1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* |
3 | * Central processing for nfsd. |
4 | * |
5 | * Authors: Olaf Kirch (okir@monad.swb.de) |
6 | * |
7 | * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de> |
8 | */ |
9 | |
10 | #include <linux/sched/signal.h> |
11 | #include <linux/freezer.h> |
12 | #include <linux/module.h> |
13 | #include <linux/fs_struct.h> |
14 | #include <linux/swap.h> |
15 | #include <linux/siphash.h> |
16 | |
17 | #include <linux/sunrpc/stats.h> |
18 | #include <linux/sunrpc/svcsock.h> |
19 | #include <linux/sunrpc/svc_xprt.h> |
20 | #include <linux/lockd/bind.h> |
21 | #include <linux/nfsacl.h> |
22 | #include <linux/seq_file.h> |
23 | #include <linux/inetdevice.h> |
24 | #include <net/addrconf.h> |
25 | #include <net/ipv6.h> |
26 | #include <net/net_namespace.h> |
27 | #include "nfsd.h" |
28 | #include "cache.h" |
29 | #include "vfs.h" |
30 | #include "netns.h" |
31 | #include "filecache.h" |
32 | |
33 | #include "trace.h" |
34 | |
35 | #define NFSDDBG_FACILITY NFSDDBG_SVC |
36 | |
37 | extern struct svc_program nfsd_program; |
38 | static int nfsd(void *vrqstp); |
39 | #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) |
40 | static int nfsd_acl_rpcbind_set(struct net *, |
41 | const struct svc_program *, |
42 | u32, int, |
43 | unsigned short, |
44 | unsigned short); |
45 | static __be32 nfsd_acl_init_request(struct svc_rqst *, |
46 | const struct svc_program *, |
47 | struct svc_process_info *); |
48 | #endif |
49 | static int nfsd_rpcbind_set(struct net *, |
50 | const struct svc_program *, |
51 | u32, int, |
52 | unsigned short, |
53 | unsigned short); |
54 | static __be32 nfsd_init_request(struct svc_rqst *, |
55 | const struct svc_program *, |
56 | struct svc_process_info *); |
57 | |
58 | /* |
59 | * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and some members |
60 | * of the svc_serv struct such as ->sv_temp_socks and ->sv_permsocks. |
61 | * |
62 | * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a |
63 | * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0 (unless |
64 | * nn->keep_active is set). That number of nfsd threads must |
65 | * exist and each must be listed in ->sp_all_threads in some entry of |
66 | * ->sv_pools[]. |
67 | * |
68 | * Each active thread holds a counted reference on nn->nfsd_serv, as does |
69 | * the nn->keep_active flag and various transient calls to svc_get(). |
70 | * |
71 | * Finally, the nfsd_mutex also protects some of the global variables that are |
72 | * accessed when nfsd starts and that are settable via the write_* routines in |
73 | * nfsctl.c. In particular: |
74 | * |
75 | * user_recovery_dirname |
76 | * user_lease_time |
77 | * nfsd_versions |
78 | */ |
79 | DEFINE_MUTEX(nfsd_mutex); |
80 | |
81 | /* |
82 | * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used. |
83 | * nfsd_drc_max_pages limits the total amount of memory available for |
84 | * version 4.1 DRC caches. |
85 | * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage. |
86 | */ |
87 | DEFINE_SPINLOCK(nfsd_drc_lock); |
88 | unsigned long nfsd_drc_max_mem; |
89 | unsigned long nfsd_drc_mem_used; |
90 | |
91 | #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) |
92 | static struct svc_stat nfsd_acl_svcstats; |
93 | static const struct svc_version *nfsd_acl_version[] = { |
94 | # if defined(CONFIG_NFSD_V2_ACL) |
95 | [2] = &nfsd_acl_version2, |
96 | # endif |
97 | # if defined(CONFIG_NFSD_V3_ACL) |
98 | [3] = &nfsd_acl_version3, |
99 | # endif |
100 | }; |
101 | |
102 | #define NFSD_ACL_MINVERS 2 |
103 | #define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version) |
104 | |
105 | static struct svc_program nfsd_acl_program = { |
106 | .pg_prog = NFS_ACL_PROGRAM, |
107 | .pg_nvers = NFSD_ACL_NRVERS, |
108 | .pg_vers = nfsd_acl_version, |
109 | .pg_name = "nfsacl" , |
110 | .pg_class = "nfsd" , |
111 | .pg_stats = &nfsd_acl_svcstats, |
112 | .pg_authenticate = &svc_set_client, |
113 | .pg_init_request = nfsd_acl_init_request, |
114 | .pg_rpcbind_set = nfsd_acl_rpcbind_set, |
115 | }; |
116 | |
117 | static struct svc_stat nfsd_acl_svcstats = { |
118 | .program = &nfsd_acl_program, |
119 | }; |
120 | #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ |
121 | |
122 | static const struct svc_version *nfsd_version[] = { |
123 | #if defined(CONFIG_NFSD_V2) |
124 | [2] = &nfsd_version2, |
125 | #endif |
126 | [3] = &nfsd_version3, |
