Index: projects/nfs-over-tls/sys/fs/nfs/nfs.h
===================================================================
--- projects/nfs-over-tls/sys/fs/nfs/nfs.h (revision 359683)
+++ projects/nfs-over-tls/sys/fs/nfs/nfs.h (revision 359684)
@@ -1,827 +1,827 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Rick Macklem at The University of Guelph.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifndef _NFS_NFS_H_
#define _NFS_NFS_H_
/*
* Tunable constants for nfs
*/
#define NFS_MAXIOVEC 34
#define NFS_TICKINTVL 500 /* Desired time for a tick (msec) */
#define NFS_HZ (hz / nfscl_ticks) /* Ticks/sec */
#define NFS_TIMEO (1 * NFS_HZ) /* Default timeout = 1 second */
#define NFS_MINTIMEO (1 * NFS_HZ) /* Min timeout to use */
#define NFS_MAXTIMEO (60 * NFS_HZ) /* Max timeout to backoff to */
#define NFS_TCPTIMEO 300 /* TCP timeout */
#define NFS_MAXRCVTIMEO 60 /* 1 minute in seconds */
#define NFS_MINIDEMTIMEO (5 * NFS_HZ) /* Min timeout for non-idempotent ops*/
#define NFS_MAXREXMIT 100 /* Stop counting after this many */
#define NFSV4_CALLBACKTIMEO (2 * NFS_HZ) /* Timeout in ticks */
#define NFSV4_CALLBACKRETRY 5 /* Number of retries before failure */
#define NFSV4_SLOTS 64 /* Number of slots, fore channel */
#define NFSV4_CBSLOTS 8 /* Number of slots, back channel */
#define NFSV4_CBRETRYCNT 4 /* # of CBRecall retries upon err */
#define NFSV4_UPCALLTIMEO (15 * NFS_HZ) /* Timeout in ticks for upcalls */
/* to gssd or nfsuserd */
#define NFSV4_UPCALLRETRY 4 /* Number of retries before failure */
#define NFS_MAXWINDOW 1024 /* Max number of outstanding requests */
#define NFS_RETRANS 10 /* Num of retrans for soft mounts */
#define NFS_RETRANS_TCP 2 /* Num of retrans for TCP soft mounts */
#define NFS_MAXGRPS 16 /* Max. size of groups list */
#define NFS_TRYLATERDEL 15 /* Maximum delay timeout (sec) */
#ifndef NFS_REMOVETIMEO
#define NFS_REMOVETIMEO 15 /* # sec to wait for delegret in local syscall */
#endif
#ifndef NFS_MINATTRTIMO
#define NFS_MINATTRTIMO 5 /* Attribute cache timeout in sec */
#endif
#ifndef NFS_MAXATTRTIMO
#define NFS_MAXATTRTIMO 60
#endif
#define NFS_WSIZE 8192 /* Def. write data size <= 8192 */
#define NFS_RSIZE 8192 /* Def. read data size <= 8192 */
#define NFS_READDIRSIZE 8192 /* Def. readdir size */
#define NFS_DEFRAHEAD 1 /* Def. read ahead # blocks */
#define NFS_MAXRAHEAD 16 /* Max. read ahead # blocks */
#define NFS_MAXASYNCDAEMON 64 /* Max. number async_daemons runnable */
#define NFS_MAXUIDHASH 64 /* Max. # of hashed uid entries/mp */
#ifndef NFSRV_LEASE
#define NFSRV_LEASE 120 /* Lease time in seconds for V4 */
#endif /* assigned to nfsrv_lease */
#ifndef NFSRV_STALELEASE
#define NFSRV_STALELEASE (5 * nfsrv_lease)
#endif
#ifndef NFSRV_MOULDYLEASE
#define NFSRV_MOULDYLEASE 604800 /* One week (in sec) */
#endif
#ifndef NFSCLIENTHASHSIZE
#define NFSCLIENTHASHSIZE 20 /* Size of server client hash table */
#endif
#ifndef NFSLOCKHASHSIZE
#define NFSLOCKHASHSIZE 20 /* Size of server nfslock hash table */
#endif
#ifndef NFSSESSIONHASHSIZE
#define NFSSESSIONHASHSIZE 20 /* Size of server session hash table */
#endif
#define NFSSTATEHASHSIZE 10 /* Size of server stateid hash table */
#define NFSLAYOUTHIGHWATER 1000000 /* Upper limit for # of layouts */
#ifndef NFSCLDELEGHIGHWATER
#define NFSCLDELEGHIGHWATER 10000 /* limit for client delegations */
#endif
#ifndef NFSCLLAYOUTHIGHWATER
#define NFSCLLAYOUTHIGHWATER 10000 /* limit for client pNFS layouts */
#endif
#ifndef NFSNOOPEN /* Inactive open owner (sec) */
#define NFSNOOPEN 120
#endif
#define NFSRV_LEASEDELTA 15 /* # of seconds to delay beyond lease */
#define NFS_IDMAXSIZE 4 /* max sizeof (in_addr_t) */
#ifndef NFSRVCACHE_UDPTIMEOUT
#define NFSRVCACHE_UDPTIMEOUT 30 /* # of sec to hold cached rpcs(udp) */
#endif
#ifndef NFSRVCACHE_UDPHIGHWATER
#define NFSRVCACHE_UDPHIGHWATER 500 /* Max # of udp cache entries */
#endif
#ifndef NFSRVCACHE_TCPTIMEOUT
#define NFSRVCACHE_TCPTIMEOUT (3600*12) /*#of sec to hold cached rpcs(tcp) */
#endif
#ifndef NFSRVCACHE_FLOODLEVEL
#define NFSRVCACHE_FLOODLEVEL 16384 /* Very high water mark for cache */
#endif
#ifndef NFSRV_CLIENTHIGHWATER
#define NFSRV_CLIENTHIGHWATER 1000
#endif
#ifndef NFSRV_MAXDUMPLIST
#define NFSRV_MAXDUMPLIST 10000
#endif
#ifndef NFS_ACCESSCACHESIZE
#define NFS_ACCESSCACHESIZE 8
#endif
#define NFSV4_CBPORT 7745 /* Callback port for testing */
/*
* This macro defines the high water mark for issuing V4 delegations.
* (It is currently set at a conservative 20% of nfsrv_v4statelimit. This
* may want to increase when clients can make more effective use of
* delegations.)
*/
#define NFSRV_V4DELEGLIMIT(c) (((c) * 5) > nfsrv_v4statelimit)
#define NFS_READDIRBLKSIZ DIRBLKSIZ /* Minimal nm_readdirsize */
/*
* Oddballs
*/
#define NFS_CMPFH(n, f, s) \
((n)->n_fhp->nfh_len == (s) && !NFSBCMP((n)->n_fhp->nfh_fh, (caddr_t)(f), (s)))
#define NFSRV_CMPFH(nf, ns, f, s) \
((ns) == (s) && !NFSBCMP((caddr_t)(nf), (caddr_t)(f), (s)))
#define NFS_CMPTIME(t1, t2) \
((t1).tv_sec == (t2).tv_sec && (t1).tv_nsec == (t2).tv_nsec)
#define NFS_SETTIME(t) do { \
(t).tv_sec = time.tv_sec; (t).tv_nsec = 1000 * time.tv_usec; } while (0)
#define NFS_SRVMAXDATA(n) \
(((n)->nd_flag & (ND_NFSV3 | ND_NFSV4)) ? \
NFS_SRVMAXIO : NFS_V2MAXDATA)
#define NFS64BITSSET 0xffffffffffffffffull
#define NFS64BITSMINUS1 0xfffffffffffffffeull
/*
* Structures for the nfssvc(2) syscall. Not that anyone but nfsd, mount_nfs
* and nfsloaduser should ever try and use it.
*/
struct nfsd_addsock_args {
int sock; /* Socket to serve */
caddr_t name; /* Client addr for connection based sockets */
int namelen; /* Length of name */
};
/*
* nfsd argument for new krpc.
* (New version supports pNFS, indicated by NFSSVC_NEWSTRUCT flag.)
*/
struct nfsd_nfsd_args {
const char *principal; /* GSS-API service principal name */
int minthreads; /* minimum service thread count */
int maxthreads; /* maximum service thread count */
int version; /* Allow multiple variants */
char *addr; /* pNFS DS addresses */
int addrlen; /* Length of addrs */
char *dnshost; /* DNS names for DS addresses */
int dnshostlen; /* Length of DNS names */
char *dspath; /* DS Mount path on MDS */
int dspathlen; /* Length of DS Mount path on MDS */
char *mdspath; /* MDS mount for DS path on MDS */
int mdspathlen; /* Length of MDS mount for DS path on MDS */
int mirrorcnt; /* Number of mirrors to create on DSs */
};
/*
* NFSDEV_MAXMIRRORS - Maximum level of mirroring for a DS.
* (Most will only put files on two DSs, but this setting allows up to 4.)
* NFSDEV_MAXVERS - maximum number of NFS versions supported by Flex File.
*/
#define NFSDEV_MAXMIRRORS 4
#define NFSDEV_MAXVERS 4
struct nfsd_pnfsd_args {
int op; /* Which pNFSd op to perform. */
char *mdspath; /* Path of MDS file. */
char *dspath; /* Path of recovered DS mounted on dir. */
char *curdspath; /* Path of current DS mounted on dir. */
};
#define PNFSDOP_DELDSSERVER 1
#define PNFSDOP_COPYMR 2
#define PNFSDOP_FORCEDELDS 3
/* Old version. */
struct nfsd_nfsd_oargs {
const char *principal; /* GSS-API service principal name */
int minthreads; /* minimum service thread count */
int maxthreads; /* maximum service thread count */
};
/*
* Arguments for use by the callback daemon.
*/
struct nfsd_nfscbd_args {
const char *principal; /* GSS-API service principal name */
};
struct nfscbd_args {
int sock; /* Socket to serve */
caddr_t name; /* Client addr for connection based sockets */
int namelen; /* Length of name */
u_short port; /* Port# for callbacks */
};
struct nfsd_idargs {
int nid_flag; /* Flags (see below) */
uid_t nid_uid; /* user/group id */
gid_t nid_gid;
int nid_usermax; /* Upper bound on user name cache */
int nid_usertimeout;/* User name timeout (minutes) */
u_char *nid_name; /* Name */
int nid_namelen; /* and its length */
gid_t *nid_grps; /* and the list */
int nid_ngroup; /* Size of groups list */
};
struct nfsd_oidargs {
int nid_flag; /* Flags (see below) */
uid_t nid_uid; /* user/group id */
gid_t nid_gid;
int nid_usermax; /* Upper bound on user name cache */
int nid_usertimeout;/* User name timeout (minutes) */
u_char *nid_name; /* Name */
int nid_namelen; /* and its length */
};
struct nfsuserd_args {
sa_family_t nuserd_family; /* Address family to use */
u_short nuserd_port; /* Port# */
};
struct nfsd_clid {
int nclid_idlen; /* Length of client id */
u_char nclid_id[NFSV4_OPAQUELIMIT]; /* and name */
};
struct nfsd_dumplist {
int ndl_size; /* Number of elements */
void *ndl_list; /* and the list of elements */
};
struct nfsd_dumpclients {
u_int32_t ndcl_flags; /* LCL_xxx flags */
u_int32_t ndcl_nopenowners; /* Number of openowners */
u_int32_t ndcl_nopens; /* and opens */
u_int32_t ndcl_nlockowners; /* and of lockowners */
u_int32_t ndcl_nlocks; /* and of locks */
u_int32_t ndcl_ndelegs; /* and of delegations */
u_int32_t ndcl_nolddelegs; /* and old delegations */
sa_family_t ndcl_addrfam; /* Callback address */
union {
struct in_addr sin_addr;
struct in6_addr sin6_addr;
} ndcl_cbaddr;
struct nfsd_clid ndcl_clid; /* and client id */
};
struct nfsd_dumplocklist {
char *ndllck_fname; /* File Name */
int ndllck_size; /* Number of elements */
void *ndllck_list; /* and the list of elements */
};
struct nfsd_dumplocks {
u_int32_t ndlck_flags; /* state flags NFSLCK_xxx */
nfsv4stateid_t ndlck_stateid; /* stateid */
u_int64_t ndlck_first; /* lock byte range */
u_int64_t ndlck_end;
struct nfsd_clid ndlck_owner; /* Owner of open/lock */
sa_family_t ndlck_addrfam; /* Callback address */
union {
struct in_addr sin_addr;
struct in6_addr sin6_addr;
} ndlck_cbaddr;
struct nfsd_clid ndlck_clid; /* and client id */
};
/*
* Structure for referral information.
*/
struct nfsreferral {
u_char *nfr_srvlist; /* List of servers */
int nfr_srvcnt; /* number of servers */
vnode_t nfr_vp; /* vnode for referral */
uint64_t nfr_dfileno; /* assigned dir inode# */
};
/*
* Flags for lc_flags and opsflags for nfsrv_getclient().
*/
#define LCL_NEEDSCONFIRM 0x00000001
#define LCL_DONTCLEAN 0x00000002
#define LCL_WAKEUPWANTED 0x00000004
#define LCL_TCPCALLBACK 0x00000008
#define LCL_CALLBACKSON 0x00000010
#define LCL_INDEXNOTOK 0x00000020
#define LCL_STAMPEDSTABLE 0x00000040
#define LCL_EXPIREIT 0x00000080
#define LCL_CBDOWN 0x00000100
#define LCL_KERBV 0x00000400
#define LCL_NAME 0x00000800
#define LCL_NEEDSCBNULL 0x00001000
#define LCL_GSSINTEGRITY 0x00002000
#define LCL_GSSPRIVACY 0x00004000
#define LCL_ADMINREVOKED 0x00008000
#define LCL_RECLAIMCOMPLETE 0x00010000
#define LCL_NFSV41 0x00020000
#define LCL_DONEBINDCONN 0x00040000
#define LCL_RECLAIMONEFS 0x00080000
#define LCL_NFSV42 0x00100000
#define LCL_GSS LCL_KERBV /* Or of all mechs */
/*
* Bits for flags in nfslock and nfsstate.
* The access, deny, NFSLCK_READ and NFSLCK_WRITE bits must be defined as
* below, in the correct order, so the shifts work for tests.
*/
#define NFSLCK_READACCESS 0x00000001
#define NFSLCK_WRITEACCESS 0x00000002
#define NFSLCK_ACCESSBITS (NFSLCK_READACCESS | NFSLCK_WRITEACCESS)
#define NFSLCK_SHIFT 2
#define NFSLCK_READDENY 0x00000004
#define NFSLCK_WRITEDENY 0x00000008
#define NFSLCK_DENYBITS (NFSLCK_READDENY | NFSLCK_WRITEDENY)
#define NFSLCK_SHAREBITS \
(NFSLCK_READACCESS|NFSLCK_WRITEACCESS|NFSLCK_READDENY|NFSLCK_WRITEDENY)
#define NFSLCK_LOCKSHIFT 4
#define NFSLCK_READ 0x00000010
#define NFSLCK_WRITE 0x00000020
#define NFSLCK_BLOCKING 0x00000040
#define NFSLCK_RECLAIM 0x00000080
#define NFSLCK_OPENTOLOCK 0x00000100
#define NFSLCK_TEST 0x00000200
#define NFSLCK_LOCK 0x00000400
#define NFSLCK_UNLOCK 0x00000800
#define NFSLCK_OPEN 0x00001000
#define NFSLCK_CLOSE 0x00002000
#define NFSLCK_CHECK 0x00004000
#define NFSLCK_RELEASE 0x00008000
#define NFSLCK_NEEDSCONFIRM 0x00010000
#define NFSLCK_CONFIRM 0x00020000
#define NFSLCK_DOWNGRADE 0x00040000
#define NFSLCK_DELEGREAD 0x00080000
#define NFSLCK_DELEGWRITE 0x00100000
#define NFSLCK_DELEGCUR 0x00200000
#define NFSLCK_DELEGPREV 0x00400000
#define NFSLCK_OLDDELEG 0x00800000
#define NFSLCK_DELEGRECALL 0x01000000
#define NFSLCK_SETATTR 0x02000000
#define NFSLCK_DELEGPURGE 0x04000000
#define NFSLCK_DELEGRETURN 0x08000000
#define NFSLCK_WANTWDELEG 0x10000000
#define NFSLCK_WANTRDELEG 0x20000000
#define NFSLCK_WANTNODELEG 0x40000000
#define NFSLCK_WANTBITS \
(NFSLCK_WANTWDELEG | NFSLCK_WANTRDELEG | NFSLCK_WANTNODELEG)
/* And bits for nid_flag */
#define NFSID_INITIALIZE 0x0001
#define NFSID_ADDUID 0x0002
#define NFSID_DELUID 0x0004
#define NFSID_ADDUSERNAME 0x0008
#define NFSID_DELUSERNAME 0x0010
#define NFSID_ADDGID 0x0020
#define NFSID_DELGID 0x0040
#define NFSID_ADDGROUPNAME 0x0080
#define NFSID_DELGROUPNAME 0x0100
/*
* fs.nfs sysctl(3) identifiers
*/
#define NFS_NFSSTATS 1 /* struct: struct nfsstats */
/*
* Here is the definition of the attribute bits array and macros that
* manipulate it.
* THE MACROS MUST BE MANUALLY MODIFIED IF NFSATTRBIT_MAXWORDS CHANGES!!
* It is (NFSATTRBIT_MAX + 31) / 32.
*/
#define NFSATTRBIT_MAXWORDS 3
typedef struct {
u_int32_t bits[NFSATTRBIT_MAXWORDS];
} nfsattrbit_t;
#define NFSZERO_ATTRBIT(b) do { \
(b)->bits[0] = 0; \
(b)->bits[1] = 0; \
(b)->bits[2] = 0; \
} while (0)
#define NFSSET_ATTRBIT(t, f) do { \
(t)->bits[0] = (f)->bits[0]; \
(t)->bits[1] = (f)->bits[1]; \
(t)->bits[2] = (f)->bits[2]; \
} while (0)
#define NFSSETSUPP_ATTRBIT(b, n) do { \
(b)->bits[0] = NFSATTRBIT_SUPP0; \
(b)->bits[1] = (NFSATTRBIT_SUPP1 | NFSATTRBIT_SUPPSETONLY1); \
(b)->bits[2] = (NFSATTRBIT_SUPP2 | NFSATTRBIT_SUPPSETONLY2); \
if (((n)->nd_flag & ND_NFSV41) == 0) { \
(b)->bits[1] &= ~NFSATTRBIT_NFSV41_1; \
(b)->bits[2] &= ~NFSATTRBIT_NFSV41_2; \
} \
if (((n)->nd_flag & ND_NFSV42) == 0) \
(b)->bits[2] &= ~NFSATTRBIT_NFSV42_2; \
} while (0)
#define NFSISSET_ATTRBIT(b, p) ((b)->bits[(p) / 32] & (1 << ((p) % 32)))
#define NFSSETBIT_ATTRBIT(b, p) ((b)->bits[(p) / 32] |= (1 << ((p) % 32)))
#define NFSCLRBIT_ATTRBIT(b, p) ((b)->bits[(p) / 32] &= ~(1 << ((p) % 32)))
#define NFSCLRALL_ATTRBIT(b, a) do { \
(b)->bits[0] &= ~((a)->bits[0]); \
(b)->bits[1] &= ~((a)->bits[1]); \
(b)->bits[2] &= ~((a)->bits[2]); \
} while (0)
#define NFSCLRNOT_ATTRBIT(b, a) do { \
(b)->bits[0] &= ((a)->bits[0]); \
(b)->bits[1] &= ((a)->bits[1]); \
(b)->bits[2] &= ((a)->bits[2]); \
} while (0)
#define NFSCLRNOTFILLABLE_ATTRBIT(b, n) do { \
(b)->bits[0] &= NFSATTRBIT_SUPP0; \
(b)->bits[1] &= NFSATTRBIT_SUPP1; \
(b)->bits[2] &= NFSATTRBIT_SUPP2; \
if (((n)->nd_flag & ND_NFSV41) == 0) { \
(b)->bits[1] &= ~NFSATTRBIT_NFSV41_1; \
(b)->bits[2] &= ~NFSATTRBIT_NFSV41_2; \
} \
if (((n)->nd_flag & ND_NFSV42) == 0) \
(b)->bits[2] &= ~NFSATTRBIT_NFSV42_2; \
} while (0)
#define NFSCLRNOTSETABLE_ATTRBIT(b, n) do { \
(b)->bits[0] &= NFSATTRBIT_SETABLE0; \
(b)->bits[1] &= NFSATTRBIT_SETABLE1; \
(b)->bits[2] &= NFSATTRBIT_SETABLE2; \
if (((n)->nd_flag & ND_NFSV41) == 0) \
(b)->bits[2] &= ~NFSATTRBIT_NFSV41_2; \
if (((n)->nd_flag & ND_NFSV42) == 0) \
(b)->bits[2] &= ~NFSATTRBIT_NFSV42_2; \
} while (0)
#define NFSNONZERO_ATTRBIT(b) ((b)->bits[0] || (b)->bits[1] || (b)->bits[2])
#define NFSEQUAL_ATTRBIT(b, p) ((b)->bits[0] == (p)->bits[0] && \
(b)->bits[1] == (p)->bits[1] && (b)->bits[2] == (p)->bits[2])
#define NFSGETATTR_ATTRBIT(b) do { \
(b)->bits[0] = NFSATTRBIT_GETATTR0; \
(b)->bits[1] = NFSATTRBIT_GETATTR1; \
(b)->bits[2] = NFSATTRBIT_GETATTR2; \
} while (0)
#define NFSWCCATTR_ATTRBIT(b) do { \
(b)->bits[0] = NFSATTRBIT_WCCATTR0; \
(b)->bits[1] = NFSATTRBIT_WCCATTR1; \
(b)->bits[2] = NFSATTRBIT_WCCATTR2; \
} while (0)
#define NFSWRITEGETATTR_ATTRBIT(b) do { \
(b)->bits[0] = NFSATTRBIT_WRITEGETATTR0; \
(b)->bits[1] = NFSATTRBIT_WRITEGETATTR1; \
(b)->bits[2] = NFSATTRBIT_WRITEGETATTR2; \
} while (0)
#define NFSCBGETATTR_ATTRBIT(b, c) do { \
(c)->bits[0] = ((b)->bits[0] & NFSATTRBIT_CBGETATTR0); \
(c)->bits[1] = ((b)->bits[1] & NFSATTRBIT_CBGETATTR1); \
(c)->bits[2] = ((b)->bits[2] & NFSATTRBIT_CBGETATTR2); \
} while (0)
#define NFSPATHCONF_GETATTRBIT(b) do { \
(b)->bits[0] = NFSGETATTRBIT_PATHCONF0; \
(b)->bits[1] = NFSGETATTRBIT_PATHCONF1; \
(b)->bits[2] = NFSGETATTRBIT_PATHCONF2; \
} while (0)
#define NFSSTATFS_GETATTRBIT(b) do { \
(b)->bits[0] = NFSGETATTRBIT_STATFS0; \
(b)->bits[1] = NFSGETATTRBIT_STATFS1; \
(b)->bits[2] = NFSGETATTRBIT_STATFS2; \
} while (0)
#define NFSISSETSTATFS_ATTRBIT(b) \
(((b)->bits[0] & NFSATTRBIT_STATFS0) || \
((b)->bits[1] & NFSATTRBIT_STATFS1) || \
((b)->bits[2] & NFSATTRBIT_STATFS2))
#define NFSCLRSTATFS_ATTRBIT(b) do { \
(b)->bits[0] &= ~NFSATTRBIT_STATFS0; \
(b)->bits[1] &= ~NFSATTRBIT_STATFS1; \
(b)->bits[2] &= ~NFSATTRBIT_STATFS2; \
} while (0)
#define NFSREADDIRPLUS_ATTRBIT(b) do { \
(b)->bits[0] = NFSATTRBIT_READDIRPLUS0; \
(b)->bits[1] = NFSATTRBIT_READDIRPLUS1; \
(b)->bits[2] = NFSATTRBIT_READDIRPLUS2; \
} while (0)
#define NFSREFERRAL_ATTRBIT(b) do { \
(b)->bits[0] = NFSATTRBIT_REFERRAL0; \
(b)->bits[1] = NFSATTRBIT_REFERRAL1; \
(b)->bits[2] = NFSATTRBIT_REFERRAL2; \
} while (0)
/*
* Store uid, gid creds that were used when the stateid was acquired.
* The RPC layer allows NFS_MAXGRPS + 1 groups to go out on the wire,
* so that's how many gets stored here.
*/
struct nfscred {
uid_t nfsc_uid;
gid_t nfsc_groups[NFS_MAXGRPS + 1];
int nfsc_ngroups;
};
/*
* Constants that define the file handle for the V4 root directory.
* (The FSID must never be used by other file systems that are exported.)
*/
#define NFSV4ROOT_FSID0 ((int32_t) -1)
#define NFSV4ROOT_FSID1 ((int32_t) -1)
#define NFSV4ROOT_REFERRAL ((int32_t) -2)
#define NFSV4ROOT_INO 2 /* It's traditional */
#define NFSV4ROOT_GEN 1
/*
* The set of signals the interrupt an I/O in progress for NFSMNT_INT mounts.
* What should be in this set is open to debate, but I believe that since
* I/O system calls on ufs are never interrupted by signals the set should
* be minimal. My reasoning is that many current programs that use signals
* such as SIGALRM will not expect file I/O system calls to be interrupted
* by them and break.
*/
#if defined(_KERNEL) || defined(KERNEL)
struct uio; struct buf; struct vattr; struct nameidata; /* XXX */
/*
* Socket errors ignored for connectionless sockets?
* For now, ignore them all
*/
#define NFSIGNORE_SOERROR(s, e) \
((e) != EINTR && (e) != ERESTART && (e) != EWOULDBLOCK && \
((s) & PR_CONNREQUIRED) == 0)
/*
* This structure holds socket information for a connection. Used by the
* client and the server for callbacks.
*/
struct nfssockreq {
NFSSOCKADDR_T nr_nam;
int nr_sotype;
int nr_soproto;
int nr_soflags;
struct ucred *nr_cred;
int nr_lock;
NFSMUTEX_T nr_mtx;
u_int32_t nr_prog;
u_int32_t nr_vers;
struct __rpc_client *nr_client;
AUTH *nr_auth;
};
/*
* And associated nr_lock bits.
*/
#define NFSR_SNDLOCK 0x01
#define NFSR_WANTSND 0x02
#define NFSR_RCVLOCK 0x04
#define NFSR_WANTRCV 0x08
#define NFSR_RESERVEDPORT 0x10
#define NFSR_LOCALHOST 0x20
/*
* Queue head for nfsreq's
*/
TAILQ_HEAD(nfsreqhead, nfsreq);
/* This is the only nfsreq R_xxx flag still used. */
#define R_DONTRECOVER 0x00000100 /* don't initiate recovery when this
rpc gets a stale state reply */
/*
* Network address hash list element
*/
union nethostaddr {
struct in_addr had_inet;
struct in6_addr had_inet6;
};
/*
* Structure of list of mechanisms.
*/
struct nfsgss_mechlist {
int len;
const u_char *str;
int totlen;
};
#define KERBV_MECH 0 /* position in list */
/*
* This structure is used by the server for describing each request.
*/
struct nfsrv_descript {
mbuf_t nd_mrep; /* Request mbuf list */
mbuf_t nd_md; /* Current dissect mbuf */
mbuf_t nd_mreq; /* Reply mbuf list */
mbuf_t nd_mb; /* Current build mbuf */
NFSSOCKADDR_T nd_nam; /* and socket addr */
NFSSOCKADDR_T nd_nam2; /* return socket addr */
caddr_t nd_dpos; /* Current dissect pos */
int nd_dextpg; /* Current ext_pgs page */
int nd_dextpgsiz; /* Bytes left in page */
caddr_t nd_bpos; /* Current build pos */
int nd_bextpg; /* Current ext_pgs page */
int nd_bextpgsiz; /* Bytes left in page */
int nd_maxextsiz; /* Max ext_pgs mbuf size */
u_int64_t nd_flag; /* nd_flag */
u_int16_t nd_procnum; /* RPC # */
u_int32_t nd_repstat; /* Reply status */
int *nd_errp; /* Pointer to ret status */
u_int32_t nd_retxid; /* Reply xid */
struct nfsrvcache *nd_rp; /* Assoc. cache entry */
fhandle_t nd_fh; /* File handle */
struct ucred *nd_cred; /* Credentials */
uid_t nd_saveduid; /* Saved uid */
u_int64_t nd_sockref; /* Rcv socket ref# */
u_int64_t nd_compref; /* Compound RPC ref# */
time_t nd_tcpconntime; /* Time TCP connection est. */
nfsquad_t nd_clientid; /* Implied clientid */
int nd_gssnamelen; /* principal name length */
char *nd_gssname; /* principal name */
uint32_t *nd_slotseq; /* ptr to slot seq# in req */
uint8_t nd_sessionid[NFSX_V4SESSIONID]; /* Session id */
uint32_t nd_slotid; /* Slotid for this RPC */
SVCXPRT *nd_xprt; /* Server RPC handle */
uint32_t *nd_sequence; /* Sequence Op. ptr */
nfsv4stateid_t nd_curstateid; /* Current StateID */
nfsv4stateid_t nd_savedcurstateid; /* Saved Current StateID */
uint32_t nd_maxreq; /* Max. request (session). */
uint32_t nd_maxresp; /* Max. reply (session). */
};
#define nd_princlen nd_gssnamelen
#define nd_principal nd_gssname
/* Bits for "nd_flag" */
#define ND_DONTSAVEREPLY 0x00000001
#define ND_SAVEREPLY 0x00000002
#define ND_NFSV2 0x00000004
#define ND_NFSV3 0x00000008
#define ND_NFSV4 0x00000010
#define ND_KERBV 0x00000020
#define ND_GSSINTEGRITY 0x00000040
#define ND_GSSPRIVACY 0x00000080
#define ND_WINDOWVERF 0x00000100
#define ND_GSSINITREPLY 0x00000200
#define ND_STREAMSOCK 0x00000400
#define ND_PUBLOOKUP 0x00000800
#define ND_USEGSSNAME 0x00001000
#define ND_SAMETCPCONN 0x00002000
#define ND_IMPLIEDCLID 0x00004000
#define ND_NOMOREDATA 0x00008000
#define ND_V4WCCATTR 0x00010000
#define ND_NFSCB 0x00020000
#define ND_AUTHNONE 0x00040000
#define ND_EXAUTHSYS 0x00080000
#define ND_EXGSS 0x00100000
#define ND_EXGSSINTEGRITY 0x00200000
#define ND_EXGSSPRIVACY 0x00400000
#define ND_INCRSEQID 0x00800000
#define ND_NFSCL 0x01000000
#define ND_NFSV41 0x02000000
#define ND_HASSEQUENCE 0x04000000
#define ND_CACHETHIS 0x08000000
#define ND_LASTOP 0x10000000
#define ND_LOOPBADSESS 0x20000000
#define ND_DSSERVER 0x40000000
#define ND_CURSTATEID 0x80000000
#define ND_SAVEDCURSTATEID 0x100000000
#define ND_HASSLOTID 0x200000000
#define ND_NFSV42 0x400000000
#define ND_NOMAP 0x800000000
#define ND_TLS 0x1000000000
#define ND_TLSCERT 0x2000000000
-#define ND_TLSCNUSER 0x4000000000
+#define ND_TLSCERTUSER 0x4000000000
#define ND_EXTLS 0x8000000000
#define ND_EXTLSCERT 0x10000000000
-#define ND_EXTLSCNUSER 0x20000000000
+#define ND_EXTLSCERTUSER 0x20000000000
/*
* ND_GSS should be the "or" of all GSS type authentications.
*/
#define ND_GSS (ND_KERBV)
struct nfsv4_opflag {
int retfh;
int needscfh;
int savereply;
int modifyfs;
int lktype;
int needsseq;
int loopbadsess;
};
/*
* Flags used to indicate what to do w.r.t. seqid checking.
*/
#define NFSRVSEQID_FIRST 0x01
#define NFSRVSEQID_LAST 0x02
#define NFSRVSEQID_OPEN 0x04
/*
* assign a doubly linked list to a new head
* and prepend one list into another.
*/
#define LIST_NEWHEAD(nhead, ohead, field) do { \
if (((nhead)->lh_first = (ohead)->lh_first) != NULL) \
(ohead)->lh_first->field.le_prev = &(nhead)->lh_first; \
(ohead)->lh_first = NULL; \
} while (0)
#define LIST_PREPEND(head, phead, lelm, field) do { \
if ((head)->lh_first != NULL) { \
(lelm)->field.le_next = (head)->lh_first; \
(lelm)->field.le_next->field.le_prev = \
&(lelm)->field.le_next; \
} \
(head)->lh_first = (phead)->lh_first; \
(head)->lh_first->field.le_prev = &(head)->lh_first; \
} while (0)
/*
* File handle structure for client. Malloc'd to the correct length with
* malloc type M_NFSFH.
*/
struct nfsfh {
u_int16_t nfh_len; /* Length of file handle */
u_int8_t nfh_fh[1]; /* and the file handle */
};
/*
* File handle structure for server. The NFSRV_MAXFH constant is
* set in nfsdport.h. I use a 32bit length, so that alignment is
* preserved.
*/
struct nfsrvfh {
u_int32_t nfsrvfh_len;
u_int8_t nfsrvfh_data[NFSRV_MAXFH];
};
/*
* This structure is used for sleep locks on the NFSv4 nfsd threads and
* NFSv4 client data structures.
*/
struct nfsv4lock {
u_int32_t nfslock_usecnt;
u_int8_t nfslock_lock;
};
#define NFSV4LOCK_LOCK 0x01
#define NFSV4LOCK_LOCKWANTED 0x02
#define NFSV4LOCK_WANTED 0x04
/*
* Values for the override argument for nfsvno_accchk().
*/
#define NFSACCCHK_NOOVERRIDE 0
#define NFSACCCHK_ALLOWROOT 1
#define NFSACCCHK_ALLOWOWNER 2
/*
* and values for the vpislocked argument for nfsvno_accchk().
*/
#define NFSACCCHK_VPNOTLOCKED 0
#define NFSACCCHK_VPISLOCKED 1
/*
* Slot for the NFSv4.1 Sequence Op.
*/
struct nfsslot {
int nfssl_inprog;
uint32_t nfssl_seq;
struct mbuf *nfssl_reply;
};
/* Enumerated type for nfsuserd state. */
typedef enum { NOTRUNNING=0, STARTSTOP=1, RUNNING=2 } nfsuserd_state;
#endif /* _KERNEL */
#endif /* _NFS_NFS_H */
Index: projects/nfs-over-tls/sys/fs/nfs/nfsdport.h
===================================================================
--- projects/nfs-over-tls/sys/fs/nfs/nfsdport.h (revision 359683)
+++ projects/nfs-over-tls/sys/fs/nfs/nfsdport.h (revision 359684)
@@ -1,128 +1,128 @@
/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2009 Rick Macklem, University of Guelph
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
/*
* These macros handle nfsvattr fields. They look a bit silly here, but
* are quite different for the Darwin port.
*/
#define NFSVNO_ATTRINIT(n) (VATTR_NULL(&((n)->na_vattr)))
#define NFSVNO_SETATTRVAL(n, f, v) ((n)->na_##f = (v))
#define NFSVNO_SETACTIVE(n, f)
#define NFSVNO_UNSET(n, f) ((n)->na_##f = VNOVAL)
#define NFSVNO_NOTSETMODE(n) ((n)->na_mode == ((mode_t)VNOVAL))
#define NFSVNO_ISSETMODE(n) ((n)->na_mode != ((mode_t)VNOVAL))
#define NFSVNO_NOTSETUID(n) ((n)->na_uid == ((uid_t)VNOVAL))
#define NFSVNO_ISSETUID(n) ((n)->na_uid != ((uid_t)VNOVAL))
#define NFSVNO_NOTSETGID(n) ((n)->na_gid == ((gid_t)VNOVAL))
#define NFSVNO_ISSETGID(n) ((n)->na_gid != ((gid_t)VNOVAL))
#define NFSVNO_NOTSETSIZE(n) ((n)->na_size == VNOVAL)
#define NFSVNO_ISSETSIZE(n) ((n)->na_size != VNOVAL)
#define NFSVNO_NOTSETATIME(n) ((n)->na_atime.tv_sec == VNOVAL)
#define NFSVNO_ISSETATIME(n) ((n)->na_atime.tv_sec != VNOVAL)
#define NFSVNO_NOTSETMTIME(n) ((n)->na_mtime.tv_sec == VNOVAL)
#define NFSVNO_ISSETMTIME(n) ((n)->na_mtime.tv_sec != VNOVAL)
/*
* This structure acts as a "catch-all" for information that
* needs to be returned by nfsd_fhtovp().
*/
struct nfsexstuff {
int nes_exflag; /* export flags */
int nes_numsecflavor; /* # of security flavors */
int nes_secflavors[MAXSECFLAVORS]; /* and the flavors */
};
/*
* These are NO-OPS for BSD until Isilon upstreams EXITCODE support.
* EXITCODE is an in-memory ring buffer that holds the routines failing status.
* This is a valuable tool to use when debugging and analyzing issues.
* In addition to recording a routine's failing status, it offers
* logging of routines for call stack tracing.
* EXITCODE should be used only in routines that return a true errno value, as
* that value will be formatted to a displayable errno string. Routines that
* return regular int status that are not true errno should not set EXITCODE.
* If you want to log routine tracing, you can add EXITCODE(0) to any routine.
* NFS extended the EXITCODE with EXITCODE2 to record either the routine's
* exit errno status or the nd_repstat.
*/
#define NFSEXITCODE(error)
#define NFSEXITCODE2(error, nd)
#define NFSVNO_EXINIT(e) ((e)->nes_exflag = 0)
#define NFSVNO_EXPORTED(e) ((e)->nes_exflag & MNT_EXPORTED)
#define NFSVNO_EXRDONLY(e) ((e)->nes_exflag & MNT_EXRDONLY)
#define NFSVNO_EXPORTANON(e) ((e)->nes_exflag & MNT_EXPORTANON)
#define NFSVNO_EXSTRICTACCESS(e) ((e)->nes_exflag & MNT_EXSTRICTACCESS)
#define NFSVNO_EXV4ONLY(e) ((e)->nes_exflag & MNT_EXV4ONLY)
#define NFSVNO_EXTLS(e) ((e)->nes_exflag & MNTEX_TLS)
#define NFSVNO_EXTLSCERT(e) ((e)->nes_exflag & MNTEX_TLSCERT)
-#define NFSVNO_EXTLSCNUSER(e) ((e)->nes_exflag & MNTEX_TLSCNUSER)
+#define NFSVNO_EXTLSCERTUSER(e) ((e)->nes_exflag & MNTEX_TLSCERTUSER)
#define NFSVNO_SETEXRDONLY(e) ((e)->nes_exflag = (MNT_EXPORTED|MNT_EXRDONLY))
#define NFSVNO_CMPFH(f1, f2) \
((f1)->fh_fsid.val[0] == (f2)->fh_fsid.val[0] && \
(f1)->fh_fsid.val[1] == (f2)->fh_fsid.val[1] && \
bcmp(&(f1)->fh_fid, &(f2)->fh_fid, sizeof(struct fid)) == 0)
#define NFSLOCKHASH(f) \
(&nfslockhash[nfsrv_hashfh(f) % nfsrv_lockhashsize])
#define NFSFPVNODE(f) ((struct vnode *)((f)->f_data))
#define NFSFPCRED(f) ((f)->f_cred)
#define NFSFPFLAG(f) ((f)->f_flag)
#define NFSNAMEICNDSET(n, c, o, f) do { \
(n)->cn_cred = (c); \
(n)->cn_nameiop = (o); \
(n)->cn_flags = (f); \
} while (0)
/*
* A little bit of Darwin vfs kpi.
*/
#define vnode_mount(v) ((v)->v_mount)
#define vfs_statfs(m) (&((m)->mnt_stat))
#define NFSPATHLEN_T size_t
/*
* These are set to the minimum and maximum size of a server file
* handle.
*/
#define NFSRV_MINFH (sizeof (fhandle_t))
#define NFSRV_MAXFH (sizeof (fhandle_t))
/* Use this macro for debug printfs. */
#define NFSD_DEBUG(level, ...) do { \
if (nfsd_debuglevel >= (level)) \
printf(__VA_ARGS__); \
} while (0)
Index: projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdkrpc.c
===================================================================
--- projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdkrpc.c (revision 359683)
+++ projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdkrpc.c (revision 359684)
@@ -1,614 +1,614 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Rick Macklem at The University of Guelph.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include "opt_inet6.h"
#include "opt_kgssapi.h"
#include "opt_kern_tls.h"
#include <fs/nfs/nfsport.h>
#include <rpc/rpc.h>
#include <rpc/rpcsec_gss.h>
#include <rpc/rpcsec_tls.h>
#include <fs/nfsserver/nfs_fha_new.h>
#include <security/mac/mac_framework.h>
NFSDLOCKMUTEX;
NFSV4ROOTLOCKMUTEX;
struct nfsv4lock nfsd_suspend_lock;
char *nfsrv_zeropnfsdat = NULL;
/*
* Mapping of old NFS Version 2 RPC numbers to generic numbers.
*/
int newnfs_nfsv3_procid[NFS_V3NPROCS] = {
NFSPROC_NULL,
NFSPROC_GETATTR,
NFSPROC_SETATTR,
NFSPROC_NOOP,
NFSPROC_LOOKUP,
NFSPROC_READLINK,
NFSPROC_READ,
NFSPROC_NOOP,
NFSPROC_WRITE,
NFSPROC_CREATE,
NFSPROC_REMOVE,
NFSPROC_RENAME,
NFSPROC_LINK,
NFSPROC_SYMLINK,
NFSPROC_MKDIR,
NFSPROC_RMDIR,
NFSPROC_READDIR,
NFSPROC_FSSTAT,
NFSPROC_NOOP,
NFSPROC_NOOP,
NFSPROC_NOOP,
NFSPROC_NOOP,
};
SYSCTL_DECL(_vfs_nfsd);
SVCPOOL *nfsrvd_pool;
static int nfs_privport = 0;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, nfs_privport, CTLFLAG_RWTUN,
&nfs_privport, 0,
"Only allow clients using a privileged port for NFSv2, 3 and 4");
static int nfs_minvers = NFS_VER2;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, server_min_nfsvers, CTLFLAG_RWTUN,
&nfs_minvers, 0, "The lowest version of NFS handled by the server");
static int nfs_maxvers = NFS_VER4;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, server_max_nfsvers, CTLFLAG_RWTUN,
&nfs_maxvers, 0, "The highest version of NFS handled by the server");
static int nfs_proc(struct nfsrv_descript *, u_int32_t, SVCXPRT *xprt,
struct nfsrvcache **);
extern u_long sb_max_adj;
extern int newnfs_numnfsd;
extern struct proc *nfsd_master_proc;
extern time_t nfsdev_time;
extern int nfsrv_writerpc[NFS_NPROCS];
extern volatile int nfsrv_devidcnt;
extern struct nfsv4_opflag nfsv4_opflag[NFSV42_NOPS];
#ifdef KERN_TLS
extern u_int ktls_maxlen;
#endif
/*
* NFS server system calls
*/
static void
nfssvc_program(struct svc_req *rqst, SVCXPRT *xprt)
{
struct nfsrv_descript nd;
struct nfsrvcache *rp = NULL;
int cacherep, credflavor;
memset(&nd, 0, sizeof(nd));
if (rqst->rq_vers == NFS_VER2) {
if (rqst->rq_proc > NFSV2PROC_STATFS ||
newnfs_nfsv3_procid[rqst->rq_proc] == NFSPROC_NOOP) {
svcerr_noproc(rqst);
svc_freereq(rqst);
goto out;
}
nd.nd_procnum = newnfs_nfsv3_procid[rqst->rq_proc];
nd.nd_flag = ND_NFSV2;
} else if (rqst->rq_vers == NFS_VER3) {
if (rqst->rq_proc >= NFS_V3NPROCS) {
svcerr_noproc(rqst);
svc_freereq(rqst);
goto out;
}
nd.nd_procnum = rqst->rq_proc;
nd.nd_flag = ND_NFSV3;
} else {
if (rqst->rq_proc != NFSPROC_NULL &&
rqst->rq_proc != NFSV4PROC_COMPOUND) {
svcerr_noproc(rqst);
svc_freereq(rqst);
goto out;
}
nd.nd_procnum = rqst->rq_proc;
nd.nd_flag = ND_NFSV4;
}
/*
* Note: we want rq_addr, not svc_getrpccaller for nd_nam2 -
* NFS_SRVMAXDATA uses a NULL value for nd_nam2 to detect TCP
* mounts.
