1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Central processing for nfsd. 4 * 5 * Authors: Olaf Kirch (okir@monad.swb.de) 6 * 7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de> 8 */ 9 10 #include <linux/sched/signal.h> 11 #include <linux/freezer.h> 12 #include <linux/module.h> 13 #include <linux/fs_struct.h> 14 #include <linux/swap.h> 15 #include <linux/siphash.h> 16 17 #include <linux/sunrpc/stats.h> 18 #include <linux/sunrpc/svcsock.h> 19 #include <linux/sunrpc/svc_xprt.h> 20 #include <linux/lockd/bind.h> 21 #include <linux/nfsacl.h> 22 #include <linux/nfslocalio.h> 23 #include <linux/seq_file.h> 24 #include <linux/inetdevice.h> 25 #include <net/addrconf.h> 26 #include <net/ipv6.h> 27 #include <net/net_namespace.h> 28 #include "nfsd.h" 29 #include "cache.h" 30 #include "vfs.h" 31 #include "netns.h" 32 #include "filecache.h" 33 34 #include "trace.h" 35 36 #define NFSDDBG_FACILITY NFSDDBG_SVC 37 38 atomic_t nfsd_th_cnt = ATOMIC_INIT(0); 39 static int nfsd(void *vrqstp); 40 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 41 static int nfsd_acl_rpcbind_set(struct net *, 42 const struct svc_program *, 43 u32, int, 44 unsigned short, 45 unsigned short); 46 static __be32 nfsd_acl_init_request(struct svc_rqst *, 47 const struct svc_program *, 48 struct svc_process_info *); 49 #endif 50 static int nfsd_rpcbind_set(struct net *, 51 const struct svc_program *, 52 u32, int, 53 unsigned short, 54 unsigned short); 55 static __be32 nfsd_init_request(struct svc_rqst *, 56 const struct svc_program *, 57 struct svc_process_info *); 58 59 /* 60 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and some members 61 * of the svc_serv struct such as ->sv_temp_socks and ->sv_permsocks. 62 * 63 * Finally, the nfsd_mutex also protects some of the global variables that are 64 * accessed when nfsd starts and that are settable via the write_* routines in 65 * nfsctl.c. In particular: 66 * 67 * user_recovery_dirname 68 * user_lease_time 69 * nfsd_versions 70 */ 71 DEFINE_MUTEX(nfsd_mutex); 72 73 /* 74 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used. 75 * nfsd_drc_max_pages limits the total amount of memory available for 76 * version 4.1 DRC caches. 77 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage. 78 */ 79 DEFINE_SPINLOCK(nfsd_drc_lock); 80 unsigned long nfsd_drc_max_mem; 81 unsigned long nfsd_drc_mem_used; 82 83 #if IS_ENABLED(CONFIG_NFS_LOCALIO) 84 static const struct svc_version *localio_versions[] = { 85 [1] = &localio_version1, 86 }; 87 88 #define NFSD_LOCALIO_NRVERS ARRAY_SIZE(localio_versions) 89 90 #endif /* CONFIG_NFS_LOCALIO */ 91 92 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 93 static const struct svc_version *nfsd_acl_version[] = { 94 # if defined(CONFIG_NFSD_V2_ACL) 95 [2] = &nfsd_acl_version2, 96 # endif 97 # if defined(CONFIG_NFSD_V3_ACL) 98 [3] = &nfsd_acl_version3, 99 # endif 100 }; 101 102 #define NFSD_ACL_MINVERS 2 103 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version) 104 105 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ 106 107 static const struct svc_version *nfsd_version[NFSD_MAXVERS+1] = { 108 #if defined(CONFIG_NFSD_V2) 109 [2] = &nfsd_version2, 110 #endif 111 [3] = &nfsd_version3, 112 #if defined(CONFIG_NFSD_V4) 113 [4] = &nfsd_version4, 114 #endif 115 }; 116 117 struct svc_program nfsd_programs[] = { 118 { 119 .pg_prog = NFS_PROGRAM, /* program number */ 120 .pg_nvers = NFSD_MAXVERS+1, /* nr of entries in nfsd_version */ 121 .pg_vers = nfsd_version, /* version table */ 122 .pg_name = "nfsd", /* program name */ 123 .pg_class = "nfsd", /* authentication class */ 124 .pg_authenticate = svc_set_client, /* export authentication */ 125 .pg_init_request = nfsd_init_request, 126 .pg_rpcbind_set = nfsd_rpcbind_set, 127 }, 128 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 129 { 130 .pg_prog = NFS_ACL_PROGRAM, 131 .pg_nvers = NFSD_ACL_NRVERS, 132 .pg_vers = nfsd_acl_version, 133 .pg_name = "nfsacl", 134 .pg_class = "nfsd", 135 .pg_authenticate = svc_set_client, 136 .pg_init_request = nfsd_acl_init_request, 137 .pg_rpcbind_set = nfsd_acl_rpcbind_set, 138 }, 139 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ 140 #if IS_ENABLED(CONFIG_NFS_LOCALIO) 141 { 142 .pg_prog = NFS_LOCALIO_PROGRAM, 143 .pg_nvers = NFSD_LOCALIO_NRVERS, 144 .pg_vers = localio_versions, 145 .pg_name = "nfslocalio", 146 .pg_class = "nfsd", 147 .pg_authenticate = svc_set_client, 148 .pg_init_request = svc_generic_init_request, 149 .pg_rpcbind_set = svc_generic_rpcbind_set, 150 } 151 #endif /* CONFIG_NFS_LOCALIO */ 152 }; 153 nfsd_support_version(int vers)154 bool nfsd_support_version(int vers) 155 { 156 if (vers >= NFSD_MINVERS && vers <= NFSD_MAXVERS) 157 return nfsd_version[vers] != NULL; 158 return false; 159 } 160 nfsd_vers(struct nfsd_net * nn,int vers,enum vers_op change)161 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change) 162 { 163 if (vers < NFSD_MINVERS || vers > NFSD_MAXVERS) 164 return 0; 165 switch(change) { 166 case NFSD_SET: 167 nn->nfsd_versions[vers] = nfsd_support_version(vers); 168 break; 169 case NFSD_CLEAR: 170 nn->nfsd_versions[vers] = false; 171 break; 172 case NFSD_TEST: 173 return nn->nfsd_versions[vers]; 174 case NFSD_AVAIL: 175 return nfsd_support_version(vers); 176 } 177 return 0; 178 } 179 180 static void nfsd_adjust_nfsd_versions4(struct nfsd_net * nn)181 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn) 182 { 183 unsigned i; 184 185 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) { 186 if (nn->nfsd4_minorversions[i]) 187 return; 188 } 189 nfsd_vers(nn, 4, NFSD_CLEAR); 190 } 191 nfsd_minorversion(struct nfsd_net * nn,u32 minorversion,enum vers_op change)192 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change) 193 { 194 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION && 195 change != NFSD_AVAIL) 196 return -1; 197 198 switch(change) { 199 case NFSD_SET: 200 nfsd_vers(nn, 4, NFSD_SET); 201 nn->nfsd4_minorversions[minorversion] = 202 nfsd_vers(nn, 4, NFSD_TEST); 203 break; 204 case NFSD_CLEAR: 205 nn->nfsd4_minorversions[minorversion] = false; 206 nfsd_adjust_nfsd_versions4(nn); 207 break; 208 case NFSD_TEST: 209 return nn->nfsd4_minorversions[minorversion]; 210 case NFSD_AVAIL: 211 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION && 212 nfsd_vers(nn, 4, NFSD_AVAIL); 213 } 214 return 0; 215 } 216 nfsd_serv_try_get(struct net * net)217 bool nfsd_serv_try_get(struct net *net) __must_hold(rcu) 218 { 219 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 220 221 return (nn && percpu_ref_tryget_live(&nn->nfsd_serv_ref)); 222 } 223 nfsd_serv_put(struct net * net)224 void nfsd_serv_put(struct net *net) __must_hold(rcu) 225 { 226 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 227 228 percpu_ref_put(&nn->nfsd_serv_ref); 229 } 230 nfsd_serv_done(struct percpu_ref * ref)231 static void nfsd_serv_done(struct percpu_ref *ref) 232 { 233 struct nfsd_net *nn = container_of(ref, struct nfsd_net, nfsd_serv_ref); 234 235 complete(&nn->nfsd_serv_confirm_done); 236 } 237 nfsd_serv_free(struct percpu_ref * ref)238 static void nfsd_serv_free(struct percpu_ref *ref) 239 { 240 struct nfsd_net *nn = container_of(ref, struct nfsd_net, nfsd_serv_ref); 241 242 complete(&nn->nfsd_serv_free_done); 243 } 244 245 /* 246 * Maximum number of nfsd processes 247 */ 248 #define NFSD_MAXSERVS 8192 249 nfsd_nrthreads(struct net * net)250 int nfsd_nrthreads(struct net *net) 251 { 252 int rv = 0; 253 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 254 255 mutex_lock(&nfsd_mutex); 256 if (nn->nfsd_serv) 257 rv = nn->nfsd_serv->sv_nrthreads; 258 mutex_unlock(&nfsd_mutex); 259 return rv; 260 } 261 nfsd_init_socks(struct net * net,const struct cred * cred)262 static int nfsd_init_socks(struct net *net, const struct cred *cred) 263 { 264 int error; 265 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 266 267 if (!list_empty(&nn->nfsd_serv->sv_permsocks)) 268 return 0; 269 270 error = svc_xprt_create(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT, 271 SVC_SOCK_DEFAULTS, cred); 272 if (error < 0) 273 return error; 274 275 