1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Central processing for nfsd.
4 *
5 * Authors: Olaf Kirch (okir@monad.swb.de)
6 *
7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 */
9
10 #include <linux/sched/signal.h>
11 #include <linux/freezer.h>
12 #include <linux/module.h>
13 #include <linux/fs_struct.h>
14 #include <linux/swap.h>
15
16 #include <linux/sunrpc/stats.h>
17 #include <linux/sunrpc/svcsock.h>
18 #include <linux/sunrpc/svc_xprt.h>
19 #include <linux/lockd/bind.h>
20 #include <linux/nfsacl.h>
21 #include <linux/seq_file.h>
22 #include <linux/inetdevice.h>
23 #include <net/addrconf.h>
24 #include <net/ipv6.h>
25 #include <net/net_namespace.h>
26 #include "nfsd.h"
27 #include "cache.h"
28 #include "vfs.h"
29 #include "netns.h"
30 #include "filecache.h"
31
32 #define NFSDDBG_FACILITY NFSDDBG_SVC
33
34 extern struct svc_program nfsd_program;
35 static int nfsd(void *vrqstp);
36 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
37 static int nfsd_acl_rpcbind_set(struct net *,
38 const struct svc_program *,
39 u32, int,
40 unsigned short,
41 unsigned short);
42 static __be32 nfsd_acl_init_request(struct svc_rqst *,
43 const struct svc_program *,
44 struct svc_process_info *);
45 #endif
46 static int nfsd_rpcbind_set(struct net *,
47 const struct svc_program *,
48 u32, int,
49 unsigned short,
50 unsigned short);
51 static __be32 nfsd_init_request(struct svc_rqst *,
52 const struct svc_program *,
53 struct svc_process_info *);
54
55 /*
56 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and the members
57 * of the svc_serv struct. In particular, ->sv_nrthreads but also to some
58 * extent ->sv_temp_socks and ->sv_permsocks. It also protects nfsdstats.th_cnt
59 *
60 * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a
61 * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0. That number
62 * of nfsd threads must exist and each must listed in ->sp_all_threads in each
63 * entry of ->sv_pools[].
64 *
65 * Transitions of the thread count between zero and non-zero are of particular
66 * interest since the svc_serv needs to be created and initialized at that
67 * point, or freed.
68 *
69 * Finally, the nfsd_mutex also protects some of the global variables that are
70 * accessed when nfsd starts and that are settable via the write_* routines in
71 * nfsctl.c. In particular:
72 *
73 * user_recovery_dirname
74 * user_lease_time
75 * nfsd_versions
76 */
77 DEFINE_MUTEX(nfsd_mutex);
78
79 /*
80 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used.
81 * nfsd_drc_max_pages limits the total amount of memory available for
82 * version 4.1 DRC caches.
83 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage.
84 */
85 spinlock_t nfsd_drc_lock;
86 unsigned long nfsd_drc_max_mem;
87 unsigned long nfsd_drc_mem_used;
88
89 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
90 static struct svc_stat nfsd_acl_svcstats;
91 static const struct svc_version *nfsd_acl_version[] = {
92 [2] = &nfsd_acl_version2,
93 [3] = &nfsd_acl_version3,
94 };
95
96 #define NFSD_ACL_MINVERS 2
97 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version)
98 static const struct svc_version *nfsd_acl_versions[NFSD_ACL_NRVERS];
99
100 static struct svc_program nfsd_acl_program = {
101 .pg_prog = NFS_ACL_PROGRAM,
102 .pg_nvers = NFSD_ACL_NRVERS,
103 .pg_vers = nfsd_acl_versions,
104 .pg_name = "nfsacl",
105 .pg_class = "nfsd",
106 .pg_stats = &nfsd_acl_svcstats,
107 .pg_authenticate = &svc_set_client,
108 .pg_init_request = nfsd_acl_init_request,
109 .pg_rpcbind_set = nfsd_acl_rpcbind_set,
110 };
111
112 static struct svc_stat nfsd_acl_svcstats = {
113 .program = &nfsd_acl_program,
114 };
115 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */
116
117 static const struct svc_version *nfsd_version[] = {
118 [2] = &nfsd_version2,
119 #if defined(CONFIG_NFSD_V3)
120 [3] = &nfsd_version3,
121 #endif
122 #if defined(CONFIG_NFSD_V4)
123 [4] = &nfsd_version4,
124 #endif
125 };
126
127 #define NFSD_MINVERS 2
128 #define NFSD_NRVERS ARRAY_SIZE(nfsd_version)
129
130 struct svc_program nfsd_program = {
