1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Central processing for nfsd. 4 * 5 * Authors: Olaf Kirch (okir@monad.swb.de) 6 * 7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de> 8 */ 9 10 #include <linux/sched/signal.h> 11 #include <linux/freezer.h> 12 #include <linux/module.h> 13 #include <linux/fs_struct.h> 14 #include <linux/swap.h> 15 16 #include <linux/sunrpc/stats.h> 17 #include <linux/sunrpc/svcsock.h> 18 #include <linux/sunrpc/svc_xprt.h> 19 #include <linux/lockd/bind.h> 20 #include <linux/nfsacl.h> 21 #include <linux/seq_file.h> 22 #include <linux/inetdevice.h> 23 #include <net/addrconf.h> 24 #include <net/ipv6.h> 25 #include <net/net_namespace.h> 26 #include "nfsd.h" 27 #include "cache.h" 28 #include "vfs.h" 29 #include "netns.h" 30 #include "filecache.h" 31 32 #include "trace.h" 33 34 #define NFSDDBG_FACILITY NFSDDBG_SVC 35 36 bool inter_copy_offload_enable; 37 EXPORT_SYMBOL_GPL(inter_copy_offload_enable); 38 module_param(inter_copy_offload_enable, bool, 0644); 39 MODULE_PARM_DESC(inter_copy_offload_enable, 40 "Enable inter server to server copy offload. Default: false"); 41 42 extern struct svc_program nfsd_program; 43 static int nfsd(void *vrqstp); 44 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 45 static int nfsd_acl_rpcbind_set(struct net *, 46 const struct svc_program *, 47 u32, int, 48 unsigned short, 49 unsigned short); 50 static __be32 nfsd_acl_init_request(struct svc_rqst *, 51 const struct svc_program *, 52 struct svc_process_info *); 53 #endif 54 static int nfsd_rpcbind_set(struct net *, 55 const struct svc_program *, 56 u32, int, 57 unsigned short, 58 unsigned short); 59 static __be32 nfsd_init_request(struct svc_rqst *, 60 const struct svc_program *, 61 struct svc_process_info *); 62 63 /* 64 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and the members 65 * of the svc_serv struct. In particular, ->sv_nrthreads but also to some 66 * extent ->sv_temp_socks and ->sv_permsocks. It also protects nfsdstats.th_cnt 67 * 68 * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a 69 * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0. That number 70 * of nfsd threads must exist and each must listed in ->sp_all_threads in each 71 * entry of ->sv_pools[]. 72 * 73 * Transitions of the thread count between zero and non-zero are of particular 74 * interest since the svc_serv needs to be created and initialized at that 75 * point, or freed. 76 * 77 * Finally, the nfsd_mutex also protects some of the global variables that are 78 * accessed when nfsd starts and that are settable via the write_* routines in 79 * nfsctl.c. In particular: 80 * 81 * user_recovery_dirname 82 * user_lease_time 83 * nfsd_versions 84 */ 85 DEFINE_MUTEX(nfsd_mutex); 86 87 /* 88 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used. 89 * nfsd_drc_max_pages limits the total amount of memory available for 90 * version 4.1 DRC caches. 91 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage. 92 */ 93 spinlock_t nfsd_drc_lock; 94 unsigned long nfsd_drc_max_mem; 95 unsigned long nfsd_drc_mem_used; 96 97 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 98 static struct svc_stat nfsd_acl_svcstats; 99 static const struct svc_version *nfsd_acl_version[] = { 100 [2] = &nfsd_acl_version2, 101 [3] = &nfsd_acl_version3, 102 }; 103 104 #define NFSD_ACL_MINVERS 2 105 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version) 106 107 static struct svc_program nfsd_acl_program = { 108 .pg_prog = NFS_ACL_PROGRAM, 109 .pg_nvers = NFSD_ACL_NRVERS, 110 .pg_vers = nfsd_acl_version, 111 .pg_name = "nfsacl", 112 .pg_class = "nfsd", 113 .pg_stats = &nfsd_acl_svcstats, 114 .pg_authenticate = &svc_set_client, 115 .pg_init_request = nfsd_acl_init_request, 116 .pg_rpcbind_set = nfsd_acl_rpcbind_set, 117 }; 118 119 static struct svc_stat nfsd_acl_svcstats = { 120 .program = &nfsd_acl_program, 121 }; 