1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include <linux/string_helpers.h> 46 #include <linux/fsnotify.h> 47 #include <linux/rhashtable.h> 48 #include <linux/nfs_ssc.h> 49 50 #include "xdr4.h" 51 #include "xdr4cb.h" 52 #include "vfs.h" 53 #include "current_stateid.h" 54 55 #include "netns.h" 56 #include "pnfs.h" 57 #include "filecache.h" 58 #include "trace.h" 59 60 #define NFSDDBG_FACILITY NFSDDBG_PROC 61 62 #define all_ones {{ ~0, ~0}, ~0} 63 static const stateid_t one_stateid = { 64 .si_generation = ~0, 65 .si_opaque = all_ones, 66 }; 67 static const stateid_t zero_stateid = { 68 /* all fields zero */ 69 }; 70 static const stateid_t currentstateid = { 71 .si_generation = 1, 72 }; 73 static const stateid_t close_stateid = { 74 .si_generation = 0xffffffffU, 75 }; 76 77 static u64 current_sessionid = 1; 78 79 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 80 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 81 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 82 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 83 84 /* forward declarations */ 85 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 86 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 87 void nfsd4_end_grace(struct nfsd_net *nn); 88 static void _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps); 89 static void nfsd4_file_hash_remove(struct nfs4_file *fi); 90 static void deleg_reaper(struct nfsd_net *nn); 91 92 /* Locking: */ 93 94 /* 95 * Currently used for the del_recall_lru and file hash table. In an 96 * effort to decrease the scope of the client_mutex, this spinlock may 97 * eventually cover more: 98 */ 99 static DEFINE_SPINLOCK(state_lock); 100 101 enum nfsd4_st_mutex_lock_subclass { 102 OPEN_STATEID_MUTEX = 0, 103 LOCK_STATEID_MUTEX = 1, 104 }; 105 106 /* 107 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 108 * the refcount on the open stateid to drop. 109 */ 110 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 111 112 /* 113 * A waitqueue where a writer to clients/#/ctl destroying a client can 114 * wait for cl_rpc_users to drop to 0 and then for the client to be 115 * unhashed. 116 */ 117 static DECLARE_WAIT_QUEUE_HEAD(expiry_wq); 118 119 static struct kmem_cache *client_slab; 120 static struct kmem_cache *openowner_slab; 121 static struct kmem_cache *lockowner_slab; 122 static struct kmem_cache *file_slab; 123 static struct kmem_cache *stateid_slab; 124 static struct kmem_cache *deleg_slab; 125 static struct kmem_cache *odstate_slab; 126 127 static void free_session(struct nfsd4_session *); 128 129 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 130 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 131 static const struct nfsd4_callback_ops nfsd4_cb_getattr_ops; 132 133 static struct workqueue_struct *laundry_wq; 134 135 int nfsd4_create_laundry_wq(void) 136 { 137 int rc = 0; 138 139 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 140 if (laundry_wq == NULL) 141 rc = -ENOMEM; 142 return rc; 143 } 144 145 void nfsd4_destroy_laundry_wq(void) 146 { 147 destroy_workqueue(laundry_wq); 148 } 149 150 static bool is_session_dead(struct nfsd4_session *ses) 151 { 152 return ses->se_flags & NFS4_SESSION_DEAD; 153 } 154 155 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 156 { 157 if (atomic_read(&ses->se_ref) > ref_held_by_me) 158 return nfserr_jukebox; 159 ses->se_flags |= NFS4_SESSION_DEAD; 160 return nfs_ok; 161 } 162 163 static bool is_client_expired(struct nfs4_client *clp) 164 { 165 return clp->cl_time == 0; 166 } 167 168 static void nfsd4_dec_courtesy_client_count(struct nfsd_net *nn, 169 struct nfs4_client *clp) 170 { 171 if (clp->cl_state != NFSD4_ACTIVE) 172 atomic_add_unless(&nn->nfsd_courtesy_clients, -1, 0); 173 } 174 175 static __be32 get_client_locked(struct nfs4_client *clp) 176 { 177 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 178 179 lockdep_assert_held(&nn->client_lock); 180 181 if (is_client_expired(clp)) 182 return nfserr_expired; 183 atomic_inc(&clp->cl_rpc_users); 184 nfsd4_dec_courtesy_client_count(nn, clp); 185 clp->cl_state = NFSD4_ACTIVE; 186 return nfs_ok; 187 } 188 189 /* must be called under the client_lock */ 190 static inline void 191 renew_client_locked(struct nfs4_client *clp) 192 { 193 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 194 195 if (is_client_expired(clp)) { 196 WARN_ON(1); 197 printk("%s: client (clientid %08x/%08x) already expired\n", 198 __func__, 199 clp->cl_clientid.cl_boot, 200 clp->cl_clientid.cl_id); 201 return; 202 } 203 204 list_move_tail(&clp->cl_lru, &nn->client_lru); 205 clp->cl_time = ktime_get_boottime_seconds(); 206 nfsd4_dec_courtesy_client_count(nn, clp); 207 clp->cl_state = NFSD4_ACTIVE; 208 } 209 210 static void put_client_renew_locked(struct nfs4_client *clp) 211 { 212 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 213 214 lockdep_assert_held(&nn->client_lock); 215 216 if (!atomic_dec_and_test(&clp->cl_rpc_users)) 217 return; 218 if (!is_client_expired(clp)) 219 renew_client_locked(clp); 220 else 221 wake_up_all(&expiry_wq); 222 } 223 224 static void put_client_renew(struct nfs4_client *clp) 225 { 226 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 227 228 if (!atomic_dec_and_lock(&clp->cl_rpc_users, &nn->client_lock)) 229 return; 230 if (!is_client_expired(clp)) 231 renew_client_locked(clp); 232 else 233 wake_up_all(&expiry_wq); 234 spin_unlock(&nn->client_lock); 235 } 236 237 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 238 { 239 __be32 status; 240 241 if (is_session_dead(ses)) 242 return nfserr_badsession; 243 status = get_client_locked(ses->se_client); 244 if (status) 245 return status; 246 atomic_inc(&ses->se_ref); 247 return nfs_ok; 248 } 249 250 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 251 { 252 struct nfs4_client *clp = ses->se_client; 253 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 254 255 lockdep_assert_held(&nn->client_lock); 256 257 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 258 free_session(ses); 259 put_client_renew_locked(clp); 260 } 261 262 static void nfsd4_put_session(struct nfsd4_session *ses) 263 { 264 struct nfs4_client *clp = ses->se_client; 265 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 266 267 spin_lock(&nn->client_lock); 268 nfsd4_put_session_locked(ses); 269 spin_unlock(&nn->client_lock); 270 } 271 272 static struct nfsd4_blocked_lock * 273 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 274 struct nfsd_net *nn) 275 { 276 struct nfsd4_blocked_lock *cur, *found = NULL; 277 278 spin_lock(&nn->blocked_locks_lock); 279 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 280 if (fh_match(fh, &cur->nbl_fh)) { 281 list_del_init(&cur->nbl_list); 282 WARN_ON(list_empty(&cur->nbl_lru)); 283 list_del_init(&cur->nbl_lru); 284 found = cur; 285 break; 286 } 287 } 288 spin_unlock(&nn->blocked_locks_lock); 289 if (found) 290 locks_delete_block(&found->nbl_lock); 291 return found; 292 } 293 294 static struct nfsd4_blocked_lock * 295 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 296 struct nfsd_net *nn) 297 { 298 struct nfsd4_blocked_lock *nbl; 299 300 nbl = find_blocked_lock(lo, fh, nn); 301 if (!nbl) { 302 nbl = kmalloc(sizeof(*nbl), GFP_KERNEL); 303 if (nbl) { 304 INIT_LIST_HEAD(&nbl->nbl_list); 305 INIT_LIST_HEAD(&nbl->nbl_lru); 306 fh_copy_shallow(&nbl->nbl_fh, fh); 307 locks_init_lock(&nbl->nbl_lock); 308 kref_init(&nbl->nbl_kref); 309 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 310 &nfsd4_cb_notify_lock_ops, 311 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 312 } 313 } 314 return nbl; 315 } 316 317 static void 318 free_nbl(struct kref *kref) 319 { 320 struct nfsd4_blocked_lock *nbl; 321 322 nbl = container_of(kref, struct nfsd4_blocked_lock, nbl_kref); 323 locks_release_private(&nbl->nbl_lock); 324 kfree(nbl); 325 } 326 327 static void 328 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 329 { 330 locks_delete_block(&nbl->nbl_lock); 331 kref_put(&nbl->nbl_kref, free_nbl); 332 } 333 334 static void 335 remove_blocked_locks(struct nfs4_lockowner *lo) 336 { 337 struct nfs4_client *clp = lo->lo_owner.so_client; 338 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 339 struct nfsd4_blocked_lock *nbl; 340 LIST_HEAD(reaplist); 341 342 /* Dequeue all blocked locks */ 343 spin_lock(&nn->blocked_locks_lock); 344 while (!list_empty(&lo->lo_blocked)) { 345 nbl = list_first_entry(&lo->lo_blocked, 346 struct nfsd4_blocked_lock, 347 nbl_list); 348 list_del_init(&nbl->nbl_list); 349 WARN_ON(list_empty(&nbl->nbl_lru)); 350 list_move(&nbl->nbl_lru, &reaplist); 351 } 352 spin_unlock(&nn->blocked_locks_lock); 353 354 /* Now free them */ 355 while (!list_empty(&reaplist)) { 356 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 357 nbl_lru); 358 list_del_init(&nbl->nbl_lru); 359 free_blocked_lock(nbl); 360 } 361 } 362 363 static void 364 nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb) 365 { 366 struct nfsd4_blocked_lock *nbl = container_of(cb, 367 struct nfsd4_blocked_lock, nbl_cb); 368 locks_delete_block(&nbl->nbl_lock); 369 } 370 371 static int 372 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 373 { 374 trace_nfsd_cb_notify_lock_done(&zero_stateid, task); 375 376 /* 377 * Since this is just an optimization, we don't try very hard if it 378 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 379 * just quit trying on anything else. 380 */ 381 switch (task->tk_status) { 382 case -NFS4ERR_DELAY: 383 rpc_delay(task, 1 * HZ); 384 return 0; 385 default: 386 return 1; 387 } 388 } 389 390 static void 391 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 392 { 393 struct nfsd4_blocked_lock *nbl = container_of(cb, 394 struct nfsd4_blocked_lock, nbl_cb); 395 396 free_blocked_lock(nbl); 397 } 398 399 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 400 .prepare = nfsd4_cb_notify_lock_prepare, 401 .done = nfsd4_cb_notify_lock_done, 402 .release = nfsd4_cb_notify_lock_release, 403 }; 404 405 /* 406 * We store the NONE, READ, WRITE, and BOTH bits separately in the 407 * st_{access,deny}_bmap field of the stateid, in order to track not 408 * only what share bits are currently in force, but also what 409 * combinations of share bits previous opens have used. This allows us 410 * to enforce the recommendation in 411 * https://datatracker.ietf.org/doc/html/rfc7530#section-16.19.4 that 412 * the server return an error if the client attempt to downgrade to a 413 * combination of share bits not explicable by closing some of its 414 * previous opens. 415 * 416 * This enforcement is arguably incomplete, since we don't keep 417 * track of access/deny bit combinations; so, e.g., we allow: 418 * 419 * OPEN allow read, deny write 420 * OPEN allow both, deny none 421 * DOWNGRADE allow read, deny none 422 * 423 * which we should reject. 424 * 425 * But you could also argue that our current code is already overkill, 426 * since it only exists to return NFS4ERR_INVAL on incorrect client 427 * behavior. 428 */ 429 static unsigned int 430 bmap_to_share_mode(unsigned long bmap) 431 { 432 int i; 433 unsigned int access = 0; 434 435 for (i = 1; i < 4; i++) { 436 if (test_bit(i, &bmap)) 437 access |= i; 438 } 439 return access; 440 } 441 442 /* set share access for a given stateid */ 443 static inline void 444 set_access(u32 access, struct nfs4_ol_stateid *stp) 445 { 446 unsigned char mask = 1 << access; 447 448 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 449 stp->st_access_bmap |= mask; 450 } 451 452 /* clear share access for a given stateid */ 453 static inline void 454 clear_access(u32 access, struct nfs4_ol_stateid *stp) 455 { 456 unsigned char mask = 1 << access; 457 458 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 459 stp->st_access_bmap &= ~mask; 460 } 461 462 /* test whether a given stateid has access */ 463 static inline bool 464 test_access(u32 access, struct nfs4_ol_stateid *stp) 465 { 466 unsigned char mask = 1 << access; 467 468 return (bool)(stp->st_access_bmap & mask); 469 } 470 471 /* set share deny for a given stateid */ 472 static inline void 473 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 474 { 475 unsigned char mask = 1 << deny; 476 477 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 478 stp->st_deny_bmap |= mask; 479 } 480 481 /* clear share deny for a given stateid */ 482 static inline void 483 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 484 { 485 unsigned char mask = 1 << deny; 486 487 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 488 stp->st_deny_bmap &= ~mask; 489 } 490 491 /* test whether a given stateid is denying specific access */ 492 static inline bool 493 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 494 { 495 unsigned char mask = 1 << deny; 496 497 return (bool)(stp->st_deny_bmap & mask); 498 } 499 500 static int nfs4_access_to_omode(u32 access) 501 { 502 switch (access & NFS4_SHARE_ACCESS_BOTH) { 503 case NFS4_SHARE_ACCESS_READ: 504 return O_RDONLY; 505 case NFS4_SHARE_ACCESS_WRITE: 506 return O_WRONLY; 507 case NFS4_SHARE_ACCESS_BOTH: 508 return O_RDWR; 509 } 510 WARN_ON_ONCE(1); 511 return O_RDONLY; 512 } 513 514 static inline int 515 access_permit_read(struct nfs4_ol_stateid *stp) 516 { 517 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 518 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 519 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 520 } 521 522 static inline int 523 access_permit_write(struct nfs4_ol_stateid *stp) 524 { 525 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 526 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 527 } 528 529 static inline struct nfs4_stateowner * 530 nfs4_get_stateowner(struct nfs4_stateowner *sop) 531 { 532 atomic_inc(&sop->so_count); 533 return sop; 534 } 535 536 static int 537 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 538 { 539 return (sop->so_owner.len == owner->len) && 540 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 541 } 542 543 static struct nfs4_openowner * 544 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 545 struct nfs4_client *clp) 546 { 547 struct nfs4_stateowner *so; 548 549 lockdep_assert_held(&clp->cl_lock); 550 551 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 552 so_strhash) { 553 if (!so->so_is_open_owner) 554 continue; 555 if (same_owner_str(so, &open->op_owner)) 556 return openowner(nfs4_get_stateowner(so)); 557 } 558 return NULL; 559 } 560 561 static inline u32 562 opaque_hashval(const void *ptr, int nbytes) 563 { 564 unsigned char *cptr = (unsigned char *) ptr; 565 566 u32 x = 0; 567 while (nbytes--) { 568 x *= 37; 569 x += *cptr++; 570 } 571 return x; 572 } 573 574 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 575 { 576 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 577 578 kmem_cache_free(file_slab, fp); 579 } 580 581 void 582 put_nfs4_file(struct nfs4_file *fi) 583 { 584 if (refcount_dec_and_test(&fi->fi_ref)) { 585 nfsd4_file_hash_remove(fi); 586 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 587 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 588 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 589 } 590 } 591 592 static struct nfsd_file * 593 find_writeable_file_locked(struct nfs4_file *f) 594 { 595 struct nfsd_file *ret; 596 597 lockdep_assert_held(&f->fi_lock); 598 599 ret = nfsd_file_get(f->fi_fds[O_WRONLY]); 600 if (!ret) 601 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 602 return ret; 603 } 604 605 static struct nfsd_file * 606 find_writeable_file(struct nfs4_file *f) 607 { 608 struct nfsd_file *ret; 609 610 spin_lock(&f->fi_lock); 611 ret = find_writeable_file_locked(f); 612 spin_unlock(&f->fi_lock); 613 614 return ret; 615 } 616 617 static struct nfsd_file * 618 find_readable_file_locked(struct nfs4_file *f) 619 { 620 struct nfsd_file *ret; 621 622 lockdep_assert_held(&f->fi_lock); 623 624 ret = nfsd_file_get(f->fi_fds[O_RDONLY]); 625 if (!ret) 626 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 627 return ret; 628 } 629 630 static struct nfsd_file * 631 find_readable_file(struct nfs4_file *f) 632 { 633 struct nfsd_file *ret; 634 635 spin_lock(&f->fi_lock); 636 ret = find_readable_file_locked(f); 637 spin_unlock(&f->fi_lock); 638 639 return ret; 640 } 641 642 static struct nfsd_file * 643 find_rw_file(struct nfs4_file *f) 644 { 645 struct nfsd_file *ret; 646 647 spin_lock(&f->fi_lock); 648 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 649 spin_unlock(&f->fi_lock); 650 651 return ret; 652 } 653 654 struct nfsd_file * 655 find_any_file(struct nfs4_file *f) 656 { 657 struct nfsd_file *ret; 658 659 if (!f) 660 return NULL; 661 spin_lock(&f->fi_lock); 662 ret = nfsd_file_get(f->fi_fds[O_RDWR]); 663 if (!ret) { 664 ret = nfsd_file_get(f->fi_fds[O_WRONLY]); 665 if (!ret) 666 ret = nfsd_file_get(f->fi_fds[O_RDONLY]); 667 } 668 spin_unlock(&f->fi_lock); 669 return ret; 670 } 671 672 static struct nfsd_file *find_any_file_locked(struct nfs4_file *f) 673 { 674 lockdep_assert_held(&f->fi_lock); 675 676 if (f->fi_fds[O_RDWR]) 677 return f->fi_fds[O_RDWR]; 678 if (f->fi_fds[O_WRONLY]) 679 return f->fi_fds[O_WRONLY]; 680 if (f->fi_fds[O_RDONLY]) 681 return f->fi_fds[O_RDONLY]; 682 return NULL; 683 } 684 685 static atomic_long_t num_delegations; 686 unsigned long max_delegations; 687 688 /* 689 * Open owner state (share locks) 690 */ 691 692 /* hash tables for lock and open owners */ 693 #define OWNER_HASH_BITS 8 694 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 695 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 696 697 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 698 { 699 unsigned int ret; 700 701 ret = opaque_hashval(ownername->data, ownername->len); 702 return ret & OWNER_HASH_MASK; 703 } 704 705 static struct rhltable nfs4_file_rhltable ____cacheline_aligned_in_smp; 706 707 static const struct rhashtable_params nfs4_file_rhash_params = { 708 .key_len = sizeof_field(struct nfs4_file, fi_inode), 709 .key_offset = offsetof(struct nfs4_file, fi_inode), 710 .head_offset = offsetof(struct nfs4_file, fi_rlist), 711 712 /* 713 * Start with a single page hash table to reduce resizing churn 714 * on light workloads. 715 */ 716 .min_size = 256, 717 .automatic_shrinking = true, 718 }; 719 720 /* 721 * Check if courtesy clients have conflicting access and resolve it if possible 722 * 723 * access: is op_share_access if share_access is true. 724 * Check if access mode, op_share_access, would conflict with 725 * the current deny mode of the file 'fp'. 726 * access: is op_share_deny if share_access is false. 727 * Check if the deny mode, op_share_deny, would conflict with 728 * current access of the file 'fp'. 729 * stp: skip checking this entry. 730 * new_stp: normal open, not open upgrade. 731 * 732 * Function returns: 733 * false - access/deny mode conflict with normal client. 734 * true - no conflict or conflict with courtesy client(s) is resolved. 735 */ 736 static bool 737 nfs4_resolve_deny_conflicts_locked(struct nfs4_file *fp, bool new_stp, 738 struct nfs4_ol_stateid *stp, u32 access, bool share_access) 739 { 740 struct nfs4_ol_stateid *st; 741 bool resolvable = true; 742 unsigned char bmap; 743 struct nfsd_net *nn; 744 struct nfs4_client *clp; 745 746 lockdep_assert_held(&fp->fi_lock); 747 list_for_each_entry(st, &fp->fi_stateids, st_perfile) { 748 /* ignore lock stateid */ 749 if (st->st_openstp) 750 continue; 751 if (st == stp && new_stp) 752 continue; 753 /* check file access against deny mode or vice versa */ 754 bmap = share_access ? st->st_deny_bmap : st->st_access_bmap; 755 if (!(access & bmap_to_share_mode(bmap))) 756 continue; 757 clp = st->st_stid.sc_client; 758 if (try_to_expire_client(clp)) 759 continue; 760 resolvable = false; 761 break; 762 } 763 if (resolvable) { 764 clp = stp->st_stid.sc_client; 765 nn = net_generic(clp->net, nfsd_net_id); 766 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 767 } 768 return resolvable; 769 } 770 771 static void 772 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 773 { 774 lockdep_assert_held(&fp->fi_lock); 775 776 if (access & NFS4_SHARE_ACCESS_WRITE) 777 atomic_inc(&fp->fi_access[O_WRONLY]); 778 if (access & NFS4_SHARE_ACCESS_READ) 779 atomic_inc(&fp->fi_access[O_RDONLY]); 780 } 781 782 static __be32 783 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 784 { 785 lockdep_assert_held(&fp->fi_lock); 786 787 /* Does this access mode make sense? */ 788 if (access & ~NFS4_SHARE_ACCESS_BOTH) 789 return nfserr_inval; 790 791 /* Does it conflict with a deny mode already set? */ 792 if ((access & fp->fi_share_deny) != 0) 793 return nfserr_share_denied; 794 795 __nfs4_file_get_access(fp, access); 796 return nfs_ok; 797 } 798 799 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 800 { 801 /* Common case is that there is no deny mode. */ 802 if (deny) { 803 /* Does this deny mode make sense? */ 804 if (deny & ~NFS4_SHARE_DENY_BOTH) 805 return nfserr_inval; 806 807 if ((deny & NFS4_SHARE_DENY_READ) && 808 atomic_read(&fp->fi_access[O_RDONLY])) 809 return nfserr_share_denied; 810 811 if ((deny & NFS4_SHARE_DENY_WRITE) && 812 atomic_read(&fp->fi_access[O_WRONLY])) 813 return nfserr_share_denied; 814 } 815 return nfs_ok; 816 } 817 818 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 819 { 820 might_lock(&fp->fi_lock); 821 822 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 823 struct nfsd_file *f1 = NULL; 824 struct nfsd_file *f2 = NULL; 825 826 swap(f1, fp->fi_fds[oflag]); 827 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 828 swap(f2, fp->fi_fds[O_RDWR]); 829 spin_unlock(&fp->fi_lock); 830 if (f1) 831 nfsd_file_put(f1); 832 if (f2) 833 nfsd_file_put(f2); 834 } 835 } 836 837 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 838 { 839 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 840 841 if (access & NFS4_SHARE_ACCESS_WRITE) 842 __nfs4_file_put_access(fp, O_WRONLY); 843 if (access & NFS4_SHARE_ACCESS_READ) 844 __nfs4_file_put_access(fp, O_RDONLY); 845 } 846 847 /* 848 * Allocate a new open/delegation state counter. This is needed for 849 * pNFS for proper return on close semantics. 850 * 851 * Note that we only allocate it for pNFS-enabled exports, otherwise 852 * all pointers to struct nfs4_clnt_odstate are always NULL. 853 */ 854 static struct nfs4_clnt_odstate * 855 alloc_clnt_odstate(struct nfs4_client *clp) 856 { 857 struct nfs4_clnt_odstate *co; 858 859 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 860 if (co) { 861 co->co_client = clp; 862 refcount_set(&co->co_odcount, 1); 863 } 864 return co; 865 } 866 867 static void 868 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 869 { 870 struct nfs4_file *fp = co->co_file; 871 872 lockdep_assert_held(&fp->fi_lock); 873 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 874 } 875 876 static inline void 877 get_clnt_odstate(struct nfs4_clnt_odstate *co) 878 { 879 if (co) 880 refcount_inc(&co->co_odcount); 881 } 882 883 static void 884 put_clnt_odstate(struct nfs4_clnt_odstate *co) 885 { 886 struct nfs4_file *fp; 887 888 if (!co) 889 return; 890 891 fp = co->co_file; 892 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 893 list_del(&co->co_perfile); 894 spin_unlock(&fp->fi_lock); 895 896 nfsd4_return_all_file_layouts(co->co_client, fp); 897 kmem_cache_free(odstate_slab, co); 898 } 899 } 900 901 static struct nfs4_clnt_odstate * 902 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 903 { 904 struct nfs4_clnt_odstate *co; 905 struct nfs4_client *cl; 906 907 if (!new) 908 return NULL; 909 910 cl = new->co_client; 911 912 spin_lock(&fp->fi_lock); 913 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 914 if (co->co_client == cl) { 915 get_clnt_odstate(co); 916 goto out; 917 } 918 } 919 co = new; 920 co->co_file = fp; 921 hash_clnt_odstate_locked(new); 922 out: 923 spin_unlock(&fp->fi_lock); 924 return co; 925 } 926 927 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 928 void (*sc_free)(struct nfs4_stid *)) 929 { 930 struct nfs4_stid *stid; 931 int new_id; 932 933 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 934 if (!stid) 935 return NULL; 936 937 idr_preload(GFP_KERNEL); 938 spin_lock(&cl->cl_lock); 939 /* Reserving 0 for start of file in nfsdfs "states" file: */ 940 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 1, 0, GFP_NOWAIT); 941 spin_unlock(&cl->cl_lock); 942 idr_preload_end(); 943 if (new_id < 0) 944 goto out_free; 945 946 stid->sc_free = sc_free; 947 stid->sc_client = cl; 948 stid->sc_stateid.si_opaque.so_id = new_id; 949 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 950 /* Will be incremented before return to client: */ 951 refcount_set(&stid->sc_count, 1); 952 spin_lock_init(&stid->sc_lock); 953 INIT_LIST_HEAD(&stid->sc_cp_list); 954 955 /* 956 * It shouldn't be a problem to reuse an opaque stateid value. 957 * I don't think it is for 4.1. But with 4.0 I worry that, for 958 * example, a stray write retransmission could be accepted by 959 * the server when it should have been rejected. Therefore, 960 * adopt a trick from the sctp code to attempt to maximize the 961 * amount of time until an id is reused, by ensuring they always 962 * "increase" (mod INT_MAX): 963 */ 964 return stid; 965 out_free: 966 kmem_cache_free(slab, stid); 967 return NULL; 968 } 969 970 /* 971 * Create a unique stateid_t to represent each COPY. 972 */ 973 static int nfs4_init_cp_state(struct nfsd_net *nn, copy_stateid_t *stid, 974 unsigned char cs_type) 975 { 976 int new_id; 977 978 stid->cs_stid.si_opaque.so_clid.cl_boot = (u32)nn->boot_time; 979 stid->cs_stid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id; 980 981 idr_preload(GFP_KERNEL); 982 spin_lock(&nn->s2s_cp_lock); 983 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, stid, 0, 0, GFP_NOWAIT); 984 stid->cs_stid.si_opaque.so_id = new_id; 985 stid->cs_stid.si_generation = 1; 986 spin_unlock(&nn->s2s_cp_lock); 987 idr_preload_end(); 988 if (new_id < 0) 989 return 0; 990 stid->cs_type = cs_type; 991 return 1; 992 } 993 994 int nfs4_init_copy_state(struct nfsd_net *nn, struct nfsd4_copy *copy) 995 { 996 return nfs4_init_cp_state(nn, ©->cp_stateid, NFS4_COPY_STID); 997 } 998 999 struct nfs4_cpntf_state *nfs4_alloc_init_cpntf_state(struct nfsd_net *nn, 1000 struct nfs4_stid *p_stid) 1001 { 1002 struct nfs4_cpntf_state *cps; 1003 1004 cps = kzalloc(sizeof(struct nfs4_cpntf_state), GFP_KERNEL); 1005 if (!cps) 1006 return NULL; 1007 cps->cpntf_time = ktime_get_boottime_seconds(); 1008 refcount_set(&cps->cp_stateid.cs_count, 1); 1009 if (!nfs4_init_cp_state(nn, &cps->cp_stateid, NFS4_COPYNOTIFY_STID)) 1010 goto out_free; 1011 spin_lock(&nn->s2s_cp_lock); 1012 list_add(&cps->cp_list, &p_stid->sc_cp_list); 1013 spin_unlock(&nn->s2s_cp_lock); 1014 return cps; 1015 out_free: 1016 kfree(cps); 1017 return NULL; 1018 } 1019 1020 void nfs4_free_copy_state(struct nfsd4_copy *copy) 1021 { 1022 struct nfsd_net *nn; 1023 1024 if (copy->cp_stateid.cs_type != NFS4_COPY_STID) 1025 return; 1026 nn = net_generic(copy->cp_clp->net, nfsd_net_id); 1027 spin_lock(&nn->s2s_cp_lock); 1028 idr_remove(&nn->s2s_cp_stateids, 1029 copy->cp_stateid.cs_stid.si_opaque.so_id); 1030 spin_unlock(&nn->s2s_cp_lock); 1031 } 1032 1033 static void nfs4_free_cpntf_statelist(struct net *net, struct nfs4_stid *stid) 1034 { 1035 struct nfs4_cpntf_state *cps; 1036 struct nfsd_net *nn; 1037 1038 nn = net_generic(net, nfsd_net_id); 1039 spin_lock(&nn->s2s_cp_lock); 1040 while (!list_empty(&stid->sc_cp_list)) { 1041 cps = list_first_entry(&stid->sc_cp_list, 1042 struct nfs4_cpntf_state, cp_list); 1043 _free_cpntf_state_locked(nn, cps); 1044 } 1045 spin_unlock(&nn->s2s_cp_lock); 1046 } 1047 1048 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 1049 { 1050 struct nfs4_stid *stid; 1051 1052 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 1053 if (!stid) 1054 return NULL; 1055 1056 return openlockstateid(stid); 1057 } 1058 1059 static void nfs4_free_deleg(struct nfs4_stid *stid) 1060 { 1061 struct nfs4_delegation *dp = delegstateid(stid); 1062 1063 WARN_ON_ONCE(!list_empty(&stid->sc_cp_list)); 1064 WARN_ON_ONCE(!list_empty(&dp->dl_perfile)); 1065 WARN_ON_ONCE(!list_empty(&dp->dl_perclnt)); 1066 WARN_ON_ONCE(!list_empty(&dp->dl_recall_lru)); 1067 kmem_cache_free(deleg_slab, stid); 1068 atomic_long_dec(&num_delegations); 1069 } 1070 1071 /* 1072 * When we recall a delegation, we should be careful not to hand it 1073 * out again straight away. 1074 * To ensure this we keep a pair of bloom filters ('new' and 'old') 1075 * in which the filehandles of recalled delegations are "stored". 1076 * If a filehandle appear in either filter, a delegation is blocked. 1077 * When a delegation is recalled, the filehandle is stored in the "new" 1078 * filter. 1079 * Every 30 seconds we swap the filters and clear the "new" one, 1080 * unless both are empty of course. 1081 * 1082 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 1083 * low 3 bytes as hash-table indices. 1084 * 1085 * 'blocked_delegations_lock', which is always taken in block_delegations(), 1086 * is used to manage concurrent access. Testing does not need the lock 1087 * except when swapping the two filters. 1088 */ 1089 static DEFINE_SPINLOCK(blocked_delegations_lock); 1090 static struct bloom_pair { 1091 int entries, old_entries; 1092 time64_t swap_time; 1093 int new; /* index into 'set' */ 1094 DECLARE_BITMAP(set[2], 256); 1095 } blocked_delegations; 1096 1097 static int delegation_blocked(struct knfsd_fh *fh) 1098 { 1099 u32 hash; 1100 struct bloom_pair *bd = &blocked_delegations; 1101 1102 if (bd->entries == 0) 1103 return 0; 1104 if (ktime_get_seconds() - bd->swap_time > 30) { 1105 spin_lock(&blocked_delegations_lock); 1106 if (ktime_get_seconds() - bd->swap_time > 30) { 1107 bd->entries -= bd->old_entries; 1108 bd->old_entries = bd->entries; 1109 memset(bd->set[bd->new], 0, 1110 sizeof(bd->set[0])); 1111 bd->new = 1-bd->new; 1112 bd->swap_time = ktime_get_seconds(); 1113 } 1114 spin_unlock(&blocked_delegations_lock); 1115 } 1116 hash = jhash(&fh->fh_raw, fh->fh_size, 0); 1117 if (test_bit(hash&255, bd->set[0]) && 1118 test_bit((hash>>8)&255, bd->set[0]) && 1119 test_bit((hash>>16)&255, bd->set[0])) 1120 return 1; 1121 1122 if (test_bit(hash&255, bd->set[1]) && 1123 test_bit((hash>>8)&255, bd->set[1]) && 1124 test_bit((hash>>16)&255, bd->set[1])) 1125 return 1; 1126 1127 return 0; 1128 } 1129 1130 static void block_delegations(struct knfsd_fh *fh) 1131 { 1132 u32 hash; 1133 struct bloom_pair *bd = &blocked_delegations; 1134 1135 hash = jhash(&fh->fh_raw, fh->fh_size, 0); 1136 1137 spin_lock(&blocked_delegations_lock); 1138 __set_bit(hash&255, bd->set[bd->new]); 1139 __set_bit((hash>>8)&255, bd->set[bd->new]); 1140 __set_bit((hash>>16)&255, bd->set[bd->new]); 1141 if (bd->entries == 0) 1142 bd->swap_time = ktime_get_seconds(); 1143 bd->entries += 1; 1144 spin_unlock(&blocked_delegations_lock); 1145 } 1146 1147 static struct nfs4_delegation * 1148 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 1149 struct nfs4_clnt_odstate *odstate, u32 dl_type) 1150 { 1151 struct nfs4_delegation *dp; 1152 struct nfs4_stid *stid; 1153 long n; 1154 1155 dprintk("NFSD alloc_init_deleg\n"); 1156 n = atomic_long_inc_return(&num_delegations); 1157 if (n < 0 || n > max_delegations) 1158 goto out_dec; 1159 if (delegation_blocked(&fp->fi_fhandle)) 1160 goto out_dec; 1161 stid = nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg); 1162 if (stid == NULL) 1163 goto out_dec; 1164 dp = delegstateid(stid); 1165 1166 /* 1167 * delegation seqid's are never incremented. The 4.1 special 1168 * meaning of seqid 0 isn't meaningful, really, but let's avoid 1169 * 0 anyway just for consistency and use 1: 1170 */ 1171 dp->dl_stid.sc_stateid.si_generation = 1; 1172 INIT_LIST_HEAD(&dp->dl_perfile); 1173 INIT_LIST_HEAD(&dp->dl_perclnt); 1174 INIT_LIST_HEAD(&dp->dl_recall_lru); 1175 dp->dl_clnt_odstate = odstate; 1176 get_clnt_odstate(odstate); 1177 dp->dl_type = dl_type; 1178 dp->dl_retries = 1; 1179 dp->dl_recalled = false; 1180 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 1181 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 1182 nfsd4_init_cb(&dp->dl_cb_fattr.ncf_getattr, dp->dl_stid.sc_client, 1183 &nfsd4_cb_getattr_ops, NFSPROC4_CLNT_CB_GETATTR); 1184 dp->dl_cb_fattr.ncf_file_modified = false; 1185 dp->dl_cb_fattr.ncf_cb_bmap[0] = FATTR4_WORD0_CHANGE | FATTR4_WORD0_SIZE; 1186 get_nfs4_file(fp); 1187 dp->dl_stid.sc_file = fp; 1188 return dp; 1189 out_dec: 1190 atomic_long_dec(&num_delegations); 1191 return NULL; 1192 } 1193 1194 void 1195 nfs4_put_stid(struct nfs4_stid *s) 1196 { 1197 struct nfs4_file *fp = s->sc_file; 1198 struct nfs4_client *clp = s->sc_client; 1199 1200 might_lock(&clp->cl_lock); 1201 1202 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 1203 wake_up_all(&close_wq); 1204 return; 1205 } 1206 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1207 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) 1208 atomic_dec(&s->sc_client->cl_admin_revoked); 1209 nfs4_free_cpntf_statelist(clp->net, s); 1210 spin_unlock(&clp->cl_lock); 1211 s->sc_free(s); 1212 if (fp) 1213 put_nfs4_file(fp); 1214 } 1215 1216 void 1217 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 1218 { 1219 stateid_t *src = &stid->sc_stateid; 1220 1221 spin_lock(&stid->sc_lock); 1222 if (unlikely(++src->si_generation == 0)) 1223 src->si_generation = 1; 1224 memcpy(dst, src, sizeof(*dst)); 1225 spin_unlock(&stid->sc_lock); 1226 } 1227 1228 static void put_deleg_file(struct nfs4_file *fp) 1229 { 1230 struct nfsd_file *nf = NULL; 1231 1232 spin_lock(&fp->fi_lock); 1233 if (--fp->fi_delegees == 0) 1234 swap(nf, fp->fi_deleg_file); 1235 spin_unlock(&fp->fi_lock); 1236 1237 if (nf) 1238 nfsd_file_put(nf); 1239 } 1240 1241 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 1242 { 1243 struct nfs4_file *fp = dp->dl_stid.sc_file; 1244 struct nfsd_file *nf = fp->fi_deleg_file; 1245 1246 WARN_ON_ONCE(!fp->fi_delegees); 1247 1248 kernel_setlease(nf->nf_file, F_UNLCK, NULL, (void **)&dp); 1249 put_deleg_file(fp); 1250 } 1251 1252 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 1253 { 1254 put_clnt_odstate(dp->dl_clnt_odstate); 1255 nfs4_unlock_deleg_lease(dp); 1256 nfs4_put_stid(&dp->dl_stid); 1257 } 1258 1259 /** 1260 * nfs4_delegation_exists - Discover if this delegation already exists 1261 * @clp: a pointer to the nfs4_client we're granting a delegation to 1262 * @fp: a pointer to the nfs4_file we're granting a delegation on 1263 * 1264 * Return: 1265 * On success: true iff an existing delegation is found 1266 */ 1267 1268 static bool 1269 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 1270 { 1271 struct nfs4_delegation *searchdp = NULL; 1272 struct nfs4_client *searchclp = NULL; 1273 1274 lockdep_assert_held(&state_lock); 1275 lockdep_assert_held(&fp->fi_lock); 1276 1277 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 1278 searchclp = searchdp->dl_stid.sc_client; 1279 if (clp == searchclp) { 1280 return true; 1281 } 1282 } 1283 return false; 1284 } 1285 1286 /** 1287 * hash_delegation_locked - Add a delegation to the appropriate lists 1288 * @dp: a pointer to the nfs4_delegation we are adding. 