projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nfsd: fully unhash delegations when revoking them
[deliverable/linux.git] / fs / nfsd / nfs4state.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2* Copyright (c) 2001 The Regents of the University of Michigan.
3* All rights reserved.
4*
5* Kendrick Smith <kmsmith@umich.edu>
6* Andy Adamson <kandros@umich.edu>
7*
8* Redistribution and use in source and binary forms, with or without
9* modification, are permitted provided that the following conditions
10* are met:
11*
12* 1. Redistributions of source code must retain the above copyright
13* notice, this list of conditions and the following disclaimer.
14* 2. Redistributions in binary form must reproduce the above copyright
15* notice, this list of conditions and the following disclaimer in the
16* documentation and/or other materials provided with the distribution.
17* 3. Neither the name of the University nor the names of its
18* contributors may be used to endorse or promote products derived
19* from this software without specific prior written permission.
20*
21* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32*
33*/
34
aceaf78d 35#include <linux/file.h>
b89f4321 36#include <linux/fs.h>
5a0e3ad6 37#include <linux/slab.h>
0964a3d3 38#include <linux/namei.h>
c2f1a551 39#include <linux/swap.h>
17456804 40#include <linux/pagemap.h>
7df302f7 41#include <linux/ratelimit.h>
68e76ad0 42#include <linux/sunrpc/svcauth_gss.h>
5976687a 43#include <linux/sunrpc/addr.h>
6282cd56 44#include <linux/hash.h>
9a74af21 45#include "xdr4.h"
06b332a5 46#include "xdr4cb.h"
0a3adade 47#include "vfs.h"
bfa4b365 48#include "current_stateid.h"
1da177e4 49
5e1533c7
SK		 50#include "netns.h"
51
1da177e4
LT		 52#define NFSDDBG_FACILITY NFSDDBG_PROC
53
f32f3c2d
BF		 54#define all_ones {{~0,~0},~0}
55static const stateid_t one_stateid = {
56 .si_generation = ~0,
57 .si_opaque = all_ones,
58};
59static const stateid_t zero_stateid = {
60 /* all fields zero */
61};
19ff0f28
TM		 62static const stateid_t currentstateid = {
63 .si_generation = 1,
64};
f32f3c2d 65
ec6b5d7b 66static u64 current_sessionid = 1;
fd39ca9a 67
f32f3c2d
BF		 68#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
69#define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
19ff0f28 70#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
1da177e4 71
1da177e4 72/* forward declarations */
f9c00c3a 73static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner);
1da177e4 74
8b671b80
BF		 75/* Locking: */
76
77/* Currently used for almost all code touching nfsv4 state: */
353ab6e9 78static DEFINE_MUTEX(client_mutex);
1da177e4 79
8b671b80
BF		 80/*
81 * Currently used for the del_recall_lru and file hash table. In an
82 * effort to decrease the scope of the client_mutex, this spinlock may
83 * eventually cover more:
84 */
cdc97505 85static DEFINE_SPINLOCK(state_lock);
8b671b80 86
abf1135b
CH		 87static struct kmem_cache *openowner_slab;
88static struct kmem_cache *lockowner_slab;
89static struct kmem_cache *file_slab;
90static struct kmem_cache *stateid_slab;
91static struct kmem_cache *deleg_slab;
e60d4398 92
1da177e4
LT		 93void
94nfs4_lock_state(void)
95{
353ab6e9 96 mutex_lock(&client_mutex);
1da177e4
LT		 97}
98
66b2b9b2 99static void free_session(struct nfsd4_session *);
508dc6e1 100
f0f51f5c 101static bool is_session_dead(struct nfsd4_session *ses)
66b2b9b2 102{
f0f51f5c 103 return ses->se_flags & NFS4_SESSION_DEAD;
66b2b9b2
BF		 104}
105
f0f51f5c 106static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me)
508dc6e1 107{
f0f51f5c 108 if (atomic_read(&ses->se_ref) > ref_held_by_me)
66b2b9b2
BF		 109 return nfserr_jukebox;
110 ses->se_flags |= NFS4_SESSION_DEAD;
111 return nfs_ok;
508dc6e1
BH		 112}
113
1da177e4
LT		 114void
115nfs4_unlock_state(void)
116{
353ab6e9 117 mutex_unlock(&client_mutex);
1da177e4
LT		 118}
119
221a6876
BF		 120static bool is_client_expired(struct nfs4_client *clp)
121{
122 return clp->cl_time == 0;
123}
124
125static __be32 mark_client_expired_locked(struct nfs4_client *clp)
126{
127 if (atomic_read(&clp->cl_refcount))
128 return nfserr_jukebox;
129 clp->cl_time = 0;
130 return nfs_ok;
131}
132
133static __be32 mark_client_expired(struct nfs4_client *clp)
134{
135 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
136 __be32 ret;
137
138 spin_lock(&nn->client_lock);
139 ret = mark_client_expired_locked(clp);
140 spin_unlock(&nn->client_lock);
141 return ret;
142}
143
144static __be32 get_client_locked(struct nfs4_client *clp)
145{
146 if (is_client_expired(clp))
147 return nfserr_expired;
148 atomic_inc(&clp->cl_refcount);
149 return nfs_ok;
150}
151
152/* must be called under the client_lock */
153static inline void
154renew_client_locked(struct nfs4_client *clp)
155{
156 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
157
158 if (is_client_expired(clp)) {
159 WARN_ON(1);
160 printk("%s: client (clientid %08x/%08x) already expired\n",
161 __func__,
162 clp->cl_clientid.cl_boot,
163 clp->cl_clientid.cl_id);
164 return;
165 }
166
167 dprintk("renewing client (clientid %08x/%08x)\n",
168 clp->cl_clientid.cl_boot,
169 clp->cl_clientid.cl_id);
170 list_move_tail(&clp->cl_lru, &nn->client_lru);
171 clp->cl_time = get_seconds();
172}
173
174static inline void
175renew_client(struct nfs4_client *clp)
176{
177 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
178
179 spin_lock(&nn->client_lock);
180 renew_client_locked(clp);
181 spin_unlock(&nn->client_lock);
182}
183
ba138435 184static void put_client_renew_locked(struct nfs4_client *clp)
221a6876
BF		 185{
186 if (!atomic_dec_and_test(&clp->cl_refcount))
187 return;
188 if (!is_client_expired(clp))
189 renew_client_locked(clp);
190}
191
4b24ca7d
JL		 192static void put_client_renew(struct nfs4_client *clp)
193{
194 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
195
d6c249b4
JL		 196 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock))
197 return;
198 if (!is_client_expired(clp))
199 renew_client_locked(clp);
4b24ca7d
JL		 200 spin_unlock(&nn->client_lock);
201}
202
d4e19e70
TM		 203static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses)
204{
205 __be32 status;
206
207 if (is_session_dead(ses))
208 return nfserr_badsession;
209 status = get_client_locked(ses->se_client);
210 if (status)
211 return status;
212 atomic_inc(&ses->se_ref);
213 return nfs_ok;
214}
215
216static void nfsd4_put_session_locked(struct nfsd4_session *ses)
217{
218 struct nfs4_client *clp = ses->se_client;
219
220 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses))
221 free_session(ses);
222 put_client_renew_locked(clp);
223}
224
225static void nfsd4_put_session(struct nfsd4_session *ses)
226{
227 struct nfs4_client *clp = ses->se_client;
228 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
229
230 spin_lock(&nn->client_lock);
231 nfsd4_put_session_locked(ses);
232 spin_unlock(&nn->client_lock);
233}
234
235
1da177e4
LT		 236static inline u32
237opaque_hashval(const void *ptr, int nbytes)
238{
239 unsigned char *cptr = (unsigned char *) ptr;
240
241 u32 x = 0;
242 while (nbytes--) {
243 x *= 37;
244 x += *cptr++;
245 }
246 return x;
247}
248
32513b40
BF		 249static void nfsd4_free_file(struct nfs4_file *f)
250{
251 kmem_cache_free(file_slab, f);
252}
253
13cd2184
N		 254static inline void
255put_nfs4_file(struct nfs4_file *fi)
256{
02e1215f
JL		 257 might_lock(&state_lock);
258
cdc97505 259 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) {
89876f8c 260 hlist_del(&fi->fi_hash);
cdc97505 261 spin_unlock(&state_lock);
32513b40 262 nfsd4_free_file(fi);
8b671b80 263 }
13cd2184
N		 264}
265
266static inline void
267get_nfs4_file(struct nfs4_file *fi)
268{
8b671b80 269 atomic_inc(&fi->fi_ref);
13cd2184
N		 270}
271
de18643d
TM		 272static struct file *
273__nfs4_get_fd(struct nfs4_file *f, int oflag)
274{
275 if (f->fi_fds[oflag])
276 return get_file(f->fi_fds[oflag]);
277 return NULL;
278}
279
280static struct file *
281find_writeable_file_locked(struct nfs4_file *f)
282{
283 struct file *ret;
284
285 lockdep_assert_held(&f->fi_lock);
286
287 ret = __nfs4_get_fd(f, O_WRONLY);
288 if (!ret)
289 ret = __nfs4_get_fd(f, O_RDWR);
290 return ret;
291}
292
293static struct file *
294find_writeable_file(struct nfs4_file *f)
295{
296 struct file *ret;
297
298 spin_lock(&f->fi_lock);
299 ret = find_writeable_file_locked(f);
300 spin_unlock(&f->fi_lock);
301
302 return ret;
303}
304
305static struct file *find_readable_file_locked(struct nfs4_file *f)
306{
307 struct file *ret;
308
309 lockdep_assert_held(&f->fi_lock);
310
311 ret = __nfs4_get_fd(f, O_RDONLY);
312 if (!ret)
313 ret = __nfs4_get_fd(f, O_RDWR);
314 return ret;
315}
316
317static struct file *
318find_readable_file(struct nfs4_file *f)
319{
320 struct file *ret;
321
322 spin_lock(&f->fi_lock);
323 ret = find_readable_file_locked(f);
324 spin_unlock(&f->fi_lock);
325
326 return ret;
327}
328
329static struct file *
330find_any_file(struct nfs4_file *f)
331{
332 struct file *ret;
333
334 spin_lock(&f->fi_lock);
335 ret = __nfs4_get_fd(f, O_RDWR);
336 if (!ret) {
337 ret = __nfs4_get_fd(f, O_WRONLY);
338 if (!ret)
339 ret = __nfs4_get_fd(f, O_RDONLY);
340 }
341 spin_unlock(&f->fi_lock);
342 return ret;
343}
344
ef0f3390 345static int num_delegations;
697ce9be 346unsigned long max_delegations;
ef0f3390
N		 347
348/*
349 * Open owner state (share locks)
350 */
351
16bfdaaf
BF		 352/* hash tables for lock and open owners */
353#define OWNER_HASH_BITS 8
354#define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS)
355#define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1)
ef0f3390 356
16bfdaaf 357static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername)
ddc04c41
BF		 358{
359 unsigned int ret;
360
361 ret = opaque_hashval(ownername->data, ownername->len);
362 ret += clientid;
16bfdaaf 363 return ret & OWNER_HASH_MASK;
ddc04c41 364}
ef0f3390 365
ef0f3390
N		 366/* hash table for nfs4_file */
367#define FILE_HASH_BITS 8
368#define FILE_HASH_SIZE (1 << FILE_HASH_BITS)
35079582 369
ca943217 370static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh)
ddc04c41 371{
ca943217
TM		 372 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0);
373}
374
375static unsigned int file_hashval(struct knfsd_fh *fh)
376{
377 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1);
378}
379
380static bool nfsd_fh_match(struct knfsd_fh *fh1, struct knfsd_fh *fh2)
381{
382 return fh1->fh_size == fh2->fh_size &&
383 !memcmp(fh1->fh_base.fh_pad,
384 fh2->fh_base.fh_pad,
385 fh1->fh_size);
ddc04c41
BF		 386}
387
89876f8c 388static struct hlist_head file_hashtbl[FILE_HASH_SIZE];
ef0f3390 389
12659651
JL		 390static void
391__nfs4_file_get_access(struct nfs4_file *fp, u32 access)
3477565e 392{
7214e860
JL		 393 lockdep_assert_held(&fp->fi_lock);
394
12659651
JL		 395 if (access & NFS4_SHARE_ACCESS_WRITE)
396 atomic_inc(&fp->fi_access[O_WRONLY]);
397 if (access & NFS4_SHARE_ACCESS_READ)
398 atomic_inc(&fp->fi_access[O_RDONLY]);
3477565e
BF		 399}
400
12659651
JL		 401static __be32
402nfs4_file_get_access(struct nfs4_file *fp, u32 access)
998db52c 403{
7214e860
JL		 404 lockdep_assert_held(&fp->fi_lock);
405
12659651
JL		 406 /* Does this access mode make sense? */
407 if (access & ~NFS4_SHARE_ACCESS_BOTH)
408 return nfserr_inval;
409
baeb4ff0
JL		 410 /* Does it conflict with a deny mode already set? */
411 if ((access & fp->fi_share_deny) != 0)
412 return nfserr_share_denied;
413
12659651
JL		 414 __nfs4_file_get_access(fp, access);
415 return nfs_ok;
998db52c
BF		 416}
417
baeb4ff0
JL		 418static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny)
419{
420 /* Common case is that there is no deny mode. */
421 if (deny) {
422 /* Does this deny mode make sense? */
423 if (deny & ~NFS4_SHARE_DENY_BOTH)
424 return nfserr_inval;
425
426 if ((deny & NFS4_SHARE_DENY_READ) &&
427 atomic_read(&fp->fi_access[O_RDONLY]))
428 return nfserr_share_denied;
429
430 if ((deny & NFS4_SHARE_DENY_WRITE) &&
431 atomic_read(&fp->fi_access[O_WRONLY]))
432 return nfserr_share_denied;
433 }
434 return nfs_ok;
435}
436
998db52c 437static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
f9d7562f 438{
de18643d
TM		 439 might_lock(&fp->fi_lock);
440
441 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) {
442 struct file *f1 = NULL;
443 struct file *f2 = NULL;
444
6d338b51 445 swap(f1, fp->fi_fds[oflag]);
0c7c3e67 446 if (atomic_read(&fp->fi_access[1 - oflag]) == 0)
6d338b51 447 swap(f2, fp->fi_fds[O_RDWR]);
de18643d
TM		 448 spin_unlock(&fp->fi_lock);
449 if (f1)
450 fput(f1);
451 if (f2)
452 fput(f2);
f9d7562f
BF		 453 }
454}
455
12659651 456static void nfs4_file_put_access(struct nfs4_file *fp, u32 access)
998db52c 457{
12659651
JL		 458 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH);
459
460 if (access & NFS4_SHARE_ACCESS_WRITE)
998db52c 461 __nfs4_file_put_access(fp, O_WRONLY);
12659651
JL		 462 if (access & NFS4_SHARE_ACCESS_READ)
463 __nfs4_file_put_access(fp, O_RDONLY);
998db52c
BF		 464}
465
3abdb607
BF		 466static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct
467kmem_cache *slab)
2a74aba7 468{
3abdb607 469 struct idr *stateids = &cl->cl_stateids;
3abdb607 470 struct nfs4_stid *stid;
6136d2b4 471 int new_id;
2a74aba7 472
f8338834 473 stid = kmem_cache_zalloc(slab, GFP_KERNEL);
3abdb607
BF		 474 if (!stid)
475 return NULL;
476
398c33aa 477 new_id = idr_alloc_cyclic(stateids, stid, 0, 0, GFP_KERNEL);
ebd6c707 478 if (new_id < 0)
3abdb607 479 goto out_free;
2a74aba7 480 stid->sc_client = cl;
3abdb607
BF		 481 stid->sc_stateid.si_opaque.so_id = new_id;
482 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid;
2a74aba7 483 /* Will be incremented before return to client: */
72c0b0fb 484 atomic_set(&stid->sc_count, 1);
996e0938 485
996e0938 486 /*
3abdb607
BF		 487 * It shouldn't be a problem to reuse an opaque stateid value.
488 * I don't think it is for 4.1. But with 4.0 I worry that, for
489 * example, a stray write retransmission could be accepted by
490 * the server when it should have been rejected. Therefore,
491 * adopt a trick from the sctp code to attempt to maximize the
492 * amount of time until an id is reused, by ensuring they always
493 * "increase" (mod INT_MAX):
996e0938 494 */
3abdb607
BF		 495 return stid;
496out_free:
2c44a234 497 kmem_cache_free(slab, stid);
3abdb607 498 return NULL;
2a74aba7
BF		 499}
500
4cdc951b
BF		 501static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp)
502{
503 return openlockstateid(nfs4_alloc_stid(clp, stateid_slab));
504}
505
6282cd56
N		 506/*
507 * When we recall a delegation, we should be careful not to hand it
508 * out again straight away.
509 * To ensure this we keep a pair of bloom filters ('new' and 'old')
510 * in which the filehandles of recalled delegations are "stored".
511 * If a filehandle appear in either filter, a delegation is blocked.
512 * When a delegation is recalled, the filehandle is stored in the "new"
513 * filter.
514 * Every 30 seconds we swap the filters and clear the "new" one,
515 * unless both are empty of course.
516 *
517 * Each filter is 256 bits. We hash the filehandle to 32bit and use the
518 * low 3 bytes as hash-table indices.
519 *
520 * 'state_lock', which is always held when block_delegations() is called,
521 * is used to manage concurrent access. Testing does not need the lock
522 * except when swapping the two filters.
523 */
524static struct bloom_pair {
525 int entries, old_entries;
526 time_t swap_time;
527 int new; /* index into 'set' */
528 DECLARE_BITMAP(set[2], 256);
529} blocked_delegations;
530
531static int delegation_blocked(struct knfsd_fh *fh)
532{
533 u32 hash;
534 struct bloom_pair *bd = &blocked_delegations;
535
536 if (bd->entries == 0)
537 return 0;
538 if (seconds_since_boot() - bd->swap_time > 30) {
539 spin_lock(&state_lock);
540 if (seconds_since_boot() - bd->swap_time > 30) {
541 bd->entries -= bd->old_entries;
542 bd->old_entries = bd->entries;
543 memset(bd->set[bd->new], 0,
544 sizeof(bd->set[0]));
545 bd->new = 1-bd->new;
546 bd->swap_time = seconds_since_boot();
547 }
548 spin_unlock(&state_lock);
549 }
550 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);
551 if (test_bit(hash&255, bd->set[0]) &&
552 test_bit((hash>>8)&255, bd->set[0]) &&
553 test_bit((hash>>16)&255, bd->set[0]))
554 return 1;
555
556 if (test_bit(hash&255, bd->set[1]) &&
557 test_bit((hash>>8)&255, bd->set[1]) &&
558 test_bit((hash>>16)&255, bd->set[1]))
559 return 1;
560
561 return 0;
562}
563
564static void block_delegations(struct knfsd_fh *fh)
565{
566 u32 hash;
567 struct bloom_pair *bd = &blocked_delegations;
568
02e1215f
JL		 569 lockdep_assert_held(&state_lock);
570
6282cd56
N		 571 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);
572
573 __set_bit(hash&255, bd->set[bd->new]);
574 __set_bit((hash>>8)&255, bd->set[bd->new]);
575 __set_bit((hash>>16)&255, bd->set[bd->new]);
576 if (bd->entries == 0)
577 bd->swap_time = seconds_since_boot();
578 bd->entries += 1;
579}
580
1da177e4 581static struct nfs4_delegation *
99c41515 582alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh)
1da177e4
LT		 583{
584 struct nfs4_delegation *dp;
1da177e4
LT		 585
586 dprintk("NFSD alloc_init_deleg\n");
c2f1a551 587 if (num_delegations > max_delegations)
ef0f3390 588 return NULL;
6282cd56
N		 589 if (delegation_blocked(&current_fh->fh_handle))
590 return NULL;
996e0938 591 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab));
5b2d21c1 592 if (dp == NULL)
1da177e4 593 return dp;
2a74aba7
BF		 594 /*
595 * delegation seqid's are never incremented. The 4.1 special
6136d2b4
BF		 596 * meaning of seqid 0 isn't meaningful, really, but let's avoid
597 * 0 anyway just for consistency and use 1:
2a74aba7
BF		 598 */
599 dp->dl_stid.sc_stateid.si_generation = 1;
ef0f3390 600 num_delegations++;
ea1da636
N		 601 INIT_LIST_HEAD(&dp->dl_perfile);
602 INIT_LIST_HEAD(&dp->dl_perclnt);
1da177e4 603 INIT_LIST_HEAD(&dp->dl_recall_lru);
99c41515 604 dp->dl_type = NFS4_OPEN_DELEGATE_READ;
6c02eaa1 605 fh_copy_shallow(&dp->dl_fh, &current_fh->fh_handle);
02e1215f 606 INIT_WORK(&dp->dl_recall.cb_work, nfsd4_run_cb_recall);
1da177e4
LT		 607 return dp;
608}
609
68a33961 610static void remove_stid(struct nfs4_stid *s)
3abdb607
BF		 611{
612 struct idr *stateids = &s->sc_client->cl_stateids;
613
614 idr_remove(stateids, s->sc_stateid.si_opaque.so_id);
3abdb607
BF		 615}
616
9857df81
BH		 617static void nfs4_free_stid(struct kmem_cache *slab, struct nfs4_stid *s)
618{
619 kmem_cache_free(slab, s);
620}
621
1da177e4
LT		 622void
623nfs4_put_delegation(struct nfs4_delegation *dp)
624{
72c0b0fb 625 if (atomic_dec_and_test(&dp->dl_stid.sc_count)) {
f8338834
TM		 626 if (dp->dl_file)
627 put_nfs4_file(dp->dl_file);
b0fc29d6 628 remove_stid(&dp->dl_stid);
9857df81 629 nfs4_free_stid(deleg_slab, &dp->dl_stid);
ef0f3390 630 num_delegations--;
1da177e4
LT		 631 }
632}
633
acfdf5c3 634static void nfs4_put_deleg_lease(struct nfs4_file *fp)
1da177e4 635{
417c6629
JL		 636 lockdep_assert_held(&state_lock);
637
cbf7a75b
BF		 638 if (!fp->fi_lease)
639 return;
acfdf5c3
BF		 640 if (atomic_dec_and_test(&fp->fi_delegees)) {
641 vfs_setlease(fp->fi_deleg_file, F_UNLCK, &fp->fi_lease);
642 fp->fi_lease = NULL;
4ee63624 643 fput(fp->fi_deleg_file);
acfdf5c3
BF		 644 fp->fi_deleg_file = NULL;
645 }
1da177e4
LT		 646}
647
6136d2b4
BF		 648static void unhash_stid(struct nfs4_stid *s)
649{
3abdb607 650 s->sc_type = 0;
6136d2b4
BF		 651}
652
931ee56c
BH		 653static void
654hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp)
655{
cdc97505 656 lockdep_assert_held(&state_lock);
417c6629 657 lockdep_assert_held(&fp->fi_lock);
931ee56c 658
3fb87d13 659 dp->dl_stid.sc_type = NFS4_DELEG_STID;
931ee56c
BH		 660 list_add(&dp->dl_perfile, &fp->fi_delegations);
661 list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
662}
663
1da177e4 664static void
42690676 665unhash_delegation_locked(struct nfs4_delegation *dp)
1da177e4 666{
02e1215f
JL		 667 struct nfs4_file *fp = dp->dl_file;
668
42690676
JL		 669 lockdep_assert_held(&state_lock);
670
b0fc29d6 671 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID;
d55a166c
JL		 672 /* Ensure that deleg break won't try to requeue it */
673 ++dp->dl_time;
417c6629 674 spin_lock(&fp->fi_lock);
931ee56c 675 list_del_init(&dp->dl_perclnt);
1da177e4 676 list_del_init(&dp->dl_recall_lru);
02e1215f
JL		 677 list_del_init(&dp->dl_perfile);
678 spin_unlock(&fp->fi_lock);
f8338834 679 if (fp)
02e1215f 680 nfs4_put_deleg_lease(fp);
3bd64a5b
BF		 681}
682
3bd64a5b
BF		 683static void destroy_revoked_delegation(struct nfs4_delegation *dp)
684{
685 list_del_init(&dp->dl_recall_lru);
1da177e4
LT		 686 nfs4_put_delegation(dp);
687}
688
3bd64a5b
BF		 689static void destroy_delegation(struct nfs4_delegation *dp)
690{
42690676
JL		 691 spin_lock(&state_lock);
692 unhash_delegation_locked(dp);
693 spin_unlock(&state_lock);
3bd64a5b
BF		 694 nfs4_put_delegation(dp);
695}
696
697static void revoke_delegation(struct nfs4_delegation *dp)
698{
699 struct nfs4_client *clp = dp->dl_stid.sc_client;
700
701 if (clp->cl_minorversion == 0)
42690676 702 destroy_revoked_delegation(dp);
3bd64a5b 703 else {
3bd64a5b 704 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID;
42690676 705 list_move(&dp->dl_recall_lru, &clp->cl_revoked);
3bd64a5b
BF		 706 }
707}
708
1da177e4
LT		 709/*
710 * SETCLIENTID state
711 */
712
ddc04c41
BF		 713static unsigned int clientid_hashval(u32 id)
714{
715 return id & CLIENT_HASH_MASK;
716}
717
718static unsigned int clientstr_hashval(const char *name)
719{
720 return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
721}
722
f9d7562f
BF		 723/*
724 * We store the NONE, READ, WRITE, and BOTH bits separately in the
725 * st_{access,deny}_bmap field of the stateid, in order to track not
726 * only what share bits are currently in force, but also what
727 * combinations of share bits previous opens have used. This allows us
728 * to enforce the recommendation of rfc 3530 14.2.19 that the server
729 * return an error if the client attempt to downgrade to a combination
730 * of share bits not explicable by closing some of its previous opens.
731 *
732 * XXX: This enforcement is actually incomplete, since we don't keep
733 * track of access/deny bit combinations; so, e.g., we allow:
734 *
735 * OPEN allow read, deny write
736 * OPEN allow both, deny none
737 * DOWNGRADE allow read, deny none
738 *
739 * which we should reject.
740 */
5ae037e5
JL		 741static unsigned int
742bmap_to_share_mode(unsigned long bmap) {
f9d7562f 743 int i;
5ae037e5 744 unsigned int access = 0;
f9d7562f 745
f9d7562f
BF		 746 for (i = 1; i < 4; i++) {
747 if (test_bit(i, &bmap))
5ae037e5 748 access |= i;
f9d7562f 749 }
5ae037e5 750 return access;
f9d7562f
BF		 751}
752
82c5ff1b
JL		 753/* set share access for a given stateid */
754static inline void
755set_access(u32 access, struct nfs4_ol_stateid *stp)
756{
c11c591f
JL		 757 unsigned char mask = 1 << access;
758
759 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
760 stp->st_access_bmap |= mask;
82c5ff1b
JL		 761}
762
763/* clear share access for a given stateid */
764static inline void
765clear_access(u32 access, struct nfs4_ol_stateid *stp)
766{
c11c591f
JL		 767 unsigned char mask = 1 << access;
768
769 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
770 stp->st_access_bmap &= ~mask;
82c5ff1b
JL		 771}
772
773/* test whether a given stateid has access */
774static inline bool
775test_access(u32 access, struct nfs4_ol_stateid *stp)
776{
c11c591f
JL		 777 unsigned char mask = 1 << access;
778
779 return (bool)(stp->st_access_bmap & mask);
82c5ff1b
JL		 780}
781
ce0fc43c
JL		 782/* set share deny for a given stateid */
783static inline void
c11c591f 784set_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 785{
c11c591f
JL		 786 unsigned char mask = 1 << deny;
787
788 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
789 stp->st_deny_bmap |= mask;
ce0fc43c
JL		 790}
791
792/* clear share deny for a given stateid */
793static inline void
c11c591f 794clear_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 795{
c11c591f
JL		 796 unsigned char mask = 1 << deny;
797
798 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
799 stp->st_deny_bmap &= ~mask;
ce0fc43c
JL		 800}
801
802/* test whether a given stateid is denying specific access */
803static inline bool
c11c591f 804test_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 805{
c11c591f
JL		 806 unsigned char mask = 1 << deny;
807
808 return (bool)(stp->st_deny_bmap & mask);
f9d7562f
BF		 809}
810
811static int nfs4_access_to_omode(u32 access)
812{
8f34a430 813 switch (access & NFS4_SHARE_ACCESS_BOTH) {
f9d7562f
BF		 814 case NFS4_SHARE_ACCESS_READ:
815 return O_RDONLY;
816 case NFS4_SHARE_ACCESS_WRITE:
817 return O_WRONLY;
818 case NFS4_SHARE_ACCESS_BOTH:
819 return O_RDWR;
820 }
063b0fb9
BF		 821 WARN_ON_ONCE(1);
822 return O_RDONLY;
f9d7562f
BF		 823}
824
baeb4ff0
JL		 825/*
826 * A stateid that had a deny mode associated with it is being released
827 * or downgraded. Recalculate the deny mode on the file.
