1 /*- 2 * Copyright (c) 1989, 1991, 1993, 1995 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Rick Macklem at The University of Guelph. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 */ 33 34 #include <sys/cdefs.h> 35 __FBSDID("$FreeBSD$"); 36 37 /* 38 * Socket operations for use by nfs 39 */ 40 41 #include "opt_inet6.h" 42 #include "opt_kgssapi.h" 43 #include "opt_nfs.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/kernel.h> 48 #include <sys/limits.h> 49 #include <sys/lock.h> 50 #include <sys/malloc.h> 51 #include <sys/mbuf.h> 52 #include <sys/mount.h> 53 #include <sys/mutex.h> 54 #include <sys/proc.h> 55 #include <sys/signalvar.h> 56 #include <sys/syscallsubr.h> 57 #include <sys/sysctl.h> 58 #include <sys/syslog.h> 59 #include <sys/vnode.h> 60 61 #include <rpc/rpc.h> 62 63 #include <kgssapi/krb5/kcrypto.h> 64 65 #include <fs/nfs/nfsport.h> 66 67 NFSSTATESPINLOCK; 68 NFSREQSPINLOCK; 69 extern struct nfsstats newnfsstats; 70 extern struct nfsreqhead nfsd_reqq; 71 extern int nfscl_ticks; 72 extern void (*ncl_call_invalcaches)(struct vnode *); 73 74 static int nfsrv_gsscallbackson = 0; 75 static int nfs_bufpackets = 4; 76 static int nfs_reconnects; 77 static int nfs3_jukebox_delay = 10; 78 static int nfs_skip_wcc_data_onerr = 1; 79 static int nfs_keytab_enctype = ETYPE_DES_CBC_CRC; 80 81 SYSCTL_DECL(_vfs_newnfs); 82 83 SYSCTL_INT(_vfs_newnfs, OID_AUTO, bufpackets, CTLFLAG_RW, &nfs_bufpackets, 0, 84 "Buffer reservation size 2 < x < 64"); 85 SYSCTL_INT(_vfs_newnfs, OID_AUTO, reconnects, CTLFLAG_RD, &nfs_reconnects, 0, 86 "Number of times the nfs client has had to reconnect"); 87 SYSCTL_INT(_vfs_newnfs, OID_AUTO, nfs3_jukebox_delay, CTLFLAG_RW, &nfs3_jukebox_delay, 0, 88 "Number of seconds to delay a retry after receiving EJUKEBOX"); 89 SYSCTL_INT(_vfs_newnfs, OID_AUTO, skip_wcc_data_onerr, CTLFLAG_RW, &nfs_skip_wcc_data_onerr, 0, 90 "Disable weak cache consistency checking when server returns an error"); 91 SYSCTL_INT(_vfs_newnfs, OID_AUTO, keytab_enctype, CTLFLAG_RW, &nfs_keytab_enctype, 0, 92 "Encryption type for the keytab entry used by nfs"); 93 94 static void nfs_down(struct nfsmount *, struct thread *, const char *, 95 int, int); 96 static void nfs_up(struct nfsmount *, struct thread *, const char *, 97 int, int); 98 static int nfs_msg(struct thread *, const char *, const char *, int); 99 100 extern int nfsv2_procid[]; 101 102 struct nfs_cached_auth { 103 int ca_refs; /* refcount, including 1 from the cache */ 104 uid_t ca_uid; /* uid that corresponds to this auth */ 105 AUTH *ca_auth; /* RPC auth handle */ 106 }; 107 108 /* 109 * Initialize sockets and congestion for a new NFS connection. 110 * We do not free the sockaddr if error. 111 */ 112 int 113 newnfs_connect(struct nfsmount *nmp, struct nfssockreq *nrp, 114 struct ucred *cred, NFSPROC_T *p, int callback_retry_mult) 115 { 116 int rcvreserve, sndreserve; 117 int pktscale; 118 struct sockaddr *saddr; 119 struct ucred *origcred; 120 CLIENT *client; 121 struct netconfig *nconf; 122 struct socket *so; 123 int one = 1, retries, error, printsbmax = 0; 124 struct thread *td = curthread; 125 126 /* 127 * We need to establish the socket using the credentials of 128 * the mountpoint. Some parts of this process (such as 129 * sobind() and soconnect()) will use the curent thread's 130 * credential instead of the socket credential. To work 131 * around this, temporarily change the current thread's 132 * credential to that of the mountpoint. 