/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
*/
/*
* Copyright 2018 Nexenta Systems, Inc.
* Copyright 2020 Joyent, Inc.
*/
#include <sys/types.h>
#include <sys/types32.h>
#include <sys/param.h>
#include <sys/systm.h>
#include <rpc/types.h>
#include <sys/vfs.h>
#include <sys/siginfo.h>
#include <sys/proc.h> /* for exit() declaration */
#include <sys/kmem.h>
#include <sys/pathname.h>
#include <sys/debug.h>
#include <sys/vtrace.h>
#include <sys/cmn_err.h>
#include <sys/atomic.h>
#include <sys/policy.h>
#include <sharefs/sharefs.h>
/*
* A macro to avoid cut-and-paste errors on getting a string field
* from user-land.
*/
#define SHARETAB_COPYIN(field) \
if (copyinstr(STRUCT_FGETP(u_sh, sh_##field), \
buf, \
bufsz + 1, /* Add one for extra NUL */ \
&len)) { \
error = EFAULT; \
goto cleanup; \
} \
/* Need to remove 1 because copyinstr() counts the NUL */ \
len--; \
sh->sh_##field = kmem_alloc(len + 1, KM_SLEEP); \
bcopy(buf, sh->sh_##field, len); \
sh->sh_##field[len] = '\0'; \
shl.shl_##field = (int)len; \
sh->sh_size += shl.shl_##field; /* Debug counting */
#define SHARETAB_DELETE_FIELD(field) \
if (sh->sh_##field != NULL) { \
kmem_free(sh->sh_##field, \
shl ? shl->shl_##field + 1 : \
strlen(sh->sh_##field) + 1); \
}
static zone_key_t sharetab_zone_key;
/*
* Take care of cleaning up a share.
* If passed in a length array, use it to determine how much
* space to clean up. Else, figure that out.
*/
static void
sharefree(share_t *sh, sharefs_lens_t *shl)
{
if (sh == NULL)
return;
SHARETAB_DELETE_FIELD(path);
SHARETAB_DELETE_FIELD(res);
SHARETAB_DELETE_FIELD(fstype);
SHARETAB_DELETE_FIELD(opts);
SHARETAB_DELETE_FIELD(descr);
kmem_free(sh, sizeof (*sh));
}
/*
* If there is no error, then this function is responsible for
* cleaning up the memory associated with the share argument.
*/
static int
sharefs_remove(sharetab_globals_t *sg, share_t *sh, sharefs_lens_t *shl)
{
int iHash;
sharetab_t *sht;
share_t *s, *p;
int iPath;
if (!sh)
return (ENOENT);
rw_enter(&sg->sharetab_lock, RW_WRITER);
for (sht = sg->sharefs_sharetab; sht != NULL; sht = sht->s_next) {
if (strcmp(sh->sh_fstype, sht->s_fstype) == 0)
break;
}
/*
* There does not exist a fstype in memory which
* matches the share passed in.
*/
if (sht == NULL) {
rw_exit(&sg->sharetab_lock);
return (ENOENT);
}
iPath = shl != NULL ? shl->shl_path : strlen(sh->sh_path);
iHash = pkp_tab_hash(sh->sh_path, strlen(sh->sh_path));
/*
* Now walk down the hash table and find the entry to free!
*/
for (p = NULL, s = sht->s_buckets[iHash].ssh_sh;
s != NULL; s = s->sh_next) {
/*
* We need exact matches.
*/
if (strcmp(sh->sh_path, s->sh_path) == 0 &&
strlen(s->sh_path) == iPath) {
if (p != NULL)
p->sh_next = s->sh_next;
else
sht->s_buckets[iHash].ssh_sh = s->sh_next;
ASSERT(sht->s_buckets[iHash].ssh_count != 0);
atomic_dec_32(&sht->s_buckets[iHash].ssh_count);
atomic_dec_32(&sht->s_count);
atomic_dec_32(&sg->sharetab_count);
ASSERT(sg->sharetab_size >= s->sh_size);
sg->sharetab_size -= s->sh_size;
gethrestime(&sg->sharetab_mtime);
atomic_inc_32(&sg->sharetab_generation);
break;
}
p = s;
}
rw_exit(&sg->sharetab_lock);
if (s == NULL)
return (ENOENT);
s->sh_next = NULL;
sharefree(s, NULL);
/* We need to free the share for the caller */
sharefree(sh, shl);
return (0);
}
/*
* The caller must have allocated memory for us to use.
