xref: /freebsd/usr.sbin/rpc.lockd/kern.c (revision 734e82fe33aa764367791a7d603b383996c6b40b)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 3. Berkeley Software Design Inc's name may not be used to endorse or
15  *    promote products derived from this software without specific prior
16  *    written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
19  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
22  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28  * SUCH DAMAGE.
29  *
30  *      from BSDI kern.c,v 1.2 1998/11/25 22:38:27 don Exp
31  */
32 
33 #include <sys/cdefs.h>
34 #include <sys/param.h>
35 #include <sys/mount.h>
36 #include <sys/queue.h>
37 #include <sys/socket.h>
38 #include <sys/stat.h>
39 
40 #include <netinet/in.h>
41 #include <arpa/inet.h>
42 
43 #include <err.h>
44 #include <errno.h>
45 #include <fcntl.h>
46 #include <paths.h>
47 #include <pwd.h>
48 #include <stdio.h>
49 #include <stdlib.h>
50 #include <string.h>
51 #include <syslog.h>
52 #include <unistd.h>
53 #include <netdb.h>
54 
55 #include "nlm_prot.h"
56 #include <nfs/nfsproto.h>
57 #include <nfs/nfs_lock.h>
58 
59 #include "lockd.h"
60 #include "lockd_lock.h"
61 #include <nfsclient/nfs.h>
62 
63 #define DAEMON_USERNAME	"daemon"
64 
65 /* Lock request owner. */
66 typedef struct __owner {
67 	pid_t	 pid;				/* Process ID. */
68 	time_t	 tod;				/* Time-of-day. */
69 } OWNER;
70 static OWNER owner;
71 
72 static char hostname[MAXHOSTNAMELEN + 1];	/* Hostname. */
73 static int devfd;
74 
75 static void	client_cleanup(void);
76 static const char *from_addr(struct sockaddr *);
77 int	lock_request(LOCKD_MSG *);
78 static void	set_auth(CLIENT *cl, struct xucred *ucred);
79 void	show(LOCKD_MSG *);
80 int	test_request(LOCKD_MSG *);
81 int	unlock_request(LOCKD_MSG *);
82 
83 static int
84 nfslockdans(int vers, struct lockd_ans *ansp)
85 {
86 
87 	ansp->la_vers = vers;
88 	return (write(devfd, ansp, sizeof *ansp) <= 0);
89 }
90 
91 /*
92  * will break because fifo needs to be repopened when EOF'd
93  */
94 #define lockd_seteuid(uid)	seteuid(uid)
95 
96 #define d_calls (debug_level > 1)
97 #define d_args (debug_level > 2)
98 
99 static const char *
100 from_addr(struct sockaddr *saddr)
101 {
102 	static char inet_buf[INET6_ADDRSTRLEN];
103 
104 	if (getnameinfo(saddr, saddr->sa_len, inet_buf, sizeof(inet_buf),
105 			NULL, 0, NI_NUMERICHOST) == 0)
106 		return inet_buf;
107 	return "???";
108 }
109 
110 void
111 client_cleanup(void)
112 {
113 	(void)lockd_seteuid(0);
114 	exit(-1);
115 }
116 
117 /*
118  * client_request --
119  *	Loop around messages from the kernel, forwarding them off to
120  *	NLM servers.
121  */
122 pid_t
123 client_request(void)
124 {
125 	LOCKD_MSG msg;
126 	int nr, ret;
127 	pid_t child;
128 	uid_t daemon_uid;
129 	struct passwd *pw;
130 
131 	/* Open the dev . */
132 	devfd = open(_PATH_DEV _PATH_NFSLCKDEV, O_RDWR | O_NONBLOCK);
133 	if (devfd < 0) {
134 		syslog(LOG_ERR, "open: %s: %m", _PATH_NFSLCKDEV);
135 		goto err;
136 	}
137 
138 	signal(SIGPIPE, SIG_IGN);
139 
140 	/*
141 	 * Create a separate process, the client code is really a separate
142 	 * daemon that shares a lot of code.
