1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Rick Macklem at The University of Guelph. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)nfs_syscalls.c 8.5 (Berkeley) 3/30/95 37 * $FreeBSD: src/sys/nfs/nfs_syscalls.c,v 1.58.2.1 2000/11/26 02:30:06 dillon Exp $ 38 * $DragonFly: src/sys/vfs/nfs/nfs_syscalls.c,v 1.31 2008/01/05 14:02:41 swildner Exp $ 39 */ 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/sysproto.h> 44 #include <sys/kernel.h> 45 #include <sys/sysctl.h> 46 #include <sys/file.h> 47 #include <sys/filedesc.h> 48 #include <sys/vnode.h> 49 #include <sys/malloc.h> 50 #include <sys/mount.h> 51 #include <sys/proc.h> 52 #include <sys/priv.h> 53 #include <sys/buf.h> 54 #include <sys/mbuf.h> 55 #include <sys/resourcevar.h> 56 #include <sys/socket.h> 57 #include <sys/socketvar.h> 58 #include <sys/domain.h> 59 #include <sys/protosw.h> 60 #include <sys/nlookup.h> 61 #include <vm/vm_zone.h> 62 63 #include <sys/mutex2.h> 64 #include <sys/thread2.h> 65 66 #include <netinet/in.h> 67 #include <netinet/tcp.h> 68 #include "xdr_subs.h" 69 #include "rpcv2.h" 70 #include "nfsproto.h" 71 #include "nfs.h" 72 #include "nfsm_subs.h" 73 #include "nfsrvcache.h" 74 #include "nfsmount.h" 75 #include "nfsnode.h" 76 #include "nfsrtt.h" 77 78 #include <sys/thread2.h> 79 80 static MALLOC_DEFINE(M_NFSSVC, "NFS srvsock", "Nfs server structure"); 81 82 static int nuidhash_max = NFS_MAXUIDHASH; 83 84 #ifndef NFS_NOSERVER 85 static void nfsrv_zapsock (struct nfssvc_sock *slp); 86 #endif 87 88 #define TRUE 1 89 #define FALSE 0 90 91 SYSCTL_DECL(_vfs_nfs); 92 93 #ifndef NFS_NOSERVER 94 int nfsd_waiting = 0; 95 static struct nfsdrt nfsdrt; 96 static int nfs_numnfsd = 0; 97 static void nfsd_rt (int sotype, struct nfsrv_descript *nd, 98 int cacherep); 99 static int nfssvc_addsock (struct file *, struct sockaddr *, 100 struct thread *); 101 static int nfssvc_nfsd (struct nfsd_srvargs *,caddr_t,struct thread *); 102 103 static int nfs_privport = 0; 104 SYSCTL_INT(_vfs_nfs, NFS_NFSPRIVPORT, nfs_privport, CTLFLAG_RW, &nfs_privport, 0, ""); 105 SYSCTL_INT(_vfs_nfs, OID_AUTO, gatherdelay, CTLFLAG_RW, &nfsrvw_procrastinate, 0, ""); 106 SYSCTL_INT(_vfs_nfs, OID_AUTO, gatherdelay_v3, CTLFLAG_RW, &nfsrvw_procrastinate_v3, 0, ""); 107 int nfs_soreserve = NFS_MAXPACKET * NFS_MAXASYNCBIO; 108 SYSCTL_INT(_vfs_nfs, OID_AUTO, soreserve, CTLFLAG_RW, &nfs_soreserve, 0, ""); 109 110 /* 111 * NFS server system calls 112 */ 113 114 #endif /* NFS_NOSERVER */ 115 /* 116 * nfssvc_args(int flag, caddr_t argp) 117 * 118 * Nfs server psuedo system call for the nfsd's 119 * Based on the flag value it either: 120 * - adds a socket to the selection list 121 * - remains in the kernel as an nfsd 122 * - remains in the kernel as an nfsiod 123 * 124 * MPALMOSTSAFE 125 */ 126 int 127 sys_nfssvc(struct nfssvc_args *uap) 128 { 129 #ifndef NFS_NOSERVER 130 struct nlookupdata nd; 131 struct file *fp; 132 struct sockaddr *nam; 133 struct nfsd_args nfsdarg; 134 struct nfsd_srvargs nfsd_srvargs, *nsd = &nfsd_srvargs; 135 struct nfsd_cargs ncd; 136 struct nfsd *nfsd; 137 struct nfssvc_sock *slp; 138 struct nfsuid *nuidp; 139 struct nfsmount *nmp; 140 struct vnode *vp; 141 #endif /* NFS_NOSERVER */ 142 int error; 143 struct thread *td = curthread; 144 145 /* 146 * Must be super user 147 */ 148 error = priv_check(td, PRIV_ROOT); 149 if (error) 150 return (error); 151 152 lwkt_gettoken(&nfs_token); 153 154 while (nfssvc_sockhead_flag & SLP_INIT) { 155 nfssvc_sockhead_flag |= SLP_WANTINIT; 156 tsleep((caddr_t)&nfssvc_sockhead, 0, "nfsd init", 0); 157 } 158 if (uap->flag & NFSSVC_BIOD) 159 error = ENXIO; /* no longer need nfsiod's */ 160 #ifdef NFS_NOSERVER 161 else 162 error = ENXIO; 163 #else /* !NFS_NOSERVER */ 164 else if (uap->flag & NFSSVC_MNTD) { 165 error = copyin(uap->argp, (caddr_t)&ncd, sizeof (ncd)); 166 if (error) 167 goto done; 168 vp = NULL; 169 error = nlookup_init(&nd, ncd.ncd_dirp, UIO_USERSPACE, 170 NLC_FOLLOW); 171 if (error == 0) 172 error = nlookup(&nd); 173 if (error == 0) 174 error = cache_vget(&nd.nl_nch, nd.nl_cred, LK_EXCLUSIVE, &vp); 175 nlookup_done(&nd); 176 if (error) 177 goto done; 178 179 if ((vp->v_flag & VROOT) == 0) 180 error = EINVAL; 181 nmp = VFSTONFS(vp->v_mount); 182 vput(vp); 183 if (error) 184 goto done; 185 if ((nmp->nm_state & NFSSTA_MNTD) && 186 (uap->flag & NFSSVC_GOTAUTH) == 0) { 187 error = 0; 188 goto done; 189 } 190 nmp->nm_state |= NFSSTA_MNTD; 191 error = nfs_clientd(nmp, td->td_ucred, &ncd, uap->flag, 192 uap->argp, td); 193 } else if (uap->flag & NFSSVC_ADDSOCK) { 194 error = copyin(uap->argp, (caddr_t)&nfsdarg, sizeof(nfsdarg)); 195 if (error) 196 goto done; 197 error = holdsock(td->td_proc->p_fd, nfsdarg.sock, &fp); 198 if (error) 199 goto done; 200 /* 201 * Get the client address for connected sockets. 202 */ 203 if (nfsdarg.name == NULL || nfsdarg.namelen == 0) 204 nam = NULL; 205 else { 206 error = getsockaddr(&nam, nfsdarg.name, 207 nfsdarg.namelen); 208 if (error) { 209 fdrop(fp); 210 goto done; 211 } 212 } 213 error = nfssvc_addsock(fp, nam, td); 214 fdrop(fp); 215 } else { 216 error = copyin(uap->argp, (caddr_t)nsd, sizeof (*nsd)); 217 if (error) 218 goto done; 219 if ((uap->flag & NFSSVC_AUTHIN) && 220 ((nfsd = nsd->nsd_nfsd)) != NULL && 221 (nfsd->nfsd_slp->ns_flag & SLP_VALID)) { 222 slp = nfsd->nfsd_slp; 223 224 /* 225 * First check to see if another nfsd has already 226 * added this credential. 227 */ 228 for (nuidp = NUIDHASH(slp,nsd->nsd_cr.cr_uid)->lh_first; 229 nuidp != 0; nuidp = nuidp->nu_hash.le_next) { 230 if (nuidp->nu_cr.cr_uid == nsd->nsd_cr.cr_uid && 231 (!nfsd->nfsd_nd->nd_nam2 || 232 netaddr_match(NU_NETFAM(nuidp), 233 &nuidp->nu_haddr, nfsd->nfsd_nd->nd_nam2))) 234 break; 235 } 236 if (nuidp) { 237 nfsrv_setcred(&nuidp->nu_cr,&nfsd->nfsd_nd->nd_cr); 238 nfsd->nfsd_nd->nd_flag |= ND_KERBFULL; 239 } else { 240 /* 241 * Nope, so we will. 242 */ 243 if (slp->ns_numuids < nuidhash_max) { 244 slp->ns_numuids++; 245 nuidp = (struct nfsuid *) 246 kmalloc(sizeof (struct nfsuid), M_NFSUID, 247 M_WAITOK); 248 } else 249 nuidp = NULL; 250 if ((slp->ns_flag & SLP_VALID) == 0) { 251 if (nuidp) 252 kfree((caddr_t)nuidp, M_NFSUID); 253 } else { 254 if (nuidp == NULL) { 255 nuidp = TAILQ_FIRST(&slp->ns_uidlruhead); 256 LIST_REMOVE(nuidp, nu_hash); 257 TAILQ_REMOVE(&slp->ns_uidlruhead, nuidp, 258 nu_lru); 259 if (nuidp->nu_flag & NU_NAM) 260 FREE(nuidp->nu_nam, M_SONAME); 261 } 262 nuidp->nu_flag = 0; 263 nuidp->nu_cr = nsd->nsd_cr; 264 if (nuidp->nu_cr.cr_ngroups > NGROUPS) 265 nuidp->nu_cr.cr_ngroups = NGROUPS; 266 nuidp->nu_cr.cr_ref = 1; 267 nuidp->nu_timestamp = nsd->nsd_timestamp; 268 nuidp->nu_expire = time_second + nsd->nsd_ttl; 269 /* 270 * and save the session key in nu_key. 271 */ 272 bcopy(nsd->nsd_key, nuidp->nu_key, 273 sizeof (nsd->nsd_key)); 274 if (nfsd->nfsd_nd->nd_nam2) { 275 struct sockaddr_in *saddr; 276 277 saddr = (struct sockaddr_in *) 278 nfsd->nfsd_nd->nd_nam2; 279 switch (saddr->sin_family) { 280 case AF_INET: 281 nuidp->nu_flag |= NU_INETADDR; 282 nuidp->nu_inetaddr = 283 saddr->sin_addr.s_addr; 284 break; 285 case AF_ISO: 286 default: 287 nuidp->nu_flag |= NU_NAM; 288 nuidp->nu_nam = 289 dup_sockaddr(nfsd->nfsd_nd->nd_nam2); 290 break; 291 }; 292 } 293 TAILQ_INSERT_TAIL(&slp->ns_uidlruhead, nuidp, 294 nu_lru); 295 LIST_INSERT_HEAD(NUIDHASH(slp, nsd->nsd_uid), 296 nuidp, nu_hash); 297 nfsrv_setcred(&nuidp->nu_cr, 298 &nfsd->nfsd_nd->nd_cr); 299 nfsd->nfsd_nd->nd_flag |= ND_KERBFULL; 300 } 301 } 302 } 303 if ((uap->flag & NFSSVC_AUTHINFAIL) && (nfsd = nsd->nsd_nfsd)) 304 nfsd->nfsd_flag |= NFSD_AUTHFAIL; 305 error = nfssvc_nfsd(nsd, uap->argp, td); 306 } 307 #endif /* NFS_NOSERVER */ 308 if (error == EINTR || error == ERESTART) 309 error = 0; 310 done: 311 lwkt_reltoken(&nfs_token); 312 return (error); 313 } 314 315 #ifndef NFS_NOSERVER 316 /* 317 * Adds a socket to the list for servicing by nfsds. 