]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/blame - fs/nfsd/nfs4state.c
projects / mirror_ubuntu-hirsute-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nfsd: ensure that the ol stateid hash reference is only put once
[mirror_ubuntu-hirsute-kernel.git] / fs / nfsd / nfs4state.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2* Copyright (c) 2001 The Regents of the University of Michigan.
3* All rights reserved.
4*
5* Kendrick Smith <kmsmith@umich.edu>
6* Andy Adamson <kandros@umich.edu>
7*
8* Redistribution and use in source and binary forms, with or without
9* modification, are permitted provided that the following conditions
10* are met:
11*
12* 1. Redistributions of source code must retain the above copyright
13* notice, this list of conditions and the following disclaimer.
14* 2. Redistributions in binary form must reproduce the above copyright
15* notice, this list of conditions and the following disclaimer in the
16* documentation and/or other materials provided with the distribution.
17* 3. Neither the name of the University nor the names of its
18* contributors may be used to endorse or promote products derived
19* from this software without specific prior written permission.
20*
21* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32*
33*/
34
aceaf78d 35#include <linux/file.h>
b89f4321 36#include <linux/fs.h>
5a0e3ad6 37#include <linux/slab.h>
0964a3d3 38#include <linux/namei.h>
c2f1a551 39#include <linux/swap.h>
17456804 40#include <linux/pagemap.h>
7df302f7 41#include <linux/ratelimit.h>
68e76ad0 42#include <linux/sunrpc/svcauth_gss.h>
5976687a 43#include <linux/sunrpc/addr.h>
87545899 44#include <linux/jhash.h>
9a74af21 45#include "xdr4.h"
06b332a5 46#include "xdr4cb.h"
0a3adade 47#include "vfs.h"
bfa4b365 48#include "current_stateid.h"
1da177e4 49
5e1533c7 50#include "netns.h"
9cf514cc 51#include "pnfs.h"
5e1533c7 52
1da177e4
LT		 53#define NFSDDBG_FACILITY NFSDDBG_PROC
54
f32f3c2d
BF		 55#define all_ones {{~0,~0},~0}
56static const stateid_t one_stateid = {
57 .si_generation = ~0,
58 .si_opaque = all_ones,
59};
60static const stateid_t zero_stateid = {
61 /* all fields zero */
62};
19ff0f28
TM		 63static const stateid_t currentstateid = {
64 .si_generation = 1,
65};
f32f3c2d 66
ec6b5d7b 67static u64 current_sessionid = 1;
fd39ca9a 68
f32f3c2d
BF		 69#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
70#define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
19ff0f28 71#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
1da177e4 72
1da177e4 73/* forward declarations */
f9c00c3a 74static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner);
6011695d 75static void nfs4_free_ol_stateid(struct nfs4_stid *stid);
1da177e4 76
8b671b80
BF		 77/* Locking: */
78
8b671b80
BF		 79/*
80 * Currently used for the del_recall_lru and file hash table. In an
81 * effort to decrease the scope of the client_mutex, this spinlock may
82 * eventually cover more:
83 */
cdc97505 84static DEFINE_SPINLOCK(state_lock);
8b671b80 85
b401be22
JL		 86/*
87 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for
88 * the refcount on the open stateid to drop.
89 */
90static DECLARE_WAIT_QUEUE_HEAD(close_wq);
91
abf1135b
CH		 92static struct kmem_cache *openowner_slab;
93static struct kmem_cache *lockowner_slab;
94static struct kmem_cache *file_slab;
95static struct kmem_cache *stateid_slab;
96static struct kmem_cache *deleg_slab;
8287f009 97static struct kmem_cache *odstate_slab;
e60d4398 98
66b2b9b2 99static void free_session(struct nfsd4_session *);
508dc6e1 100
0162ac2b
CH		 101static struct nfsd4_callback_ops nfsd4_cb_recall_ops;
102
f0f51f5c 103static bool is_session_dead(struct nfsd4_session *ses)
66b2b9b2 104{
f0f51f5c 105 return ses->se_flags & NFS4_SESSION_DEAD;
66b2b9b2
BF		 106}
107
f0f51f5c 108static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me)
508dc6e1 109{
f0f51f5c 110 if (atomic_read(&ses->se_ref) > ref_held_by_me)
66b2b9b2
BF		 111 return nfserr_jukebox;
112 ses->se_flags |= NFS4_SESSION_DEAD;
113 return nfs_ok;
508dc6e1
BH		 114}
115
221a6876
BF		 116static bool is_client_expired(struct nfs4_client *clp)
117{
118 return clp->cl_time == 0;
119}
120
221a6876
BF		 121static __be32 get_client_locked(struct nfs4_client *clp)
122{
0a880a28
TM		 123 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
124
125 lockdep_assert_held(&nn->client_lock);
126
221a6876
BF		 127 if (is_client_expired(clp))
128 return nfserr_expired;
129 atomic_inc(&clp->cl_refcount);
130 return nfs_ok;
131}
132
133/* must be called under the client_lock */
134static inline void
135renew_client_locked(struct nfs4_client *clp)
136{
137 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
138
139 if (is_client_expired(clp)) {
140 WARN_ON(1);
141 printk("%s: client (clientid %08x/%08x) already expired\n",
142 __func__,
143 clp->cl_clientid.cl_boot,
144 clp->cl_clientid.cl_id);
145 return;
146 }
147
148 dprintk("renewing client (clientid %08x/%08x)\n",
149 clp->cl_clientid.cl_boot,
150 clp->cl_clientid.cl_id);
151 list_move_tail(&clp->cl_lru, &nn->client_lru);
152 clp->cl_time = get_seconds();
153}
154
ba138435 155static void put_client_renew_locked(struct nfs4_client *clp)
221a6876 156{
0a880a28
TM		 157 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
158
159 lockdep_assert_held(&nn->client_lock);
160
221a6876
BF		 161 if (!atomic_dec_and_test(&clp->cl_refcount))
162 return;
163 if (!is_client_expired(clp))
164 renew_client_locked(clp);
165}
166
4b24ca7d
JL		 167static void put_client_renew(struct nfs4_client *clp)
168{
169 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
170
d6c249b4
JL		 171 if (!atomic_dec_and_lock(&clp->cl_refcount, &nn->client_lock))
172 return;
173 if (!is_client_expired(clp))
174 renew_client_locked(clp);
4b24ca7d
JL		 175 spin_unlock(&nn->client_lock);
176}
177
d4e19e70
TM		 178static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses)
179{
180 __be32 status;
181
182 if (is_session_dead(ses))
183 return nfserr_badsession;
184 status = get_client_locked(ses->se_client);
185 if (status)
186 return status;
187 atomic_inc(&ses->se_ref);
188 return nfs_ok;
189}
190
191static void nfsd4_put_session_locked(struct nfsd4_session *ses)
192{
193 struct nfs4_client *clp = ses->se_client;
0a880a28
TM		 194 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
195
196 lockdep_assert_held(&nn->client_lock);
d4e19e70
TM		 197
198 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses))
199 free_session(ses);
200 put_client_renew_locked(clp);
201}
202
203static void nfsd4_put_session(struct nfsd4_session *ses)
204{
205 struct nfs4_client *clp = ses->se_client;
206 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
207
208 spin_lock(&nn->client_lock);
209 nfsd4_put_session_locked(ses);
210 spin_unlock(&nn->client_lock);
211}
212
b5971afa
KM		 213static inline struct nfs4_stateowner *
214nfs4_get_stateowner(struct nfs4_stateowner *sop)
215{
216 atomic_inc(&sop->so_count);
217 return sop;
218}
219
7ffb5880 220static int
d4f0489f 221same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner)
7ffb5880
TM		 222{
223 return (sop->so_owner.len == owner->len) &&
d4f0489f 224 0 == memcmp(sop->so_owner.data, owner->data, owner->len);
7ffb5880
TM		 225}
226
227static struct nfs4_openowner *
228find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open,
d4f0489f 229 struct nfs4_client *clp)
7ffb5880
TM		 230{
231 struct nfs4_stateowner *so;
7ffb5880 232
d4f0489f 233 lockdep_assert_held(&clp->cl_lock);
7ffb5880 234
d4f0489f
TM		 235 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval],
236 so_strhash) {
7ffb5880
TM		 237 if (!so->so_is_open_owner)
238 continue;
b5971afa
KM		 239 if (same_owner_str(so, &open->op_owner))
240 return openowner(nfs4_get_stateowner(so));
7ffb5880
TM		 241 }
242 return NULL;
243}
244
245static struct nfs4_openowner *
246find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open,
d4f0489f 247 struct nfs4_client *clp)
7ffb5880
TM		 248{
249 struct nfs4_openowner *oo;
250
d4f0489f
TM		 251 spin_lock(&clp->cl_lock);
252 oo = find_openstateowner_str_locked(hashval, open, clp);
253 spin_unlock(&clp->cl_lock);
7ffb5880
TM		 254 return oo;
255}
256
1da177e4
LT		 257static inline u32
258opaque_hashval(const void *ptr, int nbytes)
259{
260 unsigned char *cptr = (unsigned char *) ptr;
261
262 u32 x = 0;
263 while (nbytes--) {
264 x *= 37;
265 x += *cptr++;
266 }
267 return x;
268}
269
5b095e99 270static void nfsd4_free_file_rcu(struct rcu_head *rcu)
32513b40 271{
5b095e99
JL		 272 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu);
273
274 kmem_cache_free(file_slab, fp);
32513b40
BF		 275}
276
e6ba76e1 277void
13cd2184
N		 278put_nfs4_file(struct nfs4_file *fi)
279{
02e1215f
JL		 280 might_lock(&state_lock);
281
cdc97505 282 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) {
5b095e99 283 hlist_del_rcu(&fi->fi_hash);
cdc97505 284 spin_unlock(&state_lock);
8287f009 285 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate));
5b095e99
JL		 286 WARN_ON_ONCE(!list_empty(&fi->fi_delegations));
287 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu);
8b671b80 288 }
13cd2184
N		 289}
290
de18643d
TM		 291static struct file *
292__nfs4_get_fd(struct nfs4_file *f, int oflag)
293{
294 if (f->fi_fds[oflag])
295 return get_file(f->fi_fds[oflag]);
296 return NULL;
297}
298
299static struct file *
300find_writeable_file_locked(struct nfs4_file *f)
301{
302 struct file *ret;
303
304 lockdep_assert_held(&f->fi_lock);
305
306 ret = __nfs4_get_fd(f, O_WRONLY);
307 if (!ret)
308 ret = __nfs4_get_fd(f, O_RDWR);
309 return ret;
310}
311
312static struct file *
313find_writeable_file(struct nfs4_file *f)
314{
315 struct file *ret;
316
317 spin_lock(&f->fi_lock);
318 ret = find_writeable_file_locked(f);
319 spin_unlock(&f->fi_lock);
320
321 return ret;
322}
323
324static struct file *find_readable_file_locked(struct nfs4_file *f)
325{
326 struct file *ret;
327
328 lockdep_assert_held(&f->fi_lock);
329
330 ret = __nfs4_get_fd(f, O_RDONLY);
331 if (!ret)
332 ret = __nfs4_get_fd(f, O_RDWR);
333 return ret;
334}
335
336static struct file *
337find_readable_file(struct nfs4_file *f)
338{
339 struct file *ret;
340
341 spin_lock(&f->fi_lock);
342 ret = find_readable_file_locked(f);
343 spin_unlock(&f->fi_lock);
344
345 return ret;
346}
347
4d227fca 348struct file *
de18643d
TM		 349find_any_file(struct nfs4_file *f)
350{
351 struct file *ret;
352
353 spin_lock(&f->fi_lock);
354 ret = __nfs4_get_fd(f, O_RDWR);
355 if (!ret) {
356 ret = __nfs4_get_fd(f, O_WRONLY);
357 if (!ret)
358 ret = __nfs4_get_fd(f, O_RDONLY);
359 }
360 spin_unlock(&f->fi_lock);
361 return ret;
362}
363
02a3508d 364static atomic_long_t num_delegations;
697ce9be 365unsigned long max_delegations;
ef0f3390
N		 366
367/*
368 * Open owner state (share locks)
369 */
370
16bfdaaf
BF		 371/* hash tables for lock and open owners */
372#define OWNER_HASH_BITS 8
373#define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS)
374#define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1)
ef0f3390 375
d4f0489f 376static unsigned int ownerstr_hashval(struct xdr_netobj *ownername)
ddc04c41
BF		 377{
378 unsigned int ret;
379
380 ret = opaque_hashval(ownername->data, ownername->len);
16bfdaaf 381 return ret & OWNER_HASH_MASK;
ddc04c41 382}
ef0f3390 383
ef0f3390
N		 384/* hash table for nfs4_file */
385#define FILE_HASH_BITS 8
386#define FILE_HASH_SIZE (1 << FILE_HASH_BITS)
35079582 387
ca943217 388static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh)
ddc04c41 389{
ca943217
TM		 390 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0);
391}
392
393static unsigned int file_hashval(struct knfsd_fh *fh)
394{
395 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1);
396}
397
89876f8c 398static struct hlist_head file_hashtbl[FILE_HASH_SIZE];
ef0f3390 399
12659651
JL		 400static void
401__nfs4_file_get_access(struct nfs4_file *fp, u32 access)
3477565e 402{
7214e860
JL		 403 lockdep_assert_held(&fp->fi_lock);
404
12659651
JL		 405 if (access & NFS4_SHARE_ACCESS_WRITE)
406 atomic_inc(&fp->fi_access[O_WRONLY]);
407 if (access & NFS4_SHARE_ACCESS_READ)
408 atomic_inc(&fp->fi_access[O_RDONLY]);
3477565e
BF		 409}
410
12659651
JL		 411static __be32
412nfs4_file_get_access(struct nfs4_file *fp, u32 access)
998db52c 413{
7214e860
JL		 414 lockdep_assert_held(&fp->fi_lock);
415
12659651
JL		 416 /* Does this access mode make sense? */
417 if (access & ~NFS4_SHARE_ACCESS_BOTH)
418 return nfserr_inval;
419
baeb4ff0
JL		 420 /* Does it conflict with a deny mode already set? */
421 if ((access & fp->fi_share_deny) != 0)
422 return nfserr_share_denied;
423
12659651
JL		 424 __nfs4_file_get_access(fp, access);
425 return nfs_ok;
998db52c
BF		 426}
427
baeb4ff0
JL		 428static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny)
429{
430 /* Common case is that there is no deny mode. */
431 if (deny) {
432 /* Does this deny mode make sense? */
433 if (deny & ~NFS4_SHARE_DENY_BOTH)
434 return nfserr_inval;
435
436 if ((deny & NFS4_SHARE_DENY_READ) &&
437 atomic_read(&fp->fi_access[O_RDONLY]))
438 return nfserr_share_denied;
439
440 if ((deny & NFS4_SHARE_DENY_WRITE) &&
441 atomic_read(&fp->fi_access[O_WRONLY]))
442 return nfserr_share_denied;
443 }
444 return nfs_ok;
445}
446
998db52c 447static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
f9d7562f 448{
de18643d
TM		 449 might_lock(&fp->fi_lock);
450
451 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) {
452 struct file *f1 = NULL;
453 struct file *f2 = NULL;
454
6d338b51 455 swap(f1, fp->fi_fds[oflag]);
0c7c3e67 456 if (atomic_read(&fp->fi_access[1 - oflag]) == 0)
6d338b51 457 swap(f2, fp->fi_fds[O_RDWR]);
de18643d
TM		 458 spin_unlock(&fp->fi_lock);
459 if (f1)
460 fput(f1);
461 if (f2)
462 fput(f2);
f9d7562f
BF		 463 }
464}
465
12659651 466static void nfs4_file_put_access(struct nfs4_file *fp, u32 access)
998db52c 467{
12659651
JL		 468 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH);
469
470 if (access & NFS4_SHARE_ACCESS_WRITE)
998db52c 471 __nfs4_file_put_access(fp, O_WRONLY);
12659651
JL		 472 if (access & NFS4_SHARE_ACCESS_READ)
473 __nfs4_file_put_access(fp, O_RDONLY);
998db52c
BF		 474}
475
8287f009
SB		 476/*
477 * Allocate a new open/delegation state counter. This is needed for
478 * pNFS for proper return on close semantics.
479 *
480 * Note that we only allocate it for pNFS-enabled exports, otherwise
481 * all pointers to struct nfs4_clnt_odstate are always NULL.
482 */
483static struct nfs4_clnt_odstate *
484alloc_clnt_odstate(struct nfs4_client *clp)
485{
486 struct nfs4_clnt_odstate *co;
487
488 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL);
489 if (co) {
490 co->co_client = clp;
491 atomic_set(&co->co_odcount, 1);
492 }
493 return co;
494}
495
496static void
497hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co)
498{
499 struct nfs4_file *fp = co->co_file;
500
501 lockdep_assert_held(&fp->fi_lock);
502 list_add(&co->co_perfile, &fp->fi_clnt_odstate);
503}
504
505static inline void
506get_clnt_odstate(struct nfs4_clnt_odstate *co)
507{
508 if (co)
509 atomic_inc(&co->co_odcount);
510}
511
512static void
513put_clnt_odstate(struct nfs4_clnt_odstate *co)
514{
515 struct nfs4_file *fp;
516
517 if (!co)
518 return;
519
520 fp = co->co_file;
521 if (atomic_dec_and_lock(&co->co_odcount, &fp->fi_lock)) {
522 list_del(&co->co_perfile);
523 spin_unlock(&fp->fi_lock);
524
525 nfsd4_return_all_file_layouts(co->co_client, fp);
526 kmem_cache_free(odstate_slab, co);
527 }
528}
529
530static struct nfs4_clnt_odstate *
531find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new)
532{
533 struct nfs4_clnt_odstate *co;
534 struct nfs4_client *cl;
535
536 if (!new)
537 return NULL;
538
539 cl = new->co_client;
540
541 spin_lock(&fp->fi_lock);
542 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) {
543 if (co->co_client == cl) {
544 get_clnt_odstate(co);
545 goto out;
546 }
547 }
548 co = new;
549 co->co_file = fp;
550 hash_clnt_odstate_locked(new);
551out:
552 spin_unlock(&fp->fi_lock);
553 return co;
554}
555
cd61c522 556struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl,
6011695d 557 struct kmem_cache *slab)
2a74aba7 558{
3abdb607 559 struct nfs4_stid *stid;
6136d2b4 560 int new_id;
2a74aba7 561
f8338834 562 stid = kmem_cache_zalloc(slab, GFP_KERNEL);
3abdb607
BF		 563 if (!stid)
564 return NULL;
565
4770d722
JL		 566 idr_preload(GFP_KERNEL);
567 spin_lock(&cl->cl_lock);
568 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT);
569 spin_unlock(&cl->cl_lock);
570 idr_preload_end();
ebd6c707 571 if (new_id < 0)
3abdb607 572 goto out_free;
2a74aba7 573 stid->sc_client = cl;
3abdb607
BF		 574 stid->sc_stateid.si_opaque.so_id = new_id;
575 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid;
2a74aba7 576 /* Will be incremented before return to client: */
72c0b0fb 577 atomic_set(&stid->sc_count, 1);
996e0938 578
996e0938 579 /*
3abdb607
BF		 580 * It shouldn't be a problem to reuse an opaque stateid value.
581 * I don't think it is for 4.1. But with 4.0 I worry that, for
582 * example, a stray write retransmission could be accepted by
583 * the server when it should have been rejected. Therefore,
584 * adopt a trick from the sctp code to attempt to maximize the
585 * amount of time until an id is reused, by ensuring they always
586 * "increase" (mod INT_MAX):
996e0938 587 */
3abdb607
BF		 588 return stid;
589out_free:
2c44a234 590 kmem_cache_free(slab, stid);
3abdb607 591 return NULL;
2a74aba7
BF		 592}
593
b49e084d 594static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp)
4cdc951b 595{
6011695d
TM		 596 struct nfs4_stid *stid;
597 struct nfs4_ol_stateid *stp;
598
599 stid = nfs4_alloc_stid(clp, stateid_slab);
600 if (!stid)
601 return NULL;
602
603 stp = openlockstateid(stid);
604 stp->st_stid.sc_free = nfs4_free_ol_stateid;
605 return stp;
606}
607
608static void nfs4_free_deleg(struct nfs4_stid *stid)
609{
6011695d
TM		 610 kmem_cache_free(deleg_slab, stid);
611 atomic_long_dec(&num_delegations);
4cdc951b
BF		 612}
613
6282cd56
N		 614/*
615 * When we recall a delegation, we should be careful not to hand it
616 * out again straight away.
617 * To ensure this we keep a pair of bloom filters ('new' and 'old')
618 * in which the filehandles of recalled delegations are "stored".
619 * If a filehandle appear in either filter, a delegation is blocked.
620 * When a delegation is recalled, the filehandle is stored in the "new"
621 * filter.
622 * Every 30 seconds we swap the filters and clear the "new" one,
623 * unless both are empty of course.
624 *
625 * Each filter is 256 bits. We hash the filehandle to 32bit and use the
626 * low 3 bytes as hash-table indices.
627 *
f54fe962 628 * 'blocked_delegations_lock', which is always taken in block_delegations(),
6282cd56
N		 629 * is used to manage concurrent access. Testing does not need the lock
630 * except when swapping the two filters.
631 */
f54fe962 632static DEFINE_SPINLOCK(blocked_delegations_lock);
6282cd56
N		 633static struct bloom_pair {
634 int entries, old_entries;
635 time_t swap_time;
636 int new; /* index into 'set' */
637 DECLARE_BITMAP(set[2], 256);
638} blocked_delegations;
639
640static int delegation_blocked(struct knfsd_fh *fh)
641{
642 u32 hash;
643 struct bloom_pair *bd = &blocked_delegations;
644
645 if (bd->entries == 0)
646 return 0;
647 if (seconds_since_boot() - bd->swap_time > 30) {
f54fe962 648 spin_lock(&blocked_delegations_lock);
6282cd56
N		 649 if (seconds_since_boot() - bd->swap_time > 30) {
650 bd->entries -= bd->old_entries;
651 bd->old_entries = bd->entries;
652 memset(bd->set[bd->new], 0,
653 sizeof(bd->set[0]));
654 bd->new = 1-bd->new;
655 bd->swap_time = seconds_since_boot();
656 }
f54fe962 657 spin_unlock(&blocked_delegations_lock);
6282cd56 658 }
87545899 659 hash = jhash(&fh->fh_base, fh->fh_size, 0);
6282cd56
N		 660 if (test_bit(hash&255, bd->set[0]) &&
661 test_bit((hash>>8)&255, bd->set[0]) &&
662 test_bit((hash>>16)&255, bd->set[0]))
663 return 1;
664
665 if (test_bit(hash&255, bd->set[1]) &&
666 test_bit((hash>>8)&255, bd->set[1]) &&
667 test_bit((hash>>16)&255, bd->set[1]))
668 return 1;
669
670 return 0;
671}
672
673static void block_delegations(struct knfsd_fh *fh)
674{
675 u32 hash;
676 struct bloom_pair *bd = &blocked_delegations;
677
87545899 678 hash = jhash(&fh->fh_base, fh->fh_size, 0);
6282cd56 679
f54fe962 680 spin_lock(&blocked_delegations_lock);
6282cd56
N		 681 __set_bit(hash&255, bd->set[bd->new]);
682 __set_bit((hash>>8)&255, bd->set[bd->new]);
683 __set_bit((hash>>16)&255, bd->set[bd->new]);
684 if (bd->entries == 0)
685 bd->swap_time = seconds_since_boot();
686 bd->entries += 1;
f54fe962 687 spin_unlock(&blocked_delegations_lock);
6282cd56
N		 688}
689
1da177e4 690static struct nfs4_delegation *
8287f009
SB		 691alloc_init_deleg(struct nfs4_client *clp, struct svc_fh *current_fh,
692 struct nfs4_clnt_odstate *odstate)
1da177e4
LT		 693{
694 struct nfs4_delegation *dp;
02a3508d 695 long n;
1da177e4
LT		 696
697 dprintk("NFSD alloc_init_deleg\n");
02a3508d
TM		 698 n = atomic_long_inc_return(&num_delegations);
699 if (n < 0 || n > max_delegations)
700 goto out_dec;
6282cd56 701 if (delegation_blocked(&current_fh->fh_handle))
02a3508d 702 goto out_dec;
996e0938 703 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab));
5b2d21c1 704 if (dp == NULL)
02a3508d 705 goto out_dec;
6011695d
TM		 706
707 dp->dl_stid.sc_free = nfs4_free_deleg;
2a74aba7
BF		 708 /*
709 * delegation seqid's are never incremented. The 4.1 special
6136d2b4
BF		 710 * meaning of seqid 0 isn't meaningful, really, but let's avoid
711 * 0 anyway just for consistency and use 1:
2a74aba7
BF		 712 */
713 dp->dl_stid.sc_stateid.si_generation = 1;
ea1da636
N		 714 INIT_LIST_HEAD(&dp->dl_perfile);
715 INIT_LIST_HEAD(&dp->dl_perclnt);
1da177e4 716 INIT_LIST_HEAD(&dp->dl_recall_lru);
8287f009
SB		 717 dp->dl_clnt_odstate = odstate;
718 get_clnt_odstate(odstate);
99c41515 719 dp->dl_type = NFS4_OPEN_DELEGATE_READ;
f0b5de1b
CH		 720 dp->dl_retries = 1;
721 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client,
0162ac2b 722 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL);
1da177e4 723 return dp;
02a3508d
TM		 724out_dec:
725 atomic_long_dec(&num_delegations);
726 return NULL;
1da177e4
LT		 727}
728
729void
6011695d 730nfs4_put_stid(struct nfs4_stid *s)
1da177e4 731{
11b9164a 732 struct nfs4_file *fp = s->sc_file;
6011695d
TM		 733 struct nfs4_client *clp = s->sc_client;
734
4770d722
JL		 735 might_lock(&clp->cl_lock);
736
b401be22
JL		 737 if (!atomic_dec_and_lock(&s->sc_count, &clp->cl_lock)) {
738 wake_up_all(&close_wq);
6011695d 739 return;
b401be22 740 }
6011695d 741 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id);
4770d722 742 spin_unlock(&clp->cl_lock);
6011695d 743 s->sc_free(s);
11b9164a
TM		 744 if (fp)
745 put_nfs4_file(fp);
1da177e4
LT		 746}
747
acfdf5c3 748static void nfs4_put_deleg_lease(struct nfs4_file *fp)
1da177e4 749{
6bcc034e 750 struct file *filp = NULL;
417c6629 751
6bcc034e 752 spin_lock(&fp->fi_lock);
67db1034 753 if (fp->fi_deleg_file && --fp->fi_delegees == 0)
6bcc034e 754 swap(filp, fp->fi_deleg_file);
6bcc034e
JL		 755 spin_unlock(&fp->fi_lock);
756
757 if (filp) {
2ab99ee1 758 vfs_setlease(filp, F_UNLCK, NULL, (void **)&fp);
6bcc034e 759 fput(filp);
acfdf5c3 760 }
1da177e4
LT		 761}
762
cd61c522 763void nfs4_unhash_stid(struct nfs4_stid *s)
6136d2b4 764{
3abdb607 765 s->sc_type = 0;
6136d2b4
BF		 766}
767
931ee56c
BH		 768static void
769hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp)
770{
cdc97505 771 lockdep_assert_held(&state_lock);
417c6629 772 lockdep_assert_held(&fp->fi_lock);
931ee56c 773
67cb1279 774 atomic_inc(&dp->dl_stid.sc_count);
3fb87d13 775 dp->dl_stid.sc_type = NFS4_DELEG_STID;
931ee56c
BH		 776 list_add(&dp->dl_perfile, &fp->fi_delegations);
777 list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
778}
779
1da177e4 780static void
42690676 781unhash_delegation_locked(struct nfs4_delegation *dp)
1da177e4 782{
11b9164a 783 struct nfs4_file *fp = dp->dl_stid.sc_file;
02e1215f 784
42690676
JL		 785 lockdep_assert_held(&state_lock);
786
b0fc29d6 787 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID;
d55a166c
JL		 788 /* Ensure that deleg break won't try to requeue it */
789 ++dp->dl_time;
417c6629 790 spin_lock(&fp->fi_lock);
931ee56c 791 list_del_init(&dp->dl_perclnt);
1da177e4 792 list_del_init(&dp->dl_recall_lru);
02e1215f
JL		 793 list_del_init(&dp->dl_perfile);
794 spin_unlock(&fp->fi_lock);
3bd64a5b
BF		 795}
796
3bd64a5b
BF		 797static void destroy_delegation(struct nfs4_delegation *dp)
798{
42690676
JL		 799 spin_lock(&state_lock);
800 unhash_delegation_locked(dp);
801 spin_unlock(&state_lock);
8287f009 802 put_clnt_odstate(dp->dl_clnt_odstate);
afbda402 803 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
6011695d 804 nfs4_put_stid(&dp->dl_stid);
3bd64a5b
BF		 805}
806
807static void revoke_delegation(struct nfs4_delegation *dp)
808{
809 struct nfs4_client *clp = dp->dl_stid.sc_client;
810
2d4a532d
JL		 811 WARN_ON(!list_empty(&dp->dl_recall_lru));
812
8287f009 813 put_clnt_odstate(dp->dl_clnt_odstate);
afbda402
JL		 814 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
815
3bd64a5b 816 if (clp->cl_minorversion == 0)
6011695d 817 nfs4_put_stid(&dp->dl_stid);
3bd64a5b 818 else {
3bd64a5b 819 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID;
2d4a532d
JL		 820 spin_lock(&clp->cl_lock);
821 list_add(&dp->dl_recall_lru, &clp->cl_revoked);
822 spin_unlock(&clp->cl_lock);
3bd64a5b
BF		 823 }
824}
825
1da177e4
LT		 826/*
827 * SETCLIENTID state
828 */
829
ddc04c41
BF		 830static unsigned int clientid_hashval(u32 id)
831{
832 return id & CLIENT_HASH_MASK;
833}
834
835static unsigned int clientstr_hashval(const char *name)
836{
837 return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
838}
839
f9d7562f
BF		 840/*
841 * We store the NONE, READ, WRITE, and BOTH bits separately in the
842 * st_{access,deny}_bmap field of the stateid, in order to track not
843 * only what share bits are currently in force, but also what
844 * combinations of share bits previous opens have used. This allows us
845 * to enforce the recommendation of rfc 3530 14.2.19 that the server
846 * return an error if the client attempt to downgrade to a combination
847 * of share bits not explicable by closing some of its previous opens.
848 *
849 * XXX: This enforcement is actually incomplete, since we don't keep
850 * track of access/deny bit combinations; so, e.g., we allow:
851 *
852 * OPEN allow read, deny write
853 * OPEN allow both, deny none
854 * DOWNGRADE allow read, deny none
855 *
856 * which we should reject.