122 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ 123 124 static const struct svc_version *nfsd_version[] = { 125 [2] = &nfsd_version2, 126 #if defined(CONFIG_NFSD_V3) 127 [3] = &nfsd_version3, 128 #endif 129 #if defined(CONFIG_NFSD_V4) 130 [4] = &nfsd_version4, 131 #endif 132 }; 133 134 #define NFSD_MINVERS 2 135 #define NFSD_NRVERS ARRAY_SIZE(nfsd_version) 136 137 struct svc_program nfsd_program = { 138 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 139 .pg_next = &nfsd_acl_program, 140 #endif 141 .pg_prog = NFS_PROGRAM, /* program number */ 142 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */ 143 .pg_vers = nfsd_version, /* version table */ 144 .pg_name = "nfsd", /* program name */ 145 .pg_class = "nfsd", /* authentication class */ 146 .pg_stats = &nfsd_svcstats, /* version table */ 147 .pg_authenticate = &svc_set_client, /* export authentication */ 148 .pg_init_request = nfsd_init_request, 149 .pg_rpcbind_set = nfsd_rpcbind_set, 150 }; 151 152 static bool 153 nfsd_support_version(int vers) 154 { 155 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS) 156 return nfsd_version[vers] != NULL; 157 return false; 158 } 159 160 static bool * 161 nfsd_alloc_versions(void) 162 { 163 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL); 164 unsigned i; 165 166 if (vers) { 167 /* All compiled versions are enabled by default */ 168 for (i = 0; i < NFSD_NRVERS; i++) 169 vers[i] = nfsd_support_version(i); 170 } 171 return vers; 172 } 173 174 static bool * 175 nfsd_alloc_minorversions(void) 176 { 177 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1, 178 sizeof(bool), GFP_KERNEL); 179 unsigned i; 180 181 if (vers) { 182 /* All minor versions are enabled by default */ 183 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) 184 vers[i] = nfsd_support_version(4); 185 } 186 return vers; 187 } 188 189 void 190 nfsd_netns_free_versions(struct nfsd_net *nn) 191 { 192 kfree(nn->nfsd_versions); 193 kfree(nn->nfsd4_minorversions); 194 nn->nfsd_versions = NULL; 195 nn->nfsd4_minorversions = NULL; 196 } 197 198 static void 199 nfsd_netns_init_versions(struct nfsd_net *nn) 200 { 201 if (!nn->nfsd_versions) { 202 nn->nfsd_versions = nfsd_alloc_versions(); 203 nn->nfsd4_minorversions = nfsd_alloc_minorversions(); 204 if (!nn->nfsd_versions || !nn->nfsd4_minorversions) 205 nfsd_netns_free_versions(nn); 206 } 207 } 208 209 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change) 210 { 211 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS) 212 return 0; 213 switch(change) { 214 case NFSD_SET: 215 if (nn->nfsd_versions) 216 nn->nfsd_versions[vers] = nfsd_support_version(vers); 217 break; 218 case NFSD_CLEAR: 219 nfsd_netns_init_versions(nn); 220 if (nn->nfsd_versions) 221 nn->nfsd_versions[vers] = false; 222 break; 223 case NFSD_TEST: 224 if (nn->nfsd_versions) 225 return nn->nfsd_versions[vers]; 226 fallthrough; 227 case NFSD_AVAIL: 228 return nfsd_support_version(vers); 229 } 230 return 0; 231 } 232 233 static void 234 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn) 235 { 236 unsigned i; 237 238 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) { 239 if (nn->nfsd4_minorversions[i]) 240 return; 241 } 242 nfsd_vers(nn, 4, NFSD_CLEAR); 243 } 244 245 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change) 246 { 247 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION && 248 change != NFSD_AVAIL) 249 return -1; 250 251 switch(change) { 252 case NFSD_SET: 253 if (nn->nfsd4_minorversions) { 254 nfsd_vers(nn, 4, NFSD_SET); 255 nn->nfsd4_minorversions[minorversion] = 256 nfsd_vers(nn, 4, NFSD_TEST); 257 } 258 break; 259 case NFSD_CLEAR: 260 nfsd_netns_init_versions(nn); 261 if (nn->nfsd4_minorversions) { 262 nn->nfsd4_minorversions[minorversion] = false; 263 nfsd_adjust_nfsd_versions4(nn); 264 } 265 break; 266 case NFSD_TEST: 267 if (nn->nfsd4_minorversions) 268 return