xref: /linux/fs/nfs/callback.c (revision 1e0731c05c985deb68a97fa44c1adcd3305dda90)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * linux/fs/nfs/callback.c
4  *
5  * Copyright (C) 2004 Trond Myklebust
6  *
7  * NFSv4 callback handling
8  */
9 
10 #include <linux/completion.h>
11 #include <linux/ip.h>
12 #include <linux/module.h>
13 #include <linux/sched/signal.h>
14 #include <linux/sunrpc/svc.h>
15 #include <linux/sunrpc/svcsock.h>
16 #include <linux/nfs_fs.h>
17 #include <linux/errno.h>
18 #include <linux/mutex.h>
19 #include <linux/freezer.h>
20 #include <linux/sunrpc/svcauth_gss.h>
21 #include <linux/sunrpc/bc_xprt.h>
22 
23 #include <net/inet_sock.h>
24 
25 #include "nfs4_fs.h"
26 #include "callback.h"
27 #include "internal.h"
28 #include "netns.h"
29 
30 #define NFSDBG_FACILITY NFSDBG_CALLBACK
31 
32 struct nfs_callback_data {
33 	unsigned int users;
34 	struct svc_serv *serv;
35 };
36 
37 static struct nfs_callback_data nfs_callback_info[NFS4_MAX_MINOR_VERSION + 1];
38 static DEFINE_MUTEX(nfs_callback_mutex);
39 static struct svc_program nfs4_callback_program;
40 
41 static int nfs4_callback_up_net(struct svc_serv *serv, struct net *net)
42 {
43 	const struct cred *cred = current_cred();
44 	int ret;
45 	struct nfs_net *nn = net_generic(net, nfs_net_id);
46 
47 	ret = svc_xprt_create(serv, "tcp", net, PF_INET,
48 			      nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS,
49 			      cred);
50 	if (ret <= 0)
51 		goto out_err;
52 	nn->nfs_callback_tcpport = ret;
53 	dprintk("NFS: Callback listener port = %u (af %u, net %x)\n",
54 		nn->nfs_callback_tcpport, PF_INET, net->ns.inum);
55 
56 	ret = svc_xprt_create(serv, "tcp", net, PF_INET6,
57 			      nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS,
58 			      cred);
59 	if (ret > 0) {
60 		nn->nfs_callback_tcpport6 = ret;
61 		dprintk("NFS: Callback listener port = %u (af %u, net %x)\n",
62 			nn->nfs_callback_tcpport6, PF_INET6, net->ns.inum);
63 	} else if (ret != -EAFNOSUPPORT)
64 		goto out_err;
65 	return 0;
66 
67 out_err:
68 	return (ret) ? ret : -ENOMEM;
69 }
70 
71 /*
72  * This is the NFSv4 callback kernel thread.
73  */
74 static int
75 nfs4_callback_svc(void *vrqstp)
76 {
77 	struct svc_rqst *rqstp = vrqstp;
78 
79 	set_freezable();
80 
81 	while (!kthread_freezable_should_stop(NULL))
82 		svc_recv(rqstp);
83 
84 	svc_exit_thread(rqstp);
85 	return 0;
86 }
87 
88 #if defined(CONFIG_NFS_V4_1)
89 /*
90  * The callback service for NFSv4.1 callbacks
91  */
92 static int
93 nfs41_callback_svc(void *vrqstp)
94 {
95 	struct svc_rqst *rqstp = vrqstp;
96 	struct svc_serv *serv = rqstp->rq_server;
97 	struct rpc_rqst *req;
98 	int error;
99 	DEFINE_WAIT(wq);
100 
101 	set_freezable();
102 
103 	while (!kthread_freezable_should_stop(NULL)) {
104 		prepare_to_wait(&serv->sv_cb_waitq, &wq, TASK_IDLE);
105 		spin_lock_bh(&serv->sv_cb_lock);
106 		if (!list_empty(&serv->sv_cb_list)) {
107 			req = list_first_entry(&serv->sv_cb_list,
108 					struct rpc_rqst, rq_bc_list);
109 			list_del(&req->rq_bc_list);
110 			spin_unlock_bh(&serv->sv_cb_lock);
111 			finish_wait(&serv->sv_cb_waitq, &wq);
112 			dprintk("Invoking bc_svc_process()\n");
113 			error = bc_svc_process(serv, req, rqstp);
114 			dprintk("bc_svc_process() returned w/ error code= %d\n",
115 				error);
116 		} else {
117 			spin_unlock_bh(&serv->sv_cb_lock);
118 			if (!kthread_should_stop())
119 				schedule();
120 			finish_wait(&serv->sv_cb_waitq, &wq);
121 		}
122 	}
123 
124 	svc_exit_thread(rqstp);
125 	return 0;
126 }
127 
128 static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt,
129 		struct svc_serv *serv)
130 {
131 	if (minorversion)
132 		/*