133 * 134 * XXX: It would be better to explicitly pass the correct 135 * credential to sobind() and soconnect(). 136 */ 137 origcred = td->td_ucred; 138 139 /* 140 * Use the credential in nr_cred, if not NULL. 141 */ 142 if (nrp->nr_cred != NULL) 143 td->td_ucred = nrp->nr_cred; 144 else 145 td->td_ucred = cred; 146 saddr = nrp->nr_nam; 147 148 if (saddr->sa_family == AF_INET) 149 if (nrp->nr_sotype == SOCK_DGRAM) 150 nconf = getnetconfigent("udp"); 151 else 152 nconf = getnetconfigent("tcp"); 153 else 154 if (nrp->nr_sotype == SOCK_DGRAM) 155 nconf = getnetconfigent("udp6"); 156 else 157 nconf = getnetconfigent("tcp6"); 158 159 pktscale = nfs_bufpackets; 160 if (pktscale < 2) 161 pktscale = 2; 162 if (pktscale > 64) 163 pktscale = 64; 164 /* 165 * soreserve() can fail if sb_max is too small, so shrink pktscale 166 * and try again if there is an error. 167 * Print a log message suggesting increasing sb_max. 168 * Creating a socket and doing this is necessary since, if the 169 * reservation sizes are too large and will make soreserve() fail, 170 * the connection will work until a large send is attempted and 171 * then it will loop in the krpc code. 172 */ 173 so = NULL; 174 saddr = NFSSOCKADDR(nrp->nr_nam, struct sockaddr *); 175 error = socreate(saddr->sa_family, &so, nrp->nr_sotype, 176 nrp->nr_soproto, td->td_ucred, td); 177 if (error) { 178 td->td_ucred = origcred; 179 return (error); 180 } 181 do { 182 if (error != 0 && pktscale > 2) { 183 pktscale--; 184 if (printsbmax == 0) { 185 printf("nfscl: consider increasing kern.ipc.maxsockbuf\n"); 186 printsbmax = 1; 187 } 188 } 189 if (nrp->nr_sotype == SOCK_DGRAM) { 190 if (nmp != NULL) { 191 sndreserve = (NFS_MAXDGRAMDATA + NFS_MAXPKTHDR) * 192 pktscale; 193 rcvreserve = (NFS_MAXDGRAMDATA + NFS_MAXPKTHDR) * 194 pktscale; 195 } else { 196 sndreserve = rcvreserve = 1024 * pktscale; 197 } 198 } else { 199 if (nrp->nr_sotype != SOCK_STREAM) 200 panic("nfscon sotype"); 201 if (nmp != NULL) { 202 sndreserve = (NFS_MAXBSIZE + NFS_MAXPKTHDR + 203 sizeof (u_int32_t)) * pktscale; 204 rcvreserve = (NFS_MAXBSIZE + NFS_MAXPKTHDR + 205 sizeof (u_int32_t)) * pktscale; 206 } else { 207 sndreserve = rcvreserve = 1024 * pktscale; 208 } 209 } 210 error = soreserve(so, sndreserve, rcvreserve); 211 } while (error != 0 && pktscale > 2); 212 soclose(so); 213 if (error) { 214 td->td_ucred = origcred; 215 return (error); 216 } 217 218 client = clnt_reconnect_create(nconf, saddr, nrp->nr_prog, 219 nrp->nr_vers, sndreserve, rcvreserve); 220 CLNT_CONTROL(client, CLSET_WAITCHAN, "newnfsreq"); 221 if (nmp != NULL) { 222 if ((nmp->nm_flag & NFSMNT_INT)) 223 CLNT_CONTROL(client, CLSET_INTERRUPTIBLE, &one); 224 if ((nmp->nm_flag & NFSMNT_RESVPORT)) 225 CLNT_CONTROL(client, CLSET_PRIVPORT, &one); 226 if (NFSHASSOFT(nmp)) 227 retries = nmp->nm_retry; 228 else 229 retries = INT_MAX; 230 } else { 231 /* 232 * Three cases: 233 * - Null RPC callback to client 234 * - Non-Null RPC callback to client, wait a little longer 235 * - upcalls to nfsuserd and gssd (clp == NULL) 236 */ 237 if (callback_retry_mult == 0) { 238 retries = NFSV4_UPCALLRETRY; 239 CLNT_CONTROL(client, CLSET_PRIVPORT, &one); 240 } else { 241 retries = NFSV4_CALLBACKRETRY * callback_retry_mult; 242 } 243 } 244 CLNT_CONTROL(client, CLSET_RETRIES, &retries); 245 246 mtx_lock(&nrp->nr_mtx); 247 if (nrp->nr_client != NULL) { 248 /* 249 * Someone else already connected. 