nn->nfsd4_minorversions[minorversion]; 269 return nfsd_vers(nn, 4, NFSD_TEST); 270 case NFSD_AVAIL: 271 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION && 272 nfsd_vers(nn, 4, NFSD_AVAIL); 273 } 274 return 0; 275 } 276 277 /* 278 * Maximum number of nfsd processes 279 */ 280 #define NFSD_MAXSERVS 8192 281 282 int nfsd_nrthreads(struct net *net) 283 { 284 int rv = 0; 285 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 286 287 mutex_lock(&nfsd_mutex); 288 if (nn->nfsd_serv) 289 rv = nn->nfsd_serv->sv_nrthreads; 290 mutex_unlock(&nfsd_mutex); 291 return rv; 292 } 293 294 static int nfsd_init_socks(struct net *net, const struct cred *cred) 295 { 296 int error; 297 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 298 299 if (!list_empty(&nn->nfsd_serv->sv_permsocks)) 300 return 0; 301 302 error = svc_create_xprt(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT, 303 SVC_SOCK_DEFAULTS, cred); 304 if (error < 0) 305 return error; 306 307 error = svc_create_xprt(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT, 308 SVC_SOCK_DEFAULTS, cred); 309 if (error < 0) 310 return error; 311 312 return 0; 313 } 314 315 static int nfsd_users = 0; 316 317 static int nfsd_startup_generic(int nrservs) 318 { 319 int ret; 320 321 if (nfsd_users++) 322 return 0; 323 324 ret = nfsd_file_cache_init(); 325 if (ret) 326 goto dec_users; 327 328 ret = nfs4_state_start(); 329 if (ret) 330 goto out_file_cache; 331 return 0; 332 333 out_file_cache: 334 nfsd_file_cache_shutdown(); 335 dec_users: 336 nfsd_users--; 337 return ret; 338 } 339 340 static void nfsd_shutdown_generic(void) 341 { 342 if (--nfsd_users) 343 return; 344 345 nfs4_state_shutdown(); 346 nfsd_file_cache_shutdown(); 347 } 348 349 static bool nfsd_needs_lockd(struct nfsd_net *nn) 350 { 351 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST); 352 } 353 354 void nfsd_copy_boot_verifier(__be32 verf[2], struct nfsd_net *nn) 355 { 356 int seq = 0; 357 358 do { 359 read_seqbegin_or_lock(&nn->boot_lock, &seq); 360 /* 361 * This is opaque to client, so no need to byte-swap. Use 362 * __force to keep sparse happy. y2038 time_t overflow is 363 * irrelevant in this usage 364 */ 365 verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec; 366 verf[1] = (__force __be32)nn->nfssvc_boot.tv_nsec; 367 } while (need_seqretry(&nn->boot_lock, seq)); 368 done_seqretry(&nn->boot_lock, seq); 369 } 370 371 static void nfsd_reset_boot_verifier_locked(struct nfsd_net *nn) 372 { 373 ktime_get_real_ts64(&nn->nfssvc_boot); 374 } 375 376 void nfsd_reset_boot_verifier(struct nfsd_net *nn) 377 { 378 write_seqlock(&nn->boot_lock); 379 nfsd_reset_boot_verifier_locked(nn); 380 write_sequnlock(&nn->boot_lock); 381 } 382 383 static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cred) 384 { 385 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 386 int ret; 387 388 if (nn->nfsd_net_up) 389 return 0; 390 391 ret = nfsd_startup_generic(nrservs); 392 if (ret) 393 return ret; 394 ret = nfsd_init_socks(net, cred); 395 if (ret) 396 goto out_socks; 397 398 if (nfsd_needs_lockd(nn) && !nn->lockd_up) { 399 ret = lockd_up(net, cred); 400 if (ret) 401 goto out_socks; 402 nn->lockd_up = true; 403 } 404 405 ret = nfsd_file_cache_start_net(net); 406 if (ret) 407 goto out_lockd; 408 ret = nfs4_state_start_net(net); 409 if (ret) 410 goto out_filecache; 411 412 nn->nfsd_net_up = true; 413 return 0; 414 415 out_filecache: 416 nfsd_file_cache_shutdown_net(net); 417 out_lockd: 418 if (nn->lockd_up) { 419 lockd_down(net); 420 nn->lockd_up = false; 421 } 422 out_socks: 423 nfsd_shutdown_generic(); 424 return ret; 425 } 426 427 static void nfsd_shutdown_net(struct net *net) 428 { 429 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 430 431 nfsd_file_cache_shutdown_net(net); 432 nfs4_state_shutdown_net(net); 433 if (nn->lockd_up) { 434 lockd_down(net); 435 nn->lockd_up = false; 436 } 437 nn->nfsd_net_up = false; 438 nfsd_shutdown_generic(); 439 } 440 441 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event, 442 void *ptr) 443 { 444 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 445 struct net_device *dev = ifa->ifa_dev->dev; 446 struct net *net = dev_net(dev); 447 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 448 struct sockaddr_in sin; 449 450 if ((event != NETDEV_DOWN) || 451 !atomic_inc_not_zero(&nn->ntf_refcnt)) 452 goto out; 453 454 if (nn->nfsd_serv) { 455 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local); 456 sin.sin_family = AF_INET; 457 sin.sin_addr.s_addr = ifa->ifa_local; 458 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin); 459 } 460 atomic_dec(&nn->ntf_refcnt); 461 wake_up(&nn->ntf_wq); 462 463 out: 464 return NOTIFY_DONE; 465 } 466 467 static struct notifier_block nfsd_inetaddr_notifier = { 468 .notifier_call = nfsd_inetaddr_event, 469 }; 470 471 #if IS_ENABLED(CONFIG_IPV6) 472 static int nfsd_inet6addr_event(struct notifier_block *this, 473 unsigned long event, void *ptr) 474 { 475 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; 476 struct net_device *dev = ifa->idev->dev; 477 struct net *net = dev_net(dev); 478 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 479 struct sockaddr_in6 sin6; 480 481 if ((event != NETDEV_DOWN) || 482 !atomic_inc_not_zero(&nn->ntf_refcnt)) 483 goto out; 484 485 if (nn->nfsd_serv) { 486 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr); 487 sin6.sin6_family = AF_INET6; 488 sin6.sin6_addr = ifa->addr; 489 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL) 490 sin6.sin6_scope_id = ifa->idev->dev->ifindex; 491 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6); 492 } 493 atomic_dec(&nn->ntf_refcnt); 494 wake_up(&nn->ntf_wq); 495 out: 496 return NOTIFY_DONE; 497 } 498 499 static struct notifier_block nfsd_inet6addr_notifier = { 500 .notifier_call = nfsd_inet6addr_event, 501 }; 502 #endif 503 504 /* Only used under nfsd_mutex, so this atomic may be overkill: */ 505 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0); 506 507 static void nfsd_last_thread(struct svc_serv *serv, struct net *net) 508 { 509 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 510 511 atomic_dec(&nn->ntf_refcnt); 512 /* check if the notifier still has clients */ 513 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) { 514 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier); 515 #if IS_ENABLED(CONFIG_IPV6) 516 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier); 517 #endif 518 } 519 wait_event(nn->ntf_wq, atomic_read(&nn->ntf_refcnt) == 0); 520 521 /* 522 * write_ports can create the server without actually starting 523 * any threads--if we get shut down before any threads are 524 * started, then nfsd_last_thread will be run before any of this 525 * other initialization has been done except the rpcb information. 526 */ 527 svc_rpcb_cleanup(serv, net); 528 if (!nn->nfsd_net_up) 529 return; 530 531 nfsd_shutdown_net(net); 532 pr_info("nfsd: last server has exited, flushing export cache\n"); 533 nfsd_export_flush(net); 534 } 535 536 void nfsd_reset_versions(struct nfsd_net *nn) 537 { 538 int i; 539 540 for (i = 0; i < NFSD_NRVERS; i++) 541 if (nfsd_vers(nn, i, NFSD_TEST)) 542 return; 543 544 for (i = 0; i < NFSD_NRVERS; i++) 545 if (i != 4) 546 nfsd_vers(nn, i, NFSD_SET); 547 else { 548 int minor = 0; 549 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0) 550 minor++; 551 } 552 } 553 554 /* 555 * Each session guarantees a negotiated per slot memory cache for replies 556 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated 557 * NFSv4.1 server might want to use more memory for a DRC than a machine 558 * with mutiple services. 559 * 560 * Impose a hard limit on the number of pages for the DRC which varies 561 * according to the machines free pages. This is of course only a default. 