857 */
5ae037e5
JL		 858static unsigned int
859bmap_to_share_mode(unsigned long bmap) {
f9d7562f 860 int i;
5ae037e5 861 unsigned int access = 0;
f9d7562f 862
f9d7562f
BF		 863 for (i = 1; i < 4; i++) {
864 if (test_bit(i, &bmap))
5ae037e5 865 access |= i;
f9d7562f 866 }
5ae037e5 867 return access;
f9d7562f
BF		 868}
869
82c5ff1b
JL		 870/* set share access for a given stateid */
871static inline void
872set_access(u32 access, struct nfs4_ol_stateid *stp)
873{
c11c591f
JL		 874 unsigned char mask = 1 << access;
875
876 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
877 stp->st_access_bmap |= mask;
82c5ff1b
JL		 878}
879
880/* clear share access for a given stateid */
881static inline void
882clear_access(u32 access, struct nfs4_ol_stateid *stp)
883{
c11c591f
JL		 884 unsigned char mask = 1 << access;
885
886 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
887 stp->st_access_bmap &= ~mask;
82c5ff1b
JL		 888}
889
890/* test whether a given stateid has access */
891static inline bool
892test_access(u32 access, struct nfs4_ol_stateid *stp)
893{
c11c591f
JL		 894 unsigned char mask = 1 << access;
895
896 return (bool)(stp->st_access_bmap & mask);
82c5ff1b
JL		 897}
898
ce0fc43c
JL		 899/* set share deny for a given stateid */
900static inline void
c11c591f 901set_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 902{
c11c591f
JL		 903 unsigned char mask = 1 << deny;
904
905 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
906 stp->st_deny_bmap |= mask;
ce0fc43c
JL		 907}
908
909/* clear share deny for a given stateid */
910static inline void
c11c591f 911clear_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 912{
c11c591f
JL		 913 unsigned char mask = 1 << deny;
914
915 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
916 stp->st_deny_bmap &= ~mask;
ce0fc43c
JL		 917}
918
919/* test whether a given stateid is denying specific access */
920static inline bool
c11c591f 921test_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 922{
c11c591f
JL		 923 unsigned char mask = 1 << deny;
924
925 return (bool)(stp->st_deny_bmap & mask);
f9d7562f
BF		 926}
927
928static int nfs4_access_to_omode(u32 access)
929{
8f34a430 930 switch (access & NFS4_SHARE_ACCESS_BOTH) {
f9d7562f
BF		 931 case NFS4_SHARE_ACCESS_READ:
932 return O_RDONLY;
933 case NFS4_SHARE_ACCESS_WRITE:
934 return O_WRONLY;
935 case NFS4_SHARE_ACCESS_BOTH:
936 return O_RDWR;
937 }
063b0fb9
BF		 938 WARN_ON_ONCE(1);
939 return O_RDONLY;
f9d7562f
BF		 940}
941
baeb4ff0
JL		 942/*
943 * A stateid that had a deny mode associated with it is being released
944 * or downgraded. Recalculate the deny mode on the file.
945 */
946static void
947recalculate_deny_mode(struct nfs4_file *fp)
948{
949 struct nfs4_ol_stateid *stp;
950
951 spin_lock(&fp->fi_lock);
952 fp->fi_share_deny = 0;
953 list_for_each_entry(stp, &fp->fi_stateids, st_perfile)
954 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap);
955 spin_unlock(&fp->fi_lock);
956}
957
958static void
959reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp)
960{
961 int i;
962 bool change = false;
963
964 for (i = 1; i < 4; i++) {
965 if ((i & deny) != i) {
966 change = true;
967 clear_deny(i, stp);
968 }
969 }
970
971 /* Recalculate per-file deny mode if there was a change */
972 if (change)
11b9164a 973 recalculate_deny_mode(stp->st_stid.sc_file);
baeb4ff0
JL		 974}
975
82c5ff1b
JL		 976/* release all access and file references for a given stateid */
977static void
978release_all_access(struct nfs4_ol_stateid *stp)
979{
980 int i;
11b9164a 981 struct nfs4_file *fp = stp->st_stid.sc_file;
baeb4ff0
JL		 982
983 if (fp && stp->st_deny_bmap != 0)
984 recalculate_deny_mode(fp);
82c5ff1b
JL		 985
986 for (i = 1; i < 4; i++) {
987 if (test_access(i, stp))
11b9164a 988 nfs4_file_put_access(stp->st_stid.sc_file, i);
82c5ff1b
JL		 989 clear_access(i, stp);
990 }
991}
992
d50ffded
KM		 993static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop)
994{
995 kfree(sop->so_owner.data);
996 sop->so_ops->so_free(sop);
997}
998
6b180f0b
JL		 999static void nfs4_put_stateowner(struct nfs4_stateowner *sop)
1000{
a819ecc1
JL		 1001 struct nfs4_client *clp = sop->so_client;
1002
1003 might_lock(&clp->cl_lock);
1004
1005 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock))
6b180f0b 1006 return;
8f4b54c5 1007 sop->so_ops->so_unhash(sop);
a819ecc1 1008 spin_unlock(&clp->cl_lock);
d50ffded 1009 nfs4_free_stateowner(sop);
6b180f0b
JL		 1010}
1011
e8568739 1012static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 1013{
11b9164a 1014 struct nfs4_file *fp = stp->st_stid.sc_file;
1d31a253 1015
1c755dc1
JL		 1016 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock);
1017
e8568739
JL		 1018 if (list_empty(&stp->st_perfile))
1019 return false;
1020
1d31a253 1021 spin_lock(&fp->fi_lock);
e8568739 1022 list_del_init(&stp->st_perfile);
1d31a253 1023 spin_unlock(&fp->fi_lock);
529d7b2a 1024 list_del(&stp->st_perstateowner);
e8568739 1025 return true;
529d7b2a
BF		 1026}
1027
6011695d 1028static void nfs4_free_ol_stateid(struct nfs4_stid *stid)
529d7b2a 1029{
6011695d 1030 struct nfs4_ol_stateid *stp = openlockstateid(stid);
4665e2ba 1031
8287f009 1032 put_clnt_odstate(stp->st_clnt_odstate);
6011695d 1033 release_all_access(stp);
d3134b10
JL		 1034 if (stp->st_stateowner)
1035 nfs4_put_stateowner(stp->st_stateowner);
6011695d 1036 kmem_cache_free(stateid_slab, stid);
529d7b2a
BF		 1037}
1038
b49e084d 1039static void nfs4_free_lock_stateid(struct nfs4_stid *stid)
529d7b2a 1040{
b49e084d
JL		 1041 struct nfs4_ol_stateid *stp = openlockstateid(stid);
1042 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner);
529d7b2a
BF		 1043 struct file *file;
1044
b49e084d
JL		 1045 file = find_any_file(stp->st_stid.sc_file);
1046 if (file)
1047 filp_close(file, (fl_owner_t)lo);
1048 nfs4_free_ol_stateid(stid);
1049}
1050
2c41beb0
JL		 1051/*
1052 * Put the persistent reference to an already unhashed generic stateid, while
1053 * holding the cl_lock. If it's the last reference, then put it onto the
1054 * reaplist for later destruction.
1055 */
1056static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp,
1057 struct list_head *reaplist)
1058{
1059 struct nfs4_stid *s = &stp->st_stid;
1060 struct nfs4_client *clp = s->sc_client;
1061
1062 lockdep_assert_held(&clp->cl_lock);
1063
1064 WARN_ON_ONCE(!list_empty(&stp->st_locks));
1065
1066 if (!atomic_dec_and_test(&s->sc_count)) {
1067 wake_up_all(&close_wq);
1068 return;
1069 }
1070
1071 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id);
1072 list_add(&stp->st_locks, reaplist);
1073}
1074
e8568739 1075static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp)
b49e084d 1076{
1c755dc1
JL		 1077 struct nfs4_openowner *oo = openowner(stp->st_openstp->st_stateowner);
1078
3c1c995c
JL		 1079 lockdep_assert_held(&oo->oo_owner.so_client->cl_lock);
1080
1081 list_del_init(&stp->st_locks);
cd61c522 1082 nfs4_unhash_stid(&stp->st_stid);
e8568739 1083 return unhash_ol_stateid(stp);
3c1c995c
JL		 1084}
1085
1086static void release_lock_stateid(struct nfs4_ol_stateid *stp)
1087{
1088 struct nfs4_openowner *oo = openowner(stp->st_openstp->st_stateowner);
e8568739 1089 bool unhashed;
3c1c995c
JL		 1090
1091 spin_lock(&oo->oo_owner.so_client->cl_lock);
e8568739 1092 unhashed = unhash_lock_stateid(stp);
1c755dc1 1093 spin_unlock(&oo->oo_owner.so_client->cl_lock);
e8568739
JL		 1094 if (unhashed)
1095 nfs4_put_stid(&stp->st_stid);
529d7b2a
BF		 1096}
1097
c58c6610 1098static void unhash_lockowner_locked(struct nfs4_lockowner *lo)
8f4b54c5 1099{
d4f0489f 1100 struct nfs4_client *clp = lo->lo_owner.so_client;
c58c6610 1101
d4f0489f 1102 lockdep_assert_held(&clp->cl_lock);
c58c6610 1103
8f4b54c5
JL		 1104 list_del_init(&lo->lo_owner.so_strhash);
1105}
1106
2c41beb0
JL		 1107/*
1108 * Free a list of generic stateids that were collected earlier after being
1109 * fully unhashed.
1110 */
1111static void
1112free_ol_stateid_reaplist(struct list_head *reaplist)
1113{
1114 struct nfs4_ol_stateid *stp;
fb94d766 1115 struct nfs4_file *fp;
2c41beb0
JL		 1116
1117 might_sleep();
1118
1119 while (!list_empty(reaplist)) {
1120 stp = list_first_entry(reaplist, struct nfs4_ol_stateid,
1121 st_locks);
1122 list_del(&stp->st_locks);
fb94d766 1123 fp = stp->st_stid.sc_file;
2c41beb0 1124 stp->st_stid.sc_free(&stp->st_stid);
fb94d766
KM		 1125 if (fp)
1126 put_nfs4_file(fp);
2c41beb0
JL		 1127 }
1128}
1129
3c1c995c 1130static void release_lockowner(struct nfs4_lockowner *lo)
529d7b2a 1131{
d4f0489f 1132 struct nfs4_client *clp = lo->lo_owner.so_client;
dcef0413 1133 struct nfs4_ol_stateid *stp;
3c1c995c 1134 struct list_head reaplist;
529d7b2a 1135
3c1c995c 1136 INIT_LIST_HEAD(&reaplist);
c58c6610 1137
3c1c995c
JL		 1138 spin_lock(&clp->cl_lock);
1139 unhash_lockowner_locked(lo);
fe0750e5
BF		 1140 while (!list_empty(&lo->lo_owner.so_stateids)) {
1141 stp = list_first_entry(&lo->lo_owner.so_stateids,
dcef0413 1142 struct nfs4_ol_stateid, st_perstateowner);
e8568739 1143 WARN_ON(!unhash_lock_stateid(stp));
2c41beb0 1144 put_ol_stateid_locked(stp, &reaplist);
529d7b2a 1145 }
d4f0489f 1146 spin_unlock(&clp->cl_lock);
2c41beb0 1147 free_ol_stateid_reaplist(&reaplist);
6b180f0b 1148 nfs4_put_stateowner(&lo->lo_owner);
529d7b2a
BF		 1149}
1150
d83017f9
JL		 1151static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp,
1152 struct list_head *reaplist)
3c87b9b7
TM		 1153{
1154 struct nfs4_ol_stateid *stp;
1155
e8568739
JL		 1156 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock);
1157
3c87b9b7
TM		 1158 while (!list_empty(&open_stp->st_locks)) {
1159 stp = list_entry(open_stp->st_locks.next,
1160 struct nfs4_ol_stateid, st_locks);
e8568739 1161 WARN_ON(!unhash_lock_stateid(stp));
d83017f9 1162 put_ol_stateid_locked(stp, reaplist);
529d7b2a
BF		 1163 }
1164}
1165
e8568739 1166static bool unhash_open_stateid(struct nfs4_ol_stateid *stp,
d83017f9 1167 struct list_head *reaplist)
2283963f 1168{
e8568739
JL		 1169 bool unhashed;
1170
2c41beb0
JL		 1171 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock);
1172
e8568739 1173 unhashed = unhash_ol_stateid(stp);
d83017f9 1174 release_open_stateid_locks(stp, reaplist);
e8568739 1175 return unhashed;
38c387b5
BF		 1176}
1177
1178static void release_open_stateid(struct nfs4_ol_stateid *stp)
1179{
2c41beb0
JL		 1180 LIST_HEAD(reaplist);
1181
1182 spin_lock(&stp->st_stid.sc_client->cl_lock);
e8568739
JL		 1183 if (unhash_open_stateid(stp, &reaplist))
1184 put_ol_stateid_locked(stp, &reaplist);
2c41beb0
JL		 1185 spin_unlock(&stp->st_stid.sc_client->cl_lock);
1186 free_ol_stateid_reaplist(&reaplist);
2283963f
BF		 1187}
1188
7ffb5880 1189static void unhash_openowner_locked(struct nfs4_openowner *oo)
f1d110ca 1190{
d4f0489f 1191 struct nfs4_client *clp = oo->oo_owner.so_client;
7ffb5880 1192
d4f0489f 1193 lockdep_assert_held(&clp->cl_lock);
7ffb5880 1194
8f4b54c5
JL		 1195 list_del_init(&oo->oo_owner.so_strhash);
1196 list_del_init(&oo->oo_perclient);
f1d110ca
BF		 1197}
1198
f7a4d872
BF		 1199static void release_last_closed_stateid(struct nfs4_openowner *oo)
1200{
217526e7
JL		 1201 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net,
1202 nfsd_net_id);
1203 struct nfs4_ol_stateid *s;
f7a4d872 1204
217526e7
JL		 1205 spin_lock(&nn->client_lock);
1206 s = oo->oo_last_closed_stid;
f7a4d872 1207 if (s) {
d3134b10 1208 list_del_init(&oo->oo_close_lru);
f7a4d872
BF		 1209 oo->oo_last_closed_stid = NULL;
1210 }
217526e7
JL		 1211 spin_unlock(&nn->client_lock);
1212 if (s)
1213 nfs4_put_stid(&s->st_stid);
f7a4d872
BF		 1214}
1215
2c41beb0 1216static void release_openowner(struct nfs4_openowner *oo)
8f4b54c5
JL		 1217{
1218 struct nfs4_ol_stateid *stp;
d4f0489f 1219 struct nfs4_client *clp = oo->oo_owner.so_client;
2c41beb0 1220 struct list_head reaplist;
7ffb5880 1221
2c41beb0 1222 INIT_LIST_HEAD(&reaplist);
8f4b54c5 1223
2c41beb0
JL		 1224 spin_lock(&clp->cl_lock);
1225 unhash_openowner_locked(oo);
8f4b54c5
JL		 1226 while (!list_empty(&oo->oo_owner.so_stateids)) {
1227 stp = list_first_entry(&oo->oo_owner.so_stateids,
1228 struct nfs4_ol_stateid, st_perstateowner);
e8568739
JL		 1229 if (unhash_open_stateid(stp, &reaplist))
1230 put_ol_stateid_locked(stp, &reaplist);
8f4b54c5 1231 }
d4f0489f 1232 spin_unlock(&clp->cl_lock);
2c41beb0 1233 free_ol_stateid_reaplist(&reaplist);
f7a4d872 1234 release_last_closed_stateid(oo);
6b180f0b 1235 nfs4_put_stateowner(&oo->oo_owner);
f1d110ca
BF		 1236}
1237
5282fd72
ME		 1238static inline int
1239hash_sessionid(struct nfs4_sessionid *sessionid)
1240{
1241 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
1242
1243 return sid->sequence % SESSION_HASH_SIZE;
1244}
1245
135dd002 1246#ifdef CONFIG_SUNRPC_DEBUG
5282fd72
ME		 1247static inline void
1248dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1249{
1250 u32 *ptr = (u32 *)(&sessionid->data[0]);
1251 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
1252}
8f199b82
TM		 1253#else
1254static inline void
1255dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1256{
1257}
1258#endif
1259
9411b1d4
BF		 1260/*
1261 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it
1262 * won't be used for replay.
1263 */
1264void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr)
1265{
1266 struct nfs4_stateowner *so = cstate->replay_owner;
1267
1268 if (nfserr == nfserr_replay_me)
1269 return;
1270
1271 if (!seqid_mutating_err(ntohl(nfserr))) {
58fb12e6 1272 nfsd4_cstate_clear_replay(cstate);
9411b1d4
BF		 1273 return;
1274 }
1275 if (!so)
1276 return;
1277 if (so->so_is_open_owner)
1278 release_last_closed_stateid(openowner(so));
1279 so->so_seqid++;
1280 return;
1281}
5282fd72 1282
ec6b5d7b
AA		 1283static void
1284gen_sessionid(struct nfsd4_session *ses)
1285{
1286 struct nfs4_client *clp = ses->se_client;
1287 struct nfsd4_sessionid *sid;
1288
1289 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
1290 sid->clientid = clp->cl_clientid;
1291 sid->sequence = current_sessionid++;
1292 sid->reserved = 0;
1293}
1294
1295/*
a649637c
AA		 1296 * The protocol defines ca_maxresponssize_cached to include the size of
1297 * the rpc header, but all we need to cache is the data starting after
1298 * the end of the initial SEQUENCE operation--the rest we regenerate
1299 * each time. Therefore we can advertise a ca_maxresponssize_cached
1300 * value that is the number of bytes in our cache plus a few additional
1301 * bytes. In order to stay on the safe side, and not promise more than
1302 * we can cache, those additional bytes must be the minimum possible: 24
1303 * bytes of rpc header (xid through accept state, with AUTH_NULL
1304 * verifier), 12 for the compound header (with zero-length tag), and 44
1305 * for the SEQUENCE op response:
1306 */
1307#define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44)
1308
557ce264
AA		 1309static void
1310free_session_slots(struct nfsd4_session *ses)
1311{
1312 int i;
1313
1314 for (i = 0; i < ses->se_fchannel.maxreqs; i++)
1315 kfree(ses->se_slots[i]);
1316}
1317
a649637c 1318/*
efe0cb6d
BF		 1319 * We don't actually need to cache the rpc and session headers, so we
1320 * can allocate a little less for each slot:
1321 */
55c760cf 1322static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca)
efe0cb6d 1323{
55c760cf 1324 u32 size;
efe0cb6d 1325
55c760cf
BF		 1326 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ)
1327 size = 0;
1328 else
1329 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
1330 return size + sizeof(struct nfsd4_slot);
5b6feee9 1331}
ec6b5d7b 1332
5b6feee9
BF		 1333/*
1334 * XXX: If we run out of reserved DRC memory we could (up to a point)
a649637c 1335 * re-negotiate active sessions and reduce their slot usage to make
42b2aa86 1336 * room for new connections. For now we just fail the create session.
ec6b5d7b 1337 */
55c760cf 1338static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca)
ec6b5d7b 1339{
55c760cf
BF		 1340 u32 slotsize = slot_bytes(ca);
1341 u32 num = ca->maxreqs;
5b6feee9 1342 int avail;
ec6b5d7b 1343
5b6feee9 1344 spin_lock(&nfsd_drc_lock);
697ce9be
ZY		 1345 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION,
1346 nfsd_drc_max_mem - nfsd_drc_mem_used);
5b6feee9
BF		 1347 num = min_t(int, num, avail / slotsize);
1348 nfsd_drc_mem_used += num * slotsize;
1349 spin_unlock(&nfsd_drc_lock);
ec6b5d7b 1350
5b6feee9
BF		 1351 return num;
1352}
ec6b5d7b 1353
55c760cf 1354static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca)
5b6feee9 1355{
55c760cf
BF		 1356 int slotsize = slot_bytes(ca);
1357
4bd9b0f4 1358 spin_lock(&nfsd_drc_lock);
55c760cf 1359 nfsd_drc_mem_used -= slotsize * ca->maxreqs;
4bd9b0f4 1360 spin_unlock(&nfsd_drc_lock);
5b6feee9 1361}
ec6b5d7b 1362
60810e54
KM		 1363static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs,
1364 struct nfsd4_channel_attrs *battrs)
5b6feee9 1365{
60810e54
KM		 1366 int numslots = fattrs->maxreqs;
1367 int slotsize = slot_bytes(fattrs);
5b6feee9
BF		 1368 struct nfsd4_session *new;
1369 int mem, i;
a649637c 1370
5b6feee9
BF		 1371 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
1372 + sizeof(struct nfsd4_session) > PAGE_SIZE);
1373 mem = numslots * sizeof(struct nfsd4_slot *);
ec6b5d7b 1374
5b6feee9
BF		 1375 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
1376 if (!new)
1377 return NULL;
557ce264 1378 /* allocate each struct nfsd4_slot and data cache in one piece */
5b6feee9 1379 for (i = 0; i < numslots; i++) {
55c760cf 1380 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL);
5b6feee9 1381 if (!new->se_slots[i])
557ce264 1382 goto out_free;
557ce264 1383 }
60810e54
KM		 1384
1385 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs));
1386 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs));
1387
5b6feee9
BF		 1388 return new;
1389out_free:
1390 while (i--)
1391 kfree(new->se_slots[i]);
1392 kfree(new);
1393 return NULL;
ec6b5d7b
AA		 1394}
1395
19cf5c02
BF		 1396static void free_conn(struct nfsd4_conn *c)
1397{
1398 svc_xprt_put(c->cn_xprt);
1399 kfree(c);
1400}
ec6b5d7b 1401
19cf5c02
BF		 1402static void nfsd4_conn_lost(struct svc_xpt_user *u)
1403{
1404 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
1405 struct nfs4_client *clp = c->cn_session->se_client;
ec6b5d7b 1406
19cf5c02
BF		 1407 spin_lock(&clp->cl_lock);
1408 if (!list_empty(&c->cn_persession)) {
1409 list_del(&c->cn_persession);
1410 free_conn(c);
1411 }
eea49806 1412 nfsd4_probe_callback(clp);
2e4b7239 1413 spin_unlock(&clp->cl_lock);
19cf5c02 1414}
ec6b5d7b 1415
d29c374c 1416static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
c7662518 1417{
c7662518 1418 struct nfsd4_conn *conn;
ec6b5d7b 1419
c7662518
BF		 1420 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
1421 if (!conn)
db90681d 1422 return NULL;
c7662518
BF		 1423 svc_xprt_get(rqstp->rq_xprt);
1424 conn->cn_xprt = rqstp->rq_xprt;
d29c374c 1425 conn->cn_flags = flags;
db90681d
BF		 1426 INIT_LIST_HEAD(&conn->cn_xpt_user.list);
1427 return conn;
1428}
a649637c 1429
328ead28
BF		 1430static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1431{
1432 conn->cn_session = ses;
1433 list_add(&conn->cn_persession, &ses->se_conns);
ec6b5d7b
AA		 1434}
1435
db90681d 1436static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
557ce264 1437{
db90681d 1438 struct nfs4_client *clp = ses->se_client;
557ce264 1439
c7662518 1440 spin_lock(&clp->cl_lock);
328ead28 1441 __nfsd4_hash_conn(conn, ses);
c7662518 1442 spin_unlock(&clp->cl_lock);
557ce264
AA		 1443}
1444
21b75b01 1445static int nfsd4_register_conn(struct nfsd4_conn *conn)
efe0cb6d 1446{
19cf5c02 1447 conn->cn_xpt_user.callback = nfsd4_conn_lost;
21b75b01 1448 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
efe0cb6d
BF		 1449}
1450
e1ff371f 1451static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
ec6b5d7b 1452{
21b75b01 1453 int ret;
ec6b5d7b 1454
db90681d 1455 nfsd4_hash_conn(conn, ses);
21b75b01
BF		 1456 ret = nfsd4_register_conn(conn);
1457 if (ret)
1458 /* oops; xprt is already down: */
1459 nfsd4_conn_lost(&conn->cn_xpt_user);
57a37144
BF		 1460 /* We may have gained or lost a callback channel: */
1461 nfsd4_probe_callback_sync(ses->se_client);
c7662518 1462}
ec6b5d7b 1463
e1ff371f 1464static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
1d1bc8f2
BF		 1465{
1466 u32 dir = NFS4_CDFC4_FORE;
1467
e1ff371f 1468 if (cses->flags & SESSION4_BACK_CHAN)
1d1bc8f2 1469 dir |= NFS4_CDFC4_BACK;
e1ff371f 1470 return alloc_conn(rqstp, dir);
1d1bc8f2
BF		 1471}
1472
1473/* must be called under client_lock */
19cf5c02 1474static void nfsd4_del_conns(struct nfsd4_session *s)
c7662518 1475{
19cf5c02
BF		 1476 struct nfs4_client *clp = s->se_client;
1477 struct nfsd4_conn *c;
ec6b5d7b 1478
19cf5c02
BF		 1479 spin_lock(&clp->cl_lock);
1480 while (!list_empty(&s->se_conns)) {
1481 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
1482 list_del_init(&c->cn_persession);
1483 spin_unlock(&clp->cl_lock);
557ce264 1484
19cf5c02
BF		 1485 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
1486 free_conn(c);
ec6b5d7b 1487
19cf5c02
BF		 1488 spin_lock(&clp->cl_lock);
1489 }
1490 spin_unlock(&clp->cl_lock);
c7662518 1491}
ec6b5d7b 1492
1377b69e
BF		 1493static void __free_session(struct nfsd4_session *ses)
1494{
1377b69e
BF		 1495 free_session_slots(ses);
1496 kfree(ses);
1497}
1498
66b2b9b2 1499static void free_session(struct nfsd4_session *ses)
c7662518 1500{
19cf5c02 1501 nfsd4_del_conns(ses);
55c760cf 1502 nfsd4_put_drc_mem(&ses->se_fchannel);
1377b69e 1503 __free_session(ses);
c7662518
BF		 1504}
1505
135ae827 1506static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
a827bcb2 1507{
a827bcb2 1508 int idx;
1872de0e 1509 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
a827bcb2 1510
ec6b5d7b
AA		 1511 new->se_client = clp;
1512 gen_sessionid(new);
ec6b5d7b 1513
c7662518
BF		 1514 INIT_LIST_HEAD(&new->se_conns);
1515
ac7c46f2 1516 new->se_cb_seq_nr = 1;
ec6b5d7b 1517 new->se_flags = cses->flags;
8b5ce5cd 1518 new->se_cb_prog = cses->callback_prog;
c6bb3ca2 1519 new->se_cb_sec = cses->cb_sec;
66b2b9b2 1520 atomic_set(&new->se_ref, 0);
5b6feee9 1521 idx = hash_sessionid(&new->se_sessionid);
1872de0e 1522 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]);
4c649378 1523 spin_lock(&clp->cl_lock);
ec6b5d7b 1524 list_add(&new->se_perclnt, &clp->cl_sessions);
4c649378 1525 spin_unlock(&clp->cl_lock);
60810e54 1526
b0d2e42c 1527 {
edd76786 1528 struct sockaddr *sa = svc_addr(rqstp);
dcbeaa68
BF		 1529 /*
1530 * This is a little silly; with sessions there's no real
1531 * use for the callback address. Use the peer address
1532 * as a reasonable default for now, but consider fixing
1533 * the rpc client not to require an address in the
1534 * future:
1535 */
edd76786
BF		 1536 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
1537 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
edd76786 1538 }
ec6b5d7b
AA		 1539}
1540
9089f1b4 1541/* caller must hold client_lock */
5282fd72 1542static struct nfsd4_session *
d4e19e70 1543__find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net)
5282fd72
ME		 1544{
1545 struct nfsd4_session *elem;
1546 int idx;
1872de0e 1547 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5282fd72 1548
0a880a28
TM		 1549 lockdep_assert_held(&nn->client_lock);
1550
5282fd72
ME		 1551 dump_sessionid(__func__, sessionid);
1552 idx = hash_sessionid(sessionid);
5282fd72 1553 /* Search in the appropriate list */
1872de0e 1554 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) {
5282fd72
ME		 1555 if (!memcmp(elem->se_sessionid.data, sessionid->data,
1556 NFS4_MAX_SESSIONID_LEN)) {
1557 return elem;
1558 }
1559 }
1560
1561 dprintk("%s: session not found\n", __func__);
1562 return NULL;
1563}
1564
d4e19e70
TM		 1565static struct nfsd4_session *
1566find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net,
1567 __be32 *ret)
1568{
1569 struct nfsd4_session *session;
1570 __be32 status = nfserr_badsession;
1571
1572 session = __find_in_sessionid_hashtbl(sessionid, net);
1573 if (!session)
1574 goto out;
1575 status = nfsd4_get_session_locked(session);
1576 if (status)
1577 session = NULL;
1578out:
1579 *ret = status;
1580 return session;
1581}
1582
9089f1b4 1583/* caller must hold client_lock */
7116ed6b 1584static void
5282fd72 1585unhash_session(struct nfsd4_session *ses)
7116ed6b 1586{
0a880a28
TM		 1587 struct nfs4_client *clp = ses->se_client;
1588 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1589
1590 lockdep_assert_held(&nn->client_lock);
1591
7116ed6b 1592 list_del(&ses->se_hash);
4c649378 1593 spin_lock(&ses->se_client->cl_lock);
7116ed6b 1594 list_del(&ses->se_perclnt);
4c649378 1595 spin_unlock(&ses->se_client->cl_lock);
5282fd72
ME		 1596}
1597
1da177e4
LT		 1598/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1599static int
2c142baa 1600STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1da177e4 1601{
bbc7f33a
BF		 1602 /*
1603 * We're assuming the clid was not given out from a boot
1604 * precisely 2^32 (about 136 years) before this one. That seems
1605 * a safe assumption:
1606 */
1607 if (clid->cl_boot == (u32)nn->boot_time)
1da177e4 1608 return 0;
60adfc50 1609 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
2c142baa 1610 clid->cl_boot, clid->cl_id, nn->boot_time);
1da177e4
LT		 1611 return 1;
1612}
1613
1614/*
1615 * XXX Should we use a slab cache ?
1616 * This type of memory management is somewhat inefficient, but we use it
1617 * anyway since SETCLIENTID is not a common operation.
