1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/nfs/callback.c 4 * 5 * Copyright (C) 2004 Trond Myklebust 6 * 7 * NFSv4 callback handling 8 */ 9 10 #include <linux/completion.h> 11 #include <linux/ip.h> 12 #include <linux/module.h> 13 #include <linux/sched/signal.h> 14 #include <linux/sunrpc/svc.h> 15 #include <linux/sunrpc/svcsock.h> 16 #include <linux/nfs_fs.h> 17 #include <linux/errno.h> 18 #include <linux/mutex.h> 19 #include <linux/freezer.h> 20 #include <linux/sunrpc/svcauth_gss.h> 21 #include <linux/sunrpc/bc_xprt.h> 22 23 #include <net/inet_sock.h> 24 25 #include "nfs4_fs.h" 26 #include "callback.h" 27 #include "internal.h" 28 #include "netns.h" 29 30 #define NFSDBG_FACILITY NFSDBG_CALLBACK 31 32 struct nfs_callback_data { 33 unsigned int users; 34 struct svc_serv *serv; 35 }; 36 37 static struct nfs_callback_data nfs_callback_info[NFS4_MAX_MINOR_VERSION + 1]; 38 static DEFINE_MUTEX(nfs_callback_mutex); 39 static struct svc_program nfs4_callback_program; 40 41 static int nfs4_callback_up_net(struct svc_serv *serv, struct net *net) 42 { 43 const struct cred *cred = current_cred(); 44 int ret; 45 struct nfs_net *nn = net_generic(net, nfs_net_id); 46 47 ret = svc_xprt_create(serv, "tcp", net, PF_INET, 48 nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS, 49 cred); 50 if (ret <= 0) 51 goto out_err; 52 nn->nfs_callback_tcpport = ret; 53 dprintk("NFS: Callback listener port = %u (af %u, net %x)\n", 54 nn->nfs_callback_tcpport, PF_INET, net->ns.inum); 55 56 ret = svc_xprt_create(serv, "tcp", net, PF_INET6, 57 nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS, 58 cred); 59 if (ret > 0) { 60 nn->nfs_callback_tcpport6 = ret; 61 dprintk("NFS: Callback listener port = %u (af %u, net %x)\n", 62 nn->nfs_callback_tcpport6, PF_INET6, net->ns.inum); 63 } else if (ret != -EAFNOSUPPORT) 64 goto out_err; 65 return 0; 66 67 out_err: 68 return (ret) ? ret : -ENOMEM; 69 } 70 71 /* 72 * This is the NFSv4 callback kernel thread. 73 */ 74 static int 75 nfs4_callback_svc(void *vrqstp) 76 { 77 struct svc_rqst *rqstp = vrqstp; 78 79 set_freezable(); 80 81 while (!kthread_freezable_should_stop(NULL)) 82 svc_recv(rqstp); 83 84 svc_exit_thread(rqstp); 85 return 0; 86 } 87 88 #if defined(CONFIG_NFS_V4_1) 89 /* 90 * The callback service for NFSv4.1 callbacks 91 */ 92 static int 93 nfs41_callback_svc(void *vrqstp) 94 { 95 struct svc_rqst *rqstp = vrqstp; 96 struct svc_serv *serv = rqstp->rq_server; 97 struct rpc_rqst *req; 98 int error; 99 DEFINE_WAIT(wq); 100 101 set_freezable(); 102 103 while (!kthread_freezable_should_stop(NULL)) { 104 prepare_to_wait(&serv->sv_cb_waitq, &wq, TASK_IDLE); 105 spin_lock_bh(&serv->sv_cb_lock); 106 if (!list_empty(&serv->sv_cb_list)) { 107 req = list_first_entry(&serv->sv_cb_list, 108 struct rpc_rqst, rq_bc_list); 109 list_del(&req->rq_bc_list); 110 spin_unlock_bh(&serv->sv_cb_lock); 111 finish_wait(&serv->sv_cb_waitq, &wq); 112 dprintk("Invoking bc_svc_process()\n"); 113 error = bc_svc_process(serv, req, rqstp); 114 dprintk("bc_svc_process() returned w/ error code= %d\n", 115 error); 116 } else { 117 spin_unlock_bh(&serv->sv_cb_lock); 118 if (!kthread_should_stop()) 119 schedule(); 120 finish_wait(&serv->sv_cb_waitq, &wq); 121 } 122 } 123 124 svc_exit_thread(rqstp); 125 return 0; 126 } 127 128 static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt, 129 struct svc_serv *serv) 130 { 131 if (minorversion) 132 /* 133 * Save the svc_serv in the transport so that it can 134 * be referenced when the session backchannel is initialized 135 */ 136 xprt->bc_serv = serv; 137 } 138 #else 139 static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt, 140 struct svc_serv *serv) 141 { 142 } 143 #endif /* CONFIG_NFS_V4_1 */ 144 145 static int