int i; 1602 1603 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1604 free_svc_cred(&ses->se_slots[i]->sl_cred); 1605 kfree(ses->se_slots[i]); 1606 } 1607 } 1608 1609 /* 1610 * We don't actually need to cache the rpc and session headers, so we 1611 * can allocate a little less for each slot: 1612 */ 1613 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1614 { 1615 u32 size; 1616 1617 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1618 size = 0; 1619 else 1620 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1621 return size + sizeof(struct nfsd4_slot); 1622 } 1623 1624 /* 1625 * XXX: If we run out of reserved DRC memory we could (up to a point) 1626 * re-negotiate active sessions and reduce their slot usage to make 1627 * room for new connections. For now we just fail the create session. 1628 */ 1629 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 1630 { 1631 u32 slotsize = slot_bytes(ca); 1632 u32 num = ca->maxreqs; 1633 unsigned long avail, total_avail; 1634 unsigned int scale_factor; 1635 1636 spin_lock(&nfsd_drc_lock); 1637 if (nfsd_drc_max_mem > nfsd_drc_mem_used) 1638 total_avail = nfsd_drc_max_mem - nfsd_drc_mem_used; 1639 else 1640 /* We have handed out more space than we chose in 1641 * set_max_drc() to allow. That isn't really a 1642 * problem as long as that doesn't make us think we 1643 * have lots more due to integer overflow. 1644 */ 1645 total_avail = 0; 1646 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, total_avail); 1647 /* 1648 * Never use more than a fraction of the remaining memory, 1649 * unless it's the only way to give this client a slot. 1650 * The chosen fraction is either 1/8 or 1/number of threads, 1651 * whichever is smaller. This ensures there are adequate 1652 * slots to support multiple clients per thread. 1653 * Give the client one slot even if that would require 1654 * over-allocation--it is better than failure. 1655 */ 1656 scale_factor = max_t(unsigned int, 8, nn->nfsd_serv->sv_nrthreads); 1657 1658 avail = clamp_t(unsigned long, avail, slotsize, 1659 total_avail/scale_factor); 1660 num = min_t(int, num, avail / slotsize); 1661 num = max_t(int, num, 1); 1662 nfsd_drc_mem_used += num * slotsize; 1663 spin_unlock(&nfsd_drc_lock); 1664 1665 return num; 1666 } 1667 1668 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1669 { 1670 int slotsize = slot_bytes(ca); 1671 1672 spin_lock(&nfsd_drc_lock); 1673 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1674 spin_unlock(&nfsd_drc_lock); 1675 } 1676 1677 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1678 struct nfsd4_channel_attrs *battrs) 1679 { 1680 int numslots = fattrs->maxreqs; 1681 int slotsize = slot_bytes(fattrs); 1682 struct nfsd4_session *new; 1683 int mem, i; 1684 1685 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1686 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1687 mem = numslots * sizeof(struct nfsd4_slot *); 1688 1689 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1690 if (!new) 1691 return NULL; 1692 /* allocate each struct nfsd4_slot and data cache in one piece */ 1693 for (i = 0; i < numslots; i++) { 1694 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1695 if (!new->se_slots[i]) 1696 goto out_free; 1697 } 1698 1699 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1700 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1701 1702 return new; 1703 out_free: 1704 while (i--) 1705 kfree(new->se_slots[i]); 1706 kfree(new); 1707 return NULL; 1708 } 1709 1710 static void free_conn(struct nfsd4_conn *c) 1711 { 1712 svc_xprt_put(c->cn_xprt); 1713 kfree(c); 1714 } 1715 1716 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1717 { 1718 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1719 struct nfs4_client *clp = c->cn_session->se_client; 1720 1721 spin_lock(&clp->cl_lock); 1722 if (!list_empty(&c->cn_persession)) { 1723 list_del(&c->cn_persession); 1724 free_conn(c); 1725 } 1726 nfsd4_probe_callback(clp); 1727 spin_unlock(&clp->cl_lock); 1728 } 1729 1730 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1731 { 1732 struct nfsd4_conn *conn; 1733 1734 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1735 if (!conn) 1736 return NULL; 1737 svc_xprt_get(rqstp->rq_xprt); 1738 conn->cn_xprt = rqstp->rq_xprt; 1739 conn->cn_flags = flags; 1740 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1741 return conn; 1742 } 1743 1744 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1745 { 1746 conn->cn_session = ses; 1747 list_add(&conn->cn_persession, &ses->se_conns); 1748 } 1749 1750 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1751 { 1752 struct nfs4_client *clp = ses->se_client; 1753 1754 spin_lock(&clp->cl_lock); 1755 __nfsd4_hash_conn(conn, ses); 1756 spin_unlock(&clp->cl_lock); 1757 } 1758 1759 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1760 { 1761 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1762 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1763 } 1764 1765 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1766 { 1767 int ret; 1768 1769 nfsd4_hash_conn(conn, ses); 1770 ret = nfsd4_register_conn(conn); 1771 if (ret) 1772 /* oops; xprt is already down: */ 1773 nfsd4_conn_lost(&conn->cn_xpt_user); 1774 /* We may have gained or lost a callback channel: */ 1775 nfsd4_probe_callback_sync(ses->se_client); 1776 } 1777 1778 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1779 { 1780 u32 dir = NFS4_CDFC4_FORE; 1781 1782 if (cses->flags & SESSION4_BACK_CHAN) 1783 dir |= NFS4_CDFC4_BACK; 1784 return alloc_conn(rqstp, dir); 1785 } 1786 1787 /* must be called under client_lock */ 1788 static void nfsd4_del_conns(struct nfsd4_session *s) 1789 { 1790 struct nfs4_client *clp = s->se_client; 1791 struct nfsd4_conn *c; 1792 1793 spin_lock(&clp->cl_lock); 1794 while (!list_empty(&s->se_conns)) { 1795 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1796 list_del_init(&c->cn_persession); 1797 spin_unlock(&clp->cl_lock); 1798 1799 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1800 free_conn(c); 1801 1802 spin_lock(&clp->cl_lock); 1803 } 1804 spin_unlock(&clp->cl_lock); 1805 } 1806 1807 static void __free_session(struct nfsd4_session *ses) 1808 { 1809 free_session_slots(ses); 1810 kfree(ses); 1811 } 1812 1813 static void free_session(struct nfsd4_session *ses) 1814 { 1815 nfsd4_del_conns(ses); 1816 nfsd4_put_drc_mem(&ses->se_fchannel); 1817 __free_session(ses); 1818 } 1819 1820 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1821 { 1822 int idx; 1823 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1824 1825 new->se_client = clp; 1826 gen_sessionid(new); 1827 1828 INIT_LIST_HEAD(&new->se_conns); 1829 1830 new->se_cb_seq_nr = 1; 1831 new->se_flags = cses->flags; 1832 new->se_cb_prog = cses->callback_prog; 1833 new->se_cb_sec = cses->cb_sec; 1834 atomic_set(&new->se_ref, 0); 1835 idx = hash_sessionid(&new->se_sessionid); 1836 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1837 spin_lock(&clp->cl_lock); 1838 list_add(&new->se_perclnt, &clp->cl_sessions); 1839 spin_unlock(&clp->cl_lock); 1840 1841 { 1842 struct sockaddr *sa = svc_addr(rqstp); 1843 /* 1844 * This is a little silly; with sessions there's no real 1845 * use for the callback address. Use the peer address 1846 * as a reasonable default for now, but consider fixing 1847 * the rpc client not to require an address in the 1848 * future: 1849 */ 1850 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1851 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1852 } 1853 } 1854 1855 /* caller must hold client_lock */ 1856 static struct nfsd4_session * 1857 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1858 { 1859 struct nfsd4_session *elem; 1860 int idx; 1861 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1862 1863 lockdep_assert_held(&nn->client_lock); 1864 1865 dump_sessionid(__func__, sessionid); 1866 idx = hash_sessionid(sessionid); 1867 /* Search in the appropriate list */ 1868 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1869 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1870 NFS4_MAX_SESSIONID_LEN)) { 1871 return elem; 1872 } 1873 } 1874 1875 dprintk("%s: session not found\n", __func__); 1876 return NULL; 1877 } 1878 1879 static struct nfsd4_session * 1880 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1881 __be32 *ret) 1882 { 1883 struct nfsd4_session *session; 1884 __be32 status = nfserr_badsession; 1885 1886 session = __find_in_sessionid_hashtbl(sessionid, net); 1887 if (!session) 1888 goto out; 1889 status = nfsd4_get_session_locked(session); 1890 if (status) 1891 session = NULL; 1892 out: 1893 *ret = status; 1894 return session; 1895 } 1896 1897 /* caller must hold client_lock */ 1898 static void 1899 unhash_session(struct nfsd4_session *ses) 1900 { 1901 struct nfs4_client *clp = ses->se_client; 1902 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1903 1904 lockdep_assert_held(&nn->client_lock); 1905 1906 list_del(&ses->se_hash); 1907 spin_lock(&ses->se_client->cl_lock); 1908 list_del(&ses->se_perclnt); 1909 spin_unlock(&ses->se_client->cl_lock); 1910 } 1911 1912 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1913 static int 1914 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1915 { 1916 /* 1917 * We're assuming the clid was not given out from a boot 1918 * precisely 2^32 (about 136 years) before this one. That seems 1919 * a safe assumption: 1920 */ 1921 if (clid->cl_boot == (u32)nn->boot_time) 1922 return 0; 1923 trace_nfsd_clid_stale(clid); 1924 return 1; 1925 } 1926 1927 /* 1928 * XXX Should we use a slab cache ? 1929 * This type of memory management is somewhat inefficient, but we use it 1930 * anyway since SETCLIENTID is not a common operation. 1931 */ 1932 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1933 { 1934 struct nfs4_client *clp; 1935 int i; 1936 1937 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 1938 if (clp == NULL) 1939 return NULL; 1940 xdr_netobj_dup(&clp->cl_name, &name, GFP_KERNEL); 1941 if (clp->cl_name.data == NULL) 1942 goto err_no_name; 1943 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE, 1944 sizeof(struct list_head), 1945 GFP_KERNEL); 1946 if (!clp->cl_ownerstr_hashtbl) 1947 goto err_no_hashtbl; 1948 for (i = 0; i < OWNER_HASH_SIZE; i++) 1949 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1950 INIT_LIST_HEAD(&clp->cl_sessions); 1951 idr_init(&clp->cl_stateids); 1952 atomic_set(&clp->cl_rpc_users, 0); 1953 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1954 INIT_LIST_HEAD(&clp->cl_idhash); 1955 INIT_LIST_HEAD(&clp->cl_openowners); 1956 INIT_LIST_HEAD(&clp->cl_delegations); 1957 INIT_LIST_HEAD(&clp->cl_lru); 1958 INIT_LIST_HEAD(&clp->cl_revoked); 1959 #ifdef CONFIG_NFSD_PNFS 1960 INIT_LIST_HEAD(&clp->cl_lo_states); 1961 #endif 1962 INIT_LIST_HEAD(&clp->async_copies); 1963 spin_lock_init(&clp->async_lock); 1964 spin_lock_init(&clp->cl_lock); 1965 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1966 return clp; 1967 err_no_hashtbl: 1968 kfree(clp->cl_name.data); 1969 err_no_name: 1970 kmem_cache_free(client_slab, clp); 1971 return NULL; 1972 } 1973 1974 static void __free_client(struct kref *k) 1975 { 1976 struct nfsdfs_client *c = container_of(k, struct nfsdfs_client, cl_ref); 1977 struct nfs4_client *clp = container_of(c, struct nfs4_client, cl_nfsdfs); 1978 1979 free_svc_cred(&clp->cl_cred); 1980 kfree(clp->cl_ownerstr_hashtbl); 1981 kfree(clp->cl_name.data); 1982 kfree(clp->cl_nii_domain.data); 1983 kfree(clp->cl_nii_name.data); 1984 idr_destroy(&clp->cl_stateids); 1985 kmem_cache_free(client_slab, clp); 1986 } 1987 1988 static void drop_client(struct nfs4_client *clp) 1989 { 1990 kref_put(&clp->cl_nfsdfs.cl_ref, __free_client); 1991 } 1992 1993 static void 1994 free_client(struct nfs4_client *clp) 1995 { 1996 while (!list_empty(&clp->cl_sessions)) { 1997 struct nfsd4_session *ses; 1998 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1999 se_perclnt); 2000 list_del(&ses->se_perclnt); 2001 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 2002 free_session(ses); 2003 } 2004 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 2005 if (clp->cl_nfsd_dentry) { 2006 nfsd_client_rmdir(clp->cl_nfsd_dentry); 2007 clp->cl_nfsd_dentry = NULL; 2008 wake_up_all(&expiry_wq); 2009 } 2010 drop_client(clp); 2011 } 2012 2013 /* must be called under the client_lock */ 2014 static void 2015 unhash_client_locked(struct nfs4_client *clp) 2016 { 2017 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2018 struct nfsd4_session *ses; 2019 2020 lockdep_assert_held(&nn->client_lock); 2021 2022 /* Mark the client as expired! */ 2023 clp->cl_time = 0; 2024 /* Make it invisible */ 2025 if (!list_empty(&clp->cl_idhash)) { 2026 list_del_init(&clp->cl_idhash); 2027 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 2028 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 2029 else 2030 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2031 } 2032 list_del_init(&clp->cl_lru); 2033 spin_lock(&clp->cl_lock); 2034 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 2035 list_del_init(&ses->se_hash); 2036 spin_unlock(&clp->cl_lock); 2037 } 2038 2039 static void 2040 unhash_client(struct nfs4_client *clp) 2041 { 2042 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2043 2044 spin_lock(&nn->client_lock); 2045 unhash_client_locked(clp); 2046 spin_unlock(&nn->client_lock); 2047 } 2048 2049 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 2050 { 2051 if (atomic_read(&clp->cl_rpc_users)) 2052 return nfserr_jukebox; 2053 unhash_client_locked(clp); 2054 return nfs_ok; 2055 } 2056 2057 static void 2058 __destroy_client(struct nfs4_client *clp) 2059 { 2060 int i; 2061 struct nfs4_openowner *oo; 2062 struct nfs4_delegation *dp; 2063 struct list_head reaplist; 2064 2065 INIT_LIST_HEAD(&reaplist); 2066 spin_lock(&state_lock); 2067 while (!list_empty(&clp->cl_delegations)) { 2068 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 2069 WARN_ON(!unhash_delegation_locked(dp)); 2070 list_add(&dp->dl_recall_lru, &reaplist); 2071 } 2072 spin_unlock(&state_lock); 2073 while (!list_empty(&reaplist)) { 2074 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 2075 list_del_init(&dp->dl_recall_lru); 2076 destroy_unhashed_deleg(dp); 2077 } 2078 while (!list_empty(&clp->cl_revoked)) { 2079 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 2080 list_del_init(&dp->dl_recall_lru); 2081 nfs4_put_stid(&dp->dl_stid); 2082 } 2083 while (!list_empty(&clp->cl_openowners)) { 2084 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 2085 nfs4_get_stateowner(&oo->oo_owner); 2086 release_openowner(oo); 2087 } 2088 for (i = 0; i < OWNER_HASH_SIZE; i++) { 2089 struct nfs4_stateowner *so, *tmp; 2090 2091 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 2092 so_strhash) { 2093 /* Should be no openowners at this point */ 2094 WARN_ON_ONCE(so->so_is_open_owner); 2095 remove_blocked_locks(lockowner(so)); 2096 } 2097 } 2098 nfsd4_return_all_client_layouts(clp); 2099 nfsd4_shutdown_copy(clp); 2100 nfsd4_shutdown_callback(clp); 2101 if (clp->cl_cb_conn.cb_xprt) 2102 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 2103 free_client(clp); 2104 wake_up_all(&expiry_wq); 2105 } 2106 2107 static void 2108 destroy_client(struct nfs4_client *clp) 2109 { 2110 unhash_client(clp); 2111 __destroy_client(clp); 2112 } 2113 2114 static void inc_reclaim_complete(struct nfs4_client *clp) 2115 { 2116 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2117 2118 if (!nn->track_reclaim_completes) 2119 return; 2120 if (!nfsd4_find_reclaim_client(clp->cl_name, nn)) 2121 return; 2122 if (atomic_inc_return(&nn->nr_reclaim_complete) == 2123 nn->reclaim_str_hashtbl_size) { 2124 printk(KERN_INFO "NFSD: all clients done reclaiming, ending NFSv4 grace period (net %x)\n", 2125 clp->net->ns.inum); 2126 nfsd4_end_grace(nn); 2127 } 2128 } 2129 2130 static void expire_client(struct nfs4_client *clp) 2131 { 2132 unhash_client(clp); 2133 nfsd4_client_record_remove(clp); 2134 __destroy_client(clp); 2135 } 2136 2137 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 2138 { 2139 memcpy(target->cl_verifier.data, source->data, 2140 sizeof(target->cl_verifier.data)); 2141 } 2142 2143 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 2144 { 2145 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 2146 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 2147 } 2148 2149 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 2150 { 2151 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 2152 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 2153 GFP_KERNEL); 2154 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL); 2155 if ((source->cr_principal && !target->cr_principal) || 2156 (source->cr_raw_principal && !target->cr_raw_principal) || 2157 (source->cr_targ_princ && !target->cr_targ_princ)) 2158 return -ENOMEM; 2159 2160 target->cr_flavor = source->cr_flavor; 2161 target->cr_uid = source->cr_uid; 2162 target->cr_gid = source->cr_gid; 2163 target->cr_group_info = source->cr_group_info; 2164 get_group_info(target->cr_group_info); 2165 target->cr_gss_mech = source->cr_gss_mech; 2166 if (source->cr_gss_mech) 2167 gss_mech_get(source->cr_gss_mech); 2168 return 0; 2169 } 2170 2171 static int 2172 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 2173 { 2174 if (o1->len < o2->len) 2175 return -1; 2176 if (o1->len > o2->len) 2177 return 1; 2178 return memcmp(o1->data, o2->data, o1->len); 2179 } 2180 2181 static int 2182 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2183 { 2184 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2185 } 2186 2187 static int 2188 same_clid(clientid_t *cl1, clientid_t *cl2) 2189 { 2190 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2191 } 2192 2193 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2194 { 2195 int i; 2196 2197 if (g1->ngroups != g2->ngroups) 2198 return false; 2199 for (i=0; i<g1->ngroups; i++) 2200 if (!gid_eq(g1->gid[i], g2->gid[i])) 2201 return false; 2202 return true; 2203 } 2204 2205 /* 2206 * RFC 3530 language requires clid_inuse be returned when the 2207 * "principal" associated with a requests differs from that previously 2208 * used. We use uid, gid's, and gss principal string as our best 2209 * approximation. We also don't want to allow non-gss use of a client 2210 * established using gss: in theory cr_principal should catch that 2211 * change, but in practice cr_principal can be null even in the gss case 2212 * since gssd doesn't always pass down a principal string. 2213 */ 2214 static bool is_gss_cred(struct svc_cred *cr) 2215 { 2216 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2217 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2218 } 2219 2220 2221 static bool 2222 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2223 { 2224 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2225 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2226 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2227 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2228 return false; 2229 /* XXX: check that cr_targ_princ fields match ? */ 2230 if (cr1->cr_principal == cr2->cr_principal) 2231 return true; 2232 if (!cr1->cr_principal || !cr2->cr_principal) 2233 return false; 2234 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2235 } 2236 2237 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2238 { 2239 struct svc_cred *cr = &rqstp->rq_cred; 2240 u32 service; 2241 2242 if (!cr->cr_gss_mech) 2243 return false; 2244 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2245 return service == RPC_GSS_SVC_INTEGRITY || 2246 service == RPC_GSS_SVC_PRIVACY; 2247 } 2248 2249 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2250 { 2251 struct svc_cred *cr = &rqstp->rq_cred; 2252 2253 if (!cl->cl_mach_cred) 2254 return true; 2255 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2256 return false; 2257 if (!svc_rqst_integrity_protected(rqstp)) 2258 return false; 2259 if (cl->cl_cred.cr_raw_principal) 2260 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2261 cr->cr_raw_principal); 2262 if (!cr->cr_principal) 2263 return false; 2264 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2265 } 2266 2267 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2268 { 2269 __be32 verf[2]; 2270 2271 /* 2272 * This is opaque to client, so no need to byte-swap. Use 2273 * __force to keep sparse happy 2274 */ 2275 verf[0] = (__force __be32)(u32)ktime_get_real_seconds(); 2276 verf[1] = (__force __be32)nn->clverifier_counter++; 2277 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2278 } 2279 2280 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2281 { 2282 clp->cl_clientid.cl_boot = (u32)nn->boot_time; 2283 clp->cl_clientid.cl_id = nn->clientid_counter++; 2284 gen_confirm(clp, nn); 2285 } 2286 2287 static struct nfs4_stid * 2288 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2289 { 2290 struct nfs4_stid *ret; 2291 2292 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2293 if (!ret || !ret->sc_type) 2294 return NULL; 2295 return ret; 2296 } 2297 2298 static struct nfs4_stid * 2299 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2300 { 2301 struct nfs4_stid *s; 2302 2303 spin_lock(&cl->cl_lock); 2304 s = find_stateid_locked(cl, t); 2305 if (s != NULL) { 2306 if (typemask & s->sc_type) 2307 refcount_inc(&s->sc_count); 2308 else 2309 s = NULL; 2310 } 2311 spin_unlock(&cl->cl_lock); 2312 return s; 2313 } 2314 2315 static struct nfs4_client *get_nfsdfs_clp(struct inode *inode) 2316 { 2317 struct nfsdfs_client *nc; 2318 nc = get_nfsdfs_client(inode); 2319 if (!nc) 2320 return NULL; 2321 return container_of(nc, struct nfs4_client, cl_nfsdfs); 2322 } 2323 2324 static void seq_quote_mem(struct seq_file *m, char *data, int len) 2325 { 2326 seq_printf(m, "\""); 2327 seq_escape_mem_ascii(m, data, len); 2328 seq_printf(m, "\""); 2329 } 2330 2331 static int client_info_show(struct seq_file *m, void *v) 2332 { 2333 struct inode *inode = m->private; 2334 struct nfs4_client *clp; 2335 u64 clid; 2336 2337 clp = get_nfsdfs_clp(inode); 2338 if (!clp) 2339 return -ENXIO; 2340 memcpy(&clid, &clp->cl_clientid, sizeof(clid)); 2341 seq_printf(m, "clientid: 0x%llx\n", clid); 2342 seq_printf(m, "address: \"%pISpc\"\n", (struct sockaddr *)&clp->cl_addr); 2343 seq_printf(m, "name: "); 2344 seq_quote_mem(m, clp->cl_name.data, clp->cl_name.len); 2345 seq_printf(m, "\nminor version: %d\n", clp->cl_minorversion); 2346 if (clp->cl_nii_domain.data) { 2347 seq_printf(m, "Implementation domain: "); 2348 seq_quote_mem(m, clp->cl_nii_domain.data, 2349 clp->cl_nii_domain.len); 2350 seq_printf(m, "\nImplementation name: "); 2351 seq_quote_mem(m, clp->cl_nii_name.data, clp->cl_nii_name.len); 2352 seq_printf(m, "\nImplementation time: [%lld, %ld]\n", 2353 clp->cl_nii_time.tv_sec, clp->cl_nii_time.tv_nsec); 2354 } 2355 drop_client(clp); 2356 2357 return 0; 2358 } 2359 2360 static int client_info_open(struct inode *inode, struct file *file) 2361 { 2362 return single_open(file, client_info_show, inode); 2363 } 2364 2365 static const struct file_operations client_info_fops = { 2366 .open = client_info_open, 2367 .read = seq_read, 2368 .llseek = seq_lseek, 2369 .release = single_release, 2370 }; 2371 2372 static void *states_start(struct seq_file *s, loff_t *pos) 2373 __acquires(&clp->cl_lock) 2374 { 2375 struct nfs4_client *clp = s->private; 2376 unsigned long id = *pos; 2377 void *ret; 2378 2379 spin_lock(&clp->cl_lock); 2380 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2381 *pos = id; 2382 return ret; 2383 } 2384 2385 static void *states_next(struct seq_file *s, void *v, loff_t *pos) 2386 { 2387 struct nfs4_client *clp = s->private; 2388 unsigned long id = *pos; 2389 void *ret; 2390 2391 id = *pos; 2392 id++; 2393 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2394 *pos = id; 2395 return ret; 2396 } 2397 2398 static void states_stop(struct seq_file *s, void *v) 2399 __releases(&clp->cl_lock) 2400 { 2401 struct nfs4_client *clp = s->private; 2402 2403 spin_unlock(&clp->cl_lock); 2404 } 2405 2406 static void nfs4_show_fname(struct seq_file *s, struct nfsd_file *f) 2407 { 2408 seq_printf(s, "filename: \"%pD2\"", f->nf_file); 2409 } 2410 2411 static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f) 2412 { 2413 struct inode *inode = f->nf_inode; 2414 2415 seq_printf(s, "superblock: \"%02x:%02x:%ld\"", 2416 MAJOR(inode->i_sb->s_dev), 2417 MINOR(inode->i_sb->s_dev), 2418 inode->i_ino); 2419 } 2420 2421 static void nfs4_show_owner(struct seq_file *s, struct nfs4_stateowner *oo) 2422 { 2423 seq_printf(s, "owner: "); 2424 seq_quote_mem(s, oo->so_owner.data, oo->so_owner.len); 2425 } 2426 2427 static void nfs4_show_stateid(struct seq_file *s, stateid_t *stid) 2428 { 2429 seq_printf(s, "0x%.8x", stid->si_generation); 2430 seq_printf(s, "%12phN", &stid->si_opaque); 2431 } 2432 2433 static int nfs4_show_open(struct seq_file *s, struct nfs4_stid *st) 2434 { 2435 struct nfs4_ol_stateid *ols; 2436 struct nfs4_file *nf; 2437 struct nfsd_file *file; 2438 struct nfs4_stateowner *oo; 2439 unsigned int access, deny; 2440 2441 if (st->sc_type != NFS4_OPEN_STID && st->sc_type != NFS4_LOCK_STID) 2442 return 0; /* XXX: or SEQ_SKIP? */ 2443 ols = openlockstateid(st); 2444 oo = ols->st_stateowner; 2445 nf = st->sc_file; 2446 file = find_any_file(nf); 2447 2448 seq_printf(s, "- "); 2449 nfs4_show_stateid(s, &st->sc_stateid); 2450 seq_printf(s, ": { type: open, "); 2451 2452 access = bmap_to_share_mode(ols->st_access_bmap); 2453 deny = bmap_to_share_mode(ols->st_deny_bmap); 2454 2455 seq_printf(s, "access: %s%s, ", 2456 access & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2457 access & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2458 seq_printf(s, "deny: %s%s, ", 2459 deny & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2460 deny & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2461 2462 nfs4_show_superblock(s, file); 2463 seq_printf(s, ", "); 2464 nfs4_show_fname(s, file); 2465 seq_printf(s, ", "); 2466 nfs4_show_owner(s, oo); 2467 seq_printf(s, " }\n"); 2468 nfsd_file_put(file); 2469 2470 return 0; 2471 } 2472 2473 static int nfs4_show_lock(struct seq_file *s, struct nfs4_stid *st) 2474 { 2475 struct nfs4_ol_stateid *ols; 2476 struct nfs4_file *nf; 2477 struct nfsd_file *file; 2478 struct nfs4_stateowner *oo; 2479 2480 ols = openlockstateid(st); 2481 oo = ols->st_stateowner; 2482 nf = st->sc_file; 2483 file = find_any_file(nf); 2484 2485 seq_printf(s, "- "); 2486 nfs4_show_stateid(s, &st->sc_stateid); 2487 seq_printf(s, ": { type: lock, "); 2488 2489 /* 2490 * Note: a lock stateid isn't really the same thing as a lock, 2491 * it's the locking state held by one owner on a file, and there 2492 * may be multiple (or no) lock ranges associated with it. 2493 * (Same for the matter is true of open stateids.) 