TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / third_party / linux / 0e64123141f3854e695eb4924d82b52856691466 / . / fs / nfsd / nfssvc.c
blob: 155a4e43b24ee34ad757e55fe7ea08f459a21d69 [file] [log] [blame]
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Central processing for nfsd.
4 *
5 * Authors: Olaf Kirch (okir@monad.swb.de)
6 *
7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 */
9
10#include <linux/sched/signal.h>
11#include <linux/freezer.h>
12#include <linux/module.h>
13#include <linux/fs_struct.h>
14#include <linux/swap.h>
15
16#include <linux/sunrpc/stats.h>
17#include <linux/sunrpc/svcsock.h>
18#include <linux/sunrpc/svc_xprt.h>
19#include <linux/lockd/bind.h>
20#include <linux/nfsacl.h>
21#include <linux/seq_file.h>
22#include <linux/inetdevice.h>
23#include <net/addrconf.h>
24#include <net/ipv6.h>
25#include <net/net_namespace.h>
26#include "nfsd.h"
27#include "cache.h"
28#include "vfs.h"
29#include "netns.h"
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]30#include "filecache.h"
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]31
32#define NFSDDBG_FACILITY NFSDDBG_SVC
33
34extern struct svc_program nfsd_program;
35static int nfsd(void *vrqstp);
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]36#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
37static int nfsd_acl_rpcbind_set(struct net *,
38 const struct svc_program *,
39 u32, int,
40 unsigned short,
41 unsigned short);
42static __be32 nfsd_acl_init_request(struct svc_rqst *,
43 const struct svc_program *,
44 struct svc_process_info *);
45#endif
46static int nfsd_rpcbind_set(struct net *,
47 const struct svc_program *,
48 u32, int,
49 unsigned short,
50 unsigned short);
51static __be32 nfsd_init_request(struct svc_rqst *,
52 const struct svc_program *,
53 struct svc_process_info *);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]54
55/*
56 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and the members
57 * of the svc_serv struct. In particular, ->sv_nrthreads but also to some
58 * extent ->sv_temp_socks and ->sv_permsocks. It also protects nfsdstats.th_cnt
59 *
60 * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a
61 * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0. That number
62 * of nfsd threads must exist and each must listed in ->sp_all_threads in each
63 * entry of ->sv_pools[].
64 *
65 * Transitions of the thread count between zero and non-zero are of particular
66 * interest since the svc_serv needs to be created and initialized at that
67 * point, or freed.
68 *
69 * Finally, the nfsd_mutex also protects some of the global variables that are
70 * accessed when nfsd starts and that are settable via the write_* routines in
71 * nfsctl.c. In particular:
72 *
73 * user_recovery_dirname
74 * user_lease_time
75 * nfsd_versions
76 */
77DEFINE_MUTEX(nfsd_mutex);
78
79/*
80 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used.
81 * nfsd_drc_max_pages limits the total amount of memory available for
82 * version 4.1 DRC caches.
83 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage.
84 */
85spinlock_t nfsd_drc_lock;
86unsigned long nfsd_drc_max_mem;
87unsigned long nfsd_drc_mem_used;
88
89#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
90static struct svc_stat nfsd_acl_svcstats;
91static const struct svc_version *nfsd_acl_version[] = {
92 [2] = &nfsd_acl_version2,
93 [3] = &nfsd_acl_version3,
94};
95
96#define NFSD_ACL_MINVERS 2
97#define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]98
99static struct svc_program nfsd_acl_program = {
100 .pg_prog = NFS_ACL_PROGRAM,
101 .pg_nvers = NFSD_ACL_NRVERS,
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]102 .pg_vers = nfsd_acl_version,
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]103 .pg_name = "nfsacl",
104 .pg_class = "nfsd",
105 .pg_stats = &nfsd_acl_svcstats,
106 .pg_authenticate = &svc_set_client,
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]107 .pg_init_request = nfsd_acl_init_request,
108 .pg_rpcbind_set = nfsd_acl_rpcbind_set,
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]109};
110
111static struct svc_stat nfsd_acl_svcstats = {
112 .program = &nfsd_acl_program,
113};
114#endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */
115
116static const struct svc_version *nfsd_version[] = {
117 [2] = &nfsd_version2,
118#if defined(CONFIG_NFSD_V3)
119 [3] = &nfsd_version3,
120#endif
121#if defined(CONFIG_NFSD_V4)
122 [4] = &nfsd_version4,
123#endif
124};
125
126#define NFSD_MINVERS 2
127#define NFSD_NRVERS ARRAY_SIZE(nfsd_version)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]128
129struct svc_program nfsd_program = {
130#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
131 .pg_next = &nfsd_acl_program,
132#endif
133 .pg_prog = NFS_PROGRAM, /* program number */
