1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include <linux/string_helpers.h> 46 #include "xdr4.h" 47 #include "xdr4cb.h" 48 #include "vfs.h" 49 #include "current_stateid.h" 50 51 #include "netns.h" 52 #include "pnfs.h" 53 #include "filecache.h" 54 55 #define NFSDDBG_FACILITY NFSDDBG_PROC 56 57 #define all_ones {{~0,~0},~0} 58 static const stateid_t one_stateid = { 59 .si_generation = ~0, 60 .si_opaque = all_ones, 61 }; 62 static const stateid_t zero_stateid = { 63 /* all fields zero */ 64 }; 65 static const stateid_t currentstateid = { 66 .si_generation = 1, 67 }; 68 static const stateid_t close_stateid = { 69 .si_generation = 0xffffffffU, 70 }; 71 72 static u64 current_sessionid = 1; 73 74 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 75 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 76 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 77 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 78 79 /* forward declarations */ 80 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 81 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 82 void nfsd4_end_grace(struct nfsd_net *nn); 83 static void _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps); 84 85 /* Locking: */ 86 87 /* 88 * Currently used for the del_recall_lru and file hash table. In an 89 * effort to decrease the scope of the client_mutex, this spinlock may 90 * eventually cover more: 91 */ 92 static DEFINE_SPINLOCK(state_lock); 93 94 enum nfsd4_st_mutex_lock_subclass { 95 OPEN_STATEID_MUTEX = 0, 96 LOCK_STATEID_MUTEX = 1, 97 }; 98 99 /* 100 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 101 * the refcount on the open stateid to drop. 102 */ 103 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 104 105 /* 106 * A waitqueue where a writer to clients/#/ctl destroying a client can 107 * wait for cl_rpc_users to drop to 0 and then for the client to be 108 * unhashed. 109 */ 110 static DECLARE_WAIT_QUEUE_HEAD(expiry_wq); 111 112 static struct kmem_cache *client_slab; 113 static struct kmem_cache *openowner_slab; 114 static struct kmem_cache *lockowner_slab; 115 static struct kmem_cache *file_slab; 116 static struct kmem_cache *stateid_slab; 117 static struct kmem_cache *deleg_slab; 118 static struct kmem_cache *odstate_slab; 119 120 static void free_session(struct nfsd4_session *); 121 122 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 123 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 124 125 static bool is_session_dead(struct nfsd4_session *ses) 126 { 127 return ses->se_flags & NFS4_SESSION_DEAD; 128 } 129 130 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 131 { 132 if (atomic_read(&ses->se_ref) > ref_held_by_me) 133 return nfserr_jukebox; 134 ses->se_flags |= NFS4_SESSION_DEAD; 135 return nfs_ok; 136 } 137 138 static bool is_client_expired(struct nfs4_client *clp) 139 { 140 return clp->cl_time == 0; 141 } 142 143 static __be32 get_client_locked(struct nfs4_client *clp) 144 { 145 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 146 147 lockdep_assert_held(&nn->client_lock); 148 149 if (is_client_expired(clp)) 150 return nfserr_expired; 151 atomic_inc(&clp->cl_rpc_users); 152 return nfs_ok; 153 } 154 155 /* must be called under the client_lock */ 156 static inline void 157 renew_client_locked(struct nfs4_client *clp) 158 { 159 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 160 161 if (is_client_expired(clp)) { 162 WARN_ON(1); 163 printk("%s: client (clientid %08x/%08x) already expired\n", 164 __func__, 165 clp->cl_clientid.cl_boot, 166 clp->cl_clientid.cl_id); 167 return; 168 } 169 170 dprintk("renewing client (clientid %08x/%08x)\n", 171 clp->cl_clientid.cl_boot, 172 clp->cl_clientid.cl_id); 173 list_move_tail(&clp->cl_lru, &nn->client_lru); 174 clp->cl_time = ktime_get_boottime_seconds(); 175 } 176 177 static void put_client_renew_locked(struct nfs4_client *clp) 178 { 179 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 180 181 lockdep_assert_held(&nn->client_lock); 182 183 if (!atomic_dec_and_test(&clp->cl_rpc_users)) 184 return; 185 if (!is_client_expired(clp)) 186 renew_client_locked(clp); 187 else 188 wake_up_all(&expiry_wq); 189 } 190 191 static void put_client_renew(struct nfs4_client *clp) 192 { 193 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 194 195 if (!atomic_dec_and_lock(&clp->cl_rpc_users, &nn->client_lock)) 196 return; 197 if (!is_client_expired(clp)) 198 renew_client_locked(clp); 199 else 200 wake_up_all(&expiry_wq); 201 spin_unlock(&nn->client_lock); 202 } 203 204 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 205 { 206 __be32 status; 207 208 if (is_session_dead(ses)) 209 return nfserr_badsession; 210 status = get_client_locked(ses->se_client); 211 if (status) 212 return status; 213 atomic_inc(&ses->se_ref); 214 return nfs_ok; 215 } 216 217 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 218 { 219 struct nfs4_client *clp = ses->se_client; 220 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 221 222 lockdep_assert_held(&nn->client_lock); 223 224 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 225 free_session(ses); 226 put_client_renew_locked(clp); 227 } 228 229 static void nfsd4_put_session(struct nfsd4_session *ses) 230 { 231 struct nfs4_client *clp = ses->se_client; 232 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 233 234 spin_lock(&nn->client_lock); 235 nfsd4_put_session_locked(ses); 236 spin_unlock(&nn->client_lock); 237 } 238 239 static struct nfsd4_blocked_lock * 240 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 241 struct nfsd_net *nn) 242 { 243 struct nfsd4_blocked_lock *cur, *found = NULL; 244 245 spin_lock(&nn->blocked_locks_lock); 246 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 247 if (fh_match(fh, &cur->nbl_fh)) { 248 list_del_init(&cur->nbl_list); 249 list_del_init(&cur->nbl_lru); 250 found = cur; 251 break; 252 } 253 } 254 spin_unlock(&nn->blocked_locks_lock); 255 if (found) 256 locks_delete_block(&found->nbl_lock); 257 return found; 258 } 259 260 static struct nfsd4_blocked_lock * 261 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 262 struct nfsd_net *nn) 263 { 264 struct nfsd4_blocked_lock *nbl; 265 266 nbl = find_blocked_lock(lo, fh, nn); 267 if (!nbl) { 268 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 269 if (nbl) { 270 INIT_LIST_HEAD(&nbl->nbl_list); 271 INIT_LIST_HEAD(&nbl->nbl_lru); 272 fh_copy_shallow(&nbl->nbl_fh, fh); 273 locks_init_lock(&nbl->nbl_lock); 274 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 275 &nfsd4_cb_notify_lock_ops, 276 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 277 } 278 } 279 return nbl; 280 } 281 282 static void 283 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 284 { 285 locks_delete_block(&nbl->nbl_lock); 286 locks_release_private(&nbl->nbl_lock); 287 kfree(nbl); 288 } 289 290 static void 291 remove_blocked_locks(struct nfs4_lockowner *lo) 292 { 293 struct nfs4_client *clp = lo->lo_owner.so_client; 294 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 295 struct nfsd4_blocked_lock *nbl; 296 LIST_HEAD(reaplist); 297 298 /* Dequeue all blocked locks */ 299 spin_lock(&nn->blocked_locks_lock); 300 while (!list_empty(&lo->lo_blocked)) { 301 nbl = list_first_entry(&lo->lo_blocked, 302 struct nfsd4_blocked_lock, 303 nbl_list); 304 list_del_init(&nbl->nbl_list); 305 list_move(&nbl->nbl_lru, &reaplist); 306 } 307 spin_unlock(&nn->blocked_locks_lock); 308 309 /* Now free them */ 310 while (!list_empty(&reaplist)) { 311 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 312 nbl_lru); 313 list_del_init(&nbl->nbl_lru); 314 free_blocked_lock(nbl); 315 } 316 } 317 318 static void 319 nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb) 320 { 321 struct nfsd4_blocked_lock *nbl = container_of(cb, 322 struct nfsd4_blocked_lock, nbl_cb); 323 locks_delete_block(&nbl->nbl_lock); 324 } 325 326 static int 327 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 328 { 329 /* 330 * Since this is just an optimization, we don't try very hard if it 331 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 332 * just quit trying on anything else. 333 */ 334 switch (task->tk_status) { 335 case -NFS4ERR_DELAY: 336 rpc_delay(task, 1 * HZ); 337 return 0; 338 default: 339 return 1; 340 } 341 } 342 343 static void 344 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 345 { 346 struct nfsd4_blocked_lock *nbl = container_of(cb, 347 struct nfsd4_blocked_lock, nbl_cb); 348 349 free_blocked_lock(nbl); 350 } 351 352 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 353 .prepare = nfsd4_cb_notify_lock_prepare, 354 .done = nfsd4_cb_notify_lock_done, 355 .release = nfsd4_cb_notify_lock_release, 356 }; 357 358 static inline struct nfs4_stateowner * 359 nfs4_get_stateowner(struct nfs4_stateowner *sop) 360 { 361 atomic_inc(&sop->so_count); 362 return sop; 363 } 364 365 static int 366 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 367 { 368 return (sop->so_owner.len == owner->len) && 369 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 370 } 371 372 static struct nfs4_openowner * 373 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 374 struct nfs4_client *clp) 375 { 376 struct nfs4_stateowner *so; 377 378 lockdep_assert_held(&clp->cl_lock); 379 380 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 381 so_strhash) { 382 if (!so->so_is_open_owner) 383 continue; 384 if (same_owner_str(so, &open->op_owner)) 385 return openowner(nfs4_get_stateowner(so)); 386 } 387 return NULL; 388 } 389 390 static struct nfs4_openowner * 391 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 392 struct nfs4_client *clp) 393 { 394 struct nfs4_openowner *oo; 395 396 spin_lock(&clp->cl_lock); 397 oo = find_openstateowner_str_locked(hashval, open, clp); 398 spin_unlock(&clp->cl_lock); 399 return oo; 400 } 401 402 static inline u32 403 opaque_hashval(const void *ptr, int nbytes) 404 { 405 unsigned char *cptr = (unsigned char *) ptr; 406 407 u32 x = 0; 408 while (nbytes--) { 409 x *= 37; 410 x += *cptr++; 411 } 412 return x; 413 } 414 415 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 416 { 417 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 418 419 kmem_cache_free(file_slab, fp); 420 } 421 422 void 423 put_nfs4_file(struct nfs4_file *fi) 424 { 425 might_lock(&state_lock); 426 427 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 428 hlist_del_rcu(&fi->fi_hash); 429 spin_unlock(&state_lock); 430 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 431 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 432 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 433 } 434 } 435 436 static struct nfsd_file * 437 __nfs4_get_fd(struct nfs4_file *f, int oflag) 438 { 439 if (f->fi_fds[oflag]) 440 return nfsd_file_get(f->fi_fds[oflag]); 441 return NULL; 442 } 443 444 static struct nfsd_file * 445 find_writeable_file_locked(struct nfs4_file *f) 446 { 447 struct nfsd_file *ret; 448 449 lockdep_assert_held(&f->fi_lock); 450 451 ret = __nfs4_get_fd(f, O_WRONLY); 452 if (!ret) 453 ret = __nfs4_get_fd(f, O_RDWR); 454 return ret; 455 } 456 457 static struct nfsd_file * 458 find_writeable_file(struct nfs4_file *f) 459 { 460 struct nfsd_file *ret; 461 462 spin_lock(&f->fi_lock); 463 ret = find_writeable_file_locked(f); 464 spin_unlock(&f->fi_lock); 465 466 return ret; 467 } 468 469 static struct nfsd_file * 470 find_readable_file_locked(struct nfs4_file *f) 471 { 472 struct nfsd_file *ret; 473 474 lockdep_assert_held(&f->fi_lock); 475 476 ret = __nfs4_get_fd(f, O_RDONLY); 477 if (!ret) 478 ret = __nfs4_get_fd(f, O_RDWR); 479 return ret; 480 } 481 482 static struct nfsd_file * 483 find_readable_file(struct nfs4_file *f) 484 { 485 struct nfsd_file *ret; 486 487 spin_lock(&f->fi_lock); 488 ret = find_readable_file_locked(f); 489 spin_unlock(&f->fi_lock); 490 491 return ret; 492 } 493 494 struct nfsd_file * 495 find_any_file(struct nfs4_file *f) 496 { 497 struct nfsd_file *ret; 498 499 if (!f) 500 return NULL; 501 spin_lock(&f->fi_lock); 502 ret = __nfs4_get_fd(f, O_RDWR); 503 if (!ret) { 504 ret = __nfs4_get_fd(f, O_WRONLY); 505 if (!ret) 506 ret = __nfs4_get_fd(f, O_RDONLY); 507 } 508 spin_unlock(&f->fi_lock); 509 return ret; 510 } 511 512 static atomic_long_t num_delegations; 513 unsigned long max_delegations; 514 515 /* 516 * Open owner state (share locks) 517 */ 518 519 /* hash tables for lock and open owners */ 520 #define OWNER_HASH_BITS 8 521 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 522 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 523 524 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 525 { 526 unsigned int ret; 527 528 ret = opaque_hashval(ownername->data, ownername->len); 529 return ret & OWNER_HASH_MASK; 530 } 531 532 /* hash table for nfs4_file */ 533 #define FILE_HASH_BITS 8 534 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 535 536 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 537 { 538 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 539 } 540 541 static unsigned int file_hashval(struct knfsd_fh *fh) 542 { 543 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 544 } 545 546 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 547 548 static void 549 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 550 { 551 lockdep_assert_held(&fp->fi_lock); 552 553 if (access & NFS4_SHARE_ACCESS_WRITE) 554 atomic_inc(&fp->fi_access[O_WRONLY]); 555 if (access & NFS4_SHARE_ACCESS_READ) 556 atomic_inc(&fp->fi_access[O_RDONLY]); 557 } 558 559 static __be32 560 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 561 { 562 lockdep_assert_held(&fp->fi_lock); 563 564 /* Does this access mode make sense? */ 565 if (access & ~NFS4_SHARE_ACCESS_BOTH) 566 return nfserr_inval; 567 568 /* Does it conflict with a deny mode already set? */ 569 if ((access & fp->fi_share_deny) != 0) 570 return nfserr_share_denied; 571 572 __nfs4_file_get_access(fp, access); 573 return nfs_ok; 574 } 575 576 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 577 { 578 /* Common case is that there is no deny mode. */ 579 if (deny) { 580 /* Does this deny mode make sense? */ 581 if (deny & ~NFS4_SHARE_DENY_BOTH) 582 return nfserr_inval; 583 584 if ((deny & NFS4_SHARE_DENY_READ) && 585 atomic_read(&fp->fi_access[O_RDONLY])) 586 return nfserr_share_denied; 587 588 if ((deny & NFS4_SHARE_DENY_WRITE) && 589 atomic_read(&fp->fi_access[O_WRONLY])) 590 return nfserr_share_denied; 591 } 592 return nfs_ok; 593 } 594 595 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 596 { 597 might_lock(&fp->fi_lock); 598 599 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 600 struct nfsd_file *f1 = NULL; 601 struct nfsd_file *f2 = NULL; 602 603 swap(f1, fp->fi_fds[oflag]); 604 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 605 swap(f2, fp->fi_fds[O_RDWR]); 606 spin_unlock(&fp->fi_lock); 607 if (f1) 608 nfsd_file_put(f1); 609 if (f2) 610 nfsd_file_put(f2); 611 } 612 } 613 614 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 615 { 616 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 617 618 if (access & NFS4_SHARE_ACCESS_WRITE) 619 __nfs4_file_put_access(fp, O_WRONLY); 620 if (access & NFS4_SHARE_ACCESS_READ) 621 __nfs4_file_put_access(fp, O_RDONLY); 622 } 623 624 /* 625 * Allocate a new open/delegation state counter. This is needed for 626 * pNFS for proper return on close semantics. 627 * 628 * Note that we only allocate it for pNFS-enabled exports, otherwise 629 * all pointers to struct nfs4_clnt_odstate are always NULL. 630 */ 631 static struct nfs4_clnt_odstate * 632 alloc_clnt_odstate(struct nfs4_client *clp) 633 { 634 struct nfs4_clnt_odstate *co; 635 636 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 637 if (co) { 638 co->co_client = clp; 639 refcount_set(&co->co_odcount, 1); 640 } 641 return co; 642 } 643 644 static void 645 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 646 { 647 struct nfs4_file *fp = co->co_file; 648 649 lockdep_assert_held(&fp->fi_lock); 650 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 651 } 652 653 static inline void 654 get_clnt_odstate(struct nfs4_clnt_odstate *co) 655 { 656 if (co) 657 refcount_inc(&co->co_odcount); 658 } 659 660 static void 661 put_clnt_odstate(struct nfs4_clnt_odstate *co) 662 { 663 struct nfs4_file *fp; 664 665 if (!co) 666 return; 667 668 fp = co->co_file; 669 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 670 list_del(&co->co_perfile); 671 spin_unlock(&fp->fi_lock); 672 673 nfsd4_return_all_file_layouts(co->co_client, fp); 674 kmem_cache_free(odstate_slab, co); 675 } 676 } 677 678 static struct nfs4_clnt_odstate * 679 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 680 { 681 struct nfs4_clnt_odstate *co; 682 struct nfs4_client *cl; 683 684 if (!new) 685 return NULL; 686 687 cl = new->co_client; 688 689 spin_lock(&fp->fi_lock); 690 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 691 if (co->co_client == cl) { 692 get_clnt_odstate(co); 693 goto out; 694 } 695 } 696 co = new; 697 co->co_file = fp; 698 hash_clnt_odstate_locked(new); 699 out: 700 spin_unlock(&fp->fi_lock); 701 return co; 702 } 703 704 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 705 void (*sc_free)(struct nfs4_stid *)) 706 { 707 struct nfs4_stid *stid; 708 int new_id; 709 710 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 711 if (!stid) 712 return NULL; 713 714 idr_preload(GFP_KERNEL); 715 spin_lock(&cl->cl_lock); 716 /* Reserving 0 for start of file in nfsdfs "states" file: */ 717 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 1, 0, GFP_NOWAIT); 718 spin_unlock(&cl->cl_lock); 719 idr_preload_end(); 720 if (new_id < 0) 721 goto out_free; 722 723 stid->sc_free = sc_free; 724 stid->sc_client = cl; 725 stid->sc_stateid.si_opaque.so_id = new_id; 726 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 727 /* Will be incremented before return to client: */ 728 refcount_set(&stid->sc_count, 1); 729 spin_lock_init(&stid->sc_lock); 730 INIT_LIST_HEAD(&stid->sc_cp_list); 731 732 /* 733 * It shouldn't be a problem to reuse an opaque stateid value. 734 * I don't think it is for 4.1. But with 4.0 I worry that, for 735 * example, a stray write retransmission could be accepted by 736 * the server when it should have been rejected. Therefore, 737 * adopt a trick from the sctp code to attempt to maximize the 738 * amount of time until an id is reused, by ensuring they always 739 * "increase" (mod INT_MAX): 740 */ 741 return stid; 742 out_free: 743 kmem_cache_free(slab, stid); 744 return NULL; 745 } 746 747 /* 748 * Create a unique stateid_t to represent each COPY. 749 */ 750 static int nfs4_init_cp_state(struct nfsd_net *nn, copy_stateid_t *stid, 751 unsigned char sc_type) 752 { 753 int new_id; 754 755 stid->stid.si_opaque.so_clid.cl_boot = (u32)nn->boot_time; 756 stid->stid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id; 757 stid->sc_type = sc_type; 758 759 idr_preload(GFP_KERNEL); 760 spin_lock(&nn->s2s_cp_lock); 761 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, stid, 0, 0, GFP_NOWAIT); 762 stid->stid.si_opaque.so_id = new_id; 763 spin_unlock(&nn->s2s_cp_lock); 764 idr_preload_end(); 765 if (new_id < 0) 766 return 0; 767 return 1; 768 } 769 770 int nfs4_init_copy_state(struct nfsd_net *nn, struct nfsd4_copy *copy) 771 { 772 return nfs4_init_cp_state(nn, ©->cp_stateid, NFS4_COPY_STID); 773 } 774 775 struct nfs4_cpntf_state *nfs4_alloc_init_cpntf_state(struct nfsd_net *nn, 776 struct nfs4_stid *p_stid) 777 { 778 struct nfs4_cpntf_state *cps; 779 780 cps = kzalloc(sizeof(struct nfs4_cpntf_state), GFP_KERNEL); 781 if (!cps) 782 return NULL; 783 cps->cpntf_time = ktime_get_boottime_seconds(); 784 refcount_set(&cps->cp_stateid.sc_count, 1); 785 if (!nfs4_init_cp_state(nn, &cps->cp_stateid, NFS4_COPYNOTIFY_STID)) 786 goto out_free; 787 spin_lock(&nn->s2s_cp_lock); 788 list_add(&cps->cp_list, &p_stid->sc_cp_list); 789 spin_unlock(&nn->s2s_cp_lock); 790 return cps; 791 out_free: 792 kfree(cps); 793 return NULL; 794 } 795 796 void nfs4_free_copy_state(struct nfsd4_copy *copy) 797 { 798 struct nfsd_net *nn; 799 800 WARN_ON_ONCE(copy->cp_stateid.sc_type != NFS4_COPY_STID); 801 nn = net_generic(copy->cp_clp->net, nfsd_net_id); 802 spin_lock(&nn->s2s_cp_lock); 803 idr_remove(&nn->s2s_cp_stateids, 804 copy->cp_stateid.stid.si_opaque.so_id); 805 spin_unlock(&nn->s2s_cp_lock); 806 } 807 808 static void nfs4_free_cpntf_statelist(struct net *net, struct nfs4_stid *stid) 809 { 810 struct nfs4_cpntf_state *cps; 811 struct nfsd_net *nn; 812 813 nn = net_generic(net, nfsd_net_id); 814 spin_lock(&nn->s2s_cp_lock); 815 while (!list_empty(&stid->sc_cp_list)) { 816 cps = list_first_entry(&stid->sc_cp_list, 817 struct nfs4_cpntf_state, cp_list); 818 _free_cpntf_state_locked(nn, cps); 819 } 820 spin_unlock(&nn->s2s_cp_lock); 821 } 822 823 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 824 { 825 struct nfs4_stid *stid; 826 827 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 828 if (!stid) 829 return NULL; 830 831 return openlockstateid(stid); 832 } 833 834 static void nfs4_free_deleg(struct nfs4_stid *stid) 835 { 836 kmem_cache_free(deleg_slab, stid); 837 atomic_long_dec(&num_delegations); 838 } 839 840 /* 841 * When we recall a delegation, we should be careful not to hand it 842 * out again straight away. 843 * To ensure this we keep a pair of bloom filters ('new' and 'old') 844 * in which the filehandles of recalled delegations are "stored". 845 * If a filehandle appear in either filter, a delegation is blocked. 846 * When a delegation is recalled, the filehandle is stored in the "new" 847 * filter. 848 * Every 30 seconds we swap the filters and clear the "new" one, 849 * unless both are empty of course. 850 * 851 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 852 * low 3 bytes as hash-table indices. 853 * 854 * 'blocked_delegations_lock', which is always taken in block_delegations(), 855 * is used to manage concurrent access. Testing does not need the lock 856 * except when swapping the two filters. 857 */ 858 static DEFINE_SPINLOCK(blocked_delegations_lock); 859 static struct bloom_pair { 860 int entries, old_entries; 861 time64_t swap_time; 862 int new; /* index into 'set' */ 863 DECLARE_BITMAP(set[2], 256); 864 } blocked_delegations; 865 866 static int delegation_blocked(struct knfsd_fh *fh) 867 { 868 u32 hash; 869 struct bloom_pair *bd = &blocked_delegations; 870 871 if (bd->entries == 0) 872 return 0; 873 if (ktime_get_seconds() - bd->swap_time > 30) { 874 spin_lock(&blocked_delegations_lock); 875 if (ktime_get_seconds() - bd->swap_time > 30) { 876 bd->entries -= bd->old_entries; 877 bd->old_entries = bd->entries; 878 memset(bd->set[bd->new], 0, 879 sizeof(bd->set[0])); 880 bd->new = 1-bd->new; 881 bd->swap_time = ktime_get_seconds(); 882 } 883 spin_unlock(&blocked_delegations_lock); 884 } 885 hash = jhash(&fh->fh_base, fh->fh_size, 0); 886 if (test_bit(hash&255, bd->set[0]) && 887 test_bit((hash>>8)&255, bd->set[0]) && 888 test_bit((hash>>16)&255, bd->set[0])) 889 return 1; 890 891 if (test_bit(hash&255, bd->set[1]) && 892 test_bit((hash>>8)&255, bd->set[1]) && 893 test_bit((hash>>16)&255, bd->set[1])) 894 return 1; 895 896 return 0; 897 } 898 899 static void block_delegations(struct knfsd_fh *fh) 900 { 901 u32 hash; 902 struct bloom_pair *bd = &blocked_delegations; 903 904 hash = jhash(&fh->fh_base, fh->fh_size, 0); 905 906 spin_lock(&blocked_delegations_lock); 907 __set_bit(hash&255, bd->set[bd->new]); 908 __set_bit((hash>>8)&255, bd->set[bd->new]); 909 __set_bit((hash>>16)&255, bd->set[bd->new]); 910 if (bd->entries == 0) 911 bd->swap_time = ktime_get_seconds(); 912 bd->entries += 1; 913 spin_unlock(&blocked_delegations_lock); 914 } 915 916 static struct nfs4_delegation * 917 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 918 struct svc_fh *current_fh, 919 struct nfs4_clnt_odstate *odstate) 920 { 921 struct nfs4_delegation *dp; 922 long n; 923 924 dprintk("NFSD alloc_init_deleg\n"); 925 n = atomic_long_inc_return(&num_delegations); 926 if (n < 0 || n > max_delegations) 927 goto out_dec; 928 if (delegation_blocked(¤t_fh->fh_handle)) 929 goto out_dec; 930 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 931 if (dp == NULL) 932 goto out_dec; 933 934 /* 935 * delegation seqid's are never incremented. The 4.1 special 936 * meaning of seqid 0 isn't meaningful, really, but let's avoid 937 * 0 anyway just for consistency and use 1: 938 */ 939 dp->dl_stid.sc_stateid.si_generation = 1; 940 INIT_LIST_HEAD(&dp->dl_perfile); 941 INIT_LIST_HEAD(&dp->dl_perclnt); 942 INIT_LIST_HEAD(&dp->dl_recall_lru); 943 dp->dl_clnt_odstate = odstate; 944 get_clnt_odstate(odstate); 945 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 946 dp->dl_retries = 1; 947 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 948 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 949 get_nfs4_file(fp); 950 dp->dl_stid.sc_file = fp; 951 return dp; 952 out_dec: 953 atomic_long_dec(&num_delegations); 954 return NULL; 955 } 956 957 void 958 nfs4_put_stid(struct nfs4_stid *s) 959 { 960 struct nfs4_file *fp = s->sc_file; 961 struct nfs4_client *clp = s->sc_client; 962 963 might_lock(&clp->cl_lock); 964 965 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 966 wake_up_all(&close_wq); 967 return; 968 } 969 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 970 nfs4_free_cpntf_statelist(clp->net, s); 971 spin_unlock(&clp->cl_lock); 972 s->sc_free(s); 973 if (fp) 974 put_nfs4_file(fp); 975 } 976 977 void 978 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 979 { 980 stateid_t *src = &stid->sc_stateid; 981 982 spin_lock(&stid->sc_lock); 983 if (unlikely(++src->si_generation == 0)) 984 src->si_generation = 1; 985 memcpy(dst, src, sizeof(*dst)); 986 spin_unlock(&stid->sc_lock); 987 } 988 989 static void put_deleg_file(struct nfs4_file *fp) 990 { 991 struct nfsd_file *nf = NULL; 992 993 spin_lock(&fp->fi_lock); 994 if (--fp->fi_delegees == 0) 995 swap(nf, fp->fi_deleg_file); 996 spin_unlock(&fp->fi_lock); 997 998 if (nf) 999 nfsd_file_put(nf); 1000 } 1001 1002 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 1003 { 1004 struct nfs4_file *fp = dp->dl_stid.sc_file; 1005 struct nfsd_file *nf = fp->fi_deleg_file; 1006 1007 WARN_ON_ONCE(!fp->fi_delegees); 1008 1009 vfs_setlease(nf->nf_file, F_UNLCK, NULL, (void **)&dp); 1010 put_deleg_file(fp); 1011 } 1012 1013 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 1014 { 1015 put_clnt_odstate(dp->dl_clnt_odstate); 1016 nfs4_unlock_deleg_lease(dp); 1017 nfs4_put_stid(&dp->dl_stid); 1018 } 1019 1020 void nfs4_unhash_stid(struct nfs4_stid *s) 1021 { 1022 s->sc_type = 0; 1023 } 1024 1025 /** 1026 * nfs4_delegation_exists - Discover if this delegation already exists 1027 * @clp: a pointer to the nfs4_client we're granting a delegation to 1028 * @fp: a pointer to the nfs4_file we're granting a delegation on 1029 * 1030 * Return: 1031 * On success: true iff an existing delegation is found 1032 */ 1033 1034 static bool 1035 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 1036 { 1037 struct nfs4_delegation *searchdp = NULL; 1038 struct nfs4_client *searchclp = NULL; 1039 1040 lockdep_assert_held(&state_lock); 1041 lockdep_assert_held(&fp->fi_lock); 1042 1043 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 1044 searchclp = searchdp->dl_stid.sc_client; 1045 if (clp == searchclp) { 1046 return true; 1047 } 1048 } 1049 return false; 1050 } 1051 1052 /** 1053 * hash_delegation_locked - Add a delegation to the appropriate lists 1054 * @dp: a pointer to the nfs4_delegation we are adding. 1055 * @fp: a pointer to the nfs4_file we're granting a delegation on 1056 * 1057 * Return: 1058 * On success: NULL if the delegation was successfully hashed. 1059 * 1060 * On error: -EAGAIN if one was previously granted to this 1061 * nfs4_client for this nfs4_file. Delegation is not hashed. 