1 /*
2 * Copyright (c) 2001 The Regents of the University of Michigan.
3 * All rights reserved.
4 *
5 * Kendrick Smith <kmsmith@umich.edu>
6 * Andy Adamson <kandros@umich.edu>
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the University nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 *
33 */
34
35 #include <linux/file.h>
36 #include <linux/fs.h>
37 #include <linux/slab.h>
38 #include <linux/namei.h>
39 #include <linux/swap.h>
40 #include <linux/pagemap.h>
41 #include <linux/ratelimit.h>
42 #include <linux/sunrpc/svcauth_gss.h>
43 #include <linux/sunrpc/addr.h>
44 #include <linux/jhash.h>
45 #include "xdr4.h"
46 #include "xdr4cb.h"
47 #include "vfs.h"
48 #include "current_stateid.h"
49
50 #include "netns.h"
51 #include "pnfs.h"
52
53 #define NFSDDBG_FACILITY NFSDDBG_PROC
54
55 #define all_ones {{~0,~0},~0}
56 static const stateid_t one_stateid = {
57 .si_generation = ~0,
58 .si_opaque = all_ones,
59 };
60 static const stateid_t zero_stateid = {
61 /* all fields zero */
62 };
63 static const stateid_t currentstateid = {
64 .si_generation = 1,
65 };
66 static const stateid_t close_stateid = {
67 .si_generation = 0xffffffffU,
68 };
69
70 static u64 current_sessionid = 1;
71
72 #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
73 #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
74 #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t)))
75 #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t)))
76
77 /* forward declarations */
78 static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner);
79 static void nfs4_free_ol_stateid(struct nfs4_stid *stid);
80
81 /* Locking: */
82
83 /*
84 * Currently used for the del_recall_lru and file hash table. In an
85 * effort to decrease the scope of the client_mutex, this spinlock may
86 * eventually cover more:
87 */
88 static DEFINE_SPINLOCK(state_lock);
89
90 /*
91 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for
92 * the refcount on the open stateid to drop.
93 */
94 static DECLARE_WAIT_QUEUE_HEAD(close_wq);
95
96 static struct kmem_cache *openowner_slab;
97 static struct kmem_cache *lockowner_slab;
98 static struct kmem_cache *file_slab;
99 static struct kmem_cache *stateid_slab;
100 static struct kmem_cache *deleg_slab;
101 static struct kmem_cache *odstate_slab;
102
103 static void free_session(struct nfsd4_session *);
104
105 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops;
106 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops;
107
is_session_dead(struct nfsd4_session * ses)108 static bool is_session_dead(struct nfsd4_session *ses)
109 {
110 return ses->se_flags & NFS4_SESSION_DEAD;
111 }
112
mark_session_dead_locked(struct nfsd4_session * ses,int ref_held_by_me)113 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me)
114 {
115 if (atomic_read(&ses->se_ref) > ref_held_by_me)
116 return nfserr_jukebox;
117 ses->se_flags |= NFS4_SESSION_DEAD;
118 return nfs_ok;
119 }
120
is_client_expired(struct nfs4_client * clp)121 static bool is_client_expired(struct nfs4_client *clp)
122 {
123 return clp->cl_time == 0;
124 }
125
get_client_locked(struct nfs4_client * clp)126 static __be32 get_client_locked(struct nfs4_client *clp)
127 {
128 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
129
130 lockdep_assert_held(&nn->client_lock);
131
132 if (is_client_expired(clp))
133 return nfserr_expired;
134 atomic_inc(&clp->cl_refcount);
135 return nfs_ok;
136 }
137
138 /* must be called under the client_lock */
139 static inline void
renew_client_locked(struct nfs4_client * clp)140 renew_client_locked(struct nfs4_client *clp)
141 {
142 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
143
144 if (is_client_expired(clp)) {
145 WARN_ON(1);
146 printk("%s: client (clientid %08x/%08x) already expired\n",
147 __func__,
148 clp->cl_clientid.cl_boot,
149 clp->cl_clientid.cl_id);
150 return;
151 }
152
153 dprintk("renewing client (clientid %08x/%08x)\n",
154 clp->cl_clientid.cl_boot,
155 clp->cl_clientid.cl_id);
156 list_move_tail(&clp->cl_lru, &nn->client_lru);
157 clp->cl_time = get_seconds();
158 }
159
put_client_renew_locked(struct nfs4_client * clp)160 static void put_client_renew_locked(struct nfs4_client *clp)
161 {
162 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
163
164 lockdep_assert_held(&nn->client_lock);
165
166 if (!atomic_dec_and_test(&clp->cl_refcount))
167 return;
168 if (!is_client_expired(clp))
169 renew_client_locked(clp);
170 }
171
put_client_renew(struct nfs4_client * clp)172 static void put_client_renew(struct nfs4_client *clp)
173 {
174 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
175
176 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock))
177 return;
178 if (!is_client_expired(clp))
179 renew_client_locked(clp);
180 spin_unlock(&nn->client_lock);
181 }
182
nfsd4_get_session_locked(struct nfsd4_session * ses)183 static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses)
184 {
185 __be32 status;
186
187 if (is_session_dead(ses))
188 return nfserr_badsession;
189 status = get_client_locked(ses->se_client);
190 if (status)
191 return status;
192 atomic_inc(&ses->se_ref);
193 return nfs_ok;
194 }
195
nfsd4_put_session_locked(struct nfsd4_session * ses)196 static void nfsd4_put_session_locked(struct nfsd4_session *ses)
197 {
198 struct nfs4_client *clp = ses->se_client;
199 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
200
201 lockdep_assert_held(&nn->client_lock);
202
203 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses))
204 free_session(ses);
205 put_client_renew_locked(clp);
206 }
207
nfsd4_put_session(struct nfsd4_session * ses)208 static void nfsd4_put_session(struct nfsd4_session *ses)
209 {
210 struct nfs4_client *clp = ses->se_client;
211 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
212
213 spin_lock(&nn->client_lock);
214 nfsd4_put_session_locked(ses);
215 spin_unlock(&nn->client_lock);
216 }
217
218 static struct nfsd4_blocked_lock *
find_blocked_lock(struct nfs4_lockowner * lo,struct knfsd_fh * fh,struct nfsd_net * nn)219 find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh,
220 struct nfsd_net *nn)
221 {
222 struct nfsd4_blocked_lock *cur, *found = NULL;
223
224 spin_lock(&nn->blocked_locks_lock);
225 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) {
226 if (fh_match(fh, &cur->nbl_fh)) {
227 list_del_init(&cur->nbl_list);
228 list_del_init(&cur->nbl_lru);
229 found = cur;
230 break;
231 }
232 }
233 spin_unlock(&nn->blocked_locks_lock);
234 if (found)
235 posix_unblock_lock(&found->nbl_lock);
236 return found;
237 }
238
239 static struct nfsd4_blocked_lock *
find_or_allocate_block(struct nfs4_lockowner * lo,struct knfsd_fh * fh,struct nfsd_net * nn)240 find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh,
241 struct nfsd_net *nn)
242 {
243 struct nfsd4_blocked_lock *nbl;
244
245 nbl = find_blocked_lock(lo, fh, nn);
246 if (!nbl) {
247 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL);
248 if (nbl) {
249 fh_copy_shallow(&nbl->nbl_fh, fh);
250 locks_init_lock(&nbl->nbl_lock);
251 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client,
252 &nfsd4_cb_notify_lock_ops,
253 NFSPROC4_CLNT_CB_NOTIFY_LOCK);
254 }
255 }
256 return nbl;
257 }
258
259 static void
free_blocked_lock(struct nfsd4_blocked_lock * nbl)260 free_blocked_lock(struct nfsd4_blocked_lock *nbl)
261 {
262 locks_release_private(&nbl->nbl_lock);
263 kfree(nbl);
264 }
265
266 static void
remove_blocked_locks(struct nfs4_lockowner * lo)267 remove_blocked_locks(struct nfs4_lockowner *lo)
268 {
269 struct nfs4_client *clp = lo->lo_owner.so_client;
270 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
271 struct nfsd4_blocked_lock *nbl;
272 LIST_HEAD(reaplist);
273
274 /* Dequeue all blocked locks */
275 spin_lock(&nn->blocked_locks_lock);
276 while (!list_empty(&lo->lo_blocked)) {
277 nbl = list_first_entry(&lo->lo_blocked,
278 struct nfsd4_blocked_lock,
279 nbl_list);
280 list_del_init(&nbl->nbl_list);
281 list_move(&nbl->nbl_lru, &reaplist);
282 }
283 spin_unlock(&nn->blocked_locks_lock);
284
285 /* Now free them */
286 while (!list_empty(&reaplist)) {
287 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock,
288 nbl_lru);
289 list_del_init(&nbl->nbl_lru);
290 posix_unblock_lock(&nbl->nbl_lock);
291 free_blocked_lock(nbl);
292 }
293 }
294
295 static int
nfsd4_cb_notify_lock_done(struct nfsd4_callback * cb,struct rpc_task * task)296 nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task)
297 {
298 /*
299 * Since this is just an optimization, we don't try very hard if it
300 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and
301 * just quit trying on anything else.
302 */
303 switch (task->tk_status) {
304 case -NFS4ERR_DELAY:
305 rpc_delay(task, 1 * HZ);
306 return 0;
307 default:
308 return 1;
309 }
310 }
311
312 static void
nfsd4_cb_notify_lock_release(struct nfsd4_callback * cb)313 nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb)
314 {
315 struct nfsd4_blocked_lock *nbl = container_of(cb,
316 struct nfsd4_blocked_lock, nbl_cb);
317
318 free_blocked_lock(nbl);
319 }
320
321 static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = {
322 .done = nfsd4_cb_notify_lock_done,
323 .release = nfsd4_cb_notify_lock_release,
324 };
325
326 static inline struct nfs4_stateowner *
nfs4_get_stateowner(struct nfs4_stateowner * sop)327 nfs4_get_stateowner(struct nfs4_stateowner *sop)
328 {
329 atomic_inc(&sop->so_count);
330 return sop;
331 }
332
333 static int
same_owner_str(struct nfs4_stateowner * sop,struct xdr_netobj * owner)334 same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner)
335 {
336 return (sop->so_owner.len == owner->len) &&
337 0 == memcmp(sop->so_owner.data, owner->data, owner->len);
338 }
339
340 static struct nfs4_openowner *
find_openstateowner_str_locked(unsigned int hashval,struct nfsd4_open * open,struct nfs4_client * clp)341 find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open,
342 struct nfs4_client *clp)
343 {
344 struct nfs4_stateowner *so;
345
346 lockdep_assert_held(&clp->cl_lock);
347
348 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval],
349 so_strhash) {
350 if (!so->so_is_open_owner)
351 continue;
352 if (same_owner_str(so, &open->op_owner))
353 return openowner(nfs4_get_stateowner(so));
354 }
355 return NULL;
356 }
357
358 static struct nfs4_openowner *
find_openstateowner_str(unsigned int hashval,struct nfsd4_open * open,struct nfs4_client * clp)359 find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open,
360 struct nfs4_client *clp)
361 {
362 struct nfs4_openowner *oo;
363
364 spin_lock(&clp->cl_lock);
365 oo = find_openstateowner_str_locked(hashval, open, clp);
366 spin_unlock(&clp->cl_lock);
367 return oo;
368 }
369
370 static inline u32
opaque_hashval(const void * ptr,int nbytes)371 opaque_hashval(const void *ptr, int nbytes)
372 {
373 unsigned char *cptr = (unsigned char *) ptr;
374
375 u32 x = 0;
376 while (nbytes--) {
377 x *= 37;
378 x += *cptr++;
379 }
380 return x;
381 }
382
nfsd4_free_file_rcu(struct rcu_head * rcu)383 static void nfsd4_free_file_rcu(struct rcu_head *rcu)
384 {
385 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu);
386
387 kmem_cache_free(file_slab, fp);
388 }
389
390 void
put_nfs4_file(struct nfs4_file * fi)391 put_nfs4_file(struct nfs4_file *fi)
392 {
393 might_lock(&state_lock);
394
395 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) {
396 hlist_del_rcu(&fi->fi_hash);
397 spin_unlock(&state_lock);
398 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate));
399 WARN_ON_ONCE(!list_empty(&fi->fi_delegations));
400 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu);
401 }
402 }
403
404 static struct file *
__nfs4_get_fd(struct nfs4_file * f,int oflag)405 __nfs4_get_fd(struct nfs4_file *f, int oflag)
406 {
407 if (f->fi_fds[oflag])
408 return get_file(f->fi_fds[oflag]);
409 return NULL;
410 }
411
412 static struct file *
find_writeable_file_locked(struct nfs4_file * f)413 find_writeable_file_locked(struct nfs4_file *f)
414 {
415 struct file *ret;
416
417 lockdep_assert_held(&f->fi_lock);
418
419 ret = __nfs4_get_fd(f, O_WRONLY);
420 if (!ret)
421 ret = __nfs4_get_fd(f, O_RDWR);
422 return ret;
423 }
424
425 static struct file *
find_writeable_file(struct nfs4_file * f)426 find_writeable_file(struct nfs4_file *f)
427 {
428 struct file *ret;
429
430 spin_lock(&f->fi_lock);
431 ret = find_writeable_file_locked(f);
432 spin_unlock(&f->fi_lock);
433
434 return ret;
435 }
436
find_readable_file_locked(struct nfs4_file * f)437 static struct file *find_readable_file_locked(struct nfs4_file *f)
438 {
439 struct file *ret;
440
441 lockdep_assert_held(&f->fi_lock);
442
443 ret = __nfs4_get_fd(f, O_RDONLY);
444 if (!ret)
445 ret = __nfs4_get_fd(f, O_RDWR);
446 return ret;
447 }
448
449 static struct file *
find_readable_file(struct nfs4_file * f)450 find_readable_file(struct nfs4_file *f)
451 {
452 struct file *ret;
453
454 spin_lock(&f->fi_lock);
455 ret = find_readable_file_locked(f);
456 spin_unlock(&f->fi_lock);
457
458 return ret;
459 }
460
461 struct file *
find_any_file(struct nfs4_file * f)462 find_any_file(struct nfs4_file *f)
463 {
464 struct file *ret;
465
466 spin_lock(&f->fi_lock);
467 ret = __nfs4_get_fd(f, O_RDWR);
468 if (!ret) {
469 ret = __nfs4_get_fd(f, O_WRONLY);
470 if (!ret)
471 ret = __nfs4_get_fd(f, O_RDONLY);
472 }
473 spin_unlock(&f->fi_lock);
474 return ret;
475 }
476
477 static atomic_long_t num_delegations;
478 unsigned long max_delegations;
479
480 /*
481 * Open owner state (share locks)
482 */
483
484 /* hash tables for lock and open owners */
485 #define OWNER_HASH_BITS 8
486 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS)
487 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1)
488
ownerstr_hashval(struct xdr_netobj * ownername)489 static unsigned int ownerstr_hashval(struct xdr_netobj *ownername)
490 {
491 unsigned int ret;
492
493 ret = opaque_hashval(ownername->data, ownername->len);
494 return ret & OWNER_HASH_MASK;
495 }
496
497 /* hash table for nfs4_file */
498 #define FILE_HASH_BITS 8
499 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS)
500
nfsd_fh_hashval(struct knfsd_fh * fh)501 static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh)
502 {
503 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0);
504 }
505
file_hashval(struct knfsd_fh * fh)506 static unsigned int file_hashval(struct knfsd_fh *fh)
507 {
508 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1);
509 }
510
511 static struct hlist_head file_hashtbl[FILE_HASH_SIZE];
512
513 static void
__nfs4_file_get_access(struct nfs4_file * fp,u32 access)514 __nfs4_file_get_access(struct nfs4_file *fp, u32 access)
515 {
516 lockdep_assert_held(&fp->fi_lock);
517
518 if (access & NFS4_SHARE_ACCESS_WRITE)
519 atomic_inc(&fp->fi_access[O_WRONLY]);
520 if (access & NFS4_SHARE_ACCESS_READ)
521 atomic_inc(&fp->fi_access[O_RDONLY]);
522 }
523
524 static __be32
nfs4_file_get_access(struct nfs4_file * fp,u32 access)525 nfs4_file_get_access(struct nfs4_file *fp, u32 access)
526 {
527 lockdep_assert_held(&fp->fi_lock);
528
529 /* Does this access mode make sense? */
530 if (access & ~NFS4_SHARE_ACCESS_BOTH)
531 return nfserr_inval;
532
533 /* Does it conflict with a deny mode already set? */
534 if ((access & fp->fi_share_deny) != 0)
535 return nfserr_share_denied;
536
537 __nfs4_file_get_access(fp, access);
538 return nfs_ok;
539 }
540
nfs4_file_check_deny(struct nfs4_file * fp,u32 deny)541 static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny)
542 {
543 /* Common case is that there is no deny mode. */
544 if (deny) {
545 /* Does this deny mode make sense? */
546 if (deny & ~NFS4_SHARE_DENY_BOTH)
547 return nfserr_inval;
548
549 if ((deny & NFS4_SHARE_DENY_READ) &&
550 atomic_read(&fp->fi_access[O_RDONLY]))
551 return nfserr_share_denied;
552
553 if ((deny & NFS4_SHARE_DENY_WRITE) &&
554 atomic_read(&fp->fi_access[O_WRONLY]))
555 return nfserr_share_denied;
556 }
557 return nfs_ok;
558 }
559
__nfs4_file_put_access(struct nfs4_file * fp,int oflag)560 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
561 {
562 might_lock(&fp->fi_lock);
563
564 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) {
565 struct file *f1 = NULL;
566 struct file *f2 = NULL;
567
568 swap(f1, fp->fi_fds[oflag]);
569 if (atomic_read(&fp->fi_access[1 - oflag]) == 0)
570 swap(f2, fp->fi_fds[O_RDWR]);
571 spin_unlock(&fp->fi_lock);
572 if (f1)
573 fput(f1);
574 if (f2)
575 fput(f2);
576 }
577 }
578
nfs4_file_put_access(struct nfs4_file * fp,u32 access)579 static void nfs4_file_put_access(struct nfs4_file *fp, u32 access)
580 {
581 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH);
582
583 if (access & NFS4_SHARE_ACCESS_WRITE)
584 __nfs4_file_put_access(fp, O_WRONLY);
585 if (access & NFS4_SHARE_ACCESS_READ)
586 __nfs4_file_put_access(fp, O_RDONLY);
587 }
588
589 /*
590 * Allocate a new open/delegation state counter. This is needed for
591 * pNFS for proper return on close semantics.
592 *
593 * Note that we only allocate it for pNFS-enabled exports, otherwise
594 * all pointers to struct nfs4_clnt_odstate are always NULL.
595 */
596 static struct nfs4_clnt_odstate *
alloc_clnt_odstate(struct nfs4_client * clp)597 alloc_clnt_odstate(struct nfs4_client *clp)
598 {
599 struct nfs4_clnt_odstate *co;
600
601 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL);
602 if (co) {
603 co->co_client = clp;
604 atomic_set(&co->co_odcount, 1);
605 }
606 return co;
607 }
608
609 static void
hash_clnt_odstate_locked(struct nfs4_clnt_odstate * co)610 hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co)
611 {
612 struct nfs4_file *fp = co->co_file;
613
614 lockdep_assert_held(&fp->fi_lock);
615 list_add(&co->co_perfile, &fp->fi_clnt_odstate);
616 }
617
618 static inline void
get_clnt_odstate(struct nfs4_clnt_odstate * co)619 get_clnt_odstate(struct nfs4_clnt_odstate *co)
620 {
621 if (co)
622 atomic_inc(&co->co_odcount);
623 }
624
625 static void
put_clnt_odstate(struct nfs4_clnt_odstate * co)626 put_clnt_odstate(struct nfs4_clnt_odstate *co)
627 {
628 struct nfs4_file *fp;
629
630 if (!co)
631 return;
632
633 fp = co->co_file;
634 if (atomic_dec_and_lock(&co->co_odcount, &fp->fi_lock)) {
635 list_del(&co->co_perfile);
636 spin_unlock(&fp->fi_lock);
637
638 nfsd4_return_all_file_layouts(co->co_client, fp);
639 kmem_cache_free(odstate_slab, co);
640 }
641 }
642
643 static struct nfs4_clnt_odstate *
find_or_hash_clnt_odstate(struct nfs4_file * fp,struct nfs4_clnt_odstate * new)644 find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new)
645 {
646 struct nfs4_clnt_odstate *co;
647 struct nfs4_client *cl;
648
649 if (!new)
650 return NULL;
651
652 cl = new->co_client;
653
654 spin_lock(&fp->fi_lock);
655 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) {
656 if (co->co_client == cl) {
657 get_clnt_odstate(co);
658 goto out;
659 }
660 }
661 co = new;
662 co->co_file = fp;
663 hash_clnt_odstate_locked(new);
664 out:
665 spin_unlock(&fp->fi_lock);
666 return co;
667 }
668
nfs4_alloc_stid(struct nfs4_client * cl,struct kmem_cache * slab,void (* sc_free)(struct nfs4_stid *))669 struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab,
670 void (*sc_free)(struct nfs4_stid *))
671 {
672 struct nfs4_stid *stid;
673 int new_id;
674
675 stid = kmem_cache_zalloc(slab, GFP_KERNEL);
676 if (!stid)
677 return NULL;
678
679 idr_preload(GFP_KERNEL);
680 spin_lock(&cl->cl_lock);
681 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT);
682 spin_unlock(&cl->cl_lock);
683 idr_preload_end();
684 if (new_id < 0)
685 goto out_free;
686
687 stid->sc_free = sc_free;
688 stid->sc_client = cl;
689 stid->sc_stateid.si_opaque.so_id = new_id;
690 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid;
691 /* Will be incremented before return to client: */
692 atomic_set(&stid->sc_count, 1);
693 spin_lock_init(&stid->sc_lock);
694
695 /*
696 * It shouldn't be a problem to reuse an opaque stateid value.
697 * I don't think it is for 4.1. But with 4.0 I worry that, for
698 * example, a stray write retransmission could be accepted by
699 * the server when it should have been rejected. Therefore,
700 * adopt a trick from the sctp code to attempt to maximize the
701 * amount of time until an id is reused, by ensuring they always
702 * "increase" (mod INT_MAX):
703 */
704 return stid;
705 out_free:
706 kmem_cache_free(slab, stid);
707 return NULL;
708 }
709
nfs4_alloc_open_stateid(struct nfs4_client * clp)710 static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp)
711 {
712 struct nfs4_stid *stid;
713
714 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid);
715 if (!stid)
716 return NULL;
717
718 return openlockstateid(stid);
719 }
720
nfs4_free_deleg(struct nfs4_stid * stid)721 static void nfs4_free_deleg(struct nfs4_stid *stid)
722 {
723 kmem_cache_free(deleg_slab, stid);
724 atomic_long_dec(&num_delegations);
725 }
726
727 /*
728 * When we recall a delegation, we should be careful not to hand it
729 * out again straight away.
730 * To ensure this we keep a pair of bloom filters ('new' and 'old')
731 * in which the filehandles of recalled delegations are "stored".
732 * If a filehandle appear in either filter, a delegation is blocked.
733 * When a delegation is recalled, the filehandle is stored in the "new"
734 * filter.
735 * Every 30 seconds we swap the filters and clear the "new" one,
736 * unless both are empty of course.
737 *
738 * Each filter is 256 bits. We hash the filehandle to 32bit and use the
739 * low 3 bytes as hash-table indices.
740 *
741 * 'blocked_delegations_lock', which is always taken in block_delegations(),
742 * is used to manage concurrent access. Testing does not need the lock
743 * except when swapping the two filters.
744 */
745 static DEFINE_SPINLOCK(blocked_delegations_lock);
746 static struct bloom_pair {
747 int entries, old_entries;
748 time_t swap_time;
749 int new; /* index into 'set' */
750 DECLARE_BITMAP(set[2], 256);
751 } blocked_delegations;
752
delegation_blocked(struct knfsd_fh * fh)753 static int delegation_blocked(struct knfsd_fh *fh)
754 {
755 u32 hash;
756 struct bloom_pair *bd = &blocked_delegations;
757
758 if (bd->entries == 0)
759 return 0;
760 if (seconds_since_boot() - bd->swap_time > 30) {
761 spin_lock(&blocked_delegations_lock);
762 if (seconds_since_boot() - bd->swap_time > 30) {
763 bd->entries -= bd->old_entries;
764 bd->old_entries = bd->entries;
765 memset(bd->set[bd->new], 0,
766 sizeof(bd->set[0]));
767 bd->new = 1-bd->new;
768 bd->swap_time = seconds_since_boot();
769 }
770 spin_unlock(&blocked_delegations_lock);
771 }
772 hash = jhash(&fh->fh_base, fh->fh_size, 0);
773 if (test_bit(hash&255, bd->set[0]) &&
774 test_bit((hash>>8)&255, bd->set[0]) &&
775 test_bit((hash>>16)&255, bd->set[0]))
776 return 1;
777
778 if (test_bit(hash&255, bd->set[1]) &&
779 test_bit((hash>>8)&255, bd->set[1]) &&
780 test_bit((hash>>16)&255, bd->set[1]))
781 return 1;
782
783 return 0;
784 }
785
block_delegations(struct knfsd_fh * fh)786 static void block_delegations(struct knfsd_fh *fh)
787 {
788 u32 hash;
789 struct bloom_pair *bd = &blocked_delegations;
790
791 hash = jhash(&fh->fh_base, fh->fh_size, 0);
792
793 spin_lock(&blocked_delegations_lock);
794 __set_bit(hash&255, bd->set[bd->new]);
795 __set_bit((hash>>8)&255, bd->set[bd->new]);
796 __set_bit((hash>>16)&255, bd->set[bd->new]);
797 if (bd->entries == 0)
798 bd->swap_time = seconds_since_boot();
799 bd->entries += 1;
800 spin_unlock(&blocked_delegations_lock);
801 }
802
803 static struct nfs4_delegation *
alloc_init_deleg(struct nfs4_client * clp,struct svc_fh * current_fh,struct nfs4_clnt_odstate * odstate)804 alloc_init_deleg(struct nfs4_client *clp, struct svc_fh *current_fh,
805 struct nfs4_clnt_odstate *odstate)
806 {
807 struct nfs4_delegation *dp;
808 long n;
809
810 dprintk("NFSD alloc_init_deleg\n");
811 n = atomic_long_inc_return(&num_delegations);
812 if (n < 0 || n > max_delegations)
813 goto out_dec;
814 if (delegation_blocked(¤t_fh->fh_handle))
815 goto out_dec;
816 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg));
817 if (dp == NULL)
818 goto out_dec;
819
820 /*
821 * delegation seqid's are never incremented. The 4.1 special
822 * meaning of seqid 0 isn't meaningful, really, but let's avoid
823 * 0 anyway just for consistency and use 1:
824 */
825 dp->dl_stid.sc_stateid.si_generation = 1;
826 INIT_LIST_HEAD(&dp->dl_perfile);
827 INIT_LIST_HEAD(&dp->dl_perclnt);
828 INIT_LIST_HEAD(&dp->dl_recall_lru);
829 dp->dl_clnt_odstate = odstate;
830 get_clnt_odstate(odstate);
831 dp->dl_type = NFS4_OPEN_DELEGATE_READ;
832 dp->dl_retries = 1;
833 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client,
834 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL);
835 return dp;
836 out_dec:
837 atomic_long_dec(&num_delegations);
838 return NULL;
839 }
840
841 void
nfs4_put_stid(struct nfs4_stid * s)842 nfs4_put_stid(struct nfs4_stid *s)
843 {
844 struct nfs4_file *fp = s->sc_file;
845 struct nfs4_client *clp = s->sc_client;
846
847 might_lock(&clp->cl_lock);
848
849 if (!atomic_dec_and_lock(&s->sc_count, &clp->cl_lock)) {
850 wake_up_all(&close_wq);
851 return;
852 }
853 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id);
854 spin_unlock(&clp->cl_lock);
855 s->sc_free(s);
856 if (fp)
857 put_nfs4_file(fp);
858 }
859
860 void
nfs4_inc_and_copy_stateid(stateid_t * dst,struct nfs4_stid * stid)861 nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid)
862 {
863 stateid_t *src = &stid->sc_stateid;
864
865 spin_lock(&stid->sc_lock);
866 if (unlikely(++src->si_generation == 0))
867 src->si_generation = 1;
868 memcpy(dst, src, sizeof(*dst));
869 spin_unlock(&stid->sc_lock);
870 }
871
nfs4_put_deleg_lease(struct nfs4_file * fp)872 static void nfs4_put_deleg_lease(struct nfs4_file *fp)
873 {
874 struct file *filp = NULL;
875
876 spin_lock(&fp->fi_lock);
877 if (fp->fi_deleg_file && --fp->fi_delegees == 0)
878 swap(filp, fp->fi_deleg_file);
879 spin_unlock(&fp->fi_lock);
880
881 if (filp) {
882 vfs_setlease(filp, F_UNLCK, NULL, (void **)&fp);
883 fput(filp);
884 }
885 }
886
nfs4_unhash_stid(struct nfs4_stid * s)887 void nfs4_unhash_stid(struct nfs4_stid *s)
888 {
889 s->sc_type = 0;
890 }
891
892 /**
893 * nfs4_get_existing_delegation - Discover if this delegation already exists
894 * @clp: a pointer to the nfs4_client we're granting a delegation to
895 * @fp: a pointer to the nfs4_file we're granting a delegation on
896 *
897 * Return:
898 * On success: NULL if an existing delegation was not found.
899 *
900 * On error: -EAGAIN if one was previously granted to this nfs4_client
901 * for this nfs4_file.
902 *
903 */
904
905 static int
nfs4_get_existing_delegation(struct nfs4_client * clp,struct nfs4_file * fp)906 nfs4_get_existing_delegation(struct nfs4_client *clp, struct nfs4_file *fp)
907 {
908 struct nfs4_delegation *searchdp = NULL;
909 struct nfs4_client *searchclp = NULL;
910
911 lockdep_assert_held(&state_lock);
912 lockdep_assert_held(&fp->fi_lock);
913
914 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) {
915 searchclp = searchdp->dl_stid.sc_client;
916 if (clp == searchclp) {
917 return -EAGAIN;
918 }
919 }
920 return 0;
921 }
922
923 /**
924 * hash_delegation_locked - Add a delegation to the appropriate lists
925 * @dp: a pointer to the nfs4_delegation we are adding.
926 * @fp: a pointer to the nfs4_file we're granting a delegation on
927 *
928 * Return:
929 * On success: NULL if the delegation was successfully hashed.
930 *
931 * On error: -EAGAIN if one was previously granted to this
932 * nfs4_client for this nfs4_file. Delegation is not hashed.
