1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2009 Rick Macklem, University of Guelph
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 *
28 */
29
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
32
33 #include "opt_inet.h"
34 #include "opt_inet6.h"
35 #include <sys/extattr.h>
36 #include <fs/nfs/nfsport.h>
37
38 struct nfsrv_stablefirst nfsrv_stablefirst;
39 int nfsrv_issuedelegs = 0;
40 int nfsrv_dolocallocks = 0;
41 struct nfsv4lock nfsv4rootfs_lock;
42 time_t nfsdev_time = 0;
43 int nfsrv_layouthashsize;
44 volatile int nfsrv_layoutcnt = 0;
45 extern uint32_t nfs_srvmaxio;
46
47 extern int newnfs_numnfsd;
48 extern struct nfsstatsv1 nfsstatsv1;
49 extern int nfsrv_lease;
50 extern struct timeval nfsboottime;
51 extern u_int32_t newnfs_true, newnfs_false;
52 extern struct mtx nfsrv_dslock_mtx;
53 extern struct mtx nfsrv_recalllock_mtx;
54 extern struct mtx nfsrv_dontlistlock_mtx;
55 extern int nfsd_debuglevel;
56 extern u_int nfsrv_dsdirsize;
57 extern struct nfsdevicehead nfsrv_devidhead;
58 extern int nfsrv_doflexfile;
59 extern int nfsrv_maxpnfsmirror;
60 NFSV4ROOTLOCKMUTEX;
61 NFSSTATESPINLOCK;
62 extern struct nfsdontlisthead nfsrv_dontlisthead;
63 extern volatile int nfsrv_devidcnt;
64 extern struct nfslayouthead nfsrv_recalllisthead;
65 extern char *nfsrv_zeropnfsdat;
66
67 SYSCTL_DECL(_vfs_nfsd);
68 int nfsrv_statehashsize = NFSSTATEHASHSIZE;
69 SYSCTL_INT(_vfs_nfsd, OID_AUTO, statehashsize, CTLFLAG_RDTUN,
70 &nfsrv_statehashsize, 0,
71 "Size of state hash table set via loader.conf");
72
73 int nfsrv_clienthashsize = NFSCLIENTHASHSIZE;
74 SYSCTL_INT(_vfs_nfsd, OID_AUTO, clienthashsize, CTLFLAG_RDTUN,
75 &nfsrv_clienthashsize, 0,
76 "Size of client hash table set via loader.conf");
77
78 int nfsrv_lockhashsize = NFSLOCKHASHSIZE;
79 SYSCTL_INT(_vfs_nfsd, OID_AUTO, fhhashsize, CTLFLAG_RDTUN,
80 &nfsrv_lockhashsize, 0,
81 "Size of file handle hash table set via loader.conf");
82
83 int nfsrv_sessionhashsize = NFSSESSIONHASHSIZE;
84 SYSCTL_INT(_vfs_nfsd, OID_AUTO, sessionhashsize, CTLFLAG_RDTUN,
85 &nfsrv_sessionhashsize, 0,
86 "Size of session hash table set via loader.conf");
87
88 int nfsrv_layouthighwater = NFSLAYOUTHIGHWATER;
89 SYSCTL_INT(_vfs_nfsd, OID_AUTO, layouthighwater, CTLFLAG_RDTUN,
90 &nfsrv_layouthighwater, 0,
91 "High water mark for number of layouts set via loader.conf");
92
93 static int nfsrv_v4statelimit = NFSRV_V4STATELIMIT;
94 SYSCTL_INT(_vfs_nfsd, OID_AUTO, v4statelimit, CTLFLAG_RWTUN,
95 &nfsrv_v4statelimit, 0,
96 "High water limit for NFSv4 opens+locks+delegations");
97
98 static int nfsrv_writedelegifpos = 0;
99 SYSCTL_INT(_vfs_nfsd, OID_AUTO, writedelegifpos, CTLFLAG_RW,
100 &nfsrv_writedelegifpos, 0,
101 "Issue a write delegation for read opens if possible");
102
103 static int nfsrv_allowreadforwriteopen = 1;
104 SYSCTL_INT(_vfs_nfsd, OID_AUTO, allowreadforwriteopen, CTLFLAG_RW,
105 &nfsrv_allowreadforwriteopen, 0,
106 "Allow Reads to be done with Write Access StateIDs");
107
108 int nfsrv_pnfsatime = 0;
109 SYSCTL_INT(_vfs_nfsd, OID_AUTO, pnfsstrictatime, CTLFLAG_RW,
110 &nfsrv_pnfsatime, 0,
111 "For pNFS service, do Getattr ops to keep atime up-to-date");
112
113 int nfsrv_flexlinuxhack = 0;
114 SYSCTL_INT(_vfs_nfsd, OID_AUTO, flexlinuxhack, CTLFLAG_RW,
115 &nfsrv_flexlinuxhack, 0,
116 "For Linux clients, hack around Flex File Layout bug");
117
118 /*
119 * Hash lists for nfs V4.
120 */
121 struct nfsclienthashhead *nfsclienthash;
122 struct nfslockhashhead *nfslockhash;
123 struct nfssessionhash *nfssessionhash;
124 struct nfslayouthash *nfslayouthash;
125 volatile int nfsrv_dontlistlen = 0;
126
127 static u_int32_t nfsrv_openpluslock = 0, nfsrv_delegatecnt = 0;
128 static time_t nfsrvboottime;
129 static int nfsrv_returnoldstateid = 0, nfsrv_clients = 0;
130 static int nfsrv_clienthighwater = NFSRV_CLIENTHIGHWATER;
131 static int nfsrv_nogsscallback = 0;
132 static volatile int nfsrv_writedelegcnt = 0;
133 static int nfsrv_faildscnt;
134
135 /* local functions */
136 static void nfsrv_dumpaclient(struct nfsclient *clp,
137 struct nfsd_dumpclients *dumpp);
138 static void nfsrv_freeopenowner(struct nfsstate *stp, int cansleep,
139 NFSPROC_T *p);
140 static int nfsrv_freeopen(struct nfsstate *stp, vnode_t vp, int cansleep,
141 NFSPROC_T *p);
142 static void nfsrv_freelockowner(struct nfsstate *stp, vnode_t vp, int cansleep,
143 NFSPROC_T *p);
144 static void nfsrv_freeallnfslocks(struct nfsstate *stp, vnode_t vp,
145 int cansleep, NFSPROC_T *p);
146 static void nfsrv_freenfslock(struct nfslock *lop);
147 static void nfsrv_freenfslockfile(struct nfslockfile *lfp);
148 static void nfsrv_freedeleg(struct nfsstate *);
149 static int nfsrv_getstate(struct nfsclient *clp, nfsv4stateid_t *stateidp,
150 u_int32_t flags, struct nfsstate **stpp);
151 static void nfsrv_getowner(struct nfsstatehead *hp, struct nfsstate *new_stp,
152 struct nfsstate **stpp);
153 static int nfsrv_getlockfh(vnode_t vp, u_short flags,
154 struct nfslockfile *new_lfp, fhandle_t *nfhp, NFSPROC_T *p);
155 static int nfsrv_getlockfile(u_short flags, struct nfslockfile **new_lfpp,
156 struct nfslockfile **lfpp, fhandle_t *nfhp, int lockit);
157 static void nfsrv_insertlock(struct nfslock *new_lop,
158 struct nfslock *insert_lop, struct nfsstate *stp, struct nfslockfile *lfp);
159 static void nfsrv_updatelock(struct nfsstate *stp, struct nfslock **new_lopp,
160 struct nfslock **other_lopp, struct nfslockfile *lfp);
161 static int nfsrv_getipnumber(u_char *cp);
162 static int nfsrv_checkrestart(nfsquad_t clientid, u_int32_t flags,
163 nfsv4stateid_t *stateidp, int specialid);
164 static int nfsrv_checkgrace(struct nfsrv_descript *nd, struct nfsclient *clp,
165 u_int32_t flags);
166 static int nfsrv_docallback(struct nfsclient *clp, int procnum,
167 nfsv4stateid_t *stateidp, int trunc, fhandle_t *fhp,
168 struct nfsvattr *nap, nfsattrbit_t *attrbitp, int laytype, NFSPROC_T *p);
169 static int nfsrv_cbcallargs(struct nfsrv_descript *nd, struct nfsclient *clp,
170 uint32_t callback, int op, const char *optag, struct nfsdsession **sepp,
171 int *slotposp);
172 static u_int32_t nfsrv_nextclientindex(void);
173 static u_int32_t nfsrv_nextstateindex(struct nfsclient *clp);
174 static void nfsrv_markstable(struct nfsclient *clp);
175 static void nfsrv_markreclaim(struct nfsclient *clp);
176 static int nfsrv_checkstable(struct nfsclient *clp);
177 static int nfsrv_clientconflict(struct nfsclient *clp, int *haslockp, struct
178 vnode *vp, NFSPROC_T *p);
179 static int nfsrv_delegconflict(struct nfsstate *stp, int *haslockp,
180 NFSPROC_T *p, vnode_t vp);
181 static int nfsrv_cleandeleg(vnode_t vp, struct nfslockfile *lfp,
182 struct nfsclient *clp, int *haslockp, NFSPROC_T *p);
183 static int nfsrv_notsamecredname(struct nfsrv_descript *nd,
184 struct nfsclient *clp);
185 static time_t nfsrv_leaseexpiry(void);
186 static void nfsrv_delaydelegtimeout(struct nfsstate *stp);
187 static int nfsrv_checkseqid(struct nfsrv_descript *nd, u_int32_t seqid,
188 struct nfsstate *stp, struct nfsrvcache *op);
189 static int nfsrv_nootherstate(struct nfsstate *stp);
190 static int nfsrv_locallock(vnode_t vp, struct nfslockfile *lfp, int flags,
191 uint64_t first, uint64_t end, struct nfslockconflict *cfp, NFSPROC_T *p);
192 static void nfsrv_localunlock(vnode_t vp, struct nfslockfile *lfp,
193 uint64_t init_first, uint64_t init_end, NFSPROC_T *p);
194 static int nfsrv_dolocal(vnode_t vp, struct nfslockfile *lfp, int flags,
195 int oldflags, uint64_t first, uint64_t end, struct nfslockconflict *cfp,
196 NFSPROC_T *p);
197 static void nfsrv_locallock_rollback(vnode_t vp, struct nfslockfile *lfp,
198 NFSPROC_T *p);
199 static void nfsrv_locallock_commit(struct nfslockfile *lfp, int flags,
200 uint64_t first, uint64_t end);
201 static void nfsrv_locklf(struct nfslockfile *lfp);
202 static void nfsrv_unlocklf(struct nfslockfile *lfp);
203 static struct nfsdsession *nfsrv_findsession(uint8_t *sessionid);
204 static int nfsrv_freesession(struct nfsdsession *sep, uint8_t *sessionid);
205 static int nfsv4_setcbsequence(struct nfsrv_descript *nd, struct nfsclient *clp,
206 int dont_replycache, struct nfsdsession **sepp, int *slotposp);
207 static int nfsv4_getcbsession(struct nfsclient *clp, struct nfsdsession **sepp);
208 static int nfsrv_addlayout(struct nfsrv_descript *nd, struct nfslayout **lypp,
209 nfsv4stateid_t *stateidp, char *layp, int *layoutlenp, NFSPROC_T *p);
210 static void nfsrv_freelayout(struct nfslayouthead *lhp, struct nfslayout *lyp);
211 static void nfsrv_freelayoutlist(nfsquad_t clientid);
212 static void nfsrv_freelayouts(nfsquad_t *clid, fsid_t *fs, int laytype,
213 int iomode);
214 static void nfsrv_freealllayouts(void);
215 static void nfsrv_freedevid(struct nfsdevice *ds);
216 static int nfsrv_setdsserver(char *dspathp, char *mdspathp, NFSPROC_T *p,
217 struct nfsdevice **dsp);
218 static void nfsrv_deleteds(struct nfsdevice *fndds);
219 static void nfsrv_allocdevid(struct nfsdevice *ds, char *addr, char *dnshost);
220 static void nfsrv_freealldevids(void);
221 static void nfsrv_flexlayouterr(struct nfsrv_descript *nd, uint32_t *layp,
222 int maxcnt, NFSPROC_T *p);
223 static int nfsrv_recalllayout(nfsquad_t clid, nfsv4stateid_t *stateidp,
224 fhandle_t *fhp, struct nfslayout *lyp, int changed, int laytype,
225 NFSPROC_T *p);
226 static int nfsrv_findlayout(nfsquad_t *clientidp, fhandle_t *fhp, int laytype,
227 NFSPROC_T *, struct nfslayout **lypp);
228 static int nfsrv_fndclid(nfsquad_t *clidvec, nfsquad_t clid, int clidcnt);
229 static struct nfslayout *nfsrv_filelayout(struct nfsrv_descript *nd, int iomode,
230 fhandle_t *fhp, fhandle_t *dsfhp, char *devid, fsid_t fs);
231 static struct nfslayout *nfsrv_flexlayout(struct nfsrv_descript *nd, int iomode,
232 int mirrorcnt, fhandle_t *fhp, fhandle_t *dsfhp, char *devid, fsid_t fs);
233 static int nfsrv_dontlayout(fhandle_t *fhp);
234 static int nfsrv_createdsfile(vnode_t vp, fhandle_t *fhp, struct pnfsdsfile *pf,
235 vnode_t dvp, struct nfsdevice *ds, struct ucred *cred, NFSPROC_T *p,
236 vnode_t *tvpp);
237 static struct nfsdevice *nfsrv_findmirroredds(struct nfsmount *nmp);
238
239 /*
240 * Scan the client list for a match and either return the current one,
241 * create a new entry or return an error.
242 * If returning a non-error, the clp structure must either be linked into
243 * the client list or free'd.
244 */
245 int
246 nfsrv_setclient(struct nfsrv_descript *nd, struct nfsclient **new_clpp,
247 nfsquad_t *clientidp, nfsquad_t *confirmp, NFSPROC_T *p)
248 {
249 struct nfsclient *clp = NULL, *new_clp = *new_clpp;
250 int i, error = 0, ret;
251 struct nfsstate *stp, *tstp;
252 #ifdef INET
253 struct sockaddr_in *sin, *rin;
254 #endif
255 #ifdef INET6
256 struct sockaddr_in6 *sin6, *rin6;
257 #endif
258 struct nfsdsession *sep, *nsep;
259 int zapit = 0, gotit, hasstate = 0, igotlock;
260 static u_int64_t confirm_index = 0;
261
262 /*
263 * Check for state resource limit exceeded.
264 */
265 if (nfsrv_openpluslock > nfsrv_v4statelimit) {
266 error = NFSERR_RESOURCE;
267 goto out;
268 }
269
270 if (nfsrv_issuedelegs == 0 ||
271 ((nd->nd_flag & ND_GSS) != 0 && nfsrv_nogsscallback != 0))
272 /*
273 * Don't do callbacks when delegations are disabled or
274 * for AUTH_GSS unless enabled via nfsrv_nogsscallback.
275 * If establishing a callback connection is attempted
276 * when a firewall is blocking the callback path, the
277 * server may wait too long for the connect attempt to
278 * succeed during the Open. Some clients, such as Linux,
279 * may timeout and give up on the Open before the server
280 * replies. Also, since AUTH_GSS callbacks are not
281 * yet interoperability tested, they might cause the
282 * server to crap out, if they get past the Init call to
283 * the client.
284 */
285 new_clp->lc_program = 0;
286
287 /* Lock out other nfsd threads */
288 NFSLOCKV4ROOTMUTEX();
289 nfsv4_relref(&nfsv4rootfs_lock);
290 do {
291 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
292 NFSV4ROOTLOCKMUTEXPTR, NULL);
293 } while (!igotlock);
294 NFSUNLOCKV4ROOTMUTEX();
295
296 /*
297 * Search for a match in the client list.
298 */
299 gotit = i = 0;
300 while (i < nfsrv_clienthashsize && !gotit) {
301 LIST_FOREACH(clp, &nfsclienthash[i], lc_hash) {
302 if (new_clp->lc_idlen == clp->lc_idlen &&
303 !NFSBCMP(new_clp->lc_id, clp->lc_id, clp->lc_idlen)) {
304 gotit = 1;
305 break;
306 }
307 }
308 if (gotit == 0)
309 i++;
310 }
311 if (!gotit ||
312 (clp->lc_flags & (LCL_NEEDSCONFIRM | LCL_ADMINREVOKED))) {
313 if ((nd->nd_flag & ND_NFSV41) != 0 && confirmp->lval[1] != 0) {
314 /*
315 * For NFSv4.1, if confirmp->lval[1] is non-zero, the
316 * client is trying to update a confirmed clientid.
317 */
318 NFSLOCKV4ROOTMUTEX();
319 nfsv4_unlock(&nfsv4rootfs_lock, 1);
320 NFSUNLOCKV4ROOTMUTEX();
321 confirmp->lval[1] = 0;
322 error = NFSERR_NOENT;
323 goto out;
324 }
325 /*
326 * Get rid of the old one.
327 */
328 if (i != nfsrv_clienthashsize) {
329 LIST_REMOVE(clp, lc_hash);
330 nfsrv_cleanclient(clp, p);
331 nfsrv_freedeleglist(&clp->lc_deleg);
332 nfsrv_freedeleglist(&clp->lc_olddeleg);
333 zapit = 1;
334 }
335 /*
336 * Add it after assigning a client id to it.
337 */
338 new_clp->lc_flags |= LCL_NEEDSCONFIRM;
339 if ((nd->nd_flag & ND_NFSV41) != 0) {
340 confirmp->lval[0] = ++confirm_index;
341 new_clp->lc_confirm.lval[0] = confirmp->lval[0] - 1;
342 } else
343 confirmp->qval = new_clp->lc_confirm.qval =
344 ++confirm_index;
345 clientidp->lval[0] = new_clp->lc_clientid.lval[0] =
346 (u_int32_t)nfsrvboottime;
347 clientidp->lval[1] = new_clp->lc_clientid.lval[1] =
348 nfsrv_nextclientindex();
349 new_clp->lc_stateindex = 0;
350 new_clp->lc_statemaxindex = 0;
351 new_clp->lc_prevsess = 0;
352 new_clp->lc_cbref = 0;
353 new_clp->lc_expiry = nfsrv_leaseexpiry();
354 LIST_INIT(&new_clp->lc_open);
355 LIST_INIT(&new_clp->lc_deleg);
356 LIST_INIT(&new_clp->lc_olddeleg);
357 LIST_INIT(&new_clp->lc_session);
358 for (i = 0; i < nfsrv_statehashsize; i++)
359 LIST_INIT(&new_clp->lc_stateid[i]);
360 LIST_INSERT_HEAD(NFSCLIENTHASH(new_clp->lc_clientid), new_clp,
361 lc_hash);
362 nfsstatsv1.srvclients++;
363 nfsrv_openpluslock++;
364 nfsrv_clients++;
365 NFSLOCKV4ROOTMUTEX();
366 nfsv4_unlock(&nfsv4rootfs_lock, 1);
367 NFSUNLOCKV4ROOTMUTEX();
368 if (zapit)
369 nfsrv_zapclient(clp, p);
370 *new_clpp = NULL;
371 goto out;
372 }
373
374 /*
375 * Now, handle the cases where the id is already issued.
376 */
377 if (nfsrv_notsamecredname(nd, clp)) {
378 /*
379 * Check to see if there is expired state that should go away.
380 */
381 if (clp->lc_expiry < NFSD_MONOSEC &&
382 (!LIST_EMPTY(&clp->lc_open) || !LIST_EMPTY(&clp->lc_deleg))) {
383 nfsrv_cleanclient(clp, p);
384 nfsrv_freedeleglist(&clp->lc_deleg);
385 }
386
387 /*
388 * If there is outstanding state, then reply NFSERR_CLIDINUSE per
389 * RFC3530 Sec. 8.1.2 last para.
390 */
391 if (!LIST_EMPTY(&clp->lc_deleg)) {
392 hasstate = 1;
393 } else if (LIST_EMPTY(&clp->lc_open)) {
394 hasstate = 0;
395 } else {
396 hasstate = 0;
397 /* Look for an Open on the OpenOwner */
398 LIST_FOREACH(stp, &clp->lc_open, ls_list) {
399 if (!LIST_EMPTY(&stp->ls_open)) {
400 hasstate = 1;
401 break;
402 }
403 }
404 }
405 if (hasstate) {
406 /*
407 * If the uid doesn't match, return NFSERR_CLIDINUSE after
408 * filling out the correct ipaddr and portnum.
409 */
410 switch (clp->lc_req.nr_nam->sa_family) {
411 #ifdef INET
412 case AF_INET:
413 sin = (struct sockaddr_in *)new_clp->lc_req.nr_nam;
414 rin = (struct sockaddr_in *)clp->lc_req.nr_nam;
415 sin->sin_addr.s_addr = rin->sin_addr.s_addr;
416 sin->sin_port = rin->sin_port;
417 break;
418 #endif
419 #ifdef INET6
420 case AF_INET6:
421 sin6 = (struct sockaddr_in6 *)new_clp->lc_req.nr_nam;
422 rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam;
423 sin6->sin6_addr = rin6->sin6_addr;
424 sin6->sin6_port = rin6->sin6_port;
425 break;
426 #endif
427 }
428 NFSLOCKV4ROOTMUTEX();
429 nfsv4_unlock(&nfsv4rootfs_lock, 1);
430 NFSUNLOCKV4ROOTMUTEX();
431 error = NFSERR_CLIDINUSE;
432 goto out;
433 }
434 }
435
436 if (NFSBCMP(new_clp->lc_verf, clp->lc_verf, NFSX_VERF)) {
437 /*
438 * If the verifier has changed, the client has rebooted
439 * and a new client id is issued. The old state info
440 * can be thrown away once the SETCLIENTID_CONFIRM occurs.
441 */
442 LIST_REMOVE(clp, lc_hash);
443
444 /* Get rid of all sessions on this clientid. */
445 LIST_FOREACH_SAFE(sep, &clp->lc_session, sess_list, nsep) {
446 ret = nfsrv_freesession(sep, NULL);
447 if (ret != 0)
448 printf("nfsrv_setclient: verifier changed free"
449 " session failed=%d\n", ret);
450 }
451
452 new_clp->lc_flags |= LCL_NEEDSCONFIRM;
453 if ((nd->nd_flag & ND_NFSV41) != 0) {
454 confirmp->lval[0] = ++confirm_index;
455 new_clp->lc_confirm.lval[0] = confirmp->lval[0] - 1;
456 } else
457 confirmp->qval = new_clp->lc_confirm.qval =
458 ++confirm_index;
459 clientidp->lval[0] = new_clp->lc_clientid.lval[0] =
460 nfsrvboottime;
461 clientidp->lval[1] = new_clp->lc_clientid.lval[1] =
462 nfsrv_nextclientindex();
463 new_clp->lc_stateindex = 0;
464 new_clp->lc_statemaxindex = 0;
465 new_clp->lc_prevsess = 0;
466 new_clp->lc_cbref = 0;
467 new_clp->lc_expiry = nfsrv_leaseexpiry();
468
469 /*
470 * Save the state until confirmed.
471 */
472 LIST_NEWHEAD(&new_clp->lc_open, &clp->lc_open, ls_list);
473 LIST_FOREACH(tstp, &new_clp->lc_open, ls_list)
474 tstp->ls_clp = new_clp;
475 LIST_NEWHEAD(&new_clp->lc_deleg, &clp->lc_deleg, ls_list);
476 LIST_FOREACH(tstp, &new_clp->lc_deleg, ls_list)
477 tstp->ls_clp = new_clp;
478 LIST_NEWHEAD(&new_clp->lc_olddeleg, &clp->lc_olddeleg,
479 ls_list);
480 LIST_FOREACH(tstp, &new_clp->lc_olddeleg, ls_list)
481 tstp->ls_clp = new_clp;
482 for (i = 0; i < nfsrv_statehashsize; i++) {
483 LIST_NEWHEAD(&new_clp->lc_stateid[i],
484 &clp->lc_stateid[i], ls_hash);
485 LIST_FOREACH(tstp, &new_clp->lc_stateid[i], ls_hash)
486 tstp->ls_clp = new_clp;
487 }
488 LIST_INIT(&new_clp->lc_session);
489 LIST_INSERT_HEAD(NFSCLIENTHASH(new_clp->lc_clientid), new_clp,
490 lc_hash);
491 nfsstatsv1.srvclients++;
492 nfsrv_openpluslock++;
493 nfsrv_clients++;
494 NFSLOCKV4ROOTMUTEX();
495 nfsv4_unlock(&nfsv4rootfs_lock, 1);
496 NFSUNLOCKV4ROOTMUTEX();
497
498 /*
499 * Must wait until any outstanding callback on the old clp
500 * completes.
501 */
502 NFSLOCKSTATE();
503 while (clp->lc_cbref) {
504 clp->lc_flags |= LCL_WAKEUPWANTED;
505 (void)mtx_sleep(clp, NFSSTATEMUTEXPTR, PZERO - 1,
506 "nfsd clp", 10 * hz);
507 }
508 NFSUNLOCKSTATE();
509 nfsrv_zapclient(clp, p);
510 *new_clpp = NULL;
511 goto out;
512 }
513
514 /* For NFSv4.1, mark that we found a confirmed clientid. */
515 if ((nd->nd_flag & ND_NFSV41) != 0) {
516 clientidp->lval[0] = clp->lc_clientid.lval[0];
517 clientidp->lval[1] = clp->lc_clientid.lval[1];
518 confirmp->lval[0] = 0; /* Ignored by client */
519 confirmp->lval[1] = 1;
520 } else {
521 /*
522 * id and verifier match, so update the net address info
523 * and get rid of any existing callback authentication
524 * handle, so a new one will be acquired.
525 */
526 LIST_REMOVE(clp, lc_hash);
527 new_clp->lc_flags |= (LCL_NEEDSCONFIRM | LCL_DONTCLEAN);
528 new_clp->lc_expiry = nfsrv_leaseexpiry();
529 confirmp->qval = new_clp->lc_confirm.qval = ++confirm_index;
530 clientidp->lval[0] = new_clp->lc_clientid.lval[0] =
531 clp->lc_clientid.lval[0];
532 clientidp->lval[1] = new_clp->lc_clientid.lval[1] =
533 clp->lc_clientid.lval[1];
534 new_clp->lc_delegtime = clp->lc_delegtime;
535 new_clp->lc_stateindex = clp->lc_stateindex;
536 new_clp->lc_statemaxindex = clp->lc_statemaxindex;
537 new_clp->lc_cbref = 0;
538 LIST_NEWHEAD(&new_clp->lc_open, &clp->lc_open, ls_list);
539 LIST_FOREACH(tstp, &new_clp->lc_open, ls_list)
540 tstp->ls_clp = new_clp;
541 LIST_NEWHEAD(&new_clp->lc_deleg, &clp->lc_deleg, ls_list);
542 LIST_FOREACH(tstp, &new_clp->lc_deleg, ls_list)
543 tstp->ls_clp = new_clp;
544 LIST_NEWHEAD(&new_clp->lc_olddeleg, &clp->lc_olddeleg, ls_list);
545 LIST_FOREACH(tstp, &new_clp->lc_olddeleg, ls_list)
546 tstp->ls_clp = new_clp;
547 for (i = 0; i < nfsrv_statehashsize; i++) {
548 LIST_NEWHEAD(&new_clp->lc_stateid[i],
549 &clp->lc_stateid[i], ls_hash);
550 LIST_FOREACH(tstp, &new_clp->lc_stateid[i], ls_hash)
551 tstp->ls_clp = new_clp;
552 }
553 LIST_INIT(&new_clp->lc_session);
554 LIST_INSERT_HEAD(NFSCLIENTHASH(new_clp->lc_clientid), new_clp,
555 lc_hash);
556 nfsstatsv1.srvclients++;
557 nfsrv_openpluslock++;
558 nfsrv_clients++;
559 }
560 NFSLOCKV4ROOTMUTEX();
561 nfsv4_unlock(&nfsv4rootfs_lock, 1);
562 NFSUNLOCKV4ROOTMUTEX();
563
564 if ((nd->nd_flag & ND_NFSV41) == 0) {
565 /*
566 * Must wait until any outstanding callback on the old clp
567 * completes.
568 */
569 NFSLOCKSTATE();
570 while (clp->lc_cbref) {
571 clp->lc_flags |= LCL_WAKEUPWANTED;
572 (void)mtx_sleep(clp, NFSSTATEMUTEXPTR, PZERO - 1,
573 "nfsdclp", 10 * hz);
574 }
575 NFSUNLOCKSTATE();
576 nfsrv_zapclient(clp, p);
577 *new_clpp = NULL;
578 }
579
580 out:
581 NFSEXITCODE2(error, nd);
582 return (error);
583 }
584
585 /*
586 * Check to see if the client id exists and optionally confirm it.
587 */
588 int
589 nfsrv_getclient(nfsquad_t clientid, int opflags, struct nfsclient **clpp,
590 struct nfsdsession *nsep, nfsquad_t confirm, uint32_t cbprogram,
591 struct nfsrv_descript *nd, NFSPROC_T *p)
592 {
593 struct nfsclient *clp;
594 struct nfsstate *stp;
595 int i;
596 struct nfsclienthashhead *hp;
597 int error = 0, igotlock, doneok;
598 struct nfssessionhash *shp;
599 struct nfsdsession *sep;
600 uint64_t sessid[2];
601 bool sess_replay;
602 static uint64_t next_sess = 0;
603
604 if (clpp)
605 *clpp = NULL;
606 if ((nd == NULL || (nd->nd_flag & ND_NFSV41) == 0 ||
607 opflags != CLOPS_RENEW) && nfsrvboottime != clientid.lval[0]) {
608 error = NFSERR_STALECLIENTID;
609 goto out;
610 }
611
612 /*
613 * If called with opflags == CLOPS_RENEW, the State Lock is
614 * already held. Otherwise, we need to get either that or,
615 * for the case of Confirm, lock out the nfsd threads.
616 */
617 if (opflags & CLOPS_CONFIRM) {
618 NFSLOCKV4ROOTMUTEX();
619 nfsv4_relref(&nfsv4rootfs_lock);
620 do {
621 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
622 NFSV4ROOTLOCKMUTEXPTR, NULL);
623 } while (!igotlock);
624 /*
625 * Create a new sessionid here, since we need to do it where
626 * there is a mutex held to serialize update of next_sess.
627 */
628 if ((nd->nd_flag & ND_NFSV41) != 0) {
629 sessid[0] = ++next_sess;
630 sessid[1] = clientid.qval;
631 }
632 NFSUNLOCKV4ROOTMUTEX();
633 } else if (opflags != CLOPS_RENEW) {
634 NFSLOCKSTATE();
635 }
636
637 /* For NFSv4.1, the clp is acquired from the associated session. */
638 if (nd != NULL && (nd->nd_flag & ND_NFSV41) != 0 &&
639 opflags == CLOPS_RENEW) {
640 clp = NULL;
641 if ((nd->nd_flag & ND_HASSEQUENCE) != 0) {
642 shp = NFSSESSIONHASH(nd->nd_sessionid);
643 NFSLOCKSESSION(shp);
644 sep = nfsrv_findsession(nd->nd_sessionid);
645 if (sep != NULL)
646 clp = sep->sess_clp;
647 NFSUNLOCKSESSION(shp);
648 }
649 } else {
650 hp = NFSCLIENTHASH(clientid);
651 LIST_FOREACH(clp, hp, lc_hash) {
652 if (clp->lc_clientid.lval[1] == clientid.lval[1])
653 break;
654 }
655 }
656 if (clp == NULL) {
657 if (opflags & CLOPS_CONFIRM)
658 error = NFSERR_STALECLIENTID;
659 else
660 error = NFSERR_EXPIRED;
661 } else if (clp->lc_flags & LCL_ADMINREVOKED) {
662 /*
663 * If marked admin revoked, just return the error.
664 */
665 error = NFSERR_ADMINREVOKED;
666 }
667 if (error) {
668 if (opflags & CLOPS_CONFIRM) {
669 NFSLOCKV4ROOTMUTEX();
670 nfsv4_unlock(&nfsv4rootfs_lock, 1);
671 NFSUNLOCKV4ROOTMUTEX();
672 } else if (opflags != CLOPS_RENEW) {
673 NFSUNLOCKSTATE();
674 }
675 goto out;
676 }
677
678 /*
679 * Perform any operations specified by the opflags.
680 */
681 if (opflags & CLOPS_CONFIRM) {
682 sess_replay = false;
683 if ((nd->nd_flag & ND_NFSV41) != 0) {
684 /*
685 * For the case where lc_confirm.lval[0] == confirm.lval[0],
686 * use the new session, but with the previous sessionid.
687 * This is not exactly what the RFC describes, but should
688 * result in the same reply as the previous CreateSession.
689 */
690 if (clp->lc_confirm.lval[0] + 1 == confirm.lval[0]) {
691 clp->lc_confirm.lval[0] = confirm.lval[0];
692 clp->lc_prevsess = sessid[0];
693 } else if (clp->lc_confirm.lval[0] == confirm.lval[0]) {
694 if (clp->lc_prevsess == 0)
695 error = NFSERR_SEQMISORDERED;
696 else
697 sessid[0] = clp->lc_prevsess;
698 sess_replay = true;
699 } else
700 error = NFSERR_SEQMISORDERED;
701 } else if ((nd->nd_flag & ND_NFSV41) == 0 &&
702 clp->lc_confirm.qval != confirm.qval)
703 error = NFSERR_STALECLIENTID;
704 if (error == 0 && nfsrv_notsamecredname(nd, clp))
705 error = NFSERR_CLIDINUSE;
706
707 if (!error) {
708 if ((clp->lc_flags & (LCL_NEEDSCONFIRM | LCL_DONTCLEAN)) ==
709 LCL_NEEDSCONFIRM) {
710 /*
711 * Hang onto the delegations (as old delegations)
712 * for an Open with CLAIM_DELEGATE_PREV unless in
713 * grace, but get rid of the rest of the state.
714 */
715 nfsrv_cleanclient(clp, p);
716 nfsrv_freedeleglist(&clp->lc_olddeleg);
717 if (nfsrv_checkgrace(nd, clp, 0)) {
718 /* In grace, so just delete delegations */
719 nfsrv_freedeleglist(&clp->lc_deleg);
720 } else {
721 LIST_FOREACH(stp, &clp->lc_deleg, ls_list)
722 stp->ls_flags |= NFSLCK_OLDDELEG;
723 clp->lc_delegtime = NFSD_MONOSEC +
724 nfsrv_lease + NFSRV_LEASEDELTA;
725 LIST_NEWHEAD(&clp->lc_olddeleg, &clp->lc_deleg,
726 ls_list);
727 }
728 if ((nd->nd_flag & ND_NFSV41) != 0)
729 clp->lc_program = cbprogram;
730 }
731 clp->lc_flags &= ~(LCL_NEEDSCONFIRM | LCL_DONTCLEAN);
732 if (clp->lc_program)
733 clp->lc_flags |= LCL_NEEDSCBNULL;
734 /* For NFSv4.1, link the session onto the client. */
735 if (nsep != NULL) {
736 /* Hold a reference on the xprt for a backchannel. */
737 if ((nsep->sess_crflags & NFSV4CRSESS_CONNBACKCHAN)
738 != 0 && !sess_replay) {
739 if (clp->lc_req.nr_client == NULL)
740 clp->lc_req.nr_client = (struct __rpc_client *)
741 clnt_bck_create(nd->nd_xprt->xp_socket,
742 cbprogram, NFSV4_CBVERS);
743 if (clp->lc_req.nr_client != NULL) {
744 SVC_ACQUIRE(nd->nd_xprt);
745 CLNT_ACQUIRE(clp->lc_req.nr_client);
746 nd->nd_xprt->xp_p2 = clp->lc_req.nr_client;
747 /* Disable idle timeout. */
748 nd->nd_xprt->xp_idletimeout = 0;
749 nsep->sess_cbsess.nfsess_xprt = nd->nd_xprt;
750 } else
751 nsep->sess_crflags &= ~NFSV4CRSESS_CONNBACKCHAN;
752 }
753 NFSBCOPY(sessid, nsep->sess_sessionid,
754 NFSX_V4SESSIONID);
755 NFSBCOPY(sessid, nsep->sess_cbsess.nfsess_sessionid,
756 NFSX_V4SESSIONID);
757 if (!sess_replay) {
758 shp = NFSSESSIONHASH(nsep->sess_sessionid);
759 NFSLOCKSTATE();
760 NFSLOCKSESSION(shp);
761 LIST_INSERT_HEAD(&shp->list, nsep, sess_hash);
762 LIST_INSERT_HEAD(&clp->lc_session, nsep, sess_list);
763 nsep->sess_clp = clp;
764 NFSUNLOCKSESSION(shp);
765 NFSUNLOCKSTATE();
766 }
767 }
768 }
769 } else if (clp->lc_flags & LCL_NEEDSCONFIRM) {
770 error = NFSERR_EXPIRED;
771 }
772
773 /*
774 * If called by the Renew Op, we must check the principal.
