1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include <linux/string_helpers.h> 46 #include <linux/fsnotify.h> 47 #include <linux/rhashtable.h> 48 #include <linux/nfs_ssc.h> 49 50 #include "xdr4.h" 51 #include "xdr4cb.h" 52 #include "vfs.h" 53 #include "current_stateid.h" 54 55 #include "netns.h" 56 #include "pnfs.h" 57 #include "filecache.h" 58 #include "trace.h" 59 60 #define NFSDDBG_FACILITY NFSDDBG_PROC 61 62 #define all_ones {{ ~0, ~0}, ~0} 63 static const stateid_t one_stateid = { 64 .si_generation = ~0, 65 .si_opaque = all_ones, 66 }; 67 static const stateid_t zero_stateid = { 68 /* all fields zero */ 69 }; 70 static const stateid_t currentstateid = { 71 .si_generation = 1, 72 }; 73 static const stateid_t close_stateid = { 74 .si_generation = 0xffffffffU, 75 }; 76 77 static u64 current_sessionid = 1; 78 79 bool nfsd_delegts_enabled __read_mostly = true; 80 81 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 82 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 83 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 84 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 85 86 /* forward declarations */ 87 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 88 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 89 static void nfsd4_end_grace(struct nfsd_net *nn); 90 static void _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps); 91 static void nfsd4_file_hash_remove(struct nfs4_file *fi); 92 static void deleg_reaper(struct nfsd_net *nn); 93 94 /* Locking: */ 95 96 enum nfsd4_st_mutex_lock_subclass { 97 OPEN_STATEID_MUTEX = 0, 98 LOCK_STATEID_MUTEX = 1, 99 }; 100 101 /* 102 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 103 * the refcount on the open stateid to drop. 104 */ 105 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 106 107 /* 108 * A waitqueue where a writer to clients/#/ctl destroying a client can 109 * wait for cl_rpc_users to drop to 0 and then for the client to be 110 * unhashed. 111 */ 112 static DECLARE_WAIT_QUEUE_HEAD(expiry_wq); 113 114 static struct kmem_cache *client_slab; 115 static struct kmem_cache *openowner_slab; 116 static struct kmem_cache *lockowner_slab; 117 static struct kmem_cache *file_slab; 118 static struct kmem_cache *stateid_slab; 119 static struct kmem_cache *deleg_slab; 120 static struct kmem_cache *odstate_slab; 121 122 static void free_session(struct nfsd4_session *); 123 124 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 125 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 126 static const struct nfsd4_callback_ops nfsd4_cb_getattr_ops; 127 128 static struct workqueue_struct *laundry_wq; 129 130 int nfsd4_create_laundry_wq(void) 131 { 132 int rc = 0; 133 134 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 135 if (laundry_wq == NULL) 136 rc = -ENOMEM; 137 return rc; 138 } 139 140 void nfsd4_destroy_laundry_wq(void) 141 { 142 destroy_workqueue(laundry_wq); 143 } 144 145 static bool is_session_dead(struct nfsd4_session *ses) 146 { 147 return ses->se_dead; 148 } 149 150 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 151 { 152 if (atomic_read(&ses->se_ref) > ref_held_by_me) 153 return nfserr_jukebox; 154 ses->se_dead = true; 155 return nfs_ok; 156 } 157 158 static bool is_client_expired(struct nfs4_client *clp) 159 { 160 return clp->cl_time == 0; 161 } 162 163 static void nfsd4_dec_courtesy_client_count(struct nfsd_net *nn, 164 struct nfs4_client *clp) 165 { 166 if (clp->cl_state != NFSD4_ACTIVE) 167 atomic_add_unless(&nn->nfsd_courtesy_clients, -1, 0); 168 } 169 170 static __be32 get_client_locked(struct nfs4_client *clp) 171 { 172 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 173 174 lockdep_assert_held(&nn->client_lock); 175 176 if (is_client_expired(clp)) 177 return nfserr_expired; 178 atomic_inc(&clp->cl_rpc_users); 179 nfsd4_dec_courtesy_client_count(nn, clp); 180 clp->cl_state = NFSD4_ACTIVE; 181 return nfs_ok; 182 } 183 184 /* must be called under the client_lock */ 185 static inline void 186 renew_client_locked(struct nfs4_client *clp) 187 { 188 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 189 190 if (is_client_expired(clp)) { 191 WARN_ON(1); 192 printk("%s: client (clientid %08x/%08x) already expired\n", 193 __func__, 194 clp->cl_clientid.cl_boot, 195 clp->cl_clientid.cl_id); 196 return; 197 } 198 199 list_move_tail(&clp->cl_lru, &nn->client_lru); 200 clp->cl_time = ktime_get_boottime_seconds(); 201 nfsd4_dec_courtesy_client_count(nn, clp); 202 clp->cl_state = NFSD4_ACTIVE; 203 } 204 205 static void put_client_renew_locked(struct nfs4_client *clp) 206 { 207 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 208 209 lockdep_assert_held(&nn->client_lock); 210 211 if (!atomic_dec_and_test(&clp->cl_rpc_users)) 212 return; 213 if (!is_client_expired(clp)) 214 renew_client_locked(clp); 215 else 216 wake_up_all(&expiry_wq); 217 } 218 219 static void put_client_renew(struct nfs4_client *clp) 220 { 221 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 222 223 if (!atomic_dec_and_lock(&clp->cl_rpc_users, &nn->client_lock)) 224 return; 225 if (!is_client_expired(clp)) 226 renew_client_locked(clp); 227 else 228 wake_up_all(&expiry_wq); 229 spin_unlock(&nn->client_lock); 230 } 231 232 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 233 { 234 __be32 status; 235 236 if (is_session_dead(ses)) 237 return nfserr_badsession; 238 status = get_client_locked(ses->se_client); 239 if (status) 240 return status; 241 atomic_inc(&ses->se_ref); 242 return nfs_ok; 243 } 244 245 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 246 { 247 struct nfs4_client *clp = ses->se_client; 248 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 249 250 lockdep_assert_held(&nn->client_lock); 251 252 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 253 free_session(ses); 254 put_client_renew_locked(clp); 255 } 256 257 static void nfsd4_put_session(struct nfsd4_session *ses) 258 { 259 struct nfs4_client *clp = ses->se_client; 260 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 261 262 spin_lock(&nn->client_lock); 263 nfsd4_put_session_locked(ses); 264 spin_unlock(&nn->client_lock); 265 } 266 267 static struct nfsd4_blocked_lock * 268 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 269 struct nfsd_net *nn) 270 { 271 struct nfsd4_blocked_lock *cur, *found = NULL; 272 273 spin_lock(&nn->blocked_locks_lock); 274 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 275 if (fh_match(fh, &cur->nbl_fh)) { 276 list_del_init(&cur->nbl_list); 277 WARN_ON(list_empty(&cur->nbl_lru)); 278 list_del_init(&cur->nbl_lru); 279 found = cur; 280 break; 281 } 282 } 283 spin_unlock(&nn->blocked_locks_lock); 284 if (found) 285 locks_delete_block(&found->nbl_lock); 286 return found; 287 } 288 289 static struct nfsd4_blocked_lock * 290 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 291 struct nfsd_net *nn) 292 { 293 struct nfsd4_blocked_lock *nbl; 294 295 nbl = find_blocked_lock(lo, fh, nn); 296 if (!nbl) { 297 nbl = kmalloc_obj(*nbl); 298 if (nbl) { 299 INIT_LIST_HEAD(&nbl->nbl_list); 300 INIT_LIST_HEAD(&nbl->nbl_lru); 301 fh_copy_shallow(&nbl->nbl_fh, fh); 302 locks_init_lock(&nbl->nbl_lock); 303 kref_init(&nbl->nbl_kref); 304 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 305 &nfsd4_cb_notify_lock_ops, 306 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 307 } 308 } 309 return nbl; 310 } 311 312 static void 313 free_nbl(struct kref *kref) 314 { 315 struct nfsd4_blocked_lock *nbl; 316 317 nbl = container_of(kref, struct nfsd4_blocked_lock, nbl_kref); 318 locks_release_private(&nbl->nbl_lock); 319 kfree(nbl); 320 } 321 322 static void 323 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 324 { 325 locks_delete_block(&nbl->nbl_lock); 326 kref_put(&nbl->nbl_kref, free_nbl); 327 } 328 329 static void 330 remove_blocked_locks(struct nfs4_lockowner *lo) 331 { 332 struct nfs4_client *clp = lo->lo_owner.so_client; 333 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 334 struct nfsd4_blocked_lock *nbl; 335 LIST_HEAD(reaplist); 336 337 /* Dequeue all blocked locks */ 338 spin_lock(&nn->blocked_locks_lock); 339 while (!list_empty(&lo->lo_blocked)) { 340 nbl = list_first_entry(&lo->lo_blocked, 341 struct nfsd4_blocked_lock, 342 nbl_list); 343 list_del_init(&nbl->nbl_list); 344 WARN_ON(list_empty(&nbl->nbl_lru)); 345 list_move(&nbl->nbl_lru, &reaplist); 346 } 347 spin_unlock(&nn->blocked_locks_lock); 348 349 /* Now free them */ 350 while (!list_empty(&reaplist)) { 351 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 352 nbl_lru); 353 list_del_init(&nbl->nbl_lru); 354 free_blocked_lock(nbl); 355 } 356 } 357 358 static void 359 nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb) 360 { 361 struct nfsd4_blocked_lock *nbl = container_of(cb, 362 struct nfsd4_blocked_lock, nbl_cb); 363 locks_delete_block(&nbl->nbl_lock); 364 } 365 366 static int 367 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 368 { 369 trace_nfsd_cb_notify_lock_done(&zero_stateid, task); 370 371 /* 372 * Since this is just an optimization, we don't try very hard if it 373 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 374 * just quit trying on anything else. 375 */ 376 switch (task->tk_status) { 377 case -NFS4ERR_DELAY: 378 rpc_delay(task, 1 * HZ); 379 return 0; 380 default: 381 return 1; 382 } 383 } 384 385 static void 386 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 387 { 388 struct nfsd4_blocked_lock *nbl = container_of(cb, 389 struct nfsd4_blocked_lock, nbl_cb); 390 391 free_blocked_lock(nbl); 392 } 393 394 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 395 .prepare = nfsd4_cb_notify_lock_prepare, 396 .done = nfsd4_cb_notify_lock_done, 397 .release = nfsd4_cb_notify_lock_release, 398 .opcode = OP_CB_NOTIFY_LOCK, 399 }; 400 401 /* 402 * We store the NONE, READ, WRITE, and BOTH bits separately in the 403 * st_{access,deny}_bmap field of the stateid, in order to track not 404 * only what share bits are currently in force, but also what 405 * combinations of share bits previous opens have used. This allows us 406 * to enforce the recommendation in 407 * https://datatracker.ietf.org/doc/html/rfc7530#section-16.19.4 that 408 * the server return an error if the client attempt to downgrade to a 409 * combination of share bits not explicable by closing some of its 410 * previous opens. 411 * 412 * This enforcement is arguably incomplete, since we don't keep 413 * track of access/deny bit combinations; so, e.g., we allow: 414 * 415 * OPEN allow read, deny write 416 * OPEN allow both, deny none 417 * DOWNGRADE allow read, deny none 418 * 419 * which we should reject. 420 * 421 * But you could also argue that our current code is already overkill, 422 * since it only exists to return NFS4ERR_INVAL on incorrect client 423 * behavior. 424 */ 425 static unsigned int 426 bmap_to_share_mode(unsigned long bmap) 427 { 428 int i; 429 unsigned int access = 0; 430 431 for (i = 1; i < 4; i++) { 432 if (test_bit(i, &bmap)) 433 access |= i; 434 } 435 return access; 436 } 437 438 /* set share access for a given stateid */ 439 static inline void 440 set_access(u32 access, struct nfs4_ol_stateid *stp) 441 { 442 unsigned char mask = 1 << access; 443 444 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 445 stp->st_access_bmap |= mask; 446 } 447 448 /* clear share access for a given stateid */ 449 static inline void 450 clear_access(u32 access, struct nfs4_ol_stateid *stp) 451 { 452 unsigned char mask = 1 << access; 453 454 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 455 stp->st_access_bmap &= ~mask; 456 } 457 458 /* test whether a given stateid has access */ 459 static inline bool 460 test_access(u32 access, struct nfs4_ol_stateid *stp) 461 { 462 unsigned char mask = 1 << access; 463 464 return (bool)(stp->st_access_bmap & mask); 465 } 466 467 /* set share deny for a given stateid */ 468 static inline void 469 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 470 { 471 unsigned char mask = 1 << deny; 472 473 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 474 stp->st_deny_bmap |= mask; 475 } 476 477 /* clear share deny for a given stateid */ 478 static inline void 479 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 480 { 481 unsigned char mask = 1 << deny; 482 483 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 484 stp->st_deny_bmap &= ~mask; 485 } 486 487 /* test whether a given stateid is denying specific access */ 488 static inline bool 489 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 490 { 491 unsigned char mask = 1 << deny; 492 493 return (bool)(stp->st_deny_bmap & mask); 494 } 495 496 static int nfs4_access_to_omode(u32 access) 497 { 498 switch (access & NFS4_SHARE_ACCESS_BOTH) { 499 case NFS4_SHARE_ACCESS_READ: 500 return O_RDONLY; 501 case NFS4_SHARE_ACCESS_WRITE: 502 return O_WRONLY; 503 case NFS4_SHARE_ACCESS_BOTH: 504 return O_RDWR; 505 } 506 WARN_ON_ONCE(1); 507 return O_RDONLY; 508 } 509 510 static inline int 511 access_permit_read(struct nfs4_ol_stateid *stp) 512 { 513 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 514 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 515 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 516 } 517 518 static inline int 519 access_permit_write(struct nfs4_ol_stateid *stp) 520 { 521 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 522 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 523 } 524 525 static inline struct nfs4_stateowner * 526 nfs4_get_stateowner(struct nfs4_stateowner *sop) 527 { 528 atomic_inc(&sop->so_count); 529 return sop; 530 } 531 532 static int 533 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 534 { 535 return (sop->so_owner.len == owner->len) && 536 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 537 } 538 539 static struct nfs4_openowner * 540 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 541 struct nfs4_client *clp) 542 { 543 struct nfs4_stateowner *so; 544 545 lockdep_assert_held(&clp->cl_lock); 546 547 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 548 so_strhash) { 549 if (!so->so_is_open_owner) 550 continue; 551 if (same_owner_str(so, &open->op_owner)) 552 return openowner(nfs4_get_stateowner(so)); 553 } 554 return NULL; 555 } 556 557 static inline u32 558 opaque_hashval(const void *ptr, int nbytes) 559 { 560 unsigned char *cptr = (unsigned char *) ptr; 561 562 u32 x = 0; 563 while (nbytes--) { 564 x *= 37; 565 x += *cptr++; 566 } 567 return x; 568 } 569 570 void 571 put_nfs4_file(struct nfs4_file *fi) 572 { 573 if (refcount_dec_and_test(&fi->fi_ref)) { 574 nfsd4_file_hash_remove(fi); 575 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 576 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 577 kfree_rcu(fi, fi_rcu); 578 } 579 } 580 581 static struct nfsd_file * 582 find_writeable_file_locked(struct nfs4_file *f) 583 { 584 struct nfsd_file *ret; 585 586 lockdep_assert_held(&f->fi_lock); 587 588 ret = nfsd_file_get(f->fi_fds[O_WRONLY]); 589 if (!ret) 590 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 591 return ret; 592 } 593 594 static struct nfsd_file * 595 find_writeable_file(struct nfs4_file *f) 596 { 597 struct nfsd_file *ret; 598 599 spin_lock(&f->fi_lock); 600 ret = find_writeable_file_locked(f); 601 spin_unlock(&f->fi_lock); 602 603 return ret; 604 } 605 606 static struct nfsd_file * 607 find_readable_file_locked(struct nfs4_file *f) 608 { 609 struct nfsd_file *ret; 610 611 lockdep_assert_held(&f->fi_lock); 612 613 ret = nfsd_file_get(f->fi_fds[O_RDONLY]); 614 if (!ret) 615 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 616 return ret; 617 } 618 619 static struct nfsd_file * 620 find_readable_file(struct nfs4_file *f) 621 { 622 struct nfsd_file *ret; 623 624 spin_lock(&f->fi_lock); 625 ret = find_readable_file_locked(f); 626 spin_unlock(&f->fi_lock); 627 628 return ret; 629 } 630 631 struct nfsd_file * 632 find_any_file(struct nfs4_file *f) 633 { 634 struct nfsd_file *ret; 635 636 if (!f) 637 return NULL; 638 spin_lock(&f->fi_lock); 639 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 640 if (!ret) { 641 ret = nfsd_file_get(f->fi_fds[O_WRONLY]); 642 if (!ret) 643 ret = nfsd_file_get(f->fi_fds[O_RDONLY]); 644 } 645 spin_unlock(&f->fi_lock); 646 return ret; 647 } 648 649 static struct nfsd_file *find_any_file_locked(struct nfs4_file *f) 650 { 651 lockdep_assert_held(&f->fi_lock); 652 653 if (f->fi_fds[O_RDWR]) 654 return f->fi_fds[O_RDWR]; 655 if (f->fi_fds[O_WRONLY]) 656 return f->fi_fds[O_WRONLY]; 657 if (f->fi_fds[O_RDONLY]) 658 return f->fi_fds[O_RDONLY]; 659 return NULL; 660 } 661 662 static atomic_long_t num_delegations; 663 unsigned long max_delegations; 664 665 /* 666 * Open owner state (share locks) 667 */ 668 669 /* hash tables for lock and open owners */ 670 #define OWNER_HASH_BITS 8 671 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 672 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 673 674 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 675 { 676 unsigned int ret; 677 678 ret = opaque_hashval(ownername->data, ownername->len); 679 return ret & OWNER_HASH_MASK; 680 } 681 682 static struct rhltable nfs4_file_rhltable ____cacheline_aligned_in_smp; 683 684 static const struct rhashtable_params nfs4_file_rhash_params = { 685 .key_len = sizeof_field(struct nfs4_file, fi_inode), 686 .key_offset = offsetof(struct nfs4_file, fi_inode), 687 .head_offset = offsetof(struct nfs4_file, fi_rlist), 688 689 /* 690 * Start with a single page hash table to reduce resizing churn 691 * on light workloads. 692 */ 693 .min_size = 256, 694 .automatic_shrinking = true, 695 }; 696 697 /* 698 * Check if courtesy clients have conflicting access and resolve it if possible 699 * 700 * access: is op_share_access if share_access is true. 701 * Check if access mode, op_share_access, would conflict with 702 * the current deny mode of the file 'fp'. 703 * access: is op_share_deny if share_access is false. 704 * Check if the deny mode, op_share_deny, would conflict with 705 * current access of the file 'fp'. 706 * stp: skip checking this entry. 707 * new_stp: normal open, not open upgrade. 708 * 709 * Function returns: 710 * false - access/deny mode conflict with normal client. 711 * true - no conflict or conflict with courtesy client(s) is resolved. 712 */ 713 static bool 714 nfs4_resolve_deny_conflicts_locked(struct nfs4_file *fp, bool new_stp, 715 struct nfs4_ol_stateid *stp, u32 access, bool share_access) 716 { 717 struct nfs4_ol_stateid *st; 718 bool resolvable = true; 719 unsigned char bmap; 720 struct nfsd_net *nn; 721 struct nfs4_client *clp; 722 723 lockdep_assert_held(&fp->fi_lock); 724 list_for_each_entry(st, &fp->fi_stateids, st_perfile) { 725 /* ignore lock stateid */ 726 if (st->st_openstp) 727 continue; 728 if (st == stp && new_stp) 729 continue; 730 /* check file access against deny mode or vice versa */ 731 bmap = share_access ? st->st_deny_bmap : st->st_access_bmap; 732 if (!(access & bmap_to_share_mode(bmap))) 733 continue; 734 clp = st->st_stid.sc_client; 735 if (try_to_expire_client(clp)) 736 continue; 737 resolvable = false; 738 break; 739 } 740 if (resolvable) { 741 clp = stp->st_stid.sc_client; 742 nn = net_generic(clp->net, nfsd_net_id); 743 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 744 } 745 return resolvable; 746 } 747 748 static void 749 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 750 { 751 lockdep_assert_held(&fp->fi_lock); 752 753 if (access & NFS4_SHARE_ACCESS_WRITE) 754 atomic_inc(&fp->fi_access[O_WRONLY]); 755 if (access & NFS4_SHARE_ACCESS_READ) 756 atomic_inc(&fp->fi_access[O_RDONLY]); 757 } 758 759 static __be32 760 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 761 { 762 lockdep_assert_held(&fp->fi_lock); 763 764 /* Does this access mode make sense? */ 765 if (access & ~NFS4_SHARE_ACCESS_BOTH) 766 return nfserr_inval; 767 768 /* Does it conflict with a deny mode already set? */ 769 if ((access & fp->fi_share_deny) != 0) 770 return nfserr_share_denied; 771 772 __nfs4_file_get_access(fp, access); 773 return nfs_ok; 774 } 775 776 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 777 { 778 /* Common case is that there is no deny mode. */ 779 if (deny) { 780 /* Does this deny mode make sense? */ 781 if (deny & ~NFS4_SHARE_DENY_BOTH) 782 return nfserr_inval; 783 784 if ((deny & NFS4_SHARE_DENY_READ) && 785 atomic_read(&fp->fi_access[O_RDONLY])) 786 return nfserr_share_denied; 787 788 if ((deny & NFS4_SHARE_DENY_WRITE) && 789 atomic_read(&fp->fi_access[O_WRONLY])) 790 return nfserr_share_denied; 791 } 792 return nfs_ok; 793 } 794 795 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 796 { 797 might_lock(&fp->fi_lock); 798 799 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 800 struct nfsd_file *f1 = NULL; 801 struct nfsd_file *f2 = NULL; 802 803 swap(f1, fp->fi_fds[oflag]); 804 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 805 swap(f2, fp->fi_fds[O_RDWR]); 806 spin_unlock(&fp->fi_lock); 807 if (f1) 808 nfsd_file_put(f1); 809 if (f2) 810 nfsd_file_put(f2); 811 } 812 } 813 814 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 815 { 816 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 817 818 if (access & NFS4_SHARE_ACCESS_WRITE) 819 __nfs4_file_put_access(fp, O_WRONLY); 820 if (access & NFS4_SHARE_ACCESS_READ) 821 __nfs4_file_put_access(fp, O_RDONLY); 822 } 823 824 /* 825 * Allocate a new open/delegation state counter. This is needed for 826 * pNFS for proper return on close semantics. 827 * 828 * Note that we only allocate it for pNFS-enabled exports, otherwise 829 * all pointers to struct nfs4_clnt_odstate are always NULL. 830 */ 831 static struct nfs4_clnt_odstate * 832 alloc_clnt_odstate(struct nfs4_client *clp) 833 { 834 struct nfs4_clnt_odstate *co; 835 836 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 837 if (co) { 838 co->co_client = clp; 839 refcount_set(&co->co_odcount, 1); 840 } 841 return co; 842 } 843 844 static void 845 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 846 { 847 struct nfs4_file *fp = co->co_file; 848 849 lockdep_assert_held(&fp->fi_lock); 850 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 851 } 852 853 static inline void 854 get_clnt_odstate(struct nfs4_clnt_odstate *co) 855 { 856 if (co) 857 refcount_inc(&co->co_odcount); 858 } 859 860 static void 861 put_clnt_odstate(struct nfs4_clnt_odstate *co) 862 { 863 struct nfs4_file *fp; 864 865 if (!co) 866 return; 867 868 fp = co->co_file; 869 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 870 list_del(&co->co_perfile); 871 spin_unlock(&fp->fi_lock); 872 873 nfsd4_return_all_file_layouts(co->co_client, fp); 874 kmem_cache_free(odstate_slab, co); 875 } 876 } 877 878 static struct nfs4_clnt_odstate * 879 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 880 { 881 struct nfs4_clnt_odstate *co; 882 struct nfs4_client *cl; 883 884 if (!new) 885 return NULL; 886 887 cl = new->co_client; 888 889 spin_lock(&fp->fi_lock); 890 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 891 if (co->co_client == cl) { 892 get_clnt_odstate(co); 893 goto out; 894 } 895 } 896 co = new; 897 co->co_file = fp; 898 hash_clnt_odstate_locked(new); 899 out: 900 spin_unlock(&fp->fi_lock); 901 return co; 902 } 903 904 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 905 void (*sc_free)(struct nfs4_stid *)) 906 { 907 struct nfs4_stid *stid; 908 int new_id; 909 910 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 911 if (!stid) 912 return NULL; 913 914 idr_preload(GFP_KERNEL); 915 spin_lock(&cl->cl_lock); 916 /* Reserving 0 for start of file in nfsdfs "states" file: */ 917 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 1, 0, GFP_NOWAIT); 918 spin_unlock(&cl->cl_lock); 919 idr_preload_end(); 920 if (new_id < 0) 921 goto out_free; 922 923 stid->sc_free = sc_free; 924 stid->sc_client = cl; 925 stid->sc_stateid.si_opaque.so_id = new_id; 926 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 927 /* Will be incremented before return to client: */ 928 refcount_set(&stid->sc_count, 1); 929 spin_lock_init(&stid->sc_lock); 930 INIT_LIST_HEAD(&stid->sc_cp_list); 931 932 return stid; 933 out_free: 934 kmem_cache_free(slab, stid); 935 return NULL; 936 } 937 938 /* 939 * Create a unique stateid_t to represent each COPY. 940 */ 941 static int nfs4_init_cp_state(struct nfsd_net *nn, copy_stateid_t *stid, 942 unsigned char cs_type) 943 { 944 int new_id; 945 946 stid->cs_stid.si_opaque.so_clid.cl_boot = (u32)nn->boot_time; 947 stid->cs_stid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id; 948 949 idr_preload(GFP_KERNEL); 950 spin_lock(&nn->s2s_cp_lock); 951 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, stid, 0, 0, GFP_NOWAIT); 952 stid->cs_stid.si_opaque.so_id = new_id; 953 stid->cs_stid.si_generation = 1; 954 spin_unlock(&nn->s2s_cp_lock); 955 idr_preload_end(); 956 if (new_id < 0) 957 return 0; 958 stid->cs_type = cs_type; 959 return 1; 960 } 961 962 int nfs4_init_copy_state(struct nfsd_net *nn, struct nfsd4_copy *copy) 963 { 964 return nfs4_init_cp_state(nn, ©->cp_stateid, NFS4_COPY_STID); 965 } 966 967 struct nfs4_cpntf_state *nfs4_alloc_init_cpntf_state(struct nfsd_net *nn, 968 struct nfs4_stid *p_stid) 969 { 970 struct nfs4_cpntf_state *cps; 971 972 cps = kzalloc_obj(struct nfs4_cpntf_state); 973 if (!cps) 974 return NULL; 975 cps->cpntf_time = ktime_get_boottime_seconds(); 976 refcount_set(&cps->cp_stateid.cs_count, 1); 977 if (!nfs4_init_cp_state(nn, &cps->cp_stateid, NFS4_COPYNOTIFY_STID)) 978 goto out_free; 979 spin_lock(&nn->s2s_cp_lock); 980 list_add(&cps->cp_list, &p_stid->sc_cp_list); 981 spin_unlock(&nn->s2s_cp_lock); 982 return cps; 983 out_free: 984 kfree(cps); 985 return NULL; 986 } 987 988 void nfs4_free_copy_state(struct nfsd4_copy *copy) 989 { 990 struct nfsd_net *nn; 991 992 if (copy->cp_stateid.cs_type != NFS4_COPY_STID) 993 return; 994 nn = net_generic(copy->cp_clp->net, nfsd_net_id); 995 spin_lock(&nn->s2s_cp_lock); 996 idr_remove(&nn->s2s_cp_stateids, 997 copy->cp_stateid.cs_stid.si_opaque.so_id); 998 spin_unlock(&nn->s2s_cp_lock); 999 } 1000 1001 static void nfs4_free_cpntf_statelist(struct net *net, struct nfs4_stid *stid) 1002 { 1003 struct nfs4_cpntf_state *cps; 1004 struct nfsd_net *nn; 1005 1006 nn = net_generic(net, nfsd_net_id); 1007 spin_lock(&nn->s2s_cp_lock); 1008 while (!list_empty(&stid->sc_cp_list)) { 1009 cps = list_first_entry(&stid->sc_cp_list, 1010 struct nfs4_cpntf_state, cp_list); 1011 _free_cpntf_state_locked(nn, cps); 1012 } 1013 spin_unlock(&nn->s2s_cp_lock); 1014 } 1015 1016 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 1017 { 1018 struct nfs4_stid *stid; 1019 1020 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 1021 if (!stid) 1022 return NULL; 1023 1024 return openlockstateid(stid); 1025 } 1026 1027 /* 1028 * As the sc_free callback of deleg, this may be called by nfs4_put_stid 1029 * in nfsd_break_one_deleg. 1030 * Considering nfsd_break_one_deleg is called with the flc->flc_lock held, 1031 * this function mustn't ever sleep. 1032 */ 1033 static void nfs4_free_deleg(struct nfs4_stid *stid) 1034 { 1035 struct nfs4_delegation *dp = delegstateid(stid); 1036 1037 WARN_ON_ONCE(!list_empty(&stid->sc_cp_list)); 1038 WARN_ON_ONCE(!list_empty(&dp->dl_perfile)); 1039 WARN_ON_ONCE(!list_empty(&dp->dl_perclnt)); 1040 WARN_ON_ONCE(!list_empty(&dp->dl_recall_lru)); 1041 kmem_cache_free(deleg_slab, stid); 1042 atomic_long_dec(&num_delegations); 1043 } 1044 1045 /* 1046 * When we recall a delegation, we should be careful not to hand it 1047 * out again straight away. 1048 * To ensure this we keep a pair of bloom filters ('new' and 'old') 1049 * in which the filehandles of recalled delegations are "stored". 1050 * If a filehandle appear in either filter, a delegation is blocked. 1051 * When a delegation is recalled, the filehandle is stored in the "new" 1052 * filter. 1053 * Every 30 seconds we swap the filters and clear the "new" one, 1054 * unless both are empty of course. This results in delegations for a 1055 * given filehandle being blocked for between 30 and 60 seconds. 1056 * 1057 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 1058 * low 3 bytes as hash-table indices. 1059 * 1060 * 'blocked_delegations_lock', which is always taken in block_delegations(), 1061 * is used to manage concurrent access. Testing does not need the lock 1062 * except when swapping the two filters. 1063 */ 1064 static DEFINE_SPINLOCK(blocked_delegations_lock); 1065 static struct bloom_pair { 1066 int entries, old_entries; 1067 time64_t swap_time; 1068 int new; /* index into 'set' */ 1069 DECLARE_BITMAP(set[2], 256); 1070 } blocked_delegations; 1071 1072 static int delegation_blocked(struct knfsd_fh *fh) 1073 { 1074 u32 hash; 1075 struct bloom_pair *bd = &blocked_delegations; 1076 1077 if (bd->entries == 0) 1078 return 0; 1079 if (ktime_get_seconds() - bd->swap_time > 30) { 1080 spin_lock(&blocked_delegations_lock); 1081 if (ktime_get_seconds() - bd->swap_time > 30) { 1082 bd->entries -= bd->old_entries; 1083 bd->old_entries = bd->entries; 1084 bd->new = 1-bd->new; 1085 memset(bd->set[bd->new], 0, 1086 sizeof(bd->set[0])); 1087 bd->swap_time = ktime_get_seconds(); 1088 } 1089 spin_unlock(&blocked_delegations_lock); 1090 } 1091 hash = jhash(&fh->fh_raw, fh->fh_size, 0); 1092 if (test_bit(hash&255, bd->set[0]) && 1093 test_bit((hash>>8)&255, bd->set[0]) && 1094 test_bit((hash>>16)&255, bd->set[0])) 1095 return 1; 1096 1097 if (test_bit(hash&255, bd->set[1]) && 1098 test_bit((hash>>8)&255, bd->set[1]) && 1099 test_bit((hash>>16)&255, bd->set[1])) 1100 return 1; 1101 1102 return 0; 1103 } 1104 1105 static void block_delegations(struct knfsd_fh *fh) 1106 { 1107 u32 hash; 1108 struct bloom_pair *bd = &blocked_delegations; 1109 1110 hash = jhash(&fh->fh_raw, fh->fh_size, 0); 1111 1112 spin_lock(&blocked_delegations_lock); 1113 __set_bit(hash&255, bd->set[bd->new]); 1114 __set_bit((hash>>8)&255, bd->set[bd->new]); 1115 __set_bit((hash>>16)&255, bd->set[bd->new]); 1116 if (bd->entries == 0) 1117 bd->swap_time = ktime_get_seconds(); 1118 bd->entries += 1; 1119 spin_unlock(&blocked_delegations_lock); 1120 } 1121 1122 static struct nfs4_delegation * 1123 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 1124 struct nfs4_clnt_odstate *odstate, u32 dl_type) 1125 { 1126 struct nfs4_delegation *dp; 1127 struct nfs4_stid *stid; 1128 long n; 1129 1130 dprintk("NFSD alloc_init_deleg\n"); 1131 n = atomic_long_inc_return(&num_delegations); 1132 if (n < 0 || n > max_delegations) 1133 goto out_dec; 1134 if (delegation_blocked(&fp->fi_fhandle)) 1135 goto out_dec; 1136 stid = nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg); 1137 if (stid == NULL) 1138 goto out_dec; 1139 dp = delegstateid(stid); 1140 1141 /* 1142 * delegation seqid's are never incremented. The 4.1 special 1143 * meaning of seqid 0 isn't meaningful, really, but let's avoid 1144 * 0 anyway just for consistency and use 1: 1145 */ 1146 dp->dl_stid.sc_stateid.si_generation = 1; 1147 INIT_LIST_HEAD(&dp->dl_perfile); 1148 INIT_LIST_HEAD(&dp->dl_perclnt); 1149 INIT_LIST_HEAD(&dp->dl_recall_lru); 1150 dp->dl_clnt_odstate = odstate; 1151 get_clnt_odstate(odstate); 1152 dp->dl_type = dl_type; 1153 dp->dl_retries = 1; 1154 dp->dl_recalled = false; 1155 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 1156 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 1157 nfsd4_init_cb(&dp->dl_cb_fattr.ncf_getattr, dp->dl_stid.sc_client, 1158 &nfsd4_cb_getattr_ops, NFSPROC4_CLNT_CB_GETATTR); 1159 dp->dl_cb_fattr.ncf_file_modified = false; 1160 get_nfs4_file(fp); 1161 dp->dl_stid.sc_file = fp; 1162 return dp; 1163 out_dec: 1164 atomic_long_dec(&num_delegations); 1165 return NULL; 1166 } 1167 1168 void 1169 nfs4_put_stid(struct nfs4_stid *s) 1170 { 1171 struct nfs4_file *fp = s->sc_file; 1172 struct nfs4_client *clp = s->sc_client; 1173 1174 might_lock(&clp->cl_lock); 1175 1176 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 1177 wake_up_all(&close_wq); 1178 return; 1179 } 1180 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1181 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) 1182 atomic_dec(&s->sc_client->cl_admin_revoked); 1183 nfs4_free_cpntf_statelist(clp->net, s); 1184 spin_unlock(&clp->cl_lock); 1185 s->sc_free(s); 1186 if (fp) 1187 put_nfs4_file(fp); 1188 } 1189 1190 void 1191 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 1192 { 1193 stateid_t *src = &stid->sc_stateid; 1194 1195 spin_lock(&stid->sc_lock); 1196 if (unlikely(++src->si_generation == 0)) 1197 src->si_generation = 1; 1198 memcpy(dst, src, sizeof(*dst)); 1199 spin_unlock(&stid->sc_lock); 1200 } 1201 1202 static void put_deleg_file(struct nfs4_file *fp) 1203 { 1204 struct nfsd_file *rnf = NULL; 1205 struct nfsd_file *nf = NULL; 1206 1207 spin_lock(&fp->fi_lock); 1208 if (--fp->fi_delegees == 0) { 1209 swap(nf, fp->fi_deleg_file); 1210 swap(rnf, fp->fi_rdeleg_file); 1211 } 1212 spin_unlock(&fp->fi_lock); 1213 1214 if (nf) 1215 nfsd_file_put(nf); 1216 if (rnf) { 1217 nfsd_file_put(rnf); 1218 nfs4_file_put_access(fp, NFS4_SHARE_ACCESS_READ); 1219 } 1220 } 1221 1222 static void nfsd4_finalize_deleg_timestamps(struct nfs4_delegation *dp, struct file *f) 1223 { 1224 struct iattr ia = { .ia_valid = ATTR_ATIME | ATTR_CTIME | ATTR_MTIME | ATTR_DELEG }; 1225 struct inode *inode = file_inode(f); 1226 int ret; 1227 1228 /* don't do anything if FMODE_NOCMTIME isn't set */ 1229 if ((READ_ONCE(f->f_mode) & FMODE_NOCMTIME) == 0) 1230 return; 1231 1232 spin_lock(&f->f_lock); 1233 f->f_mode &= ~FMODE_NOCMTIME; 1234 spin_unlock(&f->f_lock); 1235 1236 /* was it never written? */ 1237 if (!dp->dl_written) 1238 return; 1239 1240 /* did it get a setattr for the timestamps at some point? */ 1241 if (dp->dl_setattr) 1242 return; 1243 1244 /* Stamp everything to "now" */ 1245 inode_lock(inode); 1246 ret = notify_change(&nop_mnt_idmap, f->f_path.dentry, &ia, NULL); 1247 inode_unlock(inode); 1248 if (ret) { 1249 struct inode *inode = file_inode(f); 1250 1251 pr_notice_ratelimited("nfsd: Unable to update timestamps on inode %02x:%02x:%llu: %d\n", 1252 MAJOR(inode->i_sb->s_dev), 1253 MINOR(inode->i_sb->s_dev), 1254 inode->i_ino, ret); 1255 } 1256 } 1257 1258 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 1259 { 1260 struct nfs4_file *fp = dp->dl_stid.sc_file; 1261 struct nfsd_file *nf = fp->fi_deleg_file; 1262 1263 WARN_ON_ONCE(!fp->fi_delegees); 1264 1265 nfsd4_finalize_deleg_timestamps(dp, nf->nf_file); 1266 kernel_setlease(nf->nf_file, F_UNLCK, NULL, (void **)&dp); 1267 put_deleg_file(fp); 1268 } 1269 1270 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 1271 { 1272 put_clnt_odstate(dp->dl_clnt_odstate); 1273 nfs4_unlock_deleg_lease(dp); 1274 nfs4_put_stid(&dp->dl_stid); 1275 } 1276 1277 /** 1278 * nfs4_delegation_exists - Discover if this delegation already exists 1279 * @clp: a pointer to the nfs4_client we're granting a delegation to 1280 * @fp: a pointer to the nfs4_file we're granting a delegation on 1281 * 1282 * Return: 1283 * On success: true iff an existing delegation is found 1284 */ 1285 1286 static bool 1287 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 1288 { 1289 struct nfs4_delegation *searchdp = NULL; 1290 struct nfs4_client *searchclp = NULL; 1291 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1292 1293 lockdep_assert_held(&nn->deleg_lock); 1294 lockdep_assert_held(&fp->fi_lock); 1295 1296 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 1297 searchclp = searchdp->dl_stid.sc_client; 1298 if (clp == searchclp) { 1299 return true; 1300 } 1301 } 1302 return false; 1303 } 1304 1305 /** 1306 * hash_delegation_locked - Add a delegation to the appropriate lists 1307 * @dp: a pointer to the nfs4_delegation we are adding. 