1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Central processing for nfsd.
4 *
5 * Authors: Olaf Kirch (okir@monad.swb.de)
6 *
7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 */
9
10 #include <linux/sched/signal.h>
11 #include <linux/freezer.h>
12 #include <linux/module.h>
13 #include <linux/fs_struct.h>
14 #include <linux/swap.h>
15 #include <linux/siphash.h>
16
17 #include <linux/sunrpc/stats.h>
18 #include <linux/sunrpc/svcsock.h>
19 #include <linux/sunrpc/svc_xprt.h>
20 #include <linux/lockd/bind.h>
21 #include <linux/nfsacl.h>
22 #include <linux/seq_file.h>
23 #include <linux/inetdevice.h>
24 #include <net/addrconf.h>
25 #include <net/ipv6.h>
26 #include <net/net_namespace.h>
27 #include "nfsd.h"
28 #include "cache.h"
29 #include "vfs.h"
30 #include "netns.h"
31 #include "filecache.h"
32
33 #include "trace.h"
34
35 #define NFSDDBG_FACILITY NFSDDBG_SVC
36
37 atomic_t nfsd_th_cnt = ATOMIC_INIT(0);
38 extern struct svc_program nfsd_program;
39 static int nfsd(void *vrqstp);
40 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
41 static int nfsd_acl_rpcbind_set(struct net *,
42 const struct svc_program *,
43 u32, int,
44 unsigned short,
45 unsigned short);
46 static __be32 nfsd_acl_init_request(struct svc_rqst *,
47 const struct svc_program *,
48 struct svc_process_info *);
49 #endif
50 static int nfsd_rpcbind_set(struct net *,
51 const struct svc_program *,
52 u32, int,
53 unsigned short,
54 unsigned short);
55 static __be32 nfsd_init_request(struct svc_rqst *,
56 const struct svc_program *,
57 struct svc_process_info *);
58
59 /*
60 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and some members
61 * of the svc_serv struct such as ->sv_temp_socks and ->sv_permsocks.
62 *
63 * Finally, the nfsd_mutex also protects some of the global variables that are
64 * accessed when nfsd starts and that are settable via the write_* routines in
65 * nfsctl.c. In particular:
66 *
67 * user_recovery_dirname
68 * user_lease_time
69 * nfsd_versions
70 */
71 DEFINE_MUTEX(nfsd_mutex);
72
73 /*
74 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used.
75 * nfsd_drc_max_pages limits the total amount of memory available for
76 * version 4.1 DRC caches.
77 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage.
78 */
79 DEFINE_SPINLOCK(nfsd_drc_lock);
80 unsigned long nfsd_drc_max_mem;
81 unsigned long nfsd_drc_mem_used;
82
83 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
84 static const struct svc_version *nfsd_acl_version[] = {
85 # if defined(CONFIG_NFSD_V2_ACL)
86 [2] = &nfsd_acl_version2,
87 # endif
88 # if defined(CONFIG_NFSD_V3_ACL)
89 [3] = &nfsd_acl_version3,
90 # endif
91 };
92
93 #define NFSD_ACL_MINVERS 2
94 #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version)
95
96 static struct svc_program nfsd_acl_program = {
97 .pg_prog = NFS_ACL_PROGRAM,
98 .pg_nvers = NFSD_ACL_NRVERS,
99 .pg_vers = nfsd_acl_version,
100 .pg_name = "nfsacl",
101 .pg_class = "nfsd",
102 .pg_authenticate = &svc_set_client,
103 .pg_init_request = nfsd_acl_init_request,
104 .pg_rpcbind_set = nfsd_acl_rpcbind_set,
105 };
106
107 #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */
108
109 static const struct svc_version *nfsd_version[] = {
110 #if defined(CONFIG_NFSD_V2)
111 [2] = &nfsd_version2,
112 #endif
113 [3] = &nfsd_version3,
114 #if defined(CONFIG_NFSD_V4)
115 [4] = &nfsd_version4,
116 #endif
117 };
118
119 #define NFSD_MINVERS 2
120 #define NFSD_NRVERS ARRAY_SIZE(nfsd_version)
121
122 struct svc_program nfsd_program = {
123 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
124 .pg_next = &nfsd_acl_program,
125 #endif
126 .pg_prog = NFS_PROGRAM, /* program number */
127 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */
128 .pg_vers = nfsd_version, /* version table */
129 .pg_name = "nfsd", /* program name */
