]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - fs/nfsd/nfs4state.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nfsd: ensure that clp->cl_revoked list is protected by clp->cl_lock
[mirror_ubuntu-artful-kernel.git] / fs / nfsd / nfs4state.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2* Copyright (c) 2001 The Regents of the University of Michigan.
3* All rights reserved.
4*
5* Kendrick Smith <kmsmith@umich.edu>
6* Andy Adamson <kandros@umich.edu>
7*
8* Redistribution and use in source and binary forms, with or without
9* modification, are permitted provided that the following conditions
10* are met:
11*
12* 1. Redistributions of source code must retain the above copyright
13* notice, this list of conditions and the following disclaimer.
14* 2. Redistributions in binary form must reproduce the above copyright
15* notice, this list of conditions and the following disclaimer in the
16* documentation and/or other materials provided with the distribution.
17* 3. Neither the name of the University nor the names of its
18* contributors may be used to endorse or promote products derived
19* from this software without specific prior written permission.
20*
21* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32*
33*/
34
aceaf78d 35#include <linux/file.h>
b89f4321 36#include <linux/fs.h>
5a0e3ad6 37#include <linux/slab.h>
0964a3d3 38#include <linux/namei.h>
c2f1a551 39#include <linux/swap.h>
17456804 40#include <linux/pagemap.h>
7df302f7 41#include <linux/ratelimit.h>
68e76ad0 42#include <linux/sunrpc/svcauth_gss.h>
5976687a 43#include <linux/sunrpc/addr.h>
6282cd56 44#include <linux/hash.h>
9a74af21 45#include "xdr4.h"
06b332a5 46#include "xdr4cb.h"
0a3adade 47#include "vfs.h"
bfa4b365 48#include "current_stateid.h"
1da177e4 49
5e1533c7
SK		 50#include "netns.h"
51
1da177e4
LT		 52#define NFSDDBG_FACILITY NFSDDBG_PROC
53
f32f3c2d
BF		 54#define all_ones {{~0,~0},~0}
55static const stateid_t one_stateid = {
56 .si_generation = ~0,
57 .si_opaque = all_ones,
58};
59static const stateid_t zero_stateid = {
60 /* all fields zero */
61};
19ff0f28
TM		 62static const stateid_t currentstateid = {
63 .si_generation = 1,
64};
f32f3c2d 65
ec6b5d7b 66static u64 current_sessionid = 1;
fd39ca9a 67
f32f3c2d
BF		 68#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
69#define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
19ff0f28 70#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
1da177e4 71
1da177e4 72/* forward declarations */
f9c00c3a 73static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner);
1da177e4 74
8b671b80
BF		 75/* Locking: */
76
77/* Currently used for almost all code touching nfsv4 state: */
353ab6e9 78static DEFINE_MUTEX(client_mutex);
1da177e4 79
8b671b80
BF		 80/*
81 * Currently used for the del_recall_lru and file hash table. In an
82 * effort to decrease the scope of the client_mutex, this spinlock may
83 * eventually cover more:
84 */
cdc97505 85static DEFINE_SPINLOCK(state_lock);
8b671b80 86
abf1135b
CH		 87static struct kmem_cache *openowner_slab;
88static struct kmem_cache *lockowner_slab;
89static struct kmem_cache *file_slab;
90static struct kmem_cache *stateid_slab;
91static struct kmem_cache *deleg_slab;
e60d4398 92
1da177e4
LT		 93void
94nfs4_lock_state(void)
95{
353ab6e9 96 mutex_lock(&client_mutex);
1da177e4
LT		 97}
98
66b2b9b2 99static void free_session(struct nfsd4_session *);
508dc6e1 100
f0f51f5c 101static bool is_session_dead(struct nfsd4_session *ses)
66b2b9b2 102{
f0f51f5c 103 return ses->se_flags & NFS4_SESSION_DEAD;
66b2b9b2
BF		 104}
105
f0f51f5c 106static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me)
508dc6e1 107{
f0f51f5c 108 if (atomic_read(&ses->se_ref) > ref_held_by_me)
66b2b9b2
BF		 109 return nfserr_jukebox;
110 ses->se_flags |= NFS4_SESSION_DEAD;
111 return nfs_ok;
508dc6e1
BH		 112}
113
1da177e4
LT		 114void
115nfs4_unlock_state(void)
116{
353ab6e9 117 mutex_unlock(&client_mutex);
1da177e4
LT		 118}
119
221a6876
BF		 120static bool is_client_expired(struct nfs4_client *clp)
121{
122 return clp->cl_time == 0;
123}
124
125static __be32 mark_client_expired_locked(struct nfs4_client *clp)
126{
127 if (atomic_read(&clp->cl_refcount))
128 return nfserr_jukebox;
129 clp->cl_time = 0;
130 return nfs_ok;
131}
132
133static __be32 mark_client_expired(struct nfs4_client *clp)
134{
135 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
136 __be32 ret;
137
138 spin_lock(&nn->client_lock);
139 ret = mark_client_expired_locked(clp);
140 spin_unlock(&nn->client_lock);
141 return ret;
142}
143
144static __be32 get_client_locked(struct nfs4_client *clp)
145{
146 if (is_client_expired(clp))
147 return nfserr_expired;
148 atomic_inc(&clp->cl_refcount);
149 return nfs_ok;
150}
151
152/* must be called under the client_lock */
153static inline void
154renew_client_locked(struct nfs4_client *clp)
155{
156 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
157
158 if (is_client_expired(clp)) {
159 WARN_ON(1);
160 printk("%s: client (clientid %08x/%08x) already expired\n",
161 __func__,
162 clp->cl_clientid.cl_boot,
163 clp->cl_clientid.cl_id);
164 return;
165 }
166
167 dprintk("renewing client (clientid %08x/%08x)\n",
168 clp->cl_clientid.cl_boot,
169 clp->cl_clientid.cl_id);
170 list_move_tail(&clp->cl_lru, &nn->client_lru);
171 clp->cl_time = get_seconds();
172}
173
174static inline void
175renew_client(struct nfs4_client *clp)
176{
177 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
178
179 spin_lock(&nn->client_lock);
180 renew_client_locked(clp);
181 spin_unlock(&nn->client_lock);
182}
183
ba138435 184static void put_client_renew_locked(struct nfs4_client *clp)
221a6876
BF		 185{
186 if (!atomic_dec_and_test(&clp->cl_refcount))
187 return;
188 if (!is_client_expired(clp))
189 renew_client_locked(clp);
190}
191
4b24ca7d
JL		 192static void put_client_renew(struct nfs4_client *clp)
193{
194 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
195
d6c249b4
JL		 196 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock))
197 return;
198 if (!is_client_expired(clp))
199 renew_client_locked(clp);
4b24ca7d
JL		 200 spin_unlock(&nn->client_lock);
201}
202
d4e19e70
TM		 203static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses)
204{
205 __be32 status;
206
207 if (is_session_dead(ses))
208 return nfserr_badsession;
209 status = get_client_locked(ses->se_client);
210 if (status)
211 return status;
212 atomic_inc(&ses->se_ref);
213 return nfs_ok;
214}
215
216static void nfsd4_put_session_locked(struct nfsd4_session *ses)
217{
218 struct nfs4_client *clp = ses->se_client;
219
220 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses))
221 free_session(ses);
222 put_client_renew_locked(clp);
223}
224
225static void nfsd4_put_session(struct nfsd4_session *ses)
226{
227 struct nfs4_client *clp = ses->se_client;
228 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
229
230 spin_lock(&nn->client_lock);
231 nfsd4_put_session_locked(ses);
232 spin_unlock(&nn->client_lock);
233}
234
235
1da177e4
LT		 236static inline u32
237opaque_hashval(const void *ptr, int nbytes)
238{
239 unsigned char *cptr = (unsigned char *) ptr;
240
241 u32 x = 0;
242 while (nbytes--) {
243 x *= 37;
244 x += *cptr++;
245 }
246 return x;
247}
248
32513b40
BF		 249static void nfsd4_free_file(struct nfs4_file *f)
250{
251 kmem_cache_free(file_slab, f);
252}
253
13cd2184
N		 254static inline void
255put_nfs4_file(struct nfs4_file *fi)
256{
02e1215f
JL		 257 might_lock(&state_lock);
258
cdc97505 259 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) {
89876f8c 260 hlist_del(&fi->fi_hash);
cdc97505 261 spin_unlock(&state_lock);
32513b40 262 nfsd4_free_file(fi);
8b671b80 263 }
13cd2184
N		 264}
265
266static inline void
267get_nfs4_file(struct nfs4_file *fi)
268{
8b671b80 269 atomic_inc(&fi->fi_ref);
13cd2184
N		 270}
271
de18643d
TM		 272static struct file *
273__nfs4_get_fd(struct nfs4_file *f, int oflag)
274{
275 if (f->fi_fds[oflag])
276 return get_file(f->fi_fds[oflag]);
277 return NULL;
278}
279
280static struct file *
281find_writeable_file_locked(struct nfs4_file *f)
282{
283 struct file *ret;
284
285 lockdep_assert_held(&f->fi_lock);
286
287 ret = __nfs4_get_fd(f, O_WRONLY);
288 if (!ret)
289 ret = __nfs4_get_fd(f, O_RDWR);
290 return ret;
291}
292
293static struct file *
294find_writeable_file(struct nfs4_file *f)
295{
296 struct file *ret;
297
298 spin_lock(&f->fi_lock);
299 ret = find_writeable_file_locked(f);
300 spin_unlock(&f->fi_lock);
301
302 return ret;
303}
304
305static struct file *find_readable_file_locked(struct nfs4_file *f)
306{
307 struct file *ret;
308
309 lockdep_assert_held(&f->fi_lock);
310
311 ret = __nfs4_get_fd(f, O_RDONLY);
312 if (!ret)
313 ret = __nfs4_get_fd(f, O_RDWR);
314 return ret;
315}
316
317static struct file *
318find_readable_file(struct nfs4_file *f)
319{
320 struct file *ret;
321
322 spin_lock(&f->fi_lock);
323 ret = find_readable_file_locked(f);
324 spin_unlock(&f->fi_lock);
325
326 return ret;
327}
328
329static struct file *
330find_any_file(struct nfs4_file *f)
331{
332 struct file *ret;
333
334 spin_lock(&f->fi_lock);
335 ret = __nfs4_get_fd(f, O_RDWR);
336 if (!ret) {
337 ret = __nfs4_get_fd(f, O_WRONLY);
338 if (!ret)
339 ret = __nfs4_get_fd(f, O_RDONLY);
340 }
341 spin_unlock(&f->fi_lock);
342 return ret;
343}
344
ef0f3390 345static int num_delegations;
697ce9be 346unsigned long max_delegations;
ef0f3390
N		 347
348/*
349 * Open owner state (share locks)
350 */
351
16bfdaaf
BF		 352/* hash tables for lock and open owners */
353#define OWNER_HASH_BITS 8
354#define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS)
355#define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1)
ef0f3390 356
16bfdaaf 357static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername)
ddc04c41
BF		 358{
359 unsigned int ret;
360
361 ret = opaque_hashval(ownername->data, ownername->len);
362 ret += clientid;
16bfdaaf 363 return ret & OWNER_HASH_MASK;
ddc04c41 364}
ef0f3390 365
ef0f3390
N		 366/* hash table for nfs4_file */
367#define FILE_HASH_BITS 8
368#define FILE_HASH_SIZE (1 << FILE_HASH_BITS)
35079582 369
ca943217 370static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh)
ddc04c41 371{
ca943217
TM		 372 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0);
373}
374
375static unsigned int file_hashval(struct knfsd_fh *fh)
376{
377 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1);
378}
379
380static bool nfsd_fh_match(struct knfsd_fh *fh1, struct knfsd_fh *fh2)
381{
382 return fh1->fh_size == fh2->fh_size &&
383 !memcmp(fh1->fh_base.fh_pad,
384 fh2->fh_base.fh_pad,
385 fh1->fh_size);
ddc04c41
BF		 386}
387
89876f8c 388static struct hlist_head file_hashtbl[FILE_HASH_SIZE];
ef0f3390 389
12659651
JL		 390static void
391__nfs4_file_get_access(struct nfs4_file *fp, u32 access)
3477565e 392{
7214e860
JL		 393 lockdep_assert_held(&fp->fi_lock);
394
12659651
JL		 395 if (access & NFS4_SHARE_ACCESS_WRITE)
396 atomic_inc(&fp->fi_access[O_WRONLY]);
397 if (access & NFS4_SHARE_ACCESS_READ)
398 atomic_inc(&fp->fi_access[O_RDONLY]);
3477565e
BF		 399}
400
12659651
JL		 401static __be32
402nfs4_file_get_access(struct nfs4_file *fp, u32 access)
998db52c 403{
7214e860
JL		 404 lockdep_assert_held(&fp->fi_lock);
405
12659651
JL		 406 /* Does this access mode make sense? */
407 if (access & ~NFS4_SHARE_ACCESS_BOTH)
408 return nfserr_inval;
409
baeb4ff0
JL		 410 /* Does it conflict with a deny mode already set? */
411 if ((access & fp->fi_share_deny) != 0)
412 return nfserr_share_denied;
413
12659651
JL		 414 __nfs4_file_get_access(fp, access);
415 return nfs_ok;
998db52c
BF		 416}
417
baeb4ff0
JL		 418static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny)
419{
420 /* Common case is that there is no deny mode. */
421 if (deny) {
422 /* Does this deny mode make sense? */
423 if (deny & ~NFS4_SHARE_DENY_BOTH)
424 return nfserr_inval;
425
426 if ((deny & NFS4_SHARE_DENY_READ) &&
427 atomic_read(&fp->fi_access[O_RDONLY]))
428 return nfserr_share_denied;
429
430 if ((deny & NFS4_SHARE_DENY_WRITE) &&
431 atomic_read(&fp->fi_access[O_WRONLY]))
432 return nfserr_share_denied;
433 }
434 return nfs_ok;
435}
436
998db52c 437static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
f9d7562f 438{
de18643d
TM		 439 might_lock(&fp->fi_lock);
440
441 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) {
442 struct file *f1 = NULL;
443 struct file *f2 = NULL;
444
6d338b51 445 swap(f1, fp->fi_fds[oflag]);
0c7c3e67 446 if (atomic_read(&fp->fi_access[1 - oflag]) == 0)
6d338b51 447 swap(f2, fp->fi_fds[O_RDWR]);
de18643d
TM		 448 spin_unlock(&fp->fi_lock);
449 if (f1)
450 fput(f1);
451 if (f2)
452 fput(f2);
f9d7562f
BF		 453 }
454}
455
12659651 456static void nfs4_file_put_access(struct nfs4_file *fp, u32 access)
998db52c 457{
12659651
JL		 458 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH);
459
460 if (access & NFS4_SHARE_ACCESS_WRITE)
998db52c 461 __nfs4_file_put_access(fp, O_WRONLY);
12659651
JL		 462 if (access & NFS4_SHARE_ACCESS_READ)
463 __nfs4_file_put_access(fp, O_RDONLY);
998db52c
BF		 464}
465
3abdb607
BF		 466static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct
467kmem_cache *slab)
2a74aba7 468{
3abdb607 469 struct idr *stateids = &cl->cl_stateids;
3abdb607 470 struct nfs4_stid *stid;
6136d2b4 471 int new_id;
2a74aba7 472
f8338834 473 stid = kmem_cache_zalloc(slab, GFP_KERNEL);
3abdb607
BF		 474 if (!stid)
475 return NULL;
476
398c33aa 477 new_id = idr_alloc_cyclic(stateids, stid, 0, 0, GFP_KERNEL);
ebd6c707 478 if (new_id < 0)
3abdb607 479 goto out_free;
2a74aba7 480 stid->sc_client = cl;
3abdb607
BF		 481 stid->sc_stateid.si_opaque.so_id = new_id;
482 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid;
2a74aba7 483 /* Will be incremented before return to client: */
72c0b0fb 484 atomic_set(&stid->sc_count, 1);
996e0938 485
996e0938 486 /*
3abdb607
BF		 487 * It shouldn't be a problem to reuse an opaque stateid value.
488 * I don't think it is for 4.1. But with 4.0 I worry that, for
489 * example, a stray write retransmission could be accepted by
490 * the server when it should have been rejected. Therefore,
491 * adopt a trick from the sctp code to attempt to maximize the
492 * amount of time until an id is reused, by ensuring they always
493 * "increase" (mod INT_MAX):
996e0938 494 */
3abdb607
BF		 495 return stid;
496out_free:
2c44a234 497 kmem_cache_free(slab, stid);
3abdb607 498 return NULL;
2a74aba7
BF		 499}
500
4cdc951b
BF		 501static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp)
502{
503 return openlockstateid(nfs4_alloc_stid(clp, stateid_slab));
504}
505
6282cd56
N		 506/*
507 * When we recall a delegation, we should be careful not to hand it
508 * out again straight away.
509 * To ensure this we keep a pair of bloom filters ('new' and 'old')
510 * in which the filehandles of recalled delegations are "stored".
511 * If a filehandle appear in either filter, a delegation is blocked.
512 * When a delegation is recalled, the filehandle is stored in the "new"
513 * filter.
514 * Every 30 seconds we swap the filters and clear the "new" one,
515 * unless both are empty of course.
516 *
517 * Each filter is 256 bits. We hash the filehandle to 32bit and use the
518 * low 3 bytes as hash-table indices.
519 *
520 * 'state_lock', which is always held when block_delegations() is called,
521 * is used to manage concurrent access. Testing does not need the lock
522 * except when swapping the two filters.
523 */
524static struct bloom_pair {
525 int entries, old_entries;
526 time_t swap_time;
527 int new; /* index into 'set' */
528 DECLARE_BITMAP(set[2], 256);
529} blocked_delegations;
530
531static int delegation_blocked(struct knfsd_fh *fh)
532{
533 u32 hash;
534 struct bloom_pair *bd = &blocked_delegations;
535
536 if (bd->entries == 0)
537 return 0;
538 if (seconds_since_boot() - bd->swap_time > 30) {
539 spin_lock(&state_lock);
540 if (seconds_since_boot() - bd->swap_time > 30) {
541 bd->entries -= bd->old_entries;
542 bd->old_entries = bd->entries;
543 memset(bd->set[bd->new], 0,
544 sizeof(bd->set[0]));
545 bd->new = 1-bd->new;
546 bd->swap_time = seconds_since_boot();
547 }
548 spin_unlock(&state_lock);
549 }
550 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);
551 if (test_bit(hash&255, bd->set[0]) &&
552 test_bit((hash>>8)&255, bd->set[0]) &&
553 test_bit((hash>>16)&255, bd->set[0]))
554 return 1;
555
556 if (test_bit(hash&255, bd->set[1]) &&
557 test_bit((hash>>8)&255, bd->set[1]) &&
558 test_bit((hash>>16)&255, bd->set[1]))
559 return 1;
560
561 return 0;
562}
563
564static void block_delegations(struct knfsd_fh *fh)
565{
566 u32 hash;
567 struct bloom_pair *bd = &blocked_delegations;
568
02e1215f
JL		 569 lockdep_assert_held(&state_lock);
570
6282cd56
N		 571 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);
572
573 __set_bit(hash&255, bd->set[bd->new]);
574 __set_bit((hash>>8)&255, bd->set[bd->new]);
575 __set_bit((hash>>16)&255, bd->set[bd->new]);
576 if (bd->entries == 0)
577 bd->swap_time = seconds_since_boot();
578 bd->entries += 1;
579}
580
1da177e4 581static struct nfs4_delegation *
99c41515 582alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh)
1da177e4
LT		 583{
584 struct nfs4_delegation *dp;
1da177e4
LT		 585
586 dprintk("NFSD alloc_init_deleg\n");
c2f1a551 587 if (num_delegations > max_delegations)
ef0f3390 588 return NULL;
6282cd56
N		 589 if (delegation_blocked(&current_fh->fh_handle))
590 return NULL;
996e0938 591 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab));
5b2d21c1 592 if (dp == NULL)
1da177e4 593 return dp;
2a74aba7
BF		 594 /*
595 * delegation seqid's are never incremented. The 4.1 special
6136d2b4
BF		 596 * meaning of seqid 0 isn't meaningful, really, but let's avoid
597 * 0 anyway just for consistency and use 1:
2a74aba7
BF		 598 */
599 dp->dl_stid.sc_stateid.si_generation = 1;
ef0f3390 600 num_delegations++;
ea1da636
N		 601 INIT_LIST_HEAD(&dp->dl_perfile);
602 INIT_LIST_HEAD(&dp->dl_perclnt);
1da177e4 603 INIT_LIST_HEAD(&dp->dl_recall_lru);
99c41515 604 dp->dl_type = NFS4_OPEN_DELEGATE_READ;
6c02eaa1 605 fh_copy_shallow(&dp->dl_fh, &current_fh->fh_handle);
02e1215f 606 INIT_WORK(&dp->dl_recall.cb_work, nfsd4_run_cb_recall);
1da177e4
LT		 607 return dp;
608}
609
68a33961 610static void remove_stid(struct nfs4_stid *s)
3abdb607
BF		 611{
612 struct idr *stateids = &s->sc_client->cl_stateids;
613
614 idr_remove(stateids, s->sc_stateid.si_opaque.so_id);
3abdb607
BF		 615}
616
9857df81
BH		 617static void nfs4_free_stid(struct kmem_cache *slab, struct nfs4_stid *s)
618{
619 kmem_cache_free(slab, s);
620}
621
1da177e4
LT		 622void
623nfs4_put_delegation(struct nfs4_delegation *dp)
624{
72c0b0fb 625 if (atomic_dec_and_test(&dp->dl_stid.sc_count)) {
f8338834
TM		 626 if (dp->dl_file)
627 put_nfs4_file(dp->dl_file);
b0fc29d6 628 remove_stid(&dp->dl_stid);
9857df81 629 nfs4_free_stid(deleg_slab, &dp->dl_stid);
ef0f3390 630 num_delegations--;
1da177e4
LT		 631 }
632}
633
acfdf5c3 634static void nfs4_put_deleg_lease(struct nfs4_file *fp)
1da177e4 635{
417c6629
JL		 636 lockdep_assert_held(&state_lock);
637
cbf7a75b
BF		 638 if (!fp->fi_lease)
639 return;
acfdf5c3
BF		 640 if (atomic_dec_and_test(&fp->fi_delegees)) {
641 vfs_setlease(fp->fi_deleg_file, F_UNLCK, &fp->fi_lease);
642 fp->fi_lease = NULL;
4ee63624 643 fput(fp->fi_deleg_file);
acfdf5c3
BF		 644 fp->fi_deleg_file = NULL;
645 }
1da177e4
LT		 646}
647
6136d2b4
BF		 648static void unhash_stid(struct nfs4_stid *s)
649{
3abdb607 650 s->sc_type = 0;
6136d2b4
BF		 651}
652
931ee56c
BH		 653static void
654hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp)
655{
cdc97505 656 lockdep_assert_held(&state_lock);
417c6629 657 lockdep_assert_held(&fp->fi_lock);
931ee56c 658
3fb87d13 659 dp->dl_stid.sc_type = NFS4_DELEG_STID;
931ee56c
BH		 660 list_add(&dp->dl_perfile, &fp->fi_delegations);
661 list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
662}
663
1da177e4 664static void
42690676 665unhash_delegation_locked(struct nfs4_delegation *dp)
1da177e4 666{
02e1215f
JL		 667 struct nfs4_file *fp = dp->dl_file;
668
42690676
JL		 669 lockdep_assert_held(&state_lock);
670
b0fc29d6 671 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID;
d55a166c
JL		 672 /* Ensure that deleg break won't try to requeue it */
673 ++dp->dl_time;
417c6629 674 spin_lock(&fp->fi_lock);
931ee56c 675 list_del_init(&dp->dl_perclnt);
1da177e4 676 list_del_init(&dp->dl_recall_lru);
02e1215f
JL		 677 list_del_init(&dp->dl_perfile);
678 spin_unlock(&fp->fi_lock);
f8338834 679 if (fp)
02e1215f 680 nfs4_put_deleg_lease(fp);
3bd64a5b
BF		 681}
682
3bd64a5b
BF		 683static void destroy_delegation(struct nfs4_delegation *dp)
684{
42690676
JL		 685 spin_lock(&state_lock);
686 unhash_delegation_locked(dp);
687 spin_unlock(&state_lock);
3bd64a5b
BF		 688 nfs4_put_delegation(dp);
689}
690
691static void revoke_delegation(struct nfs4_delegation *dp)
692{
693 struct nfs4_client *clp = dp->dl_stid.sc_client;
694
2d4a532d
JL		 695 WARN_ON(!list_empty(&dp->dl_recall_lru));
696
3bd64a5b 697 if (clp->cl_minorversion == 0)
2d4a532d 698 nfs4_put_delegation(dp);
3bd64a5b 699 else {
3bd64a5b 700 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID;
2d4a532d
JL		 701 spin_lock(&clp->cl_lock);
702 list_add(&dp->dl_recall_lru, &clp->cl_revoked);
703 spin_unlock(&clp->cl_lock);
3bd64a5b
BF		 704 }
705}
706
1da177e4
LT		 707/*
708 * SETCLIENTID state
709 */
710
ddc04c41
BF		 711static unsigned int clientid_hashval(u32 id)
712{
713 return id & CLIENT_HASH_MASK;
714}
715
716static unsigned int clientstr_hashval(const char *name)
717{
718 return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
719}
720
f9d7562f
BF		 721/*
722 * We store the NONE, READ, WRITE, and BOTH bits separately in the
723 * st_{access,deny}_bmap field of the stateid, in order to track not
724 * only what share bits are currently in force, but also what
725 * combinations of share bits previous opens have used. This allows us
726 * to enforce the recommendation of rfc 3530 14.2.19 that the server
727 * return an error if the client attempt to downgrade to a combination
728 * of share bits not explicable by closing some of its previous opens.
729 *
730 * XXX: This enforcement is actually incomplete, since we don't keep
731 * track of access/deny bit combinations; so, e.g., we allow:
732 *
733 * OPEN allow read, deny write
734 * OPEN allow both, deny none
735 * DOWNGRADE allow read, deny none
736 *
737 * which we should reject.
738 */
5ae037e5
JL		 739static unsigned int
740bmap_to_share_mode(unsigned long bmap) {
f9d7562f 741 int i;
5ae037e5 742 unsigned int access = 0;
f9d7562f 743
f9d7562f
BF		 744 for (i = 1; i < 4; i++) {
745 if (test_bit(i, &bmap))
5ae037e5 746 access |= i;
f9d7562f 747 }
5ae037e5 748 return access;
f9d7562f
BF		 749}
750
82c5ff1b
JL		 751/* set share access for a given stateid */
752static inline void
753set_access(u32 access, struct nfs4_ol_stateid *stp)
754{
c11c591f
JL		 755 unsigned char mask = 1 << access;
756
757 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
758 stp->st_access_bmap |= mask;
82c5ff1b
JL		 759}
760
761/* clear share access for a given stateid */
762static inline void
763clear_access(u32 access, struct nfs4_ol_stateid *stp)
764{
c11c591f
JL		 765 unsigned char mask = 1 << access;
766
767 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
768 stp->st_access_bmap &= ~mask;
82c5ff1b
JL		 769}
770
771/* test whether a given stateid has access */
772static inline bool
773test_access(u32 access, struct nfs4_ol_stateid *stp)
774{
c11c591f
JL		 775 unsigned char mask = 1 << access;
776
777 return (bool)(stp->st_access_bmap & mask);
82c5ff1b
JL		 778}
779
ce0fc43c
JL		 780/* set share deny for a given stateid */
781static inline void
c11c591f 782set_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 783{
c11c591f
JL		 784 unsigned char mask = 1 << deny;
785
786 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
787 stp->st_deny_bmap |= mask;
ce0fc43c
JL		 788}
789
790/* clear share deny for a given stateid */
791static inline void
c11c591f 792clear_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 793{
c11c591f
JL		 794 unsigned char mask = 1 << deny;
795
796 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
797 stp->st_deny_bmap &= ~mask;
ce0fc43c
JL		 798}
799
800/* test whether a given stateid is denying specific access */
801static inline bool
c11c591f 802test_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 803{
c11c591f
JL		 804 unsigned char mask = 1 << deny;
805
806 return (bool)(stp->st_deny_bmap & mask);
f9d7562f
BF		 807}
808
809static int nfs4_access_to_omode(u32 access)
810{
8f34a430 811 switch (access & NFS4_SHARE_ACCESS_BOTH) {
f9d7562f
BF		 812 case NFS4_SHARE_ACCESS_READ:
813 return O_RDONLY;
814 case NFS4_SHARE_ACCESS_WRITE:
815 return O_WRONLY;
816 case NFS4_SHARE_ACCESS_BOTH:
817 return O_RDWR;
818 }
063b0fb9
BF		 819 WARN_ON_ONCE(1);
820 return O_RDONLY;
f9d7562f
BF		 821}
822
baeb4ff0
JL		 823/*
824 * A stateid that had a deny mode associated with it is being released
825 * or downgraded. Recalculate the deny mode on the file.