828 */
829static void
830recalculate_deny_mode(struct nfs4_file *fp)
831{
832 struct nfs4_ol_stateid *stp;
833
834 spin_lock(&fp->fi_lock);
835 fp->fi_share_deny = 0;
836 list_for_each_entry(stp, &fp->fi_stateids, st_perfile)
837 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap);
838 spin_unlock(&fp->fi_lock);
839}
840
841static void
842reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp)
843{
844 int i;
845 bool change = false;
846
847 for (i = 1; i < 4; i++) {
848 if ((i & deny) != i) {
849 change = true;
850 clear_deny(i, stp);
851 }
852 }
853
854 /* Recalculate per-file deny mode if there was a change */
855 if (change)
856 recalculate_deny_mode(stp->st_file);
857}
858
82c5ff1b
JL		 859/* release all access and file references for a given stateid */
860static void
861release_all_access(struct nfs4_ol_stateid *stp)
862{
863 int i;
baeb4ff0
JL		 864 struct nfs4_file *fp = stp->st_file;
865
866 if (fp && stp->st_deny_bmap != 0)
867 recalculate_deny_mode(fp);
82c5ff1b
JL		 868
869 for (i = 1; i < 4; i++) {
870 if (test_access(i, stp))
12659651 871 nfs4_file_put_access(stp->st_file, i);
82c5ff1b
JL		 872 clear_access(i, stp);
873 }
874}
875
dcef0413 876static void unhash_generic_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 877{
1d31a253
TM		 878 struct nfs4_file *fp = stp->st_file;
879
880 spin_lock(&fp->fi_lock);
529d7b2a 881 list_del(&stp->st_perfile);
1d31a253 882 spin_unlock(&fp->fi_lock);
529d7b2a
BF		 883 list_del(&stp->st_perstateowner);
884}
885
dcef0413 886static void close_generic_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 887{
82c5ff1b 888 release_all_access(stp);
4665e2ba
BF		 889}
890
dcef0413 891static void free_generic_stateid(struct nfs4_ol_stateid *stp)
4665e2ba 892{
f8338834
TM		 893 if (stp->st_file)
894 put_nfs4_file(stp->st_file);
68a33961 895 remove_stid(&stp->st_stid);
9857df81 896 nfs4_free_stid(stateid_slab, &stp->st_stid);
529d7b2a
BF		 897}
898
3c87b9b7 899static void __release_lock_stateid(struct nfs4_ol_stateid *stp)
529d7b2a
BF		 900{
901 struct file *file;
902
3c87b9b7 903 list_del(&stp->st_locks);
529d7b2a 904 unhash_generic_stateid(stp);
6136d2b4 905 unhash_stid(&stp->st_stid);
529d7b2a 906 file = find_any_file(stp->st_file);
e20fcf1e
TM		 907 if (file)
908 filp_close(file, (fl_owner_t)lockowner(stp->st_stateowner));
38c387b5 909 close_generic_stateid(stp);
529d7b2a
BF		 910 free_generic_stateid(stp);
911}
912
fe0750e5 913static void unhash_lockowner(struct nfs4_lockowner *lo)
529d7b2a 914{
dcef0413 915 struct nfs4_ol_stateid *stp;
529d7b2a 916
fe0750e5 917 list_del(&lo->lo_owner.so_strhash);
fe0750e5
BF		 918 while (!list_empty(&lo->lo_owner.so_stateids)) {
919 stp = list_first_entry(&lo->lo_owner.so_stateids,
dcef0413 920 struct nfs4_ol_stateid, st_perstateowner);
3c87b9b7 921 __release_lock_stateid(stp);
529d7b2a
BF		 922 }
923}
924
50cc6231
TM		 925static void nfs4_free_lockowner(struct nfs4_lockowner *lo)
926{
927 kfree(lo->lo_owner.so_owner.data);
928 kmem_cache_free(lockowner_slab, lo);
929}
930
fe0750e5 931static void release_lockowner(struct nfs4_lockowner *lo)
529d7b2a 932{
fe0750e5
BF		 933 unhash_lockowner(lo);
934 nfs4_free_lockowner(lo);
529d7b2a
BF		 935}
936
3c87b9b7
TM		 937static void release_lockowner_if_empty(struct nfs4_lockowner *lo)
938{
939 if (list_empty(&lo->lo_owner.so_stateids))
940 release_lockowner(lo);
941}
942
943static void release_lock_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 944{
fe0750e5 945 struct nfs4_lockowner *lo;
529d7b2a 946
3c87b9b7
TM		 947 lo = lockowner(stp->st_stateowner);
948 __release_lock_stateid(stp);
949 release_lockowner_if_empty(lo);
950}
951
952static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp)
953{
954 struct nfs4_ol_stateid *stp;
955
956 while (!list_empty(&open_stp->st_locks)) {
957 stp = list_entry(open_stp->st_locks.next,
958 struct nfs4_ol_stateid, st_locks);
959 release_lock_stateid(stp);
529d7b2a
BF		 960 }
961}
962
38c387b5 963static void unhash_open_stateid(struct nfs4_ol_stateid *stp)
2283963f
BF		 964{
965 unhash_generic_stateid(stp);
3c87b9b7 966 release_open_stateid_locks(stp);
38c387b5
BF		 967 close_generic_stateid(stp);
968}
969
970static void release_open_stateid(struct nfs4_ol_stateid *stp)
971{
972 unhash_open_stateid(stp);
2283963f
BF		 973 free_generic_stateid(stp);
974}
975
fe0750e5 976static void unhash_openowner(struct nfs4_openowner *oo)
f1d110ca 977{
dcef0413 978 struct nfs4_ol_stateid *stp;
f1d110ca 979
fe0750e5
BF		 980 list_del(&oo->oo_owner.so_strhash);
981 list_del(&oo->oo_perclient);
982 while (!list_empty(&oo->oo_owner.so_stateids)) {
983 stp = list_first_entry(&oo->oo_owner.so_stateids,
dcef0413 984 struct nfs4_ol_stateid, st_perstateowner);
f044ff83 985 release_open_stateid(stp);
f1d110ca
BF		 986 }
987}
988
f7a4d872
BF		 989static void release_last_closed_stateid(struct nfs4_openowner *oo)
990{
991 struct nfs4_ol_stateid *s = oo->oo_last_closed_stid;
992
993 if (s) {
f7a4d872
BF		 994 free_generic_stateid(s);
995 oo->oo_last_closed_stid = NULL;
996 }
997}
998
50cc6231
TM		 999static void nfs4_free_openowner(struct nfs4_openowner *oo)
1000{
1001 kfree(oo->oo_owner.so_owner.data);
1002 kmem_cache_free(openowner_slab, oo);
1003}
1004
fe0750e5 1005static void release_openowner(struct nfs4_openowner *oo)
f1d110ca 1006{
fe0750e5
BF		 1007 unhash_openowner(oo);
1008 list_del(&oo->oo_close_lru);
f7a4d872 1009 release_last_closed_stateid(oo);
fe0750e5 1010 nfs4_free_openowner(oo);
f1d110ca
BF		 1011}
1012
5282fd72
ME		 1013static inline int
1014hash_sessionid(struct nfs4_sessionid *sessionid)
1015{
1016 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
1017
1018 return sid->sequence % SESSION_HASH_SIZE;
1019}
1020
8f199b82 1021#ifdef NFSD_DEBUG
5282fd72
ME		 1022static inline void
1023dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1024{
1025 u32 *ptr = (u32 *)(&sessionid->data[0]);
1026 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
1027}
8f199b82
TM		 1028#else
1029static inline void
1030dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1031{
1032}
1033#endif
1034
9411b1d4
BF		 1035/*
1036 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it
1037 * won't be used for replay.
1038 */
1039void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr)
1040{
1041 struct nfs4_stateowner *so = cstate->replay_owner;
1042
1043 if (nfserr == nfserr_replay_me)
1044 return;
1045
1046 if (!seqid_mutating_err(ntohl(nfserr))) {
1047 cstate->replay_owner = NULL;
1048 return;
1049 }
1050 if (!so)
1051 return;
1052 if (so->so_is_open_owner)
1053 release_last_closed_stateid(openowner(so));
1054 so->so_seqid++;
1055 return;
1056}
5282fd72 1057
ec6b5d7b
AA		 1058static void
1059gen_sessionid(struct nfsd4_session *ses)
1060{
1061 struct nfs4_client *clp = ses->se_client;
1062 struct nfsd4_sessionid *sid;
1063
1064 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
1065 sid->clientid = clp->cl_clientid;
1066 sid->sequence = current_sessionid++;
1067 sid->reserved = 0;
1068}
1069
1070/*
a649637c
AA		 1071 * The protocol defines ca_maxresponssize_cached to include the size of
1072 * the rpc header, but all we need to cache is the data starting after
1073 * the end of the initial SEQUENCE operation--the rest we regenerate
1074 * each time. Therefore we can advertise a ca_maxresponssize_cached
1075 * value that is the number of bytes in our cache plus a few additional
1076 * bytes. In order to stay on the safe side, and not promise more than
1077 * we can cache, those additional bytes must be the minimum possible: 24
1078 * bytes of rpc header (xid through accept state, with AUTH_NULL
1079 * verifier), 12 for the compound header (with zero-length tag), and 44
1080 * for the SEQUENCE op response:
1081 */
1082#define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44)
1083
557ce264
AA		 1084static void
1085free_session_slots(struct nfsd4_session *ses)
1086{
1087 int i;
1088
1089 for (i = 0; i < ses->se_fchannel.maxreqs; i++)
1090 kfree(ses->se_slots[i]);
1091}
1092
a649637c 1093/*
efe0cb6d
BF		 1094 * We don't actually need to cache the rpc and session headers, so we
1095 * can allocate a little less for each slot:
1096 */
55c760cf 1097static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca)
efe0cb6d 1098{
55c760cf 1099 u32 size;
efe0cb6d 1100
55c760cf
BF		 1101 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ)
1102 size = 0;
1103 else
1104 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
1105 return size + sizeof(struct nfsd4_slot);
5b6feee9 1106}
ec6b5d7b 1107
5b6feee9
BF		 1108/*
1109 * XXX: If we run out of reserved DRC memory we could (up to a point)
a649637c 1110 * re-negotiate active sessions and reduce their slot usage to make
42b2aa86 1111 * room for new connections. For now we just fail the create session.
ec6b5d7b 1112 */
55c760cf 1113static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca)
ec6b5d7b 1114{
55c760cf
BF		 1115 u32 slotsize = slot_bytes(ca);
1116 u32 num = ca->maxreqs;
5b6feee9 1117 int avail;
ec6b5d7b 1118
5b6feee9 1119 spin_lock(&nfsd_drc_lock);
697ce9be
ZY		 1120 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION,
1121 nfsd_drc_max_mem - nfsd_drc_mem_used);
5b6feee9
BF		 1122 num = min_t(int, num, avail / slotsize);
1123 nfsd_drc_mem_used += num * slotsize;
1124 spin_unlock(&nfsd_drc_lock);
ec6b5d7b 1125
5b6feee9
BF		 1126 return num;
1127}
ec6b5d7b 1128
55c760cf 1129static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca)
5b6feee9 1130{
55c760cf
BF		 1131 int slotsize = slot_bytes(ca);
1132
4bd9b0f4 1133 spin_lock(&nfsd_drc_lock);
55c760cf 1134 nfsd_drc_mem_used -= slotsize * ca->maxreqs;
4bd9b0f4 1135 spin_unlock(&nfsd_drc_lock);
5b6feee9 1136}
ec6b5d7b 1137
60810e54
KM		 1138static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs,
1139 struct nfsd4_channel_attrs *battrs)
5b6feee9 1140{
60810e54
KM		 1141 int numslots = fattrs->maxreqs;
1142 int slotsize = slot_bytes(fattrs);
5b6feee9
BF		 1143 struct nfsd4_session *new;
1144 int mem, i;
a649637c 1145
5b6feee9
BF		 1146 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
1147 + sizeof(struct nfsd4_session) > PAGE_SIZE);
1148 mem = numslots * sizeof(struct nfsd4_slot *);
ec6b5d7b 1149
5b6feee9
BF		 1150 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
1151 if (!new)
1152 return NULL;
557ce264 1153 /* allocate each struct nfsd4_slot and data cache in one piece */
5b6feee9 1154 for (i = 0; i < numslots; i++) {
55c760cf 1155 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL);
5b6feee9 1156 if (!new->se_slots[i])
557ce264 1157 goto out_free;
557ce264 1158 }
60810e54
KM		 1159
1160 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs));
1161 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs));
1162
5b6feee9
BF		 1163 return new;
1164out_free:
1165 while (i--)
1166 kfree(new->se_slots[i]);
1167 kfree(new);
1168 return NULL;
ec6b5d7b
AA		 1169}
1170
19cf5c02
BF		 1171static void free_conn(struct nfsd4_conn *c)
1172{
1173 svc_xprt_put(c->cn_xprt);
1174 kfree(c);
1175}
ec6b5d7b 1176
19cf5c02
BF		 1177static void nfsd4_conn_lost(struct svc_xpt_user *u)
1178{
1179 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
1180 struct nfs4_client *clp = c->cn_session->se_client;
ec6b5d7b 1181
19cf5c02
BF		 1182 spin_lock(&clp->cl_lock);
1183 if (!list_empty(&c->cn_persession)) {
1184 list_del(&c->cn_persession);
1185 free_conn(c);
1186 }
eea49806 1187 nfsd4_probe_callback(clp);
2e4b7239 1188 spin_unlock(&clp->cl_lock);
19cf5c02 1189}
ec6b5d7b 1190
d29c374c 1191static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
c7662518 1192{
c7662518 1193 struct nfsd4_conn *conn;
ec6b5d7b 1194
c7662518
BF		 1195 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
1196 if (!conn)
db90681d 1197 return NULL;
c7662518
BF		 1198 svc_xprt_get(rqstp->rq_xprt);
1199 conn->cn_xprt = rqstp->rq_xprt;
d29c374c 1200 conn->cn_flags = flags;
db90681d
BF		 1201 INIT_LIST_HEAD(&conn->cn_xpt_user.list);
1202 return conn;
1203}
a649637c 1204
328ead28
BF		 1205static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1206{
1207 conn->cn_session = ses;
1208 list_add(&conn->cn_persession, &ses->se_conns);
ec6b5d7b
AA		 1209}
1210
db90681d 1211static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
557ce264 1212{
db90681d 1213 struct nfs4_client *clp = ses->se_client;
557ce264 1214
c7662518 1215 spin_lock(&clp->cl_lock);
328ead28 1216 __nfsd4_hash_conn(conn, ses);
c7662518 1217 spin_unlock(&clp->cl_lock);
557ce264
AA		 1218}
1219
21b75b01 1220static int nfsd4_register_conn(struct nfsd4_conn *conn)
efe0cb6d 1221{
19cf5c02 1222 conn->cn_xpt_user.callback = nfsd4_conn_lost;
21b75b01 1223 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
efe0cb6d
BF		 1224}
1225
e1ff371f 1226static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
ec6b5d7b 1227{
21b75b01 1228 int ret;
ec6b5d7b 1229
db90681d 1230 nfsd4_hash_conn(conn, ses);
21b75b01
BF		 1231 ret = nfsd4_register_conn(conn);
1232 if (ret)
1233 /* oops; xprt is already down: */
1234 nfsd4_conn_lost(&conn->cn_xpt_user);
57a37144
BF		 1235 /* We may have gained or lost a callback channel: */
1236 nfsd4_probe_callback_sync(ses->se_client);
c7662518 1237}
ec6b5d7b 1238
e1ff371f 1239static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
1d1bc8f2
BF		 1240{
1241 u32 dir = NFS4_CDFC4_FORE;
1242
e1ff371f 1243 if (cses->flags & SESSION4_BACK_CHAN)
1d1bc8f2 1244 dir |= NFS4_CDFC4_BACK;
e1ff371f 1245 return alloc_conn(rqstp, dir);
1d1bc8f2
BF		 1246}
1247
1248/* must be called under client_lock */
19cf5c02 1249static void nfsd4_del_conns(struct nfsd4_session *s)
c7662518 1250{
19cf5c02
BF		 1251 struct nfs4_client *clp = s->se_client;
1252 struct nfsd4_conn *c;
ec6b5d7b 1253
19cf5c02
BF		 1254 spin_lock(&clp->cl_lock);
1255 while (!list_empty(&s->se_conns)) {
1256 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
1257 list_del_init(&c->cn_persession);
1258 spin_unlock(&clp->cl_lock);
557ce264 1259
19cf5c02
BF		 1260 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
1261 free_conn(c);
ec6b5d7b 1262
19cf5c02
BF		 1263 spin_lock(&clp->cl_lock);
1264 }
1265 spin_unlock(&clp->cl_lock);
c7662518 1266}
ec6b5d7b 1267
1377b69e
BF		 1268static void __free_session(struct nfsd4_session *ses)
1269{
1377b69e
BF		 1270 free_session_slots(ses);
1271 kfree(ses);
1272}
1273
66b2b9b2 1274static void free_session(struct nfsd4_session *ses)
c7662518 1275{
66b2b9b2 1276 struct nfsd_net *nn = net_generic(ses->se_client->net, nfsd_net_id);
c9a49628
SK		 1277
1278 lockdep_assert_held(&nn->client_lock);
19cf5c02 1279 nfsd4_del_conns(ses);
55c760cf 1280 nfsd4_put_drc_mem(&ses->se_fchannel);
1377b69e 1281 __free_session(ses);
c7662518
BF		 1282}
1283
135ae827 1284static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
a827bcb2 1285{
a827bcb2 1286 int idx;
1872de0e 1287 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
a827bcb2 1288
ec6b5d7b
AA		 1289 new->se_client = clp;
1290 gen_sessionid(new);
ec6b5d7b 1291
c7662518
BF		 1292 INIT_LIST_HEAD(&new->se_conns);
1293
ac7c46f2 1294 new->se_cb_seq_nr = 1;
ec6b5d7b 1295 new->se_flags = cses->flags;
8b5ce5cd 1296 new->se_cb_prog = cses->callback_prog;
c6bb3ca2 1297 new->se_cb_sec = cses->cb_sec;
66b2b9b2 1298 atomic_set(&new->se_ref, 0);
5b6feee9 1299 idx = hash_sessionid(&new->se_sessionid);
c9a49628 1300 spin_lock(&nn->client_lock);
1872de0e 1301 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]);
4c649378 1302 spin_lock(&clp->cl_lock);
ec6b5d7b 1303 list_add(&new->se_perclnt, &clp->cl_sessions);
4c649378 1304 spin_unlock(&clp->cl_lock);
c9a49628 1305 spin_unlock(&nn->client_lock);
60810e54 1306
dcbeaa68 1307 if (cses->flags & SESSION4_BACK_CHAN) {
edd76786 1308 struct sockaddr *sa = svc_addr(rqstp);
dcbeaa68
BF		 1309 /*
1310 * This is a little silly; with sessions there's no real
1311 * use for the callback address. Use the peer address
1312 * as a reasonable default for now, but consider fixing
1313 * the rpc client not to require an address in the
1314 * future:
1315 */
edd76786
BF		 1316 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
1317 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
edd76786 1318 }
ec6b5d7b
AA		 1319}
1320
9089f1b4 1321/* caller must hold client_lock */
5282fd72 1322static struct nfsd4_session *
d4e19e70 1323__find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net)
5282fd72
ME		 1324{
1325 struct nfsd4_session *elem;
1326 int idx;
1872de0e 1327 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5282fd72
ME		 1328
1329 dump_sessionid(__func__, sessionid);
1330 idx = hash_sessionid(sessionid);
5282fd72 1331 /* Search in the appropriate list */
1872de0e 1332 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) {
5282fd72
ME		 1333 if (!memcmp(elem->se_sessionid.data, sessionid->data,
1334 NFS4_MAX_SESSIONID_LEN)) {
1335 return elem;
1336 }
1337 }
1338
1339 dprintk("%s: session not found\n", __func__);
1340 return NULL;
1341}
1342
d4e19e70
TM		 1343static struct nfsd4_session *
1344find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net,
1345 __be32 *ret)
1346{
1347 struct nfsd4_session *session;
1348 __be32 status = nfserr_badsession;
1349
1350 session = __find_in_sessionid_hashtbl(sessionid, net);
1351 if (!session)
1352 goto out;
1353 status = nfsd4_get_session_locked(session);
1354 if (status)
1355 session = NULL;
1356out:
1357 *ret = status;
1358 return session;
1359}
1360
9089f1b4 1361/* caller must hold client_lock */
7116ed6b 1362static void
5282fd72 1363unhash_session(struct nfsd4_session *ses)
7116ed6b
AA		 1364{
1365 list_del(&ses->se_hash);
4c649378 1366 spin_lock(&ses->se_client->cl_lock);
7116ed6b 1367 list_del(&ses->se_perclnt);
4c649378 1368 spin_unlock(&ses->se_client->cl_lock);
5282fd72
ME		 1369}
1370
1da177e4
LT		 1371/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1372static int
2c142baa 1373STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1da177e4 1374{
2c142baa 1375 if (clid->cl_boot == nn->boot_time)
1da177e4 1376 return 0;
60adfc50 1377 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
2c142baa 1378 clid->cl_boot, clid->cl_id, nn->boot_time);
1da177e4
LT		 1379 return 1;
1380}
1381
1382/*
1383 * XXX Should we use a slab cache ?
1384 * This type of memory management is somewhat inefficient, but we use it
1385 * anyway since SETCLIENTID is not a common operation.
1386 */
35bba9a3 1387static struct nfs4_client *alloc_client(struct xdr_netobj name)
1da177e4
LT		 1388{
1389 struct nfs4_client *clp;
1390
35bba9a3
BF		 1391 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1392 if (clp == NULL)
1393 return NULL;
67114fe6 1394 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
35bba9a3
BF		 1395 if (clp->cl_name.data == NULL) {
1396 kfree(clp);
1397 return NULL;
1da177e4 1398 }
35bba9a3 1399 clp->cl_name.len = name.len;
5694c93e
TM		 1400 INIT_LIST_HEAD(&clp->cl_sessions);
1401 idr_init(&clp->cl_stateids);
1402 atomic_set(&clp->cl_refcount, 0);
1403 clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1404 INIT_LIST_HEAD(&clp->cl_idhash);
1405 INIT_LIST_HEAD(&clp->cl_openowners);
1406 INIT_LIST_HEAD(&clp->cl_delegations);
1407 INIT_LIST_HEAD(&clp->cl_lru);
1408 INIT_LIST_HEAD(&clp->cl_callbacks);
1409 INIT_LIST_HEAD(&clp->cl_revoked);
1410 spin_lock_init(&clp->cl_lock);
1411 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1da177e4
LT		 1412 return clp;
1413}
1414
4dd86e15 1415static void
1da177e4
LT		 1416free_client(struct nfs4_client *clp)
1417{
bca0ec65 1418 struct nfsd_net __maybe_unused *nn = net_generic(clp->net, nfsd_net_id);
c9a49628
SK		 1419
1420 lockdep_assert_held(&nn->client_lock);
792c95dd
BF		 1421 while (!list_empty(&clp->cl_sessions)) {
1422 struct nfsd4_session *ses;
1423 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1424 se_perclnt);
1425 list_del(&ses->se_perclnt);
66b2b9b2
BF		 1426 WARN_ON_ONCE(atomic_read(&ses->se_ref));
1427 free_session(ses);
792c95dd 1428 }
4cb57e30 1429 rpc_destroy_wait_queue(&clp->cl_cb_waitq);
03a4e1f6 1430 free_svc_cred(&clp->cl_cred);
1da177e4 1431 kfree(clp->cl_name.data);
2d32b29a 1432 idr_destroy(&clp->cl_stateids);
1da177e4
LT		 1433 kfree(clp);
1434}
1435
84d38ac9
BH		 1436/* must be called under the client_lock */
1437static inline void
1438unhash_client_locked(struct nfs4_client *clp)
1439{
792c95dd
BF		 1440 struct nfsd4_session *ses;
1441
84d38ac9 1442 list_del(&clp->cl_lru);
4c649378 1443 spin_lock(&clp->cl_lock);
792c95dd
BF		 1444 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1445 list_del_init(&ses->se_hash);
4c649378 1446 spin_unlock(&clp->cl_lock);
84d38ac9
BH		 1447}
1448
1da177e4 1449static void
0d22f68f 1450destroy_client(struct nfs4_client *clp)
1da177e4 1451{
fe0750e5 1452 struct nfs4_openowner *oo;
1da177e4 1453 struct nfs4_delegation *dp;
1da177e4 1454 struct list_head reaplist;
382a62e7 1455 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 1456
1da177e4 1457 INIT_LIST_HEAD(&reaplist);
cdc97505 1458 spin_lock(&state_lock);
ea1da636
N		 1459 while (!list_empty(&clp->cl_delegations)) {
1460 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
42690676
JL		 1461 unhash_delegation_locked(dp);
1462 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 1463 }
cdc97505 1464 spin_unlock(&state_lock);
1da177e4
LT		 1465 while (!list_empty(&reaplist)) {
1466 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 1467 list_del_init(&dp->dl_recall_lru);
1468 nfs4_put_delegation(dp);
1da177e4 1469 }
956c4fee
BH		 1470 list_splice_init(&clp->cl_revoked, &reaplist);
1471 while (!list_empty(&reaplist)) {
1472 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
1473 destroy_revoked_delegation(dp);
1474 }
ea1da636 1475 while (!list_empty(&clp->cl_openowners)) {
fe0750e5
BF		 1476 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
1477 release_openowner(oo);
1da177e4 1478 }
6ff8da08 1479 nfsd4_shutdown_callback(clp);
84d38ac9
BH		 1480 if (clp->cl_cb_conn.cb_xprt)
1481 svc_xprt_put(clp->cl_cb_conn.cb_xprt);
36acb66b 1482 list_del(&clp->cl_idhash);
ac55fdc4 1483 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags))
382a62e7 1484 rb_erase(&clp->cl_namenode, &nn->conf_name_tree);
ac55fdc4 1485 else
a99454aa 1486 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
c9a49628 1487 spin_lock(&nn->client_lock);
84d38ac9 1488 unhash_client_locked(clp);
221a6876
BF		 1489 WARN_ON_ONCE(atomic_read(&clp->cl_refcount));
1490 free_client(clp);
c9a49628 1491 spin_unlock(&nn->client_lock);
1da177e4
LT		 1492}
1493
0d22f68f
BF		 1494static void expire_client(struct nfs4_client *clp)
1495{
1496 nfsd4_client_record_remove(clp);
1497 destroy_client(clp);
1498}
1499
35bba9a3
BF		 1500static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1501{
1502 memcpy(target->cl_verifier.data, source->data,
1503 sizeof(target->cl_verifier.data));
1da177e4
LT		 1504}
1505
35bba9a3
BF		 1506static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1507{
1da177e4
LT		 1508 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot;
1509 target->cl_clientid.cl_id = source->cl_clientid.cl_id;
1510}
1511
03a4e1f6 1512static int copy_cred(struct svc_cred *target, struct svc_cred *source)
35bba9a3 1513{
03a4e1f6
BF		 1514 if (source->cr_principal) {
1515 target->cr_principal =
1516 kstrdup(source->cr_principal, GFP_KERNEL);
1517 if (target->cr_principal == NULL)
1518 return -ENOMEM;
1519 } else
1520 target->cr_principal = NULL;
d5497fc6 1521 target->cr_flavor = source->cr_flavor;
1da177e4
LT		 1522 target->cr_uid = source->cr_uid;
1523 target->cr_gid = source->cr_gid;
1524 target->cr_group_info = source->cr_group_info;
1525 get_group_info(target->cr_group_info);
0dc1531a
BF		 1526 target->cr_gss_mech = source->cr_gss_mech;
1527 if (source->cr_gss_mech)
1528 gss_mech_get(source->cr_gss_mech);
03a4e1f6 1529 return 0;
1da177e4
LT		 1530}
1531
ac55fdc4
JL		 1532static long long
1533compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2)
1534{
1535 long long res;
1536
1537 res = o1->len - o2->len;
1538 if (res)
1539 return res;
1540 return (long long)memcmp(o1->data, o2->data, o1->len);
1541}
1542
35bba9a3 1543static int same_name(const char *n1, const char *n2)
599e0a22 1544{
a55370a3 1545 return 0 == memcmp(n1, n2, HEXDIR_LEN);
1da177e4
LT		 1546}
1547
1548static int
599e0a22
BF		 1549same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
1550{
1551 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1da177e4
LT		 1552}
1553
1554static int
599e0a22
BF		 1555same_clid(clientid_t *cl1, clientid_t *cl2)
1556{
1557 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1da177e4
LT		 1558}
1559
8fbba96e
BF		 1560static bool groups_equal(struct group_info *g1, struct group_info *g2)
1561{
1562 int i;
1563
1564 if (g1->ngroups != g2->ngroups)
1565 return false;
1566 for (i=0; i<g1->ngroups; i++)
6fab8779 1567 if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i)))
8fbba96e
BF		 1568 return false;
1569 return true;
1570}
1571
68eb3508
BF		 1572/*
1573 * RFC 3530 language requires clid_inuse be returned when the
1574 * "principal" associated with a requests differs from that previously
1575 * used. We use uid, gid's, and gss principal string as our best
1576 * approximation. We also don't want to allow non-gss use of a client
1577 * established using gss: in theory cr_principal should catch that
1578 * change, but in practice cr_principal can be null even in the gss case
1579 * since gssd doesn't always pass down a principal string.