1289 * @fp: a pointer to the nfs4_file we're granting a delegation on 1290 * 1291 * Return: 1292 * On success: NULL if the delegation was successfully hashed. 1293 * 1294 * On error: -EAGAIN if one was previously granted to this 1295 * nfs4_client for this nfs4_file. Delegation is not hashed. 1296 * 1297 */ 1298 1299 static int 1300 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 1301 { 1302 struct nfs4_client *clp = dp->dl_stid.sc_client; 1303 1304 lockdep_assert_held(&state_lock); 1305 lockdep_assert_held(&fp->fi_lock); 1306 lockdep_assert_held(&clp->cl_lock); 1307 1308 if (nfs4_delegation_exists(clp, fp)) 1309 return -EAGAIN; 1310 refcount_inc(&dp->dl_stid.sc_count); 1311 dp->dl_stid.sc_type = SC_TYPE_DELEG; 1312 list_add(&dp->dl_perfile, &fp->fi_delegations); 1313 list_add(&dp->dl_perclnt, &clp->cl_delegations); 1314 return 0; 1315 } 1316 1317 static bool delegation_hashed(struct nfs4_delegation *dp) 1318 { 1319 return !(list_empty(&dp->dl_perfile)); 1320 } 1321 1322 static bool 1323 unhash_delegation_locked(struct nfs4_delegation *dp, unsigned short statusmask) 1324 { 1325 struct nfs4_file *fp = dp->dl_stid.sc_file; 1326 1327 lockdep_assert_held(&state_lock); 1328 1329 if (!delegation_hashed(dp)) 1330 return false; 1331 1332 if (statusmask == SC_STATUS_REVOKED && 1333 dp->dl_stid.sc_client->cl_minorversion == 0) 1334 statusmask = SC_STATUS_CLOSED; 1335 dp->dl_stid.sc_status |= statusmask; 1336 if (statusmask & SC_STATUS_ADMIN_REVOKED) 1337 atomic_inc(&dp->dl_stid.sc_client->cl_admin_revoked); 1338 1339 /* Ensure that deleg break won't try to requeue it */ 1340 ++dp->dl_time; 1341 spin_lock(&fp->fi_lock); 1342 list_del_init(&dp->dl_perclnt); 1343 list_del_init(&dp->dl_recall_lru); 1344 list_del_init(&dp->dl_perfile); 1345 spin_unlock(&fp->fi_lock); 1346 return true; 1347 } 1348 1349 static void destroy_delegation(struct nfs4_delegation *dp) 1350 { 1351 bool unhashed; 1352 1353 spin_lock(&state_lock); 1354 unhashed = unhash_delegation_locked(dp, SC_STATUS_CLOSED); 1355 spin_unlock(&state_lock); 1356 if (unhashed) 1357 destroy_unhashed_deleg(dp); 1358 } 1359 1360 static void revoke_delegation(struct nfs4_delegation *dp) 1361 { 1362 struct nfs4_client *clp = dp->dl_stid.sc_client; 1363 1364 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1365 1366 trace_nfsd_stid_revoke(&dp->dl_stid); 1367 1368 if (dp->dl_stid.sc_status & 1369 (SC_STATUS_REVOKED | SC_STATUS_ADMIN_REVOKED)) { 1370 spin_lock(&clp->cl_lock); 1371 refcount_inc(&dp->dl_stid.sc_count); 1372 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1373 spin_unlock(&clp->cl_lock); 1374 } 1375 destroy_unhashed_deleg(dp); 1376 } 1377 1378 /* 1379 * SETCLIENTID state 1380 */ 1381 1382 static unsigned int clientid_hashval(u32 id) 1383 { 1384 return id & CLIENT_HASH_MASK; 1385 } 1386 1387 static unsigned int clientstr_hashval(struct xdr_netobj name) 1388 { 1389 return opaque_hashval(name.data, 8) & CLIENT_HASH_MASK; 1390 } 1391 1392 /* 1393 * A stateid that had a deny mode associated with it is being released 1394 * or downgraded. Recalculate the deny mode on the file. 1395 */ 1396 static void 1397 recalculate_deny_mode(struct nfs4_file *fp) 1398 { 1399 struct nfs4_ol_stateid *stp; 1400 u32 old_deny; 1401 1402 spin_lock(&fp->fi_lock); 1403 old_deny = fp->fi_share_deny; 1404 fp->fi_share_deny = 0; 1405 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) { 1406 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1407 if (fp->fi_share_deny == old_deny) 1408 break; 1409 } 1410 spin_unlock(&fp->fi_lock); 1411 } 1412 1413 static void 1414 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1415 { 1416 int i; 1417 bool change = false; 1418 1419 for (i = 1; i < 4; i++) { 1420 if ((i & deny) != i) { 1421 change = true; 1422 clear_deny(i, stp); 1423 } 1424 } 1425 1426 /* Recalculate per-file deny mode if there was a change */ 1427 if (change) 1428 recalculate_deny_mode(stp->st_stid.sc_file); 1429 } 1430 1431 /* release all access and file references for a given stateid */ 1432 static void 1433 release_all_access(struct nfs4_ol_stateid *stp) 1434 { 1435 int i; 1436 struct nfs4_file *fp = stp->st_stid.sc_file; 1437 1438 if (fp && stp->st_deny_bmap != 0) 1439 recalculate_deny_mode(fp); 1440 1441 for (i = 1; i < 4; i++) { 1442 if (test_access(i, stp)) 1443 nfs4_file_put_access(stp->st_stid.sc_file, i); 1444 clear_access(i, stp); 1445 } 1446 } 1447 1448 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1449 { 1450 kfree(sop->so_owner.data); 1451 sop->so_ops->so_free(sop); 1452 } 1453 1454 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1455 { 1456 struct nfs4_client *clp = sop->so_client; 1457 1458 might_lock(&clp->cl_lock); 1459 1460 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1461 return; 1462 sop->so_ops->so_unhash(sop); 1463 spin_unlock(&clp->cl_lock); 1464 nfs4_free_stateowner(sop); 1465 } 1466 1467 static bool 1468 nfs4_ol_stateid_unhashed(const struct nfs4_ol_stateid *stp) 1469 { 1470 return list_empty(&stp->st_perfile); 1471 } 1472 1473 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1474 { 1475 struct nfs4_file *fp = stp->st_stid.sc_file; 1476 1477 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1478 1479 if (list_empty(&stp->st_perfile)) 1480 return false; 1481 1482 spin_lock(&fp->fi_lock); 1483 list_del_init(&stp->st_perfile); 1484 spin_unlock(&fp->fi_lock); 1485 list_del(&stp->st_perstateowner); 1486 return true; 1487 } 1488 1489 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1490 { 1491 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1492 1493 put_clnt_odstate(stp->st_clnt_odstate); 1494 release_all_access(stp); 1495 if (stp->st_stateowner) 1496 nfs4_put_stateowner(stp->st_stateowner); 1497 WARN_ON(!list_empty(&stid->sc_cp_list)); 1498 kmem_cache_free(stateid_slab, stid); 1499 } 1500 1501 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1502 { 1503 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1504 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1505 struct nfsd_file *nf; 1506 1507 nf = find_any_file(stp->st_stid.sc_file); 1508 if (nf) { 1509 get_file(nf->nf_file); 1510 filp_close(nf->nf_file, (fl_owner_t)lo); 1511 nfsd_file_put(nf); 1512 } 1513 nfs4_free_ol_stateid(stid); 1514 } 1515 1516 /* 1517 * Put the persistent reference to an already unhashed generic stateid, while 1518 * holding the cl_lock. If it's the last reference, then put it onto the 1519 * reaplist for later destruction. 1520 */ 1521 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1522 struct list_head *reaplist) 1523 { 1524 struct nfs4_stid *s = &stp->st_stid; 1525 struct nfs4_client *clp = s->sc_client; 1526 1527 lockdep_assert_held(&clp->cl_lock); 1528 1529 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1530 1531 if (!refcount_dec_and_test(&s->sc_count)) { 1532 wake_up_all(&close_wq); 1533 return; 1534 } 1535 1536 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1537 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) 1538 atomic_dec(&s->sc_client->cl_admin_revoked); 1539 list_add(&stp->st_locks, reaplist); 1540 } 1541 1542 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1543 { 1544 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1545 1546 if (!unhash_ol_stateid(stp)) 1547 return false; 1548 list_del_init(&stp->st_locks); 1549 stp->st_stid.sc_status |= SC_STATUS_CLOSED; 1550 return true; 1551 } 1552 1553 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1554 { 1555 struct nfs4_client *clp = stp->st_stid.sc_client; 1556 bool unhashed; 1557 1558 spin_lock(&clp->cl_lock); 1559 unhashed = unhash_lock_stateid(stp); 1560 spin_unlock(&clp->cl_lock); 1561 if (unhashed) 1562 nfs4_put_stid(&stp->st_stid); 1563 } 1564 1565 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1566 { 1567 struct nfs4_client *clp = lo->lo_owner.so_client; 1568 1569 lockdep_assert_held(&clp->cl_lock); 1570 1571 list_del_init(&lo->lo_owner.so_strhash); 1572 } 1573 1574 /* 1575 * Free a list of generic stateids that were collected earlier after being 1576 * fully unhashed. 1577 */ 1578 static void 1579 free_ol_stateid_reaplist(struct list_head *reaplist) 1580 { 1581 struct nfs4_ol_stateid *stp; 1582 struct nfs4_file *fp; 1583 1584 might_sleep(); 1585 1586 while (!list_empty(reaplist)) { 1587 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1588 st_locks); 1589 list_del(&stp->st_locks); 1590 fp = stp->st_stid.sc_file; 1591 stp->st_stid.sc_free(&stp->st_stid); 1592 if (fp) 1593 put_nfs4_file(fp); 1594 } 1595 } 1596 1597 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1598 struct list_head *reaplist) 1599 { 1600 struct nfs4_ol_stateid *stp; 1601 1602 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1603 1604 while (!list_empty(&open_stp->st_locks)) { 1605 stp = list_entry(open_stp->st_locks.next, 1606 struct nfs4_ol_stateid, st_locks); 1607 unhash_lock_stateid(stp); 1608 put_ol_stateid_locked(stp, reaplist); 1609 } 1610 } 1611 1612 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1613 struct list_head *reaplist) 1614 { 1615 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1616 1617 if (!unhash_ol_stateid(stp)) 1618 return false; 1619 release_open_stateid_locks(stp, reaplist); 1620 return true; 1621 } 1622 1623 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1624 { 1625 LIST_HEAD(reaplist); 1626 1627 spin_lock(&stp->st_stid.sc_client->cl_lock); 1628 stp->st_stid.sc_status |= SC_STATUS_CLOSED; 1629 if (unhash_open_stateid(stp, &reaplist)) 1630 put_ol_stateid_locked(stp, &reaplist); 1631 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1632 free_ol_stateid_reaplist(&reaplist); 1633 } 1634 1635 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1636 { 1637 struct nfs4_client *clp = oo->oo_owner.so_client; 1638 1639 lockdep_assert_held(&clp->cl_lock); 1640 1641 list_del_init(&oo->oo_owner.so_strhash); 1642 list_del_init(&oo->oo_perclient); 1643 } 1644 1645 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1646 { 1647 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1648 nfsd_net_id); 1649 struct nfs4_ol_stateid *s; 1650 1651 spin_lock(&nn->client_lock); 1652 s = oo->oo_last_closed_stid; 1653 if (s) { 1654 list_del_init(&oo->oo_close_lru); 1655 oo->oo_last_closed_stid = NULL; 1656 } 1657 spin_unlock(&nn->client_lock); 1658 if (s) 1659 nfs4_put_stid(&s->st_stid); 1660 } 1661 1662 static void release_openowner(struct nfs4_openowner *oo) 1663 { 1664 struct nfs4_ol_stateid *stp; 1665 struct nfs4_client *clp = oo->oo_owner.so_client; 1666 struct list_head reaplist; 1667 1668 INIT_LIST_HEAD(&reaplist); 1669 1670 spin_lock(&clp->cl_lock); 1671 unhash_openowner_locked(oo); 1672 while (!list_empty(&oo->oo_owner.so_stateids)) { 1673 stp = list_first_entry(&oo->oo_owner.so_stateids, 1674 struct nfs4_ol_stateid, st_perstateowner); 1675 if (unhash_open_stateid(stp, &reaplist)) 1676 put_ol_stateid_locked(stp, &reaplist); 1677 } 1678 spin_unlock(&clp->cl_lock); 1679 free_ol_stateid_reaplist(&reaplist); 1680 release_last_closed_stateid(oo); 1681 nfs4_put_stateowner(&oo->oo_owner); 1682 } 1683 1684 static struct nfs4_stid *find_one_sb_stid(struct nfs4_client *clp, 1685 struct super_block *sb, 1686 unsigned int sc_types) 1687 { 1688 unsigned long id, tmp; 1689 struct nfs4_stid *stid; 1690 1691 spin_lock(&clp->cl_lock); 1692 idr_for_each_entry_ul(&clp->cl_stateids, stid, tmp, id) 1693 if ((stid->sc_type & sc_types) && 1694 stid->sc_status == 0 && 1695 stid->sc_file->fi_inode->i_sb == sb) { 1696 refcount_inc(&stid->sc_count); 1697 break; 1698 } 1699 spin_unlock(&clp->cl_lock); 1700 return stid; 1701 } 1702 1703 /** 1704 * nfsd4_revoke_states - revoke all nfsv4 states associated with given filesystem 1705 * @net: used to identify instance of nfsd (there is one per net namespace) 1706 * @sb: super_block used to identify target filesystem 1707 * 1708 * All nfs4 states (open, lock, delegation, layout) held by the server instance 1709 * and associated with a file on the given filesystem will be revoked resulting 1710 * in any files being closed and so all references from nfsd to the filesystem 1711 * being released. Thus nfsd will no longer prevent the filesystem from being 1712 * unmounted. 1713 * 1714 * The clients which own the states will subsequently being notified that the 1715 * states have been "admin-revoked". 1716 */ 1717 void nfsd4_revoke_states(struct net *net, struct super_block *sb) 1718 { 1719 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1720 unsigned int idhashval; 1721 unsigned int sc_types; 1722 1723 sc_types = SC_TYPE_OPEN | SC_TYPE_LOCK | SC_TYPE_DELEG | SC_TYPE_LAYOUT; 1724 1725 spin_lock(&nn->client_lock); 1726 for (idhashval = 0; idhashval < CLIENT_HASH_MASK; idhashval++) { 1727 struct list_head *head = &nn->conf_id_hashtbl[idhashval]; 1728 struct nfs4_client *clp; 1729 retry: 1730 list_for_each_entry(clp, head, cl_idhash) { 1731 struct nfs4_stid *stid = find_one_sb_stid(clp, sb, 1732 sc_types); 1733 if (stid) { 1734 struct nfs4_ol_stateid *stp; 1735 struct nfs4_delegation *dp; 1736 struct nfs4_layout_stateid *ls; 1737 1738 spin_unlock(&nn->client_lock); 1739 switch (stid->sc_type) { 1740 case SC_TYPE_OPEN: 1741 stp = openlockstateid(stid); 1742 mutex_lock_nested(&stp->st_mutex, 1743 OPEN_STATEID_MUTEX); 1744 1745 spin_lock(&clp->cl_lock); 1746 if (stid->sc_status == 0) { 1747 stid->sc_status |= 1748 SC_STATUS_ADMIN_REVOKED; 1749 atomic_inc(&clp->cl_admin_revoked); 1750 spin_unlock(&clp->cl_lock); 1751 release_all_access(stp); 1752 } else 1753 spin_unlock(&clp->cl_lock); 1754 mutex_unlock(&stp->st_mutex); 1755 break; 1756 case SC_TYPE_LOCK: 1757 stp = openlockstateid(stid); 1758 mutex_lock_nested(&stp->st_mutex, 1759 LOCK_STATEID_MUTEX); 1760 spin_lock(&clp->cl_lock); 1761 if (stid->sc_status == 0) { 1762 struct nfs4_lockowner *lo = 1763 lockowner(stp->st_stateowner); 1764 struct nfsd_file *nf; 1765 1766 stid->sc_status |= 1767 SC_STATUS_ADMIN_REVOKED; 1768 atomic_inc(&clp->cl_admin_revoked); 1769 spin_unlock(&clp->cl_lock); 1770 nf = find_any_file(stp->st_stid.sc_file); 1771 if (nf) { 1772 get_file(nf->nf_file); 1773 filp_close(nf->nf_file, 1774 (fl_owner_t)lo); 1775 nfsd_file_put(nf); 1776 } 1777 release_all_access(stp); 1778 } else 1779 spin_unlock(&clp->cl_lock); 1780 mutex_unlock(&stp->st_mutex); 1781 break; 1782 case SC_TYPE_DELEG: 1783 dp = delegstateid(stid); 1784 spin_lock(&state_lock); 1785 if (!unhash_delegation_locked( 1786 dp, SC_STATUS_ADMIN_REVOKED)) 1787 dp = NULL; 1788 spin_unlock(&state_lock); 1789 if (dp) 1790 revoke_delegation(dp); 1791 break; 1792 case SC_TYPE_LAYOUT: 1793 ls = layoutstateid(stid); 1794 nfsd4_close_layout(ls); 1795 break; 1796 } 1797 nfs4_put_stid(stid); 1798 spin_lock(&nn->client_lock); 1799 if (clp->cl_minorversion == 0) 1800 /* Allow cleanup after a lease period. 1801 * store_release ensures cleanup will 1802 * see any newly revoked states if it 1803 * sees the time updated. 1804 */ 1805 nn->nfs40_last_revoke = 1806 ktime_get_boottime_seconds(); 1807 goto retry; 1808 } 1809 } 1810 } 1811 spin_unlock(&nn->client_lock); 1812 } 1813 1814 static inline int 1815 hash_sessionid(struct nfs4_sessionid *sessionid) 1816 { 1817 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1818 1819 return sid->sequence % SESSION_HASH_SIZE; 1820 } 1821 1822 #ifdef CONFIG_SUNRPC_DEBUG 1823 static inline void 1824 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1825 { 1826 u32 *ptr = (u32 *)(&sessionid->data[0]); 1827 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1828 } 1829 #else 1830 static inline void 1831 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1832 { 1833 } 1834 #endif 1835 1836 /* 1837 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1838 * won't be used for replay. 1839 */ 1840 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1841 { 1842 struct nfs4_stateowner *so = cstate->replay_owner; 1843 1844 if (nfserr == nfserr_replay_me) 1845 return; 1846 1847 if (!seqid_mutating_err(ntohl(nfserr))) { 1848 nfsd4_cstate_clear_replay(cstate); 1849 return; 1850 } 1851 if (!so) 1852 return; 1853 if (so->so_is_open_owner) 1854 release_last_closed_stateid(openowner(so)); 1855 so->so_seqid++; 1856 return; 1857 } 1858 1859 static void 1860 gen_sessionid(struct nfsd4_session *ses) 1861 { 1862 struct nfs4_client *clp = ses->se_client; 1863 struct nfsd4_sessionid *sid; 1864 1865 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1866 sid->clientid = clp->cl_clientid; 1867 sid->sequence = current_sessionid++; 1868 sid->reserved = 0; 1869 } 1870 1871 /* 1872 * The protocol defines ca_maxresponssize_cached to include the size of 1873 * the rpc header, but all we need to cache is the data starting after 1874 * the end of the initial SEQUENCE operation--the rest we regenerate 1875 * each time. Therefore we can advertise a ca_maxresponssize_cached 1876 * value that is the number of bytes in our cache plus a few additional 1877 * bytes. In order to stay on the safe side, and not promise more than 1878 * we can cache, those additional bytes must be the minimum possible: 24 1879 * bytes of rpc header (xid through accept state, with AUTH_NULL 1880 * verifier), 12 for the compound header (with zero-length tag), and 44 1881 * for the SEQUENCE op response: 1882 */ 1883 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1884 1885 static void 1886 free_session_slots(struct nfsd4_session *ses) 1887 { 1888 int i; 1889 1890 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1891 free_svc_cred(&ses->se_slots[i]->sl_cred); 1892 kfree(ses->se_slots[i]); 1893 } 1894 } 1895 1896 /* 1897 * We don't actually need to cache the rpc and session headers, so we 1898 * can allocate a little less for each slot: 1899 */ 1900 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1901 { 1902 u32 size; 1903 1904 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1905 size = 0; 1906 else 1907 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1908 return size + sizeof(struct nfsd4_slot); 1909 } 1910 1911 /* 1912 * XXX: If we run out of reserved DRC memory we could (up to a point) 1913 * re-negotiate active sessions and reduce their slot usage to make 1914 * room for new connections. For now we just fail the create session. 1915 */ 1916 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 1917 { 1918 u32 slotsize = slot_bytes(ca); 1919 u32 num = ca->maxreqs; 1920 unsigned long avail, total_avail; 1921 unsigned int scale_factor; 1922 1923 spin_lock(&nfsd_drc_lock); 1924 if (nfsd_drc_max_mem > nfsd_drc_mem_used) 1925 total_avail = nfsd_drc_max_mem - nfsd_drc_mem_used; 1926 else 1927 /* We have handed out more space than we chose in 1928 * set_max_drc() to allow. That isn't really a 1929 * problem as long as that doesn't make us think we 1930 * have lots more due to integer overflow. 1931 */ 1932 total_avail = 0; 1933 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, total_avail); 1934 /* 1935 * Never use more than a fraction of the remaining memory, 1936 * unless it's the only way to give this client a slot. 1937 * The chosen fraction is either 1/8 or 1/number of threads, 1938 * whichever is smaller. This ensures there are adequate 1939 * slots to support multiple clients per thread. 1940 * Give the client one slot even if that would require 1941 * over-allocation--it is better than failure. 1942 */ 1943 scale_factor = max_t(unsigned int, 8, nn->nfsd_serv->sv_nrthreads); 1944 1945 avail = clamp_t(unsigned long, avail, slotsize, 1946 total_avail/scale_factor); 1947 num = min_t(int, num, avail / slotsize); 1948 num = max_t(int, num, 1); 1949 nfsd_drc_mem_used += num * slotsize; 1950 spin_unlock(&nfsd_drc_lock); 1951 1952 return num; 1953 } 1954 1955 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1956 { 1957 int slotsize = slot_bytes(ca); 1958 1959 spin_lock(&nfsd_drc_lock); 1960 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1961 spin_unlock(&nfsd_drc_lock); 1962 } 1963 1964 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1965 struct nfsd4_channel_attrs *battrs) 1966 { 1967 int numslots = fattrs->maxreqs; 1968 int slotsize = slot_bytes(fattrs); 1969 struct nfsd4_session *new; 1970 int i; 1971 1972 BUILD_BUG_ON(struct_size(new, se_slots, NFSD_MAX_SLOTS_PER_SESSION) 1973 > PAGE_SIZE); 1974 1975 new = kzalloc(struct_size(new, se_slots, numslots), GFP_KERNEL); 1976 if (!new) 1977 return NULL; 1978 /* allocate each struct nfsd4_slot and data cache in one piece */ 1979 for (i = 0; i < numslots; i++) { 1980 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1981 if (!new->se_slots[i]) 1982 goto out_free; 1983 } 1984 1985 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1986 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1987 1988 return new; 1989 out_free: 1990 while (i--) 1991 kfree(new->se_slots[i]); 1992 kfree(new); 1993 return NULL; 1994 } 1995 1996 static void free_conn(struct nfsd4_conn *c) 1997 { 1998 svc_xprt_put(c->cn_xprt); 1999 kfree(c); 2000 } 2001 2002 static void nfsd4_conn_lost(struct svc_xpt_user *u) 2003 { 2004 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 2005 struct nfs4_client *clp = c->cn_session->se_client; 2006 2007 trace_nfsd_cb_lost(clp); 2008 2009 spin_lock(&clp->cl_lock); 2010 if (!list_empty(&c->cn_persession)) { 2011 list_del(&c->cn_persession); 2012 free_conn(c); 2013 } 2014 nfsd4_probe_callback(clp); 2015 spin_unlock(&clp->cl_lock); 2016 } 2017 2018 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 2019 { 2020 struct nfsd4_conn *conn; 2021 2022 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 2023 if (!conn) 2024 return NULL; 2025 svc_xprt_get(rqstp->rq_xprt); 2026 conn->cn_xprt = rqstp->rq_xprt; 2027 conn->cn_flags = flags; 2028 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 2029 return conn; 2030 } 2031 2032 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 2033 { 2034 conn->cn_session = ses; 2035 list_add(&conn->cn_persession, &ses->se_conns); 2036 } 2037 2038 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 2039 { 2040 struct nfs4_client *clp = ses->se_client; 2041 2042 spin_lock(&clp->cl_lock); 2043 __nfsd4_hash_conn(conn, ses); 2044 spin_unlock(&clp->cl_lock); 2045 } 2046 2047 static int nfsd4_register_conn(struct nfsd4_conn *conn) 2048 { 2049 conn->cn_xpt_user.callback = nfsd4_conn_lost; 2050 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 2051 } 2052 2053 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 2054 { 2055 int ret; 2056 2057 nfsd4_hash_conn(conn, ses); 2058 ret = nfsd4_register_conn(conn); 2059 if (ret) 2060 /* oops; xprt is already down: */ 2061 nfsd4_conn_lost(&conn->cn_xpt_user); 2062 /* We may have gained or lost a callback channel: */ 2063 nfsd4_probe_callback_sync(ses->se_client); 2064 } 2065 2066 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 2067 { 2068 u32 dir = NFS4_CDFC4_FORE; 2069 2070 if (cses->flags & SESSION4_BACK_CHAN) 2071 dir |= NFS4_CDFC4_BACK; 2072 return alloc_conn(rqstp, dir); 2073 } 2074 2075 /* must be called under client_lock */ 2076 static void nfsd4_del_conns(struct nfsd4_session *s) 2077 { 2078 struct nfs4_client *clp = s->se_client; 2079 struct nfsd4_conn *c; 2080 2081 spin_lock(&clp->cl_lock); 2082 while (!list_empty(&s->se_conns)) { 2083 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 2084 list_del_init(&c->cn_persession); 2085 spin_unlock(&clp->cl_lock); 2086 2087 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 2088 free_conn(c); 2089 2090 spin_lock(&clp->cl_lock); 2091 } 2092 spin_unlock(&clp->cl_lock); 2093 } 2094 2095 static void __free_session(struct nfsd4_session *ses) 2096 { 2097 free_session_slots(ses); 2098 kfree(ses); 2099 } 2100 2101 static void free_session(struct nfsd4_session *ses) 2102 { 2103 nfsd4_del_conns(ses); 2104 nfsd4_put_drc_mem(&ses->se_fchannel); 2105 __free_session(ses); 2106 } 2107 2108 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 2109 { 2110 int idx; 2111 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2112 2113 new->se_client = clp; 2114 gen_sessionid(new); 2115 2116 INIT_LIST_HEAD(&new->se_conns); 2117 2118 new->se_cb_seq_nr = 1; 2119 new->se_flags = cses->flags; 2120 new->se_cb_prog = cses->callback_prog; 2121 new->se_cb_sec = cses->cb_sec; 2122 atomic_set(&new->se_ref, 0); 2123 idx = hash_sessionid(&new->se_sessionid); 2124 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 2125 spin_lock(&clp->cl_lock); 2126 list_add(&new->se_perclnt, &clp->cl_sessions); 2127 spin_unlock(&clp->cl_lock); 2128 2129 { 2130 struct sockaddr *sa = svc_addr(rqstp); 2131 /* 2132 * This is a little silly; with sessions there's no real 2133 * use for the callback address. Use the peer address 2134 * as a reasonable default for now, but consider fixing 2135 * the rpc client not to require an address in the 2136 * future: 2137 */ 2138 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 2139 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 2140 } 2141 } 2142 2143 /* caller must hold client_lock */ 2144 static struct nfsd4_session * 2145 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 2146 { 2147 struct nfsd4_session *elem; 2148 int idx; 2149 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2150 2151 lockdep_assert_held(&nn->client_lock); 2152 2153 dump_sessionid(__func__, sessionid); 2154 idx = hash_sessionid(sessionid); 2155 /* Search in the appropriate list */ 2156 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 2157 if (!memcmp(elem->se_sessionid.data, sessionid->data, 2158 NFS4_MAX_SESSIONID_LEN)) { 2159 return elem; 2160 } 2161 } 2162 2163 dprintk("%s: session not found\n", __func__); 2164 return NULL; 2165 } 2166 2167 static struct nfsd4_session * 2168 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 2169 __be32 *ret) 2170 { 2171 struct nfsd4_session *session; 2172 __be32 status = nfserr_badsession; 2173 2174 session = __find_in_sessionid_hashtbl(sessionid, net); 2175 if (!session) 2176 goto out; 2177 status = nfsd4_get_session_locked(session); 2178 if (status) 2179 session = NULL; 2180 out: 2181 *ret = status; 2182 return session; 2183 } 2184 2185 /* caller must hold client_lock */ 2186 static void 2187 unhash_session(struct nfsd4_session *ses) 2188 { 2189 struct nfs4_client *clp = ses->se_client; 2190 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2191 2192 lockdep_assert_held(&nn->client_lock); 2193 2194 list_del(&ses->se_hash); 2195 spin_lock(&ses->se_client->cl_lock); 2196 list_del(&ses->se_perclnt); 2197 spin_unlock(&ses->se_client->cl_lock); 2198 } 2199 2200 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 2201 static int 2202 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 2203 { 2204 /* 2205 * We're assuming the clid was not given out from a boot 2206 * precisely 2^32 (about 136 years) before this one. That seems 2207 * a safe assumption: 2208 */ 2209 if (clid->cl_boot == (u32)nn->boot_time) 2210 return 0; 2211 trace_nfsd_clid_stale(clid); 2212 return 1; 2213 } 2214 2215 /* 2216 * XXX Should we use a slab cache ? 2217 * This type of memory management is somewhat inefficient, but we use it 2218 * anyway since SETCLIENTID is not a common operation. 