1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1989, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Rick Macklem at The University of Guelph.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  *
34  */
35 
36 #include <sys/cdefs.h>
37 __FBSDID("$FreeBSD: stable/12/sys/fs/nfsserver/nfs_nfsdport.c 373082 2023-05-22 19:10:21Z rmacklem $");
38 
39 #include <sys/capsicum.h>
40 #include <sys/extattr.h>
41 
42 /*
43  * Functions that perform the vfs operations required by the routines in
44  * nfsd_serv.c. It is hoped that this change will make the server more
45  * portable.
46  */
47 
48 #include <fs/nfs/nfsport.h>
49 #include <sys/hash.h>
50 #include <sys/sysctl.h>
51 #include <nlm/nlm_prot.h>
52 #include <nlm/nlm.h>
53 
54 FEATURE(nfsd, "NFSv4 server");
55 
56 extern u_int32_t newnfs_true, newnfs_false, newnfs_xdrneg1;
57 extern int nfsrv_useacl;
58 extern int newnfs_numnfsd;
59 extern struct mount nfsv4root_mnt;
60 extern struct nfsrv_stablefirst nfsrv_stablefirst;
61 extern void (*nfsd_call_servertimer)(void);
62 extern SVCPOOL	*nfsrvd_pool;
63 extern struct nfsv4lock nfsd_suspend_lock;
64 extern struct nfsclienthashhead *nfsclienthash;
65 extern struct nfslockhashhead *nfslockhash;
66 extern struct nfssessionhash *nfssessionhash;
67 extern int nfsrv_sessionhashsize;
68 extern struct nfsstatsv1 nfsstatsv1;
69 extern struct nfslayouthash *nfslayouthash;
70 extern int nfsrv_layouthashsize;
71 extern struct mtx nfsrv_dslock_mtx;
72 extern int nfs_pnfsiothreads;
73 extern struct nfsdontlisthead nfsrv_dontlisthead;
74 extern volatile int nfsrv_dontlistlen;
75 extern volatile int nfsrv_devidcnt;
76 extern int nfsrv_maxpnfsmirror;
77 struct vfsoptlist nfsv4root_opt, nfsv4root_newopt;
78 NFSDLOCKMUTEX;
79 NFSSTATESPINLOCK;
80 struct nfsrchash_bucket nfsrchash_table[NFSRVCACHE_HASHSIZE];
81 struct nfsrchash_bucket nfsrcahash_table[NFSRVCACHE_HASHSIZE];
82 struct mtx nfsrc_udpmtx;
83 struct mtx nfs_v4root_mutex;
84 struct mtx nfsrv_dontlistlock_mtx;
85 struct mtx nfsrv_recalllock_mtx;
86 struct nfsrvfh nfs_rootfh, nfs_pubfh;
87 int nfs_pubfhset = 0, nfs_rootfhset = 0;
88 struct proc *nfsd_master_proc = NULL;
89 int nfsd_debuglevel = 0;
90 static pid_t nfsd_master_pid = (pid_t)-1;
91 static char nfsd_master_comm[MAXCOMLEN + 1];
92 static struct timeval nfsd_master_start;
93 static uint32_t nfsv4_sysid = 0;
94 static fhandle_t zerofh;
95 
96 static int nfssvc_srvcall(struct thread *, struct nfssvc_args *,
97     struct ucred *);
98 
99 int nfsrv_enable_crossmntpt = 1;
100 static int nfs_commit_blks;
101 static int nfs_commit_miss;
102 extern int nfsrv_issuedelegs;
103 extern int nfsrv_dolocallocks;
104 extern int nfsd_enable_stringtouid;
105 extern struct nfsdevicehead nfsrv_devidhead;
106 
107 static void nfsrv_pnfscreate(struct vnode *, struct vattr *, struct ucred *,
108     NFSPROC_T *);
109 static void nfsrv_pnfsremovesetup(struct vnode *, NFSPROC_T *, struct vnode **,
110     int *, char *, fhandle_t *);
111 static void nfsrv_pnfsremove(struct vnode **, int, char *, fhandle_t *,
112     NFSPROC_T *);
113 static int nfsrv_proxyds(struct nfsrv_descript *, struct vnode *, off_t, int,
114     struct ucred *, struct thread *, int, struct mbuf **, char *,
115     struct mbuf **, struct nfsvattr *, struct acl *);
116 static int nfsrv_setextattr(struct vnode *, struct nfsvattr *, NFSPROC_T *);
117 static int nfsrv_readdsrpc(fhandle_t *, off_t, int, struct ucred *,
118     NFSPROC_T *, struct nfsmount *, struct mbuf **, struct mbuf **);
119 static int nfsrv_writedsrpc(fhandle_t *, off_t, int, struct ucred *,
120     NFSPROC_T *, struct vnode *, struct nfsmount **, int, struct mbuf **,
121     char *, int *);
122 static int nfsrv_setacldsrpc(fhandle_t *, struct ucred *, NFSPROC_T *,
123     struct vnode *, struct nfsmount **, int, struct acl *, int *);
124 static int nfsrv_setattrdsrpc(fhandle_t *, struct ucred *, NFSPROC_T *,
125     struct vnode *, struct nfsmount **, int, struct nfsvattr *, int *);
126 static int nfsrv_getattrdsrpc(fhandle_t *, struct ucred *, NFSPROC_T *,
127     struct vnode *, struct nfsmount *, struct nfsvattr *);
128 static int nfsrv_putfhname(fhandle_t *, char *);
129 static int nfsrv_pnfslookupds(struct vnode *, struct vnode *,
130     struct pnfsdsfile *, struct vnode **, NFSPROC_T *);
131 static void nfsrv_pnfssetfh(struct vnode *, struct pnfsdsfile *, char *, char *,
132     struct vnode *, NFSPROC_T *);
133 static int nfsrv_dsremove(struct vnode *, char *, struct ucred *, NFSPROC_T *);
134 static int nfsrv_dssetacl(struct vnode *, struct acl *, struct ucred *,
135     NFSPROC_T *);
136 static int nfsrv_pnfsstatfs(struct statfs *, struct mount *);
137 
138 int nfs_pnfsio(task_fn_t *, void *);
139 
140 SYSCTL_NODE(_vfs, OID_AUTO, nfsd, CTLFLAG_RW, 0, "NFS server");
141 SYSCTL_INT(_vfs_nfsd, OID_AUTO, mirrormnt, CTLFLAG_RW,
142     &nfsrv_enable_crossmntpt, 0, "Enable nfsd to cross mount points");
143 SYSCTL_INT(_vfs_nfsd, OID_AUTO, commit_blks, CTLFLAG_RW, &nfs_commit_blks,
144     0, "");
145 SYSCTL_INT(_vfs_nfsd, OID_AUTO, commit_miss, CTLFLAG_RW, &nfs_commit_miss,
146     0, "");
147 SYSCTL_INT(_vfs_nfsd, OID_AUTO, issue_delegations, CTLFLAG_RW,
148     &nfsrv_issuedelegs, 0, "Enable nfsd to issue delegations");
149 SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_locallocks, CTLFLAG_RW,
150     &nfsrv_dolocallocks, 0, "Enable nfsd to acquire local locks on files");
151 SYSCTL_INT(_vfs_nfsd, OID_AUTO, debuglevel, CTLFLAG_RW, &nfsd_debuglevel,
152     0, "Debug level for NFS server");
153 SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_stringtouid, CTLFLAG_RW,
154     &nfsd_enable_stringtouid, 0, "Enable nfsd to accept numeric owner_names");
155 static int nfsrv_pnfsgetdsattr = 1;
156 SYSCTL_INT(_vfs_nfsd, OID_AUTO, pnfsgetdsattr, CTLFLAG_RW,
157     &nfsrv_pnfsgetdsattr, 0, "When set getattr gets DS attributes via RPC");
158 
159 /*
160  * nfsrv_dsdirsize can only be increased and only when the nfsd threads are
161  * not running.
162  * The dsN subdirectories for the increased values must have been created
163  * on all DS servers before this increase is done.
164  */
165 u_int	nfsrv_dsdirsize = 20;
166 static int
sysctl_dsdirsize(SYSCTL_HANDLER_ARGS)167 sysctl_dsdirsize(SYSCTL_HANDLER_ARGS)
168 {
169 	int error, newdsdirsize;
170 
171 	newdsdirsize = nfsrv_dsdirsize;
172 	error = sysctl_handle_int(oidp, &newdsdirsize, 0, req);
173 	if (error != 0 || req->newptr == NULL)
174 		return (error);
175 	if (newdsdirsize <= nfsrv_dsdirsize || newdsdirsize > 10000 ||
176 	    newnfs_numnfsd != 0)
177 		return (EINVAL);
178 	nfsrv_dsdirsize = newdsdirsize;
179 	return (0);
180 }
181 SYSCTL_PROC(_vfs_nfsd, OID_AUTO, dsdirsize, CTLTYPE_UINT | CTLFLAG_RW, 0,
182     sizeof(nfsrv_dsdirsize), sysctl_dsdirsize, "IU",
183     "Number of dsN subdirs on the DS servers");
184 
185 #define	MAX_REORDERED_RPC	16
186 #define	NUM_HEURISTIC		1031
187 #define	NHUSE_INIT		64
188 #define	NHUSE_INC		16
189 #define	NHUSE_MAX		2048
190 
191 static struct nfsheur {
192 	struct vnode *nh_vp;	/* vp to match (unreferenced pointer) */
193 	off_t nh_nextoff;	/* next offset for sequential detection */
194 	int nh_use;		/* use count for selection */
195 	int nh_seqcount;	/* heuristic */
196 } nfsheur[NUM_HEURISTIC];
197 
198 
199 /*
200  * Heuristic to detect sequential operation.
201  */
202 static struct nfsheur *
nfsrv_sequential_heuristic(struct uio * uio,struct vnode * vp)203 nfsrv_sequential_heuristic(struct uio *uio, struct vnode *vp)
204 {
205 	struct nfsheur *nh;
206 	int hi, try;
207 
208 	/* Locate best candidate. */
209 	try = 32;
210 	hi = ((int)(vm_offset_t)vp / sizeof(struct vnode)) % NUM_HEURISTIC;
211 	nh = &nfsheur[hi];
212 	while (try--) {
213 		if (nfsheur[hi].nh_vp == vp) {
214 			nh = &nfsheur[hi];
215 			break;
216 		}
217 		if (nfsheur[hi].nh_use > 0)
218 			--nfsheur[hi].nh_use;
219 		hi = (hi + 1) % NUM_HEURISTIC;
220 		if (nfsheur[hi].nh_use < nh->nh_use)
221 			nh = &nfsheur[hi];
222 	}
223 
224 	/* Initialize hint if this is a new file. */
225 	if (nh->nh_vp != vp) {
226 		nh->nh_vp = vp;
227 		nh->nh_nextoff = uio->uio_offset;
228 		nh->nh_use = NHUSE_INIT;
229 		if (uio->uio_offset == 0)
230 			nh->nh_seqcount = 4;
231 		else
232 			nh->nh_seqcount = 1;
233 	}
234 
235 	/* Calculate heuristic. */
236 	if ((uio->uio_offset == 0 && nh->nh_seqcount > 0) ||
237 	    uio->uio_offset == nh->nh_nextoff) {
238 		/* See comments in vfs_vnops.c:sequential_heuristic(). */
239 		nh->nh_seqcount += howmany(uio->uio_resid, 16384);
240 		if (nh->nh_seqcount > IO_SEQMAX)
241 			nh->nh_seqcount = IO_SEQMAX;
242 	} else if (qabs(uio->uio_offset - nh->nh_nextoff) <= MAX_REORDERED_RPC *
243 	    imax(vp->v_mount->mnt_stat.f_iosize, uio->uio_resid)) {
244 		/* Probably a reordered RPC, leave seqcount alone. */
245 	} else if (nh->nh_seqcount > 1) {
246 		nh->nh_seqcount /= 2;
247 	} else {
248 		nh->nh_seqcount = 0;
249 	}
250 	nh->nh_use += NHUSE_INC;
251 	if (nh->nh_use > NHUSE_MAX)
252 		nh->nh_use = NHUSE_MAX;
253 	return (nh);
254 }
255 
256 /*
257  * Get attributes into nfsvattr structure.
258  */
259 int
nfsvno_getattr(struct vnode * vp,struct nfsvattr * nvap,struct nfsrv_descript * nd,struct thread * p,int vpislocked,nfsattrbit_t * attrbitp)260 nfsvno_getattr(struct vnode *vp, struct nfsvattr *nvap,
261     struct nfsrv_descript *nd, struct thread *p, int vpislocked,
262     nfsattrbit_t *attrbitp)
263 {
264 	int error, gotattr, lockedit = 0;
265 	struct nfsvattr na;
266 
267 	if (vpislocked == 0) {
268 		/*
269 		 * When vpislocked == 0, the vnode is either exclusively
270 		 * locked by this thread or not locked by this thread.
271 		 * As such, shared lock it, if not exclusively locked.
272 		 */
273 		if (NFSVOPISLOCKED(vp) != LK_EXCLUSIVE) {
274 			lockedit = 1;
275 			NFSVOPLOCK(vp, LK_SHARED | LK_RETRY);
276 		}
277 	}
278 
279 	/*
280 	 * Acquire the Change, Size, TimeAccess, TimeModify and SpaceUsed
281 	 * attributes, as required.
282 	 * This needs to be done for regular files if:
283 	 * - non-NFSv4 RPCs or
284 	 * - when attrbitp == NULL or
285 	 * - an NFSv4 RPC with any of the above attributes in attrbitp.
286 	 * A return of 0 for nfsrv_proxyds() indicates that it has acquired
287 	 * these attributes.  nfsrv_proxyds() will return an error if the
288 	 * server is not a pNFS one.
289 	 */
290 	gotattr = 0;
291 	if (vp->v_type == VREG && nfsrv_devidcnt > 0 && (attrbitp == NULL ||
292 	    (nd->nd_flag & ND_NFSV4) == 0 ||
293 	    NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_CHANGE) ||
294 	    NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SIZE) ||
295 	    NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEACCESS) ||
296 	    NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEMODIFY) ||
297 	    NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACEUSED))) {
298 		error = nfsrv_proxyds(nd, vp, 0, 0, nd->nd_cred, p,
299 		    NFSPROC_GETATTR, NULL, NULL, NULL, &na, NULL);
300 		if (error == 0)
301 			gotattr = 1;
302 	}
303 
304 	error = VOP_GETATTR(vp, &nvap->na_vattr, nd->nd_cred);
305 	if (lockedit != 0)
306 		NFSVOPUNLOCK(vp, 0);
307 
308 	/*
309 	 * If we got the Change, Size and Modify Time from the DS,
310 	 * replace them.
311 	 */
312 	if (gotattr != 0) {
313 		nvap->na_atime = na.na_atime;
314 		nvap->na_mtime = na.na_mtime;
315 		nvap->na_filerev = na.na_filerev;
316 		nvap->na_size = na.na_size;
317 		nvap->na_bytes = na.na_bytes;
318 	}
319 	NFSD_DEBUG(4, "nfsvno_getattr: gotattr=%d err=%d chg=%ju\n", gotattr,
320 	    error, (uintmax_t)na.na_filerev);
321 
322 	NFSEXITCODE(error);
323 	return (error);
324 }
325 
326 /*
327  * Get a file handle for a vnode.
328  */
329 int
nfsvno_getfh(struct vnode * vp,fhandle_t * fhp,struct thread * p)330 nfsvno_getfh(struct vnode *vp, fhandle_t *fhp, struct thread *p)
331 {
332 	int error;
333 
334 	NFSBZERO((caddr_t)fhp, sizeof(fhandle_t));
335 	fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
336 	error = VOP_VPTOFH(vp, &fhp->fh_fid);
337 
338 	NFSEXITCODE(error);
339 	return (error);
340 }
341 
342 /*
343  * Perform access checking for vnodes obtained from file handles that would
344  * refer to files already opened by a Unix client. You cannot just use
345  * vn_writechk() and VOP_ACCESSX() for two reasons.
346  * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write
347  *     case.
348  * 2 - The owner is to be given access irrespective of mode bits for some
349  *     operations, so that processes that chmod after opening a file don't
350  *     break.
351  */
352 int
nfsvno_accchk(struct vnode * vp,accmode_t accmode,struct ucred * cred,struct nfsexstuff * exp,struct thread * p,int override,int vpislocked,u_int32_t * supportedtypep)353 nfsvno_accchk(struct vnode *vp, accmode_t accmode, struct ucred *cred,
354     struct nfsexstuff *exp, struct thread *p, int override, int vpislocked,
355     u_int32_t *supportedtypep)
356 {
357 	struct vattr vattr;
358 	int error = 0, getret = 0;
359 
360 	if (vpislocked == 0) {
361 		if (NFSVOPLOCK(vp, LK_SHARED) != 0) {
362 			error = EPERM;
363 			goto out;
364 		}
365 	}
366 	if (accmode & VWRITE) {
367 		/* Just vn_writechk() changed to check rdonly */
368 		/*
369 		 * Disallow write attempts on read-only file systems;
370 		 * unless the file is a socket or a block or character
371 		 * device resident on the file system.
372 		 */
373 		if (NFSVNO_EXRDONLY(exp) ||
374 		    (vp->v_mount->mnt_flag & MNT_RDONLY)) {
375 			switch (vp->v_type) {
376 			case VREG:
377 			case VDIR:
378 			case VLNK:
379 				error = EROFS;
380 			default:
381 				break;
382 			}
383 		}
384 		/*
385 		 * If there's shared text associated with
386 		 * the inode, try to free it up once.  If
387 		 * we fail, we can't allow writing.
388 		 */
389 		if (VOP_IS_TEXT(vp) && error == 0)
390 			error = ETXTBSY;
391 	}
392 	if (error != 0) {
393 		if (vpislocked == 0)
394 			NFSVOPUNLOCK(vp, 0);
395 		goto out;
396 	}
397 
398 	/*
399 	 * Should the override still be applied when ACLs are enabled?
400 	 */
401 	error = VOP_ACCESSX(vp, accmode, cred, p);
402 	if (error != 0 && (accmode & (VDELETE | VDELETE_CHILD))) {
403 		/*
404 		 * Try again with VEXPLICIT_DENY, to see if the test for
405 		 * deletion is supported.
406 		 */
407 		error = VOP_ACCESSX(vp, accmode | VEXPLICIT_DENY, cred, p);
408 		if (error == 0) {
409 			if (vp->v_type == VDIR) {
410 				accmode &= ~(VDELETE | VDELETE_CHILD);
411 				accmode |= VWRITE;
412 				error = VOP_ACCESSX(vp, accmode, cred, p);
413 			} else if (supportedtypep != NULL) {
414 				*supportedtypep &= ~NFSACCESS_DELETE;
415 			}
416 		}
417 	}
418 
419 	/*
420 	 * Allow certain operations for the owner (reads and writes
421 	 * on files that are already open).
422 	 */
423 	if (override != NFSACCCHK_NOOVERRIDE &&
424 	    (error == EPERM || error == EACCES)) {
425 		if (cred->cr_uid == 0 && (override & NFSACCCHK_ALLOWROOT))
426 			error = 0;
427 		else if (override & NFSACCCHK_ALLOWOWNER) {
428 			getret = VOP_GETATTR(vp, &vattr, cred);
429 			if (getret == 0 && cred->cr_uid == vattr.va_uid)
430 				error = 0;
431 		}
432 	}
433 	if (vpislocked == 0)
434 		NFSVOPUNLOCK(vp, 0);
435 
436 out:
437 	NFSEXITCODE(error);
438 	return (error);
439 }
440 
441 /*
442  * Set attribute(s) vnop.
443  */
444 int
nfsvno_setattr(struct vnode * vp,struct nfsvattr * nvap,struct ucred * cred,struct thread * p,struct nfsexstuff * exp)445 nfsvno_setattr(struct vnode *vp, struct nfsvattr *nvap, struct ucred *cred,
446     struct thread *p, struct nfsexstuff *exp)
447 {
448 	u_quad_t savsize = 0;
449 	int error, savedit;
450 
451 	/*
452 	 * If this is an exported file system and a pNFS service is running,
453 	 * don't VOP_SETATTR() of size for the MDS file system.
454 	 */
455 	savedit = 0;
456 	error = 0;
457 	if (vp->v_type == VREG && (vp->v_mount->mnt_flag & MNT_EXPORTED) != 0 &&
458 	    nfsrv_devidcnt != 0 && nvap->na_vattr.va_size != VNOVAL &&
459 	    nvap->na_vattr.va_size > 0) {
460 		savsize = nvap->na_vattr.va_size;
461 		nvap->na_vattr.va_size = VNOVAL;
462 		if (nvap->na_vattr.va_uid != (uid_t)VNOVAL ||
463 		    nvap->na_vattr.va_gid != (gid_t)VNOVAL ||
464 		    nvap->na_vattr.va_mode != (mode_t)VNOVAL ||
465 		    nvap->na_vattr.va_atime.tv_sec != VNOVAL ||
466 		    nvap->na_vattr.va_mtime.tv_sec != VNOVAL)
467 			savedit = 1;
468 		else
469 			savedit = 2;
470 	}
471 	if (savedit != 2)
472 		error = VOP_SETATTR(vp, &nvap->na_vattr, cred);
473 	if (savedit != 0)
474 		nvap->na_vattr.va_size = savsize;
475 	if (error == 0 && (nvap->na_vattr.va_uid != (uid_t)VNOVAL ||
476 	    nvap->na_vattr.va_gid != (gid_t)VNOVAL ||
477 	    nvap->na_vattr.va_size != VNOVAL ||
478 	    nvap->na_vattr.va_mode != (mode_t)VNOVAL ||
479 	    nvap->na_vattr.va_atime.tv_sec != VNOVAL ||
480 	    nvap->na_vattr.va_mtime.tv_sec != VNOVAL)) {
481 		/* For a pNFS server, set the attributes on the DS file. */
482 		error = nfsrv_proxyds(NULL, vp, 0, 0, cred, p, NFSPROC_SETATTR,
483 		    NULL, NULL, NULL, nvap, NULL);
484 		if (error == ENOENT)
485 			error = 0;
486 	}
487 	NFSEXITCODE(error);
488 	return (error);
489 }
490 
491 /*
492  * Set up nameidata for a lookup() call and do it.
493  */
494 int
nfsvno_namei(struct nfsrv_descript * nd,struct nameidata * ndp,struct vnode * dp,int islocked,struct nfsexstuff * exp,struct thread * p,struct vnode ** retdirp)495 nfsvno_namei(struct nfsrv_descript *nd, struct nameidata *ndp,
496     struct vnode *dp, int islocked, struct nfsexstuff *exp, struct thread *p,
497     struct vnode **retdirp)
498 {
499 	struct componentname *cnp = &ndp->ni_cnd;
500 	int i;
501 	struct iovec aiov;
502 	struct uio auio;
503 	int lockleaf = (cnp->cn_flags & LOCKLEAF) != 0, linklen;
504 	int error = 0;
505 	char *cp;
506 
507 	*retdirp = NULL;
508 	cnp->cn_nameptr = cnp->cn_pnbuf;
509 	ndp->ni_lcf = 0;
510 	/*
511 	 * Extract and set starting directory.
512 	 */
513 	if (dp->v_type != VDIR) {
514 		if (islocked)
515 			vput(dp);
516 		else
517 			vrele(dp);
518 		nfsvno_relpathbuf(ndp);
519 		error = ENOTDIR;
520 		goto out1;
521 	}
522 	if (islocked)
523 		NFSVOPUNLOCK(dp, 0);
524 	VREF(dp);
525 	*retdirp = dp;
526 	if (NFSVNO_EXRDONLY(exp))
527 		cnp->cn_flags |= RDONLY;
528 	ndp->ni_segflg = UIO_SYSSPACE;
529 
530 	if (nd->nd_flag & ND_PUBLOOKUP) {
531 		ndp->ni_loopcnt = 0;
532 		if (cnp->cn_pnbuf[0] == '/') {
533 			vrele(dp);
534 			/*
535 			 * Check for degenerate pathnames here, since lookup()
536 			 * panics on them.
537 			 */
538 			for (i = 1; i < ndp->ni_pathlen; i++)
539 				if (cnp->cn_pnbuf[i] != '/')
540 					break;
541 			if (i == ndp->ni_pathlen) {
542 				error = NFSERR_ACCES;
543 				goto out;
544 			}
545 			dp = rootvnode;
546 			VREF(dp);
547 		}
548 	} else if ((nfsrv_enable_crossmntpt == 0 && NFSVNO_EXPORTED(exp)) ||
549 	    (nd->nd_flag & ND_NFSV4) == 0) {
550 		/*
551 		 * Only cross mount points for NFSv4 when doing a
552 		 * mount while traversing the file system above
553 		 * the mount point, unless nfsrv_enable_crossmntpt is set.
554 		 */
555 		cnp->cn_flags |= NOCROSSMOUNT;
556 	}
557 
558 	/*
559 	 * Initialize for scan, set ni_startdir and bump ref on dp again
560 	 * because lookup() will dereference ni_startdir.
561 	 */
562 
563 	cnp->cn_thread = p;
564 	ndp->ni_startdir = dp;
565 	ndp->ni_rootdir = rootvnode;
566 	ndp->ni_topdir = NULL;
567 
568 	if (!lockleaf)
569 		cnp->cn_flags |= LOCKLEAF;
570 	for (;;) {
571 		cnp->cn_nameptr = cnp->cn_pnbuf;
572 		/*
573 		 * Call lookup() to do the real work.  If an error occurs,
574 		 * ndp->ni_vp and ni_dvp are left uninitialized or NULL and
575 		 * we do not have to dereference anything before returning.
576 		 * In either case ni_startdir will be dereferenced and NULLed
577 		 * out.
578 		 */
579 		error = lookup(ndp);
580 		if (error)
581 			break;
582 
583 		/*
584 		 * Check for encountering a symbolic link.  Trivial
585 		 * termination occurs if no symlink encountered.
586 		 */
587 		if ((cnp->cn_flags & ISSYMLINK) == 0) {
588 			if ((cnp->cn_flags & (SAVENAME | SAVESTART)) == 0)
589 				nfsvno_relpathbuf(ndp);
590 			if (ndp->ni_vp && !lockleaf)
591 				NFSVOPUNLOCK(ndp->ni_vp, 0);
592 			break;
593 		}
594 
595 		/*
596 		 * Validate symlink
597 		 */
598 		if ((cnp->cn_flags & LOCKPARENT) && ndp->ni_pathlen == 1)
599 			NFSVOPUNLOCK(ndp->ni_dvp, 0);
600 		if (!(nd->nd_flag & ND_PUBLOOKUP)) {
601 			error = EINVAL;
602 			goto badlink2;
603 		}
604 
605 		if (ndp->ni_loopcnt++ >= MAXSYMLINKS) {
606 			error = ELOOP;
607 			goto badlink2;
608 		}
609 		if (ndp->ni_pathlen > 1)
610 			cp = uma_zalloc(namei_zone, M_WAITOK);
611 		else
612 			cp = cnp->cn_pnbuf;
613 		aiov.iov_base = cp;
614 		aiov.iov_len = MAXPATHLEN;
615 		auio.uio_iov = &aiov;
616 		auio.uio_iovcnt = 1;
617 		auio.uio_offset = 0;
618 		auio.uio_rw = UIO_READ;
619 		auio.uio_segflg = UIO_SYSSPACE;
620 		auio.uio_td = NULL;
621 		auio.uio_resid = MAXPATHLEN;
622 		error = VOP_READLINK(ndp->ni_vp, &auio, cnp->cn_cred);
623 		if (error) {
624 		badlink1:
625 			if (ndp->ni_pathlen > 1)
626 				uma_zfree(namei_zone, cp);
627 		badlink2:
628 			vrele(ndp->ni_dvp);
629 			vput(ndp->ni_vp);
630 			break;
631 		}
632 		linklen = MAXPATHLEN - auio.uio_resid;
633 		if (linklen == 0) {
634 			error = ENOENT;
635 			goto badlink1;
636 		}
637 		if (linklen + ndp->ni_pathlen >= MAXPATHLEN) {
638 			error = ENAMETOOLONG;
639 			goto badlink1;
640 		}
641 
642 		/*
643 		 * Adjust or replace path
644 		 */
645 		if (ndp->ni_pathlen > 1) {
646 			NFSBCOPY(ndp->ni_next, cp + linklen, ndp->ni_pathlen);
647 			uma_zfree(namei_zone, cnp->cn_pnbuf);
648 			cnp->cn_pnbuf = cp;
649 		} else
650 			cnp->cn_pnbuf[linklen] = '\0';
651 		ndp->ni_pathlen += linklen;
652 
653 		/*
654 		 * Cleanup refs for next loop and check if root directory
655 		 * should replace current directory.  Normally ni_dvp
656 		 * becomes the new base directory and is cleaned up when
657 		 * we loop.  Explicitly null pointers after invalidation
658 		 * to clarify operation.
659 		 */
660 		vput(ndp->ni_vp);
661 		ndp->ni_vp = NULL;
662 
663 		if (cnp->cn_pnbuf[0] == '/') {
664 			vrele(ndp->ni_dvp);
665 			ndp->ni_dvp = ndp->ni_rootdir;
666 			VREF(ndp->ni_dvp);
667 		}
668 		ndp->ni_startdir = ndp->ni_dvp;
669 		ndp->ni_dvp = NULL;
670 	}
671 	if (!lockleaf)
672 		cnp->cn_flags &= ~LOCKLEAF;
673 
674 out:
675 	if (error) {
676 		nfsvno_relpathbuf(ndp);
677 		ndp->ni_vp = NULL;
678 		ndp->ni_dvp = NULL;
679 		ndp->ni_startdir = NULL;
680 	} else if ((ndp->ni_cnd.cn_flags & (WANTPARENT|LOCKPARENT)) == 0) {
681 		ndp->ni_dvp = NULL;
682 	}
683 
684 out1:
685 	NFSEXITCODE2(error, nd);
686 	return (error);
687 }
688 
689 /*
690  * Set up a pathname buffer and return a pointer to it and, optionally
691  * set a hash pointer.
692  */
693 void
nfsvno_setpathbuf(struct nameidata * ndp,char ** bufpp,u_long ** hashpp)694 nfsvno_setpathbuf(struct nameidata *ndp, char **bufpp, u_long **hashpp)
695 {
696 	struct componentname *cnp = &ndp->ni_cnd;
697 
698 	cnp->cn_flags |= (NOMACCHECK | HASBUF);
699 	cnp->cn_pnbuf = uma_zalloc(namei_zone, M_WAITOK);
700 	if (hashpp != NULL)
701 		*hashpp = NULL;
702 	*bufpp = cnp->cn_pnbuf;
703 }
704 
705 /*
706  * Release the above path buffer, if not released by nfsvno_namei().
707  */
708 void
nfsvno_relpathbuf(struct nameidata * ndp)709 nfsvno_relpathbuf(struct nameidata *ndp)
710 {
711 
712 	if ((ndp->ni_cnd.cn_flags & HASBUF) == 0)
713 		panic("nfsrelpath");
714 	uma_zfree(namei_zone, ndp->ni_cnd.cn_pnbuf);
715 	ndp->ni_cnd.cn_flags &= ~HASBUF;
716 }
717 
718 /*
719  * Readlink vnode op into an mbuf list.
720  */
721 int
nfsvno_readlink(struct vnode * vp,struct ucred * cred,struct thread * p,struct mbuf ** mpp,struct mbuf ** mpendp,int * lenp)722 nfsvno_readlink(struct vnode *vp, struct ucred *cred, struct thread *p,
723     struct mbuf **mpp, struct mbuf **mpendp, int *lenp)
724 {
725 	struct iovec iv[(NFS_MAXPATHLEN+MLEN-1)/MLEN];
726 	struct iovec *ivp = iv;
727 	struct uio io, *uiop = &io;
728 	struct mbuf *mp, *mp2 = NULL, *mp3 = NULL;
729 	int i, len, tlen, error = 0;
730 
731 	len = 0;
732 	i = 0;
733 	while (len < NFS_MAXPATHLEN) {
734 		NFSMGET(mp);
735 		MCLGET(mp, M_WAITOK);
736 		mp->m_len = M_SIZE(mp);
737 		if (len == 0) {
738 			mp3 = mp2 = mp;
739 		} else {
740 			mp2->m_next = mp;
741 			mp2 = mp;
742 		}
743 		if ((len + mp->m_len) > NFS_MAXPATHLEN) {
744 			mp->m_len = NFS_MAXPATHLEN - len;
745 			len = NFS_MAXPATHLEN;
746 		} else {
747 			len += mp->m_len;
748 		}
749 		ivp->iov_base = mtod(mp, caddr_t);
750 		ivp->iov_len = mp->m_len;
751 		i++;
752 		ivp++;
753 	}
754 	uiop->uio_iov = iv;
755 	uiop->uio_iovcnt = i;
756 	uiop->uio_offset = 0;
757 	uiop->uio_resid = len;
758 	uiop->uio_rw = UIO_READ;
759 	uiop->uio_segflg = UIO_SYSSPACE;
760 	uiop->uio_td = NULL;
761 	error = VOP_READLINK(vp, uiop, cred);
762 	if (error) {
763 		m_freem(mp3);
764 		*lenp = 0;
765 		goto out;
766 	}
767 	if (uiop->uio_resid > 0) {
768 		len -= uiop->uio_resid;
769 		tlen = NFSM_RNDUP(len);
770 		nfsrv_adj(mp3, NFS_MAXPATHLEN - tlen, tlen - len);
771 	}
772 	*lenp = len;
773 	*mpp = mp3;
774 	*mpendp = mp;
775 
776 out:
777 	NFSEXITCODE(error);
778 	return (error);
779 }
780 
781 /*
782  * Read vnode op call into mbuf list.