*/
nd.nd_mrep = rqst->rq_args;
rqst->rq_args = NULL;
newnfs_realign(&nd.nd_mrep, M_WAITOK);
nd.nd_md = nd.nd_mrep;
nfsm_set(&nd, rqst->rq_xprt->xp_mbufoffs, false);
nd.nd_nam = svc_getrpccaller(rqst);
nd.nd_nam2 = rqst->rq_addr;
nd.nd_mreq = NULL;
nd.nd_cred = NULL;
if (nfs_privport != 0) {
/* Check if source port is privileged */
u_short port;
struct sockaddr *nam = nd.nd_nam;
struct sockaddr_in *sin;
sin = (struct sockaddr_in *)nam;
/*
* INET/INET6 - same code:
* sin_port and sin6_port are at same offset
*/
port = ntohs(sin->sin_port);
if (port >= IPPORT_RESERVED &&
nd.nd_procnum != NFSPROC_NULL) {
#ifdef INET6
char buf[INET6_ADDRSTRLEN];
#else
char buf[INET_ADDRSTRLEN];
#endif
#ifdef INET6
#if defined(KLD_MODULE)
/* Do not use ip6_sprintf: the nfs module should work without INET6. */
#define ip6_sprintf(buf, a) \
(sprintf((buf), "%x:%x:%x:%x:%x:%x:%x:%x", \
(a)->s6_addr16[0], (a)->s6_addr16[1], \
(a)->s6_addr16[2], (a)->s6_addr16[3], \
(a)->s6_addr16[4], (a)->s6_addr16[5], \
(a)->s6_addr16[6], (a)->s6_addr16[7]), \
(buf))
#endif
#endif
printf("NFS request from unprivileged port (%s:%d)\n",
#ifdef INET6
sin->sin_family == AF_INET6 ?
ip6_sprintf(buf, &satosin6(sin)->sin6_addr) :
#if defined(KLD_MODULE)
#undef ip6_sprintf
#endif
#endif
inet_ntoa_r(sin->sin_addr, buf), port);
svcerr_weakauth(rqst);
svc_freereq(rqst);
m_freem(nd.nd_mrep);
goto out;
}
}
if (nd.nd_procnum != NFSPROC_NULL) {
if (!svc_getcred(rqst, &nd.nd_cred, &credflavor)) {
svcerr_weakauth(rqst);
svc_freereq(rqst);
m_freem(nd.nd_mrep);
goto out;
}
/* Set the flag based on credflavor */
if (credflavor == RPCSEC_GSS_KRB5) {
nd.nd_flag |= ND_GSS;
} else if (credflavor == RPCSEC_GSS_KRB5I) {
nd.nd_flag |= (ND_GSS | ND_GSSINTEGRITY);
} else if (credflavor == RPCSEC_GSS_KRB5P) {
nd.nd_flag |= (ND_GSS | ND_GSSPRIVACY);
} else if (credflavor != AUTH_SYS) {
svcerr_weakauth(rqst);
svc_freereq(rqst);
m_freem(nd.nd_mrep);
goto out;
}
if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) {
nd.nd_flag |= ND_TLS;
if ((xprt->xp_tls & RPCTLS_FLAGS_VERIFIED) != 0)
nd.nd_flag |= ND_TLSCERT;
- if ((xprt->xp_tls & RPCTLS_FLAGS_CNUSER) != 0)
- nd.nd_flag |= ND_TLSCNUSER;
+ if ((xprt->xp_tls & RPCTLS_FLAGS_CERTUSER) != 0)
+ nd.nd_flag |= ND_TLSCERTUSER;
}
nd.nd_maxextsiz = 16384;
#ifdef MAC
mac_cred_associate_nfsd(nd.nd_cred);
#endif
/*
* Get a refcnt (shared lock) on nfsd_suspend_lock.
* NFSSVC_SUSPENDNFSD will take an exclusive lock on
* nfsd_suspend_lock to suspend these threads.
* The call to nfsv4_lock() that precedes nfsv4_getref()
* ensures that the acquisition of the exclusive lock
* takes priority over acquisition of the shared lock by
* waiting for any exclusive lock request to complete.
* This must be done here, before the check of
* nfsv4root exports by nfsvno_v4rootexport().
*/
NFSLOCKV4ROOTMUTEX();
nfsv4_lock(&nfsd_suspend_lock, 0, NULL, NFSV4ROOTLOCKMUTEXPTR,
NULL);
nfsv4_getref(&nfsd_suspend_lock, NULL, NFSV4ROOTLOCKMUTEXPTR,
NULL);
NFSUNLOCKV4ROOTMUTEX();
if ((nd.nd_flag & ND_NFSV4) != 0) {
nd.nd_repstat = nfsvno_v4rootexport(&nd);
if (nd.nd_repstat != 0) {
NFSLOCKV4ROOTMUTEX();
nfsv4_relref(&nfsd_suspend_lock);
NFSUNLOCKV4ROOTMUTEX();
svcerr_weakauth(rqst);
svc_freereq(rqst);
m_freem(nd.nd_mrep);
goto out;
}
}
#ifdef KERN_TLS
if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0)
nd.nd_maxextsiz = min(TLS_MAX_MSG_SIZE_V10_2,
ktls_maxlen);
#endif
cacherep = nfs_proc(&nd, rqst->rq_xid, xprt, &rp);
NFSLOCKV4ROOTMUTEX();
nfsv4_relref(&nfsd_suspend_lock);
NFSUNLOCKV4ROOTMUTEX();
} else {
NFSMGET(nd.nd_mreq);
nd.nd_mreq->m_len = 0;
cacherep = RC_REPLY;
}
if (nd.nd_mrep != NULL)
m_freem(nd.nd_mrep);
if (nd.nd_cred != NULL)
crfree(nd.nd_cred);
if (cacherep == RC_DROPIT) {
if (nd.nd_mreq != NULL)
m_freem(nd.nd_mreq);
svc_freereq(rqst);
goto out;
}
if (nd.nd_mreq == NULL) {
svcerr_decode(rqst);
svc_freereq(rqst);
goto out;
}
if (nd.nd_repstat & NFSERR_AUTHERR) {
svcerr_auth(rqst, nd.nd_repstat & ~NFSERR_AUTHERR);
if (nd.nd_mreq != NULL)
m_freem(nd.nd_mreq);
} else if (!svc_sendreply_mbuf(rqst, nd.nd_mreq)) {
svcerr_systemerr(rqst);
}
if (rp != NULL) {
nfsrvd_sentcache(rp, (rqst->rq_reply_seq != 0 ||
SVC_ACK(xprt, NULL)), rqst->rq_reply_seq);
}
svc_freereq(rqst);
out:
td_softdep_cleanup(curthread);
NFSEXITCODE(0);
}
/*
* Check the cache and, optionally, do the RPC.
* Return the appropriate cache response.
*/
static int
nfs_proc(struct nfsrv_descript *nd, u_int32_t xid, SVCXPRT *xprt,
struct nfsrvcache **rpp)
{
int cacherep = RC_DOIT, isdgram, taglen = -1;
struct mbuf *m;
u_char tag[NFSV4_SMALLSTR + 1], *tagstr = NULL;
u_int32_t minorvers = 0;
uint32_t ack;
*rpp = NULL;
if (nd->nd_nam2 == NULL) {
nd->nd_flag |= ND_STREAMSOCK;
isdgram = 0;
} else {
isdgram = 1;
}
/*
* Two cases:
* 1 - For NFSv2 over UDP, if we are near our malloc/mget
* limit, just drop the request. There is no
* NFSERR_RESOURCE or NFSERR_DELAY for NFSv2 and the
* client will timeout/retry over UDP in a little while.
* 2 - nd_repstat == 0 && nd_mreq == NULL, which
* means a normal nfs rpc, so check the cache
*/
if ((nd->nd_flag & ND_NFSV2) && nd->nd_nam2 != NULL &&
nfsrv_mallocmget_limit()) {
cacherep = RC_DROPIT;
} else {
/*
* For NFSv3, play it safe and assume that the client is
* doing retries on the same TCP connection.
*/
if ((nd->nd_flag & (ND_NFSV4 | ND_STREAMSOCK)) ==
ND_STREAMSOCK)
nd->nd_flag |= ND_SAMETCPCONN;
nd->nd_retxid = xid;
nd->nd_tcpconntime = NFSD_MONOSEC;
nd->nd_sockref = xprt->xp_sockref;
if ((nd->nd_flag & ND_NFSV4) != 0)
nfsd_getminorvers(nd, tag, &tagstr, &taglen,
&minorvers);
if ((nd->nd_flag & ND_NFSV41) != 0)
/* NFSv4.1 caches replies in the session slots. */
cacherep = RC_DOIT;
else {
cacherep = nfsrvd_getcache(nd);
ack = 0;
SVC_ACK(xprt, &ack);
nfsrc_trimcache(xprt->xp_sockref, ack, 0);
}
}
/*
* Handle the request. There are three cases.
* RC_DOIT - do the RPC
* RC_REPLY - return the reply already created
* RC_DROPIT - just throw the request away
*/
if (cacherep == RC_DOIT) {
if ((nd->nd_flag & ND_NFSV41) != 0)
nd->nd_xprt = xprt;
nfsrvd_dorpc(nd, isdgram, tagstr, taglen, minorvers);
if ((nd->nd_flag & ND_NFSV41) != 0) {
if (nd->nd_repstat != NFSERR_REPLYFROMCACHE &&
(nd->nd_flag & ND_SAVEREPLY) != 0) {
/* Cache a copy of the reply. */
m = m_copym(nd->nd_mreq, 0, M_COPYALL,
M_WAITOK);
} else
m = NULL;
if ((nd->nd_flag & ND_HASSEQUENCE) != 0)
nfsrv_cache_session(nd->nd_sessionid,
nd->nd_slotid, nd->nd_repstat, &m);
if (nd->nd_repstat == NFSERR_REPLYFROMCACHE)
nd->nd_repstat = 0;
cacherep = RC_REPLY;
} else {
if (nd->nd_repstat == NFSERR_DONTREPLY)
cacherep = RC_DROPIT;
else
cacherep = RC_REPLY;
*rpp = nfsrvd_updatecache(nd);
}
}
if (tagstr != NULL && taglen > NFSV4_SMALLSTR)
free(tagstr, M_TEMP);
NFSEXITCODE2(0, nd);
return (cacherep);
}
static void
nfssvc_loss(SVCXPRT *xprt)
{
uint32_t ack;
ack = 0;
SVC_ACK(xprt, &ack);
nfsrc_trimcache(xprt->xp_sockref, ack, 1);
}
/*
* Adds a socket to the list for servicing by nfsds.
*/
int
nfsrvd_addsock(struct file *fp)
{
int siz;
struct socket *so;
int error = 0;
SVCXPRT *xprt;
static u_int64_t sockref = 0;
so = fp->f_data;
siz = sb_max_adj;
error = soreserve(so, siz, siz);
if (error)
goto out;
/*
* Steal the socket from userland so that it doesn't close
* unexpectedly.
*/
if (so->so_type == SOCK_DGRAM)
xprt = svc_dg_create(nfsrvd_pool, so, 0, 0);
else
xprt = svc_vc_create(nfsrvd_pool, so, 0, 0);
if (xprt) {
fp->f_ops = &badfileops;
fp->f_data = NULL;
xprt->xp_sockref = ++sockref;
if (nfs_minvers == NFS_VER2)
svc_reg(xprt, NFS_PROG, NFS_VER2, nfssvc_program,
NULL);
if (nfs_minvers <= NFS_VER3 && nfs_maxvers >= NFS_VER3)
svc_reg(xprt, NFS_PROG, NFS_VER3, nfssvc_program,
NULL);
if (nfs_maxvers >= NFS_VER4)
svc_reg(xprt, NFS_PROG, NFS_VER4, nfssvc_program,
NULL);
if (so->so_type == SOCK_STREAM)
svc_loss_reg(xprt, nfssvc_loss);
SVC_RELEASE(xprt);
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* Called by nfssvc() for nfsds. Just loops around servicing rpc requests
* until it is killed by a signal.
*/
int
nfsrvd_nfsd(struct thread *td, struct nfsd_nfsd_args *args)
{
char principal[MAXHOSTNAMELEN + 5];
struct proc *p;
int error = 0;
bool_t ret2, ret3, ret4;
error = copyinstr(args->principal, principal, sizeof (principal),
NULL);
if (error)
goto out;
/*
* Only the first nfsd actually does any work. The RPC code
* adds threads to it as needed. Any extra processes offered
* by nfsd just exit. If nfsd is new enough, it will call us
* once with a structure that specifies how many threads to
* use.
*/
NFSD_LOCK();
if (newnfs_numnfsd == 0) {
nfsdev_time = time_second;
p = td->td_proc;
PROC_LOCK(p);
p->p_flag2 |= P2_AST_SU;
PROC_UNLOCK(p);
newnfs_numnfsd++;
NFSD_UNLOCK();
error = nfsrv_createdevids(args, td);
if (error == 0) {
/* An empty string implies AUTH_SYS only. */
if (principal[0] != '\0') {
ret2 = rpc_gss_set_svc_name_call(principal,
"kerberosv5", GSS_C_INDEFINITE, NFS_PROG,
NFS_VER2);
ret3 = rpc_gss_set_svc_name_call(principal,
"kerberosv5", GSS_C_INDEFINITE, NFS_PROG,
NFS_VER3);
ret4 = rpc_gss_set_svc_name_call(principal,
"kerberosv5", GSS_C_INDEFINITE, NFS_PROG,
NFS_VER4);
if (!ret2 || !ret3 || !ret4)
printf(
"nfsd: can't register svc name\n");
}
nfsrvd_pool->sp_minthreads = args->minthreads;
nfsrvd_pool->sp_maxthreads = args->maxthreads;
/*
* If this is a pNFS service, make Getattr do a
* vn_start_write(), so it can do a vn_set_extattr().
*/
if (nfsrv_devidcnt > 0) {
nfsrv_writerpc[NFSPROC_GETATTR] = 1;
nfsv4_opflag[NFSV4OP_GETATTR].modifyfs = 1;
}
svc_run(nfsrvd_pool);
/* Reset Getattr to not do a vn_start_write(). */
nfsrv_writerpc[NFSPROC_GETATTR] = 0;
nfsv4_opflag[NFSV4OP_GETATTR].modifyfs = 0;
if (principal[0] != '\0') {
rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER2);
rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER3);
rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER4);
}
}
NFSD_LOCK();
newnfs_numnfsd--;
nfsrvd_init(1);
PROC_LOCK(p);
p->p_flag2 &= ~P2_AST_SU;
PROC_UNLOCK(p);
}
NFSD_UNLOCK();
out:
NFSEXITCODE(error);
return (error);
}
/*
* Initialize the data structures for the server.
* Handshake with any new nfsds starting up to avoid any chance of
* corruption.
*/
void
nfsrvd_init(int terminating)
{
NFSD_LOCK_ASSERT();
if (terminating) {
nfsd_master_proc = NULL;
NFSD_UNLOCK();
nfsrv_freealllayoutsanddevids();
nfsrv_freeallbackchannel_xprts();
svcpool_close(nfsrvd_pool);
free(nfsrv_zeropnfsdat, M_TEMP);
nfsrv_zeropnfsdat = NULL;
NFSD_LOCK();
} else {
NFSD_UNLOCK();
nfsrvd_pool = svcpool_create("nfsd",
SYSCTL_STATIC_CHILDREN(_vfs_nfsd));
nfsrvd_pool->sp_rcache = NULL;
nfsrvd_pool->sp_assign = fhanew_assign;
nfsrvd_pool->sp_done = fhanew_nd_complete;
NFSD_LOCK();
}
}
Index: projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdport.c
===================================================================
--- projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdport.c (revision 359683)
+++ projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdport.c (revision 359684)
@@ -1,6728 +1,6728 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Rick Macklem at The University of Guelph.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/capsicum.h>
#include <sys/extattr.h>
/*
* Functions that perform the vfs operations required by the routines in
* nfsd_serv.c. It is hoped that this change will make the server more
* portable.
*/
#include <fs/nfs/nfsport.h>
#include <security/mac/mac_framework.h>
#include <sys/filio.h>
#include <sys/hash.h>
#include <sys/sysctl.h>
#include <nlm/nlm_prot.h>
#include <nlm/nlm.h>
#include <rpc/rpcsec_tls.h>
FEATURE(nfsd, "NFSv4 server");
extern u_int32_t newnfs_true, newnfs_false, newnfs_xdrneg1;
extern int nfsrv_useacl;
extern int newnfs_numnfsd;
extern struct mount nfsv4root_mnt;
extern struct nfsrv_stablefirst nfsrv_stablefirst;
extern void (*nfsd_call_servertimer)(void);
extern SVCPOOL *nfsrvd_pool;
extern struct nfsv4lock nfsd_suspend_lock;
extern struct nfsclienthashhead *nfsclienthash;
extern struct nfslockhashhead *nfslockhash;
extern struct nfssessionhash *nfssessionhash;
extern int nfsrv_sessionhashsize;
extern struct nfsstatsv1 nfsstatsv1;
extern struct nfslayouthash *nfslayouthash;
extern int nfsrv_layouthashsize;
extern struct mtx nfsrv_dslock_mtx;
extern int nfs_pnfsiothreads;
extern struct nfsdontlisthead nfsrv_dontlisthead;
extern volatile int nfsrv_dontlistlen;
extern volatile int nfsrv_devidcnt;
extern int nfsrv_maxpnfsmirror;
extern bool nfs_use_ext_pgs;
struct vfsoptlist nfsv4root_opt, nfsv4root_newopt;
NFSDLOCKMUTEX;
NFSSTATESPINLOCK;
struct nfsrchash_bucket nfsrchash_table[NFSRVCACHE_HASHSIZE];
struct nfsrchash_bucket nfsrcahash_table[NFSRVCACHE_HASHSIZE];
struct mtx nfsrc_udpmtx;
struct mtx nfs_v4root_mutex;
struct mtx nfsrv_dontlistlock_mtx;
struct mtx nfsrv_recalllock_mtx;
struct nfsrvfh nfs_rootfh, nfs_pubfh;
int nfs_pubfhset = 0, nfs_rootfhset = 0;
struct proc *nfsd_master_proc = NULL;
int nfsd_debuglevel = 0;
static pid_t nfsd_master_pid = (pid_t)-1;
static char nfsd_master_comm[MAXCOMLEN + 1];
static struct timeval nfsd_master_start;
static uint32_t nfsv4_sysid = 0;
static fhandle_t zerofh;
static int nfssvc_srvcall(struct thread *, struct nfssvc_args *,
struct ucred *);
int nfsrv_enable_crossmntpt = 1;
static int nfs_commit_blks;
static int nfs_commit_miss;
extern int nfsrv_issuedelegs;
extern int nfsrv_dolocallocks;
extern int nfsd_enable_stringtouid;
extern struct nfsdevicehead nfsrv_devidhead;
static int nfsrv_createiovec(int, struct mbuf **, struct mbuf **,
struct iovec **);
static int nfsrv_createiovec_extpgs(int, int, struct mbuf **,
struct mbuf **, struct iovec **);
static int nfsrv_createiovecw(int, struct mbuf *, char *, struct iovec **,
int *);
static int nfsrv_createiovecw_extpgs(int, struct mbuf *, char *, int,
int, struct iovec **, int *);
static void nfsrv_pnfscreate(struct vnode *, struct vattr *, struct ucred *,
NFSPROC_T *);
static void nfsrv_pnfsremovesetup(struct vnode *, NFSPROC_T *, struct vnode **,
int *, char *, fhandle_t *);
static void nfsrv_pnfsremove(struct vnode **, int, char *, fhandle_t *,
NFSPROC_T *);
static int nfsrv_proxyds(struct vnode *, off_t, int, struct ucred *,
struct thread *, int, struct mbuf **, struct nfsrv_descript *,
struct mbuf **, struct nfsvattr *, struct acl *, off_t *, int, bool *);
static int nfsrv_setextattr(struct vnode *, struct nfsvattr *, NFSPROC_T *);
static int nfsrv_readdsrpc(fhandle_t *, off_t, int, struct ucred *,
NFSPROC_T *, struct nfsmount *, struct mbuf **, struct mbuf **);
static int nfsrv_writedsrpc(fhandle_t *, off_t, int, struct ucred *,
NFSPROC_T *, struct vnode *, struct nfsmount **, int, struct mbuf **,
struct nfsrv_descript *, int *);
static int nfsrv_allocatedsrpc(fhandle_t *, off_t, off_t, struct ucred *,
NFSPROC_T *, struct vnode *, struct nfsmount **, int, int *);
static int nfsrv_setacldsrpc(fhandle_t *, struct ucred *, NFSPROC_T *,
struct vnode *, struct nfsmount **, int, struct acl *, int *);
static int nfsrv_setattrdsrpc(fhandle_t *, struct ucred *, NFSPROC_T *,
struct vnode *, struct nfsmount **, int, struct nfsvattr *, int *);
static int nfsrv_getattrdsrpc(fhandle_t *, struct ucred *, NFSPROC_T *,
struct vnode *, struct nfsmount *, struct nfsvattr *);
static int nfsrv_seekdsrpc(fhandle_t *, off_t *, int, bool *, struct ucred *,
NFSPROC_T *, struct nfsmount *);
static int nfsrv_putfhname(fhandle_t *, char *);
static int nfsrv_pnfslookupds(struct vnode *, struct vnode *,
struct pnfsdsfile *, struct vnode **, NFSPROC_T *);
static void nfsrv_pnfssetfh(struct vnode *, struct pnfsdsfile *, char *, char *,
struct vnode *, NFSPROC_T *);
static int nfsrv_dsremove(struct vnode *, char *, struct ucred *, NFSPROC_T *);
static int nfsrv_dssetacl(struct vnode *, struct acl *, struct ucred *,
NFSPROC_T *);
static int nfsrv_pnfsstatfs(struct statfs *, struct mount *);
int nfs_pnfsio(task_fn_t *, void *);
SYSCTL_NODE(_vfs, OID_AUTO, nfsd, CTLFLAG_RW, 0, "NFS server");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, mirrormnt, CTLFLAG_RW,
&nfsrv_enable_crossmntpt, 0, "Enable nfsd to cross mount points");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, commit_blks, CTLFLAG_RW, &nfs_commit_blks,
0, "");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, commit_miss, CTLFLAG_RW, &nfs_commit_miss,
0, "");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, issue_delegations, CTLFLAG_RW,
&nfsrv_issuedelegs, 0, "Enable nfsd to issue delegations");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_locallocks, CTLFLAG_RW,
&nfsrv_dolocallocks, 0, "Enable nfsd to acquire local locks on files");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, debuglevel, CTLFLAG_RW, &nfsd_debuglevel,
0, "Debug level for NFS server");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_stringtouid, CTLFLAG_RW,
&nfsd_enable_stringtouid, 0, "Enable nfsd to accept numeric owner_names");
static int nfsrv_pnfsgetdsattr = 1;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, pnfsgetdsattr, CTLFLAG_RW,
&nfsrv_pnfsgetdsattr, 0, "When set getattr gets DS attributes via RPC");
/*
* nfsrv_dsdirsize can only be increased and only when the nfsd threads are
* not running.
* The dsN subdirectories for the increased values must have been created
* on all DS servers before this increase is done.
*/
u_int nfsrv_dsdirsize = 20;
static int
sysctl_dsdirsize(SYSCTL_HANDLER_ARGS)
{
int error, newdsdirsize;
newdsdirsize = nfsrv_dsdirsize;
error = sysctl_handle_int(oidp, &newdsdirsize, 0, req);
if (error != 0 || req->newptr == NULL)
return (error);
if (newdsdirsize <= nfsrv_dsdirsize || newdsdirsize > 10000 ||
newnfs_numnfsd != 0)
return (EINVAL);
nfsrv_dsdirsize = newdsdirsize;
return (0);
}
SYSCTL_PROC(_vfs_nfsd, OID_AUTO, dsdirsize,
CTLTYPE_UINT | CTLFLAG_MPSAFE | CTLFLAG_RW, 0, sizeof(nfsrv_dsdirsize),
sysctl_dsdirsize, "IU", "Number of dsN subdirs on the DS servers");
#define MAX_REORDERED_RPC 16
#define NUM_HEURISTIC 1031
#define NHUSE_INIT 64
#define NHUSE_INC 16
#define NHUSE_MAX 2048
static struct nfsheur {
struct vnode *nh_vp; /* vp to match (unreferenced pointer) */
off_t nh_nextoff; /* next offset for sequential detection */
int nh_use; /* use count for selection */
int nh_seqcount; /* heuristic */
} nfsheur[NUM_HEURISTIC];
/*
* Heuristic to detect sequential operation.
*/
static struct nfsheur *
nfsrv_sequential_heuristic(struct uio *uio, struct vnode *vp)
{
struct nfsheur *nh;
int hi, try;
/* Locate best candidate. */
try = 32;
hi = ((int)(vm_offset_t)vp / sizeof(struct vnode)) % NUM_HEURISTIC;
nh = &nfsheur[hi];
while (try--) {
if (nfsheur[hi].nh_vp == vp) {
nh = &nfsheur[hi];
break;
}
if (nfsheur[hi].nh_use > 0)
--nfsheur[hi].nh_use;
hi = (hi + 1) % NUM_HEURISTIC;
if (nfsheur[hi].nh_use < nh->nh_use)
nh = &nfsheur[hi];
}
/* Initialize hint if this is a new file. */
if (nh->nh_vp != vp) {
nh->nh_vp = vp;
nh->nh_nextoff = uio->uio_offset;
nh->nh_use = NHUSE_INIT;
if (uio->uio_offset == 0)
nh->nh_seqcount = 4;
else
nh->nh_seqcount = 1;
}
/* Calculate heuristic. */
if ((uio->uio_offset == 0 && nh->nh_seqcount > 0) ||
uio->uio_offset == nh->nh_nextoff) {
/* See comments in vfs_vnops.c:sequential_heuristic(). */
nh->nh_seqcount += howmany(uio->uio_resid, 16384);
if (nh->nh_seqcount > IO_SEQMAX)
nh->nh_seqcount = IO_SEQMAX;
} else if (qabs(uio->uio_offset - nh->nh_nextoff) <= MAX_REORDERED_RPC *
imax(vp->v_mount->mnt_stat.f_iosize, uio->uio_resid)) {
/* Probably a reordered RPC, leave seqcount alone. */
} else if (nh->nh_seqcount > 1) {
nh->nh_seqcount /= 2;
} else {
nh->nh_seqcount = 0;
}
nh->nh_use += NHUSE_INC;
if (nh->nh_use > NHUSE_MAX)
nh->nh_use = NHUSE_MAX;
return (nh);
}
/*
* Get attributes into nfsvattr structure.
*/
int
nfsvno_getattr(struct vnode *vp, struct nfsvattr *nvap,
struct nfsrv_descript *nd, struct thread *p, int vpislocked,
nfsattrbit_t *attrbitp)
{
int error, gotattr, lockedit = 0;
struct nfsvattr na;
if (vpislocked == 0) {
/*
* When vpislocked == 0, the vnode is either exclusively
* locked by this thread or not locked by this thread.
* As such, shared lock it, if not exclusively locked.
*/
if (NFSVOPISLOCKED(vp) != LK_EXCLUSIVE) {
lockedit = 1;
NFSVOPLOCK(vp, LK_SHARED | LK_RETRY);
}
}
/*
* Acquire the Change, Size, TimeAccess, TimeModify and SpaceUsed
* attributes, as required.
* This needs to be done for regular files if:
* - non-NFSv4 RPCs or
* - when attrbitp == NULL or
* - an NFSv4 RPC with any of the above attributes in attrbitp.
* A return of 0 for nfsrv_proxyds() indicates that it has acquired
* these attributes. nfsrv_proxyds() will return an error if the
* server is not a pNFS one.
*/
gotattr = 0;
if (vp->v_type == VREG && nfsrv_devidcnt > 0 && (attrbitp == NULL ||
(nd->nd_flag & ND_NFSV4) == 0 ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_CHANGE) ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SIZE) ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEACCESS) ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEMODIFY) ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACEUSED))) {
error = nfsrv_proxyds(vp, 0, 0, nd->nd_cred, p,
NFSPROC_GETATTR, NULL, NULL, NULL, &na, NULL, NULL, 0,
NULL);
if (error == 0)
gotattr = 1;
}
error = VOP_GETATTR(vp, &nvap->na_vattr, nd->nd_cred);
if (lockedit != 0)
NFSVOPUNLOCK(vp);
/*
* If we got the Change, Size and Modify Time from the DS,
* replace them.
*/
if (gotattr != 0) {
nvap->na_atime = na.na_atime;
nvap->na_mtime = na.na_mtime;
nvap->na_filerev = na.na_filerev;
nvap->na_size = na.na_size;
nvap->na_bytes = na.na_bytes;
}
NFSD_DEBUG(4, "nfsvno_getattr: gotattr=%d err=%d chg=%ju\n", gotattr,
error, (uintmax_t)na.na_filerev);
NFSEXITCODE(error);
return (error);
}
/*
* Get a file handle for a vnode.
*/
int
nfsvno_getfh(struct vnode *vp, fhandle_t *fhp, struct thread *p)
{
int error;
NFSBZERO((caddr_t)fhp, sizeof(fhandle_t));
fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
error = VOP_VPTOFH(vp, &fhp->fh_fid);
NFSEXITCODE(error);
return (error);
}
/*
* Perform access checking for vnodes obtained from file handles that would
* refer to files already opened by a Unix client. You cannot just use
* vn_writechk() and VOP_ACCESSX() for two reasons.
* 1 - You must check for exported rdonly as well as MNT_RDONLY for the write
* case.
* 2 - The owner is to be given access irrespective of mode bits for some
* operations, so that processes that chmod after opening a file don't
* break.
*/
int
nfsvno_accchk(struct vnode *vp, accmode_t accmode, struct ucred *cred,
struct nfsexstuff *exp, struct thread *p, int override, int vpislocked,
u_int32_t *supportedtypep)
{
struct vattr vattr;
int error = 0, getret = 0;
if (vpislocked == 0) {
if (NFSVOPLOCK(vp, LK_SHARED) != 0) {
error = EPERM;
goto out;
}
}
if (accmode & VWRITE) {
/* Just vn_writechk() changed to check rdonly */
/*
* Disallow write attempts on read-only file systems;
* unless the file is a socket or a block or character
* device resident on the file system.
*/
if (NFSVNO_EXRDONLY(exp) ||
(vp->v_mount->mnt_flag & MNT_RDONLY)) {
switch (vp->v_type) {
case VREG:
case VDIR:
case VLNK:
error = EROFS;
default:
break;
}
}
/*
* If there's shared text associated with
* the inode, try to free it up once. If
* we fail, we can't allow writing.
*/
if (VOP_IS_TEXT(vp) && error == 0)
error = ETXTBSY;
}
if (error != 0) {
if (vpislocked == 0)
NFSVOPUNLOCK(vp);
goto out;
}
/*
* Should the override still be applied when ACLs are enabled?
*/
error = VOP_ACCESSX(vp, accmode, cred, p);
if (error != 0 && (accmode & (VDELETE | VDELETE_CHILD))) {
/*
* Try again with VEXPLICIT_DENY, to see if the test for
* deletion is supported.
*/
error = VOP_ACCESSX(vp, accmode | VEXPLICIT_DENY, cred, p);
if (error == 0) {
if (vp->v_type == VDIR) {
accmode &= ~(VDELETE | VDELETE_CHILD);
accmode |= VWRITE;
error = VOP_ACCESSX(vp, accmode, cred, p);
} else if (supportedtypep != NULL) {
*supportedtypep &= ~NFSACCESS_DELETE;
}
}
}
/*
* Allow certain operations for the owner (reads and writes
* on files that are already open).
*/
if (override != NFSACCCHK_NOOVERRIDE &&
(error == EPERM || error == EACCES)) {
if (cred->cr_uid == 0 && (override & NFSACCCHK_ALLOWROOT))
error = 0;
else if (override & NFSACCCHK_ALLOWOWNER) {
getret = VOP_GETATTR(vp, &vattr, cred);
if (getret == 0 && cred->cr_uid == vattr.va_uid)
error = 0;
}
}
if (vpislocked == 0)
NFSVOPUNLOCK(vp);
out:
NFSEXITCODE(error);
return (error);
}
/*
* Set attribute(s) vnop.
*/
int
nfsvno_setattr(struct vnode *vp, struct nfsvattr *nvap, struct ucred *cred,
struct thread *p, struct nfsexstuff *exp)
{
u_quad_t savsize = 0;
int error, savedit;
/*
* If this is an exported file system and a pNFS service is running,
* don't VOP_SETATTR() of size for the MDS file system.
*/
savedit = 0;
error = 0;
if (vp->v_type == VREG && (vp->v_mount->mnt_flag & MNT_EXPORTED) != 0 &&
nfsrv_devidcnt != 0 && nvap->na_vattr.va_size != VNOVAL &&
nvap->na_vattr.va_size > 0) {
savsize = nvap->na_vattr.va_size;
nvap->na_vattr.va_size = VNOVAL;
if (nvap->na_vattr.va_uid != (uid_t)VNOVAL ||
nvap->na_vattr.va_gid != (gid_t)VNOVAL ||
nvap->na_vattr.va_mode != (mode_t)VNOVAL ||
nvap->na_vattr.va_atime.tv_sec != VNOVAL ||
nvap->na_vattr.va_mtime.tv_sec != VNOVAL)
savedit = 1;
else
savedit = 2;
}
if (savedit != 2)
error = VOP_SETATTR(vp, &nvap->na_vattr, cred);
if (savedit != 0)
nvap->na_vattr.va_size = savsize;
if (error == 0 && (nvap->na_vattr.va_uid != (uid_t)VNOVAL ||
nvap->na_vattr.va_gid != (gid_t)VNOVAL ||
nvap->na_vattr.va_size != VNOVAL ||
nvap->na_vattr.va_mode != (mode_t)VNOVAL ||
nvap->na_vattr.va_atime.tv_sec != VNOVAL ||
nvap->na_vattr.va_mtime.tv_sec != VNOVAL)) {
/* For a pNFS server, set the attributes on the DS file. */
error = nfsrv_proxyds(vp, 0, 0, cred, p, NFSPROC_SETATTR,
NULL, NULL, NULL, nvap, NULL, NULL, 0, NULL);
if (error == ENOENT)
error = 0;
}
NFSEXITCODE(error);
return (error);
}
/*
* Set up nameidata for a lookup() call and do it.
*/
int
nfsvno_namei(struct nfsrv_descript *nd, struct nameidata *ndp,
struct vnode *dp, int islocked, struct nfsexstuff *exp, struct thread *p,
struct vnode **retdirp)
{
struct componentname *cnp = &ndp->ni_cnd;
int i;
struct iovec aiov;
struct uio auio;
int lockleaf = (cnp->cn_flags & LOCKLEAF) != 0, linklen;
int error = 0;
char *cp;
*retdirp = NULL;
cnp->cn_nameptr = cnp->cn_pnbuf;
ndp->ni_lcf = 0;
/*
* Extract and set starting directory.
*/
if (dp->v_type != VDIR) {
if (islocked)
vput(dp);
else
vrele(dp);
nfsvno_relpathbuf(ndp);
error = ENOTDIR;
goto out1;
}
if (islocked)
NFSVOPUNLOCK(dp);
VREF(dp);
*retdirp = dp;
if (NFSVNO_EXRDONLY(exp))
cnp->cn_flags |= RDONLY;
ndp->ni_segflg = UIO_SYSSPACE;
if (nd->nd_flag & ND_PUBLOOKUP) {
ndp->ni_loopcnt = 0;
if (cnp->cn_pnbuf[0] == '/') {
vrele(dp);
/*
* Check for degenerate pathnames here, since lookup()
* panics on them.
*/
for (i = 1; i < ndp->ni_pathlen; i++)
if (cnp->cn_pnbuf[i] != '/')
break;
if (i == ndp->ni_pathlen) {
error = NFSERR_ACCES;
goto out;
}
dp = rootvnode;
VREF(dp);
}
} else if ((nfsrv_enable_crossmntpt == 0 && NFSVNO_EXPORTED(exp)) ||
(nd->nd_flag & ND_NFSV4) == 0) {
/*
* Only cross mount points for NFSv4 when doing a
* mount while traversing the file system above
* the mount point, unless nfsrv_enable_crossmntpt is set.
*/
cnp->cn_flags |= NOCROSSMOUNT;
}
/*
* Initialize for scan, set ni_startdir and bump ref on dp again
* because lookup() will dereference ni_startdir.
*/
cnp->cn_thread = p;
ndp->ni_startdir = dp;
ndp->ni_rootdir = rootvnode;
ndp->ni_topdir = NULL;
if (!lockleaf)
cnp->cn_flags |= LOCKLEAF;
for (;;) {
cnp->cn_nameptr = cnp->cn_pnbuf;
/*
* Call lookup() to do the real work. If an error occurs,
* ndp->ni_vp and ni_dvp are left uninitialized or NULL and
* we do not have to dereference anything before returning.
* In either case ni_startdir will be dereferenced and NULLed
* out.
*/
error = lookup(ndp);
if (error)
break;
/*
* Check for encountering a symbolic link. Trivial
* termination occurs if no symlink encountered.
*/
if ((cnp->cn_flags & ISSYMLINK) == 0) {
if ((cnp->cn_flags & (SAVENAME | SAVESTART)) == 0)
nfsvno_relpathbuf(ndp);
if (ndp->ni_vp && !lockleaf)
NFSVOPUNLOCK(ndp->ni_vp);
break;
}
/*
* Validate symlink
*/
if ((cnp->cn_flags & LOCKPARENT) && ndp->ni_pathlen == 1)
NFSVOPUNLOCK(ndp->ni_dvp);
if (!(nd->nd_flag & ND_PUBLOOKUP)) {
error = EINVAL;
goto badlink2;
}
if (ndp->ni_loopcnt++ >= MAXSYMLINKS) {
error = ELOOP;
goto badlink2;
}
if (ndp->ni_pathlen > 1)
cp = uma_zalloc(namei_zone, M_WAITOK);
else
cp = cnp->cn_pnbuf;
aiov.iov_base = cp;
aiov.iov_len = MAXPATHLEN;
auio.uio_iov = &aiov;
auio.uio_iovcnt = 1;
auio.uio_offset = 0;
auio.uio_rw = UIO_READ;
auio.uio_segflg = UIO_SYSSPACE;
auio.uio_td = NULL;
auio.uio_resid = MAXPATHLEN;
error = VOP_READLINK(ndp->ni_vp, &auio, cnp->cn_cred);
if (error) {
badlink1:
if (ndp->ni_pathlen > 1)
uma_zfree(namei_zone, cp);
badlink2:
vrele(ndp->ni_dvp);
vput(ndp->ni_vp);
break;
}
linklen = MAXPATHLEN - auio.uio_resid;
if (linklen == 0) {
error = ENOENT;
goto badlink1;
}
if (linklen + ndp->ni_pathlen >= MAXPATHLEN) {
error = ENAMETOOLONG;
goto badlink1;
}
/*
* Adjust or replace path
*/
if (ndp->ni_pathlen > 1) {
NFSBCOPY(ndp->ni_next, cp + linklen, ndp->ni_pathlen);
uma_zfree(namei_zone, cnp->cn_pnbuf);
cnp->cn_pnbuf = cp;
} else
cnp->cn_pnbuf[linklen] = '\0';
ndp->ni_pathlen += linklen;
/*
* Cleanup refs for next loop and check if root directory
* should replace current directory. Normally ni_dvp
* becomes the new base directory and is cleaned up when
* we loop. Explicitly null pointers after invalidation
* to clarify operation.
*/
vput(ndp->ni_vp);
ndp->ni_vp = NULL;
if (cnp->cn_pnbuf[0] == '/') {
vrele(ndp->ni_dvp);
ndp->ni_dvp = ndp->ni_rootdir;
VREF(ndp->ni_dvp);
}
ndp->ni_startdir = ndp->ni_dvp;
ndp->ni_dvp = NULL;
}
if (!lockleaf)
cnp->cn_flags &= ~LOCKLEAF;
out:
if (error) {
nfsvno_relpathbuf(ndp);
ndp->ni_vp = NULL;
ndp->ni_dvp = NULL;
ndp->ni_startdir = NULL;
} else if ((ndp->ni_cnd.cn_flags & (WANTPARENT|LOCKPARENT)) == 0) {
ndp->ni_dvp = NULL;
}
out1:
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Set up a pathname buffer and return a pointer to it and, optionally
* set a hash pointer.
*/
void
nfsvno_setpathbuf(struct nameidata *ndp, char **bufpp, u_long **hashpp)
{
struct componentname *cnp = &ndp->ni_cnd;
cnp->cn_flags |= (NOMACCHECK | HASBUF);
cnp->cn_pnbuf = uma_zalloc(namei_zone, M_WAITOK);
if (hashpp != NULL)
*hashpp = NULL;
*bufpp = cnp->cn_pnbuf;
}
/*
* Release the above path buffer, if not released by nfsvno_namei().
*/
void
nfsvno_relpathbuf(struct nameidata *ndp)
{
if ((ndp->ni_cnd.cn_flags & HASBUF) == 0)
panic("nfsrelpath");
uma_zfree(namei_zone, ndp->ni_cnd.cn_pnbuf);
ndp->ni_cnd.cn_flags &= ~HASBUF;
}
/*
* Readlink vnode op into an mbuf list.
*/
int
nfsvno_readlink(struct vnode *vp, struct ucred *cred, int maxextsiz,
struct thread *p, struct mbuf **mpp, struct mbuf **mpendp, int *lenp)
{
struct iovec *iv;
struct uio io, *uiop = &io;
struct mbuf *mp, *mp3;
int len, tlen, error = 0;
len = NFS_MAXPATHLEN;
if (maxextsiz > 0)
uiop->uio_iovcnt = nfsrv_createiovec_extpgs(len, maxextsiz,
&mp3, &mp, &iv);
else
uiop->uio_iovcnt = nfsrv_createiovec(len, &mp3, &mp, &iv);
uiop->uio_iov = iv;
uiop->uio_offset = 0;
uiop->uio_resid = len;
uiop->uio_rw = UIO_READ;
uiop->uio_segflg = UIO_SYSSPACE;
uiop->uio_td = NULL;
error = VOP_READLINK(vp, uiop, cred);
free(iv, M_TEMP);
if (error) {
m_freem(mp3);
*lenp = 0;
goto out;
}
if (uiop->uio_resid > 0) {
len -= uiop->uio_resid;
tlen = NFSM_RNDUP(len);
if (tlen == 0) {
m_freem(mp3);
mp3 = mp = NULL;
} else if (tlen != NFS_MAXPATHLEN || tlen != len)
mp = nfsrv_adj(mp3, NFS_MAXPATHLEN - tlen,
tlen - len);
}
*lenp = len;
*mpp = mp3;
*mpendp = mp;
out:
NFSEXITCODE(error);
return (error);
}
/*
* Create an mbuf chain and an associated iovec that can be used to Read
* or Getextattr of data.
* Upon success, return pointers to the first and last mbufs in the chain
* plus the malloc'd iovec and its iovlen.
*/
static int
nfsrv_createiovec(int len, struct mbuf **mpp, struct mbuf **mpendp,
struct iovec **ivp)
{
struct mbuf *m, *m2 = NULL, *m3;
struct iovec *iv;
int i, left, siz;
left = len;
m3 = NULL;
/*
* Generate the mbuf list with the uio_iov ref. to it.
*/
i = 0;
while (left > 0) {
NFSMGET(m);
MCLGET(m, M_WAITOK);
m->m_len = 0;
siz = min(M_TRAILINGSPACE(m), left);
left -= siz;
i++;
if (m3)
m2->m_next = m;
else
m3 = m;
m2 = m;
}
*ivp = iv = malloc(i * sizeof (struct iovec), M_TEMP, M_WAITOK);
m = m3;
left = len;
i = 0;
while (left > 0) {
if (m == NULL)
panic("nfsrv_createiovec iov");
siz = min(M_TRAILINGSPACE(m), left);
if (siz > 0) {
iv->iov_base = mtod(m, caddr_t) + m->m_len;
iv->iov_len = siz;
m->m_len += siz;
left -= siz;
iv++;
i++;
}
m = m->m_next;
}
*mpp = m3;
*mpendp = m2;
return (i);
}
/*
* Create an mbuf chain and an associated iovec that can be used to Read
* or Getextattr of data.
* Upon success, return pointers to the first and last mbufs in the chain
* plus the malloc'd iovec and its iovlen.
* Same as above, but creates ext_pgs mbuf(s).
*/
static int
nfsrv_createiovec_extpgs(int len, int maxextsiz, struct mbuf **mpp,
struct mbuf **mpendp, struct iovec **ivp)
{
struct mbuf *m, *m2 = NULL, *m3;
struct mbuf_ext_pgs *pgs;
struct iovec *iv;
int i, left, pgno, siz;
left = len;
m3 = NULL;
/*
* Generate the mbuf list with the uio_iov ref. to it.