933 *
934 */
935
936 static int
hash_delegation_locked(struct nfs4_delegation * dp,struct nfs4_file * fp)937 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp)
938 {
939 int status;
940 struct nfs4_client *clp = dp->dl_stid.sc_client;
941
942 lockdep_assert_held(&state_lock);
943 lockdep_assert_held(&fp->fi_lock);
944
945 status = nfs4_get_existing_delegation(clp, fp);
946 if (status)
947 return status;
948 ++fp->fi_delegees;
949 atomic_inc(&dp->dl_stid.sc_count);
950 dp->dl_stid.sc_type = NFS4_DELEG_STID;
951 list_add(&dp->dl_perfile, &fp->fi_delegations);
952 list_add(&dp->dl_perclnt, &clp->cl_delegations);
953 return 0;
954 }
955
956 static bool
unhash_delegation_locked(struct nfs4_delegation * dp)957 unhash_delegation_locked(struct nfs4_delegation *dp)
958 {
959 struct nfs4_file *fp = dp->dl_stid.sc_file;
960
961 lockdep_assert_held(&state_lock);
962
963 if (list_empty(&dp->dl_perfile))
964 return false;
965
966 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID;
967 /* Ensure that deleg break won't try to requeue it */
968 ++dp->dl_time;
969 spin_lock(&fp->fi_lock);
970 list_del_init(&dp->dl_perclnt);
971 list_del_init(&dp->dl_recall_lru);
972 list_del_init(&dp->dl_perfile);
973 spin_unlock(&fp->fi_lock);
974 return true;
975 }
976
destroy_delegation(struct nfs4_delegation * dp)977 static void destroy_delegation(struct nfs4_delegation *dp)
978 {
979 bool unhashed;
980
981 spin_lock(&state_lock);
982 unhashed = unhash_delegation_locked(dp);
983 spin_unlock(&state_lock);
984 if (unhashed) {
985 put_clnt_odstate(dp->dl_clnt_odstate);
986 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
987 nfs4_put_stid(&dp->dl_stid);
988 }
989 }
990
revoke_delegation(struct nfs4_delegation * dp)991 static void revoke_delegation(struct nfs4_delegation *dp)
992 {
993 struct nfs4_client *clp = dp->dl_stid.sc_client;
994
995 WARN_ON(!list_empty(&dp->dl_recall_lru));
996
997 put_clnt_odstate(dp->dl_clnt_odstate);
998 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
999
1000 if (clp->cl_minorversion == 0)
1001 nfs4_put_stid(&dp->dl_stid);
1002 else {
1003 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID;
1004 spin_lock(&clp->cl_lock);
1005 list_add(&dp->dl_recall_lru, &clp->cl_revoked);
1006 spin_unlock(&clp->cl_lock);
1007 }
1008 }
1009
1010 /*
1011 * SETCLIENTID state
1012 */
1013
clientid_hashval(u32 id)1014 static unsigned int clientid_hashval(u32 id)
1015 {
1016 return id & CLIENT_HASH_MASK;
1017 }
1018
clientstr_hashval(const char * name)1019 static unsigned int clientstr_hashval(const char *name)
1020 {
1021 return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
1022 }
1023
1024 /*
1025 * We store the NONE, READ, WRITE, and BOTH bits separately in the
1026 * st_{access,deny}_bmap field of the stateid, in order to track not
1027 * only what share bits are currently in force, but also what
1028 * combinations of share bits previous opens have used. This allows us
1029 * to enforce the recommendation of rfc 3530 14.2.19 that the server
1030 * return an error if the client attempt to downgrade to a combination
1031 * of share bits not explicable by closing some of its previous opens.
1032 *
1033 * XXX: This enforcement is actually incomplete, since we don't keep
1034 * track of access/deny bit combinations; so, e.g., we allow:
1035 *
1036 * OPEN allow read, deny write
1037 * OPEN allow both, deny none
1038 * DOWNGRADE allow read, deny none
1039 *
1040 * which we should reject.
1041 */
1042 static unsigned int
bmap_to_share_mode(unsigned long bmap)1043 bmap_to_share_mode(unsigned long bmap) {
1044 int i;
1045 unsigned int access = 0;
1046
1047 for (i = 1; i < 4; i++) {
1048 if (test_bit(i, &bmap))
1049 access |= i;
1050 }
1051 return access;
1052 }
1053
1054 /* set share access for a given stateid */
1055 static inline void
set_access(u32 access,struct nfs4_ol_stateid * stp)1056 set_access(u32 access, struct nfs4_ol_stateid *stp)
1057 {
1058 unsigned char mask = 1 << access;
1059
1060 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
1061 stp->st_access_bmap |= mask;
1062 }
1063
1064 /* clear share access for a given stateid */
1065 static inline void
clear_access(u32 access,struct nfs4_ol_stateid * stp)1066 clear_access(u32 access, struct nfs4_ol_stateid *stp)
1067 {
1068 unsigned char mask = 1 << access;
1069
1070 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
1071 stp->st_access_bmap &= ~mask;
1072 }
1073
1074 /* test whether a given stateid has access */
1075 static inline bool
test_access(u32 access,struct nfs4_ol_stateid * stp)1076 test_access(u32 access, struct nfs4_ol_stateid *stp)
1077 {
1078 unsigned char mask = 1 << access;
1079
1080 return (bool)(stp->st_access_bmap & mask);
1081 }
1082
1083 /* set share deny for a given stateid */
1084 static inline void
set_deny(u32 deny,struct nfs4_ol_stateid * stp)1085 set_deny(u32 deny, struct nfs4_ol_stateid *stp)
1086 {
1087 unsigned char mask = 1 << deny;
1088
1089 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
1090 stp->st_deny_bmap |= mask;
1091 }
1092
1093 /* clear share deny for a given stateid */
1094 static inline void
clear_deny(u32 deny,struct nfs4_ol_stateid * stp)1095 clear_deny(u32 deny, struct nfs4_ol_stateid *stp)
1096 {
1097 unsigned char mask = 1 << deny;
1098
1099 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
1100 stp->st_deny_bmap &= ~mask;
1101 }
1102
1103 /* test whether a given stateid is denying specific access */
1104 static inline bool
test_deny(u32 deny,struct nfs4_ol_stateid * stp)1105 test_deny(u32 deny, struct nfs4_ol_stateid *stp)
1106 {
1107 unsigned char mask = 1 << deny;
1108
1109 return (bool)(stp->st_deny_bmap & mask);
1110 }
1111
nfs4_access_to_omode(u32 access)1112 static int nfs4_access_to_omode(u32 access)
1113 {
1114 switch (access & NFS4_SHARE_ACCESS_BOTH) {
1115 case NFS4_SHARE_ACCESS_READ:
1116 return O_RDONLY;
1117 case NFS4_SHARE_ACCESS_WRITE:
1118 return O_WRONLY;
1119 case NFS4_SHARE_ACCESS_BOTH:
1120 return O_RDWR;
1121 }
1122 WARN_ON_ONCE(1);
1123 return O_RDONLY;
1124 }
1125
1126 /*
1127 * A stateid that had a deny mode associated with it is being released
1128 * or downgraded. Recalculate the deny mode on the file.
1129 */
1130 static void
recalculate_deny_mode(struct nfs4_file * fp)1131 recalculate_deny_mode(struct nfs4_file *fp)
1132 {
1133 struct nfs4_ol_stateid *stp;
1134
1135 spin_lock(&fp->fi_lock);
1136 fp->fi_share_deny = 0;
1137 list_for_each_entry(stp, &fp->fi_stateids, st_perfile)
1138 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap);
1139 spin_unlock(&fp->fi_lock);
1140 }
1141
1142 static void
reset_union_bmap_deny(u32 deny,struct nfs4_ol_stateid * stp)1143 reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp)
1144 {
1145 int i;
1146 bool change = false;
1147
1148 for (i = 1; i < 4; i++) {
1149 if ((i & deny) != i) {
1150 change = true;
1151 clear_deny(i, stp);
1152 }
1153 }
1154
1155 /* Recalculate per-file deny mode if there was a change */
1156 if (change)
1157 recalculate_deny_mode(stp->st_stid.sc_file);
1158 }
1159
1160 /* release all access and file references for a given stateid */
1161 static void
release_all_access(struct nfs4_ol_stateid * stp)1162 release_all_access(struct nfs4_ol_stateid *stp)
1163 {
1164 int i;
1165 struct nfs4_file *fp = stp->st_stid.sc_file;
1166
1167 if (fp && stp->st_deny_bmap != 0)
1168 recalculate_deny_mode(fp);
1169
1170 for (i = 1; i < 4; i++) {
1171 if (test_access(i, stp))
1172 nfs4_file_put_access(stp->st_stid.sc_file, i);
1173 clear_access(i, stp);
1174 }
1175 }
1176
nfs4_free_stateowner(struct nfs4_stateowner * sop)1177 static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop)
1178 {
1179 kfree(sop->so_owner.data);
1180 sop->so_ops->so_free(sop);
1181 }
1182
nfs4_put_stateowner(struct nfs4_stateowner * sop)1183 static void nfs4_put_stateowner(struct nfs4_stateowner *sop)
1184 {
1185 struct nfs4_client *clp = sop->so_client;
1186
1187 might_lock(&clp->cl_lock);
1188
1189 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock))
1190 return;
1191 sop->so_ops->so_unhash(sop);
1192 spin_unlock(&clp->cl_lock);
1193 nfs4_free_stateowner(sop);
1194 }
1195
unhash_ol_stateid(struct nfs4_ol_stateid * stp)1196 static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp)
1197 {
1198 struct nfs4_file *fp = stp->st_stid.sc_file;
1199
1200 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock);
1201
1202 if (list_empty(&stp->st_perfile))
1203 return false;
1204
1205 spin_lock(&fp->fi_lock);
1206 list_del_init(&stp->st_perfile);
1207 spin_unlock(&fp->fi_lock);
1208 list_del(&stp->st_perstateowner);
1209 return true;
1210 }
1211
nfs4_free_ol_stateid(struct nfs4_stid * stid)1212 static void nfs4_free_ol_stateid(struct nfs4_stid *stid)
1213 {
1214 struct nfs4_ol_stateid *stp = openlockstateid(stid);
1215
1216 put_clnt_odstate(stp->st_clnt_odstate);
1217 release_all_access(stp);
1218 if (stp->st_stateowner)
1219 nfs4_put_stateowner(stp->st_stateowner);
1220 kmem_cache_free(stateid_slab, stid);
1221 }
1222
nfs4_free_lock_stateid(struct nfs4_stid * stid)1223 static void nfs4_free_lock_stateid(struct nfs4_stid *stid)
1224 {
1225 struct nfs4_ol_stateid *stp = openlockstateid(stid);
1226 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner);
1227 struct file *file;
1228
1229 file = find_any_file(stp->st_stid.sc_file);
1230 if (file)
1231 filp_close(file, (fl_owner_t)lo);
1232 nfs4_free_ol_stateid(stid);
1233 }
1234
1235 /*
1236 * Put the persistent reference to an already unhashed generic stateid, while
1237 * holding the cl_lock. If it's the last reference, then put it onto the
1238 * reaplist for later destruction.
1239 */
put_ol_stateid_locked(struct nfs4_ol_stateid * stp,struct list_head * reaplist)1240 static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp,
1241 struct list_head *reaplist)
1242 {
1243 struct nfs4_stid *s = &stp->st_stid;
1244 struct nfs4_client *clp = s->sc_client;
1245
1246 lockdep_assert_held(&clp->cl_lock);
1247
1248 WARN_ON_ONCE(!list_empty(&stp->st_locks));
1249
1250 if (!atomic_dec_and_test(&s->sc_count)) {
1251 wake_up_all(&close_wq);
1252 return;
1253 }
1254
1255 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id);
1256 list_add(&stp->st_locks, reaplist);
1257 }
1258
unhash_lock_stateid(struct nfs4_ol_stateid * stp)1259 static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp)
1260 {
1261 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock);
1262
1263 list_del_init(&stp->st_locks);
1264 nfs4_unhash_stid(&stp->st_stid);
1265 return unhash_ol_stateid(stp);
1266 }
1267
release_lock_stateid(struct nfs4_ol_stateid * stp)1268 static void release_lock_stateid(struct nfs4_ol_stateid *stp)
1269 {
1270 struct nfs4_client *clp = stp->st_stid.sc_client;
1271 bool unhashed;
1272
1273 spin_lock(&clp->cl_lock);
1274 unhashed = unhash_lock_stateid(stp);
1275 spin_unlock(&clp->cl_lock);
1276 if (unhashed)
1277 nfs4_put_stid(&stp->st_stid);
1278 }
1279
unhash_lockowner_locked(struct nfs4_lockowner * lo)1280 static void unhash_lockowner_locked(struct nfs4_lockowner *lo)
1281 {
1282 struct nfs4_client *clp = lo->lo_owner.so_client;
1283
1284 lockdep_assert_held(&clp->cl_lock);
1285
1286 list_del_init(&lo->lo_owner.so_strhash);
1287 }
1288
1289 /*
1290 * Free a list of generic stateids that were collected earlier after being
1291 * fully unhashed.
1292 */
1293 static void
free_ol_stateid_reaplist(struct list_head * reaplist)1294 free_ol_stateid_reaplist(struct list_head *reaplist)
1295 {
1296 struct nfs4_ol_stateid *stp;
1297 struct nfs4_file *fp;
1298
1299 might_sleep();
1300
1301 while (!list_empty(reaplist)) {
1302 stp = list_first_entry(reaplist, struct nfs4_ol_stateid,
1303 st_locks);
1304 list_del(&stp->st_locks);
1305 fp = stp->st_stid.sc_file;
1306 stp->st_stid.sc_free(&stp->st_stid);
1307 if (fp)
1308 put_nfs4_file(fp);
1309 }
1310 }
1311
release_open_stateid_locks(struct nfs4_ol_stateid * open_stp,struct list_head * reaplist)1312 static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp,
1313 struct list_head *reaplist)
1314 {
1315 struct nfs4_ol_stateid *stp;
1316
1317 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock);
1318
1319 while (!list_empty(&open_stp->st_locks)) {
1320 stp = list_entry(open_stp->st_locks.next,
1321 struct nfs4_ol_stateid, st_locks);
1322 WARN_ON(!unhash_lock_stateid(stp));
1323 put_ol_stateid_locked(stp, reaplist);
1324 }
1325 }
1326
unhash_open_stateid(struct nfs4_ol_stateid * stp,struct list_head * reaplist)1327 static bool unhash_open_stateid(struct nfs4_ol_stateid *stp,
1328 struct list_head *reaplist)
1329 {
1330 bool unhashed;
1331
1332 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock);
1333
1334 unhashed = unhash_ol_stateid(stp);
1335 release_open_stateid_locks(stp, reaplist);
1336 return unhashed;
1337 }
1338
release_open_stateid(struct nfs4_ol_stateid * stp)1339 static void release_open_stateid(struct nfs4_ol_stateid *stp)
1340 {
1341 LIST_HEAD(reaplist);
1342
1343 spin_lock(&stp->st_stid.sc_client->cl_lock);
1344 if (unhash_open_stateid(stp, &reaplist))
1345 put_ol_stateid_locked(stp, &reaplist);
1346 spin_unlock(&stp->st_stid.sc_client->cl_lock);
1347 free_ol_stateid_reaplist(&reaplist);
1348 }
1349
unhash_openowner_locked(struct nfs4_openowner * oo)1350 static void unhash_openowner_locked(struct nfs4_openowner *oo)
1351 {
1352 struct nfs4_client *clp = oo->oo_owner.so_client;
1353
1354 lockdep_assert_held(&clp->cl_lock);
1355
1356 list_del_init(&oo->oo_owner.so_strhash);
1357 list_del_init(&oo->oo_perclient);
1358 }
1359
release_last_closed_stateid(struct nfs4_openowner * oo)1360 static void release_last_closed_stateid(struct nfs4_openowner *oo)
1361 {
1362 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net,
1363 nfsd_net_id);
1364 struct nfs4_ol_stateid *s;
1365
1366 spin_lock(&nn->client_lock);
1367 s = oo->oo_last_closed_stid;
1368 if (s) {
1369 list_del_init(&oo->oo_close_lru);
1370 oo->oo_last_closed_stid = NULL;
1371 }
1372 spin_unlock(&nn->client_lock);
1373 if (s)
1374 nfs4_put_stid(&s->st_stid);
1375 }
1376
release_openowner(struct nfs4_openowner * oo)1377 static void release_openowner(struct nfs4_openowner *oo)
1378 {
1379 struct nfs4_ol_stateid *stp;
1380 struct nfs4_client *clp = oo->oo_owner.so_client;
1381 struct list_head reaplist;
1382
1383 INIT_LIST_HEAD(&reaplist);
1384
1385 spin_lock(&clp->cl_lock);
1386 unhash_openowner_locked(oo);
1387 while (!list_empty(&oo->oo_owner.so_stateids)) {
1388 stp = list_first_entry(&oo->oo_owner.so_stateids,
1389 struct nfs4_ol_stateid, st_perstateowner);
1390 if (unhash_open_stateid(stp, &reaplist))
1391 put_ol_stateid_locked(stp, &reaplist);
1392 }
1393 spin_unlock(&clp->cl_lock);
1394 free_ol_stateid_reaplist(&reaplist);
1395 release_last_closed_stateid(oo);
1396 nfs4_put_stateowner(&oo->oo_owner);
1397 }
1398
1399 static inline int
hash_sessionid(struct nfs4_sessionid * sessionid)1400 hash_sessionid(struct nfs4_sessionid *sessionid)
1401 {
1402 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
1403
1404 return sid->sequence % SESSION_HASH_SIZE;
1405 }
1406
1407 #ifdef CONFIG_SUNRPC_DEBUG
1408 static inline void
dump_sessionid(const char * fn,struct nfs4_sessionid * sessionid)1409 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1410 {
1411 u32 *ptr = (u32 *)(&sessionid->data[0]);
1412 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
1413 }
1414 #else
1415 static inline void
dump_sessionid(const char * fn,struct nfs4_sessionid * sessionid)1416 dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1417 {
1418 }
1419 #endif
1420
1421 /*
1422 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it
1423 * won't be used for replay.
1424 */
nfsd4_bump_seqid(struct nfsd4_compound_state * cstate,__be32 nfserr)1425 void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr)
1426 {
1427 struct nfs4_stateowner *so = cstate->replay_owner;
1428
1429 if (nfserr == nfserr_replay_me)
1430 return;
1431
1432 if (!seqid_mutating_err(ntohl(nfserr))) {
1433 nfsd4_cstate_clear_replay(cstate);
1434 return;
1435 }
1436 if (!so)
1437 return;
1438 if (so->so_is_open_owner)
1439 release_last_closed_stateid(openowner(so));
1440 so->so_seqid++;
1441 return;
1442 }
1443
1444 static void
gen_sessionid(struct nfsd4_session * ses)1445 gen_sessionid(struct nfsd4_session *ses)
1446 {
1447 struct nfs4_client *clp = ses->se_client;
1448 struct nfsd4_sessionid *sid;
1449
1450 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
1451 sid->clientid = clp->cl_clientid;
1452 sid->sequence = current_sessionid++;
1453 sid->reserved = 0;
1454 }
1455
1456 /*
1457 * The protocol defines ca_maxresponssize_cached to include the size of
1458 * the rpc header, but all we need to cache is the data starting after
1459 * the end of the initial SEQUENCE operation--the rest we regenerate
1460 * each time. Therefore we can advertise a ca_maxresponssize_cached
1461 * value that is the number of bytes in our cache plus a few additional
1462 * bytes. In order to stay on the safe side, and not promise more than
1463 * we can cache, those additional bytes must be the minimum possible: 24
1464 * bytes of rpc header (xid through accept state, with AUTH_NULL
1465 * verifier), 12 for the compound header (with zero-length tag), and 44
1466 * for the SEQUENCE op response:
1467 */
1468 #define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44)
1469
1470 static void
free_session_slots(struct nfsd4_session * ses)1471 free_session_slots(struct nfsd4_session *ses)
1472 {
1473 int i;
1474
1475 for (i = 0; i < ses->se_fchannel.maxreqs; i++)
1476 kfree(ses->se_slots[i]);
1477 }
1478
1479 /*
1480 * We don't actually need to cache the rpc and session headers, so we
1481 * can allocate a little less for each slot:
1482 */
slot_bytes(struct nfsd4_channel_attrs * ca)1483 static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca)
1484 {
1485 u32 size;
1486
1487 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ)
1488 size = 0;
1489 else
1490 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
1491 return size + sizeof(struct nfsd4_slot);
1492 }
1493
1494 /*
1495 * XXX: If we run out of reserved DRC memory we could (up to a point)
1496 * re-negotiate active sessions and reduce their slot usage to make
1497 * room for new connections. For now we just fail the create session.
1498 */
nfsd4_get_drc_mem(struct nfsd4_channel_attrs * ca)1499 static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca)
1500 {
1501 u32 slotsize = slot_bytes(ca);
1502 u32 num = ca->maxreqs;
1503 int avail;
1504
1505 spin_lock(&nfsd_drc_lock);
1506 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION,
1507 nfsd_drc_max_mem - nfsd_drc_mem_used);
1508 num = min_t(int, num, avail / slotsize);
1509 nfsd_drc_mem_used += num * slotsize;
1510 spin_unlock(&nfsd_drc_lock);
1511
1512 return num;
1513 }
1514
nfsd4_put_drc_mem(struct nfsd4_channel_attrs * ca)1515 static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca)
1516 {
1517 int slotsize = slot_bytes(ca);
1518
1519 spin_lock(&nfsd_drc_lock);
1520 nfsd_drc_mem_used -= slotsize * ca->maxreqs;
1521 spin_unlock(&nfsd_drc_lock);
1522 }
1523
alloc_session(struct nfsd4_channel_attrs * fattrs,struct nfsd4_channel_attrs * battrs)1524 static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs,
1525 struct nfsd4_channel_attrs *battrs)
1526 {
1527 int numslots = fattrs->maxreqs;
1528 int slotsize = slot_bytes(fattrs);
1529 struct nfsd4_session *new;
1530 int mem, i;
1531
1532 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
1533 + sizeof(struct nfsd4_session) > PAGE_SIZE);
1534 mem = numslots * sizeof(struct nfsd4_slot *);
1535
1536 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
1537 if (!new)
1538 return NULL;
1539 /* allocate each struct nfsd4_slot and data cache in one piece */
1540 for (i = 0; i < numslots; i++) {
1541 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL);
1542 if (!new->se_slots[i])
1543 goto out_free;
1544 }
1545
1546 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs));
1547 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs));
1548
1549 return new;
1550 out_free:
1551 while (i--)
1552 kfree(new->se_slots[i]);
1553 kfree(new);
1554 return NULL;
1555 }
1556
free_conn(struct nfsd4_conn * c)1557 static void free_conn(struct nfsd4_conn *c)
1558 {
1559 svc_xprt_put(c->cn_xprt);
1560 kfree(c);
1561 }
1562
nfsd4_conn_lost(struct svc_xpt_user * u)1563 static void nfsd4_conn_lost(struct svc_xpt_user *u)
1564 {
1565 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
1566 struct nfs4_client *clp = c->cn_session->se_client;
1567
1568 spin_lock(&clp->cl_lock);
1569 if (!list_empty(&c->cn_persession)) {
1570 list_del(&c->cn_persession);
1571 free_conn(c);
1572 }
1573 nfsd4_probe_callback(clp);
1574 spin_unlock(&clp->cl_lock);
1575 }
1576
alloc_conn(struct svc_rqst * rqstp,u32 flags)1577 static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
1578 {
1579 struct nfsd4_conn *conn;
1580
1581 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
1582 if (!conn)
1583 return NULL;
1584 svc_xprt_get(rqstp->rq_xprt);
1585 conn->cn_xprt = rqstp->rq_xprt;
1586 conn->cn_flags = flags;
1587 INIT_LIST_HEAD(&conn->cn_xpt_user.list);
1588 return conn;
1589 }
1590
__nfsd4_hash_conn(struct nfsd4_conn * conn,struct nfsd4_session * ses)1591 static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1592 {
1593 conn->cn_session = ses;
1594 list_add(&conn->cn_persession, &ses->se_conns);
1595 }
1596
nfsd4_hash_conn(struct nfsd4_conn * conn,struct nfsd4_session * ses)1597 static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1598 {
1599 struct nfs4_client *clp = ses->se_client;
1600
1601 spin_lock(&clp->cl_lock);
1602 __nfsd4_hash_conn(conn, ses);
1603 spin_unlock(&clp->cl_lock);
1604 }
1605
nfsd4_register_conn(struct nfsd4_conn * conn)1606 static int nfsd4_register_conn(struct nfsd4_conn *conn)
1607 {
1608 conn->cn_xpt_user.callback = nfsd4_conn_lost;
1609 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
1610 }
1611
nfsd4_init_conn(struct svc_rqst * rqstp,struct nfsd4_conn * conn,struct nfsd4_session * ses)1612 static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
1613 {
1614 int ret;
1615
1616 nfsd4_hash_conn(conn, ses);
1617 ret = nfsd4_register_conn(conn);
1618 if (ret)
1619 /* oops; xprt is already down: */
1620 nfsd4_conn_lost(&conn->cn_xpt_user);
1621 /* We may have gained or lost a callback channel: */
1622 nfsd4_probe_callback_sync(ses->se_client);
1623 }
1624
alloc_conn_from_crses(struct svc_rqst * rqstp,struct nfsd4_create_session * cses)1625 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
1626 {
1627 u32 dir = NFS4_CDFC4_FORE;
1628
1629 if (cses->flags & SESSION4_BACK_CHAN)
1630 dir |= NFS4_CDFC4_BACK;
1631 return alloc_conn(rqstp, dir);
1632 }
1633
1634 /* must be called under client_lock */
nfsd4_del_conns(struct nfsd4_session * s)1635 static void nfsd4_del_conns(struct nfsd4_session *s)
1636 {
1637 struct nfs4_client *clp = s->se_client;
1638 struct nfsd4_conn *c;
1639
1640 spin_lock(&clp->cl_lock);
1641 while (!list_empty(&s->se_conns)) {
1642 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
1643 list_del_init(&c->cn_persession);
1644 spin_unlock(&clp->cl_lock);
1645
1646 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
1647 free_conn(c);
1648
1649 spin_lock(&clp->cl_lock);
1650 }
1651 spin_unlock(&clp->cl_lock);
1652 }
1653
__free_session(struct nfsd4_session * ses)1654 static void __free_session(struct nfsd4_session *ses)
1655 {
1656 free_session_slots(ses);
1657 kfree(ses);
1658 }
1659
free_session(struct nfsd4_session * ses)1660 static void free_session(struct nfsd4_session *ses)
1661 {
1662 nfsd4_del_conns(ses);
1663 nfsd4_put_drc_mem(&ses->se_fchannel);
1664 __free_session(ses);
1665 }
1666
init_session(struct svc_rqst * rqstp,struct nfsd4_session * new,struct nfs4_client * clp,struct nfsd4_create_session * cses)1667 static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
1668 {
1669 int idx;
1670 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1671
1672 new->se_client = clp;
1673 gen_sessionid(new);
1674
1675 INIT_LIST_HEAD(&new->se_conns);
1676
1677 new->se_cb_seq_nr = 1;
1678 new->se_flags = cses->flags;
1679 new->se_cb_prog = cses->callback_prog;
1680 new->se_cb_sec = cses->cb_sec;
1681 atomic_set(&new->se_ref, 0);
1682 idx = hash_sessionid(&new->se_sessionid);
1683 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]);
1684 spin_lock(&clp->cl_lock);
1685 list_add(&new->se_perclnt, &clp->cl_sessions);
1686 spin_unlock(&clp->cl_lock);
1687
1688 {
1689 struct sockaddr *sa = svc_addr(rqstp);
1690 /*
1691 * This is a little silly; with sessions there's no real
1692 * use for the callback address. Use the peer address
1693 * as a reasonable default for now, but consider fixing
1694 * the rpc client not to require an address in the
1695 * future:
1696 */
1697 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
1698 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
1699 }
1700 }
1701
1702 /* caller must hold client_lock */
1703 static struct nfsd4_session *
__find_in_sessionid_hashtbl(struct nfs4_sessionid * sessionid,struct net * net)1704 __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net)
1705 {
1706 struct nfsd4_session *elem;
1707 int idx;
1708 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1709
1710 lockdep_assert_held(&nn->client_lock);
1711
1712 dump_sessionid(__func__, sessionid);
1713 idx = hash_sessionid(sessionid);
1714 /* Search in the appropriate list */
1715 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) {
1716 if (!memcmp(elem->se_sessionid.data, sessionid->data,
1717 NFS4_MAX_SESSIONID_LEN)) {
1718 return elem;
1719 }
1720 }
1721
1722 dprintk("%s: session not found\n", __func__);
1723 return NULL;
1724 }
1725
1726 static struct nfsd4_session *
find_in_sessionid_hashtbl(struct nfs4_sessionid * sessionid,struct net * net,__be32 * ret)1727 find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net,
1728 __be32 *ret)
1729 {
1730 struct nfsd4_session *session;
1731 __be32 status = nfserr_badsession;
1732
1733 session = __find_in_sessionid_hashtbl(sessionid, net);
1734 if (!session)
1735 goto out;
1736 status = nfsd4_get_session_locked(session);
1737 if (status)
1738 session = NULL;
1739 out:
1740 *ret = status;
1741 return session;
1742 }
1743
1744 /* caller must hold client_lock */
1745 static void
unhash_session(struct nfsd4_session * ses)1746 unhash_session(struct nfsd4_session *ses)
1747 {
1748 struct nfs4_client *clp = ses->se_client;
1749 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1750
1751 lockdep_assert_held(&nn->client_lock);
1752
1753 list_del(&ses->se_hash);
1754 spin_lock(&ses->se_client->cl_lock);
1755 list_del(&ses->se_perclnt);
1756 spin_unlock(&ses->se_client->cl_lock);
1757 }
1758
1759 /* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1760 static int
STALE_CLIENTID(clientid_t * clid,struct nfsd_net * nn)1761 STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1762 {
1763 /*
1764 * We're assuming the clid was not given out from a boot
1765 * precisely 2^32 (about 136 years) before this one. That seems
1766 * a safe assumption:
1767 */
1768 if (clid->cl_boot == (u32)nn->boot_time)
1769 return 0;
1770 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
1771 clid->cl_boot, clid->cl_id, nn->boot_time);
1772 return 1;
1773 }
1774
1775 /*
1776 * XXX Should we use a slab cache ?
1777 * This type of memory management is somewhat inefficient, but we use it
1778 * anyway since SETCLIENTID is not a common operation.
