1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Central processing for nfsd. 4 * 5 * Authors: Olaf Kirch (okir@monad.swb.de) 6 * 7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de> 8 */ 9 10 #include <linux/sched/signal.h> 11 #include <linux/freezer.h> 12 #include <linux/module.h> 13 #include <linux/fs_struct.h> 14 #include <linux/swap.h> 15 #include <linux/siphash.h> 16 17 #include <linux/sunrpc/stats.h> 18 #include <linux/sunrpc/svcsock.h> 19 #include <linux/sunrpc/svc_xprt.h> 20 #include <linux/lockd/bind.h> 21 #include <linux/nfsacl.h> 22 #include <linux/seq_file.h> 23 #include <linux/inetdevice.h> 24 #include <net/addrconf.h> 25 #include <net/ipv6.h> 26 #include <net/net_namespace.h> 27 #include "nfsd.h" 28 #include "cache.h" 29 #include "vfs.h" 30 #include "netns.h" 31 #include "filecache.h" 32 33 #include "trace.h" 34 35 #define NFSDDBG_FACILITY NFSDDBG_SVC 36 37 extern struct svc_program nfsd_program; 38 static int nfsd(void *vrqstp); 39 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 40 static int nfsd_acl_rpcbind_set(struct net *, 41 const struct svc_program *, 42 u32, int, 43 unsigned short, 44 unsigned short); 45 static __be32 nfsd_acl_init_request(struct svc_rqst *, 46 const struct svc_program *, 47 struct svc_process_info *); 48 #endif 49 static int nfsd_rpcbind_set(struct net *, 50 const struct svc_program *, 51 u32, int, 52 unsigned short, 53 unsigned short); 54 static __be32 nfsd_init_request(struct svc_rqst *, 55 const struct svc_program *, 56 struct svc_process_info *); 57 58 /* 59 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and some members 60 * of the svc_serv struct such as ->sv_temp_socks and ->sv_permsocks. 61 * 62 * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a 63 * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0 (unless 64 * nn->keep_active is set). That number of nfsd threads must 65 * exist and each must be listed in ->sp_all_threads in some entry of 66 * ->sv_pools[]. 67 * 68 * Each active thread holds a counted reference on nn->nfsd_serv, as does 69 * the nn->keep_active flag and various transient calls to svc_get(). 70 * 71 * Finally, the nfsd_mutex also protects some of the global variables that are 72 * accessed when nfsd starts and that are settable via the write_* routines in 73 * nfsctl.c. In particular: 74 * 75 * user_recovery_dirname 76 * user_lease_time 77 * nfsd_versions 78 */ 79 DEFINE_MUTEX(nfsd_mutex); 80 81 /* 82 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used. 83 * nfsd_drc_max_pages limits the total amount of memory available for 84 * version 4.1 DRC caches. 85 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage. 86 */ 87 DEFINE_SPINLOCK(nfsd_drc_lock); 88 unsigned long nfsd_drc_max_mem; 89 unsigned long nfsd_drc_mem_used; 90 91 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 92 static struct svc_stat nfsd_acl_svcstats; 93 static const struct svc_version *nfsd_acl_version[] = { 94 [2] = &nfsd_acl_version2, 95 [3] = &nfsd_acl_version3, 96 }; 97 98 #define NFSD_ACL_MINVERS 2 99 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version) 100 101 static struct svc_program nfsd_acl_program = { 102 .pg_prog = NFS_ACL_PROGRAM, 103 .pg_nvers = NFSD_ACL_NRVERS, 104 .pg_vers = nfsd_acl_version, 105 .pg_name = "nfsacl", 106 .pg_class = "nfsd", 107 .pg_stats = &nfsd_acl_svcstats, 108 .pg_authenticate = &svc_set_client, 109 .pg_init_request = nfsd_acl_init_request, 110 .pg_rpcbind_set = nfsd_acl_rpcbind_set, 111 }; 112 113 static struct svc_stat nfsd_acl_svcstats = { 114 .program = &nfsd_acl_program, 115 }; 116 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ 117 118 static const struct svc_version *nfsd_version[] = { 119 [2] = &nfsd_version2, 120 #if defined(CONFIG_NFSD_V3) 121 [3] = &nfsd_version3, 122 #endif 123 #if defined(CONFIG_NFSD_V4) 124 [4] = &nfsd_version4, 125 #endif 126 }; 127 128 #define NFSD_MINVERS 2 129 #define NFSD_NRVERS ARRAY_SIZE(nfsd_version) 130 