xref: /freebsd/sys/fs/nfs/nfs_commonkrpc.c (revision f0cfa1b168014f56c02b83e5f28412cc5f78d117)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1989, 1991, 1993, 1995
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Rick Macklem at The University of Guelph.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  *
34  */
35 
36 #include <sys/cdefs.h>
37 __FBSDID("$FreeBSD$");
38 
39 /*
40  * Socket operations for use by nfs
41  */
42 
43 #include "opt_kgssapi.h"
44 #include "opt_nfs.h"
45 
46 #include <sys/param.h>
47 #include <sys/systm.h>
48 #include <sys/kernel.h>
49 #include <sys/limits.h>
50 #include <sys/lock.h>
51 #include <sys/malloc.h>
52 #include <sys/mbuf.h>
53 #include <sys/mount.h>
54 #include <sys/mutex.h>
55 #include <sys/proc.h>
56 #include <sys/signalvar.h>
57 #include <sys/syscallsubr.h>
58 #include <sys/sysctl.h>
59 #include <sys/syslog.h>
60 #include <sys/vnode.h>
61 
62 #include <rpc/rpc.h>
63 #include <rpc/krpc.h>
64 
65 #include <kgssapi/krb5/kcrypto.h>
66 
67 #include <fs/nfs/nfsport.h>
68 
69 #ifdef KDTRACE_HOOKS
70 #include <sys/dtrace_bsd.h>
71 
72 dtrace_nfsclient_nfs23_start_probe_func_t
73 		dtrace_nfscl_nfs234_start_probe;
74 
75 dtrace_nfsclient_nfs23_done_probe_func_t
76 		dtrace_nfscl_nfs234_done_probe;
77 
78 /*
79  * Registered probes by RPC type.
80  */
81 uint32_t	nfscl_nfs2_start_probes[NFSV41_NPROCS + 1];
82 uint32_t	nfscl_nfs2_done_probes[NFSV41_NPROCS + 1];
83 
84 uint32_t	nfscl_nfs3_start_probes[NFSV41_NPROCS + 1];
85 uint32_t	nfscl_nfs3_done_probes[NFSV41_NPROCS + 1];
86 
87 uint32_t	nfscl_nfs4_start_probes[NFSV41_NPROCS + 1];
88 uint32_t	nfscl_nfs4_done_probes[NFSV41_NPROCS + 1];
89 #endif
90 
91 NFSSTATESPINLOCK;
92 NFSREQSPINLOCK;
93 NFSDLOCKMUTEX;
94 NFSCLSTATEMUTEX;
95 extern struct nfsstatsv1 nfsstatsv1;
96 extern struct nfsreqhead nfsd_reqq;
97 extern int nfscl_ticks;
98 extern void (*ncl_call_invalcaches)(struct vnode *);
99 extern int nfs_numnfscbd;
100 extern int nfscl_debuglevel;
101 
102 SVCPOOL		*nfscbd_pool;
103 static int	nfsrv_gsscallbackson = 0;
104 static int	nfs_bufpackets = 4;
105 static int	nfs_reconnects;
106 static int	nfs3_jukebox_delay = 10;
107 static int	nfs_skip_wcc_data_onerr = 1;
108 
109 SYSCTL_DECL(_vfs_nfs);
110 
111 SYSCTL_INT(_vfs_nfs, OID_AUTO, bufpackets, CTLFLAG_RW, &nfs_bufpackets, 0,
112     "Buffer reservation size 2 < x < 64");
113 SYSCTL_INT(_vfs_nfs, OID_AUTO, reconnects, CTLFLAG_RD, &nfs_reconnects, 0,
114     "Number of times the nfs client has had to reconnect");
115 SYSCTL_INT(_vfs_nfs, OID_AUTO, nfs3_jukebox_delay, CTLFLAG_RW, &nfs3_jukebox_delay, 0,
116     "Number of seconds to delay a retry after receiving EJUKEBOX");
117 SYSCTL_INT(_vfs_nfs, OID_AUTO, skip_wcc_data_onerr, CTLFLAG_RW, &nfs_skip_wcc_data_onerr, 0,
118     "Disable weak cache consistency checking when server returns an error");
119 
120 static void	nfs_down(struct nfsmount *, struct thread *, const char *,
121     int, int);
122 static void	nfs_up(struct nfsmount *, struct thread *, const char *,
123     int, int);
124 static int	nfs_msg(struct thread *, const char *, const char *, int);
125 
126 struct nfs_cached_auth {
127 	int		ca_refs; /* refcount, including 1 from the cache */
128 	uid_t		ca_uid;	 /* uid that corresponds to this auth */
129 	AUTH		*ca_auth; /* RPC auth handle */
130 };
131 
132 static int nfsv2_procid[NFS_V3NPROCS] = {
133 	NFSV2PROC_NULL,
134 	NFSV2PROC_GETATTR,
135 	NFSV2PROC_SETATTR,
136 	NFSV2PROC_LOOKUP,
137 	NFSV2PROC_NOOP,
138 	NFSV2PROC_READLINK,
139 	NFSV2PROC_READ,
140 	NFSV2PROC_WRITE,
141 	NFSV2PROC_CREATE,
142 	NFSV2PROC_MKDIR,
143 	NFSV2PROC_SYMLINK,
144 	NFSV2PROC_CREATE,
145 	NFSV2PROC_REMOVE,
146 	NFSV2PROC_RMDIR,
147 	NFSV2PROC_RENAME,
148 	NFSV2PROC_LINK,
149 	NFSV2PROC_READDIR,
150 	NFSV2PROC_NOOP,
151 	NFSV2PROC_STATFS,
152 	NFSV2PROC_NOOP,
153 	NFSV2PROC_NOOP,
154 	NFSV2PROC_NOOP,
155 };
156 
157 /*
158  * Initialize sockets and congestion for a new NFS connection.
159  * We do not free the sockaddr if error.
160  */
161 int
162 newnfs_connect(struct nfsmount *nmp, struct nfssockreq *nrp,
163     struct ucred *cred, NFSPROC_T *p, int callback_retry_mult)
164 {
165 	int rcvreserve, sndreserve;
166 	int pktscale, pktscalesav;
167 	struct sockaddr *saddr;
168 	struct ucred *origcred;
169 	CLIENT *client;
170 	struct netconfig *nconf;
171 	struct socket *so;
172 	int one = 1, retries, error = 0;
173 	struct thread *td = curthread;
174 	SVCXPRT *xprt;
175 	struct timeval timo;
176 
177 	/*
178 	 * We need to establish the socket using the credentials of
179 	 * the mountpoint.  Some parts of this process (such as
180 	 * sobind() and soconnect()) will use the curent thread's
181 	 * credential instead of the socket credential.  To work
182 	 * around this, temporarily change the current thread's
183 	 * credential to that of the mountpoint.
184 	 *
185 	 * XXX: It would be better to explicitly pass the correct
186 	 * credential to sobind() and soconnect().
187 	 */
188 	origcred = td->td_ucred;
189 
190 	/*
191 	 * Use the credential in nr_cred, if not NULL.