775 */
776 if (!error && (opflags & CLOPS_RENEWOP)) {
777 if (nfsrv_notsamecredname(nd, clp)) {
778 doneok = 0;
779 for (i = 0; i < nfsrv_statehashsize && doneok == 0; i++) {
780 LIST_FOREACH(stp, &clp->lc_stateid[i], ls_hash) {
781 if ((stp->ls_flags & NFSLCK_OPEN) &&
782 stp->ls_uid == nd->nd_cred->cr_uid) {
783 doneok = 1;
784 break;
785 }
786 }
787 }
788 if (!doneok)
789 error = NFSERR_ACCES;
790 }
791 if (!error && (clp->lc_flags & LCL_CBDOWN))
792 error = NFSERR_CBPATHDOWN;
793 }
794 if ((!error || error == NFSERR_CBPATHDOWN) &&
795 (opflags & CLOPS_RENEW)) {
796 clp->lc_expiry = nfsrv_leaseexpiry();
797 }
798 if (opflags & CLOPS_CONFIRM) {
799 NFSLOCKV4ROOTMUTEX();
800 nfsv4_unlock(&nfsv4rootfs_lock, 1);
801 NFSUNLOCKV4ROOTMUTEX();
802 } else if (opflags != CLOPS_RENEW) {
803 NFSUNLOCKSTATE();
804 }
805 if (clpp)
806 *clpp = clp;
807
808 out:
809 NFSEXITCODE2(error, nd);
810 return (error);
811 }
812
813 /*
814 * Perform the NFSv4.1 destroy clientid.
815 */
816 int
817 nfsrv_destroyclient(nfsquad_t clientid, NFSPROC_T *p)
818 {
819 struct nfsclient *clp;
820 struct nfsclienthashhead *hp;
821 int error = 0, i, igotlock;
822
823 if (nfsrvboottime != clientid.lval[0]) {
824 error = NFSERR_STALECLIENTID;
825 goto out;
826 }
827
828 /* Lock out other nfsd threads */
829 NFSLOCKV4ROOTMUTEX();
830 nfsv4_relref(&nfsv4rootfs_lock);
831 do {
832 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
833 NFSV4ROOTLOCKMUTEXPTR, NULL);
834 } while (igotlock == 0);
835 NFSUNLOCKV4ROOTMUTEX();
836
837 hp = NFSCLIENTHASH(clientid);
838 LIST_FOREACH(clp, hp, lc_hash) {
839 if (clp->lc_clientid.lval[1] == clientid.lval[1])
840 break;
841 }
842 if (clp == NULL) {
843 NFSLOCKV4ROOTMUTEX();
844 nfsv4_unlock(&nfsv4rootfs_lock, 1);
845 NFSUNLOCKV4ROOTMUTEX();
846 /* Just return ok, since it is gone. */
847 goto out;
848 }
849
850 /*
851 * Free up all layouts on the clientid. Should the client return the
852 * layouts?
853 */
854 nfsrv_freelayoutlist(clientid);
855
856 /* Scan for state on the clientid. */
857 for (i = 0; i < nfsrv_statehashsize; i++)
858 if (!LIST_EMPTY(&clp->lc_stateid[i])) {
859 NFSLOCKV4ROOTMUTEX();
860 nfsv4_unlock(&nfsv4rootfs_lock, 1);
861 NFSUNLOCKV4ROOTMUTEX();
862 error = NFSERR_CLIENTIDBUSY;
863 goto out;
864 }
865 if (!LIST_EMPTY(&clp->lc_session) || !LIST_EMPTY(&clp->lc_deleg)) {
866 NFSLOCKV4ROOTMUTEX();
867 nfsv4_unlock(&nfsv4rootfs_lock, 1);
868 NFSUNLOCKV4ROOTMUTEX();
869 error = NFSERR_CLIENTIDBUSY;
870 goto out;
871 }
872
873 /* Destroy the clientid and return ok. */
874 nfsrv_cleanclient(clp, p);
875 nfsrv_freedeleglist(&clp->lc_deleg);
876 nfsrv_freedeleglist(&clp->lc_olddeleg);
877 LIST_REMOVE(clp, lc_hash);
878 NFSLOCKV4ROOTMUTEX();
879 nfsv4_unlock(&nfsv4rootfs_lock, 1);
880 NFSUNLOCKV4ROOTMUTEX();
881 nfsrv_zapclient(clp, p);
882 out:
883 NFSEXITCODE2(error, nd);
884 return (error);
885 }
886
887 /*
888 * Called from the new nfssvc syscall to admin revoke a clientid.
889 * Returns 0 for success, error otherwise.
890 */
891 int
892 nfsrv_adminrevoke(struct nfsd_clid *revokep, NFSPROC_T *p)
893 {
894 struct nfsclient *clp = NULL;
895 int i, error = 0;
896 int gotit, igotlock;
897
898 /*
899 * First, lock out the nfsd so that state won't change while the
900 * revocation record is being written to the stable storage restart
901 * file.
902 */
903 NFSLOCKV4ROOTMUTEX();
904 do {
905 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
906 NFSV4ROOTLOCKMUTEXPTR, NULL);
907 } while (!igotlock);
908 NFSUNLOCKV4ROOTMUTEX();
909
910 /*
911 * Search for a match in the client list.
912 */
913 gotit = i = 0;
914 while (i < nfsrv_clienthashsize && !gotit) {
915 LIST_FOREACH(clp, &nfsclienthash[i], lc_hash) {
916 if (revokep->nclid_idlen == clp->lc_idlen &&
917 !NFSBCMP(revokep->nclid_id, clp->lc_id, clp->lc_idlen)) {
918 gotit = 1;
919 break;
920 }
921 }
922 i++;
923 }
924 if (!gotit) {
925 NFSLOCKV4ROOTMUTEX();
926 nfsv4_unlock(&nfsv4rootfs_lock, 0);
927 NFSUNLOCKV4ROOTMUTEX();
928 error = EPERM;
929 goto out;
930 }
931
932 /*
933 * Now, write out the revocation record
934 */
935 nfsrv_writestable(clp->lc_id, clp->lc_idlen, NFSNST_REVOKE, p);
936 nfsrv_backupstable();
937
938 /*
939 * and clear out the state, marking the clientid revoked.
940 */
941 clp->lc_flags &= ~LCL_CALLBACKSON;
942 clp->lc_flags |= LCL_ADMINREVOKED;
943 nfsrv_cleanclient(clp, p);
944 nfsrv_freedeleglist(&clp->lc_deleg);
945 nfsrv_freedeleglist(&clp->lc_olddeleg);
946 NFSLOCKV4ROOTMUTEX();
947 nfsv4_unlock(&nfsv4rootfs_lock, 0);
948 NFSUNLOCKV4ROOTMUTEX();
949
950 out:
951 NFSEXITCODE(error);
952 return (error);
953 }
954
955 /*
956 * Dump out stats for all clients. Called from nfssvc(2), that is used
957 * nfsstatsv1.
958 */
959 void
960 nfsrv_dumpclients(struct nfsd_dumpclients *dumpp, int maxcnt)
961 {
962 struct nfsclient *clp;
963 int i = 0, cnt = 0;
964
965 /*
966 * First, get a reference on the nfsv4rootfs_lock so that an
967 * exclusive lock cannot be acquired while dumping the clients.
968 */
969 NFSLOCKV4ROOTMUTEX();
970 nfsv4_getref(&nfsv4rootfs_lock, NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
971 NFSUNLOCKV4ROOTMUTEX();
972 NFSLOCKSTATE();
973 /*
974 * Rattle through the client lists until done.
975 */
976 while (i < nfsrv_clienthashsize && cnt < maxcnt) {
977 clp = LIST_FIRST(&nfsclienthash[i]);
978 while (clp != LIST_END(&nfsclienthash[i]) && cnt < maxcnt) {
979 nfsrv_dumpaclient(clp, &dumpp[cnt]);
980 cnt++;
981 clp = LIST_NEXT(clp, lc_hash);
982 }
983 i++;
984 }
985 if (cnt < maxcnt)
986 dumpp[cnt].ndcl_clid.nclid_idlen = 0;
987 NFSUNLOCKSTATE();
988 NFSLOCKV4ROOTMUTEX();
989 nfsv4_relref(&nfsv4rootfs_lock);
990 NFSUNLOCKV4ROOTMUTEX();
991 }
992
993 /*
994 * Dump stats for a client. Must be called with the NFSSTATELOCK and spl'd.
995 */
996 static void
997 nfsrv_dumpaclient(struct nfsclient *clp, struct nfsd_dumpclients *dumpp)
998 {
999 struct nfsstate *stp, *openstp, *lckownstp;
1000 struct nfslock *lop;
1001 sa_family_t af;
1002 #ifdef INET
1003 struct sockaddr_in *rin;
1004 #endif
1005 #ifdef INET6
1006 struct sockaddr_in6 *rin6;
1007 #endif
1008
1009 dumpp->ndcl_nopenowners = dumpp->ndcl_nlockowners = 0;
1010 dumpp->ndcl_nopens = dumpp->ndcl_nlocks = 0;
1011 dumpp->ndcl_ndelegs = dumpp->ndcl_nolddelegs = 0;
1012 dumpp->ndcl_flags = clp->lc_flags;
1013 dumpp->ndcl_clid.nclid_idlen = clp->lc_idlen;
1014 NFSBCOPY(clp->lc_id, dumpp->ndcl_clid.nclid_id, clp->lc_idlen);
1015 af = clp->lc_req.nr_nam->sa_family;
1016 dumpp->ndcl_addrfam = af;
1017 switch (af) {
1018 #ifdef INET
1019 case AF_INET:
1020 rin = (struct sockaddr_in *)clp->lc_req.nr_nam;
1021 dumpp->ndcl_cbaddr.sin_addr = rin->sin_addr;
1022 break;
1023 #endif
1024 #ifdef INET6
1025 case AF_INET6:
1026 rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam;
1027 dumpp->ndcl_cbaddr.sin6_addr = rin6->sin6_addr;
1028 break;
1029 #endif
1030 }
1031
1032 /*
1033 * Now, scan the state lists and total up the opens and locks.
1034 */
1035 LIST_FOREACH(stp, &clp->lc_open, ls_list) {
1036 dumpp->ndcl_nopenowners++;
1037 LIST_FOREACH(openstp, &stp->ls_open, ls_list) {
1038 dumpp->ndcl_nopens++;
1039 LIST_FOREACH(lckownstp, &openstp->ls_open, ls_list) {
1040 dumpp->ndcl_nlockowners++;
1041 LIST_FOREACH(lop, &lckownstp->ls_lock, lo_lckowner) {
1042 dumpp->ndcl_nlocks++;
1043 }
1044 }
1045 }
1046 }
1047
1048 /*
1049 * and the delegation lists.
1050 */
1051 LIST_FOREACH(stp, &clp->lc_deleg, ls_list) {
1052 dumpp->ndcl_ndelegs++;
1053 }
1054 LIST_FOREACH(stp, &clp->lc_olddeleg, ls_list) {
1055 dumpp->ndcl_nolddelegs++;
1056 }
1057 }
1058
1059 /*
1060 * Dump out lock stats for a file.
1061 */
1062 void
1063 nfsrv_dumplocks(vnode_t vp, struct nfsd_dumplocks *ldumpp, int maxcnt,
1064 NFSPROC_T *p)
1065 {
1066 struct nfsstate *stp;
1067 struct nfslock *lop;
1068 int cnt = 0;
1069 struct nfslockfile *lfp;
1070 sa_family_t af;
1071 #ifdef INET
1072 struct sockaddr_in *rin;
1073 #endif
1074 #ifdef INET6
1075 struct sockaddr_in6 *rin6;
1076 #endif
1077 int ret;
1078 fhandle_t nfh;
1079
1080 ret = nfsrv_getlockfh(vp, 0, NULL, &nfh, p);
1081 /*
1082 * First, get a reference on the nfsv4rootfs_lock so that an
1083 * exclusive lock on it cannot be acquired while dumping the locks.
1084 */
1085 NFSLOCKV4ROOTMUTEX();
1086 nfsv4_getref(&nfsv4rootfs_lock, NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
1087 NFSUNLOCKV4ROOTMUTEX();
1088 NFSLOCKSTATE();
1089 if (!ret)
1090 ret = nfsrv_getlockfile(0, NULL, &lfp, &nfh, 0);
1091 if (ret) {
1092 ldumpp[0].ndlck_clid.nclid_idlen = 0;
1093 NFSUNLOCKSTATE();
1094 NFSLOCKV4ROOTMUTEX();
1095 nfsv4_relref(&nfsv4rootfs_lock);
1096 NFSUNLOCKV4ROOTMUTEX();
1097 return;
1098 }
1099
1100 /*
1101 * For each open share on file, dump it out.
1102 */
1103 stp = LIST_FIRST(&lfp->lf_open);
1104 while (stp != LIST_END(&lfp->lf_open) && cnt < maxcnt) {
1105 ldumpp[cnt].ndlck_flags = stp->ls_flags;
1106 ldumpp[cnt].ndlck_stateid.seqid = stp->ls_stateid.seqid;
1107 ldumpp[cnt].ndlck_stateid.other[0] = stp->ls_stateid.other[0];
1108 ldumpp[cnt].ndlck_stateid.other[1] = stp->ls_stateid.other[1];
1109 ldumpp[cnt].ndlck_stateid.other[2] = stp->ls_stateid.other[2];
1110 ldumpp[cnt].ndlck_owner.nclid_idlen =
1111 stp->ls_openowner->ls_ownerlen;
1112 NFSBCOPY(stp->ls_openowner->ls_owner,
1113 ldumpp[cnt].ndlck_owner.nclid_id,
1114 stp->ls_openowner->ls_ownerlen);
1115 ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen;
1116 NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id,
1117 stp->ls_clp->lc_idlen);
1118 af = stp->ls_clp->lc_req.nr_nam->sa_family;
1119 ldumpp[cnt].ndlck_addrfam = af;
1120 switch (af) {
1121 #ifdef INET
1122 case AF_INET:
1123 rin = (struct sockaddr_in *)stp->ls_clp->lc_req.nr_nam;
1124 ldumpp[cnt].ndlck_cbaddr.sin_addr = rin->sin_addr;
1125 break;
1126 #endif
1127 #ifdef INET6
1128 case AF_INET6:
1129 rin6 = (struct sockaddr_in6 *)
1130 stp->ls_clp->lc_req.nr_nam;
1131 ldumpp[cnt].ndlck_cbaddr.sin6_addr = rin6->sin6_addr;
1132 break;
1133 #endif
1134 }
1135 stp = LIST_NEXT(stp, ls_file);
1136 cnt++;
1137 }
1138
1139 /*
1140 * and all locks.
1141 */
1142 lop = LIST_FIRST(&lfp->lf_lock);
1143 while (lop != LIST_END(&lfp->lf_lock) && cnt < maxcnt) {
1144 stp = lop->lo_stp;
1145 ldumpp[cnt].ndlck_flags = lop->lo_flags;
1146 ldumpp[cnt].ndlck_first = lop->lo_first;
1147 ldumpp[cnt].ndlck_end = lop->lo_end;
1148 ldumpp[cnt].ndlck_stateid.seqid = stp->ls_stateid.seqid;
1149 ldumpp[cnt].ndlck_stateid.other[0] = stp->ls_stateid.other[0];
1150 ldumpp[cnt].ndlck_stateid.other[1] = stp->ls_stateid.other[1];
1151 ldumpp[cnt].ndlck_stateid.other[2] = stp->ls_stateid.other[2];
1152 ldumpp[cnt].ndlck_owner.nclid_idlen = stp->ls_ownerlen;
1153 NFSBCOPY(stp->ls_owner, ldumpp[cnt].ndlck_owner.nclid_id,
1154 stp->ls_ownerlen);
1155 ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen;
1156 NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id,
1157 stp->ls_clp->lc_idlen);
1158 af = stp->ls_clp->lc_req.nr_nam->sa_family;
1159 ldumpp[cnt].ndlck_addrfam = af;
1160 switch (af) {
1161 #ifdef INET
1162 case AF_INET:
1163 rin = (struct sockaddr_in *)stp->ls_clp->lc_req.nr_nam;
1164 ldumpp[cnt].ndlck_cbaddr.sin_addr = rin->sin_addr;
1165 break;
1166 #endif
1167 #ifdef INET6
1168 case AF_INET6:
1169 rin6 = (struct sockaddr_in6 *)
1170 stp->ls_clp->lc_req.nr_nam;
1171 ldumpp[cnt].ndlck_cbaddr.sin6_addr = rin6->sin6_addr;
1172 break;
1173 #endif
1174 }
1175 lop = LIST_NEXT(lop, lo_lckfile);
1176 cnt++;
1177 }
1178
1179 /*
1180 * and the delegations.
1181 */
1182 stp = LIST_FIRST(&lfp->lf_deleg);
1183 while (stp != LIST_END(&lfp->lf_deleg) && cnt < maxcnt) {
1184 ldumpp[cnt].ndlck_flags = stp->ls_flags;
1185 ldumpp[cnt].ndlck_stateid.seqid = stp->ls_stateid.seqid;
1186 ldumpp[cnt].ndlck_stateid.other[0] = stp->ls_stateid.other[0];
1187 ldumpp[cnt].ndlck_stateid.other[1] = stp->ls_stateid.other[1];
1188 ldumpp[cnt].ndlck_stateid.other[2] = stp->ls_stateid.other[2];
1189 ldumpp[cnt].ndlck_owner.nclid_idlen = 0;
1190 ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen;
1191 NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id,
1192 stp->ls_clp->lc_idlen);
1193 af = stp->ls_clp->lc_req.nr_nam->sa_family;
1194 ldumpp[cnt].ndlck_addrfam = af;
1195 switch (af) {
1196 #ifdef INET
1197 case AF_INET:
1198 rin = (struct sockaddr_in *)stp->ls_clp->lc_req.nr_nam;
1199 ldumpp[cnt].ndlck_cbaddr.sin_addr = rin->sin_addr;
1200 break;
1201 #endif
1202 #ifdef INET6
1203 case AF_INET6:
1204 rin6 = (struct sockaddr_in6 *)
1205 stp->ls_clp->lc_req.nr_nam;
1206 ldumpp[cnt].ndlck_cbaddr.sin6_addr = rin6->sin6_addr;
1207 break;
1208 #endif
1209 }
1210 stp = LIST_NEXT(stp, ls_file);
1211 cnt++;
1212 }
1213
1214 /*
1215 * If list isn't full, mark end of list by setting the client name
1216 * to zero length.
1217 */
1218 if (cnt < maxcnt)
1219 ldumpp[cnt].ndlck_clid.nclid_idlen = 0;
1220 NFSUNLOCKSTATE();
1221 NFSLOCKV4ROOTMUTEX();
1222 nfsv4_relref(&nfsv4rootfs_lock);
1223 NFSUNLOCKV4ROOTMUTEX();
1224 }
1225
1226 /*
1227 * Server timer routine. It can scan any linked list, so long
1228 * as it holds the spin/mutex lock and there is no exclusive lock on
1229 * nfsv4rootfs_lock.
1230 * (For OpenBSD, a kthread is ok. For FreeBSD, I think it is ok
1231 * to do this from a callout, since the spin locks work. For
1232 * Darwin, I'm not sure what will work correctly yet.)
1233 * Should be called once per second.
1234 */
1235 void
1236 nfsrv_servertimer(void)
1237 {
1238 struct nfsclient *clp, *nclp;
1239 struct nfsstate *stp, *nstp;
1240 int got_ref, i;
1241
1242 /*
1243 * Make sure nfsboottime is set. This is used by V3 as well
1244 * as V4. Note that nfsboottime is not nfsrvboottime, which is
1245 * only used by the V4 server for leases.
1246 */
1247 if (nfsboottime.tv_sec == 0)
1248 NFSSETBOOTTIME(nfsboottime);
1249
1250 /*
1251 * If server hasn't started yet, just return.
1252 */
1253 NFSLOCKSTATE();
1254 if (nfsrv_stablefirst.nsf_eograce == 0) {
1255 NFSUNLOCKSTATE();
1256 return;
1257 }
1258 if (!(nfsrv_stablefirst.nsf_flags & NFSNSF_UPDATEDONE)) {
1259 if (!(nfsrv_stablefirst.nsf_flags & NFSNSF_GRACEOVER) &&
1260 NFSD_MONOSEC > nfsrv_stablefirst.nsf_eograce)
1261 nfsrv_stablefirst.nsf_flags |=
1262 (NFSNSF_GRACEOVER | NFSNSF_NEEDLOCK);
1263 NFSUNLOCKSTATE();
1264 return;
1265 }
1266
1267 /*
1268 * Try and get a reference count on the nfsv4rootfs_lock so that
1269 * no nfsd thread can acquire an exclusive lock on it before this
1270 * call is done. If it is already exclusively locked, just return.
1271 */
1272 NFSLOCKV4ROOTMUTEX();
1273 got_ref = nfsv4_getref_nonblock(&nfsv4rootfs_lock);
1274 NFSUNLOCKV4ROOTMUTEX();
1275 if (got_ref == 0) {
1276 NFSUNLOCKSTATE();
1277 return;
1278 }
1279
1280 /*
1281 * For each client...
1282 */
1283 for (i = 0; i < nfsrv_clienthashsize; i++) {
1284 clp = LIST_FIRST(&nfsclienthash[i]);
1285 while (clp != LIST_END(&nfsclienthash[i])) {
1286 nclp = LIST_NEXT(clp, lc_hash);
1287 if (!(clp->lc_flags & LCL_EXPIREIT)) {
1288 if (((clp->lc_expiry + NFSRV_STALELEASE) < NFSD_MONOSEC
1289 && ((LIST_EMPTY(&clp->lc_deleg)
1290 && LIST_EMPTY(&clp->lc_open)) ||
1291 nfsrv_clients > nfsrv_clienthighwater)) ||
1292 (clp->lc_expiry + NFSRV_MOULDYLEASE) < NFSD_MONOSEC ||
1293 (clp->lc_expiry < NFSD_MONOSEC &&
1294 (nfsrv_openpluslock * 10 / 9) > nfsrv_v4statelimit)) {
1295 /*
1296 * Lease has expired several nfsrv_lease times ago:
1297 * PLUS
1298 * - no state is associated with it
1299 * OR
1300 * - above high water mark for number of clients
1301 * (nfsrv_clienthighwater should be large enough
1302 * that this only occurs when clients fail to
1303 * use the same nfs_client_id4.id. Maybe somewhat
1304 * higher that the maximum number of clients that
1305 * will mount this server?)
1306 * OR
1307 * Lease has expired a very long time ago
1308 * OR
1309 * Lease has expired PLUS the number of opens + locks
1310 * has exceeded 90% of capacity
1311 *
1312 * --> Mark for expiry. The actual expiry will be done
1313 * by an nfsd sometime soon.
1314 */
1315 clp->lc_flags |= LCL_EXPIREIT;
1316 nfsrv_stablefirst.nsf_flags |=
1317 (NFSNSF_NEEDLOCK | NFSNSF_EXPIREDCLIENT);
1318 } else {
1319 /*
1320 * If there are no opens, increment no open tick cnt
1321 * If time exceeds NFSNOOPEN, mark it to be thrown away
1322 * otherwise, if there is an open, reset no open time
1323 * Hopefully, this will avoid excessive re-creation
1324 * of open owners and subsequent open confirms.
1325 */
1326 stp = LIST_FIRST(&clp->lc_open);
1327 while (stp != LIST_END(&clp->lc_open)) {
1328 nstp = LIST_NEXT(stp, ls_list);
1329 if (LIST_EMPTY(&stp->ls_open)) {
1330 stp->ls_noopens++;
1331 if (stp->ls_noopens > NFSNOOPEN ||
1332 (nfsrv_openpluslock * 2) >
1333 nfsrv_v4statelimit)
1334 nfsrv_stablefirst.nsf_flags |=
1335 NFSNSF_NOOPENS;
1336 } else {
1337 stp->ls_noopens = 0;
1338 }
1339 stp = nstp;
1340 }
1341 }
1342 }
1343 clp = nclp;
1344 }
1345 }
1346 NFSUNLOCKSTATE();
1347 NFSLOCKV4ROOTMUTEX();
1348 nfsv4_relref(&nfsv4rootfs_lock);
1349 NFSUNLOCKV4ROOTMUTEX();
1350 }
1351
1352 /*
1353 * The following set of functions free up the various data structures.
1354 */
1355 /*
1356 * Clear out all open/lock state related to this nfsclient.
1357 * Caller must hold an exclusive lock on nfsv4rootfs_lock, so that
1358 * there are no other active nfsd threads.
1359 */
1360 void
1361 nfsrv_cleanclient(struct nfsclient *clp, NFSPROC_T *p)
1362 {
1363 struct nfsstate *stp, *nstp;
1364 struct nfsdsession *sep, *nsep;
1365
1366 LIST_FOREACH_SAFE(stp, &clp->lc_open, ls_list, nstp)
1367 nfsrv_freeopenowner(stp, 1, p);
1368 if ((clp->lc_flags & LCL_ADMINREVOKED) == 0)
1369 LIST_FOREACH_SAFE(sep, &clp->lc_session, sess_list, nsep)
1370 (void)nfsrv_freesession(sep, NULL);
1371 }
1372
1373 /*
1374 * Free a client that has been cleaned. It should also already have been
1375 * removed from the lists.
1376 * (Just to be safe w.r.t. newnfs_disconnect(), call this function when
1377 * softclock interrupts are enabled.)
1378 */
1379 void
1380 nfsrv_zapclient(struct nfsclient *clp, NFSPROC_T *p)
1381 {
1382
1383 #ifdef notyet
1384 if ((clp->lc_flags & (LCL_GSS | LCL_CALLBACKSON)) ==
1385 (LCL_GSS | LCL_CALLBACKSON) &&
1386 (clp->lc_hand.nfsh_flag & NFSG_COMPLETE) &&
1387 clp->lc_handlelen > 0) {
1388 clp->lc_hand.nfsh_flag &= ~NFSG_COMPLETE;
1389 clp->lc_hand.nfsh_flag |= NFSG_DESTROYED;
1390 (void) nfsrv_docallback(clp, NFSV4PROC_CBNULL,
1391 NULL, 0, NULL, NULL, NULL, 0, p);
1392 }
1393 #endif
1394 newnfs_disconnect(NULL, &clp->lc_req);
1395 free(clp->lc_req.nr_nam, M_SONAME);
1396 NFSFREEMUTEX(&clp->lc_req.nr_mtx);
1397 free(clp->lc_stateid, M_NFSDCLIENT);
1398 free(clp, M_NFSDCLIENT);
1399 NFSLOCKSTATE();
1400 nfsstatsv1.srvclients--;
1401 nfsrv_openpluslock--;
1402 nfsrv_clients--;
1403 NFSUNLOCKSTATE();
1404 }
1405
1406 /*
1407 * Free a list of delegation state structures.
1408 * (This function will also free all nfslockfile structures that no
1409 * longer have associated state.)
1410 */
1411 void
1412 nfsrv_freedeleglist(struct nfsstatehead *sthp)
1413 {
1414 struct nfsstate *stp, *nstp;
1415
1416 LIST_FOREACH_SAFE(stp, sthp, ls_list, nstp) {
1417 nfsrv_freedeleg(stp);
1418 }
1419 LIST_INIT(sthp);
1420 }
1421
1422 /*
1423 * Free up a delegation.
1424 */
1425 static void
1426 nfsrv_freedeleg(struct nfsstate *stp)
1427 {
1428 struct nfslockfile *lfp;
1429
1430 LIST_REMOVE(stp, ls_hash);
1431 LIST_REMOVE(stp, ls_list);
1432 LIST_REMOVE(stp, ls_file);
1433 if ((stp->ls_flags & NFSLCK_DELEGWRITE) != 0)
1434 nfsrv_writedelegcnt--;
1435 lfp = stp->ls_lfp;
1436 if (LIST_EMPTY(&lfp->lf_open) &&
1437 LIST_EMPTY(&lfp->lf_lock) && LIST_EMPTY(&lfp->lf_deleg) &&
1438 LIST_EMPTY(&lfp->lf_locallock) && LIST_EMPTY(&lfp->lf_rollback) &&
1439 lfp->lf_usecount == 0 &&
1440 nfsv4_testlock(&lfp->lf_locallock_lck) == 0)
1441 nfsrv_freenfslockfile(lfp);
1442 free(stp, M_NFSDSTATE);
1443 nfsstatsv1.srvdelegates--;
1444 nfsrv_openpluslock--;
1445 nfsrv_delegatecnt--;
1446 }
1447
1448 /*
1449 * This function frees an open owner and all associated opens.
1450 */
1451 static void
1452 nfsrv_freeopenowner(struct nfsstate *stp, int cansleep, NFSPROC_T *p)
1453 {
1454 struct nfsstate *nstp, *tstp;
1455
1456 LIST_REMOVE(stp, ls_list);
1457 /*
1458 * Now, free all associated opens.
1459 */
1460 nstp = LIST_FIRST(&stp->ls_open);
1461 while (nstp != LIST_END(&stp->ls_open)) {
1462 tstp = nstp;
1463 nstp = LIST_NEXT(nstp, ls_list);
1464 (void) nfsrv_freeopen(tstp, NULL, cansleep, p);
1465 }
1466 if (stp->ls_op)
1467 nfsrvd_derefcache(stp->ls_op);
1468 free(stp, M_NFSDSTATE);
1469 nfsstatsv1.srvopenowners--;
1470 nfsrv_openpluslock--;
1471 }
1472
1473 /*
1474 * This function frees an open (nfsstate open structure) with all associated
1475 * lock_owners and locks. It also frees the nfslockfile structure iff there
1476 * are no other opens on the file.
1477 * Returns 1 if it free'd the nfslockfile, 0 otherwise.
1478 */
1479 static int
1480 nfsrv_freeopen(struct nfsstate *stp, vnode_t vp, int cansleep, NFSPROC_T *p)
1481 {
1482 struct nfsstate *nstp, *tstp;
1483 struct nfslockfile *lfp;
1484 int ret;
1485
1486 LIST_REMOVE(stp, ls_hash);
1487 LIST_REMOVE(stp, ls_list);
1488 LIST_REMOVE(stp, ls_file);
1489
1490 lfp = stp->ls_lfp;
1491 /*
1492 * Now, free all lockowners associated with this open.
1493 */
1494 LIST_FOREACH_SAFE(tstp, &stp->ls_open, ls_list, nstp)
1495 nfsrv_freelockowner(tstp, vp, cansleep, p);
1496
1497 /*
1498 * The nfslockfile is freed here if there are no locks
1499 * associated with the open.
1500 * If there are locks associated with the open, the
1501 * nfslockfile structure can be freed via nfsrv_freelockowner().
1502 * Acquire the state mutex to avoid races with calls to
1503 * nfsrv_getlockfile().
1504 */
1505 if (cansleep != 0)
1506 NFSLOCKSTATE();
1507 if (lfp != NULL && LIST_EMPTY(&lfp->lf_open) &&
1508 LIST_EMPTY(&lfp->lf_deleg) && LIST_EMPTY(&lfp->lf_lock) &&
1509 LIST_EMPTY(&lfp->lf_locallock) && LIST_EMPTY(&lfp->lf_rollback) &&
1510 lfp->lf_usecount == 0 &&
1511 (cansleep != 0 || nfsv4_testlock(&lfp->lf_locallock_lck) == 0)) {
1512 nfsrv_freenfslockfile(lfp);
1513 ret = 1;
1514 } else
1515 ret = 0;
1516 if (cansleep != 0)
1517 NFSUNLOCKSTATE();
1518 free(stp, M_NFSDSTATE);
1519 nfsstatsv1.srvopens--;
1520 nfsrv_openpluslock--;
1521 return (ret);
1522 }
1523
1524 /*
1525 * Frees a lockowner and all associated locks.
1526 */
1527 static void
1528 nfsrv_freelockowner(struct nfsstate *stp, vnode_t vp, int cansleep,
1529 NFSPROC_T *p)
1530 {
1531
1532 LIST_REMOVE(stp, ls_hash);
1533 LIST_REMOVE(stp, ls_list);
1534 nfsrv_freeallnfslocks(stp, vp, cansleep, p);
1535 if (stp->ls_op)
1536 nfsrvd_derefcache(stp->ls_op);
1537 free(stp, M_NFSDSTATE);
1538 nfsstatsv1.srvlockowners--;
1539 nfsrv_openpluslock--;
1540 }
1541
1542 /*
1543 * Free all the nfs locks on a lockowner.
1544 */
1545 static void
1546 nfsrv_freeallnfslocks(struct nfsstate *stp, vnode_t vp, int cansleep,
1547 NFSPROC_T *p)
1548 {
1549 struct nfslock *lop, *nlop;
1550 struct nfsrollback *rlp, *nrlp;
1551 struct nfslockfile *lfp = NULL;
1552 int gottvp = 0;
1553 vnode_t tvp = NULL;
1554 uint64_t first, end;
1555
1556 if (vp != NULL)
1557 ASSERT_VOP_UNLOCKED(vp, "nfsrv_freeallnfslocks: vnode locked");
1558 lop = LIST_FIRST(&stp->ls_lock);
1559 while (lop != LIST_END(&stp->ls_lock)) {
1560 nlop = LIST_NEXT(lop, lo_lckowner);
1561 /*
1562 * Since all locks should be for the same file, lfp should
1563 * not change.
1564 */
1565 if (lfp == NULL)
1566 lfp = lop->lo_lfp;
1567 else if (lfp != lop->lo_lfp)
1568 panic("allnfslocks");
1569 /*
1570 * If vp is NULL and cansleep != 0, a vnode must be acquired
1571 * from the file handle. This only occurs when called from
1572 * nfsrv_cleanclient().
1573 */
1574 if (gottvp == 0) {
1575 if (nfsrv_dolocallocks == 0)
1576 tvp = NULL;
1577 else if (vp == NULL && cansleep != 0) {
1578 tvp = nfsvno_getvp(&lfp->lf_fh);
1579 if (tvp != NULL)
1580 NFSVOPUNLOCK(tvp);
1581 } else
1582 tvp = vp;
1583 gottvp = 1;
1584 }
1585
1586 if (tvp != NULL) {
1587 if (cansleep == 0)
1588 panic("allnfs2");
1589 first = lop->lo_first;
1590 end = lop->lo_end;
1591 nfsrv_freenfslock(lop);
1592 nfsrv_localunlock(tvp, lfp, first, end, p);
1593 LIST_FOREACH_SAFE(rlp, &lfp->lf_rollback, rlck_list,
1594 nrlp)
1595 free(rlp, M_NFSDROLLBACK);
1596 LIST_INIT(&lfp->lf_rollback);
1597 } else
1598 nfsrv_freenfslock(lop);
1599 lop = nlop;
1600 }
1601 if (vp == NULL && tvp != NULL)
1602 vrele(tvp);
1603 }
1604
1605 /*
1606 * Free an nfslock structure.
1607 */
1608 static void
1609 nfsrv_freenfslock(struct nfslock *lop)
1610 {
1611
1612 if (lop->lo_lckfile.le_prev != NULL) {
1613 LIST_REMOVE(lop, lo_lckfile);
1614 nfsstatsv1.srvlocks--;
1615 nfsrv_openpluslock--;
1616 }
1617 LIST_REMOVE(lop, lo_lckowner);
1618 free(lop, M_NFSDLOCK);
1619 }
1620
1621 /*
1622 * This function frees an nfslockfile structure.
1623 */
1624 static void
1625 nfsrv_freenfslockfile(struct nfslockfile *lfp)
1626 {
1627
1628 LIST_REMOVE(lfp, lf_hash);
1629 free(lfp, M_NFSDLOCKFILE);
1630 }
1631
1632 /*
1633 * This function looks up an nfsstate structure via stateid.
1634 */
1635 static int
1636 nfsrv_getstate(struct nfsclient *clp, nfsv4stateid_t *stateidp, __unused u_int32_t flags,
1637 struct nfsstate **stpp)
1638 {
1639 struct nfsstate *stp;
1640 struct nfsstatehead *hp;
1641 int error = 0;
1642
1643 *stpp = NULL;
1644 hp = NFSSTATEHASH(clp, *stateidp);
1645 LIST_FOREACH(stp, hp, ls_hash) {
1646 if (!NFSBCMP(stp->ls_stateid.other, stateidp->other,
1647 NFSX_STATEIDOTHER))
1648 break;
1649 }
1650
1651 /*
1652 * If no state id in list, return NFSERR_BADSTATEID.
1653 */
1654 if (stp == LIST_END(hp)) {
1655 error = NFSERR_BADSTATEID;
1656 goto out;
1657 }
1658 *stpp = stp;
1659
1660 out:
1661 NFSEXITCODE(error);
1662 return (error);
1663 }
1664
1665 /*
1666 * This function gets an nfsstate structure via owner string.
1667 */
1668 static void
1669 nfsrv_getowner(struct nfsstatehead *hp, struct nfsstate *new_stp,
1670 struct nfsstate **stpp)
1671 {
1672 struct nfsstate *stp;
1673
1674 *stpp = NULL;
1675 LIST_FOREACH(stp, hp, ls_list) {
1676 if (new_stp->ls_ownerlen == stp->ls_ownerlen &&
1677 !NFSBCMP(new_stp->ls_owner,stp->ls_owner,stp->ls_ownerlen)) {
1678 *stpp = stp;
1679 return;
1680 }
1681 }
1682 }
1683
1684 /*
1685 * Lock control function called to update lock status.
1686 * Returns 0 upon success, -1 if there is no lock and the flags indicate
1687 * that one isn't to be created and an NFSERR_xxx for other errors.