2494 */ 2495 2496 nfs4_show_superblock(s, file); 2497 /* XXX: open stateid? */ 2498 seq_printf(s, ", "); 2499 nfs4_show_fname(s, file); 2500 seq_printf(s, ", "); 2501 nfs4_show_owner(s, oo); 2502 seq_printf(s, " }\n"); 2503 nfsd_file_put(file); 2504 2505 return 0; 2506 } 2507 2508 static int nfs4_show_deleg(struct seq_file *s, struct nfs4_stid *st) 2509 { 2510 struct nfs4_delegation *ds; 2511 struct nfs4_file *nf; 2512 struct nfsd_file *file; 2513 2514 ds = delegstateid(st); 2515 nf = st->sc_file; 2516 file = nf->fi_deleg_file; 2517 2518 seq_printf(s, "- "); 2519 nfs4_show_stateid(s, &st->sc_stateid); 2520 seq_printf(s, ": { type: deleg, "); 2521 2522 /* Kinda dead code as long as we only support read delegs: */ 2523 seq_printf(s, "access: %s, ", 2524 ds->dl_type == NFS4_OPEN_DELEGATE_READ ? "r" : "w"); 2525 2526 /* XXX: lease time, whether it's being recalled. */ 2527 2528 nfs4_show_superblock(s, file); 2529 seq_printf(s, ", "); 2530 nfs4_show_fname(s, file); 2531 seq_printf(s, " }\n"); 2532 2533 return 0; 2534 } 2535 2536 static int nfs4_show_layout(struct seq_file *s, struct nfs4_stid *st) 2537 { 2538 struct nfs4_layout_stateid *ls; 2539 struct nfsd_file *file; 2540 2541 ls = container_of(st, struct nfs4_layout_stateid, ls_stid); 2542 file = ls->ls_file; 2543 2544 seq_printf(s, "- "); 2545 nfs4_show_stateid(s, &st->sc_stateid); 2546 seq_printf(s, ": { type: layout, "); 2547 2548 /* XXX: What else would be useful? */ 2549 2550 nfs4_show_superblock(s, file); 2551 seq_printf(s, ", "); 2552 nfs4_show_fname(s, file); 2553 seq_printf(s, " }\n"); 2554 2555 return 0; 2556 } 2557 2558 static int states_show(struct seq_file *s, void *v) 2559 { 2560 struct nfs4_stid *st = v; 2561 2562 switch (st->sc_type) { 2563 case NFS4_OPEN_STID: 2564 return nfs4_show_open(s, st); 2565 case NFS4_LOCK_STID: 2566 return nfs4_show_lock(s, st); 2567 case NFS4_DELEG_STID: 2568 return nfs4_show_deleg(s, st); 2569 case NFS4_LAYOUT_STID: 2570 return nfs4_show_layout(s, st); 2571 default: 2572 return 0; /* XXX: or SEQ_SKIP? */ 2573 } 2574 /* XXX: copy stateids? */ 2575 } 2576 2577 static struct seq_operations states_seq_ops = { 2578 .start = states_start, 2579 .next = states_next, 2580 .stop = states_stop, 2581 .show = states_show 2582 }; 2583 2584 static int client_states_open(struct inode *inode, struct file *file) 2585 { 2586 struct seq_file *s; 2587 struct nfs4_client *clp; 2588 int ret; 2589 2590 clp = get_nfsdfs_clp(inode); 2591 if (!clp) 2592 return -ENXIO; 2593 2594 ret = seq_open(file, &states_seq_ops); 2595 if (ret) 2596 return ret; 2597 s = file->private_data; 2598 s->private = clp; 2599 return 0; 2600 } 2601 2602 static int client_opens_release(struct inode *inode, struct file *file) 2603 { 2604 struct seq_file *m = file->private_data; 2605 struct nfs4_client *clp = m->private; 2606 2607 /* XXX: alternatively, we could get/drop in seq start/stop */ 2608 drop_client(clp); 2609 return 0; 2610 } 2611 2612 static const struct file_operations client_states_fops = { 2613 .open = client_states_open, 2614 .read = seq_read, 2615 .llseek = seq_lseek, 2616 .release = client_opens_release, 2617 }; 2618 2619 /* 2620 * Normally we refuse to destroy clients that are in use, but here the 2621 * administrator is telling us to just do it. We also want to wait 2622 * so the caller has a guarantee that the client's locks are gone by 2623 * the time the write returns: 2624 */ 2625 static void force_expire_client(struct nfs4_client *clp) 2626 { 2627 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2628 bool already_expired; 2629 2630 spin_lock(&clp->cl_lock); 2631 clp->cl_time = 0; 2632 spin_unlock(&clp->cl_lock); 2633 2634 wait_event(expiry_wq, atomic_read(&clp->cl_rpc_users) == 0); 2635 spin_lock(&nn->client_lock); 2636 already_expired = list_empty(&clp->cl_lru); 2637 if (!already_expired) 2638 unhash_client_locked(clp); 2639 spin_unlock(&nn->client_lock); 2640 2641 if (!already_expired) 2642 expire_client(clp); 2643 else 2644 wait_event(expiry_wq, clp->cl_nfsd_dentry == NULL); 2645 } 2646 2647 static ssize_t client_ctl_write(struct file *file, const char __user *buf, 2648 size_t size, loff_t *pos) 2649 { 2650 char *data; 2651 struct nfs4_client *clp; 2652 2653 data = simple_transaction_get(file, buf, size); 2654 if (IS_ERR(data)) 2655 return PTR_ERR(data); 2656 if (size != 7 || 0 != memcmp(data, "expire\n", 7)) 2657 return -EINVAL; 2658 clp = get_nfsdfs_clp(file_inode(file)); 2659 if (!clp) 2660 return -ENXIO; 2661 force_expire_client(clp); 2662 drop_client(clp); 2663 return 7; 2664 } 2665 2666 static const struct file_operations client_ctl_fops = { 2667 .write = client_ctl_write, 2668 .release = simple_transaction_release, 2669 }; 2670 2671 static const struct tree_descr client_files[] = { 2672 [0] = {"info", &client_info_fops, S_IRUSR}, 2673 [1] = {"states", &client_states_fops, S_IRUSR}, 2674 [2] = {"ctl", &client_ctl_fops, S_IWUSR}, 2675 [3] = {""}, 2676 }; 2677 2678 static struct nfs4_client *create_client(struct xdr_netobj name, 2679 struct svc_rqst *rqstp, nfs4_verifier *verf) 2680 { 2681 struct nfs4_client *clp; 2682 struct sockaddr *sa = svc_addr(rqstp); 2683 int ret; 2684 struct net *net = SVC_NET(rqstp); 2685 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2686 2687 clp = alloc_client(name); 2688 if (clp == NULL) 2689 return NULL; 2690 2691 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2692 if (ret) { 2693 free_client(clp); 2694 return NULL; 2695 } 2696 gen_clid(clp, nn); 2697 kref_init(&clp->cl_nfsdfs.cl_ref); 2698 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2699 clp->cl_time = ktime_get_boottime_seconds(); 2700 clear_bit(0, &clp->cl_cb_slot_busy); 2701 copy_verf(clp, verf); 2702 memcpy(&clp->cl_addr, sa, sizeof(struct sockaddr_storage)); 2703 clp->cl_cb_session = NULL; 2704 clp->net = net; 2705 clp->cl_nfsd_dentry = nfsd_client_mkdir(nn, &clp->cl_nfsdfs, 2706 clp->cl_clientid.cl_id - nn->clientid_base, 2707 client_files); 2708 if (!clp->cl_nfsd_dentry) { 2709 free_client(clp); 2710 return NULL; 2711 } 2712 return clp; 2713 } 2714 2715 static void 2716 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2717 { 2718 struct rb_node **new = &(root->rb_node), *parent = NULL; 2719 struct nfs4_client *clp; 2720 2721 while (*new) { 2722 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2723 parent = *new; 2724 2725 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2726 new = &((*new)->rb_left); 2727 else 2728 new = &((*new)->rb_right); 2729 } 2730 2731 rb_link_node(&new_clp->cl_namenode, parent, new); 2732 rb_insert_color(&new_clp->cl_namenode, root); 2733 } 2734 2735 static struct nfs4_client * 2736 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2737 { 2738 int cmp; 2739 struct rb_node *node = root->rb_node; 2740 struct nfs4_client *clp; 2741 2742 while (node) { 2743 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2744 cmp = compare_blob(&clp->cl_name, name); 2745 if (cmp > 0) 2746 node = node->rb_left; 2747 else if (cmp < 0) 2748 node = node->rb_right; 2749 else 2750 return clp; 2751 } 2752 return NULL; 2753 } 2754 2755 static void 2756 add_to_unconfirmed(struct nfs4_client *clp) 2757 { 2758 unsigned int idhashval; 2759 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2760 2761 lockdep_assert_held(&nn->client_lock); 2762 2763 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2764 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2765 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2766 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2767 renew_client_locked(clp); 2768 } 2769 2770 static void 2771 move_to_confirmed(struct nfs4_client *clp) 2772 { 2773 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2774 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2775 2776 lockdep_assert_held(&nn->client_lock); 2777 2778 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2779 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2780 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2781 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2782 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2783 renew_client_locked(clp); 2784 } 2785 2786 static struct nfs4_client * 2787 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2788 { 2789 struct nfs4_client *clp; 2790 unsigned int idhashval = clientid_hashval(clid->cl_id); 2791 2792 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2793 if (same_clid(&clp->cl_clientid, clid)) { 2794 if ((bool)clp->cl_minorversion != sessions) 2795 return NULL; 2796 renew_client_locked(clp); 2797 return clp; 2798 } 2799 } 2800 return NULL; 2801 } 2802 2803 static struct nfs4_client * 2804 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2805 { 2806 struct list_head *tbl = nn->conf_id_hashtbl; 2807 2808 lockdep_assert_held(&nn->client_lock); 2809 return find_client_in_id_table(tbl, clid, sessions); 2810 } 2811 2812 static struct nfs4_client * 2813 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2814 { 2815 struct list_head *tbl = nn->unconf_id_hashtbl; 2816 2817 lockdep_assert_held(&nn->client_lock); 2818 return find_client_in_id_table(tbl, clid, sessions); 2819 } 2820 2821 static bool clp_used_exchangeid(struct nfs4_client *clp) 2822 { 2823 return clp->cl_exchange_flags != 0; 2824 } 2825 2826 static struct nfs4_client * 2827 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2828 { 2829 lockdep_assert_held(&nn->client_lock); 2830 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2831 } 2832 2833 static struct nfs4_client * 2834 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2835 { 2836 lockdep_assert_held(&nn->client_lock); 2837 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2838 } 2839 2840 static void 2841 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2842 { 2843 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2844 struct sockaddr *sa = svc_addr(rqstp); 2845 u32 scopeid = rpc_get_scope_id(sa); 2846 unsigned short expected_family; 2847 2848 /* Currently, we only support tcp and tcp6 for the callback channel */ 2849 if (se->se_callback_netid_len == 3 && 2850 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2851 expected_family = AF_INET; 2852 else if (se->se_callback_netid_len == 4 && 2853 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2854 expected_family = AF_INET6; 2855 else 2856 goto out_err; 2857 2858 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2859 se->se_callback_addr_len, 2860 (struct sockaddr *)&conn->cb_addr, 2861 sizeof(conn->cb_addr)); 2862 2863 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2864 goto out_err; 2865 2866 if (conn->cb_addr.ss_family == AF_INET6) 2867 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2868 2869 conn->cb_prog = se->se_callback_prog; 2870 conn->cb_ident = se->se_callback_ident; 2871 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2872 trace_nfsd_cb_args(clp, conn); 2873 return; 2874 out_err: 2875 conn->cb_addr.ss_family = AF_UNSPEC; 2876 conn->cb_addrlen = 0; 2877 trace_nfsd_cb_nodelegs(clp); 2878 return; 2879 } 2880 2881 /* 2882 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2883 */ 2884 static void 2885 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2886 { 2887 struct xdr_buf *buf = resp->xdr.buf; 2888 struct nfsd4_slot *slot = resp->cstate.slot; 2889 unsigned int base; 2890 2891 dprintk("--> %s slot %p\n", __func__, slot); 2892 2893 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2894 slot->sl_opcnt = resp->opcnt; 2895 slot->sl_status = resp->cstate.status; 2896 free_svc_cred(&slot->sl_cred); 2897 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2898 2899 if (!nfsd4_cache_this(resp)) { 2900 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2901 return; 2902 } 2903 slot->sl_flags |= NFSD4_SLOT_CACHED; 2904 2905 base = resp->cstate.data_offset; 2906 slot->sl_datalen = buf->len - base; 2907 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2908 WARN(1, "%s: sessions DRC could not cache compound\n", 2909 __func__); 2910 return; 2911 } 2912 2913 /* 2914 * Encode the replay sequence operation from the slot values. 2915 * If cachethis is FALSE encode the uncached rep error on the next 2916 * operation which sets resp->p and increments resp->opcnt for 2917 * nfs4svc_encode_compoundres. 2918 * 2919 */ 2920 static __be32 2921 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2922 struct nfsd4_compoundres *resp) 2923 { 2924 struct nfsd4_op *op; 2925 struct nfsd4_slot *slot = resp->cstate.slot; 2926 2927 /* Encode the replayed sequence operation */ 2928 op = &args->ops[resp->opcnt - 1]; 2929 nfsd4_encode_operation(resp, op); 2930 2931 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2932 return op->status; 2933 if (args->opcnt == 1) { 2934 /* 2935 * The original operation wasn't a solo sequence--we 2936 * always cache those--so this retry must not match the 2937 * original: 2938 */ 2939 op->status = nfserr_seq_false_retry; 2940 } else { 2941 op = &args->ops[resp->opcnt++]; 2942 op->status = nfserr_retry_uncached_rep; 2943 nfsd4_encode_operation(resp, op); 2944 } 2945 return op->status; 2946 } 2947 2948 /* 2949 * The sequence operation is not cached because we can use the slot and 2950 * session values. 2951 */ 2952 static __be32 2953 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2954 struct nfsd4_sequence *seq) 2955 { 2956 struct nfsd4_slot *slot = resp->cstate.slot; 2957 struct xdr_stream *xdr = &resp->xdr; 2958 __be32 *p; 2959 __be32 status; 2960 2961 dprintk("--> %s slot %p\n", __func__, slot); 2962 2963 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2964 if (status) 2965 return status; 2966 2967 p = xdr_reserve_space(xdr, slot->sl_datalen); 2968 if (!p) { 2969 WARN_ON_ONCE(1); 2970 return nfserr_serverfault; 2971 } 2972 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2973 xdr_commit_encode(xdr); 2974 2975 resp->opcnt = slot->sl_opcnt; 2976 return slot->sl_status; 2977 } 2978 2979 /* 2980 * Set the exchange_id flags returned by the server. 2981 */ 2982 static void 2983 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2984 { 2985 #ifdef CONFIG_NFSD_PNFS 2986 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2987 #else 2988 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2989 #endif 2990 2991 /* Referrals are supported, Migration is not. */ 2992 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2993 2994 /* set the wire flags to return to client. */ 2995 clid->flags = new->cl_exchange_flags; 2996 } 2997 2998 static bool client_has_openowners(struct nfs4_client *clp) 2999 { 3000 struct nfs4_openowner *oo; 3001 3002 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 3003 if (!list_empty(&oo->oo_owner.so_stateids)) 3004 return true; 3005 } 3006 return false; 3007 } 3008 3009 static bool client_has_state(struct nfs4_client *clp) 3010 { 3011 return client_has_openowners(clp) 3012 #ifdef CONFIG_NFSD_PNFS 3013 || !list_empty(&clp->cl_lo_states) 3014 #endif 3015 || !list_empty(&clp->cl_delegations) 3016 || !list_empty(&clp->cl_sessions) 3017 || !list_empty(&clp->async_copies); 3018 } 3019 3020 static __be32 copy_impl_id(struct nfs4_client *clp, 3021 struct nfsd4_exchange_id *exid) 3022 { 3023 if (!exid->nii_domain.data) 3024 return 0; 3025 xdr_netobj_dup(&clp->cl_nii_domain, &exid->nii_domain, GFP_KERNEL); 3026 if (!clp->cl_nii_domain.data) 3027 return nfserr_jukebox; 3028 xdr_netobj_dup(&clp->cl_nii_name, &exid->nii_name, GFP_KERNEL); 3029 if (!clp->cl_nii_name.data) 3030 return nfserr_jukebox; 3031 clp->cl_nii_time = exid->nii_time; 3032 return 0; 3033 } 3034 3035 __be32 3036 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3037 union nfsd4_op_u *u) 3038 { 3039 struct nfsd4_exchange_id *exid = &u->exchange_id; 3040 struct nfs4_client *conf, *new; 3041 struct nfs4_client *unconf = NULL; 3042 __be32 status; 3043 char addr_str[INET6_ADDRSTRLEN]; 3044 nfs4_verifier verf = exid->verifier; 3045 struct sockaddr *sa = svc_addr(rqstp); 3046 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 3047 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3048 3049 rpc_ntop(sa, addr_str, sizeof(addr_str)); 3050 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 3051 "ip_addr=%s flags %x, spa_how %d\n", 3052 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 3053 addr_str, exid->flags, exid->spa_how); 3054 3055 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 3056 return nfserr_inval; 3057 3058 new = create_client(exid->clname, rqstp, &verf); 3059 if (new == NULL) 3060 return nfserr_jukebox; 3061 status = copy_impl_id(new, exid); 3062 if (status) 3063 goto out_nolock; 3064 3065 switch (exid->spa_how) { 3066 case SP4_MACH_CRED: 3067 exid->spo_must_enforce[0] = 0; 3068 exid->spo_must_enforce[1] = ( 3069 1 << (OP_BIND_CONN_TO_SESSION - 32) | 3070 1 << (OP_EXCHANGE_ID - 32) | 3071 1 << (OP_CREATE_SESSION - 32) | 3072 1 << (OP_DESTROY_SESSION - 32) | 3073 1 << (OP_DESTROY_CLIENTID - 32)); 3074 3075 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 3076 1 << (OP_OPEN_DOWNGRADE) | 3077 1 << (OP_LOCKU) | 3078 1 << (OP_DELEGRETURN)); 3079 3080 exid->spo_must_allow[1] &= ( 3081 1 << (OP_TEST_STATEID - 32) | 3082 1 << (OP_FREE_STATEID - 32)); 3083 if (!svc_rqst_integrity_protected(rqstp)) { 3084 status = nfserr_inval; 3085 goto out_nolock; 3086 } 3087 /* 3088 * Sometimes userspace doesn't give us a principal. 3089 * Which is a bug, really. Anyway, we can't enforce 3090 * MACH_CRED in that case, better to give up now: 3091 */ 3092 if (!new->cl_cred.cr_principal && 3093 !new->cl_cred.cr_raw_principal) { 3094 status = nfserr_serverfault; 3095 goto out_nolock; 3096 } 3097 new->cl_mach_cred = true; 3098 case SP4_NONE: 3099 break; 3100 default: /* checked by xdr code */ 3101 WARN_ON_ONCE(1); 3102 /* fall through */ 3103 case SP4_SSV: 3104 status = nfserr_encr_alg_unsupp; 3105 goto out_nolock; 3106 } 3107 3108 /* Cases below refer to rfc 5661 section 18.35.4: */ 3109 spin_lock(&nn->client_lock); 3110 conf = find_confirmed_client_by_name(&exid->clname, nn); 3111 if (conf) { 3112 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 3113 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 3114 3115 if (update) { 3116 if (!clp_used_exchangeid(conf)) { /* buggy client */ 3117 status = nfserr_inval; 3118 goto out; 3119 } 3120 if (!nfsd4_mach_creds_match(conf, rqstp)) { 3121 status = nfserr_wrong_cred; 3122 goto out; 3123 } 3124 if (!creds_match) { /* case 9 */ 3125 status = nfserr_perm; 3126 goto out; 3127 } 3128 if (!verfs_match) { /* case 8 */ 3129 status = nfserr_not_same; 3130 goto out; 3131 } 3132 /* case 6 */ 3133 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 3134 goto out_copy; 3135 } 3136 if (!creds_match) { /* case 3 */ 3137 if (client_has_state(conf)) { 3138 status = nfserr_clid_inuse; 3139 goto out; 3140 } 3141 goto out_new; 3142 } 3143 if (verfs_match) { /* case 2 */ 3144 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 3145 goto out_copy; 3146 } 3147 /* case 5, client reboot */ 3148 conf = NULL; 3149 goto out_new; 3150 } 3151 3152 if (update) { /* case 7 */ 3153 status = nfserr_noent; 3154 goto out; 3155 } 3156 3157 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 3158 if (unconf) /* case 4, possible retry or client restart */ 3159 unhash_client_locked(unconf); 3160 3161 /* case 1 (normal case) */ 3162 out_new: 3163 if (conf) { 3164 status = mark_client_expired_locked(conf); 3165 if (status) 3166 goto out; 3167 } 3168 new->cl_minorversion = cstate->minorversion; 3169 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 3170 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 3171 3172 add_to_unconfirmed(new); 3173 swap(new, conf); 3174 out_copy: 3175 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 3176 exid->clientid.cl_id = conf->cl_clientid.cl_id; 3177 3178 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 3179 nfsd4_set_ex_flags(conf, exid); 3180 3181 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 3182 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 3183 status = nfs_ok; 3184 3185 out: 3186 spin_unlock(&nn->client_lock); 3187 out_nolock: 3188 if (new) 3189 expire_client(new); 3190 if (unconf) 3191 expire_client(unconf); 3192 return status; 3193 } 3194 3195 static __be32 3196 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 3197 { 3198 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 3199 slot_seqid); 3200 3201 /* The slot is in use, and no response has been sent. */ 3202 if (slot_inuse) { 3203 if (seqid == slot_seqid) 3204 return nfserr_jukebox; 3205 else 3206 return nfserr_seq_misordered; 3207 } 3208 /* Note unsigned 32-bit arithmetic handles wraparound: */ 3209 if (likely(seqid == slot_seqid + 1)) 3210 return nfs_ok; 3211 if (seqid == slot_seqid) 3212 return nfserr_replay_cache; 3213 return nfserr_seq_misordered; 3214 } 3215 3216 /* 3217 * Cache the create session result into the create session single DRC 3218 * slot cache by saving the xdr structure. sl_seqid has been set. 3219 * Do this for solo or embedded create session operations. 