1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <andros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #include <linux/nfs4.h> 35 #include <linux/sunrpc/clnt.h> 36 #include <linux/sunrpc/xprt.h> 37 #include <linux/sunrpc/svc_xprt.h> 38 #include <linux/slab.h> 39 #include "nfsd.h" 40 #include "state.h" 41 #include "netns.h" 42 #include "trace.h" 43 #include "xdr4cb.h" 44 #include "xdr4.h" 45 46 #define NFSDDBG_FACILITY NFSDDBG_PROC 47 48 static void nfsd4_mark_cb_fault(struct nfs4_client *clp); 49 50 #define NFSPROC4_CB_NULL 0 51 #define NFSPROC4_CB_COMPOUND 1 52 53 /* Index of predefined Linux callback client operations */ 54 55 struct nfs4_cb_compound_hdr { 56 /* args */ 57 u32 ident; /* minorversion 0 only */ 58 u32 nops; 59 __be32 *nops_p; 60 u32 minorversion; 61 /* res */ 62 int status; 63 }; 64 65 static __be32 *xdr_encode_empty_array(__be32 *p) 66 { 67 *p++ = xdr_zero; 68 return p; 69 } 70 71 /* 72 * Encode/decode NFSv4 CB basic data types 73 * 74 * Basic NFSv4 callback data types are defined in section 15 of RFC 75 * 3530: "Network File System (NFS) version 4 Protocol" and section 76 * 20 of RFC 5661: "Network File System (NFS) Version 4 Minor Version 77 * 1 Protocol" 78 */ 79 80 static void encode_uint32(struct xdr_stream *xdr, u32 n) 81 { 82 WARN_ON_ONCE(xdr_stream_encode_u32(xdr, n) < 0); 83 } 84 85 static void encode_bitmap4(struct xdr_stream *xdr, const __u32 *bitmap, 86 size_t len) 87 { 88 xdr_stream_encode_uint32_array(xdr, bitmap, len); 89 } 90 91 static int decode_cb_fattr4(struct xdr_stream *xdr, uint32_t *bitmap, 92 struct nfs4_cb_fattr *fattr) 93 { 94 fattr->ncf_cb_change = 0; 95 fattr->ncf_cb_fsize = 0; 96 if (bitmap[0] & FATTR4_WORD0_CHANGE) 97 if (xdr_stream_decode_u64(xdr, &fattr->ncf_cb_change) < 0) 98 return -NFSERR_BAD_XDR; 99 if (bitmap[0] & FATTR4_WORD0_SIZE) 100 if (xdr_stream_decode_u64(xdr, &fattr->ncf_cb_fsize) < 0) 101 return -NFSERR_BAD_XDR; 102 return 0; 103 } 104 105 static void encode_nfs_cb_opnum4(struct xdr_stream *xdr, enum nfs_cb_opnum4 op) 106 { 107 __be32 *p; 108 109 p = xdr_reserve_space(xdr, 4); 110 *p = cpu_to_be32(op); 111 } 112 113 /* 114 * nfs_fh4 115 * 116 * typedef opaque nfs_fh4<NFS4_FHSIZE>; 117 */ 118 static void encode_nfs_fh4(struct xdr_stream *xdr, const struct knfsd_fh *fh) 119 { 120 u32 length = fh->fh_size; 121 __be32 *p; 122 123 BUG_ON(length > NFS4_FHSIZE); 124 p = xdr_reserve_space(xdr, 4 + length); 125 xdr_encode_opaque(p, &fh->fh_raw, length); 126 } 127 128 /* 129 * stateid4 130 * 131 * struct stateid4 { 132 * uint32_t seqid; 133 * opaque other[12]; 134 * }; 135 */ 136 static void encode_stateid4(struct xdr_stream *xdr, const stateid_t *sid) 137 { 138 __be32 *p; 139 140 p = xdr_reserve_space(xdr, NFS4_STATEID_SIZE); 141 *p++ = cpu_to_be32(sid->si_generation); 142 xdr_encode_opaque_fixed(p, &sid->si_opaque, NFS4_STATEID_OTHER_SIZE); 143 } 144 145 /* 146 * sessionid4 147 * 148 * typedef opaque sessionid4[NFS4_SESSIONID_SIZE]; 149 */ 150 static void encode_sessionid4(struct xdr_stream *xdr, 151 const struct nfsd4_session *session) 152 { 153 __be32 *p; 154 155 p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN); 156 xdr_encode_opaque_fixed(p, session->se_sessionid.data, 157 NFS4_MAX_SESSIONID_LEN); 158 } 159 160 /* 161 * nfsstat4 162 */ 163 static const struct { 164 int stat; 165 int errno; 166 } nfs_cb_errtbl[] = { 167 { NFS4_OK, 0 }, 168 { NFS4ERR_PERM, -EPERM }, 169 { NFS4ERR_NOENT, -ENOENT }, 170 { NFS4ERR_IO, -EIO }, 171 { NFS4ERR_NXIO, -ENXIO }, 172 { NFS4ERR_ACCESS, -EACCES }, 173 { NFS4ERR_EXIST, -EEXIST }, 174 { NFS4ERR_XDEV, -EXDEV }, 175 { NFS4ERR_NOTDIR, -ENOTDIR }, 176 { NFS4ERR_ISDIR, -EISDIR }, 177 { NFS4ERR_INVAL, -EINVAL }, 178 { NFS4ERR_FBIG, -EFBIG }, 179 { NFS4ERR_NOSPC, -ENOSPC }, 180 { NFS4ERR_ROFS, -EROFS }, 181 { NFS4ERR_MLINK, -EMLINK }, 182 { NFS4ERR_NAMETOOLONG, -ENAMETOOLONG }, 183 { NFS4ERR_NOTEMPTY, -ENOTEMPTY }, 184 { NFS4ERR_DQUOT, -EDQUOT }, 185 { NFS4ERR_STALE, -ESTALE }, 186 { NFS4ERR_BADHANDLE, -EBADHANDLE }, 187 { NFS4ERR_BAD_COOKIE, -EBADCOOKIE }, 188 { NFS4ERR_NOTSUPP, -ENOTSUPP }, 189 { NFS4ERR_TOOSMALL, -ETOOSMALL }, 190 { NFS4ERR_SERVERFAULT, -ESERVERFAULT }, 191 { NFS4ERR_BADTYPE, -EBADTYPE }, 192 { NFS4ERR_LOCKED, -EAGAIN }, 193 { NFS4ERR_RESOURCE, -EREMOTEIO }, 194 { NFS4ERR_SYMLINK, -ELOOP }, 195 { NFS4ERR_OP_ILLEGAL, -EOPNOTSUPP }, 196 { NFS4ERR_DEADLOCK, -EDEADLK }, 197 { -1, -EIO } 198 }; 199 200 /* 201 * If we cannot translate the error, the recovery routines should 202 * handle it. 203 * 204 * Note: remaining NFSv4 error codes have values > 10000, so should 205 * not conflict with native Linux error codes. 206 */ 207 static int nfs_cb_stat_to_errno(int status) 208 { 209 int i; 210 211 for (i = 0; nfs_cb_errtbl[i].stat != -1; i++) { 212 if (nfs_cb_errtbl[i].stat == status) 213 return nfs_cb_errtbl[i].errno; 214 } 215 216 dprintk("NFSD: Unrecognized NFS CB status value: %u\n", status); 217 return -status; 218 } 219 220 static int decode_cb_op_status(struct xdr_stream *xdr, 221 enum nfs_cb_opnum4 expected, int *status) 222 { 223 __be32 *p; 224 u32 op; 225 226 p = xdr_inline_decode(xdr, 4 + 4); 227 if (unlikely(p == NULL)) 228 goto out_overflow; 229 op = be32_to_cpup(p++); 230 if (unlikely(op != expected)) 231 goto out_unexpected; 232 *status = nfs_cb_stat_to_errno(be32_to_cpup(p)); 233 return 0; 234 out_overflow: 235 return -EIO; 236 out_unexpected: 237 dprintk("NFSD: Callback server returned operation %d but " 238 "we issued a request for %d\n", op, expected); 239 return -EIO; 240 } 241 242 /* 243 * CB_COMPOUND4args 244 * 245 * struct CB_COMPOUND4args { 246 * utf8str_cs tag; 247 * uint32_t minorversion; 248 * uint32_t callback_ident; 249 * nfs_cb_argop4 argarray<>; 250 * }; 251 */ 252 static void encode_cb_compound4args(struct xdr_stream *xdr, 253 struct nfs4_cb_compound_hdr *hdr) 254 { 255 __be32 * p; 256 257 p = xdr_reserve_space(xdr, 4 + 4 + 4 + 4); 258 p = xdr_encode_empty_array(p); /* empty tag */ 259 *p++ = cpu_to_be32(hdr->minorversion); 260 *p++ = cpu_to_be32(hdr->ident); 261 262 hdr->nops_p = p; 263 *p = cpu_to_be32(hdr->nops); /* argarray element count */ 264 } 265 266 /* 267 * Update argarray element count 268 */ 269 static void encode_cb_nops(struct nfs4_cb_compound_hdr *hdr) 270 { 271 BUG_ON(hdr->nops > NFS4_MAX_BACK_CHANNEL_OPS); 272 *hdr->nops_p = cpu_to_be32(hdr->nops); 273 } 274 275 /* 276 * CB_COMPOUND4res 277 * 278 * struct CB_COMPOUND4res { 279 * nfsstat4 status; 280 * utf8str_cs tag; 281 * nfs_cb_resop4 resarray<>; 282 * }; 283 */ 284 static int decode_cb_compound4res(struct xdr_stream *xdr, 285 struct nfs4_cb_compound_hdr *hdr) 286 { 287 u32 length; 288 __be32 *p; 289 290 p = xdr_inline_decode(xdr, XDR_UNIT); 291 if (unlikely(p == NULL)) 292 goto out_overflow; 293 hdr->status = be32_to_cpup(p); 294 /* Ignore the tag */ 295 if (xdr_stream_decode_u32(xdr, &length) < 0) 296 goto out_overflow; 297 if (xdr_inline_decode(xdr, length) == NULL) 298 goto out_overflow; 299 if (xdr_stream_decode_u32(xdr, &hdr->nops) < 0) 300 goto out_overflow; 301 return 0; 302 out_overflow: 303 return -EIO; 304 } 305 306 /* 307 * CB_RECALL4args 308 * 309 * struct CB_RECALL4args { 310 * stateid4 stateid; 311 * bool truncate; 312 * nfs_fh4 fh; 313 * }; 314 */ 315 static void encode_cb_recall4args(struct xdr_stream *xdr, 316 const struct nfs4_delegation *dp, 317 struct nfs4_cb_compound_hdr *hdr) 318 { 319 __be32 *p; 320 321 encode_nfs_cb_opnum4(xdr, OP_CB_RECALL); 322 encode_stateid4(xdr, &dp->dl_stid.sc_stateid); 323 324 p = xdr_reserve_space(xdr, 4); 325 *p++ = xdr_zero; /* truncate */ 326 327 encode_nfs_fh4(xdr, &dp->dl_stid.sc_file->fi_fhandle); 328 329 hdr->nops++; 330 } 331 332 /* 333 * CB_RECALLANY4args 334 * 335 * struct CB_RECALLANY4args { 336 * uint32_t craa_objects_to_keep; 337 * bitmap4 craa_type_mask; 338 * }; 339 */ 340 static void 341 encode_cb_recallany4args(struct xdr_stream *xdr, 342 struct nfs4_cb_compound_hdr *hdr, struct nfsd4_cb_recall_any *ra) 343 { 344 encode_nfs_cb_opnum4(xdr, OP_CB_RECALL_ANY); 345 encode_uint32(xdr, ra->ra_keep); 346 encode_bitmap4(xdr, ra->ra_bmval, ARRAY_SIZE(ra->ra_bmval)); 347 hdr->nops++; 348 } 349 350 /* 351 * CB_GETATTR4args 352 * struct CB_GETATTR4args { 353 * nfs_fh4 fh; 354 * bitmap4 attr_request; 355 * }; 356 * 357 * The size and change attributes are the only one 358 * guaranteed to be serviced by the client. 359 */ 360 static void 361 encode_cb_getattr4args(struct xdr_stream *xdr, struct nfs4_cb_compound_hdr *hdr, 362 struct nfs4_cb_fattr *fattr) 363 { 364 struct nfs4_delegation *dp = 365 container_of(fattr, struct nfs4_delegation, dl_cb_fattr); 366 struct knfsd_fh *fh = &dp->dl_stid.sc_file->fi_fhandle; 367 u32 bmap[1]; 368 369 bmap[0] = FATTR4_WORD0_CHANGE | FATTR4_WORD0_SIZE; 370 371 encode_nfs_cb_opnum4(xdr, OP_CB_GETATTR); 372 encode_nfs_fh4(xdr, fh); 373 encode_bitmap4(xdr, bmap, ARRAY_SIZE(bmap)); 374 hdr->nops++; 375 } 376 377 static u32 highest_slotid(struct nfsd4_session *ses) 378 { 379 u32 idx; 380 381 spin_lock(&ses->se_lock); 382 idx = fls(~ses->se_cb_slot_avail); 383 if (idx > 0) 384 --idx; 385 idx = max(idx, ses->se_cb_highest_slot); 386 spin_unlock(&ses->se_lock); 387 return idx; 388 } 389 390 /* 391 * CB_SEQUENCE4args 392 * 393 * struct CB_SEQUENCE4args { 394 * sessionid4 csa_sessionid; 395 * sequenceid4 csa_sequenceid; 396 * slotid4 csa_slotid; 397 * slotid4 csa_highest_slotid; 398 * bool csa_cachethis; 399 * referring_call_list4 csa_referring_call_lists<>; 400 * }; 401 */ 402 static void encode_cb_sequence4args(struct xdr_stream *xdr, 403 const struct nfsd4_callback *cb, 404 struct nfs4_cb_compound_hdr *hdr) 405 { 406 struct nfsd4_session *session = cb->cb_clp->cl_cb_session; 407 __be32 *p; 408 409 if (hdr->minorversion == 0) 410 return; 411 412 encode_nfs_cb_opnum4(xdr, OP_CB_SEQUENCE); 413 encode_sessionid4(xdr, session); 414 415 p = xdr_reserve_space(xdr, 4 + 4 + 4 + 4 + 4); 416 *p++ = cpu_to_be32(session->se_cb_seq_nr[cb->cb_held_slot]); /* csa_sequenceid */ 417 *p++ = cpu_to_be32(cb->cb_held_slot); /* csa_slotid */ 418 *p++ = cpu_to_be32(highest_slotid(session)); /* csa_highest_slotid */ 419 *p++ = xdr_zero; /* csa_cachethis */ 420 xdr_encode_empty_array(p); /* csa_referring_call_lists */ 421 422 hdr->nops++; 423 } 424 425 static void update_cb_slot_table(struct nfsd4_session *ses, u32 target) 426 { 427 /* No need to do anything if nothing changed */ 428 if (likely(target == READ_ONCE(ses->se_cb_highest_slot))) 429 return; 430 431 spin_lock(&ses->se_lock); 432 if (target > ses->se_cb_highest_slot) { 433 int i; 434 435 target = min(target, NFSD_BC_SLOT_TABLE_SIZE - 1); 436 437 /* 438 * Growing the slot table. Reset any new sequences to 1. 