2219 */ 2220 static struct nfs4_client *alloc_client(struct xdr_netobj name, 2221 struct nfsd_net *nn) 2222 { 2223 struct nfs4_client *clp; 2224 int i; 2225 2226 if (atomic_read(&nn->nfs4_client_count) >= nn->nfs4_max_clients) { 2227 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 2228 return NULL; 2229 } 2230 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 2231 if (clp == NULL) 2232 return NULL; 2233 xdr_netobj_dup(&clp->cl_name, &name, GFP_KERNEL); 2234 if (clp->cl_name.data == NULL) 2235 goto err_no_name; 2236 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE, 2237 sizeof(struct list_head), 2238 GFP_KERNEL); 2239 if (!clp->cl_ownerstr_hashtbl) 2240 goto err_no_hashtbl; 2241 clp->cl_callback_wq = alloc_ordered_workqueue("nfsd4_callbacks", 0); 2242 if (!clp->cl_callback_wq) 2243 goto err_no_callback_wq; 2244 2245 for (i = 0; i < OWNER_HASH_SIZE; i++) 2246 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 2247 INIT_LIST_HEAD(&clp->cl_sessions); 2248 idr_init(&clp->cl_stateids); 2249 atomic_set(&clp->cl_rpc_users, 0); 2250 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 2251 clp->cl_state = NFSD4_ACTIVE; 2252 atomic_inc(&nn->nfs4_client_count); 2253 atomic_set(&clp->cl_delegs_in_recall, 0); 2254 INIT_LIST_HEAD(&clp->cl_idhash); 2255 INIT_LIST_HEAD(&clp->cl_openowners); 2256 INIT_LIST_HEAD(&clp->cl_delegations); 2257 INIT_LIST_HEAD(&clp->cl_lru); 2258 INIT_LIST_HEAD(&clp->cl_revoked); 2259 #ifdef CONFIG_NFSD_PNFS 2260 INIT_LIST_HEAD(&clp->cl_lo_states); 2261 #endif 2262 INIT_LIST_HEAD(&clp->async_copies); 2263 spin_lock_init(&clp->async_lock); 2264 spin_lock_init(&clp->cl_lock); 2265 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 2266 return clp; 2267 err_no_callback_wq: 2268 kfree(clp->cl_ownerstr_hashtbl); 2269 err_no_hashtbl: 2270 kfree(clp->cl_name.data); 2271 err_no_name: 2272 kmem_cache_free(client_slab, clp); 2273 return NULL; 2274 } 2275 2276 static void __free_client(struct kref *k) 2277 { 2278 struct nfsdfs_client *c = container_of(k, struct nfsdfs_client, cl_ref); 2279 struct nfs4_client *clp = container_of(c, struct nfs4_client, cl_nfsdfs); 2280 2281 free_svc_cred(&clp->cl_cred); 2282 destroy_workqueue(clp->cl_callback_wq); 2283 kfree(clp->cl_ownerstr_hashtbl); 2284 kfree(clp->cl_name.data); 2285 kfree(clp->cl_nii_domain.data); 2286 kfree(clp->cl_nii_name.data); 2287 idr_destroy(&clp->cl_stateids); 2288 kfree(clp->cl_ra); 2289 kmem_cache_free(client_slab, clp); 2290 } 2291 2292 static void drop_client(struct nfs4_client *clp) 2293 { 2294 kref_put(&clp->cl_nfsdfs.cl_ref, __free_client); 2295 } 2296 2297 static void 2298 free_client(struct nfs4_client *clp) 2299 { 2300 while (!list_empty(&clp->cl_sessions)) { 2301 struct nfsd4_session *ses; 2302 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 2303 se_perclnt); 2304 list_del(&ses->se_perclnt); 2305 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 2306 free_session(ses); 2307 } 2308 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 2309 if (clp->cl_nfsd_dentry) { 2310 nfsd_client_rmdir(clp->cl_nfsd_dentry); 2311 clp->cl_nfsd_dentry = NULL; 2312 wake_up_all(&expiry_wq); 2313 } 2314 drop_client(clp); 2315 } 2316 2317 /* must be called under the client_lock */ 2318 static void 2319 unhash_client_locked(struct nfs4_client *clp) 2320 { 2321 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2322 struct nfsd4_session *ses; 2323 2324 lockdep_assert_held(&nn->client_lock); 2325 2326 /* Mark the client as expired! */ 2327 clp->cl_time = 0; 2328 /* Make it invisible */ 2329 if (!list_empty(&clp->cl_idhash)) { 2330 list_del_init(&clp->cl_idhash); 2331 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 2332 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 2333 else 2334 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2335 } 2336 list_del_init(&clp->cl_lru); 2337 spin_lock(&clp->cl_lock); 2338 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 2339 list_del_init(&ses->se_hash); 2340 spin_unlock(&clp->cl_lock); 2341 } 2342 2343 static void 2344 unhash_client(struct nfs4_client *clp) 2345 { 2346 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2347 2348 spin_lock(&nn->client_lock); 2349 unhash_client_locked(clp); 2350 spin_unlock(&nn->client_lock); 2351 } 2352 2353 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 2354 { 2355 int users = atomic_read(&clp->cl_rpc_users); 2356 2357 trace_nfsd_mark_client_expired(clp, users); 2358 2359 if (users) 2360 return nfserr_jukebox; 2361 unhash_client_locked(clp); 2362 return nfs_ok; 2363 } 2364 2365 static void 2366 __destroy_client(struct nfs4_client *clp) 2367 { 2368 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2369 int i; 2370 struct nfs4_openowner *oo; 2371 struct nfs4_delegation *dp; 2372 struct list_head reaplist; 2373 2374 INIT_LIST_HEAD(&reaplist); 2375 spin_lock(&state_lock); 2376 while (!list_empty(&clp->cl_delegations)) { 2377 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 2378 unhash_delegation_locked(dp, SC_STATUS_CLOSED); 2379 list_add(&dp->dl_recall_lru, &reaplist); 2380 } 2381 spin_unlock(&state_lock); 2382 while (!list_empty(&reaplist)) { 2383 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 2384 list_del_init(&dp->dl_recall_lru); 2385 destroy_unhashed_deleg(dp); 2386 } 2387 while (!list_empty(&clp->cl_revoked)) { 2388 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 2389 list_del_init(&dp->dl_recall_lru); 2390 nfs4_put_stid(&dp->dl_stid); 2391 } 2392 while (!list_empty(&clp->cl_openowners)) { 2393 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 2394 nfs4_get_stateowner(&oo->oo_owner); 2395 release_openowner(oo); 2396 } 2397 for (i = 0; i < OWNER_HASH_SIZE; i++) { 2398 struct nfs4_stateowner *so, *tmp; 2399 2400 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 2401 so_strhash) { 2402 /* Should be no openowners at this point */ 2403 WARN_ON_ONCE(so->so_is_open_owner); 2404 remove_blocked_locks(lockowner(so)); 2405 } 2406 } 2407 nfsd4_return_all_client_layouts(clp); 2408 nfsd4_shutdown_copy(clp); 2409 nfsd4_shutdown_callback(clp); 2410 if (clp->cl_cb_conn.cb_xprt) 2411 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 2412 atomic_add_unless(&nn->nfs4_client_count, -1, 0); 2413 nfsd4_dec_courtesy_client_count(nn, clp); 2414 free_client(clp); 2415 wake_up_all(&expiry_wq); 2416 } 2417 2418 static void 2419 destroy_client(struct nfs4_client *clp) 2420 { 2421 unhash_client(clp); 2422 __destroy_client(clp); 2423 } 2424 2425 static void inc_reclaim_complete(struct nfs4_client *clp) 2426 { 2427 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2428 2429 if (!nn->track_reclaim_completes) 2430 return; 2431 if (!nfsd4_find_reclaim_client(clp->cl_name, nn)) 2432 return; 2433 if (atomic_inc_return(&nn->nr_reclaim_complete) == 2434 nn->reclaim_str_hashtbl_size) { 2435 printk(KERN_INFO "NFSD: all clients done reclaiming, ending NFSv4 grace period (net %x)\n", 2436 clp->net->ns.inum); 2437 nfsd4_end_grace(nn); 2438 } 2439 } 2440 2441 static void expire_client(struct nfs4_client *clp) 2442 { 2443 unhash_client(clp); 2444 nfsd4_client_record_remove(clp); 2445 __destroy_client(clp); 2446 } 2447 2448 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 2449 { 2450 memcpy(target->cl_verifier.data, source->data, 2451 sizeof(target->cl_verifier.data)); 2452 } 2453 2454 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 2455 { 2456 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 2457 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 2458 } 2459 2460 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 2461 { 2462 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 2463 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 2464 GFP_KERNEL); 2465 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL); 2466 if ((source->cr_principal && !target->cr_principal) || 2467 (source->cr_raw_principal && !target->cr_raw_principal) || 2468 (source->cr_targ_princ && !target->cr_targ_princ)) 2469 return -ENOMEM; 2470 2471 target->cr_flavor = source->cr_flavor; 2472 target->cr_uid = source->cr_uid; 2473 target->cr_gid = source->cr_gid; 2474 target->cr_group_info = source->cr_group_info; 2475 get_group_info(target->cr_group_info); 2476 target->cr_gss_mech = source->cr_gss_mech; 2477 if (source->cr_gss_mech) 2478 gss_mech_get(source->cr_gss_mech); 2479 return 0; 2480 } 2481 2482 static int 2483 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 2484 { 2485 if (o1->len < o2->len) 2486 return -1; 2487 if (o1->len > o2->len) 2488 return 1; 2489 return memcmp(o1->data, o2->data, o1->len); 2490 } 2491 2492 static int 2493 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2494 { 2495 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2496 } 2497 2498 static int 2499 same_clid(clientid_t *cl1, clientid_t *cl2) 2500 { 2501 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2502 } 2503 2504 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2505 { 2506 int i; 2507 2508 if (g1->ngroups != g2->ngroups) 2509 return false; 2510 for (i=0; i<g1->ngroups; i++) 2511 if (!gid_eq(g1->gid[i], g2->gid[i])) 2512 return false; 2513 return true; 2514 } 2515 2516 /* 2517 * RFC 3530 language requires clid_inuse be returned when the 2518 * "principal" associated with a requests differs from that previously 2519 * used. We use uid, gid's, and gss principal string as our best 2520 * approximation. We also don't want to allow non-gss use of a client 2521 * established using gss: in theory cr_principal should catch that 2522 * change, but in practice cr_principal can be null even in the gss case 2523 * since gssd doesn't always pass down a principal string. 2524 */ 2525 static bool is_gss_cred(struct svc_cred *cr) 2526 { 2527 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2528 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2529 } 2530 2531 2532 static bool 2533 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2534 { 2535 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2536 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2537 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2538 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2539 return false; 2540 /* XXX: check that cr_targ_princ fields match ? */ 2541 if (cr1->cr_principal == cr2->cr_principal) 2542 return true; 2543 if (!cr1->cr_principal || !cr2->cr_principal) 2544 return false; 2545 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2546 } 2547 2548 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2549 { 2550 struct svc_cred *cr = &rqstp->rq_cred; 2551 u32 service; 2552 2553 if (!cr->cr_gss_mech) 2554 return false; 2555 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2556 return service == RPC_GSS_SVC_INTEGRITY || 2557 service == RPC_GSS_SVC_PRIVACY; 2558 } 2559 2560 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2561 { 2562 struct svc_cred *cr = &rqstp->rq_cred; 2563 2564 if (!cl->cl_mach_cred) 2565 return true; 2566 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2567 return false; 2568 if (!svc_rqst_integrity_protected(rqstp)) 2569 return false; 2570 if (cl->cl_cred.cr_raw_principal) 2571 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2572 cr->cr_raw_principal); 2573 if (!cr->cr_principal) 2574 return false; 2575 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2576 } 2577 2578 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2579 { 2580 __be32 verf[2]; 2581 2582 /* 2583 * This is opaque to client, so no need to byte-swap. Use 2584 * __force to keep sparse happy 2585 */ 2586 verf[0] = (__force __be32)(u32)ktime_get_real_seconds(); 2587 verf[1] = (__force __be32)nn->clverifier_counter++; 2588 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2589 } 2590 2591 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2592 { 2593 clp->cl_clientid.cl_boot = (u32)nn->boot_time; 2594 clp->cl_clientid.cl_id = nn->clientid_counter++; 2595 gen_confirm(clp, nn); 2596 } 2597 2598 static struct nfs4_stid * 2599 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2600 { 2601 struct nfs4_stid *ret; 2602 2603 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2604 if (!ret || !ret->sc_type) 2605 return NULL; 2606 return ret; 2607 } 2608 2609 static struct nfs4_stid * 2610 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, 2611 unsigned short typemask, unsigned short ok_states) 2612 { 2613 struct nfs4_stid *s; 2614 2615 spin_lock(&cl->cl_lock); 2616 s = find_stateid_locked(cl, t); 2617 if (s != NULL) { 2618 if ((s->sc_status & ~ok_states) == 0 && 2619 (typemask & s->sc_type)) 2620 refcount_inc(&s->sc_count); 2621 else 2622 s = NULL; 2623 } 2624 spin_unlock(&cl->cl_lock); 2625 return s; 2626 } 2627 2628 static struct nfs4_client *get_nfsdfs_clp(struct inode *inode) 2629 { 2630 struct nfsdfs_client *nc; 2631 nc = get_nfsdfs_client(inode); 2632 if (!nc) 2633 return NULL; 2634 return container_of(nc, struct nfs4_client, cl_nfsdfs); 2635 } 2636 2637 static void seq_quote_mem(struct seq_file *m, char *data, int len) 2638 { 2639 seq_puts(m, "\""); 2640 seq_escape_mem(m, data, len, ESCAPE_HEX | ESCAPE_NAP | ESCAPE_APPEND, "\"\\"); 2641 seq_puts(m, "\""); 2642 } 2643 2644 static const char *cb_state2str(int state) 2645 { 2646 switch (state) { 2647 case NFSD4_CB_UP: 2648 return "UP"; 2649 case NFSD4_CB_UNKNOWN: 2650 return "UNKNOWN"; 2651 case NFSD4_CB_DOWN: 2652 return "DOWN"; 2653 case NFSD4_CB_FAULT: 2654 return "FAULT"; 2655 } 2656 return "UNDEFINED"; 2657 } 2658 2659 static int client_info_show(struct seq_file *m, void *v) 2660 { 2661 struct inode *inode = file_inode(m->file); 2662 struct nfs4_client *clp; 2663 u64 clid; 2664 2665 clp = get_nfsdfs_clp(inode); 2666 if (!clp) 2667 return -ENXIO; 2668 memcpy(&clid, &clp->cl_clientid, sizeof(clid)); 2669 seq_printf(m, "clientid: 0x%llx\n", clid); 2670 seq_printf(m, "address: \"%pISpc\"\n", (struct sockaddr *)&clp->cl_addr); 2671 2672 if (clp->cl_state == NFSD4_COURTESY) 2673 seq_puts(m, "status: courtesy\n"); 2674 else if (clp->cl_state == NFSD4_EXPIRABLE) 2675 seq_puts(m, "status: expirable\n"); 2676 else if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 2677 seq_puts(m, "status: confirmed\n"); 2678 else 2679 seq_puts(m, "status: unconfirmed\n"); 2680 seq_printf(m, "seconds from last renew: %lld\n", 2681 ktime_get_boottime_seconds() - clp->cl_time); 2682 seq_puts(m, "name: "); 2683 seq_quote_mem(m, clp->cl_name.data, clp->cl_name.len); 2684 seq_printf(m, "\nminor version: %d\n", clp->cl_minorversion); 2685 if (clp->cl_nii_domain.data) { 2686 seq_puts(m, "Implementation domain: "); 2687 seq_quote_mem(m, clp->cl_nii_domain.data, 2688 clp->cl_nii_domain.len); 2689 seq_puts(m, "\nImplementation name: "); 2690 seq_quote_mem(m, clp->cl_nii_name.data, clp->cl_nii_name.len); 2691 seq_printf(m, "\nImplementation time: [%lld, %ld]\n", 2692 clp->cl_nii_time.tv_sec, clp->cl_nii_time.tv_nsec); 2693 } 2694 seq_printf(m, "callback state: %s\n", cb_state2str(clp->cl_cb_state)); 2695 seq_printf(m, "callback address: %pISpc\n", &clp->cl_cb_conn.cb_addr); 2696 seq_printf(m, "admin-revoked states: %d\n", 2697 atomic_read(&clp->cl_admin_revoked)); 2698 drop_client(clp); 2699 2700 return 0; 2701 } 2702 2703 DEFINE_SHOW_ATTRIBUTE(client_info); 2704 2705 static void *states_start(struct seq_file *s, loff_t *pos) 2706 __acquires(&clp->cl_lock) 2707 { 2708 struct nfs4_client *clp = s->private; 2709 unsigned long id = *pos; 2710 void *ret; 2711 2712 spin_lock(&clp->cl_lock); 2713 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2714 *pos = id; 2715 return ret; 2716 } 2717 2718 static void *states_next(struct seq_file *s, void *v, loff_t *pos) 2719 { 2720 struct nfs4_client *clp = s->private; 2721 unsigned long id = *pos; 2722 void *ret; 2723 2724 id = *pos; 2725 id++; 2726 ret = idr_get_next_ul(&clp->cl_stateids, &id); 2727 *pos = id; 2728 return ret; 2729 } 2730 2731 static void states_stop(struct seq_file *s, void *v) 2732 __releases(&clp->cl_lock) 2733 { 2734 struct nfs4_client *clp = s->private; 2735 2736 spin_unlock(&clp->cl_lock); 2737 } 2738 2739 static void nfs4_show_fname(struct seq_file *s, struct nfsd_file *f) 2740 { 2741 seq_printf(s, "filename: \"%pD2\"", f->nf_file); 2742 } 2743 2744 static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f) 2745 { 2746 struct inode *inode = file_inode(f->nf_file); 2747 2748 seq_printf(s, "superblock: \"%02x:%02x:%ld\"", 2749 MAJOR(inode->i_sb->s_dev), 2750 MINOR(inode->i_sb->s_dev), 2751 inode->i_ino); 2752 } 2753 2754 static void nfs4_show_owner(struct seq_file *s, struct nfs4_stateowner *oo) 2755 { 2756 seq_puts(s, "owner: "); 2757 seq_quote_mem(s, oo->so_owner.data, oo->so_owner.len); 2758 } 2759 2760 static void nfs4_show_stateid(struct seq_file *s, stateid_t *stid) 2761 { 2762 seq_printf(s, "0x%.8x", stid->si_generation); 2763 seq_printf(s, "%12phN", &stid->si_opaque); 2764 } 2765 2766 static int nfs4_show_open(struct seq_file *s, struct nfs4_stid *st) 2767 { 2768 struct nfs4_ol_stateid *ols; 2769 struct nfs4_file *nf; 2770 struct nfsd_file *file; 2771 struct nfs4_stateowner *oo; 2772 unsigned int access, deny; 2773 2774 ols = openlockstateid(st); 2775 oo = ols->st_stateowner; 2776 nf = st->sc_file; 2777 2778 seq_puts(s, "- "); 2779 nfs4_show_stateid(s, &st->sc_stateid); 2780 seq_puts(s, ": { type: open, "); 2781 2782 access = bmap_to_share_mode(ols->st_access_bmap); 2783 deny = bmap_to_share_mode(ols->st_deny_bmap); 2784 2785 seq_printf(s, "access: %s%s, ", 2786 access & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2787 access & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2788 seq_printf(s, "deny: %s%s, ", 2789 deny & NFS4_SHARE_ACCESS_READ ? "r" : "-", 2790 deny & NFS4_SHARE_ACCESS_WRITE ? "w" : "-"); 2791 2792 if (nf) { 2793 spin_lock(&nf->fi_lock); 2794 file = find_any_file_locked(nf); 2795 if (file) { 2796 nfs4_show_superblock(s, file); 2797 seq_puts(s, ", "); 2798 nfs4_show_fname(s, file); 2799 seq_puts(s, ", "); 2800 } 2801 spin_unlock(&nf->fi_lock); 2802 } else 2803 seq_puts(s, "closed, "); 2804 nfs4_show_owner(s, oo); 2805 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 2806 seq_puts(s, ", admin-revoked"); 2807 seq_puts(s, " }\n"); 2808 return 0; 2809 } 2810 2811 static int nfs4_show_lock(struct seq_file *s, struct nfs4_stid *st) 2812 { 2813 struct nfs4_ol_stateid *ols; 2814 struct nfs4_file *nf; 2815 struct nfsd_file *file; 2816 struct nfs4_stateowner *oo; 2817 2818 ols = openlockstateid(st); 2819 oo = ols->st_stateowner; 2820 nf = st->sc_file; 2821 2822 seq_puts(s, "- "); 2823 nfs4_show_stateid(s, &st->sc_stateid); 2824 seq_puts(s, ": { type: lock, "); 2825 2826 spin_lock(&nf->fi_lock); 2827 file = find_any_file_locked(nf); 2828 if (file) { 2829 /* 2830 * Note: a lock stateid isn't really the same thing as a lock, 2831 * it's the locking state held by one owner on a file, and there 2832 * may be multiple (or no) lock ranges associated with it. 2833 * (Same for the matter is true of open stateids.) 2834 */ 2835 2836 nfs4_show_superblock(s, file); 2837 /* XXX: open stateid? */ 2838 seq_puts(s, ", "); 2839 nfs4_show_fname(s, file); 2840 seq_puts(s, ", "); 2841 } 2842 nfs4_show_owner(s, oo); 2843 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 2844 seq_puts(s, ", admin-revoked"); 2845 seq_puts(s, " }\n"); 2846 spin_unlock(&nf->fi_lock); 2847 return 0; 2848 } 2849 2850 static int nfs4_show_deleg(struct seq_file *s, struct nfs4_stid *st) 2851 { 2852 struct nfs4_delegation *ds; 2853 struct nfs4_file *nf; 2854 struct nfsd_file *file; 2855 2856 ds = delegstateid(st); 2857 nf = st->sc_file; 2858 2859 seq_puts(s, "- "); 2860 nfs4_show_stateid(s, &st->sc_stateid); 2861 seq_puts(s, ": { type: deleg, "); 2862 2863 seq_printf(s, "access: %s", 2864 ds->dl_type == NFS4_OPEN_DELEGATE_READ ? "r" : "w"); 2865 2866 /* XXX: lease time, whether it's being recalled. */ 2867 2868 spin_lock(&nf->fi_lock); 2869 file = nf->fi_deleg_file; 2870 if (file) { 2871 seq_puts(s, ", "); 2872 nfs4_show_superblock(s, file); 2873 seq_puts(s, ", "); 2874 nfs4_show_fname(s, file); 2875 } 2876 spin_unlock(&nf->fi_lock); 2877 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 2878 seq_puts(s, ", admin-revoked"); 2879 seq_puts(s, " }\n"); 2880 return 0; 2881 } 2882 2883 static int nfs4_show_layout(struct seq_file *s, struct nfs4_stid *st) 2884 { 2885 struct nfs4_layout_stateid *ls; 2886 struct nfsd_file *file; 2887 2888 ls = container_of(st, struct nfs4_layout_stateid, ls_stid); 2889 2890 seq_puts(s, "- "); 2891 nfs4_show_stateid(s, &st->sc_stateid); 2892 seq_puts(s, ": { type: layout"); 2893 2894 /* XXX: What else would be useful? */ 2895 2896 spin_lock(&ls->ls_stid.sc_file->fi_lock); 2897 file = ls->ls_file; 2898 if (file) { 2899 seq_puts(s, ", "); 2900 nfs4_show_superblock(s, file); 2901 seq_puts(s, ", "); 2902 nfs4_show_fname(s, file); 2903 } 2904 spin_unlock(&ls->ls_stid.sc_file->fi_lock); 2905 if (st->sc_status & SC_STATUS_ADMIN_REVOKED) 2906 seq_puts(s, ", admin-revoked"); 2907 seq_puts(s, " }\n"); 2908 2909 return 0; 2910 } 2911 2912 static int states_show(struct seq_file *s, void *v) 2913 { 2914 struct nfs4_stid *st = v; 2915 2916 switch (st->sc_type) { 2917 case SC_TYPE_OPEN: 2918 return nfs4_show_open(s, st); 2919 case SC_TYPE_LOCK: 2920 return nfs4_show_lock(s, st); 2921 case SC_TYPE_DELEG: 2922 return nfs4_show_deleg(s, st); 2923 case SC_TYPE_LAYOUT: 2924 return nfs4_show_layout(s, st); 2925 default: 2926 return 0; /* XXX: or SEQ_SKIP? */ 2927 } 2928 /* XXX: copy stateids? */ 2929 } 2930 2931 static struct seq_operations states_seq_ops = { 2932 .start = states_start, 2933 .next = states_next, 2934 .stop = states_stop, 2935 .show = states_show 2936 }; 2937 2938 static int client_states_open(struct inode *inode, struct file *file) 2939 { 2940 struct seq_file *s; 2941 struct nfs4_client *clp; 2942 int ret; 2943 2944 clp = get_nfsdfs_clp(inode); 2945 if (!clp) 2946 return -ENXIO; 2947 2948 ret = seq_open(file, &states_seq_ops); 2949 if (ret) 2950 return ret; 2951 s = file->private_data; 2952 s->private = clp; 2953 return 0; 2954 } 2955 2956 static int client_opens_release(struct inode *inode, struct file *file) 2957 { 2958 struct seq_file *m = file->private_data; 2959 struct nfs4_client *clp = m->private; 2960 2961 /* XXX: alternatively, we could get/drop in seq start/stop */ 2962 drop_client(clp); 2963 return seq_release(inode, file); 2964 } 2965 2966 static const struct file_operations client_states_fops = { 2967 .open = client_states_open, 2968 .read = seq_read, 2969 .llseek = seq_lseek, 2970 .release = client_opens_release, 2971 }; 2972 2973 /* 2974 * Normally we refuse to destroy clients that are in use, but here the 2975 * administrator is telling us to just do it. We also want to wait 2976 * so the caller has a guarantee that the client's locks are gone by 2977 * the time the write returns: 2978 */ 2979 static void force_expire_client(struct nfs4_client *clp) 2980 { 2981 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2982 bool already_expired; 2983 2984 trace_nfsd_clid_admin_expired(&clp->cl_clientid); 2985 2986 spin_lock(&nn->client_lock); 2987 clp->cl_time = 0; 2988 spin_unlock(&nn->client_lock); 2989 2990 wait_event(expiry_wq, atomic_read(&clp->cl_rpc_users) == 0); 2991 spin_lock(&nn->client_lock); 2992 already_expired = list_empty(&clp->cl_lru); 2993 if (!already_expired) 2994 unhash_client_locked(clp); 2995 spin_unlock(&nn->client_lock); 2996 2997 if (!already_expired) 2998 expire_client(clp); 2999 else 3000 wait_event(expiry_wq, clp->cl_nfsd_dentry == NULL); 3001 } 3002 3003 static ssize_t client_ctl_write(struct file *file, const char __user *buf, 3004 size_t size, loff_t *pos) 3005 { 3006 char *data; 3007 struct nfs4_client *clp; 3008 3009 data = simple_transaction_get(file, buf, size); 3010 if (IS_ERR(data)) 3011 return PTR_ERR(data); 3012 if (size != 7 || 0 != memcmp(data, "expire\n", 7)) 3013 return -EINVAL; 3014 clp = get_nfsdfs_clp(file_inode(file)); 3015 if (!clp) 3016 return -ENXIO; 3017 force_expire_client(clp); 3018 drop_client(clp); 3019 return 7; 3020 } 3021 3022 static const struct file_operations client_ctl_fops = { 3023 .write = client_ctl_write, 3024 .release = simple_transaction_release, 3025 }; 3026 3027 static const struct tree_descr client_files[] = { 3028 [0] = {"info", &client_info_fops, S_IRUSR}, 3029 [1] = {"states", &client_states_fops, S_IRUSR}, 3030 [2] = {"ctl", &client_ctl_fops, S_IWUSR}, 3031 [3] = {""}, 3032 }; 3033 3034 static int 3035 nfsd4_cb_recall_any_done(struct nfsd4_callback *cb, 3036 struct rpc_task *task) 3037 { 3038 trace_nfsd_cb_recall_any_done(cb, task); 3039 switch (task->tk_status) { 3040 case -NFS4ERR_DELAY: 3041 rpc_delay(task, 2 * HZ); 3042 return 0; 3043 default: 3044 return 1; 3045 } 3046 } 3047 3048 static void 3049 nfsd4_cb_recall_any_release(struct nfsd4_callback *cb) 3050 { 3051 struct nfs4_client *clp = cb->cb_clp; 3052 3053 clear_bit(NFSD4_CLIENT_CB_RECALL_ANY, &clp->cl_flags); 3054 drop_client(clp); 3055 } 3056 3057 static int 3058 nfsd4_cb_getattr_done(struct nfsd4_callback *cb, struct rpc_task *task) 3059 { 3060 struct nfs4_cb_fattr *ncf = 3061 container_of(cb, struct nfs4_cb_fattr, ncf_getattr); 3062 3063 ncf->ncf_cb_status = task->tk_status; 3064 switch (task->tk_status) { 3065 case -NFS4ERR_DELAY: 3066 rpc_delay(task, 2 * HZ); 3067 return 0; 3068 default: 3069 return 1; 3070 } 3071 } 3072 3073 static void 3074 nfsd4_cb_getattr_release(struct nfsd4_callback *cb) 3075 { 3076 struct nfs4_cb_fattr *ncf = 3077 container_of(cb, struct nfs4_cb_fattr, ncf_getattr); 3078 struct nfs4_delegation *dp = 3079 container_of(ncf, struct nfs4_delegation, dl_cb_fattr); 3080 3081 clear_bit(CB_GETATTR_BUSY, &ncf->ncf_cb_flags); 3082 wake_up_bit(&ncf->ncf_cb_flags, CB_GETATTR_BUSY); 3083 nfs4_put_stid(&dp->dl_stid); 3084 } 3085 3086 static const struct nfsd4_callback_ops nfsd4_cb_recall_any_ops = { 3087 .done = nfsd4_cb_recall_any_done, 3088 .release = nfsd4_cb_recall_any_release, 3089 }; 3090 3091 static const struct nfsd4_callback_ops nfsd4_cb_getattr_ops = { 3092 .done = nfsd4_cb_getattr_done, 3093 .release = nfsd4_cb_getattr_release, 3094 }; 3095 3096 static void nfs4_cb_getattr(struct nfs4_cb_fattr *ncf) 3097 { 3098 struct nfs4_delegation *dp = 3099 container_of(ncf, struct nfs4_delegation, dl_cb_fattr); 3100 3101 if (test_and_set_bit(CB_GETATTR_BUSY, &ncf->ncf_cb_flags)) 3102 return; 3103 /* set to proper status when nfsd4_cb_getattr_done runs */ 3104 ncf->ncf_cb_status = NFS4ERR_IO; 3105 3106 refcount_inc(&dp->dl_stid.sc_count); 3107 nfsd4_run_cb(&ncf->ncf_getattr); 3108 } 3109 3110 static struct nfs4_client *create_client(struct xdr_netobj name, 3111 struct svc_rqst *rqstp, nfs4_verifier *verf) 3112 { 3113 struct nfs4_client *clp; 3114 struct sockaddr *sa = svc_addr(rqstp); 3115 int ret; 3116 struct net *net = SVC_NET(rqstp); 3117 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3118 struct dentry *dentries[ARRAY_SIZE(client_files)]; 3119 3120 clp = alloc_client(name, nn); 3121 if (clp == NULL) 3122 return NULL; 3123 3124 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 3125 if (ret) { 3126 free_client(clp); 3127 return NULL; 3128 } 3129 gen_clid(clp, nn); 3130 kref_init(&clp->cl_nfsdfs.cl_ref); 3131 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 3132 clp->cl_time = ktime_get_boottime_seconds(); 3133 clear_bit(0, &clp->cl_cb_slot_busy); 3134 copy_verf(clp, verf); 3135 memcpy(&clp->cl_addr, sa, sizeof(struct sockaddr_storage)); 3136 clp->cl_cb_session = NULL; 3137 clp->net = net; 3138 clp->cl_nfsd_dentry = nfsd_client_mkdir( 3139 nn, &clp->cl_nfsdfs, 3140 clp->cl_clientid.cl_id - nn->clientid_base, 3141 client_files, dentries); 3142 clp->cl_nfsd_info_dentry = dentries[0]; 3143 if (!clp->cl_nfsd_dentry) { 3144 free_client(clp); 3145 return NULL; 3146 } 3147 clp->cl_ra = kzalloc(sizeof(*clp->cl_ra), GFP_KERNEL); 3148 if (!clp->cl_ra) { 3149 free_client(clp); 3150 return NULL; 3151 } 3152 clp->cl_ra_time = 0; 3153 nfsd4_init_cb(&clp->cl_ra->ra_cb, clp, &nfsd4_cb_recall_any_ops, 3154 NFSPROC4_CLNT_CB_RECALL_ANY); 3155 return clp; 3156 } 3157 3158 static void 3159 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 3160 { 3161 struct rb_node **new = &(root->rb_node), *parent = NULL; 3162 struct nfs4_client *clp; 3163 3164 while (*new) { 3165 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 3166 parent = *new; 3167 3168 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 3169 new = &((*new)->rb_left); 3170 else 3171 new = &((*new)->rb_right); 3172 } 3173 3174 rb_link_node(&new_clp->cl_namenode, parent, new); 3175 rb_insert_color(&new_clp->cl_namenode, root); 3176 } 3177 3178 static struct nfs4_client * 3179 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 3180 { 3181 int cmp; 3182 struct rb_node *node = root->rb_node; 3183 struct nfs4_client *clp; 3184 3185 while (node) { 3186 clp = rb_entry(node, struct nfs4_client, cl_namenode); 3187 cmp = compare_blob(&clp->cl_name, name); 3188 if (cmp > 0) 3189 node = node->rb_left; 3190 else if (cmp < 0) 3191 node = node->rb_right; 3192 else 3193 return clp; 3194 } 3195 return NULL; 3196 } 3197 3198 static void 3199 add_to_unconfirmed(struct nfs4_client *clp) 3200 { 3201 unsigned int idhashval; 3202 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 3203 3204 lockdep_assert_held(&nn->client_lock); 3205 3206 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 3207 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 3208 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 3209 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 3210 renew_client_locked(clp); 3211 } 3212 3213 static void 3214 move_to_confirmed(struct nfs4_client *clp) 3215 { 3216 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 3217 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 3218 3219 lockdep_assert_held(&nn->client_lock); 3220 3221 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 3222 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 3223 add_clp_to_name_tree(clp, &nn->conf_name_tree); 3224 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 3225 trace_nfsd_clid_confirmed(&clp->cl_clientid); 3226 renew_client_locked(clp); 3227 } 3228 3229 static struct nfs4_client * 3230 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 3231 { 3232 struct nfs4_client *clp; 3233 unsigned int idhashval = clientid_hashval(clid->cl_id); 3234 3235 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 3236 if (same_clid(&clp->cl_clientid, clid)) { 3237 if ((bool)clp->cl_minorversion != sessions) 3238 return NULL; 3239 renew_client_locked(clp); 3240 return clp; 3241 } 3242 } 3243 return NULL; 3244 } 3245 3246 static struct nfs4_client * 3247 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 3248 { 3249 struct list_head *tbl = nn->conf_id_hashtbl; 3250 3251 lockdep_assert_held(&nn->client_lock); 3252 return find_client_in_id_table(tbl, clid, sessions); 3253 } 3254 3255 static struct nfs4_client * 3256 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 3257 { 3258 struct list_head *tbl = nn->unconf_id_hashtbl; 3259 3260 lockdep_assert_held(&nn->client_lock); 3261 return find_client_in_id_table(tbl, clid, sessions); 3262 } 3263 3264 static bool clp_used_exchangeid(struct nfs4_client *clp) 3265 { 3266 return clp->cl_exchange_flags != 0; 3267 } 3268 3269 static struct nfs4_client * 3270 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 3271 { 3272 lockdep_assert_held(&nn->client_lock); 3273 return find_clp_in_name_tree(name, &nn->conf_name_tree); 3274 } 3275 3276 static struct nfs4_client * 3277 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 3278 { 3279 lockdep_assert_held(&nn->client_lock); 3280 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 3281 } 3282 3283 static void 3284 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 3285 { 3286 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 3287 struct sockaddr *sa = svc_addr(rqstp); 3288 u32 scopeid = rpc_get_scope_id(sa); 3289 unsigned short expected_family; 3290 3291 /* Currently, we only support tcp and tcp6 for the callback channel */ 3292 if (se->se_callback_netid_len == 3 && 3293 !memcmp(se->se_callback_netid_val, "tcp", 3)) 3294 expected_family = AF_INET; 3295 else if (se->se_callback_netid_len == 4 && 3296 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 3297 expected_family = AF_INET6; 3298 else 3299 goto out_err; 3300 3301 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 3302 se->se_callback_addr_len, 3303 (struct sockaddr *)&conn->cb_addr, 3304 sizeof(conn->cb_addr)); 3305 3306 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 3307 goto out_err; 3308 3309 if (conn->cb_addr.ss_family == AF_INET6) 3310 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 3311 3312 conn->cb_prog = se->se_callback_prog; 3313 conn->cb_ident = se->se_callback_ident; 3314 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 3315 trace_nfsd_cb_args(clp, conn); 3316 return; 3317 out_err: 3318 conn->cb_addr.ss_family = AF_UNSPEC; 3319 conn->cb_addrlen = 0; 3320 trace_nfsd_cb_nodelegs(clp); 3321 return; 3322 } 3323 3324 /* 3325 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 3326 */ 3327 static void 3328 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 3329 { 3330 struct xdr_buf *buf = resp->xdr->buf; 3331 struct nfsd4_slot *slot = resp->cstate.slot; 3332 unsigned int base; 3333 3334 dprintk("--> %s slot %p\n", __func__, slot); 3335 3336 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 3337 slot->sl_opcnt = resp->opcnt; 3338 slot->sl_status = resp->cstate.status; 3339 free_svc_cred(&slot->sl_cred); 3340 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 3341 3342 if (!nfsd4_cache_this(resp)) { 3343 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 3344 return; 3345 } 3346 slot->sl_flags |= NFSD4_SLOT_CACHED; 3347 3348 base = resp->cstate.data_offset; 3349 slot->sl_datalen = buf->len - base; 3350 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 3351 WARN(1, "%s: sessions DRC could not cache compound\n", 3352 __func__); 3353 return; 3354 } 3355 3356 /* 3357 * Encode the replay sequence operation from the slot values. 3358 * If cachethis is FALSE encode the uncached rep error on the next 3359 * operation which sets resp->p and increments resp->opcnt for 3360 * nfs4svc_encode_compoundres. 3361 * 3362 */ 3363 static __be32 3364 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 3365 struct nfsd4_compoundres *resp) 3366 { 3367 struct nfsd4_op *op; 3368 struct nfsd4_slot *slot = resp->cstate.slot; 3369 3370 /* Encode the replayed sequence operation */ 3371 op = &args->ops[resp->opcnt - 1]; 3372 nfsd4_encode_operation(resp, op); 3373 3374 if (slot->sl_flags & NFSD4_SLOT_CACHED) 3375 return op->status; 3376 if (args->opcnt == 1) { 3377 /* 3378 * The original operation wasn't a solo sequence--we 3379 * always cache those--so this retry must not match the 3380 * original: 3381 */ 3382 op->status = nfserr_seq_false_retry; 3383 } else { 3384 op = &args->ops[resp->opcnt++]; 3385 op->status = nfserr_retry_uncached_rep; 3386 nfsd4_encode_operation(resp, op); 3387 } 3388 return op->status; 3389 } 3390 3391 /* 3392 * The sequence operation is not cached because we can use the slot and 3393 * session values. 3394 */ 3395 static __be32 3396 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 3397 struct nfsd4_sequence *seq) 3398 { 3399 struct nfsd4_slot *slot = resp->cstate.slot; 3400 struct xdr_stream *xdr = resp->xdr; 3401 __be32 *p; 3402 __be32 status; 3403 3404 dprintk("--> %s slot %p\n", __func__, slot); 3405 3406 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 3407 if (status) 3408 return status; 3409 3410 p = xdr_reserve_space(xdr, slot->sl_datalen); 3411 if (!p) { 3412 WARN_ON_ONCE(1); 3413 return nfserr_serverfault; 3414 } 3415 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 3416 xdr_commit_encode(xdr); 3417 3418 resp->opcnt = slot->sl_opcnt; 3419 return slot->sl_status; 3420 } 3421 3422 /* 3423 * Set the exchange_id flags returned by the server. 