826 */
827static void
828recalculate_deny_mode(struct nfs4_file *fp)
829{
830 struct nfs4_ol_stateid *stp;
831
832 spin_lock(&fp->fi_lock);
833 fp->fi_share_deny = 0;
834 list_for_each_entry(stp, &fp->fi_stateids, st_perfile)
835 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap);
836 spin_unlock(&fp->fi_lock);
837}
838
839static void
840reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp)
841{
842 int i;
843 bool change = false;
844
845 for (i = 1; i < 4; i++) {
846 if ((i & deny) != i) {
847 change = true;
848 clear_deny(i, stp);
849 }
850 }
851
852 /* Recalculate per-file deny mode if there was a change */
853 if (change)
854 recalculate_deny_mode(stp->st_file);
855}
856
82c5ff1b
JL		 857/* release all access and file references for a given stateid */
858static void
859release_all_access(struct nfs4_ol_stateid *stp)
860{
861 int i;
baeb4ff0
JL		 862 struct nfs4_file *fp = stp->st_file;
863
864 if (fp && stp->st_deny_bmap != 0)
865 recalculate_deny_mode(fp);
82c5ff1b
JL		 866
867 for (i = 1; i < 4; i++) {
868 if (test_access(i, stp))
12659651 869 nfs4_file_put_access(stp->st_file, i);
82c5ff1b
JL		 870 clear_access(i, stp);
871 }
872}
873
dcef0413 874static void unhash_generic_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 875{
1d31a253
TM		 876 struct nfs4_file *fp = stp->st_file;
877
878 spin_lock(&fp->fi_lock);
529d7b2a 879 list_del(&stp->st_perfile);
1d31a253 880 spin_unlock(&fp->fi_lock);
529d7b2a
BF		 881 list_del(&stp->st_perstateowner);
882}
883
dcef0413 884static void close_generic_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 885{
82c5ff1b 886 release_all_access(stp);
4665e2ba
BF		 887}
888
dcef0413 889static void free_generic_stateid(struct nfs4_ol_stateid *stp)
4665e2ba 890{
f8338834
TM		 891 if (stp->st_file)
892 put_nfs4_file(stp->st_file);
68a33961 893 remove_stid(&stp->st_stid);
9857df81 894 nfs4_free_stid(stateid_slab, &stp->st_stid);
529d7b2a
BF		 895}
896
3c87b9b7 897static void __release_lock_stateid(struct nfs4_ol_stateid *stp)
529d7b2a
BF		 898{
899 struct file *file;
900
3c87b9b7 901 list_del(&stp->st_locks);
529d7b2a 902 unhash_generic_stateid(stp);
6136d2b4 903 unhash_stid(&stp->st_stid);
529d7b2a 904 file = find_any_file(stp->st_file);
e20fcf1e
TM		 905 if (file)
906 filp_close(file, (fl_owner_t)lockowner(stp->st_stateowner));
38c387b5 907 close_generic_stateid(stp);
529d7b2a
BF		 908 free_generic_stateid(stp);
909}
910
fe0750e5 911static void unhash_lockowner(struct nfs4_lockowner *lo)
529d7b2a 912{
dcef0413 913 struct nfs4_ol_stateid *stp;
529d7b2a 914
fe0750e5 915 list_del(&lo->lo_owner.so_strhash);
fe0750e5
BF		 916 while (!list_empty(&lo->lo_owner.so_stateids)) {
917 stp = list_first_entry(&lo->lo_owner.so_stateids,
dcef0413 918 struct nfs4_ol_stateid, st_perstateowner);
3c87b9b7 919 __release_lock_stateid(stp);
529d7b2a
BF		 920 }
921}
922
50cc6231
TM		 923static void nfs4_free_lockowner(struct nfs4_lockowner *lo)
924{
925 kfree(lo->lo_owner.so_owner.data);
926 kmem_cache_free(lockowner_slab, lo);
927}
928
fe0750e5 929static void release_lockowner(struct nfs4_lockowner *lo)
529d7b2a 930{
fe0750e5
BF		 931 unhash_lockowner(lo);
932 nfs4_free_lockowner(lo);
529d7b2a
BF		 933}
934
3c87b9b7
TM		 935static void release_lockowner_if_empty(struct nfs4_lockowner *lo)
936{
937 if (list_empty(&lo->lo_owner.so_stateids))
938 release_lockowner(lo);
939}
940
941static void release_lock_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 942{
fe0750e5 943 struct nfs4_lockowner *lo;
529d7b2a 944
3c87b9b7
TM		 945 lo = lockowner(stp->st_stateowner);
946 __release_lock_stateid(stp);
947 release_lockowner_if_empty(lo);
948}
949
950static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp)
951{
952 struct nfs4_ol_stateid *stp;
953
954 while (!list_empty(&open_stp->st_locks)) {
955 stp = list_entry(open_stp->st_locks.next,
956 struct nfs4_ol_stateid, st_locks);
957 release_lock_stateid(stp);
529d7b2a
BF		 958 }
959}
960
38c387b5 961static void unhash_open_stateid(struct nfs4_ol_stateid *stp)
2283963f
BF		 962{
963 unhash_generic_stateid(stp);
3c87b9b7 964 release_open_stateid_locks(stp);
38c387b5
BF		 965 close_generic_stateid(stp);
966}
967
968static void release_open_stateid(struct nfs4_ol_stateid *stp)
969{
970 unhash_open_stateid(stp);
2283963f
BF		 971 free_generic_stateid(stp);
972}
973
fe0750e5 974static void unhash_openowner(struct nfs4_openowner *oo)
f1d110ca 975{
dcef0413 976 struct nfs4_ol_stateid *stp;
f1d110ca 977
fe0750e5
BF		 978 list_del(&oo->oo_owner.so_strhash);
979 list_del(&oo->oo_perclient);
980 while (!list_empty(&oo->oo_owner.so_stateids)) {
981 stp = list_first_entry(&oo->oo_owner.so_stateids,
dcef0413 982 struct nfs4_ol_stateid, st_perstateowner);
f044ff83 983 release_open_stateid(stp);
f1d110ca
BF		 984 }
985}
986
f7a4d872
BF		 987static void release_last_closed_stateid(struct nfs4_openowner *oo)
988{
989 struct nfs4_ol_stateid *s = oo->oo_last_closed_stid;
990
991 if (s) {
f7a4d872
BF		 992 free_generic_stateid(s);
993 oo->oo_last_closed_stid = NULL;
994 }
995}
996
50cc6231
TM		 997static void nfs4_free_openowner(struct nfs4_openowner *oo)
998{
999 kfree(oo->oo_owner.so_owner.data);
1000 kmem_cache_free(openowner_slab, oo);
1001}
1002
fe0750e5 1003static void release_openowner(struct nfs4_openowner *oo)
f1d110ca 1004{
fe0750e5
BF		 1005 unhash_openowner(oo);
1006 list_del(&oo->oo_close_lru);
f7a4d872 1007 release_last_closed_stateid(oo);
fe0750e5 1008 nfs4_free_openowner(oo);
f1d110ca
BF		 1009}
1010
5282fd72
ME		 1011static inline int
1012hash_sessionid(struct nfs4_sessionid *sessionid)
1013{
1014 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
1015
1016 return sid->sequence % SESSION_HASH_SIZE;
1017}
1018
8f199b82 1019#ifdef NFSD_DEBUG
5282fd72
ME		 1020static inline void
1021dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1022{
1023 u32 *ptr = (u32 *)(&sessionid->data[0]);
1024 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
1025}
8f199b82
TM		 1026#else
1027static inline void
1028dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1029{
1030}
1031#endif
1032
9411b1d4
BF		 1033/*
1034 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it
1035 * won't be used for replay.
1036 */
1037void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr)
1038{
1039 struct nfs4_stateowner *so = cstate->replay_owner;
1040
1041 if (nfserr == nfserr_replay_me)
1042 return;
1043
1044 if (!seqid_mutating_err(ntohl(nfserr))) {
1045 cstate->replay_owner = NULL;
1046 return;
1047 }
1048 if (!so)
1049 return;
1050 if (so->so_is_open_owner)
1051 release_last_closed_stateid(openowner(so));
1052 so->so_seqid++;
1053 return;
1054}
5282fd72 1055
ec6b5d7b
AA		 1056static void
1057gen_sessionid(struct nfsd4_session *ses)
1058{
1059 struct nfs4_client *clp = ses->se_client;
1060 struct nfsd4_sessionid *sid;
1061
1062 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
1063 sid->clientid = clp->cl_clientid;
1064 sid->sequence = current_sessionid++;
1065 sid->reserved = 0;
1066}
1067
1068/*
a649637c
AA		 1069 * The protocol defines ca_maxresponssize_cached to include the size of
1070 * the rpc header, but all we need to cache is the data starting after
1071 * the end of the initial SEQUENCE operation--the rest we regenerate
1072 * each time. Therefore we can advertise a ca_maxresponssize_cached
1073 * value that is the number of bytes in our cache plus a few additional
1074 * bytes. In order to stay on the safe side, and not promise more than
1075 * we can cache, those additional bytes must be the minimum possible: 24
1076 * bytes of rpc header (xid through accept state, with AUTH_NULL
1077 * verifier), 12 for the compound header (with zero-length tag), and 44
1078 * for the SEQUENCE op response:
1079 */
1080#define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44)
1081
557ce264
AA		 1082static void
1083free_session_slots(struct nfsd4_session *ses)
1084{
1085 int i;
1086
1087 for (i = 0; i < ses->se_fchannel.maxreqs; i++)
1088 kfree(ses->se_slots[i]);
1089}
1090
a649637c 1091/*
efe0cb6d
BF		 1092 * We don't actually need to cache the rpc and session headers, so we
1093 * can allocate a little less for each slot:
1094 */
55c760cf 1095static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca)
efe0cb6d 1096{
55c760cf 1097 u32 size;
efe0cb6d 1098
55c760cf
BF		 1099 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ)
1100 size = 0;
1101 else
1102 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
1103 return size + sizeof(struct nfsd4_slot);
5b6feee9 1104}
ec6b5d7b 1105
5b6feee9
BF		 1106/*
1107 * XXX: If we run out of reserved DRC memory we could (up to a point)
a649637c 1108 * re-negotiate active sessions and reduce their slot usage to make
42b2aa86 1109 * room for new connections. For now we just fail the create session.
ec6b5d7b 1110 */
55c760cf 1111static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca)
ec6b5d7b 1112{
55c760cf
BF		 1113 u32 slotsize = slot_bytes(ca);
1114 u32 num = ca->maxreqs;
5b6feee9 1115 int avail;
ec6b5d7b 1116
5b6feee9 1117 spin_lock(&nfsd_drc_lock);
697ce9be
ZY		 1118 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION,
1119 nfsd_drc_max_mem - nfsd_drc_mem_used);
5b6feee9
BF		 1120 num = min_t(int, num, avail / slotsize);
1121 nfsd_drc_mem_used += num * slotsize;
1122 spin_unlock(&nfsd_drc_lock);
ec6b5d7b 1123
5b6feee9
BF		 1124 return num;
1125}
ec6b5d7b 1126
55c760cf 1127static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca)
5b6feee9 1128{
55c760cf
BF		 1129 int slotsize = slot_bytes(ca);
1130
4bd9b0f4 1131 spin_lock(&nfsd_drc_lock);
55c760cf 1132 nfsd_drc_mem_used -= slotsize * ca->maxreqs;
4bd9b0f4 1133 spin_unlock(&nfsd_drc_lock);
5b6feee9 1134}
ec6b5d7b 1135
60810e54
KM		 1136static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs,
1137 struct nfsd4_channel_attrs *battrs)
5b6feee9 1138{
60810e54
KM		 1139 int numslots = fattrs->maxreqs;
1140 int slotsize = slot_bytes(fattrs);
5b6feee9
BF		 1141 struct nfsd4_session *new;
1142 int mem, i;
a649637c 1143
5b6feee9
BF		 1144 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
1145 + sizeof(struct nfsd4_session) > PAGE_SIZE);
1146 mem = numslots * sizeof(struct nfsd4_slot *);
ec6b5d7b 1147
5b6feee9
BF		 1148 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
1149 if (!new)
1150 return NULL;
557ce264 1151 /* allocate each struct nfsd4_slot and data cache in one piece */
5b6feee9 1152 for (i = 0; i < numslots; i++) {
55c760cf 1153 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL);
5b6feee9 1154 if (!new->se_slots[i])
557ce264 1155 goto out_free;
557ce264 1156 }
60810e54
KM		 1157
1158 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs));
1159 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs));
1160
5b6feee9
BF		 1161 return new;
1162out_free:
1163 while (i--)
1164 kfree(new->se_slots[i]);
1165 kfree(new);
1166 return NULL;
ec6b5d7b
AA		 1167}
1168
19cf5c02
BF		 1169static void free_conn(struct nfsd4_conn *c)
1170{
1171 svc_xprt_put(c->cn_xprt);
1172 kfree(c);
1173}
ec6b5d7b 1174
19cf5c02
BF		 1175static void nfsd4_conn_lost(struct svc_xpt_user *u)
1176{
1177 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
1178 struct nfs4_client *clp = c->cn_session->se_client;
ec6b5d7b 1179
19cf5c02
BF		 1180 spin_lock(&clp->cl_lock);
1181 if (!list_empty(&c->cn_persession)) {
1182 list_del(&c->cn_persession);
1183 free_conn(c);
1184 }
eea49806 1185 nfsd4_probe_callback(clp);
2e4b7239 1186 spin_unlock(&clp->cl_lock);
19cf5c02 1187}
ec6b5d7b 1188
d29c374c 1189static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
c7662518 1190{
c7662518 1191 struct nfsd4_conn *conn;
ec6b5d7b 1192
c7662518
BF		 1193 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
1194 if (!conn)
db90681d 1195 return NULL;
c7662518
BF		 1196 svc_xprt_get(rqstp->rq_xprt);
1197 conn->cn_xprt = rqstp->rq_xprt;
d29c374c 1198 conn->cn_flags = flags;
db90681d
BF		 1199 INIT_LIST_HEAD(&conn->cn_xpt_user.list);
1200 return conn;
1201}
a649637c 1202
328ead28
BF		 1203static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1204{
1205 conn->cn_session = ses;
1206 list_add(&conn->cn_persession, &ses->se_conns);
ec6b5d7b
AA		 1207}
1208
db90681d 1209static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
557ce264 1210{
db90681d 1211 struct nfs4_client *clp = ses->se_client;
557ce264 1212
c7662518 1213 spin_lock(&clp->cl_lock);
328ead28 1214 __nfsd4_hash_conn(conn, ses);
c7662518 1215 spin_unlock(&clp->cl_lock);
557ce264
AA		 1216}
1217
21b75b01 1218static int nfsd4_register_conn(struct nfsd4_conn *conn)
efe0cb6d 1219{
19cf5c02 1220 conn->cn_xpt_user.callback = nfsd4_conn_lost;
21b75b01 1221 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
efe0cb6d
BF		 1222}
1223
e1ff371f 1224static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
ec6b5d7b 1225{
21b75b01 1226 int ret;
ec6b5d7b 1227
db90681d 1228 nfsd4_hash_conn(conn, ses);
21b75b01
BF		 1229 ret = nfsd4_register_conn(conn);
1230 if (ret)
1231 /* oops; xprt is already down: */
1232 nfsd4_conn_lost(&conn->cn_xpt_user);
57a37144
BF		 1233 /* We may have gained or lost a callback channel: */
1234 nfsd4_probe_callback_sync(ses->se_client);
c7662518 1235}
ec6b5d7b 1236
e1ff371f 1237static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
1d1bc8f2
BF		 1238{
1239 u32 dir = NFS4_CDFC4_FORE;
1240
e1ff371f 1241 if (cses->flags & SESSION4_BACK_CHAN)
1d1bc8f2 1242 dir |= NFS4_CDFC4_BACK;
e1ff371f 1243 return alloc_conn(rqstp, dir);
1d1bc8f2
BF		 1244}
1245
1246/* must be called under client_lock */
19cf5c02 1247static void nfsd4_del_conns(struct nfsd4_session *s)
c7662518 1248{
19cf5c02
BF		 1249 struct nfs4_client *clp = s->se_client;
1250 struct nfsd4_conn *c;
ec6b5d7b 1251
19cf5c02
BF		 1252 spin_lock(&clp->cl_lock);
1253 while (!list_empty(&s->se_conns)) {
1254 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
1255 list_del_init(&c->cn_persession);
1256 spin_unlock(&clp->cl_lock);
557ce264 1257
19cf5c02
BF		 1258 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
1259 free_conn(c);
ec6b5d7b 1260
19cf5c02
BF		 1261 spin_lock(&clp->cl_lock);
1262 }
1263 spin_unlock(&clp->cl_lock);
c7662518 1264}
ec6b5d7b 1265
1377b69e
BF		 1266static void __free_session(struct nfsd4_session *ses)
1267{
1377b69e
BF		 1268 free_session_slots(ses);
1269 kfree(ses);
1270}
1271
66b2b9b2 1272static void free_session(struct nfsd4_session *ses)
c7662518 1273{
66b2b9b2 1274 struct nfsd_net *nn = net_generic(ses->se_client->net, nfsd_net_id);
c9a49628
SK		 1275
1276 lockdep_assert_held(&nn->client_lock);
19cf5c02 1277 nfsd4_del_conns(ses);
55c760cf 1278 nfsd4_put_drc_mem(&ses->se_fchannel);
1377b69e 1279 __free_session(ses);
c7662518
BF		 1280}
1281
135ae827 1282static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
a827bcb2 1283{
a827bcb2 1284 int idx;
1872de0e 1285 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
a827bcb2 1286
ec6b5d7b
AA		 1287 new->se_client = clp;
1288 gen_sessionid(new);
ec6b5d7b 1289
c7662518
BF		 1290 INIT_LIST_HEAD(&new->se_conns);
1291
ac7c46f2 1292 new->se_cb_seq_nr = 1;
ec6b5d7b 1293 new->se_flags = cses->flags;
8b5ce5cd 1294 new->se_cb_prog = cses->callback_prog;
c6bb3ca2 1295 new->se_cb_sec = cses->cb_sec;
66b2b9b2 1296 atomic_set(&new->se_ref, 0);
5b6feee9 1297 idx = hash_sessionid(&new->se_sessionid);
c9a49628 1298 spin_lock(&nn->client_lock);
1872de0e 1299 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]);
4c649378 1300 spin_lock(&clp->cl_lock);
ec6b5d7b 1301 list_add(&new->se_perclnt, &clp->cl_sessions);
4c649378 1302 spin_unlock(&clp->cl_lock);
c9a49628 1303 spin_unlock(&nn->client_lock);
60810e54 1304
dcbeaa68 1305 if (cses->flags & SESSION4_BACK_CHAN) {
edd76786 1306 struct sockaddr *sa = svc_addr(rqstp);
dcbeaa68
BF		 1307 /*
1308 * This is a little silly; with sessions there's no real
1309 * use for the callback address. Use the peer address
1310 * as a reasonable default for now, but consider fixing
1311 * the rpc client not to require an address in the
1312 * future:
1313 */
edd76786
BF		 1314 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
1315 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
edd76786 1316 }
ec6b5d7b
AA		 1317}
1318
9089f1b4 1319/* caller must hold client_lock */
5282fd72 1320static struct nfsd4_session *
d4e19e70 1321__find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net)
5282fd72
ME		 1322{
1323 struct nfsd4_session *elem;
1324 int idx;
1872de0e 1325 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5282fd72
ME		 1326
1327 dump_sessionid(__func__, sessionid);
1328 idx = hash_sessionid(sessionid);
5282fd72 1329 /* Search in the appropriate list */
1872de0e 1330 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) {
5282fd72
ME		 1331 if (!memcmp(elem->se_sessionid.data, sessionid->data,
1332 NFS4_MAX_SESSIONID_LEN)) {
1333 return elem;
1334 }
1335 }
1336
1337 dprintk("%s: session not found\n", __func__);
1338 return NULL;
1339}
1340
d4e19e70
TM		 1341static struct nfsd4_session *
1342find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net,
1343 __be32 *ret)
1344{
1345 struct nfsd4_session *session;
1346 __be32 status = nfserr_badsession;
1347
1348 session = __find_in_sessionid_hashtbl(sessionid, net);
1349 if (!session)
1350 goto out;
1351 status = nfsd4_get_session_locked(session);
1352 if (status)
1353 session = NULL;
1354out:
1355 *ret = status;
1356 return session;
1357}
1358
9089f1b4 1359/* caller must hold client_lock */
7116ed6b 1360static void
5282fd72 1361unhash_session(struct nfsd4_session *ses)
7116ed6b
AA		 1362{
1363 list_del(&ses->se_hash);
4c649378 1364 spin_lock(&ses->se_client->cl_lock);
7116ed6b 1365 list_del(&ses->se_perclnt);
4c649378 1366 spin_unlock(&ses->se_client->cl_lock);
5282fd72
ME		 1367}
1368
1da177e4
LT		 1369/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1370static int
2c142baa 1371STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1da177e4 1372{
2c142baa 1373 if (clid->cl_boot == nn->boot_time)
1da177e4 1374 return 0;
60adfc50 1375 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
2c142baa 1376 clid->cl_boot, clid->cl_id, nn->boot_time);
1da177e4
LT		 1377 return 1;
1378}
1379
1380/*
1381 * XXX Should we use a slab cache ?
1382 * This type of memory management is somewhat inefficient, but we use it
1383 * anyway since SETCLIENTID is not a common operation.
1384 */
35bba9a3 1385static struct nfs4_client *alloc_client(struct xdr_netobj name)
1da177e4
LT		 1386{
1387 struct nfs4_client *clp;
1388
35bba9a3
BF		 1389 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1390 if (clp == NULL)
1391 return NULL;
67114fe6 1392 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
35bba9a3
BF		 1393 if (clp->cl_name.data == NULL) {
1394 kfree(clp);
1395 return NULL;
1da177e4 1396 }
35bba9a3 1397 clp->cl_name.len = name.len;
5694c93e
TM		 1398 INIT_LIST_HEAD(&clp->cl_sessions);
1399 idr_init(&clp->cl_stateids);
1400 atomic_set(&clp->cl_refcount, 0);
1401 clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1402 INIT_LIST_HEAD(&clp->cl_idhash);
1403 INIT_LIST_HEAD(&clp->cl_openowners);
1404 INIT_LIST_HEAD(&clp->cl_delegations);
1405 INIT_LIST_HEAD(&clp->cl_lru);
1406 INIT_LIST_HEAD(&clp->cl_callbacks);
1407 INIT_LIST_HEAD(&clp->cl_revoked);
1408 spin_lock_init(&clp->cl_lock);
1409 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1da177e4
LT		 1410 return clp;
1411}
1412
4dd86e15 1413static void
1da177e4
LT		 1414free_client(struct nfs4_client *clp)
1415{
bca0ec65 1416 struct nfsd_net __maybe_unused *nn = net_generic(clp->net, nfsd_net_id);
c9a49628
SK		 1417
1418 lockdep_assert_held(&nn->client_lock);
792c95dd
BF		 1419 while (!list_empty(&clp->cl_sessions)) {
1420 struct nfsd4_session *ses;
1421 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1422 se_perclnt);
1423 list_del(&ses->se_perclnt);
66b2b9b2
BF		 1424 WARN_ON_ONCE(atomic_read(&ses->se_ref));
1425 free_session(ses);
792c95dd 1426 }
4cb57e30 1427 rpc_destroy_wait_queue(&clp->cl_cb_waitq);
03a4e1f6 1428 free_svc_cred(&clp->cl_cred);
1da177e4 1429 kfree(clp->cl_name.data);
2d32b29a 1430 idr_destroy(&clp->cl_stateids);
1da177e4
LT		 1431 kfree(clp);
1432}
1433
84d38ac9
BH		 1434/* must be called under the client_lock */
1435static inline void
1436unhash_client_locked(struct nfs4_client *clp)
1437{
792c95dd
BF		 1438 struct nfsd4_session *ses;
1439
84d38ac9 1440 list_del(&clp->cl_lru);
4c649378 1441 spin_lock(&clp->cl_lock);
792c95dd
BF		 1442 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1443 list_del_init(&ses->se_hash);
4c649378 1444 spin_unlock(&clp->cl_lock);
84d38ac9
BH		 1445}
1446
1da177e4 1447static void
0d22f68f 1448destroy_client(struct nfs4_client *clp)
1da177e4 1449{
fe0750e5 1450 struct nfs4_openowner *oo;
1da177e4 1451 struct nfs4_delegation *dp;
1da177e4 1452 struct list_head reaplist;
382a62e7 1453 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 1454
1da177e4 1455 INIT_LIST_HEAD(&reaplist);
cdc97505 1456 spin_lock(&state_lock);
ea1da636
N		 1457 while (!list_empty(&clp->cl_delegations)) {
1458 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
42690676
JL		 1459 unhash_delegation_locked(dp);
1460 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 1461 }
cdc97505 1462 spin_unlock(&state_lock);
1da177e4
LT		 1463 while (!list_empty(&reaplist)) {
1464 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 1465 list_del_init(&dp->dl_recall_lru);
1466 nfs4_put_delegation(dp);
1da177e4 1467 }
2d4a532d 1468 while (!list_empty(&clp->cl_revoked)) {
956c4fee 1469 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
2d4a532d
JL		 1470 list_del_init(&dp->dl_recall_lru);
1471 nfs4_put_delegation(dp);
956c4fee 1472 }
ea1da636 1473 while (!list_empty(&clp->cl_openowners)) {
fe0750e5
BF		 1474 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
1475 release_openowner(oo);
1da177e4 1476 }
6ff8da08 1477 nfsd4_shutdown_callback(clp);
84d38ac9
BH		 1478 if (clp->cl_cb_conn.cb_xprt)
1479 svc_xprt_put(clp->cl_cb_conn.cb_xprt);
36acb66b 1480 list_del(&clp->cl_idhash);
ac55fdc4 1481 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags))
382a62e7 1482 rb_erase(&clp->cl_namenode, &nn->conf_name_tree);
ac55fdc4 1483 else
a99454aa 1484 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
c9a49628 1485 spin_lock(&nn->client_lock);
84d38ac9 1486 unhash_client_locked(clp);
221a6876
BF		 1487 WARN_ON_ONCE(atomic_read(&clp->cl_refcount));
1488 free_client(clp);
c9a49628 1489 spin_unlock(&nn->client_lock);
1da177e4
LT		 1490}
1491
0d22f68f
BF		 1492static void expire_client(struct nfs4_client *clp)
1493{
1494 nfsd4_client_record_remove(clp);
1495 destroy_client(clp);
1496}
1497
35bba9a3
BF		 1498static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1499{
1500 memcpy(target->cl_verifier.data, source->data,
1501 sizeof(target->cl_verifier.data));
1da177e4
LT		 1502}
1503
35bba9a3
BF		 1504static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1505{
1da177e4
LT		 1506 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot;
1507 target->cl_clientid.cl_id = source->cl_clientid.cl_id;
1508}
1509
03a4e1f6 1510static int copy_cred(struct svc_cred *target, struct svc_cred *source)
35bba9a3 1511{
03a4e1f6
BF		 1512 if (source->cr_principal) {
1513 target->cr_principal =
1514 kstrdup(source->cr_principal, GFP_KERNEL);
1515 if (target->cr_principal == NULL)
1516 return -ENOMEM;
1517 } else
1518 target->cr_principal = NULL;
d5497fc6 1519 target->cr_flavor = source->cr_flavor;
1da177e4
LT		 1520 target->cr_uid = source->cr_uid;
1521 target->cr_gid = source->cr_gid;
1522 target->cr_group_info = source->cr_group_info;
1523 get_group_info(target->cr_group_info);
0dc1531a
BF		 1524 target->cr_gss_mech = source->cr_gss_mech;
1525 if (source->cr_gss_mech)
1526 gss_mech_get(source->cr_gss_mech);
03a4e1f6 1527 return 0;
1da177e4
LT		 1528}
1529
ac55fdc4
JL		 1530static long long
1531compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2)
1532{
1533 long long res;
1534
1535 res = o1->len - o2->len;
1536 if (res)
1537 return res;
1538 return (long long)memcmp(o1->data, o2->data, o1->len);
1539}
1540
35bba9a3 1541static int same_name(const char *n1, const char *n2)
599e0a22 1542{
a55370a3 1543 return 0 == memcmp(n1, n2, HEXDIR_LEN);
1da177e4
LT		 1544}
1545
1546static int
599e0a22
BF		 1547same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
1548{
1549 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1da177e4
LT		 1550}
1551
1552static int
599e0a22
BF		 1553same_clid(clientid_t *cl1, clientid_t *cl2)
1554{
1555 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1da177e4
LT		 1556}
1557
8fbba96e
BF		 1558static bool groups_equal(struct group_info *g1, struct group_info *g2)
1559{
1560 int i;
1561
1562 if (g1->ngroups != g2->ngroups)
1563 return false;
1564 for (i=0; i<g1->ngroups; i++)
6fab8779 1565 if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i)))
8fbba96e
BF		 1566 return false;
1567 return true;
1568}
1569
68eb3508
BF		 1570/*
1571 * RFC 3530 language requires clid_inuse be returned when the
1572 * "principal" associated with a requests differs from that previously
1573 * used. We use uid, gid's, and gss principal string as our best
1574 * approximation. We also don't want to allow non-gss use of a client
1575 * established using gss: in theory cr_principal should catch that
1576 * change, but in practice cr_principal can be null even in the gss case
1577 * since gssd doesn't always pass down a principal string.
