1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Central processing for nfsd. 4 * 5 * Authors: Olaf Kirch (okir@monad.swb.de) 6 * 7 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de> 8 */ 9 10#include <linux/sched/signal.h> 11#include <linux/freezer.h> 12#include <linux/module.h> 13#include <linux/fs_struct.h> 14#include <linux/swap.h> 15 16#include <linux/sunrpc/stats.h> 17#include <linux/sunrpc/svcsock.h> 18#include <linux/sunrpc/svc_xprt.h> 19#include <linux/lockd/bind.h> 20#include <linux/nfsacl.h> 21#include <linux/seq_file.h> 22#include <linux/inetdevice.h> 23#include <net/addrconf.h> 24#include <net/ipv6.h> 25#include <net/net_namespace.h> 26#include "nfsd.h" 27#include "cache.h" 28#include "vfs.h" 29#include "netns.h" 30#include "filecache.h" 31 32#define NFSDDBG_FACILITY NFSDDBG_SVC 33 34bool inter_copy_offload_enable; 35EXPORT_SYMBOL_GPL(inter_copy_offload_enable); 36module_param(inter_copy_offload_enable, bool, 0644); 37MODULE_PARM_DESC(inter_copy_offload_enable, 38 "Enable inter server to server copy offload. Default: false"); 39 40extern struct svc_program nfsd_program; 41static int nfsd(void *vrqstp); 42#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 43static int nfsd_acl_rpcbind_set(struct net *, 44 const struct svc_program *, 45 u32, int, 46 unsigned short, 47 unsigned short); 48static __be32 nfsd_acl_init_request(struct svc_rqst *, 49 const struct svc_program *, 50 struct svc_process_info *); 51#endif 52static int nfsd_rpcbind_set(struct net *, 53 const struct svc_program *, 54 u32, int, 55 unsigned short, 56 unsigned short); 57static __be32 nfsd_init_request(struct svc_rqst *, 58 const struct svc_program *, 59 struct svc_process_info *); 60 61/* 62 * nfsd_mutex protects nn->nfsd_serv -- both the pointer itself and the members 63 * of the svc_serv struct. In particular, ->sv_nrthreads but also to some 64 * extent ->sv_temp_socks and ->sv_permsocks. It also protects nfsdstats.th_cnt 65 * 66 * If (out side the lock) nn->nfsd_serv is non-NULL, then it must point to a 67 * properly initialised 'struct svc_serv' with ->sv_nrthreads > 0. That number 68 * of nfsd threads must exist and each must listed in ->sp_all_threads in each 69 * entry of ->sv_pools[]. 70 * 71 * Transitions of the thread count between zero and non-zero are of particular 72 * interest since the svc_serv needs to be created and initialized at that 73 * point, or freed. 74 * 75 * Finally, the nfsd_mutex also protects some of the global variables that are 76 * accessed when nfsd starts and that are settable via the write_* routines in 77 * nfsctl.c. In particular: 78 * 79 * user_recovery_dirname 80 * user_lease_time 81 * nfsd_versions 82 */ 83DEFINE_MUTEX(nfsd_mutex); 84 85/* 86 * nfsd_drc_lock protects nfsd_drc_max_pages and nfsd_drc_pages_used. 87 * nfsd_drc_max_pages limits the total amount of memory available for 88 * version 4.1 DRC caches. 89 * nfsd_drc_pages_used tracks the current version 4.1 DRC memory usage. 90 */ 91spinlock_t nfsd_drc_lock; 92unsigned long nfsd_drc_max_mem; 93unsigned long nfsd_drc_mem_used; 94 95#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 96static struct svc_stat nfsd_acl_svcstats; 97static const struct svc_version *nfsd_acl_version[] = { 98 [2] = &nfsd_acl_version2, 99 [3] = &nfsd_acl_version3, 100}; 101 102#define NFSD_ACL_MINVERS 2 103#define NFSD_ACL_NRVERS ARRAY_SIZE(nfsd_acl_version) 104 105static struct svc_program nfsd_acl_program = { 106 .pg_prog = NFS_ACL_PROGRAM, 107 .pg_nvers = NFSD_ACL_NRVERS, 108 .pg_vers = nfsd_acl_version, 109 .pg_name = "nfsacl", 110 .pg_class = "nfsd", 111 .pg_stats = &nfsd_acl_svcstats, 112 .pg_authenticate = &svc_set_client, 113 .pg_init_request = nfsd_acl_init_request, 114 .pg_rpcbind_set = nfsd_acl_rpcbind_set, 115}; 116 117static struct svc_stat nfsd_acl_svcstats = { 118 .program = &nfsd_acl_program, 119}; 120#endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ 