xref: /freebsd/usr.sbin/nfsd/nfsd.c (revision 526e1dc1c0d052b9d2a6cd6da7a16eb09c971c54)
1 /*
2  * Copyright (c) 1989, 1993, 1994
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * This code is derived from software contributed to Berkeley by
6  * Rick Macklem at The University of Guelph.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 4. Neither the name of the University nor the names of its contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  */
32 
33 #ifndef lint
34 static const char copyright[] =
35 "@(#) Copyright (c) 1989, 1993, 1994\n\
36 	The Regents of the University of California.  All rights reserved.\n";
37 #endif /* not lint */
38 
39 #ifndef lint
40 #if 0
41 static char sccsid[] = "@(#)nfsd.c	8.9 (Berkeley) 3/29/95";
42 #endif
43 static const char rcsid[] =
44   "$FreeBSD$";
45 #endif /* not lint */
46 
47 #include <sys/param.h>
48 #include <sys/syslog.h>
49 #include <sys/wait.h>
50 #include <sys/mount.h>
51 #include <sys/fcntl.h>
52 #include <sys/linker.h>
53 #include <sys/module.h>
54 #include <sys/types.h>
55 #include <sys/stat.h>
56 #include <sys/sysctl.h>
57 #include <sys/ucred.h>
58 
59 #include <rpc/rpc.h>
60 #include <rpc/pmap_clnt.h>
61 #include <rpcsvc/nfs_prot.h>
62 
63 #include <netdb.h>
64 #include <arpa/inet.h>
65 #include <nfsserver/nfs.h>
66 #include <nfs/nfssvc.h>
67 
68 #include <err.h>
69 #include <errno.h>
70 #include <signal.h>
71 #include <stdio.h>
72 #include <stdlib.h>
73 #include <string.h>
74 #include <unistd.h>
75 #include <sysexits.h>
76 
77 #include <getopt.h>
78 
79 static int	debug = 0;
80 
81 #define	NFSD_STABLERESTART	"/var/db/nfs-stablerestart"
82 #define	NFSD_STABLEBACKUP	"/var/db/nfs-stablerestart.bak"
83 #define	MAXNFSDCNT	256
84 #define	DEFNFSDCNT	 4
85 static pid_t children[MAXNFSDCNT]; /* PIDs of children */
86 static int nfsdcnt;		/* number of children */
87 static int nfsdcnt_set;
88 static int minthreads;
89 static int maxthreads;
90 static int new_syscall;
91 static int run_v4server = 1;	/* Force running of nfsv4 server */
92 static int nfssvc_nfsd;		/* Set to correct NFSSVC_xxx flag */
93 static int stablefd = -1;	/* Fd for the stable restart file */
94 static int backupfd;		/* Fd for the backup stable restart file */
95 static const char *getopt_shortopts;
96 static const char *getopt_usage;
97 
98 static int minthreads_set;
99 static int maxthreads_set;
100 
101 static struct option longopts[] = {
102 	{ "debug", no_argument, &debug, 1 },
103 	{ "minthreads", required_argument, &minthreads_set, 1 },
104 	{ "maxthreads", required_argument, &maxthreads_set, 1 },
105 	{ NULL, 0, NULL, 0}
106 };
107 
108 void	cleanup(int);
109 void	child_cleanup(int);
110 void	killchildren(void);
111 void	nfsd_exit(int);
112 void	nonfs(int);
113 void	reapchild(int);
114 int	setbindhost(struct addrinfo **ia, const char *bindhost,
115 	    struct addrinfo hints);
116 void	start_server(int);
117 void	unregistration(void);
118 void	usage(void);
119 void	open_stable(int *, int *);
120 void	copy_stable(int, int);
121 void	backup_stable(int);
122 
123 /*
124  * Nfs server daemon mostly just a user context for nfssvc()
125  *
126  * 1 - do file descriptor and signal cleanup
127  * 2 - fork the nfsd(s)
128  * 3 - create server socket(s)
129  * 4 - register socket with rpcbind
130  *
131  * For connectionless protocols, just pass the socket into the kernel via.
132  * nfssvc().
133  * For connection based sockets, loop doing accepts. When you get a new
134  * socket from accept, pass the msgsock into the kernel via. nfssvc().