134 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]135 .pg_vers = nfsd_version, /* version table */
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]136 .pg_name = "nfsd", /* program name */
137 .pg_class = "nfsd", /* authentication class */
138 .pg_stats = &nfsd_svcstats, /* version table */
139 .pg_authenticate = &svc_set_client, /* export authentication */
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]140 .pg_init_request = nfsd_init_request,
141 .pg_rpcbind_set = nfsd_rpcbind_set,
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]142};
143
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]144static bool
145nfsd_support_version(int vers)
146{
147 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS)
148 return nfsd_version[vers] != NULL;
149 return false;
150}
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]151
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]152static bool *
153nfsd_alloc_versions(void)
154{
155 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL);
156 unsigned i;
157
158 if (vers) {
159 /* All compiled versions are enabled by default */
160 for (i = 0; i < NFSD_NRVERS; i++)
161 vers[i] = nfsd_support_version(i);
162 }
163 return vers;
164}
165
166static bool *
167nfsd_alloc_minorversions(void)
168{
169 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1,
170 sizeof(bool), GFP_KERNEL);
171 unsigned i;
172
173 if (vers) {
174 /* All minor versions are enabled by default */
175 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++)
176 vers[i] = nfsd_support_version(4);
177 }
178 return vers;
179}
180
181void
182nfsd_netns_free_versions(struct nfsd_net *nn)
183{
184 kfree(nn->nfsd_versions);
185 kfree(nn->nfsd4_minorversions);
186 nn->nfsd_versions = NULL;
187 nn->nfsd4_minorversions = NULL;
188}
189
190static void
191nfsd_netns_init_versions(struct nfsd_net *nn)
192{
193 if (!nn->nfsd_versions) {
194 nn->nfsd_versions = nfsd_alloc_versions();
195 nn->nfsd4_minorversions = nfsd_alloc_minorversions();
196 if (!nn->nfsd_versions || !nn->nfsd4_minorversions)
197 nfsd_netns_free_versions(nn);
198 }
199}
200
201int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]202{
203 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS)
204 return 0;
205 switch(change) {
206 case NFSD_SET:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]207 if (nn->nfsd_versions)
208 nn->nfsd_versions[vers] = nfsd_support_version(vers);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]209 break;
210 case NFSD_CLEAR:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]211 nfsd_netns_init_versions(nn);
212 if (nn->nfsd_versions)
213 nn->nfsd_versions[vers] = false;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]214 break;
215 case NFSD_TEST:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]216 if (nn->nfsd_versions)
217 return nn->nfsd_versions[vers];
218 /* Fallthrough */
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]219 case NFSD_AVAIL:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]220 return nfsd_support_version(vers);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]221 }
222 return 0;
223}
224
225static void
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]226nfsd_adjust_nfsd_versions4(struct nfsd_net *nn)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]227{
228 unsigned i;
229
230 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) {
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]231 if (nn->nfsd4_minorversions[i])
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]232 return;
233 }
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]234 nfsd_vers(nn, 4, NFSD_CLEAR);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]235}
236
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]237int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]238{
239 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION &&
240 change != NFSD_AVAIL)
241 return -1;
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]242
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]243 switch(change) {
244 case NFSD_SET:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]245 if (nn->nfsd4_minorversions) {
246 nfsd_vers(nn, 4, NFSD_SET);
247 nn->nfsd4_minorversions[minorversion] =
248 nfsd_vers(nn, 4, NFSD_TEST);
249 }
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]250 break;
251 case NFSD_CLEAR:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]252 nfsd_netns_init_versions(nn);
253 if (nn->nfsd4_minorversions) {
254 nn->nfsd4_minorversions[minorversion] = false;
255 nfsd_adjust_nfsd_versions4(nn);
256 }
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]257 break;
258 case NFSD_TEST:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]259 if (nn->nfsd4_minorversions)
260 return nn->nfsd4_minorversions[minorversion];