250 */ 251 CLNT_RELEASE(client); 252 } else { 253 nrp->nr_client = client; 254 } 255 256 /* 257 * Protocols that do not require connections may be optionally left 258 * unconnected for servers that reply from a port other than NFS_PORT. 259 */ 260 if (nmp == NULL || (nmp->nm_flag & NFSMNT_NOCONN) == 0) { 261 mtx_unlock(&nrp->nr_mtx); 262 CLNT_CONTROL(client, CLSET_CONNECT, &one); 263 } else { 264 mtx_unlock(&nrp->nr_mtx); 265 } 266 267 /* Restore current thread's credentials. */ 268 td->td_ucred = origcred; 269 return (0); 270 } 271 272 /* 273 * NFS disconnect. Clean up and unlink. 274 */ 275 void 276 newnfs_disconnect(struct nfssockreq *nrp) 277 { 278 CLIENT *client; 279 280 mtx_lock(&nrp->nr_mtx); 281 if (nrp->nr_client != NULL) { 282 client = nrp->nr_client; 283 nrp->nr_client = NULL; 284 mtx_unlock(&nrp->nr_mtx); 285 #ifdef KGSSAPI 286 rpc_gss_secpurge(client); 287 #endif 288 CLNT_CLOSE(client); 289 CLNT_RELEASE(client); 290 } else { 291 mtx_unlock(&nrp->nr_mtx); 292 } 293 } 294 295 static AUTH * 296 nfs_getauth(struct nfssockreq *nrp, int secflavour, char *clnt_principal, 297 char *srv_principal, gss_OID mech_oid, struct ucred *cred) 298 { 299 #ifdef KGSSAPI 300 rpc_gss_service_t svc; 301 AUTH *auth; 302 #ifdef notyet 303 rpc_gss_options_req_t req_options; 304 #endif 305 #endif 306 307 switch (secflavour) { 308 #ifdef KGSSAPI 309 case RPCSEC_GSS_KRB5: 310 case RPCSEC_GSS_KRB5I: 311 case RPCSEC_GSS_KRB5P: 312 if (!mech_oid) { 313 if (!rpc_gss_mech_to_oid("kerberosv5", &mech_oid)) 314 return (NULL); 315 } 316 if (secflavour == RPCSEC_GSS_KRB5) 317 svc = rpc_gss_svc_none; 318 else if (secflavour == RPCSEC_GSS_KRB5I) 319 svc = rpc_gss_svc_integrity; 320 else 321 svc = rpc_gss_svc_privacy; 322 #ifdef notyet 323 req_options.req_flags = GSS_C_MUTUAL_FLAG; 324 req_options.time_req = 0; 325 req_options.my_cred = GSS_C_NO_CREDENTIAL; 326 req_options.input_channel_bindings = NULL; 327 req_options.enc_type = nfs_keytab_enctype; 328 329 auth = rpc_gss_secfind(nrp->nr_client, cred, 330 clnt_principal, srv_principal, mech_oid, svc, 331 &req_options); 332 #else 333 /* 334 * Until changes to the rpcsec_gss code are committed, 335 * there is no support for host based initiator 336 * principals. As such, that case cannot yet be handled. 337 */ 338 if (clnt_principal == NULL) 339 auth = rpc_gss_secfind(nrp->nr_client, cred, 340 srv_principal, mech_oid, svc); 341 else 342 auth = NULL; 343 #endif 344 if (auth != NULL) 345 return (auth); 346 /* fallthrough */ 347 #endif /* KGSSAPI */ 348 case AUTH_SYS: 349 default: 350 return (authunix_create(cred)); 351 352 } 353 } 354 355 /* 356 * Callback from the RPC code to generate up/down notifications. 357 */ 358 359 struct nfs_feedback_arg { 360 struct nfsmount *nf_mount; 361 int nf_lastmsg; /* last tprintf */ 362 int nf_tprintfmsg; 363 struct thread *nf_td; 364 }; 365 366 static void 367 nfs_feedback(int type, int proc, void *arg) 368 { 369 struct nfs_feedback_arg *nf = (struct nfs_feedback_arg *) arg; 370 struct nfsmount *nmp = nf->nf_mount; 371 struct timeval now; 372 373 getmicrouptime(&now); 374 375 switch (type) { 376 case FEEDBACK_REXMIT2: 377 case FEEDBACK_RECONNECT: 378 if (nf->nf_lastmsg + nmp->nm_tprintf_delay < now.tv_sec) { 