1 /* 2 * Server-side XDR for NFSv4 3 * 4 * Copyright (c) 2002 The Regents of the University of Michigan. 5 * All rights reserved. 6 * 7 * Kendrick Smith <kmsmith@umich.edu> 8 * Andy Adamson <andros@umich.edu> 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its 20 * contributors may be used to endorse or promote products derived 21 * from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 24 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 * 35 * TODO: Neil Brown made the following observation: We currently 36 * initially reserve NFSD_BUFSIZE space on the transmit queue and 37 * never release any of that until the request is complete. 38 * It would be good to calculate a new maximum response size while 39 * decoding the COMPOUND, and call svc_reserve with this number 40 * at the end of nfs4svc_decode_compoundargs. 41 */ 42 43 #include <linux/slab.h> 44 #include <linux/namei.h> 45 #include <linux/statfs.h> 46 #include <linux/utsname.h> 47 #include <linux/pagemap.h> 48 #include <linux/sunrpc/svcauth_gss.h> 49 50 #include "idmap.h" 51 #include "acl.h" 52 #include "xdr4.h" 53 #include "vfs.h" 54 #include "state.h" 55 #include "cache.h" 56 #include "netns.h" 57 58 #ifdef CONFIG_NFSD_V4_SECURITY_LABEL 59 #include <linux/security.h> 60 #endif 61 62 63 #define NFSDDBG_FACILITY NFSDDBG_XDR 64 65 /* 66 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing 67 * directory in order to indicate to the client that a filesystem boundary is present 68 * We use a fixed fsid for a referral 69 */ 70 #define NFS4_REFERRAL_FSID_MAJOR 0x8000000ULL 71 #define NFS4_REFERRAL_FSID_MINOR 0x8000000ULL 72 73 static __be32 74 check_filename(char *str, int len) 75 { 76 int i; 77 78 if (len == 0) 79 return nfserr_inval; 80 if (isdotent(str, len)) 81 return nfserr_badname; 82 for (i = 0; i < len; i++) 83 if (str[i] == '/') 84 return nfserr_badname; 85 return 0; 86 } 87 88 #define DECODE_HEAD \ 89 __be32 *p; \ 90 __be32 status 91 #define DECODE_TAIL \ 92 status = 0; \ 93 out: \ 94 return status; \ 95 xdr_error: \ 96 dprintk("NFSD: xdr error (%s:%d)\n", \ 97 __FILE__, __LINE__); \ 98 status = nfserr_bad_xdr; \ 99 goto out 100 101 #define READ32(x) (x) = ntohl(*p++) 102 #define READ64(x) do { \ 103 (x) = (u64)ntohl(*p++) << 32; \ 104 (x) |= ntohl(*p++); \ 105 } while (0) 106 #define READMEM(x,nbytes) do { \ 107 x = (char *)p; \ 108 p += XDR_QUADLEN(nbytes); \ 109 } while (0) 110 #define SAVEMEM(x,nbytes) do { \ 111 if (!(x = (p==argp->tmp || p == argp->tmpp) ? \ 112 savemem(argp, p, nbytes) : \ 113 (char *)p)) { \ 114 dprintk("NFSD: xdr error (%s:%d)\n", \ 115 __FILE__, __LINE__); \ 116 goto xdr_error; \ 117 } \ 118 p += XDR_QUADLEN(nbytes); \ 119 } while (0) 120 #define COPYMEM(x,nbytes) do { \ 121 memcpy((x), p, nbytes); \ 122 p += XDR_QUADLEN(nbytes); \ 123 } while (0) 124 125 /* READ_BUF, read_buf(): nbytes must be <= PAGE_SIZE */ 126 #define READ_BUF(nbytes) do { \ 127 if (nbytes <= (u32)((char *)argp->end - (char *)argp->p)) { \ 128 p = argp->p; \ 129 argp->p += XDR_QUADLEN(nbytes); \ 130 } else if (!(p = read_buf(argp, nbytes))) { \ 131 dprintk("NFSD: xdr error (%s:%d)\n", \ 132 __FILE__, __LINE__); \ 133 goto xdr_error; \ 134 } \ 135 } while (0) 136 137 static void next_decode_page(struct nfsd4_compoundargs *argp) 138 { 139 argp->p = page_address(argp->pagelist[0]); 140 argp->pagelist++; 141 if (argp->pagelen < PAGE_SIZE) { 142 argp->end = argp->p + (argp->pagelen>>2); 143 argp->pagelen = 0; 144 } else { 145 argp->end = argp->p + (PAGE_SIZE>>2); 146 argp->pagelen -= PAGE_SIZE; 147 } 148 } 149 150 static __be32 *read_buf(struct nfsd4_compoundargs *argp, u32 nbytes) 151 { 152 /* We want more bytes than seem to be available. 153 * Maybe we need a new page, maybe we have just run out 154 */ 155 unsigned int avail = (char *)argp->end - (char *)argp->p; 156 __be32 *p; 157 if (avail + argp->pagelen < nbytes) 158 return NULL; 159 if (avail + PAGE_SIZE < nbytes) /* need more than a page !! */ 160 return NULL; 161 /* ok, we can do it with the current plus the next page */ 162 if (nbytes <= sizeof(argp->tmp)) 163 p = argp->tmp; 164 else { 165 kfree(argp->tmpp); 166 p = argp->tmpp = kmalloc(nbytes, GFP_KERNEL); 167 if (!p) 168 return NULL; 169 170 } 171 /* 172 * The following memcpy is safe because read_buf is always 173 * called with nbytes > avail, and the two cases above both 174 * guarantee p points to at least nbytes bytes. 175 */ 176 memcpy(p, argp->p, avail); 177 next_decode_page(argp); 178 memcpy(((char*)p)+avail, argp->p, (nbytes - avail)); 179 argp->p += XDR_QUADLEN(nbytes - avail); 180 return p; 181 } 182 183 static int zero_clientid(clientid_t *clid) 184 { 185 return (clid->cl_boot == 0) && (clid->cl_id == 0); 186 } 187 188 /** 189 * defer_free - mark an allocation as deferred freed 190 * @argp: NFSv4 compound argument structure to be freed with 191 * @release: release callback to free @p, typically kfree() 192 * @p: pointer to be freed 193 * 194 * Marks @p to be freed when processing the compound operation 195 * described in @argp finishes. 196 */ 197 static int 198 defer_free(struct nfsd4_compoundargs *argp, 199 void (*release)(const void *), void *p) 200 { 201 struct tmpbuf *tb; 202 203 tb = kmalloc(sizeof(*tb), GFP_KERNEL); 204 if (!tb) 205 return -ENOMEM; 206 tb->buf = p; 207 tb->release = release; 208 tb->next = argp->to_free; 209 argp->to_free = tb; 210 return 0; 211 } 212 213 /** 214 * savemem - duplicate a chunk of memory for later processing 215 * @argp: NFSv4 compound argument structure to be freed with 216 * @p: pointer to be duplicated 217 * @nbytes: length to be duplicated 218 * 219 * Returns a pointer to a copy of @nbytes bytes of memory at @p 220 * that are preserved until processing of the NFSv4 compound 221 * operation described by @argp finishes. 222 */ 223 static char *savemem(struct nfsd4_compoundargs *argp, __be32 *p, int nbytes) 224 { 225 if (p == argp->tmp) { 226 p = kmemdup(argp->tmp, nbytes, GFP_KERNEL); 227 if (!p) 228 return NULL; 229 } else { 230 BUG_ON(p != argp->tmpp); 231 argp->tmpp = NULL; 232 } 233 if (defer_free(argp, kfree, p)) { 234 kfree(p); 235 return NULL; 236 } else 237 return (char *)p; 238 } 239 240 static __be32 241 nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval) 242 { 243 u32 bmlen; 244 DECODE_HEAD; 245 246 bmval[0] = 0; 247 bmval[1] = 0; 248 bmval[2] = 0; 249 250 READ_BUF(4); 251 READ32(bmlen); 252 if (bmlen > 1000) 253 goto xdr_error; 254 255 READ_BUF(bmlen << 2); 256 if (bmlen > 0) 257 READ32(bmval[0]); 258 if (bmlen > 1) 259 READ32(bmval[1]); 260 if (bmlen > 2) 261 READ32(bmval[2]); 262 263 DECODE_TAIL; 264 } 265 266 static __be32 267 nfsd4_decode_fattr(struct nfsd4_compoundargs *argp, u32 *bmval, 268 struct iattr *iattr, struct nfs4_acl **acl, 269 struct xdr_netobj *label) 270 { 271 int expected_len, len = 0; 272 u32 dummy32; 273 char *buf; 274 275 DECODE_HEAD; 276 iattr->ia_valid = 0; 277 if ((status = nfsd4_decode_bitmap(argp, bmval))) 278 return status; 279 280 READ_BUF(4); 281 READ32(expected_len); 282 283 if (bmval[0] & FATTR4_WORD0_SIZE) { 284 READ_BUF(8); 285 len += 8; 286 READ64(iattr->ia_size); 287 iattr->ia_valid |= ATTR_SIZE; 288 } 289 if (bmval[0] & FATTR4_WORD0_ACL) { 290 u32 nace; 291 struct nfs4_ace *ace; 292 293 READ_BUF(4); len += 4; 294 READ32(nace); 295 296 if (nace > NFS4_ACL_MAX) 297 return nfserr_resource; 298 299 *acl = nfs4_acl_new(nace); 300 if (*acl == NULL) 301 return nfserr_jukebox; 302 303 defer_free(argp, kfree, *acl); 304 305 (*acl)->naces = nace; 306 for (ace = (*acl)->aces; ace < (*acl)->aces + nace; ace++) { 307 READ_BUF(16); len += 16; 308 READ32(ace->type); 309 READ32(ace->flag); 310 READ32(ace->access_mask); 311 READ32(dummy32); 312 READ_BUF(dummy32); 313 len += XDR_QUADLEN(dummy32) << 2; 314 READMEM(buf, dummy32); 315 ace->whotype = nfs4_acl_get_whotype(buf, dummy32); 316 status = nfs_ok; 317 if (ace->whotype != NFS4_ACL_WHO_NAMED) 318 ; 319 else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP) 320 status = nfsd_map_name_to_gid(argp->rqstp, 321 buf, dummy32, &ace->who_gid); 322 else 323 status = nfsd_map_name_to_uid(argp->rqstp, 324 buf, dummy32, &ace->who_uid); 325 if (status) 326 return status; 327 } 328 } else 329 *acl = NULL; 330 if (bmval[1] & FATTR4_WORD1_MODE) { 331 READ_BUF(4); 332 len += 4; 333 READ32(iattr->ia_mode); 334 iattr->ia_mode &= (S_IFMT | S_IALLUGO); 335 iattr->ia_valid |= ATTR_MODE; 336 } 337 if (bmval[1] & FATTR4_WORD1_OWNER) { 338 READ_BUF(4); 339 len += 4; 340 READ32(dummy32); 341 READ_BUF(dummy32); 342 len += (XDR_QUADLEN(dummy32) << 2); 343 READMEM(buf, dummy32); 344 if ((status = nfsd_map_name_to_uid(argp->rqstp, buf, dummy32, &iattr->ia_uid))) 345 return status; 346 iattr->ia_valid |= ATTR_UID; 347 } 348 if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) { 349 READ_BUF(4); 350 len += 4; 351 READ32(dummy32); 352 READ_BUF(dummy32); 353 len += (XDR_QUADLEN(dummy32) << 2); 354 READMEM(buf, dummy32); 355 if ((status = nfsd_map_name_to_gid(argp->rqstp, buf, dummy32, &iattr->ia_gid))) 356 return status; 357 iattr->ia_valid |= ATTR_GID; 358 } 359 if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) { 360 READ_BUF(4); 361 len += 4; 362 READ32(dummy32); 363 switch (dummy32) { 364 case NFS4_SET_TO_CLIENT_TIME: 365 /* We require the high 32 bits of 'seconds' to be 0, and we ignore 366 all 32 bits of 'nseconds'. */ 367 READ_BUF(12); 368 len += 12; 369 READ64(iattr->ia_atime.tv_sec); 370 READ32(iattr->ia_atime.tv_nsec); 371 if (iattr->ia_atime.tv_nsec >= (u32)1000000000) 372 return nfserr_inval; 373 iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET); 374 break; 375 case NFS4_SET_TO_SERVER_TIME: 376 iattr->ia_valid |= ATTR_ATIME; 377 break; 378 default: 379 goto xdr_error; 380 } 381 } 382 if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) { 383 READ_BUF(4); 384 len += 4; 385 READ32(dummy32); 386 switch (dummy32) { 387 case NFS4_SET_TO_CLIENT_TIME: 388 /* We require the high 32 bits of 'seconds' to be 0, and we ignore 389 all 32 bits of 'nseconds'. */ 390 READ_BUF(12); 391 len += 12; 392 READ64(iattr->ia_mtime.tv_sec); 393 READ32(iattr->ia_mtime.tv_nsec); 394 if (iattr->ia_mtime.tv_nsec >= (u32)1000000000) 395 return nfserr_inval; 396 iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET); 397 break; 398 case NFS4_SET_TO_SERVER_TIME: 399 iattr->ia_valid |= ATTR_MTIME; 400 break; 401 default: 402 goto xdr_error; 403 } 404 } 405 406 label->len = 0; 407 #ifdef CONFIG_NFSD_V4_SECURITY_LABEL 408 if (bmval[2] & FATTR4_WORD2_SECURITY_LABEL) { 409 READ_BUF(4); 410 len += 4; 411 READ32(dummy32); /* lfs: we don't use it */ 412 READ_BUF(4); 413 len += 4; 414 READ32(dummy32); /* pi: we don't use it either */ 415 READ_BUF(4); 416 len += 4; 417 READ32(dummy32); 418 READ_BUF(dummy32); 419 if (dummy32 > NFSD4_MAX_SEC_LABEL_LEN) 420 return nfserr_badlabel; 421 len += (XDR_QUADLEN(dummy32) << 2); 422 READMEM(buf, dummy32); 423 label->data = kzalloc(dummy32 + 1, GFP_KERNEL); 424 if (!label->data) 425 return nfserr_jukebox; 426 label->len = dummy32; 427 defer_free(argp, kfree, label->data); 428 memcpy(label->data, buf, dummy32); 429 } 430 #endif 431 432 if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0 433 || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1 434 || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) 435 READ_BUF(expected_len - len); 436 else if (len != expected_len) 437 goto xdr_error; 438 439 DECODE_TAIL; 440 } 441 442 static __be32 443 nfsd4_decode_stateid(struct nfsd4_compoundargs *argp, stateid_t *sid) 444 { 445 DECODE_HEAD; 446 447 READ_BUF(sizeof(stateid_t)); 448 READ32(sid->si_generation); 449 COPYMEM(&sid->si_opaque, sizeof(stateid_opaque_t)); 450 451 DECODE_TAIL; 452 } 453 454 static __be32 455 nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access) 456 { 457 DECODE_HEAD; 458 459 READ_BUF(4); 460 READ32(access->ac_req_access); 461 462 DECODE_TAIL; 463 } 464 465 static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) 466 { 467 DECODE_HEAD; 468 u32 dummy, uid, gid; 469 char *machine_name; 470 int i; 471 int nr_secflavs; 472 473 /* callback_sec_params4 */ 474 READ_BUF(4); 475 READ32(nr_secflavs); 476 if (nr_secflavs) 477 cbs->flavor = (u32)(-1); 478 else 479 /* Is this legal? Be generous, take it to mean AUTH_NONE: */ 480 cbs->flavor = 0; 481 for (i = 0; i < nr_secflavs; ++i) { 482 READ_BUF(4); 483 READ32(dummy); 484 switch (dummy) { 485 case RPC_AUTH_NULL: 486 /* Nothing to read */ 487 if (cbs->flavor == (u32)(-1)) 488 cbs->flavor = RPC_AUTH_NULL; 489 break; 490 case RPC_AUTH_UNIX: 491 READ_BUF(8); 492 /* stamp */ 493 READ32(dummy); 494 495 /* machine name */ 496 READ32(dummy); 497 READ_BUF(dummy); 498 SAVEMEM(machine_name, dummy); 499 500 /* uid, gid */ 501 READ_BUF(8); 502 READ32(uid); 503 READ32(gid); 504 505 /* more gids */ 506 READ_BUF(4); 507 READ32(dummy); 508 READ_BUF(dummy * 4); 509 if (cbs->flavor == (u32)(-1)) { 510 kuid_t kuid = make_kuid(&init_user_ns, uid); 511 kgid_t kgid = make_kgid(&init_user_ns, gid); 512 if (uid_valid(kuid) && gid_valid(kgid)) { 513 cbs->uid = kuid; 514 cbs->gid = kgid; 515 cbs->flavor = RPC_AUTH_UNIX; 516 } else { 517 dprintk("RPC_AUTH_UNIX with invalid" 518 "uid or gid ignoring!