1779 */
alloc_client(struct xdr_netobj name)1780 static struct nfs4_client *alloc_client(struct xdr_netobj name)
1781 {
1782 struct nfs4_client *clp;
1783 int i;
1784
1785 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1786 if (clp == NULL)
1787 return NULL;
1788 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
1789 if (clp->cl_name.data == NULL)
1790 goto err_no_name;
1791 clp->cl_ownerstr_hashtbl = kmalloc(sizeof(struct list_head) *
1792 OWNER_HASH_SIZE, GFP_KERNEL);
1793 if (!clp->cl_ownerstr_hashtbl)
1794 goto err_no_hashtbl;
1795 for (i = 0; i < OWNER_HASH_SIZE; i++)
1796 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]);
1797 clp->cl_name.len = name.len;
1798 INIT_LIST_HEAD(&clp->cl_sessions);
1799 idr_init(&clp->cl_stateids);
1800 atomic_set(&clp->cl_refcount, 0);
1801 clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1802 INIT_LIST_HEAD(&clp->cl_idhash);
1803 INIT_LIST_HEAD(&clp->cl_openowners);
1804 INIT_LIST_HEAD(&clp->cl_delegations);
1805 INIT_LIST_HEAD(&clp->cl_lru);
1806 INIT_LIST_HEAD(&clp->cl_revoked);
1807 #ifdef CONFIG_NFSD_PNFS
1808 INIT_LIST_HEAD(&clp->cl_lo_states);
1809 #endif
1810 spin_lock_init(&clp->cl_lock);
1811 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1812 return clp;
1813 err_no_hashtbl:
1814 kfree(clp->cl_name.data);
1815 err_no_name:
1816 kfree(clp);
1817 return NULL;
1818 }
1819
1820 static void
free_client(struct nfs4_client * clp)1821 free_client(struct nfs4_client *clp)
1822 {
1823 while (!list_empty(&clp->cl_sessions)) {
1824 struct nfsd4_session *ses;
1825 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1826 se_perclnt);
1827 list_del(&ses->se_perclnt);
1828 WARN_ON_ONCE(atomic_read(&ses->se_ref));
1829 free_session(ses);
1830 }
1831 rpc_destroy_wait_queue(&clp->cl_cb_waitq);
1832 free_svc_cred(&clp->cl_cred);
1833 kfree(clp->cl_ownerstr_hashtbl);
1834 kfree(clp->cl_name.data);
1835 idr_destroy(&clp->cl_stateids);
1836 kfree(clp);
1837 }
1838
1839 /* must be called under the client_lock */
1840 static void
unhash_client_locked(struct nfs4_client * clp)1841 unhash_client_locked(struct nfs4_client *clp)
1842 {
1843 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1844 struct nfsd4_session *ses;
1845
1846 lockdep_assert_held(&nn->client_lock);
1847
1848 /* Mark the client as expired! */
1849 clp->cl_time = 0;
1850 /* Make it invisible */
1851 if (!list_empty(&clp->cl_idhash)) {
1852 list_del_init(&clp->cl_idhash);
1853 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags))
1854 rb_erase(&clp->cl_namenode, &nn->conf_name_tree);
1855 else
1856 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
1857 }
1858 list_del_init(&clp->cl_lru);
1859 spin_lock(&clp->cl_lock);
1860 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1861 list_del_init(&ses->se_hash);
1862 spin_unlock(&clp->cl_lock);
1863 }
1864
1865 static void
unhash_client(struct nfs4_client * clp)1866 unhash_client(struct nfs4_client *clp)
1867 {
1868 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1869
1870 spin_lock(&nn->client_lock);
1871 unhash_client_locked(clp);
1872 spin_unlock(&nn->client_lock);
1873 }
1874
mark_client_expired_locked(struct nfs4_client * clp)1875 static __be32 mark_client_expired_locked(struct nfs4_client *clp)
1876 {
1877 if (atomic_read(&clp->cl_refcount))
1878 return nfserr_jukebox;
1879 unhash_client_locked(clp);
1880 return nfs_ok;
1881 }
1882
1883 static void
__destroy_client(struct nfs4_client * clp)1884 __destroy_client(struct nfs4_client *clp)
1885 {
1886 int i;
1887 struct nfs4_openowner *oo;
1888 struct nfs4_delegation *dp;
1889 struct list_head reaplist;
1890
1891 INIT_LIST_HEAD(&reaplist);
1892 spin_lock(&state_lock);
1893 while (!list_empty(&clp->cl_delegations)) {
1894 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
1895 WARN_ON(!unhash_delegation_locked(dp));
1896 list_add(&dp->dl_recall_lru, &reaplist);
1897 }
1898 spin_unlock(&state_lock);
1899 while (!list_empty(&reaplist)) {
1900 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
1901 list_del_init(&dp->dl_recall_lru);
1902 put_clnt_odstate(dp->dl_clnt_odstate);
1903 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
1904 nfs4_put_stid(&dp->dl_stid);
1905 }
1906 while (!list_empty(&clp->cl_revoked)) {
1907 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru);
1908 list_del_init(&dp->dl_recall_lru);
1909 nfs4_put_stid(&dp->dl_stid);
1910 }
1911 while (!list_empty(&clp->cl_openowners)) {
1912 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
1913 nfs4_get_stateowner(&oo->oo_owner);
1914 release_openowner(oo);
1915 }
1916 for (i = 0; i < OWNER_HASH_SIZE; i++) {
1917 struct nfs4_stateowner *so, *tmp;
1918
1919 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i],
1920 so_strhash) {
1921 /* Should be no openowners at this point */
1922 WARN_ON_ONCE(so->so_is_open_owner);
1923 remove_blocked_locks(lockowner(so));
1924 }
1925 }
1926 nfsd4_return_all_client_layouts(clp);
1927 nfsd4_shutdown_callback(clp);
1928 if (clp->cl_cb_conn.cb_xprt)
1929 svc_xprt_put(clp->cl_cb_conn.cb_xprt);
1930 free_client(clp);
1931 }
1932
1933 static void
destroy_client(struct nfs4_client * clp)1934 destroy_client(struct nfs4_client *clp)
1935 {
1936 unhash_client(clp);
1937 __destroy_client(clp);
1938 }
1939
expire_client(struct nfs4_client * clp)1940 static void expire_client(struct nfs4_client *clp)
1941 {
1942 unhash_client(clp);
1943 nfsd4_client_record_remove(clp);
1944 __destroy_client(clp);
1945 }
1946
copy_verf(struct nfs4_client * target,nfs4_verifier * source)1947 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1948 {
1949 memcpy(target->cl_verifier.data, source->data,
1950 sizeof(target->cl_verifier.data));
1951 }
1952
copy_clid(struct nfs4_client * target,struct nfs4_client * source)1953 static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1954 {
1955 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot;
1956 target->cl_clientid.cl_id = source->cl_clientid.cl_id;
1957 }
1958
strdup_if_nonnull(char ** target,char * source)1959 int strdup_if_nonnull(char **target, char *source)
1960 {
1961 if (source) {
1962 *target = kstrdup(source, GFP_KERNEL);
1963 if (!*target)
1964 return -ENOMEM;
1965 } else
1966 *target = NULL;
1967 return 0;
1968 }
1969
copy_cred(struct svc_cred * target,struct svc_cred * source)1970 static int copy_cred(struct svc_cred *target, struct svc_cred *source)
1971 {
1972 int ret;
1973
1974 ret = strdup_if_nonnull(&target->cr_principal, source->cr_principal);
1975 if (ret)
1976 return ret;
1977 ret = strdup_if_nonnull(&target->cr_raw_principal,
1978 source->cr_raw_principal);
1979 if (ret)
1980 return ret;
1981 target->cr_flavor = source->cr_flavor;
1982 target->cr_uid = source->cr_uid;
1983 target->cr_gid = source->cr_gid;
1984 target->cr_group_info = source->cr_group_info;
1985 get_group_info(target->cr_group_info);
1986 target->cr_gss_mech = source->cr_gss_mech;
1987 if (source->cr_gss_mech)
1988 gss_mech_get(source->cr_gss_mech);
1989 return 0;
1990 }
1991
1992 static int
compare_blob(const struct xdr_netobj * o1,const struct xdr_netobj * o2)1993 compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2)
1994 {
1995 if (o1->len < o2->len)
1996 return -1;
1997 if (o1->len > o2->len)
1998 return 1;
1999 return memcmp(o1->data, o2->data, o1->len);
2000 }
2001
same_name(const char * n1,const char * n2)2002 static int same_name(const char *n1, const char *n2)
2003 {
2004 return 0 == memcmp(n1, n2, HEXDIR_LEN);
2005 }
2006
2007 static int
same_verf(nfs4_verifier * v1,nfs4_verifier * v2)2008 same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
2009 {
2010 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
2011 }
2012
2013 static int
same_clid(clientid_t * cl1,clientid_t * cl2)2014 same_clid(clientid_t *cl1, clientid_t *cl2)
2015 {
2016 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
2017 }
2018
groups_equal(struct group_info * g1,struct group_info * g2)2019 static bool groups_equal(struct group_info *g1, struct group_info *g2)
2020 {
2021 int i;
2022
2023 if (g1->ngroups != g2->ngroups)
2024 return false;
2025 for (i=0; i<g1->ngroups; i++)
2026 if (!gid_eq(g1->gid[i], g2->gid[i]))
2027 return false;
2028 return true;
2029 }
2030
2031 /*
2032 * RFC 3530 language requires clid_inuse be returned when the
2033 * "principal" associated with a requests differs from that previously
2034 * used. We use uid, gid's, and gss principal string as our best
2035 * approximation. We also don't want to allow non-gss use of a client
2036 * established using gss: in theory cr_principal should catch that
2037 * change, but in practice cr_principal can be null even in the gss case
2038 * since gssd doesn't always pass down a principal string.
2039 */
is_gss_cred(struct svc_cred * cr)2040 static bool is_gss_cred(struct svc_cred *cr)
2041 {
2042 /* Is cr_flavor one of the gss "pseudoflavors"?: */
2043 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
2044 }
2045
2046
2047 static bool
same_creds(struct svc_cred * cr1,struct svc_cred * cr2)2048 same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
2049 {
2050 if ((is_gss_cred(cr1) != is_gss_cred(cr2))
2051 || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
2052 || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
2053 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
2054 return false;
2055 if (cr1->cr_principal == cr2->cr_principal)
2056 return true;
2057 if (!cr1->cr_principal || !cr2->cr_principal)
2058 return false;
2059 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
2060 }
2061
svc_rqst_integrity_protected(struct svc_rqst * rqstp)2062 static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp)
2063 {
2064 struct svc_cred *cr = &rqstp->rq_cred;
2065 u32 service;
2066
2067 if (!cr->cr_gss_mech)
2068 return false;
2069 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor);
2070 return service == RPC_GSS_SVC_INTEGRITY ||
2071 service == RPC_GSS_SVC_PRIVACY;
2072 }
2073
nfsd4_mach_creds_match(struct nfs4_client * cl,struct svc_rqst * rqstp)2074 bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp)
2075 {
2076 struct svc_cred *cr = &rqstp->rq_cred;
2077
2078 if (!cl->cl_mach_cred)
2079 return true;
2080 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech)
2081 return false;
2082 if (!svc_rqst_integrity_protected(rqstp))
2083 return false;
2084 if (cl->cl_cred.cr_raw_principal)
2085 return 0 == strcmp(cl->cl_cred.cr_raw_principal,
2086 cr->cr_raw_principal);
2087 if (!cr->cr_principal)
2088 return false;
2089 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal);
2090 }
2091
gen_confirm(struct nfs4_client * clp,struct nfsd_net * nn)2092 static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn)
2093 {
2094 __be32 verf[2];
2095
2096 /*
2097 * This is opaque to client, so no need to byte-swap. Use
2098 * __force to keep sparse happy
2099 */
2100 verf[0] = (__force __be32)get_seconds();
2101 verf[1] = (__force __be32)nn->clverifier_counter++;
2102 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
2103 }
2104
gen_clid(struct nfs4_client * clp,struct nfsd_net * nn)2105 static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn)
2106 {
2107 clp->cl_clientid.cl_boot = nn->boot_time;
2108 clp->cl_clientid.cl_id = nn->clientid_counter++;
2109 gen_confirm(clp, nn);
2110 }
2111
2112 static struct nfs4_stid *
find_stateid_locked(struct nfs4_client * cl,stateid_t * t)2113 find_stateid_locked(struct nfs4_client *cl, stateid_t *t)
2114 {
2115 struct nfs4_stid *ret;
2116
2117 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id);
2118 if (!ret || !ret->sc_type)
2119 return NULL;
2120 return ret;
2121 }
2122
2123 static struct nfs4_stid *
find_stateid_by_type(struct nfs4_client * cl,stateid_t * t,char typemask)2124 find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
2125 {
2126 struct nfs4_stid *s;
2127
2128 spin_lock(&cl->cl_lock);
2129 s = find_stateid_locked(cl, t);
2130 if (s != NULL) {
2131 if (typemask & s->sc_type)
2132 atomic_inc(&s->sc_count);
2133 else
2134 s = NULL;
2135 }
2136 spin_unlock(&cl->cl_lock);
2137 return s;
2138 }
2139
create_client(struct xdr_netobj name,struct svc_rqst * rqstp,nfs4_verifier * verf)2140 static struct nfs4_client *create_client(struct xdr_netobj name,
2141 struct svc_rqst *rqstp, nfs4_verifier *verf)
2142 {
2143 struct nfs4_client *clp;
2144 struct sockaddr *sa = svc_addr(rqstp);
2145 int ret;
2146 struct net *net = SVC_NET(rqstp);
2147
2148 clp = alloc_client(name);
2149 if (clp == NULL)
2150 return NULL;
2151
2152 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
2153 if (ret) {
2154 free_client(clp);
2155 return NULL;
2156 }
2157 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL);
2158 clp->cl_time = get_seconds();
2159 clear_bit(0, &clp->cl_cb_slot_busy);
2160 copy_verf(clp, verf);
2161 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
2162 clp->cl_cb_session = NULL;
2163 clp->net = net;
2164 return clp;
2165 }
2166
2167 static void
add_clp_to_name_tree(struct nfs4_client * new_clp,struct rb_root * root)2168 add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root)
2169 {
2170 struct rb_node **new = &(root->rb_node), *parent = NULL;
2171 struct nfs4_client *clp;
2172
2173 while (*new) {
2174 clp = rb_entry(*new, struct nfs4_client, cl_namenode);
2175 parent = *new;
2176
2177 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0)
2178 new = &((*new)->rb_left);
2179 else
2180 new = &((*new)->rb_right);
2181 }
2182
2183 rb_link_node(&new_clp->cl_namenode, parent, new);
2184 rb_insert_color(&new_clp->cl_namenode, root);
2185 }
2186
2187 static struct nfs4_client *
find_clp_in_name_tree(struct xdr_netobj * name,struct rb_root * root)2188 find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root)
2189 {
2190 int cmp;
2191 struct rb_node *node = root->rb_node;
2192 struct nfs4_client *clp;
2193
2194 while (node) {
2195 clp = rb_entry(node, struct nfs4_client, cl_namenode);
2196 cmp = compare_blob(&clp->cl_name, name);
2197 if (cmp > 0)
2198 node = node->rb_left;
2199 else if (cmp < 0)
2200 node = node->rb_right;
2201 else
2202 return clp;
2203 }
2204 return NULL;
2205 }
2206
2207 static void
add_to_unconfirmed(struct nfs4_client * clp)2208 add_to_unconfirmed(struct nfs4_client *clp)
2209 {
2210 unsigned int idhashval;
2211 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2212
2213 lockdep_assert_held(&nn->client_lock);
2214
2215 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
2216 add_clp_to_name_tree(clp, &nn->unconf_name_tree);
2217 idhashval = clientid_hashval(clp->cl_clientid.cl_id);
2218 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]);
2219 renew_client_locked(clp);
2220 }
2221
2222 static void
move_to_confirmed(struct nfs4_client * clp)2223 move_to_confirmed(struct nfs4_client *clp)
2224 {
2225 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
2226 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2227
2228 lockdep_assert_held(&nn->client_lock);
2229
2230 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
2231 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]);
2232 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
2233 add_clp_to_name_tree(clp, &nn->conf_name_tree);
2234 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
2235 renew_client_locked(clp);
2236 }
2237
2238 static struct nfs4_client *
find_client_in_id_table(struct list_head * tbl,clientid_t * clid,bool sessions)2239 find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions)
2240 {
2241 struct nfs4_client *clp;
2242 unsigned int idhashval = clientid_hashval(clid->cl_id);
2243
2244 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) {
2245 if (same_clid(&clp->cl_clientid, clid)) {
2246 if ((bool)clp->cl_minorversion != sessions)
2247 return NULL;
2248 renew_client_locked(clp);
2249 return clp;
2250 }
2251 }
2252 return NULL;
2253 }
2254
2255 static struct nfs4_client *
find_confirmed_client(clientid_t * clid,bool sessions,struct nfsd_net * nn)2256 find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
2257 {
2258 struct list_head *tbl = nn->conf_id_hashtbl;
2259
2260 lockdep_assert_held(&nn->client_lock);
2261 return find_client_in_id_table(tbl, clid, sessions);
2262 }
2263
2264 static struct nfs4_client *
find_unconfirmed_client(clientid_t * clid,bool sessions,struct nfsd_net * nn)2265 find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
2266 {
2267 struct list_head *tbl = nn->unconf_id_hashtbl;
2268
2269 lockdep_assert_held(&nn->client_lock);
2270 return find_client_in_id_table(tbl, clid, sessions);
2271 }
2272
clp_used_exchangeid(struct nfs4_client * clp)2273 static bool clp_used_exchangeid(struct nfs4_client *clp)
2274 {
2275 return clp->cl_exchange_flags != 0;
2276 }
2277
2278 static struct nfs4_client *
find_confirmed_client_by_name(struct xdr_netobj * name,struct nfsd_net * nn)2279 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
2280 {
2281 lockdep_assert_held(&nn->client_lock);
2282 return find_clp_in_name_tree(name, &nn->conf_name_tree);
2283 }
2284
2285 static struct nfs4_client *
find_unconfirmed_client_by_name(struct xdr_netobj * name,struct nfsd_net * nn)2286 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
2287 {
2288 lockdep_assert_held(&nn->client_lock);
2289 return find_clp_in_name_tree(name, &nn->unconf_name_tree);
2290 }
2291
2292 static void
gen_callback(struct nfs4_client * clp,struct nfsd4_setclientid * se,struct svc_rqst * rqstp)2293 gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
2294 {
2295 struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
2296 struct sockaddr *sa = svc_addr(rqstp);
2297 u32 scopeid = rpc_get_scope_id(sa);
2298 unsigned short expected_family;
2299
2300 /* Currently, we only support tcp and tcp6 for the callback channel */
2301 if (se->se_callback_netid_len == 3 &&
2302 !memcmp(se->se_callback_netid_val, "tcp", 3))
2303 expected_family = AF_INET;
2304 else if (se->se_callback_netid_len == 4 &&
2305 !memcmp(se->se_callback_netid_val, "tcp6", 4))
2306 expected_family = AF_INET6;
2307 else
2308 goto out_err;
2309
2310 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val,
2311 se->se_callback_addr_len,
2312 (struct sockaddr *)&conn->cb_addr,
2313 sizeof(conn->cb_addr));
2314
2315 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
2316 goto out_err;
2317
2318 if (conn->cb_addr.ss_family == AF_INET6)
2319 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
2320
2321 conn->cb_prog = se->se_callback_prog;
2322 conn->cb_ident = se->se_callback_ident;
2323 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
2324 return;
2325 out_err:
2326 conn->cb_addr.ss_family = AF_UNSPEC;
2327 conn->cb_addrlen = 0;
2328 dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
2329 "will not receive delegations\n",
2330 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
2331
2332 return;
2333 }
2334
2335 /*
2336 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size.
2337 */
2338 static void
nfsd4_store_cache_entry(struct nfsd4_compoundres * resp)2339 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
2340 {
2341 struct xdr_buf *buf = resp->xdr.buf;
2342 struct nfsd4_slot *slot = resp->cstate.slot;
2343 unsigned int base;
2344
2345 dprintk("--> %s slot %p\n", __func__, slot);
2346
2347 slot->sl_opcnt = resp->opcnt;
2348 slot->sl_status = resp->cstate.status;
2349
2350 slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
2351 if (nfsd4_not_cached(resp)) {
2352 slot->sl_datalen = 0;
2353 return;
2354 }
2355 base = resp->cstate.data_offset;
2356 slot->sl_datalen = buf->len - base;
2357 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen))
2358 WARN(1, "%s: sessions DRC could not cache compound\n",
2359 __func__);
2360 return;
2361 }
2362
2363 /*
2364 * Encode the replay sequence operation from the slot values.
2365 * If cachethis is FALSE encode the uncached rep error on the next
2366 * operation which sets resp->p and increments resp->opcnt for
2367 * nfs4svc_encode_compoundres.
2368 *
2369 */
2370 static __be32
nfsd4_enc_sequence_replay(struct nfsd4_compoundargs * args,struct nfsd4_compoundres * resp)2371 nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
2372 struct nfsd4_compoundres *resp)
2373 {
2374 struct nfsd4_op *op;
2375 struct nfsd4_slot *slot = resp->cstate.slot;
2376
2377 /* Encode the replayed sequence operation */
2378 op = &args->ops[resp->opcnt - 1];
2379 nfsd4_encode_operation(resp, op);
2380
2381 /* Return nfserr_retry_uncached_rep in next operation. */
2382 if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
2383 op = &args->ops[resp->opcnt++];
2384 op->status = nfserr_retry_uncached_rep;
2385 nfsd4_encode_operation(resp, op);
2386 }
2387 return op->status;
2388 }
2389
2390 /*
2391 * The sequence operation is not cached because we can use the slot and
2392 * session values.
2393 */
2394 static __be32
nfsd4_replay_cache_entry(struct nfsd4_compoundres * resp,struct nfsd4_sequence * seq)2395 nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
2396 struct nfsd4_sequence *seq)
2397 {
2398 struct nfsd4_slot *slot = resp->cstate.slot;
2399 struct xdr_stream *xdr = &resp->xdr;
2400 __be32 *p;
2401 __be32 status;
2402
2403 dprintk("--> %s slot %p\n", __func__, slot);
2404
2405 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
2406 if (status)
2407 return status;
2408
2409 p = xdr_reserve_space(xdr, slot->sl_datalen);
2410 if (!p) {
2411 WARN_ON_ONCE(1);
2412 return nfserr_serverfault;
2413 }
2414 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen);
2415 xdr_commit_encode(xdr);
2416
2417 resp->opcnt = slot->sl_opcnt;
2418 return slot->sl_status;
2419 }
2420
2421 /*
2422 * Set the exchange_id flags returned by the server.
2423 */
2424 static void
nfsd4_set_ex_flags(struct nfs4_client * new,struct nfsd4_exchange_id * clid)2425 nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
2426 {
2427 #ifdef CONFIG_NFSD_PNFS
2428 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS;
2429 #else
2430 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
2431 #endif
2432
2433 /* Referrals are supported, Migration is not. */
2434 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
2435
2436 /* set the wire flags to return to client. */
2437 clid->flags = new->cl_exchange_flags;
2438 }
2439
client_has_openowners(struct nfs4_client * clp)2440 static bool client_has_openowners(struct nfs4_client *clp)
2441 {
2442 struct nfs4_openowner *oo;
2443
2444 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) {
2445 if (!list_empty(&oo->oo_owner.so_stateids))
2446 return true;
2447 }
2448 return false;
2449 }
2450
client_has_state(struct nfs4_client * clp)2451 static bool client_has_state(struct nfs4_client *clp)
2452 {
2453 return client_has_openowners(clp)
2454 #ifdef CONFIG_NFSD_PNFS
2455 || !list_empty(&clp->cl_lo_states)
2456 #endif
2457 || !list_empty(&clp->cl_delegations)
2458 || !list_empty(&clp->cl_sessions);
2459 }
2460
2461 __be32
nfsd4_exchange_id(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_exchange_id * exid)2462 nfsd4_exchange_id(struct svc_rqst *rqstp,
2463 struct nfsd4_compound_state *cstate,
2464 struct nfsd4_exchange_id *exid)
2465 {
2466 struct nfs4_client *conf, *new;
2467 struct nfs4_client *unconf = NULL;
2468 __be32 status;
2469 char addr_str[INET6_ADDRSTRLEN];
2470 nfs4_verifier verf = exid->verifier;
2471 struct sockaddr *sa = svc_addr(rqstp);
2472 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
2473 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2474
2475 rpc_ntop(sa, addr_str, sizeof(addr_str));
2476 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
2477 "ip_addr=%s flags %x, spa_how %d\n",
2478 __func__, rqstp, exid, exid->clname.len, exid->clname.data,
2479 addr_str, exid->flags, exid->spa_how);
2480
2481 if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
2482 return nfserr_inval;
2483
2484 new = create_client(exid->clname, rqstp, &verf);
2485 if (new == NULL)
2486 return nfserr_jukebox;
2487
2488 switch (exid->spa_how) {
2489 case SP4_MACH_CRED:
2490 exid->spo_must_enforce[0] = 0;
2491 exid->spo_must_enforce[1] = (
2492 1 << (OP_BIND_CONN_TO_SESSION - 32) |
2493 1 << (OP_EXCHANGE_ID - 32) |
2494 1 << (OP_CREATE_SESSION - 32) |
2495 1 << (OP_DESTROY_SESSION - 32) |
2496 1 << (OP_DESTROY_CLIENTID - 32));
2497
2498 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) |
2499 1 << (OP_OPEN_DOWNGRADE) |
2500 1 << (OP_LOCKU) |
2501 1 << (OP_DELEGRETURN));
2502
2503 exid->spo_must_allow[1] &= (
2504 1 << (OP_TEST_STATEID - 32) |
2505 1 << (OP_FREE_STATEID - 32));
2506 if (!svc_rqst_integrity_protected(rqstp)) {
2507 status = nfserr_inval;
2508 goto out_nolock;
2509 }
2510 /*
2511 * Sometimes userspace doesn't give us a principal.
2512 * Which is a bug, really. Anyway, we can't enforce
2513 * MACH_CRED in that case, better to give up now:
2514 */
2515 if (!new->cl_cred.cr_principal &&
2516 !new->cl_cred.cr_raw_principal) {
2517 status = nfserr_serverfault;
2518 goto out_nolock;
2519 }
2520 new->cl_mach_cred = true;
2521 case SP4_NONE:
2522 break;
2523 default: /* checked by xdr code */
2524 WARN_ON_ONCE(1);
2525 case SP4_SSV:
2526 status = nfserr_encr_alg_unsupp;
2527 goto out_nolock;
2528 }
2529
2530 /* Cases below refer to rfc 5661 section 18.35.4: */
2531 spin_lock(&nn->client_lock);
2532 conf = find_confirmed_client_by_name(&exid->clname, nn);
2533 if (conf) {
2534 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
2535 bool verfs_match = same_verf(&verf, &conf->cl_verifier);
2536
2537 if (update) {
2538 if (!clp_used_exchangeid(conf)) { /* buggy client */
2539 status = nfserr_inval;
2540 goto out;
2541 }
2542 if (!nfsd4_mach_creds_match(conf, rqstp)) {
2543 status = nfserr_wrong_cred;
2544 goto out;
2545 }
2546 if (!creds_match) { /* case 9 */
2547 status = nfserr_perm;
2548 goto out;
2549 }
2550 if (!verfs_match) { /* case 8 */
2551 status = nfserr_not_same;
2552 goto out;
2553 }
2554 /* case 6 */
2555 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
2556 goto out_copy;
2557 }
2558 if (!creds_match) { /* case 3 */
2559 if (client_has_state(conf)) {
2560 status = nfserr_clid_inuse;
2561 goto out;
2562 }
2563 goto out_new;
2564 }
2565 if (verfs_match) { /* case 2 */
2566 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
2567 goto out_copy;
2568 }
2569 /* case 5, client reboot */
2570 conf = NULL;
2571 goto out_new;
2572 }
2573
2574 if (update) { /* case 7 */
2575 status = nfserr_noent;
2576 goto out;
2577 }
2578
2579 unconf = find_unconfirmed_client_by_name(&exid->clname, nn);
2580 if (unconf) /* case 4, possible retry or client restart */
2581 unhash_client_locked(unconf);
2582
2583 /* case 1 (normal case) */
2584 out_new:
2585 if (conf) {
2586 status = mark_client_expired_locked(conf);
2587 if (status)
2588 goto out;
2589 }
2590 new->cl_minorversion = cstate->minorversion;
2591 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0];
2592 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1];
2593
2594 gen_clid(new, nn);
2595 add_to_unconfirmed(new);
2596 swap(new, conf);
2597 out_copy:
2598 exid->clientid.cl_boot = conf->cl_clientid.cl_boot;
2599 exid->clientid.cl_id = conf->cl_clientid.cl_id;
2600
2601 exid->seqid = conf->cl_cs_slot.sl_seqid + 1;
2602 nfsd4_set_ex_flags(conf, exid);
2603
2604 dprintk("nfsd4_exchange_id seqid %d flags %x\n",
2605 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags);
2606 status = nfs_ok;
2607
2608 out:
2609 spin_unlock(&nn->client_lock);
2610 out_nolock:
2611 if (new)
2612 expire_client(new);
2613 if (unconf)
2614 expire_client(unconf);
2615 return status;
2616 }
2617
2618 static __be32
check_slot_seqid(u32 seqid,u32 slot_seqid,int slot_inuse)2619 check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
2620 {
2621 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
2622 slot_seqid);
2623
2624 /* The slot is in use, and no response has been sent. */
2625 if (slot_inuse) {
2626 if (seqid == slot_seqid)
2627 return nfserr_jukebox;
2628 else
2629 return nfserr_seq_misordered;
2630 }
2631 /* Note unsigned 32-bit arithmetic handles wraparound: */
2632 if (likely(seqid == slot_seqid + 1))
2633 return nfs_ok;
2634 if (seqid == slot_seqid)
2635 return nfserr_replay_cache;
2636 return nfserr_seq_misordered;
2637 }
2638
2639 /*
2640 * Cache the create session result into the create session single DRC
2641 * slot cache by saving the xdr structure. sl_seqid has been set.
2642 * Do this for solo or embedded create session operations.
2643 */
2644 static void
nfsd4_cache_create_session(struct nfsd4_create_session * cr_ses,struct nfsd4_clid_slot * slot,__be32 nfserr)2645 nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
2646 struct nfsd4_clid_slot *slot, __be32 nfserr)
2647 {
2648 slot->sl_status = nfserr;
2649 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
2650 }
2651
2652 static __be32
nfsd4_replay_create_session(struct nfsd4_create_session * cr_ses,struct nfsd4_clid_slot * slot)2653 nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
2654 struct nfsd4_clid_slot *slot)
2655 {
2656 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
2657 return slot->sl_status;
2658 }
2659
2660 #define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
2661 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
2662 1 + /* MIN tag is length with zero, only length */ \
2663 3 + /* version, opcount, opcode */ \
2664 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2665 /* seqid, slotID, slotID, cache */ \
2666 4 ) * sizeof(__be32))
2667
2668 #define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
2669 2 + /* verifier: AUTH_NULL, length 0 */\
2670 1 + /* status */ \
2671 1 + /* MIN tag is length with zero, only length */ \
2672 3 + /* opcount, opcode, opstatus*/ \
2673 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2674 /* seqid, slotID, slotID, slotID, status */ \
2675 5 ) * sizeof(__be32))
2676
check_forechannel_attrs(struct nfsd4_channel_attrs * ca,struct nfsd_net * nn)2677 static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
2678 {
2679 u32 maxrpc = nn->nfsd_serv->sv_max_mesg;
2680
2681 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ)
2682 return nfserr_toosmall;
2683 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ)
2684 return nfserr_toosmall;
2685 ca->headerpadsz = 0;
2686 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc);
2687 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc);
2688 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND);
2689 ca->maxresp_cached = min_t(u32, ca->maxresp_cached,
2690 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ);
2691 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION);
2692 /*
2693 * Note decreasing slot size below client's request may make it
2694 * difficult for client to function correctly, whereas
2695 * decreasing the number of slots will (just?) affect
2696 * performance. When short on memory we therefore prefer to
2697 * decrease number of slots instead of their size. Clients that
2698 * request larger slots than they need will get poor results:
2699 */
2700 ca->maxreqs = nfsd4_get_drc_mem(ca);
2701 if (!ca->maxreqs)
2702 return nfserr_jukebox;
2703
2704 return nfs_ok;
2705 }
2706
2707 /*
2708 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now.
2709 * These are based on similar macros in linux/sunrpc/msg_prot.h .
2710 */
2711 #define RPC_MAX_HEADER_WITH_AUTH_SYS \
2712 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK))
2713
2714 #define RPC_MAX_REPHEADER_WITH_AUTH_SYS \
2715 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK))
2716
2717 #define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
2718 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32))
2719 #define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
2720 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \
2721 sizeof(__be32))
2722
check_backchannel_attrs(struct nfsd4_channel_attrs * ca)2723 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
2724 {
2725 ca->headerpadsz = 0;
2726
2727 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
2728 return nfserr_toosmall;
2729 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
2730 return nfserr_toosmall;
2731 ca->maxresp_cached = 0;
2732 if (ca->maxops < 2)
2733 return nfserr_toosmall;
2734
2735 return nfs_ok;
2736 }
2737
nfsd4_check_cb_sec(struct nfsd4_cb_sec * cbs)2738 static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs)
2739 {
2740 switch (cbs->flavor) {
2741 case RPC_AUTH_NULL:
2742 case RPC_AUTH_UNIX:
2743 return nfs_ok;
2744 default:
2745 /*
2746 * GSS case: the spec doesn't allow us to return this
2747 * error. But it also doesn't allow us not to support
2748 * GSS.
