1/* 2 * Server-side XDR for NFSv4 3 * 4 * Copyright (c) 2002 The Regents of the University of Michigan. 5 * All rights reserved. 6 * 7 * Kendrick Smith <kmsmith@umich.edu> 8 * Andy Adamson <andros@umich.edu> 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its 20 * contributors may be used to endorse or promote products derived 21 * from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 24 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36#include <linux/file.h> 37#include <linux/slab.h> 38#include <linux/namei.h> 39#include <linux/statfs.h> 40#include <linux/utsname.h> 41#include <linux/pagemap.h> 42#include <linux/sunrpc/svcauth_gss.h> 43#include <linux/sunrpc/addr.h> 44#include <linux/xattr.h> 45#include <uapi/linux/xattr.h> 46 47#include "idmap.h" 48#include "acl.h" 49#include "xdr4.h" 50#include "vfs.h" 51#include "state.h" 52#include "cache.h" 53#include "netns.h" 54#include "pnfs.h" 55#include "filecache.h" 56 57#ifdef CONFIG_NFSD_V4_SECURITY_LABEL 58#include <linux/security.h> 59#endif 60 61 62#define NFSDDBG_FACILITY NFSDDBG_XDR 63 64const u32 nfsd_suppattrs[3][3] = { 65 {NFSD4_SUPPORTED_ATTRS_WORD0, 66 NFSD4_SUPPORTED_ATTRS_WORD1, 67 NFSD4_SUPPORTED_ATTRS_WORD2}, 68 69 {NFSD4_1_SUPPORTED_ATTRS_WORD0, 70 NFSD4_1_SUPPORTED_ATTRS_WORD1, 71 NFSD4_1_SUPPORTED_ATTRS_WORD2}, 72 73 {NFSD4_1_SUPPORTED_ATTRS_WORD0, 74 NFSD4_1_SUPPORTED_ATTRS_WORD1, 75 NFSD4_2_SUPPORTED_ATTRS_WORD2}, 76}; 77 78/* 79 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing 80 * directory in order to indicate to the client that a filesystem boundary is present 81 * We use a fixed fsid for a referral 82 */ 83#define NFS4_REFERRAL_FSID_MAJOR 0x8000000ULL 84#define NFS4_REFERRAL_FSID_MINOR 0x8000000ULL 85 86static __be32 87check_filename(char *str, int len) 88{ 89 int i; 90 91 if (len == 0) 92 return nfserr_inval; 93 if (isdotent(str, len)) 94 return nfserr_badname; 95 for (i = 0; i < len; i++) 96 if (str[i] == '/') 97 return nfserr_badname; 98 return 0; 99} 100 101#define DECODE_HEAD \ 102 __be32 *p; \ 103 __be32 status 104#define DECODE_TAIL \ 105 status = 0; \ 106out: \ 107 return status; \ 108xdr_error: \ 109 dprintk("NFSD: xdr error (%s:%d)\n", \ 110 __FILE__, __LINE__); \ 111 status = nfserr_bad_xdr; \ 112 goto out 113 114#define READMEM(x,nbytes) do { \ 115 x = (char *)p; \ 116 p += XDR_QUADLEN(nbytes); \ 117} while (0) 118#define SAVEMEM(x,nbytes) do { \ 119 if (!(x = (p==argp->tmp || p == argp->tmpp) ? \ 120 savemem(argp, p, nbytes) : \ 121 (char *)p)) { \ 122 dprintk("NFSD: xdr error (%s:%d)\n", \ 123 __FILE__, __LINE__); \ 124 goto xdr_error; \ 125 } \ 126 p += XDR_QUADLEN(nbytes); \ 127} while (0) 128#define COPYMEM(x,nbytes) do { \ 129 memcpy((x), p, nbytes); \ 130 p += XDR_QUADLEN(nbytes); \ 131} while (0) 132 133/* READ_BUF, read_buf(): nbytes must be <= PAGE_SIZE */ 134#define READ_BUF(nbytes) do { \ 135 if (nbytes <= (u32)((char *)argp->end - (char *)argp->p)) { \ 136 p = argp->p; \ 137 argp->p += XDR_QUADLEN(nbytes); \ 138 } else if (!(p = read_buf(argp, nbytes))) { \ 139 dprintk("NFSD: xdr error (%s:%d)\n", \ 140 __FILE__, __LINE__); \ 141 goto xdr_error; \ 142 } \ 143} while (0) 144 145static void next_decode_page(struct nfsd4_compoundargs *argp) 146{ 147 argp->p = page_address(argp->pagelist[0]); 148 argp->pagelist++; 149 if (argp->pagelen < PAGE_SIZE) { 150 argp->end = argp->p + XDR_QUADLEN(argp->pagelen); 151 argp->pagelen = 0; 152 } else { 153 argp->end = argp->p + (PAGE_SIZE>>2); 154 argp->pagelen -= PAGE_SIZE; 155 } 156} 157 158static __be32 *read_buf(struct nfsd4_compoundargs *argp, u32 nbytes) 159{ 160 /* We want more bytes than seem to be available. 161 * Maybe we need a new page, maybe we have just run out 162 */ 163 unsigned int avail = (char *)argp->end - (char *)argp->p; 164 __be32 *p; 165 166 if (argp->pagelen == 0) { 167 struct kvec *vec = &argp->rqstp->rq_arg.tail[0]; 168 169 if (!argp->tail) { 170 argp->tail = true; 171 avail = vec->iov_len; 172 argp->p = vec->iov_base; 173 argp->end = vec->iov_base + avail; 174 } 175 176 if (avail < nbytes) 177 return NULL; 178 179 p = argp->p; 180 argp->p += XDR_QUADLEN(nbytes); 181 return p; 182 } 183 184 if (avail + argp->pagelen < nbytes) 185 return NULL; 186 if (avail + PAGE_SIZE < nbytes) /* need more than a page !! */ 187 return NULL; 188 /* ok, we can do it with the current plus the next page */ 189 if (nbytes <= sizeof(argp->tmp)) 190 p = argp->tmp; 191 else { 192 kfree(argp->tmpp); 193 p = argp->tmpp = kmalloc(nbytes, GFP_KERNEL); 194 if (!p) 195 return NULL; 196 197 } 198 /* 199 * The following memcpy is safe because read_buf is always 200 * called with nbytes > avail, and the two cases above both 201 * guarantee p points to at least nbytes bytes. 202 */ 203 memcpy(p, argp->p, avail); 204 next_decode_page(argp); 205 memcpy(((char*)p)+avail, argp->p, (nbytes - avail)); 206 argp->p += XDR_QUADLEN(nbytes - avail); 207 return p; 208} 209 210static unsigned int compoundargs_bytes_left(struct nfsd4_compoundargs *argp) 211{ 212 unsigned int this = (char *)argp->end - (char *)argp->p; 213 214 return this + argp->pagelen; 215} 216 217static int zero_clientid(clientid_t *clid) 218{ 219 return (clid->cl_boot == 0) && (clid->cl_id == 0); 220} 221 222/** 223 * svcxdr_tmpalloc - allocate memory to be freed after compound processing 224 * @argp: NFSv4 compound argument structure 225 * @len: length of buffer to allocate 226 * 227 * Allocates a buffer of size @len to be freed when processing the compound 228 * operation described in @argp finishes. 229 */ 230static void * 231svcxdr_tmpalloc(struct nfsd4_compoundargs *argp, u32 len) 232{ 233 struct svcxdr_tmpbuf *tb; 234 235 tb = kmalloc(sizeof(*tb) + len, GFP_KERNEL); 236 if (!tb) 237 return NULL; 238 tb->next = argp->to_free; 239 argp->to_free = tb; 240 return tb->buf; 241} 242 243/* 244 * For xdr strings that need to be passed to other kernel api's 245 * as null-terminated strings. 246 * 247 * Note null-terminating in place usually isn't safe since the 248 * buffer might end on a page boundary. 249 */ 250static char * 251svcxdr_dupstr(struct nfsd4_compoundargs *argp, void *buf, u32 len) 252{ 253 char *p = svcxdr_tmpalloc(argp, len + 1); 254 255 if (!p) 256 return NULL; 257 memcpy(p, buf, len); 258 p[len] = '\0'; 259 return p; 260} 261 262static __be32 263svcxdr_construct_vector(struct nfsd4_compoundargs *argp, struct kvec *head, 264 struct page ***pagelist, u32 buflen) 265{ 266 int avail; 267 int len; 268 int pages; 269 270 /* Sorry .. no magic macros for this.. * 271 * READ_BUF(write->wr_buflen); 272 * SAVEMEM(write->wr_buf, write->wr_buflen); 273 */ 274 avail = (char *)argp->end - (char *)argp->p; 275 if (avail + argp->pagelen < buflen) { 276 dprintk("NFSD: xdr error (%s:%d)\n", 277 __FILE__, __LINE__); 278 return nfserr_bad_xdr; 279 } 280 head->iov_base = argp->p; 281 head->iov_len = avail; 282 *pagelist = argp->pagelist; 283 284 len = XDR_QUADLEN(buflen) << 2; 285 if (len >= avail) { 286 len -= avail; 287 288 pages = len >> PAGE_SHIFT; 289 argp->pagelist += pages; 290 argp->pagelen -= pages * PAGE_SIZE; 291 len -= pages * PAGE_SIZE; 292 293 next_decode_page(argp); 294 } 295 argp->p += XDR_QUADLEN(len); 296 297 return 0; 298} 299 300/** 301 * savemem - duplicate a chunk of memory for later processing 302 * @argp: NFSv4 compound argument structure to be freed with 303 * @p: pointer to be duplicated 304 * @nbytes: length to be duplicated 305 * 306 * Returns a pointer to a copy of @nbytes bytes of memory at @p 307 * that are preserved until processing of the NFSv4 compound 308 * operation described by @argp finishes. 309 */ 310static char *savemem(struct nfsd4_compoundargs *argp, __be32 *p, int nbytes) 311{ 312 void *ret; 313 314 ret = svcxdr_tmpalloc(argp, nbytes); 315 if (!ret) 316 return NULL; 317 memcpy(ret, p, nbytes); 318 return ret; 319} 320 321static __be32 322nfsd4_decode_time(struct nfsd4_compoundargs *argp, struct timespec64 *tv) 323{ 324 DECODE_HEAD; 325 326 READ_BUF(12); 327 p = xdr_decode_hyper(p, &tv->tv_sec); 328 tv->tv_nsec = be32_to_cpup(p++); 329 if (tv->tv_nsec >= (u32)1000000000) 330 return nfserr_inval; 331 332 DECODE_TAIL; 333} 334 335static __be32 336nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval) 337{ 338 u32 bmlen; 339 DECODE_HEAD; 340 341 bmval[0] = 0; 342 bmval[1] = 0; 343 bmval[2] = 0; 344 345 READ_BUF(4); 346 bmlen = be32_to_cpup(p++); 347 if (bmlen > 1000) 348 goto xdr_error; 349 350 READ_BUF(bmlen << 2); 351 if (bmlen > 0) 352 bmval[0] = be32_to_cpup(p++); 353 if (bmlen > 1) 354 bmval[1] = be32_to_cpup(p++); 355 if (bmlen > 2) 356 bmval[2] = be32_to_cpup(p++); 357 358 DECODE_TAIL; 359} 360 361static __be32 362nfsd4_decode_fattr(struct nfsd4_compoundargs *argp, u32 *bmval, 363 struct iattr *iattr, struct nfs4_acl **acl, 364 struct xdr_netobj *label, int *umask) 365{ 366 int expected_len, len = 0; 367 u32 dummy32; 368 char *buf; 369 370 DECODE_HEAD; 371 iattr->ia_valid = 0; 372 if ((status = nfsd4_decode_bitmap(argp, bmval))) 373 return status; 374 375 if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0 376 || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1 377 || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) { 378 if (nfsd_attrs_supported(argp->minorversion, bmval)) 379 return nfserr_inval; 380 return nfserr_attrnotsupp; 381 } 382 383 READ_BUF(4); 384 expected_len = be32_to_cpup(p++); 385 386 if (bmval[0] & FATTR4_WORD0_SIZE) { 387 READ_BUF(8); 388 len += 8; 389 p = xdr_decode_hyper(p, &iattr->ia_size); 390 iattr->ia_valid |= ATTR_SIZE; 391 } 392 if (bmval[0] & FATTR4_WORD0_ACL) { 393 u32 nace; 394 struct nfs4_ace *ace; 395 396 READ_BUF(4); len += 4; 397 nace = be32_to_cpup(p++); 398 399 if (nace > compoundargs_bytes_left(argp)/20) 400 /* 401 * Even with 4-byte names there wouldn't be 402 * space for that many aces; something fishy is 403 * going on: 404 */ 405 return nfserr_fbig; 406 407 *acl = svcxdr_tmpalloc(argp, nfs4_acl_bytes(nace)); 408 if (*acl == NULL) 409 return nfserr_jukebox; 410 411 (*acl)->naces = nace; 412 for (ace = (*acl)->aces; ace < (*acl)->aces + nace; ace++) { 413 READ_BUF(16); len += 16; 414 ace->type = be32_to_cpup(p++); 415 ace->flag = be32_to_cpup(p++); 416 ace->access_mask = be32_to_cpup(p++); 417 dummy32 = be32_to_cpup(p++); 418 READ_BUF(dummy32); 419 len += XDR_QUADLEN(dummy32) << 2; 420 READMEM(buf, dummy32); 421 ace->whotype = nfs4_acl_get_whotype(buf, dummy32); 422 status = nfs_ok; 423 if (ace->whotype != NFS4_ACL_WHO_NAMED) 424 ; 425 else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP) 426 status = nfsd_map_name_to_gid(argp->rqstp, 427 buf, dummy32, &ace->who_gid); 428 else 429 status = nfsd_map_name_to_uid(argp->rqstp, 430 buf, dummy32, &ace->who_uid); 431 if (status) 432 return status; 433 } 434 } else 435 *acl = NULL; 436 if (bmval[1] & FATTR4_WORD1_MODE) { 437 READ_BUF(4); 438 len += 4; 439 iattr->ia_mode = be32_to_cpup(p++); 440 iattr->ia_mode &= (S_IFMT | S_IALLUGO); 441 iattr->ia_valid |= ATTR_MODE; 442 } 443 if (bmval[1] & FATTR4_WORD1_OWNER) { 444 READ_BUF(4); 445 len += 4; 446 dummy32 = be32_to_cpup(p++); 447 READ_BUF(dummy32); 448 len += (XDR_QUADLEN(dummy32) << 2); 449 READMEM(buf, dummy32); 450 if ((status = nfsd_map_name_to_uid(argp->rqstp, buf, dummy32, &iattr->ia_uid))) 451 return status; 452 iattr->ia_valid |= ATTR_UID; 453 } 454 if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) { 455 READ_BUF(4); 456 len += 4; 457 dummy32 = be32_to_cpup(p++); 458 READ_BUF(dummy32); 459 len += (XDR_QUADLEN(dummy32) << 2); 460 READMEM(buf, dummy32); 461 if ((status = nfsd_map_name_to_gid(argp->rqstp, buf, dummy32, &iattr->ia_gid))) 462 return status; 463 iattr->ia_valid |= ATTR_GID; 464 } 465 if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) { 466 READ_BUF(4); 467 len += 4; 468 dummy32 = be32_to_cpup(p++); 469 switch (dummy32) { 470 case NFS4_SET_TO_CLIENT_TIME: 471 len += 12; 472 status = nfsd4_decode_time(argp, &iattr->ia_atime); 473 if (status) 474 return status; 475 iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET); 476 break; 477 case NFS4_SET_TO_SERVER_TIME: 478 iattr->ia_valid |= ATTR_ATIME; 479 break; 480 default: 481 goto xdr_error; 482 } 483 } 484 if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) { 485 READ_BUF(4); 486 len += 4; 487 dummy32 = be32_to_cpup(p++); 488 switch (dummy32) { 489 case NFS4_SET_TO_CLIENT_TIME: 490 len += 12; 491 status = nfsd4_decode_time(argp, &iattr->ia_mtime); 492 if (status) 493 return status; 494 iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET); 495 break; 496 case NFS4_SET_TO_SERVER_TIME: 497 iattr->ia_valid |= ATTR_MTIME; 498 break; 499 default: 500 goto xdr_error; 501 } 502 } 503 504 label->len = 0; 505 if (IS_ENABLED(CONFIG_NFSD_V4_SECURITY_LABEL) && 506 bmval[2] & FATTR4_WORD2_SECURITY_LABEL) { 507 READ_BUF(4); 508 len += 4; 509 dummy32 = be32_to_cpup(p++); /* lfs: we don't use it */ 510 READ_BUF(4); 511 len += 4; 512 dummy32 = be32_to_cpup(p++); /* pi: we don't use it either */ 513 READ_BUF(4); 514 len += 4; 515 dummy32 = be32_to_cpup(p++); 516 READ_BUF(dummy32); 517 if (dummy32 > NFS4_MAXLABELLEN) 518 return nfserr_badlabel; 519 len += (XDR_QUADLEN(dummy32) << 2); 520 READMEM(buf, dummy32); 521 label->len = dummy32; 522 label->data = svcxdr_dupstr(argp, buf, dummy32); 523 if (!label->data) 524 return nfserr_jukebox; 525 } 526 if (bmval[2] & FATTR4_WORD2_MODE_UMASK) { 527 if (!umask) 528 goto xdr_error; 529 READ_BUF(8); 530 len += 8; 531 dummy32 = be32_to_cpup(p++); 532 iattr->ia_mode = dummy32 & (S_IFMT | S_IALLUGO); 533 dummy32 = be32_to_cpup(p++); 534 *umask = dummy32 & S_IRWXUGO; 535 iattr->ia_valid |= ATTR_MODE; 536 } 537 if (len != expected_len) 538 goto xdr_error; 539 540 DECODE_TAIL; 541} 542 543static __be32 544nfsd4_decode_stateid(struct nfsd4_compoundargs *argp, stateid_t *sid) 545{ 546 DECODE_HEAD; 547 548 READ_BUF(sizeof(stateid_t)); 549 sid->si_generation = be32_to_cpup(p++); 550 COPYMEM(&sid->si_opaque, sizeof(stateid_opaque_t)); 551 552 DECODE_TAIL; 553} 554 555static __be32 556nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access) 557{ 558 DECODE_HEAD; 559 560 READ_BUF(4); 561 access->ac_req_access = be32_to_cpup(p++); 562 563 DECODE_TAIL; 564} 565 566static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) 567{ 568 DECODE_HEAD; 569 struct user_namespace *userns = nfsd_user_namespace(argp->rqstp); 570 u32 dummy, uid, gid; 571 char *machine_name; 572 int i; 573 int nr_secflavs; 574 575 /* callback_sec_params4 */ 576 READ_BUF(4); 577 nr_secflavs = be32_to_cpup(p++); 578 if (nr_secflavs) 579 cbs->flavor = (u32)(-1); 580 else 581 /* Is this legal? Be generous, take it to mean AUTH_NONE: */ 582 cbs->flavor = 0; 583 for (i = 0; i < nr_secflavs; ++i) { 584 READ_BUF(4); 585 dummy = be32_to_cpup(p++); 586 switch (dummy) { 587 case RPC_AUTH_NULL: 588 /* Nothing to read */ 589 if (cbs->flavor == (u32)(-1)) 590 cbs->flavor = RPC_AUTH_NULL; 591 break; 592 case RPC_AUTH_UNIX: 593 READ_BUF(8); 594 /* stamp */ 595 dummy = be32_to_cpup(p++); 596 597 /* machine name */ 598 dummy = be32_to_cpup(p++); 599 READ_BUF(dummy); 600 SAVEMEM(machine_name, dummy); 601 602 /* uid, gid */ 603 READ_BUF(8); 604 uid = be32_to_cpup(p++); 605 gid = be32_to_cpup(p++); 606 607 /* more gids */ 608 READ_BUF(4); 609 dummy = be32_to_cpup(p++); 610 READ_BUF(dummy * 4); 611 if (cbs->flavor == (u32)(-1)) { 612 kuid_t kuid = make_kuid(userns, uid); 613 kgid_t kgid = make_kgid(userns, gid); 614 if (uid_valid(kuid) && gid_valid(kgid)) { 615 cbs->uid = kuid; 616 cbs->gid = kgid; 617 cbs->flavor = RPC_AUTH_UNIX; 618 } else { 619 dprintk("RPC_AUTH_UNIX with invalid" 620 "uid or gid ignoring!\n"); 621 } 622 } 623 break; 624 case RPC_AUTH_GSS: 625 dprintk("RPC_AUTH_GSS callback secflavor " 626 "not supported!\n"); 627 READ_BUF(8); 628 /* gcbp_service */ 629 dummy = be32_to_cpup(p++); 630 /* gcbp_handle_from_server */ 631 dummy = be32_to_cpup(p++); 632 READ_BUF(dummy); 633 p += XDR_QUADLEN(dummy); 634 /* gcbp_handle_from_client */ 635 READ_BUF(4); 636 dummy = be32_to_cpup(p++); 637 READ_BUF(dummy); 638 break; 639 default: 640 dprintk("Illegal callback secflavor\n"); 641 return nfserr_inval; 642 } 643 } 644 DECODE_TAIL; 645} 646 647static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp, struct nfsd4_backchannel_ctl *bc) 648{ 649 DECODE_HEAD; 650 651 READ_BUF(4); 652 bc->bc_cb_program = be32_to_cpup(p++); 653 nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec); 654 655 DECODE_TAIL; 656} 657 658static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp, struct nfsd4_bind_conn_to_session *bcts) 659{ 660 DECODE_HEAD; 661 662 READ_BUF(NFS4_MAX_SESSIONID_LEN + 8); 663 COPYMEM(bcts->sessionid.data, NFS4_MAX_SESSIONID_LEN); 664 bcts->dir = be32_to_cpup(p++); 665 /* XXX: skipping ctsa_use_conn_in_rdma_mode. Perhaps Tom Tucker 666 * could help us figure out we should be using it. */ 667 DECODE_TAIL; 668} 669 670static __be32 671nfsd4_decode_close(struct nfsd4_compoundargs *argp, struct nfsd4_close *close) 672{ 673 DECODE_HEAD; 674 675 READ_BUF(4); 676 close->cl_seqid = be32_to_cpup(p++); 677 return nfsd4_decode_stateid(argp, &close->cl_stateid); 678 679 DECODE_TAIL; 680} 681 682 683static __be32 684nfsd4_decode_commit(struct nfsd4_compoundargs *argp, struct nfsd4_commit *commit) 685{ 686 DECODE_HEAD; 687 688 READ_BUF(12); 689 p = xdr_decode_hyper(p, &commit->co_offset); 690 commit->co_count = be32_to_cpup(p++); 691 692 DECODE_TAIL; 693} 694 695static __be32 696nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create) 697{ 698 DECODE_HEAD; 699 700 READ_BUF(4); 701 create->cr_type = be32_to_cpup(p++); 702 switch (create->cr_type) { 703 case NF4LNK: 704 READ_BUF(4); 705 create->cr_datalen = be32_to_cpup(p++); 706 READ_BUF(create->cr_datalen); 707 create->cr_data = svcxdr_dupstr(argp, p, create->cr_datalen); 708 if (!create->cr_data) 709 return nfserr_jukebox; 710 break; 711 case NF4BLK: 712 case NF4CHR: 713 READ_BUF(8); 714 create->cr_specdata1 = be32_to_cpup(p++); 715 create->cr_specdata2 = be32_to_cpup(p++); 716 break; 717 case NF4SOCK: 718 case NF4FIFO: 719 case NF4DIR: 720 default: 721 break; 722 } 723 724 READ_BUF(4); 725 create->cr_namelen = be32_to_cpup(p++); 726 READ_BUF(create->cr_namelen); 727 SAVEMEM(create->cr_name, create->cr_namelen); 728 if ((status = check_filename(create->cr_name, create->cr_namelen))) 729 return status; 730 731 status = nfsd4_decode_fattr(argp, create->cr_bmval, &create->cr_iattr, 732 &create->cr_acl, &create->cr_label, 733 &create->cr_umask); 734 if (status) 735 goto out; 736 737 DECODE_TAIL; 738} 739 740static inline __be32 741nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, struct nfsd4_delegreturn *dr) 742{ 743 return nfsd4_decode_stateid(argp, &dr->dr_stateid); 744} 745 746static inline __be32 747nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, struct nfsd4_getattr *getattr) 748{ 749 return nfsd4_decode_bitmap(argp, getattr->ga_bmval); 750} 751 752static __be32 753nfsd4_decode_link(struct nfsd4_compoundargs *argp, struct nfsd4_link *link) 754{ 755 DECODE_HEAD; 756 757 READ_BUF(4); 758 link->li_namelen = be32_to_cpup(p++); 759 READ_BUF(link->li_namelen); 760 SAVEMEM(link->li_name, link->li_namelen); 761 if ((status = check_filename(link->li_name, link->li_namelen))) 762 return status; 763 764 DECODE_TAIL; 765} 766 767static __be32 768nfsd4_decode_lock(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock) 769{ 770 DECODE_HEAD; 771 772 /* 773 * type, reclaim(boolean), offset, length, new_lock_owner(boolean) 774 */ 775 READ_BUF(28); 776 lock->lk_type = be32_to_cpup(p++); 777 if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT)) 778 goto xdr_error; 779 lock->lk_reclaim = be32_to_cpup(p++); 780 p = xdr_decode_hyper(p, &lock->lk_offset); 781 p = xdr_decode_hyper(p, &lock->lk_length); 782 lock->lk_is_new = be32_to_cpup(p++); 783 784 if (lock->lk_is_new) { 785 READ_BUF(4); 786 lock->lk_new_open_seqid = be32_to_cpup(p++); 787 status = nfsd4_decode_stateid(argp, &lock->lk_new_open_stateid); 788 if (status) 789 return status; 790 READ_BUF(8 + sizeof(clientid_t)); 791 lock->lk_new_lock_seqid = be32_to_cpup(p++); 792 COPYMEM(&lock->lk_new_clientid, sizeof(clientid_t)); 793 lock->lk_new_owner.len = be32_to_cpup(p++); 794 READ_BUF(lock->lk_new_owner.len); 795 READMEM(lock->lk_new_owner.data, lock->lk_new_owner.len); 796 } else { 797 status = nfsd4_decode_stateid(argp, &lock->lk_old_lock_stateid); 798 if (status) 799 return status; 800 READ_BUF(4); 801 lock->lk_old_lock_seqid = be32_to_cpup(p++); 802 } 803 804 DECODE_TAIL; 805} 806 807static __be32 808nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, struct nfsd4_lockt *lockt) 809{ 810 DECODE_HEAD; 811 812 READ_BUF(32); 813 lockt->lt_type = be32_to_cpup(p++); 814 if((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT)) 815 goto xdr_error; 816 p = xdr_decode_hyper(p, &lockt->lt_offset); 817 p = xdr_decode_hyper(p, &lockt->lt_length); 818 COPYMEM(&lockt->lt_clientid, 8); 819 lockt->lt_owner.len = be32_to_cpup(p++); 820 READ_BUF(lockt->lt_owner.len); 821 READMEM(lockt->lt_owner.data, lockt->lt_owner.len); 822 823 DECODE_TAIL; 824} 825 826static __be32 827nfsd4_decode_locku(struct nfsd4_compoundargs *argp, struct nfsd4_locku *locku) 828{ 829 DECODE_HEAD; 830 831 READ_BUF(8); 832 locku->lu_type = be32_to_cpup(p++); 833 if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT)) 834 goto xdr_error; 835 locku->lu_seqid = be32_to_cpup(p++); 836 status = nfsd4_decode_stateid(argp, &locku->lu_stateid); 837 if (status) 838 return status; 839 READ_BUF(16); 840 p = xdr_decode_hyper(p, &locku->lu_offset); 841 p = xdr_decode_hyper(p, &locku->lu_length); 842 843 DECODE_TAIL; 844} 845 846static __be32 847nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, struct nfsd4_lookup *lookup) 848{ 849 DECODE_HEAD; 850 851 READ_BUF(4); 852 lookup->lo_len = be32_to_cpup(p++); 853 READ_BUF(lookup->lo_len); 854 SAVEMEM(lookup->lo_name, lookup->lo_len); 855 if ((status = check_filename(lookup->lo_name, lookup->lo_len))) 856 return status; 857 858 DECODE_TAIL; 859} 860 861static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when) 862{ 863 __be32 *p; 864 u32 w; 865 866 READ_BUF(4); 867 w = be32_to_cpup(p++); 868 *share_access = w & NFS4_SHARE_ACCESS_MASK; 869 *deleg_want = w & NFS4_SHARE_WANT_MASK; 870 if (deleg_when) 871 *deleg_when = w & NFS4_SHARE_WHEN_MASK; 872 873 switch (w & NFS4_SHARE_ACCESS_MASK) { 874 case NFS4_SHARE_ACCESS_READ: 875 case NFS4_SHARE_ACCESS_WRITE: 876 case NFS4_SHARE_ACCESS_BOTH: 877 break; 878 default: 879 return nfserr_bad_xdr; 880 } 881 w &= ~NFS4_SHARE_ACCESS_MASK; 882 if (!w) 883 return nfs_ok; 884 if (!argp->minorversion) 885 return nfserr_bad_xdr; 886 switch (w & NFS4_SHARE_WANT_MASK) { 887 case NFS4_SHARE_WANT_NO_PREFERENCE: 888 case NFS4_SHARE_WANT_READ_DELEG: 889 case NFS4_SHARE_WANT_WRITE_DELEG: 890 case NFS4_SHARE_WANT_ANY_DELEG: 891 case NFS4_SHARE_WANT_NO_DELEG: 892 case NFS4_SHARE_WANT_CANCEL: 893 break; 894 default: 895 return nfserr_bad_xdr; 896 } 897 w &= ~NFS4_SHARE_WANT_MASK; 898 if (!w) 899 return nfs_ok; 900 901 if (!deleg_when) /* open_downgrade */ 902 return nfserr_inval; 903 switch (w) { 904 case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL: 905 case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED: 906 case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL | 907 NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED): 908 return nfs_ok; 909 } 910xdr_error: 911 return nfserr_bad_xdr; 912} 913 914static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x) 915{ 916 __be32 *p; 917 918 READ_BUF(4); 919 *x = be32_to_cpup(p++); 920 /* Note: unlinke access bits, deny bits may be zero. */ 921 if (*x & ~NFS4_SHARE_DENY_BOTH) 922 return nfserr_bad_xdr; 923 return nfs_ok; 924xdr_error: 925 return nfserr_bad_xdr; 926} 927 928static __be32 nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o) 929{ 930 __be32 *p; 931 932 READ_BUF(4); 933 o->len = be32_to_cpup(p++); 934 935 if (o->len == 0 || o->len > NFS4_OPAQUE_LIMIT) 936 return nfserr_bad_xdr; 937 938 READ_BUF(o->len); 939 SAVEMEM(o->data, o->len); 940 return nfs_ok; 941xdr_error: 942 return nfserr_bad_xdr; 943} 944 945static __be32 946nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open) 947{ 948 DECODE_HEAD; 949 u32 dummy; 950 951 memset(open->op_bmval, 0, sizeof(open->op_bmval)); 952 open->op_iattr.ia_valid = 0; 953 open->op_openowner = NULL; 954 955 open->op_xdr_error = 0; 956 /* seqid, share_access, share_deny, clientid, ownerlen */ 957 READ_BUF(4); 958 open->op_seqid = be32_to_cpup(p++); 959 /* decode, yet ignore deleg_when until supported */ 960 status = nfsd4_decode_share_access(argp, &open->op_share_access, 961 &open->op_deleg_want, &dummy); 962 if (status) 963 goto xdr_error; 964 status = nfsd4_decode_share_deny(argp, &open->op_share_deny); 965 if (status) 966 goto xdr_error; 967 READ_BUF(sizeof(clientid_t)); 968 COPYMEM(&open->op_clientid, sizeof(clientid_t)); 969 status = nfsd4_decode_opaque(argp, &open->op_owner); 970 if (status) 971 goto xdr_error; 972 READ_BUF(4); 973 open->op_create = be32_to_cpup(p++); 974 switch (open->op_create) { 975 case NFS4_OPEN_NOCREATE: 976 break; 977 case NFS4_OPEN_CREATE: 978 READ_BUF(4); 979 open->op_createmode = be32_to_cpup(p++); 980 switch (open->op_createmode) { 981 case NFS4_CREATE_UNCHECKED: 982 case NFS4_CREATE_GUARDED: 983 status = nfsd4_decode_fattr(argp, open->op_bmval, 984 &open->op_iattr, &open->op_acl, &open->op_label, 985 &open->op_umask); 986 if (status) 987 goto out; 988 break; 989 case NFS4_CREATE_EXCLUSIVE: 990 READ_BUF(NFS4_VERIFIER_SIZE); 991 COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE); 992 break; 993 case NFS4_CREATE_EXCLUSIVE4_1: 994 if (argp->minorversion < 1) 995 goto xdr_error; 996 READ_BUF(NFS4_VERIFIER_SIZE); 997 COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE); 998 status = nfsd4_decode_fattr(argp, open->op_bmval, 999 &open->op_iattr, &open->op_acl, &open->op_label, 1000 &open->op_umask); 1001 if (status) 1002 goto out; 1003 break; 1004 default: 1005 goto xdr_error; 1006 } 1007 break; 1008 default: 1009 goto xdr_error; 1010 } 1011 1012 /* open_claim */ 1013 READ_BUF(4); 1014 open->op_claim_type = be32_to_cpup(p++); 1015 switch (open->op_claim_type) { 1016 case NFS4_OPEN_CLAIM_NULL: 1017 case NFS4_OPEN_CLAIM_DELEGATE_PREV: 1018 READ_BUF(4); 1019 open->op_fname.len = be32_to_cpup(p++); 1020 READ_BUF(open->op_fname.len); 1021 SAVEMEM(open->op_fname.data, open->op_fname.len); 1022 if ((status = check_filename(open->op_fname.data, open->op_fname.len))) 1023 return status; 1024 break; 1025 case NFS4_OPEN_CLAIM_PREVIOUS: 1026 READ_BUF(4); 1027 open->op_delegate_type = be32_to_cpup(p++); 1028 break; 1029 case NFS4_OPEN_CLAIM_DELEGATE_CUR: 1030 status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid); 1031 if (status) 1032 return status; 1033 READ_BUF(4); 1034 open->op_fname.len = be32_to_cpup(p++); 1035 READ_BUF(open->op_fname.len); 1036 SAVEMEM(open->op_fname.data, open->op_fname.len); 1037 if ((status = check_filename(open->op_fname.data, open->op_fname.len))) 1038 return status; 1039 break; 1040 case NFS4_OPEN_CLAIM_FH: 1041 case NFS4_OPEN_CLAIM_DELEG_PREV_FH: 1042 if (argp->minorversion < 1) 1043 goto xdr_error; 1044 /* void */ 1045 break; 1046 case NFS4_OPEN_CLAIM_DELEG_CUR_FH: 1047 if (argp->minorversion < 1) 1048 goto xdr_error; 1049 status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid); 1050 if (status) 1051 return status; 1052 break; 1053 default: 1054 goto xdr_error; 1055 } 1056 1057 DECODE_TAIL; 1058} 1059 1060static __be32 1061nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_open_confirm *open_conf) 1062{ 1063 DECODE_HEAD; 1064 1065 if (argp->minorversion >= 1) 1066 return nfserr_notsupp; 1067 1068 status = nfsd4_decode_stateid(argp, &open_conf->oc_req_stateid); 1069 if (status) 1070 return status; 1071 READ_BUF(4); 1072 open_conf->oc_seqid = be32_to_cpup(p++); 1073 1074 DECODE_TAIL; 1075} 1076 1077static __be32 1078nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp, struct nfsd4_open_downgrade *open_down) 1079{ 1080 DECODE_HEAD; 1081 1082 status = nfsd4_decode_stateid(argp, &open_down->od_stateid); 1083 if (status) 1084 return status; 1085 READ_BUF(4); 1086 open_down->od_seqid = be32_to_cpup(p++); 1087 status = nfsd4_decode_share_access(argp, &open_down->od_share_access, 1088 &open_down->od_deleg_want, NULL); 1089 if (status) 1090 return status; 1091 status = nfsd4_decode_share_deny(argp, &open_down->od_share_deny); 1092 if (status) 1093 return status; 1094 DECODE_TAIL; 1095} 1096 1097static __be32 1098nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh) 1099{ 1100 DECODE_HEAD; 1101 1102 READ_BUF(4); 1103 putfh->pf_fhlen = be32_to_cpup(p++); 1104 if (putfh->pf_fhlen > NFS4_FHSIZE) 1105 goto xdr_error; 1106 READ_BUF(putfh->pf_fhlen); 1107 SAVEMEM(putfh->pf_fhval, putfh->pf_fhlen); 1108 1109 DECODE_TAIL; 1110} 1111 1112static __be32 1113nfsd4_decode_putpubfh(struct nfsd4_compoundargs *argp, void *p) 1114{ 1115 if (argp->minorversion == 0) 1116 return nfs_ok; 1117 return nfserr_notsupp; 1118} 1119 1120static __be32 1121nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read) 1122{ 1123 DECODE_HEAD; 1124 1125 status = nfsd4_decode_stateid(argp, &read->rd_stateid); 1126 if (status) 1127 return status; 1128 READ_BUF(12); 1129 p = xdr_decode_hyper(p, &read->rd_offset); 1130 read->rd_length = be32_to_cpup(p++); 1131 1132 DECODE_TAIL; 1133} 1134 1135static __be32 1136nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, struct nfsd4_readdir *readdir) 1137{ 1138 DECODE_HEAD; 1139 1140 READ_BUF(24); 1141 p = xdr_decode_hyper(p, &readdir->rd_cookie); 1142 COPYMEM(readdir->rd_verf.data, sizeof(readdir->rd_verf.data)); 1143 readdir->rd_dircount = be32_to_cpup(p++); 1144 readdir->rd_maxcount = be32_to_cpup(p++); 1145 if ((status = nfsd4_decode_bitmap(argp, readdir->rd_bmval))) 1146 goto out; 1147 1148 DECODE_TAIL; 1149} 1150 1151static __be32 1152nfsd4_decode_remove(struct nfsd4_compoundargs *argp, struct nfsd4_remove *remove) 1153{ 1154 DECODE_HEAD; 1155 1156 READ_BUF(4); 1157 remove->rm_namelen = be32_to_cpup(p++); 1158 READ_BUF(remove->rm_namelen); 1159 SAVEMEM(remove->rm_name, remove->rm_namelen); 1160 if ((status = check_filename(remove->rm_name, remove->rm_namelen))) 1161 return status; 1162 1163 DECODE_TAIL; 1164} 1165 1166static __be32 1167nfsd4_decode_rename(struct nfsd4_compoundargs *argp, struct nfsd4_rename *rename) 1168{ 1169 DECODE_HEAD; 1170 1171 READ_BUF(4); 1172 rename->rn_snamelen = be32_to_cpup(p++); 1173 READ_BUF(rename->rn_snamelen); 1174 SAVEMEM(rename->rn_sname, rename->rn_snamelen); 1175 READ_BUF(4); 1176 rename->rn_tnamelen = be32_to_cpup(p++); 1177 READ_BUF(rename->rn_tnamelen); 1178 SAVEMEM(rename->rn_tname, rename->rn_tnamelen); 1179 if ((status = check_filename(rename->rn_sname, rename->rn_snamelen))) 1180 return status; 1181 if ((status = check_filename(rename->rn_tname, rename->rn_tnamelen))) 1182 return status; 1183 1184 DECODE_TAIL; 1185} 1186 1187static __be32 1188nfsd4_decode_renew(struct nfsd4_compoundargs *argp, clientid_t *clientid) 1189{ 1190 DECODE_HEAD; 1191 1192 if (argp->minorversion >= 1) 1193 return nfserr_notsupp; 1194 1195 READ_BUF(sizeof(clientid_t)); 1196 COPYMEM(clientid, sizeof(clientid_t)); 1197 1198 DECODE_TAIL; 1199} 1200 1201static __be32 1202nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp, 1203 struct nfsd4_secinfo *secinfo) 1204{ 1205 DECODE_HEAD; 1206 1207 READ_BUF(4); 1208 secinfo->si_namelen = be32_to_cpup(p++); 1209 READ_BUF(secinfo->si_namelen); 1210 SAVEMEM(secinfo->si_name, secinfo->si_namelen); 1211 status = check_filename(secinfo->si_name, secinfo->si_namelen); 1212 if (status) 1213 return status; 1214 DECODE_TAIL; 1215} 1216 1217static __be32 1218nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp, 1219 struct nfsd4_secinfo_no_name *sin) 1220{ 1221 DECODE_HEAD; 1222 1223 READ_BUF(4); 1224 sin->sin_style = be32_to_cpup(p++); 1225 DECODE_TAIL; 1226} 1227 1228static __be32 1229nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *setattr) 1230{ 1231 __be32 status; 1232 1233 status = nfsd4_decode_stateid(argp, &setattr->sa_stateid); 1234 if (status) 1235 return status; 1236 return nfsd4_decode_fattr(argp, setattr->sa_bmval, &setattr->sa_iattr, 1237 &setattr->sa_acl, &setattr->sa_label, NULL); 1238} 1239 1240static __be32 1241nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid *setclientid) 1242{ 1243 DECODE_HEAD; 1244 1245 if (argp->minorversion >= 1) 1246 return nfserr_notsupp; 1247 1248 READ_BUF(NFS4_VERIFIER_SIZE); 1249 COPYMEM(setclientid->se_verf.data, NFS4_VERIFIER_SIZE); 1250 1251 status = nfsd4_decode_opaque(argp, &setclientid->se_name); 1252 if (status) 1253 return nfserr_bad_xdr; 1254 READ_BUF(8); 1255 setclientid->se_callback_prog = be32_to_cpup(p++); 1256 setclientid->se_callback_netid_len = be32_to_cpup(p++); 1257 READ_BUF(setclientid->se_callback_netid_len); 1258 SAVEMEM(setclientid->se_callback_netid_val, setclientid->se_callback_netid_len); 1259 READ_BUF(4); 1260 setclientid->se_callback_addr_len = be32_to_cpup(p++); 1261 1262 READ_BUF(setclientid->se_callback_addr_len); 1263 SAVEMEM(setclientid->se_callback_addr_val, setclientid->se_callback_addr_len); 1264 READ_BUF(4); 1265 setclientid->se_callback_ident = be32_to_cpup(p++); 1266 1267 DECODE_TAIL; 1268} 1269 1270static __be32 1271nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid_confirm *scd_c) 1272{ 1273 DECODE_HEAD; 1274 1275 if (argp->minorversion >= 1) 1276 return nfserr_notsupp; 1277 1278 READ_BUF(8 + NFS4_VERIFIER_SIZE); 1279 COPYMEM(&scd_c->sc_clientid, 8); 1280 COPYMEM(&scd_c->sc_confirm, NFS4_VERIFIER_SIZE); 1281 1282 DECODE_TAIL; 1283} 1284 1285/* Also used for NVERIFY */ 1286static __be32 1287nfsd4_decode_verify(struct nfsd4_compoundargs *argp, struct nfsd4_verify *verify) 1288{ 1289 DECODE_HEAD; 1290 1291 if ((status = nfsd4_decode_bitmap(argp, verify->ve_bmval))) 1292 goto out; 1293 1294 /* For convenience's sake, we compare raw xdr'd attributes in 1295 * nfsd4_proc_verify */ 1296 1297 READ_BUF(4); 1298 verify->ve_attrlen = be32_to_cpup(p++); 1299 READ_BUF(verify->ve_attrlen); 1300 SAVEMEM(verify->ve_attrval, verify->ve_attrlen); 1301 1302 DECODE_TAIL; 1303} 1304 1305static __be32 1306nfsd4_decode_write(struct nfsd4_compoundargs *argp, struct nfsd4_write *write) 1307{ 1308 DECODE_HEAD; 1309 1310 status = nfsd4_decode_stateid(argp, &write->wr_stateid); 1311 if (status) 1312 return status; 1313 READ_BUF(16); 1314 p = xdr_decode_hyper(p, &write->wr_offset); 1315 write->wr_stable_how = be32_to_cpup(p++); 1316 if (write->wr_stable_how > NFS_FILE_SYNC) 1317 goto xdr_error; 1318 write->wr_buflen = be32_to_cpup(p++); 1319 1320 status = svcxdr_construct_vector(argp, &write->wr_head, 1321 &write->wr_pagelist, write->wr_buflen); 1322 if (status) 1323 return status; 1324 1325 DECODE_TAIL; 1326} 1327 1328static __be32 1329nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp, struct nfsd4_release_lockowner *rlockowner) 1330{ 1331 DECODE_HEAD; 1332 1333 if (argp->minorversion >= 1) 1334 return nfserr_notsupp; 1335 1336 READ_BUF(12); 1337 COPYMEM(&rlockowner->rl_clientid, sizeof(clientid_t)); 1338 rlockowner->rl_owner.len = be32_to_cpup(p++); 1339 READ_BUF(rlockowner->rl_owner.len); 1340 READMEM(rlockowner->rl_owner.data, rlockowner->rl_owner.len); 1341 1342 if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid)) 1343 return nfserr_inval; 1344 DECODE_TAIL; 1345} 1346 1347static __be32 1348nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp, 1349 struct nfsd4_exchange_id *exid) 1350{ 1351 int dummy, tmp; 1352 DECODE_HEAD; 1353 1354 READ_BUF(NFS4_VERIFIER_SIZE); 1355 COPYMEM(exid->verifier.data, NFS4_VERIFIER_SIZE); 1356 1357 status = nfsd4_decode_opaque(argp, &exid->clname); 1358 if (status) 1359 return nfserr_bad_xdr; 1360 1361 READ_BUF(4); 1362 exid->flags = be32_to_cpup(p++); 1363 1364 /* Ignore state_protect4_a */ 1365 READ_BUF(4); 1366 exid->spa_how = be32_to_cpup(p++); 1367 switch (exid->spa_how) { 1368 case SP4_NONE: 1369 break; 1370 case SP4_MACH_CRED: 1371 /* spo_must_enforce */ 1372 status = nfsd4_decode_bitmap(argp, 1373 exid->spo_must_enforce); 1374 if (status) 1375 goto out; 1376 /* spo_must_allow */ 1377 status = nfsd4_decode_bitmap(argp, exid->spo_must_allow); 1378 if (status) 1379 goto out; 1380 break; 1381 case SP4_SSV: 1382 /* ssp_ops */ 1383 READ_BUF(4); 1384 dummy = be32_to_cpup(p++); 1385 READ_BUF(dummy * 4); 1386 p += dummy; 1387 1388 READ_BUF(4); 1389 dummy = be32_to_cpup(p++); 1390 READ_BUF(dummy * 4); 1391 p += dummy; 1392 1393 /* ssp_hash_algs<> */ 1394 READ_BUF(4); 1395 tmp = be32_to_cpup(p++); 1396 while (tmp--) { 1397 READ_BUF(4); 1398 dummy = be32_to_cpup(p++); 1399 READ_BUF(dummy); 1400 p += XDR_QUADLEN(dummy); 1401 } 1402 1403 /* ssp_encr_algs<> */ 1404 READ_BUF(4); 1405 tmp = be32_to_cpup(p++); 1406 while (tmp--) { 1407 READ_BUF(4); 1408 dummy = be32_to_cpup(p++); 1409 READ_BUF(dummy); 1410 p += XDR_QUADLEN(dummy); 1411 } 1412 1413 /* ignore ssp_window and ssp_num_gss_handles: */ 1414 READ_BUF(8); 1415 break; 1416 default: 1417 goto xdr_error; 1418 } 1419 1420 READ_BUF(4); /* nfs_impl_id4 array length */ 1421 dummy = be32_to_cpup(p++); 1422 1423 if (dummy > 1) 1424 goto xdr_error; 1425 1426 if (dummy == 1) { 1427 status = nfsd4_decode_opaque(argp, &exid->nii_domain); 1428 if (status) 1429 goto xdr_error; 1430 1431 /* nii_name */ 1432 status = nfsd4_decode_opaque(argp, &exid->nii_name); 1433 if (status) 1434 goto xdr_error; 1435 1436 /* nii_date */ 1437 status = nfsd4_decode_time(argp, &exid->nii_time); 1438 if (status) 1439 goto xdr_error; 1440 } 1441 DECODE_TAIL; 1442} 1443 1444static __be32 1445nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, 1446 struct nfsd4_create_session *sess) 1447{ 1448 DECODE_HEAD; 1449 1450 READ_BUF(16); 1451 COPYMEM(&sess->clientid, 8); 1452 sess->seqid = be32_to_cpup(p++); 1453 sess->flags = be32_to_cpup(p++); 1454 1455 /* Fore channel attrs */ 1456 READ_BUF(28); 1457 p++; /* headerpadsz is always 0 */ 1458 sess->fore_channel.maxreq_sz = be32_to_cpup(p++); 1459 sess->fore_channel.maxresp_sz = be32_to_cpup(p++); 1460 sess->fore_channel.maxresp_cached = be32_to_cpup(p++); 1461 sess->fore_channel.maxops = be32_to_cpup(p++); 1462 sess->fore_channel.maxreqs = be32_to_cpup(p++); 1463 sess->fore_channel.nr_rdma_attrs = be32_to_cpup(p++); 1464 if (sess->fore_channel.nr_rdma_attrs == 1) { 1465 READ_BUF(4); 1466 sess->fore_channel.rdma_attrs = be32_to_cpup(p++); 1467 } else if (sess->fore_channel.nr_rdma_attrs > 1) { 1468 dprintk("Too many fore channel attr bitmaps!