261 return nfsd_vers(nn, 4, NFSD_TEST);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]262 case NFSD_AVAIL:
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]263 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION &&
264 nfsd_vers(nn, 4, NFSD_AVAIL);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]265 }
266 return 0;
267}
268
269/*
270 * Maximum number of nfsd processes
271 */
272#define NFSD_MAXSERVS 8192
273
274int nfsd_nrthreads(struct net *net)
275{
276 int rv = 0;
277 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
278
279 mutex_lock(&nfsd_mutex);
280 if (nn->nfsd_serv)
281 rv = nn->nfsd_serv->sv_nrthreads;
282 mutex_unlock(&nfsd_mutex);
283 return rv;
284}
285
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]286static int nfsd_init_socks(struct net *net, const struct cred *cred)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]287{
288 int error;
289 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
290
291 if (!list_empty(&nn->nfsd_serv->sv_permsocks))
292 return 0;
293
294 error = svc_create_xprt(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT,
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]295 SVC_SOCK_DEFAULTS, cred);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]296 if (error < 0)
297 return error;
298
299 error = svc_create_xprt(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT,
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]300 SVC_SOCK_DEFAULTS, cred);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]301 if (error < 0)
302 return error;
303
304 return 0;
305}
306
307static int nfsd_users = 0;
308
309static int nfsd_startup_generic(int nrservs)
310{
311 int ret;
312
313 if (nfsd_users++)
314 return 0;
315
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]316 ret = nfsd_file_cache_init();
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]317 if (ret)
318 goto dec_users;
319
320 ret = nfs4_state_start();
321 if (ret)
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]322 goto out_file_cache;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]323 return 0;
324
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]325out_file_cache:
326 nfsd_file_cache_shutdown();
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]327dec_users:
328 nfsd_users--;
329 return ret;
330}
331
332static void nfsd_shutdown_generic(void)
333{
334 if (--nfsd_users)
335 return;
336
337 nfs4_state_shutdown();
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]338 nfsd_file_cache_shutdown();
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]339}
340
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]341static bool nfsd_needs_lockd(struct nfsd_net *nn)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]342{
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]343 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]344}
345
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]346void nfsd_copy_boot_verifier(__be32 verf[2], struct nfsd_net *nn)
347{
348 int seq = 0;
349
350 do {
351 read_seqbegin_or_lock(&nn->boot_lock, &seq);
352 /*
353 * This is opaque to client, so no need to byte-swap. Use
354 * __force to keep sparse happy. y2038 time_t overflow is
355 * irrelevant in this usage
356 */
357 verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec;
358 verf[1] = (__force __be32)nn->nfssvc_boot.tv_nsec;
359 } while (need_seqretry(&nn->boot_lock, seq));
360 done_seqretry(&nn->boot_lock, seq);
361}
362
363static void nfsd_reset_boot_verifier_locked(struct nfsd_net *nn)
364{
365 ktime_get_real_ts64(&nn->nfssvc_boot);
366}
367
368void nfsd_reset_boot_verifier(struct nfsd_net *nn)
369{
370 write_seqlock(&nn->boot_lock);
371 nfsd_reset_boot_verifier_locked(nn);
372 write_sequnlock(&nn->boot_lock);
373}
374
375static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cred)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]376{
377 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
378 int ret;
379
380 if (nn->nfsd_net_up)
381 return 0;
382
383 ret = nfsd_startup_generic(nrservs);
384 if (ret)
385 return ret;
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]386 ret = nfsd_init_socks(net, cred);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]387 if (ret)
388 goto out_socks;
389
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]390 if (nfsd_needs_lockd(nn) && !nn->lockd_up) {
391 ret = lockd_up(net, cred);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]392 if (ret)
393 goto out_socks;
394 nn->lockd_up = 1;
395 }
396
397 ret = nfs4_state_start_net(net);
398 if (ret)
399 goto out_lockd;
400
401 nn->nfsd_net_up = true;
402 return 0;
403
404out_lockd:
405 if (nn->lockd_up) {
406 lockd_down(net);
407 nn->lockd_up = 0;
408 }
409out_socks:
410 nfsd_shutdown_generic();
411 return ret;
412}
413
