1 /* 2 * Copyright (c) 2001 The Regents of the University of Michigan. 3 * All rights reserved. 4 * 5 * Kendrick Smith <kmsmith@umich.edu> 6 * Andy Adamson <kandros@umich.edu> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 */ 34 35 #include <linux/file.h> 36 #include <linux/fs.h> 37 #include <linux/slab.h> 38 #include <linux/namei.h> 39 #include <linux/swap.h> 40 #include <linux/pagemap.h> 41 #include <linux/ratelimit.h> 42 #include <linux/sunrpc/svcauth_gss.h> 43 #include <linux/sunrpc/addr.h> 44 #include <linux/jhash.h> 45 #include "xdr4.h" 46 #include "xdr4cb.h" 47 #include "vfs.h" 48 #include "current_stateid.h" 49 50 #include "netns.h" 51 #include "pnfs.h" 52 53 #define NFSDDBG_FACILITY NFSDDBG_PROC 54 55 #define all_ones {{~0,~0},~0} 56 static const stateid_t one_stateid = { 57 .si_generation = ~0, 58 .si_opaque = all_ones, 59 }; 60 static const stateid_t zero_stateid = { 61 /* all fields zero */ 62 }; 63 static const stateid_t currentstateid = { 64 .si_generation = 1, 65 }; 66 static const stateid_t close_stateid = { 67 .si_generation = 0xffffffffU, 68 }; 69 70 static u64 current_sessionid = 1; 71 72 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) 73 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) 74 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) 75 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) 76 77 /* forward declarations */ 78 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 79 static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 80 81 /* Locking: */ 82 83 /* 84 * Currently used for the del_recall_lru and file hash table. In an 85 * effort to decrease the scope of the client_mutex, this spinlock may 86 * eventually cover more: 87 */ 88 static DEFINE_SPINLOCK(state_lock); 89 90 enum nfsd4_st_mutex_lock_subclass { 91 OPEN_STATEID_MUTEX = 0, 92 LOCK_STATEID_MUTEX = 1, 93 }; 94 95 /* 96 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 97 * the refcount on the open stateid to drop. 98 */ 99 static DECLARE_WAIT_QUEUE_HEAD(close_wq); 100 101 static struct kmem_cache *client_slab; 102 static struct kmem_cache *openowner_slab; 103 static struct kmem_cache *lockowner_slab; 104 static struct kmem_cache *file_slab; 105 static struct kmem_cache *stateid_slab; 106 static struct kmem_cache *deleg_slab; 107 static struct kmem_cache *odstate_slab; 108 109 static void free_session(struct nfsd4_session *); 110 111 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops; 112 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops; 113 114 static bool is_session_dead(struct nfsd4_session *ses) 115 { 116 return ses->se_flags & NFS4_SESSION_DEAD; 117 } 118 119 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) 120 { 121 if (atomic_read(&ses->se_ref) > ref_held_by_me) 122 return nfserr_jukebox; 123 ses->se_flags |= NFS4_SESSION_DEAD; 124 return nfs_ok; 125 } 126 127 static bool is_client_expired(struct nfs4_client *clp) 128 { 129 return clp->cl_time == 0; 130 } 131 132 static __be32 get_client_locked(struct nfs4_client *clp) 133 { 134 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 135 136 lockdep_assert_held(&nn->client_lock); 137 138 if (is_client_expired(clp)) 139 return nfserr_expired; 140 atomic_inc(&clp->cl_refcount); 141 return nfs_ok; 142 } 143 144 /* must be called under the client_lock */ 145 static inline void 146 renew_client_locked(struct nfs4_client *clp) 147 { 148 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 149 150 if (is_client_expired(clp)) { 151 WARN_ON(1); 152 printk("%s: client (clientid %08x/%08x) already expired\n", 153 __func__, 154 clp->cl_clientid.cl_boot, 155 clp->cl_clientid.cl_id); 156 return; 157 } 158 159 dprintk("renewing client (clientid %08x/%08x)\n", 160 clp->cl_clientid.cl_boot, 161 clp->cl_clientid.cl_id); 162 list_move_tail(&clp->cl_lru, &nn->client_lru); 163 clp->cl_time = get_seconds(); 164 } 165 166 static void put_client_renew_locked(struct nfs4_client *clp) 167 { 168 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 169 170 lockdep_assert_held(&nn->client_lock); 171 172 if (!atomic_dec_and_test(&clp->cl_refcount)) 173 return; 174 if (!is_client_expired(clp)) 175 renew_client_locked(clp); 176 } 177 178 static void put_client_renew(struct nfs4_client *clp) 179 { 180 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 181 182 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock)) 183 return; 184 if (!is_client_expired(clp)) 185 renew_client_locked(clp); 186 spin_unlock(&nn->client_lock); 187 } 188 189 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 190 { 191 __be32 status; 192 193 if (is_session_dead(ses)) 194 return nfserr_badsession; 195 status = get_client_locked(ses->se_client); 196 if (status) 197 return status; 198 atomic_inc(&ses->se_ref); 199 return nfs_ok; 200 } 201 202 static void nfsd4_put_session_locked(struct nfsd4_session *ses) 203 { 204 struct nfs4_client *clp = ses->se_client; 205 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 206 207 lockdep_assert_held(&nn->client_lock); 208 209 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 210 free_session(ses); 211 put_client_renew_locked(clp); 212 } 213 214 static void nfsd4_put_session(struct nfsd4_session *ses) 215 { 216 struct nfs4_client *clp = ses->se_client; 217 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 218 219 spin_lock(&nn->client_lock); 220 nfsd4_put_session_locked(ses); 221 spin_unlock(&nn->client_lock); 222 } 223 224 static struct nfsd4_blocked_lock * 225 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 226 struct nfsd_net *nn) 227 { 228 struct nfsd4_blocked_lock *cur, *found = NULL; 229 230 spin_lock(&nn->blocked_locks_lock); 231 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) { 232 if (fh_match(fh, &cur->nbl_fh)) { 233 list_del_init(&cur->nbl_list); 234 list_del_init(&cur->nbl_lru); 235 found = cur; 236 break; 237 } 238 } 239 spin_unlock(&nn->blocked_locks_lock); 240 if (found) 241 posix_unblock_lock(&found->nbl_lock); 242 return found; 243 } 244 245 static struct nfsd4_blocked_lock * 246 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh, 247 struct nfsd_net *nn) 248 { 249 struct nfsd4_blocked_lock *nbl; 250 251 nbl = find_blocked_lock(lo, fh, nn); 252 if (!nbl) { 253 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL); 254 if (nbl) { 255 fh_copy_shallow(&nbl->nbl_fh, fh); 256 locks_init_lock(&nbl->nbl_lock); 257 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client, 258 &nfsd4_cb_notify_lock_ops, 259 NFSPROC4_CLNT_CB_NOTIFY_LOCK); 260 } 261 } 262 return nbl; 263 } 264 265 static void 266 free_blocked_lock(struct nfsd4_blocked_lock *nbl) 267 { 268 locks_release_private(&nbl->nbl_lock); 269 kfree(nbl); 270 } 271 272 static void 273 remove_blocked_locks(struct nfs4_lockowner *lo) 274 { 275 struct nfs4_client *clp = lo->lo_owner.so_client; 276 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 277 struct nfsd4_blocked_lock *nbl; 278 LIST_HEAD(reaplist); 279 280 /* Dequeue all blocked locks */ 281 spin_lock(&nn->blocked_locks_lock); 282 while (!list_empty(&lo->lo_blocked)) { 283 nbl = list_first_entry(&lo->lo_blocked, 284 struct nfsd4_blocked_lock, 285 nbl_list); 286 list_del_init(&nbl->nbl_list); 287 list_move(&nbl->nbl_lru, &reaplist); 288 } 289 spin_unlock(&nn->blocked_locks_lock); 290 291 /* Now free them */ 292 while (!list_empty(&reaplist)) { 293 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock, 294 nbl_lru); 295 list_del_init(&nbl->nbl_lru); 296 posix_unblock_lock(&nbl->nbl_lock); 297 free_blocked_lock(nbl); 298 } 299 } 300 301 static int 302 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task) 303 { 304 /* 305 * Since this is just an optimization, we don't try very hard if it 306 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and 307 * just quit trying on anything else. 308 */ 309 switch (task->tk_status) { 310 case -NFS4ERR_DELAY: 311 rpc_delay(task, 1 * HZ); 312 return 0; 313 default: 314 return 1; 315 } 316 } 317 318 static void 319 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb) 320 { 321 struct nfsd4_blocked_lock *nbl = container_of(cb, 322 struct nfsd4_blocked_lock, nbl_cb); 323 324 free_blocked_lock(nbl); 325 } 326 327 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = { 328 .done = nfsd4_cb_notify_lock_done, 329 .release = nfsd4_cb_notify_lock_release, 330 }; 331 332 static inline struct nfs4_stateowner * 333 nfs4_get_stateowner(struct nfs4_stateowner *sop) 334 { 335 atomic_inc(&sop->so_count); 336 return sop; 337 } 338 339 static int 340 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 341 { 342 return (sop->so_owner.len == owner->len) && 343 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 344 } 345 346 static struct nfs4_openowner * 347 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 348 struct nfs4_client *clp) 349 { 350 struct nfs4_stateowner *so; 351 352 lockdep_assert_held(&clp->cl_lock); 353 354 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 355 so_strhash) { 356 if (!so->so_is_open_owner) 357 continue; 358 if (same_owner_str(so, &open->op_owner)) 359 return openowner(nfs4_get_stateowner(so)); 360 } 361 return NULL; 362 } 363 364 static struct nfs4_openowner * 365 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 366 struct nfs4_client *clp) 367 { 368 struct nfs4_openowner *oo; 369 370 spin_lock(&clp->cl_lock); 371 oo = find_openstateowner_str_locked(hashval, open, clp); 372 spin_unlock(&clp->cl_lock); 373 return oo; 374 } 375 376 static inline u32 377 opaque_hashval(const void *ptr, int nbytes) 378 { 379 unsigned char *cptr = (unsigned char *) ptr; 380 381 u32 x = 0; 382 while (nbytes--) { 383 x *= 37; 384 x += *cptr++; 385 } 386 return x; 387 } 388 389 static void nfsd4_free_file_rcu(struct rcu_head *rcu) 390 { 391 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu); 392 393 kmem_cache_free(file_slab, fp); 394 } 395 396 void 397 put_nfs4_file(struct nfs4_file *fi) 398 { 399 might_lock(&state_lock); 400 401 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) { 402 hlist_del_rcu(&fi->fi_hash); 403 spin_unlock(&state_lock); 404 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate)); 405 WARN_ON_ONCE(!list_empty(&fi->fi_delegations)); 406 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu); 407 } 408 } 409 410 static struct file * 411 __nfs4_get_fd(struct nfs4_file *f, int oflag) 412 { 413 if (f->fi_fds[oflag]) 414 return get_file(f->fi_fds[oflag]); 415 return NULL; 416 } 417 418 static struct file * 419 find_writeable_file_locked(struct nfs4_file *f) 420 { 421 struct file *ret; 422 423 lockdep_assert_held(&f->fi_lock); 424 425 ret = __nfs4_get_fd(f, O_WRONLY); 426 if (!ret) 427 ret = __nfs4_get_fd(f, O_RDWR); 428 return ret; 429 } 430 431 static struct file * 432 find_writeable_file(struct nfs4_file *f) 433 { 434 struct file *ret; 435 436 spin_lock(&f->fi_lock); 437 ret = find_writeable_file_locked(f); 438 spin_unlock(&f->fi_lock); 439 440 return ret; 441 } 442 443 static struct file *find_readable_file_locked(struct nfs4_file *f) 444 { 445 struct file *ret; 446 447 lockdep_assert_held(&f->fi_lock); 448 449 ret = __nfs4_get_fd(f, O_RDONLY); 450 if (!ret) 451 ret = __nfs4_get_fd(f, O_RDWR); 452 return ret; 453 } 454 455 static struct file * 456 find_readable_file(struct nfs4_file *f) 457 { 458 struct file *ret; 459 460 spin_lock(&f->fi_lock); 461 ret = find_readable_file_locked(f); 462 spin_unlock(&f->fi_lock); 463 464 return ret; 465 } 466 467 struct file * 468 find_any_file(struct nfs4_file *f) 469 { 470 struct file *ret; 471 472 spin_lock(&f->fi_lock); 473 ret = __nfs4_get_fd(f, O_RDWR); 474 if (!ret) { 475 ret = __nfs4_get_fd(f, O_WRONLY); 476 if (!ret) 477 ret = __nfs4_get_fd(f, O_RDONLY); 478 } 479 spin_unlock(&f->fi_lock); 480 return ret; 481 } 482 483 static atomic_long_t num_delegations; 484 unsigned long max_delegations; 485 486 /* 487 * Open owner state (share locks) 488 */ 489 490 /* hash tables for lock and open owners */ 491 #define OWNER_HASH_BITS 8 492 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 493 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 494 495 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 496 { 497 unsigned int ret; 498 499 ret = opaque_hashval(ownername->data, ownername->len); 500 return ret & OWNER_HASH_MASK; 501 } 502 503 /* hash table for nfs4_file */ 504 #define FILE_HASH_BITS 8 505 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 506 507 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 508 { 509 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 510 } 511 512 static unsigned int file_hashval(struct knfsd_fh *fh) 513 { 514 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 515 } 516 517 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 518 519 static void 520 __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 521 { 522 lockdep_assert_held(&fp->fi_lock); 523 524 if (access & NFS4_SHARE_ACCESS_WRITE) 525 atomic_inc(&fp->fi_access[O_WRONLY]); 526 if (access & NFS4_SHARE_ACCESS_READ) 527 atomic_inc(&fp->fi_access[O_RDONLY]); 528 } 529 530 static __be32 531 nfs4_file_get_access(struct nfs4_file *fp, u32 access) 532 { 533 lockdep_assert_held(&fp->fi_lock); 534 535 /* Does this access mode make sense? */ 536 if (access & ~NFS4_SHARE_ACCESS_BOTH) 537 return nfserr_inval; 538 539 /* Does it conflict with a deny mode already set? */ 540 if ((access & fp->fi_share_deny) != 0) 541 return nfserr_share_denied; 542 543 __nfs4_file_get_access(fp, access); 544 return nfs_ok; 545 } 546 547 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 548 { 549 /* Common case is that there is no deny mode. */ 550 if (deny) { 551 /* Does this deny mode make sense? */ 552 if (deny & ~NFS4_SHARE_DENY_BOTH) 553 return nfserr_inval; 554 555 if ((deny & NFS4_SHARE_DENY_READ) && 556 atomic_read(&fp->fi_access[O_RDONLY])) 557 return nfserr_share_denied; 558 559 if ((deny & NFS4_SHARE_DENY_WRITE) && 560 atomic_read(&fp->fi_access[O_WRONLY])) 561 return nfserr_share_denied; 562 } 563 return nfs_ok; 564 } 565 566 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 567 { 568 might_lock(&fp->fi_lock); 569 570 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 571 struct file *f1 = NULL; 572 struct file *f2 = NULL; 573 574 swap(f1, fp->fi_fds[oflag]); 575 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 576 swap(f2, fp->fi_fds[O_RDWR]); 577 spin_unlock(&fp->fi_lock); 578 if (f1) 579 fput(f1); 580 if (f2) 581 fput(f2); 582 } 583 } 584 585 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 586 { 587 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 588 589 if (access & NFS4_SHARE_ACCESS_WRITE) 590 __nfs4_file_put_access(fp, O_WRONLY); 591 if (access & NFS4_SHARE_ACCESS_READ) 592 __nfs4_file_put_access(fp, O_RDONLY); 593 } 594 595 /* 596 * Allocate a new open/delegation state counter. This is needed for 597 * pNFS for proper return on close semantics. 598 * 599 * Note that we only allocate it for pNFS-enabled exports, otherwise 600 * all pointers to struct nfs4_clnt_odstate are always NULL. 601 */ 602 static struct nfs4_clnt_odstate * 603 alloc_clnt_odstate(struct nfs4_client *clp) 604 { 605 struct nfs4_clnt_odstate *co; 606 607 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL); 608 if (co) { 609 co->co_client = clp; 610 refcount_set(&co->co_odcount, 1); 611 } 612 return co; 613 } 614 615 static void 616 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co) 617 { 618 struct nfs4_file *fp = co->co_file; 619 620 lockdep_assert_held(&fp->fi_lock); 621 list_add(&co->co_perfile, &fp->fi_clnt_odstate); 622 } 623 624 static inline void 625 get_clnt_odstate(struct nfs4_clnt_odstate *co) 626 { 627 if (co) 628 refcount_inc(&co->co_odcount); 629 } 630 631 static void 632 put_clnt_odstate(struct nfs4_clnt_odstate *co) 633 { 634 struct nfs4_file *fp; 635 636 if (!co) 637 return; 638 639 fp = co->co_file; 640 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) { 641 list_del(&co->co_perfile); 642 spin_unlock(&fp->fi_lock); 643 644 nfsd4_return_all_file_layouts(co->co_client, fp); 645 kmem_cache_free(odstate_slab, co); 646 } 647 } 648 649 static struct nfs4_clnt_odstate * 650 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new) 651 { 652 struct nfs4_clnt_odstate *co; 653 struct nfs4_client *cl; 654 655 if (!new) 656 return NULL; 657 658 cl = new->co_client; 659 660 spin_lock(&fp->fi_lock); 661 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) { 662 if (co->co_client == cl) { 663 get_clnt_odstate(co); 664 goto out; 665 } 666 } 667 co = new; 668 co->co_file = fp; 669 hash_clnt_odstate_locked(new); 670 out: 671 spin_unlock(&fp->fi_lock); 672 return co; 673 } 674 675 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab, 676 void (*sc_free)(struct nfs4_stid *)) 677 { 678 struct nfs4_stid *stid; 679 int new_id; 680 681 stid = kmem_cache_zalloc(slab, GFP_KERNEL); 682 if (!stid) 683 return NULL; 684 685 idr_preload(GFP_KERNEL); 686 spin_lock(&cl->cl_lock); 687 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT); 688 spin_unlock(&cl->cl_lock); 689 idr_preload_end(); 690 if (new_id < 0) 691 goto out_free; 692 693 stid->sc_free = sc_free; 694 stid->sc_client = cl; 695 stid->sc_stateid.si_opaque.so_id = new_id; 696 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 697 /* Will be incremented before return to client: */ 698 refcount_set(&stid->sc_count, 1); 699 spin_lock_init(&stid->sc_lock); 700 701 /* 702 * It shouldn't be a problem to reuse an opaque stateid value. 703 * I don't think it is for 4.1. But with 4.0 I worry that, for 704 * example, a stray write retransmission could be accepted by 705 * the server when it should have been rejected. Therefore, 706 * adopt a trick from the sctp code to attempt to maximize the 707 * amount of time until an id is reused, by ensuring they always 708 * "increase" (mod INT_MAX): 709 */ 710 return stid; 711 out_free: 712 kmem_cache_free(slab, stid); 713 return NULL; 714 } 715 716 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 717 { 718 struct nfs4_stid *stid; 719 720 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid); 721 if (!stid) 722 return NULL; 723 724 return openlockstateid(stid); 725 } 726 727 static void nfs4_free_deleg(struct nfs4_stid *stid) 728 { 729 kmem_cache_free(deleg_slab, stid); 730 atomic_long_dec(&num_delegations); 731 } 732 733 /* 734 * When we recall a delegation, we should be careful not to hand it 735 * out again straight away. 736 * To ensure this we keep a pair of bloom filters ('new' and 'old') 737 * in which the filehandles of recalled delegations are "stored". 738 * If a filehandle appear in either filter, a delegation is blocked. 739 * When a delegation is recalled, the filehandle is stored in the "new" 740 * filter. 741 * Every 30 seconds we swap the filters and clear the "new" one, 742 * unless both are empty of course. 743 * 744 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 745 * low 3 bytes as hash-table indices. 746 * 747 * 'blocked_delegations_lock', which is always taken in block_delegations(), 748 * is used to manage concurrent access. Testing does not need the lock 749 * except when swapping the two filters. 750 */ 751 static DEFINE_SPINLOCK(blocked_delegations_lock); 752 static struct bloom_pair { 753 int entries, old_entries; 754 time_t swap_time; 755 int new; /* index into 'set' */ 756 DECLARE_BITMAP(set[2], 256); 757 } blocked_delegations; 758 759 static int delegation_blocked(struct knfsd_fh *fh) 760 { 761 u32 hash; 762 struct bloom_pair *bd = &blocked_delegations; 763 764 if (bd->entries == 0) 765 return 0; 766 if (seconds_since_boot() - bd->swap_time > 30) { 767 spin_lock(&blocked_delegations_lock); 768 if (seconds_since_boot() - bd->swap_time > 30) { 769 bd->entries -= bd->old_entries; 770 bd->old_entries = bd->entries; 771 memset(bd->set[bd->new], 0, 772 sizeof(bd->set[0])); 773 bd->new = 1-bd->new; 774 bd->swap_time = seconds_since_boot(); 775 } 776 spin_unlock(&blocked_delegations_lock); 777 } 778 hash = jhash(&fh->fh_base, fh->fh_size, 0); 779 if (test_bit(hash&255, bd->set[0]) && 780 test_bit((hash>>8)&255, bd->set[0]) && 781 test_bit((hash>>16)&255, bd->set[0])) 782 return 1; 783 784 if (test_bit(hash&255, bd->set[1]) && 785 test_bit((hash>>8)&255, bd->set[1]) && 786 test_bit((hash>>16)&255, bd->set[1])) 787 return 1; 788 789 return 0; 790 } 791 792 static void block_delegations(struct knfsd_fh *fh) 793 { 794 u32 hash; 795 struct bloom_pair *bd = &blocked_delegations; 796 797 hash = jhash(&fh->fh_base, fh->fh_size, 0); 798 799 spin_lock(&blocked_delegations_lock); 800 __set_bit(hash&255, bd->set[bd->new]); 801 __set_bit((hash>>8)&255, bd->set[bd->new]); 802 __set_bit((hash>>16)&255, bd->set[bd->new]); 803 if (bd->entries == 0) 804 bd->swap_time = seconds_since_boot(); 805 bd->entries += 1; 806 spin_unlock(&blocked_delegations_lock); 807 } 808 809 static struct nfs4_delegation * 810 alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp, 811 struct svc_fh *current_fh, 812 struct nfs4_clnt_odstate *odstate) 813 { 814 struct nfs4_delegation *dp; 815 long n; 816 817 dprintk("NFSD alloc_init_deleg\n"); 818 n = atomic_long_inc_return(&num_delegations); 819 if (n < 0 || n > max_delegations) 820 goto out_dec; 821 if (delegation_blocked(¤t_fh->fh_handle)) 822 goto out_dec; 823 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg)); 824 if (dp == NULL) 825 goto out_dec; 826 827 /* 828 * delegation seqid's are never incremented. The 4.1 special 829 * meaning of seqid 0 isn't meaningful, really, but let's avoid 830 * 0 anyway just for consistency and use 1: 831 */ 832 dp->dl_stid.sc_stateid.si_generation = 1; 833 INIT_LIST_HEAD(&dp->dl_perfile); 834 INIT_LIST_HEAD(&dp->dl_perclnt); 835 INIT_LIST_HEAD(&dp->dl_recall_lru); 836 dp->dl_clnt_odstate = odstate; 837 get_clnt_odstate(odstate); 838 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 839 dp->dl_retries = 1; 840 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client, 841 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL); 842 get_nfs4_file(fp); 843 dp->dl_stid.sc_file = fp; 844 return dp; 845 out_dec: 846 atomic_long_dec(&num_delegations); 847 return NULL; 848 } 849 850 void 851 nfs4_put_stid(struct nfs4_stid *s) 852 { 853 struct nfs4_file *fp = s->sc_file; 854 struct nfs4_client *clp = s->sc_client; 855 856 might_lock(&clp->cl_lock); 857 858 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 859 wake_up_all(&close_wq); 860 return; 861 } 862 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 863 spin_unlock(&clp->cl_lock); 864 s->sc_free(s); 865 if (fp) 866 put_nfs4_file(fp); 867 } 868 869 void 870 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid) 871 { 872 stateid_t *src = &stid->sc_stateid; 873 874 spin_lock(&stid->sc_lock); 875 if (unlikely(++src->si_generation == 0)) 876 src->si_generation = 1; 877 memcpy(dst, src, sizeof(*dst)); 878 spin_unlock(&stid->sc_lock); 879 } 880 881 static void put_deleg_file(struct nfs4_file *fp) 882 { 883 struct file *filp = NULL; 884 885 spin_lock(&fp->fi_lock); 886 if (--fp->fi_delegees == 0) 887 swap(filp, fp->fi_deleg_file); 888 spin_unlock(&fp->fi_lock); 889 890 if (filp) 891 fput(filp); 892 } 893 894 static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp) 895 { 896 struct nfs4_file *fp = dp->dl_stid.sc_file; 897 struct file *filp = fp->fi_deleg_file; 898 899 WARN_ON_ONCE(!fp->fi_delegees); 900 901 vfs_setlease(filp, F_UNLCK, NULL, (void **)&dp); 902 put_deleg_file(fp); 903 } 904 905 static void destroy_unhashed_deleg(struct nfs4_delegation *dp) 906 { 907 put_clnt_odstate(dp->dl_clnt_odstate); 908 nfs4_unlock_deleg_lease(dp); 909 nfs4_put_stid(&dp->dl_stid); 910 } 911 912 void nfs4_unhash_stid(struct nfs4_stid *s) 913 { 914 s->sc_type = 0; 915 } 916 917 /** 918 * nfs4_delegation_exists - Discover if this delegation already exists 919 * @clp: a pointer to the nfs4_client we're granting a delegation to 920 * @fp: a pointer to the nfs4_file we're granting a delegation on 921 * 922 * Return: 923 * On success: true iff an existing delegation is found 924 */ 925 926 static bool 927 nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp) 928 { 929 struct nfs4_delegation *searchdp = NULL; 930 struct nfs4_client *searchclp = NULL; 931 932 lockdep_assert_held(&state_lock); 933 lockdep_assert_held(&fp->fi_lock); 934 935 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) { 936 searchclp = searchdp->dl_stid.sc_client; 937 if (clp == searchclp) { 938 return true; 939 } 940 } 941 return false; 942 } 943 944 /** 945 * hash_delegation_locked - Add a delegation to the appropriate lists 946 * @dp: a pointer to the nfs4_delegation we are adding. 947 * @fp: a pointer to the nfs4_file we're granting a delegation on 948 * 949 * Return: 950 * On success: NULL if the delegation was successfully hashed. 951 * 952 * On error: -EAGAIN if one was previously granted to this 953 * nfs4_client for this nfs4_file. Delegation is not hashed. 954 * 955 */ 956 957 static int 958 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 959 { 960 struct nfs4_client *clp = dp->dl_stid.sc_client; 961 962 lockdep_assert_held(&state_lock); 963 lockdep_assert_held(&fp->fi_lock); 964 965 if (nfs4_delegation_exists(clp, fp)) 966 return -EAGAIN; 967 refcount_inc(&dp->dl_stid.sc_count); 968 dp->dl_stid.sc_type = NFS4_DELEG_STID; 969 list_add(&dp->dl_perfile, &fp->fi_delegations); 970 list_add(&dp->dl_perclnt, &clp->cl_delegations); 971 return 0; 972 } 973 974 static bool 975 unhash_delegation_locked(struct nfs4_delegation *dp) 976 { 977 struct nfs4_file *fp = dp->dl_stid.sc_file; 978 979 lockdep_assert_held(&state_lock); 980 981 if (list_empty(&dp->dl_perfile)) 982 return false; 983 984 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 985 /* Ensure that deleg break won't try to requeue it */ 986 ++dp->dl_time; 987 spin_lock(&fp->fi_lock); 988 list_del_init(&dp->dl_perclnt); 989 list_del_init(&dp->dl_recall_lru); 990 list_del_init(&dp->dl_perfile); 991 spin_unlock(&fp->fi_lock); 992 return true; 993 } 994 995 static void destroy_delegation(struct nfs4_delegation *dp) 996 { 997 bool unhashed; 998 999 spin_lock(&state_lock); 1000 unhashed = unhash_delegation_locked(dp); 1001 spin_unlock(&state_lock); 1002 if (unhashed) 1003 destroy_unhashed_deleg(dp); 1004 } 1005 1006 static void revoke_delegation(struct nfs4_delegation *dp) 1007 { 1008 struct nfs4_client *clp = dp->dl_stid.sc_client; 1009 1010 WARN_ON(!list_empty(&dp->dl_recall_lru)); 1011 1012 if (clp->cl_minorversion) { 1013 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 1014 refcount_inc(&dp->dl_stid.sc_count); 1015 spin_lock(&clp->cl_lock); 1016 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 1017 spin_unlock(&clp->cl_lock); 1018 } 1019 destroy_unhashed_deleg(dp); 1020 } 1021 1022 /* 1023 * SETCLIENTID state 1024 */ 1025 1026 static unsigned int clientid_hashval(u32 id) 1027 { 1028 return id & CLIENT_HASH_MASK; 1029 } 1030 1031 static unsigned int clientstr_hashval(const char *name) 1032 { 1033 return opaque_hashval(name, 8) & CLIENT_HASH_MASK; 1034 } 1035 1036 /* 1037 * We store the NONE, READ, WRITE, and BOTH bits separately in the 1038 * st_{access,deny}_bmap field of the stateid, in order to track not 1039 * only what share bits are currently in force, but also what 1040 * combinations of share bits previous opens have used. This allows us 1041 * to enforce the recommendation of rfc 3530 14.2.19 that the server 1042 * return an error if the client attempt to downgrade to a combination 1043 * of share bits not explicable by closing some of its previous opens. 