439 * 440 * NB: There is some debate about whether the RFC requires this, 441 * but the Linux client expects it. 442 */ 443 for (i = ses->se_cb_highest_slot + 1; i <= target; ++i) 444 ses->se_cb_seq_nr[i] = 1; 445 } 446 ses->se_cb_highest_slot = target; 447 spin_unlock(&ses->se_lock); 448 } 449 450 /* 451 * CB_SEQUENCE4resok 452 * 453 * struct CB_SEQUENCE4resok { 454 * sessionid4 csr_sessionid; 455 * sequenceid4 csr_sequenceid; 456 * slotid4 csr_slotid; 457 * slotid4 csr_highest_slotid; 458 * slotid4 csr_target_highest_slotid; 459 * }; 460 * 461 * union CB_SEQUENCE4res switch (nfsstat4 csr_status) { 462 * case NFS4_OK: 463 * CB_SEQUENCE4resok csr_resok4; 464 * default: 465 * void; 466 * }; 467 * 468 * Our current back channel implmentation supports a single backchannel 469 * with a single slot. 470 */ 471 static int decode_cb_sequence4resok(struct xdr_stream *xdr, 472 struct nfsd4_callback *cb) 473 { 474 struct nfsd4_session *session = cb->cb_clp->cl_cb_session; 475 int status = -ESERVERFAULT; 476 __be32 *p; 477 u32 seqid, slotid, target; 478 479 /* 480 * If the server returns different values for sessionID, slotID or 481 * sequence number, the server is looney tunes. 482 */ 483 p = xdr_inline_decode(xdr, NFS4_MAX_SESSIONID_LEN + 4 + 4 + 4 + 4); 484 if (unlikely(p == NULL)) 485 goto out_overflow; 486 487 if (memcmp(p, session->se_sessionid.data, NFS4_MAX_SESSIONID_LEN)) { 488 dprintk("NFS: %s Invalid session id\n", __func__); 489 goto out; 490 } 491 p += XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN); 492 493 seqid = be32_to_cpup(p++); 494 if (seqid != session->se_cb_seq_nr[cb->cb_held_slot]) { 495 dprintk("NFS: %s Invalid sequence number\n", __func__); 496 goto out; 497 } 498 499 slotid = be32_to_cpup(p++); 500 if (slotid != cb->cb_held_slot) { 501 dprintk("NFS: %s Invalid slotid\n", __func__); 502 goto out; 503 } 504 505 p++; // ignore current highest slot value 506 507 target = be32_to_cpup(p++); 508 update_cb_slot_table(session, target); 509 status = 0; 510 out: 511 cb->cb_seq_status = status; 512 return status; 513 out_overflow: 514 status = -EIO; 515 goto out; 516 } 517 518 static int decode_cb_sequence4res(struct xdr_stream *xdr, 519 struct nfsd4_callback *cb) 520 { 521 int status; 522 523 if (cb->cb_clp->cl_minorversion == 0) 524 return 0; 525 526 status = decode_cb_op_status(xdr, OP_CB_SEQUENCE, &cb->cb_seq_status); 527 if (unlikely(status || cb->cb_seq_status)) 528 return status; 529 530 return decode_cb_sequence4resok(xdr, cb); 531 } 532 533 /* 534 * NFSv4.0 and NFSv4.1 XDR encode functions 535 * 536 * NFSv4.0 callback argument types are defined in section 15 of RFC 537 * 3530: "Network File System (NFS) version 4 Protocol" and section 20 538 * of RFC 5661: "Network File System (NFS) Version 4 Minor Version 1 539 * Protocol". 540 */ 541 542 /* 543 * NB: Without this zero space reservation, callbacks over krb5p fail 544 */ 545 static void nfs4_xdr_enc_cb_null(struct rpc_rqst *req, struct xdr_stream *xdr, 546 const void *__unused) 547 { 548 xdr_reserve_space(xdr, 0); 549 } 550 551 /* 552 * 20.1. Operation 3: CB_GETATTR - Get Attributes 553 */ 554 static void nfs4_xdr_enc_cb_getattr(struct rpc_rqst *req, 555 struct xdr_stream *xdr, const void *data) 556 { 557 const struct nfsd4_callback *cb = data; 558 struct nfs4_cb_fattr *ncf = 559 container_of(cb, struct nfs4_cb_fattr, ncf_getattr); 560 struct nfs4_cb_compound_hdr hdr = { 561 .ident = cb->cb_clp->cl_cb_ident, 562 .minorversion = cb->cb_clp->cl_minorversion, 563 }; 564 565 encode_cb_compound4args(xdr, &hdr); 566 encode_cb_sequence4args(xdr, cb, &hdr); 567 encode_cb_getattr4args(xdr, &hdr, ncf); 568 encode_cb_nops(&hdr); 569 } 570 571 /* 572 * 20.2. Operation 4: CB_RECALL - Recall a Delegation 573 */ 574 static void nfs4_xdr_enc_cb_recall(struct rpc_rqst *req, struct xdr_stream *xdr, 575 const void *data) 576 { 577 const struct nfsd4_callback *cb = data; 578 const struct nfs4_delegation *dp = cb_to_delegation(cb); 579 struct nfs4_cb_compound_hdr hdr = { 580 .ident = cb->cb_clp->cl_cb_ident, 581 .minorversion = cb->cb_clp->cl_minorversion, 582 }; 583 584 encode_cb_compound4args(xdr, &hdr); 585 encode_cb_sequence4args(xdr, cb, &hdr); 586 encode_cb_recall4args(xdr, dp, &hdr); 587 encode_cb_nops(&hdr); 588 } 589 590 /* 591 * 20.6. Operation 8: CB_RECALL_ANY - Keep Any N Recallable Objects 592 */ 593 static void 594 nfs4_xdr_enc_cb_recall_any(struct rpc_rqst *req, 595 struct xdr_stream *xdr, const void *data) 596 { 597 const struct nfsd4_callback *cb = data; 598 struct nfsd4_cb_recall_any *ra; 599 struct nfs4_cb_compound_hdr hdr = { 600 .ident = cb->cb_clp->cl_cb_ident, 601 .minorversion = cb->cb_clp->cl_minorversion, 602 }; 603 604 ra = container_of(cb, struct nfsd4_cb_recall_any, ra_cb); 605 encode_cb_compound4args(xdr, &hdr); 606 encode_cb_sequence4args(xdr, cb, &hdr); 607 encode_cb_recallany4args(xdr, &hdr, ra); 608 encode_cb_nops(&hdr); 609 } 610 611 /* 612 * NFSv4.0 and NFSv4.1 XDR decode functions 613 * 614 * NFSv4.0 callback result types are defined in section 15 of RFC 615 * 3530: "Network File System (NFS) version 4 Protocol" and section 20 616 * of RFC 5661: "Network File System (NFS) Version 4 Minor Version 1 617 * Protocol". 