379 nfs_down(nmp, nf->nf_td, 380 "not responding", 0, NFSSTA_TIMEO); 381 nf->nf_tprintfmsg = TRUE; 382 nf->nf_lastmsg = now.tv_sec; 383 } 384 break; 385 386 case FEEDBACK_OK: 387 nfs_up(nf->nf_mount, nf->nf_td, 388 "is alive again", NFSSTA_TIMEO, nf->nf_tprintfmsg); 389 break; 390 } 391 } 392 393 /* 394 * newnfs_request - goes something like this 395 * - does the rpc by calling the krpc layer 396 * - break down rpc header and return with nfs reply 397 * nb: always frees up nd_mreq mbuf list 398 */ 399 int 400 newnfs_request(struct nfsrv_descript *nd, struct nfsmount *nmp, 401 struct nfsclient *clp, struct nfssockreq *nrp, vnode_t vp, 402 struct thread *td, struct ucred *cred, u_int32_t prog, u_int32_t vers, 403 u_char *retsum, int toplevel, u_int64_t *xidp) 404 { 405 u_int32_t *tl; 406 time_t waituntil; 407 int i, j, set_uid = 0, set_sigset = 0; 408 int trycnt, error = 0, usegssname = 0, secflavour = AUTH_SYS; 409 u_int16_t procnum; 410 u_int trylater_delay = 1; 411 struct nfs_feedback_arg nf; 412 struct timeval timo, now; 413 AUTH *auth; 414 struct rpc_callextra ext; 415 enum clnt_stat stat; 416 struct nfsreq *rep = NULL; 417 char *srv_principal = NULL; 418 uid_t saved_uid = (uid_t)-1; 419 sigset_t oldset; 420 421 if (xidp != NULL) 422 *xidp = 0; 423 /* Reject requests while attempting a forced unmount. */ 424 if (nmp != NULL && (nmp->nm_mountp->mnt_kern_flag & MNTK_UNMOUNTF)) { 425 m_freem(nd->nd_mreq); 426 return (ESTALE); 427 } 428 429 /* For client side interruptible mounts, mask off the signals. */ 430 if (nmp != NULL && td != NULL && NFSHASINT(nmp)) { 431 newnfs_set_sigmask(td, &oldset); 432 set_sigset = 1; 433 } 434 435 /* 436 * XXX if not already connected call nfs_connect now. Longer 437 * term, change nfs_mount to call nfs_connect unconditionally 438 * and let clnt_reconnect_create handle reconnects. 439 */ 440 if (nrp->nr_client == NULL) 441 newnfs_connect(nmp, nrp, cred, td, 0); 442 443 /* 444 * For a client side mount, nmp is != NULL and clp == NULL. For 445 * server calls (callbacks or upcalls), nmp == NULL. 446 */ 447 if (clp != NULL) { 448 NFSLOCKSTATE(); 449 if ((clp->lc_flags & LCL_GSS) && nfsrv_gsscallbackson) { 450 secflavour = RPCSEC_GSS_KRB5; 451 if (nd->nd_procnum != NFSPROC_NULL) { 452 if (clp->lc_flags & LCL_GSSINTEGRITY) 453 secflavour = RPCSEC_GSS_KRB5I; 454 else if (clp->lc_flags & LCL_GSSPRIVACY) 455 secflavour = RPCSEC_GSS_KRB5P; 456 } 457 } 458 NFSUNLOCKSTATE(); 459 } else if (nmp != NULL && NFSHASKERB(nmp) && 460 nd->nd_procnum != NFSPROC_NULL) { 461 if (NFSHASALLGSSNAME(nmp) && nmp->nm_krbnamelen > 0) 462 nd->nd_flag |= ND_USEGSSNAME; 463 if ((nd->nd_flag & ND_USEGSSNAME) != 0) { 464 /* 465 * If there is a client side host based credential, 466 * use that, otherwise use the system uid, if set. 467 */ 468 if (nmp->nm_krbnamelen > 0) { 469 usegssname = 1; 470 } else if (nmp->nm_uid != (uid_t)-1) { 471 saved_uid = cred->cr_uid; 472 cred->cr_uid = nmp->nm_uid; 473 set_uid = 1; 474 } 475 } else if (nmp->nm_krbnamelen == 0 && 476 nmp->nm_uid != (uid_t)-1 && cred->cr_uid == (uid_t)0) { 477 /* 478 * If there is no host based principal name and 479 * the system uid is set and this is root, use the 480 * system uid, since root won't have user 481 * credentials in a credentials cache file. 482 */ 483 saved_uid = cred->cr_uid; 484 cred->cr_uid = nmp->nm_uid; 485 set_uid = 