3220 */ 3221 static void 3222 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 3223 struct nfsd4_clid_slot *slot, __be32 nfserr) 3224 { 3225 slot->sl_status = nfserr; 3226 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 3227 } 3228 3229 static __be32 3230 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 3231 struct nfsd4_clid_slot *slot) 3232 { 3233 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 3234 return slot->sl_status; 3235 } 3236 3237 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 3238 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 3239 1 + /* MIN tag is length with zero, only length */ \ 3240 3 + /* version, opcount, opcode */ \ 3241 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3242 /* seqid, slotID, slotID, cache */ \ 3243 4 ) * sizeof(__be32)) 3244 3245 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 3246 2 + /* verifier: AUTH_NULL, length 0 */\ 3247 1 + /* status */ \ 3248 1 + /* MIN tag is length with zero, only length */ \ 3249 3 + /* opcount, opcode, opstatus*/ \ 3250 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3251 /* seqid, slotID, slotID, slotID, status */ \ 3252 5 ) * sizeof(__be32)) 3253 3254 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 3255 { 3256 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 3257 3258 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 3259 return nfserr_toosmall; 3260 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 3261 return nfserr_toosmall; 3262 ca->headerpadsz = 0; 3263 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 3264 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 3265 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 3266 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 3267 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 3268 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 3269 /* 3270 * Note decreasing slot size below client's request may make it 3271 * difficult for client to function correctly, whereas 3272 * decreasing the number of slots will (just?) affect 3273 * performance. When short on memory we therefore prefer to 3274 * decrease number of slots instead of their size. Clients that 3275 * request larger slots than they need will get poor results: 3276 * Note that we always allow at least one slot, because our 3277 * accounting is soft and provides no guarantees either way. 3278 */ 3279 ca->maxreqs = nfsd4_get_drc_mem(ca, nn); 3280 3281 return nfs_ok; 3282 } 3283 3284 /* 3285 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 3286 * These are based on similar macros in linux/sunrpc/msg_prot.h . 3287 */ 3288 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 3289 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 3290 3291 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 3292 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 3293 3294 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 3295 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 3296 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 3297 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 3298 sizeof(__be32)) 3299 3300 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 3301 { 3302 ca->headerpadsz = 0; 3303 3304 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 3305 return nfserr_toosmall; 3306 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 3307 return nfserr_toosmall; 3308 ca->maxresp_cached = 0; 3309 if (ca->maxops < 2) 3310 return nfserr_toosmall; 3311 3312 return nfs_ok; 3313 } 3314 3315 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 3316 { 3317 switch (cbs->flavor) { 3318 case RPC_AUTH_NULL: 3319 case RPC_AUTH_UNIX: 3320 return nfs_ok; 3321 default: 3322 /* 3323 * GSS case: the spec doesn't allow us to return this 3324 * error. But it also doesn't allow us not to support 3325 * GSS. 3326 * I'd rather this fail hard than return some error the 3327 * client might think it can already handle: 3328 */ 3329 return nfserr_encr_alg_unsupp; 3330 } 3331 } 3332 3333 __be32 3334 nfsd4_create_session(struct svc_rqst *rqstp, 3335 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3336 { 3337 struct nfsd4_create_session *cr_ses = &u->create_session; 3338 struct sockaddr *sa = svc_addr(rqstp); 3339 struct nfs4_client *conf, *unconf; 3340 struct nfs4_client *old = NULL; 3341 struct nfsd4_session *new; 3342 struct nfsd4_conn *conn; 3343 struct nfsd4_clid_slot *cs_slot = NULL; 3344 __be32 status = 0; 3345 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3346 3347 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 3348 return nfserr_inval; 3349 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 3350 if (status) 3351 return status; 3352 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 3353 if (status) 3354 return status; 3355 status = check_backchannel_attrs(&cr_ses->back_channel); 3356 if (status) 3357 goto out_release_drc_mem; 3358 status = nfserr_jukebox; 3359 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 3360 if (!new) 3361 goto out_release_drc_mem; 3362 conn = alloc_conn_from_crses(rqstp, cr_ses); 3363 if (!conn) 3364 goto out_free_session; 3365 3366 spin_lock(&nn->client_lock); 3367 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 3368 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 3369 WARN_ON_ONCE(conf && unconf); 3370 3371 if (conf) { 3372 status = nfserr_wrong_cred; 3373 if (!nfsd4_mach_creds_match(conf, rqstp)) 3374 goto out_free_conn; 3375 cs_slot = &conf->cl_cs_slot; 3376 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 3377 if (status) { 3378 if (status == nfserr_replay_cache) 3379 status = nfsd4_replay_create_session(cr_ses, cs_slot); 3380 goto out_free_conn; 3381 } 3382 } else if (unconf) { 3383 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 3384 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 3385 status = nfserr_clid_inuse; 3386 goto out_free_conn; 3387 } 3388 status = nfserr_wrong_cred; 3389 if (!nfsd4_mach_creds_match(unconf, rqstp)) 3390 goto out_free_conn; 3391 cs_slot = &unconf->cl_cs_slot; 3392 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 3393 if (status) { 3394 /* an unconfirmed replay returns misordered */ 3395 status = nfserr_seq_misordered; 3396 goto out_free_conn; 3397 } 3398 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3399 if (old) { 3400 status = mark_client_expired_locked(old); 3401 if (status) { 3402 old = NULL; 3403 goto out_free_conn; 3404 } 3405 } 3406 move_to_confirmed(unconf); 3407 conf = unconf; 3408 } else { 3409 status = nfserr_stale_clientid; 3410 goto out_free_conn; 3411 } 3412 status = nfs_ok; 3413 /* Persistent sessions are not supported */ 3414 cr_ses->flags &= ~SESSION4_PERSIST; 3415 /* Upshifting from TCP to RDMA is not supported */ 3416 cr_ses->flags &= ~SESSION4_RDMA; 3417 3418 init_session(rqstp, new, conf, cr_ses); 3419 nfsd4_get_session_locked(new); 3420 3421 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 3422 NFS4_MAX_SESSIONID_LEN); 3423 cs_slot->sl_seqid++; 3424 cr_ses->seqid = cs_slot->sl_seqid; 3425 3426 /* cache solo and embedded create sessions under the client_lock */ 3427 nfsd4_cache_create_session(cr_ses, cs_slot, status); 3428 spin_unlock(&nn->client_lock); 3429 /* init connection and backchannel */ 3430 nfsd4_init_conn(rqstp, conn, new); 3431 nfsd4_put_session(new); 3432 if (old) 3433 expire_client(old); 3434 return status; 3435 out_free_conn: 3436 spin_unlock(&nn->client_lock); 3437 free_conn(conn); 3438 if (old) 3439 expire_client(old); 3440 out_free_session: 3441 __free_session(new); 3442 out_release_drc_mem: 3443 nfsd4_put_drc_mem(&cr_ses->fore_channel); 3444 return status; 3445 } 3446 3447 static __be32 nfsd4_map_bcts_dir(u32 *dir) 3448 { 3449 switch (*dir) { 3450 case NFS4_CDFC4_FORE: 3451 case NFS4_CDFC4_BACK: 3452 return nfs_ok; 3453 case NFS4_CDFC4_FORE_OR_BOTH: 3454 case NFS4_CDFC4_BACK_OR_BOTH: 3455 *dir = NFS4_CDFC4_BOTH; 3456 return nfs_ok; 3457 } 3458 return nfserr_inval; 3459 } 3460 3461 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 3462 struct nfsd4_compound_state *cstate, 3463 union nfsd4_op_u *u) 3464 { 3465 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 3466 struct nfsd4_session *session = cstate->session; 3467 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3468 __be32 status; 3469 3470 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 3471 if (status) 3472 return status; 3473 spin_lock(&nn->client_lock); 3474 session->se_cb_prog = bc->bc_cb_program; 3475 session->se_cb_sec = bc->bc_cb_sec; 3476 spin_unlock(&nn->client_lock); 3477 3478 nfsd4_probe_callback(session->se_client); 3479 3480 return nfs_ok; 3481 } 3482 3483 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3484 { 3485 struct nfsd4_conn *c; 3486 3487 list_for_each_entry(c, &s->se_conns, cn_persession) { 3488 if (c->cn_xprt == xpt) { 3489 return c; 3490 } 3491 } 3492 return NULL; 3493 } 3494 3495 static __be32 nfsd4_match_existing_connection(struct svc_rqst *rqst, 3496 struct nfsd4_session *session, u32 req) 3497 { 3498 struct nfs4_client *clp = session->se_client; 3499 struct svc_xprt *xpt = rqst->rq_xprt; 3500 struct nfsd4_conn *c; 3501 __be32 status; 3502 3503 /* Following the last paragraph of RFC 5661 Section 18.34.3: */ 3504 spin_lock(&clp->cl_lock); 3505 c = __nfsd4_find_conn(xpt, session); 3506 if (!c) 3507 status = nfserr_noent; 3508 else if (req == c->cn_flags) 3509 status = nfs_ok; 3510 else if (req == NFS4_CDFC4_FORE_OR_BOTH && 3511 c->cn_flags != NFS4_CDFC4_BACK) 3512 status = nfs_ok; 3513 else if (req == NFS4_CDFC4_BACK_OR_BOTH && 3514 c->cn_flags != NFS4_CDFC4_FORE) 3515 status = nfs_ok; 3516 else 3517 status = nfserr_inval; 3518 spin_unlock(&clp->cl_lock); 3519 return status; 3520 } 3521 3522 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 3523 struct nfsd4_compound_state *cstate, 3524 union nfsd4_op_u *u) 3525 { 3526 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 3527 __be32 status; 3528 struct nfsd4_conn *conn; 3529 struct nfsd4_session *session; 3530 struct net *net = SVC_NET(rqstp); 3531 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3532 3533 if (!nfsd4_last_compound_op(rqstp)) 3534 return nfserr_not_only_op; 3535 spin_lock(&nn->client_lock); 3536 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 3537 spin_unlock(&nn->client_lock); 3538 if (!session) 3539 goto out_no_session; 3540 status = nfserr_wrong_cred; 3541 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 3542 goto out; 3543 status = nfsd4_match_existing_connection(rqstp, session, bcts->dir); 3544 if (status == nfs_ok || status == nfserr_inval) 3545 goto out; 3546 status = nfsd4_map_bcts_dir(&bcts->dir); 3547 if (status) 3548 goto out; 3549 conn = alloc_conn(rqstp, bcts->dir); 3550 status = nfserr_jukebox; 3551 if (!conn) 3552 goto out; 3553 nfsd4_init_conn(rqstp, conn, session); 3554 status = nfs_ok; 3555 out: 3556 nfsd4_put_session(session); 3557 out_no_session: 3558 return status; 3559 } 3560 3561 static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid) 3562 { 3563 if (!cstate->session) 3564 return false; 3565 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid)); 3566 } 3567 3568 __be32 3569 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 3570 union nfsd4_op_u *u) 3571 { 3572 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid; 3573 struct nfsd4_session *ses; 3574 __be32 status; 3575 int ref_held_by_me = 0; 3576 struct net *net = SVC_NET(r); 3577 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3578 3579 status = nfserr_not_only_op; 3580 if (nfsd4_compound_in_session(cstate, sessionid)) { 3581 if (!nfsd4_last_compound_op(r)) 3582 goto out; 3583 ref_held_by_me++; 3584 } 3585 dump_sessionid(__func__, sessionid); 3586 spin_lock(&nn->client_lock); 3587 ses = find_in_sessionid_hashtbl(sessionid, net, &status); 3588 if (!ses) 3589 goto out_client_lock; 3590 status = nfserr_wrong_cred; 3591 if (!nfsd4_mach_creds_match(ses->se_client, r)) 3592 goto out_put_session; 3593 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 3594 if (status) 3595 goto out_put_session; 3596 unhash_session(ses); 3597 spin_unlock(&nn->client_lock); 3598 3599 nfsd4_probe_callback_sync(ses->se_client); 3600 3601 spin_lock(&nn->client_lock); 3602 status = nfs_ok; 3603 out_put_session: 3604 nfsd4_put_session_locked(ses); 3605 out_client_lock: 3606 spin_unlock(&nn->client_lock); 3607 out: 3608 return status; 3609 } 3610 3611 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 3612 { 3613 struct nfs4_client *clp = ses->se_client; 3614 struct nfsd4_conn *c; 3615 __be32 status = nfs_ok; 3616 int ret; 3617 3618 spin_lock(&clp->cl_lock); 3619 c = __nfsd4_find_conn(new->cn_xprt, ses); 3620 if (c) 3621 goto out_free; 3622 status = nfserr_conn_not_bound_to_session; 3623 if (clp->cl_mach_cred) 3624 goto out_free; 3625 __nfsd4_hash_conn(new, ses); 3626 spin_unlock(&clp->cl_lock); 3627 ret = nfsd4_register_conn(new); 3628 if (ret) 3629 /* oops; xprt is already down: */ 3630 nfsd4_conn_lost(&new->cn_xpt_user); 3631 return nfs_ok; 3632 out_free: 3633 spin_unlock(&clp->cl_lock); 3634 free_conn(new); 3635 return status; 3636 } 3637 3638 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 3639 { 3640 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3641 3642 return args->opcnt > session->se_fchannel.maxops; 3643 } 3644 3645 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3646 struct nfsd4_session *session) 3647 { 3648 struct xdr_buf *xb = &rqstp->rq_arg; 3649 3650 return xb->len > session->se_fchannel.maxreq_sz; 3651 } 3652 3653 static bool replay_matches_cache(struct svc_rqst *rqstp, 3654 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3655 { 3656 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3657 3658 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3659 (bool)seq->cachethis) 3660 return false; 3661 /* 3662 * If there's an error then the reply can have fewer ops than 3663 * the call. 3664 */ 3665 if (slot->sl_opcnt < argp->opcnt && !slot->sl_status) 3666 return false; 3667 /* 3668 * But if we cached a reply with *more* ops than the call you're 3669 * sending us now, then this new call is clearly not really a 3670 * replay of the old one: 3671 */ 3672 if (slot->sl_opcnt > argp->opcnt) 3673 return false; 3674 /* This is the only check explicitly called by spec: */ 3675 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3676 return false; 3677 /* 3678 * There may be more comparisons we could actually do, but the 3679 * spec doesn't require us to catch every case where the calls 3680 * don't match (that would require caching the call as well as 3681 * the reply), so we don't bother. 3682 */ 3683 return true; 3684 } 3685 3686 __be32 3687 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3688 union nfsd4_op_u *u) 3689 { 3690 struct nfsd4_sequence *seq = &u->sequence; 3691 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3692 struct xdr_stream *xdr = &resp->xdr; 3693 struct nfsd4_session *session; 3694 struct nfs4_client *clp; 3695 struct nfsd4_slot *slot; 3696 struct nfsd4_conn *conn; 3697 __be32 status; 3698 int buflen; 3699 struct net *net = SVC_NET(rqstp); 3700 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3701 3702 if (resp->opcnt != 1) 3703 return nfserr_sequence_pos; 3704 3705 /* 3706 * Will be either used or freed by nfsd4_sequence_check_conn 3707 * below. 3708 */ 3709 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3710 if (!conn) 3711 return nfserr_jukebox; 3712 3713 spin_lock(&nn->client_lock); 3714 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3715 if (!session) 3716 goto out_no_session; 3717 clp = session->se_client; 3718 3719 status = nfserr_too_many_ops; 3720 if (nfsd4_session_too_many_ops(rqstp, session)) 3721 goto out_put_session; 3722 3723 status = nfserr_req_too_big; 3724 if (nfsd4_request_too_big(rqstp, session)) 3725 goto out_put_session; 3726 3727 status = nfserr_badslot; 3728 if (seq->slotid >= session->se_fchannel.maxreqs) 3729 goto out_put_session; 3730 3731 slot = session->se_slots[seq->slotid]; 3732 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3733 3734 /* We do not negotiate the number of slots yet, so set the 3735 * maxslots to the session maxreqs which is used to encode 3736 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3737 seq->maxslots = session->se_fchannel.maxreqs; 3738 3739 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3740 slot->sl_flags & NFSD4_SLOT_INUSE); 3741 if (status == nfserr_replay_cache) { 3742 status = nfserr_seq_misordered; 3743 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3744 goto out_put_session; 3745 status = nfserr_seq_false_retry; 3746 if (!replay_matches_cache(rqstp, seq, slot)) 3747 goto out_put_session; 3748 cstate->slot = slot; 3749 cstate->session = session; 3750 cstate->clp = clp; 3751 /* Return the cached reply status and set cstate->status 3752 * for nfsd4_proc_compound processing */ 3753 status = nfsd4_replay_cache_entry(resp, seq); 3754 cstate->status = nfserr_replay_cache; 3755 goto out; 3756 } 3757 if (status) 3758 goto out_put_session; 3759 3760 status = nfsd4_sequence_check_conn(conn, session); 3761 conn = NULL; 3762 if (status) 3763 goto out_put_session; 3764 3765 buflen = (seq->cachethis) ? 3766 session->se_fchannel.maxresp_cached : 3767 session->se_fchannel.maxresp_sz; 3768 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3769 nfserr_rep_too_big; 3770 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3771 goto out_put_session; 3772 svc_reserve(rqstp, buflen); 3773 3774 status = nfs_ok; 3775 /* Success! bump slot seqid */ 3776 slot->sl_seqid = seq->seqid; 3777 slot->sl_flags |= NFSD4_SLOT_INUSE; 3778 if (seq->cachethis) 3779 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3780 else 3781 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3782 3783 cstate->slot = slot; 3784 cstate->session = session; 3785 cstate->clp = clp; 3786 3787 out: 3788 switch (clp->cl_cb_state) { 3789 case NFSD4_CB_DOWN: 3790 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3791 break; 3792 case NFSD4_CB_FAULT: 3793 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3794 break; 3795 default: 3796 seq->status_flags = 0; 3797 } 3798 if (!list_empty(&clp->cl_revoked)) 3799 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3800 out_no_session: 3801 if (conn) 3802 free_conn(conn); 3803 spin_unlock(&nn->client_lock); 3804 return status; 3805 out_put_session: 3806 nfsd4_put_session_locked(session); 3807 goto out_no_session; 3808 } 3809 3810 void 3811 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3812 { 3813 struct nfsd4_compound_state *cs = &resp->cstate; 3814 3815 if (nfsd4_has_session(cs)) { 3816 if (cs->status != nfserr_replay_cache) { 3817 nfsd4_store_cache_entry(resp); 3818 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3819 } 3820 /* Drop session reference that was taken in nfsd4_sequence() */ 3821 nfsd4_put_session(cs->session); 3822 } else if (cs->clp) 3823 put_client_renew(cs->clp); 3824 } 3825 3826 __be32 3827 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3828 struct nfsd4_compound_state *cstate, 3829 union nfsd4_op_u *u) 3830 { 3831 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3832 struct nfs4_client *conf, *unconf; 3833 struct nfs4_client *clp = NULL; 3834 __be32 status = 0; 3835 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3836 3837 spin_lock(&nn->client_lock); 3838 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3839 conf = find_confirmed_client(&dc->clientid, true, nn); 3840 WARN_ON_ONCE(conf && unconf); 3841 3842 if (conf) { 3843 if (client_has_state(conf)) { 3844 status = nfserr_clientid_busy; 3845 goto out; 3846 } 3847 status = mark_client_expired_locked(conf); 3848 if (status) 3849 goto out; 3850 clp = conf; 3851 } else if (unconf) 3852 clp = unconf; 3853 else { 3854 status = nfserr_stale_clientid; 3855 goto out; 3856 } 3857 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3858 clp = NULL; 3859 status = nfserr_wrong_cred; 3860 goto out; 3861 } 3862 unhash_client_locked(clp); 3863 out: 3864 spin_unlock(&nn->client_lock); 3865 if (clp) 3866 expire_client(clp); 3867 return status; 3868 } 3869 3870 __be32 3871 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3872 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3873 { 3874 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3875 __be32 status = 0; 3876 3877 if (rc->rca_one_fs) { 3878 if (!cstate->current_fh.fh_dentry) 3879 return nfserr_nofilehandle; 3880 /* 3881 * We don't take advantage of the rca_one_fs case. 3882 * That's OK, it's optional, we can safely ignore it. 3883 */ 3884 return nfs_ok; 3885 } 3886 3887 status = nfserr_complete_already; 3888 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3889 &cstate->session->se_client->cl_flags)) 3890 goto out; 3891 3892 status = nfserr_stale_clientid; 3893 if (is_client_expired(cstate->session->se_client)) 3894 /* 3895 * The following error isn't really legal. 3896 * But we only get here if the client just explicitly 3897 * destroyed the client. Surely it no longer cares what 3898 * error it gets back on an operation for the dead 3899 * client. 3900 */ 3901 goto out; 3902 3903 status = nfs_ok; 3904 nfsd4_client_record_create(cstate->session->se_client); 3905 inc_reclaim_complete(cstate->session->se_client); 3906 out: 3907 return status; 3908 } 3909 3910 __be32 3911 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3912 union nfsd4_op_u *u) 3913 { 3914 struct nfsd4_setclientid *setclid = &u->setclientid; 3915 struct xdr_netobj clname = setclid->se_name; 3916 nfs4_verifier clverifier = setclid->se_verf; 3917 struct nfs4_client *conf, *new; 3918 struct nfs4_client *unconf = NULL; 3919 __be32 status; 3920 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3921 3922 new = create_client(clname, rqstp, &clverifier); 3923 if (new == NULL) 3924 return nfserr_jukebox; 3925 /* Cases below refer to rfc 3530 section 14.2.33: */ 3926 spin_lock(&nn->client_lock); 3927 conf = find_confirmed_client_by_name(&clname, nn); 3928 if (conf && client_has_state(conf)) { 3929 /* case 0: */ 3930 status = nfserr_clid_inuse; 3931 if (clp_used_exchangeid(conf)) 3932 goto out; 3933 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3934 trace_nfsd_clid_inuse_err(conf); 3935 goto out; 3936 } 3937 } 3938 unconf = find_unconfirmed_client_by_name(&clname, nn); 3939 if (unconf) 3940 unhash_client_locked(unconf); 3941 /* We need to handle only case 1: probable callback update */ 3942 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3943 copy_clid(new, conf); 3944 gen_confirm(new, nn); 3945 } 3946 new->cl_minorversion = 0; 3947 gen_callback(new, setclid, rqstp); 3948 add_to_unconfirmed(new); 3949 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3950 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3951 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3952 new = NULL; 3953 status = nfs_ok; 3954 out: 3955 spin_unlock(&nn->client_lock); 3956 if (new) 3957 free_client(new); 3958 if (unconf) 3959 expire_client(unconf); 3960 return status; 3961 } 3962 3963 3964 __be32 3965 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3966 struct nfsd4_compound_state *cstate, 3967 union nfsd4_op_u *u) 3968 { 3969 struct nfsd4_setclientid_confirm *setclientid_confirm = 3970 &u->setclientid_confirm; 3971 struct nfs4_client *conf, *unconf; 3972 struct nfs4_client *old = NULL; 3973 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3974 clientid_t * clid = &setclientid_confirm->sc_clientid; 3975 __be32 status; 3976 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3977 3978 if (STALE_CLIENTID(clid, nn)) 3979 return nfserr_stale_clientid; 3980 3981 spin_lock(&nn->client_lock); 3982 conf = find_confirmed_client(clid, false, nn); 3983 unconf = find_unconfirmed_client(clid, false, nn); 3984 /* 3985 * We try hard to give out unique clientid's, so if we get an 3986 * attempt to confirm the same clientid with a different cred, 3987 * the client may be buggy; this should never happen. 