The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/fs/nfsclient/nfs_clstate.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
    3  *
    4  * Copyright (c) 2009 Rick Macklem, University of Guelph
    5  * All rights reserved.
    6  *
    7  * Redistribution and use in source and binary forms, with or without
    8  * modification, are permitted provided that the following conditions
    9  * are met:
   10  * 1. Redistributions of source code must retain the above copyright
   11  *    notice, this list of conditions and the following disclaimer.
   12  * 2. Redistributions in binary form must reproduce the above copyright
   13  *    notice, this list of conditions and the following disclaimer in the
   14  *    documentation and/or other materials provided with the distribution.
   15  *
   16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   26  * SUCH DAMAGE.
   27  *
   28  */
   29 
   30 #include <sys/cdefs.h>
   31 __FBSDID("$FreeBSD$");
   32 
   33 /*
   34  * These functions implement the client side state handling for NFSv4.
   35  * NFSv4 state handling:
   36  * - A lockowner is used to determine lock contention, so it
   37  *   corresponds directly to a Posix pid. (1 to 1 mapping)
   38  * - The correct granularity of an OpenOwner is not nearly so
   39  *   obvious. An OpenOwner does the following:
   40  *   - provides a serial sequencing of Open/Close/Lock-with-new-lockowner
   41  *   - is used to check for Open/Share contention (not applicable to
   42  *     this client, since all Opens are Deny_None)
   43  *   As such, I considered both extreme.
   44  *   1 OpenOwner per ClientID - Simple to manage, but fully serializes
   45  *   all Open, Close and Lock (with a new lockowner) Ops.
   46  *   1 OpenOwner for each Open - This one results in an OpenConfirm for
   47  *   every Open, for most servers.
   48  *   So, I chose to use the same mapping as I did for LockOwnwers.
   49  *   The main concern here is that you can end up with multiple Opens
   50  *   for the same File Handle, but on different OpenOwners (opens
   51  *   inherited from parents, grandparents...) and you do not know
   52  *   which of these the vnodeop close applies to. This is handled by
   53  *   delaying the Close Op(s) until all of the Opens have been closed.
   54  *   (It is not yet obvious if this is the correct granularity.)
   55  * - How the code handles serialization:
   56  *   - For the ClientId, it uses an exclusive lock while getting its
   57  *     SetClientId and during recovery. Otherwise, it uses a shared
   58  *     lock via a reference count.
   59  *   - For the rest of the data structures, it uses an SMP mutex
   60  *     (once the nfs client is SMP safe) and doesn't sleep while
   61  *     manipulating the linked lists.
   62  *   - The serialization of Open/Close/Lock/LockU falls out in the
   63  *     "wash", since OpenOwners and LockOwners are both mapped from
   64  *     Posix pid. In other words, there is only one Posix pid using
   65  *     any given owner, so that owner is serialized. (If you change
   66  *     the granularity of the OpenOwner, then code must be added to
   67  *     serialize Ops on the OpenOwner.)
   68  * - When to get rid of OpenOwners and LockOwners.
   69  *   - The function nfscl_cleanup_common() is executed after a process exits.
   70  *     It goes through the client list looking for all Open and Lock Owners.
   71  *     When one is found, it is marked "defunct" or in the case of
   72  *     an OpenOwner without any Opens, freed.
   73  *     The renew thread scans for defunct Owners and gets rid of them,
   74  *     if it can. The LockOwners will also be deleted when the
   75  *     associated Open is closed.
   76  *   - If the LockU or Close Op(s) fail during close in a way
   77  *     that could be recovered upon retry, they are relinked to the
   78  *     ClientId's defunct open list and retried by the renew thread
   79  *     until they succeed or an unmount/recovery occurs.
   80  *     (Since we are done with them, they do not need to be recovered.)
   81  */
   82 
   83 #include <fs/nfs/nfsport.h>
   84 
   85 /*
   86  * Global variables
   87  */
   88 extern struct nfsstatsv1 nfsstatsv1;
   89 extern struct nfsreqhead nfsd_reqq;
   90 extern u_int32_t newnfs_false, newnfs_true;
   91 extern int nfscl_debuglevel;
   92 extern int nfscl_enablecallb;
   93 extern int nfs_numnfscbd;
   94 NFSREQSPINLOCK;
   95 NFSCLSTATEMUTEX;
   96 int nfscl_inited = 0;
   97 struct nfsclhead nfsclhead;     /* Head of clientid list */
   98 int nfscl_deleghighwater = NFSCLDELEGHIGHWATER;
   99 int nfscl_layouthighwater = NFSCLLAYOUTHIGHWATER;
  100 
  101 static int nfscl_delegcnt = 0;
  102 static int nfscl_layoutcnt = 0;
  103 static int nfscl_getopen(struct nfsclownerhead *, struct nfsclopenhash *,
  104     u_int8_t *, int, u_int8_t *, u_int8_t *, u_int32_t,
  105     struct nfscllockowner **, struct nfsclopen **);
  106 static bool nfscl_checkown(struct nfsclowner *, struct nfsclopen *, uint8_t *,
  107     uint8_t *, struct nfscllockowner **, struct nfsclopen **,
  108     struct nfsclopen **);
  109 static void nfscl_clrelease(struct nfsclclient *);
  110 static void nfscl_unlinkopen(struct nfsclopen *);
  111 static void nfscl_cleanclient(struct nfsclclient *);
  112 static void nfscl_expireclient(struct nfsclclient *, struct nfsmount *,
  113     struct ucred *, NFSPROC_T *);
  114 static int nfscl_expireopen(struct nfsclclient *, struct nfsclopen *,
  115     struct nfsmount *, struct ucred *, NFSPROC_T *);
  116 static void nfscl_recover(struct nfsclclient *, bool *, struct ucred *,
  117     NFSPROC_T *);
  118 static void nfscl_insertlock(struct nfscllockowner *, struct nfscllock *,
  119     struct nfscllock *, int);
  120 static int nfscl_updatelock(struct nfscllockowner *, struct nfscllock **,
  121     struct nfscllock **, int);
  122 static void nfscl_delegreturnall(struct nfsclclient *, NFSPROC_T *,
  123     struct nfscldeleghead *);
  124 static u_int32_t nfscl_nextcbident(void);
  125 static mount_t nfscl_getmnt(int, uint8_t *, u_int32_t, struct nfsclclient **);
  126 static struct nfsclclient *nfscl_getclnt(u_int32_t);
  127 static struct nfsclclient *nfscl_getclntsess(uint8_t *);
  128 static struct nfscldeleg *nfscl_finddeleg(struct nfsclclient *, u_int8_t *,
  129     int);
  130 static void nfscl_retoncloselayout(vnode_t, struct nfsclclient *, uint8_t *,
  131     int, struct nfsclrecalllayout **, struct nfscllayout **);
  132 static void nfscl_reldevinfo_locked(struct nfscldevinfo *);
  133 static struct nfscllayout *nfscl_findlayout(struct nfsclclient *, u_int8_t *,
  134     int);
  135 static struct nfscldevinfo *nfscl_finddevinfo(struct nfsclclient *, uint8_t *);
  136 static int nfscl_checkconflict(struct nfscllockownerhead *, struct nfscllock *,
  137     u_int8_t *, struct nfscllock **);
  138 static void nfscl_freealllocks(struct nfscllockownerhead *, int);
  139 static int nfscl_localconflict(struct nfsclclient *, u_int8_t *, int,
  140     struct nfscllock *, u_int8_t *, struct nfscldeleg *, struct nfscllock **);
  141 static void nfscl_newopen(struct nfsclclient *, struct nfscldeleg *,
  142     struct nfsclowner **, struct nfsclowner **, struct nfsclopen **,
  143     struct nfsclopen **, u_int8_t *, u_int8_t *, int, struct ucred *, int *);
  144 static int nfscl_moveopen(vnode_t , struct nfsclclient *,
  145     struct nfsmount *, struct nfsclopen *, struct nfsclowner *,
  146     struct nfscldeleg *, struct ucred *, NFSPROC_T *);
  147 static void nfscl_totalrecall(struct nfsclclient *);
  148 static int nfscl_relock(vnode_t , struct nfsclclient *, struct nfsmount *,
  149     struct nfscllockowner *, struct nfscllock *, struct ucred *, NFSPROC_T *);
  150 static int nfscl_tryopen(struct nfsmount *, vnode_t , u_int8_t *, int,
  151     u_int8_t *, int, u_int32_t, struct nfsclopen *, u_int8_t *, int,
  152     struct nfscldeleg **, int, u_int32_t, struct ucred *, NFSPROC_T *);
  153 static int nfscl_trylock(struct nfsmount *, vnode_t , u_int8_t *,
  154     int, struct nfscllockowner *, int, int, u_int64_t, u_int64_t, short,
  155     struct ucred *, NFSPROC_T *);
  156 static int nfsrpc_reopen(struct nfsmount *, u_int8_t *, int, u_int32_t,
  157     struct nfsclopen *, struct nfscldeleg **, struct ucred *, NFSPROC_T *);
  158 static void nfscl_freedeleg(struct nfscldeleghead *, struct nfscldeleg *,
  159     bool);
  160 static int nfscl_errmap(struct nfsrv_descript *, u_int32_t);
  161 static void nfscl_cleanup_common(struct nfsclclient *, u_int8_t *);
  162 static int nfscl_recalldeleg(struct nfsclclient *, struct nfsmount *,
  163     struct nfscldeleg *, vnode_t, struct ucred *, NFSPROC_T *, int,
  164     vnode_t *);
  165 static void nfscl_freeopenowner(struct nfsclowner *, int);
  166 static void nfscl_cleandeleg(struct nfscldeleg *);
  167 static int nfscl_trydelegreturn(struct nfscldeleg *, struct ucred *,
  168     struct nfsmount *, NFSPROC_T *);
  169 static void nfscl_emptylockowner(struct nfscllockowner *,
  170     struct nfscllockownerfhhead *);
  171 static void nfscl_mergeflayouts(struct nfsclflayouthead *,
  172     struct nfsclflayouthead *);
  173 static int nfscl_layoutrecall(int, struct nfscllayout *, uint32_t, uint64_t,
  174     uint64_t, uint32_t, uint32_t, uint32_t, char *, struct nfsclrecalllayout *);
  175 static int nfscl_seq(uint32_t, uint32_t);
  176 static void nfscl_layoutreturn(struct nfsmount *, struct nfscllayout *,
  177     struct ucred *, NFSPROC_T *);
  178 static void nfscl_dolayoutcommit(struct nfsmount *, struct nfscllayout *,
  179     struct ucred *, NFSPROC_T *);
  180 
  181 static short nfscberr_null[] = {
  182         0,
  183         0,
  184 };
  185 
  186 static short nfscberr_getattr[] = {
  187         NFSERR_RESOURCE,
  188         NFSERR_BADHANDLE,
  189         NFSERR_BADXDR,
  190         NFSERR_RESOURCE,
  191         NFSERR_SERVERFAULT,
  192         0,
  193 };
  194 
  195 static short nfscberr_recall[] = {
  196         NFSERR_RESOURCE,
  197         NFSERR_BADHANDLE,
  198         NFSERR_BADSTATEID,
  199         NFSERR_BADXDR,
  200         NFSERR_RESOURCE,
  201         NFSERR_SERVERFAULT,
  202         0,
  203 };
  204 
  205 static short *nfscl_cberrmap[] = {
  206         nfscberr_null,
  207         nfscberr_null,
  208         nfscberr_null,
  209         nfscberr_getattr,
  210         nfscberr_recall
  211 };
  212 
  213 #define NETFAMILY(clp) \
  214                 (((clp)->nfsc_flags & NFSCLFLAGS_AFINET6) ? AF_INET6 : AF_INET)
  215 
  216 /*
  217  * Called for an open operation.
  218  * If the nfhp argument is NULL, just get an openowner.
  219  */
  220 int
  221 nfscl_open(vnode_t vp, u_int8_t *nfhp, int fhlen, u_int32_t amode, int usedeleg,
  222     struct ucred *cred, NFSPROC_T *p, struct nfsclowner **owpp,
  223     struct nfsclopen **opp, int *newonep, int *retp, int lockit, bool firstref)
  224 {
  225         struct nfsclclient *clp;
  226         struct nfsclowner *owp, *nowp;
  227         struct nfsclopen *op = NULL, *nop = NULL;
  228         struct nfscldeleg *dp;
  229         struct nfsclownerhead *ohp;
  230         u_int8_t own[NFSV4CL_LOCKNAMELEN];
  231         int ret;
  232 
  233         if (newonep != NULL)
  234                 *newonep = 0;
  235         if (opp != NULL)
  236                 *opp = NULL;
  237         if (owpp != NULL)
  238                 *owpp = NULL;
  239 
  240         /*
  241          * Might need one or both of these, so MALLOC them now, to
  242          * avoid a tsleep() in MALLOC later.
  243          */
  244         nowp = malloc(sizeof (struct nfsclowner),
  245             M_NFSCLOWNER, M_WAITOK);
  246         if (nfhp != NULL) {
  247             nop = malloc(sizeof (struct nfsclopen) +
  248                 fhlen - 1, M_NFSCLOPEN, M_WAITOK);
  249             nop->nfso_hash.le_prev = NULL;
  250         }
  251         ret = nfscl_getcl(vp->v_mount, cred, p, false, firstref, &clp);
  252         if (ret != 0) {
  253                 free(nowp, M_NFSCLOWNER);
  254                 if (nop != NULL)
  255                         free(nop, M_NFSCLOPEN);
  256                 return (ret);
  257         }
  258 
  259         /*
  260          * Get the Open iff it already exists.
  261          * If none found, add the new one or return error, depending upon
  262          * "create".
  263          */
  264         NFSLOCKCLSTATE();
  265         dp = NULL;
  266         /* First check the delegation list */
  267         if (nfhp != NULL && usedeleg) {
  268                 LIST_FOREACH(dp, NFSCLDELEGHASH(clp, nfhp, fhlen), nfsdl_hash) {
  269                         if (dp->nfsdl_fhlen == fhlen &&
  270                             !NFSBCMP(nfhp, dp->nfsdl_fh, fhlen)) {
  271                                 if (!(amode & NFSV4OPEN_ACCESSWRITE) ||
  272                                     (dp->nfsdl_flags & NFSCLDL_WRITE))
  273                                         break;
  274                                 dp = NULL;
  275                                 break;
  276                         }
  277                 }
  278         }
  279 
  280         /* For NFSv4.1/4.2 and this option, use a single open_owner. */
  281         if (NFSHASONEOPENOWN(VFSTONFS(vp->v_mount)))
  282                 nfscl_filllockowner(NULL, own, F_POSIX);
  283         else
  284                 nfscl_filllockowner(p->td_proc, own, F_POSIX);
  285         if (dp != NULL)
  286                 ohp = &dp->nfsdl_owner;
  287         else
  288                 ohp = &clp->nfsc_owner;
  289         /* Now, search for an openowner */
  290         LIST_FOREACH(owp, ohp, nfsow_list) {
  291                 if (!NFSBCMP(owp->nfsow_owner, own, NFSV4CL_LOCKNAMELEN))
  292                         break;
  293         }
  294 
  295         /*
  296          * Create a new open, as required.
  297          */
  298         nfscl_newopen(clp, dp, &owp, &nowp, &op, &nop, own, nfhp, fhlen,
  299             cred, newonep);
  300 
  301         /*
  302          * Now, check the mode on the open and return the appropriate
  303          * value.
  304          */
  305         if (retp != NULL) {
  306                 if (nfhp != NULL && dp != NULL && nop == NULL)
  307                         /* new local open on delegation */
  308                         *retp = NFSCLOPEN_SETCRED;
  309                 else
  310                         *retp = NFSCLOPEN_OK;
  311         }
  312         if (op != NULL && (amode & ~(op->nfso_mode))) {
  313                 op->nfso_mode |= amode;
  314                 if (retp != NULL && dp == NULL)
  315                         *retp = NFSCLOPEN_DOOPEN;
  316         }
  317 
  318         /*
  319          * Serialize modifications to the open owner for multiple threads
  320          * within the same process using a read/write sleep lock.
  321          * For NFSv4.1 and a single OpenOwner, allow concurrent open operations
  322          * by acquiring a shared lock.  The close operations still use an
  323          * exclusive lock for this case.
  324          */
  325         if (lockit != 0) {
  326                 if (NFSHASONEOPENOWN(VFSTONFS(vp->v_mount))) {
  327                         /*
  328                          * Get a shared lock on the OpenOwner, but first
  329                          * wait for any pending exclusive lock, so that the
  330                          * exclusive locker gets priority.
  331                          */
  332                         nfsv4_lock(&owp->nfsow_rwlock, 0, NULL,
  333                             NFSCLSTATEMUTEXPTR, NULL);
  334                         nfsv4_getref(&owp->nfsow_rwlock, NULL,
  335                             NFSCLSTATEMUTEXPTR, NULL);
  336                 } else
  337                         nfscl_lockexcl(&owp->nfsow_rwlock, NFSCLSTATEMUTEXPTR);
  338         }
  339         NFSUNLOCKCLSTATE();
  340         if (nowp != NULL)
  341                 free(nowp, M_NFSCLOWNER);
  342         if (nop != NULL)
  343                 free(nop, M_NFSCLOPEN);
  344         if (owpp != NULL)
  345                 *owpp = owp;
  346         if (opp != NULL)
  347                 *opp = op;
  348         return (0);
  349 }
  350 
  351 /*
  352  * Create a new open, as required.
  353  */
  354 static void
  355 nfscl_newopen(struct nfsclclient *clp, struct nfscldeleg *dp,
  356     struct nfsclowner **owpp, struct nfsclowner **nowpp, struct nfsclopen **opp,
  357     struct nfsclopen **nopp, u_int8_t *own, u_int8_t *fhp, int fhlen,
  358     struct ucred *cred, int *newonep)
  359 {
  360         struct nfsclowner *owp = *owpp, *nowp;
  361         struct nfsclopen *op, *nop;
  362 
  363         if (nowpp != NULL)
  364                 nowp = *nowpp;
  365         else
  366                 nowp = NULL;
  367         if (nopp != NULL)
  368                 nop = *nopp;
  369         else
  370                 nop = NULL;
  371         if (owp == NULL && nowp != NULL) {
  372                 NFSBCOPY(own, nowp->nfsow_owner, NFSV4CL_LOCKNAMELEN);
  373                 LIST_INIT(&nowp->nfsow_open);
  374                 nowp->nfsow_clp = clp;
  375                 nowp->nfsow_seqid = 0;
  376                 nowp->nfsow_defunct = 0;
  377                 nfscl_lockinit(&nowp->nfsow_rwlock);
  378                 if (dp != NULL) {
  379                         nfsstatsv1.cllocalopenowners++;
  380                         LIST_INSERT_HEAD(&dp->nfsdl_owner, nowp, nfsow_list);
  381                 } else {
  382                         nfsstatsv1.clopenowners++;
  383                         LIST_INSERT_HEAD(&clp->nfsc_owner, nowp, nfsow_list);
  384                 }
  385                 owp = *owpp = nowp;
  386                 *nowpp = NULL;
  387                 if (newonep != NULL)
  388                         *newonep = 1;
  389         }
  390 
  391          /* If an fhp has been specified, create an Open as well. */
  392         if (fhp != NULL) {
  393                 /* and look for the correct open, based upon FH */
  394                 LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
  395                         if (op->nfso_fhlen == fhlen &&
  396                             !NFSBCMP(op->nfso_fh, fhp, fhlen))
  397                                 break;
  398                 }
  399                 if (op == NULL && nop != NULL) {
  400                         nop->nfso_own = owp;
  401                         nop->nfso_mode = 0;
  402                         nop->nfso_opencnt = 0;
  403                         nop->nfso_posixlock = 1;
  404                         nop->nfso_fhlen = fhlen;
  405                         NFSBCOPY(fhp, nop->nfso_fh, fhlen);
  406                         LIST_INIT(&nop->nfso_lock);
  407                         nop->nfso_stateid.seqid = 0;
  408                         nop->nfso_stateid.other[0] = 0;
  409                         nop->nfso_stateid.other[1] = 0;
  410                         nop->nfso_stateid.other[2] = 0;
  411                         KASSERT(cred != NULL, ("%s: cred NULL\n", __func__));
  412                         newnfs_copyincred(cred, &nop->nfso_cred);
  413                         if (dp != NULL) {
  414                                 TAILQ_REMOVE(&clp->nfsc_deleg, dp, nfsdl_list);
  415                                 TAILQ_INSERT_HEAD(&clp->nfsc_deleg, dp,
  416                                     nfsdl_list);
  417                                 dp->nfsdl_timestamp = NFSD_MONOSEC + 120;
  418                                 nfsstatsv1.cllocalopens++;
  419                         } else {
  420                                 LIST_INSERT_HEAD(NFSCLOPENHASH(clp, fhp, fhlen),
  421                                     nop, nfso_hash);
  422                                 nfsstatsv1.clopens++;
  423                         }
  424                         LIST_INSERT_HEAD(&owp->nfsow_open, nop, nfso_list);
  425                         *opp = nop;
  426                         *nopp = NULL;
  427                         if (newonep != NULL)
  428                                 *newonep = 1;
  429                 } else {
  430                         *opp = op;
  431                 }
  432         }
  433 }
  434 
  435 /*
  436  * Called to find/add a delegation to a client.
  437  */
  438 int
  439 nfscl_deleg(mount_t mp, struct nfsclclient *clp, u_int8_t *nfhp,
  440     int fhlen, struct ucred *cred, NFSPROC_T *p, struct nfscldeleg **dpp)
  441 {
  442         struct nfscldeleg *dp = *dpp, *tdp;
  443         struct nfsmount *nmp;
  444 
  445         KASSERT(mp != NULL, ("nfscl_deleg: mp NULL"));
  446         nmp = VFSTONFS(mp);
  447         /*
  448          * First, if we have received a Read delegation for a file on a
  449          * read/write file system, just return it, because they aren't
  450          * useful, imho.
  451          */
  452         if (dp != NULL && !NFSMNT_RDONLY(mp) &&
  453             (dp->nfsdl_flags & NFSCLDL_READ)) {
  454                 nfscl_trydelegreturn(dp, cred, nmp, p);
  455                 free(dp, M_NFSCLDELEG);
  456                 *dpp = NULL;
  457                 return (0);
  458         }
  459 
  460         /*
  461          * Since a delegation might be added to the mount,
  462          * set NFSMNTP_DELEGISSUED now.  If a delegation already
  463          * exagain ists, setting this flag is harmless.
  464          */
  465         NFSLOCKMNT(nmp);
  466         nmp->nm_privflag |= NFSMNTP_DELEGISSUED;
  467         NFSUNLOCKMNT(nmp);
  468 
  469         /* Look for the correct deleg, based upon FH */
  470         NFSLOCKCLSTATE();
  471         tdp = nfscl_finddeleg(clp, nfhp, fhlen);
  472         if (tdp == NULL) {
  473                 if (dp == NULL) {
  474                         NFSUNLOCKCLSTATE();
  475                         return (NFSERR_BADSTATEID);
  476                 }
  477                 *dpp = NULL;
  478                 TAILQ_INSERT_HEAD(&clp->nfsc_deleg, dp, nfsdl_list);
  479                 LIST_INSERT_HEAD(NFSCLDELEGHASH(clp, nfhp, fhlen), dp,
  480                     nfsdl_hash);
  481                 dp->nfsdl_timestamp = NFSD_MONOSEC + 120;
  482                 nfsstatsv1.cldelegates++;
  483                 nfscl_delegcnt++;
  484         } else {
  485                 /*
  486                  * Delegation already exists, what do we do if a new one??
  487                  */
  488                 if (dp != NULL) {
  489                         printf("Deleg already exists!\n");
  490                         free(dp, M_NFSCLDELEG);
  491                         *dpp = NULL;
  492                 } else {
  493                         *dpp = tdp;
  494                 }
  495         }
  496         NFSUNLOCKCLSTATE();
  497         return (0);
  498 }
  499 
  500 /*
  501  * Find a delegation for this file handle. Return NULL upon failure.
  502  */
  503 static struct nfscldeleg *
  504 nfscl_finddeleg(struct nfsclclient *clp, u_int8_t *fhp, int fhlen)
  505 {
  506         struct nfscldeleg *dp;
  507 
  508         LIST_FOREACH(dp, NFSCLDELEGHASH(clp, fhp, fhlen), nfsdl_hash) {
  509             if (dp->nfsdl_fhlen == fhlen &&
  510                 !NFSBCMP(dp->nfsdl_fh, fhp, fhlen))
  511                 break;
  512         }
  513         return (dp);
  514 }
  515 
  516 /*
  517  * Get a stateid for an I/O operation. First, look for an open and iff
  518  * found, return either a lockowner stateid or the open stateid.
  519  * If no Open is found, just return error and the special stateid of all zeros.
  520  */
  521 int
  522 nfscl_getstateid(vnode_t vp, u_int8_t *nfhp, int fhlen, u_int32_t mode,
  523     int fords, struct ucred *cred, NFSPROC_T *p, nfsv4stateid_t *stateidp,
  524     void **lckpp)
  525 {
  526         struct nfsclclient *clp;
  527         struct nfsclopen *op = NULL, *top;
  528         struct nfsclopenhash *oph;
  529         struct nfscllockowner *lp;
  530         struct nfscldeleg *dp;
  531         struct nfsnode *np;
  532         struct nfsmount *nmp;
  533         u_int8_t own[NFSV4CL_LOCKNAMELEN], lockown[NFSV4CL_LOCKNAMELEN];
  534         int error;
  535         bool done;
  536 
  537         *lckpp = NULL;
  538         /*
  539          * Initially, just set the special stateid of all zeros.
  540          * (Don't do this for a DS, since the special stateid can't be used.)
  541          */
  542         if (fords == 0) {
  543                 stateidp->seqid = 0;
  544                 stateidp->other[0] = 0;
  545                 stateidp->other[1] = 0;
  546                 stateidp->other[2] = 0;
  547         }
  548         if (vnode_vtype(vp) != VREG)
  549                 return (EISDIR);
  550         np = VTONFS(vp);
  551         nmp = VFSTONFS(vp->v_mount);
  552 
  553         /*
  554          * For "oneopenown" mounts, first check for a cached open in the
  555          * NFS vnode, that can be used as a stateid.  This can only be
  556          * done if no delegations have been issued to the mount and no
  557          * byte range file locking has been done for the file.
  558          */
  559         if (NFSHASNFSV4N(nmp) && NFSHASONEOPENOWN(nmp) && fords == 0) {
  560                 NFSLOCKMNT(nmp);
  561                 NFSLOCKNODE(np);
  562                 if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0 &&
  563                     (np->n_flag & NMIGHTBELOCKED) == 0 &&
  564                     np->n_openstateid != NULL) {
  565                         stateidp->seqid = 0;
  566                         stateidp->other[0] =
  567                             np->n_openstateid->nfso_stateid.other[0];
  568                         stateidp->other[1] =
  569                             np->n_openstateid->nfso_stateid.other[1];
  570                         stateidp->other[2] =
  571                             np->n_openstateid->nfso_stateid.other[2];
  572                         NFSUNLOCKNODE(np);
  573                         NFSUNLOCKMNT(nmp);
  574                         return (0);
  575                 }
  576                 NFSUNLOCKNODE(np);
  577                 NFSUNLOCKMNT(nmp);
  578         }
  579 
  580         NFSLOCKCLSTATE();
  581         clp = nfscl_findcl(nmp);
  582         if (clp == NULL) {
  583                 NFSUNLOCKCLSTATE();
  584                 return (EACCES);
  585         }
  586 
  587         /*
  588          * Wait for recovery to complete.
  589          */
  590         while ((clp->nfsc_flags & NFSCLFLAGS_RECVRINPROG))
  591                 (void) nfsmsleep(&clp->nfsc_flags, NFSCLSTATEMUTEXPTR,
  592                     PZERO, "nfsrecvr", NULL);
  593 
  594         /*
  595          * First, look for a delegation.
  596          */
  597         LIST_FOREACH(dp, NFSCLDELEGHASH(clp, nfhp, fhlen), nfsdl_hash) {
  598                 if (dp->nfsdl_fhlen == fhlen &&
  599                     !NFSBCMP(nfhp, dp->nfsdl_fh, fhlen)) {
  600                         if (!(mode & NFSV4OPEN_ACCESSWRITE) ||
  601                             (dp->nfsdl_flags & NFSCLDL_WRITE)) {
  602                                 if (NFSHASNFSV4N(nmp))
  603                                         stateidp->seqid = 0;
  604                                 else
  605                                         stateidp->seqid =
  606                                             dp->nfsdl_stateid.seqid;
  607                                 stateidp->other[0] = dp->nfsdl_stateid.other[0];
  608                                 stateidp->other[1] = dp->nfsdl_stateid.other[1];
  609                                 stateidp->other[2] = dp->nfsdl_stateid.other[2];
  610                                 if (!(np->n_flag & NDELEGRECALL)) {
  611                                         TAILQ_REMOVE(&clp->nfsc_deleg, dp,
  612                                             nfsdl_list);
  613                                         TAILQ_INSERT_HEAD(&clp->nfsc_deleg, dp,
  614                                             nfsdl_list);
  615                                         dp->nfsdl_timestamp = NFSD_MONOSEC +
  616                                             120;
  617                                         dp->nfsdl_rwlock.nfslock_usecnt++;
  618                                         *lckpp = (void *)&dp->nfsdl_rwlock;
  619                                 }
  620                                 NFSUNLOCKCLSTATE();
  621                                 return (0);
  622                         }
  623                         break;
  624                 }
  625         }
  626 
  627         if (p != NULL) {
  628                 /*
  629                  * If p != NULL, we want to search the parentage tree
  630                  * for a matching OpenOwner and use that.
  631                  */
  632                 if (NFSHASONEOPENOWN(VFSTONFS(vp->v_mount)))
  633                         nfscl_filllockowner(NULL, own, F_POSIX);
  634                 else
  635                         nfscl_filllockowner(p->td_proc, own, F_POSIX);
  636                 nfscl_filllockowner(p->td_proc, lockown, F_POSIX);
  637                 lp = NULL;
  638                 error = nfscl_getopen(NULL, clp->nfsc_openhash, nfhp, fhlen,
  639                     own, lockown, mode, &lp, &op);
  640                 if (error == 0 && lp != NULL && fords == 0) {
  641                         /* Don't return a lock stateid for a DS. */
  642                         if (NFSHASNFSV4N(nmp))
  643                                 stateidp->seqid = 0;
  644                         else
  645                                 stateidp->seqid = lp->nfsl_stateid.seqid;
  646                         stateidp->other[0] =
  647                             lp->nfsl_stateid.other[0];
  648                         stateidp->other[1] =
  649                             lp->nfsl_stateid.other[1];
  650                         stateidp->other[2] =
  651                             lp->nfsl_stateid.other[2];
  652                         NFSUNLOCKCLSTATE();
  653                         return (0);
  654                 }
  655         }
  656         if (op == NULL) {
  657                 /* If not found, just look for any OpenOwner that will work. */
  658                 top = NULL;
  659                 done = false;
  660                 oph = NFSCLOPENHASH(clp, nfhp, fhlen);
  661                 LIST_FOREACH(op, oph, nfso_hash) {
  662                         if (op->nfso_fhlen == fhlen &&
  663                             !NFSBCMP(op->nfso_fh, nfhp, fhlen)) {
  664                                 if (top == NULL && (op->nfso_mode &
  665                                     NFSV4OPEN_ACCESSWRITE) != 0 &&
  666                                     (mode & NFSV4OPEN_ACCESSREAD) != 0)
  667                                         top = op;
  668                                 if ((mode & op->nfso_mode) == mode) {
  669                                         /* LRU order the hash list. */
  670                                         LIST_REMOVE(op, nfso_hash);
  671                                         LIST_INSERT_HEAD(oph, op, nfso_hash);
  672                                         done = true;
  673                                         break;
  674                                 }
  675                         }
  676                 }
  677                 if (!done) {
  678                         NFSCL_DEBUG(2, "openmode top=%p\n", top);
  679                         if (top == NULL || NFSHASOPENMODE(nmp)) {
  680                                 NFSUNLOCKCLSTATE();
  681                                 return (ENOENT);
  682                         } else
  683                                 op = top;
  684                 }
  685                 /*
  686                  * For read aheads or write behinds, use the open cred.
  687                  * A read ahead or write behind is indicated by p == NULL.
  688                  */
  689                 if (p == NULL)
  690                         newnfs_copycred(&op->nfso_cred, cred);
  691         }
  692 
  693         /*
  694          * No lock stateid, so return the open stateid.
  695          */
  696         if (NFSHASNFSV4N(nmp))
  697                 stateidp->seqid = 0;
  698         else
  699                 stateidp->seqid = op->nfso_stateid.seqid;
  700         stateidp->other[0] = op->nfso_stateid.other[0];
  701         stateidp->other[1] = op->nfso_stateid.other[1];
  702         stateidp->other[2] = op->nfso_stateid.other[2];
  703         NFSUNLOCKCLSTATE();
  704         return (0);
  705 }
  706 
  707 /*
  708  * Search for a matching file, mode and, optionally, lockowner.
  709  */
  710 static int
  711 nfscl_getopen(struct nfsclownerhead *ohp, struct nfsclopenhash *ohashp,
  712     u_int8_t *nfhp, int fhlen, u_int8_t *openown, u_int8_t *lockown,
  713     u_int32_t mode, struct nfscllockowner **lpp, struct nfsclopen **opp)
  714 {
  715         struct nfsclowner *owp;
  716         struct nfsclopen *op, *rop, *rop2;
  717         struct nfsclopenhash *oph;
  718         bool keep_looping;
  719 
  720         KASSERT(ohp == NULL || ohashp == NULL, ("nfscl_getopen: "
  721             "only one of ohp and ohashp can be set"));
  722         if (lpp != NULL)
  723                 *lpp = NULL;
  724         /*
  725          * rop will be set to the open to be returned. There are three
  726          * variants of this, all for an open of the correct file:
  727          * 1 - A match of lockown.