135  * The arguments are:
136  *	-r - reregister with rpcbind
137  *	-d - unregister with rpcbind
138  *	-t - support tcp nfs clients
139  *	-u - support udp nfs clients
140  *	-e - forces it to run a server that supports nfsv4
141  * followed by "n" which is the number of nfsds' to fork off
142  */
143 int
144 main(int argc, char **argv)
145 {
146 	struct nfsd_addsock_args addsockargs;
147 	struct addrinfo *ai_udp, *ai_tcp, *ai_udp6, *ai_tcp6, hints;
148 	struct netconfig *nconf_udp, *nconf_tcp, *nconf_udp6, *nconf_tcp6;
149 	struct netbuf nb_udp, nb_tcp, nb_udp6, nb_tcp6;
150 	struct sockaddr_in inetpeer;
151 	struct sockaddr_in6 inet6peer;
152 	fd_set ready, sockbits;
153 	fd_set v4bits, v6bits;
154 	int ch, connect_type_cnt, i, maxsock, msgsock;
155 	socklen_t len;
156 	int on = 1, unregister, reregister, sock;
157 	int tcp6sock, ip6flag, tcpflag, tcpsock;
158 	int udpflag, ecode, error, s, srvcnt;
159 	int bindhostc, bindanyflag, rpcbreg, rpcbregcnt;
160 	int nfssvc_addsock;
161 	int longindex = 0;
162 	const char *lopt;
163 	char **bindhost = NULL;
164 	pid_t pid;
165 
166 	nfsdcnt = DEFNFSDCNT;
167 	unregister = reregister = tcpflag = maxsock = 0;
168 	bindanyflag = udpflag = connect_type_cnt = bindhostc = 0;
169 	getopt_shortopts = "ah:n:rdtueo";
170 	getopt_usage =
171 	    "usage:\n"
172 	    "  nfsd [-ardtueo] [-h bindip]\n"
173 	    "       [-n numservers] [--minthreads #] [--maxthreads #]\n";
174 	while ((ch = getopt_long(argc, argv, getopt_shortopts, longopts,
175 		    &longindex)) != -1)
176 		switch (ch) {
177 		case 'a':
178 			bindanyflag = 1;
179 			break;
180 		case 'n':
181 			nfsdcnt_set = 1;
182 			nfsdcnt = atoi(optarg);
183 			break;
184 		case 'h':
185 			bindhostc++;
186 			bindhost = realloc(bindhost,sizeof(char *)*bindhostc);
187 			if (bindhost == NULL)
188 				errx(1, "Out of memory");
189 			bindhost[bindhostc-1] = strdup(optarg);
190 			if (bindhost[bindhostc-1] == NULL)
191 				errx(1, "Out of memory");
192 			break;
193 		case 'r':
194 			reregister = 1;
195 			break;
196 		case 'd':
197 			unregister = 1;
198 			break;
199 		case 't':
200 			tcpflag = 1;
201 			break;
202 		case 'u':
203 			udpflag = 1;
204 			break;
205 		case 'e':
206 			/* now a no-op, since this is the default */
207 			break;
208 		case 'o':
209 			run_v4server = 0;
210 			break;
211 		case 0:
212 			lopt = longopts[longindex].name;
213 			if (!strcmp(lopt, "minthreads")) {
214 				minthreads = atoi(optarg);
215 			} else if (!strcmp(lopt, "maxthreads")) {
216 				maxthreads = atoi(optarg);
217 			}
218 			break;
219 		default:
220 		case '?':
221 			usage();
222 		};
223 	if (!tcpflag && !udpflag)
224 		udpflag = 1;
225 	argv += optind;
226 	argc -= optind;
227 	if (minthreads_set && maxthreads_set && minthreads > maxthreads)
228 		errx(EX_USAGE,
229 		    "error: minthreads(%d) can't be greater than "
230 		    "maxthreads(%d)", minthreads, maxthreads);
231 
232 	/*
233 	 * XXX
234 	 * Backward compatibility, trailing number is the count of daemons.
235 	 */
236 	if (argc > 1)
237 		usage();
238 	if (argc == 1) {
239 		nfsdcnt_set = 1;
240 		nfsdcnt = atoi(argv[0]);
241 		if (nfsdcnt < 1 || nfsdcnt > MAXNFSDCNT) {
242 			warnx("nfsd count %d; reset to %d", nfsdcnt,
243 			    DEFNFSDCNT);
244 			nfsdcnt = DEFNFSDCNT;
245 		}
246 	}
247 
248 	/*
249 	 * Unless the "-o" option was specified, try and run "nfsd".
250 	 * If "-o" was specified, try and run "nfsserver".
251 	 */
252 	if (run_v4server > 0) {
253 		if (modfind("nfsd") < 0) {
254 			/* Not present in kernel, try loading it */
255 			if (kldload("nfsd") < 0 || modfind("nfsd") < 0)
256 				errx(1, "NFS server is not available");
257 		}
258 	} else if (modfind("nfsserver") < 0) {
259 		/* Not present in kernel, try loading it */
260 		if (kldload("nfsserver") < 0 || modfind("nfsserver") < 0)
261 			errx(1, "NFS server is not available");
262 	}
263 
264 	ip6flag = 1;
265 	s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
266 	if (s == -1) {
267 		if (errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
268 			err(1, "socket");
269 		ip6flag = 0;
270 	} else if (getnetconfigent("udp6") == NULL ||
271 		getnetconfigent("tcp6") == NULL) {
272 		ip6flag = 0;
273 	}
274 	if (s != -1)
275 		close(s);
276 
277 	if (bindhostc == 0 || bindanyflag) {
278 		bindhostc++;
279 		bindhost = realloc(bindhost,sizeof(char *)*bindhostc);
280 		if (bindhost == NULL)
281 			errx(1, "Out of memory");
282 		bindhost[bindhostc-1] = strdup("*");
283 		if (bindhost[bindhostc-1] == NULL)
284 			errx(1, "Out of memory");
285 	}
286 
287 	if (unregister) {
288 		unregistration();
289 		exit (0);
290 	}
291 	if (reregister) {
292 		if (udpflag) {
293 			memset(&hints, 0, sizeof hints);
294 			hints.ai_flags = AI_PASSIVE;
295 			hints.ai_family = AF_INET;
296 			hints.ai_socktype = SOCK_DGRAM;
297 			hints.ai_protocol = IPPROTO_UDP;
298 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp);
299 			if (ecode != 0)
300 				err(1, "getaddrinfo udp: %s", gai_strerror(ecode));
301 			nconf_udp = getnetconfigent("udp");