127 | #if defined(CONFIG_NFSD_V4) |
128 | [4] = &nfsd_version4, |
129 | #endif |
130 | }; |
131 | |
132 | #define NFSD_MINVERS 2 |
133 | #define NFSD_NRVERS ARRAY_SIZE(nfsd_version) |
134 | |
135 | struct svc_program nfsd_program = { |
136 | #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) |
137 | .pg_next = &nfsd_acl_program, |
138 | #endif |
139 | .pg_prog = NFS_PROGRAM, /* program number */ |
140 | .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */ |
141 | .pg_vers = nfsd_version, /* version table */ |
142 | .pg_name = "nfsd" , /* program name */ |
143 | .pg_class = "nfsd" , /* authentication class */ |
144 | .pg_stats = &nfsd_svcstats, /* version table */ |
145 | .pg_authenticate = &svc_set_client, /* export authentication */ |
146 | .pg_init_request = nfsd_init_request, |
147 | .pg_rpcbind_set = nfsd_rpcbind_set, |
148 | }; |
149 | |
150 | static bool |
151 | nfsd_support_version(int vers) |
152 | { |
153 | if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS) |
154 | return nfsd_version[vers] != NULL; |
155 | return false; |
156 | } |
157 | |
158 | static bool * |
159 | nfsd_alloc_versions(void) |
160 | { |
161 | bool *vers = kmalloc_array(NFSD_NRVERS, size: sizeof(bool), GFP_KERNEL); |
162 | unsigned i; |
163 | |
164 | if (vers) { |
165 | /* All compiled versions are enabled by default */ |
166 | for (i = 0; i < NFSD_NRVERS; i++) |
167 | vers[i] = nfsd_support_version(vers: i); |
168 | } |
169 | return vers; |
170 | } |
171 | |
172 | static bool * |
173 | nfsd_alloc_minorversions(void) |
174 | { |
175 | bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1, |
176 | size: sizeof(bool), GFP_KERNEL); |
177 | unsigned i; |
178 | |
179 | if (vers) { |
180 | /* All minor versions are enabled by default */ |
181 | for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) |
182 | vers[i] = nfsd_support_version(vers: 4); |
183 | } |
184 | return vers; |
185 | } |
186 | |
187 | void |
188 | nfsd_netns_free_versions(struct nfsd_net *nn) |
189 | { |
190 | kfree(objp: nn->nfsd_versions); |
191 | kfree(objp: nn->nfsd4_minorversions); |
192 | nn->nfsd_versions = NULL; |
193 | nn->nfsd4_minorversions = NULL; |
194 | } |
195 | |
196 | static void |
197 | nfsd_netns_init_versions(struct nfsd_net *nn) |
198 | { |
199 | if (!nn->nfsd_versions) { |
200 | nn->nfsd_versions = nfsd_alloc_versions(); |
201 | nn->nfsd4_minorversions = nfsd_alloc_minorversions(); |
202 | if (!nn->nfsd_versions || !nn->nfsd4_minorversions) |
203 | nfsd_netns_free_versions(nn); |
204 | } |
205 | } |
206 | |
207 | int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change) |
208 | { |
209 | if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS) |
210 | return 0; |
211 | switch(change) { |
212 | case NFSD_SET: |
213 | if (nn->nfsd_versions) |
214 | nn->nfsd_versions[vers] = nfsd_support_version(vers); |
215 | break; |
216 | case NFSD_CLEAR: |
217 | nfsd_netns_init_versions(nn); |
218 | if (nn->nfsd_versions) |
219 | nn->nfsd_versions[vers] = false; |
220 | break; |
221 | case NFSD_TEST: |
222 | if (nn->nfsd_versions) |
223 | return nn->nfsd_versions[vers]; |
224 | fallthrough; |
225 | case NFSD_AVAIL: |
226 | return nfsd_support_version(vers); |
227 | } |
228 | return 0; |
229 | } |
230 | |
231 | static void |
232 | nfsd_adjust_nfsd_versions4(struct nfsd_net *nn) |
233 | { |
234 | unsigned i; |
235 | |
236 | for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) { |
237 | if (nn->nfsd4_minorversions[i]) |
238 | return; |
239 | } |
240 | nfsd_vers(nn, vers: 4, change: NFSD_CLEAR); |
241 | } |
242 | |
243 | int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change) |
244 | { |
245 | if (minorversion > NFSD_SUPPORTED_MINOR_VERSION && |
246 | change != NFSD_AVAIL) |
247 | return -1; |
248 | |
249 | switch(change) { |
250 | case NFSD_SET: |
251 | if (nn->nfsd4_minorversions) { |
252 | nfsd_vers(nn, vers: 4, change: NFSD_SET); |
253 | nn->nfsd4_minorversions[minorversion] = |
254 | nfsd_vers(nn, vers: 4, change: NFSD_TEST); |
255 | } |
256 | break; |
257 | case NFSD_CLEAR: |
258 | nfsd_netns_init_versions(nn); |
259 | if (nn->nfsd4_minorversions) { |
260 | nn->nfsd4_minorversions[minorversion] = false; |
261 | nfsd_adjust_nfsd_versions4(nn); |
262 | } |
263 | break; |
264 | case NFSD_TEST: |
265 | if (nn->nfsd4_minorversions) |
266 | return nn->nfsd4_minorversions[minorversion]; |
267 | return nfsd_vers(nn, vers: 4, change: NFSD_TEST); |
268 | case NFSD_AVAIL: |