618 */ 619 620 static int nfs4_xdr_dec_cb_null(struct rpc_rqst *req, struct xdr_stream *xdr, 621 void *__unused) 622 { 623 return 0; 624 } 625 626 /* 627 * 20.1. Operation 3: CB_GETATTR - Get Attributes 628 */ 629 static int nfs4_xdr_dec_cb_getattr(struct rpc_rqst *rqstp, 630 struct xdr_stream *xdr, 631 void *data) 632 { 633 struct nfsd4_callback *cb = data; 634 struct nfs4_cb_compound_hdr hdr; 635 int status; 636 u32 bitmap[3] = {0}; 637 u32 attrlen; 638 struct nfs4_cb_fattr *ncf = 639 container_of(cb, struct nfs4_cb_fattr, ncf_getattr); 640 641 status = decode_cb_compound4res(xdr, &hdr); 642 if (unlikely(status)) 643 return status; 644 645 status = decode_cb_sequence4res(xdr, cb); 646 if (unlikely(status || cb->cb_seq_status)) 647 return status; 648 649 status = decode_cb_op_status(xdr, OP_CB_GETATTR, &cb->cb_status); 650 if (status) 651 return status; 652 if (xdr_stream_decode_uint32_array(xdr, bitmap, 3) < 0) 653 return -NFSERR_BAD_XDR; 654 if (xdr_stream_decode_u32(xdr, &attrlen) < 0) 655 return -NFSERR_BAD_XDR; 656 if (attrlen > (sizeof(ncf->ncf_cb_change) + sizeof(ncf->ncf_cb_fsize))) 657 return -NFSERR_BAD_XDR; 658 status = decode_cb_fattr4(xdr, bitmap, ncf); 659 return status; 660 } 661 662 /* 663 * 20.2. Operation 4: CB_RECALL - Recall a Delegation 664 */ 665 static int nfs4_xdr_dec_cb_recall(struct rpc_rqst *rqstp, 666 struct xdr_stream *xdr, 667 void *data) 668 { 669 struct nfsd4_callback *cb = data; 670 struct nfs4_cb_compound_hdr hdr; 671 int status; 672 673 status = decode_cb_compound4res(xdr, &hdr); 674 if (unlikely(status)) 675 return status; 676 677 status = decode_cb_sequence4res(xdr, cb); 678 if (unlikely(status || cb->cb_seq_status)) 679 return status; 680 681 return decode_cb_op_status(xdr, OP_CB_RECALL, &cb->cb_status); 682 } 683 684 /* 685 * 20.6. Operation 8: CB_RECALL_ANY - Keep Any N Recallable Objects 686 */ 687 static int 688 nfs4_xdr_dec_cb_recall_any(struct rpc_rqst *rqstp, 689 struct xdr_stream *xdr, 690 void *data) 691 { 692 struct nfsd4_callback *cb = data; 693 struct nfs4_cb_compound_hdr hdr; 694 int status; 695 696 status = decode_cb_compound4res(xdr, &hdr); 697 if (unlikely(status)) 698 return status; 699 status = decode_cb_sequence4res(xdr, cb); 700 if (unlikely(status || cb->cb_seq_status)) 701 return status; 702 status = decode_cb_op_status(xdr, OP_CB_RECALL_ANY, &cb->cb_status); 703 return status; 704 } 705 706 #ifdef CONFIG_NFSD_PNFS 707 /* 708 * CB_LAYOUTRECALL4args 709 * 710 * struct layoutrecall_file4 { 711 * nfs_fh4 lor_fh; 712 * offset4 lor_offset; 713 * length4 lor_length; 714 * stateid4 lor_stateid; 715 * }; 716 * 717 * union layoutrecall4 switch(layoutrecall_type4 lor_recalltype) { 718 * case LAYOUTRECALL4_FILE: 719 * layoutrecall_file4 lor_layout; 720 * case LAYOUTRECALL4_FSID: 721 * fsid4 lor_fsid; 722 * case LAYOUTRECALL4_ALL: 723 * void; 724 * }; 725 * 726 * struct CB_LAYOUTRECALL4args { 727 * layouttype4 clora_type; 728 * layoutiomode4 clora_iomode; 729 * bool clora_changed; 730 * layoutrecall4 clora_recall; 731 * }; 732 */ 733 static void encode_cb_layout4args(struct xdr_stream *xdr, 734 const struct nfs4_layout_stateid *ls, 735 struct nfs4_cb_compound_hdr *hdr) 736 { 737 __be32 *p; 738 739 BUG_ON(hdr->minorversion == 0); 740 741 p = xdr_reserve_space(xdr, 5 * 4); 742 *p++ = cpu_to_be32(OP_CB_LAYOUTRECALL); 743 *p++ = cpu_to_be32(ls->ls_layout_type); 744 *p++ = cpu_to_be32(IOMODE_ANY); 745 *p++ = cpu_to_be32(1); 746 *p = cpu_to_be32(RETURN_FILE); 747 748 encode_nfs_fh4(xdr, &ls->ls_stid.sc_file->fi_fhandle); 749 750 p = xdr_reserve_space(xdr, 2 * 8); 751 p = xdr_encode_hyper(p, 0); 752 xdr_encode_hyper(p, NFS4_MAX_UINT64); 753 754 encode_stateid4(xdr, &ls->ls_recall_sid); 755 756 hdr->nops++; 757 } 758 759 static void nfs4_xdr_enc_cb_layout(struct rpc_rqst *req, 760 struct xdr_stream *xdr, 761 const void *data) 762 { 763 const struct nfsd4_callback *cb = data; 764 const struct nfs4_layout_stateid *ls = 765 container_of(cb, struct nfs4_layout_stateid, ls_recall); 766 struct nfs4_cb_compound_hdr hdr = { 767 .ident = 0, 768 .minorversion = cb->cb_clp->cl_minorversion, 769 }; 770 771 encode_cb_compound4args(xdr, &hdr); 772 encode_cb_sequence4args(xdr, cb, &hdr); 773 encode_cb_layout4args(xdr, ls, &hdr); 774 encode_cb_nops(&hdr); 775 } 776 777 static int nfs4_xdr_dec_cb_layout(struct rpc_rqst *rqstp, 778 struct xdr_stream *xdr, 779 void *data) 780 { 781 struct nfsd4_callback *cb = data; 782 struct nfs4_cb_compound_hdr hdr; 783 int status; 784 785 status = decode_cb_compound4res(xdr, &hdr); 786 if (unlikely(status)) 787 return status; 788 789 status = decode_cb_sequence4res(xdr, cb); 790 if (unlikely(status || cb->cb_seq_status)) 791 return status; 792 793 return decode_cb_op_status(xdr, OP_CB_LAYOUTRECALL, &cb->cb_status); 794 } 795 #endif /* CONFIG_NFSD_PNFS */ 796 797 static void encode_stateowner(struct xdr_stream *xdr, struct nfs4_stateowner *so) 798 { 799 __be32 *p; 800 801 p = xdr_reserve_space(xdr, 8 + 4 + so->so_owner.len); 802 p = xdr_encode_opaque_fixed(p, &so->so_client->cl_clientid, 8); 803 xdr_encode_opaque(p, so->so_owner.data, so->so_owner.len); 804 } 805 806 static void nfs4_xdr_enc_cb_notify_lock(struct rpc_rqst *req, 807 struct xdr_stream *xdr, 808 const void *data) 809 { 810 const struct nfsd4_callback *cb = data; 811 const struct nfsd4_blocked_lock *nbl = 812 container_of(cb, struct nfsd4_blocked_lock, nbl_cb); 813 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)nbl->nbl_lock.c.flc_owner; 814 struct nfs4_cb_compound_hdr hdr = { 815 .ident = 0, 816 .minorversion = cb->cb_clp->cl_minorversion, 817 }; 818 819 __be32 *p; 820 821 BUG_ON(hdr.minorversion == 0); 822 823 encode_cb_compound4args(xdr, &hdr); 824 encode_cb_sequence4args(xdr, cb, &hdr); 825 826 p = xdr_reserve_space(xdr, 4); 827 *p = cpu_to_be32(OP_CB_NOTIFY_LOCK); 828 encode_nfs_fh4(xdr, &nbl->nbl_fh); 829 encode_stateowner(xdr, &lo->lo_owner); 830 hdr.nops++; 831 832 encode_cb_nops(&hdr); 833 } 834 835 static int nfs4_xdr_dec_cb_notify_lock(struct rpc_rqst *rqstp, 836 struct xdr_stream *xdr, 837 void *data) 838 { 839 struct nfsd4_callback *cb = data; 840 struct nfs4_cb_compound_hdr hdr; 841 int status; 842 843 status = decode_cb_compound4res(xdr, &hdr); 844 if (unlikely(status)) 845 return status; 846 847 status = decode_cb_sequence4res(xdr, cb); 848 if (unlikely(status || cb->cb_seq_status)) 849 