130 .pg_class = "nfsd", /* authentication class */
131 .pg_authenticate = &svc_set_client, /* export authentication */
132 .pg_init_request = nfsd_init_request,
133 .pg_rpcbind_set = nfsd_rpcbind_set,
134 };
135
nfsd_support_version(int vers)136 bool nfsd_support_version(int vers)
137 {
138 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS)
139 return nfsd_version[vers] != NULL;
140 return false;
141 }
142
143 static bool *
nfsd_alloc_versions(void)144 nfsd_alloc_versions(void)
145 {
146 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL);
147 unsigned i;
148
149 if (vers) {
150 /* All compiled versions are enabled by default */
151 for (i = 0; i < NFSD_NRVERS; i++)
152 vers[i] = nfsd_support_version(i);
153 }
154 return vers;
155 }
156
157 static bool *
nfsd_alloc_minorversions(void)158 nfsd_alloc_minorversions(void)
159 {
160 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1,
161 sizeof(bool), GFP_KERNEL);
162 unsigned i;
163
164 if (vers) {
165 /* All minor versions are enabled by default */
166 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++)
167 vers[i] = nfsd_support_version(4);
168 }
169 return vers;
170 }
171
172 void
nfsd_netns_free_versions(struct nfsd_net * nn)173 nfsd_netns_free_versions(struct nfsd_net *nn)
174 {
175 kfree(nn->nfsd_versions);
176 kfree(nn->nfsd4_minorversions);
177 nn->nfsd_versions = NULL;
178 nn->nfsd4_minorversions = NULL;
179 }
180
181 static void
nfsd_netns_init_versions(struct nfsd_net * nn)182 nfsd_netns_init_versions(struct nfsd_net *nn)
183 {
184 if (!nn->nfsd_versions) {
185 nn->nfsd_versions = nfsd_alloc_versions();
186 nn->nfsd4_minorversions = nfsd_alloc_minorversions();
187 if (!nn->nfsd_versions || !nn->nfsd4_minorversions)
188 nfsd_netns_free_versions(nn);
189 }
190 }
191
nfsd_vers(struct nfsd_net * nn,int vers,enum vers_op change)192 int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change)
193 {
194 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS)
195 return 0;
196 switch(change) {
197 case NFSD_SET:
198 if (nn->nfsd_versions)
199 nn->nfsd_versions[vers] = nfsd_support_version(vers);
200 break;
201 case NFSD_CLEAR:
202 nfsd_netns_init_versions(nn);
203 if (nn->nfsd_versions)
204 nn->nfsd_versions[vers] = false;
205 break;
206 case NFSD_TEST:
207 if (nn->nfsd_versions)
208 return nn->nfsd_versions[vers];
209 fallthrough;
210 case NFSD_AVAIL:
211 return nfsd_support_version(vers);
212 }
213 return 0;
214 }
215
216 static void
nfsd_adjust_nfsd_versions4(struct nfsd_net * nn)217 nfsd_adjust_nfsd_versions4(struct nfsd_net *nn)
218 {
219 unsigned i;
220
221 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) {
222 if (nn->nfsd4_minorversions[i])
223 return;
224 }
225 nfsd_vers(nn, 4, NFSD_CLEAR);
226 }
227
nfsd_minorversion(struct nfsd_net * nn,u32 minorversion,enum vers_op change)228 int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change)
229 {
230 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION &&
231 change != NFSD_AVAIL)
232 return -1;
233
234 switch(change) {
235 case NFSD_SET:
236 if (nn->nfsd4_minorversions) {
237 nfsd_vers(nn, 4, NFSD_SET);
238 nn->nfsd4_minorversions[minorversion] =
239 nfsd_vers(nn, 4, NFSD_TEST);
240 }
241 break;
242 case NFSD_CLEAR:
243 nfsd_netns_init_versions(nn);
244 if (nn->nfsd4_minorversions) {
245 nn->nfsd4_minorversions[minorversion] = false;
246 nfsd_adjust_nfsd_versions4(nn);
247 }
248 break;
249 case NFSD_TEST:
250 if (nn->nfsd4_minorversions)
251 return nn->nfsd4_minorversions[minorversion];
252 return nfsd_vers(nn, 4, NFSD_TEST);
253 case NFSD_AVAIL:
254 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION &&
255 nfsd_vers(nn, 4, NFSD_AVAIL);
256 }
257 return 0;
258 }
259
260 /*
261 * Maximum number of nfsd processes
262 */
263 #define NFSD_MAXSERVS 8192
264
nfsd_nrthreads(struct net * net)265 int nfsd_nrthreads(struct net *net)