192 	 */
193 	if (nrp->nr_cred != NULL)
194 		td->td_ucred = nrp->nr_cred;
195 	else
196 		td->td_ucred = cred;
197 	saddr = nrp->nr_nam;
198 
199 	if (saddr->sa_family == AF_INET)
200 		if (nrp->nr_sotype == SOCK_DGRAM)
201 			nconf = getnetconfigent("udp");
202 		else
203 			nconf = getnetconfigent("tcp");
204 	else if (saddr->sa_family == AF_LOCAL)
205 		nconf = getnetconfigent("local");
206 	else
207 		if (nrp->nr_sotype == SOCK_DGRAM)
208 			nconf = getnetconfigent("udp6");
209 		else
210 			nconf = getnetconfigent("tcp6");
211 
212 	pktscale = nfs_bufpackets;
213 	if (pktscale < 2)
214 		pktscale = 2;
215 	if (pktscale > 64)
216 		pktscale = 64;
217 	pktscalesav = pktscale;
218 	/*
219 	 * soreserve() can fail if sb_max is too small, so shrink pktscale
220 	 * and try again if there is an error.
221 	 * Print a log message suggesting increasing sb_max.
222 	 * Creating a socket and doing this is necessary since, if the
223 	 * reservation sizes are too large and will make soreserve() fail,
224 	 * the connection will work until a large send is attempted and
225 	 * then it will loop in the krpc code.
226 	 */
227 	so = NULL;
228 	saddr = NFSSOCKADDR(nrp->nr_nam, struct sockaddr *);
229 	error = socreate(saddr->sa_family, &so, nrp->nr_sotype,
230 	    nrp->nr_soproto, td->td_ucred, td);
231 	if (error) {
232 		td->td_ucred = origcred;
233 		goto out;
234 	}
235 	do {
236 	    if (error != 0 && pktscale > 2) {
237 		if (nmp != NULL && nrp->nr_sotype == SOCK_STREAM &&
238 		    pktscale == pktscalesav)
239 		    printf("Consider increasing kern.ipc.maxsockbuf\n");
240 		pktscale--;
241 	    }
242 	    if (nrp->nr_sotype == SOCK_DGRAM) {
243 		if (nmp != NULL) {
244 			sndreserve = (NFS_MAXDGRAMDATA + NFS_MAXPKTHDR) *
245 			    pktscale;
246 			rcvreserve = (NFS_MAXDGRAMDATA + NFS_MAXPKTHDR) *
247 			    pktscale;
248 		} else {
249 			sndreserve = rcvreserve = 1024 * pktscale;
250 		}
251 	    } else {
252 		if (nrp->nr_sotype != SOCK_STREAM)
253 			panic("nfscon sotype");
254 		if (nmp != NULL) {
255 			sndreserve = (NFS_MAXBSIZE + NFS_MAXXDR +
256 			    sizeof (u_int32_t)) * pktscale;
257 			rcvreserve = (NFS_MAXBSIZE + NFS_MAXXDR +
258 			    sizeof (u_int32_t)) * pktscale;
259 		} else {
260 			sndreserve = rcvreserve = 1024 * pktscale;
261 		}
262 	    }
263 	    error = soreserve(so, sndreserve, rcvreserve);
264 	    if (error != 0 && nmp != NULL && nrp->nr_sotype == SOCK_STREAM &&
265 		pktscale <= 2)
266 		printf("Must increase kern.ipc.maxsockbuf or reduce"
267 		    " rsize, wsize\n");
268 	} while (error != 0 && pktscale > 2);
269 	soclose(so);
270 	if (error) {
271 		td->td_ucred = origcred;
272 		goto out;
273 	}
274 
275 	client = clnt_reconnect_create(nconf, saddr, nrp->nr_prog,
276 	    nrp->nr_vers, sndreserve, rcvreserve);
277 	CLNT_CONTROL(client, CLSET_WAITCHAN, "nfsreq");
278 	if (nmp != NULL) {
279 		if ((nmp->nm_flag & NFSMNT_INT))
280 			CLNT_CONTROL(client, CLSET_INTERRUPTIBLE, &one);
281 		if ((nmp->nm_flag & NFSMNT_RESVPORT))
282 			CLNT_CONTROL(client, CLSET_PRIVPORT, &one);
283 		if (NFSHASSOFT(nmp)) {
284 			if (nmp->nm_sotype == SOCK_DGRAM)
285 				/*
286 				 * For UDP, the large timeout for a reconnect
287 				 * will be set to "nm_retry * nm_timeo / 2", so
288 				 * we only want to do 2 reconnect timeout
289 				 * retries.
290 				 */
291 				retries = 2;
292 			else
293 				retries = nmp->nm_retry;
294 		} else
295 			retries = INT_MAX;
296 		/* cred == NULL for DS connects. */
297 		if (NFSHASNFSV4N(nmp) && cred != NULL) {
298 			/*
299 			 * Make sure the nfscbd_pool doesn't get destroyed
300 			 * while doing this.
301 			 */
302 			NFSD_LOCK();
303 			if (nfs_numnfscbd > 0) {
304 				nfs_numnfscbd++;
305 				NFSD_UNLOCK();
306 				xprt = svc_vc_create_backchannel(nfscbd_pool);
307 				CLNT_CONTROL(client, CLSET_BACKCHANNEL, xprt);
308 				NFSD_LOCK();
309 				nfs_numnfscbd--;
310 				if (nfs_numnfscbd == 0)
311 					wakeup(&nfs_numnfscbd);
312 			}
313 			NFSD_UNLOCK();
314 		}
315 	} else {
316 		/*
317 		 * Three cases:
318 		 * - Null RPC callback to client
319 		 * - Non-Null RPC callback to client, wait a little longer
320 		 * - upcalls to nfsuserd and gssd (clp == NULL)
321 		 */
322 		if (callback_retry_mult == 0) {
323 			retries = NFSV4_UPCALLRETRY;
324 			CLNT_CONTROL(client, CLSET_PRIVPORT, &one);
325 		} else {
326 			retries = NFSV4_CALLBACKRETRY * callback_retry_mult;
327 		}
328 	}
329 	CLNT_CONTROL(client, CLSET_RETRIES, &retries);
330 
331 	if (nmp != NULL) {
332 		/*
333 		 * For UDP, there are 2 timeouts:
334 		 * - CLSET_RETRY_TIMEOUT sets the initial timeout for the timer
335 		 *   that does a retransmit of an RPC request using the same
336 		 *   socket and xid. This is what you normally want to do,
337 		 *   since NFS servers depend on "same xid" for their
338 		 *   Duplicate Request Cache.
339 		 * - timeout specified in CLNT_CALL_MBUF(), which specifies when
340 		 *   retransmits on the same socket should fail and a fresh
341 		 *   socket created. Each of these timeouts counts as one
342 		 *   CLSET_RETRIES as set above.
343 		 * Set the initial retransmit timeout for UDP. This timeout
344 		 * doesn't exist for TCP and the following call just fails,
345 		 * which is ok.
346 		 */
347 		timo.tv_sec = nmp->nm_timeo / NFS_HZ;
348 		timo.tv_usec = (nmp->nm_timeo % NFS_HZ) * 1000000 / NFS_HZ;
349 		CLNT_CONTROL(client, CLSET_RETRY_TIMEOUT, &timo);
350 	}
351 
352 	mtx_lock(&nrp->nr_mtx);
353 	if (nrp->nr_client != NULL) {
354 		mtx_unlock(&nrp->nr_mtx);
355 		/*
356 		 * Someone else already connected.
357 		 */
358 		CLNT_RELEASE(client);
359 	} else {
360 		nrp->nr_client = client;
361 		/*
362 		 * Protocols that do not require connections may be optionally
363 		 * left unconnected for servers that reply from a port other
364 		 * than NFS_PORT.