1688 * The structures new_stp and new_lop are passed in as pointers that should
1689 * be set to NULL if the structure is used and shouldn't be free'd.
1690 * For the NFSLCK_TEST and NFSLCK_CHECK cases, the structures are
1691 * never used and can safely be allocated on the stack. For all other
1692 * cases, *new_stpp and *new_lopp should be malloc'd before the call,
1693 * in case they are used.
1694 */
1695 int
1696 nfsrv_lockctrl(vnode_t vp, struct nfsstate **new_stpp,
1697 struct nfslock **new_lopp, struct nfslockconflict *cfp,
1698 nfsquad_t clientid, nfsv4stateid_t *stateidp,
1699 __unused struct nfsexstuff *exp,
1700 struct nfsrv_descript *nd, NFSPROC_T *p)
1701 {
1702 struct nfslock *lop;
1703 struct nfsstate *new_stp = *new_stpp;
1704 struct nfslock *new_lop = *new_lopp;
1705 struct nfsstate *tstp, *mystp, *nstp;
1706 int specialid = 0;
1707 struct nfslockfile *lfp;
1708 struct nfslock *other_lop = NULL;
1709 struct nfsstate *stp, *lckstp = NULL;
1710 struct nfsclient *clp = NULL;
1711 u_int32_t bits;
1712 int error = 0, haslock = 0, ret, reterr;
1713 int getlckret, delegation = 0, filestruct_locked, vnode_unlocked = 0;
1714 fhandle_t nfh;
1715 uint64_t first, end;
1716 uint32_t lock_flags;
1717
1718 if (new_stp->ls_flags & (NFSLCK_CHECK | NFSLCK_SETATTR)) {
1719 /*
1720 * Note the special cases of "all 1s" or "all 0s" stateids and
1721 * let reads with all 1s go ahead.
1722 */
1723 if (new_stp->ls_stateid.seqid == 0x0 &&
1724 new_stp->ls_stateid.other[0] == 0x0 &&
1725 new_stp->ls_stateid.other[1] == 0x0 &&
1726 new_stp->ls_stateid.other[2] == 0x0)
1727 specialid = 1;
1728 else if (new_stp->ls_stateid.seqid == 0xffffffff &&
1729 new_stp->ls_stateid.other[0] == 0xffffffff &&
1730 new_stp->ls_stateid.other[1] == 0xffffffff &&
1731 new_stp->ls_stateid.other[2] == 0xffffffff)
1732 specialid = 2;
1733 }
1734
1735 /*
1736 * Check for restart conditions (client and server).
1737 */
1738 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
1739 &new_stp->ls_stateid, specialid);
1740 if (error)
1741 goto out;
1742
1743 /*
1744 * Check for state resource limit exceeded.
1745 */
1746 if ((new_stp->ls_flags & NFSLCK_LOCK) &&
1747 nfsrv_openpluslock > nfsrv_v4statelimit) {
1748 error = NFSERR_RESOURCE;
1749 goto out;
1750 }
1751
1752 /*
1753 * For the lock case, get another nfslock structure,
1754 * just in case we need it.
1755 * Malloc now, before we start sifting through the linked lists,
1756 * in case we have to wait for memory.
1757 */
1758 tryagain:
1759 if (new_stp->ls_flags & NFSLCK_LOCK)
1760 other_lop = malloc(sizeof (struct nfslock),
1761 M_NFSDLOCK, M_WAITOK);
1762 filestruct_locked = 0;
1763 reterr = 0;
1764 lfp = NULL;
1765
1766 /*
1767 * Get the lockfile structure for CFH now, so we can do a sanity
1768 * check against the stateid, before incrementing the seqid#, since
1769 * we want to return NFSERR_BADSTATEID on failure and the seqid#
1770 * shouldn't be incremented for this case.
1771 * If nfsrv_getlockfile() returns -1, it means "not found", which
1772 * will be handled later.
1773 * If we are doing Lock/LockU and local locking is enabled, sleep
1774 * lock the nfslockfile structure.
1775 */
1776 getlckret = nfsrv_getlockfh(vp, new_stp->ls_flags, NULL, &nfh, p);
1777 NFSLOCKSTATE();
1778 if (getlckret == 0) {
1779 if ((new_stp->ls_flags & (NFSLCK_LOCK | NFSLCK_UNLOCK)) != 0 &&
1780 nfsrv_dolocallocks != 0 && nd->nd_repstat == 0) {
1781 getlckret = nfsrv_getlockfile(new_stp->ls_flags, NULL,
1782 &lfp, &nfh, 1);
1783 if (getlckret == 0)
1784 filestruct_locked = 1;
1785 } else
1786 getlckret = nfsrv_getlockfile(new_stp->ls_flags, NULL,
1787 &lfp, &nfh, 0);
1788 }
1789 if (getlckret != 0 && getlckret != -1)
1790 reterr = getlckret;
1791
1792 if (filestruct_locked != 0) {
1793 LIST_INIT(&lfp->lf_rollback);
1794 if ((new_stp->ls_flags & NFSLCK_LOCK)) {
1795 /*
1796 * For local locking, do the advisory locking now, so
1797 * that any conflict can be detected. A failure later
1798 * can be rolled back locally. If an error is returned,
1799 * struct nfslockfile has been unlocked and any local
1800 * locking rolled back.
1801 */
1802 NFSUNLOCKSTATE();
1803 if (vnode_unlocked == 0) {
1804 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl1");
1805 vnode_unlocked = 1;
1806 NFSVOPUNLOCK(vp);
1807 }
1808 reterr = nfsrv_locallock(vp, lfp,
1809 (new_lop->lo_flags & (NFSLCK_READ | NFSLCK_WRITE)),
1810 new_lop->lo_first, new_lop->lo_end, cfp, p);
1811 NFSLOCKSTATE();
1812 }
1813 }
1814
1815 if (specialid == 0) {
1816 if (new_stp->ls_flags & NFSLCK_TEST) {
1817 /*
1818 * RFC 3530 does not list LockT as an op that renews a
1819 * lease, but the consensus seems to be that it is ok
1820 * for a server to do so.
1821 */
1822 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
1823 (nfsquad_t)((u_quad_t)0), 0, nd, p);
1824
1825 /*
1826 * Since NFSERR_EXPIRED, NFSERR_ADMINREVOKED are not valid
1827 * error returns for LockT, just go ahead and test for a lock,
1828 * since there are no locks for this client, but other locks
1829 * can conflict. (ie. same client will always be false)
1830 */
1831 if (error == NFSERR_EXPIRED || error == NFSERR_ADMINREVOKED)
1832 error = 0;
1833 lckstp = new_stp;
1834 } else {
1835 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
1836 (nfsquad_t)((u_quad_t)0), 0, nd, p);
1837 if (error == 0)
1838 /*
1839 * Look up the stateid
1840 */
1841 error = nfsrv_getstate(clp, &new_stp->ls_stateid,
1842 new_stp->ls_flags, &stp);
1843 /*
1844 * do some sanity checks for an unconfirmed open or a
1845 * stateid that refers to the wrong file, for an open stateid
1846 */
1847 if (error == 0 && (stp->ls_flags & NFSLCK_OPEN) &&
1848 ((stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM) ||
1849 (getlckret == 0 && stp->ls_lfp != lfp))){
1850 /*
1851 * NFSLCK_SETATTR should return OK rather than NFSERR_BADSTATEID
1852 * The only exception is using SETATTR with SIZE.
1853 * */
1854 if ((new_stp->ls_flags &
1855 (NFSLCK_SETATTR | NFSLCK_CHECK)) != NFSLCK_SETATTR)
1856 error = NFSERR_BADSTATEID;
1857 }
1858
1859 if (error == 0 &&
1860 (stp->ls_flags & (NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) &&
1861 getlckret == 0 && stp->ls_lfp != lfp)
1862 error = NFSERR_BADSTATEID;
1863
1864 /*
1865 * If the lockowner stateid doesn't refer to the same file,
1866 * I believe that is considered ok, since some clients will
1867 * only create a single lockowner and use that for all locks
1868 * on all files.
1869 * For now, log it as a diagnostic, instead of considering it
1870 * a BadStateid.
1871 */
1872 if (error == 0 && (stp->ls_flags &
1873 (NFSLCK_OPEN | NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) == 0 &&
1874 getlckret == 0 && stp->ls_lfp != lfp) {
1875 #ifdef DIAGNOSTIC
1876 printf("Got a lock statid for different file open\n");
1877 #endif
1878 /*
1879 error = NFSERR_BADSTATEID;
1880 */
1881 }
1882
1883 if (error == 0) {
1884 if (new_stp->ls_flags & NFSLCK_OPENTOLOCK) {
1885 /*
1886 * If haslock set, we've already checked the seqid.
1887 */
1888 if (!haslock) {
1889 if (stp->ls_flags & NFSLCK_OPEN)
1890 error = nfsrv_checkseqid(nd, new_stp->ls_seq,
1891 stp->ls_openowner, new_stp->ls_op);
1892 else
1893 error = NFSERR_BADSTATEID;
1894 }
1895 if (!error)
1896 nfsrv_getowner(&stp->ls_open, new_stp, &lckstp);
1897 if (lckstp) {
1898 /*
1899 * For NFSv4.1 and NFSv4.2 allow an
1900 * open_to_lock_owner when the lock_owner already
1901 * exists. Just clear NFSLCK_OPENTOLOCK so that
1902 * a new lock_owner will not be created.
1903 * RFC7530 states that the error for NFSv4.0
1904 * is NFS4ERR_BAD_SEQID.
1905 */
1906 if ((nd->nd_flag & ND_NFSV41) != 0)
1907 new_stp->ls_flags &= ~NFSLCK_OPENTOLOCK;
1908 else
1909 error = NFSERR_BADSEQID;
1910 } else
1911 lckstp = new_stp;
1912 } else if (new_stp->ls_flags&(NFSLCK_LOCK|NFSLCK_UNLOCK)) {
1913 /*
1914 * If haslock set, ditto above.
1915 */
1916 if (!haslock) {
1917 if (stp->ls_flags & NFSLCK_OPEN)
1918 error = NFSERR_BADSTATEID;
1919 else
1920 error = nfsrv_checkseqid(nd, new_stp->ls_seq,
1921 stp, new_stp->ls_op);
1922 }
1923 lckstp = stp;
1924 } else {
1925 lckstp = stp;
1926 }
1927 }
1928 /*
1929 * If the seqid part of the stateid isn't the same, return
1930 * NFSERR_OLDSTATEID for cases other than I/O Ops.
1931 * For I/O Ops, only return NFSERR_OLDSTATEID if
1932 * nfsrv_returnoldstateid is set. (The consensus on the email
1933 * list was that most clients would prefer to not receive
1934 * NFSERR_OLDSTATEID for I/O Ops, but the RFC suggests that that
1935 * is what will happen, so I use the nfsrv_returnoldstateid to
1936 * allow for either server configuration.)
1937 */
1938 if (!error && stp->ls_stateid.seqid!=new_stp->ls_stateid.seqid &&
1939 (((nd->nd_flag & ND_NFSV41) == 0 &&
1940 (!(new_stp->ls_flags & NFSLCK_CHECK) ||
1941 nfsrv_returnoldstateid)) ||
1942 ((nd->nd_flag & ND_NFSV41) != 0 &&
1943 new_stp->ls_stateid.seqid != 0)))
1944 error = NFSERR_OLDSTATEID;
1945 }
1946 }
1947
1948 /*
1949 * Now we can check for grace.
1950 */
1951 if (!error)
1952 error = nfsrv_checkgrace(nd, clp, new_stp->ls_flags);
1953 if ((new_stp->ls_flags & NFSLCK_RECLAIM) && !error &&
1954 nfsrv_checkstable(clp))
1955 error = NFSERR_NOGRACE;
1956 /*
1957 * If we successfully Reclaimed state, note that.
1958 */
1959 if ((new_stp->ls_flags & NFSLCK_RECLAIM) && !error)
1960 nfsrv_markstable(clp);
1961
1962 /*
1963 * At this point, either error == NFSERR_BADSTATEID or the
1964 * seqid# has been updated, so we can return any error.
1965 * If error == 0, there may be an error in:
1966 * nd_repstat - Set by the calling function.
1967 * reterr - Set above, if getting the nfslockfile structure
1968 * or acquiring the local lock failed.
1969 * (If both of these are set, nd_repstat should probably be
1970 * returned, since that error was detected before this
1971 * function call.)
1972 */
1973 if (error != 0 || nd->nd_repstat != 0 || reterr != 0) {
1974 if (error == 0) {
1975 if (nd->nd_repstat != 0)
1976 error = nd->nd_repstat;
1977 else
1978 error = reterr;
1979 }
1980 if (filestruct_locked != 0) {
1981 /* Roll back local locks. */
1982 NFSUNLOCKSTATE();
1983 if (vnode_unlocked == 0) {
1984 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl2");
1985 vnode_unlocked = 1;
1986 NFSVOPUNLOCK(vp);
1987 }
1988 nfsrv_locallock_rollback(vp, lfp, p);
1989 NFSLOCKSTATE();
1990 nfsrv_unlocklf(lfp);
1991 }
1992 NFSUNLOCKSTATE();
1993 goto out;
1994 }
1995
1996 /*
1997 * Check the nfsrv_getlockfile return.
1998 * Returned -1 if no structure found.
1999 */
2000 if (getlckret == -1) {
2001 error = NFSERR_EXPIRED;
2002 /*
2003 * Called from lockt, so no lock is OK.
2004 */
2005 if (new_stp->ls_flags & NFSLCK_TEST) {
2006 error = 0;
2007 } else if (new_stp->ls_flags &
2008 (NFSLCK_CHECK | NFSLCK_SETATTR)) {
2009 /*
2010 * Called to check for a lock, OK if the stateid is all
2011 * 1s or all 0s, but there should be an nfsstate
2012 * otherwise.
2013 * (ie. If there is no open, I'll assume no share
2014 * deny bits.)
2015 */
2016 if (specialid)
2017 error = 0;
2018 else
2019 error = NFSERR_BADSTATEID;
2020 }
2021 NFSUNLOCKSTATE();
2022 goto out;
2023 }
2024
2025 /*
2026 * For NFSLCK_CHECK and NFSLCK_LOCK, test for a share conflict.
2027 * For NFSLCK_CHECK, allow a read if write access is granted,
2028 * but check for a deny. For NFSLCK_LOCK, require correct access,
2029 * which implies a conflicting deny can't exist.
2030 */
2031 if (new_stp->ls_flags & (NFSLCK_CHECK | NFSLCK_LOCK)) {
2032 /*
2033 * Four kinds of state id:
2034 * - specialid (all 0s or all 1s), only for NFSLCK_CHECK
2035 * - stateid for an open
2036 * - stateid for a delegation
2037 * - stateid for a lock owner
2038 */
2039 if (!specialid) {
2040 if (stp->ls_flags & (NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) {
2041 delegation = 1;
2042 mystp = stp;
2043 nfsrv_delaydelegtimeout(stp);
2044 } else if (stp->ls_flags & NFSLCK_OPEN) {
2045 mystp = stp;
2046 } else {
2047 mystp = stp->ls_openstp;
2048 }
2049 /*
2050 * If locking or checking, require correct access
2051 * bit set.
2052 */
2053 if (((new_stp->ls_flags & NFSLCK_LOCK) &&
2054 !((new_lop->lo_flags >> NFSLCK_LOCKSHIFT) &
2055 mystp->ls_flags & NFSLCK_ACCESSBITS)) ||
2056 ((new_stp->ls_flags & (NFSLCK_CHECK|NFSLCK_READACCESS)) ==
2057 (NFSLCK_CHECK | NFSLCK_READACCESS) &&
2058 !(mystp->ls_flags & NFSLCK_READACCESS) &&
2059 nfsrv_allowreadforwriteopen == 0) ||
2060 ((new_stp->ls_flags & (NFSLCK_CHECK|NFSLCK_WRITEACCESS)) ==
2061 (NFSLCK_CHECK | NFSLCK_WRITEACCESS) &&
2062 !(mystp->ls_flags & NFSLCK_WRITEACCESS))) {
2063 if (filestruct_locked != 0) {
2064 /* Roll back local locks. */
2065 NFSUNLOCKSTATE();
2066 if (vnode_unlocked == 0) {
2067 ASSERT_VOP_ELOCKED(vp,
2068 "nfsrv_lockctrl3");
2069 vnode_unlocked = 1;
2070 NFSVOPUNLOCK(vp);
2071 }
2072 nfsrv_locallock_rollback(vp, lfp, p);
2073 NFSLOCKSTATE();
2074 nfsrv_unlocklf(lfp);
2075 }
2076 NFSUNLOCKSTATE();
2077 error = NFSERR_OPENMODE;
2078 goto out;
2079 }
2080 } else
2081 mystp = NULL;
2082 if ((new_stp->ls_flags & NFSLCK_CHECK) && !delegation) {
2083 /*
2084 * Check for a conflicting deny bit.
2085 */
2086 LIST_FOREACH(tstp, &lfp->lf_open, ls_file) {
2087 if (tstp != mystp) {
2088 bits = tstp->ls_flags;
2089 bits >>= NFSLCK_SHIFT;
2090 if (new_stp->ls_flags & bits & NFSLCK_ACCESSBITS) {
2091 KASSERT(vnode_unlocked == 0,
2092 ("nfsrv_lockctrl: vnode unlocked1"));
2093 ret = nfsrv_clientconflict(tstp->ls_clp, &haslock,
2094 vp, p);
2095 if (ret == 1) {
2096 /*
2097 * nfsrv_clientconflict unlocks state
2098 * when it returns non-zero.
2099 */
2100 lckstp = NULL;
2101 goto tryagain;
2102 }
2103 if (ret == 0)
2104 NFSUNLOCKSTATE();
2105 if (ret == 2)
2106 error = NFSERR_PERM;
2107 else
2108 error = NFSERR_OPENMODE;
2109 goto out;
2110 }
2111 }
2112 }
2113
2114 /* We're outta here */
2115 NFSUNLOCKSTATE();
2116 goto out;
2117 }
2118 }
2119
2120 /*
2121 * For setattr, just get rid of all the Delegations for other clients.
2122 */
2123 if (new_stp->ls_flags & NFSLCK_SETATTR) {
2124 KASSERT(vnode_unlocked == 0,
2125 ("nfsrv_lockctrl: vnode unlocked2"));
2126 ret = nfsrv_cleandeleg(vp, lfp, clp, &haslock, p);
2127 if (ret) {
2128 /*
2129 * nfsrv_cleandeleg() unlocks state when it
2130 * returns non-zero.
2131 */
2132 if (ret == -1) {
2133 lckstp = NULL;
2134 goto tryagain;
2135 }
2136 error = ret;
2137 goto out;
2138 }
2139 if (!(new_stp->ls_flags & NFSLCK_CHECK) ||
2140 (LIST_EMPTY(&lfp->lf_open) && LIST_EMPTY(&lfp->lf_lock) &&
2141 LIST_EMPTY(&lfp->lf_deleg))) {
2142 NFSUNLOCKSTATE();
2143 goto out;
2144 }
2145 }
2146
2147 /*
2148 * Check for a conflicting delegation. If one is found, call
2149 * nfsrv_delegconflict() to handle it. If the v4root lock hasn't
2150 * been set yet, it will get the lock. Otherwise, it will recall
2151 * the delegation. Then, we try try again...
2152 * I currently believe the conflict algorithm to be:
2153 * For Lock Ops (Lock/LockT/LockU)
2154 * - there is a conflict iff a different client has a write delegation
2155 * For Reading (Read Op)
2156 * - there is a conflict iff a different client has a write delegation
2157 * (the specialids are always a different client)
2158 * For Writing (Write/Setattr of size)
2159 * - there is a conflict if a different client has any delegation
2160 * - there is a conflict if the same client has a read delegation
2161 * (I don't understand why this isn't allowed, but that seems to be
2162 * the current consensus?)
2163 */
2164 tstp = LIST_FIRST(&lfp->lf_deleg);
2165 while (tstp != LIST_END(&lfp->lf_deleg)) {
2166 nstp = LIST_NEXT(tstp, ls_file);
2167 if ((((new_stp->ls_flags&(NFSLCK_LOCK|NFSLCK_UNLOCK|NFSLCK_TEST))||
2168 ((new_stp->ls_flags & NFSLCK_CHECK) &&
2169 (new_lop->lo_flags & NFSLCK_READ))) &&
2170 clp != tstp->ls_clp &&
2171 (tstp->ls_flags & NFSLCK_DELEGWRITE)) ||
2172 ((new_stp->ls_flags & NFSLCK_CHECK) &&
2173 (new_lop->lo_flags & NFSLCK_WRITE) &&
2174 (clp != tstp->ls_clp ||
2175 (tstp->ls_flags & NFSLCK_DELEGREAD)))) {
2176 ret = 0;
2177 if (filestruct_locked != 0) {
2178 /* Roll back local locks. */
2179 NFSUNLOCKSTATE();
2180 if (vnode_unlocked == 0) {
2181 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl4");
2182 NFSVOPUNLOCK(vp);
2183 }
2184 nfsrv_locallock_rollback(vp, lfp, p);
2185 NFSLOCKSTATE();
2186 nfsrv_unlocklf(lfp);
2187 NFSUNLOCKSTATE();
2188 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
2189 vnode_unlocked = 0;
2190 if (VN_IS_DOOMED(vp))
2191 ret = NFSERR_SERVERFAULT;
2192 NFSLOCKSTATE();
2193 }
2194 if (ret == 0)
2195 ret = nfsrv_delegconflict(tstp, &haslock, p, vp);
2196 if (ret) {
2197 /*
2198 * nfsrv_delegconflict unlocks state when it
2199 * returns non-zero, which it always does.
2200 */
2201 if (other_lop) {
2202 free(other_lop, M_NFSDLOCK);
2203 other_lop = NULL;
2204 }
2205 if (ret == -1) {
2206 lckstp = NULL;
2207 goto tryagain;
2208 }
2209 error = ret;
2210 goto out;
2211 }
2212 /* Never gets here. */
2213 }
2214 tstp = nstp;
2215 }
2216
2217 /*
2218 * Handle the unlock case by calling nfsrv_updatelock().
2219 * (Should I have done some access checking above for unlock? For now,
2220 * just let it happen.)
2221 */
2222 if (new_stp->ls_flags & NFSLCK_UNLOCK) {
2223 first = new_lop->lo_first;
2224 end = new_lop->lo_end;
2225 nfsrv_updatelock(stp, new_lopp, &other_lop, lfp);
2226 stateidp->seqid = ++(stp->ls_stateid.seqid);
2227 if ((nd->nd_flag & ND_NFSV41) != 0 && stateidp->seqid == 0)
2228 stateidp->seqid = stp->ls_stateid.seqid = 1;
2229 stateidp->other[0] = stp->ls_stateid.other[0];
2230 stateidp->other[1] = stp->ls_stateid.other[1];
2231 stateidp->other[2] = stp->ls_stateid.other[2];
2232 if (filestruct_locked != 0) {
2233 NFSUNLOCKSTATE();
2234 if (vnode_unlocked == 0) {
2235 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl5");
2236 vnode_unlocked = 1;
2237 NFSVOPUNLOCK(vp);
2238 }
2239 /* Update the local locks. */
2240 nfsrv_localunlock(vp, lfp, first, end, p);
2241 NFSLOCKSTATE();
2242 nfsrv_unlocklf(lfp);
2243 }
2244 NFSUNLOCKSTATE();
2245 goto out;
2246 }
2247
2248 /*
2249 * Search for a conflicting lock. A lock conflicts if:
2250 * - the lock range overlaps and
2251 * - at least one lock is a write lock and
2252 * - it is not owned by the same lock owner
2253 */
2254 if (!delegation) {
2255 LIST_FOREACH(lop, &lfp->lf_lock, lo_lckfile) {
2256 if (new_lop->lo_end > lop->lo_first &&
2257 new_lop->lo_first < lop->lo_end &&
2258 (new_lop->lo_flags == NFSLCK_WRITE ||
2259 lop->lo_flags == NFSLCK_WRITE) &&
2260 lckstp != lop->lo_stp &&
2261 (clp != lop->lo_stp->ls_clp ||
2262 lckstp->ls_ownerlen != lop->lo_stp->ls_ownerlen ||
2263 NFSBCMP(lckstp->ls_owner, lop->lo_stp->ls_owner,
2264 lckstp->ls_ownerlen))) {
2265 if (other_lop) {
2266 free(other_lop, M_NFSDLOCK);
2267 other_lop = NULL;
2268 }
2269 if (vnode_unlocked != 0)
2270 ret = nfsrv_clientconflict(lop->lo_stp->ls_clp, &haslock,
2271 NULL, p);
2272 else
2273 ret = nfsrv_clientconflict(lop->lo_stp->ls_clp, &haslock,
2274 vp, p);
2275 if (ret == 1) {
2276 if (filestruct_locked != 0) {
2277 if (vnode_unlocked == 0) {
2278 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl6");
2279 NFSVOPUNLOCK(vp);
2280 }
2281 /* Roll back local locks. */
2282 nfsrv_locallock_rollback(vp, lfp, p);
2283 NFSLOCKSTATE();
2284 nfsrv_unlocklf(lfp);
2285 NFSUNLOCKSTATE();
2286 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
2287 vnode_unlocked = 0;
2288 if (VN_IS_DOOMED(vp)) {
2289 error = NFSERR_SERVERFAULT;
2290 goto out;
2291 }
2292 }
2293 /*
2294 * nfsrv_clientconflict() unlocks state when it
2295 * returns non-zero.
2296 */
2297 lckstp = NULL;
2298 goto tryagain;
2299 }
2300 /*
2301 * Found a conflicting lock, so record the conflict and
2302 * return the error.
2303 */
2304 if (cfp != NULL && ret == 0) {
2305 cfp->cl_clientid.lval[0]=lop->lo_stp->ls_stateid.other[0];
2306 cfp->cl_clientid.lval[1]=lop->lo_stp->ls_stateid.other[1];
2307 cfp->cl_first = lop->lo_first;
2308 cfp->cl_end = lop->lo_end;
2309 cfp->cl_flags = lop->lo_flags;
2310 cfp->cl_ownerlen = lop->lo_stp->ls_ownerlen;
2311 NFSBCOPY(lop->lo_stp->ls_owner, cfp->cl_owner,
2312 cfp->cl_ownerlen);
2313 }
2314 if (ret == 2)
2315 error = NFSERR_PERM;
2316 else if (new_stp->ls_flags & NFSLCK_RECLAIM)
2317 error = NFSERR_RECLAIMCONFLICT;
2318 else if (new_stp->ls_flags & NFSLCK_CHECK)
2319 error = NFSERR_LOCKED;
2320 else
2321 error = NFSERR_DENIED;
2322 if (filestruct_locked != 0 && ret == 0) {
2323 /* Roll back local locks. */
2324 NFSUNLOCKSTATE();
2325 if (vnode_unlocked == 0) {
2326 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl7");
2327 vnode_unlocked = 1;
2328 NFSVOPUNLOCK(vp);
2329 }
2330 nfsrv_locallock_rollback(vp, lfp, p);
2331 NFSLOCKSTATE();
2332 nfsrv_unlocklf(lfp);
2333 }
2334 if (ret == 0)
2335 NFSUNLOCKSTATE();
2336 goto out;
2337 }
2338 }
2339 }
2340
2341 /*
2342 * We only get here if there was no lock that conflicted.
2343 */
2344 if (new_stp->ls_flags & (NFSLCK_TEST | NFSLCK_CHECK)) {
2345 NFSUNLOCKSTATE();
2346 goto out;
2347 }
2348
2349 /*
2350 * We only get here when we are creating or modifying a lock.
2351 * There are two variants:
2352 * - exist_lock_owner where lock_owner exists
2353 * - open_to_lock_owner with new lock_owner
2354 */
2355 first = new_lop->lo_first;
2356 end = new_lop->lo_end;
2357 lock_flags = new_lop->lo_flags;
2358 if (!(new_stp->ls_flags & NFSLCK_OPENTOLOCK)) {
2359 nfsrv_updatelock(lckstp, new_lopp, &other_lop, lfp);
2360 stateidp->seqid = ++(lckstp->ls_stateid.seqid);
2361 if ((nd->nd_flag & ND_NFSV41) != 0 && stateidp->seqid == 0)
2362 stateidp->seqid = lckstp->ls_stateid.seqid = 1;
2363 stateidp->other[0] = lckstp->ls_stateid.other[0];
2364 stateidp->other[1] = lckstp->ls_stateid.other[1];
2365 stateidp->other[2] = lckstp->ls_stateid.other[2];
2366 } else {
2367 /*
2368 * The new open_to_lock_owner case.
2369 * Link the new nfsstate into the lists.
2370 */
2371 new_stp->ls_seq = new_stp->ls_opentolockseq;
2372 nfsrvd_refcache(new_stp->ls_op);
2373 stateidp->seqid = new_stp->ls_stateid.seqid = 1;
2374 stateidp->other[0] = new_stp->ls_stateid.other[0] =
2375 clp->lc_clientid.lval[0];
2376 stateidp->other[1] = new_stp->ls_stateid.other[1] =
2377 clp->lc_clientid.lval[1];
2378 stateidp->other[2] = new_stp->ls_stateid.other[2] =
2379 nfsrv_nextstateindex(clp);
2380 new_stp->ls_clp = clp;
2381 LIST_INIT(&new_stp->ls_lock);
2382 new_stp->ls_openstp = stp;
2383 new_stp->ls_lfp = lfp;
2384 nfsrv_insertlock(new_lop, (struct nfslock *)new_stp, new_stp,
2385 lfp);
2386 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_stp->ls_stateid),
2387 new_stp, ls_hash);
2388 LIST_INSERT_HEAD(&stp->ls_open, new_stp, ls_list);
2389 *new_lopp = NULL;
2390 *new_stpp = NULL;
2391 nfsstatsv1.srvlockowners++;
2392 nfsrv_openpluslock++;
2393 }
2394 if (filestruct_locked != 0) {
2395 NFSUNLOCKSTATE();
2396 nfsrv_locallock_commit(lfp, lock_flags, first, end);
2397 NFSLOCKSTATE();
2398 nfsrv_unlocklf(lfp);
2399 }
2400 NFSUNLOCKSTATE();
2401
2402 out:
2403 if (haslock) {
2404 NFSLOCKV4ROOTMUTEX();
2405 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2406 NFSUNLOCKV4ROOTMUTEX();
2407 }
2408 if (vnode_unlocked != 0) {
2409 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
2410 if (error == 0 && VN_IS_DOOMED(vp))
2411 error = NFSERR_SERVERFAULT;
2412 }
2413 if (other_lop)
2414 free(other_lop, M_NFSDLOCK);
2415 NFSEXITCODE2(error, nd);
2416 return (error);
2417 }
2418
2419 /*
2420 * Check for state errors for Open.
2421 * repstat is passed back out as an error if more critical errors
2422 * are not detected.
2423 */
2424 int
2425 nfsrv_opencheck(nfsquad_t clientid, nfsv4stateid_t *stateidp,
2426 struct nfsstate *new_stp, vnode_t vp, struct nfsrv_descript *nd,
2427 NFSPROC_T *p, int repstat)
2428 {
2429 struct nfsstate *stp, *nstp;
2430 struct nfsclient *clp;
2431 struct nfsstate *ownerstp;
2432 struct nfslockfile *lfp, *new_lfp;
2433 int error = 0, haslock = 0, ret, readonly = 0, getfhret = 0;
2434
2435 if ((new_stp->ls_flags & NFSLCK_SHAREBITS) == NFSLCK_READACCESS)
2436 readonly = 1;
2437 /*
2438 * Check for restart conditions (client and server).
2439 */
2440 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
2441 &new_stp->ls_stateid, 0);
2442 if (error)
2443 goto out;
2444
2445 /*
2446 * Check for state resource limit exceeded.
2447 * Technically this should be SMP protected, but the worst
2448 * case error is "out by one or two" on the count when it
2449 * returns NFSERR_RESOURCE and the limit is just a rather
2450 * arbitrary high water mark, so no harm is done.
2451 */
2452 if (nfsrv_openpluslock > nfsrv_v4statelimit) {
2453 error = NFSERR_RESOURCE;
2454 goto out;
2455 }
2456
2457 tryagain:
2458 new_lfp = malloc(sizeof (struct nfslockfile),
2459 M_NFSDLOCKFILE, M_WAITOK);
2460 if (vp)
2461 getfhret = nfsrv_getlockfh(vp, new_stp->ls_flags, new_lfp,
2462 NULL, p);
2463 NFSLOCKSTATE();
2464 /*
2465 * Get the nfsclient structure.
2466 */
2467 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
2468 (nfsquad_t)((u_quad_t)0), 0, nd, p);
2469
2470 /*
2471 * Look up the open owner. See if it needs confirmation and
2472 * check the seq#, as required.
2473 */
2474 if (!error)
2475 nfsrv_getowner(&clp->lc_open, new_stp, &ownerstp);
2476
2477 if (!error && ownerstp) {
2478 error = nfsrv_checkseqid(nd, new_stp->ls_seq, ownerstp,
2479 new_stp->ls_op);
2480 /*
2481 * If the OpenOwner hasn't been confirmed, assume the
2482 * old one was a replay and this one is ok.
2483 * See: RFC3530 Sec. 14.2.18.
2484 */
2485 if (error == NFSERR_BADSEQID &&
2486 (ownerstp->ls_flags & NFSLCK_NEEDSCONFIRM))
2487 error = 0;
2488 }
2489
2490 /*
2491 * Check for grace.
2492 */
2493 if (!error)
2494 error = nfsrv_checkgrace(nd, clp, new_stp->ls_flags);
2495 if ((new_stp->ls_flags & NFSLCK_RECLAIM) && !error &&
2496 nfsrv_checkstable(clp))
2497 error = NFSERR_NOGRACE;
2498
2499 /*
2500 * If none of the above errors occurred, let repstat be
2501 * returned.
2502 */
2503 if (repstat && !error)
2504 error = repstat;
2505 if (error) {
2506 NFSUNLOCKSTATE();
2507 if (haslock) {
2508 NFSLOCKV4ROOTMUTEX();
2509 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2510 NFSUNLOCKV4ROOTMUTEX();
2511 }
2512 free(new_lfp, M_NFSDLOCKFILE);
2513 goto out;
2514 }
2515
2516 /*
2517 * If vp == NULL, the file doesn't exist yet, so return ok.
2518 * (This always happens on the first pass, so haslock must be 0.)
2519 */
2520 if (vp == NULL) {
2521 NFSUNLOCKSTATE();
2522 free(new_lfp, M_NFSDLOCKFILE);
2523 goto out;
2524 }
2525
2526 /*
2527 * Get the structure for the underlying file.
2528 */
2529 if (getfhret)
2530 error = getfhret;
2531 else
2532 error = nfsrv_getlockfile(new_stp->ls_flags, &new_lfp, &lfp,
2533 NULL, 0);
2534 if (new_lfp)
2535 free(new_lfp, M_NFSDLOCKFILE);
2536 if (error) {
2537 NFSUNLOCKSTATE();
2538 if (haslock) {
2539 NFSLOCKV4ROOTMUTEX();
2540 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2541 NFSUNLOCKV4ROOTMUTEX();
2542 }
2543 goto out;
2544 }
2545
2546 /*
2547 * Search for a conflicting open/share.
2548 */
2549 if (new_stp->ls_flags & NFSLCK_DELEGCUR) {
2550 /*
2551 * For Delegate_Cur, search for the matching Delegation,
2552 * which indicates no conflict.
2553 * An old delegation should have been recovered by the
2554 * client doing a Claim_DELEGATE_Prev, so I won't let
2555 * it match and return NFSERR_EXPIRED. Should I let it
2556 * match?
2557 */
2558 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
2559 if (!(stp->ls_flags & NFSLCK_OLDDELEG) &&
2560 (((nd->nd_flag & ND_NFSV41) != 0 &&
2561 stateidp->seqid == 0) ||
2562 stateidp->seqid == stp->ls_stateid.seqid) &&
2563 !NFSBCMP(stateidp->other, stp->ls_stateid.other,
2564 NFSX_STATEIDOTHER))
2565 break;
2566 }
2567 if (stp == LIST_END(&lfp->lf_deleg) ||
2568 ((new_stp->ls_flags & NFSLCK_WRITEACCESS) &&
2569 (stp->ls_flags & NFSLCK_DELEGREAD))) {
2570 NFSUNLOCKSTATE();
2571 if (haslock) {
2572 NFSLOCKV4ROOTMUTEX();
2573 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2574 NFSUNLOCKV4ROOTMUTEX();
2575 }
2576 error = NFSERR_EXPIRED;
2577 goto out;
2578 }
2579 }
2580
2581 /*
2582 * Check for access/deny bit conflicts. I check for the same
2583 * owner as well, in case the client didn't bother.
2584 */
2585 LIST_FOREACH(stp, &lfp->lf_open, ls_file) {
2586 if (!(new_stp->ls_flags & NFSLCK_DELEGCUR) &&
2587 (((new_stp->ls_flags & NFSLCK_ACCESSBITS) &
2588 ((stp->ls_flags>>NFSLCK_SHIFT) & NFSLCK_ACCESSBITS))||
2589 ((stp->ls_flags & NFSLCK_ACCESSBITS) &
2590 ((new_stp->ls_flags>>NFSLCK_SHIFT)&NFSLCK_ACCESSBITS)))){
2591 ret = nfsrv_clientconflict(stp->ls_clp,&haslock,vp,p);
2592 if (ret == 1) {
2593 /*
2594 * nfsrv_clientconflict() unlocks
2595 * state when it returns non-zero.