143 	 */
144 	switch (child = fork()) {
145 	case -1:
146 		err(1, "fork");
147 	case 0:
148 		setproctitle("client");
149 		break;
150 	default:
151 		setproctitle("server");
152 		return (child);
153 	}
154 
155 	signal(SIGHUP, (sig_t)client_cleanup);
156 	signal(SIGTERM, (sig_t)client_cleanup);
157 
158 	/* Setup. */
159 	(void)time(&owner.tod);
160 	owner.pid = getpid();
161 	(void)gethostname(hostname, sizeof(hostname) - 1);
162 
163 	pw = getpwnam(DAEMON_USERNAME);
164 	if (pw == NULL) {
165 		syslog(LOG_ERR, "getpwnam: %s: %m", DAEMON_USERNAME);
166 		goto err;
167 	}
168 	daemon_uid = pw->pw_uid;
169 	/* drop our root privileges */
170 	(void)lockd_seteuid(daemon_uid);
171 
172 	for (;;) {
173 		/* Read the fixed length message. */
174 		if ((nr = read(devfd, &msg, sizeof(msg))) == sizeof(msg)) {
175 			if (d_args)
176 				show(&msg);
177 
178 			if (msg.lm_version != LOCKD_MSG_VERSION) {
179 				syslog(LOG_ERR,
180 				    "unknown msg type: %d", msg.lm_version);
181 			}
182 			/*
183 			 * Send it to the NLM server and don't grant the lock
184 			 * if we fail for any reason.
185 			 */
186 			switch (msg.lm_fl.l_type) {
187 			case F_RDLCK:
188 			case F_WRLCK:
189 				if (msg.lm_getlk)
190 					ret = test_request(&msg);
191 				else
192 					ret = lock_request(&msg);
193 				break;
194 			case F_UNLCK:
195 				ret = unlock_request(&msg);
196 				break;
197 			default:
198 				ret = 1;
199 				syslog(LOG_ERR,
200 				    "unknown lock type: %d", msg.lm_fl.l_type);
201 				break;
202 			}
203 			if (ret) {
204 				struct lockd_ans ans;
205 
206 				ans.la_msg_ident = msg.lm_msg_ident;
207 				ans.la_errno = EHOSTUNREACH;
208 
209 				if (nfslockdans(LOCKD_ANS_VERSION, &ans)) {
210 					syslog((errno == EPIPE ? LOG_INFO :
211 						LOG_ERR), "process %lu: %m",
212 						(u_long)msg.lm_msg_ident.pid);
213 				}
214 			}
215 		} else if (nr == -1) {
216 			if (errno != EAGAIN) {
217 				syslog(LOG_ERR, "read: %s: %m", _PATH_NFSLCKDEV);
218 				goto err;
219 			}
220 		} else if (nr != 0) {
221 			syslog(LOG_ERR,
222 			    "%s: discard %d bytes", _PATH_NFSLCKDEV, nr);
223 		}
224 	}
225 
226 	/* Reached only on error. */
227 err:
228 	(void)lockd_seteuid(0);
229 	_exit (1);
230 }
231 
232 void
233 set_auth(CLIENT *cl, struct xucred *xucred)
234 {
235 	int ngroups;
236 
237 	ngroups = xucred->cr_ngroups - 1;
238 	if (ngroups > NGRPS)
239 		ngroups = NGRPS;
240         if (cl->cl_auth != NULL)
241                 cl->cl_auth->ah_ops->ah_destroy(cl->cl_auth);
242         cl->cl_auth = authunix_create(hostname,
243                         xucred->cr_uid,
244                         xucred->cr_groups[0],
245                         ngroups,
246                         &xucred->cr_groups[1]);
247 }
248 
249 
250 /*
251  * test_request --
252  *	Convert a lock LOCKD_MSG into an NLM request, and send it off.
253  */
254 int
255 test_request(LOCKD_MSG *msg)
256 {
257 	CLIENT *cli;
258 	struct timeval timeout = {0, 0};	/* No timeout, no response. */
259 	char dummy;
260 
261 	if (d_calls)
262 		syslog(LOG_DEBUG, "test request: %s: %s to %s",
263 		    msg->lm_nfsv3 ? "V4" : "V1/3",
264 		    msg->lm_fl.l_type == F_WRLCK ? "write" : "read",
265 		    from_addr((struct sockaddr *)&msg->lm_addr));
266 
267 	if (msg->lm_nfsv3) {
268 		struct nlm4_testargs arg4;
269 
270 		arg4.cookie.n_bytes = (char *)&msg->lm_msg_ident;
271 		arg4.cookie.n_len = sizeof(msg->lm_msg_ident);
272 		arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0;
273 		arg4.alock.caller_name = hostname;
274 		arg4.alock.fh.n_bytes = (char *)&msg->lm_fh;
275 		arg4.alock.fh.n_len = msg->lm_fh_len;
276 		arg4.alock.oh.n_bytes = (char *)&owner;
277 		arg4.alock.oh.n_len = sizeof(owner);
278 		arg4.alock.svid = msg->lm_msg_ident.pid;
279 		arg4.alock.l_offset = msg->lm_fl.l_start;
280 		arg4.alock.l_len = msg->lm_fl.l_len;