1062 * 1063 */ 1064 1065 static int 1066 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 1067 { 1068 struct nfs4_client *clp = dp->dl_stid.sc_client; 1069 1070 lockdep_assert_held(&state_lock); 1071 lockdep_assert_held(&fp->fi_lock); 1072 1073 if (nfs4_delegation_exists(clp, fp)) 1074 return -EAGAIN; 1075 refcount_inc(&dp->dl_stid.sc_count); 1076 dp->dl_stid.sc_type = NFS4_DELEG_STID; 1077 list_add(&dp->dl_perfile, &fp->fi_delegations); 1078 list_add(&dp->dl_perclnt, &clp->cl_delegations); 1079 return 0; 1080 } 1081 1082 static bool 1083 unhash_delegation_locked(struct nfs4_delegation *dp) 1084 { 1085 struct nfs4_file *fp = dp->dl_stid.sc_file; 1086 1087 lockdep_assert_held(&state_lock); 1088 1089 if (list_empty(&dp->dl_perfile)) 1090 return false; 1091 1092 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 1093 /* Ensure that deleg break won't try to requeue it */ 1094 ++dp->dl_time; 1095 spin_lock(&fp->fi_lock); 1096 list_del_init(&dp->dl_perclnt); 1097 list_del_init(&dp->dl_recall_lru); 1098 list_del_init(&dp->dl_perfile); 1099 spin_unlock(&fp->fi_lock); 1100 return true; 1101 } 1102 1103 static void destroy_delegation(struct nfs4_delegation *dp) 1104 { 1105 bool unhashed; 1106 1107 spin_lock(&state_lock); 1108 unhashed = unhash_delegation_locked(dp); 1109 spin_unlock(&state_lock); 1110 if (unhashed) 1111 destroy_unhashed_deleg(dp); 1112 } 1113 1114 static void revoke_delegation(struct nfs4_delegation *dp) 1115 { 1116 struct nfs4_client *clp = dp->dl_stid.sc_client; 1117 1118 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1119 1120 if (clp->cl_minorversion) { 1121 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 1122 refcount_inc(&dp->dl_stid.sc_count); 1123 spin_lock(&clp->cl_lock); 1124 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1125 spin_unlock(&clp->cl_lock); 1126 } 1127 destroy_unhashed_deleg(dp); 1128 } 1129 1130 /* 1131 * SETCLIENTID state 1132 */ 1133 1134 static unsigned int clientid_hashval(u32 id) 1135 { 1136 return id & CLIENT_HASH_MASK; 1137 } 1138 1139 static unsigned int clientstr_hashval(struct xdr_netobj name) 1140 { 1141 return opaque_hashval(name.data, 8) & CLIENT_HASH_MASK; 1142 } 1143 1144 /* 1145 * We store the NONE, READ, WRITE, and BOTH bits separately in the 1146 * st_{access,deny}_bmap field of the stateid, in order to track not 1147 * only what share bits are currently in force, but also what 1148 * combinations of share bits previous opens have used. This allows us 1149 * to enforce the recommendation of rfc 3530 14.2.19 that the server 1150 * return an error if the client attempt to downgrade to a combination 1151 * of share bits not explicable by closing some of its previous opens. 1152 * 1153 * XXX: This enforcement is actually incomplete, since we don't keep 1154 * track of access/deny bit combinations; so, e.g., we allow: 1155 * 1156 * OPEN allow read, deny write 1157 * OPEN allow both, deny none 1158 * DOWNGRADE allow read, deny none 1159 * 1160 * which we should reject. 1161 */ 1162 static unsigned int 1163 bmap_to_share_mode(unsigned long bmap) { 1164 int i; 1165 unsigned int access = 0; 1166 1167 for (i = 1; i < 4; i++) { 1168 if (test_bit(i, &bmap)) 1169 access |= i; 1170 } 1171 return access; 1172 } 1173 1174 /* set share access for a given stateid */ 1175 static inline void 1176 set_access(u32 access, struct nfs4_ol_stateid *stp) 1177 { 1178 unsigned char mask = 1 << access; 1179 1180 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1181 stp->st_access_bmap |= mask; 1182 } 1183 1184 /* clear share access for a given stateid */ 1185 static inline void 1186 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1187 { 1188 unsigned char mask = 1 << access; 1189 1190 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1191 stp->st_access_bmap &= ~mask; 1192 } 1193 1194 /* test whether a given stateid has access */ 1195 static inline bool 1196 test_access(u32 access, struct nfs4_ol_stateid *stp) 1197 { 1198 unsigned char mask = 1 << access; 1199 1200 return (bool)(stp->st_access_bmap & mask); 1201 } 1202 1203 /* set share deny for a given stateid */ 1204 static inline void 1205 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1206 { 1207 unsigned char mask = 1 << deny; 1208 1209 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1210 stp->st_deny_bmap |= mask; 1211 } 1212 1213 /* clear share deny for a given stateid */ 1214 static inline void 1215 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1216 { 1217 unsigned char mask = 1 << deny; 1218 1219 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1220 stp->st_deny_bmap &= ~mask; 1221 } 1222 1223 /* test whether a given stateid is denying specific access */ 1224 static inline bool 1225 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1226 { 1227 unsigned char mask = 1 << deny; 1228 1229 return (bool)(stp->st_deny_bmap & mask); 1230 } 1231 1232 static int nfs4_access_to_omode(u32 access) 1233 { 1234 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1235 case NFS4_SHARE_ACCESS_READ: 1236 return O_RDONLY; 1237 case NFS4_SHARE_ACCESS_WRITE: 1238 return O_WRONLY; 1239 case NFS4_SHARE_ACCESS_BOTH: 1240 return O_RDWR; 1241 } 1242 WARN_ON_ONCE(1); 1243 return O_RDONLY; 1244 } 1245 1246 /* 1247 * A stateid that had a deny mode associated with it is being released 1248 * or downgraded. Recalculate the deny mode on the file. 1249 */ 1250 static void 1251 recalculate_deny_mode(struct nfs4_file *fp) 1252 { 1253 struct nfs4_ol_stateid *stp; 1254 1255 spin_lock(&fp->fi_lock); 1256 fp->fi_share_deny = 0; 1257 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1258 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1259 spin_unlock(&fp->fi_lock); 1260 } 1261 1262 static void 1263 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1264 { 1265 int i; 1266 bool change = false; 1267 1268 for (i = 1; i < 4; i++) { 1269 if ((i & deny) != i) { 1270 change = true; 1271 clear_deny(i, stp); 1272 } 1273 } 1274 1275 /* Recalculate per-file deny mode if there was a change */ 1276 if (change) 1277 recalculate_deny_mode(stp->st_stid.sc_file); 1278 } 1279 1280 /* release all access and file references for a given stateid */ 1281 static void 1282 release_all_access(struct nfs4_ol_stateid *stp) 1283 { 1284 int i; 1285 struct nfs4_file *fp = stp->st_stid.sc_file; 1286 1287 if (fp && stp->st_deny_bmap != 0) 1288 recalculate_deny_mode(fp); 1289 1290 for (i = 1; i < 4; i++) { 1291 if (test_access(i, stp)) 1292 nfs4_file_put_access(stp->st_stid.sc_file, i); 1293 clear_access(i, stp); 1294 } 1295 } 1296 1297 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1298 { 1299 kfree(sop->so_owner.data); 1300 sop->so_ops->so_free(sop); 1301 } 1302 1303 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1304 { 1305 struct nfs4_client *clp = sop->so_client; 1306 1307 might_lock(&clp->cl_lock); 1308 1309 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1310 return; 1311 sop->so_ops->so_unhash(sop); 1312 spin_unlock(&clp->cl_lock); 1313 nfs4_free_stateowner(sop); 1314 } 1315 1316 static bool 1317 nfs4_ol_stateid_unhashed(const struct nfs4_ol_stateid *stp) 1318 { 1319 return list_empty(&stp->st_perfile); 1320 } 1321 1322 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1323 { 1324 struct nfs4_file *fp = stp->st_stid.sc_file; 1325 1326 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1327 1328 if (list_empty(&stp->st_perfile)) 1329 return false; 1330 1331 spin_lock(&fp->fi_lock); 1332 list_del_init(&stp->st_perfile); 1333 spin_unlock(&fp->fi_lock); 1334 list_del(&stp->st_perstateowner); 1335 return true; 1336 } 1337 1338 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1339 { 1340 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1341 1342 put_clnt_odstate(stp->st_clnt_odstate); 1343 release_all_access(stp); 1344 if (stp->st_stateowner) 1345 nfs4_put_stateowner(stp->st_stateowner); 1346 kmem_cache_free(stateid_slab, stid); 1347 } 1348 1349 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1350 { 1351 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1352 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1353 struct nfsd_file *nf; 1354 1355 nf = find_any_file(stp->st_stid.sc_file); 1356 if (nf) { 1357 get_file(nf->nf_file); 1358 filp_close(nf->nf_file, (fl_owner_t)lo); 1359 nfsd_file_put(nf); 1360 } 1361 nfs4_free_ol_stateid(stid); 1362 } 1363 1364 /* 1365 * Put the persistent reference to an already unhashed generic stateid, while 1366 * holding the cl_lock. If it's the last reference, then put it onto the 1367 * reaplist for later destruction. 1368 */ 1369 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1370 struct list_head *reaplist) 1371 { 1372 struct nfs4_stid *s = &stp->st_stid; 1373 struct nfs4_client *clp = s->sc_client; 1374 1375 lockdep_assert_held(&clp->cl_lock); 1376 1377 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1378 1379 if (!refcount_dec_and_test(&s->sc_count)) { 1380 wake_up_all(&close_wq); 1381 return; 1382 } 1383 1384 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1385 list_add(&stp->st_locks, reaplist); 1386 } 1387 1388 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1389 { 1390 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1391 1392 if (!unhash_ol_stateid(stp)) 1393 return false; 1394 list_del_init(&stp->st_locks); 1395 nfs4_unhash_stid(&stp->st_stid); 1396 return true; 1397 } 1398 1399 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1400 { 1401 struct nfs4_client *clp = stp->st_stid.sc_client; 1402 bool unhashed; 1403 1404 spin_lock(&clp->cl_lock); 1405 unhashed = unhash_lock_stateid(stp); 1406 spin_unlock(&clp->cl_lock); 1407 if (unhashed) 1408 nfs4_put_stid(&stp->st_stid); 1409 } 1410 1411 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1412 { 1413 struct nfs4_client *clp = lo->lo_owner.so_client; 1414 1415 lockdep_assert_held(&clp->cl_lock); 1416 1417 list_del_init(&lo->lo_owner.so_strhash); 1418 } 1419 1420 /* 1421 * Free a list of generic stateids that were collected earlier after being 1422 * fully unhashed. 1423 */ 1424 static void 1425 free_ol_stateid_reaplist(struct list_head *reaplist) 1426 { 1427 struct nfs4_ol_stateid *stp; 1428 struct nfs4_file *fp; 1429 1430 might_sleep(); 1431 1432 while (!list_empty(reaplist)) { 1433 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1434 st_locks); 1435 list_del(&stp->st_locks); 1436 fp = stp->st_stid.sc_file; 1437 stp->st_stid.sc_free(&stp->st_stid); 1438 if (fp) 1439 put_nfs4_file(fp); 1440 } 1441 } 1442 1443 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1444 struct list_head *reaplist) 1445 { 1446 struct nfs4_ol_stateid *stp; 1447 1448 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1449 1450 while (!list_empty(&open_stp->st_locks)) { 1451 stp = list_entry(open_stp->st_locks.next, 1452 struct nfs4_ol_stateid, st_locks); 1453 WARN_ON(!unhash_lock_stateid(stp)); 1454 put_ol_stateid_locked(stp, reaplist); 1455 } 1456 } 1457 1458 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1459 struct list_head *reaplist) 1460 { 1461 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1462 1463 if (!unhash_ol_stateid(stp)) 1464 return false; 1465 release_open_stateid_locks(stp, reaplist); 1466 return true; 1467 } 1468 1469 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1470 { 1471 LIST_HEAD(reaplist); 1472 1473 spin_lock(&stp->st_stid.sc_client->cl_lock); 1474 if (unhash_open_stateid(stp, &reaplist)) 1475 put_ol_stateid_locked(stp, &reaplist); 1476 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1477 free_ol_stateid_reaplist(&reaplist); 1478 } 1479 1480 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1481 { 1482 struct nfs4_client *clp = oo->oo_owner.so_client; 1483 1484 lockdep_assert_held(&clp->cl_lock); 1485 1486 list_del_init(&oo->oo_owner.so_strhash); 1487 list_del_init(&oo->oo_perclient); 1488 } 1489 1490 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1491 { 1492 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1493 nfsd_net_id); 1494 struct nfs4_ol_stateid *s; 1495 1496 spin_lock(&nn->client_lock); 1497 s = oo->oo_last_closed_stid; 1498 if (s) { 1499 list_del_init(&oo->oo_close_lru); 1500 oo->oo_last_closed_stid = NULL; 1501 } 1502 spin_unlock(&nn->client_lock); 1503 if (s) 1504 nfs4_put_stid(&s->st_stid); 1505 } 1506 1507 static void release_openowner(struct nfs4_openowner *oo) 1508 { 1509 struct nfs4_ol_stateid *stp; 1510 struct nfs4_client *clp = oo->oo_owner.so_client; 1511 struct list_head reaplist; 1512 1513 INIT_LIST_HEAD(&reaplist); 1514 1515 spin_lock(&clp->cl_lock); 1516 unhash_openowner_locked(oo); 1517 while (!list_empty(&oo->oo_owner.so_stateids)) { 1518 stp = list_first_entry(&oo->oo_owner.so_stateids, 1519 struct nfs4_ol_stateid, st_perstateowner); 1520 if (unhash_open_stateid(stp, &reaplist)) 1521 put_ol_stateid_locked(stp, &reaplist); 1522 } 1523 spin_unlock(&clp->cl_lock); 1524 free_ol_stateid_reaplist(&reaplist); 1525 release_last_closed_stateid(oo); 1526 nfs4_put_stateowner(&oo->oo_owner); 1527 } 1528 1529 static inline int 1530 hash_sessionid(struct nfs4_sessionid *sessionid) 1531 { 1532 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1533 1534 return sid->sequence % SESSION_HASH_SIZE; 1535 } 1536 1537 #ifdef CONFIG_SUNRPC_DEBUG 1538 static inline void 1539 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1540 { 1541 u32 *ptr = (u32 *)(&sessionid->data[0]); 1542 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1543 } 1544 #else 1545 static inline void 1546 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1547 { 1548 } 1549 #endif 1550 1551 /* 1552 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1553 * won't be used for replay. 1554 */ 1555 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1556 { 1557 struct nfs4_stateowner *so = cstate->replay_owner; 1558 1559 if (nfserr == nfserr_replay_me) 1560 return; 1561 1562 if (!seqid_mutating_err(ntohl(nfserr))) { 1563 nfsd4_cstate_clear_replay(cstate); 1564 return; 1565 } 1566 if (!so) 1567 return; 1568 if (so->so_is_open_owner) 1569 release_last_closed_stateid(openowner(so)); 1570 so->so_seqid++; 1571 return; 1572 } 1573 1574 static void 1575 gen_sessionid(struct nfsd4_session *ses) 1576 { 1577 struct nfs4_client *clp = ses->se_client; 1578 struct nfsd4_sessionid *sid; 1579 1580 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1581 sid->clientid = clp->cl_clientid; 1582 sid->sequence = current_sessionid++; 1583 sid->reserved = 0; 1584 } 1585 1586 /* 1587 * The protocol defines ca_maxresponssize_cached to include the size of 1588 * the rpc header, but all we need to cache is the data starting after 1589 * the end of the initial SEQUENCE operation--the rest we regenerate 1590 * each time. Therefore we can advertise a ca_maxresponssize_cached 1591 * value that is the number of bytes in our cache plus a few additional 1592 * bytes. In order to stay on the safe side, and not promise more than 1593 * we can cache, those additional bytes must be the minimum possible: 24 1594 * bytes of rpc header (xid through accept state, with AUTH_NULL 1595 * verifier), 12 for the compound header (with zero-length tag), and 44 1596 * for the SEQUENCE op response: 1597 */ 1598 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1599 1600 static void 1601 free_session_slots(struct nfsd4_session *ses) 1602 { 1603 int i; 1604 1605 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1606 free_svc_cred(&ses->se_slots[i]->sl_cred); 1607 kfree(ses->se_slots[i]); 1608 } 1609 } 1610 1611 /* 1612 * We don't actually need to cache the rpc and session headers, so we 1613 * can allocate a little less for each slot: 1614 */ 1615 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1616 { 1617 u32 size; 1618 1619 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1620 size = 0; 1621 else 1622 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1623 return size + sizeof(struct nfsd4_slot); 1624 } 1625 1626 /* 1627 * XXX: If we run out of reserved DRC memory we could (up to a point) 1628 * re-negotiate active sessions and reduce their slot usage to make 1629 * room for new connections. For now we just fail the create session. 1630 */ 1631 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 1632 { 1633 u32 slotsize = slot_bytes(ca); 1634 u32 num = ca->maxreqs; 1635 unsigned long avail, total_avail; 1636 unsigned int scale_factor; 1637 1638 spin_lock(&nfsd_drc_lock); 1639 if (nfsd_drc_max_mem > nfsd_drc_mem_used) 1640 total_avail = nfsd_drc_max_mem - nfsd_drc_mem_used; 1641 else 1642 /* We have handed out more space than we chose in 1643 * set_max_drc() to allow. That isn't really a 1644 * problem as long as that doesn't make us think we 1645 * have lots more due to integer overflow. 1646 */ 1647 total_avail = 0; 1648 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, total_avail); 1649 /* 1650 * Never use more than a fraction of the remaining memory, 1651 * unless it's the only way to give this client a slot. 1652 * The chosen fraction is either 1/8 or 1/number of threads, 1653 * whichever is smaller. This ensures there are adequate 1654 * slots to support multiple clients per thread. 1655 * Give the client one slot even if that would require 1656 * over-allocation--it is better than failure. 1657 */ 1658 scale_factor = max_t(unsigned int, 8, nn->nfsd_serv->sv_nrthreads); 1659 1660 avail = clamp_t(unsigned long, avail, slotsize, 1661 total_avail/scale_factor); 1662 num = min_t(int, num, avail / slotsize); 1663 num = max_t(int, num, 1); 1664 nfsd_drc_mem_used += num * slotsize; 1665 spin_unlock(&nfsd_drc_lock); 1666 1667 return num; 1668 } 1669 1670 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1671 { 1672 int slotsize = slot_bytes(ca); 1673 1674 spin_lock(&nfsd_drc_lock); 1675 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1676 spin_unlock(&nfsd_drc_lock); 1677 } 1678 1679 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1680 struct nfsd4_channel_attrs *battrs) 1681 { 1682 int numslots = fattrs->maxreqs; 1683 int slotsize = slot_bytes(fattrs); 1684 struct nfsd4_session *new; 1685 int mem, i; 1686 1687 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1688 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1689 mem = numslots * sizeof(struct nfsd4_slot *); 1690 1691 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1692 if (!new) 1693 return NULL; 1694 /* allocate each struct nfsd4_slot and data cache in one piece */ 1695 for (i = 0; i < numslots; i++) { 1696 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1697 if (!new->se_slots[i]) 1698 goto out_free; 1699 } 1700 1701 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1702 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1703 1704 return new; 1705 out_free: 1706 while (i--) 1707 kfree(new->se_slots[i]); 1708 kfree(new); 1709 return NULL; 1710 } 1711 1712 static void free_conn(struct nfsd4_conn *c) 1713 { 1714 svc_xprt_put(c->cn_xprt); 1715 kfree(c); 1716 } 1717 1718 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1719 { 1720 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1721 struct nfs4_client *clp = c->cn_session->se_client; 1722 1723 spin_lock(&clp->cl_lock); 1724 if (!list_empty(&c->cn_persession)) { 1725 list_del(&c->cn_persession); 1726 free_conn(c); 1727 } 1728 nfsd4_probe_callback(clp); 1729 spin_unlock(&clp->cl_lock); 1730 } 1731 1732 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1733 { 1734 struct nfsd4_conn *conn; 1735 1736 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1737 if (!conn) 1738 return NULL; 1739 svc_xprt_get(rqstp->rq_xprt); 1740 conn->cn_xprt = rqstp->rq_xprt; 1741 conn->cn_flags = flags; 1742 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1743 return conn; 1744 } 1745 1746 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1747 { 1748 conn->cn_session = ses; 1749 list_add(&conn->cn_persession, &ses->se_conns); 1750 } 1751 1752 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1753 { 1754 struct nfs4_client *clp = ses->se_client; 1755 1756 spin_lock(&clp->cl_lock); 1757 __nfsd4_hash_conn(conn, ses); 1758 spin_unlock(&clp->cl_lock); 1759 } 1760 1761 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1762 { 1763 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1764 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1765 } 1766 1767 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1768 { 1769 int ret; 1770 1771 nfsd4_hash_conn(conn, ses); 1772 ret = nfsd4_register_conn(conn); 1773 if (ret) 1774 /* oops; xprt is already down: */ 1775 nfsd4_conn_lost(&conn->cn_xpt_user); 1776 /* We may have gained or lost a callback channel: */ 1777 nfsd4_probe_callback_sync(ses->se_client); 1778 } 1779 1780 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1781 { 1782 u32 dir = NFS4_CDFC4_FORE; 1783 1784 if (cses->flags & SESSION4_BACK_CHAN) 1785 dir |= NFS4_CDFC4_BACK; 1786 return alloc_conn(rqstp, dir); 1787 } 1788 1789 /* must be called under client_lock */ 1790 static void nfsd4_del_conns(struct nfsd4_session *s) 1791 { 1792 struct nfs4_client *clp = s->se_client; 1793 struct nfsd4_conn *c; 1794 1795 spin_lock(&clp->cl_lock); 1796 while (!list_empty(&s->se_conns)) { 1797 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1798 list_del_init(&c->cn_persession); 1799 spin_unlock(&clp->cl_lock); 1800 1801 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1802 free_conn(c); 1803 1804 spin_lock(&clp->cl_lock); 1805 } 1806 spin_unlock(&clp->cl_lock); 1807 } 1808 1809 static void __free_session(struct nfsd4_session *ses) 1810 { 1811 free_session_slots(ses); 1812 kfree(ses); 1813 } 1814 1815 static void free_session(struct nfsd4_session *ses) 1816 { 1817 nfsd4_del_conns(ses); 1818 nfsd4_put_drc_mem(&ses->se_fchannel); 1819 __free_session(ses); 1820 } 1821 1822 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1823 { 1824 int idx; 1825 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1826 1827 new->se_client = clp; 1828 gen_sessionid(new); 1829 1830 INIT_LIST_HEAD(&new->se_conns); 1831 1832 new->se_cb_seq_nr = 1; 1833 new->se_flags = cses->flags; 1834 new->se_cb_prog = cses->callback_prog; 1835 new->se_cb_sec = cses->cb_sec; 1836 atomic_set(&new->se_ref, 0); 1837 idx = hash_sessionid(&new->se_sessionid); 1838 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1839 spin_lock(&clp->cl_lock); 1840 list_add(&new->se_perclnt, &clp->cl_sessions); 1841 spin_unlock(&clp->cl_lock); 1842 1843 { 1844 struct sockaddr *sa = svc_addr(rqstp); 1845 /* 1846 * This is a little silly; with sessions there's no real 1847 * use for the callback address. Use the peer address 1848 * as a reasonable default for now, but consider fixing 1849 * the rpc client not to require an address in the 1850 * future: 1851 */ 1852 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1853 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1854 } 1855 } 1856 1857 /* caller must hold client_lock */ 1858 static struct nfsd4_session * 1859 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1860 { 1861 struct nfsd4_session *elem; 1862 int idx; 1863 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1864 1865 lockdep_assert_held(&nn->client_lock); 1866 1867 dump_sessionid(__func__, sessionid); 1868 idx = hash_sessionid(sessionid); 1869 /* Search in the appropriate list */ 1870 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1871 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1872 NFS4_MAX_SESSIONID_LEN)) { 1873 return elem; 1874 } 1875 } 1876 1877 dprintk("%s: session not found\n", __func__); 1878 return NULL; 1879 } 1880 1881 static struct nfsd4_session * 1882 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1883 __be32 *ret) 1884 { 1885 struct nfsd4_session *session; 1886 __be32 status = nfserr_badsession; 1887 1888 session = __find_in_sessionid_hashtbl(sessionid, net); 1889 if (!session) 1890 goto out; 1891 status = nfsd4_get_session_locked(session); 1892 if (status) 1893 session = NULL; 1894 out: 1895 *ret = status; 1896 return session; 1897 } 1898 1899 /* caller must hold client_lock */ 1900 static void 1901 unhash_session(struct nfsd4_session *ses) 1902 { 1903 struct nfs4_client *clp = ses->se_client; 1904 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1905 1906 lockdep_assert_held(&nn->client_lock); 1907 1908 list_del(&ses->se_hash); 1909 spin_lock(&ses->se_client->cl_lock); 1910 list_del(&ses->se_perclnt); 1911 spin_unlock(&ses->se_client->cl_lock); 1912 } 1913 1914 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1915 static int 1916 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1917 { 1918 /* 1919 * We're assuming the clid was not given out from a boot 1920 * precisely 2^32 (about 136 years) before this one. That seems 1921 * a safe assumption: 1922 */ 1923 if (clid->cl_boot == (u32)nn->boot_time) 1924 return 0; 1925 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08llx\n", 1926 clid->cl_boot, clid->cl_id, nn->boot_time); 1927 return 1; 1928 } 1929 1930 /* 1931 * XXX Should we use a slab cache ? 1932 * This type of memory management is somewhat inefficient, but we use it 1933 * anyway since SETCLIENTID is not a common operation. 1934 */ 1935 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1936 { 1937 struct nfs4_client *clp; 1938 int i; 1939 1940 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 1941 if (clp == NULL) 1942 return NULL; 1943 xdr_netobj_dup(&clp->cl_name, &name, GFP_KERNEL); 1944 if (clp->cl_name.data == NULL) 1945 goto err_no_name; 1946 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE, 1947 sizeof(struct list_head), 1948 GFP_KERNEL); 1949 if (!clp->cl_ownerstr_hashtbl) 1950 goto err_no_hashtbl; 1951 for (i = 0; i < OWNER_HASH_SIZE; i++) 1952 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1953 INIT_LIST_HEAD(&clp->cl_sessions); 1954 idr_init(&clp->cl_stateids); 1955 atomic_set(&clp->cl_rpc_users, 0); 1956 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1957 INIT_LIST_HEAD(&clp->cl_idhash); 1958 INIT_LIST_HEAD(&clp->cl_openowners); 1959 INIT_LIST_HEAD(&clp->cl_delegations); 1960 INIT_LIST_HEAD(&clp->cl_lru); 1961 INIT_LIST_HEAD(&clp->cl_revoked); 1962 #ifdef CONFIG_NFSD_PNFS 1963 INIT_LIST_HEAD(&clp->cl_lo_states); 1964 #endif 1965 INIT_LIST_HEAD(&clp->async_copies); 1966 spin_lock_init(&clp->async_lock); 1967 spin_lock_init(&clp->cl_lock); 1968 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1969 return clp; 1970 err_no_hashtbl: 1971 kfree(clp->cl_name.data); 1972 err_no_name: 1973 kmem_cache_free(client_slab, clp); 1974 return NULL; 1975 } 1976 1977 static void __free_client(struct kref *k) 1978 { 1979 struct nfsdfs_client *c = container_of(k, struct nfsdfs_client, cl_ref); 1980 struct nfs4_client *clp = container_of(c, struct nfs4_client, cl_nfsdfs); 1981 1982 free_svc_cred(&clp->cl_cred); 1983 kfree(clp->cl_ownerstr_hashtbl); 1984 kfree(clp->cl_name.data); 1985 kfree(clp->cl_nii_domain.data); 1986 kfree(clp->cl_nii_name.data); 1987 idr_destroy(&clp->cl_stateids); 1988 kmem_cache_free(client_slab, clp); 1989 } 1990 1991 static void drop_client(struct nfs4_client *clp) 1992 { 1993 kref_put(&clp->cl_nfsdfs.cl_ref, __free_client); 1994 } 1995 1996 static void 1997 free_client(struct nfs4_client *clp) 1998 { 1999 while (!list_empty(&clp->cl_sessions)) { 2000 struct nfsd4_session *ses; 2001 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 2002 se_perclnt); 2003 list_del(&ses->se_perclnt); 2004 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 2005 free_session(ses); 2006 } 2007 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 2008 if (clp->cl_nfsd_dentry) { 2009 nfsd_client_rmdir(clp->cl_nfsd_dentry); 2010 clp->cl_nfsd_dentry = NULL; 2011 wake_up_all(&expiry_wq); 2012 } 2013 drop_client(clp); 2014 } 2015 2016 /* must be called under the client_lock */ 2017 static void 2018 unhash_client_locked(struct nfs4_client *clp) 2019 { 2020 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2021 struct nfsd4_session *ses; 2022 2023 lockdep_assert_held(&nn->client_lock); 2024 2025 /* Mark the client as expired! */ 2026 clp->cl_time = 0; 2027 /* Make it invisible */ 2028 if (!list_empty(&clp->cl_idhash)) { 2029 list_del_init(&clp->cl_idhash); 2030 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 2031 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 2032 else 2033 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2034 } 2035 list_del_init(&clp->cl_lru); 2036 spin_lock(&clp->cl_lock); 2037 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 2038 list_del_init(&ses->se_hash); 2039 spin_unlock(&clp->cl_lock); 2040 } 2041 2042 static void 2043 unhash_client(struct nfs4_client *clp) 2044 { 2045 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2046 2047 spin_lock(&nn->client_lock); 2048 unhash_client_locked(clp); 2049 spin_unlock(&nn->client_lock); 2050 } 2051 2052 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 2053 { 2054 if (atomic_read(&clp->cl_rpc_users)) 2055 return nfserr_jukebox; 2056 unhash_client_locked(clp); 2057 return nfs_ok; 2058 } 2059 2060 static void 2061 __destroy_client(struct nfs4_client *clp) 2062 { 2063 int i; 2064 struct nfs4_openowner *oo; 2065 struct nfs4_delegation *dp; 2066 struct list_head reaplist; 2067 2068 INIT_LIST_HEAD(&reaplist); 2069 spin_lock(&state_lock); 2070 while (!list_empty(&clp->cl_delegations)) { 2071 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 2072 WARN_ON(!unhash_delegation_locked(dp)); 2073 list_add(&dp->dl_recall_lru, &reaplist); 2074 } 2075 spin_unlock(&state_lock); 2076 while (!list_empty(&reaplist)) { 2077 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 2078 list_del_init(&dp->dl_recall_lru); 2079 destroy_unhashed_deleg(dp); 2080 } 2081 while (!list_empty(&clp->cl_revoked)) { 2082 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 2083 list_del_init(&dp->dl_recall_lru); 2084 nfs4_put_stid(&dp->dl_stid); 2085 } 2086 while (!list_empty(&clp->cl_openowners)) { 2087 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 2088 nfs4_get_stateowner(&oo->oo_owner); 2089 release_openowner(oo); 2090 } 2091 for (i = 0; i < OWNER_HASH_SIZE; i++) { 2092 struct nfs4_stateowner *so, *tmp; 2093 2094 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 2095 so_strhash) { 2096 /* Should be no openowners at this point */ 2097 WARN_ON_ONCE(so->so_is_open_owner); 2098 remove_blocked_locks(lockowner(so)); 2099 } 2100 } 2101 nfsd4_return_all_client_layouts(clp); 2102 nfsd4_shutdown_copy(clp); 2103 nfsd4_shutdown_callback(clp); 2104 if (clp->cl_cb_conn.cb_xprt) 2105 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 2106 free_client(clp); 2107 wake_up_all(&expiry_wq); 2108 } 2109 2110 static void 2111 destroy_client(struct nfs4_client *clp) 2112 { 2113 unhash_client(clp); 2114 __destroy_client(clp); 2115 } 2116 2117 static void inc_reclaim_complete(struct nfs4_client *clp) 2118 { 2119 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2120 2121 if (!nn->track_reclaim_completes) 2122 return; 2123 if (!nfsd4_find_reclaim_client(clp->cl_name, nn)) 2124 return; 2125 if (atomic_inc_return(&nn->nr_reclaim_complete) == 2126 nn->reclaim_str_hashtbl_size) { 2127 printk(KERN_INFO "NFSD: all clients done reclaiming, ending NFSv4 grace period (net %x)\n", 2128 clp->net->ns.inum); 2129 nfsd4_end_grace(nn); 2130 } 2131 } 2132 2133 static void expire_client(struct nfs4_client *clp) 2134 { 2135 unhash_client(clp); 2136 nfsd4_client_record_remove(clp); 2137 __destroy_client(clp); 2138 } 2139 2140 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 2141 { 2142 memcpy(target->cl_verifier.data, source->data, 2143 sizeof(target->cl_verifier.data)); 2144 } 2145 2146 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 2147 { 2148 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 2149 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 2150 } 2151 2152 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 2153 { 2154 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 2155 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 2156 GFP_KERNEL); 2157 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL); 2158 if ((source->cr_principal && !target->cr_principal) || 2159 (source->cr_raw_principal && !target->cr_raw_principal) || 2160 (source->cr_targ_princ && !target->cr_targ_princ)) 2161 return -ENOMEM; 2162 2163 target->cr_flavor = source->cr_flavor; 2164 target->cr_uid = source->cr_uid; 2165 target->cr_gid = source->cr_gid; 2166 target->cr_group_info = source->cr_group_info; 2167 get_group_info(target->cr_group_info); 2168 target->cr_gss_mech = source->cr_gss_mech; 2169 if (source->cr_gss_mech) 2170 gss_mech_get(source->cr_gss_mech); 2171 return 0; 2172 } 2173 2174 static int 2175 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 2176 { 2177 if (o1->len < o2->len) 2178 return -1; 2179 if (o1->len > o2->len) 2180 return 1; 2181 return memcmp(o1->data, o2->data, o1->len); 2182 } 2183 2184 static int 2185 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2186 { 2187 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2188 } 2189 2190 static int 2191 same_clid(clientid_t *cl1, clientid_t *cl2) 2192 { 2193 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2194 } 2195 2196 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2197 { 2198 int i; 2199 2200 if (g1->ngroups != g2->ngroups) 2201 return false; 2202 for (i=0; i<g1->ngroups; i++) 2203 if (!gid_eq(g1->gid[i], g2->gid[i])) 2204 return false; 2205 return true; 2206 } 2207 2208 /* 2209 * RFC 3530 language requires clid_inuse be returned when the 2210 * "principal" associated with a requests differs from that previously 2211 * used. We use uid, gid's, and gss principal string as our best 2212 * approximation. We also don't want to allow non-gss use of a client 2213 * established using gss: in theory cr_principal should catch that 2214 * change, but in practice cr_principal can be null even in the gss case 2215 * since gssd doesn't always pass down a principal string. 