365 		 */
366 		if (nmp == NULL || (nmp->nm_flag & NFSMNT_NOCONN) == 0) {
367 			mtx_unlock(&nrp->nr_mtx);
368 			CLNT_CONTROL(client, CLSET_CONNECT, &one);
369 		} else
370 			mtx_unlock(&nrp->nr_mtx);
371 	}
372 
373 
374 	/* Restore current thread's credentials. */
375 	td->td_ucred = origcred;
376 
377 out:
378 	NFSEXITCODE(error);
379 	return (error);
380 }
381 
382 /*
383  * NFS disconnect. Clean up and unlink.
384  */
385 void
386 newnfs_disconnect(struct nfssockreq *nrp)
387 {
388 	CLIENT *client;
389 
390 	mtx_lock(&nrp->nr_mtx);
391 	if (nrp->nr_client != NULL) {
392 		client = nrp->nr_client;
393 		nrp->nr_client = NULL;
394 		mtx_unlock(&nrp->nr_mtx);
395 		rpc_gss_secpurge_call(client);
396 		CLNT_CLOSE(client);
397 		CLNT_RELEASE(client);
398 	} else {
399 		mtx_unlock(&nrp->nr_mtx);
400 	}
401 }
402 
403 static AUTH *
404 nfs_getauth(struct nfssockreq *nrp, int secflavour, char *clnt_principal,
405     char *srv_principal, gss_OID mech_oid, struct ucred *cred)
406 {
407 	rpc_gss_service_t svc;
408 	AUTH *auth;
409 
410 	switch (secflavour) {
411 	case RPCSEC_GSS_KRB5:
412 	case RPCSEC_GSS_KRB5I:
413 	case RPCSEC_GSS_KRB5P:
414 		if (!mech_oid) {
415 			if (!rpc_gss_mech_to_oid_call("kerberosv5", &mech_oid))
416 				return (NULL);
417 		}
418 		if (secflavour == RPCSEC_GSS_KRB5)
419 			svc = rpc_gss_svc_none;
420 		else if (secflavour == RPCSEC_GSS_KRB5I)
421 			svc = rpc_gss_svc_integrity;
422 		else
423 			svc = rpc_gss_svc_privacy;
424 
425 		if (clnt_principal == NULL)
426 			auth = rpc_gss_secfind_call(nrp->nr_client, cred,
427 			    srv_principal, mech_oid, svc);
428 		else {
429 			auth = rpc_gss_seccreate_call(nrp->nr_client, cred,
430 			    clnt_principal, srv_principal, "kerberosv5",
431 			    svc, NULL, NULL, NULL);
432 			return (auth);
433 		}
434 		if (auth != NULL)
435 			return (auth);
436 		/* fallthrough */
437 	case AUTH_SYS:
438 	default:
439 		return (authunix_create(cred));
440 
441 	}
442 }
443 
444 /*
445  * Callback from the RPC code to generate up/down notifications.
446  */
447 
448 struct nfs_feedback_arg {
449 	struct nfsmount *nf_mount;
450 	int		nf_lastmsg;	/* last tprintf */
451 	int		nf_tprintfmsg;
452 	struct thread	*nf_td;
453 };
454 
455 static void
456 nfs_feedback(int type, int proc, void *arg)
457 {
458 	struct nfs_feedback_arg *nf = (struct nfs_feedback_arg *) arg;
459 	struct nfsmount *nmp = nf->nf_mount;
460 	time_t now;
461 
462 	switch (type) {
463 	case FEEDBACK_REXMIT2:
464 	case FEEDBACK_RECONNECT:
465 		now = NFSD_MONOSEC;
466 		if (nf->nf_lastmsg + nmp->nm_tprintf_delay < now) {
467 			nfs_down(nmp, nf->nf_td,
468 			    "not responding", 0, NFSSTA_TIMEO);
469 			nf->nf_tprintfmsg = TRUE;
470 			nf->nf_lastmsg = now;
471 		}
472 		break;
473 
474 	case FEEDBACK_OK:
475 		nfs_up(nf->nf_mount, nf->nf_td,
476 		    "is alive again", NFSSTA_TIMEO, nf->nf_tprintfmsg);
477 		break;
478 	}
479 }
480 
481 /*
482  * newnfs_request - goes something like this
483  *	- does the rpc by calling the krpc layer
484  *	- break down rpc header and return with nfs reply
485  * nb: always frees up nd_mreq mbuf list
486  */
487 int
488 newnfs_request(struct nfsrv_descript *nd, struct nfsmount *nmp,
489     struct nfsclient *clp, struct nfssockreq *nrp, vnode_t vp,
490     struct thread *td, struct ucred *cred, u_int32_t prog, u_int32_t vers,
491     u_char *retsum, int toplevel, u_int64_t *xidp, struct nfsclsession *dssep)
492 {
493 	uint32_t retseq, retval, slotseq, *tl;
494 	time_t waituntil;
495 	int i = 0, j = 0, opcnt, set_sigset = 0, slot;
496 	int trycnt, error = 0, usegssname = 0, secflavour = AUTH_SYS;
497 	int freeslot, maxslot, reterr, slotpos, timeo;
498 	u_int16_t procnum;
499 	u_int trylater_delay = 1;
500 	struct nfs_feedback_arg nf;
501 	struct timeval timo;
502 	AUTH *auth;
503 	struct rpc_callextra ext;
504 	enum clnt_stat stat;
505 	struct nfsreq *rep = NULL;
506 	char *srv_principal = NULL, *clnt_principal = NULL;
507 	sigset_t oldset;
508 	struct ucred *authcred;
509 	struct nfsclsession *sep;
510 	uint8_t sessionid[NFSX_V4SESSIONID];
511 
512 	sep = dssep;
513 	if (xidp != NULL)
514 		*xidp = 0;
515 	/* Reject requests while attempting a forced unmount. */
516 	if (nmp != NULL && NFSCL_FORCEDISM(nmp->nm_mountp)) {
517 		m_freem(nd->nd_mreq);
518 		return (ESTALE);
519 	}
520 
521 	/*
522 	 * Set authcred, which is used to acquire RPC credentials to
523 	 * the cred argument, by default. The crhold() should not be
524 	 * necessary, but will ensure that some future code change
525 	 * doesn't result in the credential being free'd prematurely.
526 	 */
527 	authcred = crhold(cred);
528 
529 	/* For client side interruptible mounts, mask off the signals. */
530 	if (nmp != NULL && td != NULL && NFSHASINT(nmp)) {
531 		newnfs_set_sigmask(td, &oldset);
532 		set_sigset = 1;
533 	}
534 
535 	/*
536 	 * XXX if not already connected call nfs_connect now. Longer
537 	 * term, change nfs_mount to call nfs_connect unconditionally
538 	 * and let clnt_reconnect_create handle reconnects.
539 	 */
540 	if (nrp->nr_client == NULL)
541 		newnfs_connect(nmp, nrp, cred, td, 0);
542 
543 	/*
544 	 * For a client side mount, nmp is != NULL and clp == NULL. For
545 	 * server calls (callbacks or upcalls), nmp == NULL.