return status; 850 851 return decode_cb_op_status(xdr, OP_CB_NOTIFY_LOCK, &cb->cb_status); 852 } 853 854 /* 855 * struct write_response4 { 856 * stateid4 wr_callback_id<1>; 857 * length4 wr_count; 858 * stable_how4 wr_committed; 859 * verifier4 wr_writeverf; 860 * }; 861 * union offload_info4 switch (nfsstat4 coa_status) { 862 * case NFS4_OK: 863 * write_response4 coa_resok4; 864 * default: 865 * length4 coa_bytes_copied; 866 * }; 867 * struct CB_OFFLOAD4args { 868 * nfs_fh4 coa_fh; 869 * stateid4 coa_stateid; 870 * offload_info4 coa_offload_info; 871 * }; 872 */ 873 static void encode_offload_info4(struct xdr_stream *xdr, 874 const struct nfsd4_cb_offload *cbo) 875 { 876 __be32 *p; 877 878 p = xdr_reserve_space(xdr, 4); 879 *p = cbo->co_nfserr; 880 switch (cbo->co_nfserr) { 881 case nfs_ok: 882 p = xdr_reserve_space(xdr, 4 + 8 + 4 + NFS4_VERIFIER_SIZE); 883 p = xdr_encode_empty_array(p); 884 p = xdr_encode_hyper(p, cbo->co_res.wr_bytes_written); 885 *p++ = cpu_to_be32(cbo->co_res.wr_stable_how); 886 p = xdr_encode_opaque_fixed(p, cbo->co_res.wr_verifier.data, 887 NFS4_VERIFIER_SIZE); 888 break; 889 default: 890 p = xdr_reserve_space(xdr, 8); 891 /* We always return success if bytes were written */ 892 p = xdr_encode_hyper(p, 0); 893 } 894 } 895 896 static void encode_cb_offload4args(struct xdr_stream *xdr, 897 const struct nfsd4_cb_offload *cbo, 898 struct nfs4_cb_compound_hdr *hdr) 899 { 900 __be32 *p; 901 902 p = xdr_reserve_space(xdr, 4); 903 *p = cpu_to_be32(OP_CB_OFFLOAD); 904 encode_nfs_fh4(xdr, &cbo->co_fh); 905 encode_stateid4(xdr, &cbo->co_res.cb_stateid); 906 encode_offload_info4(xdr, cbo); 907 908 hdr->nops++; 909 } 910 911 static void nfs4_xdr_enc_cb_offload(struct rpc_rqst *req, 912 struct xdr_stream *xdr, 913 const void *data) 914 { 915 const struct nfsd4_callback *cb = data; 916 const struct nfsd4_cb_offload *cbo = 917 container_of(cb, struct nfsd4_cb_offload, co_cb); 918 struct nfs4_cb_compound_hdr hdr = { 919 .ident = 0, 920 .minorversion = cb->cb_clp->cl_minorversion, 921 }; 922 923 encode_cb_compound4args(xdr, &hdr); 924 encode_cb_sequence4args(xdr, cb, &hdr); 925 encode_cb_offload4args(xdr, cbo, &hdr); 926 encode_cb_nops(&hdr); 927 } 928 929 static int nfs4_xdr_dec_cb_offload(struct rpc_rqst *rqstp, 930 struct xdr_stream *xdr, 931 void *data) 932 { 933 struct nfsd4_callback *cb = data; 934 struct nfs4_cb_compound_hdr hdr; 935 int status; 936 937 status = decode_cb_compound4res(xdr, &hdr); 938 if (unlikely(status)) 939 return status; 940 941 status = decode_cb_sequence4res(xdr, cb); 942 if (unlikely(status || cb->cb_seq_status)) 943 return status; 944 945 return decode_cb_op_status(xdr, OP_CB_OFFLOAD, &cb->cb_status); 946 } 947 /* 948 * RPC procedure tables 949 */ 950 #define PROC(proc, call, argtype, restype) \ 951 [NFSPROC4_CLNT_##proc] = { \ 952 .p_proc = NFSPROC4_CB_##call, \ 953 .p_encode = nfs4_xdr_enc_##argtype, \ 954 .p_decode = nfs4_xdr_dec_##restype, \ 955 .p_arglen = NFS4_enc_##argtype##_sz, \ 956 .p_replen = NFS4_dec_##restype##_sz, \ 957 .p_statidx = NFSPROC4_CB_##call, \ 958 .p_name = #proc, \ 959 } 960 961 static const struct rpc_procinfo nfs4_cb_procedures[] = { 962 PROC(CB_NULL, NULL, cb_null, cb_null), 963 PROC(CB_RECALL, COMPOUND, cb_recall, cb_recall), 964 #ifdef CONFIG_NFSD_PNFS 965 PROC(CB_LAYOUT, COMPOUND, cb_layout, cb_layout), 966 #endif 967 PROC(CB_NOTIFY_LOCK, COMPOUND, cb_notify_lock, cb_notify_lock), 968 PROC(CB_OFFLOAD, COMPOUND, cb_offload, cb_offload), 969 PROC(CB_RECALL_ANY, COMPOUND, cb_recall_any, cb_recall_any), 970 PROC(CB_GETATTR, COMPOUND, cb_getattr, cb_getattr), 971 }; 972 973 static unsigned int nfs4_cb_counts[ARRAY_SIZE(nfs4_cb_procedures)]; 974 static const struct rpc_version nfs_cb_version4 = { 975 /* 976 * Note on the callback rpc program version number: despite language in rfc 977 * 5661 section 18.36.3 requiring servers to use 4 in this field, the 978 * official xdr descriptions for both 4.0 and 4.1 specify version 1, and 979 * in practice that appears to be what implementations use. The section 980 * 18.36.3 language is expected to be fixed in an erratum. 981 */ 982 .number = 1, 983 .nrprocs = ARRAY_SIZE(nfs4_cb_procedures), 984 .procs = nfs4_cb_procedures, 985 .counts = nfs4_cb_counts, 986 }; 987 988 static const struct rpc_version *nfs_cb_version[2] = { 989 [1] = &nfs_cb_version4, 990 }; 991 992 static const struct rpc_program cb_program; 993 994 static struct rpc_stat cb_stats = { 995 .program = &cb_program 996 }; 997 998 #define NFS4_CALLBACK 0x40000000 999 static const struct rpc_program cb_program = { 1000 .name = "nfs4_cb", 1001 .number = NFS4_CALLBACK, 1002 .nrvers = ARRAY_SIZE(nfs_cb_version), 1003 .version = nfs_cb_version, 1004 .stats = &cb_stats, 1005 .pipe_dir_name = "nfsd4_cb", 1006 }; 1007 1008 static int max_cb_time(struct net *net) 1009 { 1010 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1011 1012 /* 1013 * nfsd4_lease is set to at most one hour in __nfsd4_write_time, 1014 * so we can use 32-bit math on it. Warn if that assumption 1015 * ever stops being true. 1016 */ 1017 if (WARN_ON_ONCE(nn->nfsd4_lease > 3600)) 1018 return 360 * HZ; 1019 1020 return max(((u32)nn->nfsd4_lease)/10, 1u) * HZ; 1021 } 1022 1023 static bool nfsd4_queue_cb(struct nfsd4_callback *cb) 1024 { 1025 struct nfs4_client *clp = cb->cb_clp; 1026 1027 trace_nfsd_cb_queue(clp, cb); 1028 return queue_work(clp->cl_callback_wq, &cb->cb_work); 1029 } 1030 1031 static void nfsd41_cb_inflight_begin(struct nfs4_client *clp) 1032 { 1033 atomic_inc(&clp->cl_cb_inflight); 1034 } 1035 1036 static void nfsd41_cb_inflight_end(struct nfs4_client *clp) 1037 { 1038 1039 if (atomic_dec_and_test(&clp->cl_cb_inflight)) 1040 wake_up_var(&clp->cl_cb_inflight); 1041 } 1042 1043 static void nfsd41_cb_inflight_wait_complete(struct nfs4_client *clp) 1044 { 1045 wait_var_event(&clp->cl_cb_inflight, 1046 !atomic_read(&clp->cl_cb_inflight)); 1047 } 1048 1049 static const struct cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc_clnt *client, struct nfsd4_session *ses) 1050 { 1051 if (clp->cl_minorversion == 0) { 1052 client->cl_principal = clp->cl_cred.cr_targ_princ ? 