3424 */ 3425 static void 3426 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 3427 { 3428 #ifdef CONFIG_NFSD_PNFS 3429 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 3430 #else 3431 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 3432 #endif 3433 3434 /* Referrals are supported, Migration is not. */ 3435 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 3436 3437 /* set the wire flags to return to client. */ 3438 clid->flags = new->cl_exchange_flags; 3439 } 3440 3441 static bool client_has_openowners(struct nfs4_client *clp) 3442 { 3443 struct nfs4_openowner *oo; 3444 3445 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 3446 if (!list_empty(&oo->oo_owner.so_stateids)) 3447 return true; 3448 } 3449 return false; 3450 } 3451 3452 static bool client_has_state(struct nfs4_client *clp) 3453 { 3454 return client_has_openowners(clp) 3455 #ifdef CONFIG_NFSD_PNFS 3456 || !list_empty(&clp->cl_lo_states) 3457 #endif 3458 || !list_empty(&clp->cl_delegations) 3459 || !list_empty(&clp->cl_sessions) 3460 || !list_empty(&clp->async_copies); 3461 } 3462 3463 static __be32 copy_impl_id(struct nfs4_client *clp, 3464 struct nfsd4_exchange_id *exid) 3465 { 3466 if (!exid->nii_domain.data) 3467 return 0; 3468 xdr_netobj_dup(&clp->cl_nii_domain, &exid->nii_domain, GFP_KERNEL); 3469 if (!clp->cl_nii_domain.data) 3470 return nfserr_jukebox; 3471 xdr_netobj_dup(&clp->cl_nii_name, &exid->nii_name, GFP_KERNEL); 3472 if (!clp->cl_nii_name.data) 3473 return nfserr_jukebox; 3474 clp->cl_nii_time = exid->nii_time; 3475 return 0; 3476 } 3477 3478 __be32 3479 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3480 union nfsd4_op_u *u) 3481 { 3482 struct nfsd4_exchange_id *exid = &u->exchange_id; 3483 struct nfs4_client *conf, *new; 3484 struct nfs4_client *unconf = NULL; 3485 __be32 status; 3486 char addr_str[INET6_ADDRSTRLEN]; 3487 nfs4_verifier verf = exid->verifier; 3488 struct sockaddr *sa = svc_addr(rqstp); 3489 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 3490 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3491 3492 rpc_ntop(sa, addr_str, sizeof(addr_str)); 3493 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 3494 "ip_addr=%s flags %x, spa_how %u\n", 3495 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 3496 addr_str, exid->flags, exid->spa_how); 3497 3498 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 3499 return nfserr_inval; 3500 3501 new = create_client(exid->clname, rqstp, &verf); 3502 if (new == NULL) 3503 return nfserr_jukebox; 3504 status = copy_impl_id(new, exid); 3505 if (status) 3506 goto out_nolock; 3507 3508 switch (exid->spa_how) { 3509 case SP4_MACH_CRED: 3510 exid->spo_must_enforce[0] = 0; 3511 exid->spo_must_enforce[1] = ( 3512 1 << (OP_BIND_CONN_TO_SESSION - 32) | 3513 1 << (OP_EXCHANGE_ID - 32) | 3514 1 << (OP_CREATE_SESSION - 32) | 3515 1 << (OP_DESTROY_SESSION - 32) | 3516 1 << (OP_DESTROY_CLIENTID - 32)); 3517 3518 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 3519 1 << (OP_OPEN_DOWNGRADE) | 3520 1 << (OP_LOCKU) | 3521 1 << (OP_DELEGRETURN)); 3522 3523 exid->spo_must_allow[1] &= ( 3524 1 << (OP_TEST_STATEID - 32) | 3525 1 << (OP_FREE_STATEID - 32)); 3526 if (!svc_rqst_integrity_protected(rqstp)) { 3527 status = nfserr_inval; 3528 goto out_nolock; 3529 } 3530 /* 3531 * Sometimes userspace doesn't give us a principal. 3532 * Which is a bug, really. Anyway, we can't enforce 3533 * MACH_CRED in that case, better to give up now: 3534 */ 3535 if (!new->cl_cred.cr_principal && 3536 !new->cl_cred.cr_raw_principal) { 3537 status = nfserr_serverfault; 3538 goto out_nolock; 3539 } 3540 new->cl_mach_cred = true; 3541 break; 3542 case SP4_NONE: 3543 break; 3544 default: /* checked by xdr code */ 3545 WARN_ON_ONCE(1); 3546 fallthrough; 3547 case SP4_SSV: 3548 status = nfserr_encr_alg_unsupp; 3549 goto out_nolock; 3550 } 3551 3552 /* Cases below refer to rfc 5661 section 18.35.4: */ 3553 spin_lock(&nn->client_lock); 3554 conf = find_confirmed_client_by_name(&exid->clname, nn); 3555 if (conf) { 3556 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 3557 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 3558 3559 if (update) { 3560 if (!clp_used_exchangeid(conf)) { /* buggy client */ 3561 status = nfserr_inval; 3562 goto out; 3563 } 3564 if (!nfsd4_mach_creds_match(conf, rqstp)) { 3565 status = nfserr_wrong_cred; 3566 goto out; 3567 } 3568 if (!creds_match) { /* case 9 */ 3569 status = nfserr_perm; 3570 goto out; 3571 } 3572 if (!verfs_match) { /* case 8 */ 3573 status = nfserr_not_same; 3574 goto out; 3575 } 3576 /* case 6 */ 3577 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 3578 trace_nfsd_clid_confirmed_r(conf); 3579 goto out_copy; 3580 } 3581 if (!creds_match) { /* case 3 */ 3582 if (client_has_state(conf)) { 3583 status = nfserr_clid_inuse; 3584 trace_nfsd_clid_cred_mismatch(conf, rqstp); 3585 goto out; 3586 } 3587 goto out_new; 3588 } 3589 if (verfs_match) { /* case 2 */ 3590 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 3591 trace_nfsd_clid_confirmed_r(conf); 3592 goto out_copy; 3593 } 3594 /* case 5, client reboot */ 3595 trace_nfsd_clid_verf_mismatch(conf, rqstp, &verf); 3596 conf = NULL; 3597 goto out_new; 3598 } 3599 3600 if (update) { /* case 7 */ 3601 status = nfserr_noent; 3602 goto out; 3603 } 3604 3605 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 3606 if (unconf) /* case 4, possible retry or client restart */ 3607 unhash_client_locked(unconf); 3608 3609 /* case 1, new owner ID */ 3610 trace_nfsd_clid_fresh(new); 3611 3612 out_new: 3613 if (conf) { 3614 status = mark_client_expired_locked(conf); 3615 if (status) 3616 goto out; 3617 trace_nfsd_clid_replaced(&conf->cl_clientid); 3618 } 3619 new->cl_minorversion = cstate->minorversion; 3620 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 3621 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 3622 3623 /* Contrived initial CREATE_SESSION response */ 3624 new->cl_cs_slot.sl_status = nfserr_seq_misordered; 3625 3626 add_to_unconfirmed(new); 3627 swap(new, conf); 3628 out_copy: 3629 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 3630 exid->clientid.cl_id = conf->cl_clientid.cl_id; 3631 3632 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 3633 nfsd4_set_ex_flags(conf, exid); 3634 3635 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 3636 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 3637 status = nfs_ok; 3638 3639 out: 3640 spin_unlock(&nn->client_lock); 3641 out_nolock: 3642 if (new) 3643 expire_client(new); 3644 if (unconf) { 3645 trace_nfsd_clid_expire_unconf(&unconf->cl_clientid); 3646 expire_client(unconf); 3647 } 3648 return status; 3649 } 3650 3651 static __be32 check_slot_seqid(u32 seqid, u32 slot_seqid, bool slot_inuse) 3652 { 3653 /* The slot is in use, and no response has been sent. */ 3654 if (slot_inuse) { 3655 if (seqid == slot_seqid) 3656 return nfserr_jukebox; 3657 else 3658 return nfserr_seq_misordered; 3659 } 3660 /* Note unsigned 32-bit arithmetic handles wraparound: */ 3661 if (likely(seqid == slot_seqid + 1)) 3662 return nfs_ok; 3663 if (seqid == slot_seqid) 3664 return nfserr_replay_cache; 3665 return nfserr_seq_misordered; 3666 } 3667 3668 /* 3669 * Cache the create session result into the create session single DRC 3670 * slot cache by saving the xdr structure. sl_seqid has been set. 3671 * Do this for solo or embedded create session operations. 3672 */ 3673 static void 3674 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 3675 struct nfsd4_clid_slot *slot, __be32 nfserr) 3676 { 3677 slot->sl_status = nfserr; 3678 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 3679 } 3680 3681 static __be32 3682 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 3683 struct nfsd4_clid_slot *slot) 3684 { 3685 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 3686 return slot->sl_status; 3687 } 3688 3689 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 3690 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 3691 1 + /* MIN tag is length with zero, only length */ \ 3692 3 + /* version, opcount, opcode */ \ 3693 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3694 /* seqid, slotID, slotID, cache */ \ 3695 4 ) * sizeof(__be32)) 3696 3697 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 3698 2 + /* verifier: AUTH_NULL, length 0 */\ 3699 1 + /* status */ \ 3700 1 + /* MIN tag is length with zero, only length */ \ 3701 3 + /* opcount, opcode, opstatus*/ \ 3702 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 3703 /* seqid, slotID, slotID, slotID, status */ \ 3704 5 ) * sizeof(__be32)) 3705 3706 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 3707 { 3708 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 3709 3710 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 3711 return nfserr_toosmall; 3712 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 3713 return nfserr_toosmall; 3714 ca->headerpadsz = 0; 3715 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 3716 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 3717 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 3718 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 3719 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 3720 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 3721 /* 3722 * Note decreasing slot size below client's request may make it 3723 * difficult for client to function correctly, whereas 3724 * decreasing the number of slots will (just?) affect 3725 * performance. When short on memory we therefore prefer to 3726 * decrease number of slots instead of their size. Clients that 3727 * request larger slots than they need will get poor results: 3728 * Note that we always allow at least one slot, because our 3729 * accounting is soft and provides no guarantees either way. 3730 */ 3731 ca->maxreqs = nfsd4_get_drc_mem(ca, nn); 3732 3733 return nfs_ok; 3734 } 3735 3736 /* 3737 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 3738 * These are based on similar macros in linux/sunrpc/msg_prot.h . 3739 */ 3740 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 3741 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 3742 3743 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 3744 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 3745 3746 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 3747 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 3748 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 3749 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 3750 sizeof(__be32)) 3751 3752 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 3753 { 3754 ca->headerpadsz = 0; 3755 3756 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 3757 return nfserr_toosmall; 3758 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 3759 return nfserr_toosmall; 3760 ca->maxresp_cached = 0; 3761 if (ca->maxops < 2) 3762 return nfserr_toosmall; 3763 3764 return nfs_ok; 3765 } 3766 3767 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 3768 { 3769 switch (cbs->flavor) { 3770 case RPC_AUTH_NULL: 3771 case RPC_AUTH_UNIX: 3772 return nfs_ok; 3773 default: 3774 /* 3775 * GSS case: the spec doesn't allow us to return this 3776 * error. But it also doesn't allow us not to support 3777 * GSS. 3778 * I'd rather this fail hard than return some error the 3779 * client might think it can already handle: 3780 */ 3781 return nfserr_encr_alg_unsupp; 3782 } 3783 } 3784 3785 __be32 3786 nfsd4_create_session(struct svc_rqst *rqstp, 3787 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3788 { 3789 struct nfsd4_create_session *cr_ses = &u->create_session; 3790 struct sockaddr *sa = svc_addr(rqstp); 3791 struct nfs4_client *conf, *unconf; 3792 struct nfsd4_clid_slot *cs_slot; 3793 struct nfs4_client *old = NULL; 3794 struct nfsd4_session *new; 3795 struct nfsd4_conn *conn; 3796 __be32 status = 0; 3797 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3798 3799 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 3800 return nfserr_inval; 3801 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 3802 if (status) 3803 return status; 3804 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 3805 if (status) 3806 return status; 3807 status = check_backchannel_attrs(&cr_ses->back_channel); 3808 if (status) 3809 goto out_release_drc_mem; 3810 status = nfserr_jukebox; 3811 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 3812 if (!new) 3813 goto out_release_drc_mem; 3814 conn = alloc_conn_from_crses(rqstp, cr_ses); 3815 if (!conn) 3816 goto out_free_session; 3817 3818 spin_lock(&nn->client_lock); 3819 3820 /* RFC 8881 Section 18.36.4 Phase 1: Client record look-up. */ 3821 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 3822 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 3823 if (!conf && !unconf) { 3824 status = nfserr_stale_clientid; 3825 goto out_free_conn; 3826 } 3827 3828 /* RFC 8881 Section 18.36.4 Phase 2: Sequence ID processing. */ 3829 if (conf) { 3830 cs_slot = &conf->cl_cs_slot; 3831 trace_nfsd_slot_seqid_conf(conf, cr_ses); 3832 } else { 3833 cs_slot = &unconf->cl_cs_slot; 3834 trace_nfsd_slot_seqid_unconf(unconf, cr_ses); 3835 } 3836 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 3837 switch (status) { 3838 case nfs_ok: 3839 cs_slot->sl_seqid++; 3840 cr_ses->seqid = cs_slot->sl_seqid; 3841 break; 3842 case nfserr_replay_cache: 3843 status = nfsd4_replay_create_session(cr_ses, cs_slot); 3844 fallthrough; 3845 case nfserr_jukebox: 3846 /* The server MUST NOT cache NFS4ERR_DELAY */ 3847 goto out_free_conn; 3848 default: 3849 goto out_cache_error; 3850 } 3851 3852 /* RFC 8881 Section 18.36.4 Phase 3: Client ID confirmation. */ 3853 if (conf) { 3854 status = nfserr_wrong_cred; 3855 if (!nfsd4_mach_creds_match(conf, rqstp)) 3856 goto out_cache_error; 3857 } else { 3858 status = nfserr_clid_inuse; 3859 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 3860 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 3861 trace_nfsd_clid_cred_mismatch(unconf, rqstp); 3862 goto out_cache_error; 3863 } 3864 status = nfserr_wrong_cred; 3865 if (!nfsd4_mach_creds_match(unconf, rqstp)) 3866 goto out_cache_error; 3867 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3868 if (old) { 3869 status = mark_client_expired_locked(old); 3870 if (status) 3871 goto out_expired_error; 3872 trace_nfsd_clid_replaced(&old->cl_clientid); 3873 } 3874 move_to_confirmed(unconf); 3875 conf = unconf; 3876 } 3877 3878 /* RFC 8881 Section 18.36.4 Phase 4: Session creation. */ 3879 status = nfs_ok; 3880 /* Persistent sessions are not supported */ 3881 cr_ses->flags &= ~SESSION4_PERSIST; 3882 /* Upshifting from TCP to RDMA is not supported */ 3883 cr_ses->flags &= ~SESSION4_RDMA; 3884 3885 init_session(rqstp, new, conf, cr_ses); 3886 nfsd4_get_session_locked(new); 3887 3888 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 3889 NFS4_MAX_SESSIONID_LEN); 3890 3891 /* cache solo and embedded create sessions under the client_lock */ 3892 nfsd4_cache_create_session(cr_ses, cs_slot, status); 3893 spin_unlock(&nn->client_lock); 3894 if (conf == unconf) 3895 fsnotify_dentry(conf->cl_nfsd_info_dentry, FS_MODIFY); 3896 /* init connection and backchannel */ 3897 nfsd4_init_conn(rqstp, conn, new); 3898 nfsd4_put_session(new); 3899 if (old) 3900 expire_client(old); 3901 return status; 3902 3903 out_expired_error: 3904 old = NULL; 3905 /* 3906 * Revert the slot seq_nr change so the server will process 3907 * the client's resend instead of returning a cached response. 3908 */ 3909 if (status == nfserr_jukebox) { 3910 cs_slot->sl_seqid--; 3911 cr_ses->seqid = cs_slot->sl_seqid; 3912 goto out_free_conn; 3913 } 3914 out_cache_error: 3915 nfsd4_cache_create_session(cr_ses, cs_slot, status); 3916 out_free_conn: 3917 spin_unlock(&nn->client_lock); 3918 free_conn(conn); 3919 if (old) 3920 expire_client(old); 3921 out_free_session: 3922 __free_session(new); 3923 out_release_drc_mem: 3924 nfsd4_put_drc_mem(&cr_ses->fore_channel); 3925 return status; 3926 } 3927 3928 static __be32 nfsd4_map_bcts_dir(u32 *dir) 3929 { 3930 switch (*dir) { 3931 case NFS4_CDFC4_FORE: 3932 case NFS4_CDFC4_BACK: 3933 return nfs_ok; 3934 case NFS4_CDFC4_FORE_OR_BOTH: 3935 case NFS4_CDFC4_BACK_OR_BOTH: 3936 *dir = NFS4_CDFC4_BOTH; 3937 return nfs_ok; 3938 } 3939 return nfserr_inval; 3940 } 3941 3942 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 3943 struct nfsd4_compound_state *cstate, 3944 union nfsd4_op_u *u) 3945 { 3946 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 3947 struct nfsd4_session *session = cstate->session; 3948 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3949 __be32 status; 3950 3951 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 3952 if (status) 3953 return status; 3954 spin_lock(&nn->client_lock); 3955 session->se_cb_prog = bc->bc_cb_program; 3956 session->se_cb_sec = bc->bc_cb_sec; 3957 spin_unlock(&nn->client_lock); 3958 3959 nfsd4_probe_callback(session->se_client); 3960 3961 return nfs_ok; 3962 } 3963 3964 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3965 { 3966 struct nfsd4_conn *c; 3967 3968 list_for_each_entry(c, &s->se_conns, cn_persession) { 3969 if (c->cn_xprt == xpt) { 3970 return c; 3971 } 3972 } 3973 return NULL; 3974 } 3975 3976 static __be32 nfsd4_match_existing_connection(struct svc_rqst *rqst, 3977 struct nfsd4_session *session, u32 req, struct nfsd4_conn **conn) 3978 { 3979 struct nfs4_client *clp = session->se_client; 3980 struct svc_xprt *xpt = rqst->rq_xprt; 3981 struct nfsd4_conn *c; 3982 __be32 status; 3983 3984 /* Following the last paragraph of RFC 5661 Section 18.34.3: */ 3985 spin_lock(&clp->cl_lock); 3986 c = __nfsd4_find_conn(xpt, session); 3987 if (!c) 3988 status = nfserr_noent; 3989 else if (req == c->cn_flags) 3990 status = nfs_ok; 3991 else if (req == NFS4_CDFC4_FORE_OR_BOTH && 3992 c->cn_flags != NFS4_CDFC4_BACK) 3993 status = nfs_ok; 3994 else if (req == NFS4_CDFC4_BACK_OR_BOTH && 3995 c->cn_flags != NFS4_CDFC4_FORE) 3996 status = nfs_ok; 3997 else 3998 status = nfserr_inval; 3999 spin_unlock(&clp->cl_lock); 4000 if (status == nfs_ok && conn) 4001 *conn = c; 4002 return status; 4003 } 4004 4005 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 4006 struct nfsd4_compound_state *cstate, 4007 union nfsd4_op_u *u) 4008 { 4009 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 4010 __be32 status; 4011 struct nfsd4_conn *conn; 4012 struct nfsd4_session *session; 4013 struct net *net = SVC_NET(rqstp); 4014 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4015 4016 if (!nfsd4_last_compound_op(rqstp)) 4017 return nfserr_not_only_op; 4018 spin_lock(&nn->client_lock); 4019 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 4020 spin_unlock(&nn->client_lock); 4021 if (!session) 4022 goto out_no_session; 4023 status = nfserr_wrong_cred; 4024 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 4025 goto out; 4026 status = nfsd4_match_existing_connection(rqstp, session, 4027 bcts->dir, &conn); 4028 if (status == nfs_ok) { 4029 if (bcts->dir == NFS4_CDFC4_FORE_OR_BOTH || 4030 bcts->dir == NFS4_CDFC4_BACK) 4031 conn->cn_flags |= NFS4_CDFC4_BACK; 4032 nfsd4_probe_callback(session->se_client); 4033 goto out; 4034 } 4035 if (status == nfserr_inval) 4036 goto out; 4037 status = nfsd4_map_bcts_dir(&bcts->dir); 4038 if (status) 4039 goto out; 4040 conn = alloc_conn(rqstp, bcts->dir); 4041 status = nfserr_jukebox; 4042 if (!conn) 4043 goto out; 4044 nfsd4_init_conn(rqstp, conn, session); 4045 status = nfs_ok; 4046 out: 4047 nfsd4_put_session(session); 4048 out_no_session: 4049 return status; 4050 } 4051 4052 static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid) 4053 { 4054 if (!cstate->session) 4055 return false; 4056 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid)); 4057 } 4058 4059 __be32 4060 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 4061 union nfsd4_op_u *u) 4062 { 4063 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid; 4064 struct nfsd4_session *ses; 4065 __be32 status; 4066 int ref_held_by_me = 0; 4067 struct net *net = SVC_NET(r); 4068 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4069 4070 status = nfserr_not_only_op; 4071 if (nfsd4_compound_in_session(cstate, sessionid)) { 4072 if (!nfsd4_last_compound_op(r)) 4073 goto out; 4074 ref_held_by_me++; 4075 } 4076 dump_sessionid(__func__, sessionid); 4077 spin_lock(&nn->client_lock); 4078 ses = find_in_sessionid_hashtbl(sessionid, net, &status); 4079 if (!ses) 4080 goto out_client_lock; 4081 status = nfserr_wrong_cred; 4082 if (!nfsd4_mach_creds_match(ses->se_client, r)) 4083 goto out_put_session; 4084 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 4085 if (status) 4086 goto out_put_session; 4087 unhash_session(ses); 4088 spin_unlock(&nn->client_lock); 4089 4090 nfsd4_probe_callback_sync(ses->se_client); 4091 4092 spin_lock(&nn->client_lock); 4093 status = nfs_ok; 4094 out_put_session: 4095 nfsd4_put_session_locked(ses); 4096 out_client_lock: 4097 spin_unlock(&nn->client_lock); 4098 out: 4099 return status; 4100 } 4101 4102 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 4103 { 4104 struct nfs4_client *clp = ses->se_client; 4105 struct nfsd4_conn *c; 4106 __be32 status = nfs_ok; 4107 int ret; 4108 4109 spin_lock(&clp->cl_lock); 4110 c = __nfsd4_find_conn(new->cn_xprt, ses); 4111 if (c) 4112 goto out_free; 4113 status = nfserr_conn_not_bound_to_session; 4114 if (clp->cl_mach_cred) 4115 goto out_free; 4116 __nfsd4_hash_conn(new, ses); 4117 spin_unlock(&clp->cl_lock); 4118 ret = nfsd4_register_conn(new); 4119 if (ret) 4120 /* oops; xprt is already down: */ 4121 nfsd4_conn_lost(&new->cn_xpt_user); 4122 return nfs_ok; 4123 out_free: 4124 spin_unlock(&clp->cl_lock); 4125 free_conn(new); 4126 return status; 4127 } 4128 4129 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 4130 { 4131 struct nfsd4_compoundargs *args = rqstp->rq_argp; 4132 4133 return args->opcnt > session->se_fchannel.maxops; 4134 } 4135 4136 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 4137 struct nfsd4_session *session) 4138 { 4139 struct xdr_buf *xb = &rqstp->rq_arg; 4140 4141 return xb->len > session->se_fchannel.maxreq_sz; 4142 } 4143 4144 static bool replay_matches_cache(struct svc_rqst *rqstp, 4145 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 4146 { 4147 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 4148 4149 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 4150 (bool)seq->cachethis) 4151 return false; 4152 /* 4153 * If there's an error then the reply can have fewer ops than 4154 * the call. 4155 */ 4156 if (slot->sl_opcnt < argp->opcnt && !slot->sl_status) 4157 return false; 4158 /* 4159 * But if we cached a reply with *more* ops than the call you're 4160 * sending us now, then this new call is clearly not really a 4161 * replay of the old one: 4162 */ 4163 if (slot->sl_opcnt > argp->opcnt) 4164 return false; 4165 /* This is the only check explicitly called by spec: */ 4166 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 4167 return false; 4168 /* 4169 * There may be more comparisons we could actually do, but the 4170 * spec doesn't require us to catch every case where the calls 4171 * don't match (that would require caching the call as well as 4172 * the reply), so we don't bother. 4173 */ 4174 return true; 4175 } 4176 4177 __be32 4178 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4179 union nfsd4_op_u *u) 4180 { 4181 struct nfsd4_sequence *seq = &u->sequence; 4182 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4183 struct xdr_stream *xdr = resp->xdr; 4184 struct nfsd4_session *session; 4185 struct nfs4_client *clp; 4186 struct nfsd4_slot *slot; 4187 struct nfsd4_conn *conn; 4188 __be32 status; 4189 int buflen; 4190 struct net *net = SVC_NET(rqstp); 4191 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 4192 4193 if (resp->opcnt != 1) 4194 return nfserr_sequence_pos; 4195 4196 /* 4197 * Will be either used or freed by nfsd4_sequence_check_conn 4198 * below. 4199 */ 4200 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 4201 if (!conn) 4202 return nfserr_jukebox; 4203 4204 spin_lock(&nn->client_lock); 4205 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 4206 if (!session) 4207 goto out_no_session; 4208 clp = session->se_client; 4209 4210 status = nfserr_too_many_ops; 4211 if (nfsd4_session_too_many_ops(rqstp, session)) 4212 goto out_put_session; 4213 4214 status = nfserr_req_too_big; 4215 if (nfsd4_request_too_big(rqstp, session)) 4216 goto out_put_session; 4217 4218 status = nfserr_badslot; 4219 if (seq->slotid >= session->se_fchannel.maxreqs) 4220 goto out_put_session; 4221 4222 slot = session->se_slots[seq->slotid]; 4223 dprintk("%s: slotid %d\n", __func__, seq->slotid); 4224 4225 /* We do not negotiate the number of slots yet, so set the 4226 * maxslots to the session maxreqs which is used to encode 4227 * sr_highest_slotid and the sr_target_slot id to maxslots */ 4228 seq->maxslots = session->se_fchannel.maxreqs; 4229 4230 trace_nfsd_slot_seqid_sequence(clp, seq, slot); 4231 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 4232 slot->sl_flags & NFSD4_SLOT_INUSE); 4233 if (status == nfserr_replay_cache) { 4234 status = nfserr_seq_misordered; 4235 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 4236 goto out_put_session; 4237 status = nfserr_seq_false_retry; 4238 if (!replay_matches_cache(rqstp, seq, slot)) 4239 goto out_put_session; 4240 cstate->slot = slot; 4241 cstate->session = session; 4242 cstate->clp = clp; 4243 /* Return the cached reply status and set cstate->status 4244 * for nfsd4_proc_compound processing */ 4245 status = nfsd4_replay_cache_entry(resp, seq); 4246 cstate->status = nfserr_replay_cache; 4247 goto out; 4248 } 4249 if (status) 4250 goto out_put_session; 4251 4252 status = nfsd4_sequence_check_conn(conn, session); 4253 conn = NULL; 4254 if (status) 4255 goto out_put_session; 4256 4257 buflen = (seq->cachethis) ? 4258 session->se_fchannel.maxresp_cached : 4259 session->se_fchannel.maxresp_sz; 4260 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 4261 nfserr_rep_too_big; 4262 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 4263 goto out_put_session; 4264 svc_reserve(rqstp, buflen); 4265 4266 status = nfs_ok; 4267 /* Success! bump slot seqid */ 4268 slot->sl_seqid = seq->seqid; 4269 slot->sl_flags |= NFSD4_SLOT_INUSE; 4270 if (seq->cachethis) 4271 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 4272 else 4273 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 4274 4275 cstate->slot = slot; 4276 cstate->session = session; 4277 cstate->clp = clp; 4278 4279 out: 4280 switch (clp->cl_cb_state) { 4281 case NFSD4_CB_DOWN: 4282 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 4283 break; 4284 case NFSD4_CB_FAULT: 4285 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 4286 break; 4287 default: 4288 seq->status_flags = 0; 4289 } 4290 if (!list_empty(&clp->cl_revoked)) 4291 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 4292 if (atomic_read(&clp->cl_admin_revoked)) 4293 seq->status_flags |= SEQ4_STATUS_ADMIN_STATE_REVOKED; 4294 trace_nfsd_seq4_status(rqstp, seq); 4295 out_no_session: 4296 if (conn) 4297 free_conn(conn); 4298 spin_unlock(&nn->client_lock); 4299 return status; 4300 out_put_session: 4301 nfsd4_put_session_locked(session); 4302 goto out_no_session; 4303 } 4304 4305 void 4306 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 4307 { 4308 struct nfsd4_compound_state *cs = &resp->cstate; 4309 4310 if (nfsd4_has_session(cs)) { 4311 if (cs->status != nfserr_replay_cache) { 4312 nfsd4_store_cache_entry(resp); 4313 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 4314 } 4315 /* Drop session reference that was taken in nfsd4_sequence() */ 4316 nfsd4_put_session(cs->session); 4317 } else if (cs->clp) 4318 put_client_renew(cs->clp); 4319 } 4320 4321 __be32 4322 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 4323 struct nfsd4_compound_state *cstate, 4324 union nfsd4_op_u *u) 4325 { 4326 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 4327 struct nfs4_client *conf, *unconf; 4328 struct nfs4_client *clp = NULL; 4329 __be32 status = 0; 4330 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4331 4332 spin_lock(&nn->client_lock); 4333 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 4334 conf = find_confirmed_client(&dc->clientid, true, nn); 4335 WARN_ON_ONCE(conf && unconf); 4336 4337 if (conf) { 4338 if (client_has_state(conf)) { 4339 status = nfserr_clientid_busy; 4340 goto out; 4341 } 4342 status = mark_client_expired_locked(conf); 4343 if (status) 4344 goto out; 4345 clp = conf; 4346 } else if (unconf) 4347 clp = unconf; 4348 else { 4349 status = nfserr_stale_clientid; 4350 goto out; 4351 } 4352 if (!nfsd4_mach_creds_match(clp, rqstp)) { 4353 clp = NULL; 4354 status = nfserr_wrong_cred; 4355 goto out; 4356 } 4357 trace_nfsd_clid_destroyed(&clp->cl_clientid); 4358 unhash_client_locked(clp); 4359 out: 4360 spin_unlock(&nn->client_lock); 4361 if (clp) 4362 expire_client(clp); 4363 return status; 4364 } 4365 4366 __be32 4367 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 4368 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 4369 { 4370 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 4371 struct nfs4_client *clp = cstate->clp; 4372 __be32 status = 0; 4373 4374 if (rc->rca_one_fs) { 4375 if (!cstate->current_fh.fh_dentry) 4376 return nfserr_nofilehandle; 4377 /* 4378 * We don't take advantage of the rca_one_fs case. 4379 * That's OK, it's optional, we can safely ignore it. 4380 */ 4381 return nfs_ok; 4382 } 4383 4384 status = nfserr_complete_already; 4385 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &clp->cl_flags)) 4386 goto out; 4387 4388 status = nfserr_stale_clientid; 4389 if (is_client_expired(clp)) 4390 /* 4391 * The following error isn't really legal. 4392 * But we only get here if the client just explicitly 4393 * destroyed the client. Surely it no longer cares what 4394 * error it gets back on an operation for the dead 4395 * client. 4396 */ 4397 goto out; 4398 4399 status = nfs_ok; 4400 trace_nfsd_clid_reclaim_complete(&clp->cl_clientid); 4401 nfsd4_client_record_create(clp); 4402 inc_reclaim_complete(clp); 4403 out: 4404 return status; 4405 } 4406 4407 __be32 4408 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4409 union nfsd4_op_u *u) 4410 { 4411 struct nfsd4_setclientid *setclid = &u->setclientid; 4412 struct xdr_netobj clname = setclid->se_name; 4413 nfs4_verifier clverifier = setclid->se_verf; 4414 struct nfs4_client *conf, *new; 4415 struct nfs4_client *unconf = NULL; 4416 __be32 status; 4417 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4418 4419 new = create_client(clname, rqstp, &clverifier); 4420 if (new == NULL) 4421 return nfserr_jukebox; 4422 spin_lock(&nn->client_lock); 4423 conf = find_confirmed_client_by_name(&clname, nn); 4424 if (conf && client_has_state(conf)) { 4425 status = nfserr_clid_inuse; 4426 if (clp_used_exchangeid(conf)) 4427 goto out; 4428 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 4429 trace_nfsd_clid_cred_mismatch(conf, rqstp); 4430 goto out; 4431 } 4432 } 4433 unconf = find_unconfirmed_client_by_name(&clname, nn); 4434 if (unconf) 4435 unhash_client_locked(unconf); 4436 if (conf) { 4437 if (same_verf(&conf->cl_verifier, &clverifier)) { 4438 copy_clid(new, conf); 4439 gen_confirm(new, nn); 4440 } else 4441 trace_nfsd_clid_verf_mismatch(conf, rqstp, 4442 &clverifier); 4443 } else 4444 trace_nfsd_clid_fresh(new); 4445 new->cl_minorversion = 0; 4446 gen_callback(new, setclid, rqstp); 4447 add_to_unconfirmed(new); 4448 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 4449 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 4450 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 4451 new = NULL; 4452 status = nfs_ok; 4453 out: 4454 spin_unlock(&nn->client_lock); 4455 if (new) 4456 free_client(new); 4457 if (unconf) { 4458 trace_nfsd_clid_expire_unconf(&unconf->cl_clientid); 4459 expire_client(unconf); 4460 } 4461 return status; 4462 } 4463 4464 __be32 4465 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 4466 struct nfsd4_compound_state *cstate, 4467 union nfsd4_op_u *u) 4468 { 4469 struct nfsd4_setclientid_confirm *setclientid_confirm = 4470 &u->setclientid_confirm; 4471 struct nfs4_client *conf, *unconf; 4472 struct nfs4_client *old = NULL; 4473 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 4474 clientid_t * clid = &setclientid_confirm->sc_clientid; 4475 __be32 status; 4476 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4477 4478 if (STALE_CLIENTID(clid, nn)) 4479 return nfserr_stale_clientid; 4480 4481 spin_lock(&nn->client_lock); 4482 conf = find_confirmed_client(clid, false, nn); 4483 unconf = find_unconfirmed_client(clid, false, nn); 4484 /* 4485 * We try hard to give out unique clientid's, so if we get an 4486 * attempt to confirm the same clientid with a different cred, 4487 * the client may be buggy; this should never happen. 