302 			if (nconf_udp == NULL)
303 				err(1, "getnetconfigent udp failed");
304 			nb_udp.buf = ai_udp->ai_addr;
305 			nb_udp.len = nb_udp.maxlen = ai_udp->ai_addrlen;
306 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_udp, &nb_udp)) ||
307 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_udp, &nb_udp)))
308 				err(1, "rpcb_set udp failed");
309 			freeaddrinfo(ai_udp);
310 		}
311 		if (udpflag && ip6flag) {
312 			memset(&hints, 0, sizeof hints);
313 			hints.ai_flags = AI_PASSIVE;
314 			hints.ai_family = AF_INET6;
315 			hints.ai_socktype = SOCK_DGRAM;
316 			hints.ai_protocol = IPPROTO_UDP;
317 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp6);
318 			if (ecode != 0)
319 				err(1, "getaddrinfo udp6: %s", gai_strerror(ecode));
320 			nconf_udp6 = getnetconfigent("udp6");
321 			if (nconf_udp6 == NULL)
322 				err(1, "getnetconfigent udp6 failed");
323 			nb_udp6.buf = ai_udp6->ai_addr;
324 			nb_udp6.len = nb_udp6.maxlen = ai_udp6->ai_addrlen;
325 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_udp6, &nb_udp6)) ||
326 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_udp6, &nb_udp6)))
327 				err(1, "rpcb_set udp6 failed");
328 			freeaddrinfo(ai_udp6);
329 		}
330 		if (tcpflag) {
331 			memset(&hints, 0, sizeof hints);
332 			hints.ai_flags = AI_PASSIVE;
333 			hints.ai_family = AF_INET;
334 			hints.ai_socktype = SOCK_STREAM;
335 			hints.ai_protocol = IPPROTO_TCP;
336 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_tcp);
337 			if (ecode != 0)
338 				err(1, "getaddrinfo tcp: %s", gai_strerror(ecode));
339 			nconf_tcp = getnetconfigent("tcp");
340 			if (nconf_tcp == NULL)
341 				err(1, "getnetconfigent tcp failed");
342 			nb_tcp.buf = ai_tcp->ai_addr;
343 			nb_tcp.len = nb_tcp.maxlen = ai_tcp->ai_addrlen;
344 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_tcp, &nb_tcp)) ||
345 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp, &nb_tcp)))
346 				err(1, "rpcb_set tcp failed");
347 			freeaddrinfo(ai_tcp);
348 		}
349 		if (tcpflag && ip6flag) {
350 			memset(&hints, 0, sizeof hints);
351 			hints.ai_flags = AI_PASSIVE;
352 			hints.ai_family = AF_INET6;
353 			hints.ai_socktype = SOCK_STREAM;
354 			hints.ai_protocol = IPPROTO_TCP;
355 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_tcp6);
356 			if (ecode != 0)
357 				err(1, "getaddrinfo tcp6: %s", gai_strerror(ecode));
358 			nconf_tcp6 = getnetconfigent("tcp6");
359 			if (nconf_tcp6 == NULL)
360 				err(1, "getnetconfigent tcp6 failed");
361 			nb_tcp6.buf = ai_tcp6->ai_addr;
362 			nb_tcp6.len = nb_tcp6.maxlen = ai_tcp6->ai_addrlen;
363 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_tcp6, &nb_tcp6)) ||
364 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp6, &nb_tcp6)))
365 				err(1, "rpcb_set tcp6 failed");
366 			freeaddrinfo(ai_tcp6);
367 		}
368 		exit (0);
369 	}
370 	if (debug == 0) {
371 		daemon(0, 0);
372 		(void)signal(SIGHUP, SIG_IGN);
373 		(void)signal(SIGINT, SIG_IGN);
374 		/*
375 		 * nfsd sits in the kernel most of the time.  It needs
376 		 * to ignore SIGTERM/SIGQUIT in order to stay alive as long
377 		 * as possible during a shutdown, otherwise loopback
378 		 * mounts will not be able to unmount.
379 		 */
380 		(void)signal(SIGTERM, SIG_IGN);
381 		(void)signal(SIGQUIT, SIG_IGN);
382 	}
383 	(void)signal(SIGSYS, nonfs);
384 	(void)signal(SIGCHLD, reapchild);
385 	(void)signal(SIGUSR2, backup_stable);
386 
387 	openlog("nfsd", LOG_PID | (debug ? LOG_PERROR : 0), LOG_DAEMON);
388 
389 	/*
390 	 * For V4, we open the stablerestart file and call nfssvc()
391 	 * to get it loaded. This is done before the daemons do the
392 	 * regular nfssvc() call to service NFS requests.
393 	 * (This way the file remains open until the last nfsd is killed
394 	 *  off.)
395 	 * It and the backup copy will be created as empty files
396 	 * the first time this nfsd is started and should never be
397 	 * deleted/replaced if at all possible. It should live on a
398 	 * local, non-volatile storage device that does not do hardware
399 	 * level write-back caching. (See SCSI doc for more information
400 	 * on how to prevent write-back caching on SCSI disks.)
401 	 */
402 	if (run_v4server > 0) {
403 		open_stable(&stablefd, &backupfd);
404 		if (stablefd < 0) {
405 			syslog(LOG_ERR, "Can't open %s: %m\n", NFSD_STABLERESTART);
406 			exit(1);
407 		}
408 		/* This system call will fail for old kernels, but that's ok. */
409 		nfssvc(NFSSVC_BACKUPSTABLE, NULL);
410 		if (nfssvc(NFSSVC_STABLERESTART, (caddr_t)&stablefd) < 0) {
411 			syslog(LOG_ERR, "Can't read stable storage file: %m\n");
412 			exit(1);
413 		}
414 		nfssvc_addsock = NFSSVC_NFSDADDSOCK;
415 		nfssvc_nfsd = NFSSVC_NFSDNFSD;
416 		new_syscall = TRUE;
417 	} else {
418 		nfssvc_addsock = NFSSVC_ADDSOCK;
419 		nfssvc_nfsd = NFSSVC_NFSD;
420 		/*
421 		 * Figure out if the kernel supports the new-style
422 		 * NFSSVC_NFSD. Old kernels will return ENXIO because they
423 		 * don't recognise the flag value, new ones will return EINVAL
424 		 * because argp is NULL.