269 | return minorversion <= NFSD_SUPPORTED_MINOR_VERSION && |
270 | nfsd_vers(nn, vers: 4, change: NFSD_AVAIL); |
271 | } |
272 | return 0; |
273 | } |
274 | |
275 | /* |
276 | * Maximum number of nfsd processes |
277 | */ |
278 | #define NFSD_MAXSERVS 8192 |
279 | |
280 | int nfsd_nrthreads(struct net *net) |
281 | { |
282 | int rv = 0; |
283 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
284 | |
285 | mutex_lock(&nfsd_mutex); |
286 | if (nn->nfsd_serv) |
287 | rv = nn->nfsd_serv->sv_nrthreads; |
288 | mutex_unlock(lock: &nfsd_mutex); |
289 | return rv; |
290 | } |
291 | |
292 | static int nfsd_init_socks(struct net *net, const struct cred *cred) |
293 | { |
294 | int error; |
295 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
296 | |
297 | if (!list_empty(head: &nn->nfsd_serv->sv_permsocks)) |
298 | return 0; |
299 | |
300 | error = svc_xprt_create(serv: nn->nfsd_serv, xprt_name: "udp" , net, PF_INET, NFS_PORT, |
301 | SVC_SOCK_DEFAULTS, cred); |
302 | if (error < 0) |
303 | return error; |
304 | |
305 | error = svc_xprt_create(serv: nn->nfsd_serv, xprt_name: "tcp" , net, PF_INET, NFS_PORT, |
306 | SVC_SOCK_DEFAULTS, cred); |
307 | if (error < 0) |
308 | return error; |
309 | |
310 | return 0; |
311 | } |
312 | |
313 | static int nfsd_users = 0; |
314 | |
315 | static int nfsd_startup_generic(void) |
316 | { |
317 | int ret; |
318 | |
319 | if (nfsd_users++) |
320 | return 0; |
321 | |
322 | ret = nfsd_file_cache_init(); |
323 | if (ret) |
324 | goto dec_users; |
325 | |
326 | ret = nfs4_state_start(); |
327 | if (ret) |
328 | goto out_file_cache; |
329 | return 0; |
330 | |
331 | out_file_cache: |
332 | nfsd_file_cache_shutdown(); |
333 | dec_users: |
334 | nfsd_users--; |
335 | return ret; |
336 | } |
337 | |
338 | static void nfsd_shutdown_generic(void) |
339 | { |
340 | if (--nfsd_users) |
341 | return; |
342 | |
343 | nfs4_state_shutdown(); |
344 | nfsd_file_cache_shutdown(); |
345 | } |
346 | |
347 | static bool nfsd_needs_lockd(struct nfsd_net *nn) |
348 | { |
349 | return nfsd_vers(nn, vers: 2, change: NFSD_TEST) || nfsd_vers(nn, vers: 3, change: NFSD_TEST); |
350 | } |
351 | |
352 | /** |
353 | * nfsd_copy_write_verifier - Atomically copy a write verifier |
354 | * @verf: buffer in which to receive the verifier cookie |
355 | * @nn: NFS net namespace |
356 | * |
357 | * This function provides a wait-free mechanism for copying the |
358 | * namespace's write verifier without tearing it. |
359 | */ |
360 | void nfsd_copy_write_verifier(__be32 verf[2], struct nfsd_net *nn) |
361 | { |
362 | int seq = 0; |
363 | |
364 | do { |
365 | read_seqbegin_or_lock(lock: &nn->writeverf_lock, seq: &seq); |
366 | memcpy(verf, nn->writeverf, sizeof(nn->writeverf)); |
367 | } while (need_seqretry(lock: &nn->writeverf_lock, seq)); |
368 | done_seqretry(lock: &nn->writeverf_lock, seq); |
369 | } |
370 | |
371 | static void nfsd_reset_write_verifier_locked(struct nfsd_net *nn) |
372 | { |
373 | struct timespec64 now; |
374 | u64 verf; |
375 | |
376 | /* |
377 | * Because the time value is hashed, y2038 time_t overflow |
378 | * is irrelevant in this usage. |
379 | */ |
380 | ktime_get_raw_ts64(ts: &now); |
381 | verf = siphash_2u64(a: now.tv_sec, b: now.tv_nsec, key: &nn->siphash_key); |
382 | memcpy(nn->writeverf, &verf, sizeof(nn->writeverf)); |
383 | } |
384 | |
385 | /** |
386 | * nfsd_reset_write_verifier - Generate a new write verifier |
387 | * @nn: NFS net namespace |
388 | * |
389 | * This function updates the ->writeverf field of @nn. This field |
390 | * contains an opaque cookie that, according to Section 18.32.3 of |
391 | * RFC 8881, "the client can use to determine whether a server has |
392 | * changed instance state (e.g., server restart) between a call to |
393 | * WRITE and a subsequent call to either WRITE or COMMIT. This |
394 | * cookie MUST be unchanged during a single instance of the NFSv4.1 |
395 | * server and MUST be unique between instances of the NFSv4.1 |
396 | * server." |
397 | */ |
398 | void nfsd_reset_write_verifier(struct nfsd_net *nn) |
399 | { |
400 | write_seqlock(sl: &nn->writeverf_lock); |
401 | nfsd_reset_write_verifier_locked(nn); |
402 | write_sequnlock(sl: &nn->writeverf_lock); |
403 | } |
404 | |
405 | /* |
406 | * Crank up a set of per-namespace resources for a new NFSD instance, |
407 | * including lockd, a duplicate reply cache, an open file cache |
408 | * instance, and a cache of NFSv4 state objects. |