1618 */
35bba9a3 1619static struct nfs4_client *alloc_client(struct xdr_netobj name)
1da177e4
LT		 1620{
1621 struct nfs4_client *clp;
d4f0489f 1622 int i;
1da177e4 1623
35bba9a3
BF		 1624 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1625 if (clp == NULL)
1626 return NULL;
67114fe6 1627 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
d4f0489f
TM		 1628 if (clp->cl_name.data == NULL)
1629 goto err_no_name;
1630 clp->cl_ownerstr_hashtbl = kmalloc(sizeof(struct list_head) *
1631 OWNER_HASH_SIZE, GFP_KERNEL);
1632 if (!clp->cl_ownerstr_hashtbl)
1633 goto err_no_hashtbl;
1634 for (i = 0; i < OWNER_HASH_SIZE; i++)
1635 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]);
35bba9a3 1636 clp->cl_name.len = name.len;
5694c93e
TM		 1637 INIT_LIST_HEAD(&clp->cl_sessions);
1638 idr_init(&clp->cl_stateids);
1639 atomic_set(&clp->cl_refcount, 0);
1640 clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1641 INIT_LIST_HEAD(&clp->cl_idhash);
1642 INIT_LIST_HEAD(&clp->cl_openowners);
1643 INIT_LIST_HEAD(&clp->cl_delegations);
1644 INIT_LIST_HEAD(&clp->cl_lru);
5694c93e 1645 INIT_LIST_HEAD(&clp->cl_revoked);
9cf514cc
CH		 1646#ifdef CONFIG_NFSD_PNFS
1647 INIT_LIST_HEAD(&clp->cl_lo_states);
1648#endif
5694c93e
TM		 1649 spin_lock_init(&clp->cl_lock);
1650 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1da177e4 1651 return clp;
d4f0489f
TM		 1652err_no_hashtbl:
1653 kfree(clp->cl_name.data);
1654err_no_name:
1655 kfree(clp);
1656 return NULL;
1da177e4
LT		 1657}
1658
4dd86e15 1659static void
1da177e4
LT		 1660free_client(struct nfs4_client *clp)
1661{
792c95dd
BF		 1662 while (!list_empty(&clp->cl_sessions)) {
1663 struct nfsd4_session *ses;
1664 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1665 se_perclnt);
1666 list_del(&ses->se_perclnt);
66b2b9b2
BF		 1667 WARN_ON_ONCE(atomic_read(&ses->se_ref));
1668 free_session(ses);
792c95dd 1669 }
4cb57e30 1670 rpc_destroy_wait_queue(&clp->cl_cb_waitq);
03a4e1f6 1671 free_svc_cred(&clp->cl_cred);
d4f0489f 1672 kfree(clp->cl_ownerstr_hashtbl);
1da177e4 1673 kfree(clp->cl_name.data);
2d32b29a 1674 idr_destroy(&clp->cl_stateids);
1da177e4
LT		 1675 kfree(clp);
1676}
1677
84d38ac9 1678/* must be called under the client_lock */
4beb345b 1679static void
84d38ac9
BH		 1680unhash_client_locked(struct nfs4_client *clp)
1681{
4beb345b 1682 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
792c95dd
BF		 1683 struct nfsd4_session *ses;
1684
0a880a28
TM		 1685 lockdep_assert_held(&nn->client_lock);
1686
4beb345b
TM		 1687 /* Mark the client as expired! */
1688 clp->cl_time = 0;
1689 /* Make it invisible */
1690 if (!list_empty(&clp->cl_idhash)) {
1691 list_del_init(&clp->cl_idhash);
1692 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags))
1693 rb_erase(&clp->cl_namenode, &nn->conf_name_tree);
1694 else
1695 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
1696 }
1697 list_del_init(&clp->cl_lru);
4c649378 1698 spin_lock(&clp->cl_lock);
792c95dd
BF		 1699 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1700 list_del_init(&ses->se_hash);
4c649378 1701 spin_unlock(&clp->cl_lock);
84d38ac9
BH		 1702}
1703
1da177e4 1704static void
4beb345b
TM		 1705unhash_client(struct nfs4_client *clp)
1706{
1707 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1708
1709 spin_lock(&nn->client_lock);
1710 unhash_client_locked(clp);
1711 spin_unlock(&nn->client_lock);
1712}
1713
97403d95
JL		 1714static __be32 mark_client_expired_locked(struct nfs4_client *clp)
1715{
1716 if (atomic_read(&clp->cl_refcount))
1717 return nfserr_jukebox;
1718 unhash_client_locked(clp);
1719 return nfs_ok;
1720}
1721
4beb345b
TM		 1722static void
1723__destroy_client(struct nfs4_client *clp)
1da177e4 1724{
fe0750e5 1725 struct nfs4_openowner *oo;
1da177e4 1726 struct nfs4_delegation *dp;
1da177e4
LT		 1727 struct list_head reaplist;
1728
1da177e4 1729 INIT_LIST_HEAD(&reaplist);
cdc97505 1730 spin_lock(&state_lock);
ea1da636
N		 1731 while (!list_empty(&clp->cl_delegations)) {
1732 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
42690676
JL		 1733 unhash_delegation_locked(dp);
1734 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 1735 }
cdc97505 1736 spin_unlock(&state_lock);
1da177e4
LT		 1737 while (!list_empty(&reaplist)) {
1738 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
42690676 1739 list_del_init(&dp->dl_recall_lru);
8287f009 1740 put_clnt_odstate(dp->dl_clnt_odstate);
afbda402 1741 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
6011695d 1742 nfs4_put_stid(&dp->dl_stid);
1da177e4 1743 }
2d4a532d 1744 while (!list_empty(&clp->cl_revoked)) {
c876486b 1745 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru);
2d4a532d 1746 list_del_init(&dp->dl_recall_lru);
6011695d 1747 nfs4_put_stid(&dp->dl_stid);
956c4fee 1748 }
ea1da636 1749 while (!list_empty(&clp->cl_openowners)) {
fe0750e5 1750 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
b5971afa 1751 nfs4_get_stateowner(&oo->oo_owner);
fe0750e5 1752 release_openowner(oo);
1da177e4 1753 }
9cf514cc 1754 nfsd4_return_all_client_layouts(clp);
6ff8da08 1755 nfsd4_shutdown_callback(clp);
84d38ac9
BH		 1756 if (clp->cl_cb_conn.cb_xprt)
1757 svc_xprt_put(clp->cl_cb_conn.cb_xprt);
221a6876 1758 free_client(clp);
1da177e4
LT		 1759}
1760
4beb345b
TM		 1761static void
1762destroy_client(struct nfs4_client *clp)
1763{
1764 unhash_client(clp);
1765 __destroy_client(clp);
1766}
1767
0d22f68f
BF		 1768static void expire_client(struct nfs4_client *clp)
1769{
4beb345b 1770 unhash_client(clp);
0d22f68f 1771 nfsd4_client_record_remove(clp);
4beb345b 1772 __destroy_client(clp);
0d22f68f
BF		 1773}
1774
35bba9a3
BF		 1775static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1776{
1777 memcpy(target->cl_verifier.data, source->data,
1778 sizeof(target->cl_verifier.data));
1da177e4
LT		 1779}
1780
35bba9a3
BF		 1781static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1782{
1da177e4
LT		 1783 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot;
1784 target->cl_clientid.cl_id = source->cl_clientid.cl_id;
1785}
1786
03a4e1f6 1787static int copy_cred(struct svc_cred *target, struct svc_cred *source)
35bba9a3 1788{
03a4e1f6
BF		 1789 if (source->cr_principal) {
1790 target->cr_principal =
1791 kstrdup(source->cr_principal, GFP_KERNEL);
1792 if (target->cr_principal == NULL)
1793 return -ENOMEM;
1794 } else
1795 target->cr_principal = NULL;
d5497fc6 1796 target->cr_flavor = source->cr_flavor;
1da177e4
LT		 1797 target->cr_uid = source->cr_uid;
1798 target->cr_gid = source->cr_gid;
1799 target->cr_group_info = source->cr_group_info;
1800 get_group_info(target->cr_group_info);
0dc1531a
BF		 1801 target->cr_gss_mech = source->cr_gss_mech;
1802 if (source->cr_gss_mech)
1803 gss_mech_get(source->cr_gss_mech);
03a4e1f6 1804 return 0;
1da177e4
LT		 1805}
1806
ef17af2a 1807static int
ac55fdc4
JL		 1808compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2)
1809{
ef17af2a
RV		 1810 if (o1->len < o2->len)
1811 return -1;
1812 if (o1->len > o2->len)
1813 return 1;
1814 return memcmp(o1->data, o2->data, o1->len);
ac55fdc4
JL		 1815}
1816
35bba9a3 1817static int same_name(const char *n1, const char *n2)
599e0a22 1818{
a55370a3 1819 return 0 == memcmp(n1, n2, HEXDIR_LEN);
1da177e4
LT		 1820}
1821
1822static int
599e0a22
BF		 1823same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
1824{
1825 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1da177e4
LT		 1826}
1827
1828static int
599e0a22
BF		 1829same_clid(clientid_t *cl1, clientid_t *cl2)
1830{
1831 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1da177e4
LT		 1832}
1833
8fbba96e
BF		 1834static bool groups_equal(struct group_info *g1, struct group_info *g2)
1835{
1836 int i;
1837
1838 if (g1->ngroups != g2->ngroups)
1839 return false;
1840 for (i=0; i<g1->ngroups; i++)
6fab8779 1841 if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i)))
8fbba96e
BF		 1842 return false;
1843 return true;
1844}
1845
68eb3508
BF		 1846/*
1847 * RFC 3530 language requires clid_inuse be returned when the
1848 * "principal" associated with a requests differs from that previously
1849 * used. We use uid, gid's, and gss principal string as our best
1850 * approximation. We also don't want to allow non-gss use of a client
1851 * established using gss: in theory cr_principal should catch that
1852 * change, but in practice cr_principal can be null even in the gss case
1853 * since gssd doesn't always pass down a principal string.
1854 */
1855static bool is_gss_cred(struct svc_cred *cr)
1856{
1857 /* Is cr_flavor one of the gss "pseudoflavors"?: */
1858 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
1859}
1860
1861
5559b50a 1862static bool
599e0a22
BF		 1863same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
1864{
68eb3508 1865 if ((is_gss_cred(cr1) != is_gss_cred(cr2))
6fab8779
EB		 1866 || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
1867 || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
8fbba96e
BF		 1868 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1869 return false;
1870 if (cr1->cr_principal == cr2->cr_principal)
1871 return true;
1872 if (!cr1->cr_principal || !cr2->cr_principal)
1873 return false;
5559b50a 1874 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1da177e4
LT		 1875}
1876
57266a6e
BF		 1877static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp)
1878{
1879 struct svc_cred *cr = &rqstp->rq_cred;
1880 u32 service;
1881
c4720591
BF		 1882 if (!cr->cr_gss_mech)
1883 return false;
57266a6e
BF		 1884 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor);
1885 return service == RPC_GSS_SVC_INTEGRITY ||
1886 service == RPC_GSS_SVC_PRIVACY;
1887}
1888
1889static bool mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp)
1890{
1891 struct svc_cred *cr = &rqstp->rq_cred;
1892
1893 if (!cl->cl_mach_cred)
1894 return true;
1895 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech)
1896 return false;
1897 if (!svc_rqst_integrity_protected(rqstp))
1898 return false;
1899 if (!cr->cr_principal)
1900 return false;
1901 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal);
1902}
1903
294ac32e 1904static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn)
deda2faa 1905{
ab4684d1 1906 __be32 verf[2];
1da177e4 1907
f419992c
JL		 1908 /*
1909 * This is opaque to client, so no need to byte-swap. Use
1910 * __force to keep sparse happy
1911 */
1912 verf[0] = (__force __be32)get_seconds();
19311aa8 1913 verf[1] = (__force __be32)nn->clverifier_counter++;
ab4684d1 1914 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1da177e4
LT		 1915}
1916
294ac32e
JL		 1917static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn)
1918{
1919 clp->cl_clientid.cl_boot = nn->boot_time;
1920 clp->cl_clientid.cl_id = nn->clientid_counter++;
1921 gen_confirm(clp, nn);
1922}
1923
4770d722
JL		 1924static struct nfs4_stid *
1925find_stateid_locked(struct nfs4_client *cl, stateid_t *t)
4581d140 1926{
3abdb607
BF		 1927 struct nfs4_stid *ret;
1928
1929 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id);
1930 if (!ret || !ret->sc_type)
1931 return NULL;
1932 return ret;
4d71ab87
BF		 1933}
1934
4770d722
JL		 1935static struct nfs4_stid *
1936find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
f459e453
BF		 1937{
1938 struct nfs4_stid *s;
4d71ab87 1939
4770d722
JL		 1940 spin_lock(&cl->cl_lock);
1941 s = find_stateid_locked(cl, t);
2d3f9668
TM		 1942 if (s != NULL) {
1943 if (typemask & s->sc_type)
1944 atomic_inc(&s->sc_count);
1945 else
1946 s = NULL;
1947 }
4770d722
JL		 1948 spin_unlock(&cl->cl_lock);
1949 return s;
4581d140
BF		 1950}
1951
2216d449 1952static struct nfs4_client *create_client(struct xdr_netobj name,
b09333c4
RL		 1953 struct svc_rqst *rqstp, nfs4_verifier *verf)
1954{
1955 struct nfs4_client *clp;
1956 struct sockaddr *sa = svc_addr(rqstp);
03a4e1f6 1957 int ret;
c212cecf 1958 struct net *net = SVC_NET(rqstp);
b09333c4
RL		 1959
1960 clp = alloc_client(name);
1961 if (clp == NULL)
1962 return NULL;
1963
03a4e1f6
BF		 1964 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
1965 if (ret) {
03a4e1f6 1966 free_client(clp);
03a4e1f6 1967 return NULL;
b09333c4 1968 }
0162ac2b 1969 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL);
07cd4909 1970 clp->cl_time = get_seconds();
b09333c4 1971 clear_bit(0, &clp->cl_cb_slot_busy);
b09333c4
RL		 1972 copy_verf(clp, verf);
1973 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
edd76786 1974 clp->cl_cb_session = NULL;
c212cecf 1975 clp->net = net;
b09333c4
RL		 1976 return clp;
1977}
1978
fd39ca9a 1979static void
ac55fdc4
JL		 1980add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root)
1981{
1982 struct rb_node **new = &(root->rb_node), *parent = NULL;
1983 struct nfs4_client *clp;
1984
1985 while (*new) {
1986 clp = rb_entry(*new, struct nfs4_client, cl_namenode);
1987 parent = *new;
1988
1989 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0)
1990 new = &((*new)->rb_left);
1991 else
1992 new = &((*new)->rb_right);
1993 }
1994
1995 rb_link_node(&new_clp->cl_namenode, parent, new);
1996 rb_insert_color(&new_clp->cl_namenode, root);
1997}
1998
1999static struct nfs4_client *
2000find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root)
2001{
ef17af2a 2002 int cmp;
ac55fdc4
JL		 2003 struct rb_node *node = root->rb_node;
2004 struct nfs4_client *clp;
2005
2006 while (node) {
2007 clp = rb_entry(node, struct nfs4_client, cl_namenode);
2008 cmp = compare_blob(&clp->cl_name, name);
2009 if (cmp > 0)
2010 node = node->rb_left;
2011 else if (cmp < 0)
2012 node = node->rb_right;
2013 else
2014 return clp;
2015 }
2016 return NULL;
2017}
2018
2019static void
2020add_to_unconfirmed(struct nfs4_client *clp)
1da177e4
LT		 2021{
2022 unsigned int idhashval;
0a7ec377 2023 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 2024
0a880a28
TM		 2025 lockdep_assert_held(&nn->client_lock);
2026
ac55fdc4 2027 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
a99454aa 2028 add_clp_to_name_tree(clp, &nn->unconf_name_tree);
1da177e4 2029 idhashval = clientid_hashval(clp->cl_clientid.cl_id);
0a7ec377 2030 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]);
3dbacee6 2031 renew_client_locked(clp);
1da177e4
LT		 2032}
2033
fd39ca9a 2034static void
1da177e4
LT		 2035move_to_confirmed(struct nfs4_client *clp)
2036{
2037 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
8daae4dc 2038 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 2039
0a880a28
TM		 2040 lockdep_assert_held(&nn->client_lock);
2041
1da177e4 2042 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
8daae4dc 2043 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]);
a99454aa 2044 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
382a62e7 2045 add_clp_to_name_tree(clp, &nn->conf_name_tree);
ac55fdc4 2046 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
3dbacee6 2047 renew_client_locked(clp);
1da177e4
LT		 2048}
2049
2050static struct nfs4_client *
bfa85e83 2051find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions)
1da177e4
LT		 2052{
2053 struct nfs4_client *clp;
2054 unsigned int idhashval = clientid_hashval(clid->cl_id);
2055
bfa85e83 2056 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) {
a50d2ad1 2057 if (same_clid(&clp->cl_clientid, clid)) {
d15c077e
BF		 2058 if ((bool)clp->cl_minorversion != sessions)
2059 return NULL;
3dbacee6 2060 renew_client_locked(clp);
1da177e4 2061 return clp;
a50d2ad1 2062 }
1da177e4
LT		 2063 }
2064 return NULL;
2065}
2066
bfa85e83
BF		 2067static struct nfs4_client *
2068find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
2069{
2070 struct list_head *tbl = nn->conf_id_hashtbl;
2071
0a880a28 2072 lockdep_assert_held(&nn->client_lock);
bfa85e83
BF		 2073 return find_client_in_id_table(tbl, clid, sessions);
2074}
2075
1da177e4 2076static struct nfs4_client *
0a7ec377 2077find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1da177e4 2078{
bfa85e83 2079 struct list_head *tbl = nn->unconf_id_hashtbl;
1da177e4 2080
0a880a28 2081 lockdep_assert_held(&nn->client_lock);
bfa85e83 2082 return find_client_in_id_table(tbl, clid, sessions);
1da177e4
LT		 2083}
2084
6e5f15c9 2085static bool clp_used_exchangeid(struct nfs4_client *clp)
a1bcecd2 2086{
6e5f15c9 2087 return clp->cl_exchange_flags != 0;
e203d506 2088}
a1bcecd2 2089
28ce6054 2090static struct nfs4_client *
382a62e7 2091find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 2092{
0a880a28 2093 lockdep_assert_held(&nn->client_lock);
382a62e7 2094 return find_clp_in_name_tree(name, &nn->conf_name_tree);
28ce6054
N		 2095}
2096
2097static struct nfs4_client *
a99454aa 2098find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 2099{
0a880a28 2100 lockdep_assert_held(&nn->client_lock);
a99454aa 2101 return find_clp_in_name_tree(name, &nn->unconf_name_tree);
28ce6054
N		 2102}
2103
fd39ca9a 2104static void
6f3d772f 2105gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1da177e4 2106{
07263f1e 2107 struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
6f3d772f
TU		 2108 struct sockaddr *sa = svc_addr(rqstp);
2109 u32 scopeid = rpc_get_scope_id(sa);
7077ecba
JL		 2110 unsigned short expected_family;
2111
2112 /* Currently, we only support tcp and tcp6 for the callback channel */
2113 if (se->se_callback_netid_len == 3 &&
2114 !memcmp(se->se_callback_netid_val, "tcp", 3))
2115 expected_family = AF_INET;
2116 else if (se->se_callback_netid_len == 4 &&
2117 !memcmp(se->se_callback_netid_val, "tcp6", 4))
2118 expected_family = AF_INET6;
2119 else
1da177e4
LT		 2120 goto out_err;
2121
c212cecf 2122 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val,
aa9a4ec7 2123 se->se_callback_addr_len,
07263f1e
BF		 2124 (struct sockaddr *)&conn->cb_addr,
2125 sizeof(conn->cb_addr));
aa9a4ec7 2126
07263f1e 2127 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1da177e4 2128 goto out_err;
aa9a4ec7 2129
07263f1e
BF		 2130 if (conn->cb_addr.ss_family == AF_INET6)
2131 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
fbf4665f 2132
07263f1e
BF		 2133 conn->cb_prog = se->se_callback_prog;
2134 conn->cb_ident = se->se_callback_ident;
849a1cf1 2135 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1da177e4
LT		 2136 return;
2137out_err:
07263f1e
BF		 2138 conn->cb_addr.ss_family = AF_UNSPEC;
2139 conn->cb_addrlen = 0;
849823c5 2140 dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
1da177e4
LT		 2141 "will not receive delegations\n",
2142 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
2143
1da177e4
LT		 2144 return;
2145}
2146
074fe897 2147/*
067e1ace 2148 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size.
074fe897 2149 */
b607664e 2150static void
074fe897 2151nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
074fe897 2152{
f5236013 2153 struct xdr_buf *buf = resp->xdr.buf;
557ce264
AA		 2154 struct nfsd4_slot *slot = resp->cstate.slot;
2155 unsigned int base;
074fe897 2156
557ce264 2157 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 2158
557ce264
AA		 2159 slot->sl_opcnt = resp->opcnt;
2160 slot->sl_status = resp->cstate.status;
074fe897 2161
bf5c43c8 2162 slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
bf864a31 2163 if (nfsd4_not_cached(resp)) {
557ce264 2164 slot->sl_datalen = 0;
bf864a31 2165 return;
074fe897 2166 }
f5236013
BF		 2167 base = resp->cstate.data_offset;
2168 slot->sl_datalen = buf->len - base;
2169 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen))
557ce264
AA		 2170 WARN("%s: sessions DRC could not cache compound\n", __func__);
2171 return;
074fe897
AA		 2172}
2173
2174/*
abfabf8c
AA		 2175 * Encode the replay sequence operation from the slot values.
2176 * If cachethis is FALSE encode the uncached rep error on the next
2177 * operation which sets resp->p and increments resp->opcnt for
2178 * nfs4svc_encode_compoundres.
074fe897 2179 *
074fe897 2180 */
abfabf8c
AA		 2181static __be32
2182nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
2183 struct nfsd4_compoundres *resp)
074fe897 2184{
abfabf8c
AA		 2185 struct nfsd4_op *op;
2186 struct nfsd4_slot *slot = resp->cstate.slot;
bf864a31 2187
abfabf8c
AA		 2188 /* Encode the replayed sequence operation */
2189 op = &args->ops[resp->opcnt - 1];
2190 nfsd4_encode_operation(resp, op);
bf864a31 2191
abfabf8c 2192 /* Return nfserr_retry_uncached_rep in next operation. */
73e79482 2193 if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
abfabf8c
AA		 2194 op = &args->ops[resp->opcnt++];
2195 op->status = nfserr_retry_uncached_rep;
2196 nfsd4_encode_operation(resp, op);
074fe897 2197 }
abfabf8c 2198 return op->status;
074fe897
AA		 2199}
2200
2201/*
557ce264
AA		 2202 * The sequence operation is not cached because we can use the slot and
2203 * session values.
074fe897 2204 */
3ca2eb98 2205static __be32
bf864a31
AA		 2206nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
2207 struct nfsd4_sequence *seq)
074fe897 2208{
557ce264 2209 struct nfsd4_slot *slot = resp->cstate.slot;
f5236013
BF		 2210 struct xdr_stream *xdr = &resp->xdr;
2211 __be32 *p;
074fe897
AA		 2212 __be32 status;
2213
557ce264 2214 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 2215
abfabf8c 2216 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
0da7b19c 2217 if (status)
abfabf8c 2218 return status;
074fe897 2219
f5236013
BF		 2220 p = xdr_reserve_space(xdr, slot->sl_datalen);
2221 if (!p) {
2222 WARN_ON_ONCE(1);
2223 return nfserr_serverfault;
2224 }
2225 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen);
2226 xdr_commit_encode(xdr);
074fe897 2227
557ce264 2228 resp->opcnt = slot->sl_opcnt;
f5236013 2229 return slot->sl_status;
074fe897
AA		 2230}
2231
0733d213
AA		 2232/*
2233 * Set the exchange_id flags returned by the server.
2234 */
2235static void
2236nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
2237{
9cf514cc
CH		 2238#ifdef CONFIG_NFSD_PNFS
2239 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS;
2240#else
0733d213 2241 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
9cf514cc 2242#endif
0733d213
AA		 2243
2244 /* Referrals are supported, Migration is not. */
2245 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
2246
2247 /* set the wire flags to return to client. */
2248 clid->flags = new->cl_exchange_flags;
2249}
2250
631fc9ea
BF		 2251static bool client_has_state(struct nfs4_client *clp)
2252{
2253 /*
2254 * Note clp->cl_openowners check isn't quite right: there's no
2255 * need to count owners without stateid's.
2256 *
2257 * Also note we should probably be using this in 4.0 case too.
2258 */
6eccece9 2259 return !list_empty(&clp->cl_openowners)
47e970be
KM		 2260#ifdef CONFIG_NFSD_PNFS
2261 || !list_empty(&clp->cl_lo_states)
2262#endif
6eccece9
BF		 2263 || !list_empty(&clp->cl_delegations)
2264 || !list_empty(&clp->cl_sessions);
631fc9ea
BF		 2265}
2266
069b6ad4
AA		 2267__be32
2268nfsd4_exchange_id(struct svc_rqst *rqstp,
2269 struct nfsd4_compound_state *cstate,
2270 struct nfsd4_exchange_id *exid)
2271{
3dbacee6
TM		 2272 struct nfs4_client *conf, *new;
2273 struct nfs4_client *unconf = NULL;
57b7b43b 2274 __be32 status;
363168b4 2275 char addr_str[INET6_ADDRSTRLEN];
0733d213 2276 nfs4_verifier verf = exid->verifier;
363168b4 2277 struct sockaddr *sa = svc_addr(rqstp);
83e08fd4 2278 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
c212cecf 2279 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0733d213 2280
363168b4 2281 rpc_ntop(sa, addr_str, sizeof(addr_str));
0733d213 2282 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
363168b4 2283 "ip_addr=%s flags %x, spa_how %d\n",
0733d213 2284 __func__, rqstp, exid, exid->clname.len, exid->clname.data,
363168b4 2285 addr_str, exid->flags, exid->spa_how);
0733d213 2286
a084daf5 2287 if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
0733d213
AA		 2288 return nfserr_inval;
2289
0733d213 2290 switch (exid->spa_how) {
57266a6e
BF		 2291 case SP4_MACH_CRED:
2292 if (!svc_rqst_integrity_protected(rqstp))
2293 return nfserr_inval;
0733d213
AA		 2294 case SP4_NONE:
2295 break;
063b0fb9
BF		 2296 default: /* checked by xdr code */
2297 WARN_ON_ONCE(1);
0733d213 2298 case SP4_SSV:
dd30333c 2299 return nfserr_encr_alg_unsupp;
0733d213
AA		 2300 }
2301
5cc40fd7
TM		 2302 new = create_client(exid->clname, rqstp, &verf);
2303 if (new == NULL)
2304 return nfserr_jukebox;
2305
2dbb269d 2306 /* Cases below refer to rfc 5661 section 18.35.4: */
3dbacee6 2307 spin_lock(&nn->client_lock);
382a62e7 2308 conf = find_confirmed_client_by_name(&exid->clname, nn);
0733d213 2309 if (conf) {
83e08fd4
BF		 2310 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
2311 bool verfs_match = same_verf(&verf, &conf->cl_verifier);
2312
136e658d
BF		 2313 if (update) {
2314 if (!clp_used_exchangeid(conf)) { /* buggy client */
2dbb269d 2315 status = nfserr_inval;
1a308118
BF		 2316 goto out;
2317 }
57266a6e
BF		 2318 if (!mach_creds_match(conf, rqstp)) {
2319 status = nfserr_wrong_cred;
2320 goto out;
2321 }
136e658d 2322 if (!creds_match) { /* case 9 */
ea236d07 2323 status = nfserr_perm;
136e658d
BF		 2324 goto out;
2325 }
2326 if (!verfs_match) { /* case 8 */
0733d213
AA		 2327 status = nfserr_not_same;
2328 goto out;
2329 }
136e658d
BF		 2330 /* case 6 */
2331 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d 2332 goto out_copy;
0733d213 2333 }
136e658d 2334 if (!creds_match) { /* case 3 */
631fc9ea
BF		 2335 if (client_has_state(conf)) {
2336 status = nfserr_clid_inuse;
0733d213
AA		 2337 goto out;
2338 }
0733d213
AA		 2339 goto out_new;
2340 }
136e658d 2341 if (verfs_match) { /* case 2 */
0f1ba0ef 2342 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d
BF		 2343 goto out_copy;
2344 }
2345 /* case 5, client reboot */
3dbacee6 2346 conf = NULL;
136e658d 2347 goto out_new;
6ddbbbfe
MS		 2348 }
2349
2dbb269d 2350 if (update) { /* case 7 */
6ddbbbfe
MS		 2351 status = nfserr_noent;
2352 goto out;
0733d213
AA		 2353 }
2354
a99454aa 2355 unconf = find_unconfirmed_client_by_name(&exid->clname, nn);
2dbb269d 2356 if (unconf) /* case 4, possible retry or client restart */
3dbacee6 2357 unhash_client_locked(unconf);
0733d213 2358
2dbb269d 2359 /* case 1 (normal case) */
0733d213 2360out_new:
fd699b8a
JL		 2361 if (conf) {
2362 status = mark_client_expired_locked(conf);
2363 if (status)
2364 goto out;
2365 }
4f540e29 2366 new->cl_minorversion = cstate->minorversion;
57266a6e 2367 new->cl_mach_cred = (exid->spa_how == SP4_MACH_CRED);
0733d213 2368
c212cecf 2369 gen_clid(new, nn);
ac55fdc4 2370 add_to_unconfirmed(new);
3dbacee6 2371 swap(new, conf);
0733d213 2372out_copy:
5cc40fd7
TM		 2373 exid->clientid.cl_boot = conf->cl_clientid.cl_boot;
2374 exid->clientid.cl_id = conf->cl_clientid.cl_id;
0733d213 2375
5cc40fd7
TM		 2376 exid->seqid = conf->cl_cs_slot.sl_seqid + 1;
2377 nfsd4_set_ex_flags(conf, exid);
0733d213
AA		 2378
2379 dprintk("nfsd4_exchange_id seqid %d flags %x\n",
5cc40fd7 2380 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags);
0733d213
AA		 2381 status = nfs_ok;
2382
2383out:
3dbacee6 2384 spin_unlock(&nn->client_lock);
5cc40fd7 2385 if (new)
3dbacee6
TM		 2386 expire_client(new);
2387 if (unconf)
2388 expire_client(unconf);
0733d213 2389 return status;
069b6ad4
AA		 2390}
2391
57b7b43b 2392static __be32
88e588d5 2393check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
b85d4c01 2394{
88e588d5
AA		 2395 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
2396 slot_seqid);
b85d4c01
BH		 2397
2398 /* The slot is in use, and no response has been sent. */
88e588d5
AA		 2399 if (slot_inuse) {
2400 if (seqid == slot_seqid)
b85d4c01
BH		 2401 return nfserr_jukebox;
2402 else
2403 return nfserr_seq_misordered;
2404 }
f6d82485 2405 /* Note unsigned 32-bit arithmetic handles wraparound: */
88e588d5 2406 if (likely(seqid == slot_seqid + 1))
b85d4c01 2407 return nfs_ok;
88e588d5 2408 if (seqid == slot_seqid)
b85d4c01 2409 return nfserr_replay_cache;
b85d4c01
BH		 2410 return nfserr_seq_misordered;
2411}
2412
49557cc7
AA		 2413/*
2414 * Cache the create session result into the create session single DRC
2415 * slot cache by saving the xdr structure. sl_seqid has been set.
2416 * Do this for solo or embedded create session operations.
2417 */
2418static void
2419nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
57b7b43b 2420 struct nfsd4_clid_slot *slot, __be32 nfserr)
49557cc7
AA		 2421{
2422 slot->sl_status = nfserr;
2423 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
2424}
2425
2426static __be32
2427nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
2428 struct nfsd4_clid_slot *slot)
2429{
2430 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
2431 return slot->sl_status;
2432}
2433
1b74c25b
MJ		 2434#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
2435 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
2436 1 + /* MIN tag is length with zero, only length */ \
2437 3 + /* version, opcount, opcode */ \
2438 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2439 /* seqid, slotID, slotID, cache */ \
2440 4 ) * sizeof(__be32))
2441
2442#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
2443 2 + /* verifier: AUTH_NULL, length 0 */\
2444 1 + /* status */ \
2445 1 + /* MIN tag is length with zero, only length */ \
2446 3 + /* opcount, opcode, opstatus*/ \
2447 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
2448 /* seqid, slotID, slotID, slotID, status */ \
2449 5 ) * sizeof(__be32))
2450
55c760cf 2451static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
1b74c25b 2452{
55c760cf
BF		 2453 u32 maxrpc = nn->nfsd_serv->sv_max_mesg;
2454
373cd409
BF		 2455 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ)
2456 return nfserr_toosmall;
2457 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ)
2458 return nfserr_toosmall;
55c760cf
BF		 2459 ca->headerpadsz = 0;
2460 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc);
2461 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc);
2462 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND);
2463 ca->maxresp_cached = min_t(u32, ca->maxresp_cached,
2464 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ);
2465 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION);
2466 /*
2467 * Note decreasing slot size below client's request may make it
2468 * difficult for client to function correctly, whereas
2469 * decreasing the number of slots will (just?) affect
2470 * performance. When short on memory we therefore prefer to
2471 * decrease number of slots instead of their size. Clients that
2472 * request larger slots than they need will get poor results:
2473 */
2474 ca->maxreqs = nfsd4_get_drc_mem(ca);
2475 if (!ca->maxreqs)
2476 return nfserr_jukebox;
2477
373cd409 2478 return nfs_ok;
1b74c25b
MJ		 2479}
2480
8a891633
KM		 2481#define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
2482 RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32))
2483#define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
2484 RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32))
2485
06b332a5 2486static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
1b74c25b 2487{
06b332a5
BF		 2488 ca->headerpadsz = 0;
2489
2490 /*
2491 * These RPC_MAX_HEADER macros are overkill, especially since we
2492 * don't even do gss on the backchannel yet. But this is still
2493 * less than 1k. Tighten up this estimate in the unlikely event
2494 * it turns out to be a problem for some client:
2495 */
8a891633 2496 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
06b332a5 2497 return nfserr_toosmall;
8a891633 2498 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
06b332a5
BF		 2499 return nfserr_toosmall;
2500 ca->maxresp_cached = 0;
2501 if (ca->maxops < 2)
2502 return nfserr_toosmall;
2503
2504 return nfs_ok;
1b74c25b
MJ		 2505}
2506
b78724b7
BF		 2507static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs)
2508{
2509 switch (cbs->flavor) {
2510 case RPC_AUTH_NULL:
2511 case RPC_AUTH_UNIX:
2512 return nfs_ok;
2513 default:
2514 /*
2515 * GSS case: the spec doesn't allow us to return this
2516 * error. But it also doesn't allow us not to support
2517 * GSS.