266 {
267 int rv = 0;
268 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
269
270 mutex_lock(&nfsd_mutex);
271 if (nn->nfsd_serv)
272 rv = nn->nfsd_serv->sv_nrthreads;
273 mutex_unlock(&nfsd_mutex);
274 return rv;
275 }
276
nfsd_init_socks(struct net * net,const struct cred * cred)277 static int nfsd_init_socks(struct net *net, const struct cred *cred)
278 {
279 int error;
280 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
281
282 if (!list_empty(&nn->nfsd_serv->sv_permsocks))
283 return 0;
284
285 error = svc_xprt_create(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT,
286 SVC_SOCK_DEFAULTS, cred);
287 if (error < 0)
288 return error;
289
290 error = svc_xprt_create(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT,
291 SVC_SOCK_DEFAULTS, cred);
292 if (error < 0)
293 return error;
294
295 return 0;
296 }
297
298 static int nfsd_users = 0;
299
nfsd_startup_generic(void)300 static int nfsd_startup_generic(void)
301 {
302 int ret;
303
304 if (nfsd_users++)
305 return 0;
306
307 ret = nfsd_file_cache_init();
308 if (ret)
309 goto dec_users;
310
311 ret = nfs4_state_start();
312 if (ret)
313 goto out_file_cache;
314 return 0;
315
316 out_file_cache:
317 nfsd_file_cache_shutdown();
318 dec_users:
319 nfsd_users--;
320 return ret;
321 }
322
nfsd_shutdown_generic(void)323 static void nfsd_shutdown_generic(void)
324 {
325 if (--nfsd_users)
326 return;
327
328 nfs4_state_shutdown();
329 nfsd_file_cache_shutdown();
330 }
331
nfsd_needs_lockd(struct nfsd_net * nn)332 static bool nfsd_needs_lockd(struct nfsd_net *nn)
333 {
334 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST);
335 }
336
337 /**
338 * nfsd_copy_write_verifier - Atomically copy a write verifier
339 * @verf: buffer in which to receive the verifier cookie
340 * @nn: NFS net namespace
341 *
342 * This function provides a wait-free mechanism for copying the
343 * namespace's write verifier without tearing it.
344 */
nfsd_copy_write_verifier(__be32 verf[2],struct nfsd_net * nn)345 void nfsd_copy_write_verifier(__be32 verf[2], struct nfsd_net *nn)
346 {
347 unsigned int seq;
348
349 do {
350 seq = read_seqbegin(&nn->writeverf_lock);
351 memcpy(verf, nn->writeverf, sizeof(nn->writeverf));
352 } while (read_seqretry(&nn->writeverf_lock, seq));
353 }
354
nfsd_reset_write_verifier_locked(struct nfsd_net * nn)355 static void nfsd_reset_write_verifier_locked(struct nfsd_net *nn)
356 {
357 struct timespec64 now;
358 u64 verf;
359
360 /*
361 * Because the time value is hashed, y2038 time_t overflow
362 * is irrelevant in this usage.
363 */
364 ktime_get_raw_ts64(&now);
365 verf = siphash_2u64(now.tv_sec, now.tv_nsec, &nn->siphash_key);
366 memcpy(nn->writeverf, &verf, sizeof(nn->writeverf));
367 }
368
369 /**
370 * nfsd_reset_write_verifier - Generate a new write verifier
371 * @nn: NFS net namespace
372 *
373 * This function updates the ->writeverf field of @nn. This field
374 * contains an opaque cookie that, according to Section 18.32.3 of
375 * RFC 8881, "the client can use to determine whether a server has
376 * changed instance state (e.g., server restart) between a call to
377 * WRITE and a subsequent call to either WRITE or COMMIT. This
378 * cookie MUST be unchanged during a single instance of the NFSv4.1
379 * server and MUST be unique between instances of the NFSv4.1
380 * server."
381 */
nfsd_reset_write_verifier(struct nfsd_net * nn)382 void nfsd_reset_write_verifier(struct nfsd_net *nn)
383 {
384 write_seqlock(&nn->writeverf_lock);
385 nfsd_reset_write_verifier_locked(nn);
386 write_sequnlock(&nn->writeverf_lock);
387 }
388
389 /*
390 * Crank up a set of per-namespace resources for a new NFSD instance,
391 * including lockd, a duplicate reply cache, an open file cache
392 * instance, and a cache of NFSv4 state objects.