2596 */
2597 goto tryagain;
2598 }
2599 if (ret == 2)
2600 error = NFSERR_PERM;
2601 else if (new_stp->ls_flags & NFSLCK_RECLAIM)
2602 error = NFSERR_RECLAIMCONFLICT;
2603 else
2604 error = NFSERR_SHAREDENIED;
2605 if (ret == 0)
2606 NFSUNLOCKSTATE();
2607 if (haslock) {
2608 NFSLOCKV4ROOTMUTEX();
2609 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2610 NFSUNLOCKV4ROOTMUTEX();
2611 }
2612 goto out;
2613 }
2614 }
2615
2616 /*
2617 * Check for a conflicting delegation. If one is found, call
2618 * nfsrv_delegconflict() to handle it. If the v4root lock hasn't
2619 * been set yet, it will get the lock. Otherwise, it will recall
2620 * the delegation. Then, we try try again...
2621 * (If NFSLCK_DELEGCUR is set, it has a delegation, so there
2622 * isn't a conflict.)
2623 * I currently believe the conflict algorithm to be:
2624 * For Open with Read Access and Deny None
2625 * - there is a conflict iff a different client has a write delegation
2626 * For Open with other Write Access or any Deny except None
2627 * - there is a conflict if a different client has any delegation
2628 * - there is a conflict if the same client has a read delegation
2629 * (The current consensus is that this last case should be
2630 * considered a conflict since the client with a read delegation
2631 * could have done an Open with ReadAccess and WriteDeny
2632 * locally and then not have checked for the WriteDeny.)
2633 * Don't check for a Reclaim, since that will be dealt with
2634 * by nfsrv_openctrl().
2635 */
2636 if (!(new_stp->ls_flags &
2637 (NFSLCK_DELEGPREV | NFSLCK_DELEGCUR | NFSLCK_RECLAIM))) {
2638 stp = LIST_FIRST(&lfp->lf_deleg);
2639 while (stp != LIST_END(&lfp->lf_deleg)) {
2640 nstp = LIST_NEXT(stp, ls_file);
2641 if ((readonly && stp->ls_clp != clp &&
2642 (stp->ls_flags & NFSLCK_DELEGWRITE)) ||
2643 (!readonly && (stp->ls_clp != clp ||
2644 (stp->ls_flags & NFSLCK_DELEGREAD)))) {
2645 ret = nfsrv_delegconflict(stp, &haslock, p, vp);
2646 if (ret) {
2647 /*
2648 * nfsrv_delegconflict() unlocks state
2649 * when it returns non-zero.
2650 */
2651 if (ret == -1)
2652 goto tryagain;
2653 error = ret;
2654 goto out;
2655 }
2656 }
2657 stp = nstp;
2658 }
2659 }
2660 NFSUNLOCKSTATE();
2661 if (haslock) {
2662 NFSLOCKV4ROOTMUTEX();
2663 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2664 NFSUNLOCKV4ROOTMUTEX();
2665 }
2666
2667 out:
2668 NFSEXITCODE2(error, nd);
2669 return (error);
2670 }
2671
2672 /*
2673 * Open control function to create/update open state for an open.
2674 */
2675 int
2676 nfsrv_openctrl(struct nfsrv_descript *nd, vnode_t vp,
2677 struct nfsstate **new_stpp, nfsquad_t clientid, nfsv4stateid_t *stateidp,
2678 nfsv4stateid_t *delegstateidp, u_int32_t *rflagsp, struct nfsexstuff *exp,
2679 NFSPROC_T *p, u_quad_t filerev)
2680 {
2681 struct nfsstate *new_stp = *new_stpp;
2682 struct nfsstate *stp, *nstp;
2683 struct nfsstate *openstp = NULL, *new_open, *ownerstp, *new_deleg;
2684 struct nfslockfile *lfp, *new_lfp;
2685 struct nfsclient *clp;
2686 int error = 0, haslock = 0, ret, delegate = 1, writedeleg = 1;
2687 int readonly = 0, cbret = 1, getfhret = 0;
2688 int gotstate = 0, len = 0;
2689 u_char *clidp = NULL;
2690
2691 if ((new_stp->ls_flags & NFSLCK_SHAREBITS) == NFSLCK_READACCESS)
2692 readonly = 1;
2693 /*
2694 * Check for restart conditions (client and server).
2695 * (Paranoia, should have been detected by nfsrv_opencheck().)
2696 * If an error does show up, return NFSERR_EXPIRED, since the
2697 * the seqid# has already been incremented.
2698 */
2699 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
2700 &new_stp->ls_stateid, 0);
2701 if (error) {
2702 printf("Nfsd: openctrl unexpected restart err=%d\n",
2703 error);
2704 error = NFSERR_EXPIRED;
2705 goto out;
2706 }
2707
2708 clidp = malloc(NFSV4_OPAQUELIMIT, M_TEMP, M_WAITOK);
2709 tryagain:
2710 new_lfp = malloc(sizeof (struct nfslockfile),
2711 M_NFSDLOCKFILE, M_WAITOK);
2712 new_open = malloc(sizeof (struct nfsstate),
2713 M_NFSDSTATE, M_WAITOK);
2714 new_deleg = malloc(sizeof (struct nfsstate),
2715 M_NFSDSTATE, M_WAITOK);
2716 getfhret = nfsrv_getlockfh(vp, new_stp->ls_flags, new_lfp,
2717 NULL, p);
2718 NFSLOCKSTATE();
2719 /*
2720 * Get the client structure. Since the linked lists could be changed
2721 * by other nfsd processes if this process does a tsleep(), one of
2722 * two things must be done.
2723 * 1 - don't tsleep()
2724 * or
2725 * 2 - get the nfsv4_lock() { indicated by haslock == 1 }
2726 * before using the lists, since this lock stops the other
2727 * nfsd. This should only be used for rare cases, since it
2728 * essentially single threads the nfsd.
2729 * At this time, it is only done for cases where the stable
2730 * storage file must be written prior to completion of state
2731 * expiration.
2732 */
2733 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
2734 (nfsquad_t)((u_quad_t)0), 0, nd, p);
2735 if (!error && (clp->lc_flags & LCL_NEEDSCBNULL) &&
2736 clp->lc_program) {
2737 /*
2738 * This happens on the first open for a client
2739 * that supports callbacks.
2740 */
2741 NFSUNLOCKSTATE();
2742 /*
2743 * Although nfsrv_docallback() will sleep, clp won't
2744 * go away, since they are only removed when the
2745 * nfsv4_lock() has blocked the nfsd threads. The
2746 * fields in clp can change, but having multiple
2747 * threads do this Null callback RPC should be
2748 * harmless.
2749 */
2750 cbret = nfsrv_docallback(clp, NFSV4PROC_CBNULL,
2751 NULL, 0, NULL, NULL, NULL, 0, p);
2752 NFSLOCKSTATE();
2753 clp->lc_flags &= ~LCL_NEEDSCBNULL;
2754 if (!cbret)
2755 clp->lc_flags |= LCL_CALLBACKSON;
2756 }
2757
2758 /*
2759 * Look up the open owner. See if it needs confirmation and
2760 * check the seq#, as required.
2761 */
2762 if (!error)
2763 nfsrv_getowner(&clp->lc_open, new_stp, &ownerstp);
2764
2765 if (error) {
2766 NFSUNLOCKSTATE();
2767 printf("Nfsd: openctrl unexpected state err=%d\n",
2768 error);
2769 free(new_lfp, M_NFSDLOCKFILE);
2770 free(new_open, M_NFSDSTATE);
2771 free(new_deleg, M_NFSDSTATE);
2772 if (haslock) {
2773 NFSLOCKV4ROOTMUTEX();
2774 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2775 NFSUNLOCKV4ROOTMUTEX();
2776 }
2777 error = NFSERR_EXPIRED;
2778 goto out;
2779 }
2780
2781 if (new_stp->ls_flags & NFSLCK_RECLAIM)
2782 nfsrv_markstable(clp);
2783
2784 /*
2785 * Get the structure for the underlying file.
2786 */
2787 if (getfhret)
2788 error = getfhret;
2789 else
2790 error = nfsrv_getlockfile(new_stp->ls_flags, &new_lfp, &lfp,
2791 NULL, 0);
2792 if (new_lfp)
2793 free(new_lfp, M_NFSDLOCKFILE);
2794 if (error) {
2795 NFSUNLOCKSTATE();
2796 printf("Nfsd openctrl unexpected getlockfile err=%d\n",
2797 error);
2798 free(new_open, M_NFSDSTATE);
2799 free(new_deleg, M_NFSDSTATE);
2800 if (haslock) {
2801 NFSLOCKV4ROOTMUTEX();
2802 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2803 NFSUNLOCKV4ROOTMUTEX();
2804 }
2805 goto out;
2806 }
2807
2808 /*
2809 * Search for a conflicting open/share.
2810 */
2811 if (new_stp->ls_flags & NFSLCK_DELEGCUR) {
2812 /*
2813 * For Delegate_Cur, search for the matching Delegation,
2814 * which indicates no conflict.
2815 * An old delegation should have been recovered by the
2816 * client doing a Claim_DELEGATE_Prev, so I won't let
2817 * it match and return NFSERR_EXPIRED. Should I let it
2818 * match?
2819 */
2820 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
2821 if (!(stp->ls_flags & NFSLCK_OLDDELEG) &&
2822 (((nd->nd_flag & ND_NFSV41) != 0 &&
2823 stateidp->seqid == 0) ||
2824 stateidp->seqid == stp->ls_stateid.seqid) &&
2825 !NFSBCMP(stateidp->other, stp->ls_stateid.other,
2826 NFSX_STATEIDOTHER))
2827 break;
2828 }
2829 if (stp == LIST_END(&lfp->lf_deleg) ||
2830 ((new_stp->ls_flags & NFSLCK_WRITEACCESS) &&
2831 (stp->ls_flags & NFSLCK_DELEGREAD))) {
2832 NFSUNLOCKSTATE();
2833 printf("Nfsd openctrl unexpected expiry\n");
2834 free(new_open, M_NFSDSTATE);
2835 free(new_deleg, M_NFSDSTATE);
2836 if (haslock) {
2837 NFSLOCKV4ROOTMUTEX();
2838 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2839 NFSUNLOCKV4ROOTMUTEX();
2840 }
2841 error = NFSERR_EXPIRED;
2842 goto out;
2843 }
2844
2845 /*
2846 * Don't issue a Delegation, since one already exists and
2847 * delay delegation timeout, as required.
2848 */
2849 delegate = 0;
2850 nfsrv_delaydelegtimeout(stp);
2851 }
2852
2853 /*
2854 * Check for access/deny bit conflicts. I also check for the
2855 * same owner, since the client might not have bothered to check.
2856 * Also, note an open for the same file and owner, if found,
2857 * which is all we do here for Delegate_Cur, since conflict
2858 * checking is already done.
2859 */
2860 LIST_FOREACH(stp, &lfp->lf_open, ls_file) {
2861 if (ownerstp && stp->ls_openowner == ownerstp)
2862 openstp = stp;
2863 if (!(new_stp->ls_flags & NFSLCK_DELEGCUR)) {
2864 /*
2865 * If another client has the file open, the only
2866 * delegation that can be issued is a Read delegation
2867 * and only if it is a Read open with Deny none.
2868 */
2869 if (clp != stp->ls_clp) {
2870 if ((stp->ls_flags & NFSLCK_SHAREBITS) ==
2871 NFSLCK_READACCESS)
2872 writedeleg = 0;
2873 else
2874 delegate = 0;
2875 }
2876 if(((new_stp->ls_flags & NFSLCK_ACCESSBITS) &
2877 ((stp->ls_flags>>NFSLCK_SHIFT) & NFSLCK_ACCESSBITS))||
2878 ((stp->ls_flags & NFSLCK_ACCESSBITS) &
2879 ((new_stp->ls_flags>>NFSLCK_SHIFT)&NFSLCK_ACCESSBITS))){
2880 ret = nfsrv_clientconflict(stp->ls_clp,&haslock,vp,p);
2881 if (ret == 1) {
2882 /*
2883 * nfsrv_clientconflict() unlocks state
2884 * when it returns non-zero.
2885 */
2886 free(new_open, M_NFSDSTATE);
2887 free(new_deleg, M_NFSDSTATE);
2888 openstp = NULL;
2889 goto tryagain;
2890 }
2891 if (ret == 2)
2892 error = NFSERR_PERM;
2893 else if (new_stp->ls_flags & NFSLCK_RECLAIM)
2894 error = NFSERR_RECLAIMCONFLICT;
2895 else
2896 error = NFSERR_SHAREDENIED;
2897 if (ret == 0)
2898 NFSUNLOCKSTATE();
2899 if (haslock) {
2900 NFSLOCKV4ROOTMUTEX();
2901 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2902 NFSUNLOCKV4ROOTMUTEX();
2903 }
2904 free(new_open, M_NFSDSTATE);
2905 free(new_deleg, M_NFSDSTATE);
2906 printf("nfsd openctrl unexpected client cnfl\n");
2907 goto out;
2908 }
2909 }
2910 }
2911
2912 /*
2913 * Check for a conflicting delegation. If one is found, call
2914 * nfsrv_delegconflict() to handle it. If the v4root lock hasn't
2915 * been set yet, it will get the lock. Otherwise, it will recall
2916 * the delegation. Then, we try try again...
2917 * (If NFSLCK_DELEGCUR is set, it has a delegation, so there
2918 * isn't a conflict.)
2919 * I currently believe the conflict algorithm to be:
2920 * For Open with Read Access and Deny None
2921 * - there is a conflict iff a different client has a write delegation
2922 * For Open with other Write Access or any Deny except None
2923 * - there is a conflict if a different client has any delegation
2924 * - there is a conflict if the same client has a read delegation
2925 * (The current consensus is that this last case should be
2926 * considered a conflict since the client with a read delegation
2927 * could have done an Open with ReadAccess and WriteDeny
2928 * locally and then not have checked for the WriteDeny.)
2929 */
2930 if (!(new_stp->ls_flags & (NFSLCK_DELEGPREV | NFSLCK_DELEGCUR))) {
2931 stp = LIST_FIRST(&lfp->lf_deleg);
2932 while (stp != LIST_END(&lfp->lf_deleg)) {
2933 nstp = LIST_NEXT(stp, ls_file);
2934 if (stp->ls_clp != clp && (stp->ls_flags & NFSLCK_DELEGREAD))
2935 writedeleg = 0;
2936 else
2937 delegate = 0;
2938 if ((readonly && stp->ls_clp != clp &&
2939 (stp->ls_flags & NFSLCK_DELEGWRITE)) ||
2940 (!readonly && (stp->ls_clp != clp ||
2941 (stp->ls_flags & NFSLCK_DELEGREAD)))) {
2942 if (new_stp->ls_flags & NFSLCK_RECLAIM) {
2943 delegate = 2;
2944 } else {
2945 ret = nfsrv_delegconflict(stp, &haslock, p, vp);
2946 if (ret) {
2947 /*
2948 * nfsrv_delegconflict() unlocks state
2949 * when it returns non-zero.
2950 */
2951 printf("Nfsd openctrl unexpected deleg cnfl\n");
2952 free(new_open, M_NFSDSTATE);
2953 free(new_deleg, M_NFSDSTATE);
2954 if (ret == -1) {
2955 openstp = NULL;
2956 goto tryagain;
2957 }
2958 error = ret;
2959 goto out;
2960 }
2961 }
2962 }
2963 stp = nstp;
2964 }
2965 }
2966
2967 /*
2968 * We only get here if there was no open that conflicted.
2969 * If an open for the owner exists, or in the access/deny bits.
2970 * Otherwise it is a new open. If the open_owner hasn't been
2971 * confirmed, replace the open with the new one needing confirmation,
2972 * otherwise add the open.
2973 */
2974 if (new_stp->ls_flags & NFSLCK_DELEGPREV) {
2975 /*
2976 * Handle NFSLCK_DELEGPREV by searching the old delegations for
2977 * a match. If found, just move the old delegation to the current
2978 * delegation list and issue open. If not found, return
2979 * NFSERR_EXPIRED.
2980 */
2981 LIST_FOREACH(stp, &clp->lc_olddeleg, ls_list) {
2982 if (stp->ls_lfp == lfp) {
2983 /* Found it */
2984 if (stp->ls_clp != clp)
2985 panic("olddeleg clp");
2986 LIST_REMOVE(stp, ls_list);
2987 LIST_REMOVE(stp, ls_hash);
2988 stp->ls_flags &= ~NFSLCK_OLDDELEG;
2989 stp->ls_stateid.seqid = delegstateidp->seqid = 1;
2990 stp->ls_stateid.other[0] = delegstateidp->other[0] =
2991 clp->lc_clientid.lval[0];
2992 stp->ls_stateid.other[1] = delegstateidp->other[1] =
2993 clp->lc_clientid.lval[1];
2994 stp->ls_stateid.other[2] = delegstateidp->other[2] =
2995 nfsrv_nextstateindex(clp);
2996 stp->ls_compref = nd->nd_compref;
2997 LIST_INSERT_HEAD(&clp->lc_deleg, stp, ls_list);
2998 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
2999 stp->ls_stateid), stp, ls_hash);
3000 if (stp->ls_flags & NFSLCK_DELEGWRITE)
3001 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3002 else
3003 *rflagsp |= NFSV4OPEN_READDELEGATE;
3004 clp->lc_delegtime = NFSD_MONOSEC +
3005 nfsrv_lease + NFSRV_LEASEDELTA;
3006
3007 /*
3008 * Now, do the associated open.
3009 */
3010 new_open->ls_stateid.seqid = 1;
3011 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
3012 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
3013 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
3014 new_open->ls_flags = (new_stp->ls_flags&NFSLCK_DENYBITS)|
3015 NFSLCK_OPEN;
3016 if (stp->ls_flags & NFSLCK_DELEGWRITE)
3017 new_open->ls_flags |= (NFSLCK_READACCESS |
3018 NFSLCK_WRITEACCESS);
3019 else
3020 new_open->ls_flags |= NFSLCK_READACCESS;
3021 new_open->ls_uid = new_stp->ls_uid;
3022 new_open->ls_lfp = lfp;
3023 new_open->ls_clp = clp;
3024 LIST_INIT(&new_open->ls_open);
3025 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
3026 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
3027 new_open, ls_hash);
3028 /*
3029 * and handle the open owner
3030 */
3031 if (ownerstp) {
3032 new_open->ls_openowner = ownerstp;
3033 LIST_INSERT_HEAD(&ownerstp->ls_open,new_open,ls_list);
3034 } else {
3035 new_open->ls_openowner = new_stp;
3036 new_stp->ls_flags = 0;
3037 nfsrvd_refcache(new_stp->ls_op);
3038 new_stp->ls_noopens = 0;
3039 LIST_INIT(&new_stp->ls_open);
3040 LIST_INSERT_HEAD(&new_stp->ls_open, new_open, ls_list);
3041 LIST_INSERT_HEAD(&clp->lc_open, new_stp, ls_list);
3042 *new_stpp = NULL;
3043 nfsstatsv1.srvopenowners++;
3044 nfsrv_openpluslock++;
3045 }
3046 openstp = new_open;
3047 new_open = NULL;
3048 nfsstatsv1.srvopens++;
3049 nfsrv_openpluslock++;
3050 break;
3051 }
3052 }
3053 if (stp == LIST_END(&clp->lc_olddeleg))
3054 error = NFSERR_EXPIRED;
3055 } else if (new_stp->ls_flags & (NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) {
3056 /*
3057 * Scan to see that no delegation for this client and file
3058 * doesn't already exist.
3059 * There also shouldn't yet be an Open for this file and
3060 * openowner.
3061 */
3062 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
3063 if (stp->ls_clp == clp)
3064 break;
3065 }
3066 if (stp == LIST_END(&lfp->lf_deleg) && openstp == NULL) {
3067 /*
3068 * This is the Claim_Previous case with a delegation
3069 * type != Delegate_None.
3070 */
3071 /*
3072 * First, add the delegation. (Although we must issue the
3073 * delegation, we can also ask for an immediate return.)
3074 */
3075 new_deleg->ls_stateid.seqid = delegstateidp->seqid = 1;
3076 new_deleg->ls_stateid.other[0] = delegstateidp->other[0] =
3077 clp->lc_clientid.lval[0];
3078 new_deleg->ls_stateid.other[1] = delegstateidp->other[1] =
3079 clp->lc_clientid.lval[1];
3080 new_deleg->ls_stateid.other[2] = delegstateidp->other[2] =
3081 nfsrv_nextstateindex(clp);
3082 if (new_stp->ls_flags & NFSLCK_DELEGWRITE) {
3083 new_deleg->ls_flags = (NFSLCK_DELEGWRITE |
3084 NFSLCK_READACCESS | NFSLCK_WRITEACCESS);
3085 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3086 nfsrv_writedelegcnt++;
3087 } else {
3088 new_deleg->ls_flags = (NFSLCK_DELEGREAD |
3089 NFSLCK_READACCESS);
3090 *rflagsp |= NFSV4OPEN_READDELEGATE;
3091 }
3092 new_deleg->ls_uid = new_stp->ls_uid;
3093 new_deleg->ls_lfp = lfp;
3094 new_deleg->ls_clp = clp;
3095 new_deleg->ls_filerev = filerev;
3096 new_deleg->ls_compref = nd->nd_compref;
3097 new_deleg->ls_lastrecall = 0;
3098 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg, ls_file);
3099 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3100 new_deleg->ls_stateid), new_deleg, ls_hash);
3101 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg, ls_list);
3102 new_deleg = NULL;
3103 if (delegate == 2 || nfsrv_issuedelegs == 0 ||
3104 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) !=
3105 LCL_CALLBACKSON ||
3106 NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt) ||
3107 !NFSVNO_DELEGOK(vp))
3108 *rflagsp |= NFSV4OPEN_RECALL;
3109 nfsstatsv1.srvdelegates++;
3110 nfsrv_openpluslock++;
3111 nfsrv_delegatecnt++;
3112
3113 /*
3114 * Now, do the associated open.
3115 */
3116 new_open->ls_stateid.seqid = 1;
3117 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
3118 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
3119 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
3120 new_open->ls_flags = (new_stp->ls_flags & NFSLCK_DENYBITS) |
3121 NFSLCK_OPEN;
3122 if (new_stp->ls_flags & NFSLCK_DELEGWRITE)
3123 new_open->ls_flags |= (NFSLCK_READACCESS |
3124 NFSLCK_WRITEACCESS);
3125 else
3126 new_open->ls_flags |= NFSLCK_READACCESS;
3127 new_open->ls_uid = new_stp->ls_uid;
3128 new_open->ls_lfp = lfp;
3129 new_open->ls_clp = clp;
3130 LIST_INIT(&new_open->ls_open);
3131 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
3132 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
3133 new_open, ls_hash);
3134 /*
3135 * and handle the open owner
3136 */
3137 if (ownerstp) {
3138 new_open->ls_openowner = ownerstp;
3139 LIST_INSERT_HEAD(&ownerstp->ls_open, new_open, ls_list);
3140 } else {
3141 new_open->ls_openowner = new_stp;
3142 new_stp->ls_flags = 0;
3143 nfsrvd_refcache(new_stp->ls_op);
3144 new_stp->ls_noopens = 0;
3145 LIST_INIT(&new_stp->ls_open);
3146 LIST_INSERT_HEAD(&new_stp->ls_open, new_open, ls_list);
3147 LIST_INSERT_HEAD(&clp->lc_open, new_stp, ls_list);
3148 *new_stpp = NULL;
3149 nfsstatsv1.srvopenowners++;
3150 nfsrv_openpluslock++;
3151 }
3152 openstp = new_open;
3153 new_open = NULL;
3154 nfsstatsv1.srvopens++;
3155 nfsrv_openpluslock++;
3156 } else {
3157 error = NFSERR_RECLAIMCONFLICT;
3158 }
3159 } else if (ownerstp) {
3160 if (ownerstp->ls_flags & NFSLCK_NEEDSCONFIRM) {
3161 /* Replace the open */
3162 if (ownerstp->ls_op)
3163 nfsrvd_derefcache(ownerstp->ls_op);
3164 ownerstp->ls_op = new_stp->ls_op;
3165 nfsrvd_refcache(ownerstp->ls_op);
3166 ownerstp->ls_seq = new_stp->ls_seq;
3167 *rflagsp |= NFSV4OPEN_RESULTCONFIRM;
3168 stp = LIST_FIRST(&ownerstp->ls_open);
3169 stp->ls_flags = (new_stp->ls_flags & NFSLCK_SHAREBITS) |
3170 NFSLCK_OPEN;
3171 stp->ls_stateid.seqid = 1;
3172 stp->ls_uid = new_stp->ls_uid;
3173 if (lfp != stp->ls_lfp) {
3174 LIST_REMOVE(stp, ls_file);
3175 LIST_INSERT_HEAD(&lfp->lf_open, stp, ls_file);
3176 stp->ls_lfp = lfp;
3177 }
3178 openstp = stp;
3179 } else if (openstp) {
3180 openstp->ls_flags |= (new_stp->ls_flags & NFSLCK_SHAREBITS);
3181 openstp->ls_stateid.seqid++;
3182 if ((nd->nd_flag & ND_NFSV41) != 0 &&
3183 openstp->ls_stateid.seqid == 0)
3184 openstp->ls_stateid.seqid = 1;
3185
3186 /*
3187 * This is where we can choose to issue a delegation.
3188 */
3189 if ((new_stp->ls_flags & NFSLCK_WANTNODELEG) != 0)
3190 *rflagsp |= NFSV4OPEN_WDNOTWANTED;
3191 else if (nfsrv_issuedelegs == 0)
3192 *rflagsp |= NFSV4OPEN_WDSUPPFTYPE;
3193 else if (NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt))
3194 *rflagsp |= NFSV4OPEN_WDRESOURCE;
3195 else if (delegate == 0 || writedeleg == 0 ||
3196 NFSVNO_EXRDONLY(exp) || (readonly != 0 &&
3197 nfsrv_writedelegifpos == 0) ||
3198 !NFSVNO_DELEGOK(vp) ||
3199 (new_stp->ls_flags & NFSLCK_WANTRDELEG) != 0 ||
3200 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) !=
3201 LCL_CALLBACKSON)
3202 *rflagsp |= NFSV4OPEN_WDCONTENTION;
3203 else {
3204 new_deleg->ls_stateid.seqid = delegstateidp->seqid = 1;
3205 new_deleg->ls_stateid.other[0] = delegstateidp->other[0]
3206 = clp->lc_clientid.lval[0];
3207 new_deleg->ls_stateid.other[1] = delegstateidp->other[1]
3208 = clp->lc_clientid.lval[1];
3209 new_deleg->ls_stateid.other[2] = delegstateidp->other[2]
3210 = nfsrv_nextstateindex(clp);
3211 new_deleg->ls_flags = (NFSLCK_DELEGWRITE |
3212 NFSLCK_READACCESS | NFSLCK_WRITEACCESS);
3213 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3214 new_deleg->ls_uid = new_stp->ls_uid;
3215 new_deleg->ls_lfp = lfp;
3216 new_deleg->ls_clp = clp;
3217 new_deleg->ls_filerev = filerev;
3218 new_deleg->ls_compref = nd->nd_compref;
3219 new_deleg->ls_lastrecall = 0;
3220 nfsrv_writedelegcnt++;
3221 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg, ls_file);
3222 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3223 new_deleg->ls_stateid), new_deleg, ls_hash);
3224 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg, ls_list);
3225 new_deleg = NULL;
3226 nfsstatsv1.srvdelegates++;
3227 nfsrv_openpluslock++;
3228 nfsrv_delegatecnt++;
3229 }
3230 } else {
3231 new_open->ls_stateid.seqid = 1;
3232 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
3233 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
3234 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
3235 new_open->ls_flags = (new_stp->ls_flags & NFSLCK_SHAREBITS)|
3236 NFSLCK_OPEN;
3237 new_open->ls_uid = new_stp->ls_uid;
3238 new_open->ls_openowner = ownerstp;
3239 new_open->ls_lfp = lfp;
3240 new_open->ls_clp = clp;
3241 LIST_INIT(&new_open->ls_open);
3242 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
3243 LIST_INSERT_HEAD(&ownerstp->ls_open, new_open, ls_list);
3244 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
3245 new_open, ls_hash);
3246 openstp = new_open;
3247 new_open = NULL;
3248 nfsstatsv1.srvopens++;
3249 nfsrv_openpluslock++;
3250
3251 /*
3252 * This is where we can choose to issue a delegation.
3253 */
3254 if ((new_stp->ls_flags & NFSLCK_WANTNODELEG) != 0)
3255 *rflagsp |= NFSV4OPEN_WDNOTWANTED;
3256 else if (nfsrv_issuedelegs == 0)
3257 *rflagsp |= NFSV4OPEN_WDSUPPFTYPE;
3258 else if (NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt))
3259 *rflagsp |= NFSV4OPEN_WDRESOURCE;
3260 else if (delegate == 0 || (writedeleg == 0 &&
3261 readonly == 0) || !NFSVNO_DELEGOK(vp) ||
3262 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) !=
3263 LCL_CALLBACKSON)
3264 *rflagsp |= NFSV4OPEN_WDCONTENTION;
3265 else {
3266 new_deleg->ls_stateid.seqid = delegstateidp->seqid = 1;
3267 new_deleg->ls_stateid.other[0] = delegstateidp->other[0]
3268 = clp->lc_clientid.lval[0];
3269 new_deleg->ls_stateid.other[1] = delegstateidp->other[1]
3270 = clp->lc_clientid.lval[1];
3271 new_deleg->ls_stateid.other[2] = delegstateidp->other[2]
3272 = nfsrv_nextstateindex(clp);
3273 if (writedeleg && !NFSVNO_EXRDONLY(exp) &&
3274 (nfsrv_writedelegifpos || !readonly) &&
3275 (new_stp->ls_flags & NFSLCK_WANTRDELEG) == 0) {
3276 new_deleg->ls_flags = (NFSLCK_DELEGWRITE |
3277 NFSLCK_READACCESS | NFSLCK_WRITEACCESS);
3278 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3279 nfsrv_writedelegcnt++;
3280 } else {
3281 new_deleg->ls_flags = (NFSLCK_DELEGREAD |
3282 NFSLCK_READACCESS);
3283 *rflagsp |= NFSV4OPEN_READDELEGATE;
3284 }
3285 new_deleg->ls_uid = new_stp->ls_uid;
3286 new_deleg->ls_lfp = lfp;
3287 new_deleg->ls_clp = clp;
3288 new_deleg->ls_filerev = filerev;
3289 new_deleg->ls_compref = nd->nd_compref;
3290 new_deleg->ls_lastrecall = 0;
3291 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg, ls_file);
3292 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3293 new_deleg->ls_stateid), new_deleg, ls_hash);
3294 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg, ls_list);
3295 new_deleg = NULL;
3296 nfsstatsv1.srvdelegates++;
3297 nfsrv_openpluslock++;
3298 nfsrv_delegatecnt++;
3299 }
3300 }
3301 } else {
3302 /*
3303 * New owner case. Start the open_owner sequence with a
3304 * Needs confirmation (unless a reclaim) and hang the
3305 * new open off it.
3306 */
3307 new_open->ls_stateid.seqid = 1;
3308 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
3309 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
3310 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
3311 new_open->ls_flags = (new_stp->ls_flags & NFSLCK_SHAREBITS) |
3312 NFSLCK_OPEN;
3313 new_open->ls_uid = new_stp->ls_uid;
3314 LIST_INIT(&new_open->ls_open);
3315 new_open->ls_openowner = new_stp;
3316 new_open->ls_lfp = lfp;
3317 new_open->ls_clp = clp;
3318 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
3319 if (new_stp->ls_flags & NFSLCK_RECLAIM) {
3320 new_stp->ls_flags = 0;
3321 } else if ((nd->nd_flag & ND_NFSV41) != 0) {
3322 /* NFSv4.1 never needs confirmation. */
3323 new_stp->ls_flags = 0;
3324
3325 /*
3326 * This is where we can choose to issue a delegation.
3327 */
3328 if (delegate && nfsrv_issuedelegs &&
3329 (writedeleg || readonly) &&
3330 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) ==
3331 LCL_CALLBACKSON &&
3332 !NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt) &&
3333 NFSVNO_DELEGOK(vp) &&
3334 ((nd->nd_flag & ND_NFSV41) == 0 ||
3335 (new_stp->ls_flags & NFSLCK_WANTNODELEG) == 0)) {
3336 new_deleg->ls_stateid.seqid =
3337 delegstateidp->seqid = 1;
3338 new_deleg->ls_stateid.other[0] =
3339 delegstateidp->other[0]
3340 = clp->lc_clientid.lval[0];
3341 new_deleg->ls_stateid.other[1] =
3342 delegstateidp->other[1]
3343 = clp->lc_clientid.lval[1];
3344 new_deleg->ls_stateid.other[2] =
3345 delegstateidp->other[2]
3346 = nfsrv_nextstateindex(clp);
3347 if (writedeleg && !NFSVNO_EXRDONLY(exp) &&
3348 (nfsrv_writedelegifpos || !readonly) &&
3349 ((nd->nd_flag & ND_NFSV41) == 0 ||
3350 (new_stp->ls_flags & NFSLCK_WANTRDELEG) ==
3351 0)) {
3352 new_deleg->ls_flags =
3353 (NFSLCK_DELEGWRITE |
3354 NFSLCK_READACCESS |
3355 NFSLCK_WRITEACCESS);
3356 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3357 nfsrv_writedelegcnt++;
3358 } else {
3359 new_deleg->ls_flags =
3360 (NFSLCK_DELEGREAD |
3361 NFSLCK_READACCESS);
3362 *rflagsp |= NFSV4OPEN_READDELEGATE;
3363 }
3364 new_deleg->ls_uid = new_stp->ls_uid;
3365 new_deleg->ls_lfp = lfp;
3366 new_deleg->ls_clp = clp;
3367 new_deleg->ls_filerev = filerev;
3368 new_deleg->ls_compref = nd->nd_compref;
3369 new_deleg->ls_lastrecall = 0;
3370 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg,
3371 ls_file);
3372 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3373 new_deleg->ls_stateid), new_deleg, ls_hash);
3374 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg,
3375 ls_list);
3376 new_deleg = NULL;
3377 nfsstatsv1.srvdelegates++;
3378 nfsrv_openpluslock++;
3379 nfsrv_delegatecnt++;
3380 }
3381 /*
3382 * Since NFSv4.1 never does an OpenConfirm, the first
3383 * open state will be acquired here.
3384 */
3385 if (!(clp->lc_flags & LCL_STAMPEDSTABLE)) {
3386 clp->lc_flags |= LCL_STAMPEDSTABLE;
3387 len = clp->lc_idlen;
3388 NFSBCOPY(clp->lc_id, clidp, len);
3389 gotstate = 1;
3390 }
3391 } else {
3392 *rflagsp |= NFSV4OPEN_RESULTCONFIRM;
3393 new_stp->ls_flags = NFSLCK_NEEDSCONFIRM;
3394 }
3395 nfsrvd_refcache(new_stp->ls_op);
3396 new_stp->ls_noopens = 0;
3397 LIST_INIT(&new_stp->ls_open);
3398 LIST_INSERT_HEAD(&new_stp->ls_open, new_open, ls_list);
3399 LIST_INSERT_HEAD(&clp->lc_open, new_stp, ls_list);
3400 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
3401 new_open, ls_hash);
3402 openstp = new_open;
3403 new_open = NULL;
3404 *new_stpp = NULL;
3405 nfsstatsv1.srvopens++;
3406 nfsrv_openpluslock++;
3407 nfsstatsv1.srvopenowners++;
3408 nfsrv_openpluslock++;
3409 }
3410 if (!error) {
3411 stateidp->seqid = openstp->ls_stateid.seqid;
3412 stateidp->other[0] = openstp->ls_stateid.other[0];
3413 stateidp->other[1] = openstp->ls_stateid.other[1];
3414 stateidp->other[2] = openstp->ls_stateid.other[2];
3415 }
3416 NFSUNLOCKSTATE();
3417 if (haslock) {
3418 NFSLOCKV4ROOTMUTEX();
3419 nfsv4_unlock(&nfsv4rootfs_lock, 1);
3420 NFSUNLOCKV4ROOTMUTEX();
3421 }
3422 if (new_open)
3423 free(new_open, M_NFSDSTATE);
3424 if (new_deleg)
3425 free(new_deleg, M_NFSDSTATE);
3426
3427 /*
3428 * If the NFSv4.1 client just acquired its first open, write a timestamp
3429 * to the stable storage file.
3430 */
3431 if (gotstate != 0) {
3432 nfsrv_writestable(clidp, len, NFSNST_NEWSTATE, p);
3433 nfsrv_backupstable();
3434 }
3435
3436 out:
3437 free(clidp, M_TEMP);
3438 NFSEXITCODE2(error, nd);
3439 return (error);
3440 }
3441
3442 /*
3443 * Open update. Does the confirm, downgrade and close.