414static void nfsd_shutdown_net(struct net *net)
415{
416 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
417
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]418 nfsd_file_cache_purge(net);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]419 nfs4_state_shutdown_net(net);
420 if (nn->lockd_up) {
421 lockd_down(net);
422 nn->lockd_up = 0;
423 }
424 nn->nfsd_net_up = false;
425 nfsd_shutdown_generic();
426}
427
428static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event,
429 void *ptr)
430{
431 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr;
432 struct net_device *dev = ifa->ifa_dev->dev;
433 struct net *net = dev_net(dev);
434 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
435 struct sockaddr_in sin;
436
437 if ((event != NETDEV_DOWN) ||
438 !atomic_inc_not_zero(&nn->ntf_refcnt))
439 goto out;
440
441 if (nn->nfsd_serv) {
442 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local);
443 sin.sin_family = AF_INET;
444 sin.sin_addr.s_addr = ifa->ifa_local;
445 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin);
446 }
447 atomic_dec(&nn->ntf_refcnt);
448 wake_up(&nn->ntf_wq);
449
450out:
451 return NOTIFY_DONE;
452}
453
454static struct notifier_block nfsd_inetaddr_notifier = {
455 .notifier_call = nfsd_inetaddr_event,
456};
457
458#if IS_ENABLED(CONFIG_IPV6)
459static int nfsd_inet6addr_event(struct notifier_block *this,
460 unsigned long event, void *ptr)
461{
462 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr;
463 struct net_device *dev = ifa->idev->dev;
464 struct net *net = dev_net(dev);
465 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
466 struct sockaddr_in6 sin6;
467
468 if ((event != NETDEV_DOWN) ||
469 !atomic_inc_not_zero(&nn->ntf_refcnt))
470 goto out;
471
472 if (nn->nfsd_serv) {
473 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr);
474 sin6.sin6_family = AF_INET6;
475 sin6.sin6_addr = ifa->addr;
476 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL)
477 sin6.sin6_scope_id = ifa->idev->dev->ifindex;
478 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6);
479 }
480 atomic_dec(&nn->ntf_refcnt);
481 wake_up(&nn->ntf_wq);
482out:
483 return NOTIFY_DONE;
484}
485
486static struct notifier_block nfsd_inet6addr_notifier = {
487 .notifier_call = nfsd_inet6addr_event,
488};
489#endif
490
491/* Only used under nfsd_mutex, so this atomic may be overkill: */
492static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0);
493
494static void nfsd_last_thread(struct svc_serv *serv, struct net *net)
495{
496 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
497
498 atomic_dec(&nn->ntf_refcnt);
499 /* check if the notifier still has clients */
500 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) {
501 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier);
502#if IS_ENABLED(CONFIG_IPV6)
503 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier);
504#endif
505 }
506 wait_event(nn->ntf_wq, atomic_read(&nn->ntf_refcnt) == 0);
507
508 /*
509 * write_ports can create the server without actually starting
510 * any threads--if we get shut down before any threads are
511 * started, then nfsd_last_thread will be run before any of this
512 * other initialization has been done except the rpcb information.
513 */
514 svc_rpcb_cleanup(serv, net);
515 if (!nn->nfsd_net_up)
516 return;
517
518 nfsd_shutdown_net(net);
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]519 pr_info("nfsd: last server has exited, flushing export cache\n");
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]520 nfsd_export_flush(net);
521}
522
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]523void nfsd_reset_versions(struct nfsd_net *nn)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]524{
525 int i;
526
527 for (i = 0; i < NFSD_NRVERS; i++)
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]528 if (nfsd_vers(nn, i, NFSD_TEST))
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]529 return;
530
531 for (i = 0; i < NFSD_NRVERS; i++)
532 if (i != 4)
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]533 nfsd_vers(nn, i, NFSD_SET);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]534 else {
535 int minor = 0;
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]536 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]537 minor++;
538 }
539}
540
541/*
542 * Each session guarantees a negotiated per slot memory cache for replies
543 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated
544 * NFSv4.1 server might want to use more memory for a DRC than a machine
545 * with mutiple services.
546 *
547 * Impose a hard limit on the number of pages for the DRC which varies
548 * according to the machines free pages. This is of course only a default.
549 *
550 * For now this is a #defined shift which could be under admin control
551 * in the future.