\n"); 519 } 520 } 521 break; 522 case RPC_AUTH_GSS: 523 dprintk("RPC_AUTH_GSS callback secflavor " 524 "not supported!\n"); 525 READ_BUF(8); 526 /* gcbp_service */ 527 READ32(dummy); 528 /* gcbp_handle_from_server */ 529 READ32(dummy); 530 READ_BUF(dummy); 531 p += XDR_QUADLEN(dummy); 532 /* gcbp_handle_from_client */ 533 READ_BUF(4); 534 READ32(dummy); 535 READ_BUF(dummy); 536 break; 537 default: 538 dprintk("Illegal callback secflavor\n"); 539 return nfserr_inval; 540 } 541 } 542 DECODE_TAIL; 543 } 544 545 static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp, struct nfsd4_backchannel_ctl *bc) 546 { 547 DECODE_HEAD; 548 549 READ_BUF(4); 550 READ32(bc->bc_cb_program); 551 nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec); 552 553 DECODE_TAIL; 554 } 555 556 static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp, struct nfsd4_bind_conn_to_session *bcts) 557 { 558 DECODE_HEAD; 559 560 READ_BUF(NFS4_MAX_SESSIONID_LEN + 8); 561 COPYMEM(bcts->sessionid.data, NFS4_MAX_SESSIONID_LEN); 562 READ32(bcts->dir); 563 /* XXX: skipping ctsa_use_conn_in_rdma_mode. Perhaps Tom Tucker 564 * could help us figure out we should be using it. */ 565 DECODE_TAIL; 566 } 567 568 static __be32 569 nfsd4_decode_close(struct nfsd4_compoundargs *argp, struct nfsd4_close *close) 570 { 571 DECODE_HEAD; 572 573 READ_BUF(4); 574 READ32(close->cl_seqid); 575 return nfsd4_decode_stateid(argp, &close->cl_stateid); 576 577 DECODE_TAIL; 578 } 579 580 581 static __be32 582 nfsd4_decode_commit(struct nfsd4_compoundargs *argp, struct nfsd4_commit *commit) 583 { 584 DECODE_HEAD; 585 586 READ_BUF(12); 587 READ64(commit->co_offset); 588 READ32(commit->co_count); 589 590 DECODE_TAIL; 591 } 592 593 static __be32 594 nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create) 595 { 596 DECODE_HEAD; 597 598 READ_BUF(4); 599 READ32(create->cr_type); 600 switch (create->cr_type) { 601 case NF4LNK: 602 READ_BUF(4); 603 READ32(create->cr_linklen); 604 READ_BUF(create->cr_linklen); 605 SAVEMEM(create->cr_linkname, create->cr_linklen); 606 break; 607 case NF4BLK: 608 case NF4CHR: 609 READ_BUF(8); 610 READ32(create->cr_specdata1); 611 READ32(create->cr_specdata2); 612 break; 613 case NF4SOCK: 614 case NF4FIFO: 615 case NF4DIR: 616 default: 617 break; 618 } 619 620 READ_BUF(4); 621 READ32(create->cr_namelen); 622 READ_BUF(create->cr_namelen); 623 SAVEMEM(create->cr_name, create->cr_namelen); 624 if ((status = check_filename(create->cr_name, create->cr_namelen))) 625 return status; 626 627 status = nfsd4_decode_fattr(argp, create->cr_bmval, &create->cr_iattr, 628 &create->cr_acl, &create->cr_label); 629 if (status) 630 goto out; 631 632 DECODE_TAIL; 633 } 634 635 static inline __be32 636 nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, struct nfsd4_delegreturn *dr) 637 { 638 return nfsd4_decode_stateid(argp, &dr->dr_stateid); 639 } 640 641 static inline __be32 642 nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, struct nfsd4_getattr *getattr) 643 { 644 return nfsd4_decode_bitmap(argp, getattr->ga_bmval); 645 } 646 647 static __be32 648 nfsd4_decode_link(struct nfsd4_compoundargs *argp, struct nfsd4_link *link) 649 { 650 DECODE_HEAD; 651 652 READ_BUF(4); 653 READ32(link->li_namelen); 654 READ_BUF(link->li_namelen); 655 SAVEMEM(link->li_name, link->li_namelen); 656 if ((status = check_filename(link->li_name, link->li_namelen))) 657 return status; 658 659 DECODE_TAIL; 660 } 661 662 static __be32 663 nfsd4_decode_lock(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock) 664 { 665 DECODE_HEAD; 666 667 /* 668 * type, reclaim(boolean), offset, length, new_lock_owner(boolean) 669 */ 670 READ_BUF(28); 671 READ32(lock->lk_type); 672 if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT)) 673 goto xdr_error; 674 READ32(lock->lk_reclaim); 675 READ64(lock->lk_offset); 676 READ64(lock->lk_length); 677 READ32(lock->lk_is_new); 678 679 if (lock->lk_is_new) { 680 READ_BUF(4); 681 READ32(lock->lk_new_open_seqid); 682 status = nfsd4_decode_stateid(argp, &lock->lk_new_open_stateid); 683 if (status) 684 return status; 685 READ_BUF(8 + sizeof(clientid_t)); 686 READ32(lock->lk_new_lock_seqid); 687 COPYMEM(&lock->lk_new_clientid, sizeof(clientid_t)); 688 READ32(lock->lk_new_owner.len); 689 READ_BUF(lock->lk_new_owner.len); 690 READMEM(lock->lk_new_owner.data, lock->lk_new_owner.len); 691 } else { 692 status = nfsd4_decode_stateid(argp, &lock->lk_old_lock_stateid); 693 if (status) 694 return status; 695 READ_BUF(4); 696 READ32(lock->lk_old_lock_seqid); 697 } 698 699 DECODE_TAIL; 700 } 701 702 static __be32 703 nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, struct nfsd4_lockt *lockt) 704 { 705 DECODE_HEAD; 706 707 READ_BUF(32); 708 READ32(lockt->lt_type); 709 if((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT)) 710 goto xdr_error; 711 READ64(lockt->lt_offset); 712 READ64(lockt->lt_length); 713 COPYMEM(&lockt->lt_clientid, 8); 714 READ32(lockt->lt_owner.len); 715 READ_BUF(lockt->lt_owner.len); 716 READMEM(lockt->lt_owner.data, lockt->lt_owner.len); 717 718 DECODE_TAIL; 719 } 720 721 static __be32 722 nfsd4_decode_locku(struct nfsd4_compoundargs *argp, struct nfsd4_locku *locku) 723 { 724 DECODE_HEAD; 725 726 READ_BUF(8); 727 READ32(locku->lu_type); 728 if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT)) 729 goto xdr_error; 730 READ32(locku->lu_seqid); 731 status = nfsd4_decode_stateid(argp, &locku->lu_stateid); 732 if (status) 733 return status; 734 READ_BUF(16); 735 READ64(locku->lu_offset); 736 READ64(locku->lu_length); 737 738 DECODE_TAIL; 739 } 740 741 static __be32 742 nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, struct nfsd4_lookup *lookup) 743 { 744 DECODE_HEAD; 745 746 READ_BUF(4); 747 READ32(lookup->lo_len); 748 READ_BUF(lookup->lo_len); 749 SAVEMEM(lookup->lo_name, lookup->lo_len); 750 if ((status = check_filename(lookup->lo_name, lookup->lo_len))) 751 return status; 752 753 DECODE_TAIL; 754 } 755 756 static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when) 757 { 758 __be32 *p; 759 u32 w; 760 761 READ_BUF(4); 762 READ32(w); 763 *share_access = w & NFS4_SHARE_ACCESS_MASK; 764 *deleg_want = w & NFS4_SHARE_WANT_MASK; 765 if (deleg_when) 766 *deleg_when = w & NFS4_SHARE_WHEN_MASK; 767 768 switch (w & NFS4_SHARE_ACCESS_MASK) { 769 case NFS4_SHARE_ACCESS_READ: 770 case NFS4_SHARE_ACCESS_WRITE: 771 case NFS4_SHARE_ACCESS_BOTH: 772 break; 773 default: 774 return nfserr_bad_xdr; 775 } 776 w &= ~NFS4_SHARE_ACCESS_MASK; 777 if (!w) 778 return nfs_ok; 779 if (!argp->minorversion) 780 return nfserr_bad_xdr; 781 switch (w & NFS4_SHARE_WANT_MASK) { 782 case NFS4_SHARE_WANT_NO_PREFERENCE: 783 case NFS4_SHARE_WANT_READ_DELEG: 784 case NFS4_SHARE_WANT_WRITE_DELEG: 785 case NFS4_SHARE_WANT_ANY_DELEG: 786 case NFS4_SHARE_WANT_NO_DELEG: 787 case NFS4_SHARE_WANT_CANCEL: 788 break; 789 default: 790 return nfserr_bad_xdr; 791 } 792 w &= ~NFS4_SHARE_WANT_MASK; 793 if (!w) 794 return nfs_ok; 795 796 if (!deleg_when) /* open_downgrade */ 797 return nfserr_inval; 798 switch (w) { 799 case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL: 800 case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED: 801 case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL | 802 NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED): 803 return nfs_ok; 804 } 805 xdr_error: 806 return nfserr_bad_xdr; 807 } 808 809 static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x) 810 { 811 __be32 *p; 812 813 READ_BUF(4); 814 READ32(*x); 815 /* Note: unlinke access bits, deny bits may be zero. */ 816 if (*x & ~NFS4_SHARE_DENY_BOTH) 817 return nfserr_bad_xdr; 818 return nfs_ok; 819 xdr_error: 820 return nfserr_bad_xdr; 821 } 822 823 static __be32 nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o) 824 { 825 __be32 *p; 826 827 READ_BUF(4); 828 READ32(o->len); 829 830 if (o->len == 0 || o->len > NFS4_OPAQUE_LIMIT) 831 return nfserr_bad_xdr; 832 833 READ_BUF(o->len); 834 SAVEMEM(o->data, o->len); 835 return nfs_ok; 836 xdr_error: 837 return nfserr_bad_xdr; 838 } 839 840 static __be32 841 nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open) 842 { 843 DECODE_HEAD; 844 u32 dummy; 845 846 memset(open->op_bmval, 0, sizeof(open->op_bmval)); 847 open->op_iattr.ia_valid = 0; 848 open->op_openowner = NULL; 849 850 open->op_xdr_error = 0; 851 /* seqid, share_access, share_deny, clientid, ownerlen */ 852 READ_BUF(4); 853 READ32(open->op_seqid); 854 /* decode, yet ignore deleg_when until supported */ 855 status = nfsd4_decode_share_access(argp, &open->op_share_access, 856 &open->op_deleg_want, &dummy); 857 if (status) 858 goto xdr_error; 859 status = nfsd4_decode_share_deny(argp, &open->op_share_deny); 860 if (status) 861 goto xdr_error; 862 READ_BUF(sizeof(clientid_t)); 863 COPYMEM(&open->op_clientid, sizeof(clientid_t)); 864 status = nfsd4_decode_opaque(argp, &open->op_owner); 865 if (status) 866 goto xdr_error; 867 READ_BUF(4); 868 READ32(open->op_create); 869 switch (open->op_create) { 870 case NFS4_OPEN_NOCREATE: 871 break; 872 case NFS4_OPEN_CREATE: 873 READ_BUF(4); 874 READ32(open->op_createmode); 875 switch (open->op_createmode) { 876 case NFS4_CREATE_UNCHECKED: 877 case NFS4_CREATE_GUARDED: 878 status = nfsd4_decode_fattr(argp, open->op_bmval, 879 &open->op_iattr, &open->op_acl, &open->op_label); 880 if (status) 881 goto out; 882 break; 883 case NFS4_CREATE_EXCLUSIVE: 884 READ_BUF(NFS4_VERIFIER_SIZE); 885 COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE); 886 break; 887 case NFS4_CREATE_EXCLUSIVE4_1: 888 if (argp->minorversion < 1) 889 goto xdr_error; 890 READ_BUF(NFS4_VERIFIER_SIZE); 891 COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE); 892 status = nfsd4_decode_fattr(argp, open->op_bmval, 893 &open->op_iattr, &open->op_acl, &open->op_label); 894 if (status) 895 goto out; 896 break; 897 default: 898 goto xdr_error; 899 } 900 break; 901 default: 902 goto xdr_error; 903 } 904 905 /* open_claim */ 906 READ_BUF(4); 907 READ32(open->op_claim_type); 908 switch (open->op_claim_type) { 909 case NFS4_OPEN_CLAIM_NULL: 910 case NFS4_OPEN_CLAIM_DELEGATE_PREV: 911 READ_BUF(4); 912 READ32(open->op_fname.len); 913 READ_BUF(open->op_fname.len); 914 SAVEMEM(open->op_fname.data, open->op_fname.len); 915 if ((status = check_filename(open->op_fname.data, open->op_fname.len))) 916 return status; 917 break; 918 case NFS4_OPEN_CLAIM_PREVIOUS: 919 READ_BUF(4); 920 READ32(open->op_delegate_type); 921 break; 922 case NFS4_OPEN_CLAIM_DELEGATE_CUR: 923 status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid); 924 if (status) 925 return status; 926 READ_BUF(4); 927 READ32(open->op_fname.len); 928 READ_BUF(open->op_fname.len); 929 SAVEMEM(open->op_fname.data, open->op_fname.len); 930 if ((status = check_filename(open->op_fname.data, open->op_fname.len))) 931 return status; 932 break; 933 case NFS4_OPEN_CLAIM_FH: 934 case NFS4_OPEN_CLAIM_DELEG_PREV_FH: 935 if (argp->minorversion < 1) 936 goto xdr_error; 937 /* void */ 938 break; 939 case NFS4_OPEN_CLAIM_DELEG_CUR_FH: 940 if (argp->minorversion < 1) 941 goto xdr_error; 942 status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid); 943 if (status) 944 return status; 945 break; 946 default: 947 goto xdr_error; 948 } 949 950 DECODE_TAIL; 951 } 952 953 static __be32 954 nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_open_confirm *open_conf) 955 { 956 DECODE_HEAD; 957 958 if (argp->minorversion >= 1) 959 return nfserr_notsupp; 960 961 status = nfsd4_decode_stateid(argp, &open_conf->oc_req_stateid); 962 if (status) 963 return status; 964 READ_BUF(4); 965 READ32(open_conf->oc_seqid); 966 967 DECODE_TAIL; 968 } 969 970 static __be32 971 nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp, struct nfsd4_open_downgrade *open_down) 972 { 973 DECODE_HEAD; 974 975 status = nfsd4_decode_stateid(argp, &open_down->od_stateid); 976 if (status) 977 return status; 978 READ_BUF(4); 979 READ32(open_down->od_seqid); 980 status = nfsd4_decode_share_access(argp, &open_down->od_share_access, 981 &open_down->od_deleg_want, NULL); 982 if (status) 983 return status; 984 status = nfsd4_decode_share_deny(argp, &open_down->od_share_deny); 985 if (status) 986 return status; 987 DECODE_TAIL; 988 } 989 990 static __be32 991 nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh) 992 { 993 DECODE_HEAD; 994 995 READ_BUF(4); 996 READ32(putfh->pf_fhlen); 997 if (putfh->pf_fhlen > NFS4_FHSIZE) 998 goto xdr_error; 999 READ_BUF(putfh->pf_fhlen); 1000 SAVEMEM(putfh->pf_fhval, putfh->pf_fhlen); 1001 1002 DECODE_TAIL; 1003 } 1004 1005 static __be32 1006 nfsd4_decode_putpubfh(struct nfsd4_compoundargs *argp, void *p) 1007 { 1008 if (argp->minorversion == 0) 1009 return