3988 * 3989 * Nevertheless, RFC 7530 recommends INUSE for this case: 3990 */ 3991 status = nfserr_clid_inuse; 3992 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3993 goto out; 3994 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3995 goto out; 3996 /* cases below refer to rfc 3530 section 14.2.34: */ 3997 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3998 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3999 /* case 2: probable retransmit */ 4000 status = nfs_ok; 4001 } else /* case 4: client hasn't noticed we rebooted yet? */ 4002 status = nfserr_stale_clientid; 4003 goto out; 4004 } 4005 status = nfs_ok; 4006 if (conf) { /* case 1: callback update */ 4007 old = unconf; 4008 unhash_client_locked(old); 4009 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 4010 } else { /* case 3: normal case; new or rebooted client */ 4011 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 4012 if (old) { 4013 status = nfserr_clid_inuse; 4014 if (client_has_state(old) 4015 && !same_creds(&unconf->cl_cred, 4016 &old->cl_cred)) 4017 goto out; 4018 status = mark_client_expired_locked(old); 4019 if (status) { 4020 old = NULL; 4021 goto out; 4022 } 4023 } 4024 move_to_confirmed(unconf); 4025 conf = unconf; 4026 } 4027 get_client_locked(conf); 4028 spin_unlock(&nn->client_lock); 4029 nfsd4_probe_callback(conf); 4030 spin_lock(&nn->client_lock); 4031 put_client_renew_locked(conf); 4032 out: 4033 spin_unlock(&nn->client_lock); 4034 if (old) 4035 expire_client(old); 4036 return status; 4037 } 4038 4039 static struct nfs4_file *nfsd4_alloc_file(void) 4040 { 4041 return kmem_cache_alloc(file_slab, GFP_KERNEL); 4042 } 4043 4044 /* OPEN Share state helper functions */ 4045 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 4046 struct nfs4_file *fp) 4047 { 4048 lockdep_assert_held(&state_lock); 4049 4050 refcount_set(&fp->fi_ref, 1); 4051 spin_lock_init(&fp->fi_lock); 4052 INIT_LIST_HEAD(&fp->fi_stateids); 4053 INIT_LIST_HEAD(&fp->fi_delegations); 4054 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 4055 fh_copy_shallow(&fp->fi_fhandle, fh); 4056 fp->fi_deleg_file = NULL; 4057 fp->fi_had_conflict = false; 4058 fp->fi_share_deny = 0; 4059 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 4060 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 4061 #ifdef CONFIG_NFSD_PNFS 4062 INIT_LIST_HEAD(&fp->fi_lo_states); 4063 atomic_set(&fp->fi_lo_recalls, 0); 4064 #endif 4065 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 4066 } 4067 4068 void 4069 nfsd4_free_slabs(void) 4070 { 4071 kmem_cache_destroy(client_slab); 4072 kmem_cache_destroy(openowner_slab); 4073 kmem_cache_destroy(lockowner_slab); 4074 kmem_cache_destroy(file_slab); 4075 kmem_cache_destroy(stateid_slab); 4076 kmem_cache_destroy(deleg_slab); 4077 kmem_cache_destroy(odstate_slab); 4078 } 4079 4080 int 4081 nfsd4_init_slabs(void) 4082 { 4083 client_slab = kmem_cache_create("nfsd4_clients", 4084 sizeof(struct nfs4_client), 0, 0, NULL); 4085 if (client_slab == NULL) 4086 goto out; 4087 openowner_slab = kmem_cache_create("nfsd4_openowners", 4088 sizeof(struct nfs4_openowner), 0, 0, NULL); 4089 if (openowner_slab == NULL) 4090 goto out_free_client_slab; 4091 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 4092 sizeof(struct nfs4_lockowner), 0, 0, NULL); 4093 if (lockowner_slab == NULL) 4094 goto out_free_openowner_slab; 4095 file_slab = kmem_cache_create("nfsd4_files", 4096 sizeof(struct nfs4_file), 0, 0, NULL); 4097 if (file_slab == NULL) 4098 goto out_free_lockowner_slab; 4099 stateid_slab = kmem_cache_create("nfsd4_stateids", 4100 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 4101 if (stateid_slab == NULL) 4102 goto out_free_file_slab; 4103 deleg_slab = kmem_cache_create("nfsd4_delegations", 4104 sizeof(struct nfs4_delegation), 0, 0, NULL); 4105 if (deleg_slab == NULL) 4106 goto out_free_stateid_slab; 4107 odstate_slab = kmem_cache_create("nfsd4_odstate", 4108 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 4109 if (odstate_slab == NULL) 4110 goto out_free_deleg_slab; 4111 return 0; 4112 4113 out_free_deleg_slab: 4114 kmem_cache_destroy(deleg_slab); 4115 out_free_stateid_slab: 4116 kmem_cache_destroy(stateid_slab); 4117 out_free_file_slab: 4118 kmem_cache_destroy(file_slab); 4119 out_free_lockowner_slab: 4120 kmem_cache_destroy(lockowner_slab); 4121 out_free_openowner_slab: 4122 kmem_cache_destroy(openowner_slab); 4123 out_free_client_slab: 4124 kmem_cache_destroy(client_slab); 4125 out: 4126 return -ENOMEM; 4127 } 4128 4129 static void init_nfs4_replay(struct nfs4_replay *rp) 4130 { 4131 rp->rp_status = nfserr_serverfault; 4132 rp->rp_buflen = 0; 4133 rp->rp_buf = rp->rp_ibuf; 4134 mutex_init(&rp->rp_mutex); 4135 } 4136 4137 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 4138 struct nfs4_stateowner *so) 4139 { 4140 if (!nfsd4_has_session(cstate)) { 4141 mutex_lock(&so->so_replay.rp_mutex); 4142 cstate->replay_owner = nfs4_get_stateowner(so); 4143 } 4144 } 4145 4146 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 4147 { 4148 struct nfs4_stateowner *so = cstate->replay_owner; 4149 4150 if (so != NULL) { 4151 cstate->replay_owner = NULL; 4152 mutex_unlock(&so->so_replay.rp_mutex); 4153 nfs4_put_stateowner(so); 4154 } 4155 } 4156 4157 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 4158 { 4159 struct nfs4_stateowner *sop; 4160 4161 sop = kmem_cache_alloc(slab, GFP_KERNEL); 4162 if (!sop) 4163 return NULL; 4164 4165 xdr_netobj_dup(&sop->so_owner, owner, GFP_KERNEL); 4166 if (!sop->so_owner.data) { 4167 kmem_cache_free(slab, sop); 4168 return NULL; 4169 } 4170 4171 INIT_LIST_HEAD(&sop->so_stateids); 4172 sop->so_client = clp; 4173 init_nfs4_replay(&sop->so_replay); 4174 atomic_set(&sop->so_count, 1); 4175 return sop; 4176 } 4177 4178 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 4179 { 4180 lockdep_assert_held(&clp->cl_lock); 4181 4182 list_add(&oo->oo_owner.so_strhash, 4183 &clp->cl_ownerstr_hashtbl[strhashval]); 4184 list_add(&oo->oo_perclient, &clp->cl_openowners); 4185 } 4186 4187 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 4188 { 4189 unhash_openowner_locked(openowner(so)); 4190 } 4191 4192 static void nfs4_free_openowner(struct nfs4_stateowner *so) 4193 { 4194 struct nfs4_openowner *oo = openowner(so); 4195 4196 kmem_cache_free(openowner_slab, oo); 4197 } 4198 4199 static const struct nfs4_stateowner_operations openowner_ops = { 4200 .so_unhash = nfs4_unhash_openowner, 4201 .so_free = nfs4_free_openowner, 4202 }; 4203 4204 static struct nfs4_ol_stateid * 4205 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 4206 { 4207 struct nfs4_ol_stateid *local, *ret = NULL; 4208 struct nfs4_openowner *oo = open->op_openowner; 4209 4210 lockdep_assert_held(&fp->fi_lock); 4211 4212 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 4213 /* ignore lock owners */ 4214 if (local->st_stateowner->so_is_open_owner == 0) 4215 continue; 4216 if (local->st_stateowner != &oo->oo_owner) 4217 continue; 4218 if (local->st_stid.sc_type == NFS4_OPEN_STID) { 4219 ret = local; 4220 refcount_inc(&ret->st_stid.sc_count); 4221 break; 4222 } 4223 } 4224 return ret; 4225 } 4226 4227 static __be32 4228 nfsd4_verify_open_stid(struct nfs4_stid *s) 4229 { 4230 __be32 ret = nfs_ok; 4231 4232 switch (s->sc_type) { 4233 default: 4234 break; 4235 case 0: 4236 case NFS4_CLOSED_STID: 4237 case NFS4_CLOSED_DELEG_STID: 4238 ret = nfserr_bad_stateid; 4239 break; 4240 case NFS4_REVOKED_DELEG_STID: 4241 ret = nfserr_deleg_revoked; 4242 } 4243 return ret; 4244 } 4245 4246 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 4247 static __be32 4248 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 4249 { 4250 __be32 ret; 4251 4252 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 4253 ret = nfsd4_verify_open_stid(&stp->st_stid); 4254 if (ret != nfs_ok) 4255 mutex_unlock(&stp->st_mutex); 4256 return ret; 4257 } 4258 4259 static struct nfs4_ol_stateid * 4260 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 4261 { 4262 struct nfs4_ol_stateid *stp; 4263 for (;;) { 4264 spin_lock(&fp->fi_lock); 4265 stp = nfsd4_find_existing_open(fp, open); 4266 spin_unlock(&fp->fi_lock); 4267 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 4268 break; 4269 nfs4_put_stid(&stp->st_stid); 4270 } 4271 return stp; 4272 } 4273 4274 static struct nfs4_openowner * 4275 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 4276 struct nfsd4_compound_state *cstate) 4277 { 4278 struct nfs4_client *clp = cstate->clp; 4279 struct nfs4_openowner *oo, *ret; 4280 4281 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 4282 if (!oo) 4283 return NULL; 4284 oo->oo_owner.so_ops = &openowner_ops; 4285 oo->oo_owner.so_is_open_owner = 1; 4286 oo->oo_owner.so_seqid = open->op_seqid; 4287 oo->oo_flags = 0; 4288 if (nfsd4_has_session(cstate)) 4289 oo->oo_flags |= NFS4_OO_CONFIRMED; 4290 oo->oo_time = 0; 4291 oo->oo_last_closed_stid = NULL; 4292 INIT_LIST_HEAD(&oo->oo_close_lru); 4293 spin_lock(&clp->cl_lock); 4294 ret = find_openstateowner_str_locked(strhashval, open, clp); 4295 if (ret == NULL) { 4296 hash_openowner(oo, clp, strhashval); 4297 ret = oo; 4298 } else 4299 nfs4_free_stateowner(&oo->oo_owner); 4300 4301 spin_unlock(&clp->cl_lock); 4302 return ret; 4303 } 4304 4305 static struct nfs4_ol_stateid * 4306 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 4307 { 4308 4309 struct nfs4_openowner *oo = open->op_openowner; 4310 struct nfs4_ol_stateid *retstp = NULL; 4311 struct nfs4_ol_stateid *stp; 4312 4313 stp = open->op_stp; 4314 /* We are moving these outside of the spinlocks to avoid the warnings */ 4315 mutex_init(&stp->st_mutex); 4316 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 4317 4318 retry: 4319 spin_lock(&oo->oo_owner.so_client->cl_lock); 4320 spin_lock(&fp->fi_lock); 4321 4322 retstp = nfsd4_find_existing_open(fp, open); 4323 if (retstp) 4324 goto out_unlock; 4325 4326 open->op_stp = NULL; 4327 refcount_inc(&stp->st_stid.sc_count); 4328 stp->st_stid.sc_type = NFS4_OPEN_STID; 4329 INIT_LIST_HEAD(&stp->st_locks); 4330 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 4331 get_nfs4_file(fp); 4332 stp->st_stid.sc_file = fp; 4333 stp->st_access_bmap = 0; 4334 stp->st_deny_bmap = 0; 4335 stp->st_openstp = NULL; 4336 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 4337 list_add(&stp->st_perfile, &fp->fi_stateids); 4338 4339 out_unlock: 4340 spin_unlock(&fp->fi_lock); 4341 spin_unlock(&oo->oo_owner.so_client->cl_lock); 4342 if (retstp) { 4343 /* Handle races with CLOSE */ 4344 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 4345 nfs4_put_stid(&retstp->st_stid); 4346 goto retry; 4347 } 4348 /* To keep mutex tracking happy */ 4349 mutex_unlock(&stp->st_mutex); 4350 stp = retstp; 4351 } 4352 return stp; 4353 } 4354 4355 /* 4356 * In the 4.0 case we need to keep the owners around a little while to handle 4357 * CLOSE replay. We still do need to release any file access that is held by 4358 * them before returning however. 4359 */ 4360 static void 4361 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 4362 { 4363 struct nfs4_ol_stateid *last; 4364 struct nfs4_openowner *oo = openowner(s->st_stateowner); 4365 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 4366 nfsd_net_id); 4367 4368 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 4369 4370 /* 4371 * We know that we hold one reference via nfsd4_close, and another 4372 * "persistent" reference for the client. If the refcount is higher 4373 * than 2, then there are still calls in progress that are using this 4374 * stateid. We can't put the sc_file reference until they are finished. 4375 * Wait for the refcount to drop to 2. Since it has been unhashed, 4376 * there should be no danger of the refcount going back up again at 4377 * this point. 4378 */ 4379 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 4380 4381 release_all_access(s); 4382 if (s->st_stid.sc_file) { 4383 put_nfs4_file(s->st_stid.sc_file); 4384 s->st_stid.sc_file = NULL; 4385 } 4386 4387 spin_lock(&nn->client_lock); 4388 last = oo->oo_last_closed_stid; 4389 oo->oo_last_closed_stid = s; 4390 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 4391 oo->oo_time = ktime_get_boottime_seconds(); 4392 spin_unlock(&nn->client_lock); 4393 if (last) 4394 nfs4_put_stid(&last->st_stid); 4395 } 4396 4397 /* search file_hashtbl[] for file */ 4398 static struct nfs4_file * 4399 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 4400 { 4401 struct nfs4_file *fp; 4402 4403 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash, 4404 lockdep_is_held(&state_lock)) { 4405 if (fh_match(&fp->fi_fhandle, fh)) { 4406 if (refcount_inc_not_zero(&fp->fi_ref)) 4407 return fp; 4408 } 4409 } 4410 return NULL; 4411 } 4412 4413 struct nfs4_file * 4414 find_file(struct knfsd_fh *fh) 4415 { 4416 struct nfs4_file *fp; 4417 unsigned int hashval = file_hashval(fh); 4418 4419 rcu_read_lock(); 4420 fp = find_file_locked(fh, hashval); 4421 rcu_read_unlock(); 4422 return fp; 4423 } 4424 4425 static struct nfs4_file * 4426 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 4427 { 4428 struct nfs4_file *fp; 4429 unsigned int hashval = file_hashval(fh); 4430 4431 rcu_read_lock(); 4432 fp = find_file_locked(fh, hashval); 4433 rcu_read_unlock(); 4434 if (fp) 4435 return fp; 4436 4437 spin_lock(&state_lock); 4438 fp = find_file_locked(fh, hashval); 4439 if (likely(fp == NULL)) { 4440 nfsd4_init_file(fh, hashval, new); 4441 fp = new; 4442 } 4443 spin_unlock(&state_lock); 4444 4445 return fp; 4446 } 4447 4448 /* 4449 * Called to check deny when READ with all zero stateid or 4450 * WRITE with all zero or all one stateid 4451 */ 4452 static __be32 4453 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 4454 { 4455 struct nfs4_file *fp; 4456 __be32 ret = nfs_ok; 4457 4458 fp = find_file(¤t_fh->fh_handle); 4459 if (!fp) 4460 return ret; 4461 /* Check for conflicting share reservations */ 4462 spin_lock(&fp->fi_lock); 4463 if (fp->fi_share_deny & deny_type) 4464 ret = nfserr_locked; 4465 spin_unlock(&fp->fi_lock); 4466 put_nfs4_file(fp); 4467 return ret; 4468 } 4469 4470 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 4471 { 4472 struct nfs4_delegation *dp = cb_to_delegation(cb); 4473 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 4474 nfsd_net_id); 4475 4476 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 4477 4478 /* 4479 * We can't do this in nfsd_break_deleg_cb because it is 4480 * already holding inode->i_lock. 4481 * 4482 * If the dl_time != 0, then we know that it has already been 4483 * queued for a lease break. Don't queue it again. 4484 */ 4485 spin_lock(&state_lock); 4486 if (dp->dl_time == 0) { 4487 dp->dl_time = ktime_get_boottime_seconds(); 4488 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 4489 } 4490 spin_unlock(&state_lock); 4491 } 4492 4493 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 4494 struct rpc_task *task) 4495 { 4496 struct nfs4_delegation *dp = cb_to_delegation(cb); 4497 4498 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 4499 return 1; 4500 4501 switch (task->tk_status) { 4502 case 0: 4503 return 1; 4504 case -NFS4ERR_DELAY: 4505 rpc_delay(task, 2 * HZ); 4506 return 0; 4507 case -EBADHANDLE: 4508 case -NFS4ERR_BAD_STATEID: 4509 /* 4510 * Race: client probably got cb_recall before open reply 4511 * granting delegation. 4512 */ 4513 if (dp->dl_retries--) { 4514 rpc_delay(task, 2 * HZ); 4515 return 0; 4516 } 4517 /*FALLTHRU*/ 4518 default: 4519 return 1; 4520 } 4521 } 4522 4523 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 4524 { 4525 struct nfs4_delegation *dp = cb_to_delegation(cb); 4526 4527 nfs4_put_stid(&dp->dl_stid); 4528 } 4529 4530 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 4531 .prepare = nfsd4_cb_recall_prepare, 4532 .done = nfsd4_cb_recall_done, 4533 .release = nfsd4_cb_recall_release, 4534 }; 4535 4536 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 4537 { 4538 /* 4539 * We're assuming the state code never drops its reference 4540 * without first removing the lease. Since we're in this lease 4541 * callback (and since the lease code is serialized by the 4542 * i_lock) we know the server hasn't removed the lease yet, and 4543 * we know it's safe to take a reference. 4544 */ 4545 refcount_inc(&dp->dl_stid.sc_count); 4546 nfsd4_run_cb(&dp->dl_recall); 4547 } 4548 4549 /* Called from break_lease() with i_lock held. */ 4550 static bool 4551 nfsd_break_deleg_cb(struct file_lock *fl) 4552 { 4553 bool ret = false; 4554 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner; 4555 struct nfs4_file *fp = dp->dl_stid.sc_file; 4556 4557 trace_nfsd_deleg_break(&dp->dl_stid.sc_stateid); 4558 4559 /* 4560 * We don't want the locks code to timeout the lease for us; 4561 * we'll remove it ourself if a delegation isn't returned 4562 * in time: 4563 */ 4564 fl->fl_break_time = 0; 4565 4566 spin_lock(&fp->fi_lock); 4567 fp->fi_had_conflict = true; 4568 nfsd_break_one_deleg(dp); 4569 spin_unlock(&fp->fi_lock); 4570 return ret; 4571 } 4572 4573 static bool nfsd_breaker_owns_lease(struct file_lock *fl) 4574 { 4575 struct nfs4_delegation *dl = fl->fl_owner; 4576 struct svc_rqst *rqst; 4577 struct nfs4_client *clp; 4578 4579 if (!i_am_nfsd()) 4580 return NULL; 4581 rqst = kthread_data(current); 4582 clp = *(rqst->rq_lease_breaker); 4583 return dl->dl_stid.sc_client == clp; 4584 } 4585 4586 static int 4587 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 4588 struct list_head *dispose) 4589 { 4590 if (arg & F_UNLCK) 4591 return lease_modify(onlist, arg, dispose); 4592 else 4593 return -EAGAIN; 4594 } 4595 4596 static const struct lock_manager_operations nfsd_lease_mng_ops = { 4597 .lm_breaker_owns_lease = nfsd_breaker_owns_lease, 4598 .lm_break = nfsd_break_deleg_cb, 4599 .lm_change = nfsd_change_deleg_cb, 4600 }; 4601 4602 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 4603 { 4604 if (nfsd4_has_session(cstate)) 4605 return nfs_ok; 4606 if (seqid == so->so_seqid - 1) 4607 return nfserr_replay_me; 4608 if (seqid == so->so_seqid) 4609 return nfs_ok; 4610 return nfserr_bad_seqid; 4611 } 4612 4613 static __be32 lookup_clientid(clientid_t *clid, 4614 struct nfsd4_compound_state *cstate, 4615 struct nfsd_net *nn, 4616 bool sessions) 4617 { 4618 struct nfs4_client *found; 4619 4620 if (cstate->clp) { 4621 found = cstate->clp; 4622 if (!same_clid(&found->cl_clientid, clid)) 4623 return nfserr_stale_clientid; 4624 return nfs_ok; 4625 } 4626 4627 if (STALE_CLIENTID(clid, nn)) 4628 return nfserr_stale_clientid; 4629 4630 /* 4631 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 4632 * cached already then we know this is for is for v4.0 and "sessions" 4633 * will be false. 4634 */ 4635 WARN_ON_ONCE(cstate->session); 4636 spin_lock(&nn->client_lock); 4637 found = find_confirmed_client(clid, sessions, nn); 4638 if (!found) { 4639 spin_unlock(&nn->client_lock); 4640 return nfserr_expired; 4641 } 4642 atomic_inc(&found->cl_rpc_users); 4643 spin_unlock(&nn->client_lock); 4644 4645 /* Cache the nfs4_client in cstate! */ 4646 cstate->clp = found; 4647 return nfs_ok; 4648 } 4649 4650 __be32 4651 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 4652 struct nfsd4_open *open, struct nfsd_net *nn) 4653 { 4654 clientid_t *clientid = &open->op_clientid; 4655 struct nfs4_client *clp = NULL; 4656 unsigned int strhashval; 4657 struct nfs4_openowner *oo = NULL; 4658 __be32 status; 4659 4660 if (STALE_CLIENTID(&open->op_clientid, nn)) 4661 return nfserr_stale_clientid; 4662 /* 4663 * In case we need it later, after we've already created the 4664 * file and don't want to risk a further failure: 4665 */ 4666 open->op_file = nfsd4_alloc_file(); 4667 if (open->op_file == NULL) 4668 return nfserr_jukebox; 4669 4670 status = lookup_clientid(clientid, cstate, nn, false); 4671 if (status) 4672 return status; 4673 clp = cstate->clp; 4674 4675 strhashval = ownerstr_hashval(&open->op_owner); 4676 oo = find_openstateowner_str(strhashval, open, clp); 4677 open->op_openowner = oo; 4678 if (!oo) { 4679 goto new_owner; 4680 } 4681 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4682 /* Replace unconfirmed owners without checking for replay. */ 4683 release_openowner(oo); 4684 open->op_openowner = NULL; 4685 goto new_owner; 4686 } 4687 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 4688 if (status) 4689 return status; 4690 goto alloc_stateid; 4691 new_owner: 4692 oo = alloc_init_open_stateowner(strhashval, open, cstate); 4693 if (oo == NULL) 4694 return nfserr_jukebox; 4695 open->op_openowner = oo; 4696 alloc_stateid: 4697 open->op_stp = nfs4_alloc_open_stateid(clp); 4698 if (!open->op_stp) 4699 return nfserr_jukebox; 4700 4701 if (nfsd4_has_session(cstate) && 4702 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 4703 open->op_odstate = alloc_clnt_odstate(clp); 4704 if (!open->op_odstate) 4705 return nfserr_jukebox; 4706 } 4707 4708 return nfs_ok; 4709 } 4710 4711 static inline __be32 4712 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4713 { 4714 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4715 return nfserr_openmode; 4716 else 4717 return nfs_ok; 4718 } 4719 4720 static int share_access_to_flags(u32 share_access) 4721 { 4722 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4723 } 4724 4725 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4726 { 4727 struct nfs4_stid *ret; 4728 4729 ret = find_stateid_by_type(cl, s, 4730 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4731 if (!ret) 4732 return NULL; 4733 return delegstateid(ret); 4734 } 4735 4736 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4737 { 4738 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4739 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4740 } 4741 4742 static __be32 4743 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4744 struct nfs4_delegation **dp) 4745 { 4746 int flags; 4747 __be32 status = nfserr_bad_stateid; 4748 struct nfs4_delegation *deleg; 4749 4750 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4751 if (deleg == NULL) 4752 goto out; 4753 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4754 nfs4_put_stid(&deleg->dl_stid); 4755 if (cl->cl_minorversion) 4756 status = nfserr_deleg_revoked; 4757 goto out; 4758 } 4759 flags = share_access_to_flags(open->op_share_access); 4760 status = nfs4_check_delegmode(deleg, flags); 4761 if (status) { 4762 nfs4_put_stid(&deleg->dl_stid); 4763 goto out; 4764 } 4765 *dp = deleg; 4766 out: 4767 if (!nfsd4_is_deleg_cur(open)) 4768 return nfs_ok; 4769 if (status) 4770 return status; 4771 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4772 return nfs_ok; 4773 } 4774 4775 static inline int nfs4_access_to_access(u32 nfs4_access) 4776 { 4777 int flags = 0; 4778 4779 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4780 flags |= NFSD_MAY_READ; 4781 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4782 flags |= NFSD_MAY_WRITE; 4783 return flags; 4784 } 4785 4786 static inline __be32 4787 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4788 struct nfsd4_open *open) 4789 { 4790 struct iattr iattr = { 4791 .ia_valid = ATTR_SIZE, 4792 .ia_size = 0, 4793 }; 4794 if (!open->op_truncate) 4795 return 0; 4796 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4797 return nfserr_inval; 4798 return nfsd_setattr(rqstp, fh, &iattr, 0, (time64_t)0); 4799 } 4800 4801 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4802 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4803 struct nfsd4_open *open) 4804 { 4805 struct nfsd_file *nf = NULL; 4806 __be32 status; 4807 int oflag = nfs4_access_to_omode(open->op_share_access); 4808 int access = nfs4_access_to_access(open->op_share_access); 4809 unsigned char old_access_bmap, old_deny_bmap; 4810 4811 spin_lock(&fp->fi_lock); 4812 4813 /* 4814 * Are we trying to set a deny mode that would conflict with 4815 * current access? 