281 
282 		if ((cli = get_client(
283 		    (struct sockaddr *)&msg->lm_addr,
284 		    NLM_VERS4)) == NULL)
285 			return (1);
286 
287 		set_auth(cli, &msg->lm_cred);
288 		(void)clnt_call(cli, NLM_TEST_MSG,
289 		    (xdrproc_t)xdr_nlm4_testargs, &arg4,
290 		    (xdrproc_t)xdr_void, &dummy, timeout);
291 	} else {
292 		struct nlm_testargs arg;
293 
294 		arg.cookie.n_bytes = (char *)&msg->lm_msg_ident;
295 		arg.cookie.n_len = sizeof(msg->lm_msg_ident);
296 		arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0;
297 		arg.alock.caller_name = hostname;
298 		arg.alock.fh.n_bytes = (char *)&msg->lm_fh;
299 		arg.alock.fh.n_len = msg->lm_fh_len;
300 		arg.alock.oh.n_bytes = (char *)&owner;
301 		arg.alock.oh.n_len = sizeof(owner);
302 		arg.alock.svid = msg->lm_msg_ident.pid;
303 		arg.alock.l_offset = msg->lm_fl.l_start;
304 		arg.alock.l_len = msg->lm_fl.l_len;
305 
306 		if ((cli = get_client(
307 		    (struct sockaddr *)&msg->lm_addr,
308 		    NLM_VERS)) == NULL)
309 			return (1);
310 
311 		set_auth(cli, &msg->lm_cred);
312 		(void)clnt_call(cli, NLM_TEST_MSG,
313 		    (xdrproc_t)xdr_nlm_testargs, &arg,
314 		    (xdrproc_t)xdr_void, &dummy, timeout);
315 	}
316 	return (0);
317 }
318 
319 /*
320  * lock_request --
321  *	Convert a lock LOCKD_MSG into an NLM request, and send it off.
322  */
323 int
324 lock_request(LOCKD_MSG *msg)
325 {
326 	CLIENT *cli;
327 	struct nlm4_lockargs arg4;
328 	struct nlm_lockargs arg;
329 	struct timeval timeout = {0, 0};	/* No timeout, no response. */
330 	char dummy;
331 
332 	if (d_calls)
333 		syslog(LOG_DEBUG, "lock request: %s: %s to %s",
334 		    msg->lm_nfsv3 ? "V4" : "V1/3",
335 		    msg->lm_fl.l_type == F_WRLCK ? "write" : "read",
336 		    from_addr((struct sockaddr *)&msg->lm_addr));
337 
338 	if (msg->lm_nfsv3) {
339 		arg4.cookie.n_bytes = (char *)&msg->lm_msg_ident;
340 		arg4.cookie.n_len = sizeof(msg->lm_msg_ident);
341 		arg4.block = msg->lm_wait ? 1 : 0;
342 		arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0;
343 		arg4.alock.caller_name = hostname;
344 		arg4.alock.fh.n_bytes = (char *)&msg->lm_fh;
345 		arg4.alock.fh.n_len = msg->lm_fh_len;
346 		arg4.alock.oh.n_bytes = (char *)&owner;
347 		arg4.alock.oh.n_len = sizeof(owner);
348 		arg4.alock.svid = msg->lm_msg_ident.pid;
349 		arg4.alock.l_offset = msg->lm_fl.l_start;
350 		arg4.alock.l_len = msg->lm_fl.l_len;
351 		arg4.reclaim = 0;
352 		arg4.state = nsm_state;
353 
354 		if ((cli = get_client(
355 		    (struct sockaddr *)&msg->lm_addr,
356 		    NLM_VERS4)) == NULL)
357 			return (1);
358 
359 		set_auth(cli, &msg->lm_cred);
360 		(void)clnt_call(cli, NLM_LOCK_MSG,
361 		    (xdrproc_t)xdr_nlm4_lockargs, &arg4,
362 		    (xdrproc_t)xdr_void, &dummy, timeout);
363 	} else {
364 		arg.cookie.n_bytes = (char *)&msg->lm_msg_ident;
365 		arg.cookie.n_len = sizeof(msg->lm_msg_ident);
366 		arg.block = msg->lm_wait ? 1 : 0;
367 		arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0;
368 		arg.alock.caller_name = hostname;
369 		arg.alock.fh.n_bytes = (char *)&msg->lm_fh;
370 		arg.alock.fh.n_len = msg->lm_fh_len;
371 		arg.alock.oh.n_bytes = (char *)&owner;
372 		arg.alock.oh.n_len = sizeof(owner);
373 		arg.alock.svid = msg->lm_msg_ident.pid;
374 		arg.alock.l_offset = msg->lm_fl.l_start;
375 		arg.alock.l_len = msg->lm_fl.l_len;
376 		arg.reclaim = 0;
377 		arg.state = nsm_state;
378 
379 		if ((cli = get_client(
380 		    (struct sockaddr *)&msg->lm_addr,
381 		    NLM_VERS)) == NULL)
382 			return (1);
383 
384 		set_auth(cli, &msg->lm_cred);
385 		(void)clnt_call(cli, NLM_LOCK_MSG,
386 		    (xdrproc_t)xdr_nlm_lockargs, &arg,
387 		    (xdrproc_t)xdr_void, &dummy, timeout);
388 	}
389 	return (0);
390 }
391 
392 /*
393  * unlock_request --
394  *	Convert an unlock LOCKD_MSG into an NLM request, and send it off.
