1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Central processing for nfsd.
4 *
5 * Authors: Olaf Kirch (okir@monad.swb.de)
6 *
7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 */
9
10 #include <linux/sched/signal.h>
11 #include <linux/freezer.h>
12 #include <linux/module.h>
13 #include <linux/fs_struct.h>
14 #include <linux/swap.h>
15 #include <linux/siphash.h>
16
17 #include <linux/sunrpc/stats.h>
18 #include <linux/sunrpc/svcsock.h>
19 #include <linux/sunrpc/svc_xprt.h>
20 #include <linux/lockd/bind.h>
21 #include <linux/nfsacl.h>
22 #include <linux/seq_file.h>
23 #include <linux/inetdevice.h>
24 #include <net/addrconf.h>
25 #include <net/ipv6.h>
26 #include <net/net_namespace.h>
27 #include "nfsd.h"
28 #include "cache.h"
29 #include "vfs.h"
30 #include "netns.h"
31 #include "filecache.h"
32
33 #include "trace.h"
34
35 #define NFSDDBG_FACILITY NFSDDBG_SVC
36
37 extern struct svc_program nfsd_program;
38 static int nfsd(void *vrqstp);
39 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
40 static int nfsd_acl_rpcbind_set(struct net *,
41 const struct svc_program *,
42 u32, int,
43 unsigned short,
44 unsigned short);
45 static __be32 nfsd_acl_init_request(struct svc_rqst *,
46 const struct svc_program *,
47 struct svc_process_info *);
48 #endif
49 static int nfsd_rpcbind_set(struct net *,
50 const struct svc_program *,
51 u32, int,
52 unsigned short,
53 unsigned short);
54 static __be32 nfsd_init_request(struct svc_rqst *,
55 const struct svc_program *,
56 struct svc_process_info *);
57
58 /*
59 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and some members
60 * of the svc_serv struct such as ->sv_temp_socks and ->sv_permsocks.
61 *
62 * Finally, the nfsd_mutex also protects some of the global variables that are
63 * accessed when nfsd starts and that are settable via the write_* routines in
64 * nfsctl.c. In particular:
65 *
66 * user_recovery_dirname
67 * user_lease_time
68 * nfsd_versions
69 */
70 DEFINE_MUTEX(nfsd_mutex);
71
72 /*
73 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used.
74 * nfsd_drc_max_pages limits the total amount of memory available for
75 * version 4.1 DRC caches.
76 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage.
77 */
78 DEFINE_SPINLOCK(nfsd_drc_lock);
79 unsigned long nfsd_drc_max_mem;
80 unsigned long nfsd_drc_mem_used;
81
82 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
83 static struct svc_stat nfsd_acl_svcstats;
84 static const struct svc_version *nfsd_acl_version[] = {
85 # if defined(CONFIG_NFSD_V2_ACL)
86 [2] = &nfsd_acl_version2,
87 # endif
88 # if defined(CONFIG_NFSD_V3_ACL)
89 [3] = &nfsd_acl_version3,
90 # endif
91 };
92
93 #define NFSD_ACL_MINVERS 2
94 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version)
95
96 static struct svc_program nfsd_acl_program = {
97 .pg_prog = NFS_ACL_PROGRAM,
98 .pg_nvers = NFSD_ACL_NRVERS,
99 .pg_vers = nfsd_acl_version,
100 .pg_name = "nfsacl",
101 .pg_class = "nfsd",
102 .pg_stats = &nfsd_acl_svcstats,
103 .pg_authenticate = &svc_set_client,
104 .pg_init_request = nfsd_acl_init_request,
105 .pg_rpcbind_set = nfsd_acl_rpcbind_set,
106 };
107
108 static struct svc_stat nfsd_acl_svcstats = {
109 .program = &nfsd_acl_program,
110 };
111 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */
112
113 static const struct svc_version *nfsd_version[] = {
114 #if defined(CONFIG_NFSD_V2)
115 [2] = &nfsd_version2,
116 #endif
117 [3] = &nfsd_version3,
118 #if defined(CONFIG_NFSD_V4)
119 [4] = &nfsd_version4,
120 #endif
121 };
122
123 #define NFSD_MINVERS 2
124 #define NFSD_NRVERS ARRAY_SIZE(nfsd_version)
125
126 struct svc_program nfsd_program = {
127 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
128 .pg_next = &nfsd_acl_program,
129 #endif
130 .pg_prog = NFS_PROGRAM, /* program number */
131 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */
132 .pg_vers = nfsd_version, /* version table */
