1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Central processing for nfsd. 4 * 5 * Authors: Olaf Kirch (okir@monad.swb.de) 6 * 7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de> 8 */ 9 10 #include <linux/sched/signal.h> 11 #include <linux/freezer.h> 12 #include <linux/module.h> 13 #include <linux/fs_struct.h> 14 #include <linux/swap.h> 15 16 #include <linux/sunrpc/stats.h> 17 #include <linux/sunrpc/svcsock.h> 18 #include <linux/sunrpc/svc_xprt.h> 19 #include <linux/lockd/bind.h> 20 #include <linux/nfsacl.h> 21 #include <linux/seq_file.h> 22 #include <linux/inetdevice.h> 23 #include <net/addrconf.h> 24 #include <net/ipv6.h> 25 #include <net/net_namespace.h> 26 #include "nfsd.h" 27 #include "cache.h" 28 #include "vfs.h" 29 #include "netns.h" 30 #include "filecache.h" 31 32 #include "trace.h" 33 34 #define NFSDDBG_FACILITY NFSDDBG_SVC 35 36 extern struct svc_program nfsd_program; 37 static int nfsd(void *vrqstp); 38 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 39 static int nfsd_acl_rpcbind_set(struct net *, 40 const struct svc_program *, 41 u32, int, 42 unsigned short, 43 unsigned short); 44 static __be32 nfsd_acl_init_request(struct svc_rqst *, 45 const struct svc_program *, 46 struct svc_process_info *); 47 #endif 48 static int nfsd_rpcbind_set(struct net *, 49 const struct svc_program *, 50 u32, int, 51 unsigned short, 52 unsigned short); 53 static __be32 nfsd_init_request(struct svc_rqst *, 54 const struct svc_program *, 55 struct svc_process_info *); 56 57 /* 58 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and the members 59 * of the svc_serv struct. In particular, ->sv_nrthreads but also to some 60 * extent ->sv_temp_socks and ->sv_permsocks. It also protects nfsdstats.th_cnt 61 * 62 * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a 63 * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0. That number 64 * of nfsd threads must exist and each must listed in ->sp_all_threads in each 65 * entry of ->sv_pools[]. 66 * 67 * Transitions of the thread count between zero and non-zero are of particular 68 * interest since the svc_serv needs to be created and initialized at that 69 * point, or freed. 70 * 71 * Finally, the nfsd_mutex also protects some of the global variables that are 72 * accessed when nfsd starts and that are settable via the write_* routines in 73 * nfsctl.c. In particular: 74 * 75 * user_recovery_dirname 76 * user_lease_time 77 * nfsd_versions 78 */ 79 DEFINE_MUTEX(nfsd_mutex); 80 81 /* 82 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used. 83 * nfsd_drc_max_pages limits the total amount of memory available for 84 * version 4.1 DRC caches. 85 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage. 86 */ 87 spinlock_t nfsd_drc_lock; 88 unsigned long nfsd_drc_max_mem; 89 unsigned long nfsd_drc_mem_used; 90 91 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 92 static struct svc_stat nfsd_acl_svcstats; 93 static const struct svc_version *nfsd_acl_version[] = { 94 [2] = &nfsd_acl_version2, 95 [3] = &nfsd_acl_version3, 96 }; 97 98 #define NFSD_ACL_MINVERS 2 99 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version) 100 101 static struct svc_program nfsd_acl_program = { 102 .pg_prog = NFS_ACL_PROGRAM, 103 .pg_nvers = NFSD_ACL_NRVERS, 104 .pg_vers = nfsd_acl_version, 105 .pg_name = "nfsacl", 106 .pg_class = "nfsd", 107 .pg_stats = &nfsd_acl_svcstats, 108 .pg_authenticate = &svc_set_client, 109 .pg_init_request = nfsd_acl_init_request, 110 .pg_rpcbind_set = nfsd_acl_rpcbind_set, 111 }; 112 113 static struct svc_stat nfsd_acl_svcstats = { 114 .program = &nfsd_acl_program, 115 }; 116 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ 117 118 static const struct svc_version *nfsd_version[] = { 119 [2] = &nfsd_version2, 120 #if defined(CONFIG_NFSD_V3) 121 [3] = &nfsd_version3, 122 #endif 123 #if