1; 486 } 487 if (NFSHASINTEGRITY(nmp)) 488 secflavour = RPCSEC_GSS_KRB5I; 489 else if (NFSHASPRIVACY(nmp)) 490 secflavour = RPCSEC_GSS_KRB5P; 491 else 492 secflavour = RPCSEC_GSS_KRB5; 493 srv_principal = NFSMNT_SRVKRBNAME(nmp); 494 } 495 496 if (nmp != NULL) { 497 bzero(&nf, sizeof(struct nfs_feedback_arg)); 498 nf.nf_mount = nmp; 499 nf.nf_td = td; 500 getmicrouptime(&now); 501 nf.nf_lastmsg = now.tv_sec - 502 ((nmp->nm_tprintf_delay)-(nmp->nm_tprintf_initial_delay)); 503 } 504 505 if (nd->nd_procnum == NFSPROC_NULL) 506 auth = authnone_create(); 507 else if (usegssname) 508 auth = nfs_getauth(nrp, secflavour, nmp->nm_krbname, 509 srv_principal, NULL, cred); 510 else 511 auth = nfs_getauth(nrp, secflavour, NULL, 512 srv_principal, NULL, cred); 513 if (set_uid) 514 cred->cr_uid = saved_uid; 515 if (auth == NULL) { 516 m_freem(nd->nd_mreq); 517 if (set_sigset) 518 newnfs_restore_sigmask(td, &oldset); 519 return (EACCES); 520 } 521 bzero(&ext, sizeof(ext)); 522 ext.rc_auth = auth; 523 if (nmp != NULL) { 524 ext.rc_feedback = nfs_feedback; 525 ext.rc_feedback_arg = &nf; 526 } 527 528 procnum = nd->nd_procnum; 529 if ((nd->nd_flag & ND_NFSV4) && 530 nd->nd_procnum != NFSPROC_NULL && 531 nd->nd_procnum != NFSV4PROC_CBCOMPOUND) 532 procnum = NFSV4PROC_COMPOUND; 533 534 if (nmp != NULL) { 535 NFSINCRGLOBAL(newnfsstats.rpcrequests); 536 /* 537 * Now only used for the R_DONTRECOVER case, but until that is 538 * supported within the krpc code, I need to keep a queue of 539 * outstanding RPCs for nfsv4 client requests. 540 */ 541 if ((nd->nd_flag & ND_NFSV4) && procnum == NFSV4PROC_COMPOUND) 542 MALLOC(rep, struct nfsreq *, sizeof(struct nfsreq), 543 M_NFSDREQ, M_WAITOK); 544 } 545 trycnt = 0; 546 tryagain: 547 if (nmp == NULL) { 548 timo.tv_usec = 0; 549 if (clp == NULL) 550 timo.tv_sec = NFSV4_UPCALLTIMEO; 551 else 552 timo.tv_sec = NFSV4_CALLBACKTIMEO; 553 } else { 554 if (nrp->nr_sotype != SOCK_DGRAM) { 555 timo.tv_usec = 0; 556 if ((nmp->nm_flag & NFSMNT_NFSV4)) 557 timo.tv_sec = INT_MAX; 558 else 559 timo.tv_sec = NFS_TCPTIMEO; 560 } else { 561 timo.tv_sec = nmp->nm_timeo / NFS_HZ; 562 timo.tv_usec = (nmp->nm_timeo * 1000000) / NFS_HZ; 563 } 564 565 if (rep != NULL) { 566 rep->r_flags = 0; 567 rep->r_nmp = nmp; 568 /* 569 * Chain request into list of outstanding requests. 570 */ 571 NFSLOCKREQ(); 572 TAILQ_INSERT_TAIL(&nfsd_reqq, rep, r_chain); 573 NFSUNLOCKREQ(); 574 } 575 } 576 577 nd->nd_mrep = NULL; 578 stat = CLNT_CALL_MBUF(nrp->nr_client, &ext, procnum, nd->nd_mreq, 579 &nd->nd_mrep, timo); 580 581 if (rep != NULL) { 582 /* 583 * RPC done, unlink the request. 584 */ 585 NFSLOCKREQ(); 586 TAILQ_REMOVE(&nfsd_reqq, rep, r_chain); 587 NFSUNLOCKREQ(); 588 } 589 590 /* 591 * If there was a successful reply and a tprintf msg. 592 * tprintf a response. 593 */ 594 if (stat == RPC_SUCCESS) { 595 error = 0; 596 } else if (stat == RPC_TIMEDOUT) { 597 error = ETIMEDOUT; 598 } else if (stat == RPC_VERSMISMATCH) { 599 error = EOPNOTSUPP; 600 } else if (stat == RPC_PROGVERSMISMATCH) { 601 error = EPROTONOSUPPORT; 602 } else { 603 error = EACCES; 604 } 605 if (error) { 606 m_freem(nd->nd_mreq); 607 AUTH_DESTROY(auth); 608 if (rep != NULL) 609 FREE((caddr_t)rep, M_NFSDREQ); 610 if (set_sigset) 611 newnfs_restore_sigmask(td, &oldset); 612 return (error); 613 } 614 615 KASSERT(nd->nd_mrep != NULL, ("mrep shouldn't be NULL if no error\n")); 616 617 /* 618 * Search for any mbufs that are not a multiple of 4 bytes long 619 * or with m_data not longword aligned. 