393 */
nfsd_startup_net(struct net * net,const struct cred * cred)394 static int nfsd_startup_net(struct net *net, const struct cred *cred)
395 {
396 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
397 int ret;
398
399 if (nn->nfsd_net_up)
400 return 0;
401
402 ret = nfsd_startup_generic();
403 if (ret)
404 return ret;
405 ret = nfsd_init_socks(net, cred);
406 if (ret)
407 goto out_socks;
408
409 if (nfsd_needs_lockd(nn) && !nn->lockd_up) {
410 ret = lockd_up(net, cred);
411 if (ret)
412 goto out_socks;
413 nn->lockd_up = true;
414 }
415
416 ret = nfsd_file_cache_start_net(net);
417 if (ret)
418 goto out_lockd;
419
420 ret = nfsd_reply_cache_init(nn);
421 if (ret)
422 goto out_filecache;
423
424 ret = nfs4_state_start_net(net);
425 if (ret)
426 goto out_reply_cache;
427
428 #ifdef CONFIG_NFSD_V4_2_INTER_SSC
429 nfsd4_ssc_init_umount_work(nn);
430 #endif
431 nn->nfsd_net_up = true;
432 return 0;
433
434 out_reply_cache:
435 nfsd_reply_cache_shutdown(nn);
436 out_filecache:
437 nfsd_file_cache_shutdown_net(net);
438 out_lockd:
439 if (nn->lockd_up) {
440 lockd_down(net);
441 nn->lockd_up = false;
442 }
443 out_socks:
444 nfsd_shutdown_generic();
445 return ret;
446 }
447
nfsd_shutdown_net(struct net * net)448 static void nfsd_shutdown_net(struct net *net)
449 {
450 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
451
452 nfs4_state_shutdown_net(net);
453 nfsd_reply_cache_shutdown(nn);
454 nfsd_file_cache_shutdown_net(net);
455 if (nn->lockd_up) {
456 lockd_down(net);
457 nn->lockd_up = false;
458 }
459 nn->nfsd_net_up = false;
460 nfsd_shutdown_generic();
461 }
462
463 static DEFINE_SPINLOCK(nfsd_notifier_lock);
nfsd_inetaddr_event(struct notifier_block * this,unsigned long event,void * ptr)464 static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event,
465 void *ptr)
466 {
467 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr;
468 struct net_device *dev = ifa->ifa_dev->dev;
469 struct net *net = dev_net(dev);
470 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
471 struct sockaddr_in sin;
472
473 if (event != NETDEV_DOWN || !nn->nfsd_serv)
474 goto out;
475
476 spin_lock(&nfsd_notifier_lock);
477 if (nn->nfsd_serv) {
478 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local);
479 sin.sin_family = AF_INET;
480 sin.sin_addr.s_addr = ifa->ifa_local;
481 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin);
482 }
483 spin_unlock(&nfsd_notifier_lock);
484
485 out:
486 return NOTIFY_DONE;
487 }
488
489 static struct notifier_block nfsd_inetaddr_notifier = {
490 .notifier_call = nfsd_inetaddr_event,
491 };
492
493 #if IS_ENABLED(CONFIG_IPV6)
nfsd_inet6addr_event(struct notifier_block * this,unsigned long event,void * ptr)494 static int nfsd_inet6addr_event(struct notifier_block *this,
495 unsigned long event, void *ptr)
496 {
497 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr;
498 struct net_device *dev = ifa->idev->dev;
499 struct net *net = dev_net(dev);
500 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
501 struct sockaddr_in6 sin6;
502
503 if (event != NETDEV_DOWN || !nn->nfsd_serv)
504 goto out;
505
506 spin_lock(&nfsd_notifier_lock);
507 if (nn->nfsd_serv) {
508 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr);
509 sin6.sin6_family = AF_INET6;
510 sin6.sin6_addr = ifa->addr;
511 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL)
512 sin6.sin6_scope_id = ifa->idev->dev->ifindex;
513 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6);
514 }
515 spin_unlock(&nfsd_notifier_lock);
516
517 out:
518 return NOTIFY_DONE;
519 }
520
521 static struct notifier_block nfsd_inet6addr_notifier = {
522 .notifier_call = nfsd_inet6addr_event,
523 };
524 #endif
525
526 /* Only used under nfsd_mutex, so this atomic may be overkill: */
527 static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0);
528
529 /**
530 * nfsd_destroy_serv - tear down NFSD's svc_serv for a namespace
531 * @net: network namespace the NFS service is associated with
532 */
nfsd_destroy_serv(struct net * net)533 void nfsd_destroy_serv(struct net *net)
534 {
535 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
536 struct svc_serv *serv = nn->nfsd_serv;
537
538 spin_lock(&nfsd_notifier_lock);
539 nn->nfsd_serv = NULL;
540 spin_unlock(&nfsd_notifier_lock);
541
542 /* check if the notifier still has clients */
543 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) {
544 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier);
545 #if IS_ENABLED(CONFIG_IPV6)
546 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier);
547 #endif
548 }
549
550 svc_xprt_destroy_all(serv, net);
551
552 /*
553 * write_ports can create the server without actually starting
554 * any threads--if we get shut down before any threads are
555 * started, then nfsd_destroy_serv will be run before any of this
556 * other initialization has been done except the rpcb information.