\n"); 1469 goto xdr_error; 1470 } 1471 1472 /* Back channel attrs */ 1473 READ_BUF(28); 1474 p++; /* headerpadsz is always 0 */ 1475 sess->back_channel.maxreq_sz = be32_to_cpup(p++); 1476 sess->back_channel.maxresp_sz = be32_to_cpup(p++); 1477 sess->back_channel.maxresp_cached = be32_to_cpup(p++); 1478 sess->back_channel.maxops = be32_to_cpup(p++); 1479 sess->back_channel.maxreqs = be32_to_cpup(p++); 1480 sess->back_channel.nr_rdma_attrs = be32_to_cpup(p++); 1481 if (sess->back_channel.nr_rdma_attrs == 1) { 1482 READ_BUF(4); 1483 sess->back_channel.rdma_attrs = be32_to_cpup(p++); 1484 } else if (sess->back_channel.nr_rdma_attrs > 1) { 1485 dprintk("Too many back channel attr bitmaps!\n"); 1486 goto xdr_error; 1487 } 1488 1489 READ_BUF(4); 1490 sess->callback_prog = be32_to_cpup(p++); 1491 nfsd4_decode_cb_sec(argp, &sess->cb_sec); 1492 DECODE_TAIL; 1493} 1494 1495static __be32 1496nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp, 1497 struct nfsd4_destroy_session *destroy_session) 1498{ 1499 DECODE_HEAD; 1500 READ_BUF(NFS4_MAX_SESSIONID_LEN); 1501 COPYMEM(destroy_session->sessionid.data, NFS4_MAX_SESSIONID_LEN); 1502 1503 DECODE_TAIL; 1504} 1505 1506static __be32 1507nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp, 1508 struct nfsd4_free_stateid *free_stateid) 1509{ 1510 DECODE_HEAD; 1511 1512 READ_BUF(sizeof(stateid_t)); 1513 free_stateid->fr_stateid.si_generation = be32_to_cpup(p++); 1514 COPYMEM(&free_stateid->fr_stateid.si_opaque, sizeof(stateid_opaque_t)); 1515 1516 DECODE_TAIL; 1517} 1518 1519static __be32 1520nfsd4_decode_sequence(struct nfsd4_compoundargs *argp, 1521 struct nfsd4_sequence *seq) 1522{ 1523 DECODE_HEAD; 1524 1525 READ_BUF(NFS4_MAX_SESSIONID_LEN + 16); 1526 COPYMEM(seq->sessionid.data, NFS4_MAX_SESSIONID_LEN); 1527 seq->seqid = be32_to_cpup(p++); 1528 seq->slotid = be32_to_cpup(p++); 1529 seq->maxslots = be32_to_cpup(p++); 1530 seq->cachethis = be32_to_cpup(p++); 1531 1532 DECODE_TAIL; 1533} 1534 1535static __be32 1536nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_stateid *test_stateid) 1537{ 1538 int i; 1539 __be32 *p, status; 1540 struct nfsd4_test_stateid_id *stateid; 1541 1542 READ_BUF(4); 1543 test_stateid->ts_num_ids = ntohl(*p++); 1544 1545 INIT_LIST_HEAD(&test_stateid->ts_stateid_list); 1546 1547 for (i = 0; i < test_stateid->ts_num_ids; i++) { 1548 stateid = svcxdr_tmpalloc(argp, sizeof(*stateid)); 1549 if (!stateid) { 1550 status = nfserrno(-ENOMEM); 1551 goto out; 1552 } 1553 1554 INIT_LIST_HEAD(&stateid->ts_id_list); 1555 list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list); 1556 1557 status = nfsd4_decode_stateid(argp, &stateid->ts_id_stateid); 1558 if (status) 1559 goto out; 1560 } 1561 1562 status = 0; 1563out: 1564 return status; 1565xdr_error: 1566 dprintk("NFSD: xdr error (%s:%d)\n", __FILE__, __LINE__); 1567 status = nfserr_bad_xdr; 1568 goto out; 1569} 1570 1571static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp, struct nfsd4_destroy_clientid *dc) 1572{ 1573 DECODE_HEAD; 1574 1575 READ_BUF(8); 1576 COPYMEM(&dc->clientid, 8); 1577 1578 DECODE_TAIL; 1579} 1580 1581static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp, struct nfsd4_reclaim_complete *rc) 1582{ 1583 DECODE_HEAD; 1584 1585 READ_BUF(4); 1586 rc->rca_one_fs = be32_to_cpup(p++); 1587 1588 DECODE_TAIL; 1589} 1590 1591#ifdef CONFIG_NFSD_PNFS 1592static __be32 1593nfsd4_decode_getdeviceinfo(struct nfsd4_compoundargs *argp, 1594 struct nfsd4_getdeviceinfo *gdev) 1595{ 1596 DECODE_HEAD; 1597 u32 num, i; 1598 1599 READ_BUF(sizeof(struct nfsd4_deviceid) + 3 * 4); 1600 COPYMEM(&gdev->gd_devid, sizeof(struct nfsd4_deviceid)); 1601 gdev->gd_layout_type = be32_to_cpup(p++); 1602 gdev->gd_maxcount = be32_to_cpup(p++); 1603 num = be32_to_cpup(p++); 1604 if (num) { 1605 if (num > 1000) 1606 goto xdr_error; 1607 READ_BUF(4 * num); 1608 gdev->gd_notify_types = be32_to_cpup(p++); 1609 for (i = 1; i < num; i++) { 1610 if (be32_to_cpup(p++)) { 1611 status = nfserr_inval; 1612 goto out; 1613 } 1614 } 1615 } 1616 DECODE_TAIL; 1617} 1618 1619static __be32 1620nfsd4_decode_layoutget(struct nfsd4_compoundargs *argp, 1621 struct nfsd4_layoutget *lgp) 1622{ 1623 DECODE_HEAD; 1624 1625 READ_BUF(36); 1626 lgp->lg_signal = be32_to_cpup(p++); 1627 lgp->lg_layout_type = be32_to_cpup(p++); 1628 lgp->lg_seg.iomode = be32_to_cpup(p++); 1629 p = xdr_decode_hyper(p, &lgp->lg_seg.offset); 1630 p = xdr_decode_hyper(p, &lgp->lg_seg.length); 1631 p = xdr_decode_hyper(p, &lgp->lg_minlength); 1632 1633 status = nfsd4_decode_stateid(argp, &lgp->lg_sid); 1634 if (status) 1635 return status; 1636 1637 READ_BUF(4); 1638 lgp->lg_maxcount = be32_to_cpup(p++); 1639 1640 DECODE_TAIL; 1641} 1642 1643static __be32 1644nfsd4_decode_layoutcommit(struct nfsd4_compoundargs *argp, 1645 struct nfsd4_layoutcommit *lcp) 1646{ 1647 DECODE_HEAD; 1648 u32 timechange; 1649 1650 READ_BUF(20); 1651 p = xdr_decode_hyper(p, &lcp->lc_seg.offset); 1652 p = xdr_decode_hyper(p, &lcp->lc_seg.length); 1653 lcp->lc_reclaim = be32_to_cpup(p++); 1654 1655 status = nfsd4_decode_stateid(argp, &lcp->lc_sid); 1656 if (status) 1657 return status; 1658 1659 READ_BUF(4); 1660 lcp->lc_newoffset = be32_to_cpup(p++); 1661 if (lcp->lc_newoffset) { 1662 READ_BUF(8); 1663 p = xdr_decode_hyper(p, &lcp->lc_last_wr); 1664 } else 1665 lcp->lc_last_wr = 0; 1666 READ_BUF(4); 1667 timechange = be32_to_cpup(p++); 1668 if (timechange) { 1669 status = nfsd4_decode_time(argp, &lcp->lc_mtime); 1670 if (status) 1671 return status; 1672 } else { 1673 lcp->lc_mtime.tv_nsec = UTIME_NOW; 1674 } 1675 READ_BUF(8); 1676 lcp->lc_layout_type = be32_to_cpup(p++); 1677 1678 /* 1679 * Save the layout update in XDR format and let the layout driver deal 1680 * with it later. 1681 */ 1682 lcp->lc_up_len = be32_to_cpup(p++); 1683 if (lcp->lc_up_len > 0) { 1684 READ_BUF(lcp->lc_up_len); 1685 READMEM(lcp->lc_up_layout, lcp->lc_up_len); 1686 } 1687 1688 DECODE_TAIL; 1689} 1690 1691static __be32 1692nfsd4_decode_layoutreturn(struct nfsd4_compoundargs *argp, 1693 struct nfsd4_layoutreturn *lrp) 1694{ 1695 DECODE_HEAD; 1696 1697 READ_BUF(16); 1698 lrp->lr_reclaim = be32_to_cpup(p++); 1699 lrp->lr_layout_type = be32_to_cpup(p++); 1700 lrp->lr_seg.iomode = be32_to_cpup(p++); 1701 lrp->lr_return_type = be32_to_cpup(p++); 1702 if (lrp->lr_return_type == RETURN_FILE) { 1703 READ_BUF(16); 1704 p = xdr_decode_hyper(p, &lrp->lr_seg.offset); 1705 p = xdr_decode_hyper(p, &lrp->lr_seg.length); 1706 1707 status = nfsd4_decode_stateid(argp, &lrp->lr_sid); 1708 if (status) 1709 return status; 1710 1711 READ_BUF(4); 1712 lrp->lrf_body_len = be32_to_cpup(p++); 1713 if (lrp->lrf_body_len > 0) { 1714 READ_BUF(lrp->lrf_body_len); 1715 READMEM(lrp->lrf_body, lrp->lrf_body_len); 1716 } 1717 } else { 1718 lrp->lr_seg.offset = 0; 1719 lrp->lr_seg.length = NFS4_MAX_UINT64; 1720 } 1721 1722 DECODE_TAIL; 1723} 1724#endif /* CONFIG_NFSD_PNFS */ 1725 1726static __be32 1727nfsd4_decode_fallocate(struct nfsd4_compoundargs *argp, 1728 struct nfsd4_fallocate *fallocate) 1729{ 1730 DECODE_HEAD; 1731 1732 status = nfsd4_decode_stateid(argp, &fallocate->falloc_stateid); 1733 if (status) 1734 return status; 1735 1736 READ_BUF(16); 1737 p = xdr_decode_hyper(p, &fallocate->falloc_offset); 1738 xdr_decode_hyper(p, &fallocate->falloc_length); 1739 1740 DECODE_TAIL; 1741} 1742 1743static __be32 1744nfsd4_decode_clone(struct nfsd4_compoundargs *argp, struct nfsd4_clone *clone) 1745{ 1746 DECODE_HEAD; 1747 1748 status = nfsd4_decode_stateid(argp, &clone->cl_src_stateid); 1749 if (status) 1750 return status; 1751 status = nfsd4_decode_stateid(argp, &clone->cl_dst_stateid); 1752 if (status) 1753 return status; 1754 1755 READ_BUF(8 + 8 + 8); 1756 p = xdr_decode_hyper(p, &clone->cl_src_pos); 1757 p = xdr_decode_hyper(p, &clone->cl_dst_pos); 1758 p = xdr_decode_hyper(p, &clone->cl_count); 1759 DECODE_TAIL; 1760} 1761 1762static __be32 nfsd4_decode_nl4_server(struct nfsd4_compoundargs *argp, 1763 struct nl4_server *ns) 1764{ 1765 DECODE_HEAD; 1766 struct nfs42_netaddr *naddr; 1767 1768 READ_BUF(4); 1769 ns->nl4_type = be32_to_cpup(p++); 1770 1771 /* currently support for 1 inter-server source server */ 1772 switch (ns->nl4_type) { 1773 case NL4_NETADDR: 1774 naddr = &ns->u.nl4_addr; 1775 1776 READ_BUF(4); 1777 naddr->netid_len = be32_to_cpup(p++); 1778 if (naddr->netid_len > RPCBIND_MAXNETIDLEN) 1779 goto xdr_error; 1780 1781 READ_BUF(naddr->netid_len + 4); /* 4 for uaddr len */ 1782 COPYMEM(naddr->netid, naddr->netid_len); 1783 1784 naddr->addr_len = be32_to_cpup(p++); 1785 if (naddr->addr_len > RPCBIND_MAXUADDRLEN) 1786 goto xdr_error; 1787 1788 READ_BUF(naddr->addr_len); 1789 COPYMEM(naddr->addr, naddr->addr_len); 1790 break; 1791 default: 1792 goto xdr_error; 1793 } 1794 DECODE_TAIL; 1795} 1796 1797static __be32 1798nfsd4_decode_copy(struct nfsd4_compoundargs *argp, struct nfsd4_copy *copy) 1799{ 1800 DECODE_HEAD; 1801 struct nl4_server *ns_dummy; 1802 int i, count; 1803 1804 status = nfsd4_decode_stateid(argp, ©->cp_src_stateid); 1805 if (status) 1806 return status; 1807 status = nfsd4_decode_stateid(argp, ©->cp_dst_stateid); 1808 if (status) 1809 return status; 1810 1811 READ_BUF(8 + 8 + 8 + 4 + 4 + 4); 1812 p = xdr_decode_hyper(p, ©->cp_src_pos); 1813 p = xdr_decode_hyper(p, ©->cp_dst_pos); 1814 p = xdr_decode_hyper(p, ©->cp_count); 1815 p++; /* ca_consecutive: we always do consecutive copies */ 1816 copy->cp_synchronous = be32_to_cpup(p++); 1817 1818 count = be32_to_cpup(p++); 1819 1820 copy->cp_intra = false; 1821 if (count == 0) { /* intra-server copy */ 1822 copy->cp_intra = true; 1823 goto intra; 1824 } 1825 1826 /* decode all the supplied server addresses but use first */ 1827 status = nfsd4_decode_nl4_server(argp, ©->cp_src); 1828 if (status) 1829 return status; 1830 1831 ns_dummy = kmalloc(sizeof(struct nl4_server), GFP_KERNEL); 1832 if (ns_dummy == NULL) 1833 return nfserrno(-ENOMEM); 1834 for (i = 0; i < count - 1; i++) { 1835 status = nfsd4_decode_nl4_server(argp, ns_dummy); 1836 if (status) { 1837 kfree(ns_dummy); 1838 return status; 1839 } 1840 } 1841 kfree(ns_dummy); 1842intra: 1843 1844 DECODE_TAIL; 1845} 1846 1847static __be32 1848nfsd4_decode_offload_status(struct nfsd4_compoundargs *argp, 1849 struct nfsd4_offload_status *os) 1850{ 1851 return nfsd4_decode_stateid(argp, &os->stateid); 1852} 1853 1854static __be32 1855nfsd4_decode_copy_notify(struct nfsd4_compoundargs *argp, 1856 struct nfsd4_copy_notify *cn) 1857{ 1858 __be32 status; 1859 1860 status = nfsd4_decode_stateid(argp, &cn->cpn_src_stateid); 1861 if (status) 1862 return status; 1863 return nfsd4_decode_nl4_server(argp, &cn->cpn_dst); 1864} 1865 1866static __be32 1867nfsd4_decode_seek(struct nfsd4_compoundargs *argp, struct nfsd4_seek *seek) 1868{ 1869 DECODE_HEAD; 1870 1871 status = nfsd4_decode_stateid(argp, &seek->seek_stateid); 1872 if (status) 1873 return status; 1874 1875 READ_BUF(8 + 4); 1876 p = xdr_decode_hyper(p, &seek->seek_offset); 1877 seek->seek_whence = be32_to_cpup(p); 1878 1879 DECODE_TAIL; 1880} 1881 1882/* 1883 * XDR data that is more than PAGE_SIZE in size is normally part of a 1884 * read or write. However, the size of extended attributes is limited 1885 * by the maximum request size, and then further limited by the underlying 1886 * filesystem limits. This can exceed PAGE_SIZE (currently, XATTR_SIZE_MAX 1887 * is 64k). Since there is no kvec- or page-based interface to xattrs, 1888 * and we're not dealing with contiguous pages, we need to do some copying. 1889 */ 1890 1891/* 1892 * Decode data into buffer. Uses head and pages constructed by 1893 * svcxdr_construct_vector. 1894 */ 1895static __be32 1896nfsd4_vbuf_from_vector(struct nfsd4_compoundargs *argp, struct kvec *head, 1897 struct page **pages, char **bufp, u32 buflen) 1898{ 1899 char *tmp, *dp; 1900 u32 len; 1901 1902 if (buflen <= head->iov_len) { 1903 /* 1904 * We're in luck, the head has enough space. Just return 1905 * the head, no need for copying. 1906 */ 1907 *bufp = head->iov_base; 1908 return 0; 1909 } 1910 1911 tmp = svcxdr_tmpalloc(argp, buflen); 1912 if (tmp == NULL) 1913 return nfserr_jukebox; 1914 1915 dp = tmp; 1916 memcpy(dp, head->iov_base, head->iov_len); 1917 buflen -= head->iov_len; 1918 dp += head->iov_len; 1919 1920 while (buflen > 0) { 1921 len = min_t(u32, buflen, PAGE_SIZE); 1922 memcpy(dp, page_address(*pages), len); 1923 1924 buflen -= len; 1925 dp += len; 1926 pages++; 1927 } 1928 1929 *bufp = tmp; 1930 return 0; 1931} 1932 1933/* 1934 * Get a user extended attribute name from the XDR buffer. 1935 * It will not have the "user." prefix, so prepend it. 1936 * Lastly, check for nul characters in the name. 1937 */ 1938static __be32 1939nfsd4_decode_xattr_name(struct nfsd4_compoundargs *argp, char **namep) 1940{ 1941 DECODE_HEAD; 1942 char *name, *sp, *dp; 1943 u32 namelen, cnt; 1944 1945 READ_BUF(4); 1946 namelen = be32_to_cpup(p++); 1947 1948 if (namelen > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) 1949 return nfserr_nametoolong; 1950 1951 if (namelen == 0) 1952 goto xdr_error; 1953 1954 READ_BUF(namelen); 1955 1956 name = svcxdr_tmpalloc(argp, namelen + XATTR_USER_PREFIX_LEN + 1); 1957 if (!name) 1958 return nfserr_jukebox; 1959 1960 memcpy(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN); 1961 1962 /* 1963 * Copy the extended attribute name over while checking for 0 1964 * characters. 1965 */ 1966 sp = (char *)p; 1967 dp = name + XATTR_USER_PREFIX_LEN; 1968 cnt = namelen; 1969 1970 while (cnt-- > 0) { 1971 if (*sp == '\0') 1972 goto xdr_error; 1973 *dp++ = *sp++; 1974 } 1975 *dp = '\0'; 1976 1977 *namep = name; 1978 1979 DECODE_TAIL; 1980} 1981 1982/* 1983 * A GETXATTR op request comes without a length specifier. We just set the 1984 * maximum length for the reply based on XATTR_SIZE_MAX and the maximum 1985 * channel reply size. nfsd_getxattr will probe the length of the xattr, 1986 * check it against getxa_len, and allocate + return the value. 1987 */ 1988static __be32 1989nfsd4_decode_getxattr(struct nfsd4_compoundargs *argp, 1990 struct nfsd4_getxattr *getxattr) 1991{ 1992 __be32 status; 1993 u32 maxcount; 1994 1995 status = nfsd4_decode_xattr_name(argp, &getxattr->getxa_name); 1996 if (status) 1997 return status; 1998 1999 maxcount = svc_max_payload(argp->rqstp); 2000 maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount); 2001 2002 getxattr->getxa_len = maxcount; 2003 2004 return status; 2005} 2006 2007static __be32 2008nfsd4_decode_setxattr(struct nfsd4_compoundargs *argp, 2009 struct nfsd4_setxattr *setxattr) 2010{ 2011 DECODE_HEAD; 2012 u32 flags, maxcount, size; 2013 struct kvec head; 2014 struct page **pagelist; 2015 2016 READ_BUF(4); 2017 flags = be32_to_cpup(p++); 2018 2019 if (flags > SETXATTR4_REPLACE) 2020 return nfserr_inval; 2021 setxattr->setxa_flags = flags; 2022 2023 status = nfsd4_decode_xattr_name(argp, &setxattr->setxa_name); 2024 if (status) 2025 return status; 2026 2027 maxcount = svc_max_payload(argp->rqstp); 2028 maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount); 2029 2030 READ_BUF(4); 2031 size = be32_to_cpup(p++); 2032 if (size > maxcount) 2033 return nfserr_xattr2big; 2034 2035 setxattr->setxa_len = size; 2036 if (size > 0) { 2037 status = svcxdr_construct_vector(argp, &head, &pagelist, size); 2038 if (status) 2039 return status; 2040 2041 status = nfsd4_vbuf_from_vector(argp, &head, pagelist, 2042 &setxattr->setxa_buf, size); 2043 } 2044 2045 DECODE_TAIL; 2046} 2047 2048static __be32 2049nfsd4_decode_listxattrs(struct nfsd4_compoundargs *argp, 2050 struct nfsd4_listxattrs *listxattrs) 2051{ 2052 DECODE_HEAD; 2053 u32 maxcount; 2054 2055 READ_BUF(12); 2056 p = xdr_decode_hyper(p, &listxattrs->lsxa_cookie); 2057 2058 /* 2059 * If the cookie is too large to have even one user.x attribute 2060 * plus trailing '\0' left in a maximum size buffer, it's invalid. 