*/
i = 0;
while (left > 0) {
siz = min(left, maxextsiz);
m = mb_alloc_ext_plus_pages(siz, M_WAITOK, false,
mb_free_mext_pgs);
left -= siz;
i += m->m_ext.ext_pgs->npgs;
if (m3 != NULL)
m2->m_next = m;
else
m3 = m;
m2 = m;
}
*ivp = iv = malloc(i * sizeof (struct iovec), M_TEMP, M_WAITOK);
m = m3;
left = len;
i = 0;
pgno = 0;
pgs = m->m_ext.ext_pgs;
while (left > 0) {
if (m == NULL)
panic("nfsvno_createiovec_extpgs iov");
siz = min(PAGE_SIZE, left);
if (siz > 0) {
iv->iov_base = (void *)PHYS_TO_DMAP(pgs->pa[pgno]);
iv->iov_len = siz;
m->m_len += siz;
if (pgno == pgs->npgs - 1)
pgs->last_pg_len = siz;
left -= siz;
iv++;
i++;
pgno++;
}
if (pgno == pgs->npgs && left > 0) {
m = m->m_next;
if (m == NULL)
panic("nfsvno_createiovec_extpgs iov");
pgs = m->m_ext.ext_pgs;
pgno = 0;
}
}
*mpp = m3;
*mpendp = m2;
return (i);
}
/*
* Read vnode op call into mbuf list.
*/
int
nfsvno_read(struct vnode *vp, off_t off, int cnt, struct ucred *cred,
int maxextsiz, struct thread *p, struct mbuf **mpp,
struct mbuf **mpendp)
{
struct mbuf *m;
struct iovec *iv;
int error = 0, len, tlen, ioflag = 0;
struct mbuf *m3;
struct uio io, *uiop = &io;
struct nfsheur *nh;
/*
* Attempt to read from a DS file. A return of ENOENT implies
* there is no DS file to read.
*/
error = nfsrv_proxyds(vp, off, cnt, cred, p, NFSPROC_READDS, mpp,
NULL, mpendp, NULL, NULL, NULL, 0, NULL);
if (error != ENOENT)
return (error);
len = NFSM_RNDUP(cnt);
if (maxextsiz > 0)
uiop->uio_iovcnt = nfsrv_createiovec_extpgs(len, maxextsiz,
&m3, &m, &iv);
else
uiop->uio_iovcnt = nfsrv_createiovec(len, &m3, &m, &iv);
uiop->uio_iov = iv;
uiop->uio_offset = off;
uiop->uio_resid = len;
uiop->uio_rw = UIO_READ;
uiop->uio_segflg = UIO_SYSSPACE;
uiop->uio_td = NULL;
nh = nfsrv_sequential_heuristic(uiop, vp);
ioflag |= nh->nh_seqcount << IO_SEQSHIFT;
/* XXX KDM make this more systematic? */
nfsstatsv1.srvbytes[NFSV4OP_READ] += uiop->uio_resid;
error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
free(iv, M_TEMP);
if (error) {
m_freem(m3);
*mpp = NULL;
goto out;
}
nh->nh_nextoff = uiop->uio_offset;
tlen = len - uiop->uio_resid;
cnt = cnt < tlen ? cnt : tlen;
tlen = NFSM_RNDUP(cnt);
if (tlen == 0) {
m_freem(m3);
m3 = m = NULL;
} else if (len != tlen || tlen != cnt)
m = nfsrv_adj(m3, len - tlen, tlen - cnt);
*mpp = m3;
*mpendp = m;
out:
NFSEXITCODE(error);
return (error);
}
/*
* Create the iovec for the mbuf chain passed in as an argument.
* The "cp" argument is where the data starts within the first mbuf in
* the chain. It returns the iovec and the iovcnt.
*/
static int
nfsrv_createiovecw(int retlen, struct mbuf *m, char *cp, struct iovec **ivpp,
int *iovcntp)
{
struct mbuf *mp;
struct iovec *ivp;
int cnt, i, len;
/*
* Loop through the mbuf chain, counting how many mbufs are a
* part of this write operation, so the iovec size is known.
*/
cnt = 0;
len = retlen;
mp = m;
i = mtod(mp, caddr_t) + mbuf_len(mp) - cp;
while (len > 0) {
if (i > 0) {
len -= i;
cnt++;
}
mp = mbuf_next(mp);
if (!mp) {
if (len > 0)
return (EBADRPC);
} else
i = mbuf_len(mp);
}
/* Now, create the iovec. */
mp = m;
*ivpp = ivp = malloc(cnt * sizeof (struct iovec), M_TEMP,
M_WAITOK);
*iovcntp = cnt;
i = mtod(mp, caddr_t) + mp->m_len - cp;
len = retlen;
while (len > 0) {
if (mp == NULL)
panic("nfsrv_createiovecw");
if (i > 0) {
i = min(i, len);
ivp->iov_base = cp;
ivp->iov_len = i;
ivp++;
len -= i;
}
mp = mp->m_next;
if (mp) {
i = mp->m_len;
cp = mtod(mp, caddr_t);
}
}
return (0);
}
/*
* Create the iovec for the mbuf chain passed in as an argument.
* The "cp" argument is where the data starts within the first mbuf in
* the chain. It returns the iovec and the iovcnt.
* Same as above, but for ext_pgs mbufs.
*/
static int
nfsrv_createiovecw_extpgs(int retlen, struct mbuf *m, char *cp, int dextpg,
int dextpgsiz, struct iovec **ivpp, int *iovcntp)
{
struct mbuf *mp;
struct mbuf_ext_pgs *pgs;
struct iovec *ivp;
int cnt, i, len, pgno;
/*
* Loop through the mbuf chain, counting how many pages are
* part of this write oepration, so the iovec size is known.
*/
cnt = 0;
len = retlen;
mp = m;
pgs = mp->m_ext.ext_pgs;
i = dextpgsiz;
pgno = dextpg;
while (len > 0) {
if (i > 0) {
len -= i;
cnt++;
}
if (len > 0) {
if (pgno == pgs->npgs - 1) {
mp = mp->m_next;
if (mp == NULL)
return (EBADRPC);
pgno = 0;
pgs = mp->m_ext.ext_pgs;
} else
pgno++;
if (pgno == 0)
i = mbuf_ext_pg_len(pgs, 0,
pgs->first_pg_off);
else
i = mbuf_ext_pg_len(pgs, pgno, 0);
}
}
/* Now, create the iovec. */
mp = m;
*ivpp = ivp = malloc(cnt * sizeof (struct iovec), M_TEMP,
M_WAITOK);
*iovcntp = cnt;
len = retlen;
pgs = mp->m_ext.ext_pgs;
i = dextpgsiz;
pgno = dextpg;
while (len > 0) {
if (i > 0) {
i = min(i, len);
ivp->iov_base = cp;
ivp->iov_len = i;
ivp++;
len -= i;
}
if (len > 0) {
if (pgno == pgs->npgs - 1) {
mp = mp->m_next;
if (mp == NULL)
return (EBADRPC);
pgno = 0;
pgs = mp->m_ext.ext_pgs;
} else
pgno++;
cp = (char *)(void *)
PHYS_TO_DMAP(pgs->pa[pgno]);
if (pgno == 0) {
cp += pgs->first_pg_off;
i = mbuf_ext_pg_len(pgs, 0,
pgs->first_pg_off);
} else
i = mbuf_ext_pg_len(pgs, pgno, 0);
}
}
return (0);
}
/*
* Write vnode op from an mbuf list.
*/
int
nfsvno_write(struct vnode *vp, off_t off, int retlen, int *stable,
struct nfsrv_descript *nd, struct thread *p)
{
struct iovec *iv;
int cnt, ioflags, error;
struct uio io, *uiop = &io;
struct nfsheur *nh;
/*
* Attempt to write to a DS file. A return of ENOENT implies
* there is no DS file to write.
*/
error = nfsrv_proxyds(vp, off, retlen, nd->nd_cred, p,
NFSPROC_WRITEDS, &nd->nd_md, nd, NULL, NULL, NULL,
NULL, 0, NULL);
if (error != ENOENT) {
*stable = NFSWRITE_FILESYNC;
return (error);
}
if (*stable == NFSWRITE_UNSTABLE)
ioflags = IO_NODELOCKED;
else
ioflags = (IO_SYNC | IO_NODELOCKED);
if ((nd->nd_md->m_flags & M_NOMAP) != 0)
error = nfsrv_createiovecw_extpgs(retlen, nd->nd_md,
nd->nd_dpos, nd->nd_dextpg, nd->nd_dextpgsiz,
&iv, &cnt);
else
error = nfsrv_createiovecw(retlen, nd->nd_md,
nd->nd_dpos, &iv, &cnt);
if (error != 0)
return (error);
uiop->uio_iov = iv;
uiop->uio_iovcnt = cnt;
uiop->uio_resid = retlen;
uiop->uio_rw = UIO_WRITE;
uiop->uio_segflg = UIO_SYSSPACE;
NFSUIOPROC(uiop, p);
uiop->uio_offset = off;
nh = nfsrv_sequential_heuristic(uiop, vp);
ioflags |= nh->nh_seqcount << IO_SEQSHIFT;
/* XXX KDM make this more systematic? */
nfsstatsv1.srvbytes[NFSV4OP_WRITE] += uiop->uio_resid;
error = VOP_WRITE(vp, uiop, ioflags, nd->nd_cred);
if (error == 0)
nh->nh_nextoff = uiop->uio_offset;
free(iv, M_TEMP);
NFSEXITCODE(error);
return (error);
}
/*
* Common code for creating a regular file (plus special files for V2).
*/
int
nfsvno_createsub(struct nfsrv_descript *nd, struct nameidata *ndp,
struct vnode **vpp, struct nfsvattr *nvap, int *exclusive_flagp,
int32_t *cverf, NFSDEV_T rdev, struct nfsexstuff *exp)
{
u_quad_t tempsize;
int error;
struct thread *p = curthread;
error = nd->nd_repstat;
if (!error && ndp->ni_vp == NULL) {
if (nvap->na_type == VREG || nvap->na_type == VSOCK) {
vrele(ndp->ni_startdir);
error = VOP_CREATE(ndp->ni_dvp,
&ndp->ni_vp, &ndp->ni_cnd, &nvap->na_vattr);
/* For a pNFS server, create the data file on a DS. */
if (error == 0 && nvap->na_type == VREG) {
/*
* Create a data file on a DS for a pNFS server.
* This function just returns if not
* running a pNFS DS or the creation fails.
*/
nfsrv_pnfscreate(ndp->ni_vp, &nvap->na_vattr,
nd->nd_cred, p);
}
vput(ndp->ni_dvp);
nfsvno_relpathbuf(ndp);
if (!error) {
if (*exclusive_flagp) {
*exclusive_flagp = 0;
NFSVNO_ATTRINIT(nvap);
nvap->na_atime.tv_sec = cverf[0];
nvap->na_atime.tv_nsec = cverf[1];
error = VOP_SETATTR(ndp->ni_vp,
&nvap->na_vattr, nd->nd_cred);
if (error != 0) {
vput(ndp->ni_vp);
ndp->ni_vp = NULL;
error = NFSERR_NOTSUPP;
}
}
}
/*
* NFS V2 Only. nfsrvd_mknod() does this for V3.
* (This implies, just get out on an error.)
*/
} else if (nvap->na_type == VCHR || nvap->na_type == VBLK ||
nvap->na_type == VFIFO) {
if (nvap->na_type == VCHR && rdev == 0xffffffff)
nvap->na_type = VFIFO;
if (nvap->na_type != VFIFO &&
(error = priv_check_cred(nd->nd_cred, PRIV_VFS_MKNOD_DEV))) {
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
vput(ndp->ni_dvp);
goto out;
}
nvap->na_rdev = rdev;
error = VOP_MKNOD(ndp->ni_dvp, &ndp->ni_vp,
&ndp->ni_cnd, &nvap->na_vattr);
vput(ndp->ni_dvp);
nfsvno_relpathbuf(ndp);
vrele(ndp->ni_startdir);
if (error)
goto out;
} else {
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
vput(ndp->ni_dvp);
error = ENXIO;
goto out;
}
*vpp = ndp->ni_vp;
} else {
/*
* Handle cases where error is already set and/or
* the file exists.
* 1 - clean up the lookup
* 2 - iff !error and na_size set, truncate it
*/
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
*vpp = ndp->ni_vp;
if (ndp->ni_dvp == *vpp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
if (!error && nvap->na_size != VNOVAL) {
error = nfsvno_accchk(*vpp, VWRITE,
nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE,
NFSACCCHK_VPISLOCKED, NULL);
if (!error) {
tempsize = nvap->na_size;
NFSVNO_ATTRINIT(nvap);
nvap->na_size = tempsize;
error = VOP_SETATTR(*vpp,
&nvap->na_vattr, nd->nd_cred);
}
}
if (error)
vput(*vpp);
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* Do a mknod vnode op.
*/
int
nfsvno_mknod(struct nameidata *ndp, struct nfsvattr *nvap, struct ucred *cred,
struct thread *p)
{
int error = 0;
enum vtype vtyp;
vtyp = nvap->na_type;
/*
* Iff doesn't exist, create it.
*/
if (ndp->ni_vp) {
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
vput(ndp->ni_dvp);
vrele(ndp->ni_vp);
error = EEXIST;
goto out;
}
if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
vput(ndp->ni_dvp);
error = NFSERR_BADTYPE;
goto out;
}
if (vtyp == VSOCK) {
vrele(ndp->ni_startdir);
error = VOP_CREATE(ndp->ni_dvp, &ndp->ni_vp,
&ndp->ni_cnd, &nvap->na_vattr);
vput(ndp->ni_dvp);
nfsvno_relpathbuf(ndp);
} else {
if (nvap->na_type != VFIFO &&
(error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV))) {
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
vput(ndp->ni_dvp);
goto out;
}
error = VOP_MKNOD(ndp->ni_dvp, &ndp->ni_vp,
&ndp->ni_cnd, &nvap->na_vattr);
vput(ndp->ni_dvp);
nfsvno_relpathbuf(ndp);
vrele(ndp->ni_startdir);
/*
* Since VOP_MKNOD returns the ni_vp, I can't
* see any reason to do the lookup.
*/
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* Mkdir vnode op.
*/
int
nfsvno_mkdir(struct nameidata *ndp, struct nfsvattr *nvap, uid_t saved_uid,
struct ucred *cred, struct thread *p, struct nfsexstuff *exp)
{
int error = 0;
if (ndp->ni_vp != NULL) {
if (ndp->ni_dvp == ndp->ni_vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
vrele(ndp->ni_vp);
nfsvno_relpathbuf(ndp);
error = EEXIST;
goto out;
}
error = VOP_MKDIR(ndp->ni_dvp, &ndp->ni_vp, &ndp->ni_cnd,
&nvap->na_vattr);
vput(ndp->ni_dvp);
nfsvno_relpathbuf(ndp);
out:
NFSEXITCODE(error);
return (error);
}
/*
* symlink vnode op.
*/
int
nfsvno_symlink(struct nameidata *ndp, struct nfsvattr *nvap, char *pathcp,
int pathlen, int not_v2, uid_t saved_uid, struct ucred *cred, struct thread *p,
struct nfsexstuff *exp)
{
int error = 0;
if (ndp->ni_vp) {
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
if (ndp->ni_dvp == ndp->ni_vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
vrele(ndp->ni_vp);
error = EEXIST;
goto out;
}
error = VOP_SYMLINK(ndp->ni_dvp, &ndp->ni_vp, &ndp->ni_cnd,
&nvap->na_vattr, pathcp);
vput(ndp->ni_dvp);
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
/*
* Although FreeBSD still had the lookup code in
* it for 7/current, there doesn't seem to be any
* point, since VOP_SYMLINK() returns the ni_vp.
* Just vput it for v2.
*/
if (!not_v2 && !error)
vput(ndp->ni_vp);
out:
NFSEXITCODE(error);
return (error);
}
/*
* Parse symbolic link arguments.
* This function has an ugly side effect. It will malloc() an area for
* the symlink and set iov_base to point to it, only if it succeeds.
* So, if it returns with uiop->uio_iov->iov_base != NULL, that must
* be FREE'd later.
*/
int
nfsvno_getsymlink(struct nfsrv_descript *nd, struct nfsvattr *nvap,
struct thread *p, char **pathcpp, int *lenp)
{
u_int32_t *tl;
char *pathcp = NULL;
int error = 0, len;
struct nfsv2_sattr *sp;
*pathcpp = NULL;
*lenp = 0;
if ((nd->nd_flag & ND_NFSV3) &&
(error = nfsrv_sattr(nd, NULL, nvap, NULL, NULL, p)))
goto nfsmout;
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
len = fxdr_unsigned(int, *tl);
if (len > NFS_MAXPATHLEN || len <= 0) {
error = EBADRPC;
goto nfsmout;
}
pathcp = malloc(len + 1, M_TEMP, M_WAITOK);
error = nfsrv_mtostr(nd, pathcp, len);
if (error)
goto nfsmout;
if (nd->nd_flag & ND_NFSV2) {
NFSM_DISSECT(sp, struct nfsv2_sattr *, NFSX_V2SATTR);
nvap->na_mode = fxdr_unsigned(u_int16_t, sp->sa_mode);
}
*pathcpp = pathcp;
*lenp = len;
NFSEXITCODE2(0, nd);
return (0);
nfsmout:
if (pathcp)
free(pathcp, M_TEMP);
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Remove a non-directory object.
*/
int
nfsvno_removesub(struct nameidata *ndp, int is_v4, struct ucred *cred,
struct thread *p, struct nfsexstuff *exp)
{
struct vnode *vp, *dsdvp[NFSDEV_MAXMIRRORS];
int error = 0, mirrorcnt;
char fname[PNFS_FILENAME_LEN + 1];
fhandle_t fh;
vp = ndp->ni_vp;
dsdvp[0] = NULL;
if (vp->v_type == VDIR)
error = NFSERR_ISDIR;
else if (is_v4)
error = nfsrv_checkremove(vp, 1, NULL, (nfsquad_t)((u_quad_t)0),
p);
if (error == 0)
nfsrv_pnfsremovesetup(vp, p, dsdvp, &mirrorcnt, fname, &fh);
if (!error)
error = VOP_REMOVE(ndp->ni_dvp, vp, &ndp->ni_cnd);
if (error == 0 && dsdvp[0] != NULL)
nfsrv_pnfsremove(dsdvp, mirrorcnt, fname, &fh, p);
if (ndp->ni_dvp == vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
vput(vp);
if ((ndp->ni_cnd.cn_flags & SAVENAME) != 0)
nfsvno_relpathbuf(ndp);
NFSEXITCODE(error);
return (error);
}
/*
* Remove a directory.
*/
int
nfsvno_rmdirsub(struct nameidata *ndp, int is_v4, struct ucred *cred,
struct thread *p, struct nfsexstuff *exp)
{
struct vnode *vp;
int error = 0;
vp = ndp->ni_vp;
if (vp->v_type != VDIR) {
error = ENOTDIR;
goto out;
}
/*
* No rmdir "." please.
*/
if (ndp->ni_dvp == vp) {
error = EINVAL;
goto out;
}
/*
* The root of a mounted filesystem cannot be deleted.
*/
if (vp->v_vflag & VV_ROOT)
error = EBUSY;
out:
if (!error)
error = VOP_RMDIR(ndp->ni_dvp, vp, &ndp->ni_cnd);
if (ndp->ni_dvp == vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
vput(vp);
if ((ndp->ni_cnd.cn_flags & SAVENAME) != 0)
nfsvno_relpathbuf(ndp);
NFSEXITCODE(error);
return (error);
}
/*
* Rename vnode op.
*/
int
nfsvno_rename(struct nameidata *fromndp, struct nameidata *tondp,
u_int32_t ndstat, u_int32_t ndflag, struct ucred *cred, struct thread *p)
{
struct vnode *fvp, *tvp, *tdvp, *dsdvp[NFSDEV_MAXMIRRORS];
int error = 0, mirrorcnt;
char fname[PNFS_FILENAME_LEN + 1];
fhandle_t fh;
dsdvp[0] = NULL;
fvp = fromndp->ni_vp;
if (ndstat) {
vrele(fromndp->ni_dvp);
vrele(fvp);
error = ndstat;
goto out1;
}
tdvp = tondp->ni_dvp;
tvp = tondp->ni_vp;
if (tvp != NULL) {
if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
error = (ndflag & ND_NFSV2) ? EISDIR : EEXIST;
goto out;
} else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
error = (ndflag & ND_NFSV2) ? ENOTDIR : EEXIST;
goto out;
}
if (tvp->v_type == VDIR && tvp->v_mountedhere) {
error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EXDEV;
goto out;
}
/*
* A rename to '.' or '..' results in a prematurely
* unlocked vnode on FreeBSD5, so I'm just going to fail that
* here.
*/
if ((tondp->ni_cnd.cn_namelen == 1 &&
tondp->ni_cnd.cn_nameptr[0] == '.') ||
(tondp->ni_cnd.cn_namelen == 2 &&
tondp->ni_cnd.cn_nameptr[0] == '.' &&
tondp->ni_cnd.cn_nameptr[1] == '.')) {
error = EINVAL;
goto out;
}
}
if (fvp->v_type == VDIR && fvp->v_mountedhere) {
error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EXDEV;
goto out;
}
if (fvp->v_mount != tdvp->v_mount) {
error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EXDEV;
goto out;
}
if (fvp == tdvp) {
error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EINVAL;
goto out;
}
if (fvp == tvp) {
/*
* If source and destination are the same, there is nothing to
* do. Set error to -1 to indicate this.
*/
error = -1;
goto out;
}
if (ndflag & ND_NFSV4) {
if (NFSVOPLOCK(fvp, LK_EXCLUSIVE) == 0) {
error = nfsrv_checkremove(fvp, 0, NULL,
(nfsquad_t)((u_quad_t)0), p);
NFSVOPUNLOCK(fvp);
} else
error = EPERM;
if (tvp && !error)
error = nfsrv_checkremove(tvp, 1, NULL,
(nfsquad_t)((u_quad_t)0), p);
} else {
/*
* For NFSv2 and NFSv3, try to get rid of the delegation, so
* that the NFSv4 client won't be confused by the rename.
* Since nfsd_recalldelegation() can only be called on an
* unlocked vnode at this point and fvp is the file that will
* still exist after the rename, just do fvp.
*/
nfsd_recalldelegation(fvp, p);
}
if (error == 0 && tvp != NULL) {
nfsrv_pnfsremovesetup(tvp, p, dsdvp, &mirrorcnt, fname, &fh);
NFSD_DEBUG(4, "nfsvno_rename: pnfsremovesetup"
" dsdvp=%p\n", dsdvp[0]);
}
out:
if (!error) {
error = VOP_RENAME(fromndp->ni_dvp, fromndp->ni_vp,
&fromndp->ni_cnd, tondp->ni_dvp, tondp->ni_vp,
&tondp->ni_cnd);
} else {
if (tdvp == tvp)
vrele(tdvp);
else
vput(tdvp);
if (tvp)
vput(tvp);
vrele(fromndp->ni_dvp);
vrele(fvp);
if (error == -1)
error = 0;
}
/*
* If dsdvp[0] != NULL, it was set up by nfsrv_pnfsremovesetup() and
* if the rename succeeded, the DS file for the tvp needs to be
* removed.
*/
if (error == 0 && dsdvp[0] != NULL) {
nfsrv_pnfsremove(dsdvp, mirrorcnt, fname, &fh, p);
NFSD_DEBUG(4, "nfsvno_rename: pnfsremove\n");
}
vrele(tondp->ni_startdir);
nfsvno_relpathbuf(tondp);
out1:
vrele(fromndp->ni_startdir);
nfsvno_relpathbuf(fromndp);
NFSEXITCODE(error);
return (error);
}
/*
* Link vnode op.
*/
int
nfsvno_link(struct nameidata *ndp, struct vnode *vp, struct ucred *cred,
struct thread *p, struct nfsexstuff *exp)
{
struct vnode *xp;
int error = 0;
xp = ndp->ni_vp;
if (xp != NULL) {
error = EEXIST;
} else {
xp = ndp->ni_dvp;
if (vp->v_mount != xp->v_mount)
error = EXDEV;
}
if (!error) {
NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
if (!VN_IS_DOOMED(vp))
error = VOP_LINK(ndp->ni_dvp, vp, &ndp->ni_cnd);
else
error = EPERM;
if (ndp->ni_dvp == vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
NFSVOPUNLOCK(vp);
} else {
if (ndp->ni_dvp == ndp->ni_vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
if (ndp->ni_vp)
vrele(ndp->ni_vp);
}
nfsvno_relpathbuf(ndp);
NFSEXITCODE(error);
return (error);
}
/*
* Do the fsync() appropriate for the commit.
*/
int
nfsvno_fsync(struct vnode *vp, u_int64_t off, int cnt, struct ucred *cred,
struct thread *td)
{
int error = 0;
/*
* RFC 1813 3.3.21: if count is 0, a flush from offset to the end of
* file is done. At this time VOP_FSYNC does not accept offset and
* byte count parameters so call VOP_FSYNC the whole file for now.
* The same is true for NFSv4: RFC 3530 Sec. 14.2.3.
* File systems that do not use the buffer cache (as indicated
* by MNTK_USES_BCACHE not being set) must use VOP_FSYNC().
*/
if (cnt == 0 || cnt > MAX_COMMIT_COUNT ||
(vp->v_mount->mnt_kern_flag & MNTK_USES_BCACHE) == 0) {
/*
* Give up and do the whole thing
*/
if (vp->v_object && vm_object_mightbedirty(vp->v_object)) {
VM_OBJECT_WLOCK(vp->v_object);
vm_object_page_clean(vp->v_object, 0, 0, OBJPC_SYNC);
VM_OBJECT_WUNLOCK(vp->v_object);
}
error = VOP_FSYNC(vp, MNT_WAIT, td);
} else {
/*
* Locate and synchronously write any buffers that fall
* into the requested range. Note: we are assuming that
* f_iosize is a power of 2.
*/
int iosize = vp->v_mount->mnt_stat.f_iosize;
int iomask = iosize - 1;
struct bufobj *bo;
daddr_t lblkno;
/*
* Align to iosize boundary, super-align to page boundary.
*/
if (off & iomask) {
cnt += off & iomask;
off &= ~(u_quad_t)iomask;
}
if (off & PAGE_MASK) {
cnt += off & PAGE_MASK;
off &= ~(u_quad_t)PAGE_MASK;
}
lblkno = off / iosize;
if (vp->v_object && vm_object_mightbedirty(vp->v_object)) {
VM_OBJECT_WLOCK(vp->v_object);
vm_object_page_clean(vp->v_object, off, off + cnt,
OBJPC_SYNC);
VM_OBJECT_WUNLOCK(vp->v_object);
}
bo = &vp->v_bufobj;
BO_LOCK(bo);
while (cnt > 0) {
struct buf *bp;
/*
* If we have a buffer and it is marked B_DELWRI we
* have to lock and write it. Otherwise the prior
* write is assumed to have already been committed.
*
* gbincore() can return invalid buffers now so we
* have to check that bit as well (though B_DELWRI
* should not be set if B_INVAL is set there could be
* a race here since we haven't locked the buffer).
*/
if ((bp = gbincore(&vp->v_bufobj, lblkno)) != NULL) {
if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_SLEEPFAIL |
LK_INTERLOCK, BO_LOCKPTR(bo)) == ENOLCK) {
BO_LOCK(bo);
continue; /* retry */
}
if ((bp->b_flags & (B_DELWRI|B_INVAL)) ==
B_DELWRI) {
bremfree(bp);
bp->b_flags &= ~B_ASYNC;
bwrite(bp);
++nfs_commit_miss;
} else
BUF_UNLOCK(bp);
BO_LOCK(bo);
}
++nfs_commit_blks;
if (cnt < iosize)
break;
cnt -= iosize;
++lblkno;
}
BO_UNLOCK(bo);
}
NFSEXITCODE(error);
return (error);
}
/*
* Statfs vnode op.
*/
int
nfsvno_statfs(struct vnode *vp, struct statfs *sf)
{
struct statfs *tsf;
int error;
tsf = NULL;
if (nfsrv_devidcnt > 0) {
/* For a pNFS service, get the DS numbers. */
tsf = malloc(sizeof(*tsf), M_TEMP, M_WAITOK | M_ZERO);
error = nfsrv_pnfsstatfs(tsf, vp->v_mount);
if (error != 0) {
free(tsf, M_TEMP);
tsf = NULL;
}
}
error = VFS_STATFS(vp->v_mount, sf);
if (error == 0) {
if (tsf != NULL) {
sf->f_blocks = tsf->f_blocks;
sf->f_bavail = tsf->f_bavail;
sf->f_bfree = tsf->f_bfree;
sf->f_bsize = tsf->f_bsize;
}
/*
* Since NFS handles these values as unsigned on the
* wire, there is no way to represent negative values,
* so set them to 0. Without this, they will appear
* to be very large positive values for clients like
* Solaris10.
*/
if (sf->f_bavail < 0)
sf->f_bavail = 0;
if (sf->f_ffree < 0)
sf->f_ffree = 0;
}
free(tsf, M_TEMP);
NFSEXITCODE(error);
return (error);
}
/*
* Do the vnode op stuff for Open. Similar to nfsvno_createsub(), but
* must handle nfsrv_opencheck() calls after any other access checks.
*/
void
nfsvno_open(struct nfsrv_descript *nd, struct nameidata *ndp,
nfsquad_t clientid, nfsv4stateid_t *stateidp, struct nfsstate *stp,
int *exclusive_flagp, struct nfsvattr *nvap, int32_t *cverf, int create,
NFSACL_T *aclp, nfsattrbit_t *attrbitp, struct ucred *cred,
struct nfsexstuff *exp, struct vnode **vpp)
{
struct vnode *vp = NULL;
u_quad_t tempsize;
struct nfsexstuff nes;
struct thread *p = curthread;
if (ndp->ni_vp == NULL)
nd->nd_repstat = nfsrv_opencheck(clientid,
stateidp, stp, NULL, nd, p, nd->nd_repstat);
if (!nd->nd_repstat) {
if (ndp->ni_vp == NULL) {
vrele(ndp->ni_startdir);
nd->nd_repstat = VOP_CREATE(ndp->ni_dvp,
&ndp->ni_vp, &ndp->ni_cnd, &nvap->na_vattr);
/* For a pNFS server, create the data file on a DS. */
if (nd->nd_repstat == 0) {
/*
* Create a data file on a DS for a pNFS server.
* This function just returns if not
* running a pNFS DS or the creation fails.
*/
nfsrv_pnfscreate(ndp->ni_vp, &nvap->na_vattr,
cred, p);
}
vput(ndp->ni_dvp);
nfsvno_relpathbuf(ndp);
if (!nd->nd_repstat) {
if (*exclusive_flagp) {
*exclusive_flagp = 0;
NFSVNO_ATTRINIT(nvap);
nvap->na_atime.tv_sec = cverf[0];
nvap->na_atime.tv_nsec = cverf[1];
nd->nd_repstat = VOP_SETATTR(ndp->ni_vp,
&nvap->na_vattr, cred);
if (nd->nd_repstat != 0) {
vput(ndp->ni_vp);
ndp->ni_vp = NULL;
nd->nd_repstat = NFSERR_NOTSUPP;
} else
NFSSETBIT_ATTRBIT(attrbitp,
NFSATTRBIT_TIMEACCESS);
} else {
nfsrv_fixattr(nd, ndp->ni_vp, nvap,
aclp, p, attrbitp, exp);
}
}
vp = ndp->ni_vp;
} else {
if (ndp->ni_startdir)
vrele(ndp->ni_startdir);
nfsvno_relpathbuf(ndp);
vp = ndp->ni_vp;
if (create == NFSV4OPEN_CREATE) {
if (ndp->ni_dvp == vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
}
if (NFSVNO_ISSETSIZE(nvap) && vp->v_type == VREG) {
if (ndp->ni_cnd.cn_flags & RDONLY)
NFSVNO_SETEXRDONLY(&nes);
else
NFSVNO_EXINIT(&nes);
nd->nd_repstat = nfsvno_accchk(vp,
VWRITE, cred, &nes, p,
NFSACCCHK_NOOVERRIDE,
NFSACCCHK_VPISLOCKED, NULL);
nd->nd_repstat = nfsrv_opencheck(clientid,
stateidp, stp, vp, nd, p, nd->nd_repstat);
if (!nd->nd_repstat) {
tempsize = nvap->na_size;
NFSVNO_ATTRINIT(nvap);
nvap->na_size = tempsize;
nd->nd_repstat = VOP_SETATTR(vp,
&nvap->na_vattr, cred);
}
} else if (vp->v_type == VREG) {
nd->nd_repstat = nfsrv_opencheck(clientid,
stateidp, stp, vp, nd, p, nd->nd_repstat);
}
}
} else {
if (ndp->ni_cnd.cn_flags & HASBUF)
nfsvno_relpathbuf(ndp);
if (ndp->ni_startdir && create == NFSV4OPEN_CREATE) {
vrele(ndp->ni_startdir);
if (ndp->ni_dvp == ndp->ni_vp)
vrele(ndp->ni_dvp);
else
vput(ndp->ni_dvp);
if (ndp->ni_vp)
vput(ndp->ni_vp);
}
}
*vpp = vp;
NFSEXITCODE2(0, nd);
}
/*
* Updates the file rev and sets the mtime and ctime
* to the current clock time, returning the va_filerev and va_Xtime
* values.
* Return ESTALE to indicate the vnode is VIRF_DOOMED.
*/
int
nfsvno_updfilerev(struct vnode *vp, struct nfsvattr *nvap,
struct nfsrv_descript *nd, struct thread *p)
{
struct vattr va;
VATTR_NULL(&va);
vfs_timestamp(&va.va_mtime);
if (NFSVOPISLOCKED(vp) != LK_EXCLUSIVE) {
NFSVOPLOCK(vp, LK_UPGRADE | LK_RETRY);
if (VN_IS_DOOMED(vp))
return (ESTALE);
}
(void) VOP_SETATTR(vp, &va, nd->nd_cred);
(void) nfsvno_getattr(vp, nvap, nd, p, 1, NULL);
return (0);
}
/*
* Glue routine to nfsv4_fillattr().
*/
int
nfsvno_fillattr(struct nfsrv_descript *nd, struct mount *mp, struct vnode *vp,
struct nfsvattr *nvap, fhandle_t *fhp, int rderror, nfsattrbit_t *attrbitp,
struct ucred *cred, struct thread *p, int isdgram, int reterr,
int supports_nfsv4acls, int at_root, uint64_t mounted_on_fileno)
{
struct statfs *sf;
int error;
sf = NULL;
if (nfsrv_devidcnt > 0 &&
(NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACEAVAIL) ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACEFREE) ||
NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACETOTAL))) {
sf = malloc(sizeof(*sf), M_TEMP, M_WAITOK | M_ZERO);
error = nfsrv_pnfsstatfs(sf, mp);
if (error != 0) {
free(sf, M_TEMP);
sf = NULL;
}
}
error = nfsv4_fillattr(nd, mp, vp, NULL, &nvap->na_vattr, fhp, rderror,
attrbitp, cred, p, isdgram, reterr, supports_nfsv4acls, at_root,
mounted_on_fileno, sf);
free(sf, M_TEMP);
NFSEXITCODE2(0, nd);
return (error);
}
/* Since the Readdir vnode ops vary, put the entire functions in here. */
/*
* nfs readdir service
* - mallocs what it thinks is enough to read
* count rounded up to a multiple of DIRBLKSIZ <= NFS_MAXREADDIR
* - calls VOP_READDIR()
* - loops around building the reply
* if the output generated exceeds count break out of loop
* The NFSM_CLGET macro is used here so that the reply will be packed
* tightly in mbuf clusters.
* - it trims out records with d_fileno == 0
* this doesn't matter for Unix clients, but they might confuse clients
* for other os'.
* - it trims out records with d_type == DT_WHT
* these cannot be seen through NFS (unless we extend the protocol)
* The alternate call nfsrvd_readdirplus() does lookups as well.
* PS: The NFS protocol spec. does not clarify what the "count" byte
* argument is a count of.. just name strings and file id's or the
* entire reply rpc or ...
* I tried just file name and id sizes and it confused the Sun client,
* so I am using the full rpc size now. The "paranoia.." comment refers
* to including the status longwords that are not a part of the dir.
* "entry" structures, but are in the rpc.
*/
int
nfsrvd_readdir(struct nfsrv_descript *nd, int isdgram,
struct vnode *vp, struct nfsexstuff *exp)
{
struct dirent *dp;
u_int32_t *tl;
int dirlen;
char *cpos, *cend, *rbuf;
struct nfsvattr at;
int nlen, error = 0, getret = 1;
int siz, cnt, fullsiz, eofflag, ncookies;
u_int64_t off, toff, verf __unused;
u_long *cookies = NULL, *cookiep;
struct uio io;
struct iovec iv;
int is_ufs;
struct thread *p = curthread;
if (nd->nd_repstat) {
nfsrv_postopattr(nd, getret, &at);
goto out;
}
if (nd->nd_flag & ND_NFSV2) {
NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
off = fxdr_unsigned(u_quad_t, *tl++);
} else {
NFSM_DISSECT(tl, u_int32_t *, 5 * NFSX_UNSIGNED);
off = fxdr_hyper(tl);
tl += 2;
verf = fxdr_hyper(tl);
tl += 2;
}
toff = off;
cnt = fxdr_unsigned(int, *tl);
if (cnt > NFS_SRVMAXDATA(nd) || cnt < 0)
cnt = NFS_SRVMAXDATA(nd);
siz = ((cnt + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
fullsiz = siz;
if (nd->nd_flag & ND_NFSV3) {
nd->nd_repstat = getret = nfsvno_getattr(vp, &at, nd, p, 1,
NULL);
#if 0
/*
* va_filerev is not sufficient as a cookie verifier,
* since it is not supposed to change when entries are
* removed/added unless that offset cookies returned to
* the client are no longer valid.
*/
if (!nd->nd_repstat && toff && verf != at.na_filerev)
nd->nd_repstat = NFSERR_BAD_COOKIE;
#endif
}
if (!nd->nd_repstat && vp->v_type != VDIR)
nd->nd_repstat = NFSERR_NOTDIR;
if (nd->nd_repstat == 0 && cnt == 0) {
if (nd->nd_flag & ND_NFSV2)
/* NFSv2 does not have NFSERR_TOOSMALL */
nd->nd_repstat = EPERM;
else
nd->nd_repstat = NFSERR_TOOSMALL;
}
if (!nd->nd_repstat)
nd->nd_repstat = nfsvno_accchk(vp, VEXEC,
nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE,
NFSACCCHK_VPISLOCKED, NULL);
if (nd->nd_repstat) {
vput(vp);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
goto out;
}
is_ufs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "ufs") == 0;
rbuf = malloc(siz, M_TEMP, M_WAITOK);
again:
eofflag = 0;
if (cookies) {
free(cookies, M_TEMP);
cookies = NULL;
}
iv.iov_base = rbuf;
iv.iov_len = siz;
io.uio_iov = &iv;
io.uio_iovcnt = 1;
io.uio_offset = (off_t)off;
io.uio_resid = siz;
io.uio_segflg = UIO_SYSSPACE;
io.uio_rw = UIO_READ;
io.uio_td = NULL;
nd->nd_repstat = VOP_READDIR(vp, &io, nd->nd_cred, &eofflag, &ncookies,
&cookies);
off = (u_int64_t)io.uio_offset;
if (io.uio_resid)
siz -= io.uio_resid;
if (!cookies && !nd->nd_repstat)
nd->nd_repstat = NFSERR_PERM;
if (nd->nd_flag & ND_NFSV3) {
getret = nfsvno_getattr(vp, &at, nd, p, 1, NULL);
if (!nd->nd_repstat)
nd->nd_repstat = getret;
}
/*
* Handles the failed cases. nd->nd_repstat == 0 past here.
*/
if (nd->nd_repstat) {
vput(vp);
free(rbuf, M_TEMP);
if (cookies)
free(cookies, M_TEMP);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
goto out;
}
/*
* If nothing read, return eof
* rpc reply
*/
if (siz == 0) {
vput(vp);
if (nd->nd_flag & ND_NFSV2) {
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
} else {
nfsrv_postopattr(nd, getret, &at);
NFSM_BUILD(tl, u_int32_t *, 4 * NFSX_UNSIGNED);
txdr_hyper(at.na_filerev, tl);
tl += 2;
}
*tl++ = newnfs_false;
*tl = newnfs_true;
free(rbuf, M_TEMP);
free(cookies, M_TEMP);
goto out;
}
/*
* Check for degenerate cases of nothing useful read.
* If so go try again
*/
cpos = rbuf;
cend = rbuf + siz;
dp = (struct dirent *)cpos;
cookiep = cookies;
/*
* For some reason FreeBSD's ufs_readdir() chooses to back the
* directory offset up to a block boundary, so it is necessary to
* skip over the records that precede the requested offset. This
* requires the assumption that file offset cookies monotonically
* increase.
*/
while (cpos < cend && ncookies > 0 &&
(dp->d_fileno == 0 || dp->d_type == DT_WHT ||
(is_ufs == 1 && ((u_quad_t)(*cookiep)) <= toff))) {
cpos += dp->d_reclen;
dp = (struct dirent *)cpos;
cookiep++;
ncookies--;
}
if (cpos >= cend || ncookies == 0) {
siz = fullsiz;
toff = off;
goto again;
}
vput(vp);
/*
* dirlen is the size of the reply, including all XDR and must
* not exceed cnt. For NFSv2, RFC1094 didn't clearly indicate
* if the XDR should be included in "count", but to be safe, we do.
* (Include the two booleans at the end of the reply in dirlen now.)
*/
if (nd->nd_flag & ND_NFSV3) {
nfsrv_postopattr(nd, getret, &at);
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
txdr_hyper(at.na_filerev, tl);
dirlen = NFSX_V3POSTOPATTR + NFSX_VERF + 2 * NFSX_UNSIGNED;
} else {
dirlen = 2 * NFSX_UNSIGNED;
}
/* Loop through the records and build reply */
while (cpos < cend && ncookies > 0) {
nlen = dp->d_namlen;
if (dp->d_fileno != 0 && dp->d_type != DT_WHT &&
nlen <= NFS_MAXNAMLEN) {
if (nd->nd_flag & ND_NFSV3)
dirlen += (6*NFSX_UNSIGNED + NFSM_RNDUP(nlen));
else
dirlen += (4*NFSX_UNSIGNED + NFSM_RNDUP(nlen));
if (dirlen > cnt) {
eofflag = 0;
break;
}
/*
* Build the directory record xdr from
* the dirent entry.
*/
if (nd->nd_flag & ND_NFSV3) {
NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
*tl++ = newnfs_true;
*tl++ = 0;
} else {
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
*tl++ = newnfs_true;
}
*tl = txdr_unsigned(dp->d_fileno);
(void) nfsm_strtom(nd, dp->d_name, nlen);
if (nd->nd_flag & ND_NFSV3) {
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
*tl++ = 0;
} else
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(*cookiep);
}
cpos += dp->d_reclen;
dp = (struct dirent *)cpos;
cookiep++;
ncookies--;
}
if (cpos < cend)
eofflag = 0;
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
*tl++ = newnfs_false;
if (eofflag)
*tl = newnfs_true;
else
*tl = newnfs_false;
free(rbuf, M_TEMP);
free(cookies, M_TEMP);
out:
NFSEXITCODE2(0, nd);
return (0);
nfsmout:
vput(vp);
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Readdirplus for V3 and Readdir for V4.
*/
int
nfsrvd_readdirplus(struct nfsrv_descript *nd, int isdgram,
struct vnode *vp, struct nfsexstuff *exp)
{
struct dirent *dp;
u_int32_t *tl;
int dirlen;
char *cpos, *cend, *rbuf;
struct vnode *nvp;
fhandle_t nfh;
struct nfsvattr nva, at, *nvap = &nva;
struct mbuf *mb0, *mb1;
struct nfsreferral *refp;
int nlen, r, error = 0, getret = 1, usevget = 1;
int siz, cnt, fullsiz, eofflag, ncookies, entrycnt;
caddr_t bpos0, bpos1;
u_int64_t off, toff, verf;
u_long *cookies = NULL, *cookiep;
nfsattrbit_t attrbits, rderrbits, savbits;
struct uio io;
struct iovec iv;
struct componentname cn;
int at_root, is_ufs, is_zfs, needs_unbusy, supports_nfsv4acls;
struct mount *mp, *new_mp;
uint64_t mounted_on_fileno;
struct thread *p = curthread;
int bextpg0, bextpg1, bextpgsiz0, bextpgsiz1;
if (nd->nd_repstat) {
nfsrv_postopattr(nd, getret, &at);
goto out;
}
NFSM_DISSECT(tl, u_int32_t *, 6 * NFSX_UNSIGNED);
off = fxdr_hyper(tl);
toff = off;
tl += 2;
verf = fxdr_hyper(tl);
tl += 2;
siz = fxdr_unsigned(int, *tl++);
cnt = fxdr_unsigned(int, *tl);
/*
* Use the server's maximum data transfer size as the upper bound
* on reply datalen.
