projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nfsd: nfs4_alloc_init_lease should take a nfs4_file arg
[linux-2.6-block.git] / fs / nfsd / nfs4state.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2* Copyright (c) 2001 The Regents of the University of Michigan.
3* All rights reserved.
4*
5* Kendrick Smith <kmsmith@umich.edu>
6* Andy Adamson <kandros@umich.edu>
7*
8* Redistribution and use in source and binary forms, with or without
9* modification, are permitted provided that the following conditions
10* are met:
11*
12* 1. Redistributions of source code must retain the above copyright
13* notice, this list of conditions and the following disclaimer.
14* 2. Redistributions in binary form must reproduce the above copyright
15* notice, this list of conditions and the following disclaimer in the
16* documentation and/or other materials provided with the distribution.
17* 3. Neither the name of the University nor the names of its
18* contributors may be used to endorse or promote products derived
19* from this software without specific prior written permission.
20*
21* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32*
33*/
34
aceaf78d 35#include <linux/file.h>
b89f4321 36#include <linux/fs.h>
5a0e3ad6 37#include <linux/slab.h>
0964a3d3 38#include <linux/namei.h>
c2f1a551 39#include <linux/swap.h>
17456804 40#include <linux/pagemap.h>
7df302f7 41#include <linux/ratelimit.h>
68e76ad0 42#include <linux/sunrpc/svcauth_gss.h>
5976687a 43#include <linux/sunrpc/addr.h>
6282cd56 44#include <linux/hash.h>
9a74af21 45#include "xdr4.h"
06b332a5 46#include "xdr4cb.h"
0a3adade 47#include "vfs.h"
bfa4b365 48#include "current_stateid.h"
1da177e4 49
5e1533c7
SK		 50#include "netns.h"
51
1da177e4
LT		 52#define NFSDDBG_FACILITY NFSDDBG_PROC
53
f32f3c2d
BF		 54#define all_ones {{~0,~0},~0}
55static const stateid_t one_stateid = {
56 .si_generation = ~0,
57 .si_opaque = all_ones,
58};
59static const stateid_t zero_stateid = {
60 /* all fields zero */
61};
19ff0f28
TM		 62static const stateid_t currentstateid = {
63 .si_generation = 1,
64};
f32f3c2d 65
ec6b5d7b 66static u64 current_sessionid = 1;
fd39ca9a 67
f32f3c2d
BF		 68#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
69#define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
19ff0f28 70#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
1da177e4 71
1da177e4 72/* forward declarations */
fe0750e5 73static int check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner);
1da177e4 74
8b671b80
BF		 75/* Locking: */
76
77/* Currently used for almost all code touching nfsv4 state: */
353ab6e9 78static DEFINE_MUTEX(client_mutex);
1da177e4 79
8b671b80
BF		 80/*
81 * Currently used for the del_recall_lru and file hash table. In an
82 * effort to decrease the scope of the client_mutex, this spinlock may
83 * eventually cover more:
84 */
cdc97505 85static DEFINE_SPINLOCK(state_lock);
8b671b80 86
abf1135b
CH		 87static struct kmem_cache *openowner_slab;
88static struct kmem_cache *lockowner_slab;
89static struct kmem_cache *file_slab;
90static struct kmem_cache *stateid_slab;
91static struct kmem_cache *deleg_slab;
e60d4398 92
1da177e4
LT		 93void
94nfs4_lock_state(void)
95{
353ab6e9 96 mutex_lock(&client_mutex);
1da177e4
LT		 97}
98
66b2b9b2 99static void free_session(struct nfsd4_session *);
508dc6e1 100
f0f51f5c 101static bool is_session_dead(struct nfsd4_session *ses)
66b2b9b2 102{
f0f51f5c 103 return ses->se_flags & NFS4_SESSION_DEAD;
66b2b9b2
BF		 104}
105
f0f51f5c 106static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me)
508dc6e1 107{
f0f51f5c 108 if (atomic_read(&ses->se_ref) > ref_held_by_me)
66b2b9b2
BF		 109 return nfserr_jukebox;
110 ses->se_flags |= NFS4_SESSION_DEAD;
111 return nfs_ok;
508dc6e1
BH		 112}
113
1da177e4
LT		 114void
115nfs4_unlock_state(void)
116{
353ab6e9 117 mutex_unlock(&client_mutex);
1da177e4
LT		 118}
119
221a6876
BF		 120static bool is_client_expired(struct nfs4_client *clp)
121{
122 return clp->cl_time == 0;
123}
124
125static __be32 mark_client_expired_locked(struct nfs4_client *clp)
126{
127 if (atomic_read(&clp->cl_refcount))
128 return nfserr_jukebox;
129 clp->cl_time = 0;
130 return nfs_ok;
131}
132
133static __be32 mark_client_expired(struct nfs4_client *clp)
134{
135 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
136 __be32 ret;
137
138 spin_lock(&nn->client_lock);
139 ret = mark_client_expired_locked(clp);
140 spin_unlock(&nn->client_lock);
141 return ret;
142}
143
144static __be32 get_client_locked(struct nfs4_client *clp)
145{
146 if (is_client_expired(clp))
147 return nfserr_expired;
148 atomic_inc(&clp->cl_refcount);
149 return nfs_ok;
150}
151
152/* must be called under the client_lock */
153static inline void
154renew_client_locked(struct nfs4_client *clp)
155{
156 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
157
158 if (is_client_expired(clp)) {
159 WARN_ON(1);
160 printk("%s: client (clientid %08x/%08x) already expired\n",
161 __func__,
162 clp->cl_clientid.cl_boot,
163 clp->cl_clientid.cl_id);
164 return;
165 }
166
167 dprintk("renewing client (clientid %08x/%08x)\n",
168 clp->cl_clientid.cl_boot,
169 clp->cl_clientid.cl_id);
170 list_move_tail(&clp->cl_lru, &nn->client_lru);
171 clp->cl_time = get_seconds();
172}
173
174static inline void
175renew_client(struct nfs4_client *clp)
176{
177 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
178
179 spin_lock(&nn->client_lock);
180 renew_client_locked(clp);
181 spin_unlock(&nn->client_lock);
182}
183
ba138435 184static void put_client_renew_locked(struct nfs4_client *clp)
221a6876
BF		 185{
186 if (!atomic_dec_and_test(&clp->cl_refcount))
187 return;
188 if (!is_client_expired(clp))
189 renew_client_locked(clp);
190}
191
4b24ca7d
JL		 192static void put_client_renew(struct nfs4_client *clp)
193{
194 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
195
d6c249b4
JL		 196 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock))
197 return;
198 if (!is_client_expired(clp))
199 renew_client_locked(clp);
4b24ca7d
JL		 200 spin_unlock(&nn->client_lock);
201}
202
d4e19e70
TM		 203static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses)
204{
205 __be32 status;
206
207 if (is_session_dead(ses))
208 return nfserr_badsession;
209 status = get_client_locked(ses->se_client);
210 if (status)
211 return status;
212 atomic_inc(&ses->se_ref);
213 return nfs_ok;
214}
215
216static void nfsd4_put_session_locked(struct nfsd4_session *ses)
217{
218 struct nfs4_client *clp = ses->se_client;
219
220 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses))
221 free_session(ses);
222 put_client_renew_locked(clp);
223}
224
225static void nfsd4_put_session(struct nfsd4_session *ses)
226{
227 struct nfs4_client *clp = ses->se_client;
228 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
229
230 spin_lock(&nn->client_lock);
231 nfsd4_put_session_locked(ses);
232 spin_unlock(&nn->client_lock);
233}
234
235
1da177e4
LT		 236static inline u32
237opaque_hashval(const void *ptr, int nbytes)
238{
239 unsigned char *cptr = (unsigned char *) ptr;
240
241 u32 x = 0;
242 while (nbytes--) {
243 x *= 37;
244 x += *cptr++;
245 }
246 return x;
247}
248
32513b40
BF		 249static void nfsd4_free_file(struct nfs4_file *f)
250{
251 kmem_cache_free(file_slab, f);
252}
253
13cd2184
N		 254static inline void
255put_nfs4_file(struct nfs4_file *fi)
256{
02e1215f
JL		 257 might_lock(&state_lock);
258
cdc97505 259 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) {
89876f8c 260 hlist_del(&fi->fi_hash);
cdc97505 261 spin_unlock(&state_lock);
8b671b80 262 iput(fi->fi_inode);
32513b40 263 nfsd4_free_file(fi);
8b671b80 264 }
13cd2184
N		 265}
266
267static inline void
268get_nfs4_file(struct nfs4_file *fi)
269{
8b671b80 270 atomic_inc(&fi->fi_ref);
13cd2184
N		 271}
272
de18643d
TM		 273static struct file *
274__nfs4_get_fd(struct nfs4_file *f, int oflag)
275{
276 if (f->fi_fds[oflag])
277 return get_file(f->fi_fds[oflag]);
278 return NULL;
279}
280
281static struct file *
282find_writeable_file_locked(struct nfs4_file *f)
283{
284 struct file *ret;
285
286 lockdep_assert_held(&f->fi_lock);
287
288 ret = __nfs4_get_fd(f, O_WRONLY);
289 if (!ret)
290 ret = __nfs4_get_fd(f, O_RDWR);
291 return ret;
292}
293
294static struct file *
295find_writeable_file(struct nfs4_file *f)
296{
297 struct file *ret;
298
299 spin_lock(&f->fi_lock);
300 ret = find_writeable_file_locked(f);
301 spin_unlock(&f->fi_lock);
302
303 return ret;
304}
305
306static struct file *find_readable_file_locked(struct nfs4_file *f)
307{
308 struct file *ret;
309
310 lockdep_assert_held(&f->fi_lock);
311
312 ret = __nfs4_get_fd(f, O_RDONLY);
313 if (!ret)
314 ret = __nfs4_get_fd(f, O_RDWR);
315 return ret;
316}
317
318static struct file *
319find_readable_file(struct nfs4_file *f)
320{
321 struct file *ret;
322
323 spin_lock(&f->fi_lock);
324 ret = find_readable_file_locked(f);
325 spin_unlock(&f->fi_lock);
326
327 return ret;
328}
329
330static struct file *
331find_any_file(struct nfs4_file *f)
332{
333 struct file *ret;
334
335 spin_lock(&f->fi_lock);
336 ret = __nfs4_get_fd(f, O_RDWR);
337 if (!ret) {
338 ret = __nfs4_get_fd(f, O_WRONLY);
339 if (!ret)
340 ret = __nfs4_get_fd(f, O_RDONLY);
341 }
342 spin_unlock(&f->fi_lock);
343 return ret;
344}
345
ef0f3390 346static int num_delegations;
697ce9be 347unsigned long max_delegations;
ef0f3390
N		 348
349/*
350 * Open owner state (share locks)
351 */
352
16bfdaaf
BF		 353/* hash tables for lock and open owners */
354#define OWNER_HASH_BITS 8
355#define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS)
356#define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1)
ef0f3390 357
16bfdaaf 358static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername)
ddc04c41
BF		 359{
360 unsigned int ret;
361
362 ret = opaque_hashval(ownername->data, ownername->len);
363 ret += clientid;
16bfdaaf 364 return ret & OWNER_HASH_MASK;
ddc04c41 365}
ef0f3390 366
ef0f3390
N		 367/* hash table for nfs4_file */
368#define FILE_HASH_BITS 8
369#define FILE_HASH_SIZE (1 << FILE_HASH_BITS)
35079582 370
ddc04c41
BF		 371static unsigned int file_hashval(struct inode *ino)
372{
373 /* XXX: why are we hashing on inode pointer, anyway? */
374 return hash_ptr(ino, FILE_HASH_BITS);
375}
376
89876f8c 377static struct hlist_head file_hashtbl[FILE_HASH_SIZE];
ef0f3390 378
12659651
JL		 379static void
380__nfs4_file_get_access(struct nfs4_file *fp, u32 access)
3477565e 381{
7214e860
JL		 382 lockdep_assert_held(&fp->fi_lock);
383
12659651
JL		 384 if (access & NFS4_SHARE_ACCESS_WRITE)
385 atomic_inc(&fp->fi_access[O_WRONLY]);
386 if (access & NFS4_SHARE_ACCESS_READ)
387 atomic_inc(&fp->fi_access[O_RDONLY]);
3477565e
BF		 388}
389
12659651
JL		 390static __be32
391nfs4_file_get_access(struct nfs4_file *fp, u32 access)
998db52c 392{
7214e860
JL		 393 lockdep_assert_held(&fp->fi_lock);
394
12659651
JL		 395 /* Does this access mode make sense? */
396 if (access & ~NFS4_SHARE_ACCESS_BOTH)
397 return nfserr_inval;
398
baeb4ff0
JL		 399 /* Does it conflict with a deny mode already set? */
400 if ((access & fp->fi_share_deny) != 0)
401 return nfserr_share_denied;
402
12659651
JL		 403 __nfs4_file_get_access(fp, access);
404 return nfs_ok;
998db52c
BF		 405}
406
baeb4ff0
JL		 407static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny)
408{
409 /* Common case is that there is no deny mode. */
410 if (deny) {
411 /* Does this deny mode make sense? */
412 if (deny & ~NFS4_SHARE_DENY_BOTH)
413 return nfserr_inval;
414
415 if ((deny & NFS4_SHARE_DENY_READ) &&
416 atomic_read(&fp->fi_access[O_RDONLY]))
417 return nfserr_share_denied;
418
419 if ((deny & NFS4_SHARE_DENY_WRITE) &&
420 atomic_read(&fp->fi_access[O_WRONLY]))
421 return nfserr_share_denied;
422 }
423 return nfs_ok;
424}
425
998db52c 426static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
f9d7562f 427{
de18643d
TM		 428 might_lock(&fp->fi_lock);
429
430 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) {
431 struct file *f1 = NULL;
432 struct file *f2 = NULL;
433
6d338b51 434 swap(f1, fp->fi_fds[oflag]);
0c7c3e67 435 if (atomic_read(&fp->fi_access[1 - oflag]) == 0)
6d338b51 436 swap(f2, fp->fi_fds[O_RDWR]);
de18643d
TM		 437 spin_unlock(&fp->fi_lock);
438 if (f1)
439 fput(f1);
440 if (f2)
441 fput(f2);
f9d7562f
BF		 442 }
443}
444
12659651 445static void nfs4_file_put_access(struct nfs4_file *fp, u32 access)
998db52c 446{
12659651
JL		 447 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH);
448
449 if (access & NFS4_SHARE_ACCESS_WRITE)
998db52c 450 __nfs4_file_put_access(fp, O_WRONLY);
12659651
JL		 451 if (access & NFS4_SHARE_ACCESS_READ)
452 __nfs4_file_put_access(fp, O_RDONLY);
998db52c
BF		 453}
454
3abdb607
BF		 455static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct
456kmem_cache *slab)
2a74aba7 457{
3abdb607 458 struct idr *stateids = &cl->cl_stateids;
3abdb607 459 struct nfs4_stid *stid;
6136d2b4 460 int new_id;
2a74aba7 461
3abdb607
BF		 462 stid = kmem_cache_alloc(slab, GFP_KERNEL);
463 if (!stid)
464 return NULL;
465
398c33aa 466 new_id = idr_alloc_cyclic(stateids, stid, 0, 0, GFP_KERNEL);
ebd6c707 467 if (new_id < 0)
3abdb607 468 goto out_free;
2a74aba7 469 stid->sc_client = cl;
3abdb607
BF		 470 stid->sc_type = 0;
471 stid->sc_stateid.si_opaque.so_id = new_id;
472 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid;
2a74aba7 473 /* Will be incremented before return to client: */
3abdb607 474 stid->sc_stateid.si_generation = 0;
996e0938 475
996e0938 476 /*
3abdb607
BF		 477 * It shouldn't be a problem to reuse an opaque stateid value.
478 * I don't think it is for 4.1. But with 4.0 I worry that, for
479 * example, a stray write retransmission could be accepted by
480 * the server when it should have been rejected. Therefore,
481 * adopt a trick from the sctp code to attempt to maximize the
482 * amount of time until an id is reused, by ensuring they always
483 * "increase" (mod INT_MAX):
996e0938 484 */
3abdb607
BF		 485 return stid;
486out_free:
2c44a234 487 kmem_cache_free(slab, stid);
3abdb607 488 return NULL;
2a74aba7
BF		 489}
490
4cdc951b
BF		 491static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp)
492{
493 return openlockstateid(nfs4_alloc_stid(clp, stateid_slab));
494}
495
6282cd56
N		 496/*
497 * When we recall a delegation, we should be careful not to hand it
498 * out again straight away.
499 * To ensure this we keep a pair of bloom filters ('new' and 'old')
500 * in which the filehandles of recalled delegations are "stored".
501 * If a filehandle appear in either filter, a delegation is blocked.
502 * When a delegation is recalled, the filehandle is stored in the "new"
503 * filter.
504 * Every 30 seconds we swap the filters and clear the "new" one,
505 * unless both are empty of course.
506 *
507 * Each filter is 256 bits. We hash the filehandle to 32bit and use the
508 * low 3 bytes as hash-table indices.
509 *
510 * 'state_lock', which is always held when block_delegations() is called,
511 * is used to manage concurrent access. Testing does not need the lock
512 * except when swapping the two filters.
513 */
514static struct bloom_pair {
515 int entries, old_entries;
516 time_t swap_time;
517 int new; /* index into 'set' */
518 DECLARE_BITMAP(set[2], 256);
519} blocked_delegations;
520
521static int delegation_blocked(struct knfsd_fh *fh)
522{
523 u32 hash;
524 struct bloom_pair *bd = &blocked_delegations;
525
526 if (bd->entries == 0)
527 return 0;
528 if (seconds_since_boot() - bd->swap_time > 30) {
529 spin_lock(&state_lock);
530 if (seconds_since_boot() - bd->swap_time > 30) {
531 bd->entries -= bd->old_entries;
532 bd->old_entries = bd->entries;
533 memset(bd->set[bd->new], 0,
534 sizeof(bd->set[0]));
535 bd->new = 1-bd->new;
536 bd->swap_time = seconds_since_boot();
537 }
538 spin_unlock(&state_lock);
539 }
540 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);
541 if (test_bit(hash&255, bd->set[0]) &&
542 test_bit((hash>>8)&255, bd->set[0]) &&
543 test_bit((hash>>16)&255, bd->set[0]))
544 return 1;
545
546 if (test_bit(hash&255, bd->set[1]) &&
547 test_bit((hash>>8)&255, bd->set[1]) &&
548 test_bit((hash>>16)&255, bd->set[1]))
549 return 1;
550
551 return 0;
552}
553
554static void block_delegations(struct knfsd_fh *fh)
555{
556 u32 hash;
557 struct bloom_pair *bd = &blocked_delegations;
558
02e1215f
JL		 559 lockdep_assert_held(&state_lock);
560
6282cd56
N		 561 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);
562
563 __set_bit(hash&255, bd->set[bd->new]);
564 __set_bit((hash>>8)&255, bd->set[bd->new]);
565 __set_bit((hash>>16)&255, bd->set[bd->new]);
566 if (bd->entries == 0)
567 bd->swap_time = seconds_since_boot();
568 bd->entries += 1;
569}
570
1da177e4 571static struct nfs4_delegation *
99c41515 572alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh)
1da177e4
LT		 573{
574 struct nfs4_delegation *dp;
1da177e4
LT		 575
576 dprintk("NFSD alloc_init_deleg\n");
c2f1a551 577 if (num_delegations > max_delegations)
ef0f3390 578 return NULL;
6282cd56
N		 579 if (delegation_blocked(&current_fh->fh_handle))
580 return NULL;
996e0938 581 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab));
5b2d21c1 582 if (dp == NULL)
1da177e4 583 return dp;
2a74aba7
BF		 584 /*
585 * delegation seqid's are never incremented. The 4.1 special
6136d2b4
BF		 586 * meaning of seqid 0 isn't meaningful, really, but let's avoid
587 * 0 anyway just for consistency and use 1:
2a74aba7
BF		 588 */
589 dp->dl_stid.sc_stateid.si_generation = 1;
ef0f3390 590 num_delegations++;
ea1da636
N		 591 INIT_LIST_HEAD(&dp->dl_perfile);
592 INIT_LIST_HEAD(&dp->dl_perclnt);
1da177e4 593 INIT_LIST_HEAD(&dp->dl_recall_lru);
bf7bd3e9 594 dp->dl_file = NULL;
99c41515 595 dp->dl_type = NFS4_OPEN_DELEGATE_READ;
6c02eaa1 596 fh_copy_shallow(&dp->dl_fh, &current_fh->fh_handle);
1da177e4
LT		 597 dp->dl_time = 0;
598 atomic_set(&dp->dl_count, 1);
02e1215f 599 INIT_WORK(&dp->dl_recall.cb_work, nfsd4_run_cb_recall);
1da177e4
LT		 600 return dp;
601}
602
68a33961 603static void remove_stid(struct nfs4_stid *s)
3abdb607
BF		 604{
605 struct idr *stateids = &s->sc_client->cl_stateids;
606
607 idr_remove(stateids, s->sc_stateid.si_opaque.so_id);
3abdb607
BF		 608}
609
9857df81
BH		 610static void nfs4_free_stid(struct kmem_cache *slab, struct nfs4_stid *s)
611{
612 kmem_cache_free(slab, s);
613}
614
1da177e4
LT		 615void
616nfs4_put_delegation(struct nfs4_delegation *dp)
617{
618 if (atomic_dec_and_test(&dp->dl_count)) {
9857df81 619 nfs4_free_stid(deleg_slab, &dp->dl_stid);
ef0f3390 620 num_delegations--;
1da177e4
LT		 621 }
622}
623
acfdf5c3 624static void nfs4_put_deleg_lease(struct nfs4_file *fp)
1da177e4 625{
cbf7a75b
BF		 626 if (!fp->fi_lease)
627 return;
acfdf5c3
BF		 628 if (atomic_dec_and_test(&fp->fi_delegees)) {
629 vfs_setlease(fp->fi_deleg_file, F_UNLCK, &fp->fi_lease);
630 fp->fi_lease = NULL;
4ee63624 631 fput(fp->fi_deleg_file);
acfdf5c3
BF		 632 fp->fi_deleg_file = NULL;
633 }
1da177e4
LT		 634}
635
6136d2b4
BF		 636static void unhash_stid(struct nfs4_stid *s)
637{
3abdb607 638 s->sc_type = 0;
6136d2b4
BF		 639}
640
931ee56c
BH		 641static void
642hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp)
643{
cdc97505 644 lockdep_assert_held(&state_lock);
931ee56c 645
3fb87d13 646 dp->dl_stid.sc_type = NFS4_DELEG_STID;
02e1215f 647 spin_lock(&fp->fi_lock);
931ee56c 648 list_add(&dp->dl_perfile, &fp->fi_delegations);
02e1215f 649 spin_unlock(&fp->fi_lock);
931ee56c
BH		 650 list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
651}
652
1da177e4
LT		 653/* Called under the state lock. */
654static void
655unhash_delegation(struct nfs4_delegation *dp)
656{
02e1215f
JL		 657 struct nfs4_file *fp = dp->dl_file;
658
cdc97505 659 spin_lock(&state_lock);
931ee56c 660 list_del_init(&dp->dl_perclnt);
1da177e4 661 list_del_init(&dp->dl_recall_lru);
02e1215f
JL		 662 spin_lock(&fp->fi_lock);
663 list_del_init(&dp->dl_perfile);
664 spin_unlock(&fp->fi_lock);
cdc97505 665 spin_unlock(&state_lock);
02e1215f
JL		 666 if (fp) {
667 nfs4_put_deleg_lease(fp);
668 put_nfs4_file(fp);
cbf7a75b
BF		 669 dp->dl_file = NULL;
670 }
3bd64a5b
BF		 671}
672
673
674
675static void destroy_revoked_delegation(struct nfs4_delegation *dp)
676{
677 list_del_init(&dp->dl_recall_lru);
68a33961 678 remove_stid(&dp->dl_stid);
1da177e4
LT		 679 nfs4_put_delegation(dp);
680}
681
3bd64a5b
BF		 682static void destroy_delegation(struct nfs4_delegation *dp)
683{
684 unhash_delegation(dp);
685 remove_stid(&dp->dl_stid);
686 nfs4_put_delegation(dp);
687}
688
689static void revoke_delegation(struct nfs4_delegation *dp)
690{
691 struct nfs4_client *clp = dp->dl_stid.sc_client;
692
693 if (clp->cl_minorversion == 0)
694 destroy_delegation(dp);
695 else {
696 unhash_delegation(dp);
697 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID;
698 list_add(&dp->dl_recall_lru, &clp->cl_revoked);
699 }
700}
701
1da177e4
LT		 702/*
703 * SETCLIENTID state
704 */
705
ddc04c41
BF		 706static unsigned int clientid_hashval(u32 id)
707{
708 return id & CLIENT_HASH_MASK;
709}
710
711static unsigned int clientstr_hashval(const char *name)
712{
713 return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
714}
715
f9d7562f
BF		 716/*
717 * We store the NONE, READ, WRITE, and BOTH bits separately in the
718 * st_{access,deny}_bmap field of the stateid, in order to track not
719 * only what share bits are currently in force, but also what
720 * combinations of share bits previous opens have used. This allows us
721 * to enforce the recommendation of rfc 3530 14.2.19 that the server
722 * return an error if the client attempt to downgrade to a combination
723 * of share bits not explicable by closing some of its previous opens.
724 *
725 * XXX: This enforcement is actually incomplete, since we don't keep
726 * track of access/deny bit combinations; so, e.g., we allow:
727 *
728 * OPEN allow read, deny write
729 * OPEN allow both, deny none
730 * DOWNGRADE allow read, deny none
731 *
732 * which we should reject.
733 */
5ae037e5
JL		 734static unsigned int
735bmap_to_share_mode(unsigned long bmap) {
f9d7562f 736 int i;
5ae037e5 737 unsigned int access = 0;
f9d7562f 738
f9d7562f
BF		 739 for (i = 1; i < 4; i++) {
740 if (test_bit(i, &bmap))
5ae037e5 741 access |= i;
f9d7562f 742 }
5ae037e5 743 return access;
f9d7562f
BF		 744}
745
82c5ff1b
JL		 746/* set share access for a given stateid */
747static inline void
748set_access(u32 access, struct nfs4_ol_stateid *stp)
749{
c11c591f
JL		 750 unsigned char mask = 1 << access;
751
752 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
753 stp->st_access_bmap |= mask;
82c5ff1b
JL		 754}
755
756/* clear share access for a given stateid */
757static inline void
758clear_access(u32 access, struct nfs4_ol_stateid *stp)
759{
c11c591f
JL		 760 unsigned char mask = 1 << access;
761
762 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
763 stp->st_access_bmap &= ~mask;
82c5ff1b
JL		 764}
765
766/* test whether a given stateid has access */
767static inline bool
768test_access(u32 access, struct nfs4_ol_stateid *stp)
769{
c11c591f
JL		 770 unsigned char mask = 1 << access;
771
772 return (bool)(stp->st_access_bmap & mask);
82c5ff1b
JL		 773}
774
ce0fc43c
JL		 775/* set share deny for a given stateid */
776static inline void
c11c591f 777set_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 778{
c11c591f
JL		 779 unsigned char mask = 1 << deny;
780
781 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
782 stp->st_deny_bmap |= mask;
ce0fc43c
JL		 783}
784
785/* clear share deny for a given stateid */
786static inline void
c11c591f 787clear_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 788{
c11c591f
JL		 789 unsigned char mask = 1 << deny;
790
791 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
792 stp->st_deny_bmap &= ~mask;
ce0fc43c
JL		 793}
794
795/* test whether a given stateid is denying specific access */
796static inline bool
c11c591f 797test_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 798{
c11c591f
JL		 799 unsigned char mask = 1 << deny;
800
801 return (bool)(stp->st_deny_bmap & mask);
f9d7562f
BF		 802}
803
804static int nfs4_access_to_omode(u32 access)
805{
8f34a430 806 switch (access & NFS4_SHARE_ACCESS_BOTH) {
f9d7562f
BF		 807 case NFS4_SHARE_ACCESS_READ:
808 return O_RDONLY;
809 case NFS4_SHARE_ACCESS_WRITE:
810 return O_WRONLY;
811 case NFS4_SHARE_ACCESS_BOTH:
812 return O_RDWR;
813 }
063b0fb9
BF		 814 WARN_ON_ONCE(1);
815 return O_RDONLY;
f9d7562f
BF		 816}
817
baeb4ff0
JL		 818/*
819 * A stateid that had a deny mode associated with it is being released
820 * or downgraded. Recalculate the deny mode on the file.