783  */
784 int
nfsvno_read(struct vnode * vp,off_t off,int cnt,struct ucred * cred,struct thread * p,struct mbuf ** mpp,struct mbuf ** mpendp)785 nfsvno_read(struct vnode *vp, off_t off, int cnt, struct ucred *cred,
786     struct thread *p, struct mbuf **mpp, struct mbuf **mpendp)
787 {
788 	struct mbuf *m;
789 	int i;
790 	struct iovec *iv;
791 	struct iovec *iv2;
792 	int error = 0, len, left, siz, tlen, ioflag = 0;
793 	struct mbuf *m2 = NULL, *m3;
794 	struct uio io, *uiop = &io;
795 	struct nfsheur *nh;
796 
797 	/*
798 	 * Attempt to read from a DS file. A return of ENOENT implies
799 	 * there is no DS file to read.
800 	 */
801 	error = nfsrv_proxyds(NULL, vp, off, cnt, cred, p, NFSPROC_READDS, mpp,
802 	    NULL, mpendp, NULL, NULL);
803 	if (error != ENOENT)
804 		return (error);
805 
806 	len = left = NFSM_RNDUP(cnt);
807 	m3 = NULL;
808 	/*
809 	 * Generate the mbuf list with the uio_iov ref. to it.
810 	 */
811 	i = 0;
812 	while (left > 0) {
813 		NFSMGET(m);
814 		MCLGET(m, M_WAITOK);
815 		m->m_len = 0;
816 		siz = min(M_TRAILINGSPACE(m), left);
817 		left -= siz;
818 		i++;
819 		if (m3)
820 			m2->m_next = m;
821 		else
822 			m3 = m;
823 		m2 = m;
824 	}
825 	iv = malloc(i * sizeof (struct iovec),
826 	    M_TEMP, M_WAITOK);
827 	uiop->uio_iov = iv2 = iv;
828 	m = m3;
829 	left = len;
830 	i = 0;
831 	while (left > 0) {
832 		if (m == NULL)
833 			panic("nfsvno_read iov");
834 		siz = min(M_TRAILINGSPACE(m), left);
835 		if (siz > 0) {
836 			iv->iov_base = mtod(m, caddr_t) + m->m_len;
837 			iv->iov_len = siz;
838 			m->m_len += siz;
839 			left -= siz;
840 			iv++;
841 			i++;
842 		}
843 		m = m->m_next;
844 	}
845 	uiop->uio_iovcnt = i;
846 	uiop->uio_offset = off;
847 	uiop->uio_resid = len;
848 	uiop->uio_rw = UIO_READ;
849 	uiop->uio_segflg = UIO_SYSSPACE;
850 	uiop->uio_td = NULL;
851 	nh = nfsrv_sequential_heuristic(uiop, vp);
852 	ioflag |= nh->nh_seqcount << IO_SEQSHIFT;
853 	/* XXX KDM make this more systematic? */
854 	nfsstatsv1.srvbytes[NFSV4OP_READ] += uiop->uio_resid;
855 	error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
856 	free(iv2, M_TEMP);
857 	if (error) {
858 		m_freem(m3);
859 		*mpp = NULL;
860 		goto out;
861 	}
862 	nh->nh_nextoff = uiop->uio_offset;
863 	tlen = len - uiop->uio_resid;
864 	cnt = cnt < tlen ? cnt : tlen;
865 	tlen = NFSM_RNDUP(cnt);
866 	if (tlen == 0) {
867 		m_freem(m3);
868 		m3 = NULL;
869 	} else if (len != tlen || tlen != cnt)
870 		nfsrv_adj(m3, len - tlen, tlen - cnt);
871 	*mpp = m3;
872 	*mpendp = m2;
873 
874 out:
875 	NFSEXITCODE(error);
876 	return (error);
877 }
878 
879 /*
880  * Write vnode op from an mbuf list.
881  */
882 int
nfsvno_write(struct vnode * vp,off_t off,int retlen,int cnt,int * stable,struct mbuf * mp,char * cp,struct ucred * cred,struct thread * p)883 nfsvno_write(struct vnode *vp, off_t off, int retlen, int cnt, int *stable,
884     struct mbuf *mp, char *cp, struct ucred *cred, struct thread *p)
885 {
886 	struct iovec *ivp;
887 	int i, len;
888 	struct iovec *iv;
889 	int ioflags, error;
890 	struct uio io, *uiop = &io;
891 	struct nfsheur *nh;
892 
893 	/*
894 	 * Attempt to write to a DS file. A return of ENOENT implies
895 	 * there is no DS file to write.
896 	 */
897 	error = nfsrv_proxyds(NULL, vp, off, retlen, cred, p, NFSPROC_WRITEDS,
898 	    &mp, cp, NULL, NULL, NULL);
899 	if (error != ENOENT) {
900 		*stable = NFSWRITE_FILESYNC;
901 		return (error);
902 	}
903 
904 	ivp = malloc(cnt * sizeof (struct iovec), M_TEMP,
905 	    M_WAITOK);
906 	uiop->uio_iov = iv = ivp;
907 	uiop->uio_iovcnt = cnt;
908 	i = mtod(mp, caddr_t) + mp->m_len - cp;
909 	len = retlen;
910 	while (len > 0) {
911 		if (mp == NULL)
912 			panic("nfsvno_write");
913 		if (i > 0) {
914 			i = min(i, len);
915 			ivp->iov_base = cp;
916 			ivp->iov_len = i;
917 			ivp++;
918 			len -= i;
919 		}
920 		mp = mp->m_next;
921 		if (mp) {
922 			i = mp->m_len;
923 			cp = mtod(mp, caddr_t);
924 		}
925 	}
926 
927 	if (*stable == NFSWRITE_UNSTABLE)
928 		ioflags = IO_NODELOCKED;
929 	else
930 		ioflags = (IO_SYNC | IO_NODELOCKED);
931 	uiop->uio_resid = retlen;
932 	uiop->uio_rw = UIO_WRITE;
933 	uiop->uio_segflg = UIO_SYSSPACE;
934 	NFSUIOPROC(uiop, p);
935 	uiop->uio_offset = off;
936 	nh = nfsrv_sequential_heuristic(uiop, vp);
937 	ioflags |= nh->nh_seqcount << IO_SEQSHIFT;
938 	/* XXX KDM make this more systematic? */
939 	nfsstatsv1.srvbytes[NFSV4OP_WRITE] += uiop->uio_resid;
940 	error = VOP_WRITE(vp, uiop, ioflags, cred);
941 	if (error == 0)
942 		nh->nh_nextoff = uiop->uio_offset;
943 	free(iv, M_TEMP);
944 
945 	NFSEXITCODE(error);
946 	return (error);
947 }
948 
949 /*
950  * Common code for creating a regular file (plus special files for V2).
951  */
952 int
nfsvno_createsub(struct nfsrv_descript * nd,struct nameidata * ndp,struct vnode ** vpp,struct nfsvattr * nvap,int * exclusive_flagp,int32_t * cverf,NFSDEV_T rdev,struct thread * p,struct nfsexstuff * exp)953 nfsvno_createsub(struct nfsrv_descript *nd, struct nameidata *ndp,
954     struct vnode **vpp, struct nfsvattr *nvap, int *exclusive_flagp,
955     int32_t *cverf, NFSDEV_T rdev, struct thread *p, struct nfsexstuff *exp)
956 {
957 	u_quad_t tempsize;
958 	int error;
959 
960 	error = nd->nd_repstat;
961 	if (!error && ndp->ni_vp == NULL) {
962 		if (nvap->na_type == VREG || nvap->na_type == VSOCK) {
963 			vrele(ndp->ni_startdir);
964 			error = VOP_CREATE(ndp->ni_dvp,
965 			    &ndp->ni_vp, &ndp->ni_cnd, &nvap->na_vattr);
966 			/* For a pNFS server, create the data file on a DS. */
967 			if (error == 0 && nvap->na_type == VREG) {
968 				/*
969 				 * Create a data file on a DS for a pNFS server.
970 				 * This function just returns if not
971 				 * running a pNFS DS or the creation fails.
972 				 */
973 				nfsrv_pnfscreate(ndp->ni_vp, &nvap->na_vattr,
974 				    nd->nd_cred, p);
975 			}
976 			vput(ndp->ni_dvp);
977 			nfsvno_relpathbuf(ndp);
978 			if (!error) {
979 				if (*exclusive_flagp) {
980 					*exclusive_flagp = 0;
981 					NFSVNO_ATTRINIT(nvap);
982 					nvap->na_atime.tv_sec = cverf[0];
983 					nvap->na_atime.tv_nsec = cverf[1];
984 					error = VOP_SETATTR(ndp->ni_vp,
985 					    &nvap->na_vattr, nd->nd_cred);
986 					if (error != 0) {
987 						vput(ndp->ni_vp);
988 						ndp->ni_vp = NULL;
989 						error = NFSERR_NOTSUPP;
990 					}
991 				}
992 			}
993 		/*
994 		 * NFS V2 Only. nfsrvd_mknod() does this for V3.
995 		 * (This implies, just get out on an error.)
996 		 */
997 		} else if (nvap->na_type == VCHR || nvap->na_type == VBLK ||
998 			nvap->na_type == VFIFO) {
999 			if (nvap->na_type == VCHR && rdev == 0xffffffff)
1000 				nvap->na_type = VFIFO;
1001                         if (nvap->na_type != VFIFO &&
1002 			    (error = priv_check_cred(nd->nd_cred,
1003 			     PRIV_VFS_MKNOD_DEV, 0))) {
1004 				vrele(ndp->ni_startdir);
1005 				nfsvno_relpathbuf(ndp);
1006 				vput(ndp->ni_dvp);
1007 				goto out;
1008 			}
1009 			nvap->na_rdev = rdev;
1010 			error = VOP_MKNOD(ndp->ni_dvp, &ndp->ni_vp,
1011 			    &ndp->ni_cnd, &nvap->na_vattr);
1012 			vput(ndp->ni_dvp);
1013 			nfsvno_relpathbuf(ndp);
1014 			vrele(ndp->ni_startdir);
1015 			if (error)
1016 				goto out;
1017 		} else {
1018 			vrele(ndp->ni_startdir);
1019 			nfsvno_relpathbuf(ndp);
1020 			vput(ndp->ni_dvp);
1021 			error = ENXIO;
1022 			goto out;
1023 		}
1024 		*vpp = ndp->ni_vp;
1025 	} else {
1026 		/*
1027 		 * Handle cases where error is already set and/or
1028 		 * the file exists.
1029 		 * 1 - clean up the lookup
1030 		 * 2 - iff !error and na_size set, truncate it
1031 		 */
1032 		vrele(ndp->ni_startdir);
1033 		nfsvno_relpathbuf(ndp);
1034 		*vpp = ndp->ni_vp;
1035 		if (ndp->ni_dvp == *vpp)
1036 			vrele(ndp->ni_dvp);
1037 		else
1038 			vput(ndp->ni_dvp);
1039 		if (!error && nvap->na_size != VNOVAL) {
1040 			error = nfsvno_accchk(*vpp, VWRITE,
1041 			    nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE,
1042 			    NFSACCCHK_VPISLOCKED, NULL);
1043 			if (!error) {
1044 				tempsize = nvap->na_size;
1045 				NFSVNO_ATTRINIT(nvap);
1046 				nvap->na_size = tempsize;
1047 				error = nfsvno_setattr(*vpp, nvap,
1048 				    nd->nd_cred, p, exp);
1049 			}
1050 		}
1051 		if (error)
1052 			vput(*vpp);
1053 	}
1054 
1055 out:
1056 	NFSEXITCODE(error);
1057 	return (error);
1058 }
1059 
1060 /*
1061  * Do a mknod vnode op.
1062  */
1063 int
nfsvno_mknod(struct nameidata * ndp,struct nfsvattr * nvap,struct ucred * cred,struct thread * p)1064 nfsvno_mknod(struct nameidata *ndp, struct nfsvattr *nvap, struct ucred *cred,
1065     struct thread *p)
1066 {
1067 	int error = 0;
1068 	enum vtype vtyp;
1069 
1070 	vtyp = nvap->na_type;
1071 	/*
1072 	 * Iff doesn't exist, create it.
1073 	 */
1074 	if (ndp->ni_vp) {
1075 		vrele(ndp->ni_startdir);
1076 		nfsvno_relpathbuf(ndp);
1077 		vput(ndp->ni_dvp);
1078 		vrele(ndp->ni_vp);
1079 		error = EEXIST;
1080 		goto out;
1081 	}
1082 	if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
1083 		vrele(ndp->ni_startdir);
1084 		nfsvno_relpathbuf(ndp);
1085 		vput(ndp->ni_dvp);
1086 		error = NFSERR_BADTYPE;
1087 		goto out;
1088 	}
1089 	if (vtyp == VSOCK) {
1090 		vrele(ndp->ni_startdir);
1091 		error = VOP_CREATE(ndp->ni_dvp, &ndp->ni_vp,
1092 		    &ndp->ni_cnd, &nvap->na_vattr);
1093 		vput(ndp->ni_dvp);
1094 		nfsvno_relpathbuf(ndp);
1095 	} else {
1096 		if (nvap->na_type != VFIFO &&
1097 		    (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV, 0))) {
1098 			vrele(ndp->ni_startdir);
1099 			nfsvno_relpathbuf(ndp);
1100 			vput(ndp->ni_dvp);
1101 			goto out;
1102 		}
1103 		error = VOP_MKNOD(ndp->ni_dvp, &ndp->ni_vp,
1104 		    &ndp->ni_cnd, &nvap->na_vattr);
1105 		vput(ndp->ni_dvp);
1106 		nfsvno_relpathbuf(ndp);
1107 		vrele(ndp->ni_startdir);
1108 		/*
1109 		 * Since VOP_MKNOD returns the ni_vp, I can't
1110 		 * see any reason to do the lookup.
1111 		 */
1112 	}
1113 
1114 out:
1115 	NFSEXITCODE(error);
1116 	return (error);
1117 }
1118 
1119 /*
1120  * Mkdir vnode op.
1121  */
1122 int
nfsvno_mkdir(struct nameidata * ndp,struct nfsvattr * nvap,uid_t saved_uid,struct ucred * cred,struct thread * p,struct nfsexstuff * exp)1123 nfsvno_mkdir(struct nameidata *ndp, struct nfsvattr *nvap, uid_t saved_uid,
1124     struct ucred *cred, struct thread *p, struct nfsexstuff *exp)
1125 {
1126 	int error = 0;
1127 
1128 	if (ndp->ni_vp != NULL) {
1129 		if (ndp->ni_dvp == ndp->ni_vp)
1130 			vrele(ndp->ni_dvp);
1131 		else
1132 			vput(ndp->ni_dvp);
1133 		vrele(ndp->ni_vp);
1134 		nfsvno_relpathbuf(ndp);
1135 		error = EEXIST;
1136 		goto out;
1137 	}
1138 	error = VOP_MKDIR(ndp->ni_dvp, &ndp->ni_vp, &ndp->ni_cnd,
1139 	    &nvap->na_vattr);
1140 	vput(ndp->ni_dvp);
1141 	nfsvno_relpathbuf(ndp);
1142 
1143 out:
1144 	NFSEXITCODE(error);
1145 	return (error);
1146 }
1147 
1148 /*
1149  * symlink vnode op.
1150  */
1151 int
nfsvno_symlink(struct nameidata * ndp,struct nfsvattr * nvap,char * pathcp,int pathlen,int not_v2,uid_t saved_uid,struct ucred * cred,struct thread * p,struct nfsexstuff * exp)1152 nfsvno_symlink(struct nameidata *ndp, struct nfsvattr *nvap, char *pathcp,
1153     int pathlen, int not_v2, uid_t saved_uid, struct ucred *cred, struct thread *p,
1154     struct nfsexstuff *exp)
1155 {
1156 	int error = 0;
1157 
1158 	if (ndp->ni_vp) {
1159 		vrele(ndp->ni_startdir);
1160 		nfsvno_relpathbuf(ndp);
1161 		if (ndp->ni_dvp == ndp->ni_vp)
1162 			vrele(ndp->ni_dvp);
1163 		else
1164 			vput(ndp->ni_dvp);
1165 		vrele(ndp->ni_vp);
1166 		error = EEXIST;
1167 		goto out;
1168 	}
1169 
1170 	error = VOP_SYMLINK(ndp->ni_dvp, &ndp->ni_vp, &ndp->ni_cnd,
1171 	    &nvap->na_vattr, pathcp);
1172 	vput(ndp->ni_dvp);
1173 	vrele(ndp->ni_startdir);
1174 	nfsvno_relpathbuf(ndp);
1175 	/*
1176 	 * Although FreeBSD still had the lookup code in
1177 	 * it for 7/current, there doesn't seem to be any
1178 	 * point, since VOP_SYMLINK() returns the ni_vp.
1179 	 * Just vput it for v2.
1180 	 */
1181 	if (!not_v2 && !error)
1182 		vput(ndp->ni_vp);
1183 
1184 out:
1185 	NFSEXITCODE(error);
1186 	return (error);
1187 }
1188 
1189 /*
1190  * Parse symbolic link arguments.
1191  * This function has an ugly side effect. It will malloc() an area for
1192  * the symlink and set iov_base to point to it, only if it succeeds.
1193  * So, if it returns with uiop->uio_iov->iov_base != NULL, that must
1194  * be FREE'd later.
1195  */
1196 int
nfsvno_getsymlink(struct nfsrv_descript * nd,struct nfsvattr * nvap,struct thread * p,char ** pathcpp,int * lenp)1197 nfsvno_getsymlink(struct nfsrv_descript *nd, struct nfsvattr *nvap,
1198     struct thread *p, char **pathcpp, int *lenp)
1199 {
1200 	u_int32_t *tl;
1201 	char *pathcp = NULL;
1202 	int error = 0, len;
1203 	struct nfsv2_sattr *sp;
1204 
1205 	*pathcpp = NULL;
1206 	*lenp = 0;
1207 	if ((nd->nd_flag & ND_NFSV3) &&
1208 	    (error = nfsrv_sattr(nd, NULL, nvap, NULL, NULL, p)))
1209 		goto nfsmout;
1210 	NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
1211 	len = fxdr_unsigned(int, *tl);
1212 	if (len > NFS_MAXPATHLEN || len <= 0) {
1213 		error = EBADRPC;
1214 		goto nfsmout;
1215 	}
1216 	pathcp = malloc(len + 1, M_TEMP, M_WAITOK);
1217 	error = nfsrv_mtostr(nd, pathcp, len);
1218 	if (error)
1219 		goto nfsmout;
1220 	if (nd->nd_flag & ND_NFSV2) {
1221 		NFSM_DISSECT(sp, struct nfsv2_sattr *, NFSX_V2SATTR);
1222 		nvap->na_mode = fxdr_unsigned(u_int16_t, sp->sa_mode);
1223 	}
1224 	*pathcpp = pathcp;
1225 	*lenp = len;
1226 	NFSEXITCODE2(0, nd);
1227 	return (0);
1228 nfsmout:
1229 	if (pathcp)
1230 		free(pathcp, M_TEMP);
1231 	NFSEXITCODE2(error, nd);
1232 	return (error);
1233 }
1234 
1235 /*
1236  * Remove a non-directory object.
1237  */
1238 int
nfsvno_removesub(struct nameidata * ndp,int is_v4,struct ucred * cred,struct thread * p,struct nfsexstuff * exp)1239 nfsvno_removesub(struct nameidata *ndp, int is_v4, struct ucred *cred,
1240     struct thread *p, struct nfsexstuff *exp)
1241 {
1242 	struct vnode *vp, *dsdvp[NFSDEV_MAXMIRRORS];
1243 	int error = 0, mirrorcnt;
1244 	char fname[PNFS_FILENAME_LEN + 1];
1245 	fhandle_t fh;
1246 
1247 	vp = ndp->ni_vp;
1248 	dsdvp[0] = NULL;
1249 	if (vp->v_type == VDIR)
1250 		error = NFSERR_ISDIR;
1251 	else if (is_v4)
1252 		error = nfsrv_checkremove(vp, 1, p);
1253 	if (error == 0)
1254 		nfsrv_pnfsremovesetup(vp, p, dsdvp, &mirrorcnt, fname, &fh);
1255 	if (!error)
1256 		error = VOP_REMOVE(ndp->ni_dvp, vp, &ndp->ni_cnd);
1257 	if (error == 0 && dsdvp[0] != NULL)
1258 		nfsrv_pnfsremove(dsdvp, mirrorcnt, fname, &fh, p);
1259 	if (ndp->ni_dvp == vp)
1260 		vrele(ndp->ni_dvp);
1261 	else
1262 		vput(ndp->ni_dvp);
1263 	vput(vp);
1264 	if ((ndp->ni_cnd.cn_flags & SAVENAME) != 0)
1265 		nfsvno_relpathbuf(ndp);
1266 	NFSEXITCODE(error);
1267 	return (error);
1268 }
1269 
1270 /*
1271  * Remove a directory.
1272  */
1273 int
nfsvno_rmdirsub(struct nameidata * ndp,int is_v4,struct ucred * cred,struct thread * p,struct nfsexstuff * exp)1274 nfsvno_rmdirsub(struct nameidata *ndp, int is_v4, struct ucred *cred,
1275     struct thread *p, struct nfsexstuff *exp)
1276 {
1277 	struct vnode *vp;
1278 	int error = 0;
1279 
1280 	vp = ndp->ni_vp;
1281 	if (vp->v_type != VDIR) {
1282 		error = ENOTDIR;
1283 		goto out;
1284 	}
1285 	/*
1286 	 * No rmdir "." please.
1287 	 */
1288 	if (ndp->ni_dvp == vp) {
1289 		error = EINVAL;
1290 		goto out;
1291 	}
1292 	/*
1293 	 * The root of a mounted filesystem cannot be deleted.
1294 	 */
1295 	if (vp->v_vflag & VV_ROOT)
1296 		error = EBUSY;
1297 out:
1298 	if (!error)
1299 		error = VOP_RMDIR(ndp->ni_dvp, vp, &ndp->ni_cnd);
1300 	if (ndp->ni_dvp == vp)
1301 		vrele(ndp->ni_dvp);
1302 	else
1303 		vput(ndp->ni_dvp);
1304 	vput(vp);
1305 	if ((ndp->ni_cnd.cn_flags & SAVENAME) != 0)
1306 		nfsvno_relpathbuf(ndp);
1307 	NFSEXITCODE(error);
1308 	return (error);
1309 }
1310 
1311 /*
1312  * Rename vnode op.
1313  */
1314 int
nfsvno_rename(struct nameidata * fromndp,struct nameidata * tondp,u_int32_t ndstat,u_int32_t ndflag,struct ucred * cred,struct thread * p)1315 nfsvno_rename(struct nameidata *fromndp, struct nameidata *tondp,
1316     u_int32_t ndstat, u_int32_t ndflag, struct ucred *cred, struct thread *p)
1317 {
1318 	struct vnode *fvp, *tvp, *tdvp, *dsdvp[NFSDEV_MAXMIRRORS];
1319 	int error = 0, mirrorcnt;
1320 	char fname[PNFS_FILENAME_LEN + 1];
1321 	fhandle_t fh;
1322 
1323 	dsdvp[0] = NULL;
1324 	fvp = fromndp->ni_vp;
1325 	if (ndstat) {
1326 		vrele(fromndp->ni_dvp);
1327 		vrele(fvp);
1328 		error = ndstat;
1329 		goto out1;
1330 	}
1331 	tdvp = tondp->ni_dvp;
1332 	tvp = tondp->ni_vp;
1333 	if (tvp != NULL) {
1334 		if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
1335 			error = (ndflag & ND_NFSV2) ? EISDIR : EEXIST;
1336 			goto out;
1337 		} else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
1338 			error = (ndflag & ND_NFSV2) ? ENOTDIR : EEXIST;
1339 			goto out;
1340 		}
1341 		if (tvp->v_type == VDIR && tvp->v_mountedhere) {
1342 			error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EXDEV;
1343 			goto out;
1344 		}
1345 
1346 		/*
1347 		 * A rename to '.' or '..' results in a prematurely
1348 		 * unlocked vnode on FreeBSD5, so I'm just going to fail that
1349 		 * here.
1350 		 */
1351 		if ((tondp->ni_cnd.cn_namelen == 1 &&
1352 		     tondp->ni_cnd.cn_nameptr[0] == '.') ||
1353 		    (tondp->ni_cnd.cn_namelen == 2 &&
1354 		     tondp->ni_cnd.cn_nameptr[0] == '.' &&
1355 		     tondp->ni_cnd.cn_nameptr[1] == '.')) {
1356 			error = EINVAL;
1357 			goto out;
1358 		}
1359 	}
1360 	if (fvp->v_type == VDIR && fvp->v_mountedhere) {
1361 		error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EXDEV;
1362 		goto out;
1363 	}
1364 	if (fvp->v_mount != tdvp->v_mount) {
1365 		error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EXDEV;
1366 		goto out;
1367 	}
1368 	if (fvp == tdvp) {
1369 		error = (ndflag & ND_NFSV2) ? ENOTEMPTY : EINVAL;
1370 		goto out;
1371 	}
1372 	if (fvp == tvp) {
1373 		/*
1374 		 * If source and destination are the same, there is nothing to
1375 		 * do. Set error to -1 to indicate this.
1376 		 */
1377 		error = -1;
1378 		goto out;
1379 	}
1380 	if (ndflag & ND_NFSV4) {
1381 		if (NFSVOPLOCK(fvp, LK_EXCLUSIVE) == 0) {
1382 			error = nfsrv_checkremove(fvp, 0, p);
1383 			NFSVOPUNLOCK(fvp, 0);
1384 		} else
1385 			error = EPERM;
1386 		if (tvp && !error)
1387 			error = nfsrv_checkremove(tvp, 1, p);
1388 	} else {
1389 		/*
1390 		 * For NFSv2 and NFSv3, try to get rid of the delegation, so
1391 		 * that the NFSv4 client won't be confused by the rename.
1392 		 * Since nfsd_recalldelegation() can only be called on an
1393 		 * unlocked vnode at this point and fvp is the file that will
1394 		 * still exist after the rename, just do fvp.
1395 		 */
1396 		nfsd_recalldelegation(fvp, p);
1397 	}
1398 	if (error == 0 && tvp != NULL) {
1399 		nfsrv_pnfsremovesetup(tvp, p, dsdvp, &mirrorcnt, fname, &fh);
1400 		NFSD_DEBUG(4, "nfsvno_rename: pnfsremovesetup"
1401 		    " dsdvp=%p\n", dsdvp[0]);
1402 	}
1403 out:
1404 	if (!error) {
1405 		error = VOP_RENAME(fromndp->ni_dvp, fromndp->ni_vp,
1406 		    &fromndp->ni_cnd, tondp->ni_dvp, tondp->ni_vp,
1407 		    &tondp->ni_cnd);
1408 	} else {
1409 		if (tdvp == tvp)
1410 			vrele(tdvp);
1411 		else
1412 			vput(tdvp);
1413 		if (tvp)
1414 			vput(tvp);
1415 		vrele(fromndp->ni_dvp);
1416 		vrele(fvp);
1417 		if (error == -1)
1418 			error = 0;
1419 	}
1420 
1421 	/*
1422 	 * If dsdvp[0] != NULL, it was set up by nfsrv_pnfsremovesetup() and
1423 	 * if the rename succeeded, the DS file for the tvp needs to be
1424 	 * removed.
1425 	 */
1426 	if (error == 0 && dsdvp[0] != NULL) {
1427 		nfsrv_pnfsremove(dsdvp, mirrorcnt, fname, &fh, p);
1428 		NFSD_DEBUG(4, "nfsvno_rename: pnfsremove\n");
1429 	}
1430 
1431 	vrele(tondp->ni_startdir);
1432 	nfsvno_relpathbuf(tondp);
1433 out1:
1434 	vrele(fromndp->ni_startdir);
1435 	nfsvno_relpathbuf(fromndp);
1436 	NFSEXITCODE(error);
1437 	return (error);
1438 }
1439 
1440 /*
1441  * Link vnode op.
1442  */
1443 int
nfsvno_link(struct nameidata * ndp,struct vnode * vp,struct ucred * cred,struct thread * p,struct nfsexstuff * exp)1444 nfsvno_link(struct nameidata *ndp, struct vnode *vp, struct ucred *cred,
1445     struct thread *p, struct nfsexstuff *exp)
1446 {
1447 	struct vnode *xp;
1448 	int error = 0;
1449 
1450 	xp = ndp->ni_vp;
1451 	if (xp != NULL) {
1452 		error = EEXIST;
1453 	} else {
1454 		xp = ndp->ni_dvp;
1455 		if (vp->v_mount != xp->v_mount)
1456 			error = EXDEV;
1457 	}
1458 	if (!error) {
1459 		NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
1460 		if ((vp->v_iflag & VI_DOOMED) == 0)
1461 			error = VOP_LINK(ndp->ni_dvp, vp, &ndp->ni_cnd);
1462 		else
1463 			error = EPERM;
1464 		if (ndp->ni_dvp == vp)
1465 			vrele(ndp->ni_dvp);
1466 		else
1467 			vput(ndp->ni_dvp);
1468 		NFSVOPUNLOCK(vp, 0);
1469 	} else {
1470 		if (ndp->ni_dvp == ndp->ni_vp)
1471 			vrele(ndp->ni_dvp);
1472 		else
1473 			vput(ndp->ni_dvp);
1474 		if (ndp->ni_vp)
1475 			vrele(ndp->ni_vp);
1476 	}
1477 	nfsvno_relpathbuf(ndp);
1478 	NFSEXITCODE(error);
1479 	return (error);
1480 }
1481 
1482 /*
1483  * Do the fsync() appropriate for the commit.
1484  */
1485 int
nfsvno_fsync(struct vnode * vp,u_int64_t off,int cnt,struct ucred * cred,struct thread * td)1486 nfsvno_fsync(struct vnode *vp, u_int64_t off, int cnt, struct ucred *cred,
1487     struct thread *td)
1488 {
1489 	int error = 0;
1490 
1491 	/*
1492 	 * RFC 1813 3.3.21: if count is 0, a flush from offset to the end of
1493 	 * file is done.  At this time VOP_FSYNC does not accept offset and
1494 	 * byte count parameters so call VOP_FSYNC the whole file for now.
1495 	 * The same is true for NFSv4: RFC 3530 Sec. 14.2.3.
1496 	 * File systems that do not use the buffer cache (as indicated
1497 	 * by MNTK_USES_BCACHE not being set) must use VOP_FSYNC().
1498 	 */
1499 	if (cnt == 0 || cnt > MAX_COMMIT_COUNT ||
1500 	    (vp->v_mount->mnt_kern_flag & MNTK_USES_BCACHE) == 0) {
1501 		/*
1502 		 * Give up and do the whole thing
1503 		 */
1504 		if (vp->v_object &&
1505 		   (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
1506 			VM_OBJECT_WLOCK(vp->v_object);
1507 			vm_object_page_clean(vp->v_object, 0, 0, OBJPC_SYNC);
1508 			VM_OBJECT_WUNLOCK(vp->v_object);
1509 		}
1510 		error = VOP_FSYNC(vp, MNT_WAIT, td);
1511 	} else {
1512 		/*
1513 		 * Locate and synchronously write any buffers that fall
1514 		 * into the requested range.  Note:  we are assuming that
1515 		 * f_iosize is a power of 2.
1516 		 */
1517 		int iosize = vp->v_mount->mnt_stat.f_iosize;
1518 		int iomask = iosize - 1;
1519 		struct bufobj *bo;
1520 		daddr_t lblkno;
1521 
1522 		/*
1523 		 * Align to iosize boundary, super-align to page boundary.
1524 		 */
1525 		if (off & iomask) {
1526 			cnt += off & iomask;
1527 			off &= ~(u_quad_t)iomask;
1528 		}
1529 		if (off & PAGE_MASK) {
1530 			cnt += off & PAGE_MASK;
1531 			off &= ~(u_quad_t)PAGE_MASK;
1532 		}
1533 		lblkno = off / iosize;
1534 
1535 		if (vp->v_object &&
1536 		   (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
1537 			VM_OBJECT_WLOCK(vp->v_object);
1538 			vm_object_page_clean(vp->v_object, off, off + cnt,
1539 			    OBJPC_SYNC);
1540 			VM_OBJECT_WUNLOCK(vp->v_object);
1541 		}
1542 
1543 		bo = &vp->v_bufobj;
1544 		BO_LOCK(bo);
1545 		while (cnt > 0) {
1546 			struct buf *bp;
1547 
1548 			/*
1549 			 * If we have a buffer and it is marked B_DELWRI we
1550 			 * have to lock and write it.  Otherwise the prior
1551 			 * write is assumed to have already been committed.
1552 			 *
1553 			 * gbincore() can return invalid buffers now so we
1554 			 * have to check that bit as well (though B_DELWRI
1555 			 * should not be set if B_INVAL is set there could be
1556 			 * a race here since we haven't locked the buffer).