1308 * @fp: a pointer to the nfs4_file we're granting a delegation on 1309 * 1310 * Return: 1311 * On success: NULL if the delegation was successfully hashed. 1312 * 1313 * On error: -EAGAIN if one was previously granted to this 1314 * nfs4_client for this nfs4_file. Delegation is not hashed. 1315 * 1316 */ 1317 1318 static int 1319 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 1320 { 1321 struct nfs4_client *clp = dp->dl_stid.sc_client; 1322 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1323 1324 lockdep_assert_held(&nn->deleg_lock); 1325 lockdep_assert_held(&fp->fi_lock); 1326 lockdep_assert_held(&clp->cl_lock); 1327 1328 if (nfs4_delegation_exists(clp, fp)) 1329 return -EAGAIN; 1330 refcount_inc(&dp->dl_stid.sc_count); 1331 dp->dl_stid.sc_type = SC_TYPE_DELEG; 1332 list_add(&dp->dl_perfile, &fp->fi_delegations); 1333 list_add(&dp->dl_perclnt, &clp->cl_delegations); 1334 return 0; 1335 } 1336 1337 static bool delegation_hashed(struct nfs4_delegation *dp) 1338 { 1339 return !(list_empty(&dp->dl_perfile)); 1340 } 1341 1342 static bool 1343 unhash_delegation_locked(struct nfs4_delegation *dp, unsigned short statusmask) 1344 { 1345 struct nfs4_file *fp = dp->dl_stid.sc_file; 1346 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 1347 nfsd_net_id); 1348 1349 lockdep_assert_held(&nn->deleg_lock); 1350 1351 if (!delegation_hashed(dp)) 1352 return false; 1353 1354 if (statusmask == SC_STATUS_REVOKED && 1355 dp->dl_stid.sc_client->cl_minorversion == 0) 1356 statusmask = SC_STATUS_CLOSED; 1357 dp->dl_stid.sc_status |= statusmask; 1358 if (statusmask & SC_STATUS_ADMIN_REVOKED) 1359 atomic_inc(&dp->dl_stid.sc_client->cl_admin_revoked); 1360 1361 /* Ensure that deleg break won't try to requeue it */ 1362 ++dp->dl_time; 1363 spin_lock(&fp->fi_lock); 1364 list_del_init(&dp->dl_perclnt); 1365 list_del_init(&dp->dl_recall_lru); 1366 list_del_init(&dp->dl_perfile); 1367 spin_unlock(&fp->fi_lock); 1368 return true; 1369 } 1370 1371 static void destroy_delegation(struct nfs4_delegation *dp) 1372 { 1373 bool unhashed; 1374 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 1375 nfsd_net_id); 1376 1377 spin_lock(&nn->deleg_lock); 1378 unhashed = unhash_delegation_locked(dp, SC_STATUS_CLOSED); 1379 spin_unlock(&nn->deleg_lock); 1380 if (unhashed) 1381 destroy_unhashed_deleg(dp); 1382 } 1383 1384 /** 1385 * revoke_delegation - perform nfs4 delegation structure cleanup 1386 * @dp: pointer to the delegation 1387 * 1388 * This function assumes that it's called either from the administrative 1389 * interface (nfsd4_revoke_states()) that's revoking a specific delegation 1390 * stateid or it's called from a laundromat thread (nfsd4_landromat()) that 1391 * determined that this specific state has expired and needs to be revoked 1392 * (both mark state with the appropriate stid sc_status mode). It is also 1393 * assumed that a reference was taken on the @dp state. 1394 * 1395 * If this function finds that the @dp state is SC_STATUS_FREED it means 1396 * that a FREE_STATEID operation for this stateid has been processed and 1397 * we can proceed to removing it from recalled list. However, if @dp state 1398 * isn't marked SC_STATUS_FREED, it means we need place it on the cl_revoked 1399 * list and wait for the FREE_STATEID to arrive from the client. At the same 1400 * time, we need to mark it as SC_STATUS_FREEABLE to indicate to the 1401 * nfsd4_free_stateid() function that this stateid has already been added 1402 * to the cl_revoked list and that nfsd4_free_stateid() is now responsible 1403 * for removing it from the list. Inspection of where the delegation state 1404 * in the revocation process is protected by the clp->cl_lock. 1405 */ 1406 static void revoke_delegation(struct nfs4_delegation *dp) 1407 { 1408 struct nfs4_client *clp = dp->dl_stid.sc_client; 1409 1410 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1411 WARN_ON_ONCE(dp->dl_stid.sc_client->cl_minorversion > 0 && 1412 !(dp->dl_stid.sc_status & 1413 (SC_STATUS_REVOKED | SC_STATUS_ADMIN_REVOKED))); 1414 1415 trace_nfsd_stid_revoke(&dp->dl_stid); 1416 1417 spin_lock(&clp->cl_lock); 1418 if (dp->dl_stid.sc_status & SC_STATUS_FREED) { 1419 list_del_init(&dp->dl_recall_lru); 1420 goto out; 1421 } 1422 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1423 dp->dl_stid.sc_status |= SC_STATUS_FREEABLE; 1424 out: 1425 spin_unlock(&clp->cl_lock); 1426 destroy_unhashed_deleg(dp); 1427 } 1428 1429 /* 1430 * SETCLIENTID state 1431 */ 1432 1433 static unsigned int clientid_hashval(u32 id) 1434 { 1435 return id & CLIENT_HASH_MASK; 1436 } 1437 1438 static unsigned int clientstr_hashval(struct xdr_netobj name) 1439 { 1440 return opaque_hashval(name.data, 8) & CLIENT_HASH_MASK; 1441 } 1442 1443 /* 1444 * A stateid that had a deny mode associated with it is being released 1445 * or downgraded. Recalculate the deny mode on the file. 1446 */ 1447 static void 1448 recalculate_deny_mode(struct nfs4_file *fp) 1449 { 1450 struct nfs4_ol_stateid *stp; 1451 u32 old_deny; 1452 1453 spin_lock(&fp->fi_lock); 1454 old_deny = fp->fi_share_deny; 1455 fp->fi_share_deny = 0; 1456 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) { 1457 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1458 if (fp->fi_share_deny == old_deny) 1459 break; 1460 } 1461 spin_unlock(&fp->fi_lock); 1462 } 1463 1464 static void 1465 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1466 { 1467 int i; 1468 bool change = false; 1469 1470 for (i = 1; i < 4; i++) { 1471 if ((i & deny) != i) { 1472 change = true; 1473 clear_deny(i, stp); 1474 } 1475 } 1476 1477 /* Recalculate per-file deny mode if there was a change */ 1478 if (change) 1479 recalculate_deny_mode(stp->st_stid.sc_file); 1480 } 1481 1482 /* release all access and file references for a given stateid */ 1483 static void 1484 release_all_access(struct nfs4_ol_stateid *stp) 1485 { 1486 int i; 1487 struct nfs4_file *fp = stp->st_stid.sc_file; 1488 1489 if (fp && stp->st_deny_bmap != 0) 1490 recalculate_deny_mode(fp); 1491 1492 for (i = 1; i < 4; i++) { 1493 if (test_access(i, stp)) 1494 nfs4_file_put_access(stp->st_stid.sc_file, i); 1495 clear_access(i, stp); 1496 } 1497 } 1498 1499 /** 1500 * nfs4_replay_free_cache - release dynamically allocated replay buffer 1501 * @rp: replay cache to reset 1502 * 1503 * If @rp->rp_buf points to a kmalloc'd buffer, free it and reset 1504 * rp_buf to the inline rp_ibuf. Always zeroes rp_buflen. 1505 */ 1506 void nfs4_replay_free_cache(struct nfs4_replay *rp) 1507 { 1508 if (rp->rp_buf != rp->rp_ibuf) 1509 kfree(rp->rp_buf); 1510 rp->rp_buf = rp->rp_ibuf; 1511 rp->rp_buflen = 0; 1512 } 1513 1514 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1515 { 1516 nfs4_replay_free_cache(&sop->so_replay); 1517 kfree(sop->so_owner.data); 1518 sop->so_ops->so_free(sop); 1519 } 1520 1521 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1522 { 1523 struct nfs4_client *clp = sop->so_client; 1524 1525 might_lock(&clp->cl_lock); 1526 1527 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1528 return; 1529 sop->so_ops->so_unhash(sop); 1530 spin_unlock(&clp->cl_lock); 1531 nfs4_free_stateowner(sop); 1532 } 1533 1534 static bool 1535 nfs4_ol_stateid_unhashed(const struct nfs4_ol_stateid *stp) 1536 { 1537 return list_empty(&stp->st_perfile); 1538 } 1539 1540 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1541 { 1542 struct nfs4_file *fp = stp->st_stid.sc_file; 1543 1544 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1545 1546 if (list_empty(&stp->st_perfile)) 1547 return false; 1548 1549 spin_lock(&fp->fi_lock); 1550 list_del_init(&stp->st_perfile); 1551 spin_unlock(&fp->fi_lock); 1552 list_del(&stp->st_perstateowner); 1553 return true; 1554 } 1555 1556 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1557 { 1558 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1559 1560 put_clnt_odstate(stp->st_clnt_odstate); 1561 release_all_access(stp); 1562 if (stp->st_stateowner) 1563 nfs4_put_stateowner(stp->st_stateowner); 1564 if (!list_empty(&stid->sc_cp_list)) 1565 nfs4_free_cpntf_statelist(stid->sc_client->net, stid); 1566 kmem_cache_free(stateid_slab, stid); 1567 } 1568 1569 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1570 { 1571 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1572 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1573 struct nfsd_file *nf; 1574 1575 nf = find_any_file(stp->st_stid.sc_file); 1576 if (nf) { 1577 get_file(nf->nf_file); 1578 filp_close(nf->nf_file, (fl_owner_t)lo); 1579 nfsd_file_put(nf); 1580 } 1581 nfs4_free_ol_stateid(stid); 1582 } 1583 1584 /* 1585 * Put the persistent reference to an already unhashed generic stateid, while 1586 * holding the cl_lock. If it's the last reference, then put it onto the 1587 * reaplist for later destruction. 1588 */ 1589 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1590 struct list_head *reaplist) 1591 { 1592 struct nfs4_stid *s = &stp->st_stid; 1593 struct nfs4_client *clp = s->sc_client; 1594 1595 lockdep_assert_held(&clp->cl_lock); 1596 1597 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1598 1599 if (!refcount_dec_and_test(&s->sc_count)) { 1600 wake_up_all(&close_wq); 1601 return; 1602 } 1603 1604 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1605 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) 1606 atomic_dec(&s->sc_client->cl_admin_revoked); 1607 list_add(&stp->st_locks, reaplist); 1608 } 1609 1610 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1611 { 1612 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1613 1614 if (!unhash_ol_stateid(stp)) 1615 return false; 1616 list_del_init(&stp->st_locks); 1617 stp->st_stid.sc_status |= SC_STATUS_CLOSED; 1618 return true; 1619 } 1620 1621 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1622 { 1623 struct nfs4_client *clp = stp->st_stid.sc_client; 1624 bool unhashed; 1625 1626 spin_lock(&clp->cl_lock); 1627 unhashed = unhash_lock_stateid(stp); 1628 spin_unlock(&clp->cl_lock); 1629 if (unhashed) 1630 nfs4_put_stid(&stp->st_stid); 1631 } 1632 1633 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1634 { 1635 struct nfs4_client *clp = lo->lo_owner.so_client; 1636 1637 lockdep_assert_held(&clp->cl_lock); 1638 1639 list_del_init(&lo->lo_owner.so_strhash); 1640 } 1641 1642 /* 1643 * Free a list of generic stateids that were collected earlier after being 1644 * fully unhashed. 1645 */ 1646 static void 1647 free_ol_stateid_reaplist(struct list_head *reaplist) 1648 { 1649 struct nfs4_ol_stateid *stp; 1650 struct nfs4_file *fp; 1651 1652 might_sleep(); 1653 1654 while (!list_empty(reaplist)) { 1655 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1656 st_locks); 1657 list_del(&stp->st_locks); 1658 fp = stp->st_stid.sc_file; 1659 stp->st_stid.sc_free(&stp->st_stid); 1660 if (fp) 1661 put_nfs4_file(fp); 1662 } 1663 } 1664 1665 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1666 struct list_head *reaplist) 1667 { 1668 struct nfs4_ol_stateid *stp; 1669 1670 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1671 1672 while (!list_empty(&open_stp->st_locks)) { 1673 stp = list_entry(open_stp->st_locks.next, 1674 struct nfs4_ol_stateid, st_locks); 1675 unhash_lock_stateid(stp); 1676 put_ol_stateid_locked(stp, reaplist); 1677 } 1678 } 1679 1680 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1681 struct list_head *reaplist) 1682 { 1683 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1684 1685 if (!unhash_ol_stateid(stp)) 1686 return false; 1687 release_open_stateid_locks(stp, reaplist); 1688 return true; 1689 } 1690 1691 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1692 { 1693 LIST_HEAD(reaplist); 1694 1695 spin_lock(&stp->st_stid.sc_client->cl_lock); 1696 stp->st_stid.sc_status |= SC_STATUS_CLOSED; 1697 if (unhash_open_stateid(stp, &reaplist)) 1698 put_ol_stateid_locked(stp, &reaplist); 1699 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1700 free_ol_stateid_reaplist(&reaplist); 1701 } 1702 1703 static bool nfs4_openowner_unhashed(struct nfs4_openowner *oo) 1704 { 1705 lockdep_assert_held(&oo->oo_owner.so_client->cl_lock); 1706 1707 return list_empty(&oo->oo_owner.so_strhash) && 1708 list_empty(&oo->oo_perclient); 1709 } 1710 1711 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1712 { 1713 struct nfs4_client *clp = oo->oo_owner.so_client; 1714 1715 lockdep_assert_held(&clp->cl_lock); 1716 1717 list_del_init(&oo->oo_owner.so_strhash); 1718 list_del_init(&oo->oo_perclient); 1719 } 1720 1721 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1722 { 1723 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1724 nfsd_net_id); 1725 struct nfs4_ol_stateid *s; 1726 1727 spin_lock(&nn->client_lock); 1728 s = oo->oo_last_closed_stid; 1729 if (s) { 1730 list_del_init(&oo->oo_close_lru); 1731 oo->oo_last_closed_stid = NULL; 1732 } 1733 spin_unlock(&nn->client_lock); 1734 if (s) 1735 nfs4_put_stid(&s->st_stid); 1736 } 1737 1738 static void release_openowner(struct nfs4_openowner *oo) 1739 { 1740 struct nfs4_ol_stateid *stp; 1741 struct nfs4_client *clp = oo->oo_owner.so_client; 1742 LIST_HEAD(reaplist); 1743 1744 spin_lock(&clp->cl_lock); 1745 unhash_openowner_locked(oo); 1746 while (!list_empty(&oo->oo_owner.so_stateids)) { 1747 stp = list_first_entry(&oo->oo_owner.so_stateids, 1748 struct nfs4_ol_stateid, st_perstateowner); 1749 if (unhash_open_stateid(stp, &reaplist)) 1750 put_ol_stateid_locked(stp, &reaplist); 1751 } 1752 spin_unlock(&clp->cl_lock); 1753 free_ol_stateid_reaplist(&reaplist); 1754 release_last_closed_stateid(oo); 1755 nfs4_put_stateowner(&oo->oo_owner); 1756 } 1757 1758 static struct nfs4_stid *find_one_sb_stid(struct nfs4_client *clp, 1759 struct super_block *sb, 1760 unsigned int sc_types) 1761 { 1762 unsigned long id, tmp; 1763 struct nfs4_stid *stid; 1764 1765 spin_lock(&clp->cl_lock); 1766 idr_for_each_entry_ul(&clp->cl_stateids, stid, tmp, id) 1767 if ((stid->sc_type & sc_types) && 1768 stid->sc_status == 0 && 1769 stid->sc_file->fi_inode->i_sb == sb) { 1770 refcount_inc(&stid->sc_count); 1771 break; 1772 } 1773 spin_unlock(&clp->cl_lock); 1774 return stid; 1775 } 1776 1777 /** 1778 * nfsd4_revoke_states - revoke all nfsv4 states associated with given filesystem 1779 * @nn: used to identify instance of nfsd (there is one per net namespace) 1780 * @sb: super_block used to identify target filesystem 1781 * 1782 * All nfs4 states (open, lock, delegation, layout) held by the server instance 1783 * and associated with a file on the given filesystem will be revoked resulting 1784 * in any files being closed and so all references from nfsd to the filesystem 1785 * being released. Thus nfsd will no longer prevent the filesystem from being 1786 * unmounted. 1787 * 1788 * The clients which own the states will subsequently being notified that the 1789 * states have been "admin-revoked". 1790 */ 1791 void nfsd4_revoke_states(struct nfsd_net *nn, struct super_block *sb) 1792 { 1793 unsigned int idhashval; 1794 unsigned int sc_types; 1795 1796 sc_types = SC_TYPE_OPEN | SC_TYPE_LOCK | SC_TYPE_DELEG | SC_TYPE_LAYOUT; 1797 1798 spin_lock(&nn->client_lock); 1799 for (idhashval = 0; idhashval < CLIENT_HASH_SIZE; idhashval++) { 1800 struct list_head *head = &nn->conf_id_hashtbl[idhashval]; 1801 struct nfs4_client *clp; 1802 retry: 1803 list_for_each_entry(clp, head, cl_idhash) { 1804 struct nfs4_stid *stid = find_one_sb_stid(clp, sb, 1805 sc_types); 1806 if (stid) { 1807 struct nfs4_ol_stateid *stp; 1808 struct nfs4_delegation *dp; 1809 struct nfs4_layout_stateid *ls; 1810 1811 spin_unlock(&nn->client_lock); 1812 switch (stid->sc_type) { 1813 case SC_TYPE_OPEN: 1814 stp = openlockstateid(stid); 1815 mutex_lock_nested(&stp->st_mutex, 1816 OPEN_STATEID_MUTEX); 1817 1818 spin_lock(&clp->cl_lock); 1819 if (stid->sc_status == 0) { 1820 stid->sc_status |= 1821 SC_STATUS_ADMIN_REVOKED; 1822 atomic_inc(&clp->cl_admin_revoked); 1823 spin_unlock(&clp->cl_lock); 1824 release_all_access(stp); 1825 } else 1826 spin_unlock(&clp->cl_lock); 1827 mutex_unlock(&stp->st_mutex); 1828 break; 1829 case SC_TYPE_LOCK: 1830 stp = openlockstateid(stid); 1831 mutex_lock_nested(&stp->st_mutex, 1832 LOCK_STATEID_MUTEX); 1833 spin_lock(&clp->cl_lock); 1834 if (stid->sc_status == 0) { 1835 struct nfs4_lockowner *lo = 1836 lockowner(stp->st_stateowner); 1837 struct nfsd_file *nf; 1838 1839 stid->sc_status |= 1840 SC_STATUS_ADMIN_REVOKED; 1841 atomic_inc(&clp->cl_admin_revoked); 1842 spin_unlock(&clp->cl_lock); 1843 nf = find_any_file(stp->st_stid.sc_file); 1844 if (nf) { 1845 get_file(nf->nf_file); 1846 filp_close(nf->nf_file, 1847 (fl_owner_t)lo); 1848 nfsd_file_put(nf); 1849 } 1850 release_all_access(stp); 1851 } else 1852 spin_unlock(&clp->cl_lock); 1853 mutex_unlock(&stp->st_mutex); 1854 break; 1855 case SC_TYPE_DELEG: 1856 refcount_inc(&stid->sc_count); 1857 dp = delegstateid(stid); 1858 spin_lock(&nn->deleg_lock); 1859 if (!unhash_delegation_locked( 1860 dp, SC_STATUS_ADMIN_REVOKED)) 1861 dp = NULL; 1862 spin_unlock(&nn->deleg_lock); 1863 if (dp) 1864 revoke_delegation(dp); 1865 break; 1866 case SC_TYPE_LAYOUT: 1867 ls = layoutstateid(stid); 1868 nfsd4_close_layout(ls); 1869 break; 1870 } 1871 nfs4_put_stid(stid); 1872 spin_lock(&nn->client_lock); 1873 if (clp->cl_minorversion == 0) 1874 /* Allow cleanup after a lease period. 1875 * store_release ensures cleanup will 1876 * see any newly revoked states if it 1877 * sees the time updated. 1878 */ 1879 nn->nfs40_last_revoke = 1880 ktime_get_boottime_seconds(); 1881 goto retry; 1882 } 1883 } 1884 } 1885 spin_unlock(&nn->client_lock); 1886 } 1887 1888 static inline int 1889 hash_sessionid(struct nfs4_sessionid *sessionid) 1890 { 1891 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1892 1893 return sid->sequence % SESSION_HASH_SIZE; 1894 } 1895 1896 #ifdef CONFIG_SUNRPC_DEBUG 1897 static inline void 1898 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1899 { 1900 u32 *ptr = (u32 *)(&sessionid->data[0]); 1901 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1902 } 1903 #else 1904 static inline void 1905 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1906 { 1907 } 1908 #endif 1909 1910 /* 1911 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1912 * won't be used for replay. 1913 */ 1914 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1915 { 1916 struct nfs4_stateowner *so = cstate->replay_owner; 1917 1918 if (nfserr == nfserr_replay_me) 1919 return; 1920 1921 if (!seqid_mutating_err(ntohl(nfserr))) { 1922 nfsd4_cstate_clear_replay(cstate); 1923 return; 1924 } 1925 if (!so) 1926 return; 1927 if (so->so_is_open_owner) 1928 release_last_closed_stateid(openowner(so)); 1929 so->so_seqid++; 1930 return; 1931 } 1932 1933 static void 1934 gen_sessionid(struct nfsd4_session *ses) 1935 { 1936 struct nfs4_client *clp = ses->se_client; 1937 struct nfsd4_sessionid *sid; 1938 1939 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1940 sid->clientid = clp->cl_clientid; 1941 sid->sequence = current_sessionid++; 1942 sid->reserved = 0; 1943 } 1944 1945 /* 1946 * The protocol defines ca_maxresponssize_cached to include the size of 1947 * the rpc header, but all we need to cache is the data starting after 1948 * the end of the initial SEQUENCE operation--the rest we regenerate 1949 * each time. Therefore we can advertise a ca_maxresponssize_cached 1950 * value that is the number of bytes in our cache plus a few additional 1951 * bytes. In order to stay on the safe side, and not promise more than 1952 * we can cache, those additional bytes must be the minimum possible: 24 1953 * bytes of rpc header (xid through accept state, with AUTH_NULL 1954 * verifier), 12 for the compound header (with zero-length tag), and 44 1955 * for the SEQUENCE op response: 1956 */ 1957 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1958 1959 static struct shrinker *nfsd_slot_shrinker; 1960 static DEFINE_SPINLOCK(nfsd_session_list_lock); 1961 static LIST_HEAD(nfsd_session_list); 1962 /* The sum of "target_slots-1" on every session. The shrinker can push this 1963 * down, though it can take a little while for the memory to actually 1964 * be freed. The "-1" is because we can never free slot 0 while the 1965 * session is active. 1966 */ 1967 static atomic_t nfsd_total_target_slots = ATOMIC_INIT(0); 1968 1969 static void 1970 free_session_slots(struct nfsd4_session *ses, int from) 1971 { 1972 int i; 1973 1974 if (from >= ses->se_fchannel.maxreqs) 1975 return; 1976 1977 for (i = from; i < ses->se_fchannel.maxreqs; i++) { 1978 struct nfsd4_slot *slot = xa_load(&ses->se_slots, i); 1979 1980 /* 1981 * Save the seqid in case we reactivate this slot. 1982 * This will never require a memory allocation so GFP 1983 * flag is irrelevant 1984 */ 1985 xa_store(&ses->se_slots, i, xa_mk_value(slot->sl_seqid), 0); 1986 free_svc_cred(&slot->sl_cred); 1987 kfree(slot); 1988 } 1989 ses->se_fchannel.maxreqs = from; 1990 if (ses->se_target_maxslots > from) { 1991 int new_target = from ?: 1; 1992 atomic_sub(ses->se_target_maxslots - new_target, &nfsd_total_target_slots); 1993 ses->se_target_maxslots = new_target; 1994 } 1995 } 1996 1997 /** 1998 * reduce_session_slots - reduce the target max-slots of a session if possible 1999 * @ses: The session to affect 2000 * @dec: how much to decrease the target by 2001 * 2002 * This interface can be used by a shrinker to reduce the target max-slots 2003 * for a session so that some slots can eventually be freed. 2004 * It uses spin_trylock() as it may be called in a context where another 2005 * spinlock is held that has a dependency on client_lock. As shrinkers are 2006 * best-effort, skiping a session is client_lock is already held has no 2007 * great coast 2008 * 2009 * Return value: 2010 * The number of slots that the target was reduced by. 2011 */ 2012 static int 2013 reduce_session_slots(struct nfsd4_session *ses, int dec) 2014 { 2015 struct nfsd_net *nn = net_generic(ses->se_client->net, 2016 nfsd_net_id); 2017 int ret = 0; 2018 2019 if (ses->se_target_maxslots <= 1) 2020 return ret; 2021 if (!spin_trylock(&nn->client_lock)) 2022 return ret; 2023 ret = min(dec, ses->se_target_maxslots-1); 2024 ses->se_target_maxslots -= ret; 2025 atomic_sub(ret, &nfsd_total_target_slots); 2026 ses->se_slot_gen += 1; 2027 if (ses->se_slot_gen == 0) { 2028 int i; 2029 ses->se_slot_gen = 1; 2030 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 2031 struct nfsd4_slot *slot = xa_load(&ses->se_slots, i); 2032 slot->sl_generation = 0; 2033 } 2034 } 2035 spin_unlock(&nn->client_lock); 2036 return ret; 2037 } 2038 2039 static struct nfsd4_slot *nfsd4_alloc_slot(struct nfsd4_channel_attrs *fattrs, 2040 int index, gfp_t gfp) 2041 { 2042 struct nfsd4_slot *slot; 2043 size_t size; 2044 2045 /* 2046 * The RPC and NFS session headers are never saved in 2047 * the slot reply cache buffer. 2048 */ 2049 size = fattrs->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ ? 2050 0 : fattrs->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 2051 2052 slot = kzalloc_flex(*slot, sl_data, size, gfp); 2053 if (!slot) 2054 return NULL; 2055 slot->sl_index = index; 2056 return slot; 2057 } 2058 2059 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 2060 struct nfsd4_channel_attrs *battrs) 2061 { 2062 int numslots = fattrs->maxreqs; 2063 struct nfsd4_session *new; 2064 struct nfsd4_slot *slot; 2065 int i; 2066 2067 new = kzalloc_obj(*new); 2068 if (!new) 2069 return NULL; 2070 xa_init(&new->se_slots); 2071 2072 slot = nfsd4_alloc_slot(fattrs, 0, GFP_KERNEL); 2073 if (!slot || xa_is_err(xa_store(&new->se_slots, 0, slot, GFP_KERNEL))) 2074 goto out_free; 2075 2076 for (i = 1; i < numslots; i++) { 2077 const gfp_t gfp = GFP_KERNEL | __GFP_NORETRY | __GFP_NOWARN; 2078 slot = nfsd4_alloc_slot(fattrs, i, gfp); 2079 if (!slot) 2080 break; 2081 if (xa_is_err(xa_store(&new->se_slots, i, slot, gfp))) { 2082 kfree(slot); 2083 break; 2084 } 2085 } 2086 fattrs->maxreqs = i; 2087 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 2088 new->se_target_maxslots = i; 2089 atomic_add(i - 1, &nfsd_total_target_slots); 2090 new->se_cb_slot_avail = ~0U; 2091 new->se_cb_highest_slot = min(battrs->maxreqs - 1, 2092 NFSD_BC_SLOT_TABLE_SIZE - 1); 2093 spin_lock_init(&new->se_lock); 2094 return new; 2095 out_free: 2096 kfree(slot); 2097 xa_destroy(&new->se_slots); 2098 kfree(new); 2099 return NULL; 2100 } 2101 2102 static void free_conn(struct nfsd4_conn *c) 2103 { 2104 svc_xprt_put(c->cn_xprt); 2105 kfree(c); 2106 } 2107 2108 static void nfsd4_conn_lost(struct svc_xpt_user *u) 2109 { 2110 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 2111 struct nfs4_client *clp = c->cn_session->se_client; 2112 2113 trace_nfsd_cb_lost(clp); 2114 2115 spin_lock(&clp->cl_lock); 2116 if (!list_empty(&c->cn_persession)) { 2117 list_del(&c->cn_persession); 2118 free_conn(c); 2119 } 2120 nfsd4_probe_callback(clp); 2121 spin_unlock(&clp->cl_lock); 2122 } 2123 2124 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 2125 { 2126 struct nfsd4_conn *conn; 2127 2128 conn = kmalloc_obj(struct nfsd4_conn); 2129 if (!conn) 2130 return NULL; 2131 svc_xprt_get(rqstp->rq_xprt); 2132 conn->cn_xprt = rqstp->rq_xprt; 2133 conn->cn_flags = flags; 2134 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 2135 return conn; 2136 } 2137 2138 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 2139 { 2140 conn->cn_session = ses; 2141 list_add(&conn->cn_persession, &ses->se_conns); 2142 } 2143 2144 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 2145 { 2146 struct nfs4_client *clp = ses->se_client; 2147 2148 spin_lock(&clp->cl_lock); 2149 __nfsd4_hash_conn(conn, ses); 2150 spin_unlock(&clp->cl_lock); 2151 } 2152 2153 static int nfsd4_register_conn(struct nfsd4_conn *conn) 2154 { 2155 conn->cn_xpt_user.callback = nfsd4_conn_lost; 2156 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 2157 } 2158 2159 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 2160 { 2161 int ret; 2162 2163 nfsd4_hash_conn(conn, ses); 2164 ret = nfsd4_register_conn(conn); 2165 if (ret) 2166 /* oops; xprt is already down: */ 2167 nfsd4_conn_lost(&conn->cn_xpt_user); 2168 /* We may have gained or lost a callback channel: */ 2169 nfsd4_probe_callback_sync(ses->se_client); 2170 } 2171 2172 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 2173 { 2174 u32 dir = NFS4_CDFC4_FORE; 2175 2176 if (cses->flags & SESSION4_BACK_CHAN) 2177 dir |= NFS4_CDFC4_BACK; 2178 return alloc_conn(rqstp, dir); 2179 } 2180 2181 /* must be called under client_lock */ 2182 static void nfsd4_del_conns(struct nfsd4_session *s) 2183 { 2184 struct nfs4_client *clp = s->se_client; 2185 struct nfsd4_conn *c; 2186 2187 spin_lock(&clp->cl_lock); 2188 while (!list_empty(&s->se_conns)) { 2189 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 2190 list_del_init(&c->cn_persession); 2191 spin_unlock(&clp->cl_lock); 2192 2193 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 2194 free_conn(c); 2195 2196 spin_lock(&clp->cl_lock); 2197 } 2198 spin_unlock(&clp->cl_lock); 2199 } 2200 2201 static void __free_session(struct nfsd4_session *ses) 2202 { 2203 free_session_slots(ses, 0); 2204 xa_destroy(&ses->se_slots); 2205 kfree(ses); 2206 } 2207 2208 static void free_session(struct nfsd4_session *ses) 2209 { 2210 nfsd4_del_conns(ses); 2211 __free_session(ses); 2212 } 2213 2214 static unsigned long 2215 nfsd_slot_count(struct shrinker *s, struct shrink_control *sc) 2216 { 2217 unsigned long cnt = atomic_read(&nfsd_total_target_slots); 2218 2219 return cnt ? cnt : SHRINK_EMPTY; 2220 } 2221 2222 static unsigned long 2223 nfsd_slot_scan(struct shrinker *s, struct shrink_control *sc) 2224 { 2225 struct nfsd4_session *ses; 2226 unsigned long scanned = 0; 2227 unsigned long freed = 0; 2228 2229 spin_lock(&nfsd_session_list_lock); 2230 list_for_each_entry(ses, &nfsd_session_list, se_all_sessions) { 2231 freed += reduce_session_slots(ses, 1); 2232 scanned += 1; 2233 if (scanned >= sc->nr_to_scan) { 2234 /* Move starting point for next scan */ 2235 list_move(&nfsd_session_list, &ses->se_all_sessions); 2236 break; 2237 } 2238 } 2239 spin_unlock(&nfsd_session_list_lock); 2240 sc->nr_scanned = scanned; 2241 return freed; 2242 } 2243 2244 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 2245 { 2246 int idx; 2247 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2248 2249 new->se_client = clp; 2250 gen_sessionid(new); 2251 2252 INIT_LIST_HEAD(&new->se_conns); 2253 2254 atomic_set(&new->se_ref, 0); 2255 new->se_dead = false; 2256 new->se_cb_prog = cses->callback_prog; 2257 new->se_cb_sec = cses->cb_sec; 2258 2259 for (idx = 0; idx < NFSD_BC_SLOT_TABLE_SIZE; ++idx) 2260 new->se_cb_seq_nr[idx] = 1; 2261 2262 idx = hash_sessionid(&new->se_sessionid); 2263 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 2264 spin_lock(&clp->cl_lock); 2265 list_add(&new->se_perclnt, &clp->cl_sessions); 2266 spin_unlock(&clp->cl_lock); 2267 2268 spin_lock(&nfsd_session_list_lock); 2269 list_add_tail(&new->se_all_sessions, &nfsd_session_list); 2270 spin_unlock(&nfsd_session_list_lock); 2271 2272 { 2273 struct sockaddr *sa = svc_addr(rqstp); 2274 /* 2275 * This is a little silly; with sessions there's no real 2276 * use for the callback address. Use the peer address 2277 * as a reasonable default for now, but consider fixing 2278 * the rpc client not to require an address in the 2279 * future: 2280 */ 2281 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 2282 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 2283 } 2284 } 2285 2286 /* caller must hold client_lock */ 2287 static struct nfsd4_session * 2288 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 2289 { 2290 struct nfsd4_session *elem; 2291 int idx; 2292 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2293 2294 lockdep_assert_held(&nn->client_lock); 2295 2296 dump_sessionid(__func__, sessionid); 2297 idx = hash_sessionid(sessionid); 2298 /* Search in the appropriate list */ 2299 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 2300 if (!memcmp(elem->se_sessionid.data, sessionid->data, 2301 NFS4_MAX_SESSIONID_LEN)) { 2302 return elem; 2303 } 2304 } 2305 2306 dprintk("%s: session not found\n", __func__); 2307 return NULL; 2308 } 2309 2310 static struct nfsd4_session * 2311 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 2312 __be32 *ret) 2313 { 2314 struct nfsd4_session *session; 2315 __be32 status = nfserr_badsession; 2316 2317 session = __find_in_sessionid_hashtbl(sessionid, net); 2318 if (!session) 2319 goto out; 2320 status = nfsd4_get_session_locked(session); 2321 if (status) 2322 session = NULL; 2323 out: 2324 *ret = status; 2325 return session; 2326 } 2327 2328 /* caller must hold client_lock */ 2329 static void 2330 unhash_session(struct nfsd4_session *ses) 2331 { 2332 struct nfs4_client *clp = ses->se_client; 2333 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2334 2335 lockdep_assert_held(&nn->client_lock); 2336 2337 list_del(&ses->se_hash); 2338 spin_lock(&ses->se_client->cl_lock); 2339 list_del(&ses->se_perclnt); 2340 spin_unlock(&ses->se_client->cl_lock); 2341 spin_lock(&nfsd_session_list_lock); 2342 list_del(&ses->se_all_sessions); 2343 spin_unlock(&nfsd_session_list_lock); 2344 } 2345 2346 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 2347 static int 2348 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 2349 { 2350 /* 2351 * We're assuming the clid was not given out from a boot 2352 * precisely 2^32 (about 136 years) before this one. That seems 2353 * a safe assumption: 2354 */ 2355 if (clid->cl_boot == (u32)nn->boot_time) 2356 return 0; 2357 trace_nfsd_clid_stale(clid); 2358 return 1; 2359 } 2360 2361 static struct nfs4_client *alloc_client(struct xdr_netobj name, 2362 struct nfsd_net *nn) 2363 { 2364 struct nfs4_client *clp; 2365 int i; 2366 2367 if (atomic_read(&nn->nfs4_client_count) >= nn->nfs4_max_clients && 2368 atomic_read(&nn->nfsd_courtesy_clients) > 0) 2369 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 2370 2371 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 2372 if (clp == NULL) 2373 return NULL; 2374 xdr_netobj_dup(&clp->cl_name, &name, GFP_KERNEL); 2375 if (clp->cl_name.data == NULL) 2376 goto err_no_name; 2377 clp->cl_ownerstr_hashtbl = kmalloc_objs(struct list_head, 2378 OWNER_HASH_SIZE); 2379 if (!clp->cl_ownerstr_hashtbl) 2380 goto err_no_hashtbl; 2381 clp->cl_callback_wq = alloc_ordered_workqueue("nfsd4_callbacks", 0); 2382 if (!clp->cl_callback_wq) 2383 goto err_no_callback_wq; 2384 2385 for (i = 0; i < OWNER_HASH_SIZE; i++) 2386 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 2387 INIT_LIST_HEAD(&clp->cl_sessions); 2388 idr_init(&clp->cl_stateids); 2389 atomic_set(&clp->cl_rpc_users, 0); 2390 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 2391 clp->cl_state = NFSD4_ACTIVE; 2392 atomic_inc(&nn->nfs4_client_count); 2393 atomic_set(&clp->cl_delegs_in_recall, 0); 2394 INIT_LIST_HEAD(&clp->cl_idhash); 2395 INIT_LIST_HEAD(&clp->cl_openowners); 2396 INIT_LIST_HEAD(&clp->cl_delegations); 2397 INIT_LIST_HEAD(&clp->cl_lru); 2398 INIT_LIST_HEAD(&clp->cl_revoked); 2399 #ifdef CONFIG_NFSD_PNFS 2400 INIT_LIST_HEAD(&clp->cl_lo_states); 2401 #endif 2402 #ifdef CONFIG_NFSD_SCSILAYOUT 2403 xa_init(&clp->cl_dev_fences); 2404 mutex_init(&clp->cl_fence_mutex); 2405 #endif 2406 INIT_LIST_HEAD(&clp->async_copies); 2407 spin_lock_init(&clp->async_lock); 2408 spin_lock_init(&clp->cl_lock); 2409 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 2410 return clp; 2411 err_no_callback_wq: 2412 kfree(clp->cl_ownerstr_hashtbl); 2413 err_no_hashtbl: 2414 kfree(clp->cl_name.data); 2415 err_no_name: 2416 kmem_cache_free(client_slab, clp); 2417 return NULL; 2418 } 2419 2420 static void __free_client(struct kref *k) 2421 { 2422 struct nfsdfs_client *c = container_of(k, struct nfsdfs_client, cl_ref); 2423 struct nfs4_client *clp = container_of(c, struct nfs4_client, cl_nfsdfs); 2424 2425 free_svc_cred(&clp->cl_cred); 2426 destroy_workqueue(clp->cl_callback_wq); 2427 kfree(clp->cl_ownerstr_hashtbl); 2428 kfree(clp->cl_name.data); 2429 kfree(clp->cl_nii_domain.data); 2430 kfree(clp->cl_nii_name.data); 2431 idr_destroy(&clp->cl_stateids); 2432 kfree(clp->cl_ra); 2433 kmem_cache_free(client_slab, clp); 2434 } 2435 2436 /** 2437 * nfsd4_put_client - release a reference on an nfs4_client 2438 * @clp: the client to be released 2439 * 2440 * When the last reference is released, the client is freed. 