131 struct svc_program nfsd_program = { 132 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 133 .pg_next = &nfsd_acl_program, 134 #endif 135 .pg_prog = NFS_PROGRAM, /* program number */ 136 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */ 137 .pg_vers = nfsd_version, /* version table */ 138 .pg_name = "nfsd", /* program name */ 139 .pg_class = "nfsd", /* authentication class */ 140 .pg_stats = &nfsd_svcstats, /* version table */ 141 .pg_authenticate = &svc_set_client, /* export authentication */ 142 .pg_init_request = nfsd_init_request, 143 .pg_rpcbind_set = nfsd_rpcbind_set, 144 }; 145 146 static bool 147 nfsd_support_version(int vers) 148 { 149 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS) 150 return nfsd_version[vers] != NULL; 151 return false; 152 } 153 154 static bool * 155 nfsd_alloc_versions(void) 156 { 157 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL); 158 unsigned i; 159 160 if (vers) { 161 /* All compiled versions are enabled by default */ 162 for (i = 0; i < NFSD_NRVERS; i++) 163 vers[i] = nfsd_support_version(i); 164 } 165 return vers; 166 } 167 168 static bool * 169 nfsd_alloc_minorversions(void) 170 { 171 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1, 172 sizeof(bool), GFP_KERNEL); 173 unsigned i; 174 175 if (vers) { 176 /* All minor versions are enabled by default */ 177 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) 178 vers[i] = nfsd_support_version(4); 179 } 180 return vers; 181 } 182 183 void 184 nfsd_netns_free_versions(struct nfsd_net *nn) 185 { 186 kfree(nn->nfsd_versions); 187 kfree(nn->nfsd4_minorversions); 188 nn->nfsd_versions = NULL; 189 nn->nfsd4_minorversions = NULL; 190 } 191 192 static void 193 nfsd_netns_init_versions(struct nfsd_net *nn) 194 { 195 if (!nn->nfsd_versions) { 196 nn->nfsd_versions = nfsd_alloc_versions(); 197 nn->nfsd4_minorversions = nfsd_alloc_minorversions(); 198 if (!nn->nfsd_versions || !nn->nfsd4_minorversions) 199 nfsd_netns_free_versions(nn); 200 } 201 } 202 203 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change) 204 { 205 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS) 206 return 0; 207 switch(change) { 208 case NFSD_SET: 209 if (nn->nfsd_versions) 210 nn->nfsd_versions[vers] = nfsd_support_version(vers); 211 break; 212 case NFSD_CLEAR: 213 nfsd_netns_init_versions(nn); 214 if (nn->nfsd_versions) 215 nn->nfsd_versions[vers] = false; 216 break; 217 case NFSD_TEST: 218 if (nn->nfsd_versions) 219 return nn->nfsd_versions[vers]; 220 fallthrough; 221 case NFSD_AVAIL: 222 return nfsd_support_version(vers); 223 } 224 return 0; 225 } 226 227 static void 228 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn) 229 { 230 unsigned i; 231 232 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) { 233 if (nn->nfsd4_minorversions[i]) 234 return; 235 } 236 nfsd_vers(nn, 4, NFSD_CLEAR); 237 } 238 239 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change) 240 { 241 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION && 242 change != NFSD_AVAIL) 243 return -1; 244 245 switch(change) { 246 case NFSD_SET: 247 if (nn->nfsd4_minorversions) { 248 nfsd_vers(nn, 4, NFSD_SET); 249 nn->nfsd4_minorversions[minorversion] = 250 nfsd_vers(nn, 4, NFSD_TEST); 251 } 252 break; 253 case NFSD_CLEAR: 254 nfsd_netns_init_versions(nn); 255 if (nn->nfsd4_minorversions) { 256 nn->nfsd4_minorversions[minorversion] = false; 257 nfsd_adjust_nfsd_versions4(nn); 258 } 259 break; 260 case NFSD_TEST: 261 if (nn->nfsd4_minorversions) 262 return nn->nfsd4_minorversions[minorversion]; 263 return nfsd_vers(nn, 4, NFSD_TEST); 264 case NFSD_AVAIL: 265 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION && 266 nfsd_vers(nn, 4, NFSD_AVAIL); 267 } 268 return 0; 269 } 270 271 /* 272 * Maximum number of nfsd processes 273 */ 274 #define NFSD_MAXSERVS 8192 275 276 int nfsd_nrthreads(struct net *net) 277 { 278 int rv = 0; 279 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 280 281 