defined(CONFIG_NFSD_V4) 124 [4] = &nfsd_version4, 125 #endif 126 }; 127 128 #define NFSD_MINVERS 2 129 #define NFSD_NRVERS ARRAY_SIZE(nfsd_version) 130 131 struct svc_program nfsd_program = { 132 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 133 .pg_next = &nfsd_acl_program, 134 #endif 135 .pg_prog = NFS_PROGRAM, /* program number */ 136 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */ 137 .pg_vers = nfsd_version, /* version table */ 138 .pg_name = "nfsd", /* program name */ 139 .pg_class = "nfsd", /* authentication class */ 140 .pg_stats = &nfsd_svcstats, /* version table */ 141 .pg_authenticate = &svc_set_client, /* export authentication */ 142 .pg_init_request = nfsd_init_request, 143 .pg_rpcbind_set = nfsd_rpcbind_set, 144 }; 145 146 static bool 147 nfsd_support_version(int vers) 148 { 149 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS) 150 return nfsd_version[vers] != NULL; 151 return false; 152 } 153 154 static bool * 155 nfsd_alloc_versions(void) 156 { 157 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL); 158 unsigned i; 159 160 if (vers) { 161 /* All compiled versions are enabled by default */ 162 for (i = 0; i < NFSD_NRVERS; i++) 163 vers[i] = nfsd_support_version(i); 164 } 165 return vers; 166 } 167 168 static bool * 169 nfsd_alloc_minorversions(void) 170 { 171 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1, 172 sizeof(bool), GFP_KERNEL); 173 unsigned i; 174 175 if (vers) { 176 /* All minor versions are enabled by default */ 177 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) 178 vers[i] = nfsd_support_version(4); 179 } 180 return vers; 181 } 182 183 void 184 nfsd_netns_free_versions(struct nfsd_net *nn) 185 { 186 kfree(nn->nfsd_versions); 187 kfree(nn->nfsd4_minorversions); 188 nn->nfsd_versions = NULL; 189 nn->nfsd4_minorversions = NULL; 190 } 191 192 static void 193 nfsd_netns_init_versions(struct nfsd_net *nn) 194 { 195 if (!nn->nfsd_versions) { 196 nn->nfsd_versions = nfsd_alloc_versions(); 197 nn->nfsd4_minorversions = nfsd_alloc_minorversions(); 198 if (!nn->nfsd_versions || !nn->nfsd4_minorversions) 199 nfsd_netns_free_versions(nn); 200 } 201 } 202 203 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change) 204 { 205 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS) 206 return 0; 207 switch(change) { 208 case NFSD_SET: 209 if (nn->nfsd_versions) 210 nn->nfsd_versions[vers] = nfsd_support_version(vers); 211 break; 212 case NFSD_CLEAR: 213 nfsd_netns_init_versions(nn); 214 if (nn->nfsd_versions) 215 nn->nfsd_versions[vers] = false; 216 break; 217 case NFSD_TEST: 218 if (nn->nfsd_versions) 219 return nn->nfsd_versions[vers]; 220 fallthrough; 221 case NFSD_AVAIL: 222 return nfsd_support_version(vers); 223 } 224 return 0; 225 } 226 227 static void 228 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn) 229 { 230 unsigned i; 231 232 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) { 233 if (nn->nfsd4_minorversions[i]) 234 return; 235 } 236 nfsd_vers(nn, 4, NFSD_CLEAR); 237 } 238 239 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change) 240 { 241 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION && 242 change != NFSD_AVAIL) 243 return -1; 244 245 switch(change) { 246 case NFSD_SET: 247 if (nn->nfsd4_minorversions) { 248 nfsd_vers(nn, 4, NFSD_SET); 249 nn->nfsd4_minorversions[minorversion] = 250 nfsd_vers(nn, 4, NFSD_TEST); 251 } 252 break; 253 case NFSD_CLEAR: 254 nfsd_netns_init_versions(nn); 255 if (nn->nfsd4_minorversions) { 256 nn->nfsd4_minorversions[minorversion] = false; 257 nfsd_adjust_nfsd_versions4(nn); 258 } 259 break; 260 case NFSD_TEST: 261 if (nn->nfsd4_minorversions) 262 return nn->nfsd4_minorversions[minorversion]; 263 return nfsd_vers(nn, 4, NFSD_TEST); 264 case NFSD_AVAIL: 265 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION && 266 nfsd_vers(nn, 4, NFSD_AVAIL); 