409 | */ |
410 | static int nfsd_startup_net(struct net *net, const struct cred *cred) |
411 | { |
412 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
413 | int ret; |
414 | |
415 | if (nn->nfsd_net_up) |
416 | return 0; |
417 | |
418 | ret = nfsd_startup_generic(); |
419 | if (ret) |
420 | return ret; |
421 | ret = nfsd_init_socks(net, cred); |
422 | if (ret) |
423 | goto out_socks; |
424 | |
425 | if (nfsd_needs_lockd(nn) && !nn->lockd_up) { |
426 | ret = lockd_up(net, cred); |
427 | if (ret) |
428 | goto out_socks; |
429 | nn->lockd_up = true; |
430 | } |
431 | |
432 | ret = nfsd_file_cache_start_net(net); |
433 | if (ret) |
434 | goto out_lockd; |
435 | |
436 | ret = nfsd_reply_cache_init(nn); |
437 | if (ret) |
438 | goto out_filecache; |
439 | |
440 | ret = nfs4_state_start_net(net); |
441 | if (ret) |
442 | goto out_reply_cache; |
443 | |
444 | #ifdef CONFIG_NFSD_V4_2_INTER_SSC |
445 | nfsd4_ssc_init_umount_work(nn); |
446 | #endif |
447 | nn->nfsd_net_up = true; |
448 | return 0; |
449 | |
450 | out_reply_cache: |
451 | nfsd_reply_cache_shutdown(nn); |
452 | out_filecache: |
453 | nfsd_file_cache_shutdown_net(net); |
454 | out_lockd: |
455 | if (nn->lockd_up) { |
456 | lockd_down(net); |
457 | nn->lockd_up = false; |
458 | } |
459 | out_socks: |
460 | nfsd_shutdown_generic(); |
461 | return ret; |
462 | } |
463 | |
464 | static void nfsd_shutdown_net(struct net *net) |
465 | { |
466 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
467 | |
468 | nfs4_state_shutdown_net(net); |
469 | nfsd_reply_cache_shutdown(nn); |
470 | nfsd_file_cache_shutdown_net(net); |
471 | if (nn->lockd_up) { |
472 | lockd_down(net); |
473 | nn->lockd_up = false; |
474 | } |
475 | nn->nfsd_net_up = false; |
476 | nfsd_shutdown_generic(); |
477 | } |
478 | |
479 | static DEFINE_SPINLOCK(nfsd_notifier_lock); |
480 | static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event, |
481 | void *ptr) |
482 | { |
483 | struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; |
484 | struct net_device *dev = ifa->ifa_dev->dev; |
485 | struct net *net = dev_net(dev); |
486 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
487 | struct sockaddr_in sin; |
488 | |
489 | if (event != NETDEV_DOWN || !nn->nfsd_serv) |
490 | goto out; |
491 | |
492 | spin_lock(lock: &nfsd_notifier_lock); |
493 | if (nn->nfsd_serv) { |
494 | dprintk("nfsd_inetaddr_event: removed %pI4\n" , &ifa->ifa_local); |
495 | sin.sin_family = AF_INET; |
496 | sin.sin_addr.s_addr = ifa->ifa_local; |
497 | svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin); |
498 | } |
499 | spin_unlock(lock: &nfsd_notifier_lock); |
500 | |
501 | out: |
502 | return NOTIFY_DONE; |
503 | } |
504 | |
505 | static struct notifier_block nfsd_inetaddr_notifier = { |
506 | .notifier_call = nfsd_inetaddr_event, |
507 | }; |
508 | |
509 | #if IS_ENABLED(CONFIG_IPV6) |
510 | static int nfsd_inet6addr_event(struct notifier_block *this, |
511 | unsigned long event, void *ptr) |
512 | { |
513 | struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; |
514 | struct net_device *dev = ifa->idev->dev; |
515 | struct net *net = dev_net(dev); |
516 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
517 | struct sockaddr_in6 sin6; |
518 | |
519 | if (event != NETDEV_DOWN || !nn->nfsd_serv) |
520 | goto out; |
521 | |
522 | spin_lock(lock: &nfsd_notifier_lock); |
523 | if (nn->nfsd_serv) { |
524 | dprintk("nfsd_inet6addr_event: removed %pI6\n" , &ifa->addr); |
525 | sin6.sin6_family = AF_INET6; |
526 | sin6.sin6_addr = ifa->addr; |
527 | if (ipv6_addr_type(addr: &sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL) |
528 | sin6.sin6_scope_id = ifa->idev->dev->ifindex; |
529 | svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6); |
530 | } |
531 | spin_unlock(lock: &nfsd_notifier_lock); |
532 | |
533 | out: |
534 | return NOTIFY_DONE; |
535 | } |
536 | |
537 | static struct notifier_block nfsd_inet6addr_notifier = { |
538 | .notifier_call = nfsd_inet6addr_event, |
539 | }; |
540 | #endif |
541 | |
542 | /* Only used under nfsd_mutex, so this atomic may be overkill: */ |
543 | static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0); |
544 | |
545 | static void nfsd_last_thread(struct net *net) |
546 | { |
547 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
548 | struct svc_serv *serv = nn->nfsd_serv; |
549 | |
550 | spin_lock(lock: &nfsd_notifier_lock); |
551 | nn->nfsd_serv = NULL; |