  728          * 2 - A match of the openown, when no lockown match exists.
  729          * 3 - A match for any open, if no openown or lockown match exists.
  730          * Looking for #2 over #3 probably isn't necessary, but since
  731          * RFC3530 is vague w.r.t. the relationship between openowners and
  732          * lockowners, I think this is the safer way to go.
  733          */
  734         rop = NULL;
  735         rop2 = NULL;
  736         keep_looping = true;
  737         /* Search the client list */
  738         if (ohashp == NULL) {
  739                 /* Search the local opens on the delegation. */
  740                 LIST_FOREACH(owp, ohp, nfsow_list) {
  741                         /* and look for the correct open */
  742                         LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
  743                                 if (op->nfso_fhlen == fhlen &&
  744                                     !NFSBCMP(op->nfso_fh, nfhp, fhlen)
  745                                     && (op->nfso_mode & mode) == mode)
  746                                         keep_looping = nfscl_checkown(owp, op, openown,
  747                                             lockown, lpp, &rop, &rop2);
  748                                 if (!keep_looping)
  749                                         break;
  750                         }
  751                         if (!keep_looping)
  752                                 break;
  753                 }
  754         } else {
  755                 /* Search for matching opens on the hash list. */
  756                 oph = &ohashp[NFSCLOPENHASHFUNC(nfhp, fhlen)];
  757                 LIST_FOREACH(op, oph, nfso_hash) {
  758                         if (op->nfso_fhlen == fhlen &&
  759                             !NFSBCMP(op->nfso_fh, nfhp, fhlen)
  760                             && (op->nfso_mode & mode) == mode)
  761                                 keep_looping = nfscl_checkown(op->nfso_own, op,
  762                                     openown, lockown, lpp, &rop, &rop2);
  763                         if (!keep_looping) {
  764                                 /* LRU order the hash list. */
  765                                 LIST_REMOVE(op, nfso_hash);
  766                                 LIST_INSERT_HEAD(oph, op, nfso_hash);
  767                                 break;
  768                         }
  769                 }
  770         }
  771         if (rop == NULL)
  772                 rop = rop2;
  773         if (rop == NULL)
  774                 return (EBADF);
  775         *opp = rop;
  776         return (0);
  777 }
  778 
  779 /* Check for an owner match. */
  780 static bool
  781 nfscl_checkown(struct nfsclowner *owp, struct nfsclopen *op, uint8_t *openown,
  782     uint8_t *lockown, struct nfscllockowner **lpp, struct nfsclopen **ropp,
  783     struct nfsclopen **ropp2)
  784 {
  785         struct nfscllockowner *lp;
  786         bool keep_looping;
  787 
  788         keep_looping = true;
  789         if (lpp != NULL) {
  790                 /* Now look for a matching lockowner. */
  791                 LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
  792                         if (!NFSBCMP(lp->nfsl_owner, lockown,
  793                             NFSV4CL_LOCKNAMELEN)) {
  794                                 *lpp = lp;
  795                                 *ropp = op;
  796                                 return (false);
  797                         }
  798                 }
  799         }
  800         if (*ropp == NULL && !NFSBCMP(owp->nfsow_owner, openown,
  801             NFSV4CL_LOCKNAMELEN)) {
  802                 *ropp = op;
  803                 if (lpp == NULL)
  804                         keep_looping = false;
  805         }
  806         if (*ropp2 == NULL)
  807                 *ropp2 = op;
  808         return (keep_looping);
  809 }
  810 
  811 /*
  812  * Release use of an open owner. Called when open operations are done
  813  * with the open owner.
  814  */
  815 void
  816 nfscl_ownerrelease(struct nfsmount *nmp, struct nfsclowner *owp,
  817     __unused int error, __unused int candelete, int unlocked)
  818 {
  819 
  820         if (owp == NULL)
  821                 return;
  822         NFSLOCKCLSTATE();
  823         if (unlocked == 0) {
  824                 if (NFSHASONEOPENOWN(nmp))
  825                         nfsv4_relref(&owp->nfsow_rwlock);
  826                 else
  827                         nfscl_lockunlock(&owp->nfsow_rwlock);
  828         }
  829         nfscl_clrelease(owp->nfsow_clp);
  830         NFSUNLOCKCLSTATE();
  831 }
  832 
  833 /*
  834  * Release use of an open structure under an open owner.
  835  */
  836 void
  837 nfscl_openrelease(struct nfsmount *nmp, struct nfsclopen *op, int error,
  838     int candelete)
  839 {
  840         struct nfsclclient *clp;
  841         struct nfsclowner *owp;
  842 
  843         if (op == NULL)
  844                 return;
  845         NFSLOCKCLSTATE();
  846         owp = op->nfso_own;
  847         if (NFSHASONEOPENOWN(nmp))
  848                 nfsv4_relref(&owp->nfsow_rwlock);
  849         else
  850                 nfscl_lockunlock(&owp->nfsow_rwlock);
  851         clp = owp->nfsow_clp;
  852         if (error && candelete && op->nfso_opencnt == 0)
  853                 nfscl_freeopen(op, 0, true);
  854         nfscl_clrelease(clp);
  855         NFSUNLOCKCLSTATE();
  856 }
  857 
  858 /*
  859  * Called to get a clientid structure. It will optionally lock the
  860  * client data structures to do the SetClientId/SetClientId_confirm,
  861  * but will release that lock and return the clientid with a reference
  862  * count on it.
  863  * If the "cred" argument is NULL, a new clientid should not be created.
  864  * If the "p" argument is NULL, a SetClientID/SetClientIDConfirm cannot
  865  * be done.
  866  * It always clpp with a reference count on it, unless returning an error.
  867  */
  868 int
  869 nfscl_getcl(struct mount *mp, struct ucred *cred, NFSPROC_T *p,
  870     bool tryminvers, bool firstref, struct nfsclclient **clpp)
  871 {
  872         struct nfsclclient *clp;
  873         struct nfsclclient *newclp = NULL;
  874         struct nfsmount *nmp;
  875         char uuid[HOSTUUIDLEN];
  876         int igotlock = 0, error, trystalecnt, clidinusedelay, i;
  877         u_int16_t idlen = 0;
  878 
  879         nmp = VFSTONFS(mp);
  880         if (cred != NULL) {
  881                 getcredhostuuid(cred, uuid, sizeof uuid);
  882                 idlen = strlen(uuid);
  883                 if (idlen > 0)
  884                         idlen += sizeof (u_int64_t);
  885                 else
  886                         idlen += sizeof (u_int64_t) + 16; /* 16 random bytes */
  887                 newclp = malloc(
  888                     sizeof (struct nfsclclient) + idlen - 1, M_NFSCLCLIENT,
  889                     M_WAITOK | M_ZERO);
  890         }
  891         NFSLOCKCLSTATE();
  892         /*
  893          * If a forced dismount is already in progress, don't
  894          * allocate a new clientid and get out now. For the case where
  895          * clp != NULL, this is a harmless optimization.
  896          */
  897         if (NFSCL_FORCEDISM(mp)) {
  898                 NFSUNLOCKCLSTATE();
  899                 if (newclp != NULL)
  900                         free(newclp, M_NFSCLCLIENT);
  901                 return (EBADF);
  902         }
  903         clp = nmp->nm_clp;
  904         if (clp == NULL) {
  905                 if (newclp == NULL) {
  906                         NFSUNLOCKCLSTATE();
  907                         return (EACCES);
  908                 }
  909                 clp = newclp;
  910                 clp->nfsc_idlen = idlen;
  911                 LIST_INIT(&clp->nfsc_owner);
  912                 TAILQ_INIT(&clp->nfsc_deleg);
  913                 TAILQ_INIT(&clp->nfsc_layout);
  914                 LIST_INIT(&clp->nfsc_devinfo);
  915                 for (i = 0; i < NFSCLDELEGHASHSIZE; i++)
  916                         LIST_INIT(&clp->nfsc_deleghash[i]);
  917                 for (i = 0; i < NFSCLOPENHASHSIZE; i++)
  918                         LIST_INIT(&clp->nfsc_openhash[i]);
  919                 for (i = 0; i < NFSCLLAYOUTHASHSIZE; i++)
  920                         LIST_INIT(&clp->nfsc_layouthash[i]);
  921                 clp->nfsc_flags = NFSCLFLAGS_INITED;
  922                 clp->nfsc_clientidrev = 1;
  923                 clp->nfsc_cbident = nfscl_nextcbident();
  924                 nfscl_fillclid(nmp->nm_clval, uuid, clp->nfsc_id,
  925                     clp->nfsc_idlen);
  926                 LIST_INSERT_HEAD(&nfsclhead, clp, nfsc_list);
  927                 nmp->nm_clp = clp;
  928                 clp->nfsc_nmp = nmp;
  929         } else {
  930                 if (newclp != NULL)
  931                         free(newclp, M_NFSCLCLIENT);
  932         }
  933         while ((clp->nfsc_flags & NFSCLFLAGS_HASCLIENTID) == 0 && !igotlock &&
  934             !NFSCL_FORCEDISM(mp))
  935                 igotlock = nfsv4_lock(&clp->nfsc_lock, 1, NULL,
  936                     NFSCLSTATEMUTEXPTR, mp);
  937         if (igotlock == 0) {
  938                 /*
  939                  * Call nfsv4_lock() with "iwantlock == 0" on the firstref so
  940                  * that it will wait for a pending exclusive lock request.
  941                  * This gives the exclusive lock request priority over this
  942                  * shared lock request.
  943                  * An exclusive lock on nfsc_lock is used mainly for server
  944                  * crash recoveries and delegation recalls.
  945                  */
  946                 if (firstref)
  947                         nfsv4_lock(&clp->nfsc_lock, 0, NULL, NFSCLSTATEMUTEXPTR,
  948                             mp);
  949                 nfsv4_getref(&clp->nfsc_lock, NULL, NFSCLSTATEMUTEXPTR, mp);
  950         }
  951         if (igotlock == 0 && NFSCL_FORCEDISM(mp)) {
  952                 /*
  953                  * Both nfsv4_lock() and nfsv4_getref() know to check
  954                  * for NFSCL_FORCEDISM() and return without sleeping to
  955                  * wait for the exclusive lock to be released, since it
  956                  * might be held by nfscl_umount() and we need to get out
  957                  * now for that case and not wait until nfscl_umount()
  958                  * releases it.
  959                  */
  960                 NFSUNLOCKCLSTATE();
  961                 return (EBADF);
  962         }
  963         NFSUNLOCKCLSTATE();
  964 
  965         /*
  966          * If it needs a clientid, do the setclientid now.
  967          */
  968         if ((clp->nfsc_flags & NFSCLFLAGS_HASCLIENTID) == 0) {
  969                 if (!igotlock)
  970                         panic("nfscl_clget");
  971                 if (p == NULL || cred == NULL) {
  972                         NFSLOCKCLSTATE();
  973                         nfsv4_unlock(&clp->nfsc_lock, 0);
  974                         NFSUNLOCKCLSTATE();
  975                         return (EACCES);
  976                 }
  977                 /*
  978                  * If RFC3530 Sec. 14.2.33 is taken literally,
  979                  * NFSERR_CLIDINUSE will be returned persistently for the
  980                  * case where a new mount of the same file system is using
  981                  * a different principal. In practice, NFSERR_CLIDINUSE is
  982                  * only returned when there is outstanding unexpired state
  983                  * on the clientid. As such, try for twice the lease
  984                  * interval, if we know what that is. Otherwise, make a
  985                  * wild ass guess.
  986                  * The case of returning NFSERR_STALECLIENTID is far less
  987                  * likely, but might occur if there is a significant delay
  988                  * between doing the SetClientID and SetClientIDConfirm Ops,
  989                  * such that the server throws away the clientid before
  990                  * receiving the SetClientIDConfirm.
  991                  */
  992                 if (clp->nfsc_renew > 0)
  993                         clidinusedelay = NFSCL_LEASE(clp->nfsc_renew) * 2;
  994                 else
  995                         clidinusedelay = 120;
  996                 trystalecnt = 3;
  997                 do {
  998                         error = nfsrpc_setclient(nmp, clp, 0, NULL, cred, p);
  999                         if (error == NFSERR_STALECLIENTID ||
 1000                             error == NFSERR_STALEDONTRECOVER ||
 1001                             error == NFSERR_BADSESSION ||
 1002                             error == NFSERR_CLIDINUSE) {
 1003                                 (void) nfs_catnap(PZERO, error, "nfs_setcl");
 1004                         } else if (error == NFSERR_MINORVERMISMATCH &&
 1005                             tryminvers) {
 1006                                 if (nmp->nm_minorvers > 0)
 1007                                         nmp->nm_minorvers--;
 1008                                 else
 1009                                         tryminvers = false;
 1010                         }
 1011                 } while (((error == NFSERR_STALECLIENTID ||
 1012                      error == NFSERR_BADSESSION ||
 1013                      error == NFSERR_STALEDONTRECOVER) && --trystalecnt > 0) ||
 1014                     (error == NFSERR_CLIDINUSE && --clidinusedelay > 0) ||
 1015                     (error == NFSERR_MINORVERMISMATCH && tryminvers));
 1016                 if (error) {
 1017                         NFSLOCKCLSTATE();
 1018                         nfsv4_unlock(&clp->nfsc_lock, 0);
 1019                         NFSUNLOCKCLSTATE();
 1020                         return (error);
 1021                 }
 1022                 clp->nfsc_flags |= NFSCLFLAGS_HASCLIENTID;
 1023         }
 1024         if (igotlock) {
 1025                 NFSLOCKCLSTATE();
 1026                 nfsv4_unlock(&clp->nfsc_lock, 1);
 1027                 NFSUNLOCKCLSTATE();
 1028         }
 1029 
 1030         *clpp = clp;
 1031         return (0);
 1032 }
 1033 
 1034 /*
 1035  * Get a reference to a clientid and return it, if valid.
 1036  */
 1037 struct nfsclclient *
 1038 nfscl_findcl(struct nfsmount *nmp)
 1039 {
 1040         struct nfsclclient *clp;
 1041 
 1042         clp = nmp->nm_clp;
 1043         if (clp == NULL || !(clp->nfsc_flags & NFSCLFLAGS_HASCLIENTID))
 1044                 return (NULL);
 1045         return (clp);
 1046 }
 1047 
 1048 /*
 1049  * Release the clientid structure. It may be locked or reference counted.
 1050  */
 1051 static void
 1052 nfscl_clrelease(struct nfsclclient *clp)
 1053 {
 1054 
 1055         if (clp->nfsc_lock.nfslock_lock & NFSV4LOCK_LOCK)
 1056                 nfsv4_unlock(&clp->nfsc_lock, 0);
 1057         else
 1058                 nfsv4_relref(&clp->nfsc_lock);
 1059 }
 1060 
 1061 /*
 1062  * External call for nfscl_clrelease.
 1063  */
 1064 void
 1065 nfscl_clientrelease(struct nfsclclient *clp)
 1066 {
 1067 
 1068         NFSLOCKCLSTATE();
 1069         if (clp->nfsc_lock.nfslock_lock & NFSV4LOCK_LOCK)
 1070                 nfsv4_unlock(&clp->nfsc_lock, 0);
 1071         else
 1072                 nfsv4_relref(&clp->nfsc_lock);
 1073         NFSUNLOCKCLSTATE();
 1074 }
 1075 
 1076 /*
 1077  * Called when wanting to lock a byte region.
 1078  */
 1079 int
 1080 nfscl_getbytelock(vnode_t vp, u_int64_t off, u_int64_t len,
 1081     short type, struct ucred *cred, NFSPROC_T *p, struct nfsclclient *rclp,
 1082     int recovery, void *id, int flags, u_int8_t *rownp, u_int8_t *ropenownp,
 1083     struct nfscllockowner **lpp, int *newonep, int *donelocallyp)
 1084 {
 1085         struct nfscllockowner *lp;
 1086         struct nfsclopen *op;
 1087         struct nfsclclient *clp;
 1088         struct nfscllockowner *nlp;
 1089         struct nfscllock *nlop, *otherlop;
 1090         struct nfscldeleg *dp = NULL, *ldp = NULL;
 1091         struct nfscllockownerhead *lhp = NULL;
 1092         struct nfsnode *np;
 1093         u_int8_t own[NFSV4CL_LOCKNAMELEN], *ownp, openown[NFSV4CL_LOCKNAMELEN];
 1094         u_int8_t *openownp;
 1095         int error = 0, ret, donelocally = 0;
 1096         u_int32_t mode;
 1097 
 1098         /* For Lock Ops, the open mode doesn't matter, so use 0 to match any. */
 1099         mode = 0;
 1100         np = VTONFS(vp);
 1101         *lpp = NULL;
 1102         lp = NULL;
 1103         *newonep = 0;
 1104         *donelocallyp = 0;
 1105 
 1106         /*
 1107          * Might need these, so MALLOC them now, to
 1108          * avoid a tsleep() in MALLOC later.
 1109          */
 1110         nlp = malloc(
 1111             sizeof (struct nfscllockowner), M_NFSCLLOCKOWNER, M_WAITOK);
 1112         otherlop = malloc(
 1113             sizeof (struct nfscllock), M_NFSCLLOCK, M_WAITOK);
 1114         nlop = malloc(
 1115             sizeof (struct nfscllock), M_NFSCLLOCK, M_WAITOK);
 1116         nlop->nfslo_type = type;
 1117         nlop->nfslo_first = off;
 1118         if (len == NFS64BITSSET) {
 1119                 nlop->nfslo_end = NFS64BITSSET;
 1120         } else {
 1121                 nlop->nfslo_end = off + len;
 1122                 if (nlop->nfslo_end <= nlop->nfslo_first)
 1123                         error = NFSERR_INVAL;
 1124         }
 1125 
 1126         if (!error) {
 1127                 if (recovery)
 1128                         clp = rclp;
 1129                 else
 1130                         error = nfscl_getcl(vp->v_mount, cred, p, false, true,
 1131                             &clp);
 1132         }
 1133         if (error) {
 1134                 free(nlp, M_NFSCLLOCKOWNER);
 1135                 free(otherlop, M_NFSCLLOCK);
 1136                 free(nlop, M_NFSCLLOCK);
 1137                 return (error);
 1138         }
 1139 
 1140         op = NULL;
 1141         if (recovery) {
 1142                 ownp = rownp;
 1143                 openownp = ropenownp;
 1144         } else {
 1145                 nfscl_filllockowner(id, own, flags);
 1146                 ownp = own;
 1147                 if (NFSHASONEOPENOWN(VFSTONFS(vp->v_mount)))
 1148                         nfscl_filllockowner(NULL, openown, F_POSIX);
 1149                 else
 1150                         nfscl_filllockowner(p->td_proc, openown, F_POSIX);
 1151                 openownp = openown;
 1152         }
 1153         if (!recovery) {
 1154                 NFSLOCKCLSTATE();
 1155                 /*
 1156                  * First, search for a delegation. If one exists for this file,
 1157                  * the lock can be done locally against it, so long as there
 1158                  * isn't a local lock conflict.
 1159                  */
 1160                 ldp = dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh,
 1161                     np->n_fhp->nfh_len);
 1162                 /* Just sanity check for correct type of delegation */
 1163                 if (dp != NULL && ((dp->nfsdl_flags &
 1164                     (NFSCLDL_RECALL | NFSCLDL_DELEGRET)) != 0 ||
 1165                      (type == F_WRLCK &&
 1166                       (dp->nfsdl_flags & NFSCLDL_WRITE) == 0)))
 1167                         dp = NULL;
 1168         }
 1169         if (dp != NULL) {
 1170                 /* Now, find an open and maybe a lockowner. */
 1171                 ret = nfscl_getopen(&dp->nfsdl_owner, NULL, np->n_fhp->nfh_fh,
 1172                     np->n_fhp->nfh_len, openownp, ownp, mode, NULL, &op);
 1173                 if (ret)
 1174                         ret = nfscl_getopen(NULL, clp->nfsc_openhash,
 1175                             np->n_fhp->nfh_fh, np->n_fhp->nfh_len, openownp,
 1176                             ownp, mode, NULL, &op);
 1177                 if (!ret) {
 1178                         lhp = &dp->nfsdl_lock;
 1179                         TAILQ_REMOVE(&clp->nfsc_deleg, dp, nfsdl_list);
 1180                         TAILQ_INSERT_HEAD(&clp->nfsc_deleg, dp, nfsdl_list);
 1181                         dp->nfsdl_timestamp = NFSD_MONOSEC + 120;
 1182                         donelocally = 1;
 1183                 } else {
 1184                         dp = NULL;
 1185                 }
 1186         }
 1187         if (!donelocally) {
 1188                 /*
 1189                  * Get the related Open and maybe lockowner.
 1190                  */
 1191                 error = nfscl_getopen(NULL, clp->nfsc_openhash,
 1192                     np->n_fhp->nfh_fh, np->n_fhp->nfh_len, openownp,
 1193                     ownp, mode, &lp, &op);
 1194                 if (!error)
 1195                         lhp = &op->nfso_lock;
 1196         }
 1197         if (!error && !recovery)
 1198                 error = nfscl_localconflict(clp, np->n_fhp->nfh_fh,
 1199                     np->n_fhp->nfh_len, nlop, ownp, ldp, NULL);
 1200         if (error) {
 1201                 if (!recovery) {
 1202                         nfscl_clrelease(clp);
 1203                         NFSUNLOCKCLSTATE();
 1204                 }
 1205                 free(nlp, M_NFSCLLOCKOWNER);
 1206                 free(otherlop, M_NFSCLLOCK);
 1207                 free(nlop, M_NFSCLLOCK);
 1208                 return (error);
 1209         }
 1210 
 1211         /*
 1212          * Ok, see if a lockowner exists and create one, as required.
 1213          */
 1214         if (lp == NULL)
 1215                 LIST_FOREACH(lp, lhp, nfsl_list) {
 1216                         if (!NFSBCMP(lp->nfsl_owner, ownp, NFSV4CL_LOCKNAMELEN))
 1217                                 break;
 1218                 }
 1219         if (lp == NULL) {
 1220                 NFSBCOPY(ownp, nlp->nfsl_owner, NFSV4CL_LOCKNAMELEN);
 1221                 if (recovery)
 1222                         NFSBCOPY(ropenownp, nlp->nfsl_openowner,
 1223                             NFSV4CL_LOCKNAMELEN);
 1224                 else
 1225                         NFSBCOPY(op->nfso_own->nfsow_owner, nlp->nfsl_openowner,
 1226                             NFSV4CL_LOCKNAMELEN);
 1227                 nlp->nfsl_seqid = 0;
 1228                 nlp->nfsl_lockflags = flags;
 1229                 nlp->nfsl_inprog = NULL;
 1230                 nfscl_lockinit(&nlp->nfsl_rwlock);
 1231                 LIST_INIT(&nlp->nfsl_lock);
 1232                 if (donelocally) {
 1233                         nlp->nfsl_open = NULL;
 1234                         nfsstatsv1.cllocallockowners++;
 1235                 } else {
 1236                         nlp->nfsl_open = op;
 1237                         nfsstatsv1.cllockowners++;
 1238                 }
 1239                 LIST_INSERT_HEAD(lhp, nlp, nfsl_list);
 1240                 lp = nlp;
 1241                 nlp = NULL;
 1242                 *newonep = 1;
 1243         }
 1244 
 1245         /*
 1246          * Now, update the byte ranges for locks.
 1247          */
 1248         ret = nfscl_updatelock(lp, &nlop, &otherlop, donelocally);
 1249         if (!ret)
 1250                 donelocally = 1;
 1251         if (donelocally) {
 1252                 *donelocallyp = 1;
 1253                 if (!recovery)
 1254                         nfscl_clrelease(clp);
 1255         } else {
 1256                 /*
 1257                  * Serial modifications on the lock owner for multiple threads
 1258                  * for the same process using a read/write lock.
 1259                  */
 1260                 if (!recovery)
 1261                         nfscl_lockexcl(&lp->nfsl_rwlock, NFSCLSTATEMUTEXPTR);
 1262         }
 1263         if (!recovery)
 1264                 NFSUNLOCKCLSTATE();
 1265 
 1266         if (nlp)
 1267                 free(nlp, M_NFSCLLOCKOWNER);
 1268         if (nlop)
 1269                 free(nlop, M_NFSCLLOCK);
 1270         if (otherlop)
 1271                 free(otherlop, M_NFSCLLOCK);
 1272 
 1273         *lpp = lp;
 1274         return (0);
 1275 }
 1276 
 1277 /*
 1278  * Called to unlock a byte range, for LockU.
 1279  */
 1280 int
 1281 nfscl_relbytelock(vnode_t vp, u_int64_t off, u_int64_t len,
 1282     __unused struct ucred *cred, NFSPROC_T *p, int callcnt,
 1283     struct nfsclclient *clp, void *id, int flags,
 1284     struct nfscllockowner **lpp, int *dorpcp)
 1285 {
 1286         struct nfscllockowner *lp;
 1287         struct nfsclopen *op;
 1288         struct nfscllock *nlop, *other_lop = NULL;
 1289         struct nfscldeleg *dp;
 1290         struct nfsnode *np;
 1291         u_int8_t own[NFSV4CL_LOCKNAMELEN];
 1292         int ret = 0, fnd;
 1293 
 1294         np = VTONFS(vp);
 1295         *lpp = NULL;
 1296         *dorpcp = 0;
 1297 
 1298         /*
 1299          * Might need these, so MALLOC them now, to
 1300          * avoid a tsleep() in MALLOC later.
 1301          */
 1302         nlop = malloc(
 1303             sizeof (struct nfscllock), M_NFSCLLOCK, M_WAITOK);
 1304         nlop->nfslo_type = F_UNLCK;
 1305         nlop->nfslo_first = off;
 1306         if (len == NFS64BITSSET) {
 1307                 nlop->nfslo_end = NFS64BITSSET;
 1308         } else {
 1309                 nlop->nfslo_end = off + len;
 1310                 if (nlop->nfslo_end <= nlop->nfslo_first) {
 1311                         free(nlop, M_NFSCLLOCK);
 1312                         return (NFSERR_INVAL);
 1313                 }
 1314         }
 1315         if (callcnt == 0) {
 1316                 other_lop = malloc(
 1317                     sizeof (struct nfscllock), M_NFSCLLOCK, M_WAITOK);
 1318                 *other_lop = *nlop;
 1319         }
 1320         nfscl_filllockowner(id, own, flags);
 1321         dp = NULL;
 1322         NFSLOCKCLSTATE();
 1323         if (callcnt == 0)
 1324                 dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh,
 1325                     np->n_fhp->nfh_len);
 1326 
 1327         /*
 1328          * First, unlock any local regions on a delegation.
 1329          */
 1330         if (dp != NULL) {
 1331                 /* Look for this lockowner. */
 1332                 LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 1333                         if (!NFSBCMP(lp->nfsl_owner, own,
 1334                             NFSV4CL_LOCKNAMELEN))
 1335                                 break;
 1336                 }
 1337                 if (lp != NULL)
 1338                         /* Use other_lop, so nlop is still available */
 1339                         (void)nfscl_updatelock(lp, &other_lop, NULL, 1);
 1340         }
 1341 
 1342         /*
 1343          * Now, find a matching open/lockowner that hasn't already been done,
 1344          * as marked by nfsl_inprog.
 1345          */
 1346         lp = NULL;
 1347         fnd = 0;
 1348         LIST_FOREACH(op, NFSCLOPENHASH(clp, np->n_fhp->nfh_fh,
 1349             np->n_fhp->nfh_len), nfso_hash) {
 1350                 if (op->nfso_fhlen == np->n_fhp->nfh_len &&
 1351                     !NFSBCMP(op->nfso_fh, np->n_fhp->nfh_fh, op->nfso_fhlen)) {
 1352                         LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
 1353                                 if (lp->nfsl_inprog == NULL &&
 1354                                     !NFSBCMP(lp->nfsl_owner, own,
 1355                                      NFSV4CL_LOCKNAMELEN)) {
 1356                                         fnd = 1;
 1357                                         break;
 1358                                 }
 1359                         }
 1360                 }
 1361                 if (fnd)
 1362                         break;
 1363         }
 1364 
 1365         if (lp != NULL) {
 1366                 ret = nfscl_updatelock(lp, &nlop, NULL, 0);
 1367                 if (ret)
 1368                         *dorpcp = 1;
 1369                 /*
 1370                  * Serial modifications on the lock owner for multiple
 1371                  * threads for the same process using a read/write lock.
 1372                  */
 1373                 lp->nfsl_inprog = p;
 1374                 nfscl_lockexcl(&lp->nfsl_rwlock, NFSCLSTATEMUTEXPTR);
 1375                 *lpp = lp;
 1376         }
 1377         NFSUNLOCKCLSTATE();
 1378         if (nlop)
 1379                 free(nlop, M_NFSCLLOCK);
 1380         if (other_lop)
 1381                 free(other_lop, M_NFSCLLOCK);
 1382         return (0);
 1383 }
 1384 
 1385 /*
 1386  * Release all lockowners marked in progess for this process and file.
 1387  */
 1388 void
 1389 nfscl_releasealllocks(struct nfsclclient *clp, vnode_t vp, NFSPROC_T *p,
 1390     void *id, int flags)
 1391 {
 1392         struct nfsclopen *op;
 1393         struct nfscllockowner *lp;
 1394         struct nfsnode *np;
 1395         u_int8_t own[NFSV4CL_LOCKNAMELEN];
 1396 
 1397         np = VTONFS(vp);
 1398         nfscl_filllockowner(id, own, flags);
 1399         NFSLOCKCLSTATE();
 1400         LIST_FOREACH(op, NFSCLOPENHASH(clp, np->n_fhp->nfh_fh,
 1401             np->n_fhp->nfh_len), nfso_hash) {
 1402                 if (op->nfso_fhlen == np->n_fhp->nfh_len &&
 1403                     !NFSBCMP(op->nfso_fh, np->n_fhp->nfh_fh, op->nfso_fhlen)) {
 1404                         LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
 1405                                 if (lp->nfsl_inprog == p &&
 1406                                     !NFSBCMP(lp->nfsl_owner, own,
 1407                                     NFSV4CL_LOCKNAMELEN)) {
 1408                                         lp->nfsl_inprog = NULL;
 1409                                         nfscl_lockunlock(&lp->nfsl_rwlock);
 1410                                 }
 1411                         }
 1412                 }
 1413         }
 1414         nfscl_clrelease(clp);
 1415         NFSUNLOCKCLSTATE();
 1416 }
 1417 
 1418 /*
 1419  * Called to find out if any bytes within the byte range specified are
 1420  * write locked by the calling process. Used to determine if flushing
 1421  * is required before a LockU.
 1422  * If in doubt, return 1, so the flush will occur.
 1423  */
 1424 int
 1425 nfscl_checkwritelocked(vnode_t vp, struct flock *fl,
 1426     struct ucred *cred, NFSPROC_T *p, void *id, int flags)
 1427 {
 1428         struct nfscllockowner *lp;
 1429         struct nfsclopen *op;
 1430         struct nfsclclient *clp;
 1431         struct nfscllock *lop;
 1432         struct nfscldeleg *dp;
 1433         struct nfsnode *np;
 1434         u_int64_t off, end;
 1435         u_int8_t own[NFSV4CL_LOCKNAMELEN];
 1436         int error = 0;
 1437 
 1438         np = VTONFS(vp);
 1439         switch (fl->l_whence) {
 1440         case SEEK_SET:
 1441         case SEEK_CUR:
 1442                 /*
 1443                  * Caller is responsible for adding any necessary offset
 1444                  * when SEEK_CUR is used.
 1445                  */
 1446                 off = fl->l_start;
 1447                 break;
 1448         case SEEK_END:
 1449                 off = np->n_size + fl->l_start;
 1450                 break;
 1451         default:
 1452                 return (1);
 1453         }
 1454         if (fl->l_len != 0) {
 1455                 end = off + fl->l_len;
 1456                 if (end < off)
 1457                         return (1);
 1458         } else {
 1459                 end = NFS64BITSSET;
 1460         }
 1461 
 1462         error = nfscl_getcl(vp->v_mount, cred, p, false, true, &clp);
 1463         if (error)
 1464                 return (1);
 1465         nfscl_filllockowner(id, own, flags);
 1466         NFSLOCKCLSTATE();
 1467 
 1468         /*
 1469          * First check the delegation locks.
 1470          */
 1471         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 1472         if (dp != NULL) {
 1473                 LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 1474                         if (!NFSBCMP(lp->nfsl_owner, own,
 1475                             NFSV4CL_LOCKNAMELEN))
 1476                                 break;
 1477                 }
 1478                 if (lp != NULL) {
 1479                         LIST_FOREACH(lop, &lp->nfsl_lock, nfslo_list) {
 1480                                 if (lop->nfslo_first >= end)
 1481                                         break;
 1482                                 if (lop->nfslo_end <= off)
 1483                                         continue;
 1484                                 if (lop->nfslo_type == F_WRLCK) {
 1485                                         nfscl_clrelease(clp);
 1486                                         NFSUNLOCKCLSTATE();
 1487                                         return (1);
 1488                                 }
 1489                         }
 1490                 }
 1491         }
 1492 
 1493         /*
 1494          * Now, check state against the server.