2216 */ 2217 static bool is_gss_cred(struct svc_cred *cr) 2218 { 2219 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2220 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2221 } 2222 2223 2224 static bool 2225 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2226 { 2227 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2228 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2229 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2230 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2231 return false; 2232 /* XXX: check that cr_targ_princ fields match ? */ 2233 if (cr1->cr_principal == cr2->cr_principal) 2234 return true; 2235 if (!cr1->cr_principal || !cr2->cr_principal) 2236 return false; 2237 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2238 } 2239 2240 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2241 { 2242 struct svc_cred *cr = &rqstp->rq_cred; 2243 u32 service; 2244 2245 if (!cr->cr_gss_mech) 2246 return false; 2247 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2248 return service == RPC_GSS_SVC_INTEGRITY || 2249 service == RPC_GSS_SVC_PRIVACY; 2250 } 2251 2252 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2253 { 2254 struct svc_cred *cr = &rqstp->rq_cred; 2255 2256 if (!cl->cl_mach_cred) 2257 return true; 2258 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2259 return false; 2260 if (!svc_rqst_integrity_protected(rqstp)) 2261 return false; 2262 if (cl->cl_cred.cr_raw_principal) 2263 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2264 cr->cr_raw_principal); 2265 if (!cr->cr_principal) 2266 return false; 2267 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2268 } 2269 2270 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2271 { 2272 __be32 verf[2]; 2273 2274 /* 2275 * This is opaque to client, so no need to byte-swap. Use 2276 * __force to keep sparse happy 2277 */ 2278 verf[0] = (__force __be32)(u32)ktime_get_real_seconds(); 2279 verf[1] = (__force __be32)nn->clverifier_counter++; 2280 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2281 } 2282 2283 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2284 { 2285 clp->cl_clientid.cl_boot = (u32)nn->boot_time; 2286 clp->cl_clientid.cl_id = nn->clientid_counter++; 2287 gen_confirm(clp, nn); 2288 } 2289 2290 static struct nfs4_stid * 2291 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2292 { 2293 struct nfs4_stid *ret; 2294 2295 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2296 if (!ret || !ret->sc_type) 2297 return NULL; 2298 return ret; 2299 } 2300 2301 static struct nfs4_stid * 2302 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2303 { 2304 struct nfs4_stid *s; 2305 2306 spin_lock(&cl->cl_lock); 2307 s = find_stateid_locked(cl, t); 2308 if (s != NULL) { 2309 if (typemask & s->sc_type) 2310 refcount_inc(&s->sc_count); 2311 else 2312 s = NULL; 2313 } 2314 spin_unlock(&cl->cl_lock); 2315 return s; 2316 } 2317 2318 static struct nfs4_client *get_nfsdfs_clp(struct inode *inode) 2319 { 2320 struct nfsdfs_client *nc; 2321 nc = get_nfsdfs_client(inode); 2322 if (!nc) 2323 return NULL; 2324 return container_of(nc, struct nfs4_client, cl_nfsdfs); 2325 } 2326 2327 static void seq_quote_mem(struct seq_file *m, char *data, int len) 2328 { 2329 seq_printf(m, "\""); 2330 seq_escape_mem_ascii(m, data, len); 2331 seq_printf(m, "\""); 2332 } 2333 2334 static int client_info_show(struct seq_file *m, void *v) 2335 { 2336 struct inode *inode = m->private; 2337 struct nfs4_client *clp; 2338 u64 clid; 2339 2340 clp = get_nfsdfs_clp(inode); 2341 if (!clp) 2342 return -ENXIO; 2343 memcpy(&clid, &clp->cl_clientid, sizeof(clid)); 2344 seq_printf(m, "clientid: 0x%llx\n", clid); 2345 seq_printf(m, "address: \"%pISpc\"\n", (struct sockaddr *)&clp->cl_addr); 2346 seq_printf(m, "name: "); 2347 seq_quote_mem(m, clp->cl_name.data, clp->cl_name.len); 2348 seq_printf(m, "\nminor version: %d\n", clp->cl_minorversion); 2349 if (clp->cl_nii_domain.data) { 2350 seq_printf(m, "Implementation domain: "); 2351 seq_quote_mem(m, clp->cl_nii_domain.data, 2352 clp->cl_nii_domain.len); 2353 seq_printf(m, "\nImplementation name: "); 2354 seq_quote_mem(m, clp->cl_nii_name.data, clp->cl_nii_name.len); 2355 seq_printf(m, "\nImplementation time: [%lld, %ld]\n", 2356 clp->cl_nii_time.tv_sec, clp->cl_nii_time.tv_nsec); 2357 } 2358 drop_client(clp); 2359 2360 return 0; 2361 } 2362 2363 static int client_info_open(struct inode *inode, struct file *file) 2364 { 2365 return single_open(file, client_info_show, inode); 2366 } 2367 2368 static const struct file_operations client_info_fops = { 2369 .open = client_info_open, 2370 .read = seq_read, 2371 .llseek = seq_lseek, 2372 .release = single_release, 2373 }; 2374 2375 static void *states_start(struct seq_file *s, loff_t *pos) 2376 __acquires(&clp->cl_lock) 2377 { 2378 struct nfs4_client *clp = s->private; 2379 unsigned long id = *pos; 2380 void *ret; 2381 2382 spin_lock(&clp->cl_lock); 2383 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2384 *pos = id; 2385 return ret; 2386 } 2387 2388 static void *states_next(struct seq_file *s, void *v, loff_t *pos) 2389 { 2390 struct nfs4_client *clp = s->private; 2391 unsigned long id = *pos; 2392 void *ret; 2393 2394 id = *pos; 2395 id++; 2396 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2397 *pos = id; 2398 return ret; 2399 } 2400 2401 static void states_stop(struct seq_file *s, void *v) 2402 __releases(&clp->cl_lock) 2403 { 2404 struct nfs4_client *clp = s->private; 2405 2406 spin_unlock(&clp->cl_lock); 2407 } 2408 2409 static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f) 2410 { 2411 struct inode *inode = f->nf_inode; 2412 2413 seq_printf(s, "superblock: \"%02x:%02x:%ld\"", 2414 MAJOR(inode->i_sb->s_dev), 2415 MINOR(inode->i_sb->s_dev), 2416 inode->i_ino); 2417 } 2418 2419 static void nfs4_show_owner(struct seq_file *s, struct nfs4_stateowner *oo) 2420 { 2421 seq_printf(s, "owner: "); 2422 seq_quote_mem(s, oo->so_owner.data, oo->so_owner.len); 2423 } 2424 2425 static int nfs4_show_open(struct seq_file *s, struct nfs4_stid *st) 2426 { 2427 struct nfs4_ol_stateid *ols; 2428 struct nfs4_file *nf; 2429 struct nfsd_file *file; 2430 struct nfs4_stateowner *oo; 2431 unsigned int access, deny; 2432 2433 if (st->sc_type != NFS4_OPEN_STID && st->sc_type != NFS4_LOCK_STID) 2434 return 0; /* XXX: or SEQ_SKIP? */ 2435 ols = openlockstateid(st); 2436 oo = ols->st_stateowner; 2437 nf = st->sc_file; 2438 file = find_any_file(nf); 2439 2440 seq_printf(s, "- 0x%16phN: { type: open, ", &st->sc_stateid); 2441 2442 access = bmap_to_share_mode(ols->st_access_bmap); 2443 deny = bmap_to_share_mode(ols->st_deny_bmap); 2444 2445 seq_printf(s, "access: %s%s, ", 2446 access & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2447 access & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2448 seq_printf(s, "deny: %s%s, ", 2449 deny & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2450 deny & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2451 2452 nfs4_show_superblock(s, file); 2453 seq_printf(s, ", "); 2454 nfs4_show_owner(s, oo); 2455 seq_printf(s, " }\n"); 2456 nfsd_file_put(file); 2457 2458 return 0; 2459 } 2460 2461 static int nfs4_show_lock(struct seq_file *s, struct nfs4_stid *st) 2462 { 2463 struct nfs4_ol_stateid *ols; 2464 struct nfs4_file *nf; 2465 struct nfsd_file *file; 2466 struct nfs4_stateowner *oo; 2467 2468 ols = openlockstateid(st); 2469 oo = ols->st_stateowner; 2470 nf = st->sc_file; 2471 file = find_any_file(nf); 2472 2473 seq_printf(s, "- 0x%16phN: { type: lock, ", &st->sc_stateid); 2474 2475 /* 2476 * Note: a lock stateid isn't really the same thing as a lock, 2477 * it's the locking state held by one owner on a file, and there 2478 * may be multiple (or no) lock ranges associated with it. 2479 * (Same for the matter is true of open stateids.) 2480 */ 2481 2482 nfs4_show_superblock(s, file); 2483 /* XXX: open stateid? */ 2484 seq_printf(s, ", "); 2485 nfs4_show_owner(s, oo); 2486 seq_printf(s, " }\n"); 2487 nfsd_file_put(file); 2488 2489 return 0; 2490 } 2491 2492 static int nfs4_show_deleg(struct seq_file *s, struct nfs4_stid *st) 2493 { 2494 struct nfs4_delegation *ds; 2495 struct nfs4_file *nf; 2496 struct nfsd_file *file; 2497 2498 ds = delegstateid(st); 2499 nf = st->sc_file; 2500 file = nf->fi_deleg_file; 2501 2502 seq_printf(s, "- 0x%16phN: { type: deleg, ", &st->sc_stateid); 2503 2504 /* Kinda dead code as long as we only support read delegs: */ 2505 seq_printf(s, "access: %s, ", 2506 ds->dl_type == NFS4_OPEN_DELEGATE_READ ? "r" : "w"); 2507 2508 /* XXX: lease time, whether it's being recalled. */ 2509 2510 nfs4_show_superblock(s, file); 2511 seq_printf(s, " }\n"); 2512 2513 return 0; 2514 } 2515 2516 static int nfs4_show_layout(struct seq_file *s, struct nfs4_stid *st) 2517 { 2518 struct nfs4_layout_stateid *ls; 2519 struct nfsd_file *file; 2520 2521 ls = container_of(st, struct nfs4_layout_stateid, ls_stid); 2522 file = ls->ls_file; 2523 2524 seq_printf(s, "- 0x%16phN: { type: layout, ", &st->sc_stateid); 2525 2526 /* XXX: What else would be useful? */ 2527 2528 nfs4_show_superblock(s, file); 2529 seq_printf(s, " }\n"); 2530 2531 return 0; 2532 } 2533 2534 static int states_show(struct seq_file *s, void *v) 2535 { 2536 struct nfs4_stid *st = v; 2537 2538 switch (st->sc_type) { 2539 case NFS4_OPEN_STID: 2540 return nfs4_show_open(s, st); 2541 case NFS4_LOCK_STID: 2542 return nfs4_show_lock(s, st); 2543 case NFS4_DELEG_STID: 2544 return nfs4_show_deleg(s, st); 2545 case NFS4_LAYOUT_STID: 2546 return nfs4_show_layout(s, st); 2547 default: 2548 return 0; /* XXX: or SEQ_SKIP? */ 2549 } 2550 /* XXX: copy stateids? */ 2551 } 2552 2553 static struct seq_operations states_seq_ops = { 2554 .start = states_start, 2555 .next = states_next, 2556 .stop = states_stop, 2557 .show = states_show 2558 }; 2559 2560 static int client_states_open(struct inode *inode, struct file *file) 2561 { 2562 struct seq_file *s; 2563 struct nfs4_client *clp; 2564 int ret; 2565 2566 clp = get_nfsdfs_clp(inode); 2567 if (!clp) 2568 return -ENXIO; 2569 2570 ret = seq_open(file, &states_seq_ops); 2571 if (ret) 2572 return ret; 2573 s = file->private_data; 2574 s->private = clp; 2575 return 0; 2576 } 2577 2578 static int client_opens_release(struct inode *inode, struct file *file) 2579 { 2580 struct seq_file *m = file->private_data; 2581 struct nfs4_client *clp = m->private; 2582 2583 /* XXX: alternatively, we could get/drop in seq start/stop */ 2584 drop_client(clp); 2585 return 0; 2586 } 2587 2588 static const struct file_operations client_states_fops = { 2589 .open = client_states_open, 2590 .read = seq_read, 2591 .llseek = seq_lseek, 2592 .release = client_opens_release, 2593 }; 2594 2595 /* 2596 * Normally we refuse to destroy clients that are in use, but here the 2597 * administrator is telling us to just do it. We also want to wait 2598 * so the caller has a guarantee that the client's locks are gone by 2599 * the time the write returns: 2600 */ 2601 static void force_expire_client(struct nfs4_client *clp) 2602 { 2603 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2604 bool already_expired; 2605 2606 spin_lock(&clp->cl_lock); 2607 clp->cl_time = 0; 2608 spin_unlock(&clp->cl_lock); 2609 2610 wait_event(expiry_wq, atomic_read(&clp->cl_rpc_users) == 0); 2611 spin_lock(&nn->client_lock); 2612 already_expired = list_empty(&clp->cl_lru); 2613 if (!already_expired) 2614 unhash_client_locked(clp); 2615 spin_unlock(&nn->client_lock); 2616 2617 if (!already_expired) 2618 expire_client(clp); 2619 else 2620 wait_event(expiry_wq, clp->cl_nfsd_dentry == NULL); 2621 } 2622 2623 static ssize_t client_ctl_write(struct file *file, const char __user *buf, 2624 size_t size, loff_t *pos) 2625 { 2626 char *data; 2627 struct nfs4_client *clp; 2628 2629 data = simple_transaction_get(file, buf, size); 2630 if (IS_ERR(data)) 2631 return PTR_ERR(data); 2632 if (size != 7 || 0 != memcmp(data, "expire\n", 7)) 2633 return -EINVAL; 2634 clp = get_nfsdfs_clp(file_inode(file)); 2635 if (!clp) 2636 return -ENXIO; 2637 force_expire_client(clp); 2638 drop_client(clp); 2639 return 7; 2640 } 2641 2642 static const struct file_operations client_ctl_fops = { 2643 .write = client_ctl_write, 2644 .release = simple_transaction_release, 2645 }; 2646 2647 static const struct tree_descr client_files[] = { 2648 [0] = {"info", &client_info_fops, S_IRUSR}, 2649 [1] = {"states", &client_states_fops, S_IRUSR}, 2650 [2] = {"ctl", &client_ctl_fops, S_IWUSR}, 2651 [3] = {""}, 2652 }; 2653 2654 static struct nfs4_client *create_client(struct xdr_netobj name, 2655 struct svc_rqst *rqstp, nfs4_verifier *verf) 2656 { 2657 struct nfs4_client *clp; 2658 struct sockaddr *sa = svc_addr(rqstp); 2659 int ret; 2660 struct net *net = SVC_NET(rqstp); 2661 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2662 2663 clp = alloc_client(name); 2664 if (clp == NULL) 2665 return NULL; 2666 2667 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2668 if (ret) { 2669 free_client(clp); 2670 return NULL; 2671 } 2672 gen_clid(clp, nn); 2673 kref_init(&clp->cl_nfsdfs.cl_ref); 2674 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2675 clp->cl_time = ktime_get_boottime_seconds(); 2676 clear_bit(0, &clp->cl_cb_slot_busy); 2677 copy_verf(clp, verf); 2678 memcpy(&clp->cl_addr, sa, sizeof(struct sockaddr_storage)); 2679 clp->cl_cb_session = NULL; 2680 clp->net = net; 2681 clp->cl_nfsd_dentry = nfsd_client_mkdir(nn, &clp->cl_nfsdfs, 2682 clp->cl_clientid.cl_id - nn->clientid_base, 2683 client_files); 2684 if (!clp->cl_nfsd_dentry) { 2685 free_client(clp); 2686 return NULL; 2687 } 2688 return clp; 2689 } 2690 2691 static void 2692 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2693 { 2694 struct rb_node **new = &(root->rb_node), *parent = NULL; 2695 struct nfs4_client *clp; 2696 2697 while (*new) { 2698 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2699 parent = *new; 2700 2701 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2702 new = &((*new)->rb_left); 2703 else 2704 new = &((*new)->rb_right); 2705 } 2706 2707 rb_link_node(&new_clp->cl_namenode, parent, new); 2708 rb_insert_color(&new_clp->cl_namenode, root); 2709 } 2710 2711 static struct nfs4_client * 2712 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2713 { 2714 int cmp; 2715 struct rb_node *node = root->rb_node; 2716 struct nfs4_client *clp; 2717 2718 while (node) { 2719 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2720 cmp = compare_blob(&clp->cl_name, name); 2721 if (cmp > 0) 2722 node = node->rb_left; 2723 else if (cmp < 0) 2724 node = node->rb_right; 2725 else 2726 return clp; 2727 } 2728 return NULL; 2729 } 2730 2731 static void 2732 add_to_unconfirmed(struct nfs4_client *clp) 2733 { 2734 unsigned int idhashval; 2735 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2736 2737 lockdep_assert_held(&nn->client_lock); 2738 2739 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2740 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2741 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2742 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2743 renew_client_locked(clp); 2744 } 2745 2746 static void 2747 move_to_confirmed(struct nfs4_client *clp) 2748 { 2749 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2750 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2751 2752 lockdep_assert_held(&nn->client_lock); 2753 2754 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2755 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2756 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2757 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2758 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2759 renew_client_locked(clp); 2760 } 2761 2762 static struct nfs4_client * 2763 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2764 { 2765 struct nfs4_client *clp; 2766 unsigned int idhashval = clientid_hashval(clid->cl_id); 2767 2768 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2769 if (same_clid(&clp->cl_clientid, clid)) { 2770 if ((bool)clp->cl_minorversion != sessions) 2771 return NULL; 2772 renew_client_locked(clp); 2773 return clp; 2774 } 2775 } 2776 return NULL; 2777 } 2778 2779 static struct nfs4_client * 2780 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2781 { 2782 struct list_head *tbl = nn->conf_id_hashtbl; 2783 2784 lockdep_assert_held(&nn->client_lock); 2785 return find_client_in_id_table(tbl, clid, sessions); 2786 } 2787 2788 static struct nfs4_client * 2789 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2790 { 2791 struct list_head *tbl = nn->unconf_id_hashtbl; 2792 2793 lockdep_assert_held(&nn->client_lock); 2794 return find_client_in_id_table(tbl, clid, sessions); 2795 } 2796 2797 static bool clp_used_exchangeid(struct nfs4_client *clp) 2798 { 2799 return clp->cl_exchange_flags != 0; 2800 } 2801 2802 static struct nfs4_client * 2803 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2804 { 2805 lockdep_assert_held(&nn->client_lock); 2806 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2807 } 2808 2809 static struct nfs4_client * 2810 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2811 { 2812 lockdep_assert_held(&nn->client_lock); 2813 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2814 } 2815 2816 static void 2817 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2818 { 2819 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2820 struct sockaddr *sa = svc_addr(rqstp); 2821 u32 scopeid = rpc_get_scope_id(sa); 2822 unsigned short expected_family; 2823 2824 /* Currently, we only support tcp and tcp6 for the callback channel */ 2825 if (se->se_callback_netid_len == 3 && 2826 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2827 expected_family = AF_INET; 2828 else if (se->se_callback_netid_len == 4 && 2829 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2830 expected_family = AF_INET6; 2831 else 2832 goto out_err; 2833 2834 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2835 se->se_callback_addr_len, 2836 (struct sockaddr *)&conn->cb_addr, 2837 sizeof(conn->cb_addr)); 2838 2839 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2840 goto out_err; 2841 2842 if (conn->cb_addr.ss_family == AF_INET6) 2843 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2844 2845 conn->cb_prog = se->se_callback_prog; 2846 conn->cb_ident = se->se_callback_ident; 2847 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2848 return; 2849 out_err: 2850 conn->cb_addr.ss_family = AF_UNSPEC; 2851 conn->cb_addrlen = 0; 2852 dprintk("NFSD: this client (clientid %08x/%08x) " 2853 "will not receive delegations\n", 2854 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 2855 2856 return; 2857 } 2858 2859 /* 2860 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2861 */ 2862 static void 2863 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2864 { 2865 struct xdr_buf *buf = resp->xdr.buf; 2866 struct nfsd4_slot *slot = resp->cstate.slot; 2867 unsigned int base; 2868 2869 dprintk("--> %s slot %p\n", __func__, slot); 2870 2871 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2872 slot->sl_opcnt = resp->opcnt; 2873 slot->sl_status = resp->cstate.status; 2874 free_svc_cred(&slot->sl_cred); 2875 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2876 2877 if (!nfsd4_cache_this(resp)) { 2878 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2879 return; 2880 } 2881 slot->sl_flags |= NFSD4_SLOT_CACHED; 2882 2883 base = resp->cstate.data_offset; 2884 slot->sl_datalen = buf->len - base; 2885 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2886 WARN(1, "%s: sessions DRC could not cache compound\n", 2887 __func__); 2888 return; 2889 } 2890 2891 /* 2892 * Encode the replay sequence operation from the slot values. 2893 * If cachethis is FALSE encode the uncached rep error on the next 2894 * operation which sets resp->p and increments resp->opcnt for 2895 * nfs4svc_encode_compoundres. 2896 * 2897 */ 2898 static __be32 2899 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2900 struct nfsd4_compoundres *resp) 2901 { 2902 struct nfsd4_op *op; 2903 struct nfsd4_slot *slot = resp->cstate.slot; 2904 2905 /* Encode the replayed sequence operation */ 2906 op = &args->ops[resp->opcnt - 1]; 2907 nfsd4_encode_operation(resp, op); 2908 2909 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2910 return op->status; 2911 if (args->opcnt == 1) { 2912 /* 2913 * The original operation wasn't a solo sequence--we 2914 * always cache those--so this retry must not match the 2915 * original: 2916 */ 2917 op->status = nfserr_seq_false_retry; 2918 } else { 2919 op = &args->ops[resp->opcnt++]; 2920 op->status = nfserr_retry_uncached_rep; 2921 nfsd4_encode_operation(resp, op); 2922 } 2923 return op->status; 2924 } 2925 2926 /* 2927 * The sequence operation is not cached because we can use the slot and 2928 * session values. 2929 */ 2930 static __be32 2931 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2932 struct nfsd4_sequence *seq) 2933 { 2934 struct nfsd4_slot *slot = resp->cstate.slot; 2935 struct xdr_stream *xdr = &resp->xdr; 2936 __be32 *p; 2937 __be32 status; 2938 2939 dprintk("--> %s slot %p\n", __func__, slot); 2940 2941 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2942 if (status) 2943 return status; 2944 2945 p = xdr_reserve_space(xdr, slot->sl_datalen); 2946 if (!p) { 2947 WARN_ON_ONCE(1); 2948 return nfserr_serverfault; 2949 } 2950 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2951 xdr_commit_encode(xdr); 2952 2953 resp->opcnt = slot->sl_opcnt; 2954 return slot->sl_status; 2955 } 2956 2957 /* 2958 * Set the exchange_id flags returned by the server. 2959 */ 2960 static void 2961 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2962 { 2963 #ifdef CONFIG_NFSD_PNFS 2964 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2965 #else 2966 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2967 #endif 2968 2969 /* Referrals are supported, Migration is not. */ 2970 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2971 2972 /* set the wire flags to return to client. */ 2973 clid->flags = new->cl_exchange_flags; 2974 } 2975 2976 static bool client_has_openowners(struct nfs4_client *clp) 2977 { 2978 struct nfs4_openowner *oo; 2979 2980 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 2981 if (!list_empty(&oo->oo_owner.so_stateids)) 2982 return true; 2983 } 2984 return false; 2985 } 2986 2987 static bool client_has_state(struct nfs4_client *clp) 2988 { 2989 return client_has_openowners(clp) 2990 #ifdef CONFIG_NFSD_PNFS 2991 || !list_empty(&clp->cl_lo_states) 2992 #endif 2993 || !list_empty(&clp->cl_delegations) 2994 || !list_empty(&clp->cl_sessions) 2995 || !list_empty(&clp->async_copies); 2996 } 2997 2998 static __be32 copy_impl_id(struct nfs4_client *clp, 2999 struct nfsd4_exchange_id *exid) 3000 { 3001 if (!exid->nii_domain.data) 3002 return 0; 3003 xdr_netobj_dup(&clp->cl_nii_domain, &exid->nii_domain, GFP_KERNEL); 3004 if (!clp->cl_nii_domain.data) 3005 return nfserr_jukebox; 3006 xdr_netobj_dup(&clp->cl_nii_name, &exid->nii_name, GFP_KERNEL); 3007 if (!clp->cl_nii_name.data) 3008 return nfserr_jukebox; 3009 clp->cl_nii_time = exid->nii_time; 3010 return 0; 3011 } 3012 3013 __be32 3014 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3015 union nfsd4_op_u *u) 3016 { 3017 struct nfsd4_exchange_id *exid = &u->exchange_id; 3018 struct nfs4_client *conf, *new; 3019 struct nfs4_client *unconf = NULL; 3020 __be32 status; 3021 char addr_str[INET6_ADDRSTRLEN]; 3022 nfs4_verifier verf = exid->verifier; 3023 struct sockaddr *sa = svc_addr(rqstp); 3024 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 3025 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3026 3027 rpc_ntop(sa, addr_str, sizeof(addr_str)); 3028 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 3029 "ip_addr=%s flags %x, spa_how %d\n", 3030 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 3031 addr_str, exid->flags, exid->spa_how); 3032 3033 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 3034 return nfserr_inval; 3035 3036 new = create_client(exid->clname, rqstp, &verf); 3037 if (new == NULL) 3038 return nfserr_jukebox; 3039 status = copy_impl_id(new, exid); 3040 if (status) 3041 goto out_nolock; 3042 3043 switch (exid->spa_how) { 3044 case SP4_MACH_CRED: 3045 exid->spo_must_enforce[0] = 0; 3046 exid->spo_must_enforce[1] = ( 3047 1 << (OP_BIND_CONN_TO_SESSION - 32) | 3048 1 << (OP_EXCHANGE_ID - 32) | 3049 1 << (OP_CREATE_SESSION - 32) | 3050 1 << (OP_DESTROY_SESSION - 32) | 3051 1 << (OP_DESTROY_CLIENTID - 32)); 3052 3053 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 3054 1 << (OP_OPEN_DOWNGRADE) | 3055 1 << (OP_LOCKU) | 3056 1 << (OP_DELEGRETURN)); 3057 3058 exid->spo_must_allow[1] &= ( 3059 1 << (OP_TEST_STATEID - 32) | 3060 1 << (OP_FREE_STATEID - 32)); 3061 if (!svc_rqst_integrity_protected(rqstp)) { 3062 status = nfserr_inval; 3063 goto out_nolock; 3064 } 3065 /* 3066 * Sometimes userspace doesn't give us a principal. 