552 | spin_unlock(lock: &nfsd_notifier_lock); |
553 | |
554 | /* check if the notifier still has clients */ |
555 | if (atomic_dec_return(v: &nfsd_notifier_refcount) == 0) { |
556 | unregister_inetaddr_notifier(nb: &nfsd_inetaddr_notifier); |
557 | #if IS_ENABLED(CONFIG_IPV6) |
558 | unregister_inet6addr_notifier(nb: &nfsd_inet6addr_notifier); |
559 | #endif |
560 | } |
561 | |
562 | svc_xprt_destroy_all(serv, net); |
563 | |
564 | /* |
565 | * write_ports can create the server without actually starting |
566 | * any threads--if we get shut down before any threads are |
567 | * started, then nfsd_last_thread will be run before any of this |
568 | * other initialization has been done except the rpcb information. |
569 | */ |
570 | svc_rpcb_cleanup(serv, net); |
571 | if (!nn->nfsd_net_up) |
572 | return; |
573 | |
574 | nfsd_shutdown_net(net); |
575 | nfsd_export_flush(net); |
576 | } |
577 | |
578 | void nfsd_reset_versions(struct nfsd_net *nn) |
579 | { |
580 | int i; |
581 | |
582 | for (i = 0; i < NFSD_NRVERS; i++) |
583 | if (nfsd_vers(nn, vers: i, change: NFSD_TEST)) |
584 | return; |
585 | |
586 | for (i = 0; i < NFSD_NRVERS; i++) |
587 | if (i != 4) |
588 | nfsd_vers(nn, vers: i, change: NFSD_SET); |
589 | else { |
590 | int minor = 0; |
591 | while (nfsd_minorversion(nn, minorversion: minor, change: NFSD_SET) >= 0) |
592 | minor++; |
593 | } |
594 | } |
595 | |
596 | /* |
597 | * Each session guarantees a negotiated per slot memory cache for replies |
598 | * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated |
599 | * NFSv4.1 server might want to use more memory for a DRC than a machine |
600 | * with mutiple services. |
601 | * |
602 | * Impose a hard limit on the number of pages for the DRC which varies |
603 | * according to the machines free pages. This is of course only a default. |
604 | * |
605 | * For now this is a #defined shift which could be under admin control |
606 | * in the future. |
607 | */ |
608 | static void set_max_drc(void) |
609 | { |
610 | #define NFSD_DRC_SIZE_SHIFT 7 |
611 | nfsd_drc_max_mem = (nr_free_buffer_pages() |
612 | >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE; |
613 | nfsd_drc_mem_used = 0; |
614 | dprintk("%s nfsd_drc_max_mem %lu \n" , __func__, nfsd_drc_max_mem); |
615 | } |
616 | |
617 | static int nfsd_get_default_max_blksize(void) |
618 | { |
619 | struct sysinfo i; |
620 | unsigned long long target; |
621 | unsigned long ret; |
622 | |
623 | si_meminfo(val: &i); |
624 | target = (i.totalram - i.totalhigh) << PAGE_SHIFT; |
625 | /* |
626 | * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig |
627 | * machines, but only uses 32K on 128M machines. Bottom out at |
628 | * 8K on 32M and smaller. Of course, this is only a default. |
629 | */ |
630 | target >>= 12; |
631 | |
632 | ret = NFSSVC_MAXBLKSIZE; |
633 | while (ret > target && ret >= 8*1024*2) |
634 | ret /= 2; |
635 | return ret; |
636 | } |
637 | |
638 | void nfsd_shutdown_threads(struct net *net) |
639 | { |
640 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
641 | struct svc_serv *serv; |
642 | |
643 | mutex_lock(&nfsd_mutex); |
644 | serv = nn->nfsd_serv; |
645 | if (serv == NULL) { |
646 | mutex_unlock(lock: &nfsd_mutex); |
647 | return; |
648 | } |
649 | |
650 | svc_get(serv); |
651 | /* Kill outstanding nfsd threads */ |
652 | svc_set_num_threads(serv, NULL, 0); |
653 | nfsd_last_thread(net); |
654 | svc_put(serv); |
655 | mutex_unlock(lock: &nfsd_mutex); |
656 | } |
657 | |
658 | bool i_am_nfsd(void) |
659 | { |
660 | return kthread_func(current) == nfsd; |
661 | } |
662 | |
663 | int nfsd_create_serv(struct net *net) |
664 | { |
665 | int error; |
666 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
667 | struct svc_serv *serv; |
668 | |
669 | WARN_ON(!mutex_is_locked(&nfsd_mutex)); |
670 | if (nn->nfsd_serv) { |
671 | svc_get(serv: nn->nfsd_serv); |
672 | return 0; |
673 | } |
674 | if (nfsd_max_blksize == 0) |
675 | nfsd_max_blksize = nfsd_get_default_max_blksize(); |
676 | nfsd_reset_versions(nn); |
677 | serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize, threadfn: nfsd); |
678 | if (serv == NULL) |
679 | return -ENOMEM; |
680 | |
681 | serv->sv_maxconn = nn->max_connections; |
682 | error = svc_bind(serv, net); |
683 | if (error < 0) { |
684 | svc_put(serv); |
685 | return error; |
686 | } |
687 | spin_lock(lock: &nfsd_notifier_lock); |
688 | nn->nfsd_serv = serv; |