2749 * I'd rather this fail hard than return some error the
2750 * client might think it can already handle:
2751 */
2752 return nfserr_encr_alg_unsupp;
2753 }
2754 }
2755
2756 __be32
nfsd4_create_session(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_create_session * cr_ses)2757 nfsd4_create_session(struct svc_rqst *rqstp,
2758 struct nfsd4_compound_state *cstate,
2759 struct nfsd4_create_session *cr_ses)
2760 {
2761 struct sockaddr *sa = svc_addr(rqstp);
2762 struct nfs4_client *conf, *unconf;
2763 struct nfs4_client *old = NULL;
2764 struct nfsd4_session *new;
2765 struct nfsd4_conn *conn;
2766 struct nfsd4_clid_slot *cs_slot = NULL;
2767 __be32 status = 0;
2768 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2769
2770 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
2771 return nfserr_inval;
2772 status = nfsd4_check_cb_sec(&cr_ses->cb_sec);
2773 if (status)
2774 return status;
2775 status = check_forechannel_attrs(&cr_ses->fore_channel, nn);
2776 if (status)
2777 return status;
2778 status = check_backchannel_attrs(&cr_ses->back_channel);
2779 if (status)
2780 goto out_release_drc_mem;
2781 status = nfserr_jukebox;
2782 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel);
2783 if (!new)
2784 goto out_release_drc_mem;
2785 conn = alloc_conn_from_crses(rqstp, cr_ses);
2786 if (!conn)
2787 goto out_free_session;
2788
2789 spin_lock(&nn->client_lock);
2790 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn);
2791 conf = find_confirmed_client(&cr_ses->clientid, true, nn);
2792 WARN_ON_ONCE(conf && unconf);
2793
2794 if (conf) {
2795 status = nfserr_wrong_cred;
2796 if (!nfsd4_mach_creds_match(conf, rqstp))
2797 goto out_free_conn;
2798 cs_slot = &conf->cl_cs_slot;
2799 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
2800 if (status) {
2801 if (status == nfserr_replay_cache)
2802 status = nfsd4_replay_create_session(cr_ses, cs_slot);
2803 goto out_free_conn;
2804 }
2805 } else if (unconf) {
2806 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
2807 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
2808 status = nfserr_clid_inuse;
2809 goto out_free_conn;
2810 }
2811 status = nfserr_wrong_cred;
2812 if (!nfsd4_mach_creds_match(unconf, rqstp))
2813 goto out_free_conn;
2814 cs_slot = &unconf->cl_cs_slot;
2815 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
2816 if (status) {
2817 /* an unconfirmed replay returns misordered */
2818 status = nfserr_seq_misordered;
2819 goto out_free_conn;
2820 }
2821 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
2822 if (old) {
2823 status = mark_client_expired_locked(old);
2824 if (status) {
2825 old = NULL;
2826 goto out_free_conn;
2827 }
2828 }
2829 move_to_confirmed(unconf);
2830 conf = unconf;
2831 } else {
2832 status = nfserr_stale_clientid;
2833 goto out_free_conn;
2834 }
2835 status = nfs_ok;
2836 /* Persistent sessions are not supported */
2837 cr_ses->flags &= ~SESSION4_PERSIST;
2838 /* Upshifting from TCP to RDMA is not supported */
2839 cr_ses->flags &= ~SESSION4_RDMA;
2840
2841 init_session(rqstp, new, conf, cr_ses);
2842 nfsd4_get_session_locked(new);
2843
2844 memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
2845 NFS4_MAX_SESSIONID_LEN);
2846 cs_slot->sl_seqid++;
2847 cr_ses->seqid = cs_slot->sl_seqid;
2848
2849 /* cache solo and embedded create sessions under the client_lock */
2850 nfsd4_cache_create_session(cr_ses, cs_slot, status);
2851 spin_unlock(&nn->client_lock);
2852 /* init connection and backchannel */
2853 nfsd4_init_conn(rqstp, conn, new);
2854 nfsd4_put_session(new);
2855 if (old)
2856 expire_client(old);
2857 return status;
2858 out_free_conn:
2859 spin_unlock(&nn->client_lock);
2860 free_conn(conn);
2861 if (old)
2862 expire_client(old);
2863 out_free_session:
2864 __free_session(new);
2865 out_release_drc_mem:
2866 nfsd4_put_drc_mem(&cr_ses->fore_channel);
2867 return status;
2868 }
2869
nfsd4_map_bcts_dir(u32 * dir)2870 static __be32 nfsd4_map_bcts_dir(u32 *dir)
2871 {
2872 switch (*dir) {
2873 case NFS4_CDFC4_FORE:
2874 case NFS4_CDFC4_BACK:
2875 return nfs_ok;
2876 case NFS4_CDFC4_FORE_OR_BOTH:
2877 case NFS4_CDFC4_BACK_OR_BOTH:
2878 *dir = NFS4_CDFC4_BOTH;
2879 return nfs_ok;
2880 };
2881 return nfserr_inval;
2882 }
2883
nfsd4_backchannel_ctl(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_backchannel_ctl * bc)2884 __be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_backchannel_ctl *bc)
2885 {
2886 struct nfsd4_session *session = cstate->session;
2887 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2888 __be32 status;
2889
2890 status = nfsd4_check_cb_sec(&bc->bc_cb_sec);
2891 if (status)
2892 return status;
2893 spin_lock(&nn->client_lock);
2894 session->se_cb_prog = bc->bc_cb_program;
2895 session->se_cb_sec = bc->bc_cb_sec;
2896 spin_unlock(&nn->client_lock);
2897
2898 nfsd4_probe_callback(session->se_client);
2899
2900 return nfs_ok;
2901 }
2902
nfsd4_bind_conn_to_session(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_bind_conn_to_session * bcts)2903 __be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
2904 struct nfsd4_compound_state *cstate,
2905 struct nfsd4_bind_conn_to_session *bcts)
2906 {
2907 __be32 status;
2908 struct nfsd4_conn *conn;
2909 struct nfsd4_session *session;
2910 struct net *net = SVC_NET(rqstp);
2911 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
2912
2913 if (!nfsd4_last_compound_op(rqstp))
2914 return nfserr_not_only_op;
2915 spin_lock(&nn->client_lock);
2916 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status);
2917 spin_unlock(&nn->client_lock);
2918 if (!session)
2919 goto out_no_session;
2920 status = nfserr_wrong_cred;
2921 if (!nfsd4_mach_creds_match(session->se_client, rqstp))
2922 goto out;
2923 status = nfsd4_map_bcts_dir(&bcts->dir);
2924 if (status)
2925 goto out;
2926 conn = alloc_conn(rqstp, bcts->dir);
2927 status = nfserr_jukebox;
2928 if (!conn)
2929 goto out;
2930 nfsd4_init_conn(rqstp, conn, session);
2931 status = nfs_ok;
2932 out:
2933 nfsd4_put_session(session);
2934 out_no_session:
2935 return status;
2936 }
2937
nfsd4_compound_in_session(struct nfsd4_session * session,struct nfs4_sessionid * sid)2938 static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
2939 {
2940 if (!session)
2941 return 0;
2942 return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
2943 }
2944
2945 __be32
nfsd4_destroy_session(struct svc_rqst * r,struct nfsd4_compound_state * cstate,struct nfsd4_destroy_session * sessionid)2946 nfsd4_destroy_session(struct svc_rqst *r,
2947 struct nfsd4_compound_state *cstate,
2948 struct nfsd4_destroy_session *sessionid)
2949 {
2950 struct nfsd4_session *ses;
2951 __be32 status;
2952 int ref_held_by_me = 0;
2953 struct net *net = SVC_NET(r);
2954 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
2955
2956 status = nfserr_not_only_op;
2957 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
2958 if (!nfsd4_last_compound_op(r))
2959 goto out;
2960 ref_held_by_me++;
2961 }
2962 dump_sessionid(__func__, &sessionid->sessionid);
2963 spin_lock(&nn->client_lock);
2964 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status);
2965 if (!ses)
2966 goto out_client_lock;
2967 status = nfserr_wrong_cred;
2968 if (!nfsd4_mach_creds_match(ses->se_client, r))
2969 goto out_put_session;
2970 status = mark_session_dead_locked(ses, 1 + ref_held_by_me);
2971 if (status)
2972 goto out_put_session;
2973 unhash_session(ses);
2974 spin_unlock(&nn->client_lock);
2975
2976 nfsd4_probe_callback_sync(ses->se_client);
2977
2978 spin_lock(&nn->client_lock);
2979 status = nfs_ok;
2980 out_put_session:
2981 nfsd4_put_session_locked(ses);
2982 out_client_lock:
2983 spin_unlock(&nn->client_lock);
2984 out:
2985 return status;
2986 }
2987
__nfsd4_find_conn(struct svc_xprt * xpt,struct nfsd4_session * s)2988 static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
2989 {
2990 struct nfsd4_conn *c;
2991
2992 list_for_each_entry(c, &s->se_conns, cn_persession) {
2993 if (c->cn_xprt == xpt) {
2994 return c;
2995 }
2996 }
2997 return NULL;
2998 }
2999
nfsd4_sequence_check_conn(struct nfsd4_conn * new,struct nfsd4_session * ses)3000 static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
3001 {
3002 struct nfs4_client *clp = ses->se_client;
3003 struct nfsd4_conn *c;
3004 __be32 status = nfs_ok;
3005 int ret;
3006
3007 spin_lock(&clp->cl_lock);
3008 c = __nfsd4_find_conn(new->cn_xprt, ses);
3009 if (c)
3010 goto out_free;
3011 status = nfserr_conn_not_bound_to_session;
3012 if (clp->cl_mach_cred)
3013 goto out_free;
3014 __nfsd4_hash_conn(new, ses);
3015 spin_unlock(&clp->cl_lock);
3016 ret = nfsd4_register_conn(new);
3017 if (ret)
3018 /* oops; xprt is already down: */
3019 nfsd4_conn_lost(&new->cn_xpt_user);
3020 return nfs_ok;
3021 out_free:
3022 spin_unlock(&clp->cl_lock);
3023 free_conn(new);
3024 return status;
3025 }
3026
nfsd4_session_too_many_ops(struct svc_rqst * rqstp,struct nfsd4_session * session)3027 static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
3028 {
3029 struct nfsd4_compoundargs *args = rqstp->rq_argp;
3030
3031 return args->opcnt > session->se_fchannel.maxops;
3032 }
3033
nfsd4_request_too_big(struct svc_rqst * rqstp,struct nfsd4_session * session)3034 static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
3035 struct nfsd4_session *session)
3036 {
3037 struct xdr_buf *xb = &rqstp->rq_arg;
3038
3039 return xb->len > session->se_fchannel.maxreq_sz;
3040 }
3041
3042 __be32
nfsd4_sequence(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_sequence * seq)3043 nfsd4_sequence(struct svc_rqst *rqstp,
3044 struct nfsd4_compound_state *cstate,
3045 struct nfsd4_sequence *seq)
3046 {
3047 struct nfsd4_compoundres *resp = rqstp->rq_resp;
3048 struct xdr_stream *xdr = &resp->xdr;
3049 struct nfsd4_session *session;
3050 struct nfs4_client *clp;
3051 struct nfsd4_slot *slot;
3052 struct nfsd4_conn *conn;
3053 __be32 status;
3054 int buflen;
3055 struct net *net = SVC_NET(rqstp);
3056 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
3057
3058 if (resp->opcnt != 1)
3059 return nfserr_sequence_pos;
3060
3061 /*
3062 * Will be either used or freed by nfsd4_sequence_check_conn
3063 * below.
3064 */
3065 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
3066 if (!conn)
3067 return nfserr_jukebox;
3068
3069 spin_lock(&nn->client_lock);
3070 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status);
3071 if (!session)
3072 goto out_no_session;
3073 clp = session->se_client;
3074
3075 status = nfserr_too_many_ops;
3076 if (nfsd4_session_too_many_ops(rqstp, session))
3077 goto out_put_session;
3078
3079 status = nfserr_req_too_big;
3080 if (nfsd4_request_too_big(rqstp, session))
3081 goto out_put_session;
3082
3083 status = nfserr_badslot;
3084 if (seq->slotid >= session->se_fchannel.maxreqs)
3085 goto out_put_session;
3086
3087 slot = session->se_slots[seq->slotid];
3088 dprintk("%s: slotid %d\n", __func__, seq->slotid);
3089
3090 /* We do not negotiate the number of slots yet, so set the
3091 * maxslots to the session maxreqs which is used to encode
3092 * sr_highest_slotid and the sr_target_slot id to maxslots */
3093 seq->maxslots = session->se_fchannel.maxreqs;
3094
3095 status = check_slot_seqid(seq->seqid, slot->sl_seqid,
3096 slot->sl_flags & NFSD4_SLOT_INUSE);
3097 if (status == nfserr_replay_cache) {
3098 status = nfserr_seq_misordered;
3099 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
3100 goto out_put_session;
3101 cstate->slot = slot;
3102 cstate->session = session;
3103 cstate->clp = clp;
3104 /* Return the cached reply status and set cstate->status
3105 * for nfsd4_proc_compound processing */
3106 status = nfsd4_replay_cache_entry(resp, seq);
3107 cstate->status = nfserr_replay_cache;
3108 goto out;
3109 }
3110 if (status)
3111 goto out_put_session;
3112
3113 status = nfsd4_sequence_check_conn(conn, session);
3114 conn = NULL;
3115 if (status)
3116 goto out_put_session;
3117
3118 buflen = (seq->cachethis) ?
3119 session->se_fchannel.maxresp_cached :
3120 session->se_fchannel.maxresp_sz;
3121 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :
3122 nfserr_rep_too_big;
3123 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))
3124 goto out_put_session;
3125 svc_reserve(rqstp, buflen);
3126
3127 status = nfs_ok;
3128 /* Success! bump slot seqid */
3129 slot->sl_seqid = seq->seqid;
3130 slot->sl_flags |= NFSD4_SLOT_INUSE;
3131 if (seq->cachethis)
3132 slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
3133 else
3134 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
3135
3136 cstate->slot = slot;
3137 cstate->session = session;
3138 cstate->clp = clp;
3139
3140 out:
3141 switch (clp->cl_cb_state) {
3142 case NFSD4_CB_DOWN:
3143 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
3144 break;
3145 case NFSD4_CB_FAULT:
3146 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
3147 break;
3148 default:
3149 seq->status_flags = 0;
3150 }
3151 if (!list_empty(&clp->cl_revoked))
3152 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED;
3153 out_no_session:
3154 if (conn)
3155 free_conn(conn);
3156 spin_unlock(&nn->client_lock);
3157 return status;
3158 out_put_session:
3159 nfsd4_put_session_locked(session);
3160 goto out_no_session;
3161 }
3162
3163 void
nfsd4_sequence_done(struct nfsd4_compoundres * resp)3164 nfsd4_sequence_done(struct nfsd4_compoundres *resp)
3165 {
3166 struct nfsd4_compound_state *cs = &resp->cstate;
3167
3168 if (nfsd4_has_session(cs)) {
3169 if (cs->status != nfserr_replay_cache) {
3170 nfsd4_store_cache_entry(resp);
3171 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE;
3172 }
3173 /* Drop session reference that was taken in nfsd4_sequence() */
3174 nfsd4_put_session(cs->session);
3175 } else if (cs->clp)
3176 put_client_renew(cs->clp);
3177 }
3178
3179 __be32
nfsd4_destroy_clientid(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_destroy_clientid * dc)3180 nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
3181 {
3182 struct nfs4_client *conf, *unconf;
3183 struct nfs4_client *clp = NULL;
3184 __be32 status = 0;
3185 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
3186
3187 spin_lock(&nn->client_lock);
3188 unconf = find_unconfirmed_client(&dc->clientid, true, nn);
3189 conf = find_confirmed_client(&dc->clientid, true, nn);
3190 WARN_ON_ONCE(conf && unconf);
3191
3192 if (conf) {
3193 if (client_has_state(conf)) {
3194 status = nfserr_clientid_busy;
3195 goto out;
3196 }
3197 status = mark_client_expired_locked(conf);
3198 if (status)
3199 goto out;
3200 clp = conf;
3201 } else if (unconf)
3202 clp = unconf;
3203 else {
3204 status = nfserr_stale_clientid;
3205 goto out;
3206 }
3207 if (!nfsd4_mach_creds_match(clp, rqstp)) {
3208 clp = NULL;
3209 status = nfserr_wrong_cred;
3210 goto out;
3211 }
3212 unhash_client_locked(clp);
3213 out:
3214 spin_unlock(&nn->client_lock);
3215 if (clp)
3216 expire_client(clp);
3217 return status;
3218 }
3219
3220 __be32
nfsd4_reclaim_complete(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_reclaim_complete * rc)3221 nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
3222 {
3223 __be32 status = 0;
3224
3225 if (rc->rca_one_fs) {
3226 if (!cstate->current_fh.fh_dentry)
3227 return nfserr_nofilehandle;
3228 /*
3229 * We don't take advantage of the rca_one_fs case.
3230 * That's OK, it's optional, we can safely ignore it.
3231 */
3232 return nfs_ok;
3233 }
3234
3235 status = nfserr_complete_already;
3236 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
3237 &cstate->session->se_client->cl_flags))
3238 goto out;
3239
3240 status = nfserr_stale_clientid;
3241 if (is_client_expired(cstate->session->se_client))
3242 /*
3243 * The following error isn't really legal.
3244 * But we only get here if the client just explicitly
3245 * destroyed the client. Surely it no longer cares what
3246 * error it gets back on an operation for the dead
3247 * client.
3248 */
3249 goto out;
3250
3251 status = nfs_ok;
3252 nfsd4_client_record_create(cstate->session->se_client);
3253 out:
3254 return status;
3255 }
3256
3257 __be32
nfsd4_setclientid(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_setclientid * setclid)3258 nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3259 struct nfsd4_setclientid *setclid)
3260 {
3261 struct xdr_netobj clname = setclid->se_name;
3262 nfs4_verifier clverifier = setclid->se_verf;
3263 struct nfs4_client *conf, *new;
3264 struct nfs4_client *unconf = NULL;
3265 __be32 status;
3266 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
3267
3268 new = create_client(clname, rqstp, &clverifier);
3269 if (new == NULL)
3270 return nfserr_jukebox;
3271 /* Cases below refer to rfc 3530 section 14.2.33: */
3272 spin_lock(&nn->client_lock);
3273 conf = find_confirmed_client_by_name(&clname, nn);
3274 if (conf && client_has_state(conf)) {
3275 /* case 0: */
3276 status = nfserr_clid_inuse;
3277 if (clp_used_exchangeid(conf))
3278 goto out;
3279 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
3280 char addr_str[INET6_ADDRSTRLEN];
3281 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
3282 sizeof(addr_str));
3283 dprintk("NFSD: setclientid: string in use by client "
3284 "at %s\n", addr_str);
3285 goto out;
3286 }
3287 }
3288 unconf = find_unconfirmed_client_by_name(&clname, nn);
3289 if (unconf)
3290 unhash_client_locked(unconf);
3291 if (conf && same_verf(&conf->cl_verifier, &clverifier)) {
3292 /* case 1: probable callback update */
3293 copy_clid(new, conf);
3294 gen_confirm(new, nn);
3295 } else /* case 4 (new client) or cases 2, 3 (client reboot): */
3296 gen_clid(new, nn);
3297 new->cl_minorversion = 0;
3298 gen_callback(new, setclid, rqstp);
3299 add_to_unconfirmed(new);
3300 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
3301 setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
3302 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
3303 new = NULL;
3304 status = nfs_ok;
3305 out:
3306 spin_unlock(&nn->client_lock);
3307 if (new)
3308 free_client(new);
3309 if (unconf)
3310 expire_client(unconf);
3311 return status;
3312 }
3313
3314
3315 __be32
nfsd4_setclientid_confirm(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_setclientid_confirm * setclientid_confirm)3316 nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
3317 struct nfsd4_compound_state *cstate,
3318 struct nfsd4_setclientid_confirm *setclientid_confirm)
3319 {
3320 struct nfs4_client *conf, *unconf;
3321 struct nfs4_client *old = NULL;
3322 nfs4_verifier confirm = setclientid_confirm->sc_confirm;
3323 clientid_t * clid = &setclientid_confirm->sc_clientid;
3324 __be32 status;
3325 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
3326
3327 if (STALE_CLIENTID(clid, nn))
3328 return nfserr_stale_clientid;
3329
3330 spin_lock(&nn->client_lock);
3331 conf = find_confirmed_client(clid, false, nn);
3332 unconf = find_unconfirmed_client(clid, false, nn);
3333 /*
3334 * We try hard to give out unique clientid's, so if we get an
3335 * attempt to confirm the same clientid with a different cred,
3336 * the client may be buggy; this should never happen.
3337 *
3338 * Nevertheless, RFC 7530 recommends INUSE for this case:
3339 */
3340 status = nfserr_clid_inuse;
3341 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
3342 goto out;
3343 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
3344 goto out;
3345 /* cases below refer to rfc 3530 section 14.2.34: */
3346 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
3347 if (conf && same_verf(&confirm, &conf->cl_confirm)) {
3348 /* case 2: probable retransmit */
3349 status = nfs_ok;
3350 } else /* case 4: client hasn't noticed we rebooted yet? */
3351 status = nfserr_stale_clientid;
3352 goto out;
3353 }
3354 status = nfs_ok;
3355 if (conf) { /* case 1: callback update */
3356 old = unconf;
3357 unhash_client_locked(old);
3358 nfsd4_change_callback(conf, &unconf->cl_cb_conn);
3359 } else { /* case 3: normal case; new or rebooted client */
3360 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
3361 if (old) {
3362 status = nfserr_clid_inuse;
3363 if (client_has_state(old)
3364 && !same_creds(&unconf->cl_cred,
3365 &old->cl_cred))
3366 goto out;
3367 status = mark_client_expired_locked(old);
3368 if (status) {
3369 old = NULL;
3370 goto out;
3371 }
3372 }
3373 move_to_confirmed(unconf);
3374 conf = unconf;
3375 }
3376 get_client_locked(conf);
3377 spin_unlock(&nn->client_lock);
3378 nfsd4_probe_callback(conf);
3379 spin_lock(&nn->client_lock);
3380 put_client_renew_locked(conf);
3381 out:
3382 spin_unlock(&nn->client_lock);
3383 if (old)
3384 expire_client(old);
3385 return status;
3386 }
3387
nfsd4_alloc_file(void)3388 static struct nfs4_file *nfsd4_alloc_file(void)
3389 {
3390 return kmem_cache_alloc(file_slab, GFP_KERNEL);
3391 }
3392
3393 /* OPEN Share state helper functions */
nfsd4_init_file(struct knfsd_fh * fh,unsigned int hashval,struct nfs4_file * fp)3394 static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval,
3395 struct nfs4_file *fp)
3396 {
3397 lockdep_assert_held(&state_lock);
3398
3399 atomic_set(&fp->fi_ref, 1);
3400 spin_lock_init(&fp->fi_lock);
3401 INIT_LIST_HEAD(&fp->fi_stateids);
3402 INIT_LIST_HEAD(&fp->fi_delegations);
3403 INIT_LIST_HEAD(&fp->fi_clnt_odstate);
3404 fh_copy_shallow(&fp->fi_fhandle, fh);
3405 fp->fi_deleg_file = NULL;
3406 fp->fi_had_conflict = false;
3407 fp->fi_share_deny = 0;
3408 memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
3409 memset(fp->fi_access, 0, sizeof(fp->fi_access));
3410 #ifdef CONFIG_NFSD_PNFS
3411 INIT_LIST_HEAD(&fp->fi_lo_states);
3412 atomic_set(&fp->fi_lo_recalls, 0);
3413 #endif
3414 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]);
3415 }
3416
3417 void
nfsd4_free_slabs(void)3418 nfsd4_free_slabs(void)
3419 {
3420 kmem_cache_destroy(odstate_slab);
3421 kmem_cache_destroy(openowner_slab);
3422 kmem_cache_destroy(lockowner_slab);
3423 kmem_cache_destroy(file_slab);
3424 kmem_cache_destroy(stateid_slab);
3425 kmem_cache_destroy(deleg_slab);
3426 }
3427
3428 int
nfsd4_init_slabs(void)3429 nfsd4_init_slabs(void)
3430 {
3431 openowner_slab = kmem_cache_create("nfsd4_openowners",
3432 sizeof(struct nfs4_openowner), 0, 0, NULL);
3433 if (openowner_slab == NULL)
3434 goto out;
3435 lockowner_slab = kmem_cache_create("nfsd4_lockowners",
3436 sizeof(struct nfs4_lockowner), 0, 0, NULL);
3437 if (lockowner_slab == NULL)
3438 goto out_free_openowner_slab;
3439 file_slab = kmem_cache_create("nfsd4_files",
3440 sizeof(struct nfs4_file), 0, 0, NULL);
3441 if (file_slab == NULL)
3442 goto out_free_lockowner_slab;
3443 stateid_slab = kmem_cache_create("nfsd4_stateids",
3444 sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
3445 if (stateid_slab == NULL)
3446 goto out_free_file_slab;
3447 deleg_slab = kmem_cache_create("nfsd4_delegations",
3448 sizeof(struct nfs4_delegation), 0, 0, NULL);
3449 if (deleg_slab == NULL)
3450 goto out_free_stateid_slab;
3451 odstate_slab = kmem_cache_create("nfsd4_odstate",
3452 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL);
3453 if (odstate_slab == NULL)
3454 goto out_free_deleg_slab;
3455 return 0;
3456
3457 out_free_deleg_slab:
3458 kmem_cache_destroy(deleg_slab);
3459 out_free_stateid_slab:
3460 kmem_cache_destroy(stateid_slab);
3461 out_free_file_slab:
3462 kmem_cache_destroy(file_slab);
3463 out_free_lockowner_slab:
3464 kmem_cache_destroy(lockowner_slab);
3465 out_free_openowner_slab:
3466 kmem_cache_destroy(openowner_slab);
3467 out:
3468 dprintk("nfsd4: out of memory while initializing nfsv4\n");
3469 return -ENOMEM;
3470 }
3471
init_nfs4_replay(struct nfs4_replay * rp)3472 static void init_nfs4_replay(struct nfs4_replay *rp)
3473 {
3474 rp->rp_status = nfserr_serverfault;
3475 rp->rp_buflen = 0;
3476 rp->rp_buf = rp->rp_ibuf;
3477 mutex_init(&rp->rp_mutex);
3478 }
3479
nfsd4_cstate_assign_replay(struct nfsd4_compound_state * cstate,struct nfs4_stateowner * so)3480 static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate,
3481 struct nfs4_stateowner *so)
3482 {
3483 if (!nfsd4_has_session(cstate)) {
3484 mutex_lock(&so->so_replay.rp_mutex);
3485 cstate->replay_owner = nfs4_get_stateowner(so);
3486 }
3487 }
3488
nfsd4_cstate_clear_replay(struct nfsd4_compound_state * cstate)3489 void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate)
3490 {
3491 struct nfs4_stateowner *so = cstate->replay_owner;
3492
3493 if (so != NULL) {
3494 cstate->replay_owner = NULL;
3495 mutex_unlock(&so->so_replay.rp_mutex);
3496 nfs4_put_stateowner(so);
3497 }
3498 }
3499
alloc_stateowner(struct kmem_cache * slab,struct xdr_netobj * owner,struct nfs4_client * clp)3500 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
3501 {
3502 struct nfs4_stateowner *sop;
3503
3504 sop = kmem_cache_alloc(slab, GFP_KERNEL);
3505 if (!sop)
3506 return NULL;
3507
3508 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
3509 if (!sop->so_owner.data) {
3510 kmem_cache_free(slab, sop);
3511 return NULL;
3512 }
3513 sop->so_owner.len = owner->len;
3514
3515 INIT_LIST_HEAD(&sop->so_stateids);
3516 sop->so_client = clp;
3517 init_nfs4_replay(&sop->so_replay);
3518 atomic_set(&sop->so_count, 1);
3519 return sop;
3520 }
3521
hash_openowner(struct nfs4_openowner * oo,struct nfs4_client * clp,unsigned int strhashval)3522 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
3523 {
3524 lockdep_assert_held(&clp->cl_lock);
3525
3526 list_add(&oo->oo_owner.so_strhash,
3527 &clp->cl_ownerstr_hashtbl[strhashval]);
3528 list_add(&oo->oo_perclient, &clp->cl_openowners);
3529 }
3530
nfs4_unhash_openowner(struct nfs4_stateowner * so)3531 static void nfs4_unhash_openowner(struct nfs4_stateowner *so)
3532 {
3533 unhash_openowner_locked(openowner(so));
3534 }
3535
nfs4_free_openowner(struct nfs4_stateowner * so)3536 static void nfs4_free_openowner(struct nfs4_stateowner *so)
3537 {
3538 struct nfs4_openowner *oo = openowner(so);
3539
3540 kmem_cache_free(openowner_slab, oo);
3541 }
3542
3543 static const struct nfs4_stateowner_operations openowner_ops = {
3544 .so_unhash = nfs4_unhash_openowner,
3545 .so_free = nfs4_free_openowner,
3546 };
3547
3548 static struct nfs4_ol_stateid *
nfsd4_find_existing_open(struct nfs4_file * fp,struct nfsd4_open * open)3549 nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
3550 {
3551 struct nfs4_ol_stateid *local, *ret = NULL;
3552 struct nfs4_openowner *oo = open->op_openowner;
3553
3554 lockdep_assert_held(&fp->fi_lock);
3555
3556 list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
3557 /* ignore lock owners */
3558 if (local->st_stateowner->so_is_open_owner == 0)
3559 continue;
3560 if (local->st_stateowner != &oo->oo_owner)
3561 continue;
3562 if (local->st_stid.sc_type == NFS4_OPEN_STID) {
3563 ret = local;
3564 atomic_inc(&ret->st_stid.sc_count);
3565 break;
3566 }
3567 }
3568 return ret;
3569 }
3570
3571 static __be32
nfsd4_verify_open_stid(struct nfs4_stid * s)3572 nfsd4_verify_open_stid(struct nfs4_stid *s)
3573 {
3574 __be32 ret = nfs_ok;
3575
3576 switch (s->sc_type) {
3577 default:
3578 break;
3579 case NFS4_CLOSED_STID:
3580 case NFS4_CLOSED_DELEG_STID:
3581 ret = nfserr_bad_stateid;
3582 break;
3583 case NFS4_REVOKED_DELEG_STID:
3584 ret = nfserr_deleg_revoked;
3585 }
3586 return ret;
3587 }
3588
3589 /* Lock the stateid st_mutex, and deal with races with CLOSE */
3590 static __be32
nfsd4_lock_ol_stateid(struct nfs4_ol_stateid * stp)3591 nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp)
3592 {
3593 __be32 ret;
3594
3595 mutex_lock(&stp->st_mutex);
3596 ret = nfsd4_verify_open_stid(&stp->st_stid);
3597 if (ret != nfs_ok)
3598 mutex_unlock(&stp->st_mutex);
3599 return ret;
3600 }
3601
3602 static struct nfs4_ol_stateid *
nfsd4_find_and_lock_existing_open(struct nfs4_file * fp,struct nfsd4_open * open)3603 nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
3604 {
3605 struct nfs4_ol_stateid *stp;
3606 for (;;) {
3607 spin_lock(&fp->fi_lock);
3608 stp = nfsd4_find_existing_open(fp, open);
3609 spin_unlock(&fp->fi_lock);
3610 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok)
3611 break;
3612 nfs4_put_stid(&stp->st_stid);
3613 }
3614 return stp;
3615 }
3616
3617 static struct nfs4_openowner *
alloc_init_open_stateowner(unsigned int strhashval,struct nfsd4_open * open,struct nfsd4_compound_state * cstate)3618 alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
3619 struct nfsd4_compound_state *cstate)
3620 {
3621 struct nfs4_client *clp = cstate->clp;
3622 struct nfs4_openowner *oo, *ret;
3623
3624 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
3625 if (!oo)
3626 return NULL;
3627 oo->oo_owner.so_ops = &openowner_ops;
3628 oo->oo_owner.so_is_open_owner = 1;
3629 oo->oo_owner.so_seqid = open->op_seqid;
3630 oo->oo_flags = 0;
3631 if (nfsd4_has_session(cstate))
3632 oo->oo_flags |= NFS4_OO_CONFIRMED;
3633 oo->oo_time = 0;
3634 oo->oo_last_closed_stid = NULL;
3635 INIT_LIST_HEAD(&oo->oo_close_lru);
3636 spin_lock(&clp->cl_lock);
3637 ret = find_openstateowner_str_locked(strhashval, open, clp);
3638 if (ret == NULL) {
3639 hash_openowner(oo, clp, strhashval);
3640 ret = oo;
3641 } else
3642 nfs4_free_stateowner(&oo->oo_owner);
3643
3644 spin_unlock(&clp->cl_lock);
3645 return ret;
3646 }
3647
3648 static struct nfs4_ol_stateid *
init_open_stateid(struct nfs4_file * fp,struct nfsd4_open * open)3649 init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open)
3650 {
3651
3652 struct nfs4_openowner *oo = open->op_openowner;
3653 struct nfs4_ol_stateid *retstp = NULL;
3654 struct nfs4_ol_stateid *stp;
3655
3656 stp = open->op_stp;
3657 /* We are moving these outside of the spinlocks to avoid the warnings */
3658 mutex_init(&stp->st_mutex);
3659 mutex_lock(&stp->st_mutex);
3660
3661 retry:
3662 spin_lock(&oo->oo_owner.so_client->cl_lock);
3663 spin_lock(&fp->fi_lock);
3664
3665 retstp = nfsd4_find_existing_open(fp, open);
3666 if (retstp)
3667 goto out_unlock;
3668
3669 open->op_stp = NULL;
3670 atomic_inc(&stp->st_stid.sc_count);
3671 stp->st_stid.sc_type = NFS4_OPEN_STID;
3672 INIT_LIST_HEAD(&stp->st_locks);
3673 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner);
3674 get_nfs4_file(fp);
3675 stp->st_stid.sc_file = fp;
3676 stp->st_access_bmap = 0;
3677 stp->st_deny_bmap = 0;
3678 stp->st_openstp = NULL;
3679 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
3680 list_add(&stp->st_perfile, &fp->fi_stateids);
3681
3682 out_unlock:
3683 spin_unlock(&fp->fi_lock);
3684 spin_unlock(&oo->oo_owner.so_client->cl_lock);
3685 if (retstp) {
3686 /* Handle races with CLOSE */
3687 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) {
3688 nfs4_put_stid(&retstp->st_stid);
3689 goto retry;
3690 }
3691 /* To keep mutex tracking happy */
3692 mutex_unlock(&stp->st_mutex);
3693 stp = retstp;
3694 }
3695 return stp;
3696 }
3697
3698 /*
3699 * In the 4.0 case we need to keep the owners around a little while to handle
3700 * CLOSE replay. We still do need to release any file access that is held by
3701 * them before returning however.