1578 */
1579static bool is_gss_cred(struct svc_cred *cr)
1580{
1581 /* Is cr_flavor one of the gss "pseudoflavors"?: */
1582 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
1583}
1584
1585
5559b50a 1586static bool
599e0a22
BF		 1587same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
1588{
68eb3508 1589 if ((is_gss_cred(cr1) != is_gss_cred(cr2))
6fab8779
EB		 1590 || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
1591 || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
8fbba96e
BF		 1592 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1593 return false;
1594 if (cr1->cr_principal == cr2->cr_principal)
1595 return true;
1596 if (!cr1->cr_principal || !cr2->cr_principal)
1597 return false;
5559b50a 1598 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1da177e4
LT		 1599}
1600
57266a6e
BF		 1601static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp)
1602{
1603 struct svc_cred *cr = &rqstp->rq_cred;
1604 u32 service;
1605
c4720591
BF		 1606 if (!cr->cr_gss_mech)
1607 return false;
57266a6e
BF		 1608 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor);
1609 return service == RPC_GSS_SVC_INTEGRITY ||
1610 service == RPC_GSS_SVC_PRIVACY;
1611}
1612
1613static bool mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp)
1614{
1615 struct svc_cred *cr = &rqstp->rq_cred;
1616
1617 if (!cl->cl_mach_cred)
1618 return true;
1619 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech)
1620 return false;
1621 if (!svc_rqst_integrity_protected(rqstp))
1622 return false;
1623 if (!cr->cr_principal)
1624 return false;
1625 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal);
1626}
1627
c212cecf 1628static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn)
5ec7b46c
BF		 1629{
1630 static u32 current_clientid = 1;
1631
2c142baa 1632 clp->cl_clientid.cl_boot = nn->boot_time;
1da177e4
LT		 1633 clp->cl_clientid.cl_id = current_clientid++;
1634}
1635
deda2faa
BF		 1636static void gen_confirm(struct nfs4_client *clp)
1637{
ab4684d1 1638 __be32 verf[2];
deda2faa 1639 static u32 i;
1da177e4 1640
f419992c
JL		 1641 /*
1642 * This is opaque to client, so no need to byte-swap. Use
1643 * __force to keep sparse happy
1644 */
1645 verf[0] = (__force __be32)get_seconds();
1646 verf[1] = (__force __be32)i++;
ab4684d1 1647 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1da177e4
LT		 1648}
1649
38c2f4b1 1650static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t)
4581d140 1651{
3abdb607
BF		 1652 struct nfs4_stid *ret;
1653
1654 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id);
1655 if (!ret || !ret->sc_type)
1656 return NULL;
1657 return ret;
4d71ab87
BF		 1658}
1659
38c2f4b1 1660static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
f459e453
BF		 1661{
1662 struct nfs4_stid *s;
4d71ab87 1663
38c2f4b1 1664 s = find_stateid(cl, t);
4d71ab87
BF		 1665 if (!s)
1666 return NULL;
f459e453 1667 if (typemask & s->sc_type)
4581d140 1668 return s;
4581d140
BF		 1669 return NULL;
1670}
1671
2216d449 1672static struct nfs4_client *create_client(struct xdr_netobj name,
b09333c4
RL		 1673 struct svc_rqst *rqstp, nfs4_verifier *verf)
1674{
1675 struct nfs4_client *clp;
1676 struct sockaddr *sa = svc_addr(rqstp);
03a4e1f6 1677 int ret;
c212cecf 1678 struct net *net = SVC_NET(rqstp);
c9a49628 1679 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b09333c4
RL		 1680
1681 clp = alloc_client(name);
1682 if (clp == NULL)
1683 return NULL;
1684
03a4e1f6
BF		 1685 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
1686 if (ret) {
c9a49628 1687 spin_lock(&nn->client_lock);
03a4e1f6 1688 free_client(clp);
c9a49628 1689 spin_unlock(&nn->client_lock);
03a4e1f6 1690 return NULL;
b09333c4 1691 }
02e1215f 1692 INIT_WORK(&clp->cl_cb_null.cb_work, nfsd4_run_cb_null);
07cd4909 1693 clp->cl_time = get_seconds();
b09333c4 1694 clear_bit(0, &clp->cl_cb_slot_busy);
b09333c4
RL		 1695 copy_verf(clp, verf);
1696 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
b09333c4 1697 gen_confirm(clp);
edd76786 1698 clp->cl_cb_session = NULL;
c212cecf 1699 clp->net = net;
b09333c4
RL		 1700 return clp;
1701}
1702
fd39ca9a 1703static void
ac55fdc4
JL		 1704add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root)
1705{
1706 struct rb_node **new = &(root->rb_node), *parent = NULL;
1707 struct nfs4_client *clp;
1708
1709 while (*new) {
1710 clp = rb_entry(*new, struct nfs4_client, cl_namenode);
1711 parent = *new;
1712
1713 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0)
1714 new = &((*new)->rb_left);
1715 else
1716 new = &((*new)->rb_right);
1717 }
1718
1719 rb_link_node(&new_clp->cl_namenode, parent, new);
1720 rb_insert_color(&new_clp->cl_namenode, root);
1721}
1722
1723static struct nfs4_client *
1724find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root)
1725{
1726 long long cmp;
1727 struct rb_node *node = root->rb_node;
1728 struct nfs4_client *clp;
1729
1730 while (node) {
1731 clp = rb_entry(node, struct nfs4_client, cl_namenode);
1732 cmp = compare_blob(&clp->cl_name, name);
1733 if (cmp > 0)
1734 node = node->rb_left;
1735 else if (cmp < 0)
1736 node = node->rb_right;
1737 else
1738 return clp;
1739 }
1740 return NULL;
1741}
1742
1743static void
1744add_to_unconfirmed(struct nfs4_client *clp)
1da177e4
LT		 1745{
1746 unsigned int idhashval;
0a7ec377 1747 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 1748
ac55fdc4 1749 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
a99454aa 1750 add_clp_to_name_tree(clp, &nn->unconf_name_tree);
1da177e4 1751 idhashval = clientid_hashval(clp->cl_clientid.cl_id);
0a7ec377 1752 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]);
36acb66b 1753 renew_client(clp);
1da177e4
LT		 1754}
1755
fd39ca9a 1756static void
1da177e4
LT		 1757move_to_confirmed(struct nfs4_client *clp)
1758{
1759 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
8daae4dc 1760 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4
LT		 1761
1762 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
8daae4dc 1763 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]);
a99454aa 1764 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
382a62e7 1765 add_clp_to_name_tree(clp, &nn->conf_name_tree);
ac55fdc4 1766 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
1da177e4
LT		 1767 renew_client(clp);
1768}
1769
1770static struct nfs4_client *
bfa85e83 1771find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions)
1da177e4
LT		 1772{
1773 struct nfs4_client *clp;
1774 unsigned int idhashval = clientid_hashval(clid->cl_id);
1775
bfa85e83 1776 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) {
a50d2ad1 1777 if (same_clid(&clp->cl_clientid, clid)) {
d15c077e
BF		 1778 if ((bool)clp->cl_minorversion != sessions)
1779 return NULL;
a50d2ad1 1780 renew_client(clp);
1da177e4 1781 return clp;
a50d2ad1 1782 }
1da177e4
LT		 1783 }
1784 return NULL;
1785}
1786
bfa85e83
BF		 1787static struct nfs4_client *
1788find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1789{
1790 struct list_head *tbl = nn->conf_id_hashtbl;
1791
1792 return find_client_in_id_table(tbl, clid, sessions);
1793}
1794
1da177e4 1795static struct nfs4_client *
0a7ec377 1796find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1da177e4 1797{
bfa85e83 1798 struct list_head *tbl = nn->unconf_id_hashtbl;
1da177e4 1799
bfa85e83 1800 return find_client_in_id_table(tbl, clid, sessions);
1da177e4
LT		 1801}
1802
6e5f15c9 1803static bool clp_used_exchangeid(struct nfs4_client *clp)
a1bcecd2 1804{
6e5f15c9 1805 return clp->cl_exchange_flags != 0;
e203d506 1806}
a1bcecd2 1807
28ce6054 1808static struct nfs4_client *
382a62e7 1809find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 1810{
382a62e7 1811 return find_clp_in_name_tree(name, &nn->conf_name_tree);
28ce6054
N		 1812}
1813
1814static struct nfs4_client *
a99454aa 1815find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 1816{
a99454aa 1817 return find_clp_in_name_tree(name, &nn->unconf_name_tree);
28ce6054
N		 1818}
1819
fd39ca9a 1820static void
6f3d772f 1821gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1da177e4 1822{
07263f1e 1823 struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
6f3d772f
TU		 1824 struct sockaddr *sa = svc_addr(rqstp);
1825 u32 scopeid = rpc_get_scope_id(sa);
7077ecba
JL		 1826 unsigned short expected_family;
1827
1828 /* Currently, we only support tcp and tcp6 for the callback channel */
1829 if (se->se_callback_netid_len == 3 &&
1830 !memcmp(se->se_callback_netid_val, "tcp", 3))
1831 expected_family = AF_INET;
1832 else if (se->se_callback_netid_len == 4 &&
1833 !memcmp(se->se_callback_netid_val, "tcp6", 4))
1834 expected_family = AF_INET6;
1835 else
1da177e4
LT		 1836 goto out_err;
1837
c212cecf 1838 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val,
aa9a4ec7 1839 se->se_callback_addr_len,
07263f1e
BF		 1840 (struct sockaddr *)&conn->cb_addr,
1841 sizeof(conn->cb_addr));
aa9a4ec7 1842
07263f1e 1843 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1da177e4 1844 goto out_err;
aa9a4ec7 1845
07263f1e
BF		 1846 if (conn->cb_addr.ss_family == AF_INET6)
1847 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
fbf4665f 1848
07263f1e
BF		 1849 conn->cb_prog = se->se_callback_prog;
1850 conn->cb_ident = se->se_callback_ident;
849a1cf1 1851 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1da177e4
LT		 1852 return;
1853out_err:
07263f1e
BF		 1854 conn->cb_addr.ss_family = AF_UNSPEC;
1855 conn->cb_addrlen = 0;
849823c5 1856 dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
1da177e4
LT		 1857 "will not receive delegations\n",
1858 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
1859
1da177e4
LT		 1860 return;
1861}
1862
074fe897 1863/*
067e1ace 1864 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size.
074fe897 1865 */
b607664e 1866static void
074fe897 1867nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
074fe897 1868{
f5236013 1869 struct xdr_buf *buf = resp->xdr.buf;
557ce264
AA		 1870 struct nfsd4_slot *slot = resp->cstate.slot;
1871 unsigned int base;
074fe897 1872
557ce264 1873 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 1874
557ce264
AA		 1875 slot->sl_opcnt = resp->opcnt;
1876 slot->sl_status = resp->cstate.status;
074fe897 1877
bf5c43c8 1878 slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
bf864a31 1879 if (nfsd4_not_cached(resp)) {
557ce264 1880 slot->sl_datalen = 0;
bf864a31 1881 return;
074fe897 1882 }
f5236013
BF		 1883 base = resp->cstate.data_offset;
1884 slot->sl_datalen = buf->len - base;
1885 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen))
557ce264
AA		 1886 WARN("%s: sessions DRC could not cache compound\n", __func__);
1887 return;
074fe897
AA		 1888}
1889
1890/*
abfabf8c
AA		 1891 * Encode the replay sequence operation from the slot values.
1892 * If cachethis is FALSE encode the uncached rep error on the next
1893 * operation which sets resp->p and increments resp->opcnt for
1894 * nfs4svc_encode_compoundres.
074fe897 1895 *
074fe897 1896 */
abfabf8c
AA		 1897static __be32
1898nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
1899 struct nfsd4_compoundres *resp)
074fe897 1900{
abfabf8c
AA		 1901 struct nfsd4_op *op;
1902 struct nfsd4_slot *slot = resp->cstate.slot;
bf864a31 1903
abfabf8c
AA		 1904 /* Encode the replayed sequence operation */
1905 op = &args->ops[resp->opcnt - 1];
1906 nfsd4_encode_operation(resp, op);
bf864a31 1907
abfabf8c 1908 /* Return nfserr_retry_uncached_rep in next operation. */
73e79482 1909 if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
abfabf8c
AA		 1910 op = &args->ops[resp->opcnt++];
1911 op->status = nfserr_retry_uncached_rep;
1912 nfsd4_encode_operation(resp, op);
074fe897 1913 }
abfabf8c 1914 return op->status;
074fe897
AA		 1915}
1916
1917/*
557ce264
AA		 1918 * The sequence operation is not cached because we can use the slot and
1919 * session values.
074fe897 1920 */
3ca2eb98 1921static __be32
bf864a31
AA		 1922nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
1923 struct nfsd4_sequence *seq)
074fe897 1924{
557ce264 1925 struct nfsd4_slot *slot = resp->cstate.slot;
f5236013
BF		 1926 struct xdr_stream *xdr = &resp->xdr;
1927 __be32 *p;
074fe897
AA		 1928 __be32 status;
1929
557ce264 1930 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 1931
abfabf8c 1932 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
0da7b19c 1933 if (status)
abfabf8c 1934 return status;
074fe897 1935
f5236013
BF		 1936 p = xdr_reserve_space(xdr, slot->sl_datalen);
1937 if (!p) {
1938 WARN_ON_ONCE(1);
1939 return nfserr_serverfault;
1940 }
1941 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen);
1942 xdr_commit_encode(xdr);
074fe897 1943
557ce264 1944 resp->opcnt = slot->sl_opcnt;
f5236013 1945 return slot->sl_status;
074fe897
AA		 1946}
1947
0733d213
AA		 1948/*
1949 * Set the exchange_id flags returned by the server.
1950 */
1951static void
1952nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
1953{
1954 /* pNFS is not supported */
1955 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
1956
1957 /* Referrals are supported, Migration is not. */
1958 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
1959
1960 /* set the wire flags to return to client. */
1961 clid->flags = new->cl_exchange_flags;
1962}
1963
631fc9ea
BF		 1964static bool client_has_state(struct nfs4_client *clp)
1965{
1966 /*
1967 * Note clp->cl_openowners check isn't quite right: there's no
1968 * need to count owners without stateid's.
1969 *
1970 * Also note we should probably be using this in 4.0 case too.
1971 */
6eccece9
BF		 1972 return !list_empty(&clp->cl_openowners)
1973 || !list_empty(&clp->cl_delegations)
1974 || !list_empty(&clp->cl_sessions);
631fc9ea
BF		 1975}
1976
069b6ad4
AA		 1977__be32
1978nfsd4_exchange_id(struct svc_rqst *rqstp,
1979 struct nfsd4_compound_state *cstate,
1980 struct nfsd4_exchange_id *exid)
1981{
0733d213 1982 struct nfs4_client *unconf, *conf, *new;
57b7b43b 1983 __be32 status;
363168b4 1984 char addr_str[INET6_ADDRSTRLEN];
0733d213 1985 nfs4_verifier verf = exid->verifier;
363168b4 1986 struct sockaddr *sa = svc_addr(rqstp);
83e08fd4 1987 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
c212cecf 1988 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0733d213 1989
363168b4 1990 rpc_ntop(sa, addr_str, sizeof(addr_str));
0733d213 1991 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
363168b4 1992 "ip_addr=%s flags %x, spa_how %d\n",
0733d213 1993 __func__, rqstp, exid, exid->clname.len, exid->clname.data,
363168b4 1994 addr_str, exid->flags, exid->spa_how);
0733d213 1995
a084daf5 1996 if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
0733d213
AA		 1997 return nfserr_inval;
1998
0733d213 1999 switch (exid->spa_how) {
57266a6e
BF		 2000 case SP4_MACH_CRED:
2001 if (!svc_rqst_integrity_protected(rqstp))
2002 return nfserr_inval;
0733d213
AA		 2003 case SP4_NONE:
2004 break;
063b0fb9
BF		 2005 default: /* checked by xdr code */
2006 WARN_ON_ONCE(1);
0733d213 2007 case SP4_SSV:
dd30333c 2008 return nfserr_encr_alg_unsupp;
0733d213
AA		 2009 }
2010
2dbb269d 2011 /* Cases below refer to rfc 5661 section 18.35.4: */
0733d213 2012 nfs4_lock_state();
382a62e7 2013 conf = find_confirmed_client_by_name(&exid->clname, nn);
0733d213 2014 if (conf) {
83e08fd4
BF		 2015 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
2016 bool verfs_match = same_verf(&verf, &conf->cl_verifier);
2017
136e658d
BF		 2018 if (update) {
2019 if (!clp_used_exchangeid(conf)) { /* buggy client */
2dbb269d 2020 status = nfserr_inval;
1a308118
BF		 2021 goto out;
2022 }
57266a6e
BF		 2023 if (!mach_creds_match(conf, rqstp)) {
2024 status = nfserr_wrong_cred;
2025 goto out;
2026 }
136e658d 2027 if (!creds_match) { /* case 9 */
ea236d07 2028 status = nfserr_perm;
136e658d
BF		 2029 goto out;
2030 }
2031 if (!verfs_match) { /* case 8 */
0733d213
AA		 2032 status = nfserr_not_same;
2033 goto out;
2034 }
136e658d
BF		 2035 /* case 6 */
2036 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
2037 new = conf;
2038 goto out_copy;
0733d213 2039 }
136e658d 2040 if (!creds_match) { /* case 3 */
631fc9ea
BF		 2041 if (client_has_state(conf)) {
2042 status = nfserr_clid_inuse;
0733d213
AA		 2043 goto out;
2044 }
2045 expire_client(conf);
2046 goto out_new;
2047 }
136e658d 2048 if (verfs_match) { /* case 2 */
0f1ba0ef 2049 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d
BF		 2050 new = conf;
2051 goto out_copy;
2052 }
2053 /* case 5, client reboot */
136e658d 2054 goto out_new;
6ddbbbfe
MS		 2055 }
2056
2dbb269d 2057 if (update) { /* case 7 */
6ddbbbfe
MS		 2058 status = nfserr_noent;
2059 goto out;
0733d213
AA		 2060 }
2061
a99454aa 2062 unconf = find_unconfirmed_client_by_name(&exid->clname, nn);
2dbb269d 2063 if (unconf) /* case 4, possible retry or client restart */
0733d213 2064 expire_client(unconf);
0733d213 2065
2dbb269d 2066 /* case 1 (normal case) */
0733d213 2067out_new:
2216d449 2068 new = create_client(exid->clname, rqstp, &verf);
0733d213 2069 if (new == NULL) {
4731030d 2070 status = nfserr_jukebox;
0733d213
AA		 2071 goto out;
2072 }
4f540e29 2073 new->cl_minorversion = cstate->minorversion;
57266a6e 2074 new->cl_mach_cred = (exid->spa_how == SP4_MACH_CRED);
0733d213 2075
c212cecf 2076 gen_clid(new, nn);
ac55fdc4 2077 add_to_unconfirmed(new);
0733d213
AA		 2078out_copy:
2079 exid->clientid.cl_boot = new->cl_clientid.cl_boot;
2080 exid->clientid.cl_id = new->cl_clientid.cl_id;
2081
778df3f0 2082 exid->seqid = new->cl_cs_slot.sl_seqid + 1;
0733d213
AA		 2083 nfsd4_set_ex_flags(new, exid);
2084
2085 dprintk("nfsd4_exchange_id seqid %d flags %x\n",
49557cc7 2086 new->cl_cs_slot.sl_seqid, new->cl_exchange_flags);
0733d213
AA		 2087 status = nfs_ok;
2088
2089out:
2090 nfs4_unlock_state();
0733d213 2091 return status;
069b6ad4
AA		 2092}
2093
57b7b43b 2094static __be32
88e588d5 2095check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
b85d4c01 2096{
88e588d5
AA		 2097 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
2098 slot_seqid);
b85d4c01
BH		 2099
2100 /* The slot is in use, and no response has been sent. */
88e588d5
AA		 2101 if (slot_inuse) {
2102 if (seqid == slot_seqid)
b85d4c01
BH		 2103 return nfserr_jukebox;
2104 else
2105 return nfserr_seq_misordered;
2106 }
f6d82485 2107 /* Note unsigned 32-bit arithmetic handles wraparound: */
88e588d5 2108 if (likely(seqid == slot_seqid + 1))
b85d4c01 2109 return nfs_ok;
88e588d5 2110 if (seqid == slot_seqid)
b85d4c01 2111 return nfserr_replay_cache;
b85d4c01
BH		 2112 return nfserr_seq_misordered;
2113}
2114
49557cc7
AA		 2115/*
2116 * Cache the create session result into the create session single DRC
2117 * slot cache by saving the xdr structure. sl_seqid has been set.
2118 * Do this for solo or embedded create session operations.
2119 */
2120static void
2121nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
57b7b43b 2122 struct nfsd4_clid_slot *slot, __be32 nfserr)
49557cc7
AA		 2123{
2124 slot->sl_status = nfserr;
2125 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
2126}
2127
2128static __be32
2129nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
2130 struct nfsd4_clid_slot *slot)
2131{
2132 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
2133 return slot->sl_status;
2134}
2135
1b74c25b
MJ		 2136#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
2137 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
2138 1 + /* MIN tag is length with zero, only length */ \
2139 3 + /* version, opcount, opcode */ \
2140 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2141 /* seqid, slotID, slotID, cache */ \
2142 4 ) * sizeof(__be32))
2143
2144#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
2145 2 + /* verifier: AUTH_NULL, length 0 */\
2146 1 + /* status */ \
2147 1 + /* MIN tag is length with zero, only length */ \
2148 3 + /* opcount, opcode, opstatus*/ \
2149 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2150 /* seqid, slotID, slotID, slotID, status */ \
2151 5 ) * sizeof(__be32))
2152
55c760cf 2153static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
1b74c25b 2154{
55c760cf
BF		 2155 u32 maxrpc = nn->nfsd_serv->sv_max_mesg;
2156
373cd409
BF		 2157 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ)
2158 return nfserr_toosmall;
2159 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ)
2160 return nfserr_toosmall;
55c760cf
BF		 2161 ca->headerpadsz = 0;
2162 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc);
2163 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc);
2164 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND);
2165 ca->maxresp_cached = min_t(u32, ca->maxresp_cached,
2166 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ);
2167 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION);
2168 /*
2169 * Note decreasing slot size below client's request may make it
2170 * difficult for client to function correctly, whereas
2171 * decreasing the number of slots will (just?) affect
2172 * performance. When short on memory we therefore prefer to
2173 * decrease number of slots instead of their size. Clients that
2174 * request larger slots than they need will get poor results:
2175 */
2176 ca->maxreqs = nfsd4_get_drc_mem(ca);
2177 if (!ca->maxreqs)
2178 return nfserr_jukebox;
2179
373cd409 2180 return nfs_ok;
1b74c25b
MJ		 2181}
2182
8a891633
KM		 2183#define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
2184 RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32))
2185#define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
2186 RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32))
2187
06b332a5 2188static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
1b74c25b 2189{
06b332a5
BF		 2190 ca->headerpadsz = 0;
2191
2192 /*
2193 * These RPC_MAX_HEADER macros are overkill, especially since we
2194 * don't even do gss on the backchannel yet. But this is still
2195 * less than 1k. Tighten up this estimate in the unlikely event
2196 * it turns out to be a problem for some client:
2197 */
8a891633 2198 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
06b332a5 2199 return nfserr_toosmall;
8a891633 2200 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
06b332a5
BF		 2201 return nfserr_toosmall;
2202 ca->maxresp_cached = 0;
2203 if (ca->maxops < 2)
2204 return nfserr_toosmall;
2205
2206 return nfs_ok;
1b74c25b
MJ		 2207}
2208
b78724b7
BF		 2209static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs)
2210{
2211 switch (cbs->flavor) {
2212 case RPC_AUTH_NULL:
2213 case RPC_AUTH_UNIX:
2214 return nfs_ok;
2215 default:
2216 /*
2217 * GSS case: the spec doesn't allow us to return this
2218 * error. But it also doesn't allow us not to support
2219 * GSS.