562 * 563 * For now this is a #defined shift which could be under admin control 564 * in the future. 565 */ 566 static void set_max_drc(void) 567 { 568 #define NFSD_DRC_SIZE_SHIFT 7 569 nfsd_drc_max_mem = (nr_free_buffer_pages() 570 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE; 571 nfsd_drc_mem_used = 0; 572 spin_lock_init(&nfsd_drc_lock); 573 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem); 574 } 575 576 static int nfsd_get_default_max_blksize(void) 577 { 578 struct sysinfo i; 579 unsigned long long target; 580 unsigned long ret; 581 582 si_meminfo(&i); 583 target = (i.totalram - i.totalhigh) << PAGE_SHIFT; 584 /* 585 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig 586 * machines, but only uses 32K on 128M machines. Bottom out at 587 * 8K on 32M and smaller. Of course, this is only a default. 588 */ 589 target >>= 12; 590 591 ret = NFSSVC_MAXBLKSIZE; 592 while (ret > target && ret >= 8*1024*2) 593 ret /= 2; 594 return ret; 595 } 596 597 static const struct svc_serv_ops nfsd_thread_sv_ops = { 598 .svo_shutdown = nfsd_last_thread, 599 .svo_function = nfsd, 600 .svo_enqueue_xprt = svc_xprt_do_enqueue, 601 .svo_setup = svc_set_num_threads, 602 .svo_module = THIS_MODULE, 603 }; 604 605 bool i_am_nfsd(void) 606 { 607 return kthread_func(current) == nfsd; 608 } 609 610 int nfsd_create_serv(struct net *net) 611 { 612 int error; 613 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 614 615 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 616 if (nn->nfsd_serv) { 617 svc_get(nn->nfsd_serv); 618 return 0; 619 } 620 if (nfsd_max_blksize == 0) 621 nfsd_max_blksize = nfsd_get_default_max_blksize(); 622 nfsd_reset_versions(nn); 623 nn->nfsd_serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize, 624 &nfsd_thread_sv_ops); 625 if (nn->nfsd_serv == NULL) 626 return -ENOMEM; 627 628 nn->nfsd_serv->sv_maxconn = nn->max_connections; 629 error = svc_bind(nn->nfsd_serv, net); 630 if (error < 0) { 631 svc_destroy(nn->nfsd_serv); 632 return error; 633 } 634 635 set_max_drc(); 636 /* check if the notifier is already set */ 637 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) { 638 register_inetaddr_notifier(&nfsd_inetaddr_notifier); 639 #if IS_ENABLED(CONFIG_IPV6) 640 register_inet6addr_notifier(&nfsd_inet6addr_notifier); 641 #endif 642 } 643 atomic_inc(&nn->ntf_refcnt); 644 nfsd_reset_boot_verifier(nn); 645 return 0; 646 } 647 648 int nfsd_nrpools(struct net *net) 649 { 650 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 651 652 if (nn->nfsd_serv == NULL) 653 return 0; 654 else 655 return nn->nfsd_serv->sv_nrpools; 656 } 657 658 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net) 659 { 660 int i = 0; 661 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 662 663 if (nn->nfsd_serv != NULL) { 664 for (i = 0; i < nn->nfsd_serv->sv_nrpools && i < n; i++) 665 nthreads[i] = nn->nfsd_serv->sv_pools[i].sp_nrthreads; 666 } 667 668 return 0; 669 } 670 671 void nfsd_destroy(struct net *net) 672 { 673 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 674 int destroy = (nn->nfsd_serv->sv_nrthreads == 1); 675 676 if (destroy) 677 svc_shutdown_net(nn->nfsd_serv, net); 678 svc_destroy(nn->nfsd_serv); 679 if (destroy) 680 nn->nfsd_serv = NULL; 681 } 682 683 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net) 684 { 685 int i = 0; 686 int tot = 0; 687 int err = 0; 688 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 689 690 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 691 692 if (nn->nfsd_serv == NULL || n <= 0) 693 return 0; 694 695 if (n > nn->nfsd_serv->sv_nrpools) 696 n = nn->nfsd_serv->sv_nrpools; 697 698 /* enforce a global maximum number of threads */ 699 tot = 0; 700 for (i = 0; i < n; i++) { 701 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); 702 tot += nthreads[i]; 703 } 704 if (tot > NFSD_MAXSERVS) { 705 /* total too large: scale down requested numbers */ 706 for (i = 0; i < n && tot > 0; i++) { 707 int new = nthreads[i] * NFSD_MAXSERVS / tot; 708 tot -= (nthreads[i] - new); 709 nthreads[i] = new; 710 } 711 for (i = 0; i < n && tot > 0; i++) { 712 nthreads[i]--; 713 tot--; 714 } 715 } 716 717 /* 718 * There must always be a thread in pool 0; the admin 719 * can't shut down NFS completely using pool_threads. 