3702 */
3703 static void
move_to_close_lru(struct nfs4_ol_stateid * s,struct net * net)3704 move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net)
3705 {
3706 struct nfs4_ol_stateid *last;
3707 struct nfs4_openowner *oo = openowner(s->st_stateowner);
3708 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net,
3709 nfsd_net_id);
3710
3711 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
3712
3713 /*
3714 * We know that we hold one reference via nfsd4_close, and another
3715 * "persistent" reference for the client. If the refcount is higher
3716 * than 2, then there are still calls in progress that are using this
3717 * stateid. We can't put the sc_file reference until they are finished.
3718 * Wait for the refcount to drop to 2. Since it has been unhashed,
3719 * there should be no danger of the refcount going back up again at
3720 * this point.
3721 */
3722 wait_event(close_wq, atomic_read(&s->st_stid.sc_count) == 2);
3723
3724 release_all_access(s);
3725 if (s->st_stid.sc_file) {
3726 put_nfs4_file(s->st_stid.sc_file);
3727 s->st_stid.sc_file = NULL;
3728 }
3729
3730 spin_lock(&nn->client_lock);
3731 last = oo->oo_last_closed_stid;
3732 oo->oo_last_closed_stid = s;
3733 list_move_tail(&oo->oo_close_lru, &nn->close_lru);
3734 oo->oo_time = get_seconds();
3735 spin_unlock(&nn->client_lock);
3736 if (last)
3737 nfs4_put_stid(&last->st_stid);
3738 }
3739
3740 /* search file_hashtbl[] for file */
3741 static struct nfs4_file *
find_file_locked(struct knfsd_fh * fh,unsigned int hashval)3742 find_file_locked(struct knfsd_fh *fh, unsigned int hashval)
3743 {
3744 struct nfs4_file *fp;
3745
3746 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) {
3747 if (fh_match(&fp->fi_fhandle, fh)) {
3748 if (atomic_inc_not_zero(&fp->fi_ref))
3749 return fp;
3750 }
3751 }
3752 return NULL;
3753 }
3754
3755 struct nfs4_file *
find_file(struct knfsd_fh * fh)3756 find_file(struct knfsd_fh *fh)
3757 {
3758 struct nfs4_file *fp;
3759 unsigned int hashval = file_hashval(fh);
3760
3761 rcu_read_lock();
3762 fp = find_file_locked(fh, hashval);
3763 rcu_read_unlock();
3764 return fp;
3765 }
3766
3767 static struct nfs4_file *
find_or_add_file(struct nfs4_file * new,struct knfsd_fh * fh)3768 find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh)
3769 {
3770 struct nfs4_file *fp;
3771 unsigned int hashval = file_hashval(fh);
3772
3773 rcu_read_lock();
3774 fp = find_file_locked(fh, hashval);
3775 rcu_read_unlock();
3776 if (fp)
3777 return fp;
3778
3779 spin_lock(&state_lock);
3780 fp = find_file_locked(fh, hashval);
3781 if (likely(fp == NULL)) {
3782 nfsd4_init_file(fh, hashval, new);
3783 fp = new;
3784 }
3785 spin_unlock(&state_lock);
3786
3787 return fp;
3788 }
3789
3790 /*
3791 * Called to check deny when READ with all zero stateid or
3792 * WRITE with all zero or all one stateid
3793 */
3794 static __be32
nfs4_share_conflict(struct svc_fh * current_fh,unsigned int deny_type)3795 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
3796 {
3797 struct nfs4_file *fp;
3798 __be32 ret = nfs_ok;
3799
3800 fp = find_file(¤t_fh->fh_handle);
3801 if (!fp)
3802 return ret;
3803 /* Check for conflicting share reservations */
3804 spin_lock(&fp->fi_lock);
3805 if (fp->fi_share_deny & deny_type)
3806 ret = nfserr_locked;
3807 spin_unlock(&fp->fi_lock);
3808 put_nfs4_file(fp);
3809 return ret;
3810 }
3811
nfsd4_cb_recall_prepare(struct nfsd4_callback * cb)3812 static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb)
3813 {
3814 struct nfs4_delegation *dp = cb_to_delegation(cb);
3815 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net,
3816 nfsd_net_id);
3817
3818 block_delegations(&dp->dl_stid.sc_file->fi_fhandle);
3819
3820 /*
3821 * We can't do this in nfsd_break_deleg_cb because it is
3822 * already holding inode->i_lock.
3823 *
3824 * If the dl_time != 0, then we know that it has already been
3825 * queued for a lease break. Don't queue it again.
3826 */
3827 spin_lock(&state_lock);
3828 if (dp->dl_time == 0) {
3829 dp->dl_time = get_seconds();
3830 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru);
3831 }
3832 spin_unlock(&state_lock);
3833 }
3834
nfsd4_cb_recall_done(struct nfsd4_callback * cb,struct rpc_task * task)3835 static int nfsd4_cb_recall_done(struct nfsd4_callback *cb,
3836 struct rpc_task *task)
3837 {
3838 struct nfs4_delegation *dp = cb_to_delegation(cb);
3839
3840 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID)
3841 return 1;
3842
3843 switch (task->tk_status) {
3844 case 0:
3845 return 1;
3846 case -EBADHANDLE:
3847 case -NFS4ERR_BAD_STATEID:
3848 /*
3849 * Race: client probably got cb_recall before open reply
3850 * granting delegation.
3851 */
3852 if (dp->dl_retries--) {
3853 rpc_delay(task, 2 * HZ);
3854 return 0;
3855 }
3856 /*FALLTHRU*/
3857 default:
3858 return -1;
3859 }
3860 }
3861
nfsd4_cb_recall_release(struct nfsd4_callback * cb)3862 static void nfsd4_cb_recall_release(struct nfsd4_callback *cb)
3863 {
3864 struct nfs4_delegation *dp = cb_to_delegation(cb);
3865
3866 nfs4_put_stid(&dp->dl_stid);
3867 }
3868
3869 static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = {
3870 .prepare = nfsd4_cb_recall_prepare,
3871 .done = nfsd4_cb_recall_done,
3872 .release = nfsd4_cb_recall_release,
3873 };
3874
nfsd_break_one_deleg(struct nfs4_delegation * dp)3875 static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
3876 {
3877 /*
3878 * We're assuming the state code never drops its reference
3879 * without first removing the lease. Since we're in this lease
3880 * callback (and since the lease code is serialized by the kernel
3881 * lock) we know the server hasn't removed the lease yet, we know
3882 * it's safe to take a reference.
3883 */
3884 atomic_inc(&dp->dl_stid.sc_count);
3885 nfsd4_run_cb(&dp->dl_recall);
3886 }
3887
3888 /* Called from break_lease() with i_lock held. */
3889 static bool
nfsd_break_deleg_cb(struct file_lock * fl)3890 nfsd_break_deleg_cb(struct file_lock *fl)
3891 {
3892 bool ret = false;
3893 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
3894 struct nfs4_delegation *dp;
3895
3896 if (!fp) {
3897 WARN(1, "(%p)->fl_owner NULL\n", fl);
3898 return ret;
3899 }
3900 if (fp->fi_had_conflict) {
3901 WARN(1, "duplicate break on %p\n", fp);
3902 return ret;
3903 }
3904 /*
3905 * We don't want the locks code to timeout the lease for us;
3906 * we'll remove it ourself if a delegation isn't returned
3907 * in time:
3908 */
3909 fl->fl_break_time = 0;
3910
3911 spin_lock(&fp->fi_lock);
3912 fp->fi_had_conflict = true;
3913 /*
3914 * If there are no delegations on the list, then return true
3915 * so that the lease code will go ahead and delete it.
3916 */
3917 if (list_empty(&fp->fi_delegations))
3918 ret = true;
3919 else
3920 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
3921 nfsd_break_one_deleg(dp);
3922 spin_unlock(&fp->fi_lock);
3923 return ret;
3924 }
3925
3926 static int
nfsd_change_deleg_cb(struct file_lock * onlist,int arg,struct list_head * dispose)3927 nfsd_change_deleg_cb(struct file_lock *onlist, int arg,
3928 struct list_head *dispose)
3929 {
3930 if (arg & F_UNLCK)
3931 return lease_modify(onlist, arg, dispose);
3932 else
3933 return -EAGAIN;
3934 }
3935
3936 static const struct lock_manager_operations nfsd_lease_mng_ops = {
3937 .lm_break = nfsd_break_deleg_cb,
3938 .lm_change = nfsd_change_deleg_cb,
3939 };
3940
nfsd4_check_seqid(struct nfsd4_compound_state * cstate,struct nfs4_stateowner * so,u32 seqid)3941 static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
3942 {
3943 if (nfsd4_has_session(cstate))
3944 return nfs_ok;
3945 if (seqid == so->so_seqid - 1)
3946 return nfserr_replay_me;
3947 if (seqid == so->so_seqid)
3948 return nfs_ok;
3949 return nfserr_bad_seqid;
3950 }
3951
lookup_clientid(clientid_t * clid,struct nfsd4_compound_state * cstate,struct nfsd_net * nn)3952 static __be32 lookup_clientid(clientid_t *clid,
3953 struct nfsd4_compound_state *cstate,
3954 struct nfsd_net *nn)
3955 {
3956 struct nfs4_client *found;
3957
3958 if (cstate->clp) {
3959 found = cstate->clp;
3960 if (!same_clid(&found->cl_clientid, clid))
3961 return nfserr_stale_clientid;
3962 return nfs_ok;
3963 }
3964
3965 if (STALE_CLIENTID(clid, nn))
3966 return nfserr_stale_clientid;
3967
3968 /*
3969 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one
3970 * cached already then we know this is for is for v4.0 and "sessions"
3971 * will be false.
3972 */
3973 WARN_ON_ONCE(cstate->session);
3974 spin_lock(&nn->client_lock);
3975 found = find_confirmed_client(clid, false, nn);
3976 if (!found) {
3977 spin_unlock(&nn->client_lock);
3978 return nfserr_expired;
3979 }
3980 atomic_inc(&found->cl_refcount);
3981 spin_unlock(&nn->client_lock);
3982
3983 /* Cache the nfs4_client in cstate! */
3984 cstate->clp = found;
3985 return nfs_ok;
3986 }
3987
3988 __be32
nfsd4_process_open1(struct nfsd4_compound_state * cstate,struct nfsd4_open * open,struct nfsd_net * nn)3989 nfsd4_process_open1(struct nfsd4_compound_state *cstate,
3990 struct nfsd4_open *open, struct nfsd_net *nn)
3991 {
3992 clientid_t *clientid = &open->op_clientid;
3993 struct nfs4_client *clp = NULL;
3994 unsigned int strhashval;
3995 struct nfs4_openowner *oo = NULL;
3996 __be32 status;
3997
3998 if (STALE_CLIENTID(&open->op_clientid, nn))
3999 return nfserr_stale_clientid;
4000 /*
4001 * In case we need it later, after we've already created the
4002 * file and don't want to risk a further failure:
4003 */
4004 open->op_file = nfsd4_alloc_file();
4005 if (open->op_file == NULL)
4006 return nfserr_jukebox;
4007
4008 status = lookup_clientid(clientid, cstate, nn);
4009 if (status)
4010 return status;
4011 clp = cstate->clp;
4012
4013 strhashval = ownerstr_hashval(&open->op_owner);
4014 oo = find_openstateowner_str(strhashval, open, clp);
4015 open->op_openowner = oo;
4016 if (!oo) {
4017 goto new_owner;
4018 }
4019 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
4020 /* Replace unconfirmed owners without checking for replay. */
4021 release_openowner(oo);
4022 open->op_openowner = NULL;
4023 goto new_owner;
4024 }
4025 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
4026 if (status)
4027 return status;
4028 goto alloc_stateid;
4029 new_owner:
4030 oo = alloc_init_open_stateowner(strhashval, open, cstate);
4031 if (oo == NULL)
4032 return nfserr_jukebox;
4033 open->op_openowner = oo;
4034 alloc_stateid:
4035 open->op_stp = nfs4_alloc_open_stateid(clp);
4036 if (!open->op_stp)
4037 return nfserr_jukebox;
4038
4039 if (nfsd4_has_session(cstate) &&
4040 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) {
4041 open->op_odstate = alloc_clnt_odstate(clp);
4042 if (!open->op_odstate)
4043 return nfserr_jukebox;
4044 }
4045
4046 return nfs_ok;
4047 }
4048
4049 static inline __be32
nfs4_check_delegmode(struct nfs4_delegation * dp,int flags)4050 nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
4051 {
4052 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
4053 return nfserr_openmode;
4054 else
4055 return nfs_ok;
4056 }
4057
share_access_to_flags(u32 share_access)4058 static int share_access_to_flags(u32 share_access)
4059 {
4060 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
4061 }
4062
find_deleg_stateid(struct nfs4_client * cl,stateid_t * s)4063 static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
4064 {
4065 struct nfs4_stid *ret;
4066
4067 ret = find_stateid_by_type(cl, s,
4068 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID);
4069 if (!ret)
4070 return NULL;
4071 return delegstateid(ret);
4072 }
4073
nfsd4_is_deleg_cur(struct nfsd4_open * open)4074 static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
4075 {
4076 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
4077 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
4078 }
4079
4080 static __be32
nfs4_check_deleg(struct nfs4_client * cl,struct nfsd4_open * open,struct nfs4_delegation ** dp)4081 nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open,
4082 struct nfs4_delegation **dp)
4083 {
4084 int flags;
4085 __be32 status = nfserr_bad_stateid;
4086 struct nfs4_delegation *deleg;
4087
4088 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid);
4089 if (deleg == NULL)
4090 goto out;
4091 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) {
4092 nfs4_put_stid(&deleg->dl_stid);
4093 if (cl->cl_minorversion)
4094 status = nfserr_deleg_revoked;
4095 goto out;
4096 }
4097 flags = share_access_to_flags(open->op_share_access);
4098 status = nfs4_check_delegmode(deleg, flags);
4099 if (status) {
4100 nfs4_put_stid(&deleg->dl_stid);
4101 goto out;
4102 }
4103 *dp = deleg;
4104 out:
4105 if (!nfsd4_is_deleg_cur(open))
4106 return nfs_ok;
4107 if (status)
4108 return status;
4109 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
4110 return nfs_ok;
4111 }
4112
nfs4_access_to_access(u32 nfs4_access)4113 static inline int nfs4_access_to_access(u32 nfs4_access)
4114 {
4115 int flags = 0;
4116
4117 if (nfs4_access & NFS4_SHARE_ACCESS_READ)
4118 flags |= NFSD_MAY_READ;
4119 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
4120 flags |= NFSD_MAY_WRITE;
4121 return flags;
4122 }
4123
4124 static inline __be32
nfsd4_truncate(struct svc_rqst * rqstp,struct svc_fh * fh,struct nfsd4_open * open)4125 nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
4126 struct nfsd4_open *open)
4127 {
4128 struct iattr iattr = {
4129 .ia_valid = ATTR_SIZE,
4130 .ia_size = 0,
4131 };
4132 if (!open->op_truncate)
4133 return 0;
4134 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
4135 return nfserr_inval;
4136 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
4137 }
4138
nfs4_get_vfs_file(struct svc_rqst * rqstp,struct nfs4_file * fp,struct svc_fh * cur_fh,struct nfs4_ol_stateid * stp,struct nfsd4_open * open)4139 static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
4140 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp,
4141 struct nfsd4_open *open)
4142 {
4143 struct file *filp = NULL;
4144 __be32 status;
4145 int oflag = nfs4_access_to_omode(open->op_share_access);
4146 int access = nfs4_access_to_access(open->op_share_access);
4147 unsigned char old_access_bmap, old_deny_bmap;
4148
4149 spin_lock(&fp->fi_lock);
4150
4151 /*
4152 * Are we trying to set a deny mode that would conflict with
4153 * current access?
4154 */
4155 status = nfs4_file_check_deny(fp, open->op_share_deny);
4156 if (status != nfs_ok) {
4157 spin_unlock(&fp->fi_lock);
4158 goto out;
4159 }
4160
4161 /* set access to the file */
4162 status = nfs4_file_get_access(fp, open->op_share_access);
4163 if (status != nfs_ok) {
4164 spin_unlock(&fp->fi_lock);
4165 goto out;
4166 }
4167
4168 /* Set access bits in stateid */
4169 old_access_bmap = stp->st_access_bmap;
4170 set_access(open->op_share_access, stp);
4171
4172 /* Set new deny mask */
4173 old_deny_bmap = stp->st_deny_bmap;
4174 set_deny(open->op_share_deny, stp);
4175 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
4176
4177 if (!fp->fi_fds[oflag]) {
4178 spin_unlock(&fp->fi_lock);
4179 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp);
4180 if (status)
4181 goto out_put_access;
4182 spin_lock(&fp->fi_lock);
4183 if (!fp->fi_fds[oflag]) {
4184 fp->fi_fds[oflag] = filp;
4185 filp = NULL;
4186 }
4187 }
4188 spin_unlock(&fp->fi_lock);
4189 if (filp)
4190 fput(filp);
4191
4192 status = nfsd4_truncate(rqstp, cur_fh, open);
4193 if (status)
4194 goto out_put_access;
4195 out:
4196 return status;
4197 out_put_access:
4198 stp->st_access_bmap = old_access_bmap;
4199 nfs4_file_put_access(fp, open->op_share_access);
4200 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp);
4201 goto out;
4202 }
4203
4204 static __be32
nfs4_upgrade_open(struct svc_rqst * rqstp,struct nfs4_file * fp,struct svc_fh * cur_fh,struct nfs4_ol_stateid * stp,struct nfsd4_open * open)4205 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
4206 {
4207 __be32 status;
4208 unsigned char old_deny_bmap = stp->st_deny_bmap;
4209
4210 if (!test_access(open->op_share_access, stp))
4211 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open);
4212
4213 /* test and set deny mode */
4214 spin_lock(&fp->fi_lock);
4215 status = nfs4_file_check_deny(fp, open->op_share_deny);
4216 if (status == nfs_ok) {
4217 set_deny(open->op_share_deny, stp);
4218 fp->fi_share_deny |=
4219 (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
4220 }
4221 spin_unlock(&fp->fi_lock);
4222
4223 if (status != nfs_ok)
4224 return status;
4225
4226 status = nfsd4_truncate(rqstp, cur_fh, open);
4227 if (status != nfs_ok)
4228 reset_union_bmap_deny(old_deny_bmap, stp);
4229 return status;
4230 }
4231
4232 /* Should we give out recallable state?: */
nfsd4_cb_channel_good(struct nfs4_client * clp)4233 static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
4234 {
4235 if (clp->cl_cb_state == NFSD4_CB_UP)
4236 return true;
4237 /*
4238 * In the sessions case, since we don't have to establish a
4239 * separate connection for callbacks, we assume it's OK
4240 * until we hear otherwise:
4241 */
4242 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
4243 }
4244
nfs4_alloc_init_lease(struct nfs4_file * fp,int flag)4245 static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag)
4246 {
4247 struct file_lock *fl;
4248
4249 fl = locks_alloc_lock();
4250 if (!fl)
4251 return NULL;
4252 fl->fl_lmops = &nfsd_lease_mng_ops;
4253 fl->fl_flags = FL_DELEG;
4254 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
4255 fl->fl_end = OFFSET_MAX;
4256 fl->fl_owner = (fl_owner_t)fp;
4257 fl->fl_pid = current->tgid;
4258 return fl;
4259 }
4260
4261 /**
4262 * nfs4_setlease - Obtain a delegation by requesting lease from vfs layer
4263 * @dp: a pointer to the nfs4_delegation we're adding.
4264 *
4265 * Return:
4266 * On success: Return code will be 0 on success.
4267 *
4268 * On error: -EAGAIN if there was an existing delegation.
4269 * nonzero if there is an error in other cases.
4270 *
4271 */
4272
nfs4_setlease(struct nfs4_delegation * dp)4273 static int nfs4_setlease(struct nfs4_delegation *dp)
4274 {
4275 struct nfs4_file *fp = dp->dl_stid.sc_file;
4276 struct file_lock *fl;
4277 struct file *filp;
4278 int status = 0;
4279
4280 fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ);
4281 if (!fl)
4282 return -ENOMEM;
4283 filp = find_readable_file(fp);
4284 if (!filp) {
4285 /* We should always have a readable file here */
4286 WARN_ON_ONCE(1);
4287 locks_free_lock(fl);
4288 return -EBADF;
4289 }
4290 fl->fl_file = filp;
4291 status = vfs_setlease(filp, fl->fl_type, &fl, NULL);
4292 if (fl)
4293 locks_free_lock(fl);
4294 if (status)
4295 goto out_fput;
4296 spin_lock(&state_lock);
4297 spin_lock(&fp->fi_lock);
4298 /* Did the lease get broken before we took the lock? */
4299 status = -EAGAIN;
4300 if (fp->fi_had_conflict)
4301 goto out_unlock;
4302 /* Race breaker */
4303 if (fp->fi_deleg_file) {
4304 status = hash_delegation_locked(dp, fp);
4305 goto out_unlock;
4306 }
4307 fp->fi_deleg_file = filp;
4308 fp->fi_delegees = 0;
4309 status = hash_delegation_locked(dp, fp);
4310 spin_unlock(&fp->fi_lock);
4311 spin_unlock(&state_lock);
4312 if (status) {
4313 /* Should never happen, this is a new fi_deleg_file */
4314 WARN_ON_ONCE(1);
4315 goto out_fput;
4316 }
4317 return 0;
4318 out_unlock:
4319 spin_unlock(&fp->fi_lock);
4320 spin_unlock(&state_lock);
4321 out_fput:
4322 fput(filp);
4323 return status;
4324 }
4325
4326 static struct nfs4_delegation *
nfs4_set_delegation(struct nfs4_client * clp,struct svc_fh * fh,struct nfs4_file * fp,struct nfs4_clnt_odstate * odstate)4327 nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh,
4328 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate)
4329 {
4330 int status;
4331 struct nfs4_delegation *dp;
4332
4333 if (fp->fi_had_conflict)
4334 return ERR_PTR(-EAGAIN);
4335
4336 spin_lock(&state_lock);
4337 spin_lock(&fp->fi_lock);
4338 status = nfs4_get_existing_delegation(clp, fp);
4339 spin_unlock(&fp->fi_lock);
4340 spin_unlock(&state_lock);
4341
4342 if (status)
4343 return ERR_PTR(status);
4344
4345 dp = alloc_init_deleg(clp, fh, odstate);
4346 if (!dp)
4347 return ERR_PTR(-ENOMEM);
4348
4349 get_nfs4_file(fp);
4350 spin_lock(&state_lock);
4351 spin_lock(&fp->fi_lock);
4352 dp->dl_stid.sc_file = fp;
4353 if (!fp->fi_deleg_file) {
4354 spin_unlock(&fp->fi_lock);
4355 spin_unlock(&state_lock);
4356 status = nfs4_setlease(dp);
4357 goto out;
4358 }
4359 if (fp->fi_had_conflict) {
4360 status = -EAGAIN;
4361 goto out_unlock;
4362 }
4363 status = hash_delegation_locked(dp, fp);
4364 out_unlock:
4365 spin_unlock(&fp->fi_lock);
4366 spin_unlock(&state_lock);
4367 out:
4368 if (status) {
4369 put_clnt_odstate(dp->dl_clnt_odstate);
4370 nfs4_put_stid(&dp->dl_stid);
4371 return ERR_PTR(status);
4372 }
4373 return dp;
4374 }
4375
nfsd4_open_deleg_none_ext(struct nfsd4_open * open,int status)4376 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
4377 {
4378 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4379 if (status == -EAGAIN)
4380 open->op_why_no_deleg = WND4_CONTENTION;
4381 else {
4382 open->op_why_no_deleg = WND4_RESOURCE;
4383 switch (open->op_deleg_want) {
4384 case NFS4_SHARE_WANT_READ_DELEG:
4385 case NFS4_SHARE_WANT_WRITE_DELEG:
4386 case NFS4_SHARE_WANT_ANY_DELEG:
4387 break;
4388 case NFS4_SHARE_WANT_CANCEL:
4389 open->op_why_no_deleg = WND4_CANCELLED;
4390 break;
4391 case NFS4_SHARE_WANT_NO_DELEG:
4392 WARN_ON_ONCE(1);
4393 }
4394 }
4395 }
4396
4397 /*
4398 * Attempt to hand out a delegation.
4399 *
4400 * Note we don't support write delegations, and won't until the vfs has
4401 * proper support for them.
4402 */
4403 static void
nfs4_open_delegation(struct svc_fh * fh,struct nfsd4_open * open,struct nfs4_ol_stateid * stp)4404 nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open,
4405 struct nfs4_ol_stateid *stp)
4406 {
4407 struct nfs4_delegation *dp;
4408 struct nfs4_openowner *oo = openowner(stp->st_stateowner);
4409 struct nfs4_client *clp = stp->st_stid.sc_client;
4410 int cb_up;
4411 int status = 0;
4412
4413 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
4414 open->op_recall = 0;
4415 switch (open->op_claim_type) {
4416 case NFS4_OPEN_CLAIM_PREVIOUS:
4417 if (!cb_up)
4418 open->op_recall = 1;
4419 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ)
4420 goto out_no_deleg;
4421 break;
4422 case NFS4_OPEN_CLAIM_NULL:
4423 case NFS4_OPEN_CLAIM_FH:
4424 /*
4425 * Let's not give out any delegations till everyone's
4426 * had the chance to reclaim theirs, *and* until
4427 * NLM locks have all been reclaimed:
4428 */
4429 if (locks_in_grace(clp->net))
4430 goto out_no_deleg;
4431 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
4432 goto out_no_deleg;
4433 /*
4434 * Also, if the file was opened for write or
4435 * create, there's a good chance the client's
4436 * about to write to it, resulting in an
4437 * immediate recall (since we don't support
4438 * write delegations):
4439 */
4440 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
4441 goto out_no_deleg;
4442 if (open->op_create == NFS4_OPEN_CREATE)
4443 goto out_no_deleg;
4444 break;
4445 default:
4446 goto out_no_deleg;
4447 }
4448 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate);
4449 if (IS_ERR(dp))
4450 goto out_no_deleg;
4451
4452 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
4453
4454 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
4455 STATEID_VAL(&dp->dl_stid.sc_stateid));
4456 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ;
4457 nfs4_put_stid(&dp->dl_stid);
4458 return;
4459 out_no_deleg:
4460 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE;
4461 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
4462 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) {
4463 dprintk("NFSD: WARNING: refusing delegation reclaim\n");
4464 open->op_recall = 1;
4465 }
4466
4467 /* 4.1 client asking for a delegation? */
4468 if (open->op_deleg_want)
4469 nfsd4_open_deleg_none_ext(open, status);
4470 return;
4471 }
4472
nfsd4_deleg_xgrade_none_ext(struct nfsd4_open * open,struct nfs4_delegation * dp)4473 static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
4474 struct nfs4_delegation *dp)
4475 {
4476 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
4477 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
4478 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4479 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
4480 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
4481 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
4482 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4483 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
4484 }
4485 /* Otherwise the client must be confused wanting a delegation
4486 * it already has, therefore we don't return
4487 * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
4488 */
4489 }
4490
4491 __be32
nfsd4_process_open2(struct svc_rqst * rqstp,struct svc_fh * current_fh,struct nfsd4_open * open)4492 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
4493 {
4494 struct nfsd4_compoundres *resp = rqstp->rq_resp;
4495 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
4496 struct nfs4_file *fp = NULL;
4497 struct nfs4_ol_stateid *stp = NULL;
4498 struct nfs4_delegation *dp = NULL;
4499 __be32 status;
4500 bool new_stp = false;
4501
4502 /*
4503 * Lookup file; if found, lookup stateid and check open request,
4504 * and check for delegations in the process of being recalled.