2441 */ 2442 void nfsd4_put_client(struct nfs4_client *clp) 2443 { 2444 kref_put(&clp->cl_nfsdfs.cl_ref, __free_client); 2445 } 2446 2447 static void 2448 free_client(struct nfs4_client *clp) 2449 { 2450 while (!list_empty(&clp->cl_sessions)) { 2451 struct nfsd4_session *ses; 2452 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 2453 se_perclnt); 2454 list_del(&ses->se_perclnt); 2455 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 2456 free_session(ses); 2457 } 2458 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 2459 if (clp->cl_nfsd_dentry) { 2460 nfsd_client_rmdir(clp->cl_nfsd_dentry); 2461 clp->cl_nfsd_dentry = NULL; 2462 wake_up_all(&expiry_wq); 2463 } 2464 nfsd4_put_client(clp); 2465 } 2466 2467 /* must be called under the client_lock */ 2468 static void 2469 unhash_client_locked(struct nfs4_client *clp) 2470 { 2471 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2472 struct nfsd4_session *ses; 2473 2474 lockdep_assert_held(&nn->client_lock); 2475 2476 /* Mark the client as expired! */ 2477 clp->cl_time = 0; 2478 /* Make it invisible */ 2479 if (!list_empty(&clp->cl_idhash)) { 2480 list_del_init(&clp->cl_idhash); 2481 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 2482 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 2483 else 2484 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2485 } 2486 list_del_init(&clp->cl_lru); 2487 spin_lock(&clp->cl_lock); 2488 spin_lock(&nfsd_session_list_lock); 2489 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) { 2490 list_del_init(&ses->se_hash); 2491 list_del_init(&ses->se_all_sessions); 2492 } 2493 spin_unlock(&nfsd_session_list_lock); 2494 spin_unlock(&clp->cl_lock); 2495 } 2496 2497 static void 2498 unhash_client(struct nfs4_client *clp) 2499 { 2500 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2501 2502 spin_lock(&nn->client_lock); 2503 unhash_client_locked(clp); 2504 spin_unlock(&nn->client_lock); 2505 } 2506 2507 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 2508 { 2509 int users = atomic_read(&clp->cl_rpc_users); 2510 2511 trace_nfsd_mark_client_expired(clp, users); 2512 2513 if (users) 2514 return nfserr_jukebox; 2515 unhash_client_locked(clp); 2516 return nfs_ok; 2517 } 2518 2519 static void 2520 __destroy_client(struct nfs4_client *clp) 2521 { 2522 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2523 int i; 2524 struct nfs4_openowner *oo; 2525 struct nfs4_delegation *dp; 2526 LIST_HEAD(reaplist); 2527 2528 spin_lock(&nn->deleg_lock); 2529 while (!list_empty(&clp->cl_delegations)) { 2530 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 2531 unhash_delegation_locked(dp, SC_STATUS_CLOSED); 2532 list_add(&dp->dl_recall_lru, &reaplist); 2533 } 2534 spin_unlock(&nn->deleg_lock); 2535 while (!list_empty(&reaplist)) { 2536 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 2537 list_del_init(&dp->dl_recall_lru); 2538 destroy_unhashed_deleg(dp); 2539 } 2540 while (!list_empty(&clp->cl_revoked)) { 2541 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 2542 list_del_init(&dp->dl_recall_lru); 2543 nfs4_put_stid(&dp->dl_stid); 2544 } 2545 while (!list_empty(&clp->cl_openowners)) { 2546 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 2547 nfs4_get_stateowner(&oo->oo_owner); 2548 release_openowner(oo); 2549 } 2550 for (i = 0; i < OWNER_HASH_SIZE; i++) { 2551 struct nfs4_stateowner *so, *tmp; 2552 2553 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 2554 so_strhash) { 2555 /* Should be no openowners at this point */ 2556 WARN_ON_ONCE(so->so_is_open_owner); 2557 remove_blocked_locks(lockowner(so)); 2558 } 2559 } 2560 nfsd4_return_all_client_layouts(clp); 2561 nfsd4_shutdown_copy(clp); 2562 nfsd4_shutdown_callback(clp); 2563 if (clp->cl_cb_conn.cb_xprt) 2564 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 2565 atomic_add_unless(&nn->nfs4_client_count, -1, 0); 2566 nfsd4_dec_courtesy_client_count(nn, clp); 2567 #ifdef CONFIG_NFSD_SCSILAYOUT 2568 xa_destroy(&clp->cl_dev_fences); 2569 #endif 2570 free_client(clp); 2571 wake_up_all(&expiry_wq); 2572 } 2573 2574 static void 2575 destroy_client(struct nfs4_client *clp) 2576 { 2577 unhash_client(clp); 2578 __destroy_client(clp); 2579 } 2580 2581 static void inc_reclaim_complete(struct nfs4_client *clp) 2582 { 2583 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2584 2585 if (!nn->track_reclaim_completes) 2586 return; 2587 if (!nfsd4_find_reclaim_client(clp->cl_name, nn)) 2588 return; 2589 if (atomic_inc_return(&nn->nr_reclaim_complete) == 2590 nn->reclaim_str_hashtbl_size) { 2591 printk(KERN_INFO "NFSD: all clients done reclaiming, ending NFSv4 grace period (net %x)\n", 2592 clp->net->ns.inum); 2593 nfsd4_end_grace(nn); 2594 } 2595 } 2596 2597 static void expire_client(struct nfs4_client *clp) 2598 { 2599 unhash_client(clp); 2600 nfsd4_client_record_remove(clp); 2601 __destroy_client(clp); 2602 } 2603 2604 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 2605 { 2606 memcpy(target->cl_verifier.data, source->data, 2607 sizeof(target->cl_verifier.data)); 2608 } 2609 2610 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 2611 { 2612 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 2613 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 2614 } 2615 2616 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 2617 { 2618 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 2619 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 2620 GFP_KERNEL); 2621 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL); 2622 if ((source->cr_principal && !target->cr_principal) || 2623 (source->cr_raw_principal && !target->cr_raw_principal) || 2624 (source->cr_targ_princ && !target->cr_targ_princ)) 2625 return -ENOMEM; 2626 2627 target->cr_flavor = source->cr_flavor; 2628 target->cr_uid = source->cr_uid; 2629 target->cr_gid = source->cr_gid; 2630 target->cr_group_info = source->cr_group_info; 2631 get_group_info(target->cr_group_info); 2632 target->cr_gss_mech = source->cr_gss_mech; 2633 if (source->cr_gss_mech) 2634 gss_mech_get(source->cr_gss_mech); 2635 return 0; 2636 } 2637 2638 static int 2639 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 2640 { 2641 if (o1->len < o2->len) 2642 return -1; 2643 if (o1->len > o2->len) 2644 return 1; 2645 return memcmp(o1->data, o2->data, o1->len); 2646 } 2647 2648 static int 2649 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2650 { 2651 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2652 } 2653 2654 static int 2655 same_clid(clientid_t *cl1, clientid_t *cl2) 2656 { 2657 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2658 } 2659 2660 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2661 { 2662 int i; 2663 2664 if (g1->ngroups != g2->ngroups) 2665 return false; 2666 for (i=0; i<g1->ngroups; i++) 2667 if (!gid_eq(g1->gid[i], g2->gid[i])) 2668 return false; 2669 return true; 2670 } 2671 2672 /* 2673 * RFC 3530 language requires clid_inuse be returned when the 2674 * "principal" associated with a requests differs from that previously 2675 * used. We use uid, gid's, and gss principal string as our best 2676 * approximation. We also don't want to allow non-gss use of a client 2677 * established using gss: in theory cr_principal should catch that 2678 * change, but in practice cr_principal can be null even in the gss case 2679 * since gssd doesn't always pass down a principal string. 2680 */ 2681 static bool is_gss_cred(struct svc_cred *cr) 2682 { 2683 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2684 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2685 } 2686 2687 2688 static bool 2689 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2690 { 2691 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2692 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2693 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2694 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2695 return false; 2696 /* XXX: check that cr_targ_princ fields match ? */ 2697 if (cr1->cr_principal == cr2->cr_principal) 2698 return true; 2699 if (!cr1->cr_principal || !cr2->cr_principal) 2700 return false; 2701 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2702 } 2703 2704 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2705 { 2706 struct svc_cred *cr = &rqstp->rq_cred; 2707 u32 service; 2708 2709 if (!cr->cr_gss_mech) 2710 return false; 2711 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2712 return service == RPC_GSS_SVC_INTEGRITY || 2713 service == RPC_GSS_SVC_PRIVACY; 2714 } 2715 2716 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2717 { 2718 struct svc_cred *cr = &rqstp->rq_cred; 2719 2720 if (!cl->cl_mach_cred) 2721 return true; 2722 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2723 return false; 2724 if (!svc_rqst_integrity_protected(rqstp)) 2725 return false; 2726 if (cl->cl_cred.cr_raw_principal) 2727 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2728 cr->cr_raw_principal); 2729 if (!cr->cr_principal) 2730 return false; 2731 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2732 } 2733 2734 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2735 { 2736 __be32 verf[2]; 2737 2738 /* 2739 * This is opaque to client, so no need to byte-swap. Use 2740 * __force to keep sparse happy 2741 */ 2742 verf[0] = (__force __be32)(u32)ktime_get_real_seconds(); 2743 verf[1] = (__force __be32)nn->clverifier_counter++; 2744 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2745 } 2746 2747 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2748 { 2749 clp->cl_clientid.cl_boot = (u32)nn->boot_time; 2750 clp->cl_clientid.cl_id = nn->clientid_counter++; 2751 gen_confirm(clp, nn); 2752 } 2753 2754 static struct nfs4_stid * 2755 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2756 { 2757 struct nfs4_stid *ret; 2758 2759 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2760 if (!ret || !ret->sc_type) 2761 return NULL; 2762 return ret; 2763 } 2764 2765 static struct nfs4_stid * 2766 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, 2767 unsigned short typemask, unsigned short ok_states) 2768 { 2769 struct nfs4_stid *s; 2770 2771 spin_lock(&cl->cl_lock); 2772 s = find_stateid_locked(cl, t); 2773 if (s != NULL) { 2774 if ((s->sc_status & ~ok_states) == 0 && 2775 (typemask & s->sc_type)) 2776 refcount_inc(&s->sc_count); 2777 else 2778 s = NULL; 2779 } 2780 spin_unlock(&cl->cl_lock); 2781 return s; 2782 } 2783 2784 static struct nfs4_client *get_nfsdfs_clp(struct inode *inode) 2785 { 2786 struct nfsdfs_client *nc; 2787 nc = get_nfsdfs_client(inode); 2788 if (!nc) 2789 return NULL; 2790 return container_of(nc, struct nfs4_client, cl_nfsdfs); 2791 } 2792 2793 static void seq_quote_mem(struct seq_file *m, char *data, int len) 2794 { 2795 seq_puts(m, "\""); 2796 seq_escape_mem(m, data, len, ESCAPE_HEX | ESCAPE_NAP | ESCAPE_APPEND, "\"\\"); 2797 seq_puts(m, "\""); 2798 } 2799 2800 static const char *cb_state2str(int state) 2801 { 2802 switch (state) { 2803 case NFSD4_CB_UP: 2804 return "UP"; 2805 case NFSD4_CB_UNKNOWN: 2806 return "UNKNOWN"; 2807 case NFSD4_CB_DOWN: 2808 return "DOWN"; 2809 case NFSD4_CB_FAULT: 2810 return "FAULT"; 2811 } 2812 return "UNDEFINED"; 2813 } 2814 2815 static int client_info_show(struct seq_file *m, void *v) 2816 { 2817 struct inode *inode = file_inode(m->file); 2818 struct nfsd4_session *ses; 2819 struct nfs4_client *clp; 2820 u64 clid; 2821 2822 clp = get_nfsdfs_clp(inode); 2823 if (!clp) 2824 return -ENXIO; 2825 memcpy(&clid, &clp->cl_clientid, sizeof(clid)); 2826 seq_printf(m, "clientid: 0x%llx\n", clid); 2827 seq_printf(m, "address: \"%pISpc\"\n", (struct sockaddr *)&clp->cl_addr); 2828 2829 if (clp->cl_state == NFSD4_COURTESY) 2830 seq_puts(m, "status: courtesy\n"); 2831 else if (clp->cl_state == NFSD4_EXPIRABLE) 2832 seq_puts(m, "status: expirable\n"); 2833 else if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 2834 seq_puts(m, "status: confirmed\n"); 2835 else 2836 seq_puts(m, "status: unconfirmed\n"); 2837 seq_printf(m, "seconds from last renew: %lld\n", 2838 ktime_get_boottime_seconds() - clp->cl_time); 2839 seq_puts(m, "name: "); 2840 seq_quote_mem(m, clp->cl_name.data, clp->cl_name.len); 2841 seq_printf(m, "\nminor version: %d\n", clp->cl_minorversion); 2842 if (clp->cl_nii_domain.data) { 2843 seq_puts(m, "Implementation domain: "); 2844 seq_quote_mem(m, clp->cl_nii_domain.data, 2845 clp->cl_nii_domain.len); 2846 seq_puts(m, "\nImplementation name: "); 2847 seq_quote_mem(m, clp->cl_nii_name.data, clp->cl_nii_name.len); 2848 seq_printf(m, "\nImplementation time: [%lld, %ld]\n", 2849 clp->cl_nii_time.tv_sec, clp->cl_nii_time.tv_nsec); 2850 } 2851 seq_printf(m, "callback state: %s\n", cb_state2str(clp->cl_cb_state)); 2852 seq_printf(m, "callback address: \"%pISpc\"\n", &clp->cl_cb_conn.cb_addr); 2853 seq_printf(m, "admin-revoked states: %d\n", 2854 atomic_read(&clp->cl_admin_revoked)); 2855 spin_lock(&clp->cl_lock); 2856 seq_printf(m, "session slots:"); 2857 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 2858 seq_printf(m, " %u", ses->se_fchannel.maxreqs); 2859 seq_printf(m, "\nsession target slots:"); 2860 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 2861 seq_printf(m, " %u", ses->se_target_maxslots); 2862 spin_unlock(&clp->cl_lock); 2863 seq_puts(m, "\n"); 2864 2865 nfsd4_put_client(clp); 2866 2867 return 0; 2868 } 2869 2870 DEFINE_SHOW_ATTRIBUTE(client_info); 2871 2872 static void *states_start(struct seq_file *s, loff_t *pos) 2873 __acquires(&clp->cl_lock) 2874 { 2875 struct nfs4_client *clp = s->private; 2876 unsigned long id = *pos; 2877 void *ret; 2878 2879 spin_lock(&clp->cl_lock); 2880 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2881 *pos = id; 2882 return ret; 2883 } 2884 2885 static void *states_next(struct seq_file *s, void *v, loff_t *pos) 2886 { 2887 struct nfs4_client *clp = s->private; 2888 unsigned long id = *pos; 2889 void *ret; 2890 2891 id = *pos; 2892 id++; 2893 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2894 *pos = id; 2895 return ret; 2896 } 2897 2898 static void states_stop(struct seq_file *s, void *v) 2899 __releases(&clp->cl_lock) 2900 { 2901 struct nfs4_client *clp = s->private; 2902 2903 spin_unlock(&clp->cl_lock); 2904 } 2905 2906 static void nfs4_show_fname(struct seq_file *s, struct nfsd_file *f) 2907 { 2908 seq_printf(s, "filename: \"%pD2\"", f->nf_file); 2909 } 2910 2911 static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f) 2912 { 2913 struct inode *inode = file_inode(f->nf_file); 2914 2915 seq_printf(s, "superblock: \"%02x:%02x:%llu\"", 2916 MAJOR(inode->i_sb->s_dev), 2917 MINOR(inode->i_sb->s_dev), 2918 inode->i_ino); 2919 } 2920 2921 static void nfs4_show_owner(struct seq_file *s, struct nfs4_stateowner *oo) 2922 { 2923 seq_puts(s, "owner: "); 2924 seq_quote_mem(s, oo->so_owner.data, oo->so_owner.len); 2925 } 2926 2927 static void nfs4_show_stateid(struct seq_file *s, stateid_t *stid) 2928 { 2929 seq_printf(s, "0x%.8x", stid->si_generation); 2930 seq_printf(s, "%12phN", &stid->si_opaque); 2931 } 2932 2933 static int nfs4_show_open(struct seq_file *s, struct nfs4_stid *st) 2934 { 2935 struct nfs4_ol_stateid *ols; 2936 struct nfs4_file *nf; 2937 struct nfsd_file *file; 2938 struct nfs4_stateowner *oo; 2939 unsigned int access, deny; 2940 2941 ols = openlockstateid(st); 2942 oo = ols->st_stateowner; 2943 nf = st->sc_file; 2944 2945 seq_puts(s, "- "); 2946 nfs4_show_stateid(s, &st->sc_stateid); 2947 seq_puts(s, ": { type: open, "); 2948 2949 access = bmap_to_share_mode(ols->st_access_bmap); 2950 deny = bmap_to_share_mode(ols->st_deny_bmap); 2951 2952 seq_printf(s, "access: %s%s, ", 2953 access & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2954 access & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2955 seq_printf(s, "deny: %s%s, ", 2956 deny & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2957 deny & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2958 2959 if (nf) { 2960 spin_lock(&nf->fi_lock); 2961 file = find_any_file_locked(nf); 2962 if (file) { 2963 nfs4_show_superblock(s, file); 2964 seq_puts(s, ", "); 2965 nfs4_show_fname(s, file); 2966 seq_puts(s, ", "); 2967 } 2968 spin_unlock(&nf->fi_lock); 2969 } else 2970 seq_puts(s, "closed, "); 2971 nfs4_show_owner(s, oo); 2972 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 2973 seq_puts(s, ", admin-revoked"); 2974 seq_puts(s, " }\n"); 2975 return 0; 2976 } 2977 2978 static int nfs4_show_lock(struct seq_file *s, struct nfs4_stid *st) 2979 { 2980 struct nfs4_ol_stateid *ols; 2981 struct nfs4_file *nf; 2982 struct nfsd_file *file; 2983 struct nfs4_stateowner *oo; 2984 2985 ols = openlockstateid(st); 2986 oo = ols->st_stateowner; 2987 nf = st->sc_file; 2988 2989 seq_puts(s, "- "); 2990 nfs4_show_stateid(s, &st->sc_stateid); 2991 seq_puts(s, ": { type: lock, "); 2992 2993 spin_lock(&nf->fi_lock); 2994 file = find_any_file_locked(nf); 2995 if (file) { 2996 /* 2997 * Note: a lock stateid isn't really the same thing as a lock, 2998 * it's the locking state held by one owner on a file, and there 2999 * may be multiple (or no) lock ranges associated with it. 3000 * (Same for the matter is true of open stateids.) 3001 */ 3002 3003 nfs4_show_superblock(s, file); 3004 /* XXX: open stateid? */ 3005 seq_puts(s, ", "); 3006 nfs4_show_fname(s, file); 3007 seq_puts(s, ", "); 3008 } 3009 nfs4_show_owner(s, oo); 3010 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 3011 seq_puts(s, ", admin-revoked"); 3012 seq_puts(s, " }\n"); 3013 spin_unlock(&nf->fi_lock); 3014 return 0; 3015 } 3016 3017 static char *nfs4_show_deleg_type(u32 dl_type) 3018 { 3019 switch (dl_type) { 3020 case OPEN_DELEGATE_READ: 3021 return "r"; 3022 case OPEN_DELEGATE_WRITE: 3023 return "w"; 3024 case OPEN_DELEGATE_READ_ATTRS_DELEG: 3025 return "ra"; 3026 case OPEN_DELEGATE_WRITE_ATTRS_DELEG: 3027 return "wa"; 3028 } 3029 return "?"; 3030 } 3031 3032 static int nfs4_show_deleg(struct seq_file *s, struct nfs4_stid *st) 3033 { 3034 struct nfs4_delegation *ds; 3035 struct nfs4_file *nf; 3036 struct nfsd_file *file; 3037 3038 ds = delegstateid(st); 3039 nf = st->sc_file; 3040 3041 seq_puts(s, "- "); 3042 nfs4_show_stateid(s, &st->sc_stateid); 3043 seq_puts(s, ": { type: deleg, "); 3044 3045 seq_printf(s, "access: %s", nfs4_show_deleg_type(ds->dl_type)); 3046 3047 /* XXX: lease time, whether it's being recalled. */ 3048 3049 spin_lock(&nf->fi_lock); 3050 file = nf->fi_deleg_file; 3051 if (file) { 3052 seq_puts(s, ", "); 3053 nfs4_show_superblock(s, file); 3054 seq_puts(s, ", "); 3055 nfs4_show_fname(s, file); 3056 } 3057 spin_unlock(&nf->fi_lock); 3058 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 3059 seq_puts(s, ", admin-revoked"); 3060 seq_puts(s, " }\n"); 3061 return 0; 3062 } 3063 3064 static int nfs4_show_layout(struct seq_file *s, struct nfs4_stid *st) 3065 { 3066 struct nfs4_layout_stateid *ls; 3067 struct nfsd_file *file; 3068 3069 ls = container_of(st, struct nfs4_layout_stateid, ls_stid); 3070 3071 seq_puts(s, "- "); 3072 nfs4_show_stateid(s, &st->sc_stateid); 3073 seq_puts(s, ": { type: layout"); 3074 3075 /* XXX: What else would be useful? */ 3076 3077 spin_lock(&ls->ls_stid.sc_file->fi_lock); 3078 file = ls->ls_file; 3079 if (file) { 3080 seq_puts(s, ", "); 3081 nfs4_show_superblock(s, file); 3082 seq_puts(s, ", "); 3083 nfs4_show_fname(s, file); 3084 } 3085 spin_unlock(&ls->ls_stid.sc_file->fi_lock); 3086 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 3087 seq_puts(s, ", admin-revoked"); 3088 seq_puts(s, " }\n"); 3089 3090 return 0; 3091 } 3092 3093 static int states_show(struct seq_file *s, void *v) 3094 { 3095 struct nfs4_stid *st = v; 3096 3097 switch (st->sc_type) { 3098 case SC_TYPE_OPEN: 3099 return nfs4_show_open(s, st); 3100 case SC_TYPE_LOCK: 3101 return nfs4_show_lock(s, st); 3102 case SC_TYPE_DELEG: 3103 return nfs4_show_deleg(s, st); 3104 case SC_TYPE_LAYOUT: 3105 return nfs4_show_layout(s, st); 3106 default: 3107 return 0; /* XXX: or SEQ_SKIP? */ 3108 } 3109 /* XXX: copy stateids? */ 3110 } 3111 3112 static struct seq_operations states_seq_ops = { 3113 .start = states_start, 3114 .next = states_next, 3115 .stop = states_stop, 3116 .show = states_show 3117 }; 3118 3119 static int client_states_open(struct inode *inode, struct file *file) 3120 { 3121 struct seq_file *s; 3122 struct nfs4_client *clp; 3123 int ret; 3124 3125 clp = get_nfsdfs_clp(inode); 3126 if (!clp) 3127 return -ENXIO; 3128 3129 ret = seq_open(file, &states_seq_ops); 3130 if (ret) { 3131 nfsd4_put_client(clp); 3132 return ret; 3133 } 3134 s = file->private_data; 3135 s->private = clp; 3136 return 0; 3137 } 3138 3139 static int client_opens_release(struct inode *inode, struct file *file) 3140 { 3141 struct seq_file *m = file->private_data; 3142 struct nfs4_client *clp = m->private; 3143 3144 /* XXX: alternatively, we could get/drop in seq start/stop */ 3145 nfsd4_put_client(clp); 3146 return seq_release(inode, file); 3147 } 3148 3149 static const struct file_operations client_states_fops = { 3150 .open = client_states_open, 3151 .read = seq_read, 3152 .llseek = seq_lseek, 3153 .release = client_opens_release, 3154 }; 3155 3156 /* 3157 * Normally we refuse to destroy clients that are in use, but here the 3158 * administrator is telling us to just do it. We also want to wait 3159 * so the caller has a guarantee that the client's locks are gone by 3160 * the time the write returns: 3161 */ 3162 static void force_expire_client(struct nfs4_client *clp) 3163 { 3164 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 3165 bool already_expired; 3166 3167 trace_nfsd_clid_admin_expired(&clp->cl_clientid); 3168 3169 spin_lock(&nn->client_lock); 3170 clp->cl_time = 0; 3171 spin_unlock(&nn->client_lock); 3172 3173 wait_event(expiry_wq, atomic_read(&clp->cl_rpc_users) == 0); 3174 spin_lock(&nn->client_lock); 3175 already_expired = list_empty(&clp->cl_lru); 3176 if (!already_expired) 3177 unhash_client_locked(clp); 3178 spin_unlock(&nn->client_lock); 3179 3180 if (!already_expired) 3181 expire_client(clp); 3182 else 3183 wait_event(expiry_wq, clp->cl_nfsd_dentry == NULL); 3184 } 3185 3186 static ssize_t client_ctl_write(struct file *file, const char __user *buf, 3187 size_t size, loff_t *pos) 3188 { 3189 char *data; 3190 struct nfs4_client *clp; 3191 3192 data = simple_transaction_get(file, buf, size); 3193 if (IS_ERR(data)) 3194 return PTR_ERR(data); 3195 if (size != 7 || 0 != memcmp(data, "expire\n", 7)) 3196 return -EINVAL; 3197 clp = get_nfsdfs_clp(file_inode(file)); 3198 if (!clp) 3199 return -ENXIO; 3200 force_expire_client(clp); 3201 nfsd4_put_client(clp); 3202 return 7; 3203 } 3204 3205 static const struct file_operations client_ctl_fops = { 3206 .write = client_ctl_write, 3207 .release = simple_transaction_release, 3208 }; 3209 3210 static const struct tree_descr client_files[] = { 3211 [0] = {"info", &client_info_fops, S_IRUSR}, 3212 [1] = {"states", &client_states_fops, S_IRUSR}, 3213 [2] = {"ctl", &client_ctl_fops, S_IWUSR}, 3214 [3] = {""}, 3215 }; 3216 3217 static int 3218 nfsd4_cb_recall_any_done(struct nfsd4_callback *cb, 3219 struct rpc_task *task) 3220 { 3221 trace_nfsd_cb_recall_any_done(cb, task); 3222 switch (task->tk_status) { 3223 case -NFS4ERR_DELAY: 3224 rpc_delay(task, 2 * HZ); 3225 return 0; 3226 default: 3227 return 1; 3228 } 3229 } 3230 3231 static void 3232 nfsd4_cb_recall_any_release(struct nfsd4_callback *cb) 3233 { 3234 struct nfs4_client *clp = cb->cb_clp; 3235 3236 nfsd4_put_client(clp); 3237 } 3238 3239 static int 3240 nfsd4_cb_getattr_done(struct nfsd4_callback *cb, struct rpc_task *task) 3241 { 3242 struct nfs4_cb_fattr *ncf = 3243 container_of(cb, struct nfs4_cb_fattr, ncf_getattr); 3244 struct nfs4_delegation *dp = 3245 container_of(ncf, struct nfs4_delegation, dl_cb_fattr); 3246 3247 trace_nfsd_cb_getattr_done(&dp->dl_stid.sc_stateid, task); 3248 ncf->ncf_cb_status = task->tk_status; 3249 switch (task->tk_status) { 3250 case -NFS4ERR_DELAY: 3251 rpc_delay(task, 2 * HZ); 3252 return 0; 3253 default: 3254 return 1; 3255 } 3256 } 3257 3258 static void 3259 nfsd4_cb_getattr_release(struct nfsd4_callback *cb) 3260 { 3261 struct nfs4_cb_fattr *ncf = 3262 container_of(cb, struct nfs4_cb_fattr, ncf_getattr); 3263 struct nfs4_delegation *dp = 3264 container_of(ncf, struct nfs4_delegation, dl_cb_fattr); 3265 3266 nfs4_put_stid(&dp->dl_stid); 3267 } 3268 3269 static const struct nfsd4_callback_ops nfsd4_cb_recall_any_ops = { 3270 .done = nfsd4_cb_recall_any_done, 3271 .release = nfsd4_cb_recall_any_release, 3272 .opcode = OP_CB_RECALL_ANY, 3273 }; 3274 3275 static const struct nfsd4_callback_ops nfsd4_cb_getattr_ops = { 3276 .done = nfsd4_cb_getattr_done, 3277 .release = nfsd4_cb_getattr_release, 3278 .opcode = OP_CB_GETATTR, 3279 }; 3280 3281 static void nfs4_cb_getattr(struct nfs4_cb_fattr *ncf) 3282 { 3283 struct nfs4_delegation *dp = 3284 container_of(ncf, struct nfs4_delegation, dl_cb_fattr); 3285 3286 if (test_and_set_bit(NFSD4_CALLBACK_RUNNING, &ncf->ncf_getattr.cb_flags)) 3287 return; 3288 3289 /* set to proper status when nfsd4_cb_getattr_done runs */ 3290 ncf->ncf_cb_status = NFS4ERR_IO; 3291 3292 /* ensure that wake_bit is done when RUNNING is cleared */ 3293 set_bit(NFSD4_CALLBACK_WAKE, &ncf->ncf_getattr.cb_flags); 3294 3295 refcount_inc(&dp->dl_stid.sc_count); 3296 nfsd4_run_cb(&ncf->ncf_getattr); 3297 } 3298 3299 static struct nfs4_client *create_client(struct xdr_netobj name, 3300 struct svc_rqst *rqstp, nfs4_verifier *verf) 3301 { 3302 struct nfs4_client *clp; 3303 struct sockaddr *sa = svc_addr(rqstp); 3304 int ret; 3305 struct net *net = SVC_NET(rqstp); 3306 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3307 struct dentry *dentries[ARRAY_SIZE(client_files)]; 3308 3309 clp = alloc_client(name, nn); 3310 if (clp == NULL) 3311 return NULL; 3312 3313 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 3314 if (ret) { 3315 free_client(clp); 3316 return NULL; 3317 } 3318 gen_clid(clp, nn); 3319 kref_init(&clp->cl_nfsdfs.cl_ref); 3320 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 3321 clp->cl_time = ktime_get_boottime_seconds(); 3322 copy_verf(clp, verf); 3323 memcpy(&clp->cl_addr, sa, sizeof(struct sockaddr_storage)); 3324 clp->cl_cb_session = NULL; 3325 clp->net = net; 3326 clp->cl_nfsd_dentry = nfsd_client_mkdir( 3327 nn, &clp->cl_nfsdfs, 3328 clp->cl_clientid.cl_id - nn->clientid_base, 3329 client_files, dentries); 3330 clp->cl_nfsd_info_dentry = dentries[0]; 3331 if (!clp->cl_nfsd_dentry) { 3332 free_client(clp); 3333 return NULL; 3334 } 3335 clp->cl_ra = kzalloc_obj(*clp->cl_ra); 3336 if (!clp->cl_ra) { 3337 free_client(clp); 3338 return NULL; 3339 } 3340 clp->cl_ra_time = 0; 3341 nfsd4_init_cb(&clp->cl_ra->ra_cb, clp, &nfsd4_cb_recall_any_ops, 3342 NFSPROC4_CLNT_CB_RECALL_ANY); 3343 return clp; 3344 } 3345 3346 static void 3347 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 3348 { 3349 struct rb_node **new = &(root->rb_node), *parent = NULL; 3350 struct nfs4_client *clp; 3351 3352 while (*new) { 3353 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 3354 parent = *new; 3355 3356 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 3357 new = &((*new)->rb_left); 3358 else 3359 new = &((*new)->rb_right); 3360 } 3361 3362 rb_link_node(&new_clp->cl_namenode, parent, new); 3363 rb_insert_color(&new_clp->cl_namenode, root); 3364 } 3365 3366 static struct nfs4_client * 3367 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 3368 { 3369 int cmp; 3370 struct rb_node *node = root->rb_node; 3371 struct nfs4_client *clp; 3372 3373 while (node) { 3374 clp = rb_entry(node, struct nfs4_client, cl_namenode); 3375 cmp = compare_blob(&clp->cl_name, name); 3376 if (cmp > 0) 3377 node = node->rb_left; 3378 else if (cmp < 0) 3379 node = node->rb_right; 3380 else 3381 return clp; 3382 } 3383 return NULL; 3384 } 3385 3386 static void 3387 add_to_unconfirmed(struct nfs4_client *clp) 3388 { 3389 unsigned int idhashval; 3390 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 3391 3392 lockdep_assert_held(&nn->client_lock); 3393 3394 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 3395 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 3396 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 3397 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 3398 renew_client_locked(clp); 3399 } 3400 3401 static void 3402 move_to_confirmed(struct nfs4_client *clp) 3403 { 3404 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 3405 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 3406 3407 lockdep_assert_held(&nn->client_lock); 3408 3409 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 3410 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 3411 add_clp_to_name_tree(clp, &nn->conf_name_tree); 3412 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 3413 trace_nfsd_clid_confirmed(&clp->cl_clientid); 3414 renew_client_locked(clp); 3415 } 3416 3417 static struct nfs4_client * 3418 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 3419 { 3420 struct nfs4_client *clp; 3421 unsigned int idhashval = clientid_hashval(clid->cl_id); 3422 3423 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 3424 if (same_clid(&clp->cl_clientid, clid)) { 3425 if ((bool)clp->cl_minorversion != sessions) 3426 return NULL; 3427 renew_client_locked(clp); 3428 return clp; 3429 } 3430 } 3431 return NULL; 3432 } 3433 3434 static struct nfs4_client * 3435 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 3436 { 3437 struct list_head *tbl = nn->conf_id_hashtbl; 3438 3439 lockdep_assert_held(&nn->client_lock); 3440 return find_client_in_id_table(tbl, clid, sessions); 3441 } 3442 3443 static struct nfs4_client * 3444 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 3445 { 3446 struct list_head *tbl = nn->unconf_id_hashtbl; 3447 3448 lockdep_assert_held(&nn->client_lock); 3449 return find_client_in_id_table(tbl, clid, sessions); 3450 } 3451 3452 static bool clp_used_exchangeid(struct nfs4_client *clp) 3453 { 3454 return clp->cl_exchange_flags != 0; 3455 } 3456 3457 static struct nfs4_client * 3458 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 3459 { 3460 lockdep_assert_held(&nn->client_lock); 3461 return find_clp_in_name_tree(name, &nn->conf_name_tree); 3462 } 3463 3464 static struct nfs4_client * 3465 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 3466 { 3467 lockdep_assert_held(&nn->client_lock); 3468 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 3469 } 3470 3471 static void 3472 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 3473 { 3474 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 3475 struct sockaddr *sa = svc_addr(rqstp); 3476 u32 scopeid = rpc_get_scope_id(sa); 3477 unsigned short expected_family; 3478 3479 /* Currently, we only support tcp and tcp6 for the callback channel */ 3480 if (se->se_callback_netid_len == 3 && 3481 !memcmp(se->se_callback_netid_val, "tcp", 3)) 3482 expected_family = AF_INET; 3483 else if (se->se_callback_netid_len == 4 && 3484 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 3485 expected_family = AF_INET6; 3486 else 3487 goto out_err; 3488 3489 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 3490 se->se_callback_addr_len, 3491 (struct sockaddr *)&conn->cb_addr, 3492 sizeof(conn->cb_addr)); 3493 3494 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 3495 goto out_err; 3496 3497 if (conn->cb_addr.ss_family == AF_INET6) 3498 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 3499 3500 conn->cb_prog = se->se_callback_prog; 3501 conn->cb_ident = se->se_callback_ident; 3502 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 3503 trace_nfsd_cb_args(clp, conn); 3504 return; 3505 out_err: 3506 conn->cb_addr.ss_family = AF_UNSPEC; 3507 conn->cb_addrlen = 0; 3508 trace_nfsd_cb_nodelegs(clp); 3509 return; 3510 } 3511 3512 /* 3513 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 3514 */ 3515 static void 3516 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 3517 { 3518 struct xdr_buf *buf = resp->xdr->buf; 3519 struct nfsd4_slot *slot = resp->cstate.slot; 3520 unsigned int base; 3521 3522 /* 3523 * RFC 5661 Section 2.10.6.1.2: 3524 * 3525 * Any time SEQUENCE ... returns an error ... [t]he replier MUST NOT 3526 * modify the reply cache entry for the slot whenever an error is 3527 * returned from SEQUENCE ... 3528 * 3529 * Because nfsd4_store_cache_entry is called only by 3530 * nfsd4_sequence_done(), nfsd4_store_cache_entry() is called only 3531 * when a SEQUENCE operation was part of the COMPOUND. 3532 * nfs41_check_op_ordering() ensures SEQUENCE is the first op. 3533 */ 3534 if (resp->opcnt == 1 && resp->cstate.status != nfs_ok) 3535 return; 3536 3537 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 3538 slot->sl_opcnt = resp->opcnt; 3539 slot->sl_status = resp->cstate.status; 3540 free_svc_cred(&slot->sl_cred); 3541 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 3542 3543 if (!(resp->cstate.slot->sl_flags & NFSD4_SLOT_CACHETHIS)) { 3544 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 3545 return; 3546 } 3547 slot->sl_flags |= NFSD4_SLOT_CACHED; 3548 3549 base = resp->cstate.data_offset; 3550 slot->sl_datalen = buf->len - base; 3551 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 3552 WARN(1, "%s: sessions DRC could not cache compound\n", 3553 __func__); 3554 return; 3555 } 3556 3557 /* 3558 * The sequence operation is not cached because we can use the slot and 3559 * session values. 3560 */ 3561 static __be32 3562 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 3563 struct nfsd4_sequence *seq) 3564 { 3565 struct nfsd4_compoundargs *args = resp->rqstp->rq_argp; 3566 struct nfsd4_slot *slot = resp->cstate.slot; 3567 struct xdr_stream *xdr = resp->xdr; 3568 __be32 *p; 3569 3570 dprintk("--> %s slot %p\n", __func__, slot); 3571 3572 /* Always encode the SEQUENCE response. */ 3573 nfsd4_encode_operation(resp, &args->ops[0]); 3574 if (args->opcnt == 1) 3575 /* A solo SEQUENCE - nothing was cached */ 3576 return args->ops[0].status; 3577 3578 if (!(slot->sl_flags & NFSD4_SLOT_CACHED)) { 3579 /* We weren't asked to cache this. */ 3580 struct nfsd4_op *op; 3581 3582 op = &args->ops[resp->opcnt++]; 3583 op->status = nfserr_retry_uncached_rep; 3584 nfsd4_encode_operation(resp, op); 3585 return op->status; 3586 } 3587 3588 /* return reply from cache */ 3589 p = xdr_reserve_space(xdr, slot->sl_datalen); 3590 if (!p) { 3591 WARN_ON_ONCE(1); 3592 return nfserr_serverfault; 3593 } 3594 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 3595 xdr_commit_encode(xdr); 3596 3597 resp->opcnt = slot->sl_opcnt; 3598 return slot->sl_status; 3599 } 3600 3601 /* 3602 * Set the exchange_id flags returned by the server. 3603 */ 3604 static void 3605 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 3606 { 3607 #ifdef CONFIG_NFSD_PNFS 3608 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 3609 #else 3610 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 3611 #endif 3612 3613 /* Referrals are supported, Migration is not. */ 3614 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 3615 3616 /* set the wire flags to return to client. */ 3617 clid->flags = new->cl_exchange_flags; 3618 } 3619 3620 static bool client_has_openowners(struct nfs4_client *clp) 3621 { 3622 struct nfs4_openowner *oo; 3623 3624 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 3625 if (!list_empty(&oo->oo_owner.so_stateids)) 3626 return true; 3627 } 3628 return false; 3629 } 3630 3631 static bool client_has_state(struct nfs4_client *clp) 3632 { 3633 return client_has_openowners(clp) 3634 #ifdef CONFIG_NFSD_PNFS 3635 || !list_empty(&clp->cl_lo_states) 3636 #endif 3637 || !list_empty(&clp->cl_delegations) 3638 || !list_empty(&clp->cl_sessions) 3639 || nfsd4_has_active_async_copies(clp); 3640 } 3641 3642 static __be32 copy_impl_id(struct nfs4_client *clp, 3643 struct nfsd4_exchange_id *exid) 3644 { 3645 if (!exid->nii_domain.data) 3646 return 0; 3647 xdr_netobj_dup(&clp->cl_nii_domain, &exid->nii_domain, GFP_KERNEL); 3648 if (!clp->cl_nii_domain.data) 3649 return nfserr_jukebox; 3650 xdr_netobj_dup(&clp->cl_nii_name, &exid->nii_name, GFP_KERNEL); 3651 if (!clp->cl_nii_name.data) 3652 return nfserr_jukebox; 3653 clp->cl_nii_time = exid->nii_time; 3654 return 0; 3655 } 3656 3657 __be32 3658 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3659 union nfsd4_op_u *u) 3660 { 3661 struct nfsd4_exchange_id *exid = &u->exchange_id; 3662 struct nfs4_client *conf, *new; 3663 struct nfs4_client *unconf = NULL; 3664 __be32 status; 3665 char addr_str[INET6_ADDRSTRLEN]; 3666 nfs4_verifier verf = exid->verifier; 3667 struct sockaddr *sa = svc_addr(rqstp); 3668 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 3669 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3670 3671 rpc_ntop(sa, addr_str, sizeof(addr_str)); 3672 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 3673 "ip_addr=%s flags %x, spa_how %u\n", 3674 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 3675 addr_str, exid->flags, exid->spa_how); 3676 3677 exid->server_impl_name = kasprintf(GFP_KERNEL, "%s %s %s %s", 3678 utsname()->sysname, utsname()->release, 3679 utsname()->version, utsname()->machine); 3680 if (!exid->server_impl_name) 3681 return nfserr_jukebox; 3682 3683 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 3684 return nfserr_inval; 3685 3686 new = create_client(exid->clname, rqstp, &verf); 3687 if (new == NULL) 3688 return nfserr_jukebox; 3689 status = copy_impl_id(new, exid); 3690 if (status) 3691 goto out_nolock; 3692 3693 switch (exid->spa_how) { 3694 case SP4_MACH_CRED: 3695 exid->spo_must_enforce[0] = 0; 3696 exid->spo_must_enforce[1] = ( 3697 1 << (OP_BIND_CONN_TO_SESSION - 32) | 3698 1 << (OP_EXCHANGE_ID - 32) | 3699 1 << (OP_CREATE_SESSION - 32) | 3700 1 << (OP_DESTROY_SESSION - 32) | 3701 1 << (OP_DESTROY_CLIENTID - 32)); 3702 3703 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 3704 1 << (OP_OPEN_DOWNGRADE) | 3705 1 << (OP_LOCKU) | 3706 1 << (OP_DELEGRETURN)); 3707 3708 exid->spo_must_allow[1] &= ( 3709 1 << (OP_TEST_STATEID - 32) | 3710 1 << (OP_FREE_STATEID - 32)); 3711 if (!svc_rqst_integrity_protected(rqstp)) { 3712 status = nfserr_inval; 3713 goto out_nolock; 3714 } 3715 /* 3716 * Sometimes userspace doesn't give us a principal. 