 1495          */
 1496         LIST_FOREACH(op, NFSCLOPENHASH(clp, np->n_fhp->nfh_fh,
 1497             np->n_fhp->nfh_len), nfso_hash) {
 1498                 if (op->nfso_fhlen == np->n_fhp->nfh_len &&
 1499                     !NFSBCMP(op->nfso_fh, np->n_fhp->nfh_fh, op->nfso_fhlen)) {
 1500                         LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
 1501                                 if (!NFSBCMP(lp->nfsl_owner, own,
 1502                                     NFSV4CL_LOCKNAMELEN))
 1503                                         break;
 1504                         }
 1505                         if (lp != NULL) {
 1506                                 LIST_FOREACH(lop, &lp->nfsl_lock, nfslo_list) {
 1507                                         if (lop->nfslo_first >= end)
 1508                                                 break;
 1509                                         if (lop->nfslo_end <= off)
 1510                                                 continue;
 1511                                         if (lop->nfslo_type == F_WRLCK) {
 1512                                                 nfscl_clrelease(clp);
 1513                                                 NFSUNLOCKCLSTATE();
 1514                                                 return (1);
 1515                                         }
 1516                                 }
 1517                         }
 1518                 }
 1519         }
 1520         nfscl_clrelease(clp);
 1521         NFSUNLOCKCLSTATE();
 1522         return (0);
 1523 }
 1524 
 1525 /*
 1526  * Release a byte range lock owner structure.
 1527  */
 1528 void
 1529 nfscl_lockrelease(struct nfscllockowner *lp, int error, int candelete)
 1530 {
 1531         struct nfsclclient *clp;
 1532 
 1533         if (lp == NULL)
 1534                 return;
 1535         NFSLOCKCLSTATE();
 1536         clp = lp->nfsl_open->nfso_own->nfsow_clp;
 1537         if (error != 0 && candelete &&
 1538             (lp->nfsl_rwlock.nfslock_lock & NFSV4LOCK_WANTED) == 0)
 1539                 nfscl_freelockowner(lp, 0);
 1540         else
 1541                 nfscl_lockunlock(&lp->nfsl_rwlock);
 1542         nfscl_clrelease(clp);
 1543         NFSUNLOCKCLSTATE();
 1544 }
 1545 
 1546 /*
 1547  * Unlink the open structure.
 1548  */
 1549 static void
 1550 nfscl_unlinkopen(struct nfsclopen *op)
 1551 {
 1552 
 1553         LIST_REMOVE(op, nfso_list);
 1554         if (op->nfso_hash.le_prev != NULL)
 1555                 LIST_REMOVE(op, nfso_hash);
 1556 }
 1557 
 1558 /*
 1559  * Free up an open structure and any associated byte range lock structures.
 1560  */
 1561 void
 1562 nfscl_freeopen(struct nfsclopen *op, int local, bool unlink)
 1563 {
 1564 
 1565         if (unlink)
 1566                 nfscl_unlinkopen(op);
 1567         nfscl_freealllocks(&op->nfso_lock, local);
 1568         free(op, M_NFSCLOPEN);
 1569         if (local)
 1570                 nfsstatsv1.cllocalopens--;
 1571         else
 1572                 nfsstatsv1.clopens--;
 1573 }
 1574 
 1575 /*
 1576  * Free up all lock owners and associated locks.
 1577  */
 1578 static void
 1579 nfscl_freealllocks(struct nfscllockownerhead *lhp, int local)
 1580 {
 1581         struct nfscllockowner *lp, *nlp;
 1582 
 1583         LIST_FOREACH_SAFE(lp, lhp, nfsl_list, nlp) {
 1584                 if ((lp->nfsl_rwlock.nfslock_lock & NFSV4LOCK_WANTED))
 1585                         panic("nfscllckw");
 1586                 nfscl_freelockowner(lp, local);
 1587         }
 1588 }
 1589 
 1590 /*
 1591  * Called for an Open when NFSERR_EXPIRED is received from the server.
 1592  * If there are no byte range locks nor a Share Deny lost, try to do a
 1593  * fresh Open. Otherwise, free the open.
 1594  */
 1595 static int
 1596 nfscl_expireopen(struct nfsclclient *clp, struct nfsclopen *op,
 1597     struct nfsmount *nmp, struct ucred *cred, NFSPROC_T *p)
 1598 {
 1599         struct nfscllockowner *lp;
 1600         struct nfscldeleg *dp;
 1601         int mustdelete = 0, error;
 1602 
 1603         /*
 1604          * Look for any byte range lock(s).
 1605          */
 1606         LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
 1607                 if (!LIST_EMPTY(&lp->nfsl_lock)) {
 1608                         mustdelete = 1;
 1609                         break;
 1610                 }
 1611         }
 1612 
 1613         /*
 1614          * If no byte range lock(s) nor a Share deny, try to re-open.
 1615          */
 1616         if (!mustdelete && (op->nfso_mode & NFSLCK_DENYBITS) == 0) {
 1617                 newnfs_copycred(&op->nfso_cred, cred);
 1618                 dp = NULL;
 1619                 error = nfsrpc_reopen(nmp, op->nfso_fh,
 1620                     op->nfso_fhlen, op->nfso_mode, op, &dp, cred, p);
 1621                 if (error) {
 1622                         mustdelete = 1;
 1623                         if (dp != NULL) {
 1624                                 free(dp, M_NFSCLDELEG);
 1625                                 dp = NULL;
 1626                         }
 1627                 }
 1628                 if (dp != NULL)
 1629                         nfscl_deleg(nmp->nm_mountp, clp, op->nfso_fh,
 1630                             op->nfso_fhlen, cred, p, &dp);
 1631         }
 1632 
 1633         /*
 1634          * If a byte range lock or Share deny or couldn't re-open, free it.
 1635          */
 1636         if (mustdelete)
 1637                 nfscl_freeopen(op, 0, true);
 1638         return (mustdelete);
 1639 }
 1640 
 1641 /*
 1642  * Free up an open owner structure.
 1643  */
 1644 static void
 1645 nfscl_freeopenowner(struct nfsclowner *owp, int local)
 1646 {
 1647 
 1648         LIST_REMOVE(owp, nfsow_list);
 1649         free(owp, M_NFSCLOWNER);
 1650         if (local)
 1651                 nfsstatsv1.cllocalopenowners--;
 1652         else
 1653                 nfsstatsv1.clopenowners--;
 1654 }
 1655 
 1656 /*
 1657  * Free up a byte range lock owner structure.
 1658  */
 1659 void
 1660 nfscl_freelockowner(struct nfscllockowner *lp, int local)
 1661 {
 1662         struct nfscllock *lop, *nlop;
 1663 
 1664         LIST_REMOVE(lp, nfsl_list);
 1665         LIST_FOREACH_SAFE(lop, &lp->nfsl_lock, nfslo_list, nlop) {
 1666                 nfscl_freelock(lop, local);
 1667         }
 1668         free(lp, M_NFSCLLOCKOWNER);
 1669         if (local)
 1670                 nfsstatsv1.cllocallockowners--;
 1671         else
 1672                 nfsstatsv1.cllockowners--;
 1673 }
 1674 
 1675 /*
 1676  * Free up a byte range lock structure.
 1677  */
 1678 void
 1679 nfscl_freelock(struct nfscllock *lop, int local)
 1680 {
 1681 
 1682         LIST_REMOVE(lop, nfslo_list);
 1683         free(lop, M_NFSCLLOCK);
 1684         if (local)
 1685                 nfsstatsv1.cllocallocks--;
 1686         else
 1687                 nfsstatsv1.cllocks--;
 1688 }
 1689 
 1690 /*
 1691  * Clean out the state related to a delegation.
 1692  */
 1693 static void
 1694 nfscl_cleandeleg(struct nfscldeleg *dp)
 1695 {
 1696         struct nfsclowner *owp, *nowp;
 1697         struct nfsclopen *op;
 1698 
 1699         LIST_FOREACH_SAFE(owp, &dp->nfsdl_owner, nfsow_list, nowp) {
 1700                 op = LIST_FIRST(&owp->nfsow_open);
 1701                 if (op != NULL) {
 1702                         if (LIST_NEXT(op, nfso_list) != NULL)
 1703                                 panic("nfscleandel");
 1704                         nfscl_freeopen(op, 1, true);
 1705                 }
 1706                 nfscl_freeopenowner(owp, 1);
 1707         }
 1708         nfscl_freealllocks(&dp->nfsdl_lock, 1);
 1709 }
 1710 
 1711 /*
 1712  * Free a delegation.
 1713  */
 1714 static void
 1715 nfscl_freedeleg(struct nfscldeleghead *hdp, struct nfscldeleg *dp, bool freeit)
 1716 {
 1717 
 1718         TAILQ_REMOVE(hdp, dp, nfsdl_list);
 1719         LIST_REMOVE(dp, nfsdl_hash);
 1720         if (freeit)
 1721                 free(dp, M_NFSCLDELEG);
 1722         nfsstatsv1.cldelegates--;
 1723         nfscl_delegcnt--;
 1724 }
 1725 
 1726 /*
 1727  * Free up all state related to this client structure.
 1728  */
 1729 static void
 1730 nfscl_cleanclient(struct nfsclclient *clp)
 1731 {
 1732         struct nfsclowner *owp, *nowp;
 1733         struct nfsclopen *op, *nop;
 1734         struct nfscllayout *lyp, *nlyp;
 1735         struct nfscldevinfo *dip, *ndip;
 1736 
 1737         TAILQ_FOREACH_SAFE(lyp, &clp->nfsc_layout, nfsly_list, nlyp)
 1738                 nfscl_freelayout(lyp);
 1739 
 1740         LIST_FOREACH_SAFE(dip, &clp->nfsc_devinfo, nfsdi_list, ndip)
 1741                 nfscl_freedevinfo(dip);
 1742 
 1743         /* Now, all the OpenOwners, etc. */
 1744         LIST_FOREACH_SAFE(owp, &clp->nfsc_owner, nfsow_list, nowp) {
 1745                 LIST_FOREACH_SAFE(op, &owp->nfsow_open, nfso_list, nop) {
 1746                         nfscl_freeopen(op, 0, true);
 1747                 }
 1748                 nfscl_freeopenowner(owp, 0);
 1749         }
 1750 }
 1751 
 1752 /*
 1753  * Called when an NFSERR_EXPIRED is received from the server.
 1754  */
 1755 static void
 1756 nfscl_expireclient(struct nfsclclient *clp, struct nfsmount *nmp,
 1757     struct ucred *cred, NFSPROC_T *p)
 1758 {
 1759         struct nfsclowner *owp, *nowp, *towp;
 1760         struct nfsclopen *op, *nop, *top;
 1761         struct nfscldeleg *dp, *ndp;
 1762         int ret, printed = 0;
 1763 
 1764         /*
 1765          * First, merge locally issued Opens into the list for the server.
 1766          */
 1767         dp = TAILQ_FIRST(&clp->nfsc_deleg);
 1768         while (dp != NULL) {
 1769             ndp = TAILQ_NEXT(dp, nfsdl_list);
 1770             owp = LIST_FIRST(&dp->nfsdl_owner);
 1771             while (owp != NULL) {
 1772                 nowp = LIST_NEXT(owp, nfsow_list);
 1773                 op = LIST_FIRST(&owp->nfsow_open);
 1774                 if (op != NULL) {
 1775                     if (LIST_NEXT(op, nfso_list) != NULL)
 1776                         panic("nfsclexp");
 1777                     LIST_FOREACH(towp, &clp->nfsc_owner, nfsow_list) {
 1778                         if (!NFSBCMP(towp->nfsow_owner, owp->nfsow_owner,
 1779                             NFSV4CL_LOCKNAMELEN))
 1780                             break;
 1781                     }
 1782                     if (towp != NULL) {
 1783                         /* Merge opens in */
 1784                         LIST_FOREACH(top, &towp->nfsow_open, nfso_list) {
 1785                             if (top->nfso_fhlen == op->nfso_fhlen &&
 1786                                 !NFSBCMP(top->nfso_fh, op->nfso_fh,
 1787                                  op->nfso_fhlen)) {
 1788                                 top->nfso_mode |= op->nfso_mode;
 1789                                 top->nfso_opencnt += op->nfso_opencnt;
 1790                                 break;
 1791                             }
 1792                         }
 1793                         if (top == NULL) {
 1794                             /* Just add the open to the owner list */
 1795                             LIST_REMOVE(op, nfso_list);
 1796                             op->nfso_own = towp;
 1797                             LIST_INSERT_HEAD(&towp->nfsow_open, op, nfso_list);
 1798                             LIST_INSERT_HEAD(NFSCLOPENHASH(clp, op->nfso_fh,
 1799                                 op->nfso_fhlen), op, nfso_hash);
 1800                             nfsstatsv1.cllocalopens--;
 1801                             nfsstatsv1.clopens++;
 1802                         }
 1803                     } else {
 1804                         /* Just add the openowner to the client list */
 1805                         LIST_REMOVE(owp, nfsow_list);
 1806                         owp->nfsow_clp = clp;
 1807                         LIST_INSERT_HEAD(&clp->nfsc_owner, owp, nfsow_list);
 1808                         LIST_INSERT_HEAD(NFSCLOPENHASH(clp, op->nfso_fh,
 1809                             op->nfso_fhlen), op, nfso_hash);
 1810                         nfsstatsv1.cllocalopenowners--;
 1811                         nfsstatsv1.clopenowners++;
 1812                         nfsstatsv1.cllocalopens--;
 1813                         nfsstatsv1.clopens++;
 1814                     }
 1815                 }
 1816                 owp = nowp;
 1817             }
 1818             if (!printed && !LIST_EMPTY(&dp->nfsdl_lock)) {
 1819                 printed = 1;
 1820                 printf("nfsv4 expired locks lost\n");
 1821             }
 1822             nfscl_cleandeleg(dp);
 1823             nfscl_freedeleg(&clp->nfsc_deleg, dp, true);
 1824             dp = ndp;
 1825         }
 1826         if (!TAILQ_EMPTY(&clp->nfsc_deleg))
 1827             panic("nfsclexp");
 1828 
 1829         /*
 1830          * Now, try and reopen against the server.
 1831          */
 1832         LIST_FOREACH_SAFE(owp, &clp->nfsc_owner, nfsow_list, nowp) {
 1833                 owp->nfsow_seqid = 0;
 1834                 LIST_FOREACH_SAFE(op, &owp->nfsow_open, nfso_list, nop) {
 1835                         ret = nfscl_expireopen(clp, op, nmp, cred, p);
 1836                         if (ret && !printed) {
 1837                                 printed = 1;
 1838                                 printf("nfsv4 expired locks lost\n");
 1839                         }
 1840                 }
 1841                 if (LIST_EMPTY(&owp->nfsow_open))
 1842                         nfscl_freeopenowner(owp, 0);
 1843         }
 1844 }
 1845 
 1846 /*
 1847  * This function must be called after the process represented by "own" has
 1848  * exited. Must be called with CLSTATE lock held.
 1849  */
 1850 static void
 1851 nfscl_cleanup_common(struct nfsclclient *clp, u_int8_t *own)
 1852 {
 1853         struct nfsclowner *owp, *nowp;
 1854         struct nfscllockowner *lp, *nlp;
 1855         struct nfscldeleg *dp;
 1856 
 1857         /* First, get rid of local locks on delegations. */
 1858         TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list) {
 1859                 LIST_FOREACH_SAFE(lp, &dp->nfsdl_lock, nfsl_list, nlp) {
 1860                     if (!NFSBCMP(lp->nfsl_owner, own, NFSV4CL_LOCKNAMELEN)) {
 1861                         if ((lp->nfsl_rwlock.nfslock_lock & NFSV4LOCK_WANTED))
 1862                             panic("nfscllckw");
 1863                         nfscl_freelockowner(lp, 1);
 1864                     }
 1865                 }
 1866         }
 1867         owp = LIST_FIRST(&clp->nfsc_owner);
 1868         while (owp != NULL) {
 1869                 nowp = LIST_NEXT(owp, nfsow_list);
 1870                 if (!NFSBCMP(owp->nfsow_owner, own,
 1871                     NFSV4CL_LOCKNAMELEN)) {
 1872                         /*
 1873                          * If there are children that haven't closed the
 1874                          * file descriptors yet, the opens will still be
 1875                          * here. For that case, let the renew thread clear
 1876                          * out the OpenOwner later.
 1877                          */
 1878                         if (LIST_EMPTY(&owp->nfsow_open))
 1879                                 nfscl_freeopenowner(owp, 0);
 1880                         else
 1881                                 owp->nfsow_defunct = 1;
 1882                 }
 1883                 owp = nowp;
 1884         }
 1885 }
 1886 
 1887 /*
 1888  * Find open/lock owners for processes that have exited.
 1889  */
 1890 static void
 1891 nfscl_cleanupkext(struct nfsclclient *clp, struct nfscllockownerfhhead *lhp)
 1892 {
 1893         struct nfsclowner *owp, *nowp;
 1894         struct nfsclopen *op;
 1895         struct nfscllockowner *lp, *nlp;
 1896         struct nfscldeleg *dp;
 1897 
 1898         /*
 1899          * All the pidhash locks must be acquired, since they are sx locks
 1900          * and must be acquired before the mutexes.  The pid(s) that will
 1901          * be used aren't known yet, so all the locks need to be acquired.
 1902          * Fortunately, this function is only performed once/sec.
 1903          */
 1904         pidhash_slockall();
 1905         NFSLOCKCLSTATE();
 1906         LIST_FOREACH_SAFE(owp, &clp->nfsc_owner, nfsow_list, nowp) {
 1907                 LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
 1908                         LIST_FOREACH_SAFE(lp, &op->nfso_lock, nfsl_list, nlp) {
 1909                                 if (LIST_EMPTY(&lp->nfsl_lock))
 1910                                         nfscl_emptylockowner(lp, lhp);
 1911                         }
 1912                 }
 1913                 if (nfscl_procdoesntexist(owp->nfsow_owner))
 1914                         nfscl_cleanup_common(clp, owp->nfsow_owner);
 1915         }
 1916 
 1917         /*
 1918          * For the single open_owner case, these lock owners need to be
 1919          * checked to see if they still exist separately.
 1920          * This is because nfscl_procdoesntexist() never returns true for
 1921          * the single open_owner so that the above doesn't ever call
 1922          * nfscl_cleanup_common().
 1923          */
 1924         TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list) {
 1925                 LIST_FOREACH_SAFE(lp, &dp->nfsdl_lock, nfsl_list, nlp) {
 1926                         if (nfscl_procdoesntexist(lp->nfsl_owner))
 1927                                 nfscl_cleanup_common(clp, lp->nfsl_owner);
 1928                 }
 1929         }
 1930         NFSUNLOCKCLSTATE();
 1931         pidhash_sunlockall();
 1932 }
 1933 
 1934 /*
 1935  * Take the empty lock owner and move it to the local lhp list if the
 1936  * associated process no longer exists.
 1937  */
 1938 static void
 1939 nfscl_emptylockowner(struct nfscllockowner *lp,
 1940     struct nfscllockownerfhhead *lhp)
 1941 {
 1942         struct nfscllockownerfh *lfhp, *mylfhp;
 1943         struct nfscllockowner *nlp;
 1944         int fnd_it;
 1945 
 1946         /* If not a Posix lock owner, just return. */
 1947         if ((lp->nfsl_lockflags & F_POSIX) == 0)
 1948                 return;
 1949 
 1950         fnd_it = 0;
 1951         mylfhp = NULL;
 1952         /*
 1953          * First, search to see if this lock owner is already in the list.
 1954          * If it is, then the associated process no longer exists.
 1955          */
 1956         SLIST_FOREACH(lfhp, lhp, nfslfh_list) {
 1957                 if (lfhp->nfslfh_len == lp->nfsl_open->nfso_fhlen &&
 1958                     !NFSBCMP(lfhp->nfslfh_fh, lp->nfsl_open->nfso_fh,
 1959                     lfhp->nfslfh_len))
 1960                         mylfhp = lfhp;
 1961                 LIST_FOREACH(nlp, &lfhp->nfslfh_lock, nfsl_list)
 1962                         if (!NFSBCMP(nlp->nfsl_owner, lp->nfsl_owner,
 1963                             NFSV4CL_LOCKNAMELEN))
 1964                                 fnd_it = 1;
 1965         }
 1966         /* If not found, check if process still exists. */
 1967         if (fnd_it == 0 && nfscl_procdoesntexist(lp->nfsl_owner) == 0)
 1968                 return;
 1969 
 1970         /* Move the lock owner over to the local list. */
 1971         if (mylfhp == NULL) {
 1972                 mylfhp = malloc(sizeof(struct nfscllockownerfh), M_TEMP,
 1973                     M_NOWAIT);
 1974                 if (mylfhp == NULL)
 1975                         return;
 1976                 mylfhp->nfslfh_len = lp->nfsl_open->nfso_fhlen;
 1977                 NFSBCOPY(lp->nfsl_open->nfso_fh, mylfhp->nfslfh_fh,
 1978                     mylfhp->nfslfh_len);
 1979                 LIST_INIT(&mylfhp->nfslfh_lock);
 1980                 SLIST_INSERT_HEAD(lhp, mylfhp, nfslfh_list);
 1981         }
 1982         LIST_REMOVE(lp, nfsl_list);
 1983         LIST_INSERT_HEAD(&mylfhp->nfslfh_lock, lp, nfsl_list);
 1984 }
 1985 
 1986 static int      fake_global;    /* Used to force visibility of MNTK_UNMOUNTF */
 1987 /*
 1988  * Called from nfs umount to free up the clientid.
 1989  */
 1990 void
 1991 nfscl_umount(struct nfsmount *nmp, NFSPROC_T *p, struct nfscldeleghead *dhp)
 1992 {
 1993         struct nfsclclient *clp;
 1994         struct ucred *cred;
 1995         int igotlock;
 1996 
 1997         /*
 1998          * For the case that matters, this is the thread that set
 1999          * MNTK_UNMOUNTF, so it will see it set. The code that follows is
 2000          * done to ensure that any thread executing nfscl_getcl() after
 2001          * this time, will see MNTK_UNMOUNTF set. nfscl_getcl() uses the
 2002          * mutex for NFSLOCKCLSTATE(), so it is "m" for the following
 2003          * explanation, courtesy of Alan Cox.
 2004          * What follows is a snippet from Alan Cox's email at:
 2005          * https://docs.FreeBSD.org/cgi/mid.cgi?BANLkTikR3d65zPHo9==08ZfJ2vmqZucEvw
 2006          * 
 2007          * 1. Set MNTK_UNMOUNTF
 2008          * 2. Acquire a standard FreeBSD mutex "m".
 2009          * 3. Update some data structures.
 2010          * 4. Release mutex "m".
 2011          * 
 2012          * Then, other threads that acquire "m" after step 4 has occurred will
 2013          * see MNTK_UNMOUNTF as set.  But, other threads that beat thread X to
 2014          * step 2 may or may not see MNTK_UNMOUNTF as set.
 2015          */
 2016         NFSLOCKCLSTATE();
 2017         if ((nmp->nm_mountp->mnt_kern_flag & MNTK_UNMOUNTF) != 0) {
 2018                 fake_global++;
 2019                 NFSUNLOCKCLSTATE();
 2020                 NFSLOCKCLSTATE();
 2021         }
 2022 
 2023         clp = nmp->nm_clp;
 2024         if (clp != NULL) {
 2025                 if ((clp->nfsc_flags & NFSCLFLAGS_INITED) == 0)
 2026                         panic("nfscl umount");
 2027 
 2028                 /*
 2029                  * First, handshake with the nfscl renew thread, to terminate
 2030                  * it.
 2031                  */
 2032                 clp->nfsc_flags |= NFSCLFLAGS_UMOUNT;
 2033                 while (clp->nfsc_flags & NFSCLFLAGS_HASTHREAD)
 2034                         (void)mtx_sleep(clp, NFSCLSTATEMUTEXPTR, PWAIT,
 2035                             "nfsclumnt", hz);
 2036 
 2037                 /*
 2038                  * Now, get the exclusive lock on the client state, so
 2039                  * that no uses of the state are still in progress.
 2040                  */
 2041                 do {
 2042                         igotlock = nfsv4_lock(&clp->nfsc_lock, 1, NULL,
 2043                             NFSCLSTATEMUTEXPTR, NULL);
 2044                 } while (!igotlock);
 2045                 NFSUNLOCKCLSTATE();
 2046 
 2047                 /*
 2048                  * Free up all the state. It will expire on the server, but
 2049                  * maybe we should do a SetClientId/SetClientIdConfirm so
 2050                  * the server throws it away?
 2051                  */
 2052                 LIST_REMOVE(clp, nfsc_list);
 2053                 nfscl_delegreturnall(clp, p, dhp);
 2054                 cred = newnfs_getcred();
 2055                 if (NFSHASNFSV4N(nmp)) {
 2056                         (void)nfsrpc_destroysession(nmp, clp, cred, p);
 2057                         (void)nfsrpc_destroyclient(nmp, clp, cred, p);
 2058                 } else
 2059                         (void)nfsrpc_setclient(nmp, clp, 0, NULL, cred, p);
 2060                 nfscl_cleanclient(clp);
 2061                 nmp->nm_clp = NULL;
 2062                 NFSFREECRED(cred);
 2063                 free(clp, M_NFSCLCLIENT);
 2064         } else
 2065                 NFSUNLOCKCLSTATE();
 2066 }
 2067 
 2068 /*
 2069  * This function is called when a server replies with NFSERR_STALECLIENTID
 2070  * NFSERR_STALESTATEID or NFSERR_BADSESSION. It traverses the clientid lists,
 2071  * doing Opens and Locks with reclaim. If these fail, it deletes the
 2072  * corresponding state.
 2073  */
 2074 static void
 2075 nfscl_recover(struct nfsclclient *clp, bool *retokp, struct ucred *cred,
 2076     NFSPROC_T *p)
 2077 {
 2078         struct nfsclowner *owp, *nowp;
 2079         struct nfsclopen *op, *nop;
 2080         struct nfscllockowner *lp, *nlp;
 2081         struct nfscllock *lop, *nlop;
 2082         struct nfscldeleg *dp, *ndp, *tdp;
 2083         struct nfsmount *nmp;
 2084         struct ucred *tcred;
 2085         struct nfsclopenhead extra_open;
 2086         struct nfscldeleghead extra_deleg;
 2087         struct nfsreq *rep;
 2088         u_int64_t len;
 2089         u_int32_t delegtype = NFSV4OPEN_DELEGATEWRITE, mode;
 2090         int i, igotlock = 0, error, trycnt, firstlock;
 2091         struct nfscllayout *lyp, *nlyp;
 2092         bool recovered_one;
 2093 
 2094         /*
 2095          * First, lock the client structure, so everyone else will
 2096          * block when trying to use state.
 2097          */
 2098         NFSLOCKCLSTATE();
 2099         clp->nfsc_flags |= NFSCLFLAGS_RECVRINPROG;
 2100         do {
 2101                 igotlock = nfsv4_lock(&clp->nfsc_lock, 1, NULL,
 2102                     NFSCLSTATEMUTEXPTR, NULL);
 2103         } while (!igotlock);
 2104         NFSUNLOCKCLSTATE();
 2105 
 2106         nmp = clp->nfsc_nmp;
 2107         if (nmp == NULL)
 2108                 panic("nfscl recover");
 2109 
 2110         /*
 2111          * For now, just get rid of all layouts. There may be a need
 2112          * to do LayoutCommit Ops with reclaim == true later.
 2113          */
 2114         TAILQ_FOREACH_SAFE(lyp, &clp->nfsc_layout, nfsly_list, nlyp)
 2115                 nfscl_freelayout(lyp);
 2116         TAILQ_INIT(&clp->nfsc_layout);
 2117         for (i = 0; i < NFSCLLAYOUTHASHSIZE; i++)
 2118                 LIST_INIT(&clp->nfsc_layouthash[i]);
 2119 
 2120         trycnt = 5;
 2121         tcred = NULL;
 2122         do {
 2123                 error = nfsrpc_setclient(nmp, clp, 1, retokp, cred, p);
 2124         } while ((error == NFSERR_STALECLIENTID ||
 2125              error == NFSERR_BADSESSION ||
 2126              error == NFSERR_STALEDONTRECOVER) && --trycnt > 0);
 2127         if (error) {
 2128                 NFSLOCKCLSTATE();
 2129                 clp->nfsc_flags &= ~(NFSCLFLAGS_RECOVER |
 2130                     NFSCLFLAGS_RECVRINPROG);
 2131                 wakeup(&clp->nfsc_flags);
 2132                 nfsv4_unlock(&clp->nfsc_lock, 0);
 2133                 NFSUNLOCKCLSTATE();
 2134                 return;
 2135         }
 2136         clp->nfsc_flags |= NFSCLFLAGS_HASCLIENTID;
 2137         clp->nfsc_flags &= ~NFSCLFLAGS_RECOVER;
 2138 
 2139         /*
 2140          * Mark requests already queued on the server, so that they don't
 2141          * initiate another recovery cycle. Any requests already in the
 2142          * queue that handle state information will have the old stale
 2143          * clientid/stateid and will get a NFSERR_STALESTATEID,
 2144          * NFSERR_STALECLIENTID or NFSERR_BADSESSION reply from the server.
 2145          * This will be translated to NFSERR_STALEDONTRECOVER when
 2146          * R_DONTRECOVER is set.
 2147          */
 2148         NFSLOCKREQ();
 2149         TAILQ_FOREACH(rep, &nfsd_reqq, r_chain) {
 2150                 if (rep->r_nmp == nmp)
 2151                         rep->r_flags |= R_DONTRECOVER;
 2152         }
 2153         NFSUNLOCKREQ();
 2154 
 2155         /*
 2156          * If nfsrpc_setclient() returns *retokp == true,
 2157          * no more recovery is needed.
 2158          */
 2159         if (*retokp)
 2160                 goto out;
 2161 
 2162         /*
 2163          * Now, mark all delegations "need reclaim".
 2164          */
 2165         TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list)
 2166                 dp->nfsdl_flags |= NFSCLDL_NEEDRECLAIM;
 2167 
 2168         TAILQ_INIT(&extra_deleg);
 2169         LIST_INIT(&extra_open);
 2170         /*
 2171          * Now traverse the state lists, doing Open and Lock Reclaims.
 2172          */
 2173         tcred = newnfs_getcred();
 2174         recovered_one = false;
 2175         owp = LIST_FIRST(&clp->nfsc_owner);
 2176         while (owp != NULL) {
 2177             nowp = LIST_NEXT(owp, nfsow_list);
 2178             owp->nfsow_seqid = 0;
 2179             op = LIST_FIRST(&owp->nfsow_open);
 2180             while (op != NULL) {
 2181                 nop = LIST_NEXT(op, nfso_list);
 2182                 if (error != NFSERR_NOGRACE && error != NFSERR_BADSESSION) {
 2183                     /* Search for a delegation to reclaim with the open */
 2184                     TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list) {
 2185                         if (!(dp->nfsdl_flags & NFSCLDL_NEEDRECLAIM))
 2186                             continue;
 2187                         if ((dp->nfsdl_flags & NFSCLDL_WRITE)) {
 2188                             mode = NFSV4OPEN_ACCESSWRITE;
 2189                             delegtype = NFSV4OPEN_DELEGATEWRITE;
 2190                         } else {
 2191                             mode = NFSV4OPEN_ACCESSREAD;
 2192                             delegtype = NFSV4OPEN_DELEGATEREAD;
 2193                         }
 2194                         if ((op->nfso_mode & mode) == mode &&
 2195                             op->nfso_fhlen == dp->nfsdl_fhlen &&
 2196                             !NFSBCMP(op->nfso_fh, dp->nfsdl_fh, op->nfso_fhlen))
 2197                             break;
 2198                     }
 2199                     ndp = dp;
 2200                     if (dp == NULL)
 2201                         delegtype = NFSV4OPEN_DELEGATENONE;
 2202                     newnfs_copycred(&op->nfso_cred, tcred);
 2203                     error = nfscl_tryopen(nmp, NULL, op->nfso_fh,
 2204                         op->nfso_fhlen, op->nfso_fh, op->nfso_fhlen,
 2205                         op->nfso_mode, op, NULL, 0, &ndp, 1, delegtype,
 2206                         tcred, p);
 2207                     if (!error) {
 2208                         recovered_one = true;
 2209                         /* Handle any replied delegation */
 2210                         if (ndp != NULL && ((ndp->nfsdl_flags & NFSCLDL_WRITE)
 2211                             || NFSMNT_RDONLY(nmp->nm_mountp))) {
 2212                             if ((ndp->nfsdl_flags & NFSCLDL_WRITE))
 2213                                 mode = NFSV4OPEN_ACCESSWRITE;
 2214                             else
 2215                                 mode = NFSV4OPEN_ACCESSREAD;
 2216                             TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list) {
 2217                                 if (!(dp->nfsdl_flags & NFSCLDL_NEEDRECLAIM))
 2218                                     continue;
 2219                                 if ((op->nfso_mode & mode) == mode &&
 2220                                     op->nfso_fhlen == dp->nfsdl_fhlen &&
 2221                                     !NFSBCMP(op->nfso_fh, dp->nfsdl_fh,
 2222                                     op->nfso_fhlen)) {
 2223                                     dp->nfsdl_stateid = ndp->nfsdl_stateid;
 2224                                     dp->nfsdl_sizelimit = ndp->nfsdl_sizelimit;
 2225                                     dp->nfsdl_ace = ndp->nfsdl_ace;
 2226                                     dp->nfsdl_change = ndp->nfsdl_change;
 2227                                     dp->nfsdl_flags &= ~NFSCLDL_NEEDRECLAIM;
 2228                                     if ((ndp->nfsdl_flags & NFSCLDL_RECALL))
 2229                                         dp->nfsdl_flags |= NFSCLDL_RECALL;
 2230                                     free(ndp, M_NFSCLDELEG);
 2231                                     ndp = NULL;
 2232                                     break;
 2233                                 }
 2234                             }
 2235                         }
 2236                         if (ndp != NULL)
 2237                             TAILQ_INSERT_HEAD(&extra_deleg, ndp, nfsdl_list);
 2238 
 2239                         /* and reclaim all byte range locks */
 2240                         lp = LIST_FIRST(&op->nfso_lock);
 2241                         while (lp != NULL) {
 2242                             nlp = LIST_NEXT(lp, nfsl_list);
 2243                             lp->nfsl_seqid = 0;
 2244                             firstlock = 1;
 2245                             lop = LIST_FIRST(&lp->nfsl_lock);
 2246                             while (lop != NULL) {
 2247                                 nlop = LIST_NEXT(lop, nfslo_list);
 2248                                 if (lop->nfslo_end == NFS64BITSSET)
 2249                                     len = NFS64BITSSET;
 2250                                 else
 2251                                     len = lop->nfslo_end - lop->nfslo_first;
 2252                                 error = nfscl_trylock(nmp, NULL,
 2253                                     op->nfso_fh, op->nfso_fhlen, lp,
 2254                                     firstlock, 1, lop->nfslo_first, len,
 2255                                     lop->nfslo_type, tcred, p);
 2256                                 if (error != 0)
 2257                                     nfscl_freelock(lop, 0);
 2258                                 else
 2259                                     firstlock = 0;
 2260                                 lop = nlop;
 2261                             }
 2262                             /* If no locks, but a lockowner, just delete it. */
 2263                             if (LIST_EMPTY(&lp->nfsl_lock))
 2264                                 nfscl_freelockowner(lp, 0);
 2265                             lp = nlp;
 2266                         }
 2267                     } else if (error == NFSERR_NOGRACE && !recovered_one &&
 2268                         NFSHASNFSV4N(nmp)) {
 2269                         /*
 2270                          * For NFSv4.1/4.2, the NFSERR_EXPIRED case will
 2271                          * actually end up here, since the client will do
 2272                          * a recovery for NFSERR_BADSESSION, but will get
 2273                          * an NFSERR_NOGRACE reply for the first "reclaim"
 2274                          * attempt.