552 */
553static void set_max_drc(void)
554{
555 #define NFSD_DRC_SIZE_SHIFT 7
556 nfsd_drc_max_mem = (nr_free_buffer_pages()
557 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE;
558 nfsd_drc_mem_used = 0;
559 spin_lock_init(&nfsd_drc_lock);
560 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem);
561}
562
563static int nfsd_get_default_max_blksize(void)
564{
565 struct sysinfo i;
566 unsigned long long target;
567 unsigned long ret;
568
569 si_meminfo(&i);
570 target = (i.totalram - i.totalhigh) << PAGE_SHIFT;
571 /*
572 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig
573 * machines, but only uses 32K on 128M machines. Bottom out at
574 * 8K on 32M and smaller. Of course, this is only a default.
575 */
576 target >>= 12;
577
578 ret = NFSSVC_MAXBLKSIZE;
579 while (ret > target && ret >= 8*1024*2)
580 ret /= 2;
581 return ret;
582}
583
584static const struct svc_serv_ops nfsd_thread_sv_ops = {
585 .svo_shutdown = nfsd_last_thread,
586 .svo_function = nfsd,
587 .svo_enqueue_xprt = svc_xprt_do_enqueue,
588 .svo_setup = svc_set_num_threads,
589 .svo_module = THIS_MODULE,
590};
591
592int nfsd_create_serv(struct net *net)
593{
594 int error;
595 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
596
597 WARN_ON(!mutex_is_locked(&nfsd_mutex));
598 if (nn->nfsd_serv) {
599 svc_get(nn->nfsd_serv);
600 return 0;
601 }
602 if (nfsd_max_blksize == 0)
603 nfsd_max_blksize = nfsd_get_default_max_blksize();
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]604 nfsd_reset_versions(nn);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]605 nn->nfsd_serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize,
606 &nfsd_thread_sv_ops);
607 if (nn->nfsd_serv == NULL)
608 return -ENOMEM;
609
610 nn->nfsd_serv->sv_maxconn = nn->max_connections;
611 error = svc_bind(nn->nfsd_serv, net);
612 if (error < 0) {
613 svc_destroy(nn->nfsd_serv);
614 return error;
615 }
616
617 set_max_drc();
618 /* check if the notifier is already set */
619 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) {
620 register_inetaddr_notifier(&nfsd_inetaddr_notifier);
621#if IS_ENABLED(CONFIG_IPV6)
622 register_inet6addr_notifier(&nfsd_inet6addr_notifier);
623#endif
624 }
625 atomic_inc(&nn->ntf_refcnt);
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]626 nfsd_reset_boot_verifier(nn);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]627 return 0;
628}
629
630int nfsd_nrpools(struct net *net)
631{
632 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
633
634 if (nn->nfsd_serv == NULL)
635 return 0;
636 else
637 return nn->nfsd_serv->sv_nrpools;
638}
639
640int nfsd_get_nrthreads(int n, int *nthreads, struct net *net)
641{
642 int i = 0;
643 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
644
645 if (nn->nfsd_serv != NULL) {
646 for (i = 0; i < nn->nfsd_serv->sv_nrpools && i < n; i++)
647 nthreads[i] = nn->nfsd_serv->sv_pools[i].sp_nrthreads;
648 }
649
650 return 0;
651}
652
653void nfsd_destroy(struct net *net)
654{
655 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
656 int destroy = (nn->nfsd_serv->sv_nrthreads == 1);
657
658 if (destroy)
659 svc_shutdown_net(nn->nfsd_serv, net);
660 svc_destroy(nn->nfsd_serv);
661 if (destroy)
662 nn->nfsd_serv = NULL;
663}
664
665int nfsd_set_nrthreads(int n, int *nthreads, struct net *net)
666{
667 int i = 0;
668 int tot = 0;
669 int err = 0;
670 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
671
672 WARN_ON(!mutex_is_locked(&nfsd_mutex));
673
674 if (nn->nfsd_serv == NULL || n <= 0)
675 return 0;
676
677 if (n > nn->nfsd_serv->sv_nrpools)
678 n = nn->nfsd_serv->sv_nrpools;
679
680 /* enforce a global maximum number of threads */
681 tot = 0;
682 for (i = 0; i < n; i++) {
683 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS);
684 tot += nthreads[i];
685 }
686 if (tot > NFSD_MAXSERVS) {
687 /* total too large: scale down requested numbers */
688 for (i = 0; i < n && tot > 0; i++) {
689 int new = nthreads[i] * NFSD_MAXSERVS / tot;
690 tot -= (nthreads[i] - new);
691 nthreads[i] = new;
692 }
693 for (i = 0; i < n && tot > 0; i++) {
694 nthreads[i]--;
695 tot--;
696 }
697 }
698
699 /*
700 * There must always be a thread in pool 0; the admin
701 * can't shut down NFS completely using pool_threads.