133 .pg_name = "nfsd", /* program name */
134 .pg_class = "nfsd", /* authentication class */
135 .pg_stats = &nfsd_svcstats, /* version table */
136 .pg_authenticate = &svc_set_client, /* export authentication */
137 .pg_init_request = nfsd_init_request,
138 .pg_rpcbind_set = nfsd_rpcbind_set,
139 };
140
141 static bool
nfsd_support_version(int vers)142 nfsd_support_version(int vers)
143 {
144 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS)
145 return nfsd_version[vers] != NULL;
146 return false;
147 }
148
149 static bool *
nfsd_alloc_versions(void)150 nfsd_alloc_versions(void)
151 {
152 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL);
153 unsigned i;
154
155 if (vers) {
156 /* All compiled versions are enabled by default */
157 for (i = 0; i < NFSD_NRVERS; i++)
158 vers[i] = nfsd_support_version(i);
159 }
160 return vers;
161 }
162
163 static bool *
nfsd_alloc_minorversions(void)164 nfsd_alloc_minorversions(void)
165 {
166 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1,
167 sizeof(bool), GFP_KERNEL);
168 unsigned i;
169
170 if (vers) {
171 /* All minor versions are enabled by default */
172 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++)
173 vers[i] = nfsd_support_version(4);
174 }
175 return vers;
176 }
177
178 void
nfsd_netns_free_versions(struct nfsd_net * nn)179 nfsd_netns_free_versions(struct nfsd_net *nn)
180 {
181 kfree(nn->nfsd_versions);
182 kfree(nn->nfsd4_minorversions);
183 nn->nfsd_versions = NULL;
184 nn->nfsd4_minorversions = NULL;
185 }
186
187 static void
nfsd_netns_init_versions(struct nfsd_net * nn)188 nfsd_netns_init_versions(struct nfsd_net *nn)
189 {
190 if (!nn->nfsd_versions) {
191 nn->nfsd_versions = nfsd_alloc_versions();
192 nn->nfsd4_minorversions = nfsd_alloc_minorversions();
193 if (!nn->nfsd_versions || !nn->nfsd4_minorversions)
194 nfsd_netns_free_versions(nn);
195 }
196 }
197
nfsd_vers(struct nfsd_net * nn,int vers,enum vers_op change)198 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change)
199 {
200 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS)
201 return 0;
202 switch(change) {
203 case NFSD_SET:
204 if (nn->nfsd_versions)
205 nn->nfsd_versions[vers] = nfsd_support_version(vers);
206 break;
207 case NFSD_CLEAR:
208 nfsd_netns_init_versions(nn);
209 if (nn->nfsd_versions)
210 nn->nfsd_versions[vers] = false;
211 break;
212 case NFSD_TEST:
213 if (nn->nfsd_versions)
214 return nn->nfsd_versions[vers];
215 fallthrough;
216 case NFSD_AVAIL:
217 return nfsd_support_version(vers);
218 }
219 return 0;
220 }
221
222 static void
nfsd_adjust_nfsd_versions4(struct nfsd_net * nn)223 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn)
224 {
225 unsigned i;
226
227 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) {
228 if (nn->nfsd4_minorversions[i])
229 return;
230 }
231 nfsd_vers(nn, 4, NFSD_CLEAR);
232 }
233
nfsd_minorversion(struct nfsd_net * nn,u32 minorversion,enum vers_op change)234 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change)
235 {
236 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION &&
237 change != NFSD_AVAIL)
238 return -1;
239
240 switch(change) {
241 case NFSD_SET:
242 if (nn->nfsd4_minorversions) {
243 nfsd_vers(nn, 4, NFSD_SET);
244 nn->nfsd4_minorversions[minorversion] =
245 nfsd_vers(nn, 4, NFSD_TEST);
246 }
247 break;
248 case NFSD_CLEAR:
249 nfsd_netns_init_versions(nn);
250 if (nn->nfsd4_minorversions) {
251 nn->nfsd4_minorversions[minorversion] = false;
252 nfsd_adjust_nfsd_versions4(nn);
253 }
254 break;
255 case NFSD_TEST:
256 if (nn->nfsd4_minorversions)
257 return nn->nfsd4_minorversions[minorversion];
258 return nfsd_vers(nn, 4, NFSD_TEST);
259 case NFSD_AVAIL:
260 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION &&
261 nfsd_vers(nn, 4, NFSD_AVAIL);
262 }
263 return 0;
264 }
265
266 /*
267 * Maximum number of nfsd processes
268 */