1557 			 */
1558 			if ((bp = gbincore(&vp->v_bufobj, lblkno)) != NULL) {
1559 				if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_SLEEPFAIL |
1560 				    LK_INTERLOCK, BO_LOCKPTR(bo)) == ENOLCK) {
1561 					BO_LOCK(bo);
1562 					continue; /* retry */
1563 				}
1564 			    	if ((bp->b_flags & (B_DELWRI|B_INVAL)) ==
1565 				    B_DELWRI) {
1566 					bremfree(bp);
1567 					bp->b_flags &= ~B_ASYNC;
1568 					bwrite(bp);
1569 					++nfs_commit_miss;
1570 				} else
1571 					BUF_UNLOCK(bp);
1572 				BO_LOCK(bo);
1573 			}
1574 			++nfs_commit_blks;
1575 			if (cnt < iosize)
1576 				break;
1577 			cnt -= iosize;
1578 			++lblkno;
1579 		}
1580 		BO_UNLOCK(bo);
1581 	}
1582 	NFSEXITCODE(error);
1583 	return (error);
1584 }
1585 
1586 /*
1587  * Statfs vnode op.
1588  */
1589 int
nfsvno_statfs(struct vnode * vp,struct statfs * sf)1590 nfsvno_statfs(struct vnode *vp, struct statfs *sf)
1591 {
1592 	struct statfs *tsf;
1593 	int error;
1594 
1595 	tsf = NULL;
1596 	if (nfsrv_devidcnt > 0) {
1597 		/* For a pNFS service, get the DS numbers. */
1598 		tsf = malloc(sizeof(*tsf), M_TEMP, M_WAITOK | M_ZERO);
1599 		error = nfsrv_pnfsstatfs(tsf, vp->v_mount);
1600 		if (error != 0) {
1601 			free(tsf, M_TEMP);
1602 			tsf = NULL;
1603 		}
1604 	}
1605 	error = VFS_STATFS(vp->v_mount, sf);
1606 	if (error == 0) {
1607 		if (tsf != NULL) {
1608 			sf->f_blocks = tsf->f_blocks;
1609 			sf->f_bavail = tsf->f_bavail;
1610 			sf->f_bfree = tsf->f_bfree;
1611 			sf->f_bsize = tsf->f_bsize;
1612 		}
1613 		/*
1614 		 * Since NFS handles these values as unsigned on the
1615 		 * wire, there is no way to represent negative values,
1616 		 * so set them to 0. Without this, they will appear
1617 		 * to be very large positive values for clients like
1618 		 * Solaris10.
1619 		 */
1620 		if (sf->f_bavail < 0)
1621 			sf->f_bavail = 0;
1622 		if (sf->f_ffree < 0)
1623 			sf->f_ffree = 0;
1624 	}
1625 	free(tsf, M_TEMP);
1626 	NFSEXITCODE(error);
1627 	return (error);
1628 }
1629 
1630 /*
1631  * Do the vnode op stuff for Open. Similar to nfsvno_createsub(), but
1632  * must handle nfsrv_opencheck() calls after any other access checks.
1633  */
1634 void
nfsvno_open(struct nfsrv_descript * nd,struct nameidata * ndp,nfsquad_t clientid,nfsv4stateid_t * stateidp,struct nfsstate * stp,int * exclusive_flagp,struct nfsvattr * nvap,int32_t * cverf,int create,NFSACL_T * aclp,nfsattrbit_t * attrbitp,struct ucred * cred,struct thread * p,struct nfsexstuff * exp,struct vnode ** vpp)1635 nfsvno_open(struct nfsrv_descript *nd, struct nameidata *ndp,
1636     nfsquad_t clientid, nfsv4stateid_t *stateidp, struct nfsstate *stp,
1637     int *exclusive_flagp, struct nfsvattr *nvap, int32_t *cverf, int create,
1638     NFSACL_T *aclp, nfsattrbit_t *attrbitp, struct ucred *cred, struct thread *p,
1639     struct nfsexstuff *exp, struct vnode **vpp)
1640 {
1641 	struct vnode *vp = NULL;
1642 	u_quad_t tempsize;
1643 	struct nfsexstuff nes;
1644 
1645 	if (ndp->ni_vp == NULL)
1646 		nd->nd_repstat = nfsrv_opencheck(clientid,
1647 		    stateidp, stp, NULL, nd, p, nd->nd_repstat);
1648 	if (!nd->nd_repstat) {
1649 		if (ndp->ni_vp == NULL) {
1650 			vrele(ndp->ni_startdir);
1651 			nd->nd_repstat = VOP_CREATE(ndp->ni_dvp,
1652 			    &ndp->ni_vp, &ndp->ni_cnd, &nvap->na_vattr);
1653 			/* For a pNFS server, create the data file on a DS. */
1654 			if (nd->nd_repstat == 0) {
1655 				/*
1656 				 * Create a data file on a DS for a pNFS server.
1657 				 * This function just returns if not
1658 				 * running a pNFS DS or the creation fails.
1659 				 */
1660 				nfsrv_pnfscreate(ndp->ni_vp, &nvap->na_vattr,
1661 				    cred, p);
1662 			}
1663 			vput(ndp->ni_dvp);
1664 			nfsvno_relpathbuf(ndp);
1665 			if (!nd->nd_repstat) {
1666 				if (*exclusive_flagp) {
1667 					*exclusive_flagp = 0;
1668 					NFSVNO_ATTRINIT(nvap);
1669 					nvap->na_atime.tv_sec = cverf[0];
1670 					nvap->na_atime.tv_nsec = cverf[1];
1671 					nd->nd_repstat = VOP_SETATTR(ndp->ni_vp,
1672 					    &nvap->na_vattr, cred);
1673 					if (nd->nd_repstat != 0) {
1674 						vput(ndp->ni_vp);
1675 						ndp->ni_vp = NULL;
1676 						nd->nd_repstat = NFSERR_NOTSUPP;
1677 					} else
1678 						NFSSETBIT_ATTRBIT(attrbitp,
1679 						    NFSATTRBIT_TIMEACCESS);
1680 				} else {
1681 					nfsrv_fixattr(nd, ndp->ni_vp, nvap,
1682 					    aclp, p, attrbitp, exp);
1683 				}
1684 			}
1685 			vp = ndp->ni_vp;
1686 		} else {
1687 			if (ndp->ni_startdir)
1688 				vrele(ndp->ni_startdir);
1689 			nfsvno_relpathbuf(ndp);
1690 			vp = ndp->ni_vp;
1691 			if (create == NFSV4OPEN_CREATE) {
1692 				if (ndp->ni_dvp == vp)
1693 					vrele(ndp->ni_dvp);
1694 				else
1695 					vput(ndp->ni_dvp);
1696 			}
1697 			if (NFSVNO_ISSETSIZE(nvap) && vp->v_type == VREG) {
1698 				if (ndp->ni_cnd.cn_flags & RDONLY)
1699 					NFSVNO_SETEXRDONLY(&nes);
1700 				else
1701 					NFSVNO_EXINIT(&nes);
1702 				nd->nd_repstat = nfsvno_accchk(vp,
1703 				    VWRITE, cred, &nes, p,
1704 				    NFSACCCHK_NOOVERRIDE,
1705 				    NFSACCCHK_VPISLOCKED, NULL);
1706 				nd->nd_repstat = nfsrv_opencheck(clientid,
1707 				    stateidp, stp, vp, nd, p, nd->nd_repstat);
1708 				if (!nd->nd_repstat) {
1709 					tempsize = nvap->na_size;
1710 					NFSVNO_ATTRINIT(nvap);
1711 					nvap->na_size = tempsize;
1712 					nd->nd_repstat = nfsvno_setattr(vp,
1713 					    nvap, cred, p, exp);
1714 				}
1715 			} else if (vp->v_type == VREG) {
1716 				nd->nd_repstat = nfsrv_opencheck(clientid,
1717 				    stateidp, stp, vp, nd, p, nd->nd_repstat);
1718 			}
1719 		}
1720 	} else {
1721 		if (ndp->ni_cnd.cn_flags & HASBUF)
1722 			nfsvno_relpathbuf(ndp);
1723 		if (ndp->ni_startdir && create == NFSV4OPEN_CREATE) {
1724 			vrele(ndp->ni_startdir);
1725 			if (ndp->ni_dvp == ndp->ni_vp)
1726 				vrele(ndp->ni_dvp);
1727 			else
1728 				vput(ndp->ni_dvp);
1729 			if (ndp->ni_vp)
1730 				vput(ndp->ni_vp);
1731 		}
1732 	}
1733 	*vpp = vp;
1734 
1735 	NFSEXITCODE2(0, nd);
1736 }
1737 
1738 /*
1739  * Updates the file rev and sets the mtime and ctime
1740  * to the current clock time, returning the va_filerev and va_Xtime
1741  * values.
1742  * Return ESTALE to indicate the vnode is VI_DOOMED.
1743  */
1744 int
nfsvno_updfilerev(struct vnode * vp,struct nfsvattr * nvap,struct nfsrv_descript * nd,struct thread * p)1745 nfsvno_updfilerev(struct vnode *vp, struct nfsvattr *nvap,
1746     struct nfsrv_descript *nd, struct thread *p)
1747 {
1748 	struct vattr va;
1749 
1750 	VATTR_NULL(&va);
1751 	vfs_timestamp(&va.va_mtime);
1752 	if (NFSVOPISLOCKED(vp) != LK_EXCLUSIVE) {
1753 		NFSVOPLOCK(vp, LK_UPGRADE | LK_RETRY);
1754 		if ((vp->v_iflag & VI_DOOMED) != 0)
1755 			return (ESTALE);
1756 	}
1757 	(void) VOP_SETATTR(vp, &va, nd->nd_cred);
1758 	(void) nfsvno_getattr(vp, nvap, nd, p, 1, NULL);
1759 	return (0);
1760 }
1761 
1762 /*
1763  * Glue routine to nfsv4_fillattr().
1764  */
1765 int
nfsvno_fillattr(struct nfsrv_descript * nd,struct mount * mp,struct vnode * vp,struct nfsvattr * nvap,fhandle_t * fhp,int rderror,nfsattrbit_t * attrbitp,struct ucred * cred,struct thread * p,int isdgram,int reterr,int supports_nfsv4acls,int at_root,uint64_t mounted_on_fileno)1766 nfsvno_fillattr(struct nfsrv_descript *nd, struct mount *mp, struct vnode *vp,
1767     struct nfsvattr *nvap, fhandle_t *fhp, int rderror, nfsattrbit_t *attrbitp,
1768     struct ucred *cred, struct thread *p, int isdgram, int reterr,
1769     int supports_nfsv4acls, int at_root, uint64_t mounted_on_fileno)
1770 {
1771 	struct statfs *sf;
1772 	int error;
1773 
1774 	sf = NULL;
1775 	if (nfsrv_devidcnt > 0 &&
1776 	    (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACEAVAIL) ||
1777 	     NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACEFREE) ||
1778 	     NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SPACETOTAL))) {
1779 		sf = malloc(sizeof(*sf), M_TEMP, M_WAITOK | M_ZERO);
1780 		error = nfsrv_pnfsstatfs(sf, mp);
1781 		if (error != 0) {
1782 			free(sf, M_TEMP);
1783 			sf = NULL;
1784 		}
1785 	}
1786 	error = nfsv4_fillattr(nd, mp, vp, NULL, &nvap->na_vattr, fhp, rderror,
1787 	    attrbitp, cred, p, isdgram, reterr, supports_nfsv4acls, at_root,
1788 	    mounted_on_fileno, sf);
1789 	free(sf, M_TEMP);
1790 	NFSEXITCODE2(0, nd);
1791 	return (error);
1792 }
1793 
1794 /* Since the Readdir vnode ops vary, put the entire functions in here. */
1795 /*
1796  * nfs readdir service
1797  * - mallocs what it thinks is enough to read
1798  *	count rounded up to a multiple of DIRBLKSIZ <= NFS_MAXREADDIR
1799  * - calls VOP_READDIR()
1800  * - loops around building the reply
1801  *	if the output generated exceeds count break out of loop
1802  *	The NFSM_CLGET macro is used here so that the reply will be packed
1803  *	tightly in mbuf clusters.
1804  * - it trims out records with d_fileno == 0
1805  *	this doesn't matter for Unix clients, but they might confuse clients
1806  *	for other os'.
1807  * - it trims out records with d_type == DT_WHT
1808  *	these cannot be seen through NFS (unless we extend the protocol)
1809  *     The alternate call nfsrvd_readdirplus() does lookups as well.
1810  * PS: The NFS protocol spec. does not clarify what the "count" byte
1811  *	argument is a count of.. just name strings and file id's or the
1812  *	entire reply rpc or ...
1813  *	I tried just file name and id sizes and it confused the Sun client,
1814  *	so I am using the full rpc size now. The "paranoia.." comment refers
1815  *	to including the status longwords that are not a part of the dir.
1816  *	"entry" structures, but are in the rpc.
1817  */
1818 int
nfsrvd_readdir(struct nfsrv_descript * nd,int isdgram,struct vnode * vp,struct thread * p,struct nfsexstuff * exp)1819 nfsrvd_readdir(struct nfsrv_descript *nd, int isdgram,
1820     struct vnode *vp, struct thread *p, struct nfsexstuff *exp)
1821 {
1822 	struct dirent *dp;
1823 	u_int32_t *tl;
1824 	int dirlen;
1825 	char *cpos, *cend, *rbuf;
1826 	struct nfsvattr at;
1827 	int nlen, error = 0, getret = 1;
1828 	int siz, cnt, fullsiz, eofflag, ncookies;
1829 	u_int64_t off, toff, verf __unused;
1830 	u_long *cookies = NULL, *cookiep;
1831 	struct uio io;
1832 	struct iovec iv;
1833 	int is_ufs;
1834 
1835 	if (nd->nd_repstat) {
1836 		nfsrv_postopattr(nd, getret, &at);
1837 		goto out;
1838 	}
1839 	if (nd->nd_flag & ND_NFSV2) {
1840 		NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
1841 		off = fxdr_unsigned(u_quad_t, *tl++);
1842 	} else {
1843 		NFSM_DISSECT(tl, u_int32_t *, 5 * NFSX_UNSIGNED);
1844 		off = fxdr_hyper(tl);
1845 		tl += 2;
1846 		verf = fxdr_hyper(tl);
1847 		tl += 2;
1848 	}
1849 	toff = off;
1850 	cnt = fxdr_unsigned(int, *tl);
1851 	if (cnt > NFS_SRVMAXDATA(nd) || cnt < 0)
1852 		cnt = NFS_SRVMAXDATA(nd);
1853 	siz = ((cnt + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
1854 	fullsiz = siz;
1855 	if (nd->nd_flag & ND_NFSV3) {
1856 		nd->nd_repstat = getret = nfsvno_getattr(vp, &at, nd, p, 1,
1857 		    NULL);
1858 #if 0
1859 		/*
1860 		 * va_filerev is not sufficient as a cookie verifier,
1861 		 * since it is not supposed to change when entries are
1862 		 * removed/added unless that offset cookies returned to
1863 		 * the client are no longer valid.
1864 		 */
1865 		if (!nd->nd_repstat && toff && verf != at.na_filerev)
1866 			nd->nd_repstat = NFSERR_BAD_COOKIE;
1867 #endif
1868 	}
1869 	if (!nd->nd_repstat && vp->v_type != VDIR)
1870 		nd->nd_repstat = NFSERR_NOTDIR;
1871 	if (nd->nd_repstat == 0 && cnt == 0) {
1872 		if (nd->nd_flag & ND_NFSV2)
1873 			/* NFSv2 does not have NFSERR_TOOSMALL */
1874 			nd->nd_repstat = EPERM;
1875 		else
1876 			nd->nd_repstat = NFSERR_TOOSMALL;
1877 	}
1878 	if (!nd->nd_repstat)
1879 		nd->nd_repstat = nfsvno_accchk(vp, VEXEC,
1880 		    nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE,
1881 		    NFSACCCHK_VPISLOCKED, NULL);
1882 	if (nd->nd_repstat) {
1883 		vput(vp);
1884 		if (nd->nd_flag & ND_NFSV3)
1885 			nfsrv_postopattr(nd, getret, &at);
1886 		goto out;
1887 	}
1888 	is_ufs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "ufs") == 0;
1889 	rbuf = malloc(siz, M_TEMP, M_WAITOK);
1890 again:
1891 	eofflag = 0;
1892 	if (cookies) {
1893 		free(cookies, M_TEMP);
1894 		cookies = NULL;
1895 	}
1896 
1897 	iv.iov_base = rbuf;
1898 	iv.iov_len = siz;
1899 	io.uio_iov = &iv;
1900 	io.uio_iovcnt = 1;
1901 	io.uio_offset = (off_t)off;
1902 	io.uio_resid = siz;
1903 	io.uio_segflg = UIO_SYSSPACE;
1904 	io.uio_rw = UIO_READ;
1905 	io.uio_td = NULL;
1906 	nd->nd_repstat = VOP_READDIR(vp, &io, nd->nd_cred, &eofflag, &ncookies,
1907 	    &cookies);
1908 	off = (u_int64_t)io.uio_offset;
1909 	if (io.uio_resid)
1910 		siz -= io.uio_resid;
1911 
1912 	if (!cookies && !nd->nd_repstat)
1913 		nd->nd_repstat = NFSERR_PERM;
1914 	if (nd->nd_flag & ND_NFSV3) {
1915 		getret = nfsvno_getattr(vp, &at, nd, p, 1, NULL);
1916 		if (!nd->nd_repstat)
1917 			nd->nd_repstat = getret;
1918 	}
1919 
1920 	/*
1921 	 * Handles the failed cases. nd->nd_repstat == 0 past here.
1922 	 */
1923 	if (nd->nd_repstat) {
1924 		vput(vp);
1925 		free(rbuf, M_TEMP);
1926 		if (cookies)
1927 			free(cookies, M_TEMP);
1928 		if (nd->nd_flag & ND_NFSV3)
1929 			nfsrv_postopattr(nd, getret, &at);
1930 		goto out;
1931 	}
1932 	/*
1933 	 * If nothing read, return eof
1934 	 * rpc reply
1935 	 */
1936 	if (siz == 0) {
1937 		vput(vp);
1938 		if (nd->nd_flag & ND_NFSV2) {
1939 			NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
1940 		} else {
1941 			nfsrv_postopattr(nd, getret, &at);
1942 			NFSM_BUILD(tl, u_int32_t *, 4 * NFSX_UNSIGNED);
1943 			txdr_hyper(at.na_filerev, tl);
1944 			tl += 2;
1945 		}
1946 		*tl++ = newnfs_false;
1947 		*tl = newnfs_true;
1948 		free(rbuf, M_TEMP);
1949 		free(cookies, M_TEMP);
1950 		goto out;
1951 	}
1952 
1953 	/*
1954 	 * Check for degenerate cases of nothing useful read.
1955 	 * If so go try again
1956 	 */
1957 	cpos = rbuf;
1958 	cend = rbuf + siz;
1959 	dp = (struct dirent *)cpos;
1960 	cookiep = cookies;
1961 
1962 	/*
1963 	 * For some reason FreeBSD's ufs_readdir() chooses to back the
1964 	 * directory offset up to a block boundary, so it is necessary to
1965 	 * skip over the records that precede the requested offset. This
1966 	 * requires the assumption that file offset cookies monotonically
1967 	 * increase.
1968 	 */
1969 	while (cpos < cend && ncookies > 0 &&
1970 	    (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
1971 	     (is_ufs == 1 && ((u_quad_t)(*cookiep)) <= toff))) {
1972 		cpos += dp->d_reclen;
1973 		dp = (struct dirent *)cpos;
1974 		cookiep++;
1975 		ncookies--;
1976 	}
1977 	if (cpos >= cend || ncookies == 0) {
1978 		siz = fullsiz;
1979 		toff = off;
1980 		goto again;
1981 	}
1982 	vput(vp);
1983 
1984 	/*
1985 	 * dirlen is the size of the reply, including all XDR and must
1986 	 * not exceed cnt. For NFSv2, RFC1094 didn't clearly indicate
1987 	 * if the XDR should be included in "count", but to be safe, we do.
1988 	 * (Include the two booleans at the end of the reply in dirlen now.)
1989 	 */
1990 	if (nd->nd_flag & ND_NFSV3) {
1991 		nfsrv_postopattr(nd, getret, &at);
1992 		NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
1993 		txdr_hyper(at.na_filerev, tl);
1994 		dirlen = NFSX_V3POSTOPATTR + NFSX_VERF + 2 * NFSX_UNSIGNED;
1995 	} else {
1996 		dirlen = 2 * NFSX_UNSIGNED;
1997 	}
1998 
1999 	/* Loop through the records and build reply */
2000 	while (cpos < cend && ncookies > 0) {
2001 		nlen = dp->d_namlen;
2002 		if (dp->d_fileno != 0 && dp->d_type != DT_WHT &&
2003 			nlen <= NFS_MAXNAMLEN) {
2004 			if (nd->nd_flag & ND_NFSV3)
2005 				dirlen += (6*NFSX_UNSIGNED + NFSM_RNDUP(nlen));
2006 			else
2007 				dirlen += (4*NFSX_UNSIGNED + NFSM_RNDUP(nlen));
2008 			if (dirlen > cnt) {
2009 				eofflag = 0;
2010 				break;
2011 			}
2012 
2013 			/*
2014 			 * Build the directory record xdr from
2015 			 * the dirent entry.
2016 			 */
2017 			if (nd->nd_flag & ND_NFSV3) {
2018 				NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
2019 				*tl++ = newnfs_true;
2020 				txdr_hyper(dp->d_fileno, tl);
2021 			} else {
2022 				NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2023 				*tl++ = newnfs_true;
2024 				*tl = txdr_unsigned(dp->d_fileno);
2025 			}
2026 			(void) nfsm_strtom(nd, dp->d_name, nlen);
2027 			if (nd->nd_flag & ND_NFSV3) {
2028 				NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2029 				txdr_hyper(*cookiep, tl);
2030 			} else {
2031 				NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
2032 				*tl = txdr_unsigned(*cookiep);
2033 			}
2034 		}
2035 		cpos += dp->d_reclen;
2036 		dp = (struct dirent *)cpos;
2037 		cookiep++;
2038 		ncookies--;
2039 	}
2040 	if (cpos < cend)
2041 		eofflag = 0;
2042 	NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2043 	*tl++ = newnfs_false;
2044 	if (eofflag)
2045 		*tl = newnfs_true;
2046 	else
2047 		*tl = newnfs_false;
2048 	free(rbuf, M_TEMP);
2049 	free(cookies, M_TEMP);
2050 
2051 out:
2052 	NFSEXITCODE2(0, nd);
2053 	return (0);
2054 nfsmout:
2055 	vput(vp);
2056 	NFSEXITCODE2(error, nd);
2057 	return (error);
2058 }
2059 
2060 /*
2061  * Readdirplus for V3 and Readdir for V4.
2062  */
2063 int
nfsrvd_readdirplus(struct nfsrv_descript * nd,int isdgram,struct vnode * vp,struct thread * p,struct nfsexstuff * exp)2064 nfsrvd_readdirplus(struct nfsrv_descript *nd, int isdgram,
2065     struct vnode *vp, struct thread *p, struct nfsexstuff *exp)
2066 {
2067 	struct dirent *dp;
2068 	u_int32_t *tl;
2069 	int dirlen;
2070 	char *cpos, *cend, *rbuf;
2071 	struct vnode *nvp;
2072 	fhandle_t nfh;
2073 	struct nfsvattr nva, at, *nvap = &nva;
2074 	struct mbuf *mb0, *mb1;
2075 	struct nfsreferral *refp;
2076 	int nlen, r, error = 0, getret = 1, usevget = 1;
2077 	int siz, cnt, fullsiz, eofflag, ncookies, entrycnt;
2078 	caddr_t bpos0, bpos1;
2079 	u_int64_t off, toff, verf;
2080 	u_long *cookies = NULL, *cookiep;
2081 	nfsattrbit_t attrbits, rderrbits, savbits;
2082 	struct uio io;
2083 	struct iovec iv;
2084 	struct componentname cn;
2085 	int at_root, is_ufs, is_zfs, needs_unbusy, supports_nfsv4acls;
2086 	struct mount *mp, *new_mp;
2087 	uint64_t mounted_on_fileno;
2088 
2089 	if (nd->nd_repstat) {
2090 		nfsrv_postopattr(nd, getret, &at);
2091 		goto out;
2092 	}
2093 	NFSM_DISSECT(tl, u_int32_t *, 6 * NFSX_UNSIGNED);
2094 	off = fxdr_hyper(tl);
2095 	toff = off;
2096 	tl += 2;
2097 	verf = fxdr_hyper(tl);
2098 	tl += 2;
2099 	siz = fxdr_unsigned(int, *tl++);
2100 	cnt = fxdr_unsigned(int, *tl);
2101 
2102 	/*
2103 	 * Use the server's maximum data transfer size as the upper bound
2104 	 * on reply datalen.
2105 	 */
2106 	if (cnt > NFS_SRVMAXDATA(nd) || cnt < 0)
2107 		cnt = NFS_SRVMAXDATA(nd);
2108 
2109 	/*
2110 	 * siz is a "hint" of how much directory information (name, fileid,
2111 	 * cookie) should be in the reply. At least one client "hints" 0,
2112 	 * so I set it to cnt for that case. I also round it up to the
2113 	 * next multiple of DIRBLKSIZ.
2114 	 * Since the size of a Readdirplus directory entry reply will always
2115 	 * be greater than a directory entry returned by VOP_READDIR(), it
2116 	 * does not make sense to read more than NFS_SRVMAXDATA() via
2117 	 * VOP_READDIR().
2118 	 */
2119 	if (siz <= 0)
2120 		siz = cnt;
2121 	else if (siz > NFS_SRVMAXDATA(nd))
2122 		siz = NFS_SRVMAXDATA(nd);
2123 	siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
2124 
2125 	if (nd->nd_flag & ND_NFSV4) {
2126 		error = nfsrv_getattrbits(nd, &attrbits, NULL, NULL);
2127 		if (error)
2128 			goto nfsmout;
2129 		NFSSET_ATTRBIT(&savbits, &attrbits);
2130 		NFSCLRNOTFILLABLE_ATTRBIT(&attrbits, nd);
2131 		NFSZERO_ATTRBIT(&rderrbits);
2132 		NFSSETBIT_ATTRBIT(&rderrbits, NFSATTRBIT_RDATTRERROR);
2133 	} else {
2134 		NFSZERO_ATTRBIT(&attrbits);
2135 	}
2136 	fullsiz = siz;
2137 	nd->nd_repstat = getret = nfsvno_getattr(vp, &at, nd, p, 1, NULL);
2138 #if 0
2139 	if (!nd->nd_repstat) {
2140 	    if (off && verf != at.na_filerev) {
2141 		/*
2142 		 * va_filerev is not sufficient as a cookie verifier,
2143 		 * since it is not supposed to change when entries are
2144 		 * removed/added unless that offset cookies returned to
2145 		 * the client are no longer valid.
2146 		 */
2147 		if (nd->nd_flag & ND_NFSV4) {
2148 			nd->nd_repstat = NFSERR_NOTSAME;
2149 		} else {
2150 			nd->nd_repstat = NFSERR_BAD_COOKIE;
2151 		}
2152 	    }
2153 	}
2154 #endif
2155 	if (!nd->nd_repstat && vp->v_type != VDIR)
2156 		nd->nd_repstat = NFSERR_NOTDIR;
2157 	if (!nd->nd_repstat && cnt == 0)
2158 		nd->nd_repstat = NFSERR_TOOSMALL;
2159 	if (!nd->nd_repstat)
2160 		nd->nd_repstat = nfsvno_accchk(vp, VEXEC,
2161 		    nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE,
2162 		    NFSACCCHK_VPISLOCKED, NULL);
2163 	if (nd->nd_repstat) {
2164 		vput(vp);
2165 		if (nd->nd_flag & ND_NFSV3)
2166 			nfsrv_postopattr(nd, getret, &at);
2167 		goto out;
2168 	}
2169 	is_ufs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "ufs") == 0;
2170 	is_zfs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "zfs") == 0;
2171 
2172 	rbuf = malloc(siz, M_TEMP, M_WAITOK);
2173 again:
2174 	eofflag = 0;
2175 	if (cookies) {
2176 		free(cookies, M_TEMP);
2177 		cookies = NULL;
2178 	}
2179 
2180 	iv.iov_base = rbuf;
2181 	iv.iov_len = siz;
2182 	io.uio_iov = &iv;
2183 	io.uio_iovcnt = 1;
2184 	io.uio_offset = (off_t)off;
2185 	io.uio_resid = siz;
2186 	io.uio_segflg = UIO_SYSSPACE;
2187 	io.uio_rw = UIO_READ;
2188 	io.uio_td = NULL;
2189 	nd->nd_repstat = VOP_READDIR(vp, &io, nd->nd_cred, &eofflag, &ncookies,
2190 	    &cookies);
2191 	off = (u_int64_t)io.uio_offset;
2192 	if (io.uio_resid)
2193 		siz -= io.uio_resid;
2194 
2195 	getret = nfsvno_getattr(vp, &at, nd, p, 1, NULL);
2196 
2197 	if (!cookies && !nd->nd_repstat)
2198 		nd->nd_repstat = NFSERR_PERM;
2199 	if (!nd->nd_repstat)
2200 		nd->nd_repstat = getret;
2201 	if (nd->nd_repstat) {
2202 		vput(vp);
2203 		if (cookies)
2204 			free(cookies, M_TEMP);
2205 		free(rbuf, M_TEMP);
2206 		if (nd->nd_flag & ND_NFSV3)
2207 			nfsrv_postopattr(nd, getret, &at);
2208 		goto out;
2209 	}
2210 	/*
2211 	 * If nothing read, return eof
2212 	 * rpc reply
2213 	 */
2214 	if (siz == 0) {
2215 		vput(vp);
2216 		if (nd->nd_flag & ND_NFSV3)
2217 			nfsrv_postopattr(nd, getret, &at);
2218 		NFSM_BUILD(tl, u_int32_t *, 4 * NFSX_UNSIGNED);
2219 		txdr_hyper(at.na_filerev, tl);
2220 		tl += 2;
2221 		*tl++ = newnfs_false;
2222 		*tl = newnfs_true;
2223 		free(cookies, M_TEMP);
2224 		free(rbuf, M_TEMP);
2225 		goto out;
2226 	}
2227 
2228 	/*
2229 	 * Check for degenerate cases of nothing useful read.
2230 	 * If so go try again
2231 	 */
2232 	cpos = rbuf;
2233 	cend = rbuf + siz;
2234 	dp = (struct dirent *)cpos;
2235 	cookiep = cookies;
2236 
2237 	/*
2238 	 * For some reason FreeBSD's ufs_readdir() chooses to back the
2239 	 * directory offset up to a block boundary, so it is necessary to
2240 	 * skip over the records that precede the requested offset. This
2241 	 * requires the assumption that file offset cookies monotonically
2242 	 * increase.
2243 	 */
2244 	while (cpos < cend && ncookies > 0 &&
2245 	  (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
2246 	   (is_ufs == 1 && ((u_quad_t)(*cookiep)) <= toff) ||
2247 	   ((nd->nd_flag & ND_NFSV4) &&
2248 	    ((dp->d_namlen == 1 && dp->d_name[0] == '.') ||
2249 	     (dp->d_namlen==2 && dp->d_name[0]=='.' && dp->d_name[1]=='.'))))) {
2250 		cpos += dp->d_reclen;
2251 		dp = (struct dirent *)cpos;
2252 		cookiep++;
2253 		ncookies--;
2254 	}
2255 	if (cpos >= cend || ncookies == 0) {
2256 		siz = fullsiz;
2257 		toff = off;
2258 		goto again;
2259 	}
2260 
2261 	/*
2262 	 * Busy the file system so that the mount point won't go away
2263 	 * and, as such, VFS_VGET() can be used safely.
2264 	 */
2265 	mp = vp->v_mount;
2266 	vfs_ref(mp);
2267 	NFSVOPUNLOCK(vp, 0);
2268 	nd->nd_repstat = vfs_busy(mp, 0);
2269 	vfs_rel(mp);
2270 	if (nd->nd_repstat != 0) {
2271 		vrele(vp);
2272 		free(cookies, M_TEMP);
2273 		free(rbuf, M_TEMP);
2274 		if (nd->nd_flag & ND_NFSV3)
2275 			nfsrv_postopattr(nd, getret, &at);
2276 		goto out;
2277 	}
2278 
2279 	/*
2280 	 * Check to see if entries in this directory can be safely acquired
2281 	 * via VFS_VGET() or if a switch to VOP_LOOKUP() is required.
2282 	 * ZFS snapshot directories need VOP_LOOKUP(), so that any
2283 	 * automount of the snapshot directory that is required will
2284 	 * be done.
2285 	 * This needs to be done here for NFSv4, since NFSv4 never does
2286 	 * a VFS_VGET() for "." or "..".
2287 	 */
2288 	if (is_zfs == 1) {
2289 		r = VFS_VGET(mp, at.na_fileid, LK_SHARED, &nvp);
2290 		if (r == EOPNOTSUPP) {
2291 			usevget = 0;
2292 			cn.cn_nameiop = LOOKUP;
2293 			cn.cn_lkflags = LK_SHARED | LK_RETRY;
2294 			cn.cn_cred = nd->nd_cred;
2295 			cn.cn_thread = p;
2296 		} else if (r == 0)
2297 			vput(nvp);
2298 	}
2299 
2300 	/*
2301 	 * Save this position, in case there is an error before one entry
2302 	 * is created.
2303 	 */
2304 	mb0 = nd->nd_mb;
2305 	bpos0 = nd->nd_bpos;
2306 
2307 	/*
2308 	 * Fill in the first part of the reply.
2309 	 * dirlen is the reply length in bytes and cannot exceed cnt.