821 */
822static void
823recalculate_deny_mode(struct nfs4_file *fp)
824{
825 struct nfs4_ol_stateid *stp;
826
827 spin_lock(&fp->fi_lock);
828 fp->fi_share_deny = 0;
829 list_for_each_entry(stp, &fp->fi_stateids, st_perfile)
830 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap);
831 spin_unlock(&fp->fi_lock);
832}
833
834static void
835reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp)
836{
837 int i;
838 bool change = false;
839
840 for (i = 1; i < 4; i++) {
841 if ((i & deny) != i) {
842 change = true;
843 clear_deny(i, stp);
844 }
845 }
846
847 /* Recalculate per-file deny mode if there was a change */
848 if (change)
849 recalculate_deny_mode(stp->st_file);
850}
851
82c5ff1b
JL		 852/* release all access and file references for a given stateid */
853static void
854release_all_access(struct nfs4_ol_stateid *stp)
855{
856 int i;
baeb4ff0
JL		 857 struct nfs4_file *fp = stp->st_file;
858
859 if (fp && stp->st_deny_bmap != 0)
860 recalculate_deny_mode(fp);
82c5ff1b
JL		 861
862 for (i = 1; i < 4; i++) {
863 if (test_access(i, stp))
12659651 864 nfs4_file_put_access(stp->st_file, i);
82c5ff1b
JL		 865 clear_access(i, stp);
866 }
867}
868
dcef0413 869static void unhash_generic_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 870{
1d31a253
TM		 871 struct nfs4_file *fp = stp->st_file;
872
873 spin_lock(&fp->fi_lock);
529d7b2a 874 list_del(&stp->st_perfile);
1d31a253 875 spin_unlock(&fp->fi_lock);
529d7b2a
BF		 876 list_del(&stp->st_perstateowner);
877}
878
dcef0413 879static void close_generic_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 880{
82c5ff1b 881 release_all_access(stp);
a96e5b90 882 put_nfs4_file(stp->st_file);
4665e2ba
BF		 883 stp->st_file = NULL;
884}
885
dcef0413 886static void free_generic_stateid(struct nfs4_ol_stateid *stp)
4665e2ba 887{
68a33961 888 remove_stid(&stp->st_stid);
9857df81 889 nfs4_free_stid(stateid_slab, &stp->st_stid);
529d7b2a
BF		 890}
891
3c87b9b7 892static void __release_lock_stateid(struct nfs4_ol_stateid *stp)
529d7b2a
BF		 893{
894 struct file *file;
895
3c87b9b7 896 list_del(&stp->st_locks);
529d7b2a 897 unhash_generic_stateid(stp);
6136d2b4 898 unhash_stid(&stp->st_stid);
529d7b2a 899 file = find_any_file(stp->st_file);
e20fcf1e
TM		 900 if (file)
901 filp_close(file, (fl_owner_t)lockowner(stp->st_stateowner));
38c387b5 902 close_generic_stateid(stp);
529d7b2a
BF		 903 free_generic_stateid(stp);
904}
905
fe0750e5 906static void unhash_lockowner(struct nfs4_lockowner *lo)
529d7b2a 907{
dcef0413 908 struct nfs4_ol_stateid *stp;
529d7b2a 909
fe0750e5 910 list_del(&lo->lo_owner.so_strhash);
fe0750e5
BF		 911 while (!list_empty(&lo->lo_owner.so_stateids)) {
912 stp = list_first_entry(&lo->lo_owner.so_stateids,
dcef0413 913 struct nfs4_ol_stateid, st_perstateowner);
3c87b9b7 914 __release_lock_stateid(stp);
529d7b2a
BF		 915 }
916}
917
50cc6231
TM		 918static void nfs4_free_lockowner(struct nfs4_lockowner *lo)
919{
920 kfree(lo->lo_owner.so_owner.data);
921 kmem_cache_free(lockowner_slab, lo);
922}
923
fe0750e5 924static void release_lockowner(struct nfs4_lockowner *lo)
529d7b2a 925{
fe0750e5
BF		 926 unhash_lockowner(lo);
927 nfs4_free_lockowner(lo);
529d7b2a
BF		 928}
929
3c87b9b7
TM		 930static void release_lockowner_if_empty(struct nfs4_lockowner *lo)
931{
932 if (list_empty(&lo->lo_owner.so_stateids))
933 release_lockowner(lo);
934}
935
936static void release_lock_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 937{
fe0750e5 938 struct nfs4_lockowner *lo;
529d7b2a 939
3c87b9b7
TM		 940 lo = lockowner(stp->st_stateowner);
941 __release_lock_stateid(stp);
942 release_lockowner_if_empty(lo);
943}
944
945static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp)
946{
947 struct nfs4_ol_stateid *stp;
948
949 while (!list_empty(&open_stp->st_locks)) {
950 stp = list_entry(open_stp->st_locks.next,
951 struct nfs4_ol_stateid, st_locks);
952 release_lock_stateid(stp);
529d7b2a
BF		 953 }
954}
955
38c387b5 956static void unhash_open_stateid(struct nfs4_ol_stateid *stp)
2283963f
BF		 957{
958 unhash_generic_stateid(stp);
3c87b9b7 959 release_open_stateid_locks(stp);
38c387b5
BF		 960 close_generic_stateid(stp);
961}
962
963static void release_open_stateid(struct nfs4_ol_stateid *stp)
964{
965 unhash_open_stateid(stp);
2283963f
BF		 966 free_generic_stateid(stp);
967}
968
fe0750e5 969static void unhash_openowner(struct nfs4_openowner *oo)
f1d110ca 970{
dcef0413 971 struct nfs4_ol_stateid *stp;
f1d110ca 972
fe0750e5
BF		 973 list_del(&oo->oo_owner.so_strhash);
974 list_del(&oo->oo_perclient);
975 while (!list_empty(&oo->oo_owner.so_stateids)) {
976 stp = list_first_entry(&oo->oo_owner.so_stateids,
dcef0413 977 struct nfs4_ol_stateid, st_perstateowner);
f044ff83 978 release_open_stateid(stp);
f1d110ca
BF		 979 }
980}
981
f7a4d872
BF		 982static void release_last_closed_stateid(struct nfs4_openowner *oo)
983{
984 struct nfs4_ol_stateid *s = oo->oo_last_closed_stid;
985
986 if (s) {
f7a4d872
BF		 987 free_generic_stateid(s);
988 oo->oo_last_closed_stid = NULL;
989 }
990}
991
50cc6231
TM		 992static void nfs4_free_openowner(struct nfs4_openowner *oo)
993{
994 kfree(oo->oo_owner.so_owner.data);
995 kmem_cache_free(openowner_slab, oo);
996}
997
fe0750e5 998static void release_openowner(struct nfs4_openowner *oo)
f1d110ca 999{
fe0750e5
BF		 1000 unhash_openowner(oo);
1001 list_del(&oo->oo_close_lru);
f7a4d872 1002 release_last_closed_stateid(oo);
fe0750e5 1003 nfs4_free_openowner(oo);
f1d110ca
BF		 1004}
1005
5282fd72
ME		 1006static inline int
1007hash_sessionid(struct nfs4_sessionid *sessionid)
1008{
1009 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
1010
1011 return sid->sequence % SESSION_HASH_SIZE;
1012}
1013
8f199b82 1014#ifdef NFSD_DEBUG
5282fd72
ME		 1015static inline void
1016dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1017{
1018 u32 *ptr = (u32 *)(&sessionid->data[0]);
1019 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
1020}
8f199b82
TM		 1021#else
1022static inline void
1023dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1024{
1025}
1026#endif
1027
9411b1d4
BF		 1028/*
1029 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it
1030 * won't be used for replay.
1031 */
1032void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr)
1033{
1034 struct nfs4_stateowner *so = cstate->replay_owner;
1035
1036 if (nfserr == nfserr_replay_me)
1037 return;
1038
1039 if (!seqid_mutating_err(ntohl(nfserr))) {
1040 cstate->replay_owner = NULL;
1041 return;
1042 }
1043 if (!so)
1044 return;
1045 if (so->so_is_open_owner)
1046 release_last_closed_stateid(openowner(so));
1047 so->so_seqid++;
1048 return;
1049}
5282fd72 1050
ec6b5d7b
AA		 1051static void
1052gen_sessionid(struct nfsd4_session *ses)
1053{
1054 struct nfs4_client *clp = ses->se_client;
1055 struct nfsd4_sessionid *sid;
1056
1057 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
1058 sid->clientid = clp->cl_clientid;
1059 sid->sequence = current_sessionid++;
1060 sid->reserved = 0;
1061}
1062
1063/*
a649637c
AA		 1064 * The protocol defines ca_maxresponssize_cached to include the size of
1065 * the rpc header, but all we need to cache is the data starting after
1066 * the end of the initial SEQUENCE operation--the rest we regenerate
1067 * each time. Therefore we can advertise a ca_maxresponssize_cached
1068 * value that is the number of bytes in our cache plus a few additional
1069 * bytes. In order to stay on the safe side, and not promise more than
1070 * we can cache, those additional bytes must be the minimum possible: 24
1071 * bytes of rpc header (xid through accept state, with AUTH_NULL
1072 * verifier), 12 for the compound header (with zero-length tag), and 44
1073 * for the SEQUENCE op response:
1074 */
1075#define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44)
1076
557ce264
AA		 1077static void
1078free_session_slots(struct nfsd4_session *ses)
1079{
1080 int i;
1081
1082 for (i = 0; i < ses->se_fchannel.maxreqs; i++)
1083 kfree(ses->se_slots[i]);
1084}
1085
a649637c 1086/*
efe0cb6d
BF		 1087 * We don't actually need to cache the rpc and session headers, so we
1088 * can allocate a little less for each slot:
1089 */
55c760cf 1090static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca)
efe0cb6d 1091{
55c760cf 1092 u32 size;
efe0cb6d 1093
55c760cf
BF		 1094 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ)
1095 size = 0;
1096 else
1097 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
1098 return size + sizeof(struct nfsd4_slot);
5b6feee9 1099}
ec6b5d7b 1100
5b6feee9
BF		 1101/*
1102 * XXX: If we run out of reserved DRC memory we could (up to a point)
a649637c 1103 * re-negotiate active sessions and reduce their slot usage to make
42b2aa86 1104 * room for new connections. For now we just fail the create session.
ec6b5d7b 1105 */
55c760cf 1106static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca)
ec6b5d7b 1107{
55c760cf
BF		 1108 u32 slotsize = slot_bytes(ca);
1109 u32 num = ca->maxreqs;
5b6feee9 1110 int avail;
ec6b5d7b 1111
5b6feee9 1112 spin_lock(&nfsd_drc_lock);
697ce9be
ZY		 1113 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION,
1114 nfsd_drc_max_mem - nfsd_drc_mem_used);
5b6feee9
BF		 1115 num = min_t(int, num, avail / slotsize);
1116 nfsd_drc_mem_used += num * slotsize;
1117 spin_unlock(&nfsd_drc_lock);
ec6b5d7b 1118
5b6feee9
BF		 1119 return num;
1120}
ec6b5d7b 1121
55c760cf 1122static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca)
5b6feee9 1123{
55c760cf
BF		 1124 int slotsize = slot_bytes(ca);
1125
4bd9b0f4 1126 spin_lock(&nfsd_drc_lock);
55c760cf 1127 nfsd_drc_mem_used -= slotsize * ca->maxreqs;
4bd9b0f4 1128 spin_unlock(&nfsd_drc_lock);
5b6feee9 1129}
ec6b5d7b 1130
60810e54
KM		 1131static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs,
1132 struct nfsd4_channel_attrs *battrs)
5b6feee9 1133{
60810e54
KM		 1134 int numslots = fattrs->maxreqs;
1135 int slotsize = slot_bytes(fattrs);
5b6feee9
BF		 1136 struct nfsd4_session *new;
1137 int mem, i;
a649637c 1138
5b6feee9
BF		 1139 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
1140 + sizeof(struct nfsd4_session) > PAGE_SIZE);
1141 mem = numslots * sizeof(struct nfsd4_slot *);
ec6b5d7b 1142
5b6feee9
BF		 1143 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
1144 if (!new)
1145 return NULL;
557ce264 1146 /* allocate each struct nfsd4_slot and data cache in one piece */
5b6feee9 1147 for (i = 0; i < numslots; i++) {
55c760cf 1148 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL);
5b6feee9 1149 if (!new->se_slots[i])
557ce264 1150 goto out_free;
557ce264 1151 }
60810e54
KM		 1152
1153 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs));
1154 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs));
1155
5b6feee9
BF		 1156 return new;
1157out_free:
1158 while (i--)
1159 kfree(new->se_slots[i]);
1160 kfree(new);
1161 return NULL;
ec6b5d7b
AA		 1162}
1163
19cf5c02
BF		 1164static void free_conn(struct nfsd4_conn *c)
1165{
1166 svc_xprt_put(c->cn_xprt);
1167 kfree(c);
1168}
ec6b5d7b 1169
19cf5c02
BF		 1170static void nfsd4_conn_lost(struct svc_xpt_user *u)
1171{
1172 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
1173 struct nfs4_client *clp = c->cn_session->se_client;
ec6b5d7b 1174
19cf5c02
BF		 1175 spin_lock(&clp->cl_lock);
1176 if (!list_empty(&c->cn_persession)) {
1177 list_del(&c->cn_persession);
1178 free_conn(c);
1179 }
eea49806 1180 nfsd4_probe_callback(clp);
2e4b7239 1181 spin_unlock(&clp->cl_lock);
19cf5c02 1182}
ec6b5d7b 1183
d29c374c 1184static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
c7662518 1185{
c7662518 1186 struct nfsd4_conn *conn;
ec6b5d7b 1187
c7662518
BF		 1188 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
1189 if (!conn)
db90681d 1190 return NULL;
c7662518
BF		 1191 svc_xprt_get(rqstp->rq_xprt);
1192 conn->cn_xprt = rqstp->rq_xprt;
d29c374c 1193 conn->cn_flags = flags;
db90681d
BF		 1194 INIT_LIST_HEAD(&conn->cn_xpt_user.list);
1195 return conn;
1196}
a649637c 1197
328ead28
BF		 1198static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1199{
1200 conn->cn_session = ses;
1201 list_add(&conn->cn_persession, &ses->se_conns);
ec6b5d7b
AA		 1202}
1203
db90681d 1204static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
557ce264 1205{
db90681d 1206 struct nfs4_client *clp = ses->se_client;
557ce264 1207
c7662518 1208 spin_lock(&clp->cl_lock);
328ead28 1209 __nfsd4_hash_conn(conn, ses);
c7662518 1210 spin_unlock(&clp->cl_lock);
557ce264
AA		 1211}
1212
21b75b01 1213static int nfsd4_register_conn(struct nfsd4_conn *conn)
efe0cb6d 1214{
19cf5c02 1215 conn->cn_xpt_user.callback = nfsd4_conn_lost;
21b75b01 1216 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
efe0cb6d
BF		 1217}
1218
e1ff371f 1219static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
ec6b5d7b 1220{
21b75b01 1221 int ret;
ec6b5d7b 1222
db90681d 1223 nfsd4_hash_conn(conn, ses);
21b75b01
BF		 1224 ret = nfsd4_register_conn(conn);
1225 if (ret)
1226 /* oops; xprt is already down: */
1227 nfsd4_conn_lost(&conn->cn_xpt_user);
6a3b1563 1228 if (conn->cn_flags & NFS4_CDFC4_BACK) {
24119673
WAA		 1229 /* callback channel may be back up */
1230 nfsd4_probe_callback(ses->se_client);
1231 }
c7662518 1232}
ec6b5d7b 1233
e1ff371f 1234static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
1d1bc8f2
BF		 1235{
1236 u32 dir = NFS4_CDFC4_FORE;
1237
e1ff371f 1238 if (cses->flags & SESSION4_BACK_CHAN)
1d1bc8f2 1239 dir |= NFS4_CDFC4_BACK;
e1ff371f 1240 return alloc_conn(rqstp, dir);
1d1bc8f2
BF		 1241}
1242
1243/* must be called under client_lock */
19cf5c02 1244static void nfsd4_del_conns(struct nfsd4_session *s)
c7662518 1245{
19cf5c02
BF		 1246 struct nfs4_client *clp = s->se_client;
1247 struct nfsd4_conn *c;
ec6b5d7b 1248
19cf5c02
BF		 1249 spin_lock(&clp->cl_lock);
1250 while (!list_empty(&s->se_conns)) {
1251 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
1252 list_del_init(&c->cn_persession);
1253 spin_unlock(&clp->cl_lock);
557ce264 1254
19cf5c02
BF		 1255 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
1256 free_conn(c);
ec6b5d7b 1257
19cf5c02
BF		 1258 spin_lock(&clp->cl_lock);
1259 }
1260 spin_unlock(&clp->cl_lock);
c7662518 1261}
ec6b5d7b 1262
1377b69e
BF		 1263static void __free_session(struct nfsd4_session *ses)
1264{
1377b69e
BF		 1265 free_session_slots(ses);
1266 kfree(ses);
1267}
1268
66b2b9b2 1269static void free_session(struct nfsd4_session *ses)
c7662518 1270{
66b2b9b2 1271 struct nfsd_net *nn = net_generic(ses->se_client->net, nfsd_net_id);
c9a49628
SK		 1272
1273 lockdep_assert_held(&nn->client_lock);
19cf5c02 1274 nfsd4_del_conns(ses);
55c760cf 1275 nfsd4_put_drc_mem(&ses->se_fchannel);
1377b69e 1276 __free_session(ses);
c7662518
BF		 1277}
1278
135ae827 1279static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
a827bcb2 1280{
a827bcb2 1281 int idx;
1872de0e 1282 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
a827bcb2 1283
ec6b5d7b
AA		 1284 new->se_client = clp;
1285 gen_sessionid(new);
ec6b5d7b 1286
c7662518
BF		 1287 INIT_LIST_HEAD(&new->se_conns);
1288
ac7c46f2 1289 new->se_cb_seq_nr = 1;
ec6b5d7b 1290 new->se_flags = cses->flags;
8b5ce5cd 1291 new->se_cb_prog = cses->callback_prog;
c6bb3ca2 1292 new->se_cb_sec = cses->cb_sec;
66b2b9b2 1293 atomic_set(&new->se_ref, 0);
5b6feee9 1294 idx = hash_sessionid(&new->se_sessionid);
c9a49628 1295 spin_lock(&nn->client_lock);
1872de0e 1296 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]);
4c649378 1297 spin_lock(&clp->cl_lock);
ec6b5d7b 1298 list_add(&new->se_perclnt, &clp->cl_sessions);
4c649378 1299 spin_unlock(&clp->cl_lock);
c9a49628 1300 spin_unlock(&nn->client_lock);
60810e54 1301
dcbeaa68 1302 if (cses->flags & SESSION4_BACK_CHAN) {
edd76786 1303 struct sockaddr *sa = svc_addr(rqstp);
dcbeaa68
BF		 1304 /*
1305 * This is a little silly; with sessions there's no real
1306 * use for the callback address. Use the peer address
1307 * as a reasonable default for now, but consider fixing
1308 * the rpc client not to require an address in the
1309 * future:
1310 */
edd76786
BF		 1311 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
1312 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
edd76786 1313 }
ec6b5d7b
AA		 1314}
1315
9089f1b4 1316/* caller must hold client_lock */
5282fd72 1317static struct nfsd4_session *
d4e19e70 1318__find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net)
5282fd72
ME		 1319{
1320 struct nfsd4_session *elem;
1321 int idx;
1872de0e 1322 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5282fd72
ME		 1323
1324 dump_sessionid(__func__, sessionid);
1325 idx = hash_sessionid(sessionid);
5282fd72 1326 /* Search in the appropriate list */
1872de0e 1327 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) {
5282fd72
ME		 1328 if (!memcmp(elem->se_sessionid.data, sessionid->data,
1329 NFS4_MAX_SESSIONID_LEN)) {
1330 return elem;
1331 }
1332 }
1333
1334 dprintk("%s: session not found\n", __func__);
1335 return NULL;
1336}
1337
d4e19e70
TM		 1338static struct nfsd4_session *
1339find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net,
1340 __be32 *ret)
1341{
1342 struct nfsd4_session *session;
1343 __be32 status = nfserr_badsession;
1344
1345 session = __find_in_sessionid_hashtbl(sessionid, net);
1346 if (!session)
1347 goto out;
1348 status = nfsd4_get_session_locked(session);
1349 if (status)
1350 session = NULL;
1351out:
1352 *ret = status;
1353 return session;
1354}
1355
9089f1b4 1356/* caller must hold client_lock */
7116ed6b 1357static void
5282fd72 1358unhash_session(struct nfsd4_session *ses)
7116ed6b
AA		 1359{
1360 list_del(&ses->se_hash);
4c649378 1361 spin_lock(&ses->se_client->cl_lock);
7116ed6b 1362 list_del(&ses->se_perclnt);
4c649378 1363 spin_unlock(&ses->se_client->cl_lock);
5282fd72
ME		 1364}
1365
1da177e4
LT		 1366/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1367static int
2c142baa 1368STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1da177e4 1369{
2c142baa 1370 if (clid->cl_boot == nn->boot_time)
1da177e4 1371 return 0;
60adfc50 1372 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
2c142baa 1373 clid->cl_boot, clid->cl_id, nn->boot_time);
1da177e4
LT		 1374 return 1;
1375}
1376
1377/*
1378 * XXX Should we use a slab cache ?
1379 * This type of memory management is somewhat inefficient, but we use it
1380 * anyway since SETCLIENTID is not a common operation.
1381 */
35bba9a3 1382static struct nfs4_client *alloc_client(struct xdr_netobj name)
1da177e4
LT		 1383{
1384 struct nfs4_client *clp;
1385
35bba9a3
BF		 1386 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1387 if (clp == NULL)
1388 return NULL;
67114fe6 1389 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
35bba9a3
BF		 1390 if (clp->cl_name.data == NULL) {
1391 kfree(clp);
1392 return NULL;
1da177e4 1393 }
35bba9a3 1394 clp->cl_name.len = name.len;
5694c93e
TM		 1395 INIT_LIST_HEAD(&clp->cl_sessions);
1396 idr_init(&clp->cl_stateids);
1397 atomic_set(&clp->cl_refcount, 0);
1398 clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1399 INIT_LIST_HEAD(&clp->cl_idhash);
1400 INIT_LIST_HEAD(&clp->cl_openowners);
1401 INIT_LIST_HEAD(&clp->cl_delegations);
1402 INIT_LIST_HEAD(&clp->cl_lru);
1403 INIT_LIST_HEAD(&clp->cl_callbacks);
1404 INIT_LIST_HEAD(&clp->cl_revoked);
1405 spin_lock_init(&clp->cl_lock);
1406 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1da177e4
LT		 1407 return clp;
1408}
1409
4dd86e15 1410static void
1da177e4
LT		 1411free_client(struct nfs4_client *clp)
1412{
bca0ec65 1413 struct nfsd_net __maybe_unused *nn = net_generic(clp->net, nfsd_net_id);
c9a49628
SK		 1414
1415 lockdep_assert_held(&nn->client_lock);
792c95dd
BF		 1416 while (!list_empty(&clp->cl_sessions)) {
1417 struct nfsd4_session *ses;
1418 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1419 se_perclnt);
1420 list_del(&ses->se_perclnt);
66b2b9b2
BF		 1421 WARN_ON_ONCE(atomic_read(&ses->se_ref));
1422 free_session(ses);
792c95dd 1423 }
4cb57e30 1424 rpc_destroy_wait_queue(&clp->cl_cb_waitq);
03a4e1f6 1425 free_svc_cred(&clp->cl_cred);
1da177e4 1426 kfree(clp->cl_name.data);
2d32b29a 1427 idr_destroy(&clp->cl_stateids);
1da177e4
LT		 1428 kfree(clp);
1429}
1430
84d38ac9
BH		 1431/* must be called under the client_lock */
1432static inline void
1433unhash_client_locked(struct nfs4_client *clp)
1434{
792c95dd
BF		 1435 struct nfsd4_session *ses;
1436
84d38ac9 1437 list_del(&clp->cl_lru);
4c649378 1438 spin_lock(&clp->cl_lock);
792c95dd
BF		 1439 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1440 list_del_init(&ses->se_hash);
4c649378 1441 spin_unlock(&clp->cl_lock);
84d38ac9
BH		 1442}
1443
1da177e4 1444static void
0d22f68f 1445destroy_client(struct nfs4_client *clp)
1da177e4 1446{
fe0750e5 1447 struct nfs4_openowner *oo;
1da177e4 1448 struct nfs4_delegation *dp;
1da177e4 1449 struct list_head reaplist;
382a62e7 1450 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 1451
1da177e4 1452 INIT_LIST_HEAD(&reaplist);
cdc97505 1453 spin_lock(&state_lock);
ea1da636
N		 1454 while (!list_empty(&clp->cl_delegations)) {
1455 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
ea1da636 1456 list_del_init(&dp->dl_perclnt);
dff1399f
JL		 1457 /* Ensure that deleg break won't try to requeue it */
1458 ++dp->dl_time;
1da177e4
LT		 1459 list_move(&dp->dl_recall_lru, &reaplist);
1460 }
cdc97505 1461 spin_unlock(&state_lock);
1da177e4
LT		 1462 while (!list_empty(&reaplist)) {
1463 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
3bd64a5b 1464 destroy_delegation(dp);
1da177e4 1465 }
956c4fee
BH		 1466 list_splice_init(&clp->cl_revoked, &reaplist);
1467 while (!list_empty(&reaplist)) {
1468 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
1469 destroy_revoked_delegation(dp);
1470 }
ea1da636 1471 while (!list_empty(&clp->cl_openowners)) {
fe0750e5
BF		 1472 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
1473 release_openowner(oo);
1da177e4 1474 }
6ff8da08 1475 nfsd4_shutdown_callback(clp);
84d38ac9
BH		 1476 if (clp->cl_cb_conn.cb_xprt)
1477 svc_xprt_put(clp->cl_cb_conn.cb_xprt);
36acb66b 1478 list_del(&clp->cl_idhash);
ac55fdc4 1479 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags))
382a62e7 1480 rb_erase(&clp->cl_namenode, &nn->conf_name_tree);
ac55fdc4 1481 else
a99454aa 1482 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
c9a49628 1483 spin_lock(&nn->client_lock);
84d38ac9 1484 unhash_client_locked(clp);
221a6876
BF		 1485 WARN_ON_ONCE(atomic_read(&clp->cl_refcount));
1486 free_client(clp);
c9a49628 1487 spin_unlock(&nn->client_lock);
1da177e4
LT		 1488}
1489
0d22f68f
BF		 1490static void expire_client(struct nfs4_client *clp)
1491{
1492 nfsd4_client_record_remove(clp);
1493 destroy_client(clp);
1494}
1495
35bba9a3
BF		 1496static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1497{
1498 memcpy(target->cl_verifier.data, source->data,
1499 sizeof(target->cl_verifier.data));
1da177e4
LT		 1500}
1501
35bba9a3
BF		 1502static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1503{
1da177e4
LT		 1504 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot;
1505 target->cl_clientid.cl_id = source->cl_clientid.cl_id;
1506}
1507
03a4e1f6 1508static int copy_cred(struct svc_cred *target, struct svc_cred *source)
35bba9a3 1509{
03a4e1f6
BF		 1510 if (source->cr_principal) {
1511 target->cr_principal =
1512 kstrdup(source->cr_principal, GFP_KERNEL);
1513 if (target->cr_principal == NULL)
1514 return -ENOMEM;
1515 } else
1516 target->cr_principal = NULL;
d5497fc6 1517 target->cr_flavor = source->cr_flavor;
1da177e4
LT		 1518 target->cr_uid = source->cr_uid;
1519 target->cr_gid = source->cr_gid;
1520 target->cr_group_info = source->cr_group_info;
1521 get_group_info(target->cr_group_info);
0dc1531a
BF		 1522 target->cr_gss_mech = source->cr_gss_mech;
1523 if (source->cr_gss_mech)
1524 gss_mech_get(source->cr_gss_mech);
03a4e1f6 1525 return 0;
1da177e4
LT		 1526}
1527
ac55fdc4
JL		 1528static long long
1529compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2)
1530{
1531 long long res;
1532
1533 res = o1->len - o2->len;
1534 if (res)
1535 return res;
1536 return (long long)memcmp(o1->data, o2->data, o1->len);
1537}
1538
35bba9a3 1539static int same_name(const char *n1, const char *n2)
599e0a22 1540{
a55370a3 1541 return 0 == memcmp(n1, n2, HEXDIR_LEN);
1da177e4
LT		 1542}
1543
1544static int
599e0a22
BF		 1545same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
1546{
1547 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1da177e4
LT		 1548}
1549
1550static int
599e0a22
BF		 1551same_clid(clientid_t *cl1, clientid_t *cl2)
1552{
1553 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1da177e4
LT		 1554}
1555
8fbba96e
BF		 1556static bool groups_equal(struct group_info *g1, struct group_info *g2)
1557{
1558 int i;
1559
1560 if (g1->ngroups != g2->ngroups)
1561 return false;
1562 for (i=0; i<g1->ngroups; i++)
6fab8779 1563 if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i)))
8fbba96e
BF		 1564 return false;
1565 return true;
1566}
1567
68eb3508
BF		 1568/*
1569 * RFC 3530 language requires clid_inuse be returned when the
1570 * "principal" associated with a requests differs from that previously
1571 * used. We use uid, gid's, and gss principal string as our best
1572 * approximation. We also don't want to allow non-gss use of a client
1573 * established using gss: in theory cr_principal should catch that
1574 * change, but in practice cr_principal can be null even in the gss case
1575 * since gssd doesn't always pass down a principal string.