131 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
132 .pg_next = &nfsd_acl_program,
133 #endif
134 .pg_prog = NFS_PROGRAM, /* program number */
135 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */
136 .pg_vers = nfsd_version, /* version table */
137 .pg_name = "nfsd", /* program name */
138 .pg_class = "nfsd", /* authentication class */
139 .pg_stats = &nfsd_svcstats, /* version table */
140 .pg_authenticate = &svc_set_client, /* export authentication */
141 .pg_init_request = nfsd_init_request,
142 .pg_rpcbind_set = nfsd_rpcbind_set,
143 };
144
145 static bool
nfsd_support_version(int vers)146 nfsd_support_version(int vers)
147 {
148 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS)
149 return nfsd_version[vers] != NULL;
150 return false;
151 }
152
153 static bool *
nfsd_alloc_versions(void)154 nfsd_alloc_versions(void)
155 {
156 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL);
157 unsigned i;
158
159 if (vers) {
160 /* All compiled versions are enabled by default */
161 for (i = 0; i < NFSD_NRVERS; i++)
162 vers[i] = nfsd_support_version(i);
163 }
164 return vers;
165 }
166
167 static bool *
nfsd_alloc_minorversions(void)168 nfsd_alloc_minorversions(void)
169 {
170 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1,
171 sizeof(bool), GFP_KERNEL);
172 unsigned i;
173
174 if (vers) {
175 /* All minor versions are enabled by default */
176 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++)
177 vers[i] = nfsd_support_version(4);
178 }
179 return vers;
180 }
181
182 void
nfsd_netns_free_versions(struct nfsd_net * nn)183 nfsd_netns_free_versions(struct nfsd_net *nn)
184 {
185 kfree(nn->nfsd_versions);
186 kfree(nn->nfsd4_minorversions);
187 nn->nfsd_versions = NULL;
188 nn->nfsd4_minorversions = NULL;
189 }
190
191 static void
nfsd_netns_init_versions(struct nfsd_net * nn)192 nfsd_netns_init_versions(struct nfsd_net *nn)
193 {
194 if (!nn->nfsd_versions) {
195 nn->nfsd_versions = nfsd_alloc_versions();
196 nn->nfsd4_minorversions = nfsd_alloc_minorversions();
197 if (!nn->nfsd_versions || !nn->nfsd4_minorversions)
198 nfsd_netns_free_versions(nn);
199 }
200 }
201
nfsd_vers(struct nfsd_net * nn,int vers,enum vers_op change)202 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change)
203 {
204 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS)
205 return 0;
206 switch(change) {
207 case NFSD_SET:
208 if (nn->nfsd_versions)
209 nn->nfsd_versions[vers] = nfsd_support_version(vers);
210 break;
211 case NFSD_CLEAR:
212 nfsd_netns_init_versions(nn);
213 if (nn->nfsd_versions)
214 nn->nfsd_versions[vers] = false;
215 break;
216 case NFSD_TEST:
217 if (nn->nfsd_versions)
218 return nn->nfsd_versions[vers];
219 /* Fallthrough */
220 case NFSD_AVAIL:
221 return nfsd_support_version(vers);
222 }
223 return 0;
224 }
225
226 static void
nfsd_adjust_nfsd_versions4(struct nfsd_net * nn)227 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn)
228 {
229 unsigned i;
230
231 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) {
232 if (nn->nfsd4_minorversions[i])
233 return;
234 }
235 nfsd_vers(nn, 4, NFSD_CLEAR);
236 }
237
nfsd_minorversion(struct nfsd_net * nn,u32 minorversion,enum vers_op change)238 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change)
239 {
240 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION &&
241 change != NFSD_AVAIL)
242 return -1;
243
244 switch(change) {
245 case NFSD_SET:
246 if (nn->nfsd4_minorversions) {
247 nfsd_vers(nn, 4, NFSD_SET);
248 nn->nfsd4_minorversions[minorversion] =
249 nfsd_vers(nn, 4, NFSD_TEST);
250 }
251 break;
252 case NFSD_CLEAR:
253 nfsd_netns_init_versions(nn);
254 if (nn->nfsd4_minorversions) {
255 nn->nfsd4_minorversions[minorversion] = false;
256 nfsd_adjust_nfsd_versions4(nn);
257 }
258 break;
259 case NFSD_TEST:
260 if (nn->nfsd4_minorversions)
261 return nn->nfsd4_minorversions[minorversion];
262 return nfsd_vers(nn, 4, NFSD_TEST);
263 case NFSD_AVAIL:
264 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION &&
265 nfsd_vers(nn, 4, NFSD_AVAIL);
266 }
267 return 0;
268 }
269
270 /*
271 * Maximum number of nfsd processes