2310 	 * (Include the two booleans at the end of the reply in dirlen now,
2311 	 *  so we recognize when we have exceeded cnt.)
2312 	 */
2313 	if (nd->nd_flag & ND_NFSV3) {
2314 		dirlen = NFSX_V3POSTOPATTR + NFSX_VERF + 2 * NFSX_UNSIGNED;
2315 		nfsrv_postopattr(nd, getret, &at);
2316 	} else {
2317 		dirlen = NFSX_VERF + 2 * NFSX_UNSIGNED;
2318 	}
2319 	NFSM_BUILD(tl, u_int32_t *, NFSX_VERF);
2320 	txdr_hyper(at.na_filerev, tl);
2321 
2322 	/*
2323 	 * Save this position, in case there is an empty reply needed.
2324 	 */
2325 	mb1 = nd->nd_mb;
2326 	bpos1 = nd->nd_bpos;
2327 
2328 	/* Loop through the records and build reply */
2329 	entrycnt = 0;
2330 	while (cpos < cend && ncookies > 0 && dirlen < cnt) {
2331 		nlen = dp->d_namlen;
2332 		if (dp->d_fileno != 0 && dp->d_type != DT_WHT &&
2333 		    nlen <= NFS_MAXNAMLEN &&
2334 		    ((nd->nd_flag & ND_NFSV3) || nlen > 2 ||
2335 		     (nlen==2 && (dp->d_name[0]!='.' || dp->d_name[1]!='.'))
2336 		      || (nlen == 1 && dp->d_name[0] != '.'))) {
2337 			/*
2338 			 * Save the current position in the reply, in case
2339 			 * this entry exceeds cnt.
2340 			 */
2341 			mb1 = nd->nd_mb;
2342 			bpos1 = nd->nd_bpos;
2343 
2344 			/*
2345 			 * For readdir_and_lookup get the vnode using
2346 			 * the file number.
2347 			 */
2348 			nvp = NULL;
2349 			refp = NULL;
2350 			r = 0;
2351 			at_root = 0;
2352 			needs_unbusy = 0;
2353 			new_mp = mp;
2354 			mounted_on_fileno = (uint64_t)dp->d_fileno;
2355 			if ((nd->nd_flag & ND_NFSV3) ||
2356 			    NFSNONZERO_ATTRBIT(&savbits)) {
2357 				if (nd->nd_flag & ND_NFSV4)
2358 					refp = nfsv4root_getreferral(NULL,
2359 					    vp, dp->d_fileno);
2360 				if (refp == NULL) {
2361 					if (usevget)
2362 						r = VFS_VGET(mp, dp->d_fileno,
2363 						    LK_SHARED, &nvp);
2364 					else
2365 						r = EOPNOTSUPP;
2366 					if (r == EOPNOTSUPP) {
2367 						if (usevget) {
2368 							usevget = 0;
2369 							cn.cn_nameiop = LOOKUP;
2370 							cn.cn_lkflags =
2371 							    LK_SHARED |
2372 							    LK_RETRY;
2373 							cn.cn_cred =
2374 							    nd->nd_cred;
2375 							cn.cn_thread = p;
2376 						}
2377 						cn.cn_nameptr = dp->d_name;
2378 						cn.cn_namelen = nlen;
2379 						cn.cn_flags = ISLASTCN |
2380 						    NOFOLLOW | LOCKLEAF;
2381 						if (nlen == 2 &&
2382 						    dp->d_name[0] == '.' &&
2383 						    dp->d_name[1] == '.')
2384 							cn.cn_flags |=
2385 							    ISDOTDOT;
2386 						if (NFSVOPLOCK(vp, LK_SHARED)
2387 						    != 0) {
2388 							nd->nd_repstat = EPERM;
2389 							break;
2390 						}
2391 						if ((vp->v_vflag & VV_ROOT) != 0
2392 						    && (cn.cn_flags & ISDOTDOT)
2393 						    != 0) {
2394 							vref(vp);
2395 							nvp = vp;
2396 							r = 0;
2397 						} else {
2398 							r = VOP_LOOKUP(vp, &nvp,
2399 							    &cn);
2400 							if (vp != nvp)
2401 								NFSVOPUNLOCK(vp,
2402 								    0);
2403 						}
2404 					}
2405 
2406 					/*
2407 					 * For NFSv4, check to see if nvp is
2408 					 * a mount point and get the mount
2409 					 * point vnode, as required.
2410 					 */
2411 					if (r == 0 &&
2412 					    nfsrv_enable_crossmntpt != 0 &&
2413 					    (nd->nd_flag & ND_NFSV4) != 0 &&
2414 					    nvp->v_type == VDIR &&
2415 					    nvp->v_mountedhere != NULL) {
2416 						new_mp = nvp->v_mountedhere;
2417 						r = vfs_busy(new_mp, 0);
2418 						vput(nvp);
2419 						nvp = NULL;
2420 						if (r == 0) {
2421 							r = VFS_ROOT(new_mp,
2422 							    LK_SHARED, &nvp);
2423 							needs_unbusy = 1;
2424 							if (r == 0)
2425 								at_root = 1;
2426 						}
2427 					}
2428 				}
2429 
2430 				/*
2431 				 * If we failed to look up the entry, then it
2432 				 * has become invalid, most likely removed.
2433 				 */
2434 				if (r != 0) {
2435 					if (needs_unbusy)
2436 						vfs_unbusy(new_mp);
2437 					goto invalid;
2438 				}
2439 				KASSERT(refp != NULL || nvp != NULL,
2440 				    ("%s: undetected lookup error", __func__));
2441 
2442 				if (refp == NULL &&
2443 				    ((nd->nd_flag & ND_NFSV3) ||
2444 				     NFSNONZERO_ATTRBIT(&attrbits))) {
2445 					r = nfsvno_getfh(nvp, &nfh, p);
2446 					if (!r)
2447 					    r = nfsvno_getattr(nvp, nvap, nd, p,
2448 						1, &attrbits);
2449 					if (r == 0 && is_zfs == 1 &&
2450 					    nfsrv_enable_crossmntpt != 0 &&
2451 					    (nd->nd_flag & ND_NFSV4) != 0 &&
2452 					    nvp->v_type == VDIR &&
2453 					    vp->v_mount != nvp->v_mount) {
2454 					    /*
2455 					     * For a ZFS snapshot, there is a
2456 					     * pseudo mount that does not set
2457 					     * v_mountedhere, so it needs to
2458 					     * be detected via a different
2459 					     * mount structure.
2460 					     */
2461 					    at_root = 1;
2462 					    if (new_mp == mp)
2463 						new_mp = nvp->v_mount;
2464 					}
2465 				}
2466 
2467 				/*
2468 				 * If we failed to get attributes of the entry,
2469 				 * then just skip it for NFSv3 (the traditional
2470 				 * behavior in the old NFS server).
2471 				 * For NFSv4 the behavior is controlled by
2472 				 * RDATTRERROR: we either ignore the error or
2473 				 * fail the request.
2474 				 * Note that RDATTRERROR is never set for NFSv3.
2475 				 */
2476 				if (r != 0) {
2477 					if (!NFSISSET_ATTRBIT(&attrbits,
2478 					    NFSATTRBIT_RDATTRERROR)) {
2479 						vput(nvp);
2480 						if (needs_unbusy != 0)
2481 							vfs_unbusy(new_mp);
2482 						if ((nd->nd_flag & ND_NFSV3))
2483 							goto invalid;
2484 						nd->nd_repstat = r;
2485 						break;
2486 					}
2487 				}
2488 			}
2489 
2490 			/*
2491 			 * Build the directory record xdr
2492 			 */
2493 			if (nd->nd_flag & ND_NFSV3) {
2494 				NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
2495 				*tl++ = newnfs_true;
2496 				txdr_hyper(dp->d_fileno, tl);
2497 				dirlen += nfsm_strtom(nd, dp->d_name, nlen);
2498 				NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2499 				txdr_hyper(*cookiep, tl);
2500 				nfsrv_postopattr(nd, 0, nvap);
2501 				dirlen += nfsm_fhtom(nd,(u_int8_t *)&nfh,0,1);
2502 				dirlen += (5*NFSX_UNSIGNED+NFSX_V3POSTOPATTR);
2503 				if (nvp != NULL)
2504 					vput(nvp);
2505 			} else {
2506 				NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
2507 				*tl++ = newnfs_true;
2508 				txdr_hyper(*cookiep, tl);
2509 				dirlen += nfsm_strtom(nd, dp->d_name, nlen);
2510 				if (nvp != NULL) {
2511 					supports_nfsv4acls =
2512 					    nfs_supportsnfsv4acls(nvp);
2513 					NFSVOPUNLOCK(nvp, 0);
2514 				} else
2515 					supports_nfsv4acls = 0;
2516 				if (refp != NULL) {
2517 					dirlen += nfsrv_putreferralattr(nd,
2518 					    &savbits, refp, 0,
2519 					    &nd->nd_repstat);
2520 					if (nd->nd_repstat) {
2521 						if (nvp != NULL)
2522 							vrele(nvp);
2523 						if (needs_unbusy != 0)
2524 							vfs_unbusy(new_mp);
2525 						break;
2526 					}
2527 				} else if (r) {
2528 					dirlen += nfsvno_fillattr(nd, new_mp,
2529 					    nvp, nvap, &nfh, r, &rderrbits,
2530 					    nd->nd_cred, p, isdgram, 0,
2531 					    supports_nfsv4acls, at_root,
2532 					    mounted_on_fileno);
2533 				} else {
2534 					dirlen += nfsvno_fillattr(nd, new_mp,
2535 					    nvp, nvap, &nfh, r, &attrbits,
2536 					    nd->nd_cred, p, isdgram, 0,
2537 					    supports_nfsv4acls, at_root,
2538 					    mounted_on_fileno);
2539 				}
2540 				if (nvp != NULL)
2541 					vrele(nvp);
2542 				dirlen += (3 * NFSX_UNSIGNED);
2543 			}
2544 			if (needs_unbusy != 0)
2545 				vfs_unbusy(new_mp);
2546 			if (dirlen <= cnt)
2547 				entrycnt++;
2548 		}
2549 invalid:
2550 		cpos += dp->d_reclen;
2551 		dp = (struct dirent *)cpos;
2552 		cookiep++;
2553 		ncookies--;
2554 	}
2555 	vrele(vp);
2556 	vfs_unbusy(mp);
2557 
2558 	/*
2559 	 * If dirlen > cnt, we must strip off the last entry. If that
2560 	 * results in an empty reply, report NFSERR_TOOSMALL.
2561 	 */
2562 	if (dirlen > cnt || nd->nd_repstat) {
2563 		if (!nd->nd_repstat && entrycnt == 0)
2564 			nd->nd_repstat = NFSERR_TOOSMALL;
2565 		if (nd->nd_repstat) {
2566 			newnfs_trimtrailing(nd, mb0, bpos0);
2567 			if (nd->nd_flag & ND_NFSV3)
2568 				nfsrv_postopattr(nd, getret, &at);
2569 		} else
2570 			newnfs_trimtrailing(nd, mb1, bpos1);
2571 		eofflag = 0;
2572 	} else if (cpos < cend)
2573 		eofflag = 0;
2574 	if (!nd->nd_repstat) {
2575 		NFSM_BUILD(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2576 		*tl++ = newnfs_false;
2577 		if (eofflag)
2578 			*tl = newnfs_true;
2579 		else
2580 			*tl = newnfs_false;
2581 	}
2582 	free(cookies, M_TEMP);
2583 	free(rbuf, M_TEMP);
2584 
2585 out:
2586 	NFSEXITCODE2(0, nd);
2587 	return (0);
2588 nfsmout:
2589 	vput(vp);
2590 	NFSEXITCODE2(error, nd);
2591 	return (error);
2592 }
2593 
2594 /*
2595  * Get the settable attributes out of the mbuf list.
2596  * (Return 0 or EBADRPC)
2597  */
2598 int
nfsrv_sattr(struct nfsrv_descript * nd,vnode_t vp,struct nfsvattr * nvap,nfsattrbit_t * attrbitp,NFSACL_T * aclp,struct thread * p)2599 nfsrv_sattr(struct nfsrv_descript *nd, vnode_t vp, struct nfsvattr *nvap,
2600     nfsattrbit_t *attrbitp, NFSACL_T *aclp, struct thread *p)
2601 {
2602 	u_int32_t *tl;
2603 	struct nfsv2_sattr *sp;
2604 	int error = 0, toclient = 0;
2605 
2606 	switch (nd->nd_flag & (ND_NFSV2 | ND_NFSV3 | ND_NFSV4)) {
2607 	case ND_NFSV2:
2608 		NFSM_DISSECT(sp, struct nfsv2_sattr *, NFSX_V2SATTR);
2609 		/*
2610 		 * Some old clients didn't fill in the high order 16bits.
2611 		 * --> check the low order 2 bytes for 0xffff
2612 		 */
2613 		if ((fxdr_unsigned(int, sp->sa_mode) & 0xffff) != 0xffff)
2614 			nvap->na_mode = nfstov_mode(sp->sa_mode);
2615 		if (sp->sa_uid != newnfs_xdrneg1)
2616 			nvap->na_uid = fxdr_unsigned(uid_t, sp->sa_uid);
2617 		if (sp->sa_gid != newnfs_xdrneg1)
2618 			nvap->na_gid = fxdr_unsigned(gid_t, sp->sa_gid);
2619 		if (sp->sa_size != newnfs_xdrneg1)
2620 			nvap->na_size = fxdr_unsigned(u_quad_t, sp->sa_size);
2621 		if (sp->sa_atime.nfsv2_sec != newnfs_xdrneg1) {
2622 #ifdef notyet
2623 			fxdr_nfsv2time(&sp->sa_atime, &nvap->na_atime);
2624 #else
2625 			nvap->na_atime.tv_sec =
2626 				fxdr_unsigned(u_int32_t,sp->sa_atime.nfsv2_sec);
2627 			nvap->na_atime.tv_nsec = 0;
2628 #endif
2629 		}
2630 		if (sp->sa_mtime.nfsv2_sec != newnfs_xdrneg1)
2631 			fxdr_nfsv2time(&sp->sa_mtime, &nvap->na_mtime);
2632 		break;
2633 	case ND_NFSV3:
2634 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2635 		if (*tl == newnfs_true) {
2636 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2637 			nvap->na_mode = nfstov_mode(*tl);
2638 		}
2639 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2640 		if (*tl == newnfs_true) {
2641 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2642 			nvap->na_uid = fxdr_unsigned(uid_t, *tl);
2643 		}
2644 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2645 		if (*tl == newnfs_true) {
2646 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2647 			nvap->na_gid = fxdr_unsigned(gid_t, *tl);
2648 		}
2649 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2650 		if (*tl == newnfs_true) {
2651 			NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2652 			nvap->na_size = fxdr_hyper(tl);
2653 		}
2654 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2655 		switch (fxdr_unsigned(int, *tl)) {
2656 		case NFSV3SATTRTIME_TOCLIENT:
2657 			NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2658 			fxdr_nfsv3time(tl, &nvap->na_atime);
2659 			toclient = 1;
2660 			break;
2661 		case NFSV3SATTRTIME_TOSERVER:
2662 			vfs_timestamp(&nvap->na_atime);
2663 			nvap->na_vaflags |= VA_UTIMES_NULL;
2664 			break;
2665 		}
2666 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2667 		switch (fxdr_unsigned(int, *tl)) {
2668 		case NFSV3SATTRTIME_TOCLIENT:
2669 			NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
2670 			fxdr_nfsv3time(tl, &nvap->na_mtime);
2671 			nvap->na_vaflags &= ~VA_UTIMES_NULL;
2672 			break;
2673 		case NFSV3SATTRTIME_TOSERVER:
2674 			vfs_timestamp(&nvap->na_mtime);
2675 			if (!toclient)
2676 				nvap->na_vaflags |= VA_UTIMES_NULL;
2677 			break;
2678 		}
2679 		break;
2680 	case ND_NFSV4:
2681 		error = nfsv4_sattr(nd, vp, nvap, attrbitp, aclp, p);
2682 	}
2683 nfsmout:
2684 	NFSEXITCODE2(error, nd);
2685 	return (error);
2686 }
2687 
2688 /*
2689  * Handle the setable attributes for V4.
2690  * Returns NFSERR_BADXDR if it can't be parsed, 0 otherwise.
2691  */
2692 int
nfsv4_sattr(struct nfsrv_descript * nd,vnode_t vp,struct nfsvattr * nvap,nfsattrbit_t * attrbitp,NFSACL_T * aclp,struct thread * p)2693 nfsv4_sattr(struct nfsrv_descript *nd, vnode_t vp, struct nfsvattr *nvap,
2694     nfsattrbit_t *attrbitp, NFSACL_T *aclp, struct thread *p)
2695 {
2696 	u_int32_t *tl;
2697 	int attrsum = 0;
2698 	int i, j;
2699 	int error, attrsize, bitpos, aclsize, aceerr, retnotsup = 0;
2700 	int moderet, toclient = 0;
2701 	u_char *cp, namestr[NFSV4_SMALLSTR + 1];
2702 	uid_t uid;
2703 	gid_t gid;
2704 	u_short mode, mask;		/* Same type as va_mode. */
2705 	struct vattr va;
2706 
2707 	error = nfsrv_getattrbits(nd, attrbitp, NULL, &retnotsup);
2708 	if (error)
2709 		goto nfsmout;
2710 	NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2711 	attrsize = fxdr_unsigned(int, *tl);
2712 
2713 	/*
2714 	 * Loop around getting the setable attributes. If an unsupported
2715 	 * one is found, set nd_repstat == NFSERR_ATTRNOTSUPP and return.
2716 	 */
2717 	if (retnotsup) {
2718 		nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2719 		bitpos = NFSATTRBIT_MAX;
2720 	} else {
2721 		bitpos = 0;
2722 	}
2723 	moderet = 0;
2724 	for (; bitpos < NFSATTRBIT_MAX; bitpos++) {
2725 	    if (attrsum > attrsize) {
2726 		error = NFSERR_BADXDR;
2727 		goto nfsmout;
2728 	    }
2729 	    if (NFSISSET_ATTRBIT(attrbitp, bitpos))
2730 		switch (bitpos) {
2731 		case NFSATTRBIT_SIZE:
2732 			NFSM_DISSECT(tl, u_int32_t *, NFSX_HYPER);
2733                      if (vp != NULL && vp->v_type != VREG) {
2734                             error = (vp->v_type == VDIR) ? NFSERR_ISDIR :
2735                                 NFSERR_INVAL;
2736                             goto nfsmout;
2737 			}
2738 			nvap->na_size = fxdr_hyper(tl);
2739 			attrsum += NFSX_HYPER;
2740 			break;
2741 		case NFSATTRBIT_ACL:
2742 			error = nfsrv_dissectacl(nd, aclp, &aceerr, &aclsize,
2743 			    p);
2744 			if (error)
2745 				goto nfsmout;
2746 			if (aceerr && !nd->nd_repstat)
2747 				nd->nd_repstat = aceerr;
2748 			attrsum += aclsize;
2749 			break;
2750 		case NFSATTRBIT_ARCHIVE:
2751 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2752 			if (!nd->nd_repstat)
2753 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2754 			attrsum += NFSX_UNSIGNED;
2755 			break;
2756 		case NFSATTRBIT_HIDDEN:
2757 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2758 			if (!nd->nd_repstat)
2759 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2760 			attrsum += NFSX_UNSIGNED;
2761 			break;
2762 		case NFSATTRBIT_MIMETYPE:
2763 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2764 			i = fxdr_unsigned(int, *tl);
2765 			error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
2766 			if (error)
2767 				goto nfsmout;
2768 			if (!nd->nd_repstat)
2769 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2770 			attrsum += (NFSX_UNSIGNED + NFSM_RNDUP(i));
2771 			break;
2772 		case NFSATTRBIT_MODE:
2773 			moderet = NFSERR_INVAL;	/* Can't do MODESETMASKED. */
2774 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2775 			nvap->na_mode = nfstov_mode(*tl);
2776 			attrsum += NFSX_UNSIGNED;
2777 			break;
2778 		case NFSATTRBIT_OWNER:
2779 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2780 			j = fxdr_unsigned(int, *tl);
2781 			if (j < 0) {
2782 				error = NFSERR_BADXDR;
2783 				goto nfsmout;
2784 			}
2785 			if (j > NFSV4_SMALLSTR)
2786 				cp = malloc(j + 1, M_NFSSTRING, M_WAITOK);
2787 			else
2788 				cp = namestr;
2789 			error = nfsrv_mtostr(nd, cp, j);
2790 			if (error) {
2791 				if (j > NFSV4_SMALLSTR)
2792 					free(cp, M_NFSSTRING);
2793 				goto nfsmout;
2794 			}
2795 			if (!nd->nd_repstat) {
2796 				nd->nd_repstat = nfsv4_strtouid(nd, cp, j, &uid,
2797 				    p);
2798 				if (!nd->nd_repstat)
2799 					nvap->na_uid = uid;
2800 			}
2801 			if (j > NFSV4_SMALLSTR)
2802 				free(cp, M_NFSSTRING);
2803 			attrsum += (NFSX_UNSIGNED + NFSM_RNDUP(j));
2804 			break;
2805 		case NFSATTRBIT_OWNERGROUP:
2806 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2807 			j = fxdr_unsigned(int, *tl);
2808 			if (j < 0) {
2809 				error = NFSERR_BADXDR;
2810 				goto nfsmout;
2811 			}
2812 			if (j > NFSV4_SMALLSTR)
2813 				cp = malloc(j + 1, M_NFSSTRING, M_WAITOK);
2814 			else
2815 				cp = namestr;
2816 			error = nfsrv_mtostr(nd, cp, j);
2817 			if (error) {
2818 				if (j > NFSV4_SMALLSTR)
2819 					free(cp, M_NFSSTRING);
2820 				goto nfsmout;
2821 			}
2822 			if (!nd->nd_repstat) {
2823 				nd->nd_repstat = nfsv4_strtogid(nd, cp, j, &gid,
2824 				    p);
2825 				if (!nd->nd_repstat)
2826 					nvap->na_gid = gid;
2827 			}
2828 			if (j > NFSV4_SMALLSTR)
2829 				free(cp, M_NFSSTRING);
2830 			attrsum += (NFSX_UNSIGNED + NFSM_RNDUP(j));
2831 			break;
2832 		case NFSATTRBIT_SYSTEM:
2833 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2834 			if (!nd->nd_repstat)
2835 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2836 			attrsum += NFSX_UNSIGNED;
2837 			break;
2838 		case NFSATTRBIT_TIMEACCESSSET:
2839 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2840 			attrsum += NFSX_UNSIGNED;
2841 			if (fxdr_unsigned(int, *tl)==NFSV4SATTRTIME_TOCLIENT) {
2842 			    NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
2843 			    fxdr_nfsv4time(tl, &nvap->na_atime);
2844 			    toclient = 1;
2845 			    attrsum += NFSX_V4TIME;
2846 			} else {
2847 			    vfs_timestamp(&nvap->na_atime);
2848 			    nvap->na_vaflags |= VA_UTIMES_NULL;
2849 			}
2850 			break;
2851 		case NFSATTRBIT_TIMEBACKUP:
2852 			NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
2853 			if (!nd->nd_repstat)
2854 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2855 			attrsum += NFSX_V4TIME;
2856 			break;
2857 		case NFSATTRBIT_TIMECREATE:
2858 			NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
2859 			if (!nd->nd_repstat)
2860 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2861 			attrsum += NFSX_V4TIME;
2862 			break;
2863 		case NFSATTRBIT_TIMEMODIFYSET:
2864 			NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
2865 			attrsum += NFSX_UNSIGNED;
2866 			if (fxdr_unsigned(int, *tl)==NFSV4SATTRTIME_TOCLIENT) {
2867 			    NFSM_DISSECT(tl, u_int32_t *, NFSX_V4TIME);
2868 			    fxdr_nfsv4time(tl, &nvap->na_mtime);
2869 			    nvap->na_vaflags &= ~VA_UTIMES_NULL;
2870 			    attrsum += NFSX_V4TIME;
2871 			} else {
2872 			    vfs_timestamp(&nvap->na_mtime);
2873 			    if (!toclient)
2874 				nvap->na_vaflags |= VA_UTIMES_NULL;
2875 			}
2876 			break;
2877 		case NFSATTRBIT_MODESETMASKED:
2878 			NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
2879 			mode = fxdr_unsigned(u_short, *tl++);
2880 			mask = fxdr_unsigned(u_short, *tl);
2881 			/*
2882 			 * vp == NULL implies an Open/Create operation.
2883 			 * This attribute can only be used for Setattr and
2884 			 * only for NFSv4.1 or higher.
2885 			 * If moderet != 0, a mode attribute has also been
2886 			 * specified and this attribute cannot be done in the
2887 			 * same Setattr operation.
2888 			 */
2889 			if ((nd->nd_flag & ND_NFSV41) == 0)
2890 				nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2891 			else if ((mode & ~07777) != 0 || (mask & ~07777) != 0 ||
2892 			    vp == NULL)
2893 				nd->nd_repstat = NFSERR_INVAL;
2894 			else if (moderet == 0)
2895 				moderet = VOP_GETATTR(vp, &va, nd->nd_cred);
2896 			if (moderet == 0)
2897 				nvap->na_mode = (mode & mask) |
2898 				    (va.va_mode & ~mask);
2899 			else
2900 				nd->nd_repstat = moderet;
2901 			attrsum += 2 * NFSX_UNSIGNED;
2902 			break;
2903 		default:
2904 			nd->nd_repstat = NFSERR_ATTRNOTSUPP;
2905 			/*
2906 			 * set bitpos so we drop out of the loop.
2907 			 */
2908 			bitpos = NFSATTRBIT_MAX;
2909 			break;
2910 		}
2911 	}
2912 
2913 	/*
2914 	 * some clients pad the attrlist, so we need to skip over the
2915 	 * padding.
2916 	 */
2917 	if (attrsum > attrsize) {
2918 		error = NFSERR_BADXDR;
2919 	} else {
2920 		attrsize = NFSM_RNDUP(attrsize);
2921 		if (attrsum < attrsize)
2922 			error = nfsm_advance(nd, attrsize - attrsum, -1);
2923 	}
2924 nfsmout:
2925 	NFSEXITCODE2(error, nd);
2926 	return (error);
2927 }
2928 
2929 /*
2930  * Check/setup export credentials.
2931  */
2932 int
nfsd_excred(struct nfsrv_descript * nd,struct nfsexstuff * exp,struct ucred * credanon)2933 nfsd_excred(struct nfsrv_descript *nd, struct nfsexstuff *exp,
2934     struct ucred *credanon)
2935 {
2936 	int error = 0;
2937 
2938 	/*
2939 	 * Check/setup credentials.
2940 	 */
2941 	if (nd->nd_flag & ND_GSS)
2942 		exp->nes_exflag &= ~MNT_EXPORTANON;
2943 
2944 	/*
2945 	 * Check to see if the operation is allowed for this security flavor.
2946 	 * RFC2623 suggests that the NFSv3 Fsinfo RPC be allowed to
2947 	 * AUTH_NONE or AUTH_SYS for file systems requiring RPCSEC_GSS.
2948 	 * Also, allow Secinfo, so that it can acquire the correct flavor(s).
2949 	 */
2950 	if (nfsvno_testexp(nd, exp) &&
2951 	    nd->nd_procnum != NFSV4OP_SECINFO &&
2952 	    nd->nd_procnum != NFSPROC_FSINFO) {
2953 		if (nd->nd_flag & ND_NFSV4)
2954 			error = NFSERR_WRONGSEC;
2955 		else
2956 			error = (NFSERR_AUTHERR | AUTH_TOOWEAK);
2957 		goto out;
2958 	}
2959 
2960 	/*
2961 	 * Check to see if the file system is exported V4 only.
2962 	 */
2963 	if (NFSVNO_EXV4ONLY(exp) && !(nd->nd_flag & ND_NFSV4)) {
2964 		error = NFSERR_PROGNOTV4;
2965 		goto out;
2966 	}
2967 
2968 	/*
2969 	 * Now, map the user credentials.
2970 	 * (Note that ND_AUTHNONE will only be set for an NFSv3
2971 	 *  Fsinfo RPC. If set for anything else, this code might need
2972 	 *  to change.)
2973 	 */
2974 	if (NFSVNO_EXPORTED(exp)) {
2975 		if (((nd->nd_flag & ND_GSS) == 0 && nd->nd_cred->cr_uid == 0) ||
2976 		     NFSVNO_EXPORTANON(exp) ||
2977 		     (nd->nd_flag & ND_AUTHNONE) != 0) {
2978 			nd->nd_cred->cr_uid = credanon->cr_uid;
2979 			nd->nd_cred->cr_gid = credanon->cr_gid;
2980 			crsetgroups(nd->nd_cred, credanon->cr_ngroups,
2981 			    credanon->cr_groups);
2982 		} else if ((nd->nd_flag & ND_GSS) == 0) {
2983 			/*
2984 			 * If using AUTH_SYS, call nfsrv_getgrpscred() to see
2985 			 * if there is a replacement credential with a group
2986 			 * list set up by "nfsuserd -manage-gids".
2987 			 * If there is no replacement, nfsrv_getgrpscred()
2988 			 * simply returns its argument.
2989 			 */
2990 			nd->nd_cred = nfsrv_getgrpscred(nd->nd_cred);
2991 		}
2992 	}
2993 
2994 out:
2995 	NFSEXITCODE2(error, nd);
2996 	return (error);
2997 }
2998 
2999 /*
3000  * Check exports.
3001  */
3002 int
nfsvno_checkexp(struct mount * mp,struct sockaddr * nam,struct nfsexstuff * exp,struct ucred ** credp)3003 nfsvno_checkexp(struct mount *mp, struct sockaddr *nam, struct nfsexstuff *exp,
3004     struct ucred **credp)
3005 {
3006 	int i, error, *secflavors;
3007 
3008 	error = VFS_CHECKEXP(mp, nam, &exp->nes_exflag, credp,
3009 	    &exp->nes_numsecflavor, &secflavors);
3010 	if (error) {
3011 		if (nfs_rootfhset) {
3012 			exp->nes_exflag = 0;
3013 			exp->nes_numsecflavor = 0;
3014 			error = 0;
3015 		}
3016 	} else if (exp->nes_numsecflavor < 1 || exp->nes_numsecflavor >
3017 	    MAXSECFLAVORS) {
3018 		printf("nfsvno_checkexp: numsecflavors out of range\n");
3019 		exp->nes_numsecflavor = 0;
3020 		error = EACCES;
3021 	} else {
3022 		/* Copy the security flavors. */
3023 		for (i = 0; i < exp->nes_numsecflavor; i++)
3024 			exp->nes_secflavors[i] = secflavors[i];
3025 	}
3026 	NFSEXITCODE(error);
3027 	return (error);
3028 }
3029 
3030 /*
3031  * Get a vnode for a file handle and export stuff.
3032  */
3033 int
nfsvno_fhtovp(struct mount * mp,fhandle_t * fhp,struct sockaddr * nam,int lktype,struct vnode ** vpp,struct nfsexstuff * exp,struct ucred ** credp)3034 nfsvno_fhtovp(struct mount *mp, fhandle_t *fhp, struct sockaddr *nam,
3035     int lktype, struct vnode **vpp, struct nfsexstuff *exp,
3036     struct ucred **credp)
3037 {
3038 	int i, error, *secflavors;
3039 
3040 	*credp = NULL;
3041 	exp->nes_numsecflavor = 0;
3042 	error = VFS_FHTOVP(mp, &fhp->fh_fid, lktype, vpp);
3043 	if (error != 0)
3044 		/* Make sure the server replies ESTALE to the client. */
3045 		error = ESTALE;
3046 	if (nam && !error) {
3047 		error = VFS_CHECKEXP(mp, nam, &exp->nes_exflag, credp,
3048 		    &exp->nes_numsecflavor, &secflavors);
3049 		if (error) {
3050 			if (nfs_rootfhset) {
3051 				exp->nes_exflag = 0;
3052 				exp->nes_numsecflavor = 0;
3053 				error = 0;
3054 			} else {
3055 				vput(*vpp);
3056 			}
3057 		} else if (exp->nes_numsecflavor < 1 || exp->nes_numsecflavor >
3058 		    MAXSECFLAVORS) {
3059 			printf("nfsvno_fhtovp: numsecflavors out of range\n");
3060 			exp->nes_numsecflavor = 0;
3061 			error = EACCES;
3062 			vput(*vpp);
3063 		} else {
3064 			/* Copy the security flavors. */
3065 			for (i = 0; i < exp->nes_numsecflavor; i++)
3066 				exp->nes_secflavors[i] = secflavors[i];
3067 		}
3068 	}
3069 	NFSEXITCODE(error);
3070 	return (error);
3071 }
3072 
3073 /*
3074  * nfsd_fhtovp() - convert a fh to a vnode ptr
3075  * 	- look up fsid in mount list (if not found ret error)
3076  *	- get vp and export rights by calling nfsvno_fhtovp()
3077  *	- if cred->cr_uid == 0 or MNT_EXPORTANON set it to credanon
3078  *	  for AUTH_SYS
3079  *	- if mpp != NULL, return the mount point so that it can
3080  *	  be used for vn_finished_write() by the caller
3081  */
3082 void
nfsd_fhtovp(struct nfsrv_descript * nd,struct nfsrvfh * nfp,int lktype,struct vnode ** vpp,struct nfsexstuff * exp,struct mount ** mpp,int startwrite,struct thread * p)3083 nfsd_fhtovp(struct nfsrv_descript *nd, struct nfsrvfh *nfp, int lktype,
3084     struct vnode **vpp, struct nfsexstuff *exp,
3085     struct mount **mpp, int startwrite, struct thread *p)
3086 {
3087 	struct mount *mp, *mpw;
3088 	struct ucred *credanon;
3089 	fhandle_t *fhp;
3090 	int error;
3091 
3092 	if (mpp != NULL)
3093 		*mpp = NULL;
3094 	*vpp = NULL;
3095 	fhp = (fhandle_t *)nfp->nfsrvfh_data;
3096 	mp = vfs_busyfs(&fhp->fh_fsid);
3097 	if (mp == NULL) {
3098 		nd->nd_repstat = ESTALE;
3099 		goto out;
3100 	}
3101 
3102 	if (startwrite) {
3103 		mpw = mp;
3104 		error = vn_start_write(NULL, &mpw, V_WAIT);
3105 		if (error != 0) {
3106 			mpw = NULL;
3107 			vfs_unbusy(mp);
3108 			nd->nd_repstat = ESTALE;
3109 			goto out;
3110 		}
3111 		if (lktype == LK_SHARED && !(MNT_SHARED_WRITES(mp)))
3112 			lktype = LK_EXCLUSIVE;
3113 	} else
3114 		mpw = NULL;
3115 
3116 	nd->nd_repstat = nfsvno_fhtovp(mp, fhp, nd->nd_nam, lktype, vpp, exp,
3117 	    &credanon);
3118 	vfs_unbusy(mp);
3119 
3120 	/*
3121 	 * For NFSv4 without a pseudo root fs, unexported file handles
3122 	 * can be returned, so that Lookup works everywhere.