*/
if (cnt > NFS_SRVMAXDATA(nd) || cnt < 0)
cnt = NFS_SRVMAXDATA(nd);
/*
* siz is a "hint" of how much directory information (name, fileid,
* cookie) should be in the reply. At least one client "hints" 0,
* so I set it to cnt for that case. I also round it up to the
* next multiple of DIRBLKSIZ.
* Since the size of a Readdirplus directory entry reply will always
* be greater than a directory entry returned by VOP_READDIR(), it
* does not make sense to read more than NFS_SRVMAXDATA() via
* VOP_READDIR().
*/
if (siz <= 0)
siz = cnt;
else if (siz > NFS_SRVMAXDATA(nd))
siz = NFS_SRVMAXDATA(nd);
siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
if (nd->nd_flag & ND_NFSV4) {
error = nfsrv_getattrbits(nd, &attrbits, NULL, NULL);
if (error)
goto nfsmout;
NFSSET_ATTRBIT(&savbits, &attrbits);
NFSCLRNOTFILLABLE_ATTRBIT(&attrbits, nd);
NFSZERO_ATTRBIT(&rderrbits);
NFSSETBIT_ATTRBIT(&rderrbits, NFSATTRBIT_RDATTRERROR);
} else {
NFSZERO_ATTRBIT(&attrbits);
}
fullsiz = siz;
nd->nd_repstat = getret = nfsvno_getattr(vp, &at, nd, p, 1, NULL);
#if 0
if (!nd->nd_repstat) {
if (off && verf != at.na_filerev) {
/*
* va_filerev is not sufficient as a cookie verifier,
* since it is not supposed to change when entries are
* removed/added unless that offset cookies returned to
* the client are no longer valid.
*/
if (nd->nd_flag & ND_NFSV4) {
nd->nd_repstat = NFSERR_NOTSAME;
} else {
nd->nd_repstat = NFSERR_BAD_COOKIE;
}
}
}
#endif
if (!nd->nd_repstat && vp->v_type != VDIR)
nd->nd_repstat = NFSERR_NOTDIR;
if (!nd->nd_repstat && cnt == 0)
nd->nd_repstat = NFSERR_TOOSMALL;
if (!nd->nd_repstat)
nd->nd_repstat = nfsvno_accchk(vp, VEXEC,
nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE,
NFSACCCHK_VPISLOCKED, NULL);
if (nd->nd_repstat) {
vput(vp);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
goto out;
}
is_ufs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "ufs") == 0;
is_zfs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "zfs") == 0;
rbuf = malloc(siz, M_TEMP, M_WAITOK);
again:
eofflag = 0;
if (cookies) {
free(cookies, M_TEMP);
cookies = NULL;
}
iv.iov_base = rbuf;
iv.iov_len = siz;
io.uio_iov = &iv;
io.uio_iovcnt = 1;
io.uio_offset = (off_t)off;
io.uio_resid = siz;
io.uio_segflg = UIO_SYSSPACE;
io.uio_rw = UIO_READ;
io.uio_td = NULL;
nd->nd_repstat = VOP_READDIR(vp, &io, nd->nd_cred, &eofflag, &ncookies,
&cookies);
off = (u_int64_t)io.uio_offset;
if (io.uio_resid)
siz -= io.uio_resid;
getret = nfsvno_getattr(vp, &at, nd, p, 1, NULL);
if (!cookies && !nd->nd_repstat)
nd->nd_repstat = NFSERR_PERM;
if (!nd->nd_repstat)
nd->nd_repstat = getret;
if (nd->nd_repstat) {
vput(vp);
if (cookies)
free(cookies, M_TEMP);
free(rbuf, M_TEMP);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
goto out;
}
/*
* If nothing read, return eof
* rpc reply
*/
if (siz == 0) {
vput(vp);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
NFSM_BUILD(tl, u_int32_t *, 4 * NFSX_UNSIGNED);
txdr_hyper(at.na_filerev, tl);
tl += 2;
*tl++ = newnfs_false;
*tl = newnfs_true;
free(cookies, M_TEMP);
free(rbuf, M_TEMP);
goto out;
}
/*
* Check for degenerate cases of nothing useful read.
* If so go try again
*/
cpos = rbuf;
cend = rbuf + siz;
dp = (struct dirent *)cpos;
cookiep = cookies;
/*
* For some reason FreeBSD's ufs_readdir() chooses to back the
* directory offset up to a block boundary, so it is necessary to
* skip over the records that precede the requested offset. This
* requires the assumption that file offset cookies monotonically
* increase.
*/
while (cpos < cend && ncookies > 0 &&
(dp->d_fileno == 0 || dp->d_type == DT_WHT ||
(is_ufs == 1 && ((u_quad_t)(*cookiep)) <= toff) ||
((nd->nd_flag & ND_NFSV4) &&
((dp->d_namlen == 1 && dp->d_name[0] == '.') ||
(dp->d_namlen==2 && dp->d_name[0]=='.' && dp->d_name[1]=='.'))))) {
cpos += dp->d_reclen;
dp = (struct dirent *)cpos;
cookiep++;
ncookies--;
}
if (cpos >= cend || ncookies == 0) {
siz = fullsiz;
toff = off;
goto again;
}
/*
* Busy the file system so that the mount point won't go away
* and, as such, VFS_VGET() can be used safely.
*/
mp = vp->v_mount;
vfs_ref(mp);
NFSVOPUNLOCK(vp);
nd->nd_repstat = vfs_busy(mp, 0);
vfs_rel(mp);
if (nd->nd_repstat != 0) {
vrele(vp);
free(cookies, M_TEMP);
free(rbuf, M_TEMP);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
goto out;
}
/*
* Check to see if entries in this directory can be safely acquired
* via VFS_VGET() or if a switch to VOP_LOOKUP() is required.
* ZFS snapshot directories need VOP_LOOKUP(), so that any
* automount of the snapshot directory that is required will
* be done.
* This needs to be done here for NFSv4, since NFSv4 never does
* a VFS_VGET() for "." or "..".
*/
if (is_zfs == 1) {
r = VFS_VGET(mp, at.na_fileid, LK_SHARED, &nvp);
if (r == EOPNOTSUPP) {
usevget = 0;
cn.cn_nameiop = LOOKUP;
cn.cn_lkflags = LK_SHARED | LK_RETRY;
cn.cn_cred = nd->nd_cred;
cn.cn_thread = p;
} else if (r == 0)
vput(nvp);
}
/*
* Save this position, in case there is an error before one entry
* is created.
*/
mb0 = nd->nd_mb;
bpos0 = nd->nd_bpos;
bextpg0 = nd->nd_bextpg;
bextpgsiz0 = nd->nd_bextpgsiz;
/*
* Fill in the first part of the reply.
* dirlen is the reply length in bytes and cannot exceed cnt.
* (Include the two booleans at the end of the reply in dirlen now,
* so we recognize when we have exceeded cnt.)
*/
if (nd->nd_flag & ND_NFSV3) {
dirlen = NFSX_V3POSTOPATTR + NFSX_VERF + 2 * NFSX_UNSIGNED;
nfsrv_postopattr(nd, getret, &at);
} else {
dirlen = NFSX_VERF + 2 * NFSX_UNSIGNED;
}
NFSM_BUILD(tl, u_int32_t *, NFSX_VERF);
txdr_hyper(at.na_filerev, tl);
/*
* Save this position, in case there is an empty reply needed.
*/
mb1 = nd->nd_mb;
bpos1 = nd->nd_bpos;
bextpg1 = nd->nd_bextpg;
bextpgsiz1 = nd->nd_bextpgsiz;
/* Loop through the records and build reply */
entrycnt = 0;
while (cpos < cend && ncookies > 0 && dirlen < cnt) {
nlen = dp->d_namlen;
if (dp->d_fileno != 0 && dp->d_type != DT_WHT &&
nlen <= NFS_MAXNAMLEN &&
((nd->nd_flag & ND_NFSV3) || nlen > 2 ||
(nlen==2 && (dp->d_name[0]!='.' || dp->d_name[1]!='.'))
|| (nlen == 1 && dp->d_name[0] != '.'))) {
/*
* Save the current position in the reply, in case
* this entry exceeds cnt.
*/
mb1 = nd->nd_mb;
bpos1 = nd->nd_bpos;
bextpg1 = nd->nd_bextpg;
bextpgsiz1 = nd->nd_bextpgsiz;
/*
* For readdir_and_lookup get the vnode using
* the file number.
*/
nvp = NULL;
refp = NULL;
r = 0;
at_root = 0;
needs_unbusy = 0;
new_mp = mp;
mounted_on_fileno = (uint64_t)dp->d_fileno;
if ((nd->nd_flag & ND_NFSV3) ||
NFSNONZERO_ATTRBIT(&savbits)) {
if (nd->nd_flag & ND_NFSV4)
refp = nfsv4root_getreferral(NULL,
vp, dp->d_fileno);
if (refp == NULL) {
if (usevget)
r = VFS_VGET(mp, dp->d_fileno,
LK_SHARED, &nvp);
else
r = EOPNOTSUPP;
if (r == EOPNOTSUPP) {
if (usevget) {
usevget = 0;
cn.cn_nameiop = LOOKUP;
cn.cn_lkflags =
LK_SHARED |
LK_RETRY;
cn.cn_cred =
nd->nd_cred;
cn.cn_thread = p;
}
cn.cn_nameptr = dp->d_name;
cn.cn_namelen = nlen;
cn.cn_flags = ISLASTCN |
NOFOLLOW | LOCKLEAF;
if (nlen == 2 &&
dp->d_name[0] == '.' &&
dp->d_name[1] == '.')
cn.cn_flags |=
ISDOTDOT;
if (NFSVOPLOCK(vp, LK_SHARED)
!= 0) {
nd->nd_repstat = EPERM;
break;
}
if ((vp->v_vflag & VV_ROOT) != 0
&& (cn.cn_flags & ISDOTDOT)
!= 0) {
vref(vp);
nvp = vp;
r = 0;
} else {
r = VOP_LOOKUP(vp, &nvp,
&cn);
if (vp != nvp)
NFSVOPUNLOCK(vp);
}
}
/*
* For NFSv4, check to see if nvp is
* a mount point and get the mount
* point vnode, as required.
*/
if (r == 0 &&
nfsrv_enable_crossmntpt != 0 &&
(nd->nd_flag & ND_NFSV4) != 0 &&
nvp->v_type == VDIR &&
nvp->v_mountedhere != NULL) {
new_mp = nvp->v_mountedhere;
r = vfs_busy(new_mp, 0);
vput(nvp);
nvp = NULL;
if (r == 0) {
r = VFS_ROOT(new_mp,
LK_SHARED, &nvp);
needs_unbusy = 1;
if (r == 0)
at_root = 1;
}
}
}
/*
* If we failed to look up the entry, then it
* has become invalid, most likely removed.
*/
if (r != 0) {
if (needs_unbusy)
vfs_unbusy(new_mp);
goto invalid;
}
KASSERT(refp != NULL || nvp != NULL,
("%s: undetected lookup error", __func__));
if (refp == NULL &&
((nd->nd_flag & ND_NFSV3) ||
NFSNONZERO_ATTRBIT(&attrbits))) {
r = nfsvno_getfh(nvp, &nfh, p);
if (!r)
r = nfsvno_getattr(nvp, nvap, nd, p,
1, &attrbits);
if (r == 0 && is_zfs == 1 &&
nfsrv_enable_crossmntpt != 0 &&
(nd->nd_flag & ND_NFSV4) != 0 &&
nvp->v_type == VDIR &&
vp->v_mount != nvp->v_mount) {
/*
* For a ZFS snapshot, there is a
* pseudo mount that does not set
* v_mountedhere, so it needs to
* be detected via a different
* mount structure.
*/
at_root = 1;
if (new_mp == mp)
new_mp = nvp->v_mount;
}
}
/*
* If we failed to get attributes of the entry,
* then just skip it for NFSv3 (the traditional
* behavior in the old NFS server).
* For NFSv4 the behavior is controlled by
* RDATTRERROR: we either ignore the error or
* fail the request.
* Note that RDATTRERROR is never set for NFSv3.
*/
if (r != 0) {
if (!NFSISSET_ATTRBIT(&attrbits,
NFSATTRBIT_RDATTRERROR)) {
vput(nvp);
if (needs_unbusy != 0)
vfs_unbusy(new_mp);
if ((nd->nd_flag & ND_NFSV3))
goto invalid;
nd->nd_repstat = r;
break;
}
}
}
/*
* Build the directory record xdr
*/
if (nd->nd_flag & ND_NFSV3) {
NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
*tl++ = newnfs_true;
*tl++ = 0;
*tl = txdr_unsigned(dp->d_fileno);
dirlen += nfsm_strtom(nd, dp->d_name, nlen);
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
*tl++ = 0;
*tl = txdr_unsigned(*cookiep);
nfsrv_postopattr(nd, 0, nvap);
dirlen += nfsm_fhtom(nd,(u_int8_t *)&nfh,0,1);
dirlen += (5*NFSX_UNSIGNED+NFSX_V3POSTOPATTR);
if (nvp != NULL)
vput(nvp);
} else {
NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
*tl++ = newnfs_true;
*tl++ = 0;
*tl = txdr_unsigned(*cookiep);
dirlen += nfsm_strtom(nd, dp->d_name, nlen);
if (nvp != NULL) {
supports_nfsv4acls =
nfs_supportsnfsv4acls(nvp);
NFSVOPUNLOCK(nvp);
} else
supports_nfsv4acls = 0;
if (refp != NULL) {
dirlen += nfsrv_putreferralattr(nd,
&savbits, refp, 0,
&nd->nd_repstat);
if (nd->nd_repstat) {
if (nvp != NULL)
vrele(nvp);
if (needs_unbusy != 0)
vfs_unbusy(new_mp);
break;
}
} else if (r) {
dirlen += nfsvno_fillattr(nd, new_mp,
nvp, nvap, &nfh, r, &rderrbits,
nd->nd_cred, p, isdgram, 0,
supports_nfsv4acls, at_root,
mounted_on_fileno);
} else {
dirlen += nfsvno_fillattr(nd, new_mp,
nvp, nvap, &nfh, r, &attrbits,
nd->nd_cred, p, isdgram, 0,
supports_nfsv4acls, at_root,
mounted_on_fileno);
}
if (nvp != NULL)
vrele(nvp);
dirlen += (3 * NFSX_UNSIGNED);
}
if (needs_unbusy != 0)
vfs_unbusy(new_mp);
if (dirlen <= cnt)
entrycnt++;
}
invalid:
cpos += dp->d_reclen;
dp = (struct dirent *)cpos;
cookiep++;
ncookies--;
}
vrele(vp);
vfs_unbusy(mp);
/*
* If dirlen > cnt, we must strip off the last entry. If that
* results in an empty reply, report NFSERR_TOOSMALL.
*/
if (dirlen > cnt || nd->nd_repstat) {
if (!nd->nd_repstat && entrycnt == 0)
nd->nd_repstat = NFSERR_TOOSMALL;
if (nd->nd_repstat) {
nfsm_trimtrailing(nd, mb0, bpos0, bextpg0, bextpgsiz0);
if (nd->nd_flag & ND_NFSV3)
nfsrv_postopattr(nd, getret, &at);
} else
nfsm_trimtrailing(nd, mb1, bpos1, bextpg1, bextpgsiz1);
eofflag = 0;
} else if (cpos < cend)
eofflag = 0;
if (!nd->nd_repstat) {
NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
*tl++ = newnfs_false;
if (eofflag)
*tl = newnfs_true;
else
*tl = newnfs_false;
}
free(cookies, M_TEMP);
free(rbuf, M_TEMP);
out:
NFSEXITCODE2(0, nd);
return (0);
nfsmout:
vput(vp);
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Get the settable attributes out of the mbuf list.
* (Return 0 or EBADRPC)
*/
int
nfsrv_sattr(struct nfsrv_descript *nd, vnode_t vp, struct nfsvattr *nvap,
nfsattrbit_t *attrbitp, NFSACL_T *aclp, struct thread *p)
{
u_int32_t *tl;
struct nfsv2_sattr *sp;
int error = 0, toclient = 0;
switch (nd->nd_flag & (ND_NFSV2 | ND_NFSV3 | ND_NFSV4)) {
case ND_NFSV2:
NFSM_DISSECT(sp, struct nfsv2_sattr *, NFSX_V2SATTR);
/*
* Some old clients didn't fill in the high order 16bits.
* --> check the low order 2 bytes for 0xffff
*/
if ((fxdr_unsigned(int, sp->sa_mode) & 0xffff) != 0xffff)
nvap->na_mode = nfstov_mode(sp->sa_mode);
if (sp->sa_uid != newnfs_xdrneg1)
nvap->na_uid = fxdr_unsigned(uid_t, sp->sa_uid);
if (sp->sa_gid != newnfs_xdrneg1)
nvap->na_gid = fxdr_unsigned(gid_t, sp->sa_gid);
if (sp->sa_size != newnfs_xdrneg1)
nvap->na_size = fxdr_unsigned(u_quad_t, sp->sa_size);
if (sp->sa_atime.nfsv2_sec != newnfs_xdrneg1) {
#ifdef notyet
fxdr_nfsv2time(&sp->sa_atime, &nvap->na_atime);
#else
nvap->na_atime.tv_sec =
fxdr_unsigned(u_int32_t,sp->sa_atime.nfsv2_sec);
nvap->na_atime.tv_nsec = 0;
#endif
}
if (sp->sa_mtime.nfsv2_sec != newnfs_xdrneg1)
fxdr_nfsv2time(&sp->sa_mtime, &nvap->na_mtime);
break;
case ND_NFSV3:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (*tl == newnfs_true) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
nvap->na_mode = nfstov_mode(*tl);
}
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (*tl == newnfs_true) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
nvap->na_uid = fxdr_unsigned(uid_t, *tl);
}
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (*tl == newnfs_true) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
nvap->na_gid = fxdr_unsigned(gid_t, *tl);
}
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (*tl == newnfs_true) {
NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
nvap->na_size = fxdr_hyper(tl);
}
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
switch (fxdr_unsigned(int, *tl)) {
case NFSV3SATTRTIME_TOCLIENT:
NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
fxdr_nfsv3time(tl, &nvap->na_atime);
toclient = 1;
break;
case NFSV3SATTRTIME_TOSERVER:
vfs_timestamp(&nvap->na_atime);
nvap->na_vaflags |= VA_UTIMES_NULL;
break;
}
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
switch (fxdr_unsigned(int, *tl)) {
case NFSV3SATTRTIME_TOCLIENT:
NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
fxdr_nfsv3time(tl, &nvap->na_mtime);
nvap->na_vaflags &= ~VA_UTIMES_NULL;
break;
case NFSV3SATTRTIME_TOSERVER:
vfs_timestamp(&nvap->na_mtime);
if (!toclient)
nvap->na_vaflags |= VA_UTIMES_NULL;
break;
}
break;
case ND_NFSV4:
error = nfsv4_sattr(nd, vp, nvap, attrbitp, aclp, p);
}
nfsmout:
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Handle the setable attributes for V4.
* Returns NFSERR_BADXDR if it can't be parsed, 0 otherwise.
*/
int
nfsv4_sattr(struct nfsrv_descript *nd, vnode_t vp, struct nfsvattr *nvap,
nfsattrbit_t *attrbitp, NFSACL_T *aclp, struct thread *p)
{
u_int32_t *tl;
int attrsum = 0;
int i, j;
int error, attrsize, bitpos, aclsize, aceerr, retnotsup = 0;
int moderet, toclient = 0;
u_char *cp, namestr[NFSV4_SMALLSTR + 1];
uid_t uid;
gid_t gid;
u_short mode, mask; /* Same type as va_mode. */
struct vattr va;
error = nfsrv_getattrbits(nd, attrbitp, NULL, &retnotsup);
if (error)
goto nfsmout;
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
attrsize = fxdr_unsigned(int, *tl);
/*
* Loop around getting the setable attributes. If an unsupported
* one is found, set nd_repstat == NFSERR_ATTRNOTSUPP and return.
*/
if (retnotsup) {
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
bitpos = NFSATTRBIT_MAX;
} else {
bitpos = 0;
}
moderet = 0;
for (; bitpos < NFSATTRBIT_MAX; bitpos++) {
if (attrsum > attrsize) {
error = NFSERR_BADXDR;
goto nfsmout;
}
if (NFSISSET_ATTRBIT(attrbitp, bitpos))
switch (bitpos) {
case NFSATTRBIT_SIZE:
NFSM_DISSECT(tl, u_int32_t *, NFSX_HYPER);
if (vp != NULL && vp->v_type != VREG) {
error = (vp->v_type == VDIR) ? NFSERR_ISDIR :
NFSERR_INVAL;
goto nfsmout;
}
nvap->na_size = fxdr_hyper(tl);
attrsum += NFSX_HYPER;
break;
case NFSATTRBIT_ACL:
error = nfsrv_dissectacl(nd, aclp, &aceerr, &aclsize,
p);
if (error)
goto nfsmout;
if (aceerr && !nd->nd_repstat)
nd->nd_repstat = aceerr;
attrsum += aclsize;
break;
case NFSATTRBIT_ARCHIVE:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (!nd->nd_repstat)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
attrsum += NFSX_UNSIGNED;
break;
case NFSATTRBIT_HIDDEN:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (!nd->nd_repstat)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
attrsum += NFSX_UNSIGNED;
break;
case NFSATTRBIT_MIMETYPE:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
i = fxdr_unsigned(int, *tl);
error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
if (error)
goto nfsmout;
if (!nd->nd_repstat)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
attrsum += (NFSX_UNSIGNED + NFSM_RNDUP(i));
break;
case NFSATTRBIT_MODE:
moderet = NFSERR_INVAL; /* Can't do MODESETMASKED. */
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
nvap->na_mode = nfstov_mode(*tl);
attrsum += NFSX_UNSIGNED;
break;
case NFSATTRBIT_OWNER:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
j = fxdr_unsigned(int, *tl);
if (j < 0) {
error = NFSERR_BADXDR;
goto nfsmout;
}
if (j > NFSV4_SMALLSTR)
cp = malloc(j + 1, M_NFSSTRING, M_WAITOK);
else
cp = namestr;
error = nfsrv_mtostr(nd, cp, j);
if (error) {
if (j > NFSV4_SMALLSTR)
free(cp, M_NFSSTRING);
goto nfsmout;
}
if (!nd->nd_repstat) {
nd->nd_repstat = nfsv4_strtouid(nd, cp, j,
&uid);
if (!nd->nd_repstat)
nvap->na_uid = uid;
}
if (j > NFSV4_SMALLSTR)
free(cp, M_NFSSTRING);
attrsum += (NFSX_UNSIGNED + NFSM_RNDUP(j));
break;
case NFSATTRBIT_OWNERGROUP:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
j = fxdr_unsigned(int, *tl);
if (j < 0) {
error = NFSERR_BADXDR;
goto nfsmout;
}
if (j > NFSV4_SMALLSTR)
cp = malloc(j + 1, M_NFSSTRING, M_WAITOK);
else
cp = namestr;
error = nfsrv_mtostr(nd, cp, j);
if (error) {
if (j > NFSV4_SMALLSTR)
free(cp, M_NFSSTRING);
goto nfsmout;
}
if (!nd->nd_repstat) {
nd->nd_repstat = nfsv4_strtogid(nd, cp, j,
&gid);
if (!nd->nd_repstat)
nvap->na_gid = gid;
}
if (j > NFSV4_SMALLSTR)
free(cp, M_NFSSTRING);
attrsum += (NFSX_UNSIGNED + NFSM_RNDUP(j));
break;
case NFSATTRBIT_SYSTEM:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
if (!nd->nd_repstat)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
attrsum += NFSX_UNSIGNED;
break;
case NFSATTRBIT_TIMEACCESSSET:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
attrsum += NFSX_UNSIGNED;
if (fxdr_unsigned(int, *tl)==NFSV4SATTRTIME_TOCLIENT) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
fxdr_nfsv4time(tl, &nvap->na_atime);
toclient = 1;
attrsum += NFSX_V4TIME;
} else {
vfs_timestamp(&nvap->na_atime);
nvap->na_vaflags |= VA_UTIMES_NULL;
}
break;
case NFSATTRBIT_TIMEBACKUP:
NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
if (!nd->nd_repstat)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
attrsum += NFSX_V4TIME;
break;
case NFSATTRBIT_TIMECREATE:
NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
if (!nd->nd_repstat)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
attrsum += NFSX_V4TIME;
break;
case NFSATTRBIT_TIMEMODIFYSET:
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
attrsum += NFSX_UNSIGNED;
if (fxdr_unsigned(int, *tl)==NFSV4SATTRTIME_TOCLIENT) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
fxdr_nfsv4time(tl, &nvap->na_mtime);
nvap->na_vaflags &= ~VA_UTIMES_NULL;
attrsum += NFSX_V4TIME;
} else {
vfs_timestamp(&nvap->na_mtime);
if (!toclient)
nvap->na_vaflags |= VA_UTIMES_NULL;
}
break;
case NFSATTRBIT_MODESETMASKED:
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
mode = fxdr_unsigned(u_short, *tl++);
mask = fxdr_unsigned(u_short, *tl);
/*
* vp == NULL implies an Open/Create operation.
* This attribute can only be used for Setattr and
* only for NFSv4.1 or higher.
* If moderet != 0, a mode attribute has also been
* specified and this attribute cannot be done in the
* same Setattr operation.
*/
if ((nd->nd_flag & ND_NFSV41) == 0)
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
else if ((mode & ~07777) != 0 || (mask & ~07777) != 0 ||
vp == NULL)
nd->nd_repstat = NFSERR_INVAL;
else if (moderet == 0)
moderet = VOP_GETATTR(vp, &va, nd->nd_cred);
if (moderet == 0)
nvap->na_mode = (mode & mask) |
(va.va_mode & ~mask);
else
nd->nd_repstat = moderet;
attrsum += 2 * NFSX_UNSIGNED;
break;
default:
nd->nd_repstat = NFSERR_ATTRNOTSUPP;
/*
* set bitpos so we drop out of the loop.
*/
bitpos = NFSATTRBIT_MAX;
break;
}
}
/*
* some clients pad the attrlist, so we need to skip over the
* padding.
*/
if (attrsum > attrsize) {
error = NFSERR_BADXDR;
} else {
attrsize = NFSM_RNDUP(attrsize);
if (attrsum < attrsize)
error = nfsm_advance(nd, attrsize - attrsum, -1);
}
nfsmout:
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Check/setup export credentials.
*/
int
nfsd_excred(struct nfsrv_descript *nd, struct nfsexstuff *exp,
struct ucred *credanon)
{
int error = 0;
/*
* Check/setup credentials.
*/
if (nd->nd_flag & ND_GSS)
exp->nes_exflag &= ~MNT_EXPORTANON;
/*
* Check to see if the operation is allowed for this security flavor.
* RFC2623 suggests that the NFSv3 Fsinfo RPC be allowed to
* AUTH_NONE or AUTH_SYS for file systems requiring RPCSEC_GSS.
* Also, allow Secinfo, so that it can acquire the correct flavor(s).
*/
if (nfsvno_testexp(nd, exp) &&
nd->nd_procnum != NFSV4OP_SECINFO &&
nd->nd_procnum != NFSPROC_FSINFO) {
if (nd->nd_flag & ND_NFSV4)
error = NFSERR_WRONGSEC;
else
error = (NFSERR_AUTHERR | AUTH_TOOWEAK);
goto out;
}
/*
* Check to see if the file system is exported V4 only.
*/
if (NFSVNO_EXV4ONLY(exp) && !(nd->nd_flag & ND_NFSV4)) {
error = NFSERR_PROGNOTV4;
goto out;
}
/*
* Now, map the user credentials.
* (Note that ND_AUTHNONE will only be set for an NFSv3
* Fsinfo RPC. If set for anything else, this code might need
* to change.)
*/
if (NFSVNO_EXPORTED(exp)) {
if (((nd->nd_flag & ND_GSS) == 0 && nd->nd_cred->cr_uid == 0) ||
NFSVNO_EXPORTANON(exp) ||
(nd->nd_flag & ND_AUTHNONE) != 0) {
nd->nd_cred->cr_uid = credanon->cr_uid;
nd->nd_cred->cr_gid = credanon->cr_gid;
crsetgroups(nd->nd_cred, credanon->cr_ngroups,
credanon->cr_groups);
} else if ((nd->nd_flag & ND_GSS) == 0) {
/*
* If using AUTH_SYS, call nfsrv_getgrpscred() to see
* if there is a replacement credential with a group
* list set up by "nfsuserd -manage-gids".
* If there is no replacement, nfsrv_getgrpscred()
* simply returns its argument.
*/
nd->nd_cred = nfsrv_getgrpscred(nd->nd_cred);
}
}
out:
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Check exports.
*/
int
nfsvno_checkexp(struct mount *mp, struct sockaddr *nam, struct nfsexstuff *exp,
struct ucred **credp)
{
int i, error, *secflavors;
error = VFS_CHECKEXP(mp, nam, &exp->nes_exflag, credp,
&exp->nes_numsecflavor, &secflavors);
if (error) {
if (nfs_rootfhset) {
exp->nes_exflag = 0;
exp->nes_numsecflavor = 0;
error = 0;
}
} else {
/* Copy the security flavors. */
for (i = 0; i < exp->nes_numsecflavor; i++)
exp->nes_secflavors[i] = secflavors[i];
}
NFSEXITCODE(error);
return (error);
}
/*
* Get a vnode for a file handle and export stuff.
*/
int
nfsvno_fhtovp(struct mount *mp, fhandle_t *fhp, struct sockaddr *nam,
int lktype, struct vnode **vpp, struct nfsexstuff *exp,
struct ucred **credp)
{
int i, error, *secflavors;
*credp = NULL;
exp->nes_numsecflavor = 0;
error = VFS_FHTOVP(mp, &fhp->fh_fid, lktype, vpp);
if (error != 0)
/* Make sure the server replies ESTALE to the client. */
error = ESTALE;
if (nam && !error) {
error = VFS_CHECKEXP(mp, nam, &exp->nes_exflag, credp,
&exp->nes_numsecflavor, &secflavors);
if (error) {
if (nfs_rootfhset) {
exp->nes_exflag = 0;
exp->nes_numsecflavor = 0;
error = 0;
} else {
vput(*vpp);
}
} else {
/* Copy the security flavors. */
for (i = 0; i < exp->nes_numsecflavor; i++)
exp->nes_secflavors[i] = secflavors[i];
}
}
NFSEXITCODE(error);
return (error);
}
/*
* nfsd_fhtovp() - convert a fh to a vnode ptr
* - look up fsid in mount list (if not found ret error)
* - get vp and export rights by calling nfsvno_fhtovp()
* - if cred->cr_uid == 0 or MNT_EXPORTANON set it to credanon
* for AUTH_SYS
* - if mpp != NULL, return the mount point so that it can
* be used for vn_finished_write() by the caller
*/
void
nfsd_fhtovp(struct nfsrv_descript *nd, struct nfsrvfh *nfp, int lktype,
struct vnode **vpp, struct nfsexstuff *exp,
struct mount **mpp, int startwrite)
{
struct mount *mp;
struct ucred *credanon;
fhandle_t *fhp;
fhp = (fhandle_t *)nfp->nfsrvfh_data;
/*
* Check for the special case of the nfsv4root_fh.
*/
mp = vfs_busyfs(&fhp->fh_fsid);
if (mpp != NULL)
*mpp = mp;
if (mp == NULL) {
*vpp = NULL;
nd->nd_repstat = ESTALE;
goto out;
}
if (startwrite) {
vn_start_write(NULL, mpp, V_WAIT);
if (lktype == LK_SHARED && !(MNT_SHARED_WRITES(mp)))
lktype = LK_EXCLUSIVE;
}
nd->nd_repstat = nfsvno_fhtovp(mp, fhp, nd->nd_nam, lktype, vpp, exp,
&credanon);
vfs_unbusy(mp);
/*
* For NFSv4 without a pseudo root fs, unexported file handles
* can be returned, so that Lookup works everywhere.
*/
if (!nd->nd_repstat && exp->nes_exflag == 0 &&
!(nd->nd_flag & ND_NFSV4)) {
vput(*vpp);
nd->nd_repstat = NFSERR_ACCES;
}
/*
* If TLS is required by the export, check the flags in nd_flag.
*/
if (nd->nd_repstat == 0 && ((NFSVNO_EXTLS(exp) &&
(nd->nd_flag & ND_TLS) == 0) ||
(NFSVNO_EXTLSCERT(exp) &&
(nd->nd_flag & ND_TLSCERT) == 0) ||
- (NFSVNO_EXTLSCNUSER(exp) &&
- (nd->nd_flag & ND_TLSCNUSER) == 0))) {
+ (NFSVNO_EXTLSCERTUSER(exp) &&
+ (nd->nd_flag & ND_TLSCERTUSER) == 0))) {
vput(*vpp);
nd->nd_repstat = NFSERR_ACCES;
}
/*
* Personally, I've never seen any point in requiring a
* reserved port#, since only in the rare case where the
* clients are all boxes with secure system privileges,
* does it provide any enhanced security, but... some people
* believe it to be useful and keep putting this code back in.
* (There is also some "security checker" out there that
* complains if the nfs server doesn't enforce this.)
* However, note the following:
* RFC3530 (NFSv4) specifies that a reserved port# not be
* required.
* RFC2623 recommends that, if a reserved port# is checked for,
* that there be a way to turn that off--> ifdef'd.
*/
#ifdef NFS_REQRSVPORT
if (!nd->nd_repstat) {
struct sockaddr_in *saddr;
struct sockaddr_in6 *saddr6;
saddr = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in *);
saddr6 = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in6 *);
if (!(nd->nd_flag & ND_NFSV4) &&
((saddr->sin_family == AF_INET &&
ntohs(saddr->sin_port) >= IPPORT_RESERVED) ||
(saddr6->sin6_family == AF_INET6 &&
ntohs(saddr6->sin6_port) >= IPPORT_RESERVED))) {
vput(*vpp);
nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK);
}
}
#endif /* NFS_REQRSVPORT */
/*
* Check/setup credentials.
*/
if (!nd->nd_repstat) {
nd->nd_saveduid = nd->nd_cred->cr_uid;
nd->nd_repstat = nfsd_excred(nd, exp, credanon);
if (nd->nd_repstat)
vput(*vpp);
}
if (credanon != NULL)
crfree(credanon);
if (nd->nd_repstat) {
if (startwrite)
vn_finished_write(mp);
*vpp = NULL;
if (mpp != NULL)
*mpp = NULL;
}
out:
NFSEXITCODE2(0, nd);
}
/*
* glue for fp.
*/
static int
fp_getfvp(struct thread *p, int fd, struct file **fpp, struct vnode **vpp)
{
struct filedesc *fdp;
struct file *fp;
int error = 0;
fdp = p->td_proc->p_fd;
if (fd < 0 || fd >= fdp->fd_nfiles ||
(fp = fdp->fd_ofiles[fd].fde_file) == NULL) {
error = EBADF;
goto out;
}
*fpp = fp;
out:
NFSEXITCODE(error);
return (error);
}
/*
* Called from nfssvc() to update the exports list. Just call
* vfs_export(). This has to be done, since the v4 root fake fs isn't
* in the mount list.
*/
int
nfsrv_v4rootexport(void *argp, struct ucred *cred, struct thread *p)
{
struct nfsex_args *nfsexargp = (struct nfsex_args *)argp;
int error = 0;
struct nameidata nd;
fhandle_t fh;
error = vfs_export(&nfsv4root_mnt, &nfsexargp->export);
if ((nfsexargp->export.ex_flags & MNT_DELEXPORT) != 0)
nfs_rootfhset = 0;
else if (error == 0) {
if (nfsexargp->fspec == NULL) {
error = EPERM;
goto out;
}
/*
* If fspec != NULL, this is the v4root path.
*/
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE,
nfsexargp->fspec, p);
if ((error = namei(&nd)) != 0)
goto out;
error = nfsvno_getfh(nd.ni_vp, &fh, p);
vrele(nd.ni_vp);
if (!error) {
nfs_rootfh.nfsrvfh_len = NFSX_MYFH;
NFSBCOPY((caddr_t)&fh,
nfs_rootfh.nfsrvfh_data,
sizeof (fhandle_t));
nfs_rootfhset = 1;
}
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* This function needs to test to see if the system is near its limit
* for memory allocation via malloc() or mget() and return True iff
* either of these resources are near their limit.
* XXX (For now, this is just a stub.)
*/
int nfsrv_testmalloclimit = 0;
int
nfsrv_mallocmget_limit(void)
{
static int printmesg = 0;
static int testval = 1;
if (nfsrv_testmalloclimit && (testval++ % 1000) == 0) {
if ((printmesg++ % 100) == 0)
printf("nfsd: malloc/mget near limit\n");
return (1);
}
return (0);
}
/*
* BSD specific initialization of a mount point.
*/
void
nfsd_mntinit(void)
{
static int inited = 0;
if (inited)
return;
inited = 1;
nfsv4root_mnt.mnt_flag = (MNT_RDONLY | MNT_EXPORTED);
TAILQ_INIT(&nfsv4root_mnt.mnt_nvnodelist);
TAILQ_INIT(&nfsv4root_mnt.mnt_lazyvnodelist);
nfsv4root_mnt.mnt_export = NULL;
TAILQ_INIT(&nfsv4root_opt);
TAILQ_INIT(&nfsv4root_newopt);
nfsv4root_mnt.mnt_opt = &nfsv4root_opt;
nfsv4root_mnt.mnt_optnew = &nfsv4root_newopt;
nfsv4root_mnt.mnt_nvnodelistsize = 0;
nfsv4root_mnt.mnt_lazyvnodelistsize = 0;
}
/*
* Get a vnode for a file handle, without checking exports, etc.
*/
struct vnode *
nfsvno_getvp(fhandle_t *fhp)
{
struct mount *mp;
struct vnode *vp;
int error;
mp = vfs_busyfs(&fhp->fh_fsid);
if (mp == NULL)
return (NULL);
error = VFS_FHTOVP(mp, &fhp->fh_fid, LK_EXCLUSIVE, &vp);
vfs_unbusy(mp);
if (error)
return (NULL);
return (vp);
}
/*
* Do a local VOP_ADVLOCK().
*/
int
nfsvno_advlock(struct vnode *vp, int ftype, u_int64_t first,
u_int64_t end, struct thread *td)
{
int error = 0;
struct flock fl;
u_int64_t tlen;
if (nfsrv_dolocallocks == 0)
goto out;
ASSERT_VOP_UNLOCKED(vp, "nfsvno_advlock: vp locked");
fl.l_whence = SEEK_SET;
fl.l_type = ftype;
fl.l_start = (off_t)first;
if (end == NFS64BITSSET) {
fl.l_len = 0;
} else {
tlen = end - first;
fl.l_len = (off_t)tlen;
}
/*
* For FreeBSD8, the l_pid and l_sysid must be set to the same
* values for all calls, so that all locks will be held by the
* nfsd server. (The nfsd server handles conflicts between the
* various clients.)
* Since an NFSv4 lockowner is a ClientID plus an array of up to 1024
* bytes, so it can't be put in l_sysid.
*/
if (nfsv4_sysid == 0)
nfsv4_sysid = nlm_acquire_next_sysid();
fl.l_pid = (pid_t)0;
fl.l_sysid = (int)nfsv4_sysid;
if (ftype == F_UNLCK)
error = VOP_ADVLOCK(vp, (caddr_t)td->td_proc, F_UNLCK, &fl,
(F_POSIX | F_REMOTE));
else
error = VOP_ADVLOCK(vp, (caddr_t)td->td_proc, F_SETLK, &fl,
(F_POSIX | F_REMOTE));
out:
NFSEXITCODE(error);
return (error);
}
/*
* Check the nfsv4 root exports.
*/
int
nfsvno_v4rootexport(struct nfsrv_descript *nd)
{
struct ucred *credanon;
int exflags, error = 0, numsecflavor, *secflavors, i;
error = vfs_stdcheckexp(&nfsv4root_mnt, nd->nd_nam, &exflags,
&credanon, &numsecflavor, &secflavors);
if (error) {
error = NFSERR_PROGUNAVAIL;
goto out;
}
if (credanon != NULL)
crfree(credanon);
for (i = 0; i < numsecflavor; i++) {
if (secflavors[i] == AUTH_SYS)
nd->nd_flag |= ND_EXAUTHSYS;
else if (secflavors[i] == RPCSEC_GSS_KRB5)
nd->nd_flag |= ND_EXGSS;
else if (secflavors[i] == RPCSEC_GSS_KRB5I)
nd->nd_flag |= ND_EXGSSINTEGRITY;
else if (secflavors[i] == RPCSEC_GSS_KRB5P)
nd->nd_flag |= ND_EXGSSPRIVACY;
}
/* And set ND_EXxx flags for TLS. */
if ((exflags & MNTEX_TLS) != 0) {
nd->nd_flag |= ND_EXTLS;
if ((exflags & MNTEX_TLSCERT) != 0)
nd->nd_flag |= ND_EXTLSCERT;
- if ((exflags & MNTEX_TLSCNUSER) != 0)
- nd->nd_flag |= ND_EXTLSCNUSER;
+ if ((exflags & MNTEX_TLSCERTUSER) != 0)
+ nd->nd_flag |= ND_EXTLSCERTUSER;
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* Nfs server pseudo system call for the nfsd's
*/
/*
* MPSAFE
*/
static int
nfssvc_nfsd(struct thread *td, struct nfssvc_args *uap)
{
struct file *fp;
struct nfsd_addsock_args sockarg;
struct nfsd_nfsd_args nfsdarg;
struct nfsd_nfsd_oargs onfsdarg;
struct nfsd_pnfsd_args pnfsdarg;
struct vnode *vp, *nvp, *curdvp;
struct pnfsdsfile *pf;
struct nfsdevice *ds, *fds;
cap_rights_t rights;
int buflen, error, ret;
char *buf, *cp, *cp2, *cp3;
char fname[PNFS_FILENAME_LEN + 1];
if (uap->flag & NFSSVC_NFSDADDSOCK) {
error = copyin(uap->argp, (caddr_t)&sockarg, sizeof (sockarg));
if (error)
goto out;
/*
* Since we don't know what rights might be required,
* pretend that we need them all. It is better to be too
* careful than too reckless.