689 | spin_unlock(lock: &nfsd_notifier_lock); |
690 | |
691 | set_max_drc(); |
692 | /* check if the notifier is already set */ |
693 | if (atomic_inc_return(v: &nfsd_notifier_refcount) == 1) { |
694 | register_inetaddr_notifier(nb: &nfsd_inetaddr_notifier); |
695 | #if IS_ENABLED(CONFIG_IPV6) |
696 | register_inet6addr_notifier(nb: &nfsd_inet6addr_notifier); |
697 | #endif |
698 | } |
699 | nfsd_reset_write_verifier(nn); |
700 | return 0; |
701 | } |
702 | |
703 | int nfsd_nrpools(struct net *net) |
704 | { |
705 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
706 | |
707 | if (nn->nfsd_serv == NULL) |
708 | return 0; |
709 | else |
710 | return nn->nfsd_serv->sv_nrpools; |
711 | } |
712 | |
713 | int nfsd_get_nrthreads(int n, int *nthreads, struct net *net) |
714 | { |
715 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
716 | struct svc_serv *serv = nn->nfsd_serv; |
717 | int i; |
718 | |
719 | if (serv) |
720 | for (i = 0; i < serv->sv_nrpools && i < n; i++) |
721 | nthreads[i] = atomic_read(v: &serv->sv_pools[i].sp_nrthreads); |
722 | return 0; |
723 | } |
724 | |
725 | int nfsd_set_nrthreads(int n, int *nthreads, struct net *net) |
726 | { |
727 | int i = 0; |
728 | int tot = 0; |
729 | int err = 0; |
730 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
731 | |
732 | WARN_ON(!mutex_is_locked(&nfsd_mutex)); |
733 | |
734 | if (nn->nfsd_serv == NULL || n <= 0) |
735 | return 0; |
736 | |
737 | if (n > nn->nfsd_serv->sv_nrpools) |
738 | n = nn->nfsd_serv->sv_nrpools; |
739 | |
740 | /* enforce a global maximum number of threads */ |
741 | tot = 0; |
742 | for (i = 0; i < n; i++) { |
743 | nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); |
744 | tot += nthreads[i]; |
745 | } |
746 | if (tot > NFSD_MAXSERVS) { |
747 | /* total too large: scale down requested numbers */ |
748 | for (i = 0; i < n && tot > 0; i++) { |
749 | int new = nthreads[i] * NFSD_MAXSERVS / tot; |
750 | tot -= (nthreads[i] - new); |
751 | nthreads[i] = new; |
752 | } |
753 | for (i = 0; i < n && tot > 0; i++) { |
754 | nthreads[i]--; |
755 | tot--; |
756 | } |
757 | } |
758 | |
759 | /* |
760 | * There must always be a thread in pool 0; the admin |
761 | * can't shut down NFS completely using pool_threads. |
762 | */ |
763 | if (nthreads[0] == 0) |
764 | nthreads[0] = 1; |
765 | |
766 | /* apply the new numbers */ |
767 | svc_get(serv: nn->nfsd_serv); |
768 | for (i = 0; i < n; i++) { |
769 | err = svc_set_num_threads(nn->nfsd_serv, |
770 | &nn->nfsd_serv->sv_pools[i], |
771 | nthreads[i]); |
772 | if (err) |
773 | break; |
774 | } |
775 | svc_put(serv: nn->nfsd_serv); |
776 | return err; |
777 | } |
778 | |
779 | /* |
780 | * Adjust the number of threads and return the new number of threads. |
781 | * This is also the function that starts the server if necessary, if |
782 | * this is the first time nrservs is nonzero. |
783 | */ |
784 | int |
785 | nfsd_svc(int nrservs, struct net *net, const struct cred *cred) |
786 | { |
787 | int error; |
788 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
789 | struct svc_serv *serv; |
790 | |
791 | mutex_lock(&nfsd_mutex); |
792 | dprintk("nfsd: creating service\n" ); |
793 | |
794 | nrservs = max(nrservs, 0); |
795 | nrservs = min(nrservs, NFSD_MAXSERVS); |
796 | error = 0; |
797 | |
798 | if (nrservs == 0 && nn->nfsd_serv == NULL) |
799 | goto out; |
800 | |
801 | strscpy(p: nn->nfsd_name, q: utsname()->nodename, |
802 | size: sizeof(nn->nfsd_name)); |
803 | |
804 | error = nfsd_create_serv(net); |
805 | if (error) |
806 | goto out; |
807 | serv = nn->nfsd_serv; |
808 | |
809 | error = nfsd_startup_net(net, cred); |
810 | if (error) |
811 | goto out_put; |
812 | error = svc_set_num_threads(serv, NULL, nrservs); |
813 | if (error) |
814 | goto out_put; |
815 | error = serv->sv_nrthreads; |
816 | out_put: |
817 | /* Threads now hold service active */ |
818 | if (xchg(&nn->keep_active, 0)) |
819 | svc_put(serv); |
820 | |
821 | if (serv->sv_nrthreads == 0) |
822 | nfsd_last_thread(net); |
823 | svc_put(serv); |
824 | out: |
825 | mutex_unlock(lock: &nfsd_mutex); |
826 | return error; |
827 | } |
828 | |
829 | #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) |
830 | static bool |
831 | nfsd_support_acl_version(int vers) |
832 | { |
833 | if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS) |
834 | return nfsd_acl_version[vers] != NULL; |
835 | return false; |
836 | } |
837 | |
838 | static int |