121 122static const struct svc_version *nfsd_version[] = { 123 [2] = &nfsd_version2, 124#if defined(CONFIG_NFSD_V3) 125 [3] = &nfsd_version3, 126#endif 127#if defined(CONFIG_NFSD_V4) 128 [4] = &nfsd_version4, 129#endif 130}; 131 132#define NFSD_MINVERS 2 133#define NFSD_NRVERS ARRAY_SIZE(nfsd_version) 134 135struct svc_program nfsd_program = { 136#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 137 .pg_next = &nfsd_acl_program, 138#endif 139 .pg_prog = NFS_PROGRAM, /* program number */ 140 .pg_nvers = NFSD_NRVERS, /* nr of entries in nfsd_version */ 141 .pg_vers = nfsd_version, /* version table */ 142 .pg_name = "nfsd", /* program name */ 143 .pg_class = "nfsd", /* authentication class */ 144 .pg_stats = &nfsd_svcstats, /* version table */ 145 .pg_authenticate = &svc_set_client, /* export authentication */ 146 .pg_init_request = nfsd_init_request, 147 .pg_rpcbind_set = nfsd_rpcbind_set, 148}; 149 150static bool 151nfsd_support_version(int vers) 152{ 153 if (vers >= NFSD_MINVERS && vers < NFSD_NRVERS) 154 return nfsd_version[vers] != NULL; 155 return false; 156} 157 158static bool * 159nfsd_alloc_versions(void) 160{ 161 bool *vers = kmalloc_array(NFSD_NRVERS, sizeof(bool), GFP_KERNEL); 162 unsigned i; 163 164 if (vers) { 165 /* All compiled versions are enabled by default */ 166 for (i = 0; i < NFSD_NRVERS; i++) 167 vers[i] = nfsd_support_version(i); 168 } 169 return vers; 170} 171 172static bool * 173nfsd_alloc_minorversions(void) 174{ 175 bool *vers = kmalloc_array(NFSD_SUPPORTED_MINOR_VERSION + 1, 176 sizeof(bool), GFP_KERNEL); 177 unsigned i; 178 179 if (vers) { 180 /* All minor versions are enabled by default */ 181 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) 182 vers[i] = nfsd_support_version(4); 183 } 184 return vers; 185} 186 187void 188nfsd_netns_free_versions(struct nfsd_net *nn) 189{ 190 kfree(nn->nfsd_versions); 191 kfree(nn->nfsd4_minorversions); 192 nn->nfsd_versions = NULL; 193 nn->nfsd4_minorversions = NULL; 194} 195 196static void 197nfsd_netns_init_versions(struct nfsd_net *nn) 198{ 199 if (!nn->nfsd_versions) { 200 nn->nfsd_versions = nfsd_alloc_versions(); 201 nn->nfsd4_minorversions = nfsd_alloc_minorversions(); 202 if (!nn->nfsd_versions || !nn->nfsd4_minorversions) 203 nfsd_netns_free_versions(nn); 204 } 205} 206 207int nfsd_vers(struct nfsd_net *nn, int vers, enum vers_op change) 208{ 209 if (vers < NFSD_MINVERS || vers >= NFSD_NRVERS) 210 return 0; 211 switch(change) { 212 case NFSD_SET: 213 if (nn->nfsd_versions) 214 nn->nfsd_versions[vers] = nfsd_support_version(vers); 215 break; 216 case NFSD_CLEAR: 217 nfsd_netns_init_versions(nn); 218 if (nn->nfsd_versions) 219 nn->nfsd_versions[vers] = false; 220 break; 221 case NFSD_TEST: 222 if (nn->nfsd_versions) 223 return nn->nfsd_versions[vers]; 224 fallthrough; 225 case NFSD_AVAIL: 226 return nfsd_support_version(vers); 227 } 228 return 0; 229} 230 231static void 232nfsd_adjust_nfsd_versions4(struct nfsd_net *nn) 233{ 234 unsigned i; 235 236 for (i = 0; i <= NFSD_SUPPORTED_MINOR_VERSION; i++) { 237 if (nn->nfsd4_minorversions[i]) 238 return; 239 } 240 nfsd_vers(nn, 4, NFSD_CLEAR); 241} 242 243int nfsd_minorversion(struct nfsd_net *nn, u32 minorversion, enum vers_op change) 244{ 245 if (minorversion > NFSD_SUPPORTED_MINOR_VERSION && 246 change != NFSD_AVAIL) 247 return -1; 248 249 switch(change) { 250 case NFSD_SET: 251 if (nn->nfsd4_minorversions) { 252 nfsd_vers(nn, 4, NFSD_SET); 253 nn->nfsd4_minorversions[minorversion] = 254 nfsd_vers(nn, 4, NFSD_TEST); 255 } 256 break; 257 case NFSD_CLEAR: 258 nfsd_netns_init_versions(nn); 259 if (nn->nfsd4_minorversions) { 260 nn->nfsd4_minorversions[minorversion] = false; 261 nfsd_adjust_nfsd_versions4(nn); 262 } 263 break; 264 case NFSD_TEST: 265 if (nn->nfsd4_minorversions) 266 return nn->nfsd4_minorversions[minorversion]; 267 return nfsd_vers(nn, 4, NFSD_TEST); 268 case NFSD_AVAIL: 269 return minorversion <= NFSD_SUPPORTED_MINOR_VERSION && 270 nfsd_vers(nn, 4, NFSD_AVAIL); 271 } 272 return 0; 273} 274 275/* 276 * Maximum number of nfsd processes 277 */ 278#define NFSD_MAXSERVS 8192 279 280int nfsd_nrthreads(struct net *net) 281{ 282 int rv = 0; 283 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 284 285 mutex_lock(&nfsd_mutex); 286 if (nn->nfsd_serv) 287 rv = nn->nfsd_serv->sv_nrthreads; 288 mutex_unlock(&nfsd_mutex); 289 return rv; 290} 291 292static int nfsd_init_socks(struct net *net, const struct cred *cred) 293{ 294 int error; 295 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 296 297 if (!list_empty(&nn->nfsd_serv->sv_permsocks)) 298 return 0; 299 300 error = svc_create_xprt(nn->nfsd_serv, "udp", net, PF_INET, NFS_PORT, 301 SVC_SOCK_DEFAULTS, cred); 302 if (error < 0) 303 return error; 304 305 error = svc_create_xprt(nn->nfsd_serv, "tcp", net, PF_INET, NFS_PORT, 306 SVC_SOCK_DEFAULTS, cred); 307 if (error < 0) 308 return error; 309 310 return 0; 311} 312 313static int nfsd_users = 0; 314 315static int nfsd_startup_generic(int nrservs) 316{ 317 int ret; 318 319 if (nfsd_users++) 320 return 0; 321 322 ret = nfsd_file_cache_init(); 323 if (ret) 324 goto dec_users; 325 326 ret = nfs4_state_start(); 327 if (ret) 328 goto out_file_cache; 329 return 0; 330 331out_file_cache: 332 nfsd_file_cache_shutdown(); 333dec_users: 334 nfsd_users--; 335 return ret; 336} 337 338static void nfsd_shutdown_generic(void) 339{ 340 if (--nfsd_users) 341 return; 342 343 nfs4_state_shutdown(); 344 nfsd_file_cache_shutdown(); 345} 346 347static bool nfsd_needs_lockd(struct nfsd_net *nn) 348{ 349 return nfsd_vers(nn, 2, NFSD_TEST) || nfsd_vers(nn, 3, NFSD_TEST); 350} 351 352void nfsd_copy_boot_verifier(__be32 verf[2], struct nfsd_net *nn) 353{ 354 int seq = 0; 355 356 do { 357 read_seqbegin_or_lock(&nn->boot_lock, &seq); 358 /* 359 * This is opaque to client, so no need to byte-swap. Use 360 * __force to keep sparse happy. y2038 time_t overflow is 361 * irrelevant in this usage 362 */ 363 verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec; 364 verf[1] = (__force __be32)nn->nfssvc_boot.tv_nsec; 365 } while (need_seqretry(&nn->boot_lock, seq)); 366 done_seqretry(&nn->boot_lock, seq); 367} 368 369static void nfsd_reset_boot_verifier_locked(struct nfsd_net *nn) 370{ 371 ktime_get_real_ts64(&nn->nfssvc_boot); 372} 373 374void nfsd_reset_boot_verifier(struct nfsd_net *nn) 375{ 376 write_seqlock(&nn->boot_lock); 377 nfsd_reset_boot_verifier_locked(nn); 378 write_sequnlock(&nn->boot_lock); 379} 380 381static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cred) 382{ 383 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 384 int ret; 385 386 if (nn->nfsd_net_up) 387 return 0; 388 389 ret = nfsd_startup_generic(nrservs); 390 if (ret) 391 return ret; 392 ret = nfsd_init_socks(net, cred); 393 if (ret) 394 goto out_socks; 395 396 if (nfsd_needs_lockd(nn) && !nn->lockd_up) { 397 ret = lockd_up(net, cred); 398 if (ret) 399 goto out_socks; 400 nn->lockd_up = true; 401 } 402 403 ret = nfsd_file_cache_start_net(net); 404 if (ret) 405 goto out_lockd; 406 ret = nfs4_state_start_net(net); 407 if (ret) 408 goto out_filecache; 409 410 nn->nfsd_net_up = true; 411 return 0; 412 413out_filecache: 414 nfsd_file_cache_shutdown_net(net); 415out_lockd: 416 if (nn->lockd_up) { 417 lockd_down(net); 418 nn->lockd_up = false; 419 } 420out_socks: 421 nfsd_shutdown_generic(); 422 return ret; 423} 424 425static void nfsd_shutdown_net(struct net *net) 426{ 427 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 428 429 nfs4_state_shutdown_net(net); 430 nfsd_file_cache_shutdown_net(net); 431 if (nn->lockd_up) { 432 lockd_down(net); 433 nn->lockd_up = false; 434 } 435 nn->nfsd_net_up = false; 436 nfsd_shutdown_generic(); 437} 438 439static int nfsd_inetaddr_event(struct notifier_block *this, unsigned long event, 440 void *ptr) 441{ 442 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 