4816 */ 4817 status = nfs4_file_check_deny(fp, open->op_share_deny); 4818 if (status != nfs_ok) { 4819 spin_unlock(&fp->fi_lock); 4820 goto out; 4821 } 4822 4823 /* set access to the file */ 4824 status = nfs4_file_get_access(fp, open->op_share_access); 4825 if (status != nfs_ok) { 4826 spin_unlock(&fp->fi_lock); 4827 goto out; 4828 } 4829 4830 /* Set access bits in stateid */ 4831 old_access_bmap = stp->st_access_bmap; 4832 set_access(open->op_share_access, stp); 4833 4834 /* Set new deny mask */ 4835 old_deny_bmap = stp->st_deny_bmap; 4836 set_deny(open->op_share_deny, stp); 4837 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4838 4839 if (!fp->fi_fds[oflag]) { 4840 spin_unlock(&fp->fi_lock); 4841 status = nfsd_file_acquire(rqstp, cur_fh, access, &nf); 4842 if (status) 4843 goto out_put_access; 4844 spin_lock(&fp->fi_lock); 4845 if (!fp->fi_fds[oflag]) { 4846 fp->fi_fds[oflag] = nf; 4847 nf = NULL; 4848 } 4849 } 4850 spin_unlock(&fp->fi_lock); 4851 if (nf) 4852 nfsd_file_put(nf); 4853 4854 status = nfsd4_truncate(rqstp, cur_fh, open); 4855 if (status) 4856 goto out_put_access; 4857 out: 4858 return status; 4859 out_put_access: 4860 stp->st_access_bmap = old_access_bmap; 4861 nfs4_file_put_access(fp, open->op_share_access); 4862 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4863 goto out; 4864 } 4865 4866 static __be32 4867 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4868 { 4869 __be32 status; 4870 unsigned char old_deny_bmap = stp->st_deny_bmap; 4871 4872 if (!test_access(open->op_share_access, stp)) 4873 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4874 4875 /* test and set deny mode */ 4876 spin_lock(&fp->fi_lock); 4877 status = nfs4_file_check_deny(fp, open->op_share_deny); 4878 if (status == nfs_ok) { 4879 set_deny(open->op_share_deny, stp); 4880 fp->fi_share_deny |= 4881 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4882 } 4883 spin_unlock(&fp->fi_lock); 4884 4885 if (status != nfs_ok) 4886 return status; 4887 4888 status = nfsd4_truncate(rqstp, cur_fh, open); 4889 if (status != nfs_ok) 4890 reset_union_bmap_deny(old_deny_bmap, stp); 4891 return status; 4892 } 4893 4894 /* Should we give out recallable state?: */ 4895 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4896 { 4897 if (clp->cl_cb_state == NFSD4_CB_UP) 4898 return true; 4899 /* 4900 * In the sessions case, since we don't have to establish a 4901 * separate connection for callbacks, we assume it's OK 4902 * until we hear otherwise: 4903 */ 4904 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4905 } 4906 4907 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 4908 int flag) 4909 { 4910 struct file_lock *fl; 4911 4912 fl = locks_alloc_lock(); 4913 if (!fl) 4914 return NULL; 4915 fl->fl_lmops = &nfsd_lease_mng_ops; 4916 fl->fl_flags = FL_DELEG; 4917 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4918 fl->fl_end = OFFSET_MAX; 4919 fl->fl_owner = (fl_owner_t)dp; 4920 fl->fl_pid = current->tgid; 4921 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file->nf_file; 4922 return fl; 4923 } 4924 4925 static struct nfs4_delegation * 4926 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4927 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4928 { 4929 int status = 0; 4930 struct nfs4_delegation *dp; 4931 struct nfsd_file *nf; 4932 struct file_lock *fl; 4933 4934 /* 4935 * The fi_had_conflict and nfs_get_existing_delegation checks 4936 * here are just optimizations; we'll need to recheck them at 4937 * the end: 4938 */ 4939 if (fp->fi_had_conflict) 4940 return ERR_PTR(-EAGAIN); 4941 4942 nf = find_readable_file(fp); 4943 if (!nf) { 4944 /* We should always have a readable file here */ 4945 WARN_ON_ONCE(1); 4946 return ERR_PTR(-EBADF); 4947 } 4948 spin_lock(&state_lock); 4949 spin_lock(&fp->fi_lock); 4950 if (nfs4_delegation_exists(clp, fp)) 4951 status = -EAGAIN; 4952 else if (!fp->fi_deleg_file) { 4953 fp->fi_deleg_file = nf; 4954 /* increment early to prevent fi_deleg_file from being 4955 * cleared */ 4956 fp->fi_delegees = 1; 4957 nf = NULL; 4958 } else 4959 fp->fi_delegees++; 4960 spin_unlock(&fp->fi_lock); 4961 spin_unlock(&state_lock); 4962 if (nf) 4963 nfsd_file_put(nf); 4964 if (status) 4965 return ERR_PTR(status); 4966 4967 status = -ENOMEM; 4968 dp = alloc_init_deleg(clp, fp, fh, odstate); 4969 if (!dp) 4970 goto out_delegees; 4971 4972 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 4973 if (!fl) 4974 goto out_clnt_odstate; 4975 4976 status = vfs_setlease(fp->fi_deleg_file->nf_file, fl->fl_type, &fl, NULL); 4977 if (fl) 4978 locks_free_lock(fl); 4979 if (status) 4980 goto out_clnt_odstate; 4981 4982 spin_lock(&state_lock); 4983 spin_lock(&fp->fi_lock); 4984 if (fp->fi_had_conflict) 4985 status = -EAGAIN; 4986 else 4987 status = hash_delegation_locked(dp, fp); 4988 spin_unlock(&fp->fi_lock); 4989 spin_unlock(&state_lock); 4990 4991 if (status) 4992 goto out_unlock; 4993 4994 return dp; 4995 out_unlock: 4996 vfs_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp); 4997 out_clnt_odstate: 4998 put_clnt_odstate(dp->dl_clnt_odstate); 4999 nfs4_put_stid(&dp->dl_stid); 5000 out_delegees: 5001 put_deleg_file(fp); 5002 return ERR_PTR(status); 5003 } 5004 5005 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 5006 { 5007 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5008 if (status == -EAGAIN) 5009 open->op_why_no_deleg = WND4_CONTENTION; 5010 else { 5011 open->op_why_no_deleg = WND4_RESOURCE; 5012 switch (open->op_deleg_want) { 5013 case NFS4_SHARE_WANT_READ_DELEG: 5014 case NFS4_SHARE_WANT_WRITE_DELEG: 5015 case NFS4_SHARE_WANT_ANY_DELEG: 5016 break; 5017 case NFS4_SHARE_WANT_CANCEL: 5018 open->op_why_no_deleg = WND4_CANCELLED; 5019 break; 5020 case NFS4_SHARE_WANT_NO_DELEG: 5021 WARN_ON_ONCE(1); 5022 } 5023 } 5024 } 5025 5026 /* 5027 * Attempt to hand out a delegation. 5028 * 5029 * Note we don't support write delegations, and won't until the vfs has 5030 * proper support for them. 5031 */ 5032 static void 5033 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 5034 struct nfs4_ol_stateid *stp) 5035 { 5036 struct nfs4_delegation *dp; 5037 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 5038 struct nfs4_client *clp = stp->st_stid.sc_client; 5039 int cb_up; 5040 int status = 0; 5041 5042 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 5043 open->op_recall = 0; 5044 switch (open->op_claim_type) { 5045 case NFS4_OPEN_CLAIM_PREVIOUS: 5046 if (!cb_up) 5047 open->op_recall = 1; 5048 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 5049 goto out_no_deleg; 5050 break; 5051 case NFS4_OPEN_CLAIM_NULL: 5052 case NFS4_OPEN_CLAIM_FH: 5053 /* 5054 * Let's not give out any delegations till everyone's 5055 * had the chance to reclaim theirs, *and* until 5056 * NLM locks have all been reclaimed: 5057 */ 5058 if (locks_in_grace(clp->net)) 5059 goto out_no_deleg; 5060 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 5061 goto out_no_deleg; 5062 /* 5063 * Also, if the file was opened for write or 5064 * create, there's a good chance the client's 5065 * about to write to it, resulting in an 5066 * immediate recall (since we don't support 5067 * write delegations): 5068 */ 5069 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 5070 goto out_no_deleg; 5071 if (open->op_create == NFS4_OPEN_CREATE) 5072 goto out_no_deleg; 5073 break; 5074 default: 5075 goto out_no_deleg; 5076 } 5077 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 5078 if (IS_ERR(dp)) 5079 goto out_no_deleg; 5080 5081 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 5082 5083 trace_nfsd_deleg_open(&dp->dl_stid.sc_stateid); 5084 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 5085 nfs4_put_stid(&dp->dl_stid); 5086 return; 5087 out_no_deleg: 5088 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 5089 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 5090 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 5091 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 5092 open->op_recall = 1; 5093 } 5094 5095 /* 4.1 client asking for a delegation? */ 5096 if (open->op_deleg_want) 5097 nfsd4_open_deleg_none_ext(open, status); 5098 return; 5099 } 5100 5101 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 5102 struct nfs4_delegation *dp) 5103 { 5104 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 5105 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 5106 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5107 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 5108 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 5109 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 5110 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5111 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 5112 } 5113 /* Otherwise the client must be confused wanting a delegation 5114 * it already has, therefore we don't return 5115 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 5116 */ 5117 } 5118 5119 __be32 5120 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 5121 { 5122 struct nfsd4_compoundres *resp = rqstp->rq_resp; 5123 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 5124 struct nfs4_file *fp = NULL; 5125 struct nfs4_ol_stateid *stp = NULL; 5126 struct nfs4_delegation *dp = NULL; 5127 __be32 status; 5128 bool new_stp = false; 5129 5130 /* 5131 * Lookup file; if found, lookup stateid and check open request, 5132 * and check for delegations in the process of being recalled. 5133 * If not found, create the nfs4_file struct 5134 */ 5135 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 5136 if (fp != open->op_file) { 5137 status = nfs4_check_deleg(cl, open, &dp); 5138 if (status) 5139 goto out; 5140 stp = nfsd4_find_and_lock_existing_open(fp, open); 5141 } else { 5142 open->op_file = NULL; 5143 status = nfserr_bad_stateid; 5144 if (nfsd4_is_deleg_cur(open)) 5145 goto out; 5146 } 5147 5148 if (!stp) { 5149 stp = init_open_stateid(fp, open); 5150 if (!open->op_stp) 5151 new_stp = true; 5152 } 5153 5154 /* 5155 * OPEN the file, or upgrade an existing OPEN. 5156 * If truncate fails, the OPEN fails. 5157 * 5158 * stp is already locked. 5159 */ 5160 if (!new_stp) { 5161 /* Stateid was found, this is an OPEN upgrade */ 5162 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 5163 if (status) { 5164 mutex_unlock(&stp->st_mutex); 5165 goto out; 5166 } 5167 } else { 5168 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 5169 if (status) { 5170 stp->st_stid.sc_type = NFS4_CLOSED_STID; 5171 release_open_stateid(stp); 5172 mutex_unlock(&stp->st_mutex); 5173 goto out; 5174 } 5175 5176 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 5177 open->op_odstate); 5178 if (stp->st_clnt_odstate == open->op_odstate) 5179 open->op_odstate = NULL; 5180 } 5181 5182 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 5183 mutex_unlock(&stp->st_mutex); 5184 5185 if (nfsd4_has_session(&resp->cstate)) { 5186 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 5187 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5188 open->op_why_no_deleg = WND4_NOT_WANTED; 5189 goto nodeleg; 5190 } 5191 } 5192 5193 /* 5194 * Attempt to hand out a delegation. No error return, because the 5195 * OPEN succeeds even if we fail. 5196 */ 5197 nfs4_open_delegation(current_fh, open, stp); 5198 nodeleg: 5199 status = nfs_ok; 5200 trace_nfsd_deleg_none(&stp->st_stid.sc_stateid); 5201 out: 5202 /* 4.1 client trying to upgrade/downgrade delegation? */ 5203 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 5204 open->op_deleg_want) 5205 nfsd4_deleg_xgrade_none_ext(open, dp); 5206 5207 if (fp) 5208 put_nfs4_file(fp); 5209 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 5210 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 5211 /* 5212 * To finish the open response, we just need to set the rflags. 5213 */ 5214 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 5215 if (nfsd4_has_session(&resp->cstate)) 5216 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 5217 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 5218 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 5219 5220 if (dp) 5221 nfs4_put_stid(&dp->dl_stid); 5222 if (stp) 5223 nfs4_put_stid(&stp->st_stid); 5224 5225 return status; 5226 } 5227 5228 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 5229 struct nfsd4_open *open) 5230 { 5231 if (open->op_openowner) { 5232 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 5233 5234 nfsd4_cstate_assign_replay(cstate, so); 5235 nfs4_put_stateowner(so); 5236 } 5237 if (open->op_file) 5238 kmem_cache_free(file_slab, open->op_file); 5239 if (open->op_stp) 5240 nfs4_put_stid(&open->op_stp->st_stid); 5241 if (open->op_odstate) 5242 kmem_cache_free(odstate_slab, open->op_odstate); 5243 } 5244 5245 __be32 5246 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5247 union nfsd4_op_u *u) 5248 { 5249 clientid_t *clid = &u->renew; 5250 struct nfs4_client *clp; 5251 __be32 status; 5252 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5253 5254 trace_nfsd_clid_renew(clid); 5255 status = lookup_clientid(clid, cstate, nn, false); 5256 if (status) 5257 goto out; 5258 clp = cstate->clp; 5259 status = nfserr_cb_path_down; 5260 if (!list_empty(&clp->cl_delegations) 5261 && clp->cl_cb_state != NFSD4_CB_UP) 5262 goto out; 5263 status = nfs_ok; 5264 out: 5265 return status; 5266 } 5267 5268 void 5269 nfsd4_end_grace(struct nfsd_net *nn) 5270 { 5271 /* do nothing if grace period already ended */ 5272 if (nn->grace_ended) 5273 return; 5274 5275 trace_nfsd_grace_complete(nn); 5276 nn->grace_ended = true; 5277 /* 5278 * If the server goes down again right now, an NFSv4 5279 * client will still be allowed to reclaim after it comes back up, 5280 * even if it hasn't yet had a chance to reclaim state this time. 5281 * 5282 */ 5283 nfsd4_record_grace_done(nn); 5284 /* 5285 * At this point, NFSv4 clients can still reclaim. But if the 5286 * server crashes, any that have not yet reclaimed will be out 5287 * of luck on the next boot. 5288 * 5289 * (NFSv4.1+ clients are considered to have reclaimed once they 5290 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 5291 * have reclaimed after their first OPEN.) 5292 */ 5293 locks_end_grace(&nn->nfsd4_manager); 5294 /* 5295 * At this point, and once lockd and/or any other containers 5296 * exit their grace period, further reclaims will fail and 5297 * regular locking can resume. 5298 */ 5299 } 5300 5301 /* 5302 * If we've waited a lease period but there are still clients trying to 5303 * reclaim, wait a little longer to give them a chance to finish. 5304 */ 5305 static bool clients_still_reclaiming(struct nfsd_net *nn) 5306 { 5307 time64_t double_grace_period_end = nn->boot_time + 5308 2 * nn->nfsd4_lease; 5309 5310 if (nn->track_reclaim_completes && 5311 atomic_read(&nn->nr_reclaim_complete) == 5312 nn->reclaim_str_hashtbl_size) 5313 return false; 5314 if (!nn->somebody_reclaimed) 5315 return false; 5316 nn->somebody_reclaimed = false; 5317 /* 5318 * If we've given them *two* lease times to reclaim, and they're 5319 * still not done, give up: 5320 */ 5321 if (ktime_get_boottime_seconds() > double_grace_period_end) 5322 return false; 5323 return true; 5324 } 5325 5326 static time64_t 5327 nfs4_laundromat(struct nfsd_net *nn) 5328 { 5329 struct nfs4_client *clp; 5330 struct nfs4_openowner *oo; 5331 struct nfs4_delegation *dp; 5332 struct nfs4_ol_stateid *stp; 5333 struct nfsd4_blocked_lock *nbl; 5334 struct list_head *pos, *next, reaplist; 5335 time64_t cutoff = ktime_get_boottime_seconds() - nn->nfsd4_lease; 5336 time64_t t, new_timeo = nn->nfsd4_lease; 5337 struct nfs4_cpntf_state *cps; 5338 copy_stateid_t *cps_t; 5339 int i; 5340 5341 if (clients_still_reclaiming(nn)) { 5342 new_timeo = 0; 5343 goto out; 5344 } 5345 nfsd4_end_grace(nn); 5346 INIT_LIST_HEAD(&reaplist); 5347 5348 spin_lock(&nn->s2s_cp_lock); 5349 idr_for_each_entry(&nn->s2s_cp_stateids, cps_t, i) { 5350 cps = container_of(cps_t, struct nfs4_cpntf_state, cp_stateid); 5351 if (cps->cp_stateid.sc_type == NFS4_COPYNOTIFY_STID && 5352 cps->cpntf_time > cutoff) 5353 _free_cpntf_state_locked(nn, cps); 5354 } 5355 spin_unlock(&nn->s2s_cp_lock); 5356 5357 spin_lock(&nn->client_lock); 5358 list_for_each_safe(pos, next, &nn->client_lru) { 5359 clp = list_entry(pos, struct nfs4_client, cl_lru); 5360 if (clp->cl_time > cutoff) { 5361 t = clp->cl_time - cutoff; 5362 new_timeo = min(new_timeo, t); 5363 break; 5364 } 5365 if (mark_client_expired_locked(clp)) { 5366 trace_nfsd_clid_expired(&clp->cl_clientid); 5367 continue; 5368 } 5369 list_add(&clp->cl_lru, &reaplist); 5370 } 5371 spin_unlock(&nn->client_lock); 5372 list_for_each_safe(pos, next, &reaplist) { 5373 clp = list_entry(pos, struct nfs4_client, cl_lru); 5374 trace_nfsd_clid_purged(&clp->cl_clientid); 5375 list_del_init(&clp->cl_lru); 5376 expire_client(clp); 5377 } 5378 spin_lock(&state_lock); 5379 list_for_each_safe(pos, next, &nn->del_recall_lru) { 5380 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 5381 if (dp->dl_time > cutoff) { 5382 t = dp->dl_time - cutoff; 5383 new_timeo = min(new_timeo, t); 5384 break; 5385 } 5386 WARN_ON(!unhash_delegation_locked(dp)); 5387 list_add(&dp->dl_recall_lru, &reaplist); 5388 } 5389 spin_unlock(&state_lock); 5390 while (!list_empty(&reaplist)) { 5391 dp = list_first_entry(&reaplist, struct nfs4_delegation, 5392 dl_recall_lru); 5393 list_del_init(&dp->dl_recall_lru); 5394 revoke_delegation(dp); 5395 } 5396 5397 spin_lock(&nn->client_lock); 5398 while (!list_empty(&nn->close_lru)) { 5399 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 5400 oo_close_lru); 5401 if (oo->oo_time > cutoff) { 5402 t = oo->oo_time - cutoff; 5403 new_timeo = min(new_timeo, t); 5404 break; 5405 } 5406 list_del_init(&oo->oo_close_lru); 5407 stp = oo->oo_last_closed_stid; 5408 oo->oo_last_closed_stid = NULL; 5409 spin_unlock(&nn->client_lock); 5410 nfs4_put_stid(&stp->st_stid); 5411 spin_lock(&nn->client_lock); 5412 } 5413 spin_unlock(&nn->client_lock); 5414 5415 /* 5416 * It's possible for a client to try and acquire an already held lock 5417 * that is being held for a long time, and then lose interest in it. 5418 * So, we clean out any un-revisited request after a lease period 5419 * under the assumption that the client is no longer interested. 5420 * 5421 * RFC5661, sec. 9.6 states that the client must not rely on getting 5422 * notifications and must continue to poll for locks, even when the 5423 * server supports them. Thus this shouldn't lead to clients blocking 5424 * indefinitely once the lock does become free. 5425 */ 5426 BUG_ON(!list_empty(&reaplist)); 5427 spin_lock(&nn->blocked_locks_lock); 5428 while (!list_empty(&nn->blocked_locks_lru)) { 5429 nbl = list_first_entry(&nn->blocked_locks_lru, 5430 struct nfsd4_blocked_lock, nbl_lru); 5431 if (nbl->nbl_time > cutoff) { 5432 t = nbl->nbl_time - cutoff; 5433 new_timeo = min(new_timeo, t); 5434 break; 5435 } 5436 list_move(&nbl->nbl_lru, &reaplist); 5437 list_del_init(&nbl->nbl_list); 5438 } 5439 spin_unlock(&nn->blocked_locks_lock); 5440 5441 while (!list_empty(&reaplist)) { 5442 nbl = list_first_entry(&reaplist, 5443 struct nfsd4_blocked_lock, nbl_lru); 5444 list_del_init(&nbl->nbl_lru); 5445 free_blocked_lock(nbl); 5446 } 5447 out: 5448 new_timeo = max_t(time64_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 5449 return new_timeo; 5450 } 5451 5452 static struct workqueue_struct *laundry_wq; 5453 static void laundromat_main(struct work_struct *); 5454 5455 static void 5456 laundromat_main(struct work_struct *laundry) 5457 { 5458 time64_t t; 5459 struct delayed_work *dwork = to_delayed_work(laundry); 5460 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 5461 laundromat_work); 5462 5463 t = nfs4_laundromat(nn); 5464 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 5465 } 5466 5467 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 5468 { 5469 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 5470 return nfserr_bad_stateid; 5471 return nfs_ok; 5472 } 5473 5474 static inline int 5475 access_permit_read(struct nfs4_ol_stateid *stp) 5476 { 5477 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 5478 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 5479 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 5480 } 5481 5482 static inline int 5483 access_permit_write(struct nfs4_ol_stateid *stp) 5484 { 5485 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 5486 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 5487 } 5488 5489 static 5490 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 5491 { 5492 __be32 status = nfserr_openmode; 5493 5494 /* For lock stateid's, we test the parent open, not the lock: */ 5495 if (stp->st_openstp) 5496 stp = stp->st_openstp; 5497 if ((flags & WR_STATE) && !access_permit_write(stp)) 5498 goto out; 5499 if ((flags & RD_STATE) && !access_permit_read(stp)) 5500 goto out; 5501 status = nfs_ok; 5502 out: 5503 return status; 5504 } 5505 5506 static inline __be32 5507 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 5508 { 5509 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 5510 return nfs_ok; 5511 else if (opens_in_grace(net)) { 5512 /* Answer in remaining cases depends on existence of 5513 * conflicting state; so we must wait out the grace period. */ 5514 return nfserr_grace; 5515 } else if (flags & WR_STATE) 5516 return nfs4_share_conflict(current_fh, 5517 NFS4_SHARE_DENY_WRITE); 5518 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 5519 return nfs4_share_conflict(current_fh, 5520 NFS4_SHARE_DENY_READ); 5521 } 5522 5523 /* 5524 * Allow READ/WRITE during grace period on recovered state only for files 5525 * that are not able to provide mandatory locking. 