nfs_ok; 1010 return nfserr_notsupp; 1011 } 1012 1013 static __be32 1014 nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read) 1015 { 1016 DECODE_HEAD; 1017 1018 status = nfsd4_decode_stateid(argp, &read->rd_stateid); 1019 if (status) 1020 return status; 1021 READ_BUF(12); 1022 READ64(read->rd_offset); 1023 READ32(read->rd_length); 1024 1025 DECODE_TAIL; 1026 } 1027 1028 static __be32 1029 nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, struct nfsd4_readdir *readdir) 1030 { 1031 DECODE_HEAD; 1032 1033 READ_BUF(24); 1034 READ64(readdir->rd_cookie); 1035 COPYMEM(readdir->rd_verf.data, sizeof(readdir->rd_verf.data)); 1036 READ32(readdir->rd_dircount); /* just in case you needed a useless field... */ 1037 READ32(readdir->rd_maxcount); 1038 if ((status = nfsd4_decode_bitmap(argp, readdir->rd_bmval))) 1039 goto out; 1040 1041 DECODE_TAIL; 1042 } 1043 1044 static __be32 1045 nfsd4_decode_remove(struct nfsd4_compoundargs *argp, struct nfsd4_remove *remove) 1046 { 1047 DECODE_HEAD; 1048 1049 READ_BUF(4); 1050 READ32(remove->rm_namelen); 1051 READ_BUF(remove->rm_namelen); 1052 SAVEMEM(remove->rm_name, remove->rm_namelen); 1053 if ((status = check_filename(remove->rm_name, remove->rm_namelen))) 1054 return status; 1055 1056 DECODE_TAIL; 1057 } 1058 1059 static __be32 1060 nfsd4_decode_rename(struct nfsd4_compoundargs *argp, struct nfsd4_rename *rename) 1061 { 1062 DECODE_HEAD; 1063 1064 READ_BUF(4); 1065 READ32(rename->rn_snamelen); 1066 READ_BUF(rename->rn_snamelen + 4); 1067 SAVEMEM(rename->rn_sname, rename->rn_snamelen); 1068 READ32(rename->rn_tnamelen); 1069 READ_BUF(rename->rn_tnamelen); 1070 SAVEMEM(rename->rn_tname, rename->rn_tnamelen); 1071 if ((status = check_filename(rename->rn_sname, rename->rn_snamelen))) 1072 return status; 1073 if ((status = check_filename(rename->rn_tname, rename->rn_tnamelen))) 1074 return status; 1075 1076 DECODE_TAIL; 1077 } 1078 1079 static __be32 1080 nfsd4_decode_renew(struct nfsd4_compoundargs *argp, clientid_t *clientid) 1081 { 1082 DECODE_HEAD; 1083 1084 if (argp->minorversion >= 1) 1085 return nfserr_notsupp; 1086 1087 READ_BUF(sizeof(clientid_t)); 1088 COPYMEM(clientid, sizeof(clientid_t)); 1089 1090 DECODE_TAIL; 1091 } 1092 1093 static __be32 1094 nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp, 1095 struct nfsd4_secinfo *secinfo) 1096 { 1097 DECODE_HEAD; 1098 1099 READ_BUF(4); 1100 READ32(secinfo->si_namelen); 1101 READ_BUF(secinfo->si_namelen); 1102 SAVEMEM(secinfo->si_name, secinfo->si_namelen); 1103 status = check_filename(secinfo->si_name, secinfo->si_namelen); 1104 if (status) 1105 return status; 1106 DECODE_TAIL; 1107 } 1108 1109 static __be32 1110 nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp, 1111 struct nfsd4_secinfo_no_name *sin) 1112 { 1113 DECODE_HEAD; 1114 1115 READ_BUF(4); 1116 READ32(sin->sin_style); 1117 DECODE_TAIL; 1118 } 1119 1120 static __be32 1121 nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *setattr) 1122 { 1123 __be32 status; 1124 1125 status = nfsd4_decode_stateid(argp, &setattr->sa_stateid); 1126 if (status) 1127 return status; 1128 return nfsd4_decode_fattr(argp, setattr->sa_bmval, &setattr->sa_iattr, 1129 &setattr->sa_acl, &setattr->sa_label); 1130 } 1131 1132 static __be32 1133 nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid *setclientid) 1134 { 1135 DECODE_HEAD; 1136 1137 if (argp->minorversion >= 1) 1138 return nfserr_notsupp; 1139 1140 READ_BUF(NFS4_VERIFIER_SIZE); 1141 COPYMEM(setclientid->se_verf.data, NFS4_VERIFIER_SIZE); 1142 1143 status = nfsd4_decode_opaque(argp, &setclientid->se_name); 1144 if (status) 1145 return nfserr_bad_xdr; 1146 READ_BUF(8); 1147 READ32(setclientid->se_callback_prog); 1148 READ32(setclientid->se_callback_netid_len); 1149 1150 READ_BUF(setclientid->se_callback_netid_len + 4); 1151 SAVEMEM(setclientid->se_callback_netid_val, setclientid->se_callback_netid_len); 1152 READ32(setclientid->se_callback_addr_len); 1153 1154 READ_BUF(setclientid->se_callback_addr_len + 4); 1155 SAVEMEM(setclientid->se_callback_addr_val, setclientid->se_callback_addr_len); 1156 READ32(setclientid->se_callback_ident); 1157 1158 DECODE_TAIL; 1159 } 1160 1161 static __be32 1162 nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid_confirm *scd_c) 1163 { 1164 DECODE_HEAD; 1165 1166 if (argp->minorversion >= 1) 1167 return nfserr_notsupp; 1168 1169 READ_BUF(8 + NFS4_VERIFIER_SIZE); 1170 COPYMEM(&scd_c->sc_clientid, 8); 1171 COPYMEM(&scd_c->sc_confirm, NFS4_VERIFIER_SIZE); 1172 1173 DECODE_TAIL; 1174 } 1175 1176 /* Also used for NVERIFY */ 1177 static __be32 1178 nfsd4_decode_verify(struct nfsd4_compoundargs *argp, struct nfsd4_verify *verify) 1179 { 1180 DECODE_HEAD; 1181 1182 if ((status = nfsd4_decode_bitmap(argp, verify->ve_bmval))) 1183 goto out; 1184 1185 /* For convenience's sake, we compare raw xdr'd attributes in 1186 * nfsd4_proc_verify */ 1187 1188 READ_BUF(4); 1189 READ32(verify->ve_attrlen); 1190 READ_BUF(verify->ve_attrlen); 1191 SAVEMEM(verify->ve_attrval, verify->ve_attrlen); 1192 1193 DECODE_TAIL; 1194 } 1195 1196 static __be32 1197 nfsd4_decode_write(struct nfsd4_compoundargs *argp, struct nfsd4_write *write) 1198 { 1199 int avail; 1200 int len; 1201 DECODE_HEAD; 1202 1203 status = nfsd4_decode_stateid(argp, &write->wr_stateid); 1204 if (status) 1205 return status; 1206 READ_BUF(16); 1207 READ64(write->wr_offset); 1208 READ32(write->wr_stable_how); 1209 if (write->wr_stable_how > 2) 1210 goto xdr_error; 1211 READ32(write->wr_buflen); 1212 1213 /* Sorry .. no magic macros for this.. * 1214 * READ_BUF(write->wr_buflen); 1215 * SAVEMEM(write->wr_buf, write->wr_buflen); 1216 */ 1217 avail = (char*)argp->end - (char*)argp->p; 1218 if (avail + argp->pagelen < write->wr_buflen) { 1219 dprintk("NFSD: xdr error (%s:%d)\n", 1220 __FILE__, __LINE__); 1221 goto xdr_error; 1222 } 1223 write->wr_head.iov_base = p; 1224 write->wr_head.iov_len = avail; 1225 WARN_ON(avail != (XDR_QUADLEN(avail) << 2)); 1226 write->wr_pagelist = argp->pagelist; 1227 1228 len = XDR_QUADLEN(write->wr_buflen) << 2; 1229 if (len >= avail) { 1230 int pages; 1231 1232 len -= avail; 1233 1234 pages = len >> PAGE_SHIFT; 1235 argp->pagelist += pages; 1236 argp->pagelen -= pages * PAGE_SIZE; 1237 len -= pages * PAGE_SIZE; 1238 1239 argp->p = (__be32 *)page_address(argp->pagelist[0]); 1240 argp->pagelist++; 1241 argp->end = argp->p + XDR_QUADLEN(PAGE_SIZE); 1242 } 1243 argp->p += XDR_QUADLEN(len); 1244 1245 DECODE_TAIL; 1246 } 1247 1248 static __be32 1249 nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp, struct nfsd4_release_lockowner *rlockowner) 1250 { 1251 DECODE_HEAD; 1252 1253 if (argp->minorversion >= 1) 1254 return nfserr_notsupp; 1255 1256 READ_BUF(12); 1257 COPYMEM(&rlockowner->rl_clientid, sizeof(clientid_t)); 1258 READ32(rlockowner->rl_owner.len); 1259 READ_BUF(rlockowner->rl_owner.len); 1260 READMEM(rlockowner->rl_owner.data, rlockowner->rl_owner.len); 1261 1262 if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid)) 1263 return nfserr_inval; 1264 DECODE_TAIL; 1265 } 1266 1267 static __be32 1268 nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp, 1269 struct nfsd4_exchange_id *exid) 1270 { 1271 int dummy, tmp; 1272 DECODE_HEAD; 1273 1274 READ_BUF(NFS4_VERIFIER_SIZE); 1275 COPYMEM(exid->verifier.data, NFS4_VERIFIER_SIZE); 1276 1277 status = nfsd4_decode_opaque(argp, &exid->clname); 1278 if (status) 1279 return nfserr_bad_xdr; 1280 1281 READ_BUF(4); 1282 READ32(exid->flags); 1283 1284 /* Ignore state_protect4_a */ 1285 READ_BUF(4); 1286 READ32(exid->spa_how); 1287 switch (exid->spa_how) { 1288 case SP4_NONE: 1289 break; 1290 case SP4_MACH_CRED: 1291 /* spo_must_enforce */ 1292 READ_BUF(4); 1293 READ32(dummy); 1294 READ_BUF(dummy * 4); 1295 p += dummy; 1296 1297 /* spo_must_allow */ 1298 READ_BUF(4); 1299 READ32(dummy); 1300 READ_BUF(dummy * 4); 1301 p += dummy; 1302 break; 1303 case SP4_SSV: 1304 /* ssp_ops */ 1305 READ_BUF(4); 1306 READ32(dummy); 1307 READ_BUF(dummy * 4); 1308 p += dummy; 1309 1310 READ_BUF(4); 1311 READ32(dummy); 1312 READ_BUF(dummy * 4); 1313 p += dummy; 1314 1315 /* ssp_hash_algs<> */ 1316 READ_BUF(4); 1317 READ32(tmp); 1318 while (tmp--) { 1319 READ_BUF(4); 1320 READ32(dummy); 1321 READ_BUF(dummy); 1322 p += XDR_QUADLEN(dummy); 1323 } 1324 1325 /* ssp_encr_algs<> */ 1326 READ_BUF(4); 1327 READ32(tmp); 1328 while (tmp--) { 1329 READ_BUF(4); 1330 READ32(dummy); 1331 READ_BUF(dummy); 1332 p += XDR_QUADLEN(dummy); 1333 } 1334 1335 /* ssp_window and ssp_num_gss_handles */ 1336 READ_BUF(8); 1337 READ32(dummy); 1338 READ32(dummy); 1339 break; 1340 default: 1341 goto xdr_error; 1342 } 1343 1344 /* Ignore Implementation ID */ 1345 READ_BUF(4); /* nfs_impl_id4 array length */ 1346 READ32(dummy); 1347 1348 if (dummy > 1) 1349 goto xdr_error; 1350 1351 if (dummy == 1) { 1352 /* nii_domain */ 1353 READ_BUF(4); 1354 READ32(dummy); 1355 READ_BUF(dummy); 1356 p += XDR_QUADLEN(dummy); 1357 1358 /* nii_name */ 1359 READ_BUF(4); 1360 READ32(dummy); 1361 READ_BUF(dummy); 1362 p += XDR_QUADLEN(dummy); 1363 1364 /* nii_date */ 1365 READ_BUF(12); 1366 p += 3; 1367 } 1368 DECODE_TAIL; 1369 } 1370 1371 static __be32 1372 nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, 1373 struct nfsd4_create_session *sess) 1374 { 1375 DECODE_HEAD; 1376 u32 dummy; 1377 1378 READ_BUF(16); 1379 COPYMEM(&sess->clientid, 8); 1380 READ32(sess->seqid); 1381 READ32(sess->flags); 1382 1383 /* Fore channel attrs */ 1384 READ_BUF(28); 1385 READ32(dummy); /* headerpadsz is always 0 */ 1386 READ32(sess->fore_channel.maxreq_sz); 1387 READ32(sess->fore_channel.maxresp_sz); 1388 READ32(sess->fore_channel.maxresp_cached); 1389 READ32(sess->fore_channel.maxops); 1390 READ32(sess->fore_channel.maxreqs); 1391 READ32(sess->fore_channel.nr_rdma_attrs); 1392 if (sess->fore_channel.nr_rdma_attrs == 1) { 1393 READ_BUF(4); 1394 READ32(sess->fore_channel.rdma_attrs); 1395 } else if (sess->fore_channel.nr_rdma_attrs > 1) { 1396 dprintk("Too many fore channel attr bitmaps!\n"); 1397 goto xdr_error; 1398 } 1399 1400 /* Back channel attrs */ 1401 READ_BUF(28); 1402 READ32(dummy); /* headerpadsz is always 0 */ 1403 READ32(sess->back_channel.maxreq_sz); 1404 READ32(sess->back_channel.maxresp_sz); 1405 READ32(sess->back_channel.maxresp_cached); 1406 READ32(sess->back_channel.maxops); 1407 READ32(sess->back_channel.maxreqs); 1408 READ32(sess->back_channel.nr_rdma_attrs); 1409 if (sess->back_channel.nr_rdma_attrs == 1) { 1410 READ_BUF(4); 1411 READ32(sess->back_channel.rdma_attrs); 1412 } else if (sess->back_channel.nr_rdma_attrs > 1) { 1413 dprintk("Too many back channel attr bitmaps!\n"); 1414 goto xdr_error; 1415 } 1416 1417 READ_BUF(4); 1418 READ32(sess->callback_prog); 1419 nfsd4_decode_cb_sec(argp, &sess->cb_sec); 1420 DECODE_TAIL; 1421 } 1422 1423 static __be32 1424 nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp, 1425 struct nfsd4_destroy_session *destroy_session) 1426 { 1427 DECODE_HEAD; 1428 READ_BUF(NFS4_MAX_SESSIONID_LEN); 1429 COPYMEM(destroy_session->sessionid.data, NFS4_MAX_SESSIONID_LEN); 1430 1431 DECODE_TAIL; 1432 } 1433 1434 static __be32 1435 nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp, 1436 struct nfsd4_free_stateid *free_stateid) 1437 { 1438 DECODE_HEAD; 1439 1440 READ_BUF(sizeof(stateid_t)); 1441 READ32(free_stateid->fr_stateid.si_generation); 1442 COPYMEM(&free_stateid->fr_stateid.si_opaque, sizeof(stateid_opaque_t)); 1443 1444 DECODE_TAIL; 1445 } 1446 1447 static __be32 1448 nfsd4_decode_sequence(struct nfsd4_compoundargs *argp, 1449 struct nfsd4_sequence *seq) 1450 { 1451 DECODE_HEAD; 1452 1453 READ_BUF(NFS4_MAX_SESSIONID_LEN + 16); 1454 COPYMEM(seq->sessionid.data, NFS4_MAX_SESSIONID_LEN); 1455 READ32(seq->seqid); 1456 READ32(seq->slotid); 1457 READ32(seq->maxslots); 1458 READ32(seq->cachethis); 1459 1460 DECODE_TAIL; 1461 } 1462 1463 static __be32 1464 nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_stateid *test_stateid) 1465 { 1466 int i; 1467 __be32 *p, status; 1468 struct nfsd4_test_stateid_id *stateid; 1469 1470 READ_BUF(4); 1471 test_stateid->ts_num_ids = ntohl(*p++); 1472 1473 INIT_LIST_HEAD(&test_stateid->ts_stateid_list); 1474 1475 for (i = 0; i < test_stateid->ts_num_ids; i++) { 1476 stateid = kmalloc(sizeof(struct nfsd4_test_stateid_id), GFP_KERNEL); 1477 if (!stateid) { 1478 status = nfserrno(-ENOMEM); 1479 goto out; 1480 } 1481 1482 defer_free(argp, kfree, stateid); 1483 INIT_LIST_HEAD(&stateid->ts_id_list); 1484 list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list); 1485 1486 status = nfsd4_decode_stateid(argp, &stateid->ts_id_stateid); 1487 if (status) 1488 goto out; 1489 } 1490 1491 status = 0; 1492 out: 1493 return status; 1494 xdr_error: 1495 dprintk("NFSD: xdr error (%s:%d)\n", __FILE__, __LINE__); 1496 status = nfserr_bad_xdr; 1497 goto out; 1498 } 1499 1500 static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp, struct nfsd4_destroy_clientid *dc) 1501 { 1502 