267 } 268 return 0; 269 } 270 271 /* 272 * Maximum number of nfsd processes 273 */ 274 #define NFSD_MAXSERVS 8192 275 276 int nfsd_nrthreads(struct net *net) 277 { 278 int rv = 0; 279 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 280 281 mutex_lock(&nfsd_mutex); 282 if (nn->nfsd_serv) 283 rv = nn->nfsd_serv->sv_nrthreads; 284 mutex_unlock(&nfsd_mutex); 285 return rv; 286 } 287 288 static int nfsd_init_socks(struct net *net, const struct cred *cred) 289 { 290 int error; 291 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 292 293 if (!list_empty(&nn->nfsd_serv->sv_permsocks)) 294 return 0; 295 296 error = svc_create_xprt(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT, 297 SVC_SOCK_DEFAULTS, cred); 298 if (error < 0) 299 return error; 300 301 error = svc_create_xprt(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT, 302 SVC_SOCK_DEFAULTS, cred); 303 if (error < 0) 304 return error; 305 306 return 0; 307 } 308 309 static int nfsd_users = 0; 310 311 static int nfsd_startup_generic(int nrservs) 312 { 313 int ret; 314 315 if (nfsd_users++) 316 return 0; 317 318 ret = nfsd_file_cache_init(); 319 if (ret) 320 goto dec_users; 321 322 ret = nfs4_state_start(); 323 if (ret) 324 goto out_file_cache; 325 return 0; 326 327 out_file_cache: 328 nfsd_file_cache_shutdown(); 329 dec_users: 330 nfsd_users--; 331 return ret; 332 } 333 334 static void nfsd_shutdown_generic(void) 335 { 336 if (--nfsd_users) 337 return; 338 339 nfs4_state_shutdown(); 340 nfsd_file_cache_shutdown(); 341 } 342 343 static bool nfsd_needs_lockd(struct nfsd_net *nn) 344 { 345 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST); 346 } 347 348 void nfsd_copy_boot_verifier(__be32 verf[2], struct nfsd_net *nn) 349 { 350 int seq = 0; 351 352 do { 353 read_seqbegin_or_lock(&nn->boot_lock, &seq); 354 /* 355 * This is opaque to client, so no need to byte-swap. Use 356 * __force to keep sparse happy. y2038 time_t overflow is 357 * irrelevant in this usage 358 */ 359 verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec; 360 verf[1] = (__force __be32)nn->nfssvc_boot.tv_nsec; 361 } while (need_seqretry(&nn->boot_lock, seq)); 362 done_seqretry(&nn->boot_lock, seq); 363 } 364 365 static void nfsd_reset_boot_verifier_locked(struct nfsd_net *nn) 366 { 367 ktime_get_real_ts64(&nn->nfssvc_boot); 368 } 369 370 void nfsd_reset_boot_verifier(struct nfsd_net *nn) 371 { 372 write_seqlock(&nn->boot_lock); 373 nfsd_reset_boot_verifier_locked(nn); 374 write_sequnlock(&nn->boot_lock); 375 } 376 377 static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cred) 378 { 379 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 380 int ret; 381 382 if (nn->nfsd_net_up) 383 return 0; 384 385 ret = nfsd_startup_generic(nrservs); 386 if (ret) 387 return ret; 388 ret = nfsd_init_socks(net, cred); 389 if (ret) 390 goto out_socks; 391 392 if (nfsd_needs_lockd(nn) && !nn->lockd_up) { 393 ret = lockd_up(net, cred); 394 if (ret) 395 goto out_socks; 396 nn->lockd_up = true; 397 } 398 399 ret = nfsd_file_cache_start_net(net); 400 if (ret) 401 goto out_lockd; 402 ret = nfs4_state_start_net(net); 403 if (ret) 404 goto out_filecache; 405 406 nn->nfsd_net_up = true; 407 return 0; 408 409 out_filecache: 410 nfsd_file_cache_shutdown_net(net); 411 out_lockd: 412 if (nn->lockd_up) { 413 lockd_down(net); 414 nn->lockd_up = false; 415 } 416 out_socks: 417 nfsd_shutdown_generic(); 418 return ret; 419 } 420 421 static void nfsd_shutdown_net(struct net *net) 422 { 423 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 424 425 nfsd_file_cache_shutdown_net(net); 426 nfs4_state_shutdown_net(net); 427 if (nn->lockd_up) { 428 lockd_down(net); 429 nn->lockd_up = false; 430 } 431 nn->nfsd_net_up = false; 432 nfsd_shutdown_generic(); 433 } 434 435 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event, 436 void *ptr) 437 { 438 