5526 */ 5527 static inline int 5528 grace_disallows_io(struct net *net, struct inode *inode) 5529 { 5530 return opens_in_grace(net) && mandatory_lock(inode); 5531 } 5532 5533 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 5534 { 5535 /* 5536 * When sessions are used the stateid generation number is ignored 5537 * when it is zero. 5538 */ 5539 if (has_session && in->si_generation == 0) 5540 return nfs_ok; 5541 5542 if (in->si_generation == ref->si_generation) 5543 return nfs_ok; 5544 5545 /* If the client sends us a stateid from the future, it's buggy: */ 5546 if (nfsd4_stateid_generation_after(in, ref)) 5547 return nfserr_bad_stateid; 5548 /* 5549 * However, we could see a stateid from the past, even from a 5550 * non-buggy client. For example, if the client sends a lock 5551 * while some IO is outstanding, the lock may bump si_generation 5552 * while the IO is still in flight. The client could avoid that 5553 * situation by waiting for responses on all the IO requests, 5554 * but better performance may result in retrying IO that 5555 * receives an old_stateid error if requests are rarely 5556 * reordered in flight: 5557 */ 5558 return nfserr_old_stateid; 5559 } 5560 5561 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 5562 { 5563 __be32 ret; 5564 5565 spin_lock(&s->sc_lock); 5566 ret = nfsd4_verify_open_stid(s); 5567 if (ret == nfs_ok) 5568 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 5569 spin_unlock(&s->sc_lock); 5570 return ret; 5571 } 5572 5573 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 5574 { 5575 if (ols->st_stateowner->so_is_open_owner && 5576 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 5577 return nfserr_bad_stateid; 5578 return nfs_ok; 5579 } 5580 5581 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 5582 { 5583 struct nfs4_stid *s; 5584 __be32 status = nfserr_bad_stateid; 5585 5586 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5587 CLOSE_STATEID(stateid)) 5588 return status; 5589 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) 5590 return status; 5591 spin_lock(&cl->cl_lock); 5592 s = find_stateid_locked(cl, stateid); 5593 if (!s) 5594 goto out_unlock; 5595 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 5596 if (status) 5597 goto out_unlock; 5598 switch (s->sc_type) { 5599 case NFS4_DELEG_STID: 5600 status = nfs_ok; 5601 break; 5602 case NFS4_REVOKED_DELEG_STID: 5603 status = nfserr_deleg_revoked; 5604 break; 5605 case NFS4_OPEN_STID: 5606 case NFS4_LOCK_STID: 5607 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 5608 break; 5609 default: 5610 printk("unknown stateid type %x\n", s->sc_type); 5611 /* Fallthrough */ 5612 case NFS4_CLOSED_STID: 5613 case NFS4_CLOSED_DELEG_STID: 5614 status = nfserr_bad_stateid; 5615 } 5616 out_unlock: 5617 spin_unlock(&cl->cl_lock); 5618 return status; 5619 } 5620 5621 __be32 5622 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 5623 stateid_t *stateid, unsigned char typemask, 5624 struct nfs4_stid **s, struct nfsd_net *nn) 5625 { 5626 __be32 status; 5627 bool return_revoked = false; 5628 5629 /* 5630 * only return revoked delegations if explicitly asked. 5631 * otherwise we report revoked or bad_stateid status. 5632 */ 5633 if (typemask & NFS4_REVOKED_DELEG_STID) 5634 return_revoked = true; 5635 else if (typemask & NFS4_DELEG_STID) 5636 typemask |= NFS4_REVOKED_DELEG_STID; 5637 5638 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5639 CLOSE_STATEID(stateid)) 5640 return nfserr_bad_stateid; 5641 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn, 5642 false); 5643 if (status == nfserr_stale_clientid) { 5644 if (cstate->session) 5645 return nfserr_bad_stateid; 5646 return nfserr_stale_stateid; 5647 } 5648 if (status) 5649 return status; 5650 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 5651 if (!*s) 5652 return nfserr_bad_stateid; 5653 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 5654 nfs4_put_stid(*s); 5655 if (cstate->minorversion) 5656 return nfserr_deleg_revoked; 5657 return nfserr_bad_stateid; 5658 } 5659 return nfs_ok; 5660 } 5661 5662 static struct nfsd_file * 5663 nfs4_find_file(struct nfs4_stid *s, int flags) 5664 { 5665 if (!s) 5666 return NULL; 5667 5668 switch (s->sc_type) { 5669 case NFS4_DELEG_STID: 5670 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 5671 return NULL; 5672 return nfsd_file_get(s->sc_file->fi_deleg_file); 5673 case NFS4_OPEN_STID: 5674 case NFS4_LOCK_STID: 5675 if (flags & RD_STATE) 5676 return find_readable_file(s->sc_file); 5677 else 5678 return find_writeable_file(s->sc_file); 5679 break; 5680 } 5681 5682 return NULL; 5683 } 5684 5685 static __be32 5686 nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags) 5687 { 5688 __be32 status; 5689 5690 status = nfsd4_check_openowner_confirmed(ols); 5691 if (status) 5692 return status; 5693 return nfs4_check_openmode(ols, flags); 5694 } 5695 5696 static __be32 5697 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 5698 struct nfsd_file **nfp, int flags) 5699 { 5700 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 5701 struct nfsd_file *nf; 5702 __be32 status; 5703 5704 nf = nfs4_find_file(s, flags); 5705 if (nf) { 5706 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 5707 acc | NFSD_MAY_OWNER_OVERRIDE); 5708 if (status) { 5709 nfsd_file_put(nf); 5710 goto out; 5711 } 5712 } else { 5713 status = nfsd_file_acquire(rqstp, fhp, acc, &nf); 5714 if (status) 5715 return status; 5716 } 5717 *nfp = nf; 5718 out: 5719 return status; 5720 } 5721 static void 5722 _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 5723 { 5724 WARN_ON_ONCE(cps->cp_stateid.sc_type != NFS4_COPYNOTIFY_STID); 5725 if (!refcount_dec_and_test(&cps->cp_stateid.sc_count)) 5726 return; 5727 list_del(&cps->cp_list); 5728 idr_remove(&nn->s2s_cp_stateids, 5729 cps->cp_stateid.stid.si_opaque.so_id); 5730 kfree(cps); 5731 } 5732 /* 5733 * A READ from an inter server to server COPY will have a 5734 * copy stateid. Look up the copy notify stateid from the 5735 * idr structure and take a reference on it. 5736 */ 5737 __be32 manage_cpntf_state(struct nfsd_net *nn, stateid_t *st, 5738 struct nfs4_client *clp, 5739 struct nfs4_cpntf_state **cps) 5740 { 5741 copy_stateid_t *cps_t; 5742 struct nfs4_cpntf_state *state = NULL; 5743 5744 if (st->si_opaque.so_clid.cl_id != nn->s2s_cp_cl_id) 5745 return nfserr_bad_stateid; 5746 spin_lock(&nn->s2s_cp_lock); 5747 cps_t = idr_find(&nn->s2s_cp_stateids, st->si_opaque.so_id); 5748 if (cps_t) { 5749 state = container_of(cps_t, struct nfs4_cpntf_state, 5750 cp_stateid); 5751 if (state->cp_stateid.sc_type != NFS4_COPYNOTIFY_STID) { 5752 state = NULL; 5753 goto unlock; 5754 } 5755 if (!clp) 5756 refcount_inc(&state->cp_stateid.sc_count); 5757 else 5758 _free_cpntf_state_locked(nn, state); 5759 } 5760 unlock: 5761 spin_unlock(&nn->s2s_cp_lock); 5762 if (!state) 5763 return nfserr_bad_stateid; 5764 if (!clp && state) 5765 *cps = state; 5766 return 0; 5767 } 5768 5769 static __be32 find_cpntf_state(struct nfsd_net *nn, stateid_t *st, 5770 struct nfs4_stid **stid) 5771 { 5772 __be32 status; 5773 struct nfs4_cpntf_state *cps = NULL; 5774 struct nfsd4_compound_state cstate; 5775 5776 status = manage_cpntf_state(nn, st, NULL, &cps); 5777 if (status) 5778 return status; 5779 5780 cps->cpntf_time = ktime_get_boottime_seconds(); 5781 memset(&cstate, 0, sizeof(cstate)); 5782 status = lookup_clientid(&cps->cp_p_clid, &cstate, nn, true); 5783 if (status) 5784 goto out; 5785 status = nfsd4_lookup_stateid(&cstate, &cps->cp_p_stateid, 5786 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5787 stid, nn); 5788 put_client_renew(cstate.clp); 5789 out: 5790 nfs4_put_cpntf_state(nn, cps); 5791 return status; 5792 } 5793 5794 void nfs4_put_cpntf_state(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 5795 { 5796 spin_lock(&nn->s2s_cp_lock); 5797 _free_cpntf_state_locked(nn, cps); 5798 spin_unlock(&nn->s2s_cp_lock); 5799 } 5800 5801 /* 5802 * Checks for stateid operations 5803 */ 5804 __be32 5805 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5806 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5807 stateid_t *stateid, int flags, struct nfsd_file **nfp, 5808 struct nfs4_stid **cstid) 5809 { 5810 struct inode *ino = d_inode(fhp->fh_dentry); 5811 struct net *net = SVC_NET(rqstp); 5812 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5813 struct nfs4_stid *s = NULL; 5814 __be32 status; 5815 5816 if (nfp) 5817 *nfp = NULL; 5818 5819 if (grace_disallows_io(net, ino)) 5820 return nfserr_grace; 5821 5822 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5823 status = check_special_stateids(net, fhp, stateid, flags); 5824 goto done; 5825 } 5826 5827 status = nfsd4_lookup_stateid(cstate, stateid, 5828 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5829 &s, nn); 5830 if (status == nfserr_bad_stateid) 5831 status = find_cpntf_state(nn, stateid, &s); 5832 if (status) 5833 return status; 5834 status = nfsd4_stid_check_stateid_generation(stateid, s, 5835 nfsd4_has_session(cstate)); 5836 if (status) 5837 goto out; 5838 5839 switch (s->sc_type) { 5840 case NFS4_DELEG_STID: 5841 status = nfs4_check_delegmode(delegstateid(s), flags); 5842 break; 5843 case NFS4_OPEN_STID: 5844 case NFS4_LOCK_STID: 5845 status = nfs4_check_olstateid(openlockstateid(s), flags); 5846 break; 5847 default: 5848 status = nfserr_bad_stateid; 5849 break; 5850 } 5851 if (status) 5852 goto out; 5853 status = nfs4_check_fh(fhp, s); 5854 5855 done: 5856 if (status == nfs_ok && nfp) 5857 status = nfs4_check_file(rqstp, fhp, s, nfp, flags); 5858 out: 5859 if (s) { 5860 if (!status && cstid) 5861 *cstid = s; 5862 else 5863 nfs4_put_stid(s); 5864 } 5865 return status; 5866 } 5867 5868 /* 5869 * Test if the stateid is valid 5870 */ 5871 __be32 5872 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5873 union nfsd4_op_u *u) 5874 { 5875 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5876 struct nfsd4_test_stateid_id *stateid; 5877 struct nfs4_client *cl = cstate->session->se_client; 5878 5879 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5880 stateid->ts_id_status = 5881 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5882 5883 return nfs_ok; 5884 } 5885 5886 static __be32 5887 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5888 { 5889 struct nfs4_ol_stateid *stp = openlockstateid(s); 5890 __be32 ret; 5891 5892 ret = nfsd4_lock_ol_stateid(stp); 5893 if (ret) 5894 goto out_put_stid; 5895 5896 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5897 if (ret) 5898 goto out; 5899 5900 ret = nfserr_locks_held; 5901 if (check_for_locks(stp->st_stid.sc_file, 5902 lockowner(stp->st_stateowner))) 5903 goto out; 5904 5905 release_lock_stateid(stp); 5906 ret = nfs_ok; 5907 5908 out: 5909 mutex_unlock(&stp->st_mutex); 5910 out_put_stid: 5911 nfs4_put_stid(s); 5912 return ret; 5913 } 5914 5915 __be32 5916 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5917 union nfsd4_op_u *u) 5918 { 5919 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5920 stateid_t *stateid = &free_stateid->fr_stateid; 5921 struct nfs4_stid *s; 5922 struct nfs4_delegation *dp; 5923 struct nfs4_client *cl = cstate->session->se_client; 5924 __be32 ret = nfserr_bad_stateid; 5925 5926 spin_lock(&cl->cl_lock); 5927 s = find_stateid_locked(cl, stateid); 5928 if (!s) 5929 goto out_unlock; 5930 spin_lock(&s->sc_lock); 5931 switch (s->sc_type) { 5932 case NFS4_DELEG_STID: 5933 ret = nfserr_locks_held; 5934 break; 5935 case NFS4_OPEN_STID: 5936 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5937 if (ret) 5938 break; 5939 ret = nfserr_locks_held; 5940 break; 5941 case NFS4_LOCK_STID: 5942 spin_unlock(&s->sc_lock); 5943 refcount_inc(&s->sc_count); 5944 spin_unlock(&cl->cl_lock); 5945 ret = nfsd4_free_lock_stateid(stateid, s); 5946 goto out; 5947 case NFS4_REVOKED_DELEG_STID: 5948 spin_unlock(&s->sc_lock); 5949 dp = delegstateid(s); 5950 list_del_init(&dp->dl_recall_lru); 5951 spin_unlock(&cl->cl_lock); 5952 nfs4_put_stid(s); 5953 ret = nfs_ok; 5954 goto out; 5955 /* Default falls through and returns nfserr_bad_stateid */ 5956 } 5957 spin_unlock(&s->sc_lock); 5958 out_unlock: 5959 spin_unlock(&cl->cl_lock); 5960 out: 5961 return ret; 5962 } 5963 5964 static inline int 5965 setlkflg (int type) 5966 { 5967 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5968 RD_STATE : WR_STATE; 5969 } 5970 5971 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5972 { 5973 struct svc_fh *current_fh = &cstate->current_fh; 5974 struct nfs4_stateowner *sop = stp->st_stateowner; 5975 __be32 status; 5976 5977 status = nfsd4_check_seqid(cstate, sop, seqid); 5978 if (status) 5979 return status; 5980 status = nfsd4_lock_ol_stateid(stp); 5981 if (status != nfs_ok) 5982 return status; 5983 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5984 if (status == nfs_ok) 5985 status = nfs4_check_fh(current_fh, &stp->st_stid); 5986 if (status != nfs_ok) 5987 mutex_unlock(&stp->st_mutex); 5988 return status; 5989 } 5990 5991 /* 5992 * Checks for sequence id mutating operations. 5993 */ 5994 static __be32 5995 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5996 stateid_t *stateid, char typemask, 5997 struct nfs4_ol_stateid **stpp, 5998 struct nfsd_net *nn) 5999 { 6000 __be32 status; 6001 struct nfs4_stid *s; 6002 struct nfs4_ol_stateid *stp = NULL; 6003 6004 trace_nfsd_preprocess(seqid, stateid); 6005 6006 *stpp = NULL; 6007 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 6008 if (status) 6009 return status; 6010 stp = openlockstateid(s); 6011 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 6012 6013 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 6014 if (!status) 6015 *stpp = stp; 6016 else 6017 nfs4_put_stid(&stp->st_stid); 6018 return status; 6019 } 6020 6021 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 6022 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 6023 { 6024 __be32 status; 6025 struct nfs4_openowner *oo; 6026 struct nfs4_ol_stateid *stp; 6027 6028 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 6029 NFS4_OPEN_STID, &stp, nn); 6030 if (status) 6031 return status; 6032 oo = openowner(stp->st_stateowner); 6033 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 6034 mutex_unlock(&stp->st_mutex); 6035 nfs4_put_stid(&stp->st_stid); 6036 return nfserr_bad_stateid; 6037 } 6038 *stpp = stp; 6039 return nfs_ok; 6040 } 6041 6042 __be32 6043 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6044 union nfsd4_op_u *u) 6045 { 6046 struct nfsd4_open_confirm *oc = &u->open_confirm; 6047 __be32 status; 6048 struct nfs4_openowner *oo; 6049 struct nfs4_ol_stateid *stp; 6050 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6051 6052 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 6053 cstate->current_fh.fh_dentry); 6054 6055 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 6056 if (status) 6057 return status; 6058 6059 status = nfs4_preprocess_seqid_op(cstate, 6060 oc->oc_seqid, &oc->oc_req_stateid, 6061 NFS4_OPEN_STID, &stp, nn); 6062 if (status) 6063 goto out; 6064 oo = openowner(stp->st_stateowner); 6065 status = nfserr_bad_stateid; 6066 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 6067 mutex_unlock(&stp->st_mutex); 6068 goto put_stateid; 6069 } 6070 oo->oo_flags |= NFS4_OO_CONFIRMED; 6071 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 6072 mutex_unlock(&stp->st_mutex); 6073 trace_nfsd_open_confirm(oc->oc_seqid, &stp->st_stid.sc_stateid); 6074 nfsd4_client_record_create(oo->oo_owner.so_client); 6075 status = nfs_ok; 6076 put_stateid: 6077 nfs4_put_stid(&stp->st_stid); 6078 out: 6079 nfsd4_bump_seqid(cstate, status); 6080 return status; 6081 } 6082 6083 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 6084 { 6085 if (!test_access(access, stp)) 6086 return; 6087 nfs4_file_put_access(stp->st_stid.sc_file, access); 6088 clear_access(access, stp); 6089 } 6090 6091 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 6092 { 6093 switch (to_access) { 6094 case NFS4_SHARE_ACCESS_READ: 6095 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 6096 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 6097 break; 6098 case NFS4_SHARE_ACCESS_WRITE: 6099 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 6100 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 6101 break; 6102 case NFS4_SHARE_ACCESS_BOTH: 6103 break; 6104 default: 6105 WARN_ON_ONCE(1); 6106 } 6107 } 6108 6109 __be32 6110 nfsd4_open_downgrade(struct svc_rqst *rqstp, 6111 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 6112 { 6113 struct nfsd4_open_downgrade *od = &u->open_downgrade; 6114 __be32 status; 6115 struct nfs4_ol_stateid *stp; 6116 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6117 6118 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 6119 cstate->current_fh.fh_dentry); 6120 6121 /* We don't yet support WANT bits: */ 6122 if (od->od_deleg_want) 6123 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 6124 od->od_deleg_want); 6125 6126 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 6127 &od->od_stateid, &stp, nn); 6128 if (status) 6129 goto out; 6130 status = nfserr_inval; 6131 if (!test_access(od->od_share_access, stp)) { 6132 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 6133 stp->st_access_bmap, od->od_share_access); 6134 goto put_stateid; 6135 } 6136 if (!test_deny(od->od_share_deny, stp)) { 6137 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 6138 stp->st_deny_bmap, od->od_share_deny); 6139 goto put_stateid; 6140 } 6141 nfs4_stateid_downgrade(stp, od->od_share_access); 6142 reset_union_bmap_deny(od->od_share_deny, stp); 6143 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 6144 status = nfs_ok; 6145 put_stateid: 6146 mutex_unlock(&stp->st_mutex); 6147 nfs4_put_stid(&stp->st_stid); 6148 out: 6149 nfsd4_bump_seqid(cstate, status); 6150 return status; 6151 } 6152 6153 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 6154 { 6155 struct nfs4_client *clp = s->st_stid.sc_client; 6156 bool unhashed; 6157 LIST_HEAD(reaplist); 6158 6159 spin_lock(&clp->cl_lock); 6160 unhashed = unhash_open_stateid(s, &reaplist); 6161 6162 if (clp->cl_minorversion) { 6163 if (unhashed) 6164 put_ol_stateid_locked(s, &reaplist); 6165 spin_unlock(&clp->cl_lock); 6166 free_ol_stateid_reaplist(&reaplist); 6167 } else { 6168 spin_unlock(&clp->cl_lock); 6169 free_ol_stateid_reaplist(&reaplist); 6170 if (unhashed) 6171 move_to_close_lru(s, clp->net); 6172 } 6173 } 6174 6175 /* 6176 * nfs4_unlock_state() called after encode 6177 */ 6178 __be32 6179 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6180 union nfsd4_op_u *u) 6181 { 6182 struct nfsd4_close *close = &u->close; 6183 __be32 status; 6184 struct nfs4_ol_stateid *stp; 6185 struct net *net = SVC_NET(rqstp); 6186 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6187 6188 dprintk("NFSD: nfsd4_close on file %pd\n", 6189 cstate->current_fh.fh_dentry); 6190 6191 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 6192 &close->cl_stateid, 6193 NFS4_OPEN_STID|NFS4_CLOSED_STID, 6194 &stp, nn); 6195 nfsd4_bump_seqid(cstate, status); 6196 if (status) 6197 goto out; 6198 6199 stp->st_stid.sc_type = NFS4_CLOSED_STID; 6200 6201 /* 6202 * Technically we don't _really_ have to increment or copy it, since 6203 * it should just be gone after this operation and we clobber the 6204 * copied value below, but we continue to do so here just to ensure 6205 * that racing ops see that there was a state change. 6206 */ 6207 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 6208 6209 nfsd4_close_open_stateid(stp); 6210 mutex_unlock(&stp->st_mutex); 6211 6212 /* v4.1+ suggests that we send a special stateid in here, since the 6213 * clients should just ignore this anyway. Since this is not useful 6214 * for v4.0 clients either, we set it to the special close_stateid 6215 * universally. 6216 * 6217 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 6218 */ 6219 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 6220 6221 /* put reference from nfs4_preprocess_seqid_op */ 6222 nfs4_put_stid(&stp->st_stid); 6223 out: 6224 return status; 6225 } 6226 6227 __be32 6228 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6229 union nfsd4_op_u *u) 6230 { 6231 struct nfsd4_delegreturn *dr = &u->delegreturn; 6232 struct nfs4_delegation *dp; 6233 stateid_t *stateid = &dr->dr_stateid; 6234 struct nfs4_stid *s; 6235 __be32 status; 6236 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6237 6238 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6239 return status; 6240 6241 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 6242 if (status) 6243 goto out; 6244 dp = delegstateid(s); 6245 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 6246 if (status) 6247 goto put_stateid; 6248 6249 destroy_delegation(dp); 6250 put_stateid: 6251 nfs4_put_stid(&dp->dl_stid); 6252 out: 6253 return status; 6254 } 6255 6256 static inline u64 6257 end_offset(u64 start, u64 len) 6258 { 6259 u64 end; 6260 6261 end = start + len; 6262 return end >= start ? end: NFS4_MAX_UINT64; 6263 } 6264 6265 /* last octet in a range */ 6266 static inline u64 6267 last_byte_offset(u64 start, u64 len) 6268 { 6269 u64 end; 6270 6271 WARN_ON_ONCE(!len); 6272 end = start + len; 6273 return end > start ? end - 1: NFS4_MAX_UINT64; 6274 } 6275 6276 /* 6277 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 6278 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 6279 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 6280 * locking, this prevents us from being completely protocol-compliant. The 6281 * real solution to this problem is to start using unsigned file offsets in 6282 * the VFS, but this is a very deep change! 6283 */ 6284 static inline void 6285 nfs4_transform_lock_offset(struct file_lock *lock) 6286 { 6287 if (lock->fl_start < 0) 6288 lock->fl_start = OFFSET_MAX; 6289 if (lock->fl_end < 0) 6290 lock->fl_end = OFFSET_MAX; 6291 } 6292 6293 static fl_owner_t 6294 nfsd4_fl_get_owner(fl_owner_t owner) 6295 { 6296 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 6297 6298 nfs4_get_stateowner(&lo->lo_owner); 6299 return owner; 6300 } 6301 6302 static void 6303 nfsd4_fl_put_owner(fl_owner_t owner) 6304 { 6305 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 6306 6307 if (lo) 6308 nfs4_put_stateowner(&lo->lo_owner); 6309 } 6310 6311 static void 6312 nfsd4_lm_notify(struct file_lock *fl) 6313 { 6314 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 6315 struct net *net = lo->lo_owner.so_client->net; 6316 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6317 struct nfsd4_blocked_lock *nbl = container_of(fl, 6318 struct nfsd4_blocked_lock, nbl_lock); 6319 bool queue = false; 6320 6321 /* An empty list means that something else is going to be using it */ 6322 spin_lock(&nn->blocked_locks_lock); 6323 if (!list_empty(&nbl->nbl_list)) { 6324 list_del_init(&nbl->nbl_list); 6325 list_del_init(&nbl->nbl_lru); 6326 queue = true; 6327 } 6328 spin_unlock(&nn->blocked_locks_lock); 6329 6330 if (queue) 6331 nfsd4_run_cb(&nbl->nbl_cb); 6332 } 6333 6334 static const struct lock_manager_operations nfsd_posix_mng_ops = { 6335 .lm_notify = nfsd4_lm_notify, 6336 .lm_get_owner = nfsd4_fl_get_owner, 6337 .lm_put_owner = nfsd4_fl_put_owner, 6338 }; 6339 6340 static inline void 6341 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 6342 { 6343 struct nfs4_lockowner *lo; 6344 6345 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 6346 lo = (struct nfs4_lockowner *) fl->fl_owner; 6347 xdr_netobj_dup(&deny->ld_owner, &lo->lo_owner.so_owner, 6348 GFP_KERNEL); 6349 if (!deny->ld_owner.data) 6350 /* We just don't care that much */ 6351 goto nevermind; 6352 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 6353 } else { 6354 nevermind: 6355 deny->ld_owner.len = 0; 6356 deny->ld_owner.data = NULL; 6357 deny->ld_clientid.cl_boot = 0; 6358 deny->ld_clientid.cl_id = 0; 6359 } 6360 deny->ld_start = fl->fl_start; 6361 deny->ld_length = NFS4_MAX_UINT64; 6362 if (fl->fl_end != NFS4_MAX_UINT64) 6363 deny->ld_length = fl->fl_end - fl->fl_start + 1; 6364 deny->ld_type = NFS4_READ_LT; 6365 if (fl->fl_type != F_RDLCK) 6366 deny->ld_type = NFS4_WRITE_LT; 6367 } 6368 6369 static struct nfs4_lockowner * 6370 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 6371 { 6372 unsigned int strhashval = ownerstr_hashval(owner); 6373 struct nfs4_stateowner *so; 6374 6375 lockdep_assert_held(&clp->cl_lock); 6376 6377 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 6378 so_strhash) { 6379 if (so->so_is_open_owner) 6380 continue; 6381 if (same_owner_str(so, owner)) 6382 return lockowner(nfs4_get_stateowner(so)); 6383 } 6384 return NULL; 6385 } 6386 6387 static struct nfs4_lockowner * 6388 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 6389 { 6390 struct nfs4_lockowner *lo; 6391 6392 spin_lock(&clp->cl_lock); 6393 lo = find_lockowner_str_locked(clp, owner); 6394 spin_unlock(&clp->cl_lock); 6395 return lo; 6396 } 6397 6398 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 6399 { 6400 unhash_lockowner_locked(lockowner(sop)); 6401 } 6402 6403 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 6404 { 6405 struct nfs4_lockowner *lo = lockowner(sop); 6406 6407 kmem_cache_free(lockowner_slab, lo); 6408 } 6409 6410 static const struct nfs4_stateowner_operations lockowner_ops = { 6411 .so_unhash = nfs4_unhash_lockowner, 6412 .so_free = nfs4_free_lockowner, 6413 }; 6414 6415 /* 6416 * Alloc a lock owner structure. 