mutex_lock(&nfsd_mutex); 282 if (nn->nfsd_serv) 283 rv = nn->nfsd_serv->sv_nrthreads; 284 mutex_unlock(&nfsd_mutex); 285 return rv; 286 } 287 288 static int nfsd_init_socks(struct net *net, const struct cred *cred) 289 { 290 int error; 291 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 292 293 if (!list_empty(&nn->nfsd_serv->sv_permsocks)) 294 return 0; 295 296 error = svc_create_xprt(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT, 297 SVC_SOCK_DEFAULTS, cred); 298 if (error < 0) 299 return error; 300 301 error = svc_create_xprt(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT, 302 SVC_SOCK_DEFAULTS, cred); 303 if (error < 0) 304 return error; 305 306 return 0; 307 } 308 309 static int nfsd_users = 0; 310 311 static int nfsd_startup_generic(void) 312 { 313 int ret; 314 315 if (nfsd_users++) 316 return 0; 317 318 ret = nfsd_file_cache_init(); 319 if (ret) 320 goto dec_users; 321 322 ret = nfs4_state_start(); 323 if (ret) 324 goto out_file_cache; 325 return 0; 326 327 out_file_cache: 328 nfsd_file_cache_shutdown(); 329 dec_users: 330 nfsd_users--; 331 return ret; 332 } 333 334 static void nfsd_shutdown_generic(void) 335 { 336 if (--nfsd_users) 337 return; 338 339 nfs4_state_shutdown(); 340 nfsd_file_cache_shutdown(); 341 } 342 343 static bool nfsd_needs_lockd(struct nfsd_net *nn) 344 { 345 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST); 346 } 347 348 /** 349 * nfsd_copy_write_verifier - Atomically copy a write verifier 350 * @verf: buffer in which to receive the verifier cookie 351 * @nn: NFS net namespace 352 * 353 * This function provides a wait-free mechanism for copying the 354 * namespace's write verifier without tearing it. 355 */ 356 void nfsd_copy_write_verifier(__be32 verf[2], struct nfsd_net *nn) 357 { 358 int seq = 0; 359 360 do { 361 read_seqbegin_or_lock(&nn->writeverf_lock, &seq); 362 memcpy(verf, nn->writeverf, sizeof(*verf)); 363 } while (need_seqretry(&nn->writeverf_lock, seq)); 364 done_seqretry(&nn->writeverf_lock, seq); 365 } 366 367 static void nfsd_reset_write_verifier_locked(struct nfsd_net *nn) 368 { 369 struct timespec64 now; 370 u64 verf; 371 372 /* 373 * Because the time value is hashed, y2038 time_t overflow 374 * is irrelevant in this usage. 375 */ 376 ktime_get_raw_ts64(&now); 377 verf = siphash_2u64(now.tv_sec, now.tv_nsec, &nn->siphash_key); 378 memcpy(nn->writeverf, &verf, sizeof(nn->writeverf)); 379 } 380 381 /** 382 * nfsd_reset_write_verifier - Generate a new write verifier 383 * @nn: NFS net namespace 384 * 385 * This function updates the ->writeverf field of @nn. This field 386 * contains an opaque cookie that, according to Section 18.32.3 of 387 * RFC 8881, "the client can use to determine whether a server has 388 * changed instance state (e.g., server restart) between a call to 389 * WRITE and a subsequent call to either WRITE or COMMIT. This 390 * cookie MUST be unchanged during a single instance of the NFSv4.1 391 * server and MUST be unique between instances of the NFSv4.1 392 * server." 393 */ 394 void nfsd_reset_write_verifier(struct nfsd_net *nn) 395 { 396 write_seqlock(&nn->writeverf_lock); 397 nfsd_reset_write_verifier_locked(nn); 398 write_sequnlock(&nn->writeverf_lock); 399 } 400 401 static int nfsd_startup_net(struct net *net, const struct cred *cred) 402 { 403 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 404 int ret; 405 406 if (nn->nfsd_net_up) 407 return 0; 408 409 ret = nfsd_startup_generic(); 410 if (ret) 411 return ret; 412 ret = nfsd_init_socks(net, cred); 413 if (ret) 414 goto out_socks; 415 416 if (nfsd_needs_lockd(nn) && !nn->lockd_up) { 417 ret = lockd_up(net, cred); 418 if (ret) 419 goto out_socks; 420 nn->lockd_up = true; 421 } 422 423 ret = nfsd_file_cache_start_net(net); 424 if (ret) 425 goto out_lockd; 426 ret = nfs4_state_start_net(net); 427 if (ret) 428 goto out_filecache; 429 430 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 431 nfsd4_ssc_init_umount_work(nn); 