272 */
273 #define NFSD_MAXSERVS 8192
274
nfsd_nrthreads(struct net * net)275 int nfsd_nrthreads(struct net *net)
276 {
277 int rv = 0;
278 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
279
280 mutex_lock(&nfsd_mutex);
281 if (nn->nfsd_serv)
282 rv = nn->nfsd_serv->sv_nrthreads;
283 mutex_unlock(&nfsd_mutex);
284 return rv;
285 }
286
nfsd_init_socks(struct net * net,const struct cred * cred)287 static int nfsd_init_socks(struct net *net, const struct cred *cred)
288 {
289 int error;
290 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
291
292 if (!list_empty(&nn->nfsd_serv->sv_permsocks))
293 return 0;
294
295 error = svc_create_xprt(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT,
296 SVC_SOCK_DEFAULTS, cred);
297 if (error < 0)
298 return error;
299
300 error = svc_create_xprt(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT,
301 SVC_SOCK_DEFAULTS, cred);
302 if (error < 0)
303 return error;
304
305 return 0;
306 }
307
308 static int nfsd_users = 0;
309
nfsd_startup_generic(int nrservs)310 static int nfsd_startup_generic(int nrservs)
311 {
312 int ret;
313
314 if (nfsd_users++)
315 return 0;
316
317 ret = nfsd_file_cache_init();
318 if (ret)
319 goto dec_users;
320
321 ret = nfs4_state_start();
322 if (ret)
323 goto out_file_cache;
324 return 0;
325
326 out_file_cache:
327 nfsd_file_cache_shutdown();
328 dec_users:
329 nfsd_users--;
330 return ret;
331 }
332
nfsd_shutdown_generic(void)333 static void nfsd_shutdown_generic(void)
334 {
335 if (--nfsd_users)
336 return;
337
338 nfs4_state_shutdown();
339 nfsd_file_cache_shutdown();
340 }
341
nfsd_needs_lockd(struct nfsd_net * nn)342 static bool nfsd_needs_lockd(struct nfsd_net *nn)
343 {
344 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST);
345 }
346
nfsd_copy_boot_verifier(__be32 verf[2],struct nfsd_net * nn)347 void nfsd_copy_boot_verifier(__be32 verf[2], struct nfsd_net *nn)
348 {
349 int seq = 0;
350
351 do {
352 read_seqbegin_or_lock(&nn->boot_lock, &seq);
353 /*
354 * This is opaque to client, so no need to byte-swap. Use
355 * __force to keep sparse happy. y2038 time_t overflow is
356 * irrelevant in this usage
357 */
358 verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec;
359 verf[1] = (__force __be32)nn->nfssvc_boot.tv_nsec;
360 } while (need_seqretry(&nn->boot_lock, seq));
361 done_seqretry(&nn->boot_lock, seq);
362 }
363
nfsd_reset_boot_verifier_locked(struct nfsd_net * nn)364 static void nfsd_reset_boot_verifier_locked(struct nfsd_net *nn)
365 {
366 ktime_get_real_ts64(&nn->nfssvc_boot);
367 }
368
nfsd_reset_boot_verifier(struct nfsd_net * nn)369 void nfsd_reset_boot_verifier(struct nfsd_net *nn)
370 {
371 write_seqlock(&nn->boot_lock);
372 nfsd_reset_boot_verifier_locked(nn);
373 write_sequnlock(&nn->boot_lock);
374 }
375
nfsd_startup_net(int nrservs,struct net * net,const struct cred * cred)376 static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cred)
377 {
378 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
379 int ret;
380
381 if (nn->nfsd_net_up)
382 return 0;
383
384 ret = nfsd_startup_generic(nrservs);
385 if (ret)
386 return ret;
387 ret = nfsd_init_socks(net, cred);
388 if (ret)
389 goto out_socks;
390
391 if (nfsd_needs_lockd(nn) && !nn->lockd_up) {
392 ret = lockd_up(net, cred);
393 if (ret)
394 goto out_socks;
395 nn->lockd_up = 1;
396 }
397
398 ret = nfs4_state_start_net(net);
399 if (ret)
400 goto out_lockd;
401
402 nn->nfsd_net_up = true;
403 return 0;
404
405 out_lockd:
406 if (nn->lockd_up) {
407 lockd_down(net);
408 nn->lockd_up = 0;
409 }
410 out_socks:
411 nfsd_shutdown_generic();
412 return ret;
413 }
414
nfsd_shutdown_net(struct net * net)415 static void nfsd_shutdown_net(struct net *net)
416 {
417 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
418
419 nfsd_file_cache_purge(net);
420 nfs4_state_shutdown_net(net);
421 if (nn->lockd_up) {
422 lockd_down(net);
423 nn->lockd_up = 0;
424 }
425 nn->nfsd_net_up = false;
426 nfsd_shutdown_generic();
427 }
428
nfsd_inetaddr_event(struct notifier_block * this,unsigned long event,void * ptr)429 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event,