557 */
558 svc_rpcb_cleanup(serv, net);
559 if (!nn->nfsd_net_up)
560 return;
561
562 nfsd_shutdown_net(net);
563 nfsd_export_flush(net);
564 svc_destroy(&serv);
565 }
566
nfsd_reset_versions(struct nfsd_net * nn)567 void nfsd_reset_versions(struct nfsd_net *nn)
568 {
569 int i;
570
571 for (i = 0; i < NFSD_NRVERS; i++)
572 if (nfsd_vers(nn, i, NFSD_TEST))
573 return;
574
575 for (i = 0; i < NFSD_NRVERS; i++)
576 if (i != 4)
577 nfsd_vers(nn, i, NFSD_SET);
578 else {
579 int minor = 0;
580 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0)
581 minor++;
582 }
583 }
584
585 /*
586 * Each session guarantees a negotiated per slot memory cache for replies
587 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated
588 * NFSv4.1 server might want to use more memory for a DRC than a machine
589 * with mutiple services.
590 *
591 * Impose a hard limit on the number of pages for the DRC which varies
592 * according to the machines free pages. This is of course only a default.
593 *
594 * For now this is a #defined shift which could be under admin control
595 * in the future.
596 */
set_max_drc(void)597 static void set_max_drc(void)
598 {
599 #define NFSD_DRC_SIZE_SHIFT 7
600 nfsd_drc_max_mem = (nr_free_buffer_pages()
601 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE;
602 nfsd_drc_mem_used = 0;
603 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem);
604 }
605
nfsd_get_default_max_blksize(void)606 static int nfsd_get_default_max_blksize(void)
607 {
608 struct sysinfo i;
609 unsigned long long target;
610 unsigned long ret;
611
612 si_meminfo(&i);
613 target = (i.totalram - i.totalhigh) << PAGE_SHIFT;
614 /*
615 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig
616 * machines, but only uses 32K on 128M machines. Bottom out at
617 * 8K on 32M and smaller. Of course, this is only a default.
618 */
619 target >>= 12;
620
621 ret = NFSSVC_MAXBLKSIZE;
622 while (ret > target && ret >= 8*1024*2)
623 ret /= 2;
624 return ret;
625 }
626
nfsd_shutdown_threads(struct net * net)627 void nfsd_shutdown_threads(struct net *net)
628 {
629 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
630 struct svc_serv *serv;
631
632 mutex_lock(&nfsd_mutex);
633 serv = nn->nfsd_serv;
634 if (serv == NULL) {
635 mutex_unlock(&nfsd_mutex);
636 return;
637 }
638
639 /* Kill outstanding nfsd threads */
640 svc_set_num_threads(serv, NULL, 0);
641 nfsd_destroy_serv(net);
642 mutex_unlock(&nfsd_mutex);
643 }
644
i_am_nfsd(void)645 bool i_am_nfsd(void)
646 {
647 return kthread_func(current) == nfsd;
648 }
649
nfsd_create_serv(struct net * net)650 int nfsd_create_serv(struct net *net)
651 {
652 int error;
653 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
654 struct svc_serv *serv;
655
656 WARN_ON(!mutex_is_locked(&nfsd_mutex));
657 if (nn->nfsd_serv)
658 return 0;
659
660 if (nfsd_max_blksize == 0)
661 nfsd_max_blksize = nfsd_get_default_max_blksize();
662 nfsd_reset_versions(nn);
663 serv = svc_create_pooled(&nfsd_program, &nn->nfsd_svcstats,
664 nfsd_max_blksize, nfsd);
665 if (serv == NULL)
666 return -ENOMEM;
667
668 serv->sv_maxconn = nn->max_connections;
669 error = svc_bind(serv, net);
670 if (error < 0) {
671 svc_destroy(&serv);
672 return error;
673 }
674 spin_lock(&nfsd_notifier_lock);
675 nn->nfsd_info.mutex = &nfsd_mutex;
676 nn->nfsd_serv = serv;
677 spin_unlock(&nfsd_notifier_lock);
678
679 set_max_drc();
680 /* check if the notifier is already set */
681 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) {
682 register_inetaddr_notifier(&nfsd_inetaddr_notifier);
683 #if IS_ENABLED(CONFIG_IPV6)
684 register_inet6addr_notifier(&nfsd_inet6addr_notifier);
685 #endif
686 }
687 nfsd_reset_write_verifier(nn);
688 return 0;
689 }
690
nfsd_nrpools(struct net * net)691 int nfsd_nrpools(struct net *net)
692 {