702 */
703 if (nthreads[0] == 0)
704 nthreads[0] = 1;
705
706 /* apply the new numbers */
707 svc_get(nn->nfsd_serv);
708 for (i = 0; i < n; i++) {
709 err = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv,
710 &nn->nfsd_serv->sv_pools[i], nthreads[i]);
711 if (err)
712 break;
713 }
714 nfsd_destroy(net);
715 return err;
716}
717
718/*
719 * Adjust the number of threads and return the new number of threads.
720 * This is also the function that starts the server if necessary, if
721 * this is the first time nrservs is nonzero.
722 */
723int
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]724nfsd_svc(int nrservs, struct net *net, const struct cred *cred)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]725{
726 int error;
727 bool nfsd_up_before;
728 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
729
730 mutex_lock(&nfsd_mutex);
731 dprintk("nfsd: creating service\n");
732
733 nrservs = max(nrservs, 0);
734 nrservs = min(nrservs, NFSD_MAXSERVS);
735 error = 0;
736
737 if (nrservs == 0 && nn->nfsd_serv == NULL)
738 goto out;
739
740 error = nfsd_create_serv(net);
741 if (error)
742 goto out;
743
744 nfsd_up_before = nn->nfsd_net_up;
745
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]746 error = nfsd_startup_net(nrservs, net, cred);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]747 if (error)
748 goto out_destroy;
749 error = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv,
750 NULL, nrservs);
751 if (error)
752 goto out_shutdown;
753 /* We are holding a reference to nn->nfsd_serv which
754 * we don't want to count in the return value,
755 * so subtract 1
756 */
757 error = nn->nfsd_serv->sv_nrthreads - 1;
758out_shutdown:
759 if (error < 0 && !nfsd_up_before)
760 nfsd_shutdown_net(net);
761out_destroy:
762 nfsd_destroy(net); /* Release server */
763out:
764 mutex_unlock(&nfsd_mutex);
765 return error;
766}
767
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]768#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL)
769static bool
770nfsd_support_acl_version(int vers)
771{
772 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS)
773 return nfsd_acl_version[vers] != NULL;
774 return false;
775}
776
777static int
778nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp,
779 u32 version, int family, unsigned short proto,
780 unsigned short port)
781{
782 if (!nfsd_support_acl_version(version) ||
783 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
784 return 0;
785 return svc_generic_rpcbind_set(net, progp, version, family,
786 proto, port);
787}
788
789static __be32
790nfsd_acl_init_request(struct svc_rqst *rqstp,
791 const struct svc_program *progp,
792 struct svc_process_info *ret)
793{
794 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
795 int i;
796
797 if (likely(nfsd_support_acl_version(rqstp->rq_vers) &&
798 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
799 return svc_generic_init_request(rqstp, progp, ret);
800
801 ret->mismatch.lovers = NFSD_ACL_NRVERS;
802 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) {
803 if (nfsd_support_acl_version(rqstp->rq_vers) &&
804 nfsd_vers(nn, i, NFSD_TEST)) {
805 ret->mismatch.lovers = i;
806 break;
807 }
808 }
809 if (ret->mismatch.lovers == NFSD_ACL_NRVERS)
810 return rpc_prog_unavail;
811 ret->mismatch.hivers = NFSD_ACL_MINVERS;
812 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) {
813 if (nfsd_support_acl_version(rqstp->rq_vers) &&
814 nfsd_vers(nn, i, NFSD_TEST)) {
815 ret->mismatch.hivers = i;
816 break;
817 }
818 }
819 return rpc_prog_mismatch;
820}
821#endif
822
823static int
824nfsd_rpcbind_set(struct net *net, const struct svc_program *progp,
825 u32 version, int family, unsigned short proto,