430 void *ptr)
431 {
432 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr;
433 struct net_device *dev = ifa->ifa_dev->dev;
434 struct net *net = dev_net(dev);
435 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
436 struct sockaddr_in sin;
437
438 if ((event != NETDEV_DOWN) ||
439 !atomic_inc_not_zero(&nn->ntf_refcnt))
440 goto out;
441
442 if (nn->nfsd_serv) {
443 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local);
444 sin.sin_family = AF_INET;
445 sin.sin_addr.s_addr = ifa->ifa_local;
446 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin);
447 }
448 atomic_dec(&nn->ntf_refcnt);
449 wake_up(&nn->ntf_wq);
450
451 out:
452 return NOTIFY_DONE;
453 }
454
455 static struct notifier_block nfsd_inetaddr_notifier = {
456 .notifier_call = nfsd_inetaddr_event,
457 };
458
459 #if IS_ENABLED(CONFIG_IPV6)
nfsd_inet6addr_event(struct notifier_block * this,unsigned long event,void * ptr)460 static int nfsd_inet6addr_event(struct notifier_block *this,
461 unsigned long event, void *ptr)
462 {
463 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr;
464 struct net_device *dev = ifa->idev->dev;
465 struct net *net = dev_net(dev);
466 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
467 struct sockaddr_in6 sin6;
468
469 if ((event != NETDEV_DOWN) ||
470 !atomic_inc_not_zero(&nn->ntf_refcnt))
471 goto out;
472
473 if (nn->nfsd_serv) {
474 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr);
475 sin6.sin6_family = AF_INET6;
476 sin6.sin6_addr = ifa->addr;
477 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL)
478 sin6.sin6_scope_id = ifa->idev->dev->ifindex;
479 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6);
480 }
481 atomic_dec(&nn->ntf_refcnt);
482 wake_up(&nn->ntf_wq);
483 out:
484 return NOTIFY_DONE;
485 }
486
487 static struct notifier_block nfsd_inet6addr_notifier = {
488 .notifier_call = nfsd_inet6addr_event,
489 };
490 #endif
491
492 /* Only used under nfsd_mutex, so this atomic may be overkill: */
493 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0);
494
nfsd_last_thread(struct svc_serv * serv,struct net * net)495 static void nfsd_last_thread(struct svc_serv *serv, struct net *net)
496 {
497 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
498
499 atomic_dec(&nn->ntf_refcnt);
500 /* check if the notifier still has clients */
501 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) {
502 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier);
503 #if IS_ENABLED(CONFIG_IPV6)
504 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier);
505 #endif
506 }
507 wait_event(nn->ntf_wq, atomic_read(&nn->ntf_refcnt) == 0);
508
509 /*
510 * write_ports can create the server without actually starting
511 * any threads--if we get shut down before any threads are
512 * started, then nfsd_last_thread will be run before any of this
513 * other initialization has been done except the rpcb information.
514 */
515 svc_rpcb_cleanup(serv, net);
516 if (!nn->nfsd_net_up)
517 return;
518
519 nfsd_shutdown_net(net);
520 printk(KERN_WARNING "nfsd: last server has exited, flushing export "
521 "cache\n");
522 nfsd_export_flush(net);
523 }
524
nfsd_reset_versions(struct nfsd_net * nn)525 void nfsd_reset_versions(struct nfsd_net *nn)
526 {
527 int i;
528
529 for (i = 0; i < NFSD_NRVERS; i++)
530 if (nfsd_vers(nn, i, NFSD_TEST))
531 return;
532
533 for (i = 0; i < NFSD_NRVERS; i++)
534 if (i != 4)
535 nfsd_vers(nn, i, NFSD_SET);
536 else {
537 int minor = 0;
538 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0)
539 minor++;
540 }
541 }
542
543 /*
544 * Each session guarantees a negotiated per slot memory cache for replies
545 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated
546 * NFSv4.1 server might want to use more memory for a DRC than a machine
547 * with mutiple services.
548 *
549 * Impose a hard limit on the number of pages for the DRC which varies
550 * according to the machines free pages. This is of course only a default.
551 *
552 * For now this is a #defined shift which could be under admin control
553 * in the future.