425 		 */
426 		new_syscall = FALSE;
427 		if (nfssvc(NFSSVC_NFSD, NULL) < 0 && errno == EINVAL)
428 			new_syscall = TRUE;
429 	}
430 
431 	if (!new_syscall) {
432 		if (nfsdcnt < 1) {
433 			warnx("nfsd count too low %d; reset to %d", nfsdcnt,
434 			    DEFNFSDCNT);
435 			nfsdcnt = DEFNFSDCNT;
436 		}
437 		if (nfsdcnt > MAXNFSDCNT) {
438 			warnx("nfsd count too high %d; reset to %d", nfsdcnt,
439 			    DEFNFSDCNT);
440 			nfsdcnt = MAXNFSDCNT;
441 		}
442 		/* If we use UDP only, we start the last server below. */
443 		srvcnt = tcpflag ? nfsdcnt : nfsdcnt - 1;
444 		for (i = 0; i < srvcnt; i++) {
445 			switch ((pid = fork())) {
446 			case -1:
447 				syslog(LOG_ERR, "fork: %m");
448 				nfsd_exit(1);
449 			case 0:
450 				break;
451 			default:
452 				children[i] = pid;
453 				continue;
454 			}
455 			(void)signal(SIGUSR1, child_cleanup);
456 			setproctitle("server");
457 
458 			start_server(0);
459 		}
460 	} else if (tcpflag) {
461 		/*
462 		 * For TCP mode, we fork once to start the first
463 		 * kernel nfsd thread. The kernel will add more
464 		 * threads as needed.
465 		 */
466 		pid = fork();
467 		if (pid == -1) {
468 			syslog(LOG_ERR, "fork: %m");
469 			nfsd_exit(1);
470 		}
471 		if (pid) {
472 			children[0] = pid;
473 		} else {
474 			(void)signal(SIGUSR1, child_cleanup);
475 			setproctitle("server");
476 			start_server(0);
477 		}
478 	}
479 
480 	(void)signal(SIGUSR1, cleanup);
481 	FD_ZERO(&v4bits);
482 	FD_ZERO(&v6bits);
483 	FD_ZERO(&sockbits);
484 
485 	rpcbregcnt = 0;
486 	/* Set up the socket for udp and rpcb register it. */
487 	if (udpflag) {
488 		rpcbreg = 0;
489 		for (i = 0; i < bindhostc; i++) {
490 			memset(&hints, 0, sizeof hints);
491 			hints.ai_flags = AI_PASSIVE;
492 			hints.ai_family = AF_INET;
493 			hints.ai_socktype = SOCK_DGRAM;
494 			hints.ai_protocol = IPPROTO_UDP;
495 			if (setbindhost(&ai_udp, bindhost[i], hints) == 0) {
496 				rpcbreg = 1;
497 				rpcbregcnt++;
498 				if ((sock = socket(ai_udp->ai_family,
499 				    ai_udp->ai_socktype,
500 				    ai_udp->ai_protocol)) < 0) {
501 					syslog(LOG_ERR,
502 					    "can't create udp socket");
503 					nfsd_exit(1);
504 				}
505 				if (bind(sock, ai_udp->ai_addr,
506 				    ai_udp->ai_addrlen) < 0) {
507 					syslog(LOG_ERR,
508 					    "can't bind udp addr %s: %m",
509 					    bindhost[i]);
510 					nfsd_exit(1);
511 				}
512 				freeaddrinfo(ai_udp);
513 				addsockargs.sock = sock;
514 				addsockargs.name = NULL;
515 				addsockargs.namelen = 0;
516 				if (nfssvc(nfssvc_addsock, &addsockargs) < 0) {
517 					syslog(LOG_ERR, "can't Add UDP socket");
518 					nfsd_exit(1);
519 				}
520 				(void)close(sock);
521 			}
522 		}
523 		if (rpcbreg == 1) {
524 			memset(&hints, 0, sizeof hints);
525 			hints.ai_flags = AI_PASSIVE;
526 			hints.ai_family = AF_INET;
527 			hints.ai_socktype = SOCK_DGRAM;
528 			hints.ai_protocol = IPPROTO_UDP;
529 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp);
530 			if (ecode != 0) {
531 				syslog(LOG_ERR, "getaddrinfo udp: %s",
532 				   gai_strerror(ecode));
533 				nfsd_exit(1);
534 			}
535 			nconf_udp = getnetconfigent("udp");
536 			if (nconf_udp == NULL)
537 				err(1, "getnetconfigent udp failed");
538 			nb_udp.buf = ai_udp->ai_addr;
539 			nb_udp.len = nb_udp.maxlen = ai_udp->ai_addrlen;
540 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_udp, &nb_udp)) ||
541 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_udp, &nb_udp)))
542 				err(1, "rpcb_set udp failed");
543 			freeaddrinfo(ai_udp);
544 		}
545 	}
546 
547 	/* Set up the socket for udp6 and rpcb register it. */
548 	if (udpflag && ip6flag) {
549 		rpcbreg = 0;
550 		for (i = 0; i < bindhostc; i++) {
551 			memset(&hints, 0, sizeof hints);
552 			hints.ai_flags = AI_PASSIVE;
553 			hints.ai_family = AF_INET6;
554 			hints.ai_socktype = SOCK_DGRAM;
555 			hints.ai_protocol = IPPROTO_UDP;
556 			if (setbindhost(&ai_udp6, bindhost[i], hints) == 0) {
557 				rpcbreg = 1;
558 				rpcbregcnt++;
559 				if ((sock = socket(ai_udp6->ai_family,
560 				    ai_udp6->ai_socktype,
561 				    ai_udp6->ai_protocol)) < 0) {
562 					syslog(LOG_ERR,
563 						"can't create udp6 socket");
564 					nfsd_exit(1);
565 				}
566 				if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
567 				    &on, sizeof on) < 0) {
568 					syslog(LOG_ERR,
569 					    "can't set v6-only binding for "
570 					    "udp6 socket: %m");
571 					nfsd_exit(1);
572 				}
573 				if (bind(sock, ai_udp6->ai_addr,
574 				    ai_udp6->ai_addrlen) < 0) {
575 					syslog(LOG_ERR,