826 unsigned short port)
827{
828 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST))
829 return 0;
830 return svc_generic_rpcbind_set(net, progp, version, family,
831 proto, port);
832}
833
834static __be32
835nfsd_init_request(struct svc_rqst *rqstp,
836 const struct svc_program *progp,
837 struct svc_process_info *ret)
838{
839 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
840 int i;
841
842 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST)))
843 return svc_generic_init_request(rqstp, progp, ret);
844
845 ret->mismatch.lovers = NFSD_NRVERS;
846 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) {
847 if (nfsd_vers(nn, i, NFSD_TEST)) {
848 ret->mismatch.lovers = i;
849 break;
850 }
851 }
852 if (ret->mismatch.lovers == NFSD_NRVERS)
853 return rpc_prog_unavail;
854 ret->mismatch.hivers = NFSD_MINVERS;
855 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) {
856 if (nfsd_vers(nn, i, NFSD_TEST)) {
857 ret->mismatch.hivers = i;
858 break;
859 }
860 }
861 return rpc_prog_mismatch;
862}
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]863
864/*
865 * This is the NFS server kernel thread
866 */
867static int
868nfsd(void *vrqstp)
869{
870 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp;
871 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list);
872 struct net *net = perm_sock->xpt_net;
873 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
874 int err;
875
876 /* Lock module and set up kernel thread */
877 mutex_lock(&nfsd_mutex);
878
879 /* At this point, the thread shares current->fs
880 * with the init process. We need to create files with the
881 * umask as defined by the client instead of init's umask. */
882 if (unshare_fs_struct() < 0) {
883 printk("Unable to start nfsd thread: out of memory\n");
884 goto out;
885 }
886
887 current->fs->umask = 0;
888
889 /*
890 * thread is spawned with all signals set to SIG_IGN, re-enable
891 * the ones that will bring down the thread
892 */
893 allow_signal(SIGKILL);
894 allow_signal(SIGHUP);
895 allow_signal(SIGINT);
896 allow_signal(SIGQUIT);
897
898 nfsdstats.th_cnt++;
899 mutex_unlock(&nfsd_mutex);
900
901 set_freezable();
902
903 /*
904 * The main request loop
905 */
906 for (;;) {
907 /* Update sv_maxconn if it has changed */
908 rqstp->rq_server->sv_maxconn = nn->max_connections;
909
910 /*
911 * Find a socket with data available and call its
912 * recvfrom routine.
913 */
914 while ((err = svc_recv(rqstp, 60*60*HZ)) == -EAGAIN)
915 ;
916 if (err == -EINTR)
917 break;
918 validate_process_creds();
919 svc_process(rqstp);
920 validate_process_creds();
921 }
922
923 /* Clear signals before calling svc_exit_thread() */
924 flush_signals(current);
925
926 mutex_lock(&nfsd_mutex);
927 nfsdstats.th_cnt --;
928
929out:
930 rqstp->rq_server = NULL;
931
932 /* Release the thread */
933 svc_exit_thread(rqstp);
934
935 nfsd_destroy(net);
936
937 /* Release module */
938 mutex_unlock(&nfsd_mutex);
939 module_put_and_exit(0);
940 return 0;
941}
942
943static __be32 map_new_errors(u32 vers, __be32 nfserr)
944{
945 if (nfserr == nfserr_jukebox && vers == 2)
946 return nfserr_dropit;
947 if (nfserr == nfserr_wrongsec && vers < 4)
948 return nfserr_acces;
949 return nfserr;
950}
951
952/*
953 * A write procedure can have a large argument, and a read procedure can
954 * have a large reply, but no NFSv2 or NFSv3 procedure has argument and
955 * reply that can both be larger than a page. The xdr code has taken
956 * advantage of this assumption to be a sloppy about bounds checking in
957 * some cases. Pending a rewrite of the NFSv2/v3 xdr code to fix that
958 * problem, we enforce these assumptions here:
959 */
960static bool nfs_request_too_big(struct svc_rqst *rqstp,