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 439 struct net_device *dev = ifa->ifa_dev->dev; 440 struct net *net = dev_net(dev); 441 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 442 struct sockaddr_in sin; 443 444 if ((event != NETDEV_DOWN) || 445 !atomic_inc_not_zero(&nn->ntf_refcnt)) 446 goto out; 447 448 if (nn->nfsd_serv) { 449 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local); 450 sin.sin_family = AF_INET; 451 sin.sin_addr.s_addr = ifa->ifa_local; 452 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin); 453 } 454 atomic_dec(&nn->ntf_refcnt); 455 wake_up(&nn->ntf_wq); 456 457 out: 458 return NOTIFY_DONE; 459 } 460 461 static struct notifier_block nfsd_inetaddr_notifier = { 462 .notifier_call = nfsd_inetaddr_event, 463 }; 464 465 #if IS_ENABLED(CONFIG_IPV6) 466 static int nfsd_inet6addr_event(struct notifier_block *this, 467 unsigned long event, void *ptr) 468 { 469 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; 470 struct net_device *dev = ifa->idev->dev; 471 struct net *net = dev_net(dev); 472 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 473 struct sockaddr_in6 sin6; 474 475 if ((event != NETDEV_DOWN) || 476 !atomic_inc_not_zero(&nn->ntf_refcnt)) 477 goto out; 478 479 if (nn->nfsd_serv) { 480 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr); 481 sin6.sin6_family = AF_INET6; 482 sin6.sin6_addr = ifa->addr; 483 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL) 484 sin6.sin6_scope_id = ifa->idev->dev->ifindex; 485 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6); 486 } 487 atomic_dec(&nn->ntf_refcnt); 488 wake_up(&nn->ntf_wq); 489 out: 490 return NOTIFY_DONE; 491 } 492 493 static struct notifier_block nfsd_inet6addr_notifier = { 494 .notifier_call = nfsd_inet6addr_event, 495 }; 496 #endif 497 498 /* Only used under nfsd_mutex, so this atomic may be overkill: */ 499 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0); 500 501 static void nfsd_last_thread(struct svc_serv *serv, struct net *net) 502 { 503 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 504 505 atomic_dec(&nn->ntf_refcnt); 506 /* check if the notifier still has clients */ 507 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) { 508 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier); 509 #if IS_ENABLED(CONFIG_IPV6) 510 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier); 511 #endif 512 } 513 wait_event(nn->ntf_wq, atomic_read(&nn->ntf_refcnt) == 0); 514 515 /* 516 * write_ports can create the server without actually starting 517 * any threads--if we get shut down before any threads are 518 * started, then nfsd_last_thread will be run before any of this 519 * other initialization has been done except the rpcb information. 520 */ 521 svc_rpcb_cleanup(serv, net); 522 if (!nn->nfsd_net_up) 523 return; 524 525 nfsd_shutdown_net(net); 526 pr_info("nfsd: last server has exited, flushing export cache\n"); 527 nfsd_export_flush(net); 528 } 529 530 void nfsd_reset_versions(struct nfsd_net *nn) 531 { 532 int i; 533 534 for (i = 0; i < NFSD_NRVERS; i++) 535 if (nfsd_vers(nn, i, NFSD_TEST)) 536 return; 537 538 for (i = 0; i < NFSD_NRVERS; i++) 539 if (i != 4) 540 nfsd_vers(nn, i, NFSD_SET); 541 else { 542 int minor = 0; 543 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0) 544 minor++; 545 } 546 } 547 548 /* 549 * Each session guarantees a negotiated per slot memory cache for replies 550 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated 551 * NFSv4.1 server might want to use more memory for a DRC than a machine 552 * with mutiple services. 553 * 554 * Impose a hard limit on the number of pages for the DRC which varies 555 * according to the machines free pages. This is of course only a default. 556 * 557 * For now this is a #defined shift which could be under admin control 558 * in the future. 