error = svc_xprt_create(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT, 276 SVC_SOCK_DEFAULTS, cred); 277 if (error < 0) 278 return error; 279 280 return 0; 281 } 282 283 static int nfsd_users = 0; 284 nfsd_startup_generic(void)285 static int nfsd_startup_generic(void) 286 { 287 int ret; 288 289 if (nfsd_users++) 290 return 0; 291 292 ret = nfsd_file_cache_init(); 293 if (ret) 294 goto dec_users; 295 296 ret = nfs4_state_start(); 297 if (ret) 298 goto out_file_cache; 299 return 0; 300 301 out_file_cache: 302 nfsd_file_cache_shutdown(); 303 dec_users: 304 nfsd_users--; 305 return ret; 306 } 307 nfsd_shutdown_generic(void)308 static void nfsd_shutdown_generic(void) 309 { 310 if (--nfsd_users) 311 return; 312 313 nfs4_state_shutdown(); 314 nfsd_file_cache_shutdown(); 315 } 316 nfsd_needs_lockd(struct nfsd_net * nn)317 static bool nfsd_needs_lockd(struct nfsd_net *nn) 318 { 319 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST); 320 } 321 322 /** 323 * nfsd_copy_write_verifier - Atomically copy a write verifier 324 * @verf: buffer in which to receive the verifier cookie 325 * @nn: NFS net namespace 326 * 327 * This function provides a wait-free mechanism for copying the 328 * namespace's write verifier without tearing it. 329 */ nfsd_copy_write_verifier(__be32 verf[2],struct nfsd_net * nn)330 void nfsd_copy_write_verifier(__be32 verf[2], struct nfsd_net *nn) 331 { 332 unsigned int seq; 333 334 do { 335 seq = read_seqbegin(&nn->writeverf_lock); 336 memcpy(verf, nn->writeverf, sizeof(nn->writeverf)); 337 } while (read_seqretry(&nn->writeverf_lock, seq)); 338 } 339 nfsd_reset_write_verifier_locked(struct nfsd_net * nn)340 static void nfsd_reset_write_verifier_locked(struct nfsd_net *nn) 341 { 342 struct timespec64 now; 343 u64 verf; 344 345 /* 346 * Because the time value is hashed, y2038 time_t overflow 347 * is irrelevant in this usage. 348 */ 349 ktime_get_raw_ts64(&now); 350 verf = siphash_2u64(now.tv_sec, now.tv_nsec, &nn->siphash_key); 351 memcpy(nn->writeverf, &verf, sizeof(nn->writeverf)); 352 } 353 354 /** 355 * nfsd_reset_write_verifier - Generate a new write verifier 356 * @nn: NFS net namespace 357 * 358 * This function updates the ->writeverf field of @nn. This field 359 * contains an opaque cookie that, according to Section 18.32.3 of 360 * RFC 8881, "the client can use to determine whether a server has 361 * changed instance state (e.g., server restart) between a call to 362 * WRITE and a subsequent call to either WRITE or COMMIT. This 363 * cookie MUST be unchanged during a single instance of the NFSv4.1 364 * server and MUST be unique between instances of the NFSv4.1 365 * server." 366 */ nfsd_reset_write_verifier(struct nfsd_net * nn)367 void nfsd_reset_write_verifier(struct nfsd_net *nn) 368 { 369 write_seqlock(&nn->writeverf_lock); 370 nfsd_reset_write_verifier_locked(nn); 371 write_sequnlock(&nn->writeverf_lock); 372 } 373 374 /* 375 * Crank up a set of per-namespace resources for a new NFSD instance, 376 * including lockd, a duplicate reply cache, an open file cache 377 * instance, and a cache of NFSv4 state objects. 378 */ nfsd_startup_net(struct net * net,const struct cred * cred)379 static int nfsd_startup_net(struct net *net, const struct cred *cred) 380 { 381 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 382 int ret; 383 384 if (nn->nfsd_net_up) 385 return 0; 386 387 ret = nfsd_startup_generic(); 388 if (ret) 389 return ret; 390 ret = nfsd_init_socks(net, cred); 391 if (ret) 392 goto out_socks; 393 394 if (nfsd_needs_lockd(nn) && !nn->lockd_up) { 395 ret = lockd_up(net, cred); 396 if (ret) 397 goto out_socks; 398 nn->lockd_up = true; 399 } 400 401 ret = nfsd_file_cache_start_net(net); 402 if (ret) 403 goto out_lockd; 404 405 ret = nfsd_reply_cache_init(nn); 406 if (ret) 407 goto out_filecache; 408 409 ret = nfs4_state_start_net(net); 410 if (ret) 411 goto out_reply_cache; 412 413 #ifdef CONFIG_NFSD_V4_2_INTER_SSC 414 nfsd4_ssc_init_umount_work(nn); 415 #endif 416 nn->nfsd_net_up = true; 417 return 0; 418 419 out_reply_cache: 