2061 */ 2062 if (listxattrs->lsxa_cookie >= 2063 (XATTR_LIST_MAX / (XATTR_USER_PREFIX_LEN + 2))) 2064 return nfserr_badcookie; 2065 2066 maxcount = be32_to_cpup(p++); 2067 if (maxcount < 8) 2068 /* Always need at least 2 words (length and one character) */ 2069 return nfserr_inval; 2070 2071 maxcount = min(maxcount, svc_max_payload(argp->rqstp)); 2072 listxattrs->lsxa_maxcount = maxcount; 2073 2074 DECODE_TAIL; 2075} 2076 2077static __be32 2078nfsd4_decode_removexattr(struct nfsd4_compoundargs *argp, 2079 struct nfsd4_removexattr *removexattr) 2080{ 2081 return nfsd4_decode_xattr_name(argp, &removexattr->rmxa_name); 2082} 2083 2084static __be32 2085nfsd4_decode_noop(struct nfsd4_compoundargs *argp, void *p) 2086{ 2087 return nfs_ok; 2088} 2089 2090static __be32 2091nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) 2092{ 2093 return nfserr_notsupp; 2094} 2095 2096typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); 2097 2098static const nfsd4_dec nfsd4_dec_ops[] = { 2099 [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, 2100 [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, 2101 [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, 2102 [OP_CREATE] = (nfsd4_dec)nfsd4_decode_create, 2103 [OP_DELEGPURGE] = (nfsd4_dec)nfsd4_decode_notsupp, 2104 [OP_DELEGRETURN] = (nfsd4_dec)nfsd4_decode_delegreturn, 2105 [OP_GETATTR] = (nfsd4_dec)nfsd4_decode_getattr, 2106 [OP_GETFH] = (nfsd4_dec)nfsd4_decode_noop, 2107 [OP_LINK] = (nfsd4_dec)nfsd4_decode_link, 2108 [OP_LOCK] = (nfsd4_dec)nfsd4_decode_lock, 2109 [OP_LOCKT] = (nfsd4_dec)nfsd4_decode_lockt, 2110 [OP_LOCKU] = (nfsd4_dec)nfsd4_decode_locku, 2111 [OP_LOOKUP] = (nfsd4_dec)nfsd4_decode_lookup, 2112 [OP_LOOKUPP] = (nfsd4_dec)nfsd4_decode_noop, 2113 [OP_NVERIFY] = (nfsd4_dec)nfsd4_decode_verify, 2114 [OP_OPEN] = (nfsd4_dec)nfsd4_decode_open, 2115 [OP_OPENATTR] = (nfsd4_dec)nfsd4_decode_notsupp, 2116 [OP_OPEN_CONFIRM] = (nfsd4_dec)nfsd4_decode_open_confirm, 2117 [OP_OPEN_DOWNGRADE] = (nfsd4_dec)nfsd4_decode_open_downgrade, 2118 [OP_PUTFH] = (nfsd4_dec)nfsd4_decode_putfh, 2119 [OP_PUTPUBFH] = (nfsd4_dec)nfsd4_decode_putpubfh, 2120 [OP_PUTROOTFH] = (nfsd4_dec)nfsd4_decode_noop, 2121 [OP_READ] = (nfsd4_dec)nfsd4_decode_read, 2122 [OP_READDIR] = (nfsd4_dec)nfsd4_decode_readdir, 2123 [OP_READLINK] = (nfsd4_dec)nfsd4_decode_noop, 2124 [OP_REMOVE] = (nfsd4_dec)nfsd4_decode_remove, 2125 [OP_RENAME] = (nfsd4_dec)nfsd4_decode_rename, 2126 [OP_RENEW] = (nfsd4_dec)nfsd4_decode_renew, 2127 [OP_RESTOREFH] = (nfsd4_dec)nfsd4_decode_noop, 2128 [OP_SAVEFH] = (nfsd4_dec)nfsd4_decode_noop, 2129 [OP_SECINFO] = (nfsd4_dec)nfsd4_decode_secinfo, 2130 [OP_SETATTR] = (nfsd4_dec)nfsd4_decode_setattr, 2131 [OP_SETCLIENTID] = (nfsd4_dec)nfsd4_decode_setclientid, 2132 [OP_SETCLIENTID_CONFIRM] = (nfsd4_dec)nfsd4_decode_setclientid_confirm, 2133 [OP_VERIFY] = (nfsd4_dec)nfsd4_decode_verify, 2134 [OP_WRITE] = (nfsd4_dec)nfsd4_decode_write, 2135 [OP_RELEASE_LOCKOWNER] = (nfsd4_dec)nfsd4_decode_release_lockowner, 2136 2137 /* new operations for NFSv4.1 */ 2138 [OP_BACKCHANNEL_CTL] = (nfsd4_dec)nfsd4_decode_backchannel_ctl, 2139 [OP_BIND_CONN_TO_SESSION]= (nfsd4_dec)nfsd4_decode_bind_conn_to_session, 2140 [OP_EXCHANGE_ID] = (nfsd4_dec)nfsd4_decode_exchange_id, 2141 [OP_CREATE_SESSION] = (nfsd4_dec)nfsd4_decode_create_session, 2142 [OP_DESTROY_SESSION] = (nfsd4_dec)nfsd4_decode_destroy_session, 2143 [OP_FREE_STATEID] = (nfsd4_dec)nfsd4_decode_free_stateid, 2144 [OP_GET_DIR_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp, 2145#ifdef CONFIG_NFSD_PNFS 2146 [OP_GETDEVICEINFO] = (nfsd4_dec)nfsd4_decode_getdeviceinfo, 2147 [OP_GETDEVICELIST] = (nfsd4_dec)nfsd4_decode_notsupp, 2148 [OP_LAYOUTCOMMIT] = (nfsd4_dec)nfsd4_decode_layoutcommit, 2149 [OP_LAYOUTGET] = (nfsd4_dec)nfsd4_decode_layoutget, 2150 [OP_LAYOUTRETURN] = (nfsd4_dec)nfsd4_decode_layoutreturn, 2151#else 2152 [OP_GETDEVICEINFO] = (nfsd4_dec)nfsd4_decode_notsupp, 2153 [OP_GETDEVICELIST] = (nfsd4_dec)nfsd4_decode_notsupp, 2154 [OP_LAYOUTCOMMIT] = (nfsd4_dec)nfsd4_decode_notsupp, 2155 [OP_LAYOUTGET] = (nfsd4_dec)nfsd4_decode_notsupp, 2156 [OP_LAYOUTRETURN] = (nfsd4_dec)nfsd4_decode_notsupp, 2157#endif 2158 [OP_SECINFO_NO_NAME] = (nfsd4_dec)nfsd4_decode_secinfo_no_name, 2159 [OP_SEQUENCE] = (nfsd4_dec)nfsd4_decode_sequence, 2160 [OP_SET_SSV] = (nfsd4_dec)nfsd4_decode_notsupp, 2161 [OP_TEST_STATEID] = (nfsd4_dec)nfsd4_decode_test_stateid, 2162 [OP_WANT_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp, 2163 [OP_DESTROY_CLIENTID] = (nfsd4_dec)nfsd4_decode_destroy_clientid, 2164 [OP_RECLAIM_COMPLETE] = (nfsd4_dec)nfsd4_decode_reclaim_complete, 2165 2166 /* new operations for NFSv4.2 */ 2167 [OP_ALLOCATE] = (nfsd4_dec)nfsd4_decode_fallocate, 2168 [OP_COPY] = (nfsd4_dec)nfsd4_decode_copy, 2169 [OP_COPY_NOTIFY] = (nfsd4_dec)nfsd4_decode_copy_notify, 2170 [OP_DEALLOCATE] = (nfsd4_dec)nfsd4_decode_fallocate, 2171 [OP_IO_ADVISE] = (nfsd4_dec)nfsd4_decode_notsupp, 2172 [OP_LAYOUTERROR] = (nfsd4_dec)nfsd4_decode_notsupp, 2173 [OP_LAYOUTSTATS] = (nfsd4_dec)nfsd4_decode_notsupp, 2174 [OP_OFFLOAD_CANCEL] = (nfsd4_dec)nfsd4_decode_offload_status, 2175 [OP_OFFLOAD_STATUS] = (nfsd4_dec)nfsd4_decode_offload_status, 2176 [OP_READ_PLUS] = (nfsd4_dec)nfsd4_decode_read, 2177 [OP_SEEK] = (nfsd4_dec)nfsd4_decode_seek, 2178 [OP_WRITE_SAME] = (nfsd4_dec)nfsd4_decode_notsupp, 2179 [OP_CLONE] = (nfsd4_dec)nfsd4_decode_clone, 2180 /* RFC 8276 extended atributes operations */ 2181 [OP_GETXATTR] = (nfsd4_dec)nfsd4_decode_getxattr, 2182 [OP_SETXATTR] = (nfsd4_dec)nfsd4_decode_setxattr, 2183 [OP_LISTXATTRS] = (nfsd4_dec)nfsd4_decode_listxattrs, 2184 [OP_REMOVEXATTR] = (nfsd4_dec)nfsd4_decode_removexattr, 2185}; 2186 2187static inline bool 2188nfsd4_opnum_in_range(struct nfsd4_compoundargs *argp, struct nfsd4_op *op) 2189{ 2190 if (op->opnum < FIRST_NFS4_OP) 2191 return false; 2192 else if (argp->minorversion == 0 && op->opnum > LAST_NFS40_OP) 2193 return false; 2194 else if (argp->minorversion == 1 && op->opnum > LAST_NFS41_OP) 2195 return false; 2196 else if (argp->minorversion == 2 && op->opnum > LAST_NFS42_OP) 2197 return false; 2198 return true; 2199} 2200 2201static __be32 2202nfsd4_decode_compound(struct nfsd4_compoundargs *argp) 2203{ 2204 DECODE_HEAD; 2205 struct nfsd4_op *op; 2206 bool cachethis = false; 2207 int auth_slack= argp->rqstp->rq_auth_slack; 2208 int max_reply = auth_slack + 8; /* opcnt, status */ 2209 int readcount = 0; 2210 int readbytes = 0; 2211 int i; 2212 2213 READ_BUF(4); 2214 argp->taglen = be32_to_cpup(p++); 2215 READ_BUF(argp->taglen); 2216 SAVEMEM(argp->tag, argp->taglen); 2217 READ_BUF(8); 2218 argp->minorversion = be32_to_cpup(p++); 2219 argp->opcnt = be32_to_cpup(p++); 2220 max_reply += 4 + (XDR_QUADLEN(argp->taglen) << 2); 2221 2222 if (argp->taglen > NFSD4_MAX_TAGLEN) 2223 goto xdr_error; 2224 /* 2225 * NFS4ERR_RESOURCE is a more helpful error than GARBAGE_ARGS 2226 * here, so we return success at the xdr level so that 2227 * nfsd4_proc can handle this is an NFS-level error. 2228 */ 2229 if (argp->opcnt > NFSD_MAX_OPS_PER_COMPOUND) 2230 return 0; 2231 2232 if (argp->opcnt > ARRAY_SIZE(argp->iops)) { 2233 argp->ops = kzalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL); 2234 if (!argp->ops) { 2235 argp->ops = argp->iops; 2236 dprintk("nfsd: couldn't allocate room for COMPOUND\n"); 2237 goto xdr_error; 2238 } 2239 } 2240 2241 if (argp->minorversion > NFSD_SUPPORTED_MINOR_VERSION) 2242 argp->opcnt = 0; 2243 2244 for (i = 0; i < argp->opcnt; i++) { 2245 op = &argp->ops[i]; 2246 op->replay = NULL; 2247 2248 READ_BUF(4); 2249 op->opnum = be32_to_cpup(p++); 2250 2251 if (nfsd4_opnum_in_range(argp, op)) 2252 op->status = nfsd4_dec_ops[op->opnum](argp, &op->u); 2253 else { 2254 op->opnum = OP_ILLEGAL; 2255 op->status = nfserr_op_illegal; 2256 } 2257 op->opdesc = OPDESC(op); 2258 /* 2259 * We'll try to cache the result in the DRC if any one 2260 * op in the compound wants to be cached: 2261 */ 2262 cachethis |= nfsd4_cache_this_op(op); 2263 2264 if (op->opnum == OP_READ || op->opnum == OP_READ_PLUS) { 2265 readcount++; 2266 readbytes += nfsd4_max_reply(argp->rqstp, op); 2267 } else 2268 max_reply += nfsd4_max_reply(argp->rqstp, op); 2269 /* 2270 * OP_LOCK and OP_LOCKT may return a conflicting lock. 2271 * (Special case because it will just skip encoding this 2272 * if it runs out of xdr buffer space, and it is the only 2273 * operation that behaves this way.) 2274 */ 2275 if (op->opnum == OP_LOCK || op->opnum == OP_LOCKT) 2276 max_reply += NFS4_OPAQUE_LIMIT; 2277 2278 if (op->status) { 2279 argp->opcnt = i+1; 2280 break; 2281 } 2282 } 2283 /* Sessions make the DRC unnecessary: */ 2284 if (argp->minorversion) 2285 cachethis = false; 2286 svc_reserve(argp->rqstp, max_reply + readbytes); 2287 argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE; 2288 2289 if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack) 2290 clear_bit(RQ_SPLICE_OK, &argp->rqstp->rq_flags); 2291 2292 DECODE_TAIL; 2293} 2294 2295static __be32 *encode_change(__be32 *p, struct kstat *stat, struct inode *inode, 2296 struct svc_export *exp) 2297{ 2298 if (exp->ex_flags & NFSEXP_V4ROOT) { 2299 *p++ = cpu_to_be32(convert_to_wallclock(exp->cd->flush_time)); 2300 *p++ = 0; 2301 } else if (IS_I_VERSION(inode)) { 2302 p = xdr_encode_hyper(p, nfsd4_change_attribute(stat, inode)); 2303 } else { 2304 *p++ = cpu_to_be32(stat->ctime.tv_sec); 2305 *p++ = cpu_to_be32(stat->ctime.tv_nsec); 2306 } 2307 return p; 2308} 2309 2310/* 2311 * ctime (in NFSv4, time_metadata) is not writeable, and the client 2312 * doesn't really care what resolution could theoretically be stored by 2313 * the filesystem. 2314 * 2315 * The client cares how close together changes can be while still 2316 * guaranteeing ctime changes. For most filesystems (which have 2317 * timestamps with nanosecond fields) that is limited by the resolution 2318 * of the time returned from current_time() (which I'm assuming to be 2319 * 1/HZ). 2320 */ 2321static __be32 *encode_time_delta(__be32 *p, struct inode *inode) 2322{ 2323 struct timespec64 ts; 2324 u32 ns; 2325 2326 ns = max_t(u32, NSEC_PER_SEC/HZ, inode->i_sb->s_time_gran); 2327 ts = ns_to_timespec64(ns); 2328 2329 p = xdr_encode_hyper(p, ts.tv_sec); 2330 *p++ = cpu_to_be32(ts.tv_nsec); 2331 2332 return p; 2333} 2334 2335static __be32 *encode_cinfo(__be32 *p, struct nfsd4_change_info *c) 2336{ 2337 *p++ = cpu_to_be32(c->atomic); 2338 if (c->change_supported) { 2339 p = xdr_encode_hyper(p, c->before_change); 2340 p = xdr_encode_hyper(p, c->after_change); 2341 } else { 2342 *p++ = cpu_to_be32(c->before_ctime_sec); 2343 *p++ = cpu_to_be32(c->before_ctime_nsec); 2344 *p++ = cpu_to_be32(c->after_ctime_sec); 2345 *p++ = cpu_to_be32(c->after_ctime_nsec); 2346 } 2347 return p; 2348} 2349 2350/* Encode as an array of strings the string given with components 2351 * separated @sep, escaped with esc_enter and esc_exit. 2352 */ 2353static __be32 nfsd4_encode_components_esc(struct xdr_stream *xdr, char sep, 2354 char *components, char esc_enter, 2355 char esc_exit) 2356{ 2357 __be32 *p; 2358 __be32 pathlen; 2359 int pathlen_offset; 2360 int strlen, count=0; 2361 char *str, *end, *next; 2362 2363 dprintk("nfsd4_encode_components(%s)\n", components); 2364 2365 pathlen_offset = xdr->buf->len; 2366 p = xdr_reserve_space(xdr, 4); 2367 if (!p) 2368 return nfserr_resource; 2369 p++; /* We will fill this in with @count later */ 2370 2371 end = str = components; 2372 while (*end) { 2373 bool found_esc = false; 2374 2375 /* try to parse as esc_start, ..., esc_end, sep */ 2376 if (*str == esc_enter) { 2377 for (; *end && (*end != esc_exit); end++) 2378 /* find esc_exit or end of string */; 2379 next = end + 1; 2380 if (*end && (!*next || *next == sep)) { 2381 str++; 2382 found_esc = true; 2383 } 2384 } 2385 2386 if (!found_esc) 2387 for (; *end && (*end != sep); end++) 2388 /* find sep or end of string */; 2389 2390 strlen = end - str; 2391 if (strlen) { 2392 p = xdr_reserve_space(xdr, strlen + 4); 2393 if (!p) 2394 return nfserr_resource; 2395 p = xdr_encode_opaque(p, str, strlen); 2396 count++; 2397 } 2398 else 2399 end++; 2400 if (found_esc) 2401 end = next; 2402 2403 str = end; 2404 } 2405 pathlen = htonl(count); 2406 write_bytes_to_xdr_buf(xdr->buf, pathlen_offset, &pathlen, 4); 2407 return 0; 2408} 2409 2410/* Encode as an array of strings the string given with components 2411 * separated @sep. 2412 */ 2413static __be32 nfsd4_encode_components(struct xdr_stream *xdr, char sep, 2414 char *components) 2415{ 2416 return nfsd4_encode_components_esc(xdr, sep, components, 0, 0); 2417} 2418 2419/* 2420 * encode a location element of a fs_locations structure 2421 */ 2422static __be32 nfsd4_encode_fs_location4(struct xdr_stream *xdr, 2423 struct nfsd4_fs_location *location) 2424{ 2425 __be32 status; 2426 2427 status = nfsd4_encode_components_esc(xdr, ':', location->hosts, 2428 '[', ']'); 2429 if (status) 2430 return status; 2431 status = nfsd4_encode_components(xdr, '/', location->path); 2432 if (status) 2433 return status; 2434 return 0; 2435} 2436 2437/* 2438 * Encode a path in RFC3530 'pathname4' format 2439 */ 2440static __be32 nfsd4_encode_path(struct xdr_stream *xdr, 2441 const struct path *root, 2442 const struct path *path) 2443{ 2444 struct path cur = *path; 2445 __be32 *p; 2446 struct dentry **components = NULL; 2447 unsigned int ncomponents = 0; 2448 __be32 err = nfserr_jukebox; 2449 2450 dprintk("nfsd4_encode_components("); 2451 2452 path_get(&cur); 2453 /* First walk the path up to the nfsd root, and store the 2454 * dentries/path components in an array. 2455 */ 2456 for (;;) { 2457 if (path_equal(&cur, root)) 2458 break; 2459 if (cur.dentry == cur.mnt->mnt_root) { 2460 if (follow_up(&cur)) 2461 continue; 2462 goto out_free; 2463 } 2464 if ((ncomponents & 15) == 0) { 2465 struct dentry **new; 2466 new = krealloc(components, 2467 sizeof(*new) * (ncomponents + 16), 2468 GFP_KERNEL); 2469 if (!new) 2470 goto out_free; 2471 components = new; 2472 } 2473 components[ncomponents++] = cur.dentry; 2474 cur.dentry = dget_parent(cur.dentry); 2475 } 2476 err = nfserr_resource; 2477 p = xdr_reserve_space(xdr, 4); 2478 if (!p) 2479 goto out_free; 2480 *p++ = cpu_to_be32(ncomponents); 2481 2482 while (ncomponents) { 2483 struct dentry *dentry = components[ncomponents - 1]; 2484 unsigned int len; 2485 2486 spin_lock(&dentry->d_lock); 2487 len = dentry->d_name.len; 2488 p = xdr_reserve_space(xdr, len + 4); 2489 if (!p) { 2490 spin_unlock(&dentry->d_lock); 2491 goto out_free; 2492 } 2493 p = xdr_encode_opaque(p, dentry->d_name.name, len); 2494 dprintk("/%pd", dentry); 2495 spin_unlock(&dentry->d_lock); 2496 dput(dentry); 2497 ncomponents--; 2498 } 2499 2500 err = 0; 2501out_free: 2502 dprintk(")\n"); 2503 while (ncomponents) 2504 dput(components[--ncomponents]); 2505 kfree(components); 2506 path_put(&cur); 2507 return err; 2508} 2509 2510static __be32 nfsd4_encode_fsloc_fsroot(struct xdr_stream *xdr, 2511 struct svc_rqst *rqstp, const struct path *path) 2512{ 2513 struct svc_export *exp_ps; 2514 __be32 res; 2515 2516 exp_ps = rqst_find_fsidzero_export(rqstp); 2517 if (IS_ERR(exp_ps)) 2518 return nfserrno(PTR_ERR(exp_ps)); 2519 res = nfsd4_encode_path(xdr, &exp_ps->ex_path, path); 2520 exp_put(exp_ps); 2521 return res; 2522} 2523 2524/* 2525 * encode a fs_locations structure 2526 */ 2527static __be32 nfsd4_encode_fs_locations(struct xdr_stream *xdr, 2528 struct svc_rqst *rqstp, struct svc_export *exp) 2529{ 2530 __be32 status; 2531 int i; 2532 __be32 *p; 2533 struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs; 2534 2535 status = nfsd4_encode_fsloc_fsroot(xdr, rqstp, &exp->ex_path); 2536 if (status) 2537 return status; 2538 p = xdr_reserve_space(xdr, 4); 2539 if (!p) 2540 return nfserr_resource; 2541 *p++ = cpu_to_be32(fslocs->locations_count); 2542 for (i=0; i<fslocs->locations_count; i++) { 2543 status = nfsd4_encode_fs_location4(xdr, &fslocs->locations[i]); 2544 if (status) 2545 return status; 2546 } 2547 return 0; 2548} 2549 2550static u32 nfs4_file_type(umode_t mode) 2551{ 2552 switch (mode & S_IFMT) { 2553 case S_IFIFO: return NF4FIFO; 2554 case S_IFCHR: return NF4CHR; 2555 case S_IFDIR: return NF4DIR; 2556 case S_IFBLK: return NF4BLK; 2557 case S_IFLNK: return NF4LNK; 2558 case S_IFREG: return NF4REG; 2559 case S_IFSOCK: return NF4SOCK; 2560 default: return NF4BAD; 2561 }; 2562} 2563 2564static inline __be32 2565nfsd4_encode_aclname(struct xdr_stream *xdr, struct svc_rqst *rqstp, 2566 struct nfs4_ace *ace) 2567{ 2568 if (ace->whotype != NFS4_ACL_WHO_NAMED) 2569 return nfs4_acl_write_who(xdr, ace->whotype); 2570 else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP) 2571 return nfsd4_encode_group(xdr, rqstp, ace->who_gid); 2572 else 2573 return nfsd4_encode_user(xdr, rqstp, ace->who_uid); 2574} 2575 2576static inline __be32 2577nfsd4_encode_layout_types(struct xdr_stream *xdr, u32 layout_types) 2578{ 2579 __be32 *p; 2580 unsigned long i = hweight_long(layout_types); 2581 2582 p = xdr_reserve_space(xdr, 4 + 4 * i); 2583 if (!p) 2584 return nfserr_resource; 2585 2586 *p++ = cpu_to_be32(i); 2587 2588 for (i = LAYOUT_NFSV4_1_FILES; i < LAYOUT_TYPE_MAX; ++i) 2589 if (layout_types & (1 << i)) 2590 *p++ = cpu_to_be32(i); 2591 2592 return 0; 2593} 2594 2595#define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \ 2596 FATTR4_WORD0_RDATTR_ERROR) 2597#define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID 2598#define WORD2_ABSENT_FS_ATTRS 0 2599 2600#ifdef CONFIG_NFSD_V4_SECURITY_LABEL 2601static inline __be32 2602nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, 2603 void *context, int len) 2604{ 2605 __be32 *p; 2606 2607 p = xdr_reserve_space(xdr, len + 4 + 4 + 4); 2608 if (!p) 2609 return nfserr_resource; 2610 2611 /* 2612 * For now we use a 0 here to indicate the null translation; in 2613 * the future we may place a call to translation code here. 2614 */ 2615 *p++ = cpu_to_be32(0); /* lfs */ 2616 *p++ = cpu_to_be32(0); /* pi */ 2617 p = xdr_encode_opaque(p, context, len); 2618 return 0; 2619} 2620#else 2621static inline __be32 2622nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, 2623 void *context, int len) 2624{ return 0; } 2625#endif 2626 2627static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *bmval2, u32 *rdattr_err) 2628{ 2629 /* As per referral draft: */ 2630 if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS || 2631 *bmval1 & ~WORD1_ABSENT_FS_ATTRS) { 2632 if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR || 2633 *bmval0 & FATTR4_WORD0_FS_LOCATIONS) 2634 *rdattr_err = NFSERR_MOVED; 2635 else 2636 return nfserr_moved; 2637 } 2638 *bmval0 &= WORD0_ABSENT_FS_ATTRS; 2639 *bmval1 &= WORD1_ABSENT_FS_ATTRS; 2640 *bmval2 &= WORD2_ABSENT_FS_ATTRS; 2641 return 0; 2642} 2643 2644 2645static int get_parent_attributes(struct svc_export *exp, struct kstat *stat) 2646{ 2647 struct path path = exp->ex_path; 2648 int err; 2649 2650 path_get(&path); 2651 while (follow_up(&path)) { 2652 if (path.dentry != path.mnt->mnt_root) 2653 break; 2654 } 2655 err = vfs_getattr(&path, stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT); 2656 path_put(&path); 2657 return err; 2658} 2659 2660static __be32 2661nfsd4_encode_bitmap(struct xdr_stream *xdr, u32 bmval0, u32 bmval1, u32 bmval2) 2662{ 2663 __be32 *p; 2664 2665 if (bmval2) { 2666 p = xdr_reserve_space(xdr, 16); 2667 if (!p) 2668 goto out_resource; 2669 *p++ = cpu_to_be32(3); 2670 *p++ = cpu_to_be32(bmval0); 2671 *p++ = cpu_to_be32(bmval1); 2672 *p++ = cpu_to_be32(bmval2); 2673 } else if (bmval1) { 2674 p = xdr_reserve_space(xdr, 12); 2675 if (!p) 2676 goto out_resource; 2677 *p++ = cpu_to_be32(2); 2678 *p++ = cpu_to_be32(bmval0); 2679 *p++ = cpu_to_be32(bmval1); 2680 } else { 2681 p = xdr_reserve_space(xdr, 8); 2682 if (!p) 2683 goto out_resource; 2684 *p++ = cpu_to_be32(1); 2685 *p++ = cpu_to_be32(bmval0); 2686 } 2687 2688 return 0; 2689out_resource: 2690 return nfserr_resource; 2691} 2692 2693/* 2694 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle 2695 * ourselves. 