3067 * Which is a bug, really. Anyway, we can't enforce 3068 * MACH_CRED in that case, better to give up now: 3069 */ 3070 if (!new->cl_cred.cr_principal && 3071 !new->cl_cred.cr_raw_principal) { 3072 status = nfserr_serverfault; 3073 goto out_nolock; 3074 } 3075 new->cl_mach_cred = true; 3076 case SP4_NONE: 3077 break; 3078 default: /* checked by xdr code */ 3079 WARN_ON_ONCE(1); 3080 /* fall through */ 3081 case SP4_SSV: 3082 status = nfserr_encr_alg_unsupp; 3083 goto out_nolock; 3084 } 3085 3086 /* Cases below refer to rfc 5661 section 18.35.4: */ 3087 spin_lock(&nn->client_lock); 3088 conf = find_confirmed_client_by_name(&exid->clname, nn); 3089 if (conf) { 3090 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 3091 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 3092 3093 if (update) { 3094 if (!clp_used_exchangeid(conf)) { /* buggy client */ 3095 status = nfserr_inval; 3096 goto out; 3097 } 3098 if (!nfsd4_mach_creds_match(conf, rqstp)) { 3099 status = nfserr_wrong_cred; 3100 goto out; 3101 } 3102 if (!creds_match) { /* case 9 */ 3103 status = nfserr_perm; 3104 goto out; 3105 } 3106 if (!verfs_match) { /* case 8 */ 3107 status = nfserr_not_same; 3108 goto out; 3109 } 3110 /* case 6 */ 3111 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 3112 goto out_copy; 3113 } 3114 if (!creds_match) { /* case 3 */ 3115 if (client_has_state(conf)) { 3116 status = nfserr_clid_inuse; 3117 goto out; 3118 } 3119 goto out_new; 3120 } 3121 if (verfs_match) { /* case 2 */ 3122 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 3123 goto out_copy; 3124 } 3125 /* case 5, client reboot */ 3126 conf = NULL; 3127 goto out_new; 3128 } 3129 3130 if (update) { /* case 7 */ 3131 status = nfserr_noent; 3132 goto out; 3133 } 3134 3135 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 3136 if (unconf) /* case 4, possible retry or client restart */ 3137 unhash_client_locked(unconf); 3138 3139 /* case 1 (normal case) */ 3140 out_new: 3141 if (conf) { 3142 status = mark_client_expired_locked(conf); 3143 if (status) 3144 goto out; 3145 } 3146 new->cl_minorversion = cstate->minorversion; 3147 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 3148 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 3149 3150 add_to_unconfirmed(new); 3151 swap(new, conf); 3152 out_copy: 3153 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 3154 exid->clientid.cl_id = conf->cl_clientid.cl_id; 3155 3156 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 3157 nfsd4_set_ex_flags(conf, exid); 3158 3159 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 3160 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 3161 status = nfs_ok; 3162 3163 out: 3164 spin_unlock(&nn->client_lock); 3165 out_nolock: 3166 if (new) 3167 expire_client(new); 3168 if (unconf) 3169 expire_client(unconf); 3170 return status; 3171 } 3172 3173 static __be32 3174 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 3175 { 3176 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 3177 slot_seqid); 3178 3179 /* The slot is in use, and no response has been sent. */ 3180 if (slot_inuse) { 3181 if (seqid == slot_seqid) 3182 return nfserr_jukebox; 3183 else 3184 return nfserr_seq_misordered; 3185 } 3186 /* Note unsigned 32-bit arithmetic handles wraparound: */ 3187 if (likely(seqid == slot_seqid + 1)) 3188 return nfs_ok; 3189 if (seqid == slot_seqid) 3190 return nfserr_replay_cache; 3191 return nfserr_seq_misordered; 3192 } 3193 3194 /* 3195 * Cache the create session result into the create session single DRC 3196 * slot cache by saving the xdr structure. sl_seqid has been set. 3197 * Do this for solo or embedded create session operations. 3198 */ 3199 static void 3200 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 3201 struct nfsd4_clid_slot *slot, __be32 nfserr) 3202 { 3203 slot->sl_status = nfserr; 3204 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 3205 } 3206 3207 static __be32 3208 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 3209 struct nfsd4_clid_slot *slot) 3210 { 3211 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 3212 return slot->sl_status; 3213 } 3214 3215 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 3216 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 3217 1 + /* MIN tag is length with zero, only length */ \ 3218 3 + /* version, opcount, opcode */ \ 3219 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3220 /* seqid, slotID, slotID, cache */ \ 3221 4 ) * sizeof(__be32)) 3222 3223 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 3224 2 + /* verifier: AUTH_NULL, length 0 */\ 3225 1 + /* status */ \ 3226 1 + /* MIN tag is length with zero, only length */ \ 3227 3 + /* opcount, opcode, opstatus*/ \ 3228 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3229 /* seqid, slotID, slotID, slotID, status */ \ 3230 5 ) * sizeof(__be32)) 3231 3232 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 3233 { 3234 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 3235 3236 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 3237 return nfserr_toosmall; 3238 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 3239 return nfserr_toosmall; 3240 ca->headerpadsz = 0; 3241 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 3242 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 3243 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 3244 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 3245 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 3246 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 3247 /* 3248 * Note decreasing slot size below client's request may make it 3249 * difficult for client to function correctly, whereas 3250 * decreasing the number of slots will (just?) affect 3251 * performance. When short on memory we therefore prefer to 3252 * decrease number of slots instead of their size. Clients that 3253 * request larger slots than they need will get poor results: 3254 * Note that we always allow at least one slot, because our 3255 * accounting is soft and provides no guarantees either way. 3256 */ 3257 ca->maxreqs = nfsd4_get_drc_mem(ca, nn); 3258 3259 return nfs_ok; 3260 } 3261 3262 /* 3263 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 3264 * These are based on similar macros in linux/sunrpc/msg_prot.h . 3265 */ 3266 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 3267 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 3268 3269 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 3270 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 3271 3272 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 3273 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 3274 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 3275 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 3276 sizeof(__be32)) 3277 3278 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 3279 { 3280 ca->headerpadsz = 0; 3281 3282 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 3283 return nfserr_toosmall; 3284 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 3285 return nfserr_toosmall; 3286 ca->maxresp_cached = 0; 3287 if (ca->maxops < 2) 3288 return nfserr_toosmall; 3289 3290 return nfs_ok; 3291 } 3292 3293 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 3294 { 3295 switch (cbs->flavor) { 3296 case RPC_AUTH_NULL: 3297 case RPC_AUTH_UNIX: 3298 return nfs_ok; 3299 default: 3300 /* 3301 * GSS case: the spec doesn't allow us to return this 3302 * error. But it also doesn't allow us not to support 3303 * GSS. 3304 * I'd rather this fail hard than return some error the 3305 * client might think it can already handle: 3306 */ 3307 return nfserr_encr_alg_unsupp; 3308 } 3309 } 3310 3311 __be32 3312 nfsd4_create_session(struct svc_rqst *rqstp, 3313 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3314 { 3315 struct nfsd4_create_session *cr_ses = &u->create_session; 3316 struct sockaddr *sa = svc_addr(rqstp); 3317 struct nfs4_client *conf, *unconf; 3318 struct nfs4_client *old = NULL; 3319 struct nfsd4_session *new; 3320 struct nfsd4_conn *conn; 3321 struct nfsd4_clid_slot *cs_slot = NULL; 3322 __be32 status = 0; 3323 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3324 3325 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 3326 return nfserr_inval; 3327 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 3328 if (status) 3329 return status; 3330 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 3331 if (status) 3332 return status; 3333 status = check_backchannel_attrs(&cr_ses->back_channel); 3334 if (status) 3335 goto out_release_drc_mem; 3336 status = nfserr_jukebox; 3337 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 3338 if (!new) 3339 goto out_release_drc_mem; 3340 conn = alloc_conn_from_crses(rqstp, cr_ses); 3341 if (!conn) 3342 goto out_free_session; 3343 3344 spin_lock(&nn->client_lock); 3345 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 3346 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 3347 WARN_ON_ONCE(conf && unconf); 3348 3349 if (conf) { 3350 status = nfserr_wrong_cred; 3351 if (!nfsd4_mach_creds_match(conf, rqstp)) 3352 goto out_free_conn; 3353 cs_slot = &conf->cl_cs_slot; 3354 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 3355 if (status) { 3356 if (status == nfserr_replay_cache) 3357 status = nfsd4_replay_create_session(cr_ses, cs_slot); 3358 goto out_free_conn; 3359 } 3360 } else if (unconf) { 3361 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 3362 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 3363 status = nfserr_clid_inuse; 3364 goto out_free_conn; 3365 } 3366 status = nfserr_wrong_cred; 3367 if (!nfsd4_mach_creds_match(unconf, rqstp)) 3368 goto out_free_conn; 3369 cs_slot = &unconf->cl_cs_slot; 3370 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 3371 if (status) { 3372 /* an unconfirmed replay returns misordered */ 3373 status = nfserr_seq_misordered; 3374 goto out_free_conn; 3375 } 3376 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3377 if (old) { 3378 status = mark_client_expired_locked(old); 3379 if (status) { 3380 old = NULL; 3381 goto out_free_conn; 3382 } 3383 } 3384 move_to_confirmed(unconf); 3385 conf = unconf; 3386 } else { 3387 status = nfserr_stale_clientid; 3388 goto out_free_conn; 3389 } 3390 status = nfs_ok; 3391 /* Persistent sessions are not supported */ 3392 cr_ses->flags &= ~SESSION4_PERSIST; 3393 /* Upshifting from TCP to RDMA is not supported */ 3394 cr_ses->flags &= ~SESSION4_RDMA; 3395 3396 init_session(rqstp, new, conf, cr_ses); 3397 nfsd4_get_session_locked(new); 3398 3399 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 3400 NFS4_MAX_SESSIONID_LEN); 3401 cs_slot->sl_seqid++; 3402 cr_ses->seqid = cs_slot->sl_seqid; 3403 3404 /* cache solo and embedded create sessions under the client_lock */ 3405 nfsd4_cache_create_session(cr_ses, cs_slot, status); 3406 spin_unlock(&nn->client_lock); 3407 /* init connection and backchannel */ 3408 nfsd4_init_conn(rqstp, conn, new); 3409 nfsd4_put_session(new); 3410 if (old) 3411 expire_client(old); 3412 return status; 3413 out_free_conn: 3414 spin_unlock(&nn->client_lock); 3415 free_conn(conn); 3416 if (old) 3417 expire_client(old); 3418 out_free_session: 3419 __free_session(new); 3420 out_release_drc_mem: 3421 nfsd4_put_drc_mem(&cr_ses->fore_channel); 3422 return status; 3423 } 3424 3425 static __be32 nfsd4_map_bcts_dir(u32 *dir) 3426 { 3427 switch (*dir) { 3428 case NFS4_CDFC4_FORE: 3429 case NFS4_CDFC4_BACK: 3430 return nfs_ok; 3431 case NFS4_CDFC4_FORE_OR_BOTH: 3432 case NFS4_CDFC4_BACK_OR_BOTH: 3433 *dir = NFS4_CDFC4_BOTH; 3434 return nfs_ok; 3435 } 3436 return nfserr_inval; 3437 } 3438 3439 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 3440 struct nfsd4_compound_state *cstate, 3441 union nfsd4_op_u *u) 3442 { 3443 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 3444 struct nfsd4_session *session = cstate->session; 3445 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3446 __be32 status; 3447 3448 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 3449 if (status) 3450 return status; 3451 spin_lock(&nn->client_lock); 3452 session->se_cb_prog = bc->bc_cb_program; 3453 session->se_cb_sec = bc->bc_cb_sec; 3454 spin_unlock(&nn->client_lock); 3455 3456 nfsd4_probe_callback(session->se_client); 3457 3458 return nfs_ok; 3459 } 3460 3461 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 3462 struct nfsd4_compound_state *cstate, 3463 union nfsd4_op_u *u) 3464 { 3465 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 3466 __be32 status; 3467 struct nfsd4_conn *conn; 3468 struct nfsd4_session *session; 3469 struct net *net = SVC_NET(rqstp); 3470 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3471 3472 if (!nfsd4_last_compound_op(rqstp)) 3473 return nfserr_not_only_op; 3474 spin_lock(&nn->client_lock); 3475 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 3476 spin_unlock(&nn->client_lock); 3477 if (!session) 3478 goto out_no_session; 3479 status = nfserr_wrong_cred; 3480 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 3481 goto out; 3482 status = nfsd4_map_bcts_dir(&bcts->dir); 3483 if (status) 3484 goto out; 3485 conn = alloc_conn(rqstp, bcts->dir); 3486 status = nfserr_jukebox; 3487 if (!conn) 3488 goto out; 3489 nfsd4_init_conn(rqstp, conn, session); 3490 status = nfs_ok; 3491 out: 3492 nfsd4_put_session(session); 3493 out_no_session: 3494 return status; 3495 } 3496 3497 static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid) 3498 { 3499 if (!cstate->session) 3500 return false; 3501 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid)); 3502 } 3503 3504 __be32 3505 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 3506 union nfsd4_op_u *u) 3507 { 3508 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid; 3509 struct nfsd4_session *ses; 3510 __be32 status; 3511 int ref_held_by_me = 0; 3512 struct net *net = SVC_NET(r); 3513 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3514 3515 status = nfserr_not_only_op; 3516 if (nfsd4_compound_in_session(cstate, sessionid)) { 3517 if (!nfsd4_last_compound_op(r)) 3518 goto out; 3519 ref_held_by_me++; 3520 } 3521 dump_sessionid(__func__, sessionid); 3522 spin_lock(&nn->client_lock); 3523 ses = find_in_sessionid_hashtbl(sessionid, net, &status); 3524 if (!ses) 3525 goto out_client_lock; 3526 status = nfserr_wrong_cred; 3527 if (!nfsd4_mach_creds_match(ses->se_client, r)) 3528 goto out_put_session; 3529 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 3530 if (status) 3531 goto out_put_session; 3532 unhash_session(ses); 3533 spin_unlock(&nn->client_lock); 3534 3535 nfsd4_probe_callback_sync(ses->se_client); 3536 3537 spin_lock(&nn->client_lock); 3538 status = nfs_ok; 3539 out_put_session: 3540 nfsd4_put_session_locked(ses); 3541 out_client_lock: 3542 spin_unlock(&nn->client_lock); 3543 out: 3544 return status; 3545 } 3546 3547 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3548 { 3549 struct nfsd4_conn *c; 3550 3551 list_for_each_entry(c, &s->se_conns, cn_persession) { 3552 if (c->cn_xprt == xpt) { 3553 return c; 3554 } 3555 } 3556 return NULL; 3557 } 3558 3559 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 3560 { 3561 struct nfs4_client *clp = ses->se_client; 3562 struct nfsd4_conn *c; 3563 __be32 status = nfs_ok; 3564 int ret; 3565 3566 spin_lock(&clp->cl_lock); 3567 c = __nfsd4_find_conn(new->cn_xprt, ses); 3568 if (c) 3569 goto out_free; 3570 status = nfserr_conn_not_bound_to_session; 3571 if (clp->cl_mach_cred) 3572 goto out_free; 3573 __nfsd4_hash_conn(new, ses); 3574 spin_unlock(&clp->cl_lock); 3575 ret = nfsd4_register_conn(new); 3576 if (ret) 3577 /* oops; xprt is already down: */ 3578 nfsd4_conn_lost(&new->cn_xpt_user); 3579 return nfs_ok; 3580 out_free: 3581 spin_unlock(&clp->cl_lock); 3582 free_conn(new); 3583 return status; 3584 } 3585 3586 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 3587 { 3588 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3589 3590 return args->opcnt > session->se_fchannel.maxops; 3591 } 3592 3593 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3594 struct nfsd4_session *session) 3595 { 3596 struct xdr_buf *xb = &rqstp->rq_arg; 3597 3598 return xb->len > session->se_fchannel.maxreq_sz; 3599 } 3600 3601 static bool replay_matches_cache(struct svc_rqst *rqstp, 3602 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3603 { 3604 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3605 3606 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3607 (bool)seq->cachethis) 3608 return false; 3609 /* 3610 * If there's an error then the reply can have fewer ops than 3611 * the call. 3612 */ 3613 if (slot->sl_opcnt < argp->opcnt && !slot->sl_status) 3614 return false; 3615 /* 3616 * But if we cached a reply with *more* ops than the call you're 3617 * sending us now, then this new call is clearly not really a 3618 * replay of the old one: 3619 */ 3620 if (slot->sl_opcnt > argp->opcnt) 3621 return false; 3622 /* This is the only check explicitly called by spec: */ 3623 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3624 return false; 3625 /* 3626 * There may be more comparisons we could actually do, but the 3627 * spec doesn't require us to catch every case where the calls 3628 * don't match (that would require caching the call as well as 3629 * the reply), so we don't bother. 3630 */ 3631 return true; 3632 } 3633 3634 __be32 3635 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3636 union nfsd4_op_u *u) 3637 { 3638 struct nfsd4_sequence *seq = &u->sequence; 3639 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3640 struct xdr_stream *xdr = &resp->xdr; 3641 struct nfsd4_session *session; 3642 struct nfs4_client *clp; 3643 struct nfsd4_slot *slot; 3644 struct nfsd4_conn *conn; 3645 __be32 status; 3646 int buflen; 3647 struct net *net = SVC_NET(rqstp); 3648 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3649 3650 if (resp->opcnt != 1) 3651 return nfserr_sequence_pos; 3652 3653 /* 3654 * Will be either used or freed by nfsd4_sequence_check_conn 3655 * below. 3656 */ 3657 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3658 if (!conn) 3659 return nfserr_jukebox; 3660 3661 spin_lock(&nn->client_lock); 3662 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3663 if (!session) 3664 goto out_no_session; 3665 clp = session->se_client; 3666 3667 status = nfserr_too_many_ops; 3668 if (nfsd4_session_too_many_ops(rqstp, session)) 3669 goto out_put_session; 3670 3671 status = nfserr_req_too_big; 3672 if (nfsd4_request_too_big(rqstp, session)) 3673 goto out_put_session; 3674 3675 status = nfserr_badslot; 3676 if (seq->slotid >= session->se_fchannel.maxreqs) 3677 goto out_put_session; 3678 3679 slot = session->se_slots[seq->slotid]; 3680 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3681 3682 /* We do not negotiate the number of slots yet, so set the 3683 * maxslots to the session maxreqs which is used to encode 3684 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3685 seq->maxslots = session->se_fchannel.maxreqs; 3686 3687 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3688 slot->sl_flags & NFSD4_SLOT_INUSE); 3689 if (status == nfserr_replay_cache) { 3690 status = nfserr_seq_misordered; 3691 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3692 goto out_put_session; 3693 status = nfserr_seq_false_retry; 3694 if (!replay_matches_cache(rqstp, seq, slot)) 3695 goto out_put_session; 3696 cstate->slot = slot; 3697 cstate->session = session; 3698 cstate->clp = clp; 3699 /* Return the cached reply status and set cstate->status 3700 * for nfsd4_proc_compound processing */ 3701 status = nfsd4_replay_cache_entry(resp, seq); 3702 cstate->status = nfserr_replay_cache; 3703 goto out; 3704 } 3705 if (status) 3706 goto out_put_session; 3707 3708 status = nfsd4_sequence_check_conn(conn, session); 3709 conn = NULL; 3710 if (status) 3711 goto out_put_session; 3712 3713 buflen = (seq->cachethis) ? 3714 session->se_fchannel.maxresp_cached : 3715 session->se_fchannel.maxresp_sz; 3716 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3717 nfserr_rep_too_big; 3718 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3719 goto out_put_session; 3720 svc_reserve(rqstp, buflen); 3721 3722 status = nfs_ok; 3723 /* Success! bump slot seqid */ 3724 slot->sl_seqid = seq->seqid; 3725 slot->sl_flags |= NFSD4_SLOT_INUSE; 3726 if (seq->cachethis) 3727 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3728 else 3729 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3730 3731 cstate->slot = slot; 3732 cstate->session = session; 3733 cstate->clp = clp; 3734 3735 out: 3736 switch (clp->cl_cb_state) { 3737 case NFSD4_CB_DOWN: 3738 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3739 break; 3740 case NFSD4_CB_FAULT: 3741 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3742 break; 3743 default: 3744 seq->status_flags = 0; 3745 } 3746 if (!list_empty(&clp->cl_revoked)) 3747 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3748 out_no_session: 3749 if (conn) 3750 free_conn(conn); 3751 spin_unlock(&nn->client_lock); 3752 return status; 3753 out_put_session: 3754 nfsd4_put_session_locked(session); 3755 goto out_no_session; 3756 } 3757 3758 void 3759 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3760 { 3761 struct nfsd4_compound_state *cs = &resp->cstate; 3762 3763 if (nfsd4_has_session(cs)) { 3764 if (cs->status != nfserr_replay_cache) { 3765 nfsd4_store_cache_entry(resp); 3766 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3767 } 3768 /* Drop session reference that was taken in nfsd4_sequence() */ 3769 nfsd4_put_session(cs->session); 3770 } else if (cs->clp) 3771 put_client_renew(cs->clp); 3772 } 3773 3774 __be32 3775 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3776 struct nfsd4_compound_state *cstate, 3777 union nfsd4_op_u *u) 3778 { 3779 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3780 struct nfs4_client *conf, *unconf; 3781 struct nfs4_client *clp = NULL; 3782 __be32 status = 0; 3783 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3784 3785 spin_lock(&nn->client_lock); 3786 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3787 conf = find_confirmed_client(&dc->clientid, true, nn); 3788 WARN_ON_ONCE(conf && unconf); 3789 3790 if (conf) { 3791 if (client_has_state(conf)) { 3792 status = nfserr_clientid_busy; 3793 goto out; 3794 } 3795 status = mark_client_expired_locked(conf); 3796 if (status) 3797 goto out; 3798 clp = conf; 3799 } else if (unconf) 3800 clp = unconf; 3801 else { 3802 status = nfserr_stale_clientid; 3803 goto out; 3804 } 3805 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3806 clp = NULL; 3807 status = nfserr_wrong_cred; 3808 goto out; 3809 } 3810 unhash_client_locked(clp); 3811 out: 3812 spin_unlock(&nn->client_lock); 3813 if (clp) 3814 expire_client(clp); 3815 return status; 3816 } 3817 3818 __be32 3819 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3820 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3821 { 3822 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3823 __be32 status = 0; 3824 3825 if (rc->rca_one_fs) { 3826 if (!cstate->current_fh.fh_dentry) 3827 return nfserr_nofilehandle; 3828 /* 3829 * We don't take advantage of the rca_one_fs case. 3830 * That's OK, it's optional, we can safely ignore it. 3831 */ 3832 return nfs_ok; 3833 } 3834 3835 status = nfserr_complete_already; 3836 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3837 &cstate->session->se_client->cl_flags)) 3838 goto out; 3839 3840 status = nfserr_stale_clientid; 3841 if (is_client_expired(cstate->session->se_client)) 3842 /* 3843 * The following error isn't really legal. 3844 * But we only get here if the client just explicitly 3845 * destroyed the client. Surely it no longer cares what 3846 * error it gets back on an operation for the dead 3847 * client. 3848 */ 3849 goto out; 3850 3851 status = nfs_ok; 3852 nfsd4_client_record_create(cstate->session->se_client); 3853 inc_reclaim_complete(cstate->session->se_client); 3854 out: 3855 return status; 3856 } 3857 3858 __be32 3859 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3860 union nfsd4_op_u *u) 3861 { 3862 struct nfsd4_setclientid *setclid = &u->setclientid; 3863 struct xdr_netobj clname = setclid->se_name; 3864 nfs4_verifier clverifier = setclid->se_verf; 3865 struct nfs4_client *conf, *new; 3866 struct nfs4_client *unconf = NULL; 3867 __be32 status; 3868 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3869 3870 new = create_client(clname, rqstp, &clverifier); 3871 if (new == NULL) 3872 return nfserr_jukebox; 3873 /* Cases below refer to rfc 3530 section 14.2.33: */ 3874 spin_lock(&nn->client_lock); 3875 conf = find_confirmed_client_by_name(&clname, nn); 3876 if (conf && client_has_state(conf)) { 3877 /* case 0: */ 3878 status = nfserr_clid_inuse; 3879 if (clp_used_exchangeid(conf)) 3880 goto out; 3881 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3882 char addr_str[INET6_ADDRSTRLEN]; 3883 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 3884 sizeof(addr_str)); 3885 dprintk("NFSD: setclientid: string in use by client " 3886 "at %s\n", addr_str); 3887 goto out; 3888 } 3889 } 3890 unconf = find_unconfirmed_client_by_name(&clname, nn); 3891 if (unconf) 3892 unhash_client_locked(unconf); 3893 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3894 /* case 1: probable callback update */ 3895 copy_clid(new, conf); 3896 gen_confirm(new, nn); 3897 } else /* case 4 (new client) or cases 2, 3 (client reboot): */ 3898 ; 3899 new->cl_minorversion = 0; 3900 gen_callback(new, setclid, rqstp); 3901 add_to_unconfirmed(new); 3902 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3903 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3904 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3905 new = NULL; 3906 status = nfs_ok; 3907 out: 3908 spin_unlock(&nn->client_lock); 3909 if (new) 3910 free_client(new); 3911 if (unconf) 3912 expire_client(unconf); 3913 return status; 3914 } 3915 3916 3917 __be32 3918 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3919 struct nfsd4_compound_state *cstate, 3920 union nfsd4_op_u *u) 3921 { 3922 struct nfsd4_setclientid_confirm *setclientid_confirm = 3923 &u->setclientid_confirm; 3924 struct nfs4_client *conf, *unconf; 3925 struct nfs4_client *old = NULL; 3926 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3927 clientid_t * clid = &setclientid_confirm->sc_clientid; 3928 __be32 status; 3929 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3930 3931 if (STALE_CLIENTID(clid, nn)) 3932 return nfserr_stale_clientid; 3933 3934 spin_lock(&nn->client_lock); 3935 conf = find_confirmed_client(clid, false, nn); 3936 unconf = find_unconfirmed_client(clid, false, nn); 3937 /* 3938 * We try hard to give out unique clientid's, so if we get an 3939 * attempt to confirm the same clientid with a different cred, 3940 * the client may be buggy; this should never happen. 