1580 */
1581static bool is_gss_cred(struct svc_cred *cr)
1582{
1583 /* Is cr_flavor one of the gss "pseudoflavors"?: */
1584 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
1585}
1586
1587
5559b50a 1588static bool
599e0a22
BF		 1589same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
1590{
68eb3508 1591 if ((is_gss_cred(cr1) != is_gss_cred(cr2))
6fab8779
EB		 1592 || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
1593 || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
8fbba96e
BF		 1594 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1595 return false;
1596 if (cr1->cr_principal == cr2->cr_principal)
1597 return true;
1598 if (!cr1->cr_principal || !cr2->cr_principal)
1599 return false;
5559b50a 1600 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1da177e4
LT		 1601}
1602
57266a6e
BF		 1603static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp)
1604{
1605 struct svc_cred *cr = &rqstp->rq_cred;
1606 u32 service;
1607
c4720591
BF		 1608 if (!cr->cr_gss_mech)
1609 return false;
57266a6e
BF		 1610 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor);
1611 return service == RPC_GSS_SVC_INTEGRITY ||
1612 service == RPC_GSS_SVC_PRIVACY;
1613}
1614
1615static bool mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp)
1616{
1617 struct svc_cred *cr = &rqstp->rq_cred;
1618
1619 if (!cl->cl_mach_cred)
1620 return true;
1621 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech)
1622 return false;
1623 if (!svc_rqst_integrity_protected(rqstp))
1624 return false;
1625 if (!cr->cr_principal)
1626 return false;
1627 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal);
1628}
1629
c212cecf 1630static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn)
5ec7b46c
BF		 1631{
1632 static u32 current_clientid = 1;
1633
2c142baa 1634 clp->cl_clientid.cl_boot = nn->boot_time;
1da177e4
LT		 1635 clp->cl_clientid.cl_id = current_clientid++;
1636}
1637
deda2faa
BF		 1638static void gen_confirm(struct nfs4_client *clp)
1639{
ab4684d1 1640 __be32 verf[2];
deda2faa 1641 static u32 i;
1da177e4 1642
f419992c
JL		 1643 /*
1644 * This is opaque to client, so no need to byte-swap. Use
1645 * __force to keep sparse happy
1646 */
1647 verf[0] = (__force __be32)get_seconds();
1648 verf[1] = (__force __be32)i++;
ab4684d1 1649 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1da177e4
LT		 1650}
1651
38c2f4b1 1652static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t)
4581d140 1653{
3abdb607
BF		 1654 struct nfs4_stid *ret;
1655
1656 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id);
1657 if (!ret || !ret->sc_type)
1658 return NULL;
1659 return ret;
4d71ab87
BF		 1660}
1661
38c2f4b1 1662static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
f459e453
BF		 1663{
1664 struct nfs4_stid *s;
4d71ab87 1665
38c2f4b1 1666 s = find_stateid(cl, t);
4d71ab87
BF		 1667 if (!s)
1668 return NULL;
f459e453 1669 if (typemask & s->sc_type)
4581d140 1670 return s;
4581d140
BF		 1671 return NULL;
1672}
1673
2216d449 1674static struct nfs4_client *create_client(struct xdr_netobj name,
b09333c4
RL		 1675 struct svc_rqst *rqstp, nfs4_verifier *verf)
1676{
1677 struct nfs4_client *clp;
1678 struct sockaddr *sa = svc_addr(rqstp);
03a4e1f6 1679 int ret;
c212cecf 1680 struct net *net = SVC_NET(rqstp);
c9a49628 1681 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b09333c4
RL		 1682
1683 clp = alloc_client(name);
1684 if (clp == NULL)
1685 return NULL;
1686
03a4e1f6
BF		 1687 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
1688 if (ret) {
c9a49628 1689 spin_lock(&nn->client_lock);
03a4e1f6 1690 free_client(clp);
c9a49628 1691 spin_unlock(&nn->client_lock);
03a4e1f6 1692 return NULL;
b09333c4 1693 }
02e1215f 1694 INIT_WORK(&clp->cl_cb_null.cb_work, nfsd4_run_cb_null);
07cd4909 1695 clp->cl_time = get_seconds();
b09333c4 1696 clear_bit(0, &clp->cl_cb_slot_busy);
b09333c4
RL		 1697 copy_verf(clp, verf);
1698 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
b09333c4 1699 gen_confirm(clp);
edd76786 1700 clp->cl_cb_session = NULL;
c212cecf 1701 clp->net = net;
b09333c4
RL		 1702 return clp;
1703}
1704
fd39ca9a 1705static void
ac55fdc4
JL		 1706add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root)
1707{
1708 struct rb_node **new = &(root->rb_node), *parent = NULL;
1709 struct nfs4_client *clp;
1710
1711 while (*new) {
1712 clp = rb_entry(*new, struct nfs4_client, cl_namenode);
1713 parent = *new;
1714
1715 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0)
1716 new = &((*new)->rb_left);
1717 else
1718 new = &((*new)->rb_right);
1719 }
1720
1721 rb_link_node(&new_clp->cl_namenode, parent, new);
1722 rb_insert_color(&new_clp->cl_namenode, root);
1723}
1724
1725static struct nfs4_client *
1726find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root)
1727{
1728 long long cmp;
1729 struct rb_node *node = root->rb_node;
1730 struct nfs4_client *clp;
1731
1732 while (node) {
1733 clp = rb_entry(node, struct nfs4_client, cl_namenode);
1734 cmp = compare_blob(&clp->cl_name, name);
1735 if (cmp > 0)
1736 node = node->rb_left;
1737 else if (cmp < 0)
1738 node = node->rb_right;
1739 else
1740 return clp;
1741 }
1742 return NULL;
1743}
1744
1745static void
1746add_to_unconfirmed(struct nfs4_client *clp)
1da177e4
LT		 1747{
1748 unsigned int idhashval;
0a7ec377 1749 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 1750
ac55fdc4 1751 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
a99454aa 1752 add_clp_to_name_tree(clp, &nn->unconf_name_tree);
1da177e4 1753 idhashval = clientid_hashval(clp->cl_clientid.cl_id);
0a7ec377 1754 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]);
36acb66b 1755 renew_client(clp);
1da177e4
LT		 1756}
1757
fd39ca9a 1758static void
1da177e4
LT		 1759move_to_confirmed(struct nfs4_client *clp)
1760{
1761 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
8daae4dc 1762 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4
LT		 1763
1764 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
8daae4dc 1765 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]);
a99454aa 1766 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
382a62e7 1767 add_clp_to_name_tree(clp, &nn->conf_name_tree);
ac55fdc4 1768 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
1da177e4
LT		 1769 renew_client(clp);
1770}
1771
1772static struct nfs4_client *
bfa85e83 1773find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions)
1da177e4
LT		 1774{
1775 struct nfs4_client *clp;
1776 unsigned int idhashval = clientid_hashval(clid->cl_id);
1777
bfa85e83 1778 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) {
a50d2ad1 1779 if (same_clid(&clp->cl_clientid, clid)) {
d15c077e
BF		 1780 if ((bool)clp->cl_minorversion != sessions)
1781 return NULL;
a50d2ad1 1782 renew_client(clp);
1da177e4 1783 return clp;
a50d2ad1 1784 }
1da177e4
LT		 1785 }
1786 return NULL;
1787}
1788
bfa85e83
BF		 1789static struct nfs4_client *
1790find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1791{
1792 struct list_head *tbl = nn->conf_id_hashtbl;
1793
1794 return find_client_in_id_table(tbl, clid, sessions);
1795}
1796
1da177e4 1797static struct nfs4_client *
0a7ec377 1798find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1da177e4 1799{
bfa85e83 1800 struct list_head *tbl = nn->unconf_id_hashtbl;
1da177e4 1801
bfa85e83 1802 return find_client_in_id_table(tbl, clid, sessions);
1da177e4
LT		 1803}
1804
6e5f15c9 1805static bool clp_used_exchangeid(struct nfs4_client *clp)
a1bcecd2 1806{
6e5f15c9 1807 return clp->cl_exchange_flags != 0;
e203d506 1808}
a1bcecd2 1809
28ce6054 1810static struct nfs4_client *
382a62e7 1811find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 1812{
382a62e7 1813 return find_clp_in_name_tree(name, &nn->conf_name_tree);
28ce6054
N		 1814}
1815
1816static struct nfs4_client *
a99454aa 1817find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 1818{
a99454aa 1819 return find_clp_in_name_tree(name, &nn->unconf_name_tree);
28ce6054
N		 1820}
1821
fd39ca9a 1822static void
6f3d772f 1823gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1da177e4 1824{
07263f1e 1825 struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
6f3d772f
TU		 1826 struct sockaddr *sa = svc_addr(rqstp);
1827 u32 scopeid = rpc_get_scope_id(sa);
7077ecba
JL		 1828 unsigned short expected_family;
1829
1830 /* Currently, we only support tcp and tcp6 for the callback channel */
1831 if (se->se_callback_netid_len == 3 &&
1832 !memcmp(se->se_callback_netid_val, "tcp", 3))
1833 expected_family = AF_INET;
1834 else if (se->se_callback_netid_len == 4 &&
1835 !memcmp(se->se_callback_netid_val, "tcp6", 4))
1836 expected_family = AF_INET6;
1837 else
1da177e4
LT		 1838 goto out_err;
1839
c212cecf 1840 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val,
aa9a4ec7 1841 se->se_callback_addr_len,
07263f1e
BF		 1842 (struct sockaddr *)&conn->cb_addr,
1843 sizeof(conn->cb_addr));
aa9a4ec7 1844
07263f1e 1845 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1da177e4 1846 goto out_err;
aa9a4ec7 1847
07263f1e
BF		 1848 if (conn->cb_addr.ss_family == AF_INET6)
1849 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
fbf4665f 1850
07263f1e
BF		 1851 conn->cb_prog = se->se_callback_prog;
1852 conn->cb_ident = se->se_callback_ident;
849a1cf1 1853 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1da177e4
LT		 1854 return;
1855out_err:
07263f1e
BF		 1856 conn->cb_addr.ss_family = AF_UNSPEC;
1857 conn->cb_addrlen = 0;
849823c5 1858 dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
1da177e4
LT		 1859 "will not receive delegations\n",
1860 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
1861
1da177e4
LT		 1862 return;
1863}
1864
074fe897 1865/*
067e1ace 1866 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size.
074fe897 1867 */
b607664e 1868static void
074fe897 1869nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
074fe897 1870{
f5236013 1871 struct xdr_buf *buf = resp->xdr.buf;
557ce264
AA		 1872 struct nfsd4_slot *slot = resp->cstate.slot;
1873 unsigned int base;
074fe897 1874
557ce264 1875 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 1876
557ce264
AA		 1877 slot->sl_opcnt = resp->opcnt;
1878 slot->sl_status = resp->cstate.status;
074fe897 1879
bf5c43c8 1880 slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
bf864a31 1881 if (nfsd4_not_cached(resp)) {
557ce264 1882 slot->sl_datalen = 0;
bf864a31 1883 return;
074fe897 1884 }
f5236013
BF		 1885 base = resp->cstate.data_offset;
1886 slot->sl_datalen = buf->len - base;
1887 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen))
557ce264
AA		 1888 WARN("%s: sessions DRC could not cache compound\n", __func__);
1889 return;
074fe897
AA		 1890}
1891
1892/*
abfabf8c
AA		 1893 * Encode the replay sequence operation from the slot values.
1894 * If cachethis is FALSE encode the uncached rep error on the next
1895 * operation which sets resp->p and increments resp->opcnt for
1896 * nfs4svc_encode_compoundres.
074fe897 1897 *
074fe897 1898 */
abfabf8c
AA		 1899static __be32
1900nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
1901 struct nfsd4_compoundres *resp)
074fe897 1902{
abfabf8c
AA		 1903 struct nfsd4_op *op;
1904 struct nfsd4_slot *slot = resp->cstate.slot;
bf864a31 1905
abfabf8c
AA		 1906 /* Encode the replayed sequence operation */
1907 op = &args->ops[resp->opcnt - 1];
1908 nfsd4_encode_operation(resp, op);
bf864a31 1909
abfabf8c 1910 /* Return nfserr_retry_uncached_rep in next operation. */
73e79482 1911 if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
abfabf8c
AA		 1912 op = &args->ops[resp->opcnt++];
1913 op->status = nfserr_retry_uncached_rep;
1914 nfsd4_encode_operation(resp, op);
074fe897 1915 }
abfabf8c 1916 return op->status;
074fe897
AA		 1917}
1918
1919/*
557ce264
AA		 1920 * The sequence operation is not cached because we can use the slot and
1921 * session values.
074fe897 1922 */
3ca2eb98 1923static __be32
bf864a31
AA		 1924nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
1925 struct nfsd4_sequence *seq)
074fe897 1926{
557ce264 1927 struct nfsd4_slot *slot = resp->cstate.slot;
f5236013
BF		 1928 struct xdr_stream *xdr = &resp->xdr;
1929 __be32 *p;
074fe897
AA		 1930 __be32 status;
1931
557ce264 1932 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 1933
abfabf8c 1934 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
0da7b19c 1935 if (status)
abfabf8c 1936 return status;
074fe897 1937
f5236013
BF		 1938 p = xdr_reserve_space(xdr, slot->sl_datalen);
1939 if (!p) {
1940 WARN_ON_ONCE(1);
1941 return nfserr_serverfault;
1942 }
1943 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen);
1944 xdr_commit_encode(xdr);
074fe897 1945
557ce264 1946 resp->opcnt = slot->sl_opcnt;
f5236013 1947 return slot->sl_status;
074fe897
AA		 1948}
1949
0733d213
AA		 1950/*
1951 * Set the exchange_id flags returned by the server.
1952 */
1953static void
1954nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
1955{
1956 /* pNFS is not supported */
1957 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
1958
1959 /* Referrals are supported, Migration is not. */
1960 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
1961
1962 /* set the wire flags to return to client. */
1963 clid->flags = new->cl_exchange_flags;
1964}
1965
631fc9ea
BF		 1966static bool client_has_state(struct nfs4_client *clp)
1967{
1968 /*
1969 * Note clp->cl_openowners check isn't quite right: there's no
1970 * need to count owners without stateid's.
1971 *
1972 * Also note we should probably be using this in 4.0 case too.
1973 */
6eccece9
BF		 1974 return !list_empty(&clp->cl_openowners)
1975 || !list_empty(&clp->cl_delegations)
1976 || !list_empty(&clp->cl_sessions);
631fc9ea
BF		 1977}
1978
069b6ad4
AA		 1979__be32
1980nfsd4_exchange_id(struct svc_rqst *rqstp,
1981 struct nfsd4_compound_state *cstate,
1982 struct nfsd4_exchange_id *exid)
1983{
0733d213 1984 struct nfs4_client *unconf, *conf, *new;
57b7b43b 1985 __be32 status;
363168b4 1986 char addr_str[INET6_ADDRSTRLEN];
0733d213 1987 nfs4_verifier verf = exid->verifier;
363168b4 1988 struct sockaddr *sa = svc_addr(rqstp);
83e08fd4 1989 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
c212cecf 1990 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0733d213 1991
363168b4 1992 rpc_ntop(sa, addr_str, sizeof(addr_str));
0733d213 1993 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
363168b4 1994 "ip_addr=%s flags %x, spa_how %d\n",
0733d213 1995 __func__, rqstp, exid, exid->clname.len, exid->clname.data,
363168b4 1996 addr_str, exid->flags, exid->spa_how);
0733d213 1997
a084daf5 1998 if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
0733d213
AA		 1999 return nfserr_inval;
2000
0733d213 2001 switch (exid->spa_how) {
57266a6e
BF		 2002 case SP4_MACH_CRED:
2003 if (!svc_rqst_integrity_protected(rqstp))
2004 return nfserr_inval;
0733d213
AA		 2005 case SP4_NONE:
2006 break;
063b0fb9
BF		 2007 default: /* checked by xdr code */
2008 WARN_ON_ONCE(1);
0733d213 2009 case SP4_SSV:
dd30333c 2010 return nfserr_encr_alg_unsupp;
0733d213
AA		 2011 }
2012
2dbb269d 2013 /* Cases below refer to rfc 5661 section 18.35.4: */
0733d213 2014 nfs4_lock_state();
382a62e7 2015 conf = find_confirmed_client_by_name(&exid->clname, nn);
0733d213 2016 if (conf) {
83e08fd4
BF		 2017 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
2018 bool verfs_match = same_verf(&verf, &conf->cl_verifier);
2019
136e658d
BF		 2020 if (update) {
2021 if (!clp_used_exchangeid(conf)) { /* buggy client */
2dbb269d 2022 status = nfserr_inval;
1a308118
BF		 2023 goto out;
2024 }
57266a6e
BF		 2025 if (!mach_creds_match(conf, rqstp)) {
2026 status = nfserr_wrong_cred;
2027 goto out;
2028 }
136e658d 2029 if (!creds_match) { /* case 9 */
ea236d07 2030 status = nfserr_perm;
136e658d
BF		 2031 goto out;
2032 }
2033 if (!verfs_match) { /* case 8 */
0733d213
AA		 2034 status = nfserr_not_same;
2035 goto out;
2036 }
136e658d
BF		 2037 /* case 6 */
2038 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
2039 new = conf;
2040 goto out_copy;
0733d213 2041 }
136e658d 2042 if (!creds_match) { /* case 3 */
631fc9ea
BF		 2043 if (client_has_state(conf)) {
2044 status = nfserr_clid_inuse;
0733d213
AA		 2045 goto out;
2046 }
2047 expire_client(conf);
2048 goto out_new;
2049 }
136e658d 2050 if (verfs_match) { /* case 2 */
0f1ba0ef 2051 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d
BF		 2052 new = conf;
2053 goto out_copy;
2054 }
2055 /* case 5, client reboot */
136e658d 2056 goto out_new;
6ddbbbfe
MS		 2057 }
2058
2dbb269d 2059 if (update) { /* case 7 */
6ddbbbfe
MS		 2060 status = nfserr_noent;
2061 goto out;
0733d213
AA		 2062 }
2063
a99454aa 2064 unconf = find_unconfirmed_client_by_name(&exid->clname, nn);
2dbb269d 2065 if (unconf) /* case 4, possible retry or client restart */
0733d213 2066 expire_client(unconf);
0733d213 2067
2dbb269d 2068 /* case 1 (normal case) */
0733d213 2069out_new:
2216d449 2070 new = create_client(exid->clname, rqstp, &verf);
0733d213 2071 if (new == NULL) {
4731030d 2072 status = nfserr_jukebox;
0733d213
AA		 2073 goto out;
2074 }
4f540e29 2075 new->cl_minorversion = cstate->minorversion;
57266a6e 2076 new->cl_mach_cred = (exid->spa_how == SP4_MACH_CRED);
0733d213 2077
c212cecf 2078 gen_clid(new, nn);
ac55fdc4 2079 add_to_unconfirmed(new);
0733d213
AA		 2080out_copy:
2081 exid->clientid.cl_boot = new->cl_clientid.cl_boot;
2082 exid->clientid.cl_id = new->cl_clientid.cl_id;
2083
778df3f0 2084 exid->seqid = new->cl_cs_slot.sl_seqid + 1;
0733d213
AA		 2085 nfsd4_set_ex_flags(new, exid);
2086
2087 dprintk("nfsd4_exchange_id seqid %d flags %x\n",
49557cc7 2088 new->cl_cs_slot.sl_seqid, new->cl_exchange_flags);
0733d213
AA		 2089 status = nfs_ok;
2090
2091out:
2092 nfs4_unlock_state();
0733d213 2093 return status;
069b6ad4
AA		 2094}
2095
57b7b43b 2096static __be32
88e588d5 2097check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
b85d4c01 2098{
88e588d5
AA		 2099 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
2100 slot_seqid);
b85d4c01
BH		 2101
2102 /* The slot is in use, and no response has been sent. */
88e588d5
AA		 2103 if (slot_inuse) {
2104 if (seqid == slot_seqid)
b85d4c01
BH		 2105 return nfserr_jukebox;
2106 else
2107 return nfserr_seq_misordered;
2108 }
f6d82485 2109 /* Note unsigned 32-bit arithmetic handles wraparound: */
88e588d5 2110 if (likely(seqid == slot_seqid + 1))
b85d4c01 2111 return nfs_ok;
88e588d5 2112 if (seqid == slot_seqid)
b85d4c01 2113 return nfserr_replay_cache;
b85d4c01
BH		 2114 return nfserr_seq_misordered;
2115}
2116
49557cc7
AA		 2117/*
2118 * Cache the create session result into the create session single DRC
2119 * slot cache by saving the xdr structure. sl_seqid has been set.
2120 * Do this for solo or embedded create session operations.
2121 */
2122static void
2123nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
57b7b43b 2124 struct nfsd4_clid_slot *slot, __be32 nfserr)
49557cc7
AA		 2125{
2126 slot->sl_status = nfserr;
2127 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
2128}
2129
2130static __be32
2131nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
2132 struct nfsd4_clid_slot *slot)
2133{
2134 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
2135 return slot->sl_status;
2136}
2137
1b74c25b
MJ		 2138#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
2139 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
2140 1 + /* MIN tag is length with zero, only length */ \
2141 3 + /* version, opcount, opcode */ \
2142 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2143 /* seqid, slotID, slotID, cache */ \
2144 4 ) * sizeof(__be32))
2145
2146#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
2147 2 + /* verifier: AUTH_NULL, length 0 */\
2148 1 + /* status */ \
2149 1 + /* MIN tag is length with zero, only length */ \
2150 3 + /* opcount, opcode, opstatus*/ \
2151 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2152 /* seqid, slotID, slotID, slotID, status */ \
2153 5 ) * sizeof(__be32))
2154
55c760cf 2155static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
1b74c25b 2156{
55c760cf
BF		 2157 u32 maxrpc = nn->nfsd_serv->sv_max_mesg;
2158
373cd409
BF		 2159 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ)
2160 return nfserr_toosmall;
2161 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ)
2162 return nfserr_toosmall;
55c760cf
BF		 2163 ca->headerpadsz = 0;
2164 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc);
2165 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc);
2166 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND);
2167 ca->maxresp_cached = min_t(u32, ca->maxresp_cached,
2168 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ);
2169 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION);
2170 /*
2171 * Note decreasing slot size below client's request may make it
2172 * difficult for client to function correctly, whereas
2173 * decreasing the number of slots will (just?) affect
2174 * performance. When short on memory we therefore prefer to
2175 * decrease number of slots instead of their size. Clients that
2176 * request larger slots than they need will get poor results:
2177 */
2178 ca->maxreqs = nfsd4_get_drc_mem(ca);
2179 if (!ca->maxreqs)
2180 return nfserr_jukebox;
2181
373cd409 2182 return nfs_ok;
1b74c25b
MJ		 2183}
2184
8a891633
KM		 2185#define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
2186 RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32))
2187#define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
2188 RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32))
2189
06b332a5 2190static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
1b74c25b 2191{
06b332a5
BF		 2192 ca->headerpadsz = 0;
2193
2194 /*
2195 * These RPC_MAX_HEADER macros are overkill, especially since we
2196 * don't even do gss on the backchannel yet. But this is still
2197 * less than 1k. Tighten up this estimate in the unlikely event
2198 * it turns out to be a problem for some client:
2199 */
8a891633 2200 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
06b332a5 2201 return nfserr_toosmall;
8a891633 2202 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
06b332a5
BF		 2203 return nfserr_toosmall;
2204 ca->maxresp_cached = 0;
2205 if (ca->maxops < 2)
2206 return nfserr_toosmall;
2207
2208 return nfs_ok;
1b74c25b
MJ		 2209}
2210
b78724b7
BF		 2211static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs)
2212{
2213 switch (cbs->flavor) {
2214 case RPC_AUTH_NULL:
2215 case RPC_AUTH_UNIX:
2216 return nfs_ok;
2217 default:
2218 /*
2219 * GSS case: the spec doesn't allow us to return this
2220 * error. But it also doesn't allow us not to support
2221 * GSS.