3444 */
3445 int
3446 nfsrv_openupdate(vnode_t vp, struct nfsstate *new_stp, nfsquad_t clientid,
3447 nfsv4stateid_t *stateidp, struct nfsrv_descript *nd, NFSPROC_T *p,
3448 int *retwriteaccessp)
3449 {
3450 struct nfsstate *stp;
3451 struct nfsclient *clp;
3452 struct nfslockfile *lfp;
3453 u_int32_t bits;
3454 int error = 0, gotstate = 0, len = 0;
3455 u_char *clidp = NULL;
3456
3457 /*
3458 * Check for restart conditions (client and server).
3459 */
3460 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
3461 &new_stp->ls_stateid, 0);
3462 if (error)
3463 goto out;
3464
3465 clidp = malloc(NFSV4_OPAQUELIMIT, M_TEMP, M_WAITOK);
3466 NFSLOCKSTATE();
3467 /*
3468 * Get the open structure via clientid and stateid.
3469 */
3470 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
3471 (nfsquad_t)((u_quad_t)0), 0, nd, p);
3472 if (!error)
3473 error = nfsrv_getstate(clp, &new_stp->ls_stateid,
3474 new_stp->ls_flags, &stp);
3475
3476 /*
3477 * Sanity check the open.
3478 */
3479 if (!error && (!(stp->ls_flags & NFSLCK_OPEN) ||
3480 (!(new_stp->ls_flags & NFSLCK_CONFIRM) &&
3481 (stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM)) ||
3482 ((new_stp->ls_flags & NFSLCK_CONFIRM) &&
3483 (!(stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM)))))
3484 error = NFSERR_BADSTATEID;
3485
3486 if (!error)
3487 error = nfsrv_checkseqid(nd, new_stp->ls_seq,
3488 stp->ls_openowner, new_stp->ls_op);
3489 if (!error && stp->ls_stateid.seqid != new_stp->ls_stateid.seqid &&
3490 (((nd->nd_flag & ND_NFSV41) == 0 &&
3491 !(new_stp->ls_flags & NFSLCK_CONFIRM)) ||
3492 ((nd->nd_flag & ND_NFSV41) != 0 &&
3493 new_stp->ls_stateid.seqid != 0)))
3494 error = NFSERR_OLDSTATEID;
3495 if (!error && vp->v_type != VREG) {
3496 if (vp->v_type == VDIR)
3497 error = NFSERR_ISDIR;
3498 else
3499 error = NFSERR_INVAL;
3500 }
3501
3502 if (error) {
3503 /*
3504 * If a client tries to confirm an Open with a bad
3505 * seqid# and there are no byte range locks or other Opens
3506 * on the openowner, just throw it away, so the next use of the
3507 * openowner will start a fresh seq#.
3508 */
3509 if (error == NFSERR_BADSEQID &&
3510 (new_stp->ls_flags & NFSLCK_CONFIRM) &&
3511 nfsrv_nootherstate(stp))
3512 nfsrv_freeopenowner(stp->ls_openowner, 0, p);
3513 NFSUNLOCKSTATE();
3514 goto out;
3515 }
3516
3517 /*
3518 * Set the return stateid.
3519 */
3520 stateidp->seqid = stp->ls_stateid.seqid + 1;
3521 if ((nd->nd_flag & ND_NFSV41) != 0 && stateidp->seqid == 0)
3522 stateidp->seqid = 1;
3523 stateidp->other[0] = stp->ls_stateid.other[0];
3524 stateidp->other[1] = stp->ls_stateid.other[1];
3525 stateidp->other[2] = stp->ls_stateid.other[2];
3526 /*
3527 * Now, handle the three cases.
3528 */
3529 if (new_stp->ls_flags & NFSLCK_CONFIRM) {
3530 /*
3531 * If the open doesn't need confirmation, it seems to me that
3532 * there is a client error, but I'll just log it and keep going?
3533 */
3534 if (!(stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM))
3535 printf("Nfsv4d: stray open confirm\n");
3536 stp->ls_openowner->ls_flags = 0;
3537 stp->ls_stateid.seqid++;
3538 if ((nd->nd_flag & ND_NFSV41) != 0 &&
3539 stp->ls_stateid.seqid == 0)
3540 stp->ls_stateid.seqid = 1;
3541 if (!(clp->lc_flags & LCL_STAMPEDSTABLE)) {
3542 clp->lc_flags |= LCL_STAMPEDSTABLE;
3543 len = clp->lc_idlen;
3544 NFSBCOPY(clp->lc_id, clidp, len);
3545 gotstate = 1;
3546 }
3547 NFSUNLOCKSTATE();
3548 } else if (new_stp->ls_flags & NFSLCK_CLOSE) {
3549 lfp = stp->ls_lfp;
3550 if (retwriteaccessp != NULL) {
3551 if ((stp->ls_flags & NFSLCK_WRITEACCESS) != 0)
3552 *retwriteaccessp = 1;
3553 else
3554 *retwriteaccessp = 0;
3555 }
3556 if (nfsrv_dolocallocks != 0 && !LIST_EMPTY(&stp->ls_open)) {
3557 /* Get the lf lock */
3558 nfsrv_locklf(lfp);
3559 NFSUNLOCKSTATE();
3560 ASSERT_VOP_ELOCKED(vp, "nfsrv_openupdate");
3561 NFSVOPUNLOCK(vp);
3562 if (nfsrv_freeopen(stp, vp, 1, p) == 0) {
3563 NFSLOCKSTATE();
3564 nfsrv_unlocklf(lfp);
3565 NFSUNLOCKSTATE();
3566 }
3567 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
3568 } else {
3569 (void) nfsrv_freeopen(stp, NULL, 0, p);
3570 NFSUNLOCKSTATE();
3571 }
3572 } else {
3573 /*
3574 * Update the share bits, making sure that the new set are a
3575 * subset of the old ones.
3576 */
3577 bits = (new_stp->ls_flags & NFSLCK_SHAREBITS);
3578 if (~(stp->ls_flags) & bits) {
3579 NFSUNLOCKSTATE();
3580 error = NFSERR_INVAL;
3581 goto out;
3582 }
3583 stp->ls_flags = (bits | NFSLCK_OPEN);
3584 stp->ls_stateid.seqid++;
3585 if ((nd->nd_flag & ND_NFSV41) != 0 &&
3586 stp->ls_stateid.seqid == 0)
3587 stp->ls_stateid.seqid = 1;
3588 NFSUNLOCKSTATE();
3589 }
3590
3591 /*
3592 * If the client just confirmed its first open, write a timestamp
3593 * to the stable storage file.
3594 */
3595 if (gotstate != 0) {
3596 nfsrv_writestable(clidp, len, NFSNST_NEWSTATE, p);
3597 nfsrv_backupstable();
3598 }
3599
3600 out:
3601 free(clidp, M_TEMP);
3602 NFSEXITCODE2(error, nd);
3603 return (error);
3604 }
3605
3606 /*
3607 * Delegation update. Does the purge and return.
3608 */
3609 int
3610 nfsrv_delegupdate(struct nfsrv_descript *nd, nfsquad_t clientid,
3611 nfsv4stateid_t *stateidp, vnode_t vp, int op, struct ucred *cred,
3612 NFSPROC_T *p, int *retwriteaccessp)
3613 {
3614 struct nfsstate *stp;
3615 struct nfsclient *clp;
3616 int error = 0;
3617 fhandle_t fh;
3618
3619 /*
3620 * Do a sanity check against the file handle for DelegReturn.
3621 */
3622 if (vp) {
3623 error = nfsvno_getfh(vp, &fh, p);
3624 if (error)
3625 goto out;
3626 }
3627 /*
3628 * Check for restart conditions (client and server).
3629 */
3630 if (op == NFSV4OP_DELEGRETURN)
3631 error = nfsrv_checkrestart(clientid, NFSLCK_DELEGRETURN,
3632 stateidp, 0);
3633 else
3634 error = nfsrv_checkrestart(clientid, NFSLCK_DELEGPURGE,
3635 stateidp, 0);
3636
3637 NFSLOCKSTATE();
3638 /*
3639 * Get the open structure via clientid and stateid.
3640 */
3641 if (!error)
3642 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
3643 (nfsquad_t)((u_quad_t)0), 0, nd, p);
3644 if (error) {
3645 if (error == NFSERR_CBPATHDOWN)
3646 error = 0;
3647 if (error == NFSERR_STALECLIENTID && op == NFSV4OP_DELEGRETURN)
3648 error = NFSERR_STALESTATEID;
3649 }
3650 if (!error && op == NFSV4OP_DELEGRETURN) {
3651 error = nfsrv_getstate(clp, stateidp, NFSLCK_DELEGRETURN, &stp);
3652 if (!error && stp->ls_stateid.seqid != stateidp->seqid &&
3653 ((nd->nd_flag & ND_NFSV41) == 0 || stateidp->seqid != 0))
3654 error = NFSERR_OLDSTATEID;
3655 }
3656 /*
3657 * NFSERR_EXPIRED means that the state has gone away,
3658 * so Delegations have been purged. Just return ok.
3659 */
3660 if (error == NFSERR_EXPIRED && op == NFSV4OP_DELEGPURGE) {
3661 NFSUNLOCKSTATE();
3662 error = 0;
3663 goto out;
3664 }
3665 if (error) {
3666 NFSUNLOCKSTATE();
3667 goto out;
3668 }
3669
3670 if (op == NFSV4OP_DELEGRETURN) {
3671 if (NFSBCMP((caddr_t)&fh, (caddr_t)&stp->ls_lfp->lf_fh,
3672 sizeof (fhandle_t))) {
3673 NFSUNLOCKSTATE();
3674 error = NFSERR_BADSTATEID;
3675 goto out;
3676 }
3677 if (retwriteaccessp != NULL) {
3678 if ((stp->ls_flags & NFSLCK_DELEGWRITE) != 0)
3679 *retwriteaccessp = 1;
3680 else
3681 *retwriteaccessp = 0;
3682 }
3683 nfsrv_freedeleg(stp);
3684 } else {
3685 nfsrv_freedeleglist(&clp->lc_olddeleg);
3686 }
3687 NFSUNLOCKSTATE();
3688 error = 0;
3689
3690 out:
3691 NFSEXITCODE(error);
3692 return (error);
3693 }
3694
3695 /*
3696 * Release lock owner.
3697 */
3698 int
3699 nfsrv_releaselckown(struct nfsstate *new_stp, nfsquad_t clientid,
3700 NFSPROC_T *p)
3701 {
3702 struct nfsstate *stp, *nstp, *openstp, *ownstp;
3703 struct nfsclient *clp;
3704 int error = 0;
3705
3706 /*
3707 * Check for restart conditions (client and server).
3708 */
3709 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
3710 &new_stp->ls_stateid, 0);
3711 if (error)
3712 goto out;
3713
3714 NFSLOCKSTATE();
3715 /*
3716 * Get the lock owner by name.
3717 */
3718 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
3719 (nfsquad_t)((u_quad_t)0), 0, NULL, p);
3720 if (error) {
3721 NFSUNLOCKSTATE();
3722 goto out;
3723 }
3724 LIST_FOREACH(ownstp, &clp->lc_open, ls_list) {
3725 LIST_FOREACH(openstp, &ownstp->ls_open, ls_list) {
3726 stp = LIST_FIRST(&openstp->ls_open);
3727 while (stp != LIST_END(&openstp->ls_open)) {
3728 nstp = LIST_NEXT(stp, ls_list);
3729 /*
3730 * If the owner matches, check for locks and
3731 * then free or return an error.
3732 */
3733 if (stp->ls_ownerlen == new_stp->ls_ownerlen &&
3734 !NFSBCMP(stp->ls_owner, new_stp->ls_owner,
3735 stp->ls_ownerlen)){
3736 if (LIST_EMPTY(&stp->ls_lock)) {
3737 nfsrv_freelockowner(stp, NULL, 0, p);
3738 } else {
3739 NFSUNLOCKSTATE();
3740 error = NFSERR_LOCKSHELD;
3741 goto out;
3742 }
3743 }
3744 stp = nstp;
3745 }
3746 }
3747 }
3748 NFSUNLOCKSTATE();
3749
3750 out:
3751 NFSEXITCODE(error);
3752 return (error);
3753 }
3754
3755 /*
3756 * Get the file handle for a lock structure.
3757 */
3758 static int
3759 nfsrv_getlockfh(vnode_t vp, u_short flags, struct nfslockfile *new_lfp,
3760 fhandle_t *nfhp, NFSPROC_T *p)
3761 {
3762 fhandle_t *fhp = NULL;
3763 int error;
3764
3765 /*
3766 * For lock, use the new nfslock structure, otherwise just
3767 * a fhandle_t on the stack.
3768 */
3769 if (flags & NFSLCK_OPEN) {
3770 KASSERT(new_lfp != NULL, ("nfsrv_getlockfh: new_lfp NULL"));
3771 fhp = &new_lfp->lf_fh;
3772 } else if (nfhp) {
3773 fhp = nfhp;
3774 } else {
3775 panic("nfsrv_getlockfh");
3776 }
3777 error = nfsvno_getfh(vp, fhp, p);
3778 NFSEXITCODE(error);
3779 return (error);
3780 }
3781
3782 /*
3783 * Get an nfs lock structure. Allocate one, as required, and return a
3784 * pointer to it.
3785 * Returns an NFSERR_xxx upon failure or -1 to indicate no current lock.
3786 */
3787 static int
3788 nfsrv_getlockfile(u_short flags, struct nfslockfile **new_lfpp,
3789 struct nfslockfile **lfpp, fhandle_t *nfhp, int lockit)
3790 {
3791 struct nfslockfile *lfp;
3792 fhandle_t *fhp = NULL, *tfhp;
3793 struct nfslockhashhead *hp;
3794 struct nfslockfile *new_lfp = NULL;
3795
3796 /*
3797 * For lock, use the new nfslock structure, otherwise just
3798 * a fhandle_t on the stack.
3799 */
3800 if (flags & NFSLCK_OPEN) {
3801 new_lfp = *new_lfpp;
3802 fhp = &new_lfp->lf_fh;
3803 } else if (nfhp) {
3804 fhp = nfhp;
3805 } else {
3806 panic("nfsrv_getlockfile");
3807 }
3808
3809 hp = NFSLOCKHASH(fhp);
3810 LIST_FOREACH(lfp, hp, lf_hash) {
3811 tfhp = &lfp->lf_fh;
3812 if (NFSVNO_CMPFH(fhp, tfhp)) {
3813 if (lockit)
3814 nfsrv_locklf(lfp);
3815 *lfpp = lfp;
3816 return (0);
3817 }
3818 }
3819 if (!(flags & NFSLCK_OPEN))
3820 return (-1);
3821
3822 /*
3823 * No match, so chain the new one into the list.
3824 */
3825 LIST_INIT(&new_lfp->lf_open);
3826 LIST_INIT(&new_lfp->lf_lock);
3827 LIST_INIT(&new_lfp->lf_deleg);
3828 LIST_INIT(&new_lfp->lf_locallock);
3829 LIST_INIT(&new_lfp->lf_rollback);
3830 new_lfp->lf_locallock_lck.nfslock_usecnt = 0;
3831 new_lfp->lf_locallock_lck.nfslock_lock = 0;
3832 new_lfp->lf_usecount = 0;
3833 LIST_INSERT_HEAD(hp, new_lfp, lf_hash);
3834 *lfpp = new_lfp;
3835 *new_lfpp = NULL;
3836 return (0);
3837 }
3838
3839 /*
3840 * This function adds a nfslock lock structure to the list for the associated
3841 * nfsstate and nfslockfile structures. It will be inserted after the
3842 * entry pointed at by insert_lop.
3843 */
3844 static void
3845 nfsrv_insertlock(struct nfslock *new_lop, struct nfslock *insert_lop,
3846 struct nfsstate *stp, struct nfslockfile *lfp)
3847 {
3848 struct nfslock *lop, *nlop;
3849
3850 new_lop->lo_stp = stp;
3851 new_lop->lo_lfp = lfp;
3852
3853 if (stp != NULL) {
3854 /* Insert in increasing lo_first order */
3855 lop = LIST_FIRST(&lfp->lf_lock);
3856 if (lop == LIST_END(&lfp->lf_lock) ||
3857 new_lop->lo_first <= lop->lo_first) {
3858 LIST_INSERT_HEAD(&lfp->lf_lock, new_lop, lo_lckfile);
3859 } else {
3860 nlop = LIST_NEXT(lop, lo_lckfile);
3861 while (nlop != LIST_END(&lfp->lf_lock) &&
3862 nlop->lo_first < new_lop->lo_first) {
3863 lop = nlop;
3864 nlop = LIST_NEXT(lop, lo_lckfile);
3865 }
3866 LIST_INSERT_AFTER(lop, new_lop, lo_lckfile);
3867 }
3868 } else {
3869 new_lop->lo_lckfile.le_prev = NULL; /* list not used */
3870 }
3871
3872 /*
3873 * Insert after insert_lop, which is overloaded as stp or lfp for
3874 * an empty list.
3875 */
3876 if (stp == NULL && (struct nfslockfile *)insert_lop == lfp)
3877 LIST_INSERT_HEAD(&lfp->lf_locallock, new_lop, lo_lckowner);
3878 else if ((struct nfsstate *)insert_lop == stp)
3879 LIST_INSERT_HEAD(&stp->ls_lock, new_lop, lo_lckowner);
3880 else
3881 LIST_INSERT_AFTER(insert_lop, new_lop, lo_lckowner);
3882 if (stp != NULL) {
3883 nfsstatsv1.srvlocks++;
3884 nfsrv_openpluslock++;
3885 }
3886 }
3887
3888 /*
3889 * This function updates the locking for a lock owner and given file. It
3890 * maintains a list of lock ranges ordered on increasing file offset that
3891 * are NFSLCK_READ or NFSLCK_WRITE and non-overlapping (aka POSIX style).
3892 * It always adds new_lop to the list and sometimes uses the one pointed
3893 * at by other_lopp.
3894 */
3895 static void
3896 nfsrv_updatelock(struct nfsstate *stp, struct nfslock **new_lopp,
3897 struct nfslock **other_lopp, struct nfslockfile *lfp)
3898 {
3899 struct nfslock *new_lop = *new_lopp;
3900 struct nfslock *lop, *tlop, *ilop;
3901 struct nfslock *other_lop = *other_lopp;
3902 int unlock = 0, myfile = 0;
3903 u_int64_t tmp;
3904
3905 /*
3906 * Work down the list until the lock is merged.
3907 */
3908 if (new_lop->lo_flags & NFSLCK_UNLOCK)
3909 unlock = 1;
3910 if (stp != NULL) {
3911 ilop = (struct nfslock *)stp;
3912 lop = LIST_FIRST(&stp->ls_lock);
3913 } else {
3914 ilop = (struct nfslock *)lfp;
3915 lop = LIST_FIRST(&lfp->lf_locallock);
3916 }
3917 while (lop != NULL) {
3918 /*
3919 * Only check locks for this file that aren't before the start of
3920 * new lock's range.
3921 */
3922 if (lop->lo_lfp == lfp) {
3923 myfile = 1;
3924 if (lop->lo_end >= new_lop->lo_first) {
3925 if (new_lop->lo_end < lop->lo_first) {
3926 /*
3927 * If the new lock ends before the start of the
3928 * current lock's range, no merge, just insert
3929 * the new lock.
3930 */
3931 break;
3932 }
3933 if (new_lop->lo_flags == lop->lo_flags ||
3934 (new_lop->lo_first <= lop->lo_first &&
3935 new_lop->lo_end >= lop->lo_end)) {
3936 /*
3937 * This lock can be absorbed by the new lock/unlock.
3938 * This happens when it covers the entire range
3939 * of the old lock or is contiguous
3940 * with the old lock and is of the same type or an
3941 * unlock.
3942 */
3943 if (lop->lo_first < new_lop->lo_first)
3944 new_lop->lo_first = lop->lo_first;
3945 if (lop->lo_end > new_lop->lo_end)
3946 new_lop->lo_end = lop->lo_end;
3947 tlop = lop;
3948 lop = LIST_NEXT(lop, lo_lckowner);
3949 nfsrv_freenfslock(tlop);
3950 continue;
3951 }
3952
3953 /*
3954 * All these cases are for contiguous locks that are not the
3955 * same type, so they can't be merged.
3956 */
3957 if (new_lop->lo_first <= lop->lo_first) {
3958 /*
3959 * This case is where the new lock overlaps with the
3960 * first part of the old lock. Move the start of the
3961 * old lock to just past the end of the new lock. The
3962 * new lock will be inserted in front of the old, since
3963 * ilop hasn't been updated. (We are done now.)
3964 */
3965 lop->lo_first = new_lop->lo_end;
3966 break;
3967 }
3968 if (new_lop->lo_end >= lop->lo_end) {
3969 /*
3970 * This case is where the new lock overlaps with the
3971 * end of the old lock's range. Move the old lock's
3972 * end to just before the new lock's first and insert
3973 * the new lock after the old lock.
3974 * Might not be done yet, since the new lock could
3975 * overlap further locks with higher ranges.
3976 */
3977 lop->lo_end = new_lop->lo_first;
3978 ilop = lop;
3979 lop = LIST_NEXT(lop, lo_lckowner);
3980 continue;
3981 }
3982 /*
3983 * The final case is where the new lock's range is in the
3984 * middle of the current lock's and splits the current lock
3985 * up. Use *other_lopp to handle the second part of the
3986 * split old lock range. (We are done now.)
3987 * For unlock, we use new_lop as other_lop and tmp, since
3988 * other_lop and new_lop are the same for this case.
3989 * We noted the unlock case above, so we don't need
3990 * new_lop->lo_flags any longer.
3991 */
3992 tmp = new_lop->lo_first;
3993 if (other_lop == NULL) {
3994 if (!unlock)
3995 panic("nfsd srv update unlock");
3996 other_lop = new_lop;
3997 *new_lopp = NULL;
3998 }
3999 other_lop->lo_first = new_lop->lo_end;
4000 other_lop->lo_end = lop->lo_end;
4001 other_lop->lo_flags = lop->lo_flags;
4002 other_lop->lo_stp = stp;
4003 other_lop->lo_lfp = lfp;
4004 lop->lo_end = tmp;
4005 nfsrv_insertlock(other_lop, lop, stp, lfp);
4006 *other_lopp = NULL;
4007 ilop = lop;
4008 break;
4009 }
4010 }
4011 ilop = lop;
4012 lop = LIST_NEXT(lop, lo_lckowner);
4013 if (myfile && (lop == NULL || lop->lo_lfp != lfp))
4014 break;
4015 }
4016
4017 /*
4018 * Insert the new lock in the list at the appropriate place.
4019 */
4020 if (!unlock) {
4021 nfsrv_insertlock(new_lop, ilop, stp, lfp);
4022 *new_lopp = NULL;
4023 }
4024 }
4025
4026 /*
4027 * This function handles sequencing of locks, etc.
4028 * It returns an error that indicates what the caller should do.
4029 */
4030 static int
4031 nfsrv_checkseqid(struct nfsrv_descript *nd, u_int32_t seqid,
4032 struct nfsstate *stp, struct nfsrvcache *op)
4033 {
4034 int error = 0;
4035
4036 if ((nd->nd_flag & ND_NFSV41) != 0)
4037 /* NFSv4.1 ignores the open_seqid and lock_seqid. */
4038 goto out;
4039 if (op != nd->nd_rp)
4040 panic("nfsrvstate checkseqid");
4041 if (!(op->rc_flag & RC_INPROG))
4042 panic("nfsrvstate not inprog");
4043 if (stp->ls_op && stp->ls_op->rc_refcnt <= 0) {
4044 printf("refcnt=%d\n", stp->ls_op->rc_refcnt);
4045 panic("nfsrvstate op refcnt");
4046 }
4047
4048 /* If ND_ERELOOKUP is set, the seqid has already been handled. */
4049 if ((nd->nd_flag & ND_ERELOOKUP) != 0)
4050 goto out;
4051
4052 if ((stp->ls_seq + 1) == seqid) {
4053 if (stp->ls_op)
4054 nfsrvd_derefcache(stp->ls_op);
4055 stp->ls_op = op;
4056 nfsrvd_refcache(op);
4057 stp->ls_seq = seqid;
4058 goto out;
4059 } else if (stp->ls_seq == seqid && stp->ls_op &&
4060 op->rc_xid == stp->ls_op->rc_xid &&
4061 op->rc_refcnt == 0 &&
4062 op->rc_reqlen == stp->ls_op->rc_reqlen &&
4063 op->rc_cksum == stp->ls_op->rc_cksum) {
4064 if (stp->ls_op->rc_flag & RC_INPROG) {
4065 error = NFSERR_DONTREPLY;
4066 goto out;
4067 }
4068 nd->nd_rp = stp->ls_op;
4069 nd->nd_rp->rc_flag |= RC_INPROG;
4070 nfsrvd_delcache(op);
4071 error = NFSERR_REPLYFROMCACHE;
4072 goto out;
4073 }
4074 error = NFSERR_BADSEQID;
4075
4076 out:
4077 NFSEXITCODE2(error, nd);
4078 return (error);
4079 }
4080
4081 /*
4082 * Get the client ip address for callbacks. If the strings can't be parsed,
4083 * just set lc_program to 0 to indicate no callbacks are possible.
4084 * (For cases where the address can't be parsed or is 0.0.0.0.0.0, set
4085 * the address to the client's transport address. This won't be used
4086 * for callbacks, but can be printed out by nfsstats for info.)
4087 * Return error if the xdr can't be parsed, 0 otherwise.
4088 */
4089 int
4090 nfsrv_getclientipaddr(struct nfsrv_descript *nd, struct nfsclient *clp)
4091 {
4092 u_int32_t *tl;
4093 u_char *cp, *cp2;
4094 int i, j, maxalen = 0, minalen = 0;
4095 sa_family_t af;
4096 #ifdef INET
4097 struct sockaddr_in *rin = NULL, *sin;
4098 #endif
4099 #ifdef INET6
4100 struct sockaddr_in6 *rin6 = NULL, *sin6;
4101 #endif
4102 u_char *addr;
4103 int error = 0, cantparse = 0;
4104 union {
4105 in_addr_t ival;
4106 u_char cval[4];
4107 } ip;
4108 union {
4109 in_port_t sval;
4110 u_char cval[2];
4111 } port;
4112
4113 /* 8 is the maximum length of the port# string. */
4114 addr = malloc(INET6_ADDRSTRLEN + 8, M_TEMP, M_WAITOK);
4115 clp->lc_req.nr_client = NULL;
4116 clp->lc_req.nr_lock = 0;
4117 af = AF_UNSPEC;
4118 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
4119 i = fxdr_unsigned(int, *tl);
4120 if (i >= 3 && i <= 4) {
4121 error = nfsrv_mtostr(nd, addr, i);
4122 if (error)
4123 goto nfsmout;
4124 #ifdef INET
4125 if (!strcmp(addr, "tcp")) {
4126 clp->lc_flags |= LCL_TCPCALLBACK;
4127 clp->lc_req.nr_sotype = SOCK_STREAM;
4128 clp->lc_req.nr_soproto = IPPROTO_TCP;
4129 af = AF_INET;
4130 } else if (!strcmp(addr, "udp")) {
4131 clp->lc_req.nr_sotype = SOCK_DGRAM;
4132 clp->lc_req.nr_soproto = IPPROTO_UDP;
4133 af = AF_INET;
4134 }
4135 #endif
4136 #ifdef INET6
4137 if (af == AF_UNSPEC) {
4138 if (!strcmp(addr, "tcp6")) {
4139 clp->lc_flags |= LCL_TCPCALLBACK;
4140 clp->lc_req.nr_sotype = SOCK_STREAM;
4141 clp->lc_req.nr_soproto = IPPROTO_TCP;
4142 af = AF_INET6;
4143 } else if (!strcmp(addr, "udp6")) {
4144 clp->lc_req.nr_sotype = SOCK_DGRAM;
4145 clp->lc_req.nr_soproto = IPPROTO_UDP;
4146 af = AF_INET6;
4147 }
4148 }
4149 #endif
4150 if (af == AF_UNSPEC) {
4151 cantparse = 1;
4152 }
4153 } else {
4154 cantparse = 1;
4155 if (i > 0) {
4156 error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
4157 if (error)
4158 goto nfsmout;
4159 }
4160 }
4161 /*
4162 * The caller has allocated clp->lc_req.nr_nam to be large enough
4163 * for either AF_INET or AF_INET6 and zeroed out the contents.
4164 * maxalen is set to the maximum length of the host IP address string
4165 * plus 8 for the maximum length of the port#.
4166 * minalen is set to the minimum length of the host IP address string
4167 * plus 4 for the minimum length of the port#.
4168 * These lengths do not include NULL termination,
4169 * so INET[6]_ADDRSTRLEN - 1 is used in the calculations.
4170 */
4171 switch (af) {
4172 #ifdef INET
4173 case AF_INET:
4174 rin = (struct sockaddr_in *)clp->lc_req.nr_nam;
4175 rin->sin_family = AF_INET;
4176 rin->sin_len = sizeof(struct sockaddr_in);
4177 maxalen = INET_ADDRSTRLEN - 1 + 8;
4178 minalen = 7 + 4;
4179 break;
4180 #endif
4181 #ifdef INET6
4182 case AF_INET6:
4183 rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam;
4184 rin6->sin6_family = AF_INET6;
4185 rin6->sin6_len = sizeof(struct sockaddr_in6);
4186 maxalen = INET6_ADDRSTRLEN - 1 + 8;
4187 minalen = 3 + 4;
4188 break;
4189 #endif
4190 }
4191 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
4192 i = fxdr_unsigned(int, *tl);
4193 if (i < 0) {
4194 error = NFSERR_BADXDR;
4195 goto nfsmout;
4196 } else if (i == 0) {
4197 cantparse = 1;
4198 } else if (!cantparse && i <= maxalen && i >= minalen) {
4199 error = nfsrv_mtostr(nd, addr, i);
4200 if (error)
4201 goto nfsmout;
4202
4203 /*
4204 * Parse out the address fields. We expect 6 decimal numbers
4205 * separated by '.'s for AF_INET and two decimal numbers
4206 * preceeded by '.'s for AF_INET6.
4207 */
4208 cp = NULL;
4209 switch (af) {
4210 #ifdef INET6
4211 /*
4212 * For AF_INET6, first parse the host address.
4213 */
4214 case AF_INET6:
4215 cp = strchr(addr, '.');
4216 if (cp != NULL) {
4217 *cp++ = '\0';
4218 if (inet_pton(af, addr, &rin6->sin6_addr) == 1)
4219 i = 4;
4220 else {
4221 cp = NULL;
4222 cantparse = 1;
4223 }
4224 }
4225 break;
4226 #endif
4227 #ifdef INET
4228 case AF_INET:
4229 cp = addr;
4230 i = 0;
4231 break;
4232 #endif
4233 }
4234 while (cp != NULL && *cp && i < 6) {
4235 cp2 = cp;
4236 while (*cp2 && *cp2 != '.')
4237 cp2++;
4238 if (*cp2)
4239 *cp2++ = '\0';
4240 else if (i != 5) {
4241 cantparse = 1;
4242 break;
4243 }
4244 j = nfsrv_getipnumber(cp);
4245 if (j >= 0) {
4246 if (i < 4)
4247 ip.cval[3 - i] = j;
4248 else
4249 port.cval[5 - i] = j;
4250 } else {
4251 cantparse = 1;
4252 break;
4253 }
4254 cp = cp2;
4255 i++;
4256 }
4257 if (!cantparse) {
4258 /*
4259 * The host address INADDR_ANY is (mis)used to indicate
4260 * "there is no valid callback address".
4261 */
4262 switch (af) {
4263 #ifdef INET6
4264 case AF_INET6:
4265 if (!IN6_ARE_ADDR_EQUAL(&rin6->sin6_addr,
4266 &in6addr_any))
4267 rin6->sin6_port = htons(port.sval);
4268 else
4269 cantparse = 1;
4270 break;
4271 #endif
4272 #ifdef INET
4273 case AF_INET:
4274 if (ip.ival != INADDR_ANY) {
4275 rin->sin_addr.s_addr = htonl(ip.ival);
4276 rin->sin_port = htons(port.sval);
4277 } else {
4278 cantparse = 1;
4279 }
4280 break;
4281 #endif
4282 }
4283 }
4284 } else {
4285 cantparse = 1;
4286 if (i > 0) {
4287 error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
4288 if (error)
4289 goto nfsmout;
4290 }
4291 }
4292 if (cantparse) {
4293 switch (nd->nd_nam->sa_family) {
4294 #ifdef INET
4295 case AF_INET:
4296 sin = (struct sockaddr_in *)nd->nd_nam;
4297 rin = (struct sockaddr_in *)clp->lc_req.nr_nam;
4298 rin->sin_family = AF_INET;
4299 rin->sin_len = sizeof(struct sockaddr_in);
4300 rin->sin_addr.s_addr = sin->sin_addr.s_addr;
4301 rin->sin_port = 0x0;
4302 break;
4303 #endif
4304 #ifdef INET6
4305 case AF_INET6:
4306 sin6 = (struct sockaddr_in6 *)nd->nd_nam;
4307 rin6 = (struct sockaddr_in6 *)clp->lc_req.nr_nam;
4308 rin6->sin6_family = AF_INET6;
4309 rin6->sin6_len = sizeof(struct sockaddr_in6);
4310 rin6->sin6_addr = sin6->sin6_addr;
4311 rin6->sin6_port = 0x0;
4312 break;
4313 #endif
4314 }
4315 clp->lc_program = 0;
4316 }
4317 nfsmout:
4318 free(addr, M_TEMP);
4319 NFSEXITCODE2(error, nd);
4320 return (error);
4321 }
4322
4323 /*
4324 * Turn a string of up to three decimal digits into a number. Return -1 upon
4325 * error.
4326 */
4327 static int
4328 nfsrv_getipnumber(u_char *cp)
4329 {
4330 int i = 0, j = 0;
4331
4332 while (*cp) {
4333 if (j > 2 || *cp < '' || *cp > '9')
4334 return (-1);
4335 i *= 10;
4336 i += (*cp - '');
4337 cp++;
4338 j++;
4339 }
4340 if (i < 256)
4341 return (i);
4342 return (-1);
4343 }
4344
4345 /*
4346 * This function checks for restart conditions.
4347 */
4348 static int
4349 nfsrv_checkrestart(nfsquad_t clientid, u_int32_t flags,
4350 nfsv4stateid_t *stateidp, int specialid)
4351 {
4352 int ret = 0;
4353
4354 /*
4355 * First check for a server restart. Open, LockT, ReleaseLockOwner
4356 * and DelegPurge have a clientid, the rest a stateid.
4357 */
4358 if (flags &
4359 (NFSLCK_OPEN | NFSLCK_TEST | NFSLCK_RELEASE | NFSLCK_DELEGPURGE)) {
4360 if (clientid.lval[0] != nfsrvboottime) {
4361 ret = NFSERR_STALECLIENTID;
4362 goto out;
4363 }
4364 } else if (stateidp->other[0] != nfsrvboottime &&
4365 specialid == 0) {
4366 ret = NFSERR_STALESTATEID;
4367 goto out;
4368 }
4369
4370 /*
4371 * Read, Write, Setattr and LockT can return NFSERR_GRACE and do
4372 * not use a lock/open owner seqid#, so the check can be done now.
4373 * (The others will be checked, as required, later.)
4374 */
4375 if (!(flags & (NFSLCK_CHECK | NFSLCK_TEST)))
4376 goto out;
4377
4378 NFSLOCKSTATE();
4379 ret = nfsrv_checkgrace(NULL, NULL, flags);
4380 NFSUNLOCKSTATE();
4381
4382 out:
4383 NFSEXITCODE(ret);
4384 return (ret);
4385 }
4386
4387 /*
4388 * Check for grace.
4389 */
4390 static int
4391 nfsrv_checkgrace(struct nfsrv_descript *nd, struct nfsclient *clp,
4392 u_int32_t flags)
4393 {
4394 int error = 0, notreclaimed;
4395 struct nfsrv_stable *sp;
4396
4397 if ((nfsrv_stablefirst.nsf_flags & (NFSNSF_UPDATEDONE |
4398 NFSNSF_GRACEOVER)) == 0) {
4399 /*
4400 * First, check to see if all of the clients have done a
4401 * ReclaimComplete. If so, grace can end now.
4402 */
4403 notreclaimed = 0;
4404 LIST_FOREACH(sp, &nfsrv_stablefirst.nsf_head, nst_list) {
4405 if ((sp->nst_flag & NFSNST_RECLAIMED) == 0) {
4406 notreclaimed = 1;
4407 break;
4408 }
4409 }
4410 if (notreclaimed == 0)
4411 nfsrv_stablefirst.nsf_flags |= (NFSNSF_GRACEOVER |
4412 NFSNSF_NEEDLOCK);
4413 }
4414
4415 if ((nfsrv_stablefirst.nsf_flags & NFSNSF_GRACEOVER) != 0) {
4416 if (flags & NFSLCK_RECLAIM) {
4417 error = NFSERR_NOGRACE;
4418 goto out;
4419 }
4420 } else {
4421 if (!(flags & NFSLCK_RECLAIM)) {
4422 error = NFSERR_GRACE;
4423 goto out;
4424 }
4425 if (nd != NULL && clp != NULL &&
4426 (nd->nd_flag & ND_NFSV41) != 0 &&
4427 (clp->lc_flags & LCL_RECLAIMCOMPLETE) != 0) {
4428 error = NFSERR_NOGRACE;
4429 goto out;
4430 }
4431
4432 /*
4433 * If grace is almost over and we are still getting Reclaims,
4434 * extend grace a bit.