1044 * 1045 * XXX: This enforcement is actually incomplete, since we don't keep 1046 * track of access/deny bit combinations; so, e.g., we allow: 1047 * 1048 * OPEN allow read, deny write 1049 * OPEN allow both, deny none 1050 * DOWNGRADE allow read, deny none 1051 * 1052 * which we should reject. 1053 */ 1054 static unsigned int 1055 bmap_to_share_mode(unsigned long bmap) { 1056 int i; 1057 unsigned int access = 0; 1058 1059 for (i = 1; i < 4; i++) { 1060 if (test_bit(i, &bmap)) 1061 access |= i; 1062 } 1063 return access; 1064 } 1065 1066 /* set share access for a given stateid */ 1067 static inline void 1068 set_access(u32 access, struct nfs4_ol_stateid *stp) 1069 { 1070 unsigned char mask = 1 << access; 1071 1072 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1073 stp->st_access_bmap |= mask; 1074 } 1075 1076 /* clear share access for a given stateid */ 1077 static inline void 1078 clear_access(u32 access, struct nfs4_ol_stateid *stp) 1079 { 1080 unsigned char mask = 1 << access; 1081 1082 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 1083 stp->st_access_bmap &= ~mask; 1084 } 1085 1086 /* test whether a given stateid has access */ 1087 static inline bool 1088 test_access(u32 access, struct nfs4_ol_stateid *stp) 1089 { 1090 unsigned char mask = 1 << access; 1091 1092 return (bool)(stp->st_access_bmap & mask); 1093 } 1094 1095 /* set share deny for a given stateid */ 1096 static inline void 1097 set_deny(u32 deny, struct nfs4_ol_stateid *stp) 1098 { 1099 unsigned char mask = 1 << deny; 1100 1101 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1102 stp->st_deny_bmap |= mask; 1103 } 1104 1105 /* clear share deny for a given stateid */ 1106 static inline void 1107 clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 1108 { 1109 unsigned char mask = 1 << deny; 1110 1111 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 1112 stp->st_deny_bmap &= ~mask; 1113 } 1114 1115 /* test whether a given stateid is denying specific access */ 1116 static inline bool 1117 test_deny(u32 deny, struct nfs4_ol_stateid *stp) 1118 { 1119 unsigned char mask = 1 << deny; 1120 1121 return (bool)(stp->st_deny_bmap & mask); 1122 } 1123 1124 static int nfs4_access_to_omode(u32 access) 1125 { 1126 switch (access & NFS4_SHARE_ACCESS_BOTH) { 1127 case NFS4_SHARE_ACCESS_READ: 1128 return O_RDONLY; 1129 case NFS4_SHARE_ACCESS_WRITE: 1130 return O_WRONLY; 1131 case NFS4_SHARE_ACCESS_BOTH: 1132 return O_RDWR; 1133 } 1134 WARN_ON_ONCE(1); 1135 return O_RDONLY; 1136 } 1137 1138 /* 1139 * A stateid that had a deny mode associated with it is being released 1140 * or downgraded. Recalculate the deny mode on the file. 1141 */ 1142 static void 1143 recalculate_deny_mode(struct nfs4_file *fp) 1144 { 1145 struct nfs4_ol_stateid *stp; 1146 1147 spin_lock(&fp->fi_lock); 1148 fp->fi_share_deny = 0; 1149 list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 1150 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 1151 spin_unlock(&fp->fi_lock); 1152 } 1153 1154 static void 1155 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 1156 { 1157 int i; 1158 bool change = false; 1159 1160 for (i = 1; i < 4; i++) { 1161 if ((i & deny) != i) { 1162 change = true; 1163 clear_deny(i, stp); 1164 } 1165 } 1166 1167 /* Recalculate per-file deny mode if there was a change */ 1168 if (change) 1169 recalculate_deny_mode(stp->st_stid.sc_file); 1170 } 1171 1172 /* release all access and file references for a given stateid */ 1173 static void 1174 release_all_access(struct nfs4_ol_stateid *stp) 1175 { 1176 int i; 1177 struct nfs4_file *fp = stp->st_stid.sc_file; 1178 1179 if (fp && stp->st_deny_bmap != 0) 1180 recalculate_deny_mode(fp); 1181 1182 for (i = 1; i < 4; i++) { 1183 if (test_access(i, stp)) 1184 nfs4_file_put_access(stp->st_stid.sc_file, i); 1185 clear_access(i, stp); 1186 } 1187 } 1188 1189 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop) 1190 { 1191 kfree(sop->so_owner.data); 1192 sop->so_ops->so_free(sop); 1193 } 1194 1195 static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 1196 { 1197 struct nfs4_client *clp = sop->so_client; 1198 1199 might_lock(&clp->cl_lock); 1200 1201 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 1202 return; 1203 sop->so_ops->so_unhash(sop); 1204 spin_unlock(&clp->cl_lock); 1205 nfs4_free_stateowner(sop); 1206 } 1207 1208 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) 1209 { 1210 struct nfs4_file *fp = stp->st_stid.sc_file; 1211 1212 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 1213 1214 if (list_empty(&stp->st_perfile)) 1215 return false; 1216 1217 spin_lock(&fp->fi_lock); 1218 list_del_init(&stp->st_perfile); 1219 spin_unlock(&fp->fi_lock); 1220 list_del(&stp->st_perstateowner); 1221 return true; 1222 } 1223 1224 static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 1225 { 1226 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1227 1228 put_clnt_odstate(stp->st_clnt_odstate); 1229 release_all_access(stp); 1230 if (stp->st_stateowner) 1231 nfs4_put_stateowner(stp->st_stateowner); 1232 kmem_cache_free(stateid_slab, stid); 1233 } 1234 1235 static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 1236 { 1237 struct nfs4_ol_stateid *stp = openlockstateid(stid); 1238 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 1239 struct file *file; 1240 1241 file = find_any_file(stp->st_stid.sc_file); 1242 if (file) 1243 filp_close(file, (fl_owner_t)lo); 1244 nfs4_free_ol_stateid(stid); 1245 } 1246 1247 /* 1248 * Put the persistent reference to an already unhashed generic stateid, while 1249 * holding the cl_lock. If it's the last reference, then put it onto the 1250 * reaplist for later destruction. 1251 */ 1252 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 1253 struct list_head *reaplist) 1254 { 1255 struct nfs4_stid *s = &stp->st_stid; 1256 struct nfs4_client *clp = s->sc_client; 1257 1258 lockdep_assert_held(&clp->cl_lock); 1259 1260 WARN_ON_ONCE(!list_empty(&stp->st_locks)); 1261 1262 if (!refcount_dec_and_test(&s->sc_count)) { 1263 wake_up_all(&close_wq); 1264 return; 1265 } 1266 1267 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 1268 list_add(&stp->st_locks, reaplist); 1269 } 1270 1271 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) 1272 { 1273 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1274 1275 list_del_init(&stp->st_locks); 1276 nfs4_unhash_stid(&stp->st_stid); 1277 return unhash_ol_stateid(stp); 1278 } 1279 1280 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 1281 { 1282 struct nfs4_client *clp = stp->st_stid.sc_client; 1283 bool unhashed; 1284 1285 spin_lock(&clp->cl_lock); 1286 unhashed = unhash_lock_stateid(stp); 1287 spin_unlock(&clp->cl_lock); 1288 if (unhashed) 1289 nfs4_put_stid(&stp->st_stid); 1290 } 1291 1292 static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 1293 { 1294 struct nfs4_client *clp = lo->lo_owner.so_client; 1295 1296 lockdep_assert_held(&clp->cl_lock); 1297 1298 list_del_init(&lo->lo_owner.so_strhash); 1299 } 1300 1301 /* 1302 * Free a list of generic stateids that were collected earlier after being 1303 * fully unhashed. 1304 */ 1305 static void 1306 free_ol_stateid_reaplist(struct list_head *reaplist) 1307 { 1308 struct nfs4_ol_stateid *stp; 1309 struct nfs4_file *fp; 1310 1311 might_sleep(); 1312 1313 while (!list_empty(reaplist)) { 1314 stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 1315 st_locks); 1316 list_del(&stp->st_locks); 1317 fp = stp->st_stid.sc_file; 1318 stp->st_stid.sc_free(&stp->st_stid); 1319 if (fp) 1320 put_nfs4_file(fp); 1321 } 1322 } 1323 1324 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 1325 struct list_head *reaplist) 1326 { 1327 struct nfs4_ol_stateid *stp; 1328 1329 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); 1330 1331 while (!list_empty(&open_stp->st_locks)) { 1332 stp = list_entry(open_stp->st_locks.next, 1333 struct nfs4_ol_stateid, st_locks); 1334 WARN_ON(!unhash_lock_stateid(stp)); 1335 put_ol_stateid_locked(stp, reaplist); 1336 } 1337 } 1338 1339 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, 1340 struct list_head *reaplist) 1341 { 1342 bool unhashed; 1343 1344 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 1345 1346 unhashed = unhash_ol_stateid(stp); 1347 release_open_stateid_locks(stp, reaplist); 1348 return unhashed; 1349 } 1350 1351 static void release_open_stateid(struct nfs4_ol_stateid *stp) 1352 { 1353 LIST_HEAD(reaplist); 1354 1355 spin_lock(&stp->st_stid.sc_client->cl_lock); 1356 if (unhash_open_stateid(stp, &reaplist)) 1357 put_ol_stateid_locked(stp, &reaplist); 1358 spin_unlock(&stp->st_stid.sc_client->cl_lock); 1359 free_ol_stateid_reaplist(&reaplist); 1360 } 1361 1362 static void unhash_openowner_locked(struct nfs4_openowner *oo) 1363 { 1364 struct nfs4_client *clp = oo->oo_owner.so_client; 1365 1366 lockdep_assert_held(&clp->cl_lock); 1367 1368 list_del_init(&oo->oo_owner.so_strhash); 1369 list_del_init(&oo->oo_perclient); 1370 } 1371 1372 static void release_last_closed_stateid(struct nfs4_openowner *oo) 1373 { 1374 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 1375 nfsd_net_id); 1376 struct nfs4_ol_stateid *s; 1377 1378 spin_lock(&nn->client_lock); 1379 s = oo->oo_last_closed_stid; 1380 if (s) { 1381 list_del_init(&oo->oo_close_lru); 1382 oo->oo_last_closed_stid = NULL; 1383 } 1384 spin_unlock(&nn->client_lock); 1385 if (s) 1386 nfs4_put_stid(&s->st_stid); 1387 } 1388 1389 static void release_openowner(struct nfs4_openowner *oo) 1390 { 1391 struct nfs4_ol_stateid *stp; 1392 struct nfs4_client *clp = oo->oo_owner.so_client; 1393 struct list_head reaplist; 1394 1395 INIT_LIST_HEAD(&reaplist); 1396 1397 spin_lock(&clp->cl_lock); 1398 unhash_openowner_locked(oo); 1399 while (!list_empty(&oo->oo_owner.so_stateids)) { 1400 stp = list_first_entry(&oo->oo_owner.so_stateids, 1401 struct nfs4_ol_stateid, st_perstateowner); 1402 if (unhash_open_stateid(stp, &reaplist)) 1403 put_ol_stateid_locked(stp, &reaplist); 1404 } 1405 spin_unlock(&clp->cl_lock); 1406 free_ol_stateid_reaplist(&reaplist); 1407 release_last_closed_stateid(oo); 1408 nfs4_put_stateowner(&oo->oo_owner); 1409 } 1410 1411 static inline int 1412 hash_sessionid(struct nfs4_sessionid *sessionid) 1413 { 1414 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid; 1415 1416 return sid->sequence % SESSION_HASH_SIZE; 1417 } 1418 1419 #ifdef CONFIG_SUNRPC_DEBUG 1420 static inline void 1421 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1422 { 1423 u32 *ptr = (u32 *)(&sessionid->data[0]); 1424 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]); 1425 } 1426 #else 1427 static inline void 1428 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid) 1429 { 1430 } 1431 #endif 1432 1433 /* 1434 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it 1435 * won't be used for replay. 1436 */ 1437 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr) 1438 { 1439 struct nfs4_stateowner *so = cstate->replay_owner; 1440 1441 if (nfserr == nfserr_replay_me) 1442 return; 1443 1444 if (!seqid_mutating_err(ntohl(nfserr))) { 1445 nfsd4_cstate_clear_replay(cstate); 1446 return; 1447 } 1448 if (!so) 1449 return; 1450 if (so->so_is_open_owner) 1451 release_last_closed_stateid(openowner(so)); 1452 so->so_seqid++; 1453 return; 1454 } 1455 1456 static void 1457 gen_sessionid(struct nfsd4_session *ses) 1458 { 1459 struct nfs4_client *clp = ses->se_client; 1460 struct nfsd4_sessionid *sid; 1461 1462 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data; 1463 sid->clientid = clp->cl_clientid; 1464 sid->sequence = current_sessionid++; 1465 sid->reserved = 0; 1466 } 1467 1468 /* 1469 * The protocol defines ca_maxresponssize_cached to include the size of 1470 * the rpc header, but all we need to cache is the data starting after 1471 * the end of the initial SEQUENCE operation--the rest we regenerate 1472 * each time. Therefore we can advertise a ca_maxresponssize_cached 1473 * value that is the number of bytes in our cache plus a few additional 1474 * bytes. In order to stay on the safe side, and not promise more than 1475 * we can cache, those additional bytes must be the minimum possible: 24 1476 * bytes of rpc header (xid through accept state, with AUTH_NULL 1477 * verifier), 12 for the compound header (with zero-length tag), and 44 1478 * for the SEQUENCE op response: 1479 */ 1480 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44) 1481 1482 static void 1483 free_session_slots(struct nfsd4_session *ses) 1484 { 1485 int i; 1486 1487 for (i = 0; i < ses->se_fchannel.maxreqs; i++) { 1488 free_svc_cred(&ses->se_slots[i]->sl_cred); 1489 kfree(ses->se_slots[i]); 1490 } 1491 } 1492 1493 /* 1494 * We don't actually need to cache the rpc and session headers, so we 1495 * can allocate a little less for each slot: 1496 */ 1497 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca) 1498 { 1499 u32 size; 1500 1501 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ) 1502 size = 0; 1503 else 1504 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ; 1505 return size + sizeof(struct nfsd4_slot); 1506 } 1507 1508 /* 1509 * XXX: If we run out of reserved DRC memory we could (up to a point) 1510 * re-negotiate active sessions and reduce their slot usage to make 1511 * room for new connections. For now we just fail the create session. 1512 */ 1513 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca) 1514 { 1515 u32 slotsize = slot_bytes(ca); 1516 u32 num = ca->maxreqs; 1517 int avail; 1518 1519 spin_lock(&nfsd_drc_lock); 1520 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, 1521 nfsd_drc_max_mem - nfsd_drc_mem_used); 1522 /* 1523 * Never use more than a third of the remaining memory, 1524 * unless it's the only way to give this client a slot: 1525 */ 1526 avail = clamp_t(int, avail, slotsize, avail/3); 1527 num = min_t(int, num, avail / slotsize); 1528 nfsd_drc_mem_used += num * slotsize; 1529 spin_unlock(&nfsd_drc_lock); 1530 1531 return num; 1532 } 1533 1534 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca) 1535 { 1536 int slotsize = slot_bytes(ca); 1537 1538 spin_lock(&nfsd_drc_lock); 1539 nfsd_drc_mem_used -= slotsize * ca->maxreqs; 1540 spin_unlock(&nfsd_drc_lock); 1541 } 1542 1543 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs, 1544 struct nfsd4_channel_attrs *battrs) 1545 { 1546 int numslots = fattrs->maxreqs; 1547 int slotsize = slot_bytes(fattrs); 1548 struct nfsd4_session *new; 1549 int mem, i; 1550 1551 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *) 1552 + sizeof(struct nfsd4_session) > PAGE_SIZE); 1553 mem = numslots * sizeof(struct nfsd4_slot *); 1554 1555 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL); 1556 if (!new) 1557 return NULL; 1558 /* allocate each struct nfsd4_slot and data cache in one piece */ 1559 for (i = 0; i < numslots; i++) { 1560 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL); 1561 if (!new->se_slots[i]) 1562 goto out_free; 1563 } 1564 1565 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs)); 1566 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs)); 1567 1568 return new; 1569 out_free: 1570 while (i--) 1571 kfree(new->se_slots[i]); 1572 kfree(new); 1573 return NULL; 1574 } 1575 1576 static void free_conn(struct nfsd4_conn *c) 1577 { 1578 svc_xprt_put(c->cn_xprt); 1579 kfree(c); 1580 } 1581 1582 static void nfsd4_conn_lost(struct svc_xpt_user *u) 1583 { 1584 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user); 1585 struct nfs4_client *clp = c->cn_session->se_client; 1586 1587 spin_lock(&clp->cl_lock); 1588 if (!list_empty(&c->cn_persession)) { 1589 list_del(&c->cn_persession); 1590 free_conn(c); 1591 } 1592 nfsd4_probe_callback(clp); 1593 spin_unlock(&clp->cl_lock); 1594 } 1595 1596 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags) 1597 { 1598 struct nfsd4_conn *conn; 1599 1600 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL); 1601 if (!conn) 1602 return NULL; 1603 svc_xprt_get(rqstp->rq_xprt); 1604 conn->cn_xprt = rqstp->rq_xprt; 1605 conn->cn_flags = flags; 1606 INIT_LIST_HEAD(&conn->cn_xpt_user.list); 1607 return conn; 1608 } 1609 1610 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1611 { 1612 conn->cn_session = ses; 1613 list_add(&conn->cn_persession, &ses->se_conns); 1614 } 1615 1616 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses) 1617 { 1618 struct nfs4_client *clp = ses->se_client; 1619 1620 spin_lock(&clp->cl_lock); 1621 __nfsd4_hash_conn(conn, ses); 1622 spin_unlock(&clp->cl_lock); 1623 } 1624 1625 static int nfsd4_register_conn(struct nfsd4_conn *conn) 1626 { 1627 conn->cn_xpt_user.callback = nfsd4_conn_lost; 1628 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user); 1629 } 1630 1631 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses) 1632 { 1633 int ret; 1634 1635 nfsd4_hash_conn(conn, ses); 1636 ret = nfsd4_register_conn(conn); 1637 if (ret) 1638 /* oops; xprt is already down: */ 1639 nfsd4_conn_lost(&conn->cn_xpt_user); 1640 /* We may have gained or lost a callback channel: */ 1641 nfsd4_probe_callback_sync(ses->se_client); 1642 } 1643 1644 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) 1645 { 1646 u32 dir = NFS4_CDFC4_FORE; 1647 1648 if (cses->flags & SESSION4_BACK_CHAN) 1649 dir |= NFS4_CDFC4_BACK; 1650 return alloc_conn(rqstp, dir); 1651 } 1652 1653 /* must be called under client_lock */ 1654 static void nfsd4_del_conns(struct nfsd4_session *s) 1655 { 1656 struct nfs4_client *clp = s->se_client; 1657 struct nfsd4_conn *c; 1658 1659 spin_lock(&clp->cl_lock); 1660 while (!list_empty(&s->se_conns)) { 1661 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession); 1662 list_del_init(&c->cn_persession); 1663 spin_unlock(&clp->cl_lock); 1664 1665 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user); 1666 free_conn(c); 1667 1668 spin_lock(&clp->cl_lock); 1669 } 1670 spin_unlock(&clp->cl_lock); 1671 } 1672 1673 static void __free_session(struct nfsd4_session *ses) 1674 { 1675 free_session_slots(ses); 1676 kfree(ses); 1677 } 1678 1679 static void free_session(struct nfsd4_session *ses) 1680 { 1681 nfsd4_del_conns(ses); 1682 nfsd4_put_drc_mem(&ses->se_fchannel); 1683 __free_session(ses); 1684 } 1685 1686 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses) 1687 { 1688 int idx; 1689 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 1690 1691 new->se_client = clp; 1692 gen_sessionid(new); 1693 1694 INIT_LIST_HEAD(&new->se_conns); 1695 1696 new->se_cb_seq_nr = 1; 1697 new->se_flags = cses->flags; 1698 new->se_cb_prog = cses->callback_prog; 1699 new->se_cb_sec = cses->cb_sec; 1700 atomic_set(&new->se_ref, 0); 1701 idx = hash_sessionid(&new->se_sessionid); 1702 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1703 spin_lock(&clp->cl_lock); 1704 list_add(&new->se_perclnt, &clp->cl_sessions); 1705 spin_unlock(&clp->cl_lock); 1706 1707 { 1708 struct sockaddr *sa = svc_addr(rqstp); 1709 /* 1710 * This is a little silly; with sessions there's no real 1711 * use for the callback address. Use the peer address 1712 * as a reasonable default for now, but consider fixing 1713 * the rpc client not to require an address in the 1714 * future: 1715 */ 1716 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa); 1717 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa); 1718 } 1719 } 1720 1721 /* caller must hold client_lock */ 1722 static struct nfsd4_session * 1723 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1724 { 1725 struct nfsd4_session *elem; 1726 int idx; 1727 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1728 1729 lockdep_assert_held(&nn->client_lock); 1730 1731 dump_sessionid(__func__, sessionid); 1732 idx = hash_sessionid(sessionid); 1733 /* Search in the appropriate list */ 1734 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) { 1735 if (!memcmp(elem->se_sessionid.data, sessionid->data, 1736 NFS4_MAX_SESSIONID_LEN)) { 1737 return elem; 1738 } 1739 } 1740 1741 dprintk("%s: session not found\n", __func__); 1742 return NULL; 1743 } 1744 1745 static struct nfsd4_session * 1746 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1747 __be32 *ret) 1748 { 1749 struct nfsd4_session *session; 1750 __be32 status = nfserr_badsession; 1751 1752 session = __find_in_sessionid_hashtbl(sessionid, net); 1753 if (!session) 1754 goto out; 1755 status = nfsd4_get_session_locked(session); 1756 if (status) 1757 session = NULL; 1758 out: 1759 *ret = status; 1760 return session; 1761 } 1762 1763 /* caller must hold client_lock */ 1764 static void 1765 unhash_session(struct nfsd4_session *ses) 1766 { 1767 struct nfs4_client *clp = ses->se_client; 1768 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1769 1770 lockdep_assert_held(&nn->client_lock); 1771 1772 list_del(&ses->se_hash); 1773 spin_lock(&ses->se_client->cl_lock); 1774 list_del(&ses->se_perclnt); 1775 spin_unlock(&ses->se_client->cl_lock); 1776 } 1777 1778 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */ 1779 static int 1780 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn) 1781 { 1782 /* 1783 * We're assuming the clid was not given out from a boot 1784 * precisely 2^32 (about 136 years) before this one. That seems 1785 * a safe assumption: 1786 */ 1787 if (clid->cl_boot == (u32)nn->boot_time) 1788 return 0; 1789 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n", 1790 clid->cl_boot, clid->cl_id, nn->boot_time); 1791 return 1; 1792 } 1793 1794 /* 1795 * XXX Should we use a slab cache ? 1796 * This type of memory management is somewhat inefficient, but we use it 1797 * anyway since SETCLIENTID is not a common operation. 1798 */ 1799 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1800 { 1801 struct nfs4_client *clp; 1802 int i; 1803 1804 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL); 1805 if (clp == NULL) 1806 return NULL; 1807 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1808 if (clp->cl_name.data == NULL) 1809 goto err_no_name; 1810 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE, 1811 sizeof(struct list_head), 1812 GFP_KERNEL); 1813 if (!clp->cl_ownerstr_hashtbl) 1814 goto err_no_hashtbl; 1815 for (i = 0; i < OWNER_HASH_SIZE; i++) 1816 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1817 clp->cl_name.len = name.len; 1818 INIT_LIST_HEAD(&clp->cl_sessions); 1819 idr_init(&clp->cl_stateids); 1820 atomic_set(&clp->cl_refcount, 0); 1821 clp->cl_cb_state = NFSD4_CB_UNKNOWN; 1822 INIT_LIST_HEAD(&clp->cl_idhash); 1823 INIT_LIST_HEAD(&clp->cl_openowners); 1824 INIT_LIST_HEAD(&clp->cl_delegations); 1825 INIT_LIST_HEAD(&clp->cl_lru); 1826 INIT_LIST_HEAD(&clp->cl_revoked); 1827 #ifdef CONFIG_NFSD_PNFS 1828 INIT_LIST_HEAD(&clp->cl_lo_states); 1829 #endif 1830 spin_lock_init(&clp->cl_lock); 1831 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1832 return clp; 1833 err_no_hashtbl: 1834 kfree(clp->cl_name.data); 1835 err_no_name: 1836 kmem_cache_free(client_slab, clp); 1837 return NULL; 1838 } 1839 1840 static void 1841 free_client(struct nfs4_client *clp) 1842 { 1843 while (!list_empty(&clp->cl_sessions)) { 1844 struct nfsd4_session *ses; 1845 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, 1846 se_perclnt); 1847 list_del(&ses->se_perclnt); 1848 WARN_ON_ONCE(atomic_read(&ses->se_ref)); 1849 free_session(ses); 1850 } 1851 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1852 free_svc_cred(&clp->cl_cred); 1853 kfree(clp->cl_ownerstr_hashtbl); 1854 kfree(clp->cl_name.data); 1855 idr_destroy(&clp->cl_stateids); 1856 kmem_cache_free(client_slab, clp); 1857 } 1858 1859 /* must be called under the client_lock */ 1860 static void 1861 unhash_client_locked(struct nfs4_client *clp) 1862 { 1863 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1864 struct nfsd4_session *ses; 1865 1866 lockdep_assert_held(&nn->client_lock); 1867 1868 /* Mark the client as expired! */ 1869 clp->cl_time = 0; 1870 /* Make it invisible */ 1871 if (!list_empty(&clp->cl_idhash)) { 1872 list_del_init(&clp->cl_idhash); 1873 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1874 rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1875 else 1876 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1877 } 1878 list_del_init(&clp->cl_lru); 1879 spin_lock(&clp->cl_lock); 1880 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1881 list_del_init(&ses->se_hash); 1882 spin_unlock(&clp->cl_lock); 1883 } 1884 1885 static void 1886 unhash_client(struct nfs4_client *clp) 1887 { 1888 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1889 1890 spin_lock(&nn->client_lock); 1891 unhash_client_locked(clp); 1892 spin_unlock(&nn->client_lock); 1893 } 1894 1895 static __be32 mark_client_expired_locked(struct nfs4_client *clp) 1896 { 1897 if (atomic_read(&clp->cl_refcount)) 1898 return nfserr_jukebox; 1899 unhash_client_locked(clp); 1900 return nfs_ok; 1901 } 1902 1903 static void 1904 __destroy_client(struct nfs4_client *clp) 1905 { 1906 int i; 1907 struct nfs4_openowner *oo; 1908 struct nfs4_delegation *dp; 1909 struct list_head reaplist; 1910 1911 INIT_LIST_HEAD(&reaplist); 1912 spin_lock(&state_lock); 1913 while (!list_empty(&clp->cl_delegations)) { 1914 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1915 WARN_ON(!unhash_delegation_locked(dp)); 1916 list_add(&dp->dl_recall_lru, &reaplist); 1917 } 1918 spin_unlock(&state_lock); 1919 while (!list_empty(&reaplist)) { 1920 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1921 list_del_init(&dp->dl_recall_lru); 1922 destroy_unhashed_deleg(dp); 1923 } 1924 while (!list_empty(&clp->cl_revoked)) { 1925 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru); 1926 list_del_init(&dp->dl_recall_lru); 1927 nfs4_put_stid(&dp->dl_stid); 1928 } 1929 while (!list_empty(&clp->cl_openowners)) { 1930 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1931 nfs4_get_stateowner(&oo->oo_owner); 1932 release_openowner(oo); 1933 } 1934 for (i = 0; i < OWNER_HASH_SIZE; i++) { 1935 struct nfs4_stateowner *so, *tmp; 1936 1937 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i], 1938 so_strhash) { 1939 /* Should be no openowners at this point */ 1940 WARN_ON_ONCE(so->so_is_open_owner); 1941 remove_blocked_locks(lockowner(so)); 1942 } 1943 } 1944 nfsd4_return_all_client_layouts(clp); 1945 nfsd4_shutdown_callback(clp); 1946 if (clp->cl_cb_conn.cb_xprt) 1947 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1948 free_client(clp); 1949 } 1950 1951 static void 1952 destroy_client(struct nfs4_client *clp) 1953 { 1954 unhash_client(clp); 1955 __destroy_client(clp); 1956 } 1957 1958 static void expire_client(struct nfs4_client *clp) 1959 { 1960 unhash_client(clp); 1961 nfsd4_client_record_remove(clp); 1962 __destroy_client(clp); 1963 } 1964 1965 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) 1966 { 1967 memcpy(target->cl_verifier.data, source->data, 1968 sizeof(target->cl_verifier.data)); 1969 } 1970 1971 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source) 1972 { 1973 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 1974 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 1975 } 1976 1977 static int copy_cred(struct svc_cred *target, struct svc_cred *source) 1978 { 1979 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL); 1980 target->cr_raw_principal = kstrdup(source->cr_raw_principal, 1981 GFP_KERNEL); 1982 if ((source->cr_principal && ! target->cr_principal) || 1983 (source->cr_raw_principal && ! target->cr_raw_principal)) 1984 return -ENOMEM; 1985 1986 target->cr_flavor = source->cr_flavor; 1987 target->cr_uid = source->cr_uid; 1988 target->cr_gid = source->cr_gid; 1989 target->cr_group_info = source->cr_group_info; 1990 get_group_info(target->cr_group_info); 1991 target->cr_gss_mech = source->cr_gss_mech; 1992 if (source->cr_gss_mech) 1993 gss_mech_get(source->cr_gss_mech); 1994 return 0; 1995 } 1996 1997 static int 1998 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2) 1999 { 2000 if (o1->len < o2->len) 2001 return -1; 2002 if (o1->len > o2->len) 2003 return 1; 2004 return memcmp(o1->data, o2->data, o1->len); 2005 } 2006 2007 static int same_name(const char *n1, const char *n2) 2008 { 2009 return 0 == memcmp(n1, n2, HEXDIR_LEN); 2010 } 2011 2012 static int 2013 same_verf(nfs4_verifier *v1, nfs4_verifier *v2) 2014 { 2015 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data)); 2016 } 2017 2018 static int 2019 same_clid(clientid_t *cl1, clientid_t *cl2) 2020 { 2021 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id); 2022 } 2023 2024 static bool groups_equal(struct group_info *g1, struct group_info *g2) 2025 { 2026 int i; 2027 2028 if (g1->ngroups != g2->ngroups) 2029 return false; 2030 for (i=0; i<g1->ngroups; i++) 2031 if (!gid_eq(g1->gid[i], g2->gid[i])) 2032 return false; 2033 return true; 2034 } 2035 2036 /* 2037 * RFC 3530 language requires clid_inuse be returned when the 2038 * "principal" associated with a requests differs from that previously 2039 * used. We use uid, gid's, and gss principal string as our best 2040 * approximation. We also don't want to allow non-gss use of a client 2041 * established using gss: in theory cr_principal should catch that 2042 * change, but in practice cr_principal can be null even in the gss case 2043 * since gssd doesn't always pass down a principal string. 