318 */ 319 static int 320 nfssvc_addsock(struct file *fp, struct sockaddr *mynam, struct thread *td) 321 { 322 int siz; 323 struct nfssvc_sock *slp; 324 struct socket *so; 325 int error; 326 327 so = (struct socket *)fp->f_data; 328 #if 0 329 tslp = NULL; 330 /* 331 * Add it to the list, as required. 332 */ 333 if (so->so_proto->pr_protocol == IPPROTO_UDP) { 334 tslp = nfs_udpsock; 335 if (tslp->ns_flag & SLP_VALID) { 336 if (mynam != NULL) 337 FREE(mynam, M_SONAME); 338 return (EPERM); 339 } 340 } 341 #endif 342 /* 343 * Reserve buffer space in the socket. Note that due to bugs in 344 * Linux's delayed-ack code, serious performance degredation may 345 * occur with linux hosts if the minimum is used. 346 * 347 * NFS sockets are not limited to the standard sb_max or by 348 * resource limits. 349 */ 350 if (so->so_type == SOCK_STREAM) 351 siz = NFS_MAXPACKET + sizeof (u_long); 352 else 353 siz = NFS_MAXPACKET; 354 if (siz < nfs_soreserve) 355 siz = nfs_soreserve; 356 357 error = soreserve(so, siz, siz, NULL); 358 if (error) { 359 if (mynam != NULL) 360 FREE(mynam, M_SONAME); 361 return (error); 362 } 363 364 /* 365 * Set protocol specific options { for now TCP only } and 366 * reserve some space. For datagram sockets, this can get called 367 * repeatedly for the same socket, but that isn't harmful. 368 */ 369 if (so->so_type == SOCK_STREAM) { 370 struct sockopt sopt; 371 int val; 372 373 bzero(&sopt, sizeof sopt); 374 sopt.sopt_level = SOL_SOCKET; 375 sopt.sopt_name = SO_KEEPALIVE; 376 sopt.sopt_val = &val; 377 sopt.sopt_valsize = sizeof val; 378 val = 1; 379 sosetopt(so, &sopt); 380 } 381 if (so->so_proto->pr_domain->dom_family == AF_INET && 382 so->so_proto->pr_protocol == IPPROTO_TCP) { 383 struct sockopt sopt; 384 int val; 385 386 bzero(&sopt, sizeof sopt); 387 sopt.sopt_level = IPPROTO_TCP; 388 sopt.sopt_name = TCP_NODELAY; 389 sopt.sopt_val = &val; 390 sopt.sopt_valsize = sizeof val; 391 val = 1; 392 sosetopt(so, &sopt); 393 394 bzero(&sopt, sizeof sopt); 395 sopt.sopt_level = IPPROTO_TCP; 396 sopt.sopt_name = TCP_FASTKEEP; 397 sopt.sopt_val = &val; 398 sopt.sopt_valsize = sizeof val; 399 val = 1; 400 sosetopt(so, &sopt); 401 } 402 atomic_clear_int(&so->so_rcv.ssb_flags, SSB_NOINTR); 403 so->so_rcv.ssb_timeo = 0; 404 atomic_clear_int(&so->so_snd.ssb_flags, SSB_NOINTR); 405 so->so_snd.ssb_timeo = 0; 406 407 slp = kmalloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO); 408 mtx_init(&slp->ns_solock); 409 STAILQ_INIT(&slp->ns_rec); 410 TAILQ_INIT(&slp->ns_uidlruhead); 411 lwkt_token_init(&slp->ns_token, 1, "nfssrv_token"); 412 413 lwkt_gettoken(&nfs_token); 414 nfsrv_slpref(slp); 415 TAILQ_INSERT_TAIL(&nfssvc_sockhead, slp, ns_chain); 416 lwkt_gettoken(&slp->ns_token); 417 418 slp->ns_so = so; 419 slp->ns_nam = mynam; 420 fp->f_count++; 421 slp->ns_fp = fp; 422 423 so->so_upcallarg = (caddr_t)slp; 424 so->so_upcall = nfsrv_rcv_upcall; 425 atomic_set_int(&so->so_rcv.ssb_flags, SSB_UPCALL); 426 slp->ns_flag = (SLP_VALID | SLP_NEEDQ); 427 nfsrv_wakenfsd(slp, 1); 428 429 lwkt_reltoken(&slp->ns_token); 430 lwkt_reltoken(&nfs_token); 431 432 return (0); 433 } 434 435 /* 436 * Called by nfssvc() for nfsds. Just loops around servicing rpc requests 437 * until it is killed by a signal. 438 */ 439 static int 440 nfssvc_nfsd(struct nfsd_srvargs *nsd, caddr_t argp, struct thread *td) 441 { 442 int siz; 443 struct nfssvc_sock *slp; 444 struct nfsd *nfsd = nsd->nsd_nfsd; 445 struct nfsrv_descript *nd = NULL; 446 struct mbuf *m, *mreq; 447 int error, cacherep, sotype, writes_todo; 448 int procrastinate; 449 u_quad_t cur_usec; 450 451 #ifndef nolint 452 cacherep = RC_DOIT; 453 writes_todo = 0; 454 #endif 455 lwkt_gettoken(&nfs_token); 456 457 if (nfsd == NULL) { 458 nsd->nsd_nfsd = nfsd = (struct nfsd *) 459 kmalloc(sizeof (struct nfsd), M_NFSD, M_WAITOK|M_ZERO); 460 nfsd->nfsd_td = td; 461 TAILQ_INSERT_TAIL(&nfsd_head, nfsd, nfsd_chain); 462 nfs_numnfsd++; 463 } 464 465 /* 466 * Loop getting rpc requests until SIGKILL. 