420 nfsd_reply_cache_shutdown(nn); 421 out_filecache: 422 nfsd_file_cache_shutdown_net(net); 423 out_lockd: 424 if (nn->lockd_up) { 425 lockd_down(net); 426 nn->lockd_up = false; 427 } 428 out_socks: 429 nfsd_shutdown_generic(); 430 return ret; 431 } 432 nfsd_shutdown_net(struct net * net)433 static void nfsd_shutdown_net(struct net *net) 434 { 435 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 436 437 if (!nn->nfsd_net_up) 438 return; 439 nfsd_export_flush(net); 440 nfs4_state_shutdown_net(net); 441 nfsd_reply_cache_shutdown(nn); 442 nfsd_file_cache_shutdown_net(net); 443 if (nn->lockd_up) { 444 lockd_down(net); 445 nn->lockd_up = false; 446 } 447 percpu_ref_exit(&nn->nfsd_serv_ref); 448 nn->nfsd_net_up = false; 449 nfsd_shutdown_generic(); 450 } 451 452 static DEFINE_SPINLOCK(nfsd_notifier_lock); nfsd_inetaddr_event(struct notifier_block * this,unsigned long event,void * ptr)453 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event, 454 void *ptr) 455 { 456 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 457 struct net_device *dev = ifa->ifa_dev->dev; 458 struct net *net = dev_net(dev); 459 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 460 struct sockaddr_in sin; 461 462 if (event != NETDEV_DOWN || !nn->nfsd_serv) 463 goto out; 464 465 spin_lock(&nfsd_notifier_lock); 466 if (nn->nfsd_serv) { 467 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local); 468 sin.sin_family = AF_INET; 469 sin.sin_addr.s_addr = ifa->ifa_local; 470 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin); 471 } 472 spin_unlock(&nfsd_notifier_lock); 473 474 out: 475 return NOTIFY_DONE; 476 } 477 478 static struct notifier_block nfsd_inetaddr_notifier = { 479 .notifier_call = nfsd_inetaddr_event, 480 }; 481 482 #if IS_ENABLED(CONFIG_IPV6) nfsd_inet6addr_event(struct notifier_block * this,unsigned long event,void * ptr)483 static int nfsd_inet6addr_event(struct notifier_block *this, 484 unsigned long event, void *ptr) 485 { 486 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; 487 struct net_device *dev = ifa->idev->dev; 488 struct net *net = dev_net(dev); 489 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 490 struct sockaddr_in6 sin6; 491 492 if (event != NETDEV_DOWN || !nn->nfsd_serv) 493 goto out; 494 495 spin_lock(&nfsd_notifier_lock); 496 if (nn->nfsd_serv) { 497 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr); 498 sin6.sin6_family = AF_INET6; 499 sin6.sin6_addr = ifa->addr; 500 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL) 501 sin6.sin6_scope_id = ifa->idev->dev->ifindex; 502 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6); 503 } 504 spin_unlock(&nfsd_notifier_lock); 505 506 out: 507 return NOTIFY_DONE; 508 } 509 510 static struct notifier_block nfsd_inet6addr_notifier = { 511 .notifier_call = nfsd_inet6addr_event, 512 }; 513 #endif 514 515 /* Only used under nfsd_mutex, so this atomic may be overkill: */ 516 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0); 517 518 /** 519 * nfsd_destroy_serv - tear down NFSD's svc_serv for a namespace 520 * @net: network namespace the NFS service is associated with 521 */ nfsd_destroy_serv(struct net * net)522 void nfsd_destroy_serv(struct net *net) 523 { 524 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 525 struct svc_serv *serv = nn->nfsd_serv; 526 527 lockdep_assert_held(&nfsd_mutex); 528 529 percpu_ref_kill_and_confirm(&nn->nfsd_serv_ref, nfsd_serv_done); 530 wait_for_completion(&nn->nfsd_serv_confirm_done); 531 wait_for_completion(&nn->nfsd_serv_free_done); 532 /* percpu_ref_exit is called in nfsd_shutdown_net */ 533 534 spin_lock(&nfsd_notifier_lock); 535 nn->nfsd_serv = NULL; 536 spin_unlock(&nfsd_notifier_lock); 537 538 /* check if the notifier still has clients */ 539 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) { 540 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier); 541 #if IS_ENABLED(CONFIG_IPV6) 542 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier); 543 #endif 544 } 545 546 svc_xprt_destroy_all(serv, net); 547 548 /* 549 * write_ports can create the server without actually starting 550 * any threads--if we get shut down before any threads are 551 * started, then nfsd_destroy_serv will be run before any of this 552 * other initialization has been done except the rpcb information. 