2518 * I'd rather this fail hard than return some error the
2519 * client might think it can already handle:
2520 */
2521 return nfserr_encr_alg_unsupp;
2522 }
2523}
2524
069b6ad4
AA		 2525__be32
2526nfsd4_create_session(struct svc_rqst *rqstp,
2527 struct nfsd4_compound_state *cstate,
2528 struct nfsd4_create_session *cr_ses)
2529{
363168b4 2530 struct sockaddr *sa = svc_addr(rqstp);
ec6b5d7b 2531 struct nfs4_client *conf, *unconf;
d20c11d8 2532 struct nfs4_client *old = NULL;
ac7c46f2 2533 struct nfsd4_session *new;
81f0b2a4 2534 struct nfsd4_conn *conn;
49557cc7 2535 struct nfsd4_clid_slot *cs_slot = NULL;
57b7b43b 2536 __be32 status = 0;
8daae4dc 2537 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
ec6b5d7b 2538
a62573dc
MJ		 2539 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
2540 return nfserr_inval;
b78724b7
BF		 2541 status = nfsd4_check_cb_sec(&cr_ses->cb_sec);
2542 if (status)
2543 return status;
55c760cf 2544 status = check_forechannel_attrs(&cr_ses->fore_channel, nn);
06b332a5
BF		 2545 if (status)
2546 return status;
2547 status = check_backchannel_attrs(&cr_ses->back_channel);
373cd409 2548 if (status)
f403e450 2549 goto out_release_drc_mem;
81f0b2a4 2550 status = nfserr_jukebox;
60810e54 2551 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel);
55c760cf
BF		 2552 if (!new)
2553 goto out_release_drc_mem;
81f0b2a4
BF		 2554 conn = alloc_conn_from_crses(rqstp, cr_ses);
2555 if (!conn)
2556 goto out_free_session;
a62573dc 2557
d20c11d8 2558 spin_lock(&nn->client_lock);
0a7ec377 2559 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn);
8daae4dc 2560 conf = find_confirmed_client(&cr_ses->clientid, true, nn);
78389046 2561 WARN_ON_ONCE(conf && unconf);
ec6b5d7b
AA		 2562
2563 if (conf) {
57266a6e
BF		 2564 status = nfserr_wrong_cred;
2565 if (!mach_creds_match(conf, rqstp))
2566 goto out_free_conn;
49557cc7
AA		 2567 cs_slot = &conf->cl_cs_slot;
2568 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
f5e22bb6
KM		 2569 if (status) {
2570 if (status == nfserr_replay_cache)
2571 status = nfsd4_replay_create_session(cr_ses, cs_slot);
81f0b2a4 2572 goto out_free_conn;
ec6b5d7b 2573 }
ec6b5d7b
AA		 2574 } else if (unconf) {
2575 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
363168b4 2576 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
ec6b5d7b 2577 status = nfserr_clid_inuse;
81f0b2a4 2578 goto out_free_conn;
ec6b5d7b 2579 }
57266a6e
BF		 2580 status = nfserr_wrong_cred;
2581 if (!mach_creds_match(unconf, rqstp))
2582 goto out_free_conn;
49557cc7
AA		 2583 cs_slot = &unconf->cl_cs_slot;
2584 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5
AA		 2585 if (status) {
2586 /* an unconfirmed replay returns misordered */
ec6b5d7b 2587 status = nfserr_seq_misordered;
81f0b2a4 2588 goto out_free_conn;
ec6b5d7b 2589 }
382a62e7 2590 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876 2591 if (old) {
d20c11d8 2592 status = mark_client_expired_locked(old);
7abea1e8
JL		 2593 if (status) {
2594 old = NULL;
221a6876 2595 goto out_free_conn;
7abea1e8 2596 }
221a6876 2597 }
8f9d3d3b 2598 move_to_confirmed(unconf);
ec6b5d7b
AA		 2599 conf = unconf;
2600 } else {
2601 status = nfserr_stale_clientid;
81f0b2a4 2602 goto out_free_conn;
ec6b5d7b 2603 }
81f0b2a4 2604 status = nfs_ok;
408b79bc
BF		 2605 /*
2606 * We do not support RDMA or persistent sessions
2607 */
2608 cr_ses->flags &= ~SESSION4_PERSIST;
2609 cr_ses->flags &= ~SESSION4_RDMA;
2610
81f0b2a4 2611 init_session(rqstp, new, conf, cr_ses);
d20c11d8 2612 nfsd4_get_session_locked(new);
81f0b2a4 2613
ac7c46f2 2614 memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
ec6b5d7b 2615 NFS4_MAX_SESSIONID_LEN);
86c3e16c 2616 cs_slot->sl_seqid++;
49557cc7 2617 cr_ses->seqid = cs_slot->sl_seqid;
ec6b5d7b 2618
d20c11d8 2619 /* cache solo and embedded create sessions under the client_lock */
49557cc7 2620 nfsd4_cache_create_session(cr_ses, cs_slot, status);
d20c11d8
JL		 2621 spin_unlock(&nn->client_lock);
2622 /* init connection and backchannel */
2623 nfsd4_init_conn(rqstp, conn, new);
2624 nfsd4_put_session(new);
d20c11d8
JL		 2625 if (old)
2626 expire_client(old);
ec6b5d7b 2627 return status;
81f0b2a4 2628out_free_conn:
d20c11d8 2629 spin_unlock(&nn->client_lock);
81f0b2a4 2630 free_conn(conn);
d20c11d8
JL		 2631 if (old)
2632 expire_client(old);
81f0b2a4
BF		 2633out_free_session:
2634 __free_session(new);
55c760cf
BF		 2635out_release_drc_mem:
2636 nfsd4_put_drc_mem(&cr_ses->fore_channel);
1ca50792 2637 return status;
069b6ad4
AA		 2638}
2639
1d1bc8f2
BF		 2640static __be32 nfsd4_map_bcts_dir(u32 *dir)
2641{
2642 switch (*dir) {
2643 case NFS4_CDFC4_FORE:
2644 case NFS4_CDFC4_BACK:
2645 return nfs_ok;
2646 case NFS4_CDFC4_FORE_OR_BOTH:
2647 case NFS4_CDFC4_BACK_OR_BOTH:
2648 *dir = NFS4_CDFC4_BOTH;
2649 return nfs_ok;
2650 };
2651 return nfserr_inval;
2652}
2653
cb73a9f4
BF		 2654__be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_backchannel_ctl *bc)
2655{
2656 struct nfsd4_session *session = cstate->session;
c9a49628 2657 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
b78724b7 2658 __be32 status;
cb73a9f4 2659
b78724b7
BF		 2660 status = nfsd4_check_cb_sec(&bc->bc_cb_sec);
2661 if (status)
2662 return status;
c9a49628 2663 spin_lock(&nn->client_lock);
cb73a9f4
BF		 2664 session->se_cb_prog = bc->bc_cb_program;
2665 session->se_cb_sec = bc->bc_cb_sec;
c9a49628 2666 spin_unlock(&nn->client_lock);
cb73a9f4
BF		 2667
2668 nfsd4_probe_callback(session->se_client);
2669
2670 return nfs_ok;
2671}
2672
1d1bc8f2
BF		 2673__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
2674 struct nfsd4_compound_state *cstate,
2675 struct nfsd4_bind_conn_to_session *bcts)
2676{
2677 __be32 status;
3ba63671 2678 struct nfsd4_conn *conn;
4f6e6c17 2679 struct nfsd4_session *session;
d4e19e70
TM		 2680 struct net *net = SVC_NET(rqstp);
2681 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1d1bc8f2
BF		 2682
2683 if (!nfsd4_last_compound_op(rqstp))
2684 return nfserr_not_only_op;
c9a49628 2685 spin_lock(&nn->client_lock);
d4e19e70 2686 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status);
c9a49628 2687 spin_unlock(&nn->client_lock);
4f6e6c17 2688 if (!session)
d4e19e70 2689 goto out_no_session;
57266a6e
BF		 2690 status = nfserr_wrong_cred;
2691 if (!mach_creds_match(session->se_client, rqstp))
2692 goto out;
1d1bc8f2 2693 status = nfsd4_map_bcts_dir(&bcts->dir);
3ba63671 2694 if (status)
4f6e6c17 2695 goto out;
3ba63671 2696 conn = alloc_conn(rqstp, bcts->dir);
4f6e6c17 2697 status = nfserr_jukebox;
3ba63671 2698 if (!conn)
4f6e6c17
BF		 2699 goto out;
2700 nfsd4_init_conn(rqstp, conn, session);
2701 status = nfs_ok;
2702out:
d4e19e70
TM		 2703 nfsd4_put_session(session);
2704out_no_session:
4f6e6c17 2705 return status;
1d1bc8f2
BF		 2706}
2707
5d4cec2f
BF		 2708static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
2709{
2710 if (!session)
2711 return 0;
2712 return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
2713}
2714
069b6ad4
AA		 2715__be32
2716nfsd4_destroy_session(struct svc_rqst *r,
2717 struct nfsd4_compound_state *cstate,
2718 struct nfsd4_destroy_session *sessionid)
2719{
e10e0cfc 2720 struct nfsd4_session *ses;
abcdff09 2721 __be32 status;
f0f51f5c 2722 int ref_held_by_me = 0;
d4e19e70
TM		 2723 struct net *net = SVC_NET(r);
2724 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
e10e0cfc 2725
abcdff09 2726 status = nfserr_not_only_op;
5d4cec2f 2727 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
57716355 2728 if (!nfsd4_last_compound_op(r))
abcdff09 2729 goto out;
f0f51f5c 2730 ref_held_by_me++;
57716355 2731 }
e10e0cfc 2732 dump_sessionid(__func__, &sessionid->sessionid);
c9a49628 2733 spin_lock(&nn->client_lock);
d4e19e70 2734 ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status);
abcdff09
BF		 2735 if (!ses)
2736 goto out_client_lock;
57266a6e
BF		 2737 status = nfserr_wrong_cred;
2738 if (!mach_creds_match(ses->se_client, r))
d4e19e70 2739 goto out_put_session;
f0f51f5c 2740 status = mark_session_dead_locked(ses, 1 + ref_held_by_me);
66b2b9b2 2741 if (status)
f0f51f5c 2742 goto out_put_session;
e10e0cfc 2743 unhash_session(ses);
c9a49628 2744 spin_unlock(&nn->client_lock);
e10e0cfc 2745
84f5f7cc 2746 nfsd4_probe_callback_sync(ses->se_client);
19cf5c02 2747
c9a49628 2748 spin_lock(&nn->client_lock);
e10e0cfc 2749 status = nfs_ok;
f0f51f5c 2750out_put_session:
d4e19e70 2751 nfsd4_put_session_locked(ses);
abcdff09
BF		 2752out_client_lock:
2753 spin_unlock(&nn->client_lock);
e10e0cfc 2754out:
e10e0cfc 2755 return status;
069b6ad4
AA		 2756}
2757
a663bdd8 2758static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
328ead28
BF		 2759{
2760 struct nfsd4_conn *c;
2761
2762 list_for_each_entry(c, &s->se_conns, cn_persession) {
a663bdd8 2763 if (c->cn_xprt == xpt) {
328ead28
BF		 2764 return c;
2765 }
2766 }
2767 return NULL;
2768}
2769
57266a6e 2770static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
328ead28
BF		 2771{
2772 struct nfs4_client *clp = ses->se_client;
a663bdd8 2773 struct nfsd4_conn *c;
57266a6e 2774 __be32 status = nfs_ok;
21b75b01 2775 int ret;
328ead28
BF		 2776
2777 spin_lock(&clp->cl_lock);
a663bdd8 2778 c = __nfsd4_find_conn(new->cn_xprt, ses);
57266a6e
BF		 2779 if (c)
2780 goto out_free;
2781 status = nfserr_conn_not_bound_to_session;
2782 if (clp->cl_mach_cred)
2783 goto out_free;
328ead28
BF		 2784 __nfsd4_hash_conn(new, ses);
2785 spin_unlock(&clp->cl_lock);
21b75b01
BF		 2786 ret = nfsd4_register_conn(new);
2787 if (ret)
2788 /* oops; xprt is already down: */
2789 nfsd4_conn_lost(&new->cn_xpt_user);
57266a6e
BF		 2790 return nfs_ok;
2791out_free:
2792 spin_unlock(&clp->cl_lock);
2793 free_conn(new);
2794 return status;
328ead28
BF		 2795}
2796
868b89c3
MJ		 2797static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
2798{
2799 struct nfsd4_compoundargs *args = rqstp->rq_argp;
2800
2801 return args->opcnt > session->se_fchannel.maxops;
2802}
2803
ae82a8d0
MJ		 2804static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
2805 struct nfsd4_session *session)
2806{
2807 struct xdr_buf *xb = &rqstp->rq_arg;
2808
2809 return xb->len > session->se_fchannel.maxreq_sz;
2810}
2811
069b6ad4 2812__be32
b85d4c01 2813nfsd4_sequence(struct svc_rqst *rqstp,
069b6ad4
AA		 2814 struct nfsd4_compound_state *cstate,
2815 struct nfsd4_sequence *seq)
2816{
f9bb94c4 2817 struct nfsd4_compoundres *resp = rqstp->rq_resp;
47ee5298 2818 struct xdr_stream *xdr = &resp->xdr;
b85d4c01 2819 struct nfsd4_session *session;
221a6876 2820 struct nfs4_client *clp;
b85d4c01 2821 struct nfsd4_slot *slot;
a663bdd8 2822 struct nfsd4_conn *conn;
57b7b43b 2823 __be32 status;
47ee5298 2824 int buflen;
d4e19e70
TM		 2825 struct net *net = SVC_NET(rqstp);
2826 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b85d4c01 2827
f9bb94c4
AA		 2828 if (resp->opcnt != 1)
2829 return nfserr_sequence_pos;
2830
a663bdd8
BF		 2831 /*
2832 * Will be either used or freed by nfsd4_sequence_check_conn
2833 * below.
2834 */
2835 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
2836 if (!conn)
2837 return nfserr_jukebox;
2838
c9a49628 2839 spin_lock(&nn->client_lock);
d4e19e70 2840 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status);
b85d4c01 2841 if (!session)
221a6876
BF		 2842 goto out_no_session;
2843 clp = session->se_client;
b85d4c01 2844
868b89c3
MJ		 2845 status = nfserr_too_many_ops;
2846 if (nfsd4_session_too_many_ops(rqstp, session))
66b2b9b2 2847 goto out_put_session;
868b89c3 2848
ae82a8d0
MJ		 2849 status = nfserr_req_too_big;
2850 if (nfsd4_request_too_big(rqstp, session))
66b2b9b2 2851 goto out_put_session;
ae82a8d0 2852
b85d4c01 2853 status = nfserr_badslot;
6c18ba9f 2854 if (seq->slotid >= session->se_fchannel.maxreqs)
66b2b9b2 2855 goto out_put_session;
b85d4c01 2856
557ce264 2857 slot = session->se_slots[seq->slotid];
b85d4c01
BH		 2858 dprintk("%s: slotid %d\n", __func__, seq->slotid);
2859
a8dfdaeb
AA		 2860 /* We do not negotiate the number of slots yet, so set the
2861 * maxslots to the session maxreqs which is used to encode
2862 * sr_highest_slotid and the sr_target_slot id to maxslots */
2863 seq->maxslots = session->se_fchannel.maxreqs;
2864
73e79482
BF		 2865 status = check_slot_seqid(seq->seqid, slot->sl_seqid,
2866 slot->sl_flags & NFSD4_SLOT_INUSE);
b85d4c01 2867 if (status == nfserr_replay_cache) {
bf5c43c8
BF		 2868 status = nfserr_seq_misordered;
2869 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
66b2b9b2 2870 goto out_put_session;
b85d4c01
BH		 2871 cstate->slot = slot;
2872 cstate->session = session;
4b24ca7d 2873 cstate->clp = clp;
da3846a2 2874 /* Return the cached reply status and set cstate->status
557ce264 2875 * for nfsd4_proc_compound processing */
bf864a31 2876 status = nfsd4_replay_cache_entry(resp, seq);
da3846a2 2877 cstate->status = nfserr_replay_cache;
aaf84eb9 2878 goto out;
b85d4c01
BH		 2879 }
2880 if (status)
66b2b9b2 2881 goto out_put_session;
b85d4c01 2882
57266a6e 2883 status = nfsd4_sequence_check_conn(conn, session);
a663bdd8 2884 conn = NULL;
57266a6e
BF		 2885 if (status)
2886 goto out_put_session;
328ead28 2887
47ee5298
BF		 2888 buflen = (seq->cachethis) ?
2889 session->se_fchannel.maxresp_cached :
2890 session->se_fchannel.maxresp_sz;
2891 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :
2892 nfserr_rep_too_big;
a5cddc88 2893 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))
47ee5298 2894 goto out_put_session;
32aaa62e 2895 svc_reserve(rqstp, buflen);
47ee5298
BF		 2896
2897 status = nfs_ok;
b85d4c01 2898 /* Success! bump slot seqid */
b85d4c01 2899 slot->sl_seqid = seq->seqid;
bf5c43c8 2900 slot->sl_flags |= NFSD4_SLOT_INUSE;
73e79482
BF		 2901 if (seq->cachethis)
2902 slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
bf5c43c8
BF		 2903 else
2904 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
b85d4c01
BH		 2905
2906 cstate->slot = slot;
2907 cstate->session = session;
4b24ca7d 2908 cstate->clp = clp;
b85d4c01 2909
b85d4c01 2910out:
221a6876
BF		 2911 switch (clp->cl_cb_state) {
2912 case NFSD4_CB_DOWN:
2913 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
2914 break;
2915 case NFSD4_CB_FAULT:
2916 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
2917 break;
2918 default:
2919 seq->status_flags = 0;
aaf84eb9 2920 }
3bd64a5b
BF		 2921 if (!list_empty(&clp->cl_revoked))
2922 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED;
221a6876 2923out_no_session:
3f42d2c4
KM		 2924 if (conn)
2925 free_conn(conn);
c9a49628 2926 spin_unlock(&nn->client_lock);
b85d4c01 2927 return status;
66b2b9b2 2928out_put_session:
d4e19e70 2929 nfsd4_put_session_locked(session);
221a6876 2930 goto out_no_session;
069b6ad4
AA		 2931}
2932
b607664e
TM		 2933void
2934nfsd4_sequence_done(struct nfsd4_compoundres *resp)
2935{
2936 struct nfsd4_compound_state *cs = &resp->cstate;
2937
2938 if (nfsd4_has_session(cs)) {
b607664e
TM		 2939 if (cs->status != nfserr_replay_cache) {
2940 nfsd4_store_cache_entry(resp);
2941 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE;
2942 }
d4e19e70 2943 /* Drop session reference that was taken in nfsd4_sequence() */
b607664e 2944 nfsd4_put_session(cs->session);
4b24ca7d
JL		 2945 } else if (cs->clp)
2946 put_client_renew(cs->clp);
b607664e
TM		 2947}
2948
345c2842
MJ		 2949__be32
2950nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
2951{
6b10ad19
TM		 2952 struct nfs4_client *conf, *unconf;
2953 struct nfs4_client *clp = NULL;
57b7b43b 2954 __be32 status = 0;
8daae4dc 2955 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
345c2842 2956
6b10ad19 2957 spin_lock(&nn->client_lock);
0a7ec377 2958 unconf = find_unconfirmed_client(&dc->clientid, true, nn);
8daae4dc 2959 conf = find_confirmed_client(&dc->clientid, true, nn);
78389046 2960 WARN_ON_ONCE(conf && unconf);
345c2842
MJ		 2961
2962 if (conf) {
c0293b01 2963 if (client_has_state(conf)) {
345c2842
MJ		 2964 status = nfserr_clientid_busy;
2965 goto out;
2966 }
fd699b8a
JL		 2967 status = mark_client_expired_locked(conf);
2968 if (status)
2969 goto out;
6b10ad19 2970 clp = conf;
345c2842
MJ		 2971 } else if (unconf)
2972 clp = unconf;
2973 else {
2974 status = nfserr_stale_clientid;
2975 goto out;
2976 }
57266a6e 2977 if (!mach_creds_match(clp, rqstp)) {
6b10ad19 2978 clp = NULL;
57266a6e
BF		 2979 status = nfserr_wrong_cred;
2980 goto out;
2981 }
6b10ad19 2982 unhash_client_locked(clp);
345c2842 2983out:
6b10ad19 2984 spin_unlock(&nn->client_lock);
6b10ad19
TM		 2985 if (clp)
2986 expire_client(clp);
345c2842
MJ		 2987 return status;
2988}
2989
4dc6ec00
BF		 2990__be32
2991nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
2992{
57b7b43b 2993 __be32 status = 0;
bcecf1cc 2994
4dc6ec00
BF		 2995 if (rc->rca_one_fs) {
2996 if (!cstate->current_fh.fh_dentry)
2997 return nfserr_nofilehandle;
2998 /*
2999 * We don't take advantage of the rca_one_fs case.
3000 * That's OK, it's optional, we can safely ignore it.
3001 */
3002 return nfs_ok;
3003 }
bcecf1cc 3004
bcecf1cc 3005 status = nfserr_complete_already;
a52d726b
JL		 3006 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
3007 &cstate->session->se_client->cl_flags))
bcecf1cc
MJ		 3008 goto out;
3009
3010 status = nfserr_stale_clientid;
3011 if (is_client_expired(cstate->session->se_client))
4dc6ec00
BF		 3012 /*
3013 * The following error isn't really legal.
3014 * But we only get here if the client just explicitly
3015 * destroyed the client. Surely it no longer cares what
3016 * error it gets back on an operation for the dead
3017 * client.
3018 */
bcecf1cc
MJ		 3019 goto out;
3020
3021 status = nfs_ok;
2a4317c5 3022 nfsd4_client_record_create(cstate->session->se_client);
bcecf1cc 3023out:
bcecf1cc 3024 return status;
4dc6ec00
BF		 3025}
3026
b37ad28b 3027__be32
b591480b
BF		 3028nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3029 struct nfsd4_setclientid *setclid)
1da177e4 3030{
a084daf5 3031 struct xdr_netobj clname = setclid->se_name;
1da177e4 3032 nfs4_verifier clverifier = setclid->se_verf;
3dbacee6
TM		 3033 struct nfs4_client *conf, *new;
3034 struct nfs4_client *unconf = NULL;
b37ad28b 3035 __be32 status;
c212cecf
SK		 3036 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
3037
5cc40fd7
TM		 3038 new = create_client(clname, rqstp, &clverifier);
3039 if (new == NULL)
3040 return nfserr_jukebox;
63db4632 3041 /* Cases below refer to rfc 3530 section 14.2.33: */
3dbacee6 3042 spin_lock(&nn->client_lock);
382a62e7 3043 conf = find_confirmed_client_by_name(&clname, nn);
28ce6054 3044 if (conf) {
63db4632 3045 /* case 0: */
1da177e4 3046 status = nfserr_clid_inuse;
e203d506
BF		 3047 if (clp_used_exchangeid(conf))
3048 goto out;
026722c2 3049 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
363168b4
JL		 3050 char addr_str[INET6_ADDRSTRLEN];
3051 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
3052 sizeof(addr_str));
3053 dprintk("NFSD: setclientid: string in use by client "
3054 "at %s\n", addr_str);
1da177e4
LT		 3055 goto out;
3056 }
1da177e4 3057 }
a99454aa 3058 unconf = find_unconfirmed_client_by_name(&clname, nn);
8f930711 3059 if (unconf)
3dbacee6 3060 unhash_client_locked(unconf);
41eb1670 3061 if (conf && same_verf(&conf->cl_verifier, &clverifier)) {
63db4632 3062 /* case 1: probable callback update */
1da177e4 3063 copy_clid(new, conf);
41eb1670
KM		 3064 gen_confirm(new, nn);
3065 } else /* case 4 (new client) or cases 2, 3 (client reboot): */
c212cecf 3066 gen_clid(new, nn);
8323c3b2 3067 new->cl_minorversion = 0;
6f3d772f 3068 gen_callback(new, setclid, rqstp);
ac55fdc4 3069 add_to_unconfirmed(new);
1da177e4
LT		 3070 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
3071 setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
3072 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
5cc40fd7 3073 new = NULL;
1da177e4
LT		 3074 status = nfs_ok;
3075out:
3dbacee6 3076 spin_unlock(&nn->client_lock);
5cc40fd7
TM		 3077 if (new)
3078 free_client(new);
3dbacee6
TM		 3079 if (unconf)
3080 expire_client(unconf);
1da177e4
LT		 3081 return status;
3082}
3083
3084
b37ad28b 3085__be32
b591480b
BF		 3086nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
3087 struct nfsd4_compound_state *cstate,
3088 struct nfsd4_setclientid_confirm *setclientid_confirm)
1da177e4 3089{
21ab45a4 3090 struct nfs4_client *conf, *unconf;
d20c11d8 3091 struct nfs4_client *old = NULL;
1da177e4
LT		 3092 nfs4_verifier confirm = setclientid_confirm->sc_confirm;
3093 clientid_t * clid = &setclientid_confirm->sc_clientid;
b37ad28b 3094 __be32 status;
7f2210fa 3095 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 3096
2c142baa 3097 if (STALE_CLIENTID(clid, nn))
1da177e4 3098 return nfserr_stale_clientid;
21ab45a4 3099
d20c11d8 3100 spin_lock(&nn->client_lock);
8daae4dc 3101 conf = find_confirmed_client(clid, false, nn);
0a7ec377 3102 unconf = find_unconfirmed_client(clid, false, nn);
a186e767 3103 /*
8695b90a
BF		 3104 * We try hard to give out unique clientid's, so if we get an
3105 * attempt to confirm the same clientid with a different cred,
3106 * there's a bug somewhere. Let's charitably assume it's our
3107 * bug.
a186e767 3108 */
8695b90a
BF		 3109 status = nfserr_serverfault;
3110 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
3111 goto out;
3112 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
3113 goto out;
63db4632 3114 /* cases below refer to rfc 3530 section 14.2.34: */
90d700b7
BF		 3115 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
3116 if (conf && !unconf) /* case 2: probable retransmit */
1da177e4 3117 status = nfs_ok;
90d700b7
BF		 3118 else /* case 4: client hasn't noticed we rebooted yet? */
3119 status = nfserr_stale_clientid;
3120 goto out;
3121 }
3122 status = nfs_ok;
3123 if (conf) { /* case 1: callback update */
d20c11d8
JL		 3124 old = unconf;
3125 unhash_client_locked(old);
8695b90a 3126 nfsd4_change_callback(conf, &unconf->cl_cb_conn);
90d700b7 3127 } else { /* case 3: normal case; new or rebooted client */
d20c11d8
JL		 3128 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
3129 if (old) {
3130 status = mark_client_expired_locked(old);
7abea1e8
JL		 3131 if (status) {
3132 old = NULL;
221a6876 3133 goto out;
7abea1e8 3134 }
221a6876 3135 }
8695b90a 3136 move_to_confirmed(unconf);
d20c11d8 3137 conf = unconf;
08e8987c 3138 }
d20c11d8
JL		 3139 get_client_locked(conf);
3140 spin_unlock(&nn->client_lock);
3141 nfsd4_probe_callback(conf);
3142 spin_lock(&nn->client_lock);
3143 put_client_renew_locked(conf);
1da177e4 3144out:
d20c11d8
JL		 3145 spin_unlock(&nn->client_lock);
3146 if (old)
3147 expire_client(old);
1da177e4
LT		 3148 return status;
3149}
3150
32513b40
BF		 3151static struct nfs4_file *nfsd4_alloc_file(void)
3152{
3153 return kmem_cache_alloc(file_slab, GFP_KERNEL);
3154}
3155
1da177e4 3156/* OPEN Share state helper functions */
5b095e99
JL		 3157static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval,
3158 struct nfs4_file *fp)
1da177e4 3159{
950e0118
TM		 3160 lockdep_assert_held(&state_lock);
3161
32513b40 3162 atomic_set(&fp->fi_ref, 1);
1d31a253 3163 spin_lock_init(&fp->fi_lock);
32513b40
BF		 3164 INIT_LIST_HEAD(&fp->fi_stateids);
3165 INIT_LIST_HEAD(&fp->fi_delegations);
8287f009 3166 INIT_LIST_HEAD(&fp->fi_clnt_odstate);
e2cf80d7 3167 fh_copy_shallow(&fp->fi_fhandle, fh);
0c637be8 3168 fp->fi_deleg_file = NULL;
32513b40 3169 fp->fi_had_conflict = false;
baeb4ff0 3170 fp->fi_share_deny = 0;
32513b40
BF		 3171 memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
3172 memset(fp->fi_access, 0, sizeof(fp->fi_access));
9cf514cc
CH		 3173#ifdef CONFIG_NFSD_PNFS
3174 INIT_LIST_HEAD(&fp->fi_lo_states);
c5c707f9 3175 atomic_set(&fp->fi_lo_recalls, 0);
9cf514cc 3176#endif
5b095e99 3177 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]);
1da177e4
LT		 3178}
3179
e8ff2a84 3180void
1da177e4
LT		 3181nfsd4_free_slabs(void)
3182{
8287f009 3183 kmem_cache_destroy(odstate_slab);
abf1135b
CH		 3184 kmem_cache_destroy(openowner_slab);
3185 kmem_cache_destroy(lockowner_slab);
3186 kmem_cache_destroy(file_slab);
3187 kmem_cache_destroy(stateid_slab);
3188 kmem_cache_destroy(deleg_slab);
e60d4398 3189}
1da177e4 3190
72083396 3191int
e60d4398
N		 3192nfsd4_init_slabs(void)
3193{
fe0750e5
BF		 3194 openowner_slab = kmem_cache_create("nfsd4_openowners",
3195 sizeof(struct nfs4_openowner), 0, 0, NULL);
3196 if (openowner_slab == NULL)
abf1135b 3197 goto out;
fe0750e5 3198 lockowner_slab = kmem_cache_create("nfsd4_lockowners",
3c40794b 3199 sizeof(struct nfs4_lockowner), 0, 0, NULL);
fe0750e5 3200 if (lockowner_slab == NULL)
abf1135b 3201 goto out_free_openowner_slab;
e60d4398 3202 file_slab = kmem_cache_create("nfsd4_files",
20c2df83 3203 sizeof(struct nfs4_file), 0, 0, NULL);
e60d4398 3204 if (file_slab == NULL)
abf1135b 3205 goto out_free_lockowner_slab;
5ac049ac 3206 stateid_slab = kmem_cache_create("nfsd4_stateids",
dcef0413 3207 sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
5ac049ac 3208 if (stateid_slab == NULL)
abf1135b 3209 goto out_free_file_slab;
5b2d21c1 3210 deleg_slab = kmem_cache_create("nfsd4_delegations",
20c2df83 3211 sizeof(struct nfs4_delegation), 0, 0, NULL);
5b2d21c1 3212 if (deleg_slab == NULL)
abf1135b 3213 goto out_free_stateid_slab;
8287f009
SB		 3214 odstate_slab = kmem_cache_create("nfsd4_odstate",
3215 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL);
3216 if (odstate_slab == NULL)
3217 goto out_free_deleg_slab;
e60d4398 3218 return 0;
abf1135b 3219
8287f009
SB		 3220out_free_deleg_slab:
3221 kmem_cache_destroy(deleg_slab);
abf1135b
CH		 3222out_free_stateid_slab:
3223 kmem_cache_destroy(stateid_slab);
3224out_free_file_slab:
3225 kmem_cache_destroy(file_slab);
3226out_free_lockowner_slab:
3227 kmem_cache_destroy(lockowner_slab);
3228out_free_openowner_slab:
3229 kmem_cache_destroy(openowner_slab);
3230out:
e60d4398
N		 3231 dprintk("nfsd4: out of memory while initializing nfsv4\n");
3232 return -ENOMEM;
1da177e4
LT		 3233}
3234
ff194bd9 3235static void init_nfs4_replay(struct nfs4_replay *rp)
1da177e4 3236{
ff194bd9
BF		 3237 rp->rp_status = nfserr_serverfault;
3238 rp->rp_buflen = 0;
3239 rp->rp_buf = rp->rp_ibuf;
58fb12e6
JL		 3240 mutex_init(&rp->rp_mutex);
3241}
3242
3243static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate,
3244 struct nfs4_stateowner *so)
3245{
3246 if (!nfsd4_has_session(cstate)) {
3247 mutex_lock(&so->so_replay.rp_mutex);
b5971afa 3248 cstate->replay_owner = nfs4_get_stateowner(so);
58fb12e6
JL		 3249 }
3250}
3251
3252void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate)
3253{
3254 struct nfs4_stateowner *so = cstate->replay_owner;
3255
3256 if (so != NULL) {
3257 cstate->replay_owner = NULL;
3258 mutex_unlock(&so->so_replay.rp_mutex);
3259 nfs4_put_stateowner(so);
3260 }
1da177e4
LT		 3261}
3262
fe0750e5 3263static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
ff194bd9 3264{
1da177e4 3265 struct nfs4_stateowner *sop;
1da177e4 3266
fe0750e5 3267 sop = kmem_cache_alloc(slab, GFP_KERNEL);
ff194bd9
BF		 3268 if (!sop)
3269 return NULL;
3270
3271 sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
3272 if (!sop->so_owner.data) {
fe0750e5 3273 kmem_cache_free(slab, sop);
1da177e4 3274 return NULL;
ff194bd9
BF		 3275 }
3276 sop->so_owner.len = owner->len;
3277
ea1da636 3278 INIT_LIST_HEAD(&sop->so_stateids);
ff194bd9
BF		 3279 sop->so_client = clp;
3280 init_nfs4_replay(&sop->so_replay);
6b180f0b 3281 atomic_set(&sop->so_count, 1);
ff194bd9
BF		 3282 return sop;
3283}
3284
fe0750e5 3285static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
ff194bd9 3286{
d4f0489f 3287 lockdep_assert_held(&clp->cl_lock);
9b531137 3288
d4f0489f
TM		 3289 list_add(&oo->oo_owner.so_strhash,
3290 &clp->cl_ownerstr_hashtbl[strhashval]);
fe0750e5 3291 list_add(&oo->oo_perclient, &clp->cl_openowners);
ff194bd9
BF		 3292}
3293
8f4b54c5
JL		 3294static void nfs4_unhash_openowner(struct nfs4_stateowner *so)
3295{
d4f0489f 3296 unhash_openowner_locked(openowner(so));
8f4b54c5
JL		 3297}
3298
6b180f0b
JL		 3299static void nfs4_free_openowner(struct nfs4_stateowner *so)
3300{
3301 struct nfs4_openowner *oo = openowner(so);
3302
3303 kmem_cache_free(openowner_slab, oo);
3304}
3305
3306static const struct nfs4_stateowner_operations openowner_ops = {
8f4b54c5
JL		 3307 .so_unhash = nfs4_unhash_openowner,
3308 .so_free = nfs4_free_openowner,
6b180f0b
JL		 3309};
3310
fe0750e5 3311static struct nfs4_openowner *
13d6f66b 3312alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
db24b3b4
JL		 3313 struct nfsd4_compound_state *cstate)
3314{
13d6f66b 3315 struct nfs4_client *clp = cstate->clp;
7ffb5880 3316 struct nfs4_openowner *oo, *ret;
ff194bd9 3317
fe0750e5
BF		 3318 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
3319 if (!oo)
ff194bd9 3320 return NULL;
6b180f0b 3321 oo->oo_owner.so_ops = &openowner_ops;
fe0750e5
BF		 3322 oo->oo_owner.so_is_open_owner = 1;
3323 oo->oo_owner.so_seqid = open->op_seqid;
d3134b10 3324 oo->oo_flags = 0;
db24b3b4
JL		 3325 if (nfsd4_has_session(cstate))
3326 oo->oo_flags |= NFS4_OO_CONFIRMED;
fe0750e5 3327 oo->oo_time = 0;
38c387b5 3328 oo->oo_last_closed_stid = NULL;
fe0750e5 3329 INIT_LIST_HEAD(&oo->oo_close_lru);
d4f0489f
TM		 3330 spin_lock(&clp->cl_lock);
3331 ret = find_openstateowner_str_locked(strhashval, open, clp);
7ffb5880
TM		 3332 if (ret == NULL) {
3333 hash_openowner(oo, clp, strhashval);
3334 ret = oo;
3335 } else
d50ffded
KM		 3336 nfs4_free_stateowner(&oo->oo_owner);
3337
d4f0489f 3338 spin_unlock(&clp->cl_lock);
c5952338 3339 return ret;
1da177e4
LT		 3340}
3341
996e0938 3342static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) {
fe0750e5 3343 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 3344
d6f2bc5d 3345 atomic_inc(&stp->st_stid.sc_count);
3abdb607 3346 stp->st_stid.sc_type = NFS4_OPEN_STID;
3c87b9b7 3347 INIT_LIST_HEAD(&stp->st_locks);
b5971afa 3348 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner);
13cd2184 3349 get_nfs4_file(fp);
11b9164a 3350 stp->st_stid.sc_file = fp;
1da177e4
LT		 3351 stp->st_access_bmap = 0;
3352 stp->st_deny_bmap = 0;
4c4cd222 3353 stp->st_openstp = NULL;
1c755dc1
JL		 3354 spin_lock(&oo->oo_owner.so_client->cl_lock);
3355 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
1d31a253
TM		 3356 spin_lock(&fp->fi_lock);
3357 list_add(&stp->st_perfile, &fp->fi_stateids);
3358 spin_unlock(&fp->fi_lock);
1c755dc1 3359 spin_unlock(&oo->oo_owner.so_client->cl_lock);
1da177e4
LT		 3360}
3361
d3134b10
JL		 3362/*
3363 * In the 4.0 case we need to keep the owners around a little while to handle
3364 * CLOSE replay. We still do need to release any file access that is held by
3365 * them before returning however.