3941 * 3942 * Nevertheless, RFC 7530 recommends INUSE for this case: 3943 */ 3944 status = nfserr_clid_inuse; 3945 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3946 goto out; 3947 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3948 goto out; 3949 /* cases below refer to rfc 3530 section 14.2.34: */ 3950 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3951 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3952 /* case 2: probable retransmit */ 3953 status = nfs_ok; 3954 } else /* case 4: client hasn't noticed we rebooted yet? */ 3955 status = nfserr_stale_clientid; 3956 goto out; 3957 } 3958 status = nfs_ok; 3959 if (conf) { /* case 1: callback update */ 3960 old = unconf; 3961 unhash_client_locked(old); 3962 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3963 } else { /* case 3: normal case; new or rebooted client */ 3964 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3965 if (old) { 3966 status = nfserr_clid_inuse; 3967 if (client_has_state(old) 3968 && !same_creds(&unconf->cl_cred, 3969 &old->cl_cred)) 3970 goto out; 3971 status = mark_client_expired_locked(old); 3972 if (status) { 3973 old = NULL; 3974 goto out; 3975 } 3976 } 3977 move_to_confirmed(unconf); 3978 conf = unconf; 3979 } 3980 get_client_locked(conf); 3981 spin_unlock(&nn->client_lock); 3982 nfsd4_probe_callback(conf); 3983 spin_lock(&nn->client_lock); 3984 put_client_renew_locked(conf); 3985 out: 3986 spin_unlock(&nn->client_lock); 3987 if (old) 3988 expire_client(old); 3989 return status; 3990 } 3991 3992 static struct nfs4_file *nfsd4_alloc_file(void) 3993 { 3994 return kmem_cache_alloc(file_slab, GFP_KERNEL); 3995 } 3996 3997 /* OPEN Share state helper functions */ 3998 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 3999 struct nfs4_file *fp) 4000 { 4001 lockdep_assert_held(&state_lock); 4002 4003 refcount_set(&fp->fi_ref, 1); 4004 spin_lock_init(&fp->fi_lock); 4005 INIT_LIST_HEAD(&fp->fi_stateids); 4006 INIT_LIST_HEAD(&fp->fi_delegations); 4007 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 4008 fh_copy_shallow(&fp->fi_fhandle, fh); 4009 fp->fi_deleg_file = NULL; 4010 fp->fi_had_conflict = false; 4011 fp->fi_share_deny = 0; 4012 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 4013 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 4014 #ifdef CONFIG_NFSD_PNFS 4015 INIT_LIST_HEAD(&fp->fi_lo_states); 4016 atomic_set(&fp->fi_lo_recalls, 0); 4017 #endif 4018 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 4019 } 4020 4021 void 4022 nfsd4_free_slabs(void) 4023 { 4024 kmem_cache_destroy(client_slab); 4025 kmem_cache_destroy(openowner_slab); 4026 kmem_cache_destroy(lockowner_slab); 4027 kmem_cache_destroy(file_slab); 4028 kmem_cache_destroy(stateid_slab); 4029 kmem_cache_destroy(deleg_slab); 4030 kmem_cache_destroy(odstate_slab); 4031 } 4032 4033 int 4034 nfsd4_init_slabs(void) 4035 { 4036 client_slab = kmem_cache_create("nfsd4_clients", 4037 sizeof(struct nfs4_client), 0, 0, NULL); 4038 if (client_slab == NULL) 4039 goto out; 4040 openowner_slab = kmem_cache_create("nfsd4_openowners", 4041 sizeof(struct nfs4_openowner), 0, 0, NULL); 4042 if (openowner_slab == NULL) 4043 goto out_free_client_slab; 4044 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 4045 sizeof(struct nfs4_lockowner), 0, 0, NULL); 4046 if (lockowner_slab == NULL) 4047 goto out_free_openowner_slab; 4048 file_slab = kmem_cache_create("nfsd4_files", 4049 sizeof(struct nfs4_file), 0, 0, NULL); 4050 if (file_slab == NULL) 4051 goto out_free_lockowner_slab; 4052 stateid_slab = kmem_cache_create("nfsd4_stateids", 4053 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 4054 if (stateid_slab == NULL) 4055 goto out_free_file_slab; 4056 deleg_slab = kmem_cache_create("nfsd4_delegations", 4057 sizeof(struct nfs4_delegation), 0, 0, NULL); 4058 if (deleg_slab == NULL) 4059 goto out_free_stateid_slab; 4060 odstate_slab = kmem_cache_create("nfsd4_odstate", 4061 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 4062 if (odstate_slab == NULL) 4063 goto out_free_deleg_slab; 4064 return 0; 4065 4066 out_free_deleg_slab: 4067 kmem_cache_destroy(deleg_slab); 4068 out_free_stateid_slab: 4069 kmem_cache_destroy(stateid_slab); 4070 out_free_file_slab: 4071 kmem_cache_destroy(file_slab); 4072 out_free_lockowner_slab: 4073 kmem_cache_destroy(lockowner_slab); 4074 out_free_openowner_slab: 4075 kmem_cache_destroy(openowner_slab); 4076 out_free_client_slab: 4077 kmem_cache_destroy(client_slab); 4078 out: 4079 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 4080 return -ENOMEM; 4081 } 4082 4083 static void init_nfs4_replay(struct nfs4_replay *rp) 4084 { 4085 rp->rp_status = nfserr_serverfault; 4086 rp->rp_buflen = 0; 4087 rp->rp_buf = rp->rp_ibuf; 4088 mutex_init(&rp->rp_mutex); 4089 } 4090 4091 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 4092 struct nfs4_stateowner *so) 4093 { 4094 if (!nfsd4_has_session(cstate)) { 4095 mutex_lock(&so->so_replay.rp_mutex); 4096 cstate->replay_owner = nfs4_get_stateowner(so); 4097 } 4098 } 4099 4100 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 4101 { 4102 struct nfs4_stateowner *so = cstate->replay_owner; 4103 4104 if (so != NULL) { 4105 cstate->replay_owner = NULL; 4106 mutex_unlock(&so->so_replay.rp_mutex); 4107 nfs4_put_stateowner(so); 4108 } 4109 } 4110 4111 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 4112 { 4113 struct nfs4_stateowner *sop; 4114 4115 sop = kmem_cache_alloc(slab, GFP_KERNEL); 4116 if (!sop) 4117 return NULL; 4118 4119 xdr_netobj_dup(&sop->so_owner, owner, GFP_KERNEL); 4120 if (!sop->so_owner.data) { 4121 kmem_cache_free(slab, sop); 4122 return NULL; 4123 } 4124 4125 INIT_LIST_HEAD(&sop->so_stateids); 4126 sop->so_client = clp; 4127 init_nfs4_replay(&sop->so_replay); 4128 atomic_set(&sop->so_count, 1); 4129 return sop; 4130 } 4131 4132 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 4133 { 4134 lockdep_assert_held(&clp->cl_lock); 4135 4136 list_add(&oo->oo_owner.so_strhash, 4137 &clp->cl_ownerstr_hashtbl[strhashval]); 4138 list_add(&oo->oo_perclient, &clp->cl_openowners); 4139 } 4140 4141 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 4142 { 4143 unhash_openowner_locked(openowner(so)); 4144 } 4145 4146 static void nfs4_free_openowner(struct nfs4_stateowner *so) 4147 { 4148 struct nfs4_openowner *oo = openowner(so); 4149 4150 kmem_cache_free(openowner_slab, oo); 4151 } 4152 4153 static const struct nfs4_stateowner_operations openowner_ops = { 4154 .so_unhash = nfs4_unhash_openowner, 4155 .so_free = nfs4_free_openowner, 4156 }; 4157 4158 static struct nfs4_ol_stateid * 4159 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 4160 { 4161 struct nfs4_ol_stateid *local, *ret = NULL; 4162 struct nfs4_openowner *oo = open->op_openowner; 4163 4164 lockdep_assert_held(&fp->fi_lock); 4165 4166 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 4167 /* ignore lock owners */ 4168 if (local->st_stateowner->so_is_open_owner == 0) 4169 continue; 4170 if (local->st_stateowner != &oo->oo_owner) 4171 continue; 4172 if (local->st_stid.sc_type == NFS4_OPEN_STID) { 4173 ret = local; 4174 refcount_inc(&ret->st_stid.sc_count); 4175 break; 4176 } 4177 } 4178 return ret; 4179 } 4180 4181 static __be32 4182 nfsd4_verify_open_stid(struct nfs4_stid *s) 4183 { 4184 __be32 ret = nfs_ok; 4185 4186 switch (s->sc_type) { 4187 default: 4188 break; 4189 case 0: 4190 case NFS4_CLOSED_STID: 4191 case NFS4_CLOSED_DELEG_STID: 4192 ret = nfserr_bad_stateid; 4193 break; 4194 case NFS4_REVOKED_DELEG_STID: 4195 ret = nfserr_deleg_revoked; 4196 } 4197 return ret; 4198 } 4199 4200 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 4201 static __be32 4202 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 4203 { 4204 __be32 ret; 4205 4206 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 4207 ret = nfsd4_verify_open_stid(&stp->st_stid); 4208 if (ret != nfs_ok) 4209 mutex_unlock(&stp->st_mutex); 4210 return ret; 4211 } 4212 4213 static struct nfs4_ol_stateid * 4214 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 4215 { 4216 struct nfs4_ol_stateid *stp; 4217 for (;;) { 4218 spin_lock(&fp->fi_lock); 4219 stp = nfsd4_find_existing_open(fp, open); 4220 spin_unlock(&fp->fi_lock); 4221 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 4222 break; 4223 nfs4_put_stid(&stp->st_stid); 4224 } 4225 return stp; 4226 } 4227 4228 static struct nfs4_openowner * 4229 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 4230 struct nfsd4_compound_state *cstate) 4231 { 4232 struct nfs4_client *clp = cstate->clp; 4233 struct nfs4_openowner *oo, *ret; 4234 4235 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 4236 if (!oo) 4237 return NULL; 4238 oo->oo_owner.so_ops = &openowner_ops; 4239 oo->oo_owner.so_is_open_owner = 1; 4240 oo->oo_owner.so_seqid = open->op_seqid; 4241 oo->oo_flags = 0; 4242 if (nfsd4_has_session(cstate)) 4243 oo->oo_flags |= NFS4_OO_CONFIRMED; 4244 oo->oo_time = 0; 4245 oo->oo_last_closed_stid = NULL; 4246 INIT_LIST_HEAD(&oo->oo_close_lru); 4247 spin_lock(&clp->cl_lock); 4248 ret = find_openstateowner_str_locked(strhashval, open, clp); 4249 if (ret == NULL) { 4250 hash_openowner(oo, clp, strhashval); 4251 ret = oo; 4252 } else 4253 nfs4_free_stateowner(&oo->oo_owner); 4254 4255 spin_unlock(&clp->cl_lock); 4256 return ret; 4257 } 4258 4259 static struct nfs4_ol_stateid * 4260 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 4261 { 4262 4263 struct nfs4_openowner *oo = open->op_openowner; 4264 struct nfs4_ol_stateid *retstp = NULL; 4265 struct nfs4_ol_stateid *stp; 4266 4267 stp = open->op_stp; 4268 /* We are moving these outside of the spinlocks to avoid the warnings */ 4269 mutex_init(&stp->st_mutex); 4270 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 4271 4272 retry: 4273 spin_lock(&oo->oo_owner.so_client->cl_lock); 4274 spin_lock(&fp->fi_lock); 4275 4276 retstp = nfsd4_find_existing_open(fp, open); 4277 if (retstp) 4278 goto out_unlock; 4279 4280 open->op_stp = NULL; 4281 refcount_inc(&stp->st_stid.sc_count); 4282 stp->st_stid.sc_type = NFS4_OPEN_STID; 4283 INIT_LIST_HEAD(&stp->st_locks); 4284 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 4285 get_nfs4_file(fp); 4286 stp->st_stid.sc_file = fp; 4287 stp->st_access_bmap = 0; 4288 stp->st_deny_bmap = 0; 4289 stp->st_openstp = NULL; 4290 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 4291 list_add(&stp->st_perfile, &fp->fi_stateids); 4292 4293 out_unlock: 4294 spin_unlock(&fp->fi_lock); 4295 spin_unlock(&oo->oo_owner.so_client->cl_lock); 4296 if (retstp) { 4297 /* Handle races with CLOSE */ 4298 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 4299 nfs4_put_stid(&retstp->st_stid); 4300 goto retry; 4301 } 4302 /* To keep mutex tracking happy */ 4303 mutex_unlock(&stp->st_mutex); 4304 stp = retstp; 4305 } 4306 return stp; 4307 } 4308 4309 /* 4310 * In the 4.0 case we need to keep the owners around a little while to handle 4311 * CLOSE replay. We still do need to release any file access that is held by 4312 * them before returning however. 4313 */ 4314 static void 4315 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 4316 { 4317 struct nfs4_ol_stateid *last; 4318 struct nfs4_openowner *oo = openowner(s->st_stateowner); 4319 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 4320 nfsd_net_id); 4321 4322 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 4323 4324 /* 4325 * We know that we hold one reference via nfsd4_close, and another 4326 * "persistent" reference for the client. If the refcount is higher 4327 * than 2, then there are still calls in progress that are using this 4328 * stateid. We can't put the sc_file reference until they are finished. 4329 * Wait for the refcount to drop to 2. Since it has been unhashed, 4330 * there should be no danger of the refcount going back up again at 4331 * this point. 4332 */ 4333 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 4334 4335 release_all_access(s); 4336 if (s->st_stid.sc_file) { 4337 put_nfs4_file(s->st_stid.sc_file); 4338 s->st_stid.sc_file = NULL; 4339 } 4340 4341 spin_lock(&nn->client_lock); 4342 last = oo->oo_last_closed_stid; 4343 oo->oo_last_closed_stid = s; 4344 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 4345 oo->oo_time = ktime_get_boottime_seconds(); 4346 spin_unlock(&nn->client_lock); 4347 if (last) 4348 nfs4_put_stid(&last->st_stid); 4349 } 4350 4351 /* search file_hashtbl[] for file */ 4352 static struct nfs4_file * 4353 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 4354 { 4355 struct nfs4_file *fp; 4356 4357 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash, 4358 lockdep_is_held(&state_lock)) { 4359 if (fh_match(&fp->fi_fhandle, fh)) { 4360 if (refcount_inc_not_zero(&fp->fi_ref)) 4361 return fp; 4362 } 4363 } 4364 return NULL; 4365 } 4366 4367 struct nfs4_file * 4368 find_file(struct knfsd_fh *fh) 4369 { 4370 struct nfs4_file *fp; 4371 unsigned int hashval = file_hashval(fh); 4372 4373 rcu_read_lock(); 4374 fp = find_file_locked(fh, hashval); 4375 rcu_read_unlock(); 4376 return fp; 4377 } 4378 4379 static struct nfs4_file * 4380 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 4381 { 4382 struct nfs4_file *fp; 4383 unsigned int hashval = file_hashval(fh); 4384 4385 rcu_read_lock(); 4386 fp = find_file_locked(fh, hashval); 4387 rcu_read_unlock(); 4388 if (fp) 4389 return fp; 4390 4391 spin_lock(&state_lock); 4392 fp = find_file_locked(fh, hashval); 4393 if (likely(fp == NULL)) { 4394 nfsd4_init_file(fh, hashval, new); 4395 fp = new; 4396 } 4397 spin_unlock(&state_lock); 4398 4399 return fp; 4400 } 4401 4402 /* 4403 * Called to check deny when READ with all zero stateid or 4404 * WRITE with all zero or all one stateid 4405 */ 4406 static __be32 4407 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 4408 { 4409 struct nfs4_file *fp; 4410 __be32 ret = nfs_ok; 4411 4412 fp = find_file(¤t_fh->fh_handle); 4413 if (!fp) 4414 return ret; 4415 /* Check for conflicting share reservations */ 4416 spin_lock(&fp->fi_lock); 4417 if (fp->fi_share_deny & deny_type) 4418 ret = nfserr_locked; 4419 spin_unlock(&fp->fi_lock); 4420 put_nfs4_file(fp); 4421 return ret; 4422 } 4423 4424 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 4425 { 4426 struct nfs4_delegation *dp = cb_to_delegation(cb); 4427 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 4428 nfsd_net_id); 4429 4430 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 4431 4432 /* 4433 * We can't do this in nfsd_break_deleg_cb because it is 4434 * already holding inode->i_lock. 4435 * 4436 * If the dl_time != 0, then we know that it has already been 4437 * queued for a lease break. Don't queue it again. 4438 */ 4439 spin_lock(&state_lock); 4440 if (dp->dl_time == 0) { 4441 dp->dl_time = ktime_get_boottime_seconds(); 4442 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 4443 } 4444 spin_unlock(&state_lock); 4445 } 4446 4447 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 4448 struct rpc_task *task) 4449 { 4450 struct nfs4_delegation *dp = cb_to_delegation(cb); 4451 4452 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 4453 return 1; 4454 4455 switch (task->tk_status) { 4456 case 0: 4457 return 1; 4458 case -NFS4ERR_DELAY: 4459 rpc_delay(task, 2 * HZ); 4460 return 0; 4461 case -EBADHANDLE: 4462 case -NFS4ERR_BAD_STATEID: 4463 /* 4464 * Race: client probably got cb_recall before open reply 4465 * granting delegation. 4466 */ 4467 if (dp->dl_retries--) { 4468 rpc_delay(task, 2 * HZ); 4469 return 0; 4470 } 4471 /*FALLTHRU*/ 4472 default: 4473 return 1; 4474 } 4475 } 4476 4477 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 4478 { 4479 struct nfs4_delegation *dp = cb_to_delegation(cb); 4480 4481 nfs4_put_stid(&dp->dl_stid); 4482 } 4483 4484 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 4485 .prepare = nfsd4_cb_recall_prepare, 4486 .done = nfsd4_cb_recall_done, 4487 .release = nfsd4_cb_recall_release, 4488 }; 4489 4490 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 4491 { 4492 /* 4493 * We're assuming the state code never drops its reference 4494 * without first removing the lease. Since we're in this lease 4495 * callback (and since the lease code is serialized by the 4496 * i_lock) we know the server hasn't removed the lease yet, and 4497 * we know it's safe to take a reference. 4498 */ 4499 refcount_inc(&dp->dl_stid.sc_count); 4500 nfsd4_run_cb(&dp->dl_recall); 4501 } 4502 4503 /* Called from break_lease() with i_lock held. */ 4504 static bool 4505 nfsd_break_deleg_cb(struct file_lock *fl) 4506 { 4507 bool ret = false; 4508 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner; 4509 struct nfs4_file *fp = dp->dl_stid.sc_file; 4510 4511 /* 4512 * We don't want the locks code to timeout the lease for us; 4513 * we'll remove it ourself if a delegation isn't returned 4514 * in time: 4515 */ 4516 fl->fl_break_time = 0; 4517 4518 spin_lock(&fp->fi_lock); 4519 fp->fi_had_conflict = true; 4520 nfsd_break_one_deleg(dp); 4521 spin_unlock(&fp->fi_lock); 4522 return ret; 4523 } 4524 4525 static int 4526 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 4527 struct list_head *dispose) 4528 { 4529 if (arg & F_UNLCK) 4530 return lease_modify(onlist, arg, dispose); 4531 else 4532 return -EAGAIN; 4533 } 4534 4535 static const struct lock_manager_operations nfsd_lease_mng_ops = { 4536 .lm_break = nfsd_break_deleg_cb, 4537 .lm_change = nfsd_change_deleg_cb, 4538 }; 4539 4540 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 4541 { 4542 if (nfsd4_has_session(cstate)) 4543 return nfs_ok; 4544 if (seqid == so->so_seqid - 1) 4545 return nfserr_replay_me; 4546 if (seqid == so->so_seqid) 4547 return nfs_ok; 4548 return nfserr_bad_seqid; 4549 } 4550 4551 static __be32 lookup_clientid(clientid_t *clid, 4552 struct nfsd4_compound_state *cstate, 4553 struct nfsd_net *nn, 4554 bool sessions) 4555 { 4556 struct nfs4_client *found; 4557 4558 if (cstate->clp) { 4559 found = cstate->clp; 4560 if (!same_clid(&found->cl_clientid, clid)) 4561 return nfserr_stale_clientid; 4562 return nfs_ok; 4563 } 4564 4565 if (STALE_CLIENTID(clid, nn)) 4566 return nfserr_stale_clientid; 4567 4568 /* 4569 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 4570 * cached already then we know this is for is for v4.0 and "sessions" 4571 * will be false. 4572 */ 4573 WARN_ON_ONCE(cstate->session); 4574 spin_lock(&nn->client_lock); 4575 found = find_confirmed_client(clid, sessions, nn); 4576 if (!found) { 4577 spin_unlock(&nn->client_lock); 4578 return nfserr_expired; 4579 } 4580 atomic_inc(&found->cl_rpc_users); 4581 spin_unlock(&nn->client_lock); 4582 4583 /* Cache the nfs4_client in cstate! */ 4584 cstate->clp = found; 4585 return nfs_ok; 4586 } 4587 4588 __be32 4589 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 4590 struct nfsd4_open *open, struct nfsd_net *nn) 4591 { 4592 clientid_t *clientid = &open->op_clientid; 4593 struct nfs4_client *clp = NULL; 4594 unsigned int strhashval; 4595 struct nfs4_openowner *oo = NULL; 4596 __be32 status; 4597 4598 if (STALE_CLIENTID(&open->op_clientid, nn)) 4599 return nfserr_stale_clientid; 4600 /* 4601 * In case we need it later, after we've already created the 4602 * file and don't want to risk a further failure: 4603 */ 4604 open->op_file = nfsd4_alloc_file(); 4605 if (open->op_file == NULL) 4606 return nfserr_jukebox; 4607 4608 status = lookup_clientid(clientid, cstate, nn, false); 4609 if (status) 4610 return status; 4611 clp = cstate->clp; 4612 4613 strhashval = ownerstr_hashval(&open->op_owner); 4614 oo = find_openstateowner_str(strhashval, open, clp); 4615 open->op_openowner = oo; 4616 if (!oo) { 4617 goto new_owner; 4618 } 4619 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4620 /* Replace unconfirmed owners without checking for replay. */ 4621 release_openowner(oo); 4622 open->op_openowner = NULL; 4623 goto new_owner; 4624 } 4625 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 4626 if (status) 4627 return status; 4628 goto alloc_stateid; 4629 new_owner: 4630 oo = alloc_init_open_stateowner(strhashval, open, cstate); 4631 if (oo == NULL) 4632 return nfserr_jukebox; 4633 open->op_openowner = oo; 4634 alloc_stateid: 4635 open->op_stp = nfs4_alloc_open_stateid(clp); 4636 if (!open->op_stp) 4637 return nfserr_jukebox; 4638 4639 if (nfsd4_has_session(cstate) && 4640 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 4641 open->op_odstate = alloc_clnt_odstate(clp); 4642 if (!open->op_odstate) 4643 return nfserr_jukebox; 4644 } 4645 4646 return nfs_ok; 4647 } 4648 4649 static inline __be32 4650 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4651 { 4652 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4653 return nfserr_openmode; 4654 else 4655 return nfs_ok; 4656 } 4657 4658 static int share_access_to_flags(u32 share_access) 4659 { 4660 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4661 } 4662 4663 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4664 { 4665 struct nfs4_stid *ret; 4666 4667 ret = find_stateid_by_type(cl, s, 4668 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4669 if (!ret) 4670 return NULL; 4671 return delegstateid(ret); 4672 } 4673 4674 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4675 { 4676 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4677 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4678 } 4679 4680 static __be32 4681 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4682 struct nfs4_delegation **dp) 4683 { 4684 int flags; 4685 __be32 status = nfserr_bad_stateid; 4686 struct nfs4_delegation *deleg; 4687 4688 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4689 if (deleg == NULL) 4690 goto out; 4691 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4692 nfs4_put_stid(&deleg->dl_stid); 4693 if (cl->cl_minorversion) 4694 status = nfserr_deleg_revoked; 4695 goto out; 4696 } 4697 flags = share_access_to_flags(open->op_share_access); 4698 status = nfs4_check_delegmode(deleg, flags); 4699 if (status) { 4700 nfs4_put_stid(&deleg->dl_stid); 4701 goto out; 4702 } 4703 *dp = deleg; 4704 out: 4705 if (!nfsd4_is_deleg_cur(open)) 4706 return nfs_ok; 4707 if (status) 4708 return status; 4709 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4710 return nfs_ok; 4711 } 4712 4713 static inline int nfs4_access_to_access(u32 nfs4_access) 4714 { 4715 int flags = 0; 4716 4717 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4718 flags |= NFSD_MAY_READ; 4719 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4720 flags |= NFSD_MAY_WRITE; 4721 return flags; 4722 } 4723 4724 static inline __be32 4725 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4726 struct nfsd4_open *open) 4727 { 4728 struct iattr iattr = { 4729 .ia_valid = ATTR_SIZE, 4730 .ia_size = 0, 4731 }; 4732 if (!open->op_truncate) 4733 return 0; 4734 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4735 return nfserr_inval; 4736 return nfsd_setattr(rqstp, fh, &iattr, 0, (time64_t)0); 4737 } 4738 4739 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4740 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4741 struct nfsd4_open *open) 4742 { 4743 struct nfsd_file *nf = NULL; 4744 __be32 status; 4745 int oflag = nfs4_access_to_omode(open->op_share_access); 4746 int access = nfs4_access_to_access(open->op_share_access); 4747 unsigned char old_access_bmap, old_deny_bmap; 4748 4749 spin_lock(&fp->fi_lock); 4750 4751 /* 4752 * Are we trying to set a deny mode that would conflict with 4753 * current access? 4754 */ 4755 status = nfs4_file_check_deny(fp, open->op_share_deny); 4756 if (status != nfs_ok) { 4757 spin_unlock(&fp->fi_lock); 4758 goto out; 4759 } 4760 4761 /* set access to the file */ 4762 status = nfs4_file_get_access(fp, open->op_share_access); 4763 if (status != nfs_ok) { 4764 spin_unlock(&fp->fi_lock); 4765 goto out; 4766 } 4767 4768 /* Set access bits in stateid */ 4769 old_access_bmap = stp->st_access_bmap; 4770 set_access(open->op_share_access, stp); 4771 4772 /* Set new deny mask */ 4773 old_deny_bmap = stp->st_deny_bmap; 4774 set_deny(open->op_share_deny, stp); 4775 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4776 4777 if (!fp->fi_fds[oflag]) { 4778 spin_unlock(&fp->fi_lock); 4779 status = nfsd_file_acquire(rqstp, cur_fh, access, &nf); 4780 if (status) 4781 goto out_put_access; 4782 spin_lock(&fp->fi_lock); 4783 if (!fp->fi_fds[oflag]) { 4784 fp->fi_fds[oflag] = nf; 4785 nf = NULL; 4786 } 4787 } 4788 spin_unlock(&fp->fi_lock); 4789 if (nf) 4790 nfsd_file_put(nf); 4791 4792 status = nfsd4_truncate(rqstp, cur_fh, open); 4793 if (status) 4794 goto out_put_access; 4795 out: 4796 return status; 4797 out_put_access: 4798 stp->st_access_bmap = old_access_bmap; 4799 nfs4_file_put_access(fp, open->op_share_access); 4800 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4801 goto out; 4802 } 4803 4804 static __be32 4805 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4806 { 4807 __be32 status; 4808 unsigned char old_deny_bmap = stp->st_deny_bmap; 4809 4810 if (!test_access(open->op_share_access, stp)) 4811 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4812 4813 /* test and set deny mode */ 4814 spin_lock(&fp->fi_lock); 4815 status = nfs4_file_check_deny(fp, open->op_share_deny); 4816 if (status == nfs_ok) { 4817 set_deny(open->op_share_deny, stp); 4818 fp->fi_share_deny |= 4819 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4820 } 4821 spin_unlock(&fp->fi_lock); 4822 4823 if (status != nfs_ok) 4824 return status; 4825 4826 status = nfsd4_truncate(rqstp, cur_fh, open); 4827 if (status != nfs_ok) 4828 reset_union_bmap_deny(old_deny_bmap, stp); 4829 return status; 4830 } 4831 4832 /* Should we give out recallable state?: */ 4833 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4834 { 4835 if (clp->cl_cb_state == NFSD4_CB_UP) 4836 return true; 4837 /* 4838 * In the sessions case, since we don't have to establish a 4839 * separate connection for callbacks, we assume it's OK 4840 * until we hear otherwise: 4841 */ 4842 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4843 } 4844 4845 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 4846 int flag) 4847 { 4848 struct file_lock *fl; 4849 4850 fl = locks_alloc_lock(); 4851 if (!fl) 4852 return NULL; 4853 fl->fl_lmops = &nfsd_lease_mng_ops; 4854 fl->fl_flags = FL_DELEG; 4855 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4856 fl->fl_end = OFFSET_MAX; 4857 fl->fl_owner = (fl_owner_t)dp; 4858 fl->fl_pid = current->tgid; 4859 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file->nf_file; 4860 return fl; 4861 } 4862 4863 static struct nfs4_delegation * 4864 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4865 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4866 { 4867 int status = 0; 4868 struct nfs4_delegation *dp; 4869 struct nfsd_file *nf; 4870 struct file_lock *fl; 4871 4872 /* 4873 * The fi_had_conflict and nfs_get_existing_delegation checks 4874 * here are just optimizations; we'll need to recheck them at 4875 * the end: 4876 */ 4877 if (fp->fi_had_conflict) 4878 return ERR_PTR(-EAGAIN); 4879 4880 nf = find_readable_file(fp); 4881 if (!nf) { 4882 /* We should always have a readable file here */ 4883 WARN_ON_ONCE(1); 4884 return ERR_PTR(-EBADF); 4885 } 4886 spin_lock(&state_lock); 4887 spin_lock(&fp->fi_lock); 4888 if (nfs4_delegation_exists(clp, fp)) 4889 status = -EAGAIN; 4890 else if (!fp->fi_deleg_file) { 4891 fp->fi_deleg_file = nf; 4892 /* increment early to prevent fi_deleg_file from being 4893 * cleared */ 4894 fp->fi_delegees = 1; 4895 nf = NULL; 4896 } else 4897 fp->fi_delegees++; 4898 spin_unlock(&fp->fi_lock); 4899 spin_unlock(&state_lock); 4900 if (nf) 4901 nfsd_file_put(nf); 4902 if (status) 4903 return ERR_PTR(status); 4904 4905 status = -ENOMEM; 4906 dp = alloc_init_deleg(clp, fp, fh, odstate); 4907 if (!dp) 4908 goto out_delegees; 4909 4910 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 4911 if (!fl) 4912 goto out_clnt_odstate; 4913 4914 status = vfs_setlease(fp->fi_deleg_file->nf_file, fl->fl_type, &fl, NULL); 4915 if (fl) 4916 locks_free_lock(fl); 4917 if (status) 4918 goto out_clnt_odstate; 4919 4920 spin_lock(&state_lock); 4921 spin_lock(&fp->fi_lock); 4922 if (fp->fi_had_conflict) 4923 status = -EAGAIN; 4924 else 4925 status = hash_delegation_locked(dp, fp); 4926 spin_unlock(&fp->fi_lock); 4927 spin_unlock(&state_lock); 4928 4929 if (status) 4930 goto out_unlock; 4931 4932 return dp; 4933 out_unlock: 4934 vfs_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp); 4935 out_clnt_odstate: 4936 put_clnt_odstate(dp->dl_clnt_odstate); 4937 nfs4_put_stid(&dp->dl_stid); 4938 out_delegees: 4939 put_deleg_file(fp); 4940 return ERR_PTR(status); 4941 } 4942 4943 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 4944 { 4945 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4946 if (status == -EAGAIN) 4947 open->op_why_no_deleg = WND4_CONTENTION; 4948 else { 4949 open->op_why_no_deleg = WND4_RESOURCE; 4950 switch (open->op_deleg_want) { 4951 case NFS4_SHARE_WANT_READ_DELEG: 4952 case NFS4_SHARE_WANT_WRITE_DELEG: 4953 case NFS4_SHARE_WANT_ANY_DELEG: 4954 break; 4955 case NFS4_SHARE_WANT_CANCEL: 4956 open->op_why_no_deleg = WND4_CANCELLED; 4957 break; 4958 case NFS4_SHARE_WANT_NO_DELEG: 4959 WARN_ON_ONCE(1); 4960 } 4961 } 4962 } 4963 4964 /* 4965 * Attempt to hand out a delegation. 4966 * 4967 * Note we don't support write delegations, and won't until the vfs has 4968 * proper support for them. 4969 */ 4970 static void 4971 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 4972 struct nfs4_ol_stateid *stp) 4973 { 4974 struct nfs4_delegation *dp; 4975 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 4976 struct nfs4_client *clp = stp->st_stid.sc_client; 4977 int cb_up; 4978 int status = 0; 4979 4980 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 4981 open->op_recall = 0; 4982 switch (open->op_claim_type) { 4983 case NFS4_OPEN_CLAIM_PREVIOUS: 4984 if (!cb_up) 4985 open->op_recall = 1; 4986 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 4987 goto out_no_deleg; 4988 break; 4989 case NFS4_OPEN_CLAIM_NULL: 4990 case NFS4_OPEN_CLAIM_FH: 4991 /* 4992 * Let's not give out any delegations till everyone's 4993 * had the chance to reclaim theirs, *and* until 4994 * NLM locks have all been reclaimed: 4995 */ 4996 if (locks_in_grace(clp->net)) 4997 goto out_no_deleg; 4998 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 4999 goto out_no_deleg; 5000 /* 5001 * Also, if the file was opened for write or 5002 * create, there's a good chance the client's 5003 * about to write to it, resulting in an 5004 * immediate recall (since we don't support 5005 * write delegations): 5006 */ 5007 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 5008 goto out_no_deleg; 5009 if (open->op_create == NFS4_OPEN_CREATE) 5010 goto out_no_deleg; 5011 break; 5012 default: 5013 goto out_no_deleg; 5014 } 5015 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 5016 if (IS_ERR(dp)) 5017 goto out_no_deleg; 5018 5019 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 5020 5021 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 5022 STATEID_VAL(&dp->dl_stid.sc_stateid)); 5023 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 5024 nfs4_put_stid(&dp->dl_stid); 5025 return; 5026 out_no_deleg: 5027 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 5028 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 5029 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 5030 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 5031 open->op_recall = 1; 5032 } 5033 5034 /* 4.1 client asking for a delegation? */ 5035 if (open->op_deleg_want) 5036 nfsd4_open_deleg_none_ext(open, status); 5037 return; 5038 } 5039 5040 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 5041 struct nfs4_delegation *dp) 5042 { 5043 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 5044 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 5045 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5046 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 5047 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 5048 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 5049 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5050 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 5051 } 5052 /* Otherwise the client must be confused wanting a delegation 5053 * it already has, therefore we don't return 5054 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 5055 */ 5056 } 5057 5058 __be32 5059 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 5060 { 5061 struct nfsd4_compoundres *resp = rqstp->rq_resp; 5062 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 5063 struct nfs4_file *fp = NULL; 5064 struct nfs4_ol_stateid *stp = NULL; 5065 struct nfs4_delegation *dp = NULL; 5066 __be32 status; 5067 bool new_stp = false; 5068 5069 /* 5070 * Lookup file; if found, lookup stateid and check open request, 5071 * and check for delegations in the process of being recalled. 