 2275                          * So, call nfscl_expireclient() to recover the
 2276                          * opens as best we can and then do a reclaim
 2277                          * complete and return.
 2278                          */
 2279                         nfsrpc_reclaimcomplete(nmp, cred, p);
 2280                         nfscl_expireclient(clp, nmp, tcred, p);
 2281                         goto out;
 2282                     }
 2283                 }
 2284                 if (error != 0 && error != NFSERR_BADSESSION)
 2285                     nfscl_freeopen(op, 0, true);
 2286                 op = nop;
 2287             }
 2288             owp = nowp;
 2289         }
 2290 
 2291         /*
 2292          * Now, try and get any delegations not yet reclaimed by cobbling
 2293          * to-gether an appropriate open.
 2294          */
 2295         nowp = NULL;
 2296         dp = TAILQ_FIRST(&clp->nfsc_deleg);
 2297         while (dp != NULL) {
 2298             ndp = TAILQ_NEXT(dp, nfsdl_list);
 2299             if ((dp->nfsdl_flags & NFSCLDL_NEEDRECLAIM)) {
 2300                 if (nowp == NULL) {
 2301                     nowp = malloc(
 2302                         sizeof (struct nfsclowner), M_NFSCLOWNER, M_WAITOK);
 2303                     /*
 2304                      * Name must be as long an largest possible
 2305                      * NFSV4CL_LOCKNAMELEN. 12 for now.
 2306                      */
 2307                     NFSBCOPY("RECLAIMDELEG", nowp->nfsow_owner,
 2308                         NFSV4CL_LOCKNAMELEN);
 2309                     LIST_INIT(&nowp->nfsow_open);
 2310                     nowp->nfsow_clp = clp;
 2311                     nowp->nfsow_seqid = 0;
 2312                     nowp->nfsow_defunct = 0;
 2313                     nfscl_lockinit(&nowp->nfsow_rwlock);
 2314                 }
 2315                 nop = NULL;
 2316                 if (error != NFSERR_NOGRACE && error != NFSERR_BADSESSION) {
 2317                     nop = malloc(sizeof (struct nfsclopen) +
 2318                         dp->nfsdl_fhlen - 1, M_NFSCLOPEN, M_WAITOK);
 2319                     nop->nfso_own = nowp;
 2320                     if ((dp->nfsdl_flags & NFSCLDL_WRITE)) {
 2321                         nop->nfso_mode = NFSV4OPEN_ACCESSWRITE;
 2322                         delegtype = NFSV4OPEN_DELEGATEWRITE;
 2323                     } else {
 2324                         nop->nfso_mode = NFSV4OPEN_ACCESSREAD;
 2325                         delegtype = NFSV4OPEN_DELEGATEREAD;
 2326                     }
 2327                     nop->nfso_opencnt = 0;
 2328                     nop->nfso_posixlock = 1;
 2329                     nop->nfso_fhlen = dp->nfsdl_fhlen;
 2330                     NFSBCOPY(dp->nfsdl_fh, nop->nfso_fh, dp->nfsdl_fhlen);
 2331                     LIST_INIT(&nop->nfso_lock);
 2332                     nop->nfso_stateid.seqid = 0;
 2333                     nop->nfso_stateid.other[0] = 0;
 2334                     nop->nfso_stateid.other[1] = 0;
 2335                     nop->nfso_stateid.other[2] = 0;
 2336                     newnfs_copycred(&dp->nfsdl_cred, tcred);
 2337                     newnfs_copyincred(tcred, &nop->nfso_cred);
 2338                     tdp = NULL;
 2339                     error = nfscl_tryopen(nmp, NULL, nop->nfso_fh,
 2340                         nop->nfso_fhlen, nop->nfso_fh, nop->nfso_fhlen,
 2341                         nop->nfso_mode, nop, NULL, 0, &tdp, 1,
 2342                         delegtype, tcred, p);
 2343                     if (tdp != NULL) {
 2344                         if ((tdp->nfsdl_flags & NFSCLDL_WRITE))
 2345                             mode = NFSV4OPEN_ACCESSWRITE;
 2346                         else
 2347                             mode = NFSV4OPEN_ACCESSREAD;
 2348                         if ((nop->nfso_mode & mode) == mode &&
 2349                             nop->nfso_fhlen == tdp->nfsdl_fhlen &&
 2350                             !NFSBCMP(nop->nfso_fh, tdp->nfsdl_fh,
 2351                             nop->nfso_fhlen)) {
 2352                             dp->nfsdl_stateid = tdp->nfsdl_stateid;
 2353                             dp->nfsdl_sizelimit = tdp->nfsdl_sizelimit;
 2354                             dp->nfsdl_ace = tdp->nfsdl_ace;
 2355                             dp->nfsdl_change = tdp->nfsdl_change;
 2356                             dp->nfsdl_flags &= ~NFSCLDL_NEEDRECLAIM;
 2357                             if ((tdp->nfsdl_flags & NFSCLDL_RECALL))
 2358                                 dp->nfsdl_flags |= NFSCLDL_RECALL;
 2359                             free(tdp, M_NFSCLDELEG);
 2360                         } else {
 2361                             TAILQ_INSERT_HEAD(&extra_deleg, tdp, nfsdl_list);
 2362                         }
 2363                     }
 2364                 }
 2365                 if (error) {
 2366                     if (nop != NULL)
 2367                         free(nop, M_NFSCLOPEN);
 2368                     if (error == NFSERR_NOGRACE && !recovered_one &&
 2369                         NFSHASNFSV4N(nmp)) {
 2370                         /*
 2371                          * For NFSv4.1/4.2, the NFSERR_EXPIRED case will
 2372                          * actually end up here, since the client will do
 2373                          * a recovery for NFSERR_BADSESSION, but will get
 2374                          * an NFSERR_NOGRACE reply for the first "reclaim"
 2375                          * attempt.
 2376                          * So, call nfscl_expireclient() to recover the
 2377                          * opens as best we can and then do a reclaim
 2378                          * complete and return.
 2379                          */
 2380                         nfsrpc_reclaimcomplete(nmp, cred, p);
 2381                         nfscl_expireclient(clp, nmp, tcred, p);
 2382                         free(nowp, M_NFSCLOWNER);
 2383                         goto out;
 2384                     }
 2385                     /*
 2386                      * Couldn't reclaim it, so throw the state
 2387                      * away. Ouch!!
 2388                      */
 2389                     nfscl_cleandeleg(dp);
 2390                     nfscl_freedeleg(&clp->nfsc_deleg, dp, true);
 2391                 } else {
 2392                     recovered_one = true;
 2393                     LIST_INSERT_HEAD(&extra_open, nop, nfso_list);
 2394                 }
 2395             }
 2396             dp = ndp;
 2397         }
 2398 
 2399         /*
 2400          * Now, get rid of extra Opens and Delegations.
 2401          */
 2402         LIST_FOREACH_SAFE(op, &extra_open, nfso_list, nop) {
 2403                 do {
 2404                         newnfs_copycred(&op->nfso_cred, tcred);
 2405                         error = nfscl_tryclose(op, tcred, nmp, p, true);
 2406                         if (error == NFSERR_GRACE)
 2407                                 (void) nfs_catnap(PZERO, error, "nfsexcls");
 2408                 } while (error == NFSERR_GRACE);
 2409                 LIST_REMOVE(op, nfso_list);
 2410                 free(op, M_NFSCLOPEN);
 2411         }
 2412         if (nowp != NULL)
 2413                 free(nowp, M_NFSCLOWNER);
 2414 
 2415         TAILQ_FOREACH_SAFE(dp, &extra_deleg, nfsdl_list, ndp) {
 2416                 do {
 2417                         newnfs_copycred(&dp->nfsdl_cred, tcred);
 2418                         error = nfscl_trydelegreturn(dp, tcred, nmp, p);
 2419                         if (error == NFSERR_GRACE)
 2420                                 (void) nfs_catnap(PZERO, error, "nfsexdlg");
 2421                 } while (error == NFSERR_GRACE);
 2422                 TAILQ_REMOVE(&extra_deleg, dp, nfsdl_list);
 2423                 free(dp, M_NFSCLDELEG);
 2424         }
 2425 
 2426         /* For NFSv4.1 or later, do a RECLAIM_COMPLETE. */
 2427         if (NFSHASNFSV4N(nmp))
 2428                 (void)nfsrpc_reclaimcomplete(nmp, cred, p);
 2429 
 2430 out:
 2431         NFSLOCKCLSTATE();
 2432         clp->nfsc_flags &= ~NFSCLFLAGS_RECVRINPROG;
 2433         wakeup(&clp->nfsc_flags);
 2434         nfsv4_unlock(&clp->nfsc_lock, 0);
 2435         NFSUNLOCKCLSTATE();
 2436         if (tcred != NULL)
 2437                 NFSFREECRED(tcred);
 2438 }
 2439 
 2440 /*
 2441  * This function is called when a server replies with NFSERR_EXPIRED.
 2442  * It deletes all state for the client and does a fresh SetClientId/confirm.
 2443  * XXX Someday it should post a signal to the process(es) that hold the
 2444  * state, so they know that lock state has been lost.
 2445  */
 2446 int
 2447 nfscl_hasexpired(struct nfsclclient *clp, u_int32_t clidrev, NFSPROC_T *p)
 2448 {
 2449         struct nfsmount *nmp;
 2450         struct ucred *cred;
 2451         int igotlock = 0, error, trycnt;
 2452 
 2453         /*
 2454          * If the clientid has gone away or a new SetClientid has already
 2455          * been done, just return ok.
 2456          */
 2457         if (clp == NULL || clidrev != clp->nfsc_clientidrev)
 2458                 return (0);
 2459 
 2460         /*
 2461          * First, lock the client structure, so everyone else will
 2462          * block when trying to use state. Also, use NFSCLFLAGS_EXPIREIT so
 2463          * that only one thread does the work.
 2464          */
 2465         NFSLOCKCLSTATE();
 2466         clp->nfsc_flags |= NFSCLFLAGS_EXPIREIT;
 2467         do {
 2468                 igotlock = nfsv4_lock(&clp->nfsc_lock, 1, NULL,
 2469                     NFSCLSTATEMUTEXPTR, NULL);
 2470         } while (!igotlock && (clp->nfsc_flags & NFSCLFLAGS_EXPIREIT));
 2471         if ((clp->nfsc_flags & NFSCLFLAGS_EXPIREIT) == 0) {
 2472                 if (igotlock)
 2473                         nfsv4_unlock(&clp->nfsc_lock, 0);
 2474                 NFSUNLOCKCLSTATE();
 2475                 return (0);
 2476         }
 2477         clp->nfsc_flags |= NFSCLFLAGS_RECVRINPROG;
 2478         NFSUNLOCKCLSTATE();
 2479 
 2480         nmp = clp->nfsc_nmp;
 2481         if (nmp == NULL)
 2482                 panic("nfscl expired");
 2483         cred = newnfs_getcred();
 2484         trycnt = 5;
 2485         do {
 2486                 error = nfsrpc_setclient(nmp, clp, 0, NULL, cred, p);
 2487         } while ((error == NFSERR_STALECLIENTID ||
 2488              error == NFSERR_BADSESSION ||
 2489              error == NFSERR_STALEDONTRECOVER) && --trycnt > 0);
 2490         if (error) {
 2491                 NFSLOCKCLSTATE();
 2492                 clp->nfsc_flags &= ~NFSCLFLAGS_RECOVER;
 2493         } else {
 2494                 /*
 2495                  * Expire the state for the client.
 2496                  */
 2497                 nfscl_expireclient(clp, nmp, cred, p);
 2498                 NFSLOCKCLSTATE();
 2499                 clp->nfsc_flags |= NFSCLFLAGS_HASCLIENTID;
 2500                 clp->nfsc_flags &= ~NFSCLFLAGS_RECOVER;
 2501         }
 2502         clp->nfsc_flags &= ~(NFSCLFLAGS_EXPIREIT | NFSCLFLAGS_RECVRINPROG);
 2503         wakeup(&clp->nfsc_flags);
 2504         nfsv4_unlock(&clp->nfsc_lock, 0);
 2505         NFSUNLOCKCLSTATE();
 2506         NFSFREECRED(cred);
 2507         return (error);
 2508 }
 2509 
 2510 /*
 2511  * This function inserts a lock in the list after insert_lop.
 2512  */
 2513 static void
 2514 nfscl_insertlock(struct nfscllockowner *lp, struct nfscllock *new_lop,
 2515     struct nfscllock *insert_lop, int local)
 2516 {
 2517 
 2518         if ((struct nfscllockowner *)insert_lop == lp)
 2519                 LIST_INSERT_HEAD(&lp->nfsl_lock, new_lop, nfslo_list);
 2520         else
 2521                 LIST_INSERT_AFTER(insert_lop, new_lop, nfslo_list);
 2522         if (local)
 2523                 nfsstatsv1.cllocallocks++;
 2524         else
 2525                 nfsstatsv1.cllocks++;
 2526 }
 2527 
 2528 /*
 2529  * This function updates the locking for a lock owner and given file. It
 2530  * maintains a list of lock ranges ordered on increasing file offset that
 2531  * are NFSCLLOCK_READ or NFSCLLOCK_WRITE and non-overlapping (aka POSIX style).
 2532  * It always adds new_lop to the list and sometimes uses the one pointed
 2533  * at by other_lopp.
 2534  * Returns 1 if the locks were modified, 0 otherwise.
 2535  */
 2536 static int
 2537 nfscl_updatelock(struct nfscllockowner *lp, struct nfscllock **new_lopp,
 2538     struct nfscllock **other_lopp, int local)
 2539 {
 2540         struct nfscllock *new_lop = *new_lopp;
 2541         struct nfscllock *lop, *tlop, *ilop;
 2542         struct nfscllock *other_lop;
 2543         int unlock = 0, modified = 0;
 2544         u_int64_t tmp;
 2545 
 2546         /*
 2547          * Work down the list until the lock is merged.
 2548          */
 2549         if (new_lop->nfslo_type == F_UNLCK)
 2550                 unlock = 1;
 2551         ilop = (struct nfscllock *)lp;
 2552         lop = LIST_FIRST(&lp->nfsl_lock);
 2553         while (lop != NULL) {
 2554             /*
 2555              * Only check locks for this file that aren't before the start of
 2556              * new lock's range.
 2557              */
 2558             if (lop->nfslo_end >= new_lop->nfslo_first) {
 2559                 if (new_lop->nfslo_end < lop->nfslo_first) {
 2560                     /*
 2561                      * If the new lock ends before the start of the
 2562                      * current lock's range, no merge, just insert
 2563                      * the new lock.
 2564                      */
 2565                     break;
 2566                 }
 2567                 if (new_lop->nfslo_type == lop->nfslo_type ||
 2568                     (new_lop->nfslo_first <= lop->nfslo_first &&
 2569                      new_lop->nfslo_end >= lop->nfslo_end)) {
 2570                     /*
 2571                      * This lock can be absorbed by the new lock/unlock.
 2572                      * This happens when it covers the entire range
 2573                      * of the old lock or is contiguous
 2574                      * with the old lock and is of the same type or an
 2575                      * unlock.
 2576                      */
 2577                     if (new_lop->nfslo_type != lop->nfslo_type ||
 2578                         new_lop->nfslo_first != lop->nfslo_first ||
 2579                         new_lop->nfslo_end != lop->nfslo_end)
 2580                         modified = 1;
 2581                     if (lop->nfslo_first < new_lop->nfslo_first)
 2582                         new_lop->nfslo_first = lop->nfslo_first;
 2583                     if (lop->nfslo_end > new_lop->nfslo_end)
 2584                         new_lop->nfslo_end = lop->nfslo_end;
 2585                     tlop = lop;
 2586                     lop = LIST_NEXT(lop, nfslo_list);
 2587                     nfscl_freelock(tlop, local);
 2588                     continue;
 2589                 }
 2590 
 2591                 /*
 2592                  * All these cases are for contiguous locks that are not the
 2593                  * same type, so they can't be merged.
 2594                  */
 2595                 if (new_lop->nfslo_first <= lop->nfslo_first) {
 2596                     /*
 2597                      * This case is where the new lock overlaps with the
 2598                      * first part of the old lock. Move the start of the
 2599                      * old lock to just past the end of the new lock. The
 2600                      * new lock will be inserted in front of the old, since
 2601                      * ilop hasn't been updated. (We are done now.)
 2602                      */
 2603                     if (lop->nfslo_first != new_lop->nfslo_end) {
 2604                         lop->nfslo_first = new_lop->nfslo_end;
 2605                         modified = 1;
 2606                     }
 2607                     break;
 2608                 }
 2609                 if (new_lop->nfslo_end >= lop->nfslo_end) {
 2610                     /*
 2611                      * This case is where the new lock overlaps with the
 2612                      * end of the old lock's range. Move the old lock's
 2613                      * end to just before the new lock's first and insert
 2614                      * the new lock after the old lock.
 2615                      * Might not be done yet, since the new lock could
 2616                      * overlap further locks with higher ranges.
 2617                      */
 2618                     if (lop->nfslo_end != new_lop->nfslo_first) {
 2619                         lop->nfslo_end = new_lop->nfslo_first;
 2620                         modified = 1;
 2621                     }
 2622                     ilop = lop;
 2623                     lop = LIST_NEXT(lop, nfslo_list);
 2624                     continue;
 2625                 }
 2626                 /*
 2627                  * The final case is where the new lock's range is in the
 2628                  * middle of the current lock's and splits the current lock
 2629                  * up. Use *other_lopp to handle the second part of the
 2630                  * split old lock range. (We are done now.)
 2631                  * For unlock, we use new_lop as other_lop and tmp, since
 2632                  * other_lop and new_lop are the same for this case.
 2633                  * We noted the unlock case above, so we don't need
 2634                  * new_lop->nfslo_type any longer.
 2635                  */
 2636                 tmp = new_lop->nfslo_first;
 2637                 if (unlock) {
 2638                     other_lop = new_lop;
 2639                     *new_lopp = NULL;
 2640                 } else {
 2641                     other_lop = *other_lopp;
 2642                     *other_lopp = NULL;
 2643                 }
 2644                 other_lop->nfslo_first = new_lop->nfslo_end;
 2645                 other_lop->nfslo_end = lop->nfslo_end;
 2646                 other_lop->nfslo_type = lop->nfslo_type;
 2647                 lop->nfslo_end = tmp;
 2648                 nfscl_insertlock(lp, other_lop, lop, local);
 2649                 ilop = lop;
 2650                 modified = 1;
 2651                 break;
 2652             }
 2653             ilop = lop;
 2654             lop = LIST_NEXT(lop, nfslo_list);
 2655             if (lop == NULL)
 2656                 break;
 2657         }
 2658 
 2659         /*
 2660          * Insert the new lock in the list at the appropriate place.
 2661          */
 2662         if (!unlock) {
 2663                 nfscl_insertlock(lp, new_lop, ilop, local);
 2664                 *new_lopp = NULL;
 2665                 modified = 1;
 2666         }
 2667         return (modified);
 2668 }
 2669 
 2670 /*
 2671  * This function must be run as a kernel thread.
 2672  * It does Renew Ops and recovery, when required.
 2673  */
 2674 void
 2675 nfscl_renewthread(struct nfsclclient *clp, NFSPROC_T *p)
 2676 {
 2677         struct nfsclowner *owp, *nowp;
 2678         struct nfsclopen *op;
 2679         struct nfscllockowner *lp, *nlp;
 2680         struct nfscldeleghead dh;
 2681         struct nfscldeleg *dp, *ndp;
 2682         struct ucred *cred;
 2683         u_int32_t clidrev;
 2684         int error, cbpathdown, islept, igotlock, ret, clearok;
 2685         uint32_t recover_done_time = 0;
 2686         time_t mytime;
 2687         static time_t prevsec = 0;
 2688         struct nfscllockownerfh *lfhp, *nlfhp;
 2689         struct nfscllockownerfhhead lfh;
 2690         struct nfscllayout *lyp, *nlyp;
 2691         struct nfscldevinfo *dip, *ndip;
 2692         struct nfscllayouthead rlh;
 2693         struct nfsclrecalllayout *recallp;
 2694         struct nfsclds *dsp;
 2695         bool retok;
 2696         struct mount *mp;
 2697         vnode_t vp;
 2698 
 2699         cred = newnfs_getcred();
 2700         NFSLOCKCLSTATE();
 2701         clp->nfsc_flags |= NFSCLFLAGS_HASTHREAD;
 2702         mp = clp->nfsc_nmp->nm_mountp;
 2703         NFSUNLOCKCLSTATE();
 2704         for(;;) {
 2705                 newnfs_setroot(cred);
 2706                 cbpathdown = 0;
 2707                 if (clp->nfsc_flags & NFSCLFLAGS_RECOVER) {
 2708                         /*
 2709                          * Only allow one full recover within 1/2 of the lease
 2710                          * duration (nfsc_renew).
 2711                          * retok is value/result.  If passed in set to true,
 2712                          * it indicates only a CreateSession operation should
 2713                          * be attempted.
 2714                          * If it is returned true, it indicates that the
 2715                          * recovery only required a CreateSession.
 2716                          */
 2717                         retok = true;
 2718                         if (recover_done_time < NFSD_MONOSEC) {
 2719                                 recover_done_time = NFSD_MONOSEC +
 2720                                     clp->nfsc_renew;
 2721                                 retok = false;
 2722                         }
 2723                         NFSCL_DEBUG(1, "Doing recovery, only "
 2724                             "createsession=%d\n", retok);
 2725                         nfscl_recover(clp, &retok, cred, p);
 2726                 }
 2727                 if (clp->nfsc_expire <= NFSD_MONOSEC &&
 2728                     (clp->nfsc_flags & NFSCLFLAGS_HASCLIENTID)) {
 2729                         clp->nfsc_expire = NFSD_MONOSEC + clp->nfsc_renew;
 2730                         clidrev = clp->nfsc_clientidrev;
 2731                         error = nfsrpc_renew(clp, NULL, cred, p);
 2732                         if (error == NFSERR_CBPATHDOWN)
 2733                             cbpathdown = 1;
 2734                         else if (error == NFSERR_STALECLIENTID ||
 2735                             error == NFSERR_BADSESSION) {
 2736                             NFSLOCKCLSTATE();
 2737                             clp->nfsc_flags |= NFSCLFLAGS_RECOVER;
 2738                             NFSUNLOCKCLSTATE();
 2739                         } else if (error == NFSERR_EXPIRED)
 2740                             (void) nfscl_hasexpired(clp, clidrev, p);
 2741                 }
 2742 
 2743 checkdsrenew:
 2744                 if (NFSHASNFSV4N(clp->nfsc_nmp)) {
 2745                         /* Do renews for any DS sessions. */
 2746                         NFSLOCKMNT(clp->nfsc_nmp);
 2747                         /* Skip first entry, since the MDS is handled above. */
 2748                         dsp = TAILQ_FIRST(&clp->nfsc_nmp->nm_sess);
 2749                         if (dsp != NULL)
 2750                                 dsp = TAILQ_NEXT(dsp, nfsclds_list);
 2751                         while (dsp != NULL) {
 2752                                 if (dsp->nfsclds_expire <= NFSD_MONOSEC &&
 2753                                     dsp->nfsclds_sess.nfsess_defunct == 0) {
 2754                                         dsp->nfsclds_expire = NFSD_MONOSEC +
 2755                                             clp->nfsc_renew;
 2756                                         NFSUNLOCKMNT(clp->nfsc_nmp);
 2757                                         (void)nfsrpc_renew(clp, dsp, cred, p);
 2758                                         goto checkdsrenew;
 2759                                 }
 2760                                 dsp = TAILQ_NEXT(dsp, nfsclds_list);
 2761                         }
 2762                         NFSUNLOCKMNT(clp->nfsc_nmp);
 2763                 }
 2764 
 2765                 TAILQ_INIT(&dh);
 2766                 NFSLOCKCLSTATE();
 2767                 if (cbpathdown)
 2768                         /* It's a Total Recall! */
 2769                         nfscl_totalrecall(clp);
 2770 
 2771                 /*
 2772                  * Now, handle defunct owners.
 2773                  */
 2774                 LIST_FOREACH_SAFE(owp, &clp->nfsc_owner, nfsow_list, nowp) {
 2775                         if (LIST_EMPTY(&owp->nfsow_open)) {
 2776                                 if (owp->nfsow_defunct != 0)
 2777                                         nfscl_freeopenowner(owp, 0);
 2778                         }
 2779                 }
 2780 
 2781                 /*
 2782                  * Do the recall on any delegations. To avoid trouble, always
 2783                  * come back up here after having slept.
 2784                  */
 2785                 igotlock = 0;
 2786 tryagain:
 2787                 dp = TAILQ_FIRST(&clp->nfsc_deleg);
 2788                 while (dp != NULL) {
 2789                         ndp = TAILQ_NEXT(dp, nfsdl_list);
 2790                         if ((dp->nfsdl_flags & NFSCLDL_RECALL)) {
 2791                                 /*
 2792                                  * Wait for outstanding I/O ops to be done.
 2793                                  */
 2794                                 if (dp->nfsdl_rwlock.nfslock_usecnt > 0) {
 2795                                     if (igotlock) {
 2796                                         nfsv4_unlock(&clp->nfsc_lock, 0);
 2797                                         igotlock = 0;
 2798                                     }
 2799                                     dp->nfsdl_rwlock.nfslock_lock |=
 2800                                         NFSV4LOCK_WANTED;
 2801                                     msleep(&dp->nfsdl_rwlock,
 2802                                         NFSCLSTATEMUTEXPTR, PVFS, "nfscld",
 2803                                         5 * hz);
 2804                                     if (NFSCL_FORCEDISM(mp))
 2805                                         goto terminate;
 2806                                     goto tryagain;
 2807                                 }
 2808                                 while (!igotlock) {
 2809                                     igotlock = nfsv4_lock(&clp->nfsc_lock, 1,
 2810                                         &islept, NFSCLSTATEMUTEXPTR, mp);
 2811                                     if (igotlock == 0 && NFSCL_FORCEDISM(mp))
 2812                                         goto terminate;
 2813                                     if (islept)
 2814                                         goto tryagain;
 2815                                 }
 2816                                 NFSUNLOCKCLSTATE();
 2817                                 newnfs_copycred(&dp->nfsdl_cred, cred);
 2818                                 ret = nfscl_recalldeleg(clp, clp->nfsc_nmp, dp,
 2819                                     NULL, cred, p, 1, &vp);
 2820                                 if (!ret) {
 2821                                     nfscl_cleandeleg(dp);
 2822                                     TAILQ_REMOVE(&clp->nfsc_deleg, dp,
 2823                                         nfsdl_list);
 2824                                     LIST_REMOVE(dp, nfsdl_hash);
 2825                                     TAILQ_INSERT_HEAD(&dh, dp, nfsdl_list);
 2826                                     nfscl_delegcnt--;
 2827                                     nfsstatsv1.cldelegates--;
 2828                                 }
 2829                                 NFSLOCKCLSTATE();
 2830                                 /*
 2831                                  * The nfsc_lock must be released before doing
 2832                                  * vrele(), since it might call nfs_inactive().
 2833                                  * For the unlikely case where the vnode failed
 2834                                  * to be acquired by nfscl_recalldeleg(), a
 2835                                  * VOP_RECLAIM() should be in progress and it
 2836                                  * will return the delegation.
 2837                                  */
 2838                                 nfsv4_unlock(&clp->nfsc_lock, 0);
 2839                                 igotlock = 0;
 2840                                 if (vp != NULL) {
 2841                                         NFSUNLOCKCLSTATE();
 2842                                         vrele(vp);
 2843                                         NFSLOCKCLSTATE();
 2844                                 }
 2845                                 goto tryagain;
 2846                         }
 2847                         dp = ndp;
 2848                 }
 2849 
 2850                 /*
 2851                  * Clear out old delegations, if we are above the high water
 2852                  * mark. Only clear out ones with no state related to them.
 2853                  * The tailq list is in LRU order.
 2854                  */
 2855                 dp = TAILQ_LAST(&clp->nfsc_deleg, nfscldeleghead);
 2856                 while (nfscl_delegcnt > nfscl_deleghighwater && dp != NULL) {
 2857                     ndp = TAILQ_PREV(dp, nfscldeleghead, nfsdl_list);
 2858                     if (dp->nfsdl_rwlock.nfslock_usecnt == 0 &&
 2859                         dp->nfsdl_rwlock.nfslock_lock == 0 &&
 2860                         dp->nfsdl_timestamp < NFSD_MONOSEC &&
 2861                         (dp->nfsdl_flags & (NFSCLDL_RECALL | NFSCLDL_ZAPPED |
 2862                           NFSCLDL_NEEDRECLAIM | NFSCLDL_DELEGRET)) == 0) {
 2863                         clearok = 1;
 2864                         LIST_FOREACH(owp, &dp->nfsdl_owner, nfsow_list) {
 2865                             op = LIST_FIRST(&owp->nfsow_open);
 2866                             if (op != NULL) {
 2867                                 clearok = 0;
 2868                                 break;
 2869                             }
 2870                         }
 2871                         if (clearok) {
 2872                             LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 2873                                 if (!LIST_EMPTY(&lp->nfsl_lock)) {
 2874                                     clearok = 0;
 2875                                     break;
 2876                                 }
 2877                             }
 2878                         }
 2879                         if (clearok) {
 2880                             TAILQ_REMOVE(&clp->nfsc_deleg, dp, nfsdl_list);
 2881                             LIST_REMOVE(dp, nfsdl_hash);
 2882                             TAILQ_INSERT_HEAD(&dh, dp, nfsdl_list);
 2883                             nfscl_delegcnt--;
 2884                             nfsstatsv1.cldelegates--;
 2885                         }
 2886                     }
 2887                     dp = ndp;
 2888                 }
 2889                 if (igotlock)
 2890                         nfsv4_unlock(&clp->nfsc_lock, 0);
 2891 
 2892                 /*
 2893                  * Do the recall on any layouts. To avoid trouble, always
 2894                  * come back up here after having slept.
 2895                  */
 2896                 TAILQ_INIT(&rlh);
 2897 tryagain2:
 2898                 TAILQ_FOREACH_SAFE(lyp, &clp->nfsc_layout, nfsly_list, nlyp) {
 2899                         if ((lyp->nfsly_flags & NFSLY_RECALL) != 0) {
 2900                                 /*
 2901                                  * Wait for outstanding I/O ops to be done.