559 */ 560 static void set_max_drc(void) 561 { 562 #define NFSD_DRC_SIZE_SHIFT 7 563 nfsd_drc_max_mem = (nr_free_buffer_pages() 564 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE; 565 nfsd_drc_mem_used = 0; 566 spin_lock_init(&nfsd_drc_lock); 567 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem); 568 } 569 570 static int nfsd_get_default_max_blksize(void) 571 { 572 struct sysinfo i; 573 unsigned long long target; 574 unsigned long ret; 575 576 si_meminfo(&i); 577 target = (i.totalram - i.totalhigh) << PAGE_SHIFT; 578 /* 579 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig 580 * machines, but only uses 32K on 128M machines. Bottom out at 581 * 8K on 32M and smaller. Of course, this is only a default. 582 */ 583 target >>= 12; 584 585 ret = NFSSVC_MAXBLKSIZE; 586 while (ret > target && ret >= 8*1024*2) 587 ret /= 2; 588 return ret; 589 } 590 591 static const struct svc_serv_ops nfsd_thread_sv_ops = { 592 .svo_shutdown = nfsd_last_thread, 593 .svo_function = nfsd, 594 .svo_enqueue_xprt = svc_xprt_do_enqueue, 595 .svo_setup = svc_set_num_threads, 596 .svo_module = THIS_MODULE, 597 }; 598 599 bool i_am_nfsd(void) 600 { 601 return kthread_func(current) == nfsd; 602 } 603 604 int nfsd_create_serv(struct net *net) 605 { 606 int error; 607 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 608 609 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 610 if (nn->nfsd_serv) { 611 svc_get(nn->nfsd_serv); 612 return 0; 613 } 614 if (nfsd_max_blksize == 0) 615 nfsd_max_blksize = nfsd_get_default_max_blksize(); 616 nfsd_reset_versions(nn); 617 nn->nfsd_serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize, 618 &nfsd_thread_sv_ops); 619 if (nn->nfsd_serv == NULL) 620 return -ENOMEM; 621 622 nn->nfsd_serv->sv_maxconn = nn->max_connections; 623 error = svc_bind(nn->nfsd_serv, net); 624 if (error < 0) { 625 svc_destroy(nn->nfsd_serv); 626 return error; 627 } 628 629 set_max_drc(); 630 /* check if the notifier is already set */ 631 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) { 632 register_inetaddr_notifier(&nfsd_inetaddr_notifier); 633 #if IS_ENABLED(CONFIG_IPV6) 634 register_inet6addr_notifier(&nfsd_inet6addr_notifier); 635 #endif 636 } 637 atomic_inc(&nn->ntf_refcnt); 638 nfsd_reset_boot_verifier(nn); 639 return 0; 640 } 641 642 int nfsd_nrpools(struct net *net) 643 { 644 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 645 646 if (nn->nfsd_serv == NULL) 647 return 0; 648 else 649 return nn->nfsd_serv->sv_nrpools; 650 } 651 652 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net) 653 { 654 int i = 0; 655 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 656 657 if (nn->nfsd_serv != NULL) { 658 for (i = 0; i < nn->nfsd_serv->sv_nrpools && i < n; i++) 659 nthreads[i] = nn->nfsd_serv->sv_pools[i].sp_nrthreads; 660 } 661 662 return 0; 663 } 664 665 void nfsd_destroy(struct net *net) 666 { 667 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 668 int destroy = (nn->nfsd_serv->sv_nrthreads == 1); 669 670 if (destroy) 671 svc_shutdown_net(nn->nfsd_serv, net); 672 svc_destroy(nn->nfsd_serv); 673 if (destroy) 674 nn->nfsd_serv = NULL; 675 } 676 677 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net) 678 { 679 int i = 0; 680 int tot = 0; 681 int err = 0; 682 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 683 684 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 685 686 if (nn->nfsd_serv == NULL || n <= 0) 687 return 0; 688 689 if (n > nn->nfsd_serv->sv_nrpools) 690 n = nn->nfsd_serv->sv_nrpools; 691 692 /* enforce a global maximum number of threads */ 693 tot = 0; 694 for (i = 0; i < n; i++) { 695 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); 696 tot += nthreads[i]; 697 } 698 if (tot > NFSD_MAXSERVS) { 699 /* total too large: scale down requested numbers */ 700 for (i = 0; i < n && tot > 0; i++) { 701 int new = nthreads[i] * NFSD_MAXSERVS / tot; 702 tot -= (nthreads[i] - new); 703 nthreads[i] = new; 704 } 705 for (i = 0; i < n && tot > 0; i++) { 706 nthreads[i]--; 707 tot--; 708 } 709 } 710 711 /* 712 * There must always be a thread in pool 0; the admin 713 * can't shut down NFS completely using pool_threads. 