432 #endif 433 nn->nfsd_net_up = true; 434 return 0; 435 436 out_filecache: 437 nfsd_file_cache_shutdown_net(net); 438 out_lockd: 439 if (nn->lockd_up) { 440 lockd_down(net); 441 nn->lockd_up = false; 442 } 443 out_socks: 444 nfsd_shutdown_generic(); 445 return ret; 446 } 447 448 static void nfsd_shutdown_net(struct net *net) 449 { 450 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 451 452 nfsd_file_cache_shutdown_net(net); 453 nfs4_state_shutdown_net(net); 454 if (nn->lockd_up) { 455 lockd_down(net); 456 nn->lockd_up = false; 457 } 458 nn->nfsd_net_up = false; 459 nfsd_shutdown_generic(); 460 } 461 462 static DEFINE_SPINLOCK(nfsd_notifier_lock); 463 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event, 464 void *ptr) 465 { 466 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 467 struct net_device *dev = ifa->ifa_dev->dev; 468 struct net *net = dev_net(dev); 469 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 470 struct sockaddr_in sin; 471 472 if (event != NETDEV_DOWN || !nn->nfsd_serv) 473 goto out; 474 475 spin_lock(&nfsd_notifier_lock); 476 if (nn->nfsd_serv) { 477 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local); 478 sin.sin_family = AF_INET; 479 sin.sin_addr.s_addr = ifa->ifa_local; 480 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin); 481 } 482 spin_unlock(&nfsd_notifier_lock); 483 484 out: 485 return NOTIFY_DONE; 486 } 487 488 static struct notifier_block nfsd_inetaddr_notifier = { 489 .notifier_call = nfsd_inetaddr_event, 490 }; 491 492 #if IS_ENABLED(CONFIG_IPV6) 493 static int nfsd_inet6addr_event(struct notifier_block *this, 494 unsigned long event, void *ptr) 495 { 496 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; 497 struct net_device *dev = ifa->idev->dev; 498 struct net *net = dev_net(dev); 499 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 500 struct sockaddr_in6 sin6; 501 502 if (event != NETDEV_DOWN || !nn->nfsd_serv) 503 goto out; 504 505 spin_lock(&nfsd_notifier_lock); 506 if (nn->nfsd_serv) { 507 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr); 508 sin6.sin6_family = AF_INET6; 509 sin6.sin6_addr = ifa->addr; 510 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL) 511 sin6.sin6_scope_id = ifa->idev->dev->ifindex; 512 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6); 513 } 514 spin_unlock(&nfsd_notifier_lock); 515 516 out: 517 return NOTIFY_DONE; 518 } 519 520 static struct notifier_block nfsd_inet6addr_notifier = { 521 .notifier_call = nfsd_inet6addr_event, 522 }; 523 #endif 524 525 /* Only used under nfsd_mutex, so this atomic may be overkill: */ 526 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0); 527 528 static void nfsd_last_thread(struct svc_serv *serv, struct net *net) 529 { 530 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 531 532 /* check if the notifier still has clients */ 533 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) { 534 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier); 535 #if IS_ENABLED(CONFIG_IPV6) 536 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier); 537 #endif 538 } 539 540 /* 541 * write_ports can create the server without actually starting 542 * any threads--if we get shut down before any threads are 543 * started, then nfsd_last_thread will be run before any of this 544 * other initialization has been done except the rpcb information. 545 */ 546 svc_rpcb_cleanup(serv, net); 547 if (!nn->nfsd_net_up) 548 return; 549 550 nfsd_shutdown_net(net); 551 pr_info("nfsd: last server has exited, flushing export cache\n"); 552 nfsd_export_flush(net); 553 } 554 555 void nfsd_reset_versions(struct nfsd_net *nn) 556 { 557 int i; 558 559 for (i = 0; i < NFSD_NRVERS; i++) 560 if (nfsd_vers(nn, i, NFSD_TEST)) 561 return; 562 563 for (i = 0; i < NFSD_NRVERS; i++) 564 if (i != 4) 565 nfsd_vers(nn, i, NFSD_SET); 566 else { 567 int minor = 0; 568 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0) 569 minor++; 570 } 571 } 572 573 /* 574 * Each session guarantees a negotiated per slot memory cache for replies 575 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated 576 * NFSv4.1 server might want to use more memory for a DRC than a machine 577 * with mutiple services. 