839 | nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp, |
840 | u32 version, int family, unsigned short proto, |
841 | unsigned short port) |
842 | { |
843 | if (!nfsd_support_acl_version(vers: version) || |
844 | !nfsd_vers(nn: net_generic(net, id: nfsd_net_id), vers: version, change: NFSD_TEST)) |
845 | return 0; |
846 | return svc_generic_rpcbind_set(net, progp, version, family, |
847 | proto, port); |
848 | } |
849 | |
850 | static __be32 |
851 | nfsd_acl_init_request(struct svc_rqst *rqstp, |
852 | const struct svc_program *progp, |
853 | struct svc_process_info *ret) |
854 | { |
855 | struct nfsd_net *nn = net_generic(SVC_NET(rqstp), id: nfsd_net_id); |
856 | int i; |
857 | |
858 | if (likely(nfsd_support_acl_version(rqstp->rq_vers) && |
859 | nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) |
860 | return svc_generic_init_request(rqstp, progp, procinfo: ret); |
861 | |
862 | ret->mismatch.lovers = NFSD_ACL_NRVERS; |
863 | for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) { |
864 | if (nfsd_support_acl_version(vers: rqstp->rq_vers) && |
865 | nfsd_vers(nn, vers: i, change: NFSD_TEST)) { |
866 | ret->mismatch.lovers = i; |
867 | break; |
868 | } |
869 | } |
870 | if (ret->mismatch.lovers == NFSD_ACL_NRVERS) |
871 | return rpc_prog_unavail; |
872 | ret->mismatch.hivers = NFSD_ACL_MINVERS; |
873 | for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) { |
874 | if (nfsd_support_acl_version(vers: rqstp->rq_vers) && |
875 | nfsd_vers(nn, vers: i, change: NFSD_TEST)) { |
876 | ret->mismatch.hivers = i; |
877 | break; |
878 | } |
879 | } |
880 | return rpc_prog_mismatch; |
881 | } |
882 | #endif |
883 | |
884 | static int |
885 | nfsd_rpcbind_set(struct net *net, const struct svc_program *progp, |
886 | u32 version, int family, unsigned short proto, |
887 | unsigned short port) |
888 | { |
889 | if (!nfsd_vers(nn: net_generic(net, id: nfsd_net_id), vers: version, change: NFSD_TEST)) |
890 | return 0; |
891 | return svc_generic_rpcbind_set(net, progp, version, family, |
892 | proto, port); |
893 | } |
894 | |
895 | static __be32 |
896 | nfsd_init_request(struct svc_rqst *rqstp, |
897 | const struct svc_program *progp, |
898 | struct svc_process_info *ret) |
899 | { |
900 | struct nfsd_net *nn = net_generic(SVC_NET(rqstp), id: nfsd_net_id); |
901 | int i; |
902 | |
903 | if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) |
904 | return svc_generic_init_request(rqstp, progp, procinfo: ret); |
905 | |
906 | ret->mismatch.lovers = NFSD_NRVERS; |
907 | for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) { |
908 | if (nfsd_vers(nn, vers: i, change: NFSD_TEST)) { |
909 | ret->mismatch.lovers = i; |
910 | break; |
911 | } |
912 | } |
913 | if (ret->mismatch.lovers == NFSD_NRVERS) |
914 | return rpc_prog_unavail; |
915 | ret->mismatch.hivers = NFSD_MINVERS; |
916 | for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) { |
917 | if (nfsd_vers(nn, vers: i, change: NFSD_TEST)) { |
918 | ret->mismatch.hivers = i; |
919 | break; |
920 | } |
921 | } |
922 | return rpc_prog_mismatch; |
923 | } |
924 | |
925 | /* |
926 | * This is the NFS server kernel thread |
927 | */ |
928 | static int |
929 | nfsd(void *vrqstp) |
930 | { |
931 | struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; |
932 | struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); |
933 | struct net *net = perm_sock->xpt_net; |
934 | struct nfsd_net *nn = net_generic(net, id: nfsd_net_id); |
935 | |
936 | /* At this point, the thread shares current->fs |
937 | * with the init process. We need to create files with the |
938 | * umask as defined by the client instead of init's umask. */ |
939 | if (unshare_fs_struct() < 0) { |
940 | printk("Unable to start nfsd thread: out of memory\n" ); |
941 | goto out; |
942 | } |
943 | |
944 | current->fs->umask = 0; |
945 | |
946 | atomic_inc(v: &nfsdstats.th_cnt); |
947 | |
948 | set_freezable(); |
949 | |
950 | /* |
951 | * The main request loop |
952 | */ |
953 | while (!svc_thread_should_stop(rqstp)) { |
954 | /* Update sv_maxconn if it has changed */ |
955 | rqstp->rq_server->sv_maxconn = nn->max_connections; |
956 | |
957 | svc_recv(rqstp); |
958 | validate_process_creds(); |
959 | } |
960 | |
961 | atomic_dec(v: &nfsdstats.th_cnt); |
962 | |
963 | out: |
964 | /* Release the thread */ |
965 | svc_exit_thread(rqstp); |
966 | return 0; |
967 | } |
968 | |
969 | /** |