2222 * I'd rather this fail hard than return some error the
2223 * client might think it can already handle:
2224 */
2225 return nfserr_encr_alg_unsupp;
2226 }
2227}
2228
069b6ad4
AA		 2229__be32
2230nfsd4_create_session(struct svc_rqst *rqstp,
2231 struct nfsd4_compound_state *cstate,
2232 struct nfsd4_create_session *cr_ses)
2233{
363168b4 2234 struct sockaddr *sa = svc_addr(rqstp);
ec6b5d7b 2235 struct nfs4_client *conf, *unconf;
ac7c46f2 2236 struct nfsd4_session *new;
81f0b2a4 2237 struct nfsd4_conn *conn;
49557cc7 2238 struct nfsd4_clid_slot *cs_slot = NULL;
57b7b43b 2239 __be32 status = 0;
8daae4dc 2240 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
ec6b5d7b 2241
a62573dc
MJ		 2242 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
2243 return nfserr_inval;
b78724b7
BF		 2244 status = nfsd4_check_cb_sec(&cr_ses->cb_sec);
2245 if (status)
2246 return status;
55c760cf 2247 status = check_forechannel_attrs(&cr_ses->fore_channel, nn);
06b332a5
BF		 2248 if (status)
2249 return status;
2250 status = check_backchannel_attrs(&cr_ses->back_channel);
373cd409 2251 if (status)
f403e450 2252 goto out_release_drc_mem;
81f0b2a4 2253 status = nfserr_jukebox;
60810e54 2254 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel);
55c760cf
BF		 2255 if (!new)
2256 goto out_release_drc_mem;
81f0b2a4
BF		 2257 conn = alloc_conn_from_crses(rqstp, cr_ses);
2258 if (!conn)
2259 goto out_free_session;
a62573dc 2260
ec6b5d7b 2261 nfs4_lock_state();
0a7ec377 2262 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn);
8daae4dc 2263 conf = find_confirmed_client(&cr_ses->clientid, true, nn);
78389046 2264 WARN_ON_ONCE(conf && unconf);
ec6b5d7b
AA		 2265
2266 if (conf) {
57266a6e
BF		 2267 status = nfserr_wrong_cred;
2268 if (!mach_creds_match(conf, rqstp))
2269 goto out_free_conn;
49557cc7
AA		 2270 cs_slot = &conf->cl_cs_slot;
2271 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5 2272 if (status == nfserr_replay_cache) {
49557cc7 2273 status = nfsd4_replay_create_session(cr_ses, cs_slot);
81f0b2a4 2274 goto out_free_conn;
49557cc7 2275 } else if (cr_ses->seqid != cs_slot->sl_seqid + 1) {
ec6b5d7b 2276 status = nfserr_seq_misordered;
81f0b2a4 2277 goto out_free_conn;
ec6b5d7b 2278 }
ec6b5d7b 2279 } else if (unconf) {
8f9d3d3b 2280 struct nfs4_client *old;
ec6b5d7b 2281 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
363168b4 2282 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
ec6b5d7b 2283 status = nfserr_clid_inuse;
81f0b2a4 2284 goto out_free_conn;
ec6b5d7b 2285 }
57266a6e
BF		 2286 status = nfserr_wrong_cred;
2287 if (!mach_creds_match(unconf, rqstp))
2288 goto out_free_conn;
49557cc7
AA		 2289 cs_slot = &unconf->cl_cs_slot;
2290 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5
AA		 2291 if (status) {
2292 /* an unconfirmed replay returns misordered */
ec6b5d7b 2293 status = nfserr_seq_misordered;
81f0b2a4 2294 goto out_free_conn;
ec6b5d7b 2295 }
382a62e7 2296 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876
BF		 2297 if (old) {
2298 status = mark_client_expired(old);
2299 if (status)
2300 goto out_free_conn;
8f9d3d3b 2301 expire_client(old);
221a6876 2302 }
8f9d3d3b 2303 move_to_confirmed(unconf);
ec6b5d7b
AA		 2304 conf = unconf;
2305 } else {
2306 status = nfserr_stale_clientid;
81f0b2a4 2307 goto out_free_conn;
ec6b5d7b 2308 }
81f0b2a4 2309 status = nfs_ok;
408b79bc
BF		 2310 /*
2311 * We do not support RDMA or persistent sessions
2312 */
2313 cr_ses->flags &= ~SESSION4_PERSIST;
2314 cr_ses->flags &= ~SESSION4_RDMA;
2315
81f0b2a4
BF		 2316 init_session(rqstp, new, conf, cr_ses);
2317 nfsd4_init_conn(rqstp, conn, new);
2318
ac7c46f2 2319 memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
ec6b5d7b 2320 NFS4_MAX_SESSIONID_LEN);
86c3e16c 2321 cs_slot->sl_seqid++;
49557cc7 2322 cr_ses->seqid = cs_slot->sl_seqid;
ec6b5d7b 2323
49557cc7
AA		 2324 /* cache solo and embedded create sessions under the state lock */
2325 nfsd4_cache_create_session(cr_ses, cs_slot, status);
ec6b5d7b 2326 nfs4_unlock_state();
ec6b5d7b 2327 return status;
81f0b2a4 2328out_free_conn:
266533c6 2329 nfs4_unlock_state();
81f0b2a4
BF		 2330 free_conn(conn);
2331out_free_session:
2332 __free_session(new);
55c760cf
BF		 2333out_release_drc_mem:
2334 nfsd4_put_drc_mem(&cr_ses->fore_channel);
1ca50792 2335 return status;
069b6ad4
AA		 2336}
2337
1d1bc8f2
BF		 2338static __be32 nfsd4_map_bcts_dir(u32 *dir)
2339{
2340 switch (*dir) {
2341 case NFS4_CDFC4_FORE:
2342 case NFS4_CDFC4_BACK:
2343 return nfs_ok;
2344 case NFS4_CDFC4_FORE_OR_BOTH:
2345 case NFS4_CDFC4_BACK_OR_BOTH:
2346 *dir = NFS4_CDFC4_BOTH;
2347 return nfs_ok;
2348 };
2349 return nfserr_inval;
2350}
2351
cb73a9f4
BF		 2352__be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_backchannel_ctl *bc)
2353{
2354 struct nfsd4_session *session = cstate->session;
c9a49628 2355 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
b78724b7 2356 __be32 status;
cb73a9f4 2357
b78724b7
BF		 2358 status = nfsd4_check_cb_sec(&bc->bc_cb_sec);
2359 if (status)
2360 return status;
c9a49628 2361 spin_lock(&nn->client_lock);
cb73a9f4
BF		 2362 session->se_cb_prog = bc->bc_cb_program;
2363 session->se_cb_sec = bc->bc_cb_sec;
c9a49628 2364 spin_unlock(&nn->client_lock);
cb73a9f4
BF		 2365
2366 nfsd4_probe_callback(session->se_client);
2367
2368 return nfs_ok;
2369}
2370
1d1bc8f2
BF		 2371__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
2372 struct nfsd4_compound_state *cstate,
2373 struct nfsd4_bind_conn_to_session *bcts)
2374{
2375 __be32 status;
3ba63671 2376 struct nfsd4_conn *conn;
4f6e6c17 2377 struct nfsd4_session *session;
d4e19e70
TM		 2378 struct net *net = SVC_NET(rqstp);
2379 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1d1bc8f2
BF		 2380
2381 if (!nfsd4_last_compound_op(rqstp))
2382 return nfserr_not_only_op;
4f6e6c17 2383 nfs4_lock_state();
c9a49628 2384 spin_lock(&nn->client_lock);
d4e19e70 2385 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status);
c9a49628 2386 spin_unlock(&nn->client_lock);
4f6e6c17 2387 if (!session)
d4e19e70 2388 goto out_no_session;
57266a6e
BF		 2389 status = nfserr_wrong_cred;
2390 if (!mach_creds_match(session->se_client, rqstp))
2391 goto out;
1d1bc8f2 2392 status = nfsd4_map_bcts_dir(&bcts->dir);
3ba63671 2393 if (status)
4f6e6c17 2394 goto out;
3ba63671 2395 conn = alloc_conn(rqstp, bcts->dir);
4f6e6c17 2396 status = nfserr_jukebox;
3ba63671 2397 if (!conn)
4f6e6c17
BF		 2398 goto out;
2399 nfsd4_init_conn(rqstp, conn, session);
2400 status = nfs_ok;
2401out:
d4e19e70
TM		 2402 nfsd4_put_session(session);
2403out_no_session:
4f6e6c17
BF		 2404 nfs4_unlock_state();
2405 return status;
1d1bc8f2
BF		 2406}
2407
5d4cec2f
BF		 2408static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
2409{
2410 if (!session)
2411 return 0;
2412 return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
2413}
2414
069b6ad4
AA		 2415__be32
2416nfsd4_destroy_session(struct svc_rqst *r,
2417 struct nfsd4_compound_state *cstate,
2418 struct nfsd4_destroy_session *sessionid)
2419{
e10e0cfc 2420 struct nfsd4_session *ses;
abcdff09 2421 __be32 status;
f0f51f5c 2422 int ref_held_by_me = 0;
d4e19e70
TM		 2423 struct net *net = SVC_NET(r);
2424 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
e10e0cfc 2425
abcdff09
BF		 2426 nfs4_lock_state();
2427 status = nfserr_not_only_op;
5d4cec2f 2428 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
57716355 2429 if (!nfsd4_last_compound_op(r))
abcdff09 2430 goto out;
f0f51f5c 2431 ref_held_by_me++;
57716355 2432 }
e10e0cfc 2433 dump_sessionid(__func__, &sessionid->sessionid);
c9a49628 2434 spin_lock(&nn->client_lock);
d4e19e70 2435 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status);
abcdff09
BF		 2436 if (!ses)
2437 goto out_client_lock;
57266a6e
BF		 2438 status = nfserr_wrong_cred;
2439 if (!mach_creds_match(ses->se_client, r))
d4e19e70 2440 goto out_put_session;
f0f51f5c 2441 status = mark_session_dead_locked(ses, 1 + ref_held_by_me);
66b2b9b2 2442 if (status)
f0f51f5c 2443 goto out_put_session;
e10e0cfc 2444 unhash_session(ses);
c9a49628 2445 spin_unlock(&nn->client_lock);
e10e0cfc 2446
84f5f7cc 2447 nfsd4_probe_callback_sync(ses->se_client);
19cf5c02 2448
c9a49628 2449 spin_lock(&nn->client_lock);
e10e0cfc 2450 status = nfs_ok;
f0f51f5c 2451out_put_session:
d4e19e70 2452 nfsd4_put_session_locked(ses);
abcdff09
BF		 2453out_client_lock:
2454 spin_unlock(&nn->client_lock);
e10e0cfc 2455out:
abcdff09 2456 nfs4_unlock_state();
e10e0cfc 2457 return status;
069b6ad4
AA		 2458}
2459
a663bdd8 2460static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
328ead28
BF		 2461{
2462 struct nfsd4_conn *c;
2463
2464 list_for_each_entry(c, &s->se_conns, cn_persession) {
a663bdd8 2465 if (c->cn_xprt == xpt) {
328ead28
BF		 2466 return c;
2467 }
2468 }
2469 return NULL;
2470}
2471
57266a6e 2472static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
328ead28
BF		 2473{
2474 struct nfs4_client *clp = ses->se_client;
a663bdd8 2475 struct nfsd4_conn *c;
57266a6e 2476 __be32 status = nfs_ok;
21b75b01 2477 int ret;
328ead28
BF		 2478
2479 spin_lock(&clp->cl_lock);
a663bdd8 2480 c = __nfsd4_find_conn(new->cn_xprt, ses);
57266a6e
BF		 2481 if (c)
2482 goto out_free;
2483 status = nfserr_conn_not_bound_to_session;
2484 if (clp->cl_mach_cred)
2485 goto out_free;
328ead28
BF		 2486 __nfsd4_hash_conn(new, ses);
2487 spin_unlock(&clp->cl_lock);
21b75b01
BF		 2488 ret = nfsd4_register_conn(new);
2489 if (ret)
2490 /* oops; xprt is already down: */
2491 nfsd4_conn_lost(&new->cn_xpt_user);
57266a6e
BF		 2492 return nfs_ok;
2493out_free:
2494 spin_unlock(&clp->cl_lock);
2495 free_conn(new);
2496 return status;
328ead28
BF		 2497}
2498
868b89c3
MJ		 2499static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
2500{
2501 struct nfsd4_compoundargs *args = rqstp->rq_argp;
2502
2503 return args->opcnt > session->se_fchannel.maxops;
2504}
2505
ae82a8d0
MJ		 2506static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
2507 struct nfsd4_session *session)
2508{
2509 struct xdr_buf *xb = &rqstp->rq_arg;
2510
2511 return xb->len > session->se_fchannel.maxreq_sz;
2512}
2513
069b6ad4 2514__be32
b85d4c01 2515nfsd4_sequence(struct svc_rqst *rqstp,
069b6ad4
AA		 2516 struct nfsd4_compound_state *cstate,
2517 struct nfsd4_sequence *seq)
2518{
f9bb94c4 2519 struct nfsd4_compoundres *resp = rqstp->rq_resp;
47ee5298 2520 struct xdr_stream *xdr = &resp->xdr;
b85d4c01 2521 struct nfsd4_session *session;
221a6876 2522 struct nfs4_client *clp;
b85d4c01 2523 struct nfsd4_slot *slot;
a663bdd8 2524 struct nfsd4_conn *conn;
57b7b43b 2525 __be32 status;
47ee5298 2526 int buflen;
d4e19e70
TM		 2527 struct net *net = SVC_NET(rqstp);
2528 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b85d4c01 2529
f9bb94c4
AA		 2530 if (resp->opcnt != 1)
2531 return nfserr_sequence_pos;
2532
a663bdd8
BF		 2533 /*
2534 * Will be either used or freed by nfsd4_sequence_check_conn
2535 * below.
2536 */
2537 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
2538 if (!conn)
2539 return nfserr_jukebox;
2540
c9a49628 2541 spin_lock(&nn->client_lock);
d4e19e70 2542 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status);
b85d4c01 2543 if (!session)
221a6876
BF		 2544 goto out_no_session;
2545 clp = session->se_client;
b85d4c01 2546
868b89c3
MJ		 2547 status = nfserr_too_many_ops;
2548 if (nfsd4_session_too_many_ops(rqstp, session))
66b2b9b2 2549 goto out_put_session;
868b89c3 2550
ae82a8d0
MJ		 2551 status = nfserr_req_too_big;
2552 if (nfsd4_request_too_big(rqstp, session))
66b2b9b2 2553 goto out_put_session;
ae82a8d0 2554
b85d4c01 2555 status = nfserr_badslot;
6c18ba9f 2556 if (seq->slotid >= session->se_fchannel.maxreqs)
66b2b9b2 2557 goto out_put_session;
b85d4c01 2558
557ce264 2559 slot = session->se_slots[seq->slotid];
b85d4c01
BH		 2560 dprintk("%s: slotid %d\n", __func__, seq->slotid);
2561
a8dfdaeb
AA		 2562 /* We do not negotiate the number of slots yet, so set the
2563 * maxslots to the session maxreqs which is used to encode
2564 * sr_highest_slotid and the sr_target_slot id to maxslots */
2565 seq->maxslots = session->se_fchannel.maxreqs;
2566
73e79482
BF		 2567 status = check_slot_seqid(seq->seqid, slot->sl_seqid,
2568 slot->sl_flags & NFSD4_SLOT_INUSE);
b85d4c01 2569 if (status == nfserr_replay_cache) {
bf5c43c8
BF		 2570 status = nfserr_seq_misordered;
2571 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
66b2b9b2 2572 goto out_put_session;
b85d4c01
BH		 2573 cstate->slot = slot;
2574 cstate->session = session;
4b24ca7d 2575 cstate->clp = clp;
da3846a2 2576 /* Return the cached reply status and set cstate->status
557ce264 2577 * for nfsd4_proc_compound processing */
bf864a31 2578 status = nfsd4_replay_cache_entry(resp, seq);
da3846a2 2579 cstate->status = nfserr_replay_cache;
aaf84eb9 2580 goto out;
b85d4c01
BH		 2581 }
2582 if (status)
66b2b9b2 2583 goto out_put_session;
b85d4c01 2584
57266a6e 2585 status = nfsd4_sequence_check_conn(conn, session);
a663bdd8 2586 conn = NULL;
57266a6e
BF		 2587 if (status)
2588 goto out_put_session;
328ead28 2589
47ee5298
BF		 2590 buflen = (seq->cachethis) ?
2591 session->se_fchannel.maxresp_cached :
2592 session->se_fchannel.maxresp_sz;
2593 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :
2594 nfserr_rep_too_big;
a5cddc88 2595 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))
47ee5298 2596 goto out_put_session;
32aaa62e 2597 svc_reserve(rqstp, buflen);
47ee5298
BF		 2598
2599 status = nfs_ok;
b85d4c01 2600 /* Success! bump slot seqid */
b85d4c01 2601 slot->sl_seqid = seq->seqid;
bf5c43c8 2602 slot->sl_flags |= NFSD4_SLOT_INUSE;
73e79482
BF		 2603 if (seq->cachethis)
2604 slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
bf5c43c8
BF		 2605 else
2606 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
b85d4c01
BH		 2607
2608 cstate->slot = slot;
2609 cstate->session = session;
4b24ca7d 2610 cstate->clp = clp;
b85d4c01 2611
b85d4c01 2612out:
221a6876
BF		 2613 switch (clp->cl_cb_state) {
2614 case NFSD4_CB_DOWN:
2615 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
2616 break;
2617 case NFSD4_CB_FAULT:
2618 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
2619 break;
2620 default:
2621 seq->status_flags = 0;
aaf84eb9 2622 }
3bd64a5b
BF		 2623 if (!list_empty(&clp->cl_revoked))
2624 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED;
221a6876 2625out_no_session:
3f42d2c4
KM		 2626 if (conn)
2627 free_conn(conn);
c9a49628 2628 spin_unlock(&nn->client_lock);
b85d4c01 2629 return status;
66b2b9b2 2630out_put_session:
d4e19e70 2631 nfsd4_put_session_locked(session);
221a6876 2632 goto out_no_session;
069b6ad4
AA		 2633}
2634
b607664e
TM		 2635void
2636nfsd4_sequence_done(struct nfsd4_compoundres *resp)
2637{
2638 struct nfsd4_compound_state *cs = &resp->cstate;
2639
2640 if (nfsd4_has_session(cs)) {
b607664e
TM		 2641 if (cs->status != nfserr_replay_cache) {
2642 nfsd4_store_cache_entry(resp);
2643 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE;
2644 }
d4e19e70 2645 /* Drop session reference that was taken in nfsd4_sequence() */
b607664e 2646 nfsd4_put_session(cs->session);
4b24ca7d
JL		 2647 } else if (cs->clp)
2648 put_client_renew(cs->clp);
b607664e
TM		 2649}
2650
345c2842
MJ		 2651__be32
2652nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
2653{
2654 struct nfs4_client *conf, *unconf, *clp;
57b7b43b 2655 __be32 status = 0;
8daae4dc 2656 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
345c2842
MJ		 2657
2658 nfs4_lock_state();
0a7ec377 2659 unconf = find_unconfirmed_client(&dc->clientid, true, nn);
8daae4dc 2660 conf = find_confirmed_client(&dc->clientid, true, nn);
78389046 2661 WARN_ON_ONCE(conf && unconf);
345c2842
MJ		 2662
2663 if (conf) {
2664 clp = conf;
2665
c0293b01 2666 if (client_has_state(conf)) {
345c2842
MJ		 2667 status = nfserr_clientid_busy;
2668 goto out;
2669 }
2670 } else if (unconf)
2671 clp = unconf;
2672 else {
2673 status = nfserr_stale_clientid;
2674 goto out;
2675 }
57266a6e
BF		 2676 if (!mach_creds_match(clp, rqstp)) {
2677 status = nfserr_wrong_cred;
2678 goto out;
2679 }
345c2842
MJ		 2680 expire_client(clp);
2681out:
2682 nfs4_unlock_state();
345c2842
MJ		 2683 return status;
2684}
2685
4dc6ec00
BF		 2686__be32
2687nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
2688{
57b7b43b 2689 __be32 status = 0;
bcecf1cc 2690
4dc6ec00
BF		 2691 if (rc->rca_one_fs) {
2692 if (!cstate->current_fh.fh_dentry)
2693 return nfserr_nofilehandle;
2694 /*
2695 * We don't take advantage of the rca_one_fs case.
2696 * That's OK, it's optional, we can safely ignore it.
2697 */
2698 return nfs_ok;
2699 }
bcecf1cc 2700
4dc6ec00 2701 nfs4_lock_state();
bcecf1cc 2702 status = nfserr_complete_already;
a52d726b
JL		 2703 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
2704 &cstate->session->se_client->cl_flags))
bcecf1cc
MJ		 2705 goto out;
2706
2707 status = nfserr_stale_clientid;
2708 if (is_client_expired(cstate->session->se_client))
4dc6ec00
BF		 2709 /*
2710 * The following error isn't really legal.
2711 * But we only get here if the client just explicitly
2712 * destroyed the client. Surely it no longer cares what
2713 * error it gets back on an operation for the dead
2714 * client.
2715 */
bcecf1cc
MJ		 2716 goto out;
2717
2718 status = nfs_ok;
2a4317c5 2719 nfsd4_client_record_create(cstate->session->se_client);
bcecf1cc 2720out:
4dc6ec00 2721 nfs4_unlock_state();
bcecf1cc 2722 return status;
4dc6ec00
BF		 2723}
2724
b37ad28b 2725__be32
b591480b
BF		 2726nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
2727 struct nfsd4_setclientid *setclid)
1da177e4 2728{
a084daf5 2729 struct xdr_netobj clname = setclid->se_name;
1da177e4 2730 nfs4_verifier clverifier = setclid->se_verf;
28ce6054 2731 struct nfs4_client *conf, *unconf, *new;
b37ad28b 2732 __be32 status;
c212cecf
SK		 2733 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2734
63db4632 2735 /* Cases below refer to rfc 3530 section 14.2.33: */
1da177e4 2736 nfs4_lock_state();
382a62e7 2737 conf = find_confirmed_client_by_name(&clname, nn);
28ce6054 2738 if (conf) {
63db4632 2739 /* case 0: */
1da177e4 2740 status = nfserr_clid_inuse;
e203d506
BF		 2741 if (clp_used_exchangeid(conf))
2742 goto out;
026722c2 2743 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
363168b4
JL		 2744 char addr_str[INET6_ADDRSTRLEN];
2745 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
2746 sizeof(addr_str));
2747 dprintk("NFSD: setclientid: string in use by client "
2748 "at %s\n", addr_str);
1da177e4
LT		 2749 goto out;
2750 }
1da177e4 2751 }
a99454aa 2752 unconf = find_unconfirmed_client_by_name(&clname, nn);
8f930711
BF		 2753 if (unconf)
2754 expire_client(unconf);
3e772463 2755 status = nfserr_jukebox;
2216d449 2756 new = create_client(clname, rqstp, &clverifier);
8f930711
BF		 2757 if (new == NULL)
2758 goto out;
34b232bb 2759 if (conf && same_verf(&conf->cl_verifier, &clverifier))
63db4632 2760 /* case 1: probable callback update */
1da177e4 2761 copy_clid(new, conf);
34b232bb 2762 else /* case 4 (new client) or cases 2, 3 (client reboot): */
c212cecf 2763 gen_clid(new, nn);
8323c3b2 2764 new->cl_minorversion = 0;
6f3d772f 2765 gen_callback(new, setclid, rqstp);
ac55fdc4 2766 add_to_unconfirmed(new);
1da177e4
LT		 2767 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
2768 setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
2769 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
2770 status = nfs_ok;
2771out:
2772 nfs4_unlock_state();
2773 return status;
2774}
2775
2776
b37ad28b 2777__be32
b591480b
BF		 2778nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
2779 struct nfsd4_compound_state *cstate,
2780 struct nfsd4_setclientid_confirm *setclientid_confirm)
1da177e4 2781{
21ab45a4 2782 struct nfs4_client *conf, *unconf;
1da177e4
LT		 2783 nfs4_verifier confirm = setclientid_confirm->sc_confirm;
2784 clientid_t * clid = &setclientid_confirm->sc_clientid;
b37ad28b 2785 __be32 status;
7f2210fa 2786 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 2787
2c142baa 2788 if (STALE_CLIENTID(clid, nn))
1da177e4 2789 return nfserr_stale_clientid;
1da177e4 2790 nfs4_lock_state();
21ab45a4 2791
8daae4dc 2792 conf = find_confirmed_client(clid, false, nn);
0a7ec377 2793 unconf = find_unconfirmed_client(clid, false, nn);
a186e767 2794 /*
8695b90a
BF		 2795 * We try hard to give out unique clientid's, so if we get an
2796 * attempt to confirm the same clientid with a different cred,
2797 * there's a bug somewhere. Let's charitably assume it's our
2798 * bug.