3717 * Which is a bug, really. Anyway, we can't enforce 3718 * MACH_CRED in that case, better to give up now: 3719 */ 3720 if (!new->cl_cred.cr_principal && 3721 !new->cl_cred.cr_raw_principal) { 3722 status = nfserr_serverfault; 3723 goto out_nolock; 3724 } 3725 new->cl_mach_cred = true; 3726 break; 3727 case SP4_NONE: 3728 break; 3729 default: /* checked by xdr code */ 3730 WARN_ON_ONCE(1); 3731 fallthrough; 3732 case SP4_SSV: 3733 status = nfserr_encr_alg_unsupp; 3734 goto out_nolock; 3735 } 3736 3737 /* Cases below refer to rfc 5661 section 18.35.4: */ 3738 spin_lock(&nn->client_lock); 3739 conf = find_confirmed_client_by_name(&exid->clname, nn); 3740 if (conf) { 3741 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 3742 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 3743 3744 if (update) { 3745 if (!clp_used_exchangeid(conf)) { /* buggy client */ 3746 status = nfserr_inval; 3747 goto out; 3748 } 3749 if (!nfsd4_mach_creds_match(conf, rqstp)) { 3750 status = nfserr_wrong_cred; 3751 goto out; 3752 } 3753 if (!creds_match) { /* case 9 */ 3754 status = nfserr_perm; 3755 goto out; 3756 } 3757 if (!verfs_match) { /* case 8 */ 3758 status = nfserr_not_same; 3759 goto out; 3760 } 3761 /* case 6 */ 3762 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 3763 trace_nfsd_clid_confirmed_r(conf); 3764 goto out_copy; 3765 } 3766 if (!creds_match) { /* case 3 */ 3767 if (client_has_state(conf)) { 3768 status = nfserr_clid_inuse; 3769 trace_nfsd_clid_cred_mismatch(conf, rqstp); 3770 goto out; 3771 } 3772 goto out_new; 3773 } 3774 if (verfs_match) { /* case 2 */ 3775 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 3776 trace_nfsd_clid_confirmed_r(conf); 3777 goto out_copy; 3778 } 3779 /* case 5, client reboot */ 3780 trace_nfsd_clid_verf_mismatch(conf, rqstp, &verf); 3781 conf = NULL; 3782 goto out_new; 3783 } 3784 3785 if (update) { /* case 7 */ 3786 status = nfserr_noent; 3787 goto out; 3788 } 3789 3790 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 3791 if (unconf) /* case 4, possible retry or client restart */ 3792 unhash_client_locked(unconf); 3793 3794 /* case 1, new owner ID */ 3795 trace_nfsd_clid_fresh(new); 3796 3797 out_new: 3798 if (conf) { 3799 status = mark_client_expired_locked(conf); 3800 if (status) 3801 goto out; 3802 trace_nfsd_clid_replaced(&conf->cl_clientid); 3803 } 3804 new->cl_minorversion = cstate->minorversion; 3805 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 3806 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 3807 3808 /* Contrived initial CREATE_SESSION response */ 3809 new->cl_cs_slot.sl_status = nfserr_seq_misordered; 3810 3811 add_to_unconfirmed(new); 3812 swap(new, conf); 3813 out_copy: 3814 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 3815 exid->clientid.cl_id = conf->cl_clientid.cl_id; 3816 3817 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 3818 nfsd4_set_ex_flags(conf, exid); 3819 3820 exid->nii_domain.len = sizeof("kernel.org") - 1; 3821 exid->nii_domain.data = "kernel.org"; 3822 3823 /* 3824 * Note that RFC 8881 places no length limit on 3825 * nii_name, but this implementation permits no 3826 * more than NFS4_OPAQUE_LIMIT bytes. 3827 */ 3828 exid->nii_name.len = strlen(exid->server_impl_name); 3829 if (exid->nii_name.len > NFS4_OPAQUE_LIMIT) 3830 exid->nii_name.len = NFS4_OPAQUE_LIMIT; 3831 exid->nii_name.data = exid->server_impl_name; 3832 3833 /* just send zeros - the date is in nii_name */ 3834 exid->nii_time.tv_sec = 0; 3835 exid->nii_time.tv_nsec = 0; 3836 3837 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 3838 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 3839 status = nfs_ok; 3840 3841 out: 3842 spin_unlock(&nn->client_lock); 3843 out_nolock: 3844 if (new) 3845 expire_client(new); 3846 if (unconf) { 3847 trace_nfsd_clid_expire_unconf(&unconf->cl_clientid); 3848 expire_client(unconf); 3849 } 3850 return status; 3851 } 3852 3853 void 3854 nfsd4_exchange_id_release(union nfsd4_op_u *u) 3855 { 3856 struct nfsd4_exchange_id *exid = &u->exchange_id; 3857 3858 kfree(exid->server_impl_name); 3859 } 3860 3861 static __be32 check_slot_seqid(u32 seqid, u32 slot_seqid, u8 flags) 3862 { 3863 /* The slot is in use, and no response has been sent. */ 3864 if (flags & NFSD4_SLOT_INUSE) { 3865 if (seqid == slot_seqid) 3866 return nfserr_jukebox; 3867 else 3868 return nfserr_seq_misordered; 3869 } 3870 /* Note unsigned 32-bit arithmetic handles wraparound: */ 3871 if (likely(seqid == slot_seqid + 1)) 3872 return nfs_ok; 3873 if ((flags & NFSD4_SLOT_REUSED) && seqid == 1) 3874 return nfs_ok; 3875 if (seqid == slot_seqid) 3876 return nfserr_replay_cache; 3877 return nfserr_seq_misordered; 3878 } 3879 3880 /* 3881 * Cache the create session result into the create session single DRC 3882 * slot cache by saving the xdr structure. sl_seqid has been set. 3883 * Do this for solo or embedded create session operations. 3884 */ 3885 static void 3886 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 3887 struct nfsd4_clid_slot *slot, __be32 nfserr) 3888 { 3889 slot->sl_status = nfserr; 3890 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 3891 } 3892 3893 static __be32 3894 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 3895 struct nfsd4_clid_slot *slot) 3896 { 3897 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 3898 return slot->sl_status; 3899 } 3900 3901 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 3902 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 3903 1 + /* MIN tag is length with zero, only length */ \ 3904 3 + /* version, opcount, opcode */ \ 3905 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3906 /* seqid, slotID, slotID, cache */ \ 3907 4 ) * sizeof(__be32)) 3908 3909 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 3910 2 + /* verifier: AUTH_NULL, length 0 */\ 3911 1 + /* status */ \ 3912 1 + /* MIN tag is length with zero, only length */ \ 3913 3 + /* opcount, opcode, opstatus*/ \ 3914 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3915 /* seqid, slotID, slotID, slotID, status */ \ 3916 5 ) * sizeof(__be32)) 3917 3918 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 3919 { 3920 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 3921 3922 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 3923 return nfserr_toosmall; 3924 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 3925 return nfserr_toosmall; 3926 ca->headerpadsz = 0; 3927 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 3928 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 3929 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 3930 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 3931 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 3932 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 3933 3934 return nfs_ok; 3935 } 3936 3937 /* 3938 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 3939 * These are based on similar macros in linux/sunrpc/msg_prot.h . 3940 */ 3941 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 3942 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 3943 3944 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 3945 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 3946 3947 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 3948 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 3949 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 3950 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 3951 sizeof(__be32)) 3952 3953 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 3954 { 3955 ca->headerpadsz = 0; 3956 3957 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 3958 return nfserr_toosmall; 3959 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 3960 return nfserr_toosmall; 3961 ca->maxresp_cached = 0; 3962 if (ca->maxops < 2) 3963 return nfserr_toosmall; 3964 3965 return nfs_ok; 3966 } 3967 3968 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 3969 { 3970 switch (cbs->flavor) { 3971 case RPC_AUTH_NULL: 3972 case RPC_AUTH_UNIX: 3973 return nfs_ok; 3974 default: 3975 /* 3976 * GSS case: the spec doesn't allow us to return this 3977 * error. But it also doesn't allow us not to support 3978 * GSS. 3979 * I'd rather this fail hard than return some error the 3980 * client might think it can already handle: 3981 */ 3982 return nfserr_encr_alg_unsupp; 3983 } 3984 } 3985 3986 __be32 3987 nfsd4_create_session(struct svc_rqst *rqstp, 3988 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3989 { 3990 struct nfsd4_create_session *cr_ses = &u->create_session; 3991 struct sockaddr *sa = svc_addr(rqstp); 3992 struct nfs4_client *conf, *unconf; 3993 struct nfsd4_clid_slot *cs_slot; 3994 struct nfs4_client *old = NULL; 3995 struct nfsd4_session *new; 3996 struct nfsd4_conn *conn; 3997 __be32 status = 0; 3998 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3999 4000 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 4001 return nfserr_inval; 4002 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 4003 if (status) 4004 return status; 4005 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 4006 if (status) 4007 return status; 4008 status = check_backchannel_attrs(&cr_ses->back_channel); 4009 if (status) 4010 goto out_err; 4011 status = nfserr_jukebox; 4012 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 4013 if (!new) 4014 goto out_err; 4015 conn = alloc_conn_from_crses(rqstp, cr_ses); 4016 if (!conn) 4017 goto out_free_session; 4018 4019 spin_lock(&nn->client_lock); 4020 4021 /* RFC 8881 Section 18.36.4 Phase 1: Client record look-up. */ 4022 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 4023 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 4024 if (!conf && !unconf) { 4025 status = nfserr_stale_clientid; 4026 goto out_free_conn; 4027 } 4028 4029 /* RFC 8881 Section 18.36.4 Phase 2: Sequence ID processing. */ 4030 if (conf) { 4031 cs_slot = &conf->cl_cs_slot; 4032 trace_nfsd_slot_seqid_conf(conf, cr_ses); 4033 } else { 4034 cs_slot = &unconf->cl_cs_slot; 4035 trace_nfsd_slot_seqid_unconf(unconf, cr_ses); 4036 } 4037 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 4038 switch (status) { 4039 case nfs_ok: 4040 cs_slot->sl_seqid++; 4041 cr_ses->seqid = cs_slot->sl_seqid; 4042 break; 4043 case nfserr_replay_cache: 4044 status = nfsd4_replay_create_session(cr_ses, cs_slot); 4045 fallthrough; 4046 case nfserr_jukebox: 4047 /* The server MUST NOT cache NFS4ERR_DELAY */ 4048 goto out_free_conn; 4049 default: 4050 goto out_cache_error; 4051 } 4052 4053 /* RFC 8881 Section 18.36.4 Phase 3: Client ID confirmation. */ 4054 if (conf) { 4055 status = nfserr_wrong_cred; 4056 if (!nfsd4_mach_creds_match(conf, rqstp)) 4057 goto out_cache_error; 4058 } else { 4059 status = nfserr_clid_inuse; 4060 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 4061 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 4062 trace_nfsd_clid_cred_mismatch(unconf, rqstp); 4063 goto out_cache_error; 4064 } 4065 status = nfserr_wrong_cred; 4066 if (!nfsd4_mach_creds_match(unconf, rqstp)) 4067 goto out_cache_error; 4068 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 4069 if (old) { 4070 status = mark_client_expired_locked(old); 4071 if (status) 4072 goto out_expired_error; 4073 trace_nfsd_clid_replaced(&old->cl_clientid); 4074 } 4075 move_to_confirmed(unconf); 4076 conf = unconf; 4077 } 4078 4079 /* RFC 8881 Section 18.36.4 Phase 4: Session creation. */ 4080 status = nfs_ok; 4081 /* Persistent sessions are not supported */ 4082 cr_ses->flags &= ~SESSION4_PERSIST; 4083 /* Upshifting from TCP to RDMA is not supported */ 4084 cr_ses->flags &= ~SESSION4_RDMA; 4085 /* Report the correct number of backchannel slots */ 4086 cr_ses->back_channel.maxreqs = new->se_cb_highest_slot + 1; 4087 4088 init_session(rqstp, new, conf, cr_ses); 4089 nfsd4_get_session_locked(new); 4090 4091 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 4092 NFS4_MAX_SESSIONID_LEN); 4093 4094 /* cache solo and embedded create sessions under the client_lock */ 4095 nfsd4_cache_create_session(cr_ses, cs_slot, status); 4096 spin_unlock(&nn->client_lock); 4097 if (conf == unconf) 4098 fsnotify_dentry(conf->cl_nfsd_info_dentry, FS_MODIFY); 4099 /* init connection and backchannel */ 4100 nfsd4_init_conn(rqstp, conn, new); 4101 nfsd4_put_session(new); 4102 if (old) 4103 expire_client(old); 4104 return status; 4105 4106 out_expired_error: 4107 /* 4108 * Revert the slot seq_nr change so the server will process 4109 * the client's resend instead of returning a cached response. 4110 */ 4111 if (status == nfserr_jukebox) { 4112 cs_slot->sl_seqid--; 4113 cr_ses->seqid = cs_slot->sl_seqid; 4114 goto out_free_conn; 4115 } 4116 out_cache_error: 4117 nfsd4_cache_create_session(cr_ses, cs_slot, status); 4118 out_free_conn: 4119 spin_unlock(&nn->client_lock); 4120 free_conn(conn); 4121 out_free_session: 4122 __free_session(new); 4123 out_err: 4124 return status; 4125 } 4126 4127 static __be32 nfsd4_map_bcts_dir(u32 *dir) 4128 { 4129 switch (*dir) { 4130 case NFS4_CDFC4_FORE: 4131 case NFS4_CDFC4_BACK: 4132 return nfs_ok; 4133 case NFS4_CDFC4_FORE_OR_BOTH: 4134 case NFS4_CDFC4_BACK_OR_BOTH: 4135 *dir = NFS4_CDFC4_BOTH; 4136 return nfs_ok; 4137 } 4138 return nfserr_inval; 4139 } 4140 4141 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 4142 struct nfsd4_compound_state *cstate, 4143 union nfsd4_op_u *u) 4144 { 4145 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 4146 struct nfsd4_session *session = cstate->session; 4147 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4148 __be32 status; 4149 4150 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 4151 if (status) 4152 return status; 4153 spin_lock(&nn->client_lock); 4154 session->se_cb_prog = bc->bc_cb_program; 4155 session->se_cb_sec = bc->bc_cb_sec; 4156 spin_unlock(&nn->client_lock); 4157 4158 nfsd4_probe_callback(session->se_client); 4159 4160 return nfs_ok; 4161 } 4162 4163 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 4164 { 4165 struct nfsd4_conn *c; 4166 4167 list_for_each_entry(c, &s->se_conns, cn_persession) { 4168 if (c->cn_xprt == xpt) { 4169 return c; 4170 } 4171 } 4172 return NULL; 4173 } 4174 4175 static __be32 nfsd4_match_existing_connection(struct svc_rqst *rqst, 4176 struct nfsd4_session *session, u32 req, struct nfsd4_conn **conn) 4177 { 4178 struct nfs4_client *clp = session->se_client; 4179 struct svc_xprt *xpt = rqst->rq_xprt; 4180 struct nfsd4_conn *c; 4181 __be32 status; 4182 4183 /* Following the last paragraph of RFC 5661 Section 18.34.3: */ 4184 spin_lock(&clp->cl_lock); 4185 c = __nfsd4_find_conn(xpt, session); 4186 if (!c) 4187 status = nfserr_noent; 4188 else if (req == c->cn_flags) 4189 status = nfs_ok; 4190 else if (req == NFS4_CDFC4_FORE_OR_BOTH && 4191 c->cn_flags != NFS4_CDFC4_BACK) 4192 status = nfs_ok; 4193 else if (req == NFS4_CDFC4_BACK_OR_BOTH && 4194 c->cn_flags != NFS4_CDFC4_FORE) 4195 status = nfs_ok; 4196 else 4197 status = nfserr_inval; 4198 spin_unlock(&clp->cl_lock); 4199 if (status == nfs_ok && conn) 4200 *conn = c; 4201 return status; 4202 } 4203 4204 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 4205 struct nfsd4_compound_state *cstate, 4206 union nfsd4_op_u *u) 4207 { 4208 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 4209 __be32 status; 4210 struct nfsd4_conn *conn; 4211 struct nfsd4_session *session; 4212 struct net *net = SVC_NET(rqstp); 4213 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4214 4215 if (!nfsd4_last_compound_op(rqstp)) 4216 return nfserr_not_only_op; 4217 spin_lock(&nn->client_lock); 4218 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 4219 spin_unlock(&nn->client_lock); 4220 if (!session) 4221 goto out_no_session; 4222 status = nfserr_wrong_cred; 4223 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 4224 goto out; 4225 status = nfsd4_match_existing_connection(rqstp, session, 4226 bcts->dir, &conn); 4227 if (status == nfs_ok) { 4228 if (bcts->dir == NFS4_CDFC4_FORE_OR_BOTH || 4229 bcts->dir == NFS4_CDFC4_BACK) 4230 conn->cn_flags |= NFS4_CDFC4_BACK; 4231 nfsd4_probe_callback(session->se_client); 4232 goto out; 4233 } 4234 if (status == nfserr_inval) 4235 goto out; 4236 status = nfsd4_map_bcts_dir(&bcts->dir); 4237 if (status) 4238 goto out; 4239 conn = alloc_conn(rqstp, bcts->dir); 4240 status = nfserr_jukebox; 4241 if (!conn) 4242 goto out; 4243 nfsd4_init_conn(rqstp, conn, session); 4244 status = nfs_ok; 4245 out: 4246 nfsd4_put_session(session); 4247 out_no_session: 4248 return status; 4249 } 4250 4251 static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid) 4252 { 4253 if (!cstate->session) 4254 return false; 4255 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid)); 4256 } 4257 4258 __be32 4259 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 4260 union nfsd4_op_u *u) 4261 { 4262 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid; 4263 struct nfsd4_session *ses; 4264 __be32 status; 4265 int ref_held_by_me = 0; 4266 struct net *net = SVC_NET(r); 4267 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4268 4269 status = nfserr_not_only_op; 4270 if (nfsd4_compound_in_session(cstate, sessionid)) { 4271 if (!nfsd4_last_compound_op(r)) 4272 goto out; 4273 ref_held_by_me++; 4274 } 4275 dump_sessionid(__func__, sessionid); 4276 spin_lock(&nn->client_lock); 4277 ses = find_in_sessionid_hashtbl(sessionid, net, &status); 4278 if (!ses) 4279 goto out_client_lock; 4280 status = nfserr_wrong_cred; 4281 if (!nfsd4_mach_creds_match(ses->se_client, r)) 4282 goto out_put_session; 4283 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 4284 if (status) 4285 goto out_put_session; 4286 unhash_session(ses); 4287 spin_unlock(&nn->client_lock); 4288 4289 nfsd4_probe_callback_sync(ses->se_client); 4290 4291 spin_lock(&nn->client_lock); 4292 status = nfs_ok; 4293 out_put_session: 4294 nfsd4_put_session_locked(ses); 4295 out_client_lock: 4296 spin_unlock(&nn->client_lock); 4297 out: 4298 return status; 4299 } 4300 4301 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 4302 { 4303 struct nfs4_client *clp = ses->se_client; 4304 struct nfsd4_conn *c; 4305 __be32 status = nfs_ok; 4306 int ret; 4307 4308 spin_lock(&clp->cl_lock); 4309 c = __nfsd4_find_conn(new->cn_xprt, ses); 4310 if (c) 4311 goto out_free; 4312 status = nfserr_conn_not_bound_to_session; 4313 if (clp->cl_mach_cred) 4314 goto out_free; 4315 __nfsd4_hash_conn(new, ses); 4316 spin_unlock(&clp->cl_lock); 4317 ret = nfsd4_register_conn(new); 4318 if (ret) 4319 /* oops; xprt is already down: */ 4320 nfsd4_conn_lost(&new->cn_xpt_user); 4321 return nfs_ok; 4322 out_free: 4323 spin_unlock(&clp->cl_lock); 4324 free_conn(new); 4325 return status; 4326 } 4327 4328 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 4329 { 4330 struct nfsd4_compoundargs *args = rqstp->rq_argp; 4331 4332 return args->opcnt > session->se_fchannel.maxops; 4333 } 4334 4335 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 4336 struct nfsd4_session *session) 4337 { 4338 struct xdr_buf *xb = &rqstp->rq_arg; 4339 4340 return xb->len > session->se_fchannel.maxreq_sz; 4341 } 4342 4343 static bool replay_matches_cache(struct svc_rqst *rqstp, 4344 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 4345 { 4346 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 4347 4348 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 4349 (bool)seq->cachethis) 4350 return false; 4351 /* 4352 * If there's an error then the reply can have fewer ops than 4353 * the call. 4354 */ 4355 if (slot->sl_opcnt < argp->opcnt && !slot->sl_status) 4356 return false; 4357 /* 4358 * But if we cached a reply with *more* ops than the call you're 4359 * sending us now, then this new call is clearly not really a 4360 * replay of the old one: 4361 */ 4362 if (slot->sl_opcnt > argp->opcnt) 4363 return false; 4364 /* This is the only check explicitly called by spec: */ 4365 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 4366 return false; 4367 /* 4368 * There may be more comparisons we could actually do, but the 4369 * spec doesn't require us to catch every case where the calls 4370 * don't match (that would require caching the call as well as 4371 * the reply), so we don't bother. 4372 */ 4373 return true; 4374 } 4375 4376 /* 4377 * Note that the response is constructed here both for the case 4378 * of a new SEQUENCE request and for a replayed SEQUENCE request. 4379 * We do not cache SEQUENCE responses as SEQUENCE is idempotent. 4380 */ 4381 static void nfsd4_construct_sequence_response(struct nfsd4_session *session, 4382 struct nfsd4_sequence *seq) 4383 { 4384 struct nfs4_client *clp = session->se_client; 4385 4386 seq->maxslots_response = max(session->se_target_maxslots, 4387 seq->maxslots); 4388 seq->target_maxslots = session->se_target_maxslots; 4389 4390 switch (clp->cl_cb_state) { 4391 case NFSD4_CB_DOWN: 4392 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 4393 break; 4394 case NFSD4_CB_FAULT: 4395 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 4396 break; 4397 default: 4398 seq->status_flags = 0; 4399 } 4400 if (!list_empty(&clp->cl_revoked)) 4401 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 4402 if (atomic_read(&clp->cl_admin_revoked)) 4403 seq->status_flags |= SEQ4_STATUS_ADMIN_STATE_REVOKED; 4404 } 4405 4406 __be32 4407 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4408 union nfsd4_op_u *u) 4409 { 4410 struct nfsd4_sequence *seq = &u->sequence; 4411 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4412 struct xdr_stream *xdr = resp->xdr; 4413 struct nfsd4_session *session; 4414 struct nfs4_client *clp; 4415 struct nfsd4_slot *slot; 4416 struct nfsd4_conn *conn; 4417 __be32 status; 4418 int buflen; 4419 struct net *net = SVC_NET(rqstp); 4420 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4421 4422 if (resp->opcnt != 1) 4423 return nfserr_sequence_pos; 4424 4425 /* 4426 * Will be either used or freed by nfsd4_sequence_check_conn 4427 * below. 4428 */ 4429 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 4430 if (!conn) 4431 return nfserr_jukebox; 4432 4433 spin_lock(&nn->client_lock); 4434 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 4435 if (!session) 4436 goto out_no_session; 4437 clp = session->se_client; 4438 4439 status = nfserr_too_many_ops; 4440 if (nfsd4_session_too_many_ops(rqstp, session)) 4441 goto out_put_session; 4442 4443 status = nfserr_req_too_big; 4444 if (nfsd4_request_too_big(rqstp, session)) 4445 goto out_put_session; 4446 4447 status = nfserr_badslot; 4448 if (seq->slotid >= session->se_fchannel.maxreqs) 4449 goto out_put_session; 4450 4451 slot = xa_load(&session->se_slots, seq->slotid); 4452 dprintk("%s: slotid %d\n", __func__, seq->slotid); 4453 4454 trace_nfsd_slot_seqid_sequence(clp, seq, slot); 4455 4456 nfsd4_construct_sequence_response(session, seq); 4457 4458 status = check_slot_seqid(seq->seqid, slot->sl_seqid, slot->sl_flags); 4459 if (status == nfserr_replay_cache) { 4460 status = nfserr_seq_misordered; 4461 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 4462 goto out_put_session; 4463 status = nfserr_seq_false_retry; 4464 if (!replay_matches_cache(rqstp, seq, slot)) 4465 goto out_put_session; 4466 cstate->slot = slot; 4467 cstate->session = session; 4468 cstate->clp = clp; 4469 /* Return the cached reply status and set cstate->status 4470 * for nfsd4_proc_compound processing */ 4471 status = nfsd4_replay_cache_entry(resp, seq); 4472 cstate->status = nfserr_replay_cache; 4473 goto out; 4474 } 4475 if (status) 4476 goto out_put_session; 4477 4478 status = nfsd4_sequence_check_conn(conn, session); 4479 conn = NULL; 4480 if (status) 4481 goto out_put_session; 4482 4483 if (session->se_target_maxslots < session->se_fchannel.maxreqs && 4484 slot->sl_generation == session->se_slot_gen && 4485 seq->maxslots <= session->se_target_maxslots) 4486 /* Client acknowledged our reduce maxreqs */ 4487 free_session_slots(session, session->se_target_maxslots); 4488 4489 buflen = (seq->cachethis) ? 4490 session->se_fchannel.maxresp_cached : 4491 session->se_fchannel.maxresp_sz; 4492 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 4493 nfserr_rep_too_big; 4494 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 4495 goto out_put_session; 4496 svc_reserve_auth(rqstp, buflen); 4497 4498 status = nfs_ok; 4499 /* Success! accept new slot seqid */ 4500 slot->sl_seqid = seq->seqid; 4501 slot->sl_flags &= ~NFSD4_SLOT_REUSED; 4502 slot->sl_flags |= NFSD4_SLOT_INUSE; 4503 slot->sl_generation = session->se_slot_gen; 4504 if (seq->cachethis) 4505 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 4506 else 4507 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 4508 4509 cstate->slot = slot; 4510 cstate->session = session; 4511 cstate->clp = clp; 4512 4513 /* 4514 * If the client ever uses the highest available slot, 4515 * gently try to allocate another 20%. This allows 4516 * fairly quick growth without grossly over-shooting what 4517 * the client might use. 4518 */ 4519 if (seq->slotid == session->se_fchannel.maxreqs - 1 && 4520 session->se_target_maxslots >= session->se_fchannel.maxreqs && 4521 session->se_fchannel.maxreqs < NFSD_MAX_SLOTS_PER_SESSION) { 4522 int s = session->se_fchannel.maxreqs; 4523 int cnt = DIV_ROUND_UP(s, 5); 4524 void *prev_slot; 4525 4526 do { 4527 /* 4528 * GFP_NOWAIT both allows allocation under a 4529 * spinlock, and only succeeds if there is 4530 * plenty of memory. 4531 */ 4532 slot = nfsd4_alloc_slot(&session->se_fchannel, s, 4533 GFP_NOWAIT); 4534 prev_slot = xa_load(&session->se_slots, s); 4535 if (xa_is_value(prev_slot) && slot) { 4536 slot->sl_seqid = xa_to_value(prev_slot); 4537 slot->sl_flags |= NFSD4_SLOT_REUSED; 4538 } 4539 if (slot && 4540 !xa_is_err(xa_store(&session->se_slots, s, slot, 4541 GFP_NOWAIT))) { 4542 s += 1; 4543 session->se_fchannel.maxreqs = s; 4544 atomic_add(s - session->se_target_maxslots, 4545 &nfsd_total_target_slots); 4546 session->se_target_maxslots = s; 4547 } else { 4548 kfree(slot); 4549 slot = NULL; 4550 } 4551 } while (slot && --cnt > 0); 4552 } 4553 4554 out: 4555 trace_nfsd_seq4_status(rqstp, seq); 4556 out_no_session: 4557 if (conn) 4558 free_conn(conn); 4559 spin_unlock(&nn->client_lock); 4560 return status; 4561 out_put_session: 4562 nfsd4_put_session_locked(session); 4563 goto out_no_session; 4564 } 4565 4566 void 4567 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 4568 { 4569 struct nfsd4_compound_state *cs = &resp->cstate; 4570 4571 if (nfsd4_has_session(cs)) { 4572 if (cs->status != nfserr_replay_cache) { 4573 nfsd4_store_cache_entry(resp); 4574 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 4575 } 4576 /* Drop session reference that was taken in nfsd4_sequence() */ 4577 nfsd4_put_session(cs->session); 4578 } else if (cs->clp) 4579 put_client_renew(cs->clp); 4580 } 4581 4582 __be32 4583 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 4584 struct nfsd4_compound_state *cstate, 4585 union nfsd4_op_u *u) 4586 { 4587 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 4588 struct nfs4_client *conf, *unconf; 4589 struct nfs4_client *clp = NULL; 4590 __be32 status = 0; 4591 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4592 4593 spin_lock(&nn->client_lock); 4594 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 4595 conf = find_confirmed_client(&dc->clientid, true, nn); 4596 WARN_ON_ONCE(conf && unconf); 4597 4598 if (conf) { 4599 if (client_has_state(conf)) { 4600 status = nfserr_clientid_busy; 4601 goto out; 4602 } 4603 status = mark_client_expired_locked(conf); 4604 if (status) 4605 goto out; 4606 clp = conf; 4607 } else if (unconf) 4608 clp = unconf; 4609 else { 4610 status = nfserr_stale_clientid; 4611 goto out; 4612 } 4613 if (!nfsd4_mach_creds_match(clp, rqstp)) { 4614 clp = NULL; 4615 status = nfserr_wrong_cred; 4616 goto out; 4617 } 4618 trace_nfsd_clid_destroyed(&clp->cl_clientid); 4619 unhash_client_locked(clp); 4620 out: 4621 spin_unlock(&nn->client_lock); 4622 if (clp) 4623 expire_client(clp); 4624 return status; 4625 } 4626 4627 __be32 4628 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 4629 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 4630 { 4631 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 4632 struct nfs4_client *clp = cstate->clp; 4633 __be32 status = 0; 4634 4635 if (rc->rca_one_fs) { 4636 if (!cstate->current_fh.fh_dentry) 4637 return nfserr_nofilehandle; 4638 /* 4639 * We don't take advantage of the rca_one_fs case. 4640 * That's OK, it's optional, we can safely ignore it. 4641 */ 4642 return nfs_ok; 4643 } 4644 4645 status = nfserr_complete_already; 4646 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &clp->cl_flags)) 4647 goto out; 4648 4649 status = nfserr_stale_clientid; 4650 if (is_client_expired(clp)) 4651 /* 4652 * The following error isn't really legal. 4653 * But we only get here if the client just explicitly 4654 * destroyed the client. Surely it no longer cares what 4655 * error it gets back on an operation for the dead 4656 * client. 4657 */ 4658 goto out; 4659 4660 status = nfs_ok; 4661 trace_nfsd_clid_reclaim_complete(&clp->cl_clientid); 4662 nfsd4_client_record_create(clp); 4663 inc_reclaim_complete(clp); 4664 out: 4665 return status; 4666 } 4667 4668 __be32 4669 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4670 union nfsd4_op_u *u) 4671 { 4672 struct nfsd4_setclientid *setclid = &u->setclientid; 4673 struct xdr_netobj clname = setclid->se_name; 4674 nfs4_verifier clverifier = setclid->se_verf; 4675 struct nfs4_client *conf, *new; 4676 struct nfs4_client *unconf = NULL; 4677 __be32 status; 4678 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4679 4680 new = create_client(clname, rqstp, &clverifier); 4681 if (new == NULL) 4682 return nfserr_jukebox; 4683 spin_lock(&nn->client_lock); 4684 conf = find_confirmed_client_by_name(&clname, nn); 4685 if (conf && client_has_state(conf)) { 4686 status = nfserr_clid_inuse; 4687 if (clp_used_exchangeid(conf)) 4688 goto out; 4689 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 4690 trace_nfsd_clid_cred_mismatch(conf, rqstp); 4691 goto out; 4692 } 4693 } 4694 unconf = find_unconfirmed_client_by_name(&clname, nn); 4695 if (unconf) 4696 unhash_client_locked(unconf); 4697 if (conf) { 4698 if (same_verf(&conf->cl_verifier, &clverifier)) { 4699 copy_clid(new, conf); 4700 gen_confirm(new, nn); 4701 } else 4702 trace_nfsd_clid_verf_mismatch(conf, rqstp, 4703 &clverifier); 4704 } else 4705 trace_nfsd_clid_fresh(new); 4706 new->cl_minorversion = 0; 4707 gen_callback(new, setclid, rqstp); 4708 add_to_unconfirmed(new); 4709 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 4710 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 4711 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 4712 new = NULL; 4713 status = nfs_ok; 4714 out: 4715 spin_unlock(&nn->client_lock); 4716 if (new) 4717 free_client(new); 4718 if (unconf) { 4719 trace_nfsd_clid_expire_unconf(&unconf->cl_clientid); 4720 expire_client(unconf); 4721 } 4722 return status; 4723 } 4724 4725 __be32 4726 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 4727 struct nfsd4_compound_state *cstate, 4728 union nfsd4_op_u *u) 4729 { 4730 struct nfsd4_setclientid_confirm *setclientid_confirm = 4731 &u->setclientid_confirm; 4732 struct nfs4_client *conf, *unconf; 4733 struct nfs4_client *old = NULL; 4734 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 4735 clientid_t * clid = &setclientid_confirm->sc_clientid; 4736 __be32 status; 4737 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4738 4739 if (STALE_CLIENTID(clid, nn)) 4740 return nfserr_stale_clientid; 4741 4742 spin_lock(&nn->client_lock); 4743 conf = find_confirmed_client(clid, false, nn); 4744 unconf = find_unconfirmed_client(clid, false, nn); 4745 /* 4746 * We try hard to give out unique clientid's, so if we get an 4747 * attempt to confirm the same clientid with a different cred, 4748 * the client may be buggy; this should never happen. 