DECODE_HEAD; 1503 1504 READ_BUF(8); 1505 COPYMEM(&dc->clientid, 8); 1506 1507 DECODE_TAIL; 1508 } 1509 1510 static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp, struct nfsd4_reclaim_complete *rc) 1511 { 1512 DECODE_HEAD; 1513 1514 READ_BUF(4); 1515 READ32(rc->rca_one_fs); 1516 1517 DECODE_TAIL; 1518 } 1519 1520 static __be32 1521 nfsd4_decode_noop(struct nfsd4_compoundargs *argp, void *p) 1522 { 1523 return nfs_ok; 1524 } 1525 1526 static __be32 1527 nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) 1528 { 1529 return nfserr_notsupp; 1530 } 1531 1532 typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); 1533 1534 static nfsd4_dec nfsd4_dec_ops[] = { 1535 [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, 1536 [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, 1537 [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, 1538 [OP_CREATE] = (nfsd4_dec)nfsd4_decode_create, 1539 [OP_DELEGPURGE] = (nfsd4_dec)nfsd4_decode_notsupp, 1540 [OP_DELEGRETURN] = (nfsd4_dec)nfsd4_decode_delegreturn, 1541 [OP_GETATTR] = (nfsd4_dec)nfsd4_decode_getattr, 1542 [OP_GETFH] = (nfsd4_dec)nfsd4_decode_noop, 1543 [OP_LINK] = (nfsd4_dec)nfsd4_decode_link, 1544 [OP_LOCK] = (nfsd4_dec)nfsd4_decode_lock, 1545 [OP_LOCKT] = (nfsd4_dec)nfsd4_decode_lockt, 1546 [OP_LOCKU] = (nfsd4_dec)nfsd4_decode_locku, 1547 [OP_LOOKUP] = (nfsd4_dec)nfsd4_decode_lookup, 1548 [OP_LOOKUPP] = (nfsd4_dec)nfsd4_decode_noop, 1549 [OP_NVERIFY] = (nfsd4_dec)nfsd4_decode_verify, 1550 [OP_OPEN] = (nfsd4_dec)nfsd4_decode_open, 1551 [OP_OPENATTR] = (nfsd4_dec)nfsd4_decode_notsupp, 1552 [OP_OPEN_CONFIRM] = (nfsd4_dec)nfsd4_decode_open_confirm, 1553 [OP_OPEN_DOWNGRADE] = (nfsd4_dec)nfsd4_decode_open_downgrade, 1554 [OP_PUTFH] = (nfsd4_dec)nfsd4_decode_putfh, 1555 [OP_PUTPUBFH] = (nfsd4_dec)nfsd4_decode_putpubfh, 1556 [OP_PUTROOTFH] = (nfsd4_dec)nfsd4_decode_noop, 1557 [OP_READ] = (nfsd4_dec)nfsd4_decode_read, 1558 [OP_READDIR] = (nfsd4_dec)nfsd4_decode_readdir, 1559 [OP_READLINK] = (nfsd4_dec)nfsd4_decode_noop, 1560 [OP_REMOVE] = (nfsd4_dec)nfsd4_decode_remove, 1561 [OP_RENAME] = (nfsd4_dec)nfsd4_decode_rename, 1562 [OP_RENEW] = (nfsd4_dec)nfsd4_decode_renew, 1563 [OP_RESTOREFH] = (nfsd4_dec)nfsd4_decode_noop, 1564 [OP_SAVEFH] = (nfsd4_dec)nfsd4_decode_noop, 1565 [OP_SECINFO] = (nfsd4_dec)nfsd4_decode_secinfo, 1566 [OP_SETATTR] = (nfsd4_dec)nfsd4_decode_setattr, 1567 [OP_SETCLIENTID] = (nfsd4_dec)nfsd4_decode_setclientid, 1568 [OP_SETCLIENTID_CONFIRM] = (nfsd4_dec)nfsd4_decode_setclientid_confirm, 1569 [OP_VERIFY] = (nfsd4_dec)nfsd4_decode_verify, 1570 [OP_WRITE] = (nfsd4_dec)nfsd4_decode_write, 1571 [OP_RELEASE_LOCKOWNER] = (nfsd4_dec)nfsd4_decode_release_lockowner, 1572 1573 /* new operations for NFSv4.1 */ 1574 [OP_BACKCHANNEL_CTL] = (nfsd4_dec)nfsd4_decode_backchannel_ctl, 1575 [OP_BIND_CONN_TO_SESSION]= (nfsd4_dec)nfsd4_decode_bind_conn_to_session, 1576 [OP_EXCHANGE_ID] = (nfsd4_dec)nfsd4_decode_exchange_id, 1577 [OP_CREATE_SESSION] = (nfsd4_dec)nfsd4_decode_create_session, 1578 [OP_DESTROY_SESSION] = (nfsd4_dec)nfsd4_decode_destroy_session, 1579 [OP_FREE_STATEID] = (nfsd4_dec)nfsd4_decode_free_stateid, 1580 [OP_GET_DIR_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp, 1581 [OP_GETDEVICEINFO] = (nfsd4_dec)nfsd4_decode_notsupp, 1582 [OP_GETDEVICELIST] = (nfsd4_dec)nfsd4_decode_notsupp, 1583 [OP_LAYOUTCOMMIT] = (nfsd4_dec)nfsd4_decode_notsupp, 1584 [OP_LAYOUTGET] = (nfsd4_dec)nfsd4_decode_notsupp, 1585 [OP_LAYOUTRETURN] = (nfsd4_dec)nfsd4_decode_notsupp, 1586 [OP_SECINFO_NO_NAME] = (nfsd4_dec)nfsd4_decode_secinfo_no_name, 1587 [OP_SEQUENCE] = (nfsd4_dec)nfsd4_decode_sequence, 1588 [OP_SET_SSV] = (nfsd4_dec)nfsd4_decode_notsupp, 1589 [OP_TEST_STATEID] = (nfsd4_dec)nfsd4_decode_test_stateid, 1590 [OP_WANT_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp, 1591 [OP_DESTROY_CLIENTID] = (nfsd4_dec)nfsd4_decode_destroy_clientid, 1592 [OP_RECLAIM_COMPLETE] = (nfsd4_dec)nfsd4_decode_reclaim_complete, 1593 }; 1594 1595 static inline bool 1596 nfsd4_opnum_in_range(struct nfsd4_compoundargs *argp, struct nfsd4_op *op) 1597 { 1598 if (op->opnum < FIRST_NFS4_OP) 1599 return false; 1600 else if (argp->minorversion == 0 && op->opnum > LAST_NFS40_OP) 1601 return false; 1602 else if (argp->minorversion == 1 && op->opnum > LAST_NFS41_OP) 1603 return false; 1604 else if (argp->minorversion == 2 && op->opnum > LAST_NFS42_OP) 1605 return false; 1606 return true; 1607 } 1608 1609 /* 1610 * Return a rough estimate of the maximum possible reply size. Note the 1611 * estimate includes rpc headers so is meant to be passed to 1612 * svc_reserve, not svc_reserve_auth. 1613 * 1614 * Also note the current compound encoding permits only one operation to 1615 * use pages beyond the first one, so the maximum possible length is the 1616 * maximum over these values, not the sum. 1617 */ 1618 static int nfsd4_max_reply(u32 opnum) 1619 { 1620 switch (opnum) { 1621 case OP_READLINK: 1622 case OP_READDIR: 1623 /* 1624 * Both of these ops take a single page for data and put 1625 * the head and tail in another page: 1626 */ 1627 return 2 * PAGE_SIZE; 1628 case OP_READ: 1629 return INT_MAX; 1630 default: 1631 return PAGE_SIZE; 1632 } 1633 } 1634 1635 static __be32 1636 nfsd4_decode_compound(struct nfsd4_compoundargs *argp) 1637 { 1638 DECODE_HEAD; 1639 struct nfsd4_op *op; 1640 bool cachethis = false; 1641 int max_reply = PAGE_SIZE; 1642 int i; 1643 1644 READ_BUF(4); 1645 READ32(argp->taglen); 1646 READ_BUF(argp->taglen + 8); 1647 SAVEMEM(argp->tag, argp->taglen); 1648 READ32(argp->minorversion); 1649 READ32(argp->opcnt); 1650 1651 if (argp->taglen > NFSD4_MAX_TAGLEN) 1652 goto xdr_error; 1653 if (argp->opcnt > 100) 1654 goto xdr_error; 1655 1656 if (argp->opcnt > ARRAY_SIZE(argp->iops)) { 1657 argp->ops = kmalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL); 1658 if (!argp->ops) { 1659 argp->ops = argp->iops; 1660 dprintk("nfsd: couldn't allocate room for COMPOUND\n"); 1661 goto xdr_error; 1662 } 1663 } 1664 1665 if (argp->minorversion > NFSD_SUPPORTED_MINOR_VERSION) 1666 argp->opcnt = 0; 1667 1668 for (i = 0; i < argp->opcnt; i++) { 1669 op = &argp->ops[i]; 1670 op->replay = NULL; 1671 1672 READ_BUF(4); 1673 READ32(op->opnum); 1674 1675 if (nfsd4_opnum_in_range(argp, op)) 1676 op->status = nfsd4_dec_ops[op->opnum](argp, &op->u); 1677 else { 1678 op->opnum = OP_ILLEGAL; 1679 op->status = nfserr_op_illegal; 1680 } 1681 1682 if (op->status) { 1683 argp->opcnt = i+1; 1684 break; 1685 } 1686 /* 1687 * We'll try to cache the result in the DRC if any one 1688 * op in the compound wants to be cached: 1689 */ 1690 cachethis |= nfsd4_cache_this_op(op); 1691 1692 max_reply = max(max_reply, nfsd4_max_reply(op->opnum)); 1693 } 1694 /* Sessions make the DRC unnecessary: */ 1695 if (argp->minorversion) 1696 cachethis = false; 1697 if (max_reply != INT_MAX) 1698 svc_reserve(argp->rqstp, max_reply); 1699 argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE; 1700 1701 DECODE_TAIL; 1702 } 1703 1704 #define WRITE32(n) *p++ = htonl(n) 1705 #define WRITE64(n) do { \ 1706 *p++ = htonl((u32)((n) >> 32)); \ 1707 *p++ = htonl((u32)(n)); \ 1708 } while (0) 1709 #define WRITEMEM(ptr,nbytes) do { if (nbytes > 0) { \ 1710 *(p + XDR_QUADLEN(nbytes) -1) = 0; \ 1711 memcpy(p, ptr, nbytes); \ 1712 p += XDR_QUADLEN(nbytes); \ 1713 }} while (0) 1714 1715 static void write32(__be32 **p, u32 n) 1716 { 1717 *(*p)++ = htonl(n); 1718 } 1719 1720 static void write64(__be32 **p, u64 n) 1721 { 1722 write32(p, (n >> 32)); 1723 write32(p, (u32)n); 1724 } 1725 1726 static void write_change(__be32 **p, struct kstat *stat, struct inode *inode) 1727 { 1728 if (IS_I_VERSION(inode)) { 1729 write64(p, inode->i_version); 1730 } else { 1731 write32(p, stat->ctime.tv_sec); 1732 write32(p, stat->ctime.tv_nsec); 1733 } 1734 } 1735 1736 static void write_cinfo(__be32 **p, struct nfsd4_change_info *c) 1737 { 1738 write32(p, c->atomic); 1739 if (c->change_supported) { 1740 write64(p, c->before_change); 1741 write64(p, c->after_change); 1742 } else { 1743 write32(p, c->before_ctime_sec); 1744 write32(p, c->before_ctime_nsec); 1745 write32(p, c->after_ctime_sec); 1746 write32(p, c->after_ctime_nsec); 1747 } 1748 } 1749 1750 #define RESERVE_SPACE(nbytes) do { \ 1751 p = resp->p; \ 1752 BUG_ON(p + XDR_QUADLEN(nbytes) > resp->end); \ 1753 } while (0) 1754 #define ADJUST_ARGS() resp->p = p 1755 1756 /* Encode as an array of strings the string given with components 1757 * separated @sep, escaped with esc_enter and esc_exit. 1758 */ 1759 static __be32 nfsd4_encode_components_esc(char sep, char *components, 1760 __be32 **pp, int *buflen, 1761 char esc_enter, char esc_exit) 1762 { 1763 __be32 *p = *pp; 1764 __be32 *countp = p; 1765 int strlen, count=0; 1766 char *str, *end, *next; 1767 1768 dprintk("nfsd4_encode_components(%s)\n", components); 1769 if ((*buflen -= 4) < 0) 1770 return nfserr_resource; 1771 WRITE32(0); /* We will fill this in with @count later */ 1772 end = str = components; 1773 while (*end) { 1774 bool found_esc = false; 1775 1776 /* try to parse as esc_start, ..., esc_end, sep */ 1777 if (*str == esc_enter) { 1778 for (; *end && (*end != esc_exit); end++) 1779 /* find esc_exit or end of string */; 1780 next = end + 1; 1781 if (*end && (!*next || *next == sep)) { 1782 str++; 1783 found_esc = true; 1784 } 1785 } 1786 1787 if (!found_esc) 1788 for (; *end && (*end != sep); end++) 1789 /* find sep or end of string */; 1790 1791 strlen = end - str; 1792 if (strlen) { 1793 if ((*buflen -= ((XDR_QUADLEN(strlen) << 2) + 4)) < 0) 1794 return nfserr_resource; 1795 WRITE32(strlen); 1796 WRITEMEM(str, strlen); 1797 count++; 1798 } 1799 else 1800 end++; 1801 str = end; 1802 } 1803 *pp = p; 1804 p = countp; 1805 WRITE32(count); 1806 return 0; 1807 } 1808 1809 /* Encode as an array of strings the string given with components 1810 * separated @sep. 1811 */ 1812 static __be32 nfsd4_encode_components(char sep, char *components, 1813 __be32 **pp, int *buflen) 1814 { 1815 return nfsd4_encode_components_esc(sep, components, pp, buflen, 0, 0); 1816 } 1817 1818 /* 1819 * encode a location element of a fs_locations structure 1820 */ 1821 static __be32 nfsd4_encode_fs_location4(struct nfsd4_fs_location *location, 1822 __be32 **pp, int *buflen) 1823 { 1824 __be32 status; 1825 __be32 *p = *pp; 1826 1827 status = nfsd4_encode_components_esc(':', location->hosts, &p, buflen, 1828 '[', ']'); 1829 if (status) 1830 return status; 1831 status = nfsd4_encode_components('/', location->path, &p, buflen); 1832 if (status) 1833 return status; 1834 *pp = p; 1835 return 0; 1836 } 1837 1838 /* 1839 * Encode a path in RFC3530 'pathname4' format 1840 */ 1841 static __be32 nfsd4_encode_path(const struct path *root, 1842 const struct path *path, __be32 **pp, int *buflen) 1843 { 1844 struct path cur = *path; 1845 __be32 *p = *pp; 1846 struct dentry **components = NULL; 1847 unsigned int ncomponents = 0; 1848 __be32 err = nfserr_jukebox; 1849 1850 dprintk("nfsd4_encode_components("); 1851 1852 path_get(&cur); 1853 /* First walk the path up to the nfsd root, and store the 1854 * dentries/path components in an array. 