a186e767 2799 */
8695b90a
BF		 2800 status = nfserr_serverfault;
2801 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
2802 goto out;
2803 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
2804 goto out;
63db4632 2805 /* cases below refer to rfc 3530 section 14.2.34: */
90d700b7
BF		 2806 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
2807 if (conf && !unconf) /* case 2: probable retransmit */
1da177e4 2808 status = nfs_ok;
90d700b7
BF		 2809 else /* case 4: client hasn't noticed we rebooted yet? */
2810 status = nfserr_stale_clientid;
2811 goto out;
2812 }
2813 status = nfs_ok;
2814 if (conf) { /* case 1: callback update */
8695b90a
BF		 2815 nfsd4_change_callback(conf, &unconf->cl_cb_conn);
2816 nfsd4_probe_callback(conf);
2817 expire_client(unconf);
90d700b7 2818 } else { /* case 3: normal case; new or rebooted client */
382a62e7 2819 conf = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876
BF		 2820 if (conf) {
2821 status = mark_client_expired(conf);
2822 if (status)
2823 goto out;
8695b90a 2824 expire_client(conf);
221a6876 2825 }
8695b90a 2826 move_to_confirmed(unconf);
f3d03b92 2827 nfsd4_probe_callback(unconf);
08e8987c 2828 }
1da177e4 2829out:
1da177e4
LT		 2830 nfs4_unlock_state();
2831 return status;
2832}
2833
32513b40
BF		 2834static struct nfs4_file *nfsd4_alloc_file(void)
2835{
2836 return kmem_cache_alloc(file_slab, GFP_KERNEL);
2837}
2838
1da177e4 2839/* OPEN Share state helper functions */
f9c00c3a 2840static void nfsd4_init_file(struct nfs4_file *fp, struct knfsd_fh *fh)
1da177e4 2841{
ca943217 2842 unsigned int hashval = file_hashval(fh);
1da177e4 2843
950e0118
TM		 2844 lockdep_assert_held(&state_lock);
2845
32513b40 2846 atomic_set(&fp->fi_ref, 1);
1d31a253 2847 spin_lock_init(&fp->fi_lock);
32513b40
BF		 2848 INIT_LIST_HEAD(&fp->fi_stateids);
2849 INIT_LIST_HEAD(&fp->fi_delegations);
e2cf80d7 2850 fh_copy_shallow(&fp->fi_fhandle, fh);
32513b40
BF		 2851 fp->fi_had_conflict = false;
2852 fp->fi_lease = NULL;
baeb4ff0 2853 fp->fi_share_deny = 0;
32513b40
BF		 2854 memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
2855 memset(fp->fi_access, 0, sizeof(fp->fi_access));
89876f8c 2856 hlist_add_head(&fp->fi_hash, &file_hashtbl[hashval]);
1da177e4
LT		 2857}
2858
e8ff2a84 2859void
1da177e4
LT		 2860nfsd4_free_slabs(void)
2861{
abf1135b
CH		 2862 kmem_cache_destroy(openowner_slab);
2863 kmem_cache_destroy(lockowner_slab);
2864 kmem_cache_destroy(file_slab);
2865 kmem_cache_destroy(stateid_slab);
2866 kmem_cache_destroy(deleg_slab);
e60d4398 2867}
1da177e4 2868
72083396 2869int
e60d4398
N		 2870nfsd4_init_slabs(void)
2871{
fe0750e5
BF		 2872 openowner_slab = kmem_cache_create("nfsd4_openowners",
2873 sizeof(struct nfs4_openowner), 0, 0, NULL);
2874 if (openowner_slab == NULL)
abf1135b 2875 goto out;
fe0750e5 2876 lockowner_slab = kmem_cache_create("nfsd4_lockowners",
3c40794b 2877 sizeof(struct nfs4_lockowner), 0, 0, NULL);
fe0750e5 2878 if (lockowner_slab == NULL)
abf1135b 2879 goto out_free_openowner_slab;
e60d4398 2880 file_slab = kmem_cache_create("nfsd4_files",
20c2df83 2881 sizeof(struct nfs4_file), 0, 0, NULL);
e60d4398 2882 if (file_slab == NULL)
abf1135b 2883 goto out_free_lockowner_slab;
5ac049ac 2884 stateid_slab = kmem_cache_create("nfsd4_stateids",
dcef0413 2885 sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
5ac049ac 2886 if (stateid_slab == NULL)
abf1135b 2887 goto out_free_file_slab;
5b2d21c1 2888 deleg_slab = kmem_cache_create("nfsd4_delegations",
20c2df83 2889 sizeof(struct nfs4_delegation), 0, 0, NULL);
5b2d21c1 2890 if (deleg_slab == NULL)
abf1135b 2891 goto out_free_stateid_slab;
e60d4398 2892 return 0;
abf1135b
CH		 2893
2894out_free_stateid_slab:
2895 kmem_cache_destroy(stateid_slab);
2896out_free_file_slab:
2897 kmem_cache_destroy(file_slab);
2898out_free_lockowner_slab:
2899 kmem_cache_destroy(lockowner_slab);
2900out_free_openowner_slab:
2901 kmem_cache_destroy(openowner_slab);
2902out:
e60d4398
N		 2903 dprintk("nfsd4: out of memory while initializing nfsv4\n");
2904 return -ENOMEM;
1da177e4
LT		 2905}
2906
ff194bd9 2907static void init_nfs4_replay(struct nfs4_replay *rp)
1da177e4 2908{
ff194bd9
BF		 2909 rp->rp_status = nfserr_serverfault;
2910 rp->rp_buflen = 0;
2911 rp->rp_buf = rp->rp_ibuf;
1da177e4
LT		 2912}
2913
fe0750e5 2914static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
ff194bd9 2915{
1da177e4 2916 struct nfs4_stateowner *sop;
1da177e4 2917
fe0750e5 2918 sop = kmem_cache_alloc(slab, GFP_KERNEL);
ff194bd9
BF		 2919 if (!sop)
2920 return NULL;
2921
2922 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
2923 if (!sop->so_owner.data) {
fe0750e5 2924 kmem_cache_free(slab, sop);
1da177e4 2925 return NULL;
ff194bd9
BF		 2926 }
2927 sop->so_owner.len = owner->len;
2928
ea1da636 2929 INIT_LIST_HEAD(&sop->so_stateids);
ff194bd9
BF		 2930 sop->so_client = clp;
2931 init_nfs4_replay(&sop->so_replay);
2932 return sop;
2933}
2934
fe0750e5 2935static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
ff194bd9 2936{
9b531137
SK		 2937 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2938
2939 list_add(&oo->oo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]);
fe0750e5 2940 list_add(&oo->oo_perclient, &clp->cl_openowners);
ff194bd9
BF		 2941}
2942
fe0750e5 2943static struct nfs4_openowner *
13d6f66b 2944alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
db24b3b4
JL		 2945 struct nfsd4_compound_state *cstate)
2946{
13d6f66b 2947 struct nfs4_client *clp = cstate->clp;
fe0750e5 2948 struct nfs4_openowner *oo;
ff194bd9 2949
fe0750e5
BF		 2950 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
2951 if (!oo)
ff194bd9 2952 return NULL;
fe0750e5
BF		 2953 oo->oo_owner.so_is_open_owner = 1;
2954 oo->oo_owner.so_seqid = open->op_seqid;
d29b20cd 2955 oo->oo_flags = NFS4_OO_NEW;
db24b3b4
JL		 2956 if (nfsd4_has_session(cstate))
2957 oo->oo_flags |= NFS4_OO_CONFIRMED;
fe0750e5 2958 oo->oo_time = 0;
38c387b5 2959 oo->oo_last_closed_stid = NULL;
fe0750e5
BF		 2960 INIT_LIST_HEAD(&oo->oo_close_lru);
2961 hash_openowner(oo, clp, strhashval);
2962 return oo;
1da177e4
LT		 2963}
2964
996e0938 2965static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) {
fe0750e5 2966 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 2967
3abdb607 2968 stp->st_stid.sc_type = NFS4_OPEN_STID;
3c87b9b7 2969 INIT_LIST_HEAD(&stp->st_locks);
fe0750e5 2970 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
fe0750e5 2971 stp->st_stateowner = &oo->oo_owner;
13cd2184 2972 get_nfs4_file(fp);
1da177e4 2973 stp->st_file = fp;
1da177e4
LT		 2974 stp->st_access_bmap = 0;
2975 stp->st_deny_bmap = 0;
4c4cd222 2976 stp->st_openstp = NULL;
1d31a253
TM		 2977 spin_lock(&fp->fi_lock);
2978 list_add(&stp->st_perfile, &fp->fi_stateids);
2979 spin_unlock(&fp->fi_lock);
1da177e4
LT		 2980}
2981
fd39ca9a 2982static void
73758fed 2983move_to_close_lru(struct nfs4_openowner *oo, struct net *net)
1da177e4 2984{
73758fed
SK		 2985 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
2986
fe0750e5 2987 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
1da177e4 2988
73758fed 2989 list_move_tail(&oo->oo_close_lru, &nn->close_lru);
fe0750e5 2990 oo->oo_time = get_seconds();
1da177e4
LT		 2991}
2992
1da177e4 2993static int
599e0a22
BF		 2994same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner,
2995 clientid_t *clid)
2996{
2997 return (sop->so_owner.len == owner->len) &&
2998 0 == memcmp(sop->so_owner.data, owner->data, owner->len) &&
2999 (sop->so_client->cl_clientid.cl_id == clid->cl_id);
1da177e4
LT		 3000}
3001
fe0750e5 3002static struct nfs4_openowner *
9b531137
SK		 3003find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open,
3004 bool sessions, struct nfsd_net *nn)
1da177e4 3005{
a50d2ad1
BF		 3006 struct nfs4_stateowner *so;
3007 struct nfs4_openowner *oo;
d15c077e 3008 struct nfs4_client *clp;
1da177e4 3009
9b531137 3010 list_for_each_entry(so, &nn->ownerstr_hashtbl[hashval], so_strhash) {
16bfdaaf
BF		 3011 if (!so->so_is_open_owner)
3012 continue;
a50d2ad1
BF		 3013 if (same_owner_str(so, &open->op_owner, &open->op_clientid)) {
3014 oo = openowner(so);
d15c077e
BF		 3015 clp = oo->oo_owner.so_client;
3016 if ((bool)clp->cl_minorversion != sessions)
3017 return NULL;
a50d2ad1
BF		 3018 renew_client(oo->oo_owner.so_client);
3019 return oo;
3020 }
1da177e4
LT		 3021 }
3022 return NULL;
3023}
3024
3025/* search file_hashtbl[] for file */
3026static struct nfs4_file *
ca943217 3027find_file_locked(struct knfsd_fh *fh)
1da177e4 3028{
ca943217 3029 unsigned int hashval = file_hashval(fh);
1da177e4
LT		 3030 struct nfs4_file *fp;
3031
950e0118
TM		 3032 lockdep_assert_held(&state_lock);
3033
89876f8c 3034 hlist_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) {
ca943217 3035 if (nfsd_fh_match(&fp->fi_fhandle, fh)) {
13cd2184 3036 get_nfs4_file(fp);
1da177e4 3037 return fp;
13cd2184 3038 }
1da177e4
LT		 3039 }
3040 return NULL;
3041}
3042
950e0118 3043static struct nfs4_file *
ca943217 3044find_file(struct knfsd_fh *fh)
950e0118
TM		 3045{
3046 struct nfs4_file *fp;
3047
3048 spin_lock(&state_lock);
ca943217 3049 fp = find_file_locked(fh);
950e0118
TM		 3050 spin_unlock(&state_lock);
3051 return fp;
3052}
3053
3054static struct nfs4_file *
f9c00c3a 3055find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh)
950e0118
TM		 3056{
3057 struct nfs4_file *fp;
3058
3059 spin_lock(&state_lock);
ca943217 3060 fp = find_file_locked(fh);
950e0118 3061 if (fp == NULL) {
f9c00c3a 3062 nfsd4_init_file(new, fh);
950e0118
TM		 3063 fp = new;
3064 }
3065 spin_unlock(&state_lock);
3066
3067 return fp;
3068}
3069
1da177e4
LT		 3070/*
3071 * Called to check deny when READ with all zero stateid or
3072 * WRITE with all zero or all one stateid
3073 */
b37ad28b 3074static __be32
1da177e4
LT		 3075nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
3076{
1da177e4 3077 struct nfs4_file *fp;
baeb4ff0 3078 __be32 ret = nfs_ok;
1da177e4 3079
ca943217 3080 fp = find_file(&current_fh->fh_handle);
13cd2184 3081 if (!fp)
baeb4ff0
JL		 3082 return ret;
3083 /* Check for conflicting share reservations */
1d31a253 3084 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3085 if (fp->fi_share_deny & deny_type)
3086 ret = nfserr_locked;
1d31a253 3087 spin_unlock(&fp->fi_lock);
13cd2184
N		 3088 put_nfs4_file(fp);
3089 return ret;
1da177e4
LT		 3090}
3091
02e1215f 3092void nfsd4_prepare_cb_recall(struct nfs4_delegation *dp)
1da177e4 3093{
e8c69d17
BF		 3094 struct nfs4_client *clp = dp->dl_stid.sc_client;
3095 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
3096
02e1215f
JL		 3097 /*
3098 * We can't do this in nfsd_break_deleg_cb because it is
3099 * already holding inode->i_lock
3100 */
3101 spin_lock(&state_lock);
3102 block_delegations(&dp->dl_fh);
dff1399f
JL		 3103 /*
3104 * If the dl_time != 0, then we know that it has already been
3105 * queued for a lease break. Don't queue it again.
3106 */
3107 if (dp->dl_time == 0) {
dff1399f 3108 dp->dl_time = get_seconds();
02e1215f 3109 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru);
dff1399f 3110 }
02e1215f
JL		 3111 spin_unlock(&state_lock);
3112}
1da177e4 3113
02e1215f
JL		 3114static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
3115{
3116 /*
3117 * We're assuming the state code never drops its reference
3118 * without first removing the lease. Since we're in this lease
3119 * callback (and since the lease code is serialized by the kernel
3120 * lock) we know the server hasn't removed the lease yet, we know
3121 * it's safe to take a reference.
3122 */
72c0b0fb 3123 atomic_inc(&dp->dl_stid.sc_count);
6b57d9c8
BF		 3124 nfsd4_cb_recall(dp);
3125}
3126
1c8c601a 3127/* Called from break_lease() with i_lock held. */
6b57d9c8
BF		 3128static void nfsd_break_deleg_cb(struct file_lock *fl)
3129{
acfdf5c3
BF		 3130 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
3131 struct nfs4_delegation *dp;
6b57d9c8 3132
7fa10cd1
BF		 3133 if (!fp) {
3134 WARN(1, "(%p)->fl_owner NULL\n", fl);
3135 return;
3136 }
3137 if (fp->fi_had_conflict) {
3138 WARN(1, "duplicate break on %p\n", fp);
3139 return;
3140 }
0272e1fd
BF		 3141 /*
3142 * We don't want the locks code to timeout the lease for us;
acfdf5c3 3143 * we'll remove it ourself if a delegation isn't returned
6b57d9c8 3144 * in time:
0272e1fd
BF		 3145 */
3146 fl->fl_break_time = 0;
1da177e4 3147
02e1215f 3148 spin_lock(&fp->fi_lock);
417c6629
JL		 3149 fp->fi_had_conflict = true;
3150 /*
3151 * If there are no delegations on the list, then we can't count on this
3152 * lease ever being cleaned up. Set the fl_break_time to jiffies so that
3153 * time_out_leases will do it ASAP. The fact that fi_had_conflict is now
3154 * true should keep any new delegations from being hashed.
3155 */
3156 if (list_empty(&fp->fi_delegations))
3157 fl->fl_break_time = jiffies;
3158 else
3159 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
3160 nfsd_break_one_deleg(dp);
02e1215f 3161 spin_unlock(&fp->fi_lock);
1da177e4
LT		 3162}
3163
1da177e4
LT		 3164static
3165int nfsd_change_deleg_cb(struct file_lock **onlist, int arg)
3166{
3167 if (arg & F_UNLCK)
3168 return lease_modify(onlist, arg);
3169 else
3170 return -EAGAIN;
3171}
3172
7b021967 3173static const struct lock_manager_operations nfsd_lease_mng_ops = {
8fb47a4f
BF		 3174 .lm_break = nfsd_break_deleg_cb,
3175 .lm_change = nfsd_change_deleg_cb,
1da177e4
LT		 3176};
3177
7a8711c9
BF		 3178static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
3179{
3180 if (nfsd4_has_session(cstate))
3181 return nfs_ok;
3182 if (seqid == so->so_seqid - 1)
3183 return nfserr_replay_me;
3184 if (seqid == so->so_seqid)
3185 return nfs_ok;
3186 return nfserr_bad_seqid;
3187}
1da177e4 3188
4b24ca7d
JL		 3189static __be32 lookup_clientid(clientid_t *clid,
3190 struct nfsd4_compound_state *cstate,
3191 struct nfsd_net *nn)
3192{
3193 struct nfs4_client *found;
3194
3195 if (cstate->clp) {
3196 found = cstate->clp;
3197 if (!same_clid(&found->cl_clientid, clid))
3198 return nfserr_stale_clientid;
3199 return nfs_ok;
3200 }
3201
3202 if (STALE_CLIENTID(clid, nn))
3203 return nfserr_stale_clientid;
3204
3205 /*
3206 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one
3207 * cached already then we know this is for is for v4.0 and "sessions"
3208 * will be false.
3209 */
3210 WARN_ON_ONCE(cstate->session);
3211 found = find_confirmed_client(clid, false, nn);
3212 if (!found)
3213 return nfserr_expired;
3214
3215 /* Cache the nfs4_client in cstate! */
3216 cstate->clp = found;
3217 atomic_inc(&found->cl_refcount);
3218 return nfs_ok;
3219}
3220
b37ad28b 3221__be32
6668958f 3222nfsd4_process_open1(struct nfsd4_compound_state *cstate,
3320fef1 3223 struct nfsd4_open *open, struct nfsd_net *nn)
1da177e4 3224{
1da177e4
LT		 3225 clientid_t *clientid = &open->op_clientid;
3226 struct nfs4_client *clp = NULL;
3227 unsigned int strhashval;
fe0750e5 3228 struct nfs4_openowner *oo = NULL;
4cdc951b 3229 __be32 status;
1da177e4 3230
2c142baa 3231 if (STALE_CLIENTID(&open->op_clientid, nn))
1da177e4 3232 return nfserr_stale_clientid;
32513b40
BF		 3233 /*
3234 * In case we need it later, after we've already created the
3235 * file and don't want to risk a further failure:
3236 */
3237 open->op_file = nfsd4_alloc_file();
3238 if (open->op_file == NULL)
3239 return nfserr_jukebox;
1da177e4 3240
2d91e895
TM		 3241 status = lookup_clientid(clientid, cstate, nn);
3242 if (status)
3243 return status;
3244 clp = cstate->clp;
3245
16bfdaaf 3246 strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner);
9b531137 3247 oo = find_openstateowner_str(strhashval, open, cstate->minorversion, nn);
fe0750e5
BF		 3248 open->op_openowner = oo;
3249 if (!oo) {
bcf130f9 3250 goto new_owner;
1da177e4 3251 }
dad1c067 3252 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
0f442aa2 3253 /* Replace unconfirmed owners without checking for replay. */
fe0750e5
BF		 3254 release_openowner(oo);
3255 open->op_openowner = NULL;
bcf130f9 3256 goto new_owner;
0f442aa2 3257 }
4cdc951b
BF		 3258 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
3259 if (status)
3260 return status;
4cdc951b 3261 goto alloc_stateid;
bcf130f9 3262new_owner:
13d6f66b 3263 oo = alloc_init_open_stateowner(strhashval, open, cstate);
bcf130f9
BF		 3264 if (oo == NULL)
3265 return nfserr_jukebox;
3266 open->op_openowner = oo;
4cdc951b
BF		 3267alloc_stateid:
3268 open->op_stp = nfs4_alloc_stateid(clp);
3269 if (!open->op_stp)
3270 return nfserr_jukebox;
0f442aa2 3271 return nfs_ok;
1da177e4
LT		 3272}
3273
b37ad28b 3274static inline __be32
4a6e43e6
N		 3275nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
3276{
3277 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
3278 return nfserr_openmode;
3279 else
3280 return nfs_ok;
3281}
3282
f459e453 3283static int share_access_to_flags(u32 share_access)
52f4fb43 3284{
f459e453 3285 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
52f4fb43
N		 3286}
3287
38c2f4b1 3288static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
24a0111e 3289{
f459e453 3290 struct nfs4_stid *ret;
24a0111e 3291
38c2f4b1 3292 ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID);
f459e453
BF		 3293 if (!ret)
3294 return NULL;
3295 return delegstateid(ret);
24a0111e
BF		 3296}
3297
8b289b2c
BF		 3298static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
3299{
3300 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
3301 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
3302}
3303
b37ad28b 3304static __be32
41d22663 3305nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open,
567d9829
N		 3306 struct nfs4_delegation **dp)
3307{
3308 int flags;
b37ad28b 3309 __be32 status = nfserr_bad_stateid;
567d9829 3310
38c2f4b1 3311 *dp = find_deleg_stateid(cl, &open->op_delegate_stateid);
567d9829 3312 if (*dp == NULL)
c44c5eeb 3313 goto out;
24a0111e 3314 flags = share_access_to_flags(open->op_share_access);
567d9829
N		 3315 status = nfs4_check_delegmode(*dp, flags);
3316 if (status)
3317 *dp = NULL;
c44c5eeb 3318out:
8b289b2c 3319 if (!nfsd4_is_deleg_cur(open))
c44c5eeb
N		 3320 return nfs_ok;
3321 if (status)
3322 return status;
dad1c067 3323 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
c44c5eeb 3324 return nfs_ok;
567d9829
N		 3325}
3326
a46cb7f2
JL		 3327static struct nfs4_ol_stateid *
3328nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1da177e4 3329{
a46cb7f2 3330 struct nfs4_ol_stateid *local, *ret = NULL;
fe0750e5 3331 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 3332
1d31a253 3333 spin_lock(&fp->fi_lock);
8beefa24 3334 list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
1da177e4
LT		 3335 /* ignore lock owners */
3336 if (local->st_stateowner->so_is_open_owner == 0)
3337 continue;
baeb4ff0 3338 if (local->st_stateowner == &oo->oo_owner) {
a46cb7f2 3339 ret = local;
baeb4ff0 3340 break;
1d31a253 3341 }
1da177e4 3342 }
1d31a253 3343 spin_unlock(&fp->fi_lock);
a46cb7f2 3344 return ret;
1da177e4
LT		 3345}
3346
21fb4016
BF		 3347static inline int nfs4_access_to_access(u32 nfs4_access)
3348{
3349 int flags = 0;
3350
3351 if (nfs4_access & NFS4_SHARE_ACCESS_READ)
3352 flags |= NFSD_MAY_READ;
3353 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
3354 flags |= NFSD_MAY_WRITE;
3355 return flags;
3356}
3357
7e6a72e5
CH		 3358static inline __be32
3359nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
3360 struct nfsd4_open *open)
3361{
3362 struct iattr iattr = {
3363 .ia_valid = ATTR_SIZE,
3364 .ia_size = 0,
3365 };
3366 if (!open->op_truncate)
3367 return 0;
3368 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
3369 return nfserr_inval;
3370 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
3371}
3372
0c12eaff 3373static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
6eb3a1d0
JL		 3374 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp,
3375 struct nfsd4_open *open)
f9d7562f 3376{
de18643d 3377 struct file *filp = NULL;
f9d7562f 3378 __be32 status;
0c12eaff
CB		 3379 int oflag = nfs4_access_to_omode(open->op_share_access);
3380 int access = nfs4_access_to_access(open->op_share_access);
baeb4ff0 3381 unsigned char old_access_bmap, old_deny_bmap;
0c12eaff 3382
de18643d 3383 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3384
3385 /*
3386 * Are we trying to set a deny mode that would conflict with
3387 * current access?
3388 */
3389 status = nfs4_file_check_deny(fp, open->op_share_deny);
3390 if (status != nfs_ok) {
3391 spin_unlock(&fp->fi_lock);
3392 goto out;
3393 }
3394
3395 /* set access to the file */
3396 status = nfs4_file_get_access(fp, open->op_share_access);
3397 if (status != nfs_ok) {
3398 spin_unlock(&fp->fi_lock);
3399 goto out;
3400 }
3401
3402 /* Set access bits in stateid */
3403 old_access_bmap = stp->st_access_bmap;
3404 set_access(open->op_share_access, stp);
3405
3406 /* Set new deny mask */
3407 old_deny_bmap = stp->st_deny_bmap;
3408 set_deny(open->op_share_deny, stp);
3409 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3410
f9d7562f 3411 if (!fp->fi_fds[oflag]) {
de18643d
TM		 3412 spin_unlock(&fp->fi_lock);
3413 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp);
f9d7562f 3414 if (status)
baeb4ff0 3415 goto out_put_access;
de18643d
TM		 3416 spin_lock(&fp->fi_lock);
3417 if (!fp->fi_fds[oflag]) {
3418 fp->fi_fds[oflag] = filp;
3419 filp = NULL;
3420 }
f9d7562f 3421 }
de18643d
TM		 3422 spin_unlock(&fp->fi_lock);
3423 if (filp)
3424 fput(filp);
f9d7562f 3425
7e6a72e5
CH		 3426 status = nfsd4_truncate(rqstp, cur_fh, open);
3427 if (status)
3428 goto out_put_access;
7e6a72e5
CH		 3429out:
3430 return status;
baeb4ff0
JL		 3431out_put_access:
3432 stp->st_access_bmap = old_access_bmap;
3433 nfs4_file_put_access(fp, open->op_share_access);
3434 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp);
3435 goto out;
1da177e4
LT		 3436}
3437
b37ad28b 3438static __be32
dcef0413 3439nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
1da177e4 3440{
b37ad28b 3441 __be32 status;
baeb4ff0 3442 unsigned char old_deny_bmap;
1da177e4 3443
6eb3a1d0 3444 if (!test_access(open->op_share_access, stp))
baeb4ff0 3445 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open);
7e6a72e5 3446
baeb4ff0
JL		 3447 /* test and set deny mode */
3448 spin_lock(&fp->fi_lock);
3449 status = nfs4_file_check_deny(fp, open->op_share_deny);
3450 if (status == nfs_ok) {
3451 old_deny_bmap = stp->st_deny_bmap;
3452 set_deny(open->op_share_deny, stp);
3453 fp->fi_share_deny |=
3454 (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3455 }
3456 spin_unlock(&fp->fi_lock);
3457
3458 if (status != nfs_ok)
1da177e4 3459 return status;
1da177e4 3460
baeb4ff0
JL		 3461 status = nfsd4_truncate(rqstp, cur_fh, open);
3462 if (status != nfs_ok)
3463 reset_union_bmap_deny(old_deny_bmap, stp);
3464 return status;
3465}
1da177e4 3466
1da177e4 3467static void
1255a8f3 3468nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session)
1da177e4 3469{
dad1c067 3470 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
1da177e4
LT		 3471}
3472
14a24e99
BF		 3473/* Should we give out recallable state?: */
3474static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
3475{
3476 if (clp->cl_cb_state == NFSD4_CB_UP)
3477 return true;
3478 /*
3479 * In the sessions case, since we don't have to establish a
3480 * separate connection for callbacks, we assume it's OK
3481 * until we hear otherwise:
3482 */
3483 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
3484}
3485
d564fbec 3486static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag)
22d38c4c
BF		 3487{
3488 struct file_lock *fl;
3489
3490 fl = locks_alloc_lock();
3491 if (!fl)
3492 return NULL;
3493 locks_init_lock(fl);
3494 fl->fl_lmops = &nfsd_lease_mng_ops;
617588d5 3495 fl->fl_flags = FL_DELEG;
22d38c4c
BF		 3496 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
3497 fl->fl_end = OFFSET_MAX;
d564fbec 3498 fl->fl_owner = (fl_owner_t)fp;
22d38c4c 3499 fl->fl_pid = current->tgid;
22d38c4c
BF		 3500 return fl;
3501}
3502
99c41515 3503static int nfs4_setlease(struct nfs4_delegation *dp)
edab9782 3504{
acfdf5c3 3505 struct nfs4_file *fp = dp->dl_file;
edab9782 3506 struct file_lock *fl;
417c6629
JL		 3507 struct file *filp;
3508 int status = 0;
edab9782 3509
d564fbec 3510 fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ);
edab9782
BF		 3511 if (!fl)
3512 return -ENOMEM;
417c6629
JL		 3513 filp = find_readable_file(fp);
3514 if (!filp) {
3515 /* We should always have a readable file here */
3516 WARN_ON_ONCE(1);
3517 return -EBADF;
3518 }
3519 fl->fl_file = filp;
3520 status = vfs_setlease(filp, fl->fl_type, &fl);
3521 if (status) {
3522 locks_free_lock(fl);
3523 goto out_fput;
3524 }
3525 spin_lock(&state_lock);
3526 spin_lock(&fp->fi_lock);
3527 /* Did the lease get broken before we took the lock? */
3528 status = -EAGAIN;
3529 if (fp->fi_had_conflict)
3530 goto out_unlock;
3531 /* Race breaker */
3532 if (fp->fi_lease) {
3533 status = 0;
3534 atomic_inc(&fp->fi_delegees);
3535 hash_delegation_locked(dp, fp);
3536 goto out_unlock;
3537 }
acfdf5c3 3538 fp->fi_lease = fl;
417c6629 3539 fp->fi_deleg_file = filp;
acfdf5c3 3540 atomic_set(&fp->fi_delegees, 1);
931ee56c 3541 hash_delegation_locked(dp, fp);
417c6629 3542 spin_unlock(&fp->fi_lock);
cdc97505 3543 spin_unlock(&state_lock);
acfdf5c3 3544 return 0;
417c6629
JL		 3545out_unlock:
3546 spin_unlock(&fp->fi_lock);
3547 spin_unlock(&state_lock);
3548out_fput:
3549 fput(filp);
e873088f 3550 return status;
acfdf5c3
BF		 3551}
3552
bf7bd3e9 3553static int nfs4_set_delegation(struct nfs4_delegation *dp, struct nfs4_file *fp)
acfdf5c3 3554{
417c6629
JL		 3555 int status = 0;
3556
bf7bd3e9
BF		 3557 if (fp->fi_had_conflict)
3558 return -EAGAIN;
3559 get_nfs4_file(fp);
417c6629
JL		 3560 spin_lock(&state_lock);
3561 spin_lock(&fp->fi_lock);
bf7bd3e9 3562 dp->dl_file = fp;
417c6629
JL		 3563 if (!fp->fi_lease) {
3564 spin_unlock(&fp->fi_lock);
3565 spin_unlock(&state_lock);
cbf7a75b 3566 return nfs4_setlease(dp);
417c6629 3567 }
cbf7a75b 3568 atomic_inc(&fp->fi_delegees);
acfdf5c3 3569 if (fp->fi_had_conflict) {
417c6629
JL		 3570 status = -EAGAIN;
3571 goto out_unlock;
acfdf5c3 3572 }
931ee56c 3573 hash_delegation_locked(dp, fp);
417c6629
JL		 3574out_unlock:
3575 spin_unlock(&fp->fi_lock);
cdc97505 3576 spin_unlock(&state_lock);
417c6629 3577 return status;
edab9782
BF		 3578}
3579
4aa8913c
BH		 3580static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
3581{
3582 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3583 if (status == -EAGAIN)
3584 open->op_why_no_deleg = WND4_CONTENTION;
3585 else {
3586 open->op_why_no_deleg = WND4_RESOURCE;
3587 switch (open->op_deleg_want) {
3588 case NFS4_SHARE_WANT_READ_DELEG:
3589 case NFS4_SHARE_WANT_WRITE_DELEG:
3590 case NFS4_SHARE_WANT_ANY_DELEG:
3591 break;
3592 case NFS4_SHARE_WANT_CANCEL:
3593 open->op_why_no_deleg = WND4_CANCELLED;
3594 break;
3595 case NFS4_SHARE_WANT_NO_DELEG:
063b0fb9 3596 WARN_ON_ONCE(1);
4aa8913c
BH		 3597 }
3598 }
3599}
3600
1da177e4
LT		 3601/*
3602 * Attempt to hand out a delegation.
99c41515
BF		 3603 *
3604 * Note we don't support write delegations, and won't until the vfs has
3605 * proper support for them.