2696 */ 2697static __be32 2698nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, 2699 struct svc_export *exp, 2700 struct dentry *dentry, u32 *bmval, 2701 struct svc_rqst *rqstp, int ignore_crossmnt) 2702{ 2703 u32 bmval0 = bmval[0]; 2704 u32 bmval1 = bmval[1]; 2705 u32 bmval2 = bmval[2]; 2706 struct kstat stat; 2707 struct svc_fh *tempfh = NULL; 2708 struct kstatfs statfs; 2709 __be32 *p; 2710 int starting_len = xdr->buf->len; 2711 int attrlen_offset; 2712 __be32 attrlen; 2713 u32 dummy; 2714 u64 dummy64; 2715 u32 rdattr_err = 0; 2716 __be32 status; 2717 int err; 2718 struct nfs4_acl *acl = NULL; 2719#ifdef CONFIG_NFSD_V4_SECURITY_LABEL 2720 void *context = NULL; 2721 int contextlen; 2722#endif 2723 bool contextsupport = false; 2724 struct nfsd4_compoundres *resp = rqstp->rq_resp; 2725 u32 minorversion = resp->cstate.minorversion; 2726 struct path path = { 2727 .mnt = exp->ex_path.mnt, 2728 .dentry = dentry, 2729 }; 2730 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2731 2732 BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1); 2733 BUG_ON(!nfsd_attrs_supported(minorversion, bmval)); 2734 2735 if (exp->ex_fslocs.migrated) { 2736 status = fattr_handle_absent_fs(&bmval0, &bmval1, &bmval2, &rdattr_err); 2737 if (status) 2738 goto out; 2739 } 2740 2741 err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT); 2742 if (err) 2743 goto out_nfserr; 2744 if ((bmval0 & (FATTR4_WORD0_FILES_AVAIL | FATTR4_WORD0_FILES_FREE | 2745 FATTR4_WORD0_FILES_TOTAL | FATTR4_WORD0_MAXNAME)) || 2746 (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE | 2747 FATTR4_WORD1_SPACE_TOTAL))) { 2748 err = vfs_statfs(&path, &statfs); 2749 if (err) 2750 goto out_nfserr; 2751 } 2752 if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) { 2753 tempfh = kmalloc(sizeof(struct svc_fh), GFP_KERNEL); 2754 status = nfserr_jukebox; 2755 if (!tempfh) 2756 goto out; 2757 fh_init(tempfh, NFS4_FHSIZE); 2758 status = fh_compose(tempfh, exp, dentry, NULL); 2759 if (status) 2760 goto out; 2761 fhp = tempfh; 2762 } 2763 if (bmval0 & FATTR4_WORD0_ACL) { 2764 err = nfsd4_get_nfs4_acl(rqstp, dentry, &acl); 2765 if (err == -EOPNOTSUPP) 2766 bmval0 &= ~FATTR4_WORD0_ACL; 2767 else if (err == -EINVAL) { 2768 status = nfserr_attrnotsupp; 2769 goto out; 2770 } else if (err != 0) 2771 goto out_nfserr; 2772 } 2773 2774#ifdef CONFIG_NFSD_V4_SECURITY_LABEL 2775 if ((bmval2 & FATTR4_WORD2_SECURITY_LABEL) || 2776 bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) { 2777 if (exp->ex_flags & NFSEXP_SECURITY_LABEL) 2778 err = security_inode_getsecctx(d_inode(dentry), 2779 &context, &contextlen); 2780 else 2781 err = -EOPNOTSUPP; 2782 contextsupport = (err == 0); 2783 if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) { 2784 if (err == -EOPNOTSUPP) 2785 bmval2 &= ~FATTR4_WORD2_SECURITY_LABEL; 2786 else if (err) 2787 goto out_nfserr; 2788 } 2789 } 2790#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ 2791 2792 status = nfsd4_encode_bitmap(xdr, bmval0, bmval1, bmval2); 2793 if (status) 2794 goto out; 2795 2796 attrlen_offset = xdr->buf->len; 2797 p = xdr_reserve_space(xdr, 4); 2798 if (!p) 2799 goto out_resource; 2800 p++; /* to be backfilled later */ 2801 2802 if (bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) { 2803 u32 supp[3]; 2804 2805 memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp)); 2806 2807 if (!IS_POSIXACL(dentry->d_inode)) 2808 supp[0] &= ~FATTR4_WORD0_ACL; 2809 if (!contextsupport) 2810 supp[2] &= ~FATTR4_WORD2_SECURITY_LABEL; 2811 if (!supp[2]) { 2812 p = xdr_reserve_space(xdr, 12); 2813 if (!p) 2814 goto out_resource; 2815 *p++ = cpu_to_be32(2); 2816 *p++ = cpu_to_be32(supp[0]); 2817 *p++ = cpu_to_be32(supp[1]); 2818 } else { 2819 p = xdr_reserve_space(xdr, 16); 2820 if (!p) 2821 goto out_resource; 2822 *p++ = cpu_to_be32(3); 2823 *p++ = cpu_to_be32(supp[0]); 2824 *p++ = cpu_to_be32(supp[1]); 2825 *p++ = cpu_to_be32(supp[2]); 2826 } 2827 } 2828 if (bmval0 & FATTR4_WORD0_TYPE) { 2829 p = xdr_reserve_space(xdr, 4); 2830 if (!p) 2831 goto out_resource; 2832 dummy = nfs4_file_type(stat.mode); 2833 if (dummy == NF4BAD) { 2834 status = nfserr_serverfault; 2835 goto out; 2836 } 2837 *p++ = cpu_to_be32(dummy); 2838 } 2839 if (bmval0 & FATTR4_WORD0_FH_EXPIRE_TYPE) { 2840 p = xdr_reserve_space(xdr, 4); 2841 if (!p) 2842 goto out_resource; 2843 if (exp->ex_flags & NFSEXP_NOSUBTREECHECK) 2844 *p++ = cpu_to_be32(NFS4_FH_PERSISTENT); 2845 else 2846 *p++ = cpu_to_be32(NFS4_FH_PERSISTENT| 2847 NFS4_FH_VOL_RENAME); 2848 } 2849 if (bmval0 & FATTR4_WORD0_CHANGE) { 2850 p = xdr_reserve_space(xdr, 8); 2851 if (!p) 2852 goto out_resource; 2853 p = encode_change(p, &stat, d_inode(dentry), exp); 2854 } 2855 if (bmval0 & FATTR4_WORD0_SIZE) { 2856 p = xdr_reserve_space(xdr, 8); 2857 if (!p) 2858 goto out_resource; 2859 p = xdr_encode_hyper(p, stat.size); 2860 } 2861 if (bmval0 & FATTR4_WORD0_LINK_SUPPORT) { 2862 p = xdr_reserve_space(xdr, 4); 2863 if (!p) 2864 goto out_resource; 2865 *p++ = cpu_to_be32(1); 2866 } 2867 if (bmval0 & FATTR4_WORD0_SYMLINK_SUPPORT) { 2868 p = xdr_reserve_space(xdr, 4); 2869 if (!p) 2870 goto out_resource; 2871 *p++ = cpu_to_be32(1); 2872 } 2873 if (bmval0 & FATTR4_WORD0_NAMED_ATTR) { 2874 p = xdr_reserve_space(xdr, 4); 2875 if (!p) 2876 goto out_resource; 2877 *p++ = cpu_to_be32(0); 2878 } 2879 if (bmval0 & FATTR4_WORD0_FSID) { 2880 p = xdr_reserve_space(xdr, 16); 2881 if (!p) 2882 goto out_resource; 2883 if (exp->ex_fslocs.migrated) { 2884 p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MAJOR); 2885 p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MINOR); 2886 } else switch(fsid_source(fhp)) { 2887 case FSIDSOURCE_FSID: 2888 p = xdr_encode_hyper(p, (u64)exp->ex_fsid); 2889 p = xdr_encode_hyper(p, (u64)0); 2890 break; 2891 case FSIDSOURCE_DEV: 2892 *p++ = cpu_to_be32(0); 2893 *p++ = cpu_to_be32(MAJOR(stat.dev)); 2894 *p++ = cpu_to_be32(0); 2895 *p++ = cpu_to_be32(MINOR(stat.dev)); 2896 break; 2897 case FSIDSOURCE_UUID: 2898 p = xdr_encode_opaque_fixed(p, exp->ex_uuid, 2899 EX_UUID_LEN); 2900 break; 2901 } 2902 } 2903 if (bmval0 & FATTR4_WORD0_UNIQUE_HANDLES) { 2904 p = xdr_reserve_space(xdr, 4); 2905 if (!p) 2906 goto out_resource; 2907 *p++ = cpu_to_be32(0); 2908 } 2909 if (bmval0 & FATTR4_WORD0_LEASE_TIME) { 2910 p = xdr_reserve_space(xdr, 4); 2911 if (!p) 2912 goto out_resource; 2913 *p++ = cpu_to_be32(nn->nfsd4_lease); 2914 } 2915 if (bmval0 & FATTR4_WORD0_RDATTR_ERROR) { 2916 p = xdr_reserve_space(xdr, 4); 2917 if (!p) 2918 goto out_resource; 2919 *p++ = cpu_to_be32(rdattr_err); 2920 } 2921 if (bmval0 & FATTR4_WORD0_ACL) { 2922 struct nfs4_ace *ace; 2923 2924 if (acl == NULL) { 2925 p = xdr_reserve_space(xdr, 4); 2926 if (!p) 2927 goto out_resource; 2928 2929 *p++ = cpu_to_be32(0); 2930 goto out_acl; 2931 } 2932 p = xdr_reserve_space(xdr, 4); 2933 if (!p) 2934 goto out_resource; 2935 *p++ = cpu_to_be32(acl->naces); 2936 2937 for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) { 2938 p = xdr_reserve_space(xdr, 4*3); 2939 if (!p) 2940 goto out_resource; 2941 *p++ = cpu_to_be32(ace->type); 2942 *p++ = cpu_to_be32(ace->flag); 2943 *p++ = cpu_to_be32(ace->access_mask & 2944 NFS4_ACE_MASK_ALL); 2945 status = nfsd4_encode_aclname(xdr, rqstp, ace); 2946 if (status) 2947 goto out; 2948 } 2949 } 2950out_acl: 2951 if (bmval0 & FATTR4_WORD0_ACLSUPPORT) { 2952 p = xdr_reserve_space(xdr, 4); 2953 if (!p) 2954 goto out_resource; 2955 *p++ = cpu_to_be32(IS_POSIXACL(dentry->d_inode) ? 2956 ACL4_SUPPORT_ALLOW_ACL|ACL4_SUPPORT_DENY_ACL : 0); 2957 } 2958 if (bmval0 & FATTR4_WORD0_CANSETTIME) { 2959 p = xdr_reserve_space(xdr, 4); 2960 if (!p) 2961 goto out_resource; 2962 *p++ = cpu_to_be32(1); 2963 } 2964 if (bmval0 & FATTR4_WORD0_CASE_INSENSITIVE) { 2965 p = xdr_reserve_space(xdr, 4); 2966 if (!p) 2967 goto out_resource; 2968 *p++ = cpu_to_be32(0); 2969 } 2970 if (bmval0 & FATTR4_WORD0_CASE_PRESERVING) { 2971 p = xdr_reserve_space(xdr, 4); 2972 if (!p) 2973 goto out_resource; 2974 *p++ = cpu_to_be32(1); 2975 } 2976 if (bmval0 & FATTR4_WORD0_CHOWN_RESTRICTED) { 2977 p = xdr_reserve_space(xdr, 4); 2978 if (!p) 2979 goto out_resource; 2980 *p++ = cpu_to_be32(1); 2981 } 2982 if (bmval0 & FATTR4_WORD0_FILEHANDLE) { 2983 p = xdr_reserve_space(xdr, fhp->fh_handle.fh_size + 4); 2984 if (!p) 2985 goto out_resource; 2986 p = xdr_encode_opaque(p, &fhp->fh_handle.fh_base, 2987 fhp->fh_handle.fh_size); 2988 } 2989 if (bmval0 & FATTR4_WORD0_FILEID) { 2990 p = xdr_reserve_space(xdr, 8); 2991 if (!p) 2992 goto out_resource; 2993 p = xdr_encode_hyper(p, stat.ino); 2994 } 2995 if (bmval0 & FATTR4_WORD0_FILES_AVAIL) { 2996 p = xdr_reserve_space(xdr, 8); 2997 if (!p) 2998 goto out_resource; 2999 p = xdr_encode_hyper(p, (u64) statfs.f_ffree); 3000 } 3001 if (bmval0 & FATTR4_WORD0_FILES_FREE) { 3002 p = xdr_reserve_space(xdr, 8); 3003 if (!p) 3004 goto out_resource; 3005 p = xdr_encode_hyper(p, (u64) statfs.f_ffree); 3006 } 3007 if (bmval0 & FATTR4_WORD0_FILES_TOTAL) { 3008 p = xdr_reserve_space(xdr, 8); 3009 if (!p) 3010 goto out_resource; 3011 p = xdr_encode_hyper(p, (u64) statfs.f_files); 3012 } 3013 if (bmval0 & FATTR4_WORD0_FS_LOCATIONS) { 3014 status = nfsd4_encode_fs_locations(xdr, rqstp, exp); 3015 if (status) 3016 goto out; 3017 } 3018 if (bmval0 & FATTR4_WORD0_HOMOGENEOUS) { 3019 p = xdr_reserve_space(xdr, 4); 3020 if (!p) 3021 goto out_resource; 3022 *p++ = cpu_to_be32(1); 3023 } 3024 if (bmval0 & FATTR4_WORD0_MAXFILESIZE) { 3025 p = xdr_reserve_space(xdr, 8); 3026 if (!p) 3027 goto out_resource; 3028 p = xdr_encode_hyper(p, exp->ex_path.mnt->mnt_sb->s_maxbytes); 3029 } 3030 if (bmval0 & FATTR4_WORD0_MAXLINK) { 3031 p = xdr_reserve_space(xdr, 4); 3032 if (!p) 3033 goto out_resource; 3034 *p++ = cpu_to_be32(255); 3035 } 3036 if (bmval0 & FATTR4_WORD0_MAXNAME) { 3037 p = xdr_reserve_space(xdr, 4); 3038 if (!p) 3039 goto out_resource; 3040 *p++ = cpu_to_be32(statfs.f_namelen); 3041 } 3042 if (bmval0 & FATTR4_WORD0_MAXREAD) { 3043 p = xdr_reserve_space(xdr, 8); 3044 if (!p) 3045 goto out_resource; 3046 p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp)); 3047 } 3048 if (bmval0 & FATTR4_WORD0_MAXWRITE) { 3049 p = xdr_reserve_space(xdr, 8); 3050 if (!p) 3051 goto out_resource; 3052 p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp)); 3053 } 3054 if (bmval1 & FATTR4_WORD1_MODE) { 3055 p = xdr_reserve_space(xdr, 4); 3056 if (!p) 3057 goto out_resource; 3058 *p++ = cpu_to_be32(stat.mode & S_IALLUGO); 3059 } 3060 if (bmval1 & FATTR4_WORD1_NO_TRUNC) { 3061 p = xdr_reserve_space(xdr, 4); 3062 if (!p) 3063 goto out_resource; 3064 *p++ = cpu_to_be32(1); 3065 } 3066 if (bmval1 & FATTR4_WORD1_NUMLINKS) { 3067 p = xdr_reserve_space(xdr, 4); 3068 if (!p) 3069 goto out_resource; 3070 *p++ = cpu_to_be32(stat.nlink); 3071 } 3072 if (bmval1 & FATTR4_WORD1_OWNER) { 3073 status = nfsd4_encode_user(xdr, rqstp, stat.uid); 3074 if (status) 3075 goto out; 3076 } 3077 if (bmval1 & FATTR4_WORD1_OWNER_GROUP) { 3078 status = nfsd4_encode_group(xdr, rqstp, stat.gid); 3079 if (status) 3080 goto out; 3081 } 3082 if (bmval1 & FATTR4_WORD1_RAWDEV) { 3083 p = xdr_reserve_space(xdr, 8); 3084 if (!p) 3085 goto out_resource; 3086 *p++ = cpu_to_be32((u32) MAJOR(stat.rdev)); 3087 *p++ = cpu_to_be32((u32) MINOR(stat.rdev)); 3088 } 3089 if (bmval1 & FATTR4_WORD1_SPACE_AVAIL) { 3090 p = xdr_reserve_space(xdr, 8); 3091 if (!p) 3092 goto out_resource; 3093 dummy64 = (u64)statfs.f_bavail * (u64)statfs.f_bsize; 3094 p = xdr_encode_hyper(p, dummy64); 3095 } 3096 if (bmval1 & FATTR4_WORD1_SPACE_FREE) { 3097 p = xdr_reserve_space(xdr, 8); 3098 if (!p) 3099 goto out_resource; 3100 dummy64 = (u64)statfs.f_bfree * (u64)statfs.f_bsize; 3101 p = xdr_encode_hyper(p, dummy64); 3102 } 3103 if (bmval1 & FATTR4_WORD1_SPACE_TOTAL) { 3104 p = xdr_reserve_space(xdr, 8); 3105 if (!p) 3106 goto out_resource; 3107 dummy64 = (u64)statfs.f_blocks * (u64)statfs.f_bsize; 3108 p = xdr_encode_hyper(p, dummy64); 3109 } 3110 if (bmval1 & FATTR4_WORD1_SPACE_USED) { 3111 p = xdr_reserve_space(xdr, 8); 3112 if (!p) 3113 goto out_resource; 3114 dummy64 = (u64)stat.blocks << 9; 3115 p = xdr_encode_hyper(p, dummy64); 3116 } 3117 if (bmval1 & FATTR4_WORD1_TIME_ACCESS) { 3118 p = xdr_reserve_space(xdr, 12); 3119 if (!p) 3120 goto out_resource; 3121 p = xdr_encode_hyper(p, (s64)stat.atime.tv_sec); 3122 *p++ = cpu_to_be32(stat.atime.tv_nsec); 3123 } 3124 if (bmval1 & FATTR4_WORD1_TIME_DELTA) { 3125 p = xdr_reserve_space(xdr, 12); 3126 if (!p) 3127 goto out_resource; 3128 p = encode_time_delta(p, d_inode(dentry)); 3129 } 3130 if (bmval1 & FATTR4_WORD1_TIME_METADATA) { 3131 p = xdr_reserve_space(xdr, 12); 3132 if (!p) 3133 goto out_resource; 3134 p = xdr_encode_hyper(p, (s64)stat.ctime.tv_sec); 3135 *p++ = cpu_to_be32(stat.ctime.tv_nsec); 3136 } 3137 if (bmval1 & FATTR4_WORD1_TIME_MODIFY) { 3138 p = xdr_reserve_space(xdr, 12); 3139 if (!p) 3140 goto out_resource; 3141 p = xdr_encode_hyper(p, (s64)stat.mtime.tv_sec); 3142 *p++ = cpu_to_be32(stat.mtime.tv_nsec); 3143 } 3144 if (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) { 3145 struct kstat parent_stat; 3146 u64 ino = stat.ino; 3147 3148 p = xdr_reserve_space(xdr, 8); 3149 if (!p) 3150 goto out_resource; 3151 /* 3152 * Get parent's attributes if not ignoring crossmount 3153 * and this is the root of a cross-mounted filesystem. 3154 */ 3155 if (ignore_crossmnt == 0 && 3156 dentry == exp->ex_path.mnt->mnt_root) { 3157 err = get_parent_attributes(exp, &parent_stat); 3158 if (err) 3159 goto out_nfserr; 3160 ino = parent_stat.ino; 3161 } 3162 p = xdr_encode_hyper(p, ino); 3163 } 3164#ifdef CONFIG_NFSD_PNFS 3165 if (bmval1 & FATTR4_WORD1_FS_LAYOUT_TYPES) { 3166 status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types); 3167 if (status) 3168 goto out; 3169 } 3170 3171 if (bmval2 & FATTR4_WORD2_LAYOUT_TYPES) { 3172 status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types); 3173 if (status) 3174 goto out; 3175 } 3176 3177 if (bmval2 & FATTR4_WORD2_LAYOUT_BLKSIZE) { 3178 p = xdr_reserve_space(xdr, 4); 3179 if (!p) 3180 goto out_resource; 3181 *p++ = cpu_to_be32(stat.blksize); 3182 } 3183#endif /* CONFIG_NFSD_PNFS */ 3184 if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) { 3185 u32 supp[3]; 3186 3187 memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp)); 3188 supp[0] &= NFSD_SUPPATTR_EXCLCREAT_WORD0; 3189 supp[1] &= NFSD_SUPPATTR_EXCLCREAT_WORD1; 3190 supp[2] &= NFSD_SUPPATTR_EXCLCREAT_WORD2; 3191 3192 status = nfsd4_encode_bitmap(xdr, supp[0], supp[1], supp[2]); 3193 if (status) 3194 goto out; 3195 } 3196 3197 if (bmval2 & FATTR4_WORD2_CHANGE_ATTR_TYPE) { 3198 p = xdr_reserve_space(xdr, 4); 3199 if (!p) 3200 goto out_resource; 3201 if (IS_I_VERSION(d_inode(dentry))) 3202 *p++ = cpu_to_be32(NFS4_CHANGE_TYPE_IS_MONOTONIC_INCR); 3203 else 3204 *p++ = cpu_to_be32(NFS4_CHANGE_TYPE_IS_TIME_METADATA); 3205 } 3206 3207#ifdef CONFIG_NFSD_V4_SECURITY_LABEL 3208 if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) { 3209 status = nfsd4_encode_security_label(xdr, rqstp, context, 3210 contextlen); 3211 if (status) 3212 goto out; 3213 } 3214#endif 3215 3216 if (bmval2 & FATTR4_WORD2_XATTR_SUPPORT) { 3217 p = xdr_reserve_space(xdr, 4); 3218 if (!p) 3219 goto out_resource; 3220 err = xattr_supported_namespace(d_inode(dentry), 3221 XATTR_USER_PREFIX); 3222 *p++ = cpu_to_be32(err == 0); 3223 } 3224 3225 attrlen = htonl(xdr->buf->len - attrlen_offset - 4); 3226 write_bytes_to_xdr_buf(xdr->buf, attrlen_offset, &attrlen, 4); 3227 status = nfs_ok; 3228 3229out: 3230#ifdef CONFIG_NFSD_V4_SECURITY_LABEL 3231 if (context) 3232 security_release_secctx(context, contextlen); 3233#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ 3234 kfree(acl); 3235 if (tempfh) { 3236 fh_put(tempfh); 3237 kfree(tempfh); 3238 } 3239 if (status) 3240 xdr_truncate_encode(xdr, starting_len); 3241 return status; 3242out_nfserr: 3243 status = nfserrno(err); 3244 goto out; 3245out_resource: 3246 status = nfserr_resource; 3247 goto out; 3248} 3249 3250static void svcxdr_init_encode_from_buffer(struct xdr_stream *xdr, 3251 struct xdr_buf *buf, __be32 *p, int bytes) 3252{ 3253 xdr->scratch.iov_len = 0; 3254 memset(buf, 0, sizeof(struct xdr_buf)); 3255 buf->head[0].iov_base = p; 3256 buf->head[0].iov_len = 0; 3257 buf->len = 0; 3258 xdr->buf = buf; 3259 xdr->iov = buf->head; 3260 xdr->p = p; 3261 xdr->end = (void *)p + bytes; 3262 buf->buflen = bytes; 3263} 3264 3265__be32 nfsd4_encode_fattr_to_buf(__be32 **p, int words, 3266 struct svc_fh *fhp, struct svc_export *exp, 3267 struct dentry *dentry, u32 *bmval, 3268 struct svc_rqst *rqstp, int ignore_crossmnt) 3269{ 3270 struct xdr_buf dummy; 3271 struct xdr_stream xdr; 3272 __be32 ret; 3273 3274 svcxdr_init_encode_from_buffer(&xdr, &dummy, *p, words << 2); 3275 ret = nfsd4_encode_fattr(&xdr, fhp, exp, dentry, bmval, rqstp, 3276 ignore_crossmnt); 3277 *p = xdr.p; 3278 return ret; 3279} 3280 3281static inline int attributes_need_mount(u32 *bmval) 3282{ 3283 if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME)) 3284 return 1; 3285 if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID) 3286 return 1; 3287 return 0; 3288} 3289 3290static __be32 3291nfsd4_encode_dirent_fattr(struct xdr_stream *xdr, struct nfsd4_readdir *cd, 3292 const char *name, int namlen) 3293{ 3294 struct svc_export *exp = cd->rd_fhp->fh_export; 3295 struct dentry *dentry; 3296 __be32 nfserr; 3297 int ignore_crossmnt = 0; 3298 3299 dentry = lookup_positive_unlocked(name, cd->rd_fhp->fh_dentry, namlen); 3300 if (IS_ERR(dentry)) 3301 return nfserrno(PTR_ERR(dentry)); 3302 3303 exp_get(exp); 3304 /* 3305 * In the case of a mountpoint, the client may be asking for 3306 * attributes that are only properties of the underlying filesystem 3307 * as opposed to the cross-mounted file system. In such a case, 3308 * we will not follow the cross mount and will fill the attribtutes 3309 * directly from the mountpoint dentry. 3310 */ 3311 if (nfsd_mountpoint(dentry, exp)) { 3312 int err; 3313 3314 if (!(exp->ex_flags & NFSEXP_V4ROOT) 3315 && !attributes_need_mount(cd->rd_bmval)) { 3316 ignore_crossmnt = 1; 3317 goto out_encode; 3318 } 3319 /* 3320 * Why the heck aren't we just using nfsd_lookup?? 3321 * Different "."/".." handling? Something else? 3322 * At least, add a comment here to explain.... 3323 */ 3324 err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp); 3325 if (err) { 3326 nfserr = nfserrno(err); 3327 goto out_put; 3328 } 3329 nfserr = check_nfsd_access(exp, cd->rd_rqstp); 3330 if (nfserr) 3331 goto out_put; 3332 3333 } 3334out_encode: 3335 nfserr = nfsd4_encode_fattr(xdr, NULL, exp, dentry, cd->rd_bmval, 3336 cd->rd_rqstp, ignore_crossmnt); 3337out_put: 3338 dput(dentry); 3339 exp_put(exp); 3340 return nfserr; 3341} 3342 3343static __be32 * 3344nfsd4_encode_rdattr_error(struct xdr_stream *xdr, __be32 nfserr) 3345{ 3346 __be32 *p; 3347 3348 p = xdr_reserve_space(xdr, 20); 3349 if (!p) 3350 return NULL; 3351 *p++ = htonl(2); 3352 *p++ = htonl(FATTR4_WORD0_RDATTR_ERROR); /* bmval0 */ 3353 *p++ = htonl(0); /* bmval1 */ 3354 3355 *p++ = htonl(4); /* attribute length */ 3356 *p++ = nfserr; /* no htonl */ 3357 return p; 3358} 3359 3360static int 3361nfsd4_encode_dirent(void *ccdv, const char *name, int namlen, 3362 loff_t offset, u64 ino, unsigned int d_type) 3363{ 3364 struct readdir_cd *ccd = ccdv; 3365 struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common); 3366 struct xdr_stream *xdr = cd->xdr; 3367 int start_offset = xdr->buf->len; 3368 int cookie_offset; 3369 u32 name_and_cookie; 3370 int entry_bytes; 3371 __be32 nfserr = nfserr_toosmall; 3372 __be64 wire_offset; 3373 __be32 *p; 3374 3375 /* In nfsv4, "." and ".." never make it onto the wire.. */ 3376 if (name && isdotent(name, namlen)) { 3377 cd->common.err = nfs_ok; 3378 return 0; 3379 } 3380 3381 if (cd->cookie_offset) { 3382 wire_offset = cpu_to_be64(offset); 3383 write_bytes_to_xdr_buf(xdr->buf, cd->cookie_offset, 3384 &wire_offset, 8); 3385 } 3386 3387 p = xdr_reserve_space(xdr, 4); 3388 if (!p) 3389 goto fail; 3390 *p++ = xdr_one; /* mark entry present */ 3391 cookie_offset = xdr->buf->len; 3392 p = xdr_reserve_space(xdr, 3*4 + namlen); 3393 if (!p) 3394 goto fail; 3395 p = xdr_encode_hyper(p, NFS_OFFSET_MAX); /* offset of next entry */ 3396 p = xdr_encode_array(p, name, namlen); /* name length & name */ 3397 3398 nfserr = nfsd4_encode_dirent_fattr(xdr, cd, name, namlen); 3399 switch (nfserr) { 3400 case nfs_ok: 3401 break; 3402 case nfserr_resource: 3403 nfserr = nfserr_toosmall; 3404 goto fail; 3405 case nfserr_noent: 3406 xdr_truncate_encode(xdr, start_offset); 3407 goto skip_entry; 3408 case nfserr_jukebox: 3409 /* 3410 * The pseudoroot should only display dentries that lead to 3411 * exports. If we get EJUKEBOX here, then we can't tell whether 3412 * this entry should be included. Just fail the whole READDIR 3413 * with NFS4ERR_DELAY in that case, and hope that the situation 3414 * will resolve itself by the client's next attempt. 