720 */ 721 if (nthreads[0] == 0) 722 nthreads[0] = 1; 723 724 /* apply the new numbers */ 725 svc_get(nn->nfsd_serv); 726 for (i = 0; i < n; i++) { 727 err = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv, 728 &nn->nfsd_serv->sv_pools[i], nthreads[i]); 729 if (err) 730 break; 731 } 732 nfsd_destroy(net); 733 return err; 734 } 735 736 /* 737 * Adjust the number of threads and return the new number of threads. 738 * This is also the function that starts the server if necessary, if 739 * this is the first time nrservs is nonzero. 740 */ 741 int 742 nfsd_svc(int nrservs, struct net *net, const struct cred *cred) 743 { 744 int error; 745 bool nfsd_up_before; 746 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 747 748 mutex_lock(&nfsd_mutex); 749 dprintk("nfsd: creating service\n"); 750 751 nrservs = max(nrservs, 0); 752 nrservs = min(nrservs, NFSD_MAXSERVS); 753 error = 0; 754 755 if (nrservs == 0 && nn->nfsd_serv == NULL) 756 goto out; 757 758 strlcpy(nn->nfsd_name, utsname()->nodename, 759 sizeof(nn->nfsd_name)); 760 761 error = nfsd_create_serv(net); 762 if (error) 763 goto out; 764 765 nfsd_up_before = nn->nfsd_net_up; 766 767 error = nfsd_startup_net(nrservs, net, cred); 768 if (error) 769 goto out_destroy; 770 error = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv, 771 NULL, nrservs); 772 if (error) 773 goto out_shutdown; 774 /* We are holding a reference to nn->nfsd_serv which 775 * we don't want to count in the return value, 776 * so subtract 1 777 */ 778 error = nn->nfsd_serv->sv_nrthreads - 1; 779 out_shutdown: 780 if (error < 0 && !nfsd_up_before) 781 nfsd_shutdown_net(net); 782 out_destroy: 783 nfsd_destroy(net); /* Release server */ 784 out: 785 mutex_unlock(&nfsd_mutex); 786 return error; 787 } 788 789 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 790 static bool 791 nfsd_support_acl_version(int vers) 792 { 793 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS) 794 return nfsd_acl_version[vers] != NULL; 795 return false; 796 } 797 798 static int 799 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp, 800 u32 version, int family, unsigned short proto, 801 unsigned short port) 802 { 803 if (!nfsd_support_acl_version(version) || 804 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 805 return 0; 806 return svc_generic_rpcbind_set(net, progp, version, family, 807 proto, port); 808 } 809 810 static __be32 811 nfsd_acl_init_request(struct svc_rqst *rqstp, 812 const struct svc_program *progp, 813 struct svc_process_info *ret) 814 { 815 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 816 int i; 817 818 if (likely(nfsd_support_acl_version(rqstp->rq_vers) && 819 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 820 return svc_generic_init_request(rqstp, progp, ret); 821 822 ret->mismatch.lovers = NFSD_ACL_NRVERS; 823 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) { 824 if (nfsd_support_acl_version(rqstp->rq_vers) && 825 nfsd_vers(nn, i, NFSD_TEST)) { 826 ret->mismatch.lovers = i; 827 break; 828 } 829 } 830 if (ret->mismatch.lovers == NFSD_ACL_NRVERS) 831 return rpc_prog_unavail; 832 ret->mismatch.hivers = NFSD_ACL_MINVERS; 833 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) { 834 if (nfsd_support_acl_version(rqstp->rq_vers) && 835 nfsd_vers(nn, i, NFSD_TEST)) { 836 ret->mismatch.hivers = i; 837 break; 838 } 839 } 840 return rpc_prog_mismatch; 841 } 842 #endif 843 844 static int 845 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp, 846 u32 version, int