133 		 * Save the svc_serv in the transport so that it can
134 		 * be referenced when the session backchannel is initialized
135 		 */
136 		xprt->bc_serv = serv;
137 }
138 #else
139 static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt,
140 		struct svc_serv *serv)
141 {
142 }
143 #endif /* CONFIG_NFS_V4_1 */
144 
145 static int nfs_callback_start_svc(int minorversion, struct rpc_xprt *xprt,
146 				  struct svc_serv *serv)
147 {
148 	int nrservs = nfs_callback_nr_threads;
149 	int ret;
150 
151 	nfs_callback_bc_serv(minorversion, xprt, serv);
152 
153 	if (nrservs < NFS4_MIN_NR_CALLBACK_THREADS)
154 		nrservs = NFS4_MIN_NR_CALLBACK_THREADS;
155 
156 	if (serv->sv_nrthreads == nrservs)
157 		return 0;
158 
159 	ret = svc_set_num_threads(serv, NULL, nrservs);
160 	if (ret) {
161 		svc_set_num_threads(serv, NULL, 0);
162 		return ret;
163 	}
164 	dprintk("nfs_callback_up: service started\n");
165 	return 0;
166 }
167 
168 static void nfs_callback_down_net(u32 minorversion, struct svc_serv *serv, struct net *net)
169 {
170 	struct nfs_net *nn = net_generic(net, nfs_net_id);
171 
172 	if (--nn->cb_users[minorversion])
173 		return;
174 
175 	dprintk("NFS: destroy per-net callback data; net=%x\n", net->ns.inum);
176 	svc_xprt_destroy_all(serv, net);
177 }
178 
179 static int nfs_callback_up_net(int minorversion, struct svc_serv *serv,
180 			       struct net *net, struct rpc_xprt *xprt)
181 {
182 	struct nfs_net *nn = net_generic(net, nfs_net_id);
183 	int ret;
184 
185 	if (nn->cb_users[minorversion]++)
186 		return 0;
187 
188 	dprintk("NFS: create per-net callback data; net=%x\n", net->ns.inum);
189 
190 	ret = svc_bind(serv, net);
191 	if (ret < 0) {
192 		printk(KERN_WARNING "NFS: bind callback service failed\n");
193 		goto err_bind;
194 	}
195 
196 	ret = 0;
197 	if (!IS_ENABLED(CONFIG_NFS_V4_1) || minorversion == 0)
198 		ret = nfs4_callback_up_net(serv, net);
199 	else if (xprt->ops->bc_setup)
200 		set_bc_enabled(serv);
201 	else
202 		ret = -EPROTONOSUPPORT;
203 
204 	if (ret < 0) {
205 		printk(KERN_ERR "NFS: callback service start failed\n");
206 		goto err_socks;
207 	}
208 	return 0;
209 
210 err_socks:
211 	svc_rpcb_cleanup(serv, net);
212 err_bind:
213 	nn->cb_users[minorversion]--;
214 	dprintk("NFS: Couldn't create callback socket: err = %d; "
215 			"net = %x\n", ret, net->ns.inum);
216 	return ret;
217 }
218 
219 static struct svc_serv *nfs_callback_create_svc(int minorversion)
220 {
221 	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
222 	int (*threadfn)(void *data);
223 	struct svc_serv *serv;
224 
225 	/*
226 	 * Check whether we're already up and running.
227 	 */
228 	if (cb_info->serv)
229 		return svc_get(cb_info->serv);
230 
231 	/*
232 	 * Sanity check: if there's no task,
233 	 * we should be the first user ...
234 	 */
235 	if (cb_info->users)
236 		printk(KERN_WARNING "nfs_callback_create_svc: no kthread, %d users??\n",
237 			cb_info->users);
238 
239 	threadfn = nfs4_callback_svc;
240 #if defined(CONFIG_NFS_V4_1)
241 	if (minorversion)
242 		threadfn = nfs41_callback_svc;
243 #else
244 	if (minorversion)
245 		return ERR_PTR(-ENOTSUPP);
246 #endif
247 	serv = svc_create(&nfs4_callback_program, NFS4_CALLBACK_BUFSIZE,
248 			  threadfn);
249 	if (!serv) {
250 		printk(KERN_ERR "nfs_callback_create_svc: create service failed\n");
251 		return ERR_PTR(-ENOMEM);
252 	}
253 	cb_info->serv = serv;
254 	/* As there is only one thread we need to over-ride the
255 	 * default maximum of 80 connections
256 	 */
257 	serv->sv_maxconn = 1024;
258 	dprintk("nfs_callback_create_svc: service created\n");
259 	return serv;
260 }
261 
262 /*
263  * Bring up the callback thread if it is not already up.