3415 */ 3416 if (cd->rd_fhp->fh_export->ex_flags & NFSEXP_V4ROOT) 3417 goto fail; 3418 fallthrough; 3419 default: 3420 /* 3421 * If the client requested the RDATTR_ERROR attribute, 3422 * we stuff the error code into this attribute 3423 * and continue. If this attribute was not requested, 3424 * then in accordance with the spec, we fail the 3425 * entire READDIR operation(!) 3426 */ 3427 if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR)) 3428 goto fail; 3429 p = nfsd4_encode_rdattr_error(xdr, nfserr); 3430 if (p == NULL) { 3431 nfserr = nfserr_toosmall; 3432 goto fail; 3433 } 3434 } 3435 nfserr = nfserr_toosmall; 3436 entry_bytes = xdr->buf->len - start_offset; 3437 if (entry_bytes > cd->rd_maxcount) 3438 goto fail; 3439 cd->rd_maxcount -= entry_bytes; 3440 /* 3441 * RFC 3530 14.2.24 describes rd_dircount as only a "hint", and 3442 * notes that it could be zero. If it is zero, then the server 3443 * should enforce only the rd_maxcount value. 3444 */ 3445 if (cd->rd_dircount) { 3446 name_and_cookie = 4 + 4 * XDR_QUADLEN(namlen) + 8; 3447 if (name_and_cookie > cd->rd_dircount && cd->cookie_offset) 3448 goto fail; 3449 cd->rd_dircount -= min(cd->rd_dircount, name_and_cookie); 3450 if (!cd->rd_dircount) 3451 cd->rd_maxcount = 0; 3452 } 3453 3454 cd->cookie_offset = cookie_offset; 3455skip_entry: 3456 cd->common.err = nfs_ok; 3457 return 0; 3458fail: 3459 xdr_truncate_encode(xdr, start_offset); 3460 cd->common.err = nfserr; 3461 return -EINVAL; 3462} 3463 3464static __be32 3465nfsd4_encode_stateid(struct xdr_stream *xdr, stateid_t *sid) 3466{ 3467 __be32 *p; 3468 3469 p = xdr_reserve_space(xdr, sizeof(stateid_t)); 3470 if (!p) 3471 return nfserr_resource; 3472 *p++ = cpu_to_be32(sid->si_generation); 3473 p = xdr_encode_opaque_fixed(p, &sid->si_opaque, 3474 sizeof(stateid_opaque_t)); 3475 return 0; 3476} 3477 3478static __be32 3479nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_access *access) 3480{ 3481 struct xdr_stream *xdr = &resp->xdr; 3482 __be32 *p; 3483 3484 p = xdr_reserve_space(xdr, 8); 3485 if (!p) 3486 return nfserr_resource; 3487 *p++ = cpu_to_be32(access->ac_supported); 3488 *p++ = cpu_to_be32(access->ac_resp_access); 3489 return 0; 3490} 3491 3492static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_bind_conn_to_session *bcts) 3493{ 3494 struct xdr_stream *xdr = &resp->xdr; 3495 __be32 *p; 3496 3497 p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 8); 3498 if (!p) 3499 return nfserr_resource; 3500 p = xdr_encode_opaque_fixed(p, bcts->sessionid.data, 3501 NFS4_MAX_SESSIONID_LEN); 3502 *p++ = cpu_to_be32(bcts->dir); 3503 /* Upshifting from TCP to RDMA is not supported */ 3504 *p++ = cpu_to_be32(0); 3505 return 0; 3506} 3507 3508static __be32 3509nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_close *close) 3510{ 3511 struct xdr_stream *xdr = &resp->xdr; 3512 3513 return nfsd4_encode_stateid(xdr, &close->cl_stateid); 3514} 3515 3516 3517static __be32 3518nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_commit *commit) 3519{ 3520 struct xdr_stream *xdr = &resp->xdr; 3521 __be32 *p; 3522 3523 p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE); 3524 if (!p) 3525 return nfserr_resource; 3526 p = xdr_encode_opaque_fixed(p, commit->co_verf.data, 3527 NFS4_VERIFIER_SIZE); 3528 return 0; 3529} 3530 3531static __be32 3532nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_create *create) 3533{ 3534 struct xdr_stream *xdr = &resp->xdr; 3535 __be32 *p; 3536 3537 p = xdr_reserve_space(xdr, 20); 3538 if (!p) 3539 return nfserr_resource; 3540 encode_cinfo(p, &create->cr_cinfo); 3541 return nfsd4_encode_bitmap(xdr, create->cr_bmval[0], 3542 create->cr_bmval[1], create->cr_bmval[2]); 3543} 3544 3545static __be32 3546nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_getattr *getattr) 3547{ 3548 struct svc_fh *fhp = getattr->ga_fhp; 3549 struct xdr_stream *xdr = &resp->xdr; 3550 3551 return nfsd4_encode_fattr(xdr, fhp, fhp->fh_export, fhp->fh_dentry, 3552 getattr->ga_bmval, resp->rqstp, 0); 3553} 3554 3555static __be32 3556nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr, struct svc_fh **fhpp) 3557{ 3558 struct xdr_stream *xdr = &resp->xdr; 3559 struct svc_fh *fhp = *fhpp; 3560 unsigned int len; 3561 __be32 *p; 3562 3563 len = fhp->fh_handle.fh_size; 3564 p = xdr_reserve_space(xdr, len + 4); 3565 if (!p) 3566 return nfserr_resource; 3567 p = xdr_encode_opaque(p, &fhp->fh_handle.fh_base, len); 3568 return 0; 3569} 3570 3571/* 3572* Including all fields other than the name, a LOCK4denied structure requires 3573* 8(clientid) + 4(namelen) + 8(offset) + 8(length) + 4(type) = 32 bytes. 3574*/ 3575static __be32 3576nfsd4_encode_lock_denied(struct xdr_stream *xdr, struct nfsd4_lock_denied *ld) 3577{ 3578 struct xdr_netobj *conf = &ld->ld_owner; 3579 __be32 *p; 3580 3581again: 3582 p = xdr_reserve_space(xdr, 32 + XDR_LEN(conf->len)); 3583 if (!p) { 3584 /* 3585 * Don't fail to return the result just because we can't 3586 * return the conflicting open: 3587 */ 3588 if (conf->len) { 3589 kfree(conf->data); 3590 conf->len = 0; 3591 conf->data = NULL; 3592 goto again; 3593 } 3594 return nfserr_resource; 3595 } 3596 p = xdr_encode_hyper(p, ld->ld_start); 3597 p = xdr_encode_hyper(p, ld->ld_length); 3598 *p++ = cpu_to_be32(ld->ld_type); 3599 if (conf->len) { 3600 p = xdr_encode_opaque_fixed(p, &ld->ld_clientid, 8); 3601 p = xdr_encode_opaque(p, conf->data, conf->len); 3602 kfree(conf->data); 3603 } else { /* non - nfsv4 lock in conflict, no clientid nor owner */ 3604 p = xdr_encode_hyper(p, (u64)0); /* clientid */ 3605 *p++ = cpu_to_be32(0); /* length of owner name */ 3606 } 3607 return nfserr_denied; 3608} 3609 3610static __be32 3611nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lock *lock) 3612{ 3613 struct xdr_stream *xdr = &resp->xdr; 3614 3615 if (!nfserr) 3616 nfserr = nfsd4_encode_stateid(xdr, &lock->lk_resp_stateid); 3617 else if (nfserr == nfserr_denied) 3618 nfserr = nfsd4_encode_lock_denied(xdr, &lock->lk_denied); 3619 3620 return nfserr; 3621} 3622 3623static __be32 3624nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lockt *lockt) 3625{ 3626 struct xdr_stream *xdr = &resp->xdr; 3627 3628 if (nfserr == nfserr_denied) 3629 nfsd4_encode_lock_denied(xdr, &lockt->lt_denied); 3630 return nfserr; 3631} 3632 3633static __be32 3634nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_locku *locku) 3635{ 3636 struct xdr_stream *xdr = &resp->xdr; 3637 3638 return nfsd4_encode_stateid(xdr, &locku->lu_stateid); 3639} 3640 3641 3642static __be32 3643nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_link *link) 3644{ 3645 struct xdr_stream *xdr = &resp->xdr; 3646 __be32 *p; 3647 3648 p = xdr_reserve_space(xdr, 20); 3649 if (!p) 3650 return nfserr_resource; 3651 p = encode_cinfo(p, &link->li_cinfo); 3652 return 0; 3653} 3654 3655 3656static __be32 3657nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open *open) 3658{ 3659 struct xdr_stream *xdr = &resp->xdr; 3660 __be32 *p; 3661 3662 nfserr = nfsd4_encode_stateid(xdr, &open->op_stateid); 3663 if (nfserr) 3664 return nfserr; 3665 p = xdr_reserve_space(xdr, 24); 3666 if (!p) 3667 return nfserr_resource; 3668 p = encode_cinfo(p, &open->op_cinfo); 3669 *p++ = cpu_to_be32(open->op_rflags); 3670 3671 nfserr = nfsd4_encode_bitmap(xdr, open->op_bmval[0], open->op_bmval[1], 3672 open->op_bmval[2]); 3673 if (nfserr) 3674 return nfserr; 3675 3676 p = xdr_reserve_space(xdr, 4); 3677 if (!p) 3678 return nfserr_resource; 3679 3680 *p++ = cpu_to_be32(open->op_delegate_type); 3681 switch (open->op_delegate_type) { 3682 case NFS4_OPEN_DELEGATE_NONE: 3683 break; 3684 case NFS4_OPEN_DELEGATE_READ: 3685 nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid); 3686 if (nfserr) 3687 return nfserr; 3688 p = xdr_reserve_space(xdr, 20); 3689 if (!p) 3690 return nfserr_resource; 3691 *p++ = cpu_to_be32(open->op_recall); 3692 3693 /* 3694 * TODO: ACE's in delegations 3695 */ 3696 *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE); 3697 *p++ = cpu_to_be32(0); 3698 *p++ = cpu_to_be32(0); 3699 *p++ = cpu_to_be32(0); /* XXX: is NULL principal ok? */ 3700 break; 3701 case NFS4_OPEN_DELEGATE_WRITE: 3702 nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid); 3703 if (nfserr) 3704 return nfserr; 3705 p = xdr_reserve_space(xdr, 32); 3706 if (!p) 3707 return nfserr_resource; 3708 *p++ = cpu_to_be32(open->op_recall); 3709 3710 /* 3711 * TODO: space_limit's in delegations 3712 */ 3713 *p++ = cpu_to_be32(NFS4_LIMIT_SIZE); 3714 *p++ = cpu_to_be32(~(u32)0); 3715 *p++ = cpu_to_be32(~(u32)0); 3716 3717 /* 3718 * TODO: ACE's in delegations 3719 */ 3720 *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE); 3721 *p++ = cpu_to_be32(0); 3722 *p++ = cpu_to_be32(0); 3723 *p++ = cpu_to_be32(0); /* XXX: is NULL principal ok? */ 3724 break; 3725 case NFS4_OPEN_DELEGATE_NONE_EXT: /* 4.1 */ 3726 switch (open->op_why_no_deleg) { 3727 case WND4_CONTENTION: 3728 case WND4_RESOURCE: 3729 p = xdr_reserve_space(xdr, 8); 3730 if (!p) 3731 return nfserr_resource; 3732 *p++ = cpu_to_be32(open->op_why_no_deleg); 3733 /* deleg signaling not supported yet: */ 3734 *p++ = cpu_to_be32(0); 3735 break; 3736 default: 3737 p = xdr_reserve_space(xdr, 4); 3738 if (!p) 3739 return nfserr_resource; 3740 *p++ = cpu_to_be32(open->op_why_no_deleg); 3741 } 3742 break; 3743 default: 3744 BUG(); 3745 } 3746 /* XXX save filehandle here */ 3747 return 0; 3748} 3749 3750static __be32 3751nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_confirm *oc) 3752{ 3753 struct xdr_stream *xdr = &resp->xdr; 3754 3755 return nfsd4_encode_stateid(xdr, &oc->oc_resp_stateid); 3756} 3757 3758static __be32 3759nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_downgrade *od) 3760{ 3761 struct xdr_stream *xdr = &resp->xdr; 3762 3763 return nfsd4_encode_stateid(xdr, &od->od_stateid); 3764} 3765 3766static __be32 nfsd4_encode_splice_read( 3767 struct nfsd4_compoundres *resp, 3768 struct nfsd4_read *read, 3769 struct file *file, unsigned long maxcount) 3770{ 3771 struct xdr_stream *xdr = &resp->xdr; 3772 struct xdr_buf *buf = xdr->buf; 3773 u32 eof; 3774 int space_left; 3775 __be32 nfserr; 3776 __be32 *p = xdr->p - 2; 3777 3778 /* Make sure there will be room for padding if needed */ 3779 if (xdr->end - xdr->p < 1) 3780 return nfserr_resource; 3781 3782 nfserr = nfsd_splice_read(read->rd_rqstp, read->rd_fhp, 3783 file, read->rd_offset, &maxcount, &eof); 3784 read->rd_length = maxcount; 3785 if (nfserr) { 3786 /* 3787 * nfsd_splice_actor may have already messed with the 3788 * page length; reset it so as not to confuse 3789 * xdr_truncate_encode: 3790 */ 3791 buf->page_len = 0; 3792 return nfserr; 3793 } 3794 3795 *(p++) = htonl(eof); 3796 *(p++) = htonl(maxcount); 3797 3798 buf->page_len = maxcount; 3799 buf->len += maxcount; 3800 xdr->page_ptr += (buf->page_base + maxcount + PAGE_SIZE - 1) 3801 / PAGE_SIZE; 3802 3803 /* Use rest of head for padding and remaining ops: */ 3804 buf->tail[0].iov_base = xdr->p; 3805 buf->tail[0].iov_len = 0; 3806 xdr->iov = buf->tail; 3807 if (maxcount&3) { 3808 int pad = 4 - (maxcount&3); 3809 3810 *(xdr->p++) = 0; 3811 3812 buf->tail[0].iov_base += maxcount&3; 3813 buf->tail[0].iov_len = pad; 3814 buf->len += pad; 3815 } 3816 3817 space_left = min_t(int, (void *)xdr->end - (void *)xdr->p, 3818 buf->buflen - buf->len); 3819 buf->buflen = buf->len + space_left; 3820 xdr->end = (__be32 *)((void *)xdr->end + space_left); 3821 3822 return 0; 3823} 3824 3825static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp, 3826 struct nfsd4_read *read, 3827 struct file *file, unsigned long maxcount) 3828{ 3829 struct xdr_stream *xdr = &resp->xdr; 3830 u32 eof; 3831 int starting_len = xdr->buf->len - 8; 3832 __be32 nfserr; 3833 __be32 tmp; 3834 int pad; 3835 3836 read->rd_vlen = xdr_reserve_space_vec(xdr, resp->rqstp->rq_vec, maxcount); 3837 if (read->rd_vlen < 0) 3838 return nfserr_resource; 3839 3840 nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset, 3841 resp->rqstp->rq_vec, read->rd_vlen, &maxcount, 3842 &eof); 3843 read->rd_length = maxcount; 3844 if (nfserr) 3845 return nfserr; 3846 if (svc_encode_read_payload(resp->rqstp, starting_len + 8, maxcount)) 3847 return nfserr_io; 3848 xdr_truncate_encode(xdr, starting_len + 8 + xdr_align_size(maxcount)); 3849 3850 tmp = htonl(eof); 3851 write_bytes_to_xdr_buf(xdr->buf, starting_len , &tmp, 4); 3852 tmp = htonl(maxcount); 3853 write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4); 3854 3855 tmp = xdr_zero; 3856 pad = (maxcount&3) ? 4 - (maxcount&3) : 0; 3857 write_bytes_to_xdr_buf(xdr->buf, starting_len + 8 + maxcount, 3858 &tmp, pad); 3859 return 0; 3860 3861} 3862 3863static __be32 3864nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr, 3865 struct nfsd4_read *read) 3866{ 3867 unsigned long maxcount; 3868 struct xdr_stream *xdr = &resp->xdr; 3869 struct file *file; 3870 int starting_len = xdr->buf->len; 3871 __be32 *p; 3872 3873 if (nfserr) 3874 return nfserr; 3875 file = read->rd_nf->nf_file; 3876 3877 p = xdr_reserve_space(xdr, 8); /* eof flag and byte count */ 3878 if (!p) { 3879 WARN_ON_ONCE(test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags)); 3880 return nfserr_resource; 3881 } 3882 if (resp->xdr.buf->page_len && 3883 test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags)) { 3884 WARN_ON_ONCE(1); 3885 return nfserr_serverfault; 3886 } 3887 xdr_commit_encode(xdr); 3888 3889 maxcount = svc_max_payload(resp->rqstp); 3890 maxcount = min_t(unsigned long, maxcount, 3891 (xdr->buf->buflen - xdr->buf->len)); 3892 maxcount = min_t(unsigned long, maxcount, read->rd_length); 3893 3894 if (file->f_op->splice_read && 3895 test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags)) 3896 nfserr = nfsd4_encode_splice_read(resp, read, file, maxcount); 3897 else 3898 nfserr = nfsd4_encode_readv(resp, read, file, maxcount); 3899 3900 if (nfserr) 3901 xdr_truncate_encode(xdr, starting_len); 3902 3903 return nfserr; 3904} 3905 3906static __be32 3907nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readlink *readlink) 3908{ 3909 int maxcount; 3910 __be32 wire_count; 3911 int zero = 0; 3912 struct xdr_stream *xdr = &resp->xdr; 3913 int length_offset = xdr->buf->len; 3914 __be32 *p; 3915 3916 p = xdr_reserve_space(xdr, 4); 3917 if (!p) 3918 return nfserr_resource; 3919 maxcount = PAGE_SIZE; 3920 3921 p = xdr_reserve_space(xdr, maxcount); 3922 if (!p) 3923 return nfserr_resource; 3924 /* 3925 * XXX: By default, vfs_readlink() will truncate symlinks if they 3926 * would overflow the buffer. Is this kosher in NFSv4? If not, one 3927 * easy fix is: if vfs_readlink() precisely fills the buffer, assume 3928 * that truncation occurred, and return NFS4ERR_RESOURCE. 3929 */ 3930 nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp, 3931 (char *)p, &maxcount); 3932 if (nfserr == nfserr_isdir) 3933 nfserr = nfserr_inval; 3934 if (nfserr) { 3935 xdr_truncate_encode(xdr, length_offset); 3936 return nfserr; 3937 } 3938 3939 wire_count = htonl(maxcount); 3940 write_bytes_to_xdr_buf(xdr->buf, length_offset, &wire_count, 4); 3941 xdr_truncate_encode(xdr, length_offset + 4 + ALIGN(maxcount, 4)); 3942 if (maxcount & 3) 3943 write_bytes_to_xdr_buf(xdr->buf, length_offset + 4 + maxcount, 3944 &zero, 4 - (maxcount&3)); 3945 return 0; 3946} 3947 3948static __be32 3949nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readdir *readdir) 3950{ 3951 int maxcount; 3952 int bytes_left; 3953 loff_t offset; 3954 __be64 wire_offset; 3955 struct xdr_stream *xdr = &resp->xdr; 3956 int starting_len = xdr->buf->len; 3957 __be32 *p; 3958 3959 p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE); 3960 if (!p) 3961 return nfserr_resource; 3962 3963 /* XXX: Following NFSv3, we ignore the READDIR verifier for now. */ 3964 *p++ = cpu_to_be32(0); 3965 *p++ = cpu_to_be32(0); 3966 resp->xdr.buf->head[0].iov_len = ((char *)resp->xdr.p) 3967 - (char *)resp->xdr.buf->head[0].iov_base; 3968 3969 /* 3970 * Number of bytes left for directory entries allowing for the 3971 * final 8 bytes of the readdir and a following failed op: 3972 */ 3973 bytes_left = xdr->buf->buflen - xdr->buf->len 3974 - COMPOUND_ERR_SLACK_SPACE - 8; 3975 if (bytes_left < 0) { 3976 nfserr = nfserr_resource; 3977 goto err_no_verf; 3978 } 3979 maxcount = svc_max_payload(resp->rqstp); 3980 maxcount = min_t(u32, readdir->rd_maxcount, maxcount); 3981 /* 3982 * Note the rfc defines rd_maxcount as the size of the 3983 * READDIR4resok structure, which includes the verifier above 3984 * and the 8 bytes encoded at the end of this function: 3985 */ 3986 if (maxcount < 16) { 3987 nfserr = nfserr_toosmall; 3988 goto err_no_verf; 3989 } 3990 maxcount = min_t(int, maxcount-16, bytes_left); 3991 3992 /* RFC 3530 14.2.24 allows us to ignore dircount when it's 0: */ 3993 if (!readdir->rd_dircount) 3994 readdir->rd_dircount = svc_max_payload(resp->rqstp); 3995 3996 readdir->xdr = xdr; 3997 readdir->rd_maxcount = maxcount; 3998 readdir->common.err = 0; 3999 readdir->cookie_offset = 0; 4000 4001 offset = readdir->rd_cookie; 4002 nfserr = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp, 4003 &offset, 4004 &readdir->common, nfsd4_encode_dirent); 4005 if (nfserr == nfs_ok && 4006 readdir->common.err == nfserr_toosmall && 4007 xdr->buf->len == starting_len + 8) { 4008 /* nothing encoded; which limit did we hit?: */ 4009 if (maxcount - 16 < bytes_left) 4010 /* It was the fault of rd_maxcount: */ 4011 nfserr = nfserr_toosmall; 4012 else 4013 /* We ran out of buffer space: */ 4014 nfserr = nfserr_resource; 4015 } 4016 if (nfserr) 4017 goto err_no_verf; 4018 4019 if (readdir->cookie_offset) { 4020 wire_offset = cpu_to_be64(offset); 4021 write_bytes_to_xdr_buf(xdr->buf, readdir->cookie_offset, 4022 &wire_offset, 8); 4023 } 4024 4025 p = xdr_reserve_space(xdr, 8); 4026 if (!p) { 4027 WARN_ON_ONCE(1); 4028 goto err_no_verf; 4029 } 4030 *p++ = 0; /* no more entries */ 4031 *p++ = htonl(readdir->common.err == nfserr_eof); 4032 4033 return 0; 4034err_no_verf: 4035 xdr_truncate_encode(xdr, starting_len); 4036 return nfserr; 4037} 4038 4039static __be32 4040nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_remove *remove) 4041{ 4042 struct xdr_stream *xdr = &resp->xdr; 4043 __be32 *p; 4044 4045 p = xdr_reserve_space(xdr, 20); 4046 if (!p) 4047 return nfserr_resource; 4048 p = encode_cinfo(p, &remove->rm_cinfo); 4049 return 0; 4050} 4051 4052static __be32 4053nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_rename *rename) 4054{ 4055 struct xdr_stream *xdr = &resp->xdr; 4056 __be32 *p; 4057 4058 p = xdr_reserve_space(xdr, 40); 4059 if (!p) 4060 return nfserr_resource; 4061 p = encode_cinfo(p, &rename->rn_sinfo); 4062 p = encode_cinfo(p, &rename->rn_tinfo); 4063 return 0; 4064} 4065 4066static __be32 4067nfsd4_do_encode_secinfo(struct xdr_stream *xdr, struct svc_export *exp) 4068{ 4069 u32 i, nflavs, supported; 4070 struct exp_flavor_info *flavs; 4071 struct exp_flavor_info def_flavs[2]; 4072 __be32 *p, *flavorsp; 4073 static bool report = true; 4074 4075 if (exp->ex_nflavors) { 4076 flavs = exp->ex_flavors; 4077 nflavs = exp->ex_nflavors; 4078 } else { /* Handling of some defaults in absence of real secinfo: */ 4079 flavs = def_flavs; 4080 if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) { 4081 nflavs = 2; 4082 flavs[0].pseudoflavor = RPC_AUTH_UNIX; 4083 flavs[1].pseudoflavor = RPC_AUTH_NULL; 4084 } else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) { 4085 nflavs = 1; 4086 flavs[0].pseudoflavor 4087 = svcauth_gss_flavor(exp->ex_client); 4088 } else { 4089 nflavs = 1; 4090 flavs[0].pseudoflavor 4091 = exp->ex_client->flavour->flavour; 4092 } 4093 } 4094 4095 supported = 0; 4096 p = xdr_reserve_space(xdr, 4); 4097 if (!p) 4098 return nfserr_resource; 4099 flavorsp = p++; /* to be backfilled later */ 4100 4101 for (i = 0; i < nflavs; i++) { 4102 rpc_authflavor_t pf = flavs[i].pseudoflavor; 4103 struct rpcsec_gss_info info; 4104 4105 if (rpcauth_get_gssinfo(pf, &info) == 0) { 4106 supported++; 4107 p = xdr_reserve_space(xdr, 4 + 4 + 4108 XDR_LEN(info.oid.len) + 4 + 4); 4109 if (!p) 4110 return nfserr_resource; 4111 *p++ = cpu_to_be32(RPC_AUTH_GSS); 4112 p = xdr_encode_opaque(p, info.oid.data, info.oid.len); 4113 *p++ = cpu_to_be32(info.qop); 4114 *p++ = cpu_to_be32(info.service); 4115 } else if (pf < RPC_AUTH_MAXFLAVOR) { 4116 supported++; 4117 p = xdr_reserve_space(xdr, 4); 4118 if (!p) 4119 return nfserr_resource; 4120 *p++ = cpu_to_be32(pf); 4121 } else { 4122 if (report) 4123 pr_warn("NFS: SECINFO: security flavor %u " 4124 "is not supported\n", pf); 4125 } 4126 } 4127 4128 if (nflavs != supported) 4129 report = false; 4130 *flavorsp = htonl(supported); 4131 return 0; 4132} 4133 4134static __be32 4135nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr, 4136 struct nfsd4_secinfo *secinfo) 4137{ 4138 struct xdr_stream *xdr = &resp->xdr; 4139 4140 return nfsd4_do_encode_secinfo(xdr, secinfo->si_exp); 4141} 4142 4143static __be32 4144nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr, 4145 struct nfsd4_secinfo_no_name *secinfo) 4146{ 4147 struct xdr_stream *xdr = &resp->xdr; 4148 4149 return nfsd4_do_encode_secinfo(xdr, secinfo->sin_exp); 4150} 4151 4152/* 4153 * The SETATTR encode routine is special -- it always encodes a bitmap, 4154 * regardless of the error status. 