2044 */ 2045 static bool is_gss_cred(struct svc_cred *cr) 2046 { 2047 /* Is cr_flavor one of the gss "pseudoflavors"?: */ 2048 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR); 2049 } 2050 2051 2052 static bool 2053 same_creds(struct svc_cred *cr1, struct svc_cred *cr2) 2054 { 2055 if ((is_gss_cred(cr1) != is_gss_cred(cr2)) 2056 || (!uid_eq(cr1->cr_uid, cr2->cr_uid)) 2057 || (!gid_eq(cr1->cr_gid, cr2->cr_gid)) 2058 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info)) 2059 return false; 2060 if (cr1->cr_principal == cr2->cr_principal) 2061 return true; 2062 if (!cr1->cr_principal || !cr2->cr_principal) 2063 return false; 2064 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal); 2065 } 2066 2067 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp) 2068 { 2069 struct svc_cred *cr = &rqstp->rq_cred; 2070 u32 service; 2071 2072 if (!cr->cr_gss_mech) 2073 return false; 2074 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor); 2075 return service == RPC_GSS_SVC_INTEGRITY || 2076 service == RPC_GSS_SVC_PRIVACY; 2077 } 2078 2079 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp) 2080 { 2081 struct svc_cred *cr = &rqstp->rq_cred; 2082 2083 if (!cl->cl_mach_cred) 2084 return true; 2085 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech) 2086 return false; 2087 if (!svc_rqst_integrity_protected(rqstp)) 2088 return false; 2089 if (cl->cl_cred.cr_raw_principal) 2090 return 0 == strcmp(cl->cl_cred.cr_raw_principal, 2091 cr->cr_raw_principal); 2092 if (!cr->cr_principal) 2093 return false; 2094 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 2095 } 2096 2097 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 2098 { 2099 __be32 verf[2]; 2100 2101 /* 2102 * This is opaque to client, so no need to byte-swap. Use 2103 * __force to keep sparse happy 2104 */ 2105 verf[0] = (__force __be32)get_seconds(); 2106 verf[1] = (__force __be32)nn->clverifier_counter++; 2107 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 2108 } 2109 2110 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 2111 { 2112 clp->cl_clientid.cl_boot = nn->boot_time; 2113 clp->cl_clientid.cl_id = nn->clientid_counter++; 2114 gen_confirm(clp, nn); 2115 } 2116 2117 static struct nfs4_stid * 2118 find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 2119 { 2120 struct nfs4_stid *ret; 2121 2122 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id); 2123 if (!ret || !ret->sc_type) 2124 return NULL; 2125 return ret; 2126 } 2127 2128 static struct nfs4_stid * 2129 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 2130 { 2131 struct nfs4_stid *s; 2132 2133 spin_lock(&cl->cl_lock); 2134 s = find_stateid_locked(cl, t); 2135 if (s != NULL) { 2136 if (typemask & s->sc_type) 2137 refcount_inc(&s->sc_count); 2138 else 2139 s = NULL; 2140 } 2141 spin_unlock(&cl->cl_lock); 2142 return s; 2143 } 2144 2145 static struct nfs4_client *create_client(struct xdr_netobj name, 2146 struct svc_rqst *rqstp, nfs4_verifier *verf) 2147 { 2148 struct nfs4_client *clp; 2149 struct sockaddr *sa = svc_addr(rqstp); 2150 int ret; 2151 struct net *net = SVC_NET(rqstp); 2152 2153 clp = alloc_client(name); 2154 if (clp == NULL) 2155 return NULL; 2156 2157 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 2158 if (ret) { 2159 free_client(clp); 2160 return NULL; 2161 } 2162 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL); 2163 clp->cl_time = get_seconds(); 2164 clear_bit(0, &clp->cl_cb_slot_busy); 2165 copy_verf(clp, verf); 2166 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 2167 clp->cl_cb_session = NULL; 2168 clp->net = net; 2169 return clp; 2170 } 2171 2172 static void 2173 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root) 2174 { 2175 struct rb_node **new = &(root->rb_node), *parent = NULL; 2176 struct nfs4_client *clp; 2177 2178 while (*new) { 2179 clp = rb_entry(*new, struct nfs4_client, cl_namenode); 2180 parent = *new; 2181 2182 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0) 2183 new = &((*new)->rb_left); 2184 else 2185 new = &((*new)->rb_right); 2186 } 2187 2188 rb_link_node(&new_clp->cl_namenode, parent, new); 2189 rb_insert_color(&new_clp->cl_namenode, root); 2190 } 2191 2192 static struct nfs4_client * 2193 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root) 2194 { 2195 int cmp; 2196 struct rb_node *node = root->rb_node; 2197 struct nfs4_client *clp; 2198 2199 while (node) { 2200 clp = rb_entry(node, struct nfs4_client, cl_namenode); 2201 cmp = compare_blob(&clp->cl_name, name); 2202 if (cmp > 0) 2203 node = node->rb_left; 2204 else if (cmp < 0) 2205 node = node->rb_right; 2206 else 2207 return clp; 2208 } 2209 return NULL; 2210 } 2211 2212 static void 2213 add_to_unconfirmed(struct nfs4_client *clp) 2214 { 2215 unsigned int idhashval; 2216 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2217 2218 lockdep_assert_held(&nn->client_lock); 2219 2220 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2221 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 2222 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2223 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 2224 renew_client_locked(clp); 2225 } 2226 2227 static void 2228 move_to_confirmed(struct nfs4_client *clp) 2229 { 2230 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 2231 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2232 2233 lockdep_assert_held(&nn->client_lock); 2234 2235 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 2236 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 2237 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 2238 add_clp_to_name_tree(clp, &nn->conf_name_tree); 2239 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 2240 renew_client_locked(clp); 2241 } 2242 2243 static struct nfs4_client * 2244 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions) 2245 { 2246 struct nfs4_client *clp; 2247 unsigned int idhashval = clientid_hashval(clid->cl_id); 2248 2249 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) { 2250 if (same_clid(&clp->cl_clientid, clid)) { 2251 if ((bool)clp->cl_minorversion != sessions) 2252 return NULL; 2253 renew_client_locked(clp); 2254 return clp; 2255 } 2256 } 2257 return NULL; 2258 } 2259 2260 static struct nfs4_client * 2261 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2262 { 2263 struct list_head *tbl = nn->conf_id_hashtbl; 2264 2265 lockdep_assert_held(&nn->client_lock); 2266 return find_client_in_id_table(tbl, clid, sessions); 2267 } 2268 2269 static struct nfs4_client * 2270 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn) 2271 { 2272 struct list_head *tbl = nn->unconf_id_hashtbl; 2273 2274 lockdep_assert_held(&nn->client_lock); 2275 return find_client_in_id_table(tbl, clid, sessions); 2276 } 2277 2278 static bool clp_used_exchangeid(struct nfs4_client *clp) 2279 { 2280 return clp->cl_exchange_flags != 0; 2281 } 2282 2283 static struct nfs4_client * 2284 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2285 { 2286 lockdep_assert_held(&nn->client_lock); 2287 return find_clp_in_name_tree(name, &nn->conf_name_tree); 2288 } 2289 2290 static struct nfs4_client * 2291 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 2292 { 2293 lockdep_assert_held(&nn->client_lock); 2294 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 2295 } 2296 2297 static void 2298 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp) 2299 { 2300 struct nfs4_cb_conn *conn = &clp->cl_cb_conn; 2301 struct sockaddr *sa = svc_addr(rqstp); 2302 u32 scopeid = rpc_get_scope_id(sa); 2303 unsigned short expected_family; 2304 2305 /* Currently, we only support tcp and tcp6 for the callback channel */ 2306 if (se->se_callback_netid_len == 3 && 2307 !memcmp(se->se_callback_netid_val, "tcp", 3)) 2308 expected_family = AF_INET; 2309 else if (se->se_callback_netid_len == 4 && 2310 !memcmp(se->se_callback_netid_val, "tcp6", 4)) 2311 expected_family = AF_INET6; 2312 else 2313 goto out_err; 2314 2315 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val, 2316 se->se_callback_addr_len, 2317 (struct sockaddr *)&conn->cb_addr, 2318 sizeof(conn->cb_addr)); 2319 2320 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family) 2321 goto out_err; 2322 2323 if (conn->cb_addr.ss_family == AF_INET6) 2324 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid; 2325 2326 conn->cb_prog = se->se_callback_prog; 2327 conn->cb_ident = se->se_callback_ident; 2328 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen); 2329 return; 2330 out_err: 2331 conn->cb_addr.ss_family = AF_UNSPEC; 2332 conn->cb_addrlen = 0; 2333 dprintk("NFSD: this client (clientid %08x/%08x) " 2334 "will not receive delegations\n", 2335 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id); 2336 2337 return; 2338 } 2339 2340 /* 2341 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2342 */ 2343 static void 2344 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2345 { 2346 struct xdr_buf *buf = resp->xdr.buf; 2347 struct nfsd4_slot *slot = resp->cstate.slot; 2348 unsigned int base; 2349 2350 dprintk("--> %s slot %p\n", __func__, slot); 2351 2352 slot->sl_flags |= NFSD4_SLOT_INITIALIZED; 2353 slot->sl_opcnt = resp->opcnt; 2354 slot->sl_status = resp->cstate.status; 2355 free_svc_cred(&slot->sl_cred); 2356 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred); 2357 2358 if (!nfsd4_cache_this(resp)) { 2359 slot->sl_flags &= ~NFSD4_SLOT_CACHED; 2360 return; 2361 } 2362 slot->sl_flags |= NFSD4_SLOT_CACHED; 2363 2364 base = resp->cstate.data_offset; 2365 slot->sl_datalen = buf->len - base; 2366 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen)) 2367 WARN(1, "%s: sessions DRC could not cache compound\n", 2368 __func__); 2369 return; 2370 } 2371 2372 /* 2373 * Encode the replay sequence operation from the slot values. 2374 * If cachethis is FALSE encode the uncached rep error on the next 2375 * operation which sets resp->p and increments resp->opcnt for 2376 * nfs4svc_encode_compoundres. 2377 * 2378 */ 2379 static __be32 2380 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args, 2381 struct nfsd4_compoundres *resp) 2382 { 2383 struct nfsd4_op *op; 2384 struct nfsd4_slot *slot = resp->cstate.slot; 2385 2386 /* Encode the replayed sequence operation */ 2387 op = &args->ops[resp->opcnt - 1]; 2388 nfsd4_encode_operation(resp, op); 2389 2390 if (slot->sl_flags & NFSD4_SLOT_CACHED) 2391 return op->status; 2392 if (args->opcnt == 1) { 2393 /* 2394 * The original operation wasn't a solo sequence--we 2395 * always cache those--so this retry must not match the 2396 * original: 2397 */ 2398 op->status = nfserr_seq_false_retry; 2399 } else { 2400 op = &args->ops[resp->opcnt++]; 2401 op->status = nfserr_retry_uncached_rep; 2402 nfsd4_encode_operation(resp, op); 2403 } 2404 return op->status; 2405 } 2406 2407 /* 2408 * The sequence operation is not cached because we can use the slot and 2409 * session values. 2410 */ 2411 static __be32 2412 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp, 2413 struct nfsd4_sequence *seq) 2414 { 2415 struct nfsd4_slot *slot = resp->cstate.slot; 2416 struct xdr_stream *xdr = &resp->xdr; 2417 __be32 *p; 2418 __be32 status; 2419 2420 dprintk("--> %s slot %p\n", __func__, slot); 2421 2422 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp); 2423 if (status) 2424 return status; 2425 2426 p = xdr_reserve_space(xdr, slot->sl_datalen); 2427 if (!p) { 2428 WARN_ON_ONCE(1); 2429 return nfserr_serverfault; 2430 } 2431 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen); 2432 xdr_commit_encode(xdr); 2433 2434 resp->opcnt = slot->sl_opcnt; 2435 return slot->sl_status; 2436 } 2437 2438 /* 2439 * Set the exchange_id flags returned by the server. 2440 */ 2441 static void 2442 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid) 2443 { 2444 #ifdef CONFIG_NFSD_PNFS 2445 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS; 2446 #else 2447 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS; 2448 #endif 2449 2450 /* Referrals are supported, Migration is not. */ 2451 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER; 2452 2453 /* set the wire flags to return to client. */ 2454 clid->flags = new->cl_exchange_flags; 2455 } 2456 2457 static bool client_has_openowners(struct nfs4_client *clp) 2458 { 2459 struct nfs4_openowner *oo; 2460 2461 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) { 2462 if (!list_empty(&oo->oo_owner.so_stateids)) 2463 return true; 2464 } 2465 return false; 2466 } 2467 2468 static bool client_has_state(struct nfs4_client *clp) 2469 { 2470 return client_has_openowners(clp) 2471 #ifdef CONFIG_NFSD_PNFS 2472 || !list_empty(&clp->cl_lo_states) 2473 #endif 2474 || !list_empty(&clp->cl_delegations) 2475 || !list_empty(&clp->cl_sessions); 2476 } 2477 2478 __be32 2479 nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 2480 union nfsd4_op_u *u) 2481 { 2482 struct nfsd4_exchange_id *exid = &u->exchange_id; 2483 struct nfs4_client *conf, *new; 2484 struct nfs4_client *unconf = NULL; 2485 __be32 status; 2486 char addr_str[INET6_ADDRSTRLEN]; 2487 nfs4_verifier verf = exid->verifier; 2488 struct sockaddr *sa = svc_addr(rqstp); 2489 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A; 2490 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2491 2492 rpc_ntop(sa, addr_str, sizeof(addr_str)); 2493 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p " 2494 "ip_addr=%s flags %x, spa_how %d\n", 2495 __func__, rqstp, exid, exid->clname.len, exid->clname.data, 2496 addr_str, exid->flags, exid->spa_how); 2497 2498 if (exid->flags & ~EXCHGID4_FLAG_MASK_A) 2499 return nfserr_inval; 2500 2501 new = create_client(exid->clname, rqstp, &verf); 2502 if (new == NULL) 2503 return nfserr_jukebox; 2504 2505 switch (exid->spa_how) { 2506 case SP4_MACH_CRED: 2507 exid->spo_must_enforce[0] = 0; 2508 exid->spo_must_enforce[1] = ( 2509 1 << (OP_BIND_CONN_TO_SESSION - 32) | 2510 1 << (OP_EXCHANGE_ID - 32) | 2511 1 << (OP_CREATE_SESSION - 32) | 2512 1 << (OP_DESTROY_SESSION - 32) | 2513 1 << (OP_DESTROY_CLIENTID - 32)); 2514 2515 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) | 2516 1 << (OP_OPEN_DOWNGRADE) | 2517 1 << (OP_LOCKU) | 2518 1 << (OP_DELEGRETURN)); 2519 2520 exid->spo_must_allow[1] &= ( 2521 1 << (OP_TEST_STATEID - 32) | 2522 1 << (OP_FREE_STATEID - 32)); 2523 if (!svc_rqst_integrity_protected(rqstp)) { 2524 status = nfserr_inval; 2525 goto out_nolock; 2526 } 2527 /* 2528 * Sometimes userspace doesn't give us a principal. 2529 * Which is a bug, really. Anyway, we can't enforce 2530 * MACH_CRED in that case, better to give up now: 2531 */ 2532 if (!new->cl_cred.cr_principal && 2533 !new->cl_cred.cr_raw_principal) { 2534 status = nfserr_serverfault; 2535 goto out_nolock; 2536 } 2537 new->cl_mach_cred = true; 2538 case SP4_NONE: 2539 break; 2540 default: /* checked by xdr code */ 2541 WARN_ON_ONCE(1); 2542 case SP4_SSV: 2543 status = nfserr_encr_alg_unsupp; 2544 goto out_nolock; 2545 } 2546 2547 /* Cases below refer to rfc 5661 section 18.35.4: */ 2548 spin_lock(&nn->client_lock); 2549 conf = find_confirmed_client_by_name(&exid->clname, nn); 2550 if (conf) { 2551 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); 2552 bool verfs_match = same_verf(&verf, &conf->cl_verifier); 2553 2554 if (update) { 2555 if (!clp_used_exchangeid(conf)) { /* buggy client */ 2556 status = nfserr_inval; 2557 goto out; 2558 } 2559 if (!nfsd4_mach_creds_match(conf, rqstp)) { 2560 status = nfserr_wrong_cred; 2561 goto out; 2562 } 2563 if (!creds_match) { /* case 9 */ 2564 status = nfserr_perm; 2565 goto out; 2566 } 2567 if (!verfs_match) { /* case 8 */ 2568 status = nfserr_not_same; 2569 goto out; 2570 } 2571 /* case 6 */ 2572 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 2573 goto out_copy; 2574 } 2575 if (!creds_match) { /* case 3 */ 2576 if (client_has_state(conf)) { 2577 status = nfserr_clid_inuse; 2578 goto out; 2579 } 2580 goto out_new; 2581 } 2582 if (verfs_match) { /* case 2 */ 2583 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 2584 goto out_copy; 2585 } 2586 /* case 5, client reboot */ 2587 conf = NULL; 2588 goto out_new; 2589 } 2590 2591 if (update) { /* case 7 */ 2592 status = nfserr_noent; 2593 goto out; 2594 } 2595 2596 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 2597 if (unconf) /* case 4, possible retry or client restart */ 2598 unhash_client_locked(unconf); 2599 2600 /* case 1 (normal case) */ 2601 out_new: 2602 if (conf) { 2603 status = mark_client_expired_locked(conf); 2604 if (status) 2605 goto out; 2606 } 2607 new->cl_minorversion = cstate->minorversion; 2608 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0]; 2609 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1]; 2610 2611 gen_clid(new, nn); 2612 add_to_unconfirmed(new); 2613 swap(new, conf); 2614 out_copy: 2615 exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 2616 exid->clientid.cl_id = conf->cl_clientid.cl_id; 2617 2618 exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 2619 nfsd4_set_ex_flags(conf, exid); 2620 2621 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 2622 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 2623 status = nfs_ok; 2624 2625 out: 2626 spin_unlock(&nn->client_lock); 2627 out_nolock: 2628 if (new) 2629 expire_client(new); 2630 if (unconf) 2631 expire_client(unconf); 2632 return status; 2633 } 2634 2635 static __be32 2636 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse) 2637 { 2638 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid, 2639 slot_seqid); 2640 2641 /* The slot is in use, and no response has been sent. */ 2642 if (slot_inuse) { 2643 if (seqid == slot_seqid) 2644 return nfserr_jukebox; 2645 else 2646 return nfserr_seq_misordered; 2647 } 2648 /* Note unsigned 32-bit arithmetic handles wraparound: */ 2649 if (likely(seqid == slot_seqid + 1)) 2650 return nfs_ok; 2651 if (seqid == slot_seqid) 2652 return nfserr_replay_cache; 2653 return nfserr_seq_misordered; 2654 } 2655 2656 /* 2657 * Cache the create session result into the create session single DRC 2658 * slot cache by saving the xdr structure. sl_seqid has been set. 2659 * Do this for solo or embedded create session operations. 2660 */ 2661 static void 2662 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses, 2663 struct nfsd4_clid_slot *slot, __be32 nfserr) 2664 { 2665 slot->sl_status = nfserr; 2666 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses)); 2667 } 2668 2669 static __be32 2670 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses, 2671 struct nfsd4_clid_slot *slot) 2672 { 2673 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses)); 2674 return slot->sl_status; 2675 } 2676 2677 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\ 2678 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \ 2679 1 + /* MIN tag is length with zero, only length */ \ 2680 3 + /* version, opcount, opcode */ \ 2681 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2682 /* seqid, slotID, slotID, cache */ \ 2683 4 ) * sizeof(__be32)) 2684 2685 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\ 2686 2 + /* verifier: AUTH_NULL, length 0 */\ 2687 1 + /* status */ \ 2688 1 + /* MIN tag is length with zero, only length */ \ 2689 3 + /* opcount, opcode, opstatus*/ \ 2690 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \ 2691 /* seqid, slotID, slotID, slotID, status */ \ 2692 5 ) * sizeof(__be32)) 2693 2694 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn) 2695 { 2696 u32 maxrpc = nn->nfsd_serv->sv_max_mesg; 2697 2698 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ) 2699 return nfserr_toosmall; 2700 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ) 2701 return nfserr_toosmall; 2702 ca->headerpadsz = 0; 2703 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc); 2704 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc); 2705 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND); 2706 ca->maxresp_cached = min_t(u32, ca->maxresp_cached, 2707 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ); 2708 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION); 2709 /* 2710 * Note decreasing slot size below client's request may make it 2711 * difficult for client to function correctly, whereas 2712 * decreasing the number of slots will (just?) affect 2713 * performance. When short on memory we therefore prefer to 2714 * decrease number of slots instead of their size. Clients that 2715 * request larger slots than they need will get poor results: 2716 */ 2717 ca->maxreqs = nfsd4_get_drc_mem(ca); 2718 if (!ca->maxreqs) 2719 return nfserr_jukebox; 2720 2721 return nfs_ok; 2722 } 2723 2724 /* 2725 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now. 2726 * These are based on similar macros in linux/sunrpc/msg_prot.h . 