3123 	 */
3124 	if (!nd->nd_repstat && exp->nes_exflag == 0 &&
3125 	    !(nd->nd_flag & ND_NFSV4)) {
3126 		vput(*vpp);
3127 		*vpp = NULL;
3128 		nd->nd_repstat = EACCES;
3129 	}
3130 
3131 	/*
3132 	 * Personally, I've never seen any point in requiring a
3133 	 * reserved port#, since only in the rare case where the
3134 	 * clients are all boxes with secure system privileges,
3135 	 * does it provide any enhanced security, but... some people
3136 	 * believe it to be useful and keep putting this code back in.
3137 	 * (There is also some "security checker" out there that
3138 	 *  complains if the nfs server doesn't enforce this.)
3139 	 * However, note the following:
3140 	 * RFC3530 (NFSv4) specifies that a reserved port# not be
3141 	 *	required.
3142 	 * RFC2623 recommends that, if a reserved port# is checked for,
3143 	 *	that there be a way to turn that off--> ifdef'd.
3144 	 */
3145 #ifdef NFS_REQRSVPORT
3146 	if (!nd->nd_repstat) {
3147 		struct sockaddr_in *saddr;
3148 		struct sockaddr_in6 *saddr6;
3149 
3150 		saddr = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in *);
3151 		saddr6 = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in6 *);
3152 		if (!(nd->nd_flag & ND_NFSV4) &&
3153 		    ((saddr->sin_family == AF_INET &&
3154 		      ntohs(saddr->sin_port) >= IPPORT_RESERVED) ||
3155 		     (saddr6->sin6_family == AF_INET6 &&
3156 		      ntohs(saddr6->sin6_port) >= IPPORT_RESERVED))) {
3157 			vput(*vpp);
3158 			nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK);
3159 		}
3160 	}
3161 #endif	/* NFS_REQRSVPORT */
3162 
3163 	/*
3164 	 * Check/setup credentials.
3165 	 */
3166 	if (!nd->nd_repstat) {
3167 		nd->nd_saveduid = nd->nd_cred->cr_uid;
3168 		nd->nd_repstat = nfsd_excred(nd, exp, credanon);
3169 		if (nd->nd_repstat)
3170 			vput(*vpp);
3171 	}
3172 	if (credanon != NULL)
3173 		crfree(credanon);
3174 	if (nd->nd_repstat) {
3175 		vn_finished_write(mpw);
3176 		*vpp = NULL;
3177 	} else if (mpp != NULL) {
3178 		*mpp = mpw;
3179 	}
3180 
3181 out:
3182 	NFSEXITCODE2(0, nd);
3183 }
3184 
3185 /*
3186  * glue for fp.
3187  */
3188 static int
fp_getfvp(struct thread * p,int fd,struct file ** fpp,struct vnode ** vpp)3189 fp_getfvp(struct thread *p, int fd, struct file **fpp, struct vnode **vpp)
3190 {
3191 	struct filedesc *fdp;
3192 	struct file *fp;
3193 	int error = 0;
3194 
3195 	fdp = p->td_proc->p_fd;
3196 	if (fd < 0 || fd >= fdp->fd_nfiles ||
3197 	    (fp = fdp->fd_ofiles[fd].fde_file) == NULL) {
3198 		error = EBADF;
3199 		goto out;
3200 	}
3201 	*fpp = fp;
3202 
3203 out:
3204 	NFSEXITCODE(error);
3205 	return (error);
3206 }
3207 
3208 /*
3209  * Called from nfssvc() to update the exports list. Just call
3210  * vfs_export(). This has to be done, since the v4 root fake fs isn't
3211  * in the mount list.
3212  */
3213 int
nfsrv_v4rootexport(void * argp,struct ucred * cred,struct thread * p)3214 nfsrv_v4rootexport(void *argp, struct ucred *cred, struct thread *p)
3215 {
3216 	struct nfsex_args *nfsexargp = (struct nfsex_args *)argp;
3217 	int error = 0;
3218 	struct nameidata nd;
3219 	fhandle_t fh;
3220 
3221 	error = vfs_export(&nfsv4root_mnt, &nfsexargp->export);
3222 	if ((nfsexargp->export.ex_flags & MNT_DELEXPORT) != 0)
3223 		nfs_rootfhset = 0;
3224 	else if (error == 0) {
3225 		if (nfsexargp->fspec == NULL) {
3226 			error = EPERM;
3227 			goto out;
3228 		}
3229 		/*
3230 		 * If fspec != NULL, this is the v4root path.
3231 		 */
3232 		NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE,
3233 		    nfsexargp->fspec, p);
3234 		if ((error = namei(&nd)) != 0)
3235 			goto out;
3236 		error = nfsvno_getfh(nd.ni_vp, &fh, p);
3237 		vrele(nd.ni_vp);
3238 		if (!error) {
3239 			nfs_rootfh.nfsrvfh_len = NFSX_MYFH;
3240 			NFSBCOPY((caddr_t)&fh,
3241 			    nfs_rootfh.nfsrvfh_data,
3242 			    sizeof (fhandle_t));
3243 			nfs_rootfhset = 1;
3244 		}
3245 	}
3246 
3247 out:
3248 	NFSEXITCODE(error);
3249 	return (error);
3250 }
3251 
3252 /*
3253  * This function needs to test to see if the system is near its limit
3254  * for memory allocation via malloc() or mget() and return True iff
3255  * either of these resources are near their limit.
3256  * XXX (For now, this is just a stub.)
3257  */
3258 int nfsrv_testmalloclimit = 0;
3259 int
nfsrv_mallocmget_limit(void)3260 nfsrv_mallocmget_limit(void)
3261 {
3262 	static int printmesg = 0;
3263 	static int testval = 1;
3264 
3265 	if (nfsrv_testmalloclimit && (testval++ % 1000) == 0) {
3266 		if ((printmesg++ % 100) == 0)
3267 			printf("nfsd: malloc/mget near limit\n");
3268 		return (1);
3269 	}
3270 	return (0);
3271 }
3272 
3273 /*
3274  * BSD specific initialization of a mount point.
3275  */
3276 void
nfsd_mntinit(void)3277 nfsd_mntinit(void)
3278 {
3279 	static int inited = 0;
3280 
3281 	if (inited)
3282 		return;
3283 	inited = 1;
3284 	nfsv4root_mnt.mnt_flag = (MNT_RDONLY | MNT_EXPORTED);
3285 	TAILQ_INIT(&nfsv4root_mnt.mnt_nvnodelist);
3286 	TAILQ_INIT(&nfsv4root_mnt.mnt_activevnodelist);
3287 	nfsv4root_mnt.mnt_export = NULL;
3288 	TAILQ_INIT(&nfsv4root_opt);
3289 	TAILQ_INIT(&nfsv4root_newopt);
3290 	nfsv4root_mnt.mnt_opt = &nfsv4root_opt;
3291 	nfsv4root_mnt.mnt_optnew = &nfsv4root_newopt;
3292 	nfsv4root_mnt.mnt_nvnodelistsize = 0;
3293 	nfsv4root_mnt.mnt_activevnodelistsize = 0;
3294 }
3295 
3296 /*
3297  * Get a vnode for a file handle, without checking exports, etc.
3298  */
3299 struct vnode *
nfsvno_getvp(fhandle_t * fhp)3300 nfsvno_getvp(fhandle_t *fhp)
3301 {
3302 	struct mount *mp;
3303 	struct vnode *vp;
3304 	int error;
3305 
3306 	mp = vfs_busyfs(&fhp->fh_fsid);
3307 	if (mp == NULL)
3308 		return (NULL);
3309 	error = VFS_FHTOVP(mp, &fhp->fh_fid, LK_EXCLUSIVE, &vp);
3310 	vfs_unbusy(mp);
3311 	if (error)
3312 		return (NULL);
3313 	return (vp);
3314 }
3315 
3316 /*
3317  * Do a local VOP_ADVLOCK().
3318  */
3319 int
nfsvno_advlock(struct vnode * vp,int ftype,u_int64_t first,u_int64_t end,struct thread * td)3320 nfsvno_advlock(struct vnode *vp, int ftype, u_int64_t first,
3321     u_int64_t end, struct thread *td)
3322 {
3323 	int error = 0;
3324 	struct flock fl;
3325 	u_int64_t tlen;
3326 
3327 	if (nfsrv_dolocallocks == 0)
3328 		goto out;
3329 	ASSERT_VOP_UNLOCKED(vp, "nfsvno_advlock: vp locked");
3330 
3331 	fl.l_whence = SEEK_SET;
3332 	fl.l_type = ftype;
3333 	fl.l_start = (off_t)first;
3334 	if (end == NFS64BITSSET) {
3335 		fl.l_len = 0;
3336 	} else {
3337 		tlen = end - first;
3338 		fl.l_len = (off_t)tlen;
3339 	}
3340 	/*
3341 	 * For FreeBSD8, the l_pid and l_sysid must be set to the same
3342 	 * values for all calls, so that all locks will be held by the
3343 	 * nfsd server. (The nfsd server handles conflicts between the
3344 	 * various clients.)
3345 	 * Since an NFSv4 lockowner is a ClientID plus an array of up to 1024
3346 	 * bytes, so it can't be put in l_sysid.
3347 	 */
3348 	if (nfsv4_sysid == 0)
3349 		nfsv4_sysid = nlm_acquire_next_sysid();
3350 	fl.l_pid = (pid_t)0;
3351 	fl.l_sysid = (int)nfsv4_sysid;
3352 
3353 	if (ftype == F_UNLCK)
3354 		error = VOP_ADVLOCK(vp, (caddr_t)td->td_proc, F_UNLCK, &fl,
3355 		    (F_POSIX | F_REMOTE));
3356 	else
3357 		error = VOP_ADVLOCK(vp, (caddr_t)td->td_proc, F_SETLK, &fl,
3358 		    (F_POSIX | F_REMOTE));
3359 
3360 out:
3361 	NFSEXITCODE(error);
3362 	return (error);
3363 }
3364 
3365 /*
3366  * Check the nfsv4 root exports.
3367  */
3368 int
nfsvno_v4rootexport(struct nfsrv_descript * nd)3369 nfsvno_v4rootexport(struct nfsrv_descript *nd)
3370 {
3371 	struct ucred *credanon;
3372 	int exflags, error = 0, numsecflavor, *secflavors, i;
3373 
3374 	error = vfs_stdcheckexp(&nfsv4root_mnt, nd->nd_nam, &exflags,
3375 	    &credanon, &numsecflavor, &secflavors);
3376 	if (error) {
3377 		error = NFSERR_PROGUNAVAIL;
3378 		goto out;
3379 	}
3380 	if (credanon != NULL)
3381 		crfree(credanon);
3382 	for (i = 0; i < numsecflavor; i++) {
3383 		if (secflavors[i] == AUTH_SYS)
3384 			nd->nd_flag |= ND_EXAUTHSYS;
3385 		else if (secflavors[i] == RPCSEC_GSS_KRB5)
3386 			nd->nd_flag |= ND_EXGSS;
3387 		else if (secflavors[i] == RPCSEC_GSS_KRB5I)
3388 			nd->nd_flag |= ND_EXGSSINTEGRITY;
3389 		else if (secflavors[i] == RPCSEC_GSS_KRB5P)
3390 			nd->nd_flag |= ND_EXGSSPRIVACY;
3391 	}
3392 
3393 out:
3394 	NFSEXITCODE(error);
3395 	return (error);
3396 }
3397 
3398 /*
3399  * Nfs server pseudo system call for the nfsd's
3400  */
3401 /*
3402  * MPSAFE
3403  */
3404 static int
nfssvc_nfsd(struct thread * td,struct nfssvc_args * uap)3405 nfssvc_nfsd(struct thread *td, struct nfssvc_args *uap)
3406 {
3407 	struct file *fp;
3408 	struct nfsd_addsock_args sockarg;
3409 	struct nfsd_nfsd_args nfsdarg;
3410 	struct nfsd_nfsd_oargs onfsdarg;
3411 	struct nfsd_pnfsd_args pnfsdarg;
3412 	struct vnode *vp, *nvp, *curdvp;
3413 	struct pnfsdsfile *pf;
3414 	struct nfsdevice *ds, *fds;
3415 	cap_rights_t rights;
3416 	int buflen, error, ret;
3417 	char *buf, *cp, *cp2, *cp3;
3418 	char fname[PNFS_FILENAME_LEN + 1];
3419 
3420 	if (uap->flag & NFSSVC_NFSDADDSOCK) {
3421 		error = copyin(uap->argp, (caddr_t)&sockarg, sizeof (sockarg));
3422 		if (error)
3423 			goto out;
3424 		/*
3425 		 * Since we don't know what rights might be required,
3426 		 * pretend that we need them all. It is better to be too
3427 		 * careful than too reckless.
3428 		 */
3429 		error = fget(td, sockarg.sock,
3430 		    cap_rights_init(&rights, CAP_SOCK_SERVER), &fp);
3431 		if (error != 0)
3432 			goto out;
3433 		if (fp->f_type != DTYPE_SOCKET) {
3434 			fdrop(fp, td);
3435 			error = EPERM;
3436 			goto out;
3437 		}
3438 		error = nfsrvd_addsock(fp);
3439 		fdrop(fp, td);
3440 	} else if (uap->flag & NFSSVC_NFSDNFSD) {
3441 		if (uap->argp == NULL) {
3442 			error = EINVAL;
3443 			goto out;
3444 		}
3445 		if ((uap->flag & NFSSVC_NEWSTRUCT) == 0) {
3446 			error = copyin(uap->argp, &onfsdarg, sizeof(onfsdarg));
3447 			if (error == 0) {
3448 				nfsdarg.principal = onfsdarg.principal;
3449 				nfsdarg.minthreads = onfsdarg.minthreads;
3450 				nfsdarg.maxthreads = onfsdarg.maxthreads;
3451 				nfsdarg.version = 1;
3452 				nfsdarg.addr = NULL;
3453 				nfsdarg.addrlen = 0;
3454 				nfsdarg.dnshost = NULL;
3455 				nfsdarg.dnshostlen = 0;
3456 				nfsdarg.dspath = NULL;
3457 				nfsdarg.dspathlen = 0;
3458 				nfsdarg.mdspath = NULL;
3459 				nfsdarg.mdspathlen = 0;
3460 				nfsdarg.mirrorcnt = 1;
3461 			}
3462 		} else
3463 			error = copyin(uap->argp, &nfsdarg, sizeof(nfsdarg));
3464 		if (error)
3465 			goto out;
3466 		if (nfsdarg.addrlen > 0 && nfsdarg.addrlen < 10000 &&
3467 		    nfsdarg.dnshostlen > 0 && nfsdarg.dnshostlen < 10000 &&
3468 		    nfsdarg.dspathlen > 0 && nfsdarg.dspathlen < 10000 &&
3469 		    nfsdarg.mdspathlen > 0 && nfsdarg.mdspathlen < 10000 &&
3470 		    nfsdarg.mirrorcnt >= 1 &&
3471 		    nfsdarg.mirrorcnt <= NFSDEV_MAXMIRRORS &&
3472 		    nfsdarg.addr != NULL && nfsdarg.dnshost != NULL &&
3473 		    nfsdarg.dspath != NULL && nfsdarg.mdspath != NULL) {
3474 			NFSD_DEBUG(1, "addrlen=%d dspathlen=%d dnslen=%d"
3475 			    " mdspathlen=%d mirrorcnt=%d\n", nfsdarg.addrlen,
3476 			    nfsdarg.dspathlen, nfsdarg.dnshostlen,
3477 			    nfsdarg.mdspathlen, nfsdarg.mirrorcnt);
3478 			cp = malloc(nfsdarg.addrlen + 1, M_TEMP, M_WAITOK);
3479 			error = copyin(nfsdarg.addr, cp, nfsdarg.addrlen);
3480 			if (error != 0) {
3481 				free(cp, M_TEMP);
3482 				goto out;
3483 			}
3484 			cp[nfsdarg.addrlen] = '\0';	/* Ensure nul term. */
3485 			nfsdarg.addr = cp;
3486 			cp = malloc(nfsdarg.dnshostlen + 1, M_TEMP, M_WAITOK);
3487 			error = copyin(nfsdarg.dnshost, cp, nfsdarg.dnshostlen);
3488 			if (error != 0) {
3489 				free(nfsdarg.addr, M_TEMP);
3490 				free(cp, M_TEMP);
3491 				goto out;
3492 			}
3493 			cp[nfsdarg.dnshostlen] = '\0';	/* Ensure nul term. */
3494 			nfsdarg.dnshost = cp;
3495 			cp = malloc(nfsdarg.dspathlen + 1, M_TEMP, M_WAITOK);
3496 			error = copyin(nfsdarg.dspath, cp, nfsdarg.dspathlen);
3497 			if (error != 0) {
3498 				free(nfsdarg.addr, M_TEMP);
3499 				free(nfsdarg.dnshost, M_TEMP);
3500 				free(cp, M_TEMP);
3501 				goto out;
3502 			}
3503 			cp[nfsdarg.dspathlen] = '\0';	/* Ensure nul term. */
3504 			nfsdarg.dspath = cp;
3505 			cp = malloc(nfsdarg.mdspathlen + 1, M_TEMP, M_WAITOK);
3506 			error = copyin(nfsdarg.mdspath, cp, nfsdarg.mdspathlen);
3507 			if (error != 0) {
3508 				free(nfsdarg.addr, M_TEMP);
3509 				free(nfsdarg.dnshost, M_TEMP);
3510 				free(nfsdarg.dspath, M_TEMP);
3511 				free(cp, M_TEMP);
3512 				goto out;
3513 			}
3514 			cp[nfsdarg.mdspathlen] = '\0';	/* Ensure nul term. */
3515 			nfsdarg.mdspath = cp;
3516 		} else {
3517 			nfsdarg.addr = NULL;
3518 			nfsdarg.addrlen = 0;
3519 			nfsdarg.dnshost = NULL;
3520 			nfsdarg.dnshostlen = 0;
3521 			nfsdarg.dspath = NULL;
3522 			nfsdarg.dspathlen = 0;
3523 			nfsdarg.mdspath = NULL;
3524 			nfsdarg.mdspathlen = 0;
3525 			nfsdarg.mirrorcnt = 1;
3526 		}
3527 		error = nfsrvd_nfsd(td, &nfsdarg);
3528 		free(nfsdarg.addr, M_TEMP);
3529 		free(nfsdarg.dnshost, M_TEMP);
3530 		free(nfsdarg.dspath, M_TEMP);
3531 		free(nfsdarg.mdspath, M_TEMP);
3532 	} else if (uap->flag & NFSSVC_PNFSDS) {
3533 		error = copyin(uap->argp, &pnfsdarg, sizeof(pnfsdarg));
3534 		if (error == 0 && (pnfsdarg.op == PNFSDOP_DELDSSERVER ||
3535 		    pnfsdarg.op == PNFSDOP_FORCEDELDS)) {
3536 			cp = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
3537 			error = copyinstr(pnfsdarg.dspath, cp, PATH_MAX + 1,
3538 			    NULL);
3539 			if (error == 0)
3540 				error = nfsrv_deldsserver(pnfsdarg.op, cp, td);
3541 			free(cp, M_TEMP);
3542 		} else if (error == 0 && pnfsdarg.op == PNFSDOP_COPYMR) {
3543 			cp = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
3544 			buflen = sizeof(*pf) * NFSDEV_MAXMIRRORS;
3545 			buf = malloc(buflen, M_TEMP, M_WAITOK);
3546 			error = copyinstr(pnfsdarg.mdspath, cp, PATH_MAX + 1,
3547 			    NULL);
3548 			NFSD_DEBUG(4, "pnfsdcopymr cp mdspath=%d\n", error);
3549 			if (error == 0 && pnfsdarg.dspath != NULL) {
3550 				cp2 = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
3551 				error = copyinstr(pnfsdarg.dspath, cp2,
3552 				    PATH_MAX + 1, NULL);
3553 				NFSD_DEBUG(4, "pnfsdcopymr cp dspath=%d\n",
3554 				    error);
3555 			} else
3556 				cp2 = NULL;
3557 			if (error == 0 && pnfsdarg.curdspath != NULL) {
3558 				cp3 = malloc(PATH_MAX + 1, M_TEMP, M_WAITOK);
3559 				error = copyinstr(pnfsdarg.curdspath, cp3,
3560 				    PATH_MAX + 1, NULL);
3561 				NFSD_DEBUG(4, "pnfsdcopymr cp curdspath=%d\n",
3562 				    error);
3563 			} else
3564 				cp3 = NULL;
3565 			curdvp = NULL;
3566 			fds = NULL;
3567 			if (error == 0)
3568 				error = nfsrv_mdscopymr(cp, cp2, cp3, buf,
3569 				    &buflen, fname, td, &vp, &nvp, &pf, &ds,
3570 				    &fds);
3571 			NFSD_DEBUG(4, "nfsrv_mdscopymr=%d\n", error);
3572 			if (error == 0) {
3573 				if (pf->dsf_dir >= nfsrv_dsdirsize) {
3574 					printf("copymr: dsdir out of range\n");
3575 					pf->dsf_dir = 0;
3576 				}
3577 				NFSD_DEBUG(4, "copymr: buflen=%d\n", buflen);
3578 				error = nfsrv_copymr(vp, nvp,
3579 				    ds->nfsdev_dsdir[pf->dsf_dir], ds, pf,
3580 				    (struct pnfsdsfile *)buf,
3581 				    buflen / sizeof(*pf), td->td_ucred, td);
3582 				vput(vp);
3583 				vput(nvp);
3584 				if (fds != NULL && error == 0) {
3585 					curdvp = fds->nfsdev_dsdir[pf->dsf_dir];
3586 					ret = vn_lock(curdvp, LK_EXCLUSIVE);
3587 					if (ret == 0) {
3588 						nfsrv_dsremove(curdvp, fname,
3589 						    td->td_ucred, td);
3590 						NFSVOPUNLOCK(curdvp, 0);
3591 					}
3592 				}
3593 				NFSD_DEBUG(4, "nfsrv_copymr=%d\n", error);
3594 			}
3595 			free(cp, M_TEMP);
3596 			free(cp2, M_TEMP);
3597 			free(cp3, M_TEMP);
3598 			free(buf, M_TEMP);
3599 		}
3600 	} else {
3601 		error = nfssvc_srvcall(td, uap, td->td_ucred);
3602 	}
3603 
3604 out:
3605 	NFSEXITCODE(error);
3606 	return (error);
3607 }
3608 
3609 static int
nfssvc_srvcall(struct thread * p,struct nfssvc_args * uap,struct ucred * cred)3610 nfssvc_srvcall(struct thread *p, struct nfssvc_args *uap, struct ucred *cred)
3611 {
3612 	struct nfsex_args export;
3613 	struct file *fp = NULL;
3614 	int stablefd, len;
3615 	struct nfsd_clid adminrevoke;
3616 	struct nfsd_dumplist dumplist;
3617 	struct nfsd_dumpclients *dumpclients;
3618 	struct nfsd_dumplocklist dumplocklist;
3619 	struct nfsd_dumplocks *dumplocks;
3620 	struct nameidata nd;
3621 	vnode_t vp;
3622 	int error = EINVAL, igotlock;
3623 	struct proc *procp;
3624 	static int suspend_nfsd = 0;
3625 
3626 	if (uap->flag & NFSSVC_PUBLICFH) {
3627 		NFSBZERO((caddr_t)&nfs_pubfh.nfsrvfh_data,
3628 		    sizeof (fhandle_t));
3629 		error = copyin(uap->argp,
3630 		    &nfs_pubfh.nfsrvfh_data, sizeof (fhandle_t));
3631 		if (!error)
3632 			nfs_pubfhset = 1;
3633 	} else if (uap->flag & NFSSVC_V4ROOTEXPORT) {
3634 		error = copyin(uap->argp,(caddr_t)&export,
3635 		    sizeof (struct nfsex_args));
3636 		if (!error)
3637 			error = nfsrv_v4rootexport(&export, cred, p);
3638 	} else if (uap->flag & NFSSVC_NOPUBLICFH) {
3639 		nfs_pubfhset = 0;
3640 		error = 0;
3641 	} else if (uap->flag & NFSSVC_STABLERESTART) {
3642 		error = copyin(uap->argp, (caddr_t)&stablefd,
3643 		    sizeof (int));
3644 		if (!error)
3645 			error = fp_getfvp(p, stablefd, &fp, &vp);
3646 		if (!error && (NFSFPFLAG(fp) & (FREAD | FWRITE)) != (FREAD | FWRITE))
3647 			error = EBADF;
3648 		if (!error && newnfs_numnfsd != 0)
3649 			error = EPERM;
3650 		if (!error) {
3651 			nfsrv_stablefirst.nsf_fp = fp;
3652 			nfsrv_setupstable(p);
3653 		}
3654 	} else if (uap->flag & NFSSVC_ADMINREVOKE) {
3655 		error = copyin(uap->argp, (caddr_t)&adminrevoke,
3656 		    sizeof (struct nfsd_clid));
3657 		if (!error)
3658 			error = nfsrv_adminrevoke(&adminrevoke, p);
3659 	} else if (uap->flag & NFSSVC_DUMPCLIENTS) {
3660 		error = copyin(uap->argp, (caddr_t)&dumplist,
3661 		    sizeof (struct nfsd_dumplist));
3662 		if (!error && (dumplist.ndl_size < 1 ||
3663 			dumplist.ndl_size > NFSRV_MAXDUMPLIST))
3664 			error = EPERM;
3665 		if (!error) {
3666 		    len = sizeof (struct nfsd_dumpclients) * dumplist.ndl_size;
3667 		    dumpclients = malloc(len, M_TEMP, M_WAITOK | M_ZERO);
3668 		    nfsrv_dumpclients(dumpclients, dumplist.ndl_size);
3669 		    error = copyout(dumpclients,
3670 			CAST_USER_ADDR_T(dumplist.ndl_list), len);
3671 		    free(dumpclients, M_TEMP);
3672 		}
3673 	} else if (uap->flag & NFSSVC_DUMPLOCKS) {
3674 		error = copyin(uap->argp, (caddr_t)&dumplocklist,
3675 		    sizeof (struct nfsd_dumplocklist));
3676 		if (!error && (dumplocklist.ndllck_size < 1 ||
3677 			dumplocklist.ndllck_size > NFSRV_MAXDUMPLIST))
3678 			error = EPERM;
3679 		if (!error)
3680 			error = nfsrv_lookupfilename(&nd,
3681 				dumplocklist.ndllck_fname, p);
3682 		if (!error) {
3683 			len = sizeof (struct nfsd_dumplocks) *
3684 				dumplocklist.ndllck_size;
3685 			dumplocks = malloc(len, M_TEMP, M_WAITOK | M_ZERO);
3686 			nfsrv_dumplocks(nd.ni_vp, dumplocks,
3687 			    dumplocklist.ndllck_size, p);
3688 			vput(nd.ni_vp);
3689 			error = copyout(dumplocks,
3690 			    CAST_USER_ADDR_T(dumplocklist.ndllck_list), len);
3691 			free(dumplocks, M_TEMP);
3692 		}
3693 	} else if (uap->flag & NFSSVC_BACKUPSTABLE) {
3694 		procp = p->td_proc;
3695 		PROC_LOCK(procp);
3696 		nfsd_master_pid = procp->p_pid;
3697 		bcopy(procp->p_comm, nfsd_master_comm, MAXCOMLEN + 1);
3698 		nfsd_master_start = procp->p_stats->p_start;
3699 		nfsd_master_proc = procp;
3700 		PROC_UNLOCK(procp);
3701 	} else if ((uap->flag & NFSSVC_SUSPENDNFSD) != 0) {
3702 		NFSLOCKV4ROOTMUTEX();
3703 		if (suspend_nfsd == 0) {
3704 			/* Lock out all nfsd threads */
3705 			do {
3706 				igotlock = nfsv4_lock(&nfsd_suspend_lock, 1,
3707 				    NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
3708 			} while (igotlock == 0 && suspend_nfsd == 0);
3709 			suspend_nfsd = 1;
3710 		}
3711 		NFSUNLOCKV4ROOTMUTEX();
3712 		error = 0;
3713 	} else if ((uap->flag & NFSSVC_RESUMENFSD) != 0) {
3714 		NFSLOCKV4ROOTMUTEX();
3715 		if (suspend_nfsd != 0) {
3716 			nfsv4_unlock(&nfsd_suspend_lock, 0);
3717 			suspend_nfsd = 0;
3718 		}
3719 		NFSUNLOCKV4ROOTMUTEX();
3720 		error = 0;
3721 	}
3722 
3723 	NFSEXITCODE(error);
3724 	return (error);
3725 }
3726 
3727 /*
3728  * Check exports.
3729  * Returns 0 if ok, 1 otherwise.
3730  */
3731 int
nfsvno_testexp(struct nfsrv_descript * nd,struct nfsexstuff * exp)3732 nfsvno_testexp(struct nfsrv_descript *nd, struct nfsexstuff *exp)
3733 {
3734 	int i;
3735 
3736 	/*
3737 	 * This seems odd, but allow the case where the security flavor
3738 	 * list is empty. This happens when NFSv4 is traversing non-exported
3739 	 * file systems. Exported file systems should always have a non-empty
3740 	 * security flavor list.
3741 	 */
3742 	if (exp->nes_numsecflavor == 0)
3743 		return (0);
3744 
3745 	for (i = 0; i < exp->nes_numsecflavor; i++) {
3746 		/*
3747 		 * The tests for privacy and integrity must be first,
3748 		 * since ND_GSS is set for everything but AUTH_SYS.
3749 		 */
3750 		if (exp->nes_secflavors[i] == RPCSEC_GSS_KRB5P &&
3751 		    (nd->nd_flag & ND_GSSPRIVACY))
3752 			return (0);
3753 		if (exp->nes_secflavors[i] == RPCSEC_GSS_KRB5I &&
3754 		    (nd->nd_flag & ND_GSSINTEGRITY))
3755 			return (0);
3756 		if (exp->nes_secflavors[i] == RPCSEC_GSS_KRB5 &&
3757 		    (nd->nd_flag & ND_GSS))
3758 			return (0);
3759 		if (exp->nes_secflavors[i] == AUTH_SYS &&
3760 		    (nd->nd_flag & ND_GSS) == 0)
3761 			return (0);
3762 	}
3763 	return (1);
3764 }
3765 
3766 /*
3767  * Calculate a hash value for the fid in a file handle.
3768  */
3769 uint32_t
nfsrv_hashfh(fhandle_t * fhp)3770 nfsrv_hashfh(fhandle_t *fhp)
3771 {
3772 	uint32_t hashval;
3773 
3774 	hashval = hash32_buf(&fhp->fh_fid, sizeof(struct fid), 0);
3775 	return (hashval);
3776 }
3777 
3778 /*
3779  * Calculate a hash value for the sessionid.
3780  */
3781 uint32_t
nfsrv_hashsessionid(uint8_t * sessionid)3782 nfsrv_hashsessionid(uint8_t *sessionid)
3783 {
3784 	uint32_t hashval;
3785 
3786 	hashval = hash32_buf(sessionid, NFSX_V4SESSIONID, 0);
3787 	return (hashval);
3788 }
3789 
3790 /*
3791  * Signal the userland master nfsd to backup the stable restart file.
3792  */
3793 void
nfsrv_backupstable(void)3794 nfsrv_backupstable(void)
3795 {
3796 	struct proc *procp;
3797 
3798 	if (nfsd_master_proc != NULL) {
3799 		procp = pfind(nfsd_master_pid);
3800 		/* Try to make sure it is the correct process. */
3801 		if (procp == nfsd_master_proc &&
3802 		    procp->p_stats->p_start.tv_sec ==
3803 		    nfsd_master_start.tv_sec &&
3804 		    procp->p_stats->p_start.tv_usec ==
3805 		    nfsd_master_start.tv_usec &&
3806 		    strcmp(procp->p_comm, nfsd_master_comm) == 0)
3807 			kern_psignal(procp, SIGUSR2);
3808 		else
3809 			nfsd_master_proc = NULL;
3810 
3811 		if (procp != NULL)
3812 			PROC_UNLOCK(procp);
3813 	}
3814 }
3815 
3816 /*
3817  * Create a DS data file for nfsrv_pnfscreate(). Called for each mirror.