nfs_callback_start_svc(int minorversion, struct rpc_xprt *xprt, 146 struct svc_serv *serv) 147 { 148 int nrservs = nfs_callback_nr_threads; 149 int ret; 150 151 nfs_callback_bc_serv(minorversion, xprt, serv); 152 153 if (nrservs < NFS4_MIN_NR_CALLBACK_THREADS) 154 nrservs = NFS4_MIN_NR_CALLBACK_THREADS; 155 156 if (serv->sv_nrthreads == nrservs) 157 return 0; 158 159 ret = svc_set_num_threads(serv, NULL, nrservs); 160 if (ret) { 161 svc_set_num_threads(serv, NULL, 0); 162 return ret; 163 } 164 dprintk("nfs_callback_up: service started\n"); 165 return 0; 166 } 167 168 static void nfs_callback_down_net(u32 minorversion, struct svc_serv *serv, struct net *net) 169 { 170 struct nfs_net *nn = net_generic(net, nfs_net_id); 171 172 if (--nn->cb_users[minorversion]) 173 return; 174 175 dprintk("NFS: destroy per-net callback data; net=%x\n", net->ns.inum); 176 svc_xprt_destroy_all(serv, net); 177 } 178 179 static int nfs_callback_up_net(int minorversion, struct svc_serv *serv, 180 struct net *net, struct rpc_xprt *xprt) 181 { 182 struct nfs_net *nn = net_generic(net, nfs_net_id); 183 int ret; 184 185 if (nn->cb_users[minorversion]++) 186 return 0; 187 188 dprintk("NFS: create per-net callback data; net=%x\n", net->ns.inum); 189 190 ret = svc_bind(serv, net); 191 if (ret < 0) { 192 printk(KERN_WARNING "NFS: bind callback service failed\n"); 193 goto err_bind; 194 } 195 196 ret = 0; 197 if (!IS_ENABLED(CONFIG_NFS_V4_1) || minorversion == 0) 198 ret = nfs4_callback_up_net(serv, net); 199 else if (xprt->ops->bc_setup) 200 set_bc_enabled(serv); 201 else 202 ret = -EPROTONOSUPPORT; 203 204 if (ret < 0) { 205 printk(KERN_ERR "NFS: callback service start failed\n"); 206 goto err_socks; 207 } 208 return 0; 209 210 err_socks: 211 svc_rpcb_cleanup(serv, net); 212 err_bind: 213 nn->cb_users[minorversion]--; 214 dprintk("NFS: Couldn't create callback socket: err = %d; " 215 "net = %x\n", ret, net->ns.inum); 216 return ret; 217 } 218 219 static struct svc_serv *nfs_callback_create_svc(int minorversion) 220 { 221 struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion]; 222 int (*threadfn)(void *data); 223 struct svc_serv *serv; 224 225 /* 226 * Check whether we're already up and running. 227 */ 228 if (cb_info->serv) 229 return svc_get(cb_info->serv); 230 231 /* 232 * Sanity check: if there's no task, 233 * we should be the first user ... 234 */ 235 if (cb_info->users) 236 printk(KERN_WARNING "nfs_callback_create_svc: no kthread, %d users??\n", 237 cb_info->users); 238 239 threadfn = nfs4_callback_svc; 240 #if defined(CONFIG_NFS_V4_1) 241 if (minorversion) 242 threadfn = nfs41_callback_svc; 243 #else 244 if (minorversion) 245 return ERR_PTR(-ENOTSUPP); 246 #endif 247 serv = svc_create(&nfs4_callback_program, NFS4_CALLBACK_BUFSIZE, 248 threadfn); 249 if (!serv) { 250 printk(KERN_ERR "nfs_callback_create_svc: create service failed\n"); 251 return ERR_PTR(-ENOMEM); 252 } 253 cb_info->serv = serv; 254 /* As there is only one thread we need to over-ride the 255 * default maximum of 80 connections 256 */ 257 serv->sv_maxconn = 1024; 258 dprintk("nfs_callback_create_svc: service created\n"); 259 return serv; 260 } 261 262 /* 263 * Bring up the callback thread if it is not already up. 264 */ 265 int nfs_callback_up(u32 minorversion, struct rpc_xprt *xprt) 266 { 267 struct svc_serv *serv; 268 struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion]; 269 int ret; 270 struct net *net = xprt->xprt_net; 271 272 mutex_lock(&nfs_callback_mutex); 273 274 serv = nfs_callback_create_svc(minorversion); 275 if (IS_ERR(serv)) { 276 ret = PTR_ERR(serv); 277 goto err_create; 278 } 279 280 ret = nfs_callback_up_net(minorversion, serv, net, xprt); 281 if (ret < 0) 282 goto err_net; 283 284 ret = nfs_callback_start_svc(minorversion, xprt, serv); 285 if (ret < 0) 286 goto err_start; 287 288 cb_info->users++; 289 err_net: 290 if (!cb_info->users) 291 cb_info->serv = NULL; 292 svc_put(serv); 293 err_create: 294 mutex_unlock(&nfs_callback_mutex); 295 return ret; 296 297 err_start: 298 nfs_callback_down_net(minorversion, serv, net); 299 dprintk("NFS: Couldn't create server thread; err = %d\n", ret); 300 goto err_net; 301 } 302 303 /* 304 * Kill the callback thread if it's no longer being used. 305 */ 306 void nfs_callback_down(int minorversion, struct net *net) 307 { 308 struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion]; 309 struct svc_serv *serv; 310 311 mutex_lock(&nfs_callback_mutex); 312 serv = cb_info->serv; 313 nfs_callback_down_net(minorversion, serv, net); 314 cb_info->users--; 315 if (cb_info->users == 0) { 316 svc_get(serv); 317 svc_set_num_threads(serv, NULL, 0); 318 svc_put(serv); 319 dprintk("nfs_callback_down: service destroyed\n"); 320 cb_info->serv = NULL; 321 } 322 mutex_unlock(&nfs_callback_mutex); 323 } 324 325 /* Boolean check of RPC_AUTH_GSS principal */ 326 int 327 check_gss_callback_principal(struct nfs_client *clp, struct svc_rqst *rqstp) 328 { 329 char *p = rqstp->rq_cred.cr_principal; 330 331 if (rqstp->rq_authop->flavour != RPC_AUTH_GSS) 332 return 1; 333 334 /* No RPC_AUTH_GSS on NFSv4.1 back channel yet */ 335 if (clp->cl_minorversion != 0) 336 return 0; 337 /* 338 * It might just be a normal user principal, in which case 339 * userspace won't bother to tell us the name at all. 340 */ 341 if (p == NULL) 342 return 0; 343 344 /* 345 * Did we get the acceptor from userland during the SETCLIENID 346 * negotiation? 347 */ 348 if (clp->cl_acceptor) 349 return !strcmp(p, clp->cl_acceptor); 350 351 /* 352 * Otherwise try to verify it using the cl_hostname. Note that this 353 * doesn't work if a non-canonical hostname was used in the devname. 354 */ 355 356 /* Expect a GSS_C_NT_HOSTBASED_NAME like "nfs@serverhostname" */ 357 358 if (memcmp(p, "nfs@", 4) != 0) 359 return 0; 360 p += 4; 361 if (strcmp(p, clp->cl_hostname) != 0) 362 return 0; 363 return 1; 364 } 365 366 /* 367 * pg_authenticate method for nfsv4 callback threads. 368 * 369 * The authflavor has been negotiated, so an incorrect flavor is a server 370 * bug. Deny packets with incorrect authflavor. 371 * 372 * All other checking done after NFS decoding where the nfs_client can be 373 * found in nfs4_callback_compound 374 */ 375 static enum svc_auth_status nfs_callback_authenticate(struct svc_rqst *rqstp) 376 { 377 rqstp->rq_auth_stat = rpc_autherr_badcred; 378 379 switch (rqstp->rq_authop->flavour) { 380 case RPC_AUTH_NULL: 381 if (rqstp->rq_proc != CB_NULL) 382 return SVC_DENIED; 383 break; 384 case RPC_AUTH_GSS: 385 /* No RPC_AUTH_GSS support yet in NFSv4.1 */ 386 if (svc_is_backchannel(rqstp)) 387 return SVC_DENIED; 388 } 389 390 rqstp->rq_auth_stat = rpc_auth_ok; 391 return SVC_OK; 392 } 393 394 /* 395 * Define NFS4 callback program 396 */ 397 static const struct svc_version *nfs4_callback_version[] = { 398 [1] = &nfs4_callback_version1, 399 [4] = &nfs4_callback_version4, 400 }; 401 402 static struct svc_stat nfs4_callback_stats; 403 404 static struct svc_program nfs4_callback_program = { 405 .pg_prog = NFS4_CALLBACK, /* RPC service number */ 406 .pg_nvers = ARRAY_SIZE(nfs4_callback_version), /* Number of entries */ 407 .pg_vers = nfs4_callback_version, /* version table */ 408 .pg_name = "NFSv4 callback", /* service name */ 409 .pg_class = "nfs", /* authentication class */ 410 .pg_stats = &nfs4_callback_stats, 411 .pg_authenticate = nfs_callback_authenticate, 412 .pg_init_request = svc_generic_init_request, 413 .pg_rpcbind_set = svc_generic_rpcbind_set, 414 }; 415