2727 */ 2728 #define RPC_MAX_HEADER_WITH_AUTH_SYS \ 2729 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK)) 2730 2731 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \ 2732 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK)) 2733 2734 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \ 2735 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32)) 2736 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \ 2737 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \ 2738 sizeof(__be32)) 2739 2740 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca) 2741 { 2742 ca->headerpadsz = 0; 2743 2744 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ) 2745 return nfserr_toosmall; 2746 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ) 2747 return nfserr_toosmall; 2748 ca->maxresp_cached = 0; 2749 if (ca->maxops < 2) 2750 return nfserr_toosmall; 2751 2752 return nfs_ok; 2753 } 2754 2755 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs) 2756 { 2757 switch (cbs->flavor) { 2758 case RPC_AUTH_NULL: 2759 case RPC_AUTH_UNIX: 2760 return nfs_ok; 2761 default: 2762 /* 2763 * GSS case: the spec doesn't allow us to return this 2764 * error. But it also doesn't allow us not to support 2765 * GSS. 2766 * I'd rather this fail hard than return some error the 2767 * client might think it can already handle: 2768 */ 2769 return nfserr_encr_alg_unsupp; 2770 } 2771 } 2772 2773 __be32 2774 nfsd4_create_session(struct svc_rqst *rqstp, 2775 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 2776 { 2777 struct nfsd4_create_session *cr_ses = &u->create_session; 2778 struct sockaddr *sa = svc_addr(rqstp); 2779 struct nfs4_client *conf, *unconf; 2780 struct nfs4_client *old = NULL; 2781 struct nfsd4_session *new; 2782 struct nfsd4_conn *conn; 2783 struct nfsd4_clid_slot *cs_slot = NULL; 2784 __be32 status = 0; 2785 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2786 2787 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A) 2788 return nfserr_inval; 2789 status = nfsd4_check_cb_sec(&cr_ses->cb_sec); 2790 if (status) 2791 return status; 2792 status = check_forechannel_attrs(&cr_ses->fore_channel, nn); 2793 if (status) 2794 return status; 2795 status = check_backchannel_attrs(&cr_ses->back_channel); 2796 if (status) 2797 goto out_release_drc_mem; 2798 status = nfserr_jukebox; 2799 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel); 2800 if (!new) 2801 goto out_release_drc_mem; 2802 conn = alloc_conn_from_crses(rqstp, cr_ses); 2803 if (!conn) 2804 goto out_free_session; 2805 2806 spin_lock(&nn->client_lock); 2807 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2808 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2809 WARN_ON_ONCE(conf && unconf); 2810 2811 if (conf) { 2812 status = nfserr_wrong_cred; 2813 if (!nfsd4_mach_creds_match(conf, rqstp)) 2814 goto out_free_conn; 2815 cs_slot = &conf->cl_cs_slot; 2816 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2817 if (status) { 2818 if (status == nfserr_replay_cache) 2819 status = nfsd4_replay_create_session(cr_ses, cs_slot); 2820 goto out_free_conn; 2821 } 2822 } else if (unconf) { 2823 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2824 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2825 status = nfserr_clid_inuse; 2826 goto out_free_conn; 2827 } 2828 status = nfserr_wrong_cred; 2829 if (!nfsd4_mach_creds_match(unconf, rqstp)) 2830 goto out_free_conn; 2831 cs_slot = &unconf->cl_cs_slot; 2832 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0); 2833 if (status) { 2834 /* an unconfirmed replay returns misordered */ 2835 status = nfserr_seq_misordered; 2836 goto out_free_conn; 2837 } 2838 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2839 if (old) { 2840 status = mark_client_expired_locked(old); 2841 if (status) { 2842 old = NULL; 2843 goto out_free_conn; 2844 } 2845 } 2846 move_to_confirmed(unconf); 2847 conf = unconf; 2848 } else { 2849 status = nfserr_stale_clientid; 2850 goto out_free_conn; 2851 } 2852 status = nfs_ok; 2853 /* Persistent sessions are not supported */ 2854 cr_ses->flags &= ~SESSION4_PERSIST; 2855 /* Upshifting from TCP to RDMA is not supported */ 2856 cr_ses->flags &= ~SESSION4_RDMA; 2857 2858 init_session(rqstp, new, conf, cr_ses); 2859 nfsd4_get_session_locked(new); 2860 2861 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2862 NFS4_MAX_SESSIONID_LEN); 2863 cs_slot->sl_seqid++; 2864 cr_ses->seqid = cs_slot->sl_seqid; 2865 2866 /* cache solo and embedded create sessions under the client_lock */ 2867 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2868 spin_unlock(&nn->client_lock); 2869 /* init connection and backchannel */ 2870 nfsd4_init_conn(rqstp, conn, new); 2871 nfsd4_put_session(new); 2872 if (old) 2873 expire_client(old); 2874 return status; 2875 out_free_conn: 2876 spin_unlock(&nn->client_lock); 2877 free_conn(conn); 2878 if (old) 2879 expire_client(old); 2880 out_free_session: 2881 __free_session(new); 2882 out_release_drc_mem: 2883 nfsd4_put_drc_mem(&cr_ses->fore_channel); 2884 return status; 2885 } 2886 2887 static __be32 nfsd4_map_bcts_dir(u32 *dir) 2888 { 2889 switch (*dir) { 2890 case NFS4_CDFC4_FORE: 2891 case NFS4_CDFC4_BACK: 2892 return nfs_ok; 2893 case NFS4_CDFC4_FORE_OR_BOTH: 2894 case NFS4_CDFC4_BACK_OR_BOTH: 2895 *dir = NFS4_CDFC4_BOTH; 2896 return nfs_ok; 2897 }; 2898 return nfserr_inval; 2899 } 2900 2901 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, 2902 struct nfsd4_compound_state *cstate, 2903 union nfsd4_op_u *u) 2904 { 2905 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl; 2906 struct nfsd4_session *session = cstate->session; 2907 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2908 __be32 status; 2909 2910 status = nfsd4_check_cb_sec(&bc->bc_cb_sec); 2911 if (status) 2912 return status; 2913 spin_lock(&nn->client_lock); 2914 session->se_cb_prog = bc->bc_cb_program; 2915 session->se_cb_sec = bc->bc_cb_sec; 2916 spin_unlock(&nn->client_lock); 2917 2918 nfsd4_probe_callback(session->se_client); 2919 2920 return nfs_ok; 2921 } 2922 2923 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp, 2924 struct nfsd4_compound_state *cstate, 2925 union nfsd4_op_u *u) 2926 { 2927 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session; 2928 __be32 status; 2929 struct nfsd4_conn *conn; 2930 struct nfsd4_session *session; 2931 struct net *net = SVC_NET(rqstp); 2932 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2933 2934 if (!nfsd4_last_compound_op(rqstp)) 2935 return nfserr_not_only_op; 2936 spin_lock(&nn->client_lock); 2937 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 2938 spin_unlock(&nn->client_lock); 2939 if (!session) 2940 goto out_no_session; 2941 status = nfserr_wrong_cred; 2942 if (!nfsd4_mach_creds_match(session->se_client, rqstp)) 2943 goto out; 2944 status = nfsd4_map_bcts_dir(&bcts->dir); 2945 if (status) 2946 goto out; 2947 conn = alloc_conn(rqstp, bcts->dir); 2948 status = nfserr_jukebox; 2949 if (!conn) 2950 goto out; 2951 nfsd4_init_conn(rqstp, conn, session); 2952 status = nfs_ok; 2953 out: 2954 nfsd4_put_session(session); 2955 out_no_session: 2956 return status; 2957 } 2958 2959 static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid) 2960 { 2961 if (!session) 2962 return false; 2963 return !memcmp(sid, &session->se_sessionid, sizeof(*sid)); 2964 } 2965 2966 __be32 2967 nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate, 2968 union nfsd4_op_u *u) 2969 { 2970 struct nfsd4_destroy_session *sessionid = &u->destroy_session; 2971 struct nfsd4_session *ses; 2972 __be32 status; 2973 int ref_held_by_me = 0; 2974 struct net *net = SVC_NET(r); 2975 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2976 2977 status = nfserr_not_only_op; 2978 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) { 2979 if (!nfsd4_last_compound_op(r)) 2980 goto out; 2981 ref_held_by_me++; 2982 } 2983 dump_sessionid(__func__, &sessionid->sessionid); 2984 spin_lock(&nn->client_lock); 2985 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status); 2986 if (!ses) 2987 goto out_client_lock; 2988 status = nfserr_wrong_cred; 2989 if (!nfsd4_mach_creds_match(ses->se_client, r)) 2990 goto out_put_session; 2991 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 2992 if (status) 2993 goto out_put_session; 2994 unhash_session(ses); 2995 spin_unlock(&nn->client_lock); 2996 2997 nfsd4_probe_callback_sync(ses->se_client); 2998 2999 spin_lock(&nn->client_lock); 3000 status = nfs_ok; 3001 out_put_session: 3002 nfsd4_put_session_locked(ses); 3003 out_client_lock: 3004 spin_unlock(&nn->client_lock); 3005 out: 3006 return status; 3007 } 3008 3009 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s) 3010 { 3011 struct nfsd4_conn *c; 3012 3013 list_for_each_entry(c, &s->se_conns, cn_persession) { 3014 if (c->cn_xprt == xpt) { 3015 return c; 3016 } 3017 } 3018 return NULL; 3019 } 3020 3021 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses) 3022 { 3023 struct nfs4_client *clp = ses->se_client; 3024 struct nfsd4_conn *c; 3025 __be32 status = nfs_ok; 3026 int ret; 3027 3028 spin_lock(&clp->cl_lock); 3029 c = __nfsd4_find_conn(new->cn_xprt, ses); 3030 if (c) 3031 goto out_free; 3032 status = nfserr_conn_not_bound_to_session; 3033 if (clp->cl_mach_cred) 3034 goto out_free; 3035 __nfsd4_hash_conn(new, ses); 3036 spin_unlock(&clp->cl_lock); 3037 ret = nfsd4_register_conn(new); 3038 if (ret) 3039 /* oops; xprt is already down: */ 3040 nfsd4_conn_lost(&new->cn_xpt_user); 3041 return nfs_ok; 3042 out_free: 3043 spin_unlock(&clp->cl_lock); 3044 free_conn(new); 3045 return status; 3046 } 3047 3048 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) 3049 { 3050 struct nfsd4_compoundargs *args = rqstp->rq_argp; 3051 3052 return args->opcnt > session->se_fchannel.maxops; 3053 } 3054 3055 static bool nfsd4_request_too_big(struct svc_rqst *rqstp, 3056 struct nfsd4_session *session) 3057 { 3058 struct xdr_buf *xb = &rqstp->rq_arg; 3059 3060 return xb->len > session->se_fchannel.maxreq_sz; 3061 } 3062 3063 static bool replay_matches_cache(struct svc_rqst *rqstp, 3064 struct nfsd4_sequence *seq, struct nfsd4_slot *slot) 3065 { 3066 struct nfsd4_compoundargs *argp = rqstp->rq_argp; 3067 3068 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) != 3069 (bool)seq->cachethis) 3070 return false; 3071 /* 3072 * If there's an error than the reply can have fewer ops than 3073 * the call. But if we cached a reply with *more* ops than the 3074 * call you're sending us now, then this new call is clearly not 3075 * really a replay of the old one: 3076 */ 3077 if (slot->sl_opcnt < argp->opcnt) 3078 return false; 3079 /* This is the only check explicitly called by spec: */ 3080 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred)) 3081 return false; 3082 /* 3083 * There may be more comparisons we could actually do, but the 3084 * spec doesn't require us to catch every case where the calls 3085 * don't match (that would require caching the call as well as 3086 * the reply), so we don't bother. 3087 */ 3088 return true; 3089 } 3090 3091 __be32 3092 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3093 union nfsd4_op_u *u) 3094 { 3095 struct nfsd4_sequence *seq = &u->sequence; 3096 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3097 struct xdr_stream *xdr = &resp->xdr; 3098 struct nfsd4_session *session; 3099 struct nfs4_client *clp; 3100 struct nfsd4_slot *slot; 3101 struct nfsd4_conn *conn; 3102 __be32 status; 3103 int buflen; 3104 struct net *net = SVC_NET(rqstp); 3105 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 3106 3107 if (resp->opcnt != 1) 3108 return nfserr_sequence_pos; 3109 3110 /* 3111 * Will be either used or freed by nfsd4_sequence_check_conn 3112 * below. 3113 */ 3114 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE); 3115 if (!conn) 3116 return nfserr_jukebox; 3117 3118 spin_lock(&nn->client_lock); 3119 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 3120 if (!session) 3121 goto out_no_session; 3122 clp = session->se_client; 3123 3124 status = nfserr_too_many_ops; 3125 if (nfsd4_session_too_many_ops(rqstp, session)) 3126 goto out_put_session; 3127 3128 status = nfserr_req_too_big; 3129 if (nfsd4_request_too_big(rqstp, session)) 3130 goto out_put_session; 3131 3132 status = nfserr_badslot; 3133 if (seq->slotid >= session->se_fchannel.maxreqs) 3134 goto out_put_session; 3135 3136 slot = session->se_slots[seq->slotid]; 3137 dprintk("%s: slotid %d\n", __func__, seq->slotid); 3138 3139 /* We do not negotiate the number of slots yet, so set the 3140 * maxslots to the session maxreqs which is used to encode 3141 * sr_highest_slotid and the sr_target_slot id to maxslots */ 3142 seq->maxslots = session->se_fchannel.maxreqs; 3143 3144 status = check_slot_seqid(seq->seqid, slot->sl_seqid, 3145 slot->sl_flags & NFSD4_SLOT_INUSE); 3146 if (status == nfserr_replay_cache) { 3147 status = nfserr_seq_misordered; 3148 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED)) 3149 goto out_put_session; 3150 status = nfserr_seq_false_retry; 3151 if (!replay_matches_cache(rqstp, seq, slot)) 3152 goto out_put_session; 3153 cstate->slot = slot; 3154 cstate->session = session; 3155 cstate->clp = clp; 3156 /* Return the cached reply status and set cstate->status 3157 * for nfsd4_proc_compound processing */ 3158 status = nfsd4_replay_cache_entry(resp, seq); 3159 cstate->status = nfserr_replay_cache; 3160 goto out; 3161 } 3162 if (status) 3163 goto out_put_session; 3164 3165 status = nfsd4_sequence_check_conn(conn, session); 3166 conn = NULL; 3167 if (status) 3168 goto out_put_session; 3169 3170 buflen = (seq->cachethis) ? 3171 session->se_fchannel.maxresp_cached : 3172 session->se_fchannel.maxresp_sz; 3173 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : 3174 nfserr_rep_too_big; 3175 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) 3176 goto out_put_session; 3177 svc_reserve(rqstp, buflen); 3178 3179 status = nfs_ok; 3180 /* Success! bump slot seqid */ 3181 slot->sl_seqid = seq->seqid; 3182 slot->sl_flags |= NFSD4_SLOT_INUSE; 3183 if (seq->cachethis) 3184 slot->sl_flags |= NFSD4_SLOT_CACHETHIS; 3185 else 3186 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS; 3187 3188 cstate->slot = slot; 3189 cstate->session = session; 3190 cstate->clp = clp; 3191 3192 out: 3193 switch (clp->cl_cb_state) { 3194 case NFSD4_CB_DOWN: 3195 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN; 3196 break; 3197 case NFSD4_CB_FAULT: 3198 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT; 3199 break; 3200 default: 3201 seq->status_flags = 0; 3202 } 3203 if (!list_empty(&clp->cl_revoked)) 3204 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED; 3205 out_no_session: 3206 if (conn) 3207 free_conn(conn); 3208 spin_unlock(&nn->client_lock); 3209 return status; 3210 out_put_session: 3211 nfsd4_put_session_locked(session); 3212 goto out_no_session; 3213 } 3214 3215 void 3216 nfsd4_sequence_done(struct nfsd4_compoundres *resp) 3217 { 3218 struct nfsd4_compound_state *cs = &resp->cstate; 3219 3220 if (nfsd4_has_session(cs)) { 3221 if (cs->status != nfserr_replay_cache) { 3222 nfsd4_store_cache_entry(resp); 3223 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 3224 } 3225 /* Drop session reference that was taken in nfsd4_sequence() */ 3226 nfsd4_put_session(cs->session); 3227 } else if (cs->clp) 3228 put_client_renew(cs->clp); 3229 } 3230 3231 __be32 3232 nfsd4_destroy_clientid(struct svc_rqst *rqstp, 3233 struct nfsd4_compound_state *cstate, 3234 union nfsd4_op_u *u) 3235 { 3236 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid; 3237 struct nfs4_client *conf, *unconf; 3238 struct nfs4_client *clp = NULL; 3239 __be32 status = 0; 3240 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3241 3242 spin_lock(&nn->client_lock); 3243 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 3244 conf = find_confirmed_client(&dc->clientid, true, nn); 3245 WARN_ON_ONCE(conf && unconf); 3246 3247 if (conf) { 3248 if (client_has_state(conf)) { 3249 status = nfserr_clientid_busy; 3250 goto out; 3251 } 3252 status = mark_client_expired_locked(conf); 3253 if (status) 3254 goto out; 3255 clp = conf; 3256 } else if (unconf) 3257 clp = unconf; 3258 else { 3259 status = nfserr_stale_clientid; 3260 goto out; 3261 } 3262 if (!nfsd4_mach_creds_match(clp, rqstp)) { 3263 clp = NULL; 3264 status = nfserr_wrong_cred; 3265 goto out; 3266 } 3267 unhash_client_locked(clp); 3268 out: 3269 spin_unlock(&nn->client_lock); 3270 if (clp) 3271 expire_client(clp); 3272 return status; 3273 } 3274 3275 __be32 3276 nfsd4_reclaim_complete(struct svc_rqst *rqstp, 3277 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 3278 { 3279 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete; 3280 __be32 status = 0; 3281 3282 if (rc->rca_one_fs) { 3283 if (!cstate->current_fh.fh_dentry) 3284 return nfserr_nofilehandle; 3285 /* 3286 * We don't take advantage of the rca_one_fs case. 3287 * That's OK, it's optional, we can safely ignore it. 3288 */ 3289 return nfs_ok; 3290 } 3291 3292 status = nfserr_complete_already; 3293 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 3294 &cstate->session->se_client->cl_flags)) 3295 goto out; 3296 3297 status = nfserr_stale_clientid; 3298 if (is_client_expired(cstate->session->se_client)) 3299 /* 3300 * The following error isn't really legal. 3301 * But we only get here if the client just explicitly 3302 * destroyed the client. Surely it no longer cares what 3303 * error it gets back on an operation for the dead 3304 * client. 3305 */ 3306 goto out; 3307 3308 status = nfs_ok; 3309 nfsd4_client_record_create(cstate->session->se_client); 3310 out: 3311 return status; 3312 } 3313 3314 __be32 3315 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 3316 union nfsd4_op_u *u) 3317 { 3318 struct nfsd4_setclientid *setclid = &u->setclientid; 3319 struct xdr_netobj clname = setclid->se_name; 3320 nfs4_verifier clverifier = setclid->se_verf; 3321 struct nfs4_client *conf, *new; 3322 struct nfs4_client *unconf = NULL; 3323 __be32 status; 3324 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3325 3326 new = create_client(clname, rqstp, &clverifier); 3327 if (new == NULL) 3328 return nfserr_jukebox; 3329 /* Cases below refer to rfc 3530 section 14.2.33: */ 3330 spin_lock(&nn->client_lock); 3331 conf = find_confirmed_client_by_name(&clname, nn); 3332 if (conf && client_has_state(conf)) { 3333 /* case 0: */ 3334 status = nfserr_clid_inuse; 3335 if (clp_used_exchangeid(conf)) 3336 goto out; 3337 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { 3338 char addr_str[INET6_ADDRSTRLEN]; 3339 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str, 3340 sizeof(addr_str)); 3341 dprintk("NFSD: setclientid: string in use by client " 3342 "at %s\n", addr_str); 3343 goto out; 3344 } 3345 } 3346 unconf = find_unconfirmed_client_by_name(&clname, nn); 3347 if (unconf) 3348 unhash_client_locked(unconf); 3349 if (conf && same_verf(&conf->cl_verifier, &clverifier)) { 3350 /* case 1: probable callback update */ 3351 copy_clid(new, conf); 3352 gen_confirm(new, nn); 3353 } else /* case 4 (new client) or cases 2, 3 (client reboot): */ 3354 gen_clid(new, nn); 3355 new->cl_minorversion = 0; 3356 gen_callback(new, setclid, rqstp); 3357 add_to_unconfirmed(new); 3358 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 3359 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 3360 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 3361 new = NULL; 3362 status = nfs_ok; 3363 out: 3364 spin_unlock(&nn->client_lock); 3365 if (new) 3366 free_client(new); 3367 if (unconf) 3368 expire_client(unconf); 3369 return status; 3370 } 3371 3372 3373 __be32 3374 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 3375 struct nfsd4_compound_state *cstate, 3376 union nfsd4_op_u *u) 3377 { 3378 struct nfsd4_setclientid_confirm *setclientid_confirm = 3379 &u->setclientid_confirm; 3380 struct nfs4_client *conf, *unconf; 3381 struct nfs4_client *old = NULL; 3382 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 3383 clientid_t * clid = &setclientid_confirm->sc_clientid; 3384 __be32 status; 3385 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 3386 3387 if (STALE_CLIENTID(clid, nn)) 3388 return nfserr_stale_clientid; 3389 3390 spin_lock(&nn->client_lock); 3391 conf = find_confirmed_client(clid, false, nn); 3392 unconf = find_unconfirmed_client(clid, false, nn); 3393 /* 3394 * We try hard to give out unique clientid's, so if we get an 3395 * attempt to confirm the same clientid with a different cred, 3396 * the client may be buggy; this should never happen. 3397 * 3398 * Nevertheless, RFC 7530 recommends INUSE for this case: 3399 */ 3400 status = nfserr_clid_inuse; 3401 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred)) 3402 goto out; 3403 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred)) 3404 goto out; 3405 /* cases below refer to rfc 3530 section 14.2.34: */ 3406 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) { 3407 if (conf && same_verf(&confirm, &conf->cl_confirm)) { 3408 /* case 2: probable retransmit */ 3409 status = nfs_ok; 3410 } else /* case 4: client hasn't noticed we rebooted yet? */ 3411 status = nfserr_stale_clientid; 3412 goto out; 3413 } 3414 status = nfs_ok; 3415 if (conf) { /* case 1: callback update */ 3416 old = unconf; 3417 unhash_client_locked(old); 3418 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3419 } else { /* case 3: normal case; new or rebooted client */ 3420 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 3421 if (old) { 3422 status = nfserr_clid_inuse; 3423 if (client_has_state(old) 3424 && !same_creds(&unconf->cl_cred, 3425 &old->cl_cred)) 3426 goto out; 3427 status = mark_client_expired_locked(old); 3428 if (status) { 3429 old = NULL; 3430 goto out; 3431 } 3432 } 3433 move_to_confirmed(unconf); 3434 conf = unconf; 3435 } 3436 get_client_locked(conf); 3437 spin_unlock(&nn->client_lock); 3438 nfsd4_probe_callback(conf); 3439 spin_lock(&nn->client_lock); 3440 put_client_renew_locked(conf); 3441 out: 3442 spin_unlock(&nn->client_lock); 3443 if (old) 3444 expire_client(old); 3445 return status; 3446 } 3447 3448 static struct nfs4_file *nfsd4_alloc_file(void) 3449 { 3450 return kmem_cache_alloc(file_slab, GFP_KERNEL); 3451 } 3452 3453 /* OPEN Share state helper functions */ 3454 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval, 3455 struct nfs4_file *fp) 3456 { 3457 lockdep_assert_held(&state_lock); 3458 3459 refcount_set(&fp->fi_ref, 1); 3460 spin_lock_init(&fp->fi_lock); 3461 INIT_LIST_HEAD(&fp->fi_stateids); 3462 INIT_LIST_HEAD(&fp->fi_delegations); 3463 INIT_LIST_HEAD(&fp->fi_clnt_odstate); 3464 fh_copy_shallow(&fp->fi_fhandle, fh); 3465 fp->fi_deleg_file = NULL; 3466 fp->fi_had_conflict = false; 3467 fp->fi_share_deny = 0; 3468 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 3469 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 3470 #ifdef CONFIG_NFSD_PNFS 3471 INIT_LIST_HEAD(&fp->fi_lo_states); 3472 atomic_set(&fp->fi_lo_recalls, 0); 3473 #endif 3474 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]); 3475 } 3476 3477 void 3478 nfsd4_free_slabs(void) 3479 { 3480 kmem_cache_destroy(client_slab); 3481 kmem_cache_destroy(openowner_slab); 3482 kmem_cache_destroy(lockowner_slab); 3483 kmem_cache_destroy(file_slab); 3484 kmem_cache_destroy(stateid_slab); 3485 kmem_cache_destroy(deleg_slab); 3486 kmem_cache_destroy(odstate_slab); 3487 } 3488 3489 int 3490 nfsd4_init_slabs(void) 3491 { 3492 client_slab = kmem_cache_create("nfsd4_clients", 3493 sizeof(struct nfs4_client), 0, 0, NULL); 3494 if (client_slab == NULL) 3495 goto out; 3496 openowner_slab = kmem_cache_create("nfsd4_openowners", 3497 sizeof(struct nfs4_openowner), 0, 0, NULL); 3498 if (openowner_slab == NULL) 3499 goto out_free_client_slab; 3500 lockowner_slab = kmem_cache_create("nfsd4_lockowners", 3501 sizeof(struct nfs4_lockowner), 0, 0, NULL); 3502 if (lockowner_slab == NULL) 3503 goto out_free_openowner_slab; 3504 file_slab = kmem_cache_create("nfsd4_files", 3505 sizeof(struct nfs4_file), 0, 0, NULL); 3506 if (file_slab == NULL) 3507 goto out_free_lockowner_slab; 3508 stateid_slab = kmem_cache_create("nfsd4_stateids", 3509 sizeof(struct nfs4_ol_stateid), 0, 0, NULL); 3510 if (stateid_slab == NULL) 3511 goto out_free_file_slab; 3512 deleg_slab = kmem_cache_create("nfsd4_delegations", 3513 sizeof(struct nfs4_delegation), 0, 0, NULL); 3514 if (deleg_slab == NULL) 3515 goto out_free_stateid_slab; 3516 odstate_slab = kmem_cache_create("nfsd4_odstate", 3517 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL); 3518 if (odstate_slab == NULL) 3519 goto out_free_deleg_slab; 3520 return 0; 3521 3522 out_free_deleg_slab: 3523 kmem_cache_destroy(deleg_slab); 3524 out_free_stateid_slab: 3525 kmem_cache_destroy(stateid_slab); 3526 out_free_file_slab: 3527 kmem_cache_destroy(file_slab); 3528 out_free_lockowner_slab: 3529 kmem_cache_destroy(lockowner_slab); 3530 out_free_openowner_slab: 3531 kmem_cache_destroy(openowner_slab); 3532 out_free_client_slab: 3533 kmem_cache_destroy(client_slab); 3534 out: 3535 dprintk("nfsd4: out of memory while initializing nfsv4\n"); 3536 return -ENOMEM; 3537 } 3538 3539 static void init_nfs4_replay(struct nfs4_replay *rp) 3540 { 3541 rp->rp_status = nfserr_serverfault; 3542 rp->rp_buflen = 0; 3543 rp->rp_buf = rp->rp_ibuf; 3544 mutex_init(&rp->rp_mutex); 3545 } 3546 3547 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 3548 struct nfs4_stateowner *so) 3549 { 3550 if (!nfsd4_has_session(cstate)) { 3551 mutex_lock(&so->so_replay.rp_mutex); 3552 cstate->replay_owner = nfs4_get_stateowner(so); 3553 } 3554 } 3555 3556 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 3557 { 3558 struct nfs4_stateowner *so = cstate->replay_owner; 3559 3560 if (so != NULL) { 3561 cstate->replay_owner = NULL; 3562 mutex_unlock(&so->so_replay.rp_mutex); 3563 nfs4_put_stateowner(so); 3564 } 3565 } 3566 3567 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) 3568 { 3569 struct nfs4_stateowner *sop; 3570 3571 sop = kmem_cache_alloc(slab, GFP_KERNEL); 3572 if (!sop) 3573 return NULL; 3574 3575 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL); 3576 if (!sop->so_owner.data) { 3577 kmem_cache_free(slab, sop); 3578 return NULL; 3579 } 3580 sop->so_owner.len = owner->len; 3581 3582 INIT_LIST_HEAD(&sop->so_stateids); 3583 sop->so_client = clp; 3584 init_nfs4_replay(&sop->so_replay); 3585 atomic_set(&sop->so_count, 1); 3586 return sop; 3587 } 3588 3589 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 3590 { 3591 lockdep_assert_held(&clp->cl_lock); 3592 3593 list_add(&oo->oo_owner.so_strhash, 3594 &clp->cl_ownerstr_hashtbl[strhashval]); 3595 list_add(&oo->oo_perclient, &clp->cl_openowners); 3596 } 3597 3598 static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 3599 { 3600 unhash_openowner_locked(openowner(so)); 3601 } 3602 3603 static void nfs4_free_openowner(struct nfs4_stateowner *so) 3604 { 3605 struct nfs4_openowner *oo = openowner(so); 3606 3607 kmem_cache_free(openowner_slab, oo); 3608 } 3609 3610 static const struct nfs4_stateowner_operations openowner_ops = { 3611 .so_unhash = nfs4_unhash_openowner, 3612 .so_free = nfs4_free_openowner, 3613 }; 3614 3615 static struct nfs4_ol_stateid * 3616 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3617 { 3618 struct nfs4_ol_stateid *local, *ret = NULL; 3619 struct nfs4_openowner *oo = open->op_openowner; 3620 3621 lockdep_assert_held(&fp->fi_lock); 3622 3623 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3624 /* ignore lock owners */ 3625 if (local->st_stateowner->so_is_open_owner == 0) 3626 continue; 3627 if (local->st_stateowner != &oo->oo_owner) 3628 continue; 3629 if (local->st_stid.sc_type == NFS4_OPEN_STID) { 3630 ret = local; 3631 refcount_inc(&ret->st_stid.sc_count); 3632 break; 3633 } 3634 } 3635 return ret; 3636 } 3637 3638 static __be32 3639 nfsd4_verify_open_stid(struct nfs4_stid *s) 3640 { 3641 __be32 ret = nfs_ok; 3642 3643 switch (s->sc_type) { 3644 default: 3645 break; 3646 case 0: 3647 case NFS4_CLOSED_STID: 3648 case NFS4_CLOSED_DELEG_STID: 3649 ret = nfserr_bad_stateid; 3650 break; 3651 case NFS4_REVOKED_DELEG_STID: 3652 ret = nfserr_deleg_revoked; 3653 } 3654 return ret; 3655 } 3656 3657 /* Lock the stateid st_mutex, and deal with races with CLOSE */ 3658 static __be32 3659 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp) 3660 { 3661 __be32 ret; 3662 3663 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX); 3664 ret = nfsd4_verify_open_stid(&stp->st_stid); 3665 if (ret != nfs_ok) 3666 mutex_unlock(&stp->st_mutex); 3667 return ret; 3668 } 3669 3670 static struct nfs4_ol_stateid * 3671 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3672 { 3673 struct nfs4_ol_stateid *stp; 3674 for (;;) { 3675 spin_lock(&fp->fi_lock); 3676 stp = nfsd4_find_existing_open(fp, open); 3677 spin_unlock(&fp->fi_lock); 3678 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok) 3679 break; 3680 nfs4_put_stid(&stp->st_stid); 3681 } 3682 return stp; 3683 } 3684 3685 static struct nfs4_openowner * 3686 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 3687 struct nfsd4_compound_state *cstate) 3688 { 3689 struct nfs4_client *clp = cstate->clp; 3690 struct nfs4_openowner *oo, *ret; 3691 3692 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 3693 if (!oo) 3694 return NULL; 3695 oo->oo_owner.so_ops = &openowner_ops; 3696 oo->oo_owner.so_is_open_owner = 1; 3697 oo->oo_owner.so_seqid = open->op_seqid; 3698 oo->oo_flags = 0; 3699 if (nfsd4_has_session(cstate)) 3700 oo->oo_flags |= NFS4_OO_CONFIRMED; 3701 oo->oo_time = 0; 3702 oo->oo_last_closed_stid = NULL; 3703 INIT_LIST_HEAD(&oo->oo_close_lru); 3704 spin_lock(&clp->cl_lock); 3705 ret = find_openstateowner_str_locked(strhashval, open, clp); 3706 if (ret == NULL) { 3707 hash_openowner(oo, clp, strhashval); 3708 ret = oo; 3709 } else 3710 nfs4_free_stateowner(&oo->oo_owner); 3711 3712 spin_unlock(&clp->cl_lock); 3713 return ret; 3714 } 3715 3716 static struct nfs4_ol_stateid * 3717 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open) 3718 { 3719 3720 struct nfs4_openowner *oo = open->op_openowner; 3721 struct nfs4_ol_stateid *retstp = NULL; 3722 struct nfs4_ol_stateid *stp; 3723 3724 stp = open->op_stp; 3725 /* We are moving these outside of the spinlocks to avoid the warnings */ 3726 mutex_init(&stp->st_mutex); 3727 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 3728 3729 retry: 3730 spin_lock(&oo->oo_owner.so_client->cl_lock); 3731 spin_lock(&fp->fi_lock); 3732 3733 retstp = nfsd4_find_existing_open(fp, open); 3734 if (retstp) 3735 goto out_unlock; 3736 3737 open->op_stp = NULL; 3738 refcount_inc(&stp->st_stid.sc_count); 3739 stp->st_stid.sc_type = NFS4_OPEN_STID; 3740 INIT_LIST_HEAD(&stp->st_locks); 3741 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner); 3742 get_nfs4_file(fp); 3743 stp->st_stid.sc_file = fp; 3744 stp->st_access_bmap = 0; 3745 stp->st_deny_bmap = 0; 3746 stp->st_openstp = NULL; 3747 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 3748 list_add(&stp->st_perfile, &fp->fi_stateids); 3749 3750 out_unlock: 3751 spin_unlock(&fp->fi_lock); 3752 spin_unlock(&oo->oo_owner.so_client->cl_lock); 3753 if (retstp) { 3754 /* Handle races with CLOSE */ 3755 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 3756 nfs4_put_stid(&retstp->st_stid); 3757 goto retry; 3758 } 3759 /* To keep mutex tracking happy */ 3760 mutex_unlock(&stp->st_mutex); 3761 stp = retstp; 3762 } 3763 return stp; 3764 } 3765 3766 /* 3767 * In the 4.0 case we need to keep the owners around a little while to handle 3768 * CLOSE replay. We still do need to release any file access that is held by 3769 * them before returning however. 