4505 * If not found, create the nfs4_file struct
4506 */
4507 fp = find_or_add_file(open->op_file, ¤t_fh->fh_handle);
4508 if (fp != open->op_file) {
4509 status = nfs4_check_deleg(cl, open, &dp);
4510 if (status)
4511 goto out;
4512 stp = nfsd4_find_and_lock_existing_open(fp, open);
4513 } else {
4514 open->op_file = NULL;
4515 status = nfserr_bad_stateid;
4516 if (nfsd4_is_deleg_cur(open))
4517 goto out;
4518 }
4519
4520 if (!stp) {
4521 stp = init_open_stateid(fp, open);
4522 if (!open->op_stp)
4523 new_stp = true;
4524 }
4525
4526 /*
4527 * OPEN the file, or upgrade an existing OPEN.
4528 * If truncate fails, the OPEN fails.
4529 *
4530 * stp is already locked.
4531 */
4532 if (!new_stp) {
4533 /* Stateid was found, this is an OPEN upgrade */
4534 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
4535 if (status) {
4536 mutex_unlock(&stp->st_mutex);
4537 goto out;
4538 }
4539 } else {
4540 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
4541 if (status) {
4542 stp->st_stid.sc_type = NFS4_CLOSED_STID;
4543 release_open_stateid(stp);
4544 mutex_unlock(&stp->st_mutex);
4545 goto out;
4546 }
4547
4548 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp,
4549 open->op_odstate);
4550 if (stp->st_clnt_odstate == open->op_odstate)
4551 open->op_odstate = NULL;
4552 }
4553
4554 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid);
4555 mutex_unlock(&stp->st_mutex);
4556
4557 if (nfsd4_has_session(&resp->cstate)) {
4558 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
4559 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4560 open->op_why_no_deleg = WND4_NOT_WANTED;
4561 goto nodeleg;
4562 }
4563 }
4564
4565 /*
4566 * Attempt to hand out a delegation. No error return, because the
4567 * OPEN succeeds even if we fail.
4568 */
4569 nfs4_open_delegation(current_fh, open, stp);
4570 nodeleg:
4571 status = nfs_ok;
4572
4573 dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
4574 STATEID_VAL(&stp->st_stid.sc_stateid));
4575 out:
4576 /* 4.1 client trying to upgrade/downgrade delegation? */
4577 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
4578 open->op_deleg_want)
4579 nfsd4_deleg_xgrade_none_ext(open, dp);
4580
4581 if (fp)
4582 put_nfs4_file(fp);
4583 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
4584 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
4585 /*
4586 * To finish the open response, we just need to set the rflags.
4587 */
4588 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
4589 if (nfsd4_has_session(&resp->cstate))
4590 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK;
4591 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED))
4592 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
4593
4594 if (dp)
4595 nfs4_put_stid(&dp->dl_stid);
4596 if (stp)
4597 nfs4_put_stid(&stp->st_stid);
4598
4599 return status;
4600 }
4601
nfsd4_cleanup_open_state(struct nfsd4_compound_state * cstate,struct nfsd4_open * open)4602 void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate,
4603 struct nfsd4_open *open)
4604 {
4605 if (open->op_openowner) {
4606 struct nfs4_stateowner *so = &open->op_openowner->oo_owner;
4607
4608 nfsd4_cstate_assign_replay(cstate, so);
4609 nfs4_put_stateowner(so);
4610 }
4611 if (open->op_file)
4612 kmem_cache_free(file_slab, open->op_file);
4613 if (open->op_stp)
4614 nfs4_put_stid(&open->op_stp->st_stid);
4615 if (open->op_odstate)
4616 kmem_cache_free(odstate_slab, open->op_odstate);
4617 }
4618
4619 __be32
nfsd4_renew(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,clientid_t * clid)4620 nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4621 clientid_t *clid)
4622 {
4623 struct nfs4_client *clp;
4624 __be32 status;
4625 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
4626
4627 dprintk("process_renew(%08x/%08x): starting\n",
4628 clid->cl_boot, clid->cl_id);
4629 status = lookup_clientid(clid, cstate, nn);
4630 if (status)
4631 goto out;
4632 clp = cstate->clp;
4633 status = nfserr_cb_path_down;
4634 if (!list_empty(&clp->cl_delegations)
4635 && clp->cl_cb_state != NFSD4_CB_UP)
4636 goto out;
4637 status = nfs_ok;
4638 out:
4639 return status;
4640 }
4641
4642 void
nfsd4_end_grace(struct nfsd_net * nn)4643 nfsd4_end_grace(struct nfsd_net *nn)
4644 {
4645 /* do nothing if grace period already ended */
4646 if (nn->grace_ended)
4647 return;
4648
4649 dprintk("NFSD: end of grace period\n");
4650 nn->grace_ended = true;
4651 /*
4652 * If the server goes down again right now, an NFSv4
4653 * client will still be allowed to reclaim after it comes back up,
4654 * even if it hasn't yet had a chance to reclaim state this time.
4655 *
4656 */
4657 nfsd4_record_grace_done(nn);
4658 /*
4659 * At this point, NFSv4 clients can still reclaim. But if the
4660 * server crashes, any that have not yet reclaimed will be out
4661 * of luck on the next boot.
4662 *
4663 * (NFSv4.1+ clients are considered to have reclaimed once they
4664 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to
4665 * have reclaimed after their first OPEN.)
4666 */
4667 locks_end_grace(&nn->nfsd4_manager);
4668 /*
4669 * At this point, and once lockd and/or any other containers
4670 * exit their grace period, further reclaims will fail and
4671 * regular locking can resume.
4672 */
4673 }
4674
4675 static time_t
nfs4_laundromat(struct nfsd_net * nn)4676 nfs4_laundromat(struct nfsd_net *nn)
4677 {
4678 struct nfs4_client *clp;
4679 struct nfs4_openowner *oo;
4680 struct nfs4_delegation *dp;
4681 struct nfs4_ol_stateid *stp;
4682 struct nfsd4_blocked_lock *nbl;
4683 struct list_head *pos, *next, reaplist;
4684 time_t cutoff = get_seconds() - nn->nfsd4_lease;
4685 time_t t, new_timeo = nn->nfsd4_lease;
4686
4687 dprintk("NFSD: laundromat service - starting\n");
4688 nfsd4_end_grace(nn);
4689 INIT_LIST_HEAD(&reaplist);
4690 spin_lock(&nn->client_lock);
4691 list_for_each_safe(pos, next, &nn->client_lru) {
4692 clp = list_entry(pos, struct nfs4_client, cl_lru);
4693 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
4694 t = clp->cl_time - cutoff;
4695 new_timeo = min(new_timeo, t);
4696 break;
4697 }
4698 if (mark_client_expired_locked(clp)) {
4699 dprintk("NFSD: client in use (clientid %08x)\n",
4700 clp->cl_clientid.cl_id);
4701 continue;
4702 }
4703 list_add(&clp->cl_lru, &reaplist);
4704 }
4705 spin_unlock(&nn->client_lock);
4706 list_for_each_safe(pos, next, &reaplist) {
4707 clp = list_entry(pos, struct nfs4_client, cl_lru);
4708 dprintk("NFSD: purging unused client (clientid %08x)\n",
4709 clp->cl_clientid.cl_id);
4710 list_del_init(&clp->cl_lru);
4711 expire_client(clp);
4712 }
4713 spin_lock(&state_lock);
4714 list_for_each_safe(pos, next, &nn->del_recall_lru) {
4715 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4716 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
4717 t = dp->dl_time - cutoff;
4718 new_timeo = min(new_timeo, t);
4719 break;
4720 }
4721 WARN_ON(!unhash_delegation_locked(dp));
4722 list_add(&dp->dl_recall_lru, &reaplist);
4723 }
4724 spin_unlock(&state_lock);
4725 while (!list_empty(&reaplist)) {
4726 dp = list_first_entry(&reaplist, struct nfs4_delegation,
4727 dl_recall_lru);
4728 list_del_init(&dp->dl_recall_lru);
4729 revoke_delegation(dp);
4730 }
4731
4732 spin_lock(&nn->client_lock);
4733 while (!list_empty(&nn->close_lru)) {
4734 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner,
4735 oo_close_lru);
4736 if (time_after((unsigned long)oo->oo_time,
4737 (unsigned long)cutoff)) {
4738 t = oo->oo_time - cutoff;
4739 new_timeo = min(new_timeo, t);
4740 break;
4741 }
4742 list_del_init(&oo->oo_close_lru);
4743 stp = oo->oo_last_closed_stid;
4744 oo->oo_last_closed_stid = NULL;
4745 spin_unlock(&nn->client_lock);
4746 nfs4_put_stid(&stp->st_stid);
4747 spin_lock(&nn->client_lock);
4748 }
4749 spin_unlock(&nn->client_lock);
4750
4751 /*
4752 * It's possible for a client to try and acquire an already held lock
4753 * that is being held for a long time, and then lose interest in it.
4754 * So, we clean out any un-revisited request after a lease period
4755 * under the assumption that the client is no longer interested.
4756 *
4757 * RFC5661, sec. 9.6 states that the client must not rely on getting
4758 * notifications and must continue to poll for locks, even when the
4759 * server supports them. Thus this shouldn't lead to clients blocking
4760 * indefinitely once the lock does become free.
4761 */
4762 BUG_ON(!list_empty(&reaplist));
4763 spin_lock(&nn->blocked_locks_lock);
4764 while (!list_empty(&nn->blocked_locks_lru)) {
4765 nbl = list_first_entry(&nn->blocked_locks_lru,
4766 struct nfsd4_blocked_lock, nbl_lru);
4767 if (time_after((unsigned long)nbl->nbl_time,
4768 (unsigned long)cutoff)) {
4769 t = nbl->nbl_time - cutoff;
4770 new_timeo = min(new_timeo, t);
4771 break;
4772 }
4773 list_move(&nbl->nbl_lru, &reaplist);
4774 list_del_init(&nbl->nbl_list);
4775 }
4776 spin_unlock(&nn->blocked_locks_lock);
4777
4778 while (!list_empty(&reaplist)) {
4779 nbl = list_first_entry(&reaplist,
4780 struct nfsd4_blocked_lock, nbl_lru);
4781 list_del_init(&nbl->nbl_lru);
4782 posix_unblock_lock(&nbl->nbl_lock);
4783 free_blocked_lock(nbl);
4784 }
4785
4786 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT);
4787 return new_timeo;
4788 }
4789
4790 static struct workqueue_struct *laundry_wq;
4791 static void laundromat_main(struct work_struct *);
4792
4793 static void
laundromat_main(struct work_struct * laundry)4794 laundromat_main(struct work_struct *laundry)
4795 {
4796 time_t t;
4797 struct delayed_work *dwork = to_delayed_work(laundry);
4798 struct nfsd_net *nn = container_of(dwork, struct nfsd_net,
4799 laundromat_work);
4800
4801 t = nfs4_laundromat(nn);
4802 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
4803 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ);
4804 }
4805
nfs4_check_fh(struct svc_fh * fhp,struct nfs4_stid * stp)4806 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp)
4807 {
4808 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle))
4809 return nfserr_bad_stateid;
4810 return nfs_ok;
4811 }
4812
4813 static inline int
access_permit_read(struct nfs4_ol_stateid * stp)4814 access_permit_read(struct nfs4_ol_stateid *stp)
4815 {
4816 return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
4817 test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
4818 test_access(NFS4_SHARE_ACCESS_WRITE, stp);
4819 }
4820
4821 static inline int
access_permit_write(struct nfs4_ol_stateid * stp)4822 access_permit_write(struct nfs4_ol_stateid *stp)
4823 {
4824 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
4825 test_access(NFS4_SHARE_ACCESS_BOTH, stp);
4826 }
4827
4828 static
nfs4_check_openmode(struct nfs4_ol_stateid * stp,int flags)4829 __be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
4830 {
4831 __be32 status = nfserr_openmode;
4832
4833 /* For lock stateid's, we test the parent open, not the lock: */
4834 if (stp->st_openstp)
4835 stp = stp->st_openstp;
4836 if ((flags & WR_STATE) && !access_permit_write(stp))
4837 goto out;
4838 if ((flags & RD_STATE) && !access_permit_read(stp))
4839 goto out;
4840 status = nfs_ok;
4841 out:
4842 return status;
4843 }
4844
4845 static inline __be32
check_special_stateids(struct net * net,svc_fh * current_fh,stateid_t * stateid,int flags)4846 check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
4847 {
4848 if (ONE_STATEID(stateid) && (flags & RD_STATE))
4849 return nfs_ok;
4850 else if (opens_in_grace(net)) {
4851 /* Answer in remaining cases depends on existence of
4852 * conflicting state; so we must wait out the grace period. */
4853 return nfserr_grace;
4854 } else if (flags & WR_STATE)
4855 return nfs4_share_conflict(current_fh,
4856 NFS4_SHARE_DENY_WRITE);
4857 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
4858 return nfs4_share_conflict(current_fh,
4859 NFS4_SHARE_DENY_READ);
4860 }
4861
4862 /*
4863 * Allow READ/WRITE during grace period on recovered state only for files
4864 * that are not able to provide mandatory locking.
4865 */
4866 static inline int
grace_disallows_io(struct net * net,struct inode * inode)4867 grace_disallows_io(struct net *net, struct inode *inode)
4868 {
4869 return opens_in_grace(net) && mandatory_lock(inode);
4870 }
4871
check_stateid_generation(stateid_t * in,stateid_t * ref,bool has_session)4872 static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
4873 {
4874 /*
4875 * When sessions are used the stateid generation number is ignored
4876 * when it is zero.
4877 */
4878 if (has_session && in->si_generation == 0)
4879 return nfs_ok;
4880
4881 if (in->si_generation == ref->si_generation)
4882 return nfs_ok;
4883
4884 /* If the client sends us a stateid from the future, it's buggy: */
4885 if (nfsd4_stateid_generation_after(in, ref))
4886 return nfserr_bad_stateid;
4887 /*
4888 * However, we could see a stateid from the past, even from a
4889 * non-buggy client. For example, if the client sends a lock
4890 * while some IO is outstanding, the lock may bump si_generation
4891 * while the IO is still in flight. The client could avoid that
4892 * situation by waiting for responses on all the IO requests,
4893 * but better performance may result in retrying IO that
4894 * receives an old_stateid error if requests are rarely
4895 * reordered in flight:
4896 */
4897 return nfserr_old_stateid;
4898 }
4899
nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid * ols)4900 static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols)
4901 {
4902 if (ols->st_stateowner->so_is_open_owner &&
4903 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
4904 return nfserr_bad_stateid;
4905 return nfs_ok;
4906 }
4907
nfsd4_validate_stateid(struct nfs4_client * cl,stateid_t * stateid)4908 static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
4909 {
4910 struct nfs4_stid *s;
4911 __be32 status = nfserr_bad_stateid;
4912
4913 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) ||
4914 CLOSE_STATEID(stateid))
4915 return status;
4916 /* Client debugging aid. */
4917 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
4918 char addr_str[INET6_ADDRSTRLEN];
4919 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
4920 sizeof(addr_str));
4921 pr_warn_ratelimited("NFSD: client %s testing state ID "
4922 "with incorrect client ID\n", addr_str);
4923 return status;
4924 }
4925 spin_lock(&cl->cl_lock);
4926 s = find_stateid_locked(cl, stateid);
4927 if (!s)
4928 goto out_unlock;
4929 status = check_stateid_generation(stateid, &s->sc_stateid, 1);
4930 if (status)
4931 goto out_unlock;
4932 switch (s->sc_type) {
4933 case NFS4_DELEG_STID:
4934 status = nfs_ok;
4935 break;
4936 case NFS4_REVOKED_DELEG_STID:
4937 status = nfserr_deleg_revoked;
4938 break;
4939 case NFS4_OPEN_STID:
4940 case NFS4_LOCK_STID:
4941 status = nfsd4_check_openowner_confirmed(openlockstateid(s));
4942 break;
4943 default:
4944 printk("unknown stateid type %x\n", s->sc_type);
4945 /* Fallthrough */
4946 case NFS4_CLOSED_STID:
4947 case NFS4_CLOSED_DELEG_STID:
4948 status = nfserr_bad_stateid;
4949 }
4950 out_unlock:
4951 spin_unlock(&cl->cl_lock);
4952 return status;
4953 }
4954
4955 __be32
nfsd4_lookup_stateid(struct nfsd4_compound_state * cstate,stateid_t * stateid,unsigned char typemask,struct nfs4_stid ** s,struct nfsd_net * nn)4956 nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate,
4957 stateid_t *stateid, unsigned char typemask,
4958 struct nfs4_stid **s, struct nfsd_net *nn)
4959 {
4960 __be32 status;
4961 bool return_revoked = false;
4962
4963 /*
4964 * only return revoked delegations if explicitly asked.
4965 * otherwise we report revoked or bad_stateid status.
4966 */
4967 if (typemask & NFS4_REVOKED_DELEG_STID)
4968 return_revoked = true;
4969 else if (typemask & NFS4_DELEG_STID)
4970 typemask |= NFS4_REVOKED_DELEG_STID;
4971
4972 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) ||
4973 CLOSE_STATEID(stateid))
4974 return nfserr_bad_stateid;
4975 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn);
4976 if (status == nfserr_stale_clientid) {
4977 if (cstate->session)
4978 return nfserr_bad_stateid;
4979 return nfserr_stale_stateid;
4980 }
4981 if (status)
4982 return status;
4983 *s = find_stateid_by_type(cstate->clp, stateid, typemask);
4984 if (!*s)
4985 return nfserr_bad_stateid;
4986 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) {
4987 nfs4_put_stid(*s);
4988 if (cstate->minorversion)
4989 return nfserr_deleg_revoked;
4990 return nfserr_bad_stateid;
4991 }
4992 return nfs_ok;
4993 }
4994
4995 static struct file *
nfs4_find_file(struct nfs4_stid * s,int flags)4996 nfs4_find_file(struct nfs4_stid *s, int flags)
4997 {
4998 if (!s)
4999 return NULL;
5000
5001 switch (s->sc_type) {
5002 case NFS4_DELEG_STID:
5003 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file))
5004 return NULL;
5005 return get_file(s->sc_file->fi_deleg_file);
5006 case NFS4_OPEN_STID:
5007 case NFS4_LOCK_STID:
5008 if (flags & RD_STATE)
5009 return find_readable_file(s->sc_file);
5010 else
5011 return find_writeable_file(s->sc_file);
5012 break;
5013 }
5014
5015 return NULL;
5016 }
5017
5018 static __be32
nfs4_check_olstateid(struct svc_fh * fhp,struct nfs4_ol_stateid * ols,int flags)5019 nfs4_check_olstateid(struct svc_fh *fhp, struct nfs4_ol_stateid *ols, int flags)
5020 {
5021 __be32 status;
5022
5023 status = nfsd4_check_openowner_confirmed(ols);
5024 if (status)
5025 return status;
5026 return nfs4_check_openmode(ols, flags);
5027 }
5028
5029 static __be32
nfs4_check_file(struct svc_rqst * rqstp,struct svc_fh * fhp,struct nfs4_stid * s,struct file ** filpp,bool * tmp_file,int flags)5030 nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s,
5031 struct file **filpp, bool *tmp_file, int flags)
5032 {
5033 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE;
5034 struct file *file;
5035 __be32 status;
5036
5037 file = nfs4_find_file(s, flags);
5038 if (file) {
5039 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry,
5040 acc | NFSD_MAY_OWNER_OVERRIDE);
5041 if (status) {
5042 fput(file);
5043 return status;
5044 }
5045
5046 *filpp = file;
5047 } else {
5048 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp);
5049 if (status)
5050 return status;
5051
5052 if (tmp_file)
5053 *tmp_file = true;
5054 }
5055
5056 return 0;
5057 }
5058
5059 /*
5060 * Checks for stateid operations
5061 */
5062 __be32
nfs4_preprocess_stateid_op(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct svc_fh * fhp,stateid_t * stateid,int flags,struct file ** filpp,bool * tmp_file)5063 nfs4_preprocess_stateid_op(struct svc_rqst *rqstp,
5064 struct nfsd4_compound_state *cstate, struct svc_fh *fhp,
5065 stateid_t *stateid, int flags, struct file **filpp, bool *tmp_file)
5066 {
5067 struct inode *ino = d_inode(fhp->fh_dentry);
5068 struct net *net = SVC_NET(rqstp);
5069 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5070 struct nfs4_stid *s = NULL;
5071 __be32 status;
5072
5073 if (filpp)
5074 *filpp = NULL;
5075 if (tmp_file)
5076 *tmp_file = false;
5077
5078 if (grace_disallows_io(net, ino))
5079 return nfserr_grace;
5080
5081 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) {
5082 status = check_special_stateids(net, fhp, stateid, flags);
5083 goto done;
5084 }
5085
5086 status = nfsd4_lookup_stateid(cstate, stateid,
5087 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
5088 &s, nn);
5089 if (status)
5090 return status;
5091 status = check_stateid_generation(stateid, &s->sc_stateid,
5092 nfsd4_has_session(cstate));
5093 if (status)
5094 goto out;
5095
5096 switch (s->sc_type) {
5097 case NFS4_DELEG_STID:
5098 status = nfs4_check_delegmode(delegstateid(s), flags);
5099 break;
5100 case NFS4_OPEN_STID:
5101 case NFS4_LOCK_STID:
5102 status = nfs4_check_olstateid(fhp, openlockstateid(s), flags);
5103 break;
5104 default:
5105 status = nfserr_bad_stateid;
5106 break;
5107 }
5108 if (status)
5109 goto out;
5110 status = nfs4_check_fh(fhp, s);
5111
5112 done:
5113 if (!status && filpp)
5114 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags);
5115 out:
5116 if (s)
5117 nfs4_put_stid(s);
5118 return status;
5119 }
5120
5121 /*
5122 * Test if the stateid is valid
5123 */
5124 __be32
nfsd4_test_stateid(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_test_stateid * test_stateid)5125 nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5126 struct nfsd4_test_stateid *test_stateid)
5127 {
5128 struct nfsd4_test_stateid_id *stateid;
5129 struct nfs4_client *cl = cstate->session->se_client;
5130
5131 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
5132 stateid->ts_id_status =
5133 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
5134
5135 return nfs_ok;
5136 }
5137
5138 static __be32
nfsd4_free_lock_stateid(stateid_t * stateid,struct nfs4_stid * s)5139 nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s)
5140 {
5141 struct nfs4_ol_stateid *stp = openlockstateid(s);
5142 __be32 ret;
5143
5144 mutex_lock(&stp->st_mutex);
5145
5146 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
5147 if (ret)
5148 goto out;
5149
5150 ret = nfserr_locks_held;
5151 if (check_for_locks(stp->st_stid.sc_file,
5152 lockowner(stp->st_stateowner)))
5153 goto out;
5154
5155 release_lock_stateid(stp);
5156 ret = nfs_ok;
5157
5158 out:
5159 mutex_unlock(&stp->st_mutex);
5160 nfs4_put_stid(s);
5161 return ret;
5162 }
5163
5164 __be32
nfsd4_free_stateid(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_free_stateid * free_stateid)5165 nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5166 struct nfsd4_free_stateid *free_stateid)
5167 {
5168 stateid_t *stateid = &free_stateid->fr_stateid;
5169 struct nfs4_stid *s;
5170 struct nfs4_delegation *dp;
5171 struct nfs4_client *cl = cstate->session->se_client;
5172 __be32 ret = nfserr_bad_stateid;
5173
5174 spin_lock(&cl->cl_lock);
5175 s = find_stateid_locked(cl, stateid);
5176 if (!s)
5177 goto out_unlock;
5178 switch (s->sc_type) {
5179 case NFS4_DELEG_STID:
5180 ret = nfserr_locks_held;
5181 break;
5182 case NFS4_OPEN_STID:
5183 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
5184 if (ret)
5185 break;
5186 ret = nfserr_locks_held;
5187 break;
5188 case NFS4_LOCK_STID:
5189 atomic_inc(&s->sc_count);
5190 spin_unlock(&cl->cl_lock);
5191 ret = nfsd4_free_lock_stateid(stateid, s);
5192 goto out;
5193 case NFS4_REVOKED_DELEG_STID:
5194 dp = delegstateid(s);
5195 list_del_init(&dp->dl_recall_lru);
5196 spin_unlock(&cl->cl_lock);
5197 nfs4_put_stid(s);
5198 ret = nfs_ok;
5199 goto out;
5200 /* Default falls through and returns nfserr_bad_stateid */
5201 }
5202 out_unlock:
5203 spin_unlock(&cl->cl_lock);
5204 out:
5205 return ret;
5206 }
5207
5208 static inline int
setlkflg(int type)5209 setlkflg (int type)
5210 {
5211 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
5212 RD_STATE : WR_STATE;
5213 }
5214
nfs4_seqid_op_checks(struct nfsd4_compound_state * cstate,stateid_t * stateid,u32 seqid,struct nfs4_ol_stateid * stp)5215 static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
5216 {
5217 struct svc_fh *current_fh = &cstate->current_fh;
5218 struct nfs4_stateowner *sop = stp->st_stateowner;
5219 __be32 status;
5220
5221 status = nfsd4_check_seqid(cstate, sop, seqid);
5222 if (status)
5223 return status;
5224 status = nfsd4_lock_ol_stateid(stp);
5225 if (status != nfs_ok)
5226 return status;
5227 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
5228 if (status == nfs_ok)
5229 status = nfs4_check_fh(current_fh, &stp->st_stid);
5230 if (status != nfs_ok)
5231 mutex_unlock(&stp->st_mutex);
5232 return status;
5233 }
5234
5235 /*
5236 * Checks for sequence id mutating operations.
5237 */
5238 static __be32
nfs4_preprocess_seqid_op(struct nfsd4_compound_state * cstate,u32 seqid,stateid_t * stateid,char typemask,struct nfs4_ol_stateid ** stpp,struct nfsd_net * nn)5239 nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
5240 stateid_t *stateid, char typemask,
5241 struct nfs4_ol_stateid **stpp,
5242 struct nfsd_net *nn)
5243 {
5244 __be32 status;
5245 struct nfs4_stid *s;
5246 struct nfs4_ol_stateid *stp = NULL;
5247
5248 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
5249 seqid, STATEID_VAL(stateid));
5250
5251 *stpp = NULL;
5252 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn);
5253 if (status)
5254 return status;
5255 stp = openlockstateid(s);
5256 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner);
5257
5258 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp);
5259 if (!status)
5260 *stpp = stp;
5261 else
5262 nfs4_put_stid(&stp->st_stid);
5263 return status;
5264 }
5265
nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state * cstate,u32 seqid,stateid_t * stateid,struct nfs4_ol_stateid ** stpp,struct nfsd_net * nn)5266 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
5267 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn)
5268 {
5269 __be32 status;
5270 struct nfs4_openowner *oo;
5271 struct nfs4_ol_stateid *stp;
5272
5273 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
5274 NFS4_OPEN_STID, &stp, nn);
5275 if (status)
5276 return status;
5277 oo = openowner(stp->st_stateowner);
5278 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
5279 mutex_unlock(&stp->st_mutex);
5280 nfs4_put_stid(&stp->st_stid);
5281 return nfserr_bad_stateid;
5282 }
5283 *stpp = stp;
5284 return nfs_ok;
5285 }
5286
5287 __be32
nfsd4_open_confirm(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_open_confirm * oc)5288 nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5289 struct nfsd4_open_confirm *oc)
5290 {
5291 __be32 status;
5292 struct nfs4_openowner *oo;
5293 struct nfs4_ol_stateid *stp;
5294 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5295
5296 dprintk("NFSD: nfsd4_open_confirm on file %pd\n",
5297 cstate->current_fh.fh_dentry);
5298
5299 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
5300 if (status)
5301 return status;
5302
5303 status = nfs4_preprocess_seqid_op(cstate,
5304 oc->oc_seqid, &oc->oc_req_stateid,
5305 NFS4_OPEN_STID, &stp, nn);
5306 if (status)
5307 goto out;
5308 oo = openowner(stp->st_stateowner);
5309 status = nfserr_bad_stateid;
5310 if (oo->oo_flags & NFS4_OO_CONFIRMED) {
5311 mutex_unlock(&stp->st_mutex);
5312 goto put_stateid;
5313 }
5314 oo->oo_flags |= NFS4_OO_CONFIRMED;
5315 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid);
5316 mutex_unlock(&stp->st_mutex);
5317 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
5318 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
5319
5320 nfsd4_client_record_create(oo->oo_owner.so_client);
5321 status = nfs_ok;
5322 put_stateid:
5323 nfs4_put_stid(&stp->st_stid);
5324 out:
5325 nfsd4_bump_seqid(cstate, status);
5326 return status;
5327 }
5328
nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid * stp,u32 access)5329 static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
5330 {
5331 if (!test_access(access, stp))
5332 return;
5333 nfs4_file_put_access(stp->st_stid.sc_file, access);
5334 clear_access(access, stp);
5335 }
5336
nfs4_stateid_downgrade(struct nfs4_ol_stateid * stp,u32 to_access)5337 static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
5338 {
5339 switch (to_access) {
5340 case NFS4_SHARE_ACCESS_READ:
5341 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
5342 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
5343 break;
5344 case NFS4_SHARE_ACCESS_WRITE:
5345 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
5346 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
5347 break;
5348 case NFS4_SHARE_ACCESS_BOTH:
5349 break;
5350 default:
5351 WARN_ON_ONCE(1);
5352 }
5353 }
5354
5355 __be32
nfsd4_open_downgrade(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_open_downgrade * od)5356 nfsd4_open_downgrade(struct svc_rqst *rqstp,
5357 struct nfsd4_compound_state *cstate,
5358 struct nfsd4_open_downgrade *od)
5359 {
5360 __be32 status;
5361 struct nfs4_ol_stateid *stp;
5362 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5363
5364 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n",
5365 cstate->current_fh.fh_dentry);
5366
5367 /* We don't yet support WANT bits: */
5368 if (od->od_deleg_want)
5369 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
5370 od->od_deleg_want);
5371
5372 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
5373 &od->od_stateid, &stp, nn);
5374 if (status)
5375 goto out;
5376 status = nfserr_inval;
5377 if (!test_access(od->od_share_access, stp)) {
5378 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n",
5379 stp->st_access_bmap, od->od_share_access);
5380 goto put_stateid;
5381 }
5382 if (!test_deny(od->od_share_deny, stp)) {
5383 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n",
5384 stp->st_deny_bmap, od->od_share_deny);
5385 goto put_stateid;
5386 }
5387 nfs4_stateid_downgrade(stp, od->od_share_access);
5388 reset_union_bmap_deny(od->od_share_deny, stp);
5389 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid);
5390 status = nfs_ok;
5391 put_stateid:
5392 mutex_unlock(&stp->st_mutex);
5393 nfs4_put_stid(&stp->st_stid);
5394 out:
5395 nfsd4_bump_seqid(cstate, status);
5396 return status;
5397 }
5398
nfsd4_close_open_stateid(struct nfs4_ol_stateid * s)5399 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
5400 {
5401 struct nfs4_client *clp = s->st_stid.sc_client;
5402 bool unhashed;
5403 LIST_HEAD(reaplist);
5404
5405 spin_lock(&clp->cl_lock);
5406 unhashed = unhash_open_stateid(s, &reaplist);
5407
5408 if (clp->cl_minorversion) {
5409 if (unhashed)
5410 put_ol_stateid_locked(s, &reaplist);
5411 spin_unlock(&clp->cl_lock);
5412 free_ol_stateid_reaplist(&reaplist);
5413 } else {
5414 spin_unlock(&clp->cl_lock);
5415 free_ol_stateid_reaplist(&reaplist);
5416 if (unhashed)
5417 move_to_close_lru(s, clp->net);
5418 }
5419 }
5420
5421 /*
5422 * nfs4_unlock_state() called after encode
5423 */
5424 __be32
nfsd4_close(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_close * close)5425 nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5426 struct nfsd4_close *close)
5427 {
5428 __be32 status;
5429 struct nfs4_ol_stateid *stp;
5430 struct net *net = SVC_NET(rqstp);
5431 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5432
5433 dprintk("NFSD: nfsd4_close on file %pd\n",
5434 cstate->current_fh.fh_dentry);
5435
5436 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
5437 &close->cl_stateid,
5438 NFS4_OPEN_STID|NFS4_CLOSED_STID,
5439 &stp, nn);
5440 nfsd4_bump_seqid(cstate, status);
5441 if (status)
5442 goto out;
5443
5444 stp->st_stid.sc_type = NFS4_CLOSED_STID;
5445 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid);
5446
5447 nfsd4_close_open_stateid(stp);
5448 mutex_unlock(&stp->st_mutex);
5449
5450 /* See RFC5661 sectionm 18.2.4 */
5451 if (stp->st_stid.sc_client->cl_minorversion)
5452 memcpy(&close->cl_stateid, &close_stateid,
5453 sizeof(close->cl_stateid));
5454
5455 /* put reference from nfs4_preprocess_seqid_op */
5456 nfs4_put_stid(&stp->st_stid);
5457 out:
5458 return status;
5459 }
5460
5461 __be32
nfsd4_delegreturn(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_delegreturn * dr)5462 nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5463 struct nfsd4_delegreturn *dr)
5464 {
5465 struct nfs4_delegation *dp;
5466 stateid_t *stateid = &dr->dr_stateid;
5467 struct nfs4_stid *s;
5468 __be32 status;
5469 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5470
5471 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
5472 return status;
5473
5474 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn);
5475 if (status)
5476 goto out;
5477 dp = delegstateid(s);
5478 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
5479 if (status)
5480 goto put_stateid;
5481
5482 destroy_delegation(dp);
5483 put_stateid:
5484 nfs4_put_stid(&dp->dl_stid);
5485 out:
5486 return status;
5487 }
5488
5489 static inline u64
end_offset(u64 start,u64 len)5490 end_offset(u64 start, u64 len)
5491 {
5492 u64 end;
5493
5494 end = start + len;
5495 return end >= start ? end: NFS4_MAX_UINT64;
5496 }
5497
5498 /* last octet in a range */
5499 static inline u64
last_byte_offset(u64 start,u64 len)5500 last_byte_offset(u64 start, u64 len)
5501 {
5502 u64 end;
5503
5504 WARN_ON_ONCE(!len);
5505 end = start + len;
5506 return end > start ? end - 1: NFS4_MAX_UINT64;
5507 }
5508
5509 /*
5510 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
5511 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
5512 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit
5513 * locking, this prevents us from being completely protocol-compliant. The
5514 * real solution to this problem is to start using unsigned file offsets in
5515 * the VFS, but this is a very deep change!
