1 /* 2 * Server-side XDR for NFSv4 3 * 4 * Copyright (c) 2002 The Regents of the University of Michigan. 5 * All rights reserved. 6 * 7 * Kendrick Smith <kmsmith@umich.edu> 8 * Andy Adamson <andros@umich.edu> 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its 20 * contributors may be used to endorse or promote products derived 21 * from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 24 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 * 35 * TODO: Neil Brown made the following observation: We currently 36 * initially reserve NFSD_BUFSIZE space on the transmit queue and 37 * never release any of that until the request is complete. 38 * It would be good to calculate a new maximum response size while 39 * decoding the COMPOUND, and call svc_reserve with this number 40 * at the end of nfs4svc_decode_compoundargs. 41 */ 42 43 #include <linux/slab.h> 44 #include <linux/namei.h> 45 #include <linux/statfs.h> 46 #include <linux/utsname.h> 47 #include <linux/pagemap.h> 48 #include <linux/sunrpc/svcauth_gss.h> 49 50 #include "idmap.h" 51 #include "acl.h" 52 #include "xdr4.h" 53 #include "vfs.h" 54 #include "state.h" 55 #include "cache.h" 56 #include "netns.h" 57 58 #define NFSDDBG_FACILITY NFSDDBG_XDR 59 60 /* 61 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing 62 * directory in order to indicate to the client that a filesystem boundary is present 63 * We use a fixed fsid for a referral 64 */ 65 #define NFS4_REFERRAL_FSID_MAJOR 0x8000000ULL 66 #define NFS4_REFERRAL_FSID_MINOR 0x8000000ULL 67 68 static __be32 69 check_filename(char *str, int len) 70 { 71 int i; 72 73 if (len == 0) 74 return nfserr_inval; 75 if (isdotent(str, len)) 76 return nfserr_badname; 77 for (i = 0; i < len; i++) 78 if (str[i] == '/') 79 return nfserr_badname; 80 return 0; 81 } 82 83 #define DECODE_HEAD \ 84 __be32 *p; \ 85 __be32 status 86 #define DECODE_TAIL \ 87 status = 0; \ 88 out: \ 89 return status; \ 90 xdr_error: \ 91 dprintk("NFSD: xdr error (%s:%d)\n", \ 92 __FILE__, __LINE__); \ 93 status = nfserr_bad_xdr; \ 94 goto out 95 96 #define READ32(x) (x) = ntohl(*p++) 97 #define READ64(x) do { \ 98 (x) = (u64)ntohl(*p++) << 32; \ 99 (x) |= ntohl(*p++); \ 100 } while (0) 101 #define READTIME(x) do { \ 102 p++; \ 103 (x) = ntohl(*p++); \ 104 p++; \ 105 } while (0) 106 #define READMEM(x,nbytes) do { \ 107 x = (char *)p; \ 108 p += XDR_QUADLEN(nbytes); \ 109 } while (0) 110 #define SAVEMEM(x,nbytes) do { \ 111 if (!(x = (p==argp->tmp || p == argp->tmpp) ? \ 112 savemem(argp, p, nbytes) : \ 113 (char *)p)) { \ 114 dprintk("NFSD: xdr error (%s:%d)\n", \ 115 __FILE__, __LINE__); \ 116 goto xdr_error; \ 117 } \ 118 p += XDR_QUADLEN(nbytes); \ 119 } while (0) 120 #define COPYMEM(x,nbytes) do { \ 121 memcpy((x), p, nbytes); \ 122 p += XDR_QUADLEN(nbytes); \ 123 } while (0) 124 125 /* READ_BUF, read_buf(): nbytes must be <= PAGE_SIZE */ 126 #define READ_BUF(nbytes) do { \ 127 if (nbytes <= (u32)((char *)argp->end - (char *)argp->p)) { \ 128 p = argp->p; \ 129 argp->p += XDR_QUADLEN(nbytes); \ 130 } else if (!(p = read_buf(argp, nbytes))) { \ 131 dprintk("NFSD: xdr error (%s:%d)\n", \ 132 __FILE__, __LINE__); \ 133 goto xdr_error; \ 134 } \ 135 } while (0) 136 137 static __be32 *read_buf(struct nfsd4_compoundargs *argp, u32 nbytes) 138 { 139 /* We want more bytes than seem to be available. 140 * Maybe we need a new page, maybe we have just run out 141 */ 142 unsigned int avail = (char *)argp->end - (char *)argp->p; 143 __be32 *p; 144 if (avail + argp->pagelen < nbytes) 145 return NULL; 146 if (avail + PAGE_SIZE < nbytes) /* need more than a page !! */ 147 return NULL; 148 /* ok, we can do it with the current plus the next page */ 149 if (nbytes <= sizeof(argp->tmp)) 150 p = argp->tmp; 151 else { 152 kfree(argp->tmpp); 153 p = argp->tmpp = kmalloc(nbytes, GFP_KERNEL); 154 if (!p) 155 return NULL; 156 157 } 158 /* 159 * The following memcpy is safe because read_buf is always 160 * called with nbytes > avail, and the two cases above both 161 * guarantee p points to at least nbytes bytes. 162 */ 163 memcpy(p, argp->p, avail); 164 /* step to next page */ 165 argp->p = page_address(argp->pagelist[0]); 166 argp->pagelist++; 167 if (argp->pagelen < PAGE_SIZE) { 168 argp->end = argp->p + (argp->pagelen>>2); 169 argp->pagelen = 0; 170 } else { 171 argp->end = argp->p + (PAGE_SIZE>>2); 172 argp->pagelen -= PAGE_SIZE; 173 } 174 memcpy(((char*)p)+avail, argp->p, (nbytes - avail)); 175 argp->p += XDR_QUADLEN(nbytes - avail); 176 return p; 177 } 178 179 static int zero_clientid(clientid_t *clid) 180 { 181 return (clid->cl_boot == 0) && (clid->cl_id == 0); 182 } 183 184 static int 185 defer_free(struct nfsd4_compoundargs *argp, 186 void (*release)(const void *), void *p) 187 { 188 struct tmpbuf *tb; 189 190 tb = kmalloc(sizeof(*tb), GFP_KERNEL); 191 if (!tb) 192 return -ENOMEM; 193 tb->buf = p; 194 tb->release = release; 195 tb->next = argp->to_free; 196 argp->to_free = tb; 197 return 0; 198 } 199 200 static char *savemem(struct nfsd4_compoundargs *argp, __be32 *p, int nbytes) 201 { 202 if (p == argp->tmp) { 203 p = kmemdup(argp->tmp, nbytes, GFP_KERNEL); 204 if (!p) 205 return NULL; 206 } else { 207 BUG_ON(p != argp->tmpp); 208 argp->tmpp = NULL; 209 } 210 if (defer_free(argp, kfree, p)) { 211 kfree(p); 212 return NULL; 213 } else 214 return (char *)p; 215 } 216 217 static __be32 218 nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval) 219 { 220 u32 bmlen; 221 DECODE_HEAD; 222 223 bmval[0] = 0; 224 bmval[1] = 0; 225 bmval[2] = 0; 226 227 READ_BUF(4); 228 READ32(bmlen); 229 if (bmlen > 1000) 230 goto xdr_error; 231 232 READ_BUF(bmlen << 2); 233 if (bmlen > 0) 234 READ32(bmval[0]); 235 if (bmlen > 1) 236 READ32(bmval[1]); 237 if (bmlen > 2) 238 READ32(bmval[2]); 239 240 DECODE_TAIL; 241 } 242 243 static __be32 244 nfsd4_decode_fattr(struct nfsd4_compoundargs *argp, u32 *bmval, 245 struct iattr *iattr, struct nfs4_acl **acl) 246 { 247 int expected_len, len = 0; 248 u32 dummy32; 249 char *buf; 250 int host_err; 251 252 DECODE_HEAD; 253 iattr->ia_valid = 0; 254 if ((status = nfsd4_decode_bitmap(argp, bmval))) 255 return status; 256 257 READ_BUF(4); 258 READ32(expected_len); 259 260 if (bmval[0] & FATTR4_WORD0_SIZE) { 261 READ_BUF(8); 262 len += 8; 263 READ64(iattr->ia_size); 264 iattr->ia_valid |= ATTR_SIZE; 265 } 266 if (bmval[0] & FATTR4_WORD0_ACL) { 267 u32 nace; 268 struct nfs4_ace *ace; 269 270 READ_BUF(4); len += 4; 271 READ32(nace); 272 273 if (nace > NFS4_ACL_MAX) 274 return nfserr_resource; 275 276 *acl = nfs4_acl_new(nace); 277 if (*acl == NULL) { 278 host_err = -ENOMEM; 279 goto out_nfserr; 280 } 281 defer_free(argp, kfree, *acl); 282 283 (*acl)->naces = nace; 284 for (ace = (*acl)->aces; ace < (*acl)->aces + nace; ace++) { 285 READ_BUF(16); len += 16; 286 READ32(ace->type); 287 READ32(ace->flag); 288 READ32(ace->access_mask); 289 READ32(dummy32); 290 READ_BUF(dummy32); 291 len += XDR_QUADLEN(dummy32) << 2; 292 READMEM(buf, dummy32); 293 ace->whotype = nfs4_acl_get_whotype(buf, dummy32); 294 status = nfs_ok; 295 if (ace->whotype != NFS4_ACL_WHO_NAMED) 296 ; 297 else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP) 298 status = nfsd_map_name_to_gid(argp->rqstp, 299 buf, dummy32, &ace->who_gid); 300 else 301 status = nfsd_map_name_to_uid(argp->rqstp, 302 buf, dummy32, &ace->who_uid); 303 if (status) 304 return status; 305 } 306 } else 307 *acl = NULL; 308 if (bmval[1] & FATTR4_WORD1_MODE) { 309 READ_BUF(4); 310 len += 4; 311 READ32(iattr->ia_mode); 312 iattr->ia_mode &= (S_IFMT | S_IALLUGO); 313 iattr->ia_valid |= ATTR_MODE; 314 } 315 if (bmval[1] & FATTR4_WORD1_OWNER) { 316 READ_BUF(4); 317 len += 4; 318 READ32(dummy32); 319 READ_BUF(dummy32); 320 len += (XDR_QUADLEN(dummy32) << 2); 321 READMEM(buf, dummy32); 322 if ((status = nfsd_map_name_to_uid(argp->rqstp, buf, dummy32, &iattr->ia_uid))) 323 return status; 324 iattr->ia_valid |= ATTR_UID; 325 } 326 if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) { 327 READ_BUF(4); 328 len += 4; 329 READ32(dummy32); 330 READ_BUF(dummy32); 331 len += (XDR_QUADLEN(dummy32) << 2); 332 READMEM(buf, dummy32); 333 if ((status = nfsd_map_name_to_gid(argp->rqstp, buf, dummy32, &iattr->ia_gid))) 334 return status; 335 iattr->ia_valid |= ATTR_GID; 336 } 337 if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) { 338 READ_BUF(4); 339 len += 4; 340 READ32(dummy32); 341 switch (dummy32) { 342 case NFS4_SET_TO_CLIENT_TIME: 343 /* We require the high 32 bits of 'seconds' to be 0, and we ignore 344 all 32 bits of 'nseconds'. */ 345 READ_BUF(12); 346 len += 12; 347 READ64(iattr->ia_atime.tv_sec); 348 READ32(iattr->ia_atime.tv_nsec); 349 if (iattr->ia_atime.tv_nsec >= (u32)1000000000) 350 return nfserr_inval; 351 iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET); 352 break; 353 case NFS4_SET_TO_SERVER_TIME: 354 iattr->ia_valid |= ATTR_ATIME; 355 break; 356 default: 357 goto xdr_error; 358 } 359 } 360 if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) { 361 READ_BUF(4); 362 len += 4; 363 READ32(dummy32); 364 switch (dummy32) { 365 case NFS4_SET_TO_CLIENT_TIME: 366 /* We require the high 32 bits of 'seconds' to be 0, and we ignore 367 all 32 bits of 'nseconds'. */ 368 READ_BUF(12); 369 len += 12; 370 READ64(iattr->ia_mtime.tv_sec); 371 READ32(iattr->ia_mtime.tv_nsec); 372 if (iattr->ia_mtime.tv_nsec >= (u32)1000000000) 373 return nfserr_inval; 374 iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET); 375 break; 376 case NFS4_SET_TO_SERVER_TIME: 377 iattr->ia_valid |= ATTR_MTIME; 378 break; 379 default: 380 goto xdr_error; 381 } 382 } 383 if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0 384 || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1 385 || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) 386 READ_BUF(expected_len - len); 387 else if (len != expected_len) 388 goto xdr_error; 389 390 DECODE_TAIL; 391 392 out_nfserr: 393 status = nfserrno(host_err); 394 goto out; 395 } 396 397 static __be32 398 nfsd4_decode_stateid(struct nfsd4_compoundargs *argp, stateid_t *sid) 399 { 400 DECODE_HEAD; 401 402 READ_BUF(sizeof(stateid_t)); 403 READ32(sid->si_generation); 404 COPYMEM(&sid->si_opaque, sizeof(stateid_opaque_t)); 405 406 DECODE_TAIL; 407 } 408 409 static __be32 410 nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access) 411 { 412 DECODE_HEAD; 413 414 READ_BUF(4); 415 READ32(access->ac_req_access); 416 417 DECODE_TAIL; 418 } 419 420 static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) 421 { 422 DECODE_HEAD; 423 u32 dummy, uid, gid; 424 char *machine_name; 425 int i; 426 int nr_secflavs; 427 428 /* callback_sec_params4 */ 429 READ_BUF(4); 430 READ32(nr_secflavs); 431 cbs->flavor = (u32)(-1); 432 for (i = 0; i < nr_secflavs; ++i) { 433 READ_BUF(4); 434 READ32(dummy); 435 switch (dummy) { 436 case RPC_AUTH_NULL: 437 /* Nothing to read */ 438 if (cbs->flavor == (u32)(-1)) 439 cbs->flavor = RPC_AUTH_NULL; 440 break; 441 case RPC_AUTH_UNIX: 442 READ_BUF(8); 443 /* stamp */ 444 READ32(dummy); 445 446 /* machine name */ 447 READ32(dummy); 448 READ_BUF(dummy); 449 SAVEMEM(machine_name, dummy); 450 451 /* uid, gid */ 452 READ_BUF(8); 453 READ32(uid); 454 READ32(gid); 455 456 /* more gids */ 457 READ_BUF(4); 458 READ32(dummy); 459 READ_BUF(dummy * 4); 460 if (cbs->flavor == (u32)(-1)) { 461 kuid_t kuid = make_kuid(&init_user_ns, uid); 462 kgid_t kgid = make_kgid(&init_user_ns, gid); 463 if (uid_valid(kuid) && gid_valid(kgid)) { 464 cbs->uid = kuid; 465 cbs->gid = kgid; 466 cbs->flavor = RPC_AUTH_UNIX; 467 } else { 468 dprintk("RPC_AUTH_UNIX with invalid" 469 "uid or gid ignoring!\n"); 470 } 471 } 472 break; 473 case RPC_AUTH_GSS: 474 dprintk("RPC_AUTH_GSS callback secflavor " 475 "not supported!