546 	 */
547 	if (clp != NULL) {
548 		NFSLOCKSTATE();
549 		if ((clp->lc_flags & LCL_GSS) && nfsrv_gsscallbackson) {
550 			secflavour = RPCSEC_GSS_KRB5;
551 			if (nd->nd_procnum != NFSPROC_NULL) {
552 				if (clp->lc_flags & LCL_GSSINTEGRITY)
553 					secflavour = RPCSEC_GSS_KRB5I;
554 				else if (clp->lc_flags & LCL_GSSPRIVACY)
555 					secflavour = RPCSEC_GSS_KRB5P;
556 			}
557 		}
558 		NFSUNLOCKSTATE();
559 	} else if (nmp != NULL && NFSHASKERB(nmp) &&
560 	     nd->nd_procnum != NFSPROC_NULL) {
561 		if (NFSHASALLGSSNAME(nmp) && nmp->nm_krbnamelen > 0)
562 			nd->nd_flag |= ND_USEGSSNAME;
563 		if ((nd->nd_flag & ND_USEGSSNAME) != 0) {
564 			/*
565 			 * If there is a client side host based credential,
566 			 * use that, otherwise use the system uid, if set.
567 			 * The system uid is in the nmp->nm_sockreq.nr_cred
568 			 * credentials.
569 			 */
570 			if (nmp->nm_krbnamelen > 0) {
571 				usegssname = 1;
572 				clnt_principal = nmp->nm_krbname;
573 			} else if (nmp->nm_uid != (uid_t)-1) {
574 				KASSERT(nmp->nm_sockreq.nr_cred != NULL,
575 				    ("newnfs_request: NULL nr_cred"));
576 				crfree(authcred);
577 				authcred = crhold(nmp->nm_sockreq.nr_cred);
578 			}
579 		} else if (nmp->nm_krbnamelen == 0 &&
580 		    nmp->nm_uid != (uid_t)-1 && cred->cr_uid == (uid_t)0) {
581 			/*
582 			 * If there is no host based principal name and
583 			 * the system uid is set and this is root, use the
584 			 * system uid, since root won't have user
585 			 * credentials in a credentials cache file.
586 			 * The system uid is in the nmp->nm_sockreq.nr_cred
587 			 * credentials.
588 			 */
589 			KASSERT(nmp->nm_sockreq.nr_cred != NULL,
590 			    ("newnfs_request: NULL nr_cred"));
591 			crfree(authcred);
592 			authcred = crhold(nmp->nm_sockreq.nr_cred);
593 		}
594 		if (NFSHASINTEGRITY(nmp))
595 			secflavour = RPCSEC_GSS_KRB5I;
596 		else if (NFSHASPRIVACY(nmp))
597 			secflavour = RPCSEC_GSS_KRB5P;
598 		else
599 			secflavour = RPCSEC_GSS_KRB5;
600 		srv_principal = NFSMNT_SRVKRBNAME(nmp);
601 	} else if (nmp != NULL && !NFSHASKERB(nmp) &&
602 	    nd->nd_procnum != NFSPROC_NULL &&
603 	    (nd->nd_flag & ND_USEGSSNAME) != 0) {
604 		/*
605 		 * Use the uid that did the mount when the RPC is doing
606 		 * NFSv4 system operations, as indicated by the
607 		 * ND_USEGSSNAME flag, for the AUTH_SYS case.
608 		 * The credentials in nm_sockreq.nr_cred were used for the
609 		 * mount.
610 		 */
611 		KASSERT(nmp->nm_sockreq.nr_cred != NULL,
612 		    ("newnfs_request: NULL nr_cred"));
613 		crfree(authcred);
614 		authcred = crhold(nmp->nm_sockreq.nr_cred);
615 	}
616 
617 	if (nmp != NULL) {
618 		bzero(&nf, sizeof(struct nfs_feedback_arg));
619 		nf.nf_mount = nmp;
620 		nf.nf_td = td;
621 		nf.nf_lastmsg = NFSD_MONOSEC -
622 		    ((nmp->nm_tprintf_delay)-(nmp->nm_tprintf_initial_delay));
623 	}
624 
625 	if (nd->nd_procnum == NFSPROC_NULL)
626 		auth = authnone_create();
627 	else if (usegssname) {
628 		/*
629 		 * For this case, the authenticator is held in the
630 		 * nfssockreq structure, so don't release the reference count
631 		 * held on it. --> Don't AUTH_DESTROY() it in this function.
632 		 */
633 		if (nrp->nr_auth == NULL)
634 			nrp->nr_auth = nfs_getauth(nrp, secflavour,
635 			    clnt_principal, srv_principal, NULL, authcred);
636 		else
637 			rpc_gss_refresh_auth_call(nrp->nr_auth);
638 		auth = nrp->nr_auth;
639 	} else
640 		auth = nfs_getauth(nrp, secflavour, NULL,
641 		    srv_principal, NULL, authcred);
642 	crfree(authcred);
643 	if (auth == NULL) {
644 		m_freem(nd->nd_mreq);
645 		if (set_sigset)
646 			newnfs_restore_sigmask(td, &oldset);
647 		return (EACCES);
648 	}
649 	bzero(&ext, sizeof(ext));
650 	ext.rc_auth = auth;
651 	if (nmp != NULL) {
652 		ext.rc_feedback = nfs_feedback;
653 		ext.rc_feedback_arg = &nf;
654 	}
655 
656 	procnum = nd->nd_procnum;
657 	if ((nd->nd_flag & ND_NFSV4) &&
658 	    nd->nd_procnum != NFSPROC_NULL &&
659 	    nd->nd_procnum != NFSV4PROC_CBCOMPOUND)
660 		procnum = NFSV4PROC_COMPOUND;
661 
662 	if (nmp != NULL) {
663 		NFSINCRGLOBAL(nfsstatsv1.rpcrequests);
664 
665 		/* Map the procnum to the old NFSv2 one, as required. */
666 		if ((nd->nd_flag & ND_NFSV2) != 0) {
667 			if (nd->nd_procnum < NFS_V3NPROCS)
668 				procnum = nfsv2_procid[nd->nd_procnum];
669 			else
670 				procnum = NFSV2PROC_NOOP;
671 		}
672 
673 		/*
674 		 * Now only used for the R_DONTRECOVER case, but until that is
675 		 * supported within the krpc code, I need to keep a queue of
676 		 * outstanding RPCs for nfsv4 client requests.
677 		 */
678 		if ((nd->nd_flag & ND_NFSV4) && procnum == NFSV4PROC_COMPOUND)
679 			MALLOC(rep, struct nfsreq *, sizeof(struct nfsreq),
680 			    M_NFSDREQ, M_WAITOK);
681 #ifdef KDTRACE_HOOKS
682 		if (dtrace_nfscl_nfs234_start_probe != NULL) {
683 			uint32_t probe_id;
684 			int probe_procnum;
685 
686 			if (nd->nd_flag & ND_NFSV4) {
687 				probe_id =
688 				    nfscl_nfs4_start_probes[nd->nd_procnum];
689 				probe_procnum = nd->nd_procnum;
690 			} else if (nd->nd_flag & ND_NFSV3) {
691 				probe_id = nfscl_nfs3_start_probes[procnum];
692 				probe_procnum = procnum;
693 			} else {
694 				probe_id =
695 				    nfscl_nfs2_start_probes[nd->nd_procnum];
696 				probe_procnum = procnum;
697 			}
698 			if (probe_id != 0)
699 				(dtrace_nfscl_nfs234_start_probe)
700 				    (probe_id, vp, nd->nd_mreq, cred,
701 				     probe_procnum);
702 		}
703 #endif
704 	}
705 	trycnt = 0;
706 	freeslot = -1;		/* Set to slot that needs to be free'd */
707 tryagain:
708 	slot = -1;		/* Slot that needs a sequence# increment. */
709 	/*
710 	 * This timeout specifies when a new socket should be created,
711 	 * along with new xid values. For UDP, this should be done
712 	 * infrequently, since retransmits of RPC requests should normally
713 	 * use the same xid.