3818  * The arguments are in a structure, so that they can be passed through
3819  * taskqueue for a kernel process to execute this function.
3820  */
3821 struct nfsrvdscreate {
3822 	int			done;
3823 	int			inprog;
3824 	struct task		tsk;
3825 	struct ucred		*tcred;
3826 	struct vnode		*dvp;
3827 	NFSPROC_T		*p;
3828 	struct pnfsdsfile	*pf;
3829 	int			err;
3830 	fhandle_t		fh;
3831 	struct vattr		va;
3832 	struct vattr		createva;
3833 };
3834 
3835 int
nfsrv_dscreate(struct vnode * dvp,struct vattr * vap,struct vattr * nvap,fhandle_t * fhp,struct pnfsdsfile * pf,struct pnfsdsattr * dsa,char * fnamep,struct ucred * tcred,NFSPROC_T * p,struct vnode ** nvpp)3836 nfsrv_dscreate(struct vnode *dvp, struct vattr *vap, struct vattr *nvap,
3837     fhandle_t *fhp, struct pnfsdsfile *pf, struct pnfsdsattr *dsa,
3838     char *fnamep, struct ucred *tcred, NFSPROC_T *p, struct vnode **nvpp)
3839 {
3840 	struct vnode *nvp;
3841 	struct nameidata named;
3842 	struct vattr va;
3843 	char *bufp;
3844 	u_long *hashp;
3845 	struct nfsnode *np;
3846 	struct nfsmount *nmp;
3847 	int error;
3848 
3849 	NFSNAMEICNDSET(&named.ni_cnd, tcred, CREATE,
3850 	    LOCKPARENT | LOCKLEAF | SAVESTART | NOCACHE);
3851 	nfsvno_setpathbuf(&named, &bufp, &hashp);
3852 	named.ni_cnd.cn_lkflags = LK_EXCLUSIVE;
3853 	named.ni_cnd.cn_thread = p;
3854 	named.ni_cnd.cn_nameptr = bufp;
3855 	if (fnamep != NULL) {
3856 		strlcpy(bufp, fnamep, PNFS_FILENAME_LEN + 1);
3857 		named.ni_cnd.cn_namelen = strlen(bufp);
3858 	} else
3859 		named.ni_cnd.cn_namelen = nfsrv_putfhname(fhp, bufp);
3860 	NFSD_DEBUG(4, "nfsrv_dscreate: dvp=%p fname=%s\n", dvp, bufp);
3861 
3862 	/* Create the date file in the DS mount. */
3863 	error = NFSVOPLOCK(dvp, LK_EXCLUSIVE);
3864 	if (error == 0) {
3865 		error = VOP_CREATE(dvp, &nvp, &named.ni_cnd, vap);
3866 		NFSVOPUNLOCK(dvp, 0);
3867 		if (error == 0) {
3868 			/* Set the ownership of the file. */
3869 			error = VOP_SETATTR(nvp, nvap, tcred);
3870 			NFSD_DEBUG(4, "nfsrv_dscreate:"
3871 			    " setattr-uid=%d\n", error);
3872 			if (error != 0)
3873 				vput(nvp);
3874 		}
3875 		if (error != 0)
3876 			printf("pNFS: pnfscreate failed=%d\n", error);
3877 	} else
3878 		printf("pNFS: pnfscreate vnlock=%d\n", error);
3879 	if (error == 0) {
3880 		np = VTONFS(nvp);
3881 		nmp = VFSTONFS(nvp->v_mount);
3882 		if (strcmp(nvp->v_mount->mnt_vfc->vfc_name, "nfs")
3883 		    != 0 || nmp->nm_nam->sa_len > sizeof(
3884 		    struct sockaddr_in6) ||
3885 		    np->n_fhp->nfh_len != NFSX_MYFH) {
3886 			printf("Bad DS file: fstype=%s salen=%d"
3887 			    " fhlen=%d\n",
3888 			    nvp->v_mount->mnt_vfc->vfc_name,
3889 			    nmp->nm_nam->sa_len, np->n_fhp->nfh_len);
3890 			error = ENOENT;
3891 		}
3892 
3893 		/* Set extattrs for the DS on the MDS file. */
3894 		if (error == 0) {
3895 			if (dsa != NULL) {
3896 				error = VOP_GETATTR(nvp, &va, tcred);
3897 				if (error == 0) {
3898 					dsa->dsa_filerev = va.va_filerev;
3899 					dsa->dsa_size = va.va_size;
3900 					dsa->dsa_atime = va.va_atime;
3901 					dsa->dsa_mtime = va.va_mtime;
3902 					dsa->dsa_bytes = va.va_bytes;
3903 				}
3904 			}
3905 			if (error == 0) {
3906 				NFSBCOPY(np->n_fhp->nfh_fh, &pf->dsf_fh,
3907 				    NFSX_MYFH);
3908 				NFSBCOPY(nmp->nm_nam, &pf->dsf_sin,
3909 				    nmp->nm_nam->sa_len);
3910 				NFSBCOPY(named.ni_cnd.cn_nameptr,
3911 				    pf->dsf_filename,
3912 				    sizeof(pf->dsf_filename));
3913 			}
3914 		} else
3915 			printf("pNFS: pnfscreate can't get DS"
3916 			    " attr=%d\n", error);
3917 		if (nvpp != NULL && error == 0)
3918 			*nvpp = nvp;
3919 		else
3920 			vput(nvp);
3921 	}
3922 	nfsvno_relpathbuf(&named);
3923 	return (error);
3924 }
3925 
3926 /*
3927  * Start up the thread that will execute nfsrv_dscreate().
3928  */
3929 static void
start_dscreate(void * arg,int pending)3930 start_dscreate(void *arg, int pending)
3931 {
3932 	struct nfsrvdscreate *dsc;
3933 
3934 	dsc = (struct nfsrvdscreate *)arg;
3935 	dsc->err = nfsrv_dscreate(dsc->dvp, &dsc->createva, &dsc->va, &dsc->fh,
3936 	    dsc->pf, NULL, NULL, dsc->tcred, dsc->p, NULL);
3937 	dsc->done = 1;
3938 	NFSD_DEBUG(4, "start_dscreate: err=%d\n", dsc->err);
3939 }
3940 
3941 /*
3942  * Create a pNFS data file on the Data Server(s).
3943  */
3944 static void
nfsrv_pnfscreate(struct vnode * vp,struct vattr * vap,struct ucred * cred,NFSPROC_T * p)3945 nfsrv_pnfscreate(struct vnode *vp, struct vattr *vap, struct ucred *cred,
3946     NFSPROC_T *p)
3947 {
3948 	struct nfsrvdscreate *dsc, *tdsc;
3949 	struct nfsdevice *ds, *tds, *fds;
3950 	struct mount *mp;
3951 	struct pnfsdsfile *pf, *tpf;
3952 	struct pnfsdsattr dsattr;
3953 	struct vattr va;
3954 	struct vnode *dvp[NFSDEV_MAXMIRRORS];
3955 	struct nfsmount *nmp;
3956 	fhandle_t fh;
3957 	uid_t vauid;
3958 	gid_t vagid;
3959 	u_short vamode;
3960 	struct ucred *tcred;
3961 	int dsdir[NFSDEV_MAXMIRRORS], error, i, mirrorcnt, ret;
3962 	int failpos, timo;
3963 
3964 	/* Get a DS server directory in a round-robin order. */
3965 	mirrorcnt = 1;
3966 	mp = vp->v_mount;
3967 	ds = fds = NULL;
3968 	NFSDDSLOCK();
3969 	/*
3970 	 * Search for the first entry that handles this MDS fs, but use the
3971 	 * first entry for all MDS fs's otherwise.
3972 	 */
3973 	TAILQ_FOREACH(tds, &nfsrv_devidhead, nfsdev_list) {
3974 		if (tds->nfsdev_nmp != NULL) {
3975 			if (tds->nfsdev_mdsisset == 0 && ds == NULL)
3976 				ds = tds;
3977 			else if (tds->nfsdev_mdsisset != 0 && fsidcmp(
3978 			    &mp->mnt_stat.f_fsid, &tds->nfsdev_mdsfsid) == 0) {
3979 				ds = fds = tds;
3980 				break;
3981 			}
3982 		}
3983 	}
3984 	if (ds == NULL) {
3985 		NFSDDSUNLOCK();
3986 		NFSD_DEBUG(4, "nfsrv_pnfscreate: no srv\n");
3987 		return;
3988 	}
3989 	i = dsdir[0] = ds->nfsdev_nextdir;
3990 	ds->nfsdev_nextdir = (ds->nfsdev_nextdir + 1) % nfsrv_dsdirsize;
3991 	dvp[0] = ds->nfsdev_dsdir[i];
3992 	tds = TAILQ_NEXT(ds, nfsdev_list);
3993 	if (nfsrv_maxpnfsmirror > 1 && tds != NULL) {
3994 		TAILQ_FOREACH_FROM(tds, &nfsrv_devidhead, nfsdev_list) {
3995 			if (tds->nfsdev_nmp != NULL &&
3996 			    ((tds->nfsdev_mdsisset == 0 && fds == NULL) ||
3997 			     (tds->nfsdev_mdsisset != 0 && fds != NULL &&
3998 			      fsidcmp(&mp->mnt_stat.f_fsid,
3999 			      &tds->nfsdev_mdsfsid) == 0))) {
4000 				dsdir[mirrorcnt] = i;
4001 				dvp[mirrorcnt] = tds->nfsdev_dsdir[i];
4002 				mirrorcnt++;
4003 				if (mirrorcnt >= nfsrv_maxpnfsmirror)
4004 					break;
4005 			}
4006 		}
4007 	}
4008 	/* Put at end of list to implement round-robin usage. */
4009 	TAILQ_REMOVE(&nfsrv_devidhead, ds, nfsdev_list);
4010 	TAILQ_INSERT_TAIL(&nfsrv_devidhead, ds, nfsdev_list);
4011 	NFSDDSUNLOCK();
4012 	dsc = NULL;
4013 	if (mirrorcnt > 1)
4014 		tdsc = dsc = malloc(sizeof(*dsc) * (mirrorcnt - 1), M_TEMP,
4015 		    M_WAITOK | M_ZERO);
4016 	tpf = pf = malloc(sizeof(*pf) * nfsrv_maxpnfsmirror, M_TEMP, M_WAITOK |
4017 	    M_ZERO);
4018 
4019 	error = nfsvno_getfh(vp, &fh, p);
4020 	if (error == 0)
4021 		error = VOP_GETATTR(vp, &va, cred);
4022 	if (error == 0) {
4023 		/* Set the attributes for "vp" to Setattr the DS vp. */
4024 		vauid = va.va_uid;
4025 		vagid = va.va_gid;
4026 		vamode = va.va_mode;
4027 		VATTR_NULL(&va);
4028 		va.va_uid = vauid;
4029 		va.va_gid = vagid;
4030 		va.va_mode = vamode;
4031 		va.va_size = 0;
4032 	} else
4033 		printf("pNFS: pnfscreate getfh+attr=%d\n", error);
4034 
4035 	NFSD_DEBUG(4, "nfsrv_pnfscreate: cruid=%d crgid=%d\n", cred->cr_uid,
4036 	    cred->cr_gid);
4037 	/* Make data file name based on FH. */
4038 	tcred = newnfs_getcred();
4039 
4040 	/*
4041 	 * Create the file on each DS mirror, using kernel process(es) for the
4042 	 * additional mirrors.
4043 	 */
4044 	failpos = -1;
4045 	for (i = 0; i < mirrorcnt - 1 && error == 0; i++, tpf++, tdsc++) {
4046 		tpf->dsf_dir = dsdir[i];
4047 		tdsc->tcred = tcred;
4048 		tdsc->p = p;
4049 		tdsc->pf = tpf;
4050 		tdsc->createva = *vap;
4051 		NFSBCOPY(&fh, &tdsc->fh, sizeof(fh));
4052 		tdsc->va = va;
4053 		tdsc->dvp = dvp[i];
4054 		tdsc->done = 0;
4055 		tdsc->inprog = 0;
4056 		tdsc->err = 0;
4057 		ret = EIO;
4058 		if (nfs_pnfsiothreads != 0) {
4059 			ret = nfs_pnfsio(start_dscreate, tdsc);
4060 			NFSD_DEBUG(4, "nfsrv_pnfscreate: nfs_pnfsio=%d\n", ret);
4061 		}
4062 		if (ret != 0) {
4063 			ret = nfsrv_dscreate(dvp[i], vap, &va, &fh, tpf, NULL,
4064 			    NULL, tcred, p, NULL);
4065 			if (ret != 0) {
4066 				KASSERT(error == 0, ("nfsrv_dscreate err=%d",
4067 				    error));
4068 				if (failpos == -1 && nfsds_failerr(ret))
4069 					failpos = i;
4070 				else
4071 					error = ret;
4072 			}
4073 		}
4074 	}
4075 	if (error == 0) {
4076 		tpf->dsf_dir = dsdir[mirrorcnt - 1];
4077 		error = nfsrv_dscreate(dvp[mirrorcnt - 1], vap, &va, &fh, tpf,
4078 		    &dsattr, NULL, tcred, p, NULL);
4079 		if (failpos == -1 && mirrorcnt > 1 && nfsds_failerr(error)) {
4080 			failpos = mirrorcnt - 1;
4081 			error = 0;
4082 		}
4083 	}
4084 	timo = hz / 50;		/* Wait for 20msec. */
4085 	if (timo < 1)
4086 		timo = 1;
4087 	/* Wait for kernel task(s) to complete. */
4088 	for (tdsc = dsc, i = 0; i < mirrorcnt - 1; i++, tdsc++) {
4089 		while (tdsc->inprog != 0 && tdsc->done == 0)
4090 			tsleep(&tdsc->tsk, PVFS, "srvdcr", timo);
4091 		if (tdsc->err != 0) {
4092 			if (failpos == -1 && nfsds_failerr(tdsc->err))
4093 				failpos = i;
4094 			else if (error == 0)
4095 				error = tdsc->err;
4096 		}
4097 	}
4098 
4099 	/*
4100 	 * If failpos has been set, that mirror has failed, so it needs
4101 	 * to be disabled.
4102 	 */
4103 	if (failpos >= 0) {
4104 		nmp = VFSTONFS(dvp[failpos]->v_mount);
4105 		NFSLOCKMNT(nmp);
4106 		if ((nmp->nm_privflag & (NFSMNTP_FORCEDISM |
4107 		     NFSMNTP_CANCELRPCS)) == 0) {
4108 			nmp->nm_privflag |= NFSMNTP_CANCELRPCS;
4109 			NFSUNLOCKMNT(nmp);
4110 			ds = nfsrv_deldsnmp(PNFSDOP_DELDSSERVER, nmp, p);
4111 			NFSD_DEBUG(4, "dscreatfail fail=%d ds=%p\n", failpos,
4112 			    ds);
4113 			if (ds != NULL)
4114 				nfsrv_killrpcs(nmp);
4115 			NFSLOCKMNT(nmp);
4116 			nmp->nm_privflag &= ~NFSMNTP_CANCELRPCS;
4117 			wakeup(nmp);
4118 		}
4119 		NFSUNLOCKMNT(nmp);
4120 	}
4121 
4122 	NFSFREECRED(tcred);
4123 	if (error == 0) {
4124 		ASSERT_VOP_ELOCKED(vp, "nfsrv_pnfscreate vp");
4125 
4126 		NFSD_DEBUG(4, "nfsrv_pnfscreate: mirrorcnt=%d maxmirror=%d\n",
4127 		    mirrorcnt, nfsrv_maxpnfsmirror);
4128 		/*
4129 		 * For all mirrors that couldn't be created, fill in the
4130 		 * *pf structure, but with an IP address == 0.0.0.0.
4131 		 */
4132 		tpf = pf + mirrorcnt;
4133 		for (i = mirrorcnt; i < nfsrv_maxpnfsmirror; i++, tpf++) {
4134 			*tpf = *pf;
4135 			tpf->dsf_sin.sin_family = AF_INET;
4136 			tpf->dsf_sin.sin_len = sizeof(struct sockaddr_in);
4137 			tpf->dsf_sin.sin_addr.s_addr = 0;
4138 			tpf->dsf_sin.sin_port = 0;
4139 		}
4140 
4141 		error = vn_extattr_set(vp, IO_NODELOCKED,
4142 		    EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsfile",
4143 		    sizeof(*pf) * nfsrv_maxpnfsmirror, (char *)pf, p);
4144 		if (error == 0)
4145 			error = vn_extattr_set(vp, IO_NODELOCKED,
4146 			    EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsattr",
4147 			    sizeof(dsattr), (char *)&dsattr, p);
4148 		if (error != 0)
4149 			printf("pNFS: pnfscreate setextattr=%d\n",
4150 			    error);
4151 	} else
4152 		printf("pNFS: pnfscreate=%d\n", error);
4153 	free(pf, M_TEMP);
4154 	free(dsc, M_TEMP);
4155 }
4156 
4157 /*
4158  * Get the information needed to remove the pNFS Data Server file from the
4159  * Metadata file.  Upon success, ddvp is set non-NULL to the locked
4160  * DS directory vnode.  The caller must unlock *ddvp when done with it.
4161  */
4162 static void
nfsrv_pnfsremovesetup(struct vnode * vp,NFSPROC_T * p,struct vnode ** dvpp,int * mirrorcntp,char * fname,fhandle_t * fhp)4163 nfsrv_pnfsremovesetup(struct vnode *vp, NFSPROC_T *p, struct vnode **dvpp,
4164     int *mirrorcntp, char *fname, fhandle_t *fhp)
4165 {
4166 	struct vattr va;
4167 	struct ucred *tcred;
4168 	char *buf;
4169 	int buflen, error;
4170 
4171 	dvpp[0] = NULL;
4172 	/* If not an exported regular file or not a pNFS server, just return. */
4173 	if (vp->v_type != VREG || (vp->v_mount->mnt_flag & MNT_EXPORTED) == 0 ||
4174 	    nfsrv_devidcnt == 0)
4175 		return;
4176 
4177 	/* Check to see if this is the last hard link. */
4178 	tcred = newnfs_getcred();
4179 	error = VOP_GETATTR(vp, &va, tcred);
4180 	NFSFREECRED(tcred);
4181 	if (error != 0) {
4182 		printf("pNFS: nfsrv_pnfsremovesetup getattr=%d\n", error);
4183 		return;
4184 	}
4185 	if (va.va_nlink > 1)
4186 		return;
4187 
4188 	error = nfsvno_getfh(vp, fhp, p);
4189 	if (error != 0) {
4190 		printf("pNFS: nfsrv_pnfsremovesetup getfh=%d\n", error);
4191 		return;
4192 	}
4193 
4194 	buflen = 1024;
4195 	buf = malloc(buflen, M_TEMP, M_WAITOK);
4196 	/* Get the directory vnode for the DS mount and the file handle. */
4197 	error = nfsrv_dsgetsockmnt(vp, 0, buf, &buflen, mirrorcntp, p, dvpp,
4198 	    NULL, NULL, fname, NULL, NULL, NULL, NULL, NULL);
4199 	free(buf, M_TEMP);
4200 	if (error != 0)
4201 		printf("pNFS: nfsrv_pnfsremovesetup getsockmnt=%d\n", error);
4202 }
4203 
4204 /*
4205  * Remove a DS data file for nfsrv_pnfsremove(). Called for each mirror.
4206  * The arguments are in a structure, so that they can be passed through
4207  * taskqueue for a kernel process to execute this function.
4208  */
4209 struct nfsrvdsremove {
4210 	int			done;
4211 	int			inprog;
4212 	struct task		tsk;
4213 	struct ucred		*tcred;
4214 	struct vnode		*dvp;
4215 	NFSPROC_T		*p;
4216 	int			err;
4217 	char			fname[PNFS_FILENAME_LEN + 1];
4218 };
4219 
4220 static int
nfsrv_dsremove(struct vnode * dvp,char * fname,struct ucred * tcred,NFSPROC_T * p)4221 nfsrv_dsremove(struct vnode *dvp, char *fname, struct ucred *tcred,
4222     NFSPROC_T *p)
4223 {
4224 	struct nameidata named;
4225 	struct vnode *nvp;
4226 	char *bufp;
4227 	u_long *hashp;
4228 	int error;
4229 
4230 	error = NFSVOPLOCK(dvp, LK_EXCLUSIVE);
4231 	if (error != 0)
4232 		return (error);
4233 	named.ni_cnd.cn_nameiop = DELETE;
4234 	named.ni_cnd.cn_lkflags = LK_EXCLUSIVE | LK_RETRY;
4235 	named.ni_cnd.cn_cred = tcred;
4236 	named.ni_cnd.cn_thread = p;
4237 	named.ni_cnd.cn_flags = ISLASTCN | LOCKPARENT | LOCKLEAF | SAVENAME;
4238 	nfsvno_setpathbuf(&named, &bufp, &hashp);
4239 	named.ni_cnd.cn_nameptr = bufp;
4240 	named.ni_cnd.cn_namelen = strlen(fname);
4241 	strlcpy(bufp, fname, NAME_MAX);
4242 	NFSD_DEBUG(4, "nfsrv_pnfsremove: filename=%s\n", bufp);
4243 	error = VOP_LOOKUP(dvp, &nvp, &named.ni_cnd);
4244 	NFSD_DEBUG(4, "nfsrv_pnfsremove: aft LOOKUP=%d\n", error);
4245 	if (error == 0) {
4246 		error = VOP_REMOVE(dvp, nvp, &named.ni_cnd);
4247 		vput(nvp);
4248 	}
4249 	NFSVOPUNLOCK(dvp, 0);
4250 	nfsvno_relpathbuf(&named);
4251 	if (error != 0)
4252 		printf("pNFS: nfsrv_pnfsremove failed=%d\n", error);
4253 	return (error);
4254 }
4255 
4256 /*
4257  * Start up the thread that will execute nfsrv_dsremove().
4258  */
4259 static void
start_dsremove(void * arg,int pending)4260 start_dsremove(void *arg, int pending)
4261 {
4262 	struct nfsrvdsremove *dsrm;
4263 
4264 	dsrm = (struct nfsrvdsremove *)arg;
4265 	dsrm->err = nfsrv_dsremove(dsrm->dvp, dsrm->fname, dsrm->tcred,
4266 	    dsrm->p);
4267 	dsrm->done = 1;
4268 	NFSD_DEBUG(4, "start_dsremove: err=%d\n", dsrm->err);
4269 }
4270 
4271 /*
4272  * Remove a pNFS data file from a Data Server.
4273  * nfsrv_pnfsremovesetup() must have been called before the MDS file was
4274  * removed to set up the dvp and fill in the FH.
4275  */
4276 static void
nfsrv_pnfsremove(struct vnode ** dvp,int mirrorcnt,char * fname,fhandle_t * fhp,NFSPROC_T * p)4277 nfsrv_pnfsremove(struct vnode **dvp, int mirrorcnt, char *fname, fhandle_t *fhp,
4278     NFSPROC_T *p)
4279 {
4280 	struct ucred *tcred;
4281 	struct nfsrvdsremove *dsrm, *tdsrm;
4282 	struct nfsdevice *ds;
4283 	struct nfsmount *nmp;
4284 	int failpos, i, ret, timo;
4285 
4286 	tcred = newnfs_getcred();
4287 	dsrm = NULL;
4288 	if (mirrorcnt > 1)
4289 		dsrm = malloc(sizeof(*dsrm) * mirrorcnt - 1, M_TEMP, M_WAITOK);
4290 	/*
4291 	 * Remove the file on each DS mirror, using kernel process(es) for the
4292 	 * additional mirrors.
4293 	 */
4294 	failpos = -1;
4295 	for (tdsrm = dsrm, i = 0; i < mirrorcnt - 1; i++, tdsrm++) {
4296 		tdsrm->tcred = tcred;
4297 		tdsrm->p = p;
4298 		tdsrm->dvp = dvp[i];
4299 		strlcpy(tdsrm->fname, fname, PNFS_FILENAME_LEN + 1);
4300 		tdsrm->inprog = 0;
4301 		tdsrm->done = 0;
4302 		tdsrm->err = 0;
4303 		ret = EIO;
4304 		if (nfs_pnfsiothreads != 0) {
4305 			ret = nfs_pnfsio(start_dsremove, tdsrm);
4306 			NFSD_DEBUG(4, "nfsrv_pnfsremove: nfs_pnfsio=%d\n", ret);
4307 		}
4308 		if (ret != 0) {
4309 			ret = nfsrv_dsremove(dvp[i], fname, tcred, p);
4310 			if (failpos == -1 && nfsds_failerr(ret))
4311 				failpos = i;
4312 		}
4313 	}
4314 	ret = nfsrv_dsremove(dvp[mirrorcnt - 1], fname, tcred, p);
4315 	if (failpos == -1 && mirrorcnt > 1 && nfsds_failerr(ret))
4316 		failpos = mirrorcnt - 1;
4317 	timo = hz / 50;		/* Wait for 20msec. */
4318 	if (timo < 1)
4319 		timo = 1;
4320 	/* Wait for kernel task(s) to complete. */
4321 	for (tdsrm = dsrm, i = 0; i < mirrorcnt - 1; i++, tdsrm++) {
4322 		while (tdsrm->inprog != 0 && tdsrm->done == 0)
4323 			tsleep(&tdsrm->tsk, PVFS, "srvdsrm", timo);
4324 		if (failpos == -1 && nfsds_failerr(tdsrm->err))
4325 			failpos = i;
4326 	}
4327 
4328 	/*
4329 	 * If failpos has been set, that mirror has failed, so it needs
4330 	 * to be disabled.
4331 	 */
4332 	if (failpos >= 0) {
4333 		nmp = VFSTONFS(dvp[failpos]->v_mount);
4334 		NFSLOCKMNT(nmp);
4335 		if ((nmp->nm_privflag & (NFSMNTP_FORCEDISM |
4336 		     NFSMNTP_CANCELRPCS)) == 0) {
4337 			nmp->nm_privflag |= NFSMNTP_CANCELRPCS;
4338 			NFSUNLOCKMNT(nmp);
4339 			ds = nfsrv_deldsnmp(PNFSDOP_DELDSSERVER, nmp, p);
4340 			NFSD_DEBUG(4, "dsremovefail fail=%d ds=%p\n", failpos,
4341 			    ds);
4342 			if (ds != NULL)
4343 				nfsrv_killrpcs(nmp);
4344 			NFSLOCKMNT(nmp);
4345 			nmp->nm_privflag &= ~NFSMNTP_CANCELRPCS;
4346 			wakeup(nmp);
4347 		}
4348 		NFSUNLOCKMNT(nmp);
4349 	}
4350 
4351 	/* Get rid all layouts for the file. */
4352 	nfsrv_freefilelayouts(fhp);
4353 
4354 	NFSFREECRED(tcred);
4355 	free(dsrm, M_TEMP);
4356 }
4357 
4358 /*
4359  * Generate a file name based on the file handle and put it in *bufp.
4360  * Return the number of bytes generated.
4361  */
4362 static int
nfsrv_putfhname(fhandle_t * fhp,char * bufp)4363 nfsrv_putfhname(fhandle_t *fhp, char *bufp)
4364 {
4365 	int i;
4366 	uint8_t *cp;
4367 	const uint8_t *hexdigits = "0123456789abcdef";
4368 
4369 	cp = (uint8_t *)fhp;
4370 	for (i = 0; i < sizeof(*fhp); i++) {
4371 		bufp[2 * i] = hexdigits[(*cp >> 4) & 0xf];
4372 		bufp[2 * i + 1] = hexdigits[*cp++ & 0xf];
4373 	}
4374 	bufp[2 * i] = '\0';
4375 	return (2 * i);
4376 }
4377 
4378 /*
4379  * Update the Metadata file's attributes from the DS file when a Read/Write
4380  * layout is returned.
4381  * Basically just call nfsrv_proxyds() with procedure == NFSPROC_LAYOUTRETURN
4382  * so that it does a nfsrv_getattrdsrpc() and nfsrv_setextattr() on the DS file.
4383  */
4384 int
nfsrv_updatemdsattr(struct vnode * vp,struct nfsvattr * nap,NFSPROC_T * p)4385 nfsrv_updatemdsattr(struct vnode *vp, struct nfsvattr *nap, NFSPROC_T *p)
4386 {
4387 	struct ucred *tcred;
4388 	int error;
4389 
4390 	/* Do this as root so that it won't fail with EACCES. */
4391 	tcred = newnfs_getcred();
4392 	error = nfsrv_proxyds(NULL, vp, 0, 0, tcred, p, NFSPROC_LAYOUTRETURN,
4393 	    NULL, NULL, NULL, nap, NULL);
4394 	NFSFREECRED(tcred);
4395 	return (error);
4396 }
4397 
4398 /*
4399  * Set the NFSv4 ACL on the DS file to the same ACL as the MDS file.
4400  */
4401 static int
nfsrv_dssetacl(struct vnode * vp,struct acl * aclp,struct ucred * cred,NFSPROC_T * p)4402 nfsrv_dssetacl(struct vnode *vp, struct acl *aclp, struct ucred *cred,
4403     NFSPROC_T *p)
4404 {
4405 	int error;
4406 
4407 	error = nfsrv_proxyds(NULL, vp, 0, 0, cred, p, NFSPROC_SETACL,
4408 	    NULL, NULL, NULL, NULL, aclp);
4409 	return (error);
4410 }
4411 
4412 static int
nfsrv_proxyds(struct nfsrv_descript * nd,struct vnode * vp,off_t off,int cnt,struct ucred * cred,struct thread * p,int ioproc,struct mbuf ** mpp,char * cp,struct mbuf ** mpp2,struct nfsvattr * nap,struct acl * aclp)4413 nfsrv_proxyds(struct nfsrv_descript *nd, struct vnode *vp, off_t off, int cnt,
4414     struct ucred *cred, struct thread *p, int ioproc, struct mbuf **mpp,
4415     char *cp, struct mbuf **mpp2, struct nfsvattr *nap, struct acl *aclp)
4416 {
4417 	struct nfsmount *nmp[NFSDEV_MAXMIRRORS], *failnmp;
4418 	fhandle_t fh[NFSDEV_MAXMIRRORS];
4419 	struct vnode *dvp[NFSDEV_MAXMIRRORS];
4420 	struct nfsdevice *ds;
4421 	struct pnfsdsattr dsattr;
4422 	struct opnfsdsattr odsattr;
4423 	char *buf;
4424 	int buflen, error, failpos, i, mirrorcnt, origmircnt, trycnt;
4425 
4426 	NFSD_DEBUG(4, "in nfsrv_proxyds\n");
4427 	/*
4428 	 * If not a regular file, not exported or not a pNFS server,
4429 	 * just return ENOENT.
4430 	 */
4431 	if (vp->v_type != VREG || (vp->v_mount->mnt_flag & MNT_EXPORTED) == 0 ||
4432 	    nfsrv_devidcnt == 0)
4433 		return (ENOENT);
4434 
4435 	buflen = 1024;
4436 	buf = malloc(buflen, M_TEMP, M_WAITOK);
4437 	error = 0;
4438 
4439 	/*
4440 	 * For Getattr, get the Change attribute (va_filerev) and size (va_size)
4441 	 * from the MetaData file's extended attribute.
4442 	 */
4443 	if (ioproc == NFSPROC_GETATTR) {
4444 		error = vn_extattr_get(vp, IO_NODELOCKED,
4445 		    EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsattr", &buflen, buf,
4446 		    p);
4447 		if (error == 0) {
4448 			if (buflen == sizeof(odsattr)) {
4449 				NFSBCOPY(buf, &odsattr, buflen);
4450 				nap->na_filerev = odsattr.dsa_filerev;
4451 				nap->na_size = odsattr.dsa_size;
4452 				nap->na_atime = odsattr.dsa_atime;
4453 				nap->na_mtime = odsattr.dsa_mtime;
4454 				/*
4455 				 * Fake na_bytes by rounding up na_size.
4456 				 * Since we don't know the block size, just
4457 				 * use BLKDEV_IOSIZE.
4458 				 */
4459 				nap->na_bytes = (odsattr.dsa_size +
4460 				    BLKDEV_IOSIZE - 1) & ~(BLKDEV_IOSIZE - 1);
4461 			} else if (buflen == sizeof(dsattr)) {
4462 				NFSBCOPY(buf, &dsattr, buflen);
4463 				nap->na_filerev = dsattr.dsa_filerev;
4464 				nap->na_size = dsattr.dsa_size;
4465 				nap->na_atime = dsattr.dsa_atime;
4466 				nap->na_mtime = dsattr.dsa_mtime;
4467 				nap->na_bytes = dsattr.dsa_bytes;
4468 			} else
4469 				error = ENXIO;
4470 		}
4471 		if (error == 0) {
4472 			/*
4473 			 * If nfsrv_pnfsgetdsattr is 0 or nfsrv_checkdsattr()
4474 			 * returns 0, just return now.  nfsrv_checkdsattr()
4475 			 * returns 0 if there is no Read/Write layout
4476 			 * plus either an Open/Write_access or Write
4477 			 * delegation issued to a client for the file.