467 */ 468 for (;;) { 469 if ((nfsd->nfsd_flag & NFSD_REQINPROG) == 0) { 470 while (nfsd->nfsd_slp == NULL && 471 (nfsd_head_flag & NFSD_CHECKSLP) == 0) { 472 nfsd->nfsd_flag |= NFSD_WAITING; 473 nfsd_waiting++; 474 error = tsleep(nfsd, PCATCH, "nfsd", 0); 475 nfsd_waiting--; 476 if (error && nfsd->nfsd_slp == NULL) 477 goto done; 478 } 479 if (nfsd->nfsd_slp == NULL && 480 (nfsd_head_flag & NFSD_CHECKSLP)) { 481 TAILQ_FOREACH(slp, &nfssvc_sockhead, ns_chain) { 482 if ((slp->ns_flag & SLP_ACTION_MASK) || 483 slp->ns_needq_upcall) { 484 nfsrv_slpref(slp); 485 nfsd->nfsd_slp = slp; 486 break; 487 } 488 } 489 if (slp == NULL) 490 nfsd_head_flag &= ~NFSD_CHECKSLP; 491 } 492 if ((slp = nfsd->nfsd_slp) == NULL) 493 continue; 494 495 lwkt_reltoken(&nfs_token); 496 lwkt_gettoken(&slp->ns_token); 497 498 if (slp->ns_needq_upcall) { 499 slp->ns_needq_upcall = 0; 500 slp->ns_flag |= SLP_NEEDQ; 501 } 502 503 if (slp->ns_flag & SLP_VALID) { 504 /* 505 * We can both process additional received 506 * data into new records and process existing 507 * records. This keeps the pipeline hot by 508 * allowing the tcp socket to continue to 509 * drain while we are processing records. 510 */ 511 if (slp->ns_flag & SLP_DISCONN) { 512 nfsrv_zapsock(slp); 513 } else if (slp->ns_flag & SLP_NEEDQ) { 514 (void)nfs_slplock(slp, 1); 515 nfsrv_rcv(slp->ns_so, (caddr_t)slp, 516 MB_WAIT); 517 nfs_slpunlock(slp); 518 } 519 error = nfsrv_dorec(slp, nfsd, &nd); 520 cur_usec = nfs_curusec(); 521 if (error && slp->ns_tq.lh_first && 522 slp->ns_tq.lh_first->nd_time <= cur_usec) { 523 error = 0; 524 cacherep = RC_DOIT; 525 writes_todo = 1; 526 } else { 527 writes_todo = 0; 528 } 529 nfsd->nfsd_flag |= NFSD_REQINPROG; 530 } else { 531 slp->ns_flag &= ~SLP_ACTION_MASK; 532 error = 0; 533 } 534 } else { 535 error = 0; 536 slp = nfsd->nfsd_slp; 537 538 lwkt_reltoken(&nfs_token); 539 lwkt_gettoken(&slp->ns_token); 540 541 if (slp->ns_needq_upcall) { 542 slp->ns_needq_upcall = 0; 543 slp->ns_flag |= SLP_NEEDQ; 544 } 545 if (NFSRV_RECLIMIT(slp) == 0 && 546 (slp->ns_flag & SLP_NEEDQ)) { 547 (void)nfs_slplock(slp, 1); 548 nfsrv_rcv(slp->ns_so, (caddr_t)slp, 549 MB_WAIT); 550 nfs_slpunlock(slp); 551 } 552 } 553 554 /* 555 * nfs_token not held here. slp token is held. 556 */ 557 if (error || (slp->ns_flag & SLP_VALID) == 0) { 558 if (nd) { 559 kfree((caddr_t)nd, M_NFSRVDESC); 560 nd = NULL; 561 } 562 nfsd->nfsd_flag &= ~NFSD_REQINPROG; 563 if (slp->ns_flag & SLP_ACTION_MASK) { 564 lwkt_reltoken(&slp->ns_token); 565 lwkt_gettoken(&nfs_token); 566 } else { 567 nfsd->nfsd_slp = NULL; 568 lwkt_reltoken(&slp->ns_token); 569 lwkt_gettoken(&nfs_token); 570 nfsrv_slpderef(slp); 571 } 572 continue; 573 } 574 575 /* 576 * Execute the NFS request - handle the server side cache 577 * 578 * nfs_token not held here. slp token is held. 579 */ 580 sotype = slp->ns_so->so_type; 581 if (nd) { 582 getmicrotime(&nd->nd_starttime); 583 if (nd->nd_nam2) 584 nd->nd_nam = nd->nd_nam2; 585 else 586 nd->nd_nam = slp->ns_nam; 587 588 /* 589 * Check to see if authorization is needed. 590 */ 591 if (nfsd->nfsd_flag & NFSD_NEEDAUTH) { 592 nfsd->nfsd_flag &= ~NFSD_NEEDAUTH; 593 nsd->nsd_haddr = 594 ((struct sockaddr_in *) 595 nd->nd_nam)->sin_addr.s_addr; 596 nsd->nsd_authlen = nfsd->nfsd_authlen; 597 nsd->nsd_verflen = nfsd->nfsd_verflen; 598 if (!copyout(nfsd->nfsd_authstr,nsd->nsd_authstr, 599 nfsd->nfsd_authlen) && 600 !copyout(nfsd->nfsd_verfstr, nsd->nsd_verfstr, 601 nfsd->nfsd_verflen) && 602 !copyout((caddr_t)nsd, argp, sizeof (*nsd))) 603 lwkt_reltoken(&slp->ns_token); 604 return (ENEEDAUTH); 605 cacherep = RC_DROPIT; 606 } else { 607 cacherep = nfsrv_getcache(nd, slp, &mreq); 608 } 609 610 if (nfsd->nfsd_flag & NFSD_AUTHFAIL) { 611 nfsd->nfsd_flag &= ~NFSD_AUTHFAIL; 612 nd->nd_procnum = NFSPROC_NOOP; 613 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK); 614 cacherep = RC_DOIT; 615 } else if (nfs_privport) { 616 /* Check if source port