443 struct net_device *dev = ifa->ifa_dev->dev; 444 struct net *net = dev_net(dev); 445 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 446 struct sockaddr_in sin; 447 448 if ((event != NETDEV_DOWN) || 449 !atomic_inc_not_zero(&nn->ntf_refcnt)) 450 goto out; 451 452 if (nn->nfsd_serv) { 453 dprintk("nfsd_inetaddr_event: removed %pI4\n", &ifa->ifa_local); 454 sin.sin_family = AF_INET; 455 sin.sin_addr.s_addr = ifa->ifa_local; 456 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin); 457 } 458 atomic_dec(&nn->ntf_refcnt); 459 wake_up(&nn->ntf_wq); 460 461out: 462 return NOTIFY_DONE; 463} 464 465static struct notifier_block nfsd_inetaddr_notifier = { 466 .notifier_call = nfsd_inetaddr_event, 467}; 468 469#if IS_ENABLED(CONFIG_IPV6) 470static int nfsd_inet6addr_event(struct notifier_block *this, 471 unsigned long event, void *ptr) 472{ 473 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; 474 struct net_device *dev = ifa->idev->dev; 475 struct net *net = dev_net(dev); 476 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 477 struct sockaddr_in6 sin6; 478 479 if ((event != NETDEV_DOWN) || 480 !atomic_inc_not_zero(&nn->ntf_refcnt)) 481 goto out; 482 483 if (nn->nfsd_serv) { 484 dprintk("nfsd_inet6addr_event: removed %pI6\n", &ifa->addr); 485 sin6.sin6_family = AF_INET6; 486 sin6.sin6_addr = ifa->addr; 487 if (ipv6_addr_type(&sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL) 488 sin6.sin6_scope_id = ifa->idev->dev->ifindex; 489 svc_age_temp_xprts_now(nn->nfsd_serv, (struct sockaddr *)&sin6); 490 } 491 atomic_dec(&nn->ntf_refcnt); 492 wake_up(&nn->ntf_wq); 493out: 494 return NOTIFY_DONE; 495} 496 497static struct notifier_block nfsd_inet6addr_notifier = { 498 .notifier_call = nfsd_inet6addr_event, 499}; 500#endif 501 502/* Only used under nfsd_mutex, so this atomic may be overkill: */ 503static atomic_t nfsd_notifier_refcount = ATOMIC_INIT(0); 504 505static void nfsd_last_thread(struct svc_serv *serv, struct net *net) 506{ 507 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 508 509 atomic_dec(&nn->ntf_refcnt); 510 /* check if the notifier still has clients */ 511 if (atomic_dec_return(&nfsd_notifier_refcount) == 0) { 512 unregister_inetaddr_notifier(&nfsd_inetaddr_notifier); 513#if IS_ENABLED(CONFIG_IPV6) 514 unregister_inet6addr_notifier(&nfsd_inet6addr_notifier); 515#endif 516 } 517 wait_event(nn->ntf_wq, atomic_read(&nn->ntf_refcnt) == 0); 518 519 /* 520 * write_ports can create the server without actually starting 521 * any threads--if we get shut down before any threads are 522 * started, then nfsd_last_thread will be run before any of this 523 * other initialization has been done except the rpcb information. 524 */ 525 svc_rpcb_cleanup(serv, net); 526 if (!nn->nfsd_net_up) 527 return; 528 529 nfsd_shutdown_net(net); 530 pr_info("nfsd: last server has exited, flushing export cache\n"); 531 nfsd_export_flush(net); 532} 533 534void nfsd_reset_versions(struct nfsd_net *nn) 535{ 536 int i; 537 538 for (i = 0; i < NFSD_NRVERS; i++) 539 if (nfsd_vers(nn, i, NFSD_TEST)) 540 return; 541 542 for (i = 0; i < NFSD_NRVERS; i++) 543 if (i != 4) 544 nfsd_vers(nn, i, NFSD_SET); 545 else { 546 int minor = 0; 547 while (nfsd_minorversion(nn, minor, NFSD_SET) >= 0) 548 minor++; 549 } 550} 551 552/* 553 * Each session guarantees a negotiated per slot memory cache for replies 554 * which in turn consumes memory beyond the v2/v3/v4.0 server. A dedicated 555 * NFSv4.1 server might want to use more memory for a DRC than a machine 556 * with mutiple services. 557 * 558 * Impose a hard limit on the number of pages for the DRC which varies 559 * according to the machines free pages. This is of course only a default. 560 * 561 * For now this is a #defined shift which could be under admin control 562 * in the future. 