264  */
265 int nfs_callback_up(u32 minorversion, struct rpc_xprt *xprt)
266 {
267 	struct svc_serv *serv;
268 	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
269 	int ret;
270 	struct net *net = xprt->xprt_net;
271 
272 	mutex_lock(&nfs_callback_mutex);
273 
274 	serv = nfs_callback_create_svc(minorversion);
275 	if (IS_ERR(serv)) {
276 		ret = PTR_ERR(serv);
277 		goto err_create;
278 	}
279 
280 	ret = nfs_callback_up_net(minorversion, serv, net, xprt);
281 	if (ret < 0)
282 		goto err_net;
283 
284 	ret = nfs_callback_start_svc(minorversion, xprt, serv);
285 	if (ret < 0)
286 		goto err_start;
287 
288 	cb_info->users++;
289 err_net:
290 	if (!cb_info->users)
291 		cb_info->serv = NULL;
292 	svc_put(serv);
293 err_create:
294 	mutex_unlock(&nfs_callback_mutex);
295 	return ret;
296 
297 err_start:
298 	nfs_callback_down_net(minorversion, serv, net);
299 	dprintk("NFS: Couldn't create server thread; err = %d\n", ret);
300 	goto err_net;
301 }
302 
303 /*
304  * Kill the callback thread if it's no longer being used.
305  */
306 void nfs_callback_down(int minorversion, struct net *net)
307 {
308 	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
309 	struct svc_serv *serv;
310 
311 	mutex_lock(&nfs_callback_mutex);
312 	serv = cb_info->serv;
313 	nfs_callback_down_net(minorversion, serv, net);
314 	cb_info->users--;
315 	if (cb_info->users == 0) {
316 		svc_get(serv);
317 		svc_set_num_threads(serv, NULL, 0);
318 		svc_put(serv);
319 		dprintk("nfs_callback_down: service destroyed\n");
320 		cb_info->serv = NULL;
321 	}
322 	mutex_unlock(&nfs_callback_mutex);
323 }
324 
325 /* Boolean check of RPC_AUTH_GSS principal */
326 int
327 check_gss_callback_principal(struct nfs_client *clp, struct svc_rqst *rqstp)
328 {
329 	char *p = rqstp->rq_cred.cr_principal;
330 
331 	if (rqstp->rq_authop->flavour != RPC_AUTH_GSS)
332 		return 1;
333 
334 	/* No RPC_AUTH_GSS on NFSv4.1 back channel yet */
335 	if (clp->cl_minorversion != 0)
336 		return 0;
337 	/*
338 	 * It might just be a normal user principal, in which case
339 	 * userspace won't bother to tell us the name at all.
340 	 */
341 	if (p == NULL)
342 		return 0;
343 
344 	/*
345 	 * Did we get the acceptor from userland during the SETCLIENID
346 	 * negotiation?
347 	 */
348 	if (clp->cl_acceptor)
349 		return !strcmp(p, clp->cl_acceptor);
350 
351 	/*
352 	 * Otherwise try to verify it using the cl_hostname. Note that this
353 	 * doesn't work if a non-canonical hostname was used in the devname.
354 	 */
355 
356 	/* Expect a GSS_C_NT_HOSTBASED_NAME like "nfs@serverhostname" */
357 
358 	if (memcmp(p, "nfs@", 4) != 0)
359 		return 0;
360 	p += 4;
361 	if (strcmp(p, clp->cl_hostname) != 0)
362 		return 0;
363 	return 1;
364 }
365 
366 /*
367  * pg_authenticate method for nfsv4 callback threads.
368  *
369  * The authflavor has been negotiated, so an incorrect flavor is a server
370  * bug. Deny packets with incorrect authflavor.
371  *
372  * All other checking done after NFS decoding where the nfs_client can be
373  * found in nfs4_callback_compound
374  */
375 static enum svc_auth_status nfs_callback_authenticate(struct svc_rqst *rqstp)
376 {
377 	rqstp->rq_auth_stat = rpc_autherr_badcred;
378 
379 	switch (rqstp->rq_authop->flavour) {
380 	case RPC_AUTH_NULL:
381 		if (rqstp->rq_proc != CB_NULL)
382 			return SVC_DENIED;
383 		break;
384 	case RPC_AUTH_GSS:
385 		/* No RPC_AUTH_GSS support yet in NFSv4.1 */
386 		 if (svc_is_backchannel(rqstp))
387 			return SVC_DENIED;
388 	}
389 
390 	rqstp->rq_auth_stat = rpc_auth_ok;
391 	return SVC_OK;
392 }
393 
394 /*
395  * Define NFS4 callback program
396  */
397 static const struct svc_version *nfs4_callback_version[] = {
398 	[1] = &nfs4_callback_version1,
399 	[4] = &nfs4_callback_version4,
400 };
401 
402 static struct svc_stat nfs4_callback_stats;
403 
404 static struct svc_program nfs4_callback_program = {
405 	.pg_prog = NFS4_CALLBACK,			/* RPC service number */
406 	.pg_nvers = ARRAY_SIZE(nfs4_callback_version),	/* Number of entries */
407 	.pg_vers = nfs4_callback_version,		/* version table */
408 	.pg_name = "NFSv4 callback",			/* service name */
409 	.pg_class = "nfs",				/* authentication class */
410 	.pg_stats = &nfs4_callback_stats,
411 	.pg_authenticate = nfs_callback_authenticate,
412 	.pg_init_request = svc_generic_init_request,
413 	.pg_rpcbind_set	= svc_generic_rpcbind_set,
414 };
415