3366 */
fd39ca9a 3367static void
d3134b10 3368move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net)
1da177e4 3369{
217526e7 3370 struct nfs4_ol_stateid *last;
d3134b10
JL		 3371 struct nfs4_openowner *oo = openowner(s->st_stateowner);
3372 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net,
3373 nfsd_net_id);
73758fed 3374
fe0750e5 3375 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
1da177e4 3376
b401be22
JL		 3377 /*
3378 * We know that we hold one reference via nfsd4_close, and another
3379 * "persistent" reference for the client. If the refcount is higher
3380 * than 2, then there are still calls in progress that are using this
3381 * stateid. We can't put the sc_file reference until they are finished.
3382 * Wait for the refcount to drop to 2. Since it has been unhashed,
3383 * there should be no danger of the refcount going back up again at
3384 * this point.
3385 */
3386 wait_event(close_wq, atomic_read(&s->st_stid.sc_count) == 2);
3387
d3134b10
JL		 3388 release_all_access(s);
3389 if (s->st_stid.sc_file) {
3390 put_nfs4_file(s->st_stid.sc_file);
3391 s->st_stid.sc_file = NULL;
3392 }
217526e7
JL		 3393
3394 spin_lock(&nn->client_lock);
3395 last = oo->oo_last_closed_stid;
d3134b10 3396 oo->oo_last_closed_stid = s;
73758fed 3397 list_move_tail(&oo->oo_close_lru, &nn->close_lru);
fe0750e5 3398 oo->oo_time = get_seconds();
217526e7
JL		 3399 spin_unlock(&nn->client_lock);
3400 if (last)
3401 nfs4_put_stid(&last->st_stid);
1da177e4
LT		 3402}
3403
1da177e4
LT		 3404/* search file_hashtbl[] for file */
3405static struct nfs4_file *
5b095e99 3406find_file_locked(struct knfsd_fh *fh, unsigned int hashval)
1da177e4 3407{
1da177e4
LT		 3408 struct nfs4_file *fp;
3409
5b095e99 3410 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash) {
4d94c2ef 3411 if (fh_match(&fp->fi_fhandle, fh)) {
5b095e99
JL		 3412 if (atomic_inc_not_zero(&fp->fi_ref))
3413 return fp;
13cd2184 3414 }
1da177e4
LT		 3415 }
3416 return NULL;
3417}
3418
e6ba76e1 3419struct nfs4_file *
ca943217 3420find_file(struct knfsd_fh *fh)
950e0118
TM		 3421{
3422 struct nfs4_file *fp;
5b095e99 3423 unsigned int hashval = file_hashval(fh);
950e0118 3424
5b095e99
JL		 3425 rcu_read_lock();
3426 fp = find_file_locked(fh, hashval);
3427 rcu_read_unlock();
950e0118
TM		 3428 return fp;
3429}
3430
3431static struct nfs4_file *
f9c00c3a 3432find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh)
950e0118
TM		 3433{
3434 struct nfs4_file *fp;
5b095e99
JL		 3435 unsigned int hashval = file_hashval(fh);
3436
3437 rcu_read_lock();
3438 fp = find_file_locked(fh, hashval);
3439 rcu_read_unlock();
3440 if (fp)
3441 return fp;
950e0118
TM		 3442
3443 spin_lock(&state_lock);
5b095e99
JL		 3444 fp = find_file_locked(fh, hashval);
3445 if (likely(fp == NULL)) {
3446 nfsd4_init_file(fh, hashval, new);
950e0118
TM		 3447 fp = new;
3448 }
3449 spin_unlock(&state_lock);
3450
3451 return fp;
3452}
3453
1da177e4
LT		 3454/*
3455 * Called to check deny when READ with all zero stateid or
3456 * WRITE with all zero or all one stateid
3457 */
b37ad28b 3458static __be32
1da177e4
LT		 3459nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
3460{
1da177e4 3461 struct nfs4_file *fp;
baeb4ff0 3462 __be32 ret = nfs_ok;
1da177e4 3463
ca943217 3464 fp = find_file(&current_fh->fh_handle);
13cd2184 3465 if (!fp)
baeb4ff0
JL		 3466 return ret;
3467 /* Check for conflicting share reservations */
1d31a253 3468 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3469 if (fp->fi_share_deny & deny_type)
3470 ret = nfserr_locked;
1d31a253 3471 spin_unlock(&fp->fi_lock);
13cd2184
N		 3472 put_nfs4_file(fp);
3473 return ret;
1da177e4
LT		 3474}
3475
0162ac2b 3476static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb)
1da177e4 3477{
0162ac2b 3478 struct nfs4_delegation *dp = cb_to_delegation(cb);
11b9164a
TM		 3479 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net,
3480 nfsd_net_id);
e8c69d17 3481
11b9164a 3482 block_delegations(&dp->dl_stid.sc_file->fi_fhandle);
f54fe962 3483
dff1399f 3484 /*
f54fe962
JL		 3485 * We can't do this in nfsd_break_deleg_cb because it is
3486 * already holding inode->i_lock.
3487 *
dff1399f
JL		 3488 * If the dl_time != 0, then we know that it has already been
3489 * queued for a lease break. Don't queue it again.
3490 */
f54fe962 3491 spin_lock(&state_lock);
dff1399f 3492 if (dp->dl_time == 0) {
dff1399f 3493 dp->dl_time = get_seconds();
02e1215f 3494 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru);
dff1399f 3495 }
02e1215f
JL		 3496 spin_unlock(&state_lock);
3497}
1da177e4 3498
0162ac2b
CH		 3499static int nfsd4_cb_recall_done(struct nfsd4_callback *cb,
3500 struct rpc_task *task)
3501{
3502 struct nfs4_delegation *dp = cb_to_delegation(cb);
3503
3504 switch (task->tk_status) {
3505 case 0:
3506 return 1;
3507 case -EBADHANDLE:
3508 case -NFS4ERR_BAD_STATEID:
3509 /*
3510 * Race: client probably got cb_recall before open reply
3511 * granting delegation.
3512 */
3513 if (dp->dl_retries--) {
3514 rpc_delay(task, 2 * HZ);
3515 return 0;
3516 }
3517 /*FALLTHRU*/
3518 default:
3519 return -1;
3520 }
3521}
3522
3523static void nfsd4_cb_recall_release(struct nfsd4_callback *cb)
3524{
3525 struct nfs4_delegation *dp = cb_to_delegation(cb);
3526
3527 nfs4_put_stid(&dp->dl_stid);
3528}
3529
3530static struct nfsd4_callback_ops nfsd4_cb_recall_ops = {
3531 .prepare = nfsd4_cb_recall_prepare,
3532 .done = nfsd4_cb_recall_done,
3533 .release = nfsd4_cb_recall_release,
3534};
3535
02e1215f
JL		 3536static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
3537{
3538 /*
3539 * We're assuming the state code never drops its reference
3540 * without first removing the lease. Since we're in this lease
3541 * callback (and since the lease code is serialized by the kernel
3542 * lock) we know the server hasn't removed the lease yet, we know
3543 * it's safe to take a reference.
3544 */
72c0b0fb 3545 atomic_inc(&dp->dl_stid.sc_count);
f0b5de1b 3546 nfsd4_run_cb(&dp->dl_recall);
6b57d9c8
BF		 3547}
3548
1c8c601a 3549/* Called from break_lease() with i_lock held. */
4d01b7f5
JL		 3550static bool
3551nfsd_break_deleg_cb(struct file_lock *fl)
6b57d9c8 3552{
4d01b7f5 3553 bool ret = false;
acfdf5c3
BF		 3554 struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
3555 struct nfs4_delegation *dp;
6b57d9c8 3556
7fa10cd1
BF		 3557 if (!fp) {
3558 WARN(1, "(%p)->fl_owner NULL\n", fl);
4d01b7f5 3559 return ret;
7fa10cd1
BF		 3560 }
3561 if (fp->fi_had_conflict) {
3562 WARN(1, "duplicate break on %p\n", fp);
4d01b7f5 3563 return ret;
7fa10cd1 3564 }
0272e1fd
BF		 3565 /*
3566 * We don't want the locks code to timeout the lease for us;
acfdf5c3 3567 * we'll remove it ourself if a delegation isn't returned
6b57d9c8 3568 * in time:
0272e1fd
BF		 3569 */
3570 fl->fl_break_time = 0;
1da177e4 3571
02e1215f 3572 spin_lock(&fp->fi_lock);
417c6629
JL		 3573 fp->fi_had_conflict = true;
3574 /*
4d01b7f5
JL		 3575 * If there are no delegations on the list, then return true
3576 * so that the lease code will go ahead and delete it.
417c6629
JL		 3577 */
3578 if (list_empty(&fp->fi_delegations))
4d01b7f5 3579 ret = true;
417c6629
JL		 3580 else
3581 list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
3582 nfsd_break_one_deleg(dp);
02e1215f 3583 spin_unlock(&fp->fi_lock);
4d01b7f5 3584 return ret;
1da177e4
LT		 3585}
3586
c45198ed 3587static int
7448cc37
JL		 3588nfsd_change_deleg_cb(struct file_lock *onlist, int arg,
3589 struct list_head *dispose)
1da177e4
LT		 3590{
3591 if (arg & F_UNLCK)
c45198ed 3592 return lease_modify(onlist, arg, dispose);
1da177e4
LT		 3593 else
3594 return -EAGAIN;
3595}
3596
7b021967 3597static const struct lock_manager_operations nfsd_lease_mng_ops = {
8fb47a4f
BF		 3598 .lm_break = nfsd_break_deleg_cb,
3599 .lm_change = nfsd_change_deleg_cb,
1da177e4
LT		 3600};
3601
7a8711c9
BF		 3602static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
3603{
3604 if (nfsd4_has_session(cstate))
3605 return nfs_ok;
3606 if (seqid == so->so_seqid - 1)
3607 return nfserr_replay_me;
3608 if (seqid == so->so_seqid)
3609 return nfs_ok;
3610 return nfserr_bad_seqid;
3611}
1da177e4 3612
4b24ca7d
JL		 3613static __be32 lookup_clientid(clientid_t *clid,
3614 struct nfsd4_compound_state *cstate,
3615 struct nfsd_net *nn)
3616{
3617 struct nfs4_client *found;
3618
3619 if (cstate->clp) {
3620 found = cstate->clp;
3621 if (!same_clid(&found->cl_clientid, clid))
3622 return nfserr_stale_clientid;
3623 return nfs_ok;
3624 }
3625
3626 if (STALE_CLIENTID(clid, nn))
3627 return nfserr_stale_clientid;
3628
3629 /*
3630 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one
3631 * cached already then we know this is for is for v4.0 and "sessions"
3632 * will be false.
3633 */
3634 WARN_ON_ONCE(cstate->session);
3e339f96 3635 spin_lock(&nn->client_lock);
4b24ca7d 3636 found = find_confirmed_client(clid, false, nn);
3e339f96
TM		 3637 if (!found) {
3638 spin_unlock(&nn->client_lock);
4b24ca7d 3639 return nfserr_expired;
3e339f96
TM		 3640 }
3641 atomic_inc(&found->cl_refcount);
3642 spin_unlock(&nn->client_lock);
4b24ca7d
JL		 3643
3644 /* Cache the nfs4_client in cstate! */
3645 cstate->clp = found;
4b24ca7d
JL		 3646 return nfs_ok;
3647}
3648
b37ad28b 3649__be32
6668958f 3650nfsd4_process_open1(struct nfsd4_compound_state *cstate,
3320fef1 3651 struct nfsd4_open *open, struct nfsd_net *nn)
1da177e4 3652{
1da177e4
LT		 3653 clientid_t *clientid = &open->op_clientid;
3654 struct nfs4_client *clp = NULL;
3655 unsigned int strhashval;
fe0750e5 3656 struct nfs4_openowner *oo = NULL;
4cdc951b 3657 __be32 status;
1da177e4 3658
2c142baa 3659 if (STALE_CLIENTID(&open->op_clientid, nn))
1da177e4 3660 return nfserr_stale_clientid;
32513b40
BF		 3661 /*
3662 * In case we need it later, after we've already created the
3663 * file and don't want to risk a further failure:
3664 */
3665 open->op_file = nfsd4_alloc_file();
3666 if (open->op_file == NULL)
3667 return nfserr_jukebox;
1da177e4 3668
2d91e895
TM		 3669 status = lookup_clientid(clientid, cstate, nn);
3670 if (status)
3671 return status;
3672 clp = cstate->clp;
3673
d4f0489f
TM		 3674 strhashval = ownerstr_hashval(&open->op_owner);
3675 oo = find_openstateowner_str(strhashval, open, clp);
fe0750e5
BF		 3676 open->op_openowner = oo;
3677 if (!oo) {
bcf130f9 3678 goto new_owner;
1da177e4 3679 }
dad1c067 3680 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
0f442aa2 3681 /* Replace unconfirmed owners without checking for replay. */
fe0750e5
BF		 3682 release_openowner(oo);
3683 open->op_openowner = NULL;
bcf130f9 3684 goto new_owner;
0f442aa2 3685 }
4cdc951b
BF		 3686 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
3687 if (status)
3688 return status;
4cdc951b 3689 goto alloc_stateid;
bcf130f9 3690new_owner:
13d6f66b 3691 oo = alloc_init_open_stateowner(strhashval, open, cstate);
bcf130f9
BF		 3692 if (oo == NULL)
3693 return nfserr_jukebox;
3694 open->op_openowner = oo;
4cdc951b 3695alloc_stateid:
b49e084d 3696 open->op_stp = nfs4_alloc_open_stateid(clp);
4cdc951b
BF		 3697 if (!open->op_stp)
3698 return nfserr_jukebox;
8287f009
SB		 3699
3700 if (nfsd4_has_session(cstate) &&
3701 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) {
3702 open->op_odstate = alloc_clnt_odstate(clp);
3703 if (!open->op_odstate)
3704 return nfserr_jukebox;
3705 }
3706
0f442aa2 3707 return nfs_ok;
1da177e4
LT		 3708}
3709
b37ad28b 3710static inline __be32
4a6e43e6
N		 3711nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
3712{
3713 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
3714 return nfserr_openmode;
3715 else
3716 return nfs_ok;
3717}
3718
f459e453 3719static int share_access_to_flags(u32 share_access)
52f4fb43 3720{
f459e453 3721 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
52f4fb43
N		 3722}
3723
38c2f4b1 3724static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
24a0111e 3725{
f459e453 3726 struct nfs4_stid *ret;
24a0111e 3727
38c2f4b1 3728 ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID);
f459e453
BF		 3729 if (!ret)
3730 return NULL;
3731 return delegstateid(ret);
24a0111e
BF		 3732}
3733
8b289b2c
BF		 3734static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
3735{
3736 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
3737 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
3738}
3739
b37ad28b 3740static __be32
41d22663 3741nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open,
567d9829
N		 3742 struct nfs4_delegation **dp)
3743{
3744 int flags;
b37ad28b 3745 __be32 status = nfserr_bad_stateid;
dcd94cc2 3746 struct nfs4_delegation *deleg;
567d9829 3747
dcd94cc2
TM		 3748 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid);
3749 if (deleg == NULL)
c44c5eeb 3750 goto out;
24a0111e 3751 flags = share_access_to_flags(open->op_share_access);
dcd94cc2
TM		 3752 status = nfs4_check_delegmode(deleg, flags);
3753 if (status) {
3754 nfs4_put_stid(&deleg->dl_stid);
3755 goto out;
3756 }
3757 *dp = deleg;
c44c5eeb 3758out:
8b289b2c 3759 if (!nfsd4_is_deleg_cur(open))
c44c5eeb
N		 3760 return nfs_ok;
3761 if (status)
3762 return status;
dad1c067 3763 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
c44c5eeb 3764 return nfs_ok;
567d9829
N		 3765}
3766
a46cb7f2
JL		 3767static struct nfs4_ol_stateid *
3768nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1da177e4 3769{
a46cb7f2 3770 struct nfs4_ol_stateid *local, *ret = NULL;
fe0750e5 3771 struct nfs4_openowner *oo = open->op_openowner;
1da177e4 3772
1d31a253 3773 spin_lock(&fp->fi_lock);
8beefa24 3774 list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
1da177e4
LT		 3775 /* ignore lock owners */
3776 if (local->st_stateowner->so_is_open_owner == 0)
3777 continue;
baeb4ff0 3778 if (local->st_stateowner == &oo->oo_owner) {
a46cb7f2 3779 ret = local;
d6f2bc5d 3780 atomic_inc(&ret->st_stid.sc_count);
baeb4ff0 3781 break;
1d31a253 3782 }
1da177e4 3783 }
1d31a253 3784 spin_unlock(&fp->fi_lock);
a46cb7f2 3785 return ret;
1da177e4
LT		 3786}
3787
21fb4016
BF		 3788static inline int nfs4_access_to_access(u32 nfs4_access)
3789{
3790 int flags = 0;
3791
3792 if (nfs4_access & NFS4_SHARE_ACCESS_READ)
3793 flags |= NFSD_MAY_READ;
3794 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
3795 flags |= NFSD_MAY_WRITE;
3796 return flags;
3797}
3798
7e6a72e5
CH		 3799static inline __be32
3800nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
3801 struct nfsd4_open *open)
3802{
3803 struct iattr iattr = {
3804 .ia_valid = ATTR_SIZE,
3805 .ia_size = 0,
3806 };
3807 if (!open->op_truncate)
3808 return 0;
3809 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
3810 return nfserr_inval;
3811 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
3812}
3813
0c12eaff 3814static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
6eb3a1d0
JL		 3815 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp,
3816 struct nfsd4_open *open)
f9d7562f 3817{
de18643d 3818 struct file *filp = NULL;
f9d7562f 3819 __be32 status;
0c12eaff
CB		 3820 int oflag = nfs4_access_to_omode(open->op_share_access);
3821 int access = nfs4_access_to_access(open->op_share_access);
baeb4ff0 3822 unsigned char old_access_bmap, old_deny_bmap;
0c12eaff 3823
de18643d 3824 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 3825
3826 /*
3827 * Are we trying to set a deny mode that would conflict with
3828 * current access?
3829 */
3830 status = nfs4_file_check_deny(fp, open->op_share_deny);
3831 if (status != nfs_ok) {
3832 spin_unlock(&fp->fi_lock);
3833 goto out;
3834 }
3835
3836 /* set access to the file */
3837 status = nfs4_file_get_access(fp, open->op_share_access);
3838 if (status != nfs_ok) {
3839 spin_unlock(&fp->fi_lock);
3840 goto out;
3841 }
3842
3843 /* Set access bits in stateid */
3844 old_access_bmap = stp->st_access_bmap;
3845 set_access(open->op_share_access, stp);
3846
3847 /* Set new deny mask */
3848 old_deny_bmap = stp->st_deny_bmap;
3849 set_deny(open->op_share_deny, stp);
3850 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3851
f9d7562f 3852 if (!fp->fi_fds[oflag]) {
de18643d
TM		 3853 spin_unlock(&fp->fi_lock);
3854 status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp);
f9d7562f 3855 if (status)
baeb4ff0 3856 goto out_put_access;
de18643d
TM		 3857 spin_lock(&fp->fi_lock);
3858 if (!fp->fi_fds[oflag]) {
3859 fp->fi_fds[oflag] = filp;
3860 filp = NULL;
3861 }
f9d7562f 3862 }
de18643d
TM		 3863 spin_unlock(&fp->fi_lock);
3864 if (filp)
3865 fput(filp);
f9d7562f 3866
7e6a72e5
CH		 3867 status = nfsd4_truncate(rqstp, cur_fh, open);
3868 if (status)
3869 goto out_put_access;
7e6a72e5
CH		 3870out:
3871 return status;
baeb4ff0
JL		 3872out_put_access:
3873 stp->st_access_bmap = old_access_bmap;
3874 nfs4_file_put_access(fp, open->op_share_access);
3875 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp);
3876 goto out;
1da177e4
LT		 3877}
3878
b37ad28b 3879static __be32
dcef0413 3880nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
1da177e4 3881{
b37ad28b 3882 __be32 status;
6ac75368 3883 unsigned char old_deny_bmap = stp->st_deny_bmap;
1da177e4 3884
6eb3a1d0 3885 if (!test_access(open->op_share_access, stp))
baeb4ff0 3886 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open);
7e6a72e5 3887
baeb4ff0
JL		 3888 /* test and set deny mode */
3889 spin_lock(&fp->fi_lock);
3890 status = nfs4_file_check_deny(fp, open->op_share_deny);
3891 if (status == nfs_ok) {
baeb4ff0
JL		 3892 set_deny(open->op_share_deny, stp);
3893 fp->fi_share_deny |=
3894 (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
3895 }
3896 spin_unlock(&fp->fi_lock);
3897
3898 if (status != nfs_ok)
1da177e4 3899 return status;
1da177e4 3900
baeb4ff0
JL		 3901 status = nfsd4_truncate(rqstp, cur_fh, open);
3902 if (status != nfs_ok)
3903 reset_union_bmap_deny(old_deny_bmap, stp);
3904 return status;
3905}
1da177e4 3906
14a24e99
BF		 3907/* Should we give out recallable state?: */
3908static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
3909{
3910 if (clp->cl_cb_state == NFSD4_CB_UP)
3911 return true;
3912 /*
3913 * In the sessions case, since we don't have to establish a
3914 * separate connection for callbacks, we assume it's OK
3915 * until we hear otherwise:
3916 */
3917 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
3918}
3919
d564fbec 3920static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag)
22d38c4c
BF		 3921{
3922 struct file_lock *fl;
3923
3924 fl = locks_alloc_lock();
3925 if (!fl)
3926 return NULL;
22d38c4c 3927 fl->fl_lmops = &nfsd_lease_mng_ops;
617588d5 3928 fl->fl_flags = FL_DELEG;
22d38c4c
BF		 3929 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
3930 fl->fl_end = OFFSET_MAX;
d564fbec 3931 fl->fl_owner = (fl_owner_t)fp;
22d38c4c 3932 fl->fl_pid = current->tgid;
22d38c4c
BF		 3933 return fl;
3934}
3935
99c41515 3936static int nfs4_setlease(struct nfs4_delegation *dp)
edab9782 3937{
11b9164a 3938 struct nfs4_file *fp = dp->dl_stid.sc_file;
efde6b4d 3939 struct file_lock *fl;
417c6629
JL		 3940 struct file *filp;
3941 int status = 0;
edab9782 3942
d564fbec 3943 fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ);
edab9782
BF		 3944 if (!fl)
3945 return -ENOMEM;
417c6629
JL		 3946 filp = find_readable_file(fp);
3947 if (!filp) {
3948 /* We should always have a readable file here */
3949 WARN_ON_ONCE(1);
af9dbaf4 3950 locks_free_lock(fl);
417c6629
JL		 3951 return -EBADF;
3952 }
3953 fl->fl_file = filp;
e6f5c789 3954 status = vfs_setlease(filp, fl->fl_type, &fl, NULL);
1c7dd2ff 3955 if (fl)
417c6629 3956 locks_free_lock(fl);
1c7dd2ff 3957 if (status)
417c6629 3958 goto out_fput;
417c6629
JL		 3959 spin_lock(&state_lock);
3960 spin_lock(&fp->fi_lock);
3961 /* Did the lease get broken before we took the lock? */
3962 status = -EAGAIN;
3963 if (fp->fi_had_conflict)
3964 goto out_unlock;
3965 /* Race breaker */
0c637be8 3966 if (fp->fi_deleg_file) {
417c6629 3967 status = 0;
67db1034 3968 ++fp->fi_delegees;
417c6629
JL		 3969 hash_delegation_locked(dp, fp);
3970 goto out_unlock;
3971 }
417c6629 3972 fp->fi_deleg_file = filp;
67db1034 3973 fp->fi_delegees = 1;
931ee56c 3974 hash_delegation_locked(dp, fp);
417c6629 3975 spin_unlock(&fp->fi_lock);
cdc97505 3976 spin_unlock(&state_lock);
acfdf5c3 3977 return 0;
417c6629
JL		 3978out_unlock:
3979 spin_unlock(&fp->fi_lock);
3980 spin_unlock(&state_lock);
3981out_fput:
3982 fput(filp);
e873088f 3983 return status;
acfdf5c3
BF		 3984}
3985
0b26693c
JL		 3986static struct nfs4_delegation *
3987nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh,
8287f009 3988 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate)
acfdf5c3 3989{
0b26693c
JL		 3990 int status;
3991 struct nfs4_delegation *dp;
417c6629 3992
bf7bd3e9 3993 if (fp->fi_had_conflict)
0b26693c
JL		 3994 return ERR_PTR(-EAGAIN);
3995
8287f009 3996 dp = alloc_init_deleg(clp, fh, odstate);
0b26693c
JL		 3997 if (!dp)
3998 return ERR_PTR(-ENOMEM);
3999
bf7bd3e9 4000 get_nfs4_file(fp);
417c6629
JL		 4001 spin_lock(&state_lock);
4002 spin_lock(&fp->fi_lock);
11b9164a 4003 dp->dl_stid.sc_file = fp;
0c637be8 4004 if (!fp->fi_deleg_file) {
417c6629
JL		 4005 spin_unlock(&fp->fi_lock);
4006 spin_unlock(&state_lock);
0b26693c
JL		 4007 status = nfs4_setlease(dp);
4008 goto out;
417c6629 4009 }
acfdf5c3 4010 if (fp->fi_had_conflict) {
417c6629
JL		 4011 status = -EAGAIN;
4012 goto out_unlock;
acfdf5c3 4013 }
67db1034 4014 ++fp->fi_delegees;
931ee56c 4015 hash_delegation_locked(dp, fp);
0b26693c 4016 status = 0;
417c6629
JL		 4017out_unlock:
4018 spin_unlock(&fp->fi_lock);
cdc97505 4019 spin_unlock(&state_lock);
0b26693c
JL		 4020out:
4021 if (status) {
8287f009 4022 put_clnt_odstate(dp->dl_clnt_odstate);
6011695d 4023 nfs4_put_stid(&dp->dl_stid);
0b26693c
JL		 4024 return ERR_PTR(status);
4025 }
4026 return dp;
edab9782
BF		 4027}
4028
4aa8913c
BH		 4029static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
4030{
4031 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4032 if (status == -EAGAIN)
4033 open->op_why_no_deleg = WND4_CONTENTION;
4034 else {
4035 open->op_why_no_deleg = WND4_RESOURCE;
4036 switch (open->op_deleg_want) {
4037 case NFS4_SHARE_WANT_READ_DELEG:
4038 case NFS4_SHARE_WANT_WRITE_DELEG:
4039 case NFS4_SHARE_WANT_ANY_DELEG:
4040 break;
4041 case NFS4_SHARE_WANT_CANCEL:
4042 open->op_why_no_deleg = WND4_CANCELLED;
4043 break;
4044 case NFS4_SHARE_WANT_NO_DELEG:
063b0fb9 4045 WARN_ON_ONCE(1);
4aa8913c
BH		 4046 }
4047 }
4048}
4049
1da177e4
LT		 4050/*
4051 * Attempt to hand out a delegation.