1576 */
1577static bool is_gss_cred(struct svc_cred *cr)
1578{
1579 /* Is cr_flavor one of the gss "pseudoflavors"?: */
1580 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
1581}
1582
1583
5559b50a 1584static bool
599e0a22
BF		 1585same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
1586{
68eb3508 1587 if ((is_gss_cred(cr1) != is_gss_cred(cr2))
6fab8779
EB		 1588 || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
1589 || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
8fbba96e
BF		 1590 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1591 return false;
1592 if (cr1->cr_principal == cr2->cr_principal)
1593 return true;
1594 if (!cr1->cr_principal || !cr2->cr_principal)
1595 return false;
5559b50a 1596 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1da177e4
LT		 1597}
1598
57266a6e
BF		 1599static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp)
1600{
1601 struct svc_cred *cr = &rqstp->rq_cred;
1602 u32 service;
1603
c4720591
BF		 1604 if (!cr->cr_gss_mech)
1605 return false;
57266a6e
BF		 1606 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor);
1607 return service == RPC_GSS_SVC_INTEGRITY ||
1608 service == RPC_GSS_SVC_PRIVACY;
1609}
1610
1611static bool mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp)
1612{
1613 struct svc_cred *cr = &rqstp->rq_cred;
1614
1615 if (!cl->cl_mach_cred)
1616 return true;
1617 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech)
1618 return false;
1619 if (!svc_rqst_integrity_protected(rqstp))
1620 return false;
1621 if (!cr->cr_principal)
1622 return false;
1623 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal);
1624}
1625
c212cecf 1626static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn)
5ec7b46c
BF		 1627{
1628 static u32 current_clientid = 1;
1629
2c142baa 1630 clp->cl_clientid.cl_boot = nn->boot_time;
1da177e4
LT		 1631 clp->cl_clientid.cl_id = current_clientid++;
1632}
1633
deda2faa
BF		 1634static void gen_confirm(struct nfs4_client *clp)
1635{
ab4684d1 1636 __be32 verf[2];
deda2faa 1637 static u32 i;
1da177e4 1638
f419992c
JL		 1639 /*
1640 * This is opaque to client, so no need to byte-swap. Use
1641 * __force to keep sparse happy
1642 */
1643 verf[0] = (__force __be32)get_seconds();
1644 verf[1] = (__force __be32)i++;
ab4684d1 1645 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1da177e4
LT		 1646}
1647
38c2f4b1 1648static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t)
4581d140 1649{
3abdb607
BF		 1650 struct nfs4_stid *ret;
1651
1652 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id);
1653 if (!ret || !ret->sc_type)
1654 return NULL;
1655 return ret;
4d71ab87
BF		 1656}
1657
38c2f4b1 1658static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
f459e453
BF		 1659{
1660 struct nfs4_stid *s;
4d71ab87 1661
38c2f4b1 1662 s = find_stateid(cl, t);
4d71ab87
BF		 1663 if (!s)
1664 return NULL;
f459e453 1665 if (typemask & s->sc_type)
4581d140 1666 return s;
4581d140
BF		 1667 return NULL;
1668}
1669
2216d449 1670static struct nfs4_client *create_client(struct xdr_netobj name,
b09333c4
RL		 1671 struct svc_rqst *rqstp, nfs4_verifier *verf)
1672{
1673 struct nfs4_client *clp;
1674 struct sockaddr *sa = svc_addr(rqstp);
03a4e1f6 1675 int ret;
c212cecf 1676 struct net *net = SVC_NET(rqstp);
c9a49628 1677 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b09333c4
RL		 1678
1679 clp = alloc_client(name);
1680 if (clp == NULL)
1681 return NULL;
1682
03a4e1f6
BF		 1683 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
1684 if (ret) {
c9a49628 1685 spin_lock(&nn->client_lock);
03a4e1f6 1686 free_client(clp);
c9a49628 1687 spin_unlock(&nn->client_lock);
03a4e1f6 1688 return NULL;
b09333c4 1689 }
02e1215f 1690 INIT_WORK(&clp->cl_cb_null.cb_work, nfsd4_run_cb_null);
07cd4909 1691 clp->cl_time = get_seconds();
b09333c4 1692 clear_bit(0, &clp->cl_cb_slot_busy);
b09333c4
RL		 1693 copy_verf(clp, verf);
1694 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
b09333c4 1695 gen_confirm(clp);
edd76786 1696 clp->cl_cb_session = NULL;
c212cecf 1697 clp->net = net;
b09333c4
RL		 1698 return clp;
1699}
1700
fd39ca9a 1701static void
ac55fdc4
JL		 1702add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root)
1703{
1704 struct rb_node **new = &(root->rb_node), *parent = NULL;
1705 struct nfs4_client *clp;
1706
1707 while (*new) {
1708 clp = rb_entry(*new, struct nfs4_client, cl_namenode);
1709 parent = *new;
1710
1711 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0)
1712 new = &((*new)->rb_left);
1713 else
1714 new = &((*new)->rb_right);
1715 }
1716
1717 rb_link_node(&new_clp->cl_namenode, parent, new);
1718 rb_insert_color(&new_clp->cl_namenode, root);
1719}
1720
1721static struct nfs4_client *
1722find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root)
1723{
1724 long long cmp;
1725 struct rb_node *node = root->rb_node;
1726 struct nfs4_client *clp;
1727
1728 while (node) {
1729 clp = rb_entry(node, struct nfs4_client, cl_namenode);
1730 cmp = compare_blob(&clp->cl_name, name);
1731 if (cmp > 0)
1732 node = node->rb_left;
1733 else if (cmp < 0)
1734 node = node->rb_right;
1735 else
1736 return clp;
1737 }
1738 return NULL;
1739}
1740
1741static void
1742add_to_unconfirmed(struct nfs4_client *clp)
1da177e4
LT		 1743{
1744 unsigned int idhashval;
0a7ec377 1745 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 1746
ac55fdc4 1747 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
a99454aa 1748 add_clp_to_name_tree(clp, &nn->unconf_name_tree);
1da177e4 1749 idhashval = clientid_hashval(clp->cl_clientid.cl_id);
0a7ec377 1750 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]);
36acb66b 1751 renew_client(clp);
1da177e4
LT		 1752}
1753
fd39ca9a 1754static void
1da177e4
LT		 1755move_to_confirmed(struct nfs4_client *clp)
1756{
1757 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
8daae4dc 1758 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4
LT		 1759
1760 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
8daae4dc 1761 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]);
a99454aa 1762 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
382a62e7 1763 add_clp_to_name_tree(clp, &nn->conf_name_tree);
ac55fdc4 1764 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
1da177e4
LT		 1765 renew_client(clp);
1766}
1767
1768static struct nfs4_client *
bfa85e83 1769find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions)
1da177e4
LT		 1770{
1771 struct nfs4_client *clp;
1772 unsigned int idhashval = clientid_hashval(clid->cl_id);
1773
bfa85e83 1774 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) {
a50d2ad1 1775 if (same_clid(&clp->cl_clientid, clid)) {
d15c077e
BF		 1776 if ((bool)clp->cl_minorversion != sessions)
1777 return NULL;
a50d2ad1 1778 renew_client(clp);
1da177e4 1779 return clp;
a50d2ad1 1780 }
1da177e4
LT		 1781 }
1782 return NULL;
1783}
1784
bfa85e83
BF		 1785static struct nfs4_client *
1786find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1787{
1788 struct list_head *tbl = nn->conf_id_hashtbl;
1789
1790 return find_client_in_id_table(tbl, clid, sessions);
1791}
1792
1da177e4 1793static struct nfs4_client *
0a7ec377 1794find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1da177e4 1795{
bfa85e83 1796 struct list_head *tbl = nn->unconf_id_hashtbl;
1da177e4 1797
bfa85e83 1798 return find_client_in_id_table(tbl, clid, sessions);
1da177e4
LT		 1799}
1800
6e5f15c9 1801static bool clp_used_exchangeid(struct nfs4_client *clp)
a1bcecd2 1802{
6e5f15c9 1803 return clp->cl_exchange_flags != 0;
e203d506 1804}
a1bcecd2 1805
28ce6054 1806static struct nfs4_client *
382a62e7 1807find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 1808{
382a62e7 1809 return find_clp_in_name_tree(name, &nn->conf_name_tree);
28ce6054
N		 1810}
1811
1812static struct nfs4_client *
a99454aa 1813find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 1814{
a99454aa 1815 return find_clp_in_name_tree(name, &nn->unconf_name_tree);
28ce6054
N		 1816}
1817
fd39ca9a 1818static void
6f3d772f 1819gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1da177e4 1820{
07263f1e 1821 struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
6f3d772f
TU		 1822 struct sockaddr *sa = svc_addr(rqstp);
1823 u32 scopeid = rpc_get_scope_id(sa);
7077ecba
JL		 1824 unsigned short expected_family;
1825
1826 /* Currently, we only support tcp and tcp6 for the callback channel */
1827 if (se->se_callback_netid_len == 3 &&
1828 !memcmp(se->se_callback_netid_val, "tcp", 3))
1829 expected_family = AF_INET;
1830 else if (se->se_callback_netid_len == 4 &&
1831 !memcmp(se->se_callback_netid_val, "tcp6", 4))
1832 expected_family = AF_INET6;
1833 else
1da177e4
LT		 1834 goto out_err;
1835
c212cecf 1836 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val,
aa9a4ec7 1837 se->se_callback_addr_len,
07263f1e
BF		 1838 (struct sockaddr *)&conn->cb_addr,
1839 sizeof(conn->cb_addr));
aa9a4ec7 1840
07263f1e 1841 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1da177e4 1842 goto out_err;
aa9a4ec7 1843
07263f1e
BF		 1844 if (conn->cb_addr.ss_family == AF_INET6)
1845 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
fbf4665f 1846
07263f1e
BF		 1847 conn->cb_prog = se->se_callback_prog;
1848 conn->cb_ident = se->se_callback_ident;
849a1cf1 1849 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1da177e4
LT		 1850 return;
1851out_err:
07263f1e
BF		 1852 conn->cb_addr.ss_family = AF_UNSPEC;
1853 conn->cb_addrlen = 0;
849823c5 1854 dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
1da177e4
LT		 1855 "will not receive delegations\n",
1856 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
1857
1da177e4
LT		 1858 return;
1859}
1860
074fe897 1861/*
067e1ace 1862 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size.
074fe897 1863 */
b607664e 1864static void
074fe897 1865nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
074fe897 1866{
f5236013 1867 struct xdr_buf *buf = resp->xdr.buf;
557ce264
AA		 1868 struct nfsd4_slot *slot = resp->cstate.slot;
1869 unsigned int base;
074fe897 1870
557ce264 1871 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 1872
557ce264
AA		 1873 slot->sl_opcnt = resp->opcnt;
1874 slot->sl_status = resp->cstate.status;
074fe897 1875
bf5c43c8 1876 slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
bf864a31 1877 if (nfsd4_not_cached(resp)) {
557ce264 1878 slot->sl_datalen = 0;
bf864a31 1879 return;
074fe897 1880 }
f5236013
BF		 1881 base = resp->cstate.data_offset;
1882 slot->sl_datalen = buf->len - base;
1883 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen))
557ce264
AA		 1884 WARN("%s: sessions DRC could not cache compound\n", __func__);
1885 return;
074fe897
AA		 1886}
1887
1888/*
abfabf8c
AA		 1889 * Encode the replay sequence operation from the slot values.
1890 * If cachethis is FALSE encode the uncached rep error on the next
1891 * operation which sets resp->p and increments resp->opcnt for
1892 * nfs4svc_encode_compoundres.
074fe897 1893 *
074fe897 1894 */
abfabf8c
AA		 1895static __be32
1896nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
1897 struct nfsd4_compoundres *resp)
074fe897 1898{
abfabf8c
AA		 1899 struct nfsd4_op *op;
1900 struct nfsd4_slot *slot = resp->cstate.slot;
bf864a31 1901
abfabf8c
AA		 1902 /* Encode the replayed sequence operation */
1903 op = &args->ops[resp->opcnt - 1];
1904 nfsd4_encode_operation(resp, op);
bf864a31 1905
abfabf8c 1906 /* Return nfserr_retry_uncached_rep in next operation. */
73e79482 1907 if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
abfabf8c
AA		 1908 op = &args->ops[resp->opcnt++];
1909 op->status = nfserr_retry_uncached_rep;
1910 nfsd4_encode_operation(resp, op);
074fe897 1911 }
abfabf8c 1912 return op->status;
074fe897
AA		 1913}
1914
1915/*
557ce264
AA		 1916 * The sequence operation is not cached because we can use the slot and
1917 * session values.
074fe897 1918 */
3ca2eb98 1919static __be32
bf864a31
AA		 1920nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
1921 struct nfsd4_sequence *seq)
074fe897 1922{
557ce264 1923 struct nfsd4_slot *slot = resp->cstate.slot;
f5236013
BF		 1924 struct xdr_stream *xdr = &resp->xdr;
1925 __be32 *p;
074fe897
AA		 1926 __be32 status;
1927
557ce264 1928 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 1929
abfabf8c 1930 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
0da7b19c 1931 if (status)
abfabf8c 1932 return status;
074fe897 1933
f5236013
BF		 1934 p = xdr_reserve_space(xdr, slot->sl_datalen);
1935 if (!p) {
1936 WARN_ON_ONCE(1);
1937 return nfserr_serverfault;
1938 }
1939 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen);
1940 xdr_commit_encode(xdr);
074fe897 1941
557ce264 1942 resp->opcnt = slot->sl_opcnt;
f5236013 1943 return slot->sl_status;
074fe897
AA		 1944}
1945
0733d213
AA		 1946/*
1947 * Set the exchange_id flags returned by the server.
1948 */
1949static void
1950nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
1951{
1952 /* pNFS is not supported */
1953 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
1954
1955 /* Referrals are supported, Migration is not. */
1956 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
1957
1958 /* set the wire flags to return to client. */
1959 clid->flags = new->cl_exchange_flags;
1960}
1961
631fc9ea
BF		 1962static bool client_has_state(struct nfs4_client *clp)
1963{
1964 /*
1965 * Note clp->cl_openowners check isn't quite right: there's no
1966 * need to count owners without stateid's.
1967 *
1968 * Also note we should probably be using this in 4.0 case too.
1969 */
6eccece9
BF		 1970 return !list_empty(&clp->cl_openowners)
1971 || !list_empty(&clp->cl_delegations)
1972 || !list_empty(&clp->cl_sessions);
631fc9ea
BF		 1973}
1974
069b6ad4
AA		 1975__be32
1976nfsd4_exchange_id(struct svc_rqst *rqstp,
1977 struct nfsd4_compound_state *cstate,
1978 struct nfsd4_exchange_id *exid)
1979{
0733d213 1980 struct nfs4_client *unconf, *conf, *new;
57b7b43b 1981 __be32 status;
363168b4 1982 char addr_str[INET6_ADDRSTRLEN];
0733d213 1983 nfs4_verifier verf = exid->verifier;
363168b4 1984 struct sockaddr *sa = svc_addr(rqstp);
83e08fd4 1985 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
c212cecf 1986 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0733d213 1987
363168b4 1988 rpc_ntop(sa, addr_str, sizeof(addr_str));
0733d213 1989 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
363168b4 1990 "ip_addr=%s flags %x, spa_how %d\n",
0733d213 1991 __func__, rqstp, exid, exid->clname.len, exid->clname.data,
363168b4 1992 addr_str, exid->flags, exid->spa_how);
0733d213 1993
a084daf5 1994 if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
0733d213
AA		 1995 return nfserr_inval;
1996
0733d213 1997 switch (exid->spa_how) {
57266a6e
BF		 1998 case SP4_MACH_CRED:
1999 if (!svc_rqst_integrity_protected(rqstp))
2000 return nfserr_inval;
0733d213
AA		 2001 case SP4_NONE:
2002 break;
063b0fb9
BF		 2003 default: /* checked by xdr code */
2004 WARN_ON_ONCE(1);
0733d213 2005 case SP4_SSV:
dd30333c 2006 return nfserr_encr_alg_unsupp;
0733d213
AA		 2007 }
2008
2dbb269d 2009 /* Cases below refer to rfc 5661 section 18.35.4: */
0733d213 2010 nfs4_lock_state();
382a62e7 2011 conf = find_confirmed_client_by_name(&exid->clname, nn);
0733d213 2012 if (conf) {
83e08fd4
BF		 2013 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
2014 bool verfs_match = same_verf(&verf, &conf->cl_verifier);
2015
136e658d
BF		 2016 if (update) {
2017 if (!clp_used_exchangeid(conf)) { /* buggy client */
2dbb269d 2018 status = nfserr_inval;
1a308118
BF		 2019 goto out;
2020 }
57266a6e
BF		 2021 if (!mach_creds_match(conf, rqstp)) {
2022 status = nfserr_wrong_cred;
2023 goto out;
2024 }
136e658d 2025 if (!creds_match) { /* case 9 */
ea236d07 2026 status = nfserr_perm;
136e658d
BF		 2027 goto out;
2028 }
2029 if (!verfs_match) { /* case 8 */
0733d213
AA		 2030 status = nfserr_not_same;
2031 goto out;
2032 }
136e658d
BF		 2033 /* case 6 */
2034 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
2035 new = conf;
2036 goto out_copy;
0733d213 2037 }
136e658d 2038 if (!creds_match) { /* case 3 */
631fc9ea
BF		 2039 if (client_has_state(conf)) {
2040 status = nfserr_clid_inuse;
0733d213
AA		 2041 goto out;
2042 }
2043 expire_client(conf);
2044 goto out_new;
2045 }
136e658d 2046 if (verfs_match) { /* case 2 */
0f1ba0ef 2047 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d
BF		 2048 new = conf;
2049 goto out_copy;
2050 }
2051 /* case 5, client reboot */
136e658d 2052 goto out_new;
6ddbbbfe
MS		 2053 }
2054
2dbb269d 2055 if (update) { /* case 7 */
6ddbbbfe
MS		 2056 status = nfserr_noent;
2057 goto out;
0733d213
AA		 2058 }
2059
a99454aa 2060 unconf = find_unconfirmed_client_by_name(&exid->clname, nn);
2dbb269d 2061 if (unconf) /* case 4, possible retry or client restart */
0733d213 2062 expire_client(unconf);
0733d213 2063
2dbb269d 2064 /* case 1 (normal case) */
0733d213 2065out_new:
2216d449 2066 new = create_client(exid->clname, rqstp, &verf);
0733d213 2067 if (new == NULL) {
4731030d 2068 status = nfserr_jukebox;
0733d213
AA		 2069 goto out;
2070 }
4f540e29 2071 new->cl_minorversion = cstate->minorversion;
57266a6e 2072 new->cl_mach_cred = (exid->spa_how == SP4_MACH_CRED);
0733d213 2073
c212cecf 2074 gen_clid(new, nn);
ac55fdc4 2075 add_to_unconfirmed(new);
0733d213
AA		 2076out_copy:
2077 exid->clientid.cl_boot = new->cl_clientid.cl_boot;
2078 exid->clientid.cl_id = new->cl_clientid.cl_id;
2079
778df3f0 2080 exid->seqid = new->cl_cs_slot.sl_seqid + 1;
0733d213
AA		 2081 nfsd4_set_ex_flags(new, exid);
2082
2083 dprintk("nfsd4_exchange_id seqid %d flags %x\n",
49557cc7 2084 new->cl_cs_slot.sl_seqid, new->cl_exchange_flags);
0733d213
AA		 2085 status = nfs_ok;
2086
2087out:
2088 nfs4_unlock_state();
0733d213 2089 return status;
069b6ad4
AA		 2090}
2091
57b7b43b 2092static __be32
88e588d5 2093check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
b85d4c01 2094{
88e588d5
AA		 2095 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
2096 slot_seqid);
b85d4c01
BH		 2097
2098 /* The slot is in use, and no response has been sent. */
88e588d5
AA		 2099 if (slot_inuse) {
2100 if (seqid == slot_seqid)
b85d4c01
BH		 2101 return nfserr_jukebox;
2102 else
2103 return nfserr_seq_misordered;
2104 }
f6d82485 2105 /* Note unsigned 32-bit arithmetic handles wraparound: */
88e588d5 2106 if (likely(seqid == slot_seqid + 1))
b85d4c01 2107 return nfs_ok;
88e588d5 2108 if (seqid == slot_seqid)
b85d4c01 2109 return nfserr_replay_cache;
b85d4c01
BH		 2110 return nfserr_seq_misordered;
2111}
2112
49557cc7
AA		 2113/*
2114 * Cache the create session result into the create session single DRC
2115 * slot cache by saving the xdr structure. sl_seqid has been set.
2116 * Do this for solo or embedded create session operations.
2117 */
2118static void
2119nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
57b7b43b 2120 struct nfsd4_clid_slot *slot, __be32 nfserr)
49557cc7
AA		 2121{
2122 slot->sl_status = nfserr;
2123 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
2124}
2125
2126static __be32
2127nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
2128 struct nfsd4_clid_slot *slot)
2129{
2130 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
2131 return slot->sl_status;
2132}
2133
1b74c25b
MJ		 2134#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
2135 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
2136 1 + /* MIN tag is length with zero, only length */ \
2137 3 + /* version, opcount, opcode */ \
2138 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2139 /* seqid, slotID, slotID, cache */ \
2140 4 ) * sizeof(__be32))
2141
2142#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
2143 2 + /* verifier: AUTH_NULL, length 0 */\
2144 1 + /* status */ \
2145 1 + /* MIN tag is length with zero, only length */ \
2146 3 + /* opcount, opcode, opstatus*/ \
2147 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2148 /* seqid, slotID, slotID, slotID, status */ \
2149 5 ) * sizeof(__be32))
2150
55c760cf 2151static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
1b74c25b 2152{
55c760cf
BF		 2153 u32 maxrpc = nn->nfsd_serv->sv_max_mesg;
2154
373cd409
BF		 2155 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ)
2156 return nfserr_toosmall;
2157 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ)
2158 return nfserr_toosmall;
55c760cf
BF		 2159 ca->headerpadsz = 0;
2160 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc);
2161 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc);
2162 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND);
2163 ca->maxresp_cached = min_t(u32, ca->maxresp_cached,
2164 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ);
2165 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION);
2166 /*
2167 * Note decreasing slot size below client's request may make it
2168 * difficult for client to function correctly, whereas
2169 * decreasing the number of slots will (just?) affect
2170 * performance. When short on memory we therefore prefer to
2171 * decrease number of slots instead of their size. Clients that
2172 * request larger slots than they need will get poor results:
2173 */
2174 ca->maxreqs = nfsd4_get_drc_mem(ca);
2175 if (!ca->maxreqs)
2176 return nfserr_jukebox;
2177
373cd409 2178 return nfs_ok;
1b74c25b
MJ		 2179}
2180
8a891633
KM		 2181#define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
2182 RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32))
2183#define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
2184 RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32))
2185
06b332a5 2186static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
1b74c25b 2187{
06b332a5
BF		 2188 ca->headerpadsz = 0;
2189
2190 /*
2191 * These RPC_MAX_HEADER macros are overkill, especially since we
2192 * don't even do gss on the backchannel yet. But this is still
2193 * less than 1k. Tighten up this estimate in the unlikely event
2194 * it turns out to be a problem for some client:
2195 */
8a891633 2196 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
06b332a5 2197 return nfserr_toosmall;
8a891633 2198 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
06b332a5
BF		 2199 return nfserr_toosmall;
2200 ca->maxresp_cached = 0;
2201 if (ca->maxops < 2)
2202 return nfserr_toosmall;
2203
2204 return nfs_ok;
1b74c25b
MJ		 2205}
2206
b78724b7
BF		 2207static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs)
2208{
2209 switch (cbs->flavor) {
2210 case RPC_AUTH_NULL:
2211 case RPC_AUTH_UNIX:
2212 return nfs_ok;
2213 default:
2214 /*
2215 * GSS case: the spec doesn't allow us to return this
2216 * error. But it also doesn't allow us not to support
2217 * GSS.