 2902                                  */
 2903                                 if (lyp->nfsly_lock.nfslock_usecnt > 0 ||
 2904                                     (lyp->nfsly_lock.nfslock_lock &
 2905                                      NFSV4LOCK_LOCK) != 0) {
 2906                                         lyp->nfsly_lock.nfslock_lock |=
 2907                                             NFSV4LOCK_WANTED;
 2908                                         msleep(&lyp->nfsly_lock.nfslock_lock,
 2909                                             NFSCLSTATEMUTEXPTR, PVFS, "nfslyp",
 2910                                             5 * hz);
 2911                                         if (NFSCL_FORCEDISM(mp))
 2912                                             goto terminate;
 2913                                         goto tryagain2;
 2914                                 }
 2915                                 /* Move the layout to the recall list. */
 2916                                 TAILQ_REMOVE(&clp->nfsc_layout, lyp,
 2917                                     nfsly_list);
 2918                                 LIST_REMOVE(lyp, nfsly_hash);
 2919                                 TAILQ_INSERT_HEAD(&rlh, lyp, nfsly_list);
 2920 
 2921                                 /* Handle any layout commits. */
 2922                                 if (!NFSHASNOLAYOUTCOMMIT(clp->nfsc_nmp) &&
 2923                                     (lyp->nfsly_flags & NFSLY_WRITTEN) != 0) {
 2924                                         lyp->nfsly_flags &= ~NFSLY_WRITTEN;
 2925                                         NFSUNLOCKCLSTATE();
 2926                                         NFSCL_DEBUG(3, "do layoutcommit\n");
 2927                                         nfscl_dolayoutcommit(clp->nfsc_nmp, lyp,
 2928                                             cred, p);
 2929                                         NFSLOCKCLSTATE();
 2930                                         goto tryagain2;
 2931                                 }
 2932                         }
 2933                 }
 2934 
 2935                 /* Now, look for stale layouts. */
 2936                 lyp = TAILQ_LAST(&clp->nfsc_layout, nfscllayouthead);
 2937                 while (lyp != NULL) {
 2938                         nlyp = TAILQ_PREV(lyp, nfscllayouthead, nfsly_list);
 2939                         if (lyp->nfsly_timestamp < NFSD_MONOSEC &&
 2940                             (lyp->nfsly_flags & (NFSLY_RECALL |
 2941                              NFSLY_RETONCLOSE)) == 0 &&
 2942                             lyp->nfsly_lock.nfslock_usecnt == 0 &&
 2943                             lyp->nfsly_lock.nfslock_lock == 0) {
 2944                                 NFSCL_DEBUG(4, "ret stale lay=%d\n",
 2945                                     nfscl_layoutcnt);
 2946                                 recallp = malloc(sizeof(*recallp),
 2947                                     M_NFSLAYRECALL, M_NOWAIT);
 2948                                 if (recallp == NULL)
 2949                                         break;
 2950                                 (void)nfscl_layoutrecall(NFSLAYOUTRETURN_FILE,
 2951                                     lyp, NFSLAYOUTIOMODE_ANY, 0, UINT64_MAX,
 2952                                     lyp->nfsly_stateid.seqid, 0, 0, NULL,
 2953                                     recallp);
 2954                         }
 2955                         lyp = nlyp;
 2956                 }
 2957 
 2958                 /*
 2959                  * Free up any unreferenced device info structures.
 2960                  */
 2961                 LIST_FOREACH_SAFE(dip, &clp->nfsc_devinfo, nfsdi_list, ndip) {
 2962                         if (dip->nfsdi_layoutrefs == 0 &&
 2963                             dip->nfsdi_refcnt == 0) {
 2964                                 NFSCL_DEBUG(4, "freeing devinfo\n");
 2965                                 LIST_REMOVE(dip, nfsdi_list);
 2966                                 nfscl_freedevinfo(dip);
 2967                         }
 2968                 }
 2969                 NFSUNLOCKCLSTATE();
 2970 
 2971                 /* Do layout return(s), as required. */
 2972                 TAILQ_FOREACH_SAFE(lyp, &rlh, nfsly_list, nlyp) {
 2973                         TAILQ_REMOVE(&rlh, lyp, nfsly_list);
 2974                         NFSCL_DEBUG(4, "ret layout\n");
 2975                         nfscl_layoutreturn(clp->nfsc_nmp, lyp, cred, p);
 2976                         if ((lyp->nfsly_flags & NFSLY_RETONCLOSE) != 0) {
 2977                                 NFSLOCKCLSTATE();
 2978                                 lyp->nfsly_flags |= NFSLY_RETURNED;
 2979                                 wakeup(lyp);
 2980                                 NFSUNLOCKCLSTATE();
 2981                         } else
 2982                                 nfscl_freelayout(lyp);
 2983                 }
 2984 
 2985                 /*
 2986                  * Delegreturn any delegations cleaned out or recalled.
 2987                  */
 2988                 TAILQ_FOREACH_SAFE(dp, &dh, nfsdl_list, ndp) {
 2989                         newnfs_copycred(&dp->nfsdl_cred, cred);
 2990                         (void) nfscl_trydelegreturn(dp, cred, clp->nfsc_nmp, p);
 2991                         TAILQ_REMOVE(&dh, dp, nfsdl_list);
 2992                         free(dp, M_NFSCLDELEG);
 2993                 }
 2994 
 2995                 SLIST_INIT(&lfh);
 2996                 /*
 2997                  * Call nfscl_cleanupkext() once per second to check for
 2998                  * open/lock owners where the process has exited.
 2999                  */
 3000                 mytime = NFSD_MONOSEC;
 3001                 if (prevsec != mytime) {
 3002                         prevsec = mytime;
 3003                         nfscl_cleanupkext(clp, &lfh);
 3004                 }
 3005 
 3006                 /*
 3007                  * Do a ReleaseLockOwner for all lock owners where the
 3008                  * associated process no longer exists, as found by
 3009                  * nfscl_cleanupkext().
 3010                  */
 3011                 newnfs_setroot(cred);
 3012                 SLIST_FOREACH_SAFE(lfhp, &lfh, nfslfh_list, nlfhp) {
 3013                         LIST_FOREACH_SAFE(lp, &lfhp->nfslfh_lock, nfsl_list,
 3014                             nlp) {
 3015                                 (void)nfsrpc_rellockown(clp->nfsc_nmp, lp,
 3016                                     lfhp->nfslfh_fh, lfhp->nfslfh_len, cred,
 3017                                     p);
 3018                                 nfscl_freelockowner(lp, 0);
 3019                         }
 3020                         free(lfhp, M_TEMP);
 3021                 }
 3022                 SLIST_INIT(&lfh);
 3023 
 3024                 NFSLOCKCLSTATE();
 3025                 if ((clp->nfsc_flags & NFSCLFLAGS_RECOVER) == 0)
 3026                         (void)mtx_sleep(clp, NFSCLSTATEMUTEXPTR, PWAIT, "nfscl",
 3027                             hz);
 3028 terminate:
 3029                 if (clp->nfsc_flags & NFSCLFLAGS_UMOUNT) {
 3030                         clp->nfsc_flags &= ~NFSCLFLAGS_HASTHREAD;
 3031                         NFSUNLOCKCLSTATE();
 3032                         NFSFREECRED(cred);
 3033                         wakeup((caddr_t)clp);
 3034                         return;
 3035                 }
 3036                 NFSUNLOCKCLSTATE();
 3037         }
 3038 }
 3039 
 3040 /*
 3041  * Initiate state recovery. Called when NFSERR_STALECLIENTID,
 3042  * NFSERR_STALESTATEID or NFSERR_BADSESSION is received.
 3043  */
 3044 void
 3045 nfscl_initiate_recovery(struct nfsclclient *clp)
 3046 {
 3047 
 3048         if (clp == NULL)
 3049                 return;
 3050         NFSLOCKCLSTATE();
 3051         clp->nfsc_flags |= NFSCLFLAGS_RECOVER;
 3052         NFSUNLOCKCLSTATE();
 3053         wakeup((caddr_t)clp);
 3054 }
 3055 
 3056 /*
 3057  * Dump out the state stuff for debugging.
 3058  */
 3059 void
 3060 nfscl_dumpstate(struct nfsmount *nmp, int openowner, int opens,
 3061     int lockowner, int locks)
 3062 {
 3063         struct nfsclclient *clp;
 3064         struct nfsclowner *owp;
 3065         struct nfsclopen *op;
 3066         struct nfscllockowner *lp;
 3067         struct nfscllock *lop;
 3068         struct nfscldeleg *dp;
 3069 
 3070         clp = nmp->nm_clp;
 3071         if (clp == NULL) {
 3072                 printf("nfscl dumpstate NULL clp\n");
 3073                 return;
 3074         }
 3075         NFSLOCKCLSTATE();
 3076         TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list) {
 3077           LIST_FOREACH(owp, &dp->nfsdl_owner, nfsow_list) {
 3078             if (openowner && !LIST_EMPTY(&owp->nfsow_open))
 3079                 printf("owner=0x%x 0x%x 0x%x 0x%x seqid=%d\n",
 3080                     owp->nfsow_owner[0], owp->nfsow_owner[1],
 3081                     owp->nfsow_owner[2], owp->nfsow_owner[3],
 3082                     owp->nfsow_seqid);
 3083             LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
 3084                 if (opens)
 3085                     printf("open st=0x%x 0x%x 0x%x cnt=%d fh12=0x%x\n",
 3086                         op->nfso_stateid.other[0], op->nfso_stateid.other[1],
 3087                         op->nfso_stateid.other[2], op->nfso_opencnt,
 3088                         op->nfso_fh[12]);
 3089                 LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
 3090                     if (lockowner)
 3091                         printf("lckown=0x%x 0x%x 0x%x 0x%x seqid=%d st=0x%x 0x%x 0x%x\n",
 3092                             lp->nfsl_owner[0], lp->nfsl_owner[1],
 3093                             lp->nfsl_owner[2], lp->nfsl_owner[3],
 3094                             lp->nfsl_seqid,
 3095                             lp->nfsl_stateid.other[0], lp->nfsl_stateid.other[1],
 3096                             lp->nfsl_stateid.other[2]);
 3097                     LIST_FOREACH(lop, &lp->nfsl_lock, nfslo_list) {
 3098                         if (locks)
 3099 #ifdef __FreeBSD__
 3100                             printf("lck typ=%d fst=%ju end=%ju\n",
 3101                                 lop->nfslo_type, (intmax_t)lop->nfslo_first,
 3102                                 (intmax_t)lop->nfslo_end);
 3103 #else
 3104                             printf("lck typ=%d fst=%qd end=%qd\n",
 3105                                 lop->nfslo_type, lop->nfslo_first,
 3106                                 lop->nfslo_end);
 3107 #endif
 3108                     }
 3109                 }
 3110             }
 3111           }
 3112         }
 3113         LIST_FOREACH(owp, &clp->nfsc_owner, nfsow_list) {
 3114             if (openowner && !LIST_EMPTY(&owp->nfsow_open))
 3115                 printf("owner=0x%x 0x%x 0x%x 0x%x seqid=%d\n",
 3116                     owp->nfsow_owner[0], owp->nfsow_owner[1],
 3117                     owp->nfsow_owner[2], owp->nfsow_owner[3],
 3118                     owp->nfsow_seqid);
 3119             LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
 3120                 if (opens)
 3121                     printf("open st=0x%x 0x%x 0x%x cnt=%d fh12=0x%x\n",
 3122                         op->nfso_stateid.other[0], op->nfso_stateid.other[1],
 3123                         op->nfso_stateid.other[2], op->nfso_opencnt,
 3124                         op->nfso_fh[12]);
 3125                 LIST_FOREACH(lp, &op->nfso_lock, nfsl_list) {
 3126                     if (lockowner)
 3127                         printf("lckown=0x%x 0x%x 0x%x 0x%x seqid=%d st=0x%x 0x%x 0x%x\n",
 3128                             lp->nfsl_owner[0], lp->nfsl_owner[1],
 3129                             lp->nfsl_owner[2], lp->nfsl_owner[3],
 3130                             lp->nfsl_seqid,
 3131                             lp->nfsl_stateid.other[0], lp->nfsl_stateid.other[1],
 3132                             lp->nfsl_stateid.other[2]);
 3133                     LIST_FOREACH(lop, &lp->nfsl_lock, nfslo_list) {
 3134                         if (locks)
 3135 #ifdef __FreeBSD__
 3136                             printf("lck typ=%d fst=%ju end=%ju\n",
 3137                                 lop->nfslo_type, (intmax_t)lop->nfslo_first,
 3138                                 (intmax_t)lop->nfslo_end);
 3139 #else
 3140                             printf("lck typ=%d fst=%qd end=%qd\n",
 3141                                 lop->nfslo_type, lop->nfslo_first,
 3142                                 lop->nfslo_end);
 3143 #endif
 3144                     }
 3145                 }
 3146             }
 3147         }
 3148         NFSUNLOCKCLSTATE();
 3149 }
 3150 
 3151 /*
 3152  * Check for duplicate open owners and opens.
 3153  * (Only used as a diagnostic aid.)
 3154  */
 3155 void
 3156 nfscl_dupopen(vnode_t vp, int dupopens)
 3157 {
 3158         struct nfsclclient *clp;
 3159         struct nfsclowner *owp, *owp2;
 3160         struct nfsclopen *op, *op2;
 3161         struct nfsfh *nfhp;
 3162 
 3163         clp = VFSTONFS(vp->v_mount)->nm_clp;
 3164         if (clp == NULL) {
 3165                 printf("nfscl dupopen NULL clp\n");
 3166                 return;
 3167         }
 3168         nfhp = VTONFS(vp)->n_fhp;
 3169         NFSLOCKCLSTATE();
 3170 
 3171         /*
 3172          * First, search for duplicate owners.
 3173          * These should never happen!
 3174          */
 3175         LIST_FOREACH(owp2, &clp->nfsc_owner, nfsow_list) {
 3176             LIST_FOREACH(owp, &clp->nfsc_owner, nfsow_list) {
 3177                 if (owp != owp2 &&
 3178                     !NFSBCMP(owp->nfsow_owner, owp2->nfsow_owner,
 3179                     NFSV4CL_LOCKNAMELEN)) {
 3180                         NFSUNLOCKCLSTATE();
 3181                         printf("DUP OWNER\n");
 3182                         nfscl_dumpstate(VFSTONFS(vp->v_mount), 1, 1, 0, 0);
 3183                         return;
 3184                 }
 3185             }
 3186         }
 3187 
 3188         /*
 3189          * Now, search for duplicate stateids.
 3190          * These shouldn't happen, either.
 3191          */
 3192         LIST_FOREACH(owp2, &clp->nfsc_owner, nfsow_list) {
 3193             LIST_FOREACH(op2, &owp2->nfsow_open, nfso_list) {
 3194                 LIST_FOREACH(owp, &clp->nfsc_owner, nfsow_list) {
 3195                     LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
 3196                         if (op != op2 &&
 3197                             (op->nfso_stateid.other[0] != 0 ||
 3198                              op->nfso_stateid.other[1] != 0 ||
 3199                              op->nfso_stateid.other[2] != 0) &&
 3200                             op->nfso_stateid.other[0] == op2->nfso_stateid.other[0] &&
 3201                             op->nfso_stateid.other[1] == op2->nfso_stateid.other[1] &&
 3202                             op->nfso_stateid.other[2] == op2->nfso_stateid.other[2]) {
 3203                             NFSUNLOCKCLSTATE();
 3204                             printf("DUP STATEID\n");
 3205                             nfscl_dumpstate(VFSTONFS(vp->v_mount), 1, 1, 0, 0);
 3206                             return;
 3207                         }
 3208                     }
 3209                 }
 3210             }
 3211         }
 3212 
 3213         /*
 3214          * Now search for duplicate opens.
 3215          * Duplicate opens for the same owner
 3216          * should never occur. Other duplicates are
 3217          * possible and are checked for if "dupopens"
 3218          * is true.
 3219          */
 3220         LIST_FOREACH(owp2, &clp->nfsc_owner, nfsow_list) {
 3221             LIST_FOREACH(op2, &owp2->nfsow_open, nfso_list) {
 3222                 if (nfhp->nfh_len == op2->nfso_fhlen &&
 3223                     !NFSBCMP(nfhp->nfh_fh, op2->nfso_fh, nfhp->nfh_len)) {
 3224                     LIST_FOREACH(owp, &clp->nfsc_owner, nfsow_list) {
 3225                         LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
 3226                             if (op != op2 && nfhp->nfh_len == op->nfso_fhlen &&
 3227                                 !NFSBCMP(nfhp->nfh_fh, op->nfso_fh, nfhp->nfh_len) &&
 3228                                 (!NFSBCMP(op->nfso_own->nfsow_owner,
 3229                                  op2->nfso_own->nfsow_owner, NFSV4CL_LOCKNAMELEN) ||
 3230                                  dupopens)) {
 3231                                 if (!NFSBCMP(op->nfso_own->nfsow_owner,
 3232                                     op2->nfso_own->nfsow_owner, NFSV4CL_LOCKNAMELEN)) {
 3233                                     NFSUNLOCKCLSTATE();
 3234                                     printf("BADDUP OPEN\n");
 3235                                 } else {
 3236                                     NFSUNLOCKCLSTATE();
 3237                                     printf("DUP OPEN\n");
 3238                                 }
 3239                                 nfscl_dumpstate(VFSTONFS(vp->v_mount), 1, 1, 0,
 3240                                     0);
 3241                                 return;
 3242                             }
 3243                         }
 3244                     }
 3245                 }
 3246             }
 3247         }
 3248         NFSUNLOCKCLSTATE();
 3249 }
 3250 
 3251 /*
 3252  * During close, find an open that needs to be dereferenced and
 3253  * dereference it. If there are no more opens for this file,
 3254  * log a message to that effect.
 3255  * Opens aren't actually Close'd until VOP_INACTIVE() is performed
 3256  * on the file's vnode.
 3257  * This is the safe way, since it is difficult to identify
 3258  * which open the close is for and I/O can be performed after the
 3259  * close(2) system call when a file is mmap'd.
 3260  * If it returns 0 for success, there will be a referenced
 3261  * clp returned via clpp.
 3262  */
 3263 int
 3264 nfscl_getclose(vnode_t vp, struct nfsclclient **clpp)
 3265 {
 3266         struct nfsclclient *clp;
 3267         struct nfsclowner *owp;
 3268         struct nfsclopen *op;
 3269         struct nfscldeleg *dp;
 3270         struct nfsfh *nfhp;
 3271         int error, notdecr;
 3272 
 3273         error = nfscl_getcl(vp->v_mount, NULL, NULL, false, true, &clp);
 3274         if (error)
 3275                 return (error);
 3276         *clpp = clp;
 3277 
 3278         nfhp = VTONFS(vp)->n_fhp;
 3279         notdecr = 1;
 3280         NFSLOCKCLSTATE();
 3281         /*
 3282          * First, look for one under a delegation that was locally issued
 3283          * and just decrement the opencnt for it. Since all my Opens against
 3284          * the server are DENY_NONE, I don't see a problem with hanging
 3285          * onto them. (It is much easier to use one of the extant Opens
 3286          * that I already have on the server when a Delegation is recalled
 3287          * than to do fresh Opens.) Someday, I might need to rethink this, but.
 3288          */
 3289         dp = nfscl_finddeleg(clp, nfhp->nfh_fh, nfhp->nfh_len);
 3290         if (dp != NULL) {
 3291                 LIST_FOREACH(owp, &dp->nfsdl_owner, nfsow_list) {
 3292                         op = LIST_FIRST(&owp->nfsow_open);
 3293                         if (op != NULL) {
 3294                                 /*
 3295                                  * Since a delegation is for a file, there
 3296                                  * should never be more than one open for
 3297                                  * each openowner.
 3298                                  */
 3299                                 if (LIST_NEXT(op, nfso_list) != NULL)
 3300                                         panic("nfscdeleg opens");
 3301                                 if (notdecr && op->nfso_opencnt > 0) {
 3302                                         notdecr = 0;
 3303                                         op->nfso_opencnt--;
 3304                                         break;
 3305                                 }
 3306                         }
 3307                 }
 3308         }
 3309 
 3310         /* Now process the opens against the server. */
 3311         LIST_FOREACH(op, NFSCLOPENHASH(clp, nfhp->nfh_fh, nfhp->nfh_len),
 3312             nfso_hash) {
 3313                 if (op->nfso_fhlen == nfhp->nfh_len &&
 3314                     !NFSBCMP(op->nfso_fh, nfhp->nfh_fh,
 3315                     nfhp->nfh_len)) {
 3316                         /* Found an open, decrement cnt if possible */
 3317                         if (notdecr && op->nfso_opencnt > 0) {
 3318                                 notdecr = 0;
 3319                                 op->nfso_opencnt--;
 3320                         }
 3321                         /*
 3322                          * There are more opens, so just return.
 3323                          */
 3324                         if (op->nfso_opencnt > 0) {
 3325                                 NFSUNLOCKCLSTATE();
 3326                                 return (0);
 3327                         }
 3328                 }
 3329         }
 3330         NFSUNLOCKCLSTATE();
 3331         if (notdecr)
 3332                 printf("nfscl: never fnd open\n");
 3333         return (0);
 3334 }
 3335 
 3336 int
 3337 nfscl_doclose(vnode_t vp, struct nfsclclient **clpp, NFSPROC_T *p)
 3338 {
 3339         struct nfsclclient *clp;
 3340         struct nfsmount *nmp;
 3341         struct nfsclowner *owp, *nowp;
 3342         struct nfsclopen *op, *nop;
 3343         struct nfsclopenhead delayed;
 3344         struct nfscldeleg *dp;
 3345         struct nfsfh *nfhp;
 3346         struct nfsclrecalllayout *recallp;
 3347         struct nfscllayout *lyp;
 3348         int error;
 3349 
 3350         error = nfscl_getcl(vp->v_mount, NULL, NULL, false, true, &clp);
 3351         if (error)
 3352                 return (error);
 3353         *clpp = clp;
 3354 
 3355         nmp = VFSTONFS(vp->v_mount);
 3356         nfhp = VTONFS(vp)->n_fhp;
 3357         recallp = malloc(sizeof(*recallp), M_NFSLAYRECALL, M_WAITOK);
 3358         NFSLOCKCLSTATE();
 3359         /*
 3360          * First get rid of the local Open structures, which should be no
 3361          * longer in use.
 3362          */
 3363         dp = nfscl_finddeleg(clp, nfhp->nfh_fh, nfhp->nfh_len);
 3364         if (dp != NULL) {
 3365                 LIST_FOREACH_SAFE(owp, &dp->nfsdl_owner, nfsow_list, nowp) {
 3366                         op = LIST_FIRST(&owp->nfsow_open);
 3367                         if (op != NULL) {
 3368                                 KASSERT((op->nfso_opencnt == 0),
 3369                                     ("nfscl: bad open cnt on deleg"));
 3370                                 nfscl_freeopen(op, 1, true);
 3371                         }
 3372                         nfscl_freeopenowner(owp, 1);
 3373                 }
 3374         }
 3375 
 3376         /* Return any layouts marked return on close. */
 3377         nfscl_retoncloselayout(vp, clp, nfhp->nfh_fh, nfhp->nfh_len, &recallp,
 3378             &lyp);
 3379 
 3380         /* Now process the opens against the server. */
 3381         LIST_INIT(&delayed);
 3382 lookformore:
 3383         LIST_FOREACH(op, NFSCLOPENHASH(clp, nfhp->nfh_fh, nfhp->nfh_len),
 3384             nfso_hash) {
 3385                 if (op->nfso_fhlen == nfhp->nfh_len &&
 3386                     !NFSBCMP(op->nfso_fh, nfhp->nfh_fh,
 3387                     nfhp->nfh_len)) {
 3388                         /* Found an open, close it. */
 3389 #ifdef DIAGNOSTIC
 3390                         KASSERT((op->nfso_opencnt == 0),
 3391                             ("nfscl: bad open cnt on server (%d)",
 3392                              op->nfso_opencnt));
 3393 #endif
 3394                         NFSUNLOCKCLSTATE();
 3395                         if (NFSHASNFSV4N(nmp))
 3396                                 error = nfsrpc_doclose(nmp, op, p, false, true);
 3397                         else
 3398                                 error = nfsrpc_doclose(nmp, op, p, true, true);
 3399                         NFSLOCKCLSTATE();
 3400                         if (error == NFSERR_DELAY) {
 3401                                 nfscl_unlinkopen(op);
 3402                                 op->nfso_own = NULL;
 3403                                 LIST_INSERT_HEAD(&delayed, op, nfso_list);
 3404                         }
 3405                         goto lookformore;
 3406                 }
 3407         }
 3408         nfscl_clrelease(clp);
 3409 
 3410         /* Now, wait for any layout that is returned upon close. */
 3411         if (lyp != NULL) {
 3412                 while ((lyp->nfsly_flags & NFSLY_RETURNED) == 0) {
 3413                         if (NFSCL_FORCEDISM(nmp->nm_mountp)) {
 3414                                 lyp = NULL;
 3415                                 break;
 3416                         }
 3417                         msleep(lyp, NFSCLSTATEMUTEXPTR, PZERO, "nfslroc", hz);
 3418                 }
 3419                 if (lyp != NULL)
 3420                         nfscl_freelayout(lyp);
 3421         }
 3422 
 3423         NFSUNLOCKCLSTATE();
 3424         /*
 3425          * recallp has been set NULL by nfscl_retoncloselayout() if it was
 3426          * used by the function, but calling free() with a NULL pointer is ok.
 3427          */
 3428         free(recallp, M_NFSLAYRECALL);
 3429 
 3430         /* Now, loop retrying the delayed closes. */
 3431         LIST_FOREACH_SAFE(op, &delayed, nfso_list, nop) {
 3432                 nfsrpc_doclose(nmp, op, p, true, false);
 3433                 LIST_REMOVE(op, nfso_list);
 3434                 nfscl_freeopen(op, 0, false);
 3435         }
 3436         return (0);
 3437 }
 3438 
 3439 /*
 3440  * Return all delegations on this client.
 3441  * (Must be called with client sleep lock.)
 3442  */
 3443 static void
 3444 nfscl_delegreturnall(struct nfsclclient *clp, NFSPROC_T *p,
 3445     struct nfscldeleghead *dhp)
 3446 {
 3447         struct nfscldeleg *dp, *ndp;
 3448         struct ucred *cred;
 3449 
 3450         cred = newnfs_getcred();
 3451         TAILQ_FOREACH_SAFE(dp, &clp->nfsc_deleg, nfsdl_list, ndp) {
 3452                 nfscl_cleandeleg(dp);
 3453                 (void) nfscl_trydelegreturn(dp, cred, clp->nfsc_nmp, p);
 3454                 if (dhp != NULL) {
 3455                         nfscl_freedeleg(&clp->nfsc_deleg, dp, false);
 3456                         TAILQ_INSERT_HEAD(dhp, dp, nfsdl_list);
 3457                 } else
 3458                         nfscl_freedeleg(&clp->nfsc_deleg, dp, true);
 3459         }
 3460         NFSFREECRED(cred);
 3461 }
 3462 
 3463 /*
 3464  * Return any delegation for this vp.
 3465  */
 3466 void
 3467 nfscl_delegreturnvp(vnode_t vp, NFSPROC_T *p)
 3468 {
 3469         struct nfsclclient *clp;
 3470         struct nfscldeleg *dp;
 3471         struct ucred *cred;
 3472         struct nfsnode *np;
 3473         struct nfsmount *nmp;
 3474 
 3475         nmp = VFSTONFS(vp->v_mount);
 3476         NFSLOCKMNT(nmp);
 3477         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 3478                 NFSUNLOCKMNT(nmp);
 3479                 return;
 3480         }
 3481         NFSUNLOCKMNT(nmp);
 3482         np = VTONFS(vp);
 3483         cred = newnfs_getcred();
 3484         dp = NULL;
 3485         NFSLOCKCLSTATE();
 3486         clp = nmp->nm_clp;
 3487         if (clp != NULL)
 3488                 dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh,
 3489                     np->n_fhp->nfh_len);
 3490         if (dp != NULL) {
 3491                 nfscl_cleandeleg(dp);
 3492                 nfscl_freedeleg(&clp->nfsc_deleg, dp, false);
 3493                 NFSUNLOCKCLSTATE();
 3494                 newnfs_copycred(&dp->nfsdl_cred, cred);
 3495                 nfscl_trydelegreturn(dp, cred, clp->nfsc_nmp, p);
 3496                 free(dp, M_NFSCLDELEG);
 3497         } else
 3498                 NFSUNLOCKCLSTATE();
 3499         NFSFREECRED(cred);
 3500 }
 3501 
 3502 /*
 3503  * Do a callback RPC.
 3504  */
 3505 void
 3506 nfscl_docb(struct nfsrv_descript *nd, NFSPROC_T *p)
 3507 {
 3508         int clist, gotseq_ok, i, j, k, op, rcalls;
 3509         u_int32_t *tl;
 3510         struct nfsclclient *clp;
 3511         struct nfscldeleg *dp = NULL;
 3512         int numops, taglen = -1, error = 0, trunc __unused;
 3513         u_int32_t minorvers = 0, retops = 0, *retopsp = NULL, *repp, cbident;
 3514         u_char tag[NFSV4_SMALLSTR + 1], *tagstr;
 3515         vnode_t vp = NULL;
 3516         struct nfsnode *np;
 3517         struct vattr va;
 3518         struct nfsfh *nfhp;
 3519         mount_t mp;
 3520         nfsattrbit_t attrbits, rattrbits;
 3521         nfsv4stateid_t stateid;
 3522         uint32_t seqid, slotid = 0, highslot, cachethis __unused;
 3523         uint8_t sessionid[NFSX_V4SESSIONID];
 3524         struct mbuf *rep;
 3525         struct nfscllayout *lyp;
 3526         uint64_t filesid[2], len, off;
 3527         int changed, gotone, laytype, recalltype;
 3528         uint32_t iomode;
 3529         struct nfsclrecalllayout *recallp = NULL;
 3530         struct nfsclsession *tsep;
 3531 
 3532         gotseq_ok = 0;
 3533         nfsrvd_rephead(nd);
 3534         NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
 3535         taglen = fxdr_unsigned(int, *tl);
 3536         if (taglen < 0) {
 3537                 error = EBADRPC;
 3538                 goto nfsmout;
 3539         }
 3540         if (taglen <= NFSV4_SMALLSTR)
 3541                 tagstr = tag;
 3542         else
 3543                 tagstr = malloc(taglen + 1, M_TEMP, M_WAITOK);
 3544         error = nfsrv_mtostr(nd, tagstr, taglen);
 3545         if (error) {
 3546                 if (taglen > NFSV4_SMALLSTR)
 3547                         free(tagstr, M_TEMP);
 3548                 taglen = -1;
 3549                 goto nfsmout;
 3550         }
 3551         (void) nfsm_strtom(nd, tag, taglen);
 3552         if (taglen > NFSV4_SMALLSTR) {
 3553                 free(tagstr, M_TEMP);
 3554         }
 3555         NFSM_BUILD(retopsp, u_int32_t *, NFSX_UNSIGNED);
 3556         NFSM_DISSECT(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
 3557         minorvers = fxdr_unsigned(u_int32_t, *tl++);
 3558         if (minorvers != NFSV4_MINORVERSION &&
 3559             minorvers != NFSV41_MINORVERSION &&
 3560             minorvers != NFSV42_MINORVERSION)
 3561                 nd->nd_repstat = NFSERR_MINORVERMISMATCH;
 3562         cbident = fxdr_unsigned(u_int32_t, *tl++);
 3563         if (nd->nd_repstat)
 3564                 numops = 0;
 3565         else
 3566                 numops = fxdr_unsigned(int, *tl);
 3567         /*
 3568          * Loop around doing the sub ops.