*/
error = fget(td, sockarg.sock,
cap_rights_init(&rights, CAP_SOCK_SERVER), &fp);
if (error != 0)
goto out;
if (fp->f_type != DTYPE_SOCKET) {
fdrop(fp, td);
error = EPERM;
goto out;
}
error = nfsrvd_addsock(fp);
fdrop(fp, td);
} else if (uap->flag & NFSSVC_NFSDNFSD) {
if (uap->argp == NULL) {
error = EINVAL;
goto out;
}
if ((uap->flag & NFSSVC_NEWSTRUCT) == 0) {
error = copyin(uap->argp, &onfsdarg, sizeof(onfsdarg));
if (error == 0) {
nfsdarg.principal = onfsdarg.principal;
nfsdarg.minthreads = onfsdarg.minthreads;
nfsdarg.maxthreads = onfsdarg.maxthreads;
nfsdarg.version = 1;
nfsdarg.addr = NULL;
nfsdarg.addrlen = 0;
nfsdarg.dnshost = NULL;
nfsdarg.dnshostlen = 0;
nfsdarg.dspath = NULL;
nfsdarg.dspathlen = 0;
nfsdarg.mdspath = NULL;
nfsdarg.mdspathlen = 0;
nfsdarg.mirrorcnt = 1;
}
} else
error = copyin(uap->argp, &nfsdarg, sizeof(nfsdarg));
if (error)
goto out;
if (nfsdarg.addrlen > 0 && nfsdarg.addrlen < 10000 &&
nfsdarg.dnshostlen > 0 && nfsdarg.dnshostlen < 10000 &&
nfsdarg.dspathlen > 0 && nfsdarg.dspathlen < 10000 &&
nfsdarg.mdspathlen > 0 && nfsdarg.mdspathlen < 10000 &&
nfsdarg.mirrorcnt >= 1 &&
nfsdarg.mirrorcnt <= NFSDEV_MAXMIRRORS &&
nfsdarg.addr != NULL && nfsdarg.dnshost != NULL &&
nfsdarg.dspath != NULL && nfsdarg.mdspath != NULL) {
NFSD_DEBUG(1, "addrlen=%d dspathlen=%d dnslen=%d"
" mdspathlen=%d mirrorcnt=%d\n", nfsdarg.addrlen,
nfsdarg.dspathlen, nfsdarg.dnshostlen,
nfsdarg.mdspathlen, nfsdarg.mirrorcnt);
cp = malloc(nfsdarg.addrlen + 1, M_TEMP, M_WAITOK);
error = copyin(nfsdarg.addr, cp, nfsdarg.addrlen);
if (error != 0) {
free(cp, M_TEMP);
goto out;
}
cp[nfsdarg.addrlen] = '\0'; /* Ensure nul term. */
nfsdarg.addr = cp;
cp = malloc(nfsdarg.dnshostlen + 1, M_TEMP, M_WAITOK);
error = copyin(nfsdarg.dnshost, cp, nfsdarg.dnshostlen);
if (error != 0) {
free(nfsdarg.addr, M_TEMP);
free(cp, M_TEMP);
goto out;
}
cp[nfsdarg.dnshostlen] = '\0'; /* Ensure nul term. */
nfsdarg.dnshost = cp;
cp = malloc(nfsdarg.dspathlen + 1, M_TEMP, M_WAITOK);
error = copyin(nfsdarg.dspath, cp, nfsdarg.dspathlen);
if (error != 0) {
free(nfsdarg.addr, M_TEMP);
free(nfsdarg.dnshost, M_TEMP);
free(cp, M_TEMP);
goto out;
}
cp[nfsdarg.dspathlen] = '\0'; /* Ensure nul term. */
nfsdarg.dspath = cp;
cp = malloc(nfsdarg.mdspathlen + 1, M_TEMP, M_WAITOK);
error = copyin(nfsdarg.mdspath, cp, nfsdarg.mdspathlen);
if (error != 0) {
free(nfsdarg.addr, M_TEMP);
free(nfsdarg.dnshost, M_TEMP);
free(nfsdarg.dspath, M_TEMP);
free(cp, M_TEMP);
goto out;
}
cp[nfsdarg.mdspathlen] = '\0'; /* Ensure nul term. */
nfsdarg.mdspath = cp;
} else {
nfsdarg.addr = NULL;
nfsdarg.addrlen = 0;
nfsdarg.dnshost = NULL;
nfsdarg.dnshostlen = 0;
nfsdarg.dspath = NULL;
nfsdarg.dspathlen = 0;
nfsdarg.mdspath = NULL;
nfsdarg.mdspathlen = 0;
nfsdarg.mirrorcnt = 1;
}
error = nfsrvd_nfsd(td, &nfsdarg);
free(nfsdarg.addr, M_TEMP);
free(nfsdarg.dnshost, M_TEMP);
free(nfsdarg.dspath, M_TEMP);
free(nfsdarg.mdspath, M_TEMP);
} else if (uap->flag & NFSSVC_PNFSDS) {
error = copyin(uap->argp, &pnfsdarg, sizeof(pnfsdarg));
if (error == 0 && (pnfsdarg.op == PNFSDOP_DELDSSERVER ||
pnfsdarg.op == PNFSDOP_FORCEDELDS)) {
cp = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
error = copyinstr(pnfsdarg.dspath, cp, PATH_MAX + 1,
NULL);
if (error == 0)
error = nfsrv_deldsserver(pnfsdarg.op, cp, td);
free(cp, M_TEMP);
} else if (error == 0 && pnfsdarg.op == PNFSDOP_COPYMR) {
cp = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
buflen = sizeof(*pf) * NFSDEV_MAXMIRRORS;
buf = malloc(buflen, M_TEMP, M_WAITOK);
error = copyinstr(pnfsdarg.mdspath, cp, PATH_MAX + 1,
NULL);
NFSD_DEBUG(4, "pnfsdcopymr cp mdspath=%d\n", error);
if (error == 0 && pnfsdarg.dspath != NULL) {
cp2 = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
error = copyinstr(pnfsdarg.dspath, cp2,
PATH_MAX + 1, NULL);
NFSD_DEBUG(4, "pnfsdcopymr cp dspath=%d\n",
error);
} else
cp2 = NULL;
if (error == 0 && pnfsdarg.curdspath != NULL) {
cp3 = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
error = copyinstr(pnfsdarg.curdspath, cp3,
PATH_MAX + 1, NULL);
NFSD_DEBUG(4, "pnfsdcopymr cp curdspath=%d\n",
error);
} else
cp3 = NULL;
curdvp = NULL;
fds = NULL;
if (error == 0)
error = nfsrv_mdscopymr(cp, cp2, cp3, buf,
&buflen, fname, td, &vp, &nvp, &pf, &ds,
&fds);
NFSD_DEBUG(4, "nfsrv_mdscopymr=%d\n", error);
if (error == 0) {
if (pf->dsf_dir >= nfsrv_dsdirsize) {
printf("copymr: dsdir out of range\n");
pf->dsf_dir = 0;
}
NFSD_DEBUG(4, "copymr: buflen=%d\n", buflen);
error = nfsrv_copymr(vp, nvp,
ds->nfsdev_dsdir[pf->dsf_dir], ds, pf,
(struct pnfsdsfile *)buf,
buflen / sizeof(*pf), td->td_ucred, td);
vput(vp);
vput(nvp);
if (fds != NULL && error == 0) {
curdvp = fds->nfsdev_dsdir[pf->dsf_dir];
ret = vn_lock(curdvp, LK_EXCLUSIVE);
if (ret == 0) {
nfsrv_dsremove(curdvp, fname,
td->td_ucred, td);
NFSVOPUNLOCK(curdvp);
}
}
NFSD_DEBUG(4, "nfsrv_copymr=%d\n", error);
}
free(cp, M_TEMP);
free(cp2, M_TEMP);
free(cp3, M_TEMP);
free(buf, M_TEMP);
}
} else {
error = nfssvc_srvcall(td, uap, td->td_ucred);
}
out:
NFSEXITCODE(error);
return (error);
}
static int
nfssvc_srvcall(struct thread *p, struct nfssvc_args *uap, struct ucred *cred)
{
struct nfsex_args export;
struct file *fp = NULL;
int stablefd, len;
struct nfsd_clid adminrevoke;
struct nfsd_dumplist dumplist;
struct nfsd_dumpclients *dumpclients;
struct nfsd_dumplocklist dumplocklist;
struct nfsd_dumplocks *dumplocks;
struct nameidata nd;
vnode_t vp;
int error = EINVAL, igotlock;
struct proc *procp;
static int suspend_nfsd = 0;
if (uap->flag & NFSSVC_PUBLICFH) {
NFSBZERO((caddr_t)&nfs_pubfh.nfsrvfh_data,
sizeof (fhandle_t));
error = copyin(uap->argp,
&nfs_pubfh.nfsrvfh_data, sizeof (fhandle_t));
if (!error)
nfs_pubfhset = 1;
} else if (uap->flag & NFSSVC_V4ROOTEXPORT) {
error = copyin(uap->argp,(caddr_t)&export,
sizeof (struct nfsex_args));
if (!error)
error = nfsrv_v4rootexport(&export, cred, p);
} else if (uap->flag & NFSSVC_NOPUBLICFH) {
nfs_pubfhset = 0;
error = 0;
} else if (uap->flag & NFSSVC_STABLERESTART) {
error = copyin(uap->argp, (caddr_t)&stablefd,
sizeof (int));
if (!error)
error = fp_getfvp(p, stablefd, &fp, &vp);
if (!error && (NFSFPFLAG(fp) & (FREAD | FWRITE)) != (FREAD | FWRITE))
error = EBADF;
if (!error && newnfs_numnfsd != 0)
error = EPERM;
if (!error) {
nfsrv_stablefirst.nsf_fp = fp;
nfsrv_setupstable(p);
}
} else if (uap->flag & NFSSVC_ADMINREVOKE) {
error = copyin(uap->argp, (caddr_t)&adminrevoke,
sizeof (struct nfsd_clid));
if (!error)
error = nfsrv_adminrevoke(&adminrevoke, p);
} else if (uap->flag & NFSSVC_DUMPCLIENTS) {
error = copyin(uap->argp, (caddr_t)&dumplist,
sizeof (struct nfsd_dumplist));
if (!error && (dumplist.ndl_size < 1 ||
dumplist.ndl_size > NFSRV_MAXDUMPLIST))
error = EPERM;
if (!error) {
len = sizeof (struct nfsd_dumpclients) * dumplist.ndl_size;
dumpclients = malloc(len, M_TEMP, M_WAITOK | M_ZERO);
nfsrv_dumpclients(dumpclients, dumplist.ndl_size);
error = copyout(dumpclients,
CAST_USER_ADDR_T(dumplist.ndl_list), len);
free(dumpclients, M_TEMP);
}
} else if (uap->flag & NFSSVC_DUMPLOCKS) {
error = copyin(uap->argp, (caddr_t)&dumplocklist,
sizeof (struct nfsd_dumplocklist));
if (!error && (dumplocklist.ndllck_size < 1 ||
dumplocklist.ndllck_size > NFSRV_MAXDUMPLIST))
error = EPERM;
if (!error)
error = nfsrv_lookupfilename(&nd,
dumplocklist.ndllck_fname, p);
if (!error) {
len = sizeof (struct nfsd_dumplocks) *
dumplocklist.ndllck_size;
dumplocks = malloc(len, M_TEMP, M_WAITOK | M_ZERO);
nfsrv_dumplocks(nd.ni_vp, dumplocks,
dumplocklist.ndllck_size, p);
vput(nd.ni_vp);
error = copyout(dumplocks,
CAST_USER_ADDR_T(dumplocklist.ndllck_list), len);
free(dumplocks, M_TEMP);
}
} else if (uap->flag & NFSSVC_BACKUPSTABLE) {
procp = p->td_proc;
PROC_LOCK(procp);
nfsd_master_pid = procp->p_pid;
bcopy(procp->p_comm, nfsd_master_comm, MAXCOMLEN + 1);
nfsd_master_start = procp->p_stats->p_start;
nfsd_master_proc = procp;
PROC_UNLOCK(procp);
} else if ((uap->flag & NFSSVC_SUSPENDNFSD) != 0) {
NFSLOCKV4ROOTMUTEX();
if (suspend_nfsd == 0) {
/* Lock out all nfsd threads */
do {
igotlock = nfsv4_lock(&nfsd_suspend_lock, 1,
NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
} while (igotlock == 0 && suspend_nfsd == 0);
suspend_nfsd = 1;
}
NFSUNLOCKV4ROOTMUTEX();
error = 0;
} else if ((uap->flag & NFSSVC_RESUMENFSD) != 0) {
NFSLOCKV4ROOTMUTEX();
if (suspend_nfsd != 0) {
nfsv4_unlock(&nfsd_suspend_lock, 0);
suspend_nfsd = 0;
}
NFSUNLOCKV4ROOTMUTEX();
error = 0;
}
NFSEXITCODE(error);
return (error);
}
/*
* Check exports.
* Returns 0 if ok, 1 otherwise.
*/
int
nfsvno_testexp(struct nfsrv_descript *nd, struct nfsexstuff *exp)
{
int i;
/*
* This seems odd, but allow the case where the security flavor
* list is empty. This happens when NFSv4 is traversing non-exported
* file systems. Exported file systems should always have a non-empty
* security flavor list.
*/
if (exp->nes_numsecflavor == 0)
return (0);
for (i = 0; i < exp->nes_numsecflavor; i++) {
/*
* The tests for privacy and integrity must be first,
* since ND_GSS is set for everything but AUTH_SYS.
*/
if (exp->nes_secflavors[i] == RPCSEC_GSS_KRB5P &&
(nd->nd_flag & ND_GSSPRIVACY))
return (0);
if (exp->nes_secflavors[i] == RPCSEC_GSS_KRB5I &&
(nd->nd_flag & ND_GSSINTEGRITY))
return (0);
if (exp->nes_secflavors[i] == RPCSEC_GSS_KRB5 &&
(nd->nd_flag & ND_GSS))
return (0);
if (exp->nes_secflavors[i] == AUTH_SYS &&
(nd->nd_flag & ND_GSS) == 0)
return (0);
}
return (1);
}
/*
* Calculate a hash value for the fid in a file handle.
*/
uint32_t
nfsrv_hashfh(fhandle_t *fhp)
{
uint32_t hashval;
hashval = hash32_buf(&fhp->fh_fid, sizeof(struct fid), 0);
return (hashval);
}
/*
* Calculate a hash value for the sessionid.
*/
uint32_t
nfsrv_hashsessionid(uint8_t *sessionid)
{
uint32_t hashval;
hashval = hash32_buf(sessionid, NFSX_V4SESSIONID, 0);
return (hashval);
}
/*
* Signal the userland master nfsd to backup the stable restart file.
*/
void
nfsrv_backupstable(void)
{
struct proc *procp;
if (nfsd_master_proc != NULL) {
procp = pfind(nfsd_master_pid);
/* Try to make sure it is the correct process. */
if (procp == nfsd_master_proc &&
procp->p_stats->p_start.tv_sec ==
nfsd_master_start.tv_sec &&
procp->p_stats->p_start.tv_usec ==
nfsd_master_start.tv_usec &&
strcmp(procp->p_comm, nfsd_master_comm) == 0)
kern_psignal(procp, SIGUSR2);
else
nfsd_master_proc = NULL;
if (procp != NULL)
PROC_UNLOCK(procp);
}
}
/*
* Create a DS data file for nfsrv_pnfscreate(). Called for each mirror.
* The arguments are in a structure, so that they can be passed through
* taskqueue for a kernel process to execute this function.
*/
struct nfsrvdscreate {
int done;
int inprog;
struct task tsk;
struct ucred *tcred;
struct vnode *dvp;
NFSPROC_T *p;
struct pnfsdsfile *pf;
int err;
fhandle_t fh;
struct vattr va;
struct vattr createva;
};
int
nfsrv_dscreate(struct vnode *dvp, struct vattr *vap, struct vattr *nvap,
fhandle_t *fhp, struct pnfsdsfile *pf, struct pnfsdsattr *dsa,
char *fnamep, struct ucred *tcred, NFSPROC_T *p, struct vnode **nvpp)
{
struct vnode *nvp;
struct nameidata named;
struct vattr va;
char *bufp;
u_long *hashp;
struct nfsnode *np;
struct nfsmount *nmp;
int error;
NFSNAMEICNDSET(&named.ni_cnd, tcred, CREATE,
LOCKPARENT | LOCKLEAF | SAVESTART | NOCACHE);
nfsvno_setpathbuf(&named, &bufp, &hashp);
named.ni_cnd.cn_lkflags = LK_EXCLUSIVE;
named.ni_cnd.cn_thread = p;
named.ni_cnd.cn_nameptr = bufp;
if (fnamep != NULL) {
strlcpy(bufp, fnamep, PNFS_FILENAME_LEN + 1);
named.ni_cnd.cn_namelen = strlen(bufp);
} else
named.ni_cnd.cn_namelen = nfsrv_putfhname(fhp, bufp);
NFSD_DEBUG(4, "nfsrv_dscreate: dvp=%p fname=%s\n", dvp, bufp);
/* Create the date file in the DS mount. */
error = NFSVOPLOCK(dvp, LK_EXCLUSIVE);
if (error == 0) {
error = VOP_CREATE(dvp, &nvp, &named.ni_cnd, vap);
NFSVOPUNLOCK(dvp);
if (error == 0) {
/* Set the ownership of the file. */
error = VOP_SETATTR(nvp, nvap, tcred);
NFSD_DEBUG(4, "nfsrv_dscreate:"
" setattr-uid=%d\n", error);
if (error != 0)
vput(nvp);
}
if (error != 0)
printf("pNFS: pnfscreate failed=%d\n", error);
} else
printf("pNFS: pnfscreate vnlock=%d\n", error);
if (error == 0) {
np = VTONFS(nvp);
nmp = VFSTONFS(nvp->v_mount);
if (strcmp(nvp->v_mount->mnt_vfc->vfc_name, "nfs")
!= 0 || nmp->nm_nam->sa_len > sizeof(
struct sockaddr_in6) ||
np->n_fhp->nfh_len != NFSX_MYFH) {
printf("Bad DS file: fstype=%s salen=%d"
" fhlen=%d\n",
nvp->v_mount->mnt_vfc->vfc_name,
nmp->nm_nam->sa_len, np->n_fhp->nfh_len);
error = ENOENT;
}
/* Set extattrs for the DS on the MDS file. */
if (error == 0) {
if (dsa != NULL) {
error = VOP_GETATTR(nvp, &va, tcred);
if (error == 0) {
dsa->dsa_filerev = va.va_filerev;
dsa->dsa_size = va.va_size;
dsa->dsa_atime = va.va_atime;
dsa->dsa_mtime = va.va_mtime;
dsa->dsa_bytes = va.va_bytes;
}
}
if (error == 0) {
NFSBCOPY(np->n_fhp->nfh_fh, &pf->dsf_fh,
NFSX_MYFH);
NFSBCOPY(nmp->nm_nam, &pf->dsf_sin,
nmp->nm_nam->sa_len);
NFSBCOPY(named.ni_cnd.cn_nameptr,
pf->dsf_filename,
sizeof(pf->dsf_filename));
}
} else
printf("pNFS: pnfscreate can't get DS"
" attr=%d\n", error);
if (nvpp != NULL && error == 0)
*nvpp = nvp;
else
vput(nvp);
}
nfsvno_relpathbuf(&named);
return (error);
}
/*
* Start up the thread that will execute nfsrv_dscreate().
*/
static void
start_dscreate(void *arg, int pending)
{
struct nfsrvdscreate *dsc;
dsc = (struct nfsrvdscreate *)arg;
dsc->err = nfsrv_dscreate(dsc->dvp, &dsc->createva, &dsc->va, &dsc->fh,
dsc->pf, NULL, NULL, dsc->tcred, dsc->p, NULL);
dsc->done = 1;
NFSD_DEBUG(4, "start_dscreate: err=%d\n", dsc->err);
}
/*
* Create a pNFS data file on the Data Server(s).
*/
static void
nfsrv_pnfscreate(struct vnode *vp, struct vattr *vap, struct ucred *cred,
NFSPROC_T *p)
{
struct nfsrvdscreate *dsc, *tdsc = NULL;
struct nfsdevice *ds, *tds, *fds;
struct mount *mp;
struct pnfsdsfile *pf, *tpf;
struct pnfsdsattr dsattr;
struct vattr va;
struct vnode *dvp[NFSDEV_MAXMIRRORS];
struct nfsmount *nmp;
fhandle_t fh;
uid_t vauid;
gid_t vagid;
u_short vamode;
struct ucred *tcred;
int dsdir[NFSDEV_MAXMIRRORS], error, i, mirrorcnt, ret;
int failpos, timo;
/* Get a DS server directory in a round-robin order. */
mirrorcnt = 1;
mp = vp->v_mount;
ds = fds = NULL;
NFSDDSLOCK();
/*
* Search for the first entry that handles this MDS fs, but use the
* first entry for all MDS fs's otherwise.
*/
TAILQ_FOREACH(tds, &nfsrv_devidhead, nfsdev_list) {
if (tds->nfsdev_nmp != NULL) {
if (tds->nfsdev_mdsisset == 0 && ds == NULL)
ds = tds;
else if (tds->nfsdev_mdsisset != 0 &&
mp->mnt_stat.f_fsid.val[0] ==
tds->nfsdev_mdsfsid.val[0] &&
mp->mnt_stat.f_fsid.val[1] ==
tds->nfsdev_mdsfsid.val[1]) {
ds = fds = tds;
break;
}
}
}
if (ds == NULL) {
NFSDDSUNLOCK();
NFSD_DEBUG(4, "nfsrv_pnfscreate: no srv\n");
return;
}
i = dsdir[0] = ds->nfsdev_nextdir;
ds->nfsdev_nextdir = (ds->nfsdev_nextdir + 1) % nfsrv_dsdirsize;
dvp[0] = ds->nfsdev_dsdir[i];
tds = TAILQ_NEXT(ds, nfsdev_list);
if (nfsrv_maxpnfsmirror > 1 && tds != NULL) {
TAILQ_FOREACH_FROM(tds, &nfsrv_devidhead, nfsdev_list) {
if (tds->nfsdev_nmp != NULL &&
((tds->nfsdev_mdsisset == 0 && fds == NULL) ||
(tds->nfsdev_mdsisset != 0 && fds != NULL &&
mp->mnt_stat.f_fsid.val[0] ==
tds->nfsdev_mdsfsid.val[0] &&
mp->mnt_stat.f_fsid.val[1] ==
tds->nfsdev_mdsfsid.val[1]))) {
dsdir[mirrorcnt] = i;
dvp[mirrorcnt] = tds->nfsdev_dsdir[i];
mirrorcnt++;
if (mirrorcnt >= nfsrv_maxpnfsmirror)
break;
}
}
}
/* Put at end of list to implement round-robin usage. */
TAILQ_REMOVE(&nfsrv_devidhead, ds, nfsdev_list);
TAILQ_INSERT_TAIL(&nfsrv_devidhead, ds, nfsdev_list);
NFSDDSUNLOCK();
dsc = NULL;
if (mirrorcnt > 1)
tdsc = dsc = malloc(sizeof(*dsc) * (mirrorcnt - 1), M_TEMP,
M_WAITOK | M_ZERO);
tpf = pf = malloc(sizeof(*pf) * nfsrv_maxpnfsmirror, M_TEMP, M_WAITOK |
M_ZERO);
error = nfsvno_getfh(vp, &fh, p);
if (error == 0)
error = VOP_GETATTR(vp, &va, cred);
if (error == 0) {
/* Set the attributes for "vp" to Setattr the DS vp. */
vauid = va.va_uid;
vagid = va.va_gid;
vamode = va.va_mode;
VATTR_NULL(&va);
va.va_uid = vauid;
va.va_gid = vagid;
va.va_mode = vamode;
va.va_size = 0;
} else
printf("pNFS: pnfscreate getfh+attr=%d\n", error);
NFSD_DEBUG(4, "nfsrv_pnfscreate: cruid=%d crgid=%d\n", cred->cr_uid,
cred->cr_gid);
/* Make data file name based on FH. */
tcred = newnfs_getcred();
/*
* Create the file on each DS mirror, using kernel process(es) for the
* additional mirrors.
*/
failpos = -1;
for (i = 0; i < mirrorcnt - 1 && error == 0; i++, tpf++, tdsc++) {
tpf->dsf_dir = dsdir[i];
tdsc->tcred = tcred;
tdsc->p = p;
tdsc->pf = tpf;
tdsc->createva = *vap;
NFSBCOPY(&fh, &tdsc->fh, sizeof(fh));
tdsc->va = va;
tdsc->dvp = dvp[i];
tdsc->done = 0;
tdsc->inprog = 0;
tdsc->err = 0;
ret = EIO;
if (nfs_pnfsiothreads != 0) {
ret = nfs_pnfsio(start_dscreate, tdsc);
NFSD_DEBUG(4, "nfsrv_pnfscreate: nfs_pnfsio=%d\n", ret);
}
if (ret != 0) {
ret = nfsrv_dscreate(dvp[i], vap, &va, &fh, tpf, NULL,
NULL, tcred, p, NULL);
if (ret != 0) {
KASSERT(error == 0, ("nfsrv_dscreate err=%d",
error));
if (failpos == -1 && nfsds_failerr(ret))
failpos = i;
else
error = ret;
}
}
}
if (error == 0) {
tpf->dsf_dir = dsdir[mirrorcnt - 1];
error = nfsrv_dscreate(dvp[mirrorcnt - 1], vap, &va, &fh, tpf,
&dsattr, NULL, tcred, p, NULL);
if (failpos == -1 && mirrorcnt > 1 && nfsds_failerr(error)) {
failpos = mirrorcnt - 1;
error = 0;
}
}
timo = hz / 50; /* Wait for 20msec. */
if (timo < 1)
timo = 1;
/* Wait for kernel task(s) to complete. */
for (tdsc = dsc, i = 0; i < mirrorcnt - 1; i++, tdsc++) {
while (tdsc->inprog != 0 && tdsc->done == 0)
tsleep(&tdsc->tsk, PVFS, "srvdcr", timo);
if (tdsc->err != 0) {
if (failpos == -1 && nfsds_failerr(tdsc->err))
failpos = i;
else if (error == 0)
error = tdsc->err;
}
}
/*
* If failpos has been set, that mirror has failed, so it needs
* to be disabled.
*/
if (failpos >= 0) {
nmp = VFSTONFS(dvp[failpos]->v_mount);
NFSLOCKMNT(nmp);
if ((nmp->nm_privflag & (NFSMNTP_FORCEDISM |
NFSMNTP_CANCELRPCS)) == 0) {
nmp->nm_privflag |= NFSMNTP_CANCELRPCS;
NFSUNLOCKMNT(nmp);
ds = nfsrv_deldsnmp(PNFSDOP_DELDSSERVER, nmp, p);
NFSD_DEBUG(4, "dscreatfail fail=%d ds=%p\n", failpos,
ds);
if (ds != NULL)
nfsrv_killrpcs(nmp);
NFSLOCKMNT(nmp);
nmp->nm_privflag &= ~NFSMNTP_CANCELRPCS;
wakeup(nmp);
}
NFSUNLOCKMNT(nmp);
}
NFSFREECRED(tcred);
if (error == 0) {
ASSERT_VOP_ELOCKED(vp, "nfsrv_pnfscreate vp");
NFSD_DEBUG(4, "nfsrv_pnfscreate: mirrorcnt=%d maxmirror=%d\n",
mirrorcnt, nfsrv_maxpnfsmirror);
/*
* For all mirrors that couldn't be created, fill in the
* *pf structure, but with an IP address == 0.0.0.0.
*/
tpf = pf + mirrorcnt;
for (i = mirrorcnt; i < nfsrv_maxpnfsmirror; i++, tpf++) {
*tpf = *pf;
tpf->dsf_sin.sin_family = AF_INET;
tpf->dsf_sin.sin_len = sizeof(struct sockaddr_in);
tpf->dsf_sin.sin_addr.s_addr = 0;
tpf->dsf_sin.sin_port = 0;
}
error = vn_extattr_set(vp, IO_NODELOCKED,
EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsfile",
sizeof(*pf) * nfsrv_maxpnfsmirror, (char *)pf, p);
if (error == 0)
error = vn_extattr_set(vp, IO_NODELOCKED,
EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsattr",
sizeof(dsattr), (char *)&dsattr, p);
if (error != 0)
printf("pNFS: pnfscreate setextattr=%d\n",
error);
} else
printf("pNFS: pnfscreate=%d\n", error);
free(pf, M_TEMP);
free(dsc, M_TEMP);
}
/*
* Get the information needed to remove the pNFS Data Server file from the
* Metadata file. Upon success, ddvp is set non-NULL to the locked
* DS directory vnode. The caller must unlock *ddvp when done with it.
*/
static void
nfsrv_pnfsremovesetup(struct vnode *vp, NFSPROC_T *p, struct vnode **dvpp,
int *mirrorcntp, char *fname, fhandle_t *fhp)
{
struct vattr va;
struct ucred *tcred;
char *buf;
int buflen, error;
dvpp[0] = NULL;
/* If not an exported regular file or not a pNFS server, just return. */
if (vp->v_type != VREG || (vp->v_mount->mnt_flag & MNT_EXPORTED) == 0 ||
nfsrv_devidcnt == 0)
return;
/* Check to see if this is the last hard link. */
tcred = newnfs_getcred();
error = VOP_GETATTR(vp, &va, tcred);
NFSFREECRED(tcred);
if (error != 0) {
printf("pNFS: nfsrv_pnfsremovesetup getattr=%d\n", error);
return;
}
if (va.va_nlink > 1)
return;
error = nfsvno_getfh(vp, fhp, p);
if (error != 0) {
printf("pNFS: nfsrv_pnfsremovesetup getfh=%d\n", error);
return;
}
buflen = 1024;
buf = malloc(buflen, M_TEMP, M_WAITOK);
/* Get the directory vnode for the DS mount and the file handle. */
error = nfsrv_dsgetsockmnt(vp, 0, buf, &buflen, mirrorcntp, p, dvpp,
NULL, NULL, fname, NULL, NULL, NULL, NULL, NULL);
free(buf, M_TEMP);
if (error != 0)
printf("pNFS: nfsrv_pnfsremovesetup getsockmnt=%d\n", error);
}
/*
* Remove a DS data file for nfsrv_pnfsremove(). Called for each mirror.
* The arguments are in a structure, so that they can be passed through
* taskqueue for a kernel process to execute this function.
*/
struct nfsrvdsremove {
int done;
int inprog;
struct task tsk;
struct ucred *tcred;
struct vnode *dvp;
NFSPROC_T *p;
int err;
char fname[PNFS_FILENAME_LEN + 1];
};
static int
nfsrv_dsremove(struct vnode *dvp, char *fname, struct ucred *tcred,
NFSPROC_T *p)
{
struct nameidata named;
struct vnode *nvp;
char *bufp;
u_long *hashp;
int error;
error = NFSVOPLOCK(dvp, LK_EXCLUSIVE);
if (error != 0)
return (error);
named.ni_cnd.cn_nameiop = DELETE;
named.ni_cnd.cn_lkflags = LK_EXCLUSIVE | LK_RETRY;
named.ni_cnd.cn_cred = tcred;
named.ni_cnd.cn_thread = p;
named.ni_cnd.cn_flags = ISLASTCN | LOCKPARENT | LOCKLEAF | SAVENAME;
nfsvno_setpathbuf(&named, &bufp, &hashp);
named.ni_cnd.cn_nameptr = bufp;
named.ni_cnd.cn_namelen = strlen(fname);
strlcpy(bufp, fname, NAME_MAX);
NFSD_DEBUG(4, "nfsrv_pnfsremove: filename=%s\n", bufp);
error = VOP_LOOKUP(dvp, &nvp, &named.ni_cnd);
NFSD_DEBUG(4, "nfsrv_pnfsremove: aft LOOKUP=%d\n", error);
if (error == 0) {
error = VOP_REMOVE(dvp, nvp, &named.ni_cnd);
vput(nvp);
}
NFSVOPUNLOCK(dvp);
nfsvno_relpathbuf(&named);
if (error != 0)
printf("pNFS: nfsrv_pnfsremove failed=%d\n", error);
return (error);
}
/*
* Start up the thread that will execute nfsrv_dsremove().
*/
static void
start_dsremove(void *arg, int pending)
{
struct nfsrvdsremove *dsrm;
dsrm = (struct nfsrvdsremove *)arg;
dsrm->err = nfsrv_dsremove(dsrm->dvp, dsrm->fname, dsrm->tcred,
dsrm->p);
dsrm->done = 1;
NFSD_DEBUG(4, "start_dsremove: err=%d\n", dsrm->err);
}
/*
* Remove a pNFS data file from a Data Server.
* nfsrv_pnfsremovesetup() must have been called before the MDS file was
* removed to set up the dvp and fill in the FH.
*/
static void
nfsrv_pnfsremove(struct vnode **dvp, int mirrorcnt, char *fname, fhandle_t *fhp,
NFSPROC_T *p)
{
struct ucred *tcred;
struct nfsrvdsremove *dsrm, *tdsrm;
struct nfsdevice *ds;
struct nfsmount *nmp;
int failpos, i, ret, timo;
tcred = newnfs_getcred();
dsrm = NULL;
if (mirrorcnt > 1)
dsrm = malloc(sizeof(*dsrm) * mirrorcnt - 1, M_TEMP, M_WAITOK);
/*
* Remove the file on each DS mirror, using kernel process(es) for the
* additional mirrors.
*/
failpos = -1;
for (tdsrm = dsrm, i = 0; i < mirrorcnt - 1; i++, tdsrm++) {
tdsrm->tcred = tcred;
tdsrm->p = p;
tdsrm->dvp = dvp[i];
strlcpy(tdsrm->fname, fname, PNFS_FILENAME_LEN + 1);
tdsrm->inprog = 0;
tdsrm->done = 0;
tdsrm->err = 0;
ret = EIO;
if (nfs_pnfsiothreads != 0) {
ret = nfs_pnfsio(start_dsremove, tdsrm);
NFSD_DEBUG(4, "nfsrv_pnfsremove: nfs_pnfsio=%d\n", ret);
}
if (ret != 0) {
ret = nfsrv_dsremove(dvp[i], fname, tcred, p);
if (failpos == -1 && nfsds_failerr(ret))
failpos = i;
}
}
ret = nfsrv_dsremove(dvp[mirrorcnt - 1], fname, tcred, p);
if (failpos == -1 && mirrorcnt > 1 && nfsds_failerr(ret))
failpos = mirrorcnt - 1;
timo = hz / 50; /* Wait for 20msec. */
if (timo < 1)
timo = 1;
/* Wait for kernel task(s) to complete. */
for (tdsrm = dsrm, i = 0; i < mirrorcnt - 1; i++, tdsrm++) {
while (tdsrm->inprog != 0 && tdsrm->done == 0)
tsleep(&tdsrm->tsk, PVFS, "srvdsrm", timo);
if (failpos == -1 && nfsds_failerr(tdsrm->err))
failpos = i;
}
/*
* If failpos has been set, that mirror has failed, so it needs
* to be disabled.
*/
if (failpos >= 0) {
nmp = VFSTONFS(dvp[failpos]->v_mount);
NFSLOCKMNT(nmp);
if ((nmp->nm_privflag & (NFSMNTP_FORCEDISM |
NFSMNTP_CANCELRPCS)) == 0) {
nmp->nm_privflag |= NFSMNTP_CANCELRPCS;
NFSUNLOCKMNT(nmp);
ds = nfsrv_deldsnmp(PNFSDOP_DELDSSERVER, nmp, p);
NFSD_DEBUG(4, "dsremovefail fail=%d ds=%p\n", failpos,
ds);
if (ds != NULL)
nfsrv_killrpcs(nmp);
NFSLOCKMNT(nmp);
nmp->nm_privflag &= ~NFSMNTP_CANCELRPCS;
wakeup(nmp);
}
NFSUNLOCKMNT(nmp);
}
/* Get rid all layouts for the file. */
nfsrv_freefilelayouts(fhp);
NFSFREECRED(tcred);
free(dsrm, M_TEMP);
}
/*
* Generate a file name based on the file handle and put it in *bufp.
* Return the number of bytes generated.
*/
static int
nfsrv_putfhname(fhandle_t *fhp, char *bufp)
{
int i;
uint8_t *cp;
const uint8_t *hexdigits = "0123456789abcdef";
cp = (uint8_t *)fhp;
for (i = 0; i < sizeof(*fhp); i++) {
bufp[2 * i] = hexdigits[(*cp >> 4) & 0xf];
bufp[2 * i + 1] = hexdigits[*cp++ & 0xf];
}
bufp[2 * i] = '\0';
return (2 * i);
}
/*
* Update the Metadata file's attributes from the DS file when a Read/Write
* layout is returned.
* Basically just call nfsrv_proxyds() with procedure == NFSPROC_LAYOUTRETURN
* so that it does a nfsrv_getattrdsrpc() and nfsrv_setextattr() on the DS file.
*/
int
nfsrv_updatemdsattr(struct vnode *vp, struct nfsvattr *nap, NFSPROC_T *p)
{
struct ucred *tcred;
int error;
/* Do this as root so that it won't fail with EACCES. */
tcred = newnfs_getcred();
error = nfsrv_proxyds(vp, 0, 0, tcred, p, NFSPROC_LAYOUTRETURN,
NULL, NULL, NULL, nap, NULL, NULL, 0, NULL);
NFSFREECRED(tcred);
return (error);
}
/*
* Set the NFSv4 ACL on the DS file to the same ACL as the MDS file.
*/
static int
nfsrv_dssetacl(struct vnode *vp, struct acl *aclp, struct ucred *cred,
NFSPROC_T *p)
{
int error;
error = nfsrv_proxyds(vp, 0, 0, cred, p, NFSPROC_SETACL,
NULL, NULL, NULL, NULL, aclp, NULL, 0, NULL);
return (error);
}
static int
nfsrv_proxyds(struct vnode *vp, off_t off, int cnt, struct ucred *cred,
struct thread *p, int ioproc, struct mbuf **mpp, struct nfsrv_descript *nd,
struct mbuf **mpp2, struct nfsvattr *nap, struct acl *aclp,
off_t *offp, int content, bool *eofp)
{
struct nfsmount *nmp[NFSDEV_MAXMIRRORS], *failnmp;
fhandle_t fh[NFSDEV_MAXMIRRORS];
struct vnode *dvp[NFSDEV_MAXMIRRORS];
struct nfsdevice *ds;
struct pnfsdsattr dsattr;
struct opnfsdsattr odsattr;
char *buf;
int buflen, error, failpos, i, mirrorcnt, origmircnt, trycnt;
NFSD_DEBUG(4, "in nfsrv_proxyds\n");
/*
* If not a regular file, not exported or not a pNFS server,
* just return ENOENT.
*/
if (vp->v_type != VREG || (vp->v_mount->mnt_flag & MNT_EXPORTED) == 0 ||
nfsrv_devidcnt == 0)
return (ENOENT);
buflen = 1024;
buf = malloc(buflen, M_TEMP, M_WAITOK);
error = 0;
/*
* For Getattr, get the Change attribute (va_filerev) and size (va_size)
* from the MetaData file's extended attribute.
*/
if (ioproc == NFSPROC_GETATTR) {
error = vn_extattr_get(vp, IO_NODELOCKED,
EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsattr", &buflen, buf,
p);
if (error == 0) {
if (buflen == sizeof(odsattr)) {
NFSBCOPY(buf, &odsattr, buflen);
nap->na_filerev = odsattr.dsa_filerev;
nap->na_size = odsattr.dsa_size;
nap->na_atime = odsattr.dsa_atime;
nap->na_mtime = odsattr.dsa_mtime;
/*
* Fake na_bytes by rounding up na_size.
* Since we don't know the block size, just
* use BLKDEV_IOSIZE.
*/
nap->na_bytes = (odsattr.dsa_size +
BLKDEV_IOSIZE - 1) & ~(BLKDEV_IOSIZE - 1);
} else if (buflen == sizeof(dsattr)) {
NFSBCOPY(buf, &dsattr, buflen);
nap->na_filerev = dsattr.dsa_filerev;
nap->na_size = dsattr.dsa_size;
nap->na_atime = dsattr.dsa_atime;
nap->na_mtime = dsattr.dsa_mtime;
nap->na_bytes = dsattr.dsa_bytes;
} else
error = ENXIO;
}
if (error == 0) {
/*
* If nfsrv_pnfsgetdsattr is 0 or nfsrv_checkdsattr()
* returns 0, just return now. nfsrv_checkdsattr()
* returns 0 if there is no Read/Write layout
* plus either an Open/Write_access or Write
* delegation issued to a client for the file.
*/
if (nfsrv_pnfsgetdsattr == 0 ||
nfsrv_checkdsattr(vp, p) == 0) {
free(buf, M_TEMP);
return (error);
}
}
/*
* Clear ENOATTR so the code below will attempt to do a
* nfsrv_getattrdsrpc() to get the attributes and (re)create
* the extended attribute.
*/
if (error == ENOATTR)
error = 0;
}
origmircnt = -1;
trycnt = 0;
tryagain:
if (error == 0) {
buflen = 1024;
if (ioproc == NFSPROC_READDS && NFSVOPISLOCKED(vp) ==
LK_EXCLUSIVE)
printf("nfsrv_proxyds: Readds vp exclusively locked\n");
error = nfsrv_dsgetsockmnt(vp, LK_SHARED, buf, &buflen,
&mirrorcnt, p, dvp, fh, NULL, NULL, NULL, NULL, NULL,
NULL, NULL);
if (error == 0) {
for (i = 0; i < mirrorcnt; i++)
nmp[i] = VFSTONFS(dvp[i]->v_mount);
} else
printf("pNFS: proxy getextattr sockaddr=%d\n", error);
} else
printf("pNFS: nfsrv_dsgetsockmnt=%d\n", error);
if (error == 0) {
failpos = -1;
if (origmircnt == -1)
origmircnt = mirrorcnt;
/*
* If failpos is set to a mirror#, then that mirror has
* failed and will be disabled. For Read, Getattr and Seek, the
* function only tries one mirror, so if that mirror has
* failed, it will need to be retried. As such, increment
* tryitagain for these cases.
* For Write, Setattr and Setacl, the function tries all
* mirrors and will not return an error for the case where
* one mirror has failed. For these cases, the functioning
* mirror(s) will have been modified, so a retry isn't
* necessary. These functions will set failpos for the
* failed mirror#.
*/
if (ioproc == NFSPROC_READDS) {
error = nfsrv_readdsrpc(fh, off, cnt, cred, p, nmp[0],
mpp, mpp2);
if (nfsds_failerr(error) && mirrorcnt > 1) {
/*
* Setting failpos will cause the mirror
* to be disabled and then a retry of this
* read is required.
*/
failpos = 0;
error = 0;
trycnt++;
}
} else if (ioproc == NFSPROC_WRITEDS)
error = nfsrv_writedsrpc(fh, off, cnt, cred, p, vp,
&nmp[0], mirrorcnt, mpp, nd, &failpos);
else if (ioproc == NFSPROC_SETATTR)
error = nfsrv_setattrdsrpc(fh, cred, p, vp, &nmp[0],
mirrorcnt, nap, &failpos);
else if (ioproc == NFSPROC_SETACL)
error = nfsrv_setacldsrpc(fh, cred, p, vp, &nmp[0],
mirrorcnt, aclp, &failpos);
else if (ioproc == NFSPROC_SEEKDS) {
error = nfsrv_seekdsrpc(fh, offp, content, eofp, cred,
p, nmp[0]);
if (nfsds_failerr(error) && mirrorcnt > 1) {
/*
* Setting failpos will cause the mirror
* to be disabled and then a retry of this
* read is required.
*/
failpos = 0;
error = 0;
trycnt++;
}
} else if (ioproc == NFSPROC_ALLOCATE)
error = nfsrv_allocatedsrpc(fh, off, *offp, cred, p, vp,
&nmp[0], mirrorcnt, &failpos);
else {
error = nfsrv_getattrdsrpc(&fh[mirrorcnt - 1], cred, p,
vp, nmp[mirrorcnt - 1], nap);
if (nfsds_failerr(error) && mirrorcnt > 1) {
/*
* Setting failpos will cause the mirror
* to be disabled and then a retry of this
* getattr is required.
*/
failpos = mirrorcnt - 1;
error = 0;
trycnt++;
}
}
ds = NULL;
if (failpos >= 0) {
failnmp = nmp[failpos];
NFSLOCKMNT(failnmp);
if ((failnmp->nm_privflag & (NFSMNTP_FORCEDISM |
NFSMNTP_CANCELRPCS)) == 0) {
failnmp->nm_privflag |= NFSMNTP_CANCELRPCS;
NFSUNLOCKMNT(failnmp);
ds = nfsrv_deldsnmp(PNFSDOP_DELDSSERVER,
failnmp, p);
NFSD_DEBUG(4, "dsldsnmp fail=%d ds=%p\n",
failpos, ds);
if (ds != NULL)
nfsrv_killrpcs(failnmp);
NFSLOCKMNT(failnmp);
failnmp->nm_privflag &= ~NFSMNTP_CANCELRPCS;
wakeup(failnmp);
}
NFSUNLOCKMNT(failnmp);
}
for (i = 0; i < mirrorcnt; i++)
NFSVOPUNLOCK(dvp[i]);
NFSD_DEBUG(4, "nfsrv_proxyds: aft RPC=%d trya=%d\n", error,
trycnt);
/* Try the Read/Getattr again if a mirror was deleted. */
if (ds != NULL && trycnt > 0 && trycnt < origmircnt)
goto tryagain;
} else {
/* Return ENOENT for any Extended Attribute error. */
error = ENOENT;
}
free(buf, M_TEMP);
NFSD_DEBUG(4, "nfsrv_proxyds: error=%d\n", error);
return (error);
}
/*
* Get the DS mount point, fh and directory from the "pnfsd.dsfile" extended
* attribute.
* newnmpp - If it points to a non-NULL nmp, that is the destination and needs
* to be checked. If it points to a NULL nmp, then it returns
* a suitable destination.
* curnmp - If non-NULL, it is the source mount for the copy.