4478 			 */
4479 			if (nfsrv_pnfsgetdsattr == 0 ||
4480 			    nfsrv_checkdsattr(nd, vp, p) == 0) {
4481 				free(buf, M_TEMP);
4482 				return (error);
4483 			}
4484 		}
4485 
4486 		/*
4487 		 * Clear ENOATTR so the code below will attempt to do a
4488 		 * nfsrv_getattrdsrpc() to get the attributes and (re)create
4489 		 * the extended attribute.
4490 		 */
4491 		if (error == ENOATTR)
4492 			error = 0;
4493 	}
4494 
4495 	origmircnt = -1;
4496 	trycnt = 0;
4497 tryagain:
4498 	if (error == 0) {
4499 		buflen = 1024;
4500 		if (ioproc == NFSPROC_READDS && NFSVOPISLOCKED(vp) ==
4501 		    LK_EXCLUSIVE)
4502 			printf("nfsrv_proxyds: Readds vp exclusively locked\n");
4503 		error = nfsrv_dsgetsockmnt(vp, LK_SHARED, buf, &buflen,
4504 		    &mirrorcnt, p, dvp, fh, NULL, NULL, NULL, NULL, NULL,
4505 		    NULL, NULL);
4506 		if (error == 0) {
4507 			for (i = 0; i < mirrorcnt; i++)
4508 				nmp[i] = VFSTONFS(dvp[i]->v_mount);
4509 		} else
4510 			printf("pNFS: proxy getextattr sockaddr=%d\n", error);
4511 	} else
4512 		printf("pNFS: nfsrv_dsgetsockmnt=%d\n", error);
4513 	if (error == 0) {
4514 		failpos = -1;
4515 		if (origmircnt == -1)
4516 			origmircnt = mirrorcnt;
4517 		/*
4518 		 * If failpos is set to a mirror#, then that mirror has
4519 		 * failed and will be disabled. For Read and Getattr, the
4520 		 * function only tries one mirror, so if that mirror has
4521 		 * failed, it will need to be retried. As such, increment
4522 		 * tryitagain for these cases.
4523 		 * For Write, Setattr and Setacl, the function tries all
4524 		 * mirrors and will not return an error for the case where
4525 		 * one mirror has failed. For these cases, the functioning
4526 		 * mirror(s) will have been modified, so a retry isn't
4527 		 * necessary. These functions will set failpos for the
4528 		 * failed mirror#.
4529 		 */
4530 		if (ioproc == NFSPROC_READDS) {
4531 			error = nfsrv_readdsrpc(fh, off, cnt, cred, p, nmp[0],
4532 			    mpp, mpp2);
4533 			if (nfsds_failerr(error) && mirrorcnt > 1) {
4534 				/*
4535 				 * Setting failpos will cause the mirror
4536 				 * to be disabled and then a retry of this
4537 				 * read is required.
4538 				 */
4539 				failpos = 0;
4540 				error = 0;
4541 				trycnt++;
4542 			}
4543 		} else if (ioproc == NFSPROC_WRITEDS)
4544 			error = nfsrv_writedsrpc(fh, off, cnt, cred, p, vp,
4545 			    &nmp[0], mirrorcnt, mpp, cp, &failpos);
4546 		else if (ioproc == NFSPROC_SETATTR)
4547 			error = nfsrv_setattrdsrpc(fh, cred, p, vp, &nmp[0],
4548 			    mirrorcnt, nap, &failpos);
4549 		else if (ioproc == NFSPROC_SETACL)
4550 			error = nfsrv_setacldsrpc(fh, cred, p, vp, &nmp[0],
4551 			    mirrorcnt, aclp, &failpos);
4552 		else {
4553 			error = nfsrv_getattrdsrpc(&fh[mirrorcnt - 1], cred, p,
4554 			    vp, nmp[mirrorcnt - 1], nap);
4555 			if (nfsds_failerr(error) && mirrorcnt > 1) {
4556 				/*
4557 				 * Setting failpos will cause the mirror
4558 				 * to be disabled and then a retry of this
4559 				 * getattr is required.
4560 				 */
4561 				failpos = mirrorcnt - 1;
4562 				error = 0;
4563 				trycnt++;
4564 			}
4565 		}
4566 		ds = NULL;
4567 		if (failpos >= 0) {
4568 			failnmp = nmp[failpos];
4569 			NFSLOCKMNT(failnmp);
4570 			if ((failnmp->nm_privflag & (NFSMNTP_FORCEDISM |
4571 			     NFSMNTP_CANCELRPCS)) == 0) {
4572 				failnmp->nm_privflag |= NFSMNTP_CANCELRPCS;
4573 				NFSUNLOCKMNT(failnmp);
4574 				ds = nfsrv_deldsnmp(PNFSDOP_DELDSSERVER,
4575 				    failnmp, p);
4576 				NFSD_DEBUG(4, "dsldsnmp fail=%d ds=%p\n",
4577 				    failpos, ds);
4578 				if (ds != NULL)
4579 					nfsrv_killrpcs(failnmp);
4580 				NFSLOCKMNT(failnmp);
4581 				failnmp->nm_privflag &= ~NFSMNTP_CANCELRPCS;
4582 				wakeup(failnmp);
4583 			}
4584 			NFSUNLOCKMNT(failnmp);
4585 		}
4586 		for (i = 0; i < mirrorcnt; i++)
4587 			NFSVOPUNLOCK(dvp[i], 0);
4588 		NFSD_DEBUG(4, "nfsrv_proxyds: aft RPC=%d trya=%d\n", error,
4589 		    trycnt);
4590 		/* Try the Read/Getattr again if a mirror was deleted. */
4591 		if (ds != NULL && trycnt > 0 && trycnt < origmircnt)
4592 			goto tryagain;
4593 	} else {
4594 		/* Return ENOENT for any Extended Attribute error. */
4595 		error = ENOENT;
4596 	}
4597 	free(buf, M_TEMP);
4598 	NFSD_DEBUG(4, "nfsrv_proxyds: error=%d\n", error);
4599 	return (error);
4600 }
4601 
4602 /*
4603  * Get the DS mount point, fh and directory from the "pnfsd.dsfile" extended
4604  * attribute.
4605  * newnmpp - If it points to a non-NULL nmp, that is the destination and needs
4606  *           to be checked.  If it points to a NULL nmp, then it returns
4607  *           a suitable destination.
4608  * curnmp - If non-NULL, it is the source mount for the copy.
4609  */
4610 int
nfsrv_dsgetsockmnt(struct vnode * vp,int lktype,char * buf,int * buflenp,int * mirrorcntp,NFSPROC_T * p,struct vnode ** dvpp,fhandle_t * fhp,char * devid,char * fnamep,struct vnode ** nvpp,struct nfsmount ** newnmpp,struct nfsmount * curnmp,int * ippos,int * dsdirp)4611 nfsrv_dsgetsockmnt(struct vnode *vp, int lktype, char *buf, int *buflenp,
4612     int *mirrorcntp, NFSPROC_T *p, struct vnode **dvpp, fhandle_t *fhp,
4613     char *devid, char *fnamep, struct vnode **nvpp, struct nfsmount **newnmpp,
4614     struct nfsmount *curnmp, int *ippos, int *dsdirp)
4615 {
4616 	struct vnode *dvp, *nvp, **tdvpp;
4617 	struct mount *mp;
4618 	struct nfsmount *nmp, *newnmp;
4619 	struct sockaddr *sad;
4620 	struct sockaddr_in *sin;
4621 	struct nfsdevice *ds, *tds, *fndds;
4622 	struct pnfsdsfile *pf;
4623 	uint32_t dsdir;
4624 	int error, fhiszero, fnd, gotone, i, mirrorcnt;
4625 
4626 	ASSERT_VOP_LOCKED(vp, "nfsrv_dsgetsockmnt vp");
4627 	*mirrorcntp = 1;
4628 	tdvpp = dvpp;
4629 	if (nvpp != NULL)
4630 		*nvpp = NULL;
4631 	if (dvpp != NULL)
4632 		*dvpp = NULL;
4633 	if (ippos != NULL)
4634 		*ippos = -1;
4635 	if (newnmpp != NULL)
4636 		newnmp = *newnmpp;
4637 	else
4638 		newnmp = NULL;
4639 	mp = vp->v_mount;
4640 	error = vn_extattr_get(vp, IO_NODELOCKED, EXTATTR_NAMESPACE_SYSTEM,
4641 	    "pnfsd.dsfile", buflenp, buf, p);
4642 	mirrorcnt = *buflenp / sizeof(*pf);
4643 	if (error == 0 && (mirrorcnt < 1 || mirrorcnt > NFSDEV_MAXMIRRORS ||
4644 	    *buflenp != sizeof(*pf) * mirrorcnt))
4645 		error = ENOATTR;
4646 
4647 	pf = (struct pnfsdsfile *)buf;
4648 	/* If curnmp != NULL, check for a match in the mirror list. */
4649 	if (curnmp != NULL && error == 0) {
4650 		fnd = 0;
4651 		for (i = 0; i < mirrorcnt; i++, pf++) {
4652 			sad = (struct sockaddr *)&pf->dsf_sin;
4653 			if (nfsaddr2_match(sad, curnmp->nm_nam)) {
4654 				if (ippos != NULL)
4655 					*ippos = i;
4656 				fnd = 1;
4657 				break;
4658 			}
4659 		}
4660 		if (fnd == 0)
4661 			error = ENXIO;
4662 	}
4663 
4664 	gotone = 0;
4665 	pf = (struct pnfsdsfile *)buf;
4666 	NFSD_DEBUG(4, "nfsrv_dsgetsockmnt: mirrorcnt=%d err=%d\n", mirrorcnt,
4667 	    error);
4668 	for (i = 0; i < mirrorcnt && error == 0; i++, pf++) {
4669 		fhiszero = 0;
4670 		sad = (struct sockaddr *)&pf->dsf_sin;
4671 		sin = &pf->dsf_sin;
4672 		dsdir = pf->dsf_dir;
4673 		if (dsdir >= nfsrv_dsdirsize) {
4674 			printf("nfsrv_dsgetsockmnt: dsdir=%d\n", dsdir);
4675 			error = ENOATTR;
4676 		} else if (nvpp != NULL && newnmp != NULL &&
4677 		    nfsaddr2_match(sad, newnmp->nm_nam))
4678 			error = EEXIST;
4679 		if (error == 0) {
4680 			if (ippos != NULL && curnmp == NULL &&
4681 			    sad->sa_family == AF_INET &&
4682 			    sin->sin_addr.s_addr == 0)
4683 				*ippos = i;
4684 			if (NFSBCMP(&zerofh, &pf->dsf_fh, sizeof(zerofh)) == 0)
4685 				fhiszero = 1;
4686 			/* Use the socket address to find the mount point. */
4687 			fndds = NULL;
4688 			NFSDDSLOCK();
4689 			/* Find a match for the IP address. */
4690 			TAILQ_FOREACH(ds, &nfsrv_devidhead, nfsdev_list) {
4691 				if (ds->nfsdev_nmp != NULL) {
4692 					dvp = ds->nfsdev_dvp;
4693 					nmp = VFSTONFS(dvp->v_mount);
4694 					if (nmp != ds->nfsdev_nmp)
4695 						printf("different2 nmp %p %p\n",
4696 						    nmp, ds->nfsdev_nmp);
4697 					if (nfsaddr2_match(sad, nmp->nm_nam)) {
4698 						fndds = ds;
4699 						break;
4700 					}
4701 				}
4702 			}
4703 			if (fndds != NULL && newnmpp != NULL &&
4704 			    newnmp == NULL) {
4705 				/* Search for a place to make a mirror copy. */
4706 				TAILQ_FOREACH(tds, &nfsrv_devidhead,
4707 				    nfsdev_list) {
4708 					if (tds->nfsdev_nmp != NULL &&
4709 					    fndds != tds &&
4710 					    ((tds->nfsdev_mdsisset == 0 &&
4711 					      fndds->nfsdev_mdsisset == 0) ||
4712 					     (tds->nfsdev_mdsisset != 0 &&
4713 					      fndds->nfsdev_mdsisset != 0 &&
4714 					      fsidcmp(&tds->nfsdev_mdsfsid,
4715 					      &mp->mnt_stat.f_fsid) == 0))) {
4716 						*newnmpp = tds->nfsdev_nmp;
4717 						break;
4718 					}
4719 				}
4720 				if (tds != NULL) {
4721 					/*
4722 					 * Move this entry to the end of the
4723 					 * list, so it won't be selected as
4724 					 * easily the next time.
4725 					 */
4726 					TAILQ_REMOVE(&nfsrv_devidhead, tds,
4727 					    nfsdev_list);
4728 					TAILQ_INSERT_TAIL(&nfsrv_devidhead, tds,
4729 					    nfsdev_list);
4730 				}
4731 			}
4732 			NFSDDSUNLOCK();
4733 			if (fndds != NULL) {
4734 				dvp = fndds->nfsdev_dsdir[dsdir];
4735 				if (lktype != 0 || fhiszero != 0 ||
4736 				    (nvpp != NULL && *nvpp == NULL)) {
4737 					if (fhiszero != 0)
4738 						error = vn_lock(dvp,
4739 						    LK_EXCLUSIVE);
4740 					else if (lktype != 0)
4741 						error = vn_lock(dvp, lktype);
4742 					else
4743 						error = vn_lock(dvp, LK_SHARED);
4744 					/*
4745 					 * If the file handle is all 0's, try to
4746 					 * do a Lookup against the DS to acquire
4747 					 * it.
4748 					 * If dvpp == NULL or the Lookup fails,
4749 					 * unlock dvp after the call.
4750 					 */
4751 					if (error == 0 && (fhiszero != 0 ||
4752 					    (nvpp != NULL && *nvpp == NULL))) {
4753 						error = nfsrv_pnfslookupds(vp,
4754 						    dvp, pf, &nvp, p);
4755 						if (error == 0) {
4756 							if (fhiszero != 0)
4757 								nfsrv_pnfssetfh(
4758 								    vp, pf,
4759 								    devid,
4760 								    fnamep,
4761 								    nvp, p);
4762 							if (nvpp != NULL &&
4763 							    *nvpp == NULL) {
4764 								*nvpp = nvp;
4765 								*dsdirp = dsdir;
4766 							} else
4767 								vput(nvp);
4768 						}
4769 						if (error != 0 || lktype == 0)
4770 							NFSVOPUNLOCK(dvp, 0);
4771 					}
4772 				}
4773 				if (error == 0) {
4774 					gotone++;
4775 					NFSD_DEBUG(4, "gotone=%d\n", gotone);
4776 					if (devid != NULL) {
4777 						NFSBCOPY(fndds->nfsdev_deviceid,
4778 						    devid, NFSX_V4DEVICEID);
4779 						devid += NFSX_V4DEVICEID;
4780 					}
4781 					if (dvpp != NULL)
4782 						*tdvpp++ = dvp;
4783 					if (fhp != NULL)
4784 						NFSBCOPY(&pf->dsf_fh, fhp++,
4785 						    NFSX_MYFH);
4786 					if (fnamep != NULL && gotone == 1)
4787 						strlcpy(fnamep,
4788 						    pf->dsf_filename,
4789 						    sizeof(pf->dsf_filename));
4790 				} else
4791 					NFSD_DEBUG(4, "nfsrv_dsgetsockmnt "
4792 					    "err=%d\n", error);
4793 			}
4794 		}
4795 	}
4796 	if (error == 0 && gotone == 0)
4797 		error = ENOENT;
4798 
4799 	NFSD_DEBUG(4, "eo nfsrv_dsgetsockmnt: gotone=%d err=%d\n", gotone,
4800 	    error);
4801 	if (error == 0)
4802 		*mirrorcntp = gotone;
4803 	else {
4804 		if (gotone > 0 && dvpp != NULL) {
4805 			/*
4806 			 * If the error didn't occur on the first one and
4807 			 * dvpp != NULL, the one(s) prior to the failure will
4808 			 * have locked dvp's that need to be unlocked.
4809 			 */
4810 			for (i = 0; i < gotone; i++) {
4811 				NFSVOPUNLOCK(*dvpp, 0);
4812 				*dvpp++ = NULL;
4813 			}
4814 		}
4815 		/*
4816 		 * If it found the vnode to be copied from before a failure,
4817 		 * it needs to be vput()'d.
4818 		 */
4819 		if (nvpp != NULL && *nvpp != NULL) {
4820 			vput(*nvpp);
4821 			*nvpp = NULL;
4822 		}
4823 	}
4824 	return (error);
4825 }
4826 
4827 /*
4828  * Set the extended attribute for the Change attribute.
4829  */
4830 static int
nfsrv_setextattr(struct vnode * vp,struct nfsvattr * nap,NFSPROC_T * p)4831 nfsrv_setextattr(struct vnode *vp, struct nfsvattr *nap, NFSPROC_T *p)
4832 {
4833 	struct pnfsdsattr dsattr;
4834 	int error;
4835 
4836 	ASSERT_VOP_ELOCKED(vp, "nfsrv_setextattr vp");
4837 	dsattr.dsa_filerev = nap->na_filerev;
4838 	dsattr.dsa_size = nap->na_size;
4839 	dsattr.dsa_atime = nap->na_atime;
4840 	dsattr.dsa_mtime = nap->na_mtime;
4841 	dsattr.dsa_bytes = nap->na_bytes;
4842 	error = vn_extattr_set(vp, IO_NODELOCKED, EXTATTR_NAMESPACE_SYSTEM,
4843 	    "pnfsd.dsattr", sizeof(dsattr), (char *)&dsattr, p);
4844 	if (error != 0)
4845 		printf("pNFS: setextattr=%d\n", error);
4846 	return (error);
4847 }
4848 
4849 static int
nfsrv_readdsrpc(fhandle_t * fhp,off_t off,int len,struct ucred * cred,NFSPROC_T * p,struct nfsmount * nmp,struct mbuf ** mpp,struct mbuf ** mpendp)4850 nfsrv_readdsrpc(fhandle_t *fhp, off_t off, int len, struct ucred *cred,
4851     NFSPROC_T *p, struct nfsmount *nmp, struct mbuf **mpp, struct mbuf **mpendp)
4852 {
4853 	uint32_t *tl;
4854 	struct nfsrv_descript *nd;
4855 	nfsv4stateid_t st;
4856 	struct mbuf *m, *m2;
4857 	int error = 0, retlen, tlen, trimlen;
4858 
4859 	NFSD_DEBUG(4, "in nfsrv_readdsrpc\n");
4860 	nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
4861 	*mpp = NULL;
4862 	/*
4863 	 * Use a stateid where other is an alternating 01010 pattern and
4864 	 * seqid is 0xffffffff.  This value is not defined as special by
4865 	 * the RFC and is used by the FreeBSD NFS server to indicate an
4866 	 * MDS->DS proxy operation.
4867 	 */
4868 	st.other[0] = 0x55555555;
4869 	st.other[1] = 0x55555555;
4870 	st.other[2] = 0x55555555;
4871 	st.seqid = 0xffffffff;
4872 	nfscl_reqstart(nd, NFSPROC_READDS, nmp, (u_int8_t *)fhp, sizeof(*fhp),
4873 	    NULL, NULL, 0, 0);
4874 	nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
4875 	NFSM_BUILD(tl, uint32_t *, NFSX_UNSIGNED * 3);
4876 	txdr_hyper(off, tl);
4877 	*(tl + 2) = txdr_unsigned(len);
4878 	error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
4879 	    NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
4880 	if (error != 0) {
4881 		free(nd, M_TEMP);
4882 		return (error);
4883 	}
4884 	if (nd->nd_repstat == 0) {
4885 		NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
4886 		NFSM_STRSIZ(retlen, len);
4887 		if (retlen > 0) {
4888 			/* Trim off the pre-data XDR from the mbuf chain. */
4889 			m = nd->nd_mrep;
4890 			while (m != NULL && m != nd->nd_md) {
4891 				if (m->m_next == nd->nd_md) {
4892 					m->m_next = NULL;
4893 					m_freem(nd->nd_mrep);
4894 					nd->nd_mrep = m = nd->nd_md;
4895 				} else
4896 					m = m->m_next;
4897 			}
4898 			if (m == NULL) {
4899 				printf("nfsrv_readdsrpc: busted mbuf list\n");
4900 				error = ENOENT;
4901 				goto nfsmout;
4902 			}
4903 
4904 			/*
4905 			 * Now, adjust first mbuf so that any XDR before the
4906 			 * read data is skipped over.
4907 			 */
4908 			trimlen = nd->nd_dpos - mtod(m, char *);
4909 			if (trimlen > 0) {
4910 				m->m_len -= trimlen;
4911 				NFSM_DATAP(m, trimlen);
4912 			}
4913 
4914 			/*
4915 			 * Truncate the mbuf chain at retlen bytes of data,
4916 			 * plus XDR padding that brings the length up to a
4917 			 * multiple of 4.
4918 			 */
4919 			tlen = NFSM_RNDUP(retlen);
4920 			do {
4921 				if (m->m_len >= tlen) {
4922 					m->m_len = tlen;
4923 					tlen = 0;
4924 					m2 = m->m_next;
4925 					m->m_next = NULL;
4926 					m_freem(m2);
4927 					break;
4928 				}
4929 				tlen -= m->m_len;
4930 				m = m->m_next;
4931 			} while (m != NULL);
4932 			if (tlen > 0) {
4933 				printf("nfsrv_readdsrpc: busted mbuf list\n");
4934 				error = ENOENT;
4935 				goto nfsmout;
4936 			}
4937 			*mpp = nd->nd_mrep;
4938 			*mpendp = m;
4939 			nd->nd_mrep = NULL;
4940 		}
4941 	} else
4942 		error = nd->nd_repstat;
4943 nfsmout:
4944 	/* If nd->nd_mrep is already NULL, this is a no-op. */
4945 	m_freem(nd->nd_mrep);
4946 	free(nd, M_TEMP);
4947 	NFSD_DEBUG(4, "nfsrv_readdsrpc error=%d\n", error);
4948 	return (error);
4949 }
4950 
4951 /*
4952  * Do a write RPC on a DS data file, using this structure for the arguments,
4953  * so that this function can be executed by a separate kernel process.
4954  */
4955 struct nfsrvwritedsdorpc {
4956 	int			done;
4957 	int			inprog;
4958 	struct task		tsk;
4959 	fhandle_t		fh;
4960 	off_t			off;
4961 	int			len;
4962 	struct nfsmount		*nmp;
4963 	struct ucred		*cred;
4964 	NFSPROC_T		*p;
4965 	struct mbuf		*m;
4966 	int			err;
4967 };
4968 
4969 static int
nfsrv_writedsdorpc(struct nfsmount * nmp,fhandle_t * fhp,off_t off,int len,struct nfsvattr * nap,struct mbuf * m,struct ucred * cred,NFSPROC_T * p)4970 nfsrv_writedsdorpc(struct nfsmount *nmp, fhandle_t *fhp, off_t off, int len,
4971     struct nfsvattr *nap, struct mbuf *m, struct ucred *cred, NFSPROC_T *p)
4972 {
4973 	uint32_t *tl;
4974 	struct nfsrv_descript *nd;
4975 	nfsattrbit_t attrbits;
4976 	nfsv4stateid_t st;
4977 	int commit, error, retlen;
4978 
4979 	nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
4980 	nfscl_reqstart(nd, NFSPROC_WRITE, nmp, (u_int8_t *)fhp,
4981 	    sizeof(fhandle_t), NULL, NULL, 0, 0);
4982 
4983 	/*
4984 	 * Use a stateid where other is an alternating 01010 pattern and
4985 	 * seqid is 0xffffffff.  This value is not defined as special by
4986 	 * the RFC and is used by the FreeBSD NFS server to indicate an
4987 	 * MDS->DS proxy operation.
4988 	 */
4989 	st.other[0] = 0x55555555;
4990 	st.other[1] = 0x55555555;
4991 	st.other[2] = 0x55555555;
4992 	st.seqid = 0xffffffff;
4993 	nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
4994 	NFSM_BUILD(tl, u_int32_t *, NFSX_HYPER + 2 * NFSX_UNSIGNED);
4995 	txdr_hyper(off, tl);
4996 	tl += 2;
4997 	/*
4998 	 * Do all writes FileSync, since the server doesn't hold onto dirty
4999 	 * buffers.  Since clients should be accessing the DS servers directly
5000 	 * using the pNFS layouts, this just needs to work correctly as a
5001 	 * fallback.
5002 	 */
5003 	*tl++ = txdr_unsigned(NFSWRITE_FILESYNC);
5004 	*tl = txdr_unsigned(len);
5005 	NFSD_DEBUG(4, "nfsrv_writedsdorpc: len=%d\n", len);
5006 
5007 	/* Put data in mbuf chain. */
5008 	nd->nd_mb->m_next = m;
5009 
5010 	/* Set nd_mb and nd_bpos to end of data. */
5011 	while (m->m_next != NULL)
5012 		m = m->m_next;
5013 	nd->nd_mb = m;
5014 	nd->nd_bpos = mtod(m, char *) + m->m_len;
5015 	NFSD_DEBUG(4, "nfsrv_writedsdorpc: lastmb len=%d\n", m->m_len);
5016 
5017 	/* Do a Getattr for the attributes that change upon writing. */
5018 	NFSZERO_ATTRBIT(&attrbits);
5019 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SIZE);
5020 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_CHANGE);
5021 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEACCESS);
5022 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEMODIFY);
5023 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SPACEUSED);
5024 	NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
5025 	*tl = txdr_unsigned(NFSV4OP_GETATTR);
5026 	(void) nfsrv_putattrbit(nd, &attrbits);
5027 	error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p,
5028 	    cred, NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
5029 	if (error != 0) {
5030 		free(nd, M_TEMP);
5031 		return (error);
5032 	}
5033 	NFSD_DEBUG(4, "nfsrv_writedsdorpc: aft writerpc=%d\n", nd->nd_repstat);
5034 	/* Get rid of weak cache consistency data for now. */
5035 	if ((nd->nd_flag & (ND_NOMOREDATA | ND_NFSV4 | ND_V4WCCATTR)) ==
5036 	    (ND_NFSV4 | ND_V4WCCATTR)) {
5037 		error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0, NULL, NULL,
5038 		    NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
5039 		NFSD_DEBUG(4, "nfsrv_writedsdorpc: wcc attr=%d\n", error);
5040 		if (error != 0)
5041 			goto nfsmout;
5042 		/*
5043 		 * Get rid of Op# and status for next op.
5044 		 */
5045 		NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
5046 		if (*++tl != 0)
5047 			nd->nd_flag |= ND_NOMOREDATA;
5048 	}
5049 	if (nd->nd_repstat == 0) {
5050 		NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED + NFSX_VERF);
5051 		retlen = fxdr_unsigned(int, *tl++);
5052 		commit = fxdr_unsigned(int, *tl);
5053 		if (commit != NFSWRITE_FILESYNC)
5054 			error = NFSERR_IO;
5055 		NFSD_DEBUG(4, "nfsrv_writedsdorpc:retlen=%d commit=%d err=%d\n",
5056 		    retlen, commit, error);
5057 	} else
5058 		error = nd->nd_repstat;
5059 	/* We have no use for the Write Verifier since we use FileSync. */
5060 
5061 	/*
5062 	 * Get the Change, Size, Access Time and Modify Time attributes and set
5063 	 * on the Metadata file, so its attributes will be what the file's
5064 	 * would be if it had been written.
5065 	 */
5066 	if (error == 0) {
5067 		NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
5068 		error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0, NULL, NULL,
5069 		    NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
5070 	}
5071 	NFSD_DEBUG(4, "nfsrv_writedsdorpc: aft loadattr=%d\n", error);
5072 nfsmout:
5073 	m_freem(nd->nd_mrep);
5074 	free(nd, M_TEMP);
5075 	NFSD_DEBUG(4, "nfsrv_writedsdorpc error=%d\n", error);
5076 	return (error);
5077 }
5078 
5079 /*
5080  * Start up the thread that will execute nfsrv_writedsdorpc().
5081  */
5082 static void
start_writedsdorpc(void * arg,int pending)5083 start_writedsdorpc(void *arg, int pending)
5084 {
5085 	struct nfsrvwritedsdorpc *drpc;
5086 
5087 	drpc = (struct nfsrvwritedsdorpc *)arg;
5088 	drpc->err = nfsrv_writedsdorpc(drpc->nmp, &drpc->fh, drpc->off,
5089 	    drpc->len, NULL, drpc->m, drpc->cred, drpc->p);
5090 	drpc->done = 1;
5091 	NFSD_DEBUG(4, "start_writedsdorpc: err=%d\n", drpc->err);
5092 }
5093 
5094 static int
nfsrv_writedsrpc(fhandle_t * fhp,off_t off,int len,struct ucred * cred,NFSPROC_T * p,struct vnode * vp,struct nfsmount ** nmpp,int mirrorcnt,struct mbuf ** mpp,char * cp,int * failposp)5095 nfsrv_writedsrpc(fhandle_t *fhp, off_t off, int len, struct ucred *cred,
5096     NFSPROC_T *p, struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt,
5097     struct mbuf **mpp, char *cp, int *failposp)
5098 {
5099 	struct nfsrvwritedsdorpc *drpc, *tdrpc;
5100 	struct nfsvattr na;
5101 	struct mbuf *m;
5102 	int error, i, offs, ret, timo;
5103 
5104 	NFSD_DEBUG(4, "in nfsrv_writedsrpc\n");
5105 	KASSERT(*mpp != NULL, ("nfsrv_writedsrpc: NULL mbuf chain"));
5106 	drpc = NULL;
5107 	if (mirrorcnt > 1)
5108 		tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
5109 		    M_WAITOK);
5110 
5111 	/* Calculate offset in mbuf chain that data starts. */
5112 	offs = cp - mtod(*mpp, char *);
5113 	NFSD_DEBUG(4, "nfsrv_writedsrpc: mcopy offs=%d len=%d\n", offs, len);
5114 
5115 	/*
5116 	 * Do the write RPC for every DS, using a separate kernel process
5117 	 * for every DS except the last one.
5118 	 */
5119 	error = 0;
5120 	for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
5121 		tdrpc->done = 0;
5122 		NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
5123 		tdrpc->off = off;
5124 		tdrpc->len = len;
5125 		tdrpc->nmp = *nmpp;
5126 		tdrpc->cred = cred;
5127 		tdrpc->p = p;
5128 		tdrpc->inprog = 0;
5129 		tdrpc->err = 0;
5130 		tdrpc->m = m_copym(*mpp, offs, NFSM_RNDUP(len), M_WAITOK);
5131 		ret = EIO;
5132 		if (nfs_pnfsiothreads != 0) {
5133 			ret = nfs_pnfsio(start_writedsdorpc, tdrpc);
5134 			NFSD_DEBUG(4, "nfsrv_writedsrpc: nfs_pnfsio=%d\n",
5135 			    ret);
5136 		}
5137 		if (ret != 0) {
5138 			ret = nfsrv_writedsdorpc(*nmpp, fhp, off, len, NULL,
5139 			    tdrpc->m, cred, p);
5140 			if (nfsds_failerr(ret) && *failposp == -1)
5141 				*failposp = i;
5142 			else if (error == 0 && ret != 0)
5143 				error = ret;
5144 		}
5145 		nmpp++;
5146 		fhp++;
5147 	}
5148 	m = m_copym(*mpp, offs, NFSM_RNDUP(len), M_WAITOK);
5149 	ret = nfsrv_writedsdorpc(*nmpp, fhp, off, len, &na, m, cred, p);
5150 	if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
5151 		*failposp = mirrorcnt - 1;
5152 	else if (error == 0 && ret != 0)
5153 		error = ret;
5154 	if (error == 0)
5155 		error = nfsrv_setextattr(vp, &na, p);
5156 	NFSD_DEBUG(4, "nfsrv_writedsrpc: aft setextat=%d\n", error);
5157 	tdrpc = drpc;
5158 	timo = hz / 50;		/* Wait for 20msec. */
5159 	if (timo < 1)
5160 		timo = 1;
5161 	for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
5162 		/* Wait for RPCs on separate threads to complete. */
5163 		while (tdrpc->inprog != 0 && tdrpc->done == 0)
5164 			tsleep(&tdrpc->tsk, PVFS, "srvwrds", timo);
5165 		if (nfsds_failerr(tdrpc->err) && *failposp == -1)
5166 			*failposp = i;
5167 		else if (error == 0 && tdrpc->err != 0)
5168 			error = tdrpc->err;
5169 	}
5170 	free(drpc, M_TEMP);
5171 	return (error);
5172 }
5173 
5174 static int
nfsrv_setattrdsdorpc(fhandle_t * fhp,struct ucred * cred,NFSPROC_T * p,struct vnode * vp,struct nfsmount * nmp,struct nfsvattr * nap,struct nfsvattr * dsnap)5175 nfsrv_setattrdsdorpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
5176     struct vnode *vp, struct nfsmount *nmp, struct nfsvattr *nap,
5177     struct nfsvattr *dsnap)
5178 {
5179 	uint32_t *tl;
5180 	struct nfsrv_descript *nd;
5181 	nfsv4stateid_t st;
5182 	nfsattrbit_t attrbits;
5183 	int error;
5184 
5185 	NFSD_DEBUG(4, "in nfsrv_setattrdsdorpc\n");
5186 	nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
5187 	/*
5188 	 * Use a stateid where other is an alternating 01010 pattern and
5189 	 * seqid is 0xffffffff.  This value is not defined as special by
5190 	 * the RFC and is used by the FreeBSD NFS server to indicate an
5191 	 * MDS->DS proxy operation.