578 * 579 * Impose a hard limit on the number of pages for the DRC which varies 580 * according to the machines free pages. This is of course only a default. 581 * 582 * For now this is a #defined shift which could be under admin control 583 * in the future. 584 */ 585 static void set_max_drc(void) 586 { 587 #define NFSD_DRC_SIZE_SHIFT 7 588 nfsd_drc_max_mem = (nr_free_buffer_pages() 589 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE; 590 nfsd_drc_mem_used = 0; 591 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem); 592 } 593 594 static int nfsd_get_default_max_blksize(void) 595 { 596 struct sysinfo i; 597 unsigned long long target; 598 unsigned long ret; 599 600 si_meminfo(&i); 601 target = (i.totalram - i.totalhigh) << PAGE_SHIFT; 602 /* 603 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig 604 * machines, but only uses 32K on 128M machines. Bottom out at 605 * 8K on 32M and smaller. Of course, this is only a default. 606 */ 607 target >>= 12; 608 609 ret = NFSSVC_MAXBLKSIZE; 610 while (ret > target && ret >= 8*1024*2) 611 ret /= 2; 612 return ret; 613 } 614 615 static const struct svc_serv_ops nfsd_thread_sv_ops = { 616 .svo_shutdown = nfsd_last_thread, 617 .svo_function = nfsd, 618 .svo_enqueue_xprt = svc_xprt_do_enqueue, 619 .svo_module = THIS_MODULE, 620 }; 621 622 void nfsd_shutdown_threads(struct net *net) 623 { 624 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 625 struct svc_serv *serv; 626 627 mutex_lock(&nfsd_mutex); 628 serv = nn->nfsd_serv; 629 if (serv == NULL) { 630 mutex_unlock(&nfsd_mutex); 631 return; 632 } 633 634 svc_get(serv); 635 /* Kill outstanding nfsd threads */ 636 svc_set_num_threads(serv, NULL, 0); 637 nfsd_put(net); 638 mutex_unlock(&nfsd_mutex); 639 } 640 641 bool i_am_nfsd(void) 642 { 643 return kthread_func(current) == nfsd; 644 } 645 646 int nfsd_create_serv(struct net *net) 647 { 648 int error; 649 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 650 struct svc_serv *serv; 651 652 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 653 if (nn->nfsd_serv) { 654 svc_get(nn->nfsd_serv); 655 return 0; 656 } 657 if (nfsd_max_blksize == 0) 658 nfsd_max_blksize = nfsd_get_default_max_blksize(); 659 nfsd_reset_versions(nn); 660 serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize, 661 &nfsd_thread_sv_ops); 662 if (serv == NULL) 663 return -ENOMEM; 664 665 serv->sv_maxconn = nn->max_connections; 666 error = svc_bind(serv, net); 667 if (error < 0) { 668 /* NOT nfsd_put() as notifiers (see below) haven't 669 * been set up yet. 670 */ 671 svc_put(serv); 672 return error; 673 } 674 spin_lock(&nfsd_notifier_lock); 675 nn->nfsd_serv = serv; 676 spin_unlock(&nfsd_notifier_lock); 677 678 set_max_drc(); 679 /* check if the notifier is already set */ 680 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) { 681 register_inetaddr_notifier(&nfsd_inetaddr_notifier); 682 #if IS_ENABLED(CONFIG_IPV6) 683 register_inet6addr_notifier(&nfsd_inet6addr_notifier); 684 #endif 685 } 686 nfsd_reset_write_verifier(nn); 687 return 0; 688 } 689 690 int nfsd_nrpools(struct net *net) 691 { 692 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 693 694 if (nn->nfsd_serv == NULL) 695 return 0; 696 else 697 return nn->nfsd_serv->sv_nrpools; 698 } 699 700 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net) 701 { 702 int i = 0; 703 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 704 705 if (nn->nfsd_serv != NULL) { 706 for (i = 0; i < nn->nfsd_serv->sv_nrpools && i < n; i++) 707 nthreads[i] = nn->nfsd_serv->sv_pools[i].sp_nrthreads; 708 } 709 710 return 0; 711 } 712 713 /* This is the callback for kref_put() below. 