563 */ 564static void set_max_drc(void) 565{ 566 #define NFSD_DRC_SIZE_SHIFT 7 567 nfsd_drc_max_mem = (nr_free_buffer_pages() 568 >> NFSD_DRC_SIZE_SHIFT) * PAGE_SIZE; 569 nfsd_drc_mem_used = 0; 570 spin_lock_init(&nfsd_drc_lock); 571 dprintk("%s nfsd_drc_max_mem %lu \n", __func__, nfsd_drc_max_mem); 572} 573 574static int nfsd_get_default_max_blksize(void) 575{ 576 struct sysinfo i; 577 unsigned long long target; 578 unsigned long ret; 579 580 si_meminfo(&i); 581 target = (i.totalram - i.totalhigh) << PAGE_SHIFT; 582 /* 583 * Aim for 1/4096 of memory per thread This gives 1MB on 4Gig 584 * machines, but only uses 32K on 128M machines. Bottom out at 585 * 8K on 32M and smaller. Of course, this is only a default. 586 */ 587 target >>= 12; 588 589 ret = NFSSVC_MAXBLKSIZE; 590 while (ret > target && ret >= 8*1024*2) 591 ret /= 2; 592 return ret; 593} 594 595static const struct svc_serv_ops nfsd_thread_sv_ops = { 596 .svo_shutdown = nfsd_last_thread, 597 .svo_function = nfsd, 598 .svo_enqueue_xprt = svc_xprt_do_enqueue, 599 .svo_setup = svc_set_num_threads, 600 .svo_module = THIS_MODULE, 601}; 602 603static void nfsd_complete_shutdown(struct net *net) 604{ 605 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 606 607 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 608 609 nn->nfsd_serv = NULL; 610 complete(&nn->nfsd_shutdown_complete); 611} 612 613void nfsd_shutdown_threads(struct net *net) 614{ 615 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 616 struct svc_serv *serv; 617 618 mutex_lock(&nfsd_mutex); 619 serv = nn->nfsd_serv; 620 if (serv == NULL) { 621 mutex_unlock(&nfsd_mutex); 622 return; 623 } 624 625 svc_get(serv); 626 /* Kill outstanding nfsd threads */ 627 serv->sv_ops->svo_setup(serv, NULL, 0); 628 nfsd_destroy(net); 629 mutex_unlock(&nfsd_mutex); 630 /* Wait for shutdown of nfsd_serv to complete */ 631 wait_for_completion(&nn->nfsd_shutdown_complete); 632} 633 634bool i_am_nfsd(void) 635{ 636 return kthread_func(current) == nfsd; 637} 638 639int nfsd_create_serv(struct net *net) 640{ 641 int error; 642 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 643 644 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 645 if (nn->nfsd_serv) { 646 svc_get(nn->nfsd_serv); 647 return 0; 648 } 649 if (nfsd_max_blksize == 0) 650 nfsd_max_blksize = nfsd_get_default_max_blksize(); 651 nfsd_reset_versions(nn); 652 nn->nfsd_serv = svc_create_pooled(&nfsd_program, nfsd_max_blksize, 653 &nfsd_thread_sv_ops); 654 if (nn->nfsd_serv == NULL) 655 return -ENOMEM; 656 init_completion(&nn->nfsd_shutdown_complete); 657 658 nn->nfsd_serv->sv_maxconn = nn->max_connections; 659 error = svc_bind(nn->nfsd_serv, net); 660 if (error < 0) { 661 svc_destroy(nn->nfsd_serv); 662 nfsd_complete_shutdown(net); 663 return error; 664 } 665 666 set_max_drc(); 667 /* check if the notifier is already set */ 668 if (atomic_inc_return(&nfsd_notifier_refcount) == 1) { 669 register_inetaddr_notifier(&nfsd_inetaddr_notifier); 670#if IS_ENABLED(CONFIG_IPV6) 671 register_inet6addr_notifier(&nfsd_inet6addr_notifier); 672#endif 673 } 674 atomic_inc(&nn->ntf_refcnt); 675 nfsd_reset_boot_verifier(nn); 676 return 0; 677} 678 679int nfsd_nrpools(struct net *net) 680{ 681 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 682 683 if (nn->nfsd_serv == NULL) 684 return 0; 685 else 686 return nn->nfsd_serv->sv_nrpools; 687} 688 689int nfsd_get_nrthreads(int n, int *nthreads, struct net *net) 690{ 691 int i = 0; 692 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 693 694 if (nn->nfsd_serv != NULL) { 695 for (i = 0; i < nn->nfsd_serv->sv_nrpools && i < n; i++) 696 nthreads[i] = nn->nfsd_serv->sv_pools[i].sp_nrthreads; 697 } 698 699 return 0; 700} 701 702void nfsd_destroy(struct net *net) 703{ 704 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 705 int destroy = (nn->nfsd_serv->sv_nrthreads == 1); 706 707 if (destroy) 708 svc_shutdown_net(nn->nfsd_serv, net); 709 svc_destroy(nn->nfsd_serv); 710 if (destroy) 711 nfsd_complete_shutdown(net); 712} 713 714int nfsd_set_nrthreads(int