4435 */
4436 if ((NFSD_MONOSEC + NFSRV_LEASEDELTA) >
4437 nfsrv_stablefirst.nsf_eograce)
4438 nfsrv_stablefirst.nsf_eograce = NFSD_MONOSEC +
4439 NFSRV_LEASEDELTA;
4440 }
4441
4442 out:
4443 NFSEXITCODE(error);
4444 return (error);
4445 }
4446
4447 /*
4448 * Do a server callback.
4449 * The "trunc" argument is slightly overloaded and refers to different
4450 * boolean arguments for CBRECALL and CBLAYOUTRECALL.
4451 */
4452 static int
4453 nfsrv_docallback(struct nfsclient *clp, int procnum, nfsv4stateid_t *stateidp,
4454 int trunc, fhandle_t *fhp, struct nfsvattr *nap, nfsattrbit_t *attrbitp,
4455 int laytype, NFSPROC_T *p)
4456 {
4457 struct mbuf *m;
4458 u_int32_t *tl;
4459 struct nfsrv_descript *nd;
4460 struct ucred *cred;
4461 int error = 0, slotpos;
4462 u_int32_t callback;
4463 struct nfsdsession *sep = NULL;
4464 uint64_t tval;
4465 bool dotls;
4466
4467 nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
4468 cred = newnfs_getcred();
4469 NFSLOCKSTATE(); /* mostly for lc_cbref++ */
4470 if (clp->lc_flags & LCL_NEEDSCONFIRM) {
4471 NFSUNLOCKSTATE();
4472 panic("docallb");
4473 }
4474 clp->lc_cbref++;
4475
4476 /*
4477 * Fill the callback program# and version into the request
4478 * structure for newnfs_connect() to use.
4479 */
4480 clp->lc_req.nr_prog = clp->lc_program;
4481 #ifdef notnow
4482 if ((clp->lc_flags & LCL_NFSV41) != 0)
4483 clp->lc_req.nr_vers = NFSV41_CBVERS;
4484 else
4485 #endif
4486 clp->lc_req.nr_vers = NFSV4_CBVERS;
4487
4488 /*
4489 * First, fill in some of the fields of nd and cr.
4490 */
4491 nd->nd_flag = ND_NFSV4;
4492 if (clp->lc_flags & LCL_GSS)
4493 nd->nd_flag |= ND_KERBV;
4494 if ((clp->lc_flags & LCL_NFSV41) != 0)
4495 nd->nd_flag |= ND_NFSV41;
4496 if ((clp->lc_flags & LCL_NFSV42) != 0)
4497 nd->nd_flag |= ND_NFSV42;
4498 nd->nd_repstat = 0;
4499 cred->cr_uid = clp->lc_uid;
4500 cred->cr_gid = clp->lc_gid;
4501 callback = clp->lc_callback;
4502 NFSUNLOCKSTATE();
4503 cred->cr_ngroups = 1;
4504
4505 /*
4506 * Get the first mbuf for the request.
4507 */
4508 MGET(m, M_WAITOK, MT_DATA);
4509 m->m_len = 0;
4510 nd->nd_mreq = nd->nd_mb = m;
4511 nd->nd_bpos = mtod(m, caddr_t);
4512
4513 /*
4514 * and build the callback request.
4515 */
4516 if (procnum == NFSV4OP_CBGETATTR) {
4517 nd->nd_procnum = NFSV4PROC_CBCOMPOUND;
4518 error = nfsrv_cbcallargs(nd, clp, callback, NFSV4OP_CBGETATTR,
4519 "CB Getattr", &sep, &slotpos);
4520 if (error != 0) {
4521 m_freem(nd->nd_mreq);
4522 goto errout;
4523 }
4524 (void)nfsm_fhtom(nd, (u_int8_t *)fhp, NFSX_MYFH, 0);
4525 (void)nfsrv_putattrbit(nd, attrbitp);
4526 } else if (procnum == NFSV4OP_CBRECALL) {
4527 nd->nd_procnum = NFSV4PROC_CBCOMPOUND;
4528 error = nfsrv_cbcallargs(nd, clp, callback, NFSV4OP_CBRECALL,
4529 "CB Recall", &sep, &slotpos);
4530 if (error != 0) {
4531 m_freem(nd->nd_mreq);
4532 goto errout;
4533 }
4534 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED + NFSX_STATEID);
4535 *tl++ = txdr_unsigned(stateidp->seqid);
4536 NFSBCOPY((caddr_t)stateidp->other, (caddr_t)tl,
4537 NFSX_STATEIDOTHER);
4538 tl += (NFSX_STATEIDOTHER / NFSX_UNSIGNED);
4539 if (trunc)
4540 *tl = newnfs_true;
4541 else
4542 *tl = newnfs_false;
4543 (void)nfsm_fhtom(nd, (u_int8_t *)fhp, NFSX_MYFH, 0);
4544 } else if (procnum == NFSV4OP_CBLAYOUTRECALL) {
4545 NFSD_DEBUG(4, "docallback layout recall\n");
4546 nd->nd_procnum = NFSV4PROC_CBCOMPOUND;
4547 error = nfsrv_cbcallargs(nd, clp, callback,
4548 NFSV4OP_CBLAYOUTRECALL, "CB Reclayout", &sep, &slotpos);
4549 NFSD_DEBUG(4, "aft cbcallargs=%d\n", error);
4550 if (error != 0) {
4551 m_freem(nd->nd_mreq);
4552 goto errout;
4553 }
4554 NFSM_BUILD(tl, u_int32_t *, 4 * NFSX_UNSIGNED);
4555 *tl++ = txdr_unsigned(laytype);
4556 *tl++ = txdr_unsigned(NFSLAYOUTIOMODE_ANY);
4557 if (trunc)
4558 *tl++ = newnfs_true;
4559 else
4560 *tl++ = newnfs_false;
4561 *tl = txdr_unsigned(NFSV4LAYOUTRET_FILE);
4562 nfsm_fhtom(nd, (uint8_t *)fhp, NFSX_MYFH, 0);
4563 NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_HYPER + NFSX_STATEID);
4564 tval = 0;
4565 txdr_hyper(tval, tl); tl += 2;
4566 tval = UINT64_MAX;
4567 txdr_hyper(tval, tl); tl += 2;
4568 *tl++ = txdr_unsigned(stateidp->seqid);
4569 NFSBCOPY(stateidp->other, tl, NFSX_STATEIDOTHER);
4570 tl += (NFSX_STATEIDOTHER / NFSX_UNSIGNED);
4571 NFSD_DEBUG(4, "aft args\n");
4572 } else if (procnum == NFSV4PROC_CBNULL) {
4573 nd->nd_procnum = NFSV4PROC_CBNULL;
4574 if ((clp->lc_flags & LCL_NFSV41) != 0) {
4575 error = nfsv4_getcbsession(clp, &sep);
4576 if (error != 0) {
4577 m_freem(nd->nd_mreq);
4578 goto errout;
4579 }
4580 }
4581 } else {
4582 error = NFSERR_SERVERFAULT;
4583 m_freem(nd->nd_mreq);
4584 goto errout;
4585 }
4586
4587 /*
4588 * Call newnfs_connect(), as required, and then newnfs_request().
4589 */
4590 dotls = false;
4591 if ((clp->lc_flags & LCL_TLSCB) != 0)
4592 dotls = true;
4593 (void) newnfs_sndlock(&clp->lc_req.nr_lock);
4594 if (clp->lc_req.nr_client == NULL) {
4595 if ((clp->lc_flags & LCL_NFSV41) != 0) {
4596 error = ECONNREFUSED;
4597 if (procnum != NFSV4PROC_CBNULL)
4598 nfsv4_freeslot(&sep->sess_cbsess, slotpos,
4599 true);
4600 nfsrv_freesession(sep, NULL);
4601 } else if (nd->nd_procnum == NFSV4PROC_CBNULL)
4602 error = newnfs_connect(NULL, &clp->lc_req, cred,
4603 NULL, 1, dotls, &clp->lc_req.nr_client);
4604 else
4605 error = newnfs_connect(NULL, &clp->lc_req, cred,
4606 NULL, 3, dotls, &clp->lc_req.nr_client);
4607 }
4608 newnfs_sndunlock(&clp->lc_req.nr_lock);
4609 NFSD_DEBUG(4, "aft sndunlock=%d\n", error);
4610 if (!error) {
4611 if ((nd->nd_flag & ND_NFSV41) != 0) {
4612 KASSERT(sep != NULL, ("sep NULL"));
4613 if (sep->sess_cbsess.nfsess_xprt != NULL)
4614 error = newnfs_request(nd, NULL, clp,
4615 &clp->lc_req, NULL, NULL, cred,
4616 clp->lc_program, clp->lc_req.nr_vers, NULL,
4617 1, NULL, &sep->sess_cbsess);
4618 else {
4619 /*
4620 * This should probably never occur, but if a
4621 * client somehow does an RPC without a
4622 * SequenceID Op that causes a callback just
4623 * after the nfsd threads have been terminated
4624 * and restared we could conceivably get here
4625 * without a backchannel xprt.
4626 */
4627 printf("nfsrv_docallback: no xprt\n");
4628 error = ECONNREFUSED;
4629 }
4630 NFSD_DEBUG(4, "aft newnfs_request=%d\n", error);
4631 if (error != 0 && procnum != NFSV4PROC_CBNULL) {
4632 /*
4633 * It is likely that the callback was never
4634 * processed by the client and, as such,
4635 * the sequence# for the session slot needs
4636 * to be backed up by one to avoid a
4637 * NFSERR_SEQMISORDERED error reply.
4638 * For the unlikely case where the callback
4639 * was processed by the client, this will
4640 * make the next callback on the slot
4641 * appear to be a retry.
4642 * Since callbacks never specify that the
4643 * reply be cached, this "apparent retry"
4644 * should not be a problem.
4645 */
4646 nfsv4_freeslot(&sep->sess_cbsess, slotpos,
4647 true);
4648 }
4649 nfsrv_freesession(sep, NULL);
4650 } else
4651 error = newnfs_request(nd, NULL, clp, &clp->lc_req,
4652 NULL, NULL, cred, clp->lc_program,
4653 clp->lc_req.nr_vers, NULL, 1, NULL, NULL);
4654 }
4655 errout:
4656 NFSFREECRED(cred);
4657
4658 /*
4659 * If error is set here, the Callback path isn't working
4660 * properly, so twiddle the appropriate LCL_ flags.
4661 * (nd_repstat != 0 indicates the Callback path is working,
4662 * but the callback failed on the client.)
4663 */
4664 if (error) {
4665 /*
4666 * Mark the callback pathway down, which disabled issuing
4667 * of delegations and gets Renew to return NFSERR_CBPATHDOWN.
4668 */
4669 NFSLOCKSTATE();
4670 clp->lc_flags |= LCL_CBDOWN;
4671 NFSUNLOCKSTATE();
4672 } else {
4673 /*
4674 * Callback worked. If the callback path was down, disable
4675 * callbacks, so no more delegations will be issued. (This
4676 * is done on the assumption that the callback pathway is
4677 * flakey.)
4678 */
4679 NFSLOCKSTATE();
4680 if (clp->lc_flags & LCL_CBDOWN)
4681 clp->lc_flags &= ~(LCL_CBDOWN | LCL_CALLBACKSON);
4682 NFSUNLOCKSTATE();
4683 if (nd->nd_repstat) {
4684 error = nd->nd_repstat;
4685 NFSD_DEBUG(1, "nfsrv_docallback op=%d err=%d\n",
4686 procnum, error);
4687 } else if (error == 0 && procnum == NFSV4OP_CBGETATTR)
4688 error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0,
4689 NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL,
4690 p, NULL);
4691 m_freem(nd->nd_mrep);
4692 }
4693 NFSLOCKSTATE();
4694 clp->lc_cbref--;
4695 if ((clp->lc_flags & LCL_WAKEUPWANTED) && clp->lc_cbref == 0) {
4696 clp->lc_flags &= ~LCL_WAKEUPWANTED;
4697 wakeup(clp);
4698 }
4699 NFSUNLOCKSTATE();
4700
4701 free(nd, M_TEMP);
4702 NFSEXITCODE(error);
4703 return (error);
4704 }
4705
4706 /*
4707 * Set up the compound RPC for the callback.
4708 */
4709 static int
4710 nfsrv_cbcallargs(struct nfsrv_descript *nd, struct nfsclient *clp,
4711 uint32_t callback, int op, const char *optag, struct nfsdsession **sepp,
4712 int *slotposp)
4713 {
4714 uint32_t *tl;
4715 int error, len;
4716
4717 len = strlen(optag);
4718 (void)nfsm_strtom(nd, optag, len);
4719 NFSM_BUILD(tl, uint32_t *, 4 * NFSX_UNSIGNED);
4720 if ((nd->nd_flag & ND_NFSV41) != 0) {
4721 if ((nd->nd_flag & ND_NFSV42) != 0)
4722 *tl++ = txdr_unsigned(NFSV42_MINORVERSION);
4723 else
4724 *tl++ = txdr_unsigned(NFSV41_MINORVERSION);
4725 *tl++ = txdr_unsigned(callback);
4726 *tl++ = txdr_unsigned(2);
4727 *tl = txdr_unsigned(NFSV4OP_CBSEQUENCE);
4728 error = nfsv4_setcbsequence(nd, clp, 1, sepp, slotposp);
4729 if (error != 0)
4730 return (error);
4731 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
4732 *tl = txdr_unsigned(op);
4733 } else {
4734 *tl++ = txdr_unsigned(NFSV4_MINORVERSION);
4735 *tl++ = txdr_unsigned(callback);
4736 *tl++ = txdr_unsigned(1);
4737 *tl = txdr_unsigned(op);
4738 }
4739 return (0);
4740 }
4741
4742 /*
4743 * Return the next index# for a clientid. Mostly just increment and return
4744 * the next one, but... if the 32bit unsigned does actually wrap around,
4745 * it should be rebooted.
4746 * At an average rate of one new client per second, it will wrap around in
4747 * approximately 136 years. (I think the server will have been shut
4748 * down or rebooted before then.)
4749 */
4750 static u_int32_t
4751 nfsrv_nextclientindex(void)
4752 {
4753 static u_int32_t client_index = 0;
4754
4755 client_index++;
4756 if (client_index != 0)
4757 return (client_index);
4758
4759 printf("%s: out of clientids\n", __func__);
4760 return (client_index);
4761 }
4762
4763 /*
4764 * Return the next index# for a stateid. Mostly just increment and return
4765 * the next one, but... if the 32bit unsigned does actually wrap around
4766 * (will a BSD server stay up that long?), find
4767 * new start and end values.
4768 */
4769 static u_int32_t
4770 nfsrv_nextstateindex(struct nfsclient *clp)
4771 {
4772 struct nfsstate *stp;
4773 int i;
4774 u_int32_t canuse, min_index, max_index;
4775
4776 if (!(clp->lc_flags & LCL_INDEXNOTOK)) {
4777 clp->lc_stateindex++;
4778 if (clp->lc_stateindex != clp->lc_statemaxindex)
4779 return (clp->lc_stateindex);
4780 }
4781
4782 /*
4783 * Yuck, we've hit the end.
4784 * Look for a new min and max.
4785 */
4786 min_index = 0;
4787 max_index = 0xffffffff;
4788 for (i = 0; i < nfsrv_statehashsize; i++) {
4789 LIST_FOREACH(stp, &clp->lc_stateid[i], ls_hash) {
4790 if (stp->ls_stateid.other[2] > 0x80000000) {
4791 if (stp->ls_stateid.other[2] < max_index)
4792 max_index = stp->ls_stateid.other[2];
4793 } else {
4794 if (stp->ls_stateid.other[2] > min_index)
4795 min_index = stp->ls_stateid.other[2];
4796 }
4797 }
4798 }
4799
4800 /*
4801 * Yikes, highly unlikely, but I'll handle it anyhow.
4802 */
4803 if (min_index == 0x80000000 && max_index == 0x80000001) {
4804 canuse = 0;
4805 /*
4806 * Loop around until we find an unused entry. Return that
4807 * and set LCL_INDEXNOTOK, so the search will continue next time.
4808 * (This is one of those rare cases where a goto is the
4809 * cleanest way to code the loop.)
4810 */
4811 tryagain:
4812 for (i = 0; i < nfsrv_statehashsize; i++) {
4813 LIST_FOREACH(stp, &clp->lc_stateid[i], ls_hash) {
4814 if (stp->ls_stateid.other[2] == canuse) {
4815 canuse++;
4816 goto tryagain;
4817 }
4818 }
4819 }
4820 clp->lc_flags |= LCL_INDEXNOTOK;
4821 return (canuse);
4822 }
4823
4824 /*
4825 * Ok to start again from min + 1.
4826 */
4827 clp->lc_stateindex = min_index + 1;
4828 clp->lc_statemaxindex = max_index;
4829 clp->lc_flags &= ~LCL_INDEXNOTOK;
4830 return (clp->lc_stateindex);
4831 }
4832
4833 /*
4834 * The following functions handle the stable storage file that deals with
4835 * the edge conditions described in RFC3530 Sec. 8.6.3.
4836 * The file is as follows:
4837 * - a single record at the beginning that has the lease time of the
4838 * previous server instance (before the last reboot) and the nfsrvboottime
4839 * values for the previous server boots.
4840 * These previous boot times are used to ensure that the current
4841 * nfsrvboottime does not, somehow, get set to a previous one.
4842 * (This is important so that Stale ClientIDs and StateIDs can
4843 * be recognized.)
4844 * The number of previous nfsvrboottime values precedes the list.
4845 * - followed by some number of appended records with:
4846 * - client id string
4847 * - flag that indicates it is a record revoking state via lease
4848 * expiration or similar
4849 * OR has successfully acquired state.
4850 * These structures vary in length, with the client string at the end, up
4851 * to NFSV4_OPAQUELIMIT in size.
4852 *
4853 * At the end of the grace period, the file is truncated, the first
4854 * record is rewritten with updated information and any acquired state
4855 * records for successful reclaims of state are written.
4856 *
4857 * Subsequent records are appended when the first state is issued to
4858 * a client and when state is revoked for a client.
4859 *
4860 * When reading the file in, state issued records that come later in
4861 * the file override older ones, since the append log is in cronological order.
4862 * If, for some reason, the file can't be read, the grace period is
4863 * immediately terminated and all reclaims get NFSERR_NOGRACE.
4864 */
4865
4866 /*
4867 * Read in the stable storage file. Called by nfssvc() before the nfsd
4868 * processes start servicing requests.
4869 */
4870 void
4871 nfsrv_setupstable(NFSPROC_T *p)
4872 {
4873 struct nfsrv_stablefirst *sf = &nfsrv_stablefirst;
4874 struct nfsrv_stable *sp, *nsp;
4875 struct nfst_rec *tsp;
4876 int error, i, tryagain;
4877 off_t off = 0;
4878 ssize_t aresid, len;
4879
4880 /*
4881 * If NFSNSF_UPDATEDONE is set, this is a restart of the nfsds without
4882 * a reboot, so state has not been lost.
4883 */
4884 if (sf->nsf_flags & NFSNSF_UPDATEDONE)
4885 return;
4886 /*
4887 * Set Grace over just until the file reads successfully.
4888 */
4889 nfsrvboottime = time_second;
4890 LIST_INIT(&sf->nsf_head);
4891 sf->nsf_flags = (NFSNSF_GRACEOVER | NFSNSF_NEEDLOCK);
4892 sf->nsf_eograce = NFSD_MONOSEC + NFSRV_LEASEDELTA;
4893 if (sf->nsf_fp == NULL)
4894 return;
4895 error = NFSD_RDWR(UIO_READ, NFSFPVNODE(sf->nsf_fp),
4896 (caddr_t)&sf->nsf_rec, sizeof (struct nfsf_rec), off, UIO_SYSSPACE,
4897 0, NFSFPCRED(sf->nsf_fp), &aresid, p);
4898 if (error || aresid || sf->nsf_numboots == 0 ||
4899 sf->nsf_numboots > NFSNSF_MAXNUMBOOTS)
4900 return;
4901
4902 /*
4903 * Now, read in the boottimes.
4904 */
4905 sf->nsf_bootvals = (time_t *)malloc((sf->nsf_numboots + 1) *
4906 sizeof (time_t), M_TEMP, M_WAITOK);
4907 off = sizeof (struct nfsf_rec);
4908 error = NFSD_RDWR(UIO_READ, NFSFPVNODE(sf->nsf_fp),
4909 (caddr_t)sf->nsf_bootvals, sf->nsf_numboots * sizeof (time_t), off,
4910 UIO_SYSSPACE, 0, NFSFPCRED(sf->nsf_fp), &aresid, p);
4911 if (error || aresid) {
4912 free(sf->nsf_bootvals, M_TEMP);
4913 sf->nsf_bootvals = NULL;
4914 return;
4915 }
4916
4917 /*
4918 * Make sure this nfsrvboottime is different from all recorded
4919 * previous ones.
4920 */
4921 do {
4922 tryagain = 0;
4923 for (i = 0; i < sf->nsf_numboots; i++) {
4924 if (nfsrvboottime == sf->nsf_bootvals[i]) {
4925 nfsrvboottime++;
4926 tryagain = 1;
4927 break;
4928 }
4929 }
4930 } while (tryagain);
4931
4932 sf->nsf_flags |= NFSNSF_OK;
4933 off += (sf->nsf_numboots * sizeof (time_t));
4934
4935 /*
4936 * Read through the file, building a list of records for grace
4937 * checking.
4938 * Each record is between sizeof (struct nfst_rec) and
4939 * sizeof (struct nfst_rec) + NFSV4_OPAQUELIMIT - 1
4940 * and is actually sizeof (struct nfst_rec) + nst_len - 1.
4941 */
4942 tsp = (struct nfst_rec *)malloc(sizeof (struct nfst_rec) +
4943 NFSV4_OPAQUELIMIT - 1, M_TEMP, M_WAITOK);
4944 do {
4945 error = NFSD_RDWR(UIO_READ, NFSFPVNODE(sf->nsf_fp),
4946 (caddr_t)tsp, sizeof (struct nfst_rec) + NFSV4_OPAQUELIMIT - 1,
4947 off, UIO_SYSSPACE, 0, NFSFPCRED(sf->nsf_fp), &aresid, p);
4948 len = (sizeof (struct nfst_rec) + NFSV4_OPAQUELIMIT - 1) - aresid;
4949 if (error || (len > 0 && (len < sizeof (struct nfst_rec) ||
4950 len < (sizeof (struct nfst_rec) + tsp->len - 1)))) {
4951 /*
4952 * Yuck, the file has been corrupted, so just return
4953 * after clearing out any restart state, so the grace period
4954 * is over.
4955 */
4956 LIST_FOREACH_SAFE(sp, &sf->nsf_head, nst_list, nsp) {
4957 LIST_REMOVE(sp, nst_list);
4958 free(sp, M_TEMP);
4959 }
4960 free(tsp, M_TEMP);
4961 sf->nsf_flags &= ~NFSNSF_OK;
4962 free(sf->nsf_bootvals, M_TEMP);
4963 sf->nsf_bootvals = NULL;
4964 return;
4965 }
4966 if (len > 0) {
4967 off += sizeof (struct nfst_rec) + tsp->len - 1;
4968 /*
4969 * Search the list for a matching client.
4970 */
4971 LIST_FOREACH(sp, &sf->nsf_head, nst_list) {
4972 if (tsp->len == sp->nst_len &&
4973 !NFSBCMP(tsp->client, sp->nst_client, tsp->len))
4974 break;
4975 }
4976 if (sp == LIST_END(&sf->nsf_head)) {
4977 sp = (struct nfsrv_stable *)malloc(tsp->len +
4978 sizeof (struct nfsrv_stable) - 1, M_TEMP,
4979 M_WAITOK);
4980 NFSBCOPY((caddr_t)tsp, (caddr_t)&sp->nst_rec,
4981 sizeof (struct nfst_rec) + tsp->len - 1);
4982 LIST_INSERT_HEAD(&sf->nsf_head, sp, nst_list);
4983 } else {
4984 if (tsp->flag == NFSNST_REVOKE)
4985 sp->nst_flag |= NFSNST_REVOKE;
4986 else
4987 /*
4988 * A subsequent timestamp indicates the client
4989 * did a setclientid/confirm and any previous
4990 * revoke is no longer relevant.
4991 */
4992 sp->nst_flag &= ~NFSNST_REVOKE;
4993 }
4994 }
4995 } while (len > 0);
4996 free(tsp, M_TEMP);
4997 sf->nsf_flags = NFSNSF_OK;
4998 sf->nsf_eograce = NFSD_MONOSEC + sf->nsf_lease +
4999 NFSRV_LEASEDELTA;
5000 }
5001
5002 /*
5003 * Update the stable storage file, now that the grace period is over.
5004 */
5005 void
5006 nfsrv_updatestable(NFSPROC_T *p)
5007 {
5008 struct nfsrv_stablefirst *sf = &nfsrv_stablefirst;
5009 struct nfsrv_stable *sp, *nsp;
5010 int i;
5011 struct nfsvattr nva;
5012 vnode_t vp;
5013 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 500000)
5014 mount_t mp = NULL;
5015 #endif
5016 int error;
5017
5018 if (sf->nsf_fp == NULL || (sf->nsf_flags & NFSNSF_UPDATEDONE))
5019 return;
5020 sf->nsf_flags |= NFSNSF_UPDATEDONE;
5021 /*
5022 * Ok, we need to rewrite the stable storage file.
5023 * - truncate to 0 length
5024 * - write the new first structure
5025 * - loop through the data structures, writing out any that
5026 * have timestamps older than the old boot
5027 */
5028 if (sf->nsf_bootvals) {
5029 sf->nsf_numboots++;
5030 for (i = sf->nsf_numboots - 2; i >= 0; i--)
5031 sf->nsf_bootvals[i + 1] = sf->nsf_bootvals[i];
5032 } else {
5033 sf->nsf_numboots = 1;
5034 sf->nsf_bootvals = (time_t *)malloc(sizeof (time_t),
5035 M_TEMP, M_WAITOK);
5036 }
5037 sf->nsf_bootvals[0] = nfsrvboottime;
5038 sf->nsf_lease = nfsrv_lease;
5039 NFSVNO_ATTRINIT(&nva);
5040 NFSVNO_SETATTRVAL(&nva, size, 0);
5041 vp = NFSFPVNODE(sf->nsf_fp);
5042 vn_start_write(vp, &mp, V_WAIT);
5043 if (NFSVOPLOCK(vp, LK_EXCLUSIVE) == 0) {
5044 error = nfsvno_setattr(vp, &nva, NFSFPCRED(sf->nsf_fp), p,
5045 NULL);
5046 NFSVOPUNLOCK(vp);
5047 } else
5048 error = EPERM;
5049 vn_finished_write(mp);
5050 if (!error)
5051 error = NFSD_RDWR(UIO_WRITE, vp,
5052 (caddr_t)&sf->nsf_rec, sizeof (struct nfsf_rec), (off_t)0,
5053 UIO_SYSSPACE, IO_SYNC, NFSFPCRED(sf->nsf_fp), NULL, p);
5054 if (!error)
5055 error = NFSD_RDWR(UIO_WRITE, vp,
5056 (caddr_t)sf->nsf_bootvals,
5057 sf->nsf_numboots * sizeof (time_t),
5058 (off_t)(sizeof (struct nfsf_rec)),
5059 UIO_SYSSPACE, IO_SYNC, NFSFPCRED(sf->nsf_fp), NULL, p);
5060 free(sf->nsf_bootvals, M_TEMP);
5061 sf->nsf_bootvals = NULL;
5062 if (error) {
5063 sf->nsf_flags &= ~NFSNSF_OK;
5064 printf("EEK! Can't write NfsV4 stable storage file\n");
5065 return;
5066 }
5067 sf->nsf_flags |= NFSNSF_OK;
5068
5069 /*
5070 * Loop through the list and write out timestamp records for
5071 * any clients that successfully reclaimed state.
5072 */
5073 LIST_FOREACH_SAFE(sp, &sf->nsf_head, nst_list, nsp) {
5074 if (sp->nst_flag & NFSNST_GOTSTATE) {
5075 nfsrv_writestable(sp->nst_client, sp->nst_len,
5076 NFSNST_NEWSTATE, p);
5077 sp->nst_clp->lc_flags |= LCL_STAMPEDSTABLE;
5078 }
5079 LIST_REMOVE(sp, nst_list);
5080 free(sp, M_TEMP);
5081 }
5082 nfsrv_backupstable();
5083 }
5084
5085 /*
5086 * Append a record to the stable storage file.
5087 */
5088 void
5089 nfsrv_writestable(u_char *client, int len, int flag, NFSPROC_T *p)
5090 {
5091 struct nfsrv_stablefirst *sf = &nfsrv_stablefirst;
5092 struct nfst_rec *sp;
5093 int error;
5094
5095 if (!(sf->nsf_flags & NFSNSF_OK) || sf->nsf_fp == NULL)
5096 return;
5097 sp = (struct nfst_rec *)malloc(sizeof (struct nfst_rec) +
5098 len - 1, M_TEMP, M_WAITOK);
5099 sp->len = len;
5100 NFSBCOPY(client, sp->client, len);
5101 sp->flag = flag;
5102 error = NFSD_RDWR(UIO_WRITE, NFSFPVNODE(sf->nsf_fp),
5103 (caddr_t)sp, sizeof (struct nfst_rec) + len - 1, (off_t)0,
5104 UIO_SYSSPACE, (IO_SYNC | IO_APPEND), NFSFPCRED(sf->nsf_fp), NULL, p);
5105 free(sp, M_TEMP);
5106 if (error) {
5107 sf->nsf_flags &= ~NFSNSF_OK;
5108 printf("EEK! Can't write NfsV4 stable storage file\n");
5109 }
5110 }
5111
5112 /*
5113 * This function is called during the grace period to mark a client
5114 * that successfully reclaimed state.
5115 */
5116 static void
5117 nfsrv_markstable(struct nfsclient *clp)
5118 {
5119 struct nfsrv_stable *sp;
5120
5121 /*
5122 * First find the client structure.
5123 */
5124 LIST_FOREACH(sp, &nfsrv_stablefirst.nsf_head, nst_list) {
5125 if (sp->nst_len == clp->lc_idlen &&
5126 !NFSBCMP(sp->nst_client, clp->lc_id, sp->nst_len))
5127 break;
5128 }
5129 if (sp == LIST_END(&nfsrv_stablefirst.nsf_head))
5130 return;
5131
5132 /*
5133 * Now, just mark it and set the nfsclient back pointer.
5134 */
5135 sp->nst_flag |= NFSNST_GOTSTATE;
5136 sp->nst_clp = clp;
5137 }
5138
5139 /*
5140 * This function is called when a NFSv4.1 client does a ReclaimComplete.
5141 * Very similar to nfsrv_markstable(), except for the flag being set.
5142 */
5143 static void
5144 nfsrv_markreclaim(struct nfsclient *clp)
5145 {
5146 struct nfsrv_stable *sp;
5147
5148 /*
5149 * First find the client structure.
5150 */
5151 LIST_FOREACH(sp, &nfsrv_stablefirst.nsf_head, nst_list) {
5152 if (sp->nst_len == clp->lc_idlen &&
5153 !NFSBCMP(sp->nst_client, clp->lc_id, sp->nst_len))
5154 break;
5155 }
5156 if (sp == LIST_END(&nfsrv_stablefirst.nsf_head))
5157 return;
5158
5159 /*
5160 * Now, just set the flag.
5161 */
5162 sp->nst_flag |= NFSNST_RECLAIMED;
5163 }
5164
5165 /*
5166 * This function is called for a reclaim, to see if it gets grace.
5167 * It returns 0 if a reclaim is allowed, 1 otherwise.
5168 */
5169 static int
5170 nfsrv_checkstable(struct nfsclient *clp)
5171 {
5172 struct nfsrv_stable *sp;
5173
5174 /*
5175 * First, find the entry for the client.
5176 */
5177 LIST_FOREACH(sp, &nfsrv_stablefirst.nsf_head, nst_list) {
5178 if (sp->nst_len == clp->lc_idlen &&
5179 !NFSBCMP(sp->nst_client, clp->lc_id, sp->nst_len))
5180 break;
5181 }
5182
5183 /*
5184 * If not in the list, state was revoked or no state was issued
5185 * since the previous reboot, a reclaim is denied.
5186 */
5187 if (sp == LIST_END(&nfsrv_stablefirst.nsf_head) ||
5188 (sp->nst_flag & NFSNST_REVOKE) ||
5189 !(nfsrv_stablefirst.nsf_flags & NFSNSF_OK))
5190 return (1);
5191 return (0);
5192 }
5193
5194 /*
5195 * Test for and try to clear out a conflicting client. This is called by
5196 * nfsrv_lockctrl() and nfsrv_openctrl() when conflicts with other clients
5197 * a found.
5198 * The trick here is that it can't revoke a conflicting client with an
5199 * expired lease unless it holds the v4root lock, so...
5200 * If no v4root lock, get the lock and return 1 to indicate "try again".
5201 * Return 0 to indicate the conflict can't be revoked and 1 to indicate
5202 * the revocation worked and the conflicting client is "bye, bye", so it
5203 * can be tried again.
5204 * Return 2 to indicate that the vnode is VIRF_DOOMED after NFSVOPLOCK().
5205 * Unlocks State before a non-zero value is returned.
5206 */
5207 static int
5208 nfsrv_clientconflict(struct nfsclient *clp, int *haslockp, vnode_t vp,
5209 NFSPROC_T *p)
5210 {
5211 int gotlock, lktype = 0;
5212
5213 /*
5214 * If lease hasn't expired, we can't fix it.
5215 */
5216 if (clp->lc_expiry >= NFSD_MONOSEC ||
5217 !(nfsrv_stablefirst.nsf_flags & NFSNSF_UPDATEDONE))
5218 return (0);
5219 if (*haslockp == 0) {
5220 NFSUNLOCKSTATE();
5221 if (vp != NULL) {
5222 lktype = NFSVOPISLOCKED(vp);
5223 NFSVOPUNLOCK(vp);
5224 }
5225 NFSLOCKV4ROOTMUTEX();
5226 nfsv4_relref(&nfsv4rootfs_lock);
5227 do {
5228 gotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
5229 NFSV4ROOTLOCKMUTEXPTR, NULL);
5230 } while (!gotlock);
5231 NFSUNLOCKV4ROOTMUTEX();
5232 *haslockp = 1;
5233 if (vp != NULL) {
5234 NFSVOPLOCK(vp, lktype | LK_RETRY);
5235 if (VN_IS_DOOMED(vp))
5236 return (2);
5237 }
5238 return (1);
5239 }
5240 NFSUNLOCKSTATE();
5241
5242 /*
5243 * Ok, we can expire the conflicting client.
5244 */
5245 nfsrv_writestable(clp->lc_id, clp->lc_idlen, NFSNST_REVOKE, p);
5246 nfsrv_backupstable();
5247 nfsrv_cleanclient(clp, p);
5248 nfsrv_freedeleglist(&clp->lc_deleg);
5249 nfsrv_freedeleglist(&clp->lc_olddeleg);
5250 LIST_REMOVE(clp, lc_hash);
5251 nfsrv_zapclient(clp, p);
5252 return (1);
5253 }
5254
5255 /*
5256 * Resolve a delegation conflict.
5257 * Returns 0 to indicate the conflict was resolved without sleeping.
5258 * Return -1 to indicate that the caller should check for conflicts again.
5259 * Return > 0 for an error that should be returned, normally NFSERR_DELAY.
5260 *
5261 * Also, manipulate the nfsv4root_lock, as required. It isn't changed
5262 * for a return of 0, since there was no sleep and it could be required
5263 * later. It is released for a return of NFSERR_DELAY, since the caller
5264 * will return that error. It is released when a sleep was done waiting
5265 * for the delegation to be returned or expire (so that other nfsds can
5266 * handle ops). Then, it must be acquired for the write to stable storage.
5267 * (This function is somewhat similar to nfsrv_clientconflict(), but
5268 * the semantics differ in a couple of subtle ways. The return of 0
5269 * indicates the conflict was resolved without sleeping here, not
5270 * that the conflict can't be resolved and the handling of nfsv4root_lock
5271 * differs, as noted above.)
5272 * Unlocks State before returning a non-zero value.
5273 */
5274 static int
5275 nfsrv_delegconflict(struct nfsstate *stp, int *haslockp, NFSPROC_T *p,
5276 vnode_t vp)
5277 {
5278 struct nfsclient *clp = stp->ls_clp;
5279 int gotlock, error, lktype = 0, retrycnt, zapped_clp;
5280 nfsv4stateid_t tstateid;
5281 fhandle_t tfh;
5282
5283 /*
5284 * If the conflict is with an old delegation...
5285 */
5286 if (stp->ls_flags & NFSLCK_OLDDELEG) {
5287 /*
5288 * You can delete it, if it has expired.
5289 */
5290 if (clp->lc_delegtime < NFSD_MONOSEC) {
5291 nfsrv_freedeleg(stp);
5292 NFSUNLOCKSTATE();
5293 error = -1;
5294 goto out;
5295 }
5296 NFSUNLOCKSTATE();
5297 /*
5298 * During this delay, the old delegation could expire or it
5299 * could be recovered by the client via an Open with
5300 * CLAIM_DELEGATE_PREV.