6417 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 6418 * occurred. 6419 * 6420 * strhashval = ownerstr_hashval 6421 */ 6422 static struct nfs4_lockowner * 6423 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 6424 struct nfs4_ol_stateid *open_stp, 6425 struct nfsd4_lock *lock) 6426 { 6427 struct nfs4_lockowner *lo, *ret; 6428 6429 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 6430 if (!lo) 6431 return NULL; 6432 INIT_LIST_HEAD(&lo->lo_blocked); 6433 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 6434 lo->lo_owner.so_is_open_owner = 0; 6435 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 6436 lo->lo_owner.so_ops = &lockowner_ops; 6437 spin_lock(&clp->cl_lock); 6438 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 6439 if (ret == NULL) { 6440 list_add(&lo->lo_owner.so_strhash, 6441 &clp->cl_ownerstr_hashtbl[strhashval]); 6442 ret = lo; 6443 } else 6444 nfs4_free_stateowner(&lo->lo_owner); 6445 6446 spin_unlock(&clp->cl_lock); 6447 return ret; 6448 } 6449 6450 static struct nfs4_ol_stateid * 6451 find_lock_stateid(const struct nfs4_lockowner *lo, 6452 const struct nfs4_ol_stateid *ost) 6453 { 6454 struct nfs4_ol_stateid *lst; 6455 6456 lockdep_assert_held(&ost->st_stid.sc_client->cl_lock); 6457 6458 /* If ost is not hashed, ost->st_locks will not be valid */ 6459 if (!nfs4_ol_stateid_unhashed(ost)) 6460 list_for_each_entry(lst, &ost->st_locks, st_locks) { 6461 if (lst->st_stateowner == &lo->lo_owner) { 6462 refcount_inc(&lst->st_stid.sc_count); 6463 return lst; 6464 } 6465 } 6466 return NULL; 6467 } 6468 6469 static struct nfs4_ol_stateid * 6470 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 6471 struct nfs4_file *fp, struct inode *inode, 6472 struct nfs4_ol_stateid *open_stp) 6473 { 6474 struct nfs4_client *clp = lo->lo_owner.so_client; 6475 struct nfs4_ol_stateid *retstp; 6476 6477 mutex_init(&stp->st_mutex); 6478 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 6479 retry: 6480 spin_lock(&clp->cl_lock); 6481 if (nfs4_ol_stateid_unhashed(open_stp)) 6482 goto out_close; 6483 retstp = find_lock_stateid(lo, open_stp); 6484 if (retstp) 6485 goto out_found; 6486 refcount_inc(&stp->st_stid.sc_count); 6487 stp->st_stid.sc_type = NFS4_LOCK_STID; 6488 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 6489 get_nfs4_file(fp); 6490 stp->st_stid.sc_file = fp; 6491 stp->st_access_bmap = 0; 6492 stp->st_deny_bmap = open_stp->st_deny_bmap; 6493 stp->st_openstp = open_stp; 6494 spin_lock(&fp->fi_lock); 6495 list_add(&stp->st_locks, &open_stp->st_locks); 6496 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 6497 list_add(&stp->st_perfile, &fp->fi_stateids); 6498 spin_unlock(&fp->fi_lock); 6499 spin_unlock(&clp->cl_lock); 6500 return stp; 6501 out_found: 6502 spin_unlock(&clp->cl_lock); 6503 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 6504 nfs4_put_stid(&retstp->st_stid); 6505 goto retry; 6506 } 6507 /* To keep mutex tracking happy */ 6508 mutex_unlock(&stp->st_mutex); 6509 return retstp; 6510 out_close: 6511 spin_unlock(&clp->cl_lock); 6512 mutex_unlock(&stp->st_mutex); 6513 return NULL; 6514 } 6515 6516 static struct nfs4_ol_stateid * 6517 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 6518 struct inode *inode, struct nfs4_ol_stateid *ost, 6519 bool *new) 6520 { 6521 struct nfs4_stid *ns = NULL; 6522 struct nfs4_ol_stateid *lst; 6523 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 6524 struct nfs4_client *clp = oo->oo_owner.so_client; 6525 6526 *new = false; 6527 spin_lock(&clp->cl_lock); 6528 lst = find_lock_stateid(lo, ost); 6529 spin_unlock(&clp->cl_lock); 6530 if (lst != NULL) { 6531 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 6532 goto out; 6533 nfs4_put_stid(&lst->st_stid); 6534 } 6535 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 6536 if (ns == NULL) 6537 return NULL; 6538 6539 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 6540 if (lst == openlockstateid(ns)) 6541 *new = true; 6542 else 6543 nfs4_put_stid(ns); 6544 out: 6545 return lst; 6546 } 6547 6548 static int 6549 check_lock_length(u64 offset, u64 length) 6550 { 6551 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 6552 (length > ~offset))); 6553 } 6554 6555 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 6556 { 6557 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 6558 6559 lockdep_assert_held(&fp->fi_lock); 6560 6561 if (test_access(access, lock_stp)) 6562 return; 6563 __nfs4_file_get_access(fp, access); 6564 set_access(access, lock_stp); 6565 } 6566 6567 static __be32 6568 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 6569 struct nfs4_ol_stateid *ost, 6570 struct nfsd4_lock *lock, 6571 struct nfs4_ol_stateid **plst, bool *new) 6572 { 6573 __be32 status; 6574 struct nfs4_file *fi = ost->st_stid.sc_file; 6575 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 6576 struct nfs4_client *cl = oo->oo_owner.so_client; 6577 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 6578 struct nfs4_lockowner *lo; 6579 struct nfs4_ol_stateid *lst; 6580 unsigned int strhashval; 6581 6582 lo = find_lockowner_str(cl, &lock->lk_new_owner); 6583 if (!lo) { 6584 strhashval = ownerstr_hashval(&lock->lk_new_owner); 6585 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 6586 if (lo == NULL) 6587 return nfserr_jukebox; 6588 } else { 6589 /* with an existing lockowner, seqids must be the same */ 6590 status = nfserr_bad_seqid; 6591 if (!cstate->minorversion && 6592 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 6593 goto out; 6594 } 6595 6596 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 6597 if (lst == NULL) { 6598 status = nfserr_jukebox; 6599 goto out; 6600 } 6601 6602 status = nfs_ok; 6603 *plst = lst; 6604 out: 6605 nfs4_put_stateowner(&lo->lo_owner); 6606 return status; 6607 } 6608 6609 /* 6610 * LOCK operation 6611 */ 6612 __be32 6613 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6614 union nfsd4_op_u *u) 6615 { 6616 struct nfsd4_lock *lock = &u->lock; 6617 struct nfs4_openowner *open_sop = NULL; 6618 struct nfs4_lockowner *lock_sop = NULL; 6619 struct nfs4_ol_stateid *lock_stp = NULL; 6620 struct nfs4_ol_stateid *open_stp = NULL; 6621 struct nfs4_file *fp; 6622 struct nfsd_file *nf = NULL; 6623 struct nfsd4_blocked_lock *nbl = NULL; 6624 struct file_lock *file_lock = NULL; 6625 struct file_lock *conflock = NULL; 6626 __be32 status = 0; 6627 int lkflg; 6628 int err; 6629 bool new = false; 6630 unsigned char fl_type; 6631 unsigned int fl_flags = FL_POSIX; 6632 struct net *net = SVC_NET(rqstp); 6633 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6634 6635 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 6636 (long long) lock->lk_offset, 6637 (long long) lock->lk_length); 6638 6639 if (check_lock_length(lock->lk_offset, lock->lk_length)) 6640 return nfserr_inval; 6641 6642 if ((status = fh_verify(rqstp, &cstate->current_fh, 6643 S_IFREG, NFSD_MAY_LOCK))) { 6644 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 6645 return status; 6646 } 6647 6648 if (lock->lk_is_new) { 6649 if (nfsd4_has_session(cstate)) 6650 /* See rfc 5661 18.10.3: given clientid is ignored: */ 6651 memcpy(&lock->lk_new_clientid, 6652 &cstate->session->se_client->cl_clientid, 6653 sizeof(clientid_t)); 6654 6655 status = nfserr_stale_clientid; 6656 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 6657 goto out; 6658 6659 /* validate and update open stateid and open seqid */ 6660 status = nfs4_preprocess_confirmed_seqid_op(cstate, 6661 lock->lk_new_open_seqid, 6662 &lock->lk_new_open_stateid, 6663 &open_stp, nn); 6664 if (status) 6665 goto out; 6666 mutex_unlock(&open_stp->st_mutex); 6667 open_sop = openowner(open_stp->st_stateowner); 6668 status = nfserr_bad_stateid; 6669 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 6670 &lock->lk_new_clientid)) 6671 goto out; 6672 status = lookup_or_create_lock_state(cstate, open_stp, lock, 6673 &lock_stp, &new); 6674 } else { 6675 status = nfs4_preprocess_seqid_op(cstate, 6676 lock->lk_old_lock_seqid, 6677 &lock->lk_old_lock_stateid, 6678 NFS4_LOCK_STID, &lock_stp, nn); 6679 } 6680 if (status) 6681 goto out; 6682 lock_sop = lockowner(lock_stp->st_stateowner); 6683 6684 lkflg = setlkflg(lock->lk_type); 6685 status = nfs4_check_openmode(lock_stp, lkflg); 6686 if (status) 6687 goto out; 6688 6689 status = nfserr_grace; 6690 if (locks_in_grace(net) && !lock->lk_reclaim) 6691 goto out; 6692 status = nfserr_no_grace; 6693 if (!locks_in_grace(net) && lock->lk_reclaim) 6694 goto out; 6695 6696 fp = lock_stp->st_stid.sc_file; 6697 switch (lock->lk_type) { 6698 case NFS4_READW_LT: 6699 if (nfsd4_has_session(cstate)) 6700 fl_flags |= FL_SLEEP; 6701 /* Fallthrough */ 6702 case NFS4_READ_LT: 6703 spin_lock(&fp->fi_lock); 6704 nf = find_readable_file_locked(fp); 6705 if (nf) 6706 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 6707 spin_unlock(&fp->fi_lock); 6708 fl_type = F_RDLCK; 6709 break; 6710 case NFS4_WRITEW_LT: 6711 if (nfsd4_has_session(cstate)) 6712 fl_flags |= FL_SLEEP; 6713 /* Fallthrough */ 6714 case NFS4_WRITE_LT: 6715 spin_lock(&fp->fi_lock); 6716 nf = find_writeable_file_locked(fp); 6717 if (nf) 6718 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 6719 spin_unlock(&fp->fi_lock); 6720 fl_type = F_WRLCK; 6721 break; 6722 default: 6723 status = nfserr_inval; 6724 goto out; 6725 } 6726 6727 if (!nf) { 6728 status = nfserr_openmode; 6729 goto out; 6730 } 6731 6732 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 6733 if (!nbl) { 6734 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 6735 status = nfserr_jukebox; 6736 goto out; 6737 } 6738 6739 file_lock = &nbl->nbl_lock; 6740 file_lock->fl_type = fl_type; 6741 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 6742 file_lock->fl_pid = current->tgid; 6743 file_lock->fl_file = nf->nf_file; 6744 file_lock->fl_flags = fl_flags; 6745 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6746 file_lock->fl_start = lock->lk_offset; 6747 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 6748 nfs4_transform_lock_offset(file_lock); 6749 6750 conflock = locks_alloc_lock(); 6751 if (!conflock) { 6752 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6753 status = nfserr_jukebox; 6754 goto out; 6755 } 6756 6757 if (fl_flags & FL_SLEEP) { 6758 nbl->nbl_time = ktime_get_boottime_seconds(); 6759 spin_lock(&nn->blocked_locks_lock); 6760 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 6761 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 6762 spin_unlock(&nn->blocked_locks_lock); 6763 } 6764 6765 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, conflock); 6766 switch (err) { 6767 case 0: /* success! */ 6768 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 6769 status = 0; 6770 if (lock->lk_reclaim) 6771 nn->somebody_reclaimed = true; 6772 break; 6773 case FILE_LOCK_DEFERRED: 6774 nbl = NULL; 6775 /* Fallthrough */ 6776 case -EAGAIN: /* conflock holds conflicting lock */ 6777 status = nfserr_denied; 6778 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 6779 nfs4_set_lock_denied(conflock, &lock->lk_denied); 6780 break; 6781 case -EDEADLK: 6782 status = nfserr_deadlock; 6783 break; 6784 default: 6785 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 6786 status = nfserrno(err); 6787 break; 6788 } 6789 out: 6790 if (nbl) { 6791 /* dequeue it if we queued it before */ 6792 if (fl_flags & FL_SLEEP) { 6793 spin_lock(&nn->blocked_locks_lock); 6794 list_del_init(&nbl->nbl_list); 6795 list_del_init(&nbl->nbl_lru); 6796 spin_unlock(&nn->blocked_locks_lock); 6797 } 6798 free_blocked_lock(nbl); 6799 } 6800 if (nf) 6801 nfsd_file_put(nf); 6802 if (lock_stp) { 6803 /* Bump seqid manually if the 4.0 replay owner is openowner */ 6804 if (cstate->replay_owner && 6805 cstate->replay_owner != &lock_sop->lo_owner && 6806 seqid_mutating_err(ntohl(status))) 6807 lock_sop->lo_owner.so_seqid++; 6808 6809 /* 6810 * If this is a new, never-before-used stateid, and we are 6811 * returning an error, then just go ahead and release it. 6812 */ 6813 if (status && new) 6814 release_lock_stateid(lock_stp); 6815 6816 mutex_unlock(&lock_stp->st_mutex); 6817 6818 nfs4_put_stid(&lock_stp->st_stid); 6819 } 6820 if (open_stp) 6821 nfs4_put_stid(&open_stp->st_stid); 6822 nfsd4_bump_seqid(cstate, status); 6823 if (conflock) 6824 locks_free_lock(conflock); 6825 return status; 6826 } 6827 6828 /* 6829 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6830 * so we do a temporary open here just to get an open file to pass to 6831 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6832 * inode operation.) 6833 */ 6834 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6835 { 6836 struct nfsd_file *nf; 6837 __be32 err = nfsd_file_acquire(rqstp, fhp, NFSD_MAY_READ, &nf); 6838 if (!err) { 6839 err = nfserrno(vfs_test_lock(nf->nf_file, lock)); 6840 nfsd_file_put(nf); 6841 } 6842 return err; 6843 } 6844 6845 /* 6846 * LOCKT operation 6847 */ 6848 __be32 6849 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6850 union nfsd4_op_u *u) 6851 { 6852 struct nfsd4_lockt *lockt = &u->lockt; 6853 struct file_lock *file_lock = NULL; 6854 struct nfs4_lockowner *lo = NULL; 6855 __be32 status; 6856 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6857 6858 if (locks_in_grace(SVC_NET(rqstp))) 6859 return nfserr_grace; 6860 6861 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6862 return nfserr_inval; 6863 6864 if (!nfsd4_has_session(cstate)) { 6865 status = lookup_clientid(&lockt->lt_clientid, cstate, nn, 6866 false); 6867 if (status) 6868 goto out; 6869 } 6870 6871 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6872 goto out; 6873 6874 file_lock = locks_alloc_lock(); 6875 if (!file_lock) { 6876 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6877 status = nfserr_jukebox; 6878 goto out; 6879 } 6880 6881 switch (lockt->lt_type) { 6882 case NFS4_READ_LT: 6883 case NFS4_READW_LT: 6884 file_lock->fl_type = F_RDLCK; 6885 break; 6886 case NFS4_WRITE_LT: 6887 case NFS4_WRITEW_LT: 6888 file_lock->fl_type = F_WRLCK; 6889 break; 6890 default: 6891 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6892 status = nfserr_inval; 6893 goto out; 6894 } 6895 6896 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6897 if (lo) 6898 file_lock->fl_owner = (fl_owner_t)lo; 6899 file_lock->fl_pid = current->tgid; 6900 file_lock->fl_flags = FL_POSIX; 6901 6902 file_lock->fl_start = lockt->lt_offset; 6903 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6904 6905 nfs4_transform_lock_offset(file_lock); 6906 6907 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6908 if (status) 6909 goto out; 6910 6911 if (file_lock->fl_type != F_UNLCK) { 6912 status = nfserr_denied; 6913 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6914 } 6915 out: 6916 if (lo) 6917 nfs4_put_stateowner(&lo->lo_owner); 6918 if (file_lock) 6919 locks_free_lock(file_lock); 6920 return status; 6921 } 6922 6923 __be32 6924 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6925 union nfsd4_op_u *u) 6926 { 6927 struct nfsd4_locku *locku = &u->locku; 6928 struct nfs4_ol_stateid *stp; 6929 struct nfsd_file *nf = NULL; 6930 struct file_lock *file_lock = NULL; 6931 __be32 status; 6932 int err; 6933 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6934 6935 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6936 (long long) locku->lu_offset, 6937 (long long) locku->lu_length); 6938 6939 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6940 return nfserr_inval; 6941 6942 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6943 &locku->lu_stateid, NFS4_LOCK_STID, 6944 &stp, nn); 6945 if (status) 6946 goto out; 6947 nf = find_any_file(stp->st_stid.sc_file); 6948 if (!nf) { 6949 status = nfserr_lock_range; 6950 goto put_stateid; 6951 } 6952 file_lock = locks_alloc_lock(); 6953 if (!file_lock) { 6954 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6955 status = nfserr_jukebox; 6956 goto put_file; 6957 } 6958 6959 file_lock->fl_type = F_UNLCK; 6960 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6961 file_lock->fl_pid = current->tgid; 6962 file_lock->fl_file = nf->nf_file; 6963 file_lock->fl_flags = FL_POSIX; 6964 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6965 file_lock->fl_start = locku->lu_offset; 6966 6967 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6968 locku->lu_length); 6969 nfs4_transform_lock_offset(file_lock); 6970 6971 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, NULL); 6972 if (err) { 6973 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6974 goto out_nfserr; 6975 } 6976 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6977 put_file: 6978 nfsd_file_put(nf); 6979 put_stateid: 6980 mutex_unlock(&stp->st_mutex); 6981 nfs4_put_stid(&stp->st_stid); 6982 out: 6983 nfsd4_bump_seqid(cstate, status); 6984 if (file_lock) 6985 locks_free_lock(file_lock); 6986 return status; 6987 6988 out_nfserr: 6989 status = nfserrno(err); 6990 goto put_file; 6991 } 6992 6993 /* 6994 * returns 6995 * true: locks held by lockowner 6996 * false: no locks held by lockowner 6997 */ 6998 static bool 6999 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 7000 { 7001 struct file_lock *fl; 7002 int status = false; 7003 struct nfsd_file *nf = find_any_file(fp); 7004 struct inode *inode; 7005 struct file_lock_context *flctx; 7006 7007 if (!nf) { 7008 /* Any valid lock stateid should have some sort of access */ 7009 WARN_ON_ONCE(1); 7010 return status; 7011 } 7012 7013 inode = locks_inode(nf->nf_file); 7014 flctx = inode->i_flctx; 7015 7016 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 7017 spin_lock(&flctx->flc_lock); 7018 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 7019 if (fl->fl_owner == (fl_owner_t)lowner) { 7020 status = true; 7021 break; 7022 } 7023 } 7024 spin_unlock(&flctx->flc_lock); 7025 } 7026 nfsd_file_put(nf); 7027 return status; 7028 } 7029 7030 __be32 7031 nfsd4_release_lockowner(struct svc_rqst *rqstp, 7032 struct nfsd4_compound_state *cstate, 7033 union nfsd4_op_u *u) 7034 { 7035 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 7036 clientid_t *clid = &rlockowner->rl_clientid; 7037 struct nfs4_stateowner *sop; 7038 struct nfs4_lockowner *lo = NULL; 7039 struct nfs4_ol_stateid *stp; 7040 struct xdr_netobj *owner = &rlockowner->rl_owner; 7041 unsigned int hashval = ownerstr_hashval(owner); 7042 __be32 status; 7043 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7044 struct nfs4_client *clp; 7045 LIST_HEAD (reaplist); 7046 7047 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 7048 clid->cl_boot, clid->cl_id); 7049 7050 status = lookup_clientid(clid, cstate, nn, false); 7051 if (status) 7052 return status; 7053 7054 clp = cstate->clp; 7055 /* Find the matching lock stateowner */ 7056 spin_lock(&clp->cl_lock); 7057 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 7058 so_strhash) { 7059 7060 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 7061 continue; 7062 7063 /* see if there are still any locks associated with it */ 7064 lo = lockowner(sop); 7065 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 7066 if (check_for_locks(stp->st_stid.sc_file, lo)) { 7067 status = nfserr_locks_held; 7068 spin_unlock(&clp->cl_lock); 7069 return status; 7070 } 7071 } 7072 7073 nfs4_get_stateowner(sop); 7074 break; 7075 } 7076 if (!lo) { 7077 spin_unlock(&clp->cl_lock); 7078 return status; 7079 } 7080 7081 unhash_lockowner_locked(lo); 7082 while (!list_empty(&lo->lo_owner.so_stateids)) { 7083 stp = list_first_entry(&lo->lo_owner.so_stateids, 7084 struct nfs4_ol_stateid, 7085 st_perstateowner); 7086 WARN_ON(!unhash_lock_stateid(stp)); 7087 put_ol_stateid_locked(stp, &reaplist); 7088 } 7089 spin_unlock(&clp->cl_lock); 7090 free_ol_stateid_reaplist(&reaplist); 7091 remove_blocked_locks(lo); 7092 nfs4_put_stateowner(&lo->lo_owner); 7093 7094 return status; 7095 } 7096 7097 static inline struct nfs4_client_reclaim * 7098 alloc_reclaim(void) 7099 { 7100 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 7101 } 7102 7103 bool 7104 nfs4_has_reclaimed_state(struct xdr_netobj name, struct nfsd_net *nn) 7105 { 7106 struct nfs4_client_reclaim *crp; 7107 7108 crp = nfsd4_find_reclaim_client(name, nn); 7109 return (crp && crp->cr_clp); 7110 } 7111 7112 /* 7113 * failure => all reset bets are off, nfserr_no_grace... 7114 * 7115 * The caller is responsible for freeing name.data if NULL is returned (it 7116 * will be freed in nfs4_remove_reclaim_record in the normal case). 