269 #define NFSD_MAXSERVS 8192
270
nfsd_nrthreads(struct net * net)271 int nfsd_nrthreads(struct net *net)
272 {
273 int rv = 0;
274 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
275
276 mutex_lock(&nfsd_mutex);
277 if (nn->nfsd_serv)
278 rv = nn->nfsd_serv->sv_nrthreads;
279 mutex_unlock(&nfsd_mutex);
280 return rv;
281 }
282
nfsd_init_socks(struct net * net,const struct cred * cred)283 static int nfsd_init_socks(struct net *net, const struct cred *cred)
284 {
285 int error;
286 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
287
288 if (!list_empty(&nn->nfsd_serv->sv_permsocks))
289 return 0;
290
291 error = svc_xprt_create(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT,
292 SVC_SOCK_DEFAULTS, cred);
293 if (error < 0)
294 return error;
295
296 error = svc_xprt_create(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT,
297 SVC_SOCK_DEFAULTS, cred);
298 if (error < 0)
299 return error;
300
301 return 0;
302 }
303
304 static int nfsd_users = 0;
305
nfsd_startup_generic(void)306 static int nfsd_startup_generic(void)
307 {
308 int ret;
309
310 if (nfsd_users++)
311 return 0;
312
313 ret = nfsd_file_cache_init();
314 if (ret)
315 goto dec_users;
316
317 ret = nfs4_state_start();
318 if (ret)
319 goto out_file_cache;
320 return 0;
321
322 out_file_cache:
323 nfsd_file_cache_shutdown();
324 dec_users:
325 nfsd_users--;
326 return ret;
327 }
328
nfsd_shutdown_generic(void)329 static void nfsd_shutdown_generic(void)
330 {
331 if (--nfsd_users)
332 return;
333
334 nfs4_state_shutdown();
335 nfsd_file_cache_shutdown();
336 }
337
nfsd_needs_lockd(struct nfsd_net * nn)338 static bool nfsd_needs_lockd(struct nfsd_net *nn)
339 {
340 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST);
341 }
342
343 /**
344 * nfsd_copy_write_verifier - Atomically copy a write verifier
345 * @verf: buffer in which to receive the verifier cookie
346 * @nn: NFS net namespace
347 *
348 * This function provides a wait-free mechanism for copying the
349 * namespace's write verifier without tearing it.
350 */
nfsd_copy_write_verifier(__be32 verf[2],struct nfsd_net * nn)351 void nfsd_copy_write_verifier(__be32 verf[2], struct nfsd_net *nn)
352 {
353 unsigned int seq;
354
355 do {
356 seq = read_seqbegin(&nn->writeverf_lock);
357 memcpy(verf, nn->writeverf, sizeof(nn->writeverf));
358 } while (read_seqretry(&nn->writeverf_lock, seq));
359 }
360
nfsd_reset_write_verifier_locked(struct nfsd_net * nn)361 static void nfsd_reset_write_verifier_locked(struct nfsd_net *nn)
362 {
363 struct timespec64 now;
364 u64 verf;
365
366 /*
367 * Because the time value is hashed, y2038 time_t overflow
368 * is irrelevant in this usage.
369 */
370 ktime_get_raw_ts64(&now);
371 verf = siphash_2u64(now.tv_sec, now.tv_nsec, &nn->siphash_key);
372 memcpy(nn->writeverf, &verf, sizeof(nn->writeverf));
373 }
374
375 /**
376 * nfsd_reset_write_verifier - Generate a new write verifier
377 * @nn: NFS net namespace
378 *
379 * This function updates the ->writeverf field of @nn. This field
380 * contains an opaque cookie that, according to Section 18.32.3 of
381 * RFC 8881, "the client can use to determine whether a server has
382 * changed instance state (e.g., server restart) between a call to
383 * WRITE and a subsequent call to either WRITE or COMMIT. This
384 * cookie MUST be unchanged during a single instance of the NFSv4.1
385 * server and MUST be unique between instances of the NFSv4.1
386 * server."
387 */
nfsd_reset_write_verifier(struct nfsd_net * nn)388 void nfsd_reset_write_verifier(struct nfsd_net *nn)
389 {
390 write_seqlock(&nn->writeverf_lock);
391 nfsd_reset_write_verifier_locked(nn);
392 write_sequnlock(&nn->writeverf_lock);
393 }
394
395 /*
396 * Crank up a set of per-namespace resources for a new NFSD instance,
397 * including lockd, a duplicate reply cache, an open file cache
398 * instance, and a cache of NFSv4 state objects.