2220 * I'd rather this fail hard than return some error the
2221 * client might think it can already handle:
2222 */
2223 return nfserr_encr_alg_unsupp;
2224 }
2225}
2226
069b6ad4
AA		 2227__be32
2228nfsd4_create_session(struct svc_rqst *rqstp,
2229 struct nfsd4_compound_state *cstate,
2230 struct nfsd4_create_session *cr_ses)
2231{
363168b4 2232 struct sockaddr *sa = svc_addr(rqstp);
ec6b5d7b 2233 struct nfs4_client *conf, *unconf;
ac7c46f2 2234 struct nfsd4_session *new;
81f0b2a4 2235 struct nfsd4_conn *conn;
49557cc7 2236 struct nfsd4_clid_slot *cs_slot = NULL;
57b7b43b 2237 __be32 status = 0;
8daae4dc 2238 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
ec6b5d7b 2239
a62573dc
MJ		 2240 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
2241 return nfserr_inval;
b78724b7
BF		 2242 status = nfsd4_check_cb_sec(&cr_ses->cb_sec);
2243 if (status)
2244 return status;
55c760cf 2245 status = check_forechannel_attrs(&cr_ses->fore_channel, nn);
06b332a5
BF		 2246 if (status)
2247 return status;
2248 status = check_backchannel_attrs(&cr_ses->back_channel);
373cd409 2249 if (status)
f403e450 2250 goto out_release_drc_mem;
81f0b2a4 2251 status = nfserr_jukebox;
60810e54 2252 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel);
55c760cf
BF		 2253 if (!new)
2254 goto out_release_drc_mem;
81f0b2a4
BF		 2255 conn = alloc_conn_from_crses(rqstp, cr_ses);
2256 if (!conn)
2257 goto out_free_session;
a62573dc 2258
ec6b5d7b 2259 nfs4_lock_state();
0a7ec377 2260 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn);
8daae4dc 2261 conf = find_confirmed_client(&cr_ses->clientid, true, nn);
78389046 2262 WARN_ON_ONCE(conf && unconf);
ec6b5d7b
AA		 2263
2264 if (conf) {
57266a6e
BF		 2265 status = nfserr_wrong_cred;
2266 if (!mach_creds_match(conf, rqstp))
2267 goto out_free_conn;
49557cc7
AA		 2268 cs_slot = &conf->cl_cs_slot;
2269 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5 2270 if (status == nfserr_replay_cache) {
49557cc7 2271 status = nfsd4_replay_create_session(cr_ses, cs_slot);
81f0b2a4 2272 goto out_free_conn;
49557cc7 2273 } else if (cr_ses->seqid != cs_slot->sl_seqid + 1) {
ec6b5d7b 2274 status = nfserr_seq_misordered;
81f0b2a4 2275 goto out_free_conn;
ec6b5d7b 2276 }
ec6b5d7b 2277 } else if (unconf) {
8f9d3d3b 2278 struct nfs4_client *old;
ec6b5d7b 2279 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
363168b4 2280 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
ec6b5d7b 2281 status = nfserr_clid_inuse;
81f0b2a4 2282 goto out_free_conn;
ec6b5d7b 2283 }
57266a6e
BF		 2284 status = nfserr_wrong_cred;
2285 if (!mach_creds_match(unconf, rqstp))
2286 goto out_free_conn;
49557cc7
AA		 2287 cs_slot = &unconf->cl_cs_slot;
2288 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5
AA		 2289 if (status) {
2290 /* an unconfirmed replay returns misordered */
ec6b5d7b 2291 status = nfserr_seq_misordered;
81f0b2a4 2292 goto out_free_conn;
ec6b5d7b 2293 }
382a62e7 2294 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876
BF		 2295 if (old) {
2296 status = mark_client_expired(old);
2297 if (status)
2298 goto out_free_conn;
8f9d3d3b 2299 expire_client(old);
221a6876 2300 }
8f9d3d3b 2301 move_to_confirmed(unconf);
ec6b5d7b
AA		 2302 conf = unconf;
2303 } else {
2304 status = nfserr_stale_clientid;
81f0b2a4 2305 goto out_free_conn;
ec6b5d7b 2306 }
81f0b2a4 2307 status = nfs_ok;
408b79bc
BF		 2308 /*
2309 * We do not support RDMA or persistent sessions
2310 */
2311 cr_ses->flags &= ~SESSION4_PERSIST;
2312 cr_ses->flags &= ~SESSION4_RDMA;
2313
81f0b2a4
BF		 2314 init_session(rqstp, new, conf, cr_ses);
2315 nfsd4_init_conn(rqstp, conn, new);
2316
ac7c46f2 2317 memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
ec6b5d7b 2318 NFS4_MAX_SESSIONID_LEN);
86c3e16c 2319 cs_slot->sl_seqid++;
49557cc7 2320 cr_ses->seqid = cs_slot->sl_seqid;
ec6b5d7b 2321
49557cc7
AA		 2322 /* cache solo and embedded create sessions under the state lock */
2323 nfsd4_cache_create_session(cr_ses, cs_slot, status);
ec6b5d7b 2324 nfs4_unlock_state();
ec6b5d7b 2325 return status;
81f0b2a4 2326out_free_conn:
266533c6 2327 nfs4_unlock_state();
81f0b2a4
BF		 2328 free_conn(conn);
2329out_free_session:
2330 __free_session(new);
55c760cf
BF		 2331out_release_drc_mem:
2332 nfsd4_put_drc_mem(&cr_ses->fore_channel);
1ca50792 2333 return status;
069b6ad4
AA		 2334}
2335
1d1bc8f2
BF		 2336static __be32 nfsd4_map_bcts_dir(u32 *dir)
2337{
2338 switch (*dir) {
2339 case NFS4_CDFC4_FORE:
2340 case NFS4_CDFC4_BACK:
2341 return nfs_ok;
2342 case NFS4_CDFC4_FORE_OR_BOTH:
2343 case NFS4_CDFC4_BACK_OR_BOTH:
2344 *dir = NFS4_CDFC4_BOTH;
2345 return nfs_ok;
2346 };
2347 return nfserr_inval;
2348}
2349
cb73a9f4
BF		 2350__be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_backchannel_ctl *bc)
2351{
2352 struct nfsd4_session *session = cstate->session;
c9a49628 2353 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
b78724b7 2354 __be32 status;
cb73a9f4 2355
b78724b7
BF		 2356 status = nfsd4_check_cb_sec(&bc->bc_cb_sec);
2357 if (status)
2358 return status;
c9a49628 2359 spin_lock(&nn->client_lock);
cb73a9f4
BF		 2360 session->se_cb_prog = bc->bc_cb_program;
2361 session->se_cb_sec = bc->bc_cb_sec;
c9a49628 2362 spin_unlock(&nn->client_lock);
cb73a9f4
BF		 2363
2364 nfsd4_probe_callback(session->se_client);
2365
2366 return nfs_ok;
2367}
2368
1d1bc8f2
BF		 2369__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
2370 struct nfsd4_compound_state *cstate,
2371 struct nfsd4_bind_conn_to_session *bcts)
2372{
2373 __be32 status;
3ba63671 2374 struct nfsd4_conn *conn;
4f6e6c17 2375 struct nfsd4_session *session;
d4e19e70
TM		 2376 struct net *net = SVC_NET(rqstp);
2377 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1d1bc8f2
BF		 2378
2379 if (!nfsd4_last_compound_op(rqstp))
2380 return nfserr_not_only_op;
4f6e6c17 2381 nfs4_lock_state();
c9a49628 2382 spin_lock(&nn->client_lock);
d4e19e70 2383 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status);
c9a49628 2384 spin_unlock(&nn->client_lock);
4f6e6c17 2385 if (!session)
d4e19e70 2386 goto out_no_session;
57266a6e
BF		 2387 status = nfserr_wrong_cred;
2388 if (!mach_creds_match(session->se_client, rqstp))
2389 goto out;
1d1bc8f2 2390 status = nfsd4_map_bcts_dir(&bcts->dir);
3ba63671 2391 if (status)
4f6e6c17 2392 goto out;
3ba63671 2393 conn = alloc_conn(rqstp, bcts->dir);
4f6e6c17 2394 status = nfserr_jukebox;
3ba63671 2395 if (!conn)
4f6e6c17
BF		 2396 goto out;
2397 nfsd4_init_conn(rqstp, conn, session);
2398 status = nfs_ok;
2399out:
d4e19e70
TM		 2400 nfsd4_put_session(session);
2401out_no_session:
4f6e6c17
BF		 2402 nfs4_unlock_state();
2403 return status;
1d1bc8f2
BF		 2404}
2405
5d4cec2f
BF		 2406static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
2407{
2408 if (!session)
2409 return 0;
2410 return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
2411}
2412
069b6ad4
AA		 2413__be32
2414nfsd4_destroy_session(struct svc_rqst *r,
2415 struct nfsd4_compound_state *cstate,
2416 struct nfsd4_destroy_session *sessionid)
2417{
e10e0cfc 2418 struct nfsd4_session *ses;
abcdff09 2419 __be32 status;
f0f51f5c 2420 int ref_held_by_me = 0;
d4e19e70
TM		 2421 struct net *net = SVC_NET(r);
2422 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
e10e0cfc 2423
abcdff09
BF		 2424 nfs4_lock_state();
2425 status = nfserr_not_only_op;
5d4cec2f 2426 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
57716355 2427 if (!nfsd4_last_compound_op(r))
abcdff09 2428 goto out;
f0f51f5c 2429 ref_held_by_me++;
57716355 2430 }
e10e0cfc 2431 dump_sessionid(__func__, &sessionid->sessionid);
c9a49628 2432 spin_lock(&nn->client_lock);
d4e19e70 2433 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status);
abcdff09
BF		 2434 if (!ses)
2435 goto out_client_lock;
57266a6e
BF		 2436 status = nfserr_wrong_cred;
2437 if (!mach_creds_match(ses->se_client, r))
d4e19e70 2438 goto out_put_session;
f0f51f5c 2439 status = mark_session_dead_locked(ses, 1 + ref_held_by_me);
66b2b9b2 2440 if (status)
f0f51f5c 2441 goto out_put_session;
e10e0cfc 2442 unhash_session(ses);
c9a49628 2443 spin_unlock(&nn->client_lock);
e10e0cfc 2444
84f5f7cc 2445 nfsd4_probe_callback_sync(ses->se_client);
19cf5c02 2446
c9a49628 2447 spin_lock(&nn->client_lock);
e10e0cfc 2448 status = nfs_ok;
f0f51f5c 2449out_put_session:
d4e19e70 2450 nfsd4_put_session_locked(ses);
abcdff09
BF		 2451out_client_lock:
2452 spin_unlock(&nn->client_lock);
e10e0cfc 2453out:
abcdff09 2454 nfs4_unlock_state();
e10e0cfc 2455 return status;
069b6ad4
AA		 2456}
2457
a663bdd8 2458static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
328ead28
BF		 2459{
2460 struct nfsd4_conn *c;
2461
2462 list_for_each_entry(c, &s->se_conns, cn_persession) {
a663bdd8 2463 if (c->cn_xprt == xpt) {
328ead28
BF		 2464 return c;
2465 }
2466 }
2467 return NULL;
2468}
2469
57266a6e 2470static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
328ead28
BF		 2471{
2472 struct nfs4_client *clp = ses->se_client;
a663bdd8 2473 struct nfsd4_conn *c;
57266a6e 2474 __be32 status = nfs_ok;
21b75b01 2475 int ret;
328ead28
BF		 2476
2477 spin_lock(&clp->cl_lock);
a663bdd8 2478 c = __nfsd4_find_conn(new->cn_xprt, ses);
57266a6e
BF		 2479 if (c)
2480 goto out_free;
2481 status = nfserr_conn_not_bound_to_session;
2482 if (clp->cl_mach_cred)
2483 goto out_free;
328ead28
BF		 2484 __nfsd4_hash_conn(new, ses);
2485 spin_unlock(&clp->cl_lock);
21b75b01
BF		 2486 ret = nfsd4_register_conn(new);
2487 if (ret)
2488 /* oops; xprt is already down: */
2489 nfsd4_conn_lost(&new->cn_xpt_user);
57266a6e
BF		 2490 return nfs_ok;
2491out_free:
2492 spin_unlock(&clp->cl_lock);
2493 free_conn(new);
2494 return status;
328ead28
BF		 2495}
2496
868b89c3
MJ		 2497static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
2498{
2499 struct nfsd4_compoundargs *args = rqstp->rq_argp;
2500
2501 return args->opcnt > session->se_fchannel.maxops;
2502}
2503
ae82a8d0
MJ		 2504static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
2505 struct nfsd4_session *session)
2506{
2507 struct xdr_buf *xb = &rqstp->rq_arg;
2508
2509 return xb->len > session->se_fchannel.maxreq_sz;
2510}
2511
069b6ad4 2512__be32
b85d4c01 2513nfsd4_sequence(struct svc_rqst *rqstp,
069b6ad4
AA		 2514 struct nfsd4_compound_state *cstate,
2515 struct nfsd4_sequence *seq)
2516{
f9bb94c4 2517 struct nfsd4_compoundres *resp = rqstp->rq_resp;
47ee5298 2518 struct xdr_stream *xdr = &resp->xdr;
b85d4c01 2519 struct nfsd4_session *session;
221a6876 2520 struct nfs4_client *clp;
b85d4c01 2521 struct nfsd4_slot *slot;
a663bdd8 2522 struct nfsd4_conn *conn;
57b7b43b 2523 __be32 status;
47ee5298 2524 int buflen;
d4e19e70
TM		 2525 struct net *net = SVC_NET(rqstp);
2526 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b85d4c01 2527
f9bb94c4
AA		 2528 if (resp->opcnt != 1)
2529 return nfserr_sequence_pos;
2530
a663bdd8
BF		 2531 /*
2532 * Will be either used or freed by nfsd4_sequence_check_conn
2533 * below.
2534 */
2535 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
2536 if (!conn)
2537 return nfserr_jukebox;
2538
c9a49628 2539 spin_lock(&nn->client_lock);
d4e19e70 2540 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status);
b85d4c01 2541 if (!session)
221a6876
BF		 2542 goto out_no_session;
2543 clp = session->se_client;
b85d4c01 2544
868b89c3
MJ		 2545 status = nfserr_too_many_ops;
2546 if (nfsd4_session_too_many_ops(rqstp, session))
66b2b9b2 2547 goto out_put_session;
868b89c3 2548
ae82a8d0
MJ		 2549 status = nfserr_req_too_big;
2550 if (nfsd4_request_too_big(rqstp, session))
66b2b9b2 2551 goto out_put_session;
ae82a8d0 2552
b85d4c01 2553 status = nfserr_badslot;
6c18ba9f 2554 if (seq->slotid >= session->se_fchannel.maxreqs)
66b2b9b2 2555 goto out_put_session;
b85d4c01 2556
557ce264 2557 slot = session->se_slots[seq->slotid];
b85d4c01
BH		 2558 dprintk("%s: slotid %d\n", __func__, seq->slotid);
2559
a8dfdaeb
AA		 2560 /* We do not negotiate the number of slots yet, so set the
2561 * maxslots to the session maxreqs which is used to encode
2562 * sr_highest_slotid and the sr_target_slot id to maxslots */
2563 seq->maxslots = session->se_fchannel.maxreqs;
2564
73e79482
BF		 2565 status = check_slot_seqid(seq->seqid, slot->sl_seqid,
2566 slot->sl_flags & NFSD4_SLOT_INUSE);
b85d4c01 2567 if (status == nfserr_replay_cache) {
bf5c43c8
BF		 2568 status = nfserr_seq_misordered;
2569 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
66b2b9b2 2570 goto out_put_session;
b85d4c01
BH		 2571 cstate->slot = slot;
2572 cstate->session = session;
4b24ca7d 2573 cstate->clp = clp;
da3846a2 2574 /* Return the cached reply status and set cstate->status
557ce264 2575 * for nfsd4_proc_compound processing */
bf864a31 2576 status = nfsd4_replay_cache_entry(resp, seq);
da3846a2 2577 cstate->status = nfserr_replay_cache;
aaf84eb9 2578 goto out;
b85d4c01
BH		 2579 }
2580 if (status)
66b2b9b2 2581 goto out_put_session;
b85d4c01 2582
57266a6e 2583 status = nfsd4_sequence_check_conn(conn, session);
a663bdd8 2584 conn = NULL;
57266a6e
BF		 2585 if (status)
2586 goto out_put_session;
328ead28 2587
47ee5298
BF		 2588 buflen = (seq->cachethis) ?
2589 session->se_fchannel.maxresp_cached :
2590 session->se_fchannel.maxresp_sz;
2591 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :
2592 nfserr_rep_too_big;
a5cddc88 2593 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))
47ee5298 2594 goto out_put_session;
32aaa62e 2595 svc_reserve(rqstp, buflen);
47ee5298
BF		 2596
2597 status = nfs_ok;
b85d4c01 2598 /* Success! bump slot seqid */
b85d4c01 2599 slot->sl_seqid = seq->seqid;
bf5c43c8 2600 slot->sl_flags |= NFSD4_SLOT_INUSE;
73e79482
BF		 2601 if (seq->cachethis)
2602 slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
bf5c43c8
BF		 2603 else
2604 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
b85d4c01
BH		 2605
2606 cstate->slot = slot;
2607 cstate->session = session;
4b24ca7d 2608 cstate->clp = clp;
b85d4c01 2609
b85d4c01 2610out:
221a6876
BF		 2611 switch (clp->cl_cb_state) {
2612 case NFSD4_CB_DOWN:
2613 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
2614 break;
2615 case NFSD4_CB_FAULT:
2616 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
2617 break;
2618 default:
2619 seq->status_flags = 0;
aaf84eb9 2620 }
3bd64a5b
BF		 2621 if (!list_empty(&clp->cl_revoked))
2622 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED;
221a6876 2623out_no_session:
3f42d2c4
KM		 2624 if (conn)
2625 free_conn(conn);
c9a49628 2626 spin_unlock(&nn->client_lock);
b85d4c01 2627 return status;
66b2b9b2 2628out_put_session:
d4e19e70 2629 nfsd4_put_session_locked(session);
221a6876 2630 goto out_no_session;
069b6ad4
AA		 2631}
2632
b607664e
TM		 2633void
2634nfsd4_sequence_done(struct nfsd4_compoundres *resp)
2635{
2636 struct nfsd4_compound_state *cs = &resp->cstate;
2637
2638 if (nfsd4_has_session(cs)) {
b607664e
TM		 2639 if (cs->status != nfserr_replay_cache) {
2640 nfsd4_store_cache_entry(resp);
2641 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE;
2642 }
d4e19e70 2643 /* Drop session reference that was taken in nfsd4_sequence() */
b607664e 2644 nfsd4_put_session(cs->session);
4b24ca7d
JL		 2645 } else if (cs->clp)
2646 put_client_renew(cs->clp);
b607664e
TM		 2647}
2648
345c2842
MJ		 2649__be32
2650nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
2651{
2652 struct nfs4_client *conf, *unconf, *clp;
57b7b43b 2653 __be32 status = 0;
8daae4dc 2654 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
345c2842
MJ		 2655
2656 nfs4_lock_state();
0a7ec377 2657 unconf = find_unconfirmed_client(&dc->clientid, true, nn);
8daae4dc 2658 conf = find_confirmed_client(&dc->clientid, true, nn);
78389046 2659 WARN_ON_ONCE(conf && unconf);
345c2842
MJ		 2660
2661 if (conf) {
2662 clp = conf;
2663
c0293b01 2664 if (client_has_state(conf)) {
345c2842
MJ		 2665 status = nfserr_clientid_busy;
2666 goto out;
2667 }
2668 } else if (unconf)
2669 clp = unconf;
2670 else {
2671 status = nfserr_stale_clientid;
2672 goto out;
2673 }
57266a6e
BF		 2674 if (!mach_creds_match(clp, rqstp)) {
2675 status = nfserr_wrong_cred;
2676 goto out;
2677 }
345c2842
MJ		 2678 expire_client(clp);
2679out:
2680 nfs4_unlock_state();
345c2842
MJ		 2681 return status;
2682}
2683
4dc6ec00
BF		 2684__be32
2685nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
2686{
57b7b43b 2687 __be32 status = 0;
bcecf1cc 2688
4dc6ec00
BF		 2689 if (rc->rca_one_fs) {
2690 if (!cstate->current_fh.fh_dentry)
2691 return nfserr_nofilehandle;
2692 /*
2693 * We don't take advantage of the rca_one_fs case.
2694 * That's OK, it's optional, we can safely ignore it.
2695 */
2696 return nfs_ok;
2697 }
bcecf1cc 2698
4dc6ec00 2699 nfs4_lock_state();
bcecf1cc 2700 status = nfserr_complete_already;
a52d726b
JL		 2701 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
2702 &cstate->session->se_client->cl_flags))
bcecf1cc
MJ		 2703 goto out;
2704
2705 status = nfserr_stale_clientid;
2706 if (is_client_expired(cstate->session->se_client))
4dc6ec00
BF		 2707 /*
2708 * The following error isn't really legal.
2709 * But we only get here if the client just explicitly
2710 * destroyed the client. Surely it no longer cares what
2711 * error it gets back on an operation for the dead
2712 * client.
2713 */
bcecf1cc
MJ		 2714 goto out;
2715
2716 status = nfs_ok;
2a4317c5 2717 nfsd4_client_record_create(cstate->session->se_client);
bcecf1cc 2718out:
4dc6ec00 2719 nfs4_unlock_state();
bcecf1cc 2720 return status;
4dc6ec00
BF		 2721}
2722
b37ad28b 2723__be32
b591480b
BF		 2724nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
2725 struct nfsd4_setclientid *setclid)
1da177e4 2726{
a084daf5 2727 struct xdr_netobj clname = setclid->se_name;
1da177e4 2728 nfs4_verifier clverifier = setclid->se_verf;
28ce6054 2729 struct nfs4_client *conf, *unconf, *new;
b37ad28b 2730 __be32 status;
c212cecf
SK		 2731 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2732
63db4632 2733 /* Cases below refer to rfc 3530 section 14.2.33: */
1da177e4 2734 nfs4_lock_state();
382a62e7 2735 conf = find_confirmed_client_by_name(&clname, nn);
28ce6054 2736 if (conf) {
63db4632 2737 /* case 0: */
1da177e4 2738 status = nfserr_clid_inuse;
e203d506
BF		 2739 if (clp_used_exchangeid(conf))
2740 goto out;
026722c2 2741 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
363168b4
JL		 2742 char addr_str[INET6_ADDRSTRLEN];
2743 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
2744 sizeof(addr_str));
2745 dprintk("NFSD: setclientid: string in use by client "
2746 "at %s\n", addr_str);
1da177e4
LT		 2747 goto out;
2748 }
1da177e4 2749 }
a99454aa 2750 unconf = find_unconfirmed_client_by_name(&clname, nn);
8f930711
BF		 2751 if (unconf)
2752 expire_client(unconf);
3e772463 2753 status = nfserr_jukebox;
2216d449 2754 new = create_client(clname, rqstp, &clverifier);
8f930711
BF		 2755 if (new == NULL)
2756 goto out;
34b232bb 2757 if (conf && same_verf(&conf->cl_verifier, &clverifier))
63db4632 2758 /* case 1: probable callback update */
1da177e4 2759 copy_clid(new, conf);
34b232bb 2760 else /* case 4 (new client) or cases 2, 3 (client reboot): */
c212cecf 2761 gen_clid(new, nn);
8323c3b2 2762 new->cl_minorversion = 0;
6f3d772f 2763 gen_callback(new, setclid, rqstp);
ac55fdc4 2764 add_to_unconfirmed(new);
1da177e4
LT		 2765 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
2766 setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
2767 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
2768 status = nfs_ok;
2769out:
2770 nfs4_unlock_state();
2771 return status;
2772}
2773
2774
b37ad28b 2775__be32
b591480b
BF		 2776nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
2777 struct nfsd4_compound_state *cstate,
2778 struct nfsd4_setclientid_confirm *setclientid_confirm)
1da177e4 2779{
21ab45a4 2780 struct nfs4_client *conf, *unconf;
1da177e4
LT		 2781 nfs4_verifier confirm = setclientid_confirm->sc_confirm;
2782 clientid_t * clid = &setclientid_confirm->sc_clientid;
b37ad28b 2783 __be32 status;
7f2210fa 2784 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 2785
2c142baa 2786 if (STALE_CLIENTID(clid, nn))
1da177e4 2787 return nfserr_stale_clientid;
1da177e4 2788 nfs4_lock_state();
21ab45a4 2789
8daae4dc 2790 conf = find_confirmed_client(clid, false, nn);
0a7ec377 2791 unconf = find_unconfirmed_client(clid, false, nn);
a186e767 2792 /*
8695b90a
BF		 2793 * We try hard to give out unique clientid's, so if we get an
2794 * attempt to confirm the same clientid with a different cred,
2795 * there's a bug somewhere. Let's charitably assume it's our
2796 * bug.