1855 */ 1856 for (;;) { 1857 if (cur.dentry == root->dentry && cur.mnt == root->mnt) 1858 break; 1859 if (cur.dentry == cur.mnt->mnt_root) { 1860 if (follow_up(&cur)) 1861 continue; 1862 goto out_free; 1863 } 1864 if ((ncomponents & 15) == 0) { 1865 struct dentry **new; 1866 new = krealloc(components, 1867 sizeof(*new) * (ncomponents + 16), 1868 GFP_KERNEL); 1869 if (!new) 1870 goto out_free; 1871 components = new; 1872 } 1873 components[ncomponents++] = cur.dentry; 1874 cur.dentry = dget_parent(cur.dentry); 1875 } 1876 1877 *buflen -= 4; 1878 if (*buflen < 0) 1879 goto out_free; 1880 WRITE32(ncomponents); 1881 1882 while (ncomponents) { 1883 struct dentry *dentry = components[ncomponents - 1]; 1884 unsigned int len; 1885 1886 spin_lock(&dentry->d_lock); 1887 len = dentry->d_name.len; 1888 *buflen -= 4 + (XDR_QUADLEN(len) << 2); 1889 if (*buflen < 0) { 1890 spin_unlock(&dentry->d_lock); 1891 goto out_free; 1892 } 1893 WRITE32(len); 1894 WRITEMEM(dentry->d_name.name, len); 1895 dprintk("/%s", dentry->d_name.name); 1896 spin_unlock(&dentry->d_lock); 1897 dput(dentry); 1898 ncomponents--; 1899 } 1900 1901 *pp = p; 1902 err = 0; 1903 out_free: 1904 dprintk(")\n"); 1905 while (ncomponents) 1906 dput(components[--ncomponents]); 1907 kfree(components); 1908 path_put(&cur); 1909 return err; 1910 } 1911 1912 static __be32 nfsd4_encode_fsloc_fsroot(struct svc_rqst *rqstp, 1913 const struct path *path, __be32 **pp, int *buflen) 1914 { 1915 struct svc_export *exp_ps; 1916 __be32 res; 1917 1918 exp_ps = rqst_find_fsidzero_export(rqstp); 1919 if (IS_ERR(exp_ps)) 1920 return nfserrno(PTR_ERR(exp_ps)); 1921 res = nfsd4_encode_path(&exp_ps->ex_path, path, pp, buflen); 1922 exp_put(exp_ps); 1923 return res; 1924 } 1925 1926 /* 1927 * encode a fs_locations structure 1928 */ 1929 static __be32 nfsd4_encode_fs_locations(struct svc_rqst *rqstp, 1930 struct svc_export *exp, 1931 __be32 **pp, int *buflen) 1932 { 1933 __be32 status; 1934 int i; 1935 __be32 *p = *pp; 1936 struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs; 1937 1938 status = nfsd4_encode_fsloc_fsroot(rqstp, &exp->ex_path, &p, buflen); 1939 if (status) 1940 return status; 1941 if ((*buflen -= 4) < 0) 1942 return nfserr_resource; 1943 WRITE32(fslocs->locations_count); 1944 for (i=0; i<fslocs->locations_count; i++) { 1945 status = nfsd4_encode_fs_location4(&fslocs->locations[i], 1946 &p, buflen); 1947 if (status) 1948 return status; 1949 } 1950 *pp = p; 1951 return 0; 1952 } 1953 1954 static u32 nfs4_file_type(umode_t mode) 1955 { 1956 switch (mode & S_IFMT) { 1957 case S_IFIFO: return NF4FIFO; 1958 case S_IFCHR: return NF4CHR; 1959 case S_IFDIR: return NF4DIR; 1960 case S_IFBLK: return NF4BLK; 1961 case S_IFLNK: return NF4LNK; 1962 case S_IFREG: return NF4REG; 1963 case S_IFSOCK: return NF4SOCK; 1964 default: return NF4BAD; 1965 }; 1966 } 1967 1968 static inline __be32 1969 nfsd4_encode_aclname(struct svc_rqst *rqstp, struct nfs4_ace *ace, 1970 __be32 **p, int *buflen) 1971 { 1972 if (ace->whotype != NFS4_ACL_WHO_NAMED) 1973 return nfs4_acl_write_who(ace->whotype, p, buflen); 1974 else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP) 1975 return nfsd4_encode_group(rqstp, ace->who_gid, p, buflen); 1976 else 1977 return nfsd4_encode_user(rqstp, ace->who_uid, p, buflen); 1978 } 1979 1980 #define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \ 1981 FATTR4_WORD0_RDATTR_ERROR) 1982 #define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID 1983 1984 #ifdef CONFIG_NFSD_V4_SECURITY_LABEL 1985 static inline __be32 1986 nfsd4_encode_security_label(struct svc_rqst *rqstp, void *context, int len, __be32 **pp, int *buflen) 1987 { 1988 __be32 *p = *pp; 1989 1990 if (*buflen < ((XDR_QUADLEN(len) << 2) + 4 + 4 + 4)) 1991 return nfserr_resource; 1992 1993 /* 1994 * For now we use a 0 here to indicate the null translation; in 1995 * the future we may place a call to translation code here. 1996 */ 1997 if ((*buflen -= 8) < 0) 1998 return nfserr_resource; 1999 2000 WRITE32(0); /* lfs */ 2001 WRITE32(0); /* pi */ 2002 p = xdr_encode_opaque(p, context, len); 2003 *buflen -= (XDR_QUADLEN(len) << 2) + 4; 2004 2005 *pp = p; 2006 return 0; 2007 } 2008 #else 2009 static inline __be32 2010 nfsd4_encode_security_label(struct svc_rqst *rqstp, void *context, int len, __be32 **pp, int *buflen) 2011 { return 0; } 2012 #endif 2013 2014 static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *rdattr_err) 2015 { 2016 /* As per referral draft: */ 2017 if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS || 2018 *bmval1 & ~WORD1_ABSENT_FS_ATTRS) { 2019 if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR || 2020 *bmval0 & FATTR4_WORD0_FS_LOCATIONS) 2021 *rdattr_err = NFSERR_MOVED; 2022 else 2023 return nfserr_moved; 2024 } 2025 *bmval0 &= WORD0_ABSENT_FS_ATTRS; 2026 *bmval1 &= WORD1_ABSENT_FS_ATTRS; 2027 return 0; 2028 } 2029 2030 2031 static int get_parent_attributes(struct svc_export *exp, struct kstat *stat) 2032 { 2033 struct path path = exp->ex_path; 2034 int err; 2035 2036 path_get(&path); 2037 while (follow_up(&path)) { 2038 if (path.dentry != path.mnt->mnt_root) 2039 break; 2040 } 2041 err = vfs_getattr(&path, stat); 2042 path_put(&path); 2043 return err; 2044 } 2045 2046 /* 2047 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle 2048 * ourselves. 2049 * 2050 * countp is the buffer size in _words_ 2051 */ 2052 __be32 2053 nfsd4_encode_fattr(struct svc_fh *fhp, struct svc_export *exp, 2054 struct dentry *dentry, __be32 **buffer, int count, u32 *bmval, 2055 struct svc_rqst *rqstp, int ignore_crossmnt) 2056 { 2057 u32 bmval0 = bmval[0]; 2058 u32 bmval1 = bmval[1]; 2059 u32 bmval2 = bmval[2]; 2060 struct kstat stat; 2061 struct svc_fh *tempfh = NULL; 2062 struct kstatfs statfs; 2063 int buflen = count << 2; 2064 __be32 *attrlenp; 2065 u32 dummy; 2066 u64 dummy64; 2067 u32 rdattr_err = 0; 2068 __be32 *p = *buffer; 2069 __be32 status; 2070 int err; 2071 int aclsupport = 0; 2072 struct nfs4_acl *acl = NULL; 2073 void *context = NULL; 2074 int contextlen; 2075 bool contextsupport = false; 2076 struct nfsd4_compoundres *resp = rqstp->rq_resp; 2077 u32 minorversion = resp->cstate.minorversion; 2078 struct path path = { 2079 .mnt = exp->ex_path.mnt, 2080 .dentry = dentry, 2081 }; 2082 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2083 2084 BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1); 2085 BUG_ON(bmval0 & ~nfsd_suppattrs0(minorversion)); 2086 BUG_ON(bmval1 & ~nfsd_suppattrs1(minorversion)); 2087 BUG_ON(bmval2 & ~nfsd_suppattrs2(minorversion)); 2088 2089 if (exp->ex_fslocs.migrated) { 2090 BUG_ON(bmval[2]); 2091 status = fattr_handle_absent_fs(&bmval0, &bmval1, &rdattr_err); 2092 if (status) 2093 goto out; 2094 } 2095 2096 err = vfs_getattr(&path, &stat); 2097 if (err) 2098 goto out_nfserr; 2099 if ((bmval0 & (FATTR4_WORD0_FILES_FREE | FATTR4_WORD0_FILES_TOTAL | 2100 FATTR4_WORD0_MAXNAME)) || 2101 (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE | 2102 FATTR4_WORD1_SPACE_TOTAL))) { 2103 err = vfs_statfs(&path, &statfs); 2104 if (err) 2105 goto out_nfserr; 2106 } 2107 if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) { 2108 tempfh = kmalloc(sizeof(struct svc_fh), GFP_KERNEL); 2109 status = nfserr_jukebox; 2110 if (!tempfh) 2111 goto out; 2112 fh_init(tempfh, NFS4_FHSIZE); 2113 status = fh_compose(tempfh, exp, dentry, NULL); 2114 if (status) 2115 goto out; 2116 fhp = tempfh; 2117 } 2118 if (bmval0 & (FATTR4_WORD0_ACL | FATTR4_WORD0_ACLSUPPORT 2119 | FATTR4_WORD0_SUPPORTED_ATTRS)) { 2120 err = nfsd4_get_nfs4_acl(rqstp, dentry, &acl); 2121 aclsupport = (err == 0); 2122 if (bmval0 & FATTR4_WORD0_ACL) { 2123 if (err == -EOPNOTSUPP) 2124 bmval0 &= ~FATTR4_WORD0_ACL; 2125 else if (err == -EINVAL) { 2126 status = nfserr_attrnotsupp; 2127 goto out; 2128 } else if (err != 0) 2129 goto out_nfserr; 2130 } 2131 } 2132 2133 #ifdef CONFIG_NFSD_V4_SECURITY_LABEL 2134 if ((bmval[2] & FATTR4_WORD2_SECURITY_LABEL) || 2135 bmval[0] & FATTR4_WORD0_SUPPORTED_ATTRS) { 2136 err = security_inode_getsecctx(dentry->d_inode, 2137 &context, &contextlen); 2138 contextsupport = (err == 0); 2139 if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) { 2140 if (err == -EOPNOTSUPP) 2141 bmval2 &= ~FATTR4_WORD2_SECURITY_LABEL; 2142 else if (err) 2143 goto out_nfserr; 2144 } 2145 } 2146 #endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ 2147 2148 if (bmval2) { 2149 if ((buflen -= 16) < 0) 2150 goto out_resource; 2151 WRITE32(3); 2152 WRITE32(bmval0); 2153 WRITE32(bmval1); 2154 WRITE32(bmval2); 2155 } else if (bmval1) { 2156 if ((buflen -= 12) < 0) 2157 goto out_resource; 2158 WRITE32(2); 2159 WRITE32(bmval0); 2160 WRITE32(bmval1); 2161 } else { 2162 if ((buflen -= 8) < 0) 2163 goto out_resource; 2164 WRITE32(1); 2165 WRITE32(bmval0); 2166 } 2167 attrlenp = p++; /* to be backfilled later */ 2168 2169 if (bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) { 2170 u32 word0 = nfsd_suppattrs0(minorversion); 2171 u32 word1 = nfsd_suppattrs1(minorversion); 2172 u32 word2 = nfsd_suppattrs2(minorversion); 2173 2174 if (!aclsupport) 2175 word0 &= ~FATTR4_WORD0_ACL; 2176 if (!contextsupport) 2177 word2 &= ~FATTR4_WORD2_SECURITY_LABEL; 2178 if (!word2) { 2179 if ((buflen -= 12) < 0) 2180 goto out_resource; 2181 WRITE32(2); 2182 WRITE32(word0); 2183 WRITE32(word1); 2184 } else { 2185 if ((buflen -= 16) < 0) 2186 goto out_resource; 2187 WRITE32(3); 2188 WRITE32(word0); 2189 WRITE32(word1); 2190 WRITE32(word2); 2191 } 2192 } 2193 if (bmval0 & FATTR4_WORD0_TYPE) { 2194 if ((buflen -= 4) < 0) 2195 goto out_resource; 2196 dummy = nfs4_file_type(stat.mode); 2197 if (dummy == NF4BAD) { 2198 status = nfserr_serverfault; 2199 goto out; 2200 } 2201 WRITE32(dummy); 2202 } 2203 if (bmval0 & FATTR4_WORD0_FH_EXPIRE_TYPE) { 2204 if ((buflen -= 4) < 0) 2205 goto out_resource; 2206 if (exp->ex_flags & NFSEXP_NOSUBTREECHECK) 2207 WRITE32(NFS4_FH_PERSISTENT); 2208 else 2209 WRITE32(NFS4_FH_PERSISTENT|NFS4_FH_VOL_RENAME); 2210 } 2211 if (bmval0 & FATTR4_WORD0_CHANGE) { 2212 if ((buflen -= 8) < 0) 2213 goto out_resource; 2214 write_change(&p, &stat, dentry->d_inode); 2215 } 2216 if (bmval0 & FATTR4_WORD0_SIZE) { 2217 if ((buflen -= 8) < 0) 2218 goto out_resource; 2219 WRITE64(stat.size); 2220 } 2221 if (bmval0 & FATTR4_WORD0_LINK_SUPPORT) { 2222 if ((buflen -= 4) < 0) 2223 goto out_resource; 2224 WRITE32(1); 2225 } 2226 if (bmval0 & FATTR4_WORD0_SYMLINK_SUPPORT) { 2227 if ((buflen -= 4) < 0) 2228 goto out_resource; 2229 WRITE32(1); 2230 } 2231 if (bmval0 & FATTR4_WORD0_NAMED_ATTR) { 2232 if ((buflen -= 4) < 0) 2233 goto out_resource; 2234 WRITE32(0); 2235 } 2236 if (bmval0 & FATTR4_WORD0_FSID) { 2237 if ((buflen -= 16) < 0) 2238 goto out_resource; 2239 if (exp->ex_fslocs.migrated) { 2240 WRITE64(NFS4_REFERRAL_FSID_MAJOR); 2241 WRITE64(NFS4_REFERRAL_FSID_MINOR); 2242 } else switch(fsid_source(fhp)) { 2243 case FSIDSOURCE_FSID: 2244 WRITE64((u64)exp->ex_fsid); 2245 WRITE64((u64)0); 2246 break; 2247 case FSIDSOURCE_DEV: 2248 WRITE32(0); 2249 WRITE32(MAJOR(stat.dev)); 2250 WRITE32(0); 2251 WRITE32(MINOR(stat.dev)); 2252 break; 2253 case FSIDSOURCE_UUID: 2254 WRITEMEM(exp->ex_uuid, 16); 2255 break; 2256 } 2257 } 2258 if (bmval0 & FATTR4_WORD0_UNIQUE_HANDLES) { 2259 if ((buflen -= 4) < 0) 2260 goto out_resource; 2261 WRITE32(0); 2262 } 2263 if (bmval0 & FATTR4_WORD0_LEASE_TIME) { 2264 if ((buflen -= 4) < 0) 2265 goto out_resource; 2266 WRITE32(nn->nfsd4_lease); 2267 } 2268 if (bmval0 & FATTR4_WORD0_RDATTR_ERROR) { 2269 if ((buflen -= 4) < 0) 2270 goto out_resource; 2271 WRITE32(rdattr_err); 2272 } 2273 if (bmval0 & FATTR4_WORD0_ACL) { 2274 struct nfs4_ace *ace; 2275 2276 if (acl == NULL) { 2277 if ((buflen -= 4) < 0) 2278 goto out_resource; 2279 2280 WRITE32(0); 2281 goto out_acl; 2282 } 2283 if ((buflen -= 4) < 0) 2284 goto out_resource; 2285 WRITE32(acl->naces); 2286 2287 for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) { 2288 if ((buflen -= 4*3) < 0) 2289 goto out_resource; 2290 WRITE32(ace->type); 2291 WRITE32(ace->flag); 2292 WRITE32(ace->access_mask & NFS4_ACE_MASK_ALL); 2293 status = nfsd4_encode_aclname(rqstp, ace, &p, &buflen); 2294 if (status) 2295 goto out; 2296 } 2297 } 2298 out_acl: 2299 if (bmval0 & FATTR4_WORD0_ACLSUPPORT) { 2300 if ((buflen -= 4) < 0) 2301 goto out_resource; 2302 WRITE32(aclsupport ? 2303 ACL4_SUPPORT_ALLOW_ACL|ACL4_SUPPORT_DENY_ACL : 0); 2304 } 2305 if (bmval0 & FATTR4_WORD0_CANSETTIME) { 2306 if ((buflen -= 4) < 0) 2307 goto out_resource; 2308 WRITE32(1); 2309 } 2310 if (bmval0 & FATTR4_WORD0_CASE_INSENSITIVE) { 2311 if ((buflen -= 4) < 0) 2312 goto out_resource; 2313 WRITE32(0); 2314 } 2315 if (bmval0 & FATTR4_WORD0_CASE_PRESERVING) { 2316 if ((buflen -= 4) < 0) 2317 goto out_resource; 2318 WRITE32(1); 2319 } 2320 if (bmval0 & FATTR4_WORD0_CHOWN_RESTRICTED) { 2321 if ((buflen -= 4) < 0) 2322 goto out_resource; 2323 WRITE32(1); 2324 } 2325 if (bmval0 & FATTR4_WORD0_FILEHANDLE) { 2326 buflen -= (XDR_QUADLEN(fhp->fh_handle.fh_size) << 2) + 4; 2327 if (buflen < 0) 2328 goto out_resource; 2329 WRITE32(fhp->fh_handle.fh_size); 2330 WRITEMEM(&fhp->fh_handle.fh_base, fhp->fh_handle.fh_size); 2331 } 2332 if (bmval0 & FATTR4_WORD0_FILEID) { 2333 if ((buflen -= 8) < 0) 2334 goto out_resource; 2335 WRITE64(stat.ino); 2336 } 2337 if (bmval0 & FATTR4_WORD0_FILES_AVAIL) { 2338 if ((buflen -= 8) < 0) 2339 goto out_resource; 2340 WRITE64((u64) statfs.f_ffree); 2341 } 2342 if (bmval0 & FATTR4_WORD0_FILES_FREE) { 2343 if ((buflen -= 8) < 0) 2344 goto out_resource; 2345 WRITE64((u64) statfs.f_ffree); 2346 } 2347 if (bmval0 & FATTR4_WORD0_FILES_TOTAL) { 2348 if ((buflen -= 8) < 0) 2349 goto out_resource; 2350 WRITE64((u64) statfs.f_files); 2351 } 2352 if (bmval0 & FATTR4_WORD0_FS_LOCATIONS) { 2353 status = nfsd4_encode_fs_locations(rqstp, exp, &p, &buflen); 2354 if (status) 2355 goto out; 2356 } 2357 if (bmval0 & FATTR4_WORD0_HOMOGENEOUS) { 2358 if ((buflen -= 4) < 0) 2359 goto out_resource; 2360 WRITE32(1); 2361 } 2362 if (bmval0 & FATTR4_WORD0_MAXFILESIZE) { 2363 if ((buflen -= 8) < 0) 2364 goto out_resource; 2365 WRITE64(exp->ex_path.mnt->mnt_sb->s_maxbytes); 2366 } 2367 if (bmval0 & FATTR4_WORD0_MAXLINK) { 2368 if ((buflen -= 4) < 0) 2369 goto out_resource; 2370 WRITE32(255); 2371 } 2372 if (bmval0 & FATTR4_WORD0_MAXNAME) { 2373 if ((buflen -= 4) < 0) 2374 goto out_resource; 2375 WRITE32(statfs.f_namelen); 2376 } 2377 if (bmval0 & FATTR4_WORD0_MAXREAD) { 2378 if ((buflen -= 8) < 0) 2379 goto out_resource; 2380 WRITE64((u64) svc_max_payload(rqstp)); 2381 } 2382 if (bmval0 & FATTR4_WORD0_MAXWRITE) { 2383 if ((buflen -= 8) < 0) 2384 goto out_resource; 2385 WRITE64((u64) svc_max_payload(rqstp)); 2386 } 2387 if (bmval1 & FATTR4_WORD1_MODE) { 2388 if ((buflen -= 4) < 0) 2389 goto out_resource; 2390 WRITE32(stat.mode & S_IALLUGO); 2391 } 2392 if (bmval1 & FATTR4_WORD1_NO_TRUNC) { 2393 if ((buflen -= 4) < 0) 2394 goto out_resource; 2395 WRITE32(1); 2396 } 2397 if (bmval1 & FATTR4_WORD1_NUMLINKS) { 2398 if ((buflen -= 4) < 0) 2399 goto out_resource; 2400 WRITE32(stat.nlink); 2401 } 2402 if (bmval1 & FATTR4_WORD1_OWNER) { 2403 status = nfsd4_encode_user(rqstp, stat.uid, &p, &buflen); 2404 if (status) 2405 goto out; 2406 } 2407 if (bmval1 & FATTR4_WORD1_OWNER_GROUP) { 2408 status = nfsd4_encode_group(rqstp, stat.gid, &p, &buflen); 2409 if (status) 2410 goto out; 2411 } 2412 if (bmval1 & FATTR4_WORD1_RAWDEV) { 2413 if ((buflen -= 8) < 0) 2414 goto out_resource; 2415 WRITE32((u32) MAJOR(stat.rdev)); 2416 WRITE32((u32) MINOR(stat.rdev)); 2417 } 2418 if (bmval1 & FATTR4_WORD1_SPACE_AVAIL) { 2419 if ((buflen -= 8) < 0) 2420 goto out_resource; 2421 dummy64 = (u64)statfs.f_bavail * (u64)statfs.f_bsize; 2422 WRITE64(dummy64); 2423 } 2424 if (bmval1 & FATTR4_WORD1_SPACE_FREE) { 2425 if ((buflen -= 8) < 0) 2426 goto out_resource; 2427 dummy64 = (u64)statfs.f_bfree * (u64)statfs.f_bsize; 2428 WRITE64(dummy64); 2429 } 2430 if (bmval1 & FATTR4_WORD1_SPACE_TOTAL) { 2431 if ((buflen -= 8) < 0) 2432 goto out_resource; 2433 dummy64 = (u64)statfs.f_blocks * (u64)statfs.f_bsize; 2434 WRITE64(dummy64); 2435 } 2436 if (bmval1 & FATTR4_WORD1_SPACE_USED) { 2437 if ((buflen -= 8) < 0) 2438 goto out_resource; 2439 dummy64 = (u64)stat.blocks << 9; 2440 WRITE64(dummy64); 2441 } 2442 if (bmval1 & FATTR4_WORD1_TIME_ACCESS) { 2443 if ((buflen -= 12) < 0) 2444 goto out_resource; 2445 WRITE64((s64)stat.atime.tv_sec); 2446 WRITE32(stat.atime.tv_nsec); 2447 } 2448 if (bmval1 & FATTR4_WORD1_TIME_DELTA) { 2449 if ((buflen -= 12) < 0) 2450 goto out_resource; 2451 WRITE32(0); 2452 WRITE32(1); 2453 WRITE32(0); 2454 } 2455 if (bmval1 & FATTR4_WORD1_TIME_METADATA) { 2456 if ((buflen -= 12) < 0) 2457 goto out_resource; 2458 WRITE64((s64)stat.ctime.tv_sec); 2459 WRITE32(stat.ctime.tv_nsec); 2460 } 2461 if (bmval1 & FATTR4_WORD1_TIME_MODIFY) { 2462 if ((buflen -= 12) < 0) 2463 goto out_resource; 2464 WRITE64((s64)stat.mtime.tv_sec); 2465 WRITE32(stat.mtime.tv_nsec); 2466 } 2467 if (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) { 2468 if ((buflen -= 8) < 0) 2469 goto out_resource; 2470 /* 2471 * Get parent's attributes if not ignoring crossmount 2472 * and this is the root of a cross-mounted filesystem. 2473 */ 2474 if (ignore_crossmnt == 0 && 2475 dentry == exp->ex_path.mnt->mnt_root) 2476 get_parent_attributes(exp, &stat); 2477 WRITE64(stat.ino); 2478 } 2479 if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) { 2480 status = nfsd4_encode_security_label(rqstp, context, 2481 contextlen, &p, &buflen); 2482 if (status) 2483 goto out; 2484 } 2485 if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) { 2486 WRITE32(3); 2487 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD0); 2488 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD1); 2489 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD2); 2490 } 2491 2492 *attrlenp = htonl((char *)p - (char *)attrlenp - 4); 2493 *buffer = p; 2494 status = nfs_ok; 2495 2496 out: 2497 #ifdef CONFIG_NFSD_V4_SECURITY_LABEL 2498 if (context) 2499 security_release_secctx(context, contextlen); 2500 #endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ 2501 kfree(acl); 2502 if (tempfh) 2503 fh_put(tempfh); 2504 return status; 2505 out_nfserr: 2506 status = nfserrno(err); 2507 goto out; 2508 out_resource: 2509 status = nfserr_resource; 2510 goto out; 2511 } 2512 2513 static inline int attributes_need_mount(u32 *bmval) 2514 { 2515 if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME)) 2516 return 1; 2517 if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID) 2518 return 1; 2519 return 0; 2520 } 2521 2522 static __be32 2523 nfsd4_encode_dirent_fattr(struct nfsd4_readdir *cd, 2524 const char *name, int namlen, __be32 **p, int buflen) 2525 { 2526 struct svc_export *exp = cd->rd_fhp->fh_export; 2527 struct dentry *dentry; 2528 __be32 nfserr; 2529 int ignore_crossmnt = 0; 2530 2531 dentry = lookup_one_len(name, cd->rd_fhp->fh_dentry, namlen); 2532 if (IS_ERR(dentry)) 2533 return nfserrno(PTR_ERR(dentry)); 2534 if (!dentry->d_inode) { 2535 /* 2536 * nfsd_buffered_readdir drops the i_mutex between 2537 * readdir and calling this callback, leaving a window 2538 * where this directory entry could have gone away. 2539 */ 2540 dput(dentry); 2541 return nfserr_noent; 2542 } 2543 2544 exp_get(exp); 2545 /* 2546 * In the case of a mountpoint, the client may be asking for 2547 * attributes that are only properties of the underlying filesystem 2548 * as opposed to the cross-mounted file system. In such a case, 2549 * we will not follow the cross mount and will fill the attribtutes 2550 * directly from the mountpoint dentry. 2551 */ 2552 if (nfsd_mountpoint(dentry, exp)) { 2553 int err; 2554 2555 if (!(exp->ex_flags & NFSEXP_V4ROOT) 2556 && !attributes_need_mount(cd->rd_bmval)) { 2557 ignore_crossmnt = 1; 2558 goto out_encode; 2559 } 2560 /* 2561 * Why the heck aren't we just using nfsd_lookup?? 2562 * Different "."/".." handling? Something else? 2563 * At least, add a comment here to explain.... 2564 */ 2565 err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp); 2566 if (err) { 2567 nfserr = nfserrno(err); 2568 goto out_put; 2569 } 2570 nfserr = check_nfsd_access(exp, cd->rd_rqstp); 2571 if (nfserr) 2572 goto out_put; 2573 2574 } 2575 out_encode: 2576 nfserr = nfsd4_encode_fattr(NULL, exp, dentry, p, buflen, cd->rd_bmval, 2577 cd->rd_rqstp, ignore_crossmnt); 2578 out_put: 2579 dput(dentry); 2580 exp_put(exp); 2581 return nfserr; 2582 } 2583 2584 static __be32 * 2585 nfsd4_encode_rdattr_error(__be32 *p, int buflen, __be32 nfserr) 2586 { 2587 if (buflen < 6) 2588 return NULL; 2589 *p++ = htonl(2); 2590 *p++ = htonl(FATTR4_WORD0_RDATTR_ERROR); /* bmval0 */ 2591 *p++ = htonl(0); /* bmval1 */ 2592 2593 *p++ = htonl(4); /* attribute length */ 2594 *p++ = nfserr; /* no htonl */ 2595 return p; 2596 } 2597 2598 static int 2599 nfsd4_encode_dirent(void *ccdv, const char *name, int namlen, 2600 loff_t offset, u64 ino, unsigned int d_type) 2601 { 2602 struct readdir_cd *ccd = ccdv; 2603 struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common); 2604 int buflen; 2605 __be32 *p = cd->buffer; 2606 __be32 *cookiep; 2607 __be32 nfserr = nfserr_toosmall; 2608 2609 /* In nfsv4, "." and ".." never make it onto the wire.. */ 2610 if (name && isdotent(name, namlen)) { 2611 cd->common.err = nfs_ok; 2612 return 0; 2613 } 2614 2615 if (cd->offset) 2616 xdr_encode_hyper(cd->offset, (u64) offset); 2617 2618 buflen = cd->buflen - 4 - XDR_QUADLEN(namlen); 2619 if (buflen < 0) 2620 goto fail; 2621 2622 *p++ = xdr_one; /* mark entry present */ 2623 cookiep = p; 2624 p = xdr_encode_hyper(p, NFS_OFFSET_MAX); /* offset of next entry */ 2625 p = xdr_encode_array(p, name, namlen); /* name length & name */ 2626 2627 nfserr = nfsd4_encode_dirent_fattr(cd, name, namlen, &p, buflen); 2628 switch (nfserr) { 2629 case nfs_ok: 2630 break; 2631 case nfserr_resource: 2632 nfserr = nfserr_toosmall; 2633 goto fail; 2634 case nfserr_noent: 2635 goto skip_entry; 2636 default: 2637 /* 2638 * If the client requested the RDATTR_ERROR attribute, 2639 * we stuff the error code into this attribute 2640 * and continue. If this attribute was not requested, 2641 * then in accordance with the spec, we fail the 2642 * entire READDIR operation(!) 2643 */ 2644 if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR)) 2645 goto fail; 2646 p = nfsd4_encode_rdattr_error(p, buflen, nfserr); 2647 if (p == NULL) { 2648 nfserr = nfserr_toosmall; 2649 goto fail; 2650 } 2651 } 2652 cd->buflen -= (p - cd->buffer); 2653 cd->buffer = p; 2654 cd->offset = cookiep; 2655 skip_entry: 2656 cd->common.err = nfs_ok; 2657 return 0; 2658 fail: 2659 cd->common.err = nfserr; 2660 return -EINVAL; 2661 } 2662 2663 static void 2664 nfsd4_encode_stateid(struct nfsd4_compoundres *resp, stateid_t *sid) 2665 { 2666 __be32 *p; 2667 2668 RESERVE_SPACE(sizeof(stateid_t)); 2669 WRITE32(sid->si_generation); 2670 WRITEMEM(&sid->si_opaque, sizeof(stateid_opaque_t)); 2671 ADJUST_ARGS(); 2672 } 2673 2674 static __be32 2675 nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_access *access) 2676 { 2677 __be32 *p; 2678 2679 if (!nfserr) { 2680 RESERVE_SPACE(8); 2681 WRITE32(access->ac_supported); 2682 WRITE32(access->ac_resp_access); 2683 ADJUST_ARGS(); 2684 } 2685 return nfserr; 2686 } 2687 2688 static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_bind_conn_to_session *bcts) 2689 { 2690 __be32 *p; 2691 2692 if (!nfserr) { 2693 RESERVE_SPACE(NFS4_MAX_SESSIONID_LEN + 8); 2694 WRITEMEM(bcts->sessionid.data, NFS4_MAX_SESSIONID_LEN); 2695 WRITE32(bcts->dir); 2696 /* Sorry, we do not yet support RDMA over 4.1: */ 2697 WRITE32(0); 2698 ADJUST_ARGS(); 2699 } 2700 return nfserr; 2701 } 2702 2703 static __be32 2704 nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_close *close) 2705 { 2706 if (!nfserr) 2707 nfsd4_encode_stateid(resp, &close->cl_stateid); 2708 2709 return nfserr; 2710 } 2711 2712 2713 static __be32 2714 nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_commit *commit) 2715 { 2716 __be32 *p; 2717 2718 if (!nfserr) { 2719 RESERVE_SPACE(NFS4_VERIFIER_SIZE); 2720 WRITEMEM(commit->co_verf.data, NFS4_VERIFIER_SIZE); 2721 ADJUST_ARGS(); 2722 } 2723 return nfserr; 2724 } 2725 2726 static __be32 2727 nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_create *create) 2728 { 2729 __be32 *p; 2730 2731 if (!nfserr) { 2732 RESERVE_SPACE(32); 2733 write_cinfo(&p, &create->cr_cinfo); 2734 WRITE32(2); 2735 WRITE32(create->cr_bmval[0]); 2736 WRITE32(create->cr_bmval[1]); 2737 ADJUST_ARGS(); 2738 } 2739 return nfserr; 2740 } 2741 2742 static __be32 2743 nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_getattr *getattr) 2744 { 2745 struct svc_fh *fhp = getattr->ga_fhp; 2746 int buflen; 2747 2748 if (nfserr) 2749 return nfserr; 2750 2751 buflen = resp->end - resp->p - (COMPOUND_ERR_SLACK_SPACE >> 2); 2752 nfserr = nfsd4_encode_fattr(fhp, fhp->fh_export, fhp->fh_dentry, 2753 &resp->p, buflen, getattr->ga_bmval, 2754 resp->rqstp, 0); 2755 return nfserr; 2756 } 2757 2758 static __be32 2759 nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr, struct svc_fh **fhpp) 2760 { 2761 struct svc_fh *fhp = *fhpp; 2762 unsigned int len; 2763 __be32 *p; 2764 2765 if (!nfserr) { 2766 len = fhp->fh_handle.fh_size; 2767 RESERVE_SPACE(len + 4); 2768 WRITE32(len); 2769 WRITEMEM(&fhp->fh_handle.fh_base, len); 2770 ADJUST_ARGS(); 2771 } 2772 return nfserr; 2773 } 2774 2775 /* 2776 * Including all fields other than the name, a LOCK4denied structure requires 2777 * 8(clientid) + 4(namelen) + 8(offset) + 8(length) + 4(type) = 32 bytes. 2778 */ 2779 static void 2780 nfsd4_encode_lock_denied(struct nfsd4_compoundres *resp, struct nfsd4_lock_denied *ld) 2781 { 2782 struct xdr_netobj *conf = &ld->ld_owner; 2783 __be32 *p; 2784 2785 RESERVE_SPACE(32 + XDR_LEN(conf->len)); 2786 WRITE64(ld->ld_start); 2787 WRITE64(ld->ld_length); 2788 WRITE32(ld->ld_type); 2789 if (conf->len) { 2790 WRITEMEM(&ld->ld_clientid, 8); 2791 WRITE32(conf->len); 2792 WRITEMEM(conf->data, conf->len); 2793 kfree(conf->data); 2794 } else { /* non - nfsv4 lock in conflict, no clientid nor owner */ 2795 WRITE64((u64)0); /* clientid */ 2796 WRITE32(0); /* length of owner name */ 2797 } 2798 ADJUST_ARGS(); 2799 } 2800 2801 static __be32 2802 nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lock *lock) 2803 { 2804 if (!nfserr) 2805 nfsd4_encode_stateid(resp, &lock->lk_resp_stateid); 2806 else if (nfserr == nfserr_denied) 2807 nfsd4_encode_lock_denied(resp, &lock->lk_denied); 2808 2809 return nfserr; 2810 } 2811 2812 static __be32 2813 nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lockt *lockt) 2814 { 2815 if (nfserr == nfserr_denied) 2816 nfsd4_encode_lock_denied(resp, &lockt->lt_denied); 2817 return nfserr; 2818 } 2819 2820 static __be32 2821 nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_locku *locku) 2822 { 2823 if (!nfserr) 2824 nfsd4_encode_stateid(resp, &locku->lu_stateid); 2825 2826 return nfserr; 2827 } 2828 2829 2830 static __be32 2831 nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_link *link) 2832 { 2833 __be32 *p; 2834 2835 if (!nfserr) { 2836 RESERVE_SPACE(20); 2837 write_cinfo(&p, &link->li_cinfo); 2838 ADJUST_ARGS(); 2839 } 2840 return nfserr; 2841 } 2842 2843 2844 static __be32 2845 nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open *open) 2846 { 2847 __be32 *p; 2848 2849 if (nfserr) 2850 goto out; 2851 2852 nfsd4_encode_stateid(resp, &open->op_stateid); 2853 RESERVE_SPACE(40); 2854 write_cinfo(&p, &open->op_cinfo); 2855 WRITE32(open->op_rflags); 2856 WRITE32(2); 2857 WRITE32(open->op_bmval[0]); 2858 WRITE32(open->op_bmval[1]); 