n, int *nthreads, struct net *net) 715{ 716 int i = 0; 717 int tot = 0; 718 int err = 0; 719 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 720 721 WARN_ON(!mutex_is_locked(&nfsd_mutex)); 722 723 if (nn->nfsd_serv == NULL || n <= 0) 724 return 0; 725 726 if (n > nn->nfsd_serv->sv_nrpools) 727 n = nn->nfsd_serv->sv_nrpools; 728 729 /* enforce a global maximum number of threads */ 730 tot = 0; 731 for (i = 0; i < n; i++) { 732 nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); 733 tot += nthreads[i]; 734 } 735 if (tot > NFSD_MAXSERVS) { 736 /* total too large: scale down requested numbers */ 737 for (i = 0; i < n && tot > 0; i++) { 738 int new = nthreads[i] * NFSD_MAXSERVS / tot; 739 tot -= (nthreads[i] - new); 740 nthreads[i] = new; 741 } 742 for (i = 0; i < n && tot > 0; i++) { 743 nthreads[i]--; 744 tot--; 745 } 746 } 747 748 /* 749 * There must always be a thread in pool 0; the admin 750 * can't shut down NFS completely using pool_threads. 751 */ 752 if (nthreads[0] == 0) 753 nthreads[0] = 1; 754 755 /* apply the new numbers */ 756 svc_get(nn->nfsd_serv); 757 for (i = 0; i < n; i++) { 758 err = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv, 759 &nn->nfsd_serv->sv_pools[i], nthreads[i]); 760 if (err) 761 break; 762 } 763 nfsd_destroy(net); 764 return err; 765} 766 767/* 768 * Adjust the number of threads and return the new number of threads. 769 * This is also the function that starts the server if necessary, if 770 * this is the first time nrservs is nonzero. 771 */ 772int 773nfsd_svc(int nrservs, struct net *net, const struct cred *cred) 774{ 775 int error; 776 bool nfsd_up_before; 777 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 778 779 mutex_lock(&nfsd_mutex); 780 dprintk("nfsd: creating service\n"); 781 782 nrservs = max(nrservs, 0); 783 nrservs = min(nrservs, NFSD_MAXSERVS); 784 error = 0; 785 786 if (nrservs == 0 && nn->nfsd_serv == NULL) 787 goto out; 788 789 strlcpy(nn->nfsd_name, utsname()->nodename, 790 sizeof(nn->nfsd_name)); 791 792 error = nfsd_create_serv(net); 793 if (error) 794 goto out; 795 796 nfsd_up_before = nn->nfsd_net_up; 797 798 error = nfsd_startup_net(nrservs, net, cred); 799 if (error) 800 goto out_destroy; 801 error = nn->nfsd_serv->sv_ops->svo_setup(nn->nfsd_serv, 802 NULL, nrservs); 803 if (error) 804 goto out_shutdown; 805 /* We are holding a reference to nn->nfsd_serv which 806 * we don't want to count in the return value, 807 * so subtract 1 808 */ 809 error = nn->nfsd_serv->sv_nrthreads - 1; 810out_shutdown: 811 if (error < 0 && !nfsd_up_before) 812 nfsd_shutdown_net(net); 813out_destroy: 814 nfsd_destroy(net); /* Release server */ 815out: 816 mutex_unlock(&nfsd_mutex); 817 return error; 818} 819 820#if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) 821static bool 822nfsd_support_acl_version(int vers) 823{ 824 if (vers >= NFSD_ACL_MINVERS && vers < NFSD_ACL_NRVERS) 825 return nfsd_acl_version[vers] != NULL; 826 return false; 827} 828 829static int 830nfsd_acl_rpcbind_set(struct net *net, const struct svc_program *progp, 831 u32 version, int family, unsigned short proto, 832 unsigned short port) 833{ 834 if (!nfsd_support_acl_version(version) || 835 !nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 836 return 0; 837 return svc_generic_rpcbind_set(net, progp, version, family, 838 proto, port); 839} 840 841static __be32 842nfsd_acl_init_request(struct svc_rqst *rqstp, 843 const struct svc_program *progp, 844 struct svc_process_info *ret) 845{ 846 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 847 int i; 848 849 if (likely(nfsd_support_acl_version(rqstp->rq_vers) && 850 nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 851 return svc_generic_init_request(rqstp, progp, ret); 852 853 ret->mismatch.lovers = NFSD_ACL_NRVERS; 854 for (i = NFSD_ACL_MINVERS; i < NFSD_ACL_NRVERS; i++) { 855 if (nfsd_support_acl_version(rqstp->rq_vers) && 856 