4749 * 4750 * Nevertheless, RFC 7530 recommends INUSE for this case: 4751 */ 4752 status = nfserr_clid_inuse; 4753 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) { 4754 trace_nfsd_clid_cred_mismatch(unconf, rqstp); 4755 goto out; 4756 } 4757 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 4758 trace_nfsd_clid_cred_mismatch(conf, rqstp); 4759 goto out; 4760 } 4761 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 4762 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 4763 status = nfs_ok; 4764 } else 4765 status = nfserr_stale_clientid; 4766 goto out; 4767 } 4768 status = nfs_ok; 4769 if (conf) { 4770 if (get_client_locked(conf) == nfs_ok) { 4771 old = unconf; 4772 unhash_client_locked(old); 4773 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 4774 } else { 4775 conf = NULL; 4776 } 4777 } 4778 4779 if (!conf) { 4780 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 4781 if (old) { 4782 status = nfserr_clid_inuse; 4783 if (client_has_state(old) 4784 && !same_creds(&unconf->cl_cred, 4785 &old->cl_cred)) { 4786 old = NULL; 4787 goto out; 4788 } 4789 status = mark_client_expired_locked(old); 4790 if (status) { 4791 old = NULL; 4792 goto out; 4793 } 4794 trace_nfsd_clid_replaced(&old->cl_clientid); 4795 } 4796 status = get_client_locked(unconf); 4797 if (status != nfs_ok) { 4798 old = NULL; 4799 goto out; 4800 } 4801 move_to_confirmed(unconf); 4802 conf = unconf; 4803 } 4804 spin_unlock(&nn->client_lock); 4805 if (conf == unconf) 4806 fsnotify_dentry(conf->cl_nfsd_info_dentry, FS_MODIFY); 4807 nfsd4_probe_callback(conf); 4808 spin_lock(&nn->client_lock); 4809 put_client_renew_locked(conf); 4810 out: 4811 spin_unlock(&nn->client_lock); 4812 if (old) 4813 expire_client(old); 4814 return status; 4815 } 4816 4817 static struct nfs4_file *nfsd4_alloc_file(void) 4818 { 4819 return kmem_cache_alloc(file_slab, GFP_KERNEL); 4820 } 4821 4822 /* OPEN Share state helper functions */ 4823 4824 static void nfsd4_file_init(const struct svc_fh *fh, struct nfs4_file *fp) 4825 { 4826 refcount_set(&fp->fi_ref, 1); 4827 spin_lock_init(&fp->fi_lock); 4828 INIT_LIST_HEAD(&fp->fi_stateids); 4829 INIT_LIST_HEAD(&fp->fi_delegations); 4830 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 4831 fh_copy_shallow(&fp->fi_fhandle, &fh->fh_handle); 4832 fp->fi_deleg_file = NULL; 4833 fp->fi_rdeleg_file = NULL; 4834 fp->fi_had_conflict = false; 4835 fp->fi_share_deny = 0; 4836 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 4837 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 4838 fp->fi_aliased = false; 4839 fp->fi_inode = d_inode(fh->fh_dentry); 4840 #ifdef CONFIG_NFSD_PNFS 4841 INIT_LIST_HEAD(&fp->fi_lo_states); 4842 atomic_set(&fp->fi_lo_recalls, 0); 4843 #endif 4844 } 4845 4846 void 4847 nfsd4_free_slabs(void) 4848 { 4849 kmem_cache_destroy(client_slab); 4850 kmem_cache_destroy(openowner_slab); 4851 kmem_cache_destroy(lockowner_slab); 4852 kmem_cache_destroy(file_slab); 4853 kmem_cache_destroy(stateid_slab); 4854 kmem_cache_destroy(deleg_slab); 4855 kmem_cache_destroy(odstate_slab); 4856 } 4857 4858 int 4859 nfsd4_init_slabs(void) 4860 { 4861 client_slab = KMEM_CACHE(nfs4_client, 0); 4862 if (client_slab == NULL) 4863 goto out; 4864 openowner_slab = KMEM_CACHE(nfs4_openowner, 0); 4865 if (openowner_slab == NULL) 4866 goto out_free_client_slab; 4867 lockowner_slab = KMEM_CACHE(nfs4_lockowner, 0); 4868 if (lockowner_slab == NULL) 4869 goto out_free_openowner_slab; 4870 file_slab = KMEM_CACHE(nfs4_file, 0); 4871 if (file_slab == NULL) 4872 goto out_free_lockowner_slab; 4873 stateid_slab = KMEM_CACHE(nfs4_ol_stateid, 0); 4874 if (stateid_slab == NULL) 4875 goto out_free_file_slab; 4876 deleg_slab = KMEM_CACHE(nfs4_delegation, 0); 4877 if (deleg_slab == NULL) 4878 goto out_free_stateid_slab; 4879 odstate_slab = KMEM_CACHE(nfs4_clnt_odstate, 0); 4880 if (odstate_slab == NULL) 4881 goto out_free_deleg_slab; 4882 return 0; 4883 4884 out_free_deleg_slab: 4885 kmem_cache_destroy(deleg_slab); 4886 out_free_stateid_slab: 4887 kmem_cache_destroy(stateid_slab); 4888 out_free_file_slab: 4889 kmem_cache_destroy(file_slab); 4890 out_free_lockowner_slab: 4891 kmem_cache_destroy(lockowner_slab); 4892 out_free_openowner_slab: 4893 kmem_cache_destroy(openowner_slab); 4894 out_free_client_slab: 4895 kmem_cache_destroy(client_slab); 4896 out: 4897 return -ENOMEM; 4898 } 4899 4900 static unsigned long 4901 nfsd4_state_shrinker_count(struct shrinker *shrink, struct shrink_control *sc) 4902 { 4903 struct nfsd_net *nn = shrink->private_data; 4904 long count; 4905 4906 count = atomic_read(&nn->nfsd_courtesy_clients); 4907 if (!count) 4908 count = atomic_long_read(&num_delegations); 4909 if (count) 4910 queue_work(laundry_wq, &nn->nfsd_shrinker_work); 4911 return (unsigned long)count; 4912 } 4913 4914 static unsigned long 4915 nfsd4_state_shrinker_scan(struct shrinker *shrink, struct shrink_control *sc) 4916 { 4917 return SHRINK_STOP; 4918 } 4919 4920 void 4921 nfsd4_init_leases_net(struct nfsd_net *nn) 4922 { 4923 struct sysinfo si; 4924 u64 max_clients; 4925 4926 nn->nfsd4_lease = 90; /* default lease time */ 4927 nn->nfsd4_grace = 90; 4928 nn->somebody_reclaimed = false; 4929 nn->track_reclaim_completes = false; 4930 nn->clverifier_counter = get_random_u32(); 4931 nn->clientid_base = get_random_u32(); 4932 nn->clientid_counter = nn->clientid_base + 1; 4933 nn->s2s_cp_cl_id = nn->clientid_counter++; 4934 4935 atomic_set(&nn->nfs4_client_count, 0); 4936 si_meminfo(&si); 4937 max_clients = (u64)si.totalram * si.mem_unit / (1024 * 1024 * 1024); 4938 max_clients *= NFS4_CLIENTS_PER_GB; 4939 nn->nfs4_max_clients = max_t(int, max_clients, NFS4_CLIENTS_PER_GB); 4940 4941 atomic_set(&nn->nfsd_courtesy_clients, 0); 4942 } 4943 4944 enum rp_lock { 4945 RP_UNLOCKED, 4946 RP_LOCKED, 4947 RP_UNHASHED, 4948 }; 4949 4950 static void init_nfs4_replay(struct nfs4_replay *rp) 4951 { 4952 rp->rp_status = nfserr_serverfault; 4953 rp->rp_buflen = 0; 4954 rp->rp_buf = rp->rp_ibuf; 4955 rp->rp_locked = RP_UNLOCKED; 4956 } 4957 4958 static int nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 4959 struct nfs4_stateowner *so) 4960 { 4961 if (!nfsd4_has_session(cstate)) { 4962 wait_var_event(&so->so_replay.rp_locked, 4963 cmpxchg(&so->so_replay.rp_locked, 4964 RP_UNLOCKED, RP_LOCKED) != RP_LOCKED); 4965 if (so->so_replay.rp_locked == RP_UNHASHED) 4966 return -EAGAIN; 4967 cstate->replay_owner = nfs4_get_stateowner(so); 4968 } 4969 return 0; 4970 } 4971 4972 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 4973 { 4974 struct nfs4_stateowner *so = cstate->replay_owner; 4975 4976 if (so != NULL) { 4977 cstate->replay_owner = NULL; 4978 store_release_wake_up(&so->so_replay.rp_locked, RP_UNLOCKED); 4979 nfs4_put_stateowner(so); 4980 } 4981 } 4982 4983 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 4984 { 4985 struct nfs4_stateowner *sop; 4986 4987 sop = kmem_cache_alloc(slab, GFP_KERNEL); 4988 if (!sop) 4989 return NULL; 4990 4991 xdr_netobj_dup(&sop->so_owner, owner, GFP_KERNEL); 4992 if (!sop->so_owner.data) { 4993 kmem_cache_free(slab, sop); 4994 return NULL; 4995 } 4996 4997 INIT_LIST_HEAD(&sop->so_stateids); 4998 sop->so_client = clp; 4999 init_nfs4_replay(&sop->so_replay); 5000 atomic_set(&sop->so_count, 1); 5001 return sop; 5002 } 5003 5004 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 5005 { 5006 lockdep_assert_held(&clp->cl_lock); 5007 5008 list_add(&oo->oo_owner.so_strhash, 5009 &clp->cl_ownerstr_hashtbl[strhashval]); 5010 list_add(&oo->oo_perclient, &clp->cl_openowners); 5011 } 5012 5013 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 5014 { 5015 unhash_openowner_locked(openowner(so)); 5016 } 5017 5018 static void nfs4_free_openowner(struct nfs4_stateowner *so) 5019 { 5020 struct nfs4_openowner *oo = openowner(so); 5021 5022 kmem_cache_free(openowner_slab, oo); 5023 } 5024 5025 static const struct nfs4_stateowner_operations openowner_ops = { 5026 .so_unhash = nfs4_unhash_openowner, 5027 .so_free = nfs4_free_openowner, 5028 }; 5029 5030 static struct nfs4_ol_stateid * 5031 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 5032 { 5033 struct nfs4_ol_stateid *local, *ret = NULL; 5034 struct nfs4_openowner *oo = open->op_openowner; 5035 5036 lockdep_assert_held(&fp->fi_lock); 5037 5038 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 5039 /* ignore lock owners */ 5040 if (local->st_stateowner->so_is_open_owner == 0) 5041 continue; 5042 if (local->st_stateowner != &oo->oo_owner) 5043 continue; 5044 if (local->st_stid.sc_type == SC_TYPE_OPEN && 5045 !local->st_stid.sc_status) { 5046 ret = local; 5047 refcount_inc(&ret->st_stid.sc_count); 5048 break; 5049 } 5050 } 5051 return ret; 5052 } 5053 5054 static void nfsd4_drop_revoked_stid(struct nfs4_stid *s) 5055 __releases(&s->sc_client->cl_lock) 5056 { 5057 struct nfs4_client *cl = s->sc_client; 5058 LIST_HEAD(reaplist); 5059 struct nfs4_ol_stateid *stp; 5060 struct nfs4_delegation *dp; 5061 bool unhashed; 5062 5063 switch (s->sc_type) { 5064 case SC_TYPE_OPEN: 5065 stp = openlockstateid(s); 5066 if (unhash_open_stateid(stp, &reaplist)) 5067 put_ol_stateid_locked(stp, &reaplist); 5068 spin_unlock(&cl->cl_lock); 5069 free_ol_stateid_reaplist(&reaplist); 5070 break; 5071 case SC_TYPE_LOCK: 5072 stp = openlockstateid(s); 5073 unhashed = unhash_lock_stateid(stp); 5074 spin_unlock(&cl->cl_lock); 5075 if (unhashed) 5076 nfs4_put_stid(s); 5077 break; 5078 case SC_TYPE_DELEG: 5079 dp = delegstateid(s); 5080 list_del_init(&dp->dl_recall_lru); 5081 spin_unlock(&cl->cl_lock); 5082 nfs4_put_stid(s); 5083 break; 5084 default: 5085 spin_unlock(&cl->cl_lock); 5086 } 5087 } 5088 5089 static void nfsd40_drop_revoked_stid(struct nfs4_client *cl, 5090 stateid_t *stid) 5091 { 5092 /* NFSv4.0 has no way for the client to tell the server 5093 * that it can forget an admin-revoked stateid. 5094 * So we keep it around until the first time that the 5095 * client uses it, and drop it the first time 5096 * nfserr_admin_revoked is returned. 5097 * For v4.1 and later we wait until explicitly told 5098 * to free the stateid. 5099 */ 5100 if (cl->cl_minorversion == 0) { 5101 struct nfs4_stid *st; 5102 5103 spin_lock(&cl->cl_lock); 5104 st = find_stateid_locked(cl, stid); 5105 if (st) 5106 nfsd4_drop_revoked_stid(st); 5107 else 5108 spin_unlock(&cl->cl_lock); 5109 } 5110 } 5111 5112 static __be32 5113 nfsd4_verify_open_stid(struct nfs4_stid *s) 5114 { 5115 __be32 ret = nfs_ok; 5116 5117 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) 5118 ret = nfserr_admin_revoked; 5119 else if (s->sc_status & SC_STATUS_REVOKED) 5120 ret = nfserr_deleg_revoked; 5121 else if (s->sc_status & SC_STATUS_CLOSED) 5122 ret = nfserr_bad_stateid; 5123 return ret; 5124 } 5125 5126 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 5127 static __be32 5128 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 5129 { 5130 __be32 ret; 5131 5132 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 5133 ret = nfsd4_verify_open_stid(&stp->st_stid); 5134 if (ret == nfserr_admin_revoked) 5135 nfsd40_drop_revoked_stid(stp->st_stid.sc_client, 5136 &stp->st_stid.sc_stateid); 5137 5138 if (ret != nfs_ok) 5139 mutex_unlock(&stp->st_mutex); 5140 return ret; 5141 } 5142 5143 static struct nfs4_ol_stateid * 5144 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 5145 { 5146 struct nfs4_ol_stateid *stp; 5147 for (;;) { 5148 spin_lock(&fp->fi_lock); 5149 stp = nfsd4_find_existing_open(fp, open); 5150 spin_unlock(&fp->fi_lock); 5151 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 5152 break; 5153 nfs4_put_stid(&stp->st_stid); 5154 } 5155 return stp; 5156 } 5157 5158 static struct nfs4_openowner * 5159 find_or_alloc_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 5160 struct nfsd4_compound_state *cstate) 5161 { 5162 struct nfs4_client *clp = cstate->clp; 5163 struct nfs4_openowner *oo, *new = NULL; 5164 5165 retry: 5166 spin_lock(&clp->cl_lock); 5167 oo = find_openstateowner_str(strhashval, open, clp); 5168 if (!oo && new) { 5169 hash_openowner(new, clp, strhashval); 5170 spin_unlock(&clp->cl_lock); 5171 return new; 5172 } 5173 spin_unlock(&clp->cl_lock); 5174 5175 if (oo && !(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5176 /* Replace unconfirmed owners without checking for replay. */ 5177 release_openowner(oo); 5178 oo = NULL; 5179 } 5180 if (oo) { 5181 if (new) 5182 nfs4_free_stateowner(&new->oo_owner); 5183 return oo; 5184 } 5185 5186 new = alloc_stateowner(openowner_slab, &open->op_owner, clp); 5187 if (!new) 5188 return NULL; 5189 new->oo_owner.so_ops = &openowner_ops; 5190 new->oo_owner.so_is_open_owner = 1; 5191 new->oo_owner.so_seqid = open->op_seqid; 5192 new->oo_flags = 0; 5193 if (nfsd4_has_session(cstate)) 5194 new->oo_flags |= NFS4_OO_CONFIRMED; 5195 new->oo_time = 0; 5196 new->oo_last_closed_stid = NULL; 5197 INIT_LIST_HEAD(&new->oo_close_lru); 5198 goto retry; 5199 } 5200 5201 static struct nfs4_ol_stateid * 5202 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 5203 { 5204 5205 struct nfs4_openowner *oo = open->op_openowner; 5206 struct nfs4_ol_stateid *retstp = NULL; 5207 struct nfs4_ol_stateid *stp; 5208 5209 stp = open->op_stp; 5210 /* We are moving these outside of the spinlocks to avoid the warnings */ 5211 mutex_init(&stp->st_mutex); 5212 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 5213 5214 retry: 5215 spin_lock(&oo->oo_owner.so_client->cl_lock); 5216 spin_lock(&fp->fi_lock); 5217 5218 if (nfs4_openowner_unhashed(oo)) { 5219 mutex_unlock(&stp->st_mutex); 5220 stp = NULL; 5221 goto out_unlock; 5222 } 5223 5224 retstp = nfsd4_find_existing_open(fp, open); 5225 if (retstp) 5226 goto out_unlock; 5227 5228 open->op_stp = NULL; 5229 refcount_inc(&stp->st_stid.sc_count); 5230 stp->st_stid.sc_type = SC_TYPE_OPEN; 5231 INIT_LIST_HEAD(&stp->st_locks); 5232 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 5233 get_nfs4_file(fp); 5234 stp->st_stid.sc_file = fp; 5235 stp->st_access_bmap = 0; 5236 stp->st_deny_bmap = 0; 5237 stp->st_openstp = NULL; 5238 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 5239 list_add(&stp->st_perfile, &fp->fi_stateids); 5240 5241 out_unlock: 5242 spin_unlock(&fp->fi_lock); 5243 spin_unlock(&oo->oo_owner.so_client->cl_lock); 5244 if (retstp) { 5245 /* Handle races with CLOSE */ 5246 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 5247 nfs4_put_stid(&retstp->st_stid); 5248 goto retry; 5249 } 5250 /* To keep mutex tracking happy */ 5251 mutex_unlock(&stp->st_mutex); 5252 stp = retstp; 5253 } 5254 return stp; 5255 } 5256 5257 /* 5258 * In the 4.0 case we need to keep the owners around a little while to handle 5259 * CLOSE replay. We still do need to release any file access that is held by 5260 * them before returning however. 5261 */ 5262 static void 5263 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 5264 { 5265 struct nfs4_ol_stateid *last; 5266 struct nfs4_openowner *oo = openowner(s->st_stateowner); 5267 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 5268 nfsd_net_id); 5269 5270 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 5271 5272 /* 5273 * We know that we hold one reference via nfsd4_close, and another 5274 * "persistent" reference for the client. If the refcount is higher 5275 * than 2, then there are still calls in progress that are using this 5276 * stateid. We can't put the sc_file reference until they are finished. 5277 * Wait for the refcount to drop to 2. Since it has been unhashed, 5278 * there should be no danger of the refcount going back up again at 5279 * this point. 5280 * Some threads with a reference might be waiting for rp_locked, 5281 * so tell them to stop waiting. 5282 */ 5283 store_release_wake_up(&oo->oo_owner.so_replay.rp_locked, RP_UNHASHED); 5284 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 5285 5286 release_all_access(s); 5287 if (s->st_stid.sc_file) { 5288 put_nfs4_file(s->st_stid.sc_file); 5289 s->st_stid.sc_file = NULL; 5290 } 5291 5292 spin_lock(&nn->client_lock); 5293 last = oo->oo_last_closed_stid; 5294 oo->oo_last_closed_stid = s; 5295 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 5296 oo->oo_time = ktime_get_boottime_seconds(); 5297 spin_unlock(&nn->client_lock); 5298 if (last) 5299 nfs4_put_stid(&last->st_stid); 5300 } 5301 5302 static noinline_for_stack struct nfs4_file * 5303 nfsd4_file_hash_lookup(const struct svc_fh *fhp) 5304 { 5305 struct inode *inode = d_inode(fhp->fh_dentry); 5306 struct rhlist_head *tmp, *list; 5307 struct nfs4_file *fi; 5308 5309 rcu_read_lock(); 5310 list = rhltable_lookup(&nfs4_file_rhltable, &inode, 5311 nfs4_file_rhash_params); 5312 rhl_for_each_entry_rcu(fi, tmp, list, fi_rlist) { 5313 if (fh_match(&fi->fi_fhandle, &fhp->fh_handle)) { 5314 if (refcount_inc_not_zero(&fi->fi_ref)) { 5315 rcu_read_unlock(); 5316 return fi; 5317 } 5318 } 5319 } 5320 rcu_read_unlock(); 5321 return NULL; 5322 } 5323 5324 /* 5325 * On hash insertion, identify entries with the same inode but 5326 * distinct filehandles. They will all be on the list returned 5327 * by rhltable_lookup(). 5328 * 5329 * inode->i_lock prevents racing insertions from adding an entry 5330 * for the same inode/fhp pair twice. 5331 */ 5332 static noinline_for_stack struct nfs4_file * 5333 nfsd4_file_hash_insert(struct nfs4_file *new, const struct svc_fh *fhp) 5334 { 5335 struct inode *inode = d_inode(fhp->fh_dentry); 5336 struct rhlist_head *tmp, *list; 5337 struct nfs4_file *ret = NULL; 5338 bool alias_found = false; 5339 struct nfs4_file *fi; 5340 int err; 5341 5342 rcu_read_lock(); 5343 spin_lock(&inode->i_lock); 5344 5345 list = rhltable_lookup(&nfs4_file_rhltable, &inode, 5346 nfs4_file_rhash_params); 5347 rhl_for_each_entry_rcu(fi, tmp, list, fi_rlist) { 5348 if (fh_match(&fi->fi_fhandle, &fhp->fh_handle)) { 5349 if (refcount_inc_not_zero(&fi->fi_ref)) 5350 ret = fi; 5351 } else 5352 fi->fi_aliased = alias_found = true; 5353 } 5354 if (ret) 5355 goto out_unlock; 5356 5357 nfsd4_file_init(fhp, new); 5358 err = rhltable_insert(&nfs4_file_rhltable, &new->fi_rlist, 5359 nfs4_file_rhash_params); 5360 if (err) 5361 goto out_unlock; 5362 5363 new->fi_aliased = alias_found; 5364 ret = new; 5365 5366 out_unlock: 5367 spin_unlock(&inode->i_lock); 5368 rcu_read_unlock(); 5369 return ret; 5370 } 5371 5372 static noinline_for_stack void nfsd4_file_hash_remove(struct nfs4_file *fi) 5373 { 5374 rhltable_remove(&nfs4_file_rhltable, &fi->fi_rlist, 5375 nfs4_file_rhash_params); 5376 } 5377 5378 /* 5379 * Called to check deny when READ with all zero stateid or 5380 * WRITE with all zero or all one stateid 5381 */ 5382 static __be32 5383 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 5384 { 5385 struct nfs4_file *fp; 5386 __be32 ret = nfs_ok; 5387 5388 fp = nfsd4_file_hash_lookup(current_fh); 5389 if (!fp) 5390 return ret; 5391 5392 /* Check for conflicting share reservations */ 5393 spin_lock(&fp->fi_lock); 5394 if (fp->fi_share_deny & deny_type) 5395 ret = nfserr_locked; 5396 spin_unlock(&fp->fi_lock); 5397 put_nfs4_file(fp); 5398 return ret; 5399 } 5400 5401 static bool nfsd4_deleg_present(const struct inode *inode) 5402 { 5403 struct file_lock_context *ctx = locks_inode_context(inode); 5404 5405 return ctx && !list_empty_careful(&ctx->flc_lease); 5406 } 5407 5408 /** 5409 * nfsd_wait_for_delegreturn - wait for delegations to be returned 5410 * @rqstp: the RPC transaction being executed 5411 * @inode: in-core inode of the file being waited for 5412 * 5413 * The timeout prevents deadlock if all nfsd threads happen to be 5414 * tied up waiting for returning delegations. 5415 * 5416 * Return values: 5417 * %true: delegation was returned 5418 * %false: timed out waiting for delegreturn 5419 */ 5420 bool nfsd_wait_for_delegreturn(struct svc_rqst *rqstp, struct inode *inode) 5421 { 5422 long __maybe_unused timeo; 5423 5424 timeo = wait_var_event_timeout(inode, !nfsd4_deleg_present(inode), 5425 NFSD_DELEGRETURN_TIMEOUT); 5426 trace_nfsd_delegret_wakeup(rqstp, inode, timeo); 5427 return timeo > 0; 5428 } 5429 5430 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 5431 { 5432 struct nfs4_delegation *dp = cb_to_delegation(cb); 5433 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 5434 nfsd_net_id); 5435 5436 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 5437 5438 /* 5439 * We can't do this in nfsd_break_deleg_cb because it is 5440 * already holding inode->i_lock. 5441 * 5442 * If the dl_time != 0, then we know that it has already been 5443 * queued for a lease break. Don't queue it again. 5444 */ 5445 spin_lock(&nn->deleg_lock); 5446 if (delegation_hashed(dp) && dp->dl_time == 0) { 5447 dp->dl_time = ktime_get_boottime_seconds(); 5448 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 5449 } 5450 spin_unlock(&nn->deleg_lock); 5451 } 5452 5453 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 5454 struct rpc_task *task) 5455 { 5456 struct nfs4_delegation *dp = cb_to_delegation(cb); 5457 5458 trace_nfsd_cb_recall_done(&dp->dl_stid.sc_stateid, task); 5459 5460 if (dp->dl_stid.sc_status) 5461 /* CLOSED or REVOKED */ 5462 return 1; 5463 5464 switch (task->tk_status) { 5465 case 0: 5466 return 1; 5467 case -NFS4ERR_DELAY: 5468 rpc_delay(task, 2 * HZ); 5469 return 0; 5470 case -EBADHANDLE: 5471 case -NFS4ERR_BAD_STATEID: 5472 /* 5473 * Race: client probably got cb_recall before open reply 5474 * granting delegation. 5475 */ 5476 if (dp->dl_retries--) { 5477 rpc_delay(task, 2 * HZ); 5478 return 0; 5479 } 5480 fallthrough; 5481 default: 5482 return 1; 5483 } 5484 } 5485 5486 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 5487 { 5488 struct nfs4_delegation *dp = cb_to_delegation(cb); 5489 5490 nfs4_put_stid(&dp->dl_stid); 5491 } 5492 5493 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 5494 .prepare = nfsd4_cb_recall_prepare, 5495 .done = nfsd4_cb_recall_done, 5496 .release = nfsd4_cb_recall_release, 5497 .opcode = OP_CB_RECALL, 5498 }; 5499 5500 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 5501 { 5502 bool queued; 5503 5504 if (test_and_set_bit(NFSD4_CALLBACK_RUNNING, &dp->dl_recall.cb_flags)) 5505 return; 5506 5507 /* 5508 * We're assuming the state code never drops its reference 5509 * without first removing the lease. Since we're in this lease 5510 * callback (and since the lease code is serialized by the 5511 * flc_lock) we know the server hasn't removed the lease yet, and 5512 * we know it's safe to take a reference. 5513 */ 5514 refcount_inc(&dp->dl_stid.sc_count); 5515 queued = nfsd4_run_cb(&dp->dl_recall); 5516 WARN_ON_ONCE(!queued); 5517 if (!queued) 5518 refcount_dec(&dp->dl_stid.sc_count); 5519 } 5520 5521 /* Called from break_lease() with flc_lock held. */ 5522 static bool 5523 nfsd_break_deleg_cb(struct file_lease *fl) 5524 { 5525 struct nfs4_delegation *dp = (struct nfs4_delegation *) fl->c.flc_owner; 5526 struct nfs4_file *fp = dp->dl_stid.sc_file; 5527 struct nfs4_client *clp = dp->dl_stid.sc_client; 5528 struct nfsd_net *nn; 5529 5530 trace_nfsd_cb_recall(&dp->dl_stid); 5531 5532 dp->dl_recalled = true; 5533 atomic_inc(&clp->cl_delegs_in_recall); 5534 if (try_to_expire_client(clp)) { 5535 nn = net_generic(clp->net, nfsd_net_id); 5536 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 5537 } 5538 5539 /* 5540 * We don't want the locks code to timeout the lease for us; 5541 * we'll remove it ourself if a delegation isn't returned 5542 * in time: 5543 */ 5544 fl->fl_break_time = 0; 5545 5546 fp->fi_had_conflict = true; 5547 nfsd_break_one_deleg(dp); 5548 return false; 5549 } 5550 5551 /** 5552 * nfsd_breaker_owns_lease - Check if lease conflict was resolved 5553 * @fl: Lock state to check 5554 * 5555 * Return values: 5556 * %true: Lease conflict was resolved 5557 * %false: Lease conflict was not resolved. 5558 */ 5559 static bool nfsd_breaker_owns_lease(struct file_lease *fl) 5560 { 5561 struct nfs4_delegation *dl = fl->c.flc_owner; 5562 struct nfsd_thread_local_info *ntli; 5563 struct svc_rqst *rqst; 5564 struct nfs4_client *clp; 5565 5566 rqst = nfsd_current_rqst(); 5567 if (!nfsd_v4client(rqst)) 5568 return false; 5569 ntli = rqst->rq_private; 5570 clp = *ntli->ntli_lease_breaker; 5571 return dl->dl_stid.sc_client == clp; 5572 } 5573 5574 static int 5575 nfsd_change_deleg_cb(struct file_lease *onlist, int arg, 5576 struct list_head *dispose) 5577 { 5578 struct nfs4_delegation *dp = (struct nfs4_delegation *) onlist->c.flc_owner; 5579 struct nfs4_client *clp = dp->dl_stid.sc_client; 5580 5581 if (arg & F_UNLCK) { 5582 if (dp->dl_recalled) 5583 atomic_dec(&clp->cl_delegs_in_recall); 5584 return lease_modify(onlist, arg, dispose); 5585 } else 5586 return -EAGAIN; 5587 } 5588 5589 /** 5590 * nfsd4_deleg_lm_open_conflict - see if the given file points to an inode that has 5591 * an existing open that would conflict with the 5592 * desired lease. 5593 * @filp: file to check 5594 * @arg: type of lease that we're trying to acquire 5595 * 5596 * The kernel will call into this operation to determine whether there 5597 * are conflicting opens that may prevent the deleg from being granted. 5598 * For nfsd, that check is done at a higher level, so this trivially 5599 * returns 0. 5600 */ 5601 static int 5602 nfsd4_deleg_lm_open_conflict(struct file *filp, int arg) 5603 { 5604 return 0; 5605 } 5606 5607 static const struct lease_manager_operations nfsd_lease_mng_ops = { 5608 .lm_breaker_owns_lease = nfsd_breaker_owns_lease, 5609 .lm_break = nfsd_break_deleg_cb, 5610 .lm_change = nfsd_change_deleg_cb, 5611 .lm_open_conflict = nfsd4_deleg_lm_open_conflict, 5612 }; 5613 5614 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 5615 { 5616 if (nfsd4_has_session(cstate)) 5617 return nfs_ok; 5618 if (seqid == so->so_seqid - 1) 5619 return nfserr_replay_me; 5620 if (seqid == so->so_seqid) 5621 return nfs_ok; 5622 return nfserr_bad_seqid; 5623 } 5624 5625 static struct nfs4_client *lookup_clientid(clientid_t *clid, bool sessions, 5626 struct nfsd_net *nn) 5627 { 5628 struct nfs4_client *found; 5629 5630 spin_lock(&nn->client_lock); 5631 found = find_confirmed_client(clid, sessions, nn); 5632 if (found) 5633 atomic_inc(&found->cl_rpc_users); 5634 spin_unlock(&nn->client_lock); 5635 return found; 5636 } 5637 5638 static __be32 set_client(clientid_t *clid, 5639 struct nfsd4_compound_state *cstate, 5640 struct nfsd_net *nn) 5641 { 5642 if (cstate->clp) { 5643 if (!same_clid(&cstate->clp->cl_clientid, clid)) 5644 return nfserr_stale_clientid; 5645 return nfs_ok; 5646 } 5647 if (STALE_CLIENTID(clid, nn)) 5648 return nfserr_stale_clientid; 5649 /* 5650 * We're in the 4.0 case (otherwise the SEQUENCE op would have 5651 * set cstate->clp), so session = false: 5652 */ 5653 cstate->clp = lookup_clientid(clid, false, nn); 5654 if (!cstate->clp) 5655 return nfserr_expired; 5656 return nfs_ok; 5657 } 5658 5659 __be32 5660 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 5661 struct nfsd4_open *open, struct nfsd_net *nn) 5662 { 5663 clientid_t *clientid = &open->op_clientid; 5664 struct nfs4_client *clp = NULL; 5665 unsigned int strhashval; 5666 struct nfs4_openowner *oo = NULL; 5667 __be32 status; 5668 5669 /* 5670 * In case we need it later, after we've already created the 5671 * file and don't want to risk a further failure: 5672 */ 5673 open->op_file = nfsd4_alloc_file(); 5674 if (open->op_file == NULL) 5675 return nfserr_jukebox; 5676 5677 status = set_client(clientid, cstate, nn); 5678 if (status) 5679 return status; 5680 clp = cstate->clp; 5681 5682 strhashval = ownerstr_hashval(&open->op_owner); 5683 retry: 5684 oo = find_or_alloc_open_stateowner(strhashval, open, cstate); 5685 open->op_openowner = oo; 5686 if (!oo) 5687 return nfserr_jukebox; 5688 if (nfsd4_cstate_assign_replay(cstate, &oo->oo_owner) == -EAGAIN) { 5689 nfs4_put_stateowner(&oo->oo_owner); 5690 goto retry; 5691 } 5692 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 5693 if (status) 5694 return status; 5695 5696 open->op_stp = nfs4_alloc_open_stateid(clp); 5697 if (!open->op_stp) 5698 return nfserr_jukebox; 5699 5700 if (nfsd4_has_session(cstate) && 5701 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 5702 open->op_odstate = alloc_clnt_odstate(clp); 5703 if (!open->op_odstate) 5704 return nfserr_jukebox; 5705 } 5706 5707 return nfs_ok; 5708 } 5709 5710 static inline __be32 5711 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 5712 { 5713 if (!(flags & RD_STATE) && deleg_is_read(dp->dl_type)) 5714 return nfserr_openmode; 5715 else 5716 return nfs_ok; 5717 } 5718 5719 static int share_access_to_flags(u32 share_access) 5720 { 5721 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 5722 } 5723 5724 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, 5725 stateid_t *s) 5726 { 5727 struct nfs4_stid *ret; 5728 5729 ret = find_stateid_by_type(cl, s, SC_TYPE_DELEG, SC_STATUS_REVOKED); 5730 if (!ret) 5731 return NULL; 5732 return delegstateid(ret); 5733 } 5734 5735 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 5736 { 5737 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 5738 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 5739 } 5740 5741 static __be32 5742 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 5743 struct nfs4_delegation **dp) 5744 { 5745 int flags; 5746 __be32 status = nfserr_bad_stateid; 5747 struct nfs4_delegation *deleg; 5748 5749 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 5750 if (deleg == NULL) 5751 goto out; 5752 if (deleg->dl_stid.sc_status & SC_STATUS_ADMIN_REVOKED) { 5753 nfs4_put_stid(&deleg->dl_stid); 5754 status = nfserr_admin_revoked; 5755 goto out; 5756 } 5757 if (deleg->dl_stid.sc_status & SC_STATUS_REVOKED) { 5758 nfs4_put_stid(&deleg->dl_stid); 5759 nfsd40_drop_revoked_stid(cl, &open->op_delegate_stateid); 5760 status = nfserr_deleg_revoked; 5761 goto out; 5762 } 5763 flags = share_access_to_flags(open->op_share_access); 5764 status = nfs4_check_delegmode(deleg, flags); 5765 if (status) { 5766 nfs4_put_stid(&deleg->dl_stid); 5767 goto out; 5768 } 5769 *dp = deleg; 5770 out: 5771 if (!nfsd4_is_deleg_cur(open)) 5772 return nfs_ok; 5773 if (status) 5774 return status; 5775 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 5776 return nfs_ok; 5777 } 5778 5779 static inline int nfs4_access_to_access(u32 nfs4_access) 5780 { 5781 int flags = 0; 5782 5783 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 5784 flags |= NFSD_MAY_READ; 5785 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 5786 flags |= NFSD_MAY_WRITE; 5787 return flags; 5788 } 5789 5790 static inline __be32 5791 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 5792 struct nfsd4_open *open) 5793 { 5794 struct iattr iattr = { 5795 .ia_valid = ATTR_SIZE, 5796 .ia_size = 0, 5797 }; 5798 struct nfsd_attrs attrs = { 5799 .na_iattr = &iattr, 5800 }; 5801 if (!open->op_truncate) 5802 return 0; 5803 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 5804 return nfserr_inval; 5805 return nfsd_setattr(rqstp, fh, &attrs, NULL); 5806 } 5807 5808 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 5809 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 5810 struct nfsd4_open *open, bool new_stp) 5811 { 5812 struct nfsd_file *nf = NULL; 5813 __be32 status; 5814 int oflag = nfs4_access_to_omode(open->op_share_access); 5815 int access = nfs4_access_to_access(open->op_share_access); 5816 unsigned char old_access_bmap, old_deny_bmap; 5817 5818 spin_lock(&fp->fi_lock); 5819 5820 /* 5821 * Are we trying to set a deny mode that would conflict with 5822 * current access? 5823 */ 5824 status = nfs4_file_check_deny(fp, open->op_share_deny); 5825 if (status != nfs_ok) { 5826 if (status != nfserr_share_denied) { 5827 spin_unlock(&fp->fi_lock); 5828 goto out; 5829 } 5830 if (nfs4_resolve_deny_conflicts_locked(fp, new_stp, 5831 stp, open->op_share_deny, false)) 5832 status = nfserr_jukebox; 5833 spin_unlock(&fp->fi_lock); 5834 goto out; 5835 } 5836 5837 /* set access to the file */ 5838 status = nfs4_file_get_access(fp, open->op_share_access); 5839 if (status != nfs_ok) { 5840 if (status != nfserr_share_denied) { 5841 spin_unlock(&fp->fi_lock); 5842 goto out; 5843 } 5844 if (nfs4_resolve_deny_conflicts_locked(fp, new_stp, 5845 stp, open->op_share_access, true)) 5846 status = nfserr_jukebox; 5847 spin_unlock(&fp->fi_lock); 5848 goto out; 5849 } 5850 5851 /* Set access bits in stateid */ 5852 old_access_bmap = stp->st_access_bmap; 5853 set_access(open->op_share_access, stp); 5854 5855 /* Set new deny mask */ 5856 old_deny_bmap = stp->st_deny_bmap; 5857 set_deny(open->op_share_deny, stp); 5858 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 5859 5860 if (!fp->fi_fds[oflag]) { 5861 spin_unlock(&fp->fi_lock); 5862 5863 status = nfsd_file_acquire_opened(rqstp, cur_fh, access, 5864 open->op_filp, &nf); 5865 if (status != nfs_ok) 5866 goto out_put_access; 5867 5868 spin_lock(&fp->fi_lock); 5869 if (!fp->fi_fds[oflag]) { 5870 fp->fi_fds[oflag] = nf; 5871 nf = NULL; 5872 } 5873 } 5874 spin_unlock(&fp->fi_lock); 5875 if (nf) 5876 nfsd_file_put(nf); 5877 5878 status = nfserrno(nfsd_open_break_lease(cur_fh->fh_dentry->d_inode, 5879 access)); 5880 if (status) 5881 goto out_put_access; 5882 5883 status = nfsd4_truncate(rqstp, cur_fh, open); 5884 if (status) 5885 goto out_put_access; 5886 out: 5887 return status; 5888 out_put_access: 5889 stp->st_access_bmap = old_access_bmap; 5890 nfs4_file_put_access(fp, open->op_share_access); 5891 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 5892 goto out; 5893 } 5894 5895 static __be32 5896 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, 5897 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 5898 struct nfsd4_open *open) 5899 { 5900 __be32 status; 5901 unsigned char old_deny_bmap = stp->st_deny_bmap; 5902 5903 if (!test_access(open->op_share_access, stp)) 5904 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open, false); 5905 5906 /* test and set deny mode */ 5907 spin_lock(&fp->fi_lock); 5908 status = nfs4_file_check_deny(fp, open->op_share_deny); 5909 switch (status) { 5910 case nfs_ok: 5911 set_deny(open->op_share_deny, stp); 5912 fp->fi_share_deny |= 5913 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 5914 break; 5915 case nfserr_share_denied: 5916 if (nfs4_resolve_deny_conflicts_locked(fp, false, 5917 stp, open->op_share_deny, false)) 5918 status = nfserr_jukebox; 5919 break; 5920 } 5921 spin_unlock(&fp->fi_lock); 5922 5923 if (status != nfs_ok) 5924 return status; 5925 5926 status = nfsd4_truncate(rqstp, cur_fh, open); 5927 if (status != nfs_ok) 5928 reset_union_bmap_deny(old_deny_bmap, stp); 5929 return status; 5930 } 5931 5932 /* Should we give out recallable state?: */ 5933 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 5934 { 5935 if (clp->cl_cb_state == NFSD4_CB_UP) 5936 return true; 5937 /* 5938 * In the sessions case, since we don't have to establish a 5939 * separate connection for callbacks, we assume it's OK 5940 * until we hear otherwise: 5941 */ 5942 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 5943 } 5944 5945 static struct file_lease *nfs4_alloc_init_lease(struct nfs4_delegation *dp) 5946 { 5947 struct file_lease *fl; 5948 5949 fl = locks_alloc_lease(); 5950 if (!fl) 5951 return NULL; 5952 fl->fl_lmops = &nfsd_lease_mng_ops; 5953 fl->c.flc_flags = FL_DELEG; 5954 fl->c.flc_type = deleg_is_read(dp->dl_type) ? F_RDLCK : F_WRLCK; 5955 fl->c.flc_owner = (fl_owner_t)dp; 5956 fl->c.flc_pid = current->tgid; 5957 fl->c.flc_file = dp->dl_stid.sc_file->fi_deleg_file->nf_file; 5958 return fl; 5959 } 5960 5961 static int nfsd4_check_conflicting_opens(struct nfs4_client *clp, 5962 struct nfs4_file *fp) 5963 { 5964 struct nfs4_ol_stateid *st; 5965 struct file *f = fp->fi_deleg_file->nf_file; 5966 struct inode *ino = file_inode(f); 5967 int writes; 5968 5969 writes = atomic_read(&ino->i_writecount); 5970 if (!writes) 5971 return 0; 5972 /* 5973 * There could be multiple filehandles (hence multiple 5974 * nfs4_files) referencing this file, but that's not too 5975 * common; let's just give up in that case rather than 5976 * trying to go look up all the clients using that other 5977 * nfs4_file as well: 5978 */ 5979 if (fp->fi_aliased) 5980 return -EAGAIN; 5981 /* 5982 * If there's a close in progress, make sure that we see it 5983 * clear any fi_fds[] entries before we see it decrement 5984 * i_writecount: 5985 */ 5986 smp_mb__after_atomic(); 5987 5988 if (fp->fi_fds[O_WRONLY]) 5989 writes--; 5990 if (fp->fi_fds[O_RDWR]) 5991 writes--; 5992 if (writes > 0) 5993 return -EAGAIN; /* There may be non-NFSv4 writers */ 5994 /* 5995 * It's possible there are non-NFSv4 write opens in progress, 5996 * but if they haven't incremented i_writecount yet then they 5997 * also haven't called break lease yet; so, they'll break this 5998 * lease soon enough. So, all that's left to check for is NFSv4 5999 * opens: 6000 */ 6001 spin_lock(&fp->fi_lock); 6002 list_for_each_entry(st, &fp->fi_stateids, st_perfile) { 6003 if (st->st_openstp == NULL /* it's an open */ && 6004 access_permit_write(st) && 6005 st->st_stid.sc_client != clp) { 6006 spin_unlock(&fp->fi_lock); 6007 return -EAGAIN; 6008 } 6009 } 6010 spin_unlock(&fp->fi_lock); 6011 /* 6012 * There's a small chance that we could be racing with another 6013 * NFSv4 open. However, any open that hasn't added itself to 6014 * the fi_stateids list also hasn't called break_lease yet; so, 6015 * they'll break this lease soon enough. 6016 */ 6017 return 0; 6018 } 6019 6020 /* 6021 * It's possible that between opening the dentry and setting the delegation, 6022 * that it has been renamed or unlinked. Redo the lookup to verify that this 6023 * hasn't happened. 