714 	 */
715 	if (nmp == NULL) {
716 		timo.tv_usec = 0;
717 		if (clp == NULL)
718 			timo.tv_sec = NFSV4_UPCALLTIMEO;
719 		else
720 			timo.tv_sec = NFSV4_CALLBACKTIMEO;
721 	} else {
722 		if (nrp->nr_sotype != SOCK_DGRAM) {
723 			timo.tv_usec = 0;
724 			if ((nmp->nm_flag & NFSMNT_NFSV4))
725 				timo.tv_sec = INT_MAX;
726 			else
727 				timo.tv_sec = NFS_TCPTIMEO;
728 		} else {
729 			if (NFSHASSOFT(nmp)) {
730 				/*
731 				 * CLSET_RETRIES is set to 2, so this should be
732 				 * half of the total timeout required.
733 				 */
734 				timeo = nmp->nm_retry * nmp->nm_timeo / 2;
735 				if (timeo < 1)
736 					timeo = 1;
737 				timo.tv_sec = timeo / NFS_HZ;
738 				timo.tv_usec = (timeo % NFS_HZ) * 1000000 /
739 				    NFS_HZ;
740 			} else {
741 				/* For UDP hard mounts, use a large value. */
742 				timo.tv_sec = NFS_MAXTIMEO / NFS_HZ;
743 				timo.tv_usec = 0;
744 			}
745 		}
746 
747 		if (rep != NULL) {
748 			rep->r_flags = 0;
749 			rep->r_nmp = nmp;
750 			/*
751 			 * Chain request into list of outstanding requests.
752 			 */
753 			NFSLOCKREQ();
754 			TAILQ_INSERT_TAIL(&nfsd_reqq, rep, r_chain);
755 			NFSUNLOCKREQ();
756 		}
757 	}
758 
759 	nd->nd_mrep = NULL;
760 	if (clp != NULL && sep != NULL)
761 		stat = clnt_bck_call(nrp->nr_client, &ext, procnum,
762 		    nd->nd_mreq, &nd->nd_mrep, timo, sep->nfsess_xprt);
763 	else
764 		stat = CLNT_CALL_MBUF(nrp->nr_client, &ext, procnum,
765 		    nd->nd_mreq, &nd->nd_mrep, timo);
766 
767 	if (rep != NULL) {
768 		/*
769 		 * RPC done, unlink the request.
770 		 */
771 		NFSLOCKREQ();
772 		TAILQ_REMOVE(&nfsd_reqq, rep, r_chain);
773 		NFSUNLOCKREQ();
774 	}
775 
776 	/*
777 	 * If there was a successful reply and a tprintf msg.
778 	 * tprintf a response.
779 	 */
780 	if (stat == RPC_SUCCESS) {
781 		error = 0;
782 	} else if (stat == RPC_TIMEDOUT) {
783 		NFSINCRGLOBAL(nfsstatsv1.rpctimeouts);
784 		error = ETIMEDOUT;
785 	} else if (stat == RPC_VERSMISMATCH) {
786 		NFSINCRGLOBAL(nfsstatsv1.rpcinvalid);
787 		error = EOPNOTSUPP;
788 	} else if (stat == RPC_PROGVERSMISMATCH) {
789 		NFSINCRGLOBAL(nfsstatsv1.rpcinvalid);
790 		error = EPROTONOSUPPORT;
791 	} else if (stat == RPC_INTR) {
792 		error = EINTR;
793 	} else {
794 		NFSINCRGLOBAL(nfsstatsv1.rpcinvalid);
795 		error = EACCES;
796 	}
797 	if (error) {
798 		m_freem(nd->nd_mreq);
799 		if (usegssname == 0)
800 			AUTH_DESTROY(auth);
801 		if (rep != NULL)
802 			FREE((caddr_t)rep, M_NFSDREQ);
803 		if (set_sigset)
804 			newnfs_restore_sigmask(td, &oldset);
805 		return (error);
806 	}
807 
808 	KASSERT(nd->nd_mrep != NULL, ("mrep shouldn't be NULL if no error\n"));
809 
810 	/*
811 	 * Search for any mbufs that are not a multiple of 4 bytes long
812 	 * or with m_data not longword aligned.
813 	 * These could cause pointer alignment problems, so copy them to
814 	 * well aligned mbufs.
815 	 */
816 	newnfs_realign(&nd->nd_mrep, M_WAITOK);
817 	nd->nd_md = nd->nd_mrep;
818 	nd->nd_dpos = NFSMTOD(nd->nd_md, caddr_t);
819 	nd->nd_repstat = 0;
820 	if (nd->nd_procnum != NFSPROC_NULL &&
821 	    nd->nd_procnum != NFSV4PROC_CBNULL) {
822 		/* If sep == NULL, set it to the default in nmp. */
823 		if (sep == NULL && nmp != NULL)
824 			sep = nfsmnt_mdssession(nmp);
825 		/*
826 		 * and now the actual NFS xdr.
827 		 */
828 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
829 		nd->nd_repstat = fxdr_unsigned(u_int32_t, *tl);
830 		if (nd->nd_repstat >= 10000)
831 			NFSCL_DEBUG(1, "proc=%d reps=%d\n", (int)nd->nd_procnum,
832 			    (int)nd->nd_repstat);
833 
834 		/*
835 		 * Get rid of the tag, return count and SEQUENCE result for
836 		 * NFSv4.
837 		 */
838 		if ((nd->nd_flag & ND_NFSV4) != 0) {
839 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
840 			i = fxdr_unsigned(int, *tl);
841 			error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
842 			if (error)
843 				goto nfsmout;
844 			NFSM_DISSECT(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
845 			opcnt = fxdr_unsigned(int, *tl++);
846 			i = fxdr_unsigned(int, *tl++);
847 			j = fxdr_unsigned(int, *tl);
848 			if (j >= 10000)
849 				NFSCL_DEBUG(1, "fop=%d fst=%d\n", i, j);
850 			/*
851 			 * If the first op is Sequence, free up the slot.