nfsd_vers(nn, i, NFSD_TEST)) { 857 ret->mismatch.lovers = i; 858 break; 859 } 860 } 861 if (ret->mismatch.lovers == NFSD_ACL_NRVERS) 862 return rpc_prog_unavail; 863 ret->mismatch.hivers = NFSD_ACL_MINVERS; 864 for (i = NFSD_ACL_NRVERS - 1; i >= NFSD_ACL_MINVERS; i--) { 865 if (nfsd_support_acl_version(rqstp->rq_vers) && 866 nfsd_vers(nn, i, NFSD_TEST)) { 867 ret->mismatch.hivers = i; 868 break; 869 } 870 } 871 return rpc_prog_mismatch; 872} 873#endif 874 875static int 876nfsd_rpcbind_set(struct net *net, const struct svc_program *progp, 877 u32 version, int family, unsigned short proto, 878 unsigned short port) 879{ 880 if (!nfsd_vers(net_generic(net, nfsd_net_id), version, NFSD_TEST)) 881 return 0; 882 return svc_generic_rpcbind_set(net, progp, version, family, 883 proto, port); 884} 885 886static __be32 887nfsd_init_request(struct svc_rqst *rqstp, 888 const struct svc_program *progp, 889 struct svc_process_info *ret) 890{ 891 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 892 int i; 893 894 if (likely(nfsd_vers(nn, rqstp->rq_vers, NFSD_TEST))) 895 return svc_generic_init_request(rqstp, progp, ret); 896 897 ret->mismatch.lovers = NFSD_NRVERS; 898 for (i = NFSD_MINVERS; i < NFSD_NRVERS; i++) { 899 if (nfsd_vers(nn, i, NFSD_TEST)) { 900 ret->mismatch.lovers = i; 901 break; 902 } 903 } 904 if (ret->mismatch.lovers == NFSD_NRVERS) 905 return rpc_prog_unavail; 906 ret->mismatch.hivers = NFSD_MINVERS; 907 for (i = NFSD_NRVERS - 1; i >= NFSD_MINVERS; i--) { 908 if (nfsd_vers(nn, i, NFSD_TEST)) { 909 ret->mismatch.hivers = i; 910 break; 911 } 912 } 913 return rpc_prog_mismatch; 914} 915 916/* 917 * This is the NFS server kernel thread 918 */ 919static int 920nfsd(void *vrqstp) 921{ 922 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; 923 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); 924 struct net *net = perm_sock->xpt_net; 925 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 926 int err; 927 928 /* Lock module and set up kernel thread */ 929 mutex_lock(&nfsd_mutex); 930 931 /* At this point, the thread shares current->fs 932 * with the init process. We need to create files with the 933 * umask as defined by the client instead of init's umask. */ 934 if (unshare_fs_struct() < 0) { 935 printk("Unable to start nfsd thread: out of memory\n"); 936 goto out; 937 } 938 939 current->fs->umask = 0; 940 941 /* 942 * thread is spawned with all signals set to SIG_IGN, re-enable 943 * the ones that will bring down the thread 944 */ 945 allow_signal(SIGKILL); 946 allow_signal(SIGHUP); 947 allow_signal(SIGINT); 948 allow_signal(SIGQUIT); 949 950 nfsdstats.th_cnt++; 951 mutex_unlock(&nfsd_mutex); 952 953 set_freezable(); 954 955 /* 956 * The main request loop 957 */ 958 for (;;) { 959 /* Update sv_maxconn if it has changed */ 960 rqstp->rq_server->sv_maxconn = nn->max_connections; 961 962 /* 963 * Find a socket with data available and call its 964 * recvfrom routine. 965 */ 966 while ((err = svc_recv(rqstp, 60*60*HZ)) == -EAGAIN) 967 ; 968 if (err == -EINTR) 969 break; 970 validate_process_creds(); 971 svc_process(rqstp); 972 validate_process_creds(); 973 } 974 975 /* Clear signals before calling svc_exit_thread() */ 976 flush_signals(current); 977 978 mutex_lock(&nfsd_mutex); 979 nfsdstats.th_cnt --; 980 981out: 982 rqstp->rq_server = NULL; 983 984 /* Release the thread */ 985 svc_exit_thread(rqstp); 986 987 nfsd_destroy(net); 988 989 /* Release module */ 990 mutex_unlock(&nfsd_mutex); 991 module_put_and_exit(0); 992 return 0; 993} 994 995/* 996 * A write procedure can have a large argument, and a read procedure can 997 * have a large reply, but no NFSv2 or NFSv3 procedure has argument and 998 * reply that can both be larger than a page. The xdr code has taken 999 * advantage of this assumption to be a sloppy about bounds checking in 1000 * some cases. Pending a rewrite of the NFSv2/v3 xdr code to fix that 1001 * problem, we enforce these