\n"); 476 READ_BUF(8); 477 /* gcbp_service */ 478 READ32(dummy); 479 /* gcbp_handle_from_server */ 480 READ32(dummy); 481 READ_BUF(dummy); 482 p += XDR_QUADLEN(dummy); 483 /* gcbp_handle_from_client */ 484 READ_BUF(4); 485 READ32(dummy); 486 READ_BUF(dummy); 487 break; 488 default: 489 dprintk("Illegal callback secflavor\n"); 490 return nfserr_inval; 491 } 492 } 493 DECODE_TAIL; 494 } 495 496 static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp, struct nfsd4_backchannel_ctl *bc) 497 { 498 DECODE_HEAD; 499 500 READ_BUF(4); 501 READ32(bc->bc_cb_program); 502 nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec); 503 504 DECODE_TAIL; 505 } 506 507 static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp, struct nfsd4_bind_conn_to_session *bcts) 508 { 509 DECODE_HEAD; 510 511 READ_BUF(NFS4_MAX_SESSIONID_LEN + 8); 512 COPYMEM(bcts->sessionid.data, NFS4_MAX_SESSIONID_LEN); 513 READ32(bcts->dir); 514 /* XXX: skipping ctsa_use_conn_in_rdma_mode. Perhaps Tom Tucker 515 * could help us figure out we should be using it. */ 516 DECODE_TAIL; 517 } 518 519 static __be32 520 nfsd4_decode_close(struct nfsd4_compoundargs *argp, struct nfsd4_close *close) 521 { 522 DECODE_HEAD; 523 524 READ_BUF(4); 525 READ32(close->cl_seqid); 526 return nfsd4_decode_stateid(argp, &close->cl_stateid); 527 528 DECODE_TAIL; 529 } 530 531 532 static __be32 533 nfsd4_decode_commit(struct nfsd4_compoundargs *argp, struct nfsd4_commit *commit) 534 { 535 DECODE_HEAD; 536 537 READ_BUF(12); 538 READ64(commit->co_offset); 539 READ32(commit->co_count); 540 541 DECODE_TAIL; 542 } 543 544 static __be32 545 nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create) 546 { 547 DECODE_HEAD; 548 549 READ_BUF(4); 550 READ32(create->cr_type); 551 switch (create->cr_type) { 552 case NF4LNK: 553 READ_BUF(4); 554 READ32(create->cr_linklen); 555 READ_BUF(create->cr_linklen); 556 SAVEMEM(create->cr_linkname, create->cr_linklen); 557 break; 558 case NF4BLK: 559 case NF4CHR: 560 READ_BUF(8); 561 READ32(create->cr_specdata1); 562 READ32(create->cr_specdata2); 563 break; 564 case NF4SOCK: 565 case NF4FIFO: 566 case NF4DIR: 567 default: 568 break; 569 } 570 571 READ_BUF(4); 572 READ32(create->cr_namelen); 573 READ_BUF(create->cr_namelen); 574 SAVEMEM(create->cr_name, create->cr_namelen); 575 if ((status = check_filename(create->cr_name, create->cr_namelen))) 576 return status; 577 578 status = nfsd4_decode_fattr(argp, create->cr_bmval, &create->cr_iattr, 579 &create->cr_acl); 580 if (status) 581 goto out; 582 583 DECODE_TAIL; 584 } 585 586 static inline __be32 587 nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, struct nfsd4_delegreturn *dr) 588 { 589 return nfsd4_decode_stateid(argp, &dr->dr_stateid); 590 } 591 592 static inline __be32 593 nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, struct nfsd4_getattr *getattr) 594 { 595 return nfsd4_decode_bitmap(argp, getattr->ga_bmval); 596 } 597 598 static __be32 599 nfsd4_decode_link(struct nfsd4_compoundargs *argp, struct nfsd4_link *link) 600 { 601 DECODE_HEAD; 602 603 READ_BUF(4); 604 READ32(link->li_namelen); 605 READ_BUF(link->li_namelen); 606 SAVEMEM(link->li_name, link->li_namelen); 607 if ((status = check_filename(link->li_name, link->li_namelen))) 608 return status; 609 610 DECODE_TAIL; 611 } 612 613 static __be32 614 nfsd4_decode_lock(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock) 615 { 616 DECODE_HEAD; 617 618 /* 619 * type, reclaim(boolean), offset, length, new_lock_owner(boolean) 620 */ 621 READ_BUF(28); 622 READ32(lock->lk_type); 623 if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT)) 624 goto xdr_error; 625 READ32(lock->lk_reclaim); 626 READ64(lock->lk_offset); 627 READ64(lock->lk_length); 628 READ32(lock->lk_is_new); 629 630 if (lock->lk_is_new) { 631 READ_BUF(4); 632 READ32(lock->lk_new_open_seqid); 633 status = nfsd4_decode_stateid(argp, &lock->lk_new_open_stateid); 634 if (status) 635 return status; 636 READ_BUF(8 + sizeof(clientid_t)); 637 READ32(lock->lk_new_lock_seqid); 638 COPYMEM(&lock->lk_new_clientid, sizeof(clientid_t)); 639 READ32(lock->lk_new_owner.len); 640 READ_BUF(lock->lk_new_owner.len); 641 READMEM(lock->lk_new_owner.data, lock->lk_new_owner.len); 642 } else { 643 status = nfsd4_decode_stateid(argp, &lock->lk_old_lock_stateid); 644 if (status) 645 return status; 646 READ_BUF(4); 647 READ32(lock->lk_old_lock_seqid); 648 } 649 650 DECODE_TAIL; 651 } 652 653 static __be32 654 nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, struct nfsd4_lockt *lockt) 655 { 656 DECODE_HEAD; 657 658 READ_BUF(32); 659 READ32(lockt->lt_type); 660 if((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT)) 661 goto xdr_error; 662 READ64(lockt->lt_offset); 663 READ64(lockt->lt_length); 664 COPYMEM(&lockt->lt_clientid, 8); 665 READ32(lockt->lt_owner.len); 666 READ_BUF(lockt->lt_owner.len); 667 READMEM(lockt->lt_owner.data, lockt->lt_owner.len); 668 669 DECODE_TAIL; 670 } 671 672 static __be32 673 nfsd4_decode_locku(struct nfsd4_compoundargs *argp, struct nfsd4_locku *locku) 674 { 675 DECODE_HEAD; 676 677 READ_BUF(8); 678 READ32(locku->lu_type); 679 if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT)) 680 goto xdr_error; 681 READ32(locku->lu_seqid); 682 status = nfsd4_decode_stateid(argp, &locku->lu_stateid); 683 if (status) 684 return status; 685 READ_BUF(16); 686 READ64(locku->lu_offset); 687 READ64(locku->lu_length); 688 689 DECODE_TAIL; 690 } 691 692 static __be32 693 nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, struct nfsd4_lookup *lookup) 694 { 695 DECODE_HEAD; 696 697 READ_BUF(4); 698 READ32(lookup->lo_len); 699 READ_BUF(lookup->lo_len); 700 SAVEMEM(lookup->lo_name, lookup->lo_len); 701 if ((status = check_filename(lookup->lo_name, lookup->lo_len))) 702 return status; 703 704 DECODE_TAIL; 705 } 706 707 static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when) 708 { 709 __be32 *p; 710 u32 w; 711 712 READ_BUF(4); 713 READ32(w); 714 *share_access = w & NFS4_SHARE_ACCESS_MASK; 715 *deleg_want = w & NFS4_SHARE_WANT_MASK; 716 if (deleg_when) 717 *deleg_when = w & NFS4_SHARE_WHEN_MASK; 718 719 switch (w & NFS4_SHARE_ACCESS_MASK) { 720 case NFS4_SHARE_ACCESS_READ: 721 case NFS4_SHARE_ACCESS_WRITE: 722 case NFS4_SHARE_ACCESS_BOTH: 723 break; 724 default: 725 return nfserr_bad_xdr; 726 } 727 w &= ~NFS4_SHARE_ACCESS_MASK; 728 if (!w) 729 return nfs_ok; 730 if (!argp->minorversion) 731 return nfserr_bad_xdr; 732 switch (w & NFS4_SHARE_WANT_MASK) { 733 case NFS4_SHARE_WANT_NO_PREFERENCE: 734 case NFS4_SHARE_WANT_READ_DELEG: 735 case NFS4_SHARE_WANT_WRITE_DELEG: 736 case NFS4_SHARE_WANT_ANY_DELEG: 737 case NFS4_SHARE_WANT_NO_DELEG: 738 case NFS4_SHARE_WANT_CANCEL: 739 break; 740 default: 741 return nfserr_bad_xdr; 742 } 743 w &= ~NFS4_SHARE_WANT_MASK; 744 if (!w) 745 return nfs_ok; 746 747 if (!deleg_when) /* open_downgrade */ 748 return nfserr_inval; 749 switch (w) { 750 case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL: 751 case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED: 752 case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL | 753 NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED): 754 return nfs_ok; 755 } 756 xdr_error: 757 return nfserr_bad_xdr; 758 } 759 760 static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x) 761 { 762 __be32 *p; 763 764 READ_BUF(4); 765 READ32(*x); 766 /* Note: unlinke access bits, deny bits may be zero. */ 767 if (*x & ~NFS4_SHARE_DENY_BOTH) 768 return nfserr_bad_xdr; 769 return nfs_ok; 770 xdr_error: 771 return nfserr_bad_xdr; 772 } 773 774 static __be32 nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o) 775 { 776 __be32 *p; 777 778 READ_BUF(4); 779 READ32(o->len); 780 781 if (o->len == 0 || o->len > NFS4_OPAQUE_LIMIT) 782 return nfserr_bad_xdr; 783 784 READ_BUF(o->len); 785 SAVEMEM(o->data, o->len); 786 return nfs_ok; 787 xdr_error: 788 return nfserr_bad_xdr; 789 } 790 791 static __be32 792 nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open) 793 { 794 DECODE_HEAD; 795 u32 dummy; 796 797 memset(open->op_bmval, 0, sizeof(open->op_bmval)); 798 open->op_iattr.ia_valid = 0; 799 open->op_openowner = NULL; 800 801 open->op_xdr_error = 0; 802 /* seqid, share_access, share_deny, clientid, ownerlen */ 803 READ_BUF(4); 804 READ32(open->op_seqid); 805 /* decode, yet ignore deleg_when until supported */ 806 status = nfsd4_decode_share_access(argp, &open->op_share_access, 807 &open->op_deleg_want, &dummy); 808 if (status) 809 goto xdr_error; 810 status = nfsd4_decode_share_deny(argp, &open->op_share_deny); 811 if (status) 812 goto xdr_error; 813 READ_BUF(sizeof(clientid_t)); 814 COPYMEM(&open->op_clientid, sizeof(clientid_t)); 815 status = nfsd4_decode_opaque(argp, &open->op_owner); 816 if (status) 817 goto xdr_error; 818 READ_BUF(4); 819 READ32(open->op_create); 820 switch (open->op_create) { 821 case NFS4_OPEN_NOCREATE: 822 break; 823 case NFS4_OPEN_CREATE: 824 READ_BUF(4); 825 READ32(open->op_createmode); 826 switch (open->op_createmode) { 827 case NFS4_CREATE_UNCHECKED: 828 case NFS4_CREATE_GUARDED: 829 status = nfsd4_decode_fattr(argp, open->op_bmval, 830 &open->op_iattr, &open->op_acl); 831 if (status) 832 goto out; 833 break; 834 case NFS4_CREATE_EXCLUSIVE: 835 READ_BUF(NFS4_VERIFIER_SIZE); 836 COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE); 837 break; 838 case NFS4_CREATE_EXCLUSIVE4_1: 839 if (argp->minorversion < 1) 840 goto xdr_error; 841 READ_BUF(NFS4_VERIFIER_SIZE); 842 COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE); 843 status = nfsd4_decode_fattr(argp, open->op_bmval, 844 &open->op_iattr, &open->op_acl); 845 if (status) 846 goto out; 847 break; 848 default: 849 goto xdr_error; 850 } 851 break; 852 default: 853 goto xdr_error; 854 } 855 856 /* open_claim */ 857 READ_BUF(4); 858 READ32(open->op_claim_type); 859 switch (open->op_claim_type) { 860 case NFS4_OPEN_CLAIM_NULL: 861 case NFS4_OPEN_CLAIM_DELEGATE_PREV: 862 READ_BUF(4); 863 READ32(open->op_fname.len); 864 READ_BUF(open->op_fname.len); 865 SAVEMEM(open->op_fname.data, open->op_fname.len); 866 if ((status = check_filename(open->op_fname.data, open->op_fname.len))) 867 return status; 868 break; 869 case NFS4_OPEN_CLAIM_PREVIOUS: 870 READ_BUF(4); 871 READ32(open->op_delegate_type); 872 break; 873 case NFS4_OPEN_CLAIM_DELEGATE_CUR: 874 status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid); 875 if (status) 876 return status; 877 READ_BUF(4); 878 READ32(open->op_fname.len); 879 READ_BUF(open->op_fname.len); 880 SAVEMEM(open->op_fname.data, open->op_fname.len); 881 if ((status = check_filename(open->op_fname.data, open->op_fname.len))) 882 return status; 883 break; 884 case NFS4_OPEN_CLAIM_FH: 885 case NFS4_OPEN_CLAIM_DELEG_PREV_FH: 886 if (argp->minorversion < 1) 887 goto xdr_error; 888 /* void */ 889 break; 890 case NFS4_OPEN_CLAIM_DELEG_CUR_FH: 891 if (argp->minorversion < 1) 892 goto xdr_error; 893 status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid); 894 if (status) 895 return status; 896 break; 897 default: 898 goto xdr_error; 899 } 900 901 DECODE_TAIL; 902 } 903 904 static __be32 905 nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_open_confirm *open_conf) 906 { 907 DECODE_HEAD; 908 909 status = nfsd4_decode_stateid(argp, &open_conf->oc_req_stateid); 910 if (status) 911 return status; 912 READ_BUF(4); 913 READ32(open_conf->oc_seqid); 914 915 DECODE_TAIL; 916 } 917 918 static __be32 919 nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp, struct nfsd4_open_downgrade *open_down) 920 { 921 DECODE_HEAD; 922 923 status = nfsd4_decode_stateid(argp, &open_down->od_stateid); 924 if (status) 925 return status; 926 READ_BUF(4); 927 READ32(open_down->od_seqid); 928 status = nfsd4_decode_share_access(argp, &open_down->od_share_access, 929 &open_down->od_deleg_want, NULL); 930 if (status) 931 return status; 932 status = nfsd4_decode_share_deny(argp, &open_down->od_share_deny); 933 if (status) 934 return status; 935 DECODE_TAIL; 936 } 937 938 static __be32 939 nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh) 940 { 941 DECODE_HEAD; 942 943 READ_BUF(4); 944 READ32(putfh->pf_fhlen); 945 if (putfh->pf_fhlen > NFS4_FHSIZE) 946 goto xdr_error; 947 READ_BUF(putfh->pf_fhlen); 948 SAVEMEM(putfh->pf_fhval, putfh->pf_fhlen); 949 950 DECODE_TAIL; 951 } 952 953 static __be32 954 nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read) 955 { 956 DECODE_HEAD; 957 958 status = nfsd4_decode_stateid(argp, &read->rd_stateid); 959 if (status) 960 return status; 961 READ_BUF(12); 962 READ64(read->rd_offset); 963 READ32(read->rd_length); 964 965 DECODE_TAIL; 966 } 967 968 static __be32 969 nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, struct nfsd4_readdir *readdir) 970 { 971 DECODE_HEAD; 972 973 READ_BUF(24); 974 READ64(readdir->rd_cookie); 975 COPYMEM(readdir->rd_verf.data, sizeof(readdir->rd_verf.data)); 976 READ32(readdir->rd_dircount); /* just in case you needed a useless field... */ 977 READ32(readdir->rd_maxcount); 978 if ((status = nfsd4_decode_bitmap(argp, readdir->rd_bmval))) 979 goto out; 980 981 DECODE_TAIL; 982 } 983 984 static __be32 985 nfsd4_decode_remove(struct nfsd4_compoundargs *argp, struct nfsd4_remove *remove) 986 { 987 DECODE_HEAD; 988 989 READ_BUF(4); 990 READ32(remove->rm_namelen); 991 READ_BUF(remove->rm_namelen); 992 SAVEMEM(remove->rm_name, remove->rm_namelen); 993 if ((status = check_filename(remove->rm_name, remove->rm_namelen))) 994 return status; 995 996 DECODE_TAIL; 997 } 998 999 static __be32 1000 nfsd4_decode_rename(struct nfsd4_compoundargs *argp, struct nfsd4_rename *rename) 1001 { 1002 