852 			 */
853 			if ((nmp != NULL && i == NFSV4OP_SEQUENCE && j != 0) ||
854 			    (clp != NULL && i == NFSV4OP_CBSEQUENCE && j != 0))
855 				NFSCL_DEBUG(1, "failed seq=%d\n", j);
856 			if ((nmp != NULL && i == NFSV4OP_SEQUENCE && j == 0) ||
857 			    (clp != NULL && i == NFSV4OP_CBSEQUENCE && j == 0)
858 			    ) {
859 				if (i == NFSV4OP_SEQUENCE)
860 					NFSM_DISSECT(tl, uint32_t *,
861 					    NFSX_V4SESSIONID +
862 					    5 * NFSX_UNSIGNED);
863 				else
864 					NFSM_DISSECT(tl, uint32_t *,
865 					    NFSX_V4SESSIONID +
866 					    4 * NFSX_UNSIGNED);
867 				mtx_lock(&sep->nfsess_mtx);
868 				if (bcmp(tl, sep->nfsess_sessionid,
869 				    NFSX_V4SESSIONID) == 0) {
870 					tl += NFSX_V4SESSIONID / NFSX_UNSIGNED;
871 					retseq = fxdr_unsigned(uint32_t, *tl++);
872 					slot = fxdr_unsigned(int, *tl++);
873 					freeslot = slot;
874 					if (retseq != sep->nfsess_slotseq[slot])
875 						printf("retseq diff 0x%x\n",
876 						    retseq);
877 					retval = fxdr_unsigned(uint32_t, *++tl);
878 					if ((retval + 1) < sep->nfsess_foreslots
879 					    )
880 						sep->nfsess_foreslots = (retval
881 						    + 1);
882 					else if ((retval + 1) >
883 					    sep->nfsess_foreslots)
884 						sep->nfsess_foreslots = (retval
885 						    < 64) ? (retval + 1) : 64;
886 				}
887 				mtx_unlock(&sep->nfsess_mtx);
888 
889 				/* Grab the op and status for the next one. */
890 				if (opcnt > 1) {
891 					NFSM_DISSECT(tl, uint32_t *,
892 					    2 * NFSX_UNSIGNED);
893 					i = fxdr_unsigned(int, *tl++);
894 					j = fxdr_unsigned(int, *tl);
895 				}
896 			}
897 		}
898 		if (nd->nd_repstat != 0) {
899 			if (nd->nd_repstat == NFSERR_BADSESSION &&
900 			    nmp != NULL && dssep == NULL) {
901 				/*
902 				 * If this is a client side MDS RPC, mark
903 				 * the MDS session defunct and initiate
904 				 * recovery, as required.
905 				 * The nfsess_defunct field is protected by
906 				 * the NFSLOCKMNT()/nm_mtx lock and not the
907 				 * nfsess_mtx lock to simplify its handling,
908 				 * for the MDS session. This lock is also
909 				 * sufficient for nfsess_sessionid, since it
910 				 * never changes in the structure.
911 				 */
912 				NFSCL_DEBUG(1, "Got badsession\n");
913 				NFSLOCKCLSTATE();
914 				NFSLOCKMNT(nmp);
915 				sep = NFSMNT_MDSSESSION(nmp);
916 				if (bcmp(sep->nfsess_sessionid, nd->nd_sequence,
917 				    NFSX_V4SESSIONID) == 0) {
918 					/* Initiate recovery. */
919 					sep->nfsess_defunct = 1;
920 					NFSCL_DEBUG(1, "Marked defunct\n");
921 					if (nmp->nm_clp != NULL) {
922 						nmp->nm_clp->nfsc_flags |=
923 						    NFSCLFLAGS_RECOVER;
924 						wakeup(nmp->nm_clp);
925 					}
926 				}
927 				NFSUNLOCKCLSTATE();
928 				/*
929 				 * Sleep for up to 1sec waiting for a new
930 				 * session.
931 				 */
932 				mtx_sleep(&nmp->nm_sess, &nmp->nm_mtx, PZERO,
933 				    "nfsbadsess", hz);
934 				/*
935 				 * Get the session again, in case a new one
936 				 * has been created during the sleep.
937 				 */
938 				sep = NFSMNT_MDSSESSION(nmp);
939 				NFSUNLOCKMNT(nmp);
940 				if ((nd->nd_flag & ND_LOOPBADSESS) != 0) {
941 					reterr = nfsv4_sequencelookup(nmp, sep,
942 					    &slotpos, &maxslot, &slotseq,
943 					    sessionid);
944 					if (reterr == 0) {
945 						/* Fill in new session info. */
946 						NFSCL_DEBUG(1,
947 						  "Filling in new sequence\n");
948 						tl = nd->nd_sequence;
949 						bcopy(sessionid, tl,
950 						    NFSX_V4SESSIONID);
951 						tl += NFSX_V4SESSIONID /
952 						    NFSX_UNSIGNED;
953 						*tl++ = txdr_unsigned(slotseq);
954 						*tl++ = txdr_unsigned(slotpos);
955 						*tl = txdr_unsigned(maxslot);
956 					}
957 					if (reterr == NFSERR_BADSESSION ||
958 					    reterr == 0) {
959 						NFSCL_DEBUG(1,
960 						    "Badsession looping\n");
961 						m_freem(nd->nd_mrep);
962 						nd->nd_mrep = NULL;
963 						goto tryagain;
964 					}
965 					nd->nd_repstat = reterr;
966 					NFSCL_DEBUG(1, "Got err=%d\n", reterr);
967 				}
968 			}
969 			if (((nd->nd_repstat == NFSERR_DELAY ||
970 			      nd->nd_repstat == NFSERR_GRACE) &&
971 			     (nd->nd_flag & ND_NFSV4) &&
972 			     nd->nd_procnum != NFSPROC_DELEGRETURN &&
973 			     nd->nd_procnum != NFSPROC_SETATTR &&
974 			     nd->nd_procnum != NFSPROC_READ &&
975 			     nd->nd_procnum != NFSPROC_READDS &&
976 			     nd->nd_procnum != NFSPROC_WRITE &&
977 			     nd->nd_procnum != NFSPROC_WRITEDS &&
978 			     nd->nd_procnum != NFSPROC_OPEN &&
979 			     nd->nd_procnum != NFSPROC_CREATE &&
980 			     nd->nd_procnum != NFSPROC_OPENCONFIRM &&
981 			     nd->nd_procnum != NFSPROC_OPENDOWNGRADE &&
982 			     nd->nd_procnum != NFSPROC_CLOSE &&
983 			     nd->nd_procnum != NFSPROC_LOCK &&
984 			     nd->nd_procnum != NFSPROC_LOCKU) ||
985 			    (nd->nd_repstat == NFSERR_DELAY &&
986 			     (nd->nd_flag & ND_NFSV4) == 0) ||
987 			    nd->nd_repstat == NFSERR_RESOURCE) {
988 				if (trylater_delay > NFS_TRYLATERDEL)
989 					trylater_delay = NFS_TRYLATERDEL;
990 				waituntil = NFSD_MONOSEC + trylater_delay;
991 				while (NFSD_MONOSEC < waituntil)
992 					(void) nfs_catnap(PZERO, 0, "nfstry");
993 				trylater_delay *= 2;
994 				if (slot != -1) {
995 					mtx_lock(&sep->nfsess_mtx);
996 					sep->nfsess_slotseq[slot]++;
997 					*nd->nd_slotseq = txdr_unsigned(
998 					    sep->nfsess_slotseq[slot]);
999 					mtx_unlock(&sep->nfsess_mtx);
1000 				}
1001 				m_freem(nd->nd_mrep);
1002 				nd->nd_mrep = NULL;
1003 				goto tryagain;
1004 			}
1005 
1006 			/*
1007 			 * If the File Handle was stale, invalidate the
1008 			 * lookup cache, just in case.
1009 			 * (vp != NULL implies a client side call)
1010 			 */
1011 			if (nd->nd_repstat == ESTALE && vp != NULL) {
1012 				cache_purge(vp);
1013 				if (ncl_call_invalcaches != NULL)
1014 					(*ncl_call_invalcaches)(vp);
1015 			}
1016 		}
1017 		if ((nd->nd_flag & ND_NFSV4) != 0) {
1018 			/* Free the slot, as required. */
1019 			if (freeslot != -1)
1020 				nfsv4_freeslot(sep, freeslot);
1021 			/*
1022 			 * If this op is Putfh, throw its results away.