714 */ 715 if (nthreads[0] == 0) 716 nthreads[0] = 1; 717 718 /* apply the new numbers */ 719 svc_get(nn->nfsd_serv); 720 for (i = 0; i < n; i++) { 721 err = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv, 722 &nn->nfsd_serv->sv_pools[i], nthreads[i]); 723 if (err) 724 break; 725 } 726 nfsd_destroy(net); 727 return err; 728 } 729 730 /* 731 * Adjust the number of threads and return the new number of threads. 732 * This is also the function that starts the server if necessary, if 733 * this is the first time nrservs is nonzero. 734 */ 735 int 736 nfsd_svc(int nrservs, struct net *net, const struct cred *cred) 737 { 738 int error; 739 bool nfsd_up_before; 740 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 741 742 mutex_lock(&nfsd_mutex); 743 dprintk("nfsd: creating service\n"); 744 745 nrservs = max(nrservs, 0); 746 nrservs = min(nrservs, NFSD_MAXSERVS); 747 error = 0; 748 749 if (nrservs == 0 && nn->nfsd_serv == NULL) 750 goto out; 751 752 strlcpy(nn->nfsd_name, utsname()->nodename, 753 sizeof(nn->nfsd_name)); 754 755 error = nfsd_create_serv(net); 756 if (error) 757 goto out; 758 759 nfsd_up_before = nn->nfsd_net_up; 760 761 error = nfsd_startup_net(nrservs, net, cred); 762 if (error) 763 goto out_destroy; 764 error = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv, 765 NULL, nrservs); 766 if (error) 767 goto out_shutdown; 768 /* We are holding a reference to nn->nfsd_serv which 769 * we don't want to count in the return value, 770 * so subtract 1 771 */ 772 error = nn->nfsd_serv->sv_nrthreads - 1; 773 out_shutdown: 774 if (error < 0 && !nfsd_up_before) 775 nfsd_shutdown_net(net); 776 out_destroy: 777 nfsd_destroy(net); /* Release server */ 778 out: 779 mutex_unlock(&nfsd_mutex); 780 return error; 781 } 782 783 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 784 static bool 785 nfsd_support_acl_version(int vers) 786 { 787 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS) 788 return nfsd_acl_version[vers] != NULL; 789 return false; 790 } 791 792 static int 793 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp, 794 u32 version, int family, unsigned short proto, 795 unsigned short port) 796 { 797 if (!nfsd_support_acl_version(version) || 798 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 799 return 0; 800 return svc_generic_rpcbind_set(net, progp, version, family, 801 proto, port); 802 } 803 804 static __be32 805 nfsd_acl_init_request(struct svc_rqst *rqstp, 806 const struct svc_program *progp, 807 struct svc_process_info *ret) 808 { 809 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 810 int i; 811 812 if (likely(nfsd_support_acl_version(rqstp->rq_vers) && 813 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 814 return svc_generic_init_request(rqstp, progp, ret); 815 816 ret->mismatch.lovers = NFSD_ACL_NRVERS; 817 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) { 818 if (nfsd_support_acl_version(rqstp->rq_vers) && 819 nfsd_vers(nn, i, NFSD_TEST)) { 820 ret->mismatch.lovers = i; 821 break; 822 } 823 } 824 if (ret->mismatch.lovers == NFSD_ACL_NRVERS) 825 return rpc_prog_unavail; 826 ret->mismatch.hivers = NFSD_ACL_MINVERS; 827 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) { 828 if (nfsd_support_acl_version(rqstp->rq_vers) && 829 nfsd_vers(nn, i, NFSD_TEST)) { 830 ret->mismatch.hivers = i; 831 break; 832 } 833 } 834 return rpc_prog_mismatch; 835 } 836 #endif 837 838 static int 839 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp, 840 u32 version, int family, unsigned short proto, 841 unsigned short port) 842 { 843 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 844 return 0; 845 return svc_generic_rpcbind_set(net, progp, version, family, 846 proto, port); 847 } 848 849 static __be32 850 nfsd_init_request(struct svc_rqst *rqstp, 851 const struct svc_program *progp, 852 struct svc_process_info *ret) 853 { 854 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 855 int i; 856 857 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 858 return svc_generic_init_request(rqstp, progp, ret); 859 860 ret->mismatch.lovers = NFSD_NRVERS; 861 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) { 862 if (nfsd_vers(nn, i, NFSD_TEST)) { 863 ret->mismatch.lovers = i; 864 break; 865 } 866 } 867 if (ret->mismatch.lovers == NFSD_NRVERS) 868 return rpc_prog_unavail; 869 ret->mismatch.hivers = NFSD_MINVERS; 870 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) { 871 if (nfsd_vers(nn, i, NFSD_TEST)) { 872 ret->mismatch.hivers = i; 873 break; 874 } 875 } 876 return rpc_prog_mismatch; 877 } 878 879 /* 880 * This is the NFS server kernel thread 881 */ 882 static int 883 nfsd(void *vrqstp) 884 { 885 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; 886 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); 887 struct net *net = perm_sock->xpt_net; 888 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 889 int err; 890 891 /* Lock module and set up kernel thread */ 892 mutex_lock(&nfsd_mutex); 893 894 /* At this point, the thread shares current->fs 895 * with the init process. We need to create files with the 896 * umask as defined by the client instead of init's umask. */ 897 if (unshare_fs_struct() < 0) { 898 printk("Unable to start nfsd thread: out of memory\n"); 899 goto out; 900 } 901 902 current->fs->umask = 0; 903 904 /* 905 * thread is spawned with all signals set to SIG_IGN, re-enable 906 * the ones that will bring down the thread 907 */ 908 allow_signal(SIGKILL); 909 allow_signal(SIGHUP); 910 allow_signal(SIGINT); 911 allow_signal(SIGQUIT); 912 913 nfsdstats.th_cnt++; 914 mutex_unlock(&nfsd_mutex); 915 916 set_freezable(); 917 918 /* 919 * The main request loop 920 */ 921 for (;;) { 922 /* Update sv_maxconn if it has changed */ 923 rqstp->rq_server->sv_maxconn = nn->max_connections; 924 925 /* 926 * Find a socket with data available and call its 927 * recvfrom routine. 928 */ 929 while ((err = svc_recv(rqstp, 60*60*HZ)) == -EAGAIN) 930 ; 931 if (err == -EINTR) 932 break; 933 validate_process_creds(); 934 svc_process(rqstp); 935 validate_process_creds(); 936 } 937 938 /* Clear signals before calling svc_exit_thread() */ 939 flush_signals(current); 940 941 mutex_lock(&nfsd_mutex); 942 nfsdstats.th_cnt --; 943 944 out: 945 rqstp->rq_server = NULL; 946 947 /* Release the thread */ 948 svc_exit_thread(rqstp); 949 950 nfsd_destroy(net); 951 952 /* Release module */ 953 mutex_unlock(&nfsd_mutex); 954 module_put_and_exit(0); 955 return 0; 956 } 957 958 /* 959 * A write procedure can have a large argument, and a read procedure can 960 * have a large reply, but no NFSv2 or NFSv3 procedure has argument and 961 * reply that can both be larger than a page. The xdr code has taken 962 * advantage of this assumption to be a sloppy about bounds checking in 963 * some cases. Pending a rewrite of the NFSv2/v3 xdr code to fix that 964 * problem, we enforce these assumptions here: 965 */ 966 static bool nfs_request_too_big(struct svc_rqst *rqstp, 967 const struct svc_procedure *proc) 968 { 969 /* 970 * The ACL code has more careful bounds-checking and is not 971 * susceptible to this problem: 972 */ 973 if (rqstp->rq_prog != NFS_PROGRAM) 974 return false; 975 /* 976 * Ditto NFSv4 (which can in theory have argument and reply both 977 * more than a page): 978 */ 979 if (rqstp->rq_vers >= 4) 980 return false; 981 /* The reply will be small, we're OK: */ 982 if (proc->pc_xdrressize > 0 && 983 proc->pc_xdrressize < XDR_QUADLEN(PAGE_SIZE)) 984 return false; 985 986 return rqstp->rq_arg.len > PAGE_SIZE; 987 } 988 989 /** 990 * nfsd_dispatch - Process an NFS or NFSACL Request 991 * @rqstp: incoming request 992 * @statp: pointer to location of accept_stat field in RPC Reply buffer 993 * 994 * This RPC dispatcher integrates the NFS server's duplicate reply cache. 