620 * These could cause pointer alignment problems, so copy them to 621 * well aligned mbufs. 622 */ 623 newnfs_realign(&nd->nd_mrep); 624 nd->nd_md = nd->nd_mrep; 625 nd->nd_dpos = NFSMTOD(nd->nd_md, caddr_t); 626 nd->nd_repstat = 0; 627 if (nd->nd_procnum != NFSPROC_NULL) { 628 /* 629 * and now the actual NFS xdr. 630 */ 631 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED); 632 nd->nd_repstat = fxdr_unsigned(u_int32_t, *tl); 633 if (nd->nd_repstat != 0) { 634 if ((nd->nd_repstat == NFSERR_DELAY && 635 (nd->nd_flag & ND_NFSV4) && 636 nd->nd_procnum != NFSPROC_SETATTR && 637 nd->nd_procnum != NFSPROC_READ && 638 nd->nd_procnum != NFSPROC_WRITE && 639 nd->nd_procnum != NFSPROC_OPEN && 640 nd->nd_procnum != NFSPROC_CREATE && 641 nd->nd_procnum != NFSPROC_OPENCONFIRM && 642 nd->nd_procnum != NFSPROC_OPENDOWNGRADE && 643 nd->nd_procnum != NFSPROC_CLOSE && 644 nd->nd_procnum != NFSPROC_LOCK && 645 nd->nd_procnum != NFSPROC_LOCKU) || 646 (nd->nd_repstat == NFSERR_DELAY && 647 (nd->nd_flag & ND_NFSV4) == 0) || 648 nd->nd_repstat == NFSERR_RESOURCE) { 649 if (trylater_delay > NFS_TRYLATERDEL) 650 trylater_delay = NFS_TRYLATERDEL; 651 waituntil = NFSD_MONOSEC + trylater_delay; 652 while (NFSD_MONOSEC < waituntil) 653 (void) nfs_catnap(PZERO, "nfstry"); 654 trylater_delay *= 2; 655 goto tryagain; 656 } 657 658 /* 659 * If the File Handle was stale, invalidate the 660 * lookup cache, just in case. 661 * (vp != NULL implies a client side call) 662 */ 663 if (nd->nd_repstat == ESTALE && vp != NULL) { 664 cache_purge(vp); 665 if (ncl_call_invalcaches != NULL) 666 (*ncl_call_invalcaches)(vp); 667 } 668 } 669 670 /* 671 * Get rid of the tag, return count, and PUTFH result for V4. 672 */ 673 if (nd->nd_flag & ND_NFSV4) { 674 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED); 675 i = fxdr_unsigned(int, *tl); 676 error = nfsm_advance(nd, NFSM_RNDUP(i), -1); 677 if (error) 678 goto nfsmout; 679 NFSM_DISSECT(tl, u_int32_t *, 3 * NFSX_UNSIGNED); 680 i = fxdr_unsigned(int, *++tl); 681 682 /* 683 * If the first op's status is non-zero, mark that 684 * there is no more data to process. 685 */ 686 if (*++tl) 687 nd->nd_flag |= ND_NOMOREDATA; 688 689 /* 690 * If the first op is Putfh, throw its results away 691 * and toss the op# and status for the first op. 692 */ 693 if (nmp != NULL && i == NFSV4OP_PUTFH && *tl == 0) { 694 NFSM_DISSECT(tl,u_int32_t *,2 * NFSX_UNSIGNED); 695 i = fxdr_unsigned(int, *tl++); 696 j = fxdr_unsigned(int, *tl); 697 /* 698 * All Compounds that do an Op that must 699 * be in sequence consist of NFSV4OP_PUTFH 700 * followed by one of these. As such, we 701 * can determine if the seqid# should be 702 * incremented, here. 703 */ 704 if ((i == NFSV4OP_OPEN || 705 i == NFSV4OP_OPENCONFIRM || 706 i == NFSV4OP_OPENDOWNGRADE || 707 i == NFSV4OP_CLOSE || 708 i == NFSV4OP_LOCK || 709 i == NFSV4OP_LOCKU) && 710 (j == 0 || 711 (j != NFSERR_STALECLIENTID && 712 j != NFSERR_STALESTATEID && 713 j != NFSERR_BADSTATEID && 714 j != NFSERR_BADSEQID && 715 j != NFSERR_BADXDR && 716 j != NFSERR_RESOURCE && 717 j != NFSERR_NOFILEHANDLE))) 718 nd->nd_flag |= ND_INCRSEQID; 719 /* 720 * If the first op's status is non-zero, mark 721 * that there is no more data to process. 