399 */
nfsd_startup_net(struct net * net,const struct cred * cred)400 static int nfsd_startup_net(struct net *net, const struct cred *cred)
401 {
402 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
403 int ret;
404
405 if (nn->nfsd_net_up)
406 return 0;
407
408 ret = nfsd_startup_generic();
409 if (ret)
410 return ret;
411 ret = nfsd_init_socks(net, cred);
412 if (ret)
413 goto out_socks;
414
415 if (nfsd_needs_lockd(nn) && !nn->lockd_up) {
416 ret = lockd_up(net, cred);
417 if (ret)
418 goto out_socks;
419 nn->lockd_up = true;
420 }
421
422 ret = nfsd_file_cache_start_net(net);
423 if (ret)
424 goto out_lockd;
425
426 ret = nfsd_reply_cache_init(nn);
427 if (ret)
428 goto out_filecache;
429
430 ret = nfs4_state_start_net(net);
431 if (ret)
432 goto out_reply_cache;
433
434 #ifdef CONFIG_NFSD_V4_2_INTER_SSC
435 nfsd4_ssc_init_umount_work(nn);
436 #endif
437 nn->nfsd_net_up = true;
438 return 0;
439
440 out_reply_cache:
441 nfsd_reply_cache_shutdown(nn);
442 out_filecache:
443 nfsd_file_cache_shutdown_net(net);
444 out_lockd:
445 if (nn->lockd_up) {
446 lockd_down(net);
447 nn->lockd_up = false;
448 }
449 out_socks:
450 nfsd_shutdown_generic();
451 return ret;
452 }
453
nfsd_shutdown_net(struct net * net)454 static void nfsd_shutdown_net(struct net *net)
455 {
456 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
457
458 nfs4_state_shutdown_net(net);
459 nfsd_reply_cache_shutdown(nn);
460 nfsd_file_cache_shutdown_net(net);
461 if (nn->lockd_up) {
462 lockd_down(net);
463 nn->lockd_up = false;
464 }
465 nn->nfsd_net_up = false;
466 nfsd_shutdown_generic();
467 }
468
469 static DEFINE_SPINLOCK(nfsd_notifier_lock);
nfsd_inetaddr_event(struct notifier_block * this,unsigned long event,void * ptr)470 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event,
471 void *ptr)
472 {
473 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr;
474 struct net_device *dev = ifa->ifa_dev->dev;
475 struct net *net = dev_net(dev);
476 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
477 struct sockaddr_in sin;
478
479 if (event != NETDEV_DOWN || !nn->nfsd_serv)
480 goto out;
481
482 spin_lock(&nfsd_notifier_lock);
483 if (nn->nfsd_serv) {
484 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local);
485 sin.sin_family = AF_INET;
486 sin.sin_addr.s_addr = ifa->ifa_local;
487 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin);
488 }
489 spin_unlock(&nfsd_notifier_lock);
490
491 out:
492 return NOTIFY_DONE;
493 }
494
495 static struct notifier_block nfsd_inetaddr_notifier = {
496 .notifier_call = nfsd_inetaddr_event,
497 };
498
499 #if IS_ENABLED(CONFIG_IPV6)
nfsd_inet6addr_event(struct notifier_block * this,unsigned long event,void * ptr)500 static int nfsd_inet6addr_event(struct notifier_block *this,
501 unsigned long event, void *ptr)
502 {
503 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr;
504 struct net_device *dev = ifa->idev->dev;
505 struct net *net = dev_net(dev);
506 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
507 struct sockaddr_in6 sin6;
508
509 if (event != NETDEV_DOWN || !nn->nfsd_serv)
510 goto out;
511
512 spin_lock(&nfsd_notifier_lock);
513 if (nn->nfsd_serv) {
514 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr);
515 sin6.sin6_family = AF_INET6;
516 sin6.sin6_addr = ifa->addr;
517 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL)
518 sin6.sin6_scope_id = ifa->idev->dev->ifindex;
519 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6);
520 }
521 spin_unlock(&nfsd_notifier_lock);
522
523 out:
524 return NOTIFY_DONE;
525 }
526
527 static struct notifier_block nfsd_inet6addr_notifier = {
528 .notifier_call = nfsd_inet6addr_event,
529 };
530 #endif
531
532 /* Only used under nfsd_mutex, so this atomic may be overkill: */
533 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0);
534
535 /**
536 * nfsd_destroy_serv - tear down NFSD's svc_serv for a namespace
537 * @net: network namespace the NFS service is associated with
538 */
nfsd_destroy_serv(struct net * net)539 void nfsd_destroy_serv(struct net *net)
540 {
541 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
542 struct svc_serv *serv = nn->nfsd_serv;
543
544 spin_lock(&nfsd_notifier_lock);
545 nn->nfsd_serv = NULL;
546 spin_unlock(&nfsd_notifier_lock);
547
548 /* check if the notifier still has clients */
549 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) {
550 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier);
551 #if IS_ENABLED(CONFIG_IPV6)
552 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier);
553 #endif
554 }
555
556 svc_xprt_destroy_all(serv, net);
557
558 /*
559 * write_ports can create the server without actually starting
560 * any threads--if we get shut down before any threads are
561 * started, then nfsd_destroy_serv will be run before any of this
562 * other initialization has been done except the rpcb information.