is privileged */ 617 u_short port; 618 struct sockaddr *nam = nd->nd_nam; 619 struct sockaddr_in *sin; 620 621 sin = (struct sockaddr_in *)nam; 622 port = ntohs(sin->sin_port); 623 if (port >= IPPORT_RESERVED && 624 nd->nd_procnum != NFSPROC_NULL) { 625 nd->nd_procnum = NFSPROC_NOOP; 626 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK); 627 cacherep = RC_DOIT; 628 kprintf("NFS request from unprivileged port (%s:%d)\n", 629 inet_ntoa(sin->sin_addr), port); 630 } 631 } 632 633 } 634 635 /* 636 * Execute the NFS request - direct execution 637 * 638 * Loop to get all the write rpc replies that have been 639 * gathered together. 640 * 641 * nfs_token not held here. slp token is held. 642 */ 643 do { 644 switch (cacherep) { 645 case RC_DOIT: 646 if (nd && (nd->nd_flag & ND_NFSV3)) 647 procrastinate = nfsrvw_procrastinate_v3; 648 else 649 procrastinate = nfsrvw_procrastinate; 650 if (writes_todo || (nd->nd_procnum == NFSPROC_WRITE && 651 procrastinate > 0) 652 ) { 653 error = nfsrv_writegather(&nd, slp, 654 nfsd->nfsd_td, &mreq); 655 } else { 656 /* NOT YET lwkt_reltoken(&slp->ns_token); */ 657 error = (*(nfsrv3_procs[nd->nd_procnum]))(nd, 658 slp, nfsd->nfsd_td, &mreq); 659 /* NOT YET lwkt_gettoken(&slp->ns_token); */ 660 } 661 if (mreq == NULL) 662 break; 663 if (error != 0 && error != NFSERR_RETVOID) { 664 if (nd->nd_procnum != NQNFSPROC_VACATED) 665 nfsstats.srv_errs++; 666 nfsrv_updatecache(nd, FALSE, mreq); 667 if (nd->nd_nam2) 668 FREE(nd->nd_nam2, M_SONAME); 669 break; 670 } 671 nfsstats.srvrpccnt[nd->nd_procnum]++; 672 nfsrv_updatecache(nd, TRUE, mreq); 673 nd->nd_mrep = NULL; 674 /* FALL THROUGH */ 675 case RC_REPLY: 676 m = mreq; 677 siz = 0; 678 while (m) { 679 siz += m->m_len; 680 m = m->m_next; 681 } 682 if (siz <= 0 || siz > NFS_MAXPACKET) { 683 kprintf("mbuf siz=%d\n",siz); 684 panic("Bad nfs svc reply"); 685 } 686 m = mreq; 687 m->m_pkthdr.len = siz; 688 m->m_pkthdr.rcvif = NULL; 689 /* 690 * For stream protocols, prepend a Sun RPC 691 * Record Mark. 692 */ 693 if (sotype == SOCK_STREAM) { 694 M_PREPEND(m, NFSX_UNSIGNED, MB_WAIT); 695 if (m == NULL) { 696 error = ENOBUFS; 697 goto skip; 698 } 699 *mtod(m, u_int32_t *) = htonl(0x80000000 | siz); 700 } 701 if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED) 702 (void) nfs_slplock(slp, 1); 703 if (slp->ns_flag & SLP_VALID) 704 error = nfs_send(slp->ns_so, nd->nd_nam2, m, NULL); 705 else { 706 error = EPIPE; 707 m_freem(m); 708 } 709 skip: 710 if (nfsrtton) 711 nfsd_rt(sotype, nd, cacherep); 712 if (nd->nd_nam2) 713 FREE(nd->nd_nam2, M_SONAME); 714 if (nd->nd_mrep) 715 m_freem(nd->nd_mrep); 716 if (error == EPIPE || error == ENOBUFS) 717 nfsrv_zapsock(slp); 718 if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED) 719 nfs_slpunlock(slp); 720 if (error == EINTR || error == ERESTART) { 721 kfree((caddr_t)nd, M_NFSRVDESC); 722 lwkt_reltoken(&slp->ns_token); 723 lwkt_gettoken(&nfs_token); 724 nfsd->nfsd_slp = NULL; 725 nfsrv_slpderef(slp); 726 goto done; 727 } 728 break; 729 case RC_DROPIT: 730 if (nfsrtton) 731 nfsd_rt(sotype, nd, cacherep); 732 m_freem(nd->nd_mrep); 733 if (nd->nd_nam2) 734 FREE(nd->nd_nam2, M_SONAME); 735 break; 736 }; 737 if (nd) { 738 FREE((caddr_t)nd, M_NFSRVDESC); 739 nd = NULL; 740 } 741 742 /* 743 * Check to see if there are outstanding writes that 744 * need to be serviced. 745 */ 746 cur_usec = nfs_curusec(); 747 if (slp->ns_tq.lh_first && 748 slp->ns_tq.lh_first->nd_time <= cur_usec) { 749 cacherep = RC_DOIT; 750 writes_todo = 1; 751 } else { 752 writes_todo = 0; 753 } 754 } while (writes_todo); 755 756 /* 757 * nfs_token not held here. slp token is held. 758 */ 759 if (nfsrv_dorec(slp, nfsd, &nd)) { 760 nfsd->nfsd_flag &= ~NFSD_REQINPROG; 761 if (slp->ns_flag & SLP_ACTION_MASK) { 762 lwkt_reltoken(&slp->ns_token); 763 lwkt_gettoken(&nfs_token); 764 } else { 765 nfsd->nfsd_slp = NULL; 766 lwkt_reltoken(&slp->ns_token); 767 lwkt_gettoken(&nfs_token); 768 nfsrv_slpderef(slp); 769 } 770 } else { 771 lwkt_reltoken(&slp->ns_token); 772 lwkt_gettoken(&nfs_token); 773 } 774 } 775 done: 776 TAILQ_REMOVE(&nfsd_head, nfsd, nfsd_chain); 777 kfree((caddr_t)nfsd, M_NFSD); 778 nsd->nsd_nfsd = NULL; 779 if (--nfs_numnfsd == 0) 780 nfsrv_init(TRUE); /* Reinitialize everything */ 781 782 lwkt_reltoken(&nfs_token); 783 return (error); 784 } 785 786 /* 787 * Shut down a socket associated with an nfssvc_sock structure. 