576 					    "can't bind udp6 addr %s: %m",
577 					    bindhost[i]);
578 					nfsd_exit(1);
579 				}
580 				freeaddrinfo(ai_udp6);
581 				addsockargs.sock = sock;
582 				addsockargs.name = NULL;
583 				addsockargs.namelen = 0;
584 				if (nfssvc(nfssvc_addsock, &addsockargs) < 0) {
585 					syslog(LOG_ERR,
586 					    "can't add UDP6 socket");
587 					nfsd_exit(1);
588 				}
589 				(void)close(sock);
590 			}
591 		}
592 		if (rpcbreg == 1) {
593 			memset(&hints, 0, sizeof hints);
594 			hints.ai_flags = AI_PASSIVE;
595 			hints.ai_family = AF_INET6;
596 			hints.ai_socktype = SOCK_DGRAM;
597 			hints.ai_protocol = IPPROTO_UDP;
598 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp6);
599 			if (ecode != 0) {
600 				syslog(LOG_ERR, "getaddrinfo udp6: %s",
601 				   gai_strerror(ecode));
602 				nfsd_exit(1);
603 			}
604 			nconf_udp6 = getnetconfigent("udp6");
605 			if (nconf_udp6 == NULL)
606 				err(1, "getnetconfigent udp6 failed");
607 			nb_udp6.buf = ai_udp6->ai_addr;
608 			nb_udp6.len = nb_udp6.maxlen = ai_udp6->ai_addrlen;
609 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_udp6, &nb_udp6)) ||
610 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_udp6, &nb_udp6)))
611 				err(1, "rpcb_set udp6 failed");
612 			freeaddrinfo(ai_udp6);
613 		}
614 	}
615 
616 	/* Set up the socket for tcp and rpcb register it. */
617 	if (tcpflag) {
618 		rpcbreg = 0;
619 		for (i = 0; i < bindhostc; i++) {
620 			memset(&hints, 0, sizeof hints);
621 			hints.ai_flags = AI_PASSIVE;
622 			hints.ai_family = AF_INET;
623 			hints.ai_socktype = SOCK_STREAM;
624 			hints.ai_protocol = IPPROTO_TCP;
625 			if (setbindhost(&ai_tcp, bindhost[i], hints) == 0) {
626 				rpcbreg = 1;
627 				rpcbregcnt++;
628 				if ((tcpsock = socket(AF_INET, SOCK_STREAM,
629 				    0)) < 0) {
630 					syslog(LOG_ERR,
631 					    "can't create tcp socket");
632 					nfsd_exit(1);
633 				}
634 				if (setsockopt(tcpsock, SOL_SOCKET,
635 				    SO_REUSEADDR,
636 				    (char *)&on, sizeof(on)) < 0)
637 					syslog(LOG_ERR,
638 					     "setsockopt SO_REUSEADDR: %m");
639 				if (bind(tcpsock, ai_tcp->ai_addr,
640 				    ai_tcp->ai_addrlen) < 0) {
641 					syslog(LOG_ERR,
642 					    "can't bind tcp addr %s: %m",
643 					    bindhost[i]);
644 					nfsd_exit(1);
645 				}
646 				if (listen(tcpsock, 5) < 0) {
647 					syslog(LOG_ERR, "listen failed");
648 					nfsd_exit(1);
649 				}
650 				freeaddrinfo(ai_tcp);
651 				FD_SET(tcpsock, &sockbits);
652 				FD_SET(tcpsock, &v4bits);
653 				maxsock = tcpsock;
654 				connect_type_cnt++;
655 			}
656 		}
657 		if (rpcbreg == 1) {
658 			memset(&hints, 0, sizeof hints);
659 			hints.ai_flags = AI_PASSIVE;
660 			hints.ai_family = AF_INET;
661 			hints.ai_socktype = SOCK_STREAM;
662 			hints.ai_protocol = IPPROTO_TCP;
663 			ecode = getaddrinfo(NULL, "nfs", &hints,
664 			     &ai_tcp);
665 			if (ecode != 0) {
666 				syslog(LOG_ERR, "getaddrinfo tcp: %s",
667 				   gai_strerror(ecode));
668 				nfsd_exit(1);
669 			}
670 			nconf_tcp = getnetconfigent("tcp");
671 			if (nconf_tcp == NULL)
672 				err(1, "getnetconfigent tcp failed");
673 			nb_tcp.buf = ai_tcp->ai_addr;
674 			nb_tcp.len = nb_tcp.maxlen = ai_tcp->ai_addrlen;
675 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_tcp,
676 			    &nb_tcp)) || (!rpcb_set(NFS_PROGRAM, 3,
677 			    nconf_tcp, &nb_tcp)))
678 				err(1, "rpcb_set tcp failed");
679 			freeaddrinfo(ai_tcp);
680 		}
681 	}
682 
683 	/* Set up the socket for tcp6 and rpcb register it. */
684 	if (tcpflag && ip6flag) {
685 		rpcbreg = 0;
686 		for (i = 0; i < bindhostc; i++) {
687 			memset(&hints, 0, sizeof hints);
688 			hints.ai_flags = AI_PASSIVE;
689 			hints.ai_family = AF_INET6;
690 			hints.ai_socktype = SOCK_STREAM;
691 			hints.ai_protocol = IPPROTO_TCP;
692 			if (setbindhost(&ai_tcp6, bindhost[i], hints) == 0) {
693 				rpcbreg = 1;
694 				rpcbregcnt++;
695 				if ((tcp6sock = socket(ai_tcp6->ai_family,
696 				    ai_tcp6->ai_socktype,
697 				    ai_tcp6->ai_protocol)) < 0) {
698 					syslog(LOG_ERR,
699 					    "can't create tcp6 socket");
700 					nfsd_exit(1);
701 				}
702 				if (setsockopt(tcp6sock, SOL_SOCKET,
703 				    SO_REUSEADDR,
704 				    (char *)&on, sizeof(on)) < 0)
705 					syslog(LOG_ERR,
706 					    "setsockopt SO_REUSEADDR: %m");
707 				if (setsockopt(tcp6sock, IPPROTO_IPV6,
708 				    IPV6_V6ONLY, &on, sizeof on) < 0) {
709 					syslog(LOG_ERR,
710 					"can't set v6-only binding for tcp6 "
711 					    "socket: %m");
712 					nfsd_exit(1);
713 				}
714 				if (bind(tcp6sock, ai_tcp6->ai_addr,