6024 */ 6025 static int 6026 nfsd4_verify_deleg_dentry(struct nfsd4_open *open, struct nfs4_file *fp, 6027 struct svc_fh *parent) 6028 { 6029 struct svc_export *exp; 6030 struct dentry *child; 6031 __be32 err; 6032 6033 err = nfsd_lookup_dentry(open->op_rqstp, parent, 6034 open->op_fname, open->op_fnamelen, 6035 &exp, &child); 6036 6037 if (err) 6038 return -EAGAIN; 6039 6040 exp_put(exp); 6041 dput(child); 6042 if (child != file_dentry(fp->fi_deleg_file->nf_file)) 6043 return -EAGAIN; 6044 6045 return 0; 6046 } 6047 6048 /* 6049 * We avoid breaking delegations held by a client due to its own activity, but 6050 * clearing setuid/setgid bits on a write is an implicit activity and the client 6051 * may not notice and continue using the old mode. Avoid giving out a delegation 6052 * on setuid/setgid files when the client is requesting an open for write. 6053 */ 6054 static int 6055 nfsd4_verify_setuid_write(struct nfsd4_open *open, struct nfsd_file *nf) 6056 { 6057 struct inode *inode = file_inode(nf->nf_file); 6058 6059 if ((open->op_share_access & NFS4_SHARE_ACCESS_WRITE) && 6060 (inode->i_mode & (S_ISUID|S_ISGID))) 6061 return -EAGAIN; 6062 return 0; 6063 } 6064 6065 /* 6066 * Timestamp delegation was introduced in RFC7862. Runtime switch for disabling 6067 * this feature is /sys/kernel/debug/nfsd/delegated_timestamps. 6068 */ 6069 static bool nfsd4_want_deleg_timestamps(const struct nfsd4_open *open) 6070 { 6071 if (!nfsd_delegts_enabled) 6072 return false; 6073 return open->op_deleg_want & OPEN4_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS; 6074 } 6075 6076 static struct nfs4_delegation * 6077 nfs4_set_delegation(struct nfsd4_open *open, struct nfs4_ol_stateid *stp, 6078 struct svc_fh *parent) 6079 { 6080 bool deleg_ts = nfsd4_want_deleg_timestamps(open); 6081 struct nfs4_client *clp = stp->st_stid.sc_client; 6082 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 6083 struct nfs4_file *fp = stp->st_stid.sc_file; 6084 struct nfs4_clnt_odstate *odstate = stp->st_clnt_odstate; 6085 struct nfs4_delegation *dp; 6086 struct nfsd_file *nf = NULL; 6087 struct file_lease *fl; 6088 int status = 0; 6089 u32 dl_type; 6090 6091 /* 6092 * The fi_had_conflict and nfs_get_existing_delegation checks 6093 * here are just optimizations; we'll need to recheck them at 6094 * the end: 6095 */ 6096 if (fp->fi_had_conflict) 6097 return ERR_PTR(-EAGAIN); 6098 6099 /* 6100 * Try for a write delegation first. RFC8881 section 10.4 says: 6101 * 6102 * "An OPEN_DELEGATE_WRITE delegation allows the client to handle, 6103 * on its own, all opens." 6104 * 6105 * Furthermore, section 9.1.2 says: 6106 * 6107 * "In the case of READ, the server may perform the corresponding 6108 * check on the access mode, or it may choose to allow READ for 6109 * OPEN4_SHARE_ACCESS_WRITE, to accommodate clients whose WRITE 6110 * implementation may unavoidably do reads (e.g., due to buffer 6111 * cache constraints)." 6112 * 6113 * We choose to offer a write delegation for OPEN with the 6114 * OPEN4_SHARE_ACCESS_WRITE access mode to accommodate such clients. 6115 */ 6116 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) { 6117 nf = find_writeable_file(fp); 6118 dl_type = deleg_ts ? OPEN_DELEGATE_WRITE_ATTRS_DELEG : OPEN_DELEGATE_WRITE; 6119 } 6120 6121 /* 6122 * If the file is being opened O_RDONLY or we couldn't get a O_RDWR 6123 * file for some reason, then try for a read delegation instead. 6124 */ 6125 if (!nf && (open->op_share_access & NFS4_SHARE_ACCESS_READ)) { 6126 nf = find_readable_file(fp); 6127 dl_type = deleg_ts ? OPEN_DELEGATE_READ_ATTRS_DELEG : OPEN_DELEGATE_READ; 6128 } 6129 6130 if (!nf) 6131 return ERR_PTR(-EAGAIN); 6132 6133 /* 6134 * File delegations and associated locks cannot be recovered if the 6135 * export is from an NFS proxy server. 6136 */ 6137 if (exportfs_cannot_lock(nf->nf_file->f_path.mnt->mnt_sb->s_export_op)) { 6138 nfsd_file_put(nf); 6139 return ERR_PTR(-EOPNOTSUPP); 6140 } 6141 6142 spin_lock(&nn->deleg_lock); 6143 spin_lock(&fp->fi_lock); 6144 if (nfs4_delegation_exists(clp, fp)) 6145 status = -EAGAIN; 6146 else if (nfsd4_verify_setuid_write(open, nf)) 6147 status = -EAGAIN; 6148 else if (!fp->fi_deleg_file) { 6149 fp->fi_deleg_file = nf; 6150 /* increment early to prevent fi_deleg_file from being 6151 * cleared */ 6152 fp->fi_delegees = 1; 6153 nf = NULL; 6154 } else 6155 fp->fi_delegees++; 6156 spin_unlock(&fp->fi_lock); 6157 spin_unlock(&nn->deleg_lock); 6158 if (nf) 6159 nfsd_file_put(nf); 6160 if (status) 6161 return ERR_PTR(status); 6162 6163 status = -ENOMEM; 6164 dp = alloc_init_deleg(clp, fp, odstate, dl_type); 6165 if (!dp) 6166 goto out_delegees; 6167 6168 fl = nfs4_alloc_init_lease(dp); 6169 if (!fl) 6170 goto out_clnt_odstate; 6171 6172 status = kernel_setlease(fp->fi_deleg_file->nf_file, 6173 fl->c.flc_type, &fl, NULL); 6174 if (fl) 6175 locks_free_lease(fl); 6176 if (status) 6177 goto out_clnt_odstate; 6178 6179 if (parent) { 6180 status = nfsd4_verify_deleg_dentry(open, fp, parent); 6181 if (status) 6182 goto out_unlock; 6183 } 6184 6185 status = nfsd4_check_conflicting_opens(clp, fp); 6186 if (status) 6187 goto out_unlock; 6188 6189 /* 6190 * Now that the deleg is set, check again to ensure that nothing 6191 * raced in and changed the mode while we weren't looking. 6192 */ 6193 status = nfsd4_verify_setuid_write(open, fp->fi_deleg_file); 6194 if (status) 6195 goto out_unlock; 6196 6197 status = -EAGAIN; 6198 if (fp->fi_had_conflict) 6199 goto out_unlock; 6200 6201 spin_lock(&nn->deleg_lock); 6202 spin_lock(&clp->cl_lock); 6203 spin_lock(&fp->fi_lock); 6204 status = hash_delegation_locked(dp, fp); 6205 spin_unlock(&fp->fi_lock); 6206 spin_unlock(&clp->cl_lock); 6207 spin_unlock(&nn->deleg_lock); 6208 6209 if (status) 6210 goto out_unlock; 6211 6212 return dp; 6213 out_unlock: 6214 kernel_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp); 6215 out_clnt_odstate: 6216 put_clnt_odstate(dp->dl_clnt_odstate); 6217 nfs4_put_stid(&dp->dl_stid); 6218 out_delegees: 6219 put_deleg_file(fp); 6220 return ERR_PTR(status); 6221 } 6222 6223 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 6224 { 6225 open->op_delegate_type = OPEN_DELEGATE_NONE_EXT; 6226 if (status == -EAGAIN) 6227 open->op_why_no_deleg = WND4_CONTENTION; 6228 else { 6229 open->op_why_no_deleg = WND4_RESOURCE; 6230 switch (open->op_deleg_want) { 6231 case OPEN4_SHARE_ACCESS_WANT_READ_DELEG: 6232 case OPEN4_SHARE_ACCESS_WANT_WRITE_DELEG: 6233 case OPEN4_SHARE_ACCESS_WANT_ANY_DELEG: 6234 break; 6235 case OPEN4_SHARE_ACCESS_WANT_CANCEL: 6236 open->op_why_no_deleg = WND4_CANCELLED; 6237 break; 6238 case OPEN4_SHARE_ACCESS_WANT_NO_DELEG: 6239 WARN_ON_ONCE(1); 6240 } 6241 } 6242 } 6243 6244 static bool 6245 nfs4_delegation_stat(struct nfs4_delegation *dp, struct svc_fh *currentfh, 6246 struct kstat *stat) 6247 { 6248 struct nfsd_file *nf = find_writeable_file(dp->dl_stid.sc_file); 6249 struct path path; 6250 int rc; 6251 6252 if (!nf) 6253 return false; 6254 6255 path.mnt = currentfh->fh_export->ex_path.mnt; 6256 path.dentry = file_dentry(nf->nf_file); 6257 6258 rc = vfs_getattr(&path, stat, 6259 STATX_MODE | STATX_SIZE | STATX_ATIME | 6260 STATX_MTIME | STATX_CTIME | STATX_CHANGE_COOKIE, 6261 AT_STATX_SYNC_AS_STAT); 6262 6263 nfsd_file_put(nf); 6264 return rc == 0; 6265 } 6266 6267 /* 6268 * Add NFS4_SHARE_ACCESS_READ to the write delegation granted on OPEN 6269 * with NFS4_SHARE_ACCESS_WRITE by allocating separate nfsd_file and 6270 * struct file to be used for read with delegation stateid. 6271 * 6272 */ 6273 static bool 6274 nfsd4_add_rdaccess_to_wrdeleg(struct svc_rqst *rqstp, struct nfsd4_open *open, 6275 struct svc_fh *fh, struct nfs4_ol_stateid *stp) 6276 { 6277 struct nfs4_file *fp; 6278 struct nfsd_file *nf = NULL; 6279 6280 if ((open->op_share_access & NFS4_SHARE_ACCESS_BOTH) == 6281 NFS4_SHARE_ACCESS_WRITE) { 6282 if (nfsd_file_acquire_opened(rqstp, fh, NFSD_MAY_READ, NULL, &nf)) 6283 return (false); 6284 fp = stp->st_stid.sc_file; 6285 spin_lock(&fp->fi_lock); 6286 if (!fp->fi_fds[O_RDONLY]) { 6287 __nfs4_file_get_access(fp, NFS4_SHARE_ACCESS_READ); 6288 fp->fi_fds[O_RDONLY] = nf; 6289 fp->fi_rdeleg_file = nfsd_file_get(fp->fi_fds[O_RDONLY]); 6290 nf = NULL; 6291 } 6292 spin_unlock(&fp->fi_lock); 6293 if (nf) 6294 nfsd_file_put(nf); 6295 } 6296 return true; 6297 } 6298 6299 /* 6300 * The Linux NFS server does not offer write delegations to NFSv4.0 6301 * clients in order to avoid conflicts between write delegations and 6302 * GETATTRs requesting CHANGE or SIZE attributes. 6303 * 6304 * With NFSv4.1 and later minorversions, the SEQUENCE operation that 6305 * begins each COMPOUND contains a client ID. Delegation recall can 6306 * be avoided when the server recognizes the client sending a 6307 * GETATTR also holds write delegation it conflicts with. 6308 * 6309 * However, the NFSv4.0 protocol does not enable a server to 6310 * determine that a GETATTR originated from the client holding the 6311 * conflicting delegation versus coming from some other client. Per 6312 * RFC 7530 Section 16.7.5, the server must recall or send a 6313 * CB_GETATTR even when the GETATTR originates from the client that 6314 * holds the conflicting delegation. 6315 * 6316 * An NFSv4.0 client can trigger a pathological situation if it 6317 * always sends a DELEGRETURN preceded by a conflicting GETATTR in 6318 * the same COMPOUND. COMPOUND execution will always stop at the 6319 * GETATTR and the DELEGRETURN will never get executed. The server 6320 * eventually revokes the delegation, which can result in loss of 6321 * open or lock state. 6322 */ 6323 static void 6324 nfs4_open_delegation(struct svc_rqst *rqstp, struct nfsd4_open *open, 6325 struct nfs4_ol_stateid *stp, struct svc_fh *currentfh, 6326 struct svc_fh *fh) 6327 { 6328 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 6329 bool deleg_ts = nfsd4_want_deleg_timestamps(open); 6330 struct nfs4_client *clp = stp->st_stid.sc_client; 6331 struct svc_fh *parent = NULL; 6332 struct nfs4_delegation *dp; 6333 struct kstat stat; 6334 int status = 0; 6335 int cb_up; 6336 6337 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 6338 open->op_recall = false; 6339 switch (open->op_claim_type) { 6340 case NFS4_OPEN_CLAIM_PREVIOUS: 6341 if (!cb_up) 6342 open->op_recall = true; 6343 break; 6344 case NFS4_OPEN_CLAIM_NULL: 6345 parent = currentfh; 6346 fallthrough; 6347 case NFS4_OPEN_CLAIM_FH: 6348 /* 6349 * Let's not give out any delegations till everyone's 6350 * had the chance to reclaim theirs, *and* until 6351 * NLM locks have all been reclaimed: 6352 */ 6353 if (locks_in_grace(clp->net)) 6354 goto out_no_deleg; 6355 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 6356 goto out_no_deleg; 6357 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE && 6358 !clp->cl_minorversion) 6359 goto out_no_deleg; 6360 break; 6361 default: 6362 goto out_no_deleg; 6363 } 6364 dp = nfs4_set_delegation(open, stp, parent); 6365 if (IS_ERR(dp)) 6366 goto out_no_deleg; 6367 6368 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 6369 6370 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) { 6371 struct file *f = dp->dl_stid.sc_file->fi_deleg_file->nf_file; 6372 6373 if (!nfsd4_add_rdaccess_to_wrdeleg(rqstp, open, fh, stp) || 6374 !nfs4_delegation_stat(dp, currentfh, &stat)) { 6375 nfs4_put_stid(&dp->dl_stid); 6376 destroy_delegation(dp); 6377 goto out_no_deleg; 6378 } 6379 open->op_delegate_type = deleg_ts ? OPEN_DELEGATE_WRITE_ATTRS_DELEG : 6380 OPEN_DELEGATE_WRITE; 6381 dp->dl_cb_fattr.ncf_cur_fsize = stat.size; 6382 dp->dl_cb_fattr.ncf_initial_cinfo = nfsd4_change_attribute(&stat); 6383 dp->dl_atime = stat.atime; 6384 dp->dl_ctime = stat.ctime; 6385 dp->dl_mtime = stat.mtime; 6386 spin_lock(&f->f_lock); 6387 if (deleg_ts) 6388 f->f_mode |= FMODE_NOCMTIME; 6389 spin_unlock(&f->f_lock); 6390 trace_nfsd_deleg_write(&dp->dl_stid.sc_stateid); 6391 } else { 6392 open->op_delegate_type = deleg_ts && nfs4_delegation_stat(dp, currentfh, &stat) ? 6393 OPEN_DELEGATE_READ_ATTRS_DELEG : OPEN_DELEGATE_READ; 6394 dp->dl_atime = stat.atime; 6395 trace_nfsd_deleg_read(&dp->dl_stid.sc_stateid); 6396 } 6397 nfs4_put_stid(&dp->dl_stid); 6398 return; 6399 out_no_deleg: 6400 open->op_delegate_type = OPEN_DELEGATE_NONE; 6401 6402 /* 4.1 client asking for a delegation? */ 6403 if (open->op_deleg_want) 6404 nfsd4_open_deleg_none_ext(open, status); 6405 return; 6406 } 6407 6408 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 6409 struct nfs4_delegation *dp) 6410 { 6411 if (deleg_is_write(dp->dl_type)) { 6412 if (open->op_deleg_want & OPEN4_SHARE_ACCESS_WANT_READ_DELEG) { 6413 open->op_delegate_type = OPEN_DELEGATE_NONE_EXT; 6414 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 6415 } else if (open->op_deleg_want & OPEN4_SHARE_ACCESS_WANT_WRITE_DELEG) { 6416 open->op_delegate_type = OPEN_DELEGATE_NONE_EXT; 6417 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 6418 } 6419 } 6420 /* Otherwise the client must be confused wanting a delegation 6421 * it already has, therefore we don't return 6422 * OPEN_DELEGATE_NONE_EXT and reason. 6423 */ 6424 } 6425 6426 /* Are we returning only a delegation stateid? */ 6427 static bool open_xor_delegation(struct nfsd4_open *open) 6428 { 6429 if (!(open->op_deleg_want & OPEN4_SHARE_ACCESS_WANT_OPEN_XOR_DELEGATION)) 6430 return false; 6431 /* Did we actually get a delegation? */ 6432 if (!deleg_is_read(open->op_delegate_type) && !deleg_is_write(open->op_delegate_type)) 6433 return false; 6434 return true; 6435 } 6436 6437 /** 6438 * nfsd4_process_open2 - finish open processing 6439 * @rqstp: the RPC transaction being executed 6440 * @current_fh: NFSv4 COMPOUND's current filehandle 6441 * @open: OPEN arguments 6442 * 6443 * If successful, (1) truncate the file if open->op_truncate was 6444 * set, (2) set open->op_stateid, (3) set open->op_delegation. 6445 * 6446 * Returns %nfs_ok on success; otherwise an nfs4stat value in 6447 * network byte order is returned. 6448 */ 6449 __be32 6450 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 6451 { 6452 struct nfsd4_compoundres *resp = rqstp->rq_resp; 6453 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 6454 struct nfs4_file *fp = NULL; 6455 struct nfs4_ol_stateid *stp = NULL; 6456 struct nfs4_delegation *dp = NULL; 6457 __be32 status; 6458 bool new_stp = false; 6459 6460 /* 6461 * Lookup file; if found, lookup stateid and check open request, 6462 * and check for delegations in the process of being recalled. 6463 * If not found, create the nfs4_file struct 6464 */ 6465 fp = nfsd4_file_hash_insert(open->op_file, current_fh); 6466 if (unlikely(!fp)) 6467 return nfserr_jukebox; 6468 if (fp != open->op_file) { 6469 status = nfs4_check_deleg(cl, open, &dp); 6470 if (status) 6471 goto out; 6472 if (dp && nfsd4_is_deleg_cur(open) && 6473 (dp->dl_stid.sc_file != fp)) { 6474 /* 6475 * RFC8881 section 8.2.4 mandates the server to return 6476 * NFS4ERR_BAD_STATEID if the selected table entry does 6477 * not match the current filehandle. However returning 6478 * NFS4ERR_BAD_STATEID in the OPEN can cause the client 6479 * to repeatedly retry the operation with the same 6480 * stateid, since the stateid itself is valid. To avoid 6481 * this situation NFSD returns NFS4ERR_INVAL instead. 6482 */ 6483 status = nfserr_inval; 6484 goto out; 6485 } 6486 stp = nfsd4_find_and_lock_existing_open(fp, open); 6487 } else { 6488 open->op_file = NULL; 6489 status = nfserr_bad_stateid; 6490 if (nfsd4_is_deleg_cur(open)) 6491 goto out; 6492 } 6493 6494 if (!stp) { 6495 stp = init_open_stateid(fp, open); 6496 if (!stp) { 6497 status = nfserr_jukebox; 6498 goto out; 6499 } 6500 6501 if (!open->op_stp) 6502 new_stp = true; 6503 } 6504 6505 /* 6506 * OPEN the file, or upgrade an existing OPEN. 6507 * If truncate fails, the OPEN fails. 6508 * 6509 * stp is already locked. 6510 */ 6511 if (!new_stp) { 6512 /* Stateid was found, this is an OPEN upgrade */ 6513 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 6514 if (status) { 6515 mutex_unlock(&stp->st_mutex); 6516 goto out; 6517 } 6518 } else { 6519 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open, true); 6520 if (status) { 6521 release_open_stateid(stp); 6522 mutex_unlock(&stp->st_mutex); 6523 goto out; 6524 } 6525 6526 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 6527 open->op_odstate); 6528 if (stp->st_clnt_odstate == open->op_odstate) 6529 open->op_odstate = NULL; 6530 } 6531 6532 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 6533 mutex_unlock(&stp->st_mutex); 6534 6535 if (nfsd4_has_session(&resp->cstate)) { 6536 if (open->op_deleg_want & OPEN4_SHARE_ACCESS_WANT_NO_DELEG) { 6537 open->op_delegate_type = OPEN_DELEGATE_NONE_EXT; 6538 open->op_why_no_deleg = WND4_NOT_WANTED; 6539 goto nodeleg; 6540 } 6541 } 6542 6543 /* 6544 * Attempt to hand out a delegation. No error return, because the 6545 * OPEN succeeds even if we fail. 6546 */ 6547 nfs4_open_delegation(rqstp, open, stp, 6548 &resp->cstate.current_fh, current_fh); 6549 6550 /* 6551 * If there is an existing open stateid, it must be updated and 6552 * returned. Only respect WANT_OPEN_XOR_DELEGATION when a new 6553 * open stateid would have to be created. 6554 */ 6555 if (new_stp && open_xor_delegation(open)) { 6556 memcpy(&open->op_stateid, &zero_stateid, sizeof(open->op_stateid)); 6557 open->op_rflags |= OPEN4_RESULT_NO_OPEN_STATEID; 6558 release_open_stateid(stp); 6559 } 6560 nodeleg: 6561 status = nfs_ok; 6562 trace_nfsd_open(&stp->st_stid.sc_stateid); 6563 out: 6564 /* 4.1 client trying to upgrade/downgrade delegation? */ 6565 if (open->op_delegate_type == OPEN_DELEGATE_NONE && dp && 6566 open->op_deleg_want) 6567 nfsd4_deleg_xgrade_none_ext(open, dp); 6568 6569 if (fp) 6570 put_nfs4_file(fp); 6571 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 6572 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 6573 /* 6574 * To finish the open response, we just need to set the rflags. 6575 */ 6576 open->op_rflags |= NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 6577 if (nfsd4_has_session(&resp->cstate)) 6578 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 6579 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 6580 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 6581 6582 if (dp) 6583 nfs4_put_stid(&dp->dl_stid); 6584 if (stp) 6585 nfs4_put_stid(&stp->st_stid); 6586 6587 return status; 6588 } 6589 6590 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 6591 struct nfsd4_open *open) 6592 { 6593 if (open->op_openowner) 6594 nfs4_put_stateowner(&open->op_openowner->oo_owner); 6595 if (open->op_file) 6596 kmem_cache_free(file_slab, open->op_file); 6597 if (open->op_stp) 6598 nfs4_put_stid(&open->op_stp->st_stid); 6599 if (open->op_odstate) 6600 kmem_cache_free(odstate_slab, open->op_odstate); 6601 } 6602 6603 __be32 6604 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6605 union nfsd4_op_u *u) 6606 { 6607 clientid_t *clid = &u->renew; 6608 struct nfs4_client *clp; 6609 __be32 status; 6610 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6611 6612 trace_nfsd_clid_renew(clid); 6613 status = set_client(clid, cstate, nn); 6614 if (status) 6615 return status; 6616 clp = cstate->clp; 6617 if (!list_empty(&clp->cl_delegations) 6618 && clp->cl_cb_state != NFSD4_CB_UP) 6619 return nfserr_cb_path_down; 6620 return nfs_ok; 6621 } 6622 6623 static void 6624 nfsd4_end_grace(struct nfsd_net *nn) 6625 { 6626 /* do nothing if grace period already ended */ 6627 if (nn->grace_ended) 6628 return; 6629 6630 trace_nfsd_grace_complete(nn); 6631 nn->grace_ended = true; 6632 /* 6633 * If the server goes down again right now, an NFSv4 6634 * client will still be allowed to reclaim after it comes back up, 6635 * even if it hasn't yet had a chance to reclaim state this time. 6636 * 6637 */ 6638 nfsd4_record_grace_done(nn); 6639 /* 6640 * At this point, NFSv4 clients can still reclaim. But if the 6641 * server crashes, any that have not yet reclaimed will be out 6642 * of luck on the next boot. 6643 * 6644 * (NFSv4.1+ clients are considered to have reclaimed once they 6645 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 6646 * have reclaimed after their first OPEN.) 6647 */ 6648 locks_end_grace(&nn->nfsd4_manager); 6649 /* 6650 * At this point, and once lockd and/or any other containers 6651 * exit their grace period, further reclaims will fail and 6652 * regular locking can resume. 6653 */ 6654 } 6655 6656 /** 6657 * nfsd4_force_end_grace - forcibly end the NFSv4 grace period 6658 * @nn: network namespace for the server instance to be updated 6659 * 6660 * Forces bypass of normal grace period completion, then schedules 6661 * the laundromat to end the grace period immediately. Does not wait 6662 * for the grace period to fully terminate before returning. 6663 * 6664 * Return values: 6665 * %true: Grace termination schedule 6666 * %false: No action was taken 6667 */ 6668 bool nfsd4_force_end_grace(struct nfsd_net *nn) 6669 { 6670 if (!nn->client_tracking_ops) 6671 return false; 6672 if (READ_ONCE(nn->grace_ended)) 6673 return false; 6674 /* laundromat_work must be initialised now, though it might be disabled */ 6675 WRITE_ONCE(nn->grace_end_forced, true); 6676 /* mod_delayed_work() doesn't queue work after 6677 * nfs4_state_shutdown_net() has called disable_delayed_work_sync() 6678 */ 6679 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 6680 return true; 6681 } 6682 6683 /* 6684 * If we've waited a lease period but there are still clients trying to 6685 * reclaim, wait a little longer to give them a chance to finish. 6686 */ 6687 static bool clients_still_reclaiming(struct nfsd_net *nn) 6688 { 6689 time64_t double_grace_period_end = nn->boot_time + 6690 2 * nn->nfsd4_lease; 6691 6692 if (READ_ONCE(nn->grace_end_forced)) 6693 return false; 6694 if (nn->track_reclaim_completes && 6695 atomic_read(&nn->nr_reclaim_complete) == 6696 nn->reclaim_str_hashtbl_size) 6697 return false; 6698 if (!nn->somebody_reclaimed) 6699 return false; 6700 nn->somebody_reclaimed = false; 6701 /* 6702 * If we've given them *two* lease times to reclaim, and they're 6703 * still not done, give up: 6704 */ 6705 if (ktime_get_boottime_seconds() > double_grace_period_end) 6706 return false; 6707 return true; 6708 } 6709 6710 struct laundry_time { 6711 time64_t cutoff; 6712 time64_t new_timeo; 6713 }; 6714 6715 static bool state_expired(struct laundry_time *lt, time64_t last_refresh) 6716 { 6717 time64_t time_remaining; 6718 6719 if (last_refresh < lt->cutoff) 6720 return true; 6721 time_remaining = last_refresh - lt->cutoff; 6722 lt->new_timeo = min(lt->new_timeo, time_remaining); 6723 return false; 6724 } 6725 6726 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 6727 void nfsd4_ssc_init_umount_work(struct nfsd_net *nn) 6728 { 6729 spin_lock_init(&nn->nfsd_ssc_lock); 6730 INIT_LIST_HEAD(&nn->nfsd_ssc_mount_list); 6731 init_waitqueue_head(&nn->nfsd_ssc_waitq); 6732 } 6733 6734 /* 6735 * This is called when nfsd is being shutdown, after all inter_ssc 6736 * cleanup were done, to destroy the ssc delayed unmount list. 6737 */ 6738 static void nfsd4_ssc_shutdown_umount(struct nfsd_net *nn) 6739 { 6740 struct nfsd4_ssc_umount_item *ni = NULL; 6741 struct nfsd4_ssc_umount_item *tmp; 6742 6743 spin_lock(&nn->nfsd_ssc_lock); 6744 list_for_each_entry_safe(ni, tmp, &nn->nfsd_ssc_mount_list, nsui_list) { 6745 list_del(&ni->nsui_list); 6746 spin_unlock(&nn->nfsd_ssc_lock); 6747 mntput(ni->nsui_vfsmount); 6748 kfree(ni); 6749 spin_lock(&nn->nfsd_ssc_lock); 6750 } 6751 spin_unlock(&nn->nfsd_ssc_lock); 6752 } 6753 6754 static void nfsd4_ssc_expire_umount(struct nfsd_net *nn) 6755 { 6756 bool do_wakeup = false; 6757 struct nfsd4_ssc_umount_item *ni = NULL; 6758 struct nfsd4_ssc_umount_item *tmp; 6759 6760 spin_lock(&nn->nfsd_ssc_lock); 6761 list_for_each_entry_safe(ni, tmp, &nn->nfsd_ssc_mount_list, nsui_list) { 6762 if (time_after(jiffies, ni->nsui_expire)) { 6763 if (refcount_read(&ni->nsui_refcnt) > 1) 6764 continue; 6765 6766 /* mark being unmount */ 6767 ni->nsui_busy = true; 6768 spin_unlock(&nn->nfsd_ssc_lock); 6769 mntput(ni->nsui_vfsmount); 6770 spin_lock(&nn->nfsd_ssc_lock); 6771 6772 /* waiters need to start from begin of list */ 6773 list_del(&ni->nsui_list); 6774 kfree(ni); 6775 6776 /* wakeup ssc_connect waiters */ 6777 do_wakeup = true; 6778 continue; 6779 } 6780 break; 6781 } 6782 if (do_wakeup) 6783 wake_up_all(&nn->nfsd_ssc_waitq); 6784 spin_unlock(&nn->nfsd_ssc_lock); 6785 } 6786 #endif 6787 6788 /* Check if any lock belonging to this lockowner has any blockers */ 6789 static bool 6790 nfs4_lockowner_has_blockers(struct nfs4_lockowner *lo) 6791 { 6792 struct file_lock_context *ctx; 6793 struct nfs4_ol_stateid *stp; 6794 struct nfs4_file *nf; 6795 6796 list_for_each_entry(stp, &lo->lo_owner.so_stateids, st_perstateowner) { 6797 nf = stp->st_stid.sc_file; 6798 ctx = locks_inode_context(nf->fi_inode); 6799 if (!ctx) 6800 continue; 6801 if (locks_owner_has_blockers(ctx, lo)) 6802 return true; 6803 } 6804 return false; 6805 } 6806 6807 static bool 6808 nfs4_anylock_blockers(struct nfs4_client *clp) 6809 { 6810 int i; 6811 struct nfs4_stateowner *so; 6812 struct nfs4_lockowner *lo; 6813 6814 if (atomic_read(&clp->cl_delegs_in_recall)) 6815 return true; 6816 spin_lock(&clp->cl_lock); 6817 for (i = 0; i < OWNER_HASH_SIZE; i++) { 6818 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[i], 6819 so_strhash) { 6820 if (so->so_is_open_owner) 6821 continue; 6822 lo = lockowner(so); 6823 if (nfs4_lockowner_has_blockers(lo)) { 6824 spin_unlock(&clp->cl_lock); 6825 return true; 6826 } 6827 } 6828 } 6829 spin_unlock(&clp->cl_lock); 6830 return false; 6831 } 6832 6833 static void 6834 nfs4_get_client_reaplist(struct nfsd_net *nn, struct list_head *reaplist, 6835 struct laundry_time *lt) 6836 { 6837 unsigned int maxreap, reapcnt = 0; 6838 struct list_head *pos, *next; 6839 struct nfs4_client *clp; 6840 6841 maxreap = (atomic_read(&nn->nfs4_client_count) >= nn->nfs4_max_clients) ? 6842 NFSD_CLIENT_MAX_TRIM_PER_RUN : 0; 6843 INIT_LIST_HEAD(reaplist); 6844 spin_lock(&nn->client_lock); 6845 list_for_each_safe(pos, next, &nn->client_lru) { 6846 clp = list_entry(pos, struct nfs4_client, cl_lru); 6847 if (clp->cl_state == NFSD4_EXPIRABLE) 6848 goto exp_client; 6849 if (!state_expired(lt, clp->cl_time)) 6850 break; 6851 if (!atomic_read(&clp->cl_rpc_users)) { 6852 if (clp->cl_state == NFSD4_ACTIVE) 6853 atomic_inc(&nn->nfsd_courtesy_clients); 6854 clp->cl_state = NFSD4_COURTESY; 6855 } 6856 if (!client_has_state(clp)) 6857 goto exp_client; 6858 if (!nfs4_anylock_blockers(clp)) 6859 if (reapcnt >= maxreap) 6860 continue; 6861 exp_client: 6862 if (!mark_client_expired_locked(clp)) { 6863 list_add(&clp->cl_lru, reaplist); 6864 reapcnt++; 6865 } 6866 } 6867 spin_unlock(&nn->client_lock); 6868 } 6869 6870 static void 6871 nfs4_get_courtesy_client_reaplist(struct nfsd_net *nn, 6872 struct list_head *reaplist) 6873 { 6874 unsigned int maxreap = 0, reapcnt = 0; 6875 struct list_head *pos, *next; 6876 struct nfs4_client *clp; 6877 6878 maxreap = NFSD_CLIENT_MAX_TRIM_PER_RUN; 6879 INIT_LIST_HEAD(reaplist); 6880 6881 spin_lock(&nn->client_lock); 6882 list_for_each_safe(pos, next, &nn->client_lru) { 6883 clp = list_entry(pos, struct nfs4_client, cl_lru); 6884 if (clp->cl_state == NFSD4_ACTIVE) 6885 break; 6886 if (reapcnt >= maxreap) 6887 break; 6888 if (!mark_client_expired_locked(clp)) { 6889 list_add(&clp->cl_lru, reaplist); 6890 reapcnt++; 6891 } 6892 } 6893 spin_unlock(&nn->client_lock); 6894 } 6895 6896 static void 6897 nfs4_process_client_reaplist(struct list_head *reaplist) 6898 { 6899 struct list_head *pos, *next; 6900 struct nfs4_client *clp; 6901 6902 list_for_each_safe(pos, next, reaplist) { 6903 clp = list_entry(pos, struct nfs4_client, cl_lru); 6904 trace_nfsd_clid_purged(&clp->cl_clientid); 6905 list_del_init(&clp->cl_lru); 6906 expire_client(clp); 6907 } 6908 } 6909 6910 static void nfs40_clean_admin_revoked(struct nfsd_net *nn, 6911 struct laundry_time *lt) 6912 { 6913 struct nfs4_client *clp; 6914 6915 spin_lock(&nn->client_lock); 6916 if (nn->nfs40_last_revoke == 0 || 6917 nn->nfs40_last_revoke > lt->cutoff) { 6918 spin_unlock(&nn->client_lock); 6919 return; 6920 } 6921 nn->nfs40_last_revoke = 0; 6922 6923 retry: 6924 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6925 unsigned long id, tmp; 6926 struct nfs4_stid *stid; 6927 6928 if (atomic_read(&clp->cl_admin_revoked) == 0) 6929 continue; 6930 6931 spin_lock(&clp->cl_lock); 6932 idr_for_each_entry_ul(&clp->cl_stateids, stid, tmp, id) 6933 if (stid->sc_status & SC_STATUS_ADMIN_REVOKED) { 6934 refcount_inc(&stid->sc_count); 6935 spin_unlock(&nn->client_lock); 6936 /* this function drops ->cl_lock */ 6937 nfsd4_drop_revoked_stid(stid); 6938 nfs4_put_stid(stid); 6939 spin_lock(&nn->client_lock); 6940 goto retry; 6941 } 6942 spin_unlock(&clp->cl_lock); 6943 } 6944 spin_unlock(&nn->client_lock); 6945 } 6946 6947 static time64_t 6948 nfs4_laundromat(struct nfsd_net *nn) 6949 { 6950 struct nfs4_openowner *oo; 6951 struct nfs4_delegation *dp; 6952 struct nfs4_ol_stateid *stp; 6953 struct nfsd4_blocked_lock *nbl; 6954 struct list_head *pos, *next, reaplist; 6955 struct laundry_time lt = { 6956 .cutoff = ktime_get_boottime_seconds() - nn->nfsd4_lease, 6957 .new_timeo = nn->nfsd4_lease 6958 }; 6959 struct nfs4_cpntf_state *cps; 6960 copy_stateid_t *cps_t; 6961 int i; 6962 6963 if (clients_still_reclaiming(nn)) { 6964 lt.new_timeo = 0; 6965 goto out; 6966 } 6967 nfsd4_end_grace(nn); 6968 6969 spin_lock(&nn->s2s_cp_lock); 6970 idr_for_each_entry(&nn->s2s_cp_stateids, cps_t, i) { 6971 cps = container_of(cps_t, struct nfs4_cpntf_state, cp_stateid); 6972 if (cps->cp_stateid.cs_type == NFS4_COPYNOTIFY_STID && 6973 state_expired(<, cps->cpntf_time)) 6974 _free_cpntf_state_locked(nn, cps); 6975 } 6976 spin_unlock(&nn->s2s_cp_lock); 6977 nfsd4_async_copy_reaper(nn); 6978 nfs4_get_client_reaplist(nn, &reaplist, <); 6979 nfs4_process_client_reaplist(&reaplist); 6980 6981 nfs40_clean_admin_revoked(nn, <); 6982 6983 spin_lock(&nn->deleg_lock); 6984 list_for_each_safe(pos, next, &nn->del_recall_lru) { 6985 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 6986 if (!state_expired(<, dp->dl_time)) 6987 break; 6988 refcount_inc(&dp->dl_stid.sc_count); 6989 unhash_delegation_locked(dp, SC_STATUS_REVOKED); 6990 list_add(&dp->dl_recall_lru, &reaplist); 6991 } 6992 spin_unlock(&nn->deleg_lock); 6993 while (!list_empty(&reaplist)) { 6994 dp = list_first_entry(&reaplist, struct nfs4_delegation, 6995 dl_recall_lru); 6996 list_del_init(&dp->dl_recall_lru); 6997 revoke_delegation(dp); 6998 } 6999 7000 spin_lock(&nn->client_lock); 7001 while (!list_empty(&nn->close_lru)) { 7002 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 7003 oo_close_lru); 7004 if (!state_expired(<, oo->oo_time)) 7005 break; 7006 list_del_init(&oo->oo_close_lru); 7007 stp = oo->oo_last_closed_stid; 7008 oo->oo_last_closed_stid = NULL; 7009 spin_unlock(&nn->client_lock); 7010 nfs4_put_stid(&stp->st_stid); 7011 spin_lock(&nn->client_lock); 7012 } 7013 spin_unlock(&nn->client_lock); 7014 7015 /* 7016 * It's possible for a client to try and acquire an already held lock 7017 * that is being held for a long time, and then lose interest in it. 7018 * So, we clean out any un-revisited request after a lease period 7019 * under the assumption that the client is no longer interested. 7020 * 7021 * RFC5661, sec. 9.6 states that the client must not rely on getting 7022 * notifications and must continue to poll for locks, even when the 7023 * server supports them. Thus this shouldn't lead to clients blocking 7024 * indefinitely once the lock does become free. 7025 */ 7026 BUG_ON(!list_empty(&reaplist)); 7027 spin_lock(&nn->blocked_locks_lock); 7028 while (!list_empty(&nn->blocked_locks_lru)) { 7029 nbl = list_first_entry(&nn->blocked_locks_lru, 7030 struct nfsd4_blocked_lock, nbl_lru); 7031 if (!state_expired(<, nbl->nbl_time)) 7032 break; 7033 list_move(&nbl->nbl_lru, &reaplist); 7034 list_del_init(&nbl->nbl_list); 7035 } 7036 spin_unlock(&nn->blocked_locks_lock); 7037 7038 while (!list_empty(&reaplist)) { 7039 nbl = list_first_entry(&reaplist, 7040 struct nfsd4_blocked_lock, nbl_lru); 7041 list_del_init(&nbl->nbl_lru); 7042 free_blocked_lock(nbl); 7043 } 7044 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 7045 /* service the server-to-server copy delayed unmount list */ 7046 nfsd4_ssc_expire_umount(nn); 7047 #endif 7048 if (atomic_long_read(&num_delegations) >= max_delegations) 7049 deleg_reaper(nn); 7050 out: 7051 return max_t(time64_t, lt.new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 7052 } 7053 7054 static void laundromat_main(struct work_struct *); 7055 7056 static void 7057 laundromat_main(struct work_struct *laundry) 7058 { 7059 time64_t t; 7060 struct delayed_work *dwork = to_delayed_work(laundry); 7061 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 7062 laundromat_work); 7063 7064 t = nfs4_laundromat(nn); 7065 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 7066 } 7067 7068 static void 7069 courtesy_client_reaper(struct nfsd_net *nn) 7070 { 7071 struct list_head reaplist; 7072 7073 nfs4_get_courtesy_client_reaplist(nn, &reaplist); 7074 nfs4_process_client_reaplist(&reaplist); 7075 } 7076 7077 static void 7078 deleg_reaper(struct nfsd_net *nn) 7079 { 7080 struct list_head *pos, *next; 7081 struct nfs4_client *clp; 7082 7083 spin_lock(&nn->client_lock); 7084 list_for_each_safe(pos, next, &nn->client_lru) { 7085 clp = list_entry(pos, struct nfs4_client, cl_lru); 7086 7087 if (clp->cl_state != NFSD4_ACTIVE) 7088 continue; 7089 if (list_empty(&clp->cl_delegations)) 7090 continue; 7091 if (atomic_read(&clp->cl_delegs_in_recall)) 7092 continue; 7093 if (test_and_set_bit(NFSD4_CALLBACK_RUNNING, &clp->cl_ra->ra_cb.cb_flags)) 7094 continue; 7095 if (ktime_get_boottime_seconds() - clp->cl_ra_time < 5) 7096 continue; 7097 if (clp->cl_cb_state != NFSD4_CB_UP) 7098 continue; 7099 7100 /* release in nfsd4_cb_recall_any_release */ 7101 kref_get(&clp->cl_nfsdfs.cl_ref); 7102 clp->cl_ra_time = ktime_get_boottime_seconds(); 7103 clp->cl_ra->ra_keep = 0; 7104 clp->cl_ra->ra_bmval[0] = BIT(RCA4_TYPE_MASK_RDATA_DLG) | 7105 BIT(RCA4_TYPE_MASK_WDATA_DLG); 7106 trace_nfsd_cb_recall_any(clp->cl_ra); 7107 nfsd4_run_cb(&clp->cl_ra->ra_cb); 7108 } 7109 spin_unlock(&nn->client_lock); 7110 } 7111 7112 static void 7113 nfsd4_state_shrinker_worker(struct work_struct *work) 7114 { 7115 struct nfsd_net *nn = container_of(work, struct nfsd_net, 7116 nfsd_shrinker_work); 7117 7118 courtesy_client_reaper(nn); 7119 deleg_reaper(nn); 7120 } 7121 7122 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 7123 { 7124 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 7125 return nfserr_bad_stateid; 7126 return nfs_ok; 7127 } 7128 7129 static 7130 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 7131 { 7132 __be32 status = nfserr_openmode; 7133 7134 /* For lock stateid's, we test the parent open, not the lock: */ 7135 if (stp->st_openstp) 7136 stp = stp->st_openstp; 7137 if ((flags & WR_STATE) && !access_permit_write(stp)) 7138 goto out; 7139 if ((flags & RD_STATE) && !access_permit_read(stp)) 7140 goto out; 7141 status = nfs_ok; 7142 out: 7143 return status; 7144 } 7145 7146 static inline __be32 7147 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 7148 { 7149 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 7150 return nfs_ok; 7151 else if (opens_in_grace(net)) { 7152 /* Answer in remaining cases depends on existence of 7153 * conflicting state; so we must wait out the grace period. */ 7154 return nfserr_grace; 7155 } else if (flags & WR_STATE) 7156 return nfs4_share_conflict(current_fh, 7157 NFS4_SHARE_DENY_WRITE); 7158 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 7159 return nfs4_share_conflict(current_fh, 7160 NFS4_SHARE_DENY_READ); 7161 } 7162 7163 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 7164 { 7165 /* 7166 * When sessions are used the stateid generation number is ignored 7167 * when it is zero. 7168 */ 7169 if (has_session && in->si_generation == 0) 7170 return nfs_ok; 7171 7172 if (in->si_generation == ref->si_generation) 7173 return nfs_ok; 7174 7175 /* If the client sends us a stateid from the future, it's buggy: */ 7176 if (nfsd4_stateid_generation_after(in, ref)) 7177 return nfserr_bad_stateid; 7178 /* 7179 * However, we could see a stateid from the past, even from a 7180 * non-buggy client. For example, if the client sends a lock 7181 * while some IO is outstanding, the lock may bump si_generation 7182 * while the IO is still in flight. The client could avoid that 7183 * situation by waiting for responses on all the IO requests, 7184 * but better performance may result in retrying IO that 7185 * receives an old_stateid error if requests are rarely 7186 * reordered in flight: 7187 */ 7188 return nfserr_old_stateid; 7189 } 7190 7191 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 7192 { 7193 __be32 ret; 7194 7195 spin_lock(&s->sc_lock); 7196 ret = nfsd4_verify_open_stid(s); 7197 if (ret == nfs_ok) 7198 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 7199 spin_unlock(&s->sc_lock); 7200 if (ret == nfserr_admin_revoked) 7201 nfsd40_drop_revoked_stid(s->sc_client, 7202 &s->sc_stateid); 7203 return ret; 7204 } 7205 7206 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 7207 { 7208 if (ols->st_stateowner->so_is_open_owner && 7209 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 7210 return nfserr_bad_stateid; 7211 return nfs_ok; 7212 } 7213 7214 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 7215 { 7216 struct nfs4_stid *s; 7217 __be32 status = nfserr_bad_stateid; 7218 7219 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 7220 CLOSE_STATEID(stateid)) 7221 return status; 7222 spin_lock(&cl->cl_lock); 7223 s = find_stateid_locked(cl, stateid); 7224 if (!s) 7225 goto out_unlock; 7226 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 7227 if (status) 7228 goto out_unlock; 7229 status = nfsd4_verify_open_stid(s); 7230 if (status) 7231 goto out_unlock; 7232 7233 switch (s->sc_type) { 7234 case SC_TYPE_DELEG: 7235 status = nfs_ok; 7236 break; 7237 case SC_TYPE_OPEN: 7238 case SC_TYPE_LOCK: 7239 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 7240 break; 7241 default: 7242 printk("unknown stateid type %x\n", s->sc_type); 7243 status = nfserr_bad_stateid; 7244 } 7245 out_unlock: 7246 spin_unlock(&cl->cl_lock); 7247 if (status == nfserr_admin_revoked) 7248 nfsd40_drop_revoked_stid(cl, stateid); 7249 return status; 7250 } 7251 7252 __be32 7253 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 7254 stateid_t *stateid, 7255 unsigned short typemask, unsigned short statusmask, 7256 struct nfs4_stid **s, struct nfsd_net *nn) 7257 { 7258 __be32 status; 7259 struct nfs4_stid *stid; 7260 bool return_revoked = false; 7261 7262 /* 7263 * only return revoked delegations if explicitly asked. 