3770 */ 3771 static void 3772 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 3773 { 3774 struct nfs4_ol_stateid *last; 3775 struct nfs4_openowner *oo = openowner(s->st_stateowner); 3776 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 3777 nfsd_net_id); 3778 3779 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 3780 3781 /* 3782 * We know that we hold one reference via nfsd4_close, and another 3783 * "persistent" reference for the client. If the refcount is higher 3784 * than 2, then there are still calls in progress that are using this 3785 * stateid. We can't put the sc_file reference until they are finished. 3786 * Wait for the refcount to drop to 2. Since it has been unhashed, 3787 * there should be no danger of the refcount going back up again at 3788 * this point. 3789 */ 3790 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2); 3791 3792 release_all_access(s); 3793 if (s->st_stid.sc_file) { 3794 put_nfs4_file(s->st_stid.sc_file); 3795 s->st_stid.sc_file = NULL; 3796 } 3797 3798 spin_lock(&nn->client_lock); 3799 last = oo->oo_last_closed_stid; 3800 oo->oo_last_closed_stid = s; 3801 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 3802 oo->oo_time = get_seconds(); 3803 spin_unlock(&nn->client_lock); 3804 if (last) 3805 nfs4_put_stid(&last->st_stid); 3806 } 3807 3808 /* search file_hashtbl[] for file */ 3809 static struct nfs4_file * 3810 find_file_locked(struct knfsd_fh *fh, unsigned int hashval) 3811 { 3812 struct nfs4_file *fp; 3813 3814 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) { 3815 if (fh_match(&fp->fi_fhandle, fh)) { 3816 if (refcount_inc_not_zero(&fp->fi_ref)) 3817 return fp; 3818 } 3819 } 3820 return NULL; 3821 } 3822 3823 struct nfs4_file * 3824 find_file(struct knfsd_fh *fh) 3825 { 3826 struct nfs4_file *fp; 3827 unsigned int hashval = file_hashval(fh); 3828 3829 rcu_read_lock(); 3830 fp = find_file_locked(fh, hashval); 3831 rcu_read_unlock(); 3832 return fp; 3833 } 3834 3835 static struct nfs4_file * 3836 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 3837 { 3838 struct nfs4_file *fp; 3839 unsigned int hashval = file_hashval(fh); 3840 3841 rcu_read_lock(); 3842 fp = find_file_locked(fh, hashval); 3843 rcu_read_unlock(); 3844 if (fp) 3845 return fp; 3846 3847 spin_lock(&state_lock); 3848 fp = find_file_locked(fh, hashval); 3849 if (likely(fp == NULL)) { 3850 nfsd4_init_file(fh, hashval, new); 3851 fp = new; 3852 } 3853 spin_unlock(&state_lock); 3854 3855 return fp; 3856 } 3857 3858 /* 3859 * Called to check deny when READ with all zero stateid or 3860 * WRITE with all zero or all one stateid 3861 */ 3862 static __be32 3863 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 3864 { 3865 struct nfs4_file *fp; 3866 __be32 ret = nfs_ok; 3867 3868 fp = find_file(¤t_fh->fh_handle); 3869 if (!fp) 3870 return ret; 3871 /* Check for conflicting share reservations */ 3872 spin_lock(&fp->fi_lock); 3873 if (fp->fi_share_deny & deny_type) 3874 ret = nfserr_locked; 3875 spin_unlock(&fp->fi_lock); 3876 put_nfs4_file(fp); 3877 return ret; 3878 } 3879 3880 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb) 3881 { 3882 struct nfs4_delegation *dp = cb_to_delegation(cb); 3883 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 3884 nfsd_net_id); 3885 3886 block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 3887 3888 /* 3889 * We can't do this in nfsd_break_deleg_cb because it is 3890 * already holding inode->i_lock. 3891 * 3892 * If the dl_time != 0, then we know that it has already been 3893 * queued for a lease break. Don't queue it again. 3894 */ 3895 spin_lock(&state_lock); 3896 if (dp->dl_time == 0) { 3897 dp->dl_time = get_seconds(); 3898 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 3899 } 3900 spin_unlock(&state_lock); 3901 } 3902 3903 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb, 3904 struct rpc_task *task) 3905 { 3906 struct nfs4_delegation *dp = cb_to_delegation(cb); 3907 3908 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID) 3909 return 1; 3910 3911 switch (task->tk_status) { 3912 case 0: 3913 return 1; 3914 case -EBADHANDLE: 3915 case -NFS4ERR_BAD_STATEID: 3916 /* 3917 * Race: client probably got cb_recall before open reply 3918 * granting delegation. 3919 */ 3920 if (dp->dl_retries--) { 3921 rpc_delay(task, 2 * HZ); 3922 return 0; 3923 } 3924 /*FALLTHRU*/ 3925 default: 3926 return -1; 3927 } 3928 } 3929 3930 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb) 3931 { 3932 struct nfs4_delegation *dp = cb_to_delegation(cb); 3933 3934 nfs4_put_stid(&dp->dl_stid); 3935 } 3936 3937 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = { 3938 .prepare = nfsd4_cb_recall_prepare, 3939 .done = nfsd4_cb_recall_done, 3940 .release = nfsd4_cb_recall_release, 3941 }; 3942 3943 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 3944 { 3945 /* 3946 * We're assuming the state code never drops its reference 3947 * without first removing the lease. Since we're in this lease 3948 * callback (and since the lease code is serialized by the kernel 3949 * lock) we know the server hasn't removed the lease yet, we know 3950 * it's safe to take a reference. 3951 */ 3952 refcount_inc(&dp->dl_stid.sc_count); 3953 nfsd4_run_cb(&dp->dl_recall); 3954 } 3955 3956 /* Called from break_lease() with i_lock held. */ 3957 static bool 3958 nfsd_break_deleg_cb(struct file_lock *fl) 3959 { 3960 bool ret = false; 3961 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner; 3962 struct nfs4_file *fp = dp->dl_stid.sc_file; 3963 3964 /* 3965 * We don't want the locks code to timeout the lease for us; 3966 * we'll remove it ourself if a delegation isn't returned 3967 * in time: 3968 */ 3969 fl->fl_break_time = 0; 3970 3971 spin_lock(&fp->fi_lock); 3972 fp->fi_had_conflict = true; 3973 nfsd_break_one_deleg(dp); 3974 spin_unlock(&fp->fi_lock); 3975 return ret; 3976 } 3977 3978 static int 3979 nfsd_change_deleg_cb(struct file_lock *onlist, int arg, 3980 struct list_head *dispose) 3981 { 3982 if (arg & F_UNLCK) 3983 return lease_modify(onlist, arg, dispose); 3984 else 3985 return -EAGAIN; 3986 } 3987 3988 static const struct lock_manager_operations nfsd_lease_mng_ops = { 3989 .lm_break = nfsd_break_deleg_cb, 3990 .lm_change = nfsd_change_deleg_cb, 3991 }; 3992 3993 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid) 3994 { 3995 if (nfsd4_has_session(cstate)) 3996 return nfs_ok; 3997 if (seqid == so->so_seqid - 1) 3998 return nfserr_replay_me; 3999 if (seqid == so->so_seqid) 4000 return nfs_ok; 4001 return nfserr_bad_seqid; 4002 } 4003 4004 static __be32 lookup_clientid(clientid_t *clid, 4005 struct nfsd4_compound_state *cstate, 4006 struct nfsd_net *nn) 4007 { 4008 struct nfs4_client *found; 4009 4010 if (cstate->clp) { 4011 found = cstate->clp; 4012 if (!same_clid(&found->cl_clientid, clid)) 4013 return nfserr_stale_clientid; 4014 return nfs_ok; 4015 } 4016 4017 if (STALE_CLIENTID(clid, nn)) 4018 return nfserr_stale_clientid; 4019 4020 /* 4021 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 4022 * cached already then we know this is for is for v4.0 and "sessions" 4023 * will be false. 4024 */ 4025 WARN_ON_ONCE(cstate->session); 4026 spin_lock(&nn->client_lock); 4027 found = find_confirmed_client(clid, false, nn); 4028 if (!found) { 4029 spin_unlock(&nn->client_lock); 4030 return nfserr_expired; 4031 } 4032 atomic_inc(&found->cl_refcount); 4033 spin_unlock(&nn->client_lock); 4034 4035 /* Cache the nfs4_client in cstate! */ 4036 cstate->clp = found; 4037 return nfs_ok; 4038 } 4039 4040 __be32 4041 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 4042 struct nfsd4_open *open, struct nfsd_net *nn) 4043 { 4044 clientid_t *clientid = &open->op_clientid; 4045 struct nfs4_client *clp = NULL; 4046 unsigned int strhashval; 4047 struct nfs4_openowner *oo = NULL; 4048 __be32 status; 4049 4050 if (STALE_CLIENTID(&open->op_clientid, nn)) 4051 return nfserr_stale_clientid; 4052 /* 4053 * In case we need it later, after we've already created the 4054 * file and don't want to risk a further failure: 4055 */ 4056 open->op_file = nfsd4_alloc_file(); 4057 if (open->op_file == NULL) 4058 return nfserr_jukebox; 4059 4060 status = lookup_clientid(clientid, cstate, nn); 4061 if (status) 4062 return status; 4063 clp = cstate->clp; 4064 4065 strhashval = ownerstr_hashval(&open->op_owner); 4066 oo = find_openstateowner_str(strhashval, open, clp); 4067 open->op_openowner = oo; 4068 if (!oo) { 4069 goto new_owner; 4070 } 4071 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 4072 /* Replace unconfirmed owners without checking for replay. */ 4073 release_openowner(oo); 4074 open->op_openowner = NULL; 4075 goto new_owner; 4076 } 4077 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 4078 if (status) 4079 return status; 4080 goto alloc_stateid; 4081 new_owner: 4082 oo = alloc_init_open_stateowner(strhashval, open, cstate); 4083 if (oo == NULL) 4084 return nfserr_jukebox; 4085 open->op_openowner = oo; 4086 alloc_stateid: 4087 open->op_stp = nfs4_alloc_open_stateid(clp); 4088 if (!open->op_stp) 4089 return nfserr_jukebox; 4090 4091 if (nfsd4_has_session(cstate) && 4092 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) { 4093 open->op_odstate = alloc_clnt_odstate(clp); 4094 if (!open->op_odstate) 4095 return nfserr_jukebox; 4096 } 4097 4098 return nfs_ok; 4099 } 4100 4101 static inline __be32 4102 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags) 4103 { 4104 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ)) 4105 return nfserr_openmode; 4106 else 4107 return nfs_ok; 4108 } 4109 4110 static int share_access_to_flags(u32 share_access) 4111 { 4112 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE; 4113 } 4114 4115 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s) 4116 { 4117 struct nfs4_stid *ret; 4118 4119 ret = find_stateid_by_type(cl, s, 4120 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID); 4121 if (!ret) 4122 return NULL; 4123 return delegstateid(ret); 4124 } 4125 4126 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open) 4127 { 4128 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR || 4129 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH; 4130 } 4131 4132 static __be32 4133 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open, 4134 struct nfs4_delegation **dp) 4135 { 4136 int flags; 4137 __be32 status = nfserr_bad_stateid; 4138 struct nfs4_delegation *deleg; 4139 4140 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 4141 if (deleg == NULL) 4142 goto out; 4143 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) { 4144 nfs4_put_stid(&deleg->dl_stid); 4145 if (cl->cl_minorversion) 4146 status = nfserr_deleg_revoked; 4147 goto out; 4148 } 4149 flags = share_access_to_flags(open->op_share_access); 4150 status = nfs4_check_delegmode(deleg, flags); 4151 if (status) { 4152 nfs4_put_stid(&deleg->dl_stid); 4153 goto out; 4154 } 4155 *dp = deleg; 4156 out: 4157 if (!nfsd4_is_deleg_cur(open)) 4158 return nfs_ok; 4159 if (status) 4160 return status; 4161 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4162 return nfs_ok; 4163 } 4164 4165 static inline int nfs4_access_to_access(u32 nfs4_access) 4166 { 4167 int flags = 0; 4168 4169 if (nfs4_access & NFS4_SHARE_ACCESS_READ) 4170 flags |= NFSD_MAY_READ; 4171 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 4172 flags |= NFSD_MAY_WRITE; 4173 return flags; 4174 } 4175 4176 static inline __be32 4177 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh, 4178 struct nfsd4_open *open) 4179 { 4180 struct iattr iattr = { 4181 .ia_valid = ATTR_SIZE, 4182 .ia_size = 0, 4183 }; 4184 if (!open->op_truncate) 4185 return 0; 4186 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE)) 4187 return nfserr_inval; 4188 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 4189 } 4190 4191 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 4192 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 4193 struct nfsd4_open *open) 4194 { 4195 struct file *filp = NULL; 4196 __be32 status; 4197 int oflag = nfs4_access_to_omode(open->op_share_access); 4198 int access = nfs4_access_to_access(open->op_share_access); 4199 unsigned char old_access_bmap, old_deny_bmap; 4200 4201 spin_lock(&fp->fi_lock); 4202 4203 /* 4204 * Are we trying to set a deny mode that would conflict with 4205 * current access? 4206 */ 4207 status = nfs4_file_check_deny(fp, open->op_share_deny); 4208 if (status != nfs_ok) { 4209 spin_unlock(&fp->fi_lock); 4210 goto out; 4211 } 4212 4213 /* set access to the file */ 4214 status = nfs4_file_get_access(fp, open->op_share_access); 4215 if (status != nfs_ok) { 4216 spin_unlock(&fp->fi_lock); 4217 goto out; 4218 } 4219 4220 /* Set access bits in stateid */ 4221 old_access_bmap = stp->st_access_bmap; 4222 set_access(open->op_share_access, stp); 4223 4224 /* Set new deny mask */ 4225 old_deny_bmap = stp->st_deny_bmap; 4226 set_deny(open->op_share_deny, stp); 4227 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4228 4229 if (!fp->fi_fds[oflag]) { 4230 spin_unlock(&fp->fi_lock); 4231 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp); 4232 if (status) 4233 goto out_put_access; 4234 spin_lock(&fp->fi_lock); 4235 if (!fp->fi_fds[oflag]) { 4236 fp->fi_fds[oflag] = filp; 4237 filp = NULL; 4238 } 4239 } 4240 spin_unlock(&fp->fi_lock); 4241 if (filp) 4242 fput(filp); 4243 4244 status = nfsd4_truncate(rqstp, cur_fh, open); 4245 if (status) 4246 goto out_put_access; 4247 out: 4248 return status; 4249 out_put_access: 4250 stp->st_access_bmap = old_access_bmap; 4251 nfs4_file_put_access(fp, open->op_share_access); 4252 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 4253 goto out; 4254 } 4255 4256 static __be32 4257 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 4258 { 4259 __be32 status; 4260 unsigned char old_deny_bmap = stp->st_deny_bmap; 4261 4262 if (!test_access(open->op_share_access, stp)) 4263 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 4264 4265 /* test and set deny mode */ 4266 spin_lock(&fp->fi_lock); 4267 status = nfs4_file_check_deny(fp, open->op_share_deny); 4268 if (status == nfs_ok) { 4269 set_deny(open->op_share_deny, stp); 4270 fp->fi_share_deny |= 4271 (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 4272 } 4273 spin_unlock(&fp->fi_lock); 4274 4275 if (status != nfs_ok) 4276 return status; 4277 4278 status = nfsd4_truncate(rqstp, cur_fh, open); 4279 if (status != nfs_ok) 4280 reset_union_bmap_deny(old_deny_bmap, stp); 4281 return status; 4282 } 4283 4284 /* Should we give out recallable state?: */ 4285 static bool nfsd4_cb_channel_good(struct nfs4_client *clp) 4286 { 4287 if (clp->cl_cb_state == NFSD4_CB_UP) 4288 return true; 4289 /* 4290 * In the sessions case, since we don't have to establish a 4291 * separate connection for callbacks, we assume it's OK 4292 * until we hear otherwise: 4293 */ 4294 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 4295 } 4296 4297 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, 4298 int flag) 4299 { 4300 struct file_lock *fl; 4301 4302 fl = locks_alloc_lock(); 4303 if (!fl) 4304 return NULL; 4305 fl->fl_lmops = &nfsd_lease_mng_ops; 4306 fl->fl_flags = FL_DELEG; 4307 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 4308 fl->fl_end = OFFSET_MAX; 4309 fl->fl_owner = (fl_owner_t)dp; 4310 fl->fl_pid = current->tgid; 4311 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file; 4312 return fl; 4313 } 4314 4315 static struct nfs4_delegation * 4316 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 4317 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate) 4318 { 4319 int status = 0; 4320 struct nfs4_delegation *dp; 4321 struct file *filp; 4322 struct file_lock *fl; 4323 4324 /* 4325 * The fi_had_conflict and nfs_get_existing_delegation checks 4326 * here are just optimizations; we'll need to recheck them at 4327 * the end: 4328 */ 4329 if (fp->fi_had_conflict) 4330 return ERR_PTR(-EAGAIN); 4331 4332 filp = find_readable_file(fp); 4333 if (!filp) { 4334 /* We should always have a readable file here */ 4335 WARN_ON_ONCE(1); 4336 return ERR_PTR(-EBADF); 4337 } 4338 spin_lock(&state_lock); 4339 spin_lock(&fp->fi_lock); 4340 if (nfs4_delegation_exists(clp, fp)) 4341 status = -EAGAIN; 4342 else if (!fp->fi_deleg_file) { 4343 fp->fi_deleg_file = filp; 4344 /* increment early to prevent fi_deleg_file from being 4345 * cleared */ 4346 fp->fi_delegees = 1; 4347 filp = NULL; 4348 } else 4349 fp->fi_delegees++; 4350 spin_unlock(&fp->fi_lock); 4351 spin_unlock(&state_lock); 4352 if (filp) 4353 fput(filp); 4354 if (status) 4355 return ERR_PTR(status); 4356 4357 status = -ENOMEM; 4358 dp = alloc_init_deleg(clp, fp, fh, odstate); 4359 if (!dp) 4360 goto out_delegees; 4361 4362 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 4363 if (!fl) 4364 goto out_stid; 4365 4366 status = vfs_setlease(fp->fi_deleg_file, fl->fl_type, &fl, NULL); 4367 if (fl) 4368 locks_free_lock(fl); 4369 if (status) 4370 goto out_clnt_odstate; 4371 4372 spin_lock(&state_lock); 4373 spin_lock(&fp->fi_lock); 4374 if (fp->fi_had_conflict) 4375 status = -EAGAIN; 4376 else 4377 status = hash_delegation_locked(dp, fp); 4378 spin_unlock(&fp->fi_lock); 4379 spin_unlock(&state_lock); 4380 4381 if (status) 4382 goto out_unlock; 4383 4384 return dp; 4385 out_unlock: 4386 vfs_setlease(fp->fi_deleg_file, F_UNLCK, NULL, (void **)&dp); 4387 out_clnt_odstate: 4388 put_clnt_odstate(dp->dl_clnt_odstate); 4389 out_stid: 4390 nfs4_put_stid(&dp->dl_stid); 4391 out_delegees: 4392 put_deleg_file(fp); 4393 return ERR_PTR(status); 4394 } 4395 4396 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) 4397 { 4398 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4399 if (status == -EAGAIN) 4400 open->op_why_no_deleg = WND4_CONTENTION; 4401 else { 4402 open->op_why_no_deleg = WND4_RESOURCE; 4403 switch (open->op_deleg_want) { 4404 case NFS4_SHARE_WANT_READ_DELEG: 4405 case NFS4_SHARE_WANT_WRITE_DELEG: 4406 case NFS4_SHARE_WANT_ANY_DELEG: 4407 break; 4408 case NFS4_SHARE_WANT_CANCEL: 4409 open->op_why_no_deleg = WND4_CANCELLED; 4410 break; 4411 case NFS4_SHARE_WANT_NO_DELEG: 4412 WARN_ON_ONCE(1); 4413 } 4414 } 4415 } 4416 4417 /* 4418 * Attempt to hand out a delegation. 4419 * 4420 * Note we don't support write delegations, and won't until the vfs has 4421 * proper support for them. 4422 */ 4423 static void 4424 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 4425 struct nfs4_ol_stateid *stp) 4426 { 4427 struct nfs4_delegation *dp; 4428 struct nfs4_openowner *oo = openowner(stp->st_stateowner); 4429 struct nfs4_client *clp = stp->st_stid.sc_client; 4430 int cb_up; 4431 int status = 0; 4432 4433 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client); 4434 open->op_recall = 0; 4435 switch (open->op_claim_type) { 4436 case NFS4_OPEN_CLAIM_PREVIOUS: 4437 if (!cb_up) 4438 open->op_recall = 1; 4439 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ) 4440 goto out_no_deleg; 4441 break; 4442 case NFS4_OPEN_CLAIM_NULL: 4443 case NFS4_OPEN_CLAIM_FH: 4444 /* 4445 * Let's not give out any delegations till everyone's 4446 * had the chance to reclaim theirs, *and* until 4447 * NLM locks have all been reclaimed: 4448 */ 4449 if (locks_in_grace(clp->net)) 4450 goto out_no_deleg; 4451 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 4452 goto out_no_deleg; 4453 /* 4454 * Also, if the file was opened for write or 4455 * create, there's a good chance the client's 4456 * about to write to it, resulting in an 4457 * immediate recall (since we don't support 4458 * write delegations): 4459 */ 4460 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 4461 goto out_no_deleg; 4462 if (open->op_create == NFS4_OPEN_CREATE) 4463 goto out_no_deleg; 4464 break; 4465 default: 4466 goto out_no_deleg; 4467 } 4468 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate); 4469 if (IS_ERR(dp)) 4470 goto out_no_deleg; 4471 4472 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 4473 4474 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 4475 STATEID_VAL(&dp->dl_stid.sc_stateid)); 4476 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 4477 nfs4_put_stid(&dp->dl_stid); 4478 return; 4479 out_no_deleg: 4480 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 4481 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && 4482 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) { 4483 dprintk("NFSD: WARNING: refusing delegation reclaim\n"); 4484 open->op_recall = 1; 4485 } 4486 4487 /* 4.1 client asking for a delegation? */ 4488 if (open->op_deleg_want) 4489 nfsd4_open_deleg_none_ext(open, status); 4490 return; 4491 } 4492 4493 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open, 4494 struct nfs4_delegation *dp) 4495 { 4496 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG && 4497 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4498 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4499 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE; 4500 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG && 4501 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) { 4502 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4503 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE; 4504 } 4505 /* Otherwise the client must be confused wanting a delegation 4506 * it already has, therefore we don't return 4507 * NFS4_OPEN_DELEGATE_NONE_EXT and reason. 4508 */ 4509 } 4510 4511 __be32 4512 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 4513 { 4514 struct nfsd4_compoundres *resp = rqstp->rq_resp; 4515 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 4516 struct nfs4_file *fp = NULL; 4517 struct nfs4_ol_stateid *stp = NULL; 4518 struct nfs4_delegation *dp = NULL; 4519 __be32 status; 4520 bool new_stp = false; 4521 4522 /* 4523 * Lookup file; if found, lookup stateid and check open request, 4524 * and check for delegations in the process of being recalled. 4525 * If not found, create the nfs4_file struct 4526 */ 4527 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle); 4528 if (fp != open->op_file) { 4529 status = nfs4_check_deleg(cl, open, &dp); 4530 if (status) 4531 goto out; 4532 stp = nfsd4_find_and_lock_existing_open(fp, open); 4533 } else { 4534 open->op_file = NULL; 4535 status = nfserr_bad_stateid; 4536 if (nfsd4_is_deleg_cur(open)) 4537 goto out; 4538 } 4539 4540 if (!stp) { 4541 stp = init_open_stateid(fp, open); 4542 if (!open->op_stp) 4543 new_stp = true; 4544 } 4545 4546 /* 4547 * OPEN the file, or upgrade an existing OPEN. 4548 * If truncate fails, the OPEN fails. 4549 * 4550 * stp is already locked. 