722 */ 723 if (j) 724 nd->nd_flag |= ND_NOMOREDATA; 725 } 726 727 /* 728 * If R_DONTRECOVER is set, replace the stale error 729 * reply, so that recovery isn't initiated. 730 */ 731 if ((nd->nd_repstat == NFSERR_STALECLIENTID || 732 nd->nd_repstat == NFSERR_STALESTATEID) && 733 rep != NULL && (rep->r_flags & R_DONTRECOVER)) 734 nd->nd_repstat = NFSERR_STALEDONTRECOVER; 735 } 736 } 737 738 m_freem(nd->nd_mreq); 739 AUTH_DESTROY(auth); 740 if (rep != NULL) 741 FREE((caddr_t)rep, M_NFSDREQ); 742 if (set_sigset) 743 newnfs_restore_sigmask(td, &oldset); 744 return (0); 745 nfsmout: 746 mbuf_freem(nd->nd_mrep); 747 mbuf_freem(nd->nd_mreq); 748 AUTH_DESTROY(auth); 749 if (rep != NULL) 750 FREE((caddr_t)rep, M_NFSDREQ); 751 if (set_sigset) 752 newnfs_restore_sigmask(td, &oldset); 753 return (error); 754 } 755 756 /* 757 * Mark all of an nfs mount's outstanding requests with R_SOFTTERM and 758 * wait for all requests to complete. This is used by forced unmounts 759 * to terminate any outstanding RPCs. 760 */ 761 int 762 newnfs_nmcancelreqs(struct nfsmount *nmp) 763 { 764 765 if (nmp->nm_sockreq.nr_client != NULL) 766 CLNT_CLOSE(nmp->nm_sockreq.nr_client); 767 return (0); 768 } 769 770 /* 771 * Any signal that can interrupt an NFS operation in an intr mount 772 * should be added to this set. SIGSTOP and SIGKILL cannot be masked. 773 */ 774 int newnfs_sig_set[] = { 775 SIGINT, 776 SIGTERM, 777 SIGHUP, 778 SIGKILL, 779 SIGSTOP, 780 SIGQUIT 781 }; 782 783 /* 784 * Check to see if one of the signals in our subset is pending on 785 * the process (in an intr mount). 786 */ 787 static int 788 nfs_sig_pending(sigset_t set) 789 { 790 int i; 791 792 for (i = 0 ; i < sizeof(newnfs_sig_set)/sizeof(int) ; i++) 793 if (SIGISMEMBER(set, newnfs_sig_set[i])) 794 return (1); 795 return (0); 796 } 797 798 /* 799 * The set/restore sigmask functions are used to (temporarily) overwrite 800 * the process p_sigmask during an RPC call (for example). These are also 801 * used in other places in the NFS client that might tsleep(). 802 */ 803 void 804 newnfs_set_sigmask(struct thread *td, sigset_t *oldset) 805 { 806 sigset_t newset; 807 int i; 808 struct proc *p; 809 810 SIGFILLSET(newset); 811 if (td == NULL) 812 td = curthread; /* XXX */ 813 p = td->td_proc; 814 /* Remove the NFS set of signals from newset */ 815 PROC_LOCK(p); 816 mtx_lock(&p->p_sigacts->ps_mtx); 817 for (i = 0 ; i < sizeof(newnfs_sig_set)/sizeof(int) ; i++) { 818 /* 819 * But make sure we leave the ones already masked 820 * by the process, ie. remove the signal from the 821 * temporary signalmask only if it wasn't already 822 * in p_sigmask. 823 */ 824 if (!SIGISMEMBER(td->td_sigmask, newnfs_sig_set[i]) && 825 !SIGISMEMBER(p->p_sigacts->ps_sigignore, newnfs_sig_set[i])) 826 SIGDELSET(newset, newnfs_sig_set[i]); 827 } 828 mtx_unlock(&p->p_sigacts->ps_mtx); 829 PROC_UNLOCK(p); 830 kern_sigprocmask(td, SIG_SETMASK, &newset, oldset, 0); 831 } 832 833 void 834 newnfs_restore_sigmask(struct thread *td, sigset_t *set) 835 { 836 if (td == NULL) 837 td = curthread; /* XXX */ 838 kern_sigprocmask(td, SIG_SETMASK, set, NULL, 0); 839 } 840 841 /* 842 * NFS wrapper to msleep(), that shoves a new p_sigmask and restores the 843 * old one after msleep() returns. 