395  */
396 int
397 unlock_request(LOCKD_MSG *msg)
398 {
399 	CLIENT *cli;
400 	struct nlm4_unlockargs arg4;
401 	struct nlm_unlockargs arg;
402 	struct timeval timeout = {0, 0};	/* No timeout, no response. */
403 	char dummy;
404 
405 	if (d_calls)
406 		syslog(LOG_DEBUG, "unlock request: %s: to %s",
407 		    msg->lm_nfsv3 ? "V4" : "V1/3",
408 		    from_addr((struct sockaddr *)&msg->lm_addr));
409 
410 	if (msg->lm_nfsv3) {
411 		arg4.cookie.n_bytes = (char *)&msg->lm_msg_ident;
412 		arg4.cookie.n_len = sizeof(msg->lm_msg_ident);
413 		arg4.alock.caller_name = hostname;
414 		arg4.alock.fh.n_bytes = (char *)&msg->lm_fh;
415 		arg4.alock.fh.n_len = msg->lm_fh_len;
416 		arg4.alock.oh.n_bytes = (char *)&owner;
417 		arg4.alock.oh.n_len = sizeof(owner);
418 		arg4.alock.svid = msg->lm_msg_ident.pid;
419 		arg4.alock.l_offset = msg->lm_fl.l_start;
420 		arg4.alock.l_len = msg->lm_fl.l_len;
421 
422 		if ((cli = get_client(
423 		    (struct sockaddr *)&msg->lm_addr,
424 		    NLM_VERS4)) == NULL)
425 			return (1);
426 
427 		set_auth(cli, &msg->lm_cred);
428 		(void)clnt_call(cli, NLM_UNLOCK_MSG,
429 		    (xdrproc_t)xdr_nlm4_unlockargs, &arg4,
430 		    (xdrproc_t)xdr_void, &dummy, timeout);
431 	} else {
432 		arg.cookie.n_bytes = (char *)&msg->lm_msg_ident;
433 		arg.cookie.n_len = sizeof(msg->lm_msg_ident);
434 		arg.alock.caller_name = hostname;
435 		arg.alock.fh.n_bytes = (char *)&msg->lm_fh;
436 		arg.alock.fh.n_len = msg->lm_fh_len;
437 		arg.alock.oh.n_bytes = (char *)&owner;
438 		arg.alock.oh.n_len = sizeof(owner);
439 		arg.alock.svid = msg->lm_msg_ident.pid;
440 		arg.alock.l_offset = msg->lm_fl.l_start;
441 		arg.alock.l_len = msg->lm_fl.l_len;
442 
443 		if ((cli = get_client(
444 		    (struct sockaddr *)&msg->lm_addr,
445 		    NLM_VERS)) == NULL)
446 			return (1);
447 
448 		set_auth(cli, &msg->lm_cred);
449 		(void)clnt_call(cli, NLM_UNLOCK_MSG,
450 		    (xdrproc_t)xdr_nlm_unlockargs, &arg,
451 		    (xdrproc_t)xdr_void, &dummy, timeout);
452 	}
453 
454 	return (0);
455 }
456 
457 int
458 lock_answer(int pid, netobj *netcookie, int result, int *pid_p, int version)
459 {
460 	struct lockd_ans ans;
461 
462 	if (netcookie->n_len != sizeof(ans.la_msg_ident)) {
463 		if (pid == -1) {	/* we're screwed */
464 			syslog(LOG_ERR, "inedible nlm cookie");
465 			return -1;
466 		}
467 		ans.la_msg_ident.pid = pid;
468 		ans.la_msg_ident.msg_seq = -1;
469 	} else {
470 		memcpy(&ans.la_msg_ident, netcookie->n_bytes,
471 		    sizeof(ans.la_msg_ident));
472 	}
473 
474 	if (d_calls)
475 		syslog(LOG_DEBUG, "lock answer: pid %lu: %s %d",
476 		    (unsigned long)ans.la_msg_ident.pid,
477 		    version == NLM_VERS4 ? "nlmv4" : "nlmv3",
478 		    result);
479 
480 	ans.la_set_getlk_pid = 0;
481 	if (version == NLM_VERS4)
482 		switch (result) {
483 		case nlm4_granted:
484 			ans.la_errno = 0;
485 			break;