1053 clp->cl_cred.cr_targ_princ : "nfs"; 1054 1055 return get_cred(rpc_machine_cred()); 1056 } else { 1057 struct cred *kcred; 1058 1059 kcred = prepare_kernel_cred(&init_task); 1060 if (!kcred) 1061 return NULL; 1062 1063 kcred->fsuid = ses->se_cb_sec.uid; 1064 kcred->fsgid = ses->se_cb_sec.gid; 1065 return kcred; 1066 } 1067 } 1068 1069 static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *conn, struct nfsd4_session *ses) 1070 { 1071 int maxtime = max_cb_time(clp->net); 1072 struct rpc_timeout timeparms = { 1073 .to_initval = maxtime, 1074 .to_retries = 0, 1075 .to_maxval = maxtime, 1076 }; 1077 struct rpc_create_args args = { 1078 .net = clp->net, 1079 .address = (struct sockaddr *) &conn->cb_addr, 1080 .addrsize = conn->cb_addrlen, 1081 .saddress = (struct sockaddr *) &conn->cb_saddr, 1082 .timeout = &timeparms, 1083 .program = &cb_program, 1084 .version = 1, 1085 .flags = (RPC_CLNT_CREATE_NOPING | RPC_CLNT_CREATE_QUIET), 1086 .cred = current_cred(), 1087 }; 1088 struct rpc_clnt *client; 1089 const struct cred *cred; 1090 1091 if (clp->cl_minorversion == 0) { 1092 if (!clp->cl_cred.cr_principal && 1093 (clp->cl_cred.cr_flavor >= RPC_AUTH_GSS_KRB5)) { 1094 trace_nfsd_cb_setup_err(clp, -EINVAL); 1095 return -EINVAL; 1096 } 1097 args.client_name = clp->cl_cred.cr_principal; 1098 args.prognumber = conn->cb_prog; 1099 args.protocol = XPRT_TRANSPORT_TCP; 1100 args.authflavor = clp->cl_cred.cr_flavor; 1101 clp->cl_cb_ident = conn->cb_ident; 1102 } else { 1103 if (!conn->cb_xprt || !ses) 1104 return -EINVAL; 1105 clp->cl_cb_session = ses; 1106 args.bc_xprt = conn->cb_xprt; 1107 args.prognumber = clp->cl_cb_session->se_cb_prog; 1108 args.protocol = conn->cb_xprt->xpt_class->xcl_ident | 1109 XPRT_TRANSPORT_BC; 1110 args.authflavor = ses->se_cb_sec.flavor; 1111 } 1112 /* Create RPC client */ 1113 client = rpc_create(&args); 1114 if (IS_ERR(client)) { 1115 trace_nfsd_cb_setup_err(clp, PTR_ERR(client)); 1116 return PTR_ERR(client); 1117 } 1118 cred = get_backchannel_cred(clp, client, ses); 1119 if (!cred) { 1120 trace_nfsd_cb_setup_err(clp, -ENOMEM); 1121 rpc_shutdown_client(client); 1122 return -ENOMEM; 1123 } 1124 1125 if (clp->cl_minorversion != 0) 1126 clp->cl_cb_conn.cb_xprt = conn->cb_xprt; 1127 clp->cl_cb_client = client; 1128 clp->cl_cb_cred = cred; 1129 rcu_read_lock(); 1130 trace_nfsd_cb_setup(clp, rpc_peeraddr2str(client, RPC_DISPLAY_NETID), 1131 args.authflavor); 1132 rcu_read_unlock(); 1133 return 0; 1134 } 1135 1136 static void nfsd4_mark_cb_state(struct nfs4_client *clp, int newstate) 1137 { 1138 if (clp->cl_cb_state != newstate) { 1139 clp->cl_cb_state = newstate; 1140 trace_nfsd_cb_new_state(clp); 1141 } 1142 } 1143 1144 static void nfsd4_mark_cb_down(struct nfs4_client *clp) 1145 { 1146 if (test_bit(NFSD4_CLIENT_CB_UPDATE, &clp->cl_flags)) 1147 return; 1148 nfsd4_mark_cb_state(clp, NFSD4_CB_DOWN); 1149 } 1150 1151 static void nfsd4_mark_cb_fault(struct nfs4_client *clp) 1152 { 1153 if (test_bit(NFSD4_CLIENT_CB_UPDATE, &clp->cl_flags)) 1154 return; 1155 nfsd4_mark_cb_state(clp, NFSD4_CB_FAULT); 1156 } 1157 1158 static void nfsd4_cb_probe_done(struct rpc_task *task, void *calldata) 1159 { 1160 struct nfs4_client *clp = container_of(calldata, struct nfs4_client, cl_cb_null); 1161 1162 if (task->tk_status) 1163 nfsd4_mark_cb_down(clp); 1164 else 1165 nfsd4_mark_cb_state(clp, NFSD4_CB_UP); 1166 } 1167 1168 static void nfsd4_cb_probe_release(void *calldata) 1169 { 1170 struct nfs4_client *clp = container_of(calldata, struct nfs4_client, cl_cb_null); 1171 1172 nfsd41_cb_inflight_end(clp); 1173 1174 } 1175 1176 static const struct rpc_call_ops nfsd4_cb_probe_ops = { 1177 /* XXX: release method to ensure we set the cb channel down if 1178 * necessary on early failure? */ 1179 .rpc_call_done = nfsd4_cb_probe_done, 1180 .rpc_release = nfsd4_cb_probe_release, 1181 }; 1182 1183 /* 1184 * Poke the callback thread to process any updates to the callback 1185 * parameters, and send a null probe. 1186 */ 1187 void nfsd4_probe_callback(struct nfs4_client *clp) 1188 { 1189 trace_nfsd_cb_probe(clp); 1190 nfsd4_mark_cb_state(clp, NFSD4_CB_UNKNOWN); 1191 set_bit(NFSD4_CLIENT_CB_UPDATE, &clp->cl_flags); 1192 nfsd4_run_cb(&clp->cl_cb_null); 1193 } 1194 1195 void nfsd4_probe_callback_sync(struct nfs4_client *clp) 1196 { 1197 nfsd4_probe_callback(clp); 1198 flush_workqueue(clp->cl_callback_wq); 1199 } 1200 1201 void nfsd4_change_callback(struct nfs4_client *clp, struct nfs4_cb_conn *conn) 1202 { 1203 nfsd4_mark_cb_state(clp, NFSD4_CB_UNKNOWN); 1204 spin_lock(&clp->cl_lock); 1205 memcpy(&clp->cl_cb_conn, conn, sizeof(struct nfs4_cb_conn)); 1206 spin_unlock(&clp->cl_lock); 1207 } 1208 1209 static int grab_slot(struct nfsd4_session *ses) 1210 { 1211 int idx; 1212 1213 spin_lock(&ses->se_lock); 1214 idx = ffs(ses->se_cb_slot_avail) - 1; 1215 if (idx < 0 || idx > ses->se_cb_highest_slot) { 1216 spin_unlock(&ses->se_lock); 1217 return -1; 1218 } 1219 /* clear the bit for the slot */ 1220 ses->se_cb_slot_avail &= ~BIT(idx); 1221 spin_unlock(&ses->se_lock); 1222 return idx; 1223 } 1224 1225 /* 1226 * There's currently a single callback channel slot. 1227 * If the slot is available, then mark it busy. Otherwise, set the 1228 * thread for sleeping on the callback RPC wait queue. 