DECODE_HEAD; 1003 1004 READ_BUF(4); 1005 READ32(rename->rn_snamelen); 1006 READ_BUF(rename->rn_snamelen + 4); 1007 SAVEMEM(rename->rn_sname, rename->rn_snamelen); 1008 READ32(rename->rn_tnamelen); 1009 READ_BUF(rename->rn_tnamelen); 1010 SAVEMEM(rename->rn_tname, rename->rn_tnamelen); 1011 if ((status = check_filename(rename->rn_sname, rename->rn_snamelen))) 1012 return status; 1013 if ((status = check_filename(rename->rn_tname, rename->rn_tnamelen))) 1014 return status; 1015 1016 DECODE_TAIL; 1017 } 1018 1019 static __be32 1020 nfsd4_decode_renew(struct nfsd4_compoundargs *argp, clientid_t *clientid) 1021 { 1022 DECODE_HEAD; 1023 1024 READ_BUF(sizeof(clientid_t)); 1025 COPYMEM(clientid, sizeof(clientid_t)); 1026 1027 DECODE_TAIL; 1028 } 1029 1030 static __be32 1031 nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp, 1032 struct nfsd4_secinfo *secinfo) 1033 { 1034 DECODE_HEAD; 1035 1036 READ_BUF(4); 1037 READ32(secinfo->si_namelen); 1038 READ_BUF(secinfo->si_namelen); 1039 SAVEMEM(secinfo->si_name, secinfo->si_namelen); 1040 status = check_filename(secinfo->si_name, secinfo->si_namelen); 1041 if (status) 1042 return status; 1043 DECODE_TAIL; 1044 } 1045 1046 static __be32 1047 nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp, 1048 struct nfsd4_secinfo_no_name *sin) 1049 { 1050 DECODE_HEAD; 1051 1052 READ_BUF(4); 1053 READ32(sin->sin_style); 1054 DECODE_TAIL; 1055 } 1056 1057 static __be32 1058 nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *setattr) 1059 { 1060 __be32 status; 1061 1062 status = nfsd4_decode_stateid(argp, &setattr->sa_stateid); 1063 if (status) 1064 return status; 1065 return nfsd4_decode_fattr(argp, setattr->sa_bmval, &setattr->sa_iattr, 1066 &setattr->sa_acl); 1067 } 1068 1069 static __be32 1070 nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid *setclientid) 1071 { 1072 DECODE_HEAD; 1073 1074 READ_BUF(NFS4_VERIFIER_SIZE); 1075 COPYMEM(setclientid->se_verf.data, NFS4_VERIFIER_SIZE); 1076 1077 status = nfsd4_decode_opaque(argp, &setclientid->se_name); 1078 if (status) 1079 return nfserr_bad_xdr; 1080 READ_BUF(8); 1081 READ32(setclientid->se_callback_prog); 1082 READ32(setclientid->se_callback_netid_len); 1083 1084 READ_BUF(setclientid->se_callback_netid_len + 4); 1085 SAVEMEM(setclientid->se_callback_netid_val, setclientid->se_callback_netid_len); 1086 READ32(setclientid->se_callback_addr_len); 1087 1088 READ_BUF(setclientid->se_callback_addr_len + 4); 1089 SAVEMEM(setclientid->se_callback_addr_val, setclientid->se_callback_addr_len); 1090 READ32(setclientid->se_callback_ident); 1091 1092 DECODE_TAIL; 1093 } 1094 1095 static __be32 1096 nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid_confirm *scd_c) 1097 { 1098 DECODE_HEAD; 1099 1100 READ_BUF(8 + NFS4_VERIFIER_SIZE); 1101 COPYMEM(&scd_c->sc_clientid, 8); 1102 COPYMEM(&scd_c->sc_confirm, NFS4_VERIFIER_SIZE); 1103 1104 DECODE_TAIL; 1105 } 1106 1107 /* Also used for NVERIFY */ 1108 static __be32 1109 nfsd4_decode_verify(struct nfsd4_compoundargs *argp, struct nfsd4_verify *verify) 1110 { 1111 DECODE_HEAD; 1112 1113 if ((status = nfsd4_decode_bitmap(argp, verify->ve_bmval))) 1114 goto out; 1115 1116 /* For convenience's sake, we compare raw xdr'd attributes in 1117 * nfsd4_proc_verify */ 1118 1119 READ_BUF(4); 1120 READ32(verify->ve_attrlen); 1121 READ_BUF(verify->ve_attrlen); 1122 SAVEMEM(verify->ve_attrval, verify->ve_attrlen); 1123 1124 DECODE_TAIL; 1125 } 1126 1127 static __be32 1128 nfsd4_decode_write(struct nfsd4_compoundargs *argp, struct nfsd4_write *write) 1129 { 1130 int avail; 1131 int len; 1132 DECODE_HEAD; 1133 1134 status = nfsd4_decode_stateid(argp, &write->wr_stateid); 1135 if (status) 1136 return status; 1137 READ_BUF(16); 1138 READ64(write->wr_offset); 1139 READ32(write->wr_stable_how); 1140 if (write->wr_stable_how > 2) 1141 goto xdr_error; 1142 READ32(write->wr_buflen); 1143 1144 /* Sorry .. no magic macros for this.. * 1145 * READ_BUF(write->wr_buflen); 1146 * SAVEMEM(write->wr_buf, write->wr_buflen); 1147 */ 1148 avail = (char*)argp->end - (char*)argp->p; 1149 if (avail + argp->pagelen < write->wr_buflen) { 1150 dprintk("NFSD: xdr error (%s:%d)\n", 1151 __FILE__, __LINE__); 1152 goto xdr_error; 1153 } 1154 write->wr_head.iov_base = p; 1155 write->wr_head.iov_len = avail; 1156 WARN_ON(avail != (XDR_QUADLEN(avail) << 2)); 1157 write->wr_pagelist = argp->pagelist; 1158 1159 len = XDR_QUADLEN(write->wr_buflen) << 2; 1160 if (len >= avail) { 1161 int pages; 1162 1163 len -= avail; 1164 1165 pages = len >> PAGE_SHIFT; 1166 argp->pagelist += pages; 1167 argp->pagelen -= pages * PAGE_SIZE; 1168 len -= pages * PAGE_SIZE; 1169 1170 argp->p = (__be32 *)page_address(argp->pagelist[0]); 1171 argp->end = argp->p + XDR_QUADLEN(PAGE_SIZE); 1172 } 1173 argp->p += XDR_QUADLEN(len); 1174 1175 DECODE_TAIL; 1176 } 1177 1178 static __be32 1179 nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp, struct nfsd4_release_lockowner *rlockowner) 1180 { 1181 DECODE_HEAD; 1182 1183 READ_BUF(12); 1184 COPYMEM(&rlockowner->rl_clientid, sizeof(clientid_t)); 1185 READ32(rlockowner->rl_owner.len); 1186 READ_BUF(rlockowner->rl_owner.len); 1187 READMEM(rlockowner->rl_owner.data, rlockowner->rl_owner.len); 1188 1189 if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid)) 1190 return nfserr_inval; 1191 DECODE_TAIL; 1192 } 1193 1194 static __be32 1195 nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp, 1196 struct nfsd4_exchange_id *exid) 1197 { 1198 int dummy, tmp; 1199 DECODE_HEAD; 1200 1201 READ_BUF(NFS4_VERIFIER_SIZE); 1202 COPYMEM(exid->verifier.data, NFS4_VERIFIER_SIZE); 1203 1204 status = nfsd4_decode_opaque(argp, &exid->clname); 1205 if (status) 1206 return nfserr_bad_xdr; 1207 1208 READ_BUF(4); 1209 READ32(exid->flags); 1210 1211 /* Ignore state_protect4_a */ 1212 READ_BUF(4); 1213 READ32(exid->spa_how); 1214 switch (exid->spa_how) { 1215 case SP4_NONE: 1216 break; 1217 case SP4_MACH_CRED: 1218 /* spo_must_enforce */ 1219 READ_BUF(4); 1220 READ32(dummy); 1221 READ_BUF(dummy * 4); 1222 p += dummy; 1223 1224 /* spo_must_allow */ 1225 READ_BUF(4); 1226 READ32(dummy); 1227 READ_BUF(dummy * 4); 1228 p += dummy; 1229 break; 1230 case SP4_SSV: 1231 /* ssp_ops */ 1232 READ_BUF(4); 1233 READ32(dummy); 1234 READ_BUF(dummy * 4); 1235 p += dummy; 1236 1237 READ_BUF(4); 1238 READ32(dummy); 1239 READ_BUF(dummy * 4); 1240 p += dummy; 1241 1242 /* ssp_hash_algs<> */ 1243 READ_BUF(4); 1244 READ32(tmp); 1245 while (tmp--) { 1246 READ_BUF(4); 1247 READ32(dummy); 1248 READ_BUF(dummy); 1249 p += XDR_QUADLEN(dummy); 1250 } 1251 1252 /* ssp_encr_algs<> */ 1253 READ_BUF(4); 1254 READ32(tmp); 1255 while (tmp--) { 1256 READ_BUF(4); 1257 READ32(dummy); 1258 READ_BUF(dummy); 1259 p += XDR_QUADLEN(dummy); 1260 } 1261 1262 /* ssp_window and ssp_num_gss_handles */ 1263 READ_BUF(8); 1264 READ32(dummy); 1265 READ32(dummy); 1266 break; 1267 default: 1268 goto xdr_error; 1269 } 1270 1271 /* Ignore Implementation ID */ 1272 READ_BUF(4); /* nfs_impl_id4 array length */ 1273 READ32(dummy); 1274 1275 if (dummy > 1) 1276 goto xdr_error; 1277 1278 if (dummy == 1) { 1279 /* nii_domain */ 1280 READ_BUF(4); 1281 READ32(dummy); 1282 READ_BUF(dummy); 1283 p += XDR_QUADLEN(dummy); 1284 1285 /* nii_name */ 1286 READ_BUF(4); 1287 READ32(dummy); 1288 READ_BUF(dummy); 1289 p += XDR_QUADLEN(dummy); 1290 1291 /* nii_date */ 1292 READ_BUF(12); 1293 p += 3; 1294 } 1295 DECODE_TAIL; 1296 } 1297 1298 static __be32 1299 nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, 1300 struct nfsd4_create_session *sess) 1301 { 1302 DECODE_HEAD; 1303 u32 dummy; 1304 1305 READ_BUF(16); 1306 COPYMEM(&sess->clientid, 8); 1307 READ32(sess->seqid); 1308 READ32(sess->flags); 1309 1310 /* Fore channel attrs */ 1311 READ_BUF(28); 1312 READ32(dummy); /* headerpadsz is always 0 */ 1313 READ32(sess->fore_channel.maxreq_sz); 1314 READ32(sess->fore_channel.maxresp_sz); 1315 READ32(sess->fore_channel.maxresp_cached); 1316 READ32(sess->fore_channel.maxops); 1317 READ32(sess->fore_channel.maxreqs); 1318 READ32(sess->fore_channel.nr_rdma_attrs); 1319 if (sess->fore_channel.nr_rdma_attrs == 1) { 1320 READ_BUF(4); 1321 READ32(sess->fore_channel.rdma_attrs); 1322 } else if (sess->fore_channel.nr_rdma_attrs > 1) { 1323 dprintk("Too many fore channel attr bitmaps!\n"); 1324 goto xdr_error; 1325 } 1326 1327 /* Back channel attrs */ 1328 READ_BUF(28); 1329 READ32(dummy); /* headerpadsz is always 0 */ 1330 READ32(sess->back_channel.maxreq_sz); 1331 READ32(sess->back_channel.maxresp_sz); 1332 READ32(sess->back_channel.maxresp_cached); 1333 READ32(sess->back_channel.maxops); 1334 READ32(sess->back_channel.maxreqs); 1335 READ32(sess->back_channel.nr_rdma_attrs); 1336 if (sess->back_channel.nr_rdma_attrs == 1) { 1337 READ_BUF(4); 1338 READ32(sess->back_channel.rdma_attrs); 1339 } else if (sess->back_channel.nr_rdma_attrs > 1) { 1340 dprintk("Too many back channel attr bitmaps!\n"); 1341 goto xdr_error; 1342 } 1343 1344 READ_BUF(4); 1345 READ32(sess->callback_prog); 1346 nfsd4_decode_cb_sec(argp, &sess->cb_sec); 1347 DECODE_TAIL; 1348 } 1349 1350 static __be32 1351 nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp, 1352 struct nfsd4_destroy_session *destroy_session) 1353 { 1354 DECODE_HEAD; 1355 READ_BUF(NFS4_MAX_SESSIONID_LEN); 1356 COPYMEM(destroy_session->sessionid.data, NFS4_MAX_SESSIONID_LEN); 1357 1358 DECODE_TAIL; 1359 } 1360 1361 static __be32 1362 nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp, 1363 struct nfsd4_free_stateid *free_stateid) 1364 { 1365 DECODE_HEAD; 1366 1367 READ_BUF(sizeof(stateid_t)); 1368 READ32(free_stateid->fr_stateid.si_generation); 1369 COPYMEM(&free_stateid->fr_stateid.si_opaque, sizeof(stateid_opaque_t)); 1370 1371 DECODE_TAIL; 1372 } 1373 1374 static __be32 1375 nfsd4_decode_sequence(struct nfsd4_compoundargs *argp, 1376 struct nfsd4_sequence *seq) 1377 { 1378 DECODE_HEAD; 1379 1380 READ_BUF(NFS4_MAX_SESSIONID_LEN + 16); 1381 COPYMEM(seq->sessionid.data, NFS4_MAX_SESSIONID_LEN); 1382 READ32(seq->seqid); 1383 READ32(seq->slotid); 1384 READ32(seq->maxslots); 1385 READ32(seq->cachethis); 1386 1387 DECODE_TAIL; 1388 } 1389 1390 static __be32 1391 nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_stateid *test_stateid) 1392 { 1393 int i; 1394 __be32 *p, status; 1395 struct nfsd4_test_stateid_id *stateid; 1396 1397 READ_BUF(4); 1398 test_stateid->ts_num_ids = ntohl(*p++); 1399 1400 INIT_LIST_HEAD(&test_stateid->ts_stateid_list); 1401 1402 for (i = 0; i < test_stateid->ts_num_ids; i++) { 1403 stateid = kmalloc(sizeof(struct nfsd4_test_stateid_id), GFP_KERNEL); 1404 if (!stateid) { 1405 status = nfserrno(-ENOMEM); 1406 goto out; 1407 } 1408 1409 defer_free(argp, kfree, stateid); 1410 INIT_LIST_HEAD(&stateid->ts_id_list); 1411 list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list); 1412 1413 status = nfsd4_decode_stateid(argp, &stateid->ts_id_stateid); 1414 if (status) 1415 goto out; 1416 } 1417 1418 status = 0; 1419 out: 1420 return status; 1421 xdr_error: 1422 dprintk("NFSD: xdr error (%s:%d)\n", __FILE__, __LINE__); 1423 status = nfserr_bad_xdr; 1424 goto out; 1425 } 1426 1427 static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp, struct nfsd4_destroy_clientid *dc) 1428 { 1429 DECODE_HEAD; 1430 1431 READ_BUF(8); 1432 COPYMEM(&dc->clientid, 8); 1433 1434 DECODE_TAIL; 1435 } 1436 1437 static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp, struct nfsd4_reclaim_complete *rc) 1438 { 1439 DECODE_HEAD; 1440 1441 READ_BUF(4); 1442 READ32(rc->rca_one_fs); 1443 1444 DECODE_TAIL; 1445 } 1446 1447 static __be32 1448 nfsd4_decode_noop(struct nfsd4_compoundargs *argp, void *p) 1449 { 1450 return nfs_ok; 1451 } 1452 1453 static __be32 1454 nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) 1455 { 1456 return nfserr_notsupp; 1457 } 1458 1459 typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); 1460 1461 static nfsd4_dec nfsd4_dec_ops[] = { 1462 [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, 1463 [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, 1464 [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, 1465 [OP_CREATE] = (nfsd4_dec)nfsd4_decode_create, 1466 [OP_DELEGPURGE] = (nfsd4_dec)nfsd4_decode_notsupp, 1467 [OP_DELEGRETURN] = (nfsd4_dec)nfsd4_decode_delegreturn, 1468 [OP_GETATTR] = (nfsd4_dec)nfsd4_decode_getattr, 1469 [OP_GETFH] = (nfsd4_dec)nfsd4_decode_noop, 1470 [OP_LINK] = (nfsd4_dec)nfsd4_decode_link, 1471 [OP_LOCK] = (nfsd4_dec)nfsd4_decode_lock, 1472 [OP_LOCKT] = (nfsd4_dec)nfsd4_decode_lockt, 1473 [OP_LOCKU] = (nfsd4_dec)nfsd4_decode_locku, 1474 [OP_LOOKUP] = (nfsd4_dec)nfsd4_decode_lookup, 1475 [OP_LOOKUPP] = (nfsd4_dec)nfsd4_decode_noop, 1476 [OP_NVERIFY] = (nfsd4_dec)nfsd4_decode_verify, 1477 [OP_OPEN] = (nfsd4_dec)nfsd4_decode_open, 1478 [OP_OPENATTR] = (nfsd4_dec)nfsd4_decode_notsupp, 1479 [OP_OPEN_CONFIRM] = (nfsd4_dec)nfsd4_decode_open_confirm, 1480 [OP_OPEN_DOWNGRADE] = (nfsd4_dec)nfsd4_decode_open_downgrade, 1481 [OP_PUTFH] = (nfsd4_dec)nfsd4_decode_putfh, 1482 [OP_PUTPUBFH] = (nfsd4_dec)nfsd4_decode_noop, 1483 [OP_PUTROOTFH] = (nfsd4_dec)nfsd4_decode_noop, 1484 [OP_READ] = (nfsd4_dec)nfsd4_decode_read, 1485 [OP_READDIR] = (nfsd4_dec)nfsd4_decode_readdir, 1486 [OP_READLINK] = (nfsd4_dec)nfsd4_decode_noop, 1487 [OP_REMOVE] = (nfsd4_dec)nfsd4_decode_remove, 1488 [OP_RENAME] = (nfsd4_dec)nfsd4_decode_rename, 1489 [OP_RENEW] = (nfsd4_dec)nfsd4_decode_renew, 1490 [OP_RESTOREFH] = (nfsd4_dec)nfsd4_decode_noop, 1491 [OP_SAVEFH] = (nfsd4_dec)nfsd4_decode_noop, 1492 [OP_SECINFO] = (nfsd4_dec)nfsd4_decode_secinfo, 1493 [OP_SETATTR] = (nfsd4_dec)nfsd4_decode_setattr, 1494 [OP_SETCLIENTID] = (nfsd4_dec)nfsd4_decode_setclientid, 1495 [OP_SETCLIENTID_CONFIRM] = (nfsd4_dec)nfsd4_decode_setclientid_confirm, 1496 [OP_VERIFY] = (nfsd4_dec)nfsd4_decode_verify, 1497 [OP_WRITE] = (nfsd4_dec)nfsd4_decode_write, 1498 [OP_RELEASE_LOCKOWNER] = (nfsd4_dec)nfsd4_decode_release_lockowner, 1499 }; 1500 1501 static nfsd4_dec nfsd41_dec_ops[] = { 1502 [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, 1503 [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, 1504 [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, 1505 [OP_CREATE] = (nfsd4_dec)nfsd4_decode_create, 1506 [OP_DELEGPURGE] = (nfsd4_dec)nfsd4_decode_notsupp, 1507 [OP_DELEGRETURN] = (nfsd4_dec)nfsd4_decode_delegreturn, 1508 [OP_GETATTR] = (nfsd4_dec)nfsd4_decode_getattr, 1509 [OP_GETFH] = (nfsd4_dec)nfsd4_decode_noop, 1510 [OP_LINK] = (nfsd4_dec)nfsd4_decode_link, 1511 [OP_LOCK] = (nfsd4_dec)nfsd4_decode_lock, 1512 [OP_LOCKT] = (nfsd4_dec)nfsd4_decode_lockt, 1513 [OP_LOCKU] = (nfsd4_dec)nfsd4_decode_locku, 1514 [OP_LOOKUP] = (nfsd4_dec)nfsd4_decode_lookup, 1515 [OP_LOOKUPP] = (nfsd4_dec)nfsd4_decode_noop, 1516 [OP_NVERIFY] = (nfsd4_dec)nfsd4_decode_verify, 1517 [OP_OPEN] = (nfsd4_dec)nfsd4_decode_open, 1518 [OP_OPENATTR] = (nfsd4_dec)nfsd4_decode_notsupp, 1519 [OP_OPEN_CONFIRM] = (nfsd4_dec)nfsd4_decode_notsupp, 1520 [OP_OPEN_DOWNGRADE] = (nfsd4_dec)nfsd4_decode_open_downgrade, 1521 [OP_PUTFH] = (nfsd4_dec)nfsd4_decode_putfh, 1522 [OP_PUTPUBFH] = (nfsd4_dec)nfsd4_decode_notsupp, 1523 [OP_PUTROOTFH] = (nfsd4_dec)nfsd4_decode_noop, 1524 [OP_READ] = (nfsd4_dec)nfsd4_decode_read, 1525 [OP_READDIR] = (nfsd4_dec)nfsd4_decode_readdir, 1526 [OP_READLINK] = (nfsd4_dec)nfsd4_decode_noop, 1527 [OP_REMOVE] = (nfsd4_dec)nfsd4_decode_remove, 1528 [OP_RENAME] = (nfsd4_dec)nfsd4_decode_rename, 1529 [OP_RENEW] = (nfsd4_dec)nfsd4_decode_notsupp, 1530 [OP_RESTOREFH] = (nfsd4_dec)nfsd4_decode_noop, 1531 [OP_SAVEFH] = (nfsd4_dec)nfsd4_decode_noop, 1532 [OP_SECINFO] = (nfsd4_dec)nfsd4_decode_secinfo, 1533 [OP_SETATTR] = (nfsd4_dec)nfsd4_decode_setattr, 1534 [OP_SETCLIENTID] = (nfsd4_dec)nfsd4_decode_notsupp, 1535 [OP_SETCLIENTID_CONFIRM]= (nfsd4_dec)nfsd4_decode_notsupp, 1536 [OP_VERIFY] = (nfsd4_dec)nfsd4_decode_verify, 1537 [OP_WRITE] = (nfsd4_dec)nfsd4_decode_write, 1538 [OP_RELEASE_LOCKOWNER] = (nfsd4_dec)nfsd4_decode_notsupp, 1539 1540 /* new operations for NFSv4.1 */ 1541 [OP_BACKCHANNEL_CTL] = (nfsd4_dec)nfsd4_decode_backchannel_ctl, 1542 [OP_BIND_CONN_TO_SESSION]= (nfsd4_dec)nfsd4_decode_bind_conn_to_session, 1543 [OP_EXCHANGE_ID] = (nfsd4_dec)nfsd4_decode_exchange_id, 1544 [OP_CREATE_SESSION] = (nfsd4_dec)nfsd4_decode_create_session, 1545 [OP_DESTROY_SESSION] = (nfsd4_dec)nfsd4_decode_destroy_session, 1546 [OP_FREE_STATEID] = (nfsd4_dec)nfsd4_decode_free_stateid, 1547 [OP_GET_DIR_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp, 1548 [OP_GETDEVICEINFO] = (nfsd4_dec)nfsd4_decode_notsupp, 1549 [OP_GETDEVICELIST] = (nfsd4_dec)nfsd4_decode_notsupp, 1550 [OP_LAYOUTCOMMIT] = (nfsd4_dec)nfsd4_decode_notsupp, 1551 [OP_LAYOUTGET] = (nfsd4_dec)nfsd4_decode_notsupp, 1552 [OP_LAYOUTRETURN] = (nfsd4_dec)nfsd4_decode_notsupp, 1553 [OP_SECINFO_NO_NAME] = (nfsd4_dec)nfsd4_decode_secinfo_no_name, 1554 [OP_SEQUENCE] = (nfsd4_dec)nfsd4_decode_sequence, 1555 [OP_SET_SSV] = (nfsd4_dec)nfsd4_decode_notsupp, 1556 [OP_TEST_STATEID] = (nfsd4_dec)nfsd4_decode_test_stateid, 1557 [OP_WANT_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp, 1558 [OP_DESTROY_CLIENTID] = (nfsd4_dec)nfsd4_decode_destroy_clientid, 1559 [OP_RECLAIM_COMPLETE] = (nfsd4_dec)nfsd4_decode_reclaim_complete, 1560 }; 1561 1562 struct nfsd4_minorversion_ops { 1563 nfsd4_dec *decoders; 1564 int nops; 1565 }; 1566 1567 static struct nfsd4_minorversion_ops nfsd4_minorversion[] = { 1568 [0] = { nfsd4_dec_ops, ARRAY_SIZE(nfsd4_dec_ops) }, 1569 [1] = { nfsd41_dec_ops, ARRAY_SIZE(nfsd41_dec_ops) }, 1570 }; 1571 1572 static __be32 1573 nfsd4_decode_compound(struct nfsd4_compoundargs *argp) 1574 { 1575 DECODE_HEAD; 1576 struct nfsd4_op *op; 1577 struct nfsd4_minorversion_ops *ops; 1578 bool cachethis = false; 1579 int i; 1580 1581 READ_BUF(4); 1582 READ32(argp->taglen); 1583 READ_BUF(argp->taglen + 8); 1584 SAVEMEM(argp->tag, argp->taglen); 1585 READ32(argp->minorversion); 1586 READ32(argp->opcnt); 1587 1588 if (argp->taglen > NFSD4_MAX_TAGLEN) 1589 goto xdr_error; 1590 if (argp->opcnt > 100) 1591 goto xdr_error; 1592 1593 if (argp->opcnt > ARRAY_SIZE(argp->iops)) { 1594 argp->ops = kmalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL); 1595 if (!argp->ops) { 1596 argp->ops = argp->iops; 1597 dprintk("nfsd: couldn't allocate room for COMPOUND\n"); 1598 goto xdr_error; 1599 } 1600 } 1601 1602 if (argp->minorversion >= ARRAY_SIZE(nfsd4_minorversion)) 1603 argp->opcnt = 0; 1604 1605 ops = &nfsd4_minorversion[argp->minorversion]; 1606 for (i = 0; i < argp->opcnt; i++) { 1607 op = &argp->ops[i]; 1608 op->replay = NULL; 1609 1610 READ_BUF(4); 1611 READ32(op->opnum); 1612 1613 if (op->opnum >= FIRST_NFS4_OP && op->opnum <= LAST_NFS4_OP) 1614 op->status = ops->decoders[op->opnum](argp, &op->u); 1615 else { 1616 op->opnum = OP_ILLEGAL; 1617 op->status = nfserr_op_illegal; 1618 } 1619 1620 if (op->status) { 1621 argp->opcnt = i+1; 1622 break; 1623 } 1624 /* 1625 * We'll try to cache the result in the DRC if any one 1626 * op in the compound wants to be cached: 1627 */ 1628 cachethis |= nfsd4_cache_this_op(op); 1629 } 1630 /* Sessions make the DRC unnecessary: */ 1631 if (argp->minorversion) 1632 cachethis = false; 1633 argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE; 1634 1635 DECODE_TAIL; 1636 } 1637 1638 #define WRITE32(n) *p++ = htonl(n) 1639 #define WRITE64(n) do { \ 1640 *p++ = htonl((u32)((n) >> 32)); \ 1641 *p++ = htonl((u32)(n)); \ 1642 } while (0) 1643 #define WRITEMEM(ptr,nbytes) do { if (nbytes > 0) { \ 1644 *(p + XDR_QUADLEN(nbytes) -1) = 0; \ 1645 memcpy(p, ptr, nbytes); \ 1646 p += XDR_QUADLEN(nbytes); \ 1647 }} while (0) 1648 1649 static void write32(__be32 **p, u32 n) 1650 { 1651 *(*p)++ = htonl(n); 1652 } 1653 1654 static void write64(__be32 **p, u64 n) 1655 { 1656 write32(p, (n >> 32)); 1657 write32(p, (u32)n); 1658 } 1659 1660 static void write_change(__be32 **p, struct kstat *stat, struct inode *inode) 1661 { 1662 if (IS_I_VERSION(inode)) { 1663 write64(p, inode->i_version); 1664 } else { 1665 write32(p, stat->ctime.tv_sec); 1666 write32(p, stat->ctime.tv_nsec); 1667 } 1668 } 1669 1670 static void write_cinfo(__be32 **p, struct nfsd4_change_info *c) 1671 { 1672 write32(p, c->atomic); 1673 if (c->change_supported) { 1674 write64(p, c->before_change); 1675 write64(p, c->after_change); 1676 } else { 1677 write32(p, c->before_ctime_sec); 1678 write32(p, c->before_ctime_nsec); 1679 write32(p, c->after_ctime_sec); 1680 write32(p, c->after_ctime_nsec); 1681 } 1682 } 1683 1684 #define RESERVE_SPACE(nbytes) do { \ 1685 p = resp->p; \ 1686 BUG_ON(p + XDR_QUADLEN(nbytes) > resp->end); \ 1687 } while (0) 1688 #define ADJUST_ARGS() resp->p = p 1689 1690 /* Encode as an array of strings the string given with components 1691 * separated @sep, escaped with esc_enter and esc_exit. 1692 */ 1693 static __be32 nfsd4_encode_components_esc(char sep, char *components, 1694 __be32 **pp, int *buflen, 1695 char esc_enter, char esc_exit) 1696 { 1697 __be32 *p = *pp; 1698 __be32 *countp = p; 1699 int strlen, count=0; 1700 char *str, *end, *next; 1701 1702 dprintk("nfsd4_encode_components(%s)\n", components); 1703 if ((*buflen -= 4) < 0) 1704 return nfserr_resource; 1705 WRITE32(0); /* We will fill this in with @count later */ 1706 end = str = components; 1707 while (*end) { 1708 bool found_esc = false; 1709 1710 /* try to parse as esc_start, ..., esc_end, sep */ 1711 if (*str == esc_enter) { 1712 for (; *end && (*end != esc_exit); end++) 1713 /* find esc_exit or end of string */; 1714 next = end + 1; 1715 if (*end && (!*next || *next == sep)) { 1716 str++; 1717 found_esc = true; 1718 } 1719 } 1720 1721 if (!found_esc) 1722 for (; *end && (*end != sep); end++) 1723 /* find sep or end of string */; 1724 1725 strlen = end - str; 1726 if (strlen) { 1727 if ((*buflen -= ((XDR_QUADLEN(strlen) << 2) + 4)) < 0) 1728 return nfserr_resource; 1729 WRITE32(strlen); 1730 WRITEMEM(str, strlen); 1731 count++; 1732 } 1733 else 1734 end++; 1735 str = end; 1736 } 1737 *pp = p; 1738 p = countp; 1739 WRITE32(count); 1740 return 0; 1741 } 1742 1743 /* Encode as an array of strings the string given with components 1744 * separated @sep. 1745 */ 1746 static __be32 nfsd4_encode_components(char sep, char *components, 1747 __be32 **pp, int *buflen) 1748 { 1749 return nfsd4_encode_components_esc(sep, components, pp, buflen, 0, 0); 1750 } 1751 1752 /* 1753 * encode a location element of a fs_locations structure 1754 */ 1755 static __be32 nfsd4_encode_fs_location4(struct nfsd4_fs_location *location, 1756 __be32 **pp, int *buflen) 1757 { 1758 __be32 status; 1759 __be32 *p = *pp; 1760 1761 status = nfsd4_encode_components_esc(':', location->hosts, &p, buflen, 1762 '[', ']'); 1763 if (status) 1764 return status; 1765 status = nfsd4_encode_components('/', location->path, &p, buflen); 1766 if (status) 1767 return status; 1768 *pp = p; 1769 return 0; 1770 } 1771 1772 /* 1773 * Encode a path in RFC3530 'pathname4' format 1774 */ 1775 static __be32 nfsd4_encode_path(const struct path *root, 1776 const struct path *path, __be32 **pp, int *buflen) 1777 { 1778 struct path cur = { 1779 .mnt = path->mnt, 1780 .dentry = path->dentry, 1781 }; 1782 __be32 *p = *pp; 1783 struct dentry **components = NULL; 1784 unsigned int ncomponents = 0; 1785 __be32 err = nfserr_jukebox; 1786 1787 dprintk("nfsd4_encode_components("); 1788 1789 path_get(&cur); 1790 /* First walk the path up to the nfsd root, and store the 1791 * dentries/path components in an array. 