563 */
564 svc_rpcb_cleanup(serv, net);
565 if (!nn->nfsd_net_up)
566 return;
567
568 nfsd_shutdown_net(net);
569 nfsd_export_flush(net);
570 svc_destroy(&serv);
571 }
572
nfsd_reset_versions(struct nfsd_net * nn)573 void nfsd_reset_versions(struct nfsd_net *nn)
574 {
575 int i;
576
577 for (i = 0; i < NFSD_NRVERS; i++)
578 if (nfsd_vers(nn, i, NFSD_TEST))
579 return;
580
581 for (i = 0; i < NFSD_NRVERS; i++)
582 if (i != 4)
583 nfsd_vers(nn, i, NFSD_SET);
584 else {
585 int minor = 0;
586 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0)
587 minor++;
588 }
589 }
590
591 /*
592 * Each session guarantees a negotiated per slot memory cache for replies
593 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated
594 * NFSv4.1 server might want to use more memory for a DRC than a machine
595 * with mutiple services.
596 *
597 * Impose a hard limit on the number of pages for the DRC which varies
598 * according to the machines free pages. This is of course only a default.
599 *
600 * For now this is a #defined shift which could be under admin control
601 * in the future.
602 */
set_max_drc(void)603 static void set_max_drc(void)
604 {
605 #define NFSD_DRC_SIZE_SHIFT 7
606 nfsd_drc_max_mem = (nr_free_buffer_pages()
607 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE;
608 nfsd_drc_mem_used = 0;
609 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem);
610 }
611
nfsd_get_default_max_blksize(void)612 static int nfsd_get_default_max_blksize(void)
613 {
614 struct sysinfo i;
615 unsigned long long target;
616 unsigned long ret;
617
618 si_meminfo(&i);
619 target = (i.totalram - i.totalhigh) << PAGE_SHIFT;
620 /*
621 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig
622 * machines, but only uses 32K on 128M machines. Bottom out at
623 * 8K on 32M and smaller. Of course, this is only a default.
624 */
625 target >>= 12;
626
627 ret = NFSSVC_MAXBLKSIZE;
628 while (ret > target && ret >= 8*1024*2)
629 ret /= 2;
630 return ret;
631 }
632
nfsd_shutdown_threads(struct net * net)633 void nfsd_shutdown_threads(struct net *net)
634 {
635 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
636 struct svc_serv *serv;
637
638 mutex_lock(&nfsd_mutex);
639 serv = nn->nfsd_serv;
640 if (serv == NULL) {
641 mutex_unlock(&nfsd_mutex);
642 return;
643 }
644
645 /* Kill outstanding nfsd threads */
646 svc_set_num_threads(serv, NULL, 0);
647 nfsd_destroy_serv(net);
648 mutex_unlock(&nfsd_mutex);
649 }
650
i_am_nfsd(void)651 bool i_am_nfsd(void)
652 {
653 return kthread_func(current) == nfsd;
654 }
655
nfsd_create_serv(struct net * net)656 int nfsd_create_serv(struct net *net)
657 {
658 int error;
659 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
660 struct svc_serv *serv;
661
662 WARN_ON(!mutex_is_locked(&nfsd_mutex));
663 if (nn->nfsd_serv)
664 return 0;
665
666 if (nfsd_max_blksize == 0)
667 nfsd_max_blksize = nfsd_get_default_max_blksize();
668 nfsd_reset_versions(nn);