1da177e4
LT		 3606 */
3607static void
5ccb0066
SK		 3608nfs4_open_delegation(struct net *net, struct svc_fh *fh,
3609 struct nfsd4_open *open, struct nfs4_ol_stateid *stp)
1da177e4
LT		 3610{
3611 struct nfs4_delegation *dp;
fe0750e5 3612 struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner);
14a24e99 3613 int cb_up;
99c41515 3614 int status = 0;
1da177e4 3615
fe0750e5 3616 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
7b190fec
N		 3617 open->op_recall = 0;
3618 switch (open->op_claim_type) {
3619 case NFS4_OPEN_CLAIM_PREVIOUS:
2bf23875 3620 if (!cb_up)
7b190fec 3621 open->op_recall = 1;
99c41515
BF		 3622 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ)
3623 goto out_no_deleg;
7b190fec
N		 3624 break;
3625 case NFS4_OPEN_CLAIM_NULL:
ed47b062 3626 case NFS4_OPEN_CLAIM_FH:
99c41515
BF		 3627 /*
3628 * Let's not give out any delegations till everyone's
3629 * had the chance to reclaim theirs....
3630 */
5ccb0066 3631 if (locks_in_grace(net))
99c41515 3632 goto out_no_deleg;
dad1c067 3633 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
99c41515 3634 goto out_no_deleg;
9a0590ae
SD		 3635 /*
3636 * Also, if the file was opened for write or
3637 * create, there's a good chance the client's
3638 * about to write to it, resulting in an
3639 * immediate recall (since we don't support
3640 * write delegations):
3641 */
7b190fec 3642 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
99c41515
BF		 3643 goto out_no_deleg;
3644 if (open->op_create == NFS4_OPEN_CREATE)
3645 goto out_no_deleg;
7b190fec
N		 3646 break;
3647 default:
99c41515 3648 goto out_no_deleg;
7b190fec 3649 }
99c41515 3650 dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh);
dd239cc0
BF		 3651 if (dp == NULL)
3652 goto out_no_deleg;
bf7bd3e9 3653 status = nfs4_set_delegation(dp, stp->st_file);
edab9782 3654 if (status)
dd239cc0 3655 goto out_free;
1da177e4 3656
d5477a8d 3657 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
1da177e4 3658
8c10cbdb 3659 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
d5477a8d 3660 STATEID_VAL(&dp->dl_stid.sc_stateid));
99c41515 3661 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ;
dd239cc0
BF		 3662 return;
3663out_free:
42690676 3664 nfs4_put_delegation(dp);
dd239cc0 3665out_no_deleg:
99c41515
BF		 3666 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE;
3667 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
d08d32e6 3668 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) {
99c41515 3669 dprintk("NFSD: WARNING: refusing delegation reclaim\n");
d08d32e6
BF		 3670 open->op_recall = 1;
3671 }
99c41515
BF		 3672
3673 /* 4.1 client asking for a delegation? */
3674 if (open->op_deleg_want)
3675 nfsd4_open_deleg_none_ext(open, status);
3676 return;
1da177e4
LT		 3677}
3678
e27f49c3
BH		 3679static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
3680 struct nfs4_delegation *dp)
3681{
3682 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
3683 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
3684 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3685 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
3686 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
3687 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
3688 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3689 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
3690 }
3691 /* Otherwise the client must be confused wanting a delegation
3692 * it already has, therefore we don't return
3693 * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
3694 */
3695}
3696
1da177e4
LT		 3697/*
3698 * called with nfs4_lock_state() held.
3699 */
b37ad28b 3700__be32
1da177e4
LT		 3701nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
3702{
6668958f 3703 struct nfsd4_compoundres *resp = rqstp->rq_resp;
38c2f4b1 3704 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
1da177e4 3705 struct nfs4_file *fp = NULL;
dcef0413 3706 struct nfs4_ol_stateid *stp = NULL;
567d9829 3707 struct nfs4_delegation *dp = NULL;
b37ad28b 3708 __be32 status;
1da177e4 3709
1da177e4
LT		 3710 /*
3711 * Lookup file; if found, lookup stateid and check open request,
3712 * and check for delegations in the process of being recalled.
3713 * If not found, create the nfs4_file struct
3714 */
f9c00c3a 3715 fp = find_or_add_file(open->op_file, &current_fh->fh_handle);
950e0118 3716 if (fp != open->op_file) {
41d22663 3717 status = nfs4_check_deleg(cl, open, &dp);
c44c5eeb
N		 3718 if (status)
3719 goto out;
a46cb7f2 3720 stp = nfsd4_find_existing_open(fp, open);
1da177e4 3721 } else {
950e0118 3722 open->op_file = NULL;
c44c5eeb 3723 status = nfserr_bad_stateid;
8b289b2c 3724 if (nfsd4_is_deleg_cur(open))
c44c5eeb 3725 goto out;
3e772463 3726 status = nfserr_jukebox;
1da177e4
LT		 3727 }
3728
3729 /*
3730 * OPEN the file, or upgrade an existing OPEN.
3731 * If truncate fails, the OPEN fails.
3732 */
3733 if (stp) {
3734 /* Stateid was found, this is an OPEN upgrade */
f9d7562f 3735 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
1da177e4
LT		 3736 if (status)
3737 goto out;
3738 } else {
4cdc951b
BF		 3739 stp = open->op_stp;
3740 open->op_stp = NULL;
996e0938 3741 init_open_stateid(stp, fp, open);
6eb3a1d0
JL		 3742 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
3743 if (status) {
3744 release_open_stateid(stp);
3745 goto out;
3746 }
1da177e4 3747 }
dcef0413
BF		 3748 update_stateid(&stp->st_stid.sc_stateid);
3749 memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 3750
d24433cd 3751 if (nfsd4_has_session(&resp->cstate)) {
d24433cd
BH		 3752 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
3753 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3754 open->op_why_no_deleg = WND4_NOT_WANTED;
3755 goto nodeleg;
3756 }
3757 }
3758
1da177e4
LT		 3759 /*
3760 * Attempt to hand out a delegation. No error return, because the
3761 * OPEN succeeds even if we fail.
3762 */
5ccb0066 3763 nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp);
d24433cd 3764nodeleg:
1da177e4
LT		 3765 status = nfs_ok;
3766
8c10cbdb 3767 dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
dcef0413 3768 STATEID_VAL(&stp->st_stid.sc_stateid));
1da177e4 3769out:
d24433cd
BH		 3770 /* 4.1 client trying to upgrade/downgrade delegation? */
3771 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
e27f49c3
BH		 3772 open->op_deleg_want)
3773 nfsd4_deleg_xgrade_none_ext(open, dp);
d24433cd 3774
13cd2184
N		 3775 if (fp)
3776 put_nfs4_file(fp);
37515177 3777 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
1255a8f3 3778 nfs4_set_claim_prev(open, nfsd4_has_session(&resp->cstate));
1da177e4
LT		 3779 /*
3780 * To finish the open response, we just need to set the rflags.
3781 */
3782 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
dad1c067 3783 if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) &&
6668958f 3784 !nfsd4_has_session(&resp->cstate))
1da177e4
LT		 3785 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
3786
3787 return status;
3788}
3789
d29b20cd
BF		 3790void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status)
3791{
3792 if (open->op_openowner) {
3793 struct nfs4_openowner *oo = open->op_openowner;
3794
3795 if (!list_empty(&oo->oo_owner.so_stateids))
3796 list_del_init(&oo->oo_close_lru);
3797 if (oo->oo_flags & NFS4_OO_NEW) {
3798 if (status) {
3799 release_openowner(oo);
3800 open->op_openowner = NULL;
3801 } else
3802 oo->oo_flags &= ~NFS4_OO_NEW;
3803 }
3804 }
32513b40
BF		 3805 if (open->op_file)
3806 nfsd4_free_file(open->op_file);
4cdc951b 3807 if (open->op_stp)
ef79859e 3808 free_generic_stateid(open->op_stp);
d29b20cd
BF		 3809}
3810
b37ad28b 3811__be32
b591480b
BF		 3812nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3813 clientid_t *clid)
1da177e4
LT		 3814{
3815 struct nfs4_client *clp;
b37ad28b 3816 __be32 status;
7f2210fa 3817 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4
LT		 3818
3819 nfs4_lock_state();
3820 dprintk("process_renew(%08x/%08x): starting\n",
3821 clid->cl_boot, clid->cl_id);
4b24ca7d 3822 status = lookup_clientid(clid, cstate, nn);
9b2ef62b 3823 if (status)
1da177e4 3824 goto out;
4b24ca7d 3825 clp = cstate->clp;
1da177e4 3826 status = nfserr_cb_path_down;
ea1da636 3827 if (!list_empty(&clp->cl_delegations)
77a3569d 3828 && clp->cl_cb_state != NFSD4_CB_UP)
1da177e4
LT		 3829 goto out;
3830 status = nfs_ok;
3831out:
3832 nfs4_unlock_state();
3833 return status;
3834}
3835
a76b4319 3836static void
12760c66 3837nfsd4_end_grace(struct nfsd_net *nn)
a76b4319 3838{
33dcc481 3839 /* do nothing if grace period already ended */
a51c84ed 3840 if (nn->grace_ended)
33dcc481
JL		 3841 return;
3842
a76b4319 3843 dprintk("NFSD: end of grace period\n");
a51c84ed 3844 nn->grace_ended = true;
12760c66 3845 nfsd4_record_grace_done(nn, nn->boot_time);
5e1533c7 3846 locks_end_grace(&nn->nfsd4_manager);
e46b498c
BF		 3847 /*
3848 * Now that every NFSv4 client has had the chance to recover and
3849 * to see the (possibly new, possibly shorter) lease time, we
3850 * can safely set the next grace time to the current lease time:
3851 */
5284b44e 3852 nn->nfsd4_grace = nn->nfsd4_lease;
a76b4319
N		 3853}
3854
fd39ca9a 3855static time_t
09121281 3856nfs4_laundromat(struct nfsd_net *nn)
1da177e4
LT		 3857{
3858 struct nfs4_client *clp;
fe0750e5 3859 struct nfs4_openowner *oo;
1da177e4
LT		 3860 struct nfs4_delegation *dp;
3861 struct list_head *pos, *next, reaplist;
3d733711 3862 time_t cutoff = get_seconds() - nn->nfsd4_lease;
a832e7ae 3863 time_t t, new_timeo = nn->nfsd4_lease;
1da177e4
LT		 3864
3865 nfs4_lock_state();
3866
3867 dprintk("NFSD: laundromat service - starting\n");
12760c66 3868 nfsd4_end_grace(nn);
36acb66b 3869 INIT_LIST_HEAD(&reaplist);
c9a49628 3870 spin_lock(&nn->client_lock);
5ed58bb2 3871 list_for_each_safe(pos, next, &nn->client_lru) {
1da177e4
LT		 3872 clp = list_entry(pos, struct nfs4_client, cl_lru);
3873 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
3874 t = clp->cl_time - cutoff;
a832e7ae 3875 new_timeo = min(new_timeo, t);
1da177e4
LT		 3876 break;
3877 }
221a6876 3878 if (mark_client_expired_locked(clp)) {
d7682988
BH		 3879 dprintk("NFSD: client in use (clientid %08x)\n",
3880 clp->cl_clientid.cl_id);
3881 continue;
3882 }
221a6876 3883 list_move(&clp->cl_lru, &reaplist);
36acb66b 3884 }
c9a49628 3885 spin_unlock(&nn->client_lock);
36acb66b
BH		 3886 list_for_each_safe(pos, next, &reaplist) {
3887 clp = list_entry(pos, struct nfs4_client, cl_lru);
1da177e4
LT		 3888 dprintk("NFSD: purging unused client (clientid %08x)\n",
3889 clp->cl_clientid.cl_id);
3890 expire_client(clp);
3891 }
cdc97505 3892 spin_lock(&state_lock);
e8c69d17 3893 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 3894 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4e37a7c2
SK		 3895 if (net_generic(dp->dl_stid.sc_client->net, nfsd_net_id) != nn)
3896 continue;
1da177e4 3897 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
a832e7ae
JL		 3898 t = dp->dl_time - cutoff;
3899 new_timeo = min(new_timeo, t);
1da177e4
LT		 3900 break;
3901 }
42690676
JL		 3902 unhash_delegation_locked(dp);
3903 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 3904 }
cdc97505 3905 spin_unlock(&state_lock);
1da177e4
LT		 3906 list_for_each_safe(pos, next, &reaplist) {
3907 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3bd64a5b 3908 revoke_delegation(dp);
1da177e4 3909 }
73758fed 3910 list_for_each_safe(pos, next, &nn->close_lru) {
fe0750e5
BF		 3911 oo = container_of(pos, struct nfs4_openowner, oo_close_lru);
3912 if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) {
a832e7ae
JL		 3913 t = oo->oo_time - cutoff;
3914 new_timeo = min(new_timeo, t);
1da177e4
LT		 3915 break;
3916 }
fe0750e5 3917 release_openowner(oo);
1da177e4 3918 }
a832e7ae 3919 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT);
1da177e4 3920 nfs4_unlock_state();
a832e7ae 3921 return new_timeo;
1da177e4
LT		 3922}
3923
a254b246
HH		 3924static struct workqueue_struct *laundry_wq;
3925static void laundromat_main(struct work_struct *);
a254b246
HH		 3926
3927static void
09121281 3928laundromat_main(struct work_struct *laundry)
1da177e4
LT		 3929{
3930 time_t t;
09121281
SK		 3931 struct delayed_work *dwork = container_of(laundry, struct delayed_work,
3932 work);
3933 struct nfsd_net *nn = container_of(dwork, struct nfsd_net,
3934 laundromat_work);
1da177e4 3935
09121281 3936 t = nfs4_laundromat(nn);
1da177e4 3937 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
09121281 3938 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ);
1da177e4
LT		 3939}
3940
f7a4d872 3941static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp)
1da177e4 3942{
b07c54a4 3943 if (!nfsd_fh_match(&fhp->fh_handle, &stp->st_file->fi_fhandle))
f7a4d872
BF		 3944 return nfserr_bad_stateid;
3945 return nfs_ok;
1da177e4
LT		 3946}
3947
1da177e4 3948static inline int
82c5ff1b 3949access_permit_read(struct nfs4_ol_stateid *stp)
1da177e4 3950{
82c5ff1b
JL		 3951 return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
3952 test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
3953 test_access(NFS4_SHARE_ACCESS_WRITE, stp);
1da177e4
LT		 3954}
3955
3956static inline int
82c5ff1b 3957access_permit_write(struct nfs4_ol_stateid *stp)
1da177e4 3958{
82c5ff1b
JL		 3959 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
3960 test_access(NFS4_SHARE_ACCESS_BOTH, stp);
1da177e4
LT		 3961}
3962
3963static
dcef0413 3964__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
1da177e4 3965{
b37ad28b 3966 __be32 status = nfserr_openmode;
1da177e4 3967
02921914
BF		 3968 /* For lock stateid's, we test the parent open, not the lock: */
3969 if (stp->st_openstp)
3970 stp = stp->st_openstp;
82c5ff1b 3971 if ((flags & WR_STATE) && !access_permit_write(stp))
1da177e4 3972 goto out;
82c5ff1b 3973 if ((flags & RD_STATE) && !access_permit_read(stp))
1da177e4
LT		 3974 goto out;
3975 status = nfs_ok;
3976out:
3977 return status;
3978}
3979
b37ad28b 3980static inline __be32
5ccb0066 3981check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
1da177e4 3982{
203a8c8e 3983 if (ONE_STATEID(stateid) && (flags & RD_STATE))
1da177e4 3984 return nfs_ok;
5ccb0066 3985 else if (locks_in_grace(net)) {
25985edc 3986 /* Answer in remaining cases depends on existence of
1da177e4
LT		 3987 * conflicting state; so we must wait out the grace period. */
3988 return nfserr_grace;
3989 } else if (flags & WR_STATE)
3990 return nfs4_share_conflict(current_fh,
3991 NFS4_SHARE_DENY_WRITE);
3992 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
3993 return nfs4_share_conflict(current_fh,
3994 NFS4_SHARE_DENY_READ);
3995}
3996
3997/*
3998 * Allow READ/WRITE during grace period on recovered state only for files
3999 * that are not able to provide mandatory locking.
4000 */
4001static inline int
5ccb0066 4002grace_disallows_io(struct net *net, struct inode *inode)
1da177e4 4003{
5ccb0066 4004 return locks_in_grace(net) && mandatory_lock(inode);
1da177e4
LT		 4005}
4006
81b82965
BF		 4007/* Returns true iff a is later than b: */
4008static bool stateid_generation_after(stateid_t *a, stateid_t *b)
4009{
1a9357f4 4010 return (s32)(a->si_generation - b->si_generation) > 0;
81b82965
BF		 4011}
4012
57b7b43b 4013static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
0836f587 4014{
6668958f
AA		 4015 /*
4016 * When sessions are used the stateid generation number is ignored
4017 * when it is zero.
4018 */
28dde241 4019 if (has_session && in->si_generation == 0)
81b82965
BF		 4020 return nfs_ok;
4021
4022 if (in->si_generation == ref->si_generation)
4023 return nfs_ok;
6668958f 4024
0836f587 4025 /* If the client sends us a stateid from the future, it's buggy: */
81b82965 4026 if (stateid_generation_after(in, ref))
0836f587
BF		 4027 return nfserr_bad_stateid;
4028 /*
81b82965
BF		 4029 * However, we could see a stateid from the past, even from a
4030 * non-buggy client. For example, if the client sends a lock
4031 * while some IO is outstanding, the lock may bump si_generation
4032 * while the IO is still in flight. The client could avoid that
4033 * situation by waiting for responses on all the IO requests,
4034 * but better performance may result in retrying IO that
4035 * receives an old_stateid error if requests are rarely
4036 * reordered in flight:
0836f587 4037 */
81b82965 4038 return nfserr_old_stateid;
0836f587
BF		 4039}
4040
7df302f7 4041static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
17456804 4042{
97b7e3b6
BF		 4043 struct nfs4_stid *s;
4044 struct nfs4_ol_stateid *ols;
4045 __be32 status;
17456804 4046
7df302f7
CL		 4047 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4048 return nfserr_bad_stateid;
4049 /* Client debugging aid. */
4050 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
4051 char addr_str[INET6_ADDRSTRLEN];
4052 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
4053 sizeof(addr_str));
4054 pr_warn_ratelimited("NFSD: client %s testing state ID "
4055 "with incorrect client ID\n", addr_str);
4056 return nfserr_bad_stateid;
4057 }
38c2f4b1 4058 s = find_stateid(cl, stateid);
97b7e3b6 4059 if (!s)
7df302f7 4060 return nfserr_bad_stateid;
36279ac1 4061 status = check_stateid_generation(stateid, &s->sc_stateid, 1);
17456804 4062 if (status)
97b7e3b6 4063 return status;
23340032
BF		 4064 switch (s->sc_type) {
4065 case NFS4_DELEG_STID:
97b7e3b6 4066 return nfs_ok;
3bd64a5b
BF		 4067 case NFS4_REVOKED_DELEG_STID:
4068 return nfserr_deleg_revoked;
23340032
BF		 4069 case NFS4_OPEN_STID:
4070 case NFS4_LOCK_STID:
4071 ols = openlockstateid(s);
4072 if (ols->st_stateowner->so_is_open_owner
4073 && !(openowner(ols->st_stateowner)->oo_flags
4074 & NFS4_OO_CONFIRMED))
4075 return nfserr_bad_stateid;
97b7e3b6 4076 return nfs_ok;
23340032
BF		 4077 default:
4078 printk("unknown stateid type %x\n", s->sc_type);
b0fc29d6 4079 /* Fallthrough */
23340032 4080 case NFS4_CLOSED_STID:
b0fc29d6 4081 case NFS4_CLOSED_DELEG_STID:
97b7e3b6 4082 return nfserr_bad_stateid;
23340032 4083 }
17456804
BS		 4084}
4085
2dd6e458
TM		 4086static __be32
4087nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate,
4088 stateid_t *stateid, unsigned char typemask,
4089 struct nfs4_stid **s, struct nfsd_net *nn)
38c2f4b1 4090{
0eb6f20a 4091 __be32 status;
38c2f4b1
BF		 4092
4093 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4094 return nfserr_bad_stateid;
4b24ca7d 4095 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn);
a8a7c677 4096 if (status == nfserr_stale_clientid) {
4b24ca7d 4097 if (cstate->session)
a8a7c677 4098 return nfserr_bad_stateid;
38c2f4b1 4099 return nfserr_stale_stateid;
a8a7c677 4100 }
0eb6f20a
BF		 4101 if (status)
4102 return status;
4b24ca7d 4103 *s = find_stateid_by_type(cstate->clp, stateid, typemask);
38c2f4b1
BF		 4104 if (!*s)
4105 return nfserr_bad_stateid;
4106 return nfs_ok;
38c2f4b1
BF		 4107}
4108
1da177e4
LT		 4109/*
4110* Checks for stateid operations
4111*/
b37ad28b 4112__be32
5ccb0066 4113nfs4_preprocess_stateid_op(struct net *net, struct nfsd4_compound_state *cstate,
dd453dfd 4114 stateid_t *stateid, int flags, struct file **filpp)
1da177e4 4115{
69064a27 4116 struct nfs4_stid *s;
dcef0413 4117 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4118 struct nfs4_delegation *dp = NULL;
dd453dfd 4119 struct svc_fh *current_fh = &cstate->current_fh;
1da177e4 4120 struct inode *ino = current_fh->fh_dentry->d_inode;
3320fef1 4121 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
14bcab1a 4122 struct file *file = NULL;
b37ad28b 4123 __be32 status;
1da177e4 4124
1da177e4
LT		 4125 if (filpp)
4126 *filpp = NULL;
4127
5ccb0066 4128 if (grace_disallows_io(net, ino))
1da177e4
LT		 4129 return nfserr_grace;
4130
4131 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
5ccb0066 4132 return check_special_stateids(net, current_fh, stateid, flags);
1da177e4 4133
14bcab1a
TM		 4134 nfs4_lock_state();
4135
2dd6e458 4136 status = nfsd4_lookup_stateid(cstate, stateid,
db24b3b4 4137 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
2dd6e458 4138 &s, nn);
38c2f4b1 4139 if (status)
14bcab1a 4140 goto out;
69064a27
BF		 4141 status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate));
4142 if (status)
4143 goto out;
f7a4d872
BF		 4144 switch (s->sc_type) {
4145 case NFS4_DELEG_STID:
69064a27 4146 dp = delegstateid(s);
dc9bf700
BF		 4147 status = nfs4_check_delegmode(dp, flags);
4148 if (status)
4149 goto out;
43b0178e 4150 if (filpp) {
14bcab1a
TM		 4151 file = dp->dl_file->fi_deleg_file;
4152 if (!file) {
063b0fb9
BF		 4153 WARN_ON_ONCE(1);
4154 status = nfserr_serverfault;
4155 goto out;
4156 }
de18643d 4157 get_file(file);
43b0178e 4158 }
f7a4d872
BF		 4159 break;
4160 case NFS4_OPEN_STID:
4161 case NFS4_LOCK_STID:
69064a27 4162 stp = openlockstateid(s);
f7a4d872
BF		 4163 status = nfs4_check_fh(current_fh, stp);
4164 if (status)
1da177e4 4165 goto out;
fe0750e5 4166 if (stp->st_stateowner->so_is_open_owner
dad1c067 4167 && !(openowner(stp->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
1da177e4 4168 goto out;
a4455be0
BF		 4169 status = nfs4_check_openmode(stp, flags);
4170 if (status)
1da177e4 4171 goto out;
f9d7562f
BF		 4172 if (filpp) {
4173 if (flags & RD_STATE)
14bcab1a 4174 file = find_readable_file(stp->st_file);
f9d7562f 4175 else
14bcab1a 4176 file = find_writeable_file(stp->st_file);
f9d7562f 4177 }
f7a4d872
BF		 4178 break;
4179 default:
14bcab1a
TM		 4180 status = nfserr_bad_stateid;
4181 goto out;
1da177e4
LT		 4182 }
4183 status = nfs_ok;
14bcab1a 4184 if (file)
de18643d 4185 *filpp = file;
1da177e4 4186out:
14bcab1a 4187 nfs4_unlock_state();
1da177e4
LT		 4188 return status;
4189}
4190
e1ca12df 4191static __be32
dcef0413 4192nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp)
e1ca12df 4193{
a1b8ff4c
BF		 4194 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner);
4195
4196 if (check_for_locks(stp->st_file, lo))
e1ca12df 4197 return nfserr_locks_held;
c53530da 4198 release_lockowner_if_empty(lo);
e1ca12df
BS		 4199 return nfs_ok;
4200}
4201
17456804
BS		 4202/*
4203 * Test if the stateid is valid
4204 */
4205__be32
4206nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4207 struct nfsd4_test_stateid *test_stateid)
4208{
03cfb420
BS		 4209 struct nfsd4_test_stateid_id *stateid;
4210 struct nfs4_client *cl = cstate->session->se_client;
4211
4212 nfs4_lock_state();
4213 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
7df302f7
CL		 4214 stateid->ts_id_status =
4215 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
03cfb420
BS		 4216 nfs4_unlock_state();
4217
17456804
BS		 4218 return nfs_ok;
4219}
4220
e1ca12df
BS		 4221__be32
4222nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4223 struct nfsd4_free_stateid *free_stateid)
4224{
4225 stateid_t *stateid = &free_stateid->fr_stateid;
2da1cec7 4226 struct nfs4_stid *s;
3bd64a5b 4227 struct nfs4_delegation *dp;
38c2f4b1 4228 struct nfs4_client *cl = cstate->session->se_client;
2da1cec7 4229 __be32 ret = nfserr_bad_stateid;
e1ca12df
BS		 4230
4231 nfs4_lock_state();
38c2f4b1 4232 s = find_stateid(cl, stateid);
2da1cec7 4233 if (!s)
81b82965 4234 goto out;
2da1cec7
BF		 4235 switch (s->sc_type) {
4236 case NFS4_DELEG_STID:
e1ca12df
BS		 4237 ret = nfserr_locks_held;
4238 goto out;
2da1cec7
BF		 4239 case NFS4_OPEN_STID:
4240 case NFS4_LOCK_STID:
4241 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
4242 if (ret)
4243 goto out;
4244 if (s->sc_type == NFS4_LOCK_STID)
4245 ret = nfsd4_free_lock_stateid(openlockstateid(s));
4246 else
4247 ret = nfserr_locks_held;
f7a4d872 4248 break;
3bd64a5b
BF		 4249 case NFS4_REVOKED_DELEG_STID:
4250 dp = delegstateid(s);
4251 destroy_revoked_delegation(dp);
4252 ret = nfs_ok;
4253 break;
f7a4d872
BF		 4254 default:
4255 ret = nfserr_bad_stateid;
e1ca12df 4256 }
e1ca12df
BS		 4257out:
4258 nfs4_unlock_state();
4259 return ret;
4260}
4261
4c4cd222
N		 4262static inline int
4263setlkflg (int type)
4264{
4265 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
4266 RD_STATE : WR_STATE;
4267}
1da177e4 4268
dcef0413 4269static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
c0a5d93e
BF		 4270{
4271 struct svc_fh *current_fh = &cstate->current_fh;
4272 struct nfs4_stateowner *sop = stp->st_stateowner;
4273 __be32 status;
4274
c0a5d93e
BF		 4275 status = nfsd4_check_seqid(cstate, sop, seqid);
4276 if (status)
4277 return status;
3bd64a5b
BF		 4278 if (stp->st_stid.sc_type == NFS4_CLOSED_STID
4279 || stp->st_stid.sc_type == NFS4_REVOKED_DELEG_STID)
f7a4d872
BF		 4280 /*
4281 * "Closed" stateid's exist *only* to return
3bd64a5b
BF		 4282 * nfserr_replay_me from the previous step, and
4283 * revoked delegations are kept only for free_stateid.
f7a4d872
BF		 4284 */
4285 return nfserr_bad_stateid;
4286 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
4287 if (status)
4288 return status;
4289 return nfs4_check_fh(current_fh, stp);
c0a5d93e
BF		 4290}
4291
1da177e4
LT		 4292/*
4293 * Checks for sequence id mutating operations.