715 				    ai_tcp6->ai_addrlen) < 0) {
716 					syslog(LOG_ERR,
717 					    "can't bind tcp6 addr %s: %m",
718 					    bindhost[i]);
719 					nfsd_exit(1);
720 				}
721 				if (listen(tcp6sock, 5) < 0) {
722 					syslog(LOG_ERR, "listen failed");
723 					nfsd_exit(1);
724 				}
725 				freeaddrinfo(ai_tcp6);
726 				FD_SET(tcp6sock, &sockbits);
727 				FD_SET(tcp6sock, &v6bits);
728 				if (maxsock < tcp6sock)
729 					maxsock = tcp6sock;
730 				connect_type_cnt++;
731 			}
732 		}
733 		if (rpcbreg == 1) {
734 			memset(&hints, 0, sizeof hints);
735 			hints.ai_flags = AI_PASSIVE;
736 			hints.ai_family = AF_INET6;
737 			hints.ai_socktype = SOCK_STREAM;
738 			hints.ai_protocol = IPPROTO_TCP;
739 			ecode = getaddrinfo(NULL, "nfs", &hints, &ai_tcp6);
740 			if (ecode != 0) {
741 				syslog(LOG_ERR, "getaddrinfo tcp6: %s",
742 				   gai_strerror(ecode));
743 				nfsd_exit(1);
744 			}
745 			nconf_tcp6 = getnetconfigent("tcp6");
746 			if (nconf_tcp6 == NULL)
747 				err(1, "getnetconfigent tcp6 failed");
748 			nb_tcp6.buf = ai_tcp6->ai_addr;
749 			nb_tcp6.len = nb_tcp6.maxlen = ai_tcp6->ai_addrlen;
750 			if ((!rpcb_set(NFS_PROGRAM, 2, nconf_tcp6, &nb_tcp6)) ||
751 			    (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp6, &nb_tcp6)))
752 				err(1, "rpcb_set tcp6 failed");
753 			freeaddrinfo(ai_tcp6);
754 		}
755 	}
756 
757 	if (rpcbregcnt == 0) {
758 		syslog(LOG_ERR, "rpcb_set() failed, nothing to do: %m");
759 		nfsd_exit(1);
760 	}
761 
762 	if (tcpflag && connect_type_cnt == 0) {
763 		syslog(LOG_ERR, "tcp connects == 0, nothing to do: %m");
764 		nfsd_exit(1);
765 	}
766 
767 	setproctitle("master");
768 	/*
769 	 * We always want a master to have a clean way to to shut nfsd down
770 	 * (with unregistration): if the master is killed, it unregisters and
771 	 * kills all children. If we run for UDP only (and so do not have to
772 	 * loop waiting waiting for accept), we instead make the parent
773 	 * a "server" too. start_server will not return.
774 	 */
775 	if (!tcpflag)
776 		start_server(1);
777 
778 	/*
779 	 * Loop forever accepting connections and passing the sockets
780 	 * into the kernel for the mounts.
781 	 */
782 	for (;;) {
783 		ready = sockbits;
784 		if (connect_type_cnt > 1) {
785 			if (select(maxsock + 1,
786 			    &ready, NULL, NULL, NULL) < 1) {
787 				error = errno;
788 				if (error == EINTR)
789 					continue;
790 				syslog(LOG_ERR, "select failed: %m");
791 				nfsd_exit(1);
792 			}
793 		}
794 		for (tcpsock = 0; tcpsock <= maxsock; tcpsock++) {
795 			if (FD_ISSET(tcpsock, &ready)) {
796 				if (FD_ISSET(tcpsock, &v4bits)) {
797 					len = sizeof(inetpeer);
798 					if ((msgsock = accept(tcpsock,
799 					    (struct sockaddr *)&inetpeer, &len)) < 0) {
800 						error = errno;
801 						syslog(LOG_ERR, "accept failed: %m");
802 						if (error == ECONNABORTED ||
803 						    error == EINTR)
804 							continue;
805 						nfsd_exit(1);
806 					}
807 					memset(inetpeer.sin_zero, 0,
808 						sizeof(inetpeer.sin_zero));
809 					if (setsockopt(msgsock, SOL_SOCKET,
810 					    SO_KEEPALIVE, (char *)&on, sizeof(on)) < 0)
811 						syslog(LOG_ERR,
812 						    "setsockopt SO_KEEPALIVE: %m");
813 					addsockargs.sock = msgsock;
814 					addsockargs.name = (caddr_t)&inetpeer;
815 					addsockargs.namelen = len;
816 					nfssvc(nfssvc_addsock, &addsockargs);
817 					(void)close(msgsock);
818 				} else if (FD_ISSET(tcpsock, &v6bits)) {
819 					len = sizeof(inet6peer);
820 					if ((msgsock = accept(tcpsock,
821 					    (struct sockaddr *)&inet6peer,
822 					    &len)) < 0) {
823 						error = errno;
824 						syslog(LOG_ERR,
825 						     "accept failed: %m");
826 						if (error == ECONNABORTED ||
827 						    error == EINTR)
828 							continue;
829 						nfsd_exit(1);
830 					}
831 					if (setsockopt(msgsock, SOL_SOCKET,
832 					    SO_KEEPALIVE, (char *)&on,
833 					    sizeof(on)) < 0)
834 						syslog(LOG_ERR, "setsockopt "
835 						    "SO_KEEPALIVE: %m");
836 					addsockargs.sock = msgsock;
837 					addsockargs.name = (caddr_t)&inet6peer;
838 					addsockargs.namelen = len;
839 					nfssvc(nfssvc_addsock, &addsockargs);
840 					(void)close(msgsock);
841 				}
842 			}
843 		}
844 	}
845 }
846 
847 int
848 setbindhost(struct addrinfo **ai, const char *bindhost, struct addrinfo hints)
849 {
850 	int ecode;
851 	u_int32_t host_addr[4];  /* IPv4 or IPv6 */
852 	const char *hostptr;
853 
854 	if (bindhost == NULL || strcmp("*", bindhost) == 0)
855 		hostptr = NULL;
856 	else
857 		hostptr = bindhost;
858 
859 	if (hostptr != NULL) {