788 * Should be called with the send lock set, if required. 789 * The trick here is to increment the sref at the start, so that the nfsds 790 * will stop using it and clear ns_flag at the end so that it will not be 791 * reassigned during cleanup. 792 */ 793 static void 794 nfsrv_zapsock(struct nfssvc_sock *slp) 795 { 796 struct nfsuid *nuidp, *nnuidp; 797 struct nfsrv_descript *nwp, *nnwp; 798 struct socket *so; 799 struct file *fp; 800 struct nfsrv_rec *rec; 801 802 slp->ns_flag &= ~SLP_ALLFLAGS; 803 fp = slp->ns_fp; 804 if (fp) { 805 slp->ns_fp = NULL; 806 so = slp->ns_so; 807 atomic_clear_int(&so->so_rcv.ssb_flags, SSB_UPCALL); 808 so->so_upcall = NULL; 809 so->so_upcallarg = NULL; 810 soshutdown(so, SHUT_RDWR); 811 closef(fp, NULL); 812 if (slp->ns_nam) 813 FREE(slp->ns_nam, M_SONAME); 814 m_freem(slp->ns_raw); 815 while ((rec = STAILQ_FIRST(&slp->ns_rec)) != NULL) { 816 --slp->ns_numrec; 817 STAILQ_REMOVE_HEAD(&slp->ns_rec, nr_link); 818 if (rec->nr_address) 819 FREE(rec->nr_address, M_SONAME); 820 m_freem(rec->nr_packet); 821 kfree(rec, M_NFSRVDESC); 822 } 823 KKASSERT(slp->ns_numrec == 0); 824 825 TAILQ_FOREACH_MUTABLE(nuidp, &slp->ns_uidlruhead, nu_lru, 826 nnuidp) { 827 LIST_REMOVE(nuidp, nu_hash); 828 TAILQ_REMOVE(&slp->ns_uidlruhead, nuidp, nu_lru); 829 if (nuidp->nu_flag & NU_NAM) 830 FREE(nuidp->nu_nam, M_SONAME); 831 kfree((caddr_t)nuidp, M_NFSUID); 832 } 833 crit_enter(); 834 for (nwp = slp->ns_tq.lh_first; nwp; nwp = nnwp) { 835 nnwp = nwp->nd_tq.le_next; 836 LIST_REMOVE(nwp, nd_tq); 837 kfree((caddr_t)nwp, M_NFSRVDESC); 838 } 839 LIST_INIT(&slp->ns_tq); 840 crit_exit(); 841 nfsrv_slpderef(slp); 842 } 843 } 844 845 /* 846 * Derefence a server socket structure. If it has no more references and 847 * is no longer valid, you can throw it away. 848 * 849 * Must be holding nfs_token! 850 */ 851 void 852 nfsrv_slpderef(struct nfssvc_sock *slp) 853 { 854 ASSERT_LWKT_TOKEN_HELD(&nfs_token); 855 if (slp->ns_sref == 1) { 856 KKASSERT((slp->ns_flag & SLP_VALID) == 0); 857 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain); 858 slp->ns_sref = 0; 859 kfree((caddr_t)slp, M_NFSSVC); 860 } else { 861 --slp->ns_sref; 862 } 863 } 864 865 void 866 nfsrv_slpref(struct nfssvc_sock *slp) 867 { 868 ASSERT_LWKT_TOKEN_HELD(&nfs_token); 869 ++slp->ns_sref; 870 } 871 872 /* 873 * Lock a socket against others. 874 * 875 * Returns 0 on failure, 1 on success. 876 */ 877 int 878 nfs_slplock(struct nfssvc_sock *slp, int wait) 879 { 880 mtx_t mtx = &slp->ns_solock; 881 882 if (wait) { 883 mtx_lock_ex(mtx, "nfsslplck", 0, 0); 884 return(1); 885 } else if (mtx_lock_ex_try(mtx) == 0) { 886 return(1); 887 } else { 888 return(0); 889 } 890 } 891 892 /* 893 * Unlock the stream socket for others. 894 */ 895 void 896 nfs_slpunlock(struct nfssvc_sock *slp) 897 { 898 mtx_t mtx = &slp->ns_solock; 899 900 mtx_unlock(mtx); 901 } 902 903 /* 904 * Initialize the data structures for the server. 905 * Handshake with any new nfsds starting up to avoid any chance of 906 * corruption. 