693 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
694
695 if (nn->nfsd_serv == NULL)
696 return 0;
697 else
698 return nn->nfsd_serv->sv_nrpools;
699 }
700
nfsd_get_nrthreads(int n,int * nthreads,struct net * net)701 int nfsd_get_nrthreads(int n, int *nthreads, struct net *net)
702 {
703 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
704 struct svc_serv *serv = nn->nfsd_serv;
705 int i;
706
707 if (serv)
708 for (i = 0; i < serv->sv_nrpools && i < n; i++)
709 nthreads[i] = atomic_read(&serv->sv_pools[i].sp_nrthreads);
710 return 0;
711 }
712
nfsd_set_nrthreads(int n,int * nthreads,struct net * net)713 int nfsd_set_nrthreads(int n, int *nthreads, struct net *net)
714 {
715 int i = 0;
716 int tot = 0;
717 int err = 0;
718 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
719
720 WARN_ON(!mutex_is_locked(&nfsd_mutex));
721
722 if (nn->nfsd_serv == NULL || n <= 0)
723 return 0;
724
725 if (n > nn->nfsd_serv->sv_nrpools)
726 n = nn->nfsd_serv->sv_nrpools;
727
728 /* enforce a global maximum number of threads */
729 tot = 0;
730 for (i = 0; i < n; i++) {
731 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS);
732 tot += nthreads[i];
733 }
734 if (tot > NFSD_MAXSERVS) {
735 /* total too large: scale down requested numbers */
736 for (i = 0; i < n && tot > 0; i++) {
737 int new = nthreads[i] * NFSD_MAXSERVS / tot;
738 tot -= (nthreads[i] - new);
739 nthreads[i] = new;
740 }
741 for (i = 0; i < n && tot > 0; i++) {
742 nthreads[i]--;
743 tot--;
744 }
745 }
746
747 /*
748 * There must always be a thread in pool 0; the admin
749 * can't shut down NFS completely using pool_threads.
750 */
751 if (nthreads[0] == 0)
752 nthreads[0] = 1;
753
754 /* apply the new numbers */
755 for (i = 0; i < n; i++) {
756 err = svc_set_num_threads(nn->nfsd_serv,
757 &nn->nfsd_serv->sv_pools[i],
758 nthreads[i]);
759 if (err)
760 break;
761 }
762 return err;
763 }
764
765 /*
766 * Adjust the number of threads and return the new number of threads.
767 * This is also the function that starts the server if necessary, if
768 * this is the first time nrservs is nonzero.
769 */
770 int
nfsd_svc(int nrservs,struct net * net,const struct cred * cred,const char * scope)771 nfsd_svc(int nrservs, struct net *net, const struct cred *cred, const char *scope)
772 {
773 int error;
774 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
775 struct svc_serv *serv;
776
777 lockdep_assert_held(&nfsd_mutex);
778
779 dprintk("nfsd: creating service\n");
780
781 nrservs = max(nrservs, 0);
782 nrservs = min(nrservs, NFSD_MAXSERVS);
783 error = 0;
784
785 if (nrservs == 0 && nn->nfsd_serv == NULL)
786 goto out;
787
788 strscpy(nn->nfsd_name, scope ? scope : utsname()->nodename,
789 sizeof(nn->nfsd_name));
790
791 error = nfsd_create_serv(net);
792 if (error)
793 goto out;
794 serv = nn->nfsd_serv;
795
796 error = nfsd_startup_net(net, cred);
797 if (error)
798 goto out_put;
799 error = svc_set_num_threads(serv, NULL, nrservs);
800 if (error)
801 goto out_put;
802 error = serv->sv_nrthreads;
803 out_put:
804 if (serv->sv_nrthreads == 0)
805 nfsd_destroy_serv(net);
806 out:
807 return error;
808 }
809
810 #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
811 static bool
nfsd_support_acl_version(int vers)812 nfsd_support_acl_version(int vers)
813 {
814 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS)
815 return nfsd_acl_version[vers] != NULL;
816 return false;
817 }
818
819 static int
nfsd_acl_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)820 nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp,
821 u32 version, int family, unsigned short proto,
822 unsigned short port)
823 {
824 if (!nfsd_support_acl_version(version) ||
825 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
826 return 0;
827 return svc_generic_rpcbind_set(net, progp, version, family,