995 * 996 * Return values: 997 * %0: Processing complete; do not send a Reply 998 * %1: Processing complete; send Reply in rqstp->rq_res 999 */ 1000 int nfsd_dispatch(struct svc_rqst *rqstp, __be32 *statp) 1001 { 1002 const struct svc_procedure *proc = rqstp->rq_procinfo; 1003 struct kvec *argv = &rqstp->rq_arg.head[0]; 1004 struct kvec *resv = &rqstp->rq_res.head[0]; 1005 __be32 *p; 1006 1007 if (nfs_request_too_big(rqstp, proc)) 1008 goto out_decode_err; 1009 1010 /* 1011 * Give the xdr decoder a chance to change this if it wants 1012 * (necessary in the NFSv4.0 compound case) 1013 */ 1014 rqstp->rq_cachetype = proc->pc_cachetype; 1015 1016 svcxdr_init_decode(rqstp); 1017 if (!proc->pc_decode(rqstp, argv->iov_base)) 1018 goto out_decode_err; 1019 1020 switch (nfsd_cache_lookup(rqstp)) { 1021 case RC_DOIT: 1022 break; 1023 case RC_REPLY: 1024 goto out_cached_reply; 1025 case RC_DROPIT: 1026 goto out_dropit; 1027 } 1028 1029 /* 1030 * Need to grab the location to store the status, as 1031 * NFSv4 does some encoding while processing 1032 */ 1033 p = resv->iov_base + resv->iov_len; 1034 resv->iov_len += sizeof(__be32); 1035 1036 *statp = proc->pc_func(rqstp); 1037 if (*statp == rpc_drop_reply || test_bit(RQ_DROPME, &rqstp->rq_flags)) 1038 goto out_update_drop; 1039 1040 if (!proc->pc_encode(rqstp, p)) 1041 goto out_encode_err; 1042 1043 nfsd_cache_update(rqstp, rqstp->rq_cachetype, statp + 1); 1044 out_cached_reply: 1045 return 1; 1046 1047 out_decode_err: 1048 trace_nfsd_garbage_args_err(rqstp); 1049 *statp = rpc_garbage_args; 1050 return 1; 1051 1052 out_update_drop: 1053 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1054 out_dropit: 1055 return 0; 1056 1057 out_encode_err: 1058 trace_nfsd_cant_encode_err(rqstp); 1059 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1060 *statp = rpc_system_err; 1061 return 1; 1062 } 1063 1064 /** 1065 * nfssvc_decode_voidarg - Decode void arguments 1066 * @rqstp: Server RPC transaction context 1067 * @p: buffer containing arguments to decode 1068 * 1069 * Return values: 1070 * %0: Arguments were not valid 1071 * %1: Decoding was successful 1072 */ 1073 int nfssvc_decode_voidarg(struct svc_rqst *rqstp, __be32 *p) 1074 { 1075 return 1; 1076 } 1077 1078 /** 1079 * nfssvc_encode_voidres - Encode void results 1080 * @rqstp: Server RPC transaction context 1081 * @p: buffer in which to encode results 1082 * 1083 * Return values: 1084 * %0: Local error while encoding 1085 * %1: Encoding was successful 1086 */ 1087 int nfssvc_encode_voidres(struct svc_rqst *rqstp, __be32 *p) 1088 { 1089 return xdr_ressize_check(rqstp, p); 1090 } 1091 1092 int nfsd_pool_stats_open(struct inode *inode, struct file *file) 1093 { 1094 int ret; 1095 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id); 1096 1097 mutex_lock(&nfsd_mutex); 1098 if (nn->nfsd_serv == NULL) { 1099 mutex_unlock(&nfsd_mutex); 1100 return -ENODEV; 1101 } 1102 /* bump up the psudo refcount while traversing */ 1103 svc_get(nn->nfsd_serv); 1104 ret = svc_pool_stats_open(nn->nfsd_serv, file); 1105 mutex_unlock(&nfsd_mutex); 1106 return ret; 1107 } 1108 1109 int nfsd_pool_stats_release(struct inode *inode, struct file *file) 1110 { 1111 int ret = seq_release(inode, file); 1112 struct net *net = inode->i_sb->s_fs_info; 1113 1114 mutex_lock(&nfsd_mutex); 1115 /* this function really, really should have been called svc_put() */ 1116 nfsd_destroy(net); 1117 mutex_unlock(&nfsd_mutex); 1118 return ret; 1119 } 1120