4488 * 4489 * Nevertheless, RFC 7530 recommends INUSE for this case: 4490 */ 4491 status = nfserr_clid_inuse; 4492 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) { 4493 trace_nfsd_clid_cred_mismatch(unconf, rqstp); 4494 goto out; 4495 } 4496 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 4497 trace_nfsd_clid_cred_mismatch(conf, rqstp); 4498 goto out; 4499 } 4500 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 4501 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 4502 status = nfs_ok; 4503 } else 4504 status = nfserr_stale_clientid; 4505 goto out; 4506 } 4507 status = nfs_ok; 4508 if (conf) { 4509 old = unconf; 4510 unhash_client_locked(old); 4511 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 4512 } else { 4513 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 4514 if (old) { 4515 status = nfserr_clid_inuse; 4516 if (client_has_state(old) 4517 && !same_creds(&unconf->cl_cred, 4518 &old->cl_cred)) { 4519 old = NULL; 4520 goto out; 4521 } 4522 status = mark_client_expired_locked(old); 4523 if (status) { 4524 old = NULL; 4525 goto out; 4526 } 4527 trace_nfsd_clid_replaced(&old->cl_clientid); 4528 } 4529 move_to_confirmed(unconf); 4530 conf = unconf; 4531 } 4532 get_client_locked(conf); 4533 spin_unlock(&nn->client_lock); 4534 if (conf == unconf) 4535 fsnotify_dentry(conf->cl_nfsd_info_dentry, FS_MODIFY); 4536 nfsd4_probe_callback(conf); 4537 spin_lock(&nn->client_lock); 4538 put_client_renew_locked(conf); 4539 out: 4540 spin_unlock(&nn->client_lock); 4541 if (old) 4542 expire_client(old); 4543 return status; 4544 } 4545 4546 static struct nfs4_file *nfsd4_alloc_file(void) 4547 { 4548 return kmem_cache_alloc(file_slab, GFP_KERNEL); 4549 } 4550 4551 /* OPEN Share state helper functions */ 4552 4553 static void nfsd4_file_init(const struct svc_fh *fh, struct nfs4_file *fp) 4554 { 4555 refcount_set(&fp->fi_ref, 1); 4556 spin_lock_init(&fp->fi_lock); 4557 INIT_LIST_HEAD(&fp->fi_stateids); 4558 INIT_LIST_HEAD(&fp->fi_delegations); 4559 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 4560 fh_copy_shallow(&fp->fi_fhandle, &fh->fh_handle); 4561 fp->fi_deleg_file = NULL; 4562 fp->fi_had_conflict = false; 4563 fp->fi_share_deny = 0; 4564 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 4565 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 4566 fp->fi_aliased = false; 4567 fp->fi_inode = d_inode(fh->fh_dentry); 4568 #ifdef CONFIG_NFSD_PNFS 4569 INIT_LIST_HEAD(&fp->fi_lo_states); 4570 atomic_set(&fp->fi_lo_recalls, 0); 4571 #endif 4572 } 4573 4574 void 4575 nfsd4_free_slabs(void) 4576 { 4577 kmem_cache_destroy(client_slab); 4578 kmem_cache_destroy(openowner_slab); 4579 kmem_cache_destroy(lockowner_slab); 4580 kmem_cache_destroy(file_slab); 4581 kmem_cache_destroy(stateid_slab); 4582 kmem_cache_destroy(deleg_slab); 4583 kmem_cache_destroy(odstate_slab); 4584 } 4585 4586 int 4587 nfsd4_init_slabs(void) 4588 { 4589 client_slab = KMEM_CACHE(nfs4_client, 0); 4590 if (client_slab == NULL) 4591 goto out; 4592 openowner_slab = KMEM_CACHE(nfs4_openowner, 0); 4593 if (openowner_slab == NULL) 4594 goto out_free_client_slab; 4595 lockowner_slab = KMEM_CACHE(nfs4_lockowner, 0); 4596 if (lockowner_slab == NULL) 4597 goto out_free_openowner_slab; 4598 file_slab = KMEM_CACHE(nfs4_file, 0); 4599 if (file_slab == NULL) 4600 goto out_free_lockowner_slab; 4601 stateid_slab = KMEM_CACHE(nfs4_ol_stateid, 0); 4602 if (stateid_slab == NULL) 4603 goto out_free_file_slab; 4604 deleg_slab = KMEM_CACHE(nfs4_delegation, 0); 4605 if (deleg_slab == NULL) 4606 goto out_free_stateid_slab; 4607 odstate_slab = KMEM_CACHE(nfs4_clnt_odstate, 0); 4608 if (odstate_slab == NULL) 4609 goto out_free_deleg_slab; 4610 return 0; 4611 4612 out_free_deleg_slab: 4613 kmem_cache_destroy(deleg_slab); 4614 out_free_stateid_slab: 4615 kmem_cache_destroy(stateid_slab); 4616 out_free_file_slab: 4617 kmem_cache_destroy(file_slab); 4618 out_free_lockowner_slab: 4619 kmem_cache_destroy(lockowner_slab); 4620 out_free_openowner_slab: 4621 kmem_cache_destroy(openowner_slab); 4622 out_free_client_slab: 4623 kmem_cache_destroy(client_slab); 4624 out: 4625 return -ENOMEM; 4626 } 4627 4628 static unsigned long 4629 nfsd4_state_shrinker_count(struct shrinker *shrink, struct shrink_control *sc) 4630 { 4631 int count; 4632 struct nfsd_net *nn = shrink->private_data; 4633 4634 count = atomic_read(&nn->nfsd_courtesy_clients); 4635 if (!count) 4636 count = atomic_long_read(&num_delegations); 4637 if (count) 4638 queue_work(laundry_wq, &nn->nfsd_shrinker_work); 4639 return (unsigned long)count; 4640 } 4641 4642 static unsigned long 4643 nfsd4_state_shrinker_scan(struct shrinker *shrink, struct shrink_control *sc) 4644 { 4645 return SHRINK_STOP; 4646 } 4647 4648 void 4649 nfsd4_init_leases_net(struct nfsd_net *nn) 4650 { 4651 struct sysinfo si; 4652 u64 max_clients; 4653 4654 nn->nfsd4_lease = 90; /* default lease time */ 4655 nn->nfsd4_grace = 90; 4656 nn->somebody_reclaimed = false; 4657 nn->track_reclaim_completes = false; 4658 nn->clverifier_counter = get_random_u32(); 4659 nn->clientid_base = get_random_u32(); 4660 nn->clientid_counter = nn->clientid_base + 1; 4661 nn->s2s_cp_cl_id = nn->clientid_counter++; 4662 4663 atomic_set(&nn->nfs4_client_count, 0); 4664 si_meminfo(&si); 4665 max_clients = (u64)si.totalram * si.mem_unit / (1024 * 1024 * 1024); 4666 max_clients *= NFS4_CLIENTS_PER_GB; 4667 nn->nfs4_max_clients = max_t(int, max_clients, NFS4_CLIENTS_PER_GB); 4668 4669 atomic_set(&nn->nfsd_courtesy_clients, 0); 4670 } 4671 4672 enum rp_lock { 4673 RP_UNLOCKED, 4674 RP_LOCKED, 4675 RP_UNHASHED, 4676 }; 4677 4678 static void init_nfs4_replay(struct nfs4_replay *rp) 4679 { 4680 rp->rp_status = nfserr_serverfault; 4681 rp->rp_buflen = 0; 4682 rp->rp_buf = rp->rp_ibuf; 4683 atomic_set(&rp->rp_locked, RP_UNLOCKED); 4684 } 4685 4686 static int nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 4687 struct nfs4_stateowner *so) 4688 { 4689 if (!nfsd4_has_session(cstate)) { 4690 wait_var_event(&so->so_replay.rp_locked, 4691 atomic_cmpxchg(&so->so_replay.rp_locked, 4692 RP_UNLOCKED, RP_LOCKED) != RP_LOCKED); 4693 if (atomic_read(&so->so_replay.rp_locked) == RP_UNHASHED) 4694 return -EAGAIN; 4695 cstate->replay_owner = nfs4_get_stateowner(so); 4696 } 4697 return 0; 4698 } 4699 4700 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 4701 { 4702 struct nfs4_stateowner *so = cstate->replay_owner; 4703 4704 if (so != NULL) { 4705 cstate->replay_owner = NULL; 4706 atomic_set(&so->so_replay.rp_locked, RP_UNLOCKED); 4707 wake_up_var(&so->so_replay.rp_locked); 4708 nfs4_put_stateowner(so); 4709 } 4710 } 4711 4712 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 4713 { 4714 struct nfs4_stateowner *sop; 4715 4716 sop = kmem_cache_alloc(slab, GFP_KERNEL); 4717 if (!sop) 4718 return NULL; 4719 4720 xdr_netobj_dup(&sop->so_owner, owner, GFP_KERNEL); 4721 if (!sop->so_owner.data) { 4722 kmem_cache_free(slab, sop); 4723 return NULL; 4724 } 4725 4726 INIT_LIST_HEAD(&sop->so_stateids); 4727 sop->so_client = clp; 4728 init_nfs4_replay(&sop->so_replay); 4729 atomic_set(&sop->so_count, 1); 4730 return sop; 4731 } 4732 4733 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 4734 { 4735 lockdep_assert_held(&clp->cl_lock); 4736 4737 list_add(&oo->oo_owner.so_strhash, 4738 &clp->cl_ownerstr_hashtbl[strhashval]); 4739 list_add(&oo->oo_perclient, &clp->cl_openowners); 4740 } 4741 4742 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 4743 { 4744 unhash_openowner_locked(openowner(so)); 4745 } 4746 4747 static void nfs4_free_openowner(struct nfs4_stateowner *so) 4748 { 4749 struct nfs4_openowner *oo = openowner(so); 4750 4751 kmem_cache_free(openowner_slab, oo); 4752 } 4753 4754 static const struct nfs4_stateowner_operations openowner_ops = { 4755 .so_unhash = nfs4_unhash_openowner, 4756 .so_free = nfs4_free_openowner, 4757 }; 4758 4759 static struct nfs4_ol_stateid * 4760 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 4761 { 4762 struct nfs4_ol_stateid *local, *ret = NULL; 4763 struct nfs4_openowner *oo = open->op_openowner; 4764 4765 lockdep_assert_held(&fp->fi_lock); 4766 4767 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 4768 /* ignore lock owners */ 4769 if (local->st_stateowner->so_is_open_owner == 0) 4770 continue; 4771 if (local->st_stateowner != &oo->oo_owner) 4772 continue; 4773 if (local->st_stid.sc_type == SC_TYPE_OPEN && 4774 !local->st_stid.sc_status) { 4775 ret = local; 4776 refcount_inc(&ret->st_stid.sc_count); 4777 break; 4778 } 4779 } 4780 return ret; 4781 } 4782 4783 static void nfsd4_drop_revoked_stid(struct nfs4_stid *s) 4784 __releases(&s->sc_client->cl_lock) 4785 { 4786 struct nfs4_client *cl = s->sc_client; 4787 LIST_HEAD(reaplist); 4788 struct nfs4_ol_stateid *stp; 4789 struct nfs4_delegation *dp; 4790 bool unhashed; 4791 4792 switch (s->sc_type) { 4793 case SC_TYPE_OPEN: 4794 stp = openlockstateid(s); 4795 if (unhash_open_stateid(stp, &reaplist)) 4796 put_ol_stateid_locked(stp, &reaplist); 4797 spin_unlock(&cl->cl_lock); 4798 free_ol_stateid_reaplist(&reaplist); 4799 break; 4800 case SC_TYPE_LOCK: 4801 stp = openlockstateid(s); 4802 unhashed = unhash_lock_stateid(stp); 4803 spin_unlock(&cl->cl_lock); 4804 if (unhashed) 4805 nfs4_put_stid(s); 4806 break; 4807 case SC_TYPE_DELEG: 4808 dp = delegstateid(s); 4809 list_del_init(&dp->dl_recall_lru); 4810 spin_unlock(&cl->cl_lock); 4811 nfs4_put_stid(s); 4812 break; 4813 default: 4814 spin_unlock(&cl->cl_lock); 4815 } 4816 } 4817 4818 static void nfsd40_drop_revoked_stid(struct nfs4_client *cl, 4819 stateid_t *stid) 4820 { 4821 /* NFSv4.0 has no way for the client to tell the server 4822 * that it can forget an admin-revoked stateid. 4823 * So we keep it around until the first time that the 4824 * client uses it, and drop it the first time 4825 * nfserr_admin_revoked is returned. 4826 * For v4.1 and later we wait until explicitly told 4827 * to free the stateid. 4828 */ 4829 if (cl->cl_minorversion == 0) { 4830 struct nfs4_stid *st; 4831 4832 spin_lock(&cl->cl_lock); 4833 st = find_stateid_locked(cl, stid); 4834 if (st) 4835 nfsd4_drop_revoked_stid(st); 4836 else 4837 spin_unlock(&cl->cl_lock); 4838 } 4839 } 4840 4841 static __be32 4842 nfsd4_verify_open_stid(struct nfs4_stid *s) 4843 { 4844 __be32 ret = nfs_ok; 4845 4846 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) 4847 ret = nfserr_admin_revoked; 4848 else if (s->sc_status & SC_STATUS_REVOKED) 4849 ret = nfserr_deleg_revoked; 4850 else if (s->sc_status & SC_STATUS_CLOSED) 4851 ret = nfserr_bad_stateid; 4852 return ret; 4853 } 4854 4855 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 4856 static __be32 4857 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 4858 { 4859 __be32 ret; 4860 4861 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 4862 ret = nfsd4_verify_open_stid(&stp->st_stid); 4863 if (ret == nfserr_admin_revoked) 4864 nfsd40_drop_revoked_stid(stp->st_stid.sc_client, 4865 &stp->st_stid.sc_stateid); 4866 4867 if (ret != nfs_ok) 4868 mutex_unlock(&stp->st_mutex); 4869 return ret; 4870 } 4871 4872 static struct nfs4_ol_stateid * 4873 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 4874 { 4875 struct nfs4_ol_stateid *stp; 4876 for (;;) { 4877 spin_lock(&fp->fi_lock); 4878 stp = nfsd4_find_existing_open(fp, open); 4879 spin_unlock(&fp->fi_lock); 4880 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 4881 break; 4882 nfs4_put_stid(&stp->st_stid); 4883 } 4884 return stp; 4885 } 4886 4887 static struct nfs4_openowner * 4888 find_or_alloc_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 4889 struct nfsd4_compound_state *cstate) 4890 { 4891 struct nfs4_client *clp = cstate->clp; 4892 struct nfs4_openowner *oo, *new = NULL; 4893 4894 retry: 4895 spin_lock(&clp->cl_lock); 4896 oo = find_openstateowner_str(strhashval, open, clp); 4897 if (!oo && new) { 4898 hash_openowner(new, clp, strhashval); 4899 spin_unlock(&clp->cl_lock); 4900 return new; 4901 } 4902 spin_unlock(&clp->cl_lock); 4903 4904 if (oo && !(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4905 /* Replace unconfirmed owners without checking for replay. */ 4906 release_openowner(oo); 4907 oo = NULL; 4908 } 4909 if (oo) { 4910 if (new) 4911 nfs4_free_stateowner(&new->oo_owner); 4912 return oo; 4913 } 4914 4915 new = alloc_stateowner(openowner_slab, &open->op_owner, clp); 4916 if (!new) 4917 return NULL; 4918 new->oo_owner.so_ops = &openowner_ops; 4919 new->oo_owner.so_is_open_owner = 1; 4920 new->oo_owner.so_seqid = open->op_seqid; 4921 new->oo_flags = 0; 4922 if (nfsd4_has_session(cstate)) 4923 new->oo_flags |= NFS4_OO_CONFIRMED; 4924 new->oo_time = 0; 4925 new->oo_last_closed_stid = NULL; 4926 INIT_LIST_HEAD(&new->oo_close_lru); 4927 goto retry; 4928 } 4929 4930 static struct nfs4_ol_stateid * 4931 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 4932 { 4933 4934 struct nfs4_openowner *oo = open->op_openowner; 4935 struct nfs4_ol_stateid *retstp = NULL; 4936 struct nfs4_ol_stateid *stp; 4937 4938 stp = open->op_stp; 4939 /* We are moving these outside of the spinlocks to avoid the warnings */ 4940 mutex_init(&stp->st_mutex); 4941 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 4942 4943 retry: 4944 spin_lock(&oo->oo_owner.so_client->cl_lock); 4945 spin_lock(&fp->fi_lock); 4946 4947 retstp = nfsd4_find_existing_open(fp, open); 4948 if (retstp) 4949 goto out_unlock; 4950 4951 open->op_stp = NULL; 4952 refcount_inc(&stp->st_stid.sc_count); 4953 stp->st_stid.sc_type = SC_TYPE_OPEN; 4954 INIT_LIST_HEAD(&stp->st_locks); 4955 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 4956 get_nfs4_file(fp); 4957 stp->st_stid.sc_file = fp; 4958 stp->st_access_bmap = 0; 4959 stp->st_deny_bmap = 0; 4960 stp->st_openstp = NULL; 4961 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 4962 list_add(&stp->st_perfile, &fp->fi_stateids); 4963 4964 out_unlock: 4965 spin_unlock(&fp->fi_lock); 4966 spin_unlock(&oo->oo_owner.so_client->cl_lock); 4967 if (retstp) { 4968 /* Handle races with CLOSE */ 4969 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 4970 nfs4_put_stid(&retstp->st_stid); 4971 goto retry; 4972 } 4973 /* To keep mutex tracking happy */ 4974 mutex_unlock(&stp->st_mutex); 4975 stp = retstp; 4976 } 4977 return stp; 4978 } 4979 4980 /* 4981 * In the 4.0 case we need to keep the owners around a little while to handle 4982 * CLOSE replay. We still do need to release any file access that is held by 4983 * them before returning however. 4984 */ 4985 static void 4986 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 4987 { 4988 struct nfs4_ol_stateid *last; 4989 struct nfs4_openowner *oo = openowner(s->st_stateowner); 4990 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 4991 nfsd_net_id); 4992 4993 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 4994 4995 /* 4996 * We know that we hold one reference via nfsd4_close, and another 4997 * "persistent" reference for the client. If the refcount is higher 4998 * than 2, then there are still calls in progress that are using this 4999 * stateid. We can't put the sc_file reference until they are finished. 5000 * Wait for the refcount to drop to 2. Since it has been unhashed, 5001 * there should be no danger of the refcount going back up again at 5002 * this point. 5003 * Some threads with a reference might be waiting for rp_locked, 5004 * so tell them to stop waiting. 5005 */ 5006 atomic_set(&oo->oo_owner.so_replay.rp_locked, RP_UNHASHED); 5007 wake_up_var(&oo->oo_owner.so_replay.rp_locked); 5008 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 5009 5010 release_all_access(s); 5011 if (s->st_stid.sc_file) { 5012 put_nfs4_file(s->st_stid.sc_file); 5013 s->st_stid.sc_file = NULL; 5014 } 5015 5016 spin_lock(&nn->client_lock); 5017 last = oo->oo_last_closed_stid; 5018 oo->oo_last_closed_stid = s; 5019 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 5020 oo->oo_time = ktime_get_boottime_seconds(); 5021 spin_unlock(&nn->client_lock); 5022 if (last) 5023 nfs4_put_stid(&last->st_stid); 5024 } 5025 5026 static noinline_for_stack struct nfs4_file * 5027 nfsd4_file_hash_lookup(const struct svc_fh *fhp) 5028 { 5029 struct inode *inode = d_inode(fhp->fh_dentry); 5030 struct rhlist_head *tmp, *list; 5031 struct nfs4_file *fi; 5032 5033 rcu_read_lock(); 5034 list = rhltable_lookup(&nfs4_file_rhltable, &inode, 5035 nfs4_file_rhash_params); 5036 rhl_for_each_entry_rcu(fi, tmp, list, fi_rlist) { 5037 if (fh_match(&fi->fi_fhandle, &fhp->fh_handle)) { 5038 if (refcount_inc_not_zero(&fi->fi_ref)) { 5039 rcu_read_unlock(); 5040 return fi; 5041 } 5042 } 5043 } 5044 rcu_read_unlock(); 5045 return NULL; 5046 } 5047 5048 /* 5049 * On hash insertion, identify entries with the same inode but 5050 * distinct filehandles. They will all be on the list returned 5051 * by rhltable_lookup(). 5052 * 5053 * inode->i_lock prevents racing insertions from adding an entry 5054 * for the same inode/fhp pair twice. 5055 */ 5056 static noinline_for_stack struct nfs4_file * 5057 nfsd4_file_hash_insert(struct nfs4_file *new, const struct svc_fh *fhp) 5058 { 5059 struct inode *inode = d_inode(fhp->fh_dentry); 5060 struct rhlist_head *tmp, *list; 5061 struct nfs4_file *ret = NULL; 5062 bool alias_found = false; 5063 struct nfs4_file *fi; 5064 int err; 5065 5066 rcu_read_lock(); 5067 spin_lock(&inode->i_lock); 5068 5069 list = rhltable_lookup(&nfs4_file_rhltable, &inode, 5070 nfs4_file_rhash_params); 5071 rhl_for_each_entry_rcu(fi, tmp, list, fi_rlist) { 5072 if (fh_match(&fi->fi_fhandle, &fhp->fh_handle)) { 5073 if (refcount_inc_not_zero(&fi->fi_ref)) 5074 ret = fi; 5075 } else 5076 fi->fi_aliased = alias_found = true; 5077 } 5078 if (ret) 5079 goto out_unlock; 5080 5081 nfsd4_file_init(fhp, new); 5082 err = rhltable_insert(&nfs4_file_rhltable, &new->fi_rlist, 5083 nfs4_file_rhash_params); 5084 if (err) 5085 goto out_unlock; 5086 5087 new->fi_aliased = alias_found; 5088 ret = new; 5089 5090 out_unlock: 5091 spin_unlock(&inode->i_lock); 5092 rcu_read_unlock(); 5093 return ret; 5094 } 5095 5096 static noinline_for_stack void nfsd4_file_hash_remove(struct nfs4_file *fi) 5097 { 5098 rhltable_remove(&nfs4_file_rhltable, &fi->fi_rlist, 5099 nfs4_file_rhash_params); 5100 } 5101 5102 /* 5103 * Called to check deny when READ with all zero stateid or 5104 * WRITE with all zero or all one stateid 5105 */ 5106 static __be32 5107 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 5108 { 5109 struct nfs4_file *fp; 5110 __be32 ret = nfs_ok; 5111 5112 fp = nfsd4_file_hash_lookup(current_fh); 5113 if (!fp) 5114 return ret; 5115 5116 /* Check for conflicting share reservations */ 5117 spin_lock(&fp->fi_lock); 5118 if (fp->fi_share_deny & deny_type) 5119 ret = nfserr_locked; 5120 spin_unlock(&fp->fi_lock); 5121 put_nfs4_file(fp); 5122 return ret; 5123 } 5124 5125 static bool nfsd4_deleg_present(const struct inode *inode) 5126 { 5127 struct file_lock_context *ctx = locks_inode_context(inode); 5128 5129 return ctx && !list_empty_careful(&ctx->flc_lease); 5130 } 5131 5132 /** 5133 * nfsd_wait_for_delegreturn - wait for delegations to be returned 5134 * @rqstp: the RPC transaction being executed 5135 * @inode: in-core inode of the file being waited for 5136 * 5137 * The timeout prevents deadlock if all nfsd threads happen to be 5138 * tied up waiting for returning delegations. 5139 * 5140 * Return values: 5141 * %true: delegation was returned 5142 * %false: timed out waiting for delegreturn 5143 */ 5144 bool nfsd_wait_for_delegreturn(struct svc_rqst *rqstp, struct inode *inode) 5145 { 5146 long __maybe_unused timeo; 5147 5148 timeo = wait_var_event_timeout(inode, !nfsd4_deleg_present(inode), 5149 NFSD_DELEGRETURN_TIMEOUT); 5150 trace_nfsd_delegret_wakeup(rqstp, inode, timeo); 5151 return timeo > 0; 5152 } 5153 5154 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 5155 { 5156 struct nfs4_delegation *dp = cb_to_delegation(cb); 5157 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 5158 nfsd_net_id); 5159 5160 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 5161 5162 /* 5163 * We can't do this in nfsd_break_deleg_cb because it is 5164 * already holding inode->i_lock. 5165 * 5166 * If the dl_time != 0, then we know that it has already been 5167 * queued for a lease break. Don't queue it again. 5168 */ 5169 spin_lock(&state_lock); 5170 if (delegation_hashed(dp) && dp->dl_time == 0) { 5171 dp->dl_time = ktime_get_boottime_seconds(); 5172 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 5173 } 5174 spin_unlock(&state_lock); 5175 } 5176 5177 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 5178 struct rpc_task *task) 5179 { 5180 struct nfs4_delegation *dp = cb_to_delegation(cb); 5181 5182 trace_nfsd_cb_recall_done(&dp->dl_stid.sc_stateid, task); 5183 5184 if (dp->dl_stid.sc_status) 5185 /* CLOSED or REVOKED */ 5186 return 1; 5187 5188 switch (task->tk_status) { 5189 case 0: 5190 return 1; 5191 case -NFS4ERR_DELAY: 5192 rpc_delay(task, 2 * HZ); 5193 return 0; 5194 case -EBADHANDLE: 5195 case -NFS4ERR_BAD_STATEID: 5196 /* 5197 * Race: client probably got cb_recall before open reply 5198 * granting delegation. 5199 */ 5200 if (dp->dl_retries--) { 5201 rpc_delay(task, 2 * HZ); 5202 return 0; 5203 } 5204 fallthrough; 5205 default: 5206 return 1; 5207 } 5208 } 5209 5210 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 5211 { 5212 struct nfs4_delegation *dp = cb_to_delegation(cb); 5213 5214 nfs4_put_stid(&dp->dl_stid); 5215 } 5216 5217 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 5218 .prepare = nfsd4_cb_recall_prepare, 5219 .done = nfsd4_cb_recall_done, 5220 .release = nfsd4_cb_recall_release, 5221 }; 5222 5223 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 5224 { 5225 /* 5226 * We're assuming the state code never drops its reference 5227 * without first removing the lease. Since we're in this lease 5228 * callback (and since the lease code is serialized by the 5229 * flc_lock) we know the server hasn't removed the lease yet, and 5230 * we know it's safe to take a reference. 5231 */ 5232 refcount_inc(&dp->dl_stid.sc_count); 5233 WARN_ON_ONCE(!nfsd4_run_cb(&dp->dl_recall)); 5234 } 5235 5236 /* Called from break_lease() with flc_lock held. */ 5237 static bool 5238 nfsd_break_deleg_cb(struct file_lease *fl) 5239 { 5240 struct nfs4_delegation *dp = (struct nfs4_delegation *) fl->c.flc_owner; 5241 struct nfs4_file *fp = dp->dl_stid.sc_file; 5242 struct nfs4_client *clp = dp->dl_stid.sc_client; 5243 struct nfsd_net *nn; 5244 5245 trace_nfsd_cb_recall(&dp->dl_stid); 5246 5247 dp->dl_recalled = true; 5248 atomic_inc(&clp->cl_delegs_in_recall); 5249 if (try_to_expire_client(clp)) { 5250 nn = net_generic(clp->net, nfsd_net_id); 5251 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 5252 } 5253 5254 /* 5255 * We don't want the locks code to timeout the lease for us; 5256 * we'll remove it ourself if a delegation isn't returned 5257 * in time: 5258 */ 5259 fl->fl_break_time = 0; 5260 5261 fp->fi_had_conflict = true; 5262 nfsd_break_one_deleg(dp); 5263 return false; 5264 } 5265 5266 /** 5267 * nfsd_breaker_owns_lease - Check if lease conflict was resolved 5268 * @fl: Lock state to check 5269 * 5270 * Return values: 5271 * %true: Lease conflict was resolved 5272 * %false: Lease conflict was not resolved. 5273 */ 5274 static bool nfsd_breaker_owns_lease(struct file_lease *fl) 5275 { 5276 struct nfs4_delegation *dl = fl->c.flc_owner; 5277 struct svc_rqst *rqst; 5278 struct nfs4_client *clp; 5279 5280 if (!i_am_nfsd()) 5281 return false; 5282 rqst = kthread_data(current); 5283 /* Note rq_prog == NFS_ACL_PROGRAM is also possible: */ 5284 if (rqst->rq_prog != NFS_PROGRAM || rqst->rq_vers < 4) 5285 return false; 5286 clp = *(rqst->rq_lease_breaker); 5287 return dl->dl_stid.sc_client == clp; 5288 } 5289 5290 static int 5291 nfsd_change_deleg_cb(struct file_lease *onlist, int arg, 5292 struct list_head *dispose) 5293 { 5294 struct nfs4_delegation *dp = (struct nfs4_delegation *) onlist->c.flc_owner; 5295 struct nfs4_client *clp = dp->dl_stid.sc_client; 5296 5297 if (arg & F_UNLCK) { 5298 if (dp->dl_recalled) 5299 atomic_dec(&clp->cl_delegs_in_recall); 5300 return lease_modify(onlist, arg, dispose); 5301 } else 5302 return -EAGAIN; 5303 } 5304 5305 static const struct lease_manager_operations nfsd_lease_mng_ops = { 5306 .lm_breaker_owns_lease = nfsd_breaker_owns_lease, 5307 .lm_break = nfsd_break_deleg_cb, 5308 .lm_change = nfsd_change_deleg_cb, 5309 }; 5310 5311 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 5312 { 5313 if (nfsd4_has_session(cstate)) 5314 return nfs_ok; 5315 if (seqid == so->so_seqid - 1) 5316 return nfserr_replay_me; 5317 if (seqid == so->so_seqid) 5318 return nfs_ok; 5319 return nfserr_bad_seqid; 5320 } 5321 5322 static struct nfs4_client *lookup_clientid(clientid_t *clid, bool sessions, 5323 struct nfsd_net *nn) 5324 { 5325 struct nfs4_client *found; 5326 5327 spin_lock(&nn->client_lock); 5328 found = find_confirmed_client(clid, sessions, nn); 5329 if (found) 5330 atomic_inc(&found->cl_rpc_users); 5331 spin_unlock(&nn->client_lock); 5332 return found; 5333 } 5334 5335 static __be32 set_client(clientid_t *clid, 5336 struct nfsd4_compound_state *cstate, 5337 struct nfsd_net *nn) 5338 { 5339 if (cstate->clp) { 5340 if (!same_clid(&cstate->clp->cl_clientid, clid)) 5341 return nfserr_stale_clientid; 5342 return nfs_ok; 5343 } 5344 if (STALE_CLIENTID(clid, nn)) 5345 return nfserr_stale_clientid; 5346 /* 5347 * We're in the 4.0 case (otherwise the SEQUENCE op would have 5348 * set cstate->clp), so session = false: 5349 */ 5350 cstate->clp = lookup_clientid(clid, false, nn); 5351 if (!cstate->clp) 5352 return nfserr_expired; 5353 return nfs_ok; 5354 } 5355 5356 __be32 5357 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 5358 struct nfsd4_open *open, struct nfsd_net *nn) 5359 { 5360 clientid_t *clientid = &open->op_clientid; 5361 struct nfs4_client *clp = NULL; 5362 unsigned int strhashval; 5363 struct nfs4_openowner *oo = NULL; 5364 __be32 status; 5365 5366 /* 5367 * In case we need it later, after we've already created the 5368 * file and don't want to risk a further failure: 5369 */ 5370 open->op_file = nfsd4_alloc_file(); 5371 if (open->op_file == NULL) 5372 return nfserr_jukebox; 5373 5374 status = set_client(clientid, cstate, nn); 5375 if (status) 5376 return status; 5377 clp = cstate->clp; 5378 5379 strhashval = ownerstr_hashval(&open->op_owner); 5380 retry: 5381 oo = find_or_alloc_open_stateowner(strhashval, open, cstate); 5382 open->op_openowner = oo; 5383 if (!oo) 5384 return nfserr_jukebox; 5385 if (nfsd4_cstate_assign_replay(cstate, &oo->oo_owner) == -EAGAIN) { 5386 nfs4_put_stateowner(&oo->oo_owner); 5387 goto retry; 5388 } 5389 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 5390 if (status) 5391 return status; 5392 5393 open->op_stp = nfs4_alloc_open_stateid(clp); 5394 if (!open->op_stp) 5395 return nfserr_jukebox; 5396 5397 if (nfsd4_has_session(cstate) && 5398 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 5399 open->op_odstate = alloc_clnt_odstate(clp); 5400 if (!open->op_odstate) 5401 return nfserr_jukebox; 5402 } 5403 5404 return nfs_ok; 5405 } 5406 5407 static inline __be32 5408 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 5409 { 5410 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 5411 return nfserr_openmode; 5412 else 5413 return nfs_ok; 5414 } 5415 5416 static int share_access_to_flags(u32 share_access) 5417 { 5418 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 5419 } 5420 5421 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, 5422 stateid_t *s) 5423 { 5424 struct nfs4_stid *ret; 5425 5426 ret = find_stateid_by_type(cl, s, SC_TYPE_DELEG, SC_STATUS_REVOKED); 5427 if (!ret) 5428 return NULL; 5429 return delegstateid(ret); 5430 } 5431 5432 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 5433 { 5434 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 5435 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 5436 } 5437 5438 static __be32 5439 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 5440 struct nfs4_delegation **dp) 5441 { 5442 int flags; 5443 __be32 status = nfserr_bad_stateid; 5444 struct nfs4_delegation *deleg; 5445 5446 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 5447 if (deleg == NULL) 5448 goto out; 5449 if (deleg->dl_stid.sc_status & SC_STATUS_ADMIN_REVOKED) { 5450 nfs4_put_stid(&deleg->dl_stid); 5451 status = nfserr_admin_revoked; 5452 goto out; 5453 } 5454 if (deleg->dl_stid.sc_status & SC_STATUS_REVOKED) { 5455 nfs4_put_stid(&deleg->dl_stid); 5456 nfsd40_drop_revoked_stid(cl, &open->op_delegate_stateid); 5457 status = nfserr_deleg_revoked; 5458 goto out; 5459 } 5460 flags = share_access_to_flags(open->op_share_access); 5461 status = nfs4_check_delegmode(deleg, flags); 5462 if (status) { 5463 nfs4_put_stid(&deleg->dl_stid); 5464 goto out; 5465 } 5466 *dp = deleg; 5467 out: 5468 if (!nfsd4_is_deleg_cur(open)) 5469 return nfs_ok; 5470 if (status) 5471 return status; 5472 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 5473 return nfs_ok; 5474 } 5475 5476 static inline int nfs4_access_to_access(u32 nfs4_access) 5477 { 5478 int flags = 0; 5479 5480 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 5481 flags |= NFSD_MAY_READ; 5482 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 5483 flags |= NFSD_MAY_WRITE; 5484 return flags; 5485 } 5486 5487 static inline __be32 5488 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 5489 struct nfsd4_open *open) 5490 { 5491 struct iattr iattr = { 5492 .ia_valid = ATTR_SIZE, 5493 .ia_size = 0, 5494 }; 5495 struct nfsd_attrs attrs = { 5496 .na_iattr = &iattr, 5497 }; 5498 if (!open->op_truncate) 5499 return 0; 5500 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 5501 return nfserr_inval; 5502 return nfsd_setattr(rqstp, fh, &attrs, NULL); 5503 } 5504 5505 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 5506 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 5507 struct nfsd4_open *open, bool new_stp) 5508 { 5509 struct nfsd_file *nf = NULL; 5510 __be32 status; 5511 int oflag = nfs4_access_to_omode(open->op_share_access); 5512 int access = nfs4_access_to_access(open->op_share_access); 5513 unsigned char old_access_bmap, old_deny_bmap; 5514 5515 spin_lock(&fp->fi_lock); 5516 5517 /* 5518 * Are we trying to set a deny mode that would conflict with 5519 * current access? 5520 */ 5521 status = nfs4_file_check_deny(fp, open->op_share_deny); 5522 if (status != nfs_ok) { 5523 if (status != nfserr_share_denied) { 5524 spin_unlock(&fp->fi_lock); 5525 goto out; 5526 } 5527 if (nfs4_resolve_deny_conflicts_locked(fp, new_stp, 5528 stp, open->op_share_deny, false)) 5529 status = nfserr_jukebox; 5530 spin_unlock(&fp->fi_lock); 5531 goto out; 5532 } 5533 5534 /* set access to the file */ 5535 status = nfs4_file_get_access(fp, open->op_share_access); 5536 if (status != nfs_ok) { 5537 if (status != nfserr_share_denied) { 5538 spin_unlock(&fp->fi_lock); 5539 goto out; 5540 } 5541 if (nfs4_resolve_deny_conflicts_locked(fp, new_stp, 5542 stp, open->op_share_access, true)) 5543 status = nfserr_jukebox; 5544 spin_unlock(&fp->fi_lock); 5545 goto out; 5546 } 5547 5548 /* Set access bits in stateid */ 5549 old_access_bmap = stp->st_access_bmap; 5550 set_access(open->op_share_access, stp); 5551 5552 /* Set new deny mask */ 5553 old_deny_bmap = stp->st_deny_bmap; 5554 set_deny(open->op_share_deny, stp); 5555 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 5556 5557 if (!fp->fi_fds[oflag]) { 5558 spin_unlock(&fp->fi_lock); 5559 5560 status = nfsd_file_acquire_opened(rqstp, cur_fh, access, 5561 open->op_filp, &nf); 5562 if (status != nfs_ok) 5563 goto out_put_access; 5564 5565 spin_lock(&fp->fi_lock); 5566 if (!fp->fi_fds[oflag]) { 5567 fp->fi_fds[oflag] = nf; 5568 nf = NULL; 5569 } 5570 } 5571 spin_unlock(&fp->fi_lock); 5572 if (nf) 5573 nfsd_file_put(nf); 5574 5575 status = nfserrno(nfsd_open_break_lease(cur_fh->fh_dentry->d_inode, 5576 access)); 5577 if (status) 5578 goto out_put_access; 5579 5580 status = nfsd4_truncate(rqstp, cur_fh, open); 5581 if (status) 5582 goto out_put_access; 5583 out: 5584 return status; 5585 out_put_access: 5586 stp->st_access_bmap = old_access_bmap; 5587 nfs4_file_put_access(fp, open->op_share_access); 5588 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 5589 goto out; 5590 } 5591 5592 static __be32 5593 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, 5594 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 5595 struct nfsd4_open *open) 5596 { 5597 __be32 status; 5598 unsigned char old_deny_bmap = stp->st_deny_bmap; 5599 5600 if (!test_access(open->op_share_access, stp)) 5601 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open, false); 5602 5603 /* test and set deny mode */ 5604 spin_lock(&fp->fi_lock); 5605 status = nfs4_file_check_deny(fp, open->op_share_deny); 5606 switch (status) { 5607 case nfs_ok: 5608 set_deny(open->op_share_deny, stp); 5609 fp->fi_share_deny |= 5610 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 5611 break; 5612 case nfserr_share_denied: 5613 if (nfs4_resolve_deny_conflicts_locked(fp, false, 5614 stp, open->op_share_deny, false)) 5615 status = nfserr_jukebox; 5616 break; 5617 } 5618 spin_unlock(&fp->fi_lock); 5619 5620 if (status != nfs_ok) 5621 return status; 5622 5623 status = nfsd4_truncate(rqstp, cur_fh, open); 5624 if (status != nfs_ok) 5625 reset_union_bmap_deny(old_deny_bmap, stp); 5626 return status; 5627 } 5628 5629 /* Should we give out recallable state?: */ 5630 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 5631 { 5632 if (clp->cl_cb_state == NFSD4_CB_UP) 5633 return true; 5634 /* 5635 * In the sessions case, since we don't have to establish a 5636 * separate connection for callbacks, we assume it's OK 5637 * until we hear otherwise: 5638 */ 5639 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 5640 } 5641 5642 static struct file_lease *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 5643 int flag) 5644 { 5645 struct file_lease *fl; 5646 5647 fl = locks_alloc_lease(); 5648 if (!fl) 5649 return NULL; 5650 fl->fl_lmops = &nfsd_lease_mng_ops; 5651 fl->c.flc_flags = FL_DELEG; 5652 fl->c.flc_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 5653 fl->c.flc_owner = (fl_owner_t)dp; 5654 fl->c.flc_pid = current->tgid; 5655 fl->c.flc_file = dp->dl_stid.sc_file->fi_deleg_file->nf_file; 5656 return fl; 5657 } 5658 5659 static int nfsd4_check_conflicting_opens(struct nfs4_client *clp, 5660 struct nfs4_file *fp) 5661 { 5662 struct nfs4_ol_stateid *st; 5663 struct file *f = fp->fi_deleg_file->nf_file; 5664 struct inode *ino = file_inode(f); 5665 int writes; 5666 5667 writes = atomic_read(&ino->i_writecount); 5668 if (!writes) 5669 return 0; 5670 /* 5671 * There could be multiple filehandles (hence multiple 5672 * nfs4_files) referencing this file, but that's not too 5673 * common; let's just give up in that case rather than 5674 * trying to go look up all the clients using that other 5675 * nfs4_file as well: 5676 */ 5677 if (fp->fi_aliased) 5678 return -EAGAIN; 5679 /* 5680 * If there's a close in progress, make sure that we see it 5681 * clear any fi_fds[] entries before we see it decrement 5682 * i_writecount: 5683 */ 5684 smp_mb__after_atomic(); 5685 5686 if (fp->fi_fds[O_WRONLY]) 5687 writes--; 5688 if (fp->fi_fds[O_RDWR]) 5689 writes--; 5690 if (writes > 0) 5691 return -EAGAIN; /* There may be non-NFSv4 writers */ 5692 /* 5693 * It's possible there are non-NFSv4 write opens in progress, 5694 * but if they haven't incremented i_writecount yet then they 5695 * also haven't called break lease yet; so, they'll break this 5696 * lease soon enough. So, all that's left to check for is NFSv4 5697 * opens: 5698 */ 5699 spin_lock(&fp->fi_lock); 5700 list_for_each_entry(st, &fp->fi_stateids, st_perfile) { 5701 if (st->st_openstp == NULL /* it's an open */ && 5702 access_permit_write(st) && 5703 st->st_stid.sc_client != clp) { 5704 spin_unlock(&fp->fi_lock); 5705 return -EAGAIN; 5706 } 5707 } 5708 spin_unlock(&fp->fi_lock); 5709 /* 5710 * There's a small chance that we could be racing with another 5711 * NFSv4 open. However, any open that hasn't added itself to 5712 * the fi_stateids list also hasn't called break_lease yet; so, 5713 * they'll break this lease soon enough. 