7264 * otherwise we report revoked or bad_stateid status. 7265 */ 7266 if (statusmask & SC_STATUS_REVOKED) 7267 return_revoked = true; 7268 if (typemask & SC_TYPE_DELEG) 7269 /* Always allow REVOKED for DELEG so we can 7270 * return the appropriate error. 7271 */ 7272 statusmask |= SC_STATUS_REVOKED; 7273 7274 statusmask |= SC_STATUS_ADMIN_REVOKED | SC_STATUS_FREEABLE; 7275 7276 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 7277 CLOSE_STATEID(stateid)) 7278 return nfserr_bad_stateid; 7279 status = set_client(&stateid->si_opaque.so_clid, cstate, nn); 7280 if (status == nfserr_stale_clientid) { 7281 if (cstate->session) 7282 return nfserr_bad_stateid; 7283 return nfserr_stale_stateid; 7284 } 7285 if (status) 7286 return status; 7287 stid = find_stateid_by_type(cstate->clp, stateid, typemask, statusmask); 7288 if (!stid) 7289 return nfserr_bad_stateid; 7290 if ((stid->sc_status & SC_STATUS_REVOKED) && !return_revoked) { 7291 nfs4_put_stid(stid); 7292 return nfserr_deleg_revoked; 7293 } 7294 if (stid->sc_status & SC_STATUS_ADMIN_REVOKED) { 7295 nfsd40_drop_revoked_stid(cstate->clp, stateid); 7296 nfs4_put_stid(stid); 7297 return nfserr_admin_revoked; 7298 } 7299 *s = stid; 7300 return nfs_ok; 7301 } 7302 7303 static struct nfsd_file * 7304 nfs4_find_file(struct nfs4_stid *s, int flags) 7305 { 7306 struct nfsd_file *ret = NULL; 7307 7308 if (!s || s->sc_status) 7309 return NULL; 7310 7311 switch (s->sc_type) { 7312 case SC_TYPE_DELEG: 7313 case SC_TYPE_OPEN: 7314 case SC_TYPE_LOCK: 7315 if (flags & RD_STATE) 7316 ret = find_readable_file(s->sc_file); 7317 else 7318 ret = find_writeable_file(s->sc_file); 7319 } 7320 7321 return ret; 7322 } 7323 7324 static __be32 7325 nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags) 7326 { 7327 __be32 status; 7328 7329 status = nfsd4_check_openowner_confirmed(ols); 7330 if (status) 7331 return status; 7332 return nfs4_check_openmode(ols, flags); 7333 } 7334 7335 static __be32 7336 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 7337 struct nfsd_file **nfp, int flags) 7338 { 7339 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 7340 struct nfsd_file *nf; 7341 __be32 status; 7342 7343 nf = nfs4_find_file(s, flags); 7344 if (nf) { 7345 status = nfsd_permission(&rqstp->rq_cred, 7346 fhp->fh_export, fhp->fh_dentry, 7347 acc | NFSD_MAY_OWNER_OVERRIDE); 7348 if (status) { 7349 nfsd_file_put(nf); 7350 goto out; 7351 } 7352 } else { 7353 status = nfsd_file_acquire(rqstp, fhp, acc, &nf); 7354 if (status) 7355 return status; 7356 } 7357 *nfp = nf; 7358 out: 7359 return status; 7360 } 7361 static void 7362 _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 7363 { 7364 WARN_ON_ONCE(cps->cp_stateid.cs_type != NFS4_COPYNOTIFY_STID); 7365 if (!refcount_dec_and_test(&cps->cp_stateid.cs_count)) 7366 return; 7367 list_del(&cps->cp_list); 7368 idr_remove(&nn->s2s_cp_stateids, 7369 cps->cp_stateid.cs_stid.si_opaque.so_id); 7370 kfree(cps); 7371 } 7372 /* 7373 * A READ from an inter server to server COPY will have a 7374 * copy stateid. Look up the copy notify stateid from the 7375 * idr structure and take a reference on it. 7376 */ 7377 __be32 manage_cpntf_state(struct nfsd_net *nn, stateid_t *st, 7378 struct nfs4_client *clp, 7379 struct nfs4_cpntf_state **cps) 7380 { 7381 copy_stateid_t *cps_t; 7382 struct nfs4_cpntf_state *state = NULL; 7383 7384 if (st->si_opaque.so_clid.cl_id != nn->s2s_cp_cl_id) 7385 return nfserr_bad_stateid; 7386 spin_lock(&nn->s2s_cp_lock); 7387 cps_t = idr_find(&nn->s2s_cp_stateids, st->si_opaque.so_id); 7388 if (cps_t) { 7389 state = container_of(cps_t, struct nfs4_cpntf_state, 7390 cp_stateid); 7391 if (state->cp_stateid.cs_type != NFS4_COPYNOTIFY_STID) { 7392 state = NULL; 7393 goto unlock; 7394 } 7395 if (!clp) 7396 refcount_inc(&state->cp_stateid.cs_count); 7397 else 7398 _free_cpntf_state_locked(nn, state); 7399 } 7400 unlock: 7401 spin_unlock(&nn->s2s_cp_lock); 7402 if (!state) 7403 return nfserr_bad_stateid; 7404 if (!clp) 7405 *cps = state; 7406 return 0; 7407 } 7408 7409 static __be32 find_cpntf_state(struct nfsd_net *nn, stateid_t *st, 7410 struct nfs4_stid **stid) 7411 { 7412 __be32 status; 7413 struct nfs4_cpntf_state *cps = NULL; 7414 struct nfs4_client *found; 7415 7416 status = manage_cpntf_state(nn, st, NULL, &cps); 7417 if (status) 7418 return status; 7419 7420 cps->cpntf_time = ktime_get_boottime_seconds(); 7421 7422 status = nfserr_expired; 7423 found = lookup_clientid(&cps->cp_p_clid, true, nn); 7424 if (!found) 7425 goto out; 7426 7427 *stid = find_stateid_by_type(found, &cps->cp_p_stateid, 7428 SC_TYPE_DELEG|SC_TYPE_OPEN|SC_TYPE_LOCK, 7429 0); 7430 if (*stid) 7431 status = nfs_ok; 7432 else 7433 status = nfserr_bad_stateid; 7434 7435 put_client_renew(found); 7436 out: 7437 nfs4_put_cpntf_state(nn, cps); 7438 return status; 7439 } 7440 7441 void nfs4_put_cpntf_state(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 7442 { 7443 spin_lock(&nn->s2s_cp_lock); 7444 _free_cpntf_state_locked(nn, cps); 7445 spin_unlock(&nn->s2s_cp_lock); 7446 } 7447 7448 /** 7449 * nfs4_preprocess_stateid_op - find and prep stateid for an operation 7450 * @rqstp: incoming request from client 7451 * @cstate: current compound state 7452 * @fhp: filehandle associated with requested stateid 7453 * @stateid: stateid (provided by client) 7454 * @flags: flags describing type of operation to be done 7455 * @nfp: optional nfsd_file return pointer (may be NULL) 7456 * @cstid: optional returned nfs4_stid pointer (may be NULL) 7457 * 7458 * Given info from the client, look up a nfs4_stid for the operation. On 7459 * success, it returns a reference to the nfs4_stid and/or the nfsd_file 7460 * associated with it. 7461 */ 7462 __be32 7463 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 7464 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 7465 stateid_t *stateid, int flags, struct nfsd_file **nfp, 7466 struct nfs4_stid **cstid) 7467 { 7468 struct net *net = SVC_NET(rqstp); 7469 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7470 struct nfs4_stid *s = NULL; 7471 __be32 status; 7472 7473 if (nfp) 7474 *nfp = NULL; 7475 7476 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 7477 status = check_special_stateids(net, fhp, stateid, flags); 7478 goto done; 7479 } 7480 7481 status = nfsd4_lookup_stateid(cstate, stateid, 7482 SC_TYPE_DELEG|SC_TYPE_OPEN|SC_TYPE_LOCK, 7483 0, &s, nn); 7484 if (status == nfserr_bad_stateid) 7485 status = find_cpntf_state(nn, stateid, &s); 7486 if (status) 7487 return status; 7488 status = nfsd4_stid_check_stateid_generation(stateid, s, 7489 nfsd4_has_session(cstate)); 7490 if (status) 7491 goto out; 7492 7493 switch (s->sc_type) { 7494 case SC_TYPE_DELEG: 7495 status = nfs4_check_delegmode(delegstateid(s), flags); 7496 break; 7497 case SC_TYPE_OPEN: 7498 case SC_TYPE_LOCK: 7499 status = nfs4_check_olstateid(openlockstateid(s), flags); 7500 break; 7501 } 7502 if (status) 7503 goto out; 7504 status = nfs4_check_fh(fhp, s); 7505 7506 done: 7507 if (status == nfs_ok && nfp) 7508 status = nfs4_check_file(rqstp, fhp, s, nfp, flags); 7509 out: 7510 if (s) { 7511 if (!status && cstid) 7512 *cstid = s; 7513 else 7514 nfs4_put_stid(s); 7515 } 7516 return status; 7517 } 7518 7519 /* 7520 * Test if the stateid is valid 7521 */ 7522 __be32 7523 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7524 union nfsd4_op_u *u) 7525 { 7526 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 7527 struct nfsd4_test_stateid_id *stateid; 7528 struct nfs4_client *cl = cstate->clp; 7529 7530 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 7531 stateid->ts_id_status = 7532 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 7533 7534 return nfs_ok; 7535 } 7536 7537 static __be32 7538 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 7539 { 7540 struct nfs4_ol_stateid *stp = openlockstateid(s); 7541 __be32 ret; 7542 7543 ret = nfsd4_lock_ol_stateid(stp); 7544 if (ret) 7545 goto out_put_stid; 7546 7547 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 7548 if (ret) 7549 goto out; 7550 7551 ret = nfserr_locks_held; 7552 if (check_for_locks(stp->st_stid.sc_file, 7553 lockowner(stp->st_stateowner))) 7554 goto out; 7555 7556 release_lock_stateid(stp); 7557 ret = nfs_ok; 7558 7559 out: 7560 mutex_unlock(&stp->st_mutex); 7561 out_put_stid: 7562 nfs4_put_stid(s); 7563 return ret; 7564 } 7565 7566 __be32 7567 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7568 union nfsd4_op_u *u) 7569 { 7570 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 7571 stateid_t *stateid = &free_stateid->fr_stateid; 7572 struct nfs4_stid *s; 7573 struct nfs4_delegation *dp; 7574 struct nfs4_client *cl = cstate->clp; 7575 __be32 ret = nfserr_bad_stateid; 7576 7577 spin_lock(&cl->cl_lock); 7578 s = find_stateid_locked(cl, stateid); 7579 if (!s || s->sc_status & SC_STATUS_CLOSED) 7580 goto out_unlock; 7581 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) { 7582 nfsd4_drop_revoked_stid(s); 7583 ret = nfs_ok; 7584 goto out; 7585 } 7586 spin_lock(&s->sc_lock); 7587 switch (s->sc_type) { 7588 case SC_TYPE_DELEG: 7589 if (s->sc_status & SC_STATUS_REVOKED) { 7590 s->sc_status |= SC_STATUS_CLOSED; 7591 spin_unlock(&s->sc_lock); 7592 dp = delegstateid(s); 7593 if (s->sc_status & SC_STATUS_FREEABLE) 7594 list_del_init(&dp->dl_recall_lru); 7595 s->sc_status |= SC_STATUS_FREED; 7596 spin_unlock(&cl->cl_lock); 7597 nfs4_put_stid(s); 7598 ret = nfs_ok; 7599 goto out; 7600 } 7601 ret = nfserr_locks_held; 7602 break; 7603 case SC_TYPE_OPEN: 7604 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 7605 if (ret) 7606 break; 7607 ret = nfserr_locks_held; 7608 break; 7609 case SC_TYPE_LOCK: 7610 spin_unlock(&s->sc_lock); 7611 refcount_inc(&s->sc_count); 7612 spin_unlock(&cl->cl_lock); 7613 ret = nfsd4_free_lock_stateid(stateid, s); 7614 goto out; 7615 } 7616 spin_unlock(&s->sc_lock); 7617 out_unlock: 7618 spin_unlock(&cl->cl_lock); 7619 out: 7620 return ret; 7621 } 7622 7623 static inline int 7624 setlkflg (int type) 7625 { 7626 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 7627 RD_STATE : WR_STATE; 7628 } 7629 7630 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 7631 { 7632 struct svc_fh *current_fh = &cstate->current_fh; 7633 struct nfs4_stateowner *sop = stp->st_stateowner; 7634 __be32 status; 7635 7636 status = nfsd4_check_seqid(cstate, sop, seqid); 7637 if (status) 7638 return status; 7639 status = nfsd4_lock_ol_stateid(stp); 7640 if (status != nfs_ok) 7641 return status; 7642 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 7643 if (status == nfs_ok) 7644 status = nfs4_check_fh(current_fh, &stp->st_stid); 7645 if (status != nfs_ok) 7646 mutex_unlock(&stp->st_mutex); 7647 return status; 7648 } 7649 7650 /** 7651 * nfs4_preprocess_seqid_op - find and prep an ol_stateid for a seqid-morphing op 7652 * @cstate: compund state 7653 * @seqid: seqid (provided by client) 7654 * @stateid: stateid (provided by client) 7655 * @typemask: mask of allowable types for this operation 7656 * @statusmask: mask of allowed states: 0 or STID_CLOSED 7657 * @stpp: return pointer for the stateid found 7658 * @nn: net namespace for request 7659 * 7660 * Given a stateid+seqid from a client, look up an nfs4_ol_stateid and 7661 * return it in @stpp. On a nfs_ok return, the returned stateid will 7662 * have its st_mutex locked. 7663 */ 7664 static __be32 7665 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 7666 stateid_t *stateid, 7667 unsigned short typemask, unsigned short statusmask, 7668 struct nfs4_ol_stateid **stpp, 7669 struct nfsd_net *nn) 7670 { 7671 __be32 status; 7672 struct nfs4_stid *s; 7673 struct nfs4_ol_stateid *stp = NULL; 7674 7675 trace_nfsd_preprocess(seqid, stateid); 7676 7677 *stpp = NULL; 7678 retry: 7679 status = nfsd4_lookup_stateid(cstate, stateid, 7680 typemask, statusmask, &s, nn); 7681 if (status) 7682 return status; 7683 stp = openlockstateid(s); 7684 if (nfsd4_cstate_assign_replay(cstate, stp->st_stateowner) == -EAGAIN) { 7685 nfs4_put_stateowner(stp->st_stateowner); 7686 goto retry; 7687 } 7688 7689 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 7690 if (!status) 7691 *stpp = stp; 7692 else 7693 nfs4_put_stid(&stp->st_stid); 7694 return status; 7695 } 7696 7697 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 7698 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 7699 { 7700 __be32 status; 7701 struct nfs4_openowner *oo; 7702 struct nfs4_ol_stateid *stp; 7703 7704 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 7705 SC_TYPE_OPEN, 0, &stp, nn); 7706 if (status) 7707 return status; 7708 oo = openowner(stp->st_stateowner); 7709 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 7710 mutex_unlock(&stp->st_mutex); 7711 nfs4_put_stid(&stp->st_stid); 7712 return nfserr_bad_stateid; 7713 } 7714 *stpp = stp; 7715 return nfs_ok; 7716 } 7717 7718 __be32 7719 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7720 union nfsd4_op_u *u) 7721 { 7722 struct nfsd4_open_confirm *oc = &u->open_confirm; 7723 __be32 status; 7724 struct nfs4_openowner *oo; 7725 struct nfs4_ol_stateid *stp; 7726 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7727 7728 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 7729 cstate->current_fh.fh_dentry); 7730 7731 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 7732 if (status) 7733 return status; 7734 7735 status = nfs4_preprocess_seqid_op(cstate, 7736 oc->oc_seqid, &oc->oc_req_stateid, 7737 SC_TYPE_OPEN, 0, &stp, nn); 7738 if (status) 7739 goto out; 7740 oo = openowner(stp->st_stateowner); 7741 status = nfserr_bad_stateid; 7742 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 7743 mutex_unlock(&stp->st_mutex); 7744 goto put_stateid; 7745 } 7746 oo->oo_flags |= NFS4_OO_CONFIRMED; 7747 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 7748 mutex_unlock(&stp->st_mutex); 7749 trace_nfsd_open_confirm(oc->oc_seqid, &stp->st_stid.sc_stateid); 7750 nfsd4_client_record_create(oo->oo_owner.so_client); 7751 status = nfs_ok; 7752 put_stateid: 7753 nfs4_put_stid(&stp->st_stid); 7754 out: 7755 nfsd4_bump_seqid(cstate, status); 7756 return status; 7757 } 7758 7759 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 7760 { 7761 if (!test_access(access, stp)) 7762 return; 7763 nfs4_file_put_access(stp->st_stid.sc_file, access); 7764 clear_access(access, stp); 7765 } 7766 7767 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 7768 { 7769 switch (to_access) { 7770 case NFS4_SHARE_ACCESS_READ: 7771 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 7772 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 7773 break; 7774 case NFS4_SHARE_ACCESS_WRITE: 7775 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 7776 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 7777 break; 7778 case NFS4_SHARE_ACCESS_BOTH: 7779 break; 7780 default: 7781 WARN_ON_ONCE(1); 7782 } 7783 } 7784 7785 __be32 7786 nfsd4_open_downgrade(struct svc_rqst *rqstp, 7787 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 7788 { 7789 struct nfsd4_open_downgrade *od = &u->open_downgrade; 7790 __be32 status; 7791 struct nfs4_ol_stateid *stp; 7792 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7793 7794 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 7795 cstate->current_fh.fh_dentry); 7796 7797 /* We don't yet support WANT bits: */ 7798 if (od->od_deleg_want) 7799 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 7800 od->od_deleg_want); 7801 7802 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 7803 &od->od_stateid, &stp, nn); 7804 if (status) 7805 goto out; 7806 status = nfserr_inval; 7807 if (!test_access(od->od_share_access, stp)) { 7808 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 7809 stp->st_access_bmap, od->od_share_access); 7810 goto put_stateid; 7811 } 7812 if (!test_deny(od->od_share_deny, stp)) { 7813 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 7814 stp->st_deny_bmap, od->od_share_deny); 7815 goto put_stateid; 7816 } 7817 nfs4_stateid_downgrade(stp, od->od_share_access); 7818 reset_union_bmap_deny(od->od_share_deny, stp); 7819 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 7820 status = nfs_ok; 7821 put_stateid: 7822 mutex_unlock(&stp->st_mutex); 7823 nfs4_put_stid(&stp->st_stid); 7824 out: 7825 nfsd4_bump_seqid(cstate, status); 7826 return status; 7827 } 7828 7829 static bool nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 7830 { 7831 struct nfs4_client *clp = s->st_stid.sc_client; 7832 bool unhashed; 7833 LIST_HEAD(reaplist); 7834 struct nfs4_ol_stateid *stp; 7835 7836 spin_lock(&clp->cl_lock); 7837 unhashed = unhash_open_stateid(s, &reaplist); 7838 7839 if (clp->cl_minorversion) { 7840 if (unhashed) 7841 put_ol_stateid_locked(s, &reaplist); 7842 spin_unlock(&clp->cl_lock); 7843 list_for_each_entry(stp, &reaplist, st_locks) 7844 nfs4_free_cpntf_statelist(clp->net, &stp->st_stid); 7845 free_ol_stateid_reaplist(&reaplist); 7846 return false; 7847 } else { 7848 spin_unlock(&clp->cl_lock); 7849 free_ol_stateid_reaplist(&reaplist); 7850 return unhashed; 7851 } 7852 } 7853 7854 /* 7855 * nfs4_unlock_state() called after encode 7856 */ 7857 __be32 7858 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7859 union nfsd4_op_u *u) 7860 { 7861 struct nfsd4_close *close = &u->close; 7862 __be32 status; 7863 struct nfs4_ol_stateid *stp; 7864 struct net *net = SVC_NET(rqstp); 7865 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7866 bool need_move_to_close_list; 7867 7868 dprintk("NFSD: nfsd4_close on file %pd\n", 7869 cstate->current_fh.fh_dentry); 7870 7871 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 7872 &close->cl_stateid, 7873 SC_TYPE_OPEN, SC_STATUS_CLOSED, 7874 &stp, nn); 7875 nfsd4_bump_seqid(cstate, status); 7876 if (status) 7877 goto out; 7878 7879 spin_lock(&stp->st_stid.sc_client->cl_lock); 7880 stp->st_stid.sc_status |= SC_STATUS_CLOSED; 7881 spin_unlock(&stp->st_stid.sc_client->cl_lock); 7882 7883 /* 7884 * Technically we don't _really_ have to increment or copy it, since 7885 * it should just be gone after this operation and we clobber the 7886 * copied value below, but we continue to do so here just to ensure 7887 * that racing ops see that there was a state change. 7888 */ 7889 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 7890 7891 need_move_to_close_list = nfsd4_close_open_stateid(stp); 7892 mutex_unlock(&stp->st_mutex); 7893 if (need_move_to_close_list) 7894 move_to_close_lru(stp, net); 7895 7896 /* v4.1+ suggests that we send a special stateid in here, since the 7897 * clients should just ignore this anyway. Since this is not useful 7898 * for v4.0 clients either, we set it to the special close_stateid 7899 * universally. 7900 * 7901 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 7902 */ 7903 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 7904 7905 /* put reference from nfs4_preprocess_seqid_op */ 7906 nfs4_put_stid(&stp->st_stid); 7907 out: 7908 return status; 7909 } 7910 7911 __be32 7912 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7913 union nfsd4_op_u *u) 7914 { 7915 struct nfsd4_delegreturn *dr = &u->delegreturn; 7916 struct nfs4_delegation *dp; 7917 stateid_t *stateid = &dr->dr_stateid; 7918 struct nfs4_stid *s; 7919 __be32 status; 7920 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7921 7922 status = fh_verify(rqstp, &cstate->current_fh, 0, 0); 7923 if (status) 7924 return status; 7925 7926 status = nfsd4_lookup_stateid(cstate, stateid, SC_TYPE_DELEG, SC_STATUS_REVOKED, &s, nn); 7927 if (status) 7928 goto out; 7929 dp = delegstateid(s); 7930 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 7931 if (status) 7932 goto put_stateid; 7933 7934 trace_nfsd_deleg_return(stateid); 7935 destroy_delegation(dp); 7936 smp_mb__after_atomic(); 7937 wake_up_var(d_inode(cstate->current_fh.fh_dentry)); 7938 put_stateid: 7939 nfs4_put_stid(&dp->dl_stid); 7940 out: 7941 return status; 7942 } 7943 7944 /* last octet in a range */ 7945 static inline u64 7946 last_byte_offset(u64 start, u64 len) 7947 { 7948 u64 end; 7949 7950 WARN_ON_ONCE(!len); 7951 end = start + len; 7952 return end > start ? end - 1: NFS4_MAX_UINT64; 7953 } 7954 7955 /* 7956 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 7957 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 7958 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 7959 * locking, this prevents us from being completely protocol-compliant. The 7960 * real solution to this problem is to start using unsigned file offsets in 7961 * the VFS, but this is a very deep change! 7962 */ 7963 static inline void 7964 nfs4_transform_lock_offset(struct file_lock *lock) 7965 { 7966 if (lock->fl_start < 0) 7967 lock->fl_start = OFFSET_MAX; 7968 if (lock->fl_end < 0) 7969 lock->fl_end = OFFSET_MAX; 7970 } 7971 7972 static fl_owner_t 7973 nfsd4_lm_get_owner(fl_owner_t owner) 7974 { 7975 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 7976 7977 nfs4_get_stateowner(&lo->lo_owner); 7978 return owner; 7979 } 7980 7981 static void 7982 nfsd4_lm_put_owner(fl_owner_t owner) 7983 { 7984 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 7985 7986 if (lo) 7987 nfs4_put_stateowner(&lo->lo_owner); 7988 } 7989 7990 /* return pointer to struct nfs4_client if client is expirable */ 7991 static bool 7992 nfsd4_lm_lock_expirable(struct file_lock *cfl) 7993 { 7994 struct nfs4_lockowner *lo = (struct nfs4_lockowner *) cfl->c.flc_owner; 7995 struct nfs4_client *clp = lo->lo_owner.so_client; 7996 struct nfsd_net *nn; 7997 7998 if (try_to_expire_client(clp)) { 7999 nn = net_generic(clp->net, nfsd_net_id); 8000 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 8001 return true; 8002 } 8003 return false; 8004 } 8005 8006 /* schedule laundromat to run immediately and wait for it to complete */ 8007 static void 8008 nfsd4_lm_expire_lock(void) 8009 { 8010 flush_workqueue(laundry_wq); 8011 } 8012 8013 static void 8014 nfsd4_lm_notify(struct file_lock *fl) 8015 { 8016 struct nfs4_lockowner *lo = (struct nfs4_lockowner *) fl->c.flc_owner; 8017 struct net *net = lo->lo_owner.so_client->net; 8018 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8019 struct nfsd4_blocked_lock *nbl = container_of(fl, 8020 struct nfsd4_blocked_lock, nbl_lock); 8021 bool queue = false; 8022 8023 /* An empty list means that something else is going to be using it */ 8024 spin_lock(&nn->blocked_locks_lock); 8025 if (!list_empty(&nbl->nbl_list)) { 8026 list_del_init(&nbl->nbl_list); 8027 list_del_init(&nbl->nbl_lru); 8028 queue = true; 8029 } 8030 spin_unlock(&nn->blocked_locks_lock); 8031 8032 if (queue) { 8033 trace_nfsd_cb_notify_lock(lo, nbl); 8034 nfsd4_try_run_cb(&nbl->nbl_cb); 8035 } 8036 } 8037 8038 static const struct lock_manager_operations nfsd_posix_mng_ops = { 8039 .lm_mod_owner = THIS_MODULE, 8040 .lm_notify = nfsd4_lm_notify, 8041 .lm_get_owner = nfsd4_lm_get_owner, 8042 .lm_put_owner = nfsd4_lm_put_owner, 8043 .lm_lock_expirable = nfsd4_lm_lock_expirable, 8044 .lm_expire_lock = nfsd4_lm_expire_lock, 8045 }; 8046 8047 static inline void 8048 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 8049 { 8050 struct nfs4_lockowner *lo; 8051 8052 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 8053 lo = (struct nfs4_lockowner *) fl->c.flc_owner; 8054 xdr_netobj_dup(&deny->ld_owner, &lo->lo_owner.so_owner, 8055 GFP_KERNEL); 8056 if (!deny->ld_owner.data) 8057 /* We just don't care that much */ 8058 goto nevermind; 8059 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 8060 } else { 8061 nevermind: 8062 deny->ld_owner.len = 0; 8063 deny->ld_owner.data = NULL; 8064 deny->ld_clientid.cl_boot = 0; 8065 deny->ld_clientid.cl_id = 0; 8066 } 8067 deny->ld_start = fl->fl_start; 8068 deny->ld_length = NFS4_MAX_UINT64; 8069 if (fl->fl_end != NFS4_MAX_UINT64) 8070 deny->ld_length = fl->fl_end - fl->fl_start + 1; 8071 deny->ld_type = NFS4_READ_LT; 8072 if (fl->c.flc_type != F_RDLCK) 8073 deny->ld_type = NFS4_WRITE_LT; 8074 } 8075 8076 static struct nfs4_lockowner * 8077 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 8078 { 8079 unsigned int strhashval = ownerstr_hashval(owner); 8080 struct nfs4_stateowner *so; 8081 8082 lockdep_assert_held(&clp->cl_lock); 8083 8084 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 8085 so_strhash) { 8086 if (so->so_is_open_owner) 8087 continue; 8088 if (same_owner_str(so, owner)) 8089 return lockowner(nfs4_get_stateowner(so)); 8090 } 8091 return NULL; 8092 } 8093 8094 static struct nfs4_lockowner * 8095 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 8096 { 8097 struct nfs4_lockowner *lo; 8098 8099 spin_lock(&clp->cl_lock); 8100 lo = find_lockowner_str_locked(clp, owner); 8101 spin_unlock(&clp->cl_lock); 8102 return lo; 8103 } 8104 8105 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 8106 { 8107 unhash_lockowner_locked(lockowner(sop)); 8108 } 8109 8110 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 8111 { 8112 struct nfs4_lockowner *lo = lockowner(sop); 8113 8114 kmem_cache_free(lockowner_slab, lo); 8115 } 8116 8117 static const struct nfs4_stateowner_operations lockowner_ops = { 8118 .so_unhash = nfs4_unhash_lockowner, 8119 .so_free = nfs4_free_lockowner, 8120 }; 8121 8122 /* 8123 * Alloc a lock owner structure. 8124 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 8125 * occurred. 8126 * 8127 * strhashval = ownerstr_hashval 8128 */ 8129 static struct nfs4_lockowner * 8130 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 8131 struct nfs4_ol_stateid *open_stp, 8132 struct nfsd4_lock *lock) 8133 { 8134 struct nfs4_lockowner *lo, *ret; 8135 8136 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 8137 if (!lo) 8138 return NULL; 8139 INIT_LIST_HEAD(&lo->lo_blocked); 8140 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 8141 lo->lo_owner.so_is_open_owner = 0; 8142 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 8143 lo->lo_owner.so_ops = &lockowner_ops; 8144 spin_lock(&clp->cl_lock); 8145 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 8146 if (ret == NULL) { 8147 list_add(&lo->lo_owner.so_strhash, 8148 &clp->cl_ownerstr_hashtbl[strhashval]); 8149 ret = lo; 8150 } else 8151 nfs4_free_stateowner(&lo->lo_owner); 8152 8153 spin_unlock(&clp->cl_lock); 8154 return ret; 8155 } 8156 8157 static struct nfs4_ol_stateid * 8158 find_lock_stateid(const struct nfs4_lockowner *lo, 8159 const struct nfs4_ol_stateid *ost) 8160 { 8161 struct nfs4_ol_stateid *lst; 8162 8163 lockdep_assert_held(&ost->st_stid.sc_client->cl_lock); 8164 8165 /* If ost is not hashed, ost->st_locks will not be valid */ 8166 if (!nfs4_ol_stateid_unhashed(ost)) 8167 list_for_each_entry(lst, &ost->st_locks, st_locks) { 8168 if (lst->st_stateowner == &lo->lo_owner) { 8169 refcount_inc(&lst->st_stid.sc_count); 8170 return lst; 8171 } 8172 } 8173 return NULL; 8174 } 8175 8176 static struct nfs4_ol_stateid * 8177 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 8178 struct nfs4_file *fp, struct inode *inode, 8179 struct nfs4_ol_stateid *open_stp) 8180 { 8181 struct nfs4_client *clp = lo->lo_owner.so_client; 8182 struct nfs4_ol_stateid *retstp; 8183 8184 mutex_init(&stp->st_mutex); 8185 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 8186 retry: 8187 spin_lock(&clp->cl_lock); 8188 if (nfs4_ol_stateid_unhashed(open_stp)) 8189 goto out_close; 8190 retstp = find_lock_stateid(lo, open_stp); 8191 if (retstp) 8192 goto out_found; 8193 refcount_inc(&stp->st_stid.sc_count); 8194 stp->st_stid.sc_type = SC_TYPE_LOCK; 8195 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 8196 get_nfs4_file(fp); 8197 stp->st_stid.sc_file = fp; 8198 stp->st_access_bmap = 0; 8199 stp->st_deny_bmap = open_stp->st_deny_bmap; 8200 stp->st_openstp = open_stp; 8201 spin_lock(&fp->fi_lock); 8202 list_add(&stp->st_locks, &open_stp->st_locks); 8203 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 8204 list_add(&stp->st_perfile, &fp->fi_stateids); 8205 spin_unlock(&fp->fi_lock); 8206 spin_unlock(&clp->cl_lock); 8207 return stp; 8208 out_found: 8209 spin_unlock(&clp->cl_lock); 8210 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 8211 nfs4_put_stid(&retstp->st_stid); 8212 goto retry; 8213 } 8214 /* To keep mutex tracking happy */ 8215 mutex_unlock(&stp->st_mutex); 8216 return retstp; 8217 out_close: 8218 spin_unlock(&clp->cl_lock); 8219 mutex_unlock(&stp->st_mutex); 8220 return NULL; 8221 } 8222 8223 static struct nfs4_ol_stateid * 8224 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 8225 struct inode *inode, struct nfs4_ol_stateid *ost, 8226 bool *new) 8227 { 8228 struct nfs4_stid *ns = NULL; 8229 struct nfs4_ol_stateid *lst; 8230 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 8231 struct nfs4_client *clp = oo->oo_owner.so_client; 8232 8233 *new = false; 8234 spin_lock(&clp->cl_lock); 8235 lst = find_lock_stateid(lo, ost); 8236 spin_unlock(&clp->cl_lock); 8237 if (lst != NULL) { 8238 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 8239 goto out; 8240 nfs4_put_stid(&lst->st_stid); 8241 } 8242 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 8243 if (ns == NULL) 8244 return NULL; 8245 8246 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 8247 if (lst == openlockstateid(ns)) 8248 *new = true; 8249 else 8250 nfs4_put_stid(ns); 8251 out: 8252 return lst; 8253 } 8254 8255 static int 8256 check_lock_length(u64 offset, u64 length) 8257 { 8258 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 8259 (length > ~offset))); 8260 } 8261 8262 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 8263 { 8264 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 8265 8266 lockdep_assert_held(&fp->fi_lock); 8267 8268 if (test_access(access, lock_stp)) 8269 return; 8270 __nfs4_file_get_access(fp, access); 8271 set_access(access, lock_stp); 8272 } 8273 8274 static __be32 8275 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 8276 struct nfs4_ol_stateid *ost, 8277 struct nfsd4_lock *lock, 8278 struct nfs4_ol_stateid **plst, bool *new) 8279 { 8280 __be32 status; 8281 struct nfs4_file *fi = ost->st_stid.sc_file; 8282 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 8283 struct nfs4_client *cl = oo->oo_owner.so_client; 8284 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 8285 struct nfs4_lockowner *lo; 8286 struct nfs4_ol_stateid *lst; 8287 unsigned int strhashval; 8288 8289 lo = find_lockowner_str(cl, &lock->lk_new_owner); 8290 if (!lo) { 8291 strhashval = ownerstr_hashval(&lock->lk_new_owner); 8292 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 8293 if (lo == NULL) 8294 return nfserr_jukebox; 8295 } else { 8296 /* with an existing lockowner, seqids must be the same */ 8297 status = nfserr_bad_seqid; 8298 if (!cstate->minorversion && 8299 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 8300 goto out; 8301 } 8302 8303 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 8304 if (lst == NULL) { 8305 status = nfserr_jukebox; 8306 goto out; 8307 } 8308 8309 status = nfs_ok; 8310 *plst = lst; 8311 out: 8312 nfs4_put_stateowner(&lo->lo_owner); 8313 return status; 8314 } 8315 8316 /* 8317 * LOCK operation 8318 */ 8319 __be32 8320 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 8321 union nfsd4_op_u *u) 8322 { 8323 struct nfsd4_lock *lock = &u->lock; 8324 struct nfs4_openowner *open_sop = NULL; 8325 struct nfs4_lockowner *lock_sop = NULL; 8326 struct nfs4_ol_stateid *lock_stp = NULL; 8327 struct nfs4_ol_stateid *open_stp = NULL; 8328 struct nfs4_file *fp; 8329 struct nfsd_file *nf = NULL; 8330 struct nfsd4_blocked_lock *nbl = NULL; 8331 struct file_lock *file_lock = NULL; 8332 struct file_lock *conflock = NULL; 8333 __be32 status = 0; 8334 int lkflg; 8335 int err; 8336 bool new = false; 8337 unsigned char type; 8338 unsigned int flags = FL_POSIX; 8339 struct net *net = SVC_NET(rqstp); 8340 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8341 8342 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 8343 (long long) lock->lk_offset, 8344 (long long) lock->lk_length); 8345 8346 if (check_lock_length(lock->lk_offset, lock->lk_length)) 8347 return nfserr_inval; 8348 8349 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 8350 if (status != nfs_ok) 8351 return status; 8352 if (exportfs_cannot_lock(cstate->current_fh.fh_dentry->d_sb->s_export_op)) { 8353 status = nfserr_notsupp; 8354 goto out; 8355 } 8356 8357 if (lock->lk_is_new) { 8358 if (nfsd4_has_session(cstate)) 8359 /* See rfc 5661 18.10.3: given clientid is ignored: */ 8360 memcpy(&lock->lk_new_clientid, 