a186e767 2797 */
8695b90a
BF		 2798 status = nfserr_serverfault;
2799 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
2800 goto out;
2801 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
2802 goto out;
63db4632 2803 /* cases below refer to rfc 3530 section 14.2.34: */
90d700b7
BF		 2804 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
2805 if (conf && !unconf) /* case 2: probable retransmit */
1da177e4 2806 status = nfs_ok;
90d700b7
BF		 2807 else /* case 4: client hasn't noticed we rebooted yet? */
2808 status = nfserr_stale_clientid;
2809 goto out;
2810 }
2811 status = nfs_ok;
2812 if (conf) { /* case 1: callback update */
8695b90a
BF		 2813 nfsd4_change_callback(conf, &unconf->cl_cb_conn);
2814 nfsd4_probe_callback(conf);
2815 expire_client(unconf);
90d700b7 2816 } else { /* case 3: normal case; new or rebooted client */
382a62e7 2817 conf = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876
BF		 2818 if (conf) {
2819 status = mark_client_expired(conf);
2820 if (status)
2821 goto out;
8695b90a 2822 expire_client(conf);
221a6876 2823 }
8695b90a 2824 move_to_confirmed(unconf);
f3d03b92 2825 nfsd4_probe_callback(unconf);
08e8987c 2826 }
1da177e4 2827out:
1da177e4
LT		 2828 nfs4_unlock_state();
2829 return status;
2830}
2831
32513b40
BF		 2832static struct nfs4_file *nfsd4_alloc_file(void)
2833{
2834 return kmem_cache_alloc(file_slab, GFP_KERNEL);
2835}
2836
1da177e4 2837/* OPEN Share state helper functions */
f9c00c3a 2838static void nfsd4_init_file(struct nfs4_file *fp, struct knfsd_fh *fh)
1da177e4 2839{
ca943217 2840 unsigned int hashval = file_hashval(fh);
1da177e4 2841
950e0118
TM		 2842 lockdep_assert_held(&state_lock);
2843
32513b40 2844 atomic_set(&fp->fi_ref, 1);
1d31a253 2845 spin_lock_init(&fp->fi_lock);
32513b40
BF		 2846 INIT_LIST_HEAD(&fp->fi_stateids);
2847 INIT_LIST_HEAD(&fp->fi_delegations);
e2cf80d7 2848 fh_copy_shallow(&fp->fi_fhandle, fh);
32513b40
BF		 2849 fp->fi_had_conflict = false;
2850 fp->fi_lease = NULL;
baeb4ff0 2851 fp->fi_share_deny = 0;
32513b40
BF		 2852 memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
2853 memset(fp->fi_access, 0, sizeof(fp->fi_access));
89876f8c 2854 hlist_add_head(&fp->fi_hash, &file_hashtbl[hashval]);
1da177e4
LT		 2855}
2856
e8ff2a84 2857void
1da177e4
LT		 2858nfsd4_free_slabs(void)
2859{
abf1135b
CH		 2860 kmem_cache_destroy(openowner_slab);
2861 kmem_cache_destroy(lockowner_slab);
2862 kmem_cache_destroy(file_slab);
2863 kmem_cache_destroy(stateid_slab);
2864 kmem_cache_destroy(deleg_slab);
e60d4398 2865}
1da177e4 2866
72083396 2867int
e60d4398
N		 2868nfsd4_init_slabs(void)
2869{
fe0750e5
BF		 2870 openowner_slab = kmem_cache_create("nfsd4_openowners",
2871 sizeof(struct nfs4_openowner), 0, 0, NULL);
2872 if (openowner_slab == NULL)
abf1135b 2873 goto out;
fe0750e5 2874 lockowner_slab = kmem_cache_create("nfsd4_lockowners",
3c40794b 2875 sizeof(struct nfs4_lockowner), 0, 0, NULL);
fe0750e5 2876 if (lockowner_slab == NULL)
abf1135b 2877 goto out_free_openowner_slab;
e60d4398 2878 file_slab = kmem_cache_create("nfsd4_files",
20c2df83 2879 sizeof(struct nfs4_file), 0, 0, NULL);
e60d4398 2880 if (file_slab == NULL)
abf1135b 2881 goto out_free_lockowner_slab;
5ac049ac 2882 stateid_slab = kmem_cache_create("nfsd4_stateids",
dcef0413 2883 sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
5ac049ac 2884 if (stateid_slab == NULL)
abf1135b 2885 goto out_free_file_slab;
5b2d21c1 2886 deleg_slab = kmem_cache_create("nfsd4_delegations",
20c2df83 2887 sizeof(struct nfs4_delegation), 0, 0, NULL);
5b2d21c1 2888 if (deleg_slab == NULL)
abf1135b 2889 goto out_free_stateid_slab;
e60d4398 2890 return 0;
abf1135b
CH		 2891
2892out_free_stateid_slab:
2893 kmem_cache_destroy(stateid_slab);
2894out_free_file_slab:
2895 kmem_cache_destroy(file_slab);
2896out_free_lockowner_slab:
2897 kmem_cache_destroy(lockowner_slab);
2898out_free_openowner_slab:
2899 kmem_cache_destroy(openowner_slab);
2900out:
e60d4398
N		 2901 dprintk("nfsd4: out of memory while initializing nfsv4\n");
2902 return -ENOMEM;
1da177e4
LT		 2903}
2904
ff194bd9 2905static void init_nfs4_replay(struct nfs4_replay *rp)
1da177e4 2906{
ff194bd9
BF		 2907 rp->rp_status = nfserr_serverfault;
2908 rp->rp_buflen = 0;
2909 rp->rp_buf = rp->rp_ibuf;
1da177e4
LT		 2910}
2911
fe0750e5 2912static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
ff194bd9 2913{
1da177e4 2914 struct nfs4_stateowner *sop;
1da177e4 2915
fe0750e5 2916 sop = kmem_cache_alloc(slab, GFP_KERNEL);
ff194bd9
BF		 2917 if (!sop)
2918 return NULL;
2919
2920 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
2921 if (!sop->so_owner.data) {
fe0750e5 2922 kmem_cache_free(slab, sop);
1da177e4 2923 return NULL;
ff194bd9
BF		 2924 }
2925 sop->so_owner.len = owner->len;
2926
ea1da636 2927 INIT_LIST_HEAD(&sop->so_stateids);
ff194bd9
BF		 2928 sop->so_client = clp;
2929 init_nfs4_replay(&sop->so_replay);
2930 return sop;
2931}
2932
fe0750e5 2933static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
ff194bd9 2934{
9b531137
SK		 2935 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2936
2937 list_add(&oo->oo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]);
fe0750e5 2938 list_add(&oo->oo_perclient, &clp->cl_openowners);
ff194bd9
BF		 2939}
2940
fe0750e5 2941static struct nfs4_openowner *
13d6f66b 2942alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
db24b3b4
JL		 2943 struct nfsd4_compound_state *cstate)
2944{
13d6f66b 2945 struct nfs4_client *clp = cstate->clp;
fe0750e5 2946 struct nfs4_openowner *oo;
ff194bd9 2947
fe0750e5
BF		 2948 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
2949 if (!oo)
ff194bd9 2950 return NULL;
fe0750e5
BF		 2951 oo->oo_owner.so_is_open_owner = 1;
2952 oo->oo_owner.so_seqid = open->op_seqid;
d29b20cd 2953 oo->oo_flags = NFS4_OO_NEW;
db24b3b4
JL		 2954 if (nfsd4_has_session(cstate))
2955 oo->oo_flags |= NFS4_OO_CONFIRMED;
fe0750e5 2956 oo->oo_time = 0;
38c387b5 2957 oo->oo_last_closed_stid = NULL;
fe0750e5
BF		 2958 INIT_LIST_HEAD(&oo->oo_close_lru);
2959 hash_openowner(oo, clp, strhashval);
2960 return oo;
1da177e4
LT		 2961}
2962
996e0938 2963static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) {
fe0750e5 2964 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 2965
3abdb607 2966 stp->st_stid.sc_type = NFS4_OPEN_STID;
3c87b9b7 2967 INIT_LIST_HEAD(&stp->st_locks);
fe0750e5 2968 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
fe0750e5 2969 stp->st_stateowner = &oo->oo_owner;
13cd2184 2970 get_nfs4_file(fp);
1da177e4 2971 stp->st_file = fp;
1da177e4
LT		 2972 stp->st_access_bmap = 0;
2973 stp->st_deny_bmap = 0;
4c4cd222 2974 stp->st_openstp = NULL;
1d31a253
TM		 2975 spin_lock(&fp->fi_lock);
2976 list_add(&stp->st_perfile, &fp->fi_stateids);
2977 spin_unlock(&fp->fi_lock);
1da177e4
LT		 2978}
2979
fd39ca9a 2980static void
73758fed 2981move_to_close_lru(struct nfs4_openowner *oo, struct net *net)
1da177e4 2982{
73758fed
SK		 2983 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
2984
fe0750e5 2985 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
1da177e4 2986
73758fed 2987 list_move_tail(&oo->oo_close_lru, &nn->close_lru);
fe0750e5 2988 oo->oo_time = get_seconds();
1da177e4
LT		 2989}
2990
1da177e4 2991static int
599e0a22
BF		 2992same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner,
2993 clientid_t *clid)
2994{
2995 return (sop->so_owner.len == owner->len) &&
2996 0 == memcmp(sop->so_owner.data, owner->data, owner->len) &&
2997 (sop->so_client->cl_clientid.cl_id == clid->cl_id);
1da177e4
LT		 2998}
2999
fe0750e5 3000static struct nfs4_openowner *
9b531137
SK		 3001find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open,
3002 bool sessions, struct nfsd_net *nn)
1da177e4 3003{
a50d2ad1
BF		 3004 struct nfs4_stateowner *so;
3005 struct nfs4_openowner *oo;
d15c077e 3006 struct nfs4_client *clp;
1da177e4 3007
9b531137 3008 list_for_each_entry(so, &nn->ownerstr_hashtbl[hashval], so_strhash) {
16bfdaaf
BF		 3009 if (!so->so_is_open_owner)
3010 continue;
a50d2ad1
BF		 3011 if (same_owner_str(so, &open->op_owner, &open->op_clientid)) {
3012 oo = openowner(so);
d15c077e
BF		 3013 clp = oo->oo_owner.so_client;
3014 if ((bool)clp->cl_minorversion != sessions)
3015 return NULL;
a50d2ad1
BF		 3016 renew_client(oo->oo_owner.so_client);
3017 return oo;
3018 }
1da177e4
LT		 3019 }
3020 return NULL;
3021}
3022
3023/* search file_hashtbl[] for file */
3024static struct nfs4_file *
ca943217 3025find_file_locked(struct knfsd_fh *fh)
1da177e4 3026{
ca943217 3027 unsigned int hashval = file_hashval(fh);
1da177e4
LT		 3028 struct nfs4_file *fp;
3029
950e0118
TM		 3030 lockdep_assert_held(&state_lock);
3031
89876f8c 3032 hlist_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) {
ca943217 3033 if (nfsd_fh_match(&fp->fi_fhandle, fh)) {
13cd2184 3034 get_nfs4_file(fp);
1da177e4 3035 return fp;
13cd2184 3036 }
1da177e4
LT		 3037 }
3038 return NULL;
3039}
3040
950e0118 3041static struct nfs4_file *
ca943217 3042find_file(struct knfsd_fh *fh)
950e0118
TM		 3043{
3044 struct nfs4_file *fp;
3045
3046 spin_lock(&state_lock);
ca943217 3047 fp = find_file_locked(fh);
950e0118
TM		 3048 spin_unlock(&state_lock);
3049 return fp;
3050}
3051
3052static struct nfs4_file *
f9c00c3a 3053find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh)
950e0118
TM		 3054{
3055 struct nfs4_file *fp;
3056
3057 spin_lock(&state_lock);
ca943217 3058 fp = find_file_locked(fh);
950e0118 3059 if (fp == NULL) {
f9c00c3a 3060 nfsd4_init_file(new, fh);
950e0118
TM		 3061 fp = new;
3062 }
3063 spin_unlock(&state_lock);
3064
3065 return fp;
3066}
3067
1da177e4
LT		 3068/*
3069 * Called to check deny when READ with all zero stateid or
3070 * WRITE with all zero or all one stateid
3071 */
b37ad28b 3072static __be32
1da177e4
LT		 3073nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
3074{
1da177e4 3075 struct nfs4_file *fp;
baeb4ff0 3076 __be32 ret = nfs_ok;
1da177e4 3077
ca943217 3078 fp = find_file(&current_fh->fh_handle);
13cd2184 3079 if (!fp)
baeb4ff0
JL		 3080 return ret;
3081 /* Check for conflicting share reservations */
1d31a253 3082 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3083 if (fp->fi_share_deny & deny_type)
3084 ret = nfserr_locked;
1d31a253 3085 spin_unlock(&fp->fi_lock);
13cd2184
N		 3086 put_nfs4_file(fp);
3087 return ret;
1da177e4
LT		 3088}
3089
02e1215f 3090void nfsd4_prepare_cb_recall(struct nfs4_delegation *dp)
1da177e4 3091{
e8c69d17
BF		 3092 struct nfs4_client *clp = dp->dl_stid.sc_client;
3093 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
3094
02e1215f
JL		 3095 /*
3096 * We can't do this in nfsd_break_deleg_cb because it is
3097 * already holding inode->i_lock
3098 */
3099 spin_lock(&state_lock);
3100 block_delegations(&dp->dl_fh);
dff1399f
JL		 3101 /*
3102 * If the dl_time != 0, then we know that it has already been
3103 * queued for a lease break. Don't queue it again.
3104 */
3105 if (dp->dl_time == 0) {
dff1399f 3106 dp->dl_time = get_seconds();
02e1215f 3107 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru);
dff1399f 3108 }
02e1215f
JL		 3109 spin_unlock(&state_lock);
3110}
1da177e4 3111
02e1215f
JL		 3112static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
3113{
3114 /*
3115 * We're assuming the state code never drops its reference
3116 * without first removing the lease. Since we're in this lease
3117 * callback (and since the lease code is serialized by the kernel
3118 * lock) we know the server hasn't removed the lease yet, we know
3119 * it's safe to take a reference.
3120 */
72c0b0fb 3121 atomic_inc(&dp->dl_stid.sc_count);
6b57d9c8
BF		 3122 nfsd4_cb_recall(dp);
3123}
3124
1c8c601a 3125/* Called from break_lease() with i_lock held. */
6b57d9c8
BF		 3126static void nfsd_break_deleg_cb(struct file_lock *fl)
3127{
acfdf5c3
BF		 3128 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
3129 struct nfs4_delegation *dp;
6b57d9c8 3130
7fa10cd1
BF		 3131 if (!fp) {
3132 WARN(1, "(%p)->fl_owner NULL\n", fl);
3133 return;
3134 }
3135 if (fp->fi_had_conflict) {
3136 WARN(1, "duplicate break on %p\n", fp);
3137 return;
3138 }
0272e1fd
BF		 3139 /*
3140 * We don't want the locks code to timeout the lease for us;
acfdf5c3 3141 * we'll remove it ourself if a delegation isn't returned
6b57d9c8 3142 * in time:
0272e1fd
BF		 3143 */
3144 fl->fl_break_time = 0;
1da177e4 3145
02e1215f 3146 spin_lock(&fp->fi_lock);
417c6629
JL		 3147 fp->fi_had_conflict = true;
3148 /*
3149 * If there are no delegations on the list, then we can't count on this
3150 * lease ever being cleaned up. Set the fl_break_time to jiffies so that
3151 * time_out_leases will do it ASAP. The fact that fi_had_conflict is now
3152 * true should keep any new delegations from being hashed.
3153 */
3154 if (list_empty(&fp->fi_delegations))
3155 fl->fl_break_time = jiffies;
3156 else
3157 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
3158 nfsd_break_one_deleg(dp);
02e1215f 3159 spin_unlock(&fp->fi_lock);
1da177e4
LT		 3160}
3161
1da177e4
LT		 3162static
3163int nfsd_change_deleg_cb(struct file_lock **onlist, int arg)
3164{
3165 if (arg & F_UNLCK)
3166 return lease_modify(onlist, arg);
3167 else
3168 return -EAGAIN;
3169}
3170
7b021967 3171static const struct lock_manager_operations nfsd_lease_mng_ops = {
8fb47a4f
BF		 3172 .lm_break = nfsd_break_deleg_cb,
3173 .lm_change = nfsd_change_deleg_cb,
1da177e4
LT		 3174};
3175
7a8711c9
BF		 3176static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
3177{
3178 if (nfsd4_has_session(cstate))
3179 return nfs_ok;
3180 if (seqid == so->so_seqid - 1)
3181 return nfserr_replay_me;
3182 if (seqid == so->so_seqid)
3183 return nfs_ok;
3184 return nfserr_bad_seqid;
3185}
1da177e4 3186
4b24ca7d
JL		 3187static __be32 lookup_clientid(clientid_t *clid,
3188 struct nfsd4_compound_state *cstate,
3189 struct nfsd_net *nn)
3190{
3191 struct nfs4_client *found;
3192
3193 if (cstate->clp) {
3194 found = cstate->clp;
3195 if (!same_clid(&found->cl_clientid, clid))
3196 return nfserr_stale_clientid;
3197 return nfs_ok;
3198 }
3199
3200 if (STALE_CLIENTID(clid, nn))
3201 return nfserr_stale_clientid;
3202
3203 /*
3204 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one
3205 * cached already then we know this is for is for v4.0 and "sessions"
3206 * will be false.
3207 */
3208 WARN_ON_ONCE(cstate->session);
3209 found = find_confirmed_client(clid, false, nn);
3210 if (!found)
3211 return nfserr_expired;
3212
3213 /* Cache the nfs4_client in cstate! */
3214 cstate->clp = found;
3215 atomic_inc(&found->cl_refcount);
3216 return nfs_ok;
3217}
3218
b37ad28b 3219__be32
6668958f 3220nfsd4_process_open1(struct nfsd4_compound_state *cstate,
3320fef1 3221 struct nfsd4_open *open, struct nfsd_net *nn)
1da177e4 3222{
1da177e4
LT		 3223 clientid_t *clientid = &open->op_clientid;
3224 struct nfs4_client *clp = NULL;
3225 unsigned int strhashval;
fe0750e5 3226 struct nfs4_openowner *oo = NULL;
4cdc951b 3227 __be32 status;
1da177e4 3228
2c142baa 3229 if (STALE_CLIENTID(&open->op_clientid, nn))
1da177e4 3230 return nfserr_stale_clientid;
32513b40
BF		 3231 /*
3232 * In case we need it later, after we've already created the
3233 * file and don't want to risk a further failure:
3234 */
3235 open->op_file = nfsd4_alloc_file();
3236 if (open->op_file == NULL)
3237 return nfserr_jukebox;
1da177e4 3238
2d91e895
TM		 3239 status = lookup_clientid(clientid, cstate, nn);
3240 if (status)
3241 return status;
3242 clp = cstate->clp;
3243
16bfdaaf 3244 strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner);
9b531137 3245 oo = find_openstateowner_str(strhashval, open, cstate->minorversion, nn);
fe0750e5
BF		 3246 open->op_openowner = oo;
3247 if (!oo) {
bcf130f9 3248 goto new_owner;
1da177e4 3249 }
dad1c067 3250 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
0f442aa2 3251 /* Replace unconfirmed owners without checking for replay. */
fe0750e5
BF		 3252 release_openowner(oo);
3253 open->op_openowner = NULL;
bcf130f9 3254 goto new_owner;
0f442aa2 3255 }
4cdc951b
BF		 3256 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
3257 if (status)
3258 return status;
4cdc951b 3259 goto alloc_stateid;
bcf130f9 3260new_owner:
13d6f66b 3261 oo = alloc_init_open_stateowner(strhashval, open, cstate);
bcf130f9
BF		 3262 if (oo == NULL)
3263 return nfserr_jukebox;
3264 open->op_openowner = oo;
4cdc951b
BF		 3265alloc_stateid:
3266 open->op_stp = nfs4_alloc_stateid(clp);
3267 if (!open->op_stp)
3268 return nfserr_jukebox;
0f442aa2 3269 return nfs_ok;
1da177e4
LT		 3270}
3271
b37ad28b 3272static inline __be32
4a6e43e6
N		 3273nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
3274{
3275 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
3276 return nfserr_openmode;
3277 else
3278 return nfs_ok;
3279}
3280
f459e453 3281static int share_access_to_flags(u32 share_access)
52f4fb43 3282{
f459e453 3283 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
52f4fb43
N		 3284}
3285
38c2f4b1 3286static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
24a0111e 3287{
f459e453 3288 struct nfs4_stid *ret;
24a0111e 3289
38c2f4b1 3290 ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID);
f459e453
BF		 3291 if (!ret)
3292 return NULL;
3293 return delegstateid(ret);
24a0111e
BF		 3294}
3295
8b289b2c
BF		 3296static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
3297{
3298 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
3299 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
3300}
3301
b37ad28b 3302static __be32
41d22663 3303nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open,
567d9829
N		 3304 struct nfs4_delegation **dp)
3305{
3306 int flags;
b37ad28b 3307 __be32 status = nfserr_bad_stateid;
567d9829 3308
38c2f4b1 3309 *dp = find_deleg_stateid(cl, &open->op_delegate_stateid);
567d9829 3310 if (*dp == NULL)
c44c5eeb 3311 goto out;
24a0111e 3312 flags = share_access_to_flags(open->op_share_access);
567d9829
N		 3313 status = nfs4_check_delegmode(*dp, flags);
3314 if (status)
3315 *dp = NULL;
c44c5eeb 3316out:
8b289b2c 3317 if (!nfsd4_is_deleg_cur(open))
c44c5eeb
N		 3318 return nfs_ok;
3319 if (status)
3320 return status;
dad1c067 3321 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
c44c5eeb 3322 return nfs_ok;
567d9829
N		 3323}
3324
a46cb7f2
JL		 3325static struct nfs4_ol_stateid *
3326nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1da177e4 3327{
a46cb7f2 3328 struct nfs4_ol_stateid *local, *ret = NULL;
fe0750e5 3329 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 3330
1d31a253 3331 spin_lock(&fp->fi_lock);
8beefa24 3332 list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
1da177e4
LT		 3333 /* ignore lock owners */
3334 if (local->st_stateowner->so_is_open_owner == 0)
3335 continue;
baeb4ff0 3336 if (local->st_stateowner == &oo->oo_owner) {
a46cb7f2 3337 ret = local;
baeb4ff0 3338 break;
1d31a253 3339 }
1da177e4 3340 }
1d31a253 3341 spin_unlock(&fp->fi_lock);
a46cb7f2 3342 return ret;
1da177e4
LT		 3343}
3344
21fb4016
BF		 3345static inline int nfs4_access_to_access(u32 nfs4_access)
3346{
3347 int flags = 0;
3348
3349 if (nfs4_access & NFS4_SHARE_ACCESS_READ)
3350 flags |= NFSD_MAY_READ;
3351 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
3352 flags |= NFSD_MAY_WRITE;
3353 return flags;
3354}
3355
7e6a72e5
CH		 3356static inline __be32
3357nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
3358 struct nfsd4_open *open)
3359{
3360 struct iattr iattr = {
3361 .ia_valid = ATTR_SIZE,
3362 .ia_size = 0,
3363 };
3364 if (!open->op_truncate)
3365 return 0;
3366 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
3367 return nfserr_inval;
3368 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
3369}
3370
0c12eaff 3371static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
6eb3a1d0
JL		 3372 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp,
3373 struct nfsd4_open *open)
f9d7562f 3374{
de18643d 3375 struct file *filp = NULL;
f9d7562f 3376 __be32 status;
0c12eaff
CB		 3377 int oflag = nfs4_access_to_omode(open->op_share_access);
3378 int access = nfs4_access_to_access(open->op_share_access);
baeb4ff0 3379 unsigned char old_access_bmap, old_deny_bmap;
0c12eaff 3380
de18643d 3381 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3382
3383 /*
3384 * Are we trying to set a deny mode that would conflict with
3385 * current access?
3386 */
3387 status = nfs4_file_check_deny(fp, open->op_share_deny);
3388 if (status != nfs_ok) {
3389 spin_unlock(&fp->fi_lock);
3390 goto out;
3391 }
3392
3393 /* set access to the file */
3394 status = nfs4_file_get_access(fp, open->op_share_access);
3395 if (status != nfs_ok) {
3396 spin_unlock(&fp->fi_lock);
3397 goto out;
3398 }
3399
3400 /* Set access bits in stateid */
3401 old_access_bmap = stp->st_access_bmap;
3402 set_access(open->op_share_access, stp);
3403
3404 /* Set new deny mask */
3405 old_deny_bmap = stp->st_deny_bmap;
3406 set_deny(open->op_share_deny, stp);
3407 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3408
f9d7562f 3409 if (!fp->fi_fds[oflag]) {
de18643d
TM		 3410 spin_unlock(&fp->fi_lock);
3411 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp);
f9d7562f 3412 if (status)
baeb4ff0 3413 goto out_put_access;
de18643d
TM		 3414 spin_lock(&fp->fi_lock);
3415 if (!fp->fi_fds[oflag]) {
3416 fp->fi_fds[oflag] = filp;
3417 filp = NULL;
3418 }
f9d7562f 3419 }
de18643d
TM		 3420 spin_unlock(&fp->fi_lock);
3421 if (filp)
3422 fput(filp);
f9d7562f 3423
7e6a72e5
CH		 3424 status = nfsd4_truncate(rqstp, cur_fh, open);
3425 if (status)
3426 goto out_put_access;
7e6a72e5
CH		 3427out:
3428 return status;
baeb4ff0
JL		 3429out_put_access:
3430 stp->st_access_bmap = old_access_bmap;
3431 nfs4_file_put_access(fp, open->op_share_access);
3432 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp);
3433 goto out;
1da177e4
LT		 3434}
3435
b37ad28b 3436static __be32
dcef0413 3437nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
1da177e4 3438{
b37ad28b 3439 __be32 status;
baeb4ff0 3440 unsigned char old_deny_bmap;
1da177e4 3441
6eb3a1d0 3442 if (!test_access(open->op_share_access, stp))
baeb4ff0 3443 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open);
7e6a72e5 3444
baeb4ff0
JL		 3445 /* test and set deny mode */
3446 spin_lock(&fp->fi_lock);
3447 status = nfs4_file_check_deny(fp, open->op_share_deny);
3448 if (status == nfs_ok) {
3449 old_deny_bmap = stp->st_deny_bmap;
3450 set_deny(open->op_share_deny, stp);
3451 fp->fi_share_deny |=
3452 (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3453 }
3454 spin_unlock(&fp->fi_lock);
3455
3456 if (status != nfs_ok)
1da177e4 3457 return status;
1da177e4 3458
baeb4ff0
JL		 3459 status = nfsd4_truncate(rqstp, cur_fh, open);
3460 if (status != nfs_ok)
3461 reset_union_bmap_deny(old_deny_bmap, stp);
3462 return status;
3463}
1da177e4 3464
1da177e4 3465static void
1255a8f3 3466nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session)
1da177e4 3467{
dad1c067 3468 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
1da177e4
LT		 3469}
3470
14a24e99
BF		 3471/* Should we give out recallable state?: */
3472static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
3473{
3474 if (clp->cl_cb_state == NFSD4_CB_UP)
3475 return true;
3476 /*
3477 * In the sessions case, since we don't have to establish a
3478 * separate connection for callbacks, we assume it's OK
3479 * until we hear otherwise:
3480 */
3481 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
3482}
3483
d564fbec 3484static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag)
22d38c4c
BF		 3485{
3486 struct file_lock *fl;
3487
3488 fl = locks_alloc_lock();
3489 if (!fl)
3490 return NULL;
3491 locks_init_lock(fl);
3492 fl->fl_lmops = &nfsd_lease_mng_ops;
617588d5 3493 fl->fl_flags = FL_DELEG;
22d38c4c
BF		 3494 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
3495 fl->fl_end = OFFSET_MAX;
d564fbec 3496 fl->fl_owner = (fl_owner_t)fp;
22d38c4c 3497 fl->fl_pid = current->tgid;
22d38c4c
BF		 3498 return fl;
3499}
3500
99c41515 3501static int nfs4_setlease(struct nfs4_delegation *dp)
edab9782 3502{
acfdf5c3 3503 struct nfs4_file *fp = dp->dl_file;
edab9782 3504 struct file_lock *fl;
417c6629
JL		 3505 struct file *filp;
3506 int status = 0;
edab9782 3507
d564fbec 3508 fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ);
edab9782
BF		 3509 if (!fl)
3510 return -ENOMEM;
417c6629
JL		 3511 filp = find_readable_file(fp);
3512 if (!filp) {
3513 /* We should always have a readable file here */
3514 WARN_ON_ONCE(1);
3515 return -EBADF;
3516 }
3517 fl->fl_file = filp;
3518 status = vfs_setlease(filp, fl->fl_type, &fl);
3519 if (status) {
3520 locks_free_lock(fl);
3521 goto out_fput;
3522 }
3523 spin_lock(&state_lock);
3524 spin_lock(&fp->fi_lock);
3525 /* Did the lease get broken before we took the lock? */
3526 status = -EAGAIN;
3527 if (fp->fi_had_conflict)
3528 goto out_unlock;
3529 /* Race breaker */
3530 if (fp->fi_lease) {
3531 status = 0;
3532 atomic_inc(&fp->fi_delegees);
3533 hash_delegation_locked(dp, fp);
3534 goto out_unlock;
3535 }
acfdf5c3 3536 fp->fi_lease = fl;
417c6629 3537 fp->fi_deleg_file = filp;
acfdf5c3 3538 atomic_set(&fp->fi_delegees, 1);
931ee56c 3539 hash_delegation_locked(dp, fp);
417c6629 3540 spin_unlock(&fp->fi_lock);
cdc97505 3541 spin_unlock(&state_lock);
acfdf5c3 3542 return 0;
417c6629
JL		 3543out_unlock:
3544 spin_unlock(&fp->fi_lock);
3545 spin_unlock(&state_lock);
3546out_fput:
3547 fput(filp);
e873088f 3548 return status;
acfdf5c3
BF		 3549}
3550
bf7bd3e9 3551static int nfs4_set_delegation(struct nfs4_delegation *dp, struct nfs4_file *fp)
acfdf5c3 3552{
417c6629
JL		 3553 int status = 0;
3554
bf7bd3e9
BF		 3555 if (fp->fi_had_conflict)
3556 return -EAGAIN;
3557 get_nfs4_file(fp);
417c6629
JL		 3558 spin_lock(&state_lock);
3559 spin_lock(&fp->fi_lock);
bf7bd3e9 3560 dp->dl_file = fp;
417c6629
JL		 3561 if (!fp->fi_lease) {
3562 spin_unlock(&fp->fi_lock);
3563 spin_unlock(&state_lock);
cbf7a75b 3564 return nfs4_setlease(dp);
417c6629 3565 }
cbf7a75b 3566 atomic_inc(&fp->fi_delegees);
acfdf5c3 3567 if (fp->fi_had_conflict) {
417c6629
JL		 3568 status = -EAGAIN;
3569 goto out_unlock;
acfdf5c3 3570 }
931ee56c 3571 hash_delegation_locked(dp, fp);
417c6629
JL		 3572out_unlock:
3573 spin_unlock(&fp->fi_lock);
cdc97505 3574 spin_unlock(&state_lock);
417c6629 3575 return status;
edab9782
BF		 3576}
3577
4aa8913c
BH		 3578static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
3579{
3580 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3581 if (status == -EAGAIN)
3582 open->op_why_no_deleg = WND4_CONTENTION;
3583 else {
3584 open->op_why_no_deleg = WND4_RESOURCE;
3585 switch (open->op_deleg_want) {
3586 case NFS4_SHARE_WANT_READ_DELEG:
3587 case NFS4_SHARE_WANT_WRITE_DELEG:
3588 case NFS4_SHARE_WANT_ANY_DELEG:
3589 break;
3590 case NFS4_SHARE_WANT_CANCEL:
3591 open->op_why_no_deleg = WND4_CANCELLED;
3592 break;
3593 case NFS4_SHARE_WANT_NO_DELEG:
063b0fb9 3594 WARN_ON_ONCE(1);
4aa8913c
BH		 3595 }
3596 }
3597}
3598
1da177e4
LT		 3599/*
3600 * Attempt to hand out a delegation.
99c41515
BF		 3601 *
3602 * Note we don't support write delegations, and won't until the vfs has
3603 * proper support for them.
1da177e4
LT		 3604 */
3605static void
5ccb0066
SK		 3606nfs4_open_delegation(struct net *net, struct svc_fh *fh,
3607 struct nfsd4_open *open, struct nfs4_ol_stateid *stp)
1da177e4
LT		 3608{
3609 struct nfs4_delegation *dp;
fe0750e5 3610 struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner);
14a24e99 3611 int cb_up;
99c41515 3612 int status = 0;
1da177e4 3613
fe0750e5 3614 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
7b190fec
N		 3615 open->op_recall = 0;
3616 switch (open->op_claim_type) {
3617 case NFS4_OPEN_CLAIM_PREVIOUS:
2bf23875 3618 if (!cb_up)
7b190fec 3619 open->op_recall = 1;
99c41515
BF		 3620 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ)
3621 goto out_no_deleg;
7b190fec
N		 3622 break;
3623 case NFS4_OPEN_CLAIM_NULL:
ed47b062 3624 case NFS4_OPEN_CLAIM_FH:
99c41515
BF		 3625 /*
3626 * Let's not give out any delegations till everyone's
3627 * had the chance to reclaim theirs....