907 */ 908 void 909 nfsrv_init(int terminating) 910 { 911 struct nfssvc_sock *slp, *nslp; 912 913 lwkt_gettoken(&nfs_token); 914 if (nfssvc_sockhead_flag & SLP_INIT) 915 panic("nfsd init"); 916 nfssvc_sockhead_flag |= SLP_INIT; 917 918 if (terminating) { 919 TAILQ_FOREACH_MUTABLE(slp, &nfssvc_sockhead, ns_chain, nslp) { 920 if (slp->ns_flag & SLP_VALID) 921 nfsrv_zapsock(slp); 922 /* 923 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain); 924 kfree((caddr_t)slp, M_NFSSVC); 925 */ 926 } 927 nfsrv_cleancache(); /* And clear out server cache */ 928 } else { 929 nfs_pub.np_valid = 0; 930 } 931 932 TAILQ_INIT(&nfssvc_sockhead); 933 nfssvc_sockhead_flag &= ~SLP_INIT; 934 if (nfssvc_sockhead_flag & SLP_WANTINIT) { 935 nfssvc_sockhead_flag &= ~SLP_WANTINIT; 936 wakeup((caddr_t)&nfssvc_sockhead); 937 } 938 939 TAILQ_INIT(&nfsd_head); 940 nfsd_head_flag &= ~NFSD_CHECKSLP; 941 942 lwkt_reltoken(&nfs_token); 943 944 #if 0 945 nfs_udpsock = (struct nfssvc_sock *) 946 kmalloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO); 947 mtx_init(&nfs_udpsock->ns_solock); 948 STAILQ_INIT(&nfs_udpsock->ns_rec); 949 TAILQ_INIT(&nfs_udpsock->ns_uidlruhead); 950 TAILQ_INSERT_HEAD(&nfssvc_sockhead, nfs_udpsock, ns_chain); 951 952 nfs_cltpsock = (struct nfssvc_sock *) 953 kmalloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO); 954 mtx_init(&nfs_cltpsock->ns_solock); 955 STAILQ_INIT(&nfs_cltpsock->ns_rec); 956 TAILQ_INIT(&nfs_cltpsock->ns_uidlruhead); 957 TAILQ_INSERT_TAIL(&nfssvc_sockhead, nfs_cltpsock, ns_chain); 958 #endif 959 } 960 961 /* 962 * Add entries to the server monitor log. 963 */ 964 static void 965 nfsd_rt(int sotype, struct nfsrv_descript *nd, int cacherep) 966 { 967 struct drt *rt; 968 969 rt = &nfsdrt.drt[nfsdrt.pos]; 970 if (cacherep == RC_DOIT) 971 rt->flag = 0; 972 else if (cacherep == RC_REPLY) 973 rt->flag = DRT_CACHEREPLY; 974 else 975 rt->flag = DRT_CACHEDROP; 976 if (sotype == SOCK_STREAM) 977 rt->flag |= DRT_TCP; 978 if (nd->nd_flag & ND_NFSV3) 979 rt->flag |= DRT_NFSV3; 980 rt->proc = nd->nd_procnum; 981 if (nd->nd_nam->sa_family == AF_INET) 982 rt->ipadr = ((struct sockaddr_in *)nd->nd_nam)->sin_addr.s_addr; 983 else 984 rt->ipadr = INADDR_ANY; 985 rt->resptime = nfs_curusec() - (nd->nd_starttime.tv_sec * 1000000 + nd->nd_starttime.tv_usec); 986 getmicrotime(&rt->tstamp); 987 nfsdrt.pos = (nfsdrt.pos + 1) % NFSRTTLOGSIZ; 988 } 989 #endif /* NFS_NOSERVER */ 990 991 static int nfs_defect = 0; 992 SYSCTL_INT(_vfs_nfs, OID_AUTO, defect, CTLFLAG_RW, &nfs_defect, 0, ""); 993 994 /* 995 * Get an authorization string for the uid by having the mount_nfs sitting 996 * on this mount point porpous out of the kernel and do it. 997 */ 998 int 999 nfs_getauth(struct nfsmount *nmp, struct nfsreq *rep, 1000 struct ucred *cred, char **auth_str, int *auth_len, char *verf_str, 1001 int *verf_len, NFSKERBKEY_T key /* return session key */) 1002 { 1003 int error = 0; 1004 1005 while ((nmp->nm_state & NFSSTA_WAITAUTH) == 0) { 1006 nmp->nm_state |= NFSSTA_WANTAUTH; 1007 (void) tsleep((caddr_t)&nmp->nm_authtype, 0, 1008 "nfsauth1", 2 * hz); 1009 error = nfs_sigintr(nmp, rep, rep->r_td); 1010 if (error) { 1011 nmp->nm_state &= ~NFSSTA_WANTAUTH; 1012 return (error); 1013 } 1014 } 1015 nmp->nm_state &= ~(NFSSTA_WAITAUTH | NFSSTA_WANTAUTH); 1016 nmp->nm_authstr = *auth_str = (char *)kmalloc(RPCAUTH_MAXSIZ, M_TEMP, M_WAITOK); 1017 nmp->nm_authlen = RPCAUTH_MAXSIZ; 1018 nmp->nm_verfstr = verf_str; 1019 nmp->nm_verflen = *verf_len; 1020 nmp->nm_authuid = cred->cr_uid; 1021 wakeup((caddr_t)&nmp->nm_authstr); 1022 1023 /* 1024 * And wait for mount_nfs to do its stuff. 1025 */ 1026 while ((nmp->nm_state & NFSSTA_HASAUTH) == 0 && error == 0) { 1027 (void) tsleep((caddr_t)&nmp->nm_authlen, 0, 1028 "nfsauth2", 2 * hz); 1029 error = nfs_sigintr(nmp, rep, rep->r_td); 1030 } 1031 if (nmp->nm_state & NFSSTA_AUTHERR) { 1032 nmp->nm_state &= ~NFSSTA_AUTHERR; 1033 error = EAUTH; 1034 } 1035 if (error) 1036 kfree((caddr_t)*auth_str, M_TEMP); 1037 else { 1038 *auth_len = nmp->nm_authlen; 1039 *verf_len = nmp->nm_verflen; 1040 bcopy((caddr_t)nmp->nm_key, (caddr_t)key, sizeof (key)); 1041 } 1042 nmp->nm_state &= ~NFSSTA_HASAUTH; 1043 nmp->nm_state |= NFSSTA_WAITAUTH; 1044 if (nmp->nm_state & NFSSTA_WANTAUTH) { 1045 nmp->nm_state &= ~NFSSTA_WANTAUTH; 1046 wakeup((caddr_t)&nmp->nm_authtype); 1047 } 1048 return (error); 1049 } 1050 1051 /* 1052 * Get a nickname authenticator and verifier. 