5072 * If not found, create the nfs4_file struct 5073 */ 5074 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 5075 if (fp != open->op_file) { 5076 status = nfs4_check_deleg(cl, open, &dp); 5077 if (status) 5078 goto out; 5079 stp = nfsd4_find_and_lock_existing_open(fp, open); 5080 } else { 5081 open->op_file = NULL; 5082 status = nfserr_bad_stateid; 5083 if (nfsd4_is_deleg_cur(open)) 5084 goto out; 5085 } 5086 5087 if (!stp) { 5088 stp = init_open_stateid(fp, open); 5089 if (!open->op_stp) 5090 new_stp = true; 5091 } 5092 5093 /* 5094 * OPEN the file, or upgrade an existing OPEN. 5095 * If truncate fails, the OPEN fails. 5096 * 5097 * stp is already locked. 5098 */ 5099 if (!new_stp) { 5100 /* Stateid was found, this is an OPEN upgrade */ 5101 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 5102 if (status) { 5103 mutex_unlock(&stp->st_mutex); 5104 goto out; 5105 } 5106 } else { 5107 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 5108 if (status) { 5109 stp->st_stid.sc_type = NFS4_CLOSED_STID; 5110 release_open_stateid(stp); 5111 mutex_unlock(&stp->st_mutex); 5112 goto out; 5113 } 5114 5115 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 5116 open->op_odstate); 5117 if (stp->st_clnt_odstate == open->op_odstate) 5118 open->op_odstate = NULL; 5119 } 5120 5121 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 5122 mutex_unlock(&stp->st_mutex); 5123 5124 if (nfsd4_has_session(&resp->cstate)) { 5125 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 5126 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5127 open->op_why_no_deleg = WND4_NOT_WANTED; 5128 goto nodeleg; 5129 } 5130 } 5131 5132 /* 5133 * Attempt to hand out a delegation. No error return, because the 5134 * OPEN succeeds even if we fail. 5135 */ 5136 nfs4_open_delegation(current_fh, open, stp); 5137 nodeleg: 5138 status = nfs_ok; 5139 5140 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 5141 STATEID_VAL(&stp->st_stid.sc_stateid)); 5142 out: 5143 /* 4.1 client trying to upgrade/downgrade delegation? */ 5144 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 5145 open->op_deleg_want) 5146 nfsd4_deleg_xgrade_none_ext(open, dp); 5147 5148 if (fp) 5149 put_nfs4_file(fp); 5150 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 5151 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 5152 /* 5153 * To finish the open response, we just need to set the rflags. 5154 */ 5155 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 5156 if (nfsd4_has_session(&resp->cstate)) 5157 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 5158 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 5159 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 5160 5161 if (dp) 5162 nfs4_put_stid(&dp->dl_stid); 5163 if (stp) 5164 nfs4_put_stid(&stp->st_stid); 5165 5166 return status; 5167 } 5168 5169 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 5170 struct nfsd4_open *open) 5171 { 5172 if (open->op_openowner) { 5173 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 5174 5175 nfsd4_cstate_assign_replay(cstate, so); 5176 nfs4_put_stateowner(so); 5177 } 5178 if (open->op_file) 5179 kmem_cache_free(file_slab, open->op_file); 5180 if (open->op_stp) 5181 nfs4_put_stid(&open->op_stp->st_stid); 5182 if (open->op_odstate) 5183 kmem_cache_free(odstate_slab, open->op_odstate); 5184 } 5185 5186 __be32 5187 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5188 union nfsd4_op_u *u) 5189 { 5190 clientid_t *clid = &u->renew; 5191 struct nfs4_client *clp; 5192 __be32 status; 5193 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5194 5195 dprintk("process_renew(%08x/%08x): starting\n", 5196 clid->cl_boot, clid->cl_id); 5197 status = lookup_clientid(clid, cstate, nn, false); 5198 if (status) 5199 goto out; 5200 clp = cstate->clp; 5201 status = nfserr_cb_path_down; 5202 if (!list_empty(&clp->cl_delegations) 5203 && clp->cl_cb_state != NFSD4_CB_UP) 5204 goto out; 5205 status = nfs_ok; 5206 out: 5207 return status; 5208 } 5209 5210 void 5211 nfsd4_end_grace(struct nfsd_net *nn) 5212 { 5213 /* do nothing if grace period already ended */ 5214 if (nn->grace_ended) 5215 return; 5216 5217 nn->grace_ended = true; 5218 /* 5219 * If the server goes down again right now, an NFSv4 5220 * client will still be allowed to reclaim after it comes back up, 5221 * even if it hasn't yet had a chance to reclaim state this time. 5222 * 5223 */ 5224 nfsd4_record_grace_done(nn); 5225 /* 5226 * At this point, NFSv4 clients can still reclaim. But if the 5227 * server crashes, any that have not yet reclaimed will be out 5228 * of luck on the next boot. 5229 * 5230 * (NFSv4.1+ clients are considered to have reclaimed once they 5231 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 5232 * have reclaimed after their first OPEN.) 5233 */ 5234 locks_end_grace(&nn->nfsd4_manager); 5235 /* 5236 * At this point, and once lockd and/or any other containers 5237 * exit their grace period, further reclaims will fail and 5238 * regular locking can resume. 5239 */ 5240 } 5241 5242 /* 5243 * If we've waited a lease period but there are still clients trying to 5244 * reclaim, wait a little longer to give them a chance to finish. 5245 */ 5246 static bool clients_still_reclaiming(struct nfsd_net *nn) 5247 { 5248 time64_t double_grace_period_end = nn->boot_time + 5249 2 * nn->nfsd4_lease; 5250 5251 if (nn->track_reclaim_completes && 5252 atomic_read(&nn->nr_reclaim_complete) == 5253 nn->reclaim_str_hashtbl_size) 5254 return false; 5255 if (!nn->somebody_reclaimed) 5256 return false; 5257 nn->somebody_reclaimed = false; 5258 /* 5259 * If we've given them *two* lease times to reclaim, and they're 5260 * still not done, give up: 5261 */ 5262 if (ktime_get_boottime_seconds() > double_grace_period_end) 5263 return false; 5264 return true; 5265 } 5266 5267 static time64_t 5268 nfs4_laundromat(struct nfsd_net *nn) 5269 { 5270 struct nfs4_client *clp; 5271 struct nfs4_openowner *oo; 5272 struct nfs4_delegation *dp; 5273 struct nfs4_ol_stateid *stp; 5274 struct nfsd4_blocked_lock *nbl; 5275 struct list_head *pos, *next, reaplist; 5276 time64_t cutoff = ktime_get_boottime_seconds() - nn->nfsd4_lease; 5277 time64_t t, new_timeo = nn->nfsd4_lease; 5278 struct nfs4_cpntf_state *cps; 5279 copy_stateid_t *cps_t; 5280 int i; 5281 5282 dprintk("NFSD: laundromat service - starting\n"); 5283 5284 if (clients_still_reclaiming(nn)) { 5285 new_timeo = 0; 5286 goto out; 5287 } 5288 dprintk("NFSD: end of grace period\n"); 5289 nfsd4_end_grace(nn); 5290 INIT_LIST_HEAD(&reaplist); 5291 5292 spin_lock(&nn->s2s_cp_lock); 5293 idr_for_each_entry(&nn->s2s_cp_stateids, cps_t, i) { 5294 cps = container_of(cps_t, struct nfs4_cpntf_state, cp_stateid); 5295 if (cps->cp_stateid.sc_type == NFS4_COPYNOTIFY_STID && 5296 cps->cpntf_time > cutoff) 5297 _free_cpntf_state_locked(nn, cps); 5298 } 5299 spin_unlock(&nn->s2s_cp_lock); 5300 5301 spin_lock(&nn->client_lock); 5302 list_for_each_safe(pos, next, &nn->client_lru) { 5303 clp = list_entry(pos, struct nfs4_client, cl_lru); 5304 if (clp->cl_time > cutoff) { 5305 t = clp->cl_time - cutoff; 5306 new_timeo = min(new_timeo, t); 5307 break; 5308 } 5309 if (mark_client_expired_locked(clp)) { 5310 dprintk("NFSD: client in use (clientid %08x)\n", 5311 clp->cl_clientid.cl_id); 5312 continue; 5313 } 5314 list_add(&clp->cl_lru, &reaplist); 5315 } 5316 spin_unlock(&nn->client_lock); 5317 list_for_each_safe(pos, next, &reaplist) { 5318 clp = list_entry(pos, struct nfs4_client, cl_lru); 5319 dprintk("NFSD: purging unused client (clientid %08x)\n", 5320 clp->cl_clientid.cl_id); 5321 list_del_init(&clp->cl_lru); 5322 expire_client(clp); 5323 } 5324 spin_lock(&state_lock); 5325 list_for_each_safe(pos, next, &nn->del_recall_lru) { 5326 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 5327 if (dp->dl_time > cutoff) { 5328 t = dp->dl_time - cutoff; 5329 new_timeo = min(new_timeo, t); 5330 break; 5331 } 5332 WARN_ON(!unhash_delegation_locked(dp)); 5333 list_add(&dp->dl_recall_lru, &reaplist); 5334 } 5335 spin_unlock(&state_lock); 5336 while (!list_empty(&reaplist)) { 5337 dp = list_first_entry(&reaplist, struct nfs4_delegation, 5338 dl_recall_lru); 5339 list_del_init(&dp->dl_recall_lru); 5340 revoke_delegation(dp); 5341 } 5342 5343 spin_lock(&nn->client_lock); 5344 while (!list_empty(&nn->close_lru)) { 5345 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 5346 oo_close_lru); 5347 if (oo->oo_time > cutoff) { 5348 t = oo->oo_time - cutoff; 5349 new_timeo = min(new_timeo, t); 5350 break; 5351 } 5352 list_del_init(&oo->oo_close_lru); 5353 stp = oo->oo_last_closed_stid; 5354 oo->oo_last_closed_stid = NULL; 5355 spin_unlock(&nn->client_lock); 5356 nfs4_put_stid(&stp->st_stid); 5357 spin_lock(&nn->client_lock); 5358 } 5359 spin_unlock(&nn->client_lock); 5360 5361 /* 5362 * It's possible for a client to try and acquire an already held lock 5363 * that is being held for a long time, and then lose interest in it. 5364 * So, we clean out any un-revisited request after a lease period 5365 * under the assumption that the client is no longer interested. 5366 * 5367 * RFC5661, sec. 9.6 states that the client must not rely on getting 5368 * notifications and must continue to poll for locks, even when the 5369 * server supports them. Thus this shouldn't lead to clients blocking 5370 * indefinitely once the lock does become free. 5371 */ 5372 BUG_ON(!list_empty(&reaplist)); 5373 spin_lock(&nn->blocked_locks_lock); 5374 while (!list_empty(&nn->blocked_locks_lru)) { 5375 nbl = list_first_entry(&nn->blocked_locks_lru, 5376 struct nfsd4_blocked_lock, nbl_lru); 5377 if (nbl->nbl_time > cutoff) { 5378 t = nbl->nbl_time - cutoff; 5379 new_timeo = min(new_timeo, t); 5380 break; 5381 } 5382 list_move(&nbl->nbl_lru, &reaplist); 5383 list_del_init(&nbl->nbl_list); 5384 } 5385 spin_unlock(&nn->blocked_locks_lock); 5386 5387 while (!list_empty(&reaplist)) { 5388 nbl = list_first_entry(&reaplist, 5389 struct nfsd4_blocked_lock, nbl_lru); 5390 list_del_init(&nbl->nbl_lru); 5391 free_blocked_lock(nbl); 5392 } 5393 out: 5394 new_timeo = max_t(time64_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 5395 return new_timeo; 5396 } 5397 5398 static struct workqueue_struct *laundry_wq; 5399 static void laundromat_main(struct work_struct *); 5400 5401 static void 5402 laundromat_main(struct work_struct *laundry) 5403 { 5404 time64_t t; 5405 struct delayed_work *dwork = to_delayed_work(laundry); 5406 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 5407 laundromat_work); 5408 5409 t = nfs4_laundromat(nn); 5410 dprintk("NFSD: laundromat_main - sleeping for %lld seconds\n", t); 5411 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 5412 } 5413 5414 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 5415 { 5416 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 5417 return nfserr_bad_stateid; 5418 return nfs_ok; 5419 } 5420 5421 static inline int 5422 access_permit_read(struct nfs4_ol_stateid *stp) 5423 { 5424 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 5425 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 5426 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 5427 } 5428 5429 static inline int 5430 access_permit_write(struct nfs4_ol_stateid *stp) 5431 { 5432 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 5433 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 5434 } 5435 5436 static 5437 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 5438 { 5439 __be32 status = nfserr_openmode; 5440 5441 /* For lock stateid's, we test the parent open, not the lock: */ 5442 if (stp->st_openstp) 5443 stp = stp->st_openstp; 5444 if ((flags & WR_STATE) && !access_permit_write(stp)) 5445 goto out; 5446 if ((flags & RD_STATE) && !access_permit_read(stp)) 5447 goto out; 5448 status = nfs_ok; 5449 out: 5450 return status; 5451 } 5452 5453 static inline __be32 5454 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 5455 { 5456 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 5457 return nfs_ok; 5458 else if (opens_in_grace(net)) { 5459 /* Answer in remaining cases depends on existence of 5460 * conflicting state; so we must wait out the grace period. */ 5461 return nfserr_grace; 5462 } else if (flags & WR_STATE) 5463 return nfs4_share_conflict(current_fh, 5464 NFS4_SHARE_DENY_WRITE); 5465 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 5466 return nfs4_share_conflict(current_fh, 5467 NFS4_SHARE_DENY_READ); 5468 } 5469 5470 /* 5471 * Allow READ/WRITE during grace period on recovered state only for files 5472 * that are not able to provide mandatory locking. 5473 */ 5474 static inline int 5475 grace_disallows_io(struct net *net, struct inode *inode) 5476 { 5477 return opens_in_grace(net) && mandatory_lock(inode); 5478 } 5479 5480 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 5481 { 5482 /* 5483 * When sessions are used the stateid generation number is ignored 5484 * when it is zero. 5485 */ 5486 if (has_session && in->si_generation == 0) 5487 return nfs_ok; 5488 5489 if (in->si_generation == ref->si_generation) 5490 return nfs_ok; 5491 5492 /* If the client sends us a stateid from the future, it's buggy: */ 5493 if (nfsd4_stateid_generation_after(in, ref)) 5494 return nfserr_bad_stateid; 5495 /* 5496 * However, we could see a stateid from the past, even from a 5497 * non-buggy client. For example, if the client sends a lock 5498 * while some IO is outstanding, the lock may bump si_generation 5499 * while the IO is still in flight. The client could avoid that 5500 * situation by waiting for responses on all the IO requests, 5501 * but better performance may result in retrying IO that 5502 * receives an old_stateid error if requests are rarely 5503 * reordered in flight: 5504 */ 5505 return nfserr_old_stateid; 5506 } 5507 5508 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 5509 { 5510 __be32 ret; 5511 5512 spin_lock(&s->sc_lock); 5513 ret = nfsd4_verify_open_stid(s); 5514 if (ret == nfs_ok) 5515 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 5516 spin_unlock(&s->sc_lock); 5517 return ret; 5518 } 5519 5520 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 5521 { 5522 if (ols->st_stateowner->so_is_open_owner && 5523 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 5524 return nfserr_bad_stateid; 5525 return nfs_ok; 5526 } 5527 5528 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 5529 { 5530 struct nfs4_stid *s; 5531 __be32 status = nfserr_bad_stateid; 5532 5533 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5534 CLOSE_STATEID(stateid)) 5535 return status; 5536 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) 5537 return status; 5538 spin_lock(&cl->cl_lock); 5539 s = find_stateid_locked(cl, stateid); 5540 if (!s) 5541 goto out_unlock; 5542 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 5543 if (status) 5544 goto out_unlock; 5545 switch (s->sc_type) { 5546 case NFS4_DELEG_STID: 5547 status = nfs_ok; 5548 break; 5549 case NFS4_REVOKED_DELEG_STID: 5550 status = nfserr_deleg_revoked; 5551 break; 5552 case NFS4_OPEN_STID: 5553 case NFS4_LOCK_STID: 5554 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 5555 break; 5556 default: 5557 printk("unknown stateid type %x\n", s->sc_type); 5558 /* Fallthrough */ 5559 case NFS4_CLOSED_STID: 5560 case NFS4_CLOSED_DELEG_STID: 5561 status = nfserr_bad_stateid; 5562 } 5563 out_unlock: 5564 spin_unlock(&cl->cl_lock); 5565 return status; 5566 } 5567 5568 __be32 5569 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 5570 stateid_t *stateid, unsigned char typemask, 5571 struct nfs4_stid **s, struct nfsd_net *nn) 5572 { 5573 __be32 status; 5574 bool return_revoked = false; 5575 5576 /* 5577 * only return revoked delegations if explicitly asked. 5578 * otherwise we report revoked or bad_stateid status. 5579 */ 5580 if (typemask & NFS4_REVOKED_DELEG_STID) 5581 return_revoked = true; 5582 else if (typemask & NFS4_DELEG_STID) 5583 typemask |= NFS4_REVOKED_DELEG_STID; 5584 5585 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5586 CLOSE_STATEID(stateid)) 5587 return nfserr_bad_stateid; 5588 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn, 5589 false); 5590 if (status == nfserr_stale_clientid) { 5591 if (cstate->session) 5592 return nfserr_bad_stateid; 5593 return nfserr_stale_stateid; 5594 } 5595 if (status) 5596 return status; 5597 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 5598 if (!*s) 5599 return nfserr_bad_stateid; 5600 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 5601 nfs4_put_stid(*s); 5602 if (cstate->minorversion) 5603 return nfserr_deleg_revoked; 5604 return nfserr_bad_stateid; 5605 } 5606 return nfs_ok; 5607 } 5608 5609 static struct nfsd_file * 5610 nfs4_find_file(struct nfs4_stid *s, int flags) 5611 { 5612 if (!s) 5613 return NULL; 5614 5615 switch (s->sc_type) { 5616 case NFS4_DELEG_STID: 5617 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 5618 return NULL; 5619 return nfsd_file_get(s->sc_file->fi_deleg_file); 5620 case NFS4_OPEN_STID: 5621 case NFS4_LOCK_STID: 5622 if (flags & RD_STATE) 5623 return find_readable_file(s->sc_file); 5624 else 5625 return find_writeable_file(s->sc_file); 5626 break; 5627 } 5628 5629 return NULL; 5630 } 5631 5632 static __be32 5633 nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags) 5634 { 5635 __be32 status; 5636 5637 status = nfsd4_check_openowner_confirmed(ols); 5638 if (status) 5639 return status; 5640 return nfs4_check_openmode(ols, flags); 5641 } 5642 5643 static __be32 5644 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 5645 struct nfsd_file **nfp, int flags) 5646 { 5647 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 5648 struct nfsd_file *nf; 5649 __be32 status; 5650 5651 nf = nfs4_find_file(s, flags); 5652 if (nf) { 5653 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 5654 acc | NFSD_MAY_OWNER_OVERRIDE); 5655 if (status) { 5656 nfsd_file_put(nf); 5657 goto out; 5658 } 5659 } else { 5660 status = nfsd_file_acquire(rqstp, fhp, acc, &nf); 5661 if (status) 5662 return status; 5663 } 5664 *nfp = nf; 5665 out: 5666 return status; 5667 } 5668 static void 5669 _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 5670 { 5671 WARN_ON_ONCE(cps->cp_stateid.sc_type != NFS4_COPYNOTIFY_STID); 5672 if (!refcount_dec_and_test(&cps->cp_stateid.sc_count)) 5673 return; 5674 list_del(&cps->cp_list); 5675 idr_remove(&nn->s2s_cp_stateids, 5676 cps->cp_stateid.stid.si_opaque.so_id); 5677 kfree(cps); 5678 } 5679 /* 5680 * A READ from an inter server to server COPY will have a 5681 * copy stateid. Look up the copy notify stateid from the 5682 * idr structure and take a reference on it. 5683 */ 5684 __be32 manage_cpntf_state(struct nfsd_net *nn, stateid_t *st, 5685 struct nfs4_client *clp, 5686 struct nfs4_cpntf_state **cps) 5687 { 5688 copy_stateid_t *cps_t; 5689 struct nfs4_cpntf_state *state = NULL; 5690 5691 if (st->si_opaque.so_clid.cl_id != nn->s2s_cp_cl_id) 5692 return nfserr_bad_stateid; 5693 spin_lock(&nn->s2s_cp_lock); 5694 cps_t = idr_find(&nn->s2s_cp_stateids, st->si_opaque.so_id); 5695 if (cps_t) { 5696 state = container_of(cps_t, struct nfs4_cpntf_state, 5697 cp_stateid); 5698 if (state->cp_stateid.sc_type != NFS4_COPYNOTIFY_STID) { 5699 state = NULL; 5700 goto unlock; 5701 } 5702 if (!clp) 5703 refcount_inc(&state->cp_stateid.sc_count); 5704 else 5705 _free_cpntf_state_locked(nn, state); 5706 } 5707 unlock: 5708 spin_unlock(&nn->s2s_cp_lock); 5709 if (!state) 5710 return nfserr_bad_stateid; 5711 if (!clp && state) 5712 *cps = state; 5713 return 0; 5714 } 5715 5716 static __be32 find_cpntf_state(struct nfsd_net *nn, stateid_t *st, 5717 struct nfs4_stid **stid) 5718 { 5719 __be32 status; 5720 struct nfs4_cpntf_state *cps = NULL; 5721 struct nfsd4_compound_state cstate; 5722 5723 status = manage_cpntf_state(nn, st, NULL, &cps); 5724 if (status) 5725 return status; 5726 5727 cps->cpntf_time = ktime_get_boottime_seconds(); 5728 memset(&cstate, 0, sizeof(cstate)); 5729 status = lookup_clientid(&cps->cp_p_clid, &cstate, nn, true); 5730 if (status) 5731 goto out; 5732 status = nfsd4_lookup_stateid(&cstate, &cps->cp_p_stateid, 5733 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5734 stid, nn); 5735 put_client_renew(cstate.clp); 5736 out: 5737 nfs4_put_cpntf_state(nn, cps); 5738 return status; 5739 } 5740 5741 void nfs4_put_cpntf_state(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 5742 { 5743 spin_lock(&nn->s2s_cp_lock); 5744 _free_cpntf_state_locked(nn, cps); 5745 spin_unlock(&nn->s2s_cp_lock); 5746 } 5747 5748 /* 5749 * Checks for stateid operations 5750 */ 5751 __be32 5752 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5753 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5754 stateid_t *stateid, int flags, struct nfsd_file **nfp, 5755 struct nfs4_stid **cstid) 5756 { 5757 struct inode *ino = d_inode(fhp->fh_dentry); 5758 struct net *net = SVC_NET(rqstp); 5759 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5760 struct nfs4_stid *s = NULL; 5761 __be32 status; 5762 5763 if (nfp) 5764 *nfp = NULL; 5765 5766 if (grace_disallows_io(net, ino)) 5767 return nfserr_grace; 5768 5769 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5770 status = check_special_stateids(net, fhp, stateid, flags); 5771 goto done; 5772 } 5773 5774 status = nfsd4_lookup_stateid(cstate, stateid, 5775 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5776 &s, nn); 5777 if (status == nfserr_bad_stateid) 5778 status = find_cpntf_state(nn, stateid, &s); 5779 if (status) 5780 return status; 5781 status = nfsd4_stid_check_stateid_generation(stateid, s, 5782 nfsd4_has_session(cstate)); 5783 if (status) 5784 goto out; 5785 5786 switch (s->sc_type) { 5787 case NFS4_DELEG_STID: 5788 status = nfs4_check_delegmode(delegstateid(s), flags); 5789 break; 5790 case NFS4_OPEN_STID: 5791 case NFS4_LOCK_STID: 5792 status = nfs4_check_olstateid(openlockstateid(s), flags); 5793 break; 5794 default: 5795 status = nfserr_bad_stateid; 5796 break; 5797 } 5798 if (status) 5799 goto out; 5800 status = nfs4_check_fh(fhp, s); 5801 5802 done: 5803 if (status == nfs_ok && nfp) 5804 status = nfs4_check_file(rqstp, fhp, s, nfp, flags); 5805 out: 5806 if (s) { 5807 if (!status && cstid) 5808 *cstid = s; 5809 else 5810 nfs4_put_stid(s); 5811 } 5812 return status; 5813 } 5814 5815 /* 5816 * Test if the stateid is valid 5817 */ 5818 __be32 5819 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5820 union nfsd4_op_u *u) 5821 { 5822 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5823 struct nfsd4_test_stateid_id *stateid; 5824 struct nfs4_client *cl = cstate->session->se_client; 5825 5826 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5827 stateid->ts_id_status = 5828 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5829 5830 return nfs_ok; 5831 } 5832 5833 static __be32 5834 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5835 { 5836 struct nfs4_ol_stateid *stp = openlockstateid(s); 5837 __be32 ret; 5838 5839 ret = nfsd4_lock_ol_stateid(stp); 5840 if (ret) 5841 goto out_put_stid; 5842 5843 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5844 if (ret) 5845 goto out; 5846 5847 ret = nfserr_locks_held; 5848 if (check_for_locks(stp->st_stid.sc_file, 5849 lockowner(stp->st_stateowner))) 5850 goto out; 5851 5852 release_lock_stateid(stp); 5853 ret = nfs_ok; 5854 5855 out: 5856 mutex_unlock(&stp->st_mutex); 5857 out_put_stid: 5858 nfs4_put_stid(s); 5859 return ret; 5860 } 5861 5862 __be32 5863 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5864 union nfsd4_op_u *u) 5865 { 5866 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5867 stateid_t *stateid = &free_stateid->fr_stateid; 5868 struct nfs4_stid *s; 5869 struct nfs4_delegation *dp; 5870 struct nfs4_client *cl = cstate->session->se_client; 5871 __be32 ret = nfserr_bad_stateid; 5872 5873 spin_lock(&cl->cl_lock); 5874 s = find_stateid_locked(cl, stateid); 5875 if (!s) 5876 goto out_unlock; 5877 spin_lock(&s->sc_lock); 5878 switch (s->sc_type) { 5879 case NFS4_DELEG_STID: 5880 ret = nfserr_locks_held; 5881 break; 5882 case NFS4_OPEN_STID: 5883 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5884 if (ret) 5885 break; 5886 ret = nfserr_locks_held; 5887 break; 5888 case NFS4_LOCK_STID: 5889 spin_unlock(&s->sc_lock); 5890 refcount_inc(&s->sc_count); 5891 spin_unlock(&cl->cl_lock); 5892 ret = nfsd4_free_lock_stateid(stateid, s); 5893 goto out; 5894 case NFS4_REVOKED_DELEG_STID: 5895 spin_unlock(&s->sc_lock); 5896 dp = delegstateid(s); 5897 list_del_init(&dp->dl_recall_lru); 5898 spin_unlock(&cl->cl_lock); 5899 nfs4_put_stid(s); 5900 ret = nfs_ok; 5901 goto out; 5902 /* Default falls through and returns nfserr_bad_stateid */ 5903 } 5904 spin_unlock(&s->sc_lock); 5905 out_unlock: 5906 spin_unlock(&cl->cl_lock); 5907 out: 5908 return ret; 5909 } 5910 5911 static inline int 5912 setlkflg (int type) 5913 { 5914 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5915 RD_STATE : WR_STATE; 5916 } 5917 5918 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5919 { 5920 struct svc_fh *current_fh = &cstate->current_fh; 5921 struct nfs4_stateowner *sop = stp->st_stateowner; 5922 __be32 status; 5923 5924 status = nfsd4_check_seqid(cstate, sop, seqid); 5925 if (status) 5926 return status; 5927 status = nfsd4_lock_ol_stateid(stp); 5928 if (status != nfs_ok) 5929 return status; 5930 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5931 if (status == nfs_ok) 5932 status = nfs4_check_fh(current_fh, &stp->st_stid); 5933 if (status != nfs_ok) 5934 mutex_unlock(&stp->st_mutex); 5935 return status; 5936 } 5937 5938 /* 5939 * Checks for sequence id mutating operations. 