5714 */ 5715 return 0; 5716 } 5717 5718 /* 5719 * It's possible that between opening the dentry and setting the delegation, 5720 * that it has been renamed or unlinked. Redo the lookup to verify that this 5721 * hasn't happened. 5722 */ 5723 static int 5724 nfsd4_verify_deleg_dentry(struct nfsd4_open *open, struct nfs4_file *fp, 5725 struct svc_fh *parent) 5726 { 5727 struct svc_export *exp; 5728 struct dentry *child; 5729 __be32 err; 5730 5731 err = nfsd_lookup_dentry(open->op_rqstp, parent, 5732 open->op_fname, open->op_fnamelen, 5733 &exp, &child); 5734 5735 if (err) 5736 return -EAGAIN; 5737 5738 exp_put(exp); 5739 dput(child); 5740 if (child != file_dentry(fp->fi_deleg_file->nf_file)) 5741 return -EAGAIN; 5742 5743 return 0; 5744 } 5745 5746 /* 5747 * We avoid breaking delegations held by a client due to its own activity, but 5748 * clearing setuid/setgid bits on a write is an implicit activity and the client 5749 * may not notice and continue using the old mode. Avoid giving out a delegation 5750 * on setuid/setgid files when the client is requesting an open for write. 5751 */ 5752 static int 5753 nfsd4_verify_setuid_write(struct nfsd4_open *open, struct nfsd_file *nf) 5754 { 5755 struct inode *inode = file_inode(nf->nf_file); 5756 5757 if ((open->op_share_access & NFS4_SHARE_ACCESS_WRITE) && 5758 (inode->i_mode & (S_ISUID|S_ISGID))) 5759 return -EAGAIN; 5760 return 0; 5761 } 5762 5763 static struct nfs4_delegation * 5764 nfs4_set_delegation(struct nfsd4_open *open, struct nfs4_ol_stateid *stp, 5765 struct svc_fh *parent) 5766 { 5767 int status = 0; 5768 struct nfs4_client *clp = stp->st_stid.sc_client; 5769 struct nfs4_file *fp = stp->st_stid.sc_file; 5770 struct nfs4_clnt_odstate *odstate = stp->st_clnt_odstate; 5771 struct nfs4_delegation *dp; 5772 struct nfsd_file *nf = NULL; 5773 struct file_lease *fl; 5774 u32 dl_type; 5775 5776 /* 5777 * The fi_had_conflict and nfs_get_existing_delegation checks 5778 * here are just optimizations; we'll need to recheck them at 5779 * the end: 5780 */ 5781 if (fp->fi_had_conflict) 5782 return ERR_PTR(-EAGAIN); 5783 5784 /* 5785 * Try for a write delegation first. RFC8881 section 10.4 says: 5786 * 5787 * "An OPEN_DELEGATE_WRITE delegation allows the client to handle, 5788 * on its own, all opens." 5789 * 5790 * Furthermore the client can use a write delegation for most READ 5791 * operations as well, so we require a O_RDWR file here. 5792 * 5793 * Offer a write delegation in the case of a BOTH open, and ensure 5794 * we get the O_RDWR descriptor. 5795 */ 5796 if ((open->op_share_access & NFS4_SHARE_ACCESS_BOTH) == NFS4_SHARE_ACCESS_BOTH) { 5797 nf = find_rw_file(fp); 5798 dl_type = NFS4_OPEN_DELEGATE_WRITE; 5799 } 5800 5801 /* 5802 * If the file is being opened O_RDONLY or we couldn't get a O_RDWR 5803 * file for some reason, then try for a read delegation instead. 5804 */ 5805 if (!nf && (open->op_share_access & NFS4_SHARE_ACCESS_READ)) { 5806 nf = find_readable_file(fp); 5807 dl_type = NFS4_OPEN_DELEGATE_READ; 5808 } 5809 5810 if (!nf) 5811 return ERR_PTR(-EAGAIN); 5812 5813 spin_lock(&state_lock); 5814 spin_lock(&fp->fi_lock); 5815 if (nfs4_delegation_exists(clp, fp)) 5816 status = -EAGAIN; 5817 else if (nfsd4_verify_setuid_write(open, nf)) 5818 status = -EAGAIN; 5819 else if (!fp->fi_deleg_file) { 5820 fp->fi_deleg_file = nf; 5821 /* increment early to prevent fi_deleg_file from being 5822 * cleared */ 5823 fp->fi_delegees = 1; 5824 nf = NULL; 5825 } else 5826 fp->fi_delegees++; 5827 spin_unlock(&fp->fi_lock); 5828 spin_unlock(&state_lock); 5829 if (nf) 5830 nfsd_file_put(nf); 5831 if (status) 5832 return ERR_PTR(status); 5833 5834 status = -ENOMEM; 5835 dp = alloc_init_deleg(clp, fp, odstate, dl_type); 5836 if (!dp) 5837 goto out_delegees; 5838 5839 fl = nfs4_alloc_init_lease(dp, dl_type); 5840 if (!fl) 5841 goto out_clnt_odstate; 5842 5843 status = kernel_setlease(fp->fi_deleg_file->nf_file, 5844 fl->c.flc_type, &fl, NULL); 5845 if (fl) 5846 locks_free_lease(fl); 5847 if (status) 5848 goto out_clnt_odstate; 5849 5850 if (parent) { 5851 status = nfsd4_verify_deleg_dentry(open, fp, parent); 5852 if (status) 5853 goto out_unlock; 5854 } 5855 5856 status = nfsd4_check_conflicting_opens(clp, fp); 5857 if (status) 5858 goto out_unlock; 5859 5860 /* 5861 * Now that the deleg is set, check again to ensure that nothing 5862 * raced in and changed the mode while we weren't lookng. 5863 */ 5864 status = nfsd4_verify_setuid_write(open, fp->fi_deleg_file); 5865 if (status) 5866 goto out_unlock; 5867 5868 status = -EAGAIN; 5869 if (fp->fi_had_conflict) 5870 goto out_unlock; 5871 5872 spin_lock(&state_lock); 5873 spin_lock(&clp->cl_lock); 5874 spin_lock(&fp->fi_lock); 5875 status = hash_delegation_locked(dp, fp); 5876 spin_unlock(&fp->fi_lock); 5877 spin_unlock(&clp->cl_lock); 5878 spin_unlock(&state_lock); 5879 5880 if (status) 5881 goto out_unlock; 5882 5883 return dp; 5884 out_unlock: 5885 kernel_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp); 5886 out_clnt_odstate: 5887 put_clnt_odstate(dp->dl_clnt_odstate); 5888 nfs4_put_stid(&dp->dl_stid); 5889 out_delegees: 5890 put_deleg_file(fp); 5891 return ERR_PTR(status); 5892 } 5893 5894 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 5895 { 5896 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 5897 if (status == -EAGAIN) 5898 open->op_why_no_deleg = WND4_CONTENTION; 5899 else { 5900 open->op_why_no_deleg = WND4_RESOURCE; 5901 switch (open->op_deleg_want) { 5902 case NFS4_SHARE_WANT_READ_DELEG: 5903 case NFS4_SHARE_WANT_WRITE_DELEG: 5904 case NFS4_SHARE_WANT_ANY_DELEG: 5905 break; 5906 case NFS4_SHARE_WANT_CANCEL: 5907 open->op_why_no_deleg = WND4_CANCELLED; 5908 break; 5909 case NFS4_SHARE_WANT_NO_DELEG: 5910 WARN_ON_ONCE(1); 5911 } 5912 } 5913 } 5914 5915 /* 5916 * The Linux NFS server does not offer write delegations to NFSv4.0 5917 * clients in order to avoid conflicts between write delegations and 5918 * GETATTRs requesting CHANGE or SIZE attributes. 5919 * 5920 * With NFSv4.1 and later minorversions, the SEQUENCE operation that 5921 * begins each COMPOUND contains a client ID. Delegation recall can 5922 * be avoided when the server recognizes the client sending a 5923 * GETATTR also holds write delegation it conflicts with. 5924 * 5925 * However, the NFSv4.0 protocol does not enable a server to 5926 * determine that a GETATTR originated from the client holding the 5927 * conflicting delegation versus coming from some other client. Per 5928 * RFC 7530 Section 16.7.5, the server must recall or send a 5929 * CB_GETATTR even when the GETATTR originates from the client that 5930 * holds the conflicting delegation. 5931 * 5932 * An NFSv4.0 client can trigger a pathological situation if it 5933 * always sends a DELEGRETURN preceded by a conflicting GETATTR in 5934 * the same COMPOUND. COMPOUND execution will always stop at the 5935 * GETATTR and the DELEGRETURN will never get executed. The server 5936 * eventually revokes the delegation, which can result in loss of 5937 * open or lock state. 5938 */ 5939 static void 5940 nfs4_open_delegation(struct nfsd4_open *open, struct nfs4_ol_stateid *stp, 5941 struct svc_fh *currentfh) 5942 { 5943 struct nfs4_delegation *dp; 5944 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 5945 struct nfs4_client *clp = stp->st_stid.sc_client; 5946 struct svc_fh *parent = NULL; 5947 int cb_up; 5948 int status = 0; 5949 struct kstat stat; 5950 struct path path; 5951 5952 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 5953 open->op_recall = false; 5954 switch (open->op_claim_type) { 5955 case NFS4_OPEN_CLAIM_PREVIOUS: 5956 if (!cb_up) 5957 open->op_recall = true; 5958 break; 5959 case NFS4_OPEN_CLAIM_NULL: 5960 parent = currentfh; 5961 fallthrough; 5962 case NFS4_OPEN_CLAIM_FH: 5963 /* 5964 * Let's not give out any delegations till everyone's 5965 * had the chance to reclaim theirs, *and* until 5966 * NLM locks have all been reclaimed: 5967 */ 5968 if (locks_in_grace(clp->net)) 5969 goto out_no_deleg; 5970 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 5971 goto out_no_deleg; 5972 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE && 5973 !clp->cl_minorversion) 5974 goto out_no_deleg; 5975 break; 5976 default: 5977 goto out_no_deleg; 5978 } 5979 dp = nfs4_set_delegation(open, stp, parent); 5980 if (IS_ERR(dp)) 5981 goto out_no_deleg; 5982 5983 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 5984 5985 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) { 5986 open->op_delegate_type = NFS4_OPEN_DELEGATE_WRITE; 5987 trace_nfsd_deleg_write(&dp->dl_stid.sc_stateid); 5988 path.mnt = currentfh->fh_export->ex_path.mnt; 5989 path.dentry = currentfh->fh_dentry; 5990 if (vfs_getattr(&path, &stat, 5991 (STATX_SIZE | STATX_CTIME | STATX_CHANGE_COOKIE), 5992 AT_STATX_SYNC_AS_STAT)) { 5993 nfs4_put_stid(&dp->dl_stid); 5994 destroy_delegation(dp); 5995 goto out_no_deleg; 5996 } 5997 dp->dl_cb_fattr.ncf_cur_fsize = stat.size; 5998 dp->dl_cb_fattr.ncf_initial_cinfo = 5999 nfsd4_change_attribute(&stat, d_inode(currentfh->fh_dentry)); 6000 } else { 6001 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 6002 trace_nfsd_deleg_read(&dp->dl_stid.sc_stateid); 6003 } 6004 nfs4_put_stid(&dp->dl_stid); 6005 return; 6006 out_no_deleg: 6007 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 6008 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 6009 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 6010 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 6011 open->op_recall = true; 6012 } 6013 6014 /* 4.1 client asking for a delegation? */ 6015 if (open->op_deleg_want) 6016 nfsd4_open_deleg_none_ext(open, status); 6017 return; 6018 } 6019 6020 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 6021 struct nfs4_delegation *dp) 6022 { 6023 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 6024 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 6025 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 6026 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 6027 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 6028 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 6029 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 6030 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 6031 } 6032 /* Otherwise the client must be confused wanting a delegation 6033 * it already has, therefore we don't return 6034 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 6035 */ 6036 } 6037 6038 /** 6039 * nfsd4_process_open2 - finish open processing 6040 * @rqstp: the RPC transaction being executed 6041 * @current_fh: NFSv4 COMPOUND's current filehandle 6042 * @open: OPEN arguments 6043 * 6044 * If successful, (1) truncate the file if open->op_truncate was 6045 * set, (2) set open->op_stateid, (3) set open->op_delegation. 6046 * 6047 * Returns %nfs_ok on success; otherwise an nfs4stat value in 6048 * network byte order is returned. 6049 */ 6050 __be32 6051 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 6052 { 6053 struct nfsd4_compoundres *resp = rqstp->rq_resp; 6054 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 6055 struct nfs4_file *fp = NULL; 6056 struct nfs4_ol_stateid *stp = NULL; 6057 struct nfs4_delegation *dp = NULL; 6058 __be32 status; 6059 bool new_stp = false; 6060 6061 /* 6062 * Lookup file; if found, lookup stateid and check open request, 6063 * and check for delegations in the process of being recalled. 6064 * If not found, create the nfs4_file struct 6065 */ 6066 fp = nfsd4_file_hash_insert(open->op_file, current_fh); 6067 if (unlikely(!fp)) 6068 return nfserr_jukebox; 6069 if (fp != open->op_file) { 6070 status = nfs4_check_deleg(cl, open, &dp); 6071 if (status) 6072 goto out; 6073 stp = nfsd4_find_and_lock_existing_open(fp, open); 6074 } else { 6075 open->op_file = NULL; 6076 status = nfserr_bad_stateid; 6077 if (nfsd4_is_deleg_cur(open)) 6078 goto out; 6079 } 6080 6081 if (!stp) { 6082 stp = init_open_stateid(fp, open); 6083 if (!open->op_stp) 6084 new_stp = true; 6085 } 6086 6087 /* 6088 * OPEN the file, or upgrade an existing OPEN. 6089 * If truncate fails, the OPEN fails. 6090 * 6091 * stp is already locked. 6092 */ 6093 if (!new_stp) { 6094 /* Stateid was found, this is an OPEN upgrade */ 6095 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 6096 if (status) { 6097 mutex_unlock(&stp->st_mutex); 6098 goto out; 6099 } 6100 } else { 6101 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open, true); 6102 if (status) { 6103 release_open_stateid(stp); 6104 mutex_unlock(&stp->st_mutex); 6105 goto out; 6106 } 6107 6108 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 6109 open->op_odstate); 6110 if (stp->st_clnt_odstate == open->op_odstate) 6111 open->op_odstate = NULL; 6112 } 6113 6114 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 6115 mutex_unlock(&stp->st_mutex); 6116 6117 if (nfsd4_has_session(&resp->cstate)) { 6118 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 6119 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 6120 open->op_why_no_deleg = WND4_NOT_WANTED; 6121 goto nodeleg; 6122 } 6123 } 6124 6125 /* 6126 * Attempt to hand out a delegation. No error return, because the 6127 * OPEN succeeds even if we fail. 6128 */ 6129 nfs4_open_delegation(open, stp, &resp->cstate.current_fh); 6130 nodeleg: 6131 status = nfs_ok; 6132 trace_nfsd_open(&stp->st_stid.sc_stateid); 6133 out: 6134 /* 4.1 client trying to upgrade/downgrade delegation? */ 6135 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 6136 open->op_deleg_want) 6137 nfsd4_deleg_xgrade_none_ext(open, dp); 6138 6139 if (fp) 6140 put_nfs4_file(fp); 6141 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 6142 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 6143 /* 6144 * To finish the open response, we just need to set the rflags. 6145 */ 6146 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 6147 if (nfsd4_has_session(&resp->cstate)) 6148 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 6149 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 6150 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 6151 6152 if (dp) 6153 nfs4_put_stid(&dp->dl_stid); 6154 if (stp) 6155 nfs4_put_stid(&stp->st_stid); 6156 6157 return status; 6158 } 6159 6160 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 6161 struct nfsd4_open *open) 6162 { 6163 if (open->op_openowner) 6164 nfs4_put_stateowner(&open->op_openowner->oo_owner); 6165 if (open->op_file) 6166 kmem_cache_free(file_slab, open->op_file); 6167 if (open->op_stp) 6168 nfs4_put_stid(&open->op_stp->st_stid); 6169 if (open->op_odstate) 6170 kmem_cache_free(odstate_slab, open->op_odstate); 6171 } 6172 6173 __be32 6174 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6175 union nfsd4_op_u *u) 6176 { 6177 clientid_t *clid = &u->renew; 6178 struct nfs4_client *clp; 6179 __be32 status; 6180 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6181 6182 trace_nfsd_clid_renew(clid); 6183 status = set_client(clid, cstate, nn); 6184 if (status) 6185 return status; 6186 clp = cstate->clp; 6187 if (!list_empty(&clp->cl_delegations) 6188 && clp->cl_cb_state != NFSD4_CB_UP) 6189 return nfserr_cb_path_down; 6190 return nfs_ok; 6191 } 6192 6193 void 6194 nfsd4_end_grace(struct nfsd_net *nn) 6195 { 6196 /* do nothing if grace period already ended */ 6197 if (nn->grace_ended) 6198 return; 6199 6200 trace_nfsd_grace_complete(nn); 6201 nn->grace_ended = true; 6202 /* 6203 * If the server goes down again right now, an NFSv4 6204 * client will still be allowed to reclaim after it comes back up, 6205 * even if it hasn't yet had a chance to reclaim state this time. 6206 * 6207 */ 6208 nfsd4_record_grace_done(nn); 6209 /* 6210 * At this point, NFSv4 clients can still reclaim. But if the 6211 * server crashes, any that have not yet reclaimed will be out 6212 * of luck on the next boot. 6213 * 6214 * (NFSv4.1+ clients are considered to have reclaimed once they 6215 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 6216 * have reclaimed after their first OPEN.) 6217 */ 6218 locks_end_grace(&nn->nfsd4_manager); 6219 /* 6220 * At this point, and once lockd and/or any other containers 6221 * exit their grace period, further reclaims will fail and 6222 * regular locking can resume. 6223 */ 6224 } 6225 6226 /* 6227 * If we've waited a lease period but there are still clients trying to 6228 * reclaim, wait a little longer to give them a chance to finish. 6229 */ 6230 static bool clients_still_reclaiming(struct nfsd_net *nn) 6231 { 6232 time64_t double_grace_period_end = nn->boot_time + 6233 2 * nn->nfsd4_lease; 6234 6235 if (nn->track_reclaim_completes && 6236 atomic_read(&nn->nr_reclaim_complete) == 6237 nn->reclaim_str_hashtbl_size) 6238 return false; 6239 if (!nn->somebody_reclaimed) 6240 return false; 6241 nn->somebody_reclaimed = false; 6242 /* 6243 * If we've given them *two* lease times to reclaim, and they're 6244 * still not done, give up: 6245 */ 6246 if (ktime_get_boottime_seconds() > double_grace_period_end) 6247 return false; 6248 return true; 6249 } 6250 6251 struct laundry_time { 6252 time64_t cutoff; 6253 time64_t new_timeo; 6254 }; 6255 6256 static bool state_expired(struct laundry_time *lt, time64_t last_refresh) 6257 { 6258 time64_t time_remaining; 6259 6260 if (last_refresh < lt->cutoff) 6261 return true; 6262 time_remaining = last_refresh - lt->cutoff; 6263 lt->new_timeo = min(lt->new_timeo, time_remaining); 6264 return false; 6265 } 6266 6267 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 6268 void nfsd4_ssc_init_umount_work(struct nfsd_net *nn) 6269 { 6270 spin_lock_init(&nn->nfsd_ssc_lock); 6271 INIT_LIST_HEAD(&nn->nfsd_ssc_mount_list); 6272 init_waitqueue_head(&nn->nfsd_ssc_waitq); 6273 } 6274 EXPORT_SYMBOL_GPL(nfsd4_ssc_init_umount_work); 6275 6276 /* 6277 * This is called when nfsd is being shutdown, after all inter_ssc 6278 * cleanup were done, to destroy the ssc delayed unmount list. 6279 */ 6280 static void nfsd4_ssc_shutdown_umount(struct nfsd_net *nn) 6281 { 6282 struct nfsd4_ssc_umount_item *ni = NULL; 6283 struct nfsd4_ssc_umount_item *tmp; 6284 6285 spin_lock(&nn->nfsd_ssc_lock); 6286 list_for_each_entry_safe(ni, tmp, &nn->nfsd_ssc_mount_list, nsui_list) { 6287 list_del(&ni->nsui_list); 6288 spin_unlock(&nn->nfsd_ssc_lock); 6289 mntput(ni->nsui_vfsmount); 6290 kfree(ni); 6291 spin_lock(&nn->nfsd_ssc_lock); 6292 } 6293 spin_unlock(&nn->nfsd_ssc_lock); 6294 } 6295 6296 static void nfsd4_ssc_expire_umount(struct nfsd_net *nn) 6297 { 6298 bool do_wakeup = false; 6299 struct nfsd4_ssc_umount_item *ni = NULL; 6300 struct nfsd4_ssc_umount_item *tmp; 6301 6302 spin_lock(&nn->nfsd_ssc_lock); 6303 list_for_each_entry_safe(ni, tmp, &nn->nfsd_ssc_mount_list, nsui_list) { 6304 if (time_after(jiffies, ni->nsui_expire)) { 6305 if (refcount_read(&ni->nsui_refcnt) > 1) 6306 continue; 6307 6308 /* mark being unmount */ 6309 ni->nsui_busy = true; 6310 spin_unlock(&nn->nfsd_ssc_lock); 6311 mntput(ni->nsui_vfsmount); 6312 spin_lock(&nn->nfsd_ssc_lock); 6313 6314 /* waiters need to start from begin of list */ 6315 list_del(&ni->nsui_list); 6316 kfree(ni); 6317 6318 /* wakeup ssc_connect waiters */ 6319 do_wakeup = true; 6320 continue; 6321 } 6322 break; 6323 } 6324 if (do_wakeup) 6325 wake_up_all(&nn->nfsd_ssc_waitq); 6326 spin_unlock(&nn->nfsd_ssc_lock); 6327 } 6328 #endif 6329 6330 /* Check if any lock belonging to this lockowner has any blockers */ 6331 static bool 6332 nfs4_lockowner_has_blockers(struct nfs4_lockowner *lo) 6333 { 6334 struct file_lock_context *ctx; 6335 struct nfs4_ol_stateid *stp; 6336 struct nfs4_file *nf; 6337 6338 list_for_each_entry(stp, &lo->lo_owner.so_stateids, st_perstateowner) { 6339 nf = stp->st_stid.sc_file; 6340 ctx = locks_inode_context(nf->fi_inode); 6341 if (!ctx) 6342 continue; 6343 if (locks_owner_has_blockers(ctx, lo)) 6344 return true; 6345 } 6346 return false; 6347 } 6348 6349 static bool 6350 nfs4_anylock_blockers(struct nfs4_client *clp) 6351 { 6352 int i; 6353 struct nfs4_stateowner *so; 6354 struct nfs4_lockowner *lo; 6355 6356 if (atomic_read(&clp->cl_delegs_in_recall)) 6357 return true; 6358 spin_lock(&clp->cl_lock); 6359 for (i = 0; i < OWNER_HASH_SIZE; i++) { 6360 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[i], 6361 so_strhash) { 6362 if (so->so_is_open_owner) 6363 continue; 6364 lo = lockowner(so); 6365 if (nfs4_lockowner_has_blockers(lo)) { 6366 spin_unlock(&clp->cl_lock); 6367 return true; 6368 } 6369 } 6370 } 6371 spin_unlock(&clp->cl_lock); 6372 return false; 6373 } 6374 6375 static void 6376 nfs4_get_client_reaplist(struct nfsd_net *nn, struct list_head *reaplist, 6377 struct laundry_time *lt) 6378 { 6379 unsigned int maxreap, reapcnt = 0; 6380 struct list_head *pos, *next; 6381 struct nfs4_client *clp; 6382 6383 maxreap = (atomic_read(&nn->nfs4_client_count) >= nn->nfs4_max_clients) ? 6384 NFSD_CLIENT_MAX_TRIM_PER_RUN : 0; 6385 INIT_LIST_HEAD(reaplist); 6386 spin_lock(&nn->client_lock); 6387 list_for_each_safe(pos, next, &nn->client_lru) { 6388 clp = list_entry(pos, struct nfs4_client, cl_lru); 6389 if (clp->cl_state == NFSD4_EXPIRABLE) 6390 goto exp_client; 6391 if (!state_expired(lt, clp->cl_time)) 6392 break; 6393 if (!atomic_read(&clp->cl_rpc_users)) { 6394 if (clp->cl_state == NFSD4_ACTIVE) 6395 atomic_inc(&nn->nfsd_courtesy_clients); 6396 clp->cl_state = NFSD4_COURTESY; 6397 } 6398 if (!client_has_state(clp)) 6399 goto exp_client; 6400 if (!nfs4_anylock_blockers(clp)) 6401 if (reapcnt >= maxreap) 6402 continue; 6403 exp_client: 6404 if (!mark_client_expired_locked(clp)) { 6405 list_add(&clp->cl_lru, reaplist); 6406 reapcnt++; 6407 } 6408 } 6409 spin_unlock(&nn->client_lock); 6410 } 6411 6412 static void 6413 nfs4_get_courtesy_client_reaplist(struct nfsd_net *nn, 6414 struct list_head *reaplist) 6415 { 6416 unsigned int maxreap = 0, reapcnt = 0; 6417 struct list_head *pos, *next; 6418 struct nfs4_client *clp; 6419 6420 maxreap = NFSD_CLIENT_MAX_TRIM_PER_RUN; 6421 INIT_LIST_HEAD(reaplist); 6422 6423 spin_lock(&nn->client_lock); 6424 list_for_each_safe(pos, next, &nn->client_lru) { 6425 clp = list_entry(pos, struct nfs4_client, cl_lru); 6426 if (clp->cl_state == NFSD4_ACTIVE) 6427 break; 6428 if (reapcnt >= maxreap) 6429 break; 6430 if (!mark_client_expired_locked(clp)) { 6431 list_add(&clp->cl_lru, reaplist); 6432 reapcnt++; 6433 } 6434 } 6435 spin_unlock(&nn->client_lock); 6436 } 6437 6438 static void 6439 nfs4_process_client_reaplist(struct list_head *reaplist) 6440 { 6441 struct list_head *pos, *next; 6442 struct nfs4_client *clp; 6443 6444 list_for_each_safe(pos, next, reaplist) { 6445 clp = list_entry(pos, struct nfs4_client, cl_lru); 6446 trace_nfsd_clid_purged(&clp->cl_clientid); 6447 list_del_init(&clp->cl_lru); 6448 expire_client(clp); 6449 } 6450 } 6451 6452 static void nfs40_clean_admin_revoked(struct nfsd_net *nn, 6453 struct laundry_time *lt) 6454 { 6455 struct nfs4_client *clp; 6456 6457 spin_lock(&nn->client_lock); 6458 if (nn->nfs40_last_revoke == 0 || 6459 nn->nfs40_last_revoke > lt->cutoff) { 6460 spin_unlock(&nn->client_lock); 6461 return; 6462 } 6463 nn->nfs40_last_revoke = 0; 6464 6465 retry: 6466 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6467 unsigned long id, tmp; 6468 struct nfs4_stid *stid; 6469 6470 if (atomic_read(&clp->cl_admin_revoked) == 0) 6471 continue; 6472 6473 spin_lock(&clp->cl_lock); 6474 idr_for_each_entry_ul(&clp->cl_stateids, stid, tmp, id) 6475 if (stid->sc_status & SC_STATUS_ADMIN_REVOKED) { 6476 refcount_inc(&stid->sc_count); 6477 spin_unlock(&nn->client_lock); 6478 /* this function drops ->cl_lock */ 6479 nfsd4_drop_revoked_stid(stid); 6480 nfs4_put_stid(stid); 6481 spin_lock(&nn->client_lock); 6482 goto retry; 6483 } 6484 spin_unlock(&clp->cl_lock); 6485 } 6486 spin_unlock(&nn->client_lock); 6487 } 6488 6489 static time64_t 6490 nfs4_laundromat(struct nfsd_net *nn) 6491 { 6492 struct nfs4_openowner *oo; 6493 struct nfs4_delegation *dp; 6494 struct nfs4_ol_stateid *stp; 6495 struct nfsd4_blocked_lock *nbl; 6496 struct list_head *pos, *next, reaplist; 6497 struct laundry_time lt = { 6498 .cutoff = ktime_get_boottime_seconds() - nn->nfsd4_lease, 6499 .new_timeo = nn->nfsd4_lease 6500 }; 6501 struct nfs4_cpntf_state *cps; 6502 copy_stateid_t *cps_t; 6503 int i; 6504 6505 if (clients_still_reclaiming(nn)) { 6506 lt.new_timeo = 0; 6507 goto out; 6508 } 6509 nfsd4_end_grace(nn); 6510 6511 spin_lock(&nn->s2s_cp_lock); 6512 idr_for_each_entry(&nn->s2s_cp_stateids, cps_t, i) { 6513 cps = container_of(cps_t, struct nfs4_cpntf_state, cp_stateid); 6514 if (cps->cp_stateid.cs_type == NFS4_COPYNOTIFY_STID && 6515 state_expired(<, cps->cpntf_time)) 6516 _free_cpntf_state_locked(nn, cps); 6517 } 6518 spin_unlock(&nn->s2s_cp_lock); 6519 nfs4_get_client_reaplist(nn, &reaplist, <); 6520 nfs4_process_client_reaplist(&reaplist); 6521 6522 nfs40_clean_admin_revoked(nn, <); 6523 6524 spin_lock(&state_lock); 6525 list_for_each_safe(pos, next, &nn->del_recall_lru) { 6526 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 6527 if (!state_expired(<, dp->dl_time)) 6528 break; 6529 unhash_delegation_locked(dp, SC_STATUS_REVOKED); 6530 list_add(&dp->dl_recall_lru, &reaplist); 6531 } 6532 spin_unlock(&state_lock); 6533 while (!list_empty(&reaplist)) { 6534 dp = list_first_entry(&reaplist, struct nfs4_delegation, 6535 dl_recall_lru); 6536 list_del_init(&dp->dl_recall_lru); 6537 revoke_delegation(dp); 6538 } 6539 6540 spin_lock(&nn->client_lock); 6541 while (!list_empty(&nn->close_lru)) { 6542 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 6543 oo_close_lru); 6544 if (!state_expired(<, oo->oo_time)) 6545 break; 6546 list_del_init(&oo->oo_close_lru); 6547 stp = oo->oo_last_closed_stid; 6548 oo->oo_last_closed_stid = NULL; 6549 spin_unlock(&nn->client_lock); 6550 nfs4_put_stid(&stp->st_stid); 6551 spin_lock(&nn->client_lock); 6552 } 6553 spin_unlock(&nn->client_lock); 6554 6555 /* 6556 * It's possible for a client to try and acquire an already held lock 6557 * that is being held for a long time, and then lose interest in it. 6558 * So, we clean out any un-revisited request after a lease period 6559 * under the assumption that the client is no longer interested. 6560 * 6561 * RFC5661, sec. 9.6 states that the client must not rely on getting 6562 * notifications and must continue to poll for locks, even when the 6563 * server supports them. Thus this shouldn't lead to clients blocking 6564 * indefinitely once the lock does become free. 6565 */ 6566 BUG_ON(!list_empty(&reaplist)); 6567 spin_lock(&nn->blocked_locks_lock); 6568 while (!list_empty(&nn->blocked_locks_lru)) { 6569 nbl = list_first_entry(&nn->blocked_locks_lru, 6570 struct nfsd4_blocked_lock, nbl_lru); 6571 if (!state_expired(<, nbl->nbl_time)) 6572 break; 6573 list_move(&nbl->nbl_lru, &reaplist); 6574 list_del_init(&nbl->nbl_list); 6575 } 6576 spin_unlock(&nn->blocked_locks_lock); 6577 6578 while (!list_empty(&reaplist)) { 6579 nbl = list_first_entry(&reaplist, 6580 struct nfsd4_blocked_lock, nbl_lru); 6581 list_del_init(&nbl->nbl_lru); 6582 free_blocked_lock(nbl); 6583 } 6584 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 6585 /* service the server-to-server copy delayed unmount list */ 6586 nfsd4_ssc_expire_umount(nn); 6587 #endif 6588 if (atomic_long_read(&num_delegations) >= max_delegations) 6589 deleg_reaper(nn); 6590 out: 6591 return max_t(time64_t, lt.new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 6592 } 6593 6594 static void laundromat_main(struct work_struct *); 6595 6596 static void 6597 laundromat_main(struct work_struct *laundry) 6598 { 6599 time64_t t; 6600 struct delayed_work *dwork = to_delayed_work(laundry); 6601 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 6602 laundromat_work); 6603 6604 t = nfs4_laundromat(nn); 6605 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 6606 } 6607 6608 static void 6609 courtesy_client_reaper(struct nfsd_net *nn) 6610 { 6611 struct list_head reaplist; 6612 6613 nfs4_get_courtesy_client_reaplist(nn, &reaplist); 6614 nfs4_process_client_reaplist(&reaplist); 6615 } 6616 6617 static void 6618 deleg_reaper(struct nfsd_net *nn) 6619 { 6620 struct list_head *pos, *next; 6621 struct nfs4_client *clp; 6622 struct list_head cblist; 6623 6624 INIT_LIST_HEAD(&cblist); 6625 spin_lock(&nn->client_lock); 6626 list_for_each_safe(pos, next, &nn->client_lru) { 6627 clp = list_entry(pos, struct nfs4_client, cl_lru); 6628 if (clp->cl_state != NFSD4_ACTIVE || 6629 list_empty(&clp->cl_delegations) || 6630 atomic_read(&clp->cl_delegs_in_recall) || 6631 test_bit(NFSD4_CLIENT_CB_RECALL_ANY, &clp->cl_flags) || 6632 (ktime_get_boottime_seconds() - 6633 clp->cl_ra_time < 5)) { 6634 continue; 6635 } 6636 list_add(&clp->cl_ra_cblist, &cblist); 6637 6638 /* release in nfsd4_cb_recall_any_release */ 6639 kref_get(&clp->cl_nfsdfs.cl_ref); 6640 set_bit(NFSD4_CLIENT_CB_RECALL_ANY, &clp->cl_flags); 6641 clp->cl_ra_time = ktime_get_boottime_seconds(); 6642 } 6643 spin_unlock(&nn->client_lock); 6644 6645 while (!list_empty(&cblist)) { 6646 clp = list_first_entry(&cblist, struct nfs4_client, 6647 cl_ra_cblist); 6648 list_del_init(&clp->cl_ra_cblist); 6649 clp->cl_ra->ra_keep = 0; 6650 clp->cl_ra->ra_bmval[0] = BIT(RCA4_TYPE_MASK_RDATA_DLG); 6651 clp->cl_ra->ra_bmval[0] = BIT(RCA4_TYPE_MASK_RDATA_DLG) | 6652 BIT(RCA4_TYPE_MASK_WDATA_DLG); 6653 trace_nfsd_cb_recall_any(clp->cl_ra); 6654 nfsd4_run_cb(&clp->cl_ra->ra_cb); 6655 } 6656 } 6657 6658 static void 6659 nfsd4_state_shrinker_worker(struct work_struct *work) 6660 { 6661 struct nfsd_net *nn = container_of(work, struct nfsd_net, 6662 nfsd_shrinker_work); 6663 6664 courtesy_client_reaper(nn); 6665 deleg_reaper(nn); 6666 } 6667 6668 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 6669 { 6670 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 6671 return nfserr_bad_stateid; 6672 return nfs_ok; 6673 } 6674 6675 static 6676 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 6677 { 6678 __be32 status = nfserr_openmode; 6679 6680 /* For lock stateid's, we test the parent open, not the lock: */ 6681 if (stp->st_openstp) 6682 stp = stp->st_openstp; 6683 if ((flags & WR_STATE) && !access_permit_write(stp)) 6684 goto out; 6685 if ((flags & RD_STATE) && !access_permit_read(stp)) 6686 goto out; 6687 status = nfs_ok; 6688 out: 6689 return status; 6690 } 6691 6692 static inline __be32 6693 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 6694 { 6695 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 6696 return nfs_ok; 6697 else if (opens_in_grace(net)) { 6698 /* Answer in remaining cases depends on existence of 6699 * conflicting state; so we must wait out the grace period. */ 6700 return nfserr_grace; 6701 } else if (flags & WR_STATE) 6702 return nfs4_share_conflict(current_fh, 6703 NFS4_SHARE_DENY_WRITE); 6704 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 6705 return nfs4_share_conflict(current_fh, 6706 NFS4_SHARE_DENY_READ); 6707 } 6708 6709 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 6710 { 6711 /* 6712 * When sessions are used the stateid generation number is ignored 6713 * when it is zero. 6714 */ 6715 if (has_session && in->si_generation == 0) 6716 return nfs_ok; 6717 6718 if (in->si_generation == ref->si_generation) 6719 return nfs_ok; 6720 6721 /* If the client sends us a stateid from the future, it's buggy: */ 6722 if (nfsd4_stateid_generation_after(in, ref)) 6723 return nfserr_bad_stateid; 6724 /* 6725 * However, we could see a stateid from the past, even from a 6726 * non-buggy client. For example, if the client sends a lock 6727 * while some IO is outstanding, the lock may bump si_generation 6728 * while the IO is still in flight. The client could avoid that 6729 * situation by waiting for responses on all the IO requests, 6730 * but better performance may result in retrying IO that 6731 * receives an old_stateid error if requests are rarely 6732 * reordered in flight: 6733 */ 6734 return nfserr_old_stateid; 6735 } 6736 6737 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 6738 { 6739 __be32 ret; 6740 6741 spin_lock(&s->sc_lock); 6742 ret = nfsd4_verify_open_stid(s); 6743 if (ret == nfs_ok) 6744 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 6745 spin_unlock(&s->sc_lock); 6746 if (ret == nfserr_admin_revoked) 6747 nfsd40_drop_revoked_stid(s->sc_client, 6748 &s->sc_stateid); 6749 return ret; 6750 } 6751 6752 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 6753 { 6754 if (ols->st_stateowner->so_is_open_owner && 6755 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 6756 return nfserr_bad_stateid; 6757 return nfs_ok; 6758 } 6759 6760 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 6761 { 6762 struct nfs4_stid *s; 6763 __be32 status = nfserr_bad_stateid; 6764 6765 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 6766 CLOSE_STATEID(stateid)) 6767 return status; 6768 spin_lock(&cl->cl_lock); 6769 s = find_stateid_locked(cl, stateid); 6770 if (!s) 6771 goto out_unlock; 6772 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 6773 if (status) 6774 goto out_unlock; 6775 status = nfsd4_verify_open_stid(s); 6776 if (status) 6777 goto out_unlock; 6778 6779 switch (s->sc_type) { 6780 case SC_TYPE_DELEG: 6781 status = nfs_ok; 6782 break; 6783 case SC_TYPE_OPEN: 6784 case SC_TYPE_LOCK: 6785 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 6786 break; 6787 default: 6788 printk("unknown stateid type %x\n", s->sc_type); 6789 status = nfserr_bad_stateid; 6790 } 6791 out_unlock: 6792 spin_unlock(&cl->cl_lock); 6793 if (status == nfserr_admin_revoked) 6794 nfsd40_drop_revoked_stid(cl, stateid); 6795 return status; 6796 } 6797 6798 __be32 6799 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 6800 stateid_t *stateid, 6801 unsigned short typemask, unsigned short statusmask, 6802 struct nfs4_stid **s, struct nfsd_net *nn) 6803 { 6804 __be32 status; 6805 struct nfs4_stid *stid; 6806 bool return_revoked = false; 6807 6808 /* 6809 * only return revoked delegations if explicitly asked. 