assumptions here: 1002 */ 1003static bool nfs_request_too_big(struct svc_rqst *rqstp, 1004 const struct svc_procedure *proc) 1005{ 1006 /* 1007 * The ACL code has more careful bounds-checking and is not 1008 * susceptible to this problem: 1009 */ 1010 if (rqstp->rq_prog != NFS_PROGRAM) 1011 return false; 1012 /* 1013 * Ditto NFSv4 (which can in theory have argument and reply both 1014 * more than a page): 1015 */ 1016 if (rqstp->rq_vers >= 4) 1017 return false; 1018 /* The reply will be small, we're OK: */ 1019 if (proc->pc_xdrressize > 0 && 1020 proc->pc_xdrressize < XDR_QUADLEN(PAGE_SIZE)) 1021 return false; 1022 1023 return rqstp->rq_arg.len > PAGE_SIZE; 1024} 1025 1026/** 1027 * nfsd_dispatch - Process an NFS or NFSACL Request 1028 * @rqstp: incoming request 1029 * @statp: pointer to location of accept_stat field in RPC Reply buffer 1030 * 1031 * This RPC dispatcher integrates the NFS server's duplicate reply cache. 1032 * 1033 * Return values: 1034 * %0: Processing complete; do not send a Reply 1035 * %1: Processing complete; send Reply in rqstp->rq_res 1036 */ 1037int nfsd_dispatch(struct svc_rqst *rqstp, __be32 *statp) 1038{ 1039 const struct svc_procedure *proc = rqstp->rq_procinfo; 1040 struct kvec *argv = &rqstp->rq_arg.head[0]; 1041 struct kvec *resv = &rqstp->rq_res.head[0]; 1042 __be32 *p; 1043 1044 dprintk("nfsd_dispatch: vers %d proc %d\n", 1045 rqstp->rq_vers, rqstp->rq_proc); 1046 1047 if (nfs_request_too_big(rqstp, proc)) 1048 goto out_too_large; 1049 1050 /* 1051 * Give the xdr decoder a chance to change this if it wants 1052 * (necessary in the NFSv4.0 compound case) 1053 */ 1054 rqstp->rq_cachetype = proc->pc_cachetype; 1055 if (!proc->pc_decode(rqstp, argv->iov_base)) 1056 goto out_decode_err; 1057 1058 switch (nfsd_cache_lookup(rqstp)) { 1059 case RC_DOIT: 1060 break; 1061 case RC_REPLY: 1062 goto out_cached_reply; 1063 case RC_DROPIT: 1064 goto out_dropit; 1065 } 1066 1067 /* 1068 * Need to grab the location to store the status, as 1069 * NFSv4 does some encoding while processing 1070 */ 1071 p = resv->iov_base + resv->iov_len; 1072 resv->iov_len += sizeof(__be32); 1073 1074 *statp = proc->pc_func(rqstp); 1075 if (*statp == rpc_drop_reply || test_bit(RQ_DROPME, &rqstp->rq_flags)) 1076 goto out_update_drop; 1077 1078 if (!proc->pc_encode(rqstp, p)) 1079 goto out_encode_err; 1080 1081 nfsd_cache_update(rqstp, rqstp->rq_cachetype, statp + 1); 1082out_cached_reply: 1083 return 1; 1084 1085out_too_large: 1086 dprintk("nfsd: NFSv%d argument too large\n", rqstp->rq_vers); 1087 *statp = rpc_garbage_args; 1088 return 1; 1089 1090out_decode_err: 1091 dprintk("nfsd: failed to decode arguments!\n"); 1092 *statp = rpc_garbage_args; 1093 return 1; 1094 1095out_update_drop: 1096 dprintk("nfsd: Dropping request; may be revisited later\n"); 1097 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1098out_dropit: 1099 return 0; 1100 1101out_encode_err: 1102 dprintk("nfsd: failed to encode result!\n"); 1103 nfsd_cache_update(rqstp, RC_NOCACHE, NULL); 1104 *statp = rpc_system_err; 1105 return 1; 1106} 1107 1108int nfsd_pool_stats_open(struct inode *inode, struct file *file) 1109{ 1110 int ret; 1111 struct nfsd_net *nn = net_generic(inode->i_sb->s_fs_info, nfsd_net_id); 1112 1113 mutex_lock(&nfsd_mutex); 1114 if (nn->nfsd_serv == NULL) { 1115 mutex_unlock(&nfsd_mutex); 1116 return -ENODEV; 1117 } 1118 /* bump up the psudo refcount while traversing */ 1119 svc_get(nn->nfsd_serv); 1120 ret = svc_pool_stats_open(nn->nfsd_serv, file); 1121 mutex_unlock(&nfsd_mutex); 1122 return ret; 1123} 1124 1125int nfsd_pool_stats_release(struct inode *inode, struct file *file) 1126{ 1127 int ret = seq_release(inode, file); 1128 struct net *net = inode->i_sb->s_fs_info; 1129 1130 mutex_lock(&nfsd_mutex); 1131 /* this function really, really should have been called svc_put() */ 1132 nfsd_destroy(net); 1133 mutex_unlock(&nfsd_mutex); 1134 return ret; 1135} 1136