5940 */ 5941 static __be32 5942 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5943 stateid_t *stateid, char typemask, 5944 struct nfs4_ol_stateid **stpp, 5945 struct nfsd_net *nn) 5946 { 5947 __be32 status; 5948 struct nfs4_stid *s; 5949 struct nfs4_ol_stateid *stp = NULL; 5950 5951 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 5952 seqid, STATEID_VAL(stateid)); 5953 5954 *stpp = NULL; 5955 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 5956 if (status) 5957 return status; 5958 stp = openlockstateid(s); 5959 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 5960 5961 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 5962 if (!status) 5963 *stpp = stp; 5964 else 5965 nfs4_put_stid(&stp->st_stid); 5966 return status; 5967 } 5968 5969 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5970 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 5971 { 5972 __be32 status; 5973 struct nfs4_openowner *oo; 5974 struct nfs4_ol_stateid *stp; 5975 5976 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 5977 NFS4_OPEN_STID, &stp, nn); 5978 if (status) 5979 return status; 5980 oo = openowner(stp->st_stateowner); 5981 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5982 mutex_unlock(&stp->st_mutex); 5983 nfs4_put_stid(&stp->st_stid); 5984 return nfserr_bad_stateid; 5985 } 5986 *stpp = stp; 5987 return nfs_ok; 5988 } 5989 5990 __be32 5991 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5992 union nfsd4_op_u *u) 5993 { 5994 struct nfsd4_open_confirm *oc = &u->open_confirm; 5995 __be32 status; 5996 struct nfs4_openowner *oo; 5997 struct nfs4_ol_stateid *stp; 5998 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5999 6000 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 6001 cstate->current_fh.fh_dentry); 6002 6003 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 6004 if (status) 6005 return status; 6006 6007 status = nfs4_preprocess_seqid_op(cstate, 6008 oc->oc_seqid, &oc->oc_req_stateid, 6009 NFS4_OPEN_STID, &stp, nn); 6010 if (status) 6011 goto out; 6012 oo = openowner(stp->st_stateowner); 6013 status = nfserr_bad_stateid; 6014 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 6015 mutex_unlock(&stp->st_mutex); 6016 goto put_stateid; 6017 } 6018 oo->oo_flags |= NFS4_OO_CONFIRMED; 6019 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 6020 mutex_unlock(&stp->st_mutex); 6021 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 6022 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 6023 6024 nfsd4_client_record_create(oo->oo_owner.so_client); 6025 status = nfs_ok; 6026 put_stateid: 6027 nfs4_put_stid(&stp->st_stid); 6028 out: 6029 nfsd4_bump_seqid(cstate, status); 6030 return status; 6031 } 6032 6033 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 6034 { 6035 if (!test_access(access, stp)) 6036 return; 6037 nfs4_file_put_access(stp->st_stid.sc_file, access); 6038 clear_access(access, stp); 6039 } 6040 6041 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 6042 { 6043 switch (to_access) { 6044 case NFS4_SHARE_ACCESS_READ: 6045 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 6046 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 6047 break; 6048 case NFS4_SHARE_ACCESS_WRITE: 6049 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 6050 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 6051 break; 6052 case NFS4_SHARE_ACCESS_BOTH: 6053 break; 6054 default: 6055 WARN_ON_ONCE(1); 6056 } 6057 } 6058 6059 __be32 6060 nfsd4_open_downgrade(struct svc_rqst *rqstp, 6061 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 6062 { 6063 struct nfsd4_open_downgrade *od = &u->open_downgrade; 6064 __be32 status; 6065 struct nfs4_ol_stateid *stp; 6066 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6067 6068 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 6069 cstate->current_fh.fh_dentry); 6070 6071 /* We don't yet support WANT bits: */ 6072 if (od->od_deleg_want) 6073 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 6074 od->od_deleg_want); 6075 6076 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 6077 &od->od_stateid, &stp, nn); 6078 if (status) 6079 goto out; 6080 status = nfserr_inval; 6081 if (!test_access(od->od_share_access, stp)) { 6082 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 6083 stp->st_access_bmap, od->od_share_access); 6084 goto put_stateid; 6085 } 6086 if (!test_deny(od->od_share_deny, stp)) { 6087 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 6088 stp->st_deny_bmap, od->od_share_deny); 6089 goto put_stateid; 6090 } 6091 nfs4_stateid_downgrade(stp, od->od_share_access); 6092 reset_union_bmap_deny(od->od_share_deny, stp); 6093 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 6094 status = nfs_ok; 6095 put_stateid: 6096 mutex_unlock(&stp->st_mutex); 6097 nfs4_put_stid(&stp->st_stid); 6098 out: 6099 nfsd4_bump_seqid(cstate, status); 6100 return status; 6101 } 6102 6103 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 6104 { 6105 struct nfs4_client *clp = s->st_stid.sc_client; 6106 bool unhashed; 6107 LIST_HEAD(reaplist); 6108 6109 spin_lock(&clp->cl_lock); 6110 unhashed = unhash_open_stateid(s, &reaplist); 6111 6112 if (clp->cl_minorversion) { 6113 if (unhashed) 6114 put_ol_stateid_locked(s, &reaplist); 6115 spin_unlock(&clp->cl_lock); 6116 free_ol_stateid_reaplist(&reaplist); 6117 } else { 6118 spin_unlock(&clp->cl_lock); 6119 free_ol_stateid_reaplist(&reaplist); 6120 if (unhashed) 6121 move_to_close_lru(s, clp->net); 6122 } 6123 } 6124 6125 /* 6126 * nfs4_unlock_state() called after encode 6127 */ 6128 __be32 6129 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6130 union nfsd4_op_u *u) 6131 { 6132 struct nfsd4_close *close = &u->close; 6133 __be32 status; 6134 struct nfs4_ol_stateid *stp; 6135 struct net *net = SVC_NET(rqstp); 6136 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6137 6138 dprintk("NFSD: nfsd4_close on file %pd\n", 6139 cstate->current_fh.fh_dentry); 6140 6141 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 6142 &close->cl_stateid, 6143 NFS4_OPEN_STID|NFS4_CLOSED_STID, 6144 &stp, nn); 6145 nfsd4_bump_seqid(cstate, status); 6146 if (status) 6147 goto out; 6148 6149 stp->st_stid.sc_type = NFS4_CLOSED_STID; 6150 6151 /* 6152 * Technically we don't _really_ have to increment or copy it, since 6153 * it should just be gone after this operation and we clobber the 6154 * copied value below, but we continue to do so here just to ensure 6155 * that racing ops see that there was a state change. 6156 */ 6157 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 6158 6159 nfsd4_close_open_stateid(stp); 6160 mutex_unlock(&stp->st_mutex); 6161 6162 /* v4.1+ suggests that we send a special stateid in here, since the 6163 * clients should just ignore this anyway. Since this is not useful 6164 * for v4.0 clients either, we set it to the special close_stateid 6165 * universally. 6166 * 6167 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 6168 */ 6169 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 6170 6171 /* put reference from nfs4_preprocess_seqid_op */ 6172 nfs4_put_stid(&stp->st_stid); 6173 out: 6174 return status; 6175 } 6176 6177 __be32 6178 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6179 union nfsd4_op_u *u) 6180 { 6181 struct nfsd4_delegreturn *dr = &u->delegreturn; 6182 struct nfs4_delegation *dp; 6183 stateid_t *stateid = &dr->dr_stateid; 6184 struct nfs4_stid *s; 6185 __be32 status; 6186 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6187 6188 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6189 return status; 6190 6191 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 6192 if (status) 6193 goto out; 6194 dp = delegstateid(s); 6195 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 6196 if (status) 6197 goto put_stateid; 6198 6199 destroy_delegation(dp); 6200 put_stateid: 6201 nfs4_put_stid(&dp->dl_stid); 6202 out: 6203 return status; 6204 } 6205 6206 static inline u64 6207 end_offset(u64 start, u64 len) 6208 { 6209 u64 end; 6210 6211 end = start + len; 6212 return end >= start ? end: NFS4_MAX_UINT64; 6213 } 6214 6215 /* last octet in a range */ 6216 static inline u64 6217 last_byte_offset(u64 start, u64 len) 6218 { 6219 u64 end; 6220 6221 WARN_ON_ONCE(!len); 6222 end = start + len; 6223 return end > start ? end - 1: NFS4_MAX_UINT64; 6224 } 6225 6226 /* 6227 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 6228 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 6229 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 6230 * locking, this prevents us from being completely protocol-compliant. The 6231 * real solution to this problem is to start using unsigned file offsets in 6232 * the VFS, but this is a very deep change! 6233 */ 6234 static inline void 6235 nfs4_transform_lock_offset(struct file_lock *lock) 6236 { 6237 if (lock->fl_start < 0) 6238 lock->fl_start = OFFSET_MAX; 6239 if (lock->fl_end < 0) 6240 lock->fl_end = OFFSET_MAX; 6241 } 6242 6243 static fl_owner_t 6244 nfsd4_fl_get_owner(fl_owner_t owner) 6245 { 6246 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 6247 6248 nfs4_get_stateowner(&lo->lo_owner); 6249 return owner; 6250 } 6251 6252 static void 6253 nfsd4_fl_put_owner(fl_owner_t owner) 6254 { 6255 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 6256 6257 if (lo) 6258 nfs4_put_stateowner(&lo->lo_owner); 6259 } 6260 6261 static void 6262 nfsd4_lm_notify(struct file_lock *fl) 6263 { 6264 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 6265 struct net *net = lo->lo_owner.so_client->net; 6266 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6267 struct nfsd4_blocked_lock *nbl = container_of(fl, 6268 struct nfsd4_blocked_lock, nbl_lock); 6269 bool queue = false; 6270 6271 /* An empty list means that something else is going to be using it */ 6272 spin_lock(&nn->blocked_locks_lock); 6273 if (!list_empty(&nbl->nbl_list)) { 6274 list_del_init(&nbl->nbl_list); 6275 list_del_init(&nbl->nbl_lru); 6276 queue = true; 6277 } 6278 spin_unlock(&nn->blocked_locks_lock); 6279 6280 if (queue) 6281 nfsd4_run_cb(&nbl->nbl_cb); 6282 } 6283 6284 static const struct lock_manager_operations nfsd_posix_mng_ops = { 6285 .lm_notify = nfsd4_lm_notify, 6286 .lm_get_owner = nfsd4_fl_get_owner, 6287 .lm_put_owner = nfsd4_fl_put_owner, 6288 }; 6289 6290 static inline void 6291 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 6292 { 6293 struct nfs4_lockowner *lo; 6294 6295 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 6296 lo = (struct nfs4_lockowner *) fl->fl_owner; 6297 xdr_netobj_dup(&deny->ld_owner, &lo->lo_owner.so_owner, 6298 GFP_KERNEL); 6299 if (!deny->ld_owner.data) 6300 /* We just don't care that much */ 6301 goto nevermind; 6302 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 6303 } else { 6304 nevermind: 6305 deny->ld_owner.len = 0; 6306 deny->ld_owner.data = NULL; 6307 deny->ld_clientid.cl_boot = 0; 6308 deny->ld_clientid.cl_id = 0; 6309 } 6310 deny->ld_start = fl->fl_start; 6311 deny->ld_length = NFS4_MAX_UINT64; 6312 if (fl->fl_end != NFS4_MAX_UINT64) 6313 deny->ld_length = fl->fl_end - fl->fl_start + 1; 6314 deny->ld_type = NFS4_READ_LT; 6315 if (fl->fl_type != F_RDLCK) 6316 deny->ld_type = NFS4_WRITE_LT; 6317 } 6318 6319 static struct nfs4_lockowner * 6320 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 6321 { 6322 unsigned int strhashval = ownerstr_hashval(owner); 6323 struct nfs4_stateowner *so; 6324 6325 lockdep_assert_held(&clp->cl_lock); 6326 6327 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 6328 so_strhash) { 6329 if (so->so_is_open_owner) 6330 continue; 6331 if (same_owner_str(so, owner)) 6332 return lockowner(nfs4_get_stateowner(so)); 6333 } 6334 return NULL; 6335 } 6336 6337 static struct nfs4_lockowner * 6338 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 6339 { 6340 struct nfs4_lockowner *lo; 6341 6342 spin_lock(&clp->cl_lock); 6343 lo = find_lockowner_str_locked(clp, owner); 6344 spin_unlock(&clp->cl_lock); 6345 return lo; 6346 } 6347 6348 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 6349 { 6350 unhash_lockowner_locked(lockowner(sop)); 6351 } 6352 6353 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 6354 { 6355 struct nfs4_lockowner *lo = lockowner(sop); 6356 6357 kmem_cache_free(lockowner_slab, lo); 6358 } 6359 6360 static const struct nfs4_stateowner_operations lockowner_ops = { 6361 .so_unhash = nfs4_unhash_lockowner, 6362 .so_free = nfs4_free_lockowner, 6363 }; 6364 6365 /* 6366 * Alloc a lock owner structure. 6367 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 6368 * occurred. 6369 * 6370 * strhashval = ownerstr_hashval 6371 */ 6372 static struct nfs4_lockowner * 6373 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 6374 struct nfs4_ol_stateid *open_stp, 6375 struct nfsd4_lock *lock) 6376 { 6377 struct nfs4_lockowner *lo, *ret; 6378 6379 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 6380 if (!lo) 6381 return NULL; 6382 INIT_LIST_HEAD(&lo->lo_blocked); 6383 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 6384 lo->lo_owner.so_is_open_owner = 0; 6385 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 6386 lo->lo_owner.so_ops = &lockowner_ops; 6387 spin_lock(&clp->cl_lock); 6388 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 6389 if (ret == NULL) { 6390 list_add(&lo->lo_owner.so_strhash, 6391 &clp->cl_ownerstr_hashtbl[strhashval]); 6392 ret = lo; 6393 } else 6394 nfs4_free_stateowner(&lo->lo_owner); 6395 6396 spin_unlock(&clp->cl_lock); 6397 return ret; 6398 } 6399 6400 static struct nfs4_ol_stateid * 6401 find_lock_stateid(const struct nfs4_lockowner *lo, 6402 const struct nfs4_ol_stateid *ost) 6403 { 6404 struct nfs4_ol_stateid *lst; 6405 6406 lockdep_assert_held(&ost->st_stid.sc_client->cl_lock); 6407 6408 /* If ost is not hashed, ost->st_locks will not be valid */ 6409 if (!nfs4_ol_stateid_unhashed(ost)) 6410 list_for_each_entry(lst, &ost->st_locks, st_locks) { 6411 if (lst->st_stateowner == &lo->lo_owner) { 6412 refcount_inc(&lst->st_stid.sc_count); 6413 return lst; 6414 } 6415 } 6416 return NULL; 6417 } 6418 6419 static struct nfs4_ol_stateid * 6420 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 6421 struct nfs4_file *fp, struct inode *inode, 6422 struct nfs4_ol_stateid *open_stp) 6423 { 6424 struct nfs4_client *clp = lo->lo_owner.so_client; 6425 struct nfs4_ol_stateid *retstp; 6426 6427 mutex_init(&stp->st_mutex); 6428 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 6429 retry: 6430 spin_lock(&clp->cl_lock); 6431 if (nfs4_ol_stateid_unhashed(open_stp)) 6432 goto out_close; 6433 retstp = find_lock_stateid(lo, open_stp); 6434 if (retstp) 6435 goto out_found; 6436 refcount_inc(&stp->st_stid.sc_count); 6437 stp->st_stid.sc_type = NFS4_LOCK_STID; 6438 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 6439 get_nfs4_file(fp); 6440 stp->st_stid.sc_file = fp; 6441 stp->st_access_bmap = 0; 6442 stp->st_deny_bmap = open_stp->st_deny_bmap; 6443 stp->st_openstp = open_stp; 6444 spin_lock(&fp->fi_lock); 6445 list_add(&stp->st_locks, &open_stp->st_locks); 6446 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 6447 list_add(&stp->st_perfile, &fp->fi_stateids); 6448 spin_unlock(&fp->fi_lock); 6449 spin_unlock(&clp->cl_lock); 6450 return stp; 6451 out_found: 6452 spin_unlock(&clp->cl_lock); 6453 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 6454 nfs4_put_stid(&retstp->st_stid); 6455 goto retry; 6456 } 6457 /* To keep mutex tracking happy */ 6458 mutex_unlock(&stp->st_mutex); 6459 return retstp; 6460 out_close: 6461 spin_unlock(&clp->cl_lock); 6462 mutex_unlock(&stp->st_mutex); 6463 return NULL; 6464 } 6465 6466 static struct nfs4_ol_stateid * 6467 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 6468 struct inode *inode, struct nfs4_ol_stateid *ost, 6469 bool *new) 6470 { 6471 struct nfs4_stid *ns = NULL; 6472 struct nfs4_ol_stateid *lst; 6473 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 6474 struct nfs4_client *clp = oo->oo_owner.so_client; 6475 6476 *new = false; 6477 spin_lock(&clp->cl_lock); 6478 lst = find_lock_stateid(lo, ost); 6479 spin_unlock(&clp->cl_lock); 6480 if (lst != NULL) { 6481 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 6482 goto out; 6483 nfs4_put_stid(&lst->st_stid); 6484 } 6485 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 6486 if (ns == NULL) 6487 return NULL; 6488 6489 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 6490 if (lst == openlockstateid(ns)) 6491 *new = true; 6492 else 6493 nfs4_put_stid(ns); 6494 out: 6495 return lst; 6496 } 6497 6498 static int 6499 check_lock_length(u64 offset, u64 length) 6500 { 6501 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 6502 (length > ~offset))); 6503 } 6504 6505 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 6506 { 6507 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 6508 6509 lockdep_assert_held(&fp->fi_lock); 6510 6511 if (test_access(access, lock_stp)) 6512 return; 6513 __nfs4_file_get_access(fp, access); 6514 set_access(access, lock_stp); 6515 } 6516 6517 static __be32 6518 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 6519 struct nfs4_ol_stateid *ost, 6520 struct nfsd4_lock *lock, 6521 struct nfs4_ol_stateid **plst, bool *new) 6522 { 6523 __be32 status; 6524 struct nfs4_file *fi = ost->st_stid.sc_file; 6525 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 6526 struct nfs4_client *cl = oo->oo_owner.so_client; 6527 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 6528 struct nfs4_lockowner *lo; 6529 struct nfs4_ol_stateid *lst; 6530 unsigned int strhashval; 6531 6532 lo = find_lockowner_str(cl, &lock->lk_new_owner); 6533 if (!lo) { 6534 strhashval = ownerstr_hashval(&lock->lk_new_owner); 6535 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 6536 if (lo == NULL) 6537 return nfserr_jukebox; 6538 } else { 6539 /* with an existing lockowner, seqids must be the same */ 6540 status = nfserr_bad_seqid; 6541 if (!cstate->minorversion && 6542 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 6543 goto out; 6544 } 6545 6546 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 6547 if (lst == NULL) { 6548 status = nfserr_jukebox; 6549 goto out; 6550 } 6551 6552 status = nfs_ok; 6553 *plst = lst; 6554 out: 6555 nfs4_put_stateowner(&lo->lo_owner); 6556 return status; 6557 } 6558 6559 /* 6560 * LOCK operation 6561 */ 6562 __be32 6563 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6564 union nfsd4_op_u *u) 6565 { 6566 struct nfsd4_lock *lock = &u->lock; 6567 struct nfs4_openowner *open_sop = NULL; 6568 struct nfs4_lockowner *lock_sop = NULL; 6569 struct nfs4_ol_stateid *lock_stp = NULL; 6570 struct nfs4_ol_stateid *open_stp = NULL; 6571 struct nfs4_file *fp; 6572 struct nfsd_file *nf = NULL; 6573 struct nfsd4_blocked_lock *nbl = NULL; 6574 struct file_lock *file_lock = NULL; 6575 struct file_lock *conflock = NULL; 6576 __be32 status = 0; 6577 int lkflg; 6578 int err; 6579 bool new = false; 6580 unsigned char fl_type; 6581 unsigned int fl_flags = FL_POSIX; 6582 struct net *net = SVC_NET(rqstp); 6583 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 6584 6585 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 6586 (long long) lock->lk_offset, 6587 (long long) lock->lk_length); 6588 6589 if (check_lock_length(lock->lk_offset, lock->lk_length)) 6590 return nfserr_inval; 6591 6592 if ((status = fh_verify(rqstp, &cstate->current_fh, 6593 S_IFREG, NFSD_MAY_LOCK))) { 6594 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 6595 return status; 6596 } 6597 6598 if (lock->lk_is_new) { 6599 if (nfsd4_has_session(cstate)) 6600 /* See rfc 5661 18.10.3: given clientid is ignored: */ 6601 memcpy(&lock->lk_new_clientid, 6602 &cstate->session->se_client->cl_clientid, 6603 sizeof(clientid_t)); 6604 6605 status = nfserr_stale_clientid; 6606 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 6607 goto out; 6608 6609 /* validate and update open stateid and open seqid */ 6610 status = nfs4_preprocess_confirmed_seqid_op(cstate, 6611 lock->lk_new_open_seqid, 6612 &lock->lk_new_open_stateid, 6613 &open_stp, nn); 6614 if (status) 6615 goto out; 6616 mutex_unlock(&open_stp->st_mutex); 6617 open_sop = openowner(open_stp->st_stateowner); 6618 status = nfserr_bad_stateid; 6619 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 6620 &lock->lk_new_clientid)) 6621 goto out; 6622 status = lookup_or_create_lock_state(cstate, open_stp, lock, 6623 &lock_stp, &new); 6624 } else { 6625 status = nfs4_preprocess_seqid_op(cstate, 6626 lock->lk_old_lock_seqid, 6627 &lock->lk_old_lock_stateid, 6628 NFS4_LOCK_STID, &lock_stp, nn); 6629 } 6630 if (status) 6631 goto out; 6632 lock_sop = lockowner(lock_stp->st_stateowner); 6633 6634 lkflg = setlkflg(lock->lk_type); 6635 status = nfs4_check_openmode(lock_stp, lkflg); 6636 if (status) 6637 goto out; 6638 6639 status = nfserr_grace; 6640 if (locks_in_grace(net) && !lock->lk_reclaim) 6641 goto out; 6642 status = nfserr_no_grace; 6643 if (!locks_in_grace(net) && lock->lk_reclaim) 6644 goto out; 6645 6646 fp = lock_stp->st_stid.sc_file; 6647 switch (lock->lk_type) { 6648 case NFS4_READW_LT: 6649 if (nfsd4_has_session(cstate)) 6650 fl_flags |= FL_SLEEP; 6651 /* Fallthrough */ 6652 case NFS4_READ_LT: 6653 spin_lock(&fp->fi_lock); 6654 nf = find_readable_file_locked(fp); 6655 if (nf) 6656 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 6657 spin_unlock(&fp->fi_lock); 6658 fl_type = F_RDLCK; 6659 break; 6660 case NFS4_WRITEW_LT: 6661 if (nfsd4_has_session(cstate)) 6662 fl_flags |= FL_SLEEP; 6663 /* Fallthrough */ 6664 case NFS4_WRITE_LT: 6665 spin_lock(&fp->fi_lock); 6666 nf = find_writeable_file_locked(fp); 6667 if (nf) 6668 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 6669 spin_unlock(&fp->fi_lock); 6670 fl_type = F_WRLCK; 6671 break; 6672 default: 6673 status = nfserr_inval; 6674 goto out; 6675 } 6676 6677 if (!nf) { 6678 status = nfserr_openmode; 6679 goto out; 6680 } 6681 6682 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 6683 if (!nbl) { 6684 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 6685 status = nfserr_jukebox; 6686 goto out; 6687 } 6688 6689 file_lock = &nbl->nbl_lock; 6690 file_lock->fl_type = fl_type; 6691 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 6692 file_lock->fl_pid = current->tgid; 6693 file_lock->fl_file = nf->nf_file; 6694 file_lock->fl_flags = fl_flags; 6695 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6696 file_lock->fl_start = lock->lk_offset; 6697 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 6698 nfs4_transform_lock_offset(file_lock); 6699 6700 conflock = locks_alloc_lock(); 6701 if (!conflock) { 6702 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6703 status = nfserr_jukebox; 6704 goto out; 6705 } 6706 6707 if (fl_flags & FL_SLEEP) { 6708 nbl->nbl_time = ktime_get_boottime_seconds(); 6709 spin_lock(&nn->blocked_locks_lock); 6710 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 6711 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 6712 spin_unlock(&nn->blocked_locks_lock); 6713 } 6714 6715 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, conflock); 6716 switch (err) { 6717 case 0: /* success! */ 6718 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 6719 status = 0; 6720 if (lock->lk_reclaim) 6721 nn->somebody_reclaimed = true; 6722 break; 6723 case FILE_LOCK_DEFERRED: 6724 nbl = NULL; 6725 /* Fallthrough */ 6726 case -EAGAIN: /* conflock holds conflicting lock */ 6727 status = nfserr_denied; 6728 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 6729 nfs4_set_lock_denied(conflock, &lock->lk_denied); 6730 break; 6731 case -EDEADLK: 6732 status = nfserr_deadlock; 6733 break; 6734 default: 6735 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 6736 status = nfserrno(err); 6737 break; 6738 } 6739 out: 6740 if (nbl) { 6741 /* dequeue it if we queued it before */ 6742 if (fl_flags & FL_SLEEP) { 6743 spin_lock(&nn->blocked_locks_lock); 6744 list_del_init(&nbl->nbl_list); 6745 list_del_init(&nbl->nbl_lru); 6746 spin_unlock(&nn->blocked_locks_lock); 6747 } 6748 free_blocked_lock(nbl); 6749 } 6750 if (nf) 6751 nfsd_file_put(nf); 6752 if (lock_stp) { 6753 /* Bump seqid manually if the 4.0 replay owner is openowner */ 6754 if (cstate->replay_owner && 6755 cstate->replay_owner != &lock_sop->lo_owner && 6756 seqid_mutating_err(ntohl(status))) 6757 lock_sop->lo_owner.so_seqid++; 6758 6759 /* 6760 * If this is a new, never-before-used stateid, and we are 6761 * returning an error, then just go ahead and release it. 6762 */ 6763 if (status && new) 6764 release_lock_stateid(lock_stp); 6765 6766 mutex_unlock(&lock_stp->st_mutex); 6767 6768 nfs4_put_stid(&lock_stp->st_stid); 6769 } 6770 if (open_stp) 6771 nfs4_put_stid(&open_stp->st_stid); 6772 nfsd4_bump_seqid(cstate, status); 6773 if (conflock) 6774 locks_free_lock(conflock); 6775 return status; 6776 } 6777 6778 /* 6779 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6780 * so we do a temporary open here just to get an open file to pass to 6781 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6782 * inode operation.) 6783 */ 6784 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6785 { 6786 struct nfsd_file *nf; 6787 __be32 err = nfsd_file_acquire(rqstp, fhp, NFSD_MAY_READ, &nf); 6788 if (!err) { 6789 err = nfserrno(vfs_test_lock(nf->nf_file, lock)); 6790 nfsd_file_put(nf); 6791 } 6792 return err; 6793 } 6794 6795 /* 6796 * LOCKT operation 6797 */ 6798 __be32 6799 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6800 union nfsd4_op_u *u) 6801 { 6802 struct nfsd4_lockt *lockt = &u->lockt; 6803 struct file_lock *file_lock = NULL; 6804 struct nfs4_lockowner *lo = NULL; 6805 __be32 status; 6806 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6807 6808 if (locks_in_grace(SVC_NET(rqstp))) 6809 return nfserr_grace; 6810 6811 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6812 return nfserr_inval; 6813 6814 if (!nfsd4_has_session(cstate)) { 6815 status = lookup_clientid(&lockt->lt_clientid, cstate, nn, 6816 false); 6817 if (status) 6818 goto out; 6819 } 6820 6821 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6822 goto out; 6823 6824 file_lock = locks_alloc_lock(); 6825 if (!file_lock) { 6826 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6827 status = nfserr_jukebox; 6828 goto out; 6829 } 6830 6831 switch (lockt->lt_type) { 6832 case NFS4_READ_LT: 6833 case NFS4_READW_LT: 6834 file_lock->fl_type = F_RDLCK; 6835 break; 6836 case NFS4_WRITE_LT: 6837 case NFS4_WRITEW_LT: 6838 file_lock->fl_type = F_WRLCK; 6839 break; 6840 default: 6841 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6842 status = nfserr_inval; 6843 goto out; 6844 } 6845 6846 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6847 if (lo) 6848 file_lock->fl_owner = (fl_owner_t)lo; 6849 file_lock->fl_pid = current->tgid; 6850 file_lock->fl_flags = FL_POSIX; 6851 6852 file_lock->fl_start = lockt->lt_offset; 6853 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6854 6855 nfs4_transform_lock_offset(file_lock); 6856 6857 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6858 if (status) 6859 goto out; 6860 6861 if (file_lock->fl_type != F_UNLCK) { 6862 status = nfserr_denied; 6863 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6864 } 6865 out: 6866 if (lo) 6867 nfs4_put_stateowner(&lo->lo_owner); 6868 if (file_lock) 6869 locks_free_lock(file_lock); 6870 return status; 6871 } 6872 6873 __be32 6874 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6875 union nfsd4_op_u *u) 6876 { 6877 struct nfsd4_locku *locku = &u->locku; 6878 struct nfs4_ol_stateid *stp; 6879 struct nfsd_file *nf = NULL; 6880 struct file_lock *file_lock = NULL; 6881 __be32 status; 6882 int err; 6883 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6884 6885 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6886 (long long) locku->lu_offset, 6887 (long long) locku->lu_length); 6888 6889 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6890 return nfserr_inval; 6891 6892 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6893 &locku->lu_stateid, NFS4_LOCK_STID, 6894 &stp, nn); 6895 if (status) 6896 goto out; 6897 nf = find_any_file(stp->st_stid.sc_file); 6898 if (!nf) { 6899 status = nfserr_lock_range; 6900 goto put_stateid; 6901 } 6902 file_lock = locks_alloc_lock(); 6903 if (!file_lock) { 6904 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6905 status = nfserr_jukebox; 6906 goto put_file; 6907 } 6908 6909 file_lock->fl_type = F_UNLCK; 6910 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6911 file_lock->fl_pid = current->tgid; 6912 file_lock->fl_file = nf->nf_file; 6913 file_lock->fl_flags = FL_POSIX; 6914 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6915 file_lock->fl_start = locku->lu_offset; 6916 6917 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6918 locku->lu_length); 6919 nfs4_transform_lock_offset(file_lock); 6920 6921 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, NULL); 6922 if (err) { 6923 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6924 goto out_nfserr; 6925 } 6926 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6927 put_file: 6928 nfsd_file_put(nf); 6929 put_stateid: 6930 mutex_unlock(&stp->st_mutex); 6931 nfs4_put_stid(&stp->st_stid); 6932 out: 6933 nfsd4_bump_seqid(cstate, status); 6934 if (file_lock) 6935 locks_free_lock(file_lock); 6936 return status; 6937 6938 out_nfserr: 6939 status = nfserrno(err); 6940 goto put_file; 6941 } 6942 6943 /* 6944 * returns 6945 * true: locks held by lockowner 6946 * false: no locks held by lockowner 6947 */ 6948 static bool 6949 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 6950 { 6951 struct file_lock *fl; 6952 int status = false; 6953 struct nfsd_file *nf = find_any_file(fp); 6954 struct inode *inode; 6955 struct file_lock_context *flctx; 6956 6957 if (!nf) { 6958 /* Any valid lock stateid should have some sort of access */ 6959 WARN_ON_ONCE(1); 6960 return status; 6961 } 6962 6963 inode = locks_inode(nf->nf_file); 6964 flctx = inode->i_flctx; 6965 6966 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 6967 spin_lock(&flctx->flc_lock); 6968 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 6969 if (fl->fl_owner == (fl_owner_t)lowner) { 6970 status = true; 6971 break; 6972 } 6973 } 6974 spin_unlock(&flctx->flc_lock); 6975 } 6976 nfsd_file_put(nf); 6977 return status; 6978 } 6979 6980 __be32 6981 nfsd4_release_lockowner(struct svc_rqst *rqstp, 6982 struct nfsd4_compound_state *cstate, 6983 union nfsd4_op_u *u) 6984 { 6985 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 6986 clientid_t *clid = &rlockowner->rl_clientid; 6987 struct nfs4_stateowner *sop; 6988 struct nfs4_lockowner *lo = NULL; 6989 struct nfs4_ol_stateid *stp; 6990 struct xdr_netobj *owner = &rlockowner->rl_owner; 6991 unsigned int hashval = ownerstr_hashval(owner); 6992 __be32 status; 6993 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6994 struct nfs4_client *clp; 6995 LIST_HEAD (reaplist); 6996 6997 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 6998 clid->cl_boot, clid->cl_id); 6999 7000 status = lookup_clientid(clid, cstate, nn, false); 7001 if (status) 7002 return status; 7003 7004 clp = cstate->clp; 7005 /* Find the matching lock stateowner */ 7006 spin_lock(&clp->cl_lock); 7007 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 7008 so_strhash) { 7009 7010 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 7011 continue; 7012 7013 /* see if there are still any locks associated with it */ 7014 lo = lockowner(sop); 7015 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 7016 if (check_for_locks(stp->st_stid.sc_file, lo)) { 7017 status = nfserr_locks_held; 7018 spin_unlock(&clp->cl_lock); 7019 return status; 7020 } 7021 } 7022 7023 nfs4_get_stateowner(sop); 7024 break; 7025 } 7026 if (!lo) { 7027 spin_unlock(&clp->cl_lock); 7028 return status; 7029 } 7030 7031 unhash_lockowner_locked(lo); 7032 while (!list_empty(&lo->lo_owner.so_stateids)) { 7033 stp = list_first_entry(&lo->lo_owner.so_stateids, 7034 struct nfs4_ol_stateid, 7035 st_perstateowner); 7036 WARN_ON(!unhash_lock_stateid(stp)); 7037 put_ol_stateid_locked(stp, &reaplist); 7038 } 7039 spin_unlock(&clp->cl_lock); 7040 free_ol_stateid_reaplist(&reaplist); 7041 remove_blocked_locks(lo); 7042 nfs4_put_stateowner(&lo->lo_owner); 7043 7044 return status; 7045 } 7046 7047 static inline struct nfs4_client_reclaim * 7048 alloc_reclaim(void) 7049 { 7050 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 7051 } 7052 7053 bool 7054 nfs4_has_reclaimed_state(struct xdr_netobj name, struct nfsd_net *nn) 7055 { 7056 struct nfs4_client_reclaim *crp; 7057 7058 crp = nfsd4_find_reclaim_client(name, nn); 7059 return (crp && crp->cr_clp); 7060 } 7061 7062 /* 7063 * failure => all reset bets are off, nfserr_no_grace... 