961 const struct svc_procedure *proc)
962{
963 /*
964 * The ACL code has more careful bounds-checking and is not
965 * susceptible to this problem:
966 */
967 if (rqstp->rq_prog != NFS_PROGRAM)
968 return false;
969 /*
970 * Ditto NFSv4 (which can in theory have argument and reply both
971 * more than a page):
972 */
973 if (rqstp->rq_vers >= 4)
974 return false;
975 /* The reply will be small, we're OK: */
976 if (proc->pc_xdrressize > 0 &&
977 proc->pc_xdrressize < XDR_QUADLEN(PAGE_SIZE))
978 return false;
979
980 return rqstp->rq_arg.len > PAGE_SIZE;
981}
982
983int
984nfsd_dispatch(struct svc_rqst *rqstp, __be32 *statp)
985{
986 const struct svc_procedure *proc;
987 __be32 nfserr;
988 __be32 *nfserrp;
989
990 dprintk("nfsd_dispatch: vers %d proc %d\n",
991 rqstp->rq_vers, rqstp->rq_proc);
992 proc = rqstp->rq_procinfo;
993
994 if (nfs_request_too_big(rqstp, proc)) {
995 dprintk("nfsd: NFSv%d argument too large\n", rqstp->rq_vers);
996 *statp = rpc_garbage_args;
997 return 1;
998 }
999 /*
1000 * Give the xdr decoder a chance to change this if it wants
1001 * (necessary in the NFSv4.0 compound case)
1002 */
1003 rqstp->rq_cachetype = proc->pc_cachetype;
1004 /* Decode arguments */
1005 if (proc->pc_decode &&
1006 !proc->pc_decode(rqstp, (__be32*)rqstp->rq_arg.head[0].iov_base)) {
1007 dprintk("nfsd: failed to decode arguments!\n");
1008 *statp = rpc_garbage_args;
1009 return 1;
1010 }
1011
1012 /* Check whether we have this call in the cache. */
1013 switch (nfsd_cache_lookup(rqstp)) {
1014 case RC_DROPIT:
1015 return 0;
1016 case RC_REPLY:
1017 return 1;
1018 case RC_DOIT:;
1019 /* do it */
1020 }
1021
1022 /* need to grab the location to store the status, as
1023 * nfsv4 does some encoding while processing
1024 */
1025 nfserrp = rqstp->rq_res.head[0].iov_base
1026 + rqstp->rq_res.head[0].iov_len;
1027 rqstp->rq_res.head[0].iov_len += sizeof(__be32);
1028
1029 /* Now call the procedure handler, and encode NFS status. */
1030 nfserr = proc->pc_func(rqstp);
1031 nfserr = map_new_errors(rqstp->rq_vers, nfserr);
1032 if (nfserr == nfserr_dropit || test_bit(RQ_DROPME, &rqstp->rq_flags)) {
1033 dprintk("nfsd: Dropping request; may be revisited later\n");
1034 nfsd_cache_update(rqstp, RC_NOCACHE, NULL);
1035 return 0;
1036 }
1037
1038 if (rqstp->rq_proc != 0)
1039 *nfserrp++ = nfserr;
1040
1041 /* Encode result.
1042 * For NFSv2, additional info is never returned in case of an error.
1043 */
1044 if (!(nfserr && rqstp->rq_vers == 2)) {
1045 if (proc->pc_encode && !proc->pc_encode(rqstp, nfserrp)) {
1046 /* Failed to encode result. Release cache entry */
1047 dprintk("nfsd: failed to encode result!\n");
1048 nfsd_cache_update(rqstp, RC_NOCACHE, NULL);
1049 *statp = rpc_system_err;
1050 return 1;
1051 }
1052 }
1053
1054 /* Store reply in cache. */
1055 nfsd_cache_update(rqstp, rqstp->rq_cachetype, statp + 1);
1056 return 1;
1057}
1058
1059int nfsd_pool_stats_open(struct inode *inode, struct file *file)
1060{
1061 int ret;
1062 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id);
1063
1064 mutex_lock(&nfsd_mutex);
1065 if (nn->nfsd_serv == NULL) {
1066 mutex_unlock(&nfsd_mutex);
1067 return -ENODEV;
1068 }
1069 /* bump up the psudo refcount while traversing */
1070 svc_get(nn->nfsd_serv);
1071 ret = svc_pool_stats_open(nn->nfsd_serv, file);
1072 mutex_unlock(&nfsd_mutex);
1073 return ret;
1074}
1075
1076int nfsd_pool_stats_release(struct inode *inode, struct file *file)
1077{
1078 int ret = seq_release(inode, file);
1079 struct net *net = inode->i_sb->s_fs_info;
1080
1081 mutex_lock(&nfsd_mutex);
1082 /* this function really, really should have been called svc_put() */
1083 nfsd_destroy(net);
1084 mutex_unlock(&nfsd_mutex);
1085 return ret;
1086}