860 		switch (hints.ai_family) {
861 		case AF_INET:
862 			if (inet_pton(AF_INET, hostptr, host_addr) == 1) {
863 				hints.ai_flags = AI_NUMERICHOST;
864 			} else {
865 				if (inet_pton(AF_INET6, hostptr,
866 				    host_addr) == 1)
867 					return (1);
868 			}
869 			break;
870 		case AF_INET6:
871 			if (inet_pton(AF_INET6, hostptr, host_addr) == 1) {
872 				hints.ai_flags = AI_NUMERICHOST;
873 			} else {
874 				if (inet_pton(AF_INET, hostptr,
875 				    host_addr) == 1)
876 					return (1);
877 			}
878 			break;
879 		default:
880 			break;
881 		}
882 	}
883 
884 	ecode = getaddrinfo(hostptr, "nfs", &hints, ai);
885 	if (ecode != 0) {
886 		syslog(LOG_ERR, "getaddrinfo %s: %s", bindhost,
887 		    gai_strerror(ecode));
888 		return (1);
889 	}
890 	return (0);
891 }
892 
893 void
894 usage(void)
895 {
896 	(void)fprintf(stderr, "%s", getopt_usage);
897 	exit(1);
898 }
899 
900 void
901 nonfs(__unused int signo)
902 {
903 	syslog(LOG_ERR, "missing system call: NFS not available");
904 }
905 
906 void
907 reapchild(__unused int signo)
908 {
909 	pid_t pid;
910 	int i;
911 
912 	while ((pid = wait3(NULL, WNOHANG, NULL)) > 0) {
913 		for (i = 0; i < nfsdcnt; i++)
914 			if (pid == children[i])
915 				children[i] = -1;
916 	}
917 }
918 
919 void
920 unregistration(void)
921 {
922 	if ((!rpcb_unset(NFS_PROGRAM, 2, NULL)) ||
923 	    (!rpcb_unset(NFS_PROGRAM, 3, NULL)))
924 		syslog(LOG_ERR, "rpcb_unset failed");
925 }
926 
927 void
928 killchildren(void)
929 {
930 	int i;
931 
932 	for (i = 0; i < nfsdcnt; i++) {
933 		if (children[i] > 0)
934 			kill(children[i], SIGKILL);
935 	}
936 }
937 
938 /*
939  * Cleanup master after SIGUSR1.
940  */
941 void
942 cleanup(__unused int signo)
943 {
944 	nfsd_exit(0);
945 }
946 
947 /*
948  * Cleanup child after SIGUSR1.
949  */
950 void
951 child_cleanup(__unused int signo)
952 {
953 	exit(0);
954 }
955 
956 void
957 nfsd_exit(int status)
958 {
959 	killchildren();
960 	unregistration();
961 	exit(status);
962 }
963 
964 static int
965 get_tuned_nfsdcount(void)
966 {
967 	int ncpu, error, tuned_nfsdcnt;
968 	size_t ncpu_size;
969 
970 	ncpu_size = sizeof(ncpu);
971 	error = sysctlbyname("hw.ncpu", &ncpu, &ncpu_size, NULL, 0);
972 	if (error) {
973 		warnx("sysctlbyname(hw.ncpu) failed defaulting to %d nfs servers",
974 		    DEFNFSDCNT);
975 		tuned_nfsdcnt = DEFNFSDCNT;
976 	} else {
977 		tuned_nfsdcnt = ncpu * 8;
978 	}
979 	if (!new_syscall && tuned_nfsdcnt > MAXNFSDCNT) {
980 		warnx("nfsd count %d; truncated to %d", tuned_nfsdcnt,
981 		    MAXNFSDCNT);
982 		tuned_nfsdcnt = MAXNFSDCNT;
983 	}
984 	return tuned_nfsdcnt;
985 }
986 
987 void
988 start_server(int master)
989 {
990 	char principal[MAXHOSTNAMELEN + 5];
991 	struct nfsd_nfsd_args nfsdargs;
992 	int status, error;
993 	char hostname[MAXHOSTNAMELEN + 1], *cp;
994 	struct addrinfo *aip, hints;
995 
996 	status = 0;
997 	if (new_syscall) {
998 		gethostname(hostname, sizeof (hostname));
999 		snprintf(principal, sizeof (principal), "nfs@%s", hostname);
1000 		if ((cp = strchr(hostname, '.')) == NULL ||
1001 		    *(cp + 1) == '\0') {
1002 			/* If not fully qualified, try getaddrinfo() */
1003 			memset((void *)&hints, 0, sizeof (hints));
1004 			hints.ai_flags = AI_CANONNAME;
1005 			error = getaddrinfo(hostname, NULL, &hints, &aip);
1006 			if (error == 0) {
1007 				if (aip->ai_canonname != NULL &&
1008 				    (cp = strchr(aip->ai_canonname, '.')) !=
1009 				    NULL && *(cp + 1) != '\0')
1010 					snprintf(principal, sizeof (principal),
1011 					    "nfs@%s", aip->ai_canonname);
1012 				freeaddrinfo(aip);
1013 			}
1014 		}
1015 		nfsdargs.principal = principal;
1016 
1017 		if (minthreads_set) {
1018 			nfsdargs.minthreads = minthreads;
1019 			if (!maxthreads_set)
1020 				nfsdargs.maxthreads = minthreads;
1021 		}
1022 		if (maxthreads_set) {
1023 			nfsdargs.maxthreads = maxthreads;
1024 			if (!minthreads_set)
1025 				nfsdargs.minthreads = maxthreads;
1026 		}
1027 		if (nfsdcnt_set) {
1028 			nfsdargs.minthreads = nfsdcnt;
1029 			nfsdargs.maxthreads = nfsdcnt;
1030 		}
1031 		if (!minthreads_set && !maxthreads_set && !nfsdcnt_set) {
1032 			int tuned_nfsdcnt;
1033 
1034 			tuned_nfsdcnt = get_tuned_nfsdcount();
1035 			nfsdargs.minthreads = tuned_nfsdcnt;
1036 			nfsdargs.maxthreads = tuned_nfsdcnt;
1037 		}
1038 		error = nfssvc(nfssvc_nfsd, &nfsdargs);
1039 		if (error < 0 && errno == EAUTH) {
1040 			/*
1041 			 * This indicates that it could not register the
1042 			 * rpcsec_gss credentials, usually because the
1043 			 * gssd daemon isn't running.