2218 * I'd rather this fail hard than return some error the
2219 * client might think it can already handle:
2220 */
2221 return nfserr_encr_alg_unsupp;
2222 }
2223}
2224
069b6ad4
AA		 2225__be32
2226nfsd4_create_session(struct svc_rqst *rqstp,
2227 struct nfsd4_compound_state *cstate,
2228 struct nfsd4_create_session *cr_ses)
2229{
363168b4 2230 struct sockaddr *sa = svc_addr(rqstp);
ec6b5d7b 2231 struct nfs4_client *conf, *unconf;
ac7c46f2 2232 struct nfsd4_session *new;
81f0b2a4 2233 struct nfsd4_conn *conn;
49557cc7 2234 struct nfsd4_clid_slot *cs_slot = NULL;
57b7b43b 2235 __be32 status = 0;
8daae4dc 2236 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
ec6b5d7b 2237
a62573dc
MJ		 2238 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
2239 return nfserr_inval;
b78724b7
BF		 2240 status = nfsd4_check_cb_sec(&cr_ses->cb_sec);
2241 if (status)
2242 return status;
55c760cf 2243 status = check_forechannel_attrs(&cr_ses->fore_channel, nn);
06b332a5
BF		 2244 if (status)
2245 return status;
2246 status = check_backchannel_attrs(&cr_ses->back_channel);
373cd409 2247 if (status)
f403e450 2248 goto out_release_drc_mem;
81f0b2a4 2249 status = nfserr_jukebox;
60810e54 2250 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel);
55c760cf
BF		 2251 if (!new)
2252 goto out_release_drc_mem;
81f0b2a4
BF		 2253 conn = alloc_conn_from_crses(rqstp, cr_ses);
2254 if (!conn)
2255 goto out_free_session;
a62573dc 2256
ec6b5d7b 2257 nfs4_lock_state();
0a7ec377 2258 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn);
8daae4dc 2259 conf = find_confirmed_client(&cr_ses->clientid, true, nn);
78389046 2260 WARN_ON_ONCE(conf && unconf);
ec6b5d7b
AA		 2261
2262 if (conf) {
57266a6e
BF		 2263 status = nfserr_wrong_cred;
2264 if (!mach_creds_match(conf, rqstp))
2265 goto out_free_conn;
49557cc7
AA		 2266 cs_slot = &conf->cl_cs_slot;
2267 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5 2268 if (status == nfserr_replay_cache) {
49557cc7 2269 status = nfsd4_replay_create_session(cr_ses, cs_slot);
81f0b2a4 2270 goto out_free_conn;
49557cc7 2271 } else if (cr_ses->seqid != cs_slot->sl_seqid + 1) {
ec6b5d7b 2272 status = nfserr_seq_misordered;
81f0b2a4 2273 goto out_free_conn;
ec6b5d7b 2274 }
ec6b5d7b 2275 } else if (unconf) {
8f9d3d3b 2276 struct nfs4_client *old;
ec6b5d7b 2277 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
363168b4 2278 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
ec6b5d7b 2279 status = nfserr_clid_inuse;
81f0b2a4 2280 goto out_free_conn;
ec6b5d7b 2281 }
57266a6e
BF		 2282 status = nfserr_wrong_cred;
2283 if (!mach_creds_match(unconf, rqstp))
2284 goto out_free_conn;
49557cc7
AA		 2285 cs_slot = &unconf->cl_cs_slot;
2286 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5
AA		 2287 if (status) {
2288 /* an unconfirmed replay returns misordered */
ec6b5d7b 2289 status = nfserr_seq_misordered;
81f0b2a4 2290 goto out_free_conn;
ec6b5d7b 2291 }
382a62e7 2292 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876
BF		 2293 if (old) {
2294 status = mark_client_expired(old);
2295 if (status)
2296 goto out_free_conn;
8f9d3d3b 2297 expire_client(old);
221a6876 2298 }
8f9d3d3b 2299 move_to_confirmed(unconf);
ec6b5d7b
AA		 2300 conf = unconf;
2301 } else {
2302 status = nfserr_stale_clientid;
81f0b2a4 2303 goto out_free_conn;
ec6b5d7b 2304 }
81f0b2a4 2305 status = nfs_ok;
408b79bc
BF		 2306 /*
2307 * We do not support RDMA or persistent sessions
2308 */
2309 cr_ses->flags &= ~SESSION4_PERSIST;
2310 cr_ses->flags &= ~SESSION4_RDMA;
2311
81f0b2a4
BF		 2312 init_session(rqstp, new, conf, cr_ses);
2313 nfsd4_init_conn(rqstp, conn, new);
2314
ac7c46f2 2315 memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
ec6b5d7b 2316 NFS4_MAX_SESSIONID_LEN);
86c3e16c 2317 cs_slot->sl_seqid++;
49557cc7 2318 cr_ses->seqid = cs_slot->sl_seqid;
ec6b5d7b 2319
49557cc7
AA		 2320 /* cache solo and embedded create sessions under the state lock */
2321 nfsd4_cache_create_session(cr_ses, cs_slot, status);
ec6b5d7b 2322 nfs4_unlock_state();
ec6b5d7b 2323 return status;
81f0b2a4 2324out_free_conn:
266533c6 2325 nfs4_unlock_state();
81f0b2a4
BF		 2326 free_conn(conn);
2327out_free_session:
2328 __free_session(new);
55c760cf
BF		 2329out_release_drc_mem:
2330 nfsd4_put_drc_mem(&cr_ses->fore_channel);
1ca50792 2331 return status;
069b6ad4
AA		 2332}
2333
1d1bc8f2
BF		 2334static __be32 nfsd4_map_bcts_dir(u32 *dir)
2335{
2336 switch (*dir) {
2337 case NFS4_CDFC4_FORE:
2338 case NFS4_CDFC4_BACK:
2339 return nfs_ok;
2340 case NFS4_CDFC4_FORE_OR_BOTH:
2341 case NFS4_CDFC4_BACK_OR_BOTH:
2342 *dir = NFS4_CDFC4_BOTH;
2343 return nfs_ok;
2344 };
2345 return nfserr_inval;
2346}
2347
cb73a9f4
BF		 2348__be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_backchannel_ctl *bc)
2349{
2350 struct nfsd4_session *session = cstate->session;
c9a49628 2351 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
b78724b7 2352 __be32 status;
cb73a9f4 2353
b78724b7
BF		 2354 status = nfsd4_check_cb_sec(&bc->bc_cb_sec);
2355 if (status)
2356 return status;
c9a49628 2357 spin_lock(&nn->client_lock);
cb73a9f4
BF		 2358 session->se_cb_prog = bc->bc_cb_program;
2359 session->se_cb_sec = bc->bc_cb_sec;
c9a49628 2360 spin_unlock(&nn->client_lock);
cb73a9f4
BF		 2361
2362 nfsd4_probe_callback(session->se_client);
2363
2364 return nfs_ok;
2365}
2366
1d1bc8f2
BF		 2367__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
2368 struct nfsd4_compound_state *cstate,
2369 struct nfsd4_bind_conn_to_session *bcts)
2370{
2371 __be32 status;
3ba63671 2372 struct nfsd4_conn *conn;
4f6e6c17 2373 struct nfsd4_session *session;
d4e19e70
TM		 2374 struct net *net = SVC_NET(rqstp);
2375 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1d1bc8f2
BF		 2376
2377 if (!nfsd4_last_compound_op(rqstp))
2378 return nfserr_not_only_op;
4f6e6c17 2379 nfs4_lock_state();
c9a49628 2380 spin_lock(&nn->client_lock);
d4e19e70 2381 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status);
c9a49628 2382 spin_unlock(&nn->client_lock);
4f6e6c17 2383 if (!session)
d4e19e70 2384 goto out_no_session;
57266a6e
BF		 2385 status = nfserr_wrong_cred;
2386 if (!mach_creds_match(session->se_client, rqstp))
2387 goto out;
1d1bc8f2 2388 status = nfsd4_map_bcts_dir(&bcts->dir);
3ba63671 2389 if (status)
4f6e6c17 2390 goto out;
3ba63671 2391 conn = alloc_conn(rqstp, bcts->dir);
4f6e6c17 2392 status = nfserr_jukebox;
3ba63671 2393 if (!conn)
4f6e6c17
BF		 2394 goto out;
2395 nfsd4_init_conn(rqstp, conn, session);
2396 status = nfs_ok;
2397out:
d4e19e70
TM		 2398 nfsd4_put_session(session);
2399out_no_session:
4f6e6c17
BF		 2400 nfs4_unlock_state();
2401 return status;
1d1bc8f2
BF		 2402}
2403
5d4cec2f
BF		 2404static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
2405{
2406 if (!session)
2407 return 0;
2408 return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
2409}
2410
069b6ad4
AA		 2411__be32
2412nfsd4_destroy_session(struct svc_rqst *r,
2413 struct nfsd4_compound_state *cstate,
2414 struct nfsd4_destroy_session *sessionid)
2415{
e10e0cfc 2416 struct nfsd4_session *ses;
abcdff09 2417 __be32 status;
f0f51f5c 2418 int ref_held_by_me = 0;
d4e19e70
TM		 2419 struct net *net = SVC_NET(r);
2420 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
e10e0cfc 2421
abcdff09
BF		 2422 nfs4_lock_state();
2423 status = nfserr_not_only_op;
5d4cec2f 2424 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
57716355 2425 if (!nfsd4_last_compound_op(r))
abcdff09 2426 goto out;
f0f51f5c 2427 ref_held_by_me++;
57716355 2428 }
e10e0cfc 2429 dump_sessionid(__func__, &sessionid->sessionid);
c9a49628 2430 spin_lock(&nn->client_lock);
d4e19e70 2431 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status);
abcdff09
BF		 2432 if (!ses)
2433 goto out_client_lock;
57266a6e
BF		 2434 status = nfserr_wrong_cred;
2435 if (!mach_creds_match(ses->se_client, r))
d4e19e70 2436 goto out_put_session;
f0f51f5c 2437 status = mark_session_dead_locked(ses, 1 + ref_held_by_me);
66b2b9b2 2438 if (status)
f0f51f5c 2439 goto out_put_session;
e10e0cfc 2440 unhash_session(ses);
c9a49628 2441 spin_unlock(&nn->client_lock);
e10e0cfc 2442
84f5f7cc 2443 nfsd4_probe_callback_sync(ses->se_client);
19cf5c02 2444
c9a49628 2445 spin_lock(&nn->client_lock);
e10e0cfc 2446 status = nfs_ok;
f0f51f5c 2447out_put_session:
d4e19e70 2448 nfsd4_put_session_locked(ses);
abcdff09
BF		 2449out_client_lock:
2450 spin_unlock(&nn->client_lock);
e10e0cfc 2451out:
abcdff09 2452 nfs4_unlock_state();
e10e0cfc 2453 return status;
069b6ad4
AA		 2454}
2455
a663bdd8 2456static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
328ead28
BF		 2457{
2458 struct nfsd4_conn *c;
2459
2460 list_for_each_entry(c, &s->se_conns, cn_persession) {
a663bdd8 2461 if (c->cn_xprt == xpt) {
328ead28
BF		 2462 return c;
2463 }
2464 }
2465 return NULL;
2466}
2467
57266a6e 2468static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
328ead28
BF		 2469{
2470 struct nfs4_client *clp = ses->se_client;
a663bdd8 2471 struct nfsd4_conn *c;
57266a6e 2472 __be32 status = nfs_ok;
21b75b01 2473 int ret;
328ead28
BF		 2474
2475 spin_lock(&clp->cl_lock);
a663bdd8 2476 c = __nfsd4_find_conn(new->cn_xprt, ses);
57266a6e
BF		 2477 if (c)
2478 goto out_free;
2479 status = nfserr_conn_not_bound_to_session;
2480 if (clp->cl_mach_cred)
2481 goto out_free;
328ead28
BF		 2482 __nfsd4_hash_conn(new, ses);
2483 spin_unlock(&clp->cl_lock);
21b75b01
BF		 2484 ret = nfsd4_register_conn(new);
2485 if (ret)
2486 /* oops; xprt is already down: */
2487 nfsd4_conn_lost(&new->cn_xpt_user);
57266a6e
BF		 2488 return nfs_ok;
2489out_free:
2490 spin_unlock(&clp->cl_lock);
2491 free_conn(new);
2492 return status;
328ead28
BF		 2493}
2494
868b89c3
MJ		 2495static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
2496{
2497 struct nfsd4_compoundargs *args = rqstp->rq_argp;
2498
2499 return args->opcnt > session->se_fchannel.maxops;
2500}
2501
ae82a8d0
MJ		 2502static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
2503 struct nfsd4_session *session)
2504{
2505 struct xdr_buf *xb = &rqstp->rq_arg;
2506
2507 return xb->len > session->se_fchannel.maxreq_sz;
2508}
2509
069b6ad4 2510__be32
b85d4c01 2511nfsd4_sequence(struct svc_rqst *rqstp,
069b6ad4
AA		 2512 struct nfsd4_compound_state *cstate,
2513 struct nfsd4_sequence *seq)
2514{
f9bb94c4 2515 struct nfsd4_compoundres *resp = rqstp->rq_resp;
47ee5298 2516 struct xdr_stream *xdr = &resp->xdr;
b85d4c01 2517 struct nfsd4_session *session;
221a6876 2518 struct nfs4_client *clp;
b85d4c01 2519 struct nfsd4_slot *slot;
a663bdd8 2520 struct nfsd4_conn *conn;
57b7b43b 2521 __be32 status;
47ee5298 2522 int buflen;
d4e19e70
TM		 2523 struct net *net = SVC_NET(rqstp);
2524 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b85d4c01 2525
f9bb94c4
AA		 2526 if (resp->opcnt != 1)
2527 return nfserr_sequence_pos;
2528
a663bdd8
BF		 2529 /*
2530 * Will be either used or freed by nfsd4_sequence_check_conn
2531 * below.
2532 */
2533 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
2534 if (!conn)
2535 return nfserr_jukebox;
2536
c9a49628 2537 spin_lock(&nn->client_lock);
d4e19e70 2538 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status);
b85d4c01 2539 if (!session)
221a6876
BF		 2540 goto out_no_session;
2541 clp = session->se_client;
b85d4c01 2542
868b89c3
MJ		 2543 status = nfserr_too_many_ops;
2544 if (nfsd4_session_too_many_ops(rqstp, session))
66b2b9b2 2545 goto out_put_session;
868b89c3 2546
ae82a8d0
MJ		 2547 status = nfserr_req_too_big;
2548 if (nfsd4_request_too_big(rqstp, session))
66b2b9b2 2549 goto out_put_session;
ae82a8d0 2550
b85d4c01 2551 status = nfserr_badslot;
6c18ba9f 2552 if (seq->slotid >= session->se_fchannel.maxreqs)
66b2b9b2 2553 goto out_put_session;
b85d4c01 2554
557ce264 2555 slot = session->se_slots[seq->slotid];
b85d4c01
BH		 2556 dprintk("%s: slotid %d\n", __func__, seq->slotid);
2557
a8dfdaeb
AA		 2558 /* We do not negotiate the number of slots yet, so set the
2559 * maxslots to the session maxreqs which is used to encode
2560 * sr_highest_slotid and the sr_target_slot id to maxslots */
2561 seq->maxslots = session->se_fchannel.maxreqs;
2562
73e79482
BF		 2563 status = check_slot_seqid(seq->seqid, slot->sl_seqid,
2564 slot->sl_flags & NFSD4_SLOT_INUSE);
b85d4c01 2565 if (status == nfserr_replay_cache) {
bf5c43c8
BF		 2566 status = nfserr_seq_misordered;
2567 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
66b2b9b2 2568 goto out_put_session;
b85d4c01
BH		 2569 cstate->slot = slot;
2570 cstate->session = session;
4b24ca7d 2571 cstate->clp = clp;
da3846a2 2572 /* Return the cached reply status and set cstate->status
557ce264 2573 * for nfsd4_proc_compound processing */
bf864a31 2574 status = nfsd4_replay_cache_entry(resp, seq);
da3846a2 2575 cstate->status = nfserr_replay_cache;
aaf84eb9 2576 goto out;
b85d4c01
BH		 2577 }
2578 if (status)
66b2b9b2 2579 goto out_put_session;
b85d4c01 2580
57266a6e 2581 status = nfsd4_sequence_check_conn(conn, session);
a663bdd8 2582 conn = NULL;
57266a6e
BF		 2583 if (status)
2584 goto out_put_session;
328ead28 2585
47ee5298
BF		 2586 buflen = (seq->cachethis) ?
2587 session->se_fchannel.maxresp_cached :
2588 session->se_fchannel.maxresp_sz;
2589 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :
2590 nfserr_rep_too_big;
a5cddc88 2591 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))
47ee5298 2592 goto out_put_session;
32aaa62e 2593 svc_reserve(rqstp, buflen);
47ee5298
BF		 2594
2595 status = nfs_ok;
b85d4c01 2596 /* Success! bump slot seqid */
b85d4c01 2597 slot->sl_seqid = seq->seqid;
bf5c43c8 2598 slot->sl_flags |= NFSD4_SLOT_INUSE;
73e79482
BF		 2599 if (seq->cachethis)
2600 slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
bf5c43c8
BF		 2601 else
2602 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
b85d4c01
BH		 2603
2604 cstate->slot = slot;
2605 cstate->session = session;
4b24ca7d 2606 cstate->clp = clp;
b85d4c01 2607
b85d4c01 2608out:
221a6876
BF		 2609 switch (clp->cl_cb_state) {
2610 case NFSD4_CB_DOWN:
2611 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
2612 break;
2613 case NFSD4_CB_FAULT:
2614 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
2615 break;
2616 default:
2617 seq->status_flags = 0;
aaf84eb9 2618 }
3bd64a5b
BF		 2619 if (!list_empty(&clp->cl_revoked))
2620 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED;
221a6876 2621out_no_session:
3f42d2c4
KM		 2622 if (conn)
2623 free_conn(conn);
c9a49628 2624 spin_unlock(&nn->client_lock);
b85d4c01 2625 return status;
66b2b9b2 2626out_put_session:
d4e19e70 2627 nfsd4_put_session_locked(session);
221a6876 2628 goto out_no_session;
069b6ad4
AA		 2629}
2630
b607664e
TM		 2631void
2632nfsd4_sequence_done(struct nfsd4_compoundres *resp)
2633{
2634 struct nfsd4_compound_state *cs = &resp->cstate;
2635
2636 if (nfsd4_has_session(cs)) {
b607664e
TM		 2637 if (cs->status != nfserr_replay_cache) {
2638 nfsd4_store_cache_entry(resp);
2639 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE;
2640 }
d4e19e70 2641 /* Drop session reference that was taken in nfsd4_sequence() */
b607664e 2642 nfsd4_put_session(cs->session);
4b24ca7d
JL		 2643 } else if (cs->clp)
2644 put_client_renew(cs->clp);
b607664e
TM		 2645}
2646
345c2842
MJ		 2647__be32
2648nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
2649{
2650 struct nfs4_client *conf, *unconf, *clp;
57b7b43b 2651 __be32 status = 0;
8daae4dc 2652 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
345c2842
MJ		 2653
2654 nfs4_lock_state();
0a7ec377 2655 unconf = find_unconfirmed_client(&dc->clientid, true, nn);
8daae4dc 2656 conf = find_confirmed_client(&dc->clientid, true, nn);
78389046 2657 WARN_ON_ONCE(conf && unconf);
345c2842
MJ		 2658
2659 if (conf) {
2660 clp = conf;
2661
c0293b01 2662 if (client_has_state(conf)) {
345c2842
MJ		 2663 status = nfserr_clientid_busy;
2664 goto out;
2665 }
2666 } else if (unconf)
2667 clp = unconf;
2668 else {
2669 status = nfserr_stale_clientid;
2670 goto out;
2671 }
57266a6e
BF		 2672 if (!mach_creds_match(clp, rqstp)) {
2673 status = nfserr_wrong_cred;
2674 goto out;
2675 }
345c2842
MJ		 2676 expire_client(clp);
2677out:
2678 nfs4_unlock_state();
345c2842
MJ		 2679 return status;
2680}
2681
4dc6ec00
BF		 2682__be32
2683nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
2684{
57b7b43b 2685 __be32 status = 0;
bcecf1cc 2686
4dc6ec00
BF		 2687 if (rc->rca_one_fs) {
2688 if (!cstate->current_fh.fh_dentry)
2689 return nfserr_nofilehandle;
2690 /*
2691 * We don't take advantage of the rca_one_fs case.
2692 * That's OK, it's optional, we can safely ignore it.
2693 */
2694 return nfs_ok;
2695 }
bcecf1cc 2696
4dc6ec00 2697 nfs4_lock_state();
bcecf1cc 2698 status = nfserr_complete_already;
a52d726b
JL		 2699 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
2700 &cstate->session->se_client->cl_flags))
bcecf1cc
MJ		 2701 goto out;
2702
2703 status = nfserr_stale_clientid;
2704 if (is_client_expired(cstate->session->se_client))
4dc6ec00
BF		 2705 /*
2706 * The following error isn't really legal.
2707 * But we only get here if the client just explicitly
2708 * destroyed the client. Surely it no longer cares what
2709 * error it gets back on an operation for the dead
2710 * client.
2711 */
bcecf1cc
MJ		 2712 goto out;
2713
2714 status = nfs_ok;
2a4317c5 2715 nfsd4_client_record_create(cstate->session->se_client);
bcecf1cc 2716out:
4dc6ec00 2717 nfs4_unlock_state();
bcecf1cc 2718 return status;
4dc6ec00
BF		 2719}
2720
b37ad28b 2721__be32
b591480b
BF		 2722nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
2723 struct nfsd4_setclientid *setclid)
1da177e4 2724{
a084daf5 2725 struct xdr_netobj clname = setclid->se_name;
1da177e4 2726 nfs4_verifier clverifier = setclid->se_verf;
28ce6054 2727 struct nfs4_client *conf, *unconf, *new;
b37ad28b 2728 __be32 status;
c212cecf
SK		 2729 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2730
63db4632 2731 /* Cases below refer to rfc 3530 section 14.2.33: */
1da177e4 2732 nfs4_lock_state();
382a62e7 2733 conf = find_confirmed_client_by_name(&clname, nn);
28ce6054 2734 if (conf) {
63db4632 2735 /* case 0: */
1da177e4 2736 status = nfserr_clid_inuse;
e203d506
BF		 2737 if (clp_used_exchangeid(conf))
2738 goto out;
026722c2 2739 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
363168b4
JL		 2740 char addr_str[INET6_ADDRSTRLEN];
2741 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
2742 sizeof(addr_str));
2743 dprintk("NFSD: setclientid: string in use by client "
2744 "at %s\n", addr_str);
1da177e4
LT		 2745 goto out;
2746 }
1da177e4 2747 }
a99454aa 2748 unconf = find_unconfirmed_client_by_name(&clname, nn);
8f930711
BF		 2749 if (unconf)
2750 expire_client(unconf);
3e772463 2751 status = nfserr_jukebox;
2216d449 2752 new = create_client(clname, rqstp, &clverifier);
8f930711
BF		 2753 if (new == NULL)
2754 goto out;
34b232bb 2755 if (conf && same_verf(&conf->cl_verifier, &clverifier))
63db4632 2756 /* case 1: probable callback update */
1da177e4 2757 copy_clid(new, conf);
34b232bb 2758 else /* case 4 (new client) or cases 2, 3 (client reboot): */
c212cecf 2759 gen_clid(new, nn);
8323c3b2 2760 new->cl_minorversion = 0;
6f3d772f 2761 gen_callback(new, setclid, rqstp);
ac55fdc4 2762 add_to_unconfirmed(new);
1da177e4
LT		 2763 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
2764 setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
2765 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
2766 status = nfs_ok;
2767out:
2768 nfs4_unlock_state();
2769 return status;
2770}
2771
2772
b37ad28b 2773__be32
b591480b
BF		 2774nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
2775 struct nfsd4_compound_state *cstate,
2776 struct nfsd4_setclientid_confirm *setclientid_confirm)
1da177e4 2777{
21ab45a4 2778 struct nfs4_client *conf, *unconf;
1da177e4
LT		 2779 nfs4_verifier confirm = setclientid_confirm->sc_confirm;
2780 clientid_t * clid = &setclientid_confirm->sc_clientid;
b37ad28b 2781 __be32 status;
7f2210fa 2782 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 2783
2c142baa 2784 if (STALE_CLIENTID(clid, nn))
1da177e4 2785 return nfserr_stale_clientid;
1da177e4 2786 nfs4_lock_state();
21ab45a4 2787
8daae4dc 2788 conf = find_confirmed_client(clid, false, nn);
0a7ec377 2789 unconf = find_unconfirmed_client(clid, false, nn);
a186e767 2790 /*
8695b90a
BF		 2791 * We try hard to give out unique clientid's, so if we get an
2792 * attempt to confirm the same clientid with a different cred,
2793 * there's a bug somewhere. Let's charitably assume it's our
2794 * bug.