family, unsigned short proto, 847 unsigned short port) 848 { 849 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 850 return 0; 851 return svc_generic_rpcbind_set(net, progp, version, family, 852 proto, port); 853 } 854 855 static __be32 856 nfsd_init_request(struct svc_rqst *rqstp, 857 const struct svc_program *progp, 858 struct svc_process_info *ret) 859 { 860 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 861 int i; 862 863 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 864 return svc_generic_init_request(rqstp, progp, ret); 865 866 ret->mismatch.lovers = NFSD_NRVERS; 867 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) { 868 if (nfsd_vers(nn, i, NFSD_TEST)) { 869 ret->mismatch.lovers = i; 870 break; 871 } 872 } 873 if (ret->mismatch.lovers == NFSD_NRVERS) 874 return rpc_prog_unavail; 875 ret->mismatch.hivers = NFSD_MINVERS; 876 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) { 877 if (nfsd_vers(nn, i, NFSD_TEST)) { 878 ret->mismatch.hivers = i; 879 break; 880 } 881 } 882 return rpc_prog_mismatch; 883 } 884 885 /* 886 * This is the NFS server kernel thread 887 */ 888 static int 889 nfsd(void *vrqstp) 890 { 891 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; 892 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); 893 struct net *net = perm_sock->xpt_net; 894 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 895 int err; 896 897 /* Lock module and set up kernel thread */ 898 mutex_lock(&nfsd_mutex); 899 900 /* At this point, the thread shares current->fs 901 * with the init process. We need to create files with the 902 * umask as defined by the client instead of init's umask. */ 903 if (unshare_fs_struct() < 0) { 904 printk("Unable to start nfsd thread: out of memory\n"); 905 goto out; 906 } 907 908 current->fs->umask = 0; 909 910 /* 911 * thread is spawned with all signals set to SIG_IGN, re-enable 912 * the ones that will bring down the thread 913 */ 914 allow_signal(SIGKILL); 915 allow_signal(SIGHUP); 916 allow_signal(SIGINT); 917 allow_signal(SIGQUIT); 918 919 nfsdstats.th_cnt++; 920 mutex_unlock(&nfsd_mutex); 921 922 set_freezable(); 923 924 /* 925 * The main request loop 926 */ 927 for (;;) { 928 /* Update sv_maxconn if it has changed */ 929 rqstp->rq_server->sv_maxconn = nn->max_connections; 930 931 /* 932 * Find a socket with data available and call its 933 * recvfrom routine. 934 */ 935 while ((err = svc_recv(rqstp, 60*60*HZ)) == -EAGAIN) 936 ; 937 if (err == -EINTR) 938 break; 939 validate_process_creds(); 940 svc_process(rqstp); 941 validate_process_creds(); 942 } 943 944 /* Clear signals before calling svc_exit_thread() */ 945 flush_signals(current); 946 947 mutex_lock(&nfsd_mutex); 948 nfsdstats.th_cnt --; 949 950 out: 951 rqstp->rq_server = NULL; 952 953 /* Release the thread */ 954 svc_exit_thread(rqstp); 955 956 nfsd_destroy(net); 957 958 /* Release module */ 959 mutex_unlock(&nfsd_mutex); 960 module_put_and_exit(0); 961 return 0; 962 } 963 964 /* 965 * A write procedure can have a large argument, and a read procedure can 966 * have a large reply, but no NFSv2 or NFSv3 procedure has argument and 967 * reply that can both be larger than a page. The xdr code has taken 968 * advantage of this assumption to be a sloppy about bounds checking in 969 * some cases. Pending a rewrite of the NFSv2/v3 xdr code to fix that 970 * problem, we enforce these assumptions here: 971 */ 972 static bool nfs_request_too_big(struct svc_rqst *rqstp, 973 const struct svc_procedure *proc) 974 { 975 /* 976 * The ACL code has more careful bounds-checking and is not 977 * susceptible to this problem: 978 */ 979 if (rqstp->rq_prog != NFS_PROGRAM) 980 return false; 981 /* 982 * Ditto NFSv4 (which can in theory have argument and reply both 983 * more than a page): 984 */ 985 if (rqstp->rq_vers >= 4) 986 return false; 987 /* The reply will be small, we're OK: */ 988 if (proc->pc_xdrressize > 0 && 989 proc->pc_xdrressize < XDR_QUADLEN(PAGE_SIZE)) 990 return false; 991 992 return rqstp->rq_arg.len > PAGE_SIZE; 993 } 994 995 /** 996 * nfsd_dispatch - Process an NFS or NFSACL Request 997 * @rqstp: incoming request 998 * @statp: pointer to location of accept_stat field in RPC Reply buffer 999 * 1000 * This RPC dispatcher integrates the NFS server's duplicate reply cache. 