*/
int
nfsrv_dsgetsockmnt(struct vnode *vp, int lktype, char *buf, int *buflenp,
int *mirrorcntp, NFSPROC_T *p, struct vnode **dvpp, fhandle_t *fhp,
char *devid, char *fnamep, struct vnode **nvpp, struct nfsmount **newnmpp,
struct nfsmount *curnmp, int *ippos, int *dsdirp)
{
struct vnode *dvp, *nvp = NULL, **tdvpp;
struct mount *mp;
struct nfsmount *nmp, *newnmp;
struct sockaddr *sad;
struct sockaddr_in *sin;
struct nfsdevice *ds, *tds, *fndds;
struct pnfsdsfile *pf;
uint32_t dsdir;
int error, fhiszero, fnd, gotone, i, mirrorcnt;
ASSERT_VOP_LOCKED(vp, "nfsrv_dsgetsockmnt vp");
*mirrorcntp = 1;
tdvpp = dvpp;
if (nvpp != NULL)
*nvpp = NULL;
if (dvpp != NULL)
*dvpp = NULL;
if (ippos != NULL)
*ippos = -1;
if (newnmpp != NULL)
newnmp = *newnmpp;
else
newnmp = NULL;
mp = vp->v_mount;
error = vn_extattr_get(vp, IO_NODELOCKED, EXTATTR_NAMESPACE_SYSTEM,
"pnfsd.dsfile", buflenp, buf, p);
mirrorcnt = *buflenp / sizeof(*pf);
if (error == 0 && (mirrorcnt < 1 || mirrorcnt > NFSDEV_MAXMIRRORS ||
*buflenp != sizeof(*pf) * mirrorcnt))
error = ENOATTR;
pf = (struct pnfsdsfile *)buf;
/* If curnmp != NULL, check for a match in the mirror list. */
if (curnmp != NULL && error == 0) {
fnd = 0;
for (i = 0; i < mirrorcnt; i++, pf++) {
sad = (struct sockaddr *)&pf->dsf_sin;
if (nfsaddr2_match(sad, curnmp->nm_nam)) {
if (ippos != NULL)
*ippos = i;
fnd = 1;
break;
}
}
if (fnd == 0)
error = ENXIO;
}
gotone = 0;
pf = (struct pnfsdsfile *)buf;
NFSD_DEBUG(4, "nfsrv_dsgetsockmnt: mirrorcnt=%d err=%d\n", mirrorcnt,
error);
for (i = 0; i < mirrorcnt && error == 0; i++, pf++) {
fhiszero = 0;
sad = (struct sockaddr *)&pf->dsf_sin;
sin = &pf->dsf_sin;
dsdir = pf->dsf_dir;
if (dsdir >= nfsrv_dsdirsize) {
printf("nfsrv_dsgetsockmnt: dsdir=%d\n", dsdir);
error = ENOATTR;
} else if (nvpp != NULL && newnmp != NULL &&
nfsaddr2_match(sad, newnmp->nm_nam))
error = EEXIST;
if (error == 0) {
if (ippos != NULL && curnmp == NULL &&
sad->sa_family == AF_INET &&
sin->sin_addr.s_addr == 0)
*ippos = i;
if (NFSBCMP(&zerofh, &pf->dsf_fh, sizeof(zerofh)) == 0)
fhiszero = 1;
/* Use the socket address to find the mount point. */
fndds = NULL;
NFSDDSLOCK();
/* Find a match for the IP address. */
TAILQ_FOREACH(ds, &nfsrv_devidhead, nfsdev_list) {
if (ds->nfsdev_nmp != NULL) {
dvp = ds->nfsdev_dvp;
nmp = VFSTONFS(dvp->v_mount);
if (nmp != ds->nfsdev_nmp)
printf("different2 nmp %p %p\n",
nmp, ds->nfsdev_nmp);
if (nfsaddr2_match(sad, nmp->nm_nam)) {
fndds = ds;
break;
}
}
}
if (fndds != NULL && newnmpp != NULL &&
newnmp == NULL) {
/* Search for a place to make a mirror copy. */
TAILQ_FOREACH(tds, &nfsrv_devidhead,
nfsdev_list) {
if (tds->nfsdev_nmp != NULL &&
fndds != tds &&
((tds->nfsdev_mdsisset == 0 &&
fndds->nfsdev_mdsisset == 0) ||
(tds->nfsdev_mdsisset != 0 &&
fndds->nfsdev_mdsisset != 0 &&
tds->nfsdev_mdsfsid.val[0] ==
mp->mnt_stat.f_fsid.val[0] &&
tds->nfsdev_mdsfsid.val[1] ==
mp->mnt_stat.f_fsid.val[1]))) {
*newnmpp = tds->nfsdev_nmp;
break;
}
}
if (tds != NULL) {
/*
* Move this entry to the end of the
* list, so it won't be selected as
* easily the next time.
*/
TAILQ_REMOVE(&nfsrv_devidhead, tds,
nfsdev_list);
TAILQ_INSERT_TAIL(&nfsrv_devidhead, tds,
nfsdev_list);
}
}
NFSDDSUNLOCK();
if (fndds != NULL) {
dvp = fndds->nfsdev_dsdir[dsdir];
if (lktype != 0 || fhiszero != 0 ||
(nvpp != NULL && *nvpp == NULL)) {
if (fhiszero != 0)
error = vn_lock(dvp,
LK_EXCLUSIVE);
else if (lktype != 0)
error = vn_lock(dvp, lktype);
else
error = vn_lock(dvp, LK_SHARED);
/*
* If the file handle is all 0's, try to
* do a Lookup against the DS to acquire
* it.
* If dvpp == NULL or the Lookup fails,
* unlock dvp after the call.
*/
if (error == 0 && (fhiszero != 0 ||
(nvpp != NULL && *nvpp == NULL))) {
error = nfsrv_pnfslookupds(vp,
dvp, pf, &nvp, p);
if (error == 0) {
if (fhiszero != 0)
nfsrv_pnfssetfh(
vp, pf,
devid,
fnamep,
nvp, p);
if (nvpp != NULL &&
*nvpp == NULL) {
*nvpp = nvp;
*dsdirp = dsdir;
} else
vput(nvp);
}
if (error != 0 || lktype == 0)
NFSVOPUNLOCK(dvp);
}
}
if (error == 0) {
gotone++;
NFSD_DEBUG(4, "gotone=%d\n", gotone);
if (devid != NULL) {
NFSBCOPY(fndds->nfsdev_deviceid,
devid, NFSX_V4DEVICEID);
devid += NFSX_V4DEVICEID;
}
if (dvpp != NULL)
*tdvpp++ = dvp;
if (fhp != NULL)
NFSBCOPY(&pf->dsf_fh, fhp++,
NFSX_MYFH);
if (fnamep != NULL && gotone == 1)
strlcpy(fnamep,
pf->dsf_filename,
sizeof(pf->dsf_filename));
} else
NFSD_DEBUG(4, "nfsrv_dsgetsockmnt "
"err=%d\n", error);
}
}
}
if (error == 0 && gotone == 0)
error = ENOENT;
NFSD_DEBUG(4, "eo nfsrv_dsgetsockmnt: gotone=%d err=%d\n", gotone,
error);
if (error == 0)
*mirrorcntp = gotone;
else {
if (gotone > 0 && dvpp != NULL) {
/*
* If the error didn't occur on the first one and
* dvpp != NULL, the one(s) prior to the failure will
* have locked dvp's that need to be unlocked.
*/
for (i = 0; i < gotone; i++) {
NFSVOPUNLOCK(*dvpp);
*dvpp++ = NULL;
}
}
/*
* If it found the vnode to be copied from before a failure,
* it needs to be vput()'d.
*/
if (nvpp != NULL && *nvpp != NULL) {
vput(*nvpp);
*nvpp = NULL;
}
}
return (error);
}
/*
* Set the extended attribute for the Change attribute.
*/
static int
nfsrv_setextattr(struct vnode *vp, struct nfsvattr *nap, NFSPROC_T *p)
{
struct pnfsdsattr dsattr;
int error;
ASSERT_VOP_ELOCKED(vp, "nfsrv_setextattr vp");
dsattr.dsa_filerev = nap->na_filerev;
dsattr.dsa_size = nap->na_size;
dsattr.dsa_atime = nap->na_atime;
dsattr.dsa_mtime = nap->na_mtime;
dsattr.dsa_bytes = nap->na_bytes;
error = vn_extattr_set(vp, IO_NODELOCKED, EXTATTR_NAMESPACE_SYSTEM,
"pnfsd.dsattr", sizeof(dsattr), (char *)&dsattr, p);
if (error != 0)
printf("pNFS: setextattr=%d\n", error);
return (error);
}
static int
nfsrv_readdsrpc(fhandle_t *fhp, off_t off, int len, struct ucred *cred,
NFSPROC_T *p, struct nfsmount *nmp, struct mbuf **mpp, struct mbuf **mpendp)
{
uint32_t *tl;
struct nfsrv_descript *nd;
nfsv4stateid_t st;
struct mbuf *m, *m2;
int error = 0, retlen, tlen, trimlen;
NFSD_DEBUG(4, "in nfsrv_readdsrpc\n");
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
*mpp = NULL;
/*
* Use a stateid where other is an alternating 01010 pattern and
* seqid is 0xffffffff. This value is not defined as special by
* the RFC and is used by the FreeBSD NFS server to indicate an
* MDS->DS proxy operation.
*/
st.other[0] = 0x55555555;
st.other[1] = 0x55555555;
st.other[2] = 0x55555555;
st.seqid = 0xffffffff;
nfscl_reqstart(nd, NFSPROC_READDS, nmp, (u_int8_t *)fhp, sizeof(*fhp),
NULL, NULL, 0, 0, false);
nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
NFSM_BUILD(tl, uint32_t *, NFSX_UNSIGNED * 3);
txdr_hyper(off, tl);
*(tl + 2) = txdr_unsigned(len);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
if (nd->nd_repstat == 0) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
NFSM_STRSIZ(retlen, len);
if (retlen > 0) {
/* Trim off the pre-data XDR from the mbuf chain. */
m = nd->nd_mrep;
while (m != NULL && m != nd->nd_md) {
if (m->m_next == nd->nd_md) {
m->m_next = NULL;
m_freem(nd->nd_mrep);
nd->nd_mrep = m = nd->nd_md;
} else
m = m->m_next;
}
if (m == NULL) {
printf("nfsrv_readdsrpc: busted mbuf list\n");
error = ENOENT;
goto nfsmout;
}
/*
* Now, get rid of mbuf data that preceeds the
* current position. For a regular mbuf, adjust
* m_data, m_len and then find the end of the read
* data and trim off any mbuf(s) after that.
* For an ext_pgs mbuf, split it and free the first
* and third mbuf chains.
*/
tlen = NFSM_RNDUP(retlen);
if ((m->m_flags & M_NOMAP) != 0) {
trimlen = nfsm_extpgs_calc_offs(m,
nd->nd_dextpg, nd->nd_dextpgsiz);
nd->nd_mrep = mb_splitatpos_ext(m, trimlen,
M_WAITOK);
m_freem(m);
m = mb_splitatpos_ext(nd->nd_mrep, tlen,
M_WAITOK);
m_freem(m);
m = m_last(nd->nd_mrep);
} else {
trimlen = nd->nd_dpos - mtod(m, char *);
if (trimlen > 0) {
m->m_len -= trimlen;
m->m_data += trimlen;
}
/*
* Truncate the mbuf chain at retlen bytes of
* data, plus XDR padding that brings the
* length up to a multiple of 4.
*/
do {
if (m->m_len >= tlen) {
m->m_len = tlen;
tlen = 0;
m2 = m->m_next;
m->m_next = NULL;
m_freem(m2);
break;
}
tlen -= m->m_len;
m = m->m_next;
} while (m != NULL);
if (tlen > 0) {
printf("nfsrv_readdsrpc: busted mbuf "
"list\n");
error = ENOENT;
goto nfsmout;
}
}
*mpp = nd->nd_mrep;
*mpendp = m;
nd->nd_mrep = NULL;
}
} else
error = nd->nd_repstat;
nfsmout:
/* If nd->nd_mrep is already NULL, this is a no-op. */
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
NFSD_DEBUG(4, "nfsrv_readdsrpc error=%d\n", error);
return (error);
}
/*
* Do a write RPC on a DS data file, using this structure for the arguments,
* so that this function can be executed by a separate kernel process.
*/
struct nfsrvwritedsdorpc {
int done;
int inprog;
struct task tsk;
fhandle_t fh;
off_t off;
int len;
struct nfsmount *nmp;
struct ucred *cred;
NFSPROC_T *p;
struct mbuf *m;
int err;
};
static int
nfsrv_writedsdorpc(struct nfsmount *nmp, fhandle_t *fhp, off_t off, int len,
struct nfsvattr *nap, struct mbuf *m, struct ucred *cred, NFSPROC_T *p)
{
uint32_t *tl;
struct nfsrv_descript *nd;
nfsattrbit_t attrbits;
nfsv4stateid_t st;
int commit, error, retlen;
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
nfscl_reqstart(nd, NFSPROC_WRITE, nmp, (u_int8_t *)fhp,
sizeof(fhandle_t), NULL, NULL, 0, 0, false);
/*
* Use a stateid where other is an alternating 01010 pattern and
* seqid is 0xffffffff. This value is not defined as special by
* the RFC and is used by the FreeBSD NFS server to indicate an
* MDS->DS proxy operation.
*/
st.other[0] = 0x55555555;
st.other[1] = 0x55555555;
st.other[2] = 0x55555555;
st.seqid = 0xffffffff;
nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
NFSM_BUILD(tl, u_int32_t *, NFSX_HYPER + 2 * NFSX_UNSIGNED);
txdr_hyper(off, tl);
tl += 2;
/*
* Do all writes FileSync, since the server doesn't hold onto dirty
* buffers. Since clients should be accessing the DS servers directly
* using the pNFS layouts, this just needs to work correctly as a
* fallback.
*/
*tl++ = txdr_unsigned(NFSWRITE_FILESYNC);
*tl = txdr_unsigned(len);
NFSD_DEBUG(4, "nfsrv_writedsdorpc: len=%d\n", len);
/* Put data in mbuf chain. */
nd->nd_mb->m_next = m;
if ((m->m_flags & M_NOMAP) != 0)
nd->nd_flag |= ND_NOMAP;
/* Set nd_mb and nd_bpos to end of data. */
while (m->m_next != NULL)
m = m->m_next;
nd->nd_mb = m;
nfsm_set(nd, m->m_len, true);
NFSD_DEBUG(4, "nfsrv_writedsdorpc: lastmb len=%d\n", m->m_len);
/* Do a Getattr for the attributes that change upon writing. */
NFSZERO_ATTRBIT(&attrbits);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SIZE);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_CHANGE);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEACCESS);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEMODIFY);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SPACEUSED);
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(NFSV4OP_GETATTR);
(void) nfsrv_putattrbit(nd, &attrbits);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p,
cred, NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
NFSD_DEBUG(4, "nfsrv_writedsdorpc: aft writerpc=%d\n", nd->nd_repstat);
/* Get rid of weak cache consistency data for now. */
if ((nd->nd_flag & (ND_NOMOREDATA | ND_NFSV4 | ND_V4WCCATTR)) ==
(ND_NFSV4 | ND_V4WCCATTR)) {
error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0, NULL, NULL,
NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
NFSD_DEBUG(4, "nfsrv_writedsdorpc: wcc attr=%d\n", error);
if (error != 0)
goto nfsmout;
/*
* Get rid of Op# and status for next op.
*/
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
if (*++tl != 0)
nd->nd_flag |= ND_NOMOREDATA;
}
if (nd->nd_repstat == 0) {
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED + NFSX_VERF);
retlen = fxdr_unsigned(int, *tl++);
commit = fxdr_unsigned(int, *tl);
if (commit != NFSWRITE_FILESYNC)
error = NFSERR_IO;
NFSD_DEBUG(4, "nfsrv_writedsdorpc:retlen=%d commit=%d err=%d\n",
retlen, commit, error);
} else
error = nd->nd_repstat;
/* We have no use for the Write Verifier since we use FileSync. */
/*
* Get the Change, Size, Access Time and Modify Time attributes and set
* on the Metadata file, so its attributes will be what the file's
* would be if it had been written.
*/
if (error == 0) {
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0, NULL, NULL,
NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
}
NFSD_DEBUG(4, "nfsrv_writedsdorpc: aft loadattr=%d\n", error);
nfsmout:
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
NFSD_DEBUG(4, "nfsrv_writedsdorpc error=%d\n", error);
return (error);
}
/*
* Start up the thread that will execute nfsrv_writedsdorpc().
*/
static void
start_writedsdorpc(void *arg, int pending)
{
struct nfsrvwritedsdorpc *drpc;
drpc = (struct nfsrvwritedsdorpc *)arg;
drpc->err = nfsrv_writedsdorpc(drpc->nmp, &drpc->fh, drpc->off,
drpc->len, NULL, drpc->m, drpc->cred, drpc->p);
drpc->done = 1;
NFSD_DEBUG(4, "start_writedsdorpc: err=%d\n", drpc->err);
}
static int
nfsrv_writedsrpc(fhandle_t *fhp, off_t off, int len, struct ucred *cred,
NFSPROC_T *p, struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt,
struct mbuf **mpp, struct nfsrv_descript *nd, int *failposp)
{
struct nfsrvwritedsdorpc *drpc, *tdrpc = NULL;
struct nfsvattr na;
struct mbuf *m, *m1, *m2;
int error, i, offs, ret, timo;
bool gotnomap;
NFSD_DEBUG(4, "in nfsrv_writedsrpc\n");
KASSERT(*mpp != NULL, ("nfsrv_writedsrpc: NULL mbuf chain"));
drpc = NULL;
if (mirrorcnt > 1)
tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
M_WAITOK);
NFSD_DEBUG(4, "nfsrv_writedsrpc: mcopy len=%d\n", len);
/*
* For M_NOMAP mbufs, the mbuf chain needs to be split into 3 chains
* so that m_copym() can be done with offs == 0 and M_COPYALL.
* *mpp - Everything that preceeds the data to be written.
* m1 - The data to be written.
* m2 - Everything that follows the data to be written.
*/
m1 = *mpp;
gotnomap = false;
if ((m1->m_flags & M_NOMAP) != 0) {
gotnomap = true;
offs = nfsm_extpgs_calc_offs(nd->nd_md, nd->nd_dextpg,
nd->nd_dextpgsiz);
m1 = mb_splitatpos_ext(m1, offs, M_WAITOK);
m2 = mb_splitatpos_ext(m1, NFSM_RNDUP(len), M_WAITOK);
} else
offs = nd->nd_dpos - mtod(m1, char *);
/*
* Do the write RPC for every DS, using a separate kernel process
* for every DS except the last one.
*/
error = 0;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
tdrpc->done = 0;
NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
tdrpc->off = off;
tdrpc->len = len;
tdrpc->nmp = *nmpp;
tdrpc->cred = cred;
tdrpc->p = p;
tdrpc->inprog = 0;
tdrpc->err = 0;
if (gotnomap)
tdrpc->m = m_copym(m1, 0, M_COPYALL, M_WAITOK);
else
tdrpc->m = m_copym(m1, offs, NFSM_RNDUP(len),
M_WAITOK);
ret = EIO;
if (nfs_pnfsiothreads != 0) {
ret = nfs_pnfsio(start_writedsdorpc, tdrpc);
NFSD_DEBUG(4, "nfsrv_writedsrpc: nfs_pnfsio=%d\n",
ret);
}
if (ret != 0) {
ret = nfsrv_writedsdorpc(*nmpp, fhp, off, len, NULL,
tdrpc->m, cred, p);
if (nfsds_failerr(ret) && *failposp == -1)
*failposp = i;
else if (error == 0 && ret != 0)
error = ret;
}
nmpp++;
fhp++;
}
if (gotnomap)
m = m_copym(m1, 0, M_COPYALL, M_WAITOK);
else
m = m_copym(m1, offs, NFSM_RNDUP(len), M_WAITOK);
ret = nfsrv_writedsdorpc(*nmpp, fhp, off, len, &na, m, cred, p);
if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
*failposp = mirrorcnt - 1;
else if (error == 0 && ret != 0)
error = ret;
if (error == 0)
error = nfsrv_setextattr(vp, &na, p);
NFSD_DEBUG(4, "nfsrv_writedsrpc: aft setextat=%d\n", error);
tdrpc = drpc;
timo = hz / 50; /* Wait for 20msec. */
if (timo < 1)
timo = 1;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
/* Wait for RPCs on separate threads to complete. */
while (tdrpc->inprog != 0 && tdrpc->done == 0)
tsleep(&tdrpc->tsk, PVFS, "srvwrds", timo);
if (nfsds_failerr(tdrpc->err) && *failposp == -1)
*failposp = i;
else if (error == 0 && tdrpc->err != 0)
error = tdrpc->err;
}
/* For gotnomap, chain the lists back to-gether. */
if (gotnomap) {
m_last(*mpp)->m_next = m1;
m_last(m1)->m_next = m2;
nd->nd_md = m1;
nfsm_set(nd, 0, false);
}
free(drpc, M_TEMP);
return (error);
}
/*
* Do a allocate RPC on a DS data file, using this structure for the arguments,
* so that this function can be executed by a separate kernel process.
*/
struct nfsrvallocatedsdorpc {
int done;
int inprog;
struct task tsk;
fhandle_t fh;
off_t off;
off_t len;
struct nfsmount *nmp;
struct ucred *cred;
NFSPROC_T *p;
int err;
};
static int
nfsrv_allocatedsdorpc(struct nfsmount *nmp, fhandle_t *fhp, off_t off,
off_t len, struct nfsvattr *nap, struct ucred *cred, NFSPROC_T *p)
{
uint32_t *tl;
struct nfsrv_descript *nd;
nfsattrbit_t attrbits;
nfsv4stateid_t st;
int error;
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
nfscl_reqstart(nd, NFSPROC_ALLOCATE, nmp, (u_int8_t *)fhp,
sizeof(fhandle_t), NULL, NULL, 0, 0, false);
/*
* Use a stateid where other is an alternating 01010 pattern and
* seqid is 0xffffffff. This value is not defined as special by
* the RFC and is used by the FreeBSD NFS server to indicate an
* MDS->DS proxy operation.
*/
st.other[0] = 0x55555555;
st.other[1] = 0x55555555;
st.other[2] = 0x55555555;
st.seqid = 0xffffffff;
nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
NFSM_BUILD(tl, uint32_t *, 2 * NFSX_HYPER + NFSX_UNSIGNED);
txdr_hyper(off, tl); tl += 2;
txdr_hyper(len, tl); tl += 2;
NFSD_DEBUG(4, "nfsrv_allocatedsdorpc: len=%jd\n", (intmax_t)len);
*tl = txdr_unsigned(NFSV4OP_GETATTR);
NFSGETATTR_ATTRBIT(&attrbits);
nfsrv_putattrbit(nd, &attrbits);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p,
cred, NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
NFSD_DEBUG(4, "nfsrv_allocatedsdorpc: aft allocaterpc=%d\n",
nd->nd_repstat);
if (nd->nd_repstat == 0) {
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0, NULL, NULL,
NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
} else
error = nd->nd_repstat;
NFSD_DEBUG(4, "nfsrv_allocatedsdorpc: aft loadattr=%d\n", error);
nfsmout:
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
NFSD_DEBUG(4, "nfsrv_allocatedsdorpc error=%d\n", error);
return (error);
}
/*
* Start up the thread that will execute nfsrv_allocatedsdorpc().
*/
static void
start_allocatedsdorpc(void *arg, int pending)
{
struct nfsrvallocatedsdorpc *drpc;
drpc = (struct nfsrvallocatedsdorpc *)arg;
drpc->err = nfsrv_allocatedsdorpc(drpc->nmp, &drpc->fh, drpc->off,
drpc->len, NULL, drpc->cred, drpc->p);
drpc->done = 1;
NFSD_DEBUG(4, "start_allocatedsdorpc: err=%d\n", drpc->err);
}
static int
nfsrv_allocatedsrpc(fhandle_t *fhp, off_t off, off_t len, struct ucred *cred,
NFSPROC_T *p, struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt,
int *failposp)
{
struct nfsrvallocatedsdorpc *drpc, *tdrpc = NULL;
struct nfsvattr na;
int error, i, ret, timo;
NFSD_DEBUG(4, "in nfsrv_allocatedsrpc\n");
drpc = NULL;
if (mirrorcnt > 1)
tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
M_WAITOK);
/*
* Do the allocate RPC for every DS, using a separate kernel process
* for every DS except the last one.
*/
error = 0;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
tdrpc->done = 0;
NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
tdrpc->off = off;
tdrpc->len = len;
tdrpc->nmp = *nmpp;
tdrpc->cred = cred;
tdrpc->p = p;
tdrpc->inprog = 0;
tdrpc->err = 0;
ret = EIO;
if (nfs_pnfsiothreads != 0) {
ret = nfs_pnfsio(start_allocatedsdorpc, tdrpc);
NFSD_DEBUG(4, "nfsrv_allocatedsrpc: nfs_pnfsio=%d\n",
ret);
}
if (ret != 0) {
ret = nfsrv_allocatedsdorpc(*nmpp, fhp, off, len, NULL,
cred, p);
if (nfsds_failerr(ret) && *failposp == -1)
*failposp = i;
else if (error == 0 && ret != 0)
error = ret;
}
nmpp++;
fhp++;
}
ret = nfsrv_allocatedsdorpc(*nmpp, fhp, off, len, &na, cred, p);
if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
*failposp = mirrorcnt - 1;
else if (error == 0 && ret != 0)
error = ret;
if (error == 0)
error = nfsrv_setextattr(vp, &na, p);
NFSD_DEBUG(4, "nfsrv_allocatedsrpc: aft setextat=%d\n", error);
tdrpc = drpc;
timo = hz / 50; /* Wait for 20msec. */
if (timo < 1)
timo = 1;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
/* Wait for RPCs on separate threads to complete. */
while (tdrpc->inprog != 0 && tdrpc->done == 0)
tsleep(&tdrpc->tsk, PVFS, "srvalds", timo);
if (nfsds_failerr(tdrpc->err) && *failposp == -1)
*failposp = i;
else if (error == 0 && tdrpc->err != 0)
error = tdrpc->err;
}
free(drpc, M_TEMP);
return (error);
}
static int
nfsrv_setattrdsdorpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
struct vnode *vp, struct nfsmount *nmp, struct nfsvattr *nap,
struct nfsvattr *dsnap)
{
uint32_t *tl;
struct nfsrv_descript *nd;
nfsv4stateid_t st;
nfsattrbit_t attrbits;
int error;
NFSD_DEBUG(4, "in nfsrv_setattrdsdorpc\n");
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
/*
* Use a stateid where other is an alternating 01010 pattern and
* seqid is 0xffffffff. This value is not defined as special by
* the RFC and is used by the FreeBSD NFS server to indicate an
* MDS->DS proxy operation.
*/
st.other[0] = 0x55555555;
st.other[1] = 0x55555555;
st.other[2] = 0x55555555;
st.seqid = 0xffffffff;
nfscl_reqstart(nd, NFSPROC_SETATTR, nmp, (u_int8_t *)fhp, sizeof(*fhp),
NULL, NULL, 0, 0, false);
nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
nfscl_fillsattr(nd, &nap->na_vattr, vp, NFSSATTR_FULL, 0);
/* Do a Getattr for the attributes that change due to writing. */
NFSZERO_ATTRBIT(&attrbits);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SIZE);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_CHANGE);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEACCESS);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEMODIFY);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SPACEUSED);
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(NFSV4OP_GETATTR);
(void) nfsrv_putattrbit(nd, &attrbits);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
NFSD_DEBUG(4, "nfsrv_setattrdsdorpc: aft setattrrpc=%d\n",
nd->nd_repstat);
/* Get rid of weak cache consistency data for now. */
if ((nd->nd_flag & (ND_NOMOREDATA | ND_NFSV4 | ND_V4WCCATTR)) ==
(ND_NFSV4 | ND_V4WCCATTR)) {
error = nfsv4_loadattr(nd, NULL, dsnap, NULL, NULL, 0, NULL,
NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
NFSD_DEBUG(4, "nfsrv_setattrdsdorpc: wcc attr=%d\n", error);
if (error != 0)
goto nfsmout;
/*
* Get rid of Op# and status for next op.
*/
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
if (*++tl != 0)
nd->nd_flag |= ND_NOMOREDATA;
}
error = nfsrv_getattrbits(nd, &attrbits, NULL, NULL);
if (error != 0)
goto nfsmout;
if (nd->nd_repstat != 0)
error = nd->nd_repstat;
/*
* Get the Change, Size, Access Time and Modify Time attributes and set
* on the Metadata file, so its attributes will be what the file's
* would be if it had been written.
*/
if (error == 0) {
NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
error = nfsv4_loadattr(nd, NULL, dsnap, NULL, NULL, 0, NULL,
NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
}
NFSD_DEBUG(4, "nfsrv_setattrdsdorpc: aft setattr loadattr=%d\n", error);
nfsmout:
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
NFSD_DEBUG(4, "nfsrv_setattrdsdorpc error=%d\n", error);
return (error);
}
struct nfsrvsetattrdsdorpc {
int done;
int inprog;
struct task tsk;
fhandle_t fh;
struct nfsmount *nmp;
struct vnode *vp;
struct ucred *cred;
NFSPROC_T *p;
struct nfsvattr na;
struct nfsvattr dsna;
int err;
};
/*
* Start up the thread that will execute nfsrv_setattrdsdorpc().
*/
static void
start_setattrdsdorpc(void *arg, int pending)
{
struct nfsrvsetattrdsdorpc *drpc;
drpc = (struct nfsrvsetattrdsdorpc *)arg;
drpc->err = nfsrv_setattrdsdorpc(&drpc->fh, drpc->cred, drpc->p,
drpc->vp, drpc->nmp, &drpc->na, &drpc->dsna);
drpc->done = 1;
}
static int
nfsrv_setattrdsrpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt,
struct nfsvattr *nap, int *failposp)
{
struct nfsrvsetattrdsdorpc *drpc, *tdrpc = NULL;
struct nfsvattr na;
int error, i, ret, timo;
NFSD_DEBUG(4, "in nfsrv_setattrdsrpc\n");
drpc = NULL;
if (mirrorcnt > 1)
tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
M_WAITOK);
/*
* Do the setattr RPC for every DS, using a separate kernel process
* for every DS except the last one.
*/
error = 0;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
tdrpc->done = 0;
tdrpc->inprog = 0;
NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
tdrpc->nmp = *nmpp;
tdrpc->vp = vp;
tdrpc->cred = cred;
tdrpc->p = p;
tdrpc->na = *nap;
tdrpc->err = 0;
ret = EIO;
if (nfs_pnfsiothreads != 0) {
ret = nfs_pnfsio(start_setattrdsdorpc, tdrpc);
NFSD_DEBUG(4, "nfsrv_setattrdsrpc: nfs_pnfsio=%d\n",
ret);
}
if (ret != 0) {
ret = nfsrv_setattrdsdorpc(fhp, cred, p, vp, *nmpp, nap,
&na);
if (nfsds_failerr(ret) && *failposp == -1)
*failposp = i;
else if (error == 0 && ret != 0)
error = ret;
}
nmpp++;
fhp++;
}
ret = nfsrv_setattrdsdorpc(fhp, cred, p, vp, *nmpp, nap, &na);
if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
*failposp = mirrorcnt - 1;
else if (error == 0 && ret != 0)
error = ret;
if (error == 0)
error = nfsrv_setextattr(vp, &na, p);
NFSD_DEBUG(4, "nfsrv_setattrdsrpc: aft setextat=%d\n", error);
tdrpc = drpc;
timo = hz / 50; /* Wait for 20msec. */
if (timo < 1)
timo = 1;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
/* Wait for RPCs on separate threads to complete. */
while (tdrpc->inprog != 0 && tdrpc->done == 0)
tsleep(&tdrpc->tsk, PVFS, "srvsads", timo);
if (nfsds_failerr(tdrpc->err) && *failposp == -1)
*failposp = i;
else if (error == 0 && tdrpc->err != 0)
error = tdrpc->err;
}
free(drpc, M_TEMP);
return (error);
}
/*
* Do a Setattr of an NFSv4 ACL on the DS file.
*/
static int
nfsrv_setacldsdorpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
struct vnode *vp, struct nfsmount *nmp, struct acl *aclp)
{
struct nfsrv_descript *nd;
nfsv4stateid_t st;
nfsattrbit_t attrbits;
int error;
NFSD_DEBUG(4, "in nfsrv_setacldsdorpc\n");
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
/*
* Use a stateid where other is an alternating 01010 pattern and
* seqid is 0xffffffff. This value is not defined as special by
* the RFC and is used by the FreeBSD NFS server to indicate an
* MDS->DS proxy operation.
*/
st.other[0] = 0x55555555;
st.other[1] = 0x55555555;
st.other[2] = 0x55555555;
st.seqid = 0xffffffff;
nfscl_reqstart(nd, NFSPROC_SETACL, nmp, (u_int8_t *)fhp, sizeof(*fhp),
NULL, NULL, 0, 0, false);
nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
NFSZERO_ATTRBIT(&attrbits);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_ACL);
/*
* The "vp" argument to nfsv4_fillattr() is only used for vnode_type(),
* so passing in the metadata "vp" will be ok, since it is of
* the same type (VREG).
*/
nfsv4_fillattr(nd, NULL, vp, aclp, NULL, NULL, 0, &attrbits, NULL,
NULL, 0, 0, 0, 0, 0, NULL);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
NFSD_DEBUG(4, "nfsrv_setacldsdorpc: aft setaclrpc=%d\n",
nd->nd_repstat);
error = nd->nd_repstat;
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
return (error);
}
struct nfsrvsetacldsdorpc {
int done;
int inprog;
struct task tsk;
fhandle_t fh;
struct nfsmount *nmp;
struct vnode *vp;
struct ucred *cred;
NFSPROC_T *p;
struct acl *aclp;
int err;
};
/*
* Start up the thread that will execute nfsrv_setacldsdorpc().
*/
static void
start_setacldsdorpc(void *arg, int pending)
{
struct nfsrvsetacldsdorpc *drpc;
drpc = (struct nfsrvsetacldsdorpc *)arg;
drpc->err = nfsrv_setacldsdorpc(&drpc->fh, drpc->cred, drpc->p,
drpc->vp, drpc->nmp, drpc->aclp);
drpc->done = 1;
}
static int
nfsrv_setacldsrpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt, struct acl *aclp,
int *failposp)
{
struct nfsrvsetacldsdorpc *drpc, *tdrpc = NULL;
int error, i, ret, timo;
NFSD_DEBUG(4, "in nfsrv_setacldsrpc\n");
drpc = NULL;
if (mirrorcnt > 1)
tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
M_WAITOK);
/*
* Do the setattr RPC for every DS, using a separate kernel process
* for every DS except the last one.
*/
error = 0;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
tdrpc->done = 0;
tdrpc->inprog = 0;
NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
tdrpc->nmp = *nmpp;
tdrpc->vp = vp;
tdrpc->cred = cred;
tdrpc->p = p;
tdrpc->aclp = aclp;
tdrpc->err = 0;
ret = EIO;
if (nfs_pnfsiothreads != 0) {
ret = nfs_pnfsio(start_setacldsdorpc, tdrpc);
NFSD_DEBUG(4, "nfsrv_setacldsrpc: nfs_pnfsio=%d\n",
ret);
}
if (ret != 0) {
ret = nfsrv_setacldsdorpc(fhp, cred, p, vp, *nmpp,
aclp);
if (nfsds_failerr(ret) && *failposp == -1)
*failposp = i;
else if (error == 0 && ret != 0)
error = ret;
}
nmpp++;
fhp++;
}
ret = nfsrv_setacldsdorpc(fhp, cred, p, vp, *nmpp, aclp);
if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
*failposp = mirrorcnt - 1;
else if (error == 0 && ret != 0)
error = ret;
NFSD_DEBUG(4, "nfsrv_setacldsrpc: aft setextat=%d\n", error);
tdrpc = drpc;
timo = hz / 50; /* Wait for 20msec. */
if (timo < 1)
timo = 1;
for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
/* Wait for RPCs on separate threads to complete. */
while (tdrpc->inprog != 0 && tdrpc->done == 0)
tsleep(&tdrpc->tsk, PVFS, "srvacds", timo);
if (nfsds_failerr(tdrpc->err) && *failposp == -1)
*failposp = i;
else if (error == 0 && tdrpc->err != 0)
error = tdrpc->err;
}
free(drpc, M_TEMP);
return (error);
}
/*
* Getattr call to the DS for the attributes that change due to writing.
*/
static int
nfsrv_getattrdsrpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
struct vnode *vp, struct nfsmount *nmp, struct nfsvattr *nap)
{
struct nfsrv_descript *nd;
int error;
nfsattrbit_t attrbits;
NFSD_DEBUG(4, "in nfsrv_getattrdsrpc\n");
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
nfscl_reqstart(nd, NFSPROC_GETATTR, nmp, (u_int8_t *)fhp,
sizeof(fhandle_t), NULL, NULL, 0, 0, false);
NFSZERO_ATTRBIT(&attrbits);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SIZE);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_CHANGE);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEACCESS);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEMODIFY);
NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SPACEUSED);
(void) nfsrv_putattrbit(nd, &attrbits);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
NFSD_DEBUG(4, "nfsrv_getattrdsrpc: aft getattrrpc=%d\n",
nd->nd_repstat);
if (nd->nd_repstat == 0) {
error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0,
NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL,
NULL, NULL);
/*
* We can only save the updated values in the extended
* attribute if the vp is exclusively locked.
* This should happen when any of the following operations
* occur on the vnode:
* Close, Delegreturn, LayoutCommit, LayoutReturn
* As such, the updated extended attribute should get saved
* before nfsrv_checkdsattr() returns 0 and allows the cached
* attributes to be returned without calling this function.
*/
if (error == 0 && VOP_ISLOCKED(vp) == LK_EXCLUSIVE) {
error = nfsrv_setextattr(vp, nap, p);
NFSD_DEBUG(4, "nfsrv_getattrdsrpc: aft setextat=%d\n",
error);
}
} else
error = nd->nd_repstat;
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
NFSD_DEBUG(4, "nfsrv_getattrdsrpc error=%d\n", error);
return (error);
}
/*
* Seek call to a DS.
*/
static int
nfsrv_seekdsrpc(fhandle_t *fhp, off_t *offp, int content, bool *eofp,
struct ucred *cred, NFSPROC_T *p, struct nfsmount *nmp)
{
uint32_t *tl;
struct nfsrv_descript *nd;
nfsv4stateid_t st;
int error;
NFSD_DEBUG(4, "in nfsrv_seekdsrpc\n");
/*
* Use a stateid where other is an alternating 01010 pattern and
* seqid is 0xffffffff. This value is not defined as special by
* the RFC and is used by the FreeBSD NFS server to indicate an
* MDS->DS proxy operation.
*/
st.other[0] = 0x55555555;
st.other[1] = 0x55555555;
st.other[2] = 0x55555555;
st.seqid = 0xffffffff;
nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
nfscl_reqstart(nd, NFSPROC_SEEKDS, nmp, (u_int8_t *)fhp,
sizeof(fhandle_t), NULL, NULL, 0, 0, false);
nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
NFSM_BUILD(tl, uint32_t *, NFSX_HYPER + NFSX_UNSIGNED);
txdr_hyper(*offp, tl); tl += 2;
*tl = txdr_unsigned(content);
error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
if (error != 0) {
free(nd, M_TEMP);
return (error);
}
NFSD_DEBUG(4, "nfsrv_seekdsrpc: aft seekrpc=%d\n", nd->nd_repstat);
if (nd->nd_repstat == 0) {
NFSM_DISSECT(tl, uint32_t *, NFSX_UNSIGNED + NFSX_HYPER);
if (*tl++ == newnfs_true)
*eofp = true;
else
*eofp = false;
*offp = fxdr_hyper(tl);
} else
error = nd->nd_repstat;
nfsmout:
m_freem(nd->nd_mrep);
free(nd, M_TEMP);
NFSD_DEBUG(4, "nfsrv_seekdsrpc error=%d\n", error);
return (error);
}
/*
* Get the device id and file handle for a DS file.
*/
int
nfsrv_dsgetdevandfh(struct vnode *vp, NFSPROC_T *p, int *mirrorcntp,
fhandle_t *fhp, char *devid)
{
int buflen, error;
char *buf;
buflen = 1024;
buf = malloc(buflen, M_TEMP, M_WAITOK);
error = nfsrv_dsgetsockmnt(vp, 0, buf, &buflen, mirrorcntp, p, NULL,
fhp, devid, NULL, NULL, NULL, NULL, NULL, NULL);
free(buf, M_TEMP);
return (error);
}
/*
* Do a Lookup against the DS for the filename.
*/
static int
nfsrv_pnfslookupds(struct vnode *vp, struct vnode *dvp, struct pnfsdsfile *pf,
struct vnode **nvpp, NFSPROC_T *p)
{
struct nameidata named;
struct ucred *tcred;
char *bufp;
u_long *hashp;
struct vnode *nvp;
int error;
tcred = newnfs_getcred();
named.ni_cnd.cn_nameiop = LOOKUP;
named.ni_cnd.cn_lkflags = LK_SHARED | LK_RETRY;
named.ni_cnd.cn_cred = tcred;
named.ni_cnd.cn_thread = p;
named.ni_cnd.cn_flags = ISLASTCN | LOCKPARENT | LOCKLEAF | SAVENAME;
nfsvno_setpathbuf(&named, &bufp, &hashp);
named.ni_cnd.cn_nameptr = bufp;
named.ni_cnd.cn_namelen = strlen(pf->dsf_filename);
strlcpy(bufp, pf->dsf_filename, NAME_MAX);
NFSD_DEBUG(4, "nfsrv_pnfslookupds: filename=%s\n", bufp);
error = VOP_LOOKUP(dvp, &nvp, &named.ni_cnd);
NFSD_DEBUG(4, "nfsrv_pnfslookupds: aft LOOKUP=%d\n", error);
NFSFREECRED(tcred);
nfsvno_relpathbuf(&named);
if (error == 0)
*nvpp = nvp;
NFSD_DEBUG(4, "eo nfsrv_pnfslookupds=%d\n", error);
return (error);
}
/*
* Set the file handle to the correct one.
*/
static void
nfsrv_pnfssetfh(struct vnode *vp, struct pnfsdsfile *pf, char *devid,
char *fnamep, struct vnode *nvp, NFSPROC_T *p)
{
struct nfsnode *np;
int ret = 0;
np = VTONFS(nvp);
NFSBCOPY(np->n_fhp->nfh_fh, &pf->dsf_fh, NFSX_MYFH);
/*
* We can only do a vn_set_extattr() if the vnode is exclusively
* locked and vn_start_write() has been done. If devid != NULL or
* fnamep != NULL or the vnode is shared locked, vn_start_write()
* may not have been done.
* If not done now, it will be done on a future call.
*/
if (devid == NULL && fnamep == NULL && NFSVOPISLOCKED(vp) ==
LK_EXCLUSIVE)
ret = vn_extattr_set(vp, IO_NODELOCKED,
EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsfile", sizeof(*pf),
(char *)pf, p);
NFSD_DEBUG(4, "eo nfsrv_pnfssetfh=%d\n", ret);
}
/*
* Cause RPCs waiting on "nmp" to fail. This is called for a DS mount point
* when the DS has failed.
*/
void
nfsrv_killrpcs(struct nfsmount *nmp)
{
/*
* Call newnfs_nmcancelreqs() to cause
* any RPCs in progress on the mount point to
* fail.
* This will cause any process waiting for an
* RPC to complete while holding a vnode lock
* on the mounted-on vnode (such as "df" or
* a non-forced "umount") to fail.
* This will unlock the mounted-on vnode so
* a forced dismount can succeed.
* The NFSMNTP_CANCELRPCS flag should be set when this function is
* called.
*/
newnfs_nmcancelreqs(nmp);
}
/*
* Sum up the statfs info for each of the DSs, so that the client will
* receive the total for all DSs.
*/
static int
nfsrv_pnfsstatfs(struct statfs *sf, struct mount *mp)
{
struct statfs *tsf;
struct nfsdevice *ds;
struct vnode **dvpp, **tdvpp, *dvp;
uint64_t tot;
int cnt, error = 0, i;
if (nfsrv_devidcnt <= 0)
return (ENXIO);
dvpp = mallocarray(nfsrv_devidcnt, sizeof(*dvpp), M_TEMP, M_WAITOK);
tsf = malloc(sizeof(*tsf), M_TEMP, M_WAITOK);
/* Get an array of the dvps for the DSs. */
tdvpp = dvpp;
i = 0;
NFSDDSLOCK();
/* First, search for matches for same file system. */
TAILQ_FOREACH(ds, &nfsrv_devidhead, nfsdev_list) {
if (ds->nfsdev_nmp != NULL && ds->nfsdev_mdsisset != 0 &&
ds->nfsdev_mdsfsid.val[0] == mp->mnt_stat.f_fsid.val[0] &&
ds->nfsdev_mdsfsid.val[1] == mp->mnt_stat.f_fsid.val[1]) {
if (++i > nfsrv_devidcnt)
break;
*tdvpp++ = ds->nfsdev_dvp;
}
}
/*
* If no matches for same file system, total all servers not assigned
* to a file system.
*/
if (i == 0) {
TAILQ_FOREACH(ds, &nfsrv_devidhead, nfsdev_list) {
if (ds->nfsdev_nmp != NULL &&
ds->nfsdev_mdsisset == 0) {
if (++i > nfsrv_devidcnt)
break;
*tdvpp++ = ds->nfsdev_dvp;
}
}
}
NFSDDSUNLOCK();
cnt = i;
/* Do a VFS_STATFS() for each of the DSs and sum them up. */
tdvpp = dvpp;
for (i = 0; i < cnt && error == 0; i++) {
dvp = *tdvpp++;
error = VFS_STATFS(dvp->v_mount, tsf);
if (error == 0) {
if (sf->f_bsize == 0) {
if (tsf->f_bsize > 0)
sf->f_bsize = tsf->f_bsize;
else
sf->f_bsize = 8192;
}
if (tsf->f_blocks > 0) {
if (sf->f_bsize != tsf->f_bsize) {
tot = tsf->f_blocks * tsf->f_bsize;
sf->f_blocks += (tot / sf->f_bsize);
} else
sf->f_blocks += tsf->f_blocks;
}
if (tsf->f_bfree > 0) {
if (sf->f_bsize != tsf->f_bsize) {
tot = tsf->f_bfree * tsf->f_bsize;
sf->f_bfree += (tot / sf->f_bsize);
} else
sf->f_bfree += tsf->f_bfree;
}
if (tsf->f_bavail > 0) {
if (sf->f_bsize != tsf->f_bsize) {
tot = tsf->f_bavail * tsf->f_bsize;
sf->f_bavail += (tot / sf->f_bsize);
} else
sf->f_bavail += tsf->f_bavail;
}
}
}
free(tsf, M_TEMP);
free(dvpp, M_TEMP);
return (error);
}
/*
* Set an NFSv4 acl.