3628 */
5ccb0066 3629 if (locks_in_grace(net))
99c41515 3630 goto out_no_deleg;
dad1c067 3631 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
99c41515 3632 goto out_no_deleg;
9a0590ae
SD		 3633 /*
3634 * Also, if the file was opened for write or
3635 * create, there's a good chance the client's
3636 * about to write to it, resulting in an
3637 * immediate recall (since we don't support
3638 * write delegations):
3639 */
7b190fec 3640 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
99c41515
BF		 3641 goto out_no_deleg;
3642 if (open->op_create == NFS4_OPEN_CREATE)
3643 goto out_no_deleg;
7b190fec
N		 3644 break;
3645 default:
99c41515 3646 goto out_no_deleg;
7b190fec 3647 }
99c41515 3648 dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh);
dd239cc0
BF		 3649 if (dp == NULL)
3650 goto out_no_deleg;
bf7bd3e9 3651 status = nfs4_set_delegation(dp, stp->st_file);
edab9782 3652 if (status)
dd239cc0 3653 goto out_free;
1da177e4 3654
d5477a8d 3655 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
1da177e4 3656
8c10cbdb 3657 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
d5477a8d 3658 STATEID_VAL(&dp->dl_stid.sc_stateid));
99c41515 3659 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ;
dd239cc0
BF		 3660 return;
3661out_free:
42690676 3662 nfs4_put_delegation(dp);
dd239cc0 3663out_no_deleg:
99c41515
BF		 3664 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE;
3665 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
d08d32e6 3666 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) {
99c41515 3667 dprintk("NFSD: WARNING: refusing delegation reclaim\n");
d08d32e6
BF		 3668 open->op_recall = 1;
3669 }
99c41515
BF		 3670
3671 /* 4.1 client asking for a delegation? */
3672 if (open->op_deleg_want)
3673 nfsd4_open_deleg_none_ext(open, status);
3674 return;
1da177e4
LT		 3675}
3676
e27f49c3
BH		 3677static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
3678 struct nfs4_delegation *dp)
3679{
3680 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
3681 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
3682 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3683 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
3684 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
3685 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
3686 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3687 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
3688 }
3689 /* Otherwise the client must be confused wanting a delegation
3690 * it already has, therefore we don't return
3691 * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
3692 */
3693}
3694
1da177e4
LT		 3695/*
3696 * called with nfs4_lock_state() held.
3697 */
b37ad28b 3698__be32
1da177e4
LT		 3699nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
3700{
6668958f 3701 struct nfsd4_compoundres *resp = rqstp->rq_resp;
38c2f4b1 3702 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
1da177e4 3703 struct nfs4_file *fp = NULL;
dcef0413 3704 struct nfs4_ol_stateid *stp = NULL;
567d9829 3705 struct nfs4_delegation *dp = NULL;
b37ad28b 3706 __be32 status;
1da177e4 3707
1da177e4
LT		 3708 /*
3709 * Lookup file; if found, lookup stateid and check open request,
3710 * and check for delegations in the process of being recalled.
3711 * If not found, create the nfs4_file struct
3712 */
f9c00c3a 3713 fp = find_or_add_file(open->op_file, &current_fh->fh_handle);
950e0118 3714 if (fp != open->op_file) {
41d22663 3715 status = nfs4_check_deleg(cl, open, &dp);
c44c5eeb
N		 3716 if (status)
3717 goto out;
a46cb7f2 3718 stp = nfsd4_find_existing_open(fp, open);
1da177e4 3719 } else {
950e0118 3720 open->op_file = NULL;
c44c5eeb 3721 status = nfserr_bad_stateid;
8b289b2c 3722 if (nfsd4_is_deleg_cur(open))
c44c5eeb 3723 goto out;
3e772463 3724 status = nfserr_jukebox;
1da177e4
LT		 3725 }
3726
3727 /*
3728 * OPEN the file, or upgrade an existing OPEN.
3729 * If truncate fails, the OPEN fails.
3730 */
3731 if (stp) {
3732 /* Stateid was found, this is an OPEN upgrade */
f9d7562f 3733 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
1da177e4
LT		 3734 if (status)
3735 goto out;
3736 } else {
4cdc951b
BF		 3737 stp = open->op_stp;
3738 open->op_stp = NULL;
996e0938 3739 init_open_stateid(stp, fp, open);
6eb3a1d0
JL		 3740 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
3741 if (status) {
3742 release_open_stateid(stp);
3743 goto out;
3744 }
1da177e4 3745 }
dcef0413
BF		 3746 update_stateid(&stp->st_stid.sc_stateid);
3747 memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 3748
d24433cd 3749 if (nfsd4_has_session(&resp->cstate)) {
d24433cd
BH		 3750 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
3751 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3752 open->op_why_no_deleg = WND4_NOT_WANTED;
3753 goto nodeleg;
3754 }
3755 }
3756
1da177e4
LT		 3757 /*
3758 * Attempt to hand out a delegation. No error return, because the
3759 * OPEN succeeds even if we fail.
3760 */
5ccb0066 3761 nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp);
d24433cd 3762nodeleg:
1da177e4
LT		 3763 status = nfs_ok;
3764
8c10cbdb 3765 dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
dcef0413 3766 STATEID_VAL(&stp->st_stid.sc_stateid));
1da177e4 3767out:
d24433cd
BH		 3768 /* 4.1 client trying to upgrade/downgrade delegation? */
3769 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
e27f49c3
BH		 3770 open->op_deleg_want)
3771 nfsd4_deleg_xgrade_none_ext(open, dp);
d24433cd 3772
13cd2184
N		 3773 if (fp)
3774 put_nfs4_file(fp);
37515177 3775 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
1255a8f3 3776 nfs4_set_claim_prev(open, nfsd4_has_session(&resp->cstate));
1da177e4
LT		 3777 /*
3778 * To finish the open response, we just need to set the rflags.
3779 */
3780 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
dad1c067 3781 if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) &&
6668958f 3782 !nfsd4_has_session(&resp->cstate))
1da177e4
LT		 3783 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
3784
3785 return status;
3786}
3787
d29b20cd
BF		 3788void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status)
3789{
3790 if (open->op_openowner) {
3791 struct nfs4_openowner *oo = open->op_openowner;
3792
3793 if (!list_empty(&oo->oo_owner.so_stateids))
3794 list_del_init(&oo->oo_close_lru);
3795 if (oo->oo_flags & NFS4_OO_NEW) {
3796 if (status) {
3797 release_openowner(oo);
3798 open->op_openowner = NULL;
3799 } else
3800 oo->oo_flags &= ~NFS4_OO_NEW;
3801 }
3802 }
32513b40
BF		 3803 if (open->op_file)
3804 nfsd4_free_file(open->op_file);
4cdc951b 3805 if (open->op_stp)
ef79859e 3806 free_generic_stateid(open->op_stp);
d29b20cd
BF		 3807}
3808
b37ad28b 3809__be32
b591480b
BF		 3810nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3811 clientid_t *clid)
1da177e4
LT		 3812{
3813 struct nfs4_client *clp;
b37ad28b 3814 __be32 status;
7f2210fa 3815 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4
LT		 3816
3817 nfs4_lock_state();
3818 dprintk("process_renew(%08x/%08x): starting\n",
3819 clid->cl_boot, clid->cl_id);
4b24ca7d 3820 status = lookup_clientid(clid, cstate, nn);
9b2ef62b 3821 if (status)
1da177e4 3822 goto out;
4b24ca7d 3823 clp = cstate->clp;
1da177e4 3824 status = nfserr_cb_path_down;
ea1da636 3825 if (!list_empty(&clp->cl_delegations)
77a3569d 3826 && clp->cl_cb_state != NFSD4_CB_UP)
1da177e4
LT		 3827 goto out;
3828 status = nfs_ok;
3829out:
3830 nfs4_unlock_state();
3831 return status;
3832}
3833
a76b4319 3834static void
12760c66 3835nfsd4_end_grace(struct nfsd_net *nn)
a76b4319 3836{
33dcc481 3837 /* do nothing if grace period already ended */
a51c84ed 3838 if (nn->grace_ended)
33dcc481
JL		 3839 return;
3840
a76b4319 3841 dprintk("NFSD: end of grace period\n");
a51c84ed 3842 nn->grace_ended = true;
12760c66 3843 nfsd4_record_grace_done(nn, nn->boot_time);
5e1533c7 3844 locks_end_grace(&nn->nfsd4_manager);
e46b498c
BF		 3845 /*
3846 * Now that every NFSv4 client has had the chance to recover and
3847 * to see the (possibly new, possibly shorter) lease time, we
3848 * can safely set the next grace time to the current lease time:
3849 */
5284b44e 3850 nn->nfsd4_grace = nn->nfsd4_lease;
a76b4319
N		 3851}
3852
fd39ca9a 3853static time_t
09121281 3854nfs4_laundromat(struct nfsd_net *nn)
1da177e4
LT		 3855{
3856 struct nfs4_client *clp;
fe0750e5 3857 struct nfs4_openowner *oo;
1da177e4
LT		 3858 struct nfs4_delegation *dp;
3859 struct list_head *pos, *next, reaplist;
3d733711 3860 time_t cutoff = get_seconds() - nn->nfsd4_lease;
a832e7ae 3861 time_t t, new_timeo = nn->nfsd4_lease;
1da177e4
LT		 3862
3863 nfs4_lock_state();
3864
3865 dprintk("NFSD: laundromat service - starting\n");
12760c66 3866 nfsd4_end_grace(nn);
36acb66b 3867 INIT_LIST_HEAD(&reaplist);
c9a49628 3868 spin_lock(&nn->client_lock);
5ed58bb2 3869 list_for_each_safe(pos, next, &nn->client_lru) {
1da177e4
LT		 3870 clp = list_entry(pos, struct nfs4_client, cl_lru);
3871 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
3872 t = clp->cl_time - cutoff;
a832e7ae 3873 new_timeo = min(new_timeo, t);
1da177e4
LT		 3874 break;
3875 }
221a6876 3876 if (mark_client_expired_locked(clp)) {
d7682988
BH		 3877 dprintk("NFSD: client in use (clientid %08x)\n",
3878 clp->cl_clientid.cl_id);
3879 continue;
3880 }
221a6876 3881 list_move(&clp->cl_lru, &reaplist);
36acb66b 3882 }
c9a49628 3883 spin_unlock(&nn->client_lock);
36acb66b
BH		 3884 list_for_each_safe(pos, next, &reaplist) {
3885 clp = list_entry(pos, struct nfs4_client, cl_lru);
1da177e4
LT		 3886 dprintk("NFSD: purging unused client (clientid %08x)\n",
3887 clp->cl_clientid.cl_id);
3888 expire_client(clp);
3889 }
cdc97505 3890 spin_lock(&state_lock);
e8c69d17 3891 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 3892 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4e37a7c2
SK		 3893 if (net_generic(dp->dl_stid.sc_client->net, nfsd_net_id) != nn)
3894 continue;
1da177e4 3895 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
a832e7ae
JL		 3896 t = dp->dl_time - cutoff;
3897 new_timeo = min(new_timeo, t);
1da177e4
LT		 3898 break;
3899 }
42690676
JL		 3900 unhash_delegation_locked(dp);
3901 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 3902 }
cdc97505 3903 spin_unlock(&state_lock);
2d4a532d
JL		 3904 while (!list_empty(&reaplist)) {
3905 dp = list_first_entry(&reaplist, struct nfs4_delegation,
3906 dl_recall_lru);
3907 list_del_init(&dp->dl_recall_lru);
3bd64a5b 3908 revoke_delegation(dp);
1da177e4 3909 }
73758fed 3910 list_for_each_safe(pos, next, &nn->close_lru) {
fe0750e5
BF		 3911 oo = container_of(pos, struct nfs4_openowner, oo_close_lru);
3912 if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) {
a832e7ae
JL		 3913 t = oo->oo_time - cutoff;
3914 new_timeo = min(new_timeo, t);
1da177e4
LT		 3915 break;
3916 }
fe0750e5 3917 release_openowner(oo);
1da177e4 3918 }
a832e7ae 3919 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT);
1da177e4 3920 nfs4_unlock_state();
a832e7ae 3921 return new_timeo;
1da177e4
LT		 3922}
3923
a254b246
HH		 3924static struct workqueue_struct *laundry_wq;
3925static void laundromat_main(struct work_struct *);
a254b246
HH		 3926
3927static void
09121281 3928laundromat_main(struct work_struct *laundry)
1da177e4
LT		 3929{
3930 time_t t;
09121281
SK		 3931 struct delayed_work *dwork = container_of(laundry, struct delayed_work,
3932 work);
3933 struct nfsd_net *nn = container_of(dwork, struct nfsd_net,
3934 laundromat_work);
1da177e4 3935
09121281 3936 t = nfs4_laundromat(nn);
1da177e4 3937 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
09121281 3938 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ);
1da177e4
LT		 3939}
3940
f7a4d872 3941static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp)
1da177e4 3942{
b07c54a4 3943 if (!nfsd_fh_match(&fhp->fh_handle, &stp->st_file->fi_fhandle))
f7a4d872
BF		 3944 return nfserr_bad_stateid;
3945 return nfs_ok;
1da177e4
LT		 3946}
3947
1da177e4 3948static inline int
82c5ff1b 3949access_permit_read(struct nfs4_ol_stateid *stp)
1da177e4 3950{
82c5ff1b
JL		 3951 return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
3952 test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
3953 test_access(NFS4_SHARE_ACCESS_WRITE, stp);
1da177e4
LT		 3954}
3955
3956static inline int
82c5ff1b 3957access_permit_write(struct nfs4_ol_stateid *stp)
1da177e4 3958{
82c5ff1b
JL		 3959 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
3960 test_access(NFS4_SHARE_ACCESS_BOTH, stp);
1da177e4
LT		 3961}
3962
3963static
dcef0413 3964__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
1da177e4 3965{
b37ad28b 3966 __be32 status = nfserr_openmode;
1da177e4 3967
02921914
BF		 3968 /* For lock stateid's, we test the parent open, not the lock: */
3969 if (stp->st_openstp)
3970 stp = stp->st_openstp;
82c5ff1b 3971 if ((flags & WR_STATE) && !access_permit_write(stp))
1da177e4 3972 goto out;
82c5ff1b 3973 if ((flags & RD_STATE) && !access_permit_read(stp))
1da177e4
LT		 3974 goto out;
3975 status = nfs_ok;
3976out:
3977 return status;
3978}
3979
b37ad28b 3980static inline __be32
5ccb0066 3981check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
1da177e4 3982{
203a8c8e 3983 if (ONE_STATEID(stateid) && (flags & RD_STATE))
1da177e4 3984 return nfs_ok;
5ccb0066 3985 else if (locks_in_grace(net)) {
25985edc 3986 /* Answer in remaining cases depends on existence of
1da177e4
LT		 3987 * conflicting state; so we must wait out the grace period. */
3988 return nfserr_grace;
3989 } else if (flags & WR_STATE)
3990 return nfs4_share_conflict(current_fh,
3991 NFS4_SHARE_DENY_WRITE);
3992 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
3993 return nfs4_share_conflict(current_fh,
3994 NFS4_SHARE_DENY_READ);
3995}
3996
3997/*
3998 * Allow READ/WRITE during grace period on recovered state only for files
3999 * that are not able to provide mandatory locking.
4000 */
4001static inline int
5ccb0066 4002grace_disallows_io(struct net *net, struct inode *inode)
1da177e4 4003{
5ccb0066 4004 return locks_in_grace(net) && mandatory_lock(inode);
1da177e4
LT		 4005}
4006
81b82965
BF		 4007/* Returns true iff a is later than b: */
4008static bool stateid_generation_after(stateid_t *a, stateid_t *b)
4009{
1a9357f4 4010 return (s32)(a->si_generation - b->si_generation) > 0;
81b82965
BF		 4011}
4012
57b7b43b 4013static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
0836f587 4014{
6668958f
AA		 4015 /*
4016 * When sessions are used the stateid generation number is ignored
4017 * when it is zero.
4018 */
28dde241 4019 if (has_session && in->si_generation == 0)
81b82965
BF		 4020 return nfs_ok;
4021
4022 if (in->si_generation == ref->si_generation)
4023 return nfs_ok;
6668958f 4024
0836f587 4025 /* If the client sends us a stateid from the future, it's buggy: */
81b82965 4026 if (stateid_generation_after(in, ref))
0836f587
BF		 4027 return nfserr_bad_stateid;
4028 /*
81b82965
BF		 4029 * However, we could see a stateid from the past, even from a
4030 * non-buggy client. For example, if the client sends a lock
4031 * while some IO is outstanding, the lock may bump si_generation
4032 * while the IO is still in flight. The client could avoid that
4033 * situation by waiting for responses on all the IO requests,
4034 * but better performance may result in retrying IO that
4035 * receives an old_stateid error if requests are rarely
4036 * reordered in flight:
0836f587 4037 */
81b82965 4038 return nfserr_old_stateid;
0836f587
BF		 4039}
4040
7df302f7 4041static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
17456804 4042{
97b7e3b6
BF		 4043 struct nfs4_stid *s;
4044 struct nfs4_ol_stateid *ols;
4045 __be32 status;
17456804 4046
7df302f7
CL		 4047 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4048 return nfserr_bad_stateid;
4049 /* Client debugging aid. */
4050 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
4051 char addr_str[INET6_ADDRSTRLEN];
4052 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
4053 sizeof(addr_str));
4054 pr_warn_ratelimited("NFSD: client %s testing state ID "
4055 "with incorrect client ID\n", addr_str);
4056 return nfserr_bad_stateid;
4057 }
38c2f4b1 4058 s = find_stateid(cl, stateid);
97b7e3b6 4059 if (!s)
7df302f7 4060 return nfserr_bad_stateid;
36279ac1 4061 status = check_stateid_generation(stateid, &s->sc_stateid, 1);
17456804 4062 if (status)
97b7e3b6 4063 return status;
23340032
BF		 4064 switch (s->sc_type) {
4065 case NFS4_DELEG_STID:
97b7e3b6 4066 return nfs_ok;
3bd64a5b
BF		 4067 case NFS4_REVOKED_DELEG_STID:
4068 return nfserr_deleg_revoked;
23340032
BF		 4069 case NFS4_OPEN_STID:
4070 case NFS4_LOCK_STID:
4071 ols = openlockstateid(s);
4072 if (ols->st_stateowner->so_is_open_owner
4073 && !(openowner(ols->st_stateowner)->oo_flags
4074 & NFS4_OO_CONFIRMED))
4075 return nfserr_bad_stateid;
97b7e3b6 4076 return nfs_ok;
23340032
BF		 4077 default:
4078 printk("unknown stateid type %x\n", s->sc_type);
b0fc29d6 4079 /* Fallthrough */
23340032 4080 case NFS4_CLOSED_STID:
b0fc29d6 4081 case NFS4_CLOSED_DELEG_STID:
97b7e3b6 4082 return nfserr_bad_stateid;
23340032 4083 }
17456804
BS		 4084}
4085
2dd6e458
TM		 4086static __be32
4087nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate,
4088 stateid_t *stateid, unsigned char typemask,
4089 struct nfs4_stid **s, struct nfsd_net *nn)
38c2f4b1 4090{
0eb6f20a 4091 __be32 status;
38c2f4b1
BF		 4092
4093 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4094 return nfserr_bad_stateid;
4b24ca7d 4095 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn);
a8a7c677 4096 if (status == nfserr_stale_clientid) {
4b24ca7d 4097 if (cstate->session)
a8a7c677 4098 return nfserr_bad_stateid;
38c2f4b1 4099 return nfserr_stale_stateid;
a8a7c677 4100 }
0eb6f20a
BF		 4101 if (status)
4102 return status;
4b24ca7d 4103 *s = find_stateid_by_type(cstate->clp, stateid, typemask);
38c2f4b1
BF		 4104 if (!*s)
4105 return nfserr_bad_stateid;
4106 return nfs_ok;
38c2f4b1
BF		 4107}
4108
1da177e4
LT		 4109/*
4110* Checks for stateid operations
4111*/
b37ad28b 4112__be32
5ccb0066 4113nfs4_preprocess_stateid_op(struct net *net, struct nfsd4_compound_state *cstate,
dd453dfd 4114 stateid_t *stateid, int flags, struct file **filpp)
1da177e4 4115{
69064a27 4116 struct nfs4_stid *s;
dcef0413 4117 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4118 struct nfs4_delegation *dp = NULL;
dd453dfd 4119 struct svc_fh *current_fh = &cstate->current_fh;
1da177e4 4120 struct inode *ino = current_fh->fh_dentry->d_inode;
3320fef1 4121 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
14bcab1a 4122 struct file *file = NULL;
b37ad28b 4123 __be32 status;
1da177e4 4124
1da177e4
LT		 4125 if (filpp)
4126 *filpp = NULL;
4127
5ccb0066 4128 if (grace_disallows_io(net, ino))
1da177e4
LT		 4129 return nfserr_grace;
4130
4131 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
5ccb0066 4132 return check_special_stateids(net, current_fh, stateid, flags);
1da177e4 4133
14bcab1a
TM		 4134 nfs4_lock_state();
4135
2dd6e458 4136 status = nfsd4_lookup_stateid(cstate, stateid,
db24b3b4 4137 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
2dd6e458 4138 &s, nn);
38c2f4b1 4139 if (status)
14bcab1a 4140 goto out;
69064a27
BF		 4141 status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate));
4142 if (status)
4143 goto out;
f7a4d872
BF		 4144 switch (s->sc_type) {
4145 case NFS4_DELEG_STID:
69064a27 4146 dp = delegstateid(s);
dc9bf700
BF		 4147 status = nfs4_check_delegmode(dp, flags);
4148 if (status)
4149 goto out;
43b0178e 4150 if (filpp) {
14bcab1a
TM		 4151 file = dp->dl_file->fi_deleg_file;
4152 if (!file) {
063b0fb9
BF		 4153 WARN_ON_ONCE(1);
4154 status = nfserr_serverfault;
4155 goto out;
4156 }
de18643d 4157 get_file(file);
43b0178e 4158 }
f7a4d872
BF		 4159 break;
4160 case NFS4_OPEN_STID:
4161 case NFS4_LOCK_STID:
69064a27 4162 stp = openlockstateid(s);
f7a4d872
BF		 4163 status = nfs4_check_fh(current_fh, stp);
4164 if (status)
1da177e4 4165 goto out;
fe0750e5 4166 if (stp->st_stateowner->so_is_open_owner
dad1c067 4167 && !(openowner(stp->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
1da177e4 4168 goto out;
a4455be0
BF		 4169 status = nfs4_check_openmode(stp, flags);
4170 if (status)
1da177e4 4171 goto out;
f9d7562f
BF		 4172 if (filpp) {
4173 if (flags & RD_STATE)
14bcab1a 4174 file = find_readable_file(stp->st_file);
f9d7562f 4175 else
14bcab1a 4176 file = find_writeable_file(stp->st_file);
f9d7562f 4177 }
f7a4d872
BF		 4178 break;
4179 default:
14bcab1a
TM		 4180 status = nfserr_bad_stateid;
4181 goto out;
1da177e4
LT		 4182 }
4183 status = nfs_ok;
14bcab1a 4184 if (file)
de18643d 4185 *filpp = file;
1da177e4 4186out:
14bcab1a 4187 nfs4_unlock_state();
1da177e4
LT		 4188 return status;
4189}
4190
e1ca12df 4191static __be32
dcef0413 4192nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp)
e1ca12df 4193{
a1b8ff4c
BF		 4194 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner);
4195
4196 if (check_for_locks(stp->st_file, lo))
e1ca12df 4197 return nfserr_locks_held;
c53530da 4198 release_lockowner_if_empty(lo);
e1ca12df
BS		 4199 return nfs_ok;
4200}
4201
17456804
BS		 4202/*
4203 * Test if the stateid is valid
4204 */
4205__be32
4206nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4207 struct nfsd4_test_stateid *test_stateid)
4208{
03cfb420
BS		 4209 struct nfsd4_test_stateid_id *stateid;
4210 struct nfs4_client *cl = cstate->session->se_client;
4211
4212 nfs4_lock_state();
4213 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
7df302f7
CL		 4214 stateid->ts_id_status =
4215 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
03cfb420
BS		 4216 nfs4_unlock_state();
4217
17456804
BS		 4218 return nfs_ok;
4219}
4220
e1ca12df
BS		 4221__be32
4222nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4223 struct nfsd4_free_stateid *free_stateid)
4224{
4225 stateid_t *stateid = &free_stateid->fr_stateid;
2da1cec7 4226 struct nfs4_stid *s;
3bd64a5b 4227 struct nfs4_delegation *dp;
38c2f4b1 4228 struct nfs4_client *cl = cstate->session->se_client;
2da1cec7 4229 __be32 ret = nfserr_bad_stateid;
e1ca12df
BS		 4230
4231 nfs4_lock_state();
38c2f4b1 4232 s = find_stateid(cl, stateid);
2da1cec7 4233 if (!s)
81b82965 4234 goto out;
2da1cec7
BF		 4235 switch (s->sc_type) {
4236 case NFS4_DELEG_STID:
e1ca12df
BS		 4237 ret = nfserr_locks_held;
4238 goto out;
2da1cec7
BF		 4239 case NFS4_OPEN_STID:
4240 case NFS4_LOCK_STID:
4241 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
4242 if (ret)
4243 goto out;
4244 if (s->sc_type == NFS4_LOCK_STID)
4245 ret = nfsd4_free_lock_stateid(openlockstateid(s));
4246 else
4247 ret = nfserr_locks_held;
f7a4d872 4248 break;
3bd64a5b
BF		 4249 case NFS4_REVOKED_DELEG_STID:
4250 dp = delegstateid(s);
2d4a532d
JL		 4251 spin_lock(&cl->cl_lock);
4252 list_del_init(&dp->dl_recall_lru);
4253 spin_unlock(&cl->cl_lock);
4254 nfs4_put_delegation(dp);
3bd64a5b
BF		 4255 ret = nfs_ok;
4256 break;
f7a4d872
BF		 4257 default:
4258 ret = nfserr_bad_stateid;
e1ca12df 4259 }
e1ca12df
BS		 4260out:
4261 nfs4_unlock_state();
4262 return ret;
4263}
4264
4c4cd222
N		 4265static inline int
4266setlkflg (int type)
4267{
4268 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
4269 RD_STATE : WR_STATE;
4270}
1da177e4 4271
dcef0413 4272static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
c0a5d93e
BF		 4273{
4274 struct svc_fh *current_fh = &cstate->current_fh;
4275 struct nfs4_stateowner *sop = stp->st_stateowner;
4276 __be32 status;
4277
c0a5d93e
BF		 4278 status = nfsd4_check_seqid(cstate, sop, seqid);
4279 if (status)
4280 return status;
3bd64a5b
BF		 4281 if (stp->st_stid.sc_type == NFS4_CLOSED_STID
4282 || stp->st_stid.sc_type == NFS4_REVOKED_DELEG_STID)
f7a4d872
BF		 4283 /*
4284 * "Closed" stateid's exist *only* to return
3bd64a5b
BF		 4285 * nfserr_replay_me from the previous step, and
4286 * revoked delegations are kept only for free_stateid.
f7a4d872
BF		 4287 */
4288 return nfserr_bad_stateid;
4289 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
4290 if (status)
4291 return status;
4292 return nfs4_check_fh(current_fh, stp);
c0a5d93e
BF		 4293}
4294
1da177e4
LT		 4295/*
4296 * Checks for sequence id mutating operations.