970 | * nfsd_dispatch - Process an NFS or NFSACL Request |
971 | * @rqstp: incoming request |
972 | * |
973 | * This RPC dispatcher integrates the NFS server's duplicate reply cache. |
974 | * |
975 | * Return values: |
976 | * %0: Processing complete; do not send a Reply |
977 | * %1: Processing complete; send Reply in rqstp->rq_res |
978 | */ |
979 | int nfsd_dispatch(struct svc_rqst *rqstp) |
980 | { |
981 | const struct svc_procedure *proc = rqstp->rq_procinfo; |
982 | __be32 *statp = rqstp->rq_accept_statp; |
983 | struct nfsd_cacherep *rp; |
984 | |
985 | /* |
986 | * Give the xdr decoder a chance to change this if it wants |
987 | * (necessary in the NFSv4.0 compound case) |
988 | */ |
989 | rqstp->rq_cachetype = proc->pc_cachetype; |
990 | |
991 | if (!proc->pc_decode(rqstp, &rqstp->rq_arg_stream)) |
992 | goto out_decode_err; |
993 | |
994 | /* |
995 | * Release rq_status_counter setting it to an odd value after the rpc |
996 | * request has been properly parsed. rq_status_counter is used to |
997 | * notify the consumers if the rqstp fields are stable |
998 | * (rq_status_counter is odd) or not meaningful (rq_status_counter |
999 | * is even). |
1000 | */ |
1001 | smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter | 1); |
1002 | |
1003 | rp = NULL; |
1004 | switch (nfsd_cache_lookup(rqstp, cacherep: &rp)) { |
1005 | case RC_DOIT: |
1006 | break; |
1007 | case RC_REPLY: |
1008 | goto out_cached_reply; |
1009 | case RC_DROPIT: |
1010 | goto out_dropit; |
1011 | } |
1012 | |
1013 | *statp = proc->pc_func(rqstp); |
1014 | if (test_bit(RQ_DROPME, &rqstp->rq_flags)) |
1015 | goto out_update_drop; |
1016 | |
1017 | if (!proc->pc_encode(rqstp, &rqstp->rq_res_stream)) |
1018 | goto out_encode_err; |
1019 | |
1020 | /* |
1021 | * Release rq_status_counter setting it to an even value after the rpc |
1022 | * request has been properly processed. |
1023 | */ |
1024 | smp_store_release(&rqstp->rq_status_counter, rqstp->rq_status_counter + 1); |
1025 | |
1026 | nfsd_cache_update(rqstp, rp, cachetype: rqstp->rq_cachetype, statp: statp + 1); |
1027 | out_cached_reply: |
1028 | return 1; |
1029 | |
1030 | out_decode_err: |
1031 | trace_nfsd_garbage_args_err(rqstp); |
1032 | *statp = rpc_garbage_args; |
1033 | return 1; |
1034 | |
1035 | out_update_drop: |
1036 | nfsd_cache_update(rqstp, rp, cachetype: RC_NOCACHE, NULL); |
1037 | out_dropit: |
1038 | return 0; |
1039 | |
1040 | out_encode_err: |
1041 | trace_nfsd_cant_encode_err(rqstp); |
1042 | nfsd_cache_update(rqstp, rp, cachetype: RC_NOCACHE, NULL); |
1043 | *statp = rpc_system_err; |
1044 | return 1; |
1045 | } |
1046 | |
1047 | /** |
1048 | * nfssvc_decode_voidarg - Decode void arguments |
1049 | * @rqstp: Server RPC transaction context |
1050 | * @xdr: XDR stream positioned at arguments to decode |
1051 | * |
1052 | * Return values: |
1053 | * %false: Arguments were not valid |
1054 | * %true: Decoding was successful |
1055 | */ |
1056 | bool nfssvc_decode_voidarg(struct svc_rqst *rqstp, struct xdr_stream *xdr) |
1057 | { |
1058 | return true; |
1059 | } |
1060 | |
1061 | /** |
1062 | * nfssvc_encode_voidres - Encode void results |
1063 | * @rqstp: Server RPC transaction context |
1064 | * @xdr: XDR stream into which to encode results |
1065 | * |
1066 | * Return values: |
1067 | * %false: Local error while encoding |
1068 | * %true: Encoding was successful |
1069 | */ |
1070 | bool nfssvc_encode_voidres(struct svc_rqst *rqstp, struct xdr_stream *xdr) |
1071 | { |
1072 | return true; |
1073 | } |
1074 | |
1075 | int nfsd_pool_stats_open(struct inode *inode, struct file *file) |
1076 | { |
1077 | int ret; |
1078 | struct nfsd_net *nn = net_generic(net: inode->i_sb->s_fs_info, id: nfsd_net_id); |
1079 | |
1080 | mutex_lock(&nfsd_mutex); |
1081 | if (nn->nfsd_serv == NULL) { |
1082 | mutex_unlock(lock: &nfsd_mutex); |
1083 | return -ENODEV; |
1084 | } |
1085 | svc_get(serv: nn->nfsd_serv); |
1086 | ret = svc_pool_stats_open(serv: nn->nfsd_serv, file); |
1087 | mutex_unlock(lock: &nfsd_mutex); |
1088 | return ret; |
1089 | } |
1090 | |
1091 | int nfsd_pool_stats_release(struct inode *inode, struct file *file) |
1092 | { |
1093 | struct seq_file *seq = file->private_data; |
1094 | struct svc_serv *serv = seq->private; |
1095 | int ret = seq_release(inode, file); |
1096 | |
1097 | mutex_lock(&nfsd_mutex); |
1098 | svc_put(serv); |
1099 | mutex_unlock(lock: &nfsd_mutex); |
1100 | return ret; |
1101 | } |
1102 | |