a186e767 2795 */
8695b90a
BF		 2796 status = nfserr_serverfault;
2797 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
2798 goto out;
2799 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
2800 goto out;
63db4632 2801 /* cases below refer to rfc 3530 section 14.2.34: */
90d700b7
BF		 2802 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
2803 if (conf && !unconf) /* case 2: probable retransmit */
1da177e4 2804 status = nfs_ok;
90d700b7
BF		 2805 else /* case 4: client hasn't noticed we rebooted yet? */
2806 status = nfserr_stale_clientid;
2807 goto out;
2808 }
2809 status = nfs_ok;
2810 if (conf) { /* case 1: callback update */
8695b90a
BF		 2811 nfsd4_change_callback(conf, &unconf->cl_cb_conn);
2812 nfsd4_probe_callback(conf);
2813 expire_client(unconf);
90d700b7 2814 } else { /* case 3: normal case; new or rebooted client */
382a62e7 2815 conf = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876
BF		 2816 if (conf) {
2817 status = mark_client_expired(conf);
2818 if (status)
2819 goto out;
8695b90a 2820 expire_client(conf);
221a6876 2821 }
8695b90a 2822 move_to_confirmed(unconf);
f3d03b92 2823 nfsd4_probe_callback(unconf);
08e8987c 2824 }
1da177e4 2825out:
1da177e4
LT		 2826 nfs4_unlock_state();
2827 return status;
2828}
2829
32513b40
BF		 2830static struct nfs4_file *nfsd4_alloc_file(void)
2831{
2832 return kmem_cache_alloc(file_slab, GFP_KERNEL);
2833}
2834
1da177e4 2835/* OPEN Share state helper functions */
32513b40 2836static void nfsd4_init_file(struct nfs4_file *fp, struct inode *ino)
1da177e4 2837{
1da177e4
LT		 2838 unsigned int hashval = file_hashval(ino);
2839
950e0118
TM		 2840 lockdep_assert_held(&state_lock);
2841
32513b40 2842 atomic_set(&fp->fi_ref, 1);
1d31a253 2843 spin_lock_init(&fp->fi_lock);
32513b40
BF		 2844 INIT_LIST_HEAD(&fp->fi_stateids);
2845 INIT_LIST_HEAD(&fp->fi_delegations);
950e0118
TM		 2846 ihold(ino);
2847 fp->fi_inode = ino;
32513b40
BF		 2848 fp->fi_had_conflict = false;
2849 fp->fi_lease = NULL;
baeb4ff0 2850 fp->fi_share_deny = 0;
32513b40
BF		 2851 memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
2852 memset(fp->fi_access, 0, sizeof(fp->fi_access));
89876f8c 2853 hlist_add_head(&fp->fi_hash, &file_hashtbl[hashval]);
1da177e4
LT		 2854}
2855
e8ff2a84 2856void
1da177e4
LT		 2857nfsd4_free_slabs(void)
2858{
abf1135b
CH		 2859 kmem_cache_destroy(openowner_slab);
2860 kmem_cache_destroy(lockowner_slab);
2861 kmem_cache_destroy(file_slab);
2862 kmem_cache_destroy(stateid_slab);
2863 kmem_cache_destroy(deleg_slab);
e60d4398 2864}
1da177e4 2865
72083396 2866int
e60d4398
N		 2867nfsd4_init_slabs(void)
2868{
fe0750e5
BF		 2869 openowner_slab = kmem_cache_create("nfsd4_openowners",
2870 sizeof(struct nfs4_openowner), 0, 0, NULL);
2871 if (openowner_slab == NULL)
abf1135b 2872 goto out;
fe0750e5 2873 lockowner_slab = kmem_cache_create("nfsd4_lockowners",
3c40794b 2874 sizeof(struct nfs4_lockowner), 0, 0, NULL);
fe0750e5 2875 if (lockowner_slab == NULL)
abf1135b 2876 goto out_free_openowner_slab;
e60d4398 2877 file_slab = kmem_cache_create("nfsd4_files",
20c2df83 2878 sizeof(struct nfs4_file), 0, 0, NULL);
e60d4398 2879 if (file_slab == NULL)
abf1135b 2880 goto out_free_lockowner_slab;
5ac049ac 2881 stateid_slab = kmem_cache_create("nfsd4_stateids",
dcef0413 2882 sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
5ac049ac 2883 if (stateid_slab == NULL)
abf1135b 2884 goto out_free_file_slab;
5b2d21c1 2885 deleg_slab = kmem_cache_create("nfsd4_delegations",
20c2df83 2886 sizeof(struct nfs4_delegation), 0, 0, NULL);
5b2d21c1 2887 if (deleg_slab == NULL)
abf1135b 2888 goto out_free_stateid_slab;
e60d4398 2889 return 0;
abf1135b
CH		 2890
2891out_free_stateid_slab:
2892 kmem_cache_destroy(stateid_slab);
2893out_free_file_slab:
2894 kmem_cache_destroy(file_slab);
2895out_free_lockowner_slab:
2896 kmem_cache_destroy(lockowner_slab);
2897out_free_openowner_slab:
2898 kmem_cache_destroy(openowner_slab);
2899out:
e60d4398
N		 2900 dprintk("nfsd4: out of memory while initializing nfsv4\n");
2901 return -ENOMEM;
1da177e4
LT		 2902}
2903
ff194bd9 2904static void init_nfs4_replay(struct nfs4_replay *rp)
1da177e4 2905{
ff194bd9
BF		 2906 rp->rp_status = nfserr_serverfault;
2907 rp->rp_buflen = 0;
2908 rp->rp_buf = rp->rp_ibuf;
1da177e4
LT		 2909}
2910
fe0750e5 2911static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
ff194bd9 2912{
1da177e4 2913 struct nfs4_stateowner *sop;
1da177e4 2914
fe0750e5 2915 sop = kmem_cache_alloc(slab, GFP_KERNEL);
ff194bd9
BF		 2916 if (!sop)
2917 return NULL;
2918
2919 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
2920 if (!sop->so_owner.data) {
fe0750e5 2921 kmem_cache_free(slab, sop);
1da177e4 2922 return NULL;
ff194bd9
BF		 2923 }
2924 sop->so_owner.len = owner->len;
2925
ea1da636 2926 INIT_LIST_HEAD(&sop->so_stateids);
ff194bd9
BF		 2927 sop->so_client = clp;
2928 init_nfs4_replay(&sop->so_replay);
2929 return sop;
2930}
2931
fe0750e5 2932static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
ff194bd9 2933{
9b531137
SK		 2934 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2935
2936 list_add(&oo->oo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]);
fe0750e5 2937 list_add(&oo->oo_perclient, &clp->cl_openowners);
ff194bd9
BF		 2938}
2939
fe0750e5 2940static struct nfs4_openowner *
13d6f66b 2941alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
db24b3b4
JL		 2942 struct nfsd4_compound_state *cstate)
2943{
13d6f66b 2944 struct nfs4_client *clp = cstate->clp;
fe0750e5 2945 struct nfs4_openowner *oo;
ff194bd9 2946
fe0750e5
BF		 2947 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
2948 if (!oo)
ff194bd9 2949 return NULL;
fe0750e5
BF		 2950 oo->oo_owner.so_is_open_owner = 1;
2951 oo->oo_owner.so_seqid = open->op_seqid;
d29b20cd 2952 oo->oo_flags = NFS4_OO_NEW;
db24b3b4
JL		 2953 if (nfsd4_has_session(cstate))
2954 oo->oo_flags |= NFS4_OO_CONFIRMED;
fe0750e5 2955 oo->oo_time = 0;
38c387b5 2956 oo->oo_last_closed_stid = NULL;
fe0750e5
BF		 2957 INIT_LIST_HEAD(&oo->oo_close_lru);
2958 hash_openowner(oo, clp, strhashval);
2959 return oo;
1da177e4
LT		 2960}
2961
996e0938 2962static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) {
fe0750e5 2963 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 2964
3abdb607 2965 stp->st_stid.sc_type = NFS4_OPEN_STID;
3c87b9b7 2966 INIT_LIST_HEAD(&stp->st_locks);
fe0750e5 2967 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
fe0750e5 2968 stp->st_stateowner = &oo->oo_owner;
13cd2184 2969 get_nfs4_file(fp);
1da177e4 2970 stp->st_file = fp;
1da177e4
LT		 2971 stp->st_access_bmap = 0;
2972 stp->st_deny_bmap = 0;
82c5ff1b 2973 set_access(open->op_share_access, stp);
ce0fc43c 2974 set_deny(open->op_share_deny, stp);
4c4cd222 2975 stp->st_openstp = NULL;
1d31a253
TM		 2976 spin_lock(&fp->fi_lock);
2977 list_add(&stp->st_perfile, &fp->fi_stateids);
2978 spin_unlock(&fp->fi_lock);
1da177e4
LT		 2979}
2980
fd39ca9a 2981static void
73758fed 2982move_to_close_lru(struct nfs4_openowner *oo, struct net *net)
1da177e4 2983{
73758fed
SK		 2984 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
2985
fe0750e5 2986 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
1da177e4 2987
73758fed 2988 list_move_tail(&oo->oo_close_lru, &nn->close_lru);
fe0750e5 2989 oo->oo_time = get_seconds();
1da177e4
LT		 2990}
2991
1da177e4 2992static int
599e0a22
BF		 2993same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner,
2994 clientid_t *clid)
2995{
2996 return (sop->so_owner.len == owner->len) &&
2997 0 == memcmp(sop->so_owner.data, owner->data, owner->len) &&
2998 (sop->so_client->cl_clientid.cl_id == clid->cl_id);
1da177e4
LT		 2999}
3000
fe0750e5 3001static struct nfs4_openowner *
9b531137
SK		 3002find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open,
3003 bool sessions, struct nfsd_net *nn)
1da177e4 3004{
a50d2ad1
BF		 3005 struct nfs4_stateowner *so;
3006 struct nfs4_openowner *oo;
d15c077e 3007 struct nfs4_client *clp;
1da177e4 3008
9b531137 3009 list_for_each_entry(so, &nn->ownerstr_hashtbl[hashval], so_strhash) {
16bfdaaf
BF		 3010 if (!so->so_is_open_owner)
3011 continue;
a50d2ad1
BF		 3012 if (same_owner_str(so, &open->op_owner, &open->op_clientid)) {
3013 oo = openowner(so);
d15c077e
BF		 3014 clp = oo->oo_owner.so_client;
3015 if ((bool)clp->cl_minorversion != sessions)
3016 return NULL;
a50d2ad1
BF		 3017 renew_client(oo->oo_owner.so_client);
3018 return oo;
3019 }
1da177e4
LT		 3020 }
3021 return NULL;
3022}
3023
3024/* search file_hashtbl[] for file */
3025static struct nfs4_file *
950e0118 3026find_file_locked(struct inode *ino)
1da177e4
LT		 3027{
3028 unsigned int hashval = file_hashval(ino);
3029 struct nfs4_file *fp;
3030
950e0118
TM		 3031 lockdep_assert_held(&state_lock);
3032
89876f8c 3033 hlist_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) {
13cd2184
N		 3034 if (fp->fi_inode == ino) {
3035 get_nfs4_file(fp);
1da177e4 3036 return fp;
13cd2184 3037 }
1da177e4
LT		 3038 }
3039 return NULL;
3040}
3041
950e0118
TM		 3042static struct nfs4_file *
3043find_file(struct inode *ino)
3044{
3045 struct nfs4_file *fp;
3046
3047 spin_lock(&state_lock);
3048 fp = find_file_locked(ino);
3049 spin_unlock(&state_lock);
3050 return fp;
3051}
3052
3053static struct nfs4_file *
3054find_or_add_file(struct inode *ino, struct nfs4_file *new)
3055{
3056 struct nfs4_file *fp;
3057
3058 spin_lock(&state_lock);
3059 fp = find_file_locked(ino);
3060 if (fp == NULL) {
3061 nfsd4_init_file(new, ino);
3062 fp = new;
3063 }
3064 spin_unlock(&state_lock);
3065
3066 return fp;
3067}
3068
1da177e4
LT		 3069/*
3070 * Called to check deny when READ with all zero stateid or
3071 * WRITE with all zero or all one stateid
3072 */
b37ad28b 3073static __be32
1da177e4
LT		 3074nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
3075{
3076 struct inode *ino = current_fh->fh_dentry->d_inode;
3077 struct nfs4_file *fp;
baeb4ff0 3078 __be32 ret = nfs_ok;
1da177e4 3079
1da177e4 3080 fp = find_file(ino);
13cd2184 3081 if (!fp)
baeb4ff0
JL		 3082 return ret;
3083 /* Check for conflicting share reservations */
1d31a253 3084 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3085 if (fp->fi_share_deny & deny_type)
3086 ret = nfserr_locked;
1d31a253 3087 spin_unlock(&fp->fi_lock);
13cd2184
N		 3088 put_nfs4_file(fp);
3089 return ret;
1da177e4
LT		 3090}
3091
02e1215f 3092void nfsd4_prepare_cb_recall(struct nfs4_delegation *dp)
1da177e4 3093{
e8c69d17
BF		 3094 struct nfs4_client *clp = dp->dl_stid.sc_client;
3095 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
3096
02e1215f
JL		 3097 /*
3098 * We can't do this in nfsd_break_deleg_cb because it is
3099 * already holding inode->i_lock
3100 */
3101 spin_lock(&state_lock);
3102 block_delegations(&dp->dl_fh);
dff1399f
JL		 3103 /*
3104 * If the dl_time != 0, then we know that it has already been
3105 * queued for a lease break. Don't queue it again.
3106 */
3107 if (dp->dl_time == 0) {
dff1399f 3108 dp->dl_time = get_seconds();
02e1215f 3109 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru);
dff1399f 3110 }
02e1215f
JL		 3111 spin_unlock(&state_lock);
3112}
1da177e4 3113
02e1215f
JL		 3114static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
3115{
3116 /*
3117 * We're assuming the state code never drops its reference
3118 * without first removing the lease. Since we're in this lease
3119 * callback (and since the lease code is serialized by the kernel
3120 * lock) we know the server hasn't removed the lease yet, we know
3121 * it's safe to take a reference.
3122 */
3123 atomic_inc(&dp->dl_count);
6b57d9c8
BF		 3124 nfsd4_cb_recall(dp);
3125}
3126
1c8c601a 3127/* Called from break_lease() with i_lock held. */
6b57d9c8
BF		 3128static void nfsd_break_deleg_cb(struct file_lock *fl)
3129{
acfdf5c3
BF		 3130 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
3131 struct nfs4_delegation *dp;
6b57d9c8 3132
7fa10cd1
BF		 3133 if (!fp) {
3134 WARN(1, "(%p)->fl_owner NULL\n", fl);
3135 return;
3136 }
3137 if (fp->fi_had_conflict) {
3138 WARN(1, "duplicate break on %p\n", fp);
3139 return;
3140 }
0272e1fd
BF		 3141 /*
3142 * We don't want the locks code to timeout the lease for us;
acfdf5c3 3143 * we'll remove it ourself if a delegation isn't returned
6b57d9c8 3144 * in time:
0272e1fd
BF		 3145 */
3146 fl->fl_break_time = 0;
1da177e4 3147
acfdf5c3 3148 fp->fi_had_conflict = true;
02e1215f 3149 spin_lock(&fp->fi_lock);
acfdf5c3
BF		 3150 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
3151 nfsd_break_one_deleg(dp);
02e1215f 3152 spin_unlock(&fp->fi_lock);
1da177e4
LT		 3153}
3154
1da177e4
LT		 3155static
3156int nfsd_change_deleg_cb(struct file_lock **onlist, int arg)
3157{
3158 if (arg & F_UNLCK)
3159 return lease_modify(onlist, arg);
3160 else
3161 return -EAGAIN;
3162}
3163
7b021967 3164static const struct lock_manager_operations nfsd_lease_mng_ops = {
8fb47a4f
BF		 3165 .lm_break = nfsd_break_deleg_cb,
3166 .lm_change = nfsd_change_deleg_cb,
1da177e4
LT		 3167};
3168
7a8711c9
BF		 3169static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
3170{
3171 if (nfsd4_has_session(cstate))
3172 return nfs_ok;
3173 if (seqid == so->so_seqid - 1)
3174 return nfserr_replay_me;
3175 if (seqid == so->so_seqid)
3176 return nfs_ok;
3177 return nfserr_bad_seqid;
3178}
1da177e4 3179
4b24ca7d
JL		 3180static __be32 lookup_clientid(clientid_t *clid,
3181 struct nfsd4_compound_state *cstate,
3182 struct nfsd_net *nn)
3183{
3184 struct nfs4_client *found;
3185
3186 if (cstate->clp) {
3187 found = cstate->clp;
3188 if (!same_clid(&found->cl_clientid, clid))
3189 return nfserr_stale_clientid;
3190 return nfs_ok;
3191 }
3192
3193 if (STALE_CLIENTID(clid, nn))
3194 return nfserr_stale_clientid;
3195
3196 /*
3197 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one
3198 * cached already then we know this is for is for v4.0 and "sessions"
3199 * will be false.
3200 */
3201 WARN_ON_ONCE(cstate->session);
3202 found = find_confirmed_client(clid, false, nn);
3203 if (!found)
3204 return nfserr_expired;
3205
3206 /* Cache the nfs4_client in cstate! */
3207 cstate->clp = found;
3208 atomic_inc(&found->cl_refcount);
3209 return nfs_ok;
3210}
3211
b37ad28b 3212__be32
6668958f 3213nfsd4_process_open1(struct nfsd4_compound_state *cstate,
3320fef1 3214 struct nfsd4_open *open, struct nfsd_net *nn)
1da177e4 3215{
1da177e4
LT		 3216 clientid_t *clientid = &open->op_clientid;
3217 struct nfs4_client *clp = NULL;
3218 unsigned int strhashval;
fe0750e5 3219 struct nfs4_openowner *oo = NULL;
4cdc951b 3220 __be32 status;
1da177e4 3221
2c142baa 3222 if (STALE_CLIENTID(&open->op_clientid, nn))
1da177e4 3223 return nfserr_stale_clientid;
32513b40
BF		 3224 /*
3225 * In case we need it later, after we've already created the
3226 * file and don't want to risk a further failure:
3227 */
3228 open->op_file = nfsd4_alloc_file();
3229 if (open->op_file == NULL)
3230 return nfserr_jukebox;
1da177e4 3231
2d91e895
TM		 3232 status = lookup_clientid(clientid, cstate, nn);
3233 if (status)
3234 return status;
3235 clp = cstate->clp;
3236
16bfdaaf 3237 strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner);
9b531137 3238 oo = find_openstateowner_str(strhashval, open, cstate->minorversion, nn);
fe0750e5
BF		 3239 open->op_openowner = oo;
3240 if (!oo) {
bcf130f9 3241 goto new_owner;
1da177e4 3242 }
dad1c067 3243 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
0f442aa2 3244 /* Replace unconfirmed owners without checking for replay. */
fe0750e5
BF		 3245 release_openowner(oo);
3246 open->op_openowner = NULL;
bcf130f9 3247 goto new_owner;
0f442aa2 3248 }
4cdc951b
BF		 3249 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
3250 if (status)
3251 return status;
4cdc951b 3252 goto alloc_stateid;
bcf130f9 3253new_owner:
13d6f66b 3254 oo = alloc_init_open_stateowner(strhashval, open, cstate);
bcf130f9
BF		 3255 if (oo == NULL)
3256 return nfserr_jukebox;
3257 open->op_openowner = oo;
4cdc951b
BF		 3258alloc_stateid:
3259 open->op_stp = nfs4_alloc_stateid(clp);
3260 if (!open->op_stp)
3261 return nfserr_jukebox;
0f442aa2 3262 return nfs_ok;
1da177e4
LT		 3263}
3264
b37ad28b 3265static inline __be32
4a6e43e6
N		 3266nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
3267{
3268 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
3269 return nfserr_openmode;
3270 else
3271 return nfs_ok;
3272}
3273
f459e453 3274static int share_access_to_flags(u32 share_access)
52f4fb43 3275{
f459e453 3276 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
52f4fb43
N		 3277}
3278
38c2f4b1 3279static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
24a0111e 3280{
f459e453 3281 struct nfs4_stid *ret;
24a0111e 3282
38c2f4b1 3283 ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID);
f459e453
BF		 3284 if (!ret)
3285 return NULL;
3286 return delegstateid(ret);
24a0111e
BF		 3287}
3288
8b289b2c
BF		 3289static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
3290{
3291 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
3292 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
3293}
3294
b37ad28b 3295static __be32
41d22663 3296nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open,
567d9829
N		 3297 struct nfs4_delegation **dp)
3298{
3299 int flags;
b37ad28b 3300 __be32 status = nfserr_bad_stateid;
567d9829 3301
38c2f4b1 3302 *dp = find_deleg_stateid(cl, &open->op_delegate_stateid);
567d9829 3303 if (*dp == NULL)
c44c5eeb 3304 goto out;
24a0111e 3305 flags = share_access_to_flags(open->op_share_access);
567d9829
N		 3306 status = nfs4_check_delegmode(*dp, flags);
3307 if (status)
3308 *dp = NULL;
c44c5eeb 3309out:
8b289b2c 3310 if (!nfsd4_is_deleg_cur(open))
c44c5eeb
N		 3311 return nfs_ok;
3312 if (status)
3313 return status;
dad1c067 3314 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
c44c5eeb 3315 return nfs_ok;
567d9829
N		 3316}
3317
a46cb7f2
JL		 3318static struct nfs4_ol_stateid *
3319nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1da177e4 3320{
a46cb7f2 3321 struct nfs4_ol_stateid *local, *ret = NULL;
fe0750e5 3322 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 3323
1d31a253 3324 spin_lock(&fp->fi_lock);
8beefa24 3325 list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
1da177e4
LT		 3326 /* ignore lock owners */
3327 if (local->st_stateowner->so_is_open_owner == 0)
3328 continue;
baeb4ff0 3329 if (local->st_stateowner == &oo->oo_owner) {
a46cb7f2 3330 ret = local;
baeb4ff0 3331 break;
1d31a253 3332 }
1da177e4 3333 }
1d31a253 3334 spin_unlock(&fp->fi_lock);
a46cb7f2 3335 return ret;
1da177e4
LT		 3336}
3337
21fb4016
BF		 3338static inline int nfs4_access_to_access(u32 nfs4_access)
3339{
3340 int flags = 0;
3341
3342 if (nfs4_access & NFS4_SHARE_ACCESS_READ)
3343 flags |= NFSD_MAY_READ;
3344 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
3345 flags |= NFSD_MAY_WRITE;
3346 return flags;
3347}
3348
7e6a72e5
CH		 3349static inline __be32
3350nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
3351 struct nfsd4_open *open)
3352{
3353 struct iattr iattr = {
3354 .ia_valid = ATTR_SIZE,
3355 .ia_size = 0,
3356 };
3357 if (!open->op_truncate)
3358 return 0;
3359 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
3360 return nfserr_inval;
3361 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
3362}
3363
0c12eaff 3364static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
6eb3a1d0
JL		 3365 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp,
3366 struct nfsd4_open *open)
f9d7562f 3367{
de18643d 3368 struct file *filp = NULL;
f9d7562f 3369 __be32 status;
0c12eaff
CB		 3370 int oflag = nfs4_access_to_omode(open->op_share_access);
3371 int access = nfs4_access_to_access(open->op_share_access);
baeb4ff0 3372 unsigned char old_access_bmap, old_deny_bmap;
0c12eaff 3373
de18643d 3374 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3375
3376 /*
3377 * Are we trying to set a deny mode that would conflict with
3378 * current access?
3379 */
3380 status = nfs4_file_check_deny(fp, open->op_share_deny);
3381 if (status != nfs_ok) {
3382 spin_unlock(&fp->fi_lock);
3383 goto out;
3384 }
3385
3386 /* set access to the file */
3387 status = nfs4_file_get_access(fp, open->op_share_access);
3388 if (status != nfs_ok) {
3389 spin_unlock(&fp->fi_lock);
3390 goto out;
3391 }
3392
3393 /* Set access bits in stateid */
3394 old_access_bmap = stp->st_access_bmap;
3395 set_access(open->op_share_access, stp);
3396
3397 /* Set new deny mask */
3398 old_deny_bmap = stp->st_deny_bmap;
3399 set_deny(open->op_share_deny, stp);
3400 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3401
f9d7562f 3402 if (!fp->fi_fds[oflag]) {
de18643d
TM		 3403 spin_unlock(&fp->fi_lock);
3404 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp);
f9d7562f 3405 if (status)
baeb4ff0 3406 goto out_put_access;
de18643d
TM		 3407 spin_lock(&fp->fi_lock);
3408 if (!fp->fi_fds[oflag]) {
3409 fp->fi_fds[oflag] = filp;
3410 filp = NULL;
3411 }
f9d7562f 3412 }
de18643d
TM		 3413 spin_unlock(&fp->fi_lock);
3414 if (filp)
3415 fput(filp);
f9d7562f 3416
7e6a72e5
CH		 3417 status = nfsd4_truncate(rqstp, cur_fh, open);
3418 if (status)
3419 goto out_put_access;
7e6a72e5
CH		 3420out:
3421 return status;
baeb4ff0
JL		 3422out_put_access:
3423 stp->st_access_bmap = old_access_bmap;
3424 nfs4_file_put_access(fp, open->op_share_access);
3425 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp);
3426 goto out;
1da177e4
LT		 3427}
3428
b37ad28b 3429static __be32
dcef0413 3430nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
1da177e4 3431{
b37ad28b 3432 __be32 status;
baeb4ff0 3433 unsigned char old_deny_bmap;
1da177e4 3434
6eb3a1d0 3435 if (!test_access(open->op_share_access, stp))
baeb4ff0 3436 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open);
7e6a72e5 3437
baeb4ff0
JL		 3438 /* test and set deny mode */
3439 spin_lock(&fp->fi_lock);
3440 status = nfs4_file_check_deny(fp, open->op_share_deny);
3441 if (status == nfs_ok) {
3442 old_deny_bmap = stp->st_deny_bmap;
3443 set_deny(open->op_share_deny, stp);
3444 fp->fi_share_deny |=
3445 (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3446 }
3447 spin_unlock(&fp->fi_lock);
3448
3449 if (status != nfs_ok)
1da177e4 3450 return status;
1da177e4 3451
baeb4ff0
JL		 3452 status = nfsd4_truncate(rqstp, cur_fh, open);
3453 if (status != nfs_ok)
3454 reset_union_bmap_deny(old_deny_bmap, stp);
3455 return status;
3456}
1da177e4 3457
1da177e4 3458static void
1255a8f3 3459nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session)
1da177e4 3460{
dad1c067 3461 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
1da177e4
LT		 3462}
3463
14a24e99
BF		 3464/* Should we give out recallable state?: */
3465static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
3466{
3467 if (clp->cl_cb_state == NFSD4_CB_UP)
3468 return true;
3469 /*
3470 * In the sessions case, since we don't have to establish a
3471 * separate connection for callbacks, we assume it's OK
3472 * until we hear otherwise:
3473 */
3474 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
3475}
3476
d564fbec 3477static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag)
22d38c4c
BF		 3478{
3479 struct file_lock *fl;
3480
3481 fl = locks_alloc_lock();
3482 if (!fl)
3483 return NULL;
3484 locks_init_lock(fl);
3485 fl->fl_lmops = &nfsd_lease_mng_ops;
617588d5 3486 fl->fl_flags = FL_DELEG;
22d38c4c
BF		 3487 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
3488 fl->fl_end = OFFSET_MAX;
d564fbec 3489 fl->fl_owner = (fl_owner_t)fp;
22d38c4c 3490 fl->fl_pid = current->tgid;
22d38c4c
BF		 3491 return fl;
3492}
3493
99c41515 3494static int nfs4_setlease(struct nfs4_delegation *dp)
edab9782 3495{
acfdf5c3 3496 struct nfs4_file *fp = dp->dl_file;
edab9782
BF		 3497 struct file_lock *fl;
3498 int status;
3499
d564fbec 3500 fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ);
edab9782
BF		 3501 if (!fl)
3502 return -ENOMEM;
acfdf5c3 3503 fl->fl_file = find_readable_file(fp);
acfdf5c3 3504 status = vfs_setlease(fl->fl_file, fl->fl_type, &fl);
e873088f
BF		 3505 if (status)
3506 goto out_free;
acfdf5c3 3507 fp->fi_lease = fl;
de18643d 3508 fp->fi_deleg_file = fl->fl_file;
acfdf5c3 3509 atomic_set(&fp->fi_delegees, 1);
cdc97505 3510 spin_lock(&state_lock);
931ee56c 3511 hash_delegation_locked(dp, fp);
cdc97505 3512 spin_unlock(&state_lock);
acfdf5c3 3513 return 0;
e873088f 3514out_free:
de18643d
TM		 3515 if (fl->fl_file)
3516 fput(fl->fl_file);
e873088f
BF		 3517 locks_free_lock(fl);
3518 return status;
acfdf5c3
BF		 3519}
3520
bf7bd3e9 3521static int nfs4_set_delegation(struct nfs4_delegation *dp, struct nfs4_file *fp)
acfdf5c3 3522{
bf7bd3e9
BF		 3523 if (fp->fi_had_conflict)
3524 return -EAGAIN;
3525 get_nfs4_file(fp);
3526 dp->dl_file = fp;
cbf7a75b
BF		 3527 if (!fp->fi_lease)
3528 return nfs4_setlease(dp);
cdc97505 3529 spin_lock(&state_lock);
cbf7a75b 3530 atomic_inc(&fp->fi_delegees);
acfdf5c3 3531 if (fp->fi_had_conflict) {
cdc97505 3532 spin_unlock(&state_lock);
cbf7a75b 3533 return -EAGAIN;
acfdf5c3 3534 }
931ee56c 3535 hash_delegation_locked(dp, fp);
cdc97505 3536 spin_unlock(&state_lock);
edab9782
BF		 3537 return 0;
3538}
3539
4aa8913c
BH		 3540static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
3541{
3542 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3543 if (status == -EAGAIN)
3544 open->op_why_no_deleg = WND4_CONTENTION;
3545 else {
3546 open->op_why_no_deleg = WND4_RESOURCE;
3547 switch (open->op_deleg_want) {
3548 case NFS4_SHARE_WANT_READ_DELEG:
3549 case NFS4_SHARE_WANT_WRITE_DELEG:
3550 case NFS4_SHARE_WANT_ANY_DELEG:
3551 break;
3552 case NFS4_SHARE_WANT_CANCEL:
3553 open->op_why_no_deleg = WND4_CANCELLED;
3554 break;
3555 case NFS4_SHARE_WANT_NO_DELEG:
063b0fb9 3556 WARN_ON_ONCE(1);
4aa8913c
BH		 3557 }
3558 }
3559}
3560
1da177e4
LT		 3561/*
3562 * Attempt to hand out a delegation.
99c41515
BF		 3563 *
3564 * Note we don't support write delegations, and won't until the vfs has
3565 * proper support for them.
1da177e4
LT		 3566 */
3567static void
5ccb0066
SK		 3568nfs4_open_delegation(struct net *net, struct svc_fh *fh,
3569 struct nfsd4_open *open, struct nfs4_ol_stateid *stp)
1da177e4
LT		 3570{
3571 struct nfs4_delegation *dp;
fe0750e5 3572 struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner);
14a24e99 3573 int cb_up;
99c41515 3574 int status = 0;
1da177e4 3575
fe0750e5 3576 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
7b190fec
N		 3577 open->op_recall = 0;
3578 switch (open->op_claim_type) {
3579 case NFS4_OPEN_CLAIM_PREVIOUS:
2bf23875 3580 if (!cb_up)
7b190fec 3581 open->op_recall = 1;
99c41515
BF		 3582 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ)
3583 goto out_no_deleg;
7b190fec
N		 3584 break;
3585 case NFS4_OPEN_CLAIM_NULL:
ed47b062 3586 case NFS4_OPEN_CLAIM_FH:
99c41515
BF		 3587 /*
3588 * Let's not give out any delegations till everyone's
3589 * had the chance to reclaim theirs....