4297 */
b37ad28b 4298static __be32
dd453dfd 4299nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
2288d0e3 4300 stateid_t *stateid, char typemask,
3320fef1
SK		 4301 struct nfs4_ol_stateid **stpp,
4302 struct nfsd_net *nn)
1da177e4 4303{
0836f587 4304 __be32 status;
38c2f4b1 4305 struct nfs4_stid *s;
e17f99b7 4306 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4307
8c10cbdb
BH		 4308 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
4309 seqid, STATEID_VAL(stateid));
3a4f98bb 4310
1da177e4 4311 *stpp = NULL;
2dd6e458 4312 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn);
c0a5d93e
BF		 4313 if (status)
4314 return status;
e17f99b7 4315 stp = openlockstateid(s);
3d74e6a5 4316 if (!nfsd4_has_session(cstate))
e17f99b7 4317 cstate->replay_owner = stp->st_stateowner;
1da177e4 4318
e17f99b7
TM		 4319 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp);
4320 if (!status)
4321 *stpp = stp;
4322 return status;
c0a5d93e 4323}
39325bd0 4324
3320fef1
SK		 4325static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
4326 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn)
c0a5d93e
BF		 4327{
4328 __be32 status;
4329 struct nfs4_openowner *oo;
1da177e4 4330
c0a5d93e 4331 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
3320fef1 4332 NFS4_OPEN_STID, stpp, nn);
7a8711c9
BF		 4333 if (status)
4334 return status;
c0a5d93e 4335 oo = openowner((*stpp)->st_stateowner);
dad1c067 4336 if (!(oo->oo_flags & NFS4_OO_CONFIRMED))
3a4f98bb 4337 return nfserr_bad_stateid;
3a4f98bb 4338 return nfs_ok;
1da177e4
LT		 4339}
4340
b37ad28b 4341__be32
ca364317 4342nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4343 struct nfsd4_open_confirm *oc)
1da177e4 4344{
b37ad28b 4345 __be32 status;
fe0750e5 4346 struct nfs4_openowner *oo;
dcef0413 4347 struct nfs4_ol_stateid *stp;
3320fef1 4348 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4349
a6a9f18f
AV		 4350 dprintk("NFSD: nfsd4_open_confirm on file %pd\n",
4351 cstate->current_fh.fh_dentry);
1da177e4 4352
ca364317 4353 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
a8cddc5d
BF		 4354 if (status)
4355 return status;
1da177e4
LT		 4356
4357 nfs4_lock_state();
4358
9072d5c6 4359 status = nfs4_preprocess_seqid_op(cstate,
ca364317 4360 oc->oc_seqid, &oc->oc_req_stateid,
3320fef1 4361 NFS4_OPEN_STID, &stp, nn);
9072d5c6 4362 if (status)
68b66e82 4363 goto out;
fe0750e5 4364 oo = openowner(stp->st_stateowner);
68b66e82 4365 status = nfserr_bad_stateid;
dad1c067 4366 if (oo->oo_flags & NFS4_OO_CONFIRMED)
68b66e82 4367 goto out;
dad1c067 4368 oo->oo_flags |= NFS4_OO_CONFIRMED;
dcef0413
BF		 4369 update_stateid(&stp->st_stid.sc_stateid);
4370 memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
8c10cbdb 4371 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
dcef0413 4372 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
c7b9a459 4373
2a4317c5 4374 nfsd4_client_record_create(oo->oo_owner.so_client);
68b66e82 4375 status = nfs_ok;
1da177e4 4376out:
9411b1d4 4377 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4378 if (!cstate->replay_owner)
4379 nfs4_unlock_state();
1da177e4
LT		 4380 return status;
4381}
4382
6409a5a6 4383static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
1da177e4 4384{
82c5ff1b 4385 if (!test_access(access, stp))
6409a5a6 4386 return;
12659651 4387 nfs4_file_put_access(stp->st_file, access);
82c5ff1b 4388 clear_access(access, stp);
6409a5a6 4389}
f197c271 4390
6409a5a6
BF		 4391static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
4392{
4393 switch (to_access) {
4394 case NFS4_SHARE_ACCESS_READ:
4395 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
4396 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4397 break;
4398 case NFS4_SHARE_ACCESS_WRITE:
4399 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
4400 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4401 break;
4402 case NFS4_SHARE_ACCESS_BOTH:
4403 break;
4404 default:
063b0fb9 4405 WARN_ON_ONCE(1);
1da177e4
LT		 4406 }
4407}
4408
b37ad28b 4409__be32
ca364317
BF		 4410nfsd4_open_downgrade(struct svc_rqst *rqstp,
4411 struct nfsd4_compound_state *cstate,
a4f1706a 4412 struct nfsd4_open_downgrade *od)
1da177e4 4413{
b37ad28b 4414 __be32 status;
dcef0413 4415 struct nfs4_ol_stateid *stp;
3320fef1 4416 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4417
a6a9f18f
AV		 4418 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n",
4419 cstate->current_fh.fh_dentry);
1da177e4 4420
c30e92df 4421 /* We don't yet support WANT bits: */
2c8bd7e0
BH		 4422 if (od->od_deleg_want)
4423 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
4424 od->od_deleg_want);
1da177e4
LT		 4425
4426 nfs4_lock_state();
c0a5d93e 4427 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3320fef1 4428 &od->od_stateid, &stp, nn);
9072d5c6 4429 if (status)
1da177e4 4430 goto out;
1da177e4 4431 status = nfserr_inval;
82c5ff1b 4432 if (!test_access(od->od_share_access, stp)) {
c11c591f 4433 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n",
1da177e4
LT		 4434 stp->st_access_bmap, od->od_share_access);
4435 goto out;
4436 }
ce0fc43c 4437 if (!test_deny(od->od_share_deny, stp)) {
c11c591f 4438 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n",
1da177e4
LT		 4439 stp->st_deny_bmap, od->od_share_deny);
4440 goto out;
4441 }
6409a5a6 4442 nfs4_stateid_downgrade(stp, od->od_share_access);
1da177e4 4443
ce0fc43c 4444 reset_union_bmap_deny(od->od_share_deny, stp);
1da177e4 4445
dcef0413
BF		 4446 update_stateid(&stp->st_stid.sc_stateid);
4447 memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4
LT		 4448 status = nfs_ok;
4449out:
9411b1d4 4450 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4451 if (!cstate->replay_owner)
4452 nfs4_unlock_state();
1da177e4
LT		 4453 return status;
4454}
4455
f7a4d872
BF		 4456static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
4457{
acf9295b
TM		 4458 struct nfs4_client *clp = s->st_stid.sc_client;
4459 struct nfs4_openowner *oo = openowner(s->st_stateowner);
4460
f7a4d872 4461 s->st_stid.sc_type = NFS4_CLOSED_STID;
acf9295b
TM		 4462 unhash_open_stateid(s);
4463
4464 if (clp->cl_minorversion) {
4465 free_generic_stateid(s);
4466 if (list_empty(&oo->oo_owner.so_stateids))
4467 release_openowner(oo);
4468 } else {
f8338834
TM		 4469 if (s->st_file) {
4470 put_nfs4_file(s->st_file);
4471 s->st_file = NULL;
4472 }
acf9295b
TM		 4473 oo->oo_last_closed_stid = s;
4474 /*
4475 * In the 4.0 case we need to keep the owners around a
4476 * little while to handle CLOSE replay.
4477 */
4478 if (list_empty(&oo->oo_owner.so_stateids))
4479 move_to_close_lru(oo, clp->net);
4480 }
38c387b5
BF		 4481}
4482
1da177e4
LT		 4483/*
4484 * nfs4_unlock_state() called after encode
4485 */
b37ad28b 4486__be32
ca364317 4487nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4488 struct nfsd4_close *close)
1da177e4 4489{
b37ad28b 4490 __be32 status;
dcef0413 4491 struct nfs4_ol_stateid *stp;
3320fef1
SK		 4492 struct net *net = SVC_NET(rqstp);
4493 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 4494
a6a9f18f
AV		 4495 dprintk("NFSD: nfsd4_close on file %pd\n",
4496 cstate->current_fh.fh_dentry);
1da177e4
LT		 4497
4498 nfs4_lock_state();
f7a4d872
BF		 4499 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
4500 &close->cl_stateid,
4501 NFS4_OPEN_STID|NFS4_CLOSED_STID,
3320fef1 4502 &stp, nn);
9411b1d4 4503 nfsd4_bump_seqid(cstate, status);
9072d5c6 4504 if (status)
1da177e4 4505 goto out;
dcef0413
BF		 4506 update_stateid(&stp->st_stid.sc_stateid);
4507 memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 4508
f7a4d872 4509 nfsd4_close_open_stateid(stp);
1da177e4 4510out:
5ec094c1
BF		 4511 if (!cstate->replay_owner)
4512 nfs4_unlock_state();
1da177e4
LT		 4513 return status;
4514}
4515
b37ad28b 4516__be32
ca364317
BF		 4517nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4518 struct nfsd4_delegreturn *dr)
1da177e4 4519{
203a8c8e
BF		 4520 struct nfs4_delegation *dp;
4521 stateid_t *stateid = &dr->dr_stateid;
38c2f4b1 4522 struct nfs4_stid *s;
b37ad28b 4523 __be32 status;
3320fef1 4524 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4525
ca364317 4526 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
203a8c8e 4527 return status;
1da177e4
LT		 4528
4529 nfs4_lock_state();
2dd6e458 4530 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn);
38c2f4b1 4531 if (status)
203a8c8e 4532 goto out;
38c2f4b1 4533 dp = delegstateid(s);
d5477a8d 4534 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
203a8c8e
BF		 4535 if (status)
4536 goto out;
203a8c8e 4537
3bd64a5b 4538 destroy_delegation(dp);
1da177e4 4539out:
203a8c8e
BF		 4540 nfs4_unlock_state();
4541
1da177e4
LT		 4542 return status;
4543}
4544
4545
1da177e4 4546#define LOFF_OVERFLOW(start, len) ((u64)(len) > ~(u64)(start))
1da177e4 4547
87df4de8
BH		 4548static inline u64
4549end_offset(u64 start, u64 len)
4550{
4551 u64 end;
4552
4553 end = start + len;
4554 return end >= start ? end: NFS4_MAX_UINT64;
4555}
4556
4557/* last octet in a range */
4558static inline u64
4559last_byte_offset(u64 start, u64 len)
4560{
4561 u64 end;
4562
063b0fb9 4563 WARN_ON_ONCE(!len);
87df4de8
BH		 4564 end = start + len;
4565 return end > start ? end - 1: NFS4_MAX_UINT64;
4566}
4567
1da177e4
LT		 4568/*
4569 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
4570 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
4571 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit
4572 * locking, this prevents us from being completely protocol-compliant. The
4573 * real solution to this problem is to start using unsigned file offsets in
4574 * the VFS, but this is a very deep change!
4575 */
4576static inline void
4577nfs4_transform_lock_offset(struct file_lock *lock)
4578{
4579 if (lock->fl_start < 0)
4580 lock->fl_start = OFFSET_MAX;
4581 if (lock->fl_end < 0)
4582 lock->fl_end = OFFSET_MAX;
4583}
4584
d5b9026a
N		 4585/* Hack!: For now, we're defining this just so we can use a pointer to it
4586 * as a unique cookie to identify our (NFSv4's) posix locks. */
7b021967 4587static const struct lock_manager_operations nfsd_posix_mng_ops = {
d5b9026a 4588};
1da177e4
LT		 4589
4590static inline void
4591nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
4592{
fe0750e5 4593 struct nfs4_lockowner *lo;
1da177e4 4594
d5b9026a 4595 if (fl->fl_lmops == &nfsd_posix_mng_ops) {
fe0750e5
BF		 4596 lo = (struct nfs4_lockowner *) fl->fl_owner;
4597 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
4598 lo->lo_owner.so_owner.len, GFP_KERNEL);
7c13f344
BF		 4599 if (!deny->ld_owner.data)
4600 /* We just don't care that much */
4601 goto nevermind;
fe0750e5
BF		 4602 deny->ld_owner.len = lo->lo_owner.so_owner.len;
4603 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
d5b9026a 4604 } else {
7c13f344
BF		 4605nevermind:
4606 deny->ld_owner.len = 0;
4607 deny->ld_owner.data = NULL;
d5b9026a
N		 4608 deny->ld_clientid.cl_boot = 0;
4609 deny->ld_clientid.cl_id = 0;
1da177e4
LT		 4610 }
4611 deny->ld_start = fl->fl_start;
87df4de8
BH		 4612 deny->ld_length = NFS4_MAX_UINT64;
4613 if (fl->fl_end != NFS4_MAX_UINT64)
1da177e4
LT		 4614 deny->ld_length = fl->fl_end - fl->fl_start + 1;
4615 deny->ld_type = NFS4_READ_LT;
4616 if (fl->fl_type != F_RDLCK)
4617 deny->ld_type = NFS4_WRITE_LT;
4618}
4619
fe0750e5 4620static struct nfs4_lockowner *
b3c32bcd
TM		 4621find_lockowner_str(clientid_t *clid, struct xdr_netobj *owner,
4622 struct nfsd_net *nn)
1da177e4 4623{
b3c32bcd
TM		 4624 unsigned int strhashval = ownerstr_hashval(clid->cl_id, owner);
4625 struct nfs4_stateowner *so;
1da177e4 4626
b3c32bcd
TM		 4627 list_for_each_entry(so, &nn->ownerstr_hashtbl[strhashval], so_strhash) {
4628 if (so->so_is_open_owner)
4629 continue;
4630 if (!same_owner_str(so, owner, clid))
4631 continue;
4632 return lockowner(so);
1da177e4
LT		 4633 }
4634 return NULL;
4635}
4636
4637/*
4638 * Alloc a lock owner structure.
4639 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has
25985edc 4640 * occurred.
1da177e4 4641 *
16bfdaaf 4642 * strhashval = ownerstr_hashval
1da177e4 4643 */
fe0750e5 4644static struct nfs4_lockowner *
dcef0413 4645alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) {
fe0750e5 4646 struct nfs4_lockowner *lo;
b3c32bcd 4647 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 4648
fe0750e5
BF		 4649 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
4650 if (!lo)
1da177e4 4651 return NULL;
fe0750e5
BF		 4652 INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
4653 lo->lo_owner.so_is_open_owner = 0;
b59e3c0e
NB		 4654 /* It is the openowner seqid that will be incremented in encode in the
4655 * case of new lockowners; so increment the lock seqid manually: */
fe0750e5 4656 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1;
b3c32bcd 4657 list_add(&lo->lo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]);
fe0750e5 4658 return lo;
1da177e4
LT		 4659}
4660
dcef0413 4661static struct nfs4_ol_stateid *
f9c00c3a
JL		 4662alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp,
4663 struct inode *inode,
4664 struct nfs4_ol_stateid *open_stp)
1da177e4 4665{
dcef0413 4666 struct nfs4_ol_stateid *stp;
d3b313a4 4667 struct nfs4_client *clp = lo->lo_owner.so_client;
1da177e4 4668
996e0938 4669 stp = nfs4_alloc_stateid(clp);
5ac049ac 4670 if (stp == NULL)
6136d2b4 4671 return NULL;
3abdb607 4672 stp->st_stid.sc_type = NFS4_LOCK_STID;
fe0750e5
BF		 4673 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
4674 stp->st_stateowner = &lo->lo_owner;
13cd2184 4675 get_nfs4_file(fp);
1da177e4 4676 stp->st_file = fp;
0997b173 4677 stp->st_access_bmap = 0;
1da177e4 4678 stp->st_deny_bmap = open_stp->st_deny_bmap;
4c4cd222 4679 stp->st_openstp = open_stp;
3c87b9b7 4680 list_add(&stp->st_locks, &open_stp->st_locks);
1d31a253
TM		 4681 spin_lock(&fp->fi_lock);
4682 list_add(&stp->st_perfile, &fp->fi_stateids);
4683 spin_unlock(&fp->fi_lock);
1da177e4
LT		 4684 return stp;
4685}
4686
c53530da
JL		 4687static struct nfs4_ol_stateid *
4688find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp)
4689{
4690 struct nfs4_ol_stateid *lst;
4691
4692 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) {
4693 if (lst->st_file == fp)
4694 return lst;
4695 }
4696 return NULL;
4697}
4698
4699
fd39ca9a 4700static int
1da177e4
LT		 4701check_lock_length(u64 offset, u64 length)
4702{
87df4de8 4703 return ((length == 0) || ((length != NFS4_MAX_UINT64) &&
1da177e4
LT		 4704 LOFF_OVERFLOW(offset, length)));
4705}
4706
dcef0413 4707static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
0997b173
BF		 4708{
4709 struct nfs4_file *fp = lock_stp->st_file;
0997b173 4710
7214e860
JL		 4711 lockdep_assert_held(&fp->fi_lock);
4712
82c5ff1b 4713 if (test_access(access, lock_stp))
0997b173 4714 return;
12659651 4715 __nfs4_file_get_access(fp, access);
82c5ff1b 4716 set_access(access, lock_stp);
0997b173
BF		 4717}
4718
2355c596 4719static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new)
64a284d0
BF		 4720{
4721 struct nfs4_file *fi = ost->st_file;
4722 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
4723 struct nfs4_client *cl = oo->oo_owner.so_client;
f9c00c3a 4724 struct inode *inode = cstate->current_fh.fh_dentry->d_inode;
64a284d0
BF		 4725 struct nfs4_lockowner *lo;
4726 unsigned int strhashval;
20e9e2bc 4727 struct nfsd_net *nn = net_generic(cl->net, nfsd_net_id);
64a284d0 4728
b3c32bcd 4729 lo = find_lockowner_str(&cl->cl_clientid, &lock->v.new.owner, nn);
c53530da
JL		 4730 if (!lo) {
4731 strhashval = ownerstr_hashval(cl->cl_clientid.cl_id,
4732 &lock->v.new.owner);
4733 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
4734 if (lo == NULL)
4735 return nfserr_jukebox;
4736 } else {
4737 /* with an existing lockowner, seqids must be the same */
4738 if (!cstate->minorversion &&
4739 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid)
64a284d0 4740 return nfserr_bad_seqid;
64a284d0 4741 }
c53530da
JL		 4742
4743 *lst = find_lock_stateid(lo, fi);
64a284d0 4744 if (*lst == NULL) {
f9c00c3a 4745 *lst = alloc_init_lock_stateid(lo, fi, inode, ost);
c53530da
JL		 4746 if (*lst == NULL) {
4747 release_lockowner_if_empty(lo);
4748 return nfserr_jukebox;
4749 }
4750 *new = true;
64a284d0 4751 }
64a284d0
BF		 4752 return nfs_ok;
4753}
4754
1da177e4
LT		 4755/*
4756 * LOCK operation
4757 */
b37ad28b 4758__be32
ca364317 4759nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4760 struct nfsd4_lock *lock)
1da177e4 4761{
fe0750e5
BF		 4762 struct nfs4_openowner *open_sop = NULL;
4763 struct nfs4_lockowner *lock_sop = NULL;
dcef0413 4764 struct nfs4_ol_stateid *lock_stp;
7214e860 4765 struct nfs4_file *fp;
7d947842 4766 struct file *filp = NULL;
21179d81
JL		 4767 struct file_lock *file_lock = NULL;
4768 struct file_lock *conflock = NULL;
b37ad28b 4769 __be32 status = 0;
64a284d0 4770 bool new_state = false;
b34f27aa 4771 int lkflg;
b8dd7b9a 4772 int err;
3320fef1
SK		 4773 struct net *net = SVC_NET(rqstp);
4774 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4
LT		 4775
4776 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
4777 (long long) lock->lk_offset,
4778 (long long) lock->lk_length);
4779
1da177e4
LT		 4780 if (check_lock_length(lock->lk_offset, lock->lk_length))
4781 return nfserr_inval;
4782
ca364317 4783 if ((status = fh_verify(rqstp, &cstate->current_fh,
8837abca 4784 S_IFREG, NFSD_MAY_LOCK))) {
a6f6ef2f
AA		 4785 dprintk("NFSD: nfsd4_lock: permission denied!\n");
4786 return status;
4787 }
4788
1da177e4
LT		 4789 nfs4_lock_state();
4790
4791 if (lock->lk_is_new) {
dcef0413 4792 struct nfs4_ol_stateid *open_stp = NULL;
684e5638
BF		 4793
4794 if (nfsd4_has_session(cstate))
4795 /* See rfc 5661 18.10.3: given clientid is ignored: */
4796 memcpy(&lock->v.new.clientid,
4797 &cstate->session->se_client->cl_clientid,
4798 sizeof(clientid_t));
4799
1da177e4 4800 status = nfserr_stale_clientid;
2c142baa 4801 if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
1da177e4 4802 goto out;
1da177e4 4803
1da177e4 4804 /* validate and update open stateid and open seqid */
c0a5d93e 4805 status = nfs4_preprocess_confirmed_seqid_op(cstate,
1da177e4
LT		 4806 lock->lk_new_open_seqid,
4807 &lock->lk_new_open_stateid,
3320fef1 4808 &open_stp, nn);
37515177 4809 if (status)
1da177e4 4810 goto out;
fe0750e5 4811 open_sop = openowner(open_stp->st_stateowner);
b34f27aa 4812 status = nfserr_bad_stateid;
684e5638 4813 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
b34f27aa
BF		 4814 &lock->v.new.clientid))
4815 goto out;
64a284d0
BF		 4816 status = lookup_or_create_lock_state(cstate, open_stp, lock,
4817 &lock_stp, &new_state);
e1aaa891 4818 } else
dd453dfd 4819 status = nfs4_preprocess_seqid_op(cstate,
fe0750e5
BF		 4820 lock->lk_old_lock_seqid,
4821 &lock->lk_old_lock_stateid,
3320fef1 4822 NFS4_LOCK_STID, &lock_stp, nn);
e1aaa891
BF		 4823 if (status)
4824 goto out;
64a284d0 4825 lock_sop = lockowner(lock_stp->st_stateowner);
1da177e4 4826
b34f27aa
BF		 4827 lkflg = setlkflg(lock->lk_type);
4828 status = nfs4_check_openmode(lock_stp, lkflg);
4829 if (status)
4830 goto out;
4831
0dd395dc 4832 status = nfserr_grace;
3320fef1 4833 if (locks_in_grace(net) && !lock->lk_reclaim)
0dd395dc
N		 4834 goto out;
4835 status = nfserr_no_grace;
3320fef1 4836 if (!locks_in_grace(net) && lock->lk_reclaim)
0dd395dc
N		 4837 goto out;
4838
21179d81
JL		 4839 file_lock = locks_alloc_lock();
4840 if (!file_lock) {
4841 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4842 status = nfserr_jukebox;
4843 goto out;
4844 }
4845
7214e860 4846 fp = lock_stp->st_file;
21179d81 4847 locks_init_lock(file_lock);
1da177e4
LT		 4848 switch (lock->lk_type) {
4849 case NFS4_READ_LT:
4850 case NFS4_READW_LT:
7214e860
JL		 4851 spin_lock(&fp->fi_lock);
4852 filp = find_readable_file_locked(fp);
0997b173
BF		 4853 if (filp)
4854 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
7214e860 4855 spin_unlock(&fp->fi_lock);
21179d81 4856 file_lock->fl_type = F_RDLCK;
529d7b2a 4857 break;
1da177e4
LT		 4858 case NFS4_WRITE_LT:
4859 case NFS4_WRITEW_LT:
7214e860
JL		 4860 spin_lock(&fp->fi_lock);
4861 filp = find_writeable_file_locked(fp);
0997b173
BF		 4862 if (filp)
4863 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
7214e860 4864 spin_unlock(&fp->fi_lock);
21179d81 4865 file_lock->fl_type = F_WRLCK;
529d7b2a 4866 break;
1da177e4
LT		 4867 default:
4868 status = nfserr_inval;
4869 goto out;
4870 }
f9d7562f
BF		 4871 if (!filp) {
4872 status = nfserr_openmode;
4873 goto out;
4874 }
21179d81
JL		 4875 file_lock->fl_owner = (fl_owner_t)lock_sop;
4876 file_lock->fl_pid = current->tgid;
4877 file_lock->fl_file = filp;
4878 file_lock->fl_flags = FL_POSIX;
4879 file_lock->fl_lmops = &nfsd_posix_mng_ops;
4880 file_lock->fl_start = lock->lk_offset;
4881 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
4882 nfs4_transform_lock_offset(file_lock);
4883
4884 conflock = locks_alloc_lock();
4885 if (!conflock) {
4886 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4887 status = nfserr_jukebox;
4888 goto out;
4889 }
1da177e4 4890
21179d81 4891 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock);
b8dd7b9a 4892 switch (-err) {
1da177e4 4893 case 0: /* success! */
dcef0413
BF		 4894 update_stateid(&lock_stp->st_stid.sc_stateid);
4895 memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid,
1da177e4 4896 sizeof(stateid_t));
b8dd7b9a 4897 status = 0;
eb76b3fd
AA		 4898 break;
4899 case (EAGAIN): /* conflock holds conflicting lock */
4900 status = nfserr_denied;
4901 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
21179d81 4902 nfs4_set_lock_denied(conflock, &lock->lk_denied);
eb76b3fd 4903 break;
1da177e4
LT		 4904 case (EDEADLK):
4905 status = nfserr_deadlock;
eb76b3fd 4906 break;
3e772463 4907 default:
fd85b817 4908 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
3e772463 4909 status = nfserrno(err);
eb76b3fd 4910 break;
1da177e4 4911 }
1da177e4 4912out:
de18643d
TM		 4913 if (filp)
4914 fput(filp);
64a284d0 4915 if (status && new_state)
c53530da 4916 release_lock_stateid(lock_stp);
9411b1d4 4917 nfsd4_bump_seqid(cstate, status);
5ec094c1
BF		 4918 if (!cstate->replay_owner)
4919 nfs4_unlock_state();
21179d81
JL		 4920 if (file_lock)
4921 locks_free_lock(file_lock);
4922 if (conflock)
4923 locks_free_lock(conflock);
1da177e4
LT		 4924 return status;
4925}
4926
55ef1274
BF		 4927/*
4928 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
4929 * so we do a temporary open here just to get an open file to pass to
4930 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
4931 * inode operation.)