4294 */
b37ad28b 4295static __be32
dd453dfd 4296nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
2288d0e3 4297 stateid_t *stateid, char typemask,
3320fef1
SK		 4298 struct nfs4_ol_stateid **stpp,
4299 struct nfsd_net *nn)
1da177e4 4300{
0836f587 4301 __be32 status;
38c2f4b1 4302 struct nfs4_stid *s;
e17f99b7 4303 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4304
8c10cbdb
BH		 4305 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
4306 seqid, STATEID_VAL(stateid));
3a4f98bb 4307
1da177e4 4308 *stpp = NULL;
2dd6e458 4309 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn);
c0a5d93e
BF		 4310 if (status)
4311 return status;
e17f99b7 4312 stp = openlockstateid(s);
3d74e6a5 4313 if (!nfsd4_has_session(cstate))
e17f99b7 4314 cstate->replay_owner = stp->st_stateowner;
1da177e4 4315
e17f99b7
TM		 4316 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp);
4317 if (!status)
4318 *stpp = stp;
4319 return status;
c0a5d93e 4320}
39325bd0 4321
3320fef1
SK		 4322static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
4323 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn)
c0a5d93e
BF		 4324{
4325 __be32 status;
4326 struct nfs4_openowner *oo;
1da177e4 4327
c0a5d93e 4328 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
3320fef1 4329 NFS4_OPEN_STID, stpp, nn);
7a8711c9
BF		 4330 if (status)
4331 return status;
c0a5d93e 4332 oo = openowner((*stpp)->st_stateowner);
dad1c067 4333 if (!(oo->oo_flags & NFS4_OO_CONFIRMED))
3a4f98bb 4334 return nfserr_bad_stateid;
3a4f98bb 4335 return nfs_ok;
1da177e4
LT		 4336}
4337
b37ad28b 4338__be32
ca364317 4339nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4340 struct nfsd4_open_confirm *oc)
1da177e4 4341{
b37ad28b 4342 __be32 status;
fe0750e5 4343 struct nfs4_openowner *oo;
dcef0413 4344 struct nfs4_ol_stateid *stp;
3320fef1 4345 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4346
a6a9f18f
AV		 4347 dprintk("NFSD: nfsd4_open_confirm on file %pd\n",
4348 cstate->current_fh.fh_dentry);
1da177e4 4349
ca364317 4350 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
a8cddc5d
BF		 4351 if (status)
4352 return status;
1da177e4
LT		 4353
4354 nfs4_lock_state();
4355
9072d5c6 4356 status = nfs4_preprocess_seqid_op(cstate,
ca364317 4357 oc->oc_seqid, &oc->oc_req_stateid,
3320fef1 4358 NFS4_OPEN_STID, &stp, nn);
9072d5c6 4359 if (status)
68b66e82 4360 goto out;
fe0750e5 4361 oo = openowner(stp->st_stateowner);
68b66e82 4362 status = nfserr_bad_stateid;
dad1c067 4363 if (oo->oo_flags & NFS4_OO_CONFIRMED)
68b66e82 4364 goto out;
dad1c067 4365 oo->oo_flags |= NFS4_OO_CONFIRMED;
dcef0413
BF		 4366 update_stateid(&stp->st_stid.sc_stateid);
4367 memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
8c10cbdb 4368 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
dcef0413 4369 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
c7b9a459 4370
2a4317c5 4371 nfsd4_client_record_create(oo->oo_owner.so_client);
68b66e82 4372 status = nfs_ok;
1da177e4 4373out:
9411b1d4 4374 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4375 if (!cstate->replay_owner)
4376 nfs4_unlock_state();
1da177e4
LT		 4377 return status;
4378}
4379
6409a5a6 4380static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
1da177e4 4381{
82c5ff1b 4382 if (!test_access(access, stp))
6409a5a6 4383 return;
12659651 4384 nfs4_file_put_access(stp->st_file, access);
82c5ff1b 4385 clear_access(access, stp);
6409a5a6 4386}
f197c271 4387
6409a5a6
BF		 4388static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
4389{
4390 switch (to_access) {
4391 case NFS4_SHARE_ACCESS_READ:
4392 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
4393 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4394 break;
4395 case NFS4_SHARE_ACCESS_WRITE:
4396 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
4397 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4398 break;
4399 case NFS4_SHARE_ACCESS_BOTH:
4400 break;
4401 default:
063b0fb9 4402 WARN_ON_ONCE(1);
1da177e4
LT		 4403 }
4404}
4405
b37ad28b 4406__be32
ca364317
BF		 4407nfsd4_open_downgrade(struct svc_rqst *rqstp,
4408 struct nfsd4_compound_state *cstate,
a4f1706a 4409 struct nfsd4_open_downgrade *od)
1da177e4 4410{
b37ad28b 4411 __be32 status;
dcef0413 4412 struct nfs4_ol_stateid *stp;
3320fef1 4413 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4414
a6a9f18f
AV		 4415 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n",
4416 cstate->current_fh.fh_dentry);
1da177e4 4417
c30e92df 4418 /* We don't yet support WANT bits: */
2c8bd7e0
BH		 4419 if (od->od_deleg_want)
4420 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
4421 od->od_deleg_want);
1da177e4
LT		 4422
4423 nfs4_lock_state();
c0a5d93e 4424 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3320fef1 4425 &od->od_stateid, &stp, nn);
9072d5c6 4426 if (status)
1da177e4 4427 goto out;
1da177e4 4428 status = nfserr_inval;
82c5ff1b 4429 if (!test_access(od->od_share_access, stp)) {
c11c591f 4430 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n",
1da177e4
LT		 4431 stp->st_access_bmap, od->od_share_access);
4432 goto out;
4433 }
ce0fc43c 4434 if (!test_deny(od->od_share_deny, stp)) {
c11c591f 4435 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n",
1da177e4
LT		 4436 stp->st_deny_bmap, od->od_share_deny);
4437 goto out;
4438 }
6409a5a6 4439 nfs4_stateid_downgrade(stp, od->od_share_access);
1da177e4 4440
ce0fc43c 4441 reset_union_bmap_deny(od->od_share_deny, stp);
1da177e4 4442
dcef0413
BF		 4443 update_stateid(&stp->st_stid.sc_stateid);
4444 memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4
LT		 4445 status = nfs_ok;
4446out:
9411b1d4 4447 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4448 if (!cstate->replay_owner)
4449 nfs4_unlock_state();
1da177e4
LT		 4450 return status;
4451}
4452
f7a4d872
BF		 4453static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
4454{
acf9295b
TM		 4455 struct nfs4_client *clp = s->st_stid.sc_client;
4456 struct nfs4_openowner *oo = openowner(s->st_stateowner);
4457
f7a4d872 4458 s->st_stid.sc_type = NFS4_CLOSED_STID;
acf9295b
TM		 4459 unhash_open_stateid(s);
4460
4461 if (clp->cl_minorversion) {
4462 free_generic_stateid(s);
4463 if (list_empty(&oo->oo_owner.so_stateids))
4464 release_openowner(oo);
4465 } else {
f8338834
TM		 4466 if (s->st_file) {
4467 put_nfs4_file(s->st_file);
4468 s->st_file = NULL;
4469 }
acf9295b
TM		 4470 oo->oo_last_closed_stid = s;
4471 /*
4472 * In the 4.0 case we need to keep the owners around a
4473 * little while to handle CLOSE replay.
4474 */
4475 if (list_empty(&oo->oo_owner.so_stateids))
4476 move_to_close_lru(oo, clp->net);
4477 }
38c387b5
BF		 4478}
4479
1da177e4
LT		 4480/*
4481 * nfs4_unlock_state() called after encode
4482 */
b37ad28b 4483__be32
ca364317 4484nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4485 struct nfsd4_close *close)
1da177e4 4486{
b37ad28b 4487 __be32 status;
dcef0413 4488 struct nfs4_ol_stateid *stp;
3320fef1
SK		 4489 struct net *net = SVC_NET(rqstp);
4490 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 4491
a6a9f18f
AV		 4492 dprintk("NFSD: nfsd4_close on file %pd\n",
4493 cstate->current_fh.fh_dentry);
1da177e4
LT		 4494
4495 nfs4_lock_state();
f7a4d872
BF		 4496 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
4497 &close->cl_stateid,
4498 NFS4_OPEN_STID|NFS4_CLOSED_STID,
3320fef1 4499 &stp, nn);
9411b1d4 4500 nfsd4_bump_seqid(cstate, status);
9072d5c6 4501 if (status)
1da177e4 4502 goto out;
dcef0413
BF		 4503 update_stateid(&stp->st_stid.sc_stateid);
4504 memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 4505
f7a4d872 4506 nfsd4_close_open_stateid(stp);
1da177e4 4507out:
5ec094c1
BF		 4508 if (!cstate->replay_owner)
4509 nfs4_unlock_state();
1da177e4
LT		 4510 return status;
4511}
4512
b37ad28b 4513__be32
ca364317
BF		 4514nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4515 struct nfsd4_delegreturn *dr)
1da177e4 4516{
203a8c8e
BF		 4517 struct nfs4_delegation *dp;
4518 stateid_t *stateid = &dr->dr_stateid;
38c2f4b1 4519 struct nfs4_stid *s;
b37ad28b 4520 __be32 status;
3320fef1 4521 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4522
ca364317 4523 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
203a8c8e 4524 return status;
1da177e4
LT		 4525
4526 nfs4_lock_state();
2dd6e458 4527 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn);
38c2f4b1 4528 if (status)
203a8c8e 4529 goto out;
38c2f4b1 4530 dp = delegstateid(s);
d5477a8d 4531 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
203a8c8e
BF		 4532 if (status)
4533 goto out;
203a8c8e 4534
3bd64a5b 4535 destroy_delegation(dp);
1da177e4 4536out:
203a8c8e
BF		 4537 nfs4_unlock_state();
4538
1da177e4
LT		 4539 return status;
4540}
4541
4542
1da177e4 4543#define LOFF_OVERFLOW(start, len) ((u64)(len) > ~(u64)(start))
1da177e4 4544
87df4de8
BH		 4545static inline u64
4546end_offset(u64 start, u64 len)
4547{
4548 u64 end;
4549
4550 end = start + len;
4551 return end >= start ? end: NFS4_MAX_UINT64;
4552}
4553
4554/* last octet in a range */
4555static inline u64
4556last_byte_offset(u64 start, u64 len)
4557{
4558 u64 end;
4559
063b0fb9 4560 WARN_ON_ONCE(!len);
87df4de8
BH		 4561 end = start + len;
4562 return end > start ? end - 1: NFS4_MAX_UINT64;
4563}
4564
1da177e4
LT		 4565/*
4566 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
4567 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
4568 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit
4569 * locking, this prevents us from being completely protocol-compliant. The
4570 * real solution to this problem is to start using unsigned file offsets in
4571 * the VFS, but this is a very deep change!
4572 */
4573static inline void
4574nfs4_transform_lock_offset(struct file_lock *lock)
4575{
4576 if (lock->fl_start < 0)
4577 lock->fl_start = OFFSET_MAX;
4578 if (lock->fl_end < 0)
4579 lock->fl_end = OFFSET_MAX;
4580}
4581
d5b9026a
N		 4582/* Hack!: For now, we're defining this just so we can use a pointer to it
4583 * as a unique cookie to identify our (NFSv4's) posix locks. */
7b021967 4584static const struct lock_manager_operations nfsd_posix_mng_ops = {
d5b9026a 4585};
1da177e4
LT		 4586
4587static inline void
4588nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
4589{
fe0750e5 4590 struct nfs4_lockowner *lo;
1da177e4 4591
d5b9026a 4592 if (fl->fl_lmops == &nfsd_posix_mng_ops) {
fe0750e5
BF		 4593 lo = (struct nfs4_lockowner *) fl->fl_owner;
4594 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
4595 lo->lo_owner.so_owner.len, GFP_KERNEL);
7c13f344
BF		 4596 if (!deny->ld_owner.data)
4597 /* We just don't care that much */
4598 goto nevermind;
fe0750e5
BF		 4599 deny->ld_owner.len = lo->lo_owner.so_owner.len;
4600 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
d5b9026a 4601 } else {
7c13f344
BF		 4602nevermind:
4603 deny->ld_owner.len = 0;
4604 deny->ld_owner.data = NULL;
d5b9026a
N		 4605 deny->ld_clientid.cl_boot = 0;
4606 deny->ld_clientid.cl_id = 0;
1da177e4
LT		 4607 }
4608 deny->ld_start = fl->fl_start;
87df4de8
BH		 4609 deny->ld_length = NFS4_MAX_UINT64;
4610 if (fl->fl_end != NFS4_MAX_UINT64)
1da177e4
LT		 4611 deny->ld_length = fl->fl_end - fl->fl_start + 1;
4612 deny->ld_type = NFS4_READ_LT;
4613 if (fl->fl_type != F_RDLCK)
4614 deny->ld_type = NFS4_WRITE_LT;
4615}
4616
fe0750e5 4617static struct nfs4_lockowner *
b3c32bcd
TM		 4618find_lockowner_str(clientid_t *clid, struct xdr_netobj *owner,
4619 struct nfsd_net *nn)
1da177e4 4620{
b3c32bcd
TM		 4621 unsigned int strhashval = ownerstr_hashval(clid->cl_id, owner);
4622 struct nfs4_stateowner *so;
1da177e4 4623
b3c32bcd
TM		 4624 list_for_each_entry(so, &nn->ownerstr_hashtbl[strhashval], so_strhash) {
4625 if (so->so_is_open_owner)
4626 continue;
4627 if (!same_owner_str(so, owner, clid))
4628 continue;
4629 return lockowner(so);
1da177e4
LT		 4630 }
4631 return NULL;
4632}
4633
4634/*
4635 * Alloc a lock owner structure.
4636 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has
25985edc 4637 * occurred.
1da177e4 4638 *
16bfdaaf 4639 * strhashval = ownerstr_hashval
1da177e4 4640 */
fe0750e5 4641static struct nfs4_lockowner *
dcef0413 4642alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) {
fe0750e5 4643 struct nfs4_lockowner *lo;
b3c32bcd 4644 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 4645
fe0750e5
BF		 4646 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
4647 if (!lo)
1da177e4 4648 return NULL;
fe0750e5
BF		 4649 INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
4650 lo->lo_owner.so_is_open_owner = 0;
b59e3c0e
NB		 4651 /* It is the openowner seqid that will be incremented in encode in the
4652 * case of new lockowners; so increment the lock seqid manually: */
fe0750e5 4653 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1;
b3c32bcd 4654 list_add(&lo->lo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]);
fe0750e5 4655 return lo;
1da177e4
LT		 4656}
4657
dcef0413 4658static struct nfs4_ol_stateid *
f9c00c3a
JL		 4659alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp,
4660 struct inode *inode,
4661 struct nfs4_ol_stateid *open_stp)
1da177e4 4662{
dcef0413 4663 struct nfs4_ol_stateid *stp;
d3b313a4 4664 struct nfs4_client *clp = lo->lo_owner.so_client;
1da177e4 4665
996e0938 4666 stp = nfs4_alloc_stateid(clp);
5ac049ac 4667 if (stp == NULL)
6136d2b4 4668 return NULL;
3abdb607 4669 stp->st_stid.sc_type = NFS4_LOCK_STID;
fe0750e5
BF		 4670 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
4671 stp->st_stateowner = &lo->lo_owner;
13cd2184 4672 get_nfs4_file(fp);
1da177e4 4673 stp->st_file = fp;
0997b173 4674 stp->st_access_bmap = 0;
1da177e4 4675 stp->st_deny_bmap = open_stp->st_deny_bmap;
4c4cd222 4676 stp->st_openstp = open_stp;
3c87b9b7 4677 list_add(&stp->st_locks, &open_stp->st_locks);
1d31a253
TM		 4678 spin_lock(&fp->fi_lock);
4679 list_add(&stp->st_perfile, &fp->fi_stateids);
4680 spin_unlock(&fp->fi_lock);
1da177e4
LT		 4681 return stp;
4682}
4683
c53530da
JL		 4684static struct nfs4_ol_stateid *
4685find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp)
4686{
4687 struct nfs4_ol_stateid *lst;
4688
4689 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) {
4690 if (lst->st_file == fp)
4691 return lst;
4692 }
4693 return NULL;
4694}
4695
4696
fd39ca9a 4697static int
1da177e4
LT		 4698check_lock_length(u64 offset, u64 length)
4699{
87df4de8 4700 return ((length == 0) || ((length != NFS4_MAX_UINT64) &&
1da177e4
LT		 4701 LOFF_OVERFLOW(offset, length)));
4702}
4703
dcef0413 4704static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
0997b173
BF		 4705{
4706 struct nfs4_file *fp = lock_stp->st_file;
0997b173 4707
7214e860
JL		 4708 lockdep_assert_held(&fp->fi_lock);
4709
82c5ff1b 4710 if (test_access(access, lock_stp))
0997b173 4711 return;
12659651 4712 __nfs4_file_get_access(fp, access);
82c5ff1b 4713 set_access(access, lock_stp);
0997b173
BF		 4714}
4715
2355c596 4716static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new)
64a284d0
BF		 4717{
4718 struct nfs4_file *fi = ost->st_file;
4719 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
4720 struct nfs4_client *cl = oo->oo_owner.so_client;
f9c00c3a 4721 struct inode *inode = cstate->current_fh.fh_dentry->d_inode;
64a284d0
BF		 4722 struct nfs4_lockowner *lo;
4723 unsigned int strhashval;
20e9e2bc 4724 struct nfsd_net *nn = net_generic(cl->net, nfsd_net_id);
64a284d0 4725
b3c32bcd 4726 lo = find_lockowner_str(&cl->cl_clientid, &lock->v.new.owner, nn);
c53530da
JL		 4727 if (!lo) {
4728 strhashval = ownerstr_hashval(cl->cl_clientid.cl_id,
4729 &lock->v.new.owner);
4730 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
4731 if (lo == NULL)
4732 return nfserr_jukebox;
4733 } else {
4734 /* with an existing lockowner, seqids must be the same */
4735 if (!cstate->minorversion &&
4736 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid)
64a284d0 4737 return nfserr_bad_seqid;
64a284d0 4738 }
c53530da
JL		 4739
4740 *lst = find_lock_stateid(lo, fi);
64a284d0 4741 if (*lst == NULL) {
f9c00c3a 4742 *lst = alloc_init_lock_stateid(lo, fi, inode, ost);
c53530da
JL		 4743 if (*lst == NULL) {
4744 release_lockowner_if_empty(lo);
4745 return nfserr_jukebox;
4746 }
4747 *new = true;
64a284d0 4748 }
64a284d0
BF		 4749 return nfs_ok;
4750}
4751
1da177e4
LT		 4752/*
4753 * LOCK operation
4754 */
b37ad28b 4755__be32
ca364317 4756nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4757 struct nfsd4_lock *lock)
1da177e4 4758{
fe0750e5
BF		 4759 struct nfs4_openowner *open_sop = NULL;
4760 struct nfs4_lockowner *lock_sop = NULL;
dcef0413 4761 struct nfs4_ol_stateid *lock_stp;
7214e860 4762 struct nfs4_file *fp;
7d947842 4763 struct file *filp = NULL;
21179d81
JL		 4764 struct file_lock *file_lock = NULL;
4765 struct file_lock *conflock = NULL;
b37ad28b 4766 __be32 status = 0;
64a284d0 4767 bool new_state = false;
b34f27aa 4768 int lkflg;
b8dd7b9a 4769 int err;
3320fef1
SK		 4770 struct net *net = SVC_NET(rqstp);
4771 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4
LT		 4772
4773 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
4774 (long long) lock->lk_offset,
4775 (long long) lock->lk_length);
4776
1da177e4
LT		 4777 if (check_lock_length(lock->lk_offset, lock->lk_length))
4778 return nfserr_inval;
4779
ca364317 4780 if ((status = fh_verify(rqstp, &cstate->current_fh,
8837abca 4781 S_IFREG, NFSD_MAY_LOCK))) {
a6f6ef2f
AA		 4782 dprintk("NFSD: nfsd4_lock: permission denied!\n");
4783 return status;
4784 }
4785
1da177e4
LT		 4786 nfs4_lock_state();
4787
4788 if (lock->lk_is_new) {
dcef0413 4789 struct nfs4_ol_stateid *open_stp = NULL;
684e5638
BF		 4790
4791 if (nfsd4_has_session(cstate))
4792 /* See rfc 5661 18.10.3: given clientid is ignored: */
4793 memcpy(&lock->v.new.clientid,
4794 &cstate->session->se_client->cl_clientid,
4795 sizeof(clientid_t));
4796
1da177e4 4797 status = nfserr_stale_clientid;
2c142baa 4798 if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
1da177e4 4799 goto out;
1da177e4 4800
1da177e4 4801 /* validate and update open stateid and open seqid */
c0a5d93e 4802 status = nfs4_preprocess_confirmed_seqid_op(cstate,
1da177e4
LT		 4803 lock->lk_new_open_seqid,
4804 &lock->lk_new_open_stateid,
3320fef1 4805 &open_stp, nn);
37515177 4806 if (status)
1da177e4 4807 goto out;
fe0750e5 4808 open_sop = openowner(open_stp->st_stateowner);
b34f27aa 4809 status = nfserr_bad_stateid;
684e5638 4810 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
b34f27aa
BF		 4811 &lock->v.new.clientid))
4812 goto out;
64a284d0
BF		 4813 status = lookup_or_create_lock_state(cstate, open_stp, lock,
4814 &lock_stp, &new_state);
e1aaa891 4815 } else
dd453dfd 4816 status = nfs4_preprocess_seqid_op(cstate,
fe0750e5
BF		 4817 lock->lk_old_lock_seqid,
4818 &lock->lk_old_lock_stateid,
3320fef1 4819 NFS4_LOCK_STID, &lock_stp, nn);
e1aaa891
BF		 4820 if (status)
4821 goto out;
64a284d0 4822 lock_sop = lockowner(lock_stp->st_stateowner);
1da177e4 4823
b34f27aa
BF		 4824 lkflg = setlkflg(lock->lk_type);
4825 status = nfs4_check_openmode(lock_stp, lkflg);
4826 if (status)
4827 goto out;
4828
0dd395dc 4829 status = nfserr_grace;
3320fef1 4830 if (locks_in_grace(net) && !lock->lk_reclaim)
0dd395dc
N		 4831 goto out;
4832 status = nfserr_no_grace;
3320fef1 4833 if (!locks_in_grace(net) && lock->lk_reclaim)
0dd395dc
N		 4834 goto out;
4835
21179d81
JL		 4836 file_lock = locks_alloc_lock();
4837 if (!file_lock) {
4838 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4839 status = nfserr_jukebox;
4840 goto out;
4841 }
4842
7214e860 4843 fp = lock_stp->st_file;
21179d81 4844 locks_init_lock(file_lock);
1da177e4
LT		 4845 switch (lock->lk_type) {
4846 case NFS4_READ_LT:
4847 case NFS4_READW_LT:
7214e860
JL		 4848 spin_lock(&fp->fi_lock);
4849 filp = find_readable_file_locked(fp);
0997b173
BF		 4850 if (filp)
4851 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
7214e860 4852 spin_unlock(&fp->fi_lock);
21179d81 4853 file_lock->fl_type = F_RDLCK;
529d7b2a 4854 break;
1da177e4
LT		 4855 case NFS4_WRITE_LT:
4856 case NFS4_WRITEW_LT:
7214e860
JL		 4857 spin_lock(&fp->fi_lock);
4858 filp = find_writeable_file_locked(fp);
0997b173
BF		 4859 if (filp)
4860 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
7214e860 4861 spin_unlock(&fp->fi_lock);
21179d81 4862 file_lock->fl_type = F_WRLCK;
529d7b2a 4863 break;
1da177e4
LT		 4864 default:
4865 status = nfserr_inval;
4866 goto out;
4867 }
f9d7562f
BF		 4868 if (!filp) {
4869 status = nfserr_openmode;
4870 goto out;
4871 }
21179d81
JL		 4872 file_lock->fl_owner = (fl_owner_t)lock_sop;
4873 file_lock->fl_pid = current->tgid;
4874 file_lock->fl_file = filp;
4875 file_lock->fl_flags = FL_POSIX;
4876 file_lock->fl_lmops = &nfsd_posix_mng_ops;
4877 file_lock->fl_start = lock->lk_offset;
4878 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
4879 nfs4_transform_lock_offset(file_lock);
4880
4881 conflock = locks_alloc_lock();
4882 if (!conflock) {
4883 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4884 status = nfserr_jukebox;
4885 goto out;
4886 }
1da177e4 4887
21179d81 4888 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock);
b8dd7b9a 4889 switch (-err) {
1da177e4 4890 case 0: /* success! */
dcef0413
BF		 4891 update_stateid(&lock_stp->st_stid.sc_stateid);
4892 memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid,
1da177e4 4893 sizeof(stateid_t));
b8dd7b9a 4894 status = 0;
eb76b3fd
AA		 4895 break;
4896 case (EAGAIN): /* conflock holds conflicting lock */
4897 status = nfserr_denied;
4898 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
21179d81 4899 nfs4_set_lock_denied(conflock, &lock->lk_denied);
eb76b3fd 4900 break;
1da177e4
LT		 4901 case (EDEADLK):
4902 status = nfserr_deadlock;
eb76b3fd 4903 break;
3e772463 4904 default:
fd85b817 4905 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
3e772463 4906 status = nfserrno(err);
eb76b3fd 4907 break;
1da177e4 4908 }
1da177e4 4909out:
de18643d
TM		 4910 if (filp)
4911 fput(filp);
64a284d0 4912 if (status && new_state)
c53530da 4913 release_lock_stateid(lock_stp);
9411b1d4 4914 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4915 if (!cstate->replay_owner)
4916 nfs4_unlock_state();
21179d81
JL		 4917 if (file_lock)
4918 locks_free_lock(file_lock);
4919 if (conflock)
4920 locks_free_lock(conflock);
1da177e4
LT		 4921 return status;
4922}
4923
55ef1274
BF		 4924/*
4925 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
4926 * so we do a temporary open here just to get an open file to pass to
4927 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
4928 * inode operation.)