1044 			 * (only the experimental server with nfsv4)
1045 			 */
1046 			syslog(LOG_ERR, "No gssd, using AUTH_SYS only");
1047 			principal[0] = '\0';
1048 			error = nfssvc(nfssvc_nfsd, &nfsdargs);
1049 		}
1050 		if (error < 0) {
1051 			syslog(LOG_ERR, "nfssvc: %m");
1052 			status = 1;
1053 		}
1054 	} else {
1055 		if (nfssvc(NFSSVC_OLDNFSD, NULL) < 0) {
1056 			syslog(LOG_ERR, "nfssvc: %m");
1057 			status = 1;
1058 		}
1059 	}
1060 	if (master)
1061 		nfsd_exit(status);
1062 	else
1063 		exit(status);
1064 }
1065 
1066 /*
1067  * Open the stable restart file and return the file descriptor for it.
1068  */
1069 void
1070 open_stable(int *stable_fdp, int *backup_fdp)
1071 {
1072 	int stable_fd, backup_fd = -1, ret;
1073 	struct stat st, backup_st;
1074 
1075 	/* Open and stat the stable restart file. */
1076 	stable_fd = open(NFSD_STABLERESTART, O_RDWR, 0);
1077 	if (stable_fd < 0)
1078 		stable_fd = open(NFSD_STABLERESTART, O_RDWR | O_CREAT, 0600);
1079 	if (stable_fd >= 0) {
1080 		ret = fstat(stable_fd, &st);
1081 		if (ret < 0) {
1082 			close(stable_fd);
1083 			stable_fd = -1;
1084 		}
1085 	}
1086 
1087 	/* Open and stat the backup stable restart file. */
1088 	if (stable_fd >= 0) {
1089 		backup_fd = open(NFSD_STABLEBACKUP, O_RDWR, 0);
1090 		if (backup_fd < 0)
1091 			backup_fd = open(NFSD_STABLEBACKUP, O_RDWR | O_CREAT,
1092 			    0600);
1093 		if (backup_fd >= 0) {
1094 			ret = fstat(backup_fd, &backup_st);
1095 			if (ret < 0) {
1096 				close(backup_fd);
1097 				backup_fd = -1;
1098 			}
1099 		}
1100 		if (backup_fd < 0) {
1101 			close(stable_fd);
1102 			stable_fd = -1;
1103 		}
1104 	}
1105 
1106 	*stable_fdp = stable_fd;
1107 	*backup_fdp = backup_fd;
1108 	if (stable_fd < 0)
1109 		return;
1110 
1111 	/* Sync up the 2 files, as required. */
1112 	if (st.st_size > 0)
1113 		copy_stable(stable_fd, backup_fd);
1114 	else if (backup_st.st_size > 0)
1115 		copy_stable(backup_fd, stable_fd);
1116 }
1117 
1118 /*
1119  * Copy the stable restart file to the backup or vice versa.
1120  */
1121 void
1122 copy_stable(int from_fd, int to_fd)
1123 {
1124 	int cnt, ret;
1125 	static char buf[1024];
1126 
1127 	ret = lseek(from_fd, (off_t)0, SEEK_SET);
1128 	if (ret >= 0)
1129 		ret = lseek(to_fd, (off_t)0, SEEK_SET);
1130 	if (ret >= 0)
1131 		ret = ftruncate(to_fd, (off_t)0);
1132 	if (ret >= 0)
1133 		do {
1134 			cnt = read(from_fd, buf, 1024);
1135 			if (cnt > 0)
1136 				ret = write(to_fd, buf, cnt);
1137 			else if (cnt < 0)
1138 				ret = cnt;
1139 		} while (cnt > 0 && ret >= 0);
1140 	if (ret >= 0)
1141 		ret = fsync(to_fd);
1142 	if (ret < 0)
1143 		syslog(LOG_ERR, "stable restart copy failure: %m");
1144 }
1145 
1146 /*
1147  * Back up the stable restart file when indicated by the kernel.
1148  */
1149 void
1150 backup_stable(__unused int signo)
1151 {
1152 
1153 	if (stablefd >= 0)
1154 		copy_stable(stablefd, backupfd);
1155 }
1156 
1157