669 serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize, nfsd);
670 if (serv == NULL)
671 return -ENOMEM;
672
673 serv->sv_maxconn = nn->max_connections;
674 error = svc_bind(serv, net);
675 if (error < 0) {
676 svc_destroy(&serv);
677 return error;
678 }
679 spin_lock(&nfsd_notifier_lock);
680 nn->nfsd_info.mutex = &nfsd_mutex;
681 nn->nfsd_serv = serv;
682 spin_unlock(&nfsd_notifier_lock);
683
684 set_max_drc();
685 /* check if the notifier is already set */
686 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) {
687 register_inetaddr_notifier(&nfsd_inetaddr_notifier);
688 #if IS_ENABLED(CONFIG_IPV6)
689 register_inet6addr_notifier(&nfsd_inet6addr_notifier);
690 #endif
691 }
692 nfsd_reset_write_verifier(nn);
693 return 0;
694 }
695
nfsd_nrpools(struct net * net)696 int nfsd_nrpools(struct net *net)
697 {
698 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
699
700 if (nn->nfsd_serv == NULL)
701 return 0;
702 else
703 return nn->nfsd_serv->sv_nrpools;
704 }
705
nfsd_get_nrthreads(int n,int * nthreads,struct net * net)706 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net)
707 {
708 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
709 struct svc_serv *serv = nn->nfsd_serv;
710 int i;
711
712 if (serv)
713 for (i = 0; i < serv->sv_nrpools && i < n; i++)
714 nthreads[i] = atomic_read(&serv->sv_pools[i].sp_nrthreads);
715 return 0;
716 }
717
nfsd_set_nrthreads(int n,int * nthreads,struct net * net)718 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net)
719 {
720 int i = 0;
721 int tot = 0;
722 int err = 0;
723 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
724
725 WARN_ON(!mutex_is_locked(&nfsd_mutex));
726
727 if (nn->nfsd_serv == NULL || n <= 0)
728 return 0;
729
730 if (n > nn->nfsd_serv->sv_nrpools)
731 n = nn->nfsd_serv->sv_nrpools;
732
733 /* enforce a global maximum number of threads */
734 tot = 0;
735 for (i = 0; i < n; i++) {
736 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS);
737 tot += nthreads[i];
738 }
739 if (tot > NFSD_MAXSERVS) {
740 /* total too large: scale down requested numbers */
741 for (i = 0; i < n && tot > 0; i++) {
742 int new = nthreads[i] * NFSD_MAXSERVS / tot;
743 tot -= (nthreads[i] - new);
744 nthreads[i] = new;
745 }
746 for (i = 0; i < n && tot > 0; i++) {
747 nthreads[i]--;
748 tot--;
749 }
750 }
751
752 /*
753 * There must always be a thread in pool 0; the admin
754 * can't shut down NFS completely using pool_threads.
755 */
756 if (nthreads[0] == 0)
757 nthreads[0] = 1;
758
759 /* apply the new numbers */
760 for (i = 0; i < n; i++) {
761 err = svc_set_num_threads(nn->nfsd_serv,
762 &nn->nfsd_serv->sv_pools[i],
763 nthreads[i]);
764 if (err)
765 break;
766 }
767 return err;
768 }
769
770 /*
771 * Adjust the number of threads and return the new number of threads.
772 * This is also the function that starts the server if necessary, if
773 * this is the first time nrservs is nonzero.