4929 */
04da6e9d 4930static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
55ef1274
BF		 4931{
4932 struct file *file;
04da6e9d
AV		 4933 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
4934 if (!err) {
4935 err = nfserrno(vfs_test_lock(file, lock));
4936 nfsd_close(file);
4937 }
55ef1274
BF		 4938 return err;
4939}
4940
1da177e4
LT		 4941/*
4942 * LOCKT operation
4943 */
b37ad28b 4944__be32
ca364317
BF		 4945nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4946 struct nfsd4_lockt *lockt)
1da177e4 4947{
21179d81 4948 struct file_lock *file_lock = NULL;
fe0750e5 4949 struct nfs4_lockowner *lo;
b37ad28b 4950 __be32 status;
7f2210fa 4951 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4952
5ccb0066 4953 if (locks_in_grace(SVC_NET(rqstp)))
1da177e4
LT		 4954 return nfserr_grace;
4955
4956 if (check_lock_length(lockt->lt_offset, lockt->lt_length))
4957 return nfserr_inval;
4958
1da177e4
LT		 4959 nfs4_lock_state();
4960
9b2ef62b 4961 if (!nfsd4_has_session(cstate)) {
4b24ca7d 4962 status = lookup_clientid(&lockt->lt_clientid, cstate, nn);
9b2ef62b
BF		 4963 if (status)
4964 goto out;
4965 }
1da177e4 4966
75c096f7 4967 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
1da177e4 4968 goto out;
1da177e4 4969
21179d81
JL		 4970 file_lock = locks_alloc_lock();
4971 if (!file_lock) {
4972 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4973 status = nfserr_jukebox;
4974 goto out;
4975 }
4976 locks_init_lock(file_lock);
1da177e4
LT		 4977 switch (lockt->lt_type) {
4978 case NFS4_READ_LT:
4979 case NFS4_READW_LT:
21179d81 4980 file_lock->fl_type = F_RDLCK;
1da177e4
LT		 4981 break;
4982 case NFS4_WRITE_LT:
4983 case NFS4_WRITEW_LT:
21179d81 4984 file_lock->fl_type = F_WRLCK;
1da177e4
LT		 4985 break;
4986 default:
2fdada03 4987 dprintk("NFSD: nfs4_lockt: bad lock type!\n");
1da177e4
LT		 4988 status = nfserr_inval;
4989 goto out;
4990 }
4991
b3c32bcd 4992 lo = find_lockowner_str(&lockt->lt_clientid, &lockt->lt_owner, nn);
fe0750e5 4993 if (lo)
21179d81
JL		 4994 file_lock->fl_owner = (fl_owner_t)lo;
4995 file_lock->fl_pid = current->tgid;
4996 file_lock->fl_flags = FL_POSIX;
1da177e4 4997
21179d81
JL		 4998 file_lock->fl_start = lockt->lt_offset;
4999 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
1da177e4 5000
21179d81 5001 nfs4_transform_lock_offset(file_lock);
1da177e4 5002
21179d81 5003 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
04da6e9d 5004 if (status)
fd85b817 5005 goto out;
04da6e9d 5006
21179d81 5007 if (file_lock->fl_type != F_UNLCK) {
1da177e4 5008 status = nfserr_denied;
21179d81 5009 nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
1da177e4
LT		 5010 }
5011out:
5012 nfs4_unlock_state();
21179d81
JL		 5013 if (file_lock)
5014 locks_free_lock(file_lock);
1da177e4
LT		 5015 return status;
5016}
5017
b37ad28b 5018__be32
ca364317 5019nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 5020 struct nfsd4_locku *locku)
1da177e4 5021{
dcef0413 5022 struct nfs4_ol_stateid *stp;
1da177e4 5023 struct file *filp = NULL;
21179d81 5024 struct file_lock *file_lock = NULL;
b37ad28b 5025 __be32 status;
b8dd7b9a 5026 int err;
3320fef1
SK		 5027 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5028
1da177e4
LT		 5029 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
5030 (long long) locku->lu_offset,
5031 (long long) locku->lu_length);
5032
5033 if (check_lock_length(locku->lu_offset, locku->lu_length))
5034 return nfserr_inval;
5035
5036 nfs4_lock_state();
5037
9072d5c6 5038 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
3320fef1
SK		 5039 &locku->lu_stateid, NFS4_LOCK_STID,
5040 &stp, nn);
9072d5c6 5041 if (status)
1da177e4 5042 goto out;
f9d7562f
BF		 5043 filp = find_any_file(stp->st_file);
5044 if (!filp) {
5045 status = nfserr_lock_range;
5046 goto out;
5047 }
21179d81
JL		 5048 file_lock = locks_alloc_lock();
5049 if (!file_lock) {
5050 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5051 status = nfserr_jukebox;
de18643d 5052 goto fput;
21179d81
JL		 5053 }
5054 locks_init_lock(file_lock);
5055 file_lock->fl_type = F_UNLCK;
0a262ffb 5056 file_lock->fl_owner = (fl_owner_t)lockowner(stp->st_stateowner);
21179d81
JL		 5057 file_lock->fl_pid = current->tgid;
5058 file_lock->fl_file = filp;
5059 file_lock->fl_flags = FL_POSIX;
5060 file_lock->fl_lmops = &nfsd_posix_mng_ops;
5061 file_lock->fl_start = locku->lu_offset;
5062
5063 file_lock->fl_end = last_byte_offset(locku->lu_offset,
5064 locku->lu_length);
5065 nfs4_transform_lock_offset(file_lock);
1da177e4 5066
21179d81 5067 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL);
b8dd7b9a 5068 if (err) {
fd85b817 5069 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
1da177e4
LT		 5070 goto out_nfserr;
5071 }
dcef0413
BF		 5072 update_stateid(&stp->st_stid.sc_stateid);
5073 memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
de18643d
TM		 5074fput:
5075 fput(filp);
1da177e4 5076out:
9411b1d4 5077 nfsd4_bump_seqid(cstate, status);
71c3bcd7
BF		 5078 if (!cstate->replay_owner)
5079 nfs4_unlock_state();
21179d81
JL		 5080 if (file_lock)
5081 locks_free_lock(file_lock);
1da177e4
LT		 5082 return status;
5083
5084out_nfserr:
b8dd7b9a 5085 status = nfserrno(err);
de18643d 5086 goto fput;
1da177e4
LT		 5087}
5088
5089/*
5090 * returns
f9c00c3a
JL		 5091 * true: locks held by lockowner
5092 * false: no locks held by lockowner
1da177e4 5093 */
f9c00c3a
JL		 5094static bool
5095check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner)
1da177e4
LT		 5096{
5097 struct file_lock **flpp;
f9c00c3a
JL		 5098 int status = false;
5099 struct file *filp = find_any_file(fp);
5100 struct inode *inode;
5101
5102 if (!filp) {
5103 /* Any valid lock stateid should have some sort of access */
5104 WARN_ON_ONCE(1);
5105 return status;
5106 }
5107
5108 inode = file_inode(filp);
1da177e4 5109
1c8c601a 5110 spin_lock(&inode->i_lock);
1da177e4 5111 for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) {
796dadfd 5112 if ((*flpp)->fl_owner == (fl_owner_t)lowner) {
f9c00c3a
JL		 5113 status = true;
5114 break;
796dadfd 5115 }
1da177e4 5116 }
1c8c601a 5117 spin_unlock(&inode->i_lock);
f9c00c3a 5118 fput(filp);
1da177e4
LT		 5119 return status;
5120}
5121
b37ad28b 5122__be32
b591480b
BF		 5123nfsd4_release_lockowner(struct svc_rqst *rqstp,
5124 struct nfsd4_compound_state *cstate,
5125 struct nfsd4_release_lockowner *rlockowner)
1da177e4
LT		 5126{
5127 clientid_t *clid = &rlockowner->rl_clientid;
fd44907c 5128 struct nfs4_stateowner *sop = NULL, *tmp;
fe0750e5 5129 struct nfs4_lockowner *lo;
dcef0413 5130 struct nfs4_ol_stateid *stp;
1da177e4 5131 struct xdr_netobj *owner = &rlockowner->rl_owner;
16bfdaaf 5132 unsigned int hashval = ownerstr_hashval(clid->cl_id, owner);
b37ad28b 5133 __be32 status;
7f2210fa 5134 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4
LT		 5135
5136 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
5137 clid->cl_boot, clid->cl_id);
5138
1da177e4
LT		 5139 nfs4_lock_state();
5140
4b24ca7d 5141 status = lookup_clientid(clid, cstate, nn);
9b2ef62b
BF		 5142 if (status)
5143 goto out;
5144
3e9e3dbe 5145 status = nfserr_locks_held;
06f1f864 5146
fd44907c
JL		 5147 /* Find the matching lock stateowner */
5148 list_for_each_entry(tmp, &nn->ownerstr_hashtbl[hashval], so_strhash) {
5149 if (tmp->so_is_open_owner)
06f1f864 5150 continue;
fd44907c
JL		 5151 if (same_owner_str(tmp, owner, clid)) {
5152 sop = tmp;
5153 break;
1da177e4 5154 }
3e9e3dbe 5155 }
fd44907c
JL		 5156
5157 /* No matching owner found, maybe a replay? Just declare victory... */
5158 if (!sop) {
5159 status = nfs_ok;
5160 goto out;
5161 }
5162
5163 lo = lockowner(sop);
5164 /* see if there are still any locks associated with it */
5165 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) {
5166 if (check_for_locks(stp->st_file, lo))
5167 goto out;
1da177e4 5168 }
fd44907c
JL		 5169
5170 status = nfs_ok;
5171 release_lockowner(lo);
1da177e4
LT		 5172out:
5173 nfs4_unlock_state();
5174 return status;
5175}
5176
5177static inline struct nfs4_client_reclaim *
a55370a3 5178alloc_reclaim(void)
1da177e4 5179{
a55370a3 5180 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
1da177e4
LT		 5181}
5182
0ce0c2b5 5183bool
52e19c09 5184nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn)
c7b9a459 5185{
0ce0c2b5 5186 struct nfs4_client_reclaim *crp;
c7b9a459 5187
52e19c09 5188 crp = nfsd4_find_reclaim_client(name, nn);
0ce0c2b5 5189 return (crp && crp->cr_clp);
c7b9a459
N		 5190}
5191
1da177e4
LT		 5192/*
5193 * failure => all reset bets are off, nfserr_no_grace...
5194 */
772a9bbb 5195struct nfs4_client_reclaim *
52e19c09 5196nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn)
1da177e4
LT		 5197{
5198 unsigned int strhashval;
772a9bbb 5199 struct nfs4_client_reclaim *crp;
1da177e4 5200
a55370a3
N		 5201 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
5202 crp = alloc_reclaim();
772a9bbb
JL		 5203 if (crp) {
5204 strhashval = clientstr_hashval(name);
5205 INIT_LIST_HEAD(&crp->cr_strhash);
52e19c09 5206 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]);
772a9bbb 5207 memcpy(crp->cr_recdir, name, HEXDIR_LEN);
0ce0c2b5 5208 crp->cr_clp = NULL;
52e19c09 5209 nn->reclaim_str_hashtbl_size++;
772a9bbb
JL		 5210 }
5211 return crp;
1da177e4
LT		 5212}
5213
ce30e539 5214void
52e19c09 5215nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn)
ce30e539
JL		 5216{
5217 list_del(&crp->cr_strhash);
5218 kfree(crp);
52e19c09 5219 nn->reclaim_str_hashtbl_size--;
ce30e539
JL		 5220}
5221
2a4317c5 5222void
52e19c09 5223nfs4_release_reclaim(struct nfsd_net *nn)
1da177e4
LT		 5224{
5225 struct nfs4_client_reclaim *crp = NULL;
5226 int i;
5227
1da177e4 5228 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
52e19c09
SK		 5229 while (!list_empty(&nn->reclaim_str_hashtbl[i])) {
5230 crp = list_entry(nn->reclaim_str_hashtbl[i].next,
1da177e4 5231 struct nfs4_client_reclaim, cr_strhash);
52e19c09 5232 nfs4_remove_reclaim_record(crp, nn);
1da177e4
LT		 5233 }
5234 }
063b0fb9 5235 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size);
1da177e4
LT		 5236}
5237
5238/*
5239 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
2a4317c5 5240struct nfs4_client_reclaim *
52e19c09 5241nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn)
1da177e4
LT		 5242{
5243 unsigned int strhashval;
1da177e4
LT		 5244 struct nfs4_client_reclaim *crp = NULL;
5245
278c931c 5246 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir);
1da177e4 5247
278c931c 5248 strhashval = clientstr_hashval(recdir);
52e19c09 5249 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) {
278c931c 5250 if (same_name(crp->cr_recdir, recdir)) {
1da177e4
LT		 5251 return crp;
5252 }
5253 }
5254 return NULL;
5255}
5256
5257/*
5258* Called from OPEN. Look for clientid in reclaim list.
5259*/
b37ad28b 5260__be32
0fe492db
TM		 5261nfs4_check_open_reclaim(clientid_t *clid,
5262 struct nfsd4_compound_state *cstate,
5263 struct nfsd_net *nn)
1da177e4 5264{
0fe492db 5265 __be32 status;
a52d726b
JL		 5266
5267 /* find clientid in conf_id_hashtbl */
0fe492db
TM		 5268 status = lookup_clientid(clid, cstate, nn);
5269 if (status)
a52d726b
JL		 5270 return nfserr_reclaim_bad;
5271
0fe492db
TM		 5272 if (nfsd4_client_record_check(cstate->clp))
5273 return nfserr_reclaim_bad;
5274
5275 return nfs_ok;
1da177e4
LT		 5276}
5277
65178db4
BS		 5278#ifdef CONFIG_NFSD_FAULT_INJECTION
5279
44e34da6
BS		 5280u64 nfsd_forget_client(struct nfs4_client *clp, u64 max)
5281{
221a6876
BF		 5282 if (mark_client_expired(clp))
5283 return 0;
44e34da6
BS		 5284 expire_client(clp);
5285 return 1;
5286}
5287
184c1847
BS		 5288u64 nfsd_print_client(struct nfs4_client *clp, u64 num)
5289{
5290 char buf[INET6_ADDRSTRLEN];
0a5c33e2 5291 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 5292 printk(KERN_INFO "NFS Client: %s\n", buf);
5293 return 1;
5294}
5295
5296static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
5297 const char *type)
5298{
5299 char buf[INET6_ADDRSTRLEN];
0a5c33e2 5300 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 5301 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
5302}
5303
3c87b9b7
TM		 5304static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max,
5305 void (*func)(struct nfs4_ol_stateid *))
fc29171f
BS		 5306{
5307 struct nfs4_openowner *oop;
fc29171f 5308 struct nfs4_ol_stateid *stp, *st_next;
3c87b9b7 5309 struct nfs4_ol_stateid *lst, *lst_next;
fc29171f
BS		 5310 u64 count = 0;
5311
5312 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) {
3c87b9b7
TM		 5313 list_for_each_entry_safe(stp, st_next,
5314 &oop->oo_owner.so_stateids, st_perstateowner) {
5315 list_for_each_entry_safe(lst, lst_next,
5316 &stp->st_locks, st_locks) {
fc29171f 5317 if (func)
3c87b9b7 5318 func(lst);
fc29171f
BS		 5319 if (++count == max)
5320 return count;
5321 }
5322 }
5323 }
5324
5325 return count;
5326}
5327
5328u64 nfsd_forget_client_locks(struct nfs4_client *clp, u64 max)
5329{
3c87b9b7 5330 return nfsd_foreach_client_lock(clp, max, release_lock_stateid);
fc29171f
BS		 5331}
5332
184c1847
BS		 5333u64 nfsd_print_client_locks(struct nfs4_client *clp, u64 max)
5334{
5335 u64 count = nfsd_foreach_client_lock(clp, max, NULL);
5336 nfsd_print_count(clp, count, "locked files");
5337 return count;
5338}
5339
4dbdbda8
BS		 5340static u64 nfsd_foreach_client_open(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_openowner *))
5341{
5342 struct nfs4_openowner *oop, *next;
5343 u64 count = 0;
5344
5345 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) {
5346 if (func)
5347 func(oop);
5348 if (++count == max)
5349 break;
5350 }
5351
5352 return count;
5353}
5354
5355u64 nfsd_forget_client_openowners(struct nfs4_client *clp, u64 max)
5356{
5357 return nfsd_foreach_client_open(clp, max, release_openowner);
5358}
5359
184c1847
BS		 5360u64 nfsd_print_client_openowners(struct nfs4_client *clp, u64 max)
5361{
5362 u64 count = nfsd_foreach_client_open(clp, max, NULL);
5363 nfsd_print_count(clp, count, "open files");
5364 return count;
5365}
5366
269de30f
BS		 5367static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max,
5368 struct list_head *victims)
5369{
5370 struct nfs4_delegation *dp, *next;
5371 u64 count = 0;
5372
cdc97505 5373 lockdep_assert_held(&state_lock);
269de30f 5374 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) {
dff1399f
JL		 5375 if (victims) {
5376 /*
5377 * It's not safe to mess with delegations that have a
5378 * non-zero dl_time. They might have already been broken
5379 * and could be processed by the laundromat outside of
5380 * the state_lock. Just leave them be.
5381 */
5382 if (dp->dl_time != 0)
5383 continue;
5384
42690676
JL		 5385 unhash_delegation_locked(dp);
5386 list_add(&dp->dl_recall_lru, victims);
dff1399f 5387 }
269de30f
BS		 5388 if (++count == max)
5389 break;
5390 }
5391 return count;
5392}
5393
5394u64 nfsd_forget_client_delegations(struct nfs4_client *clp, u64 max)
5395{
5396 struct nfs4_delegation *dp, *next;
5397 LIST_HEAD(victims);
5398 u64 count;
5399
cdc97505 5400 spin_lock(&state_lock);
269de30f 5401 count = nfsd_find_all_delegations(clp, max, &victims);
cdc97505 5402 spin_unlock(&state_lock);
269de30f
BS		 5403
5404 list_for_each_entry_safe(dp, next, &victims, dl_recall_lru)
3bd64a5b 5405 revoke_delegation(dp);
269de30f
BS		 5406
5407 return count;
5408}
5409
5410u64 nfsd_recall_client_delegations(struct nfs4_client *clp, u64 max)
5411{
dff1399f 5412 struct nfs4_delegation *dp;
269de30f
BS		 5413 LIST_HEAD(victims);
5414 u64 count;
5415
cdc97505 5416 spin_lock(&state_lock);
269de30f 5417 count = nfsd_find_all_delegations(clp, max, &victims);
dff1399f
JL		 5418 while (!list_empty(&victims)) {
5419 dp = list_first_entry(&victims, struct nfs4_delegation,
5420 dl_recall_lru);
5421 list_del_init(&dp->dl_recall_lru);
5422 dp->dl_time = 0;
269de30f 5423 nfsd_break_one_deleg(dp);
dff1399f 5424 }
cdc97505 5425 spin_unlock(&state_lock);
269de30f
BS		 5426
5427 return count;
5428}
5429
184c1847
BS		 5430u64 nfsd_print_client_delegations(struct nfs4_client *clp, u64 max)
5431{
5432 u64 count = 0;
5433
cdc97505 5434 spin_lock(&state_lock);
184c1847 5435 count = nfsd_find_all_delegations(clp, max, NULL);
cdc97505 5436 spin_unlock(&state_lock);
184c1847
BS		 5437
5438 nfsd_print_count(clp, count, "delegations");
5439 return count;
5440}
5441
44e34da6 5442u64 nfsd_for_n_state(u64 max, u64 (*func)(struct nfs4_client *, u64))
65178db4
BS		 5443{
5444 struct nfs4_client *clp, *next;
44e34da6 5445 u64 count = 0;
3320fef1 5446 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
65178db4 5447
44e34da6
BS		 5448 if (!nfsd_netns_ready(nn))
5449 return 0;
5450
5ed58bb2 5451 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
44e34da6
BS		 5452 count += func(clp, max - count);
5453 if ((max != 0) && (count >= max))
65178db4
BS		 5454 break;
5455 }
65178db4 5456
44e34da6
BS		 5457 return count;
5458}
5459
6c1e82a4
BS		 5460struct nfs4_client *nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size)
5461{
5462 struct nfs4_client *clp;
5463 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
5464
5465 if (!nfsd_netns_ready(nn))
5466 return NULL;
5467
5468 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
5469 if (memcmp(&clp->cl_addr, addr, addr_size) == 0)
5470 return clp;
5471 }
5472 return NULL;
5473}
5474
65178db4
BS		 5475#endif /* CONFIG_NFSD_FAULT_INJECTION */
5476
c2f1a551
MS		 5477/*
5478 * Since the lifetime of a delegation isn't limited to that of an open, a
5479 * client may quite reasonably hang on to a delegation as long as it has
5480 * the inode cached. This becomes an obvious problem the first time a
5481 * client's inode cache approaches the size of the server's total memory.
5482 *
5483 * For now we avoid this problem by imposing a hard limit on the number
5484 * of delegations, which varies according to the server's memory size.
5485 */
5486static void
5487set_max_delegations(void)
5488{
5489 /*
5490 * Allow at most 4 delegations per megabyte of RAM. Quick
5491 * estimates suggest that in the worst case (where every delegation
5492 * is for a different inode), a delegation could take about 1.5K,
5493 * giving a worst case usage of about 6% of memory.
5494 */
5495 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
5496}
5497
d85ed443 5498static int nfs4_state_create_net(struct net *net)
8daae4dc
SK		 5499{
5500 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5501 int i;
5502
5503 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) *
5504 CLIENT_HASH_SIZE, GFP_KERNEL);
5505 if (!nn->conf_id_hashtbl)
382a62e7 5506 goto err;
0a7ec377
SK		 5507 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) *
5508 CLIENT_HASH_SIZE, GFP_KERNEL);
5509 if (!nn->unconf_id_hashtbl)
5510 goto err_unconf_id;
9b531137
SK		 5511 nn->ownerstr_hashtbl = kmalloc(sizeof(struct list_head) *
5512 OWNER_HASH_SIZE, GFP_KERNEL);
5513 if (!nn->ownerstr_hashtbl)
5514 goto err_ownerstr;
1872de0e
SK		 5515 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) *
5516 SESSION_HASH_SIZE, GFP_KERNEL);
5517 if (!nn->sessionid_hashtbl)
5518 goto err_sessionid;
8daae4dc 5519
382a62e7 5520 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
8daae4dc 5521 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]);
0a7ec377 5522 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]);
382a62e7 5523 }
9b531137
SK		 5524 for (i = 0; i < OWNER_HASH_SIZE; i++)
5525 INIT_LIST_HEAD(&nn->ownerstr_hashtbl[i]);
1872de0e
SK		 5526 for (i = 0; i < SESSION_HASH_SIZE; i++)
5527 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]);
382a62e7 5528 nn->conf_name_tree = RB_ROOT;
a99454aa 5529 nn->unconf_name_tree = RB_ROOT;
5ed58bb2 5530 INIT_LIST_HEAD(&nn->client_lru);
73758fed 5531 INIT_LIST_HEAD(&nn->close_lru);
e8c69d17 5532 INIT_LIST_HEAD(&nn->del_recall_lru);
c9a49628 5533 spin_lock_init(&nn->client_lock);
8daae4dc 5534
09121281 5535 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main);
d85ed443 5536 get_net(net);
09121281 5537
8daae4dc 5538 return 0;
382a62e7 5539
1872de0e 5540err_sessionid:
20e9e2bc 5541 kfree(nn->ownerstr_hashtbl);
9b531137
SK		 5542err_ownerstr:
5543 kfree(nn->unconf_id_hashtbl);
0a7ec377
SK		 5544err_unconf_id:
5545 kfree(nn->conf_id_hashtbl);
382a62e7
SK		 5546err:
5547 return -ENOMEM;
8daae4dc
SK		 5548}
5549
5550static void
4dce0ac9 5551nfs4_state_destroy_net(struct net *net)
8daae4dc
SK		 5552{
5553 int i;
5554 struct nfs4_client *clp = NULL;
5555 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5556
5557 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
5558 while (!list_empty(&nn->conf_id_hashtbl[i])) {
5559 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
5560 destroy_client(clp);
5561 }
5562 }
a99454aa 5563
2b905635
KM		 5564 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
5565 while (!list_empty(&nn->unconf_id_hashtbl[i])) {
5566 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
5567 destroy_client(clp);
5568 }
a99454aa
SK		 5569 }
5570
1872de0e 5571 kfree(nn->sessionid_hashtbl);
9b531137 5572 kfree(nn->ownerstr_hashtbl);
0a7ec377 5573 kfree(nn->unconf_id_hashtbl);
8daae4dc 5574 kfree(nn->conf_id_hashtbl);
4dce0ac9 5575 put_net(net);
8daae4dc
SK		 5576}
5577
f252bc68 5578int
d85ed443 5579nfs4_state_start_net(struct net *net)
ac4d8ff2 5580{
5e1533c7 5581 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b5a1a81e
BF		 5582 int ret;
5583
d85ed443 5584 ret = nfs4_state_create_net(net);
8daae4dc
SK		 5585 if (ret)
5586 return ret;
5e1533c7 5587 nfsd4_client_tracking_init(net);
2c142baa 5588 nn->boot_time = get_seconds();
5ccb0066 5589 locks_start_grace(net, &nn->nfsd4_manager);
a51c84ed 5590 nn->grace_ended = false;
d85ed443 5591 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %p)\n",
5284b44e
SK		 5592 nn->nfsd4_grace, net);
5593 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ);
d85ed443
SK		 5594 return 0;
5595}
5596
5597/* initialization to perform when the nfsd service is started: */
5598
5599int
5600nfs4_state_start(void)
5601{
5602 int ret;
5603
b5a1a81e 5604 ret = set_callback_cred();
d85ed443
SK		 5605 if (ret)
5606 return -ENOMEM;
58da282b 5607 laundry_wq = create_singlethread_workqueue("nfsd4");
a6d6b781
JL		 5608 if (laundry_wq == NULL) {
5609 ret = -ENOMEM;
5610 goto out_recovery;
5611 }
b5a1a81e
BF		 5612 ret = nfsd4_create_callback_queue();
5613 if (ret)
5614 goto out_free_laundry;
09121281 5615
c2f1a551 5616 set_max_delegations();
d85ed443 5617
b5a1a81e 5618 return 0;
d85ed443 5619
b5a1a81e
BF		 5620out_free_laundry:
5621 destroy_workqueue(laundry_wq);
a6d6b781 5622out_recovery:
b5a1a81e 5623 return ret;
1da177e4
LT		 5624}
5625
f252bc68 5626void
4dce0ac9 5627nfs4_state_shutdown_net(struct net *net)
1da177e4 5628{
1da177e4 5629 struct nfs4_delegation *dp = NULL;
1da177e4 5630 struct list_head *pos, *next, reaplist;
4dce0ac9 5631 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 5632
4dce0ac9
SK		 5633 cancel_delayed_work_sync(&nn->laundromat_work);
5634 locks_end_grace(&nn->nfsd4_manager);
ac55fdc4 5635
e50a26dc 5636 nfs4_lock_state();
1da177e4 5637 INIT_LIST_HEAD(&reaplist);
cdc97505 5638 spin_lock(&state_lock);
e8c69d17 5639 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 5640 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 5641 unhash_delegation_locked(dp);
5642 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 5643 }
cdc97505 5644 spin_unlock(&state_lock);
1da177e4
LT		 5645 list_for_each_safe(pos, next, &reaplist) {
5646 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 5647 list_del_init(&dp->dl_recall_lru);
5648 nfs4_put_delegation(dp);
1da177e4
LT		 5649 }
5650
3320fef1 5651 nfsd4_client_tracking_exit(net);
4dce0ac9 5652 nfs4_state_destroy_net(net);
e50a26dc 5653 nfs4_unlock_state();
1da177e4
LT		 5654}
5655
5656void
5657nfs4_state_shutdown(void)
5658{
5e8d5c29 5659 destroy_workqueue(laundry_wq);
c3935e30 5660 nfsd4_destroy_callback_queue();
1da177e4 5661}
8b70484c
TM		 5662
5663static void
5664get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
5665{
37c593c5
TM		 5666 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
5667 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
8b70484c
TM		 5668}
5669
5670static void
5671put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
5672{
37c593c5
TM		 5673 if (cstate->minorversion) {
5674 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
5675 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
5676 }
5677}
5678
5679void
5680clear_current_stateid(struct nfsd4_compound_state *cstate)
5681{
5682 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
8b70484c
TM		 5683}
5684
62cd4a59
TM		 5685/*
5686 * functions to set current state id
5687 */
9428fe1a
TM		 5688void
5689nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
5690{
5691 put_stateid(cstate, &odp->od_stateid);
5692}
5693
8b70484c
TM		 5694void
5695nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
5696{
5697 put_stateid(cstate, &open->op_stateid);
5698}
5699
62cd4a59
TM		 5700void
5701nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
5702{
5703 put_stateid(cstate, &close->cl_stateid);
5704}
5705
5706void
5707nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
5708{
5709 put_stateid(cstate, &lock->lk_resp_stateid);
5710}
5711
5712/*
5713 * functions to consume current state id
5714 */
1e97b519 5715
9428fe1a
TM		 5716void
5717nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
5718{
5719 get_stateid(cstate, &odp->od_stateid);
5720}
5721
5722void
5723nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
5724{
5725 get_stateid(cstate, &drp->dr_stateid);
5726}
5727
1e97b519
TM		 5728void
5729nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
5730{
5731 get_stateid(cstate, &fsp->fr_stateid);
5732}
5733
5734void
5735nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
5736{
5737 get_stateid(cstate, &setattr->sa_stateid);
5738}
5739
8b70484c
TM		 5740void
5741nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
5742{
5743 get_stateid(cstate, &close->cl_stateid);
5744}
5745
5746void
62cd4a59 5747nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
8b70484c 5748{
62cd4a59 5749 get_stateid(cstate, &locku->lu_stateid);
8b70484c 5750}
30813e27
TM		 5751
5752void
5753nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
5754{
5755 get_stateid(cstate, &read->rd_stateid);
5756}
5757
5758void
5759nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
5760{
5761 get_stateid(cstate, &write->wr_stateid);
5762}
Linux kernel - Deliverables
This page took 1.324392 seconds and 5 git commands to generate.