1792 */ 1793 for (;;) { 1794 if (cur.dentry == root->dentry && cur.mnt == root->mnt) 1795 break; 1796 if (cur.dentry == cur.mnt->mnt_root) { 1797 if (follow_up(&cur)) 1798 continue; 1799 goto out_free; 1800 } 1801 if ((ncomponents & 15) == 0) { 1802 struct dentry **new; 1803 new = krealloc(components, 1804 sizeof(*new) * (ncomponents + 16), 1805 GFP_KERNEL); 1806 if (!new) 1807 goto out_free; 1808 components = new; 1809 } 1810 components[ncomponents++] = cur.dentry; 1811 cur.dentry = dget_parent(cur.dentry); 1812 } 1813 1814 *buflen -= 4; 1815 if (*buflen < 0) 1816 goto out_free; 1817 WRITE32(ncomponents); 1818 1819 while (ncomponents) { 1820 struct dentry *dentry = components[ncomponents - 1]; 1821 unsigned int len = dentry->d_name.len; 1822 1823 *buflen -= 4 + (XDR_QUADLEN(len) << 2); 1824 if (*buflen < 0) 1825 goto out_free; 1826 WRITE32(len); 1827 WRITEMEM(dentry->d_name.name, len); 1828 dprintk("/%s", dentry->d_name.name); 1829 dput(dentry); 1830 ncomponents--; 1831 } 1832 1833 *pp = p; 1834 err = 0; 1835 out_free: 1836 dprintk(")\n"); 1837 while (ncomponents) 1838 dput(components[--ncomponents]); 1839 kfree(components); 1840 path_put(&cur); 1841 return err; 1842 } 1843 1844 static __be32 nfsd4_encode_fsloc_fsroot(struct svc_rqst *rqstp, 1845 const struct path *path, __be32 **pp, int *buflen) 1846 { 1847 struct svc_export *exp_ps; 1848 __be32 res; 1849 1850 exp_ps = rqst_find_fsidzero_export(rqstp); 1851 if (IS_ERR(exp_ps)) 1852 return nfserrno(PTR_ERR(exp_ps)); 1853 res = nfsd4_encode_path(&exp_ps->ex_path, path, pp, buflen); 1854 exp_put(exp_ps); 1855 return res; 1856 } 1857 1858 /* 1859 * encode a fs_locations structure 1860 */ 1861 static __be32 nfsd4_encode_fs_locations(struct svc_rqst *rqstp, 1862 struct svc_export *exp, 1863 __be32 **pp, int *buflen) 1864 { 1865 __be32 status; 1866 int i; 1867 __be32 *p = *pp; 1868 struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs; 1869 1870 status = nfsd4_encode_fsloc_fsroot(rqstp, &exp->ex_path, &p, buflen); 1871 if (status) 1872 return status; 1873 if ((*buflen -= 4) < 0) 1874 return nfserr_resource; 1875 WRITE32(fslocs->locations_count); 1876 for (i=0; i<fslocs->locations_count; i++) { 1877 status = nfsd4_encode_fs_location4(&fslocs->locations[i], 1878 &p, buflen); 1879 if (status) 1880 return status; 1881 } 1882 *pp = p; 1883 return 0; 1884 } 1885 1886 static u32 nfs4_file_type(umode_t mode) 1887 { 1888 switch (mode & S_IFMT) { 1889 case S_IFIFO: return NF4FIFO; 1890 case S_IFCHR: return NF4CHR; 1891 case S_IFDIR: return NF4DIR; 1892 case S_IFBLK: return NF4BLK; 1893 case S_IFLNK: return NF4LNK; 1894 case S_IFREG: return NF4REG; 1895 case S_IFSOCK: return NF4SOCK; 1896 default: return NF4BAD; 1897 }; 1898 } 1899 1900 static __be32 1901 nfsd4_encode_name(struct svc_rqst *rqstp, int whotype, kuid_t uid, kgid_t gid, 1902 __be32 **p, int *buflen) 1903 { 1904 int status; 1905 1906 if (*buflen < (XDR_QUADLEN(IDMAP_NAMESZ) << 2) + 4) 1907 return nfserr_resource; 1908 if (whotype != NFS4_ACL_WHO_NAMED) 1909 status = nfs4_acl_write_who(whotype, (u8 *)(*p + 1)); 1910 else if (gid_valid(gid)) 1911 status = nfsd_map_gid_to_name(rqstp, gid, (u8 *)(*p + 1)); 1912 else 1913 status = nfsd_map_uid_to_name(rqstp, uid, (u8 *)(*p + 1)); 1914 if (status < 0) 1915 return nfserrno(status); 1916 *p = xdr_encode_opaque(*p, NULL, status); 1917 *buflen -= (XDR_QUADLEN(status) << 2) + 4; 1918 BUG_ON(*buflen < 0); 1919 return 0; 1920 } 1921 1922 static inline __be32 1923 nfsd4_encode_user(struct svc_rqst *rqstp, kuid_t user, __be32 **p, int *buflen) 1924 { 1925 return nfsd4_encode_name(rqstp, NFS4_ACL_WHO_NAMED, user, INVALID_GID, 1926 p, buflen); 1927 } 1928 1929 static inline __be32 1930 nfsd4_encode_group(struct svc_rqst *rqstp, kgid_t group, __be32 **p, int *buflen) 1931 { 1932 return nfsd4_encode_name(rqstp, NFS4_ACL_WHO_NAMED, INVALID_UID, group, 1933 p, buflen); 1934 } 1935 1936 static inline __be32 1937 nfsd4_encode_aclname(struct svc_rqst *rqstp, struct nfs4_ace *ace, 1938 __be32 **p, int *buflen) 1939 { 1940 kuid_t uid = INVALID_UID; 1941 kgid_t gid = INVALID_GID; 1942 1943 if (ace->whotype == NFS4_ACL_WHO_NAMED) { 1944 if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP) 1945 gid = ace->who_gid; 1946 else 1947 uid = ace->who_uid; 1948 } 1949 return nfsd4_encode_name(rqstp, ace->whotype, uid, gid, p, buflen); 1950 } 1951 1952 #define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \ 1953 FATTR4_WORD0_RDATTR_ERROR) 1954 #define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID 1955 1956 static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *rdattr_err) 1957 { 1958 /* As per referral draft: */ 1959 if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS || 1960 *bmval1 & ~WORD1_ABSENT_FS_ATTRS) { 1961 if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR || 1962 *bmval0 & FATTR4_WORD0_FS_LOCATIONS) 1963 *rdattr_err = NFSERR_MOVED; 1964 else 1965 return nfserr_moved; 1966 } 1967 *bmval0 &= WORD0_ABSENT_FS_ATTRS; 1968 *bmval1 &= WORD1_ABSENT_FS_ATTRS; 1969 return 0; 1970 } 1971 1972 1973 static int get_parent_attributes(struct svc_export *exp, struct kstat *stat) 1974 { 1975 struct path path = exp->ex_path; 1976 int err; 1977 1978 path_get(&path); 1979 while (follow_up(&path)) { 1980 if (path.dentry != path.mnt->mnt_root) 1981 break; 1982 } 1983 err = vfs_getattr(&path, stat); 1984 path_put(&path); 1985 return err; 1986 } 1987 1988 /* 1989 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle 1990 * ourselves. 1991 * 1992 * countp is the buffer size in _words_ 1993 */ 1994 __be32 1995 nfsd4_encode_fattr(struct svc_fh *fhp, struct svc_export *exp, 1996 struct dentry *dentry, __be32 **buffer, int count, u32 *bmval, 1997 struct svc_rqst *rqstp, int ignore_crossmnt) 1998 { 1999 u32 bmval0 = bmval[0]; 2000 u32 bmval1 = bmval[1]; 2001 u32 bmval2 = bmval[2]; 2002 struct kstat stat; 2003 struct svc_fh tempfh; 2004 struct kstatfs statfs; 2005 int buflen = count << 2; 2006 __be32 *attrlenp; 2007 u32 dummy; 2008 u64 dummy64; 2009 u32 rdattr_err = 0; 2010 __be32 *p = *buffer; 2011 __be32 status; 2012 int err; 2013 int aclsupport = 0; 2014 struct nfs4_acl *acl = NULL; 2015 struct nfsd4_compoundres *resp = rqstp->rq_resp; 2016 u32 minorversion = resp->cstate.minorversion; 2017 struct path path = { 2018 .mnt = exp->ex_path.mnt, 2019 .dentry = dentry, 2020 }; 2021 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2022 2023 BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1); 2024 BUG_ON(bmval0 & ~nfsd_suppattrs0(minorversion)); 2025 BUG_ON(bmval1 & ~nfsd_suppattrs1(minorversion)); 2026 BUG_ON(bmval2 & ~nfsd_suppattrs2(minorversion)); 2027 2028 if (exp->ex_fslocs.migrated) { 2029 BUG_ON(bmval[2]); 2030 status = fattr_handle_absent_fs(&bmval0, &bmval1, &rdattr_err); 2031 if (status) 2032 goto out; 2033 } 2034 2035 err = vfs_getattr(&path, &stat); 2036 if (err) 2037 goto out_nfserr; 2038 if ((bmval0 & (FATTR4_WORD0_FILES_FREE | FATTR4_WORD0_FILES_TOTAL | 2039 FATTR4_WORD0_MAXNAME)) || 2040 (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE | 2041 FATTR4_WORD1_SPACE_TOTAL))) { 2042 err = vfs_statfs(&path, &statfs); 2043 if (err) 2044 goto out_nfserr; 2045 } 2046 if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) { 2047 fh_init(&tempfh, NFS4_FHSIZE); 2048 status = fh_compose(&tempfh, exp, dentry, NULL); 2049 if (status) 2050 goto out; 2051 fhp = &tempfh; 2052 } 2053 if (bmval0 & (FATTR4_WORD0_ACL | FATTR4_WORD0_ACLSUPPORT 2054 | FATTR4_WORD0_SUPPORTED_ATTRS)) { 2055 err = nfsd4_get_nfs4_acl(rqstp, dentry, &acl); 2056 aclsupport = (err == 0); 2057 if (bmval0 & FATTR4_WORD0_ACL) { 2058 if (err == -EOPNOTSUPP) 2059 bmval0 &= ~FATTR4_WORD0_ACL; 2060 else if (err == -EINVAL) { 2061 status = nfserr_attrnotsupp; 2062 goto out; 2063 } else if (err != 0) 2064 goto out_nfserr; 2065 } 2066 } 2067 2068 if (bmval2) { 2069 if ((buflen -= 16) < 0) 2070 goto out_resource; 2071 WRITE32(3); 2072 WRITE32(bmval0); 2073 WRITE32(bmval1); 2074 WRITE32(bmval2); 2075 } else if (bmval1) { 2076 if ((buflen -= 12) < 0) 2077 goto out_resource; 2078 WRITE32(2); 2079 WRITE32(bmval0); 2080 WRITE32(bmval1); 2081 } else { 2082 if ((buflen -= 8) < 0) 2083 goto out_resource; 2084 WRITE32(1); 2085 WRITE32(bmval0); 2086 } 2087 attrlenp = p++; /* to be backfilled later */ 2088 2089 if (bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) { 2090 u32 word0 = nfsd_suppattrs0(minorversion); 2091 u32 word1 = nfsd_suppattrs1(minorversion); 2092 u32 word2 = nfsd_suppattrs2(minorversion); 2093 2094 if (!aclsupport) 2095 word0 &= ~FATTR4_WORD0_ACL; 2096 if (!word2) { 2097 if ((buflen -= 12) < 0) 2098 goto out_resource; 2099 WRITE32(2); 2100 WRITE32(word0); 2101 WRITE32(word1); 2102 } else { 2103 if ((buflen -= 16) < 0) 2104 goto out_resource; 2105 WRITE32(3); 2106 WRITE32(word0); 2107 WRITE32(word1); 2108 WRITE32(word2); 2109 } 2110 } 2111 if (bmval0 & FATTR4_WORD0_TYPE) { 2112 if ((buflen -= 4) < 0) 2113 goto out_resource; 2114 dummy = nfs4_file_type(stat.mode); 2115 if (dummy == NF4BAD) 2116 goto out_serverfault; 2117 WRITE32(dummy); 2118 } 2119 if (bmval0 & FATTR4_WORD0_FH_EXPIRE_TYPE) { 2120 if ((buflen -= 4) < 0) 2121 goto out_resource; 2122 if (exp->ex_flags & NFSEXP_NOSUBTREECHECK) 2123 WRITE32(NFS4_FH_PERSISTENT); 2124 else 2125 WRITE32(NFS4_FH_PERSISTENT|NFS4_FH_VOL_RENAME); 2126 } 2127 if (bmval0 & FATTR4_WORD0_CHANGE) { 2128 if ((buflen -= 8) < 0) 2129 goto out_resource; 2130 write_change(&p, &stat, dentry->d_inode); 2131 } 2132 if (bmval0 & FATTR4_WORD0_SIZE) { 2133 if ((buflen -= 8) < 0) 2134 goto out_resource; 2135 WRITE64(stat.size); 2136 } 2137 if (bmval0 & FATTR4_WORD0_LINK_SUPPORT) { 2138 if ((buflen -= 4) < 0) 2139 goto out_resource; 2140 WRITE32(1); 2141 } 2142 if (bmval0 & FATTR4_WORD0_SYMLINK_SUPPORT) { 2143 if ((buflen -= 4) < 0) 2144 goto out_resource; 2145 WRITE32(1); 2146 } 2147 if (bmval0 & FATTR4_WORD0_NAMED_ATTR) { 2148 if ((buflen -= 4) < 0) 2149 goto out_resource; 2150 WRITE32(0); 2151 } 2152 if (bmval0 & FATTR4_WORD0_FSID) { 2153 if ((buflen -= 16) < 0) 2154 goto out_resource; 2155 if (exp->ex_fslocs.migrated) { 2156 WRITE64(NFS4_REFERRAL_FSID_MAJOR); 2157 WRITE64(NFS4_REFERRAL_FSID_MINOR); 2158 } else switch(fsid_source(fhp)) { 2159 case FSIDSOURCE_FSID: 2160 WRITE64((u64)exp->ex_fsid); 2161 WRITE64((u64)0); 2162 break; 2163 case FSIDSOURCE_DEV: 2164 WRITE32(0); 2165 WRITE32(MAJOR(stat.dev)); 2166 WRITE32(0); 2167 WRITE32(MINOR(stat.dev)); 2168 break; 2169 case FSIDSOURCE_UUID: 2170 WRITEMEM(exp->ex_uuid, 16); 2171 break; 2172 } 2173 } 2174 if (bmval0 & FATTR4_WORD0_UNIQUE_HANDLES) { 2175 if ((buflen -= 4) < 0) 2176 goto out_resource; 2177 WRITE32(0); 2178 } 2179 if (bmval0 & FATTR4_WORD0_LEASE_TIME) { 2180 if ((buflen -= 4) < 0) 2181 goto out_resource; 2182 WRITE32(nn->nfsd4_lease); 2183 } 2184 if (bmval0 & FATTR4_WORD0_RDATTR_ERROR) { 2185 if ((buflen -= 4) < 0) 2186 goto out_resource; 2187 WRITE32(rdattr_err); 2188 } 2189 if (bmval0 & FATTR4_WORD0_ACL) { 2190 struct nfs4_ace *ace; 2191 2192 if (acl == NULL) { 2193 if ((buflen -= 4) < 0) 2194 goto out_resource; 2195 2196 WRITE32(0); 2197 goto out_acl; 2198 } 2199 if ((buflen -= 4) < 0) 2200 goto out_resource; 2201 WRITE32(acl->naces); 2202 2203 for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) { 2204 if ((buflen -= 4*3) < 0) 2205 goto out_resource; 2206 WRITE32(ace->type); 2207 WRITE32(ace->flag); 2208 WRITE32(ace->access_mask & NFS4_ACE_MASK_ALL); 2209 status = nfsd4_encode_aclname(rqstp, ace, &p, &buflen); 2210 if (status == nfserr_resource) 2211 goto out_resource; 2212 if (status) 2213 goto out; 2214 } 2215 } 2216 out_acl: 2217 if (bmval0 & FATTR4_WORD0_ACLSUPPORT) { 2218 if ((buflen -= 4) < 0) 2219 goto out_resource; 2220 WRITE32(aclsupport ? 2221 ACL4_SUPPORT_ALLOW_ACL|ACL4_SUPPORT_DENY_ACL : 0); 2222 } 2223 if (bmval0 & FATTR4_WORD0_CANSETTIME) { 2224 if ((buflen -= 4) < 0) 2225 goto out_resource; 2226 WRITE32(1); 2227 } 2228 if (bmval0 & FATTR4_WORD0_CASE_INSENSITIVE) { 2229 if ((buflen -= 4) < 0) 2230 goto out_resource; 2231 WRITE32(0); 2232 } 2233 if (bmval0 & FATTR4_WORD0_CASE_PRESERVING) { 2234 if ((buflen -= 4) < 0) 2235 goto out_resource; 2236 WRITE32(1); 2237 } 2238 if (bmval0 & FATTR4_WORD0_CHOWN_RESTRICTED) { 2239 if ((buflen -= 4) < 0) 2240 goto out_resource; 2241 WRITE32(1); 2242 } 2243 if (bmval0 & FATTR4_WORD0_FILEHANDLE) { 2244 buflen -= (XDR_QUADLEN(fhp->fh_handle.fh_size) << 2) + 4; 2245 if (buflen < 0) 2246 goto out_resource; 2247 WRITE32(fhp->fh_handle.fh_size); 2248 WRITEMEM(&fhp->fh_handle.fh_base, fhp->fh_handle.fh_size); 2249 } 2250 if (bmval0 & FATTR4_WORD0_FILEID) { 2251 if ((buflen -= 8) < 0) 2252 goto out_resource; 2253 WRITE64(stat.ino); 2254 } 2255 if (bmval0 & FATTR4_WORD0_FILES_AVAIL) { 2256 if ((buflen -= 8) < 0) 2257 goto out_resource; 2258 WRITE64((u64) statfs.f_ffree); 2259 } 2260 if (bmval0 & FATTR4_WORD0_FILES_FREE) { 2261 if ((buflen -= 8) < 0) 2262 goto out_resource; 2263 WRITE64((u64) statfs.f_ffree); 2264 } 2265 if (bmval0 & FATTR4_WORD0_FILES_TOTAL) { 2266 if ((buflen -= 8) < 0) 2267 goto out_resource; 2268 WRITE64((u64) statfs.f_files); 2269 } 2270 if (bmval0 & FATTR4_WORD0_FS_LOCATIONS) { 2271 status = nfsd4_encode_fs_locations(rqstp, exp, &p, &buflen); 2272 if (status == nfserr_resource) 2273 goto out_resource; 2274 if (status) 2275 goto out; 2276 } 2277 if (bmval0 & FATTR4_WORD0_HOMOGENEOUS) { 2278 if ((buflen -= 4) < 0) 2279 goto out_resource; 2280 WRITE32(1); 2281 } 2282 if (bmval0 & FATTR4_WORD0_MAXFILESIZE) { 2283 if ((buflen -= 8) < 0) 2284 goto out_resource; 2285 WRITE64(~(u64)0); 2286 } 2287 if (bmval0 & FATTR4_WORD0_MAXLINK) { 2288 if ((buflen -= 4) < 0) 2289 goto out_resource; 2290 WRITE32(255); 2291 } 2292 if (bmval0 & FATTR4_WORD0_MAXNAME) { 2293 if ((buflen -= 4) < 0) 2294 goto out_resource; 2295 WRITE32(statfs.f_namelen); 2296 } 2297 if (bmval0 & FATTR4_WORD0_MAXREAD) { 2298 if ((buflen -= 8) < 0) 2299 goto out_resource; 2300 WRITE64((u64) svc_max_payload(rqstp)); 2301 } 2302 if (bmval0 & FATTR4_WORD0_MAXWRITE) { 2303 if ((buflen -= 8) < 0) 2304 goto out_resource; 2305 WRITE64((u64) svc_max_payload(rqstp)); 2306 } 2307 if (bmval1 & FATTR4_WORD1_MODE) { 2308 if ((buflen -= 4) < 0) 2309 goto out_resource; 2310 WRITE32(stat.mode & S_IALLUGO); 2311 } 2312 if (bmval1 & FATTR4_WORD1_NO_TRUNC) { 2313 if ((buflen -= 4) < 0) 2314 goto out_resource; 2315 WRITE32(1); 2316 } 2317 if (bmval1 & FATTR4_WORD1_NUMLINKS) { 2318 if ((buflen -= 4) < 0) 2319 goto out_resource; 2320 WRITE32(stat.nlink); 2321 } 2322 if (bmval1 & FATTR4_WORD1_OWNER) { 2323 status = nfsd4_encode_user(rqstp, stat.uid, &p, &buflen); 2324 if (status == nfserr_resource) 2325 goto out_resource; 2326 if (status) 2327 goto out; 2328 } 2329 if (bmval1 & FATTR4_WORD1_OWNER_GROUP) { 2330 status = nfsd4_encode_group(rqstp, stat.gid, &p, &buflen); 2331 if (status == nfserr_resource) 2332 goto out_resource; 2333 if (status) 2334 goto out; 2335 } 2336 if (bmval1 & FATTR4_WORD1_RAWDEV) { 2337 if ((buflen -= 8) < 0) 2338 goto out_resource; 2339 WRITE32((u32) MAJOR(stat.rdev)); 2340 WRITE32((u32) MINOR(stat.rdev)); 2341 } 2342 if (bmval1 & FATTR4_WORD1_SPACE_AVAIL) { 2343 if ((buflen -= 8) < 0) 2344 goto out_resource; 2345 dummy64 = (u64)statfs.f_bavail * (u64)statfs.f_bsize; 2346 WRITE64(dummy64); 2347 } 2348 if (bmval1 & FATTR4_WORD1_SPACE_FREE) { 2349 if ((buflen -= 8) < 0) 2350 goto out_resource; 2351 dummy64 = (u64)statfs.f_bfree * (u64)statfs.f_bsize; 2352 WRITE64(dummy64); 2353 } 2354 if (bmval1 & FATTR4_WORD1_SPACE_TOTAL) { 2355 if ((buflen -= 8) < 0) 2356 goto out_resource; 2357 dummy64 = (u64)statfs.f_blocks * (u64)statfs.f_bsize; 2358 WRITE64(dummy64); 2359 } 2360 if (bmval1 & FATTR4_WORD1_SPACE_USED) { 2361 if ((buflen -= 8) < 0) 2362 goto out_resource; 2363 dummy64 = (u64)stat.blocks << 9; 2364 WRITE64(dummy64); 2365 } 2366 if (bmval1 & FATTR4_WORD1_TIME_ACCESS) { 2367 if ((buflen -= 12) < 0) 2368 goto out_resource; 2369 WRITE64((s64)stat.atime.tv_sec); 2370 WRITE32(stat.atime.tv_nsec); 2371 } 2372 if (bmval1 & FATTR4_WORD1_TIME_DELTA) { 2373 if ((buflen -= 12) < 0) 2374 goto out_resource; 2375 WRITE32(0); 2376 WRITE32(1); 2377 WRITE32(0); 2378 } 2379 if (bmval1 & FATTR4_WORD1_TIME_METADATA) { 2380 if ((buflen -= 12) < 0) 2381 goto out_resource; 2382 WRITE64((s64)stat.ctime.tv_sec); 2383 WRITE32(stat.ctime.tv_nsec); 2384 } 2385 if (bmval1 & FATTR4_WORD1_TIME_MODIFY) { 2386 if ((buflen -= 12) < 0) 2387 goto out_resource; 2388 WRITE64((s64)stat.mtime.tv_sec); 2389 WRITE32(stat.mtime.tv_nsec); 2390 } 2391 if (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) { 2392 if ((buflen -= 8) < 0) 2393 goto out_resource; 2394 /* 2395 * Get parent's attributes if not ignoring crossmount 2396 * and this is the root of a cross-mounted filesystem. 2397 */ 2398 if (ignore_crossmnt == 0 && 2399 dentry == exp->ex_path.mnt->mnt_root) 2400 get_parent_attributes(exp, &stat); 2401 WRITE64(stat.ino); 2402 } 2403 if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) { 2404 WRITE32(3); 2405 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD0); 2406 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD1); 2407 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD2); 2408 } 2409 2410 *attrlenp = htonl((char *)p - (char *)attrlenp - 4); 2411 *buffer = p; 2412 status = nfs_ok; 2413 2414 out: 2415 kfree(acl); 2416 if (fhp == &tempfh) 2417 fh_put(&tempfh); 2418 return status; 2419 out_nfserr: 2420 status = nfserrno(err); 2421 goto out; 2422 out_resource: 2423 status = nfserr_resource; 2424 goto out; 2425 out_serverfault: 2426 status = nfserr_serverfault; 2427 goto out; 2428 } 2429 2430 static inline int attributes_need_mount(u32 *bmval) 2431 { 2432 if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME)) 2433 return 1; 2434 if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID) 2435 return 1; 2436 return 0; 2437 } 2438 2439 static __be32 2440 nfsd4_encode_dirent_fattr(struct nfsd4_readdir *cd, 2441 const char *name, int namlen, __be32 **p, int buflen) 2442 { 2443 struct svc_export *exp = cd->rd_fhp->fh_export; 2444 struct dentry *dentry; 2445 __be32 nfserr; 2446 int ignore_crossmnt = 0; 2447 2448 dentry = lookup_one_len(name, cd->rd_fhp->fh_dentry, namlen); 2449 if (IS_ERR(dentry)) 2450 return nfserrno(PTR_ERR(dentry)); 2451 if (!dentry->d_inode) { 2452 /* 2453 * nfsd_buffered_readdir drops the i_mutex between 2454 * readdir and calling this callback, leaving a window 2455 * where this directory entry could have gone away. 2456 */ 2457 dput(dentry); 2458 return nfserr_noent; 2459 } 2460 2461 exp_get(exp); 2462 /* 2463 * In the case of a mountpoint, the client may be asking for 2464 * attributes that are only properties of the underlying filesystem 2465 * as opposed to the cross-mounted file system. In such a case, 2466 * we will not follow the cross mount and will fill the attribtutes 2467 * directly from the mountpoint dentry. 2468 */ 2469 if (nfsd_mountpoint(dentry, exp)) { 2470 int err; 2471 2472 if (!(exp->ex_flags & NFSEXP_V4ROOT) 2473 && !attributes_need_mount(cd->rd_bmval)) { 2474 ignore_crossmnt = 1; 2475 goto out_encode; 2476 } 2477 /* 2478 * Why the heck aren't we just using nfsd_lookup?? 2479 * Different "."/".." handling? Something else? 2480 * At least, add a comment here to explain.... 2481 */ 2482 err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp); 2483 if (err) { 2484 nfserr = nfserrno(err); 2485 goto out_put; 2486 } 2487 nfserr = check_nfsd_access(exp, cd->rd_rqstp); 2488 if (nfserr) 2489 goto out_put; 2490 2491 } 2492 out_encode: 2493 nfserr = nfsd4_encode_fattr(NULL, exp, dentry, p, buflen, cd->rd_bmval, 2494 cd->rd_rqstp, ignore_crossmnt); 2495 out_put: 2496 dput(dentry); 2497 exp_put(exp); 2498 return nfserr; 2499 } 2500 2501 static __be32 * 2502 nfsd4_encode_rdattr_error(__be32 *p, int buflen, __be32 nfserr) 2503 { 2504 __be32 *attrlenp; 2505 2506 if (buflen < 6) 2507 return NULL; 2508 *p++ = htonl(2); 2509 *p++ = htonl(FATTR4_WORD0_RDATTR_ERROR); /* bmval0 */ 2510 *p++ = htonl(0); /* bmval1 */ 2511 2512 attrlenp = p++; 2513 *p++ = nfserr; /* no htonl */ 2514 *attrlenp = htonl((char *)p - (char *)attrlenp - 4); 2515 return p; 2516 } 2517 2518 static int 2519 nfsd4_encode_dirent(void *ccdv, const char *name, int namlen, 2520 loff_t offset, u64 ino, unsigned int d_type) 2521 { 2522 struct readdir_cd *ccd = ccdv; 2523 struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common); 2524 int buflen; 2525 __be32 *p = cd->buffer; 2526 __be32 *cookiep; 2527 __be32 nfserr = nfserr_toosmall; 2528 2529 /* In nfsv4, "." and ".." never make it onto the wire.. */ 2530 if (name && isdotent(name, namlen)) { 2531 cd->common.err = nfs_ok; 2532 return 0; 2533 } 2534 2535 if (cd->offset) 2536 xdr_encode_hyper(cd->offset, (u64) offset); 2537 2538 buflen = cd->buflen - 4 - XDR_QUADLEN(namlen); 2539 if (buflen < 0) 2540 goto fail; 2541 2542 *p++ = xdr_one; /* mark entry present */ 2543 cookiep = p; 2544 p = xdr_encode_hyper(p, NFS_OFFSET_MAX); /* offset of next entry */ 2545 p = xdr_encode_array(p, name, namlen); /* name length & name */ 2546 2547 nfserr = nfsd4_encode_dirent_fattr(cd, name, namlen, &p, buflen); 2548 switch (nfserr) { 2549 case nfs_ok: 2550 break; 2551 case nfserr_resource: 2552 nfserr = nfserr_toosmall; 2553 goto fail; 2554 case nfserr_noent: 2555 goto skip_entry; 2556 default: 2557 /* 2558 * If the client requested the RDATTR_ERROR attribute, 2559 * we stuff the error code into this attribute 2560 * and continue. If this attribute was not requested, 2561 * then in accordance with the spec, we fail the 2562 * entire READDIR operation(!) 2563 */ 2564 if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR)) 2565 goto fail; 2566 p = nfsd4_encode_rdattr_error(p, buflen, nfserr); 2567 if (p == NULL) { 2568 nfserr = nfserr_toosmall; 2569 goto fail; 2570 } 2571 } 2572 cd->buflen -= (p - cd->buffer); 2573 cd->buffer = p; 2574 cd->offset = cookiep; 2575 skip_entry: 2576 cd->common.err = nfs_ok; 2577 return 0; 2578 fail: 2579 cd->common.err = nfserr; 2580 return -EINVAL; 2581 } 2582 2583 static void 2584 nfsd4_encode_stateid(struct nfsd4_compoundres *resp, stateid_t *sid) 2585 { 2586 __be32 *p; 2587 2588 RESERVE_SPACE(sizeof(stateid_t)); 2589 WRITE32(sid->si_generation); 2590 WRITEMEM(&sid->si_opaque, sizeof(stateid_opaque_t)); 2591 ADJUST_ARGS(); 2592 } 2593 2594 static __be32 2595 nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_access *access) 2596 { 2597 __be32 *p; 2598 2599 if (!nfserr) { 2600 RESERVE_SPACE(8); 2601 WRITE32(access->ac_supported); 2602 WRITE32(access->ac_resp_access); 2603 ADJUST_ARGS(); 2604 } 2605 return nfserr; 2606 } 2607 2608 static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_bind_conn_to_session *bcts) 2609 { 2610 __be32 *p; 2611 2612 if (!nfserr) { 2613 RESERVE_SPACE(NFS4_MAX_SESSIONID_LEN + 8); 2614 WRITEMEM(bcts->sessionid.data, NFS4_MAX_SESSIONID_LEN); 2615 WRITE32(bcts->dir); 2616 /* Sorry, we do not yet support RDMA over 4.1: */ 2617 WRITE32(0); 2618 ADJUST_ARGS(); 2619 } 2620 return nfserr; 2621 } 2622 2623 static __be32 2624 nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_close *close) 2625 { 2626 if (!nfserr) 2627 nfsd4_encode_stateid(resp, &close->cl_stateid); 2628 2629 return nfserr; 2630 } 2631 2632 2633 static __be32 2634 nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_commit *commit) 2635 { 2636 __be32 *p; 2637 2638 if (!nfserr) { 2639 RESERVE_SPACE(NFS4_VERIFIER_SIZE); 2640 WRITEMEM(commit->co_verf.data, NFS4_VERIFIER_SIZE); 2641 ADJUST_ARGS(); 2642 } 2643 return nfserr; 2644 } 2645 2646 static __be32 2647 nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_create *create) 2648 { 2649 __be32 *p; 2650 2651 if (!nfserr) { 2652 RESERVE_SPACE(32); 2653 write_cinfo(&p, &create->cr_cinfo); 2654 WRITE32(2); 2655 WRITE32(create->cr_bmval[0]); 2656 WRITE32(create->cr_bmval[1]); 2657 ADJUST_ARGS(); 2658 } 2659 return nfserr; 2660 } 2661 2662 static __be32 2663 nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_getattr *getattr) 2664 { 2665 struct svc_fh *fhp = getattr->ga_fhp; 2666 int buflen; 2667 2668 if (nfserr) 2669 return nfserr; 2670 2671 buflen = resp->end - resp->p - (COMPOUND_ERR_SLACK_SPACE >> 2); 2672 nfserr = nfsd4_encode_fattr(fhp, fhp->fh_export, fhp->fh_dentry, 2673 &resp->p, buflen, getattr->ga_bmval, 2674 resp->rqstp, 0); 2675 return nfserr; 2676 } 2677 2678 static __be32 2679 nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr, struct svc_fh **fhpp) 2680 { 2681 struct svc_fh *fhp = *fhpp; 2682 unsigned int len; 2683 __be32 *p; 2684 2685 if (!nfserr) { 2686 len = fhp->fh_handle.fh_size; 2687 RESERVE_SPACE(len + 4); 2688 WRITE32(len); 2689 WRITEMEM(&fhp->fh_handle.fh_base, len); 2690 ADJUST_ARGS(); 2691 } 2692 return nfserr; 2693 } 2694 2695 /* 2696 * Including all fields other than the name, a LOCK4denied structure requires 2697 * 8(clientid) + 4(namelen) + 8(offset) + 8(length) + 4(type) = 32 bytes. 2698 */ 2699 static void 2700 nfsd4_encode_lock_denied(struct nfsd4_compoundres *resp, struct nfsd4_lock_denied *ld) 2701 { 2702 struct xdr_netobj *conf = &ld->ld_owner; 2703 __be32 *p; 2704 2705 RESERVE_SPACE(32 + XDR_LEN(conf->len)); 2706 WRITE64(ld->ld_start); 2707 WRITE64(ld->ld_length); 2708 WRITE32(ld->ld_type); 2709 if (conf->len) { 2710 WRITEMEM(&ld->ld_clientid, 8); 2711 WRITE32(conf->len); 2712 WRITEMEM(conf->data, conf->len); 2713 kfree(conf->data); 2714 } else { /* non - nfsv4 lock in conflict, no clientid nor owner */ 2715 WRITE64((u64)0); /* clientid */ 2716 WRITE32(0); /* length of owner name */ 2717 } 2718 ADJUST_ARGS(); 2719 } 2720 2721 static __be32 2722 nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lock *lock) 2723 { 2724 if (!nfserr) 2725 nfsd4_encode_stateid(resp, &lock->lk_resp_stateid); 2726 else if (nfserr == nfserr_denied) 2727 nfsd4_encode_lock_denied(resp, &lock->lk_denied); 2728 2729 return nfserr; 2730 } 2731 2732 static __be32 2733 nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lockt *lockt) 2734 { 2735 if (nfserr == nfserr_denied) 2736 nfsd4_encode_lock_denied(resp, &lockt->lt_denied); 2737 return nfserr; 2738 } 2739 2740 static __be32 2741 nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_locku *locku) 2742 { 2743 if (!nfserr) 2744 nfsd4_encode_stateid(resp, &locku->lu_stateid); 2745 2746 return nfserr; 2747 } 2748 2749 2750 static __be32 2751 nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_link *link) 2752 { 2753 __be32 *p; 2754 2755 if (!nfserr) { 2756 RESERVE_SPACE(20); 2757 write_cinfo(&p, &link->li_cinfo); 2758 ADJUST_ARGS(); 2759 } 2760 return nfserr; 2761 } 2762 2763 2764 static __be32 2765 nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open *open) 2766 { 2767 __be32 *p; 2768 2769 if (nfserr) 2770 goto out; 2771 2772 nfsd4_encode_stateid(resp, &open->op_stateid); 2773 RESERVE_SPACE(40); 2774 write_cinfo(&p, &open->op_cinfo); 2775 WRITE32(open->op_rflags); 2776 WRITE32(2); 2777 WRITE32(open->op_bmval[0]); 2778 WRITE32(open->op_bmval[1]); 2779 WRITE32(open->op_delegate_type); 2780 ADJUST_ARGS(); 2781 2782 switch (open->op_delegate_type) { 2783 case NFS4_OPEN_DELEGATE_NONE: 2784 break; 2785 case NFS4_OPEN_DELEGATE_READ: 