828 proto, port);
829 }
830
831 static __be32
nfsd_acl_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)832 nfsd_acl_init_request(struct svc_rqst *rqstp,
833 const struct svc_program *progp,
834 struct svc_process_info *ret)
835 {
836 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
837 int i;
838
839 if (likely(nfsd_support_acl_version(rqstp->rq_vers) &&
840 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
841 return svc_generic_init_request(rqstp, progp, ret);
842
843 ret->mismatch.lovers = NFSD_ACL_NRVERS;
844 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) {
845 if (nfsd_support_acl_version(rqstp->rq_vers) &&
846 nfsd_vers(nn, i, NFSD_TEST)) {
847 ret->mismatch.lovers = i;
848 break;
849 }
850 }
851 if (ret->mismatch.lovers == NFSD_ACL_NRVERS)
852 return rpc_prog_unavail;
853 ret->mismatch.hivers = NFSD_ACL_MINVERS;
854 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) {
855 if (nfsd_support_acl_version(rqstp->rq_vers) &&
856 nfsd_vers(nn, i, NFSD_TEST)) {
857 ret->mismatch.hivers = i;
858 break;
859 }
860 }
861 return rpc_prog_mismatch;
862 }
863 #endif
864
865 static int
nfsd_rpcbind_set(struct net * net,const struct svc_program * progp,u32 version,int family,unsigned short proto,unsigned short port)866 nfsd_rpcbind_set(struct net *net, const struct svc_program *progp,
867 u32 version, int family, unsigned short proto,
868 unsigned short port)
869 {
870 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
871 return 0;
872 return svc_generic_rpcbind_set(net, progp, version, family,
873 proto, port);
874 }
875
876 static __be32
nfsd_init_request(struct svc_rqst * rqstp,const struct svc_program * progp,struct svc_process_info * ret)877 nfsd_init_request(struct svc_rqst *rqstp,
878 const struct svc_program *progp,
879 struct svc_process_info *ret)
880 {
881 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
882 int i;
883
884 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
885 return svc_generic_init_request(rqstp, progp, ret);
886
887 ret->mismatch.lovers = NFSD_NRVERS;
888 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) {
889 if (nfsd_vers(nn, i, NFSD_TEST)) {
890 ret->mismatch.lovers = i;
891 break;
892 }
893 }
894 if (ret->mismatch.lovers == NFSD_NRVERS)
895 return rpc_prog_unavail;
896 ret->mismatch.hivers = NFSD_MINVERS;
897 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) {
898 if (nfsd_vers(nn, i, NFSD_TEST)) {
899 ret->mismatch.hivers = i;
900 break;
901 }
902 }
903 return rpc_prog_mismatch;
904 }
905
906 /*
907 * This is the NFS server kernel thread
908 */
909 static int
nfsd(void * vrqstp)910 nfsd(void *vrqstp)
911 {
912 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp;
913 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list);
914 struct net *net = perm_sock->xpt_net;
915 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
916
917 /* At this point, the thread shares current->fs
918 * with the init process. We need to create files with the
919 * umask as defined by the client instead of init's umask. */
920 if (unshare_fs_struct() < 0) {
921 printk("Unable to start nfsd thread: out of memory\n");
922 goto out;
923 }
924
925 current->fs->umask = 0;
926
927 atomic_inc(&nfsd_th_cnt);
928
929 set_freezable();
930
931 /*
932 * The main request loop
933 */
934 while (!svc_thread_should_stop(rqstp)) {
935 /* Update sv_maxconn if it has changed */
936 rqstp->rq_server->sv_maxconn = nn->max_connections;
937
938 svc_recv(rqstp);
939
940 nfsd_file_net_dispose(nn);
941 }
942
943 atomic_dec(&nfsd_th_cnt);
944
945 out:
946 /* Release the thread */
947 svc_exit_thread(rqstp);
948 return 0;
949 }
950
951 /**
952 * nfsd_dispatch - Process an NFS or NFSACL Request
953 * @rqstp: incoming request
954 *
955 * This RPC dispatcher integrates the NFS server's duplicate reply cache.