4932 */
04da6e9d 4933static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
55ef1274
BF		 4934{
4935 struct file *file;
04da6e9d
AV		 4936 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
4937 if (!err) {
4938 err = nfserrno(vfs_test_lock(file, lock));
4939 nfsd_close(file);
4940 }
55ef1274
BF		 4941 return err;
4942}
4943
1da177e4
LT		 4944/*
4945 * LOCKT operation
4946 */
b37ad28b 4947__be32
ca364317
BF		 4948nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4949 struct nfsd4_lockt *lockt)
1da177e4 4950{
21179d81 4951 struct file_lock *file_lock = NULL;
fe0750e5 4952 struct nfs4_lockowner *lo;
b37ad28b 4953 __be32 status;
7f2210fa 4954 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4955
5ccb0066 4956 if (locks_in_grace(SVC_NET(rqstp)))
1da177e4
LT		 4957 return nfserr_grace;
4958
4959 if (check_lock_length(lockt->lt_offset, lockt->lt_length))
4960 return nfserr_inval;
4961
1da177e4
LT		 4962 nfs4_lock_state();
4963
9b2ef62b 4964 if (!nfsd4_has_session(cstate)) {
4b24ca7d 4965 status = lookup_clientid(&lockt->lt_clientid, cstate, nn);
9b2ef62b
BF		 4966 if (status)
4967 goto out;
4968 }
1da177e4 4969
75c096f7 4970 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
1da177e4 4971 goto out;
1da177e4 4972
21179d81
JL		 4973 file_lock = locks_alloc_lock();
4974 if (!file_lock) {
4975 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4976 status = nfserr_jukebox;
4977 goto out;
4978 }
4979 locks_init_lock(file_lock);
1da177e4
LT		 4980 switch (lockt->lt_type) {
4981 case NFS4_READ_LT:
4982 case NFS4_READW_LT:
21179d81 4983 file_lock->fl_type = F_RDLCK;
1da177e4
LT		 4984 break;
4985 case NFS4_WRITE_LT:
4986 case NFS4_WRITEW_LT:
21179d81 4987 file_lock->fl_type = F_WRLCK;
1da177e4
LT		 4988 break;
4989 default:
2fdada03 4990 dprintk("NFSD: nfs4_lockt: bad lock type!\n");
1da177e4
LT		 4991 status = nfserr_inval;
4992 goto out;
4993 }
4994
b3c32bcd 4995 lo = find_lockowner_str(&lockt->lt_clientid, &lockt->lt_owner, nn);
fe0750e5 4996 if (lo)
21179d81
JL		 4997 file_lock->fl_owner = (fl_owner_t)lo;
4998 file_lock->fl_pid = current->tgid;
4999 file_lock->fl_flags = FL_POSIX;
1da177e4 5000
21179d81
JL		 5001 file_lock->fl_start = lockt->lt_offset;
5002 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
1da177e4 5003
21179d81 5004 nfs4_transform_lock_offset(file_lock);
1da177e4 5005
21179d81 5006 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
04da6e9d 5007 if (status)
fd85b817 5008 goto out;
04da6e9d 5009
21179d81 5010 if (file_lock->fl_type != F_UNLCK) {
1da177e4 5011 status = nfserr_denied;
21179d81 5012 nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
1da177e4
LT		 5013 }
5014out:
5015 nfs4_unlock_state();
21179d81
JL		 5016 if (file_lock)
5017 locks_free_lock(file_lock);
1da177e4
LT		 5018 return status;
5019}
5020
b37ad28b 5021__be32
ca364317 5022nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 5023 struct nfsd4_locku *locku)
1da177e4 5024{
dcef0413 5025 struct nfs4_ol_stateid *stp;
1da177e4 5026 struct file *filp = NULL;
21179d81 5027 struct file_lock *file_lock = NULL;
b37ad28b 5028 __be32 status;
b8dd7b9a 5029 int err;
3320fef1
SK		 5030 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5031
1da177e4
LT		 5032 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
5033 (long long) locku->lu_offset,
5034 (long long) locku->lu_length);
5035
5036 if (check_lock_length(locku->lu_offset, locku->lu_length))
5037 return nfserr_inval;
5038
5039 nfs4_lock_state();
5040
9072d5c6 5041 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
3320fef1
SK		 5042 &locku->lu_stateid, NFS4_LOCK_STID,
5043 &stp, nn);
9072d5c6 5044 if (status)
1da177e4 5045 goto out;
f9d7562f
BF		 5046 filp = find_any_file(stp->st_file);
5047 if (!filp) {
5048 status = nfserr_lock_range;
5049 goto out;
5050 }
21179d81
JL		 5051 file_lock = locks_alloc_lock();
5052 if (!file_lock) {
5053 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5054 status = nfserr_jukebox;
de18643d 5055 goto fput;
21179d81
JL		 5056 }
5057 locks_init_lock(file_lock);
5058 file_lock->fl_type = F_UNLCK;
0a262ffb 5059 file_lock->fl_owner = (fl_owner_t)lockowner(stp->st_stateowner);
21179d81
JL		 5060 file_lock->fl_pid = current->tgid;
5061 file_lock->fl_file = filp;
5062 file_lock->fl_flags = FL_POSIX;
5063 file_lock->fl_lmops = &nfsd_posix_mng_ops;
5064 file_lock->fl_start = locku->lu_offset;
5065
5066 file_lock->fl_end = last_byte_offset(locku->lu_offset,
5067 locku->lu_length);
5068 nfs4_transform_lock_offset(file_lock);
1da177e4 5069
21179d81 5070 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL);
b8dd7b9a 5071 if (err) {
fd85b817 5072 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
1da177e4
LT		 5073 goto out_nfserr;
5074 }
dcef0413
BF		 5075 update_stateid(&stp->st_stid.sc_stateid);
5076 memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
de18643d
TM		 5077fput:
5078 fput(filp);
1da177e4 5079out:
9411b1d4 5080 nfsd4_bump_seqid(cstate, status);
71c3bcd7
BF		 5081 if (!cstate->replay_owner)
5082 nfs4_unlock_state();
21179d81
JL		 5083 if (file_lock)
5084 locks_free_lock(file_lock);
1da177e4
LT		 5085 return status;
5086
5087out_nfserr:
b8dd7b9a 5088 status = nfserrno(err);
de18643d 5089 goto fput;
1da177e4
LT		 5090}
5091
5092/*
5093 * returns
f9c00c3a
JL		 5094 * true: locks held by lockowner
5095 * false: no locks held by lockowner
1da177e4 5096 */
f9c00c3a
JL		 5097static bool
5098check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner)
1da177e4
LT		 5099{
5100 struct file_lock **flpp;
f9c00c3a
JL		 5101 int status = false;
5102 struct file *filp = find_any_file(fp);
5103 struct inode *inode;
5104
5105 if (!filp) {
5106 /* Any valid lock stateid should have some sort of access */
5107 WARN_ON_ONCE(1);
5108 return status;
5109 }
5110
5111 inode = file_inode(filp);
1da177e4 5112
1c8c601a 5113 spin_lock(&inode->i_lock);
1da177e4 5114 for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) {
796dadfd 5115 if ((*flpp)->fl_owner == (fl_owner_t)lowner) {
f9c00c3a
JL		 5116 status = true;
5117 break;
796dadfd 5118 }
1da177e4 5119 }
1c8c601a 5120 spin_unlock(&inode->i_lock);
f9c00c3a 5121 fput(filp);
1da177e4
LT		 5122 return status;
5123}
5124
b37ad28b 5125__be32
b591480b
BF		 5126nfsd4_release_lockowner(struct svc_rqst *rqstp,
5127 struct nfsd4_compound_state *cstate,
5128 struct nfsd4_release_lockowner *rlockowner)
1da177e4
LT		 5129{
5130 clientid_t *clid = &rlockowner->rl_clientid;
fd44907c 5131 struct nfs4_stateowner *sop = NULL, *tmp;
fe0750e5 5132 struct nfs4_lockowner *lo;
dcef0413 5133 struct nfs4_ol_stateid *stp;
1da177e4 5134 struct xdr_netobj *owner = &rlockowner->rl_owner;
16bfdaaf 5135 unsigned int hashval = ownerstr_hashval(clid->cl_id, owner);
b37ad28b 5136 __be32 status;
7f2210fa 5137 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4
LT		 5138
5139 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
5140 clid->cl_boot, clid->cl_id);
5141
1da177e4
LT		 5142 nfs4_lock_state();
5143
4b24ca7d 5144 status = lookup_clientid(clid, cstate, nn);
9b2ef62b
BF		 5145 if (status)
5146 goto out;
5147
3e9e3dbe 5148 status = nfserr_locks_held;
06f1f864 5149
fd44907c
JL		 5150 /* Find the matching lock stateowner */
5151 list_for_each_entry(tmp, &nn->ownerstr_hashtbl[hashval], so_strhash) {
5152 if (tmp->so_is_open_owner)
06f1f864 5153 continue;
fd44907c
JL		 5154 if (same_owner_str(tmp, owner, clid)) {
5155 sop = tmp;
5156 break;
1da177e4 5157 }
3e9e3dbe 5158 }
fd44907c
JL		 5159
5160 /* No matching owner found, maybe a replay? Just declare victory... */
5161 if (!sop) {
5162 status = nfs_ok;
5163 goto out;
5164 }
5165
5166 lo = lockowner(sop);
5167 /* see if there are still any locks associated with it */
5168 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) {
5169 if (check_for_locks(stp->st_file, lo))
5170 goto out;
1da177e4 5171 }
fd44907c
JL		 5172
5173 status = nfs_ok;
5174 release_lockowner(lo);
1da177e4
LT		 5175out:
5176 nfs4_unlock_state();
5177 return status;
5178}
5179
5180static inline struct nfs4_client_reclaim *
a55370a3 5181alloc_reclaim(void)
1da177e4 5182{
a55370a3 5183 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
1da177e4
LT		 5184}
5185
0ce0c2b5 5186bool
52e19c09 5187nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn)
c7b9a459 5188{
0ce0c2b5 5189 struct nfs4_client_reclaim *crp;
c7b9a459 5190
52e19c09 5191 crp = nfsd4_find_reclaim_client(name, nn);
0ce0c2b5 5192 return (crp && crp->cr_clp);
c7b9a459
N		 5193}
5194
1da177e4
LT		 5195/*
5196 * failure => all reset bets are off, nfserr_no_grace...
5197 */
772a9bbb 5198struct nfs4_client_reclaim *
52e19c09 5199nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn)
1da177e4
LT		 5200{
5201 unsigned int strhashval;
772a9bbb 5202 struct nfs4_client_reclaim *crp;
1da177e4 5203
a55370a3
N		 5204 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
5205 crp = alloc_reclaim();
772a9bbb
JL		 5206 if (crp) {
5207 strhashval = clientstr_hashval(name);
5208 INIT_LIST_HEAD(&crp->cr_strhash);
52e19c09 5209 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]);
772a9bbb 5210 memcpy(crp->cr_recdir, name, HEXDIR_LEN);
0ce0c2b5 5211 crp->cr_clp = NULL;
52e19c09 5212 nn->reclaim_str_hashtbl_size++;
772a9bbb
JL		 5213 }
5214 return crp;
1da177e4
LT		 5215}
5216
ce30e539 5217void
52e19c09 5218nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn)
ce30e539
JL		 5219{
5220 list_del(&crp->cr_strhash);
5221 kfree(crp);
52e19c09 5222 nn->reclaim_str_hashtbl_size--;
ce30e539
JL		 5223}
5224
2a4317c5 5225void
52e19c09 5226nfs4_release_reclaim(struct nfsd_net *nn)
1da177e4
LT		 5227{
5228 struct nfs4_client_reclaim *crp = NULL;
5229 int i;
5230
1da177e4 5231 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
52e19c09
SK		 5232 while (!list_empty(&nn->reclaim_str_hashtbl[i])) {
5233 crp = list_entry(nn->reclaim_str_hashtbl[i].next,
1da177e4 5234 struct nfs4_client_reclaim, cr_strhash);
52e19c09 5235 nfs4_remove_reclaim_record(crp, nn);
1da177e4
LT		 5236 }
5237 }
063b0fb9 5238 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size);
1da177e4
LT		 5239}
5240
5241/*
5242 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
2a4317c5 5243struct nfs4_client_reclaim *
52e19c09 5244nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn)
1da177e4
LT		 5245{
5246 unsigned int strhashval;
1da177e4
LT		 5247 struct nfs4_client_reclaim *crp = NULL;
5248
278c931c 5249 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir);
1da177e4 5250
278c931c 5251 strhashval = clientstr_hashval(recdir);
52e19c09 5252 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) {
278c931c 5253 if (same_name(crp->cr_recdir, recdir)) {
1da177e4
LT		 5254 return crp;
5255 }
5256 }
5257 return NULL;
5258}
5259
5260/*
5261* Called from OPEN. Look for clientid in reclaim list.
5262*/
b37ad28b 5263__be32
0fe492db
TM		 5264nfs4_check_open_reclaim(clientid_t *clid,
5265 struct nfsd4_compound_state *cstate,
5266 struct nfsd_net *nn)
1da177e4 5267{
0fe492db 5268 __be32 status;
a52d726b
JL		 5269
5270 /* find clientid in conf_id_hashtbl */
0fe492db
TM		 5271 status = lookup_clientid(clid, cstate, nn);
5272 if (status)
a52d726b
JL		 5273 return nfserr_reclaim_bad;
5274
0fe492db
TM		 5275 if (nfsd4_client_record_check(cstate->clp))
5276 return nfserr_reclaim_bad;
5277
5278 return nfs_ok;
1da177e4
LT		 5279}
5280
65178db4
BS		 5281#ifdef CONFIG_NFSD_FAULT_INJECTION
5282
44e34da6
BS		 5283u64 nfsd_forget_client(struct nfs4_client *clp, u64 max)
5284{
221a6876
BF		 5285 if (mark_client_expired(clp))
5286 return 0;
44e34da6
BS		 5287 expire_client(clp);
5288 return 1;
5289}
5290
184c1847
BS		 5291u64 nfsd_print_client(struct nfs4_client *clp, u64 num)
5292{
5293 char buf[INET6_ADDRSTRLEN];
0a5c33e2 5294 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 5295 printk(KERN_INFO "NFS Client: %s\n", buf);
5296 return 1;
5297}
5298
5299static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
5300 const char *type)
5301{
5302 char buf[INET6_ADDRSTRLEN];
0a5c33e2 5303 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 5304 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
5305}
5306
3c87b9b7
TM		 5307static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max,
5308 void (*func)(struct nfs4_ol_stateid *))
fc29171f
BS		 5309{
5310 struct nfs4_openowner *oop;
fc29171f 5311 struct nfs4_ol_stateid *stp, *st_next;
3c87b9b7 5312 struct nfs4_ol_stateid *lst, *lst_next;
fc29171f
BS		 5313 u64 count = 0;
5314
5315 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) {
3c87b9b7
TM		 5316 list_for_each_entry_safe(stp, st_next,
5317 &oop->oo_owner.so_stateids, st_perstateowner) {
5318 list_for_each_entry_safe(lst, lst_next,
5319 &stp->st_locks, st_locks) {
fc29171f 5320 if (func)
3c87b9b7 5321 func(lst);
fc29171f
BS		 5322 if (++count == max)
5323 return count;
5324 }
5325 }
5326 }
5327
5328 return count;
5329}
5330
5331u64 nfsd_forget_client_locks(struct nfs4_client *clp, u64 max)
5332{
3c87b9b7 5333 return nfsd_foreach_client_lock(clp, max, release_lock_stateid);
fc29171f
BS		 5334}
5335
184c1847
BS		 5336u64 nfsd_print_client_locks(struct nfs4_client *clp, u64 max)
5337{
5338 u64 count = nfsd_foreach_client_lock(clp, max, NULL);
5339 nfsd_print_count(clp, count, "locked files");
5340 return count;
5341}
5342
4dbdbda8
BS		 5343static u64 nfsd_foreach_client_open(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_openowner *))
5344{
5345 struct nfs4_openowner *oop, *next;
5346 u64 count = 0;
5347
5348 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) {
5349 if (func)
5350 func(oop);
5351 if (++count == max)
5352 break;
5353 }
5354
5355 return count;
5356}
5357
5358u64 nfsd_forget_client_openowners(struct nfs4_client *clp, u64 max)
5359{
5360 return nfsd_foreach_client_open(clp, max, release_openowner);
5361}
5362
184c1847
BS		 5363u64 nfsd_print_client_openowners(struct nfs4_client *clp, u64 max)
5364{
5365 u64 count = nfsd_foreach_client_open(clp, max, NULL);
5366 nfsd_print_count(clp, count, "open files");
5367 return count;
5368}
5369
269de30f
BS		 5370static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max,
5371 struct list_head *victims)
5372{
5373 struct nfs4_delegation *dp, *next;
5374 u64 count = 0;
5375
cdc97505 5376 lockdep_assert_held(&state_lock);
269de30f 5377 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) {
dff1399f
JL		 5378 if (victims) {
5379 /*
5380 * It's not safe to mess with delegations that have a
5381 * non-zero dl_time. They might have already been broken
5382 * and could be processed by the laundromat outside of
5383 * the state_lock. Just leave them be.
5384 */
5385 if (dp->dl_time != 0)
5386 continue;
5387
42690676
JL		 5388 unhash_delegation_locked(dp);
5389 list_add(&dp->dl_recall_lru, victims);
dff1399f 5390 }
269de30f
BS		 5391 if (++count == max)
5392 break;
5393 }
5394 return count;
5395}
5396
5397u64 nfsd_forget_client_delegations(struct nfs4_client *clp, u64 max)
5398{
5399 struct nfs4_delegation *dp, *next;
5400 LIST_HEAD(victims);
5401 u64 count;
5402
cdc97505 5403 spin_lock(&state_lock);
269de30f 5404 count = nfsd_find_all_delegations(clp, max, &victims);
cdc97505 5405 spin_unlock(&state_lock);
269de30f 5406
2d4a532d
JL		 5407 list_for_each_entry_safe(dp, next, &victims, dl_recall_lru) {
5408 list_del_init(&dp->dl_recall_lru);
3bd64a5b 5409 revoke_delegation(dp);
2d4a532d 5410 }
269de30f
BS		 5411
5412 return count;
5413}
5414
5415u64 nfsd_recall_client_delegations(struct nfs4_client *clp, u64 max)
5416{
dff1399f 5417 struct nfs4_delegation *dp;
269de30f
BS		 5418 LIST_HEAD(victims);
5419 u64 count;
5420
cdc97505 5421 spin_lock(&state_lock);
269de30f 5422 count = nfsd_find_all_delegations(clp, max, &victims);
dff1399f
JL		 5423 while (!list_empty(&victims)) {
5424 dp = list_first_entry(&victims, struct nfs4_delegation,
5425 dl_recall_lru);
5426 list_del_init(&dp->dl_recall_lru);
5427 dp->dl_time = 0;
269de30f 5428 nfsd_break_one_deleg(dp);
dff1399f 5429 }
cdc97505 5430 spin_unlock(&state_lock);
269de30f
BS		 5431
5432 return count;
5433}
5434
184c1847
BS		 5435u64 nfsd_print_client_delegations(struct nfs4_client *clp, u64 max)
5436{
5437 u64 count = 0;
5438
cdc97505 5439 spin_lock(&state_lock);
184c1847 5440 count = nfsd_find_all_delegations(clp, max, NULL);
cdc97505 5441 spin_unlock(&state_lock);
184c1847
BS		 5442
5443 nfsd_print_count(clp, count, "delegations");
5444 return count;
5445}
5446
44e34da6 5447u64 nfsd_for_n_state(u64 max, u64 (*func)(struct nfs4_client *, u64))
65178db4
BS		 5448{
5449 struct nfs4_client *clp, *next;
44e34da6 5450 u64 count = 0;
3320fef1 5451 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
65178db4 5452
44e34da6
BS		 5453 if (!nfsd_netns_ready(nn))
5454 return 0;
5455
5ed58bb2 5456 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
44e34da6
BS		 5457 count += func(clp, max - count);
5458 if ((max != 0) && (count >= max))
65178db4
BS		 5459 break;
5460 }
65178db4 5461
44e34da6
BS		 5462 return count;
5463}
5464
6c1e82a4
BS		 5465struct nfs4_client *nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size)
5466{
5467 struct nfs4_client *clp;
5468 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
5469
5470 if (!nfsd_netns_ready(nn))
5471 return NULL;
5472
5473 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
5474 if (memcmp(&clp->cl_addr, addr, addr_size) == 0)
5475 return clp;
5476 }
5477 return NULL;
5478}
5479
65178db4
BS		 5480#endif /* CONFIG_NFSD_FAULT_INJECTION */
5481
c2f1a551
MS		 5482/*
5483 * Since the lifetime of a delegation isn't limited to that of an open, a
5484 * client may quite reasonably hang on to a delegation as long as it has
5485 * the inode cached. This becomes an obvious problem the first time a
5486 * client's inode cache approaches the size of the server's total memory.
5487 *
5488 * For now we avoid this problem by imposing a hard limit on the number
5489 * of delegations, which varies according to the server's memory size.
5490 */
5491static void
5492set_max_delegations(void)
5493{
5494 /*
5495 * Allow at most 4 delegations per megabyte of RAM. Quick
5496 * estimates suggest that in the worst case (where every delegation
5497 * is for a different inode), a delegation could take about 1.5K,
5498 * giving a worst case usage of about 6% of memory.
5499 */
5500 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
5501}
5502
d85ed443 5503static int nfs4_state_create_net(struct net *net)
8daae4dc
SK		 5504{
5505 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5506 int i;
5507
5508 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) *
5509 CLIENT_HASH_SIZE, GFP_KERNEL);
5510 if (!nn->conf_id_hashtbl)
382a62e7 5511 goto err;
0a7ec377
SK		 5512 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) *
5513 CLIENT_HASH_SIZE, GFP_KERNEL);
5514 if (!nn->unconf_id_hashtbl)
5515 goto err_unconf_id;
9b531137
SK		 5516 nn->ownerstr_hashtbl = kmalloc(sizeof(struct list_head) *
5517 OWNER_HASH_SIZE, GFP_KERNEL);
5518 if (!nn->ownerstr_hashtbl)
5519 goto err_ownerstr;
1872de0e
SK		 5520 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) *
5521 SESSION_HASH_SIZE, GFP_KERNEL);
5522 if (!nn->sessionid_hashtbl)
5523 goto err_sessionid;
8daae4dc 5524
382a62e7 5525 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
8daae4dc 5526 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]);
0a7ec377 5527 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]);
382a62e7 5528 }
9b531137
SK		 5529 for (i = 0; i < OWNER_HASH_SIZE; i++)
5530 INIT_LIST_HEAD(&nn->ownerstr_hashtbl[i]);
1872de0e
SK		 5531 for (i = 0; i < SESSION_HASH_SIZE; i++)
5532 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]);
382a62e7 5533 nn->conf_name_tree = RB_ROOT;
a99454aa 5534 nn->unconf_name_tree = RB_ROOT;
5ed58bb2 5535 INIT_LIST_HEAD(&nn->client_lru);
73758fed 5536 INIT_LIST_HEAD(&nn->close_lru);
e8c69d17 5537 INIT_LIST_HEAD(&nn->del_recall_lru);
c9a49628 5538 spin_lock_init(&nn->client_lock);
8daae4dc 5539
09121281 5540 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main);
d85ed443 5541 get_net(net);
09121281 5542
8daae4dc 5543 return 0;
382a62e7 5544
1872de0e 5545err_sessionid:
20e9e2bc 5546 kfree(nn->ownerstr_hashtbl);
9b531137
SK		 5547err_ownerstr:
5548 kfree(nn->unconf_id_hashtbl);
0a7ec377
SK		 5549err_unconf_id:
5550 kfree(nn->conf_id_hashtbl);
382a62e7
SK		 5551err:
5552 return -ENOMEM;
8daae4dc
SK		 5553}
5554
5555static void
4dce0ac9 5556nfs4_state_destroy_net(struct net *net)
8daae4dc
SK		 5557{
5558 int i;
5559 struct nfs4_client *clp = NULL;
5560 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5561
5562 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
5563 while (!list_empty(&nn->conf_id_hashtbl[i])) {
5564 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
5565 destroy_client(clp);
5566 }
5567 }
a99454aa 5568
2b905635
KM		 5569 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
5570 while (!list_empty(&nn->unconf_id_hashtbl[i])) {
5571 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
5572 destroy_client(clp);
5573 }
a99454aa
SK		 5574 }
5575
1872de0e 5576 kfree(nn->sessionid_hashtbl);
9b531137 5577 kfree(nn->ownerstr_hashtbl);
0a7ec377 5578 kfree(nn->unconf_id_hashtbl);
8daae4dc 5579 kfree(nn->conf_id_hashtbl);
4dce0ac9 5580 put_net(net);
8daae4dc
SK		 5581}
5582
f252bc68 5583int
d85ed443 5584nfs4_state_start_net(struct net *net)
ac4d8ff2 5585{
5e1533c7 5586 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b5a1a81e
BF		 5587 int ret;
5588
d85ed443 5589 ret = nfs4_state_create_net(net);
8daae4dc
SK		 5590 if (ret)
5591 return ret;
5e1533c7 5592 nfsd4_client_tracking_init(net);
2c142baa 5593 nn->boot_time = get_seconds();
5ccb0066 5594 locks_start_grace(net, &nn->nfsd4_manager);
a51c84ed 5595 nn->grace_ended = false;
d85ed443 5596 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %p)\n",
5284b44e
SK		 5597 nn->nfsd4_grace, net);
5598 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ);
d85ed443
SK		 5599 return 0;
5600}
5601
5602/* initialization to perform when the nfsd service is started: */
5603
5604int
5605nfs4_state_start(void)
5606{
5607 int ret;
5608
b5a1a81e 5609 ret = set_callback_cred();
d85ed443
SK		 5610 if (ret)
5611 return -ENOMEM;
58da282b 5612 laundry_wq = create_singlethread_workqueue("nfsd4");
a6d6b781
JL		 5613 if (laundry_wq == NULL) {
5614 ret = -ENOMEM;
5615 goto out_recovery;
5616 }
b5a1a81e
BF		 5617 ret = nfsd4_create_callback_queue();
5618 if (ret)
5619 goto out_free_laundry;
09121281 5620
c2f1a551 5621 set_max_delegations();
d85ed443 5622
b5a1a81e 5623 return 0;
d85ed443 5624
b5a1a81e
BF		 5625out_free_laundry:
5626 destroy_workqueue(laundry_wq);
a6d6b781 5627out_recovery:
b5a1a81e 5628 return ret;
1da177e4
LT		 5629}
5630
f252bc68 5631void
4dce0ac9 5632nfs4_state_shutdown_net(struct net *net)
1da177e4 5633{
1da177e4 5634 struct nfs4_delegation *dp = NULL;
1da177e4 5635 struct list_head *pos, *next, reaplist;
4dce0ac9 5636 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 5637
4dce0ac9
SK		 5638 cancel_delayed_work_sync(&nn->laundromat_work);
5639 locks_end_grace(&nn->nfsd4_manager);
ac55fdc4 5640
e50a26dc 5641 nfs4_lock_state();
1da177e4 5642 INIT_LIST_HEAD(&reaplist);
cdc97505 5643 spin_lock(&state_lock);
e8c69d17 5644 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 5645 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 5646 unhash_delegation_locked(dp);
5647 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 5648 }
cdc97505 5649 spin_unlock(&state_lock);
1da177e4
LT		 5650 list_for_each_safe(pos, next, &reaplist) {
5651 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 5652 list_del_init(&dp->dl_recall_lru);
5653 nfs4_put_delegation(dp);
1da177e4
LT		 5654 }
5655
3320fef1 5656 nfsd4_client_tracking_exit(net);
4dce0ac9 5657 nfs4_state_destroy_net(net);
e50a26dc 5658 nfs4_unlock_state();
1da177e4
LT		 5659}
5660
5661void
5662nfs4_state_shutdown(void)
5663{
5e8d5c29 5664 destroy_workqueue(laundry_wq);
c3935e30 5665 nfsd4_destroy_callback_queue();
1da177e4 5666}
8b70484c
TM		 5667
5668static void
5669get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
5670{
37c593c5
TM		 5671 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
5672 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
8b70484c
TM		 5673}
5674
5675static void
5676put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
5677{
37c593c5
TM		 5678 if (cstate->minorversion) {
5679 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
5680 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
5681 }
5682}
5683
5684void
5685clear_current_stateid(struct nfsd4_compound_state *cstate)
5686{
5687 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
8b70484c
TM		 5688}
5689
62cd4a59
TM		 5690/*
5691 * functions to set current state id
5692 */
9428fe1a
TM		 5693void
5694nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
5695{
5696 put_stateid(cstate, &odp->od_stateid);
5697}
5698
8b70484c
TM		 5699void
5700nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
5701{
5702 put_stateid(cstate, &open->op_stateid);
5703}
5704
62cd4a59
TM		 5705void
5706nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
5707{
5708 put_stateid(cstate, &close->cl_stateid);
5709}
5710
5711void
5712nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
5713{
5714 put_stateid(cstate, &lock->lk_resp_stateid);
5715}
5716
5717/*
5718 * functions to consume current state id
5719 */
1e97b519 5720
9428fe1a
TM		 5721void
5722nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
5723{
5724 get_stateid(cstate, &odp->od_stateid);
5725}
5726
5727void
5728nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
5729{
5730 get_stateid(cstate, &drp->dr_stateid);
5731}
5732
1e97b519
TM		 5733void
5734nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
5735{
5736 get_stateid(cstate, &fsp->fr_stateid);
5737}
5738
5739void
5740nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
5741{
5742 get_stateid(cstate, &setattr->sa_stateid);
5743}
5744
8b70484c
TM		 5745void
5746nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
5747{
5748 get_stateid(cstate, &close->cl_stateid);
5749}
5750
5751void
62cd4a59 5752nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
8b70484c 5753{
62cd4a59 5754 get_stateid(cstate, &locku->lu_stateid);
8b70484c 5755}
30813e27
TM		 5756
5757void
5758nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
5759{
5760 get_stateid(cstate, &read->rd_stateid);
5761}
5762
5763void
5764nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
5765{
5766 get_stateid(cstate, &write->wr_stateid);
5767}
Ubuntu Artful kernel mirror