*/
static int
sharefs_add(sharetab_globals_t *sg, share_t *sh, sharefs_lens_t *shl)
{
int iHash;
sharetab_t *sht;
share_t *s, *p;
int iPath;
int n;
if (sh == NULL)
return (ENOENT);
/* We need to find the hash buckets for the fstype */
rw_enter(&sg->sharetab_lock, RW_WRITER);
for (sht = sg->sharefs_sharetab; sht != NULL; sht = sht->s_next) {
if (strcmp(sh->sh_fstype, sht->s_fstype) == 0)
break;
}
/* Did not exist, so allocate one and add it to the sharetab */
if (sht == NULL) {
sht = kmem_zalloc(sizeof (*sht), KM_SLEEP);
n = strlen(sh->sh_fstype);
sht->s_fstype = kmem_zalloc(n + 1, KM_SLEEP);
(void) strncpy(sht->s_fstype, sh->sh_fstype, n);
sht->s_next = sg->sharefs_sharetab;
sg->sharefs_sharetab = sht;
}
/* Now we need to find where we have to add the entry */
iPath = shl != NULL ? shl->shl_path : strlen(sh->sh_path);
iHash = pkp_tab_hash(sh->sh_path, strlen(sh->sh_path));
if (shl) {
sh->sh_size = shl->shl_path + shl->shl_res +
shl->shl_fstype + shl->shl_opts + shl->shl_descr;
} else {
sh->sh_size = strlen(sh->sh_path) +
strlen(sh->sh_res) + strlen(sh->sh_fstype) +
strlen(sh->sh_opts) + strlen(sh->sh_descr);
}
/* We need to account for field separators and the EOL */
sh->sh_size += 5;
/* Now walk down the hash table and add the new entry */
for (p = NULL, s = sht->s_buckets[iHash].ssh_sh;
s != NULL; s = s->sh_next) {
/*
* We need exact matches.
*
* We found a matching path. Either we have a
* duplicate path in a share command or we are
* being asked to replace an existing entry.
*/
if (strcmp(sh->sh_path, s->sh_path) == 0 &&
strlen(s->sh_path) == iPath) {
if (p != NULL)
p->sh_next = sh;
else
sht->s_buckets[iHash].ssh_sh = sh;
sh->sh_next = s->sh_next;
ASSERT(sg->sharetab_size >= s->sh_size);
sg->sharetab_size -= s->sh_size;
sg->sharetab_size += sh->sh_size;
/* Get rid of the old node */
sharefree(s, NULL);
gethrestime(&sg->sharetab_mtime);
atomic_inc_32(&sg->sharetab_generation);
ASSERT(sht->s_buckets[iHash].ssh_count != 0);
rw_exit(&sg->sharetab_lock);
return (0);
}
p = s;
}
/*
* Okay, we have gone through the entire hash chain and not
* found a match. We just need to add this node.
*/
sh->sh_next = sht->s_buckets[iHash].ssh_sh;
sht->s_buckets[iHash].ssh_sh = sh;
atomic_inc_32(&sht->s_buckets[iHash].ssh_count);
atomic_inc_32(&sht->s_count);
atomic_inc_32(&sg->sharetab_count);
sg->sharetab_size += sh->sh_size;
gethrestime(&sg->sharetab_mtime);
atomic_inc_32(&sg->sharetab_generation);
rw_exit(&sg->sharetab_lock);
return (0);
}
/* ARGSUSED */
static void *
sharetab_zone_init(zoneid_t zoneid)
{
sharetab_globals_t *sg;
sg = kmem_zalloc(sizeof (*sg), KM_SLEEP);
rw_init(&sg->sharetab_lock, NULL, RW_DEFAULT, NULL);
rw_init(&sg->sharefs_lock, NULL, RW_DEFAULT, NULL);
sg->sharetab_size = 0;
sg->sharetab_count = 0;
sg->sharetab_generation = 1;
gethrestime(&sg->sharetab_mtime);
gethrestime(&sg->sharetab_snap_time);
return (sg);
}
/* ARGSUSED */
static void
sharetab_zone_fini(zoneid_t zoneid, void *data)
{
sharetab_globals_t *sg = data;
rw_destroy(&sg->sharefs_lock);
rw_destroy(&sg->sharetab_lock);
/* ALL of the allocated things must be cleaned before we free sg. */
while (sg->sharefs_sharetab != NULL) {
int i;
sharetab_t *freeing = sg->sharefs_sharetab;