844 */ 845 int 846 newnfs_msleep(struct thread *td, void *ident, struct mtx *mtx, int priority, char *wmesg, int timo) 847 { 848 sigset_t oldset; 849 int error; 850 struct proc *p; 851 852 if ((priority & PCATCH) == 0) 853 return msleep(ident, mtx, priority, wmesg, timo); 854 if (td == NULL) 855 td = curthread; /* XXX */ 856 newnfs_set_sigmask(td, &oldset); 857 error = msleep(ident, mtx, priority, wmesg, timo); 858 newnfs_restore_sigmask(td, &oldset); 859 p = td->td_proc; 860 return (error); 861 } 862 863 /* 864 * Test for a termination condition pending on the process. 865 * This is used for NFSMNT_INT mounts. 866 */ 867 int 868 newnfs_sigintr(struct nfsmount *nmp, struct thread *td) 869 { 870 struct proc *p; 871 sigset_t tmpset; 872 873 /* Terminate all requests while attempting a forced unmount. */ 874 if (nmp->nm_mountp->mnt_kern_flag & MNTK_UNMOUNTF) 875 return (EIO); 876 if (!(nmp->nm_flag & NFSMNT_INT)) 877 return (0); 878 if (td == NULL) 879 return (0); 880 p = td->td_proc; 881 PROC_LOCK(p); 882 tmpset = p->p_siglist; 883 SIGSETOR(tmpset, td->td_siglist); 884 SIGSETNAND(tmpset, td->td_sigmask); 885 mtx_lock(&p->p_sigacts->ps_mtx); 886 SIGSETNAND(tmpset, p->p_sigacts->ps_sigignore); 887 mtx_unlock(&p->p_sigacts->ps_mtx); 888 if ((SIGNOTEMPTY(p->p_siglist) || SIGNOTEMPTY(td->td_siglist)) 889 && nfs_sig_pending(tmpset)) { 890 PROC_UNLOCK(p); 891 return (EINTR); 892 } 893 PROC_UNLOCK(p); 894 return (0); 895 } 896 897 static int 898 nfs_msg(struct thread *td, const char *server, const char *msg, int error) 899 { 900 struct proc *p; 901 902 p = td ? td->td_proc : NULL; 903 if (error) { 904 tprintf(p, LOG_INFO, "newnfs server %s: %s, error %d\n", 905 server, msg, error); 906 } else { 907 tprintf(p, LOG_INFO, "newnfs server %s: %s\n", server, msg); 908 } 909 return (0); 910 } 911 912 static void 913 nfs_down(struct nfsmount *nmp, struct thread *td, const char *msg, 914 int error, int flags) 915 { 916 if (nmp == NULL) 917 return; 918 mtx_lock(&nmp->nm_mtx); 919 if ((flags & NFSSTA_TIMEO) && !(nmp->nm_state & NFSSTA_TIMEO)) { 920 nmp->nm_state |= NFSSTA_TIMEO; 921 mtx_unlock(&nmp->nm_mtx); 922 vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid, 923 VQ_NOTRESP, 0); 924 } else 925 mtx_unlock(&nmp->nm_mtx); 926 mtx_lock(&nmp->nm_mtx); 927 if ((flags & NFSSTA_LOCKTIMEO) && !(nmp->nm_state & NFSSTA_LOCKTIMEO)) { 928 nmp->nm_state |= NFSSTA_LOCKTIMEO; 929 mtx_unlock(&nmp->nm_mtx); 930 vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid, 931 VQ_NOTRESPLOCK, 0); 932 } else 933 mtx_unlock(&nmp->nm_mtx); 934 nfs_msg(td, nmp->nm_mountp->mnt_stat.f_mntfromname, msg, error); 935 } 936 937 static void 938 nfs_up(struct nfsmount *nmp, struct thread *td, const char *msg, 939 int flags, int tprintfmsg) 940 { 941 if (nmp == NULL) 942 return; 943 if (tprintfmsg) { 944 nfs_msg(td, nmp->nm_mountp->mnt_stat.f_mntfromname, msg, 0); 945 } 946 947 mtx_lock(&nmp->nm_mtx); 948 if ((flags & NFSSTA_TIMEO) && (nmp->nm_state & NFSSTA_TIMEO)) { 949 nmp->nm_state &= ~NFSSTA_TIMEO; 950 mtx_unlock(&nmp->nm_mtx); 951 vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid, 952 VQ_NOTRESP, 1); 953 } else 954 mtx_unlock(&nmp->nm_mtx); 955 956 mtx_lock(&nmp->nm_mtx); 957 if ((flags & NFSSTA_LOCKTIMEO) && (nmp->nm_state & NFSSTA_LOCKTIMEO)) { 958 nmp->nm_state &= ~NFSSTA_LOCKTIMEO; 959 mtx_unlock(&nmp->nm_mtx); 960 vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid, 961 VQ_NOTRESPLOCK, 1); 962 } else 963 mtx_unlock(&nmp->nm_mtx); 964 } 965 966