 3569          */
 3570         for (i = 0; i < numops; i++) {
 3571                 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
 3572                 NFSM_BUILD(repp, u_int32_t *, 2 * NFSX_UNSIGNED);
 3573                 *repp++ = *tl;
 3574                 op = fxdr_unsigned(int, *tl);
 3575                 if (op < NFSV4OP_CBGETATTR ||
 3576                    (op > NFSV4OP_CBRECALL && minorvers == NFSV4_MINORVERSION) ||
 3577                    (op > NFSV4OP_CBNOTIFYDEVID &&
 3578                     minorvers == NFSV41_MINORVERSION) ||
 3579                    (op > NFSV4OP_CBOFFLOAD &&
 3580                     minorvers == NFSV42_MINORVERSION)) {
 3581                     nd->nd_repstat = NFSERR_OPILLEGAL;
 3582                     *repp = nfscl_errmap(nd, minorvers);
 3583                     retops++;
 3584                     break;
 3585                 }
 3586                 nd->nd_procnum = op;
 3587                 if (op < NFSV42_CBNOPS)
 3588                         nfsstatsv1.cbrpccnt[nd->nd_procnum]++;
 3589                 switch (op) {
 3590                 case NFSV4OP_CBGETATTR:
 3591                         NFSCL_DEBUG(4, "cbgetattr\n");
 3592                         mp = NULL;
 3593                         vp = NULL;
 3594                         error = nfsm_getfh(nd, &nfhp);
 3595                         if (!error)
 3596                                 error = nfsrv_getattrbits(nd, &attrbits,
 3597                                     NULL, NULL);
 3598                         if (error == 0 && i == 0 &&
 3599                             minorvers != NFSV4_MINORVERSION)
 3600                                 error = NFSERR_OPNOTINSESS;
 3601                         if (!error) {
 3602                                 mp = nfscl_getmnt(minorvers, sessionid, cbident,
 3603                                     &clp);
 3604                                 if (mp == NULL)
 3605                                         error = NFSERR_SERVERFAULT;
 3606                         }
 3607                         if (!error) {
 3608                                 error = nfscl_ngetreopen(mp, nfhp->nfh_fh,
 3609                                     nfhp->nfh_len, p, &np);
 3610                                 if (!error)
 3611                                         vp = NFSTOV(np);
 3612                         }
 3613                         if (!error) {
 3614                                 NFSZERO_ATTRBIT(&rattrbits);
 3615                                 NFSLOCKCLSTATE();
 3616                                 dp = nfscl_finddeleg(clp, nfhp->nfh_fh,
 3617                                     nfhp->nfh_len);
 3618                                 if (dp != NULL) {
 3619                                         if (NFSISSET_ATTRBIT(&attrbits,
 3620                                             NFSATTRBIT_SIZE)) {
 3621                                                 if (vp != NULL)
 3622                                                         va.va_size = np->n_size;
 3623                                                 else
 3624                                                         va.va_size =
 3625                                                             dp->nfsdl_size;
 3626                                                 NFSSETBIT_ATTRBIT(&rattrbits,
 3627                                                     NFSATTRBIT_SIZE);
 3628                                         }
 3629                                         if (NFSISSET_ATTRBIT(&attrbits,
 3630                                             NFSATTRBIT_CHANGE)) {
 3631                                                 va.va_filerev =
 3632                                                     dp->nfsdl_change;
 3633                                                 if (vp == NULL ||
 3634                                                     (np->n_flag & NDELEGMOD))
 3635                                                         va.va_filerev++;
 3636                                                 NFSSETBIT_ATTRBIT(&rattrbits,
 3637                                                     NFSATTRBIT_CHANGE);
 3638                                         }
 3639                                 } else
 3640                                         error = NFSERR_SERVERFAULT;
 3641                                 NFSUNLOCKCLSTATE();
 3642                         }
 3643                         if (vp != NULL)
 3644                                 vrele(vp);
 3645                         if (mp != NULL)
 3646                                 vfs_unbusy(mp);
 3647                         if (nfhp != NULL)
 3648                                 free(nfhp, M_NFSFH);
 3649                         if (!error)
 3650                                 (void) nfsv4_fillattr(nd, NULL, NULL, NULL, &va,
 3651                                     NULL, 0, &rattrbits, NULL, p, 0, 0, 0, 0,
 3652                                     (uint64_t)0, NULL);
 3653                         break;
 3654                 case NFSV4OP_CBRECALL:
 3655                         NFSCL_DEBUG(4, "cbrecall\n");
 3656                         NFSM_DISSECT(tl, u_int32_t *, NFSX_STATEID +
 3657                             NFSX_UNSIGNED);
 3658                         stateid.seqid = *tl++;
 3659                         NFSBCOPY((caddr_t)tl, (caddr_t)stateid.other,
 3660                             NFSX_STATEIDOTHER);
 3661                         tl += (NFSX_STATEIDOTHER / NFSX_UNSIGNED);
 3662                         trunc = fxdr_unsigned(int, *tl);
 3663                         error = nfsm_getfh(nd, &nfhp);
 3664                         if (error == 0 && i == 0 &&
 3665                             minorvers != NFSV4_MINORVERSION)
 3666                                 error = NFSERR_OPNOTINSESS;
 3667                         if (!error) {
 3668                                 NFSLOCKCLSTATE();
 3669                                 if (minorvers == NFSV4_MINORVERSION)
 3670                                         clp = nfscl_getclnt(cbident);
 3671                                 else
 3672                                         clp = nfscl_getclntsess(sessionid);
 3673                                 if (clp != NULL) {
 3674                                         dp = nfscl_finddeleg(clp, nfhp->nfh_fh,
 3675                                             nfhp->nfh_len);
 3676                                         if (dp != NULL && (dp->nfsdl_flags &
 3677                                             NFSCLDL_DELEGRET) == 0) {
 3678                                                 dp->nfsdl_flags |=
 3679                                                     NFSCLDL_RECALL;
 3680                                                 wakeup((caddr_t)clp);
 3681                                         }
 3682                                 } else {
 3683                                         error = NFSERR_SERVERFAULT;
 3684                                 }
 3685                                 NFSUNLOCKCLSTATE();
 3686                         }
 3687                         if (nfhp != NULL)
 3688                                 free(nfhp, M_NFSFH);
 3689                         break;
 3690                 case NFSV4OP_CBLAYOUTRECALL:
 3691                         NFSCL_DEBUG(4, "cblayrec\n");
 3692                         nfhp = NULL;
 3693                         NFSM_DISSECT(tl, uint32_t *, 4 * NFSX_UNSIGNED);
 3694                         laytype = fxdr_unsigned(int, *tl++);
 3695                         iomode = fxdr_unsigned(uint32_t, *tl++);
 3696                         if (newnfs_true == *tl++)
 3697                                 changed = 1;
 3698                         else
 3699                                 changed = 0;
 3700                         recalltype = fxdr_unsigned(int, *tl);
 3701                         NFSCL_DEBUG(4, "layt=%d iom=%d ch=%d rectyp=%d\n",
 3702                             laytype, iomode, changed, recalltype);
 3703                         recallp = malloc(sizeof(*recallp), M_NFSLAYRECALL,
 3704                             M_WAITOK);
 3705                         if (laytype != NFSLAYOUT_NFSV4_1_FILES &&
 3706                             laytype != NFSLAYOUT_FLEXFILE)
 3707                                 error = NFSERR_NOMATCHLAYOUT;
 3708                         else if (recalltype == NFSLAYOUTRETURN_FILE) {
 3709                                 error = nfsm_getfh(nd, &nfhp);
 3710                                 NFSCL_DEBUG(4, "retfile getfh=%d\n", error);
 3711                                 if (error != 0)
 3712                                         goto nfsmout;
 3713                                 NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_HYPER +
 3714                                     NFSX_STATEID);
 3715                                 off = fxdr_hyper(tl); tl += 2;
 3716                                 len = fxdr_hyper(tl); tl += 2;
 3717                                 stateid.seqid = fxdr_unsigned(uint32_t, *tl++);
 3718                                 NFSBCOPY(tl, stateid.other, NFSX_STATEIDOTHER);
 3719                                 if (minorvers == NFSV4_MINORVERSION)
 3720                                         error = NFSERR_NOTSUPP;
 3721                                 else if (i == 0)
 3722                                         error = NFSERR_OPNOTINSESS;
 3723                                 NFSCL_DEBUG(4, "off=%ju len=%ju sq=%u err=%d\n",
 3724                                     (uintmax_t)off, (uintmax_t)len,
 3725                                     stateid.seqid, error);
 3726                                 if (error == 0) {
 3727                                         NFSLOCKCLSTATE();
 3728                                         clp = nfscl_getclntsess(sessionid);
 3729                                         NFSCL_DEBUG(4, "cbly clp=%p\n", clp);
 3730                                         if (clp != NULL) {
 3731                                                 lyp = nfscl_findlayout(clp,
 3732                                                     nfhp->nfh_fh,
 3733                                                     nfhp->nfh_len);
 3734                                                 NFSCL_DEBUG(4, "cblyp=%p\n",
 3735                                                     lyp);
 3736                                                 if (lyp != NULL &&
 3737                                                     (lyp->nfsly_flags &
 3738                                                      (NFSLY_FILES |
 3739                                                       NFSLY_FLEXFILE)) != 0 &&
 3740                                                     !NFSBCMP(stateid.other,
 3741                                                     lyp->nfsly_stateid.other,
 3742                                                     NFSX_STATEIDOTHER)) {
 3743                                                         error =
 3744                                                             nfscl_layoutrecall(
 3745                                                             recalltype,
 3746                                                             lyp, iomode, off,
 3747                                                             len, stateid.seqid,
 3748                                                             0, 0, NULL,
 3749                                                             recallp);
 3750                                                         if (error == 0 &&
 3751                                                             stateid.seqid >
 3752                                                             lyp->nfsly_stateid.seqid)
 3753                                                                 lyp->nfsly_stateid.seqid =
 3754                                                                     stateid.seqid;
 3755                                                         recallp = NULL;
 3756                                                         wakeup(clp);
 3757                                                         NFSCL_DEBUG(4,
 3758                                                             "aft layrcal=%d "
 3759                                                             "layseqid=%d\n",
 3760                                                             error,
 3761                                                             lyp->nfsly_stateid.seqid);
 3762                                                 } else
 3763                                                         error =
 3764                                                           NFSERR_NOMATCHLAYOUT;
 3765                                         } else
 3766                                                 error = NFSERR_NOMATCHLAYOUT;
 3767                                         NFSUNLOCKCLSTATE();
 3768                                 }
 3769                                 free(nfhp, M_NFSFH);
 3770                         } else if (recalltype == NFSLAYOUTRETURN_FSID) {
 3771                                 NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_HYPER);
 3772                                 filesid[0] = fxdr_hyper(tl); tl += 2;
 3773                                 filesid[1] = fxdr_hyper(tl); tl += 2;
 3774                                 gotone = 0;
 3775                                 NFSLOCKCLSTATE();
 3776                                 clp = nfscl_getclntsess(sessionid);
 3777                                 if (clp != NULL) {
 3778                                         TAILQ_FOREACH(lyp, &clp->nfsc_layout,
 3779                                             nfsly_list) {
 3780                                                 if (lyp->nfsly_filesid[0] ==
 3781                                                     filesid[0] &&
 3782                                                     lyp->nfsly_filesid[1] ==
 3783                                                     filesid[1]) {
 3784                                                         error =
 3785                                                             nfscl_layoutrecall(
 3786                                                             recalltype,
 3787                                                             lyp, iomode, 0,
 3788                                                             UINT64_MAX,
 3789                                                             lyp->nfsly_stateid.seqid,
 3790                                                             0, 0, NULL,
 3791                                                             recallp);
 3792                                                         recallp = NULL;
 3793                                                         gotone = 1;
 3794                                                 }
 3795                                         }
 3796                                         if (gotone != 0)
 3797                                                 wakeup(clp);
 3798                                         else
 3799                                                 error = NFSERR_NOMATCHLAYOUT;
 3800                                 } else
 3801                                         error = NFSERR_NOMATCHLAYOUT;
 3802                                 NFSUNLOCKCLSTATE();
 3803                         } else if (recalltype == NFSLAYOUTRETURN_ALL) {
 3804                                 gotone = 0;
 3805                                 NFSLOCKCLSTATE();
 3806                                 clp = nfscl_getclntsess(sessionid);
 3807                                 if (clp != NULL) {
 3808                                         TAILQ_FOREACH(lyp, &clp->nfsc_layout,
 3809                                             nfsly_list) {
 3810                                                 error = nfscl_layoutrecall(
 3811                                                     recalltype, lyp, iomode, 0,
 3812                                                     UINT64_MAX,
 3813                                                     lyp->nfsly_stateid.seqid,
 3814                                                     0, 0, NULL, recallp);
 3815                                                 recallp = NULL;
 3816                                                 gotone = 1;
 3817                                         }
 3818                                         if (gotone != 0)
 3819                                                 wakeup(clp);
 3820                                         else
 3821                                                 error = NFSERR_NOMATCHLAYOUT;
 3822                                 } else
 3823                                         error = NFSERR_NOMATCHLAYOUT;
 3824                                 NFSUNLOCKCLSTATE();
 3825                         } else
 3826                                 error = NFSERR_NOMATCHLAYOUT;
 3827                         if (recallp != NULL) {
 3828                                 free(recallp, M_NFSLAYRECALL);
 3829                                 recallp = NULL;
 3830                         }
 3831                         break;
 3832                 case NFSV4OP_CBSEQUENCE:
 3833                         NFSM_DISSECT(tl, uint32_t *, NFSX_V4SESSIONID +
 3834                             5 * NFSX_UNSIGNED);
 3835                         bcopy(tl, sessionid, NFSX_V4SESSIONID);
 3836                         tl += NFSX_V4SESSIONID / NFSX_UNSIGNED;
 3837                         seqid = fxdr_unsigned(uint32_t, *tl++);
 3838                         slotid = fxdr_unsigned(uint32_t, *tl++);
 3839                         highslot = fxdr_unsigned(uint32_t, *tl++);
 3840                         cachethis = *tl++;
 3841                         /* Throw away the referring call stuff. */
 3842                         clist = fxdr_unsigned(int, *tl);
 3843                         for (j = 0; j < clist; j++) {
 3844                                 NFSM_DISSECT(tl, uint32_t *, NFSX_V4SESSIONID +
 3845                                     NFSX_UNSIGNED);
 3846                                 tl += NFSX_V4SESSIONID / NFSX_UNSIGNED;
 3847                                 rcalls = fxdr_unsigned(int, *tl);
 3848                                 for (k = 0; k < rcalls; k++) {
 3849                                         NFSM_DISSECT(tl, uint32_t *,
 3850                                             2 * NFSX_UNSIGNED);
 3851                                 }
 3852                         }
 3853                         NFSLOCKCLSTATE();
 3854                         if (i == 0) {
 3855                                 clp = nfscl_getclntsess(sessionid);
 3856                                 if (clp == NULL)
 3857                                         error = NFSERR_SERVERFAULT;
 3858                         } else
 3859                                 error = NFSERR_SEQUENCEPOS;
 3860                         if (error == 0) {
 3861                                 tsep = nfsmnt_mdssession(clp->nfsc_nmp);
 3862                                 error = nfsv4_seqsession(seqid, slotid,
 3863                                     highslot, tsep->nfsess_cbslots, &rep,
 3864                                     tsep->nfsess_backslots);
 3865                         }
 3866                         NFSUNLOCKCLSTATE();
 3867                         if (error == 0 || error == NFSERR_REPLYFROMCACHE) {
 3868                                 gotseq_ok = 1;
 3869                                 if (rep != NULL) {
 3870                                         /*
 3871                                          * Handle a reply for a retried
 3872                                          * callback.  The reply will be
 3873                                          * re-inserted in the session cache
 3874                                          * by the nfsv4_seqsess_cacherep() call
 3875                                          * after out:
 3876                                          */
 3877                                         KASSERT(error == NFSERR_REPLYFROMCACHE,
 3878                                             ("cbsequence: non-NULL rep"));
 3879                                         NFSCL_DEBUG(4, "Got cbretry\n");
 3880                                         m_freem(nd->nd_mreq);
 3881                                         nd->nd_mreq = rep;
 3882                                         rep = NULL;
 3883                                         goto out;
 3884                                 }
 3885                                 NFSM_BUILD(tl, uint32_t *,
 3886                                     NFSX_V4SESSIONID + 4 * NFSX_UNSIGNED);
 3887                                 bcopy(sessionid, tl, NFSX_V4SESSIONID);
 3888                                 tl += NFSX_V4SESSIONID / NFSX_UNSIGNED;
 3889                                 *tl++ = txdr_unsigned(seqid);
 3890                                 *tl++ = txdr_unsigned(slotid);
 3891                                 *tl++ = txdr_unsigned(NFSV4_CBSLOTS - 1);
 3892                                 *tl = txdr_unsigned(NFSV4_CBSLOTS - 1);
 3893                         }
 3894                         break;
 3895                 default:
 3896                         if (i == 0 && minorvers != NFSV4_MINORVERSION)
 3897                                 error = NFSERR_OPNOTINSESS;
 3898                         else {
 3899                                 NFSCL_DEBUG(1, "unsupp callback %d\n", op);
 3900                                 error = NFSERR_NOTSUPP;
 3901                         }
 3902                         break;
 3903                 }
 3904                 if (error) {
 3905                         if (error == EBADRPC || error == NFSERR_BADXDR) {
 3906                                 nd->nd_repstat = NFSERR_BADXDR;
 3907                         } else {
 3908                                 nd->nd_repstat = error;
 3909                         }
 3910                         error = 0;
 3911                 }
 3912                 retops++;
 3913                 if (nd->nd_repstat) {
 3914                         *repp = nfscl_errmap(nd, minorvers);
 3915                         break;
 3916                 } else
 3917                         *repp = 0;      /* NFS4_OK */
 3918         }
 3919 nfsmout:
 3920         if (recallp != NULL)
 3921                 free(recallp, M_NFSLAYRECALL);
 3922         if (error) {
 3923                 if (error == EBADRPC || error == NFSERR_BADXDR)
 3924                         nd->nd_repstat = NFSERR_BADXDR;
 3925                 else
 3926                         printf("nfsv4 comperr1=%d\n", error);
 3927         }
 3928         if (taglen == -1) {
 3929                 NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
 3930                 *tl++ = 0;
 3931                 *tl = 0;
 3932         } else {
 3933                 *retopsp = txdr_unsigned(retops);
 3934         }
 3935         *nd->nd_errp = nfscl_errmap(nd, minorvers);
 3936 out:
 3937         if (gotseq_ok != 0) {
 3938                 rep = m_copym(nd->nd_mreq, 0, M_COPYALL, M_WAITOK);
 3939                 NFSLOCKCLSTATE();
 3940                 clp = nfscl_getclntsess(sessionid);
 3941                 if (clp != NULL) {
 3942                         tsep = nfsmnt_mdssession(clp->nfsc_nmp);
 3943                         nfsv4_seqsess_cacherep(slotid, tsep->nfsess_cbslots,
 3944                             NFSERR_OK, &rep);
 3945                         NFSUNLOCKCLSTATE();
 3946                 } else {
 3947                         NFSUNLOCKCLSTATE();
 3948                         m_freem(rep);
 3949                 }
 3950         }
 3951 }
 3952 
 3953 /*
 3954  * Generate the next cbident value. Basically just increment a static value
 3955  * and then check that it isn't already in the list, if it has wrapped around.
 3956  */
 3957 static u_int32_t
 3958 nfscl_nextcbident(void)
 3959 {
 3960         struct nfsclclient *clp;
 3961         int matched;
 3962         static u_int32_t nextcbident = 0;
 3963         static int haswrapped = 0;
 3964 
 3965         nextcbident++;
 3966         if (nextcbident == 0)
 3967                 haswrapped = 1;
 3968         if (haswrapped) {
 3969                 /*
 3970                  * Search the clientid list for one already using this cbident.
 3971                  */
 3972                 do {
 3973                         matched = 0;
 3974                         NFSLOCKCLSTATE();
 3975                         LIST_FOREACH(clp, &nfsclhead, nfsc_list) {
 3976                                 if (clp->nfsc_cbident == nextcbident) {
 3977                                         matched = 1;
 3978                                         break;
 3979                                 }
 3980                         }
 3981                         NFSUNLOCKCLSTATE();
 3982                         if (matched == 1)
 3983                                 nextcbident++;
 3984                 } while (matched);
 3985         }
 3986         return (nextcbident);
 3987 }
 3988 
 3989 /*
 3990  * Get the mount point related to a given cbident or session and busy it.
 3991  */
 3992 static mount_t
 3993 nfscl_getmnt(int minorvers, uint8_t *sessionid, u_int32_t cbident,
 3994     struct nfsclclient **clpp)
 3995 {
 3996         struct nfsclclient *clp;
 3997         mount_t mp;
 3998         int error;
 3999         struct nfsclsession *tsep;
 4000 
 4001         *clpp = NULL;
 4002         NFSLOCKCLSTATE();
 4003         LIST_FOREACH(clp, &nfsclhead, nfsc_list) {
 4004                 tsep = nfsmnt_mdssession(clp->nfsc_nmp);
 4005                 if (minorvers == NFSV4_MINORVERSION) {
 4006                         if (clp->nfsc_cbident == cbident)
 4007                                 break;
 4008                 } else if (!NFSBCMP(tsep->nfsess_sessionid, sessionid,
 4009                     NFSX_V4SESSIONID))
 4010                         break;
 4011         }
 4012         if (clp == NULL) {
 4013                 NFSUNLOCKCLSTATE();
 4014                 return (NULL);
 4015         }
 4016         mp = clp->nfsc_nmp->nm_mountp;
 4017         vfs_ref(mp);
 4018         NFSUNLOCKCLSTATE();
 4019         error = vfs_busy(mp, 0);
 4020         vfs_rel(mp);
 4021         if (error != 0)
 4022                 return (NULL);
 4023         *clpp = clp;
 4024         return (mp);
 4025 }
 4026 
 4027 /*
 4028  * Get the clientid pointer related to a given cbident.
 4029  */
 4030 static struct nfsclclient *
 4031 nfscl_getclnt(u_int32_t cbident)
 4032 {
 4033         struct nfsclclient *clp;
 4034 
 4035         LIST_FOREACH(clp, &nfsclhead, nfsc_list)
 4036                 if (clp->nfsc_cbident == cbident)
 4037                         break;
 4038         return (clp);
 4039 }
 4040 
 4041 /*
 4042  * Get the clientid pointer related to a given sessionid.
 4043  */
 4044 static struct nfsclclient *
 4045 nfscl_getclntsess(uint8_t *sessionid)
 4046 {
 4047         struct nfsclclient *clp;
 4048         struct nfsclsession *tsep;
 4049 
 4050         LIST_FOREACH(clp, &nfsclhead, nfsc_list) {
 4051                 tsep = nfsmnt_mdssession(clp->nfsc_nmp);
 4052                 if (!NFSBCMP(tsep->nfsess_sessionid, sessionid,
 4053                     NFSX_V4SESSIONID))
 4054                         break;
 4055         }
 4056         return (clp);
 4057 }
 4058 
 4059 /*
 4060  * Search for a lock conflict locally on the client. A conflict occurs if
 4061  * - not same owner and overlapping byte range and at least one of them is
 4062  *   a write lock or this is an unlock.
 4063  */
 4064 static int
 4065 nfscl_localconflict(struct nfsclclient *clp, u_int8_t *fhp, int fhlen,
 4066     struct nfscllock *nlop, u_int8_t *own, struct nfscldeleg *dp,
 4067     struct nfscllock **lopp)
 4068 {
 4069         struct nfsclopen *op;
 4070         int ret;
 4071 
 4072         if (dp != NULL) {
 4073                 ret = nfscl_checkconflict(&dp->nfsdl_lock, nlop, own, lopp);
 4074                 if (ret)
 4075                         return (ret);
 4076         }
 4077         LIST_FOREACH(op, NFSCLOPENHASH(clp, fhp, fhlen), nfso_hash) {
 4078                 if (op->nfso_fhlen == fhlen &&
 4079                     !NFSBCMP(op->nfso_fh, fhp, fhlen)) {
 4080                         ret = nfscl_checkconflict(&op->nfso_lock, nlop,
 4081                             own, lopp);
 4082                         if (ret)
 4083                                 return (ret);
 4084                 }
 4085         }
 4086         return (0);
 4087 }
 4088 
 4089 static int
 4090 nfscl_checkconflict(struct nfscllockownerhead *lhp, struct nfscllock *nlop,
 4091     u_int8_t *own, struct nfscllock **lopp)
 4092 {
 4093         struct nfscllockowner *lp;
 4094         struct nfscllock *lop;
 4095 
 4096         LIST_FOREACH(lp, lhp, nfsl_list) {
 4097                 if (NFSBCMP(lp->nfsl_owner, own, NFSV4CL_LOCKNAMELEN)) {
 4098                         LIST_FOREACH(lop, &lp->nfsl_lock, nfslo_list) {
 4099                                 if (lop->nfslo_first >= nlop->nfslo_end)
 4100                                         break;
 4101                                 if (lop->nfslo_end <= nlop->nfslo_first)
 4102                                         continue;
 4103                                 if (lop->nfslo_type == F_WRLCK ||
 4104                                     nlop->nfslo_type == F_WRLCK ||
 4105                                     nlop->nfslo_type == F_UNLCK) {
 4106                                         if (lopp != NULL)
 4107                                                 *lopp = lop;
 4108                                         return (NFSERR_DENIED);
 4109                                 }
 4110                         }
 4111                 }
 4112         }
 4113         return (0);
 4114 }
 4115 
 4116 /*
 4117  * Check for a local conflicting lock.
 4118  */
 4119 int
 4120 nfscl_lockt(vnode_t vp, struct nfsclclient *clp, u_int64_t off,
 4121     u_int64_t len, struct flock *fl, NFSPROC_T *p, void *id, int flags)
 4122 {
 4123         struct nfscllock *lop, nlck;
 4124         struct nfscldeleg *dp;
 4125         struct nfsnode *np;
 4126         u_int8_t own[NFSV4CL_LOCKNAMELEN];
 4127         int error;
 4128 
 4129         nlck.nfslo_type = fl->l_type;
 4130         nlck.nfslo_first = off;
 4131         if (len == NFS64BITSSET) {
 4132                 nlck.nfslo_end = NFS64BITSSET;
 4133         } else {
 4134                 nlck.nfslo_end = off + len;
 4135                 if (nlck.nfslo_end <= nlck.nfslo_first)
 4136                         return (NFSERR_INVAL);
 4137         }
 4138         np = VTONFS(vp);
 4139         nfscl_filllockowner(id, own, flags);
 4140         NFSLOCKCLSTATE();
 4141         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 4142         error = nfscl_localconflict(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len,
 4143             &nlck, own, dp, &lop);
 4144         if (error != 0) {
 4145                 fl->l_whence = SEEK_SET;
 4146                 fl->l_start = lop->nfslo_first;
 4147                 if (lop->nfslo_end == NFS64BITSSET)
 4148                         fl->l_len = 0;
 4149                 else
 4150                         fl->l_len = lop->nfslo_end - lop->nfslo_first;
 4151                 fl->l_pid = (pid_t)0;
 4152                 fl->l_type = lop->nfslo_type;
 4153                 error = -1;                     /* no RPC required */
 4154         } else if (dp != NULL && ((dp->nfsdl_flags & NFSCLDL_WRITE) ||
 4155             fl->l_type == F_RDLCK)) {
 4156                 /*
 4157                  * The delegation ensures that there isn't a conflicting
 4158                  * lock on the server, so return -1 to indicate an RPC
 4159                  * isn't required.
 4160                  */
 4161                 fl->l_type = F_UNLCK;
 4162                 error = -1;
 4163         }
 4164         NFSUNLOCKCLSTATE();
 4165         return (error);
 4166 }
 4167 
 4168 /*
 4169  * Handle Recall of a delegation.
 4170  * The clp must be exclusive locked when this is called.
 4171  */
 4172 static int
 4173 nfscl_recalldeleg(struct nfsclclient *clp, struct nfsmount *nmp,
 4174     struct nfscldeleg *dp, vnode_t vp, struct ucred *cred, NFSPROC_T *p,
 4175     int called_from_renewthread, vnode_t *vpp)
 4176 {
 4177         struct nfsclowner *owp, *lowp, *nowp;
 4178         struct nfsclopen *op, *lop;
 4179         struct nfscllockowner *lp;
 4180         struct nfscllock *lckp;
 4181         struct nfsnode *np;
 4182         int error = 0, ret;
 4183 
 4184         if (vp == NULL) {
 4185                 KASSERT(vpp != NULL, ("nfscl_recalldeleg: vpp NULL"));
 4186                 *vpp = NULL;
 4187                 /*
 4188                  * First, get a vnode for the file. This is needed to do RPCs.
 4189                  */
 4190                 ret = nfscl_ngetreopen(nmp->nm_mountp, dp->nfsdl_fh,
 4191                     dp->nfsdl_fhlen, p, &np);
 4192                 if (ret) {
 4193                         /*
 4194                          * File isn't open, so nothing to move over to the
 4195                          * server.
 4196                          */
 4197                         return (0);
 4198                 }
 4199                 vp = NFSTOV(np);
 4200                 *vpp = vp;
 4201         } else {
 4202                 np = VTONFS(vp);
 4203         }
 4204         dp->nfsdl_flags &= ~NFSCLDL_MODTIMESET;
 4205 
 4206         /*
 4207          * Ok, if it's a write delegation, flush data to the server, so
 4208          * that close/open consistency is retained.
 4209          */
 4210         ret = 0;
 4211         NFSLOCKNODE(np);
 4212         if ((dp->nfsdl_flags & NFSCLDL_WRITE) && (np->n_flag & NMODIFIED)) {
 4213                 np->n_flag |= NDELEGRECALL;
 4214                 NFSUNLOCKNODE(np);
 4215                 ret = ncl_flush(vp, MNT_WAIT, p, 1, called_from_renewthread);
 4216                 NFSLOCKNODE(np);
 4217                 np->n_flag &= ~NDELEGRECALL;
 4218         }
 4219         NFSINVALATTRCACHE(np);
 4220         NFSUNLOCKNODE(np);
 4221         if (ret == EIO && called_from_renewthread != 0) {
 4222                 /*
 4223                  * If the flush failed with EIO for the renew thread,
 4224                  * return now, so that the dirty buffer will be flushed
 4225                  * later.
 4226                  */
 4227                 return (ret);
 4228         }
 4229 
 4230         /*
 4231          * Now, for each openowner with opens issued locally, move them
 4232          * over to state against the server.
 4233          */
 4234         LIST_FOREACH(lowp, &dp->nfsdl_owner, nfsow_list) {
 4235                 lop = LIST_FIRST(&lowp->nfsow_open);
 4236                 if (lop != NULL) {
 4237                         if (LIST_NEXT(lop, nfso_list) != NULL)
 4238                                 panic("nfsdlg mult opens");
 4239                         /*
 4240                          * Look for the same openowner against the server.
 4241                          */
 4242                         LIST_FOREACH(owp, &clp->nfsc_owner, nfsow_list) {
 4243                                 if (!NFSBCMP(lowp->nfsow_owner,
 4244                                     owp->nfsow_owner, NFSV4CL_LOCKNAMELEN)) {
 4245                                         newnfs_copycred(&dp->nfsdl_cred, cred);
 4246                                         ret = nfscl_moveopen(vp, clp, nmp, lop,
 4247                                             owp, dp, cred, p);
 4248                                         if (ret == NFSERR_STALECLIENTID ||
 4249                                             ret == NFSERR_STALEDONTRECOVER ||
 4250                                             ret == NFSERR_BADSESSION)
 4251                                                 return (ret);
 4252                                         if (ret) {
 4253                                                 nfscl_freeopen(lop, 1, true);
 4254                                                 if (!error)
 4255                                                         error = ret;
 4256                                         }
 4257                                         break;
 4258                                 }
 4259                         }
 4260 
 4261                         /*
 4262                          * If no openowner found, create one and get an open
 4263                          * for it.
 4264                          */
 4265                         if (owp == NULL) {
 4266                                 nowp = malloc(
 4267                                     sizeof (struct nfsclowner), M_NFSCLOWNER,
 4268                                     M_WAITOK);
 4269                                 nfscl_newopen(clp, NULL, &owp, &nowp, &op, 
 4270                                     NULL, lowp->nfsow_owner, dp->nfsdl_fh,
 4271                                     dp->nfsdl_fhlen, NULL, NULL);
 4272                                 newnfs_copycred(&dp->nfsdl_cred, cred);
 4273                                 ret = nfscl_moveopen(vp, clp, nmp, lop,
 4274                                     owp, dp, cred, p);
 4275                                 if (ret) {
 4276                                         nfscl_freeopenowner(owp, 0);
 4277                                         if (ret == NFSERR_STALECLIENTID ||
 4278                                             ret == NFSERR_STALEDONTRECOVER ||
 4279                                             ret == NFSERR_BADSESSION)
 4280                                                 return (ret);
 4281                                         if (ret) {
 4282                                                 nfscl_freeopen(lop, 1, true);
 4283                                                 if (!error)
 4284                                                         error = ret;
 4285                                         }
 4286                                 }
 4287                         }
 4288                 }
 4289         }
 4290 
 4291         /*
 4292          * Now, get byte range locks for any locks done locally.
 4293          */
 4294         LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 4295                 LIST_FOREACH(lckp, &lp->nfsl_lock, nfslo_list) {
 4296                         newnfs_copycred(&dp->nfsdl_cred, cred);
 4297                         ret = nfscl_relock(vp, clp, nmp, lp, lckp, cred, p);
 4298                         if (ret == NFSERR_STALESTATEID ||
 4299                             ret == NFSERR_STALEDONTRECOVER ||
 4300                             ret == NFSERR_STALECLIENTID ||
 4301                             ret == NFSERR_BADSESSION)
 4302                                 return (ret);
 4303                         if (ret && !error)
 4304                                 error = ret;
 4305                 }
 4306         }
 4307         return (error);
 4308 }
 4309 
 4310 /*
 4311  * Move a locally issued open over to an owner on the state list.
 4312  * SIDE EFFECT: If it needs to sleep (do an rpc), it unlocks clstate and
 4313  * returns with it unlocked.
 4314  */
 4315 static int
 4316 nfscl_moveopen(vnode_t vp, struct nfsclclient *clp, struct nfsmount *nmp,
 4317     struct nfsclopen *lop, struct nfsclowner *owp, struct nfscldeleg *dp,
 4318     struct ucred *cred, NFSPROC_T *p)
 4319 {
 4320         struct nfsclopen *op, *nop;
 4321         struct nfscldeleg *ndp;
 4322         struct nfsnode *np;
 4323         int error = 0, newone;
 4324 
 4325         /*
 4326          * First, look for an appropriate open, If found, just increment the
 4327          * opencnt in it.
 4328          */
 4329         LIST_FOREACH(op, &owp->nfsow_open, nfso_list) {
 4330                 if ((op->nfso_mode & lop->nfso_mode) == lop->nfso_mode &&
 4331                     op->nfso_fhlen == lop->nfso_fhlen &&
 4332                     !NFSBCMP(op->nfso_fh, lop->nfso_fh, op->nfso_fhlen)) {
 4333                         op->nfso_opencnt += lop->nfso_opencnt;
 4334                         nfscl_freeopen(lop, 1, true);
 4335                         return (0);
 4336                 }
 4337         }
 4338 
 4339         /* No appropriate open, so we have to do one against the server. */
 4340         np = VTONFS(vp);
 4341         nop = malloc(sizeof (struct nfsclopen) +
 4342             lop->nfso_fhlen - 1, M_NFSCLOPEN, M_WAITOK);
 4343         nop->nfso_hash.le_prev = NULL;
 4344         newone = 0;
 4345         nfscl_newopen(clp, NULL, &owp, NULL, &op, &nop, owp->nfsow_owner,
 4346             lop->nfso_fh, lop->nfso_fhlen, cred, &newone);
 4347         ndp = dp;
 4348         error = nfscl_tryopen(nmp, vp, np->n_v4->n4_data, np->n_v4->n4_fhlen,
 4349             lop->nfso_fh, lop->nfso_fhlen, lop->nfso_mode, op,
 4350             NFS4NODENAME(np->n_v4), np->n_v4->n4_namelen, &ndp, 0, 0, cred, p);
 4351         if (error) {
 4352                 if (newone)
 4353                         nfscl_freeopen(op, 0, true);
 4354         } else {
 4355                 op->nfso_mode |= lop->nfso_mode;
 4356                 op->nfso_opencnt += lop->nfso_opencnt;
 4357                 nfscl_freeopen(lop, 1, true);
 4358         }
 4359         if (nop != NULL)
 4360                 free(nop, M_NFSCLOPEN);
 4361         if (ndp != NULL) {
 4362                 /*
 4363                  * What should I do with the returned delegation, since the
 4364                  * delegation is being recalled? For now, just printf and
 4365                  * through it away.