1229 */ 1230 static bool nfsd41_cb_get_slot(struct nfsd4_callback *cb, struct rpc_task *task) 1231 { 1232 struct nfs4_client *clp = cb->cb_clp; 1233 struct nfsd4_session *ses = clp->cl_cb_session; 1234 1235 if (cb->cb_held_slot >= 0) 1236 return true; 1237 cb->cb_held_slot = grab_slot(ses); 1238 if (cb->cb_held_slot < 0) { 1239 rpc_sleep_on(&clp->cl_cb_waitq, task, NULL); 1240 /* Race breaker */ 1241 cb->cb_held_slot = grab_slot(ses); 1242 if (cb->cb_held_slot < 0) 1243 return false; 1244 rpc_wake_up_queued_task(&clp->cl_cb_waitq, task); 1245 } 1246 return true; 1247 } 1248 1249 static void nfsd41_cb_release_slot(struct nfsd4_callback *cb) 1250 { 1251 struct nfs4_client *clp = cb->cb_clp; 1252 struct nfsd4_session *ses = clp->cl_cb_session; 1253 1254 if (cb->cb_held_slot >= 0) { 1255 spin_lock(&ses->se_lock); 1256 ses->se_cb_slot_avail |= BIT(cb->cb_held_slot); 1257 spin_unlock(&ses->se_lock); 1258 cb->cb_held_slot = -1; 1259 rpc_wake_up_next(&clp->cl_cb_waitq); 1260 } 1261 } 1262 1263 static void nfsd41_destroy_cb(struct nfsd4_callback *cb) 1264 { 1265 struct nfs4_client *clp = cb->cb_clp; 1266 1267 trace_nfsd_cb_destroy(clp, cb); 1268 nfsd41_cb_release_slot(cb); 1269 if (cb->cb_ops && cb->cb_ops->release) 1270 cb->cb_ops->release(cb); 1271 nfsd41_cb_inflight_end(clp); 1272 } 1273 1274 /* 1275 * TODO: cb_sequence should support referring call lists, cachethis, 1276 * and mark callback channel down on communication errors. 1277 */ 1278 static void nfsd4_cb_prepare(struct rpc_task *task, void *calldata) 1279 { 1280 struct nfsd4_callback *cb = calldata; 1281 struct nfs4_client *clp = cb->cb_clp; 1282 u32 minorversion = clp->cl_minorversion; 1283 1284 /* 1285 * cb_seq_status is only set in decode_cb_sequence4res, 1286 * and so will remain 1 if an rpc level failure occurs. 1287 */ 1288 trace_nfsd_cb_rpc_prepare(clp); 1289 cb->cb_seq_status = 1; 1290 cb->cb_status = 0; 1291 if (minorversion && !nfsd41_cb_get_slot(cb, task)) 1292 return; 1293 rpc_call_start(task); 1294 } 1295 1296 static bool nfsd4_cb_sequence_done(struct rpc_task *task, struct nfsd4_callback *cb) 1297 { 1298 struct nfs4_client *clp = cb->cb_clp; 1299 struct nfsd4_session *session = clp->cl_cb_session; 1300 bool ret = true; 1301 1302 if (!clp->cl_minorversion) { 1303 /* 1304 * If the backchannel connection was shut down while this 1305 * task was queued, we need to resubmit it after setting up 1306 * a new backchannel connection. 1307 * 1308 * Note that if we lost our callback connection permanently 1309 * the submission code will error out, so we don't need to 1310 * handle that case here. 1311 */ 1312 if (RPC_SIGNALLED(task)) 1313 goto need_restart; 1314 1315 return true; 1316 } 1317 1318 if (cb->cb_held_slot < 0) 1319 goto need_restart; 1320 1321 /* This is the operation status code for CB_SEQUENCE */ 1322 trace_nfsd_cb_seq_status(task, cb); 1323 switch (cb->cb_seq_status) { 1324 case 0: 1325 /* 1326 * No need for lock, access serialized in nfsd4_cb_prepare 1327 * 1328 * RFC5661 20.9.3 1329 * If CB_SEQUENCE returns an error, then the state of the slot 1330 * (sequence ID, cached reply) MUST NOT change. 1331 */ 1332 ++session->se_cb_seq_nr[cb->cb_held_slot]; 1333 break; 1334 case -ESERVERFAULT: 1335 ++session->se_cb_seq_nr[cb->cb_held_slot]; 1336 nfsd4_mark_cb_fault(cb->cb_clp); 1337 ret = false; 1338 break; 1339 case 1: 1340 /* 1341 * cb_seq_status remains 1 if an RPC Reply was never 1342 * received. NFSD can't know if the client processed 1343 * the CB_SEQUENCE operation. Ask the client to send a 1344 * DESTROY_SESSION to recover. 1345 */ 1346 fallthrough; 1347 case -NFS4ERR_BADSESSION: 1348 nfsd4_mark_cb_fault(cb->cb_clp); 1349 ret = false; 1350 goto need_restart; 1351 case -NFS4ERR_DELAY: 1352 cb->cb_seq_status = 1; 1353 if (!rpc_restart_call(task)) 1354 goto out; 1355 1356 rpc_delay(task, 2 * HZ); 1357 return false; 1358 case -NFS4ERR_BADSLOT: 1359 goto retry_nowait; 1360 case -NFS4ERR_SEQ_MISORDERED: 1361 if (session->se_cb_seq_nr[cb->cb_held_slot] != 1) { 1362 session->se_cb_seq_nr[cb->cb_held_slot] = 1; 1363 goto retry_nowait; 1364 } 1365 break; 1366 default: 1367 nfsd4_mark_cb_fault(cb->cb_clp); 1368 } 1369 trace_nfsd_cb_free_slot(task, cb); 1370 nfsd41_cb_release_slot(cb); 1371 1372 if (RPC_SIGNALLED(task)) 1373 goto need_restart; 1374 out: 1375 return ret; 1376 retry_nowait: 1377 if (rpc_restart_call_prepare(task)) 1378 ret = false; 1379 goto out; 1380 need_restart: 1381 if (!test_bit(NFSD4_CLIENT_CB_KILL, &clp->cl_flags)) { 1382 trace_nfsd_cb_restart(clp, cb); 1383 task->tk_status = 0; 1384 cb->cb_need_restart = true; 1385 } 1386 return false; 1387 } 1388 1389 static void nfsd4_cb_done(struct rpc_task *task, void *calldata) 1390 { 1391 struct nfsd4_callback *cb = calldata; 1392 struct nfs4_client *clp = cb->cb_clp; 1393 1394 trace_nfsd_cb_rpc_done(clp); 1395 1396 if (!nfsd4_cb_sequence_done(task, cb)) 1397 return; 1398 1399 if (cb->cb_status) { 1400 WARN_ONCE(task->tk_status, "cb_status=%d tk_status=%d", 1401 cb->cb_status, task->tk_status); 1402 task->tk_status = cb->cb_status; 1403 } 1404 1405 switch (cb->cb_ops->done(cb, task)) { 1406 case 0: 1407 task->tk_status = 0; 1408 rpc_restart_call_prepare(task); 1409 return; 1410 case 1: 1411 switch (task->tk_status) { 1412 case -EIO: 1413 