486 		default:
487 			ans.la_errno = EACCES;
488 			break;
489 		case nlm4_denied:
490 			if (pid_p == NULL)
491 				ans.la_errno = EAGAIN;
492 			else {
493 				/* this is an answer to a nlm_test msg */
494 				ans.la_set_getlk_pid = 1;
495 				ans.la_getlk_pid = *pid_p;
496 				ans.la_errno = 0;
497 			}
498 			break;
499 		case nlm4_denied_nolocks:
500 			ans.la_errno = EAGAIN;
501 			break;
502 		case nlm4_blocked:
503 			return -1;
504 			/* NOTREACHED */
505 		case nlm4_denied_grace_period:
506 			ans.la_errno = EAGAIN;
507 			break;
508 		case nlm4_deadlck:
509 			ans.la_errno = EDEADLK;
510 			break;
511 		case nlm4_rofs:
512 			ans.la_errno = EROFS;
513 			break;
514 		case nlm4_stale_fh:
515 			ans.la_errno = ESTALE;
516 			break;
517 		case nlm4_fbig:
518 			ans.la_errno = EFBIG;
519 			break;
520 		case nlm4_failed:
521 			ans.la_errno = EACCES;
522 			break;
523 		}
524 	else
525 		switch (result) {
526 		case nlm_granted:
527 			ans.la_errno = 0;
528 			break;
529 		default:
530 			ans.la_errno = EACCES;
531 			break;
532 		case nlm_denied:
533 			if (pid_p == NULL)
534 				ans.la_errno = EAGAIN;
535 			else {
536 				/* this is an answer to a nlm_test msg */
537 				ans.la_set_getlk_pid = 1;
538 				ans.la_getlk_pid = *pid_p;
539 				ans.la_errno = 0;
540 			}
541 			break;
542 		case nlm_denied_nolocks:
543 			ans.la_errno = EAGAIN;
544 			break;
545 		case nlm_blocked:
546 			return -1;
547 			/* NOTREACHED */
548 		case nlm_denied_grace_period:
549 			ans.la_errno = EAGAIN;
550 			break;
551 		case nlm_deadlck:
552 			ans.la_errno = EDEADLK;
553 			break;
554 		}
555 
556 	if (nfslockdans(LOCKD_ANS_VERSION, &ans)) {
557 		syslog(((errno == EPIPE || errno == ESRCH) ?
558 			LOG_INFO : LOG_ERR),
559 			"process %lu: %m", (u_long)ans.la_msg_ident.pid);
560 		return -1;
561 	}
562 	return 0;
563 }
564 
565 /*
566  * show --
567  *	Display the contents of a kernel LOCKD_MSG structure.
568  */
569 void
570 show(LOCKD_MSG *mp)
571 {
572 	static char hex[] = "0123456789abcdef";
573 	size_t len;
574 	u_int8_t *p, *t, buf[NFS_SMALLFH*3+1];
575 
576 	syslog(LOG_DEBUG, "process ID: %lu\n", (long)mp->lm_msg_ident.pid);
577 
578 	for (t = buf, p = (u_int8_t *)mp->lm_fh,
579 	    len = mp->lm_fh_len;
580 	    len > 0; ++p, --len) {
581 		*t++ = '\\';
582 		*t++ = hex[(*p & 0xf0) >> 4];
583 		*t++ = hex[*p & 0x0f];
584 	}
585 	*t = '\0';
586 
587 	syslog(LOG_DEBUG, "fh_len %d, fh %s\n", (int)mp->lm_fh_len, buf);
588 
589 	/* Show flock structure. */
590 	syslog(LOG_DEBUG, "start %llu; len %llu; pid %lu; type %d; whence %d\n",
591 	    (unsigned long long)mp->lm_fl.l_start,
592 	    (unsigned long long)mp->lm_fl.l_len, (u_long)mp->lm_fl.l_pid,
593 	    mp->lm_fl.l_type, mp->lm_fl.l_whence);
594 
595 	/* Show wait flag. */
596 	syslog(LOG_DEBUG, "wait was %s\n", mp->lm_wait ? "set" : "not set");
597 }
598