 4366                  */
 4367                 printf("Moveopen returned deleg\n");
 4368                 free(ndp, M_NFSCLDELEG);
 4369         }
 4370         return (error);
 4371 }
 4372 
 4373 /*
 4374  * Recall all delegations on this client.
 4375  */
 4376 static void
 4377 nfscl_totalrecall(struct nfsclclient *clp)
 4378 {
 4379         struct nfscldeleg *dp;
 4380 
 4381         TAILQ_FOREACH(dp, &clp->nfsc_deleg, nfsdl_list) {
 4382                 if ((dp->nfsdl_flags & NFSCLDL_DELEGRET) == 0)
 4383                         dp->nfsdl_flags |= NFSCLDL_RECALL;
 4384         }
 4385 }
 4386 
 4387 /*
 4388  * Relock byte ranges. Called for delegation recall and state expiry.
 4389  */
 4390 static int
 4391 nfscl_relock(vnode_t vp, struct nfsclclient *clp, struct nfsmount *nmp,
 4392     struct nfscllockowner *lp, struct nfscllock *lop, struct ucred *cred,
 4393     NFSPROC_T *p)
 4394 {
 4395         struct nfscllockowner *nlp;
 4396         struct nfsfh *nfhp;
 4397         struct nfsnode *np;
 4398         u_int64_t off, len;
 4399         int error, newone, donelocally;
 4400 
 4401         if (NFSHASNFSV4N(nmp) && NFSHASONEOPENOWN(nmp)) {
 4402                 np = VTONFS(vp);
 4403                 NFSLOCKNODE(np);
 4404                 np->n_flag |= NMIGHTBELOCKED;
 4405                 NFSUNLOCKNODE(np);
 4406         }
 4407 
 4408         off = lop->nfslo_first;
 4409         len = lop->nfslo_end - lop->nfslo_first;
 4410         error = nfscl_getbytelock(vp, off, len, lop->nfslo_type, cred, p,
 4411             clp, 1, NULL, lp->nfsl_lockflags, lp->nfsl_owner,
 4412             lp->nfsl_openowner, &nlp, &newone, &donelocally);
 4413         if (error || donelocally)
 4414                 return (error);
 4415         nfhp = VTONFS(vp)->n_fhp;
 4416         error = nfscl_trylock(nmp, vp, nfhp->nfh_fh,
 4417             nfhp->nfh_len, nlp, newone, 0, off,
 4418             len, lop->nfslo_type, cred, p);
 4419         if (error)
 4420                 nfscl_freelockowner(nlp, 0);
 4421         return (error);
 4422 }
 4423 
 4424 /*
 4425  * Called to re-open a file. Basically get a vnode for the file handle
 4426  * and then call nfsrpc_openrpc() to do the rest.
 4427  */
 4428 static int
 4429 nfsrpc_reopen(struct nfsmount *nmp, u_int8_t *fhp, int fhlen,
 4430     u_int32_t mode, struct nfsclopen *op, struct nfscldeleg **dpp,
 4431     struct ucred *cred, NFSPROC_T *p)
 4432 {
 4433         struct nfsnode *np;
 4434         vnode_t vp;
 4435         int error;
 4436 
 4437         error = nfscl_ngetreopen(nmp->nm_mountp, fhp, fhlen, p, &np);
 4438         if (error)
 4439                 return (error);
 4440         vp = NFSTOV(np);
 4441         if (np->n_v4 != NULL) {
 4442                 error = nfscl_tryopen(nmp, vp, np->n_v4->n4_data,
 4443                     np->n_v4->n4_fhlen, fhp, fhlen, mode, op,
 4444                     NFS4NODENAME(np->n_v4), np->n_v4->n4_namelen, dpp, 0, 0,
 4445                     cred, p);
 4446         } else {
 4447                 error = EINVAL;
 4448         }
 4449         vrele(vp);
 4450         return (error);
 4451 }
 4452 
 4453 /*
 4454  * Try an open against the server. Just call nfsrpc_openrpc(), retrying while
 4455  * NFSERR_DELAY. Also, try system credentials, if the passed in credentials
 4456  * fail.
 4457  */
 4458 static int
 4459 nfscl_tryopen(struct nfsmount *nmp, vnode_t vp, u_int8_t *fhp, int fhlen,
 4460     u_int8_t *newfhp, int newfhlen, u_int32_t mode, struct nfsclopen *op,
 4461     u_int8_t *name, int namelen, struct nfscldeleg **ndpp,
 4462     int reclaim, u_int32_t delegtype, struct ucred *cred, NFSPROC_T *p)
 4463 {
 4464         int error;
 4465 
 4466         do {
 4467                 error = nfsrpc_openrpc(nmp, vp, fhp, fhlen, newfhp, newfhlen,
 4468                     mode, op, name, namelen, ndpp, reclaim, delegtype, cred, p,
 4469                     0, 0);
 4470                 if (error == NFSERR_DELAY)
 4471                         (void) nfs_catnap(PZERO, error, "nfstryop");
 4472         } while (error == NFSERR_DELAY);
 4473         if (error == EAUTH || error == EACCES) {
 4474                 /* Try again using system credentials */
 4475                 newnfs_setroot(cred);
 4476                 do {
 4477                     error = nfsrpc_openrpc(nmp, vp, fhp, fhlen, newfhp,
 4478                         newfhlen, mode, op, name, namelen, ndpp, reclaim,
 4479                         delegtype, cred, p, 1, 0);
 4480                     if (error == NFSERR_DELAY)
 4481                         (void) nfs_catnap(PZERO, error, "nfstryop");
 4482                 } while (error == NFSERR_DELAY);
 4483         }
 4484         return (error);
 4485 }
 4486 
 4487 /*
 4488  * Try a byte range lock. Just loop on nfsrpc_lock() while it returns
 4489  * NFSERR_DELAY. Also, retry with system credentials, if the provided
 4490  * cred don't work.
 4491  */
 4492 static int
 4493 nfscl_trylock(struct nfsmount *nmp, vnode_t vp, u_int8_t *fhp,
 4494     int fhlen, struct nfscllockowner *nlp, int newone, int reclaim,
 4495     u_int64_t off, u_int64_t len, short type, struct ucred *cred, NFSPROC_T *p)
 4496 {
 4497         struct nfsrv_descript nfsd, *nd = &nfsd;
 4498         int error;
 4499 
 4500         do {
 4501                 error = nfsrpc_lock(nd, nmp, vp, fhp, fhlen, nlp, newone,
 4502                     reclaim, off, len, type, cred, p, 0);
 4503                 if (!error && nd->nd_repstat == NFSERR_DELAY)
 4504                         (void) nfs_catnap(PZERO, (int)nd->nd_repstat,
 4505                             "nfstrylck");
 4506         } while (!error && nd->nd_repstat == NFSERR_DELAY);
 4507         if (!error)
 4508                 error = nd->nd_repstat;
 4509         if (error == EAUTH || error == EACCES) {
 4510                 /* Try again using root credentials */
 4511                 newnfs_setroot(cred);
 4512                 do {
 4513                         error = nfsrpc_lock(nd, nmp, vp, fhp, fhlen, nlp,
 4514                             newone, reclaim, off, len, type, cred, p, 1);
 4515                         if (!error && nd->nd_repstat == NFSERR_DELAY)
 4516                                 (void) nfs_catnap(PZERO, (int)nd->nd_repstat,
 4517                                     "nfstrylck");
 4518                 } while (!error && nd->nd_repstat == NFSERR_DELAY);
 4519                 if (!error)
 4520                         error = nd->nd_repstat;
 4521         }
 4522         return (error);
 4523 }
 4524 
 4525 /*
 4526  * Try a delegreturn against the server. Just call nfsrpc_delegreturn(),
 4527  * retrying while NFSERR_DELAY. Also, try system credentials, if the passed in
 4528  * credentials fail.
 4529  */
 4530 static int
 4531 nfscl_trydelegreturn(struct nfscldeleg *dp, struct ucred *cred,
 4532     struct nfsmount *nmp, NFSPROC_T *p)
 4533 {
 4534         int error;
 4535 
 4536         do {
 4537                 error = nfsrpc_delegreturn(dp, cred, nmp, p, 0);
 4538                 if (error == NFSERR_DELAY)
 4539                         (void) nfs_catnap(PZERO, error, "nfstrydp");
 4540         } while (error == NFSERR_DELAY);
 4541         if (error == EAUTH || error == EACCES) {
 4542                 /* Try again using system credentials */
 4543                 newnfs_setroot(cred);
 4544                 do {
 4545                         error = nfsrpc_delegreturn(dp, cred, nmp, p, 1);
 4546                         if (error == NFSERR_DELAY)
 4547                                 (void) nfs_catnap(PZERO, error, "nfstrydp");
 4548                 } while (error == NFSERR_DELAY);
 4549         }
 4550         return (error);
 4551 }
 4552 
 4553 /*
 4554  * Try a close against the server. Just call nfsrpc_closerpc(),
 4555  * retrying while NFSERR_DELAY. Also, try system credentials, if the passed in
 4556  * credentials fail.
 4557  */
 4558 int
 4559 nfscl_tryclose(struct nfsclopen *op, struct ucred *cred,
 4560     struct nfsmount *nmp, NFSPROC_T *p, bool loop_on_delayed)
 4561 {
 4562         struct nfsrv_descript nfsd, *nd = &nfsd;
 4563         int error;
 4564 
 4565         do {
 4566                 error = nfsrpc_closerpc(nd, nmp, op, cred, p, 0);
 4567                 if (loop_on_delayed && error == NFSERR_DELAY)
 4568                         (void) nfs_catnap(PZERO, error, "nfstrycl");
 4569         } while (loop_on_delayed && error == NFSERR_DELAY);
 4570         if (error == EAUTH || error == EACCES) {
 4571                 /* Try again using system credentials */
 4572                 newnfs_setroot(cred);
 4573                 do {
 4574                         error = nfsrpc_closerpc(nd, nmp, op, cred, p, 1);
 4575                         if (loop_on_delayed && error == NFSERR_DELAY)
 4576                                 (void) nfs_catnap(PZERO, error, "nfstrycl");
 4577                 } while (loop_on_delayed && error == NFSERR_DELAY);
 4578         }
 4579         return (error);
 4580 }
 4581 
 4582 /*
 4583  * Decide if a delegation on a file permits close without flushing writes
 4584  * to the server. This might be a big performance win in some environments.
 4585  * (Not useful until the client does caching on local stable storage.)
 4586  */
 4587 int
 4588 nfscl_mustflush(vnode_t vp)
 4589 {
 4590         struct nfsclclient *clp;
 4591         struct nfscldeleg *dp;
 4592         struct nfsnode *np;
 4593         struct nfsmount *nmp;
 4594 
 4595         np = VTONFS(vp);
 4596         nmp = VFSTONFS(vp->v_mount);
 4597         if (!NFSHASNFSV4(nmp))
 4598                 return (1);
 4599         NFSLOCKMNT(nmp);
 4600         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 4601                 NFSUNLOCKMNT(nmp);
 4602                 return (1);
 4603         }
 4604         NFSUNLOCKMNT(nmp);
 4605         NFSLOCKCLSTATE();
 4606         clp = nfscl_findcl(nmp);
 4607         if (clp == NULL) {
 4608                 NFSUNLOCKCLSTATE();
 4609                 return (1);
 4610         }
 4611         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 4612         if (dp != NULL && (dp->nfsdl_flags &
 4613             (NFSCLDL_WRITE | NFSCLDL_RECALL | NFSCLDL_DELEGRET)) ==
 4614              NFSCLDL_WRITE &&
 4615             (dp->nfsdl_sizelimit >= np->n_size ||
 4616              !NFSHASSTRICT3530(nmp))) {
 4617                 NFSUNLOCKCLSTATE();
 4618                 return (0);
 4619         }
 4620         NFSUNLOCKCLSTATE();
 4621         return (1);
 4622 }
 4623 
 4624 /*
 4625  * See if a (write) delegation exists for this file.
 4626  */
 4627 int
 4628 nfscl_nodeleg(vnode_t vp, int writedeleg)
 4629 {
 4630         struct nfsclclient *clp;
 4631         struct nfscldeleg *dp;
 4632         struct nfsnode *np;
 4633         struct nfsmount *nmp;
 4634 
 4635         np = VTONFS(vp);
 4636         nmp = VFSTONFS(vp->v_mount);
 4637         if (!NFSHASNFSV4(nmp))
 4638                 return (1);
 4639         NFSLOCKMNT(nmp);
 4640         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 4641                 NFSUNLOCKMNT(nmp);
 4642                 return (1);
 4643         }
 4644         NFSUNLOCKMNT(nmp);
 4645         NFSLOCKCLSTATE();
 4646         clp = nfscl_findcl(nmp);
 4647         if (clp == NULL) {
 4648                 NFSUNLOCKCLSTATE();
 4649                 return (1);
 4650         }
 4651         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 4652         if (dp != NULL &&
 4653             (dp->nfsdl_flags & (NFSCLDL_RECALL | NFSCLDL_DELEGRET)) == 0 &&
 4654             (writedeleg == 0 || (dp->nfsdl_flags & NFSCLDL_WRITE) ==
 4655              NFSCLDL_WRITE)) {
 4656                 NFSUNLOCKCLSTATE();
 4657                 return (0);
 4658         }
 4659         NFSUNLOCKCLSTATE();
 4660         return (1);
 4661 }
 4662 
 4663 /*
 4664  * Look for an associated delegation that should be DelegReturned.
 4665  */
 4666 int
 4667 nfscl_removedeleg(vnode_t vp, NFSPROC_T *p, nfsv4stateid_t *stp)
 4668 {
 4669         struct nfsclclient *clp;
 4670         struct nfscldeleg *dp;
 4671         struct nfsclowner *owp;
 4672         struct nfscllockowner *lp;
 4673         struct nfsmount *nmp;
 4674         struct mount *mp;
 4675         struct ucred *cred;
 4676         struct nfsnode *np;
 4677         int igotlock = 0, triedrecall = 0, needsrecall, retcnt = 0, islept;
 4678 
 4679         nmp = VFSTONFS(vp->v_mount);
 4680         if (NFSHASPNFS(nmp))
 4681                 return (retcnt);
 4682         NFSLOCKMNT(nmp);
 4683         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 4684                 NFSUNLOCKMNT(nmp);
 4685                 return (retcnt);
 4686         }
 4687         NFSUNLOCKMNT(nmp);
 4688         np = VTONFS(vp);
 4689         mp = nmp->nm_mountp;
 4690         NFSLOCKCLSTATE();
 4691         /*
 4692          * Loop around waiting for:
 4693          * - outstanding I/O operations on delegations to complete
 4694          * - for a delegation on vp that has state, lock the client and
 4695          *   do a recall
 4696          * - return delegation with no state
 4697          */
 4698         while (1) {
 4699                 clp = nfscl_findcl(nmp);
 4700                 if (clp == NULL) {
 4701                         NFSUNLOCKCLSTATE();
 4702                         return (retcnt);
 4703                 }
 4704                 dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh,
 4705                     np->n_fhp->nfh_len);
 4706                 if (dp != NULL) {
 4707                     /*
 4708                      * Wait for outstanding I/O ops to be done.
 4709                      */
 4710                     if (dp->nfsdl_rwlock.nfslock_usecnt > 0) {
 4711                         if (igotlock) {
 4712                             nfsv4_unlock(&clp->nfsc_lock, 0);
 4713                             igotlock = 0;
 4714                         }
 4715                         dp->nfsdl_rwlock.nfslock_lock |= NFSV4LOCK_WANTED;
 4716                         msleep(&dp->nfsdl_rwlock, NFSCLSTATEMUTEXPTR, PZERO,
 4717                             "nfscld", hz);
 4718                         if (NFSCL_FORCEDISM(mp)) {
 4719                             dp->nfsdl_flags &= ~NFSCLDL_DELEGRET;
 4720                             NFSUNLOCKCLSTATE();
 4721                             return (0);
 4722                         }
 4723                         continue;
 4724                     }
 4725                     needsrecall = 0;
 4726                     LIST_FOREACH(owp, &dp->nfsdl_owner, nfsow_list) {
 4727                         if (!LIST_EMPTY(&owp->nfsow_open)) {
 4728                             needsrecall = 1;
 4729                             break;
 4730                         }
 4731                     }
 4732                     if (!needsrecall) {
 4733                         LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 4734                             if (!LIST_EMPTY(&lp->nfsl_lock)) {
 4735                                 needsrecall = 1;
 4736                                 break;
 4737                             }
 4738                         }
 4739                     }
 4740                     if (needsrecall && !triedrecall) {
 4741                         dp->nfsdl_flags |= NFSCLDL_DELEGRET;
 4742                         islept = 0;
 4743                         while (!igotlock) {
 4744                             igotlock = nfsv4_lock(&clp->nfsc_lock, 1,
 4745                                 &islept, NFSCLSTATEMUTEXPTR, mp);
 4746                             if (NFSCL_FORCEDISM(mp)) {
 4747                                 dp->nfsdl_flags &= ~NFSCLDL_DELEGRET;
 4748                                 if (igotlock)
 4749                                     nfsv4_unlock(&clp->nfsc_lock, 0);
 4750                                 NFSUNLOCKCLSTATE();
 4751                                 return (0);
 4752                             }
 4753                             if (islept)
 4754                                 break;
 4755                         }
 4756                         if (islept)
 4757                             continue;
 4758                         NFSUNLOCKCLSTATE();
 4759                         cred = newnfs_getcred();
 4760                         newnfs_copycred(&dp->nfsdl_cred, cred);
 4761                         nfscl_recalldeleg(clp, nmp, dp, vp, cred, p, 0, NULL);
 4762                         NFSFREECRED(cred);
 4763                         triedrecall = 1;
 4764                         NFSLOCKCLSTATE();
 4765                         nfsv4_unlock(&clp->nfsc_lock, 0);
 4766                         igotlock = 0;
 4767                         continue;
 4768                     }
 4769                     *stp = dp->nfsdl_stateid;
 4770                     retcnt = 1;
 4771                     nfscl_cleandeleg(dp);
 4772                     nfscl_freedeleg(&clp->nfsc_deleg, dp, true);
 4773                 }
 4774                 if (igotlock)
 4775                     nfsv4_unlock(&clp->nfsc_lock, 0);
 4776                 NFSUNLOCKCLSTATE();
 4777                 return (retcnt);
 4778         }
 4779 }
 4780 
 4781 /*
 4782  * Look for associated delegation(s) that should be DelegReturned.
 4783  */
 4784 int
 4785 nfscl_renamedeleg(vnode_t fvp, nfsv4stateid_t *fstp, int *gotfdp, vnode_t tvp,
 4786     nfsv4stateid_t *tstp, int *gottdp, NFSPROC_T *p)
 4787 {
 4788         struct nfsclclient *clp;
 4789         struct nfscldeleg *dp;
 4790         struct nfsclowner *owp;
 4791         struct nfscllockowner *lp;
 4792         struct nfsmount *nmp;
 4793         struct mount *mp;
 4794         struct ucred *cred;
 4795         struct nfsnode *np;
 4796         int igotlock = 0, triedrecall = 0, needsrecall, retcnt = 0, islept;
 4797 
 4798         nmp = VFSTONFS(fvp->v_mount);
 4799         *gotfdp = 0;
 4800         *gottdp = 0;
 4801         if (NFSHASPNFS(nmp))
 4802                 return (retcnt);
 4803         NFSLOCKMNT(nmp);
 4804         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 4805                 NFSUNLOCKMNT(nmp);
 4806                 return (retcnt);
 4807         }
 4808         NFSUNLOCKMNT(nmp);
 4809         mp = nmp->nm_mountp;
 4810         NFSLOCKCLSTATE();
 4811         /*
 4812          * Loop around waiting for:
 4813          * - outstanding I/O operations on delegations to complete
 4814          * - for a delegation on fvp that has state, lock the client and
 4815          *   do a recall
 4816          * - return delegation(s) with no state.
 4817          */
 4818         while (1) {
 4819                 clp = nfscl_findcl(nmp);
 4820                 if (clp == NULL) {
 4821                         NFSUNLOCKCLSTATE();
 4822                         return (retcnt);
 4823                 }
 4824                 np = VTONFS(fvp);
 4825                 dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh,
 4826                     np->n_fhp->nfh_len);
 4827                 if (dp != NULL && *gotfdp == 0) {
 4828                     /*
 4829                      * Wait for outstanding I/O ops to be done.
 4830                      */
 4831                     if (dp->nfsdl_rwlock.nfslock_usecnt > 0) {
 4832                         if (igotlock) {
 4833                             nfsv4_unlock(&clp->nfsc_lock, 0);
 4834                             igotlock = 0;
 4835                         }
 4836                         dp->nfsdl_rwlock.nfslock_lock |= NFSV4LOCK_WANTED;
 4837                         msleep(&dp->nfsdl_rwlock, NFSCLSTATEMUTEXPTR, PZERO,
 4838                             "nfscld", hz);
 4839                         if (NFSCL_FORCEDISM(mp)) {
 4840                             dp->nfsdl_flags &= ~NFSCLDL_DELEGRET;
 4841                             NFSUNLOCKCLSTATE();
 4842                             *gotfdp = 0;
 4843                             *gottdp = 0;
 4844                             return (0);
 4845                         }
 4846                         continue;
 4847                     }
 4848                     needsrecall = 0;
 4849                     LIST_FOREACH(owp, &dp->nfsdl_owner, nfsow_list) {
 4850                         if (!LIST_EMPTY(&owp->nfsow_open)) {
 4851                             needsrecall = 1;
 4852                             break;
 4853                         }
 4854                     }
 4855                     if (!needsrecall) {
 4856                         LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 4857                             if (!LIST_EMPTY(&lp->nfsl_lock)) {
 4858                                 needsrecall = 1;
 4859                                 break;
 4860                             }
 4861                         }
 4862                     }
 4863                     if (needsrecall && !triedrecall) {
 4864                         dp->nfsdl_flags |= NFSCLDL_DELEGRET;
 4865                         islept = 0;
 4866                         while (!igotlock) {
 4867                             igotlock = nfsv4_lock(&clp->nfsc_lock, 1,
 4868                                 &islept, NFSCLSTATEMUTEXPTR, mp);
 4869                             if (NFSCL_FORCEDISM(mp)) {
 4870                                 dp->nfsdl_flags &= ~NFSCLDL_DELEGRET;
 4871                                 if (igotlock)
 4872                                     nfsv4_unlock(&clp->nfsc_lock, 0);
 4873                                 NFSUNLOCKCLSTATE();
 4874                                 *gotfdp = 0;
 4875                                 *gottdp = 0;
 4876                                 return (0);
 4877                             }
 4878                             if (islept)
 4879                                 break;
 4880                         }
 4881                         if (islept)
 4882                             continue;
 4883                         NFSUNLOCKCLSTATE();
 4884                         cred = newnfs_getcred();
 4885                         newnfs_copycred(&dp->nfsdl_cred, cred);
 4886                         nfscl_recalldeleg(clp, nmp, dp, fvp, cred, p, 0, NULL);
 4887                         NFSFREECRED(cred);
 4888                         triedrecall = 1;
 4889                         NFSLOCKCLSTATE();
 4890                         nfsv4_unlock(&clp->nfsc_lock, 0);
 4891                         igotlock = 0;
 4892                         continue;
 4893                     }
 4894                     *fstp = dp->nfsdl_stateid;
 4895                     retcnt++;
 4896                     *gotfdp = 1;
 4897                     nfscl_cleandeleg(dp);
 4898                     nfscl_freedeleg(&clp->nfsc_deleg, dp, true);
 4899                 }
 4900                 if (igotlock) {
 4901                     nfsv4_unlock(&clp->nfsc_lock, 0);
 4902                     igotlock = 0;
 4903                 }
 4904                 if (tvp != NULL) {
 4905                     np = VTONFS(tvp);
 4906                     dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh,
 4907                         np->n_fhp->nfh_len);
 4908                     if (dp != NULL && *gottdp == 0) {
 4909                         /*
 4910                          * Wait for outstanding I/O ops to be done.
 4911                          */
 4912                         if (dp->nfsdl_rwlock.nfslock_usecnt > 0) {
 4913                             dp->nfsdl_rwlock.nfslock_lock |= NFSV4LOCK_WANTED;
 4914                             msleep(&dp->nfsdl_rwlock, NFSCLSTATEMUTEXPTR, PZERO,
 4915                                 "nfscld", hz);
 4916                             if (NFSCL_FORCEDISM(mp)) {
 4917                                 NFSUNLOCKCLSTATE();
 4918                                 *gotfdp = 0;
 4919                                 *gottdp = 0;
 4920                                 return (0);
 4921                             }
 4922                             continue;
 4923                         }
 4924                         LIST_FOREACH(owp, &dp->nfsdl_owner, nfsow_list) {
 4925                             if (!LIST_EMPTY(&owp->nfsow_open)) {
 4926                                 NFSUNLOCKCLSTATE();
 4927                                 return (retcnt);
 4928                             }
 4929                         }
 4930                         LIST_FOREACH(lp, &dp->nfsdl_lock, nfsl_list) {
 4931                             if (!LIST_EMPTY(&lp->nfsl_lock)) {
 4932                                 NFSUNLOCKCLSTATE();
 4933                                 return (retcnt);
 4934                             }
 4935                         }
 4936                         *tstp = dp->nfsdl_stateid;
 4937                         retcnt++;
 4938                         *gottdp = 1;
 4939                         nfscl_cleandeleg(dp);
 4940                         nfscl_freedeleg(&clp->nfsc_deleg, dp, true);
 4941                     }
 4942                 }
 4943                 NFSUNLOCKCLSTATE();
 4944                 return (retcnt);
 4945         }
 4946 }
 4947 
 4948 /*
 4949  * Get a reference on the clientid associated with the mount point.
 4950  * Return 1 if success, 0 otherwise.
 4951  */
 4952 int
 4953 nfscl_getref(struct nfsmount *nmp)
 4954 {
 4955         struct nfsclclient *clp;
 4956         int ret;
 4957 
 4958         NFSLOCKCLSTATE();
 4959         clp = nfscl_findcl(nmp);
 4960         if (clp == NULL) {
 4961                 NFSUNLOCKCLSTATE();
 4962                 return (0);
 4963         }
 4964         nfsv4_getref(&clp->nfsc_lock, NULL, NFSCLSTATEMUTEXPTR, nmp->nm_mountp);
 4965         ret = 1;
 4966         if (NFSCL_FORCEDISM(nmp->nm_mountp))
 4967                 ret = 0;
 4968         NFSUNLOCKCLSTATE();
 4969         return (ret);
 4970 }
 4971 
 4972 /*
 4973  * Release a reference on a clientid acquired with the above call.
 4974  */
 4975 void
 4976 nfscl_relref(struct nfsmount *nmp)
 4977 {
 4978         struct nfsclclient *clp;
 4979 
 4980         NFSLOCKCLSTATE();
 4981         clp = nfscl_findcl(nmp);
 4982         if (clp == NULL) {
 4983                 NFSUNLOCKCLSTATE();
 4984                 return;
 4985         }
 4986         nfsv4_relref(&clp->nfsc_lock);
 4987         NFSUNLOCKCLSTATE();
 4988 }
 4989 
 4990 /*
 4991  * Save the size attribute in the delegation, since the nfsnode
 4992  * is going away.
 4993  */
 4994 void
 4995 nfscl_reclaimnode(vnode_t vp)
 4996 {
 4997         struct nfsclclient *clp;
 4998         struct nfscldeleg *dp;
 4999         struct nfsnode *np = VTONFS(vp);
 5000         struct nfsmount *nmp;
 5001 
 5002         nmp = VFSTONFS(vp->v_mount);
 5003         if (!NFSHASNFSV4(nmp))
 5004                 return;
 5005         NFSLOCKCLSTATE();
 5006         clp = nfscl_findcl(nmp);
 5007         if (clp == NULL) {
 5008                 NFSUNLOCKCLSTATE();
 5009                 return;
 5010         }
 5011         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 5012         if (dp != NULL && (dp->nfsdl_flags & NFSCLDL_WRITE))
 5013                 dp->nfsdl_size = np->n_size;
 5014         NFSUNLOCKCLSTATE();
 5015 }
 5016 
 5017 /*
 5018  * Get the saved size attribute in the delegation, since it is a
 5019  * newly allocated nfsnode.
 5020  */
 5021 void
 5022 nfscl_newnode(vnode_t vp)
 5023 {
 5024         struct nfsclclient *clp;
 5025         struct nfscldeleg *dp;
 5026         struct nfsnode *np = VTONFS(vp);
 5027         struct nfsmount *nmp;
 5028 
 5029         nmp = VFSTONFS(vp->v_mount);
 5030         if (!NFSHASNFSV4(nmp))
 5031                 return;
 5032         NFSLOCKCLSTATE();
 5033         clp = nfscl_findcl(nmp);
 5034         if (clp == NULL) {
 5035                 NFSUNLOCKCLSTATE();
 5036                 return;
 5037         }
 5038         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 5039         if (dp != NULL && (dp->nfsdl_flags & NFSCLDL_WRITE))
 5040                 np->n_size = dp->nfsdl_size;
 5041         NFSUNLOCKCLSTATE();
 5042 }
 5043 
 5044 /*
 5045  * If there is a valid write delegation for this file, set the modtime
 5046  * to the local clock time.
 5047  */
 5048 void
 5049 nfscl_delegmodtime(vnode_t vp)
 5050 {
 5051         struct nfsclclient *clp;
 5052         struct nfscldeleg *dp;
 5053         struct nfsnode *np = VTONFS(vp);
 5054         struct nfsmount *nmp;
 5055 
 5056         nmp = VFSTONFS(vp->v_mount);
 5057         if (!NFSHASNFSV4(nmp))
 5058                 return;
 5059         NFSLOCKMNT(nmp);
 5060         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 5061                 NFSUNLOCKMNT(nmp);
 5062                 return;
 5063         }
 5064         NFSUNLOCKMNT(nmp);
 5065         NFSLOCKCLSTATE();
 5066         clp = nfscl_findcl(nmp);
 5067         if (clp == NULL) {
 5068                 NFSUNLOCKCLSTATE();
 5069                 return;
 5070         }
 5071         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 5072         if (dp != NULL && (dp->nfsdl_flags & NFSCLDL_WRITE)) {
 5073                 nanotime(&dp->nfsdl_modtime);
 5074                 dp->nfsdl_flags |= NFSCLDL_MODTIMESET;
 5075         }
 5076         NFSUNLOCKCLSTATE();
 5077 }
 5078 
 5079 /*
 5080  * If there is a valid write delegation for this file with a modtime set,
 5081  * put that modtime in mtime.
 5082  */
 5083 void
 5084 nfscl_deleggetmodtime(vnode_t vp, struct timespec *mtime)
 5085 {
 5086         struct nfsclclient *clp;
 5087         struct nfscldeleg *dp;
 5088         struct nfsnode *np = VTONFS(vp);
 5089         struct nfsmount *nmp;
 5090 
 5091         nmp = VFSTONFS(vp->v_mount);
 5092         if (!NFSHASNFSV4(nmp))
 5093                 return;
 5094         NFSLOCKMNT(nmp);
 5095         if ((nmp->nm_privflag & NFSMNTP_DELEGISSUED) == 0) {
 5096                 NFSUNLOCKMNT(nmp);
 5097                 return;
 5098         }
 5099         NFSUNLOCKMNT(nmp);
 5100         NFSLOCKCLSTATE();
 5101         clp = nfscl_findcl(nmp);
 5102         if (clp == NULL) {
 5103                 NFSUNLOCKCLSTATE();
 5104                 return;
 5105         }
 5106         dp = nfscl_finddeleg(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 5107         if (dp != NULL &&
 5108             (dp->nfsdl_flags & (NFSCLDL_WRITE | NFSCLDL_MODTIMESET)) ==
 5109             (NFSCLDL_WRITE | NFSCLDL_MODTIMESET))
 5110                 *mtime = dp->nfsdl_modtime;
 5111         NFSUNLOCKCLSTATE();
 5112 }
 5113 
 5114 static int
 5115 nfscl_errmap(struct nfsrv_descript *nd, u_int32_t minorvers)
 5116 {
 5117         short *defaulterrp, *errp;
 5118 
 5119         if (!nd->nd_repstat)
 5120                 return (0);
 5121         if (nd->nd_procnum == NFSPROC_NOOP)
 5122                 return (txdr_unsigned(nd->nd_repstat & 0xffff));
 5123         if (nd->nd_repstat == EBADRPC)
 5124                 return (txdr_unsigned(NFSERR_BADXDR));
 5125         if (nd->nd_repstat == NFSERR_MINORVERMISMATCH ||
 5126             nd->nd_repstat == NFSERR_OPILLEGAL)
 5127                 return (txdr_unsigned(nd->nd_repstat));
 5128         if (nd->nd_repstat >= NFSERR_BADIOMODE && nd->nd_repstat < 20000 &&
 5129             minorvers > NFSV4_MINORVERSION) {
 5130                 /* NFSv4.n error. */
 5131                 return (txdr_unsigned(nd->nd_repstat));
 5132         }
 5133         if (nd->nd_procnum < NFSV4OP_CBNOPS)
 5134                 errp = defaulterrp = nfscl_cberrmap[nd->nd_procnum];
 5135         else
 5136                 return (txdr_unsigned(nd->nd_repstat));
 5137         while (*++errp)
 5138                 if (*errp == (short)nd->nd_repstat)
 5139                         return (txdr_unsigned(nd->nd_repstat));
 5140         return (txdr_unsigned(*defaulterrp));
 5141 }
 5142 
 5143 /*
 5144  * Called to find/add a layout to a client.