2786 nfsd4_encode_stateid(resp, &open->op_delegate_stateid); 2787 RESERVE_SPACE(20); 2788 WRITE32(open->op_recall); 2789 2790 /* 2791 * TODO: ACE's in delegations 2792 */ 2793 WRITE32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE); 2794 WRITE32(0); 2795 WRITE32(0); 2796 WRITE32(0); /* XXX: is NULL principal ok? */ 2797 ADJUST_ARGS(); 2798 break; 2799 case NFS4_OPEN_DELEGATE_WRITE: 2800 nfsd4_encode_stateid(resp, &open->op_delegate_stateid); 2801 RESERVE_SPACE(32); 2802 WRITE32(0); 2803 2804 /* 2805 * TODO: space_limit's in delegations 2806 */ 2807 WRITE32(NFS4_LIMIT_SIZE); 2808 WRITE32(~(u32)0); 2809 WRITE32(~(u32)0); 2810 2811 /* 2812 * TODO: ACE's in delegations 2813 */ 2814 WRITE32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE); 2815 WRITE32(0); 2816 WRITE32(0); 2817 WRITE32(0); /* XXX: is NULL principal ok? */ 2818 ADJUST_ARGS(); 2819 break; 2820 case NFS4_OPEN_DELEGATE_NONE_EXT: /* 4.1 */ 2821 switch (open->op_why_no_deleg) { 2822 case WND4_CONTENTION: 2823 case WND4_RESOURCE: 2824 RESERVE_SPACE(8); 2825 WRITE32(open->op_why_no_deleg); 2826 WRITE32(0); /* deleg signaling not supported yet */ 2827 break; 2828 default: 2829 RESERVE_SPACE(4); 2830 WRITE32(open->op_why_no_deleg); 2831 } 2832 ADJUST_ARGS(); 2833 break; 2834 default: 2835 BUG(); 2836 } 2837 /* XXX save filehandle here */ 2838 out: 2839 return nfserr; 2840 } 2841 2842 static __be32 2843 nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_confirm *oc) 2844 { 2845 if (!nfserr) 2846 nfsd4_encode_stateid(resp, &oc->oc_resp_stateid); 2847 2848 return nfserr; 2849 } 2850 2851 static __be32 2852 nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_downgrade *od) 2853 { 2854 if (!nfserr) 2855 nfsd4_encode_stateid(resp, &od->od_stateid); 2856 2857 return nfserr; 2858 } 2859 2860 static __be32 2861 nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr, 2862 struct nfsd4_read *read) 2863 { 2864 u32 eof; 2865 int v; 2866 struct page *page; 2867 unsigned long maxcount; 2868 long len; 2869 __be32 *p; 2870 2871 if (nfserr) 2872 return nfserr; 2873 if (resp->xbuf->page_len) 2874 return nfserr_resource; 2875 2876 RESERVE_SPACE(8); /* eof flag and byte count */ 2877 2878 maxcount = svc_max_payload(resp->rqstp); 2879 if (maxcount > read->rd_length) 2880 maxcount = read->rd_length; 2881 2882 len = maxcount; 2883 v = 0; 2884 while (len > 0) { 2885 page = *(resp->rqstp->rq_next_page); 2886 if (!page) { /* ran out of pages */ 2887 maxcount -= len; 2888 break; 2889 } 2890 resp->rqstp->rq_vec[v].iov_base = page_address(page); 2891 resp->rqstp->rq_vec[v].iov_len = 2892 len < PAGE_SIZE ? len : PAGE_SIZE; 2893 resp->rqstp->rq_next_page++; 2894 v++; 2895 len -= PAGE_SIZE; 2896 } 2897 read->rd_vlen = v; 2898 2899 nfserr = nfsd_read_file(read->rd_rqstp, read->rd_fhp, read->rd_filp, 2900 read->rd_offset, resp->rqstp->rq_vec, read->rd_vlen, 2901 &maxcount); 2902 2903 if (nfserr) 2904 return nfserr; 2905 eof = (read->rd_offset + maxcount >= 2906 read->rd_fhp->fh_dentry->d_inode->i_size); 2907 2908 WRITE32(eof); 2909 WRITE32(maxcount); 2910 ADJUST_ARGS(); 2911 resp->xbuf->head[0].iov_len = (char*)p 2912 - (char*)resp->xbuf->head[0].iov_base; 2913 resp->xbuf->page_len = maxcount; 2914 2915 /* Use rest of head for padding and remaining ops: */ 2916 resp->xbuf->tail[0].iov_base = p; 2917 resp->xbuf->tail[0].iov_len = 0; 2918 if (maxcount&3) { 2919 RESERVE_SPACE(4); 2920 WRITE32(0); 2921 resp->xbuf->tail[0].iov_base += maxcount&3; 2922 resp->xbuf->tail[0].iov_len = 4 - (maxcount&3); 2923 ADJUST_ARGS(); 2924 } 2925 return 0; 2926 } 2927 2928 static __be32 2929 nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readlink *readlink) 2930 { 2931 int maxcount; 2932 char *page; 2933 __be32 *p; 2934 2935 if (nfserr) 2936 return nfserr; 2937 if (resp->xbuf->page_len) 2938 return nfserr_resource; 2939 if (!*resp->rqstp->rq_next_page) 2940 return nfserr_resource; 2941 2942 page = page_address(*(resp->rqstp->rq_next_page++)); 2943 2944 maxcount = PAGE_SIZE; 2945 RESERVE_SPACE(4); 2946 2947 /* 2948 * XXX: By default, the ->readlink() VFS op will truncate symlinks 2949 * if they would overflow the buffer. Is this kosher in NFSv4? If 2950 * not, one easy fix is: if ->readlink() precisely fills the buffer, 2951 * assume that truncation occurred, and return NFS4ERR_RESOURCE. 2952 */ 2953 nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp, page, &maxcount); 2954 if (nfserr == nfserr_isdir) 2955 return nfserr_inval; 2956 if (nfserr) 2957 return nfserr; 2958 2959 WRITE32(maxcount); 2960 ADJUST_ARGS(); 2961 resp->xbuf->head[0].iov_len = (char*)p 2962 - (char*)resp->xbuf->head[0].iov_base; 2963 resp->xbuf->page_len = maxcount; 2964 2965 /* Use rest of head for padding and remaining ops: */ 2966 resp->xbuf->tail[0].iov_base = p; 2967 resp->xbuf->tail[0].iov_len = 0; 2968 if (maxcount&3) { 2969 RESERVE_SPACE(4); 2970 WRITE32(0); 2971 resp->xbuf->tail[0].iov_base += maxcount&3; 2972 resp->xbuf->tail[0].iov_len = 4 - (maxcount&3); 2973 ADJUST_ARGS(); 2974 } 2975 return 0; 2976 } 2977 2978 static __be32 2979 nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readdir *readdir) 2980 { 2981 int maxcount; 2982 loff_t offset; 2983 __be32 *page, *savep, *tailbase; 2984 __be32 *p; 2985 2986 if (nfserr) 2987 return nfserr; 2988 if (resp->xbuf->page_len) 2989 return nfserr_resource; 2990 if (!*resp->rqstp->rq_next_page) 2991 return nfserr_resource; 2992 2993 RESERVE_SPACE(NFS4_VERIFIER_SIZE); 2994 savep = p; 2995 2996 /* XXX: Following NFSv3, we ignore the READDIR verifier for now. */ 2997 WRITE32(0); 2998 WRITE32(0); 2999 ADJUST_ARGS(); 3000 resp->xbuf->head[0].iov_len = ((char*)resp->p) - (char*)resp->xbuf->head[0].iov_base; 3001 tailbase = p; 3002 3003 maxcount = PAGE_SIZE; 3004 if (maxcount > readdir->rd_maxcount) 3005 maxcount = readdir->rd_maxcount; 3006 3007 /* 3008 * Convert from bytes to words, account for the two words already 3009 * written, make sure to leave two words at the end for the next 3010 * pointer and eof field. 3011 */ 3012 maxcount = (maxcount >> 2) - 4; 3013 if (maxcount < 0) { 3014 nfserr = nfserr_toosmall; 3015 goto err_no_verf; 3016 } 3017 3018 page = page_address(*(resp->rqstp->rq_next_page++)); 3019 readdir->common.err = 0; 3020 readdir->buflen = maxcount; 3021 readdir->buffer = page; 3022 readdir->offset = NULL; 3023 3024 offset = readdir->rd_cookie; 3025 nfserr = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp, 3026 &offset, 3027 &readdir->common, nfsd4_encode_dirent); 3028 if (nfserr == nfs_ok && 3029 readdir->common.err == nfserr_toosmall && 3030 readdir->buffer == page) 3031 nfserr = nfserr_toosmall; 3032 if (nfserr) 3033 goto err_no_verf; 3034 3035 if (readdir->offset) 3036 xdr_encode_hyper(readdir->offset, offset); 3037 3038 p = readdir->buffer; 3039 *p++ = 0; /* no more entries */ 3040 *p++ = htonl(readdir->common.err == nfserr_eof); 3041 resp->xbuf->page_len = ((char*)p) - 3042 (char*)page_address(*(resp->rqstp->rq_next_page-1)); 3043 3044 /* Use rest of head for padding and remaining ops: */ 3045 resp->xbuf->tail[0].iov_base = tailbase; 3046 resp->xbuf->tail[0].iov_len = 0; 3047 resp->p = resp->xbuf->tail[0].iov_base; 3048 resp->end = resp->p + (PAGE_SIZE - resp->xbuf->head[0].iov_len)/4; 3049 3050 return 0; 3051 err_no_verf: 3052 p = savep; 3053 ADJUST_ARGS(); 3054 return nfserr; 3055 } 3056 3057 static __be32 3058 nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_remove *remove) 3059 { 3060 __be32 *p; 3061 3062 if (!nfserr) { 3063 RESERVE_SPACE(20); 3064 write_cinfo(&p, &remove->rm_cinfo); 3065 ADJUST_ARGS(); 3066 } 3067 return nfserr; 3068 } 3069 3070 static __be32 3071 nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_rename *rename) 3072 { 3073 __be32 *p; 3074 3075 if (!nfserr) { 3076 RESERVE_SPACE(40); 3077 write_cinfo(&p, &rename->rn_sinfo); 3078 write_cinfo(&p, &rename->rn_tinfo); 3079 ADJUST_ARGS(); 3080 } 3081 return nfserr; 3082 } 3083 3084 static __be32 3085 nfsd4_do_encode_secinfo(struct nfsd4_compoundres *resp, 3086 __be32 nfserr, struct svc_export *exp) 3087 { 3088 u32 i, nflavs, supported; 3089 struct exp_flavor_info *flavs; 3090 struct exp_flavor_info def_flavs[2]; 3091 __be32 *p, *flavorsp; 3092 static bool report = true; 3093 3094 if (nfserr) 3095 goto out; 3096 if (exp->ex_nflavors) { 3097 flavs = exp->ex_flavors; 3098 nflavs = exp->ex_nflavors; 3099 } else { /* Handling of some defaults in absence of real secinfo: */ 3100 flavs = def_flavs; 3101 if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) { 3102 nflavs = 2; 3103 flavs[0].pseudoflavor = RPC_AUTH_UNIX; 3104 flavs[1].pseudoflavor = RPC_AUTH_NULL; 3105 } else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) { 3106 nflavs = 1; 3107 flavs[0].pseudoflavor 3108 = svcauth_gss_flavor(exp->ex_client); 3109 } else { 3110 nflavs = 1; 3111 flavs[0].pseudoflavor 3112 = exp->ex_client->flavour->flavour; 3113 } 3114 } 3115 3116 supported = 0; 3117 RESERVE_SPACE(4); 3118 flavorsp = p++; /* to be backfilled later */ 3119 ADJUST_ARGS(); 3120 3121 for (i = 0; i < nflavs; i++) { 3122 rpc_authflavor_t pf = flavs[i].pseudoflavor; 3123 struct rpcsec_gss_info info; 3124 3125 if (rpcauth_get_gssinfo(pf, &info) == 0) { 3126 supported++; 3127 RESERVE_SPACE(4 + 4 + info.oid.len + 4 + 4); 3128 WRITE32(RPC_AUTH_GSS); 3129 WRITE32(info.oid.len); 3130 WRITEMEM(info.oid.data, info.oid.len); 3131 WRITE32(info.qop); 3132 WRITE32(info.service); 3133 ADJUST_ARGS(); 3134 } else if (pf < RPC_AUTH_MAXFLAVOR) { 3135 supported++; 3136 RESERVE_SPACE(4); 3137 WRITE32(pf); 3138 ADJUST_ARGS(); 3139 } else { 3140 if (report) 3141 pr_warn("NFS: SECINFO: security flavor %u " 3142 "is not supported\n", pf); 3143 } 3144 } 3145 3146 if (nflavs != supported) 3147 report = false; 3148 *flavorsp = htonl(supported); 3149 3150 out: 3151 if (exp) 3152 exp_put(exp); 3153 return nfserr; 3154 } 3155 3156 static __be32 3157 nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr, 3158 struct nfsd4_secinfo *secinfo) 3159 { 3160 return nfsd4_do_encode_secinfo(resp, nfserr, secinfo->si_exp); 3161 } 3162 3163 static __be32 3164 nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr, 3165 struct nfsd4_secinfo_no_name *secinfo) 3166 { 3167 return nfsd4_do_encode_secinfo(resp, nfserr, secinfo->sin_exp); 3168 } 3169 3170 /* 3171 * The SETATTR encode routine is special -- it always encodes a bitmap, 3172 * regardless of the error status. 3173 */ 3174 static __be32 3175 nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setattr *setattr) 3176 { 3177 __be32 *p; 3178 3179 RESERVE_SPACE(12); 3180 if (nfserr) { 3181 WRITE32(2); 3182 WRITE32(0); 3183 WRITE32(0); 3184 } 3185 else { 3186 WRITE32(2); 3187 WRITE32(setattr->sa_bmval[0]); 3188 WRITE32(setattr->sa_bmval[1]); 3189 } 3190 ADJUST_ARGS(); 3191 return nfserr; 3192 } 3193 3194 static __be32 3195 nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setclientid *scd) 3196 { 3197 __be32 *p; 3198 3199 if (!nfserr) { 3200 RESERVE_SPACE(8 + NFS4_VERIFIER_SIZE); 3201 WRITEMEM(&scd->se_clientid, 8); 3202 WRITEMEM(&scd->se_confirm, NFS4_VERIFIER_SIZE); 3203 ADJUST_ARGS(); 3204 } 3205 else if (nfserr == nfserr_clid_inuse) { 3206 RESERVE_SPACE(8); 3207 WRITE32(0); 3208 WRITE32(0); 3209 ADJUST_ARGS(); 3210 } 3211 return nfserr; 3212 } 3213 3214 static __be32 3215 nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_write *write) 3216 { 3217 __be32 *p; 3218 3219 if (!nfserr) { 3220 RESERVE_SPACE(16); 3221 WRITE32(write->wr_bytes_written); 3222 WRITE32(write->wr_how_written); 3223 WRITEMEM(write->wr_verifier.data, NFS4_VERIFIER_SIZE); 3224 ADJUST_ARGS(); 3225 } 3226 return nfserr; 3227 } 3228 3229 static __be32 3230 nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr, 3231 struct nfsd4_exchange_id *exid) 3232 { 3233 __be32 *p; 3234 char *major_id; 3235 char *server_scope; 3236 int major_id_sz; 3237 int server_scope_sz; 3238 uint64_t minor_id = 0; 3239 3240 if (nfserr) 3241 return nfserr; 3242 3243 major_id = utsname()->nodename; 3244 major_id_sz = strlen(major_id); 3245 server_scope = utsname()->nodename; 3246 server_scope_sz = strlen(server_scope); 3247 3248 RESERVE_SPACE( 3249 8 /* eir_clientid */ + 3250 4 /* eir_sequenceid */ + 3251 4 /* eir_flags */ + 3252 4 /* spr_how (SP4_NONE) */ + 3253 8 /* so_minor_id */ + 3254 4 /* so_major_id.len */ + 3255 (XDR_QUADLEN(major_id_sz) * 4) + 3256 4 /* eir_server_scope.len */ + 3257 (XDR_QUADLEN(server_scope_sz) * 4) + 3258 4 /* eir_server_impl_id.count (0) */); 3259 3260 WRITEMEM(&exid->clientid, 8); 3261 WRITE32(exid->seqid); 3262 WRITE32(exid->flags); 3263 3264 /* state_protect4_r. Currently only support SP4_NONE */ 3265 BUG_ON(exid->spa_how != SP4_NONE); 3266 