99c41515
BF		 4052 *
4053 * Note we don't support write delegations, and won't until the vfs has
4054 * proper support for them.
1da177e4
LT		 4055 */
4056static void
4cf59221
JL		 4057nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open,
4058 struct nfs4_ol_stateid *stp)
1da177e4
LT		 4059{
4060 struct nfs4_delegation *dp;
4cf59221
JL		 4061 struct nfs4_openowner *oo = openowner(stp->st_stateowner);
4062 struct nfs4_client *clp = stp->st_stid.sc_client;
14a24e99 4063 int cb_up;
99c41515 4064 int status = 0;
1da177e4 4065
fe0750e5 4066 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
7b190fec
N		 4067 open->op_recall = 0;
4068 switch (open->op_claim_type) {
4069 case NFS4_OPEN_CLAIM_PREVIOUS:
2bf23875 4070 if (!cb_up)
7b190fec 4071 open->op_recall = 1;
99c41515
BF		 4072 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ)
4073 goto out_no_deleg;
7b190fec
N		 4074 break;
4075 case NFS4_OPEN_CLAIM_NULL:
ed47b062 4076 case NFS4_OPEN_CLAIM_FH:
99c41515
BF		 4077 /*
4078 * Let's not give out any delegations till everyone's
c87fb4a3
BF		 4079 * had the chance to reclaim theirs, *and* until
4080 * NLM locks have all been reclaimed:
99c41515 4081 */
4cf59221 4082 if (locks_in_grace(clp->net))
99c41515 4083 goto out_no_deleg;
dad1c067 4084 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
99c41515 4085 goto out_no_deleg;
9a0590ae
SD		 4086 /*
4087 * Also, if the file was opened for write or
4088 * create, there's a good chance the client's
4089 * about to write to it, resulting in an
4090 * immediate recall (since we don't support
4091 * write delegations):
4092 */
7b190fec 4093 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
99c41515
BF		 4094 goto out_no_deleg;
4095 if (open->op_create == NFS4_OPEN_CREATE)
4096 goto out_no_deleg;
7b190fec
N		 4097 break;
4098 default:
99c41515 4099 goto out_no_deleg;
7b190fec 4100 }
8287f009 4101 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate);
0b26693c 4102 if (IS_ERR(dp))
dd239cc0 4103 goto out_no_deleg;
1da177e4 4104
d5477a8d 4105 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
1da177e4 4106
8c10cbdb 4107 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
d5477a8d 4108 STATEID_VAL(&dp->dl_stid.sc_stateid));
99c41515 4109 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ;
67cb1279 4110 nfs4_put_stid(&dp->dl_stid);
dd239cc0 4111 return;
dd239cc0 4112out_no_deleg:
99c41515
BF		 4113 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE;
4114 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
d08d32e6 4115 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) {
99c41515 4116 dprintk("NFSD: WARNING: refusing delegation reclaim\n");
d08d32e6
BF		 4117 open->op_recall = 1;
4118 }
99c41515
BF		 4119
4120 /* 4.1 client asking for a delegation? */
4121 if (open->op_deleg_want)
4122 nfsd4_open_deleg_none_ext(open, status);
4123 return;
1da177e4
LT		 4124}
4125
e27f49c3
BH		 4126static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
4127 struct nfs4_delegation *dp)
4128{
4129 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
4130 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
4131 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4132 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
4133 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
4134 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
4135 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4136 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
4137 }
4138 /* Otherwise the client must be confused wanting a delegation
4139 * it already has, therefore we don't return
4140 * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
4141 */
4142}
4143
b37ad28b 4144__be32
1da177e4
LT		 4145nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
4146{
6668958f 4147 struct nfsd4_compoundres *resp = rqstp->rq_resp;
38c2f4b1 4148 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
1da177e4 4149 struct nfs4_file *fp = NULL;
dcef0413 4150 struct nfs4_ol_stateid *stp = NULL;
567d9829 4151 struct nfs4_delegation *dp = NULL;
b37ad28b 4152 __be32 status;
1da177e4 4153
1da177e4
LT		 4154 /*
4155 * Lookup file; if found, lookup stateid and check open request,
4156 * and check for delegations in the process of being recalled.
4157 * If not found, create the nfs4_file struct
4158 */
f9c00c3a 4159 fp = find_or_add_file(open->op_file, &current_fh->fh_handle);
950e0118 4160 if (fp != open->op_file) {
41d22663 4161 status = nfs4_check_deleg(cl, open, &dp);
c44c5eeb
N		 4162 if (status)
4163 goto out;
a46cb7f2 4164 stp = nfsd4_find_existing_open(fp, open);
1da177e4 4165 } else {
950e0118 4166 open->op_file = NULL;
c44c5eeb 4167 status = nfserr_bad_stateid;
8b289b2c 4168 if (nfsd4_is_deleg_cur(open))
c44c5eeb 4169 goto out;
1da177e4
LT		 4170 }
4171
4172 /*
4173 * OPEN the file, or upgrade an existing OPEN.
4174 * If truncate fails, the OPEN fails.
4175 */
4176 if (stp) {
4177 /* Stateid was found, this is an OPEN upgrade */
f9d7562f 4178 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
1da177e4
LT		 4179 if (status)
4180 goto out;
4181 } else {
4cdc951b
BF		 4182 stp = open->op_stp;
4183 open->op_stp = NULL;
996e0938 4184 init_open_stateid(stp, fp, open);
6eb3a1d0
JL		 4185 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
4186 if (status) {
4187 release_open_stateid(stp);
4188 goto out;
4189 }
8287f009
SB		 4190
4191 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp,
4192 open->op_odstate);
4193 if (stp->st_clnt_odstate == open->op_odstate)
4194 open->op_odstate = NULL;
1da177e4 4195 }
dcef0413
BF		 4196 update_stateid(&stp->st_stid.sc_stateid);
4197 memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 4198
d24433cd 4199 if (nfsd4_has_session(&resp->cstate)) {
d24433cd
BH		 4200 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
4201 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4202 open->op_why_no_deleg = WND4_NOT_WANTED;
4203 goto nodeleg;
4204 }
4205 }
4206
1da177e4
LT		 4207 /*
4208 * Attempt to hand out a delegation. No error return, because the
4209 * OPEN succeeds even if we fail.
4210 */
4cf59221 4211 nfs4_open_delegation(current_fh, open, stp);
d24433cd 4212nodeleg:
1da177e4
LT		 4213 status = nfs_ok;
4214
8c10cbdb 4215 dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
dcef0413 4216 STATEID_VAL(&stp->st_stid.sc_stateid));
1da177e4 4217out:
d24433cd
BH		 4218 /* 4.1 client trying to upgrade/downgrade delegation? */
4219 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
e27f49c3
BH		 4220 open->op_deleg_want)
4221 nfsd4_deleg_xgrade_none_ext(open, dp);
d24433cd 4222
13cd2184
N		 4223 if (fp)
4224 put_nfs4_file(fp);
37515177 4225 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
87186022 4226 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
1da177e4
LT		 4227 /*
4228 * To finish the open response, we just need to set the rflags.
4229 */
4230 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
dad1c067 4231 if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) &&
6668958f 4232 !nfsd4_has_session(&resp->cstate))
1da177e4 4233 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
dcd94cc2
TM		 4234 if (dp)
4235 nfs4_put_stid(&dp->dl_stid);
d6f2bc5d
TM		 4236 if (stp)
4237 nfs4_put_stid(&stp->st_stid);
1da177e4
LT		 4238
4239 return status;
4240}
4241
58fb12e6 4242void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate,
42297899 4243 struct nfsd4_open *open)
d29b20cd
BF		 4244{
4245 if (open->op_openowner) {
d3134b10
JL		 4246 struct nfs4_stateowner *so = &open->op_openowner->oo_owner;
4247
4248 nfsd4_cstate_assign_replay(cstate, so);
4249 nfs4_put_stateowner(so);
d29b20cd 4250 }
32513b40 4251 if (open->op_file)
5b095e99 4252 kmem_cache_free(file_slab, open->op_file);
4cdc951b 4253 if (open->op_stp)
6011695d 4254 nfs4_put_stid(&open->op_stp->st_stid);
8287f009
SB		 4255 if (open->op_odstate)
4256 kmem_cache_free(odstate_slab, open->op_odstate);
d29b20cd
BF		 4257}
4258
b37ad28b 4259__be32
b591480b
BF		 4260nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4261 clientid_t *clid)
1da177e4
LT		 4262{
4263 struct nfs4_client *clp;
b37ad28b 4264 __be32 status;
7f2210fa 4265 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4266
1da177e4
LT		 4267 dprintk("process_renew(%08x/%08x): starting\n",
4268 clid->cl_boot, clid->cl_id);
4b24ca7d 4269 status = lookup_clientid(clid, cstate, nn);
9b2ef62b 4270 if (status)
1da177e4 4271 goto out;
4b24ca7d 4272 clp = cstate->clp;
1da177e4 4273 status = nfserr_cb_path_down;
ea1da636 4274 if (!list_empty(&clp->cl_delegations)
77a3569d 4275 && clp->cl_cb_state != NFSD4_CB_UP)
1da177e4
LT		 4276 goto out;
4277 status = nfs_ok;
4278out:
1da177e4
LT		 4279 return status;
4280}
4281
7f5ef2e9 4282void
12760c66 4283nfsd4_end_grace(struct nfsd_net *nn)
a76b4319 4284{
33dcc481 4285 /* do nothing if grace period already ended */
a51c84ed 4286 if (nn->grace_ended)
33dcc481
JL		 4287 return;
4288
a76b4319 4289 dprintk("NFSD: end of grace period\n");
a51c84ed 4290 nn->grace_ended = true;
70b28235
BF		 4291 /*
4292 * If the server goes down again right now, an NFSv4
4293 * client will still be allowed to reclaim after it comes back up,
4294 * even if it hasn't yet had a chance to reclaim state this time.
4295 *
4296 */
919b8049 4297 nfsd4_record_grace_done(nn);
70b28235
BF		 4298 /*
4299 * At this point, NFSv4 clients can still reclaim. But if the
4300 * server crashes, any that have not yet reclaimed will be out
4301 * of luck on the next boot.
4302 *
4303 * (NFSv4.1+ clients are considered to have reclaimed once they
4304 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to
4305 * have reclaimed after their first OPEN.)
4306 */
5e1533c7 4307 locks_end_grace(&nn->nfsd4_manager);
70b28235
BF		 4308 /*
4309 * At this point, and once lockd and/or any other containers
4310 * exit their grace period, further reclaims will fail and
4311 * regular locking can resume.
4312 */
a76b4319
N		 4313}
4314
fd39ca9a 4315static time_t
09121281 4316nfs4_laundromat(struct nfsd_net *nn)
1da177e4
LT		 4317{
4318 struct nfs4_client *clp;
fe0750e5 4319 struct nfs4_openowner *oo;
1da177e4 4320 struct nfs4_delegation *dp;
217526e7 4321 struct nfs4_ol_stateid *stp;
1da177e4 4322 struct list_head *pos, *next, reaplist;
3d733711 4323 time_t cutoff = get_seconds() - nn->nfsd4_lease;
a832e7ae 4324 time_t t, new_timeo = nn->nfsd4_lease;
1da177e4 4325
1da177e4 4326 dprintk("NFSD: laundromat service - starting\n");
12760c66 4327 nfsd4_end_grace(nn);
36acb66b 4328 INIT_LIST_HEAD(&reaplist);
c9a49628 4329 spin_lock(&nn->client_lock);
5ed58bb2 4330 list_for_each_safe(pos, next, &nn->client_lru) {
1da177e4
LT		 4331 clp = list_entry(pos, struct nfs4_client, cl_lru);
4332 if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
4333 t = clp->cl_time - cutoff;
a832e7ae 4334 new_timeo = min(new_timeo, t);
1da177e4
LT		 4335 break;
4336 }
221a6876 4337 if (mark_client_expired_locked(clp)) {
d7682988
BH		 4338 dprintk("NFSD: client in use (clientid %08x)\n",
4339 clp->cl_clientid.cl_id);
4340 continue;
4341 }
4864af97 4342 list_add(&clp->cl_lru, &reaplist);
36acb66b 4343 }
c9a49628 4344 spin_unlock(&nn->client_lock);
36acb66b
BH		 4345 list_for_each_safe(pos, next, &reaplist) {
4346 clp = list_entry(pos, struct nfs4_client, cl_lru);
1da177e4
LT		 4347 dprintk("NFSD: purging unused client (clientid %08x)\n",
4348 clp->cl_clientid.cl_id);
4864af97 4349 list_del_init(&clp->cl_lru);
1da177e4
LT		 4350 expire_client(clp);
4351 }
cdc97505 4352 spin_lock(&state_lock);
e8c69d17 4353 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4
LT		 4354 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4355 if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
a832e7ae
JL		 4356 t = dp->dl_time - cutoff;
4357 new_timeo = min(new_timeo, t);
1da177e4
LT		 4358 break;
4359 }
42690676
JL		 4360 unhash_delegation_locked(dp);
4361 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 4362 }
cdc97505 4363 spin_unlock(&state_lock);
2d4a532d
JL		 4364 while (!list_empty(&reaplist)) {
4365 dp = list_first_entry(&reaplist, struct nfs4_delegation,
4366 dl_recall_lru);
4367 list_del_init(&dp->dl_recall_lru);
3bd64a5b 4368 revoke_delegation(dp);
1da177e4 4369 }
217526e7
JL		 4370
4371 spin_lock(&nn->client_lock);
4372 while (!list_empty(&nn->close_lru)) {
4373 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner,
4374 oo_close_lru);
4375 if (time_after((unsigned long)oo->oo_time,
4376 (unsigned long)cutoff)) {
a832e7ae
JL		 4377 t = oo->oo_time - cutoff;
4378 new_timeo = min(new_timeo, t);
1da177e4
LT		 4379 break;
4380 }
217526e7
JL		 4381 list_del_init(&oo->oo_close_lru);
4382 stp = oo->oo_last_closed_stid;
4383 oo->oo_last_closed_stid = NULL;
4384 spin_unlock(&nn->client_lock);
4385 nfs4_put_stid(&stp->st_stid);
4386 spin_lock(&nn->client_lock);
1da177e4 4387 }
217526e7
JL		 4388 spin_unlock(&nn->client_lock);
4389
a832e7ae 4390 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT);
a832e7ae 4391 return new_timeo;
1da177e4
LT		 4392}
4393
a254b246
HH		 4394static struct workqueue_struct *laundry_wq;
4395static void laundromat_main(struct work_struct *);
a254b246
HH		 4396
4397static void
09121281 4398laundromat_main(struct work_struct *laundry)
1da177e4
LT		 4399{
4400 time_t t;
09121281
SK		 4401 struct delayed_work *dwork = container_of(laundry, struct delayed_work,
4402 work);
4403 struct nfsd_net *nn = container_of(dwork, struct nfsd_net,
4404 laundromat_work);
1da177e4 4405
09121281 4406 t = nfs4_laundromat(nn);
1da177e4 4407 dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
09121281 4408 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ);
1da177e4
LT		 4409}
4410
8fcd461d 4411static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp)
1da177e4 4412{
8fcd461d 4413 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle))
f7a4d872
BF		 4414 return nfserr_bad_stateid;
4415 return nfs_ok;
1da177e4
LT		 4416}
4417
1da177e4 4418static inline int
82c5ff1b 4419access_permit_read(struct nfs4_ol_stateid *stp)
1da177e4 4420{
82c5ff1b
JL		 4421 return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
4422 test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
4423 test_access(NFS4_SHARE_ACCESS_WRITE, stp);
1da177e4
LT		 4424}
4425
4426static inline int
82c5ff1b 4427access_permit_write(struct nfs4_ol_stateid *stp)
1da177e4 4428{
82c5ff1b
JL		 4429 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
4430 test_access(NFS4_SHARE_ACCESS_BOTH, stp);
1da177e4
LT		 4431}
4432
4433static
dcef0413 4434__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
1da177e4 4435{
b37ad28b 4436 __be32 status = nfserr_openmode;
1da177e4 4437
02921914
BF		 4438 /* For lock stateid's, we test the parent open, not the lock: */
4439 if (stp->st_openstp)
4440 stp = stp->st_openstp;
82c5ff1b 4441 if ((flags & WR_STATE) && !access_permit_write(stp))
1da177e4 4442 goto out;
82c5ff1b 4443 if ((flags & RD_STATE) && !access_permit_read(stp))
1da177e4
LT		 4444 goto out;
4445 status = nfs_ok;
4446out:
4447 return status;
4448}
4449
b37ad28b 4450static inline __be32
5ccb0066 4451check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
1da177e4 4452{
203a8c8e 4453 if (ONE_STATEID(stateid) && (flags & RD_STATE))
1da177e4 4454 return nfs_ok;
c87fb4a3 4455 else if (opens_in_grace(net)) {
25985edc 4456 /* Answer in remaining cases depends on existence of
1da177e4
LT		 4457 * conflicting state; so we must wait out the grace period. */
4458 return nfserr_grace;
4459 } else if (flags & WR_STATE)
4460 return nfs4_share_conflict(current_fh,
4461 NFS4_SHARE_DENY_WRITE);
4462 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
4463 return nfs4_share_conflict(current_fh,
4464 NFS4_SHARE_DENY_READ);
4465}
4466
4467/*
4468 * Allow READ/WRITE during grace period on recovered state only for files
4469 * that are not able to provide mandatory locking.
4470 */
4471static inline int
5ccb0066 4472grace_disallows_io(struct net *net, struct inode *inode)
1da177e4 4473{
c87fb4a3 4474 return opens_in_grace(net) && mandatory_lock(inode);
1da177e4
LT		 4475}
4476
81b82965
BF		 4477/* Returns true iff a is later than b: */
4478static bool stateid_generation_after(stateid_t *a, stateid_t *b)
4479{
1a9357f4 4480 return (s32)(a->si_generation - b->si_generation) > 0;
81b82965
BF		 4481}
4482
57b7b43b 4483static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
0836f587 4484{
6668958f
AA		 4485 /*
4486 * When sessions are used the stateid generation number is ignored
4487 * when it is zero.
4488 */
28dde241 4489 if (has_session && in->si_generation == 0)
81b82965
BF		 4490 return nfs_ok;
4491
4492 if (in->si_generation == ref->si_generation)
4493 return nfs_ok;
6668958f 4494
0836f587 4495 /* If the client sends us a stateid from the future, it's buggy: */
81b82965 4496 if (stateid_generation_after(in, ref))
0836f587
BF		 4497 return nfserr_bad_stateid;
4498 /*
81b82965
BF		 4499 * However, we could see a stateid from the past, even from a
4500 * non-buggy client. For example, if the client sends a lock
4501 * while some IO is outstanding, the lock may bump si_generation
4502 * while the IO is still in flight. The client could avoid that
4503 * situation by waiting for responses on all the IO requests,
4504 * but better performance may result in retrying IO that
4505 * receives an old_stateid error if requests are rarely
4506 * reordered in flight:
0836f587 4507 */
81b82965 4508 return nfserr_old_stateid;
0836f587
BF		 4509}
4510
ebe9cb3b
CH		 4511static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols)
4512{
4513 if (ols->st_stateowner->so_is_open_owner &&
4514 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
4515 return nfserr_bad_stateid;
4516 return nfs_ok;
4517}
4518
7df302f7 4519static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
17456804 4520{
97b7e3b6 4521 struct nfs4_stid *s;
1af71cc8 4522 __be32 status = nfserr_bad_stateid;
17456804 4523
7df302f7 4524 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
1af71cc8 4525 return status;
7df302f7
CL		 4526 /* Client debugging aid. */
4527 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
4528 char addr_str[INET6_ADDRSTRLEN];
4529 rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
4530 sizeof(addr_str));
4531 pr_warn_ratelimited("NFSD: client %s testing state ID "
4532 "with incorrect client ID\n", addr_str);
1af71cc8 4533 return status;
7df302f7 4534 }
1af71cc8
JL		 4535 spin_lock(&cl->cl_lock);
4536 s = find_stateid_locked(cl, stateid);
97b7e3b6 4537 if (!s)
1af71cc8 4538 goto out_unlock;
36279ac1 4539 status = check_stateid_generation(stateid, &s->sc_stateid, 1);
17456804 4540 if (status)
1af71cc8 4541 goto out_unlock;
23340032
BF		 4542 switch (s->sc_type) {
4543 case NFS4_DELEG_STID:
1af71cc8
JL		 4544 status = nfs_ok;
4545 break;
3bd64a5b 4546 case NFS4_REVOKED_DELEG_STID:
1af71cc8
JL		 4547 status = nfserr_deleg_revoked;
4548 break;
23340032
BF		 4549 case NFS4_OPEN_STID:
4550 case NFS4_LOCK_STID:
ebe9cb3b 4551 status = nfsd4_check_openowner_confirmed(openlockstateid(s));
1af71cc8 4552 break;
23340032
BF		 4553 default:
4554 printk("unknown stateid type %x\n", s->sc_type);
b0fc29d6 4555 /* Fallthrough */
23340032 4556 case NFS4_CLOSED_STID:
b0fc29d6 4557 case NFS4_CLOSED_DELEG_STID:
1af71cc8 4558 status = nfserr_bad_stateid;
23340032 4559 }
1af71cc8
JL		 4560out_unlock:
4561 spin_unlock(&cl->cl_lock);
4562 return status;
17456804
BS		 4563}
4564
cd61c522 4565__be32
2dd6e458
TM		 4566nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate,
4567 stateid_t *stateid, unsigned char typemask,
4568 struct nfs4_stid **s, struct nfsd_net *nn)
38c2f4b1 4569{
0eb6f20a 4570 __be32 status;
38c2f4b1
BF		 4571
4572 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
4573 return nfserr_bad_stateid;
4b24ca7d 4574 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn);
a8a7c677 4575 if (status == nfserr_stale_clientid) {
4b24ca7d 4576 if (cstate->session)
a8a7c677 4577 return nfserr_bad_stateid;
38c2f4b1 4578 return nfserr_stale_stateid;
a8a7c677 4579 }
0eb6f20a
BF		 4580 if (status)
4581 return status;
4b24ca7d 4582 *s = find_stateid_by_type(cstate->clp, stateid, typemask);
38c2f4b1
BF		 4583 if (!*s)
4584 return nfserr_bad_stateid;
4585 return nfs_ok;
38c2f4b1
BF		 4586}
4587
a0649b2d
CH		 4588static struct file *
4589nfs4_find_file(struct nfs4_stid *s, int flags)
4590{
af90f707
CH		 4591 if (!s)
4592 return NULL;
4593
a0649b2d
CH		 4594 switch (s->sc_type) {
4595 case NFS4_DELEG_STID:
4596 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file))
4597 return NULL;
4598 return get_file(s->sc_file->fi_deleg_file);
4599 case NFS4_OPEN_STID:
4600 case NFS4_LOCK_STID:
4601 if (flags & RD_STATE)
4602 return find_readable_file(s->sc_file);
4603 else
4604 return find_writeable_file(s->sc_file);
4605 break;
4606 }
4607
4608 return NULL;
4609}
4610
4611static __be32
4612nfs4_check_olstateid(struct svc_fh *fhp, struct nfs4_ol_stateid *ols, int flags)
4613{
4614 __be32 status;
4615
a0649b2d
CH		 4616 status = nfsd4_check_openowner_confirmed(ols);
4617 if (status)
4618 return status;
4619 return nfs4_check_openmode(ols, flags);
4620}
4621
af90f707
CH		 4622static __be32
4623nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s,
4624 struct file **filpp, bool *tmp_file, int flags)
4625{
4626 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE;
4627 struct file *file;
4628 __be32 status;
4629
4630 file = nfs4_find_file(s, flags);
4631 if (file) {
4632 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry,
4633 acc | NFSD_MAY_OWNER_OVERRIDE);
4634 if (status) {
4635 fput(file);
4636 return status;
4637 }
4638
4639 *filpp = file;
4640 } else {
4641 status = nfsd_open(rqstp, fhp, S_IFREG, acc, filpp);
4642 if (status)
4643 return status;
4644
4645 if (tmp_file)
4646 *tmp_file = true;
4647 }
4648
4649 return 0;
4650}
4651
1da177e4 4652/*
a0649b2d
CH		 4653 * Checks for stateid operations
4654 */
b37ad28b 4655__be32
af90f707
CH		 4656nfs4_preprocess_stateid_op(struct svc_rqst *rqstp,
4657 struct nfsd4_compound_state *cstate, stateid_t *stateid,
4658 int flags, struct file **filpp, bool *tmp_file)
1da177e4 4659{
a0649b2d
CH		 4660 struct svc_fh *fhp = &cstate->current_fh;
4661 struct inode *ino = d_inode(fhp->fh_dentry);
af90f707 4662 struct net *net = SVC_NET(rqstp);
3320fef1 4663 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
af90f707 4664 struct nfs4_stid *s = NULL;
b37ad28b 4665 __be32 status;
1da177e4 4666
1da177e4
LT		 4667 if (filpp)
4668 *filpp = NULL;
af90f707
CH		 4669 if (tmp_file)
4670 *tmp_file = false;
1da177e4 4671
5ccb0066 4672 if (grace_disallows_io(net, ino))
1da177e4
LT		 4673 return nfserr_grace;
4674
af90f707
CH		 4675 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) {
4676 status = check_special_stateids(net, fhp, stateid, flags);
4677 goto done;
4678 }
1da177e4 4679
2dd6e458 4680 status = nfsd4_lookup_stateid(cstate, stateid,
db24b3b4 4681 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
2dd6e458 4682 &s, nn);
38c2f4b1 4683 if (status)
c2d1d6a8 4684 return status;
a0649b2d
CH		 4685 status = check_stateid_generation(stateid, &s->sc_stateid,
4686 nfsd4_has_session(cstate));
69064a27
BF		 4687 if (status)
4688 goto out;
a0649b2d 4689
f7a4d872
BF		 4690 switch (s->sc_type) {
4691 case NFS4_DELEG_STID:
a0649b2d 4692 status = nfs4_check_delegmode(delegstateid(s), flags);
f7a4d872
BF		 4693 break;
4694 case NFS4_OPEN_STID:
4695 case NFS4_LOCK_STID:
a0649b2d 4696 status = nfs4_check_olstateid(fhp, openlockstateid(s), flags);
f7a4d872
BF		 4697 break;
4698 default:
14bcab1a 4699 status = nfserr_bad_stateid;
a0649b2d
CH		 4700 break;
4701 }
8fcd461d
JL		 4702 if (status)
4703 goto out;
4704 status = nfs4_check_fh(fhp, s);
a0649b2d 4705
af90f707
CH		 4706done:
4707 if (!status && filpp)
4708 status = nfs4_check_file(rqstp, fhp, s, filpp, tmp_file, flags);
1da177e4 4709out:
af90f707
CH		 4710 if (s)
4711 nfs4_put_stid(s);
1da177e4
LT		 4712 return status;
4713}
4714
17456804
BS		 4715/*
4716 * Test if the stateid is valid
4717 */
4718__be32
4719nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4720 struct nfsd4_test_stateid *test_stateid)
4721{
03cfb420
BS		 4722 struct nfsd4_test_stateid_id *stateid;
4723 struct nfs4_client *cl = cstate->session->se_client;
4724
03cfb420 4725 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
7df302f7
CL		 4726 stateid->ts_id_status =
4727 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
03cfb420 4728
17456804
BS		 4729 return nfs_ok;
4730}
4731
e1ca12df
BS		 4732__be32
4733nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4734 struct nfsd4_free_stateid *free_stateid)
4735{
4736 stateid_t *stateid = &free_stateid->fr_stateid;
2da1cec7 4737 struct nfs4_stid *s;
3bd64a5b 4738 struct nfs4_delegation *dp;
fc5a96c3 4739 struct nfs4_ol_stateid *stp;
38c2f4b1 4740 struct nfs4_client *cl = cstate->session->se_client;
2da1cec7 4741 __be32 ret = nfserr_bad_stateid;
e1ca12df 4742
1af71cc8
JL		 4743 spin_lock(&cl->cl_lock);
4744 s = find_stateid_locked(cl, stateid);
2da1cec7 4745 if (!s)
1af71cc8 4746 goto out_unlock;
2da1cec7
BF		 4747 switch (s->sc_type) {
4748 case NFS4_DELEG_STID:
e1ca12df 4749 ret = nfserr_locks_held;
1af71cc8 4750 break;
2da1cec7 4751 case NFS4_OPEN_STID:
2da1cec7
BF		 4752 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
4753 if (ret)
1af71cc8
JL		 4754 break;
4755 ret = nfserr_locks_held;
f7a4d872 4756 break;
1af71cc8
JL		 4757 case NFS4_LOCK_STID:
4758 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
4759 if (ret)
4760 break;
fc5a96c3
JL		 4761 stp = openlockstateid(s);
4762 ret = nfserr_locks_held;
4763 if (check_for_locks(stp->st_stid.sc_file,
4764 lockowner(stp->st_stateowner)))
4765 break;
e8568739 4766 WARN_ON(!unhash_lock_stateid(stp));
1af71cc8 4767 spin_unlock(&cl->cl_lock);
fc5a96c3
JL		 4768 nfs4_put_stid(s);
4769 ret = nfs_ok;
1af71cc8 4770 goto out;
3bd64a5b
BF		 4771 case NFS4_REVOKED_DELEG_STID:
4772 dp = delegstateid(s);
2d4a532d
JL		 4773 list_del_init(&dp->dl_recall_lru);
4774 spin_unlock(&cl->cl_lock);
6011695d 4775 nfs4_put_stid(s);
3bd64a5b 4776 ret = nfs_ok;
1af71cc8
JL		 4777 goto out;
4778 /* Default falls through and returns nfserr_bad_stateid */
e1ca12df 4779 }
1af71cc8
JL		 4780out_unlock:
4781 spin_unlock(&cl->cl_lock);
e1ca12df 4782out:
e1ca12df
BS		 4783 return ret;
4784}
4785
4c4cd222
N		 4786static inline int
4787setlkflg (int type)
4788{
4789 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
4790 RD_STATE : WR_STATE;
4791}
1da177e4 4792
dcef0413 4793static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
c0a5d93e
BF		 4794{
4795 struct svc_fh *current_fh = &cstate->current_fh;
4796 struct nfs4_stateowner *sop = stp->st_stateowner;
4797 __be32 status;
4798
c0a5d93e
BF		 4799 status = nfsd4_check_seqid(cstate, sop, seqid);
4800 if (status)
4801 return status;
3bd64a5b
BF		 4802 if (stp->st_stid.sc_type == NFS4_CLOSED_STID
4803 || stp->st_stid.sc_type == NFS4_REVOKED_DELEG_STID)
f7a4d872
BF		 4804 /*
4805 * "Closed" stateid's exist *only* to return
3bd64a5b
BF		 4806 * nfserr_replay_me from the previous step, and
4807 * revoked delegations are kept only for free_stateid.
f7a4d872
BF		 4808 */
4809 return nfserr_bad_stateid;
4810 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
4811 if (status)
4812 return status;
8fcd461d 4813 return nfs4_check_fh(current_fh, &stp->st_stid);
c0a5d93e
BF		 4814}
4815
1da177e4
LT		 4816/*
4817 * Checks for sequence id mutating operations.