554 */
set_max_drc(void)555 static void set_max_drc(void)
556 {
557 #define NFSD_DRC_SIZE_SHIFT 7
558 nfsd_drc_max_mem = (nr_free_buffer_pages()
559 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE;
560 nfsd_drc_mem_used = 0;
561 spin_lock_init(&nfsd_drc_lock);
562 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem);
563 }
564
nfsd_get_default_max_blksize(void)565 static int nfsd_get_default_max_blksize(void)
566 {
567 struct sysinfo i;
568 unsigned long long target;
569 unsigned long ret;
570
571 si_meminfo(&i);
572 target = (i.totalram - i.totalhigh) << PAGE_SHIFT;
573 /*
574 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig
575 * machines, but only uses 32K on 128M machines. Bottom out at
576 * 8K on 32M and smaller. Of course, this is only a default.
577 */
578 target >>= 12;
579
580 ret = NFSSVC_MAXBLKSIZE;
581 while (ret > target && ret >= 8*1024*2)
582 ret /= 2;
583 return ret;
584 }
585
586 static const struct svc_serv_ops nfsd_thread_sv_ops = {
587 .svo_shutdown = nfsd_last_thread,
588 .svo_function = nfsd,
589 .svo_enqueue_xprt = svc_xprt_do_enqueue,
590 .svo_setup = svc_set_num_threads,
591 .svo_module = THIS_MODULE,
592 };
593
nfsd_create_serv(struct net * net)594 int nfsd_create_serv(struct net *net)
595 {
596 int error;
597 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
598
599 WARN_ON(!mutex_is_locked(&nfsd_mutex));
600 if (nn->nfsd_serv) {
601 svc_get(nn->nfsd_serv);
602 return 0;
603 }
604 if (nfsd_max_blksize == 0)
605 nfsd_max_blksize = nfsd_get_default_max_blksize();
606 nfsd_reset_versions(nn);
607 nn->nfsd_serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize,
608 &nfsd_thread_sv_ops);
609 if (nn->nfsd_serv == NULL)
610 return -ENOMEM;
611
612 nn->nfsd_serv->sv_maxconn = nn->max_connections;
613 error = svc_bind(nn->nfsd_serv, net);
614 if (error < 0) {
615 svc_destroy(nn->nfsd_serv);
616 return error;
617 }
618
619 set_max_drc();
620 /* check if the notifier is already set */
621 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) {
622 register_inetaddr_notifier(&nfsd_inetaddr_notifier);
623 #if IS_ENABLED(CONFIG_IPV6)
624 register_inet6addr_notifier(&nfsd_inet6addr_notifier);
625 #endif
626 }
627 atomic_inc(&nn->ntf_refcnt);
628 nfsd_reset_boot_verifier(nn);
629 return 0;
630 }
631
nfsd_nrpools(struct net * net)632 int nfsd_nrpools(struct net *net)
633 {
634 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
635
636 if (nn->nfsd_serv == NULL)
637 return 0;
638 else
639 return nn->nfsd_serv->sv_nrpools;
640 }
641
nfsd_get_nrthreads(int n,int * nthreads,struct net * net)642 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net)
643 {
644 int i = 0;
645 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
646
647 if (nn->nfsd_serv != NULL) {
648 for (i = 0; i < nn->nfsd_serv->sv_nrpools && i < n; i++)
649 nthreads[i] = nn->nfsd_serv->sv_pools[i].sp_nrthreads;
650 }
651
652 return 0;
653 }
654
nfsd_destroy(struct net * net)655 void nfsd_destroy(struct net *net)
656 {
657 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
658 int destroy = (nn->nfsd_serv->sv_nrthreads == 1);
659
660 if (destroy)
661 svc_shutdown_net(nn->nfsd_serv, net);
662 svc_destroy(nn->nfsd_serv);
663 if (destroy)
664 nn->nfsd_serv = NULL;
665 }
666
nfsd_set_nrthreads(int n,int * nthreads,struct net * net)667 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net)
668 {
669 int i = 0;
670 int tot = 0;
671 int err = 0;
672 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
673
674 WARN_ON(!mutex_is_locked(&nfsd_mutex));
675
676 if (nn->nfsd_serv == NULL || n <= 0)
677 return 0;
678
679 if (n > nn->nfsd_serv->sv_nrpools)
680 n = nn->nfsd_serv->sv_nrpools;
681
682 /* enforce a global maximum number of threads */
683 tot = 0;
684 for (i = 0; i < n; i++) {
685 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS);
686 tot += nthreads[i];
687 }
688 if (tot > NFSD_MAXSERVS) {
689 /* total too large: scale down requested numbers */
690 for (i = 0; i < n && tot > 0; i++) {
691 int new = nthreads[i] * NFSD_MAXSERVS / tot;
692 tot -= (nthreads[i] - new);
693 nthreads[i] = new;
694 }
695 for (i = 0; i < n && tot > 0; i++) {
696 nthreads[i]--;
697 tot--;
698 }
699 }
700
701 /*
702 * There must always be a thread in pool 0; the admin
703 * can't shut down NFS completely using pool_threads.