4551 */ 4552 if (!new_stp) { 4553 /* Stateid was found, this is an OPEN upgrade */ 4554 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open); 4555 if (status) { 4556 mutex_unlock(&stp->st_mutex); 4557 goto out; 4558 } 4559 } else { 4560 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 4561 if (status) { 4562 stp->st_stid.sc_type = NFS4_CLOSED_STID; 4563 release_open_stateid(stp); 4564 mutex_unlock(&stp->st_mutex); 4565 goto out; 4566 } 4567 4568 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp, 4569 open->op_odstate); 4570 if (stp->st_clnt_odstate == open->op_odstate) 4571 open->op_odstate = NULL; 4572 } 4573 4574 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid); 4575 mutex_unlock(&stp->st_mutex); 4576 4577 if (nfsd4_has_session(&resp->cstate)) { 4578 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 4579 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4580 open->op_why_no_deleg = WND4_NOT_WANTED; 4581 goto nodeleg; 4582 } 4583 } 4584 4585 /* 4586 * Attempt to hand out a delegation. No error return, because the 4587 * OPEN succeeds even if we fail. 4588 */ 4589 nfs4_open_delegation(current_fh, open, stp); 4590 nodeleg: 4591 status = nfs_ok; 4592 4593 dprintk("%s: stateid=" STATEID_FMT "\n", __func__, 4594 STATEID_VAL(&stp->st_stid.sc_stateid)); 4595 out: 4596 /* 4.1 client trying to upgrade/downgrade delegation? */ 4597 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp && 4598 open->op_deleg_want) 4599 nfsd4_deleg_xgrade_none_ext(open, dp); 4600 4601 if (fp) 4602 put_nfs4_file(fp); 4603 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS) 4604 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4605 /* 4606 * To finish the open response, we just need to set the rflags. 4607 */ 4608 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX; 4609 if (nfsd4_has_session(&resp->cstate)) 4610 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK; 4611 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED)) 4612 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 4613 4614 if (dp) 4615 nfs4_put_stid(&dp->dl_stid); 4616 if (stp) 4617 nfs4_put_stid(&stp->st_stid); 4618 4619 return status; 4620 } 4621 4622 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 4623 struct nfsd4_open *open) 4624 { 4625 if (open->op_openowner) { 4626 struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 4627 4628 nfsd4_cstate_assign_replay(cstate, so); 4629 nfs4_put_stateowner(so); 4630 } 4631 if (open->op_file) 4632 kmem_cache_free(file_slab, open->op_file); 4633 if (open->op_stp) 4634 nfs4_put_stid(&open->op_stp->st_stid); 4635 if (open->op_odstate) 4636 kmem_cache_free(odstate_slab, open->op_odstate); 4637 } 4638 4639 __be32 4640 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 4641 union nfsd4_op_u *u) 4642 { 4643 clientid_t *clid = &u->renew; 4644 struct nfs4_client *clp; 4645 __be32 status; 4646 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4647 4648 dprintk("process_renew(%08x/%08x): starting\n", 4649 clid->cl_boot, clid->cl_id); 4650 status = lookup_clientid(clid, cstate, nn); 4651 if (status) 4652 goto out; 4653 clp = cstate->clp; 4654 status = nfserr_cb_path_down; 4655 if (!list_empty(&clp->cl_delegations) 4656 && clp->cl_cb_state != NFSD4_CB_UP) 4657 goto out; 4658 status = nfs_ok; 4659 out: 4660 return status; 4661 } 4662 4663 void 4664 nfsd4_end_grace(struct nfsd_net *nn) 4665 { 4666 /* do nothing if grace period already ended */ 4667 if (nn->grace_ended) 4668 return; 4669 4670 dprintk("NFSD: end of grace period\n"); 4671 nn->grace_ended = true; 4672 /* 4673 * If the server goes down again right now, an NFSv4 4674 * client will still be allowed to reclaim after it comes back up, 4675 * even if it hasn't yet had a chance to reclaim state this time. 4676 * 4677 */ 4678 nfsd4_record_grace_done(nn); 4679 /* 4680 * At this point, NFSv4 clients can still reclaim. But if the 4681 * server crashes, any that have not yet reclaimed will be out 4682 * of luck on the next boot. 4683 * 4684 * (NFSv4.1+ clients are considered to have reclaimed once they 4685 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to 4686 * have reclaimed after their first OPEN.) 4687 */ 4688 locks_end_grace(&nn->nfsd4_manager); 4689 /* 4690 * At this point, and once lockd and/or any other containers 4691 * exit their grace period, further reclaims will fail and 4692 * regular locking can resume. 4693 */ 4694 } 4695 4696 static time_t 4697 nfs4_laundromat(struct nfsd_net *nn) 4698 { 4699 struct nfs4_client *clp; 4700 struct nfs4_openowner *oo; 4701 struct nfs4_delegation *dp; 4702 struct nfs4_ol_stateid *stp; 4703 struct nfsd4_blocked_lock *nbl; 4704 struct list_head *pos, *next, reaplist; 4705 time_t cutoff = get_seconds() - nn->nfsd4_lease; 4706 time_t t, new_timeo = nn->nfsd4_lease; 4707 4708 dprintk("NFSD: laundromat service - starting\n"); 4709 nfsd4_end_grace(nn); 4710 INIT_LIST_HEAD(&reaplist); 4711 spin_lock(&nn->client_lock); 4712 list_for_each_safe(pos, next, &nn->client_lru) { 4713 clp = list_entry(pos, struct nfs4_client, cl_lru); 4714 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) { 4715 t = clp->cl_time - cutoff; 4716 new_timeo = min(new_timeo, t); 4717 break; 4718 } 4719 if (mark_client_expired_locked(clp)) { 4720 dprintk("NFSD: client in use (clientid %08x)\n", 4721 clp->cl_clientid.cl_id); 4722 continue; 4723 } 4724 list_add(&clp->cl_lru, &reaplist); 4725 } 4726 spin_unlock(&nn->client_lock); 4727 list_for_each_safe(pos, next, &reaplist) { 4728 clp = list_entry(pos, struct nfs4_client, cl_lru); 4729 dprintk("NFSD: purging unused client (clientid %08x)\n", 4730 clp->cl_clientid.cl_id); 4731 list_del_init(&clp->cl_lru); 4732 expire_client(clp); 4733 } 4734 spin_lock(&state_lock); 4735 list_for_each_safe(pos, next, &nn->del_recall_lru) { 4736 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 4737 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) { 4738 t = dp->dl_time - cutoff; 4739 new_timeo = min(new_timeo, t); 4740 break; 4741 } 4742 WARN_ON(!unhash_delegation_locked(dp)); 4743 list_add(&dp->dl_recall_lru, &reaplist); 4744 } 4745 spin_unlock(&state_lock); 4746 while (!list_empty(&reaplist)) { 4747 dp = list_first_entry(&reaplist, struct nfs4_delegation, 4748 dl_recall_lru); 4749 list_del_init(&dp->dl_recall_lru); 4750 revoke_delegation(dp); 4751 } 4752 4753 spin_lock(&nn->client_lock); 4754 while (!list_empty(&nn->close_lru)) { 4755 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 4756 oo_close_lru); 4757 if (time_after((unsigned long)oo->oo_time, 4758 (unsigned long)cutoff)) { 4759 t = oo->oo_time - cutoff; 4760 new_timeo = min(new_timeo, t); 4761 break; 4762 } 4763 list_del_init(&oo->oo_close_lru); 4764 stp = oo->oo_last_closed_stid; 4765 oo->oo_last_closed_stid = NULL; 4766 spin_unlock(&nn->client_lock); 4767 nfs4_put_stid(&stp->st_stid); 4768 spin_lock(&nn->client_lock); 4769 } 4770 spin_unlock(&nn->client_lock); 4771 4772 /* 4773 * It's possible for a client to try and acquire an already held lock 4774 * that is being held for a long time, and then lose interest in it. 4775 * So, we clean out any un-revisited request after a lease period 4776 * under the assumption that the client is no longer interested. 4777 * 4778 * RFC5661, sec. 9.6 states that the client must not rely on getting 4779 * notifications and must continue to poll for locks, even when the 4780 * server supports them. Thus this shouldn't lead to clients blocking 4781 * indefinitely once the lock does become free. 4782 */ 4783 BUG_ON(!list_empty(&reaplist)); 4784 spin_lock(&nn->blocked_locks_lock); 4785 while (!list_empty(&nn->blocked_locks_lru)) { 4786 nbl = list_first_entry(&nn->blocked_locks_lru, 4787 struct nfsd4_blocked_lock, nbl_lru); 4788 if (time_after((unsigned long)nbl->nbl_time, 4789 (unsigned long)cutoff)) { 4790 t = nbl->nbl_time - cutoff; 4791 new_timeo = min(new_timeo, t); 4792 break; 4793 } 4794 list_move(&nbl->nbl_lru, &reaplist); 4795 list_del_init(&nbl->nbl_list); 4796 } 4797 spin_unlock(&nn->blocked_locks_lock); 4798 4799 while (!list_empty(&reaplist)) { 4800 nbl = list_first_entry(&reaplist, 4801 struct nfsd4_blocked_lock, nbl_lru); 4802 list_del_init(&nbl->nbl_lru); 4803 posix_unblock_lock(&nbl->nbl_lock); 4804 free_blocked_lock(nbl); 4805 } 4806 4807 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 4808 return new_timeo; 4809 } 4810 4811 static struct workqueue_struct *laundry_wq; 4812 static void laundromat_main(struct work_struct *); 4813 4814 static void 4815 laundromat_main(struct work_struct *laundry) 4816 { 4817 time_t t; 4818 struct delayed_work *dwork = to_delayed_work(laundry); 4819 struct nfsd_net *nn = container_of(dwork, struct nfsd_net, 4820 laundromat_work); 4821 4822 t = nfs4_laundromat(nn); 4823 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t); 4824 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ); 4825 } 4826 4827 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp) 4828 { 4829 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle)) 4830 return nfserr_bad_stateid; 4831 return nfs_ok; 4832 } 4833 4834 static inline int 4835 access_permit_read(struct nfs4_ol_stateid *stp) 4836 { 4837 return test_access(NFS4_SHARE_ACCESS_READ, stp) || 4838 test_access(NFS4_SHARE_ACCESS_BOTH, stp) || 4839 test_access(NFS4_SHARE_ACCESS_WRITE, stp); 4840 } 4841 4842 static inline int 4843 access_permit_write(struct nfs4_ol_stateid *stp) 4844 { 4845 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) || 4846 test_access(NFS4_SHARE_ACCESS_BOTH, stp); 4847 } 4848 4849 static 4850 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags) 4851 { 4852 __be32 status = nfserr_openmode; 4853 4854 /* For lock stateid's, we test the parent open, not the lock: */ 4855 if (stp->st_openstp) 4856 stp = stp->st_openstp; 4857 if ((flags & WR_STATE) && !access_permit_write(stp)) 4858 goto out; 4859 if ((flags & RD_STATE) && !access_permit_read(stp)) 4860 goto out; 4861 status = nfs_ok; 4862 out: 4863 return status; 4864 } 4865 4866 static inline __be32 4867 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags) 4868 { 4869 if (ONE_STATEID(stateid) && (flags & RD_STATE)) 4870 return nfs_ok; 4871 else if (opens_in_grace(net)) { 4872 /* Answer in remaining cases depends on existence of 4873 * conflicting state; so we must wait out the grace period. */ 4874 return nfserr_grace; 4875 } else if (flags & WR_STATE) 4876 return nfs4_share_conflict(current_fh, 4877 NFS4_SHARE_DENY_WRITE); 4878 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */ 4879 return nfs4_share_conflict(current_fh, 4880 NFS4_SHARE_DENY_READ); 4881 } 4882 4883 /* 4884 * Allow READ/WRITE during grace period on recovered state only for files 4885 * that are not able to provide mandatory locking. 4886 */ 4887 static inline int 4888 grace_disallows_io(struct net *net, struct inode *inode) 4889 { 4890 return opens_in_grace(net) && mandatory_lock(inode); 4891 } 4892 4893 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session) 4894 { 4895 /* 4896 * When sessions are used the stateid generation number is ignored 4897 * when it is zero. 4898 */ 4899 if (has_session && in->si_generation == 0) 4900 return nfs_ok; 4901 4902 if (in->si_generation == ref->si_generation) 4903 return nfs_ok; 4904 4905 /* If the client sends us a stateid from the future, it's buggy: */ 4906 if (nfsd4_stateid_generation_after(in, ref)) 4907 return nfserr_bad_stateid; 4908 /* 4909 * However, we could see a stateid from the past, even from a 4910 * non-buggy client. For example, if the client sends a lock 4911 * while some IO is outstanding, the lock may bump si_generation 4912 * while the IO is still in flight. The client could avoid that 4913 * situation by waiting for responses on all the IO requests, 4914 * but better performance may result in retrying IO that 4915 * receives an old_stateid error if requests are rarely 4916 * reordered in flight: 4917 */ 4918 return nfserr_old_stateid; 4919 } 4920 4921 static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session) 4922 { 4923 __be32 ret; 4924 4925 spin_lock(&s->sc_lock); 4926 ret = nfsd4_verify_open_stid(s); 4927 if (ret == nfs_ok) 4928 ret = check_stateid_generation(in, &s->sc_stateid, has_session); 4929 spin_unlock(&s->sc_lock); 4930 return ret; 4931 } 4932 4933 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols) 4934 { 4935 if (ols->st_stateowner->so_is_open_owner && 4936 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED)) 4937 return nfserr_bad_stateid; 4938 return nfs_ok; 4939 } 4940 4941 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) 4942 { 4943 struct nfs4_stid *s; 4944 __be32 status = nfserr_bad_stateid; 4945 4946 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 4947 CLOSE_STATEID(stateid)) 4948 return status; 4949 /* Client debugging aid. */ 4950 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 4951 char addr_str[INET6_ADDRSTRLEN]; 4952 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str, 4953 sizeof(addr_str)); 4954 pr_warn_ratelimited("NFSD: client %s testing state ID " 4955 "with incorrect client ID\n", addr_str); 4956 return status; 4957 } 4958 spin_lock(&cl->cl_lock); 4959 s = find_stateid_locked(cl, stateid); 4960 if (!s) 4961 goto out_unlock; 4962 status = nfsd4_stid_check_stateid_generation(stateid, s, 1); 4963 if (status) 4964 goto out_unlock; 4965 switch (s->sc_type) { 4966 case NFS4_DELEG_STID: 4967 status = nfs_ok; 4968 break; 4969 case NFS4_REVOKED_DELEG_STID: 4970 status = nfserr_deleg_revoked; 4971 break; 4972 case NFS4_OPEN_STID: 4973 case NFS4_LOCK_STID: 4974 status = nfsd4_check_openowner_confirmed(openlockstateid(s)); 4975 break; 4976 default: 4977 printk("unknown stateid type %x\n", s->sc_type); 4978 /* Fallthrough */ 4979 case NFS4_CLOSED_STID: 4980 case NFS4_CLOSED_DELEG_STID: 4981 status = nfserr_bad_stateid; 4982 } 4983 out_unlock: 4984 spin_unlock(&cl->cl_lock); 4985 return status; 4986 } 4987 4988 __be32 4989 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 4990 stateid_t *stateid, unsigned char typemask, 4991 struct nfs4_stid **s, struct nfsd_net *nn) 4992 { 4993 __be32 status; 4994 bool return_revoked = false; 4995 4996 /* 4997 * only return revoked delegations if explicitly asked. 4998 * otherwise we report revoked or bad_stateid status. 4999 */ 5000 if (typemask & NFS4_REVOKED_DELEG_STID) 5001 return_revoked = true; 5002 else if (typemask & NFS4_DELEG_STID) 5003 typemask |= NFS4_REVOKED_DELEG_STID; 5004 5005 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || 5006 CLOSE_STATEID(stateid)) 5007 return nfserr_bad_stateid; 5008 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); 5009 if (status == nfserr_stale_clientid) { 5010 if (cstate->session) 5011 return nfserr_bad_stateid; 5012 return nfserr_stale_stateid; 5013 } 5014 if (status) 5015 return status; 5016 *s = find_stateid_by_type(cstate->clp, stateid, typemask); 5017 if (!*s) 5018 return nfserr_bad_stateid; 5019 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) { 5020 nfs4_put_stid(*s); 5021 if (cstate->minorversion) 5022 return nfserr_deleg_revoked; 5023 return nfserr_bad_stateid; 5024 } 5025 return nfs_ok; 5026 } 5027 5028 static struct file * 5029 nfs4_find_file(struct nfs4_stid *s, int flags) 5030 { 5031 if (!s) 5032 return NULL; 5033 5034 switch (s->sc_type) { 5035 case NFS4_DELEG_STID: 5036 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file)) 5037 return NULL; 5038 return get_file(s->sc_file->fi_deleg_file); 5039 case NFS4_OPEN_STID: 5040 case NFS4_LOCK_STID: 5041 if (flags & RD_STATE) 5042 return find_readable_file(s->sc_file); 5043 else 5044 return find_writeable_file(s->sc_file); 5045 break; 5046 } 5047 5048 return NULL; 5049 } 5050 5051 static __be32 5052 nfs4_check_olstateid(struct svc_fh *fhp, struct nfs4_ol_stateid *ols, int flags) 5053 { 5054 __be32 status; 5055 5056 status = nfsd4_check_openowner_confirmed(ols); 5057 if (status) 5058 return status; 5059 return nfs4_check_openmode(ols, flags); 5060 } 5061 5062 static __be32 5063 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s, 5064 struct file **filpp, bool *tmp_file, int flags) 5065 { 5066 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE; 5067 struct file *file; 5068 __be32 status; 5069 5070 file = nfs4_find_file(s, flags); 5071 if (file) { 5072 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 5073 acc | NFSD_MAY_OWNER_OVERRIDE); 5074 if (status) { 5075 fput(file); 5076 return status; 5077 } 5078 5079 *filpp = file; 5080 } else { 5081 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp); 5082 if (status) 5083 return status; 5084 5085 if (tmp_file) 5086 *tmp_file = true; 5087 } 5088 5089 return 0; 5090 } 5091 5092 /* 5093 * Checks for stateid operations 5094 */ 5095 __be32 5096 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp, 5097 struct nfsd4_compound_state *cstate, struct svc_fh *fhp, 5098 stateid_t *stateid, int flags, struct file **filpp, bool *tmp_file) 5099 { 5100 struct inode *ino = d_inode(fhp->fh_dentry); 5101 struct net *net = SVC_NET(rqstp); 5102 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5103 struct nfs4_stid *s = NULL; 5104 __be32 status; 5105 5106 if (filpp) 5107 *filpp = NULL; 5108 if (tmp_file) 5109 *tmp_file = false; 5110 5111 if (grace_disallows_io(net, ino)) 5112 return nfserr_grace; 5113 5114 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) { 5115 status = check_special_stateids(net, fhp, stateid, flags); 5116 goto done; 5117 } 5118 5119 status = nfsd4_lookup_stateid(cstate, stateid, 5120 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 5121 &s, nn); 5122 if (status) 5123 return status; 5124 status = nfsd4_stid_check_stateid_generation(stateid, s, 5125 nfsd4_has_session(cstate)); 5126 if (status) 5127 goto out; 5128 5129 switch (s->sc_type) { 5130 case NFS4_DELEG_STID: 5131 status = nfs4_check_delegmode(delegstateid(s), flags); 5132 break; 5133 case NFS4_OPEN_STID: 5134 case NFS4_LOCK_STID: 5135 status = nfs4_check_olstateid(fhp, openlockstateid(s), flags); 5136 break; 5137 default: 5138 status = nfserr_bad_stateid; 5139 break; 5140 } 5141 if (status) 5142 goto out; 5143 status = nfs4_check_fh(fhp, s); 5144 5145 done: 5146 if (!status && filpp) 5147 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags); 5148 out: 5149 if (s) 5150 nfs4_put_stid(s); 5151 return status; 5152 } 5153 5154 /* 5155 * Test if the stateid is valid 5156 */ 5157 __be32 5158 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5159 union nfsd4_op_u *u) 5160 { 5161 struct nfsd4_test_stateid *test_stateid = &u->test_stateid; 5162 struct nfsd4_test_stateid_id *stateid; 5163 struct nfs4_client *cl = cstate->session->se_client; 5164 5165 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 5166 stateid->ts_id_status = 5167 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 5168 5169 return nfs_ok; 5170 } 5171 5172 static __be32 5173 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s) 5174 { 5175 struct nfs4_ol_stateid *stp = openlockstateid(s); 5176 __be32 ret; 5177 5178 ret = nfsd4_lock_ol_stateid(stp); 5179 if (ret) 5180 goto out_put_stid; 5181 5182 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5183 if (ret) 5184 goto out; 5185 5186 ret = nfserr_locks_held; 5187 if (check_for_locks(stp->st_stid.sc_file, 5188 lockowner(stp->st_stateowner))) 5189 goto out; 5190 5191 release_lock_stateid(stp); 5192 ret = nfs_ok; 5193 5194 out: 5195 mutex_unlock(&stp->st_mutex); 5196 out_put_stid: 5197 nfs4_put_stid(s); 5198 return ret; 5199 } 5200 5201 __be32 5202 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5203 union nfsd4_op_u *u) 5204 { 5205 struct nfsd4_free_stateid *free_stateid = &u->free_stateid; 5206 stateid_t *stateid = &free_stateid->fr_stateid; 5207 struct nfs4_stid *s; 5208 struct nfs4_delegation *dp; 5209 struct nfs4_client *cl = cstate->session->se_client; 5210 __be32 ret = nfserr_bad_stateid; 5211 5212 spin_lock(&cl->cl_lock); 5213 s = find_stateid_locked(cl, stateid); 5214 if (!s) 5215 goto out_unlock; 5216 spin_lock(&s->sc_lock); 5217 switch (s->sc_type) { 5218 case NFS4_DELEG_STID: 5219 ret = nfserr_locks_held; 5220 break; 5221 case NFS4_OPEN_STID: 5222 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 5223 if (ret) 5224 break; 5225 ret = nfserr_locks_held; 5226 break; 5227 case NFS4_LOCK_STID: 5228 spin_unlock(&s->sc_lock); 5229 refcount_inc(&s->sc_count); 5230 spin_unlock(&cl->cl_lock); 5231 ret = nfsd4_free_lock_stateid(stateid, s); 5232 goto out; 5233 case NFS4_REVOKED_DELEG_STID: 5234 spin_unlock(&s->sc_lock); 5235 dp = delegstateid(s); 5236 list_del_init(&dp->dl_recall_lru); 5237 spin_unlock(&cl->cl_lock); 5238 nfs4_put_stid(s); 5239 ret = nfs_ok; 5240 goto out; 5241 /* Default falls through and returns nfserr_bad_stateid */ 5242 } 5243 spin_unlock(&s->sc_lock); 5244 out_unlock: 5245 spin_unlock(&cl->cl_lock); 5246 out: 5247 return ret; 5248 } 5249 5250 static inline int 5251 setlkflg (int type) 5252 { 5253 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ? 5254 RD_STATE : WR_STATE; 5255 } 5256 5257 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp) 5258 { 5259 struct svc_fh *current_fh = &cstate->current_fh; 5260 struct nfs4_stateowner *sop = stp->st_stateowner; 5261 __be32 status; 5262 5263 status = nfsd4_check_seqid(cstate, sop, seqid); 5264 if (status) 5265 return status; 5266 status = nfsd4_lock_ol_stateid(stp); 5267 if (status != nfs_ok) 5268 return status; 5269 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate)); 5270 if (status == nfs_ok) 5271 status = nfs4_check_fh(current_fh, &stp->st_stid); 5272 if (status != nfs_ok) 5273 mutex_unlock(&stp->st_mutex); 5274 return status; 5275 } 5276 5277 /* 5278 * Checks for sequence id mutating operations. 5279 */ 5280 static __be32 5281 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5282 stateid_t *stateid, char typemask, 5283 struct nfs4_ol_stateid **stpp, 5284 struct nfsd_net *nn) 5285 { 5286 __be32 status; 5287 struct nfs4_stid *s; 5288 struct nfs4_ol_stateid *stp = NULL; 5289 5290 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 5291 seqid, STATEID_VAL(stateid)); 5292 5293 *stpp = NULL; 5294 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 5295 if (status) 5296 return status; 5297 stp = openlockstateid(s); 5298 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 5299 5300 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 5301 if (!status) 5302 *stpp = stp; 5303 else 5304 nfs4_put_stid(&stp->st_stid); 5305 return status; 5306 } 5307 5308 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, 5309 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn) 5310 { 5311 __be32 status; 5312 struct nfs4_openowner *oo; 5313 struct nfs4_ol_stateid *stp; 5314 5315 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 5316 NFS4_OPEN_STID, &stp, nn); 5317 if (status) 5318 return status; 5319 oo = openowner(stp->st_stateowner); 5320 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 5321 mutex_unlock(&stp->st_mutex); 5322 nfs4_put_stid(&stp->st_stid); 5323 return nfserr_bad_stateid; 5324 } 5325 *stpp = stp; 5326 return nfs_ok; 5327 } 5328 5329 __be32 5330 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5331 union nfsd4_op_u *u) 5332 { 5333 struct nfsd4_open_confirm *oc = &u->open_confirm; 5334 __be32 status; 5335 struct nfs4_openowner *oo; 5336 struct nfs4_ol_stateid *stp; 5337 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5338 5339 dprintk("NFSD: nfsd4_open_confirm on file %pd\n", 5340 cstate->current_fh.fh_dentry); 5341 5342 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0); 5343 if (status) 5344 return status; 5345 5346 status = nfs4_preprocess_seqid_op(cstate, 5347 oc->oc_seqid, &oc->oc_req_stateid, 5348 NFS4_OPEN_STID, &stp, nn); 5349 if (status) 5350 goto out; 5351 oo = openowner(stp->st_stateowner); 5352 status = nfserr_bad_stateid; 5353 if (oo->oo_flags & NFS4_OO_CONFIRMED) { 5354 mutex_unlock(&stp->st_mutex); 5355 goto put_stateid; 5356 } 5357 oo->oo_flags |= NFS4_OO_CONFIRMED; 5358 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid); 5359 mutex_unlock(&stp->st_mutex); 5360 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n", 5361 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid)); 5362 5363 nfsd4_client_record_create(oo->oo_owner.so_client); 5364 status = nfs_ok; 5365 put_stateid: 5366 nfs4_put_stid(&stp->st_stid); 5367 out: 5368 nfsd4_bump_seqid(cstate, status); 5369 return status; 5370 } 5371 5372 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access) 5373 { 5374 if (!test_access(access, stp)) 5375 return; 5376 nfs4_file_put_access(stp->st_stid.sc_file, access); 5377 clear_access(access, stp); 5378 } 5379 5380 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access) 5381 { 5382 switch (to_access) { 5383 case NFS4_SHARE_ACCESS_READ: 5384 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE); 5385 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5386 break; 5387 case NFS4_SHARE_ACCESS_WRITE: 5388 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ); 5389 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH); 5390 break; 5391 case NFS4_SHARE_ACCESS_BOTH: 5392 break; 5393 default: 5394 WARN_ON_ONCE(1); 5395 } 5396 } 5397 5398 __be32 5399 nfsd4_open_downgrade(struct svc_rqst *rqstp, 5400 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u) 5401 { 5402 struct nfsd4_open_downgrade *od = &u->open_downgrade; 5403 __be32 status; 5404 struct nfs4_ol_stateid *stp; 5405 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5406 5407 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n", 5408 cstate->current_fh.fh_dentry); 5409 5410 /* We don't yet support WANT bits: */ 5411 if (od->od_deleg_want) 5412 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 5413 od->od_deleg_want); 5414 5415 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 5416 &od->od_stateid, &stp, nn); 5417 if (status) 5418 goto out; 5419 status = nfserr_inval; 5420 if (!test_access(od->od_share_access, stp)) { 5421 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 5422 stp->st_access_bmap, od->od_share_access); 5423 goto put_stateid; 5424 } 5425 if (!test_deny(od->od_share_deny, stp)) { 5426 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 5427 stp->st_deny_bmap, od->od_share_deny); 5428 goto put_stateid; 5429 } 5430 nfs4_stateid_downgrade(stp, od->od_share_access); 5431 reset_union_bmap_deny(od->od_share_deny, stp); 5432 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid); 5433 status = nfs_ok; 5434 put_stateid: 5435 mutex_unlock(&stp->st_mutex); 5436 nfs4_put_stid(&stp->st_stid); 5437 out: 5438 nfsd4_bump_seqid(cstate, status); 5439 return status; 5440 } 5441 5442 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 5443 { 5444 struct nfs4_client *clp = s->st_stid.sc_client; 5445 bool unhashed; 5446 LIST_HEAD(reaplist); 5447 5448 spin_lock(&clp->cl_lock); 5449 unhashed = unhash_open_stateid(s, &reaplist); 5450 5451 if (clp->cl_minorversion) { 5452 if (unhashed) 5453 put_ol_stateid_locked(s, &reaplist); 5454 spin_unlock(&clp->cl_lock); 5455 free_ol_stateid_reaplist(&reaplist); 5456 } else { 5457 spin_unlock(&clp->cl_lock); 5458 free_ol_stateid_reaplist(&reaplist); 5459 if (unhashed) 5460 move_to_close_lru(s, clp->net); 5461 } 5462 } 5463 5464 /* 5465 * nfs4_unlock_state() called after encode 5466 */ 5467 __be32 5468 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5469 union nfsd4_op_u *u) 5470 { 5471 struct nfsd4_close *close = &u->close; 5472 __be32 status; 5473 struct nfs4_ol_stateid *stp; 5474 struct net *net = SVC_NET(rqstp); 5475 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5476 5477 dprintk("NFSD: nfsd4_close on file %pd\n", 5478 cstate->current_fh.fh_dentry); 5479 5480 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 5481 &close->cl_stateid, 5482 NFS4_OPEN_STID|NFS4_CLOSED_STID, 5483 &stp, nn); 5484 nfsd4_bump_seqid(cstate, status); 5485 if (status) 5486 goto out; 5487 5488 stp->st_stid.sc_type = NFS4_CLOSED_STID; 5489 5490 /* 5491 * Technically we don't _really_ have to increment or copy it, since 5492 * it should just be gone after this operation and we clobber the 5493 * copied value below, but we continue to do so here just to ensure 5494 * that racing ops see that there was a state change. 