5301 * Release the nfsv4root_lock, if held.
5302 */
5303 if (*haslockp) {
5304 *haslockp = 0;
5305 NFSLOCKV4ROOTMUTEX();
5306 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5307 NFSUNLOCKV4ROOTMUTEX();
5308 }
5309 error = NFSERR_DELAY;
5310 goto out;
5311 }
5312
5313 /*
5314 * It's a current delegation, so:
5315 * - check to see if the delegation has expired
5316 * - if so, get the v4root lock and then expire it
5317 */
5318 if ((stp->ls_flags & NFSLCK_DELEGRECALL) == 0 || (stp->ls_lastrecall <
5319 NFSD_MONOSEC && clp->lc_expiry >= NFSD_MONOSEC &&
5320 stp->ls_delegtime >= NFSD_MONOSEC)) {
5321 /*
5322 * - do a recall callback, since not yet done
5323 * For now, never allow truncate to be set. To use
5324 * truncate safely, it must be guaranteed that the
5325 * Remove, Rename or Setattr with size of 0 will
5326 * succeed and that would require major changes to
5327 * the VFS/Vnode OPs.
5328 * Set the expiry time large enough so that it won't expire
5329 * until after the callback, then set it correctly, once
5330 * the callback is done. (The delegation will now time
5331 * out whether or not the Recall worked ok. The timeout
5332 * will be extended when ops are done on the delegation
5333 * stateid, up to the timelimit.)
5334 */
5335 if ((stp->ls_flags & NFSLCK_DELEGRECALL) == 0) {
5336 stp->ls_delegtime = NFSD_MONOSEC + (2 * nfsrv_lease) +
5337 NFSRV_LEASEDELTA;
5338 stp->ls_delegtimelimit = NFSD_MONOSEC + (6 *
5339 nfsrv_lease) + NFSRV_LEASEDELTA;
5340 stp->ls_flags |= NFSLCK_DELEGRECALL;
5341 }
5342 stp->ls_lastrecall = time_uptime + 1;
5343
5344 /*
5345 * Loop NFSRV_CBRETRYCNT times while the CBRecall replies
5346 * NFSERR_BADSTATEID or NFSERR_BADHANDLE. This is done
5347 * in order to try and avoid a race that could happen
5348 * when a CBRecall request passed the Open reply with
5349 * the delegation in it when transitting the network.
5350 * Since nfsrv_docallback will sleep, don't use stp after
5351 * the call.
5352 */
5353 NFSBCOPY((caddr_t)&stp->ls_stateid, (caddr_t)&tstateid,
5354 sizeof (tstateid));
5355 NFSBCOPY((caddr_t)&stp->ls_lfp->lf_fh, (caddr_t)&tfh,
5356 sizeof (tfh));
5357 NFSUNLOCKSTATE();
5358 if (*haslockp) {
5359 *haslockp = 0;
5360 NFSLOCKV4ROOTMUTEX();
5361 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5362 NFSUNLOCKV4ROOTMUTEX();
5363 }
5364 retrycnt = 0;
5365 do {
5366 error = nfsrv_docallback(clp, NFSV4OP_CBRECALL,
5367 &tstateid, 0, &tfh, NULL, NULL, 0, p);
5368 retrycnt++;
5369 } while ((error == NFSERR_BADSTATEID ||
5370 error == NFSERR_BADHANDLE) && retrycnt < NFSV4_CBRETRYCNT);
5371 error = NFSERR_DELAY;
5372 goto out;
5373 }
5374
5375 if (clp->lc_expiry >= NFSD_MONOSEC &&
5376 stp->ls_delegtime >= NFSD_MONOSEC) {
5377 NFSUNLOCKSTATE();
5378 /*
5379 * A recall has been done, but it has not yet expired.
5380 * So, RETURN_DELAY.
5381 */
5382 if (*haslockp) {
5383 *haslockp = 0;
5384 NFSLOCKV4ROOTMUTEX();
5385 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5386 NFSUNLOCKV4ROOTMUTEX();
5387 }
5388 error = NFSERR_DELAY;
5389 goto out;
5390 }
5391
5392 /*
5393 * If we don't yet have the lock, just get it and then return,
5394 * since we need that before deleting expired state, such as
5395 * this delegation.
5396 * When getting the lock, unlock the vnode, so other nfsds that
5397 * are in progress, won't get stuck waiting for the vnode lock.
5398 */
5399 if (*haslockp == 0) {
5400 NFSUNLOCKSTATE();
5401 if (vp != NULL) {
5402 lktype = NFSVOPISLOCKED(vp);
5403 NFSVOPUNLOCK(vp);
5404 }
5405 NFSLOCKV4ROOTMUTEX();
5406 nfsv4_relref(&nfsv4rootfs_lock);
5407 do {
5408 gotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
5409 NFSV4ROOTLOCKMUTEXPTR, NULL);
5410 } while (!gotlock);
5411 NFSUNLOCKV4ROOTMUTEX();
5412 *haslockp = 1;
5413 if (vp != NULL) {
5414 NFSVOPLOCK(vp, lktype | LK_RETRY);
5415 if (VN_IS_DOOMED(vp)) {
5416 *haslockp = 0;
5417 NFSLOCKV4ROOTMUTEX();
5418 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5419 NFSUNLOCKV4ROOTMUTEX();
5420 error = NFSERR_PERM;
5421 goto out;
5422 }
5423 }
5424 error = -1;
5425 goto out;
5426 }
5427
5428 NFSUNLOCKSTATE();
5429 /*
5430 * Ok, we can delete the expired delegation.
5431 * First, write the Revoke record to stable storage and then
5432 * clear out the conflict.
5433 * Since all other nfsd threads are now blocked, we can safely
5434 * sleep without the state changing.
5435 */
5436 nfsrv_writestable(clp->lc_id, clp->lc_idlen, NFSNST_REVOKE, p);
5437 nfsrv_backupstable();
5438 if (clp->lc_expiry < NFSD_MONOSEC) {
5439 nfsrv_cleanclient(clp, p);
5440 nfsrv_freedeleglist(&clp->lc_deleg);
5441 nfsrv_freedeleglist(&clp->lc_olddeleg);
5442 LIST_REMOVE(clp, lc_hash);
5443 zapped_clp = 1;
5444 } else {
5445 nfsrv_freedeleg(stp);
5446 zapped_clp = 0;
5447 }
5448 if (zapped_clp)
5449 nfsrv_zapclient(clp, p);
5450 error = -1;
5451
5452 out:
5453 NFSEXITCODE(error);
5454 return (error);
5455 }
5456
5457 /*
5458 * Check for a remove allowed, if remove is set to 1 and get rid of
5459 * delegations.
5460 */
5461 int
5462 nfsrv_checkremove(vnode_t vp, int remove, struct nfsrv_descript *nd,
5463 nfsquad_t clientid, NFSPROC_T *p)
5464 {
5465 struct nfsclient *clp;
5466 struct nfsstate *stp;
5467 struct nfslockfile *lfp;
5468 int error, haslock = 0;
5469 fhandle_t nfh;
5470
5471 clp = NULL;
5472 /*
5473 * First, get the lock file structure.
5474 * (A return of -1 means no associated state, so remove ok.)
5475 */
5476 error = nfsrv_getlockfh(vp, NFSLCK_CHECK, NULL, &nfh, p);
5477 tryagain:
5478 NFSLOCKSTATE();
5479 if (error == 0 && clientid.qval != 0)
5480 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
5481 (nfsquad_t)((u_quad_t)0), 0, nd, p);
5482 if (!error)
5483 error = nfsrv_getlockfile(NFSLCK_CHECK, NULL, &lfp, &nfh, 0);
5484 if (error) {
5485 NFSUNLOCKSTATE();
5486 if (haslock) {
5487 NFSLOCKV4ROOTMUTEX();
5488 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5489 NFSUNLOCKV4ROOTMUTEX();
5490 }
5491 if (error == -1)
5492 error = 0;
5493 goto out;
5494 }
5495
5496 /*
5497 * Now, we must Recall any delegations.
5498 */
5499 error = nfsrv_cleandeleg(vp, lfp, clp, &haslock, p);
5500 if (error) {
5501 /*
5502 * nfsrv_cleandeleg() unlocks state for non-zero
5503 * return.
5504 */
5505 if (error == -1)
5506 goto tryagain;
5507 if (haslock) {
5508 NFSLOCKV4ROOTMUTEX();
5509 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5510 NFSUNLOCKV4ROOTMUTEX();
5511 }
5512 goto out;
5513 }
5514
5515 /*
5516 * Now, look for a conflicting open share.
5517 */
5518 if (remove) {
5519 /*
5520 * If the entry in the directory was the last reference to the
5521 * corresponding filesystem object, the object can be destroyed
5522 * */
5523 if(lfp->lf_usecount>1)
5524 LIST_FOREACH(stp, &lfp->lf_open, ls_file) {
5525 if (stp->ls_flags & NFSLCK_WRITEDENY) {
5526 error = NFSERR_FILEOPEN;
5527 break;
5528 }
5529 }
5530 }
5531
5532 NFSUNLOCKSTATE();
5533 if (haslock) {
5534 NFSLOCKV4ROOTMUTEX();
5535 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5536 NFSUNLOCKV4ROOTMUTEX();
5537 }
5538
5539 out:
5540 NFSEXITCODE(error);
5541 return (error);
5542 }
5543
5544 /*
5545 * Clear out all delegations for the file referred to by lfp.
5546 * May return NFSERR_DELAY, if there will be a delay waiting for
5547 * delegations to expire.
5548 * Returns -1 to indicate it slept while recalling a delegation.
5549 * This function has the side effect of deleting the nfslockfile structure,
5550 * if it no longer has associated state and didn't have to sleep.
5551 * Unlocks State before a non-zero value is returned.
5552 */
5553 static int
5554 nfsrv_cleandeleg(vnode_t vp, struct nfslockfile *lfp,
5555 struct nfsclient *clp, int *haslockp, NFSPROC_T *p)
5556 {
5557 struct nfsstate *stp, *nstp;
5558 int ret = 0;
5559
5560 stp = LIST_FIRST(&lfp->lf_deleg);
5561 while (stp != LIST_END(&lfp->lf_deleg)) {
5562 nstp = LIST_NEXT(stp, ls_file);
5563 if (stp->ls_clp != clp) {
5564 ret = nfsrv_delegconflict(stp, haslockp, p, vp);
5565 if (ret) {
5566 /*
5567 * nfsrv_delegconflict() unlocks state
5568 * when it returns non-zero.
5569 */
5570 goto out;
5571 }
5572 }
5573 stp = nstp;
5574 }
5575 out:
5576 NFSEXITCODE(ret);
5577 return (ret);
5578 }
5579
5580 /*
5581 * There are certain operations that, when being done outside of NFSv4,
5582 * require that any NFSv4 delegation for the file be recalled.
5583 * This function is to be called for those cases:
5584 * VOP_RENAME() - When a delegation is being recalled for any reason,
5585 * the client may have to do Opens against the server, using the file's
5586 * final component name. If the file has been renamed on the server,
5587 * that component name will be incorrect and the Open will fail.
5588 * VOP_REMOVE() - Theoretically, a client could Open a file after it has
5589 * been removed on the server, if there is a delegation issued to
5590 * that client for the file. I say "theoretically" since clients
5591 * normally do an Access Op before the Open and that Access Op will
5592 * fail with ESTALE. Note that NFSv2 and 3 don't even do Opens, so
5593 * they will detect the file's removal in the same manner. (There is
5594 * one case where RFC3530 allows a client to do an Open without first
5595 * doing an Access Op, which is passage of a check against the ACE
5596 * returned with a Write delegation, but current practice is to ignore
5597 * the ACE and always do an Access Op.)
5598 * Since the functions can only be called with an unlocked vnode, this
5599 * can't be done at this time.
5600 * VOP_ADVLOCK() - When a client holds a delegation, it can issue byte range
5601 * locks locally in the client, which are not visible to the server. To
5602 * deal with this, issuing of delegations for a vnode must be disabled
5603 * and all delegations for the vnode recalled. This is done via the
5604 * second function, using the VV_DISABLEDELEG vflag on the vnode.
5605 */
5606 void
5607 nfsd_recalldelegation(vnode_t vp, NFSPROC_T *p)
5608 {
5609 time_t starttime;
5610 int error;
5611
5612 /*
5613 * First, check to see if the server is currently running and it has
5614 * been called for a regular file when issuing delegations.
5615 */
5616 if (newnfs_numnfsd == 0 || vp->v_type != VREG ||
5617 nfsrv_issuedelegs == 0)
5618 return;
5619
5620 KASSERT((NFSVOPISLOCKED(vp) != LK_EXCLUSIVE), ("vp %p is locked", vp));
5621 /*
5622 * First, get a reference on the nfsv4rootfs_lock so that an
5623 * exclusive lock cannot be acquired by another thread.
5624 */
5625 NFSLOCKV4ROOTMUTEX();
5626 nfsv4_getref(&nfsv4rootfs_lock, NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
5627 NFSUNLOCKV4ROOTMUTEX();
5628
5629 /*
5630 * Now, call nfsrv_checkremove() in a loop while it returns
5631 * NFSERR_DELAY. Return upon any other error or when timed out.
5632 */
5633 starttime = NFSD_MONOSEC;
5634 do {
5635 if (NFSVOPLOCK(vp, LK_EXCLUSIVE) == 0) {
5636 error = nfsrv_checkremove(vp, 0, NULL,
5637 (nfsquad_t)((u_quad_t)0), p);
5638 NFSVOPUNLOCK(vp);
5639 } else
5640 error = EPERM;
5641 if (error == NFSERR_DELAY) {
5642 if (NFSD_MONOSEC - starttime > NFS_REMOVETIMEO)
5643 break;
5644 /* Sleep for a short period of time */
5645 (void) nfs_catnap(PZERO, 0, "nfsremove");
5646 }
5647 } while (error == NFSERR_DELAY);
5648 NFSLOCKV4ROOTMUTEX();
5649 nfsv4_relref(&nfsv4rootfs_lock);
5650 NFSUNLOCKV4ROOTMUTEX();
5651 }
5652
5653 void
5654 nfsd_disabledelegation(vnode_t vp, NFSPROC_T *p)
5655 {
5656
5657 #ifdef VV_DISABLEDELEG
5658 /*
5659 * First, flag issuance of delegations disabled.
5660 */
5661 atomic_set_long(&vp->v_vflag, VV_DISABLEDELEG);
5662 #endif
5663
5664 /*
5665 * Then call nfsd_recalldelegation() to get rid of all extant
5666 * delegations.
5667 */
5668 nfsd_recalldelegation(vp, p);
5669 }
5670
5671 /*
5672 * Check for conflicting locks, etc. and then get rid of delegations.
5673 * (At one point I thought that I should get rid of delegations for any
5674 * Setattr, since it could potentially disallow the I/O op (read or write)
5675 * allowed by the delegation. However, Setattr Ops that aren't changing
5676 * the size get a stateid of all 0s, so you can't tell if it is a delegation
5677 * for the same client or a different one, so I decided to only get rid
5678 * of delegations for other clients when the size is being changed.)
5679 * In general, a Setattr can disable NFS I/O Ops that are outstanding, such
5680 * as Write backs, even if there is no delegation, so it really isn't any
5681 * different?)
5682 */
5683 int
5684 nfsrv_checksetattr(vnode_t vp, struct nfsrv_descript *nd,
5685 nfsv4stateid_t *stateidp, struct nfsvattr *nvap, nfsattrbit_t *attrbitp,
5686 struct nfsexstuff *exp, NFSPROC_T *p)
5687 {
5688 struct nfsstate st, *stp = &st;
5689 struct nfslock lo, *lop = &lo;
5690 int error = 0;
5691 nfsquad_t clientid;
5692
5693 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SIZE)) {
5694 stp->ls_flags = (NFSLCK_CHECK | NFSLCK_WRITEACCESS);
5695 lop->lo_first = nvap->na_size;
5696 } else {
5697 stp->ls_flags = 0;
5698 lop->lo_first = 0;
5699 }
5700 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNER) ||
5701 NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNERGROUP) ||
5702 NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_MODE) ||
5703 NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_ACL))
5704 stp->ls_flags |= NFSLCK_SETATTR;
5705 if (stp->ls_flags == 0)
5706 goto out;
5707 lop->lo_end = NFS64BITSSET;
5708 lop->lo_flags = NFSLCK_WRITE;
5709 stp->ls_ownerlen = 0;
5710 stp->ls_op = NULL;
5711 stp->ls_uid = nd->nd_cred->cr_uid;
5712 stp->ls_stateid.seqid = stateidp->seqid;
5713 clientid.lval[0] = stp->ls_stateid.other[0] = stateidp->other[0];
5714 clientid.lval[1] = stp->ls_stateid.other[1] = stateidp->other[1];
5715 stp->ls_stateid.other[2] = stateidp->other[2];
5716 error = nfsrv_lockctrl(vp, &stp, &lop, NULL, clientid,
5717 stateidp, exp, nd, p);
5718
5719 out:
5720 NFSEXITCODE2(error, nd);
5721 return (error);
5722 }
5723
5724 /*
5725 * Check for a write delegation and do a CBGETATTR if there is one, updating
5726 * the attributes, as required.
5727 * Should I return an error if I can't get the attributes? (For now, I'll
5728 * just return ok.
5729 */
5730 int
5731 nfsrv_checkgetattr(struct nfsrv_descript *nd, vnode_t vp,
5732 struct nfsvattr *nvap, nfsattrbit_t *attrbitp, NFSPROC_T *p)
5733 {
5734 struct nfsstate *stp;
5735 struct nfslockfile *lfp;
5736 struct nfsclient *clp;
5737 struct nfsvattr nva;
5738 fhandle_t nfh;
5739 int error = 0;
5740 nfsattrbit_t cbbits;
5741 u_quad_t delegfilerev;
5742
5743 NFSCBGETATTR_ATTRBIT(attrbitp, &cbbits);
5744 if (!NFSNONZERO_ATTRBIT(&cbbits))
5745 goto out;
5746 if (nfsrv_writedelegcnt == 0)
5747 goto out;
5748
5749 /*
5750 * Get the lock file structure.
5751 * (A return of -1 means no associated state, so return ok.)
5752 */
5753 error = nfsrv_getlockfh(vp, NFSLCK_CHECK, NULL, &nfh, p);
5754 NFSLOCKSTATE();
5755 if (!error)
5756 error = nfsrv_getlockfile(NFSLCK_CHECK, NULL, &lfp, &nfh, 0);
5757 if (error) {
5758 NFSUNLOCKSTATE();
5759 if (error == -1)
5760 error = 0;
5761 goto out;
5762 }
5763
5764 /*
5765 * Now, look for a write delegation.
5766 */
5767 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
5768 if (stp->ls_flags & NFSLCK_DELEGWRITE)
5769 break;
5770 }
5771 if (stp == LIST_END(&lfp->lf_deleg)) {
5772 NFSUNLOCKSTATE();
5773 goto out;
5774 }
5775 clp = stp->ls_clp;
5776
5777 /* If the clientid is not confirmed, ignore the delegation. */
5778 if (clp->lc_flags & LCL_NEEDSCONFIRM) {
5779 NFSUNLOCKSTATE();
5780 goto out;
5781 }
5782
5783 delegfilerev = stp->ls_filerev;
5784 /*
5785 * If the Write delegation was issued as a part of this Compound RPC
5786 * or if we have an Implied Clientid (used in a previous Op in this
5787 * compound) and it is the client the delegation was issued to,
5788 * just return ok.
5789 * I also assume that it is from the same client iff the network
5790 * host IP address is the same as the callback address. (Not
5791 * exactly correct by the RFC, but avoids a lot of Getattr
5792 * callbacks.)
5793 */
5794 if (nd->nd_compref == stp->ls_compref ||
5795 ((nd->nd_flag & ND_IMPLIEDCLID) &&
5796 clp->lc_clientid.qval == nd->nd_clientid.qval) ||
5797 nfsaddr2_match(clp->lc_req.nr_nam, nd->nd_nam)) {
5798 NFSUNLOCKSTATE();
5799 goto out;
5800 }
5801
5802 /*
5803 * We are now done with the delegation state structure,
5804 * so the statelock can be released and we can now tsleep().
5805 */
5806
5807 /*
5808 * Now, we must do the CB Getattr callback, to see if Change or Size
5809 * has changed.
5810 */
5811 if (clp->lc_expiry >= NFSD_MONOSEC) {
5812 NFSUNLOCKSTATE();
5813 NFSVNO_ATTRINIT(&nva);
5814 nva.na_filerev = NFS64BITSSET;
5815 error = nfsrv_docallback(clp, NFSV4OP_CBGETATTR, NULL,
5816 0, &nfh, &nva, &cbbits, 0, p);
5817 if (!error) {
5818 if ((nva.na_filerev != NFS64BITSSET &&
5819 nva.na_filerev > delegfilerev) ||
5820 (NFSVNO_ISSETSIZE(&nva) &&
5821 nva.na_size != nvap->na_size)) {
5822 error = nfsvno_updfilerev(vp, nvap, nd, p);
5823 if (NFSVNO_ISSETSIZE(&nva))
5824 nvap->na_size = nva.na_size;
5825 }
5826 } else
5827 error = 0; /* Ignore callback errors for now. */
5828 } else {
5829 NFSUNLOCKSTATE();
5830 }
5831
5832 out:
5833 NFSEXITCODE2(error, nd);
5834 return (error);
5835 }
5836
5837 /*
5838 * This function looks for openowners that haven't had any opens for
5839 * a while and throws them away. Called by an nfsd when NFSNSF_NOOPENS
5840 * is set.
5841 */
5842 void
5843 nfsrv_throwawayopens(NFSPROC_T *p)
5844 {
5845 struct nfsclient *clp, *nclp;
5846 struct nfsstate *stp, *nstp;
5847 int i;
5848
5849 NFSLOCKSTATE();
5850 nfsrv_stablefirst.nsf_flags &= ~NFSNSF_NOOPENS;
5851 /*
5852 * For each client...
5853 */
5854 for (i = 0; i < nfsrv_clienthashsize; i++) {
5855 LIST_FOREACH_SAFE(clp, &nfsclienthash[i], lc_hash, nclp) {
5856 LIST_FOREACH_SAFE(stp, &clp->lc_open, ls_list, nstp) {
5857 if (LIST_EMPTY(&stp->ls_open) &&
5858 (stp->ls_noopens > NFSNOOPEN ||
5859 (nfsrv_openpluslock * 2) >
5860 nfsrv_v4statelimit))
5861 nfsrv_freeopenowner(stp, 0, p);
5862 }
5863 }
5864 }
5865 NFSUNLOCKSTATE();
5866 }
5867
5868 /*
5869 * This function checks to see if the credentials are the same.
5870 * The check for same credentials is needed for state management operations
5871 * for NFSv4.0 where 1 is returned if not same, 0 is returned otherwise.
5872 */
5873 static int
5874 nfsrv_notsamecredname(struct nfsrv_descript *nd, struct nfsclient *clp)
5875 {
5876
5877 /* For NFSv4.1/4.2, SP4_NONE always allows this. */
5878 if ((nd->nd_flag & ND_NFSV41) != 0)
5879 return (0);
5880
5881 if (nd->nd_flag & ND_GSS) {
5882 if (!(clp->lc_flags & LCL_GSS))
5883 return (1);
5884 if (clp->lc_flags & LCL_NAME) {
5885 if (nd->nd_princlen != clp->lc_namelen ||
5886 NFSBCMP(nd->nd_principal, clp->lc_name,
5887 clp->lc_namelen))
5888 return (1);
5889 else
5890 return (0);
5891 }
5892 if (nd->nd_cred->cr_uid == clp->lc_uid)
5893 return (0);
5894 else
5895 return (1);
5896 } else if (clp->lc_flags & LCL_GSS)
5897 return (1);
5898 /*
5899 * For AUTH_SYS, allow the same uid or root. (This is underspecified
5900 * in RFC3530, which talks about principals, but doesn't say anything
5901 * about uids for AUTH_SYS.)
5902 */
5903 if (nd->nd_cred->cr_uid == clp->lc_uid || nd->nd_cred->cr_uid == 0)
5904 return (0);
5905 else
5906 return (1);
5907 }
5908
5909 /*
5910 * Calculate the lease expiry time.
5911 */
5912 static time_t
5913 nfsrv_leaseexpiry(void)
5914 {
5915
5916 if (nfsrv_stablefirst.nsf_eograce > NFSD_MONOSEC)
5917 return (NFSD_MONOSEC + 2 * (nfsrv_lease + NFSRV_LEASEDELTA));
5918 return (NFSD_MONOSEC + nfsrv_lease + NFSRV_LEASEDELTA);
5919 }
5920
5921 /*
5922 * Delay the delegation timeout as far as ls_delegtimelimit, as required.
5923 */
5924 static void
5925 nfsrv_delaydelegtimeout(struct nfsstate *stp)
5926 {
5927
5928 if ((stp->ls_flags & NFSLCK_DELEGRECALL) == 0)
5929 return;
5930
5931 if ((stp->ls_delegtime + 15) > NFSD_MONOSEC &&
5932 stp->ls_delegtime < stp->ls_delegtimelimit) {
5933 stp->ls_delegtime += nfsrv_lease;
5934 if (stp->ls_delegtime > stp->ls_delegtimelimit)
5935 stp->ls_delegtime = stp->ls_delegtimelimit;
5936 }
5937 }
5938
5939 /*
5940 * This function checks to see if there is any other state associated
5941 * with the openowner for this Open.
5942 * It returns 1 if there is no other state, 0 otherwise.
5943 */
5944 static int
5945 nfsrv_nootherstate(struct nfsstate *stp)
5946 {
5947 struct nfsstate *tstp;
5948
5949 LIST_FOREACH(tstp, &stp->ls_openowner->ls_open, ls_list) {
5950 if (tstp != stp || !LIST_EMPTY(&tstp->ls_lock))
5951 return (0);
5952 }
5953 return (1);
5954 }
5955
5956 /*
5957 * Create a list of lock deltas (changes to local byte range locking
5958 * that can be rolled back using the list) and apply the changes via
5959 * nfsvno_advlock(). Optionally, lock the list. It is expected that either
5960 * the rollback or update function will be called after this.
5961 * It returns an error (and rolls back, as required), if any nfsvno_advlock()
5962 * call fails. If it returns an error, it will unlock the list.
5963 */
5964 static int
5965 nfsrv_locallock(vnode_t vp, struct nfslockfile *lfp, int flags,
5966 uint64_t first, uint64_t end, struct nfslockconflict *cfp, NFSPROC_T *p)
5967 {
5968 struct nfslock *lop, *nlop;
5969 int error = 0;
5970
5971 /* Loop through the list of locks. */
5972 lop = LIST_FIRST(&lfp->lf_locallock);
5973 while (first < end && lop != NULL) {
5974 nlop = LIST_NEXT(lop, lo_lckowner);
5975 if (first >= lop->lo_end) {
5976 /* not there yet */
5977 lop = nlop;
5978 } else if (first < lop->lo_first) {
5979 /* new one starts before entry in list */
5980 if (end <= lop->lo_first) {
5981 /* no overlap between old and new */
5982 error = nfsrv_dolocal(vp, lfp, flags,
5983 NFSLCK_UNLOCK, first, end, cfp, p);
5984 if (error != 0)
5985 break;
5986 first = end;
5987 } else {
5988 /* handle fragment overlapped with new one */
5989 error = nfsrv_dolocal(vp, lfp, flags,
5990 NFSLCK_UNLOCK, first, lop->lo_first, cfp,
5991 p);
5992 if (error != 0)
5993 break;
5994 first = lop->lo_first;
5995 }
5996 } else {
5997 /* new one overlaps this entry in list */
5998 if (end <= lop->lo_end) {
5999 /* overlaps all of new one */
6000 error = nfsrv_dolocal(vp, lfp, flags,
6001 lop->lo_flags, first, end, cfp, p);
6002 if (error != 0)
6003 break;
6004 first = end;
6005 } else {
6006 /* handle fragment overlapped with new one */
6007 error = nfsrv_dolocal(vp, lfp, flags,
6008 lop->lo_flags, first, lop->lo_end, cfp, p);
6009 if (error != 0)
6010 break;
6011 first = lop->lo_end;
6012 lop = nlop;
6013 }
6014 }
6015 }
6016 if (first < end && error == 0)
6017 /* handle fragment past end of list */
6018 error = nfsrv_dolocal(vp, lfp, flags, NFSLCK_UNLOCK, first,
6019 end, cfp, p);
6020
6021 NFSEXITCODE(error);
6022 return (error);
6023 }
6024
6025 /*
6026 * Local lock unlock. Unlock all byte ranges that are no longer locked
6027 * by NFSv4. To do this, unlock any subranges of first-->end that
6028 * do not overlap with the byte ranges of any lock in the lfp->lf_lock
6029 * list. This list has all locks for the file held by other
6030 * <clientid, lockowner> tuples. The list is ordered by increasing
6031 * lo_first value, but may have entries that overlap each other, for
6032 * the case of read locks.
6033 */
6034 static void
6035 nfsrv_localunlock(vnode_t vp, struct nfslockfile *lfp, uint64_t init_first,
6036 uint64_t init_end, NFSPROC_T *p)
6037 {
6038 struct nfslock *lop;
6039 uint64_t first, end, prevfirst __unused;
6040
6041 first = init_first;
6042 end = init_end;
6043 while (first < init_end) {
6044 /* Loop through all nfs locks, adjusting first and end */
6045 prevfirst = 0;
6046 LIST_FOREACH(lop, &lfp->lf_lock, lo_lckfile) {
6047 KASSERT(prevfirst <= lop->lo_first,
6048 ("nfsv4 locks out of order"));
6049 KASSERT(lop->lo_first < lop->lo_end,
6050 ("nfsv4 bogus lock"));
6051 prevfirst = lop->lo_first;
6052 if (first >= lop->lo_first &&
6053 first < lop->lo_end)
6054 /*
6055 * Overlaps with initial part, so trim
6056 * off that initial part by moving first past
6057 * it.
6058 */
6059 first = lop->lo_end;
6060 else if (end > lop->lo_first &&
6061 lop->lo_first > first) {
6062 /*
6063 * This lock defines the end of the
6064 * segment to unlock, so set end to the
6065 * start of it and break out of the loop.
6066 */
6067 end = lop->lo_first;
6068 break;
6069 }
6070 if (first >= end)
6071 /*
6072 * There is no segment left to do, so
6073 * break out of this loop and then exit
6074 * the outer while() since first will be set
6075 * to end, which must equal init_end here.
6076 */
6077 break;
6078 }
6079 if (first < end) {
6080 /* Unlock this segment */
6081 (void) nfsrv_dolocal(vp, lfp, NFSLCK_UNLOCK,
6082 NFSLCK_READ, first, end, NULL, p);
6083 nfsrv_locallock_commit(lfp, NFSLCK_UNLOCK,
6084 first, end);
6085 }
6086 /*
6087 * Now move past this segment and look for any further
6088 * segment in the range, if there is one.
6089 */
6090 first = end;
6091 end = init_end;
6092 }
6093 }
6094
6095 /*
6096 * Do the local lock operation and update the rollback list, as required.
6097 * Perform the rollback and return the error if nfsvno_advlock() fails.
6098 */
6099 static int
6100 nfsrv_dolocal(vnode_t vp, struct nfslockfile *lfp, int flags, int oldflags,
6101 uint64_t first, uint64_t end, struct nfslockconflict *cfp, NFSPROC_T *p)
6102 {
6103 struct nfsrollback *rlp;
6104 int error = 0, ltype, oldltype;
6105
6106 if (flags & NFSLCK_WRITE)
6107 ltype = F_WRLCK;
6108 else if (flags & NFSLCK_READ)
6109 ltype = F_RDLCK;
6110 else
6111 ltype = F_UNLCK;
6112 if (oldflags & NFSLCK_WRITE)
6113 oldltype = F_WRLCK;
6114 else if (oldflags & NFSLCK_READ)
6115 oldltype = F_RDLCK;
6116 else
6117 oldltype = F_UNLCK;
6118 if (ltype == oldltype || (oldltype == F_WRLCK && ltype == F_RDLCK))
6119 /* nothing to do */
6120 goto out;
6121 error = nfsvno_advlock(vp, ltype, first, end, p);
6122 if (error != 0) {
6123 if (cfp != NULL) {
6124 cfp->cl_clientid.lval[0] = 0;
6125 cfp->cl_clientid.lval[1] = 0;
6126 cfp->cl_first = 0;
6127 cfp->cl_end = NFS64BITSSET;
6128 cfp->cl_flags = NFSLCK_WRITE;
6129 cfp->cl_ownerlen = 5;
6130 NFSBCOPY("LOCAL", cfp->cl_owner, 5);
6131 }
6132 nfsrv_locallock_rollback(vp, lfp, p);
6133 } else if (ltype != F_UNLCK) {
6134 rlp = malloc(sizeof (struct nfsrollback), M_NFSDROLLBACK,
6135 M_WAITOK);
6136 rlp->rlck_first = first;
6137 rlp->rlck_end = end;
6138 rlp->rlck_type = oldltype;
6139 LIST_INSERT_HEAD(&lfp->lf_rollback, rlp, rlck_list);
6140 }
6141
6142 out:
6143 NFSEXITCODE(error);
6144 return (error);
6145 }
6146
6147 /*
6148 * Roll back local lock changes and free up the rollback list.
6149 */
6150 static void
6151 nfsrv_locallock_rollback(vnode_t vp, struct nfslockfile *lfp, NFSPROC_T *p)
6152 {
6153 struct nfsrollback *rlp, *nrlp;
6154
6155 LIST_FOREACH_SAFE(rlp, &lfp->lf_rollback, rlck_list, nrlp) {
6156 (void) nfsvno_advlock(vp, rlp->rlck_type, rlp->rlck_first,
6157 rlp->rlck_end, p);
6158 free(rlp, M_NFSDROLLBACK);
6159 }
6160 LIST_INIT(&lfp->lf_rollback);
6161 }
6162
6163 /*
6164 * Update local lock list and delete rollback list (ie now committed to the
6165 * local locks). Most of the work is done by the internal function.
6166 */
6167 static void
6168 nfsrv_locallock_commit(struct nfslockfile *lfp, int flags, uint64_t first,
6169 uint64_t end)
6170 {
6171 struct nfsrollback *rlp, *nrlp;
6172 struct nfslock *new_lop, *other_lop;
6173
6174 new_lop = malloc(sizeof (struct nfslock), M_NFSDLOCK, M_WAITOK);
6175 if (flags & (NFSLCK_READ | NFSLCK_WRITE))
6176 other_lop = malloc(sizeof (struct nfslock), M_NFSDLOCK,
6177 M_WAITOK);
6178 else
6179 other_lop = NULL;
6180 new_lop->lo_flags = flags;
6181 new_lop->lo_first = first;
6182 new_lop->lo_end = end;
6183 nfsrv_updatelock(NULL, &new_lop, &other_lop, lfp);
6184 if (new_lop != NULL)
6185 free(new_lop, M_NFSDLOCK);
6186 if (other_lop != NULL)
6187 free(other_lop, M_NFSDLOCK);
6188
6189 /* and get rid of the rollback list */
6190 LIST_FOREACH_SAFE(rlp, &lfp->lf_rollback, rlck_list, nrlp)
6191 free(rlp, M_NFSDROLLBACK);
6192 LIST_INIT(&lfp->lf_rollback);
6193 }
6194
6195 /*
6196 * Lock the struct nfslockfile for local lock updating.
6197 */
6198 static void
6199 nfsrv_locklf(struct nfslockfile *lfp)
6200 {
6201 int gotlock;
6202
6203 /* lf_usecount ensures *lfp won't be free'd */
6204 lfp->lf_usecount++;
6205 do {
6206 gotlock = nfsv4_lock(&lfp->lf_locallock_lck, 1, NULL,
6207 NFSSTATEMUTEXPTR, NULL);
6208 } while (gotlock == 0);
6209 lfp->lf_usecount--;
6210 }
6211
6212 /*
6213 * Unlock the struct nfslockfile after local lock updating.
6214 */
6215 static void
6216 nfsrv_unlocklf(struct nfslockfile *lfp)
6217 {
6218
6219 nfsv4_unlock(&lfp->lf_locallock_lck, 0);
6220 }
6221
6222 /*
6223 * Clear out all state for the NFSv4 server.
6224 * Must be called by a thread that can sleep when no nfsds are running.
6225 */
6226 void
6227 nfsrv_throwawayallstate(NFSPROC_T *p)
6228 {
6229 struct nfsclient *clp, *nclp;
6230 struct nfslockfile *lfp, *nlfp;
6231 int i;
6232
6233 /*
6234 * For each client, clean out the state and then free the structure.
6235 */
6236 for (i = 0; i < nfsrv_clienthashsize; i++) {
6237 LIST_FOREACH_SAFE(clp, &nfsclienthash[i], lc_hash, nclp) {
6238 nfsrv_cleanclient(clp, p);
6239 nfsrv_freedeleglist(&clp->lc_deleg);
6240 nfsrv_freedeleglist(&clp->lc_olddeleg);
6241 free(clp->lc_stateid, M_NFSDCLIENT);
6242 free(clp, M_NFSDCLIENT);
6243 }
6244 }
6245
6246 /*
6247 * Also, free up any remaining lock file structures.