WRITE32(exid->spa_how); 3267 3268 /* The server_owner struct */ 3269 WRITE64(minor_id); /* Minor id */ 3270 /* major id */ 3271 WRITE32(major_id_sz); 3272 WRITEMEM(major_id, major_id_sz); 3273 3274 /* Server scope */ 3275 WRITE32(server_scope_sz); 3276 WRITEMEM(server_scope, server_scope_sz); 3277 3278 /* Implementation id */ 3279 WRITE32(0); /* zero length nfs_impl_id4 array */ 3280 ADJUST_ARGS(); 3281 return 0; 3282 } 3283 3284 static __be32 3285 nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr, 3286 struct nfsd4_create_session *sess) 3287 { 3288 __be32 *p; 3289 3290 if (nfserr) 3291 return nfserr; 3292 3293 RESERVE_SPACE(24); 3294 WRITEMEM(sess->sessionid.data, NFS4_MAX_SESSIONID_LEN); 3295 WRITE32(sess->seqid); 3296 WRITE32(sess->flags); 3297 ADJUST_ARGS(); 3298 3299 RESERVE_SPACE(28); 3300 WRITE32(0); /* headerpadsz */ 3301 WRITE32(sess->fore_channel.maxreq_sz); 3302 WRITE32(sess->fore_channel.maxresp_sz); 3303 WRITE32(sess->fore_channel.maxresp_cached); 3304 WRITE32(sess->fore_channel.maxops); 3305 WRITE32(sess->fore_channel.maxreqs); 3306 WRITE32(sess->fore_channel.nr_rdma_attrs); 3307 ADJUST_ARGS(); 3308 3309 if (sess->fore_channel.nr_rdma_attrs) { 3310 RESERVE_SPACE(4); 3311 WRITE32(sess->fore_channel.rdma_attrs); 3312 ADJUST_ARGS(); 3313 } 3314 3315 RESERVE_SPACE(28); 3316 WRITE32(0); /* headerpadsz */ 3317 WRITE32(sess->back_channel.maxreq_sz); 3318 WRITE32(sess->back_channel.maxresp_sz); 3319 WRITE32(sess->back_channel.maxresp_cached); 3320 WRITE32(sess->back_channel.maxops); 3321 WRITE32(sess->back_channel.maxreqs); 3322 WRITE32(sess->back_channel.nr_rdma_attrs); 3323 ADJUST_ARGS(); 3324 3325 if (sess->back_channel.nr_rdma_attrs) { 3326 RESERVE_SPACE(4); 3327 WRITE32(sess->back_channel.rdma_attrs); 3328 ADJUST_ARGS(); 3329 } 3330 return 0; 3331 } 3332 3333 static __be32 3334 nfsd4_encode_destroy_session(struct nfsd4_compoundres *resp, __be32 nfserr, 3335 struct nfsd4_destroy_session *destroy_session) 3336 { 3337 return nfserr; 3338 } 3339 3340 static __be32 3341 nfsd4_encode_free_stateid(struct nfsd4_compoundres *resp, __be32 nfserr, 3342 struct nfsd4_free_stateid *free_stateid) 3343 { 3344 __be32 *p; 3345 3346 if (nfserr) 3347 return nfserr; 3348 3349 RESERVE_SPACE(4); 3350 *p++ = nfserr; 3351 ADJUST_ARGS(); 3352 return nfserr; 3353 } 3354 3355 static __be32 3356 nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr, 3357 struct nfsd4_sequence *seq) 3358 { 3359 __be32 *p; 3360 3361 if (nfserr) 3362 return nfserr; 3363 3364 RESERVE_SPACE(NFS4_MAX_SESSIONID_LEN + 20); 3365 WRITEMEM(seq->sessionid.data, NFS4_MAX_SESSIONID_LEN); 3366 WRITE32(seq->seqid); 3367 WRITE32(seq->slotid); 3368 /* Note slotid's are numbered from zero: */ 3369 WRITE32(seq->maxslots - 1); /* sr_highest_slotid */ 3370 WRITE32(seq->maxslots - 1); /* sr_target_highest_slotid */ 3371 WRITE32(seq->status_flags); 3372 3373 ADJUST_ARGS(); 3374 resp->cstate.datap = p; /* DRC cache data pointer */ 3375 return 0; 3376 } 3377 3378 static __be32 3379 nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr, 3380 struct nfsd4_test_stateid *test_stateid) 3381 { 3382 struct nfsd4_test_stateid_id *stateid, *next; 3383 __be32 *p; 3384 3385 RESERVE_SPACE(4 + (4 * test_stateid->ts_num_ids)); 3386 *p++ = htonl(test_stateid->ts_num_ids); 3387 3388 list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) { 3389 *p++ = stateid->ts_id_status; 3390 } 3391 3392 ADJUST_ARGS(); 3393 return nfserr; 3394 } 3395 3396 static __be32 3397 nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr, void *p) 3398 { 3399 return nfserr; 3400 } 3401 3402 typedef __be32(* nfsd4_enc)(struct nfsd4_compoundres *, __be32, void *); 3403 3404 /* 3405 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1 3406 * since we don't need to filter out obsolete ops as this is 3407 * done in the decoding phase. 3408 */ 3409 static nfsd4_enc nfsd4_enc_ops[] = { 3410 [OP_ACCESS] = (nfsd4_enc)nfsd4_encode_access, 3411 [OP_CLOSE] = (nfsd4_enc)nfsd4_encode_close, 3412 [OP_COMMIT] = (nfsd4_enc)nfsd4_encode_commit, 3413 [OP_CREATE] = (nfsd4_enc)nfsd4_encode_create, 3414 [OP_DELEGPURGE] = (nfsd4_enc)nfsd4_encode_noop, 3415 [OP_DELEGRETURN] = (nfsd4_enc)nfsd4_encode_noop, 3416 [OP_GETATTR] = (nfsd4_enc)nfsd4_encode_getattr, 3417 [OP_GETFH] = (nfsd4_enc)nfsd4_encode_getfh, 3418 [OP_LINK] = (nfsd4_enc)nfsd4_encode_link, 3419 [OP_LOCK] = (nfsd4_enc)nfsd4_encode_lock, 3420 [OP_LOCKT] = (nfsd4_enc)nfsd4_encode_lockt, 3421 [OP_LOCKU] = (nfsd4_enc)nfsd4_encode_locku, 3422 [OP_LOOKUP] = (nfsd4_enc)nfsd4_encode_noop, 3423 [OP_LOOKUPP] = (nfsd4_enc)nfsd4_encode_noop, 3424 [OP_NVERIFY] = (nfsd4_enc)nfsd4_encode_noop, 3425 [OP_OPEN] = (nfsd4_enc)nfsd4_encode_open, 3426 [OP_OPENATTR] = (nfsd4_enc)nfsd4_encode_noop, 3427 [OP_OPEN_CONFIRM] = (nfsd4_enc)nfsd4_encode_open_confirm, 3428 [OP_OPEN_DOWNGRADE] = (nfsd4_enc)nfsd4_encode_open_downgrade, 3429 [OP_PUTFH] = (nfsd4_enc)nfsd4_encode_noop, 3430 [OP_PUTPUBFH] = (nfsd4_enc)nfsd4_encode_noop, 3431 [OP_PUTROOTFH] = (nfsd4_enc)nfsd4_encode_noop, 3432 [OP_READ] = (nfsd4_enc)nfsd4_encode_read, 3433 [OP_READDIR] = (nfsd4_enc)nfsd4_encode_readdir, 3434 [OP_READLINK] = (nfsd4_enc)nfsd4_encode_readlink, 3435 [OP_REMOVE] = (nfsd4_enc)nfsd4_encode_remove, 3436 [OP_RENAME] = (nfsd4_enc)nfsd4_encode_rename, 3437 [OP_RENEW] = (nfsd4_enc)nfsd4_encode_noop, 3438 [OP_RESTOREFH] = (nfsd4_enc)nfsd4_encode_noop, 3439 [OP_SAVEFH] = (nfsd4_enc)nfsd4_encode_noop, 3440 [OP_SECINFO] = (nfsd4_enc)nfsd4_encode_secinfo, 3441 [OP_SETATTR] = (nfsd4_enc)nfsd4_encode_setattr, 3442 [OP_SETCLIENTID] = (nfsd4_enc)nfsd4_encode_setclientid, 3443 [OP_SETCLIENTID_CONFIRM] = (nfsd4_enc)nfsd4_encode_noop, 3444 [OP_VERIFY] = (nfsd4_enc)nfsd4_encode_noop, 3445 [OP_WRITE] = (nfsd4_enc)nfsd4_encode_write, 3446 [OP_RELEASE_LOCKOWNER] = (nfsd4_enc)nfsd4_encode_noop, 3447 3448 /* NFSv4.1 operations */ 3449 [OP_BACKCHANNEL_CTL] = (nfsd4_enc)nfsd4_encode_noop, 3450 [OP_BIND_CONN_TO_SESSION] = (nfsd4_enc)nfsd4_encode_bind_conn_to_session, 3451 [OP_EXCHANGE_ID] = (nfsd4_enc)nfsd4_encode_exchange_id, 3452 [OP_CREATE_SESSION] = (nfsd4_enc)nfsd4_encode_create_session, 3453 [OP_DESTROY_SESSION] = (nfsd4_enc)nfsd4_encode_destroy_session, 3454 [OP_FREE_STATEID] = (nfsd4_enc)nfsd4_encode_free_stateid, 3455 [OP_GET_DIR_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop, 3456 [OP_GETDEVICEINFO] = (nfsd4_enc)nfsd4_encode_noop, 3457 [OP_GETDEVICELIST] = (nfsd4_enc)nfsd4_encode_noop, 3458 [OP_LAYOUTCOMMIT] = (nfsd4_enc)nfsd4_encode_noop, 3459 [OP_LAYOUTGET] = (nfsd4_enc)nfsd4_encode_noop, 3460 [OP_LAYOUTRETURN] = (nfsd4_enc)nfsd4_encode_noop, 3461 [OP_SECINFO_NO_NAME] = (nfsd4_enc)nfsd4_encode_secinfo_no_name, 3462 [OP_SEQUENCE] = (nfsd4_enc)nfsd4_encode_sequence, 3463 [OP_SET_SSV] = (nfsd4_enc)nfsd4_encode_noop, 3464 [OP_TEST_STATEID] = (nfsd4_enc)nfsd4_encode_test_stateid, 3465 [OP_WANT_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop, 3466 [OP_DESTROY_CLIENTID] = (nfsd4_enc)nfsd4_encode_noop, 3467 [OP_RECLAIM_COMPLETE] = (nfsd4_enc)nfsd4_encode_noop, 3468 }; 3469 3470 /* 3471 * Calculate the total amount of memory that the compound response has taken 3472 * after encoding the current operation with pad. 3473 * 3474 * pad: if operation is non-idempotent, pad was calculate by op_rsize_bop() 3475 * which was specified at nfsd4_operation, else pad is zero. 3476 * 3477 * Compare this length to the session se_fmaxresp_sz and se_fmaxresp_cached. 3478 * 3479 * Our se_fmaxresp_cached will always be a multiple of PAGE_SIZE, and so 3480 * will be at least a page and will therefore hold the xdr_buf head. 3481 */ 3482 __be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 pad) 3483 { 3484 struct xdr_buf *xb = &resp->rqstp->rq_res; 3485 struct nfsd4_session *session = NULL; 3486 struct nfsd4_slot *slot = resp->cstate.slot; 3487 u32 length, tlen = 0; 3488 3489 if (!nfsd4_has_session(&resp->cstate)) 3490 return 0; 3491 3492 session = resp->cstate.session; 3493 if (session == NULL) 3494 return 0; 3495 3496 if (xb->page_len == 0) { 3497 length = (char *)resp->p - (char *)xb->head[0].iov_base + pad; 3498 } else { 3499 if (xb->tail[0].iov_base && xb->tail[0].iov_len > 0) 3500 tlen = (char *)resp->p - (char *)xb->tail[0].iov_base; 3501 3502 length = xb->head[0].iov_len + xb->page_len + tlen + pad; 3503 } 3504 dprintk("%s length %u, xb->page_len %u tlen %u pad %u\n", __func__, 3505 length, xb->page_len, tlen, pad); 3506 3507 if (length > session->se_fchannel.maxresp_sz) 3508 return nfserr_rep_too_big; 3509 3510 if ((slot->sl_flags & NFSD4_SLOT_CACHETHIS) && 3511 length > session->se_fchannel.maxresp_cached) 3512 return nfserr_rep_too_big_to_cache; 3513 3514 return 0; 3515 } 3516 3517 void 3518 nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op) 3519 { 3520 struct nfs4_stateowner *so = resp->cstate.replay_owner; 3521 __be32 *statp; 3522 __be32 *p; 3523 3524 RESERVE_SPACE(8); 3525 WRITE32(op->opnum); 3526 statp = p++; /* to be backfilled at the end */ 3527 ADJUST_ARGS(); 3528 3529 if (op->opnum == OP_ILLEGAL) 3530 goto status; 3531 BUG_ON(op->opnum < 0 || op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) || 3532 !nfsd4_enc_ops[op->opnum]); 3533 op->status = nfsd4_enc_ops[op->opnum](resp, op->status, &op->u); 3534 /* nfsd4_check_drc_limit guarantees enough room for error status */ 3535 if (!op->status) 3536 op->status = nfsd4_check_resp_size(resp, 0); 3537 if (so) { 3538 so->so_replay.rp_status = op->status; 3539 so->so_replay.rp_buflen = (char *)resp->p - (char *)(statp+1); 3540 memcpy(so->so_replay.rp_buf, statp+1, so->so_replay.rp_buflen); 3541 } 3542 status: 3543 /* 3544 * Note: We write the status directly, instead of using WRITE32(), 3545 * since it is already in network byte order. 3546 */ 3547 *statp = op->status; 3548 } 3549 3550 /* 3551 * Encode the reply stored in the stateowner reply cache 3552 * 3553 * XDR note: do not encode rp->rp_buflen: the buffer contains the 3554 * previously sent already encoded operation. 3555 * 3556 * called with nfs4_lock_state() held 3557 */ 3558 void 3559 nfsd4_encode_replay(struct nfsd4_compoundres *resp, struct nfsd4_op *op) 3560 { 3561 __be32 *p; 3562 struct nfs4_replay *rp = op->replay; 3563 3564 BUG_ON(!rp); 3565 3566 RESERVE_SPACE(8); 3567 WRITE32(op->opnum); 3568 *p++ = rp->rp_status; /* already xdr'ed */ 3569 ADJUST_ARGS(); 3570 3571 RESERVE_SPACE(rp->rp_buflen); 3572 WRITEMEM(rp->rp_buf, rp->rp_buflen); 3573 ADJUST_ARGS(); 3574 } 3575 3576 int 3577 nfs4svc_encode_voidres(struct svc_rqst *rqstp, __be32 *p, void *dummy) 3578 { 3579 return xdr_ressize_check(rqstp, p); 3580 } 3581 3582 int nfsd4_release_compoundargs(void *rq, __be32 *p, void *resp) 3583 { 3584 struct svc_rqst *rqstp = rq; 3585 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3586 3587 if (args->ops != args->iops) { 3588 kfree(args->ops); 3589 args->ops = args->iops; 3590 } 3591 kfree(args->tmpp); 3592 args->tmpp = NULL; 3593 while (args->to_free) { 3594 struct tmpbuf *tb = args->to_free; 3595 args->to_free = tb->next; 3596 tb->release(tb->buf); 3597 kfree(tb); 3598 } 3599 return 1; 3600 } 3601 3602 int 3603 nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, __be32 *p, struct nfsd4_compoundargs *args) 3604 { 3605 args->p = p; 3606 args->end = rqstp->rq_arg.head[0].iov_base + rqstp->rq_arg.head[0].iov_len; 3607 args->pagelist = rqstp->rq_arg.pages; 3608 args->pagelen = rqstp->rq_arg.page_len; 3609 args->tmpp = NULL; 3610 args->to_free = NULL; 3611 args->ops = args->iops; 3612 args->rqstp = rqstp; 3613 3614 return !nfsd4_decode_compound(args); 3615 } 3616 3617 int 3618 nfs4svc_encode_compoundres(struct svc_rqst *rqstp, __be32 *p, struct nfsd4_compoundres *resp) 3619 { 3620 /* 3621 * All that remains is to write the tag and operation count... 3622 */ 3623 struct nfsd4_compound_state *cs = &resp->cstate; 3624 struct kvec *iov; 3625 p = resp->tagp; 3626 *p++ = htonl(resp->taglen); 3627 memcpy(p, resp->tag, resp->taglen); 3628 p += XDR_QUADLEN(resp->taglen); 3629 *p++ = htonl(resp->opcnt); 3630 3631 if (rqstp->rq_res.page_len) 3632 iov = &rqstp->rq_res.tail[0]; 3633 else 3634 iov = &rqstp->rq_res.head[0]; 3635 iov->iov_len = ((char*)resp->p) - (char*)iov->iov_base; 3636 BUG_ON(iov->iov_len > PAGE_SIZE); 3637 if (nfsd4_has_session(cs)) { 3638 if (cs->status != nfserr_replay_cache) { 3639 nfsd4_store_cache_entry(resp); 3640 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3641 } 3642 /* Renew the clientid on success and on replay */ 3643 put_client_renew(cs->session->se_client); 3644 nfsd4_put_session(cs->session); 3645 } 3646 return 1; 3647 } 3648 3649 /* 3650 * Local variables: 3651 * c-basic-offset: 8 3652 * End: 3653 */ 3654