2859 WRITE32(open->op_delegate_type); 2860 ADJUST_ARGS(); 2861 2862 switch (open->op_delegate_type) { 2863 case NFS4_OPEN_DELEGATE_NONE: 2864 break; 2865 case NFS4_OPEN_DELEGATE_READ: 2866 nfsd4_encode_stateid(resp, &open->op_delegate_stateid); 2867 RESERVE_SPACE(20); 2868 WRITE32(open->op_recall); 2869 2870 /* 2871 * TODO: ACE's in delegations 2872 */ 2873 WRITE32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE); 2874 WRITE32(0); 2875 WRITE32(0); 2876 WRITE32(0); /* XXX: is NULL principal ok? */ 2877 ADJUST_ARGS(); 2878 break; 2879 case NFS4_OPEN_DELEGATE_WRITE: 2880 nfsd4_encode_stateid(resp, &open->op_delegate_stateid); 2881 RESERVE_SPACE(32); 2882 WRITE32(0); 2883 2884 /* 2885 * TODO: space_limit's in delegations 2886 */ 2887 WRITE32(NFS4_LIMIT_SIZE); 2888 WRITE32(~(u32)0); 2889 WRITE32(~(u32)0); 2890 2891 /* 2892 * TODO: ACE's in delegations 2893 */ 2894 WRITE32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE); 2895 WRITE32(0); 2896 WRITE32(0); 2897 WRITE32(0); /* XXX: is NULL principal ok? */ 2898 ADJUST_ARGS(); 2899 break; 2900 case NFS4_OPEN_DELEGATE_NONE_EXT: /* 4.1 */ 2901 switch (open->op_why_no_deleg) { 2902 case WND4_CONTENTION: 2903 case WND4_RESOURCE: 2904 RESERVE_SPACE(8); 2905 WRITE32(open->op_why_no_deleg); 2906 WRITE32(0); /* deleg signaling not supported yet */ 2907 break; 2908 default: 2909 RESERVE_SPACE(4); 2910 WRITE32(open->op_why_no_deleg); 2911 } 2912 ADJUST_ARGS(); 2913 break; 2914 default: 2915 BUG(); 2916 } 2917 /* XXX save filehandle here */ 2918 out: 2919 return nfserr; 2920 } 2921 2922 static __be32 2923 nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_confirm *oc) 2924 { 2925 if (!nfserr) 2926 nfsd4_encode_stateid(resp, &oc->oc_resp_stateid); 2927 2928 return nfserr; 2929 } 2930 2931 static __be32 2932 nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_downgrade *od) 2933 { 2934 if (!nfserr) 2935 nfsd4_encode_stateid(resp, &od->od_stateid); 2936 2937 return nfserr; 2938 } 2939 2940 static __be32 2941 nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr, 2942 struct nfsd4_read *read) 2943 { 2944 u32 eof; 2945 int v; 2946 struct page *page; 2947 unsigned long maxcount; 2948 long len; 2949 __be32 *p; 2950 2951 if (nfserr) 2952 return nfserr; 2953 if (resp->xbuf->page_len) 2954 return nfserr_resource; 2955 2956 RESERVE_SPACE(8); /* eof flag and byte count */ 2957 2958 maxcount = svc_max_payload(resp->rqstp); 2959 if (maxcount > read->rd_length) 2960 maxcount = read->rd_length; 2961 2962 len = maxcount; 2963 v = 0; 2964 while (len > 0) { 2965 page = *(resp->rqstp->rq_next_page); 2966 if (!page) { /* ran out of pages */ 2967 maxcount -= len; 2968 break; 2969 } 2970 resp->rqstp->rq_vec[v].iov_base = page_address(page); 2971 resp->rqstp->rq_vec[v].iov_len = 2972 len < PAGE_SIZE ? len : PAGE_SIZE; 2973 resp->rqstp->rq_next_page++; 2974 v++; 2975 len -= PAGE_SIZE; 2976 } 2977 read->rd_vlen = v; 2978 2979 nfserr = nfsd_read_file(read->rd_rqstp, read->rd_fhp, read->rd_filp, 2980 read->rd_offset, resp->rqstp->rq_vec, read->rd_vlen, 2981 &maxcount); 2982 2983 if (nfserr) 2984 return nfserr; 2985 eof = (read->rd_offset + maxcount >= 2986 read->rd_fhp->fh_dentry->d_inode->i_size); 2987 2988 WRITE32(eof); 2989 WRITE32(maxcount); 2990 ADJUST_ARGS(); 2991 resp->xbuf->head[0].iov_len = (char*)p 2992 - (char*)resp->xbuf->head[0].iov_base; 2993 resp->xbuf->page_len = maxcount; 2994 2995 /* Use rest of head for padding and remaining ops: */ 2996 resp->xbuf->tail[0].iov_base = p; 2997 resp->xbuf->tail[0].iov_len = 0; 2998 if (maxcount&3) { 2999 RESERVE_SPACE(4); 3000 WRITE32(0); 3001 resp->xbuf->tail[0].iov_base += maxcount&3; 3002 resp->xbuf->tail[0].iov_len = 4 - (maxcount&3); 3003 ADJUST_ARGS(); 3004 } 3005 return 0; 3006 } 3007 3008 static __be32 3009 nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readlink *readlink) 3010 { 3011 int maxcount; 3012 char *page; 3013 __be32 *p; 3014 3015 if (nfserr) 3016 return nfserr; 3017 if (resp->xbuf->page_len) 3018 return nfserr_resource; 3019 if (!*resp->rqstp->rq_next_page) 3020 return nfserr_resource; 3021 3022 page = page_address(*(resp->rqstp->rq_next_page++)); 3023 3024 maxcount = PAGE_SIZE; 3025 RESERVE_SPACE(4); 3026 3027 /* 3028 * XXX: By default, the ->readlink() VFS op will truncate symlinks 3029 * if they would overflow the buffer. Is this kosher in NFSv4? If 3030 * not, one easy fix is: if ->readlink() precisely fills the buffer, 3031 * assume that truncation occurred, and return NFS4ERR_RESOURCE. 3032 */ 3033 nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp, page, &maxcount); 3034 if (nfserr == nfserr_isdir) 3035 return nfserr_inval; 3036 if (nfserr) 3037 return nfserr; 3038 3039 WRITE32(maxcount); 3040 ADJUST_ARGS(); 3041 resp->xbuf->head[0].iov_len = (char*)p 3042 - (char*)resp->xbuf->head[0].iov_base; 3043 resp->xbuf->page_len = maxcount; 3044 3045 /* Use rest of head for padding and remaining ops: */ 3046 resp->xbuf->tail[0].iov_base = p; 3047 resp->xbuf->tail[0].iov_len = 0; 3048 if (maxcount&3) { 3049 RESERVE_SPACE(4); 3050 WRITE32(0); 3051 resp->xbuf->tail[0].iov_base += maxcount&3; 3052 resp->xbuf->tail[0].iov_len = 4 - (maxcount&3); 3053 ADJUST_ARGS(); 3054 } 3055 return 0; 3056 } 3057 3058 static __be32 3059 nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readdir *readdir) 3060 { 3061 int maxcount; 3062 loff_t offset; 3063 __be32 *page, *savep, *tailbase; 3064 __be32 *p; 3065 3066 if (nfserr) 3067 return nfserr; 3068 if (resp->xbuf->page_len) 3069 return nfserr_resource; 3070 if (!*resp->rqstp->rq_next_page) 3071 return nfserr_resource; 3072 3073 RESERVE_SPACE(NFS4_VERIFIER_SIZE); 3074 savep = p; 3075 3076 /* XXX: Following NFSv3, we ignore the READDIR verifier for now. */ 3077 WRITE32(0); 3078 WRITE32(0); 3079 ADJUST_ARGS(); 3080 resp->xbuf->head[0].iov_len = ((char*)resp->p) - (char*)resp->xbuf->head[0].iov_base; 3081 tailbase = p; 3082 3083 maxcount = PAGE_SIZE; 3084 if (maxcount > readdir->rd_maxcount) 3085 maxcount = readdir->rd_maxcount; 3086 3087 /* 3088 * Convert from bytes to words, account for the two words already 3089 * written, make sure to leave two words at the end for the next 3090 * pointer and eof field. 3091 */ 3092 maxcount = (maxcount >> 2) - 4; 3093 if (maxcount < 0) { 3094 nfserr = nfserr_toosmall; 3095 goto err_no_verf; 3096 } 3097 3098 page = page_address(*(resp->rqstp->rq_next_page++)); 3099 readdir->common.err = 0; 3100 readdir->buflen = maxcount; 3101 readdir->buffer = page; 3102 readdir->offset = NULL; 3103 3104 offset = readdir->rd_cookie; 3105 nfserr = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp, 3106 &offset, 3107 &readdir->common, nfsd4_encode_dirent); 3108 if (nfserr == nfs_ok && 3109 readdir->common.err == nfserr_toosmall && 3110 readdir->buffer == page) 3111 nfserr = nfserr_toosmall; 3112 if (nfserr) 3113 goto err_no_verf; 3114 3115 if (readdir->offset) 3116 xdr_encode_hyper(readdir->offset, offset); 3117 3118 p = readdir->buffer; 3119 *p++ = 0; /* no more entries */ 3120 *p++ = htonl(readdir->common.err == nfserr_eof); 3121 resp->xbuf->page_len = ((char*)p) - 3122 (char*)page_address(*(resp->rqstp->rq_next_page-1)); 3123 3124 /* Use rest of head for padding and remaining ops: */ 3125 resp->xbuf->tail[0].iov_base = tailbase; 3126 resp->xbuf->tail[0].iov_len = 0; 3127 resp->p = resp->xbuf->tail[0].iov_base; 3128 resp->end = resp->p + (PAGE_SIZE - resp->xbuf->head[0].iov_len)/4; 3129 3130 return 0; 3131 err_no_verf: 3132 p = savep; 3133 ADJUST_ARGS(); 3134 return nfserr; 3135 } 3136 3137 static __be32 3138 nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_remove *remove) 3139 { 3140 __be32 *p; 3141 3142 if (!nfserr) { 3143 RESERVE_SPACE(20); 3144 write_cinfo(&p, &remove->rm_cinfo); 3145 ADJUST_ARGS(); 3146 } 3147 return nfserr; 3148 } 3149 3150 static __be32 3151 nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_rename *rename) 3152 { 3153 __be32 *p; 3154 3155 if (!nfserr) { 3156 RESERVE_SPACE(40); 3157 write_cinfo(&p, &rename->rn_sinfo); 3158 write_cinfo(&p, &rename->rn_tinfo); 3159 ADJUST_ARGS(); 3160 } 3161 return nfserr; 3162 } 3163 3164 static __be32 3165 nfsd4_do_encode_secinfo(struct nfsd4_compoundres *resp, 3166 __be32 nfserr, struct svc_export *exp) 3167 { 3168 u32 i, nflavs, supported; 3169 struct exp_flavor_info *flavs; 3170 struct exp_flavor_info def_flavs[2]; 3171 __be32 *p, *flavorsp; 3172 static bool report = true; 3173 3174 if (nfserr) 3175 goto out; 3176 if (exp->ex_nflavors) { 3177 flavs = exp->ex_flavors; 3178 nflavs = exp->ex_nflavors; 3179 } else { /* Handling of some defaults in absence of real secinfo: */ 3180 flavs = def_flavs; 3181 if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) { 3182 nflavs = 2; 3183 flavs[0].pseudoflavor = RPC_AUTH_UNIX; 3184 flavs[1].pseudoflavor = RPC_AUTH_NULL; 3185 } else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) { 3186 nflavs = 1; 3187 flavs[0].pseudoflavor 3188 = svcauth_gss_flavor(exp->ex_client); 3189 } else { 3190 nflavs = 1; 3191 flavs[0].pseudoflavor 3192 = exp->ex_client->flavour->flavour; 3193 } 3194 } 3195 3196 supported = 0; 3197 RESERVE_SPACE(4); 3198 flavorsp = p++; /* to be backfilled later */ 3199 ADJUST_ARGS(); 3200 3201 for (i = 0; i < nflavs; i++) { 3202 rpc_authflavor_t pf = flavs[i].pseudoflavor; 3203 struct rpcsec_gss_info info; 3204 3205 if (rpcauth_get_gssinfo(pf, &info) == 0) { 3206 supported++; 3207 RESERVE_SPACE(4 + 4 + XDR_LEN(info.oid.len) + 4 + 4); 3208 WRITE32(RPC_AUTH_GSS); 3209 WRITE32(info.oid.len); 3210 WRITEMEM(info.oid.data, info.oid.len); 3211 WRITE32(info.qop); 3212 WRITE32(info.service); 3213 ADJUST_ARGS(); 3214 } else if (pf < RPC_AUTH_MAXFLAVOR) { 3215 supported++; 3216 RESERVE_SPACE(4); 3217 WRITE32(pf); 3218 ADJUST_ARGS(); 3219 } else { 3220 if (report) 3221 pr_warn("NFS: SECINFO: security flavor %u " 3222 "is not supported\n", pf); 3223 } 3224 } 3225 3226 if (nflavs != supported) 3227 report = false; 3228 *flavorsp = htonl(supported); 3229 3230 out: 3231 if (exp) 3232 exp_put(exp); 3233 return nfserr; 3234 } 3235 3236 static __be32 3237 nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr, 3238 struct nfsd4_secinfo *secinfo) 3239 { 3240 return nfsd4_do_encode_secinfo(resp, nfserr, secinfo->si_exp); 3241 } 3242 3243 static __be32 3244 nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr, 3245 struct nfsd4_secinfo_no_name *secinfo) 3246 { 3247 return nfsd4_do_encode_secinfo(resp, nfserr, secinfo->sin_exp); 3248 } 3249 3250 /* 3251 * The SETATTR encode routine is special -- it always encodes a bitmap, 3252 * regardless of the error status. 3253 */ 3254 static __be32 3255 nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setattr *setattr) 3256 { 3257 __be32 *p; 3258 3259 RESERVE_SPACE(16); 3260 if (nfserr) { 3261 WRITE32(3); 3262 WRITE32(0); 3263 WRITE32(0); 3264 WRITE32(0); 3265 } 3266 else { 3267 WRITE32(3); 3268 WRITE32(setattr->sa_bmval[0]); 3269 WRITE32(setattr->sa_bmval[1]); 3270 WRITE32(setattr->sa_bmval[2]); 3271 } 3272 ADJUST_ARGS(); 3273 return nfserr; 3274 } 3275 3276 static __be32 3277 nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setclientid *scd) 3278 { 3279 __be32 *p; 3280 3281 if (!nfserr) { 3282 RESERVE_SPACE(8 + NFS4_VERIFIER_SIZE); 3283 WRITEMEM(&scd->se_clientid, 8); 3284 WRITEMEM(&scd->se_confirm, NFS4_VERIFIER_SIZE); 3285 ADJUST_ARGS(); 3286 } 3287 else if (nfserr == nfserr_clid_inuse) { 3288 RESERVE_SPACE(8); 3289 WRITE32(0); 3290 WRITE32(0); 3291 ADJUST_ARGS(); 3292 } 3293 return nfserr; 3294 } 3295 3296 static __be32 3297 nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_write *write) 3298 { 3299 __be32 *p; 3300 3301 if (!nfserr) { 3302 RESERVE_SPACE(16); 3303 WRITE32(write->wr_bytes_written); 3304 WRITE32(write->wr_how_written); 3305 WRITEMEM(write->wr_verifier.data, NFS4_VERIFIER_SIZE); 3306 ADJUST_ARGS(); 3307 } 3308 return nfserr; 3309 } 3310 3311 static const u32 nfs4_minimal_spo_must_enforce[2] = { 3312 [1] = 1 << (OP_BIND_CONN_TO_SESSION - 32) | 3313 1 << (OP_EXCHANGE_ID - 32) | 3314 1 << (OP_CREATE_SESSION - 32) | 3315 1 << (OP_DESTROY_SESSION - 32) | 3316 1 << (OP_DESTROY_CLIENTID - 32) 3317 }; 3318 3319 static __be32 3320 nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr, 3321 struct nfsd4_exchange_id *exid) 3322 { 3323 __be32 *p; 3324 char *major_id; 3325 char *server_scope; 3326 int major_id_sz; 3327 int server_scope_sz; 3328 uint64_t minor_id = 0; 3329 3330 if (nfserr) 3331 return nfserr; 3332 3333 major_id = utsname()->nodename; 3334 major_id_sz = strlen(major_id); 3335 server_scope = utsname()->nodename; 3336 server_scope_sz = strlen(server_scope); 3337 3338 RESERVE_SPACE( 3339 8 /* eir_clientid */ + 3340 4 /* eir_sequenceid */ + 3341 4 /* eir_flags */ + 3342 4 /* spr_how */); 3343 3344 WRITEMEM(&exid->clientid, 8); 3345 WRITE32(exid->seqid); 3346 WRITE32(exid->flags); 3347 3348 WRITE32(exid->spa_how); 3349 ADJUST_ARGS(); 3350 3351 switch (exid->spa_how) { 3352 case