1053 */ 1054 int 1055 nfs_getnickauth(struct nfsmount *nmp, struct ucred *cred, char **auth_str, 1056 int *auth_len, char *verf_str, int verf_len) 1057 { 1058 struct nfsuid *nuidp; 1059 u_int32_t *nickp, *verfp; 1060 struct timeval ktvin, ktvout; 1061 1062 #ifdef DIAGNOSTIC 1063 if (verf_len < (4 * NFSX_UNSIGNED)) 1064 panic("nfs_getnickauth verf too small"); 1065 #endif 1066 for (nuidp = NMUIDHASH(nmp, cred->cr_uid)->lh_first; 1067 nuidp != 0; nuidp = nuidp->nu_hash.le_next) { 1068 if (nuidp->nu_cr.cr_uid == cred->cr_uid) 1069 break; 1070 } 1071 if (!nuidp || nuidp->nu_expire < time_second) 1072 return (EACCES); 1073 1074 /* 1075 * Move to the end of the lru list (end of lru == most recently used). 1076 */ 1077 TAILQ_REMOVE(&nmp->nm_uidlruhead, nuidp, nu_lru); 1078 TAILQ_INSERT_TAIL(&nmp->nm_uidlruhead, nuidp, nu_lru); 1079 1080 nickp = (u_int32_t *)kmalloc(2 * NFSX_UNSIGNED, M_TEMP, M_WAITOK); 1081 *nickp++ = txdr_unsigned(RPCAKN_NICKNAME); 1082 *nickp = txdr_unsigned(nuidp->nu_nickname); 1083 *auth_str = (char *)nickp; 1084 *auth_len = 2 * NFSX_UNSIGNED; 1085 1086 /* 1087 * Now we must encrypt the verifier and package it up. 1088 */ 1089 verfp = (u_int32_t *)verf_str; 1090 *verfp++ = txdr_unsigned(RPCAKN_NICKNAME); 1091 if (time_second > nuidp->nu_timestamp.tv_sec || 1092 (time_second == nuidp->nu_timestamp.tv_sec && 1093 time_second > nuidp->nu_timestamp.tv_usec)) 1094 getmicrotime(&nuidp->nu_timestamp); 1095 else 1096 nuidp->nu_timestamp.tv_usec++; 1097 ktvin.tv_sec = txdr_unsigned(nuidp->nu_timestamp.tv_sec); 1098 ktvin.tv_usec = txdr_unsigned(nuidp->nu_timestamp.tv_usec); 1099 1100 /* 1101 * Now encrypt the timestamp verifier in ecb mode using the session 1102 * key. 1103 */ 1104 #ifdef NFSKERB 1105 XXX 1106 #else 1107 ktvout.tv_sec = 0; 1108 ktvout.tv_usec = 0; 1109 #endif 1110 1111 *verfp++ = ktvout.tv_sec; 1112 *verfp++ = ktvout.tv_usec; 1113 *verfp = 0; 1114 return (0); 1115 } 1116 1117 /* 1118 * Save the current nickname in a hash list entry on the mount point. 1119 */ 1120 int 1121 nfs_savenickauth(struct nfsmount *nmp, struct ucred *cred, int len, 1122 NFSKERBKEY_T key, struct mbuf **mdp, char **dposp, 1123 struct mbuf *mrep) 1124 { 1125 struct nfsuid *nuidp; 1126 u_int32_t *tl; 1127 struct timeval ktvin, ktvout; 1128 u_int32_t nick; 1129 int deltasec, error = 0; 1130 struct nfsm_info info; 1131 1132 info.md = *mdp; 1133 info.dpos = *dposp; 1134 info.mrep = mrep; 1135 1136 if (len == (3 * NFSX_UNSIGNED)) { 1137 NULLOUT(tl = nfsm_dissect(&info, 3 * NFSX_UNSIGNED)); 1138 ktvin.tv_sec = *tl++; 1139 ktvin.tv_usec = *tl++; 1140 nick = fxdr_unsigned(u_int32_t, *tl); 1141 1142 /* 1143 * Decrypt the timestamp in ecb mode. 1144 */ 1145 #ifdef NFSKERB 1146 XXX 1147 #else 1148 ktvout.tv_sec = 0; 1149 ktvout.tv_usec = 0; 1150 #endif 1151 ktvout.tv_sec = fxdr_unsigned(long, ktvout.tv_sec); 1152 ktvout.tv_usec = fxdr_unsigned(long, ktvout.tv_usec); 1153 deltasec = time_second - ktvout.tv_sec; 1154 if (deltasec < 0) 1155 deltasec = -deltasec; 1156 /* 1157 * If ok, add it to the hash list for the mount point. 1158 */ 1159 if (deltasec <= NFS_KERBCLOCKSKEW) { 1160 if (nmp->nm_numuids < nuidhash_max) { 1161 nmp->nm_numuids++; 1162 nuidp = (struct nfsuid *) 1163 kmalloc(sizeof (struct nfsuid), M_NFSUID, 1164 M_WAITOK); 1165 } else { 1166 nuidp = TAILQ_FIRST(&nmp->nm_uidlruhead); 1167 LIST_REMOVE(nuidp, nu_hash); 1168 TAILQ_REMOVE(&nmp->nm_uidlruhead, nuidp, 1169 nu_lru); 1170 } 1171 nuidp->nu_flag = 0; 1172 nuidp->nu_cr.cr_uid = cred->cr_uid; 1173 nuidp->nu_expire = time_second + NFS_KERBTTL; 1174 nuidp->nu_timestamp = ktvout; 1175 nuidp->nu_nickname = nick; 1176 bcopy(key, nuidp->nu_key, sizeof (key)); 1177 TAILQ_INSERT_TAIL(&nmp->nm_uidlruhead, nuidp, 1178 nu_lru); 1179 LIST_INSERT_HEAD(NMUIDHASH(nmp, cred->cr_uid), 1180 nuidp, nu_hash); 1181 } 1182 } else { 1183 ERROROUT(nfsm_adv(&info, nfsm_rndup(len))); 1184 } 1185 nfsmout: 1186 *mdp = info.md; 1187 *dposp = info.dpos; 1188 return (error); 1189 } 1190