5495 */ 5496 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid); 5497 5498 nfsd4_close_open_stateid(stp); 5499 mutex_unlock(&stp->st_mutex); 5500 5501 /* v4.1+ suggests that we send a special stateid in here, since the 5502 * clients should just ignore this anyway. Since this is not useful 5503 * for v4.0 clients either, we set it to the special close_stateid 5504 * universally. 5505 * 5506 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5 5507 */ 5508 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid)); 5509 5510 /* put reference from nfs4_preprocess_seqid_op */ 5511 nfs4_put_stid(&stp->st_stid); 5512 out: 5513 return status; 5514 } 5515 5516 __be32 5517 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5518 union nfsd4_op_u *u) 5519 { 5520 struct nfsd4_delegreturn *dr = &u->delegreturn; 5521 struct nfs4_delegation *dp; 5522 stateid_t *stateid = &dr->dr_stateid; 5523 struct nfs4_stid *s; 5524 __be32 status; 5525 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5526 5527 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 5528 return status; 5529 5530 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 5531 if (status) 5532 goto out; 5533 dp = delegstateid(s); 5534 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate)); 5535 if (status) 5536 goto put_stateid; 5537 5538 destroy_delegation(dp); 5539 put_stateid: 5540 nfs4_put_stid(&dp->dl_stid); 5541 out: 5542 return status; 5543 } 5544 5545 static inline u64 5546 end_offset(u64 start, u64 len) 5547 { 5548 u64 end; 5549 5550 end = start + len; 5551 return end >= start ? end: NFS4_MAX_UINT64; 5552 } 5553 5554 /* last octet in a range */ 5555 static inline u64 5556 last_byte_offset(u64 start, u64 len) 5557 { 5558 u64 end; 5559 5560 WARN_ON_ONCE(!len); 5561 end = start + len; 5562 return end > start ? end - 1: NFS4_MAX_UINT64; 5563 } 5564 5565 /* 5566 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that 5567 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th 5568 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit 5569 * locking, this prevents us from being completely protocol-compliant. The 5570 * real solution to this problem is to start using unsigned file offsets in 5571 * the VFS, but this is a very deep change! 5572 */ 5573 static inline void 5574 nfs4_transform_lock_offset(struct file_lock *lock) 5575 { 5576 if (lock->fl_start < 0) 5577 lock->fl_start = OFFSET_MAX; 5578 if (lock->fl_end < 0) 5579 lock->fl_end = OFFSET_MAX; 5580 } 5581 5582 static fl_owner_t 5583 nfsd4_fl_get_owner(fl_owner_t owner) 5584 { 5585 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5586 5587 nfs4_get_stateowner(&lo->lo_owner); 5588 return owner; 5589 } 5590 5591 static void 5592 nfsd4_fl_put_owner(fl_owner_t owner) 5593 { 5594 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner; 5595 5596 if (lo) 5597 nfs4_put_stateowner(&lo->lo_owner); 5598 } 5599 5600 static void 5601 nfsd4_lm_notify(struct file_lock *fl) 5602 { 5603 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner; 5604 struct net *net = lo->lo_owner.so_client->net; 5605 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5606 struct nfsd4_blocked_lock *nbl = container_of(fl, 5607 struct nfsd4_blocked_lock, nbl_lock); 5608 bool queue = false; 5609 5610 /* An empty list means that something else is going to be using it */ 5611 spin_lock(&nn->blocked_locks_lock); 5612 if (!list_empty(&nbl->nbl_list)) { 5613 list_del_init(&nbl->nbl_list); 5614 list_del_init(&nbl->nbl_lru); 5615 queue = true; 5616 } 5617 spin_unlock(&nn->blocked_locks_lock); 5618 5619 if (queue) 5620 nfsd4_run_cb(&nbl->nbl_cb); 5621 } 5622 5623 static const struct lock_manager_operations nfsd_posix_mng_ops = { 5624 .lm_notify = nfsd4_lm_notify, 5625 .lm_get_owner = nfsd4_fl_get_owner, 5626 .lm_put_owner = nfsd4_fl_put_owner, 5627 }; 5628 5629 static inline void 5630 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny) 5631 { 5632 struct nfs4_lockowner *lo; 5633 5634 if (fl->fl_lmops == &nfsd_posix_mng_ops) { 5635 lo = (struct nfs4_lockowner *) fl->fl_owner; 5636 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data, 5637 lo->lo_owner.so_owner.len, GFP_KERNEL); 5638 if (!deny->ld_owner.data) 5639 /* We just don't care that much */ 5640 goto nevermind; 5641 deny->ld_owner.len = lo->lo_owner.so_owner.len; 5642 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid; 5643 } else { 5644 nevermind: 5645 deny->ld_owner.len = 0; 5646 deny->ld_owner.data = NULL; 5647 deny->ld_clientid.cl_boot = 0; 5648 deny->ld_clientid.cl_id = 0; 5649 } 5650 deny->ld_start = fl->fl_start; 5651 deny->ld_length = NFS4_MAX_UINT64; 5652 if (fl->fl_end != NFS4_MAX_UINT64) 5653 deny->ld_length = fl->fl_end - fl->fl_start + 1; 5654 deny->ld_type = NFS4_READ_LT; 5655 if (fl->fl_type != F_RDLCK) 5656 deny->ld_type = NFS4_WRITE_LT; 5657 } 5658 5659 static struct nfs4_lockowner * 5660 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner) 5661 { 5662 unsigned int strhashval = ownerstr_hashval(owner); 5663 struct nfs4_stateowner *so; 5664 5665 lockdep_assert_held(&clp->cl_lock); 5666 5667 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 5668 so_strhash) { 5669 if (so->so_is_open_owner) 5670 continue; 5671 if (same_owner_str(so, owner)) 5672 return lockowner(nfs4_get_stateowner(so)); 5673 } 5674 return NULL; 5675 } 5676 5677 static struct nfs4_lockowner * 5678 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner) 5679 { 5680 struct nfs4_lockowner *lo; 5681 5682 spin_lock(&clp->cl_lock); 5683 lo = find_lockowner_str_locked(clp, owner); 5684 spin_unlock(&clp->cl_lock); 5685 return lo; 5686 } 5687 5688 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 5689 { 5690 unhash_lockowner_locked(lockowner(sop)); 5691 } 5692 5693 static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 5694 { 5695 struct nfs4_lockowner *lo = lockowner(sop); 5696 5697 kmem_cache_free(lockowner_slab, lo); 5698 } 5699 5700 static const struct nfs4_stateowner_operations lockowner_ops = { 5701 .so_unhash = nfs4_unhash_lockowner, 5702 .so_free = nfs4_free_lockowner, 5703 }; 5704 5705 /* 5706 * Alloc a lock owner structure. 5707 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 5708 * occurred. 5709 * 5710 * strhashval = ownerstr_hashval 5711 */ 5712 static struct nfs4_lockowner * 5713 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 5714 struct nfs4_ol_stateid *open_stp, 5715 struct nfsd4_lock *lock) 5716 { 5717 struct nfs4_lockowner *lo, *ret; 5718 5719 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 5720 if (!lo) 5721 return NULL; 5722 INIT_LIST_HEAD(&lo->lo_blocked); 5723 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 5724 lo->lo_owner.so_is_open_owner = 0; 5725 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 5726 lo->lo_owner.so_ops = &lockowner_ops; 5727 spin_lock(&clp->cl_lock); 5728 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner); 5729 if (ret == NULL) { 5730 list_add(&lo->lo_owner.so_strhash, 5731 &clp->cl_ownerstr_hashtbl[strhashval]); 5732 ret = lo; 5733 } else 5734 nfs4_free_stateowner(&lo->lo_owner); 5735 5736 spin_unlock(&clp->cl_lock); 5737 return ret; 5738 } 5739 5740 static struct nfs4_ol_stateid * 5741 find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) 5742 { 5743 struct nfs4_ol_stateid *lst; 5744 struct nfs4_client *clp = lo->lo_owner.so_client; 5745 5746 lockdep_assert_held(&clp->cl_lock); 5747 5748 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { 5749 if (lst->st_stid.sc_type != NFS4_LOCK_STID) 5750 continue; 5751 if (lst->st_stid.sc_file == fp) { 5752 refcount_inc(&lst->st_stid.sc_count); 5753 return lst; 5754 } 5755 } 5756 return NULL; 5757 } 5758 5759 static struct nfs4_ol_stateid * 5760 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 5761 struct nfs4_file *fp, struct inode *inode, 5762 struct nfs4_ol_stateid *open_stp) 5763 { 5764 struct nfs4_client *clp = lo->lo_owner.so_client; 5765 struct nfs4_ol_stateid *retstp; 5766 5767 mutex_init(&stp->st_mutex); 5768 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); 5769 retry: 5770 spin_lock(&clp->cl_lock); 5771 spin_lock(&fp->fi_lock); 5772 retstp = find_lock_stateid(lo, fp); 5773 if (retstp) 5774 goto out_unlock; 5775 5776 refcount_inc(&stp->st_stid.sc_count); 5777 stp->st_stid.sc_type = NFS4_LOCK_STID; 5778 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); 5779 get_nfs4_file(fp); 5780 stp->st_stid.sc_file = fp; 5781 stp->st_access_bmap = 0; 5782 stp->st_deny_bmap = open_stp->st_deny_bmap; 5783 stp->st_openstp = open_stp; 5784 list_add(&stp->st_locks, &open_stp->st_locks); 5785 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 5786 list_add(&stp->st_perfile, &fp->fi_stateids); 5787 out_unlock: 5788 spin_unlock(&fp->fi_lock); 5789 spin_unlock(&clp->cl_lock); 5790 if (retstp) { 5791 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { 5792 nfs4_put_stid(&retstp->st_stid); 5793 goto retry; 5794 } 5795 /* To keep mutex tracking happy */ 5796 mutex_unlock(&stp->st_mutex); 5797 stp = retstp; 5798 } 5799 return stp; 5800 } 5801 5802 static struct nfs4_ol_stateid * 5803 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 5804 struct inode *inode, struct nfs4_ol_stateid *ost, 5805 bool *new) 5806 { 5807 struct nfs4_stid *ns = NULL; 5808 struct nfs4_ol_stateid *lst; 5809 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5810 struct nfs4_client *clp = oo->oo_owner.so_client; 5811 5812 *new = false; 5813 spin_lock(&clp->cl_lock); 5814 lst = find_lock_stateid(lo, fi); 5815 spin_unlock(&clp->cl_lock); 5816 if (lst != NULL) { 5817 if (nfsd4_lock_ol_stateid(lst) == nfs_ok) 5818 goto out; 5819 nfs4_put_stid(&lst->st_stid); 5820 } 5821 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid); 5822 if (ns == NULL) 5823 return NULL; 5824 5825 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost); 5826 if (lst == openlockstateid(ns)) 5827 *new = true; 5828 else 5829 nfs4_put_stid(ns); 5830 out: 5831 return lst; 5832 } 5833 5834 static int 5835 check_lock_length(u64 offset, u64 length) 5836 { 5837 return ((length == 0) || ((length != NFS4_MAX_UINT64) && 5838 (length > ~offset))); 5839 } 5840 5841 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 5842 { 5843 struct nfs4_file *fp = lock_stp->st_stid.sc_file; 5844 5845 lockdep_assert_held(&fp->fi_lock); 5846 5847 if (test_access(access, lock_stp)) 5848 return; 5849 __nfs4_file_get_access(fp, access); 5850 set_access(access, lock_stp); 5851 } 5852 5853 static __be32 5854 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 5855 struct nfs4_ol_stateid *ost, 5856 struct nfsd4_lock *lock, 5857 struct nfs4_ol_stateid **plst, bool *new) 5858 { 5859 __be32 status; 5860 struct nfs4_file *fi = ost->st_stid.sc_file; 5861 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5862 struct nfs4_client *cl = oo->oo_owner.so_client; 5863 struct inode *inode = d_inode(cstate->current_fh.fh_dentry); 5864 struct nfs4_lockowner *lo; 5865 struct nfs4_ol_stateid *lst; 5866 unsigned int strhashval; 5867 5868 lo = find_lockowner_str(cl, &lock->lk_new_owner); 5869 if (!lo) { 5870 strhashval = ownerstr_hashval(&lock->lk_new_owner); 5871 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 5872 if (lo == NULL) 5873 return nfserr_jukebox; 5874 } else { 5875 /* with an existing lockowner, seqids must be the same */ 5876 status = nfserr_bad_seqid; 5877 if (!cstate->minorversion && 5878 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 5879 goto out; 5880 } 5881 5882 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 5883 if (lst == NULL) { 5884 status = nfserr_jukebox; 5885 goto out; 5886 } 5887 5888 status = nfs_ok; 5889 *plst = lst; 5890 out: 5891 nfs4_put_stateowner(&lo->lo_owner); 5892 return status; 5893 } 5894 5895 /* 5896 * LOCK operation 5897 */ 5898 __be32 5899 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5900 union nfsd4_op_u *u) 5901 { 5902 struct nfsd4_lock *lock = &u->lock; 5903 struct nfs4_openowner *open_sop = NULL; 5904 struct nfs4_lockowner *lock_sop = NULL; 5905 struct nfs4_ol_stateid *lock_stp = NULL; 5906 struct nfs4_ol_stateid *open_stp = NULL; 5907 struct nfs4_file *fp; 5908 struct file *filp = NULL; 5909 struct nfsd4_blocked_lock *nbl = NULL; 5910 struct file_lock *file_lock = NULL; 5911 struct file_lock *conflock = NULL; 5912 __be32 status = 0; 5913 int lkflg; 5914 int err; 5915 bool new = false; 5916 unsigned char fl_type; 5917 unsigned int fl_flags = FL_POSIX; 5918 struct net *net = SVC_NET(rqstp); 5919 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5920 5921 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n", 5922 (long long) lock->lk_offset, 5923 (long long) lock->lk_length); 5924 5925 if (check_lock_length(lock->lk_offset, lock->lk_length)) 5926 return nfserr_inval; 5927 5928 if ((status = fh_verify(rqstp, &cstate->current_fh, 5929 S_IFREG, NFSD_MAY_LOCK))) { 5930 dprintk("NFSD: nfsd4_lock: permission denied!\n"); 5931 return status; 5932 } 5933 5934 if (lock->lk_is_new) { 5935 if (nfsd4_has_session(cstate)) 5936 /* See rfc 5661 18.10.3: given clientid is ignored: */ 5937 memcpy(&lock->lk_new_clientid, 5938 &cstate->session->se_client->cl_clientid, 5939 sizeof(clientid_t)); 5940 5941 status = nfserr_stale_clientid; 5942 if (STALE_CLIENTID(&lock->lk_new_clientid, nn)) 5943 goto out; 5944 5945 /* validate and update open stateid and open seqid */ 5946 status = nfs4_preprocess_confirmed_seqid_op(cstate, 5947 lock->lk_new_open_seqid, 5948 &lock->lk_new_open_stateid, 5949 &open_stp, nn); 5950 if (status) 5951 goto out; 5952 mutex_unlock(&open_stp->st_mutex); 5953 open_sop = openowner(open_stp->st_stateowner); 5954 status = nfserr_bad_stateid; 5955 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid, 5956 &lock->lk_new_clientid)) 5957 goto out; 5958 status = lookup_or_create_lock_state(cstate, open_stp, lock, 5959 &lock_stp, &new); 5960 } else { 5961 status = nfs4_preprocess_seqid_op(cstate, 5962 lock->lk_old_lock_seqid, 5963 &lock->lk_old_lock_stateid, 5964 NFS4_LOCK_STID, &lock_stp, nn); 5965 } 5966 if (status) 5967 goto out; 5968 lock_sop = lockowner(lock_stp->st_stateowner); 5969 5970 lkflg = setlkflg(lock->lk_type); 5971 status = nfs4_check_openmode(lock_stp, lkflg); 5972 if (status) 5973 goto out; 5974 5975 status = nfserr_grace; 5976 if (locks_in_grace(net) && !lock->lk_reclaim) 5977 goto out; 5978 status = nfserr_no_grace; 5979 if (!locks_in_grace(net) && lock->lk_reclaim) 5980 goto out; 5981 5982 fp = lock_stp->st_stid.sc_file; 5983 switch (lock->lk_type) { 5984 case NFS4_READW_LT: 5985 if (nfsd4_has_session(cstate)) 5986 fl_flags |= FL_SLEEP; 5987 /* Fallthrough */ 5988 case NFS4_READ_LT: 5989 spin_lock(&fp->fi_lock); 5990 filp = find_readable_file_locked(fp); 5991 if (filp) 5992 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 5993 spin_unlock(&fp->fi_lock); 5994 fl_type = F_RDLCK; 5995 break; 5996 case NFS4_WRITEW_LT: 5997 if (nfsd4_has_session(cstate)) 5998 fl_flags |= FL_SLEEP; 5999 /* Fallthrough */ 6000 case NFS4_WRITE_LT: 6001 spin_lock(&fp->fi_lock); 6002 filp = find_writeable_file_locked(fp); 6003 if (filp) 6004 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 6005 spin_unlock(&fp->fi_lock); 6006 fl_type = F_WRLCK; 6007 break; 6008 default: 6009 status = nfserr_inval; 6010 goto out; 6011 } 6012 6013 if (!filp) { 6014 status = nfserr_openmode; 6015 goto out; 6016 } 6017 6018 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn); 6019 if (!nbl) { 6020 dprintk("NFSD: %s: unable to allocate block!\n", __func__); 6021 status = nfserr_jukebox; 6022 goto out; 6023 } 6024 6025 file_lock = &nbl->nbl_lock; 6026 file_lock->fl_type = fl_type; 6027 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner)); 6028 file_lock->fl_pid = current->tgid; 6029 file_lock->fl_file = filp; 6030 file_lock->fl_flags = fl_flags; 6031 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6032 file_lock->fl_start = lock->lk_offset; 6033 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length); 6034 nfs4_transform_lock_offset(file_lock); 6035 6036 conflock = locks_alloc_lock(); 6037 if (!conflock) { 6038 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6039 status = nfserr_jukebox; 6040 goto out; 6041 } 6042 6043 if (fl_flags & FL_SLEEP) { 6044 nbl->nbl_time = jiffies; 6045 spin_lock(&nn->blocked_locks_lock); 6046 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked); 6047 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru); 6048 spin_unlock(&nn->blocked_locks_lock); 6049 } 6050 6051 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock); 6052 switch (err) { 6053 case 0: /* success! */ 6054 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid); 6055 status = 0; 6056 break; 6057 case FILE_LOCK_DEFERRED: 6058 nbl = NULL; 6059 /* Fallthrough */ 6060 case -EAGAIN: /* conflock holds conflicting lock */ 6061 status = nfserr_denied; 6062 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n"); 6063 nfs4_set_lock_denied(conflock, &lock->lk_denied); 6064 break; 6065 case -EDEADLK: 6066 status = nfserr_deadlock; 6067 break; 6068 default: 6069 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err); 6070 status = nfserrno(err); 6071 break; 6072 } 6073 out: 6074 if (nbl) { 6075 /* dequeue it if we queued it before */ 6076 if (fl_flags & FL_SLEEP) { 6077 spin_lock(&nn->blocked_locks_lock); 6078 list_del_init(&nbl->nbl_list); 6079 list_del_init(&nbl->nbl_lru); 6080 spin_unlock(&nn->blocked_locks_lock); 6081 } 6082 free_blocked_lock(nbl); 6083 } 6084 if (filp) 6085 fput(filp); 6086 if (lock_stp) { 6087 /* Bump seqid manually if the 4.0 replay owner is openowner */ 6088 if (cstate->replay_owner && 6089 cstate->replay_owner != &lock_sop->lo_owner && 6090 seqid_mutating_err(ntohl(status))) 6091 lock_sop->lo_owner.so_seqid++; 6092 6093 /* 6094 * If this is a new, never-before-used stateid, and we are 6095 * returning an error, then just go ahead and release it. 6096 */ 6097 if (status && new) 6098 release_lock_stateid(lock_stp); 6099 6100 mutex_unlock(&lock_stp->st_mutex); 6101 6102 nfs4_put_stid(&lock_stp->st_stid); 6103 } 6104 if (open_stp) 6105 nfs4_put_stid(&open_stp->st_stid); 6106 nfsd4_bump_seqid(cstate, status); 6107 if (conflock) 6108 locks_free_lock(conflock); 6109 return status; 6110 } 6111 6112 /* 6113 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN, 6114 * so we do a temporary open here just to get an open file to pass to 6115 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 6116 * inode operation.) 6117 */ 6118 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 6119 { 6120 struct file *file; 6121 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 6122 if (!err) { 6123 err = nfserrno(vfs_test_lock(file, lock)); 6124 fput(file); 6125 } 6126 return err; 6127 } 6128 6129 /* 6130 * LOCKT operation 6131 */ 6132 __be32 6133 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6134 union nfsd4_op_u *u) 6135 { 6136 struct nfsd4_lockt *lockt = &u->lockt; 6137 struct file_lock *file_lock = NULL; 6138 struct nfs4_lockowner *lo = NULL; 6139 __be32 status; 6140 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6141 6142 if (locks_in_grace(SVC_NET(rqstp))) 6143 return nfserr_grace; 6144 6145 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 6146 return nfserr_inval; 6147 6148 if (!nfsd4_has_session(cstate)) { 6149 status = lookup_clientid(&lockt->lt_clientid, cstate, nn); 6150 if (status) 6151 goto out; 6152 } 6153 6154 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 6155 goto out; 6156 6157 file_lock = locks_alloc_lock(); 6158 if (!file_lock) { 6159 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6160 status = nfserr_jukebox; 6161 goto out; 6162 } 6163 6164 switch (lockt->lt_type) { 6165 case NFS4_READ_LT: 6166 case NFS4_READW_LT: 6167 file_lock->fl_type = F_RDLCK; 6168 break; 6169 case NFS4_WRITE_LT: 6170 case NFS4_WRITEW_LT: 6171 file_lock->fl_type = F_WRLCK; 6172 break; 6173 default: 6174 dprintk("NFSD: nfs4_lockt: bad lock type!\n"); 6175 status = nfserr_inval; 6176 goto out; 6177 } 6178 6179 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner); 6180 if (lo) 6181 file_lock->fl_owner = (fl_owner_t)lo; 6182 file_lock->fl_pid = current->tgid; 6183 file_lock->fl_flags = FL_POSIX; 6184 6185 file_lock->fl_start = lockt->lt_offset; 6186 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length); 6187 6188 nfs4_transform_lock_offset(file_lock); 6189 6190 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock); 6191 if (status) 6192 goto out; 6193 6194 if (file_lock->fl_type != F_UNLCK) { 6195 status = nfserr_denied; 6196 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 6197 } 6198 out: 6199 if (lo) 6200 nfs4_put_stateowner(&lo->lo_owner); 6201 if (file_lock) 6202 locks_free_lock(file_lock); 6203 return status; 6204 } 6205 6206 __be32 6207 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 6208 union nfsd4_op_u *u) 6209 { 6210 struct nfsd4_locku *locku = &u->locku; 6211 struct nfs4_ol_stateid *stp; 6212 struct file *filp = NULL; 6213 struct file_lock *file_lock = NULL; 6214 __be32 status; 6215 int err; 6216 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6217 6218 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n", 6219 (long long) locku->lu_offset, 6220 (long long) locku->lu_length); 6221 6222 if (check_lock_length(locku->lu_offset, locku->lu_length)) 6223 return nfserr_inval; 6224 6225 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 6226 &locku->lu_stateid, NFS4_LOCK_STID, 6227 &stp, nn); 6228 if (status) 6229 goto out; 6230 filp = find_any_file(stp->st_stid.sc_file); 6231 if (!filp) { 6232 status = nfserr_lock_range; 6233 goto put_stateid; 6234 } 6235 file_lock = locks_alloc_lock(); 6236 if (!file_lock) { 6237 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 6238 status = nfserr_jukebox; 6239 goto fput; 6240 } 6241 6242 file_lock->fl_type = F_UNLCK; 6243 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner)); 6244 file_lock->fl_pid = current->tgid; 6245 file_lock->fl_file = filp; 6246 file_lock->fl_flags = FL_POSIX; 6247 file_lock->fl_lmops = &nfsd_posix_mng_ops; 6248 file_lock->fl_start = locku->lu_offset; 6249 6250 file_lock->fl_end = last_byte_offset(locku->lu_offset, 6251 locku->lu_length); 6252 nfs4_transform_lock_offset(file_lock); 6253 6254 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL); 6255 if (err) { 6256 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n"); 6257 goto out_nfserr; 6258 } 6259 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid); 6260 fput: 6261 fput(filp); 6262 put_stateid: 6263 mutex_unlock(&stp->st_mutex); 6264 nfs4_put_stid(&stp->st_stid); 6265 out: 6266 nfsd4_bump_seqid(cstate, status); 6267 if (file_lock) 6268 locks_free_lock(file_lock); 6269 return status; 6270 6271 out_nfserr: 6272 status = nfserrno(err); 6273 goto fput; 6274 } 6275 6276 /* 6277 * returns 6278 * true: locks held by lockowner 6279 * false: no locks held by lockowner 6280 */ 6281 static bool 6282 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 6283 { 6284 struct file_lock *fl; 6285 int status = false; 6286 struct file *filp = find_any_file(fp); 6287 struct inode *inode; 6288 struct file_lock_context *flctx; 6289 6290 if (!filp) { 6291 /* Any valid lock stateid should have some sort of access */ 6292 WARN_ON_ONCE(1); 6293 return status; 6294 } 6295 6296 inode = file_inode(filp); 6297 flctx = inode->i_flctx; 6298 6299 if (flctx && !list_empty_careful(&flctx->flc_posix)) { 6300 spin_lock(&flctx->flc_lock); 6301 list_for_each_entry(fl, &flctx->flc_posix, fl_list) { 6302 if (fl->fl_owner == (fl_owner_t)lowner) { 6303 status = true; 6304 break; 6305 } 6306 } 6307 spin_unlock(&flctx->flc_lock); 6308 } 6309 fput(filp); 6310 return status; 6311 } 6312 6313 __be32 6314 nfsd4_release_lockowner(struct svc_rqst *rqstp, 6315 struct nfsd4_compound_state *cstate, 6316 union nfsd4_op_u *u) 6317 { 6318 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner; 6319 clientid_t *clid = &rlockowner->rl_clientid; 6320 struct nfs4_stateowner *sop; 6321 struct nfs4_lockowner *lo = NULL; 6322 struct nfs4_ol_stateid *stp; 6323 struct xdr_netobj *owner = &rlockowner->rl_owner; 6324 unsigned int hashval = ownerstr_hashval(owner); 6325 __be32 status; 6326 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 6327 struct nfs4_client *clp; 6328 LIST_HEAD (reaplist); 6329 6330 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 6331 clid->cl_boot, clid->cl_id); 6332 6333 status = lookup_clientid(clid, cstate, nn); 6334 if (status) 6335 return status; 6336 6337 clp = cstate->clp; 6338 /* Find the matching lock stateowner */ 6339 spin_lock(&clp->cl_lock); 6340 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 6341 so_strhash) { 6342 6343 if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 6344 continue; 6345 6346 /* see if there are still any locks associated with it */ 6347 lo = lockowner(sop); 6348 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 6349 if (check_for_locks(stp->st_stid.sc_file, lo)) { 6350 status = nfserr_locks_held; 6351 spin_unlock(&clp->cl_lock); 6352 return status; 6353 } 6354 } 6355 6356 nfs4_get_stateowner(sop); 6357 break; 6358 } 6359 if (!lo) { 6360 spin_unlock(&clp->cl_lock); 6361 return status; 6362 } 6363 6364 unhash_lockowner_locked(lo); 6365 while (!list_empty(&lo->lo_owner.so_stateids)) { 6366 stp = list_first_entry(&lo->lo_owner.so_stateids, 6367 struct nfs4_ol_stateid, 6368 st_perstateowner); 6369 WARN_ON(!unhash_lock_stateid(stp)); 6370 put_ol_stateid_locked(stp, &reaplist); 6371 } 6372 spin_unlock(&clp->cl_lock); 6373 free_ol_stateid_reaplist(&reaplist); 6374 remove_blocked_locks(lo); 6375 nfs4_put_stateowner(&lo->lo_owner); 6376 6377 return status; 6378 } 6379 6380 static inline struct nfs4_client_reclaim * 6381 alloc_reclaim(void) 6382 { 6383 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL); 6384 } 6385 6386 bool 6387 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn) 6388 { 6389 struct nfs4_client_reclaim *crp; 6390 6391 crp = nfsd4_find_reclaim_client(name, nn); 6392 return (crp && crp->cr_clp); 6393 } 6394 6395 /* 6396 * failure => all reset bets are off, nfserr_no_grace... 