5192 	 */
5193 	st.other[0] = 0x55555555;
5194 	st.other[1] = 0x55555555;
5195 	st.other[2] = 0x55555555;
5196 	st.seqid = 0xffffffff;
5197 	nfscl_reqstart(nd, NFSPROC_SETATTR, nmp, (u_int8_t *)fhp, sizeof(*fhp),
5198 	    NULL, NULL, 0, 0);
5199 	nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
5200 	nfscl_fillsattr(nd, &nap->na_vattr, vp, NFSSATTR_FULL, 0);
5201 
5202 	/* Do a Getattr for the attributes that change due to writing. */
5203 	NFSZERO_ATTRBIT(&attrbits);
5204 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SIZE);
5205 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_CHANGE);
5206 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEACCESS);
5207 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEMODIFY);
5208 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SPACEUSED);
5209 	NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
5210 	*tl = txdr_unsigned(NFSV4OP_GETATTR);
5211 	(void) nfsrv_putattrbit(nd, &attrbits);
5212 	error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
5213 	    NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
5214 	if (error != 0) {
5215 		free(nd, M_TEMP);
5216 		return (error);
5217 	}
5218 	NFSD_DEBUG(4, "nfsrv_setattrdsdorpc: aft setattrrpc=%d\n",
5219 	    nd->nd_repstat);
5220 	/* Get rid of weak cache consistency data for now. */
5221 	if ((nd->nd_flag & (ND_NOMOREDATA | ND_NFSV4 | ND_V4WCCATTR)) ==
5222 	    (ND_NFSV4 | ND_V4WCCATTR)) {
5223 		error = nfsv4_loadattr(nd, NULL, dsnap, NULL, NULL, 0, NULL,
5224 		    NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
5225 		NFSD_DEBUG(4, "nfsrv_setattrdsdorpc: wcc attr=%d\n", error);
5226 		if (error != 0)
5227 			goto nfsmout;
5228 		/*
5229 		 * Get rid of Op# and status for next op.
5230 		 */
5231 		NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
5232 		if (*++tl != 0)
5233 			nd->nd_flag |= ND_NOMOREDATA;
5234 	}
5235 	error = nfsrv_getattrbits(nd, &attrbits, NULL, NULL);
5236 	if (error != 0)
5237 		goto nfsmout;
5238 	if (nd->nd_repstat != 0)
5239 		error = nd->nd_repstat;
5240 	/*
5241 	 * Get the Change, Size, Access Time and Modify Time attributes and set
5242 	 * on the Metadata file, so its attributes will be what the file's
5243 	 * would be if it had been written.
5244 	 */
5245 	if (error == 0) {
5246 		NFSM_DISSECT(tl, uint32_t *, 2 * NFSX_UNSIGNED);
5247 		error = nfsv4_loadattr(nd, NULL, dsnap, NULL, NULL, 0, NULL,
5248 		    NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL);
5249 	}
5250 	NFSD_DEBUG(4, "nfsrv_setattrdsdorpc: aft setattr loadattr=%d\n", error);
5251 nfsmout:
5252 	m_freem(nd->nd_mrep);
5253 	free(nd, M_TEMP);
5254 	NFSD_DEBUG(4, "nfsrv_setattrdsdorpc error=%d\n", error);
5255 	return (error);
5256 }
5257 
5258 struct nfsrvsetattrdsdorpc {
5259 	int			done;
5260 	int			inprog;
5261 	struct task		tsk;
5262 	fhandle_t		fh;
5263 	struct nfsmount		*nmp;
5264 	struct vnode		*vp;
5265 	struct ucred		*cred;
5266 	NFSPROC_T		*p;
5267 	struct nfsvattr		na;
5268 	struct nfsvattr		dsna;
5269 	int			err;
5270 };
5271 
5272 /*
5273  * Start up the thread that will execute nfsrv_setattrdsdorpc().
5274  */
5275 static void
start_setattrdsdorpc(void * arg,int pending)5276 start_setattrdsdorpc(void *arg, int pending)
5277 {
5278 	struct nfsrvsetattrdsdorpc *drpc;
5279 
5280 	drpc = (struct nfsrvsetattrdsdorpc *)arg;
5281 	drpc->err = nfsrv_setattrdsdorpc(&drpc->fh, drpc->cred, drpc->p,
5282 	    drpc->vp, drpc->nmp, &drpc->na, &drpc->dsna);
5283 	drpc->done = 1;
5284 }
5285 
5286 static int
nfsrv_setattrdsrpc(fhandle_t * fhp,struct ucred * cred,NFSPROC_T * p,struct vnode * vp,struct nfsmount ** nmpp,int mirrorcnt,struct nfsvattr * nap,int * failposp)5287 nfsrv_setattrdsrpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
5288     struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt,
5289     struct nfsvattr *nap, int *failposp)
5290 {
5291 	struct nfsrvsetattrdsdorpc *drpc, *tdrpc;
5292 	struct nfsvattr na;
5293 	int error, i, ret, timo;
5294 
5295 	NFSD_DEBUG(4, "in nfsrv_setattrdsrpc\n");
5296 	drpc = NULL;
5297 	if (mirrorcnt > 1)
5298 		tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
5299 		    M_WAITOK);
5300 
5301 	/*
5302 	 * Do the setattr RPC for every DS, using a separate kernel process
5303 	 * for every DS except the last one.
5304 	 */
5305 	error = 0;
5306 	for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
5307 		tdrpc->done = 0;
5308 		tdrpc->inprog = 0;
5309 		NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
5310 		tdrpc->nmp = *nmpp;
5311 		tdrpc->vp = vp;
5312 		tdrpc->cred = cred;
5313 		tdrpc->p = p;
5314 		tdrpc->na = *nap;
5315 		tdrpc->err = 0;
5316 		ret = EIO;
5317 		if (nfs_pnfsiothreads != 0) {
5318 			ret = nfs_pnfsio(start_setattrdsdorpc, tdrpc);
5319 			NFSD_DEBUG(4, "nfsrv_setattrdsrpc: nfs_pnfsio=%d\n",
5320 			    ret);
5321 		}
5322 		if (ret != 0) {
5323 			ret = nfsrv_setattrdsdorpc(fhp, cred, p, vp, *nmpp, nap,
5324 			    &na);
5325 			if (nfsds_failerr(ret) && *failposp == -1)
5326 				*failposp = i;
5327 			else if (error == 0 && ret != 0)
5328 				error = ret;
5329 		}
5330 		nmpp++;
5331 		fhp++;
5332 	}
5333 	ret = nfsrv_setattrdsdorpc(fhp, cred, p, vp, *nmpp, nap, &na);
5334 	if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
5335 		*failposp = mirrorcnt - 1;
5336 	else if (error == 0 && ret != 0)
5337 		error = ret;
5338 	if (error == 0)
5339 		error = nfsrv_setextattr(vp, &na, p);
5340 	NFSD_DEBUG(4, "nfsrv_setattrdsrpc: aft setextat=%d\n", error);
5341 	tdrpc = drpc;
5342 	timo = hz / 50;		/* Wait for 20msec. */
5343 	if (timo < 1)
5344 		timo = 1;
5345 	for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
5346 		/* Wait for RPCs on separate threads to complete. */
5347 		while (tdrpc->inprog != 0 && tdrpc->done == 0)
5348 			tsleep(&tdrpc->tsk, PVFS, "srvsads", timo);
5349 		if (nfsds_failerr(tdrpc->err) && *failposp == -1)
5350 			*failposp = i;
5351 		else if (error == 0 && tdrpc->err != 0)
5352 			error = tdrpc->err;
5353 	}
5354 	free(drpc, M_TEMP);
5355 	return (error);
5356 }
5357 
5358 /*
5359  * Do a Setattr of an NFSv4 ACL on the DS file.
5360  */
5361 static int
nfsrv_setacldsdorpc(fhandle_t * fhp,struct ucred * cred,NFSPROC_T * p,struct vnode * vp,struct nfsmount * nmp,struct acl * aclp)5362 nfsrv_setacldsdorpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
5363     struct vnode *vp, struct nfsmount *nmp, struct acl *aclp)
5364 {
5365 	struct nfsrv_descript *nd;
5366 	nfsv4stateid_t st;
5367 	nfsattrbit_t attrbits;
5368 	int error;
5369 
5370 	NFSD_DEBUG(4, "in nfsrv_setacldsdorpc\n");
5371 	nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
5372 	/*
5373 	 * Use a stateid where other is an alternating 01010 pattern and
5374 	 * seqid is 0xffffffff.  This value is not defined as special by
5375 	 * the RFC and is used by the FreeBSD NFS server to indicate an
5376 	 * MDS->DS proxy operation.
5377 	 */
5378 	st.other[0] = 0x55555555;
5379 	st.other[1] = 0x55555555;
5380 	st.other[2] = 0x55555555;
5381 	st.seqid = 0xffffffff;
5382 	nfscl_reqstart(nd, NFSPROC_SETACL, nmp, (u_int8_t *)fhp, sizeof(*fhp),
5383 	    NULL, NULL, 0, 0);
5384 	nfsm_stateidtom(nd, &st, NFSSTATEID_PUTSTATEID);
5385 	NFSZERO_ATTRBIT(&attrbits);
5386 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_ACL);
5387 	/*
5388 	 * The "vp" argument to nfsv4_fillattr() is only used for vnode_type(),
5389 	 * so passing in the metadata "vp" will be ok, since it is of
5390 	 * the same type (VREG).
5391 	 */
5392 	nfsv4_fillattr(nd, NULL, vp, aclp, NULL, NULL, 0, &attrbits, NULL,
5393 	    NULL, 0, 0, 0, 0, 0, NULL);
5394 	error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
5395 	    NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
5396 	if (error != 0) {
5397 		free(nd, M_TEMP);
5398 		return (error);
5399 	}
5400 	NFSD_DEBUG(4, "nfsrv_setacldsdorpc: aft setaclrpc=%d\n",
5401 	    nd->nd_repstat);
5402 	error = nd->nd_repstat;
5403 	m_freem(nd->nd_mrep);
5404 	free(nd, M_TEMP);
5405 	return (error);
5406 }
5407 
5408 struct nfsrvsetacldsdorpc {
5409 	int			done;
5410 	int			inprog;
5411 	struct task		tsk;
5412 	fhandle_t		fh;
5413 	struct nfsmount		*nmp;
5414 	struct vnode		*vp;
5415 	struct ucred		*cred;
5416 	NFSPROC_T		*p;
5417 	struct acl		*aclp;
5418 	int			err;
5419 };
5420 
5421 /*
5422  * Start up the thread that will execute nfsrv_setacldsdorpc().
5423  */
5424 static void
start_setacldsdorpc(void * arg,int pending)5425 start_setacldsdorpc(void *arg, int pending)
5426 {
5427 	struct nfsrvsetacldsdorpc *drpc;
5428 
5429 	drpc = (struct nfsrvsetacldsdorpc *)arg;
5430 	drpc->err = nfsrv_setacldsdorpc(&drpc->fh, drpc->cred, drpc->p,
5431 	    drpc->vp, drpc->nmp, drpc->aclp);
5432 	drpc->done = 1;
5433 }
5434 
5435 static int
nfsrv_setacldsrpc(fhandle_t * fhp,struct ucred * cred,NFSPROC_T * p,struct vnode * vp,struct nfsmount ** nmpp,int mirrorcnt,struct acl * aclp,int * failposp)5436 nfsrv_setacldsrpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
5437     struct vnode *vp, struct nfsmount **nmpp, int mirrorcnt, struct acl *aclp,
5438     int *failposp)
5439 {
5440 	struct nfsrvsetacldsdorpc *drpc, *tdrpc;
5441 	int error, i, ret, timo;
5442 
5443 	NFSD_DEBUG(4, "in nfsrv_setacldsrpc\n");
5444 	drpc = NULL;
5445 	if (mirrorcnt > 1)
5446 		tdrpc = drpc = malloc(sizeof(*drpc) * (mirrorcnt - 1), M_TEMP,
5447 		    M_WAITOK);
5448 
5449 	/*
5450 	 * Do the setattr RPC for every DS, using a separate kernel process
5451 	 * for every DS except the last one.
5452 	 */
5453 	error = 0;
5454 	for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
5455 		tdrpc->done = 0;
5456 		tdrpc->inprog = 0;
5457 		NFSBCOPY(fhp, &tdrpc->fh, sizeof(*fhp));
5458 		tdrpc->nmp = *nmpp;
5459 		tdrpc->vp = vp;
5460 		tdrpc->cred = cred;
5461 		tdrpc->p = p;
5462 		tdrpc->aclp = aclp;
5463 		tdrpc->err = 0;
5464 		ret = EIO;
5465 		if (nfs_pnfsiothreads != 0) {
5466 			ret = nfs_pnfsio(start_setacldsdorpc, tdrpc);
5467 			NFSD_DEBUG(4, "nfsrv_setacldsrpc: nfs_pnfsio=%d\n",
5468 			    ret);
5469 		}
5470 		if (ret != 0) {
5471 			ret = nfsrv_setacldsdorpc(fhp, cred, p, vp, *nmpp,
5472 			    aclp);
5473 			if (nfsds_failerr(ret) && *failposp == -1)
5474 				*failposp = i;
5475 			else if (error == 0 && ret != 0)
5476 				error = ret;
5477 		}
5478 		nmpp++;
5479 		fhp++;
5480 	}
5481 	ret = nfsrv_setacldsdorpc(fhp, cred, p, vp, *nmpp, aclp);
5482 	if (nfsds_failerr(ret) && *failposp == -1 && mirrorcnt > 1)
5483 		*failposp = mirrorcnt - 1;
5484 	else if (error == 0 && ret != 0)
5485 		error = ret;
5486 	NFSD_DEBUG(4, "nfsrv_setacldsrpc: aft setextat=%d\n", error);
5487 	tdrpc = drpc;
5488 	timo = hz / 50;		/* Wait for 20msec. */
5489 	if (timo < 1)
5490 		timo = 1;
5491 	for (i = 0; i < mirrorcnt - 1; i++, tdrpc++) {
5492 		/* Wait for RPCs on separate threads to complete. */
5493 		while (tdrpc->inprog != 0 && tdrpc->done == 0)
5494 			tsleep(&tdrpc->tsk, PVFS, "srvacds", timo);
5495 		if (nfsds_failerr(tdrpc->err) && *failposp == -1)
5496 			*failposp = i;
5497 		else if (error == 0 && tdrpc->err != 0)
5498 			error = tdrpc->err;
5499 	}
5500 	free(drpc, M_TEMP);
5501 	return (error);
5502 }
5503 
5504 /*
5505  * Getattr call to the DS for the attributes that change due to writing.
5506  */
5507 static int
nfsrv_getattrdsrpc(fhandle_t * fhp,struct ucred * cred,NFSPROC_T * p,struct vnode * vp,struct nfsmount * nmp,struct nfsvattr * nap)5508 nfsrv_getattrdsrpc(fhandle_t *fhp, struct ucred *cred, NFSPROC_T *p,
5509     struct vnode *vp, struct nfsmount *nmp, struct nfsvattr *nap)
5510 {
5511 	struct nfsrv_descript *nd;
5512 	int error;
5513 	nfsattrbit_t attrbits;
5514 
5515 	NFSD_DEBUG(4, "in nfsrv_getattrdsrpc\n");
5516 	nd = malloc(sizeof(*nd), M_TEMP, M_WAITOK | M_ZERO);
5517 	nfscl_reqstart(nd, NFSPROC_GETATTR, nmp, (u_int8_t *)fhp,
5518 	    sizeof(fhandle_t), NULL, NULL, 0, 0);
5519 	NFSZERO_ATTRBIT(&attrbits);
5520 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SIZE);
5521 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_CHANGE);
5522 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEACCESS);
5523 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_TIMEMODIFY);
5524 	NFSSETBIT_ATTRBIT(&attrbits, NFSATTRBIT_SPACEUSED);
5525 	(void) nfsrv_putattrbit(nd, &attrbits);
5526 	error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,
5527 	    NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);
5528 	if (error != 0) {
5529 		free(nd, M_TEMP);
5530 		return (error);
5531 	}
5532 	NFSD_DEBUG(4, "nfsrv_getattrdsrpc: aft getattrrpc=%d\n",
5533 	    nd->nd_repstat);
5534 	if (nd->nd_repstat == 0) {
5535 		error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0,
5536 		    NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL,
5537 		    NULL, NULL);
5538 		/*
5539 		 * We can only save the updated values in the extended
5540 		 * attribute if the vp is exclusively locked.
5541 		 * This should happen when any of the following operations
5542 		 * occur on the vnode:
5543 		 *    Close, Delegreturn, LayoutCommit, LayoutReturn
5544 		 * As such, the updated extended attribute should get saved
5545 		 * before nfsrv_checkdsattr() returns 0 and allows the cached
5546 		 * attributes to be returned without calling this function.
5547 		 */
5548 		if (error == 0 && VOP_ISLOCKED(vp) == LK_EXCLUSIVE) {
5549 			error = nfsrv_setextattr(vp, nap, p);
5550 			NFSD_DEBUG(4, "nfsrv_getattrdsrpc: aft setextat=%d\n",
5551 			    error);
5552 		}
5553 	} else
5554 		error = nd->nd_repstat;
5555 	m_freem(nd->nd_mrep);
5556 	free(nd, M_TEMP);
5557 	NFSD_DEBUG(4, "nfsrv_getattrdsrpc error=%d\n", error);
5558 	return (error);
5559 }
5560 
5561 /*
5562  * Get the device id and file handle for a DS file.
5563  */
5564 int
nfsrv_dsgetdevandfh(struct vnode * vp,NFSPROC_T * p,int * mirrorcntp,fhandle_t * fhp,char * devid)5565 nfsrv_dsgetdevandfh(struct vnode *vp, NFSPROC_T *p, int *mirrorcntp,
5566     fhandle_t *fhp, char *devid)
5567 {
5568 	int buflen, error;
5569 	char *buf;
5570 
5571 	buflen = 1024;
5572 	buf = malloc(buflen, M_TEMP, M_WAITOK);
5573 	error = nfsrv_dsgetsockmnt(vp, 0, buf, &buflen, mirrorcntp, p, NULL,
5574 	    fhp, devid, NULL, NULL, NULL, NULL, NULL, NULL);
5575 	free(buf, M_TEMP);
5576 	return (error);
5577 }
5578 
5579 /*
5580  * Do a Lookup against the DS for the filename.
5581  */
5582 static int
nfsrv_pnfslookupds(struct vnode * vp,struct vnode * dvp,struct pnfsdsfile * pf,struct vnode ** nvpp,NFSPROC_T * p)5583 nfsrv_pnfslookupds(struct vnode *vp, struct vnode *dvp, struct pnfsdsfile *pf,
5584     struct vnode **nvpp, NFSPROC_T *p)
5585 {
5586 	struct nameidata named;
5587 	struct ucred *tcred;
5588 	char *bufp;
5589 	u_long *hashp;
5590 	struct vnode *nvp;
5591 	int error;
5592 
5593 	tcred = newnfs_getcred();
5594 	named.ni_cnd.cn_nameiop = LOOKUP;
5595 	named.ni_cnd.cn_lkflags = LK_SHARED | LK_RETRY;
5596 	named.ni_cnd.cn_cred = tcred;
5597 	named.ni_cnd.cn_thread = p;
5598 	named.ni_cnd.cn_flags = ISLASTCN | LOCKPARENT | LOCKLEAF | SAVENAME;
5599 	nfsvno_setpathbuf(&named, &bufp, &hashp);
5600 	named.ni_cnd.cn_nameptr = bufp;
5601 	named.ni_cnd.cn_namelen = strlen(pf->dsf_filename);
5602 	strlcpy(bufp, pf->dsf_filename, NAME_MAX);
5603 	NFSD_DEBUG(4, "nfsrv_pnfslookupds: filename=%s\n", bufp);
5604 	error = VOP_LOOKUP(dvp, &nvp, &named.ni_cnd);
5605 	NFSD_DEBUG(4, "nfsrv_pnfslookupds: aft LOOKUP=%d\n", error);
5606 	NFSFREECRED(tcred);
5607 	nfsvno_relpathbuf(&named);
5608 	if (error == 0)
5609 		*nvpp = nvp;
5610 	NFSD_DEBUG(4, "eo nfsrv_pnfslookupds=%d\n", error);
5611 	return (error);
5612 }
5613 
5614 /*
5615  * Set the file handle to the correct one.
5616  */
5617 static void
nfsrv_pnfssetfh(struct vnode * vp,struct pnfsdsfile * pf,char * devid,char * fnamep,struct vnode * nvp,NFSPROC_T * p)5618 nfsrv_pnfssetfh(struct vnode *vp, struct pnfsdsfile *pf, char *devid,
5619     char *fnamep, struct vnode *nvp, NFSPROC_T *p)
5620 {
5621 	struct nfsnode *np;
5622 	int ret;
5623 
5624 	np = VTONFS(nvp);
5625 	NFSBCOPY(np->n_fhp->nfh_fh, &pf->dsf_fh, NFSX_MYFH);
5626 	/*
5627 	 * We can only do a vn_set_extattr() if the vnode is exclusively
5628 	 * locked and vn_start_write() has been done.  If devid != NULL or
5629 	 * fnamep != NULL or the vnode is shared locked, vn_start_write()
5630 	 * may not have been done.
5631 	 * If not done now, it will be done on a future call.
5632 	 */
5633 	if (devid == NULL && fnamep == NULL && NFSVOPISLOCKED(vp) ==
5634 	    LK_EXCLUSIVE)
5635 		ret = vn_extattr_set(vp, IO_NODELOCKED,
5636 		    EXTATTR_NAMESPACE_SYSTEM, "pnfsd.dsfile", sizeof(*pf),
5637 		    (char *)pf, p);
5638 	NFSD_DEBUG(4, "eo nfsrv_pnfssetfh=%d\n", ret);
5639 }
5640 
5641 /*
5642  * Cause RPCs waiting on "nmp" to fail.  This is called for a DS mount point
5643  * when the DS has failed.
5644  */
5645 void
nfsrv_killrpcs(struct nfsmount * nmp)5646 nfsrv_killrpcs(struct nfsmount *nmp)
5647 {
5648 
5649 	/*
5650 	 * Call newnfs_nmcancelreqs() to cause
5651 	 * any RPCs in progress on the mount point to
5652 	 * fail.
5653 	 * This will cause any process waiting for an
5654 	 * RPC to complete while holding a vnode lock
5655 	 * on the mounted-on vnode (such as "df" or
5656 	 * a non-forced "umount") to fail.
5657 	 * This will unlock the mounted-on vnode so
5658 	 * a forced dismount can succeed.
5659 	 * The NFSMNTP_CANCELRPCS flag should be set when this function is
5660 	 * called.
5661 	 */
5662 	newnfs_nmcancelreqs(nmp);
5663 }
5664 
5665 /*
5666  * Sum up the statfs info for each of the DSs, so that the client will
5667  * receive the total for all DSs.
5668  */
5669 static int
nfsrv_pnfsstatfs(struct statfs * sf,struct mount * mp)5670 nfsrv_pnfsstatfs(struct statfs *sf, struct mount *mp)
5671 {
5672 	struct statfs *tsf;
5673 	struct nfsdevice *ds;
5674 	struct vnode **dvpp, **tdvpp, *dvp;
5675 	uint64_t tot;
5676 	int cnt, error = 0, i;
5677 
5678 	if (nfsrv_devidcnt <= 0)
5679 		return (ENXIO);
5680 	dvpp = mallocarray(nfsrv_devidcnt, sizeof(*dvpp), M_TEMP, M_WAITOK);
5681 	tsf = malloc(sizeof(*tsf), M_TEMP, M_WAITOK);
5682 
5683 	/* Get an array of the dvps for the DSs. */
5684 	tdvpp = dvpp;
5685 	i = 0;
5686 	NFSDDSLOCK();
5687 	/* First, search for matches for same file system. */
5688 	TAILQ_FOREACH(ds, &nfsrv_devidhead, nfsdev_list) {
5689 		if (ds->nfsdev_nmp != NULL && ds->nfsdev_mdsisset != 0 &&
5690 		    fsidcmp(&ds->nfsdev_mdsfsid, &mp->mnt_stat.f_fsid) == 0) {
5691 			if (++i > nfsrv_devidcnt)
5692 				break;
5693 			*tdvpp++ = ds->nfsdev_dvp;
5694 		}
5695 	}
5696 	/*
5697 	 * If no matches for same file system, total all servers not assigned
5698 	 * to a file system.
5699 	 */
5700 	if (i == 0) {
5701 		TAILQ_FOREACH(ds, &nfsrv_devidhead, nfsdev_list) {
5702 			if (ds->nfsdev_nmp != NULL &&
5703 			    ds->nfsdev_mdsisset == 0) {
5704 				if (++i > nfsrv_devidcnt)
5705 					break;
5706 				*tdvpp++ = ds->nfsdev_dvp;
5707 			}
5708 		}
5709 	}
5710 	NFSDDSUNLOCK();
5711 	cnt = i;
5712 
5713 	/* Do a VFS_STATFS() for each of the DSs and sum them up. */
5714 	tdvpp = dvpp;
5715 	for (i = 0; i < cnt && error == 0; i++) {
5716 		dvp = *tdvpp++;
5717 		error = VFS_STATFS(dvp->v_mount, tsf);
5718 		if (error == 0) {
5719 			if (sf->f_bsize == 0) {
5720 				if (tsf->f_bsize > 0)
5721 					sf->f_bsize = tsf->f_bsize;
5722 				else
5723 					sf->f_bsize = 8192;
5724 			}
5725 			if (tsf->f_blocks > 0) {
5726 				if (sf->f_bsize != tsf->f_bsize) {
5727 					tot = tsf->f_blocks * tsf->f_bsize;
5728 					sf->f_blocks += (tot / sf->f_bsize);
5729 				} else
5730 					sf->f_blocks += tsf->f_blocks;
5731 			}
5732 			if (tsf->f_bfree > 0) {
5733 				if (sf->f_bsize != tsf->f_bsize) {
5734 					tot = tsf->f_bfree * tsf->f_bsize;
5735 					sf->f_bfree += (tot / sf->f_bsize);
5736 				} else
5737 					sf->f_bfree += tsf->f_bfree;
5738 			}
5739 			if (tsf->f_bavail > 0) {
5740 				if (sf->f_bsize != tsf->f_bsize) {
5741 					tot = tsf->f_bavail * tsf->f_bsize;
5742 					sf->f_bavail += (tot / sf->f_bsize);
5743 				} else
5744 					sf->f_bavail += tsf->f_bavail;
5745 			}
5746 		}
5747 	}
5748 	free(tsf, M_TEMP);
5749 	free(dvpp, M_TEMP);
5750 	return (error);
5751 }
5752 
5753 /*
5754  * Set an NFSv4 acl.
5755  */
5756 int
nfsrv_setacl(struct vnode * vp,NFSACL_T * aclp,struct ucred * cred,NFSPROC_T * p)5757 nfsrv_setacl(struct vnode *vp, NFSACL_T *aclp, struct ucred *cred, NFSPROC_T *p)
5758 {
5759 	int error;
5760 
5761 	if (nfsrv_useacl == 0 || nfs_supportsnfsv4acls(vp) == 0) {
5762 		error = NFSERR_ATTRNOTSUPP;
5763 		goto out;
5764 	}
5765 	/*
5766 	 * With NFSv4 ACLs, chmod(2) may need to add additional entries.
5767 	 * Make sure it has enough room for that - splitting every entry
5768 	 * into two and appending "canonical six" entries at the end.
5769 	 * Cribbed out of kern/vfs_acl.c - Rick M.
5770 	 */
5771 	if (aclp->acl_cnt > (ACL_MAX_ENTRIES - 6) / 2) {
5772 		error = NFSERR_ATTRNOTSUPP;
5773 		goto out;
5774 	}
5775 	error = VOP_SETACL(vp, ACL_TYPE_NFS4, aclp, cred, p);
5776 	if (error == 0) {
5777 		error = nfsrv_dssetacl(vp, aclp, cred, p);
5778 		if (error == ENOENT)
5779 			error = 0;
5780 	}
5781 
5782 out:
5783 	NFSEXITCODE(error);
5784 	return (error);
5785 }
5786 
5787 extern int (*nfsd_call_nfsd)(struct thread *, struct nfssvc_args *);
5788 
5789 /*
5790  * Called once to initialize data structures...
5791  */
5792 static int
nfsd_modevent(module_t mod,int type,void * data)5793 nfsd_modevent(module_t mod, int type, void *data)
5794 {
5795 	int error = 0, i;
5796 	static int loaded = 0;
5797 
5798 	switch (type) {
5799 	case MOD_LOAD:
5800 		if (loaded)
5801 			goto out;
5802 		newnfs_portinit();
5803 		for (i = 0; i < NFSRVCACHE_HASHSIZE; i++) {
5804 			mtx_init(&nfsrchash_table[i].mtx, "nfsrtc", NULL,
5805 			    MTX_DEF);
5806 			mtx_init(&nfsrcahash_table[i].mtx, "nfsrtca", NULL,
5807 			    MTX_DEF);
5808 		}
5809 		mtx_init(&nfsrc_udpmtx, "nfsuc", NULL, MTX_DEF);
5810 		mtx_init(&nfs_v4root_mutex, "nfs4rt", NULL, MTX_DEF);
5811 		mtx_init(&nfsv4root_mnt.mnt_mtx, "nfs4mnt", NULL, MTX_DEF);
5812 		mtx_init(&nfsrv_dontlistlock_mtx, "nfs4dnl", NULL, MTX_DEF);
5813 		mtx_init(&nfsrv_recalllock_mtx, "nfs4rec", NULL, MTX_DEF);
5814 		lockinit(&nfsv4root_mnt.mnt_explock, PVFS, "explock", 0, 0);
5815 		nfsrvd_initcache();
5816 		nfsd_init();
5817 		NFSD_LOCK();
5818 		nfsrvd_init(0);
5819 		NFSD_UNLOCK();
5820 		nfsd_mntinit();
5821 #ifdef VV_DISABLEDELEG
5822 		vn_deleg_ops.vndeleg_recall = nfsd_recalldelegation;
5823 		vn_deleg_ops.vndeleg_disable = nfsd_disabledelegation;
5824 #endif
5825 		nfsd_call_servertimer = nfsrv_servertimer;
5826 		nfsd_call_nfsd = nfssvc_nfsd;
5827 		loaded = 1;
5828 		break;
5829 
5830 	case MOD_UNLOAD:
5831 		if (newnfs_numnfsd != 0) {
5832 			error = EBUSY;
5833 			break;
5834 		}
5835 
5836 #ifdef VV_DISABLEDELEG
5837 		vn_deleg_ops.vndeleg_recall = NULL;
5838 		vn_deleg_ops.vndeleg_disable = NULL;
5839 #endif
5840 		nfsd_call_servertimer = NULL;
5841 		nfsd_call_nfsd = NULL;
5842 
5843 		/* Clean out all NFSv4 state. */
5844 		nfsrv_throwawayallstate(curthread);
5845 
5846 		/* Clean the NFS server reply cache */
5847 		nfsrvd_cleancache();
5848 
5849 		/* Free up the krpc server pool. */
5850 		if (nfsrvd_pool != NULL)
5851 			svcpool_destroy(nfsrvd_pool);
5852 
5853 		/* and get rid of the locks */
5854 		for (i = 0; i < NFSRVCACHE_HASHSIZE; i++) {
5855 			mtx_destroy(&nfsrchash_table[i].mtx);
5856 			mtx_destroy(&nfsrcahash_table[i].mtx);
5857 		}
5858 		mtx_destroy(&nfsrc_udpmtx);
5859 		mtx_destroy(&nfs_v4root_mutex);
5860 		mtx_destroy(&nfsv4root_mnt.mnt_mtx);
5861 		mtx_destroy(&nfsrv_dontlistlock_mtx);
5862 		mtx_destroy(&nfsrv_recalllock_mtx);
5863 		for (i = 0; i < nfsrv_sessionhashsize; i++)
5864 			mtx_destroy(&nfssessionhash[i].mtx);
5865 		if (nfslayouthash != NULL) {
5866 			for (i = 0; i < nfsrv_layouthashsize; i++)
5867 				mtx_destroy(&nfslayouthash[i].mtx);
5868 			free(nfslayouthash, M_NFSDSESSION);
5869 		}
5870 		lockdestroy(&nfsv4root_mnt.mnt_explock);
5871 		free(nfsclienthash, M_NFSDCLIENT);
5872 		free(nfslockhash, M_NFSDLOCKFILE);
5873 		free(nfssessionhash, M_NFSDSESSION);
5874 		loaded = 0;
5875 		break;
5876 	default:
5877 		error = EOPNOTSUPP;
5878 		break;
5879 	}
5880 
5881 out:
5882 	NFSEXITCODE(error);
5883 	return (error);
5884 }
5885 static moduledata_t nfsd_mod = {
5886 	"nfsd",
5887 	nfsd_modevent,
5888 	NULL,
5889 };
5890 DECLARE_MODULE(nfsd, nfsd_mod, SI_SUB_VFS, SI_ORDER_ANY);
5891 
5892 /* So that loader and kldload(2) can find us, wherever we are.. */
5893 MODULE_VERSION(nfsd, 1);
5894 MODULE_DEPEND(nfsd, nfscommon, 1, 1, 1);
5895 MODULE_DEPEND(nfsd, nfslock, 1, 1, 1);
5896 MODULE_DEPEND(nfsd, nfslockd, 1, 1, 1);
5897 MODULE_DEPEND(nfsd, krpc, 1, 1, 1);
5898 MODULE_DEPEND(nfsd, nfssvc, 1, 1, 1);
5899 
5900