case -ETIMEDOUT: 1414 case -EACCES: 1415 nfsd4_mark_cb_down(clp); 1416 } 1417 break; 1418 default: 1419 BUG(); 1420 } 1421 } 1422 1423 static void nfsd4_cb_release(void *calldata) 1424 { 1425 struct nfsd4_callback *cb = calldata; 1426 1427 trace_nfsd_cb_rpc_release(cb->cb_clp); 1428 1429 if (cb->cb_need_restart) 1430 nfsd4_queue_cb(cb); 1431 else 1432 nfsd41_destroy_cb(cb); 1433 1434 } 1435 1436 static const struct rpc_call_ops nfsd4_cb_ops = { 1437 .rpc_call_prepare = nfsd4_cb_prepare, 1438 .rpc_call_done = nfsd4_cb_done, 1439 .rpc_release = nfsd4_cb_release, 1440 }; 1441 1442 /* must be called under the state lock */ 1443 void nfsd4_shutdown_callback(struct nfs4_client *clp) 1444 { 1445 if (clp->cl_cb_state != NFSD4_CB_UNKNOWN) 1446 trace_nfsd_cb_shutdown(clp); 1447 1448 set_bit(NFSD4_CLIENT_CB_KILL, &clp->cl_flags); 1449 /* 1450 * Note this won't actually result in a null callback; 1451 * instead, nfsd4_run_cb_null() will detect the killed 1452 * client, destroy the rpc client, and stop: 1453 */ 1454 nfsd4_run_cb(&clp->cl_cb_null); 1455 flush_workqueue(clp->cl_callback_wq); 1456 nfsd41_cb_inflight_wait_complete(clp); 1457 } 1458 1459 static struct nfsd4_conn * __nfsd4_find_backchannel(struct nfs4_client *clp) 1460 { 1461 struct nfsd4_session *s; 1462 struct nfsd4_conn *c; 1463 1464 lockdep_assert_held(&clp->cl_lock); 1465 1466 list_for_each_entry(s, &clp->cl_sessions, se_perclnt) { 1467 list_for_each_entry(c, &s->se_conns, cn_persession) { 1468 if (c->cn_flags & NFS4_CDFC4_BACK) 1469 return c; 1470 } 1471 } 1472 return NULL; 1473 } 1474 1475 /* 1476 * Note there isn't a lot of locking in this code; instead we depend on 1477 * the fact that it is run from clp->cl_callback_wq, which won't run two 1478 * work items at once. So, for example, clp->cl_callback_wq handles all 1479 * access of cl_cb_client and all calls to rpc_create or rpc_shutdown_client. 1480 */ 1481 static void nfsd4_process_cb_update(struct nfsd4_callback *cb) 1482 { 1483 struct nfs4_cb_conn conn; 1484 struct nfs4_client *clp = cb->cb_clp; 1485 struct nfsd4_session *ses = NULL; 1486 struct nfsd4_conn *c; 1487 int err; 1488 1489 trace_nfsd_cb_bc_update(clp, cb); 1490 1491 /* 1492 * This is either an update, or the client dying; in either case, 1493 * kill the old client: 1494 */ 1495 if (clp->cl_cb_client) { 1496 trace_nfsd_cb_bc_shutdown(clp, cb); 1497 rpc_shutdown_client(clp->cl_cb_client); 1498 clp->cl_cb_client = NULL; 1499 put_cred(clp->cl_cb_cred); 1500 clp->cl_cb_cred = NULL; 1501 } 1502 if (clp->cl_cb_conn.cb_xprt) { 1503 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1504 clp->cl_cb_conn.cb_xprt = NULL; 1505 } 1506 if (test_bit(NFSD4_CLIENT_CB_KILL, &clp->cl_flags)) 1507 return; 1508 1509 spin_lock(&clp->cl_lock); 1510 /* 1511 * Only serialized callback code is allowed to clear these 1512 * flags; main nfsd code can only set them: 1513 */ 1514 WARN_ON(!(clp->cl_flags & NFSD4_CLIENT_CB_FLAG_MASK)); 1515 clear_bit(NFSD4_CLIENT_CB_UPDATE, &clp->cl_flags); 1516 1517 memcpy(&conn, &cb->cb_clp->cl_cb_conn, sizeof(struct nfs4_cb_conn)); 1518 c = __nfsd4_find_backchannel(clp); 1519 if (c) { 1520 svc_xprt_get(c->cn_xprt); 1521 conn.cb_xprt = c->cn_xprt; 1522 ses = c->cn_session; 1523 } 1524 spin_unlock(&clp->cl_lock); 1525 1526 err = setup_callback_client(clp, &conn, ses); 1527 if (err) { 1528 nfsd4_mark_cb_down(clp); 1529 if (c) 1530 svc_xprt_put(c->cn_xprt); 1531 return; 1532 } 1533 } 1534 1535 static void 1536 nfsd4_run_cb_work(struct work_struct *work) 1537 { 1538 struct nfsd4_callback *cb = 1539 container_of(work, struct nfsd4_callback, cb_work); 1540 struct nfs4_client *clp = cb->cb_clp; 1541 struct rpc_clnt *clnt; 1542 int flags; 1543 1544 trace_nfsd_cb_start(clp); 1545 1546 if (clp->cl_flags & NFSD4_CLIENT_CB_FLAG_MASK) 1547 nfsd4_process_cb_update(cb); 1548 1549 clnt = clp->cl_cb_client; 1550 if (!clnt) { 1551 /* Callback channel broken, or client killed; give up: */ 1552 nfsd41_destroy_cb(cb); 1553 return; 1554 } 1555 1556 /* 1557 * Don't send probe messages for 4.1 or later. 1558 */ 1559 if (!cb->cb_ops && clp->cl_minorversion) { 1560 nfsd4_mark_cb_state(clp, NFSD4_CB_UP); 1561 nfsd41_destroy_cb(cb); 1562 return; 1563 } 1564 1565 if (cb->cb_need_restart) { 1566 cb->cb_need_restart = false; 1567 } else { 1568 if (cb->cb_ops && cb->cb_ops->prepare) 1569 cb->cb_ops->prepare(cb); 1570 } 1571 cb->cb_msg.rpc_cred = clp->cl_cb_cred; 1572 flags = clp->cl_minorversion ? RPC_TASK_NOCONNECT : RPC_TASK_SOFTCONN; 1573 rpc_call_async(clnt, &cb->cb_msg, RPC_TASK_SOFT | flags, 1574 cb->cb_ops ? &nfsd4_cb_ops : &nfsd4_cb_probe_ops, cb); 1575 } 1576 1577 void nfsd4_init_cb(struct nfsd4_callback *cb, struct nfs4_client *clp, 1578 const struct nfsd4_callback_ops *ops, enum nfsd4_cb_op op) 1579 { 1580 cb->cb_clp = clp; 1581 cb->cb_msg.rpc_proc = &nfs4_cb_procedures[op]; 1582 cb->cb_msg.rpc_argp = cb; 1583 cb->cb_msg.rpc_resp = cb; 1584 cb->cb_ops = ops; 1585 INIT_WORK(&cb->cb_work, nfsd4_run_cb_work); 1586 cb->cb_status = 0; 1587 cb->cb_need_restart = false; 1588 cb->cb_held_slot = -1; 1589 } 1590 1591 /** 1592 * nfsd4_run_cb - queue up a callback job to run 1593 * @cb: callback to queue 1594 * 1595 * Kick off a callback to do its thing. Returns false if it was already 1596 * on a queue, true otherwise. 1597 */ 1598 bool nfsd4_run_cb(struct nfsd4_callback *cb) 1599 { 1600 struct nfs4_client *clp = cb->cb_clp; 1601 bool queued; 1602 1603 nfsd41_cb_inflight_begin(clp); 1604 queued = nfsd4_queue_cb(cb); 1605 if (!queued) 1606 nfsd41_cb_inflight_end(clp); 1607 return queued; 1608 } 1609