1023 			 */
1024 			if (j >= 10000)
1025 				NFSCL_DEBUG(1, "nop=%d nst=%d\n", i, j);
1026 			if (nmp != NULL && i == NFSV4OP_PUTFH && j == 0) {
1027 				NFSM_DISSECT(tl,u_int32_t *,2 * NFSX_UNSIGNED);
1028 				i = fxdr_unsigned(int, *tl++);
1029 				j = fxdr_unsigned(int, *tl);
1030 				if (j >= 10000)
1031 					NFSCL_DEBUG(1, "n2op=%d n2st=%d\n", i,
1032 					    j);
1033 				/*
1034 				 * All Compounds that do an Op that must
1035 				 * be in sequence consist of NFSV4OP_PUTFH
1036 				 * followed by one of these. As such, we
1037 				 * can determine if the seqid# should be
1038 				 * incremented, here.
1039 				 */
1040 				if ((i == NFSV4OP_OPEN ||
1041 				     i == NFSV4OP_OPENCONFIRM ||
1042 				     i == NFSV4OP_OPENDOWNGRADE ||
1043 				     i == NFSV4OP_CLOSE ||
1044 				     i == NFSV4OP_LOCK ||
1045 				     i == NFSV4OP_LOCKU) &&
1046 				    (j == 0 ||
1047 				     (j != NFSERR_STALECLIENTID &&
1048 				      j != NFSERR_STALESTATEID &&
1049 				      j != NFSERR_BADSTATEID &&
1050 				      j != NFSERR_BADSEQID &&
1051 				      j != NFSERR_BADXDR &&
1052 				      j != NFSERR_RESOURCE &&
1053 				      j != NFSERR_NOFILEHANDLE)))
1054 					nd->nd_flag |= ND_INCRSEQID;
1055 			}
1056 			/*
1057 			 * If this op's status is non-zero, mark
1058 			 * that there is no more data to process.
1059 			 * The exception is Setattr, which always has xdr
1060 			 * when it has failed.
1061 			 */
1062 			if (j != 0 && i != NFSV4OP_SETATTR)
1063 				nd->nd_flag |= ND_NOMOREDATA;
1064 
1065 			/*
1066 			 * If R_DONTRECOVER is set, replace the stale error
1067 			 * reply, so that recovery isn't initiated.
1068 			 */
1069 			if ((nd->nd_repstat == NFSERR_STALECLIENTID ||
1070 			     nd->nd_repstat == NFSERR_BADSESSION ||
1071 			     nd->nd_repstat == NFSERR_STALESTATEID) &&
1072 			    rep != NULL && (rep->r_flags & R_DONTRECOVER))
1073 				nd->nd_repstat = NFSERR_STALEDONTRECOVER;
1074 		}
1075 	}
1076 
1077 #ifdef KDTRACE_HOOKS
1078 	if (nmp != NULL && dtrace_nfscl_nfs234_done_probe != NULL) {
1079 		uint32_t probe_id;
1080 		int probe_procnum;
1081 
1082 		if (nd->nd_flag & ND_NFSV4) {
1083 			probe_id = nfscl_nfs4_done_probes[nd->nd_procnum];
1084 			probe_procnum = nd->nd_procnum;
1085 		} else if (nd->nd_flag & ND_NFSV3) {
1086 			probe_id = nfscl_nfs3_done_probes[procnum];
1087 			probe_procnum = procnum;
1088 		} else {
1089 			probe_id = nfscl_nfs2_done_probes[nd->nd_procnum];
1090 			probe_procnum = procnum;
1091 		}
1092 		if (probe_id != 0)
1093 			(dtrace_nfscl_nfs234_done_probe)(probe_id, vp,
1094 			    nd->nd_mreq, cred, probe_procnum, 0);
1095 	}
1096 #endif
1097 
1098 	m_freem(nd->nd_mreq);
1099 	if (usegssname == 0)
1100 		AUTH_DESTROY(auth);
1101 	if (rep != NULL)
1102 		FREE((caddr_t)rep, M_NFSDREQ);
1103 	if (set_sigset)
1104 		newnfs_restore_sigmask(td, &oldset);
1105 	return (0);
1106 nfsmout:
1107 	mbuf_freem(nd->nd_mrep);
1108 	mbuf_freem(nd->nd_mreq);
1109 	if (usegssname == 0)
1110 		AUTH_DESTROY(auth);
1111 	if (rep != NULL)
1112 		FREE((caddr_t)rep, M_NFSDREQ);
1113 	if (set_sigset)
1114 		newnfs_restore_sigmask(td, &oldset);
1115 	return (error);
1116 }
1117 
1118 /*
1119  * Mark all of an nfs mount's outstanding requests with R_SOFTTERM and
1120  * wait for all requests to complete. This is used by forced unmounts
1121  * to terminate any outstanding RPCs.
1122  */
1123 int
1124 newnfs_nmcancelreqs(struct nfsmount *nmp)
1125 {
1126 	struct nfsclds *dsp;
1127 	struct __rpc_client *cl;
1128 
1129 	if (nmp->nm_sockreq.nr_client != NULL)
1130 		CLNT_CLOSE(nmp->nm_sockreq.nr_client);
1131 lookformore:
1132 	NFSLOCKMNT(nmp);
1133 	TAILQ_FOREACH(dsp, &nmp->nm_sess, nfsclds_list) {
1134 		NFSLOCKDS(dsp);
1135 		if (dsp != TAILQ_FIRST(&nmp->nm_sess) &&
1136 		    (dsp->nfsclds_flags & NFSCLDS_CLOSED) == 0 &&
1137 		    dsp->nfsclds_sockp != NULL &&
1138 		    dsp->nfsclds_sockp->nr_client != NULL) {
1139 			dsp->nfsclds_flags |= NFSCLDS_CLOSED;
1140 			cl = dsp->nfsclds_sockp->nr_client;
1141 			NFSUNLOCKDS(dsp);
1142 			NFSUNLOCKMNT(nmp);
1143 			CLNT_CLOSE(cl);
1144 			goto lookformore;
1145 		}
1146 		NFSUNLOCKDS(dsp);
1147 	}
1148 	NFSUNLOCKMNT(nmp);
1149 	return (0);
1150 }
1151 
1152 /*
1153  * Any signal that can interrupt an NFS operation in an intr mount
1154  * should be added to this set. SIGSTOP and SIGKILL cannot be masked.
1155  */
1156 int newnfs_sig_set[] = {
1157 	SIGINT,
1158 	SIGTERM,
1159 	SIGHUP,
1160 	SIGKILL,
1161 	SIGQUIT
1162 };
1163 
1164 /*
1165  * Check to see if one of the signals in our subset is pending on
1166  * the process (in an intr mount).
1167  */
1168 static int
1169 nfs_sig_pending(sigset_t set)
1170 {
1171 	int i;
1172 
1173 	for (i = 0 ; i < nitems(newnfs_sig_set); i++)
1174 		if (SIGISMEMBER(set, newnfs_sig_set[i]))
1175 			return (1);
1176 	return (0);
1177 }
1178 
1179 /*
1180  * The set/restore sigmask functions are used to (temporarily) overwrite
1181  * the thread td_sigmask during an RPC call (for example). These are also
1182  * used in other places in the NFS client that might tsleep().