 5145  * This function returns the layout with a refcnt (shared lock) upon
 5146  * success (returns 0) or with no lock/refcnt on the layout when an
 5147  * error is returned.
 5148  * If a layout is passed in via lypp, it is locked (exclusively locked).
 5149  */
 5150 int
 5151 nfscl_layout(struct nfsmount *nmp, vnode_t vp, u_int8_t *fhp, int fhlen,
 5152     nfsv4stateid_t *stateidp, int layouttype, int retonclose,
 5153     struct nfsclflayouthead *fhlp, struct nfscllayout **lypp,
 5154     struct ucred *cred, NFSPROC_T *p)
 5155 {
 5156         struct nfsclclient *clp;
 5157         struct nfscllayout *lyp, *tlyp;
 5158         struct nfsclflayout *flp;
 5159         struct nfsnode *np = VTONFS(vp);
 5160         mount_t mp;
 5161         int layout_passed_in;
 5162 
 5163         mp = nmp->nm_mountp;
 5164         layout_passed_in = 1;
 5165         tlyp = NULL;
 5166         lyp = *lypp;
 5167         if (lyp == NULL) {
 5168                 layout_passed_in = 0;
 5169                 tlyp = malloc(sizeof(*tlyp) + fhlen - 1, M_NFSLAYOUT,
 5170                     M_WAITOK | M_ZERO);
 5171         }
 5172 
 5173         NFSLOCKCLSTATE();
 5174         clp = nmp->nm_clp;
 5175         if (clp == NULL) {
 5176                 if (layout_passed_in != 0)
 5177                         nfsv4_unlock(&lyp->nfsly_lock, 0);
 5178                 NFSUNLOCKCLSTATE();
 5179                 if (tlyp != NULL)
 5180                         free(tlyp, M_NFSLAYOUT);
 5181                 return (EPERM);
 5182         }
 5183         if (lyp == NULL) {
 5184                 /*
 5185                  * Although no lyp was passed in, another thread might have
 5186                  * allocated one. If one is found, just increment it's ref
 5187                  * count and return it.
 5188                  */
 5189                 lyp = nfscl_findlayout(clp, fhp, fhlen);
 5190                 if (lyp == NULL) {
 5191                         lyp = tlyp;
 5192                         tlyp = NULL;
 5193                         lyp->nfsly_stateid.seqid = stateidp->seqid;
 5194                         lyp->nfsly_stateid.other[0] = stateidp->other[0];
 5195                         lyp->nfsly_stateid.other[1] = stateidp->other[1];
 5196                         lyp->nfsly_stateid.other[2] = stateidp->other[2];
 5197                         lyp->nfsly_lastbyte = 0;
 5198                         LIST_INIT(&lyp->nfsly_flayread);
 5199                         LIST_INIT(&lyp->nfsly_flayrw);
 5200                         LIST_INIT(&lyp->nfsly_recall);
 5201                         lyp->nfsly_filesid[0] = np->n_vattr.na_filesid[0];
 5202                         lyp->nfsly_filesid[1] = np->n_vattr.na_filesid[1];
 5203                         lyp->nfsly_clp = clp;
 5204                         if (layouttype == NFSLAYOUT_FLEXFILE)
 5205                                 lyp->nfsly_flags = NFSLY_FLEXFILE;
 5206                         else
 5207                                 lyp->nfsly_flags = NFSLY_FILES;
 5208                         if (retonclose != 0)
 5209                                 lyp->nfsly_flags |= NFSLY_RETONCLOSE;
 5210                         lyp->nfsly_fhlen = fhlen;
 5211                         NFSBCOPY(fhp, lyp->nfsly_fh, fhlen);
 5212                         TAILQ_INSERT_HEAD(&clp->nfsc_layout, lyp, nfsly_list);
 5213                         LIST_INSERT_HEAD(NFSCLLAYOUTHASH(clp, fhp, fhlen), lyp,
 5214                             nfsly_hash);
 5215                         lyp->nfsly_timestamp = NFSD_MONOSEC + 120;
 5216                         nfscl_layoutcnt++;
 5217                         nfsstatsv1.cllayouts++;
 5218                 } else {
 5219                         if (retonclose != 0)
 5220                                 lyp->nfsly_flags |= NFSLY_RETONCLOSE;
 5221                         if (stateidp->seqid > lyp->nfsly_stateid.seqid)
 5222                                 lyp->nfsly_stateid.seqid = stateidp->seqid;
 5223                         TAILQ_REMOVE(&clp->nfsc_layout, lyp, nfsly_list);
 5224                         TAILQ_INSERT_HEAD(&clp->nfsc_layout, lyp, nfsly_list);
 5225                         lyp->nfsly_timestamp = NFSD_MONOSEC + 120;
 5226                 }
 5227                 nfsv4_getref(&lyp->nfsly_lock, NULL, NFSCLSTATEMUTEXPTR, mp);
 5228                 if (NFSCL_FORCEDISM(mp)) {
 5229                         NFSUNLOCKCLSTATE();
 5230                         if (tlyp != NULL)
 5231                                 free(tlyp, M_NFSLAYOUT);
 5232                         return (EPERM);
 5233                 }
 5234                 *lypp = lyp;
 5235         } else if (stateidp->seqid > lyp->nfsly_stateid.seqid)
 5236                 lyp->nfsly_stateid.seqid = stateidp->seqid;
 5237 
 5238         /* Merge the new list of File Layouts into the list. */
 5239         flp = LIST_FIRST(fhlp);
 5240         if (flp != NULL) {
 5241                 if (flp->nfsfl_iomode == NFSLAYOUTIOMODE_READ)
 5242                         nfscl_mergeflayouts(&lyp->nfsly_flayread, fhlp);
 5243                 else
 5244                         nfscl_mergeflayouts(&lyp->nfsly_flayrw, fhlp);
 5245         }
 5246         if (layout_passed_in != 0)
 5247                 nfsv4_unlock(&lyp->nfsly_lock, 1);
 5248         NFSUNLOCKCLSTATE();
 5249         if (tlyp != NULL)
 5250                 free(tlyp, M_NFSLAYOUT);
 5251         return (0);
 5252 }
 5253 
 5254 /*
 5255  * Search for a layout by MDS file handle.
 5256  * If one is found, it is returned with a refcnt (shared lock) iff
 5257  * retflpp returned non-NULL and locked (exclusive locked) iff retflpp is
 5258  * returned NULL.
 5259  */
 5260 struct nfscllayout *
 5261 nfscl_getlayout(struct nfsclclient *clp, uint8_t *fhp, int fhlen,
 5262     uint64_t off, uint32_t rwaccess, struct nfsclflayout **retflpp,
 5263     int *recalledp)
 5264 {
 5265         struct nfscllayout *lyp;
 5266         mount_t mp;
 5267         int error, igotlock;
 5268 
 5269         mp = clp->nfsc_nmp->nm_mountp;
 5270         *recalledp = 0;
 5271         *retflpp = NULL;
 5272         NFSLOCKCLSTATE();
 5273         lyp = nfscl_findlayout(clp, fhp, fhlen);
 5274         if (lyp != NULL) {
 5275                 if ((lyp->nfsly_flags & NFSLY_RECALL) == 0) {
 5276                         TAILQ_REMOVE(&clp->nfsc_layout, lyp, nfsly_list);
 5277                         TAILQ_INSERT_HEAD(&clp->nfsc_layout, lyp, nfsly_list);
 5278                         lyp->nfsly_timestamp = NFSD_MONOSEC + 120;
 5279                         error = nfscl_findlayoutforio(lyp, off, rwaccess,
 5280                             retflpp);
 5281                         if (error == 0)
 5282                                 nfsv4_getref(&lyp->nfsly_lock, NULL,
 5283                                     NFSCLSTATEMUTEXPTR, mp);
 5284                         else {
 5285                                 do {
 5286                                         igotlock = nfsv4_lock(&lyp->nfsly_lock,
 5287                                             1, NULL, NFSCLSTATEMUTEXPTR, mp);
 5288                                 } while (igotlock == 0 && !NFSCL_FORCEDISM(mp));
 5289                                 *retflpp = NULL;
 5290                         }
 5291                         if (NFSCL_FORCEDISM(mp)) {
 5292                                 lyp = NULL;
 5293                                 *recalledp = 1;
 5294                         }
 5295                 } else {
 5296                         lyp = NULL;
 5297                         *recalledp = 1;
 5298                 }
 5299         }
 5300         NFSUNLOCKCLSTATE();
 5301         return (lyp);
 5302 }
 5303 
 5304 /*
 5305  * Search for a layout by MDS file handle. If one is found, mark in to be
 5306  * recalled, if it already marked "return on close".
 5307  */
 5308 static void
 5309 nfscl_retoncloselayout(vnode_t vp, struct nfsclclient *clp, uint8_t *fhp,
 5310     int fhlen, struct nfsclrecalllayout **recallpp, struct nfscllayout **lypp)
 5311 {
 5312         struct nfscllayout *lyp;
 5313         uint32_t iomode;
 5314 
 5315         *lypp = NULL;
 5316         if (vp->v_type != VREG || !NFSHASPNFS(VFSTONFS(vp->v_mount)) ||
 5317             nfscl_enablecallb == 0 || nfs_numnfscbd == 0 ||
 5318             (VTONFS(vp)->n_flag & NNOLAYOUT) != 0)
 5319                 return;
 5320         lyp = nfscl_findlayout(clp, fhp, fhlen);
 5321         if (lyp != NULL && (lyp->nfsly_flags & NFSLY_RETONCLOSE) != 0) {
 5322                 if ((lyp->nfsly_flags & NFSLY_RECALL) == 0) {
 5323                         iomode = 0;
 5324                         if (!LIST_EMPTY(&lyp->nfsly_flayread))
 5325                                 iomode |= NFSLAYOUTIOMODE_READ;
 5326                         if (!LIST_EMPTY(&lyp->nfsly_flayrw))
 5327                                 iomode |= NFSLAYOUTIOMODE_RW;
 5328                         nfscl_layoutrecall(NFSLAYOUTRETURN_FILE, lyp, iomode,
 5329                             0, UINT64_MAX, lyp->nfsly_stateid.seqid, 0, 0, NULL,
 5330                             *recallpp);
 5331                         NFSCL_DEBUG(4, "retoncls recall iomode=%d\n", iomode);
 5332                         *recallpp = NULL;
 5333                 }
 5334 
 5335                 /* Now, wake up renew thread to do LayoutReturn. */
 5336                 wakeup(clp);
 5337                 *lypp = lyp;
 5338         }
 5339 }
 5340 
 5341 /*
 5342  * Mark the layout to be recalled and with an error.
 5343  * Also, disable the dsp from further use.
 5344  */
 5345 void
 5346 nfscl_dserr(uint32_t op, uint32_t stat, struct nfscldevinfo *dp,
 5347     struct nfscllayout *lyp, struct nfsclds *dsp)
 5348 {
 5349         struct nfsclrecalllayout *recallp;
 5350         uint32_t iomode;
 5351 
 5352         printf("DS being disabled, error=%d\n", stat);
 5353         /* Set up the return of the layout. */
 5354         recallp = malloc(sizeof(*recallp), M_NFSLAYRECALL, M_WAITOK);
 5355         iomode = 0;
 5356         NFSLOCKCLSTATE();
 5357         if ((lyp->nfsly_flags & NFSLY_RECALL) == 0) {
 5358                 if (!LIST_EMPTY(&lyp->nfsly_flayread))
 5359                         iomode |= NFSLAYOUTIOMODE_READ;
 5360                 if (!LIST_EMPTY(&lyp->nfsly_flayrw))
 5361                         iomode |= NFSLAYOUTIOMODE_RW;
 5362                 (void)nfscl_layoutrecall(NFSLAYOUTRETURN_FILE, lyp, iomode,
 5363                     0, UINT64_MAX, lyp->nfsly_stateid.seqid, stat, op,
 5364                     dp->nfsdi_deviceid, recallp);
 5365                 NFSUNLOCKCLSTATE();
 5366                 NFSCL_DEBUG(4, "nfscl_dserr recall iomode=%d\n", iomode);
 5367         } else {
 5368                 NFSUNLOCKCLSTATE();
 5369                 free(recallp, M_NFSLAYRECALL);
 5370         }
 5371 
 5372         /* And shut the TCP connection down. */
 5373         nfscl_cancelreqs(dsp);
 5374 }
 5375 
 5376 /*
 5377  * Cancel all RPCs for this "dsp" by closing the connection.
 5378  * Also, mark the session as defunct.
 5379  * If NFSCLDS_SAMECONN is set, the connection is shared with other DSs and
 5380  * cannot be shut down.
 5381  */
 5382 void
 5383 nfscl_cancelreqs(struct nfsclds *dsp)
 5384 {
 5385         struct __rpc_client *cl;
 5386         static int non_event;
 5387 
 5388         NFSLOCKDS(dsp);
 5389         if ((dsp->nfsclds_flags & (NFSCLDS_CLOSED | NFSCLDS_SAMECONN)) == 0 &&
 5390             dsp->nfsclds_sockp != NULL &&
 5391             dsp->nfsclds_sockp->nr_client != NULL) {
 5392                 dsp->nfsclds_flags |= NFSCLDS_CLOSED;
 5393                 cl = dsp->nfsclds_sockp->nr_client;
 5394                 dsp->nfsclds_sess.nfsess_defunct = 1;
 5395                 NFSUNLOCKDS(dsp);
 5396                 CLNT_CLOSE(cl);
 5397                 /*
 5398                  * This 1sec sleep is done to reduce the number of reconnect
 5399                  * attempts made on the DS while it has failed.
 5400                  */
 5401                 tsleep(&non_event, PVFS, "ndscls", hz);
 5402                 return;
 5403         }
 5404         NFSUNLOCKDS(dsp);
 5405 }
 5406 
 5407 /*
 5408  * Dereference a layout.
 5409  */
 5410 void
 5411 nfscl_rellayout(struct nfscllayout *lyp, int exclocked)
 5412 {
 5413 
 5414         NFSLOCKCLSTATE();
 5415         if (exclocked != 0)
 5416                 nfsv4_unlock(&lyp->nfsly_lock, 0);
 5417         else
 5418                 nfsv4_relref(&lyp->nfsly_lock);
 5419         NFSUNLOCKCLSTATE();
 5420 }
 5421 
 5422 /*
 5423  * Search for a devinfo by deviceid. If one is found, return it after
 5424  * acquiring a reference count on it.
 5425  */
 5426 struct nfscldevinfo *
 5427 nfscl_getdevinfo(struct nfsclclient *clp, uint8_t *deviceid,
 5428     struct nfscldevinfo *dip)
 5429 {
 5430 
 5431         NFSLOCKCLSTATE();
 5432         if (dip == NULL)
 5433                 dip = nfscl_finddevinfo(clp, deviceid);
 5434         if (dip != NULL)
 5435                 dip->nfsdi_refcnt++;
 5436         NFSUNLOCKCLSTATE();
 5437         return (dip);
 5438 }
 5439 
 5440 /*
 5441  * Dereference a devinfo structure.
 5442  */
 5443 static void
 5444 nfscl_reldevinfo_locked(struct nfscldevinfo *dip)
 5445 {
 5446 
 5447         dip->nfsdi_refcnt--;
 5448         if (dip->nfsdi_refcnt == 0)
 5449                 wakeup(&dip->nfsdi_refcnt);
 5450 }
 5451 
 5452 /*
 5453  * Dereference a devinfo structure.
 5454  */
 5455 void
 5456 nfscl_reldevinfo(struct nfscldevinfo *dip)
 5457 {
 5458 
 5459         NFSLOCKCLSTATE();
 5460         nfscl_reldevinfo_locked(dip);
 5461         NFSUNLOCKCLSTATE();
 5462 }
 5463 
 5464 /*
 5465  * Find a layout for this file handle. Return NULL upon failure.
 5466  */
 5467 static struct nfscllayout *
 5468 nfscl_findlayout(struct nfsclclient *clp, u_int8_t *fhp, int fhlen)
 5469 {
 5470         struct nfscllayout *lyp;
 5471 
 5472         LIST_FOREACH(lyp, NFSCLLAYOUTHASH(clp, fhp, fhlen), nfsly_hash)
 5473                 if (lyp->nfsly_fhlen == fhlen &&
 5474                     !NFSBCMP(lyp->nfsly_fh, fhp, fhlen))
 5475                         break;
 5476         return (lyp);
 5477 }
 5478 
 5479 /*
 5480  * Find a devinfo for this deviceid. Return NULL upon failure.
 5481  */
 5482 static struct nfscldevinfo *
 5483 nfscl_finddevinfo(struct nfsclclient *clp, uint8_t *deviceid)
 5484 {
 5485         struct nfscldevinfo *dip;
 5486 
 5487         LIST_FOREACH(dip, &clp->nfsc_devinfo, nfsdi_list)
 5488                 if (NFSBCMP(dip->nfsdi_deviceid, deviceid, NFSX_V4DEVICEID)
 5489                     == 0)
 5490                         break;
 5491         return (dip);
 5492 }
 5493 
 5494 /*
 5495  * Merge the new file layout list into the main one, maintaining it in
 5496  * increasing offset order.
 5497  */
 5498 static void
 5499 nfscl_mergeflayouts(struct nfsclflayouthead *fhlp,
 5500     struct nfsclflayouthead *newfhlp)
 5501 {
 5502         struct nfsclflayout *flp, *nflp, *prevflp, *tflp;
 5503 
 5504         flp = LIST_FIRST(fhlp);
 5505         prevflp = NULL;
 5506         LIST_FOREACH_SAFE(nflp, newfhlp, nfsfl_list, tflp) {
 5507                 while (flp != NULL && flp->nfsfl_off < nflp->nfsfl_off) {
 5508                         prevflp = flp;
 5509                         flp = LIST_NEXT(flp, nfsfl_list);
 5510                 }
 5511                 if (prevflp == NULL)
 5512                         LIST_INSERT_HEAD(fhlp, nflp, nfsfl_list);
 5513                 else
 5514                         LIST_INSERT_AFTER(prevflp, nflp, nfsfl_list);
 5515                 prevflp = nflp;
 5516         }
 5517 }
 5518 
 5519 /*
 5520  * Add this nfscldevinfo to the client, if it doesn't already exist.
 5521  * This function consumes the structure pointed at by dip, if not NULL.
 5522  */
 5523 int
 5524 nfscl_adddevinfo(struct nfsmount *nmp, struct nfscldevinfo *dip, int ind,
 5525     struct nfsclflayout *flp)
 5526 {
 5527         struct nfsclclient *clp;
 5528         struct nfscldevinfo *tdip;
 5529         uint8_t *dev;
 5530 
 5531         NFSLOCKCLSTATE();
 5532         clp = nmp->nm_clp;
 5533         if (clp == NULL) {
 5534                 NFSUNLOCKCLSTATE();
 5535                 if (dip != NULL)
 5536                         free(dip, M_NFSDEVINFO);
 5537                 return (ENODEV);
 5538         }
 5539         if ((flp->nfsfl_flags & NFSFL_FILE) != 0)
 5540                 dev = flp->nfsfl_dev;
 5541         else
 5542                 dev = flp->nfsfl_ffm[ind].dev;
 5543         tdip = nfscl_finddevinfo(clp, dev);
 5544         if (tdip != NULL) {
 5545                 tdip->nfsdi_layoutrefs++;
 5546                 if ((flp->nfsfl_flags & NFSFL_FILE) != 0)
 5547                         flp->nfsfl_devp = tdip;
 5548                 else
 5549                         flp->nfsfl_ffm[ind].devp = tdip;
 5550                 nfscl_reldevinfo_locked(tdip);
 5551                 NFSUNLOCKCLSTATE();
 5552                 if (dip != NULL)
 5553                         free(dip, M_NFSDEVINFO);
 5554                 return (0);
 5555         }
 5556         if (dip != NULL) {
 5557                 LIST_INSERT_HEAD(&clp->nfsc_devinfo, dip, nfsdi_list);
 5558                 dip->nfsdi_layoutrefs = 1;
 5559                 if ((flp->nfsfl_flags & NFSFL_FILE) != 0)
 5560                         flp->nfsfl_devp = dip;
 5561                 else
 5562                         flp->nfsfl_ffm[ind].devp = dip;
 5563         }
 5564         NFSUNLOCKCLSTATE();
 5565         if (dip == NULL)
 5566                 return (ENODEV);
 5567         return (0);
 5568 }
 5569 
 5570 /*
 5571  * Free up a layout structure and associated file layout structure(s).
 5572  */
 5573 void
 5574 nfscl_freelayout(struct nfscllayout *layp)
 5575 {
 5576         struct nfsclflayout *flp, *nflp;
 5577         struct nfsclrecalllayout *rp, *nrp;
 5578 
 5579         LIST_FOREACH_SAFE(flp, &layp->nfsly_flayread, nfsfl_list, nflp) {
 5580                 LIST_REMOVE(flp, nfsfl_list);
 5581                 nfscl_freeflayout(flp);
 5582         }
 5583         LIST_FOREACH_SAFE(flp, &layp->nfsly_flayrw, nfsfl_list, nflp) {
 5584                 LIST_REMOVE(flp, nfsfl_list);
 5585                 nfscl_freeflayout(flp);
 5586         }
 5587         LIST_FOREACH_SAFE(rp, &layp->nfsly_recall, nfsrecly_list, nrp) {
 5588                 LIST_REMOVE(rp, nfsrecly_list);
 5589                 free(rp, M_NFSLAYRECALL);
 5590         }
 5591         nfscl_layoutcnt--;
 5592         nfsstatsv1.cllayouts--;
 5593         free(layp, M_NFSLAYOUT);
 5594 }
 5595 
 5596 /*
 5597  * Free up a file layout structure.
 5598  */
 5599 void
 5600 nfscl_freeflayout(struct nfsclflayout *flp)
 5601 {
 5602         int i, j;
 5603 
 5604         if ((flp->nfsfl_flags & NFSFL_FILE) != 0) {
 5605                 for (i = 0; i < flp->nfsfl_fhcnt; i++)
 5606                         free(flp->nfsfl_fh[i], M_NFSFH);
 5607                 if (flp->nfsfl_devp != NULL)
 5608                         flp->nfsfl_devp->nfsdi_layoutrefs--;
 5609         }
 5610         if ((flp->nfsfl_flags & NFSFL_FLEXFILE) != 0)
 5611                 for (i = 0; i < flp->nfsfl_mirrorcnt; i++) {
 5612                         for (j = 0; j < flp->nfsfl_ffm[i].fhcnt; j++)
 5613                                 free(flp->nfsfl_ffm[i].fh[j], M_NFSFH);
 5614                         if (flp->nfsfl_ffm[i].devp != NULL)     
 5615                                 flp->nfsfl_ffm[i].devp->nfsdi_layoutrefs--;     
 5616                 }
 5617         free(flp, M_NFSFLAYOUT);
 5618 }
 5619 
 5620 /*
 5621  * Free up a file layout devinfo structure.
 5622  */
 5623 void
 5624 nfscl_freedevinfo(struct nfscldevinfo *dip)
 5625 {
 5626 
 5627         free(dip, M_NFSDEVINFO);
 5628 }
 5629 
 5630 /*
 5631  * Mark any layouts that match as recalled.
 5632  */
 5633 static int
 5634 nfscl_layoutrecall(int recalltype, struct nfscllayout *lyp, uint32_t iomode,
 5635     uint64_t off, uint64_t len, uint32_t stateseqid, uint32_t stat, uint32_t op,
 5636     char *devid, struct nfsclrecalllayout *recallp)
 5637 {
 5638         struct nfsclrecalllayout *rp, *orp;
 5639 
 5640         recallp->nfsrecly_recalltype = recalltype;
 5641         recallp->nfsrecly_iomode = iomode;
 5642         recallp->nfsrecly_stateseqid = stateseqid;
 5643         recallp->nfsrecly_off = off;
 5644         recallp->nfsrecly_len = len;
 5645         recallp->nfsrecly_stat = stat;
 5646         recallp->nfsrecly_op = op;
 5647         if (devid != NULL)
 5648                 NFSBCOPY(devid, recallp->nfsrecly_devid, NFSX_V4DEVICEID);
 5649         /*
 5650          * Order the list as file returns first, followed by fsid and any
 5651          * returns, both in increasing stateseqid order.
 5652          * Note that the seqids wrap around, so 1 is after 0xffffffff.
 5653          * (I'm not sure this is correct because I find RFC5661 confusing
 5654          *  on this, but hopefully it will work ok.)
 5655          */
 5656         orp = NULL;
 5657         LIST_FOREACH(rp, &lyp->nfsly_recall, nfsrecly_list) {
 5658                 orp = rp;
 5659                 if ((recalltype == NFSLAYOUTRETURN_FILE &&
 5660                      (rp->nfsrecly_recalltype != NFSLAYOUTRETURN_FILE ||
 5661                       nfscl_seq(stateseqid, rp->nfsrecly_stateseqid) != 0)) ||
 5662                     (recalltype != NFSLAYOUTRETURN_FILE &&
 5663                      rp->nfsrecly_recalltype != NFSLAYOUTRETURN_FILE &&
 5664                      nfscl_seq(stateseqid, rp->nfsrecly_stateseqid) != 0)) {
 5665                         LIST_INSERT_BEFORE(rp, recallp, nfsrecly_list);
 5666                         break;
 5667                 }
 5668 
 5669                 /*
 5670                  * Put any error return on all the file returns that will
 5671                  * preceed this one.
 5672                  */
 5673                 if (rp->nfsrecly_recalltype == NFSLAYOUTRETURN_FILE &&
 5674                    stat != 0 && rp->nfsrecly_stat == 0) {
 5675                         rp->nfsrecly_stat = stat;
 5676                         rp->nfsrecly_op = op;
 5677                         if (devid != NULL)
 5678                                 NFSBCOPY(devid, rp->nfsrecly_devid,
 5679                                     NFSX_V4DEVICEID);
 5680                 }
 5681         }
 5682         if (rp == NULL) {
 5683                 if (orp == NULL)
 5684                         LIST_INSERT_HEAD(&lyp->nfsly_recall, recallp,
 5685                             nfsrecly_list);
 5686                 else
 5687                         LIST_INSERT_AFTER(orp, recallp, nfsrecly_list);
 5688         }
 5689         lyp->nfsly_flags |= NFSLY_RECALL;
 5690         wakeup(lyp->nfsly_clp);
 5691         return (0);
 5692 }
 5693 
 5694 /*
 5695  * Compare the two seqids for ordering. The trick is that the seqids can
 5696  * wrap around from 0xffffffff->0, so check for the cases where one
 5697  * has wrapped around.
 5698  * Return 1 if seqid1 comes before seqid2, 0 otherwise.
 5699  */
 5700 static int
 5701 nfscl_seq(uint32_t seqid1, uint32_t seqid2)
 5702 {
 5703 
 5704         if (seqid2 > seqid1 && (seqid2 - seqid1) >= 0x7fffffff)
 5705                 /* seqid2 has wrapped around. */
 5706                 return (0);
 5707         if (seqid1 > seqid2 && (seqid1 - seqid2) >= 0x7fffffff)
 5708                 /* seqid1 has wrapped around. */
 5709                 return (1);
 5710         if (seqid1 <= seqid2)
 5711                 return (1);
 5712         return (0);
 5713 }
 5714 
 5715 /*
 5716  * Do a layout return for each of the recalls.
 5717  */
 5718 static void
 5719 nfscl_layoutreturn(struct nfsmount *nmp, struct nfscllayout *lyp,
 5720     struct ucred *cred, NFSPROC_T *p)
 5721 {
 5722         struct nfsclrecalllayout *rp;
 5723         nfsv4stateid_t stateid;
 5724         int layouttype;
 5725 
 5726         NFSBCOPY(lyp->nfsly_stateid.other, stateid.other, NFSX_STATEIDOTHER);
 5727         stateid.seqid = lyp->nfsly_stateid.seqid;
 5728         if ((lyp->nfsly_flags & NFSLY_FILES) != 0)
 5729                 layouttype = NFSLAYOUT_NFSV4_1_FILES;
 5730         else
 5731                 layouttype = NFSLAYOUT_FLEXFILE;
 5732         LIST_FOREACH(rp, &lyp->nfsly_recall, nfsrecly_list) {
 5733                 (void)nfsrpc_layoutreturn(nmp, lyp->nfsly_fh,
 5734                     lyp->nfsly_fhlen, 0, layouttype,
 5735                     rp->nfsrecly_iomode, rp->nfsrecly_recalltype,
 5736                     rp->nfsrecly_off, rp->nfsrecly_len,
 5737                     &stateid, cred, p, rp->nfsrecly_stat, rp->nfsrecly_op,
 5738                     rp->nfsrecly_devid);
 5739         }
 5740 }
 5741 
 5742 /*
 5743  * Do the layout commit for a file layout.
 5744  */
 5745 static void
 5746 nfscl_dolayoutcommit(struct nfsmount *nmp, struct nfscllayout *lyp,
 5747     struct ucred *cred, NFSPROC_T *p)
 5748 {
 5749         struct nfsclflayout *flp;
 5750         uint64_t len;
 5751         int error, layouttype;
 5752 
 5753         if ((lyp->nfsly_flags & NFSLY_FILES) != 0)
 5754                 layouttype = NFSLAYOUT_NFSV4_1_FILES;
 5755         else
 5756                 layouttype = NFSLAYOUT_FLEXFILE;
 5757         LIST_FOREACH(flp, &lyp->nfsly_flayrw, nfsfl_list) {
 5758                 if (layouttype == NFSLAYOUT_FLEXFILE &&
 5759                     (flp->nfsfl_fflags & NFSFLEXFLAG_NO_LAYOUTCOMMIT) != 0) {
 5760                         NFSCL_DEBUG(4, "Flex file: no layoutcommit\n");
 5761                         /* If not supported, don't bother doing it. */
 5762                         NFSLOCKMNT(nmp);
 5763                         nmp->nm_state |= NFSSTA_NOLAYOUTCOMMIT;
 5764                         NFSUNLOCKMNT(nmp);
 5765                         break;
 5766                 } else if (flp->nfsfl_off <= lyp->nfsly_lastbyte) {
 5767                         len = flp->nfsfl_end - flp->nfsfl_off;
 5768                         error = nfsrpc_layoutcommit(nmp, lyp->nfsly_fh,
 5769                             lyp->nfsly_fhlen, 0, flp->nfsfl_off, len,
 5770                             lyp->nfsly_lastbyte, &lyp->nfsly_stateid,
 5771                             layouttype, cred, p, NULL);
 5772                         NFSCL_DEBUG(4, "layoutcommit err=%d\n", error);
 5773                         if (error == NFSERR_NOTSUPP) {
 5774                                 /* If not supported, don't bother doing it. */
 5775                                 NFSLOCKMNT(nmp);
 5776                                 nmp->nm_state |= NFSSTA_NOLAYOUTCOMMIT;
 5777                                 NFSUNLOCKMNT(nmp);
 5778                                 break;
 5779                         }
 5780                 }
 5781         }
 5782 }
 5783 
 5784 /*
 5785  * Commit all layouts for a file (vnode).
 5786  */
 5787 int
 5788 nfscl_layoutcommit(vnode_t vp, NFSPROC_T *p)
 5789 {
 5790         struct nfsclclient *clp;
 5791         struct nfscllayout *lyp;
 5792         struct nfsnode *np = VTONFS(vp);
 5793         mount_t mp;
 5794         struct nfsmount *nmp;
 5795 
 5796         mp = vp->v_mount;
 5797         nmp = VFSTONFS(mp);
 5798         if (NFSHASNOLAYOUTCOMMIT(nmp))
 5799                 return (0);
 5800         NFSLOCKCLSTATE();
 5801         clp = nmp->nm_clp;
 5802         if (clp == NULL) {
 5803                 NFSUNLOCKCLSTATE();
 5804                 return (EPERM);
 5805         }
 5806         lyp = nfscl_findlayout(clp, np->n_fhp->nfh_fh, np->n_fhp->nfh_len);
 5807         if (lyp == NULL) {
 5808                 NFSUNLOCKCLSTATE();
 5809                 return (EPERM);
 5810         }
 5811         nfsv4_getref(&lyp->nfsly_lock, NULL, NFSCLSTATEMUTEXPTR, mp);
 5812         if (NFSCL_FORCEDISM(mp)) {
 5813                 NFSUNLOCKCLSTATE();
 5814                 return (EPERM);
 5815         }
 5816 tryagain:
 5817         if ((lyp->nfsly_flags & NFSLY_WRITTEN) != 0) {
 5818                 lyp->nfsly_flags &= ~NFSLY_WRITTEN;
 5819                 NFSUNLOCKCLSTATE();
 5820                 NFSCL_DEBUG(4, "do layoutcommit2\n");
 5821                 nfscl_dolayoutcommit(clp->nfsc_nmp, lyp, NFSPROCCRED(p), p);
 5822                 NFSLOCKCLSTATE();
 5823                 goto tryagain;
 5824         }
 5825         nfsv4_relref(&lyp->nfsly_lock);
 5826         NFSUNLOCKCLSTATE();
 5827         return (0);
 5828 }

Cache object: 9c45bd3b8948648a96633cbfef6104b1


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.