714 * There is no code here as the first thing to be done is 715 * call svc_shutdown_net(), but we cannot get the 'net' from 716 * the kref. So do all the work when kref_put returns true. 717 */ 718 static void nfsd_noop(struct kref *ref) 719 { 720 } 721 722 void nfsd_put(struct net *net) 723 { 724 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 725 726 if (kref_put(&nn->nfsd_serv->sv_refcnt, nfsd_noop)) { 727 svc_shutdown_net(nn->nfsd_serv, net); 728 svc_destroy(&nn->nfsd_serv->sv_refcnt); 729 spin_lock(&nfsd_notifier_lock); 730 nn->nfsd_serv = NULL; 731 spin_unlock(&nfsd_notifier_lock); 732 } 733 } 734 735 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net) 736 { 737 int i = 0; 738 int tot = 0; 739 int err = 0; 740 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 741 742 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 743 744 if (nn->nfsd_serv == NULL || n <= 0) 745 return 0; 746 747 if (n > nn->nfsd_serv->sv_nrpools) 748 n = nn->nfsd_serv->sv_nrpools; 749 750 /* enforce a global maximum number of threads */ 751 tot = 0; 752 for (i = 0; i < n; i++) { 753 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); 754 tot += nthreads[i]; 755 } 756 if (tot > NFSD_MAXSERVS) { 757 /* total too large: scale down requested numbers */ 758 for (i = 0; i < n && tot > 0; i++) { 759 int new = nthreads[i] * NFSD_MAXSERVS / tot; 760 tot -= (nthreads[i] - new); 761 nthreads[i] = new; 762 } 763 for (i = 0; i < n && tot > 0; i++) { 764 nthreads[i]--; 765 tot--; 766 } 767 } 768 769 /* 770 * There must always be a thread in pool 0; the admin 771 * can't shut down NFS completely using pool_threads. 772 */ 773 if (nthreads[0] == 0) 774 nthreads[0] = 1; 775 776 /* apply the new numbers */ 777 svc_get(nn->nfsd_serv); 778 for (i = 0; i < n; i++) { 779 err = svc_set_num_threads(nn->nfsd_serv, 780 &nn->nfsd_serv->sv_pools[i], 781 nthreads[i]); 782 if (err) 783 break; 784 } 785 nfsd_put(net); 786 return err; 787 } 788 789 /* 790 * Adjust the number of threads and return the new number of threads. 791 * This is also the function that starts the server if necessary, if 792 * this is the first time nrservs is nonzero. 793 */ 794 int 795 nfsd_svc(int nrservs, struct net *net, const struct cred *cred) 796 { 797 int error; 798 bool nfsd_up_before; 799 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 800 801 mutex_lock(&nfsd_mutex); 802 dprintk("nfsd: creating service\n"); 803 804 nrservs = max(nrservs, 0); 805 nrservs = min(nrservs, NFSD_MAXSERVS); 806 error = 0; 807 808 if (nrservs == 0 && nn->nfsd_serv == NULL) 809 goto out; 810 811 strlcpy(nn->nfsd_name, utsname()->nodename, 812 sizeof(nn->nfsd_name)); 813 814 error = nfsd_create_serv(net); 815 if (error) 816 goto out; 817 818 nfsd_up_before = nn->nfsd_net_up; 819 820 error = nfsd_startup_net(net, cred); 821 if (error) 822 goto out_put; 823 error = svc_set_num_threads(nn->nfsd_serv, NULL, nrservs); 824 if (error) 825 goto out_shutdown; 826 error = nn->nfsd_serv->sv_nrthreads; 827 out_shutdown: 828 if (error < 0 && !nfsd_up_before) 829 nfsd_shutdown_net(net); 830 out_put: 831 /* Threads now hold service active */ 832 if (xchg(&nn->keep_active, 0)) 833 nfsd_put(net); 834 nfsd_put(net); 835 out: 836 mutex_unlock(&nfsd_mutex); 837 return error; 838 } 839 840 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 841 static bool 842 nfsd_support_acl_version(int vers) 843 { 844 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS) 845 return nfsd_acl_version[vers] != NULL; 846 return false; 847 } 848 849 static int 850 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp, 851 u32 version, int family, unsigned short proto, 852 unsigned short port) 853 { 854 if (!nfsd_support_acl_version(version) || 855 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 856 return 0; 857 return svc_generic_rpcbind_set(net, progp, version, family, 858 proto, port); 859 } 860 861 static __be32 862 nfsd_acl_init_request(struct svc_rqst *rqstp, 863 const struct svc_program *progp, 864 