704 */
705 if (nthreads[0] == 0)
706 nthreads[0] = 1;
707
708 /* apply the new numbers */
709 svc_get(nn->nfsd_serv);
710 for (i = 0; i < n; i++) {
711 err = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv,
712 &nn->nfsd_serv->sv_pools[i], nthreads[i]);
713 if (err)
714 break;
715 }
716 nfsd_destroy(net);
717 return err;
718 }
719
720 /*
721 * Adjust the number of threads and return the new number of threads.
722 * This is also the function that starts the server if necessary, if
723 * this is the first time nrservs is nonzero.
724 */
725 int
nfsd_svc(int nrservs,struct net * net,const struct cred * cred)726 nfsd_svc(int nrservs, struct net *net, const struct cred *cred)
727 {
728 int error;
729 bool nfsd_up_before;
730 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
731
732 mutex_lock(&nfsd_mutex);
733 dprintk("nfsd: creating service\n");
734
735 nrservs = max(nrservs, 0);
736 nrservs = min(nrservs, NFSD_MAXSERVS);
737 error = 0;
738
739 if (nrservs == 0 && nn->nfsd_serv == NULL)
740 goto out;
741
742 error = nfsd_create_serv(net);
743 if (error)
744 goto out;
745
746 nfsd_up_before = nn->nfsd_net_up;
747
748 error = nfsd_startup_net(nrservs, net, cred);
749 if (error)
750 goto out_destroy;
751 error = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv,
752 NULL, nrservs);
753 if (error)
754 goto out_shutdown;
755 /* We are holding a reference to nn->nfsd_serv which
756 * we don't want to count in the return value,
757 * so subtract 1
758 */
759 error = nn->nfsd_serv->sv_nrthreads - 1;
760 out_shutdown:
761 if (error < 0 && !nfsd_up_before)
762 nfsd_shutdown_net(net);
763 out_destroy:
764 nfsd_destroy(net); /* Release server */
765 out:
766 mutex_unlock(&nfsd_mutex);
767 return error;
768 }
769
770 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
771 static bool
nfsd_support_acl_version(int vers)772 nfsd_support_acl_version(int vers)
773 {
774 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS)
775 return nfsd_acl_version[vers] != NULL;
776 return false;
777 }
778
779 static int
nfsd_acl_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)780 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp,
781 u32 version, int family, unsigned short proto,
782 unsigned short port)
783 {
784 if (!nfsd_support_acl_version(version) ||
785 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
786 return 0;
787 return svc_generic_rpcbind_set(net, progp, version, family,
788 proto, port);
789 }
790
791 static __be32
nfsd_acl_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)792 nfsd_acl_init_request(struct svc_rqst *rqstp,
793 const struct svc_program *progp,
794 struct svc_process_info *ret)
795 {
796 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
797 int i;
798
799 if (likely(nfsd_support_acl_version(rqstp->rq_vers) &&
800 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
801 return svc_generic_init_request(rqstp, progp, ret);
802
803 ret->mismatch.lovers = NFSD_ACL_NRVERS;
804 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) {
805 if (nfsd_support_acl_version(rqstp->rq_vers) &&
806 nfsd_vers(nn, i, NFSD_TEST)) {
807 ret->mismatch.lovers = i;
808 break;
809 }
810 }
811 if (ret->mismatch.lovers == NFSD_ACL_NRVERS)
812 return rpc_prog_unavail;
813 ret->mismatch.hivers = NFSD_ACL_MINVERS;
814 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) {
815 if (nfsd_support_acl_version(rqstp->rq_vers) &&
816 nfsd_vers(nn, i, NFSD_TEST)) {
817 ret->mismatch.hivers = i;
818 break;
819 }
820 }
821 return rpc_prog_mismatch;
822 }
823 #endif
824
825 static int
nfsd_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)826 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp,
827 u32 version, int family, unsigned short proto,
828 unsigned short port)
829 {
830 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
831 return 0;