6248 */
6249 for (i = 0; i < nfsrv_lockhashsize; i++) {
6250 LIST_FOREACH_SAFE(lfp, &nfslockhash[i], lf_hash, nlfp) {
6251 printf("nfsd unload: fnd a lock file struct\n");
6252 nfsrv_freenfslockfile(lfp);
6253 }
6254 }
6255
6256 /* And get rid of the deviceid structures and layouts. */
6257 nfsrv_freealllayoutsanddevids();
6258 }
6259
6260 /*
6261 * Check the sequence# for the session and slot provided as an argument.
6262 * Also, renew the lease if the session will return NFS_OK.
6263 */
6264 int
6265 nfsrv_checksequence(struct nfsrv_descript *nd, uint32_t sequenceid,
6266 uint32_t *highest_slotidp, uint32_t *target_highest_slotidp, int cache_this,
6267 uint32_t *sflagsp, NFSPROC_T *p)
6268 {
6269 struct nfsdsession *sep;
6270 struct nfssessionhash *shp;
6271 int error;
6272
6273 shp = NFSSESSIONHASH(nd->nd_sessionid);
6274 NFSLOCKSESSION(shp);
6275 sep = nfsrv_findsession(nd->nd_sessionid);
6276 if (sep == NULL) {
6277 NFSUNLOCKSESSION(shp);
6278 return (NFSERR_BADSESSION);
6279 }
6280 error = nfsv4_seqsession(sequenceid, nd->nd_slotid, *highest_slotidp,
6281 sep->sess_slots, NULL, NFSV4_SLOTS - 1);
6282 if (error != 0) {
6283 NFSUNLOCKSESSION(shp);
6284 return (error);
6285 }
6286 if (cache_this != 0)
6287 nd->nd_flag |= ND_SAVEREPLY;
6288 /* Renew the lease. */
6289 sep->sess_clp->lc_expiry = nfsrv_leaseexpiry();
6290 nd->nd_clientid.qval = sep->sess_clp->lc_clientid.qval;
6291 nd->nd_flag |= ND_IMPLIEDCLID;
6292
6293 /* Save maximum request and reply sizes. */
6294 nd->nd_maxreq = sep->sess_maxreq;
6295 nd->nd_maxresp = sep->sess_maxresp;
6296
6297 *sflagsp = 0;
6298 if (sep->sess_clp->lc_req.nr_client == NULL ||
6299 (sep->sess_clp->lc_flags & LCL_CBDOWN) != 0)
6300 *sflagsp |= NFSV4SEQ_CBPATHDOWN;
6301 NFSUNLOCKSESSION(shp);
6302 if (error == NFSERR_EXPIRED) {
6303 *sflagsp |= NFSV4SEQ_EXPIREDALLSTATEREVOKED;
6304 error = 0;
6305 } else if (error == NFSERR_ADMINREVOKED) {
6306 *sflagsp |= NFSV4SEQ_ADMINSTATEREVOKED;
6307 error = 0;
6308 }
6309 *highest_slotidp = *target_highest_slotidp = NFSV4_SLOTS - 1;
6310 return (0);
6311 }
6312
6313 /*
6314 * Check/set reclaim complete for this session/clientid.
6315 */
6316 int
6317 nfsrv_checkreclaimcomplete(struct nfsrv_descript *nd, int onefs)
6318 {
6319 struct nfsdsession *sep;
6320 struct nfssessionhash *shp;
6321 int error = 0;
6322
6323 shp = NFSSESSIONHASH(nd->nd_sessionid);
6324 NFSLOCKSTATE();
6325 NFSLOCKSESSION(shp);
6326 sep = nfsrv_findsession(nd->nd_sessionid);
6327 if (sep == NULL) {
6328 NFSUNLOCKSESSION(shp);
6329 NFSUNLOCKSTATE();
6330 return (NFSERR_BADSESSION);
6331 }
6332
6333 if (onefs != 0)
6334 sep->sess_clp->lc_flags |= LCL_RECLAIMONEFS;
6335 /* Check to see if reclaim complete has already happened. */
6336 else if ((sep->sess_clp->lc_flags & LCL_RECLAIMCOMPLETE) != 0)
6337 error = NFSERR_COMPLETEALREADY;
6338 else {
6339 sep->sess_clp->lc_flags |= LCL_RECLAIMCOMPLETE;
6340 nfsrv_markreclaim(sep->sess_clp);
6341 }
6342 NFSUNLOCKSESSION(shp);
6343 NFSUNLOCKSTATE();
6344 return (error);
6345 }
6346
6347 /*
6348 * Cache the reply in a session slot.
6349 */
6350 void
6351 nfsrv_cache_session(struct nfsrv_descript *nd, struct mbuf **m)
6352 {
6353 struct nfsdsession *sep;
6354 struct nfssessionhash *shp;
6355 char *buf, *cp;
6356 #ifdef INET
6357 struct sockaddr_in *sin;
6358 #endif
6359 #ifdef INET6
6360 struct sockaddr_in6 *sin6;
6361 #endif
6362
6363 shp = NFSSESSIONHASH(nd->nd_sessionid);
6364 NFSLOCKSESSION(shp);
6365 sep = nfsrv_findsession(nd->nd_sessionid);
6366 if (sep == NULL) {
6367 NFSUNLOCKSESSION(shp);
6368 if ((nfsrv_stablefirst.nsf_flags & NFSNSF_GRACEOVER) != 0) {
6369 buf = malloc(INET6_ADDRSTRLEN, M_TEMP, M_WAITOK);
6370 switch (nd->nd_nam->sa_family) {
6371 #ifdef INET
6372 case AF_INET:
6373 sin = (struct sockaddr_in *)nd->nd_nam;
6374 cp = inet_ntop(sin->sin_family,
6375 &sin->sin_addr.s_addr, buf,
6376 INET6_ADDRSTRLEN);
6377 break;
6378 #endif
6379 #ifdef INET6
6380 case AF_INET6:
6381 sin6 = (struct sockaddr_in6 *)nd->nd_nam;
6382 cp = inet_ntop(sin6->sin6_family,
6383 &sin6->sin6_addr, buf, INET6_ADDRSTRLEN);
6384 break;
6385 #endif
6386 default:
6387 cp = NULL;
6388 }
6389 if (cp != NULL)
6390 printf("nfsrv_cache_session: no session "
6391 "IPaddr=%s, check NFS clients for unique "
6392 "/etc/hostid's\n", cp);
6393 else
6394 printf("nfsrv_cache_session: no session, "
6395 "check NFS clients for unique "
6396 "/etc/hostid's\n");
6397 free(buf, M_TEMP);
6398 }
6399 m_freem(*m);
6400 return;
6401 }
6402 nfsv4_seqsess_cacherep(nd->nd_slotid, sep->sess_slots, nd->nd_repstat,
6403 m);
6404 NFSUNLOCKSESSION(shp);
6405 }
6406
6407 /*
6408 * Search for a session that matches the sessionid.
6409 */
6410 static struct nfsdsession *
6411 nfsrv_findsession(uint8_t *sessionid)
6412 {
6413 struct nfsdsession *sep;
6414 struct nfssessionhash *shp;
6415
6416 shp = NFSSESSIONHASH(sessionid);
6417 LIST_FOREACH(sep, &shp->list, sess_hash) {
6418 if (!NFSBCMP(sessionid, sep->sess_sessionid, NFSX_V4SESSIONID))
6419 break;
6420 }
6421 return (sep);
6422 }
6423
6424 /*
6425 * Destroy a session.
6426 */
6427 int
6428 nfsrv_destroysession(struct nfsrv_descript *nd, uint8_t *sessionid)
6429 {
6430 int error, igotlock, samesess;
6431
6432 samesess = 0;
6433 if (!NFSBCMP(sessionid, nd->nd_sessionid, NFSX_V4SESSIONID) &&
6434 (nd->nd_flag & ND_HASSEQUENCE) != 0) {
6435 samesess = 1;
6436 if ((nd->nd_flag & ND_LASTOP) == 0)
6437 return (NFSERR_BADSESSION);
6438 }
6439
6440 /* Lock out other nfsd threads */
6441 NFSLOCKV4ROOTMUTEX();
6442 nfsv4_relref(&nfsv4rootfs_lock);
6443 do {
6444 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
6445 NFSV4ROOTLOCKMUTEXPTR, NULL);
6446 } while (igotlock == 0);
6447 NFSUNLOCKV4ROOTMUTEX();
6448
6449 error = nfsrv_freesession(NULL, sessionid);
6450 if (error == 0 && samesess != 0)
6451 nd->nd_flag &= ~ND_HASSEQUENCE;
6452
6453 NFSLOCKV4ROOTMUTEX();
6454 nfsv4_unlock(&nfsv4rootfs_lock, 1);
6455 NFSUNLOCKV4ROOTMUTEX();
6456 return (error);
6457 }
6458
6459 /*
6460 * Bind a connection to a session.
6461 * For now, only certain variants are supported, since the current session
6462 * structure can only handle a single backchannel entry, which will be
6463 * applied to all connections if it is set.
6464 */
6465 int
6466 nfsrv_bindconnsess(struct nfsrv_descript *nd, uint8_t *sessionid, int *foreaftp)
6467 {
6468 struct nfssessionhash *shp;
6469 struct nfsdsession *sep;
6470 struct nfsclient *clp;
6471 SVCXPRT *savxprt;
6472 int error;
6473
6474 error = 0;
6475 savxprt = NULL;
6476 shp = NFSSESSIONHASH(sessionid);
6477 NFSLOCKSTATE();
6478 NFSLOCKSESSION(shp);
6479 sep = nfsrv_findsession(sessionid);
6480 if (sep != NULL) {
6481 clp = sep->sess_clp;
6482 if (*foreaftp == NFSCDFC4_BACK ||
6483 *foreaftp == NFSCDFC4_BACK_OR_BOTH ||
6484 *foreaftp == NFSCDFC4_FORE_OR_BOTH) {
6485 /* Try to set up a backchannel. */
6486 if (clp->lc_req.nr_client == NULL) {
6487 NFSD_DEBUG(2, "nfsrv_bindconnsess: acquire "
6488 "backchannel\n");
6489 clp->lc_req.nr_client = (struct __rpc_client *)
6490 clnt_bck_create(nd->nd_xprt->xp_socket,
6491 sep->sess_cbprogram, NFSV4_CBVERS);
6492 }
6493 if (clp->lc_req.nr_client != NULL) {
6494 NFSD_DEBUG(2, "nfsrv_bindconnsess: set up "
6495 "backchannel\n");
6496 savxprt = sep->sess_cbsess.nfsess_xprt;
6497 SVC_ACQUIRE(nd->nd_xprt);
6498 CLNT_ACQUIRE(clp->lc_req.nr_client);
6499 nd->nd_xprt->xp_p2 = clp->lc_req.nr_client;
6500 /* Disable idle timeout. */
6501 nd->nd_xprt->xp_idletimeout = 0;
6502 sep->sess_cbsess.nfsess_xprt = nd->nd_xprt;
6503 sep->sess_crflags |= NFSV4CRSESS_CONNBACKCHAN;
6504 clp->lc_flags |= LCL_DONEBINDCONN |
6505 LCL_NEEDSCBNULL;
6506 clp->lc_flags &= ~LCL_CBDOWN;
6507 if (*foreaftp == NFSCDFS4_BACK)
6508 *foreaftp = NFSCDFS4_BACK;
6509 else
6510 *foreaftp = NFSCDFS4_BOTH;
6511 } else if (*foreaftp != NFSCDFC4_BACK) {
6512 NFSD_DEBUG(2, "nfsrv_bindconnsess: can't set "
6513 "up backchannel\n");
6514 sep->sess_crflags &= ~NFSV4CRSESS_CONNBACKCHAN;
6515 clp->lc_flags |= LCL_DONEBINDCONN;
6516 *foreaftp = NFSCDFS4_FORE;
6517 } else {
6518 error = NFSERR_NOTSUPP;
6519 printf("nfsrv_bindconnsess: Can't add "
6520 "backchannel\n");
6521 }
6522 } else {
6523 NFSD_DEBUG(2, "nfsrv_bindconnsess: Set forechannel\n");
6524 clp->lc_flags |= LCL_DONEBINDCONN;
6525 *foreaftp = NFSCDFS4_FORE;
6526 }
6527 } else
6528 error = NFSERR_BADSESSION;
6529 NFSUNLOCKSESSION(shp);
6530 NFSUNLOCKSTATE();
6531 if (savxprt != NULL)
6532 SVC_RELEASE(savxprt);
6533 return (error);
6534 }
6535
6536 /*
6537 * Free up a session structure.
6538 */
6539 static int
6540 nfsrv_freesession(struct nfsdsession *sep, uint8_t *sessionid)
6541 {
6542 struct nfssessionhash *shp;
6543 int i;
6544
6545 NFSLOCKSTATE();
6546 if (sep == NULL) {
6547 shp = NFSSESSIONHASH(sessionid);
6548 NFSLOCKSESSION(shp);
6549 sep = nfsrv_findsession(sessionid);
6550 } else {
6551 shp = NFSSESSIONHASH(sep->sess_sessionid);
6552 NFSLOCKSESSION(shp);
6553 }
6554 if (sep != NULL) {
6555 sep->sess_refcnt--;
6556 if (sep->sess_refcnt > 0) {
6557 NFSUNLOCKSESSION(shp);
6558 NFSUNLOCKSTATE();
6559 return (NFSERR_BACKCHANBUSY);
6560 }
6561 LIST_REMOVE(sep, sess_hash);
6562 LIST_REMOVE(sep, sess_list);
6563 }
6564 NFSUNLOCKSESSION(shp);
6565 NFSUNLOCKSTATE();
6566 if (sep == NULL)
6567 return (NFSERR_BADSESSION);
6568 for (i = 0; i < NFSV4_SLOTS; i++)
6569 if (sep->sess_slots[i].nfssl_reply != NULL)
6570 m_freem(sep->sess_slots[i].nfssl_reply);
6571 if (sep->sess_cbsess.nfsess_xprt != NULL)
6572 SVC_RELEASE(sep->sess_cbsess.nfsess_xprt);
6573 free(sep, M_NFSDSESSION);
6574 return (0);
6575 }
6576
6577 /*
6578 * Free a stateid.
6579 * RFC5661 says that it should fail when there are associated opens, locks
6580 * or delegations. Since stateids represent opens, I don't see how you can
6581 * free an open stateid (it will be free'd when closed), so this function
6582 * only works for lock stateids (freeing the lock_owner) or delegations.
6583 */
6584 int
6585 nfsrv_freestateid(struct nfsrv_descript *nd, nfsv4stateid_t *stateidp,
6586 NFSPROC_T *p)
6587 {
6588 struct nfsclient *clp;
6589 struct nfsstate *stp;
6590 int error;
6591
6592 NFSLOCKSTATE();
6593 /*
6594 * Look up the stateid
6595 */
6596 error = nfsrv_getclient((nfsquad_t)((u_quad_t)0), CLOPS_RENEW, &clp,
6597 NULL, (nfsquad_t)((u_quad_t)0), 0, nd, p);
6598 if (error == 0) {
6599 /* First, check for a delegation. */
6600 LIST_FOREACH(stp, &clp->lc_deleg, ls_list) {
6601 if (!NFSBCMP(stp->ls_stateid.other, stateidp->other,
6602 NFSX_STATEIDOTHER))
6603 break;
6604 }
6605 if (stp != NULL) {
6606 nfsrv_freedeleg(stp);
6607 NFSUNLOCKSTATE();
6608 return (error);
6609 }
6610 }
6611 /* Not a delegation, try for a lock_owner. */
6612 if (error == 0)
6613 error = nfsrv_getstate(clp, stateidp, 0, &stp);
6614 if (error == 0 && ((stp->ls_flags & (NFSLCK_OPEN | NFSLCK_DELEGREAD |
6615 NFSLCK_DELEGWRITE)) != 0 || (stp->ls_flags & NFSLCK_LOCK) == 0))
6616 /* Not a lock_owner stateid. */
6617 error = NFSERR_LOCKSHELD;
6618 if (error == 0 && !LIST_EMPTY(&stp->ls_lock))
6619 error = NFSERR_LOCKSHELD;
6620 if (error == 0)
6621 nfsrv_freelockowner(stp, NULL, 0, p);
6622 NFSUNLOCKSTATE();
6623 return (error);
6624 }
6625
6626 /*
6627 * Test a stateid.
6628 */
6629 int
6630 nfsrv_teststateid(struct nfsrv_descript *nd, nfsv4stateid_t *stateidp,
6631 NFSPROC_T *p)
6632 {
6633 struct nfsclient *clp;
6634 struct nfsstate *stp;
6635 int error;
6636
6637 NFSLOCKSTATE();
6638 /*
6639 * Look up the stateid
6640 */
6641 error = nfsrv_getclient((nfsquad_t)((u_quad_t)0), CLOPS_RENEW, &clp,
6642 NULL, (nfsquad_t)((u_quad_t)0), 0, nd, p);
6643 if (error == 0)
6644 error = nfsrv_getstate(clp, stateidp, 0, &stp);
6645 if (error == 0 && stateidp->seqid != 0 &&
6646 SEQ_LT(stateidp->seqid, stp->ls_stateid.seqid))
6647 error = NFSERR_OLDSTATEID;
6648 NFSUNLOCKSTATE();
6649 return (error);
6650 }
6651
6652 /*
6653 * Generate the xdr for an NFSv4.1 CBSequence Operation.
6654 */
6655 static int
6656 nfsv4_setcbsequence(struct nfsrv_descript *nd, struct nfsclient *clp,
6657 int dont_replycache, struct nfsdsession **sepp, int *slotposp)
6658 {
6659 struct nfsdsession *sep;
6660 uint32_t *tl, slotseq = 0;
6661 int maxslot;
6662 uint8_t sessionid[NFSX_V4SESSIONID];
6663 int error;
6664
6665 error = nfsv4_getcbsession(clp, sepp);
6666 if (error != 0)
6667 return (error);
6668 sep = *sepp;
6669 nfsv4_sequencelookup(NULL, &sep->sess_cbsess, slotposp, &maxslot,
6670 &slotseq, sessionid, true);
6671 KASSERT(maxslot >= 0, ("nfsv4_setcbsequence neg maxslot"));
6672
6673 /* Build the Sequence arguments. */
6674 NFSM_BUILD(tl, uint32_t *, NFSX_V4SESSIONID + 5 * NFSX_UNSIGNED);
6675 bcopy(sessionid, tl, NFSX_V4SESSIONID);
6676 tl += NFSX_V4SESSIONID / NFSX_UNSIGNED;
6677 nd->nd_slotseq = tl;
6678 nd->nd_slotid = *slotposp;
6679 nd->nd_flag |= ND_HASSLOTID;
6680 *tl++ = txdr_unsigned(slotseq);
6681 *tl++ = txdr_unsigned(*slotposp);
6682 *tl++ = txdr_unsigned(maxslot);
6683 if (dont_replycache == 0)
6684 *tl++ = newnfs_true;
6685 else
6686 *tl++ = newnfs_false;
6687 *tl = 0; /* No referring call list, for now. */
6688 nd->nd_flag |= ND_HASSEQUENCE;
6689 return (0);
6690 }
6691
6692 /*
6693 * Get a session for the callback.
6694 */
6695 static int
6696 nfsv4_getcbsession(struct nfsclient *clp, struct nfsdsession **sepp)
6697 {
6698 struct nfsdsession *sep;
6699
6700 NFSLOCKSTATE();
6701 LIST_FOREACH(sep, &clp->lc_session, sess_list) {
6702 if ((sep->sess_crflags & NFSV4CRSESS_CONNBACKCHAN) != 0)
6703 break;
6704 }
6705 if (sep == NULL) {
6706 NFSUNLOCKSTATE();
6707 return (NFSERR_BADSESSION);
6708 }
6709 sep->sess_refcnt++;
6710 *sepp = sep;
6711 NFSUNLOCKSTATE();
6712 return (0);
6713 }
6714
6715 /*
6716 * Free up all backchannel xprts. This needs to be done when the nfsd threads
6717 * exit, since those transports will all be going away.
6718 * This is only called after all the nfsd threads are done performing RPCs,
6719 * so locking shouldn't be an issue.
6720 */
6721 void
6722 nfsrv_freeallbackchannel_xprts(void)
6723 {
6724 struct nfsdsession *sep;
6725 struct nfsclient *clp;
6726 SVCXPRT *xprt;
6727 int i;
6728
6729 for (i = 0; i < nfsrv_clienthashsize; i++) {
6730 LIST_FOREACH(clp, &nfsclienthash[i], lc_hash) {
6731 LIST_FOREACH(sep, &clp->lc_session, sess_list) {
6732 xprt = sep->sess_cbsess.nfsess_xprt;
6733 sep->sess_cbsess.nfsess_xprt = NULL;
6734 if (xprt != NULL)
6735 SVC_RELEASE(xprt);
6736 }
6737 }
6738 }
6739 }
6740
6741 /*
6742 * Do a layout commit. Actually just call nfsrv_updatemdsattr().
6743 * I have no idea if the rest of these arguments will ever be useful?
6744 */
6745 int
6746 nfsrv_layoutcommit(struct nfsrv_descript *nd, vnode_t vp, int layouttype,
6747 int hasnewoff, uint64_t newoff, uint64_t offset, uint64_t len,
6748 int hasnewmtime, struct timespec *newmtimep, int reclaim,
6749 nfsv4stateid_t *stateidp, int maxcnt, char *layp, int *hasnewsizep,
6750 uint64_t *newsizep, struct ucred *cred, NFSPROC_T *p)
6751 {
6752 struct nfsvattr na;
6753 int error;
6754
6755 error = nfsrv_updatemdsattr(vp, &na, p);
6756 if (error == 0) {
6757 *hasnewsizep = 1;
6758 *newsizep = na.na_size;
6759 }
6760 return (error);
6761 }
6762
6763 /*
6764 * Try and get a layout.
6765 */
6766 int
6767 nfsrv_layoutget(struct nfsrv_descript *nd, vnode_t vp, struct nfsexstuff *exp,
6768 int layouttype, int *iomode, uint64_t *offset, uint64_t *len,
6769 uint64_t minlen, nfsv4stateid_t *stateidp, int maxcnt, int *retonclose,
6770 int *layoutlenp, char *layp, struct ucred *cred, NFSPROC_T *p)
6771 {
6772 struct nfslayouthash *lhyp;
6773 struct nfslayout *lyp;
6774 char *devid;
6775 fhandle_t fh, *dsfhp;
6776 int error, mirrorcnt;
6777
6778 if (nfsrv_devidcnt == 0)
6779 return (NFSERR_UNKNLAYOUTTYPE);
6780
6781 if (*offset != 0)
6782 printf("nfsrv_layoutget: off=%ju len=%ju\n", (uintmax_t)*offset,
6783 (uintmax_t)*len);
6784 error = nfsvno_getfh(vp, &fh, p);
6785 NFSD_DEBUG(4, "layoutget getfh=%d\n", error);
6786 if (error != 0)
6787 return (error);
6788
6789 /*
6790 * For now, all layouts are for entire files.
6791 * Only issue Read/Write layouts if requested for a non-readonly fs.
6792 */
6793 if (NFSVNO_EXRDONLY(exp)) {
6794 if (*iomode == NFSLAYOUTIOMODE_RW)
6795 return (NFSERR_LAYOUTTRYLATER);
6796 *iomode = NFSLAYOUTIOMODE_READ;
6797 }
6798 if (*iomode != NFSLAYOUTIOMODE_RW)
6799 *iomode = NFSLAYOUTIOMODE_READ;
6800
6801 /*
6802 * Check to see if a write layout can be issued for this file.
6803 * This is used during mirror recovery to avoid RW layouts being
6804 * issued for a file while it is being copied to the recovered
6805 * mirror.
6806 */
6807 if (*iomode == NFSLAYOUTIOMODE_RW && nfsrv_dontlayout(&fh) != 0)
6808 return (NFSERR_LAYOUTTRYLATER);
6809
6810 *retonclose = 0;
6811 *offset = 0;
6812 *len = UINT64_MAX;
6813
6814 /* First, see if a layout already exists and return if found. */
6815 lhyp = NFSLAYOUTHASH(&fh);
6816 NFSLOCKLAYOUT(lhyp);
6817 error = nfsrv_findlayout(&nd->nd_clientid, &fh, layouttype, p, &lyp);
6818 NFSD_DEBUG(4, "layoutget findlay=%d\n", error);
6819 /*
6820 * Not sure if the seqid must be the same, so I won't check it.
6821 */
6822 if (error == 0 && (stateidp->other[0] != lyp->lay_stateid.other[0] ||
6823 stateidp->other[1] != lyp->lay_stateid.other[1] ||
6824 stateidp->other[2] != lyp->lay_stateid.other[2])) {
6825 if ((lyp->lay_flags & NFSLAY_CALLB) == 0) {
6826 NFSUNLOCKLAYOUT(lhyp);
6827 NFSD_DEBUG(1, "ret bad stateid\n");
6828 return (NFSERR_BADSTATEID);
6829 }
6830 /*
6831 * I believe we get here because there is a race between
6832 * the client processing the CBLAYOUTRECALL and the layout
6833 * being deleted here on the server.
6834 * The client has now done a LayoutGet with a non-layout
6835 * stateid, as it would when there is no layout.
6836 * As such, free this layout and set error == NFSERR_BADSTATEID
6837 * so the code below will create a new layout structure as
6838 * would happen if no layout was found.
6839 * "lyp" will be set before being used below, but set it NULL
6840 * as a safety belt.
6841 */
6842 nfsrv_freelayout(&lhyp->list, lyp);
6843 lyp = NULL;
6844 error = NFSERR_BADSTATEID;
6845 }
6846 if (error == 0) {
6847 if (lyp->lay_layoutlen > maxcnt) {
6848 NFSUNLOCKLAYOUT(lhyp);
6849 NFSD_DEBUG(1, "ret layout too small\n");
6850 return (NFSERR_TOOSMALL);
6851 }
6852 if (*iomode == NFSLAYOUTIOMODE_RW) {
6853 if ((lyp->lay_flags & NFSLAY_NOSPC) != 0) {
6854 NFSUNLOCKLAYOUT(lhyp);
6855 NFSD_DEBUG(1, "ret layout nospace\n");
6856 return (NFSERR_NOSPC);
6857 }
6858 lyp->lay_flags |= NFSLAY_RW;
6859 } else
6860 lyp->lay_flags |= NFSLAY_READ;
6861 NFSBCOPY(lyp->lay_xdr, layp, lyp->lay_layoutlen);
6862 *layoutlenp = lyp->lay_layoutlen;
6863 if (++lyp->lay_stateid.seqid == 0)
6864 lyp->lay_stateid.seqid = 1;
6865 stateidp->seqid = lyp->lay_stateid.seqid;
6866 NFSUNLOCKLAYOUT(lhyp);
6867 NFSD_DEBUG(4, "ret fnd layout\n");
6868 return (0);
6869 }
6870 NFSUNLOCKLAYOUT(lhyp);
6871
6872 /* Find the device id and file handle. */
6873 dsfhp = malloc(sizeof(fhandle_t) * NFSDEV_MAXMIRRORS, M_TEMP, M_WAITOK);
6874 devid = malloc(NFSX_V4DEVICEID * NFSDEV_MAXMIRRORS, M_TEMP, M_WAITOK);
6875 error = nfsrv_dsgetdevandfh(vp, p, &mirrorcnt, dsfhp, devid);
6876 NFSD_DEBUG(4, "layoutget devandfh=%d\n", error);
6877 if (error == 0) {
6878 if (layouttype == NFSLAYOUT_NFSV4_1_FILES) {
6879 if (NFSX_V4FILELAYOUT > maxcnt)
6880 error = NFSERR_TOOSMALL;
6881 else
6882 lyp = nfsrv_filelayout(nd, *iomode, &fh, dsfhp,
6883 devid, vp->v_mount->mnt_stat.f_fsid);
6884 } else {
6885 if (NFSX_V4FLEXLAYOUT(mirrorcnt) > maxcnt)
6886 error = NFSERR_TOOSMALL;
6887 else
6888 lyp = nfsrv_flexlayout(nd, *iomode, mirrorcnt,
6889 &fh, dsfhp, devid,
6890 vp->v_mount->mnt_stat.f_fsid);
6891 }
6892 }
6893 free(dsfhp, M_TEMP);
6894 free(devid, M_TEMP);
6895 if (error != 0)
6896 return (error);
6897
6898 /*
6899 * Now, add this layout to the list.
6900 */
6901 error = nfsrv_addlayout(nd, &lyp, stateidp, layp, layoutlenp, p);
6902 NFSD_DEBUG(4, "layoutget addl=%d\n", error);
6903 /*
6904 * The lyp will be set to NULL by nfsrv_addlayout() if it
6905 * linked the new structure into the lists.
6906 */
6907 free(lyp, M_NFSDSTATE);
6908 return (error);
6909 }
6910
6911 /*
6912 * Generate a File Layout.
6913 */
6914 static struct nfslayout *
6915 nfsrv_filelayout(struct nfsrv_descript *nd, int iomode, fhandle_t *fhp,
6916 fhandle_t *dsfhp, char *devid, fsid_t fs)
6917 {
6918 uint32_t *tl;
6919 struct nfslayout *lyp;
6920 uint64_t pattern_offset;
6921
6922 lyp = malloc(sizeof(struct nfslayout) + NFSX_V4FILELAYOUT, M_NFSDSTATE,
6923 M_WAITOK | M_ZERO);
6924 lyp->lay_type = NFSLAYOUT_NFSV4_1_FILES;
6925 if (iomode == NFSLAYOUTIOMODE_RW)
6926 lyp->lay_flags = NFSLAY_RW;
6927 else
6928 lyp->lay_flags = NFSLAY_READ;
6929 NFSBCOPY(fhp, &lyp->lay_fh, sizeof(*fhp));
6930 lyp->lay_clientid.qval = nd->nd_clientid.qval;
6931 lyp->lay_fsid = fs;
6932 NFSBCOPY(devid, lyp->lay_deviceid, NFSX_V4DEVICEID);
6933
6934 /* Fill in the xdr for the files layout. */
6935 tl = (uint32_t *)lyp->lay_xdr;
6936 NFSBCOPY(devid, tl, NFSX_V4DEVICEID); /* Device ID. */
6937 tl += (NFSX_V4DEVICEID / NFSX_UNSIGNED);
6938
6939 /* Set the stripe size to the maximum I/O size. */
6940 *tl++ = txdr_unsigned(nfs_srvmaxio & NFSFLAYUTIL_STRIPE_MASK);
6941 *tl++ = 0; /* 1st stripe index. */
6942 pattern_offset = 0;
6943 txdr_hyper(pattern_offset, tl); tl += 2; /* Pattern offset. */
6944 *tl++ = txdr_unsigned(1); /* 1 file handle. */
6945 *tl++ = txdr_unsigned(NFSX_V4PNFSFH);
6946 NFSBCOPY(dsfhp, tl, sizeof(*dsfhp));
6947 lyp->lay_layoutlen = NFSX_V4FILELAYOUT;
6948 return (lyp);
6949 }
6950
6951 #define FLEX_OWNERID "999"
6952 #define FLEX_UID0 ""
6953 /*
6954 * Generate a Flex File Layout.
6955 * The FLEX_OWNERID can be any string of 3 decimal digits. Although this
6956 * string goes on the wire, it isn't supposed to be used by the client,
6957 * since this server uses tight coupling.
6958 * Although not recommended by the spec., if vfs.nfsd.flexlinuxhack=1 use
6959 * a string of "". This works around the Linux Flex File Layout driver bug
6960 * which uses the synthetic uid/gid strings for the "tightly coupled" case.
6961 */
6962 static struct nfslayout *
6963 nfsrv_flexlayout(struct nfsrv_descript *nd, int iomode, int mirrorcnt,
6964 fhandle_t *fhp, fhandle_t *dsfhp, char *devid, fsid_t fs)
6965 {
6966 uint32_t *tl;
6967 struct nfslayout *lyp;
6968 uint64_t lenval;
6969 int i;
6970
6971 lyp = malloc(sizeof(struct nfslayout) + NFSX_V4FLEXLAYOUT(mirrorcnt),
6972 M_NFSDSTATE, M_WAITOK | M_ZERO);
6973 lyp->lay_type = NFSLAYOUT_FLEXFILE;
6974 if (iomode == NFSLAYOUTIOMODE_RW)
6975 lyp->lay_flags = NFSLAY_RW;
6976 else
6977 lyp->lay_flags = NFSLAY_READ;
6978 NFSBCOPY(fhp, &lyp->lay_fh, sizeof(*fhp));
6979 lyp->lay_clientid.qval = nd->nd_clientid.qval;
6980 lyp->lay_fsid = fs;
6981 lyp->lay_mirrorcnt = mirrorcnt;
6982 NFSBCOPY(devid, lyp->lay_deviceid, NFSX_V4DEVICEID);
6983
6984 /* Fill in the xdr for the files layout. */
6985 tl = (uint32_t *)lyp->lay_xdr;
6986 lenval = 0;
6987 txdr_hyper(lenval, tl); tl += 2; /* Stripe unit. */
6988 *tl++ = txdr_unsigned(mirrorcnt); /* # of mirrors. */
6989 for (i = 0; i < mirrorcnt; i++) {
6990 *tl++ = txdr_unsigned(1); /* One stripe. */
6991 NFSBCOPY(devid, tl, NFSX_V4DEVICEID); /* Device ID. */
6992 tl += (NFSX_V4DEVICEID / NFSX_UNSIGNED);
6993 devid += NFSX_V4DEVICEID;
6994 *tl++ = txdr_unsigned(1); /* Efficiency. */
6995 *tl++ = 0; /* Proxy Stateid. */
6996 *tl++ = 0x55555555;
6997 *tl++ = 0x55555555;
6998 *tl++ = 0x55555555;
6999 *tl++ = txdr_unsigned(1); /* 1 file handle. */
7000 *tl++ = txdr_unsigned(NFSX_V4PNFSFH);
7001 NFSBCOPY(dsfhp, tl, sizeof(*dsfhp));
7002 tl += (NFSM_RNDUP(NFSX_V4PNFSFH) / NFSX_UNSIGNED);
7003 dsfhp++;
7004 if (nfsrv_flexlinuxhack != 0) {
7005 *tl++ = txdr_unsigned(strlen(FLEX_UID0));
7006 *tl = 0; /* 0 pad string. */
7007 NFSBCOPY(FLEX_UID0, tl++, strlen(FLEX_UID0));
7008 *tl++ = txdr_unsigned(strlen(FLEX_UID0));
7009 *tl = 0; /* 0 pad string. */
7010 NFSBCOPY(FLEX_UID0, tl++, strlen(FLEX_UID0));
7011 } else {
7012 *tl++ = txdr_unsigned(strlen(FLEX_OWNERID));
7013 NFSBCOPY(FLEX_OWNERID, tl++, NFSX_UNSIGNED);
7014 *tl++ = txdr_unsigned(strlen(FLEX_OWNERID));
7015 NFSBCOPY(FLEX_OWNERID, tl++, NFSX_UNSIGNED);
7016 }
7017 }
7018 *tl++ = txdr_unsigned(0); /* ff_flags. */
7019 *tl = txdr_unsigned(60); /* Status interval hint. */
7020 lyp->lay_layoutlen = NFSX_V4FLEXLAYOUT(mirrorcnt);
7021 return (lyp);
7022 }
7023
7024 /*
7025 * Parse and process Flex File errors returned via LayoutReturn.
7026 */
7027 static void
7028 nfsrv_flexlayouterr(struct nfsrv_descript *nd, uint32_t *layp, int maxcnt,
7029 NFSPROC_T *p)
7030 {
7031 uint32_t *tl;
7032 int cnt, errcnt, i, j, opnum, stat;
7033 char devid[NFSX_V4DEVICEID];
7034
7035 tl = layp;
7036 maxcnt -= NFSX_UNSIGNED;
7037 if (maxcnt > 0)
7038 cnt = fxdr_unsigned(int, *tl++);
7039 else
7040 cnt = 0;
7041 NFSD_DEBUG(4, "flexlayouterr cnt=%d\n", cnt);
7042 for (i = 0; i < cnt; i++) {
7043 maxcnt -= NFSX_STATEID + 2 * NFSX_HYPER +
7044 NFSX_UNSIGNED;
7045 if (maxcnt <= 0)
7046 break;
7047 /* Skip offset, length and stateid for now. */
7048 tl += (4 + NFSX_STATEID / NFSX_UNSIGNED);
7049 errcnt = fxdr_unsigned(int, *tl++);
7050 NFSD_DEBUG(4, "flexlayouterr errcnt=%d\n", errcnt);
7051 for (j = 0; j < errcnt; j++) {
7052 maxcnt -= NFSX_V4DEVICEID + 2 * NFSX_UNSIGNED;
7053 if (maxcnt < 0)
7054 break;
7055 NFSBCOPY(tl, devid, NFSX_V4DEVICEID);
7056 tl += (NFSX_V4DEVICEID / NFSX_UNSIGNED);
7057 stat = fxdr_unsigned(int, *tl++);
7058 opnum = fxdr_unsigned(int, *tl++);
7059 NFSD_DEBUG(4, "flexlayouterr op=%d stat=%d\n", opnum,
706 |