3590 */
5ccb0066 3591 if (locks_in_grace(net))
99c41515 3592 goto out_no_deleg;
dad1c067 3593 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
99c41515 3594 goto out_no_deleg;
9a0590ae
SD		 3595 /*
3596 * Also, if the file was opened for write or
3597 * create, there's a good chance the client's
3598 * about to write to it, resulting in an
3599 * immediate recall (since we don't support
3600 * write delegations):
3601 */
7b190fec 3602 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
99c41515
BF		 3603 goto out_no_deleg;
3604 if (open->op_create == NFS4_OPEN_CREATE)
3605 goto out_no_deleg;
7b190fec
N		 3606 break;
3607 default:
99c41515 3608 goto out_no_deleg;
7b190fec 3609 }
99c41515 3610 dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh);
dd239cc0
BF		 3611 if (dp == NULL)
3612 goto out_no_deleg;
bf7bd3e9 3613 status = nfs4_set_delegation(dp, stp->st_file);
edab9782 3614 if (status)
dd239cc0 3615 goto out_free;
1da177e4 3616
d5477a8d 3617 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
1da177e4 3618
8c10cbdb 3619 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
d5477a8d 3620 STATEID_VAL(&dp->dl_stid.sc_stateid));
99c41515 3621 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ;
dd239cc0
BF		 3622 return;
3623out_free:
cbf7a75b 3624 destroy_delegation(dp);
dd239cc0 3625out_no_deleg:
99c41515
BF		 3626 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE;
3627 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
d08d32e6 3628 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) {
99c41515 3629 dprintk("NFSD: WARNING: refusing delegation reclaim\n");
d08d32e6
BF		 3630 open->op_recall = 1;
3631 }
99c41515
BF		 3632
3633 /* 4.1 client asking for a delegation? */
3634 if (open->op_deleg_want)
3635 nfsd4_open_deleg_none_ext(open, status);
3636 return;
1da177e4
LT		 3637}
3638
e27f49c3
BH		 3639static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
3640 struct nfs4_delegation *dp)
3641{
3642 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
3643 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
3644 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3645 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
3646 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
3647 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
3648 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3649 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
3650 }
3651 /* Otherwise the client must be confused wanting a delegation
3652 * it already has, therefore we don't return
3653 * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
3654 */
3655}
3656
1da177e4
LT		 3657/*
3658 * called with nfs4_lock_state() held.
3659 */
b37ad28b 3660__be32
1da177e4
LT		 3661nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
3662{
6668958f 3663 struct nfsd4_compoundres *resp = rqstp->rq_resp;
38c2f4b1 3664 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
1da177e4
LT		 3665 struct nfs4_file *fp = NULL;
3666 struct inode *ino = current_fh->fh_dentry->d_inode;
dcef0413 3667 struct nfs4_ol_stateid *stp = NULL;
567d9829 3668 struct nfs4_delegation *dp = NULL;
b37ad28b 3669 __be32 status;
1da177e4 3670
1da177e4
LT		 3671 /*
3672 * Lookup file; if found, lookup stateid and check open request,
3673 * and check for delegations in the process of being recalled.
3674 * If not found, create the nfs4_file struct
3675 */
950e0118
TM		 3676 fp = find_or_add_file(ino, open->op_file);
3677 if (fp != open->op_file) {
41d22663 3678 status = nfs4_check_deleg(cl, open, &dp);
c44c5eeb
N		 3679 if (status)
3680 goto out;
a46cb7f2 3681 stp = nfsd4_find_existing_open(fp, open);
1da177e4 3682 } else {
950e0118 3683 open->op_file = NULL;
c44c5eeb 3684 status = nfserr_bad_stateid;
8b289b2c 3685 if (nfsd4_is_deleg_cur(open))
c44c5eeb 3686 goto out;
3e772463 3687 status = nfserr_jukebox;
1da177e4
LT		 3688 }
3689
3690 /*
3691 * OPEN the file, or upgrade an existing OPEN.
3692 * If truncate fails, the OPEN fails.
3693 */
3694 if (stp) {
3695 /* Stateid was found, this is an OPEN upgrade */
f9d7562f 3696 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
1da177e4
LT		 3697 if (status)
3698 goto out;
3699 } else {
4cdc951b
BF		 3700 stp = open->op_stp;
3701 open->op_stp = NULL;
996e0938 3702 init_open_stateid(stp, fp, open);
6eb3a1d0
JL		 3703 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
3704 if (status) {
3705 release_open_stateid(stp);
3706 goto out;
3707 }
1da177e4 3708 }
dcef0413
BF		 3709 update_stateid(&stp->st_stid.sc_stateid);
3710 memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 3711
d24433cd 3712 if (nfsd4_has_session(&resp->cstate)) {
d24433cd
BH		 3713 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
3714 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3715 open->op_why_no_deleg = WND4_NOT_WANTED;
3716 goto nodeleg;
3717 }
3718 }
3719
1da177e4
LT		 3720 /*
3721 * Attempt to hand out a delegation. No error return, because the
3722 * OPEN succeeds even if we fail.
3723 */
5ccb0066 3724 nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp);
d24433cd 3725nodeleg:
1da177e4
LT		 3726 status = nfs_ok;
3727
8c10cbdb 3728 dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
dcef0413 3729 STATEID_VAL(&stp->st_stid.sc_stateid));
1da177e4 3730out:
d24433cd
BH		 3731 /* 4.1 client trying to upgrade/downgrade delegation? */
3732 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
e27f49c3
BH		 3733 open->op_deleg_want)
3734 nfsd4_deleg_xgrade_none_ext(open, dp);
d24433cd 3735
13cd2184
N		 3736 if (fp)
3737 put_nfs4_file(fp);
37515177 3738 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
1255a8f3 3739 nfs4_set_claim_prev(open, nfsd4_has_session(&resp->cstate));
1da177e4
LT		 3740 /*
3741 * To finish the open response, we just need to set the rflags.
3742 */
3743 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
dad1c067 3744 if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) &&
6668958f 3745 !nfsd4_has_session(&resp->cstate))
1da177e4
LT		 3746 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
3747
3748 return status;
3749}
3750
d29b20cd
BF		 3751void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status)
3752{
3753 if (open->op_openowner) {
3754 struct nfs4_openowner *oo = open->op_openowner;
3755
3756 if (!list_empty(&oo->oo_owner.so_stateids))
3757 list_del_init(&oo->oo_close_lru);
3758 if (oo->oo_flags & NFS4_OO_NEW) {
3759 if (status) {
3760 release_openowner(oo);
3761 open->op_openowner = NULL;
3762 } else
3763 oo->oo_flags &= ~NFS4_OO_NEW;
3764 }
3765 }
32513b40
BF		 3766 if (open->op_file)
3767 nfsd4_free_file(open->op_file);
4cdc951b 3768 if (open->op_stp)
ef79859e 3769 free_generic_stateid(open->op_stp);
d29b20cd
BF		 3770}
3771
b37ad28b 3772__be32
b591480b
BF		 3773nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3774 clientid_t *clid)
1da177e4
LT		 3775{
3776 struct nfs4_client *clp;
b37ad28b 3777 __be32 status;
7f2210fa 3778 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4
LT		 3779
3780 nfs4_lock_state();
3781 dprintk("process_renew(%08x/%08x): starting\n",
3782 clid->cl_boot, clid->cl_id);
4b24ca7d 3783 status = lookup_clientid(clid, cstate, nn);
9b2ef62b 3784 if (status)
1da177e4 3785 goto out;
4b24ca7d 3786 clp = cstate->clp;
1da177e4 3787 status = nfserr_cb_path_down;
ea1da636 3788 if (!list_empty(&clp->cl_delegations)
77a3569d 3789 && clp->cl_cb_state != NFSD4_CB_UP)
1da177e4
LT		 3790 goto out;
3791 status = nfs_ok;
3792out:
3793 nfs4_unlock_state();
3794 return status;
3795}
3796
a76b4319 3797static void
12760c66 3798nfsd4_end_grace(struct nfsd_net *nn)
a76b4319 3799{
33dcc481 3800 /* do nothing if grace period already ended */
a51c84ed 3801 if (nn->grace_ended)
33dcc481
JL		 3802 return;
3803
a76b4319 3804 dprintk("NFSD: end of grace period\n");
a51c84ed 3805 nn->grace_ended = true;
12760c66 3806 nfsd4_record_grace_done(nn, nn->boot_time);
5e1533c7 3807 locks_end_grace(&nn->nfsd4_manager);
e46b498c
BF		 3808 /*
3809 * Now that every NFSv4 client has had the chance to recover and
3810 * to see the (possibly new, possibly shorter) lease time, we
3811 * can safely set the next grace time to the current lease time:
3812 */
5284b44e 3813 nn->nfsd4_grace = nn->nfsd4_lease;
a76b4319
N		 3814}
3815
fd39ca9a 3816static time_t
09121281 3817nfs4_laundromat(struct nfsd_net *nn)
1da177e4
LT		 3818{
3819 struct nfs4_client *clp;
fe0750e5 3820 struct nfs4_openowner *oo;
1da177e4
LT		 3821 struct nfs4_delegation *dp;
3822 struct list_head *pos, *next, reaplist;
3d733711 3823 time_t cutoff = get_seconds() - nn->nfsd4_lease;
a832e7ae 3824 time_t t, new_timeo = nn->nfsd4_lease;
1da177e4
LT		 3825
3826 nfs4_lock_state();
3827
3828 dprintk("NFSD: laundromat service - starting\n");
12760c66 3829 nfsd4_end_grace(nn);
36acb66b 3830 INIT_LIST_HEAD(&reaplist);
c9a49628 3831 spin_lock(&nn->client_lock);
5ed58bb2 3832 list_for_each_safe(pos, next, &nn->client_lru) {
1da177e4
LT		 3833 clp = list_entry(pos, struct nfs4_client, cl_lru);
3834 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
3835 t = clp->cl_time - cutoff;
a832e7ae 3836 new_timeo = min(new_timeo, t);
1da177e4
LT		 3837 break;
3838 }
221a6876 3839 if (mark_client_expired_locked(clp)) {
d7682988
BH		 3840 dprintk("NFSD: client in use (clientid %08x)\n",
3841 clp->cl_clientid.cl_id);
3842 continue;
3843 }
221a6876 3844 list_move(&clp->cl_lru, &reaplist);
36acb66b 3845 }
c9a49628 3846 spin_unlock(&nn->client_lock);
36acb66b
BH		 3847 list_for_each_safe(pos, next, &reaplist) {
3848 clp = list_entry(pos, struct nfs4_client, cl_lru);
1da177e4
LT		 3849 dprintk("NFSD: purging unused client (clientid %08x)\n",
3850 clp->cl_clientid.cl_id);
3851 expire_client(clp);
3852 }
cdc97505 3853 spin_lock(&state_lock);
e8c69d17 3854 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 3855 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4e37a7c2
SK		 3856 if (net_generic(dp->dl_stid.sc_client->net, nfsd_net_id) != nn)
3857 continue;
1da177e4 3858 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
a832e7ae
JL		 3859 t = dp->dl_time - cutoff;
3860 new_timeo = min(new_timeo, t);
1da177e4
LT		 3861 break;
3862 }
1da177e4
LT		 3863 list_move(&dp->dl_recall_lru, &reaplist);
3864 }
cdc97505 3865 spin_unlock(&state_lock);
1da177e4
LT		 3866 list_for_each_safe(pos, next, &reaplist) {
3867 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3bd64a5b 3868 revoke_delegation(dp);
1da177e4 3869 }
73758fed 3870 list_for_each_safe(pos, next, &nn->close_lru) {
fe0750e5
BF		 3871 oo = container_of(pos, struct nfs4_openowner, oo_close_lru);
3872 if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) {
a832e7ae
JL		 3873 t = oo->oo_time - cutoff;
3874 new_timeo = min(new_timeo, t);
1da177e4
LT		 3875 break;
3876 }
fe0750e5 3877 release_openowner(oo);
1da177e4 3878 }
a832e7ae 3879 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT);
1da177e4 3880 nfs4_unlock_state();
a832e7ae 3881 return new_timeo;
1da177e4
LT		 3882}
3883
a254b246
HH		 3884static struct workqueue_struct *laundry_wq;
3885static void laundromat_main(struct work_struct *);
a254b246
HH		 3886
3887static void
09121281 3888laundromat_main(struct work_struct *laundry)
1da177e4
LT		 3889{
3890 time_t t;
09121281
SK		 3891 struct delayed_work *dwork = container_of(laundry, struct delayed_work,
3892 work);
3893 struct nfsd_net *nn = container_of(dwork, struct nfsd_net,
3894 laundromat_work);
1da177e4 3895
09121281 3896 t = nfs4_laundromat(nn);
1da177e4 3897 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
09121281 3898 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ);
1da177e4
LT		 3899}
3900
f7a4d872 3901static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp)
1da177e4 3902{
f7a4d872
BF		 3903 if (fhp->fh_dentry->d_inode != stp->st_file->fi_inode)
3904 return nfserr_bad_stateid;
3905 return nfs_ok;
1da177e4
LT		 3906}
3907
1da177e4 3908static inline int
82c5ff1b 3909access_permit_read(struct nfs4_ol_stateid *stp)
1da177e4 3910{
82c5ff1b
JL		 3911 return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
3912 test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
3913 test_access(NFS4_SHARE_ACCESS_WRITE, stp);
1da177e4
LT		 3914}
3915
3916static inline int
82c5ff1b 3917access_permit_write(struct nfs4_ol_stateid *stp)
1da177e4 3918{
82c5ff1b
JL		 3919 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
3920 test_access(NFS4_SHARE_ACCESS_BOTH, stp);
1da177e4
LT		 3921}
3922
3923static
dcef0413 3924__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
1da177e4 3925{
b37ad28b 3926 __be32 status = nfserr_openmode;
1da177e4 3927
02921914
BF		 3928 /* For lock stateid's, we test the parent open, not the lock: */
3929 if (stp->st_openstp)
3930 stp = stp->st_openstp;
82c5ff1b 3931 if ((flags & WR_STATE) && !access_permit_write(stp))
1da177e4 3932 goto out;
82c5ff1b 3933 if ((flags & RD_STATE) && !access_permit_read(stp))
1da177e4
LT		 3934 goto out;
3935 status = nfs_ok;
3936out:
3937 return status;
3938}
3939
b37ad28b 3940static inline __be32
5ccb0066 3941check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
1da177e4 3942{
203a8c8e 3943 if (ONE_STATEID(stateid) && (flags & RD_STATE))
1da177e4 3944 return nfs_ok;
5ccb0066 3945 else if (locks_in_grace(net)) {
25985edc 3946 /* Answer in remaining cases depends on existence of
1da177e4
LT		 3947 * conflicting state; so we must wait out the grace period. */
3948 return nfserr_grace;
3949 } else if (flags & WR_STATE)
3950 return nfs4_share_conflict(current_fh,
3951 NFS4_SHARE_DENY_WRITE);
3952 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
3953 return nfs4_share_conflict(current_fh,
3954 NFS4_SHARE_DENY_READ);
3955}
3956
3957/*
3958 * Allow READ/WRITE during grace period on recovered state only for files
3959 * that are not able to provide mandatory locking.
3960 */
3961static inline int
5ccb0066 3962grace_disallows_io(struct net *net, struct inode *inode)
1da177e4 3963{
5ccb0066 3964 return locks_in_grace(net) && mandatory_lock(inode);
1da177e4
LT		 3965}
3966
81b82965
BF		 3967/* Returns true iff a is later than b: */
3968static bool stateid_generation_after(stateid_t *a, stateid_t *b)
3969{
1a9357f4 3970 return (s32)(a->si_generation - b->si_generation) > 0;
81b82965
BF		 3971}
3972
57b7b43b 3973static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
0836f587 3974{
6668958f
AA		 3975 /*
3976 * When sessions are used the stateid generation number is ignored
3977 * when it is zero.
3978 */
28dde241 3979 if (has_session && in->si_generation == 0)
81b82965
BF		 3980 return nfs_ok;
3981
3982 if (in->si_generation == ref->si_generation)
3983 return nfs_ok;
6668958f 3984
0836f587 3985 /* If the client sends us a stateid from the future, it's buggy: */
81b82965 3986 if (stateid_generation_after(in, ref))
0836f587
BF		 3987 return nfserr_bad_stateid;
3988 /*
81b82965
BF		 3989 * However, we could see a stateid from the past, even from a
3990 * non-buggy client. For example, if the client sends a lock
3991 * while some IO is outstanding, the lock may bump si_generation
3992 * while the IO is still in flight. The client could avoid that
3993 * situation by waiting for responses on all the IO requests,
3994 * but better performance may result in retrying IO that
3995 * receives an old_stateid error if requests are rarely
3996 * reordered in flight:
0836f587 3997 */
81b82965 3998 return nfserr_old_stateid;
0836f587
BF		 3999}
4000
7df302f7 4001static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
17456804 4002{
97b7e3b6
BF		 4003 struct nfs4_stid *s;
4004 struct nfs4_ol_stateid *ols;
4005 __be32 status;
17456804 4006
7df302f7
CL		 4007 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4008 return nfserr_bad_stateid;
4009 /* Client debugging aid. */
4010 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
4011 char addr_str[INET6_ADDRSTRLEN];
4012 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
4013 sizeof(addr_str));
4014 pr_warn_ratelimited("NFSD: client %s testing state ID "
4015 "with incorrect client ID\n", addr_str);
4016 return nfserr_bad_stateid;
4017 }
38c2f4b1 4018 s = find_stateid(cl, stateid);
97b7e3b6 4019 if (!s)
7df302f7 4020 return nfserr_bad_stateid;
36279ac1 4021 status = check_stateid_generation(stateid, &s->sc_stateid, 1);
17456804 4022 if (status)
97b7e3b6 4023 return status;
23340032
BF		 4024 switch (s->sc_type) {
4025 case NFS4_DELEG_STID:
97b7e3b6 4026 return nfs_ok;
3bd64a5b
BF		 4027 case NFS4_REVOKED_DELEG_STID:
4028 return nfserr_deleg_revoked;
23340032
BF		 4029 case NFS4_OPEN_STID:
4030 case NFS4_LOCK_STID:
4031 ols = openlockstateid(s);
4032 if (ols->st_stateowner->so_is_open_owner
4033 && !(openowner(ols->st_stateowner)->oo_flags
4034 & NFS4_OO_CONFIRMED))
4035 return nfserr_bad_stateid;
97b7e3b6 4036 return nfs_ok;
23340032
BF		 4037 default:
4038 printk("unknown stateid type %x\n", s->sc_type);
4039 case NFS4_CLOSED_STID:
97b7e3b6 4040 return nfserr_bad_stateid;
23340032 4041 }
17456804
BS		 4042}
4043
2dd6e458
TM		 4044static __be32
4045nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate,
4046 stateid_t *stateid, unsigned char typemask,
4047 struct nfs4_stid **s, struct nfsd_net *nn)
38c2f4b1 4048{
0eb6f20a 4049 __be32 status;
38c2f4b1
BF		 4050
4051 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4052 return nfserr_bad_stateid;
4b24ca7d 4053 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn);
a8a7c677 4054 if (status == nfserr_stale_clientid) {
4b24ca7d 4055 if (cstate->session)
a8a7c677 4056 return nfserr_bad_stateid;
38c2f4b1 4057 return nfserr_stale_stateid;
a8a7c677 4058 }
0eb6f20a
BF		 4059 if (status)
4060 return status;
4b24ca7d 4061 *s = find_stateid_by_type(cstate->clp, stateid, typemask);
38c2f4b1
BF		 4062 if (!*s)
4063 return nfserr_bad_stateid;
4064 return nfs_ok;
38c2f4b1
BF		 4065}
4066
1da177e4
LT		 4067/*
4068* Checks for stateid operations
4069*/
b37ad28b 4070__be32
5ccb0066 4071nfs4_preprocess_stateid_op(struct net *net, struct nfsd4_compound_state *cstate,
dd453dfd 4072 stateid_t *stateid, int flags, struct file **filpp)
1da177e4 4073{
69064a27 4074 struct nfs4_stid *s;
dcef0413 4075 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4076 struct nfs4_delegation *dp = NULL;
dd453dfd 4077 struct svc_fh *current_fh = &cstate->current_fh;
1da177e4 4078 struct inode *ino = current_fh->fh_dentry->d_inode;
3320fef1 4079 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
14bcab1a 4080 struct file *file = NULL;
b37ad28b 4081 __be32 status;
1da177e4 4082
1da177e4
LT		 4083 if (filpp)
4084 *filpp = NULL;
4085
5ccb0066 4086 if (grace_disallows_io(net, ino))
1da177e4
LT		 4087 return nfserr_grace;
4088
4089 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
5ccb0066 4090 return check_special_stateids(net, current_fh, stateid, flags);
1da177e4 4091
14bcab1a
TM		 4092 nfs4_lock_state();
4093
2dd6e458 4094 status = nfsd4_lookup_stateid(cstate, stateid,
db24b3b4 4095 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
2dd6e458 4096 &s, nn);
38c2f4b1 4097 if (status)
14bcab1a 4098 goto out;
69064a27
BF		 4099 status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate));
4100 if (status)
4101 goto out;
f7a4d872
BF		 4102 switch (s->sc_type) {
4103 case NFS4_DELEG_STID:
69064a27 4104 dp = delegstateid(s);
dc9bf700
BF		 4105 status = nfs4_check_delegmode(dp, flags);
4106 if (status)
4107 goto out;
43b0178e 4108 if (filpp) {
14bcab1a
TM		 4109 file = dp->dl_file->fi_deleg_file;
4110 if (!file) {
063b0fb9
BF		 4111 WARN_ON_ONCE(1);
4112 status = nfserr_serverfault;
4113 goto out;
4114 }
de18643d 4115 get_file(file);
43b0178e 4116 }
f7a4d872
BF		 4117 break;
4118 case NFS4_OPEN_STID:
4119 case NFS4_LOCK_STID:
69064a27 4120 stp = openlockstateid(s);
f7a4d872
BF		 4121 status = nfs4_check_fh(current_fh, stp);
4122 if (status)
1da177e4 4123 goto out;
fe0750e5 4124 if (stp->st_stateowner->so_is_open_owner
dad1c067 4125 && !(openowner(stp->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
1da177e4 4126 goto out;
a4455be0
BF		 4127 status = nfs4_check_openmode(stp, flags);
4128 if (status)
1da177e4 4129 goto out;
f9d7562f
BF		 4130 if (filpp) {
4131 if (flags & RD_STATE)
14bcab1a 4132 file = find_readable_file(stp->st_file);
f9d7562f 4133 else
14bcab1a 4134 file = find_writeable_file(stp->st_file);
f9d7562f 4135 }
f7a4d872
BF		 4136 break;
4137 default:
14bcab1a
TM		 4138 status = nfserr_bad_stateid;
4139 goto out;
1da177e4
LT		 4140 }
4141 status = nfs_ok;
14bcab1a 4142 if (file)
de18643d 4143 *filpp = file;
1da177e4 4144out:
14bcab1a 4145 nfs4_unlock_state();
1da177e4
LT		 4146 return status;
4147}
4148
e1ca12df 4149static __be32
dcef0413 4150nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp)
e1ca12df 4151{
a1b8ff4c
BF		 4152 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner);
4153
4154 if (check_for_locks(stp->st_file, lo))
e1ca12df 4155 return nfserr_locks_held;
c53530da 4156 release_lockowner_if_empty(lo);
e1ca12df
BS		 4157 return nfs_ok;
4158}
4159
17456804
BS		 4160/*
4161 * Test if the stateid is valid
4162 */
4163__be32
4164nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4165 struct nfsd4_test_stateid *test_stateid)
4166{
03cfb420
BS		 4167 struct nfsd4_test_stateid_id *stateid;
4168 struct nfs4_client *cl = cstate->session->se_client;
4169
4170 nfs4_lock_state();
4171 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
7df302f7
CL		 4172 stateid->ts_id_status =
4173 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
03cfb420
BS		 4174 nfs4_unlock_state();
4175
17456804
BS		 4176 return nfs_ok;
4177}
4178
e1ca12df
BS		 4179__be32
4180nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4181 struct nfsd4_free_stateid *free_stateid)
4182{
4183 stateid_t *stateid = &free_stateid->fr_stateid;
2da1cec7 4184 struct nfs4_stid *s;
3bd64a5b 4185 struct nfs4_delegation *dp;
38c2f4b1 4186 struct nfs4_client *cl = cstate->session->se_client;
2da1cec7 4187 __be32 ret = nfserr_bad_stateid;
e1ca12df
BS		 4188
4189 nfs4_lock_state();
38c2f4b1 4190 s = find_stateid(cl, stateid);
2da1cec7 4191 if (!s)
81b82965 4192 goto out;
2da1cec7
BF		 4193 switch (s->sc_type) {
4194 case NFS4_DELEG_STID:
e1ca12df
BS		 4195 ret = nfserr_locks_held;
4196 goto out;
2da1cec7
BF		 4197 case NFS4_OPEN_STID:
4198 case NFS4_LOCK_STID:
4199 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
4200 if (ret)
4201 goto out;
4202 if (s->sc_type == NFS4_LOCK_STID)
4203 ret = nfsd4_free_lock_stateid(openlockstateid(s));
4204 else
4205 ret = nfserr_locks_held;
f7a4d872 4206 break;
3bd64a5b
BF		 4207 case NFS4_REVOKED_DELEG_STID:
4208 dp = delegstateid(s);
4209 destroy_revoked_delegation(dp);
4210 ret = nfs_ok;
4211 break;
f7a4d872
BF		 4212 default:
4213 ret = nfserr_bad_stateid;
e1ca12df 4214 }
e1ca12df
BS		 4215out:
4216 nfs4_unlock_state();
4217 return ret;
4218}
4219
4c4cd222
N		 4220static inline int
4221setlkflg (int type)
4222{
4223 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
4224 RD_STATE : WR_STATE;
4225}
1da177e4 4226
dcef0413 4227static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
c0a5d93e
BF		 4228{
4229 struct svc_fh *current_fh = &cstate->current_fh;
4230 struct nfs4_stateowner *sop = stp->st_stateowner;
4231 __be32 status;
4232
c0a5d93e
BF		 4233 status = nfsd4_check_seqid(cstate, sop, seqid);
4234 if (status)
4235 return status;
3bd64a5b
BF		 4236 if (stp->st_stid.sc_type == NFS4_CLOSED_STID
4237 || stp->st_stid.sc_type == NFS4_REVOKED_DELEG_STID)
f7a4d872
BF		 4238 /*
4239 * "Closed" stateid's exist *only* to return
3bd64a5b
BF		 4240 * nfserr_replay_me from the previous step, and
4241 * revoked delegations are kept only for free_stateid.
f7a4d872
BF		 4242 */
4243 return nfserr_bad_stateid;
4244 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
4245 if (status)
4246 return status;
4247 return nfs4_check_fh(current_fh, stp);
c0a5d93e
BF		 4248}
4249
1da177e4
LT		 4250/*
4251 * Checks for sequence id mutating operations.