struct svc_process_info *ret) 865 { 866 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 867 int i; 868 869 if (likely(nfsd_support_acl_version(rqstp->rq_vers) && 870 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 871 return svc_generic_init_request(rqstp, progp, ret); 872 873 ret->mismatch.lovers = NFSD_ACL_NRVERS; 874 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) { 875 if (nfsd_support_acl_version(rqstp->rq_vers) && 876 nfsd_vers(nn, i, NFSD_TEST)) { 877 ret->mismatch.lovers = i; 878 break; 879 } 880 } 881 if (ret->mismatch.lovers == NFSD_ACL_NRVERS) 882 return rpc_prog_unavail; 883 ret->mismatch.hivers = NFSD_ACL_MINVERS; 884 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) { 885 if (nfsd_support_acl_version(rqstp->rq_vers) && 886 nfsd_vers(nn, i, NFSD_TEST)) { 887 ret->mismatch.hivers = i; 888 break; 889 } 890 } 891 return rpc_prog_mismatch; 892 } 893 #endif 894 895 static int 896 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp, 897 u32 version, int family, unsigned short proto, 898 unsigned short port) 899 { 900 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 901 return 0; 902 return svc_generic_rpcbind_set(net, progp, version, family, 903 proto, port); 904 } 905 906 static __be32 907 nfsd_init_request(struct svc_rqst *rqstp, 908 const struct svc_program *progp, 909 struct svc_process_info *ret) 910 { 911 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 912 int i; 913 914 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 915 return svc_generic_init_request(rqstp, progp, ret); 916 917 ret->mismatch.lovers = NFSD_NRVERS; 918 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) { 919 if (nfsd_vers(nn, i, NFSD_TEST)) { 920 ret->mismatch.lovers = i; 921 break; 922 } 923 } 924 if (ret->mismatch.lovers == NFSD_NRVERS) 925 return rpc_prog_unavail; 926 ret->mismatch.hivers = NFSD_MINVERS; 927 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) { 928 if (nfsd_vers(nn, i, NFSD_TEST)) { 929 ret->mismatch.hivers = i; 930 break; 931 } 932 } 933 return rpc_prog_mismatch; 934 } 935 936 /* 937 * This is the NFS server kernel thread 938 */ 939 static int 940 nfsd(void *vrqstp) 941 { 942 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; 943 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); 944 struct net *net = perm_sock->xpt_net; 945 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 946 int err; 947 948 /* At this point, the thread shares current->fs 949 * with the init process. We need to create files with the 950 * umask as defined by the client instead of init's umask. */ 951 if (unshare_fs_struct() < 0) { 952 printk("Unable to start nfsd thread: out of memory\n"); 953 goto out; 954 } 955 956 current->fs->umask = 0; 957 958 /* 959 * thread is spawned with all signals set to SIG_IGN, re-enable 960 * the ones that will bring down the thread 961 */ 962 allow_signal(SIGKILL); 963 allow_signal(SIGHUP); 964 allow_signal(SIGINT); 965 allow_signal(SIGQUIT); 966 967 atomic_inc(&nfsdstats.th_cnt); 968 969 set_freezable(); 970 971 /* 972 * The main request loop 973 */ 974 for (;;) { 975 /* Update sv_maxconn if it has changed */ 976 rqstp->rq_server->sv_maxconn = nn->max_connections; 977 978 /* 979 * Find a socket with data available and call its 980 * recvfrom routine. 981 */ 982 while ((err = svc_recv(rqstp, 60*60*HZ)) == -EAGAIN) 983 ; 984 if (err == -EINTR) 985 break; 986 validate_process_creds(); 987 svc_process(rqstp); 988 validate_process_creds(); 989 } 990 991 /* Clear signals before calling svc_exit_thread() */ 992 flush_signals(current); 993 994 atomic_dec(&nfsdstats.th_cnt); 995 996 out: 997 /* Take an extra ref so that the svc_put in svc_exit_thread() 998 * doesn't call svc_destroy() 999 */ 1000 svc_get(nn->nfsd_serv); 1001 1002 /* Release the thread */ 1003 svc_exit_thread(rqstp); 1004 1005 /* We need to drop a ref, but may not drop the last reference 1006 * without holding nfsd_mutex, and we cannot wait for