553 */ 554 svc_rpcb_cleanup(serv, net); 555 556 nfsd_shutdown_net(net); 557 svc_destroy(&serv); 558 } 559 nfsd_reset_versions(struct nfsd_net * nn)560 void nfsd_reset_versions(struct nfsd_net *nn) 561 { 562 int i; 563 564 for (i = 0; i <= NFSD_MAXVERS; i++) 565 if (nfsd_vers(nn, i, NFSD_TEST)) 566 return; 567 568 for (i = 0; i <= NFSD_MAXVERS; i++) 569 if (i != 4) 570 nfsd_vers(nn, i, NFSD_SET); 571 else { 572 int minor = 0; 573 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0) 574 minor++; 575 } 576 } 577 578 /* 579 * Each session guarantees a negotiated per slot memory cache for replies 580 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated 581 * NFSv4.1 server might want to use more memory for a DRC than a machine 582 * with mutiple services. 583 * 584 * Impose a hard limit on the number of pages for the DRC which varies 585 * according to the machines free pages. This is of course only a default. 586 * 587 * For now this is a #defined shift which could be under admin control 588 * in the future. 589 */ set_max_drc(void)590 static void set_max_drc(void) 591 { 592 #define NFSD_DRC_SIZE_SHIFT 7 593 nfsd_drc_max_mem = (nr_free_buffer_pages() 594 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE; 595 nfsd_drc_mem_used = 0; 596 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem); 597 } 598 nfsd_get_default_max_blksize(void)599 static int nfsd_get_default_max_blksize(void) 600 { 601 struct sysinfo i; 602 unsigned long long target; 603 unsigned long ret; 604 605 si_meminfo(&i); 606 target = (i.totalram - i.totalhigh) << PAGE_SHIFT; 607 /* 608 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig 609 * machines, but only uses 32K on 128M machines. Bottom out at 610 * 8K on 32M and smaller. Of course, this is only a default. 611 */ 612 target >>= 12; 613 614 ret = NFSSVC_MAXBLKSIZE; 615 while (ret > target && ret >= 8*1024*2) 616 ret /= 2; 617 return ret; 618 } 619 nfsd_shutdown_threads(struct net * net)620 void nfsd_shutdown_threads(struct net *net) 621 { 622 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 623 struct svc_serv *serv; 624 625 mutex_lock(&nfsd_mutex); 626 serv = nn->nfsd_serv; 627 if (serv == NULL) { 628 mutex_unlock(&nfsd_mutex); 629 return; 630 } 631 632 /* Kill outstanding nfsd threads */ 633 svc_set_num_threads(serv, NULL, 0); 634 nfsd_destroy_serv(net); 635 mutex_unlock(&nfsd_mutex); 636 } 637 nfsd_current_rqst(void)638 struct svc_rqst *nfsd_current_rqst(void) 639 { 640 if (kthread_func(current) == nfsd) 641 return kthread_data(current); 642 return NULL; 643 } 644 nfsd_create_serv(struct net * net)645 int nfsd_create_serv(struct net *net) 646 { 647 int error; 648 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 649 struct svc_serv *serv; 650 651 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 652 if (nn->nfsd_serv) 653 return 0; 654 655 error = percpu_ref_init(&nn->nfsd_serv_ref, nfsd_serv_free, 656 0, GFP_KERNEL); 657 if (error) 658 return error; 659 init_completion(&nn->nfsd_serv_free_done); 660 init_completion(&nn->nfsd_serv_confirm_done); 661 662 if (nfsd_max_blksize == 0) 663 nfsd_max_blksize = nfsd_get_default_max_blksize(); 664 nfsd_reset_versions(nn); 665 serv = svc_create_pooled(nfsd_programs, ARRAY_SIZE(nfsd_programs), 666 &nn->nfsd_svcstats, 667 nfsd_max_blksize, nfsd); 668 if (serv == NULL) 669 return -ENOMEM; 670 671 serv->sv_maxconn = nn->max_connections; 672 error = svc_bind(serv, net); 673 if (error < 0) { 674 svc_destroy(&serv); 675 return error; 676 } 677 spin_lock(&nfsd_notifier_lock); 678 nn->nfsd_serv = serv; 679 spin_unlock(&nfsd_notifier_lock); 680 681 set_max_drc(); 682 /* check if the notifier is already set */ 683 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) { 684 register_inetaddr_notifier(&nfsd_inetaddr_notifier); 685 #if IS_ENABLED(CONFIG_IPV6) 686 register_inet6addr_notifier(&nfsd_inet6addr_notifier); 687 #endif 688 } 689 nfsd_reset_write_verifier(nn); 690 return 0; 691 } 692 nfsd_nrpools(struct net * net)693 int nfsd_nrpools(struct net *net) 694 { 695 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 696 697 if (nn->nfsd_serv == NULL) 698 return 0; 699 else 700 return nn->nfsd_serv->sv_nrpools; 701 } 702 nfsd_get_nrthreads(int n,int * nthreads,struct net * net)703 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net) 704 { 705 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 706 struct svc_serv *serv = nn->nfsd_serv; 707 int i; 708 709 if (serv) 710 for (i = 0; i < serv->sv_nrpools && i < n; i++) 711 nthreads[i] = serv->sv_pools[i].sp_nrthreads; 712 return 0; 713 } 714 715 /** 716 * nfsd_set_nrthreads - set the number of running threads in the net's service 717 * @n: number of array members in @nthreads 718 * @nthreads: array of thread counts for each pool 719 * @net: network namespace to operate within 720 * 721 * This function alters the number of running threads for the given network 722 * namespace in each pool. If passed an array longer then the number of pools 723 * the extra pool settings are ignored. If passed an array shorter than the 724 * number of pools, the missing values are interpreted as 0's. 725 * 726 * Returns 0 on success or a negative errno on error. 727 */ nfsd_set_nrthreads(int n,int * nthreads,struct net * net)728 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net) 729 { 730 int i = 0; 731 int tot = 0; 732 int err = 0; 733 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 734 735 lockdep_assert_held(&nfsd_mutex); 736 737 if (nn->nfsd_serv == NULL || n <= 0) 738 return 0; 739 740 /* 741 * Special case: When n == 1, pass in NULL for the pool, so that the 742 * change is distributed equally among them. 743 */ 744 if (n == 1) 745 return svc_set_num_threads(nn->nfsd_serv, NULL, nthreads[0]); 746 747 if (n > nn->nfsd_serv->sv_nrpools) 748 n = nn->nfsd_serv->sv_nrpools; 749 750 /* enforce a global maximum number of threads */ 751 tot = 0; 752 for (i = 0; i < n; i++) { 753 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); 754 tot += nthreads[i]; 755 } 756 if (tot > NFSD_MAXSERVS) { 757 /* total too large: scale down requested numbers */ 758 for (i = 0; i < n && tot > 0; i++) { 759 int new = nthreads[i] * NFSD_MAXSERVS / tot; 760 tot -= (nthreads[i] - new); 761 nthreads[i] = new; 762 } 763 for (i = 0; i < n && tot > 0; i++) { 764 nthreads[i]--; 765 tot--; 766 } 767 } 768 769 /* apply the new numbers */ 770 for (i = 0; i < n; i++) { 771 err = svc_set_num_threads(nn->nfsd_serv, 772 &nn->nfsd_serv->sv_pools[i], 773 nthreads[i]); 774 if (err) 775 goto out; 776 } 777 778 /* Anything undefined in array is considered to be 0 */ 779 for (i = n; i < nn->nfsd_serv->sv_nrpools; ++i) { 780 err = svc_set_num_threads(nn->nfsd_serv, 781 &nn->nfsd_serv->sv_pools[i], 782 0); 783 if (err) 784 goto out; 785 } 786 out: 787 return err; 788 } 789 790 /** 791 * nfsd_svc: start up or shut down the nfsd server 792 * @n: number of array members in @nthreads 793 * @nthreads: array of thread counts for each pool 794 * @net: network namespace to operate within 795 * @cred: credentials to use for xprt creation 796 * @scope: server scope value (defaults to nodename) 797 * 798 * Adjust the number of threads in each pool and return the new 799 * total number of threads in the service. 