774 */
775 int
nfsd_svc(int nrservs,struct net * net,const struct cred * cred)776 nfsd_svc(int nrservs, struct net *net, const struct cred *cred)
777 {
778 int error;
779 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
780 struct svc_serv *serv;
781
782 mutex_lock(&nfsd_mutex);
783 dprintk("nfsd: creating service\n");
784
785 nrservs = max(nrservs, 0);
786 nrservs = min(nrservs, NFSD_MAXSERVS);
787 error = 0;
788
789 if (nrservs == 0 && nn->nfsd_serv == NULL)
790 goto out;
791
792 strscpy(nn->nfsd_name, utsname()->nodename,
793 sizeof(nn->nfsd_name));
794
795 error = nfsd_create_serv(net);
796 if (error)
797 goto out;
798 serv = nn->nfsd_serv;
799
800 error = nfsd_startup_net(net, cred);
801 if (error)
802 goto out_put;
803 error = svc_set_num_threads(serv, NULL, nrservs);
804 if (error)
805 goto out_put;
806 error = serv->sv_nrthreads;
807 out_put:
808 if (serv->sv_nrthreads == 0)
809 nfsd_destroy_serv(net);
810 out:
811 mutex_unlock(&nfsd_mutex);
812 return error;
813 }
814
815 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
816 static bool
nfsd_support_acl_version(int vers)817 nfsd_support_acl_version(int vers)
818 {
819 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS)
820 return nfsd_acl_version[vers] != NULL;
821 return false;
822 }
823
824 static int
nfsd_acl_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)825 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp,
826 u32 version, int family, unsigned short proto,
827 unsigned short port)
828 {
829 if (!nfsd_support_acl_version(version) ||
830 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
831 return 0;
832 return svc_generic_rpcbind_set(net, progp, version, family,
833 proto, port);
834 }
835
836 static __be32
nfsd_acl_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)837 nfsd_acl_init_request(struct svc_rqst *rqstp,
838 const struct svc_program *progp,
839 struct svc_process_info *ret)
840 {
841 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
842 int i;
843
844 if (likely(nfsd_support_acl_version(rqstp->rq_vers) &&
845 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
846 return svc_generic_init_request(rqstp, progp, ret);
847
848 ret->mismatch.lovers = NFSD_ACL_NRVERS;
849 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) {
850 if (nfsd_support_acl_version(rqstp->rq_vers) &&
851 nfsd_vers(nn, i, NFSD_TEST)) {
852 ret->mismatch.lovers = i;
853 break;
854 }
855 }
856 if (ret->mismatch.lovers == NFSD_ACL_NRVERS)
857 return rpc_prog_unavail;
858 ret->mismatch.hivers = NFSD_ACL_MINVERS;
859 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) {
860 if (nfsd_support_acl_version(rqstp->rq_vers) &&
861 nfsd_vers(nn, i, NFSD_TEST)) {
862 ret->mismatch.hivers = i;
863 break;
864 }
865 }
866 return rpc_prog_mismatch;
867 }
868 #endif
869
870 static int
nfsd_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)871 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp,
872 u32 version, int family, unsigned short proto,
873 unsigned short port)
874 {
875 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
876 return 0;
877 return svc_generic_rpcbind_set(net, progp, version, family,
878 proto, port);
879 }
880
881 static __be32
nfsd_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)882 nfsd_init_request(struct svc_rqst *rqstp,
883 const struct svc_program *progp,
884 struct svc_process_info *ret)
885 {
886 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
887 int i;
888
889 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
890 return svc_generic_init_request(rqstp, progp, ret);
891
892 ret->mismatch.lovers = NFSD_NRVERS;
893 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) {
894 if (nfsd_vers(nn, i, NFSD_TEST)) {
895 ret->mismatch.lovers = i;
896 break;
897 }
898 }
899 if (ret->mismatch.lovers == NFSD_NRVERS)
900 return rpc_prog_unavail;
901 ret->mismatch.hivers = NFSD_MINVERS;
902 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) {
903 if (nfsd_vers(nn, i, NFSD_TEST)) {
904 ret->mismatch.hivers = i;
905 break;
906 }
907 }
908 return rpc_prog_mismatch;
909 }
910
911 /*
912 * This is the NFS server kernel thread
913 */
914 static int
nfsd(void * vrqstp)915 nfsd(void *vrqstp)
916 {
917 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp;
918 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list);
919 struct net *net = perm_sock->xpt_net;
920 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
921
922 /* At this point, the thread shares current->fs
923 * with the init process. We need to create files with the
924 * umask as defined by the client instead of init's umask. */
925 if (unshare_fs_struct() < 0) {
926 printk("Unable to start nfsd thread: out of memory\n");
927 goto out;
928 }
929
930 current->fs->umask = 0;
931
932 atomic_inc(&nfsdstats.th_cnt);
933
934 set_freezable();
935
936 /*
937 * The main request loop
938 */
939 while (!svc_thread_should_stop(rqstp)) {
940 /* Update sv_maxconn if it has changed */
941 rqstp->rq_server->sv_maxconn = nn->max_connections;
942
943 svc_recv(rqstp);
944 }
945
946 atomic_dec(&nfsdstats.th_cnt);
947
948 out:
949 /* Release the thread */
950 svc_exit_thread(rqstp);
951 return 0;
952 }
953
954 /**
955 * nfsd_dispatch - Process an NFS or NFSACL Request
956 * @rqstp: incoming request
957 *
958 * This RPC dispatcher integrates the NFS server's duplicate reply cache.