4155 */ 4156static __be32 4157nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setattr *setattr) 4158{ 4159 struct xdr_stream *xdr = &resp->xdr; 4160 __be32 *p; 4161 4162 p = xdr_reserve_space(xdr, 16); 4163 if (!p) 4164 return nfserr_resource; 4165 if (nfserr) { 4166 *p++ = cpu_to_be32(3); 4167 *p++ = cpu_to_be32(0); 4168 *p++ = cpu_to_be32(0); 4169 *p++ = cpu_to_be32(0); 4170 } 4171 else { 4172 *p++ = cpu_to_be32(3); 4173 *p++ = cpu_to_be32(setattr->sa_bmval[0]); 4174 *p++ = cpu_to_be32(setattr->sa_bmval[1]); 4175 *p++ = cpu_to_be32(setattr->sa_bmval[2]); 4176 } 4177 return nfserr; 4178} 4179 4180static __be32 4181nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setclientid *scd) 4182{ 4183 struct xdr_stream *xdr = &resp->xdr; 4184 __be32 *p; 4185 4186 if (!nfserr) { 4187 p = xdr_reserve_space(xdr, 8 + NFS4_VERIFIER_SIZE); 4188 if (!p) 4189 return nfserr_resource; 4190 p = xdr_encode_opaque_fixed(p, &scd->se_clientid, 8); 4191 p = xdr_encode_opaque_fixed(p, &scd->se_confirm, 4192 NFS4_VERIFIER_SIZE); 4193 } 4194 else if (nfserr == nfserr_clid_inuse) { 4195 p = xdr_reserve_space(xdr, 8); 4196 if (!p) 4197 return nfserr_resource; 4198 *p++ = cpu_to_be32(0); 4199 *p++ = cpu_to_be32(0); 4200 } 4201 return nfserr; 4202} 4203 4204static __be32 4205nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_write *write) 4206{ 4207 struct xdr_stream *xdr = &resp->xdr; 4208 __be32 *p; 4209 4210 p = xdr_reserve_space(xdr, 16); 4211 if (!p) 4212 return nfserr_resource; 4213 *p++ = cpu_to_be32(write->wr_bytes_written); 4214 *p++ = cpu_to_be32(write->wr_how_written); 4215 p = xdr_encode_opaque_fixed(p, write->wr_verifier.data, 4216 NFS4_VERIFIER_SIZE); 4217 return 0; 4218} 4219 4220static __be32 4221nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr, 4222 struct nfsd4_exchange_id *exid) 4223{ 4224 struct xdr_stream *xdr = &resp->xdr; 4225 __be32 *p; 4226 char *major_id; 4227 char *server_scope; 4228 int major_id_sz; 4229 int server_scope_sz; 4230 uint64_t minor_id = 0; 4231 struct nfsd_net *nn = net_generic(SVC_NET(resp->rqstp), nfsd_net_id); 4232 4233 major_id = nn->nfsd_name; 4234 major_id_sz = strlen(nn->nfsd_name); 4235 server_scope = nn->nfsd_name; 4236 server_scope_sz = strlen(nn->nfsd_name); 4237 4238 p = xdr_reserve_space(xdr, 4239 8 /* eir_clientid */ + 4240 4 /* eir_sequenceid */ + 4241 4 /* eir_flags */ + 4242 4 /* spr_how */); 4243 if (!p) 4244 return nfserr_resource; 4245 4246 p = xdr_encode_opaque_fixed(p, &exid->clientid, 8); 4247 *p++ = cpu_to_be32(exid->seqid); 4248 *p++ = cpu_to_be32(exid->flags); 4249 4250 *p++ = cpu_to_be32(exid->spa_how); 4251 4252 switch (exid->spa_how) { 4253 case SP4_NONE: 4254 break; 4255 case SP4_MACH_CRED: 4256 /* spo_must_enforce bitmap: */ 4257 nfserr = nfsd4_encode_bitmap(xdr, 4258 exid->spo_must_enforce[0], 4259 exid->spo_must_enforce[1], 4260 exid->spo_must_enforce[2]); 4261 if (nfserr) 4262 return nfserr; 4263 /* spo_must_allow bitmap: */ 4264 nfserr = nfsd4_encode_bitmap(xdr, 4265 exid->spo_must_allow[0], 4266 exid->spo_must_allow[1], 4267 exid->spo_must_allow[2]); 4268 if (nfserr) 4269 return nfserr; 4270 break; 4271 default: 4272 WARN_ON_ONCE(1); 4273 } 4274 4275 p = xdr_reserve_space(xdr, 4276 8 /* so_minor_id */ + 4277 4 /* so_major_id.len */ + 4278 (XDR_QUADLEN(major_id_sz) * 4) + 4279 4 /* eir_server_scope.len */ + 4280 (XDR_QUADLEN(server_scope_sz) * 4) + 4281 4 /* eir_server_impl_id.count (0) */); 4282 if (!p) 4283 return nfserr_resource; 4284 4285 /* The server_owner struct */ 4286 p = xdr_encode_hyper(p, minor_id); /* Minor id */ 4287 /* major id */ 4288 p = xdr_encode_opaque(p, major_id, major_id_sz); 4289 4290 /* Server scope */ 4291 p = xdr_encode_opaque(p, server_scope, server_scope_sz); 4292 4293 /* Implementation id */ 4294 *p++ = cpu_to_be32(0); /* zero length nfs_impl_id4 array */ 4295 return 0; 4296} 4297 4298static __be32 4299nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr, 4300 struct nfsd4_create_session *sess) 4301{ 4302 struct xdr_stream *xdr = &resp->xdr; 4303 __be32 *p; 4304 4305 p = xdr_reserve_space(xdr, 24); 4306 if (!p) 4307 return nfserr_resource; 4308 p = xdr_encode_opaque_fixed(p, sess->sessionid.data, 4309 NFS4_MAX_SESSIONID_LEN); 4310 *p++ = cpu_to_be32(sess->seqid); 4311 *p++ = cpu_to_be32(sess->flags); 4312 4313 p = xdr_reserve_space(xdr, 28); 4314 if (!p) 4315 return nfserr_resource; 4316 *p++ = cpu_to_be32(0); /* headerpadsz */ 4317 *p++ = cpu_to_be32(sess->fore_channel.maxreq_sz); 4318 *p++ = cpu_to_be32(sess->fore_channel.maxresp_sz); 4319 *p++ = cpu_to_be32(sess->fore_channel.maxresp_cached); 4320 *p++ = cpu_to_be32(sess->fore_channel.maxops); 4321 *p++ = cpu_to_be32(sess->fore_channel.maxreqs); 4322 *p++ = cpu_to_be32(sess->fore_channel.nr_rdma_attrs); 4323 4324 if (sess->fore_channel.nr_rdma_attrs) { 4325 p = xdr_reserve_space(xdr, 4); 4326 if (!p) 4327 return nfserr_resource; 4328 *p++ = cpu_to_be32(sess->fore_channel.rdma_attrs); 4329 } 4330 4331 p = xdr_reserve_space(xdr, 28); 4332 if (!p) 4333 return nfserr_resource; 4334 *p++ = cpu_to_be32(0); /* headerpadsz */ 4335 *p++ = cpu_to_be32(sess->back_channel.maxreq_sz); 4336 *p++ = cpu_to_be32(sess->back_channel.maxresp_sz); 4337 *p++ = cpu_to_be32(sess->back_channel.maxresp_cached); 4338 *p++ = cpu_to_be32(sess->back_channel.maxops); 4339 *p++ = cpu_to_be32(sess->back_channel.maxreqs); 4340 *p++ = cpu_to_be32(sess->back_channel.nr_rdma_attrs); 4341 4342 if (sess->back_channel.nr_rdma_attrs) { 4343 p = xdr_reserve_space(xdr, 4); 4344 if (!p) 4345 return nfserr_resource; 4346 *p++ = cpu_to_be32(sess->back_channel.rdma_attrs); 4347 } 4348 return 0; 4349} 4350 4351static __be32 4352nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr, 4353 struct nfsd4_sequence *seq) 4354{ 4355 struct xdr_stream *xdr = &resp->xdr; 4356 __be32 *p; 4357 4358 p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 20); 4359 if (!p) 4360 return nfserr_resource; 4361 p = xdr_encode_opaque_fixed(p, seq->sessionid.data, 4362 NFS4_MAX_SESSIONID_LEN); 4363 *p++ = cpu_to_be32(seq->seqid); 4364 *p++ = cpu_to_be32(seq->slotid); 4365 /* Note slotid's are numbered from zero: */ 4366 *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_highest_slotid */ 4367 *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_target_highest_slotid */ 4368 *p++ = cpu_to_be32(seq->status_flags); 4369 4370 resp->cstate.data_offset = xdr->buf->len; /* DRC cache data pointer */ 4371 return 0; 4372} 4373 4374static __be32 4375nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr, 4376 struct nfsd4_test_stateid *test_stateid) 4377{ 4378 struct xdr_stream *xdr = &resp->xdr; 4379 struct nfsd4_test_stateid_id *stateid, *next; 4380 __be32 *p; 4381 4382 p = xdr_reserve_space(xdr, 4 + (4 * test_stateid->ts_num_ids)); 4383 if (!p) 4384 return nfserr_resource; 4385 *p++ = htonl(test_stateid->ts_num_ids); 4386 4387 list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) { 4388 *p++ = stateid->ts_id_status; 4389 } 4390 4391 return 0; 4392} 4393 4394#ifdef CONFIG_NFSD_PNFS 4395static __be32 4396nfsd4_encode_getdeviceinfo(struct nfsd4_compoundres *resp, __be32 nfserr, 4397 struct nfsd4_getdeviceinfo *gdev) 4398{ 4399 struct xdr_stream *xdr = &resp->xdr; 4400 const struct nfsd4_layout_ops *ops; 4401 u32 starting_len = xdr->buf->len, needed_len; 4402 __be32 *p; 4403 4404 p = xdr_reserve_space(xdr, 4); 4405 if (!p) 4406 return nfserr_resource; 4407 4408 *p++ = cpu_to_be32(gdev->gd_layout_type); 4409 4410 ops = nfsd4_layout_ops[gdev->gd_layout_type]; 4411 nfserr = ops->encode_getdeviceinfo(xdr, gdev); 4412 if (nfserr) { 4413 /* 4414 * We don't bother to burden the layout drivers with 4415 * enforcing gd_maxcount, just tell the client to 4416 * come back with a bigger buffer if it's not enough. 4417 */ 4418 if (xdr->buf->len + 4 > gdev->gd_maxcount) 4419 goto toosmall; 4420 return nfserr; 4421 } 4422 4423 if (gdev->gd_notify_types) { 4424 p = xdr_reserve_space(xdr, 4 + 4); 4425 if (!p) 4426 return nfserr_resource; 4427 *p++ = cpu_to_be32(1); /* bitmap length */ 4428 *p++ = cpu_to_be32(gdev->gd_notify_types); 4429 } else { 4430 p = xdr_reserve_space(xdr, 4); 4431 if (!p) 4432 return nfserr_resource; 4433 *p++ = 0; 4434 } 4435 4436 return 0; 4437toosmall: 4438 dprintk("%s: maxcount too small\n", __func__); 4439 needed_len = xdr->buf->len + 4 /* notifications */; 4440 xdr_truncate_encode(xdr, starting_len); 4441 p = xdr_reserve_space(xdr, 4); 4442 if (!p) 4443 return nfserr_resource; 4444 *p++ = cpu_to_be32(needed_len); 4445 return nfserr_toosmall; 4446} 4447 4448static __be32 4449nfsd4_encode_layoutget(struct nfsd4_compoundres *resp, __be32 nfserr, 4450 struct nfsd4_layoutget *lgp) 4451{ 4452 struct xdr_stream *xdr = &resp->xdr; 4453 const struct nfsd4_layout_ops *ops; 4454 __be32 *p; 4455 4456 p = xdr_reserve_space(xdr, 36 + sizeof(stateid_opaque_t)); 4457 if (!p) 4458 return nfserr_resource; 4459 4460 *p++ = cpu_to_be32(1); /* we always set return-on-close */ 4461 *p++ = cpu_to_be32(lgp->lg_sid.si_generation); 4462 p = xdr_encode_opaque_fixed(p, &lgp->lg_sid.si_opaque, 4463 sizeof(stateid_opaque_t)); 4464 4465 *p++ = cpu_to_be32(1); /* we always return a single layout */ 4466 p = xdr_encode_hyper(p, lgp->lg_seg.offset); 4467 p = xdr_encode_hyper(p, lgp->lg_seg.length); 4468 *p++ = cpu_to_be32(lgp->lg_seg.iomode); 4469 *p++ = cpu_to_be32(lgp->lg_layout_type); 4470 4471 ops = nfsd4_layout_ops[lgp->lg_layout_type]; 4472 return ops->encode_layoutget(xdr, lgp); 4473} 4474 4475static __be32 4476nfsd4_encode_layoutcommit(struct nfsd4_compoundres *resp, __be32 nfserr, 4477 struct nfsd4_layoutcommit *lcp) 4478{ 4479 struct xdr_stream *xdr = &resp->xdr; 4480 __be32 *p; 4481 4482 p = xdr_reserve_space(xdr, 4); 4483 if (!p) 4484 return nfserr_resource; 4485 *p++ = cpu_to_be32(lcp->lc_size_chg); 4486 if (lcp->lc_size_chg) { 4487 p = xdr_reserve_space(xdr, 8); 4488 if (!p) 4489 return nfserr_resource; 4490 p = xdr_encode_hyper(p, lcp->lc_newsize); 4491 } 4492 4493 return 0; 4494} 4495 4496static __be32 4497nfsd4_encode_layoutreturn(struct nfsd4_compoundres *resp, __be32 nfserr, 4498 struct nfsd4_layoutreturn *lrp) 4499{ 4500 struct xdr_stream *xdr = &resp->xdr; 4501 __be32 *p; 4502 4503 p = xdr_reserve_space(xdr, 4); 4504 if (!p) 4505 return nfserr_resource; 4506 *p++ = cpu_to_be32(lrp->lrs_present); 4507 if (lrp->lrs_present) 4508 return nfsd4_encode_stateid(xdr, &lrp->lr_sid); 4509 return 0; 4510} 4511#endif /* CONFIG_NFSD_PNFS */ 4512 4513static __be32 4514nfsd42_encode_write_res(struct nfsd4_compoundres *resp, 4515 struct nfsd42_write_res *write, bool sync) 4516{ 4517 __be32 *p; 4518 p = xdr_reserve_space(&resp->xdr, 4); 4519 if (!p) 4520 return nfserr_resource; 4521 4522 if (sync) 4523 *p++ = cpu_to_be32(0); 4524 else { 4525 __be32 nfserr; 4526 *p++ = cpu_to_be32(1); 4527 nfserr = nfsd4_encode_stateid(&resp->xdr, &write->cb_stateid); 4528 if (nfserr) 4529 return nfserr; 4530 } 4531 p = xdr_reserve_space(&resp->xdr, 8 + 4 + NFS4_VERIFIER_SIZE); 4532 if (!p) 4533 return nfserr_resource; 4534 4535 p = xdr_encode_hyper(p, write->wr_bytes_written); 4536 *p++ = cpu_to_be32(write->wr_stable_how); 4537 p = xdr_encode_opaque_fixed(p, write->wr_verifier.data, 4538 NFS4_VERIFIER_SIZE); 4539 return nfs_ok; 4540} 4541 4542static __be32 4543nfsd42_encode_nl4_server(struct nfsd4_compoundres *resp, struct nl4_server *ns) 4544{ 4545 struct xdr_stream *xdr = &resp->xdr; 4546 struct nfs42_netaddr *addr; 4547 __be32 *p; 4548 4549 p = xdr_reserve_space(xdr, 4); 4550 *p++ = cpu_to_be32(ns->nl4_type); 4551 4552 switch (ns->nl4_type) { 4553 case NL4_NETADDR: 4554 addr = &ns->u.nl4_addr; 4555 4556 /* netid_len, netid, uaddr_len, uaddr (port included 4557 * in RPCBIND_MAXUADDRLEN) 4558 */ 4559 p = xdr_reserve_space(xdr, 4560 4 /* netid len */ + 4561 (XDR_QUADLEN(addr->netid_len) * 4) + 4562 4 /* uaddr len */ + 4563 (XDR_QUADLEN(addr->addr_len) * 4)); 4564 if (!p) 4565 return nfserr_resource; 4566 4567 *p++ = cpu_to_be32(addr->netid_len); 4568 p = xdr_encode_opaque_fixed(p, addr->netid, 4569 addr->netid_len); 4570 *p++ = cpu_to_be32(addr->addr_len); 4571 p = xdr_encode_opaque_fixed(p, addr->addr, 4572 addr->addr_len); 4573 break; 4574 default: 4575 WARN_ON_ONCE(ns->nl4_type != NL4_NETADDR); 4576 return nfserr_inval; 4577 } 4578 4579 return 0; 4580} 4581 4582static __be32 4583nfsd4_encode_copy(struct nfsd4_compoundres *resp, __be32 nfserr, 4584 struct nfsd4_copy *copy) 4585{ 4586 __be32 *p; 4587 4588 nfserr = nfsd42_encode_write_res(resp, ©->cp_res, 4589 copy->cp_synchronous); 4590 if (nfserr) 4591 return nfserr; 4592 4593 p = xdr_reserve_space(&resp->xdr, 4 + 4); 4594 *p++ = xdr_one; /* cr_consecutive */ 4595 *p++ = cpu_to_be32(copy->cp_synchronous); 4596 return 0; 4597} 4598 4599static __be32 4600nfsd4_encode_offload_status(struct nfsd4_compoundres *resp, __be32 nfserr, 4601 struct nfsd4_offload_status *os) 4602{ 4603 struct xdr_stream *xdr = &resp->xdr; 4604 __be32 *p; 4605 4606 p = xdr_reserve_space(xdr, 8 + 4); 4607 if (!p) 4608 return nfserr_resource; 4609 p = xdr_encode_hyper(p, os->count); 4610 *p++ = cpu_to_be32(0); 4611 return nfserr; 4612} 4613 4614static __be32 4615nfsd4_encode_read_plus_data(struct nfsd4_compoundres *resp, 4616 struct nfsd4_read *read, 4617 unsigned long *maxcount, u32 *eof, 4618 loff_t *pos) 4619{ 4620 struct xdr_stream *xdr = &resp->xdr; 4621 struct file *file = read->rd_nf->nf_file; 4622 int starting_len = xdr->buf->len; 4623 loff_t hole_pos; 4624 __be32 nfserr; 4625 __be32 *p, tmp; 4626 __be64 tmp64; 4627 4628 hole_pos = pos ? *pos : vfs_llseek(file, read->rd_offset, SEEK_HOLE); 4629 if (hole_pos > read->rd_offset) 4630 *maxcount = min_t(unsigned long, *maxcount, hole_pos - read->rd_offset); 4631 *maxcount = min_t(unsigned long, *maxcount, (xdr->buf->buflen - xdr->buf->len)); 4632 4633 /* Content type, offset, byte count */ 4634 p = xdr_reserve_space(xdr, 4 + 8 + 4); 4635 if (!p) 4636 return nfserr_resource; 4637 4638 read->rd_vlen = xdr_reserve_space_vec(xdr, resp->rqstp->rq_vec, *maxcount); 4639 if (read->rd_vlen < 0) 4640 return nfserr_resource; 4641 4642 nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset, 4643 resp->rqstp->rq_vec, read->rd_vlen, maxcount, eof); 4644 if (nfserr) 4645 return nfserr; 4646 xdr_truncate_encode(xdr, starting_len + 16 + xdr_align_size(*maxcount)); 4647 4648 tmp = htonl(NFS4_CONTENT_DATA); 4649 write_bytes_to_xdr_buf(xdr->buf, starting_len, &tmp, 4); 4650 tmp64 = cpu_to_be64(read->rd_offset); 4651 write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp64, 8); 4652 tmp = htonl(*maxcount); 4653 write_bytes_to_xdr_buf(xdr->buf, starting_len + 12, &tmp, 4); 4654 4655 tmp = xdr_zero; 4656 write_bytes_to_xdr_buf(xdr->buf, starting_len + 16 + *maxcount, &tmp, 4657 xdr_pad_size(*maxcount)); 4658 return nfs_ok; 4659} 4660 4661static __be32 4662nfsd4_encode_read_plus_hole(struct nfsd4_compoundres *resp, 4663 struct nfsd4_read *read, 4664 unsigned long *maxcount, u32 *eof) 4665{ 4666 struct file *file = read->rd_nf->nf_file; 4667 loff_t data_pos = vfs_llseek(file, read->rd_offset, SEEK_DATA); 4668 loff_t f_size = i_size_read(file_inode(file)); 4669 unsigned long count; 4670 __be32 *p; 4671 4672 if (data_pos == -ENXIO) 4673 data_pos = f_size; 4674 else if (data_pos <= read->rd_offset || (data_pos < f_size && data_pos % PAGE_SIZE)) 4675 return nfsd4_encode_read_plus_data(resp, read, maxcount, eof, &f_size); 4676 count = data_pos - read->rd_offset; 4677 4678 /* Content type, offset, byte count */ 4679 p = xdr_reserve_space(&resp->xdr, 4 + 8 + 8); 4680 if (!p) 4681 return nfserr_resource; 4682 4683 *p++ = htonl(NFS4_CONTENT_HOLE); 4684 p = xdr_encode_hyper(p, read->rd_offset); 4685 p = xdr_encode_hyper(p, count); 4686 4687 *eof = (read->rd_offset + count) >= f_size; 4688 *maxcount = min_t(unsigned long, count, *maxcount); 4689 return nfs_ok; 4690} 4691 4692static __be32 4693nfsd4_encode_read_plus(struct nfsd4_compoundres *resp, __be32 nfserr, 4694 struct nfsd4_read *read) 4695{ 4696 unsigned long maxcount, count; 4697 struct xdr_stream *xdr = &resp->xdr; 4698 struct file *file; 4699 int starting_len = xdr->buf->len; 4700 int last_segment = xdr->buf->len; 4701 int segments = 0; 4702 __be32 *p, tmp; 4703 bool is_data; 4704 loff_t pos; 4705 u32 eof; 4706 4707 if (nfserr) 4708 return nfserr; 4709 file = read->rd_nf->nf_file; 4710 4711 /* eof flag, segment count */ 4712 p = xdr_reserve_space(xdr, 4 + 4); 4713 if (!p) 4714 return nfserr_resource; 4715 xdr_commit_encode(xdr); 4716 4717 maxcount = svc_max_payload(resp->rqstp); 4718 maxcount = min_t(unsigned long, maxcount, 4719 (xdr->buf->buflen - xdr->buf->len)); 4720 maxcount = min_t(unsigned long, maxcount, read->rd_length); 4721 count = maxcount; 4722 4723 eof = read->rd_offset >= i_size_read(file_inode(file)); 4724 if (eof) 4725 goto out; 4726 4727 pos = vfs_llseek(file, read->rd_offset, SEEK_HOLE); 4728 is_data = pos > read->rd_offset; 4729 4730 while (count > 0 && !eof) { 4731 maxcount = count; 4732 if (is_data) 4733 nfserr = nfsd4_encode_read_plus_data(resp, read, &maxcount, &eof, 4734 segments == 0 ? &pos : NULL); 4735 else 4736 nfserr = nfsd4_encode_read_plus_hole(resp, read, &maxcount, &eof); 4737 if (nfserr) 4738 goto out; 4739 count -= maxcount; 4740 read->rd_offset += maxcount; 4741 is_data = !is_data; 4742 last_segment = xdr->buf->len; 4743 segments++; 4744 } 4745 4746out: 4747 if (nfserr && segments == 0) 4748 xdr_truncate_encode(xdr, starting_len); 4749 else { 4750 if (nfserr) { 4751 xdr_truncate_encode(xdr, last_segment); 4752 nfserr = nfs_ok; 4753 eof = 0; 4754 } 4755 tmp = htonl(eof); 4756 write_bytes_to_xdr_buf(xdr->buf, starting_len, &tmp, 4); 4757 tmp = htonl(segments); 4758 write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4); 4759 } 4760 4761 return nfserr; 4762} 4763 4764static __be32 4765nfsd4_encode_copy_notify(struct nfsd4_compoundres *resp, __be32 nfserr, 4766 struct nfsd4_copy_notify *cn) 4767{ 4768 struct xdr_stream *xdr = &resp->xdr; 4769 __be32 *p; 4770 4771 if (nfserr) 4772 return nfserr; 4773 4774 /* 8 sec, 4 nsec */ 4775 p = xdr_reserve_space(xdr, 12); 4776 if (!p) 4777 return nfserr_resource; 4778 4779 /* cnr_lease_time */ 4780 p = xdr_encode_hyper(p, cn->cpn_sec); 4781 *p++ = cpu_to_be32(cn->cpn_nsec); 4782 4783 /* cnr_stateid */ 4784 nfserr = nfsd4_encode_stateid(xdr, &cn->cpn_cnr_stateid); 4785 if (nfserr) 4786 return nfserr; 4787 4788 /* cnr_src.nl_nsvr */ 4789 p = xdr_reserve_space(xdr, 4); 4790 if (!p) 4791 return nfserr_resource; 4792 4793 *p++ = cpu_to_be32(1); 4794 4795 return nfsd42_encode_nl4_server(resp, &cn->cpn_src); 4796} 4797 4798static __be32 4799nfsd4_encode_seek(struct nfsd4_compoundres *resp, __be32 nfserr, 4800 struct nfsd4_seek *seek) 4801{ 4802 __be32 *p; 4803 4804 p = xdr_reserve_space(&resp->xdr, 4 + 8); 4805 *p++ = cpu_to_be32(seek->seek_eof); 4806 p = xdr_encode_hyper(p, seek->seek_pos); 4807 4808 return 0; 4809} 4810 4811static __be32 4812nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr, void *p) 4813{ 4814 return nfserr; 4815} 4816 4817/* 4818 * Encode kmalloc-ed buffer in to XDR stream. 