4252 */
b37ad28b 4253static __be32
dd453dfd 4254nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
2288d0e3 4255 stateid_t *stateid, char typemask,
3320fef1
SK		 4256 struct nfs4_ol_stateid **stpp,
4257 struct nfsd_net *nn)
1da177e4 4258{
0836f587 4259 __be32 status;
38c2f4b1 4260 struct nfs4_stid *s;
e17f99b7 4261 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4262
8c10cbdb
BH		 4263 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
4264 seqid, STATEID_VAL(stateid));
3a4f98bb 4265
1da177e4 4266 *stpp = NULL;
2dd6e458 4267 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn);
c0a5d93e
BF		 4268 if (status)
4269 return status;
e17f99b7 4270 stp = openlockstateid(s);
3d74e6a5 4271 if (!nfsd4_has_session(cstate))
e17f99b7 4272 cstate->replay_owner = stp->st_stateowner;
1da177e4 4273
e17f99b7
TM		 4274 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp);
4275 if (!status)
4276 *stpp = stp;
4277 return status;
c0a5d93e 4278}
39325bd0 4279
3320fef1
SK		 4280static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
4281 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn)
c0a5d93e
BF		 4282{
4283 __be32 status;
4284 struct nfs4_openowner *oo;
1da177e4 4285
c0a5d93e 4286 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
3320fef1 4287 NFS4_OPEN_STID, stpp, nn);
7a8711c9
BF		 4288 if (status)
4289 return status;
c0a5d93e 4290 oo = openowner((*stpp)->st_stateowner);
dad1c067 4291 if (!(oo->oo_flags & NFS4_OO_CONFIRMED))
3a4f98bb 4292 return nfserr_bad_stateid;
3a4f98bb 4293 return nfs_ok;
1da177e4
LT		 4294}
4295
b37ad28b 4296__be32
ca364317 4297nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4298 struct nfsd4_open_confirm *oc)
1da177e4 4299{
b37ad28b 4300 __be32 status;
fe0750e5 4301 struct nfs4_openowner *oo;
dcef0413 4302 struct nfs4_ol_stateid *stp;
3320fef1 4303 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4304
a6a9f18f
AV		 4305 dprintk("NFSD: nfsd4_open_confirm on file %pd\n",
4306 cstate->current_fh.fh_dentry);
1da177e4 4307
ca364317 4308 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
a8cddc5d
BF		 4309 if (status)
4310 return status;
1da177e4
LT		 4311
4312 nfs4_lock_state();
4313
9072d5c6 4314 status = nfs4_preprocess_seqid_op(cstate,
ca364317 4315 oc->oc_seqid, &oc->oc_req_stateid,
3320fef1 4316 NFS4_OPEN_STID, &stp, nn);
9072d5c6 4317 if (status)
68b66e82 4318 goto out;
fe0750e5 4319 oo = openowner(stp->st_stateowner);
68b66e82 4320 status = nfserr_bad_stateid;
dad1c067 4321 if (oo->oo_flags & NFS4_OO_CONFIRMED)
68b66e82 4322 goto out;
dad1c067 4323 oo->oo_flags |= NFS4_OO_CONFIRMED;
dcef0413
BF		 4324 update_stateid(&stp->st_stid.sc_stateid);
4325 memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
8c10cbdb 4326 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
dcef0413 4327 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
c7b9a459 4328
2a4317c5 4329 nfsd4_client_record_create(oo->oo_owner.so_client);
68b66e82 4330 status = nfs_ok;
1da177e4 4331out:
9411b1d4 4332 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4333 if (!cstate->replay_owner)
4334 nfs4_unlock_state();
1da177e4
LT		 4335 return status;
4336}
4337
6409a5a6 4338static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
1da177e4 4339{
82c5ff1b 4340 if (!test_access(access, stp))
6409a5a6 4341 return;
12659651 4342 nfs4_file_put_access(stp->st_file, access);
82c5ff1b 4343 clear_access(access, stp);
6409a5a6 4344}
f197c271 4345
6409a5a6
BF		 4346static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
4347{
4348 switch (to_access) {
4349 case NFS4_SHARE_ACCESS_READ:
4350 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
4351 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4352 break;
4353 case NFS4_SHARE_ACCESS_WRITE:
4354 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
4355 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4356 break;
4357 case NFS4_SHARE_ACCESS_BOTH:
4358 break;
4359 default:
063b0fb9 4360 WARN_ON_ONCE(1);
1da177e4
LT		 4361 }
4362}
4363
b37ad28b 4364__be32
ca364317
BF		 4365nfsd4_open_downgrade(struct svc_rqst *rqstp,
4366 struct nfsd4_compound_state *cstate,
a4f1706a 4367 struct nfsd4_open_downgrade *od)
1da177e4 4368{
b37ad28b 4369 __be32 status;
dcef0413 4370 struct nfs4_ol_stateid *stp;
3320fef1 4371 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4372
a6a9f18f
AV		 4373 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n",
4374 cstate->current_fh.fh_dentry);
1da177e4 4375
c30e92df 4376 /* We don't yet support WANT bits: */
2c8bd7e0
BH		 4377 if (od->od_deleg_want)
4378 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
4379 od->od_deleg_want);
1da177e4
LT		 4380
4381 nfs4_lock_state();
c0a5d93e 4382 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3320fef1 4383 &od->od_stateid, &stp, nn);
9072d5c6 4384 if (status)
1da177e4 4385 goto out;
1da177e4 4386 status = nfserr_inval;
82c5ff1b 4387 if (!test_access(od->od_share_access, stp)) {
c11c591f 4388 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n",
1da177e4
LT		 4389 stp->st_access_bmap, od->od_share_access);
4390 goto out;
4391 }
ce0fc43c 4392 if (!test_deny(od->od_share_deny, stp)) {
c11c591f 4393 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n",
1da177e4
LT		 4394 stp->st_deny_bmap, od->od_share_deny);
4395 goto out;
4396 }
6409a5a6 4397 nfs4_stateid_downgrade(stp, od->od_share_access);
1da177e4 4398
ce0fc43c 4399 reset_union_bmap_deny(od->od_share_deny, stp);
1da177e4 4400
dcef0413
BF		 4401 update_stateid(&stp->st_stid.sc_stateid);
4402 memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4
LT		 4403 status = nfs_ok;
4404out:
9411b1d4 4405 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4406 if (!cstate->replay_owner)
4407 nfs4_unlock_state();
1da177e4
LT		 4408 return status;
4409}
4410
f7a4d872
BF		 4411static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
4412{
acf9295b
TM		 4413 struct nfs4_client *clp = s->st_stid.sc_client;
4414 struct nfs4_openowner *oo = openowner(s->st_stateowner);
4415
f7a4d872 4416 s->st_stid.sc_type = NFS4_CLOSED_STID;
acf9295b
TM		 4417 unhash_open_stateid(s);
4418
4419 if (clp->cl_minorversion) {
4420 free_generic_stateid(s);
4421 if (list_empty(&oo->oo_owner.so_stateids))
4422 release_openowner(oo);
4423 } else {
4424 oo->oo_last_closed_stid = s;
4425 /*
4426 * In the 4.0 case we need to keep the owners around a
4427 * little while to handle CLOSE replay.
4428 */
4429 if (list_empty(&oo->oo_owner.so_stateids))
4430 move_to_close_lru(oo, clp->net);
4431 }
38c387b5
BF		 4432}
4433
1da177e4
LT		 4434/*
4435 * nfs4_unlock_state() called after encode
4436 */
b37ad28b 4437__be32
ca364317 4438nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4439 struct nfsd4_close *close)
1da177e4 4440{
b37ad28b 4441 __be32 status;
dcef0413 4442 struct nfs4_ol_stateid *stp;
3320fef1
SK		 4443 struct net *net = SVC_NET(rqstp);
4444 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 4445
a6a9f18f
AV		 4446 dprintk("NFSD: nfsd4_close on file %pd\n",
4447 cstate->current_fh.fh_dentry);
1da177e4
LT		 4448
4449 nfs4_lock_state();
f7a4d872
BF		 4450 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
4451 &close->cl_stateid,
4452 NFS4_OPEN_STID|NFS4_CLOSED_STID,
3320fef1 4453 &stp, nn);
9411b1d4 4454 nfsd4_bump_seqid(cstate, status);
9072d5c6 4455 if (status)
1da177e4 4456 goto out;
dcef0413
BF		 4457 update_stateid(&stp->st_stid.sc_stateid);
4458 memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 4459
f7a4d872 4460 nfsd4_close_open_stateid(stp);
1da177e4 4461out:
5ec094c1
BF		 4462 if (!cstate->replay_owner)
4463 nfs4_unlock_state();
1da177e4
LT		 4464 return status;
4465}
4466
b37ad28b 4467__be32
ca364317
BF		 4468nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4469 struct nfsd4_delegreturn *dr)
1da177e4 4470{
203a8c8e
BF		 4471 struct nfs4_delegation *dp;
4472 stateid_t *stateid = &dr->dr_stateid;
38c2f4b1 4473 struct nfs4_stid *s;
b37ad28b 4474 __be32 status;
3320fef1 4475 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4476
ca364317 4477 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
203a8c8e 4478 return status;
1da177e4
LT		 4479
4480 nfs4_lock_state();
2dd6e458 4481 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn);
38c2f4b1 4482 if (status)
203a8c8e 4483 goto out;
38c2f4b1 4484 dp = delegstateid(s);
d5477a8d 4485 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
203a8c8e
BF		 4486 if (status)
4487 goto out;
203a8c8e 4488
3bd64a5b 4489 destroy_delegation(dp);
1da177e4 4490out:
203a8c8e
BF		 4491 nfs4_unlock_state();
4492
1da177e4
LT		 4493 return status;
4494}
4495
4496
1da177e4 4497#define LOFF_OVERFLOW(start, len) ((u64)(len) > ~(u64)(start))
1da177e4 4498
87df4de8
BH		 4499static inline u64
4500end_offset(u64 start, u64 len)
4501{
4502 u64 end;
4503
4504 end = start + len;
4505 return end >= start ? end: NFS4_MAX_UINT64;
4506}
4507
4508/* last octet in a range */
4509static inline u64
4510last_byte_offset(u64 start, u64 len)
4511{
4512 u64 end;
4513
063b0fb9 4514 WARN_ON_ONCE(!len);
87df4de8
BH		 4515 end = start + len;
4516 return end > start ? end - 1: NFS4_MAX_UINT64;
4517}
4518
1da177e4
LT		 4519/*
4520 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
4521 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
4522 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit
4523 * locking, this prevents us from being completely protocol-compliant. The
4524 * real solution to this problem is to start using unsigned file offsets in
4525 * the VFS, but this is a very deep change!
4526 */
4527static inline void
4528nfs4_transform_lock_offset(struct file_lock *lock)
4529{
4530 if (lock->fl_start < 0)
4531 lock->fl_start = OFFSET_MAX;
4532 if (lock->fl_end < 0)
4533 lock->fl_end = OFFSET_MAX;
4534}
4535
d5b9026a
N		 4536/* Hack!: For now, we're defining this just so we can use a pointer to it
4537 * as a unique cookie to identify our (NFSv4's) posix locks. */
7b021967 4538static const struct lock_manager_operations nfsd_posix_mng_ops = {
d5b9026a 4539};
1da177e4
LT		 4540
4541static inline void
4542nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
4543{
fe0750e5 4544 struct nfs4_lockowner *lo;
1da177e4 4545
d5b9026a 4546 if (fl->fl_lmops == &nfsd_posix_mng_ops) {
fe0750e5
BF		 4547 lo = (struct nfs4_lockowner *) fl->fl_owner;
4548 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
4549 lo->lo_owner.so_owner.len, GFP_KERNEL);
7c13f344
BF		 4550 if (!deny->ld_owner.data)
4551 /* We just don't care that much */
4552 goto nevermind;
fe0750e5
BF		 4553 deny->ld_owner.len = lo->lo_owner.so_owner.len;
4554 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
d5b9026a 4555 } else {
7c13f344
BF		 4556nevermind:
4557 deny->ld_owner.len = 0;
4558 deny->ld_owner.data = NULL;
d5b9026a
N		 4559 deny->ld_clientid.cl_boot = 0;
4560 deny->ld_clientid.cl_id = 0;
1da177e4
LT		 4561 }
4562 deny->ld_start = fl->fl_start;
87df4de8
BH		 4563 deny->ld_length = NFS4_MAX_UINT64;
4564 if (fl->fl_end != NFS4_MAX_UINT64)
1da177e4
LT		 4565 deny->ld_length = fl->fl_end - fl->fl_start + 1;
4566 deny->ld_type = NFS4_READ_LT;
4567 if (fl->fl_type != F_RDLCK)
4568 deny->ld_type = NFS4_WRITE_LT;
4569}
4570
fe0750e5 4571static struct nfs4_lockowner *
b3c32bcd
TM		 4572find_lockowner_str(clientid_t *clid, struct xdr_netobj *owner,
4573 struct nfsd_net *nn)
1da177e4 4574{
b3c32bcd
TM		 4575 unsigned int strhashval = ownerstr_hashval(clid->cl_id, owner);
4576 struct nfs4_stateowner *so;
1da177e4 4577
b3c32bcd
TM		 4578 list_for_each_entry(so, &nn->ownerstr_hashtbl[strhashval], so_strhash) {
4579 if (so->so_is_open_owner)
4580 continue;
4581 if (!same_owner_str(so, owner, clid))
4582 continue;
4583 return lockowner(so);
1da177e4
LT		 4584 }
4585 return NULL;
4586}
4587
4588/*
4589 * Alloc a lock owner structure.
4590 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has
25985edc 4591 * occurred.
1da177e4 4592 *
16bfdaaf 4593 * strhashval = ownerstr_hashval
1da177e4 4594 */
fe0750e5 4595static struct nfs4_lockowner *
dcef0413 4596alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) {
fe0750e5 4597 struct nfs4_lockowner *lo;
b3c32bcd 4598 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 4599
fe0750e5
BF		 4600 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
4601 if (!lo)
1da177e4 4602 return NULL;
fe0750e5
BF		 4603 INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
4604 lo->lo_owner.so_is_open_owner = 0;
b59e3c0e
NB		 4605 /* It is the openowner seqid that will be incremented in encode in the
4606 * case of new lockowners; so increment the lock seqid manually: */
fe0750e5 4607 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1;
b3c32bcd 4608 list_add(&lo->lo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]);
fe0750e5 4609 return lo;
1da177e4
LT		 4610}
4611
dcef0413
BF		 4612static struct nfs4_ol_stateid *
4613alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp, struct nfs4_ol_stateid *open_stp)
1da177e4 4614{
dcef0413 4615 struct nfs4_ol_stateid *stp;
d3b313a4 4616 struct nfs4_client *clp = lo->lo_owner.so_client;
1da177e4 4617
996e0938 4618 stp = nfs4_alloc_stateid(clp);
5ac049ac 4619 if (stp == NULL)
6136d2b4 4620 return NULL;
3abdb607 4621 stp->st_stid.sc_type = NFS4_LOCK_STID;
fe0750e5
BF		 4622 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
4623 stp->st_stateowner = &lo->lo_owner;
13cd2184 4624 get_nfs4_file(fp);
1da177e4 4625 stp->st_file = fp;
0997b173 4626 stp->st_access_bmap = 0;
1da177e4 4627 stp->st_deny_bmap = open_stp->st_deny_bmap;
4c4cd222 4628 stp->st_openstp = open_stp;
3c87b9b7 4629 list_add(&stp->st_locks, &open_stp->st_locks);
1d31a253
TM		 4630 spin_lock(&fp->fi_lock);
4631 list_add(&stp->st_perfile, &fp->fi_stateids);
4632 spin_unlock(&fp->fi_lock);
1da177e4
LT		 4633 return stp;
4634}
4635
c53530da
JL		 4636static struct nfs4_ol_stateid *
4637find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp)
4638{
4639 struct nfs4_ol_stateid *lst;
4640
4641 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) {
4642 if (lst->st_file == fp)
4643 return lst;
4644 }
4645 return NULL;
4646}
4647
4648
fd39ca9a 4649static int
1da177e4
LT		 4650check_lock_length(u64 offset, u64 length)
4651{
87df4de8 4652 return ((length == 0) || ((length != NFS4_MAX_UINT64) &&
1da177e4
LT		 4653 LOFF_OVERFLOW(offset, length)));
4654}
4655
dcef0413 4656static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
0997b173
BF		 4657{
4658 struct nfs4_file *fp = lock_stp->st_file;
0997b173 4659
7214e860
JL		 4660 lockdep_assert_held(&fp->fi_lock);
4661
82c5ff1b 4662 if (test_access(access, lock_stp))
0997b173 4663 return;
12659651 4664 __nfs4_file_get_access(fp, access);
82c5ff1b 4665 set_access(access, lock_stp);
0997b173
BF		 4666}
4667
2355c596 4668static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new)
64a284d0
BF		 4669{
4670 struct nfs4_file *fi = ost->st_file;
4671 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
4672 struct nfs4_client *cl = oo->oo_owner.so_client;
4673 struct nfs4_lockowner *lo;
4674 unsigned int strhashval;
20e9e2bc 4675 struct nfsd_net *nn = net_generic(cl->net, nfsd_net_id);
64a284d0 4676
b3c32bcd 4677 lo = find_lockowner_str(&cl->cl_clientid, &lock->v.new.owner, nn);
c53530da
JL		 4678 if (!lo) {
4679 strhashval = ownerstr_hashval(cl->cl_clientid.cl_id,
4680 &lock->v.new.owner);
4681 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
4682 if (lo == NULL)
4683 return nfserr_jukebox;
4684 } else {
4685 /* with an existing lockowner, seqids must be the same */
4686 if (!cstate->minorversion &&
4687 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid)
64a284d0 4688 return nfserr_bad_seqid;
64a284d0 4689 }
c53530da
JL		 4690
4691 *lst = find_lock_stateid(lo, fi);
64a284d0 4692 if (*lst == NULL) {
c53530da
JL		 4693 *lst = alloc_init_lock_stateid(lo, fi, ost);
4694 if (*lst == NULL) {
4695 release_lockowner_if_empty(lo);
4696 return nfserr_jukebox;
4697 }
4698 *new = true;
64a284d0 4699 }
64a284d0
BF		 4700 return nfs_ok;
4701}
4702
1da177e4
LT		 4703/*
4704 * LOCK operation
4705 */
b37ad28b 4706__be32
ca364317 4707nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4708 struct nfsd4_lock *lock)
1da177e4 4709{
fe0750e5
BF		 4710 struct nfs4_openowner *open_sop = NULL;
4711 struct nfs4_lockowner *lock_sop = NULL;
dcef0413 4712 struct nfs4_ol_stateid *lock_stp;
7214e860 4713 struct nfs4_file *fp;
7d947842 4714 struct file *filp = NULL;
21179d81
JL		 4715 struct file_lock *file_lock = NULL;
4716 struct file_lock *conflock = NULL;
b37ad28b 4717 __be32 status = 0;
64a284d0 4718 bool new_state = false;
b34f27aa 4719 int lkflg;
b8dd7b9a 4720 int err;
3320fef1
SK		 4721 struct net *net = SVC_NET(rqstp);
4722 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4
LT		 4723
4724 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
4725 (long long) lock->lk_offset,
4726 (long long) lock->lk_length);
4727
1da177e4
LT		 4728 if (check_lock_length(lock->lk_offset, lock->lk_length))
4729 return nfserr_inval;
4730
ca364317 4731 if ((status = fh_verify(rqstp, &cstate->current_fh,
8837abca 4732 S_IFREG, NFSD_MAY_LOCK))) {
a6f6ef2f
AA		 4733 dprintk("NFSD: nfsd4_lock: permission denied!\n");
4734 return status;
4735 }
4736
1da177e4
LT		 4737 nfs4_lock_state();
4738
4739 if (lock->lk_is_new) {
dcef0413 4740 struct nfs4_ol_stateid *open_stp = NULL;
684e5638
BF		 4741
4742 if (nfsd4_has_session(cstate))
4743 /* See rfc 5661 18.10.3: given clientid is ignored: */
4744 memcpy(&lock->v.new.clientid,
4745 &cstate->session->se_client->cl_clientid,
4746 sizeof(clientid_t));
4747
1da177e4 4748 status = nfserr_stale_clientid;
2c142baa 4749 if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
1da177e4 4750 goto out;
1da177e4 4751
1da177e4 4752 /* validate and update open stateid and open seqid */
c0a5d93e 4753 status = nfs4_preprocess_confirmed_seqid_op(cstate,
1da177e4
LT		 4754 lock->lk_new_open_seqid,
4755 &lock->lk_new_open_stateid,
3320fef1 4756 &open_stp, nn);
37515177 4757 if (status)
1da177e4 4758 goto out;
fe0750e5 4759 open_sop = openowner(open_stp->st_stateowner);
b34f27aa 4760 status = nfserr_bad_stateid;
684e5638 4761 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
b34f27aa
BF		 4762 &lock->v.new.clientid))
4763 goto out;
64a284d0
BF		 4764 status = lookup_or_create_lock_state(cstate, open_stp, lock,
4765 &lock_stp, &new_state);
e1aaa891 4766 } else
dd453dfd 4767 status = nfs4_preprocess_seqid_op(cstate,
fe0750e5
BF		 4768 lock->lk_old_lock_seqid,
4769 &lock->lk_old_lock_stateid,
3320fef1 4770 NFS4_LOCK_STID, &lock_stp, nn);
e1aaa891
BF		 4771 if (status)
4772 goto out;
64a284d0 4773 lock_sop = lockowner(lock_stp->st_stateowner);
1da177e4 4774
b34f27aa
BF		 4775 lkflg = setlkflg(lock->lk_type);
4776 status = nfs4_check_openmode(lock_stp, lkflg);
4777 if (status)
4778 goto out;
4779
0dd395dc 4780 status = nfserr_grace;
3320fef1 4781 if (locks_in_grace(net) && !lock->lk_reclaim)
0dd395dc
N		 4782 goto out;
4783 status = nfserr_no_grace;
3320fef1 4784 if (!locks_in_grace(net) && lock->lk_reclaim)
0dd395dc
N		 4785 goto out;
4786
21179d81
JL		 4787 file_lock = locks_alloc_lock();
4788 if (!file_lock) {
4789 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4790 status = nfserr_jukebox;
4791 goto out;
4792 }
4793
7214e860 4794 fp = lock_stp->st_file;
21179d81 4795 locks_init_lock(file_lock);
1da177e4
LT		 4796 switch (lock->lk_type) {
4797 case NFS4_READ_LT:
4798 case NFS4_READW_LT:
7214e860
JL		 4799 spin_lock(&fp->fi_lock);
4800 filp = find_readable_file_locked(fp);
0997b173
BF		 4801 if (filp)
4802 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
7214e860 4803 spin_unlock(&fp->fi_lock);
21179d81 4804 file_lock->fl_type = F_RDLCK;
529d7b2a 4805 break;
1da177e4
LT		 4806 case NFS4_WRITE_LT:
4807 case NFS4_WRITEW_LT:
7214e860
JL		 4808 spin_lock(&fp->fi_lock);
4809 filp = find_writeable_file_locked(fp);
0997b173
BF		 4810 if (filp)
4811 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
7214e860 4812 spin_unlock(&fp->fi_lock);
21179d81 4813 file_lock->fl_type = F_WRLCK;
529d7b2a 4814 break;
1da177e4
LT		 4815 default:
4816 status = nfserr_inval;
4817 goto out;
4818 }
f9d7562f
BF		 4819 if (!filp) {
4820 status = nfserr_openmode;
4821 goto out;
4822 }
21179d81
JL		 4823 file_lock->fl_owner = (fl_owner_t)lock_sop;
4824 file_lock->fl_pid = current->tgid;
4825 file_lock->fl_file = filp;
4826 file_lock->fl_flags = FL_POSIX;
4827 file_lock->fl_lmops = &nfsd_posix_mng_ops;
4828 file_lock->fl_start = lock->lk_offset;
4829 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
4830 nfs4_transform_lock_offset(file_lock);
4831
4832 conflock = locks_alloc_lock();
4833 if (!conflock) {
4834 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4835 status = nfserr_jukebox;
4836 goto out;
4837 }
1da177e4 4838
21179d81 4839 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock);
b8dd7b9a 4840 switch (-err) {
1da177e4 4841 case 0: /* success! */
dcef0413
BF		 4842 update_stateid(&lock_stp->st_stid.sc_stateid);
4843 memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid,
1da177e4 4844 sizeof(stateid_t));
b8dd7b9a 4845 status = 0;
eb76b3fd
AA		 4846 break;
4847 case (EAGAIN): /* conflock holds conflicting lock */
4848 status = nfserr_denied;
4849 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
21179d81 4850 nfs4_set_lock_denied(conflock, &lock->lk_denied);
eb76b3fd 4851 break;
1da177e4
LT		 4852 case (EDEADLK):
4853 status = nfserr_deadlock;
eb76b3fd 4854 break;
3e772463 4855 default:
fd85b817 4856 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
3e772463 4857 status = nfserrno(err);
eb76b3fd 4858 break;
1da177e4 4859 }
1da177e4 4860out:
de18643d
TM		 4861 if (filp)
4862 fput(filp);
64a284d0 4863 if (status && new_state)
c53530da 4864 release_lock_stateid(lock_stp);
9411b1d4 4865 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4866 if (!cstate->replay_owner)
4867 nfs4_unlock_state();
21179d81
JL		 4868 if (file_lock)
4869 locks_free_lock(file_lock);
4870 if (conflock)
4871 locks_free_lock(conflock);
1da177e4
LT		 4872 return status;
4873}
4874
55ef1274
BF		 4875/*
4876 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
4877 * so we do a temporary open here just to get an open file to pass to
4878 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
4879 * inode operation.)