800 */ 801 int nfsd_svc(int n,int * nthreads,struct net * net,const struct cred * cred,const char * scope)802 nfsd_svc(int n, int *nthreads, struct net *net, const struct cred *cred, const char *scope) 803 { 804 int error; 805 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 806 struct svc_serv *serv; 807 808 lockdep_assert_held(&nfsd_mutex); 809 810 dprintk("nfsd: creating service\n"); 811 812 strscpy(nn->nfsd_name, scope ? scope : utsname()->nodename, 813 sizeof(nn->nfsd_name)); 814 815 error = nfsd_create_serv(net); 816 if (error) 817 goto out; 818 serv = nn->nfsd_serv; 819 820 error = nfsd_startup_net(net, cred); 821 if (error) 822 goto out_put; 823 error = nfsd_set_nrthreads(n, nthreads, net); 824 if (error) 825 goto out_put; 826 error = serv->sv_nrthreads; 827 out_put: 828 if (serv->sv_nrthreads == 0) 829 nfsd_destroy_serv(net); 830 out: 831 return error; 832 } 833 834 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 835 static bool nfsd_support_acl_version(int vers)836 nfsd_support_acl_version(int vers) 837 { 838 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS) 839 return nfsd_acl_version[vers] != NULL; 840 return false; 841 } 842 843 static int nfsd_acl_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)844 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp, 845 u32 version, int family, unsigned short proto, 846 unsigned short port) 847 { 848 if (!nfsd_support_acl_version(version) || 849 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 850 return 0; 851 return svc_generic_rpcbind_set(net, progp, version, family, 852 proto, port); 853 } 854 855 static __be32 nfsd_acl_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)856 nfsd_acl_init_request(struct svc_rqst *rqstp, 857 const struct svc_program *progp, 858 struct svc_process_info *ret) 859 { 860 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 861 int i; 862 863 if (likely(nfsd_support_acl_version(rqstp->rq_vers) && 864 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 865 return svc_generic_init_request(rqstp, progp, ret); 866 867 ret->mismatch.lovers = NFSD_ACL_NRVERS; 868 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) { 869 if (nfsd_support_acl_version(rqstp->rq_vers) && 870 nfsd_vers(nn, i, NFSD_TEST)) { 871 ret->mismatch.lovers = i; 872 break; 873 } 874 } 875 if (ret->mismatch.lovers == NFSD_ACL_NRVERS) 876 return rpc_prog_unavail; 877 ret->mismatch.hivers = NFSD_ACL_MINVERS; 878 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) { 879 if (nfsd_support_acl_version(rqstp->rq_vers) && 880 nfsd_vers(nn, i, NFSD_TEST)) { 881 ret->mismatch.hivers = i; 882 break; 883 } 884 } 885 return rpc_prog_mismatch; 886 } 887 #endif 888 889 static int nfsd_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)890 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp, 891 u32 version, int family, unsigned short proto, 892 unsigned short port) 893 { 894 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 895 return 0; 896 return svc_generic_rpcbind_set(net, progp, version, family, 897 proto, port); 898 } 899 900 static __be32 nfsd_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)901 nfsd_init_request(struct svc_rqst *rqstp, 902 const struct svc_program *progp, 903 struct svc_process_info *ret) 904 { 905 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 906 int i; 907 908 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 909 return svc_generic_init_request(rqstp, progp, ret); 910 911 ret->mismatch.lovers = NFSD_MAXVERS + 1; 912 for (i = NFSD_MINVERS; i <= NFSD_MAXVERS; i++) { 913 if (nfsd_vers(nn, i, NFSD_TEST)) { 914 ret->mismatch.lovers = i; 915 break; 916 } 917 } 918 if (ret->mismatch.lovers > NFSD_MAXVERS) 919 return rpc_prog_unavail; 920 ret->mismatch.hivers = NFSD_MINVERS; 921 for (i = NFSD_MAXVERS; i >= NFSD_MINVERS; i--) { 922 if (nfsd_vers(nn, i, NFSD_TEST)) { 923 ret->mismatch.hivers = i; 924 break; 925 } 926 } 927 return rpc_prog_mismatch; 928 } 929 930 /* 931 * This is the NFS server kernel thread 932 */ 933 static int nfsd(void * vrqstp)934 nfsd(void *vrqstp) 935 { 936 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; 937 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); 938 struct net *net = perm_sock->xpt_net; 939 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 940 941 /* At this point, the thread shares current->fs 942 * with the init process. We need to create files with the 943 * umask as defined by the client instead of init's umask. 