1183  */
1184 void
1185 newnfs_set_sigmask(struct thread *td, sigset_t *oldset)
1186 {
1187 	sigset_t newset;
1188 	int i;
1189 	struct proc *p;
1190 
1191 	SIGFILLSET(newset);
1192 	if (td == NULL)
1193 		td = curthread; /* XXX */
1194 	p = td->td_proc;
1195 	/* Remove the NFS set of signals from newset */
1196 	PROC_LOCK(p);
1197 	mtx_lock(&p->p_sigacts->ps_mtx);
1198 	for (i = 0 ; i < nitems(newnfs_sig_set); i++) {
1199 		/*
1200 		 * But make sure we leave the ones already masked
1201 		 * by the process, ie. remove the signal from the
1202 		 * temporary signalmask only if it wasn't already
1203 		 * in p_sigmask.
1204 		 */
1205 		if (!SIGISMEMBER(td->td_sigmask, newnfs_sig_set[i]) &&
1206 		    !SIGISMEMBER(p->p_sigacts->ps_sigignore, newnfs_sig_set[i]))
1207 			SIGDELSET(newset, newnfs_sig_set[i]);
1208 	}
1209 	mtx_unlock(&p->p_sigacts->ps_mtx);
1210 	kern_sigprocmask(td, SIG_SETMASK, &newset, oldset,
1211 	    SIGPROCMASK_PROC_LOCKED);
1212 	PROC_UNLOCK(p);
1213 }
1214 
1215 void
1216 newnfs_restore_sigmask(struct thread *td, sigset_t *set)
1217 {
1218 	if (td == NULL)
1219 		td = curthread; /* XXX */
1220 	kern_sigprocmask(td, SIG_SETMASK, set, NULL, 0);
1221 }
1222 
1223 /*
1224  * NFS wrapper to msleep(), that shoves a new p_sigmask and restores the
1225  * old one after msleep() returns.
1226  */
1227 int
1228 newnfs_msleep(struct thread *td, void *ident, struct mtx *mtx, int priority, char *wmesg, int timo)
1229 {
1230 	sigset_t oldset;
1231 	int error;
1232 	struct proc *p;
1233 
1234 	if ((priority & PCATCH) == 0)
1235 		return msleep(ident, mtx, priority, wmesg, timo);
1236 	if (td == NULL)
1237 		td = curthread; /* XXX */
1238 	newnfs_set_sigmask(td, &oldset);
1239 	error = msleep(ident, mtx, priority, wmesg, timo);
1240 	newnfs_restore_sigmask(td, &oldset);
1241 	p = td->td_proc;
1242 	return (error);
1243 }
1244 
1245 /*
1246  * Test for a termination condition pending on the process.
1247  * This is used for NFSMNT_INT mounts.
1248  */
1249 int
1250 newnfs_sigintr(struct nfsmount *nmp, struct thread *td)
1251 {
1252 	struct proc *p;
1253 	sigset_t tmpset;
1254 
1255 	/* Terminate all requests while attempting a forced unmount. */
1256 	if (NFSCL_FORCEDISM(nmp->nm_mountp))
1257 		return (EIO);
1258 	if (!(nmp->nm_flag & NFSMNT_INT))
1259 		return (0);
1260 	if (td == NULL)
1261 		return (0);
1262 	p = td->td_proc;
1263 	PROC_LOCK(p);
1264 	tmpset = p->p_siglist;
1265 	SIGSETOR(tmpset, td->td_siglist);
1266 	SIGSETNAND(tmpset, td->td_sigmask);
1267 	mtx_lock(&p->p_sigacts->ps_mtx);
1268 	SIGSETNAND(tmpset, p->p_sigacts->ps_sigignore);
1269 	mtx_unlock(&p->p_sigacts->ps_mtx);
1270 	if ((SIGNOTEMPTY(p->p_siglist) || SIGNOTEMPTY(td->td_siglist))
1271 	    && nfs_sig_pending(tmpset)) {
1272 		PROC_UNLOCK(p);
1273 		return (EINTR);
1274 	}
1275 	PROC_UNLOCK(p);
1276 	return (0);
1277 }
1278 
1279 static int
1280 nfs_msg(struct thread *td, const char *server, const char *msg, int error)
1281 {
1282 	struct proc *p;
1283 
1284 	p = td ? td->td_proc : NULL;
1285 	if (error) {
1286 		tprintf(p, LOG_INFO, "nfs server %s: %s, error %d\n",
1287 		    server, msg, error);
1288 	} else {
1289 		tprintf(p, LOG_INFO, "nfs server %s: %s\n", server, msg);
1290 	}
1291 	return (0);
1292 }
1293 
1294 static void
1295 nfs_down(struct nfsmount *nmp, struct thread *td, const char *msg,
1296     int error, int flags)
1297 {
1298 	if (nmp == NULL)
1299 		return;
1300 	mtx_lock(&nmp->nm_mtx);
1301 	if ((flags & NFSSTA_TIMEO) && !(nmp->nm_state & NFSSTA_TIMEO)) {
1302 		nmp->nm_state |= NFSSTA_TIMEO;
1303 		mtx_unlock(&nmp->nm_mtx);
1304 		vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid,
1305 		    VQ_NOTRESP, 0);
1306 	} else
1307 		mtx_unlock(&nmp->nm_mtx);
1308 	mtx_lock(&nmp->nm_mtx);
1309 	if ((flags & NFSSTA_LOCKTIMEO) && !(nmp->nm_state & NFSSTA_LOCKTIMEO)) {
1310 		nmp->nm_state |= NFSSTA_LOCKTIMEO;
1311 		mtx_unlock(&nmp->nm_mtx);
1312 		vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid,
1313 		    VQ_NOTRESPLOCK, 0);
1314 	} else
1315 		mtx_unlock(&nmp->nm_mtx);
1316 	nfs_msg(td, nmp->nm_mountp->mnt_stat.f_mntfromname, msg, error);
1317 }
1318 
1319 static void
1320 nfs_up(struct nfsmount *nmp, struct thread *td, const char *msg,
1321     int flags, int tprintfmsg)
1322 {
1323 	if (nmp == NULL)
1324 		return;
1325 	if (tprintfmsg) {
1326 		nfs_msg(td, nmp->nm_mountp->mnt_stat.f_mntfromname, msg, 0);
1327 	}
1328 
1329 	mtx_lock(&nmp->nm_mtx);
1330 	if ((flags & NFSSTA_TIMEO) && (nmp->nm_state & NFSSTA_TIMEO)) {
1331 		nmp->nm_state &= ~NFSSTA_TIMEO;
1332 		mtx_unlock(&nmp->nm_mtx);
1333 		vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid,
1334 		    VQ_NOTRESP, 1);
1335 	} else
1336 		mtx_unlock(&nmp->nm_mtx);
1337 
1338 	mtx_lock(&nmp->nm_mtx);
1339 	if ((flags & NFSSTA_LOCKTIMEO) && (nmp->nm_state & NFSSTA_LOCKTIMEO)) {
1340 		nmp->nm_state &= ~NFSSTA_LOCKTIMEO;
1341 		mtx_unlock(&nmp->nm_mtx);
1342 		vfs_event_signal(&nmp->nm_mountp->mnt_stat.f_fsid,
1343 		    VQ_NOTRESPLOCK, 1);
1344 	} else
1345 		mtx_unlock(&nmp->nm_mtx);
1346 }
1347 
1348