8361 &cstate->clp->cl_clientid, 8362 sizeof(clientid_t)); 8363 8364 /* validate and update open stateid and open seqid */ 8365 status = nfs4_preprocess_confirmed_seqid_op(cstate, 8366 lock->lk_new_open_seqid, 8367 &lock->lk_new_open_stateid, 8368 &open_stp, nn); 8369 if (status) 8370 goto out; 8371 mutex_unlock(&open_stp->st_mutex); 8372 open_sop = openowner(open_stp->st_stateowner); 8373 status = nfserr_bad_stateid; 8374 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 8375 &lock->lk_new_clientid)) 8376 goto out; 8377 status = lookup_or_create_lock_state(cstate, open_stp, lock, 8378 &lock_stp, &new); 8379 } else { 8380 status = nfs4_preprocess_seqid_op(cstate, 8381 lock->lk_old_lock_seqid, 8382 &lock->lk_old_lock_stateid, 8383 SC_TYPE_LOCK, 0, &lock_stp, 8384 nn); 8385 } 8386 if (status) 8387 goto out; 8388 lock_sop = lockowner(lock_stp->st_stateowner); 8389 8390 lkflg = setlkflg(lock->lk_type); 8391 status = nfs4_check_openmode(lock_stp, lkflg); 8392 if (status) 8393 goto out; 8394 8395 status = nfserr_grace; 8396 if (locks_in_grace(net) && !lock->lk_reclaim) 8397 goto out; 8398 status = nfserr_no_grace; 8399 if (!locks_in_grace(net) && lock->lk_reclaim) 8400 goto out; 8401 8402 if (lock->lk_reclaim) 8403 flags |= FL_RECLAIM; 8404 8405 fp = lock_stp->st_stid.sc_file; 8406 switch (lock->lk_type) { 8407 case NFS4_READW_LT: 8408 fallthrough; 8409 case NFS4_READ_LT: 8410 spin_lock(&fp->fi_lock); 8411 nf = find_readable_file_locked(fp); 8412 if (nf) 8413 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 8414 spin_unlock(&fp->fi_lock); 8415 type = F_RDLCK; 8416 break; 8417 case NFS4_WRITEW_LT: 8418 fallthrough; 8419 case NFS4_WRITE_LT: 8420 spin_lock(&fp->fi_lock); 8421 nf = find_writeable_file_locked(fp); 8422 if (nf) 8423 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 8424 spin_unlock(&fp->fi_lock); 8425 type = F_WRLCK; 8426 break; 8427 default: 8428 status = nfserr_inval; 8429 goto out; 8430 } 8431 8432 if (!nf) { 8433 status = nfserr_openmode; 8434 goto out; 8435 } 8436 8437 if (lock->lk_type & (NFS4_READW_LT | NFS4_WRITEW_LT) && 8438 nfsd4_has_session(cstate) && 8439 locks_can_async_lock(nf->nf_file->f_op)) 8440 flags |= FL_SLEEP; 8441 8442 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 8443 if (!nbl) { 8444 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 8445 status = nfserr_jukebox; 8446 goto out; 8447 } 8448 8449 file_lock = &nbl->nbl_lock; 8450 file_lock->c.flc_type = type; 8451 file_lock->c.flc_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 8452 file_lock->c.flc_pid = current->tgid; 8453 file_lock->c.flc_file = nf->nf_file; 8454 file_lock->c.flc_flags = flags; 8455 file_lock->fl_lmops = &nfsd_posix_mng_ops; 8456 file_lock->fl_start = lock->lk_offset; 8457 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 8458 nfs4_transform_lock_offset(file_lock); 8459 8460 conflock = locks_alloc_lock(); 8461 if (!conflock) { 8462 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 8463 status = nfserr_jukebox; 8464 goto out; 8465 } 8466 8467 if (flags & FL_SLEEP) { 8468 nbl->nbl_time = ktime_get_boottime_seconds(); 8469 spin_lock(&nn->blocked_locks_lock); 8470 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 8471 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 8472 kref_get(&nbl->nbl_kref); 8473 spin_unlock(&nn->blocked_locks_lock); 8474 } 8475 8476 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, conflock); 8477 switch (err) { 8478 case 0: /* success! */ 8479 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 8480 status = 0; 8481 if (lock->lk_reclaim) 8482 nn->somebody_reclaimed = true; 8483 break; 8484 case FILE_LOCK_DEFERRED: 8485 kref_put(&nbl->nbl_kref, free_nbl); 8486 nbl = NULL; 8487 fallthrough; 8488 case -EAGAIN: /* conflock holds conflicting lock */ 8489 status = nfserr_denied; 8490 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 8491 nfs4_set_lock_denied(conflock, &lock->lk_denied); 8492 break; 8493 case -EDEADLK: 8494 status = nfserr_deadlock; 8495 break; 8496 default: 8497 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 8498 status = nfserrno(err); 8499 break; 8500 } 8501 out: 8502 if (nbl) { 8503 /* dequeue it if we queued it before */ 8504 if (flags & FL_SLEEP) { 8505 spin_lock(&nn->blocked_locks_lock); 8506 if (!list_empty(&nbl->nbl_list) && 8507 !list_empty(&nbl->nbl_lru)) { 8508 list_del_init(&nbl->nbl_list); 8509 list_del_init(&nbl->nbl_lru); 8510 kref_put(&nbl->nbl_kref, free_nbl); 8511 } 8512 /* nbl can use one of lists to be linked to reaplist */ 8513 spin_unlock(&nn->blocked_locks_lock); 8514 } 8515 free_blocked_lock(nbl); 8516 } 8517 if (nf) 8518 nfsd_file_put(nf); 8519 if (lock_stp) { 8520 /* Bump seqid manually if the 4.0 replay owner is openowner */ 8521 if (cstate->replay_owner && 8522 cstate->replay_owner != &lock_sop->lo_owner && 8523 seqid_mutating_err(ntohl(status))) 8524 lock_sop->lo_owner.so_seqid++; 8525 8526 /* 8527 * If this is a new, never-before-used stateid, and we are 8528 * returning an error, then just go ahead and release it. 8529 */ 8530 if (status && new) 8531 release_lock_stateid(lock_stp); 8532 8533 mutex_unlock(&lock_stp->st_mutex); 8534 8535 nfs4_put_stid(&lock_stp->st_stid); 8536 } 8537 if (open_stp) 8538 nfs4_put_stid(&open_stp->st_stid); 8539 nfsd4_bump_seqid(cstate, status); 8540 if (conflock) 8541 locks_free_lock(conflock); 8542 return status; 8543 } 8544 8545 void nfsd4_lock_release(union nfsd4_op_u *u) 8546 { 8547 struct nfsd4_lock *lock = &u->lock; 8548 struct nfsd4_lock_denied *deny = &lock->lk_denied; 8549 8550 kfree(deny->ld_owner.data); 8551 } 8552 8553 /* 8554 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 8555 * so we do a temporary open here just to get an open file to pass to 8556 * vfs_test_lock. 8557 */ 8558 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 8559 { 8560 struct nfsd_file *nf; 8561 struct inode *inode; 8562 __be32 err; 8563 8564 err = nfsd_file_acquire(rqstp, fhp, NFSD_MAY_READ, &nf); 8565 if (err) 8566 return err; 8567 inode = fhp->fh_dentry->d_inode; 8568 inode_lock(inode); /* to block new leases till after test_lock: */ 8569 err = nfserrno(nfsd_open_break_lease(inode, NFSD_MAY_READ)); 8570 if (err) 8571 goto out; 8572 lock->c.flc_file = nf->nf_file; 8573 err = nfserrno(vfs_test_lock(nf->nf_file, lock)); 8574 lock->c.flc_file = NULL; 8575 out: 8576 inode_unlock(inode); 8577 nfsd_file_put(nf); 8578 return err; 8579 } 8580 8581 /* 8582 * LOCKT operation 8583 */ 8584 __be32 8585 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 8586 union nfsd4_op_u *u) 8587 { 8588 struct nfsd4_lockt *lockt = &u->lockt; 8589 struct file_lock *file_lock = NULL; 8590 struct nfs4_lockowner *lo = NULL; 8591 __be32 status; 8592 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8593 8594 if (locks_in_grace(SVC_NET(rqstp))) 8595 return nfserr_grace; 8596 8597 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 8598 return nfserr_inval; 8599 8600 if (!nfsd4_has_session(cstate)) { 8601 status = set_client(&lockt->lt_clientid, cstate, nn); 8602 if (status) 8603 goto out; 8604 } 8605 8606 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 8607 goto out; 8608 8609 file_lock = locks_alloc_lock(); 8610 if (!file_lock) { 8611 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 8612 status = nfserr_jukebox; 8613 goto out; 8614 } 8615 8616 switch (lockt->lt_type) { 8617 case NFS4_READ_LT: 8618 case NFS4_READW_LT: 8619 file_lock->c.flc_type = F_RDLCK; 8620 break; 8621 case NFS4_WRITE_LT: 8622 case NFS4_WRITEW_LT: 8623 file_lock->c.flc_type = F_WRLCK; 8624 break; 8625 default: 8626 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 8627 status = nfserr_inval; 8628 goto out; 8629 } 8630 8631 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 8632 if (lo) 8633 file_lock->c.flc_owner = (fl_owner_t)lo; 8634 file_lock->c.flc_pid = current->tgid; 8635 file_lock->c.flc_flags = FL_POSIX; 8636 8637 file_lock->fl_start = lockt->lt_offset; 8638 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 8639 8640 nfs4_transform_lock_offset(file_lock); 8641 8642 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 8643 if (status) 8644 goto out; 8645 8646 if (file_lock->c.flc_type != F_UNLCK) { 8647 status = nfserr_denied; 8648 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 8649 } 8650 out: 8651 if (lo) 8652 nfs4_put_stateowner(&lo->lo_owner); 8653 if (file_lock) 8654 locks_free_lock(file_lock); 8655 return status; 8656 } 8657 8658 void nfsd4_lockt_release(union nfsd4_op_u *u) 8659 { 8660 struct nfsd4_lockt *lockt = &u->lockt; 8661 struct nfsd4_lock_denied *deny = &lockt->lt_denied; 8662 8663 kfree(deny->ld_owner.data); 8664 } 8665 8666 __be32 8667 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 8668 union nfsd4_op_u *u) 8669 { 8670 struct nfsd4_locku *locku = &u->locku; 8671 struct nfs4_ol_stateid *stp; 8672 struct nfsd_file *nf = NULL; 8673 struct file_lock *file_lock = NULL; 8674 __be32 status; 8675 int err; 8676 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8677 8678 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 8679 (long long) locku->lu_offset, 8680 (long long) locku->lu_length); 8681 8682 if (check_lock_length(locku->lu_offset, locku->lu_length)) 8683 return nfserr_inval; 8684 8685 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 8686 &locku->lu_stateid, SC_TYPE_LOCK, 0, 8687 &stp, nn); 8688 if (status) 8689 goto out; 8690 nf = find_any_file(stp->st_stid.sc_file); 8691 if (!nf) { 8692 status = nfserr_lock_range; 8693 goto put_stateid; 8694 } 8695 if (exportfs_cannot_lock(nf->nf_file->f_path.mnt->mnt_sb->s_export_op)) { 8696 status = nfserr_notsupp; 8697 goto put_file; 8698 } 8699 8700 file_lock = locks_alloc_lock(); 8701 if (!file_lock) { 8702 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 8703 status = nfserr_jukebox; 8704 goto put_file; 8705 } 8706 8707 file_lock->c.flc_type = F_UNLCK; 8708 file_lock->c.flc_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 8709 file_lock->c.flc_pid = current->tgid; 8710 file_lock->c.flc_file = nf->nf_file; 8711 file_lock->c.flc_flags = FL_POSIX; 8712 file_lock->fl_lmops = &nfsd_posix_mng_ops; 8713 file_lock->fl_start = locku->lu_offset; 8714 8715 file_lock->fl_end = last_byte_offset(locku->lu_offset, 8716 locku->lu_length); 8717 nfs4_transform_lock_offset(file_lock); 8718 8719 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, NULL); 8720 if (err) { 8721 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 8722 goto out_nfserr; 8723 } 8724 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 8725 put_file: 8726 nfsd_file_put(nf); 8727 put_stateid: 8728 mutex_unlock(&stp->st_mutex); 8729 nfs4_put_stid(&stp->st_stid); 8730 out: 8731 nfsd4_bump_seqid(cstate, status); 8732 if (file_lock) 8733 locks_free_lock(file_lock); 8734 return status; 8735 8736 out_nfserr: 8737 status = nfserrno(err); 8738 goto put_file; 8739 } 8740 8741 /* 8742 * returns 8743 * true: locks held by lockowner 8744 * false: no locks held by lockowner 8745 */ 8746 static bool 8747 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 8748 { 8749 struct file_lock *fl; 8750 int status = false; 8751 struct nfsd_file *nf; 8752 struct inode *inode; 8753 struct file_lock_context *flctx; 8754 8755 spin_lock(&fp->fi_lock); 8756 nf = find_any_file_locked(fp); 8757 if (!nf) { 8758 /* Any valid lock stateid should have some sort of access */ 8759 WARN_ON_ONCE(1); 8760 goto out; 8761 } 8762 8763 inode = file_inode(nf->nf_file); 8764 flctx = locks_inode_context(inode); 8765 8766 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 8767 spin_lock(&flctx->flc_lock); 8768 for_each_file_lock(fl, &flctx->flc_posix) { 8769 if (fl->c.flc_owner == (fl_owner_t)lowner) { 8770 status = true; 8771 break; 8772 } 8773 } 8774 spin_unlock(&flctx->flc_lock); 8775 } 8776 out: 8777 spin_unlock(&fp->fi_lock); 8778 return status; 8779 } 8780 8781 /** 8782 * nfsd4_release_lockowner - process NFSv4.0 RELEASE_LOCKOWNER operations 8783 * @rqstp: RPC transaction 8784 * @cstate: NFSv4 COMPOUND state 8785 * @u: RELEASE_LOCKOWNER arguments 8786 * 8787 * Check if there are any locks still held and if not, free the lockowner 8788 * and any lock state that is owned. 8789 * 8790 * Return values: 8791 * %nfs_ok: lockowner released or not found 8792 * %nfserr_locks_held: lockowner still in use 8793 * %nfserr_stale_clientid: clientid no longer active 8794 * %nfserr_expired: clientid not recognized 8795 */ 8796 __be32 8797 nfsd4_release_lockowner(struct svc_rqst *rqstp, 8798 struct nfsd4_compound_state *cstate, 8799 union nfsd4_op_u *u) 8800 { 8801 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 8802 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8803 clientid_t *clid = &rlockowner->rl_clientid; 8804 struct nfs4_ol_stateid *stp; 8805 struct nfs4_lockowner *lo; 8806 struct nfs4_client *clp; 8807 LIST_HEAD(reaplist); 8808 __be32 status; 8809 8810 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 8811 clid->cl_boot, clid->cl_id); 8812 8813 status = set_client(clid, cstate, nn); 8814 if (status) 8815 return status; 8816 clp = cstate->clp; 8817 8818 spin_lock(&clp->cl_lock); 8819 lo = find_lockowner_str_locked(clp, &rlockowner->rl_owner); 8820 if (!lo) { 8821 spin_unlock(&clp->cl_lock); 8822 return nfs_ok; 8823 } 8824 8825 list_for_each_entry(stp, &lo->lo_owner.so_stateids, st_perstateowner) { 8826 if (check_for_locks(stp->st_stid.sc_file, lo)) { 8827 spin_unlock(&clp->cl_lock); 8828 nfs4_put_stateowner(&lo->lo_owner); 8829 return nfserr_locks_held; 8830 } 8831 } 8832 unhash_lockowner_locked(lo); 8833 while (!list_empty(&lo->lo_owner.so_stateids)) { 8834 stp = list_first_entry(&lo->lo_owner.so_stateids, 8835 struct nfs4_ol_stateid, 8836 st_perstateowner); 8837 unhash_lock_stateid(stp); 8838 put_ol_stateid_locked(stp, &reaplist); 8839 } 8840 spin_unlock(&clp->cl_lock); 8841 8842 free_ol_stateid_reaplist(&reaplist); 8843 remove_blocked_locks(lo); 8844 nfs4_put_stateowner(&lo->lo_owner); 8845 return nfs_ok; 8846 } 8847 8848 static inline struct nfs4_client_reclaim * 8849 alloc_reclaim(void) 8850 { 8851 return kmalloc_obj(struct nfs4_client_reclaim); 8852 } 8853 8854 bool 8855 nfs4_has_reclaimed_state(struct xdr_netobj name, struct nfsd_net *nn) 8856 { 8857 struct nfs4_client_reclaim *crp; 8858 8859 crp = nfsd4_find_reclaim_client(name, nn); 8860 return (crp && crp->cr_clp); 8861 } 8862 8863 /* 8864 * failure => all reset bets are off, nfserr_no_grace... 8865 */ 8866 struct nfs4_client_reclaim * 8867 nfs4_client_to_reclaim(struct xdr_netobj name, struct xdr_netobj princhash, 8868 struct nfsd_net *nn) 8869 { 8870 unsigned int strhashval; 8871 struct nfs4_client_reclaim *crp; 8872 8873 name.data = kmemdup(name.data, name.len, GFP_KERNEL); 8874 if (!name.data) { 8875 dprintk("%s: failed to allocate memory for name.data!\n", 8876 __func__); 8877 return NULL; 8878 } 8879 if (princhash.len) { 8880 princhash.data = kmemdup(princhash.data, princhash.len, GFP_KERNEL); 8881 if (!princhash.data) { 8882 dprintk("%s: failed to allocate memory for princhash.data!\n", 8883 __func__); 8884 kfree(name.data); 8885 return NULL; 8886 } 8887 } else 8888 princhash.data = NULL; 8889 crp = alloc_reclaim(); 8890 if (crp) { 8891 strhashval = clientstr_hashval(name); 8892 INIT_LIST_HEAD(&crp->cr_strhash); 8893 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 8894 crp->cr_name.data = name.data; 8895 crp->cr_name.len = name.len; 8896 crp->cr_princhash.data = princhash.data; 8897 crp->cr_princhash.len = princhash.len; 8898 crp->cr_clp = NULL; 8899 nn->reclaim_str_hashtbl_size++; 8900 } else { 8901 kfree(name.data); 8902 kfree(princhash.data); 8903 } 8904 return crp; 8905 } 8906 8907 void 8908 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 8909 { 8910 list_del(&crp->cr_strhash); 8911 kfree(crp->cr_name.data); 8912 kfree(crp->cr_princhash.data); 8913 kfree(crp); 8914 nn->reclaim_str_hashtbl_size--; 8915 } 8916 8917 void 8918 nfs4_release_reclaim(struct nfsd_net *nn) 8919 { 8920 struct nfs4_client_reclaim *crp = NULL; 8921 int i; 8922 8923 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 8924 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 8925 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 8926 struct nfs4_client_reclaim, cr_strhash); 8927 nfs4_remove_reclaim_record(crp, nn); 8928 } 8929 } 8930 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 8931 } 8932 8933 /* 8934 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 8935 struct nfs4_client_reclaim * 8936 nfsd4_find_reclaim_client(struct xdr_netobj name, struct nfsd_net *nn) 8937 { 8938 unsigned int strhashval; 8939 struct nfs4_client_reclaim *crp = NULL; 8940 8941 strhashval = clientstr_hashval(name); 8942 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 8943 if (compare_blob(&crp->cr_name, &name) == 0) { 8944 return crp; 8945 } 8946 } 8947 return NULL; 8948 } 8949 8950 __be32 8951 nfs4_check_open_reclaim(struct nfs4_client *clp) 8952 { 8953 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &clp->cl_flags)) 8954 return nfserr_no_grace; 8955 8956 if (nfsd4_client_record_check(clp)) 8957 return nfserr_reclaim_bad; 8958 8959 return nfs_ok; 8960 } 8961 8962 /* 8963 * Since the lifetime of a delegation isn't limited to that of an open, a 8964 * client may quite reasonably hang on to a delegation as long as it has 8965 * the inode cached. This becomes an obvious problem the first time a 8966 * client's inode cache approaches the size of the server's total memory. 8967 * 8968 * For now we avoid this problem by imposing a hard limit on the number 8969 * of delegations, which varies according to the server's memory size. 8970 */ 8971 static void 8972 set_max_delegations(void) 8973 { 8974 /* 8975 * Allow at most 4 delegations per megabyte of RAM. Quick 8976 * estimates suggest that in the worst case (where every delegation 8977 * is for a different inode), a delegation could take about 1.5K, 8978 * giving a worst case usage of about 6% of memory. 8979 */ 8980 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 8981 } 8982 8983 static int nfs4_state_create_net(struct net *net) 8984 { 8985 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8986 int i; 8987 8988 nn->conf_id_hashtbl = kmalloc_objs(struct list_head, CLIENT_HASH_SIZE); 8989 if (!nn->conf_id_hashtbl) 8990 goto err; 8991 nn->unconf_id_hashtbl = kmalloc_objs(struct list_head, CLIENT_HASH_SIZE); 8992 if (!nn->unconf_id_hashtbl) 8993 goto err_unconf_id; 8994 nn->sessionid_hashtbl = kmalloc_objs(struct list_head, 8995 SESSION_HASH_SIZE); 8996 if (!nn->sessionid_hashtbl) 8997 goto err_sessionid; 8998 8999 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 9000 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 9001 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 9002 } 9003 for (i = 0; i < SESSION_HASH_SIZE; i++) 9004 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 9005 nn->conf_name_tree = RB_ROOT; 9006 nn->unconf_name_tree = RB_ROOT; 9007 nn->boot_time = ktime_get_real_seconds(); 9008 nn->grace_ended = false; 9009 nn->grace_end_forced = false; 9010 nn->nfsd4_manager.block_opens = true; 9011 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 9012 INIT_LIST_HEAD(&nn->client_lru); 9013 INIT_LIST_HEAD(&nn->close_lru); 9014 INIT_LIST_HEAD(&nn->del_recall_lru); 9015 spin_lock_init(&nn->deleg_lock); 9016 spin_lock_init(&nn->client_lock); 9017 spin_lock_init(&nn->s2s_cp_lock); 9018 idr_init(&nn->s2s_cp_stateids); 9019 atomic_set(&nn->pending_async_copies, 0); 9020 9021 spin_lock_init(&nn->blocked_locks_lock); 9022 INIT_LIST_HEAD(&nn->blocked_locks_lru); 9023 9024 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 9025 /* Make sure this cannot run until client tracking is initialised */ 9026 disable_delayed_work(&nn->laundromat_work); 9027 INIT_WORK(&nn->nfsd_shrinker_work, nfsd4_state_shrinker_worker); 9028 get_net(net); 9029 9030 nn->nfsd_client_shrinker = shrinker_alloc(0, "nfsd-client"); 9031 if (!nn->nfsd_client_shrinker) 9032 goto err_shrinker; 9033 9034 nn->nfsd_client_shrinker->scan_objects = nfsd4_state_shrinker_scan; 9035 nn->nfsd_client_shrinker->count_objects = nfsd4_state_shrinker_count; 9036 nn->nfsd_client_shrinker->private_data = nn; 9037 9038 shrinker_register(nn->nfsd_client_shrinker); 9039 9040 return 0; 9041 9042 err_shrinker: 9043 put_net(net); 9044 kfree(nn->sessionid_hashtbl); 9045 err_sessionid: 9046 kfree(nn->unconf_id_hashtbl); 9047 err_unconf_id: 9048 kfree(nn->conf_id_hashtbl); 9049 err: 9050 return -ENOMEM; 9051 } 9052 9053 static void 9054 nfs4_state_destroy_net(struct net *net) 9055 { 9056 int i; 9057 struct nfs4_client *clp = NULL; 9058 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 9059 9060 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 9061 while (!list_empty(&nn->conf_id_hashtbl[i])) { 9062 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 9063 destroy_client(clp); 9064 } 9065 } 9066 9067 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 9068 9069 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 9070 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 9071 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 9072 destroy_client(clp); 9073 } 9074 } 9075 9076 kfree(nn->sessionid_hashtbl); 9077 kfree(nn->unconf_id_hashtbl); 9078 kfree(nn->conf_id_hashtbl); 9079 put_net(net); 9080 } 9081 9082 int 9083 nfs4_state_start_net(struct net *net) 9084 { 9085 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 9086 int ret; 9087 9088 ret = nfs4_state_create_net(net); 9089 if (ret) 9090 return ret; 9091 locks_start_grace(net, &nn->nfsd4_manager); 9092 nfsd4_client_tracking_init(net); 9093 /* safe for laundromat to run now */ 9094 enable_delayed_work(&nn->laundromat_work); 9095 if (nn->track_reclaim_completes && nn->reclaim_str_hashtbl_size == 0) 9096 goto skip_grace; 9097 printk(KERN_INFO "NFSD: starting %lld-second grace period (net %x)\n", 9098 nn->nfsd4_grace, net->ns.inum); 9099 trace_nfsd_grace_start(nn); 9100 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 9101 return 0; 9102 9103 skip_grace: 9104 printk(KERN_INFO "NFSD: no clients to reclaim, skipping NFSv4 grace period (net %x)\n", 9105 net->ns.inum); 9106 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_lease * HZ); 9107 nfsd4_end_grace(nn); 9108 return 0; 9109 } 9110 9111 /* initialization to perform when the nfsd service is started: */ 9112 int 9113 nfs4_state_start(void) 9114 { 9115 int ret; 9116 9117 ret = rhltable_init(&nfs4_file_rhltable, &nfs4_file_rhash_params); 9118 if (ret) 9119 return ret; 9120 9121 nfsd_slot_shrinker = shrinker_alloc(0, "nfsd-DRC-slot"); 9122 if (!nfsd_slot_shrinker) { 9123 rhltable_destroy(&nfs4_file_rhltable); 9124 return -ENOMEM; 9125 } 9126 nfsd_slot_shrinker->count_objects = nfsd_slot_count; 9127 nfsd_slot_shrinker->scan_objects = nfsd_slot_scan; 9128 shrinker_register(nfsd_slot_shrinker); 9129 9130 set_max_delegations(); 9131 return 0; 9132 } 9133 9134 void 9135 nfs4_state_shutdown_net(struct net *net) 9136 { 9137 struct nfs4_delegation *dp = NULL; 9138 struct list_head *pos, *next, reaplist; 9139 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 9140 9141 shrinker_free(nn->nfsd_client_shrinker); 9142 cancel_work_sync(&nn->nfsd_shrinker_work); 9143 disable_delayed_work_sync(&nn->laundromat_work); 9144 locks_end_grace(&nn->nfsd4_manager); 9145 9146 INIT_LIST_HEAD(&reaplist); 9147 spin_lock(&nn->deleg_lock); 9148 list_for_each_safe(pos, next, &nn->del_recall_lru) { 9149 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 9150 unhash_delegation_locked(dp, SC_STATUS_CLOSED); 9151 list_add(&dp->dl_recall_lru, &reaplist); 9152 } 9153 spin_unlock(&nn->deleg_lock); 9154 list_for_each_safe(pos, next, &reaplist) { 9155 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 9156 list_del_init(&dp->dl_recall_lru); 9157 destroy_unhashed_deleg(dp); 9158 } 9159 9160 nfsd4_client_tracking_exit(net); 9161 nfs4_state_destroy_net(net); 9162 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 9163 nfsd4_ssc_shutdown_umount(nn); 9164 #endif 9165 } 9166 9167 void 9168 nfs4_state_shutdown(void) 9169 { 9170 rhltable_destroy(&nfs4_file_rhltable); 9171 shrinker_free(nfsd_slot_shrinker); 9172 } 9173 9174 static void 9175 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 9176 { 9177 if (HAS_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG) && 9178 CURRENT_STATEID(stateid)) 9179 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 9180 } 9181 9182 static void 9183 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 9184 { 9185 if (cstate->minorversion) { 9186 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 9187 SET_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 9188 } 9189 } 9190 9191 void 9192 clear_current_stateid(struct nfsd4_compound_state *cstate) 9193 { 9194 CLEAR_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 9195 } 9196 9197 /* 9198 * functions to set current state id 9199 */ 9200 void 9201 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 9202 union nfsd4_op_u *u) 9203 { 9204 put_stateid(cstate, &u->open_downgrade.od_stateid); 9205 } 9206 9207 void 9208 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 9209 union nfsd4_op_u *u) 9210 { 9211 put_stateid(cstate, &u->open.op_stateid); 9212 } 9213 9214 void 9215 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 9216 union nfsd4_op_u *u) 9217 { 9218 put_stateid(cstate, &u->close.cl_stateid); 9219 } 9220 9221 void 9222 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 9223 union nfsd4_op_u *u) 9224 { 9225 put_stateid(cstate, &u->lock.lk_resp_stateid); 9226 } 9227 9228 /* 9229 * functions to consume current state id 9230 */ 9231 9232 void 9233 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 9234 union nfsd4_op_u *u) 9235 { 9236 get_stateid(cstate, &u->open_downgrade.od_stateid); 9237 } 9238 9239 void 9240 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 9241 union nfsd4_op_u *u) 9242 { 9243 get_stateid(cstate, &u->delegreturn.dr_stateid); 9244 } 9245 9246 void 9247 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 9248 union nfsd4_op_u *u) 9249 { 9250 get_stateid(cstate, &u->free_stateid.fr_stateid); 9251 } 9252 9253 void 9254 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 9255 union nfsd4_op_u *u) 9256 { 9257 get_stateid(cstate, &u->setattr.sa_stateid); 9258 } 9259 9260 void 9261 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 9262 union nfsd4_op_u *u) 9263 { 9264 get_stateid(cstate, &u->close.cl_stateid); 9265 } 9266 9267 void 9268 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 9269 union nfsd4_op_u *u) 9270 { 9271 get_stateid(cstate, &u->locku.lu_stateid); 9272 } 9273 9274 void 9275 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 9276 union nfsd4_op_u *u) 9277 { 9278 get_stateid(cstate, &u->read.rd_stateid); 9279 } 9280 9281 void 9282 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 9283 union nfsd4_op_u *u) 9284 { 9285 get_stateid(cstate, &u->write.wr_stateid); 9286 } 9287 9288 /** 9289 * nfsd4_vet_deleg_time - vet and set the timespec for a delegated timestamp update 9290 * @req: timestamp from the client 9291 * @orig: original timestamp in the inode 9292 * @now: current time 9293 * 9294 * Given a timestamp from the client response, check it against the 9295 * current timestamp in the inode and the current time. Returns true 9296 * if the inode's timestamp needs to be updated, and false otherwise. 9297 * @req may also be changed if the timestamp needs to be clamped. 9298 */ 9299 bool nfsd4_vet_deleg_time(struct timespec64 *req, const struct timespec64 *orig, 9300 const struct timespec64 *now) 9301 { 9302 9303 /* 9304 * "When the time presented is before the original time, then the 9305 * update is ignored." Also no need to update if there is no change. 9306 */ 9307 if (timespec64_compare(req, orig) <= 0) 9308 return false; 9309 9310 /* 9311 * "When the time presented is in the future, the server can either 9312 * clamp the new time to the current time, or it may 9313 * return NFS4ERR_DELAY to the client, allowing it to retry." 9314 */ 9315 if (timespec64_compare(req, now) > 0) 9316 *req = *now; 9317 9318 return true; 9319 } 9320 9321 static int cb_getattr_update_times(struct dentry *dentry, struct nfs4_delegation *dp) 9322 { 9323 struct inode *inode = d_inode(dentry); 9324 struct nfs4_cb_fattr *ncf = &dp->dl_cb_fattr; 9325 struct iattr attrs = { }; 9326 int ret; 9327 9328 if (deleg_attrs_deleg(dp->dl_type)) { 9329 struct timespec64 now = current_time(inode); 9330 9331 attrs.ia_atime = ncf->ncf_cb_atime; 9332 attrs.ia_mtime = ncf->ncf_cb_mtime; 9333 9334 if (nfsd4_vet_deleg_time(&attrs.ia_atime, &dp->dl_atime, &now)) 9335 attrs.ia_valid |= ATTR_ATIME | ATTR_ATIME_SET; 9336 9337 if (nfsd4_vet_deleg_time(&attrs.ia_mtime, &dp->dl_mtime, &now)) { 9338 attrs.ia_valid |= ATTR_MTIME | ATTR_MTIME_SET; 9339 attrs.ia_ctime = attrs.ia_mtime; 9340 if (nfsd4_vet_deleg_time(&attrs.ia_ctime, &dp->dl_ctime, &now)) 9341 attrs.ia_valid |= ATTR_CTIME | ATTR_CTIME_SET; 9342 } 9343 } else { 9344 attrs.ia_valid |= ATTR_MTIME | ATTR_CTIME; 9345 } 9346 9347 if (!attrs.ia_valid) 9348 return 0; 9349 9350 attrs.ia_valid |= ATTR_DELEG; 9351 inode_lock(inode); 9352 ret = notify_change(&nop_mnt_idmap, dentry, &attrs, NULL); 9353 inode_unlock(inode); 9354 return ret; 9355 } 9356 9357 /** 9358 * nfsd4_deleg_getattr_conflict - Recall if GETATTR causes conflict 9359 * @rqstp: RPC transaction context 9360 * @dentry: dentry of inode to be checked for a conflict 9361 * @pdp: returned WRITE delegation, if one was found 9362 * 9363 * This function is called when there is a conflict between a write 9364 * delegation and a change/size GETATTR from another client. The server 9365 * must either use the CB_GETATTR to get the current values of the 9366 * attributes from the client that holds the delegation or recall the 9367 * delegation before replying to the GETATTR. See RFC 8881 section 9368 * 18.7.4. 9369 * 9370 * Returns 0 if there is no conflict; otherwise an nfs_stat 9371 * code is returned. If @pdp is set to a non-NULL value, then the 9372 * caller must put the reference. 9373 */ 9374 __be32 9375 nfsd4_deleg_getattr_conflict(struct svc_rqst *rqstp, struct dentry *dentry, 9376 struct nfs4_delegation **pdp) 9377 { 9378 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 9379 struct nfsd_thread_local_info *ntli = rqstp->rq_private; 9380 struct file_lock_context *ctx; 9381 struct nfs4_delegation *dp = NULL; 9382 struct file_lease *fl; 9383 struct nfs4_cb_fattr *ncf; 9384 struct inode *inode = d_inode(dentry); 9385 __be32 status; 9386 9387 ctx = locks_inode_context(inode); 9388 if (!ctx) 9389 return nfs_ok; 9390 9391 #define NON_NFSD_LEASE ((void *)1) 9392 9393 spin_lock(&ctx->flc_lock); 9394 for_each_file_lock(fl, &ctx->flc_lease) { 9395 if (fl->c.flc_flags == FL_LAYOUT) 9396 continue; 9397 if (fl->c.flc_type == F_WRLCK) { 9398 if (fl->fl_lmops == &nfsd_lease_mng_ops) 9399 dp = fl->c.flc_owner; 9400 else 9401 dp = NON_NFSD_LEASE; 9402 } 9403 break; 9404 } 9405 if (dp == NULL || dp == NON_NFSD_LEASE || 9406 dp->dl_recall.cb_clp == *(ntli->ntli_lease_breaker)) { 9407 spin_unlock(&ctx->flc_lock); 9408 if (dp == NON_NFSD_LEASE) { 9409 status = nfserrno(nfsd_open_break_lease(inode, 9410 NFSD_MAY_READ)); 9411 if (status != nfserr_jukebox || 9412 !nfsd_wait_for_delegreturn(rqstp, inode)) 9413 return status; 9414 } 9415 return 0; 9416 } 9417 9418 nfsd_stats_wdeleg_getattr_inc(nn); 9419 refcount_inc(&dp->dl_stid.sc_count); 9420 ncf = &dp->dl_cb_fattr; 9421 nfs4_cb_getattr(&dp->dl_cb_fattr); 9422 spin_unlock(&ctx->flc_lock); 9423 9424 wait_on_bit_timeout(&ncf->ncf_getattr.cb_flags, NFSD4_CALLBACK_RUNNING, 9425 TASK_UNINTERRUPTIBLE, NFSD_CB_GETATTR_TIMEOUT); 9426 if (ncf->ncf_cb_status) { 9427 /* Recall delegation only if client didn't respond */ 9428 status = nfserrno(nfsd_open_break_lease(inode, NFSD_MAY_READ)); 9429 if (status != nfserr_jukebox || 9430 !nfsd_wait_for_delegreturn(rqstp, inode)) 9431 goto out_status; 9432 } 9433 if (!ncf->ncf_file_modified && 9434 (ncf->ncf_initial_cinfo != ncf->ncf_cb_change || 9435 ncf->ncf_cur_fsize != ncf->ncf_cb_fsize)) 9436 ncf->ncf_file_modified = true; 9437 if (ncf->ncf_file_modified) { 9438 int err; 9439 9440 /* 9441 * Per section 10.4.3 of RFC 8881, the server would 9442 * not update the file's metadata with the client's 9443 * modified size 9444 */ 9445 err = cb_getattr_update_times(dentry, dp); 9446 if (err) { 9447 status = nfserrno(err); 9448 goto out_status; 9449 } 9450 ncf->ncf_cur_fsize = ncf->ncf_cb_fsize; 9451 *pdp = dp; 9452 return nfs_ok; 9453 } 9454 status = nfs_ok; 9455 out_status: 9456 nfs4_put_stid(&dp->dl_stid); 9457 return status; 9458 } 9459 9460 /** 9461 * nfsd_get_dir_deleg - attempt to get a directory delegation 9462 * @cstate: compound state 9463 * @gdd: GET_DIR_DELEGATION arg/resp structure 9464 * @nf: nfsd_file opened on the directory 9465 * 9466 * Given a GET_DIR_DELEGATION request @gdd, attempt to acquire a delegation 9467 * on the directory to which @nf refers. Note that this does not set up any 9468 * sort of async notifications for the delegation. 9469 */ 9470 struct nfs4_delegation * 9471 nfsd_get_dir_deleg(struct nfsd4_compound_state *cstate, 9472 struct nfsd4_get_dir_delegation *gdd, 9473 struct nfsd_file *nf) 9474 { 9475 struct nfs4_client *clp = cstate->clp; 9476 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 9477 struct nfs4_delegation *dp; 9478 struct file_lease *fl; 9479 struct nfs4_file *fp, *rfp; 9480 int status = 0; 9481 9482 fp = nfsd4_alloc_file(); 9483 if (!fp) 9484 return ERR_PTR(-ENOMEM); 9485 9486 nfsd4_file_init(&cstate->current_fh, fp); 9487 9488 rfp = nfsd4_file_hash_insert(fp, &cstate->current_fh); 9489 if (unlikely(!rfp)) { 9490 put_nfs4_file(fp); 9491 return ERR_PTR(-ENOMEM); 9492 } 9493 9494 if (rfp != fp) { 9495 put_nfs4_file(fp); 9496 fp = rfp; 9497 } 9498 9499 /* if this client already has one, return that it's unavailable */ 9500 spin_lock(&nn->deleg_lock); 9501 spin_lock(&fp->fi_lock); 9502 /* existing delegation? */ 9503 if (nfs4_delegation_exists(clp, fp)) { 9504 status = -EAGAIN; 9505 } else if (!fp->fi_deleg_file) { 9506 fp->fi_deleg_file = nfsd_file_get(nf); 9507 fp->fi_delegees = 1; 9508 } else { 9509 ++fp->fi_delegees; 9510 } 9511 spin_unlock(&fp->fi_lock); 9512 spin_unlock(&nn->deleg_lock); 9513 9514 if (status) { 9515 put_nfs4_file(fp); 9516 return ERR_PTR(status); 9517 } 9518 9519 /* Try to set up the lease */ 9520 status = -ENOMEM; 9521 dp = alloc_init_deleg(clp, fp, NULL, NFS4_OPEN_DELEGATE_READ); 9522 if (!dp) 9523 goto out_delegees; 9524 9525 fl = nfs4_alloc_init_lease(dp); 9526 if (!fl) 9527 goto out_put_stid; 9528 9529 status = kernel_setlease(nf->nf_file, 9530 fl->c.flc_type, &fl, NULL); 9531 if (fl) 9532 locks_free_lease(fl); 9533 if (status) 9534 goto out_put_stid; 9535 9536 /* 9537 * Now, try to hash it. This can fail if we race another nfsd task 9538 * trying to set a delegation on the same file. If that happens, 9539 * then just say UNAVAIL. 9540 */ 9541 spin_lock(&nn->deleg_lock); 9542 spin_lock(&clp->cl_lock); 9543 spin_lock(&fp->fi_lock); 9544 status = hash_delegation_locked(dp, fp); 9545 spin_unlock(&fp->fi_lock); 9546 spin_unlock(&clp->cl_lock); 9547 spin_unlock(&nn->deleg_lock); 9548 9549 if (!status) { 9550 put_nfs4_file(fp); 9551 return dp; 9552 } 9553 9554 /* Something failed. Drop the lease and clean up the stid */ 9555 kernel_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp); 9556 out_put_stid: 9557 nfs4_put_stid(&dp->dl_stid); 9558 out_delegees: 9559 put_deleg_file(fp); 9560 put_nfs4_file(fp); 9561 return ERR_PTR(status); 9562 } 9563