sg->sharefs_sharetab = freeing->s_next;
kmem_free(freeing->s_fstype, strlen(freeing->s_fstype) + 1);
for (i = 0; i < PKP_HASH_SIZE; i++) {
sharefs_hash_head_t *bucket;
bucket = &(freeing->s_buckets[i]);
while (bucket->ssh_sh != NULL) {
share_t *share = bucket->ssh_sh;
bucket->ssh_sh = share->sh_next;
sharefree(share, NULL);
}
}
kmem_free(freeing, sizeof (*freeing));
}
kmem_free(sg, sizeof (*sg));
}
void
sharefs_sharetab_init(void)
{
zone_key_create(&sharetab_zone_key, sharetab_zone_init,
NULL, sharetab_zone_fini);
}
sharetab_globals_t *
sharetab_get_globals(zone_t *zone)
{
return (zone_getspecific(sharetab_zone_key, zone));
}
int
sharefs_impl(enum sharefs_sys_op opcode, share_t *sh_in, uint32_t iMaxLen)
{
int error = 0;
size_t len;
size_t bufsz;
share_t *sh;
sharefs_lens_t shl;
model_t model;
char *buf = NULL;
sharetab_globals_t *sg = sharetab_get_globals(curzone);
STRUCT_DECL(share, u_sh);
bufsz = iMaxLen;
/*
* Before we do anything, lets make sure we have
* a sharetab in memory if we need one.
*/
rw_enter(&sg->sharetab_lock, RW_READER);
switch (opcode) {
case SHAREFS_REMOVE:
case SHAREFS_REPLACE:
if (!sg->sharefs_sharetab) {
rw_exit(&sg->sharetab_lock);
return (set_errno(ENOENT));
}
break;
case SHAREFS_ADD:
default:
break;
}
rw_exit(&sg->sharetab_lock);
model = get_udatamodel();
/*
* Initialize the data pointers.
*/
STRUCT_INIT(u_sh, model);
if (copyin(sh_in, STRUCT_BUF(u_sh), STRUCT_SIZE(u_sh)))
return (set_errno(EFAULT));
/* Get the share */
sh = kmem_zalloc(sizeof (share_t), KM_SLEEP);
/* Get some storage for copying in the strings */
buf = kmem_zalloc(bufsz + 1, KM_SLEEP);
bzero(&shl, sizeof (sharefs_lens_t));
/* Only grab these two until we know what we want */
SHARETAB_COPYIN(path);
SHARETAB_COPYIN(fstype);
switch (opcode) {
case SHAREFS_ADD:
case SHAREFS_REPLACE:
SHARETAB_COPYIN(res);
SHARETAB_COPYIN(opts);
SHARETAB_COPYIN(descr);
error = sharefs_add(sg, sh, &shl);
break;
case SHAREFS_REMOVE:
error = sharefs_remove(sg, sh, &shl);
break;
default:
error = EINVAL;
break;
}
cleanup:
/*
* If there is no error, then we have stashed the structure
* away in the sharetab hash table or have deleted it.
*
* Either way, the only reason to blow away the data is if
* there was an error.
*/
if (error != 0)
sharefree(sh, &shl);
if (buf != NULL)
kmem_free(buf, bufsz + 1);
return (error != 0 ? set_errno(error) : 0);
}
int
sharefs(enum sharefs_sys_op opcode, share_t *sh_in, uint32_t iMaxLen)
{
/*
* If we're in the global zone PRIV_SYS_CONFIG gives us the
* privileges needed to act on sharetab. However if we're in
* a non-global zone PRIV_SYS_CONFIG is not allowed. To work
* around this issue PRIV_SYS_NFS is used in this case.
*
* TODO: This basically overloads the definition/use of
* PRIV_SYS_NFS to work around the limitation of PRIV_SYS_CONFIG
* in a zone. Solaris 11 solved this by implementing a PRIV_SYS_SHARE
* we should do the same and replace the use of PRIV_SYS_NFS here and
* in zfs_secpolicy_share.
*/
if (INGLOBALZONE(curproc)) {
if (secpolicy_sys_config(CRED(), B_FALSE) != 0)
return (set_errno(EPERM));
} else {
/* behave like zfs_secpolicy_share() */
if (secpolicy_nfs(CRED()) != 0)
return (set_errno(EPERM));
}
return (sharefs_impl(opcode, sh_in, iMaxLen));
}