nfsd_mutex as that 1007 * could deadlock with nfsd_shutdown_threads() waiting for us. 1008 * So three options are: 1009 * - drop a non-final reference, 1010 * - get the mutex without waiting 1011 * - sleep briefly andd try the above again 1012 */ 1013 while (!svc_put_not_last(nn->nfsd_serv)) { 1014 if (mutex_trylock(&nfsd_mutex)) { 1015 nfsd_put(net); 1016 mutex_unlock(&nfsd_mutex); 1017 break; 1018 } 1019 msleep(20); 1020 } 1021 1022 /* Release module */ 1023 module_put_and_kthread_exit(0); 1024 return 0; 1025 } 1026 1027 /** 1028 * nfsd_dispatch - Process an NFS or NFSACL Request 1029 * @rqstp: incoming request 1030 * @statp: pointer to location of accept_stat field in RPC Reply buffer 1031 * 1032 * This RPC dispatcher integrates the NFS server's duplicate reply cache. 1033 * 1034 * Return values: 1035 * %0: Processing complete; do not send a Reply 1036 * %1: Processing complete; send Reply in rqstp->rq_res 1037 */ 1038 int nfsd_dispatch(struct svc_rqst *rqstp, __be32 *statp) 1039 { 1040 const struct svc_procedure *proc = rqstp->rq_procinfo; 1041 1042 /* 1043 * Give the xdr decoder a chance to change this if it wants 1044 * (necessary in the NFSv4.0 compound case) 1045 */ 1046 rqstp->rq_cachetype = proc->pc_cachetype; 1047 1048 svcxdr_init_decode(rqstp); 1049 if (!proc->pc_decode(rqstp, &rqstp->rq_arg_stream)) 1050 goto out_decode_err; 1051 1052 switch (nfsd_cache_lookup(rqstp)) { 1053 case RC_DOIT: 1054 break; 1055 case RC_REPLY: 1056 goto out_cached_reply; 1057 case RC_DROPIT: 1058 goto out_dropit; 1059 } 1060 1061 /* 1062 * Need to grab the location to store the status, as 1063 * NFSv4 does some encoding while processing 1064 */ 1065 svcxdr_init_encode(rqstp); 1066 1067 *statp = proc->pc_func(rqstp); 1068 if (*statp == rpc_drop_reply || test_bit(RQ_DROPME, &rqstp->rq_flags)) 1069 goto out_update_drop; 1070 1071 if (!proc->pc_encode(rqstp, &rqstp->rq_res_stream)) 1072 goto out_encode_err; 1073 1074 nfsd_cache_update(rqstp, rqstp->rq_cachetype, statp + 1); 1075 out_cached_reply: 1076 return 1; 1077 1078 out_decode_err: 1079 trace_nfsd_garbage_args_err(rqstp); 1080 *statp = rpc_garbage_args; 1081 return 1; 1082 1083 out_update_drop: 1084 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1085 out_dropit: 1086 return 0; 1087 1088 out_encode_err: 1089 trace_nfsd_cant_encode_err(rqstp); 1090 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1091 *statp = rpc_system_err; 1092 return 1; 1093 } 1094 1095 /** 1096 * nfssvc_decode_voidarg - Decode void arguments 1097 * @rqstp: Server RPC transaction context 1098 * @xdr: XDR stream positioned at arguments to decode 1099 * 1100 * Return values: 1101 * %false: Arguments were not valid 1102 * %true: Decoding was successful 1103 */ 1104 bool nfssvc_decode_voidarg(struct svc_rqst *rqstp, struct xdr_stream *xdr) 1105 { 1106 return true; 1107 } 1108 1109 /** 1110 * nfssvc_encode_voidres - Encode void results 1111 * @rqstp: Server RPC transaction context 1112 * @xdr: XDR stream into which to encode results 1113 * 1114 * Return values: 1115 * %false: Local error while encoding 1116 * %true: Encoding was successful 1117 */ 1118 bool nfssvc_encode_voidres(struct svc_rqst *rqstp, struct xdr_stream *xdr) 1119 { 1120 return true; 1121 } 1122 1123 int nfsd_pool_stats_open(struct inode *inode, struct file *file) 1124 { 1125 int ret; 1126 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id); 1127 1128 mutex_lock(&nfsd_mutex); 1129 if (nn->nfsd_serv == NULL) { 1130 mutex_unlock(&nfsd_mutex); 1131 return -ENODEV; 1132 } 1133 svc_get(nn->nfsd_serv); 1134 ret = svc_pool_stats_open(nn->nfsd_serv, file); 1135 mutex_unlock(&nfsd_mutex); 1136 return ret; 1137 } 1138 1139 int nfsd_pool_stats_release(struct inode *inode, struct file *file) 1140 { 1141 int ret = seq_release(inode, file); 1142 struct net *net = inode->i_sb->s_fs_info; 1143 1144 mutex_lock(&nfsd_mutex); 1145 nfsd_put(net); 1146 mutex_unlock(&nfsd_mutex); 1147 return ret; 1148 } 1149