832 return svc_generic_rpcbind_set(net, progp, version, family,
833 proto, port);
834 }
835
836 static __be32
nfsd_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)837 nfsd_init_request(struct svc_rqst *rqstp,
838 const struct svc_program *progp,
839 struct svc_process_info *ret)
840 {
841 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
842 int i;
843
844 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
845 return svc_generic_init_request(rqstp, progp, ret);
846
847 ret->mismatch.lovers = NFSD_NRVERS;
848 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) {
849 if (nfsd_vers(nn, i, NFSD_TEST)) {
850 ret->mismatch.lovers = i;
851 break;
852 }
853 }
854 if (ret->mismatch.lovers == NFSD_NRVERS)
855 return rpc_prog_unavail;
856 ret->mismatch.hivers = NFSD_MINVERS;
857 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) {
858 if (nfsd_vers(nn, i, NFSD_TEST)) {
859 ret->mismatch.hivers = i;
860 break;
861 }
862 }
863 return rpc_prog_mismatch;
864 }
865
866 /*
867 * This is the NFS server kernel thread
868 */
869 static int
nfsd(void * vrqstp)870 nfsd(void *vrqstp)
871 {
872 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp;
873 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list);
874 struct net *net = perm_sock->xpt_net;
875 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
876 int err;
877
878 /* Lock module and set up kernel thread */
879 mutex_lock(&nfsd_mutex);
880
881 /* At this point, the thread shares current->fs
882 * with the init process. We need to create files with the
883 * umask as defined by the client instead of init's umask. */
884 if (unshare_fs_struct() < 0) {
885 printk("Unable to start nfsd thread: out of memory\n");
886 goto out;
887 }
888
889 current->fs->umask = 0;
890
891 /*
892 * thread is spawned with all signals set to SIG_IGN, re-enable
893 * the ones that will bring down the thread
894 */
895 allow_signal(SIGKILL);
896 allow_signal(SIGHUP);
897 allow_signal(SIGINT);
898 allow_signal(SIGQUIT);
899
900 nfsdstats.th_cnt++;
901 mutex_unlock(&nfsd_mutex);
902
903 set_freezable();
904
905 /*
906 * The main request loop
907 */
908 for (;;) {
909 /* Update sv_maxconn if it has changed */
910 rqstp->rq_server->sv_maxconn = nn->max_connections;
911
912 /*
913 * Find a socket with data available and call its
914 * recvfrom routine.
915 */
916 while ((err = svc_recv(rqstp, 60*60*HZ)) == -EAGAIN)
917 ;
918 if (err == -EINTR)
919 break;
920 validate_process_creds();
921 svc_process(rqstp);
922 validate_process_creds();
923 }
924
925 /* Clear signals before calling svc_exit_thread() */
926 flush_signals(current);
927
928 mutex_lock(&nfsd_mutex);
929 nfsdstats.th_cnt --;
930
931 out:
932 rqstp->rq_server = NULL;
933
934 /* Release the thread */
935 svc_exit_thread(rqstp);
936
937 nfsd_destroy(net);
938
939 /* Release module */
940 mutex_unlock(&nfsd_mutex);
941 module_put_and_exit(0);
942 return 0;
943 }
944
map_new_errors(u32 vers,__be32 nfserr)945 static __be32 map_new_errors(u32 vers, __be32 nfserr)
946 {
947 if (nfserr == nfserr_jukebox && vers == 2)
948 return nfserr_dropit;
949 if (nfserr == nfserr_wrongsec && vers < 4)
950 return nfserr_acces;
951 return nfserr;
952 }
953
954 /*
955 * A write procedure can have a large argument, and a read procedure can
956 * have a large reply, but no NFSv2 or NFSv3 procedure has argument and
957 * reply that can both be larger than a page. The xdr code has taken
958 * advantage of this assumption to be a sloppy about bounds checking in
959 * some cases. Pending a rewrite of the NFSv2/v3 xdr code to fix that
960 * problem, we enforce these assumptions here:
961 */
nfs_request_too_big(struct svc_rqst * rqstp,const struct svc_procedure * proc)962 static bool nfs_request_too_big(struct svc_rqst *rqstp,
963 const struct svc_procedure *proc)
964 {
965 /*