5516 */
5517 static inline void
nfs4_transform_lock_offset(struct file_lock * lock)5518 nfs4_transform_lock_offset(struct file_lock *lock)
5519 {
5520 if (lock->fl_start < 0)
5521 lock->fl_start = OFFSET_MAX;
5522 if (lock->fl_end < 0)
5523 lock->fl_end = OFFSET_MAX;
5524 }
5525
5526 static fl_owner_t
nfsd4_fl_get_owner(fl_owner_t owner)5527 nfsd4_fl_get_owner(fl_owner_t owner)
5528 {
5529 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner;
5530
5531 nfs4_get_stateowner(&lo->lo_owner);
5532 return owner;
5533 }
5534
5535 static void
nfsd4_fl_put_owner(fl_owner_t owner)5536 nfsd4_fl_put_owner(fl_owner_t owner)
5537 {
5538 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner;
5539
5540 if (lo)
5541 nfs4_put_stateowner(&lo->lo_owner);
5542 }
5543
5544 static void
nfsd4_lm_notify(struct file_lock * fl)5545 nfsd4_lm_notify(struct file_lock *fl)
5546 {
5547 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner;
5548 struct net *net = lo->lo_owner.so_client->net;
5549 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5550 struct nfsd4_blocked_lock *nbl = container_of(fl,
5551 struct nfsd4_blocked_lock, nbl_lock);
5552 bool queue = false;
5553
5554 /* An empty list means that something else is going to be using it */
5555 spin_lock(&nn->blocked_locks_lock);
5556 if (!list_empty(&nbl->nbl_list)) {
5557 list_del_init(&nbl->nbl_list);
5558 list_del_init(&nbl->nbl_lru);
5559 queue = true;
5560 }
5561 spin_unlock(&nn->blocked_locks_lock);
5562
5563 if (queue)
5564 nfsd4_run_cb(&nbl->nbl_cb);
5565 }
5566
5567 static const struct lock_manager_operations nfsd_posix_mng_ops = {
5568 .lm_notify = nfsd4_lm_notify,
5569 .lm_get_owner = nfsd4_fl_get_owner,
5570 .lm_put_owner = nfsd4_fl_put_owner,
5571 };
5572
5573 static inline void
nfs4_set_lock_denied(struct file_lock * fl,struct nfsd4_lock_denied * deny)5574 nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
5575 {
5576 struct nfs4_lockowner *lo;
5577
5578 if (fl->fl_lmops == &nfsd_posix_mng_ops) {
5579 lo = (struct nfs4_lockowner *) fl->fl_owner;
5580 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
5581 lo->lo_owner.so_owner.len, GFP_KERNEL);
5582 if (!deny->ld_owner.data)
5583 /* We just don't care that much */
5584 goto nevermind;
5585 deny->ld_owner.len = lo->lo_owner.so_owner.len;
5586 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
5587 } else {
5588 nevermind:
5589 deny->ld_owner.len = 0;
5590 deny->ld_owner.data = NULL;
5591 deny->ld_clientid.cl_boot = 0;
5592 deny->ld_clientid.cl_id = 0;
5593 }
5594 deny->ld_start = fl->fl_start;
5595 deny->ld_length = NFS4_MAX_UINT64;
5596 if (fl->fl_end != NFS4_MAX_UINT64)
5597 deny->ld_length = fl->fl_end - fl->fl_start + 1;
5598 deny->ld_type = NFS4_READ_LT;
5599 if (fl->fl_type != F_RDLCK)
5600 deny->ld_type = NFS4_WRITE_LT;
5601 }
5602
5603 static struct nfs4_lockowner *
find_lockowner_str_locked(struct nfs4_client * clp,struct xdr_netobj * owner)5604 find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner)
5605 {
5606 unsigned int strhashval = ownerstr_hashval(owner);
5607 struct nfs4_stateowner *so;
5608
5609 lockdep_assert_held(&clp->cl_lock);
5610
5611 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval],
5612 so_strhash) {
5613 if (so->so_is_open_owner)
5614 continue;
5615 if (same_owner_str(so, owner))
5616 return lockowner(nfs4_get_stateowner(so));
5617 }
5618 return NULL;
5619 }
5620
5621 static struct nfs4_lockowner *
find_lockowner_str(struct nfs4_client * clp,struct xdr_netobj * owner)5622 find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner)
5623 {
5624 struct nfs4_lockowner *lo;
5625
5626 spin_lock(&clp->cl_lock);
5627 lo = find_lockowner_str_locked(clp, owner);
5628 spin_unlock(&clp->cl_lock);
5629 return lo;
5630 }
5631
nfs4_unhash_lockowner(struct nfs4_stateowner * sop)5632 static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop)
5633 {
5634 unhash_lockowner_locked(lockowner(sop));
5635 }
5636
nfs4_free_lockowner(struct nfs4_stateowner * sop)5637 static void nfs4_free_lockowner(struct nfs4_stateowner *sop)
5638 {
5639 struct nfs4_lockowner *lo = lockowner(sop);
5640
5641 kmem_cache_free(lockowner_slab, lo);
5642 }
5643
5644 static const struct nfs4_stateowner_operations lockowner_ops = {
5645 .so_unhash = nfs4_unhash_lockowner,
5646 .so_free = nfs4_free_lockowner,
5647 };
5648
5649 /*
5650 * Alloc a lock owner structure.
5651 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has
5652 * occurred.
5653 *
5654 * strhashval = ownerstr_hashval
5655 */
5656 static struct nfs4_lockowner *
alloc_init_lock_stateowner(unsigned int strhashval,struct nfs4_client * clp,struct nfs4_ol_stateid * open_stp,struct nfsd4_lock * lock)5657 alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp,
5658 struct nfs4_ol_stateid *open_stp,
5659 struct nfsd4_lock *lock)
5660 {
5661 struct nfs4_lockowner *lo, *ret;
5662
5663 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
5664 if (!lo)
5665 return NULL;
5666 INIT_LIST_HEAD(&lo->lo_blocked);
5667 INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
5668 lo->lo_owner.so_is_open_owner = 0;
5669 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid;
5670 lo->lo_owner.so_ops = &lockowner_ops;
5671 spin_lock(&clp->cl_lock);
5672 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner);
5673 if (ret == NULL) {
5674 list_add(&lo->lo_owner.so_strhash,
5675 &clp->cl_ownerstr_hashtbl[strhashval]);
5676 ret = lo;
5677 } else
5678 nfs4_free_stateowner(&lo->lo_owner);
5679
5680 spin_unlock(&clp->cl_lock);
5681 return ret;
5682 }
5683
5684 static void
init_lock_stateid(struct nfs4_ol_stateid * stp,struct nfs4_lockowner * lo,struct nfs4_file * fp,struct inode * inode,struct nfs4_ol_stateid * open_stp)5685 init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo,
5686 struct nfs4_file *fp, struct inode *inode,
5687 struct nfs4_ol_stateid *open_stp)
5688 {
5689 struct nfs4_client *clp = lo->lo_owner.so_client;
5690
5691 lockdep_assert_held(&clp->cl_lock);
5692
5693 atomic_inc(&stp->st_stid.sc_count);
5694 stp->st_stid.sc_type = NFS4_LOCK_STID;
5695 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner);
5696 get_nfs4_file(fp);
5697 stp->st_stid.sc_file = fp;
5698 stp->st_access_bmap = 0;
5699 stp->st_deny_bmap = open_stp->st_deny_bmap;
5700 stp->st_openstp = open_stp;
5701 mutex_init(&stp->st_mutex);
5702 list_add(&stp->st_locks, &open_stp->st_locks);
5703 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
5704 spin_lock(&fp->fi_lock);
5705 list_add(&stp->st_perfile, &fp->fi_stateids);
5706 spin_unlock(&fp->fi_lock);
5707 }
5708
5709 static struct nfs4_ol_stateid *
find_lock_stateid(struct nfs4_lockowner * lo,struct nfs4_file * fp)5710 find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp)
5711 {
5712 struct nfs4_ol_stateid *lst;
5713 struct nfs4_client *clp = lo->lo_owner.so_client;
5714
5715 lockdep_assert_held(&clp->cl_lock);
5716
5717 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) {
5718 if (lst->st_stid.sc_file == fp) {
5719 atomic_inc(&lst->st_stid.sc_count);
5720 return lst;
5721 }
5722 }
5723 return NULL;
5724 }
5725
5726 static struct nfs4_ol_stateid *
find_or_create_lock_stateid(struct nfs4_lockowner * lo,struct nfs4_file * fi,struct inode * inode,struct nfs4_ol_stateid * ost,bool * new)5727 find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi,
5728 struct inode *inode, struct nfs4_ol_stateid *ost,
5729 bool *new)
5730 {
5731 struct nfs4_stid *ns = NULL;
5732 struct nfs4_ol_stateid *lst;
5733 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
5734 struct nfs4_client *clp = oo->oo_owner.so_client;
5735
5736 spin_lock(&clp->cl_lock);
5737 lst = find_lock_stateid(lo, fi);
5738 if (lst == NULL) {
5739 spin_unlock(&clp->cl_lock);
5740 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid);
5741 if (ns == NULL)
5742 return NULL;
5743
5744 spin_lock(&clp->cl_lock);
5745 lst = find_lock_stateid(lo, fi);
5746 if (likely(!lst)) {
5747 lst = openlockstateid(ns);
5748 init_lock_stateid(lst, lo, fi, inode, ost);
5749 ns = NULL;
5750 *new = true;
5751 }
5752 }
5753 spin_unlock(&clp->cl_lock);
5754 if (ns)
5755 nfs4_put_stid(ns);
5756 return lst;
5757 }
5758
5759 static int
check_lock_length(u64 offset,u64 length)5760 check_lock_length(u64 offset, u64 length)
5761 {
5762 return ((length == 0) || ((length != NFS4_MAX_UINT64) &&
5763 (length > ~offset)));
5764 }
5765
get_lock_access(struct nfs4_ol_stateid * lock_stp,u32 access)5766 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
5767 {
5768 struct nfs4_file *fp = lock_stp->st_stid.sc_file;
5769
5770 lockdep_assert_held(&fp->fi_lock);
5771
5772 if (test_access(access, lock_stp))
5773 return;
5774 __nfs4_file_get_access(fp, access);
5775 set_access(access, lock_stp);
5776 }
5777
5778 static __be32
lookup_or_create_lock_state(struct nfsd4_compound_state * cstate,struct nfs4_ol_stateid * ost,struct nfsd4_lock * lock,struct nfs4_ol_stateid ** plst,bool * new)5779 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate,
5780 struct nfs4_ol_stateid *ost,
5781 struct nfsd4_lock *lock,
5782 struct nfs4_ol_stateid **plst, bool *new)
5783 {
5784 __be32 status;
5785 struct nfs4_file *fi = ost->st_stid.sc_file;
5786 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
5787 struct nfs4_client *cl = oo->oo_owner.so_client;
5788 struct inode *inode = d_inode(cstate->current_fh.fh_dentry);
5789 struct nfs4_lockowner *lo;
5790 struct nfs4_ol_stateid *lst;
5791 unsigned int strhashval;
5792 bool hashed;
5793
5794 lo = find_lockowner_str(cl, &lock->lk_new_owner);
5795 if (!lo) {
5796 strhashval = ownerstr_hashval(&lock->lk_new_owner);
5797 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
5798 if (lo == NULL)
5799 return nfserr_jukebox;
5800 } else {
5801 /* with an existing lockowner, seqids must be the same */
5802 status = nfserr_bad_seqid;
5803 if (!cstate->minorversion &&
5804 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid)
5805 goto out;
5806 }
5807
5808 retry:
5809 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new);
5810 if (lst == NULL) {
5811 status = nfserr_jukebox;
5812 goto out;
5813 }
5814
5815 mutex_lock(&lst->st_mutex);
5816
5817 /* See if it's still hashed to avoid race with FREE_STATEID */
5818 spin_lock(&cl->cl_lock);
5819 hashed = !list_empty(&lst->st_perfile);
5820 spin_unlock(&cl->cl_lock);
5821
5822 if (!hashed) {
5823 mutex_unlock(&lst->st_mutex);
5824 nfs4_put_stid(&lst->st_stid);
5825 goto retry;
5826 }
5827 status = nfs_ok;
5828 *plst = lst;
5829 out:
5830 nfs4_put_stateowner(&lo->lo_owner);
5831 return status;
5832 }
5833
5834 /*
5835 * LOCK operation
5836 */
5837 __be32
nfsd4_lock(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_lock * lock)5838 nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5839 struct nfsd4_lock *lock)
5840 {
5841 struct nfs4_openowner *open_sop = NULL;
5842 struct nfs4_lockowner *lock_sop = NULL;
5843 struct nfs4_ol_stateid *lock_stp = NULL;
5844 struct nfs4_ol_stateid *open_stp = NULL;
5845 struct nfs4_file *fp;
5846 struct file *filp = NULL;
5847 struct nfsd4_blocked_lock *nbl = NULL;
5848 struct file_lock *file_lock = NULL;
5849 struct file_lock *conflock = NULL;
5850 __be32 status = 0;
5851 int lkflg;
5852 int err;
5853 bool new = false;
5854 unsigned char fl_type;
5855 unsigned int fl_flags = FL_POSIX;
5856 struct net *net = SVC_NET(rqstp);
5857 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5858
5859 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
5860 (long long) lock->lk_offset,
5861 (long long) lock->lk_length);
5862
5863 if (check_lock_length(lock->lk_offset, lock->lk_length))
5864 return nfserr_inval;
5865
5866 if ((status = fh_verify(rqstp, &cstate->current_fh,
5867 S_IFREG, NFSD_MAY_LOCK))) {
5868 dprintk("NFSD: nfsd4_lock: permission denied!\n");
5869 return status;
5870 }
5871
5872 if (lock->lk_is_new) {
5873 if (nfsd4_has_session(cstate))
5874 /* See rfc 5661 18.10.3: given clientid is ignored: */
5875 memcpy(&lock->lk_new_clientid,
5876 &cstate->session->se_client->cl_clientid,
5877 sizeof(clientid_t));
5878
5879 status = nfserr_stale_clientid;
5880 if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
5881 goto out;
5882
5883 /* validate and update open stateid and open seqid */
5884 status = nfs4_preprocess_confirmed_seqid_op(cstate,
5885 lock->lk_new_open_seqid,
5886 &lock->lk_new_open_stateid,
5887 &open_stp, nn);
5888 if (status)
5889 goto out;
5890 mutex_unlock(&open_stp->st_mutex);
5891 open_sop = openowner(open_stp->st_stateowner);
5892 status = nfserr_bad_stateid;
5893 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
5894 &lock->lk_new_clientid))
5895 goto out;
5896 status = lookup_or_create_lock_state(cstate, open_stp, lock,
5897 &lock_stp, &new);
5898 } else {
5899 status = nfs4_preprocess_seqid_op(cstate,
5900 lock->lk_old_lock_seqid,
5901 &lock->lk_old_lock_stateid,
5902 NFS4_LOCK_STID, &lock_stp, nn);
5903 }
5904 if (status)
5905 goto out;
5906 lock_sop = lockowner(lock_stp->st_stateowner);
5907
5908 lkflg = setlkflg(lock->lk_type);
5909 status = nfs4_check_openmode(lock_stp, lkflg);
5910 if (status)
5911 goto out;
5912
5913 status = nfserr_grace;
5914 if (locks_in_grace(net) && !lock->lk_reclaim)
5915 goto out;
5916 status = nfserr_no_grace;
5917 if (!locks_in_grace(net) && lock->lk_reclaim)
5918 goto out;
5919
5920 fp = lock_stp->st_stid.sc_file;
5921 switch (lock->lk_type) {
5922 case NFS4_READW_LT:
5923 if (nfsd4_has_session(cstate))
5924 fl_flags |= FL_SLEEP;
5925 /* Fallthrough */
5926 case NFS4_READ_LT:
5927 spin_lock(&fp->fi_lock);
5928 filp = find_readable_file_locked(fp);
5929 if (filp)
5930 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
5931 spin_unlock(&fp->fi_lock);
5932 fl_type = F_RDLCK;
5933 break;
5934 case NFS4_WRITEW_LT:
5935 if (nfsd4_has_session(cstate))
5936 fl_flags |= FL_SLEEP;
5937 /* Fallthrough */
5938 case NFS4_WRITE_LT:
5939 spin_lock(&fp->fi_lock);
5940 filp = find_writeable_file_locked(fp);
5941 if (filp)
5942 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
5943 spin_unlock(&fp->fi_lock);
5944 fl_type = F_WRLCK;
5945 break;
5946 default:
5947 status = nfserr_inval;
5948 goto out;
5949 }
5950
5951 if (!filp) {
5952 status = nfserr_openmode;
5953 goto out;
5954 }
5955
5956 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn);
5957 if (!nbl) {
5958 dprintk("NFSD: %s: unable to allocate block!\n", __func__);
5959 status = nfserr_jukebox;
5960 goto out;
5961 }
5962
5963 file_lock = &nbl->nbl_lock;
5964 file_lock->fl_type = fl_type;
5965 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner));
5966 file_lock->fl_pid = current->tgid;
5967 file_lock->fl_file = filp;
5968 file_lock->fl_flags = fl_flags;
5969 file_lock->fl_lmops = &nfsd_posix_mng_ops;
5970 file_lock->fl_start = lock->lk_offset;
5971 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
5972 nfs4_transform_lock_offset(file_lock);
5973
5974 conflock = locks_alloc_lock();
5975 if (!conflock) {
5976 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5977 status = nfserr_jukebox;
5978 goto out;
5979 }
5980
5981 if (fl_flags & FL_SLEEP) {
5982 nbl->nbl_time = jiffies;
5983 spin_lock(&nn->blocked_locks_lock);
5984 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked);
5985 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru);
5986 spin_unlock(&nn->blocked_locks_lock);
5987 }
5988
5989 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock);
5990 switch (err) {
5991 case 0: /* success! */
5992 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid);
5993 status = 0;
5994 break;
5995 case FILE_LOCK_DEFERRED:
5996 nbl = NULL;
5997 /* Fallthrough */
5998 case -EAGAIN: /* conflock holds conflicting lock */
5999 status = nfserr_denied;
6000 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
6001 nfs4_set_lock_denied(conflock, &lock->lk_denied);
6002 break;
6003 case -EDEADLK:
6004 status = nfserr_deadlock;
6005 break;
6006 default:
6007 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
6008 status = nfserrno(err);
6009 break;
6010 }
6011 out:
6012 if (nbl) {
6013 /* dequeue it if we queued it before */
6014 if (fl_flags & FL_SLEEP) {
6015 spin_lock(&nn->blocked_locks_lock);
6016 list_del_init(&nbl->nbl_list);
6017 list_del_init(&nbl->nbl_lru);
6018 spin_unlock(&nn->blocked_locks_lock);
6019 }
6020 free_blocked_lock(nbl);
6021 }
6022 if (filp)
6023 fput(filp);
6024 if (lock_stp) {
6025 /* Bump seqid manually if the 4.0 replay owner is openowner */
6026 if (cstate->replay_owner &&
6027 cstate->replay_owner != &lock_sop->lo_owner &&
6028 seqid_mutating_err(ntohl(status)))
6029 lock_sop->lo_owner.so_seqid++;
6030
6031 mutex_unlock(&lock_stp->st_mutex);
6032
6033 /*
6034 * If this is a new, never-before-used stateid, and we are
6035 * returning an error, then just go ahead and release it.
6036 */
6037 if (status && new)
6038 release_lock_stateid(lock_stp);
6039
6040 nfs4_put_stid(&lock_stp->st_stid);
6041 }
6042 if (open_stp)
6043 nfs4_put_stid(&open_stp->st_stid);
6044 nfsd4_bump_seqid(cstate, status);
6045 if (conflock)
6046 locks_free_lock(conflock);
6047 return status;
6048 }
6049
6050 /*
6051 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
6052 * so we do a temporary open here just to get an open file to pass to
6053 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
6054 * inode operation.)
6055 */
nfsd_test_lock(struct svc_rqst * rqstp,struct svc_fh * fhp,struct file_lock * lock)6056 static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
6057 {
6058 struct file *file;
6059 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
6060 if (!err) {
6061 err = nfserrno(vfs_test_lock(file, lock));
6062 fput(file);
6063 }
6064 return err;
6065 }
6066
6067 /*
6068 * LOCKT operation
6069 */
6070 __be32
nfsd4_lockt(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_lockt * lockt)6071 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
6072 struct nfsd4_lockt *lockt)
6073 {
6074 struct file_lock *file_lock = NULL;
6075 struct nfs4_lockowner *lo = NULL;
6076 __be32 status;
6077 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
6078
6079 if (locks_in_grace(SVC_NET(rqstp)))
6080 return nfserr_grace;
6081
6082 if (check_lock_length(lockt->lt_offset, lockt->lt_length))
6083 return nfserr_inval;
6084
6085 if (!nfsd4_has_session(cstate)) {
6086 status = lookup_clientid(&lockt->lt_clientid, cstate, nn);
6087 if (status)
6088 goto out;
6089 }
6090
6091 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
6092 goto out;
6093
6094 file_lock = locks_alloc_lock();
6095 if (!file_lock) {
6096 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
6097 status = nfserr_jukebox;
6098 goto out;
6099 }
6100
6101 switch (lockt->lt_type) {
6102 case NFS4_READ_LT:
6103 case NFS4_READW_LT:
6104 file_lock->fl_type = F_RDLCK;
6105 break;
6106 case NFS4_WRITE_LT:
6107 case NFS4_WRITEW_LT:
6108 file_lock->fl_type = F_WRLCK;
6109 break;
6110 default:
6111 dprintk("NFSD: nfs4_lockt: bad lock type!\n");
6112 status = nfserr_inval;
6113 goto out;
6114 }
6115
6116 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner);
6117 if (lo)
6118 file_lock->fl_owner = (fl_owner_t)lo;
6119 file_lock->fl_pid = current->tgid;
6120 file_lock->fl_flags = FL_POSIX;
6121
6122 file_lock->fl_start = lockt->lt_offset;
6123 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
6124
6125 nfs4_transform_lock_offset(file_lock);
6126
6127 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
6128 if (status)
6129 goto out;
6130
6131 if (file_lock->fl_type != F_UNLCK) {
6132 status = nfserr_denied;
6133 nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
6134 }
6135 out:
6136 if (lo)
6137 nfs4_put_stateowner(&lo->lo_owner);
6138 if (file_lock)
6139 locks_free_lock(file_lock);
6140 return status;
6141 }
6142
6143 __be32
nfsd4_locku(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_locku * locku)6144 nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
6145 struct nfsd4_locku *locku)
6146 {
6147 struct nfs4_ol_stateid *stp;
6148 struct file *filp = NULL;
6149 struct file_lock *file_lock = NULL;
6150 __be32 status;
6151 int err;
6152 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
6153
6154 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
6155 (long long) locku->lu_offset,
6156 (long long) locku->lu_length);
6157
6158 if (check_lock_length(locku->lu_offset, locku->lu_length))
6159 return nfserr_inval;
6160
6161 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
6162 &locku->lu_stateid, NFS4_LOCK_STID,
6163 &stp, nn);
6164 if (status)
6165 goto out;
6166 filp = find_any_file(stp->st_stid.sc_file);
6167 if (!filp) {
6168 status = nfserr_lock_range;
6169 goto put_stateid;
6170 }
6171 file_lock = locks_alloc_lock();
6172 if (!file_lock) {
6173 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
6174 status = nfserr_jukebox;
6175 goto fput;
6176 }
6177
6178 file_lock->fl_type = F_UNLCK;
6179 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner));
6180 file_lock->fl_pid = current->tgid;
6181 file_lock->fl_file = filp;
6182 file_lock->fl_flags = FL_POSIX;
6183 file_lock->fl_lmops = &nfsd_posix_mng_ops;
6184 file_lock->fl_start = locku->lu_offset;
6185
6186 file_lock->fl_end = last_byte_offset(locku->lu_offset,
6187 locku->lu_length);
6188 nfs4_transform_lock_offset(file_lock);
6189
6190 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL);
6191 if (err) {
6192 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
6193 goto out_nfserr;
6194 }
6195 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid);
6196 fput:
6197 fput(filp);
6198 put_stateid:
6199 mutex_unlock(&stp->st_mutex);
6200 nfs4_put_stid(&stp->st_stid);
6201 out:
6202 nfsd4_bump_seqid(cstate, status);
6203 if (file_lock)
6204 locks_free_lock(file_lock);
6205 return status;
6206
6207 out_nfserr:
6208 status = nfserrno(err);
6209 goto fput;
6210 }
6211
6212 /*
6213 * returns
6214 * true: locks held by lockowner
6215 * false: no locks held by lockowner
6216 */
6217 static bool
check_for_locks(struct nfs4_file * fp,struct nfs4_lockowner * lowner)6218 check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner)
6219 {
6220 struct file_lock *fl;
6221 int status = false;
6222 struct file *filp = find_any_file(fp);
6223 struct inode *inode;
6224 struct file_lock_context *flctx;
6225
6226 if (!filp) {
6227 /* Any valid lock stateid should have some sort of access */
6228 WARN_ON_ONCE(1);
6229 return status;
6230 }
6231
6232 inode = file_inode(filp);
6233 flctx = inode->i_flctx;
6234
6235 if (flctx && !list_empty_careful(&flctx->flc_posix)) {
6236 spin_lock(&flctx->flc_lock);
6237 list_for_each_entry(fl, &flctx->flc_posix, fl_list) {
6238 if (fl->fl_owner == (fl_owner_t)lowner) {
6239 status = true;
6240 break;
6241 }
6242 }
6243 spin_unlock(&flctx->flc_lock);
6244 }
6245 fput(filp);
6246 return status;
6247 }
6248
6249 __be32
nfsd4_release_lockowner(struct svc_rqst * rqstp,struct nfsd4_compound_state * cstate,struct nfsd4_release_lockowner * rlockowner)6250 nfsd4_release_lockowner(struct svc_rqst *rqstp,
6251 struct nfsd4_compound_state *cstate,
6252 struct nfsd4_release_lockowner *rlockowner)
6253 {
6254 clientid_t *clid = &rlockowner->rl_clientid;
6255 struct nfs4_stateowner *sop;
6256 struct nfs4_lockowner *lo = NULL;
6257 struct nfs4_ol_stateid *stp;
6258 struct xdr_netobj *owner = &rlockowner->rl_owner;
6259 unsigned int hashval = ownerstr_hashval(owner);
6260 __be32 status;
6261 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
6262 struct nfs4_client *clp;
6263 LIST_HEAD (reaplist);
6264
6265 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
6266 clid->cl_boot, clid->cl_id);
6267
6268 status = lookup_clientid(clid, cstate, nn);
6269 if (status)
6270 return status;
6271
6272 clp = cstate->clp;
6273 /* Find the matching lock stateowner */
6274 spin_lock(&clp->cl_lock);
6275 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval],
6276 so_strhash) {
6277
6278 if (sop->so_is_open_owner || !same_owner_str(sop, owner))
6279 continue;
6280
6281 /* see if there are still any locks associated with it */
6282 lo = lockowner(sop);
6283 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) {
6284 if (check_for_locks(stp->st_stid.sc_file, lo)) {
6285 status = nfserr_locks_held;
6286 spin_unlock(&clp->cl_lock);
6287 return status;
6288 }
6289 }
6290
6291 nfs4_get_stateowner(sop);
6292 break;
6293 }
6294 if (!lo) {
6295 spin_unlock(&clp->cl_lock);
6296 return status;
6297 }
6298
6299 unhash_lockowner_locked(lo);
6300 while (!list_empty(&lo->lo_owner.so_stateids)) {
6301 stp = list_first_entry(&lo->lo_owner.so_stateids,
6302 struct nfs4_ol_stateid,
6303 st_perstateowner);
6304 WARN_ON(!unhash_lock_stateid(stp));
6305 put_ol_stateid_locked(stp, &reaplist);
6306 }
6307 spin_unlock(&clp->cl_lock);
6308 free_ol_stateid_reaplist(&reaplist);
6309 remove_blocked_locks(lo);
6310 nfs4_put_stateowner(&lo->lo_owner);
6311
6312 return status;
6313 }
6314
6315 static inline struct nfs4_client_reclaim *
alloc_reclaim(void)6316 alloc_reclaim(void)
6317 {
6318 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
6319 }
6320
6321 bool
nfs4_has_reclaimed_state(const char * name,struct nfsd_net * nn)6322 nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn)
6323 {
6324 struct nfs4_client_reclaim *crp;
6325
6326 crp = nfsd4_find_reclaim_client(name, nn);
6327 return (crp && crp->cr_clp);
6328 }
6329
6330 /*
6331 * failure => all reset bets are off, nfserr_no_grace...