7064 * 7065 * The caller is responsible for freeing name.data if NULL is returned (it 7066 * will be freed in nfs4_remove_reclaim_record in the normal case). 7067 */ 7068 struct nfs4_client_reclaim * 7069 nfs4_client_to_reclaim(struct xdr_netobj name, struct xdr_netobj princhash, 7070 struct nfsd_net *nn) 7071 { 7072 unsigned int strhashval; 7073 struct nfs4_client_reclaim *crp; 7074 7075 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", name.len, name.data); 7076 crp = alloc_reclaim(); 7077 if (crp) { 7078 strhashval = clientstr_hashval(name); 7079 INIT_LIST_HEAD(&crp->cr_strhash); 7080 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 7081 crp->cr_name.data = name.data; 7082 crp->cr_name.len = name.len; 7083 crp->cr_princhash.data = princhash.data; 7084 crp->cr_princhash.len = princhash.len; 7085 crp->cr_clp = NULL; 7086 nn->reclaim_str_hashtbl_size++; 7087 } 7088 return crp; 7089 } 7090 7091 void 7092 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 7093 { 7094 list_del(&crp->cr_strhash); 7095 kfree(crp->cr_name.data); 7096 kfree(crp->cr_princhash.data); 7097 kfree(crp); 7098 nn->reclaim_str_hashtbl_size--; 7099 } 7100 7101 void 7102 nfs4_release_reclaim(struct nfsd_net *nn) 7103 { 7104 struct nfs4_client_reclaim *crp = NULL; 7105 int i; 7106 7107 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7108 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 7109 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 7110 struct nfs4_client_reclaim, cr_strhash); 7111 nfs4_remove_reclaim_record(crp, nn); 7112 } 7113 } 7114 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 7115 } 7116 7117 /* 7118 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 7119 struct nfs4_client_reclaim * 7120 nfsd4_find_reclaim_client(struct xdr_netobj name, struct nfsd_net *nn) 7121 { 7122 unsigned int strhashval; 7123 struct nfs4_client_reclaim *crp = NULL; 7124 7125 dprintk("NFSD: nfs4_find_reclaim_client for name %.*s\n", name.len, name.data); 7126 7127 strhashval = clientstr_hashval(name); 7128 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 7129 if (compare_blob(&crp->cr_name, &name) == 0) { 7130 return crp; 7131 } 7132 } 7133 return NULL; 7134 } 7135 7136 /* 7137 * Called from OPEN. Look for clientid in reclaim list. 7138 */ 7139 __be32 7140 nfs4_check_open_reclaim(clientid_t *clid, 7141 struct nfsd4_compound_state *cstate, 7142 struct nfsd_net *nn) 7143 { 7144 __be32 status; 7145 7146 /* find clientid in conf_id_hashtbl */ 7147 status = lookup_clientid(clid, cstate, nn, false); 7148 if (status) 7149 return nfserr_reclaim_bad; 7150 7151 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 7152 return nfserr_no_grace; 7153 7154 if (nfsd4_client_record_check(cstate->clp)) 7155 return nfserr_reclaim_bad; 7156 7157 return nfs_ok; 7158 } 7159 7160 #ifdef CONFIG_NFSD_FAULT_INJECTION 7161 static inline void 7162 put_client(struct nfs4_client *clp) 7163 { 7164 atomic_dec(&clp->cl_rpc_users); 7165 } 7166 7167 static struct nfs4_client * 7168 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 7169 { 7170 struct nfs4_client *clp; 7171 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7172 nfsd_net_id); 7173 7174 if (!nfsd_netns_ready(nn)) 7175 return NULL; 7176 7177 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7178 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 7179 return clp; 7180 } 7181 return NULL; 7182 } 7183 7184 u64 7185 nfsd_inject_print_clients(void) 7186 { 7187 struct nfs4_client *clp; 7188 u64 count = 0; 7189 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7190 nfsd_net_id); 7191 char buf[INET6_ADDRSTRLEN]; 7192 7193 if (!nfsd_netns_ready(nn)) 7194 return 0; 7195 7196 spin_lock(&nn->client_lock); 7197 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7198 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 7199 pr_info("NFS Client: %s\n", buf); 7200 ++count; 7201 } 7202 spin_unlock(&nn->client_lock); 7203 7204 return count; 7205 } 7206 7207 u64 7208 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 7209 { 7210 u64 count = 0; 7211 struct nfs4_client *clp; 7212 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7213 nfsd_net_id); 7214 7215 if (!nfsd_netns_ready(nn)) 7216 return count; 7217 7218 spin_lock(&nn->client_lock); 7219 clp = nfsd_find_client(addr, addr_size); 7220 if (clp) { 7221 if (mark_client_expired_locked(clp) == nfs_ok) 7222 ++count; 7223 else 7224 clp = NULL; 7225 } 7226 spin_unlock(&nn->client_lock); 7227 7228 if (clp) 7229 expire_client(clp); 7230 7231 return count; 7232 } 7233 7234 u64 7235 nfsd_inject_forget_clients(u64 max) 7236 { 7237 u64 count = 0; 7238 struct nfs4_client *clp, *next; 7239 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7240 nfsd_net_id); 7241 LIST_HEAD(reaplist); 7242 7243 if (!nfsd_netns_ready(nn)) 7244 return count; 7245 7246 spin_lock(&nn->client_lock); 7247 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7248 if (mark_client_expired_locked(clp) == nfs_ok) { 7249 list_add(&clp->cl_lru, &reaplist); 7250 if (max != 0 && ++count >= max) 7251 break; 7252 } 7253 } 7254 spin_unlock(&nn->client_lock); 7255 7256 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 7257 expire_client(clp); 7258 7259 return count; 7260 } 7261 7262 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 7263 const char *type) 7264 { 7265 char buf[INET6_ADDRSTRLEN]; 7266 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 7267 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 7268 } 7269 7270 static void 7271 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 7272 struct list_head *collect) 7273 { 7274 struct nfs4_client *clp = lst->st_stid.sc_client; 7275 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7276 nfsd_net_id); 7277 7278 if (!collect) 7279 return; 7280 7281 lockdep_assert_held(&nn->client_lock); 7282 atomic_inc(&clp->cl_rpc_users); 7283 list_add(&lst->st_locks, collect); 7284 } 7285 7286 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 7287 struct list_head *collect, 7288 bool (*func)(struct nfs4_ol_stateid *)) 7289 { 7290 struct nfs4_openowner *oop; 7291 struct nfs4_ol_stateid *stp, *st_next; 7292 struct nfs4_ol_stateid *lst, *lst_next; 7293 u64 count = 0; 7294 7295 spin_lock(&clp->cl_lock); 7296 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 7297 list_for_each_entry_safe(stp, st_next, 7298 &oop->oo_owner.so_stateids, st_perstateowner) { 7299 list_for_each_entry_safe(lst, lst_next, 7300 &stp->st_locks, st_locks) { 7301 if (func) { 7302 if (func(lst)) 7303 nfsd_inject_add_lock_to_list(lst, 7304 collect); 7305 } 7306 ++count; 7307 /* 7308 * Despite the fact that these functions deal 7309 * with 64-bit integers for "count", we must 7310 * ensure that it doesn't blow up the 7311 * clp->cl_rpc_users. Throw a warning if we 7312 * start to approach INT_MAX here. 7313 */ 7314 WARN_ON_ONCE(count == (INT_MAX / 2)); 7315 if (count == max) 7316 goto out; 7317 } 7318 } 7319 } 7320 out: 7321 spin_unlock(&clp->cl_lock); 7322 7323 return count; 7324 } 7325 7326 static u64 7327 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 7328 u64 max) 7329 { 7330 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 7331 } 7332 7333 static u64 7334 nfsd_print_client_locks(struct nfs4_client *clp) 7335 { 7336 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 7337 nfsd_print_count(clp, count, "locked files"); 7338 return count; 7339 } 7340 7341 u64 7342 nfsd_inject_print_locks(void) 7343 { 7344 struct nfs4_client *clp; 7345 u64 count = 0; 7346 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7347 nfsd_net_id); 7348 7349 if (!nfsd_netns_ready(nn)) 7350 return 0; 7351 7352 spin_lock(&nn->client_lock); 7353 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7354 count += nfsd_print_client_locks(clp); 7355 spin_unlock(&nn->client_lock); 7356 7357 return count; 7358 } 7359 7360 static void 7361 nfsd_reap_locks(struct list_head *reaplist) 7362 { 7363 struct nfs4_client *clp; 7364 struct nfs4_ol_stateid *stp, *next; 7365 7366 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 7367 list_del_init(&stp->st_locks); 7368 clp = stp->st_stid.sc_client; 7369 nfs4_put_stid(&stp->st_stid); 7370 put_client(clp); 7371 } 7372 } 7373 7374 u64 7375 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 7376 { 7377 unsigned int count = 0; 7378 struct nfs4_client *clp; 7379 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7380 nfsd_net_id); 7381 LIST_HEAD(reaplist); 7382 7383 if (!nfsd_netns_ready(nn)) 7384 return count; 7385 7386 spin_lock(&nn->client_lock); 7387 clp = nfsd_find_client(addr, addr_size); 7388 if (clp) 7389 count = nfsd_collect_client_locks(clp, &reaplist, 0); 7390 spin_unlock(&nn->client_lock); 7391 nfsd_reap_locks(&reaplist); 7392 return count; 7393 } 7394 7395 u64 7396 nfsd_inject_forget_locks(u64 max) 7397 { 7398 u64 count = 0; 7399 struct nfs4_client *clp; 7400 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7401 nfsd_net_id); 7402 LIST_HEAD(reaplist); 7403 7404 if (!nfsd_netns_ready(nn)) 7405 return count; 7406 7407 spin_lock(&nn->client_lock); 7408 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7409 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 7410 if (max != 0 && count >= max) 7411 break; 7412 } 7413 spin_unlock(&nn->client_lock); 7414 nfsd_reap_locks(&reaplist); 7415 return count; 7416 } 7417 7418 static u64 7419 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 7420 struct list_head *collect, 7421 void (*func)(struct nfs4_openowner *)) 7422 { 7423 struct nfs4_openowner *oop, *next; 7424 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7425 nfsd_net_id); 7426 u64 count = 0; 7427 7428 lockdep_assert_held(&nn->client_lock); 7429 7430 spin_lock(&clp->cl_lock); 7431 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 7432 if (func) { 7433 func(oop); 7434 if (collect) { 7435 atomic_inc(&clp->cl_rpc_users); 7436 list_add(&oop->oo_perclient, collect); 7437 } 7438 } 7439 ++count; 7440 /* 7441 * Despite the fact that these functions deal with 7442 * 64-bit integers for "count", we must ensure that 7443 * it doesn't blow up the clp->cl_rpc_users. Throw a 7444 * warning if we start to approach INT_MAX here. 7445 */ 7446 WARN_ON_ONCE(count == (INT_MAX / 2)); 7447 if (count == max) 7448 break; 7449 } 7450 spin_unlock(&clp->cl_lock); 7451 7452 return count; 7453 } 7454 7455 static u64 7456 nfsd_print_client_openowners(struct nfs4_client *clp) 7457 { 7458 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 7459 7460 nfsd_print_count(clp, count, "openowners"); 7461 return count; 7462 } 7463 7464 static u64 7465 nfsd_collect_client_openowners(struct nfs4_client *clp, 7466 struct list_head *collect, u64 max) 7467 { 7468 return nfsd_foreach_client_openowner(clp, max, collect, 7469 unhash_openowner_locked); 7470 } 7471 7472 u64 7473 nfsd_inject_print_openowners(void) 7474 { 7475 struct nfs4_client *clp; 7476 u64 count = 0; 7477 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7478 nfsd_net_id); 7479 7480 if (!nfsd_netns_ready(nn)) 7481 return 0; 7482 7483 spin_lock(&nn->client_lock); 7484 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7485 count += nfsd_print_client_openowners(clp); 7486 spin_unlock(&nn->client_lock); 7487 7488 return count; 7489 } 7490 7491 static void 7492 nfsd_reap_openowners(struct list_head *reaplist) 7493 { 7494 struct nfs4_client *clp; 7495 struct nfs4_openowner *oop, *next; 7496 7497 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 7498 list_del_init(&oop->oo_perclient); 7499 clp = oop->oo_owner.so_client; 7500 release_openowner(oop); 7501 put_client(clp); 7502 } 7503 } 7504 7505 u64 7506 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 7507 size_t addr_size) 7508 { 7509 unsigned int count = 0; 7510 struct nfs4_client *clp; 7511 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7512 nfsd_net_id); 7513 LIST_HEAD(reaplist); 7514 7515 if (!nfsd_netns_ready(nn)) 7516 return count; 7517 7518 spin_lock(&nn->client_lock); 7519 clp = nfsd_find_client(addr, addr_size); 7520 if (clp) 7521 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 7522 spin_unlock(&nn->client_lock); 7523 nfsd_reap_openowners(&reaplist); 7524 return count; 7525 } 7526 7527 u64 7528 nfsd_inject_forget_openowners(u64 max) 7529 { 7530 u64 count = 0; 7531 struct nfs4_client *clp; 7532 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7533 nfsd_net_id); 7534 LIST_HEAD(reaplist); 7535 7536 if (!nfsd_netns_ready(nn)) 7537 return count; 7538 7539 spin_lock(&nn->client_lock); 7540 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7541 count += nfsd_collect_client_openowners(clp, &reaplist, 7542 max - count); 7543 if (max != 0 && count >= max) 7544 break; 7545 } 7546 spin_unlock(&nn->client_lock); 7547 nfsd_reap_openowners(&reaplist); 7548 return count; 7549 } 7550 7551 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 7552 struct list_head *victims) 7553 { 7554 struct nfs4_delegation *dp, *next; 7555 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7556 nfsd_net_id); 7557 u64 count = 0; 7558 7559 lockdep_assert_held(&nn->client_lock); 7560 7561 spin_lock(&state_lock); 7562 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 7563 if (victims) { 7564 /* 7565 * It's not safe to mess with delegations that have a 7566 * non-zero dl_time. They might have already been broken 7567 * and could be processed by the laundromat outside of 7568 * the state_lock. Just leave them be. 7569 */ 7570 if (dp->dl_time != 0) 7571 continue; 7572 7573 atomic_inc(&clp->cl_rpc_users); 7574 WARN_ON(!unhash_delegation_locked(dp)); 7575 list_add(&dp->dl_recall_lru, victims); 7576 } 7577 ++count; 7578 /* 7579 * Despite the fact that these functions deal with 7580 * 64-bit integers for "count", we must ensure that 7581 * it doesn't blow up the clp->cl_rpc_users. Throw a 7582 * warning if we start to approach INT_MAX here. 7583 */ 7584 WARN_ON_ONCE(count == (INT_MAX / 2)); 7585 if (count == max) 7586 break; 7587 } 7588 spin_unlock(&state_lock); 7589 return count; 7590 } 7591 7592 static u64 7593 nfsd_print_client_delegations(struct nfs4_client *clp) 7594 { 7595 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 7596 7597 nfsd_print_count(clp, count, "delegations"); 7598 return count; 7599 } 7600 7601 u64 7602 nfsd_inject_print_delegations(void) 7603 { 7604 struct nfs4_client *clp; 7605 u64 count = 0; 7606 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7607 nfsd_net_id); 7608 7609 if (!nfsd_netns_ready(nn)) 7610 return 0; 7611 7612 spin_lock(&nn->client_lock); 7613 list_for_each_entry(clp, &nn->client_lru, cl_lru) 7614 count += nfsd_print_client_delegations(clp); 7615 spin_unlock(&nn->client_lock); 7616 7617 return count; 7618 } 7619 7620 static void 7621 nfsd_forget_delegations(struct list_head *reaplist) 7622 { 7623 struct nfs4_client *clp; 7624 struct nfs4_delegation *dp, *next; 7625 7626 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7627 list_del_init(&dp->dl_recall_lru); 7628 clp = dp->dl_stid.sc_client; 7629 revoke_delegation(dp); 7630 put_client(clp); 7631 } 7632 } 7633 7634 u64 7635 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 7636 size_t addr_size) 7637 { 7638 u64 count = 0; 7639 struct nfs4_client *clp; 7640 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7641 nfsd_net_id); 7642 LIST_HEAD(reaplist); 7643 7644 if (!nfsd_netns_ready(nn)) 7645 return count; 7646 7647 spin_lock(&nn->client_lock); 7648 clp = nfsd_find_client(addr, addr_size); 7649 if (clp) 7650 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7651 spin_unlock(&nn->client_lock); 7652 7653 nfsd_forget_delegations(&reaplist); 7654 return count; 7655 } 7656 7657 u64 7658 nfsd_inject_forget_delegations(u64 max) 7659 { 7660 u64 count = 0; 7661 struct nfs4_client *clp; 7662 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7663 nfsd_net_id); 7664 LIST_HEAD(reaplist); 7665 7666 if (!nfsd_netns_ready(nn)) 7667 return count; 7668 7669 spin_lock(&nn->client_lock); 7670 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 7671 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7672 if (max != 0 && count >= max) 7673 break; 7674 } 7675 spin_unlock(&nn->client_lock); 7676 nfsd_forget_delegations(&reaplist); 7677 return count; 7678 } 7679 7680 static void 7681 nfsd_recall_delegations(struct list_head *reaplist) 7682 { 7683 struct nfs4_client *clp; 7684 struct nfs4_delegation *dp, *next; 7685 7686 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7687 list_del_init(&dp->dl_recall_lru); 7688 clp = dp->dl_stid.sc_client; 7689 /* 7690 * We skipped all entries that had a zero dl_time before, 7691 * so we can now reset the dl_time back to 0. If a delegation 7692 * break comes in now, then it won't make any difference since 7693 * we're recalling it either way. 7694 */ 7695 spin_lock(&state_lock); 7696 dp->dl_time = 0; 7697 spin_unlock(&state_lock); 7698 nfsd_break_one_deleg(dp); 7699 put_client(clp); 7700 } 7701 } 7702 7703 u64 7704 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 7705 size_t addr_size) 7706 { 7707 u64 count = 0; 7708 struct nfs4_client *clp; 7709 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7710 nfsd_net_id); 7711 LIST_HEAD(reaplist); 7712 7713 if (!nfsd_netns_ready(nn)) 7714 return count; 7715 7716 spin_lock(&nn->client_lock); 7717 clp = nfsd_find_client(addr, addr_size); 7718 if (clp) 7719 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7720 spin_unlock(&nn->client_lock); 7721 7722 nfsd_recall_delegations(&reaplist); 7723 return count; 7724 } 7725 7726 u64 7727 nfsd_inject_recall_delegations(u64 max) 7728 { 7729 u64 count = 0; 7730 struct nfs4_client *clp, *next; 7731 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7732 nfsd_net_id); 7733 LIST_HEAD(reaplist); 7734 7735 if (!nfsd_netns_ready(nn)) 7736 return count; 7737 7738 spin_lock(&nn->client_lock); 7739 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7740 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7741 if (max != 0 && ++count >= max) 7742 break; 7743 } 7744 spin_unlock(&nn->client_lock); 7745 nfsd_recall_delegations(&reaplist); 7746 return count; 7747 } 7748 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 7749 7750 /* 7751 * Since the lifetime of a delegation isn't limited to that of an open, a 7752 * client may quite reasonably hang on to a delegation as long as it has 7753 * the inode cached. This becomes an obvious problem the first time a 7754 * client's inode cache approaches the size of the server's total memory. 7755 * 7756 * For now we avoid this problem by imposing a hard limit on the number 7757 * of delegations, which varies according to the server's memory size. 7758 */ 7759 static void 7760 set_max_delegations(void) 7761 { 7762 /* 7763 * Allow at most 4 delegations per megabyte of RAM. Quick 7764 * estimates suggest that in the worst case (where every delegation 7765 * is for a different inode), a delegation could take about 1.5K, 7766 * giving a worst case usage of about 6% of memory. 7767 */ 7768 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 7769 } 7770 7771 static int nfs4_state_create_net(struct net *net) 7772 { 7773 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7774 int i; 7775 7776 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7777 sizeof(struct list_head), 7778 GFP_KERNEL); 7779 if (!nn->conf_id_hashtbl) 7780 goto err; 7781 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7782 sizeof(struct list_head), 7783 GFP_KERNEL); 7784 if (!nn->unconf_id_hashtbl) 7785 goto err_unconf_id; 7786 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE, 7787 sizeof(struct list_head), 7788 GFP_KERNEL); 7789 if (!nn->sessionid_hashtbl) 7790 goto err_sessionid; 7791 7792 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7793 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7794 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7795 } 7796 for (i = 0; i < SESSION_HASH_SIZE; i++) 7797 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7798 nn->conf_name_tree = RB_ROOT; 7799 nn->unconf_name_tree = RB_ROOT; 7800 nn->boot_time = ktime_get_real_seconds(); 7801 nn->grace_ended = false; 7802 nn->nfsd4_manager.block_opens = true; 7803 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 7804 INIT_LIST_HEAD(&nn->client_lru); 7805 INIT_LIST_HEAD(&nn->close_lru); 7806 INIT_LIST_HEAD(&nn->del_recall_lru); 7807 spin_lock_init(&nn->client_lock); 7808 spin_lock_init(&nn->s2s_cp_lock); 7809 idr_init(&nn->s2s_cp_stateids); 7810 7811 spin_lock_init(&nn->blocked_locks_lock); 7812 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7813 7814 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7815 get_net(net); 7816 7817 return 0; 7818 7819 err_sessionid: 7820 kfree(nn->unconf_id_hashtbl); 7821 err_unconf_id: 7822 kfree(nn->conf_id_hashtbl); 7823 err: 7824 return -ENOMEM; 7825 } 7826 7827 static void 7828 nfs4_state_destroy_net(struct net *net) 7829 { 7830 int i; 7831 struct nfs4_client *clp = NULL; 7832 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7833 7834 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7835 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7836 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7837 destroy_client(clp); 7838 } 7839 } 7840 7841 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 7842 7843 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7844 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7845 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7846 destroy_client(clp); 7847 } 7848 } 7849 7850 kfree(nn->sessionid_hashtbl); 7851 kfree(nn->unconf_id_hashtbl); 7852 kfree(nn->conf_id_hashtbl); 7853 put_net(net); 7854 } 7855 7856 int 7857 nfs4_state_start_net(struct net *net) 7858 { 7859 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7860 int ret; 7861 7862 ret = nfs4_state_create_net(net); 7863 if (ret) 7864 return ret; 7865 locks_start_grace(net, &nn->nfsd4_manager); 7866 nfsd4_client_tracking_init(net); 7867 if (nn->track_reclaim_completes && nn->reclaim_str_hashtbl_size == 0) 7868 goto skip_grace; 7869 printk(KERN_INFO "NFSD: starting %lld-second grace period (net %x)\n", 7870 nn->nfsd4_grace, net->ns.inum); 7871 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7872 return 0; 7873 7874 skip_grace: 7875 printk(KERN_INFO "NFSD: no clients to reclaim, skipping NFSv4 grace period (net %x)\n", 7876 net->ns.inum); 7877 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_lease * HZ); 7878 nfsd4_end_grace(nn); 7879 return 0; 7880 } 7881 7882 /* initialization to perform when the nfsd service is started: */ 7883 7884 int 7885 nfs4_state_start(void) 7886 { 7887 int ret; 7888 7889 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7890 if (laundry_wq == NULL) { 7891 ret = -ENOMEM; 7892 goto out; 7893 } 7894 ret = nfsd4_create_callback_queue(); 7895 if (ret) 7896 goto out_free_laundry; 7897 7898 set_max_delegations(); 7899 return 0; 7900 7901 out_free_laundry: 7902 destroy_workqueue(laundry_wq); 7903 out: 7904 return ret; 7905 } 7906 7907 void 7908 nfs4_state_shutdown_net(struct net *net) 7909 { 7910 struct nfs4_delegation *dp = NULL; 7911 struct list_head *pos, *next, reaplist; 7912 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7913 7914 cancel_delayed_work_sync(&nn->laundromat_work); 7915 locks_end_grace(&nn->nfsd4_manager); 7916 7917 INIT_LIST_HEAD(&reaplist); 7918 spin_lock(&state_lock); 7919 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7920 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7921 WARN_ON(!unhash_delegation_locked(dp)); 7922 list_add(&dp->dl_recall_lru, &reaplist); 7923 } 7924 spin_unlock(&state_lock); 7925 list_for_each_safe(pos, next, &reaplist) { 7926 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7927 list_del_init(&dp->dl_recall_lru); 7928 destroy_unhashed_deleg(dp); 7929 } 7930 7931 nfsd4_client_tracking_exit(net); 7932 nfs4_state_destroy_net(net); 7933 } 7934 7935 void 7936 nfs4_state_shutdown(void) 7937 { 7938 destroy_workqueue(laundry_wq); 7939 nfsd4_destroy_callback_queue(); 7940 } 7941 7942 static void 7943 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7944 { 7945 if (HAS_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG) && 7946 CURRENT_STATEID(stateid)) 7947 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 7948 } 7949 7950 static void 7951 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7952 { 7953 if (cstate->minorversion) { 7954 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 7955 SET_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 7956 } 7957 } 7958 7959 void 7960 clear_current_stateid(struct nfsd4_compound_state *cstate) 7961 { 7962 CLEAR_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 7963 } 7964 7965 /* 7966 * functions to set current state id 7967 */ 7968 void 7969 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 7970 union nfsd4_op_u *u) 7971 { 7972 put_stateid(cstate, &u->open_downgrade.od_stateid); 7973 } 7974 7975 void 7976 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 7977 union nfsd4_op_u *u) 7978 { 7979 put_stateid(cstate, &u->open.op_stateid); 7980 } 7981 7982 void 7983 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 7984 union nfsd4_op_u *u) 7985 { 7986 put_stateid(cstate, &u->close.cl_stateid); 7987 } 7988 7989 void 7990 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 7991 union nfsd4_op_u *u) 7992 { 7993 put_stateid(cstate, &u->lock.lk_resp_stateid); 7994 } 7995 7996 /* 7997 * functions to consume current state id 7998 */ 7999 8000 void 8001 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 8002 union nfsd4_op_u *u) 8003 { 8004 get_stateid(cstate, &u->open_downgrade.od_stateid); 8005 } 8006 8007 void 8008 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 8009 union nfsd4_op_u *u) 8010 { 8011 get_stateid(cstate, &u->delegreturn.dr_stateid); 8012 } 8013 8014 void 8015 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 8016 union nfsd4_op_u *u) 8017 { 8018 get_stateid(cstate, &u->free_stateid.fr_stateid); 8019 } 8020 8021 void 8022 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 8023 union nfsd4_op_u *u) 8024 { 8025 get_stateid(cstate, &u->setattr.sa_stateid); 8026 } 8027 8028 void 8029 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 8030 union nfsd4_op_u *u) 8031 { 8032 get_stateid(cstate, &u->close.cl_stateid); 8033 } 8034 8035 void 8036 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 8037 union nfsd4_op_u *u) 8038 { 8039 get_stateid(cstate, &u->locku.lu_stateid); 8040 } 8041 8042 void 8043 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 8044 union nfsd4_op_u *u) 8045 { 8046 get_stateid(cstate, &u->read.rd_stateid); 8047 } 8048 8049 void 8050 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 8051 union nfsd4_op_u *u) 8052 { 8053 get_stateid(cstate, &u->write.wr_stateid); 8054 } 8055