966 * The ACL code has more careful bounds-checking and is not
967 * susceptible to this problem:
968 */
969 if (rqstp->rq_prog != NFS_PROGRAM)
970 return false;
971 /*
972 * Ditto NFSv4 (which can in theory have argument and reply both
973 * more than a page):
974 */
975 if (rqstp->rq_vers >= 4)
976 return false;
977 /* The reply will be small, we're OK: */
978 if (proc->pc_xdrressize > 0 &&
979 proc->pc_xdrressize < XDR_QUADLEN(PAGE_SIZE))
980 return false;
981
982 return rqstp->rq_arg.len > PAGE_SIZE;
983 }
984
985 int
nfsd_dispatch(struct svc_rqst * rqstp,__be32 * statp)986 nfsd_dispatch(struct svc_rqst *rqstp, __be32 *statp)
987 {
988 const struct svc_procedure *proc;
989 __be32 nfserr;
990 __be32 *nfserrp;
991
992 dprintk("nfsd_dispatch: vers %d proc %d\n",
993 rqstp->rq_vers, rqstp->rq_proc);
994 proc = rqstp->rq_procinfo;
995
996 if (nfs_request_too_big(rqstp, proc)) {
997 dprintk("nfsd: NFSv%d argument too large\n", rqstp->rq_vers);
998 *statp = rpc_garbage_args;
999 return 1;
1000 }
1001 /*
1002 * Give the xdr decoder a chance to change this if it wants
1003 * (necessary in the NFSv4.0 compound case)
1004 */
1005 rqstp->rq_cachetype = proc->pc_cachetype;
1006 /* Decode arguments */
1007 if (proc->pc_decode &&
1008 !proc->pc_decode(rqstp, (__be32*)rqstp->rq_arg.head[0].iov_base)) {
1009 dprintk("nfsd: failed to decode arguments!\n");
1010 *statp = rpc_garbage_args;
1011 return 1;
1012 }
1013
1014 /* Check whether we have this call in the cache. */
1015 switch (nfsd_cache_lookup(rqstp)) {
1016 case RC_DROPIT:
1017 return 0;
1018 case RC_REPLY:
1019 return 1;
1020 case RC_DOIT:;
1021 /* do it */
1022 }
1023
1024 /* need to grab the location to store the status, as
1025 * nfsv4 does some encoding while processing
1026 */
1027 nfserrp = rqstp->rq_res.head[0].iov_base
1028 + rqstp->rq_res.head[0].iov_len;
1029 rqstp->rq_res.head[0].iov_len += sizeof(__be32);
1030
1031 /* Now call the procedure handler, and encode NFS status. */
1032 nfserr = proc->pc_func(rqstp);
1033 nfserr = map_new_errors(rqstp->rq_vers, nfserr);
1034 if (nfserr == nfserr_dropit || test_bit(RQ_DROPME, &rqstp->rq_flags)) {
1035 dprintk("nfsd: Dropping request; may be revisited later\n");
1036 nfsd_cache_update(rqstp, RC_NOCACHE, NULL);
1037 return 0;
1038 }
1039
1040 if (rqstp->rq_proc != 0)
1041 *nfserrp++ = nfserr;
1042
1043 /* Encode result.
1044 * For NFSv2, additional info is never returned in case of an error.
1045 */
1046 if (!(nfserr && rqstp->rq_vers == 2)) {
1047 if (proc->pc_encode && !proc->pc_encode(rqstp, nfserrp)) {
1048 /* Failed to encode result. Release cache entry */
1049 dprintk("nfsd: failed to encode result!\n");
1050 nfsd_cache_update(rqstp, RC_NOCACHE, NULL);
1051 *statp = rpc_system_err;
1052 return 1;
1053 }
1054 }
1055
1056 /* Store reply in cache. */
1057 nfsd_cache_update(rqstp, rqstp->rq_cachetype, statp + 1);
1058 return 1;
1059 }
1060
nfsd_pool_stats_open(struct inode * inode,struct file * file)1061 int nfsd_pool_stats_open(struct inode *inode, struct file *file)
1062 {
1063 int ret;
1064 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id);
1065
1066 mutex_lock(&nfsd_mutex);
1067 if (nn->nfsd_serv == NULL) {
1068 mutex_unlock(&nfsd_mutex);
1069 return -ENODEV;
1070 }
1071 /* bump up the psudo refcount while traversing */
1072 svc_get(nn->nfsd_serv);
1073 ret = svc_pool_stats_open(nn->nfsd_serv, file);
1074 mutex_unlock(&nfsd_mutex);
1075 return ret;
1076 }
1077
nfsd_pool_stats_release(struct inode * inode,struct file * file)1078 int nfsd_pool_stats_release(struct inode *inode, struct file *file)
1079 {
1080 int ret = seq_release(inode, file);
1081 struct net *net = inode->i_sb->s_fs_info;
1082
1083 mutex_lock(&nfsd_mutex);
1084 /* this function really, really should have been called svc_put() */
1085 nfsd_destroy(net);
1086 mutex_unlock(&nfsd_mutex);
1087 return ret;
1088 }
1089