4818 */
b37ad28b 4819static __be32
dd453dfd 4820nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
2288d0e3 4821 stateid_t *stateid, char typemask,
3320fef1
SK		 4822 struct nfs4_ol_stateid **stpp,
4823 struct nfsd_net *nn)
1da177e4 4824{
0836f587 4825 __be32 status;
38c2f4b1 4826 struct nfs4_stid *s;
e17f99b7 4827 struct nfs4_ol_stateid *stp = NULL;
1da177e4 4828
8c10cbdb
BH		 4829 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
4830 seqid, STATEID_VAL(stateid));
3a4f98bb 4831
1da177e4 4832 *stpp = NULL;
2dd6e458 4833 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn);
c0a5d93e
BF		 4834 if (status)
4835 return status;
e17f99b7 4836 stp = openlockstateid(s);
58fb12e6 4837 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner);
1da177e4 4838
e17f99b7 4839 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp);
fd911011 4840 if (!status)
e17f99b7 4841 *stpp = stp;
fd911011
TM		 4842 else
4843 nfs4_put_stid(&stp->st_stid);
e17f99b7 4844 return status;
c0a5d93e 4845}
39325bd0 4846
3320fef1
SK		 4847static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
4848 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn)
c0a5d93e
BF		 4849{
4850 __be32 status;
4851 struct nfs4_openowner *oo;
4cbfc9f7 4852 struct nfs4_ol_stateid *stp;
1da177e4 4853
c0a5d93e 4854 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
4cbfc9f7 4855 NFS4_OPEN_STID, &stp, nn);
7a8711c9
BF		 4856 if (status)
4857 return status;
4cbfc9f7
TM		 4858 oo = openowner(stp->st_stateowner);
4859 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
4860 nfs4_put_stid(&stp->st_stid);
3a4f98bb 4861 return nfserr_bad_stateid;
4cbfc9f7
TM		 4862 }
4863 *stpp = stp;
3a4f98bb 4864 return nfs_ok;
1da177e4
LT		 4865}
4866
b37ad28b 4867__be32
ca364317 4868nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 4869 struct nfsd4_open_confirm *oc)
1da177e4 4870{
b37ad28b 4871 __be32 status;
fe0750e5 4872 struct nfs4_openowner *oo;
dcef0413 4873 struct nfs4_ol_stateid *stp;
3320fef1 4874 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4875
a6a9f18f
AV		 4876 dprintk("NFSD: nfsd4_open_confirm on file %pd\n",
4877 cstate->current_fh.fh_dentry);
1da177e4 4878
ca364317 4879 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
a8cddc5d
BF		 4880 if (status)
4881 return status;
1da177e4 4882
9072d5c6 4883 status = nfs4_preprocess_seqid_op(cstate,
ca364317 4884 oc->oc_seqid, &oc->oc_req_stateid,
3320fef1 4885 NFS4_OPEN_STID, &stp, nn);
9072d5c6 4886 if (status)
68b66e82 4887 goto out;
fe0750e5 4888 oo = openowner(stp->st_stateowner);
68b66e82 4889 status = nfserr_bad_stateid;
dad1c067 4890 if (oo->oo_flags & NFS4_OO_CONFIRMED)
2585fc79 4891 goto put_stateid;
dad1c067 4892 oo->oo_flags |= NFS4_OO_CONFIRMED;
dcef0413
BF		 4893 update_stateid(&stp->st_stid.sc_stateid);
4894 memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
8c10cbdb 4895 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
dcef0413 4896 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
c7b9a459 4897
2a4317c5 4898 nfsd4_client_record_create(oo->oo_owner.so_client);
68b66e82 4899 status = nfs_ok;
2585fc79
TM		 4900put_stateid:
4901 nfs4_put_stid(&stp->st_stid);
1da177e4 4902out:
9411b1d4 4903 nfsd4_bump_seqid(cstate, status);
1da177e4
LT		 4904 return status;
4905}
4906
6409a5a6 4907static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
1da177e4 4908{
82c5ff1b 4909 if (!test_access(access, stp))
6409a5a6 4910 return;
11b9164a 4911 nfs4_file_put_access(stp->st_stid.sc_file, access);
82c5ff1b 4912 clear_access(access, stp);
6409a5a6 4913}
f197c271 4914
6409a5a6
BF		 4915static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
4916{
4917 switch (to_access) {
4918 case NFS4_SHARE_ACCESS_READ:
4919 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
4920 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4921 break;
4922 case NFS4_SHARE_ACCESS_WRITE:
4923 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
4924 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
4925 break;
4926 case NFS4_SHARE_ACCESS_BOTH:
4927 break;
4928 default:
063b0fb9 4929 WARN_ON_ONCE(1);
1da177e4
LT		 4930 }
4931}
4932
b37ad28b 4933__be32
ca364317
BF		 4934nfsd4_open_downgrade(struct svc_rqst *rqstp,
4935 struct nfsd4_compound_state *cstate,
a4f1706a 4936 struct nfsd4_open_downgrade *od)
1da177e4 4937{
b37ad28b 4938 __be32 status;
dcef0413 4939 struct nfs4_ol_stateid *stp;
3320fef1 4940 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 4941
a6a9f18f
AV		 4942 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n",
4943 cstate->current_fh.fh_dentry);
1da177e4 4944
c30e92df 4945 /* We don't yet support WANT bits: */
2c8bd7e0
BH		 4946 if (od->od_deleg_want)
4947 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
4948 od->od_deleg_want);
1da177e4 4949
c0a5d93e 4950 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3320fef1 4951 &od->od_stateid, &stp, nn);
9072d5c6 4952 if (status)
1da177e4 4953 goto out;
1da177e4 4954 status = nfserr_inval;
82c5ff1b 4955 if (!test_access(od->od_share_access, stp)) {
c11c591f 4956 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n",
1da177e4 4957 stp->st_access_bmap, od->od_share_access);
0667b1e9 4958 goto put_stateid;
1da177e4 4959 }
ce0fc43c 4960 if (!test_deny(od->od_share_deny, stp)) {
c11c591f 4961 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n",
1da177e4 4962 stp->st_deny_bmap, od->od_share_deny);
0667b1e9 4963 goto put_stateid;
1da177e4 4964 }
6409a5a6 4965 nfs4_stateid_downgrade(stp, od->od_share_access);
1da177e4 4966
ce0fc43c 4967 reset_union_bmap_deny(od->od_share_deny, stp);
1da177e4 4968
dcef0413
BF		 4969 update_stateid(&stp->st_stid.sc_stateid);
4970 memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 4971 status = nfs_ok;
0667b1e9
TM		 4972put_stateid:
4973 nfs4_put_stid(&stp->st_stid);
1da177e4 4974out:
9411b1d4 4975 nfsd4_bump_seqid(cstate, status);
1da177e4
LT		 4976 return status;
4977}
4978
f7a4d872
BF		 4979static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
4980{
acf9295b 4981 struct nfs4_client *clp = s->st_stid.sc_client;
e8568739 4982 bool unhashed;
d83017f9 4983 LIST_HEAD(reaplist);
acf9295b 4984
f7a4d872 4985 s->st_stid.sc_type = NFS4_CLOSED_STID;
2c41beb0 4986 spin_lock(&clp->cl_lock);
e8568739 4987 unhashed = unhash_open_stateid(s, &reaplist);
acf9295b 4988
d83017f9 4989 if (clp->cl_minorversion) {
e8568739
JL		 4990 if (unhashed)
4991 put_ol_stateid_locked(s, &reaplist);
d83017f9
JL		 4992 spin_unlock(&clp->cl_lock);
4993 free_ol_stateid_reaplist(&reaplist);
4994 } else {
4995 spin_unlock(&clp->cl_lock);
4996 free_ol_stateid_reaplist(&reaplist);
e8568739
JL		 4997 if (unhashed)
4998 move_to_close_lru(s, clp->net);
d83017f9 4999 }
38c387b5
BF		 5000}
5001
1da177e4
LT		 5002/*
5003 * nfs4_unlock_state() called after encode
5004 */
b37ad28b 5005__be32
ca364317 5006nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 5007 struct nfsd4_close *close)
1da177e4 5008{
b37ad28b 5009 __be32 status;
dcef0413 5010 struct nfs4_ol_stateid *stp;
3320fef1
SK		 5011 struct net *net = SVC_NET(rqstp);
5012 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 5013
a6a9f18f
AV		 5014 dprintk("NFSD: nfsd4_close on file %pd\n",
5015 cstate->current_fh.fh_dentry);
1da177e4 5016
f7a4d872
BF		 5017 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
5018 &close->cl_stateid,
5019 NFS4_OPEN_STID|NFS4_CLOSED_STID,
3320fef1 5020 &stp, nn);
9411b1d4 5021 nfsd4_bump_seqid(cstate, status);
9072d5c6 5022 if (status)
1da177e4 5023 goto out;
dcef0413
BF		 5024 update_stateid(&stp->st_stid.sc_stateid);
5025 memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
1da177e4 5026
f7a4d872 5027 nfsd4_close_open_stateid(stp);
8a0b589d
TM		 5028
5029 /* put reference from nfs4_preprocess_seqid_op */
5030 nfs4_put_stid(&stp->st_stid);
1da177e4 5031out:
1da177e4
LT		 5032 return status;
5033}
5034
b37ad28b 5035__be32
ca364317
BF		 5036nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5037 struct nfsd4_delegreturn *dr)
1da177e4 5038{
203a8c8e
BF		 5039 struct nfs4_delegation *dp;
5040 stateid_t *stateid = &dr->dr_stateid;
38c2f4b1 5041 struct nfs4_stid *s;
b37ad28b 5042 __be32 status;
3320fef1 5043 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 5044
ca364317 5045 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
203a8c8e 5046 return status;
1da177e4 5047
2dd6e458 5048 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn);
38c2f4b1 5049 if (status)
203a8c8e 5050 goto out;
38c2f4b1 5051 dp = delegstateid(s);
d5477a8d 5052 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
203a8c8e 5053 if (status)
fd911011 5054 goto put_stateid;
203a8c8e 5055
3bd64a5b 5056 destroy_delegation(dp);
fd911011
TM		 5057put_stateid:
5058 nfs4_put_stid(&dp->dl_stid);
1da177e4
LT		 5059out:
5060 return status;
5061}
5062
87df4de8
BH		 5063static inline u64
5064end_offset(u64 start, u64 len)
5065{
5066 u64 end;
5067
5068 end = start + len;
5069 return end >= start ? end: NFS4_MAX_UINT64;
5070}
5071
5072/* last octet in a range */
5073static inline u64
5074last_byte_offset(u64 start, u64 len)
5075{
5076 u64 end;
5077
063b0fb9 5078 WARN_ON_ONCE(!len);
87df4de8
BH		 5079 end = start + len;
5080 return end > start ? end - 1: NFS4_MAX_UINT64;
5081}
5082
1da177e4
LT		 5083/*
5084 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
5085 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
5086 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit
5087 * locking, this prevents us from being completely protocol-compliant. The
5088 * real solution to this problem is to start using unsigned file offsets in
5089 * the VFS, but this is a very deep change!
5090 */
5091static inline void
5092nfs4_transform_lock_offset(struct file_lock *lock)
5093{
5094 if (lock->fl_start < 0)
5095 lock->fl_start = OFFSET_MAX;
5096 if (lock->fl_end < 0)
5097 lock->fl_end = OFFSET_MAX;
5098}
5099
cae80b30
JL		 5100static fl_owner_t
5101nfsd4_fl_get_owner(fl_owner_t owner)
aef9583b 5102{
cae80b30
JL		 5103 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner;
5104
5105 nfs4_get_stateowner(&lo->lo_owner);
5106 return owner;
aef9583b
KM		 5107}
5108
cae80b30
JL		 5109static void
5110nfsd4_fl_put_owner(fl_owner_t owner)
aef9583b 5111{
cae80b30 5112 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner;
aef9583b 5113
cae80b30 5114 if (lo)
aef9583b 5115 nfs4_put_stateowner(&lo->lo_owner);
aef9583b
KM		 5116}
5117
7b021967 5118static const struct lock_manager_operations nfsd_posix_mng_ops = {
aef9583b
KM		 5119 .lm_get_owner = nfsd4_fl_get_owner,
5120 .lm_put_owner = nfsd4_fl_put_owner,
d5b9026a 5121};
1da177e4
LT		 5122
5123static inline void
5124nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
5125{
fe0750e5 5126 struct nfs4_lockowner *lo;
1da177e4 5127
d5b9026a 5128 if (fl->fl_lmops == &nfsd_posix_mng_ops) {
fe0750e5
BF		 5129 lo = (struct nfs4_lockowner *) fl->fl_owner;
5130 deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
5131 lo->lo_owner.so_owner.len, GFP_KERNEL);
7c13f344
BF		 5132 if (!deny->ld_owner.data)
5133 /* We just don't care that much */
5134 goto nevermind;
fe0750e5
BF		 5135 deny->ld_owner.len = lo->lo_owner.so_owner.len;
5136 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
d5b9026a 5137 } else {
7c13f344
BF		 5138nevermind:
5139 deny->ld_owner.len = 0;
5140 deny->ld_owner.data = NULL;
d5b9026a
N		 5141 deny->ld_clientid.cl_boot = 0;
5142 deny->ld_clientid.cl_id = 0;
1da177e4
LT		 5143 }
5144 deny->ld_start = fl->fl_start;
87df4de8
BH		 5145 deny->ld_length = NFS4_MAX_UINT64;
5146 if (fl->fl_end != NFS4_MAX_UINT64)
1da177e4
LT		 5147 deny->ld_length = fl->fl_end - fl->fl_start + 1;
5148 deny->ld_type = NFS4_READ_LT;
5149 if (fl->fl_type != F_RDLCK)
5150 deny->ld_type = NFS4_WRITE_LT;
5151}
5152
fe0750e5 5153static struct nfs4_lockowner *
c8623999 5154find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner)
1da177e4 5155{
d4f0489f 5156 unsigned int strhashval = ownerstr_hashval(owner);
b3c32bcd 5157 struct nfs4_stateowner *so;
1da177e4 5158
0a880a28
TM		 5159 lockdep_assert_held(&clp->cl_lock);
5160
d4f0489f
TM		 5161 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval],
5162 so_strhash) {
b3c32bcd
TM		 5163 if (so->so_is_open_owner)
5164 continue;
b5971afa
KM		 5165 if (same_owner_str(so, owner))
5166 return lockowner(nfs4_get_stateowner(so));
1da177e4
LT		 5167 }
5168 return NULL;
5169}
5170
c58c6610 5171static struct nfs4_lockowner *
c8623999 5172find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner)
c58c6610
TM		 5173{
5174 struct nfs4_lockowner *lo;
5175
d4f0489f 5176 spin_lock(&clp->cl_lock);
c8623999 5177 lo = find_lockowner_str_locked(clp, owner);
d4f0489f 5178 spin_unlock(&clp->cl_lock);
c58c6610
TM		 5179 return lo;
5180}
5181
8f4b54c5
JL		 5182static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop)
5183{
c58c6610 5184 unhash_lockowner_locked(lockowner(sop));
8f4b54c5
JL		 5185}
5186
6b180f0b
JL		 5187static void nfs4_free_lockowner(struct nfs4_stateowner *sop)
5188{
5189 struct nfs4_lockowner *lo = lockowner(sop);
5190
5191 kmem_cache_free(lockowner_slab, lo);
5192}
5193
5194static const struct nfs4_stateowner_operations lockowner_ops = {
8f4b54c5
JL		 5195 .so_unhash = nfs4_unhash_lockowner,
5196 .so_free = nfs4_free_lockowner,
6b180f0b
JL		 5197};
5198
1da177e4
LT		 5199/*
5200 * Alloc a lock owner structure.
5201 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has
25985edc 5202 * occurred.
1da177e4 5203 *
16bfdaaf 5204 * strhashval = ownerstr_hashval
1da177e4 5205 */
fe0750e5 5206static struct nfs4_lockowner *
c58c6610
TM		 5207alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp,
5208 struct nfs4_ol_stateid *open_stp,
5209 struct nfsd4_lock *lock)
5210{
c58c6610 5211 struct nfs4_lockowner *lo, *ret;
1da177e4 5212
fe0750e5
BF		 5213 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
5214 if (!lo)
1da177e4 5215 return NULL;
fe0750e5
BF		 5216 INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
5217 lo->lo_owner.so_is_open_owner = 0;
5db1c03f 5218 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid;
6b180f0b 5219 lo->lo_owner.so_ops = &lockowner_ops;
d4f0489f 5220 spin_lock(&clp->cl_lock);
c8623999 5221 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner);
c58c6610
TM		 5222 if (ret == NULL) {
5223 list_add(&lo->lo_owner.so_strhash,
d4f0489f 5224 &clp->cl_ownerstr_hashtbl[strhashval]);
c58c6610
TM		 5225 ret = lo;
5226 } else
d50ffded
KM		 5227 nfs4_free_stateowner(&lo->lo_owner);
5228
d4f0489f 5229 spin_unlock(&clp->cl_lock);
340f0ba1 5230 return ret;
1da177e4
LT		 5231}
5232
356a95ec
JL		 5233static void
5234init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo,
5235 struct nfs4_file *fp, struct inode *inode,
5236 struct nfs4_ol_stateid *open_stp)
1da177e4 5237{
d3b313a4 5238 struct nfs4_client *clp = lo->lo_owner.so_client;
1da177e4 5239
356a95ec
JL		 5240 lockdep_assert_held(&clp->cl_lock);
5241
3d0fabd5 5242 atomic_inc(&stp->st_stid.sc_count);
3abdb607 5243 stp->st_stid.sc_type = NFS4_LOCK_STID;
b5971afa 5244 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner);
13cd2184 5245 get_nfs4_file(fp);
11b9164a 5246 stp->st_stid.sc_file = fp;
b49e084d 5247 stp->st_stid.sc_free = nfs4_free_lock_stateid;
0997b173 5248 stp->st_access_bmap = 0;
1da177e4 5249 stp->st_deny_bmap = open_stp->st_deny_bmap;
4c4cd222 5250 stp->st_openstp = open_stp;
3c87b9b7 5251 list_add(&stp->st_locks, &open_stp->st_locks);
1c755dc1 5252 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
1d31a253
TM		 5253 spin_lock(&fp->fi_lock);
5254 list_add(&stp->st_perfile, &fp->fi_stateids);
5255 spin_unlock(&fp->fi_lock);
1da177e4
LT		 5256}
5257
c53530da
JL		 5258static struct nfs4_ol_stateid *
5259find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp)
5260{
5261 struct nfs4_ol_stateid *lst;
356a95ec
JL		 5262 struct nfs4_client *clp = lo->lo_owner.so_client;
5263
5264 lockdep_assert_held(&clp->cl_lock);
c53530da
JL		 5265
5266 list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) {
3d0fabd5
TM		 5267 if (lst->st_stid.sc_file == fp) {
5268 atomic_inc(&lst->st_stid.sc_count);
c53530da 5269 return lst;
3d0fabd5 5270 }
c53530da
JL		 5271 }
5272 return NULL;
5273}
5274
356a95ec
JL		 5275static struct nfs4_ol_stateid *
5276find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi,
5277 struct inode *inode, struct nfs4_ol_stateid *ost,
5278 bool *new)
5279{
5280 struct nfs4_stid *ns = NULL;
5281 struct nfs4_ol_stateid *lst;
5282 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
5283 struct nfs4_client *clp = oo->oo_owner.so_client;
5284
5285 spin_lock(&clp->cl_lock);
5286 lst = find_lock_stateid(lo, fi);
5287 if (lst == NULL) {
5288 spin_unlock(&clp->cl_lock);
5289 ns = nfs4_alloc_stid(clp, stateid_slab);
5290 if (ns == NULL)
5291 return NULL;
5292
5293 spin_lock(&clp->cl_lock);
5294 lst = find_lock_stateid(lo, fi);
5295 if (likely(!lst)) {
5296 lst = openlockstateid(ns);
5297 init_lock_stateid(lst, lo, fi, inode, ost);
5298 ns = NULL;
5299 *new = true;
5300 }
5301 }
5302 spin_unlock(&clp->cl_lock);
5303 if (ns)
5304 nfs4_put_stid(ns);
5305 return lst;
5306}
c53530da 5307
fd39ca9a 5308static int
1da177e4
LT		 5309check_lock_length(u64 offset, u64 length)
5310{
e7969315
KM		 5311 return ((length == 0) || ((length != NFS4_MAX_UINT64) &&
5312 (length > ~offset)));
1da177e4
LT		 5313}
5314
dcef0413 5315static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
0997b173 5316{
11b9164a 5317 struct nfs4_file *fp = lock_stp->st_stid.sc_file;
0997b173 5318
7214e860
JL		 5319 lockdep_assert_held(&fp->fi_lock);
5320
82c5ff1b 5321 if (test_access(access, lock_stp))
0997b173 5322 return;
12659651 5323 __nfs4_file_get_access(fp, access);
82c5ff1b 5324 set_access(access, lock_stp);
0997b173
BF		 5325}
5326
356a95ec
JL		 5327static __be32
5328lookup_or_create_lock_state(struct nfsd4_compound_state *cstate,
5329 struct nfs4_ol_stateid *ost,
5330 struct nfsd4_lock *lock,
5331 struct nfs4_ol_stateid **lst, bool *new)
64a284d0 5332{
5db1c03f 5333 __be32 status;
11b9164a 5334 struct nfs4_file *fi = ost->st_stid.sc_file;
64a284d0
BF		 5335 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
5336 struct nfs4_client *cl = oo->oo_owner.so_client;
2b0143b5 5337 struct inode *inode = d_inode(cstate->current_fh.fh_dentry);
64a284d0
BF		 5338 struct nfs4_lockowner *lo;
5339 unsigned int strhashval;
5340
c8623999 5341 lo = find_lockowner_str(cl, &lock->lk_new_owner);
c53530da 5342 if (!lo) {
76f6c9e1 5343 strhashval = ownerstr_hashval(&lock->lk_new_owner);
c53530da
JL		 5344 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
5345 if (lo == NULL)
5346 return nfserr_jukebox;
5347 } else {
5348 /* with an existing lockowner, seqids must be the same */
5db1c03f 5349 status = nfserr_bad_seqid;
c53530da
JL		 5350 if (!cstate->minorversion &&
5351 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid)
5db1c03f 5352 goto out;
64a284d0 5353 }
c53530da 5354
356a95ec 5355 *lst = find_or_create_lock_stateid(lo, fi, inode, ost, new);
64a284d0 5356 if (*lst == NULL) {
5db1c03f
JL		 5357 status = nfserr_jukebox;
5358 goto out;
64a284d0 5359 }
5db1c03f
JL		 5360 status = nfs_ok;
5361out:
5362 nfs4_put_stateowner(&lo->lo_owner);
5363 return status;
64a284d0
BF		 5364}
5365
1da177e4
LT		 5366/*
5367 * LOCK operation
5368 */
b37ad28b 5369__be32
ca364317 5370nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 5371 struct nfsd4_lock *lock)
1da177e4 5372{
fe0750e5
BF		 5373 struct nfs4_openowner *open_sop = NULL;
5374 struct nfs4_lockowner *lock_sop = NULL;
3d0fabd5 5375 struct nfs4_ol_stateid *lock_stp = NULL;
0667b1e9 5376 struct nfs4_ol_stateid *open_stp = NULL;
7214e860 5377 struct nfs4_file *fp;
7d947842 5378 struct file *filp = NULL;
21179d81
JL		 5379 struct file_lock *file_lock = NULL;
5380 struct file_lock *conflock = NULL;
b37ad28b 5381 __be32 status = 0;
b34f27aa 5382 int lkflg;
b8dd7b9a 5383 int err;
5db1c03f 5384 bool new = false;
3320fef1
SK		 5385 struct net *net = SVC_NET(rqstp);
5386 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4
LT		 5387
5388 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
5389 (long long) lock->lk_offset,
5390 (long long) lock->lk_length);
5391
1da177e4
LT		 5392 if (check_lock_length(lock->lk_offset, lock->lk_length))
5393 return nfserr_inval;
5394
ca364317 5395 if ((status = fh_verify(rqstp, &cstate->current_fh,
8837abca 5396 S_IFREG, NFSD_MAY_LOCK))) {
a6f6ef2f
AA		 5397 dprintk("NFSD: nfsd4_lock: permission denied!\n");
5398 return status;
5399 }
5400
1da177e4 5401 if (lock->lk_is_new) {
684e5638
BF		 5402 if (nfsd4_has_session(cstate))
5403 /* See rfc 5661 18.10.3: given clientid is ignored: */
76f6c9e1 5404 memcpy(&lock->lk_new_clientid,
684e5638
BF		 5405 &cstate->session->se_client->cl_clientid,
5406 sizeof(clientid_t));
5407
1da177e4 5408 status = nfserr_stale_clientid;
2c142baa 5409 if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
1da177e4 5410 goto out;
1da177e4 5411
1da177e4 5412 /* validate and update open stateid and open seqid */
c0a5d93e 5413 status = nfs4_preprocess_confirmed_seqid_op(cstate,
1da177e4
LT		 5414 lock->lk_new_open_seqid,
5415 &lock->lk_new_open_stateid,
3320fef1 5416 &open_stp, nn);
37515177 5417 if (status)
1da177e4 5418 goto out;
fe0750e5 5419 open_sop = openowner(open_stp->st_stateowner);
b34f27aa 5420 status = nfserr_bad_stateid;
684e5638 5421 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
76f6c9e1 5422 &lock->lk_new_clientid))
b34f27aa 5423 goto out;
64a284d0 5424 status = lookup_or_create_lock_state(cstate, open_stp, lock,
5db1c03f 5425 &lock_stp, &new);
3d0fabd5 5426 } else {
dd453dfd 5427 status = nfs4_preprocess_seqid_op(cstate,
fe0750e5
BF		 5428 lock->lk_old_lock_seqid,
5429 &lock->lk_old_lock_stateid,
3320fef1 5430 NFS4_LOCK_STID, &lock_stp, nn);
3d0fabd5 5431 }
e1aaa891
BF		 5432 if (status)
5433 goto out;
64a284d0 5434 lock_sop = lockowner(lock_stp->st_stateowner);
1da177e4 5435
b34f27aa
BF		 5436 lkflg = setlkflg(lock->lk_type);
5437 status = nfs4_check_openmode(lock_stp, lkflg);
5438 if (status)
5439 goto out;
5440
0dd395dc 5441 status = nfserr_grace;
3320fef1 5442 if (locks_in_grace(net) && !lock->lk_reclaim)
0dd395dc
N		 5443 goto out;
5444 status = nfserr_no_grace;
3320fef1 5445 if (!locks_in_grace(net) && lock->lk_reclaim)
0dd395dc
N		 5446 goto out;
5447
21179d81
JL		 5448 file_lock = locks_alloc_lock();
5449 if (!file_lock) {
5450 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5451 status = nfserr_jukebox;
5452 goto out;
5453 }
5454
11b9164a 5455 fp = lock_stp->st_stid.sc_file;
1da177e4
LT		 5456 switch (lock->lk_type) {
5457 case NFS4_READ_LT:
5458 case NFS4_READW_LT:
7214e860
JL		 5459 spin_lock(&fp->fi_lock);
5460 filp = find_readable_file_locked(fp);
0997b173
BF		 5461 if (filp)
5462 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
7214e860 5463 spin_unlock(&fp->fi_lock);
21179d81 5464 file_lock->fl_type = F_RDLCK;
529d7b2a 5465 break;
1da177e4
LT		 5466 case NFS4_WRITE_LT:
5467 case NFS4_WRITEW_LT:
7214e860
JL		 5468 spin_lock(&fp->fi_lock);
5469 filp = find_writeable_file_locked(fp);
0997b173
BF		 5470 if (filp)
5471 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
7214e860 5472 spin_unlock(&fp->fi_lock);
21179d81 5473 file_lock->fl_type = F_WRLCK;
529d7b2a 5474 break;
1da177e4
LT		 5475 default:
5476 status = nfserr_inval;
5477 goto out;
5478 }
f9d7562f
BF		 5479 if (!filp) {
5480 status = nfserr_openmode;
5481 goto out;
5482 }
aef9583b
KM		 5483
5484 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner));
21179d81
JL		 5485 file_lock->fl_pid = current->tgid;
5486 file_lock->fl_file = filp;
5487 file_lock->fl_flags = FL_POSIX;
5488 file_lock->fl_lmops = &nfsd_posix_mng_ops;
5489 file_lock->fl_start = lock->lk_offset;
5490 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
5491 nfs4_transform_lock_offset(file_lock);
5492
5493 conflock = locks_alloc_lock();
5494 if (!conflock) {
5495 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5496 status = nfserr_jukebox;
5497 goto out;
5498 }
1da177e4 5499
21179d81 5500 err = vfs_lock_file(filp, F_SETLK, file_lock, conflock);
b8dd7b9a 5501 switch (-err) {
1da177e4 5502 case 0: /* success! */
dcef0413
BF		 5503 update_stateid(&lock_stp->st_stid.sc_stateid);
5504 memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid,
1da177e4 5505 sizeof(stateid_t));
b8dd7b9a 5506 status = 0;
eb76b3fd
AA		 5507 break;
5508 case (EAGAIN): /* conflock holds conflicting lock */
5509 status = nfserr_denied;
5510 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
21179d81 5511 nfs4_set_lock_denied(conflock, &lock->lk_denied);
eb76b3fd 5512 break;
1da177e4
LT		 5513 case (EDEADLK):
5514 status = nfserr_deadlock;
eb76b3fd 5515 break;
3e772463 5516 default:
fd85b817 5517 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
3e772463 5518 status = nfserrno(err);
eb76b3fd 5519 break;
1da177e4 5520 }
1da177e4 5521out:
de18643d
TM		 5522 if (filp)
5523 fput(filp);
5db1c03f
JL		 5524 if (lock_stp) {
5525 /* Bump seqid manually if the 4.0 replay owner is openowner */
5526 if (cstate->replay_owner &&
5527 cstate->replay_owner != &lock_sop->lo_owner &&
5528 seqid_mutating_err(ntohl(status)))
5529 lock_sop->lo_owner.so_seqid++;
5530
5531 /*
5532 * If this is a new, never-before-used stateid, and we are
5533 * returning an error, then just go ahead and release it.
5534 */
5535 if (status && new)
5536 release_lock_stateid(lock_stp);
5537
3d0fabd5 5538 nfs4_put_stid(&lock_stp->st_stid);
5db1c03f 5539 }
0667b1e9
TM		 5540 if (open_stp)
5541 nfs4_put_stid(&open_stp->st_stid);
9411b1d4 5542 nfsd4_bump_seqid(cstate, status);
21179d81
JL		 5543 if (file_lock)
5544 locks_free_lock(file_lock);
5545 if (conflock)
5546 locks_free_lock(conflock);
1da177e4
LT		 5547 return status;
5548}
5549
55ef1274
BF		 5550/*
5551 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
5552 * so we do a temporary open here just to get an open file to pass to
5553 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
5554 * inode operation.)