4880 */
04da6e9d 4881static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
55ef1274
BF		 4882{
4883 struct file *file;
04da6e9d
AV		 4884 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
4885 if (!err) {
4886 err = nfserrno(vfs_test_lock(file, lock));
4887 nfsd_close(file);
4888 }
55ef1274
BF		 4889 return err;
4890}
4891
1da177e4
LT		 4892/*
4893 * LOCKT operation
4894 */
b37ad28b 4895__be32
ca364317
BF		 4896nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4897 struct nfsd4_lockt *lockt)
1da177e4 4898{
21179d81 4899 struct file_lock *file_lock = NULL;
fe0750e5 4900 struct nfs4_lockowner *lo;
b37ad28b 4901 __be32 status;
7f2210fa 4902 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4903
5ccb0066 4904 if (locks_in_grace(SVC_NET(rqstp)))
1da177e4
LT		 4905 return nfserr_grace;
4906
4907 if (check_lock_length(lockt->lt_offset, lockt->lt_length))
4908 return nfserr_inval;
4909
1da177e4
LT		 4910 nfs4_lock_state();
4911
9b2ef62b 4912 if (!nfsd4_has_session(cstate)) {
4b24ca7d 4913 status = lookup_clientid(&lockt->lt_clientid, cstate, nn);
9b2ef62b
BF		 4914 if (status)
4915 goto out;
4916 }
1da177e4 4917
75c096f7 4918 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
1da177e4 4919 goto out;
1da177e4 4920
21179d81
JL		 4921 file_lock = locks_alloc_lock();
4922 if (!file_lock) {
4923 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4924 status = nfserr_jukebox;
4925 goto out;
4926 }
4927 locks_init_lock(file_lock);
1da177e4
LT		 4928 switch (lockt->lt_type) {
4929 case NFS4_READ_LT:
4930 case NFS4_READW_LT:
21179d81 4931 file_lock->fl_type = F_RDLCK;
1da177e4
LT		 4932 break;
4933 case NFS4_WRITE_LT:
4934 case NFS4_WRITEW_LT:
21179d81 4935 file_lock->fl_type = F_WRLCK;
1da177e4
LT		 4936 break;
4937 default:
2fdada03 4938 dprintk("NFSD: nfs4_lockt: bad lock type!\n");
1da177e4
LT		 4939 status = nfserr_inval;
4940 goto out;
4941 }
4942
b3c32bcd 4943 lo = find_lockowner_str(&lockt->lt_clientid, &lockt->lt_owner, nn);
fe0750e5 4944 if (lo)
21179d81
JL		 4945 file_lock->fl_owner = (fl_owner_t)lo;
4946 file_lock->fl_pid = current->tgid;
4947 file_lock->fl_flags = FL_POSIX;
1da177e4 4948
21179d81
JL		 4949 file_lock->fl_start = lockt->lt_offset;
4950 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
1da177e4 4951
21179d81 4952 nfs4_transform_lock_offset(file_lock);
1da177e4 4953
21179d81 4954 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
04da6e9d 4955 if (status)
fd85b817 4956 goto out;
04da6e9d 4957
21179d81 4958 if (file_lock->fl_type != F_UNLCK) {
1da177e4 4959 status = nfserr_denied;
21179d81 4960 nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
1da177e4
LT		 4961 }
4962out:
4963 nfs4_unlock_state();
21179d81
JL		 4964 if (file_lock)
4965 locks_free_lock(file_lock);
1da177e4
LT		 4966 return status;
4967}
4968
b37ad28b 4969__be32
ca364317 4970nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4971 struct nfsd4_locku *locku)
1da177e4 4972{
dcef0413 4973 struct nfs4_ol_stateid *stp;
1da177e4 4974 struct file *filp = NULL;
21179d81 4975 struct file_lock *file_lock = NULL;
b37ad28b 4976 __be32 status;
b8dd7b9a 4977 int err;
3320fef1
SK		 4978 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
4979
1da177e4
LT		 4980 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
4981 (long long) locku->lu_offset,
4982 (long long) locku->lu_length);
4983
4984 if (check_lock_length(locku->lu_offset, locku->lu_length))
4985 return nfserr_inval;
4986
4987 nfs4_lock_state();
4988
9072d5c6 4989 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
3320fef1
SK		 4990 &locku->lu_stateid, NFS4_LOCK_STID,
4991 &stp, nn);
9072d5c6 4992 if (status)
1da177e4 4993 goto out;
f9d7562f
BF		 4994 filp = find_any_file(stp->st_file);
4995 if (!filp) {
4996 status = nfserr_lock_range;
4997 goto out;
4998 }
21179d81
JL		 4999 file_lock = locks_alloc_lock();
5000 if (!file_lock) {
5001 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5002 status = nfserr_jukebox;
de18643d 5003 goto fput;
21179d81
JL		 5004 }
5005 locks_init_lock(file_lock);
5006 file_lock->fl_type = F_UNLCK;
0a262ffb 5007 file_lock->fl_owner = (fl_owner_t)lockowner(stp->st_stateowner);
21179d81
JL		 5008 file_lock->fl_pid = current->tgid;
5009 file_lock->fl_file = filp;
5010 file_lock->fl_flags = FL_POSIX;
5011 file_lock->fl_lmops = &nfsd_posix_mng_ops;
5012 file_lock->fl_start = locku->lu_offset;
5013
5014 file_lock->fl_end = last_byte_offset(locku->lu_offset,
5015 locku->lu_length);
5016 nfs4_transform_lock_offset(file_lock);
1da177e4 5017
21179d81 5018 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL);
b8dd7b9a 5019 if (err) {
fd85b817 5020 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
1da177e4
LT		 5021 goto out_nfserr;
5022 }
dcef0413
BF		 5023 update_stateid(&stp->st_stid.sc_stateid);
5024 memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
de18643d
TM		 5025fput:
5026 fput(filp);
1da177e4 5027out:
9411b1d4 5028 nfsd4_bump_seqid(cstate, status);
71c3bcd7
BF		 5029 if (!cstate->replay_owner)
5030 nfs4_unlock_state();
21179d81
JL		 5031 if (file_lock)
5032 locks_free_lock(file_lock);
1da177e4
LT		 5033 return status;
5034
5035out_nfserr:
b8dd7b9a 5036 status = nfserrno(err);
de18643d 5037 goto fput;
1da177e4
LT		 5038}
5039
5040/*
5041 * returns
5042 * 1: locks held by lockowner
5043 * 0: no locks held by lockowner
5044 */
5045static int
fe0750e5 5046check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner)
1da177e4
LT		 5047{
5048 struct file_lock **flpp;
f9d7562f 5049 struct inode *inode = filp->fi_inode;
1da177e4
LT		 5050 int status = 0;
5051
1c8c601a 5052 spin_lock(&inode->i_lock);
1da177e4 5053 for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) {
796dadfd 5054 if ((*flpp)->fl_owner == (fl_owner_t)lowner) {
1da177e4
LT		 5055 status = 1;
5056 goto out;
796dadfd 5057 }
1da177e4
LT		 5058 }
5059out:
1c8c601a 5060 spin_unlock(&inode->i_lock);
1da177e4
LT		 5061 return status;
5062}
5063
b37ad28b 5064__be32
b591480b
BF		 5065nfsd4_release_lockowner(struct svc_rqst *rqstp,
5066 struct nfsd4_compound_state *cstate,
5067 struct nfsd4_release_lockowner *rlockowner)
1da177e4
LT		 5068{
5069 clientid_t *clid = &rlockowner->rl_clientid;
fd44907c 5070 struct nfs4_stateowner *sop = NULL, *tmp;
fe0750e5 5071 struct nfs4_lockowner *lo;
dcef0413 5072 struct nfs4_ol_stateid *stp;
1da177e4 5073 struct xdr_netobj *owner = &rlockowner->rl_owner;
16bfdaaf 5074 unsigned int hashval = ownerstr_hashval(clid->cl_id, owner);
b37ad28b 5075 __be32 status;
7f2210fa 5076 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4
LT		 5077
5078 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
5079 clid->cl_boot, clid->cl_id);
5080
1da177e4
LT		 5081 nfs4_lock_state();
5082
4b24ca7d 5083 status = lookup_clientid(clid, cstate, nn);
9b2ef62b
BF		 5084 if (status)
5085 goto out;
5086
3e9e3dbe 5087 status = nfserr_locks_held;
06f1f864 5088
fd44907c
JL		 5089 /* Find the matching lock stateowner */
5090 list_for_each_entry(tmp, &nn->ownerstr_hashtbl[hashval], so_strhash) {
5091 if (tmp->so_is_open_owner)
06f1f864 5092 continue;
fd44907c
JL		 5093 if (same_owner_str(tmp, owner, clid)) {
5094 sop = tmp;
5095 break;
1da177e4 5096 }
3e9e3dbe 5097 }
fd44907c
JL		 5098
5099 /* No matching owner found, maybe a replay? Just declare victory... */
5100 if (!sop) {
5101 status = nfs_ok;
5102 goto out;
5103 }
5104
5105 lo = lockowner(sop);
5106 /* see if there are still any locks associated with it */
5107 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) {
5108 if (check_for_locks(stp->st_file, lo))
5109 goto out;
1da177e4 5110 }
fd44907c
JL		 5111
5112 status = nfs_ok;
5113 release_lockowner(lo);
1da177e4
LT		 5114out:
5115 nfs4_unlock_state();
5116 return status;
5117}
5118
5119static inline struct nfs4_client_reclaim *
a55370a3 5120alloc_reclaim(void)
1da177e4 5121{
a55370a3 5122 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
1da177e4
LT		 5123}
5124
0ce0c2b5 5125bool
52e19c09 5126nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn)
c7b9a459 5127{
0ce0c2b5 5128 struct nfs4_client_reclaim *crp;
c7b9a459 5129
52e19c09 5130 crp = nfsd4_find_reclaim_client(name, nn);
0ce0c2b5 5131 return (crp && crp->cr_clp);
c7b9a459
N		 5132}
5133
1da177e4
LT		 5134/*
5135 * failure => all reset bets are off, nfserr_no_grace...
5136 */
772a9bbb 5137struct nfs4_client_reclaim *
52e19c09 5138nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn)
1da177e4
LT		 5139{
5140 unsigned int strhashval;
772a9bbb 5141 struct nfs4_client_reclaim *crp;
1da177e4 5142
a55370a3
N		 5143 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
5144 crp = alloc_reclaim();
772a9bbb
JL		 5145 if (crp) {
5146 strhashval = clientstr_hashval(name);
5147 INIT_LIST_HEAD(&crp->cr_strhash);
52e19c09 5148 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]);
772a9bbb 5149 memcpy(crp->cr_recdir, name, HEXDIR_LEN);
0ce0c2b5 5150 crp->cr_clp = NULL;
52e19c09 5151 nn->reclaim_str_hashtbl_size++;
772a9bbb
JL		 5152 }
5153 return crp;
1da177e4
LT		 5154}
5155
ce30e539 5156void
52e19c09 5157nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn)
ce30e539
JL		 5158{
5159 list_del(&crp->cr_strhash);
5160 kfree(crp);
52e19c09 5161 nn->reclaim_str_hashtbl_size--;
ce30e539
JL		 5162}
5163
2a4317c5 5164void
52e19c09 5165nfs4_release_reclaim(struct nfsd_net *nn)
1da177e4
LT		 5166{
5167 struct nfs4_client_reclaim *crp = NULL;
5168 int i;
5169
1da177e4 5170 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
52e19c09
SK		 5171 while (!list_empty(&nn->reclaim_str_hashtbl[i])) {
5172 crp = list_entry(nn->reclaim_str_hashtbl[i].next,
1da177e4 5173 struct nfs4_client_reclaim, cr_strhash);
52e19c09 5174 nfs4_remove_reclaim_record(crp, nn);
1da177e4
LT		 5175 }
5176 }
063b0fb9 5177 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size);
1da177e4
LT		 5178}
5179
5180/*
5181 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
2a4317c5 5182struct nfs4_client_reclaim *
52e19c09 5183nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn)
1da177e4
LT		 5184{
5185 unsigned int strhashval;
1da177e4
LT		 5186 struct nfs4_client_reclaim *crp = NULL;
5187
278c931c 5188 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir);
1da177e4 5189
278c931c 5190 strhashval = clientstr_hashval(recdir);
52e19c09 5191 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) {
278c931c 5192 if (same_name(crp->cr_recdir, recdir)) {
1da177e4
LT		 5193 return crp;
5194 }
5195 }
5196 return NULL;
5197}
5198
5199/*
5200* Called from OPEN. Look for clientid in reclaim list.
5201*/
b37ad28b 5202__be32
0fe492db
TM		 5203nfs4_check_open_reclaim(clientid_t *clid,
5204 struct nfsd4_compound_state *cstate,
5205 struct nfsd_net *nn)
1da177e4 5206{
0fe492db 5207 __be32 status;
a52d726b
JL		 5208
5209 /* find clientid in conf_id_hashtbl */
0fe492db
TM		 5210 status = lookup_clientid(clid, cstate, nn);
5211 if (status)
a52d726b
JL		 5212 return nfserr_reclaim_bad;
5213
0fe492db
TM		 5214 if (nfsd4_client_record_check(cstate->clp))
5215 return nfserr_reclaim_bad;
5216
5217 return nfs_ok;
1da177e4
LT		 5218}
5219
65178db4
BS		 5220#ifdef CONFIG_NFSD_FAULT_INJECTION
5221
44e34da6
BS		 5222u64 nfsd_forget_client(struct nfs4_client *clp, u64 max)
5223{
221a6876
BF		 5224 if (mark_client_expired(clp))
5225 return 0;
44e34da6
BS		 5226 expire_client(clp);
5227 return 1;
5228}
5229
184c1847
BS		 5230u64 nfsd_print_client(struct nfs4_client *clp, u64 num)
5231{
5232 char buf[INET6_ADDRSTRLEN];
0a5c33e2 5233 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 5234 printk(KERN_INFO "NFS Client: %s\n", buf);
5235 return 1;
5236}
5237
5238static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
5239 const char *type)
5240{
5241 char buf[INET6_ADDRSTRLEN];
0a5c33e2 5242 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 5243 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
5244}
5245
3c87b9b7
TM		 5246static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max,
5247 void (*func)(struct nfs4_ol_stateid *))
fc29171f
BS		 5248{
5249 struct nfs4_openowner *oop;
fc29171f 5250 struct nfs4_ol_stateid *stp, *st_next;
3c87b9b7 5251 struct nfs4_ol_stateid *lst, *lst_next;
fc29171f
BS		 5252 u64 count = 0;
5253
5254 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) {
3c87b9b7
TM		 5255 list_for_each_entry_safe(stp, st_next,
5256 &oop->oo_owner.so_stateids, st_perstateowner) {
5257 list_for_each_entry_safe(lst, lst_next,
5258 &stp->st_locks, st_locks) {
fc29171f 5259 if (func)
3c87b9b7 5260 func(lst);
fc29171f
BS		 5261 if (++count == max)
5262 return count;
5263 }
5264 }
5265 }
5266
5267 return count;
5268}
5269
5270u64 nfsd_forget_client_locks(struct nfs4_client *clp, u64 max)
5271{
3c87b9b7 5272 return nfsd_foreach_client_lock(clp, max, release_lock_stateid);
fc29171f
BS		 5273}
5274
184c1847
BS		 5275u64 nfsd_print_client_locks(struct nfs4_client *clp, u64 max)
5276{
5277 u64 count = nfsd_foreach_client_lock(clp, max, NULL);
5278 nfsd_print_count(clp, count, "locked files");
5279 return count;
5280}
5281
4dbdbda8
BS		 5282static u64 nfsd_foreach_client_open(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_openowner *))
5283{
5284 struct nfs4_openowner *oop, *next;
5285 u64 count = 0;
5286
5287 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) {
5288 if (func)
5289 func(oop);
5290 if (++count == max)
5291 break;
5292 }
5293
5294 return count;
5295}
5296
5297u64 nfsd_forget_client_openowners(struct nfs4_client *clp, u64 max)
5298{
5299 return nfsd_foreach_client_open(clp, max, release_openowner);
5300}
5301
184c1847
BS		 5302u64 nfsd_print_client_openowners(struct nfs4_client *clp, u64 max)
5303{
5304 u64 count = nfsd_foreach_client_open(clp, max, NULL);
5305 nfsd_print_count(clp, count, "open files");
5306 return count;
5307}
5308
269de30f
BS		 5309static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max,
5310 struct list_head *victims)
5311{
5312 struct nfs4_delegation *dp, *next;
5313 u64 count = 0;
5314
cdc97505 5315 lockdep_assert_held(&state_lock);
269de30f 5316 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) {
dff1399f
JL		 5317 if (victims) {
5318 /*
5319 * It's not safe to mess with delegations that have a
5320 * non-zero dl_time. They might have already been broken
5321 * and could be processed by the laundromat outside of
5322 * the state_lock. Just leave them be.
5323 */
5324 if (dp->dl_time != 0)
5325 continue;
5326
5327 /*
5328 * Increment dl_time to ensure that delegation breaks
5329 * don't monkey with it now that we are.
5330 */
5331 ++dp->dl_time;
269de30f 5332 list_move(&dp->dl_recall_lru, victims);
dff1399f 5333 }
269de30f
BS		 5334 if (++count == max)
5335 break;
5336 }
5337 return count;
5338}
5339
5340u64 nfsd_forget_client_delegations(struct nfs4_client *clp, u64 max)
5341{
5342 struct nfs4_delegation *dp, *next;
5343 LIST_HEAD(victims);
5344 u64 count;
5345
cdc97505 5346 spin_lock(&state_lock);
269de30f 5347 count = nfsd_find_all_delegations(clp, max, &victims);
cdc97505 5348 spin_unlock(&state_lock);
269de30f
BS		 5349
5350 list_for_each_entry_safe(dp, next, &victims, dl_recall_lru)
3bd64a5b 5351 revoke_delegation(dp);
269de30f
BS		 5352
5353 return count;
5354}
5355
5356u64 nfsd_recall_client_delegations(struct nfs4_client *clp, u64 max)
5357{
dff1399f 5358 struct nfs4_delegation *dp;
269de30f
BS		 5359 LIST_HEAD(victims);
5360 u64 count;
5361
cdc97505 5362 spin_lock(&state_lock);
269de30f 5363 count = nfsd_find_all_delegations(clp, max, &victims);
dff1399f
JL		 5364 while (!list_empty(&victims)) {
5365 dp = list_first_entry(&victims, struct nfs4_delegation,
5366 dl_recall_lru);
5367 list_del_init(&dp->dl_recall_lru);
5368 dp->dl_time = 0;
269de30f 5369 nfsd_break_one_deleg(dp);
dff1399f 5370 }
cdc97505 5371 spin_unlock(&state_lock);
269de30f
BS		 5372
5373 return count;
5374}
5375
184c1847
BS		 5376u64 nfsd_print_client_delegations(struct nfs4_client *clp, u64 max)
5377{
5378 u64 count = 0;
5379
cdc97505 5380 spin_lock(&state_lock);
184c1847 5381 count = nfsd_find_all_delegations(clp, max, NULL);
cdc97505 5382 spin_unlock(&state_lock);
184c1847
BS		 5383
5384 nfsd_print_count(clp, count, "delegations");
5385 return count;
5386}
5387
44e34da6 5388u64 nfsd_for_n_state(u64 max, u64 (*func)(struct nfs4_client *, u64))
65178db4
BS		 5389{
5390 struct nfs4_client *clp, *next;
44e34da6 5391 u64 count = 0;
3320fef1 5392 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
65178db4 5393
44e34da6
BS		 5394 if (!nfsd_netns_ready(nn))
5395 return 0;
5396
5ed58bb2 5397 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
44e34da6
BS		 5398 count += func(clp, max - count);
5399 if ((max != 0) && (count >= max))
65178db4
BS		 5400 break;
5401 }
65178db4 5402
44e34da6
BS		 5403 return count;
5404}
5405
6c1e82a4
BS		 5406struct nfs4_client *nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size)
5407{
5408 struct nfs4_client *clp;
5409 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
5410
5411 if (!nfsd_netns_ready(nn))
5412 return NULL;
5413
5414 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
5415 if (memcmp(&clp->cl_addr, addr, addr_size) == 0)
5416 return clp;
5417 }
5418 return NULL;
5419}
5420
65178db4
BS		 5421#endif /* CONFIG_NFSD_FAULT_INJECTION */
5422
c2f1a551
MS		 5423/*
5424 * Since the lifetime of a delegation isn't limited to that of an open, a
5425 * client may quite reasonably hang on to a delegation as long as it has
5426 * the inode cached. This becomes an obvious problem the first time a
5427 * client's inode cache approaches the size of the server's total memory.
5428 *
5429 * For now we avoid this problem by imposing a hard limit on the number
5430 * of delegations, which varies according to the server's memory size.
5431 */
5432static void
5433set_max_delegations(void)
5434{
5435 /*
5436 * Allow at most 4 delegations per megabyte of RAM. Quick
5437 * estimates suggest that in the worst case (where every delegation
5438 * is for a different inode), a delegation could take about 1.5K,
5439 * giving a worst case usage of about 6% of memory.
5440 */
5441 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
5442}
5443
d85ed443 5444static int nfs4_state_create_net(struct net *net)
8daae4dc
SK		 5445{
5446 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5447 int i;
5448
5449 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) *
5450 CLIENT_HASH_SIZE, GFP_KERNEL);
5451 if (!nn->conf_id_hashtbl)
382a62e7 5452 goto err;
0a7ec377
SK		 5453 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) *
5454 CLIENT_HASH_SIZE, GFP_KERNEL);
5455 if (!nn->unconf_id_hashtbl)
5456 goto err_unconf_id;
9b531137
SK		 5457 nn->ownerstr_hashtbl = kmalloc(sizeof(struct list_head) *
5458 OWNER_HASH_SIZE, GFP_KERNEL);
5459 if (!nn->ownerstr_hashtbl)
5460 goto err_ownerstr;
1872de0e
SK		 5461 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) *
5462 SESSION_HASH_SIZE, GFP_KERNEL);
5463 if (!nn->sessionid_hashtbl)
5464 goto err_sessionid;
8daae4dc 5465
382a62e7 5466 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
8daae4dc 5467 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]);
0a7ec377 5468 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]);
382a62e7 5469 }
9b531137
SK		 5470 for (i = 0; i < OWNER_HASH_SIZE; i++)
5471 INIT_LIST_HEAD(&nn->ownerstr_hashtbl[i]);
1872de0e
SK		 5472 for (i = 0; i < SESSION_HASH_SIZE; i++)
5473 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]);
382a62e7 5474 nn->conf_name_tree = RB_ROOT;
a99454aa 5475 nn->unconf_name_tree = RB_ROOT;
5ed58bb2 5476 INIT_LIST_HEAD(&nn->client_lru);
73758fed 5477 INIT_LIST_HEAD(&nn->close_lru);
e8c69d17 5478 INIT_LIST_HEAD(&nn->del_recall_lru);
c9a49628 5479 spin_lock_init(&nn->client_lock);
8daae4dc 5480
09121281 5481 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main);
d85ed443 5482 get_net(net);
09121281 5483
8daae4dc 5484 return 0;
382a62e7 5485
1872de0e 5486err_sessionid:
20e9e2bc 5487 kfree(nn->ownerstr_hashtbl);
9b531137
SK		 5488err_ownerstr:
5489 kfree(nn->unconf_id_hashtbl);
0a7ec377
SK		 5490err_unconf_id:
5491 kfree(nn->conf_id_hashtbl);
382a62e7
SK		 5492err:
5493 return -ENOMEM;
8daae4dc
SK		 5494}
5495
5496static void
4dce0ac9 5497nfs4_state_destroy_net(struct net *net)
8daae4dc
SK		 5498{
5499 int i;
5500 struct nfs4_client *clp = NULL;
5501 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5502
5503 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
5504 while (!list_empty(&nn->conf_id_hashtbl[i])) {
5505 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
5506 destroy_client(clp);
5507 }
5508 }
a99454aa 5509
2b905635
KM		 5510 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
5511 while (!list_empty(&nn->unconf_id_hashtbl[i])) {
5512 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
5513 destroy_client(clp);
5514 }
a99454aa
SK		 5515 }
5516
1872de0e 5517 kfree(nn->sessionid_hashtbl);
9b531137 5518 kfree(nn->ownerstr_hashtbl);
0a7ec377 5519 kfree(nn->unconf_id_hashtbl);
8daae4dc 5520 kfree(nn->conf_id_hashtbl);
4dce0ac9 5521 put_net(net);
8daae4dc
SK		 5522}
5523
f252bc68 5524int
d85ed443 5525nfs4_state_start_net(struct net *net)
ac4d8ff2 5526{
5e1533c7 5527 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b5a1a81e
BF		 5528 int ret;
5529
d85ed443 5530 ret = nfs4_state_create_net(net);
8daae4dc
SK		 5531 if (ret)
5532 return ret;
5e1533c7 5533 nfsd4_client_tracking_init(net);
2c142baa 5534 nn->boot_time = get_seconds();
5ccb0066 5535 locks_start_grace(net, &nn->nfsd4_manager);
a51c84ed 5536 nn->grace_ended = false;
d85ed443 5537 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %p)\n",
5284b44e
SK		 5538 nn->nfsd4_grace, net);
5539 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ);
d85ed443
SK		 5540 return 0;
5541}
5542
5543/* initialization to perform when the nfsd service is started: */
5544
5545int
5546nfs4_state_start(void)
5547{
5548 int ret;
5549
b5a1a81e 5550 ret = set_callback_cred();
d85ed443
SK		 5551 if (ret)
5552 return -ENOMEM;
58da282b 5553 laundry_wq = create_singlethread_workqueue("nfsd4");
a6d6b781
JL		 5554 if (laundry_wq == NULL) {
5555 ret = -ENOMEM;
5556 goto out_recovery;
5557 }
b5a1a81e
BF		 5558 ret = nfsd4_create_callback_queue();
5559 if (ret)
5560 goto out_free_laundry;
09121281 5561
c2f1a551 5562 set_max_delegations();
d85ed443 5563
b5a1a81e 5564 return 0;
d85ed443 5565
b5a1a81e
BF		 5566out_free_laundry:
5567 destroy_workqueue(laundry_wq);
a6d6b781 5568out_recovery:
b5a1a81e 5569 return ret;
1da177e4
LT		 5570}
5571
f252bc68 5572void
4dce0ac9 5573nfs4_state_shutdown_net(struct net *net)
1da177e4 5574{
1da177e4 5575 struct nfs4_delegation *dp = NULL;
1da177e4 5576 struct list_head *pos, *next, reaplist;
4dce0ac9 5577 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 5578
4dce0ac9
SK		 5579 cancel_delayed_work_sync(&nn->laundromat_work);
5580 locks_end_grace(&nn->nfsd4_manager);
ac55fdc4 5581
e50a26dc 5582 nfs4_lock_state();
1da177e4 5583 INIT_LIST_HEAD(&reaplist);
cdc97505 5584 spin_lock(&state_lock);
e8c69d17 5585 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4
LT		 5586 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
5587 list_move(&dp->dl_recall_lru, &reaplist);
5588 }
cdc97505 5589 spin_unlock(&state_lock);
1da177e4
LT		 5590 list_for_each_safe(pos, next, &reaplist) {
5591 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3bd64a5b 5592 destroy_delegation(dp);
1da177e4
LT		 5593 }
5594
3320fef1 5595 nfsd4_client_tracking_exit(net);
4dce0ac9 5596 nfs4_state_destroy_net(net);
e50a26dc 5597 nfs4_unlock_state();
1da177e4
LT		 5598}
5599
5600void
5601nfs4_state_shutdown(void)
5602{
5e8d5c29 5603 destroy_workqueue(laundry_wq);
c3935e30 5604 nfsd4_destroy_callback_queue();
1da177e4 5605}
8b70484c
TM		 5606
5607static void
5608get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
5609{
37c593c5
TM		 5610 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
5611 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
8b70484c
TM		 5612}
5613
5614static void
5615put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
5616{
37c593c5
TM		 5617 if (cstate->minorversion) {
5618 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
5619 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
5620 }
5621}
5622
5623void
5624clear_current_stateid(struct nfsd4_compound_state *cstate)
5625{
5626 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
8b70484c
TM		 5627}
5628
62cd4a59
TM		 5629/*
5630 * functions to set current state id
5631 */
9428fe1a
TM		 5632void
5633nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
5634{
5635 put_stateid(cstate, &odp->od_stateid);
5636}
5637
8b70484c
TM		 5638void
5639nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
5640{
5641 put_stateid(cstate, &open->op_stateid);
5642}
5643
62cd4a59
TM		 5644void
5645nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
5646{
5647 put_stateid(cstate, &close->cl_stateid);
5648}
5649
5650void
5651nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
5652{
5653 put_stateid(cstate, &lock->lk_resp_stateid);
5654}
5655
5656/*
5657 * functions to consume current state id
5658 */
1e97b519 5659
9428fe1a
TM		 5660void
5661nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
5662{
5663 get_stateid(cstate, &odp->od_stateid);
5664}
5665
5666void
5667nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
5668{
5669 get_stateid(cstate, &drp->dr_stateid);
5670}
5671
1e97b519
TM		 5672void
5673nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
5674{
5675 get_stateid(cstate, &fsp->fr_stateid);
5676}
5677
5678void
5679nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
5680{
5681 get_stateid(cstate, &setattr->sa_stateid);
5682}
5683
8b70484c
TM		 5684void
5685nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
5686{
5687 get_stateid(cstate, &close->cl_stateid);
5688}
5689
5690void
62cd4a59 5691nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
8b70484c 5692{
62cd4a59 5693 get_stateid(cstate, &locku->lu_stateid);
8b70484c 5694}
30813e27
TM		 5695
5696void
5697nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
5698{
5699 get_stateid(cstate, &read->rd_stateid);
5700}
5701
5702void
5703nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
5704{
5705 get_stateid(cstate, &write->wr_stateid);
5706}
Linux 6.x block layer and io_uring tree(s)