*/
int
nfsrv_setacl(struct vnode *vp, NFSACL_T *aclp, struct ucred *cred, NFSPROC_T *p)
{
int error;
if (nfsrv_useacl == 0 || nfs_supportsnfsv4acls(vp) == 0) {
error = NFSERR_ATTRNOTSUPP;
goto out;
}
/*
* With NFSv4 ACLs, chmod(2) may need to add additional entries.
* Make sure it has enough room for that - splitting every entry
* into two and appending "canonical six" entries at the end.
* Cribbed out of kern/vfs_acl.c - Rick M.
*/
if (aclp->acl_cnt > (ACL_MAX_ENTRIES - 6) / 2) {
error = NFSERR_ATTRNOTSUPP;
goto out;
}
error = VOP_SETACL(vp, ACL_TYPE_NFS4, aclp, cred, p);
if (error == 0) {
error = nfsrv_dssetacl(vp, aclp, cred, p);
if (error == ENOENT)
error = 0;
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* Seek vnode op call (actually it is a VOP_IOCTL()).
* This function is called with the vnode locked, but unlocks and vrele()s
* the vp before returning.
*/
int
nfsvno_seek(struct nfsrv_descript *nd, struct vnode *vp, u_long cmd,
off_t *offp, int content, bool *eofp, struct ucred *cred, NFSPROC_T *p)
{
struct nfsvattr at;
int error, ret;
ASSERT_VOP_LOCKED(vp, "nfsvno_seek vp");
/*
* Attempt to seek on a DS file. A return of ENOENT implies
* there is no DS file to seek on.
*/
error = nfsrv_proxyds(vp, 0, 0, cred, p, NFSPROC_SEEKDS, NULL,
NULL, NULL, NULL, NULL, offp, content, eofp);
if (error != ENOENT) {
vput(vp);
return (error);
}
/*
* Do the VOP_IOCTL() call. For the case where *offp == file_size,
* VOP_IOCTL() will return ENXIO. However, the correct reply for
* NFSv4.2 is *eofp == true and error == 0 for this case.
*/
NFSVOPUNLOCK(vp);
error = VOP_IOCTL(vp, cmd, offp, 0, cred, p);
*eofp = false;
if (error == ENXIO || (error == 0 && cmd == FIOSEEKHOLE)) {
/* Handle the cases where we might be at EOF. */
ret = nfsvno_getattr(vp, &at, nd, p, 0, NULL);
if (ret == 0 && *offp == at.na_size) {
*eofp = true;
error = 0;
}
if (ret != 0 && error == 0)
error = ret;
}
vrele(vp);
NFSEXITCODE(error);
return (error);
}
/*
* Allocate vnode op call.
*/
int
nfsvno_allocate(struct vnode *vp, off_t off, off_t len, struct ucred *cred,
NFSPROC_T *p)
{
int error, trycnt;
ASSERT_VOP_ELOCKED(vp, "nfsvno_allocate vp");
/*
* Attempt to allocate on a DS file. A return of ENOENT implies
* there is no DS file to allocate on.
*/
error = nfsrv_proxyds(vp, off, 0, cred, p, NFSPROC_ALLOCATE, NULL,
NULL, NULL, NULL, NULL, &len, 0, NULL);
if (error != ENOENT)
return (error);
error = 0;
/*
* Do the actual VOP_ALLOCATE(), looping a reasonable number of
* times to achieve completion.
*/
trycnt = 0;
while (error == 0 && len > 0 && trycnt++ < 20)
error = VOP_ALLOCATE(vp, &off, &len);
if (error == 0 && len > 0)
error = NFSERR_IO;
NFSEXITCODE(error);
return (error);
}
/*
* Get Extended Atribute vnode op into an mbuf list.
*/
int
nfsvno_getxattr(struct vnode *vp, char *name, uint32_t maxresp,
struct ucred *cred, uint64_t flag, int maxextsiz, struct thread *p,
struct mbuf **mpp, struct mbuf **mpendp, int *lenp)
{
struct iovec *iv;
struct uio io, *uiop = &io;
struct mbuf *m, *m2;
int alen, error, len, tlen;
size_t siz;
/* First, find out the size of the extended attribute. */
error = VOP_GETEXTATTR(vp, EXTATTR_NAMESPACE_USER, name, NULL,
&siz, cred, p);
if (error != 0)
return (NFSERR_NOXATTR);
if (siz > maxresp - NFS_MAXXDR)
return (NFSERR_XATTR2BIG);
len = siz;
tlen = NFSM_RNDUP(len);
/*
* If the cnt is larger than MCLBYTES, use ext_pgs if
* possible.
* Always use ext_pgs if ND_NOMAP is set.
*/
if ((flag & ND_NOMAP) != 0 || (tlen > MCLBYTES &&
PMAP_HAS_DMAP != 0 && ((flag & ND_TLS) != 0 || nfs_use_ext_pgs)))
uiop->uio_iovcnt = nfsrv_createiovec_extpgs(tlen, maxextsiz,
&m, &m2, &iv);
else
uiop->uio_iovcnt = nfsrv_createiovec(tlen, &m, &m2, &iv);
uiop->uio_iov = iv;
uiop->uio_offset = 0;
uiop->uio_resid = tlen;
uiop->uio_rw = UIO_READ;
uiop->uio_segflg = UIO_SYSSPACE;
uiop->uio_td = p;
#ifdef MAC
error = mac_vnode_check_getextattr(cred, vp, EXTATTR_NAMESPACE_USER,
name);
if (error != 0)
goto out;
#endif
error = VOP_GETEXTATTR(vp, EXTATTR_NAMESPACE_USER, name, uiop, NULL,
cred, p);
if (error != 0)
goto out;
if (uiop->uio_resid > 0) {
alen = tlen;
len = tlen - uiop->uio_resid;
tlen = NFSM_RNDUP(len);
if (alen != tlen)
printf("nfsvno_getxattr: weird size read\n");
if (tlen == 0) {
m_freem(m);
m = m2 = NULL;
} else if (alen != tlen || tlen != len)
m2 = nfsrv_adj(m, alen - tlen, tlen - len);
}
*lenp = len;
*mpp = m;
*mpendp = m2;
out:
if (error != 0) {
m_freem(m);
*lenp = 0;
}
free(iv, M_TEMP);
NFSEXITCODE(error);
return (error);
}
/*
* Set Extended attribute vnode op from an mbuf list.
*/
int
nfsvno_setxattr(struct vnode *vp, char *name, int len, struct mbuf *m,
char *cp, int dextpg, int dextpgsiz, struct ucred *cred,
struct thread *p)
{
struct iovec *iv;
struct uio uio, *uiop = &uio;
int cnt, error;
error = 0;
#ifdef MAC
error = mac_vnode_check_setextattr(cred, vp, EXTATTR_NAMESPACE_USER,
name);
#endif
if (error != 0)
goto out;
uiop->uio_rw = UIO_WRITE;
uiop->uio_segflg = UIO_SYSSPACE;
uiop->uio_td = p;
uiop->uio_offset = 0;
uiop->uio_resid = len;
if ((m->m_flags & M_NOMAP) != 0)
error = nfsrv_createiovecw_extpgs(len, m, cp, dextpg,
dextpgsiz, &iv, &cnt);
else
error = nfsrv_createiovecw(len, m, cp, &iv, &cnt);
uiop->uio_iov = iv;
uiop->uio_iovcnt = cnt;
if (error == 0) {
error = VOP_SETEXTATTR(vp, EXTATTR_NAMESPACE_USER, name, uiop,
cred, p);
free(iv, M_TEMP);
}
out:
NFSEXITCODE(error);
return (error);
}
/*
* Remove Extended attribute vnode op.
*/
int
nfsvno_rmxattr(struct nfsrv_descript *nd, struct vnode *vp, char *name,
struct ucred *cred, struct thread *p)
{
int error;
/*
* Get rid of any delegations. I am not sure why this is required,
* but RFC-8276 says so.
*/
error = nfsrv_checkremove(vp, 0, nd, nd->nd_clientid, p);
if (error != 0)
goto out;
#ifdef MAC
error = mac_vnode_check_deleteextattr(cred, vp, EXTATTR_NAMESPACE_USER,
name);
if (error != 0)
goto out;
#endif
error = VOP_DELETEEXTATTR(vp, EXTATTR_NAMESPACE_USER, name, cred, p);
if (error == EOPNOTSUPP)
error = VOP_SETEXTATTR(vp, EXTATTR_NAMESPACE_USER, name, NULL,
cred, p);
out:
NFSEXITCODE(error);
return (error);
}
/*
* List Extended Atribute vnode op into an mbuf list.
*/
int
nfsvno_listxattr(struct vnode *vp, uint64_t cookie, struct ucred *cred,
struct thread *p, u_char **bufp, uint32_t *lenp, bool *eofp)
{
struct iovec iv;
struct uio io;
int error;
size_t siz;
*bufp = NULL;
/* First, find out the size of the extended attribute. */
error = VOP_LISTEXTATTR(vp, EXTATTR_NAMESPACE_USER, NULL, &siz, cred,
p);
if (error != 0)
return (NFSERR_NOXATTR);
if (siz <= cookie) {
*lenp = 0;
*eofp = true;
goto out;
}
if (siz > cookie + *lenp) {
siz = cookie + *lenp;
*eofp = false;
} else
*eofp = true;
/* Just choose a sanity limit of 10Mbytes for malloc(M_TEMP). */
if (siz > 10 * 1024 * 1024) {
error = NFSERR_XATTR2BIG;
goto out;
}
*bufp = malloc(siz, M_TEMP, M_WAITOK);
iv.iov_base = *bufp;
iv.iov_len = siz;
io.uio_iovcnt = 1;
io.uio_iov = &iv;
io.uio_offset = 0;
io.uio_resid = siz;
io.uio_rw = UIO_READ;
io.uio_segflg = UIO_SYSSPACE;
io.uio_td = p;
#ifdef MAC
error = mac_vnode_check_listextattr(cred, vp, EXTATTR_NAMESPACE_USER);
if (error != 0)
goto out;
#endif
error = VOP_LISTEXTATTR(vp, EXTATTR_NAMESPACE_USER, &io, NULL, cred,
p);
if (error != 0)
goto out;
if (io.uio_resid > 0)
siz -= io.uio_resid;
*lenp = siz;
out:
if (error != 0) {
free(*bufp, M_TEMP);
*bufp = NULL;
}
NFSEXITCODE(error);
return (error);
}
extern int (*nfsd_call_nfsd)(struct thread *, struct nfssvc_args *);
/*
* Called once to initialize data structures...
*/
static int
nfsd_modevent(module_t mod, int type, void *data)
{
int error = 0, i;
static int loaded = 0;
switch (type) {
case MOD_LOAD:
if (loaded)
goto out;
newnfs_portinit();
for (i = 0; i < NFSRVCACHE_HASHSIZE; i++) {
mtx_init(&nfsrchash_table[i].mtx, "nfsrtc", NULL,
MTX_DEF);
mtx_init(&nfsrcahash_table[i].mtx, "nfsrtca", NULL,
MTX_DEF);
}
mtx_init(&nfsrc_udpmtx, "nfsuc", NULL, MTX_DEF);
mtx_init(&nfs_v4root_mutex, "nfs4rt", NULL, MTX_DEF);
mtx_init(&nfsv4root_mnt.mnt_mtx, "nfs4mnt", NULL, MTX_DEF);
mtx_init(&nfsrv_dontlistlock_mtx, "nfs4dnl", NULL, MTX_DEF);
mtx_init(&nfsrv_recalllock_mtx, "nfs4rec", NULL, MTX_DEF);
lockinit(&nfsv4root_mnt.mnt_explock, PVFS, "explock", 0, 0);
nfsrvd_initcache();
nfsd_init();
NFSD_LOCK();
nfsrvd_init(0);
NFSD_UNLOCK();
nfsd_mntinit();
#ifdef VV_DISABLEDELEG
vn_deleg_ops.vndeleg_recall = nfsd_recalldelegation;
vn_deleg_ops.vndeleg_disable = nfsd_disabledelegation;
#endif
nfsd_call_servertimer = nfsrv_servertimer;
nfsd_call_nfsd = nfssvc_nfsd;
loaded = 1;
break;
case MOD_UNLOAD:
if (newnfs_numnfsd != 0) {
error = EBUSY;
break;
}
#ifdef VV_DISABLEDELEG
vn_deleg_ops.vndeleg_recall = NULL;
vn_deleg_ops.vndeleg_disable = NULL;
#endif
nfsd_call_servertimer = NULL;
nfsd_call_nfsd = NULL;
/* Clean out all NFSv4 state. */
nfsrv_throwawayallstate(curthread);
/* Clean the NFS server reply cache */
nfsrvd_cleancache();
/* Free up the krpc server pool. */
if (nfsrvd_pool != NULL)
svcpool_destroy(nfsrvd_pool);
/* and get rid of the locks */
for (i = 0; i < NFSRVCACHE_HASHSIZE; i++) {
mtx_destroy(&nfsrchash_table[i].mtx);
mtx_destroy(&nfsrcahash_table[i].mtx);
}
mtx_destroy(&nfsrc_udpmtx);
mtx_destroy(&nfs_v4root_mutex);
mtx_destroy(&nfsv4root_mnt.mnt_mtx);
mtx_destroy(&nfsrv_dontlistlock_mtx);
mtx_destroy(&nfsrv_recalllock_mtx);
for (i = 0; i < nfsrv_sessionhashsize; i++)
mtx_destroy(&nfssessionhash[i].mtx);
if (nfslayouthash != NULL) {
for (i = 0; i < nfsrv_layouthashsize; i++)
mtx_destroy(&nfslayouthash[i].mtx);
free(nfslayouthash, M_NFSDSESSION);
}
lockdestroy(&nfsv4root_mnt.mnt_explock);
free(nfsclienthash, M_NFSDCLIENT);
free(nfslockhash, M_NFSDLOCKFILE);
free(nfssessionhash, M_NFSDSESSION);
loaded = 0;
break;
default:
error = EOPNOTSUPP;
break;
}
out:
NFSEXITCODE(error);
return (error);
}
static moduledata_t nfsd_mod = {
"nfsd",
nfsd_modevent,
NULL,
};
DECLARE_MODULE(nfsd, nfsd_mod, SI_SUB_VFS, SI_ORDER_ANY);
/* So that loader and kldload(2) can find us, wherever we are.. */
MODULE_VERSION(nfsd, 1);
MODULE_DEPEND(nfsd, nfscommon, 1, 1, 1);
MODULE_DEPEND(nfsd, nfslock, 1, 1, 1);
MODULE_DEPEND(nfsd, nfslockd, 1, 1, 1);
MODULE_DEPEND(nfsd, krpc, 1, 1, 1);
MODULE_DEPEND(nfsd, nfssvc, 1, 1, 1);
Index: projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdsubs.c
===================================================================
--- projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdsubs.c (revision 359683)
+++ projects/nfs-over-tls/sys/fs/nfsserver/nfs_nfsdsubs.c (revision 359684)
@@ -1,2199 +1,2199 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Rick Macklem at The University of Guelph.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#ifndef APPLEKEXT
/*
* These functions support the macros and help fiddle mbuf chains for
* the nfs op functions. They do things like create the rpc header and
* copy data between mbuf chains and uio lists.
*/
#include <fs/nfs/nfsport.h>
extern u_int32_t newnfs_true, newnfs_false;
extern int nfs_pubfhset;
extern struct nfsclienthashhead *nfsclienthash;
extern int nfsrv_clienthashsize;
extern struct nfslockhashhead *nfslockhash;
extern int nfsrv_lockhashsize;
extern struct nfssessionhash *nfssessionhash;
extern int nfsrv_sessionhashsize;
extern int nfsrv_useacl;
extern uid_t nfsrv_defaultuid;
extern gid_t nfsrv_defaultgid;
char nfs_v2pubfh[NFSX_V2FH];
struct nfsdontlisthead nfsrv_dontlisthead;
struct nfslayouthead nfsrv_recalllisthead;
static nfstype newnfsv2_type[9] = { NFNON, NFREG, NFDIR, NFBLK, NFCHR, NFLNK,
NFNON, NFCHR, NFNON };
extern nfstype nfsv34_type[9];
#endif /* !APPLEKEXT */
static u_int32_t nfsrv_isannfserr(u_int32_t);
SYSCTL_DECL(_vfs_nfsd);
static int enable_checkutf8 = 1;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_checkutf8, CTLFLAG_RW,
&enable_checkutf8, 0,
"Enable the NFSv4 check for the UTF8 compliant name required by rfc3530");
static int enable_nobodycheck = 1;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_nobodycheck, CTLFLAG_RW,
&enable_nobodycheck, 0,
"Enable the NFSv4 check when setting user nobody as owner");
static int enable_nogroupcheck = 1;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_nogroupcheck, CTLFLAG_RW,
&enable_nogroupcheck, 0,
"Enable the NFSv4 check when setting group nogroup as owner");
static char nfsrv_hexdigit(char, int *);
/*
* Maps errno values to nfs error numbers.
* Use NFSERR_IO as the catch all for ones not specifically defined in
* RFC 1094. (It now includes the errors added for NFSv3.)
*/
static u_char nfsrv_v2errmap[NFSERR_REMOTE] = {
NFSERR_PERM, NFSERR_NOENT, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_NXIO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_ACCES, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_EXIST, NFSERR_XDEV, NFSERR_NODEV, NFSERR_NOTDIR,
NFSERR_ISDIR, NFSERR_INVAL, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_FBIG, NFSERR_NOSPC, NFSERR_IO, NFSERR_ROFS,
NFSERR_MLINK, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
NFSERR_IO, NFSERR_IO, NFSERR_NAMETOL, NFSERR_IO, NFSERR_IO,
NFSERR_NOTEMPTY, NFSERR_IO, NFSERR_IO, NFSERR_DQUOT, NFSERR_STALE,
NFSERR_REMOTE,
};
/*
* Maps errno values to nfs error numbers.
* Although it is not obvious whether or not NFS clients really care if
* a returned error value is in the specified list for the procedure, the
* safest thing to do is filter them appropriately. For Version 2, the
* X/Open XNFS document is the only specification that defines error values
* for each RPC (The RFC simply lists all possible error values for all RPCs),
* so I have decided to not do this for Version 2.
* The first entry is the default error return and the rest are the valid
* errors for that RPC in increasing numeric order.
*/
static short nfsv3err_null[] = {
0,
0,
};
static short nfsv3err_getattr[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_setattr[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_PERM,
NFSERR_IO,
NFSERR_INVAL,
NFSERR_NOSPC,
NFSERR_ROFS,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOT_SYNC,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_lookup[] = {
NFSERR_IO,
NFSERR_NOENT,
NFSERR_ACCES,
NFSERR_NAMETOL,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_access[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_readlink[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_ACCES,
NFSERR_INVAL,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_read[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_NXIO,
NFSERR_ACCES,
NFSERR_INVAL,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_write[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_ACCES,
NFSERR_NOSPC,
NFSERR_INVAL,
NFSERR_FBIG,
NFSERR_ROFS,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_create[] = {
NFSERR_IO,
NFSERR_EXIST,
NFSERR_NAMETOL,
NFSERR_ACCES,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_NOSPC,
NFSERR_ROFS,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_mkdir[] = {
NFSERR_IO,
NFSERR_EXIST,
NFSERR_ACCES,
NFSERR_NAMETOL,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_NOSPC,
NFSERR_ROFS,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_symlink[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_EXIST,
NFSERR_NAMETOL,
NFSERR_NOSPC,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_ROFS,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_mknod[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_EXIST,
NFSERR_NAMETOL,
NFSERR_NOSPC,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_ROFS,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
NFSERR_BADTYPE,
0,
};
static short nfsv3err_remove[] = {
NFSERR_IO,
NFSERR_NOENT,
NFSERR_ACCES,
NFSERR_NAMETOL,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_ROFS,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_rmdir[] = {
NFSERR_IO,
NFSERR_NOENT,
NFSERR_ACCES,
NFSERR_NOTDIR,
NFSERR_NAMETOL,
NFSERR_IO,
NFSERR_EXIST,
NFSERR_INVAL,
NFSERR_ROFS,
NFSERR_NOTEMPTY,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_rename[] = {
NFSERR_IO,
NFSERR_NOENT,
NFSERR_ACCES,
NFSERR_EXIST,
NFSERR_NAMETOL,
NFSERR_XDEV,
NFSERR_IO,
NFSERR_NOTDIR,
NFSERR_ISDIR,
NFSERR_INVAL,
NFSERR_NOSPC,
NFSERR_ROFS,
NFSERR_MLINK,
NFSERR_NOTEMPTY,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_link[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_EXIST,
NFSERR_NAMETOL,
NFSERR_IO,
NFSERR_XDEV,
NFSERR_NOTDIR,
NFSERR_INVAL,
NFSERR_NOSPC,
NFSERR_ROFS,
NFSERR_MLINK,
NFSERR_DQUOT,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_NOTSUPP,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_readdir[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_NOTDIR,
NFSERR_IO,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_BAD_COOKIE,
NFSERR_TOOSMALL,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_readdirplus[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_NOTDIR,
NFSERR_IO,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_BAD_COOKIE,
NFSERR_NOTSUPP,
NFSERR_TOOSMALL,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_fsstat[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_fsinfo[] = {
NFSERR_STALE,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_pathconf[] = {
NFSERR_STALE,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short nfsv3err_commit[] = {
NFSERR_IO,
NFSERR_IO,
NFSERR_STALE,
NFSERR_BADHANDLE,
NFSERR_SERVERFAULT,
NFSERR_DELAY,
0,
};
static short *nfsrv_v3errmap[] = {
nfsv3err_null,
nfsv3err_getattr,
nfsv3err_setattr,
nfsv3err_lookup,
nfsv3err_access,
nfsv3err_readlink,
nfsv3err_read,
nfsv3err_write,
nfsv3err_create,
nfsv3err_mkdir,
nfsv3err_symlink,
nfsv3err_mknod,
nfsv3err_remove,
nfsv3err_rmdir,
nfsv3err_rename,
nfsv3err_link,
nfsv3err_readdir,
nfsv3err_readdirplus,
nfsv3err_fsstat,
nfsv3err_fsinfo,
nfsv3err_pathconf,
nfsv3err_commit,
};
/*
* And the same for V4.
*/
static short nfsv4err_null[] = {
0,
0,
};
static short nfsv4err_access[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_close[] = {
NFSERR_EXPIRED,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADSEQID,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_LOCKSHELD,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_OLDSTATEID,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_commit[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_ISDIR,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_create[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_ATTRNOTSUPP,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADOWNER,
NFSERR_BADTYPE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_EXIST,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOFILEHANDLE,
NFSERR_NOSPC,
NFSERR_NOTDIR,
NFSERR_PERM,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_delegpurge[] = {
NFSERR_SERVERFAULT,
NFSERR_BADXDR,
NFSERR_NOTSUPP,
NFSERR_LEASEMOVED,
NFSERR_MOVED,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALECLIENTID,
0,
};
static short nfsv4err_delegreturn[] = {
NFSERR_SERVERFAULT,
NFSERR_ADMINREVOKED,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_EXPIRED,
NFSERR_INVAL,
NFSERR_LEASEMOVED,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOTSUPP,
NFSERR_OLDSTATEID,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_getattr[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_getfh[] = {
NFSERR_BADHANDLE,
NFSERR_BADHANDLE,
NFSERR_FHEXPIRED,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_link[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_EXIST,
NFSERR_FHEXPIRED,
NFSERR_FILEOPEN,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_ISDIR,
NFSERR_MLINK,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOSPC,
NFSERR_NOTDIR,
NFSERR_NOTSUPP,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_WRONGSEC,
NFSERR_XDEV,
0,
};
static short nfsv4err_lock[] = {
NFSERR_SERVERFAULT,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADRANGE,
NFSERR_BADSEQID,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_DEADLOCK,
NFSERR_DELAY,
NFSERR_DENIED,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_LOCKNOTSUPP,
NFSERR_LOCKRANGE,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOGRACE,
NFSERR_OLDSTATEID,
NFSERR_OPENMODE,
NFSERR_RECLAIMBAD,
NFSERR_RECLAIMCONFLICT,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALECLIENTID,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_lockt[] = {
NFSERR_SERVERFAULT,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_BADRANGE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DENIED,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_LOCKRANGE,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALECLIENTID,
0,
};
static short nfsv4err_locku[] = {
NFSERR_SERVERFAULT,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADRANGE,
NFSERR_BADSEQID,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_LOCKRANGE,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_OLDSTATEID,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_lookup[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADXDR,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOTDIR,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_SYMLINK,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_lookupp[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_FHEXPIRED,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOTDIR,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_nverify[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_ATTRNOTSUPP,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_SAME,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_open[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_ATTRNOTSUPP,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADOWNER,
NFSERR_BADSEQID,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_EXIST,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_IO,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOGRACE,
NFSERR_NOSPC,
NFSERR_NOTDIR,
NFSERR_NOTSUPP,
NFSERR_PERM,
NFSERR_RECLAIMBAD,
NFSERR_RECLAIMCONFLICT,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_SHAREDENIED,
NFSERR_STALE,
NFSERR_STALECLIENTID,
NFSERR_SYMLINK,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_openattr[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_FHEXPIRED,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOSPC,
NFSERR_NOTSUPP,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_openconfirm[] = {
NFSERR_SERVERFAULT,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADSEQID,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_OLDSTATEID,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_opendowngrade[] = {
NFSERR_SERVERFAULT,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADSEQID,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_OLDSTATEID,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_putfh[] = {
NFSERR_SERVERFAULT,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_FHEXPIRED,
NFSERR_MOVED,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_putpubfh[] = {
NFSERR_SERVERFAULT,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_putrootfh[] = {
NFSERR_SERVERFAULT,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_read[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_EXPIRED,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_IO,
NFSERR_INVAL,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_LOCKED,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NXIO,
NFSERR_OLDSTATEID,
NFSERR_OPENMODE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_readdir[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_BAD_COOKIE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOTDIR,
NFSERR_NOTSAME,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_TOOSMALL,
0,
};
static short nfsv4err_readlink[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADHANDLE,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_ISDIR,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOTSUPP,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_remove[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_FILEOPEN,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOTDIR,
NFSERR_NOTEMPTY,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_rename[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_EXIST,
NFSERR_FHEXPIRED,
NFSERR_FILEOPEN,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOSPC,
NFSERR_NOTDIR,
NFSERR_NOTEMPTY,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_WRONGSEC,
NFSERR_XDEV,
0,
};
static short nfsv4err_renew[] = {
NFSERR_SERVERFAULT,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_BADXDR,
NFSERR_CBPATHDOWN,
NFSERR_EXPIRED,
NFSERR_LEASEMOVED,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALECLIENTID,
0,
};
static short nfsv4err_restorefh[] = {
NFSERR_SERVERFAULT,
NFSERR_BADHANDLE,
NFSERR_FHEXPIRED,
NFSERR_MOVED,
NFSERR_RESOURCE,
NFSERR_RESTOREFH,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_savefh[] = {
NFSERR_SERVERFAULT,
NFSERR_BADHANDLE,
NFSERR_FHEXPIRED,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_secinfo[] = {
NFSERR_SERVERFAULT,
NFSERR_ACCES,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADNAME,
NFSERR_BADXDR,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_MOVED,
NFSERR_NAMETOL,
NFSERR_NOENT,
NFSERR_NOFILEHANDLE,
NFSERR_NOTDIR,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_setattr[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_ATTRNOTSUPP,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADOWNER,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_EXPIRED,
NFSERR_FBIG,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_ISDIR,
NFSERR_LOCKED,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOSPC,
NFSERR_OLDSTATEID,
NFSERR_OPENMODE,
NFSERR_PERM,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_setclientid[] = {
NFSERR_SERVERFAULT,
NFSERR_BADXDR,
NFSERR_CLIDINUSE,
NFSERR_INVAL,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_WRONGSEC,
0,
};
static short nfsv4err_setclientidconfirm[] = {
NFSERR_SERVERFAULT,
NFSERR_BADXDR,
NFSERR_CLIDINUSE,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALECLIENTID,
0,
};
static short nfsv4err_verify[] = {
NFSERR_SERVERFAULT,
NFSERR_ACCES,
NFSERR_ATTRNOTSUPP,
NFSERR_BADCHAR,
NFSERR_BADHANDLE,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_FHEXPIRED,
NFSERR_INVAL,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOTSAME,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALE,
0,
};
static short nfsv4err_write[] = {
NFSERR_IO,
NFSERR_ACCES,
NFSERR_ADMINREVOKED,
NFSERR_BADHANDLE,
NFSERR_BADSTATEID,
NFSERR_BADXDR,
NFSERR_DELAY,
NFSERR_DQUOT,
NFSERR_EXPIRED,
NFSERR_FBIG,
NFSERR_FHEXPIRED,
NFSERR_GRACE,
NFSERR_INVAL,
NFSERR_IO,
NFSERR_ISDIR,
NFSERR_LEASEMOVED,
NFSERR_LOCKED,
NFSERR_MOVED,
NFSERR_NOFILEHANDLE,
NFSERR_NOSPC,
NFSERR_NXIO,
NFSERR_OLDSTATEID,
NFSERR_OPENMODE,
NFSERR_RESOURCE,
NFSERR_ROFS,
NFSERR_SERVERFAULT,
NFSERR_STALE,
NFSERR_STALESTATEID,
0,
};
static short nfsv4err_releaselockowner[] = {
NFSERR_SERVERFAULT,
NFSERR_ADMINREVOKED,
NFSERR_BADXDR,
NFSERR_EXPIRED,
NFSERR_LEASEMOVED,
NFSERR_LOCKSHELD,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
NFSERR_STALECLIENTID,
0,
};
static short *nfsrv_v4errmap[] = {
nfsv4err_null,
nfsv4err_null,
nfsv4err_null,
nfsv4err_access,
nfsv4err_close,
nfsv4err_commit,
nfsv4err_create,
nfsv4err_delegpurge,
nfsv4err_delegreturn,
nfsv4err_getattr,
nfsv4err_getfh,
nfsv4err_link,
nfsv4err_lock,
nfsv4err_lockt,
nfsv4err_locku,
nfsv4err_lookup,
nfsv4err_lookupp,
nfsv4err_nverify,
nfsv4err_open,
nfsv4err_openattr,
nfsv4err_openconfirm,
nfsv4err_opendowngrade,
nfsv4err_putfh,
nfsv4err_putpubfh,
nfsv4err_putrootfh,
nfsv4err_read,
nfsv4err_readdir,
nfsv4err_readlink,
nfsv4err_remove,
nfsv4err_rename,
nfsv4err_renew,
nfsv4err_restorefh,
nfsv4err_savefh,
nfsv4err_secinfo,
nfsv4err_setattr,
nfsv4err_setclientid,
nfsv4err_setclientidconfirm,
nfsv4err_verify,
nfsv4err_write,
nfsv4err_releaselockowner,
};
/*
* Trim tlen bytes off the end of the mbuf list and then ensure
* the end of the last mbuf is nul filled to a long boundary,
* as indicated by the value of "nul".
* Return the last mbuf in the updated list and free and mbufs
* that follow it in the original list.
* This is somewhat different than the old nfsrv_adj() with
* support for ext_pgs mbufs. It frees the remaining mbufs
* instead of setting them 0 length, since lists of ext_pgs
* mbufs are all expected to be non-empty.
*/
struct mbuf *
nfsrv_adj(struct mbuf *mp, int len, int nul)
{
struct mbuf *m, *m2;
struct mbuf_ext_pgs *pgs;
vm_page_t pg;
int i, lastlen, pgno, plen, tlen, trim;
uint16_t off;
char *cp;
/*
* Find the last mbuf after adjustment and
* how much it needs to be adjusted by.
*/
tlen = 0;
m = mp;
for (;;) {
tlen += m->m_len;
if (m->m_next == NULL)
break;
m = m->m_next;
}
/* m is now the last mbuf and tlen the total length. */
if (len >= m->m_len) {
/* Need to trim away the last mbuf(s). */
i = tlen - len;
m = mp;
for (;;) {
if (m->m_len >= i)
break;
i -= m->m_len;
m = m->m_next;
}
lastlen = i;
} else
lastlen = m->m_len - len;
/* Adjust the last mbuf. */
if ((m->m_flags & M_NOMAP) != 0) {
pgs = m->m_ext.ext_pgs;
pgno = pgs->npgs - 1;
off = (pgno == 0) ? pgs->first_pg_off : 0;
plen = mbuf_ext_pg_len(pgs, pgno, off);
if (m->m_len > lastlen) {
/* Trim this mbuf. */
trim = m->m_len - lastlen;
while (trim >= plen) {
/* Free page. */
pg = PHYS_TO_VM_PAGE(pgs->pa[pgno]);
vm_page_unwire_noq(pg);
vm_page_free(pg);
trim -= plen;
pgs->npgs--;
pgno--;
off = (pgno == 0) ? pgs->first_pg_off : 0;
plen = mbuf_ext_pg_len(pgs, pgno, off);
}
plen -= trim;
pgs->last_pg_len = plen;
m->m_len = lastlen;
}
cp = (char *)(void *)PHYS_TO_DMAP(pgs->pa[pgno]);
cp += off + plen - nul;
} else {
m->m_len = lastlen;
cp = mtod(m, char *) + m->m_len - nul;
}
/* Write the nul bytes. */
for (i = 0; i < nul; i++)
*cp++ = '\0';
/* Free up any mbufs past "m". */
m2 = m->m_next;
m->m_next = NULL;
if (m2 != NULL)
m_freem(m2);
return (m);
}
/*
* Make these functions instead of macros, so that the kernel text size
* doesn't get too big...
*/
APPLESTATIC void
nfsrv_wcc(struct nfsrv_descript *nd, int before_ret,
struct nfsvattr *before_nvap, int after_ret, struct nfsvattr *after_nvap)
{
u_int32_t *tl;
if (before_ret) {
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = newnfs_false;
} else {
NFSM_BUILD(tl, u_int32_t *, 7 * NFSX_UNSIGNED);
*tl++ = newnfs_true;
txdr_hyper(before_nvap->na_size, tl);
tl += 2;
txdr_nfsv3time(&(before_nvap->na_mtime), tl);
tl += 2;
txdr_nfsv3time(&(before_nvap->na_ctime), tl);
}
nfsrv_postopattr(nd, after_ret, after_nvap);
}
APPLESTATIC void
nfsrv_postopattr(struct nfsrv_descript *nd, int after_ret,
struct nfsvattr *after_nvap)
{
u_int32_t *tl;
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
if (after_ret)
*tl = newnfs_false;
else {
*tl = newnfs_true;
nfsrv_fillattr(nd, after_nvap);
}
}
/*
* Fill in file attributes for V2 and 3. For V4, call a separate
* routine that sifts through all the attribute bits.
*/
APPLESTATIC void
nfsrv_fillattr(struct nfsrv_descript *nd, struct nfsvattr *nvap)
{
struct nfs_fattr *fp;
int fattr_size;
/*
* Build space for the attribute structure.
*/
if (nd->nd_flag & ND_NFSV3)
fattr_size = NFSX_V3FATTR;
else
fattr_size = NFSX_V2FATTR;
NFSM_BUILD(fp, struct nfs_fattr *, fattr_size);
/*
* Now just fill it all in.
*/
fp->fa_nlink = txdr_unsigned(nvap->na_nlink);
fp->fa_uid = txdr_unsigned(nvap->na_uid);
fp->fa_gid = txdr_unsigned(nvap->na_gid);
if (nd->nd_flag & ND_NFSV3) {
fp->fa_type = vtonfsv34_type(nvap->na_type);
fp->fa_mode = vtonfsv34_mode(nvap->na_mode);
txdr_hyper(nvap->na_size, &fp->fa3_size);
txdr_hyper(nvap->na_bytes, &fp->fa3_used);
fp->fa3_rdev.specdata1 = txdr_unsigned(NFSMAJOR(nvap->na_rdev));
fp->fa3_rdev.specdata2 = txdr_unsigned(NFSMINOR(nvap->na_rdev));
fp->fa3_fsid.nfsuquad[0] = 0;
fp->fa3_fsid.nfsuquad[1] = txdr_unsigned(nvap->na_fsid);
txdr_hyper(nvap->na_fileid, &fp->fa3_fileid);
txdr_nfsv3time(&nvap->na_atime, &fp->fa3_atime);
txdr_nfsv3time(&nvap->na_mtime, &fp->fa3_mtime);
txdr_nfsv3time(&nvap->na_ctime, &fp->fa3_ctime);
} else {
fp->fa_type = vtonfsv2_type(nvap->na_type);
fp->fa_mode = vtonfsv2_mode(nvap->na_type, nvap->na_mode);
fp->fa2_size = txdr_unsigned(nvap->na_size);
fp->fa2_blocksize = txdr_unsigned(nvap->na_blocksize);
if (nvap->na_type == VFIFO)
fp->fa2_rdev = 0xffffffff;
else
fp->fa2_rdev = txdr_unsigned(nvap->na_rdev);
fp->fa2_blocks = txdr_unsigned(nvap->na_bytes / NFS_FABLKSIZE);
fp->fa2_fsid = txdr_unsigned(nvap->na_fsid);
fp->fa2_fileid = txdr_unsigned(nvap->na_fileid);
txdr_nfsv2time(&nvap->na_atime, &fp->fa2_atime);
txdr_nfsv2time(&nvap->na_mtime, &fp->fa2_mtime);
txdr_nfsv2time(&nvap->na_ctime, &fp->fa2_ctime);
}
}
/*
* This function gets a file handle out of an mbuf list.
* It returns 0 for success, EBADRPC otherwise.
* If sets the third flagp argument to 1 if the file handle is
* the public file handle.
* For NFSv4, if the length is incorrect, set nd_repstat == NFSERR_BADHANDLE
*/
APPLESTATIC int
nfsrv_mtofh(struct nfsrv_descript *nd, struct nfsrvfh *fhp)
{
u_int32_t *tl;
int error = 0, len, copylen;
if (nd->nd_flag & (ND_NFSV3 | ND_NFSV4)) {
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
len = fxdr_unsigned(int, *tl);
if (len == 0 && nfs_pubfhset && (nd->nd_flag & ND_NFSV3) &&
nd->nd_procnum == NFSPROC_LOOKUP) {
nd->nd_flag |= ND_PUBLOOKUP;
goto nfsmout;
}
copylen = len;
/* If len == NFSX_V4PNFSFH the RPC is a pNFS DS one. */
if (len == NFSX_V4PNFSFH && (nd->nd_flag & ND_NFSV41) != 0) {
copylen = NFSX_MYFH;
len = NFSM_RNDUP(len);
nd->nd_flag |= ND_DSSERVER;
} else if (len < NFSRV_MINFH || len > NFSRV_MAXFH) {
if (nd->nd_flag & ND_NFSV4) {
if (len > 0 && len <= NFSX_V4FHMAX) {
error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
if (error)
goto nfsmout;
nd->nd_repstat = NFSERR_BADHANDLE;
goto nfsmout;
} else {
error = EBADRPC;
goto nfsmout;
}
} else {
error = EBADRPC;
goto nfsmout;
}
}
} else {
/*
* For NFSv2, the file handle is always 32 bytes on the
* wire, but this server only cares about the first
* NFSRV_MAXFH bytes.
*/
len = NFSX_V2FH;
copylen = NFSRV_MAXFH;
}
NFSM_DISSECT(tl, u_int32_t *, len);
if ((nd->nd_flag & ND_NFSV2) && nfs_pubfhset &&
nd->nd_procnum == NFSPROC_LOOKUP &&
!NFSBCMP((caddr_t)tl, nfs_v2pubfh, NFSX_V2FH)) {
nd->nd_flag |= ND_PUBLOOKUP;
goto nfsmout;
}
NFSBCOPY(tl, (caddr_t)fhp->nfsrvfh_data, copylen);
fhp->nfsrvfh_len = copylen;
nfsmout:
NFSEXITCODE2(error, nd);
return (error);
}
/*
* Map errnos to NFS error numbers. For Version 3 and 4 also filter out error
* numbers not specified for the associated procedure.
* NFSPROC_NOOP is a special case, where the high order bits of nd_repstat
* should be cleared. NFSPROC_NOOP is used to return errors when a valid
* RPC procedure is not involved.
* Returns the error number in XDR.
*/
APPLESTATIC int
nfsd_errmap(struct nfsrv_descript *nd)
{
short *defaulterrp, *errp;
if (!nd->nd_repstat)
return (0);
if (nd->nd_flag & (ND_NFSV3 | ND_NFSV4)) {
if (nd->nd_procnum == NFSPROC_NOOP)
return (txdr_unsigned(nd->nd_repstat & 0xffff));
if (nd->nd_flag & ND_NFSV3)
errp = defaulterrp = nfsrv_v3errmap[nd->nd_procnum];
else if (nd->nd_repstat == EBADRPC)
return (txdr_unsigned(NFSERR_BADXDR));
else if (nd->nd_repstat == NFSERR_MINORVERMISMATCH ||
nd->nd_repstat == NFSERR_OPILLEGAL)
return (txdr_unsigned(nd->nd_repstat));
else if ((nd->nd_flag & ND_NFSV41) != 0) {
if (nd->nd_repstat == EOPNOTSUPP)
nd->nd_repstat = NFSERR_NOTSUPP;
nd->nd_repstat = nfsrv_isannfserr(nd->nd_repstat);
return (txdr_unsigned(nd->nd_repstat));
} else
errp = defaulterrp = nfsrv_v4errmap[nd->nd_procnum];
while (*++errp)
if (*errp == nd->nd_repstat)
return (txdr_unsigned(nd->nd_repstat));
return (txdr_unsigned(*defaulterrp));
}
if (nd->nd_repstat <= NFSERR_REMOTE)
return (txdr_unsigned(nfsrv_v2errmap[nd->nd_repstat - 1]));
return (txdr_unsigned(NFSERR_IO));
}
/*
* Check to see if the error is a valid NFS one. If not, replace it with
* NFSERR_IO.
*/
static u_int32_t
nfsrv_isannfserr(u_int32_t errval)
{
if (errval == NFSERR_OK)
return (errval);
if (errval >= NFSERR_BADHANDLE && errval <= NFSERR_MAXERRVAL)
return (errval);
if (errval > 0 && errval <= NFSERR_REMOTE)
return (nfsrv_v2errmap[errval - 1]);
return (NFSERR_IO);
}
/*
* Check to see if setting a uid/gid is permitted when creating a new
* file object. (Called when uid and/or gid is specified in the
* settable attributes for V4.
*/
APPLESTATIC int
nfsrv_checkuidgid(struct nfsrv_descript *nd, struct nfsvattr *nvap)
{
int error = 0;
/*
* If not setting either uid nor gid, it's OK.
*/
if (NFSVNO_NOTSETUID(nvap) && NFSVNO_NOTSETGID(nvap))
goto out;
if ((NFSVNO_ISSETUID(nvap) && nvap->na_uid == nfsrv_defaultuid &&
enable_nobodycheck == 1)
|| (NFSVNO_ISSETGID(nvap) && nvap->na_gid == nfsrv_defaultgid &&
enable_nogroupcheck == 1)) {
error = NFSERR_BADOWNER;
goto out;
}
if (nd->nd_cred->cr_uid == 0)
goto out;
if ((NFSVNO_ISSETUID(nvap) && nvap->na_uid != nd->nd_cred->cr_uid) ||
(NFSVNO_ISSETGID(nvap) && nvap->na_gid != nd->nd_cred->cr_gid &&
!groupmember(nvap->na_gid, nd->nd_cred)))
error = NFSERR_PERM;
out:
NFSEXITCODE2(error, nd);
return (error);
}
/*
* and this routine fixes up the settable attributes for V4 if allowed
* by nfsrv_checkuidgid().
*/
APPLESTATIC void
nfsrv_fixattr(struct nfsrv_descript *nd, vnode_t vp,
struct nfsvattr *nvap, NFSACL_T *aclp, NFSPROC_T *p, nfsattrbit_t *attrbitp,
struct nfsexstuff *exp)
{
int change = 0;
struct nfsvattr nva;
uid_t tuid;
int error;
nfsattrbit_t nattrbits;
/*
* Maybe this should be done for V2 and 3 but it never has been
* and nobody seems to be upset, so I think it's best not to change
* the V2 and 3 semantics.