1001 * 1002 * Return values: 1003 * %0: Processing complete; do not send a Reply 1004 * %1: Processing complete; send Reply in rqstp->rq_res 1005 */ 1006 int nfsd_dispatch(struct svc_rqst *rqstp, __be32 *statp) 1007 { 1008 const struct svc_procedure *proc = rqstp->rq_procinfo; 1009 struct kvec *argv = &rqstp->rq_arg.head[0]; 1010 struct kvec *resv = &rqstp->rq_res.head[0]; 1011 __be32 *p; 1012 1013 if (nfs_request_too_big(rqstp, proc)) 1014 goto out_decode_err; 1015 1016 /* 1017 * Give the xdr decoder a chance to change this if it wants 1018 * (necessary in the NFSv4.0 compound case) 1019 */ 1020 rqstp->rq_cachetype = proc->pc_cachetype; 1021 1022 svcxdr_init_decode(rqstp); 1023 if (!proc->pc_decode(rqstp, argv->iov_base)) 1024 goto out_decode_err; 1025 1026 switch (nfsd_cache_lookup(rqstp)) { 1027 case RC_DOIT: 1028 break; 1029 case RC_REPLY: 1030 goto out_cached_reply; 1031 case RC_DROPIT: 1032 goto out_dropit; 1033 } 1034 1035 /* 1036 * Need to grab the location to store the status, as 1037 * NFSv4 does some encoding while processing 1038 */ 1039 p = resv->iov_base + resv->iov_len; 1040 resv->iov_len += sizeof(__be32); 1041 1042 *statp = proc->pc_func(rqstp); 1043 if (*statp == rpc_drop_reply || test_bit(RQ_DROPME, &rqstp->rq_flags)) 1044 goto out_update_drop; 1045 1046 if (!proc->pc_encode(rqstp, p)) 1047 goto out_encode_err; 1048 1049 nfsd_cache_update(rqstp, rqstp->rq_cachetype, statp + 1); 1050 out_cached_reply: 1051 return 1; 1052 1053 out_decode_err: 1054 trace_nfsd_garbage_args_err(rqstp); 1055 *statp = rpc_garbage_args; 1056 return 1; 1057 1058 out_update_drop: 1059 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1060 out_dropit: 1061 return 0; 1062 1063 out_encode_err: 1064 trace_nfsd_cant_encode_err(rqstp); 1065 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1066 *statp = rpc_system_err; 1067 return 1; 1068 } 1069 1070 /** 1071 * nfssvc_decode_voidarg - Decode void arguments 1072 * @rqstp: Server RPC transaction context 1073 * @p: buffer containing arguments to decode 1074 * 1075 * Return values: 1076 * %0: Arguments were not valid 1077 * %1: Decoding was successful 1078 */ 1079 int nfssvc_decode_voidarg(struct svc_rqst *rqstp, __be32 *p) 1080 { 1081 return 1; 1082 } 1083 1084 /** 1085 * nfssvc_encode_voidres - Encode void results 1086 * @rqstp: Server RPC transaction context 1087 * @p: buffer in which to encode results 1088 * 1089 * Return values: 1090 * %0: Local error while encoding 1091 * %1: Encoding was successful 1092 */ 1093 int nfssvc_encode_voidres(struct svc_rqst *rqstp, __be32 *p) 1094 { 1095 return xdr_ressize_check(rqstp, p); 1096 } 1097 1098 int nfsd_pool_stats_open(struct inode *inode, struct file *file) 1099 { 1100 int ret; 1101 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id); 1102 1103 mutex_lock(&nfsd_mutex); 1104 if (nn->nfsd_serv == NULL) { 1105 mutex_unlock(&nfsd_mutex); 1106 return -ENODEV; 1107 } 1108 /* bump up the psudo refcount while traversing */ 1109 svc_get(nn->nfsd_serv); 1110 ret = svc_pool_stats_open(nn->nfsd_serv, file); 1111 mutex_unlock(&nfsd_mutex); 1112 return ret; 1113 } 1114 1115 int nfsd_pool_stats_release(struct inode *inode, struct file *file) 1116 { 1117 int ret = seq_release(inode, file); 1118 struct net *net = inode->i_sb->s_fs_info; 1119 1120 mutex_lock(&nfsd_mutex); 1121 /* this function really, really should have been called svc_put() */ 1122 nfsd_destroy(net); 1123 mutex_unlock(&nfsd_mutex); 1124 return ret; 1125 } 1126