944 */ 945 svc_thread_init_status(rqstp, unshare_fs_struct()); 946 947 current->fs->umask = 0; 948 949 atomic_inc(&nfsd_th_cnt); 950 951 set_freezable(); 952 953 /* 954 * The main request loop 955 */ 956 while (!svc_thread_should_stop(rqstp)) { 957 /* Update sv_maxconn if it has changed */ 958 rqstp->rq_server->sv_maxconn = nn->max_connections; 959 960 svc_recv(rqstp); 961 962 nfsd_file_net_dispose(nn); 963 } 964 965 atomic_dec(&nfsd_th_cnt); 966 967 /* Release the thread */ 968 svc_exit_thread(rqstp); 969 return 0; 970 } 971 972 /** 973 * nfsd_dispatch - Process an NFS or NFSACL or LOCALIO Request 974 * @rqstp: incoming request 975 * 976 * This RPC dispatcher integrates the NFS server's duplicate reply cache. 977 * 978 * Return values: 979 * %0: Processing complete; do not send a Reply 980 * %1: Processing complete; send Reply in rqstp->rq_res 981 */ nfsd_dispatch(struct svc_rqst * rqstp)982 int nfsd_dispatch(struct svc_rqst *rqstp) 983 { 984 const struct svc_procedure *proc = rqstp->rq_procinfo; 985 __be32 *statp = rqstp->rq_accept_statp; 986 struct nfsd_cacherep *rp; 987 unsigned int start, len; 988 __be32 *nfs_reply; 989 990 /* 991 * Give the xdr decoder a chance to change this if it wants 992 * (necessary in the NFSv4.0 compound case) 993 */ 994 rqstp->rq_cachetype = proc->pc_cachetype; 995 996 /* 997 * ->pc_decode advances the argument stream past the NFS 998 * Call header, so grab the header's starting location and 999 * size now for the call to nfsd_cache_lookup(). 1000 */ 1001 start = xdr_stream_pos(&rqstp->rq_arg_stream); 1002 len = xdr_stream_remaining(&rqstp->rq_arg_stream); 1003 if (!proc->pc_decode(rqstp, &rqstp->rq_arg_stream)) 1004 goto out_decode_err; 1005 1006 /* 1007 * Release rq_status_counter setting it to an odd value after the rpc 1008 * request has been properly parsed. rq_status_counter is used to 1009 * notify the consumers if the rqstp fields are stable 1010 * (rq_status_counter is odd) or not meaningful (rq_status_counter 1011 * is even). 1012 */ 1013 smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter | 1); 1014 1015 rp = NULL; 1016 switch (nfsd_cache_lookup(rqstp, start, len, &rp)) { 1017 case RC_DOIT: 1018 break; 1019 case RC_REPLY: 1020 goto out_cached_reply; 1021 case RC_DROPIT: 1022 goto out_dropit; 1023 } 1024 1025 nfs_reply = xdr_inline_decode(&rqstp->rq_res_stream, 0); 1026 *statp = proc->pc_func(rqstp); 1027 if (test_bit(RQ_DROPME, &rqstp->rq_flags)) 1028 goto out_update_drop; 1029 1030 if (!proc->pc_encode(rqstp, &rqstp->rq_res_stream)) 1031 goto out_encode_err; 1032 1033 /* 1034 * Release rq_status_counter setting it to an even value after the rpc 1035 * request has been properly processed. 1036 */ 1037 smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter + 1); 1038 1039 nfsd_cache_update(rqstp, rp, rqstp->rq_cachetype, nfs_reply); 1040 out_cached_reply: 1041 return 1; 1042 1043 out_decode_err: 1044 trace_nfsd_garbage_args_err(rqstp); 1045 *statp = rpc_garbage_args; 1046 return 1; 1047 1048 out_update_drop: 1049 nfsd_cache_update(rqstp, rp, RC_NOCACHE, NULL); 1050 out_dropit: 1051 return 0; 1052 1053 out_encode_err: 1054 trace_nfsd_cant_encode_err(rqstp); 1055 nfsd_cache_update(rqstp, rp, RC_NOCACHE, NULL); 1056 *statp = rpc_system_err; 1057 return 1; 1058 } 1059 1060 /** 1061 * nfssvc_decode_voidarg - Decode void arguments 1062 * @rqstp: Server RPC transaction context 1063 * @xdr: XDR stream positioned at arguments to decode 1064 * 1065 * Return values: 1066 * %false: Arguments were not valid 1067 * %true: Decoding was successful 1068 */ nfssvc_decode_voidarg(struct svc_rqst * rqstp,struct xdr_stream * xdr)1069 bool nfssvc_decode_voidarg(struct svc_rqst *rqstp, struct xdr_stream *xdr) 1070 { 1071 return true; 1072 } 1073 1074 /** 1075 * nfssvc_encode_voidres - Encode void results 1076 * @rqstp: Server RPC transaction context 1077 * @xdr: XDR stream into which to encode results 1078 * 1079 * Return values: 1080 * %false: Local error while encoding 1081 * %true: Encoding was successful 1082 */ nfssvc_encode_voidres(struct svc_rqst * rqstp,struct xdr_stream * xdr)1083 bool nfssvc_encode_voidres(struct svc_rqst *rqstp, struct xdr_stream *xdr) 1084 { 1085 return true; 1086 } 1087