*/
if ((nd->nd_flag & ND_NFSV4) == 0)
goto out;
NFSVNO_ATTRINIT(&nva);
NFSZERO_ATTRBIT(&nattrbits);
tuid = nd->nd_cred->cr_uid;
if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNER) &&
NFSVNO_ISSETUID(nvap) &&
nvap->na_uid != nd->nd_cred->cr_uid) {
if (nd->nd_cred->cr_uid == 0) {
nva.na_uid = nvap->na_uid;
change++;
NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_OWNER);
} else {
NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_OWNER);
}
}
if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEACCESSSET) &&
NFSVNO_ISSETATIME(nvap)) {
nva.na_atime = nvap->na_atime;
change++;
NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_TIMEACCESSSET);
}
if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEMODIFYSET) &&
NFSVNO_ISSETMTIME(nvap)) {
nva.na_mtime = nvap->na_mtime;
change++;
NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_TIMEMODIFYSET);
}
if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNERGROUP) &&
NFSVNO_ISSETGID(nvap)) {
if (nvap->na_gid == nd->nd_cred->cr_gid ||
groupmember(nvap->na_gid, nd->nd_cred)) {
nd->nd_cred->cr_uid = 0;
nva.na_gid = nvap->na_gid;
change++;
NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_OWNERGROUP);
} else {
NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_OWNERGROUP);
}
}
if (change) {
error = nfsvno_setattr(vp, &nva, nd->nd_cred, p, exp);
if (error) {
NFSCLRALL_ATTRBIT(attrbitp, &nattrbits);
}
}
if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SIZE) &&
NFSVNO_ISSETSIZE(nvap) && nvap->na_size != (u_quad_t)0) {
NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_SIZE);
}
#ifdef NFS4_ACL_EXTATTR_NAME
if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_ACL) &&
nfsrv_useacl != 0 && aclp != NULL) {
if (aclp->acl_cnt > 0) {
error = nfsrv_setacl(vp, aclp, nd->nd_cred, p);
if (error) {
NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_ACL);
}
}
} else
#endif
NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_ACL);
nd->nd_cred->cr_uid = tuid;
out:
NFSEXITCODE2(0, nd);
}
/*
* Translate an ASCII hex digit to it's binary value. Return -1 if the
* char isn't a hex digit.
*/
static char
nfsrv_hexdigit(char c, int *err)
{
*err = 0;
if (c >= '0' && c <= '9')
return (c - '0');
if (c >= 'a' && c <= 'f')
return (c - 'a' + ((char)10));
if (c >= 'A' && c <= 'F')
return (c - 'A' + ((char)10));
/* Not valid ! */
*err = 1;
return (1); /* BOGUS */
}
/*
* Check to see if NFSERR_MOVED can be returned for this op. Return 1 iff
* it can be.
*/
APPLESTATIC int
nfsrv_errmoved(int op)
{
short *errp;
errp = nfsrv_v4errmap[op];
while (*errp != 0) {
if (*errp == NFSERR_MOVED)
return (1);
errp++;
}
return (0);
}
/*
* Fill in attributes for a Referral.
* (Return the number of bytes of XDR created.)
*/
APPLESTATIC int
nfsrv_putreferralattr(struct nfsrv_descript *nd, nfsattrbit_t *retbitp,
struct nfsreferral *refp, int getattr, int *reterrp)
{
u_int32_t *tl, *retnump;
u_char *cp, *cp2;
int prefixnum, retnum = 0, i, len, bitpos, rderrbit = 0, nonrefbit = 0;
int fslocationsbit = 0;
nfsattrbit_t tmpbits, refbits;
NFSREFERRAL_ATTRBIT(&refbits);
if (getattr)
NFSCLRBIT_ATTRBIT(&refbits, NFSATTRBIT_RDATTRERROR);
else if (NFSISSET_ATTRBIT(retbitp, NFSATTRBIT_RDATTRERROR))
rderrbit = 1;
if (NFSISSET_ATTRBIT(retbitp, NFSATTRBIT_FSLOCATIONS))
fslocationsbit = 1;
/*
* Check for the case where unsupported referral attributes are
* requested.
*/
NFSSET_ATTRBIT(&tmpbits, retbitp);
NFSCLRALL_ATTRBIT(&tmpbits, &refbits);
if (NFSNONZERO_ATTRBIT(&tmpbits))
nonrefbit = 1;
if (nonrefbit && !fslocationsbit && (getattr || !rderrbit)) {
*reterrp = NFSERR_MOVED;
return (0);
}
/*
* Now we can fill in the attributes.
*/
NFSSET_ATTRBIT(&tmpbits, retbitp);
NFSCLRNOT_ATTRBIT(&tmpbits, &refbits);
/*
* Put out the attribute bitmap for the ones being filled in
* and get the field for the number of attributes returned.
*/
prefixnum = nfsrv_putattrbit(nd, &tmpbits);
NFSM_BUILD(retnump, u_int32_t *, NFSX_UNSIGNED);
prefixnum += NFSX_UNSIGNED;
/*
* Now, loop around filling in the attributes for each bit set.
*/
for (bitpos = 0; bitpos < NFSATTRBIT_MAX; bitpos++) {
if (NFSISSET_ATTRBIT(&tmpbits, bitpos)) {
switch (bitpos) {
case NFSATTRBIT_TYPE:
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(NFDIR);
retnum += NFSX_UNSIGNED;
break;
case NFSATTRBIT_FSID:
NFSM_BUILD(tl, u_int32_t *, NFSX_V4FSID);
*tl++ = 0;
*tl++ = txdr_unsigned(NFSV4ROOT_FSID0);
*tl++ = 0;
*tl = txdr_unsigned(NFSV4ROOT_REFERRAL);
retnum += NFSX_V4FSID;
break;
case NFSATTRBIT_RDATTRERROR:
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
if (nonrefbit)
*tl = txdr_unsigned(NFSERR_MOVED);
else
*tl = 0;
retnum += NFSX_UNSIGNED;
break;
case NFSATTRBIT_FSLOCATIONS:
retnum += nfsm_strtom(nd, "/", 1);
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(refp->nfr_srvcnt);
retnum += NFSX_UNSIGNED;
cp = refp->nfr_srvlist;
for (i = 0; i < refp->nfr_srvcnt; i++) {
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(1);
retnum += NFSX_UNSIGNED;
cp2 = STRCHR(cp, ':');
if (cp2 != NULL)
len = cp2 - cp;
else
len = 1;
retnum += nfsm_strtom(nd, cp, len);
if (cp2 != NULL)
cp = cp2 + 1;
cp2 = STRCHR(cp, ',');
if (cp2 != NULL)
len = cp2 - cp;
else
len = strlen(cp);
retnum += nfsm_strtom(nd, cp, len);
if (cp2 != NULL)
cp = cp2 + 1;
}
break;
case NFSATTRBIT_MOUNTEDONFILEID:
NFSM_BUILD(tl, u_int32_t *, NFSX_HYPER);
txdr_hyper(refp->nfr_dfileno, tl);
retnum += NFSX_HYPER;
break;
default:
printf("EEK! Bad V4 refattr bitpos=%d\n", bitpos);
}
}
}
*retnump = txdr_unsigned(retnum);
return (retnum + prefixnum);
}
/*
* Parse a file name out of a request.
*/
APPLESTATIC int
nfsrv_parsename(struct nfsrv_descript *nd, char *bufp, u_long *hashp,
NFSPATHLEN_T *outlenp)
{
struct mbuf_ext_pgs *pgs;
vm_page_t pg;
char *fromcp, *tocp, val = '\0';
int i;
int rem, len, error = 0, pubtype = 0, outlen = 0, percent = 0;
char digit;
u_int32_t *tl;
u_long hash = 0;
if (hashp != NULL)
*hashp = 0;
tocp = bufp;
/*
* For V4, check for lookup parent.
* Otherwise, get the component name.
*/
if ((nd->nd_flag & ND_NFSV4) && nd->nd_procnum == NFSV4OP_LOOKUPP) {
*tocp++ = '.';
hash += ((u_char)'.');
*tocp++ = '.';
hash += ((u_char)'.');
outlen = 2;
} else {
/*
* First, get the name length.
*/
NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
len = fxdr_unsigned(int, *tl);
if (len > NFS_MAXNAMLEN) {
nd->nd_repstat = NFSERR_NAMETOL;
error = 0;
goto nfsmout;
} else if (len <= 0) {
nd->nd_repstat = NFSERR_INVAL;
error = 0;
goto nfsmout;
}
/*
* Now, copy the component name into the buffer.
*/
fromcp = nd->nd_dpos;
if ((nd->nd_md->m_flags & M_NOMAP) != 0)
rem = nd->nd_dextpgsiz;
else
rem = mtod(nd->nd_md, char *) + nd->nd_md->m_len -
fromcp;
for (i = 0; i < len; i++) {
while (rem == 0) {
if ((nd->nd_md->m_flags & M_NOMAP) != 0 &&
nd->nd_dextpg <
nd->nd_md->m_ext.ext_pgs->npgs - 1) {
pgs = nd->nd_md->m_ext.ext_pgs;
pg = PHYS_TO_VM_PAGE(
pgs->pa[nd->nd_dextpg]);
vm_page_unwire_noq(pg);
vm_page_free(pg);
for (i = nd->nd_bextpg;
i < pgs->npgs - 1; i++)
pgs->pa[i] = pgs->pa[i + 1];
pgs->npgs--;
if (nd->nd_dextpg == 0)
pgs->first_pg_off = 0;
fromcp = nd->nd_dpos = (char *)(void *)
PHYS_TO_DMAP(
pgs->pa[nd->nd_dextpg]);
rem = nd->nd_dextpgsiz =
mbuf_ext_pg_len(pgs, nd->nd_dextpg,
0);
} else {
if (!nfsm_shiftnext(nd, &rem)) {
error = EBADRPC;
goto nfsmout;
}
fromcp = nd->nd_dpos;
}
}
if (*fromcp == '\0') {
nd->nd_repstat = EACCES;
error = 0;
goto nfsmout;
}
/*
* For lookups on the public filehandle, do some special
* processing on the name. (The public file handle is the
* root of the public file system for this server.)
*/
if (nd->nd_flag & ND_PUBLOOKUP) {
/*
* If the first char is ASCII, it is a canonical
* path, otherwise it is a native path. (RFC2054
* doesn't actually state what it is if the first
* char isn't ASCII or 0x80, so I assume native.)
* pubtype == 1 -> native path
* pubtype == 2 -> canonical path
*/
if (i == 0) {
if (*fromcp & 0x80) {
/*
* Since RFC2054 doesn't indicate
* that a native path of just 0x80
* isn't allowed, I'll replace the
* 0x80 with '/' instead of just
* throwing it away.
*/
*fromcp = '/';
pubtype = 1;
} else {
pubtype = 2;
}
}
/*
* '/' only allowed in a native path
*/
if (*fromcp == '/' && pubtype != 1) {
nd->nd_repstat = EACCES;
error = 0;
goto nfsmout;
}
/*
* For the special case of 2 hex digits after a
* '%' in an absolute path, calculate the value.
* percent == 1 -> indicates "get first hex digit"
* percent == 2 -> indicates "get second hex digit"
*/
if (percent > 0) {
digit = nfsrv_hexdigit(*fromcp, &error);
if (error) {
nd->nd_repstat = EACCES;
error = 0;
goto nfsmout;
}
if (percent == 1) {
val = (digit << 4);
percent = 2;
} else {
val += digit;
percent = 0;
*tocp++ = val;
hash += ((u_char)val);
outlen++;
}
} else {
if (*fromcp == '%' && pubtype == 2) {
/*
* Must be followed by 2 hex digits
*/
if ((len - i) < 3) {
nd->nd_repstat = EACCES;
error = 0;
goto nfsmout;
}
percent = 1;
} else {
*tocp++ = *fromcp;
hash += ((u_char)*fromcp);
outlen++;
}
}
} else {
/*
* Normal, non lookup on public, name.
*/
if (*fromcp == '/') {
if (nd->nd_flag & ND_NFSV4)
nd->nd_repstat = NFSERR_BADNAME;
else
nd->nd_repstat = EACCES;
error = 0;
goto nfsmout;
}
hash += ((u_char)*fromcp);
*tocp++ = *fromcp;
outlen++;
}
fromcp++;
rem--;
}
nd->nd_dpos = fromcp;
i = NFSM_RNDUP(len) - len;
if (i > 0) {
error = nfsm_advance(nd, i, rem);
if (error)
goto nfsmout;
}
/*
* For v4, don't allow lookups of '.' or '..' and
* also check for non-utf8 strings.
*/
if (nd->nd_flag & ND_NFSV4) {
if ((outlen == 1 && bufp[0] == '.') ||
(outlen == 2 && bufp[0] == '.' &&
bufp[1] == '.')) {
nd->nd_repstat = NFSERR_BADNAME;
error = 0;
goto nfsmout;
}
if (enable_checkutf8 == 1 &&
nfsrv_checkutf8((u_int8_t *)bufp, outlen)) {
nd->nd_repstat = NFSERR_INVAL;
error = 0;
goto nfsmout;
}
}
}
*tocp = '\0';
*outlenp = (size_t)outlen;
if (hashp != NULL)
*hashp = hash;
nfsmout:
NFSEXITCODE2(error, nd);
return (error);
}
void
nfsd_init(void)
{
int i;
static int inited = 0;
if (inited)
return;
inited = 1;
/*
* Initialize client queues. Don't free/reinitialize
* them when nfsds are restarted.
*/
nfsclienthash = malloc(sizeof(struct nfsclienthashhead) *
nfsrv_clienthashsize, M_NFSDCLIENT, M_WAITOK | M_ZERO);
for (i = 0; i < nfsrv_clienthashsize; i++)
LIST_INIT(&nfsclienthash[i]);
nfslockhash = malloc(sizeof(struct nfslockhashhead) *
nfsrv_lockhashsize, M_NFSDLOCKFILE, M_WAITOK | M_ZERO);
for (i = 0; i < nfsrv_lockhashsize; i++)
LIST_INIT(&nfslockhash[i]);
nfssessionhash = malloc(sizeof(struct nfssessionhash) *
nfsrv_sessionhashsize, M_NFSDSESSION, M_WAITOK | M_ZERO);
for (i = 0; i < nfsrv_sessionhashsize; i++) {
mtx_init(&nfssessionhash[i].mtx, "nfssm", NULL, MTX_DEF);
LIST_INIT(&nfssessionhash[i].list);
}
LIST_INIT(&nfsrv_dontlisthead);
TAILQ_INIT(&nfsrv_recalllisthead);
/* and the v2 pubfh should be all zeros */
NFSBZERO(nfs_v2pubfh, NFSX_V2FH);
}
/*
* Check the v4 root exports.
* Return 0 if ok, 1 otherwise.
*/
int
nfsd_checkrootexp(struct nfsrv_descript *nd)
{
if ((nd->nd_flag & (ND_GSS | ND_EXAUTHSYS)) == ND_EXAUTHSYS)
goto checktls;
if ((nd->nd_flag & (ND_GSSINTEGRITY | ND_EXGSSINTEGRITY)) ==
(ND_GSSINTEGRITY | ND_EXGSSINTEGRITY))
goto checktls;
if ((nd->nd_flag & (ND_GSSPRIVACY | ND_EXGSSPRIVACY)) ==
(ND_GSSPRIVACY | ND_EXGSSPRIVACY))
goto checktls;
if ((nd->nd_flag & (ND_GSS | ND_GSSINTEGRITY | ND_GSSPRIVACY |
ND_EXGSS)) == (ND_GSS | ND_EXGSS))
goto checktls;
return (1);
checktls:
if ((nd->nd_flag & ND_EXTLS) == 0)
return (0);
- if ((nd->nd_flag & (ND_TLSCNUSER | ND_EXTLSCNUSER)) ==
- (ND_TLSCNUSER | ND_EXTLSCNUSER))
+ if ((nd->nd_flag & (ND_TLSCERTUSER | ND_EXTLSCERTUSER)) ==
+ (ND_TLSCERTUSER | ND_EXTLSCERTUSER))
return (0);
- if ((nd->nd_flag & (ND_TLSCERT | ND_EXTLSCERT | ND_EXTLSCNUSER)) ==
+ if ((nd->nd_flag & (ND_TLSCERT | ND_EXTLSCERT | ND_EXTLSCERTUSER)) ==
(ND_TLSCERT | ND_EXTLSCERT))
return (0);
- if ((nd->nd_flag & (ND_TLS | ND_EXTLSCNUSER | ND_EXTLSCERT)) ==
+ if ((nd->nd_flag & (ND_TLS | ND_EXTLSCERTUSER | ND_EXTLSCERT)) ==
ND_TLS)
return (0);
return (1);
}
/*
* Parse the first part of an NFSv4 compound to find out what the minor
* version# is.
*/
void
nfsd_getminorvers(struct nfsrv_descript *nd, u_char *tag, u_char **tagstrp,
int *taglenp, u_int32_t *minversp)
{
uint32_t *tl;
int error = 0, taglen = -1;
u_char *tagstr = NULL;
NFSM_DISSECT(tl, uint32_t *, NFSX_UNSIGNED);
taglen = fxdr_unsigned(int, *tl);
if (taglen < 0 || taglen > NFSV4_OPAQUELIMIT) {
error = EBADRPC;
goto nfsmout;
}
if (taglen <= NFSV4_SMALLSTR)
tagstr = tag;
else
tagstr = malloc(taglen + 1, M_TEMP, M_WAITOK);
error = nfsrv_mtostr(nd, tagstr, taglen);
if (error != 0)
goto nfsmout;
NFSM_DISSECT(tl, uint32_t *, NFSX_UNSIGNED);
*minversp = fxdr_unsigned(u_int32_t, *tl);
*tagstrp = tagstr;
if (*minversp == NFSV41_MINORVERSION)
nd->nd_flag |= ND_NFSV41;
else if (*minversp == NFSV42_MINORVERSION)
nd->nd_flag |= (ND_NFSV41 | ND_NFSV42);
nfsmout:
if (error != 0) {
if (tagstr != NULL && taglen > NFSV4_SMALLSTR)
free(tagstr, M_TEMP);
taglen = -1;
}
*taglenp = taglen;
}
Index: projects/nfs-over-tls/sys/rpc/rpcsec_tls/rpctls_impl.c
===================================================================
--- projects/nfs-over-tls/sys/rpc/rpcsec_tls/rpctls_impl.c (revision 359683)
+++ projects/nfs-over-tls/sys/rpc/rpcsec_tls/rpctls_impl.c (revision 359684)
@@ -1,576 +1,576 @@
/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2008 Isilon Inc http://www.isilon.com/
* Authors: Doug Rabson <dfr@rabson.org>
* Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* Modified from the kernel GSSAPI code for RPC-over-TLS. */
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include "opt_kern_tls.h"
#include <sys/param.h>
#include <sys/capsicum.h>
#include <sys/file.h>
#include <sys/filedesc.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/mutex.h>
#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/socketvar.h>
#include <sys/syscall.h>
#include <sys/syscallsubr.h>
#include <sys/sysent.h>
#include <sys/sysproto.h>
#include <rpc/rpc.h>
#include <rpc/rpc_com.h>
#include <rpc/rpcsec_tls.h>
#include <vm/vm.h>
#include <vm/pmap.h>
#include <vm/vm_param.h>
#include "rpctlscd.h"
#include "rpctlssd.h"
extern struct fileops badfileops;
/*
* Syscall hooks
*/
static struct syscall_helper_data rpctls_syscalls[] = {
SYSCALL_INIT_HELPER(gssd_syscall),
SYSCALL_INIT_LAST
};
#ifdef notnow
struct rpctls_syscall_args {
char op_l_[PADL_(int)]; int op; char op_r_[PADR_(int)];
char path_l_[PADL_(const char *)]; const char * path; char path_r_[PADR_(const char *)];
char s_l_[PADL_(int)]; int s; char s_r_[PADR_(int)];
};
#endif
static CLIENT *rpctls_connect_handle;
static struct mtx rpctls_connect_lock;
static struct socket *rpctls_connect_so = NULL;
static CLIENT *rpctls_server_handle;
static struct mtx rpctls_server_lock;
static struct socket *rpctls_server_so = NULL;
static struct opaque_auth rpctls_null_verf;
static CLIENT *rpctls_connect_client(void);
static CLIENT *rpctls_server_client(void);
static enum clnt_stat rpctls_server(struct socket *so,
uint32_t *flags, uint64_t *sslp,
uid_t *uid, int *ngrps, gid_t **gids);
static void
rpctls_init(void *dummy)
{
int error;
error = syscall_helper_register(rpctls_syscalls, SY_THR_STATIC_KLD);
if (error != 0)
printf("rpctls_init: cannot register syscall\n");
mtx_init(&rpctls_connect_lock, "rpctls_connect_lock", NULL,
MTX_DEF);
mtx_init(&rpctls_server_lock, "rpctls_server_lock", NULL,
MTX_DEF);
rpctls_null_verf.oa_flavor = AUTH_NULL;
rpctls_null_verf.oa_base = RPCTLS_START_STRING;
rpctls_null_verf.oa_length = strlen(RPCTLS_START_STRING);
}
SYSINIT(rpctls_init, SI_SUB_KMEM, SI_ORDER_ANY, rpctls_init, NULL);
int
sys_gssd_syscall(struct thread *td, struct gssd_syscall_args *uap)
{
struct sockaddr_un sun;
struct netconfig *nconf;
struct file *fp;
struct socket *so;
char path[MAXPATHLEN], *pathp;
int fd = -1, error, retry_count = 5;
CLIENT *cl, *oldcl;
bool ssd;
printf("in gssd syscall\n");
error = priv_check(td, PRIV_NFS_DAEMON);
printf("aft priv_check=%d\n", error);
if (error != 0)
return (error);
#ifdef notyet
switch (uap->op) {
case RPCTLS_SYSC_SETPATH:
#else
error = copyinstr(uap->path, path, sizeof(path), NULL);
printf("setting err=%d path=%s\n", error, path);
if (error != 0)
return (error);
if (path[0] == 'S') {
ssd = true;
pathp = &path[1];
} else {
ssd = false;
pathp = &path[0];
}
if (pathp[0] == '/' || pathp[0] == '\0') {
#endif
if (ssd) {
if (error == 0 && strlen(pathp) + 1 > sizeof(sun.sun_path))
error = EINVAL;
if (error == 0 && pathp[0] != '\0') {
sun.sun_family = AF_LOCAL;
strlcpy(sun.sun_path, pathp, sizeof(sun.sun_path));
sun.sun_len = SUN_LEN(&sun);
nconf = getnetconfigent("local");
cl = clnt_reconnect_create(nconf,
(struct sockaddr *)&sun, RPCTLSSD, RPCTLSSDVERS,
RPC_MAXDATASIZE, RPC_MAXDATASIZE);
printf("got cl=%p\n", cl);
/*
* The number of retries defaults to INT_MAX, which
* effectively means an infinite, uninterruptable loop.
* Limiting it to five retries keeps it from running
* forever.
*/
if (cl != NULL)
CLNT_CONTROL(cl, CLSET_RETRIES, &retry_count);
} else
cl = NULL;
mtx_lock(&rpctls_server_lock);
oldcl = rpctls_server_handle;
rpctls_server_handle = cl;
mtx_unlock(&rpctls_server_lock);
printf("cl=%p oldcl=%p\n", cl, oldcl);
if (oldcl != NULL) {
CLNT_CLOSE(oldcl);
CLNT_RELEASE(oldcl);
}
} else {
if (error == 0 && strlen(pathp) + 1 > sizeof(sun.sun_path))
error = EINVAL;
if (error == 0 && pathp[0] != '\0') {
sun.sun_family = AF_LOCAL;
strlcpy(sun.sun_path, pathp, sizeof(sun.sun_path));
sun.sun_len = SUN_LEN(&sun);
nconf = getnetconfigent("local");
cl = clnt_reconnect_create(nconf,
(struct sockaddr *)&sun, RPCTLSCD, RPCTLSCDVERS,
RPC_MAXDATASIZE, RPC_MAXDATASIZE);
printf("got cl=%p\n", cl);
/*
* The number of retries defaults to INT_MAX, which
* effectively means an infinite, uninterruptable loop.
* Limiting it to five retries keeps it from running
* forever.
*/
if (cl != NULL)
CLNT_CONTROL(cl, CLSET_RETRIES, &retry_count);
} else
cl = NULL;
mtx_lock(&rpctls_connect_lock);
oldcl = rpctls_connect_handle;
rpctls_connect_handle = cl;
mtx_unlock(&rpctls_connect_lock);
printf("cl=%p oldcl=%p\n", cl, oldcl);
if (oldcl != NULL) {
CLNT_CLOSE(oldcl);
CLNT_RELEASE(oldcl);
}
}
} else if (path[0] == 'C') {
printf("In connect\n");
error = EINVAL;
#ifdef KERN_TLS
if (PMAP_HAS_DMAP != 0)
error = 0;
#endif
if (error == 0)
error = falloc(td, &fp, &fd, 0);
if (error == 0) {
printf("falloc=%d fd=%d\n", error, fd);
mtx_lock(&rpctls_connect_lock);
so = rpctls_connect_so;
rpctls_connect_so = NULL;
mtx_unlock(&rpctls_connect_lock);
finit(fp, FREAD | FWRITE, DTYPE_SOCKET, so, &socketops);
td->td_retval[0] = fd;
}
printf("returning=%d\n", fd);
} else if (path[0] == 'E') {
printf("In srvconnect\n");
error = EINVAL;
#ifdef KERN_TLS
if (PMAP_HAS_DMAP != 0)
error = 0;
#endif
if (error == 0)
error = falloc(td, &fp, &fd, 0);
if (error == 0) {
printf("srv falloc=%d fd=%d\n", error, fd);
mtx_lock(&rpctls_server_lock);
so = rpctls_server_so;
rpctls_server_so = NULL;
mtx_unlock(&rpctls_server_lock);
finit(fp, FREAD | FWRITE, DTYPE_SOCKET, so, &socketops);
td->td_retval[0] = fd;
}
printf("srv returning=%d\n", fd);
} else if (path[0] == 'F') {
printf("In EOserver\n");
fd = strtol(&path[1], NULL, 10);
printf("srv fd=%d\n", fd);
if (fd >= 0) {
error = kern_close(td, fd);
printf("srv aft kern_close=%d\n", error);
} else {
printf("rpctlss fd negative\n");
error = EINVAL;
}
}
return (error);
}
/*
* Acquire the rpctls_connect_handle and return it with a reference count,
* if it is available.
*/
static CLIENT *
rpctls_connect_client(void)
{
CLIENT *cl;
mtx_lock(&rpctls_connect_lock);
cl = rpctls_connect_handle;
if (cl != NULL)
CLNT_ACQUIRE(cl);
mtx_unlock(&rpctls_connect_lock);
return (cl);
}
/*
* Acquire the rpctls_server_handle and return it with a reference count,
* if it is available.
*/
static CLIENT *
rpctls_server_client(void)
{
CLIENT *cl;
mtx_lock(&rpctls_server_lock);
cl = rpctls_server_handle;
if (cl != NULL)
CLNT_ACQUIRE(cl);
mtx_unlock(&rpctls_server_lock);
return (cl);
}
/* Do an upcall for a new socket connect using TLS. */
enum clnt_stat
rpctls_connect(CLIENT *newclient, struct socket *so, uint64_t *sslp)
{
struct rpctlscd_connect_res res;
struct rpc_callextra ext;
struct timeval utimeout;
enum clnt_stat stat;
CLIENT *cl;
int val;
static bool rpctls_connect_busy = false;
printf("In rpctls_connect\n");
cl = rpctls_connect_client();
printf("connect_client=%p\n", cl);
if (cl == NULL)
return (RPC_AUTHERROR);
/* First, do the AUTH_TLS NULL RPC. */
memset(&ext, 0, sizeof(ext));
utimeout.tv_sec = 30;
utimeout.tv_usec = 0;
ext.rc_auth = authtls_create();
printf("authtls=%p\n", ext.rc_auth);
stat = clnt_call_private(newclient, &ext, NULLPROC, (xdrproc_t)xdr_void,
NULL, (xdrproc_t)xdr_void, NULL, utimeout);
printf("aft NULLRPC=%d\n", stat);
AUTH_DESTROY(ext.rc_auth);
if (stat == RPC_AUTHERROR)
return (stat);
if (stat != RPC_SUCCESS)
return (RPC_SYSTEMERROR);
/* Serialize the connect upcalls. */
mtx_lock(&rpctls_connect_lock);
while (rpctls_connect_busy)
msleep(&rpctls_connect_busy, &rpctls_connect_lock, PVFS,
"rtlscn", 0);
rpctls_connect_busy = true;
rpctls_connect_so = so;
mtx_unlock(&rpctls_connect_lock);
printf("rpctls_conect so=%p\n", so);
/* Temporarily block reception during the handshake upcall. */
val = 1;
CLNT_CONTROL(newclient, CLSET_BLOCKRCV, &val);
/* Do the connect handshake upcall. */
stat = rpctlscd_connect_1(NULL, &res, cl);
printf("aft connect upcall=%d\n", stat);
if (stat == RPC_SUCCESS) {
*sslp++ = res.sec;
*sslp++ = res.usec;
*sslp = res.ssl;
}
CLNT_RELEASE(cl);
/* Unblock reception. */
val = 0;
CLNT_CONTROL(newclient, CLSET_BLOCKRCV, &val);
/* Once the upcall is done, the daemon is done with the fp and so. */
mtx_lock(&rpctls_connect_lock);
rpctls_connect_so = NULL;
rpctls_connect_busy = false;
wakeup(&rpctls_connect_busy);
mtx_unlock(&rpctls_connect_lock);
printf("aft wakeup\n");
return (stat);
}
/* Do an upcall to shut down a socket using TLS. */
enum clnt_stat
rpctls_cl_disconnect(uint64_t sec, uint64_t usec, uint64_t ssl)
{
struct rpctlscd_disconnect_arg arg;
enum clnt_stat stat;
CLIENT *cl;
printf("In rpctls_cl_disconnect\n");
cl = rpctls_connect_client();
printf("disconnect_client=%p\n", cl);
if (cl == NULL)
return (RPC_FAILED);
/* Do the disconnect upcall. */
arg.sec = sec;
arg.usec = usec;
arg.ssl = ssl;
stat = rpctlscd_disconnect_1(&arg, NULL, cl);
printf("aft disconnect upcall=%d\n", stat);
CLNT_RELEASE(cl);
return (stat);
}
enum clnt_stat
rpctls_srv_disconnect(uint64_t sec, uint64_t usec, uint64_t ssl)
{
struct rpctlssd_disconnect_arg arg;
enum clnt_stat stat;
CLIENT *cl;
printf("In rpctls_srv_disconnect\n");
cl = rpctls_server_client();
printf("srv disconnect_client=%p\n", cl);
if (cl == NULL)
return (RPC_FAILED);
/* Do the disconnect upcall. */
arg.sec = sec;
arg.usec = usec;
arg.ssl = ssl;
stat = rpctlssd_disconnect_1(&arg, NULL, cl);
printf("aft srv disconnect upcall=%d\n", stat);
CLNT_RELEASE(cl);
return (stat);
}
/* Do an upcall for a new server socket using TLS. */
static enum clnt_stat
rpctls_server(struct socket *so, uint32_t *flags, uint64_t *sslp,
uid_t *uid, int *ngrps, gid_t **gids)
{
enum clnt_stat stat;
CLIENT *cl;
struct rpctlssd_connect_res res;
gid_t *gidp;
uint32_t *gidv;
int i;
static bool rpctls_server_busy = false;
printf("In rpctls_server\n");
cl = rpctls_server_client();
printf("server_client=%p\n", cl);
if (cl == NULL)
return (RPC_SYSTEMERROR);
/* Serialize the server upcalls. */
mtx_lock(&rpctls_server_lock);
while (rpctls_server_busy)
msleep(&rpctls_server_busy, &rpctls_server_lock, PVFS,
"rtlssn", 0);
rpctls_server_busy = true;
rpctls_server_so = so;
mtx_unlock(&rpctls_server_lock);
printf("rpctls_conect so=%p\n", so);
/* Do the server upcall. */
stat = rpctlssd_connect_1(NULL, &res, cl);
if (stat == RPC_SUCCESS) {
*flags = res.flags;
*sslp++ = res.sec;
*sslp++ = res.usec;
*sslp = res.ssl;
- if ((*flags & (RPCTLS_FLAGS_CNUSER |
- RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CNUSER) {
+ if ((*flags & (RPCTLS_FLAGS_CERTUSER |
+ RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER) {
*ngrps = res.gid.gid_len;
*uid = res.uid;
*gids = gidp = mem_alloc(*ngrps * sizeof(gid_t));
gidv = res.gid.gid_val;
printf("got uid=%d ngrps=%d gidv=%p gids=%p\n", *uid, *ngrps, gidv, gids);
for (i = 0; i < *ngrps; i++)
*gidp++ = *gidv++;
}
}
printf("aft server upcall stat=%d flags=0x%x\n", stat, res.flags);
CLNT_RELEASE(cl);
/* Once the upcall is done, the daemon is done with the fp and so. */
mtx_lock(&rpctls_server_lock);
rpctls_server_so = NULL;
rpctls_server_busy = false;
wakeup(&rpctls_server_busy);
mtx_unlock(&rpctls_server_lock);
printf("aft wakeup\n");
return (stat);
}
/*
* Handle the NULL RPC with authentication flavor of AUTH_TLS.
* This is a STARTTLS command, so do the upcall to the rpctlssd daemon,
* which will do the TLS handshake.
*/
enum auth_stat
_svcauth_rpcsec_tls(struct svc_req *rqst, struct rpc_msg *msg)
{
bool_t call_stat;
enum clnt_stat stat;
SVCXPRT *xprt;
uint32_t flags;
uint64_t ssl[3];
int ngrps;
uid_t uid;
gid_t *gidp;
/* Initialize reply. */
rqst->rq_verf = rpctls_null_verf;
printf("authtls: clen=%d vlen=%d fl=%d\n", rqst->rq_cred.oa_length, msg->rm_call.cb_verf.oa_length, msg->rm_call.cb_verf.oa_flavor);
/* Check client credentials. */
if (rqst->rq_cred.oa_length != 0 ||
msg->rm_call.cb_verf.oa_length != 0 ||
msg->rm_call.cb_verf.oa_flavor != AUTH_NULL)
return (AUTH_BADCRED);
printf("authtls proc=%d\n", rqst->rq_proc);
if (rqst->rq_proc != NULLPROC)
return (AUTH_REJECTEDCRED);
if (PMAP_HAS_DMAP == 0)
return (AUTH_REJECTEDCRED);
#ifndef KERN_TLS
return (AUTH_REJECTEDCRED);
#endif
/*
* Disable reception for the krpc so that the TLS handshake can
* be done on the socket in the rpctlssd daemon.
*/
xprt = rqst->rq_xprt;
sx_xlock(&xprt->xp_lock);
xprt->xp_dontrcv = TRUE;
sx_xunlock(&xprt->xp_lock);
/*
* Send the reply to the NULL RPC with AUTH_TLS, which is the
* STARTTLS command for Sun RPC.
*/
call_stat = svc_sendreply(rqst, (xdrproc_t)xdr_void, NULL);
printf("authtls: null reply=%d\n", call_stat);
if (!call_stat) {
sx_xlock(&xprt->xp_lock);
xprt->xp_dontrcv = FALSE;
sx_xunlock(&xprt->xp_lock);
xprt_active(xprt); /* Harmless if already active. */
return (AUTH_REJECTEDCRED);
}
/* Do an upcall to do the TLS handshake. */
stat = rpctls_server(rqst->rq_xprt->xp_socket, &flags,
ssl, &uid, &ngrps, &gidp);
/* Re-enable reception on the socket within the krpc. */
sx_xlock(&xprt->xp_lock);
xprt->xp_dontrcv = FALSE;
if (stat == RPC_SUCCESS) {
xprt->xp_tls = flags;
xprt->xp_sslsec = ssl[0];
xprt->xp_sslusec = ssl[1];
xprt->xp_sslrefno = ssl[2];
- if ((flags & (RPCTLS_FLAGS_CNUSER |
- RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CNUSER) {
+ if ((flags & (RPCTLS_FLAGS_CERTUSER |
+ RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER) {
xprt->xp_ngrps = ngrps;
xprt->xp_uid = uid;
xprt->xp_gidp = gidp;
printf("got uid=%d ngrps=%d gidp=%p\n", uid, ngrps, gidp);
}
}
sx_xunlock(&xprt->xp_lock);
xprt_active(xprt); /* Harmless if already active. */
printf("authtls: aft handshake stat=%d\n", stat);
return (RPCSEC_GSS_NODISPATCH);
}
Index: projects/nfs-over-tls/sys/rpc/rpcsec_tls.h
===================================================================
--- projects/nfs-over-tls/sys/rpc/rpcsec_tls.h (revision 359683)
+++ projects/nfs-over-tls/sys/rpc/rpcsec_tls.h (revision 359684)
@@ -1,58 +1,58 @@
/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2020 Rick Macklem
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifndef _RPCTLS_IMPL_H
#define _RPCTLS_IMPL_H
/* Operation values for rpctls syscall. */
#define RPCTLS_SYSC_SETPATH 1
#define RPCTLS_SYSC_CONNECT 2
#define RPCTLS_SYSC_SERVER 3
/* Flag bits to indicate certificate results. */
#define RPCTLS_FLAGS_HANDSHAKE 0x01
#define RPCTLS_FLAGS_GOTCERT 0x02
#define RPCTLS_FLAGS_SELFSIGNED 0x04
#define RPCTLS_FLAGS_VERIFIED 0x08
#define RPCTLS_FLAGS_DISABLED 0x10
-#define RPCTLS_FLAGS_CNUSER 0x20
+#define RPCTLS_FLAGS_CERTUSER 0x20
#ifdef _KERNEL
/* Functions that perform upcalls to the rpctlsd daemon. */
enum clnt_stat rpctls_connect(CLIENT *newclient, struct socket *so,
uint64_t *sslp);
enum clnt_stat rpctls_cl_disconnect(uint64_t sec, uint64_t usec, uint64_t ssl);
enum clnt_stat rpctls_srv_disconnect(uint64_t sec, uint64_t usec, uint64_t ssl);
/* String for AUTH_TLS reply verifier. */
#define RPCTLS_START_STRING "STARTTLS"
#endif /* _KERNEL */
#endif /* _RPCTLS_IMPL_H */
Index: projects/nfs-over-tls/sys/rpc/svc_auth.c
===================================================================
--- projects/nfs-over-tls/sys/rpc/svc_auth.c (revision 359683)
+++ projects/nfs-over-tls/sys/rpc/svc_auth.c (revision 359684)
@@ -1,227 +1,227 @@
/* $NetBSD: svc_auth.c,v 1.12 2000/07/06 03:10:35 christos Exp $ */
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 2009, Sun Microsystems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* - Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* - Neither the name of Sun Microsystems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Copyright (c) 1986-1991 by Sun Microsystems Inc.
*/
#if defined(LIBC_SCCS) && !defined(lint)
#ident "@(#)svc_auth.c 1.16 94/04/24 SMI"
static char sccsid[] = "@(#)svc_auth.c 1.26 89/02/07 Copyr 1984 Sun Micro";
#endif
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
/*
* svc_auth.c, Server-side rpc authenticator interface.
*
*/
#include <sys/param.h>
#include <sys/lock.h>
#include <sys/mutex.h>
#include <sys/systm.h>
#include <sys/jail.h>
#include <sys/ucred.h>
#include <rpc/rpc.h>
#include <rpc/rpcsec_tls.h>
static enum auth_stat (*_svcauth_rpcsec_gss)(struct svc_req *,
struct rpc_msg *) = NULL;
static int (*_svcauth_rpcsec_gss_getcred)(struct svc_req *,
struct ucred **, int *);
static struct svc_auth_ops svc_auth_null_ops;
/*
* The call rpc message, msg has been obtained from the wire. The msg contains
* the raw form of credentials and verifiers. authenticate returns AUTH_OK
* if the msg is successfully authenticated. If AUTH_OK then the routine also
* does the following things:
* set rqst->rq_xprt->verf to the appropriate response verifier;
* sets rqst->rq_client_cred to the "cooked" form of the credentials.
*
* NB: rqst->rq_cxprt->verf must be pre-alloctaed;
* its length is set appropriately.
*
* The caller still owns and is responsible for msg->u.cmb.cred and
* msg->u.cmb.verf. The authentication system retains ownership of
* rqst->rq_client_cred, the cooked credentials.
*
* There is an assumption that any flavour less than AUTH_NULL is
* invalid.
*/
enum auth_stat
_authenticate(struct svc_req *rqst, struct rpc_msg *msg)
{
int cred_flavor;
enum auth_stat dummy;
rqst->rq_cred = msg->rm_call.cb_cred;
rqst->rq_auth.svc_ah_ops = &svc_auth_null_ops;
rqst->rq_auth.svc_ah_private = NULL;
cred_flavor = rqst->rq_cred.oa_flavor;
switch (cred_flavor) {
case AUTH_NULL:
dummy = _svcauth_null(rqst, msg);
return (dummy);
case AUTH_SYS:
if ((rqst->rq_xprt->xp_tls & RPCTLS_FLAGS_DISABLED) != 0)
return (AUTH_REJECTEDCRED);
dummy = _svcauth_unix(rqst, msg);
return (dummy);
case AUTH_SHORT:
if ((rqst->rq_xprt->xp_tls & RPCTLS_FLAGS_DISABLED) != 0)
return (AUTH_REJECTEDCRED);
dummy = _svcauth_short(rqst, msg);
return (dummy);
case RPCSEC_GSS:
if ((rqst->rq_xprt->xp_tls & RPCTLS_FLAGS_DISABLED) != 0)
return (AUTH_REJECTEDCRED);
if (!_svcauth_rpcsec_gss)
return (AUTH_REJECTEDCRED);
dummy = _svcauth_rpcsec_gss(rqst, msg);
return (dummy);
case AUTH_TLS:
dummy = _svcauth_rpcsec_tls(rqst, msg);
return (dummy);
default:
break;
}
return (AUTH_REJECTEDCRED);
}
/*
* A set of null auth methods used by any authentication protocols
* that don't need to inspect or modify the message body.
*/
static bool_t
svcauth_null_wrap(SVCAUTH *auth, struct mbuf **mp)
{
return (TRUE);
}
static bool_t
svcauth_null_unwrap(SVCAUTH *auth, struct mbuf **mp)
{
return (TRUE);
}
static void
svcauth_null_release(SVCAUTH *auth)
{
}
static struct svc_auth_ops svc_auth_null_ops = {
svcauth_null_wrap,
svcauth_null_unwrap,
svcauth_null_release,
};
/*ARGSUSED*/
enum auth_stat
_svcauth_null(struct svc_req *rqst, struct rpc_msg *msg)
{
rqst->rq_verf = _null_auth;
return (AUTH_OK);
}
int
svc_auth_reg(int flavor,
enum auth_stat (*svcauth)(struct svc_req *, struct rpc_msg *),
int (*getcred)(struct svc_req *, struct ucred **, int *))
{
if (flavor == RPCSEC_GSS) {
_svcauth_rpcsec_gss = svcauth;
_svcauth_rpcsec_gss_getcred = getcred;
}
return (TRUE);
}
int
svc_getcred(struct svc_req *rqst, struct ucred **crp, int *flavorp)
{
struct ucred *cr = NULL;
int flavor;
struct xucred *xcr;
SVCXPRT *xprt = rqst->rq_xprt;
flavor = rqst->rq_cred.oa_flavor;
if (flavorp)
*flavorp = flavor;
/*
* If there are credentials acquired via a TLS
* certificate for this TCP connection, use those
* instead of what is in the RPC header.
*/
- if ((xprt->xp_tls & (RPCTLS_FLAGS_CNUSER |
- RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CNUSER &&
+ if ((xprt->xp_tls & (RPCTLS_FLAGS_CERTUSER |
+ RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER &&
flavor == AUTH_UNIX) {
cr = crget();
cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xprt->xp_uid;
crsetgroups(cr, xprt->xp_ngrps, xprt->xp_gidp);
cr->cr_rgid = cr->cr_svgid = xprt->xp_gidp[0];
cr->cr_prison = &prison0;
prison_hold(cr->cr_prison);
*crp = cr;
return (TRUE);
}
switch (flavor) {
case AUTH_UNIX:
xcr = (struct xucred *) rqst->rq_clntcred;
cr = crget();
cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid;
crsetgroups(cr, xcr->cr_ngroups, xcr->cr_groups);
cr->cr_rgid = cr->cr_svgid = cr->cr_groups[0];
cr->cr_prison = &prison0;
prison_hold(cr->cr_prison);
*crp = cr;
return (TRUE);
case RPCSEC_GSS:
if (!_svcauth_rpcsec_gss_getcred)
return (FALSE);
return (_svcauth_rpcsec_gss_getcred(rqst, crp, flavorp));
default:
return (FALSE);
}
}