6810 * otherwise we report revoked or bad_stateid status. 6811 */ 6812 if (statusmask & SC_STATUS_REVOKED) 6813 return_revoked = true; 6814 if (typemask & SC_TYPE_DELEG) 6815 /* Always allow REVOKED for DELEG so we can 6816 * retturn the appropriate error. 6817 */ 6818 statusmask |= SC_STATUS_REVOKED; 6819 6820 statusmask |= SC_STATUS_ADMIN_REVOKED; 6821 6822 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 6823 CLOSE_STATEID(stateid)) 6824 return nfserr_bad_stateid; 6825 status = set_client(&stateid->si_opaque.so_clid, cstate, nn); 6826 if (status == nfserr_stale_clientid) { 6827 if (cstate->session) 6828 return nfserr_bad_stateid; 6829 return nfserr_stale_stateid; 6830 } 6831 if (status) 6832 return status; 6833 stid = find_stateid_by_type(cstate->clp, stateid, typemask, statusmask); 6834 if (!stid) 6835 return nfserr_bad_stateid; 6836 if ((stid->sc_status & SC_STATUS_REVOKED) && !return_revoked) { 6837 nfs4_put_stid(stid); 6838 return nfserr_deleg_revoked; 6839 } 6840 if (stid->sc_status & SC_STATUS_ADMIN_REVOKED) { 6841 nfsd40_drop_revoked_stid(cstate->clp, stateid); 6842 nfs4_put_stid(stid); 6843 return nfserr_admin_revoked; 6844 } 6845 *s = stid; 6846 return nfs_ok; 6847 } 6848 6849 static struct nfsd_file * 6850 nfs4_find_file(struct nfs4_stid *s, int flags) 6851 { 6852 struct nfsd_file *ret = NULL; 6853 6854 if (!s || s->sc_status) 6855 return NULL; 6856 6857 switch (s->sc_type) { 6858 case SC_TYPE_DELEG: 6859 spin_lock(&s->sc_file->fi_lock); 6860 ret = nfsd_file_get(s->sc_file->fi_deleg_file); 6861 spin_unlock(&s->sc_file->fi_lock); 6862 break; 6863 case SC_TYPE_OPEN: 6864 case SC_TYPE_LOCK: 6865 if (flags & RD_STATE) 6866 ret = find_readable_file(s->sc_file); 6867 else 6868 ret = find_writeable_file(s->sc_file); 6869 } 6870 6871 return ret; 6872 } 6873 6874 static __be32 6875 nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags) 6876 { 6877 __be32 status; 6878 6879 status = nfsd4_check_openowner_confirmed(ols); 6880 if (status) 6881 return status; 6882 return nfs4_check_openmode(ols, flags); 6883 } 6884 6885 static __be32 6886 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 6887 struct nfsd_file **nfp, int flags) 6888 { 6889 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 6890 struct nfsd_file *nf; 6891 __be32 status; 6892 6893 nf = nfs4_find_file(s, flags); 6894 if (nf) { 6895 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 6896 acc | NFSD_MAY_OWNER_OVERRIDE); 6897 if (status) { 6898 nfsd_file_put(nf); 6899 goto out; 6900 } 6901 } else { 6902 status = nfsd_file_acquire(rqstp, fhp, acc, &nf); 6903 if (status) 6904 return status; 6905 } 6906 *nfp = nf; 6907 out: 6908 return status; 6909 } 6910 static void 6911 _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 6912 { 6913 WARN_ON_ONCE(cps->cp_stateid.cs_type != NFS4_COPYNOTIFY_STID); 6914 if (!refcount_dec_and_test(&cps->cp_stateid.cs_count)) 6915 return; 6916 list_del(&cps->cp_list); 6917 idr_remove(&nn->s2s_cp_stateids, 6918 cps->cp_stateid.cs_stid.si_opaque.so_id); 6919 kfree(cps); 6920 } 6921 /* 6922 * A READ from an inter server to server COPY will have a 6923 * copy stateid. Look up the copy notify stateid from the 6924 * idr structure and take a reference on it. 6925 */ 6926 __be32 manage_cpntf_state(struct nfsd_net *nn, stateid_t *st, 6927 struct nfs4_client *clp, 6928 struct nfs4_cpntf_state **cps) 6929 { 6930 copy_stateid_t *cps_t; 6931 struct nfs4_cpntf_state *state = NULL; 6932 6933 if (st->si_opaque.so_clid.cl_id != nn->s2s_cp_cl_id) 6934 return nfserr_bad_stateid; 6935 spin_lock(&nn->s2s_cp_lock); 6936 cps_t = idr_find(&nn->s2s_cp_stateids, st->si_opaque.so_id); 6937 if (cps_t) { 6938 state = container_of(cps_t, struct nfs4_cpntf_state, 6939 cp_stateid); 6940 if (state->cp_stateid.cs_type != NFS4_COPYNOTIFY_STID) { 6941 state = NULL; 6942 goto unlock; 6943 } 6944 if (!clp) 6945 refcount_inc(&state->cp_stateid.cs_count); 6946 else 6947 _free_cpntf_state_locked(nn, state); 6948 } 6949 unlock: 6950 spin_unlock(&nn->s2s_cp_lock); 6951 if (!state) 6952 return nfserr_bad_stateid; 6953 if (!clp) 6954 *cps = state; 6955 return 0; 6956 } 6957 6958 static __be32 find_cpntf_state(struct nfsd_net *nn, stateid_t *st, 6959 struct nfs4_stid **stid) 6960 { 6961 __be32 status; 6962 struct nfs4_cpntf_state *cps = NULL; 6963 struct nfs4_client *found; 6964 6965 status = manage_cpntf_state(nn, st, NULL, &cps); 6966 if (status) 6967 return status; 6968 6969 cps->cpntf_time = ktime_get_boottime_seconds(); 6970 6971 status = nfserr_expired; 6972 found = lookup_clientid(&cps->cp_p_clid, true, nn); 6973 if (!found) 6974 goto out; 6975 6976 *stid = find_stateid_by_type(found, &cps->cp_p_stateid, 6977 SC_TYPE_DELEG|SC_TYPE_OPEN|SC_TYPE_LOCK, 6978 0); 6979 if (*stid) 6980 status = nfs_ok; 6981 else 6982 status = nfserr_bad_stateid; 6983 6984 put_client_renew(found); 6985 out: 6986 nfs4_put_cpntf_state(nn, cps); 6987 return status; 6988 } 6989 6990 void nfs4_put_cpntf_state(struct nfsd_net *nn, struct nfs4_cpntf_state *cps) 6991 { 6992 spin_lock(&nn->s2s_cp_lock); 6993 _free_cpntf_state_locked(nn, cps); 6994 spin_unlock(&nn->s2s_cp_lock); 6995 } 6996 6997 /** 6998 * nfs4_preprocess_stateid_op - find and prep stateid for an operation 6999 * @rqstp: incoming request from client 7000 * @cstate: current compound state 7001 * @fhp: filehandle associated with requested stateid 7002 * @stateid: stateid (provided by client) 7003 * @flags: flags describing type of operation to be done 7004 * @nfp: optional nfsd_file return pointer (may be NULL) 7005 * @cstid: optional returned nfs4_stid pointer (may be NULL) 7006 * 7007 * Given info from the client, look up a nfs4_stid for the operation. On 7008 * success, it returns a reference to the nfs4_stid and/or the nfsd_file 7009 * associated with it. 7010 */ 7011 __be32 7012 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 7013 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 7014 stateid_t *stateid, int flags, struct nfsd_file **nfp, 7015 struct nfs4_stid **cstid) 7016 { 7017 struct net *net = SVC_NET(rqstp); 7018 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7019 struct nfs4_stid *s = NULL; 7020 __be32 status; 7021 7022 if (nfp) 7023 *nfp = NULL; 7024 7025 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 7026 if (cstid) 7027 status = nfserr_bad_stateid; 7028 else 7029 status = check_special_stateids(net, fhp, stateid, 7030 flags); 7031 goto done; 7032 } 7033 7034 status = nfsd4_lookup_stateid(cstate, stateid, 7035 SC_TYPE_DELEG|SC_TYPE_OPEN|SC_TYPE_LOCK, 7036 0, &s, nn); 7037 if (status == nfserr_bad_stateid) 7038 status = find_cpntf_state(nn, stateid, &s); 7039 if (status) 7040 return status; 7041 status = nfsd4_stid_check_stateid_generation(stateid, s, 7042 nfsd4_has_session(cstate)); 7043 if (status) 7044 goto out; 7045 7046 switch (s->sc_type) { 7047 case SC_TYPE_DELEG: 7048 status = nfs4_check_delegmode(delegstateid(s), flags); 7049 break; 7050 case SC_TYPE_OPEN: 7051 case SC_TYPE_LOCK: 7052 status = nfs4_check_olstateid(openlockstateid(s), flags); 7053 break; 7054 } 7055 if (status) 7056 goto out; 7057 status = nfs4_check_fh(fhp, s); 7058 7059 done: 7060 if (status == nfs_ok && nfp) 7061 status = nfs4_check_file(rqstp, fhp, s, nfp, flags); 7062 out: 7063 if (s) { 7064 if (!status && cstid) 7065 *cstid = s; 7066 else 7067 nfs4_put_stid(s); 7068 } 7069 return status; 7070 } 7071 7072 /* 7073 * Test if the stateid is valid 7074 */ 7075 __be32 7076 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7077 union nfsd4_op_u *u) 7078 { 7079 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 7080 struct nfsd4_test_stateid_id *stateid; 7081 struct nfs4_client *cl = cstate->clp; 7082 7083 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 7084 stateid->ts_id_status = 7085 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 7086 7087 return nfs_ok; 7088 } 7089 7090 static __be32 7091 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 7092 { 7093 struct nfs4_ol_stateid *stp = openlockstateid(s); 7094 __be32 ret; 7095 7096 ret = nfsd4_lock_ol_stateid(stp); 7097 if (ret) 7098 goto out_put_stid; 7099 7100 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 7101 if (ret) 7102 goto out; 7103 7104 ret = nfserr_locks_held; 7105 if (check_for_locks(stp->st_stid.sc_file, 7106 lockowner(stp->st_stateowner))) 7107 goto out; 7108 7109 release_lock_stateid(stp); 7110 ret = nfs_ok; 7111 7112 out: 7113 mutex_unlock(&stp->st_mutex); 7114 out_put_stid: 7115 nfs4_put_stid(s); 7116 return ret; 7117 } 7118 7119 __be32 7120 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7121 union nfsd4_op_u *u) 7122 { 7123 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 7124 stateid_t *stateid = &free_stateid->fr_stateid; 7125 struct nfs4_stid *s; 7126 struct nfs4_delegation *dp; 7127 struct nfs4_client *cl = cstate->clp; 7128 __be32 ret = nfserr_bad_stateid; 7129 7130 spin_lock(&cl->cl_lock); 7131 s = find_stateid_locked(cl, stateid); 7132 if (!s || s->sc_status & SC_STATUS_CLOSED) 7133 goto out_unlock; 7134 if (s->sc_status & SC_STATUS_ADMIN_REVOKED) { 7135 nfsd4_drop_revoked_stid(s); 7136 ret = nfs_ok; 7137 goto out; 7138 } 7139 spin_lock(&s->sc_lock); 7140 switch (s->sc_type) { 7141 case SC_TYPE_DELEG: 7142 if (s->sc_status & SC_STATUS_REVOKED) { 7143 spin_unlock(&s->sc_lock); 7144 dp = delegstateid(s); 7145 list_del_init(&dp->dl_recall_lru); 7146 spin_unlock(&cl->cl_lock); 7147 nfs4_put_stid(s); 7148 ret = nfs_ok; 7149 goto out; 7150 } 7151 ret = nfserr_locks_held; 7152 break; 7153 case SC_TYPE_OPEN: 7154 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 7155 if (ret) 7156 break; 7157 ret = nfserr_locks_held; 7158 break; 7159 case SC_TYPE_LOCK: 7160 spin_unlock(&s->sc_lock); 7161 refcount_inc(&s->sc_count); 7162 spin_unlock(&cl->cl_lock); 7163 ret = nfsd4_free_lock_stateid(stateid, s); 7164 goto out; 7165 } 7166 spin_unlock(&s->sc_lock); 7167 out_unlock: 7168 spin_unlock(&cl->cl_lock); 7169 out: 7170 return ret; 7171 } 7172 7173 static inline int 7174 setlkflg (int type) 7175 { 7176 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 7177 RD_STATE : WR_STATE; 7178 } 7179 7180 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 7181 { 7182 struct svc_fh *current_fh = &cstate->current_fh; 7183 struct nfs4_stateowner *sop = stp->st_stateowner; 7184 __be32 status; 7185 7186 status = nfsd4_check_seqid(cstate, sop, seqid); 7187 if (status) 7188 return status; 7189 status = nfsd4_lock_ol_stateid(stp); 7190 if (status != nfs_ok) 7191 return status; 7192 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 7193 if (status == nfs_ok) 7194 status = nfs4_check_fh(current_fh, &stp->st_stid); 7195 if (status != nfs_ok) 7196 mutex_unlock(&stp->st_mutex); 7197 return status; 7198 } 7199 7200 /** 7201 * nfs4_preprocess_seqid_op - find and prep an ol_stateid for a seqid-morphing op 7202 * @cstate: compund state 7203 * @seqid: seqid (provided by client) 7204 * @stateid: stateid (provided by client) 7205 * @typemask: mask of allowable types for this operation 7206 * @statusmask: mask of allowed states: 0 or STID_CLOSED 7207 * @stpp: return pointer for the stateid found 7208 * @nn: net namespace for request 7209 * 7210 * Given a stateid+seqid from a client, look up an nfs4_ol_stateid and 7211 * return it in @stpp. On a nfs_ok return, the returned stateid will 7212 * have its st_mutex locked. 7213 */ 7214 static __be32 7215 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 7216 stateid_t *stateid, 7217 unsigned short typemask, unsigned short statusmask, 7218 struct nfs4_ol_stateid **stpp, 7219 struct nfsd_net *nn) 7220 { 7221 __be32 status; 7222 struct nfs4_stid *s; 7223 struct nfs4_ol_stateid *stp = NULL; 7224 7225 trace_nfsd_preprocess(seqid, stateid); 7226 7227 *stpp = NULL; 7228 retry: 7229 status = nfsd4_lookup_stateid(cstate, stateid, 7230 typemask, statusmask, &s, nn); 7231 if (status) 7232 return status; 7233 stp = openlockstateid(s); 7234 if (nfsd4_cstate_assign_replay(cstate, stp->st_stateowner) == -EAGAIN) { 7235 nfs4_put_stateowner(stp->st_stateowner); 7236 goto retry; 7237 } 7238 7239 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 7240 if (!status) 7241 *stpp = stp; 7242 else 7243 nfs4_put_stid(&stp->st_stid); 7244 return status; 7245 } 7246 7247 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 7248 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 7249 { 7250 __be32 status; 7251 struct nfs4_openowner *oo; 7252 struct nfs4_ol_stateid *stp; 7253 7254 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 7255 SC_TYPE_OPEN, 0, &stp, nn); 7256 if (status) 7257 return status; 7258 oo = openowner(stp->st_stateowner); 7259 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 7260 mutex_unlock(&stp->st_mutex); 7261 nfs4_put_stid(&stp->st_stid); 7262 return nfserr_bad_stateid; 7263 } 7264 *stpp = stp; 7265 return nfs_ok; 7266 } 7267 7268 __be32 7269 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7270 union nfsd4_op_u *u) 7271 { 7272 struct nfsd4_open_confirm *oc = &u->open_confirm; 7273 __be32 status; 7274 struct nfs4_openowner *oo; 7275 struct nfs4_ol_stateid *stp; 7276 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7277 7278 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 7279 cstate->current_fh.fh_dentry); 7280 7281 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 7282 if (status) 7283 return status; 7284 7285 status = nfs4_preprocess_seqid_op(cstate, 7286 oc->oc_seqid, &oc->oc_req_stateid, 7287 SC_TYPE_OPEN, 0, &stp, nn); 7288 if (status) 7289 goto out; 7290 oo = openowner(stp->st_stateowner); 7291 status = nfserr_bad_stateid; 7292 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 7293 mutex_unlock(&stp->st_mutex); 7294 goto put_stateid; 7295 } 7296 oo->oo_flags |= NFS4_OO_CONFIRMED; 7297 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 7298 mutex_unlock(&stp->st_mutex); 7299 trace_nfsd_open_confirm(oc->oc_seqid, &stp->st_stid.sc_stateid); 7300 nfsd4_client_record_create(oo->oo_owner.so_client); 7301 status = nfs_ok; 7302 put_stateid: 7303 nfs4_put_stid(&stp->st_stid); 7304 out: 7305 nfsd4_bump_seqid(cstate, status); 7306 return status; 7307 } 7308 7309 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 7310 { 7311 if (!test_access(access, stp)) 7312 return; 7313 nfs4_file_put_access(stp->st_stid.sc_file, access); 7314 clear_access(access, stp); 7315 } 7316 7317 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 7318 { 7319 switch (to_access) { 7320 case NFS4_SHARE_ACCESS_READ: 7321 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 7322 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 7323 break; 7324 case NFS4_SHARE_ACCESS_WRITE: 7325 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 7326 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 7327 break; 7328 case NFS4_SHARE_ACCESS_BOTH: 7329 break; 7330 default: 7331 WARN_ON_ONCE(1); 7332 } 7333 } 7334 7335 __be32 7336 nfsd4_open_downgrade(struct svc_rqst *rqstp, 7337 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 7338 { 7339 struct nfsd4_open_downgrade *od = &u->open_downgrade; 7340 __be32 status; 7341 struct nfs4_ol_stateid *stp; 7342 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7343 7344 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 7345 cstate->current_fh.fh_dentry); 7346 7347 /* We don't yet support WANT bits: */ 7348 if (od->od_deleg_want) 7349 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 7350 od->od_deleg_want); 7351 7352 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 7353 &od->od_stateid, &stp, nn); 7354 if (status) 7355 goto out; 7356 status = nfserr_inval; 7357 if (!test_access(od->od_share_access, stp)) { 7358 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 7359 stp->st_access_bmap, od->od_share_access); 7360 goto put_stateid; 7361 } 7362 if (!test_deny(od->od_share_deny, stp)) { 7363 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 7364 stp->st_deny_bmap, od->od_share_deny); 7365 goto put_stateid; 7366 } 7367 nfs4_stateid_downgrade(stp, od->od_share_access); 7368 reset_union_bmap_deny(od->od_share_deny, stp); 7369 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 7370 status = nfs_ok; 7371 put_stateid: 7372 mutex_unlock(&stp->st_mutex); 7373 nfs4_put_stid(&stp->st_stid); 7374 out: 7375 nfsd4_bump_seqid(cstate, status); 7376 return status; 7377 } 7378 7379 static bool nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 7380 { 7381 struct nfs4_client *clp = s->st_stid.sc_client; 7382 bool unhashed; 7383 LIST_HEAD(reaplist); 7384 struct nfs4_ol_stateid *stp; 7385 7386 spin_lock(&clp->cl_lock); 7387 unhashed = unhash_open_stateid(s, &reaplist); 7388 7389 if (clp->cl_minorversion) { 7390 if (unhashed) 7391 put_ol_stateid_locked(s, &reaplist); 7392 spin_unlock(&clp->cl_lock); 7393 list_for_each_entry(stp, &reaplist, st_locks) 7394 nfs4_free_cpntf_statelist(clp->net, &stp->st_stid); 7395 free_ol_stateid_reaplist(&reaplist); 7396 return false; 7397 } else { 7398 spin_unlock(&clp->cl_lock); 7399 free_ol_stateid_reaplist(&reaplist); 7400 return unhashed; 7401 } 7402 } 7403 7404 /* 7405 * nfs4_unlock_state() called after encode 7406 */ 7407 __be32 7408 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7409 union nfsd4_op_u *u) 7410 { 7411 struct nfsd4_close *close = &u->close; 7412 __be32 status; 7413 struct nfs4_ol_stateid *stp; 7414 struct net *net = SVC_NET(rqstp); 7415 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7416 bool need_move_to_close_list; 7417 7418 dprintk("NFSD: nfsd4_close on file %pd\n", 7419 cstate->current_fh.fh_dentry); 7420 7421 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 7422 &close->cl_stateid, 7423 SC_TYPE_OPEN, SC_STATUS_CLOSED, 7424 &stp, nn); 7425 nfsd4_bump_seqid(cstate, status); 7426 if (status) 7427 goto out; 7428 7429 spin_lock(&stp->st_stid.sc_client->cl_lock); 7430 stp->st_stid.sc_status |= SC_STATUS_CLOSED; 7431 spin_unlock(&stp->st_stid.sc_client->cl_lock); 7432 7433 /* 7434 * Technically we don't _really_ have to increment or copy it, since 7435 * it should just be gone after this operation and we clobber the 7436 * copied value below, but we continue to do so here just to ensure 7437 * that racing ops see that there was a state change. 7438 */ 7439 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 7440 7441 need_move_to_close_list = nfsd4_close_open_stateid(stp); 7442 mutex_unlock(&stp->st_mutex); 7443 if (need_move_to_close_list) 7444 move_to_close_lru(stp, net); 7445 7446 /* v4.1+ suggests that we send a special stateid in here, since the 7447 * clients should just ignore this anyway. Since this is not useful 7448 * for v4.0 clients either, we set it to the special close_stateid 7449 * universally. 7450 * 7451 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 7452 */ 7453 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 7454 7455 /* put reference from nfs4_preprocess_seqid_op */ 7456 nfs4_put_stid(&stp->st_stid); 7457 out: 7458 return status; 7459 } 7460 7461 __be32 7462 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7463 union nfsd4_op_u *u) 7464 { 7465 struct nfsd4_delegreturn *dr = &u->delegreturn; 7466 struct nfs4_delegation *dp; 7467 stateid_t *stateid = &dr->dr_stateid; 7468 struct nfs4_stid *s; 7469 __be32 status; 7470 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 7471 7472 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 7473 return status; 7474 7475 status = nfsd4_lookup_stateid(cstate, stateid, SC_TYPE_DELEG, 0, &s, nn); 7476 if (status) 7477 goto out; 7478 dp = delegstateid(s); 7479 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 7480 if (status) 7481 goto put_stateid; 7482 7483 trace_nfsd_deleg_return(stateid); 7484 wake_up_var(d_inode(cstate->current_fh.fh_dentry)); 7485 destroy_delegation(dp); 7486 put_stateid: 7487 nfs4_put_stid(&dp->dl_stid); 7488 out: 7489 return status; 7490 } 7491 7492 /* last octet in a range */ 7493 static inline u64 7494 last_byte_offset(u64 start, u64 len) 7495 { 7496 u64 end; 7497 7498 WARN_ON_ONCE(!len); 7499 end = start + len; 7500 return end > start ? end - 1: NFS4_MAX_UINT64; 7501 } 7502 7503 /* 7504 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 7505 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 7506 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 7507 * locking, this prevents us from being completely protocol-compliant. The 7508 * real solution to this problem is to start using unsigned file offsets in 7509 * the VFS, but this is a very deep change! 7510 */ 7511 static inline void 7512 nfs4_transform_lock_offset(struct file_lock *lock) 7513 { 7514 if (lock->fl_start < 0) 7515 lock->fl_start = OFFSET_MAX; 7516 if (lock->fl_end < 0) 7517 lock->fl_end = OFFSET_MAX; 7518 } 7519 7520 static fl_owner_t 7521 nfsd4_lm_get_owner(fl_owner_t owner) 7522 { 7523 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 7524 7525 nfs4_get_stateowner(&lo->lo_owner); 7526 return owner; 7527 } 7528 7529 static void 7530 nfsd4_lm_put_owner(fl_owner_t owner) 7531 { 7532 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 7533 7534 if (lo) 7535 nfs4_put_stateowner(&lo->lo_owner); 7536 } 7537 7538 /* return pointer to struct nfs4_client if client is expirable */ 7539 static bool 7540 nfsd4_lm_lock_expirable(struct file_lock *cfl) 7541 { 7542 struct nfs4_lockowner *lo = (struct nfs4_lockowner *) cfl->c.flc_owner; 7543 struct nfs4_client *clp = lo->lo_owner.so_client; 7544 struct nfsd_net *nn; 7545 7546 if (try_to_expire_client(clp)) { 7547 nn = net_generic(clp->net, nfsd_net_id); 7548 mod_delayed_work(laundry_wq, &nn->laundromat_work, 0); 7549 return true; 7550 } 7551 return false; 7552 } 7553 7554 /* schedule laundromat to run immediately and wait for it to complete */ 7555 static void 7556 nfsd4_lm_expire_lock(void) 7557 { 7558 flush_workqueue(laundry_wq); 7559 } 7560 7561 static void 7562 nfsd4_lm_notify(struct file_lock *fl) 7563 { 7564 struct nfs4_lockowner *lo = (struct nfs4_lockowner *) fl->c.flc_owner; 7565 struct net *net = lo->lo_owner.so_client->net; 7566 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7567 struct nfsd4_blocked_lock *nbl = container_of(fl, 7568 struct nfsd4_blocked_lock, nbl_lock); 7569 bool queue = false; 7570 7571 /* An empty list means that something else is going to be using it */ 7572 spin_lock(&nn->blocked_locks_lock); 7573 if (!list_empty(&nbl->nbl_list)) { 7574 list_del_init(&nbl->nbl_list); 7575 list_del_init(&nbl->nbl_lru); 7576 queue = true; 7577 } 7578 spin_unlock(&nn->blocked_locks_lock); 7579 7580 if (queue) { 7581 trace_nfsd_cb_notify_lock(lo, nbl); 7582 nfsd4_run_cb(&nbl->nbl_cb); 7583 } 7584 } 7585 7586 static const struct lock_manager_operations nfsd_posix_mng_ops = { 7587 .lm_mod_owner = THIS_MODULE, 7588 .lm_notify = nfsd4_lm_notify, 7589 .lm_get_owner = nfsd4_lm_get_owner, 7590 .lm_put_owner = nfsd4_lm_put_owner, 7591 .lm_lock_expirable = nfsd4_lm_lock_expirable, 7592 .lm_expire_lock = nfsd4_lm_expire_lock, 7593 }; 7594 7595 static inline void 7596 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 7597 { 7598 struct nfs4_lockowner *lo; 7599 7600 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 7601 lo = (struct nfs4_lockowner *) fl->c.flc_owner; 7602 xdr_netobj_dup(&deny->ld_owner, &lo->lo_owner.so_owner, 7603 GFP_KERNEL); 7604 if (!deny->ld_owner.data) 7605 /* We just don't care that much */ 7606 goto nevermind; 7607 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 7608 } else { 7609 nevermind: 7610 deny->ld_owner.len = 0; 7611 deny->ld_owner.data = NULL; 7612 deny->ld_clientid.cl_boot = 0; 7613 deny->ld_clientid.cl_id = 0; 7614 } 7615 deny->ld_start = fl->fl_start; 7616 deny->ld_length = NFS4_MAX_UINT64; 7617 if (fl->fl_end != NFS4_MAX_UINT64) 7618 deny->ld_length = fl->fl_end - fl->fl_start + 1; 7619 deny->ld_type = NFS4_READ_LT; 7620 if (fl->c.flc_type != F_RDLCK) 7621 deny->ld_type = NFS4_WRITE_LT; 7622 } 7623 7624 static struct nfs4_lockowner * 7625 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 7626 { 7627 unsigned int strhashval = ownerstr_hashval(owner); 7628 struct nfs4_stateowner *so; 7629 7630 lockdep_assert_held(&clp->cl_lock); 7631 7632 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 7633 so_strhash) { 7634 if (so->so_is_open_owner) 7635 continue; 7636 if (same_owner_str(so, owner)) 7637 return lockowner(nfs4_get_stateowner(so)); 7638 } 7639 return NULL; 7640 } 7641 7642 static struct nfs4_lockowner * 7643 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 7644 { 7645 struct nfs4_lockowner *lo; 7646 7647 spin_lock(&clp->cl_lock); 7648 lo = find_lockowner_str_locked(clp, owner); 7649 spin_unlock(&clp->cl_lock); 7650 return lo; 7651 } 7652 7653 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 7654 { 7655 unhash_lockowner_locked(lockowner(sop)); 7656 } 7657 7658 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 7659 { 7660 struct nfs4_lockowner *lo = lockowner(sop); 7661 7662 kmem_cache_free(lockowner_slab, lo); 7663 } 7664 7665 static const struct nfs4_stateowner_operations lockowner_ops = { 7666 .so_unhash = nfs4_unhash_lockowner, 7667 .so_free = nfs4_free_lockowner, 7668 }; 7669 7670 /* 7671 * Alloc a lock owner structure. 7672 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 7673 * occurred. 