6332 */
6333 struct nfs4_client_reclaim *
nfs4_client_to_reclaim(const char * name,struct nfsd_net * nn)6334 nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn)
6335 {
6336 unsigned int strhashval;
6337 struct nfs4_client_reclaim *crp;
6338
6339 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
6340 crp = alloc_reclaim();
6341 if (crp) {
6342 strhashval = clientstr_hashval(name);
6343 INIT_LIST_HEAD(&crp->cr_strhash);
6344 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]);
6345 memcpy(crp->cr_recdir, name, HEXDIR_LEN);
6346 crp->cr_clp = NULL;
6347 nn->reclaim_str_hashtbl_size++;
6348 }
6349 return crp;
6350 }
6351
6352 void
nfs4_remove_reclaim_record(struct nfs4_client_reclaim * crp,struct nfsd_net * nn)6353 nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn)
6354 {
6355 list_del(&crp->cr_strhash);
6356 kfree(crp);
6357 nn->reclaim_str_hashtbl_size--;
6358 }
6359
6360 void
nfs4_release_reclaim(struct nfsd_net * nn)6361 nfs4_release_reclaim(struct nfsd_net *nn)
6362 {
6363 struct nfs4_client_reclaim *crp = NULL;
6364 int i;
6365
6366 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
6367 while (!list_empty(&nn->reclaim_str_hashtbl[i])) {
6368 crp = list_entry(nn->reclaim_str_hashtbl[i].next,
6369 struct nfs4_client_reclaim, cr_strhash);
6370 nfs4_remove_reclaim_record(crp, nn);
6371 }
6372 }
6373 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size);
6374 }
6375
6376 /*
6377 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
6378 struct nfs4_client_reclaim *
nfsd4_find_reclaim_client(const char * recdir,struct nfsd_net * nn)6379 nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn)
6380 {
6381 unsigned int strhashval;
6382 struct nfs4_client_reclaim *crp = NULL;
6383
6384 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir);
6385
6386 strhashval = clientstr_hashval(recdir);
6387 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) {
6388 if (same_name(crp->cr_recdir, recdir)) {
6389 return crp;
6390 }
6391 }
6392 return NULL;
6393 }
6394
6395 /*
6396 * Called from OPEN. Look for clientid in reclaim list.
6397 */
6398 __be32
nfs4_check_open_reclaim(clientid_t * clid,struct nfsd4_compound_state * cstate,struct nfsd_net * nn)6399 nfs4_check_open_reclaim(clientid_t *clid,
6400 struct nfsd4_compound_state *cstate,
6401 struct nfsd_net *nn)
6402 {
6403 __be32 status;
6404
6405 /* find clientid in conf_id_hashtbl */
6406 status = lookup_clientid(clid, cstate, nn);
6407 if (status)
6408 return nfserr_reclaim_bad;
6409
6410 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags))
6411 return nfserr_no_grace;
6412
6413 if (nfsd4_client_record_check(cstate->clp))
6414 return nfserr_reclaim_bad;
6415
6416 return nfs_ok;
6417 }
6418
6419 #ifdef CONFIG_NFSD_FAULT_INJECTION
6420 static inline void
put_client(struct nfs4_client * clp)6421 put_client(struct nfs4_client *clp)
6422 {
6423 atomic_dec(&clp->cl_refcount);
6424 }
6425
6426 static struct nfs4_client *
nfsd_find_client(struct sockaddr_storage * addr,size_t addr_size)6427 nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size)
6428 {
6429 struct nfs4_client *clp;
6430 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6431 nfsd_net_id);
6432
6433 if (!nfsd_netns_ready(nn))
6434 return NULL;
6435
6436 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6437 if (memcmp(&clp->cl_addr, addr, addr_size) == 0)
6438 return clp;
6439 }
6440 return NULL;
6441 }
6442
6443 u64
nfsd_inject_print_clients(void)6444 nfsd_inject_print_clients(void)
6445 {
6446 struct nfs4_client *clp;
6447 u64 count = 0;
6448 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6449 nfsd_net_id);
6450 char buf[INET6_ADDRSTRLEN];
6451
6452 if (!nfsd_netns_ready(nn))
6453 return 0;
6454
6455 spin_lock(&nn->client_lock);
6456 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6457 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
6458 pr_info("NFS Client: %s\n", buf);
6459 ++count;
6460 }
6461 spin_unlock(&nn->client_lock);
6462
6463 return count;
6464 }
6465
6466 u64
nfsd_inject_forget_client(struct sockaddr_storage * addr,size_t addr_size)6467 nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size)
6468 {
6469 u64 count = 0;
6470 struct nfs4_client *clp;
6471 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6472 nfsd_net_id);
6473
6474 if (!nfsd_netns_ready(nn))
6475 return count;
6476
6477 spin_lock(&nn->client_lock);
6478 clp = nfsd_find_client(addr, addr_size);
6479 if (clp) {
6480 if (mark_client_expired_locked(clp) == nfs_ok)
6481 ++count;
6482 else
6483 clp = NULL;
6484 }
6485 spin_unlock(&nn->client_lock);
6486
6487 if (clp)
6488 expire_client(clp);
6489
6490 return count;
6491 }
6492
6493 u64
nfsd_inject_forget_clients(u64 max)6494 nfsd_inject_forget_clients(u64 max)
6495 {
6496 u64 count = 0;
6497 struct nfs4_client *clp, *next;
6498 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6499 nfsd_net_id);
6500 LIST_HEAD(reaplist);
6501
6502 if (!nfsd_netns_ready(nn))
6503 return count;
6504
6505 spin_lock(&nn->client_lock);
6506 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
6507 if (mark_client_expired_locked(clp) == nfs_ok) {
6508 list_add(&clp->cl_lru, &reaplist);
6509 if (max != 0 && ++count >= max)
6510 break;
6511 }
6512 }
6513 spin_unlock(&nn->client_lock);
6514
6515 list_for_each_entry_safe(clp, next, &reaplist, cl_lru)
6516 expire_client(clp);
6517
6518 return count;
6519 }
6520
nfsd_print_count(struct nfs4_client * clp,unsigned int count,const char * type)6521 static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
6522 const char *type)
6523 {
6524 char buf[INET6_ADDRSTRLEN];
6525 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
6526 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
6527 }
6528
6529 static void
nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid * lst,struct list_head * collect)6530 nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst,
6531 struct list_head *collect)
6532 {
6533 struct nfs4_client *clp = lst->st_stid.sc_client;
6534 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6535 nfsd_net_id);
6536
6537 if (!collect)
6538 return;
6539
6540 lockdep_assert_held(&nn->client_lock);
6541 atomic_inc(&clp->cl_refcount);
6542 list_add(&lst->st_locks, collect);
6543 }
6544
nfsd_foreach_client_lock(struct nfs4_client * clp,u64 max,struct list_head * collect,bool (* func)(struct nfs4_ol_stateid *))6545 static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max,
6546 struct list_head *collect,
6547 bool (*func)(struct nfs4_ol_stateid *))
6548 {
6549 struct nfs4_openowner *oop;
6550 struct nfs4_ol_stateid *stp, *st_next;
6551 struct nfs4_ol_stateid *lst, *lst_next;
6552 u64 count = 0;
6553
6554 spin_lock(&clp->cl_lock);
6555 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) {
6556 list_for_each_entry_safe(stp, st_next,
6557 &oop->oo_owner.so_stateids, st_perstateowner) {
6558 list_for_each_entry_safe(lst, lst_next,
6559 &stp->st_locks, st_locks) {
6560 if (func) {
6561 if (func(lst))
6562 nfsd_inject_add_lock_to_list(lst,
6563 collect);
6564 }
6565 ++count;
6566 /*
6567 * Despite the fact that these functions deal
6568 * with 64-bit integers for "count", we must
6569 * ensure that it doesn't blow up the
6570 * clp->cl_refcount. Throw a warning if we
6571 * start to approach INT_MAX here.
6572 */
6573 WARN_ON_ONCE(count == (INT_MAX / 2));
6574 if (count == max)
6575 goto out;
6576 }
6577 }
6578 }
6579 out:
6580 spin_unlock(&clp->cl_lock);
6581
6582 return count;
6583 }
6584
6585 static u64
nfsd_collect_client_locks(struct nfs4_client * clp,struct list_head * collect,u64 max)6586 nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect,
6587 u64 max)
6588 {
6589 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid);
6590 }
6591
6592 static u64
nfsd_print_client_locks(struct nfs4_client * clp)6593 nfsd_print_client_locks(struct nfs4_client *clp)
6594 {
6595 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL);
6596 nfsd_print_count(clp, count, "locked files");
6597 return count;
6598 }
6599
6600 u64
nfsd_inject_print_locks(void)6601 nfsd_inject_print_locks(void)
6602 {
6603 struct nfs4_client *clp;
6604 u64 count = 0;
6605 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6606 nfsd_net_id);
6607
6608 if (!nfsd_netns_ready(nn))
6609 return 0;
6610
6611 spin_lock(&nn->client_lock);
6612 list_for_each_entry(clp, &nn->client_lru, cl_lru)
6613 count += nfsd_print_client_locks(clp);
6614 spin_unlock(&nn->client_lock);
6615
6616 return count;
6617 }
6618
6619 static void
nfsd_reap_locks(struct list_head * reaplist)6620 nfsd_reap_locks(struct list_head *reaplist)
6621 {
6622 struct nfs4_client *clp;
6623 struct nfs4_ol_stateid *stp, *next;
6624
6625 list_for_each_entry_safe(stp, next, reaplist, st_locks) {
6626 list_del_init(&stp->st_locks);
6627 clp = stp->st_stid.sc_client;
6628 nfs4_put_stid(&stp->st_stid);
6629 put_client(clp);
6630 }
6631 }
6632
6633 u64
nfsd_inject_forget_client_locks(struct sockaddr_storage * addr,size_t addr_size)6634 nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size)
6635 {
6636 unsigned int count = 0;
6637 struct nfs4_client *clp;
6638 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6639 nfsd_net_id);
6640 LIST_HEAD(reaplist);
6641
6642 if (!nfsd_netns_ready(nn))
6643 return count;
6644
6645 spin_lock(&nn->client_lock);
6646 clp = nfsd_find_client(addr, addr_size);
6647 if (clp)
6648 count = nfsd_collect_client_locks(clp, &reaplist, 0);
6649 spin_unlock(&nn->client_lock);
6650 nfsd_reap_locks(&reaplist);
6651 return count;
6652 }
6653
6654 u64
nfsd_inject_forget_locks(u64 max)6655 nfsd_inject_forget_locks(u64 max)
6656 {
6657 u64 count = 0;
6658 struct nfs4_client *clp;
6659 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6660 nfsd_net_id);
6661 LIST_HEAD(reaplist);
6662
6663 if (!nfsd_netns_ready(nn))
6664 return count;
6665
6666 spin_lock(&nn->client_lock);
6667 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6668 count += nfsd_collect_client_locks(clp, &reaplist, max - count);
6669 if (max != 0 && count >= max)
6670 break;
6671 }
6672 spin_unlock(&nn->client_lock);
6673 nfsd_reap_locks(&reaplist);
6674 return count;
6675 }
6676
6677 static u64
nfsd_foreach_client_openowner(struct nfs4_client * clp,u64 max,struct list_head * collect,void (* func)(struct nfs4_openowner *))6678 nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max,
6679 struct list_head *collect,
6680 void (*func)(struct nfs4_openowner *))
6681 {
6682 struct nfs4_openowner *oop, *next;
6683 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6684 nfsd_net_id);
6685 u64 count = 0;
6686
6687 lockdep_assert_held(&nn->client_lock);
6688
6689 spin_lock(&clp->cl_lock);
6690 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) {
6691 if (func) {
6692 func(oop);
6693 if (collect) {
6694 atomic_inc(&clp->cl_refcount);
6695 list_add(&oop->oo_perclient, collect);
6696 }
6697 }
6698 ++count;
6699 /*
6700 * Despite the fact that these functions deal with
6701 * 64-bit integers for "count", we must ensure that
6702 * it doesn't blow up the clp->cl_refcount. Throw a
6703 * warning if we start to approach INT_MAX here.
6704 */
6705 WARN_ON_ONCE(count == (INT_MAX / 2));
6706 if (count == max)
6707 break;
6708 }
6709 spin_unlock(&clp->cl_lock);
6710
6711 return count;
6712 }
6713
6714 static u64
nfsd_print_client_openowners(struct nfs4_client * clp)6715 nfsd_print_client_openowners(struct nfs4_client *clp)
6716 {
6717 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL);
6718
6719 nfsd_print_count(clp, count, "openowners");
6720 return count;
6721 }
6722
6723 static u64
nfsd_collect_client_openowners(struct nfs4_client * clp,struct list_head * collect,u64 max)6724 nfsd_collect_client_openowners(struct nfs4_client *clp,
6725 struct list_head *collect, u64 max)
6726 {
6727 return nfsd_foreach_client_openowner(clp, max, collect,
6728 unhash_openowner_locked);
6729 }
6730
6731 u64
nfsd_inject_print_openowners(void)6732 nfsd_inject_print_openowners(void)
6733 {
6734 struct nfs4_client *clp;
6735 u64 count = 0;
6736 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6737 nfsd_net_id);
6738
6739 if (!nfsd_netns_ready(nn))
6740 return 0;
6741
6742 spin_lock(&nn->client_lock);
6743 list_for_each_entry(clp, &nn->client_lru, cl_lru)
6744 count += nfsd_print_client_openowners(clp);
6745 spin_unlock(&nn->client_lock);
6746
6747 return count;
6748 }
6749
6750 static void
nfsd_reap_openowners(struct list_head * reaplist)6751 nfsd_reap_openowners(struct list_head *reaplist)
6752 {
6753 struct nfs4_client *clp;
6754 struct nfs4_openowner *oop, *next;
6755
6756 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) {
6757 list_del_init(&oop->oo_perclient);
6758 clp = oop->oo_owner.so_client;
6759 release_openowner(oop);
6760 put_client(clp);
6761 }
6762 }
6763
6764 u64
nfsd_inject_forget_client_openowners(struct sockaddr_storage * addr,size_t addr_size)6765 nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr,
6766 size_t addr_size)
6767 {
6768 unsigned int count = 0;
6769 struct nfs4_client *clp;
6770 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6771 nfsd_net_id);
6772 LIST_HEAD(reaplist);
6773
6774 if (!nfsd_netns_ready(nn))
6775 return count;
6776
6777 spin_lock(&nn->client_lock);
6778 clp = nfsd_find_client(addr, addr_size);
6779 if (clp)
6780 count = nfsd_collect_client_openowners(clp, &reaplist, 0);
6781 spin_unlock(&nn->client_lock);
6782 nfsd_reap_openowners(&reaplist);
6783 return count;
6784 }
6785
6786 u64
nfsd_inject_forget_openowners(u64 max)6787 nfsd_inject_forget_openowners(u64 max)
6788 {
6789 u64 count = 0;
6790 struct nfs4_client *clp;
6791 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6792 nfsd_net_id);
6793 LIST_HEAD(reaplist);
6794
6795 if (!nfsd_netns_ready(nn))
6796 return count;
6797
6798 spin_lock(&nn->client_lock);
6799 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6800 count += nfsd_collect_client_openowners(clp, &reaplist,
6801 max - count);
6802 if (max != 0 && count >= max)
6803 break;
6804 }
6805 spin_unlock(&nn->client_lock);
6806 nfsd_reap_openowners(&reaplist);
6807 return count;
6808 }
6809
nfsd_find_all_delegations(struct nfs4_client * clp,u64 max,struct list_head * victims)6810 static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max,
6811 struct list_head *victims)
6812 {
6813 struct nfs4_delegation *dp, *next;
6814 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6815 nfsd_net_id);
6816 u64 count = 0;
6817
6818 lockdep_assert_held(&nn->client_lock);
6819
6820 spin_lock(&state_lock);
6821 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) {
6822 if (victims) {
6823 /*
6824 * It's not safe to mess with delegations that have a
6825 * non-zero dl_time. They might have already been broken
6826 * and could be processed by the laundromat outside of
6827 * the state_lock. Just leave them be.
6828 */
6829 if (dp->dl_time != 0)
6830 continue;
6831
6832 atomic_inc(&clp->cl_refcount);
6833 WARN_ON(!unhash_delegation_locked(dp));
6834 list_add(&dp->dl_recall_lru, victims);
6835 }
6836 ++count;
6837 /*
6838 * Despite the fact that these functions deal with
6839 * 64-bit integers for "count", we must ensure that
6840 * it doesn't blow up the clp->cl_refcount. Throw a
6841 * warning if we start to approach INT_MAX here.
6842 */
6843 WARN_ON_ONCE(count == (INT_MAX / 2));
6844 if (count == max)
6845 break;
6846 }
6847 spin_unlock(&state_lock);
6848 return count;
6849 }
6850
6851 static u64
nfsd_print_client_delegations(struct nfs4_client * clp)6852 nfsd_print_client_delegations(struct nfs4_client *clp)
6853 {
6854 u64 count = nfsd_find_all_delegations(clp, 0, NULL);
6855
6856 nfsd_print_count(clp, count, "delegations");
6857 return count;
6858 }
6859
6860 u64
nfsd_inject_print_delegations(void)6861 nfsd_inject_print_delegations(void)
6862 {
6863 struct nfs4_client *clp;
6864 u64 count = 0;
6865 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6866 nfsd_net_id);
6867
6868 if (!nfsd_netns_ready(nn))
6869 return 0;
6870
6871 spin_lock(&nn->client_lock);
6872 list_for_each_entry(clp, &nn->client_lru, cl_lru)
6873 count += nfsd_print_client_delegations(clp);
6874 spin_unlock(&nn->client_lock);
6875
6876 return count;
6877 }
6878
6879 static void
nfsd_forget_delegations(struct list_head * reaplist)6880 nfsd_forget_delegations(struct list_head *reaplist)
6881 {
6882 struct nfs4_client *clp;
6883 struct nfs4_delegation *dp, *next;
6884
6885 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) {
6886 list_del_init(&dp->dl_recall_lru);
6887 clp = dp->dl_stid.sc_client;
6888 revoke_delegation(dp);
6889 put_client(clp);
6890 }
6891 }
6892
6893 u64
nfsd_inject_forget_client_delegations(struct sockaddr_storage * addr,size_t addr_size)6894 nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr,
6895 size_t addr_size)
6896 {
6897 u64 count = 0;
6898 struct nfs4_client *clp;
6899 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6900 nfsd_net_id);
6901 LIST_HEAD(reaplist);
6902
6903 if (!nfsd_netns_ready(nn))
6904 return count;
6905
6906 spin_lock(&nn->client_lock);
6907 clp = nfsd_find_client(addr, addr_size);
6908 if (clp)
6909 count = nfsd_find_all_delegations(clp, 0, &reaplist);
6910 spin_unlock(&nn->client_lock);
6911
6912 nfsd_forget_delegations(&reaplist);
6913 return count;
6914 }
6915
6916 u64
nfsd_inject_forget_delegations(u64 max)6917 nfsd_inject_forget_delegations(u64 max)
6918 {
6919 u64 count = 0;
6920 struct nfs4_client *clp;
6921 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6922 nfsd_net_id);
6923 LIST_HEAD(reaplist);
6924
6925 if (!nfsd_netns_ready(nn))
6926 return count;
6927
6928 spin_lock(&nn->client_lock);
6929 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6930 count += nfsd_find_all_delegations(clp, max - count, &reaplist);
6931 if (max != 0 && count >= max)
6932 break;
6933 }
6934 spin_unlock(&nn->client_lock);
6935 nfsd_forget_delegations(&reaplist);
6936 return count;
6937 }
6938
6939 static void
nfsd_recall_delegations(struct list_head * reaplist)6940 nfsd_recall_delegations(struct list_head *reaplist)
6941 {
6942 struct nfs4_client *clp;
6943 struct nfs4_delegation *dp, *next;
6944
6945 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) {
6946 list_del_init(&dp->dl_recall_lru);
6947 clp = dp->dl_stid.sc_client;
6948 /*
6949 * We skipped all entries that had a zero dl_time before,
6950 * so we can now reset the dl_time back to 0. If a delegation
6951 * break comes in now, then it won't make any difference since
6952 * we're recalling it either way.
6953 */
6954 spin_lock(&state_lock);
6955 dp->dl_time = 0;
6956 spin_unlock(&state_lock);
6957 nfsd_break_one_deleg(dp);
6958 put_client(clp);
6959 }
6960 }
6961
6962 u64
nfsd_inject_recall_client_delegations(struct sockaddr_storage * addr,size_t addr_size)6963 nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr,
6964 size_t addr_size)
6965 {
6966 u64 count = 0;
6967 struct nfs4_client *clp;
6968 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6969 nfsd_net_id);
6970 LIST_HEAD(reaplist);
6971
6972 if (!nfsd_netns_ready(nn))
6973 return count;
6974
6975 spin_lock(&nn->client_lock);
6976 clp = nfsd_find_client(addr, addr_size);
6977 if (clp)
6978 count = nfsd_find_all_delegations(clp, 0, &reaplist);
6979 spin_unlock(&nn->client_lock);
6980
6981 nfsd_recall_delegations(&reaplist);
6982 return count;
6983 }
6984
6985 u64
nfsd_inject_recall_delegations(u64 max)6986 nfsd_inject_recall_delegations(u64 max)
6987 {
6988 u64 count = 0;
6989 struct nfs4_client *clp, *next;
6990 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6991 nfsd_net_id);
6992 LIST_HEAD(reaplist);
6993
6994 if (!nfsd_netns_ready(nn))
6995 return count;
6996
6997 spin_lock(&nn->client_lock);
6998 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
6999 count += nfsd_find_all_delegations(clp, max - count, &reaplist);
7000 if (max != 0 && ++count >= max)
7001 break;
7002 }
7003 spin_unlock(&nn->client_lock);
7004 nfsd_recall_delegations(&reaplist);
7005 return count;
7006 }
7007 #endif /* CONFIG_NFSD_FAULT_INJECTION */
7008
7009 /*
7010 * Since the lifetime of a delegation isn't limited to that of an open, a
7011 * client may quite reasonably hang on to a delegation as long as it has
7012 * the inode cached. This becomes an obvious problem the first time a
7013 * client's inode cache approaches the size of the server's total memory.
7014 *
7015 * For now we avoid this problem by imposing a hard limit on the number
7016 * of delegations, which varies according to the server's memory size.
7017 */
7018 static void
set_max_delegations(void)7019 set_max_delegations(void)
7020 {
7021 /*
7022 * Allow at most 4 delegations per megabyte of RAM. Quick
7023 * estimates suggest that in the worst case (where every delegation
7024 * is for a different inode), a delegation could take about 1.5K,
7025 * giving a worst case usage of about 6% of memory.
7026 */
7027 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
7028 }
7029
nfs4_state_create_net(struct net * net)7030 static int nfs4_state_create_net(struct net *net)
7031 {
7032 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
7033 int i;
7034
7035 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) *
7036 CLIENT_HASH_SIZE, GFP_KERNEL);
7037 if (!nn->conf_id_hashtbl)
7038 goto err;
7039 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) *
7040 CLIENT_HASH_SIZE, GFP_KERNEL);
7041 if (!nn->unconf_id_hashtbl)
7042 goto err_unconf_id;
7043 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) *
7044 SESSION_HASH_SIZE, GFP_KERNEL);
7045 if (!nn->sessionid_hashtbl)
7046 goto err_sessionid;
7047
7048 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
7049 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]);
7050 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]);
7051 }
7052 for (i = 0; i < SESSION_HASH_SIZE; i++)
7053 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]);
7054 nn->conf_name_tree = RB_ROOT;
7055 nn->unconf_name_tree = RB_ROOT;
7056 nn->boot_time = get_seconds();
7057 nn->grace_ended = false;
7058 nn->nfsd4_manager.block_opens = true;
7059 INIT_LIST_HEAD(&nn->nfsd4_manager.list);
7060 INIT_LIST_HEAD(&nn->client_lru);
7061 INIT_LIST_HEAD(&nn->close_lru);
7062 INIT_LIST_HEAD(&nn->del_recall_lru);
7063 spin_lock_init(&nn->client_lock);
7064
7065 spin_lock_init(&nn->blocked_locks_lock);
7066 INIT_LIST_HEAD(&nn->blocked_locks_lru);
7067
7068 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main);
7069 get_net(net);
7070
7071 return 0;
7072
7073 err_sessionid:
7074 kfree(nn->unconf_id_hashtbl);
7075 err_unconf_id:
7076 kfree(nn->conf_id_hashtbl);
7077 err:
7078 return -ENOMEM;
7079 }
7080
7081 static void
nfs4_state_destroy_net(struct net * net)7082 nfs4_state_destroy_net(struct net *net)
7083 {
7084 int i;
7085 struct nfs4_client *clp = NULL;
7086 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
7087
7088 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
7089 while (!list_empty(&nn->conf_id_hashtbl[i])) {
7090 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
7091 destroy_client(clp);
7092 }
7093 }
7094
7095 WARN_ON(!list_empty(&nn->blocked_locks_lru));
7096
7097 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
7098 while (!list_empty(&nn->unconf_id_hashtbl[i])) {
7099 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
7100 destroy_client(clp);
7101 }
7102 }
7103
7104 kfree(nn->sessionid_hashtbl);
7105 kfree(nn->unconf_id_hashtbl);
7106 kfree(nn->conf_id_hashtbl);
7107 put_net(net);
7108 }
7109
7110 int
nfs4_state_start_net(struct net * net)7111 nfs4_state_start_net(struct net *net)
7112 {
7113 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
7114 int ret;
7115
7116 ret = nfs4_state_create_net(net);
7117 if (ret)
7118 return ret;
7119 locks_start_grace(net, &nn->nfsd4_manager);
7120 nfsd4_client_tracking_init(net);
7121 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %p)\n",
7122 nn->nfsd4_grace, net);
7123 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ);
7124 return 0;
7125 }
7126
7127 /* initialization to perform when the nfsd service is started: */
7128
7129 int
nfs4_state_start(void)7130 nfs4_state_start(void)
7131 {
7132 int ret;
7133
7134 ret = set_callback_cred();
7135 if (ret)
7136 return ret;
7137
7138 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4");
7139 if (laundry_wq == NULL) {
7140 ret = -ENOMEM;
7141 goto out_cleanup_cred;
7142 }
7143 ret = nfsd4_create_callback_queue();
7144 if (ret)
7145 goto out_free_laundry;
7146
7147 set_max_delegations();
7148 return 0;
7149
7150 out_free_laundry:
7151 destroy_workqueue(laundry_wq);
7152 out_cleanup_cred:
7153 cleanup_callback_cred();
7154 return ret;
7155 }
7156
7157 void
nfs4_state_shutdown_net(struct net * net)7158 nfs4_state_shutdown_net(struct net *net)
7159 {
7160 struct nfs4_delegation *dp = NULL;
7161 struct list_head *pos, *next, reaplist;
7162 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
7163
7164 cancel_delayed_work_sync(&nn->laundromat_work);
7165 locks_end_grace(&nn->nfsd4_manager);
7166
7167 INIT_LIST_HEAD(&reaplist);
7168 spin_lock(&state_lock);
7169 list_for_each_safe(pos, next, &nn->del_recall_lru) {
7170 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
7171 WARN_ON(!unhash_delegation_locked(dp));
7172 list_add(&dp->dl_recall_lru, &reaplist);
7173 }
7174 spin_unlock(&state_lock);
7175 list_for_each_safe(pos, next, &reaplist) {
7176 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
7177 list_del_init(&dp->dl_recall_lru);
7178 put_clnt_odstate(dp->dl_clnt_odstate);
7179 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
7180 nfs4_put_stid(&dp->dl_stid);
7181 }
7182
7183 nfsd4_client_tracking_exit(net);
7184 nfs4_state_destroy_net(net);
7185 }
7186
7187 void
nfs4_state_shutdown(void)7188 nfs4_state_shutdown(void)
7189 {
7190 destroy_workqueue(laundry_wq);
7191 nfsd4_destroy_callback_queue();
7192 cleanup_callback_cred();
7193 }
7194
7195 static void
get_stateid(struct nfsd4_compound_state * cstate,stateid_t * stateid)7196 get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
7197 {
7198 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
7199 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
7200 }
7201
7202 static void
put_stateid(struct nfsd4_compound_state * cstate,stateid_t * stateid)7203 put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
7204 {
7205 if (cstate->minorversion) {
7206 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
7207 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
7208 }
7209 }
7210
7211 void
clear_current_stateid(struct nfsd4_compound_state * cstate)7212 clear_current_stateid(struct nfsd4_compound_state *cstate)
7213 {
7214 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
7215 }
7216
7217 /*
7218 * functions to set current state id
7219 */
7220 void
nfsd4_set_opendowngradestateid(struct nfsd4_compound_state * cstate,struct nfsd4_open_downgrade * odp)7221 nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
7222 {
7223 put_stateid(cstate, &odp->od_stateid);
7224 }
7225
7226 void
nfsd4_set_openstateid(struct nfsd4_compound_state * cstate,struct nfsd4_open * open)7227 nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
7228 {
7229 put_stateid(cstate, &open->op_stateid);
7230 }
7231
7232 void
nfsd4_set_closestateid(struct nfsd4_compound_state * cstate,struct nfsd4_close * close)7233 nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
7234 {
7235 put_stateid(cstate, &close->cl_stateid);
7236 }
7237
7238 void
nfsd4_set_lockstateid(struct nfsd4_compound_state * cstate,struct nfsd4_lock * lock)7239 nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
7240 {
7241 put_stateid(cstate, &lock->lk_resp_stateid);
7242 }
7243
7244 /*
7245 * functions to consume current state id
7246 */
7247
7248 void
nfsd4_get_opendowngradestateid(struct nfsd4_compound_state * cstate,struct nfsd4_open_downgrade * odp)7249 nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
7250 {
7251 get_stateid(cstate, &odp->od_stateid);
7252 }
7253
7254 void
nfsd4_get_delegreturnstateid(struct nfsd4_compound_state * cstate,struct nfsd4_delegreturn * drp)7255 nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
7256 {
7257 get_stateid(cstate, &drp->dr_stateid);
7258 }
7259
7260 void
nfsd4_get_freestateid(struct nfsd4_compound_state * cstate,struct nfsd4_free_stateid * fsp)7261 nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
7262 {
7263 get_stateid(cstate, &fsp->fr_stateid);
7264 }
7265
7266 void
nfsd4_get_setattrstateid(struct nfsd4_compound_state * cstate,struct nfsd4_setattr * setattr)7267 nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
7268 {
7269 get_stateid(cstate, &setattr->sa_stateid);
7270 }
7271
7272 void
nfsd4_get_closestateid(struct nfsd4_compound_state * cstate,struct nfsd4_close * close)7273 nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
7274 {
7275 get_stateid(cstate, &close->cl_stateid);
7276 }
7277
7278 void
nfsd4_get_lockustateid(struct nfsd4_compound_state * cstate,struct nfsd4_locku * locku)7279 nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
7280 {
7281 get_stateid(cstate, &locku->lu_stateid);
7282 }
7283
7284 void
nfsd4_get_readstateid(struct nfsd4_compound_state * cstate,struct nfsd4_read * read)7285 nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
7286 {
7287 get_stateid(cstate, &read->rd_stateid);
7288 }
7289
7290 void
nfsd4_get_writestateid(struct nfsd4_compound_state * cstate,struct nfsd4_write * write)7291 nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
7292 {
7293 get_stateid(cstate, &write->wr_stateid);
7294 }
7295