SP4_NONE: 3353 break; 3354 case SP4_MACH_CRED: 3355 /* spo_must_enforce, spo_must_allow */ 3356 RESERVE_SPACE(16); 3357 3358 /* spo_must_enforce bitmap: */ 3359 WRITE32(2); 3360 WRITE32(nfs4_minimal_spo_must_enforce[0]); 3361 WRITE32(nfs4_minimal_spo_must_enforce[1]); 3362 /* empty spo_must_allow bitmap: */ 3363 WRITE32(0); 3364 3365 ADJUST_ARGS(); 3366 break; 3367 default: 3368 WARN_ON_ONCE(1); 3369 } 3370 3371 RESERVE_SPACE( 3372 8 /* so_minor_id */ + 3373 4 /* so_major_id.len */ + 3374 (XDR_QUADLEN(major_id_sz) * 4) + 3375 4 /* eir_server_scope.len */ + 3376 (XDR_QUADLEN(server_scope_sz) * 4) + 3377 4 /* eir_server_impl_id.count (0) */); 3378 3379 /* The server_owner struct */ 3380 WRITE64(minor_id); /* Minor id */ 3381 /* major id */ 3382 WRITE32(major_id_sz); 3383 WRITEMEM(major_id, major_id_sz); 3384 3385 /* Server scope */ 3386 WRITE32(server_scope_sz); 3387 WRITEMEM(server_scope, server_scope_sz); 3388 3389 /* Implementation id */ 3390 WRITE32(0); /* zero length nfs_impl_id4 array */ 3391 ADJUST_ARGS(); 3392 return 0; 3393 } 3394 3395 static __be32 3396 nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr, 3397 struct nfsd4_create_session *sess) 3398 { 3399 __be32 *p; 3400 3401 if (nfserr) 3402 return nfserr; 3403 3404 RESERVE_SPACE(24); 3405 WRITEMEM(sess->sessionid.data, NFS4_MAX_SESSIONID_LEN); 3406 WRITE32(sess->seqid); 3407 WRITE32(sess->flags); 3408 ADJUST_ARGS(); 3409 3410 RESERVE_SPACE(28); 3411 WRITE32(0); /* headerpadsz */ 3412 WRITE32(sess->fore_channel.maxreq_sz); 3413 WRITE32(sess->fore_channel.maxresp_sz); 3414 WRITE32(sess->fore_channel.maxresp_cached); 3415 WRITE32(sess->fore_channel.maxops); 3416 WRITE32(sess->fore_channel.maxreqs); 3417 WRITE32(sess->fore_channel.nr_rdma_attrs); 3418 ADJUST_ARGS(); 3419 3420 if (sess->fore_channel.nr_rdma_attrs) { 3421 RESERVE_SPACE(4); 3422 WRITE32(sess->fore_channel.rdma_attrs); 3423 ADJUST_ARGS(); 3424 } 3425 3426 RESERVE_SPACE(28); 3427 WRITE32(0); /* headerpadsz */ 3428 WRITE32(sess->back_channel.maxreq_sz); 3429 WRITE32(sess->back_channel.maxresp_sz); 3430 WRITE32(sess->back_channel.maxresp_cached); 3431 WRITE32(sess->back_channel.maxops); 3432 WRITE32(sess->back_channel.maxreqs); 3433 WRITE32(sess->back_channel.nr_rdma_attrs); 3434 ADJUST_ARGS(); 3435 3436 if (sess->back_channel.nr_rdma_attrs) { 3437 RESERVE_SPACE(4); 3438 WRITE32(sess->back_channel.rdma_attrs); 3439 ADJUST_ARGS(); 3440 } 3441 return 0; 3442 } 3443 3444 static __be32 3445 nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr, 3446 struct nfsd4_sequence *seq) 3447 { 3448 __be32 *p; 3449 3450 if (nfserr) 3451 return nfserr; 3452 3453 RESERVE_SPACE(NFS4_MAX_SESSIONID_LEN + 20); 3454 WRITEMEM(seq->sessionid.data, NFS4_MAX_SESSIONID_LEN); 3455 WRITE32(seq->seqid); 3456 WRITE32(seq->slotid); 3457 /* Note slotid's are numbered from zero: */ 3458 WRITE32(seq->maxslots - 1); /* sr_highest_slotid */ 3459 WRITE32(seq->maxslots - 1); /* sr_target_highest_slotid */ 3460 WRITE32(seq->status_flags); 3461 3462 ADJUST_ARGS(); 3463 resp->cstate.datap = p; /* DRC cache data pointer */ 3464 return 0; 3465 } 3466 3467 static __be32 3468 nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr, 3469 struct nfsd4_test_stateid *test_stateid) 3470 { 3471 struct nfsd4_test_stateid_id *stateid, *next; 3472 __be32 *p; 3473 3474 RESERVE_SPACE(4 + (4 * test_stateid->ts_num_ids)); 3475 *p++ = htonl(test_stateid->ts_num_ids); 3476 3477 list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) { 3478 *p++ = stateid->ts_id_status; 3479 } 3480 3481 ADJUST_ARGS(); 3482 return nfserr; 3483 } 3484 3485 static __be32 3486 nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr, void *p) 3487 { 3488 return nfserr; 3489 } 3490 3491 typedef __be32(* nfsd4_enc)(struct nfsd4_compoundres *, __be32, void *); 3492 3493 /* 3494 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1 3495 * since we don't need to filter out obsolete ops as this is 3496 * done in the decoding phase. 3497 */ 3498 static nfsd4_enc nfsd4_enc_ops[] = { 3499 [OP_ACCESS] = (nfsd4_enc)nfsd4_encode_access, 3500 [OP_CLOSE] = (nfsd4_enc)nfsd4_encode_close, 3501 [OP_COMMIT] = (nfsd4_enc)nfsd4_encode_commit, 3502 [OP_CREATE] = (nfsd4_enc)nfsd4_encode_create, 3503 [OP_DELEGPURGE] = (nfsd4_enc)nfsd4_encode_noop, 3504 [OP_DELEGRETURN] = (nfsd4_enc)nfsd4_encode_noop, 3505 [OP_GETATTR] = (nfsd4_enc)nfsd4_encode_getattr, 3506 [OP_GETFH] = (nfsd4_enc)nfsd4_encode_getfh, 3507 [OP_LINK] = (nfsd4_enc)nfsd4_encode_link, 3508 [OP_LOCK] = (nfsd4_enc)nfsd4_encode_lock, 3509 [OP_LOCKT] = (nfsd4_enc)nfsd4_encode_lockt, 3510 [OP_LOCKU] = (nfsd4_enc)nfsd4_encode_locku, 3511 [OP_LOOKUP] = (nfsd4_enc)nfsd4_encode_noop, 3512 [OP_LOOKUPP] = (nfsd4_enc)nfsd4_encode_noop, 3513 [OP_NVERIFY] = (nfsd4_enc)nfsd4_encode_noop, 3514 [OP_OPEN] = (nfsd4_enc)nfsd4_encode_open, 3515 [OP_OPENATTR] = (nfsd4_enc)nfsd4_encode_noop, 3516 [OP_OPEN_CONFIRM] = (nfsd4_enc)nfsd4_encode_open_confirm, 3517 [OP_OPEN_DOWNGRADE] = (nfsd4_enc)nfsd4_encode_open_downgrade, 3518 [OP_PUTFH] = (nfsd4_enc)nfsd4_encode_noop, 3519 [OP_PUTPUBFH] = (nfsd4_enc)nfsd4_encode_noop, 3520 [OP_PUTROOTFH] = (nfsd4_enc)nfsd4_encode_noop, 3521 [OP_READ] = (nfsd4_enc)nfsd4_encode_read, 3522 [OP_READDIR] = (nfsd4_enc)nfsd4_encode_readdir, 3523 [OP_READLINK] = (nfsd4_enc)nfsd4_encode_readlink, 3524 [OP_REMOVE] = (nfsd4_enc)nfsd4_encode_remove, 3525 [OP_RENAME] = (nfsd4_enc)nfsd4_encode_rename, 3526 [OP_RENEW] = (nfsd4_enc)nfsd4_encode_noop, 3527 [OP_RESTOREFH] = (nfsd4_enc)nfsd4_encode_noop, 3528 [OP_SAVEFH] = (nfsd4_enc)nfsd4_encode_noop, 3529 [OP_SECINFO] = (nfsd4_enc)nfsd4_encode_secinfo, 3530 [OP_SETATTR] = (nfsd4_enc)nfsd4_encode_setattr, 3531 [OP_SETCLIENTID] = (nfsd4_enc)nfsd4_encode_setclientid, 3532 [OP_SETCLIENTID_CONFIRM] = (nfsd4_enc)nfsd4_encode_noop, 3533 [OP_VERIFY] = (nfsd4_enc)nfsd4_encode_noop, 3534 [OP_WRITE] = (nfsd4_enc)nfsd4_encode_write, 3535 [OP_RELEASE_LOCKOWNER] = (nfsd4_enc)nfsd4_encode_noop, 3536 3537 /* NFSv4.1 operations */ 3538 [OP_BACKCHANNEL_CTL] = (nfsd4_enc)nfsd4_encode_noop, 3539 [OP_BIND_CONN_TO_SESSION] = (nfsd4_enc)nfsd4_encode_bind_conn_to_session, 3540 [OP_EXCHANGE_ID] = (nfsd4_enc)nfsd4_encode_exchange_id, 3541 [OP_CREATE_SESSION] = (nfsd4_enc)nfsd4_encode_create_session, 3542 [OP_DESTROY_SESSION] = (nfsd4_enc)nfsd4_encode_noop, 3543 [OP_FREE_STATEID] = (nfsd4_enc)nfsd4_encode_noop, 3544 [OP_GET_DIR_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop, 3545 [OP_GETDEVICEINFO] = (nfsd4_enc)nfsd4_encode_noop, 3546 [OP_GETDEVICELIST] = (nfsd4_enc)nfsd4_encode_noop, 3547 [OP_LAYOUTCOMMIT] = (nfsd4_enc)nfsd4_encode_noop, 3548 [OP_LAYOUTGET] = (nfsd4_enc)nfsd4_encode_noop, 3549 [OP_LAYOUTRETURN] = (nfsd4_enc)nfsd4_encode_noop, 3550 [OP_SECINFO_NO_NAME] = (nfsd4_enc)nfsd4_encode_secinfo_no_name, 3551 [OP_SEQUENCE] = (nfsd4_enc)nfsd4_encode_sequence, 3552 [OP_SET_SSV] = (nfsd4_enc)nfsd4_encode_noop, 3553 [OP_TEST_STATEID] = (nfsd4_enc)nfsd4_encode_test_stateid, 3554 [OP_WANT_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop, 3555 [OP_DESTROY_CLIENTID] = (nfsd4_enc)nfsd4_encode_noop, 3556 [OP_RECLAIM_COMPLETE] = (nfsd4_enc)nfsd4_encode_noop, 3557 }; 3558 3559 /* 3560 * Calculate the total amount of memory that the compound response has taken 3561 * after encoding the current operation with pad. 3562 * 3563 * pad: if operation is non-idempotent, pad was calculate by op_rsize_bop() 3564 * which was specified at nfsd4_operation, else pad is zero. 3565 * 3566 * Compare this length to the session se_fmaxresp_sz and se_fmaxresp_cached. 3567 * 3568 * Our se_fmaxresp_cached will always be a multiple of PAGE_SIZE, and so 3569 * will be at least a page and will therefore hold the xdr_buf head. 3570 */ 3571 __be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 pad) 3572 { 3573 struct xdr_buf *xb = &resp->rqstp->rq_res; 3574 struct nfsd4_session *session = NULL; 3575 struct nfsd4_slot *slot = resp->cstate.slot; 3576 u32 length, tlen = 0; 3577 3578 if (!nfsd4_has_session(&resp->cstate)) 3579 return 0; 3580 3581 session = resp->cstate.session; 3582 if (session == NULL) 3583 return 0; 3584 3585 if (xb->page_len == 0) { 3586 length = (char *)resp->p - (char *)xb->head[0].iov_base + pad; 3587 } else { 3588 if (xb->tail[0].iov_base && xb->tail[0].iov_len > 0) 3589 tlen = (char *)resp->p - (char *)xb->tail[0].iov_base; 3590 3591 length = xb->head[0].iov_len + xb->page_len + tlen + pad; 3592 } 3593 dprintk("%s length %u, xb->page_len %u tlen %u pad %u\n", __func__, 3594 length, xb->page_len, tlen, pad); 3595 3596 if (length > session->se_fchannel.maxresp_sz) 3597 return nfserr_rep_too_big; 3598 3599 if ((slot->sl_flags & NFSD4_SLOT_CACHETHIS) && 3600 length > session->se_fchannel.maxresp_cached) 3601 return nfserr_rep_too_big_to_cache; 3602 3603 return 0; 3604 } 3605 3606 void 3607 nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op) 3608 { 3609 struct nfs4_stateowner *so = resp->cstate.replay_owner; 3610 __be32 *statp; 3611 __be32 *p; 3612 3613 RESERVE_SPACE(8); 3614 WRITE32(op->opnum); 3615 statp = p++; /* to be backfilled at the end */ 3616 ADJUST_ARGS(); 3617 3618 if (op->opnum == OP_ILLEGAL) 3619 goto status; 3620 BUG_ON(op->opnum < 0 || op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) || 3621 !nfsd4_enc_ops[op->opnum]); 3622 op->status = nfsd4_enc_ops[op->opnum](resp, op->status, &op->u); 3623 /* nfsd4_check_drc_limit guarantees enough room for error status */ 3624 if (!op->status) 3625 op->status = nfsd4_check_resp_size(resp, 0); 3626 if (so) { 3627 so->so_replay.rp_status = op->status; 3628 so->so_replay.rp_buflen = (char *)resp->p - (char *)(statp+1); 3629 memcpy(so->so_replay.rp_buf, statp+1, so->so_replay.rp_buflen); 3630 } 3631 status: 3632 /* 3633 * Note: We write the status directly, instead of using WRITE32(), 3634 * since it is already in network byte order. 3635 */ 3636 *statp = op->status; 3637 } 3638 3639 /* 3640 * Encode the reply stored in the stateowner reply cache 3641 * 3642 * XDR note: do not encode rp->rp_buflen: the buffer contains the 3643 * previously sent already encoded operation. 3644 * 3645 * called with nfs4_lock_state() held 3646 */ 3647 void 3648 nfsd4_encode_replay(struct nfsd4_compoundres *resp, struct nfsd4_op *op) 3649 { 3650 __be32 *p; 3651 struct nfs4_replay *rp = op->replay; 3652 3653 BUG_ON(!rp); 3654 3655 RESERVE_SPACE(8); 3656 WRITE32(op->opnum); 3657 *p++ = rp->rp_status; /* already xdr'ed */ 3658 ADJUST_ARGS(); 3659 3660 RESERVE_SPACE(rp->rp_buflen); 3661 WRITEMEM(rp->rp_buf, rp->rp_buflen); 3662 ADJUST_ARGS(); 3663 } 3664 3665 int 3666 nfs4svc_encode_voidres(struct svc_rqst *rqstp, __be32 *p, void *dummy) 3667 { 3668 return xdr_ressize_check(rqstp, p); 3669 } 3670 3671 int nfsd4_release_compoundargs(void *rq, __be32 *p, void *resp) 3672 { 3673 struct svc_rqst *rqstp = rq; 3674 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3675 3676 if (args->ops != args->iops) { 3677 kfree(args->ops); 3678 args->ops = args->iops; 3679 } 3680 kfree(args->tmpp); 3681 args->tmpp = NULL; 3682 while (args->to_free) { 3683 struct tmpbuf *tb = args->to_free; 3684 args->to_free = tb->next; 3685 tb->release(tb->buf); 3686 kfree(tb); 3687 } 3688 return 1; 3689 } 3690 3691 int 3692 nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, __be32 *p, struct nfsd4_compoundargs *args) 3693 { 3694 args->p = p; 3695 args->end = rqstp->rq_arg.head[0].iov_base + rqstp->rq_arg.head[0].iov_len; 3696 args->pagelist = rqstp->rq_arg.pages; 3697 args->pagelen = rqstp->rq_arg.page_len; 3698 args->tmpp = NULL; 3699 args->to_free = NULL; 3700 args->ops = args->iops; 3701 args->rqstp = rqstp; 3702 3703 return !nfsd4_decode_compound(args); 3704 } 3705 3706 int 3707 nfs4svc_encode_compoundres(struct svc_rqst *rqstp, __be32 *p, struct nfsd4_compoundres *resp) 3708 { 3709 /* 3710 * All that remains is to write the tag and operation count... 3711 */ 3712 struct nfsd4_compound_state *cs = &resp->cstate; 3713 struct kvec *iov; 3714 p = resp->tagp; 3715 *p++ = htonl(resp->taglen); 3716 memcpy(p, resp->tag, resp->taglen); 3717 p += XDR_QUADLEN(resp->taglen); 3718 *p++ = htonl(resp->opcnt); 3719 3720 if (rqstp->rq_res.page_len) 3721 iov = &rqstp->rq_res.tail[0]; 3722 else 3723 iov = &rqstp->rq_res.head[0]; 3724 iov->iov_len = ((char*)resp->p) - (char*)iov->iov_base; 3725 BUG_ON(iov->iov_len > PAGE_SIZE); 3726 if (nfsd4_has_session(cs)) { 3727 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3728 struct nfs4_client *clp = cs->session->se_client; 3729 if (cs->status != nfserr_replay_cache) { 3730 nfsd4_store_cache_entry(resp); 3731 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3732 } 3733 /* Renew the clientid on success and on replay */ 3734 spin_lock(&nn->client_lock); 3735 nfsd4_put_session(cs->session); 3736 spin_unlock(&nn->client_lock); 3737 put_client_renew(clp); 3738 } 3739 return 1; 3740 } 3741 3742 /* 3743 * Local variables: 3744 * c-basic-offset: 8 3745 * End: 3746 */ 3747