4819 */ 4820static __be32 4821nfsd4_vbuf_to_stream(struct xdr_stream *xdr, char *buf, u32 buflen) 4822{ 4823 u32 cplen; 4824 __be32 *p; 4825 4826 cplen = min_t(unsigned long, buflen, 4827 ((void *)xdr->end - (void *)xdr->p)); 4828 p = xdr_reserve_space(xdr, cplen); 4829 if (!p) 4830 return nfserr_resource; 4831 4832 memcpy(p, buf, cplen); 4833 buf += cplen; 4834 buflen -= cplen; 4835 4836 while (buflen) { 4837 cplen = min_t(u32, buflen, PAGE_SIZE); 4838 p = xdr_reserve_space(xdr, cplen); 4839 if (!p) 4840 return nfserr_resource; 4841 4842 memcpy(p, buf, cplen); 4843 4844 if (cplen < PAGE_SIZE) { 4845 /* 4846 * We're done, with a length that wasn't page 4847 * aligned, so possibly not word aligned. Pad 4848 * any trailing bytes with 0. 4849 */ 4850 xdr_encode_opaque_fixed(p, NULL, cplen); 4851 break; 4852 } 4853 4854 buflen -= PAGE_SIZE; 4855 buf += PAGE_SIZE; 4856 } 4857 4858 return 0; 4859} 4860 4861static __be32 4862nfsd4_encode_getxattr(struct nfsd4_compoundres *resp, __be32 nfserr, 4863 struct nfsd4_getxattr *getxattr) 4864{ 4865 struct xdr_stream *xdr = &resp->xdr; 4866 __be32 *p, err; 4867 4868 p = xdr_reserve_space(xdr, 4); 4869 if (!p) 4870 return nfserr_resource; 4871 4872 *p = cpu_to_be32(getxattr->getxa_len); 4873 4874 if (getxattr->getxa_len == 0) 4875 return 0; 4876 4877 err = nfsd4_vbuf_to_stream(xdr, getxattr->getxa_buf, 4878 getxattr->getxa_len); 4879 4880 kvfree(getxattr->getxa_buf); 4881 4882 return err; 4883} 4884 4885static __be32 4886nfsd4_encode_setxattr(struct nfsd4_compoundres *resp, __be32 nfserr, 4887 struct nfsd4_setxattr *setxattr) 4888{ 4889 struct xdr_stream *xdr = &resp->xdr; 4890 __be32 *p; 4891 4892 p = xdr_reserve_space(xdr, 20); 4893 if (!p) 4894 return nfserr_resource; 4895 4896 encode_cinfo(p, &setxattr->setxa_cinfo); 4897 4898 return 0; 4899} 4900 4901/* 4902 * See if there are cookie values that can be rejected outright. 4903 */ 4904static __be32 4905nfsd4_listxattr_validate_cookie(struct nfsd4_listxattrs *listxattrs, 4906 u32 *offsetp) 4907{ 4908 u64 cookie = listxattrs->lsxa_cookie; 4909 4910 /* 4911 * If the cookie is larger than the maximum number we can fit 4912 * in either the buffer we just got back from vfs_listxattr, or, 4913 * XDR-encoded, in the return buffer, it's invalid. 4914 */ 4915 if (cookie > (listxattrs->lsxa_len) / (XATTR_USER_PREFIX_LEN + 2)) 4916 return nfserr_badcookie; 4917 4918 if (cookie > (listxattrs->lsxa_maxcount / 4919 (XDR_QUADLEN(XATTR_USER_PREFIX_LEN + 2) + 4))) 4920 return nfserr_badcookie; 4921 4922 *offsetp = (u32)cookie; 4923 return 0; 4924} 4925 4926static __be32 4927nfsd4_encode_listxattrs(struct nfsd4_compoundres *resp, __be32 nfserr, 4928 struct nfsd4_listxattrs *listxattrs) 4929{ 4930 struct xdr_stream *xdr = &resp->xdr; 4931 u32 cookie_offset, count_offset, eof; 4932 u32 left, xdrleft, slen, count; 4933 u32 xdrlen, offset; 4934 u64 cookie; 4935 char *sp; 4936 __be32 status, tmp; 4937 __be32 *p; 4938 u32 nuser; 4939 4940 eof = 1; 4941 4942 status = nfsd4_listxattr_validate_cookie(listxattrs, &offset); 4943 if (status) 4944 goto out; 4945 4946 /* 4947 * Reserve space for the cookie and the name array count. Record 4948 * the offsets to save them later. 4949 */ 4950 cookie_offset = xdr->buf->len; 4951 count_offset = cookie_offset + 8; 4952 p = xdr_reserve_space(xdr, 12); 4953 if (!p) { 4954 status = nfserr_resource; 4955 goto out; 4956 } 4957 4958 count = 0; 4959 left = listxattrs->lsxa_len; 4960 sp = listxattrs->lsxa_buf; 4961 nuser = 0; 4962 4963 xdrleft = listxattrs->lsxa_maxcount; 4964 4965 while (left > 0 && xdrleft > 0) { 4966 slen = strlen(sp); 4967 4968 /* 4969 * Check if this is a "user." attribute, skip it if not. 4970 */ 4971 if (strncmp(sp, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) 4972 goto contloop; 4973 4974 slen -= XATTR_USER_PREFIX_LEN; 4975 xdrlen = 4 + ((slen + 3) & ~3); 4976 if (xdrlen > xdrleft) { 4977 if (count == 0) { 4978 /* 4979 * Can't even fit the first attribute name. 4980 */ 4981 status = nfserr_toosmall; 4982 goto out; 4983 } 4984 eof = 0; 4985 goto wreof; 4986 } 4987 4988 left -= XATTR_USER_PREFIX_LEN; 4989 sp += XATTR_USER_PREFIX_LEN; 4990 if (nuser++ < offset) 4991 goto contloop; 4992 4993 4994 p = xdr_reserve_space(xdr, xdrlen); 4995 if (!p) { 4996 status = nfserr_resource; 4997 goto out; 4998 } 4999 5000 xdr_encode_opaque(p, sp, slen); 5001 5002 xdrleft -= xdrlen; 5003 count++; 5004contloop: 5005 sp += slen + 1; 5006 left -= slen + 1; 5007 } 5008 5009 /* 5010 * If there were user attributes to copy, but we didn't copy 5011 * any, the offset was too large (e.g. the cookie was invalid). 5012 */ 5013 if (nuser > 0 && count == 0) { 5014 status = nfserr_badcookie; 5015 goto out; 5016 } 5017 5018wreof: 5019 p = xdr_reserve_space(xdr, 4); 5020 if (!p) { 5021 status = nfserr_resource; 5022 goto out; 5023 } 5024 *p = cpu_to_be32(eof); 5025 5026 cookie = offset + count; 5027 5028 write_bytes_to_xdr_buf(xdr->buf, cookie_offset, &cookie, 8); 5029 tmp = cpu_to_be32(count); 5030 write_bytes_to_xdr_buf(xdr->buf, count_offset, &tmp, 4); 5031out: 5032 if (listxattrs->lsxa_len) 5033 kvfree(listxattrs->lsxa_buf); 5034 return status; 5035} 5036 5037static __be32 5038nfsd4_encode_removexattr(struct nfsd4_compoundres *resp, __be32 nfserr, 5039 struct nfsd4_removexattr *removexattr) 5040{ 5041 struct xdr_stream *xdr = &resp->xdr; 5042 __be32 *p; 5043 5044 p = xdr_reserve_space(xdr, 20); 5045 if (!p) 5046 return nfserr_resource; 5047 5048 p = encode_cinfo(p, &removexattr->rmxa_cinfo); 5049 return 0; 5050} 5051 5052typedef __be32(* nfsd4_enc)(struct nfsd4_compoundres *, __be32, void *); 5053 5054/* 5055 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1 5056 * since we don't need to filter out obsolete ops as this is 5057 * done in the decoding phase. 5058 */ 5059static const nfsd4_enc nfsd4_enc_ops[] = { 5060 [OP_ACCESS] = (nfsd4_enc)nfsd4_encode_access, 5061 [OP_CLOSE] = (nfsd4_enc)nfsd4_encode_close, 5062 [OP_COMMIT] = (nfsd4_enc)nfsd4_encode_commit, 5063 [OP_CREATE] = (nfsd4_enc)nfsd4_encode_create, 5064 [OP_DELEGPURGE] = (nfsd4_enc)nfsd4_encode_noop, 5065 [OP_DELEGRETURN] = (nfsd4_enc)nfsd4_encode_noop, 5066 [OP_GETATTR] = (nfsd4_enc)nfsd4_encode_getattr, 5067 [OP_GETFH] = (nfsd4_enc)nfsd4_encode_getfh, 5068 [OP_LINK] = (nfsd4_enc)nfsd4_encode_link, 5069 [OP_LOCK] = (nfsd4_enc)nfsd4_encode_lock, 5070 [OP_LOCKT] = (nfsd4_enc)nfsd4_encode_lockt, 5071 [OP_LOCKU] = (nfsd4_enc)nfsd4_encode_locku, 5072 [OP_LOOKUP] = (nfsd4_enc)nfsd4_encode_noop, 5073 [OP_LOOKUPP] = (nfsd4_enc)nfsd4_encode_noop, 5074 [OP_NVERIFY] = (nfsd4_enc)nfsd4_encode_noop, 5075 [OP_OPEN] = (nfsd4_enc)nfsd4_encode_open, 5076 [OP_OPENATTR] = (nfsd4_enc)nfsd4_encode_noop, 5077 [OP_OPEN_CONFIRM] = (nfsd4_enc)nfsd4_encode_open_confirm, 5078 [OP_OPEN_DOWNGRADE] = (nfsd4_enc)nfsd4_encode_open_downgrade, 5079 [OP_PUTFH] = (nfsd4_enc)nfsd4_encode_noop, 5080 [OP_PUTPUBFH] = (nfsd4_enc)nfsd4_encode_noop, 5081 [OP_PUTROOTFH] = (nfsd4_enc)nfsd4_encode_noop, 5082 [OP_READ] = (nfsd4_enc)nfsd4_encode_read, 5083 [OP_READDIR] = (nfsd4_enc)nfsd4_encode_readdir, 5084 [OP_READLINK] = (nfsd4_enc)nfsd4_encode_readlink, 5085 [OP_REMOVE] = (nfsd4_enc)nfsd4_encode_remove, 5086 [OP_RENAME] = (nfsd4_enc)nfsd4_encode_rename, 5087 [OP_RENEW] = (nfsd4_enc)nfsd4_encode_noop, 5088 [OP_RESTOREFH] = (nfsd4_enc)nfsd4_encode_noop, 5089 [OP_SAVEFH] = (nfsd4_enc)nfsd4_encode_noop, 5090 [OP_SECINFO] = (nfsd4_enc)nfsd4_encode_secinfo, 5091 [OP_SETATTR] = (nfsd4_enc)nfsd4_encode_setattr, 5092 [OP_SETCLIENTID] = (nfsd4_enc)nfsd4_encode_setclientid, 5093 [OP_SETCLIENTID_CONFIRM] = (nfsd4_enc)nfsd4_encode_noop, 5094 [OP_VERIFY] = (nfsd4_enc)nfsd4_encode_noop, 5095 [OP_WRITE] = (nfsd4_enc)nfsd4_encode_write, 5096 [OP_RELEASE_LOCKOWNER] = (nfsd4_enc)nfsd4_encode_noop, 5097 5098 /* NFSv4.1 operations */ 5099 [OP_BACKCHANNEL_CTL] = (nfsd4_enc)nfsd4_encode_noop, 5100 [OP_BIND_CONN_TO_SESSION] = (nfsd4_enc)nfsd4_encode_bind_conn_to_session, 5101 [OP_EXCHANGE_ID] = (nfsd4_enc)nfsd4_encode_exchange_id, 5102 [OP_CREATE_SESSION] = (nfsd4_enc)nfsd4_encode_create_session, 5103 [OP_DESTROY_SESSION] = (nfsd4_enc)nfsd4_encode_noop, 5104 [OP_FREE_STATEID] = (nfsd4_enc)nfsd4_encode_noop, 5105 [OP_GET_DIR_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop, 5106#ifdef CONFIG_NFSD_PNFS 5107 [OP_GETDEVICEINFO] = (nfsd4_enc)nfsd4_encode_getdeviceinfo, 5108 [OP_GETDEVICELIST] = (nfsd4_enc)nfsd4_encode_noop, 5109 [OP_LAYOUTCOMMIT] = (nfsd4_enc)nfsd4_encode_layoutcommit, 5110 [OP_LAYOUTGET] = (nfsd4_enc)nfsd4_encode_layoutget, 5111 [OP_LAYOUTRETURN] = (nfsd4_enc)nfsd4_encode_layoutreturn, 5112#else 5113 [OP_GETDEVICEINFO] = (nfsd4_enc)nfsd4_encode_noop, 5114 [OP_GETDEVICELIST] = (nfsd4_enc)nfsd4_encode_noop, 5115 [OP_LAYOUTCOMMIT] = (nfsd4_enc)nfsd4_encode_noop, 5116 [OP_LAYOUTGET] = (nfsd4_enc)nfsd4_encode_noop, 5117 [OP_LAYOUTRETURN] = (nfsd4_enc)nfsd4_encode_noop, 5118#endif 5119 [OP_SECINFO_NO_NAME] = (nfsd4_enc)nfsd4_encode_secinfo_no_name, 5120 [OP_SEQUENCE] = (nfsd4_enc)nfsd4_encode_sequence, 5121 [OP_SET_SSV] = (nfsd4_enc)nfsd4_encode_noop, 5122 [OP_TEST_STATEID] = (nfsd4_enc)nfsd4_encode_test_stateid, 5123 [OP_WANT_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop, 5124 [OP_DESTROY_CLIENTID] = (nfsd4_enc)nfsd4_encode_noop, 5125 [OP_RECLAIM_COMPLETE] = (nfsd4_enc)nfsd4_encode_noop, 5126 5127 /* NFSv4.2 operations */ 5128 [OP_ALLOCATE] = (nfsd4_enc)nfsd4_encode_noop, 5129 [OP_COPY] = (nfsd4_enc)nfsd4_encode_copy, 5130 [OP_COPY_NOTIFY] = (nfsd4_enc)nfsd4_encode_copy_notify, 5131 [OP_DEALLOCATE] = (nfsd4_enc)nfsd4_encode_noop, 5132 [OP_IO_ADVISE] = (nfsd4_enc)nfsd4_encode_noop, 5133 [OP_LAYOUTERROR] = (nfsd4_enc)nfsd4_encode_noop, 5134 [OP_LAYOUTSTATS] = (nfsd4_enc)nfsd4_encode_noop, 5135 [OP_OFFLOAD_CANCEL] = (nfsd4_enc)nfsd4_encode_noop, 5136 [OP_OFFLOAD_STATUS] = (nfsd4_enc)nfsd4_encode_offload_status, 5137 [OP_READ_PLUS] = (nfsd4_enc)nfsd4_encode_read_plus, 5138 [OP_SEEK] = (nfsd4_enc)nfsd4_encode_seek, 5139 [OP_WRITE_SAME] = (nfsd4_enc)nfsd4_encode_noop, 5140 [OP_CLONE] = (nfsd4_enc)nfsd4_encode_noop, 5141 5142 /* RFC 8276 extended atributes operations */ 5143 [OP_GETXATTR] = (nfsd4_enc)nfsd4_encode_getxattr, 5144 [OP_SETXATTR] = (nfsd4_enc)nfsd4_encode_setxattr, 5145 [OP_LISTXATTRS] = (nfsd4_enc)nfsd4_encode_listxattrs, 5146 [OP_REMOVEXATTR] = (nfsd4_enc)nfsd4_encode_removexattr, 5147}; 5148 5149/* 5150 * Calculate whether we still have space to encode repsize bytes. 5151 * There are two considerations: 5152 * - For NFS versions >=4.1, the size of the reply must stay within 5153 * session limits 5154 * - For all NFS versions, we must stay within limited preallocated 5155 * buffer space. 5156 * 5157 * This is called before the operation is processed, so can only provide 5158 * an upper estimate. For some nonidempotent operations (such as 5159 * getattr), it's not necessarily a problem if that estimate is wrong, 5160 * as we can fail it after processing without significant side effects. 5161 */ 5162__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 respsize) 5163{ 5164 struct xdr_buf *buf = &resp->rqstp->rq_res; 5165 struct nfsd4_slot *slot = resp->cstate.slot; 5166 5167 if (buf->len + respsize <= buf->buflen) 5168 return nfs_ok; 5169 if (!nfsd4_has_session(&resp->cstate)) 5170 return nfserr_resource; 5171 if (slot->sl_flags & NFSD4_SLOT_CACHETHIS) { 5172 WARN_ON_ONCE(1); 5173 return nfserr_rep_too_big_to_cache; 5174 } 5175 return nfserr_rep_too_big; 5176} 5177 5178void 5179nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op) 5180{ 5181 struct xdr_stream *xdr = &resp->xdr; 5182 struct nfs4_stateowner *so = resp->cstate.replay_owner; 5183 struct svc_rqst *rqstp = resp->rqstp; 5184 const struct nfsd4_operation *opdesc = op->opdesc; 5185 int post_err_offset; 5186 nfsd4_enc encoder; 5187 __be32 *p; 5188 5189 p = xdr_reserve_space(xdr, 8); 5190 if (!p) { 5191 WARN_ON_ONCE(1); 5192 return; 5193 } 5194 *p++ = cpu_to_be32(op->opnum); 5195 post_err_offset = xdr->buf->len; 5196 5197 if (op->opnum == OP_ILLEGAL) 5198 goto status; 5199 if (op->status && opdesc && 5200 !(opdesc->op_flags & OP_NONTRIVIAL_ERROR_ENCODE)) 5201 goto status; 5202 BUG_ON(op->opnum < 0 || op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) || 5203 !nfsd4_enc_ops[op->opnum]); 5204 encoder = nfsd4_enc_ops[op->opnum]; 5205 op->status = encoder(resp, op->status, &op->u); 5206 if (opdesc && opdesc->op_release) 5207 opdesc->op_release(&op->u); 5208 xdr_commit_encode(xdr); 5209 5210 /* nfsd4_check_resp_size guarantees enough room for error status */ 5211 if (!op->status) { 5212 int space_needed = 0; 5213 if (!nfsd4_last_compound_op(rqstp)) 5214 space_needed = COMPOUND_ERR_SLACK_SPACE; 5215 op->status = nfsd4_check_resp_size(resp, space_needed); 5216 } 5217 if (op->status == nfserr_resource && nfsd4_has_session(&resp->cstate)) { 5218 struct nfsd4_slot *slot = resp->cstate.slot; 5219 5220 if (slot->sl_flags & NFSD4_SLOT_CACHETHIS) 5221 op->status = nfserr_rep_too_big_to_cache; 5222 else 5223 op->status = nfserr_rep_too_big; 5224 } 5225 if (op->status == nfserr_resource || 5226 op->status == nfserr_rep_too_big || 5227 op->status == nfserr_rep_too_big_to_cache) { 5228 /* 5229 * The operation may have already been encoded or 5230 * partially encoded. No op returns anything additional 5231 * in the case of one of these three errors, so we can 5232 * just truncate back to after the status. But it's a 5233 * bug if we had to do this on a non-idempotent op: 5234 */ 5235 warn_on_nonidempotent_op(op); 5236 xdr_truncate_encode(xdr, post_err_offset); 5237 } 5238 if (so) { 5239 int len = xdr->buf->len - post_err_offset; 5240 5241 so->so_replay.rp_status = op->status; 5242 so->so_replay.rp_buflen = len; 5243 read_bytes_from_xdr_buf(xdr->buf, post_err_offset, 5244 so->so_replay.rp_buf, len); 5245 } 5246status: 5247 /* Note that op->status is already in network byte order: */ 5248 write_bytes_to_xdr_buf(xdr->buf, post_err_offset - 4, &op->status, 4); 5249} 5250 5251/* 5252 * Encode the reply stored in the stateowner reply cache 5253 * 5254 * XDR note: do not encode rp->rp_buflen: the buffer contains the 5255 * previously sent already encoded operation. 5256 */ 5257void 5258nfsd4_encode_replay(struct xdr_stream *xdr, struct nfsd4_op *op) 5259{ 5260 __be32 *p; 5261 struct nfs4_replay *rp = op->replay; 5262 5263 p = xdr_reserve_space(xdr, 8 + rp->rp_buflen); 5264 if (!p) { 5265 WARN_ON_ONCE(1); 5266 return; 5267 } 5268 *p++ = cpu_to_be32(op->opnum); 5269 *p++ = rp->rp_status; /* already xdr'ed */ 5270 5271 p = xdr_encode_opaque_fixed(p, rp->rp_buf, rp->rp_buflen); 5272} 5273 5274int 5275nfs4svc_encode_voidres(struct svc_rqst *rqstp, __be32 *p) 5276{ 5277 return xdr_ressize_check(rqstp, p); 5278} 5279 5280void nfsd4_release_compoundargs(struct svc_rqst *rqstp) 5281{ 5282 struct nfsd4_compoundargs *args = rqstp->rq_argp; 5283 5284 if (args->ops != args->iops) { 5285 kfree(args->ops); 5286 args->ops = args->iops; 5287 } 5288 kfree(args->tmpp); 5289 args->tmpp = NULL; 5290 while (args->to_free) { 5291 struct svcxdr_tmpbuf *tb = args->to_free; 5292 args->to_free = tb->next; 5293 kfree(tb); 5294 } 5295} 5296 5297int 5298nfs4svc_decode_voidarg(struct svc_rqst *rqstp, __be32 *p) 5299{ 5300 return 1; 5301} 5302 5303int 5304nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, __be32 *p) 5305{ 5306 struct nfsd4_compoundargs *args = rqstp->rq_argp; 5307 5308 if (rqstp->rq_arg.head[0].iov_len % 4) { 5309 /* client is nuts */ 5310 dprintk("%s: compound not properly padded! (peeraddr=%pISc xid=0x%x)", 5311 __func__, svc_addr(rqstp), be32_to_cpu(rqstp->rq_xid)); 5312 return 0; 5313 } 5314 args->p = p; 5315 args->end = rqstp->rq_arg.head[0].iov_base + rqstp->rq_arg.head[0].iov_len; 5316 args->pagelist = rqstp->rq_arg.pages; 5317 args->pagelen = rqstp->rq_arg.page_len; 5318 args->tail = false; 5319 args->tmpp = NULL; 5320 args->to_free = NULL; 5321 args->ops = args->iops; 5322 args->rqstp = rqstp; 5323 5324 return !nfsd4_decode_compound(args); 5325} 5326 5327int 5328nfs4svc_encode_compoundres(struct svc_rqst *rqstp, __be32 *p) 5329{ 5330 struct nfsd4_compoundres *resp = rqstp->rq_resp; 5331 struct xdr_buf *buf = resp->xdr.buf; 5332 5333 WARN_ON_ONCE(buf->len != buf->head[0].iov_len + buf->page_len + 5334 buf->tail[0].iov_len); 5335 5336 *p = resp->cstate.status; 5337 5338 rqstp->rq_next_page = resp->xdr.page_ptr + 1; 5339 5340 p = resp->tagp; 5341 *p++ = htonl(resp->taglen); 5342 memcpy(p, resp->tag, resp->taglen); 5343 p += XDR_QUADLEN(resp->taglen); 5344 *p++ = htonl(resp->opcnt); 5345 5346 nfsd4_sequence_done(resp); 5347 return 1; 5348} 5349 5350/* 5351 * Local variables: 5352 * c-basic-offset: 8 5353 * End: 5354 */ 5355