7674 * 7675 * strhashval = ownerstr_hashval 7676 */ 7677 static struct nfs4_lockowner * 7678 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 7679 struct nfs4_ol_stateid *open_stp, 7680 struct nfsd4_lock *lock) 7681 { 7682 struct nfs4_lockowner *lo, *ret; 7683 7684 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 7685 if (!lo) 7686 return NULL; 7687 INIT_LIST_HEAD(&lo->lo_blocked); 7688 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 7689 lo->lo_owner.so_is_open_owner = 0; 7690 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 7691 lo->lo_owner.so_ops = &lockowner_ops; 7692 spin_lock(&clp->cl_lock); 7693 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 7694 if (ret == NULL) { 7695 list_add(&lo->lo_owner.so_strhash, 7696 &clp->cl_ownerstr_hashtbl[strhashval]); 7697 ret = lo; 7698 } else 7699 nfs4_free_stateowner(&lo->lo_owner); 7700 7701 spin_unlock(&clp->cl_lock); 7702 return ret; 7703 } 7704 7705 static struct nfs4_ol_stateid * 7706 find_lock_stateid(const struct nfs4_lockowner *lo, 7707 const struct nfs4_ol_stateid *ost) 7708 { 7709 struct nfs4_ol_stateid *lst; 7710 7711 lockdep_assert_held(&ost->st_stid.sc_client->cl_lock); 7712 7713 /* If ost is not hashed, ost->st_locks will not be valid */ 7714 if (!nfs4_ol_stateid_unhashed(ost)) 7715 list_for_each_entry(lst, &ost->st_locks, st_locks) { 7716 if (lst->st_stateowner == &lo->lo_owner) { 7717 refcount_inc(&lst->st_stid.sc_count); 7718 return lst; 7719 } 7720 } 7721 return NULL; 7722 } 7723 7724 static struct nfs4_ol_stateid * 7725 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 7726 struct nfs4_file *fp, struct inode *inode, 7727 struct nfs4_ol_stateid *open_stp) 7728 { 7729 struct nfs4_client *clp = lo->lo_owner.so_client; 7730 struct nfs4_ol_stateid *retstp; 7731 7732 mutex_init(&stp->st_mutex); 7733 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 7734 retry: 7735 spin_lock(&clp->cl_lock); 7736 if (nfs4_ol_stateid_unhashed(open_stp)) 7737 goto out_close; 7738 retstp = find_lock_stateid(lo, open_stp); 7739 if (retstp) 7740 goto out_found; 7741 refcount_inc(&stp->st_stid.sc_count); 7742 stp->st_stid.sc_type = SC_TYPE_LOCK; 7743 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 7744 get_nfs4_file(fp); 7745 stp->st_stid.sc_file = fp; 7746 stp->st_access_bmap = 0; 7747 stp->st_deny_bmap = open_stp->st_deny_bmap; 7748 stp->st_openstp = open_stp; 7749 spin_lock(&fp->fi_lock); 7750 list_add(&stp->st_locks, &open_stp->st_locks); 7751 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 7752 list_add(&stp->st_perfile, &fp->fi_stateids); 7753 spin_unlock(&fp->fi_lock); 7754 spin_unlock(&clp->cl_lock); 7755 return stp; 7756 out_found: 7757 spin_unlock(&clp->cl_lock); 7758 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 7759 nfs4_put_stid(&retstp->st_stid); 7760 goto retry; 7761 } 7762 /* To keep mutex tracking happy */ 7763 mutex_unlock(&stp->st_mutex); 7764 return retstp; 7765 out_close: 7766 spin_unlock(&clp->cl_lock); 7767 mutex_unlock(&stp->st_mutex); 7768 return NULL; 7769 } 7770 7771 static struct nfs4_ol_stateid * 7772 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 7773 struct inode *inode, struct nfs4_ol_stateid *ost, 7774 bool *new) 7775 { 7776 struct nfs4_stid *ns = NULL; 7777 struct nfs4_ol_stateid *lst; 7778 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 7779 struct nfs4_client *clp = oo->oo_owner.so_client; 7780 7781 *new = false; 7782 spin_lock(&clp->cl_lock); 7783 lst = find_lock_stateid(lo, ost); 7784 spin_unlock(&clp->cl_lock); 7785 if (lst != NULL) { 7786 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 7787 goto out; 7788 nfs4_put_stid(&lst->st_stid); 7789 } 7790 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 7791 if (ns == NULL) 7792 return NULL; 7793 7794 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 7795 if (lst == openlockstateid(ns)) 7796 *new = true; 7797 else 7798 nfs4_put_stid(ns); 7799 out: 7800 return lst; 7801 } 7802 7803 static int 7804 check_lock_length(u64 offset, u64 length) 7805 { 7806 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 7807 (length > ~offset))); 7808 } 7809 7810 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 7811 { 7812 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 7813 7814 lockdep_assert_held(&fp->fi_lock); 7815 7816 if (test_access(access, lock_stp)) 7817 return; 7818 __nfs4_file_get_access(fp, access); 7819 set_access(access, lock_stp); 7820 } 7821 7822 static __be32 7823 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 7824 struct nfs4_ol_stateid *ost, 7825 struct nfsd4_lock *lock, 7826 struct nfs4_ol_stateid **plst, bool *new) 7827 { 7828 __be32 status; 7829 struct nfs4_file *fi = ost->st_stid.sc_file; 7830 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 7831 struct nfs4_client *cl = oo->oo_owner.so_client; 7832 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 7833 struct nfs4_lockowner *lo; 7834 struct nfs4_ol_stateid *lst; 7835 unsigned int strhashval; 7836 7837 lo = find_lockowner_str(cl, &lock->lk_new_owner); 7838 if (!lo) { 7839 strhashval = ownerstr_hashval(&lock->lk_new_owner); 7840 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 7841 if (lo == NULL) 7842 return nfserr_jukebox; 7843 } else { 7844 /* with an existing lockowner, seqids must be the same */ 7845 status = nfserr_bad_seqid; 7846 if (!cstate->minorversion && 7847 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 7848 goto out; 7849 } 7850 7851 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 7852 if (lst == NULL) { 7853 status = nfserr_jukebox; 7854 goto out; 7855 } 7856 7857 status = nfs_ok; 7858 *plst = lst; 7859 out: 7860 nfs4_put_stateowner(&lo->lo_owner); 7861 return status; 7862 } 7863 7864 /* 7865 * LOCK operation 7866 */ 7867 __be32 7868 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 7869 union nfsd4_op_u *u) 7870 { 7871 struct nfsd4_lock *lock = &u->lock; 7872 struct nfs4_openowner *open_sop = NULL; 7873 struct nfs4_lockowner *lock_sop = NULL; 7874 struct nfs4_ol_stateid *lock_stp = NULL; 7875 struct nfs4_ol_stateid *open_stp = NULL; 7876 struct nfs4_file *fp; 7877 struct nfsd_file *nf = NULL; 7878 struct nfsd4_blocked_lock *nbl = NULL; 7879 struct file_lock *file_lock = NULL; 7880 struct file_lock *conflock = NULL; 7881 struct super_block *sb; 7882 __be32 status = 0; 7883 int lkflg; 7884 int err; 7885 bool new = false; 7886 unsigned char type; 7887 unsigned int flags = FL_POSIX; 7888 struct net *net = SVC_NET(rqstp); 7889 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7890 7891 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 7892 (long long) lock->lk_offset, 7893 (long long) lock->lk_length); 7894 7895 if (check_lock_length(lock->lk_offset, lock->lk_length)) 7896 return nfserr_inval; 7897 7898 if ((status = fh_verify(rqstp, &cstate->current_fh, 7899 S_IFREG, NFSD_MAY_LOCK))) { 7900 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 7901 return status; 7902 } 7903 sb = cstate->current_fh.fh_dentry->d_sb; 7904 7905 if (lock->lk_is_new) { 7906 if (nfsd4_has_session(cstate)) 7907 /* See rfc 5661 18.10.3: given clientid is ignored: */ 7908 memcpy(&lock->lk_new_clientid, 7909 &cstate->clp->cl_clientid, 7910 sizeof(clientid_t)); 7911 7912 /* validate and update open stateid and open seqid */ 7913 status = nfs4_preprocess_confirmed_seqid_op(cstate, 7914 lock->lk_new_open_seqid, 7915 &lock->lk_new_open_stateid, 7916 &open_stp, nn); 7917 if (status) 7918 goto out; 7919 mutex_unlock(&open_stp->st_mutex); 7920 open_sop = openowner(open_stp->st_stateowner); 7921 status = nfserr_bad_stateid; 7922 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 7923 &lock->lk_new_clientid)) 7924 goto out; 7925 status = lookup_or_create_lock_state(cstate, open_stp, lock, 7926 &lock_stp, &new); 7927 } else { 7928 status = nfs4_preprocess_seqid_op(cstate, 7929 lock->lk_old_lock_seqid, 7930 &lock->lk_old_lock_stateid, 7931 SC_TYPE_LOCK, 0, &lock_stp, 7932 nn); 7933 } 7934 if (status) 7935 goto out; 7936 lock_sop = lockowner(lock_stp->st_stateowner); 7937 7938 lkflg = setlkflg(lock->lk_type); 7939 status = nfs4_check_openmode(lock_stp, lkflg); 7940 if (status) 7941 goto out; 7942 7943 status = nfserr_grace; 7944 if (locks_in_grace(net) && !lock->lk_reclaim) 7945 goto out; 7946 status = nfserr_no_grace; 7947 if (!locks_in_grace(net) && lock->lk_reclaim) 7948 goto out; 7949 7950 if (lock->lk_reclaim) 7951 flags |= FL_RECLAIM; 7952 7953 fp = lock_stp->st_stid.sc_file; 7954 switch (lock->lk_type) { 7955 case NFS4_READW_LT: 7956 if (nfsd4_has_session(cstate) || 7957 exportfs_lock_op_is_async(sb->s_export_op)) 7958 flags |= FL_SLEEP; 7959 fallthrough; 7960 case NFS4_READ_LT: 7961 spin_lock(&fp->fi_lock); 7962 nf = find_readable_file_locked(fp); 7963 if (nf) 7964 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 7965 spin_unlock(&fp->fi_lock); 7966 type = F_RDLCK; 7967 break; 7968 case NFS4_WRITEW_LT: 7969 if (nfsd4_has_session(cstate) || 7970 exportfs_lock_op_is_async(sb->s_export_op)) 7971 flags |= FL_SLEEP; 7972 fallthrough; 7973 case NFS4_WRITE_LT: 7974 spin_lock(&fp->fi_lock); 7975 nf = find_writeable_file_locked(fp); 7976 if (nf) 7977 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 7978 spin_unlock(&fp->fi_lock); 7979 type = F_WRLCK; 7980 break; 7981 default: 7982 status = nfserr_inval; 7983 goto out; 7984 } 7985 7986 if (!nf) { 7987 status = nfserr_openmode; 7988 goto out; 7989 } 7990 7991 /* 7992 * Most filesystems with their own ->lock operations will block 7993 * the nfsd thread waiting to acquire the lock. That leads to 7994 * deadlocks (we don't want every nfsd thread tied up waiting 7995 * for file locks), so don't attempt blocking lock notifications 7996 * on those filesystems: 7997 */ 7998 if (!exportfs_lock_op_is_async(sb->s_export_op)) 7999 flags &= ~FL_SLEEP; 8000 8001 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 8002 if (!nbl) { 8003 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 8004 status = nfserr_jukebox; 8005 goto out; 8006 } 8007 8008 file_lock = &nbl->nbl_lock; 8009 file_lock->c.flc_type = type; 8010 file_lock->c.flc_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 8011 file_lock->c.flc_pid = current->tgid; 8012 file_lock->c.flc_file = nf->nf_file; 8013 file_lock->c.flc_flags = flags; 8014 file_lock->fl_lmops = &nfsd_posix_mng_ops; 8015 file_lock->fl_start = lock->lk_offset; 8016 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 8017 nfs4_transform_lock_offset(file_lock); 8018 8019 conflock = locks_alloc_lock(); 8020 if (!conflock) { 8021 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 8022 status = nfserr_jukebox; 8023 goto out; 8024 } 8025 8026 if (flags & FL_SLEEP) { 8027 nbl->nbl_time = ktime_get_boottime_seconds(); 8028 spin_lock(&nn->blocked_locks_lock); 8029 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 8030 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 8031 kref_get(&nbl->nbl_kref); 8032 spin_unlock(&nn->blocked_locks_lock); 8033 } 8034 8035 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, conflock); 8036 switch (err) { 8037 case 0: /* success! */ 8038 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 8039 status = 0; 8040 if (lock->lk_reclaim) 8041 nn->somebody_reclaimed = true; 8042 break; 8043 case FILE_LOCK_DEFERRED: 8044 kref_put(&nbl->nbl_kref, free_nbl); 8045 nbl = NULL; 8046 fallthrough; 8047 case -EAGAIN: /* conflock holds conflicting lock */ 8048 status = nfserr_denied; 8049 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 8050 nfs4_set_lock_denied(conflock, &lock->lk_denied); 8051 break; 8052 case -EDEADLK: 8053 status = nfserr_deadlock; 8054 break; 8055 default: 8056 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 8057 status = nfserrno(err); 8058 break; 8059 } 8060 out: 8061 if (nbl) { 8062 /* dequeue it if we queued it before */ 8063 if (flags & FL_SLEEP) { 8064 spin_lock(&nn->blocked_locks_lock); 8065 if (!list_empty(&nbl->nbl_list) && 8066 !list_empty(&nbl->nbl_lru)) { 8067 list_del_init(&nbl->nbl_list); 8068 list_del_init(&nbl->nbl_lru); 8069 kref_put(&nbl->nbl_kref, free_nbl); 8070 } 8071 /* nbl can use one of lists to be linked to reaplist */ 8072 spin_unlock(&nn->blocked_locks_lock); 8073 } 8074 free_blocked_lock(nbl); 8075 } 8076 if (nf) 8077 nfsd_file_put(nf); 8078 if (lock_stp) { 8079 /* Bump seqid manually if the 4.0 replay owner is openowner */ 8080 if (cstate->replay_owner && 8081 cstate->replay_owner != &lock_sop->lo_owner && 8082 seqid_mutating_err(ntohl(status))) 8083 lock_sop->lo_owner.so_seqid++; 8084 8085 /* 8086 * If this is a new, never-before-used stateid, and we are 8087 * returning an error, then just go ahead and release it. 8088 */ 8089 if (status && new) 8090 release_lock_stateid(lock_stp); 8091 8092 mutex_unlock(&lock_stp->st_mutex); 8093 8094 nfs4_put_stid(&lock_stp->st_stid); 8095 } 8096 if (open_stp) 8097 nfs4_put_stid(&open_stp->st_stid); 8098 nfsd4_bump_seqid(cstate, status); 8099 if (conflock) 8100 locks_free_lock(conflock); 8101 return status; 8102 } 8103 8104 void nfsd4_lock_release(union nfsd4_op_u *u) 8105 { 8106 struct nfsd4_lock *lock = &u->lock; 8107 struct nfsd4_lock_denied *deny = &lock->lk_denied; 8108 8109 kfree(deny->ld_owner.data); 8110 } 8111 8112 /* 8113 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 8114 * so we do a temporary open here just to get an open file to pass to 8115 * vfs_test_lock. 8116 */ 8117 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 8118 { 8119 struct nfsd_file *nf; 8120 struct inode *inode; 8121 __be32 err; 8122 8123 err = nfsd_file_acquire(rqstp, fhp, NFSD_MAY_READ, &nf); 8124 if (err) 8125 return err; 8126 inode = fhp->fh_dentry->d_inode; 8127 inode_lock(inode); /* to block new leases till after test_lock: */ 8128 err = nfserrno(nfsd_open_break_lease(inode, NFSD_MAY_READ)); 8129 if (err) 8130 goto out; 8131 lock->c.flc_file = nf->nf_file; 8132 err = nfserrno(vfs_test_lock(nf->nf_file, lock)); 8133 lock->c.flc_file = NULL; 8134 out: 8135 inode_unlock(inode); 8136 nfsd_file_put(nf); 8137 return err; 8138 } 8139 8140 /* 8141 * LOCKT operation 8142 */ 8143 __be32 8144 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 8145 union nfsd4_op_u *u) 8146 { 8147 struct nfsd4_lockt *lockt = &u->lockt; 8148 struct file_lock *file_lock = NULL; 8149 struct nfs4_lockowner *lo = NULL; 8150 __be32 status; 8151 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8152 8153 if (locks_in_grace(SVC_NET(rqstp))) 8154 return nfserr_grace; 8155 8156 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 8157 return nfserr_inval; 8158 8159 if (!nfsd4_has_session(cstate)) { 8160 status = set_client(&lockt->lt_clientid, cstate, nn); 8161 if (status) 8162 goto out; 8163 } 8164 8165 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 8166 goto out; 8167 8168 file_lock = locks_alloc_lock(); 8169 if (!file_lock) { 8170 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 8171 status = nfserr_jukebox; 8172 goto out; 8173 } 8174 8175 switch (lockt->lt_type) { 8176 case NFS4_READ_LT: 8177 case NFS4_READW_LT: 8178 file_lock->c.flc_type = F_RDLCK; 8179 break; 8180 case NFS4_WRITE_LT: 8181 case NFS4_WRITEW_LT: 8182 file_lock->c.flc_type = F_WRLCK; 8183 break; 8184 default: 8185 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 8186 status = nfserr_inval; 8187 goto out; 8188 } 8189 8190 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 8191 if (lo) 8192 file_lock->c.flc_owner = (fl_owner_t)lo; 8193 file_lock->c.flc_pid = current->tgid; 8194 file_lock->c.flc_flags = FL_POSIX; 8195 8196 file_lock->fl_start = lockt->lt_offset; 8197 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 8198 8199 nfs4_transform_lock_offset(file_lock); 8200 8201 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 8202 if (status) 8203 goto out; 8204 8205 if (file_lock->c.flc_type != F_UNLCK) { 8206 status = nfserr_denied; 8207 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 8208 } 8209 out: 8210 if (lo) 8211 nfs4_put_stateowner(&lo->lo_owner); 8212 if (file_lock) 8213 locks_free_lock(file_lock); 8214 return status; 8215 } 8216 8217 void nfsd4_lockt_release(union nfsd4_op_u *u) 8218 { 8219 struct nfsd4_lockt *lockt = &u->lockt; 8220 struct nfsd4_lock_denied *deny = &lockt->lt_denied; 8221 8222 kfree(deny->ld_owner.data); 8223 } 8224 8225 __be32 8226 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 8227 union nfsd4_op_u *u) 8228 { 8229 struct nfsd4_locku *locku = &u->locku; 8230 struct nfs4_ol_stateid *stp; 8231 struct nfsd_file *nf = NULL; 8232 struct file_lock *file_lock = NULL; 8233 __be32 status; 8234 int err; 8235 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8236 8237 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 8238 (long long) locku->lu_offset, 8239 (long long) locku->lu_length); 8240 8241 if (check_lock_length(locku->lu_offset, locku->lu_length)) 8242 return nfserr_inval; 8243 8244 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 8245 &locku->lu_stateid, SC_TYPE_LOCK, 0, 8246 &stp, nn); 8247 if (status) 8248 goto out; 8249 nf = find_any_file(stp->st_stid.sc_file); 8250 if (!nf) { 8251 status = nfserr_lock_range; 8252 goto put_stateid; 8253 } 8254 file_lock = locks_alloc_lock(); 8255 if (!file_lock) { 8256 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 8257 status = nfserr_jukebox; 8258 goto put_file; 8259 } 8260 8261 file_lock->c.flc_type = F_UNLCK; 8262 file_lock->c.flc_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 8263 file_lock->c.flc_pid = current->tgid; 8264 file_lock->c.flc_file = nf->nf_file; 8265 file_lock->c.flc_flags = FL_POSIX; 8266 file_lock->fl_lmops = &nfsd_posix_mng_ops; 8267 file_lock->fl_start = locku->lu_offset; 8268 8269 file_lock->fl_end = last_byte_offset(locku->lu_offset, 8270 locku->lu_length); 8271 nfs4_transform_lock_offset(file_lock); 8272 8273 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, NULL); 8274 if (err) { 8275 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 8276 goto out_nfserr; 8277 } 8278 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 8279 put_file: 8280 nfsd_file_put(nf); 8281 put_stateid: 8282 mutex_unlock(&stp->st_mutex); 8283 nfs4_put_stid(&stp->st_stid); 8284 out: 8285 nfsd4_bump_seqid(cstate, status); 8286 if (file_lock) 8287 locks_free_lock(file_lock); 8288 return status; 8289 8290 out_nfserr: 8291 status = nfserrno(err); 8292 goto put_file; 8293 } 8294 8295 /* 8296 * returns 8297 * true: locks held by lockowner 8298 * false: no locks held by lockowner 8299 */ 8300 static bool 8301 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 8302 { 8303 struct file_lock *fl; 8304 int status = false; 8305 struct nfsd_file *nf; 8306 struct inode *inode; 8307 struct file_lock_context *flctx; 8308 8309 spin_lock(&fp->fi_lock); 8310 nf = find_any_file_locked(fp); 8311 if (!nf) { 8312 /* Any valid lock stateid should have some sort of access */ 8313 WARN_ON_ONCE(1); 8314 goto out; 8315 } 8316 8317 inode = file_inode(nf->nf_file); 8318 flctx = locks_inode_context(inode); 8319 8320 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 8321 spin_lock(&flctx->flc_lock); 8322 for_each_file_lock(fl, &flctx->flc_posix) { 8323 if (fl->c.flc_owner == (fl_owner_t)lowner) { 8324 status = true; 8325 break; 8326 } 8327 } 8328 spin_unlock(&flctx->flc_lock); 8329 } 8330 out: 8331 spin_unlock(&fp->fi_lock); 8332 return status; 8333 } 8334 8335 /** 8336 * nfsd4_release_lockowner - process NFSv4.0 RELEASE_LOCKOWNER operations 8337 * @rqstp: RPC transaction 8338 * @cstate: NFSv4 COMPOUND state 8339 * @u: RELEASE_LOCKOWNER arguments 8340 * 8341 * Check if theree are any locks still held and if not - free the lockowner 8342 * and any lock state that is owned. 8343 * 8344 * Return values: 8345 * %nfs_ok: lockowner released or not found 8346 * %nfserr_locks_held: lockowner still in use 8347 * %nfserr_stale_clientid: clientid no longer active 8348 * %nfserr_expired: clientid not recognized 8349 */ 8350 __be32 8351 nfsd4_release_lockowner(struct svc_rqst *rqstp, 8352 struct nfsd4_compound_state *cstate, 8353 union nfsd4_op_u *u) 8354 { 8355 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 8356 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8357 clientid_t *clid = &rlockowner->rl_clientid; 8358 struct nfs4_ol_stateid *stp; 8359 struct nfs4_lockowner *lo; 8360 struct nfs4_client *clp; 8361 LIST_HEAD(reaplist); 8362 __be32 status; 8363 8364 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 8365 clid->cl_boot, clid->cl_id); 8366 8367 status = set_client(clid, cstate, nn); 8368 if (status) 8369 return status; 8370 clp = cstate->clp; 8371 8372 spin_lock(&clp->cl_lock); 8373 lo = find_lockowner_str_locked(clp, &rlockowner->rl_owner); 8374 if (!lo) { 8375 spin_unlock(&clp->cl_lock); 8376 return nfs_ok; 8377 } 8378 8379 list_for_each_entry(stp, &lo->lo_owner.so_stateids, st_perstateowner) { 8380 if (check_for_locks(stp->st_stid.sc_file, lo)) { 8381 spin_unlock(&clp->cl_lock); 8382 nfs4_put_stateowner(&lo->lo_owner); 8383 return nfserr_locks_held; 8384 } 8385 } 8386 unhash_lockowner_locked(lo); 8387 while (!list_empty(&lo->lo_owner.so_stateids)) { 8388 stp = list_first_entry(&lo->lo_owner.so_stateids, 8389 struct nfs4_ol_stateid, 8390 st_perstateowner); 8391 unhash_lock_stateid(stp); 8392 put_ol_stateid_locked(stp, &reaplist); 8393 } 8394 spin_unlock(&clp->cl_lock); 8395 8396 free_ol_stateid_reaplist(&reaplist); 8397 remove_blocked_locks(lo); 8398 nfs4_put_stateowner(&lo->lo_owner); 8399 return nfs_ok; 8400 } 8401 8402 static inline struct nfs4_client_reclaim * 8403 alloc_reclaim(void) 8404 { 8405 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 8406 } 8407 8408 bool 8409 nfs4_has_reclaimed_state(struct xdr_netobj name, struct nfsd_net *nn) 8410 { 8411 struct nfs4_client_reclaim *crp; 8412 8413 crp = nfsd4_find_reclaim_client(name, nn); 8414 return (crp && crp->cr_clp); 8415 } 8416 8417 /* 8418 * failure => all reset bets are off, nfserr_no_grace... 8419 * 8420 * The caller is responsible for freeing name.data if NULL is returned (it 8421 * will be freed in nfs4_remove_reclaim_record in the normal case). 8422 */ 8423 struct nfs4_client_reclaim * 8424 nfs4_client_to_reclaim(struct xdr_netobj name, struct xdr_netobj princhash, 8425 struct nfsd_net *nn) 8426 { 8427 unsigned int strhashval; 8428 struct nfs4_client_reclaim *crp; 8429 8430 crp = alloc_reclaim(); 8431 if (crp) { 8432 strhashval = clientstr_hashval(name); 8433 INIT_LIST_HEAD(&crp->cr_strhash); 8434 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 8435 crp->cr_name.data = name.data; 8436 crp->cr_name.len = name.len; 8437 crp->cr_princhash.data = princhash.data; 8438 crp->cr_princhash.len = princhash.len; 8439 crp->cr_clp = NULL; 8440 nn->reclaim_str_hashtbl_size++; 8441 } 8442 return crp; 8443 } 8444 8445 void 8446 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 8447 { 8448 list_del(&crp->cr_strhash); 8449 kfree(crp->cr_name.data); 8450 kfree(crp->cr_princhash.data); 8451 kfree(crp); 8452 nn->reclaim_str_hashtbl_size--; 8453 } 8454 8455 void 8456 nfs4_release_reclaim(struct nfsd_net *nn) 8457 { 8458 struct nfs4_client_reclaim *crp = NULL; 8459 int i; 8460 8461 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 8462 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 8463 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 8464 struct nfs4_client_reclaim, cr_strhash); 8465 nfs4_remove_reclaim_record(crp, nn); 8466 } 8467 } 8468 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 8469 } 8470 8471 /* 8472 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 8473 struct nfs4_client_reclaim * 8474 nfsd4_find_reclaim_client(struct xdr_netobj name, struct nfsd_net *nn) 8475 { 8476 unsigned int strhashval; 8477 struct nfs4_client_reclaim *crp = NULL; 8478 8479 strhashval = clientstr_hashval(name); 8480 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 8481 if (compare_blob(&crp->cr_name, &name) == 0) { 8482 return crp; 8483 } 8484 } 8485 return NULL; 8486 } 8487 8488 __be32 8489 nfs4_check_open_reclaim(struct nfs4_client *clp) 8490 { 8491 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &clp->cl_flags)) 8492 return nfserr_no_grace; 8493 8494 if (nfsd4_client_record_check(clp)) 8495 return nfserr_reclaim_bad; 8496 8497 return nfs_ok; 8498 } 8499 8500 /* 8501 * Since the lifetime of a delegation isn't limited to that of an open, a 8502 * client may quite reasonably hang on to a delegation as long as it has 8503 * the inode cached. This becomes an obvious problem the first time a 8504 * client's inode cache approaches the size of the server's total memory. 8505 * 8506 * For now we avoid this problem by imposing a hard limit on the number 8507 * of delegations, which varies according to the server's memory size. 8508 */ 8509 static void 8510 set_max_delegations(void) 8511 { 8512 /* 8513 * Allow at most 4 delegations per megabyte of RAM. Quick 8514 * estimates suggest that in the worst case (where every delegation 8515 * is for a different inode), a delegation could take about 1.5K, 8516 * giving a worst case usage of about 6% of memory. 8517 */ 8518 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 8519 } 8520 8521 static int nfs4_state_create_net(struct net *net) 8522 { 8523 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8524 int i; 8525 8526 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 8527 sizeof(struct list_head), 8528 GFP_KERNEL); 8529 if (!nn->conf_id_hashtbl) 8530 goto err; 8531 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 8532 sizeof(struct list_head), 8533 GFP_KERNEL); 8534 if (!nn->unconf_id_hashtbl) 8535 goto err_unconf_id; 8536 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE, 8537 sizeof(struct list_head), 8538 GFP_KERNEL); 8539 if (!nn->sessionid_hashtbl) 8540 goto err_sessionid; 8541 8542 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 8543 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 8544 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 8545 } 8546 for (i = 0; i < SESSION_HASH_SIZE; i++) 8547 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 8548 nn->conf_name_tree = RB_ROOT; 8549 nn->unconf_name_tree = RB_ROOT; 8550 nn->boot_time = ktime_get_real_seconds(); 8551 nn->grace_ended = false; 8552 nn->nfsd4_manager.block_opens = true; 8553 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 8554 INIT_LIST_HEAD(&nn->client_lru); 8555 INIT_LIST_HEAD(&nn->close_lru); 8556 INIT_LIST_HEAD(&nn->del_recall_lru); 8557 spin_lock_init(&nn->client_lock); 8558 spin_lock_init(&nn->s2s_cp_lock); 8559 idr_init(&nn->s2s_cp_stateids); 8560 8561 spin_lock_init(&nn->blocked_locks_lock); 8562 INIT_LIST_HEAD(&nn->blocked_locks_lru); 8563 8564 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 8565 INIT_WORK(&nn->nfsd_shrinker_work, nfsd4_state_shrinker_worker); 8566 get_net(net); 8567 8568 nn->nfsd_client_shrinker = shrinker_alloc(0, "nfsd-client"); 8569 if (!nn->nfsd_client_shrinker) 8570 goto err_shrinker; 8571 8572 nn->nfsd_client_shrinker->scan_objects = nfsd4_state_shrinker_scan; 8573 nn->nfsd_client_shrinker->count_objects = nfsd4_state_shrinker_count; 8574 nn->nfsd_client_shrinker->private_data = nn; 8575 8576 shrinker_register(nn->nfsd_client_shrinker); 8577 8578 return 0; 8579 8580 err_shrinker: 8581 put_net(net); 8582 kfree(nn->sessionid_hashtbl); 8583 err_sessionid: 8584 kfree(nn->unconf_id_hashtbl); 8585 err_unconf_id: 8586 kfree(nn->conf_id_hashtbl); 8587 err: 8588 return -ENOMEM; 8589 } 8590 8591 static void 8592 nfs4_state_destroy_net(struct net *net) 8593 { 8594 int i; 8595 struct nfs4_client *clp = NULL; 8596 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8597 8598 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 8599 while (!list_empty(&nn->conf_id_hashtbl[i])) { 8600 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 8601 destroy_client(clp); 8602 } 8603 } 8604 8605 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 8606 8607 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 8608 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 8609 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 8610 destroy_client(clp); 8611 } 8612 } 8613 8614 kfree(nn->sessionid_hashtbl); 8615 kfree(nn->unconf_id_hashtbl); 8616 kfree(nn->conf_id_hashtbl); 8617 put_net(net); 8618 } 8619 8620 int 8621 nfs4_state_start_net(struct net *net) 8622 { 8623 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8624 int ret; 8625 8626 ret = nfs4_state_create_net(net); 8627 if (ret) 8628 return ret; 8629 locks_start_grace(net, &nn->nfsd4_manager); 8630 nfsd4_client_tracking_init(net); 8631 if (nn->track_reclaim_completes && nn->reclaim_str_hashtbl_size == 0) 8632 goto skip_grace; 8633 printk(KERN_INFO "NFSD: starting %lld-second grace period (net %x)\n", 8634 nn->nfsd4_grace, net->ns.inum); 8635 trace_nfsd_grace_start(nn); 8636 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 8637 return 0; 8638 8639 skip_grace: 8640 printk(KERN_INFO "NFSD: no clients to reclaim, skipping NFSv4 grace period (net %x)\n", 8641 net->ns.inum); 8642 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_lease * HZ); 8643 nfsd4_end_grace(nn); 8644 return 0; 8645 } 8646 8647 /* initialization to perform when the nfsd service is started: */ 8648 8649 int 8650 nfs4_state_start(void) 8651 { 8652 int ret; 8653 8654 ret = rhltable_init(&nfs4_file_rhltable, &nfs4_file_rhash_params); 8655 if (ret) 8656 return ret; 8657 8658 set_max_delegations(); 8659 return 0; 8660 } 8661 8662 void 8663 nfs4_state_shutdown_net(struct net *net) 8664 { 8665 struct nfs4_delegation *dp = NULL; 8666 struct list_head *pos, *next, reaplist; 8667 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 8668 8669 shrinker_free(nn->nfsd_client_shrinker); 8670 cancel_work(&nn->nfsd_shrinker_work); 8671 cancel_delayed_work_sync(&nn->laundromat_work); 8672 locks_end_grace(&nn->nfsd4_manager); 8673 8674 INIT_LIST_HEAD(&reaplist); 8675 spin_lock(&state_lock); 8676 list_for_each_safe(pos, next, &nn->del_recall_lru) { 8677 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 8678 unhash_delegation_locked(dp, SC_STATUS_CLOSED); 8679 list_add(&dp->dl_recall_lru, &reaplist); 8680 } 8681 spin_unlock(&state_lock); 8682 list_for_each_safe(pos, next, &reaplist) { 8683 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 8684 list_del_init(&dp->dl_recall_lru); 8685 destroy_unhashed_deleg(dp); 8686 } 8687 8688 nfsd4_client_tracking_exit(net); 8689 nfs4_state_destroy_net(net); 8690 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 8691 nfsd4_ssc_shutdown_umount(nn); 8692 #endif 8693 } 8694 8695 void 8696 nfs4_state_shutdown(void) 8697 { 8698 rhltable_destroy(&nfs4_file_rhltable); 8699 } 8700 8701 static void 8702 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 8703 { 8704 if (HAS_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG) && 8705 CURRENT_STATEID(stateid)) 8706 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 8707 } 8708 8709 static void 8710 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 8711 { 8712 if (cstate->minorversion) { 8713 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 8714 SET_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 8715 } 8716 } 8717 8718 void 8719 clear_current_stateid(struct nfsd4_compound_state *cstate) 8720 { 8721 CLEAR_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG); 8722 } 8723 8724 /* 8725 * functions to set current state id 8726 */ 8727 void 8728 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 8729 union nfsd4_op_u *u) 8730 { 8731 put_stateid(cstate, &u->open_downgrade.od_stateid); 8732 } 8733 8734 void 8735 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 8736 union nfsd4_op_u *u) 8737 { 8738 put_stateid(cstate, &u->open.op_stateid); 8739 } 8740 8741 void 8742 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 8743 union nfsd4_op_u *u) 8744 { 8745 put_stateid(cstate, &u->close.cl_stateid); 8746 } 8747 8748 void 8749 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 8750 union nfsd4_op_u *u) 8751 { 8752 put_stateid(cstate, &u->lock.lk_resp_stateid); 8753 } 8754 8755 /* 8756 * functions to consume current state id 8757 */ 8758 8759 void 8760 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 8761 union nfsd4_op_u *u) 8762 { 8763 get_stateid(cstate, &u->open_downgrade.od_stateid); 8764 } 8765 8766 void 8767 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 8768 union nfsd4_op_u *u) 8769 { 8770 get_stateid(cstate, &u->delegreturn.dr_stateid); 8771 } 8772 8773 void 8774 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 8775 union nfsd4_op_u *u) 8776 { 8777 get_stateid(cstate, &u->free_stateid.fr_stateid); 8778 } 8779 8780 void 8781 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 8782 union nfsd4_op_u *u) 8783 { 8784 get_stateid(cstate, &u->setattr.sa_stateid); 8785 } 8786 8787 void 8788 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 8789 union nfsd4_op_u *u) 8790 { 8791 get_stateid(cstate, &u->close.cl_stateid); 8792 } 8793 8794 void 8795 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 8796 union nfsd4_op_u *u) 8797 { 8798 get_stateid(cstate, &u->locku.lu_stateid); 8799 } 8800 8801 void 8802 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 8803 union nfsd4_op_u *u) 8804 { 8805 get_stateid(cstate, &u->read.rd_stateid); 8806 } 8807 8808 void 8809 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 8810 union nfsd4_op_u *u) 8811 { 8812 get_stateid(cstate, &u->write.wr_stateid); 8813 } 8814 8815 /** 8816 * nfsd4_deleg_getattr_conflict - Recall if GETATTR causes conflict 8817 * @rqstp: RPC transaction context 8818 * @dentry: dentry of inode to be checked for a conflict 8819 * @modified: return true if file was modified 8820 * @size: new size of file if modified is true 8821 * 8822 * This function is called when there is a conflict between a write 8823 * delegation and a change/size GETATTR from another client. The server 8824 * must either use the CB_GETATTR to get the current values of the 8825 * attributes from the client that holds the delegation or recall the 8826 * delegation before replying to the GETATTR. See RFC 8881 section 8827 * 18.7.4. 8828 * 8829 * Returns 0 if there is no conflict; otherwise an nfs_stat 8830 * code is returned. 8831 */ 8832 __be32 8833 nfsd4_deleg_getattr_conflict(struct svc_rqst *rqstp, struct dentry *dentry, 8834 bool *modified, u64 *size) 8835 { 8836 __be32 status; 8837 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 8838 struct file_lock_context *ctx; 8839 struct file_lease *fl; 8840 struct iattr attrs; 8841 struct nfs4_cb_fattr *ncf; 8842 struct inode *inode = d_inode(dentry); 8843 8844 *modified = false; 8845 ctx = locks_inode_context(inode); 8846 if (!ctx) 8847 return 0; 8848 spin_lock(&ctx->flc_lock); 8849 for_each_file_lock(fl, &ctx->flc_lease) { 8850 unsigned char type = fl->c.flc_type; 8851 8852 if (fl->c.flc_flags == FL_LAYOUT) 8853 continue; 8854 if (fl->fl_lmops != &nfsd_lease_mng_ops) { 8855 /* 8856 * non-nfs lease, if it's a lease with F_RDLCK then 8857 * we are done; there isn't any write delegation 8858 * on this inode 8859 */ 8860 if (type == F_RDLCK) 8861 break; 8862 8863 nfsd_stats_wdeleg_getattr_inc(nn); 8864 spin_unlock(&ctx->flc_lock); 8865 8866 status = nfserrno(nfsd_open_break_lease(inode, NFSD_MAY_READ)); 8867 if (status != nfserr_jukebox || 8868 !nfsd_wait_for_delegreturn(rqstp, inode)) 8869 return status; 8870 return 0; 8871 } 8872 if (type == F_WRLCK) { 8873 struct nfs4_delegation *dp = fl->c.flc_owner; 8874 8875 if (dp->dl_recall.cb_clp == *(rqstp->rq_lease_breaker)) { 8876 spin_unlock(&ctx->flc_lock); 8877 return 0; 8878 } 8879 nfsd_stats_wdeleg_getattr_inc(nn); 8880 dp = fl->c.flc_owner; 8881 refcount_inc(&dp->dl_stid.sc_count); 8882 ncf = &dp->dl_cb_fattr; 8883 nfs4_cb_getattr(&dp->dl_cb_fattr); 8884 spin_unlock(&ctx->flc_lock); 8885 wait_on_bit_timeout(&ncf->ncf_cb_flags, CB_GETATTR_BUSY, 8886 TASK_INTERRUPTIBLE, NFSD_CB_GETATTR_TIMEOUT); 8887 if (ncf->ncf_cb_status) { 8888 /* Recall delegation only if client didn't respond */ 8889 status = nfserrno(nfsd_open_break_lease(inode, NFSD_MAY_READ)); 8890 if (status != nfserr_jukebox || 8891 !nfsd_wait_for_delegreturn(rqstp, inode)) { 8892 nfs4_put_stid(&dp->dl_stid); 8893 return status; 8894 } 8895 } 8896 if (!ncf->ncf_file_modified && 8897 (ncf->ncf_initial_cinfo != ncf->ncf_cb_change || 8898 ncf->ncf_cur_fsize != ncf->ncf_cb_fsize)) 8899 ncf->ncf_file_modified = true; 8900 if (ncf->ncf_file_modified) { 8901 int err; 8902 8903 /* 8904 * Per section 10.4.3 of RFC 8881, the server would 8905 * not update the file's metadata with the client's 8906 * modified size 8907 */ 8908 attrs.ia_mtime = attrs.ia_ctime = current_time(inode); 8909 attrs.ia_valid = ATTR_MTIME | ATTR_CTIME | ATTR_DELEG; 8910 inode_lock(inode); 8911 err = notify_change(&nop_mnt_idmap, dentry, &attrs, NULL); 8912 inode_unlock(inode); 8913 if (err) { 8914 nfs4_put_stid(&dp->dl_stid); 8915 return nfserrno(err); 8916 } 8917 ncf->ncf_cur_fsize = ncf->ncf_cb_fsize; 8918 *size = ncf->ncf_cur_fsize; 8919 *modified = true; 8920 } 8921 nfs4_put_stid(&dp->dl_stid); 8922 return 0; 8923 } 8924 break; 8925 } 8926 spin_unlock(&ctx->flc_lock); 8927 return 0; 8928 } 8929