6397 */ 6398 struct nfs4_client_reclaim * 6399 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn) 6400 { 6401 unsigned int strhashval; 6402 struct nfs4_client_reclaim *crp; 6403 6404 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name); 6405 crp = alloc_reclaim(); 6406 if (crp) { 6407 strhashval = clientstr_hashval(name); 6408 INIT_LIST_HEAD(&crp->cr_strhash); 6409 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]); 6410 memcpy(crp->cr_recdir, name, HEXDIR_LEN); 6411 crp->cr_clp = NULL; 6412 nn->reclaim_str_hashtbl_size++; 6413 } 6414 return crp; 6415 } 6416 6417 void 6418 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn) 6419 { 6420 list_del(&crp->cr_strhash); 6421 kfree(crp); 6422 nn->reclaim_str_hashtbl_size--; 6423 } 6424 6425 void 6426 nfs4_release_reclaim(struct nfsd_net *nn) 6427 { 6428 struct nfs4_client_reclaim *crp = NULL; 6429 int i; 6430 6431 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 6432 while (!list_empty(&nn->reclaim_str_hashtbl[i])) { 6433 crp = list_entry(nn->reclaim_str_hashtbl[i].next, 6434 struct nfs4_client_reclaim, cr_strhash); 6435 nfs4_remove_reclaim_record(crp, nn); 6436 } 6437 } 6438 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size); 6439 } 6440 6441 /* 6442 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */ 6443 struct nfs4_client_reclaim * 6444 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn) 6445 { 6446 unsigned int strhashval; 6447 struct nfs4_client_reclaim *crp = NULL; 6448 6449 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir); 6450 6451 strhashval = clientstr_hashval(recdir); 6452 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) { 6453 if (same_name(crp->cr_recdir, recdir)) { 6454 return crp; 6455 } 6456 } 6457 return NULL; 6458 } 6459 6460 /* 6461 * Called from OPEN. Look for clientid in reclaim list. 6462 */ 6463 __be32 6464 nfs4_check_open_reclaim(clientid_t *clid, 6465 struct nfsd4_compound_state *cstate, 6466 struct nfsd_net *nn) 6467 { 6468 __be32 status; 6469 6470 /* find clientid in conf_id_hashtbl */ 6471 status = lookup_clientid(clid, cstate, nn); 6472 if (status) 6473 return nfserr_reclaim_bad; 6474 6475 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags)) 6476 return nfserr_no_grace; 6477 6478 if (nfsd4_client_record_check(cstate->clp)) 6479 return nfserr_reclaim_bad; 6480 6481 return nfs_ok; 6482 } 6483 6484 #ifdef CONFIG_NFSD_FAULT_INJECTION 6485 static inline void 6486 put_client(struct nfs4_client *clp) 6487 { 6488 atomic_dec(&clp->cl_refcount); 6489 } 6490 6491 static struct nfs4_client * 6492 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 6493 { 6494 struct nfs4_client *clp; 6495 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6496 nfsd_net_id); 6497 6498 if (!nfsd_netns_ready(nn)) 6499 return NULL; 6500 6501 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6502 if (memcmp(&clp->cl_addr, addr, addr_size) == 0) 6503 return clp; 6504 } 6505 return NULL; 6506 } 6507 6508 u64 6509 nfsd_inject_print_clients(void) 6510 { 6511 struct nfs4_client *clp; 6512 u64 count = 0; 6513 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6514 nfsd_net_id); 6515 char buf[INET6_ADDRSTRLEN]; 6516 6517 if (!nfsd_netns_ready(nn)) 6518 return 0; 6519 6520 spin_lock(&nn->client_lock); 6521 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6522 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6523 pr_info("NFS Client: %s\n", buf); 6524 ++count; 6525 } 6526 spin_unlock(&nn->client_lock); 6527 6528 return count; 6529 } 6530 6531 u64 6532 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 6533 { 6534 u64 count = 0; 6535 struct nfs4_client *clp; 6536 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6537 nfsd_net_id); 6538 6539 if (!nfsd_netns_ready(nn)) 6540 return count; 6541 6542 spin_lock(&nn->client_lock); 6543 clp = nfsd_find_client(addr, addr_size); 6544 if (clp) { 6545 if (mark_client_expired_locked(clp) == nfs_ok) 6546 ++count; 6547 else 6548 clp = NULL; 6549 } 6550 spin_unlock(&nn->client_lock); 6551 6552 if (clp) 6553 expire_client(clp); 6554 6555 return count; 6556 } 6557 6558 u64 6559 nfsd_inject_forget_clients(u64 max) 6560 { 6561 u64 count = 0; 6562 struct nfs4_client *clp, *next; 6563 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6564 nfsd_net_id); 6565 LIST_HEAD(reaplist); 6566 6567 if (!nfsd_netns_ready(nn)) 6568 return count; 6569 6570 spin_lock(&nn->client_lock); 6571 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 6572 if (mark_client_expired_locked(clp) == nfs_ok) { 6573 list_add(&clp->cl_lru, &reaplist); 6574 if (max != 0 && ++count >= max) 6575 break; 6576 } 6577 } 6578 spin_unlock(&nn->client_lock); 6579 6580 list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 6581 expire_client(clp); 6582 6583 return count; 6584 } 6585 6586 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 6587 const char *type) 6588 { 6589 char buf[INET6_ADDRSTRLEN]; 6590 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 6591 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 6592 } 6593 6594 static void 6595 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 6596 struct list_head *collect) 6597 { 6598 struct nfs4_client *clp = lst->st_stid.sc_client; 6599 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6600 nfsd_net_id); 6601 6602 if (!collect) 6603 return; 6604 6605 lockdep_assert_held(&nn->client_lock); 6606 atomic_inc(&clp->cl_refcount); 6607 list_add(&lst->st_locks, collect); 6608 } 6609 6610 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 6611 struct list_head *collect, 6612 bool (*func)(struct nfs4_ol_stateid *)) 6613 { 6614 struct nfs4_openowner *oop; 6615 struct nfs4_ol_stateid *stp, *st_next; 6616 struct nfs4_ol_stateid *lst, *lst_next; 6617 u64 count = 0; 6618 6619 spin_lock(&clp->cl_lock); 6620 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 6621 list_for_each_entry_safe(stp, st_next, 6622 &oop->oo_owner.so_stateids, st_perstateowner) { 6623 list_for_each_entry_safe(lst, lst_next, 6624 &stp->st_locks, st_locks) { 6625 if (func) { 6626 if (func(lst)) 6627 nfsd_inject_add_lock_to_list(lst, 6628 collect); 6629 } 6630 ++count; 6631 /* 6632 * Despite the fact that these functions deal 6633 * with 64-bit integers for "count", we must 6634 * ensure that it doesn't blow up the 6635 * clp->cl_refcount. Throw a warning if we 6636 * start to approach INT_MAX here. 6637 */ 6638 WARN_ON_ONCE(count == (INT_MAX / 2)); 6639 if (count == max) 6640 goto out; 6641 } 6642 } 6643 } 6644 out: 6645 spin_unlock(&clp->cl_lock); 6646 6647 return count; 6648 } 6649 6650 static u64 6651 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 6652 u64 max) 6653 { 6654 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 6655 } 6656 6657 static u64 6658 nfsd_print_client_locks(struct nfs4_client *clp) 6659 { 6660 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 6661 nfsd_print_count(clp, count, "locked files"); 6662 return count; 6663 } 6664 6665 u64 6666 nfsd_inject_print_locks(void) 6667 { 6668 struct nfs4_client *clp; 6669 u64 count = 0; 6670 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6671 nfsd_net_id); 6672 6673 if (!nfsd_netns_ready(nn)) 6674 return 0; 6675 6676 spin_lock(&nn->client_lock); 6677 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6678 count += nfsd_print_client_locks(clp); 6679 spin_unlock(&nn->client_lock); 6680 6681 return count; 6682 } 6683 6684 static void 6685 nfsd_reap_locks(struct list_head *reaplist) 6686 { 6687 struct nfs4_client *clp; 6688 struct nfs4_ol_stateid *stp, *next; 6689 6690 list_for_each_entry_safe(stp, next, reaplist, st_locks) { 6691 list_del_init(&stp->st_locks); 6692 clp = stp->st_stid.sc_client; 6693 nfs4_put_stid(&stp->st_stid); 6694 put_client(clp); 6695 } 6696 } 6697 6698 u64 6699 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 6700 { 6701 unsigned int count = 0; 6702 struct nfs4_client *clp; 6703 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6704 nfsd_net_id); 6705 LIST_HEAD(reaplist); 6706 6707 if (!nfsd_netns_ready(nn)) 6708 return count; 6709 6710 spin_lock(&nn->client_lock); 6711 clp = nfsd_find_client(addr, addr_size); 6712 if (clp) 6713 count = nfsd_collect_client_locks(clp, &reaplist, 0); 6714 spin_unlock(&nn->client_lock); 6715 nfsd_reap_locks(&reaplist); 6716 return count; 6717 } 6718 6719 u64 6720 nfsd_inject_forget_locks(u64 max) 6721 { 6722 u64 count = 0; 6723 struct nfs4_client *clp; 6724 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6725 nfsd_net_id); 6726 LIST_HEAD(reaplist); 6727 6728 if (!nfsd_netns_ready(nn)) 6729 return count; 6730 6731 spin_lock(&nn->client_lock); 6732 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6733 count += nfsd_collect_client_locks(clp, &reaplist, max - count); 6734 if (max != 0 && count >= max) 6735 break; 6736 } 6737 spin_unlock(&nn->client_lock); 6738 nfsd_reap_locks(&reaplist); 6739 return count; 6740 } 6741 6742 static u64 6743 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 6744 struct list_head *collect, 6745 void (*func)(struct nfs4_openowner *)) 6746 { 6747 struct nfs4_openowner *oop, *next; 6748 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6749 nfsd_net_id); 6750 u64 count = 0; 6751 6752 lockdep_assert_held(&nn->client_lock); 6753 6754 spin_lock(&clp->cl_lock); 6755 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 6756 if (func) { 6757 func(oop); 6758 if (collect) { 6759 atomic_inc(&clp->cl_refcount); 6760 list_add(&oop->oo_perclient, collect); 6761 } 6762 } 6763 ++count; 6764 /* 6765 * Despite the fact that these functions deal with 6766 * 64-bit integers for "count", we must ensure that 6767 * it doesn't blow up the clp->cl_refcount. Throw a 6768 * warning if we start to approach INT_MAX here. 6769 */ 6770 WARN_ON_ONCE(count == (INT_MAX / 2)); 6771 if (count == max) 6772 break; 6773 } 6774 spin_unlock(&clp->cl_lock); 6775 6776 return count; 6777 } 6778 6779 static u64 6780 nfsd_print_client_openowners(struct nfs4_client *clp) 6781 { 6782 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 6783 6784 nfsd_print_count(clp, count, "openowners"); 6785 return count; 6786 } 6787 6788 static u64 6789 nfsd_collect_client_openowners(struct nfs4_client *clp, 6790 struct list_head *collect, u64 max) 6791 { 6792 return nfsd_foreach_client_openowner(clp, max, collect, 6793 unhash_openowner_locked); 6794 } 6795 6796 u64 6797 nfsd_inject_print_openowners(void) 6798 { 6799 struct nfs4_client *clp; 6800 u64 count = 0; 6801 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6802 nfsd_net_id); 6803 6804 if (!nfsd_netns_ready(nn)) 6805 return 0; 6806 6807 spin_lock(&nn->client_lock); 6808 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6809 count += nfsd_print_client_openowners(clp); 6810 spin_unlock(&nn->client_lock); 6811 6812 return count; 6813 } 6814 6815 static void 6816 nfsd_reap_openowners(struct list_head *reaplist) 6817 { 6818 struct nfs4_client *clp; 6819 struct nfs4_openowner *oop, *next; 6820 6821 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 6822 list_del_init(&oop->oo_perclient); 6823 clp = oop->oo_owner.so_client; 6824 release_openowner(oop); 6825 put_client(clp); 6826 } 6827 } 6828 6829 u64 6830 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 6831 size_t addr_size) 6832 { 6833 unsigned int count = 0; 6834 struct nfs4_client *clp; 6835 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6836 nfsd_net_id); 6837 LIST_HEAD(reaplist); 6838 6839 if (!nfsd_netns_ready(nn)) 6840 return count; 6841 6842 spin_lock(&nn->client_lock); 6843 clp = nfsd_find_client(addr, addr_size); 6844 if (clp) 6845 count = nfsd_collect_client_openowners(clp, &reaplist, 0); 6846 spin_unlock(&nn->client_lock); 6847 nfsd_reap_openowners(&reaplist); 6848 return count; 6849 } 6850 6851 u64 6852 nfsd_inject_forget_openowners(u64 max) 6853 { 6854 u64 count = 0; 6855 struct nfs4_client *clp; 6856 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6857 nfsd_net_id); 6858 LIST_HEAD(reaplist); 6859 6860 if (!nfsd_netns_ready(nn)) 6861 return count; 6862 6863 spin_lock(&nn->client_lock); 6864 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6865 count += nfsd_collect_client_openowners(clp, &reaplist, 6866 max - count); 6867 if (max != 0 && count >= max) 6868 break; 6869 } 6870 spin_unlock(&nn->client_lock); 6871 nfsd_reap_openowners(&reaplist); 6872 return count; 6873 } 6874 6875 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 6876 struct list_head *victims) 6877 { 6878 struct nfs4_delegation *dp, *next; 6879 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6880 nfsd_net_id); 6881 u64 count = 0; 6882 6883 lockdep_assert_held(&nn->client_lock); 6884 6885 spin_lock(&state_lock); 6886 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 6887 if (victims) { 6888 /* 6889 * It's not safe to mess with delegations that have a 6890 * non-zero dl_time. They might have already been broken 6891 * and could be processed by the laundromat outside of 6892 * the state_lock. Just leave them be. 6893 */ 6894 if (dp->dl_time != 0) 6895 continue; 6896 6897 atomic_inc(&clp->cl_refcount); 6898 WARN_ON(!unhash_delegation_locked(dp)); 6899 list_add(&dp->dl_recall_lru, victims); 6900 } 6901 ++count; 6902 /* 6903 * Despite the fact that these functions deal with 6904 * 64-bit integers for "count", we must ensure that 6905 * it doesn't blow up the clp->cl_refcount. Throw a 6906 * warning if we start to approach INT_MAX here. 6907 */ 6908 WARN_ON_ONCE(count == (INT_MAX / 2)); 6909 if (count == max) 6910 break; 6911 } 6912 spin_unlock(&state_lock); 6913 return count; 6914 } 6915 6916 static u64 6917 nfsd_print_client_delegations(struct nfs4_client *clp) 6918 { 6919 u64 count = nfsd_find_all_delegations(clp, 0, NULL); 6920 6921 nfsd_print_count(clp, count, "delegations"); 6922 return count; 6923 } 6924 6925 u64 6926 nfsd_inject_print_delegations(void) 6927 { 6928 struct nfs4_client *clp; 6929 u64 count = 0; 6930 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6931 nfsd_net_id); 6932 6933 if (!nfsd_netns_ready(nn)) 6934 return 0; 6935 6936 spin_lock(&nn->client_lock); 6937 list_for_each_entry(clp, &nn->client_lru, cl_lru) 6938 count += nfsd_print_client_delegations(clp); 6939 spin_unlock(&nn->client_lock); 6940 6941 return count; 6942 } 6943 6944 static void 6945 nfsd_forget_delegations(struct list_head *reaplist) 6946 { 6947 struct nfs4_client *clp; 6948 struct nfs4_delegation *dp, *next; 6949 6950 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 6951 list_del_init(&dp->dl_recall_lru); 6952 clp = dp->dl_stid.sc_client; 6953 revoke_delegation(dp); 6954 put_client(clp); 6955 } 6956 } 6957 6958 u64 6959 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 6960 size_t addr_size) 6961 { 6962 u64 count = 0; 6963 struct nfs4_client *clp; 6964 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6965 nfsd_net_id); 6966 LIST_HEAD(reaplist); 6967 6968 if (!nfsd_netns_ready(nn)) 6969 return count; 6970 6971 spin_lock(&nn->client_lock); 6972 clp = nfsd_find_client(addr, addr_size); 6973 if (clp) 6974 count = nfsd_find_all_delegations(clp, 0, &reaplist); 6975 spin_unlock(&nn->client_lock); 6976 6977 nfsd_forget_delegations(&reaplist); 6978 return count; 6979 } 6980 6981 u64 6982 nfsd_inject_forget_delegations(u64 max) 6983 { 6984 u64 count = 0; 6985 struct nfs4_client *clp; 6986 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 6987 nfsd_net_id); 6988 LIST_HEAD(reaplist); 6989 6990 if (!nfsd_netns_ready(nn)) 6991 return count; 6992 6993 spin_lock(&nn->client_lock); 6994 list_for_each_entry(clp, &nn->client_lru, cl_lru) { 6995 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 6996 if (max != 0 && count >= max) 6997 break; 6998 } 6999 spin_unlock(&nn->client_lock); 7000 nfsd_forget_delegations(&reaplist); 7001 return count; 7002 } 7003 7004 static void 7005 nfsd_recall_delegations(struct list_head *reaplist) 7006 { 7007 struct nfs4_client *clp; 7008 struct nfs4_delegation *dp, *next; 7009 7010 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 7011 list_del_init(&dp->dl_recall_lru); 7012 clp = dp->dl_stid.sc_client; 7013 /* 7014 * We skipped all entries that had a zero dl_time before, 7015 * so we can now reset the dl_time back to 0. If a delegation 7016 * break comes in now, then it won't make any difference since 7017 * we're recalling it either way. 7018 */ 7019 spin_lock(&state_lock); 7020 dp->dl_time = 0; 7021 spin_unlock(&state_lock); 7022 nfsd_break_one_deleg(dp); 7023 put_client(clp); 7024 } 7025 } 7026 7027 u64 7028 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 7029 size_t addr_size) 7030 { 7031 u64 count = 0; 7032 struct nfs4_client *clp; 7033 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7034 nfsd_net_id); 7035 LIST_HEAD(reaplist); 7036 7037 if (!nfsd_netns_ready(nn)) 7038 return count; 7039 7040 spin_lock(&nn->client_lock); 7041 clp = nfsd_find_client(addr, addr_size); 7042 if (clp) 7043 count = nfsd_find_all_delegations(clp, 0, &reaplist); 7044 spin_unlock(&nn->client_lock); 7045 7046 nfsd_recall_delegations(&reaplist); 7047 return count; 7048 } 7049 7050 u64 7051 nfsd_inject_recall_delegations(u64 max) 7052 { 7053 u64 count = 0; 7054 struct nfs4_client *clp, *next; 7055 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 7056 nfsd_net_id); 7057 LIST_HEAD(reaplist); 7058 7059 if (!nfsd_netns_ready(nn)) 7060 return count; 7061 7062 spin_lock(&nn->client_lock); 7063 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 7064 count += nfsd_find_all_delegations(clp, max - count, &reaplist); 7065 if (max != 0 && ++count >= max) 7066 break; 7067 } 7068 spin_unlock(&nn->client_lock); 7069 nfsd_recall_delegations(&reaplist); 7070 return count; 7071 } 7072 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 7073 7074 /* 7075 * Since the lifetime of a delegation isn't limited to that of an open, a 7076 * client may quite reasonably hang on to a delegation as long as it has 7077 * the inode cached. This becomes an obvious problem the first time a 7078 * client's inode cache approaches the size of the server's total memory. 7079 * 7080 * For now we avoid this problem by imposing a hard limit on the number 7081 * of delegations, which varies according to the server's memory size. 7082 */ 7083 static void 7084 set_max_delegations(void) 7085 { 7086 /* 7087 * Allow at most 4 delegations per megabyte of RAM. Quick 7088 * estimates suggest that in the worst case (where every delegation 7089 * is for a different inode), a delegation could take about 1.5K, 7090 * giving a worst case usage of about 6% of memory. 7091 */ 7092 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT); 7093 } 7094 7095 static int nfs4_state_create_net(struct net *net) 7096 { 7097 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7098 int i; 7099 7100 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7101 sizeof(struct list_head), 7102 GFP_KERNEL); 7103 if (!nn->conf_id_hashtbl) 7104 goto err; 7105 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE, 7106 sizeof(struct list_head), 7107 GFP_KERNEL); 7108 if (!nn->unconf_id_hashtbl) 7109 goto err_unconf_id; 7110 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE, 7111 sizeof(struct list_head), 7112 GFP_KERNEL); 7113 if (!nn->sessionid_hashtbl) 7114 goto err_sessionid; 7115 7116 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7117 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 7118 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 7119 } 7120 for (i = 0; i < SESSION_HASH_SIZE; i++) 7121 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 7122 nn->conf_name_tree = RB_ROOT; 7123 nn->unconf_name_tree = RB_ROOT; 7124 nn->boot_time = get_seconds(); 7125 nn->grace_ended = false; 7126 nn->nfsd4_manager.block_opens = true; 7127 INIT_LIST_HEAD(&nn->nfsd4_manager.list); 7128 INIT_LIST_HEAD(&nn->client_lru); 7129 INIT_LIST_HEAD(&nn->close_lru); 7130 INIT_LIST_HEAD(&nn->del_recall_lru); 7131 spin_lock_init(&nn->client_lock); 7132 7133 spin_lock_init(&nn->blocked_locks_lock); 7134 INIT_LIST_HEAD(&nn->blocked_locks_lru); 7135 7136 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main); 7137 get_net(net); 7138 7139 return 0; 7140 7141 err_sessionid: 7142 kfree(nn->unconf_id_hashtbl); 7143 err_unconf_id: 7144 kfree(nn->conf_id_hashtbl); 7145 err: 7146 return -ENOMEM; 7147 } 7148 7149 static void 7150 nfs4_state_destroy_net(struct net *net) 7151 { 7152 int i; 7153 struct nfs4_client *clp = NULL; 7154 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7155 7156 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7157 while (!list_empty(&nn->conf_id_hashtbl[i])) { 7158 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7159 destroy_client(clp); 7160 } 7161 } 7162 7163 WARN_ON(!list_empty(&nn->blocked_locks_lru)); 7164 7165 for (i = 0; i < CLIENT_HASH_SIZE; i++) { 7166 while (!list_empty(&nn->unconf_id_hashtbl[i])) { 7167 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash); 7168 destroy_client(clp); 7169 } 7170 } 7171 7172 kfree(nn->sessionid_hashtbl); 7173 kfree(nn->unconf_id_hashtbl); 7174 kfree(nn->conf_id_hashtbl); 7175 put_net(net); 7176 } 7177 7178 int 7179 nfs4_state_start_net(struct net *net) 7180 { 7181 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7182 int ret; 7183 7184 ret = nfs4_state_create_net(net); 7185 if (ret) 7186 return ret; 7187 locks_start_grace(net, &nn->nfsd4_manager); 7188 nfsd4_client_tracking_init(net); 7189 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %x)\n", 7190 nn->nfsd4_grace, net->ns.inum); 7191 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ); 7192 return 0; 7193 } 7194 7195 /* initialization to perform when the nfsd service is started: */ 7196 7197 int 7198 nfs4_state_start(void) 7199 { 7200 int ret; 7201 7202 ret = set_callback_cred(); 7203 if (ret) 7204 return ret; 7205 7206 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4"); 7207 if (laundry_wq == NULL) { 7208 ret = -ENOMEM; 7209 goto out_cleanup_cred; 7210 } 7211 ret = nfsd4_create_callback_queue(); 7212 if (ret) 7213 goto out_free_laundry; 7214 7215 set_max_delegations(); 7216 return 0; 7217 7218 out_free_laundry: 7219 destroy_workqueue(laundry_wq); 7220 out_cleanup_cred: 7221 cleanup_callback_cred(); 7222 return ret; 7223 } 7224 7225 void 7226 nfs4_state_shutdown_net(struct net *net) 7227 { 7228 struct nfs4_delegation *dp = NULL; 7229 struct list_head *pos, *next, reaplist; 7230 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 7231 7232 cancel_delayed_work_sync(&nn->laundromat_work); 7233 locks_end_grace(&nn->nfsd4_manager); 7234 7235 INIT_LIST_HEAD(&reaplist); 7236 spin_lock(&state_lock); 7237 list_for_each_safe(pos, next, &nn->del_recall_lru) { 7238 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7239 WARN_ON(!unhash_delegation_locked(dp)); 7240 list_add(&dp->dl_recall_lru, &reaplist); 7241 } 7242 spin_unlock(&state_lock); 7243 list_for_each_safe(pos, next, &reaplist) { 7244 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 7245 list_del_init(&dp->dl_recall_lru); 7246 destroy_unhashed_deleg(dp); 7247 } 7248 7249 nfsd4_client_tracking_exit(net); 7250 nfs4_state_destroy_net(net); 7251 } 7252 7253 void 7254 nfs4_state_shutdown(void) 7255 { 7256 destroy_workqueue(laundry_wq); 7257 nfsd4_destroy_callback_queue(); 7258 cleanup_callback_cred(); 7259 } 7260 7261 static void 7262 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7263 { 7264 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid)) 7265 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t)); 7266 } 7267 7268 static void 7269 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid) 7270 { 7271 if (cstate->minorversion) { 7272 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t)); 7273 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7274 } 7275 } 7276 7277 void 7278 clear_current_stateid(struct nfsd4_compound_state *cstate) 7279 { 7280 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG); 7281 } 7282 7283 /* 7284 * functions to set current state id 7285 */ 7286 void 7287 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, 7288 union nfsd4_op_u *u) 7289 { 7290 put_stateid(cstate, &u->open_downgrade.od_stateid); 7291 } 7292 7293 void 7294 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, 7295 union nfsd4_op_u *u) 7296 { 7297 put_stateid(cstate, &u->open.op_stateid); 7298 } 7299 7300 void 7301 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, 7302 union nfsd4_op_u *u) 7303 { 7304 put_stateid(cstate, &u->close.cl_stateid); 7305 } 7306 7307 void 7308 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, 7309 union nfsd4_op_u *u) 7310 { 7311 put_stateid(cstate, &u->lock.lk_resp_stateid); 7312 } 7313 7314 /* 7315 * functions to consume current state id 7316 */ 7317 7318 void 7319 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, 7320 union nfsd4_op_u *u) 7321 { 7322 get_stateid(cstate, &u->open_downgrade.od_stateid); 7323 } 7324 7325 void 7326 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, 7327 union nfsd4_op_u *u) 7328 { 7329 get_stateid(cstate, &u->delegreturn.dr_stateid); 7330 } 7331 7332 void 7333 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, 7334 union nfsd4_op_u *u) 7335 { 7336 get_stateid(cstate, &u->free_stateid.fr_stateid); 7337 } 7338 7339 void 7340 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, 7341 union nfsd4_op_u *u) 7342 { 7343 get_stateid(cstate, &u->setattr.sa_stateid); 7344 } 7345 7346 void 7347 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, 7348 union nfsd4_op_u *u) 7349 { 7350 get_stateid(cstate, &u->close.cl_stateid); 7351 } 7352 7353 void 7354 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, 7355 union nfsd4_op_u *u) 7356 { 7357 get_stateid(cstate, &u->locku.lu_stateid); 7358 } 7359 7360 void 7361 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, 7362 union nfsd4_op_u *u) 7363 { 7364 get_stateid(cstate, &u->read.rd_stateid); 7365 } 7366 7367 void 7368 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, 7369 union nfsd4_op_u *u) 7370 { 7371 get_stateid(cstate, &u->write.wr_stateid); 7372 } 7373