956 *
957 * Return values:
958 * %0: Processing complete; do not send a Reply
959 * %1: Processing complete; send Reply in rqstp->rq_res
960 */
nfsd_dispatch(struct svc_rqst * rqstp)961 int nfsd_dispatch(struct svc_rqst *rqstp)
962 {
963 const struct svc_procedure *proc = rqstp->rq_procinfo;
964 __be32 *statp = rqstp->rq_accept_statp;
965 struct nfsd_cacherep *rp;
966 unsigned int start, len;
967 __be32 *nfs_reply;
968
969 /*
970 * Give the xdr decoder a chance to change this if it wants
971 * (necessary in the NFSv4.0 compound case)
972 */
973 rqstp->rq_cachetype = proc->pc_cachetype;
974
975 /*
976 * ->pc_decode advances the argument stream past the NFS
977 * Call header, so grab the header's starting location and
978 * size now for the call to nfsd_cache_lookup().
979 */
980 start = xdr_stream_pos(&rqstp->rq_arg_stream);
981 len = xdr_stream_remaining(&rqstp->rq_arg_stream);
982 if (!proc->pc_decode(rqstp, &rqstp->rq_arg_stream))
983 goto out_decode_err;
984
985 /*
986 * Release rq_status_counter setting it to an odd value after the rpc
987 * request has been properly parsed. rq_status_counter is used to
988 * notify the consumers if the rqstp fields are stable
989 * (rq_status_counter is odd) or not meaningful (rq_status_counter
990 * is even).
991 */
992 smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter | 1);
993
994 rp = NULL;
995 switch (nfsd_cache_lookup(rqstp, start, len, &rp)) {
996 case RC_DOIT:
997 break;
998 case RC_REPLY:
999 goto out_cached_reply;
1000 case RC_DROPIT:
1001 goto out_dropit;
1002 }
1003
1004 nfs_reply = xdr_inline_decode(&rqstp->rq_res_stream, 0);
1005 *statp = proc->pc_func(rqstp);
1006 if (test_bit(RQ_DROPME, &rqstp->rq_flags))
1007 goto out_update_drop;
1008
1009 if (!proc->pc_encode(rqstp, &rqstp->rq_res_stream))
1010 goto out_encode_err;
1011
1012 /*
1013 * Release rq_status_counter setting it to an even value after the rpc
1014 * request has been properly processed.
1015 */
1016 smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter + 1);
1017
1018 nfsd_cache_update(rqstp, rp, rqstp->rq_cachetype, nfs_reply);
1019 out_cached_reply:
1020 return 1;
1021
1022 out_decode_err:
1023 trace_nfsd_garbage_args_err(rqstp);
1024 *statp = rpc_garbage_args;
1025 return 1;
1026
1027 out_update_drop:
1028 nfsd_cache_update(rqstp, rp, RC_NOCACHE, NULL);
1029 out_dropit:
1030 return 0;
1031
1032 out_encode_err:
1033 trace_nfsd_cant_encode_err(rqstp);
1034 nfsd_cache_update(rqstp, rp, RC_NOCACHE, NULL);
1035 *statp = rpc_system_err;
1036 return 1;
1037 }
1038
1039 /**
1040 * nfssvc_decode_voidarg - Decode void arguments
1041 * @rqstp: Server RPC transaction context
1042 * @xdr: XDR stream positioned at arguments to decode
1043 *
1044 * Return values:
1045 * %false: Arguments were not valid
1046 * %true: Decoding was successful
1047 */
nfssvc_decode_voidarg(struct svc_rqst * rqstp,struct xdr_stream * xdr)1048 bool nfssvc_decode_voidarg(struct svc_rqst *rqstp, struct xdr_stream *xdr)
1049 {
1050 return true;
1051 }
1052
1053 /**
1054 * nfssvc_encode_voidres - Encode void results
1055 * @rqstp: Server RPC transaction context
1056 * @xdr: XDR stream into which to encode results
1057 *
1058 * Return values:
1059 * %false: Local error while encoding
1060 * %true: Encoding was successful
1061 */
nfssvc_encode_voidres(struct svc_rqst * rqstp,struct xdr_stream * xdr)1062 bool nfssvc_encode_voidres(struct svc_rqst *rqstp, struct xdr_stream *xdr)
1063 {
1064 return true;
1065 }
1066
nfsd_pool_stats_open(struct inode * inode,struct file * file)1067 int nfsd_pool_stats_open(struct inode *inode, struct file *file)
1068 {
1069 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id);
1070
1071 return svc_pool_stats_open(&nn->nfsd_info, file);
1072 }
1073