959 *
960 * Return values:
961 * %0: Processing complete; do not send a Reply
962 * %1: Processing complete; send Reply in rqstp->rq_res
963 */
nfsd_dispatch(struct svc_rqst * rqstp)964 int nfsd_dispatch(struct svc_rqst *rqstp)
965 {
966 const struct svc_procedure *proc = rqstp->rq_procinfo;
967 __be32 *statp = rqstp->rq_accept_statp;
968 struct nfsd_cacherep *rp;
969 unsigned int start, len;
970 __be32 *nfs_reply;
971
972 /*
973 * Give the xdr decoder a chance to change this if it wants
974 * (necessary in the NFSv4.0 compound case)
975 */
976 rqstp->rq_cachetype = proc->pc_cachetype;
977
978 /*
979 * ->pc_decode advances the argument stream past the NFS
980 * Call header, so grab the header's starting location and
981 * size now for the call to nfsd_cache_lookup().
982 */
983 start = xdr_stream_pos(&rqstp->rq_arg_stream);
984 len = xdr_stream_remaining(&rqstp->rq_arg_stream);
985 if (!proc->pc_decode(rqstp, &rqstp->rq_arg_stream))
986 goto out_decode_err;
987
988 /*
989 * Release rq_status_counter setting it to an odd value after the rpc
990 * request has been properly parsed. rq_status_counter is used to
991 * notify the consumers if the rqstp fields are stable
992 * (rq_status_counter is odd) or not meaningful (rq_status_counter
993 * is even).
994 */
995 smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter | 1);
996
997 rp = NULL;
998 switch (nfsd_cache_lookup(rqstp, start, len, &rp)) {
999 case RC_DOIT:
1000 break;
1001 case RC_REPLY:
1002 goto out_cached_reply;
1003 case RC_DROPIT:
1004 goto out_dropit;
1005 }
1006
1007 nfs_reply = xdr_inline_decode(&rqstp->rq_res_stream, 0);
1008 *statp = proc->pc_func(rqstp);
1009 if (test_bit(RQ_DROPME, &rqstp->rq_flags))
1010 goto out_update_drop;
1011
1012 if (!proc->pc_encode(rqstp, &rqstp->rq_res_stream))
1013 goto out_encode_err;
1014
1015 /*
1016 * Release rq_status_counter setting it to an even value after the rpc
1017 * request has been properly processed.
1018 */
1019 smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter + 1);
1020
1021 nfsd_cache_update(rqstp, rp, rqstp->rq_cachetype, nfs_reply);
1022 out_cached_reply:
1023 return 1;
1024
1025 out_decode_err:
1026 trace_nfsd_garbage_args_err(rqstp);
1027 *statp = rpc_garbage_args;
1028 return 1;
1029
1030 out_update_drop:
1031 nfsd_cache_update(rqstp, rp, RC_NOCACHE, NULL);
1032 out_dropit:
1033 return 0;
1034
1035 out_encode_err:
1036 trace_nfsd_cant_encode_err(rqstp);
1037 nfsd_cache_update(rqstp, rp, RC_NOCACHE, NULL);
1038 *statp = rpc_system_err;
1039 return 1;
1040 }
1041
1042 /**
1043 * nfssvc_decode_voidarg - Decode void arguments
1044 * @rqstp: Server RPC transaction context
1045 * @xdr: XDR stream positioned at arguments to decode
1046 *
1047 * Return values:
1048 * %false: Arguments were not valid
1049 * %true: Decoding was successful
1050 */
nfssvc_decode_voidarg(struct svc_rqst * rqstp,struct xdr_stream * xdr)1051 bool nfssvc_decode_voidarg(struct svc_rqst *rqstp, struct xdr_stream *xdr)
1052 {
1053 return true;
1054 }
1055
1056 /**
1057 * nfssvc_encode_voidres - Encode void results
1058 * @rqstp: Server RPC transaction context
1059 * @xdr: XDR stream into which to encode results
1060 *
1061 * Return values:
1062 * %false: Local error while encoding
1063 * %true: Encoding was successful
1064 */
nfssvc_encode_voidres(struct svc_rqst * rqstp,struct xdr_stream * xdr)1065 bool nfssvc_encode_voidres(struct svc_rqst *rqstp, struct xdr_stream *xdr)
1066 {
1067 return true;
1068 }
1069
nfsd_pool_stats_open(struct inode * inode,struct file * file)1070 int nfsd_pool_stats_open(struct inode *inode, struct file *file)
1071 {
1072 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id);
1073
1074 return svc_pool_stats_open(&nn->nfsd_info, file);
1075 }
1076