7117 */ 7118 struct nfs4_client_reclaim * 7119 nfs4_client_to_reclaim(struct xdr_netobj name, struct xdr_netobj princhash, 7120 struct nfsd_net *nn) 7121 { 7122 unsigned int strhashval; 7123 struct nfs4_client_reclaim *crp; 7124 7125 trace_nfsd_clid_reclaim(nn, name.len, name.data); 7126 crp = alloc_reclaim(); 7127 if (crp) { 7128 strhashval = clientstr_hashval(name); 7129 INIT_LIST_HEAD(&crp->cr_strhash); 7130 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 7131 crp->cr_name.data = name.data; 7132 crp->cr_name.len = name.len; 7133 crp->cr_princhash.data = princhash.data; 7134 crp->cr_princhash.len = princhash.len; 7135 crp->cr_clp = NULL; 7136 nn->reclaim_str_hashtbl_size++; 7137 } 7138 return crp; 7139 } 7140 7141 void 7142 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 7143 { 7144 list_del(&crp->cr_strhash); 7145 kfree(crp->cr_name.data); 7146 kfree(crp->cr_princhash.data); 7147 kfree(crp); 7148 nn->reclaim_str_hashtbl_size--; 7149 } 7150 7151 void 7152 nfs4_release_reclaim(struct nfsd_net *nn) 7153 { 7154 struct nfs4_client_reclaim *crp = NULL; 7155 int i; 7156 7157 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7158 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 7159 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 7160 struct nfs4_client_reclaim, cr_strhash); 7161 nfs4_remove_reclaim_record(crp, nn); 7162 } 7163 } 7164 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 7165 } 7166 7167 /* 7168 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 7169 struct nfs4_client_reclaim * 7170 nfsd4_find_reclaim_client(struct xdr_netobj name, struct nfsd_net *nn) 7171 { 7172 unsigned int strhashval; 7173 struct nfs4_client_reclaim *crp = NULL; 7174 7175 trace_nfsd_clid_find(nn, name.len, name.data); 7176 7177 strhashval = clientstr_hashval(name); 7178 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 7179 if (compare_blob(&crp->cr_name, &name) == 0) { 7180 return crp; 7181 } 7182 } 7183 return NULL; 7184 } 7185 7186 /* 7187 * Called from OPEN. Look for clientid in reclaim list. 7188 */ 7189 __be32 7190 nfs4_check_open_reclaim(clientid_t *clid, 7191 struct nfsd4_compound_state *cstate, 7192 struct nfsd_net *nn) 7193 { 7194 __be32 status; 7195 7196 /* find clientid in conf_id_hashtbl */ 7197 status = lookup_clientid(clid, cstate, nn, false); 7198 if (status) 7199 return nfserr_reclaim_bad; 7200 7201 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 7202 return nfserr_no_grace; 7203 7204 if (nfsd4_client_record_check(cstate->clp)) 7205 return nfserr_reclaim_bad; 7206 7207 return nfs_ok; 7208 } 7209 7210 #ifdef CONFIG_NFSD_FAULT_INJECTION 7211 static inline void 7212 put_client(struct nfs4_client *clp) 7213 { 7214 atomic_dec(&clp->cl_rpc_users); 7215 } 7216 7217 static struct nfs4_client * 7218 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 7219 { 7220 struct nfs4_client *clp; 7221 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7222 nfsd_net_id); 7223 7224 if (!nfsd_netns_ready(nn)) 7225 return NULL; 7226 7227 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7228 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 7229 return clp; 7230 } 7231 return NULL; 7232 } 7233 7234 u64 7235 nfsd_inject_print_clients(void) 7236 { 7237 struct nfs4_client *clp; 7238 u64 count = 0; 7239 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7240 nfsd_net_id); 7241 char buf[INET6_ADDRSTRLEN]; 7242 7243 if (!nfsd_netns_ready(nn)) 7244 return 0; 7245 7246 spin_lock(&nn->client_lock); 7247 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7248 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 7249 pr_info("NFS Client: %s\n", buf); 7250 ++count; 7251 } 7252 spin_unlock(&nn->client_lock); 7253 7254 return count; 7255 } 7256 7257 u64 7258 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 7259 { 7260 u64 count = 0; 7261 struct nfs4_client *clp; 7262 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7263 nfsd_net_id); 7264 7265 if (!nfsd_netns_ready(nn)) 7266 return count; 7267 7268 spin_lock(&nn->client_lock); 7269 clp = nfsd_find_client(addr, addr_size); 7270 if (clp) { 7271 if (mark_client_expired_locked(clp) == nfs_ok) 7272 ++count; 7273 else 7274 clp = NULL; 7275 } 7276 spin_unlock(&nn->client_lock); 7277 7278 if (clp) 7279 expire_client(clp); 7280 7281 return count; 7282 } 7283 7284 u64 7285 nfsd_inject_forget_clients(u64 max) 7286 { 7287 u64 count = 0; 7288 struct nfs4_client *clp, *next; 7289 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7290 nfsd_net_id); 7291 LIST_HEAD(reaplist); 7292 7293 if (!nfsd_netns_ready(nn)) 7294 return count; 7295 7296 spin_lock(&nn->client_lock); 7297 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7298 if (mark_client_expired_locked(clp) == nfs_ok) { 7299 list_add(&clp->cl_lru, &reaplist); 7300 if (max != 0 && ++count >= max) 7301 break; 7302 } 7303 } 7304 spin_unlock(&nn->client_lock); 7305 7306 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 7307 expire_client(clp); 7308 7309 return count; 7310 } 7311 7312 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 7313 const char *type) 7314 { 7315 char buf[INET6_ADDRSTRLEN]; 7316 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 7317 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 7318 } 7319 7320 static void 7321 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 7322 struct list_head *collect) 7323 { 7324 struct nfs4_client *clp = lst->st_stid.sc_client; 7325 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7326 nfsd_net_id); 7327 7328 if (!collect) 7329 return; 7330 7331 lockdep_assert_held(&nn->client_lock); 7332 atomic_inc(&clp->cl_rpc_users); 7333 list_add(&lst->st_locks, collect); 7334 } 7335 7336 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 7337 struct list_head *collect, 7338 bool (*func)(struct nfs4_ol_stateid *)) 7339 { 7340 struct nfs4_openowner *oop; 7341 struct nfs4_ol_stateid *stp, *st_next; 7342 struct nfs4_ol_stateid *lst, *lst_next; 7343 u64 count = 0; 7344 7345 spin_lock(&clp->cl_lock); 7346 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 7347 list_for_each_entry_safe(stp, st_next, 7348 &oop->oo_owner.so_stateids, st_perstateowner) { 7349 list_for_each_entry_safe(lst, lst_next, 7350 &stp->st_locks, st_locks) { 7351 if (func) { 7352 if (func(lst)) 7353 nfsd_inject_add_lock_to_list(lst, 7354 collect); 7355 } 7356 ++count; 7357 /* 7358 * Despite the fact that these functions deal 7359 * with 64-bit integers for "count", we must 7360 * ensure that it doesn't blow up the 7361 * clp->cl_rpc_users. Throw a warning if we 7362 * start to approach INT_MAX here. 7363 */ 7364 WARN_ON_ONCE(count == (INT_MAX / 2)); 7365 if (count == max) 7366 goto out; 7367 } 7368 } 7369 } 7370 out: 7371 spin_unlock(&clp->cl_lock); 7372 7373 return count; 7374 } 7375 7376 static u64 7377 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 7378 u64 max) 7379 { 7380 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 7381 } 7382 7383 static u64 7384 nfsd_print_client_locks(struct nfs4_client *clp) 7385 { 7386 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 7387 nfsd_print_count(clp, count, "locked files"); 7388 return count; 7389 } 7390 7391 u64 7392 nfsd_inject_print_locks(void) 7393 { 7394 struct nfs4_client *clp; 7395 u64 count = 0; 7396 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7397 nfsd_net_id); 7398 7399 if (!nfsd_netns_ready(nn)) 7400 return 0; 7401 7402 spin_lock(&nn->client_lock); 7403 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7404 count += nfsd_print_client_locks(clp); 7405 spin_unlock(&nn->client_lock); 7406 7407 return count; 7408 } 7409 7410 static void 7411 nfsd_reap_locks(struct list_head *reaplist) 7412 { 7413 struct nfs4_client *clp; 7414 struct nfs4_ol_stateid *stp, *next; 7415 7416 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 7417 list_del_init(&stp->st_locks); 7418 clp = stp->st_stid.sc_client; 7419 nfs4_put_stid(&stp->st_stid); 7420 put_client(clp); 7421 } 7422 } 7423 7424 u64 7425 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 7426 { 7427 unsigned int count = 0; 7428 struct nfs4_client *clp; 7429 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7430 nfsd_net_id); 7431 LIST_HEAD(reaplist); 7432 7433 if (!nfsd_netns_ready(nn)) 7434 return count; 7435 7436 spin_lock(&nn->client_lock); 7437 clp = nfsd_find_client(addr, addr_size); 7438 if (clp) 7439 count = nfsd_collect_client_locks(clp, &reaplist, 0); 7440 spin_unlock(&nn->client_lock); 7441 nfsd_reap_locks(&reaplist); 7442 return count; 7443 } 7444 7445 u64 7446 nfsd_inject_forget_locks(u64 max) 7447 { 7448 u64 count = 0; 7449 struct nfs4_client *clp; 7450 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7451 nfsd_net_id); 7452 LIST_HEAD(reaplist); 7453 7454 if (!nfsd_netns_ready(nn)) 7455 return count; 7456 7457 spin_lock(&nn->client_lock); 7458 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7459 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 7460 if (max != 0 && count >= max) 7461 break; 7462 } 7463 spin_unlock(&nn->client_lock); 7464 nfsd_reap_locks(&reaplist); 7465 return count; 7466 } 7467 7468 static u64 7469 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 7470 struct list_head *collect, 7471 void (*func)(struct nfs4_openowner *)) 7472 { 7473 struct nfs4_openowner *oop, *next; 7474 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7475 nfsd_net_id); 7476 u64 count = 0; 7477 7478 lockdep_assert_held(&nn->client_lock); 7479 7480 spin_lock(&clp->cl_lock); 7481 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 7482 if (func) { 7483 func(oop); 7484 if (collect) { 7485 atomic_inc(&clp->cl_rpc_users); 7486 list_add(&oop->oo_perclient, collect); 7487 } 7488 } 7489 ++count; 7490 /* 7491 * Despite the fact that these functions deal with 7492 * 64-bit integers for "count", we must ensure that 7493 * it doesn't blow up the clp->cl_rpc_users. Throw a 7494 * warning if we start to approach INT_MAX here. 7495 */ 7496 WARN_ON_ONCE(count == (INT_MAX / 2)); 7497 if (count == max) 7498 break; 7499 } 7500 spin_unlock(&clp->cl_lock); 7501 7502 return count; 7503 } 7504 7505 static u64 7506 nfsd_print_client_openowners(struct nfs4_client *clp) 7507 { 7508 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 7509 7510 nfsd_print_count(clp, count, "openowners"); 7511 return count; 7512 } 7513 7514 static u64 7515 nfsd_collect_client_openowners(struct nfs4_client *clp, 7516 struct list_head *collect, u64 max) 7517 { 7518 return nfsd_foreach_client_openowner(clp, max, collect, 7519 unhash_openowner_locked); 7520 } 7521 7522 u64 7523 nfsd_inject_print_openowners(void) 7524 { 7525 struct nfs4_client *clp; 7526 u64 count = 0; 7527 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7528 nfsd_net_id); 7529 7530 if (!nfsd_netns_ready(nn)) 7531 return 0; 7532 7533 spin_lock(&nn->client_lock); 7534 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7535 count += nfsd_print_client_openowners(clp); 7536 spin_unlock(&nn->client_lock); 7537 7538 return count; 7539 } 7540 7541 static void 7542 nfsd_reap_openowners(struct list_head *reaplist) 7543 { 7544 struct nfs4_client *clp; 7545 struct nfs4_openowner *oop, *next; 7546 7547 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 7548 list_del_init(&oop->oo_perclient); 7549 clp = oop->oo_owner.so_client; 7550 release_openowner(oop); 7551 put_client(clp); 7552 } 7553 } 7554 7555 u64 7556 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 7557 size_t addr_size) 7558 { 7559 unsigned int count = 0; 7560 struct nfs4_client *clp; 7561 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7562 nfsd_net_id); 7563 LIST_HEAD(reaplist); 7564 7565 if (!nfsd_netns_ready(nn)) 7566 return count; 7567 7568 spin_lock(&nn->client_lock); 7569 clp = nfsd_find_client(addr, addr_size); 7570 if (clp) 7571 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 7572 spin_unlock(&nn->client_lock); 7573 nfsd_reap_openowners(&reaplist); 7574 return count; 7575 } 7576 7577 u64 7578 nfsd_inject_forget_openowners(u64 max) 7579 { 7580 u64 count = 0; 7581 struct nfs4_client *clp; 7582 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7583 nfsd_net_id); 7584 LIST_HEAD(reaplist); 7585 7586 if (!nfsd_netns_ready(nn)) 7587 return count; 7588 7589 spin_lock(&nn->client_lock); 7590 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7591 count += nfsd_collect_client_openowners(clp, &reaplist, 7592 max - count); 7593 if (max != 0 && count >= max) 7594 break; 7595 } 7596 spin_unlock(&nn->client_lock); 7597 nfsd_reap_openowners(&reaplist); 7598 return count; 7599 } 7600 7601 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 7602 struct list_head *victims) 7603 { 7604 struct nfs4_delegation *dp, *next; 7605 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7606 nfsd_net_id); 7607 u64 count = 0; 7608 7609 lockdep_assert_held(&nn->client_lock); 7610 7611 spin_lock(&state_lock); 7612 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 7613 if (victims) { 7614 /* 7615 * It's not safe to mess with delegations that have a 7616 * non-zero dl_time. They might have already been broken 7617 * and could be processed by the laundromat outside of 7618 * the state_lock. Just leave them be. 7619 */ 7620 if (dp->dl_time != 0) 7621 continue; 7622 7623 atomic_inc(&clp->cl_rpc_users); 7624 WARN_ON(!unhash_delegation_locked(dp)); 7625 list_add(&dp->dl_recall_lru, victims); 7626 } 7627 ++count; 7628 /* 7629 * Despite the fact that these functions deal with 7630 * 64-bit integers for "count", we must ensure that 7631 * it doesn't blow up the clp->cl_rpc_users. Throw a 7632 * warning if we start to approach INT_MAX here. 7633 */ 7634 WARN_ON_ONCE(count == (INT_MAX / 2)); 7635 if (count == max) 7636 break; 7637 } 7638 spin_unlock(&state_lock); 7639 return count; 7640 } 7641 7642 static u64 7643 nfsd_print_client_delegations(struct nfs4_client *clp) 7644 { 7645 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 7646 7647 nfsd_print_count(clp, count, "delegations"); 7648 return count; 7649 } 7650 7651 u64 7652 nfsd_inject_print_delegations(void) 7653 { 7654 struct nfs4_client *clp; 7655 u64 count = 0; 7656 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7657 nfsd_net_id); 7658 7659 if (!nfsd_netns_ready(nn)) 7660 return 0; 7661 7662 spin_lock(&nn->client_lock); 7663 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7664 count += nfsd_print_client_delegations(clp); 7665 spin_unlock(&nn->client_lock); 7666 7667 return count; 7668 } 7669 7670 static void 7671 nfsd_forget_delegations(struct list_head *reaplist) 7672 { 7673 struct nfs4_client *clp; 7674 struct nfs4_delegation *dp, *next; 7675 7676 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7677 list_del_init(&dp->dl_recall_lru); 7678 clp = dp->dl_stid.sc_client; 7679 revoke_delegation(dp); 7680 put_client(clp); 7681 } 7682 } 7683 7684 u64 7685 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 7686 size_t addr_size) 7687 { 7688 u64 count = 0; 7689 struct nfs4_client *clp; 7690 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7691 nfsd_net_id); 7692 LIST_HEAD(reaplist); 7693 7694 if (!nfsd_netns_ready(nn)) 7695 return count; 7696 7697 spin_lock(&nn->client_lock); 7698 clp = nfsd_find_client(addr, addr_size); 7699 if (clp) 7700 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7701 spin_unlock(&nn->client_lock); 7702 7703 nfsd_forget_delegations(&reaplist); 7704 return count; 7705 } 7706 7707 u64 7708 nfsd_inject_forget_delegations(u64 max) 7709 { 7710 u64 count = 0; 7711 struct nfs4_client *clp; 7712 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7713 nfsd_net_id); 7714 LIST_HEAD(reaplist); 7715 7716 if (!nfsd_netns_ready(nn)) 7717 return count; 7718 7719 spin_lock(&nn->client_lock); 7720 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7721 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7722 if (max != 0 && count >= max) 7723 break; 7724 } 7725 spin_unlock(&nn->client_lock); 7726 nfsd_forget_delegations(&reaplist); 7727 return count; 7728 } 7729 7730 static void 7731 nfsd_recall_delegations(struct list_head *reaplist) 7732 { 7733 struct nfs4_client *clp; 7734 struct nfs4_delegation *dp, *next; 7735 7736 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7737 list_del_init(&dp->dl_recall_lru); 7738 clp = dp->dl_stid.sc_client; 7739 7740 trace_nfsd_deleg_recall(&dp->dl_stid.sc_stateid); 7741 7742 /* 7743 * We skipped all entries that had a zero dl_time before, 7744 * so we can now reset the dl_time back to 0. If a delegation 7745 * break comes in now, then it won't make any difference since 7746 * we're recalling it either way. 7747 */ 7748 spin_lock(&state_lock); 7749 dp->dl_time = 0; 7750 spin_unlock(&state_lock); 7751 nfsd_break_one_deleg(dp); 7752 put_client(clp); 7753 } 7754 } 7755 7756 u64 7757 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 7758 size_t addr_size) 7759 { 7760 u64 count = 0; 7761 struct nfs4_client *clp; 7762 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7763 nfsd_net_id); 7764 LIST_HEAD(reaplist); 7765 7766 if (!nfsd_netns_ready(nn)) 7767 return count; 7768 7769 spin_lock(&nn->client_lock); 7770 clp = nfsd_find_client(addr, addr_size); 7771 if (clp) 7772 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7773 spin_unlock(&nn->client_lock); 7774 7775 nfsd_recall_delegations(&reaplist); 7776 return count; 7777 } 7778 7779 u64 7780 nfsd_inject_recall_delegations(u64 max) 7781 { 7782 u64 count = 0; 7783 struct nfs4_client *clp, *next; 7784 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7785 nfsd_net_id); 7786 LIST_HEAD(reaplist); 7787 7788 if (!nfsd_netns_ready(nn)) 7789 return count; 7790 7791 spin_lock(&nn->client_lock); 7792 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7793 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7794 if (max != 0 && ++count >= max) 7795 break; 7796 } 7797 spin_unlock(&nn->client_lock); 7798 nfsd_recall_delegations(&reaplist); 7799 return count; 7800 } 7801 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 7802 7803 /* 7804 * Since the lifetime of a delegation isn't limited to that of an open, a 7805 * client may quite reasonably hang on to a delegation as long as it has 7806 * the inode cached. This becomes an obvious problem the first time a 7807 * client's inode cache approaches the size of the server's total memory. 7808 * 7809 * For now we avoid this problem by imposing a hard limit on the number 7810 * of delegations, which varies according to the server's memory size. 7811 */ 7812 static void 7813 set_max_delegations(void) 7814 { 7815 /* 7816 * Allow at most 4 delegations per megabyte of RAM. Quick 7817 * estimates suggest that in the worst case (where every delegation 7818 * is for a different inode), a delegation could take about 1.5K, 7819 * giving a worst case usage of about 6% of memory. 7820 */ 7821 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 7822 } 7823 7824 static int nfs4_state_create_net(struct net *net) 7825 { 7826 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7827 int i; 7828 7829 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7830 sizeof(struct list_head), 7831 GFP_KERNEL); 7832 if (!nn->conf_id_hashtbl) 7833 goto err; 7834 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7835 sizeof(struct list_head), 7836 GFP_KERNEL); 7837 if (!nn->unconf_id_hashtbl) 7838 goto err_unconf_id; 7839 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE, 7840 sizeof(struct list_head), 7841 GFP_KERNEL); 7842 if (!nn->sessionid_hashtbl) 7843 goto err_sessionid; 7844 7845 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7846 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7847 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7848 } 7849 for (i = 0; i < SESSION_HASH_SIZE; i++) 7850 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7851 nn->conf_name_tree = RB_ROOT; 7852 nn->unconf_name_tree = RB_ROOT; 7853 nn->boot_time = ktime_get_real_seconds(); 7854 nn->grace_ended = false; 7855 nn->nfsd4_manager.block_opens = true; 7856 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 7857 INIT_LIST_HEAD(&nn->client_lru); 7858 INIT_LIST_HEAD(&nn->close_lru); 7859 INIT_LIST_HEAD(&nn->del_recall_lru); 7860 spin_lock_init(&nn->client_lock); 7861 spin_lock_init(&nn->s2s_cp_lock); 7862 idr_init(&nn->s2s_cp_stateids); 7863 7864 spin_lock_init(&nn->blocked_locks_lock); 7865 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7866 7867 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7868 get_net(net); 7869 7870 return 0; 7871 7872 err_sessionid: 7873 kfree(nn->unconf_id_hashtbl); 7874 err_unconf_id: 7875 kfree(nn->conf_id_hashtbl); 7876 err: 7877 return -ENOMEM; 7878 } 7879 7880 static void 7881 nfs4_state_destroy_net(struct net *net) 7882 { 7883 int i; 7884 struct nfs4_client *clp = NULL; 7885 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7886 7887 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7888 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7889 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7890 destroy_client(clp); 7891 } 7892 } 7893 7894 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 7895 7896 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7897 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7898 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7899 destroy_client(clp); 7900 } 7901 } 7902 7903 kfree(nn->sessionid_hashtbl); 7904 kfree(nn->unconf_id_hashtbl); 7905 kfree(nn->conf_id_hashtbl); 7906 put_net(net); 7907 } 7908 7909 int 7910 nfs4_state_start_net(struct net *net) 7911 { 7912 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7913 int ret; 7914 7915 ret = nfs4_state_create_net(net); 7916 if (ret) 7917 return ret; 7918 locks_start_grace(net, &nn->nfsd4_manager); 7919 nfsd4_client_tracking_init(net); 7920 if (nn->track_reclaim_completes && nn->reclaim_str_hashtbl_size == 0) 7921 goto skip_grace; 7922 printk(KERN_INFO "NFSD: starting %lld-second grace period (net %x)\n", 7923 nn->nfsd4_grace, net->ns.inum); 7924 trace_nfsd_grace_start(nn); 7925 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7926 return 0; 7927 7928 skip_grace: 7929 printk(KERN_INFO "NFSD: no clients to reclaim, skipping NFSv4 grace period (net %x)\n", 7930 net->ns.inum); 7931 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_lease * HZ); 7932 nfsd4_end_grace(nn); 7933 return 0; 7934 } 7935 7936 /* initialization to perform when the nfsd service is started: */ 7937 7938 int 7939 nfs4_state_start(void) 7940 { 7941 int ret; 7942 7943 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7944 if (laundry_wq == NULL) { 7945 ret = -ENOMEM; 7946 goto out; 7947 } 7948 ret = nfsd4_create_callback_queue(); 7949 if (ret) 7950 goto out_free_laundry; 7951 7952 set_max_delegations(); 7953 return 0; 7954 7955 out_free_laundry: 7956 destroy_workqueue(laundry_wq); 7957 out: 7958 return ret; 7959 } 7960 7961 void 7962 nfs4_state_shutdown_net(struct net *net) 7963 { 7964 struct nfs4_delegation *dp = NULL; 7965 struct list_head *pos, *next, reaplist; 7966 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7967 7968 cancel_delayed_work_sync(&nn->laundromat_work); 7969 locks_end_grace(&nn->nfsd4_manager); 7970 7971 INIT_LIST_HEAD(&reaplist); 7972 spin_lock(&state_lock); 7973 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7974 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7975 WARN_ON(!unhash_delegation_locked(dp)); 7976 list_add(&dp->dl_recall_lru, &reaplist); 7977 } 7978 spin_unlock(&state_lock); 7979 list_for_each_safe(pos, next, &reaplist) { 7980 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7981 list_del_init(&dp->dl_recall_lru); 7982 destroy_unhashed_deleg(dp); 7983 } 7984 7985 nfsd4_client_tracking_exit(net); 7986 nfs4_state_destroy_net(net); 7987 } 7988 7989 void 7990 nfs4_state_shutdown(void) 7991 { 7992 destroy_workqueue(laundry_wq); 7993 nfsd4_destroy_callback_queue(); 7994 } 7995 7996 static void 7997 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7998 { 7999 if (HAS_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG) && 8000 CURRENT_STATEID(stateid)) 8001 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 8002 } 8003 8004 static void 8005 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 8006 { 8007 if (cstate->minorversion) { 8008 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 8009 SET_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 8010 } 8011 } 8012 8013 void 8014 clear_current_stateid(struct nfsd4_compound_state *cstate) 8015 { 8016 CLEAR_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 8017 } 8018 8019 /* 8020 * functions to set current state id 8021 */ 8022 void 8023 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 8024 union nfsd4_op_u *u) 8025 { 8026 put_stateid(cstate, &u->open_downgrade.od_stateid); 8027 } 8028 8029 void 8030 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 8031 union nfsd4_op_u *u) 8032 { 8033 put_stateid(cstate, &u->open.op_stateid); 8034 } 8035 8036 void 8037 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 8038 union nfsd4_op_u *u) 8039 { 8040 put_stateid(cstate, &u->close.cl_stateid); 8041 } 8042 8043 void 8044 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 8045 union nfsd4_op_u *u) 8046 { 8047 put_stateid(cstate, &u->lock.lk_resp_stateid); 8048 } 8049 8050 /* 8051 * functions to consume current state id 8052 */ 8053 8054 void 8055 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 8056 union nfsd4_op_u *u) 8057 { 8058 get_stateid(cstate, &u->open_downgrade.od_stateid); 8059 } 8060 8061 void 8062 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 8063 union nfsd4_op_u *u) 8064 { 8065 get_stateid(cstate, &u->delegreturn.dr_stateid); 8066 } 8067 8068 void 8069 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 8070 union nfsd4_op_u *u) 8071 { 8072 get_stateid(cstate, &u->free_stateid.fr_stateid); 8073 } 8074 8075 void 8076 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 8077 union nfsd4_op_u *u) 8078 { 8079 get_stateid(cstate, &u->setattr.sa_stateid); 8080 } 8081 8082 void 8083 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 8084 union nfsd4_op_u *u) 8085 { 8086 get_stateid(cstate, &u->close.cl_stateid); 8087 } 8088 8089 void 8090 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 8091 union nfsd4_op_u *u) 8092 { 8093 get_stateid(cstate, &u->locku.lu_stateid); 8094 } 8095 8096 void 8097 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 8098 union nfsd4_op_u *u) 8099 { 8100 get_stateid(cstate, &u->read.rd_stateid); 8101 } 8102 8103 void 8104 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 8105 union nfsd4_op_u *u) 8106 { 8107 get_stateid(cstate, &u->write.wr_stateid); 8108 } 8109