5555 */
04da6e9d 5556static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
55ef1274
BF		 5557{
5558 struct file *file;
04da6e9d
AV		 5559 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
5560 if (!err) {
5561 err = nfserrno(vfs_test_lock(file, lock));
fd891454 5562 fput(file);
04da6e9d 5563 }
55ef1274
BF		 5564 return err;
5565}
5566
1da177e4
LT		 5567/*
5568 * LOCKT operation
5569 */
b37ad28b 5570__be32
ca364317
BF		 5571nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
5572 struct nfsd4_lockt *lockt)
1da177e4 5573{
21179d81 5574 struct file_lock *file_lock = NULL;
5db1c03f 5575 struct nfs4_lockowner *lo = NULL;
b37ad28b 5576 __be32 status;
7f2210fa 5577 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 5578
5ccb0066 5579 if (locks_in_grace(SVC_NET(rqstp)))
1da177e4
LT		 5580 return nfserr_grace;
5581
5582 if (check_lock_length(lockt->lt_offset, lockt->lt_length))
5583 return nfserr_inval;
5584
9b2ef62b 5585 if (!nfsd4_has_session(cstate)) {
4b24ca7d 5586 status = lookup_clientid(&lockt->lt_clientid, cstate, nn);
9b2ef62b
BF		 5587 if (status)
5588 goto out;
5589 }
1da177e4 5590
75c096f7 5591 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
1da177e4 5592 goto out;
1da177e4 5593
21179d81
JL		 5594 file_lock = locks_alloc_lock();
5595 if (!file_lock) {
5596 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5597 status = nfserr_jukebox;
5598 goto out;
5599 }
6cd90662 5600
1da177e4
LT		 5601 switch (lockt->lt_type) {
5602 case NFS4_READ_LT:
5603 case NFS4_READW_LT:
21179d81 5604 file_lock->fl_type = F_RDLCK;
1da177e4
LT		 5605 break;
5606 case NFS4_WRITE_LT:
5607 case NFS4_WRITEW_LT:
21179d81 5608 file_lock->fl_type = F_WRLCK;
1da177e4
LT		 5609 break;
5610 default:
2fdada03 5611 dprintk("NFSD: nfs4_lockt: bad lock type!\n");
1da177e4
LT		 5612 status = nfserr_inval;
5613 goto out;
5614 }
5615
c8623999 5616 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner);
fe0750e5 5617 if (lo)
21179d81
JL		 5618 file_lock->fl_owner = (fl_owner_t)lo;
5619 file_lock->fl_pid = current->tgid;
5620 file_lock->fl_flags = FL_POSIX;
1da177e4 5621
21179d81
JL		 5622 file_lock->fl_start = lockt->lt_offset;
5623 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
1da177e4 5624
21179d81 5625 nfs4_transform_lock_offset(file_lock);
1da177e4 5626
21179d81 5627 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
04da6e9d 5628 if (status)
fd85b817 5629 goto out;
04da6e9d 5630
21179d81 5631 if (file_lock->fl_type != F_UNLCK) {
1da177e4 5632 status = nfserr_denied;
21179d81 5633 nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
1da177e4
LT		 5634 }
5635out:
5db1c03f
JL		 5636 if (lo)
5637 nfs4_put_stateowner(&lo->lo_owner);
21179d81
JL		 5638 if (file_lock)
5639 locks_free_lock(file_lock);
1da177e4
LT		 5640 return status;
5641}
5642
b37ad28b 5643__be32
ca364317 5644nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
a4f1706a 5645 struct nfsd4_locku *locku)
1da177e4 5646{
dcef0413 5647 struct nfs4_ol_stateid *stp;
1da177e4 5648 struct file *filp = NULL;
21179d81 5649 struct file_lock *file_lock = NULL;
b37ad28b 5650 __be32 status;
b8dd7b9a 5651 int err;
3320fef1
SK		 5652 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5653
1da177e4
LT		 5654 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
5655 (long long) locku->lu_offset,
5656 (long long) locku->lu_length);
5657
5658 if (check_lock_length(locku->lu_offset, locku->lu_length))
5659 return nfserr_inval;
5660
9072d5c6 5661 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
3320fef1
SK		 5662 &locku->lu_stateid, NFS4_LOCK_STID,
5663 &stp, nn);
9072d5c6 5664 if (status)
1da177e4 5665 goto out;
11b9164a 5666 filp = find_any_file(stp->st_stid.sc_file);
f9d7562f
BF		 5667 if (!filp) {
5668 status = nfserr_lock_range;
858cc573 5669 goto put_stateid;
f9d7562f 5670 }
21179d81
JL		 5671 file_lock = locks_alloc_lock();
5672 if (!file_lock) {
5673 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
5674 status = nfserr_jukebox;
de18643d 5675 goto fput;
21179d81 5676 }
6cd90662 5677
21179d81 5678 file_lock->fl_type = F_UNLCK;
aef9583b 5679 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner));
21179d81
JL		 5680 file_lock->fl_pid = current->tgid;
5681 file_lock->fl_file = filp;
5682 file_lock->fl_flags = FL_POSIX;
5683 file_lock->fl_lmops = &nfsd_posix_mng_ops;
5684 file_lock->fl_start = locku->lu_offset;
5685
5686 file_lock->fl_end = last_byte_offset(locku->lu_offset,
5687 locku->lu_length);
5688 nfs4_transform_lock_offset(file_lock);
1da177e4 5689
21179d81 5690 err = vfs_lock_file(filp, F_SETLK, file_lock, NULL);
b8dd7b9a 5691 if (err) {
fd85b817 5692 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
1da177e4
LT		 5693 goto out_nfserr;
5694 }
dcef0413
BF		 5695 update_stateid(&stp->st_stid.sc_stateid);
5696 memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
de18643d
TM		 5697fput:
5698 fput(filp);
858cc573
TM		 5699put_stateid:
5700 nfs4_put_stid(&stp->st_stid);
1da177e4 5701out:
9411b1d4 5702 nfsd4_bump_seqid(cstate, status);
21179d81
JL		 5703 if (file_lock)
5704 locks_free_lock(file_lock);
1da177e4
LT		 5705 return status;
5706
5707out_nfserr:
b8dd7b9a 5708 status = nfserrno(err);
de18643d 5709 goto fput;
1da177e4
LT		 5710}
5711
5712/*
5713 * returns
f9c00c3a
JL		 5714 * true: locks held by lockowner
5715 * false: no locks held by lockowner
1da177e4 5716 */
f9c00c3a
JL		 5717static bool
5718check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner)
1da177e4 5719{
bd61e0a9 5720 struct file_lock *fl;
f9c00c3a
JL		 5721 int status = false;
5722 struct file *filp = find_any_file(fp);
5723 struct inode *inode;
bd61e0a9 5724 struct file_lock_context *flctx;
f9c00c3a
JL		 5725
5726 if (!filp) {
5727 /* Any valid lock stateid should have some sort of access */
5728 WARN_ON_ONCE(1);
5729 return status;
5730 }
5731
5732 inode = file_inode(filp);
bd61e0a9
JL		 5733 flctx = inode->i_flctx;
5734
5735 if (flctx && !list_empty_careful(&flctx->flc_posix)) {
6109c850 5736 spin_lock(&flctx->flc_lock);
bd61e0a9
JL		 5737 list_for_each_entry(fl, &flctx->flc_posix, fl_list) {
5738 if (fl->fl_owner == (fl_owner_t)lowner) {
5739 status = true;
5740 break;
5741 }
796dadfd 5742 }
6109c850 5743 spin_unlock(&flctx->flc_lock);
1da177e4 5744 }
f9c00c3a 5745 fput(filp);
1da177e4
LT		 5746 return status;
5747}
5748
b37ad28b 5749__be32
b591480b
BF		 5750nfsd4_release_lockowner(struct svc_rqst *rqstp,
5751 struct nfsd4_compound_state *cstate,
5752 struct nfsd4_release_lockowner *rlockowner)
1da177e4
LT		 5753{
5754 clientid_t *clid = &rlockowner->rl_clientid;
882e9d25
JL		 5755 struct nfs4_stateowner *sop;
5756 struct nfs4_lockowner *lo = NULL;
dcef0413 5757 struct nfs4_ol_stateid *stp;
1da177e4 5758 struct xdr_netobj *owner = &rlockowner->rl_owner;
d4f0489f 5759 unsigned int hashval = ownerstr_hashval(owner);
b37ad28b 5760 __be32 status;
7f2210fa 5761 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
c58c6610 5762 struct nfs4_client *clp;
1da177e4
LT		 5763
5764 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
5765 clid->cl_boot, clid->cl_id);
5766
4b24ca7d 5767 status = lookup_clientid(clid, cstate, nn);
9b2ef62b 5768 if (status)
51f5e783 5769 return status;
9b2ef62b 5770
d4f0489f 5771 clp = cstate->clp;
fd44907c 5772 /* Find the matching lock stateowner */
d4f0489f 5773 spin_lock(&clp->cl_lock);
882e9d25 5774 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval],
d4f0489f 5775 so_strhash) {
fd44907c 5776
882e9d25
JL		 5777 if (sop->so_is_open_owner || !same_owner_str(sop, owner))
5778 continue;
fd44907c 5779
882e9d25
JL		 5780 /* see if there are still any locks associated with it */
5781 lo = lockowner(sop);
5782 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) {
5783 if (check_for_locks(stp->st_stid.sc_file, lo)) {
5784 status = nfserr_locks_held;
5785 spin_unlock(&clp->cl_lock);
51f5e783 5786 return status;
882e9d25 5787 }
5adfd885 5788 }
882e9d25 5789
b5971afa 5790 nfs4_get_stateowner(sop);
882e9d25 5791 break;
1da177e4 5792 }
c58c6610 5793 spin_unlock(&clp->cl_lock);
882e9d25
JL		 5794 if (lo)
5795 release_lockowner(lo);
1da177e4
LT		 5796 return status;
5797}
5798
5799static inline struct nfs4_client_reclaim *
a55370a3 5800alloc_reclaim(void)
1da177e4 5801{
a55370a3 5802 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
1da177e4
LT		 5803}
5804
0ce0c2b5 5805bool
52e19c09 5806nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn)
c7b9a459 5807{
0ce0c2b5 5808 struct nfs4_client_reclaim *crp;
c7b9a459 5809
52e19c09 5810 crp = nfsd4_find_reclaim_client(name, nn);
0ce0c2b5 5811 return (crp && crp->cr_clp);
c7b9a459
N		 5812}
5813
1da177e4
LT		 5814/*
5815 * failure => all reset bets are off, nfserr_no_grace...
5816 */
772a9bbb 5817struct nfs4_client_reclaim *
52e19c09 5818nfs4_client_to_reclaim(const char *name, struct nfsd_net *nn)
1da177e4
LT		 5819{
5820 unsigned int strhashval;
772a9bbb 5821 struct nfs4_client_reclaim *crp;
1da177e4 5822
a55370a3
N		 5823 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
5824 crp = alloc_reclaim();
772a9bbb
JL		 5825 if (crp) {
5826 strhashval = clientstr_hashval(name);
5827 INIT_LIST_HEAD(&crp->cr_strhash);
52e19c09 5828 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]);
772a9bbb 5829 memcpy(crp->cr_recdir, name, HEXDIR_LEN);
0ce0c2b5 5830 crp->cr_clp = NULL;
52e19c09 5831 nn->reclaim_str_hashtbl_size++;
772a9bbb
JL		 5832 }
5833 return crp;
1da177e4
LT		 5834}
5835
ce30e539 5836void
52e19c09 5837nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn)
ce30e539
JL		 5838{
5839 list_del(&crp->cr_strhash);
5840 kfree(crp);
52e19c09 5841 nn->reclaim_str_hashtbl_size--;
ce30e539
JL		 5842}
5843
2a4317c5 5844void
52e19c09 5845nfs4_release_reclaim(struct nfsd_net *nn)
1da177e4
LT		 5846{
5847 struct nfs4_client_reclaim *crp = NULL;
5848 int i;
5849
1da177e4 5850 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
52e19c09
SK		 5851 while (!list_empty(&nn->reclaim_str_hashtbl[i])) {
5852 crp = list_entry(nn->reclaim_str_hashtbl[i].next,
1da177e4 5853 struct nfs4_client_reclaim, cr_strhash);
52e19c09 5854 nfs4_remove_reclaim_record(crp, nn);
1da177e4
LT		 5855 }
5856 }
063b0fb9 5857 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size);
1da177e4
LT		 5858}
5859
5860/*
5861 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
2a4317c5 5862struct nfs4_client_reclaim *
52e19c09 5863nfsd4_find_reclaim_client(const char *recdir, struct nfsd_net *nn)
1da177e4
LT		 5864{
5865 unsigned int strhashval;
1da177e4
LT		 5866 struct nfs4_client_reclaim *crp = NULL;
5867
278c931c 5868 dprintk("NFSD: nfs4_find_reclaim_client for recdir %s\n", recdir);
1da177e4 5869
278c931c 5870 strhashval = clientstr_hashval(recdir);
52e19c09 5871 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) {
278c931c 5872 if (same_name(crp->cr_recdir, recdir)) {
1da177e4
LT		 5873 return crp;
5874 }
5875 }
5876 return NULL;
5877}
5878
5879/*
5880* Called from OPEN. Look for clientid in reclaim list.
5881*/
b37ad28b 5882__be32
0fe492db
TM		 5883nfs4_check_open_reclaim(clientid_t *clid,
5884 struct nfsd4_compound_state *cstate,
5885 struct nfsd_net *nn)
1da177e4 5886{
0fe492db 5887 __be32 status;
a52d726b
JL		 5888
5889 /* find clientid in conf_id_hashtbl */
0fe492db
TM		 5890 status = lookup_clientid(clid, cstate, nn);
5891 if (status)
a52d726b
JL		 5892 return nfserr_reclaim_bad;
5893
3b3e7b72
JL		 5894 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags))
5895 return nfserr_no_grace;
5896
0fe492db
TM		 5897 if (nfsd4_client_record_check(cstate->clp))
5898 return nfserr_reclaim_bad;
5899
5900 return nfs_ok;
1da177e4
LT		 5901}
5902
65178db4 5903#ifdef CONFIG_NFSD_FAULT_INJECTION
016200c3
JL		 5904static inline void
5905put_client(struct nfs4_client *clp)
5906{
5907 atomic_dec(&clp->cl_refcount);
5908}
5909
285abdee
JL		 5910static struct nfs4_client *
5911nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size)
5912{
5913 struct nfs4_client *clp;
5914 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
5915 nfsd_net_id);
5916
5917 if (!nfsd_netns_ready(nn))
5918 return NULL;
5919
5920 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
5921 if (memcmp(&clp->cl_addr, addr, addr_size) == 0)
5922 return clp;
5923 }
5924 return NULL;
5925}
5926
7ec0e36f 5927u64
285abdee 5928nfsd_inject_print_clients(void)
7ec0e36f
JL		 5929{
5930 struct nfs4_client *clp;
5931 u64 count = 0;
5932 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
5933 nfsd_net_id);
5934 char buf[INET6_ADDRSTRLEN];
5935
5936 if (!nfsd_netns_ready(nn))
5937 return 0;
5938
5939 spin_lock(&nn->client_lock);
5940 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
5941 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
5942 pr_info("NFS Client: %s\n", buf);
5943 ++count;
5944 }
5945 spin_unlock(&nn->client_lock);
5946
5947 return count;
5948}
65178db4 5949
a0926d15 5950u64
285abdee 5951nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size)
a0926d15
JL		 5952{
5953 u64 count = 0;
5954 struct nfs4_client *clp;
5955 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
5956 nfsd_net_id);
5957
5958 if (!nfsd_netns_ready(nn))
5959 return count;
5960
5961 spin_lock(&nn->client_lock);
5962 clp = nfsd_find_client(addr, addr_size);
5963 if (clp) {
5964 if (mark_client_expired_locked(clp) == nfs_ok)
5965 ++count;
5966 else
5967 clp = NULL;
5968 }
5969 spin_unlock(&nn->client_lock);
5970
5971 if (clp)
5972 expire_client(clp);
5973
5974 return count;
5975}
5976
69fc9edf 5977u64
285abdee 5978nfsd_inject_forget_clients(u64 max)
69fc9edf
JL		 5979{
5980 u64 count = 0;
5981 struct nfs4_client *clp, *next;
5982 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
5983 nfsd_net_id);
5984 LIST_HEAD(reaplist);
5985
5986 if (!nfsd_netns_ready(nn))
5987 return count;
5988
5989 spin_lock(&nn->client_lock);
5990 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
5991 if (mark_client_expired_locked(clp) == nfs_ok) {
5992 list_add(&clp->cl_lru, &reaplist);
5993 if (max != 0 && ++count >= max)
5994 break;
5995 }
5996 }
5997 spin_unlock(&nn->client_lock);
5998
5999 list_for_each_entry_safe(clp, next, &reaplist, cl_lru)
6000 expire_client(clp);
6001
6002 return count;
6003}
6004
184c1847
BS		 6005static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
6006 const char *type)
6007{
6008 char buf[INET6_ADDRSTRLEN];
0a5c33e2 6009 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 6010 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
6011}
6012
016200c3
JL		 6013static void
6014nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst,
6015 struct list_head *collect)
6016{
6017 struct nfs4_client *clp = lst->st_stid.sc_client;
6018 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6019 nfsd_net_id);
6020
6021 if (!collect)
6022 return;
6023
6024 lockdep_assert_held(&nn->client_lock);
6025 atomic_inc(&clp->cl_refcount);
6026 list_add(&lst->st_locks, collect);
6027}
6028
3c87b9b7 6029static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max,
3738d50e 6030 struct list_head *collect,
e8568739 6031 bool (*func)(struct nfs4_ol_stateid *))
fc29171f
BS		 6032{
6033 struct nfs4_openowner *oop;
fc29171f 6034 struct nfs4_ol_stateid *stp, *st_next;
3c87b9b7 6035 struct nfs4_ol_stateid *lst, *lst_next;
fc29171f
BS		 6036 u64 count = 0;
6037
016200c3 6038 spin_lock(&clp->cl_lock);
fc29171f 6039 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) {
3c87b9b7
TM		 6040 list_for_each_entry_safe(stp, st_next,
6041 &oop->oo_owner.so_stateids, st_perstateowner) {
6042 list_for_each_entry_safe(lst, lst_next,
6043 &stp->st_locks, st_locks) {
3738d50e 6044 if (func) {
e8568739
JL		 6045 if (func(lst))
6046 nfsd_inject_add_lock_to_list(lst,
6047 collect);
3738d50e 6048 }
016200c3
JL		 6049 ++count;
6050 /*
6051 * Despite the fact that these functions deal
6052 * with 64-bit integers for "count", we must
6053 * ensure that it doesn't blow up the
6054 * clp->cl_refcount. Throw a warning if we
6055 * start to approach INT_MAX here.
6056 */
6057 WARN_ON_ONCE(count == (INT_MAX / 2));
6058 if (count == max)
6059 goto out;
fc29171f
BS		 6060 }
6061 }
6062 }
016200c3
JL		 6063out:
6064 spin_unlock(&clp->cl_lock);
fc29171f
BS		 6065
6066 return count;
6067}
6068
016200c3
JL		 6069static u64
6070nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect,
6071 u64 max)
fc29171f 6072{
016200c3 6073 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid);
fc29171f
BS		 6074}
6075
016200c3
JL		 6076static u64
6077nfsd_print_client_locks(struct nfs4_client *clp)
184c1847 6078{
016200c3 6079 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL);
184c1847
BS		 6080 nfsd_print_count(clp, count, "locked files");
6081 return count;
6082}
6083
016200c3 6084u64
285abdee 6085nfsd_inject_print_locks(void)
016200c3
JL		 6086{
6087 struct nfs4_client *clp;
6088 u64 count = 0;
6089 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6090 nfsd_net_id);
6091
6092 if (!nfsd_netns_ready(nn))
6093 return 0;
6094
6095 spin_lock(&nn->client_lock);
6096 list_for_each_entry(clp, &nn->client_lru, cl_lru)
6097 count += nfsd_print_client_locks(clp);
6098 spin_unlock(&nn->client_lock);
6099
6100 return count;
6101}
6102
6103static void
6104nfsd_reap_locks(struct list_head *reaplist)
6105{
6106 struct nfs4_client *clp;
6107 struct nfs4_ol_stateid *stp, *next;
6108
6109 list_for_each_entry_safe(stp, next, reaplist, st_locks) {
6110 list_del_init(&stp->st_locks);
6111 clp = stp->st_stid.sc_client;
6112 nfs4_put_stid(&stp->st_stid);
6113 put_client(clp);
6114 }
6115}
6116
6117u64
285abdee 6118nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size)
016200c3
JL		 6119{
6120 unsigned int count = 0;
6121 struct nfs4_client *clp;
6122 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6123 nfsd_net_id);
6124 LIST_HEAD(reaplist);
6125
6126 if (!nfsd_netns_ready(nn))
6127 return count;
6128
6129 spin_lock(&nn->client_lock);
6130 clp = nfsd_find_client(addr, addr_size);
6131 if (clp)
6132 count = nfsd_collect_client_locks(clp, &reaplist, 0);
6133 spin_unlock(&nn->client_lock);
6134 nfsd_reap_locks(&reaplist);
6135 return count;
6136}
6137
6138u64
285abdee 6139nfsd_inject_forget_locks(u64 max)
016200c3
JL		 6140{
6141 u64 count = 0;
6142 struct nfs4_client *clp;
6143 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6144 nfsd_net_id);
6145 LIST_HEAD(reaplist);
6146
6147 if (!nfsd_netns_ready(nn))
6148 return count;
6149
6150 spin_lock(&nn->client_lock);
6151 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6152 count += nfsd_collect_client_locks(clp, &reaplist, max - count);
6153 if (max != 0 && count >= max)
6154 break;
6155 }
6156 spin_unlock(&nn->client_lock);
6157 nfsd_reap_locks(&reaplist);
6158 return count;
6159}
6160
82e05efa
JL		 6161static u64
6162nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max,
6163 struct list_head *collect,
6164 void (*func)(struct nfs4_openowner *))
4dbdbda8
BS		 6165{
6166 struct nfs4_openowner *oop, *next;
82e05efa
JL		 6167 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6168 nfsd_net_id);
4dbdbda8
BS		 6169 u64 count = 0;
6170
82e05efa
JL		 6171 lockdep_assert_held(&nn->client_lock);
6172
6173 spin_lock(&clp->cl_lock);
4dbdbda8 6174 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) {
82e05efa 6175 if (func) {
4dbdbda8 6176 func(oop);
82e05efa
JL		 6177 if (collect) {
6178 atomic_inc(&clp->cl_refcount);
6179 list_add(&oop->oo_perclient, collect);
6180 }
6181 }
6182 ++count;
6183 /*
6184 * Despite the fact that these functions deal with
6185 * 64-bit integers for "count", we must ensure that
6186 * it doesn't blow up the clp->cl_refcount. Throw a
6187 * warning if we start to approach INT_MAX here.
6188 */
6189 WARN_ON_ONCE(count == (INT_MAX / 2));
6190 if (count == max)
4dbdbda8
BS		 6191 break;
6192 }
82e05efa
JL		 6193 spin_unlock(&clp->cl_lock);
6194
6195 return count;
6196}
6197
6198static u64
6199nfsd_print_client_openowners(struct nfs4_client *clp)
6200{
6201 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL);
6202
6203 nfsd_print_count(clp, count, "openowners");
6204 return count;
6205}
6206
6207static u64
6208nfsd_collect_client_openowners(struct nfs4_client *clp,
6209 struct list_head *collect, u64 max)
6210{
6211 return nfsd_foreach_client_openowner(clp, max, collect,
6212 unhash_openowner_locked);
6213}
6214
6215u64
285abdee 6216nfsd_inject_print_openowners(void)
82e05efa
JL		 6217{
6218 struct nfs4_client *clp;
6219 u64 count = 0;
6220 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6221 nfsd_net_id);
6222
6223 if (!nfsd_netns_ready(nn))
6224 return 0;
6225
6226 spin_lock(&nn->client_lock);
6227 list_for_each_entry(clp, &nn->client_lru, cl_lru)
6228 count += nfsd_print_client_openowners(clp);
6229 spin_unlock(&nn->client_lock);
4dbdbda8
BS		 6230
6231 return count;
6232}
6233
82e05efa
JL		 6234static void
6235nfsd_reap_openowners(struct list_head *reaplist)
6236{
6237 struct nfs4_client *clp;
6238 struct nfs4_openowner *oop, *next;
6239
6240 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) {
6241 list_del_init(&oop->oo_perclient);
6242 clp = oop->oo_owner.so_client;
6243 release_openowner(oop);
6244 put_client(clp);
6245 }
6246}
6247
6248u64
285abdee
JL		 6249nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr,
6250 size_t addr_size)
4dbdbda8 6251{
82e05efa
JL		 6252 unsigned int count = 0;
6253 struct nfs4_client *clp;
6254 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6255 nfsd_net_id);
6256 LIST_HEAD(reaplist);
6257
6258 if (!nfsd_netns_ready(nn))
6259 return count;
6260
6261 spin_lock(&nn->client_lock);
6262 clp = nfsd_find_client(addr, addr_size);
6263 if (clp)
6264 count = nfsd_collect_client_openowners(clp, &reaplist, 0);
6265 spin_unlock(&nn->client_lock);
6266 nfsd_reap_openowners(&reaplist);
6267 return count;
4dbdbda8
BS		 6268}
6269
82e05efa 6270u64
285abdee 6271nfsd_inject_forget_openowners(u64 max)
184c1847 6272{
82e05efa
JL		 6273 u64 count = 0;
6274 struct nfs4_client *clp;
6275 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6276 nfsd_net_id);
6277 LIST_HEAD(reaplist);
6278
6279 if (!nfsd_netns_ready(nn))
6280 return count;
6281
6282 spin_lock(&nn->client_lock);
6283 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6284 count += nfsd_collect_client_openowners(clp, &reaplist,
6285 max - count);
6286 if (max != 0 && count >= max)
6287 break;
6288 }
6289 spin_unlock(&nn->client_lock);
6290 nfsd_reap_openowners(&reaplist);
184c1847
BS		 6291 return count;
6292}
6293
269de30f
BS		 6294static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max,
6295 struct list_head *victims)
6296{
6297 struct nfs4_delegation *dp, *next;
98d5c7c5
JL		 6298 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6299 nfsd_net_id);
269de30f
BS		 6300 u64 count = 0;
6301
98d5c7c5
JL		 6302 lockdep_assert_held(&nn->client_lock);
6303
6304 spin_lock(&state_lock);
269de30f 6305 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) {
dff1399f
JL		 6306 if (victims) {
6307 /*
6308 * It's not safe to mess with delegations that have a
6309 * non-zero dl_time. They might have already been broken
6310 * and could be processed by the laundromat outside of
6311 * the state_lock. Just leave them be.
6312 */
6313 if (dp->dl_time != 0)
6314 continue;
6315
98d5c7c5 6316 atomic_inc(&clp->cl_refcount);
42690676
JL		 6317 unhash_delegation_locked(dp);
6318 list_add(&dp->dl_recall_lru, victims);
dff1399f 6319 }
98d5c7c5
JL		 6320 ++count;
6321 /*
6322 * Despite the fact that these functions deal with
6323 * 64-bit integers for "count", we must ensure that
6324 * it doesn't blow up the clp->cl_refcount. Throw a
6325 * warning if we start to approach INT_MAX here.
6326 */
6327 WARN_ON_ONCE(count == (INT_MAX / 2));
6328 if (count == max)
269de30f
BS		 6329 break;
6330 }
98d5c7c5 6331 spin_unlock(&state_lock);
269de30f
BS		 6332 return count;
6333}
6334
98d5c7c5
JL		 6335static u64
6336nfsd_print_client_delegations(struct nfs4_client *clp)
269de30f 6337{
98d5c7c5 6338 u64 count = nfsd_find_all_delegations(clp, 0, NULL);
269de30f 6339
98d5c7c5
JL		 6340 nfsd_print_count(clp, count, "delegations");
6341 return count;
6342}
6343
6344u64
285abdee 6345nfsd_inject_print_delegations(void)
98d5c7c5
JL		 6346{
6347 struct nfs4_client *clp;
6348 u64 count = 0;
6349 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6350 nfsd_net_id);
6351
6352 if (!nfsd_netns_ready(nn))
6353 return 0;
269de30f 6354
98d5c7c5
JL		 6355 spin_lock(&nn->client_lock);
6356 list_for_each_entry(clp, &nn->client_lru, cl_lru)
6357 count += nfsd_print_client_delegations(clp);
6358 spin_unlock(&nn->client_lock);
6359
6360 return count;
6361}
6362
6363static void
6364nfsd_forget_delegations(struct list_head *reaplist)
6365{
6366 struct nfs4_client *clp;
6367 struct nfs4_delegation *dp, *next;
6368
6369 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) {
2d4a532d 6370 list_del_init(&dp->dl_recall_lru);
98d5c7c5 6371 clp = dp->dl_stid.sc_client;
3bd64a5b 6372 revoke_delegation(dp);
98d5c7c5 6373 put_client(clp);
2d4a532d 6374 }
98d5c7c5
JL		 6375}
6376
6377u64
285abdee
JL		 6378nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr,
6379 size_t addr_size)
98d5c7c5
JL		 6380{
6381 u64 count = 0;
6382 struct nfs4_client *clp;
6383 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6384 nfsd_net_id);
6385 LIST_HEAD(reaplist);
6386
6387 if (!nfsd_netns_ready(nn))
6388 return count;
6389
6390 spin_lock(&nn->client_lock);
6391 clp = nfsd_find_client(addr, addr_size);
6392 if (clp)
6393 count = nfsd_find_all_delegations(clp, 0, &reaplist);
6394 spin_unlock(&nn->client_lock);
6395
6396 nfsd_forget_delegations(&reaplist);
6397 return count;
6398}
269de30f 6399
98d5c7c5 6400u64
285abdee 6401nfsd_inject_forget_delegations(u64 max)
98d5c7c5
JL		 6402{
6403 u64 count = 0;
6404 struct nfs4_client *clp;
6405 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6406 nfsd_net_id);
6407 LIST_HEAD(reaplist);
6408
6409 if (!nfsd_netns_ready(nn))
6410 return count;
6411
6412 spin_lock(&nn->client_lock);
6413 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
6414 count += nfsd_find_all_delegations(clp, max - count, &reaplist);
6415 if (max != 0 && count >= max)
6416 break;
6417 }
6418 spin_unlock(&nn->client_lock);
6419 nfsd_forget_delegations(&reaplist);
269de30f
BS		 6420 return count;
6421}
6422
98d5c7c5
JL		 6423static void
6424nfsd_recall_delegations(struct list_head *reaplist)
269de30f 6425{
98d5c7c5
JL		 6426 struct nfs4_client *clp;
6427 struct nfs4_delegation *dp, *next;
269de30f 6428
98d5c7c5 6429 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) {
dff1399f 6430 list_del_init(&dp->dl_recall_lru);
98d5c7c5
JL		 6431 clp = dp->dl_stid.sc_client;
6432 /*
6433 * We skipped all entries that had a zero dl_time before,
6434 * so we can now reset the dl_time back to 0. If a delegation
6435 * break comes in now, then it won't make any difference since
6436 * we're recalling it either way.
6437 */
6438 spin_lock(&state_lock);
dff1399f 6439 dp->dl_time = 0;
98d5c7c5 6440 spin_unlock(&state_lock);
269de30f 6441 nfsd_break_one_deleg(dp);
98d5c7c5 6442 put_client(clp);
dff1399f 6443 }
98d5c7c5 6444}
269de30f 6445
98d5c7c5 6446u64
285abdee 6447nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr,
98d5c7c5
JL		 6448 size_t addr_size)
6449{
6450 u64 count = 0;
6451 struct nfs4_client *clp;
6452 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6453 nfsd_net_id);
6454 LIST_HEAD(reaplist);
6455
6456 if (!nfsd_netns_ready(nn))
6457 return count;
6458
6459 spin_lock(&nn->client_lock);
6460 clp = nfsd_find_client(addr, addr_size);
6461 if (clp)
6462 count = nfsd_find_all_delegations(clp, 0, &reaplist);
6463 spin_unlock(&nn->client_lock);
6464
6465 nfsd_recall_delegations(&reaplist);
269de30f
BS		 6466 return count;
6467}
6468
98d5c7c5 6469u64
285abdee 6470nfsd_inject_recall_delegations(u64 max)
184c1847
BS		 6471{
6472 u64 count = 0;
98d5c7c5
JL		 6473 struct nfs4_client *clp, *next;
6474 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
6475 nfsd_net_id);
6476 LIST_HEAD(reaplist);
184c1847 6477
98d5c7c5
JL		 6478 if (!nfsd_netns_ready(nn))
6479 return count;
184c1847 6480
98d5c7c5
JL		 6481 spin_lock(&nn->client_lock);
6482 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
6483 count += nfsd_find_all_delegations(clp, max - count, &reaplist);
6484 if (max != 0 && ++count >= max)
6485 break;
6486 }
6487 spin_unlock(&nn->client_lock);
6488 nfsd_recall_delegations(&reaplist);
184c1847
BS		 6489 return count;
6490}
65178db4
BS		 6491#endif /* CONFIG_NFSD_FAULT_INJECTION */
6492
c2f1a551
MS		 6493/*
6494 * Since the lifetime of a delegation isn't limited to that of an open, a
6495 * client may quite reasonably hang on to a delegation as long as it has
6496 * the inode cached. This becomes an obvious problem the first time a
6497 * client's inode cache approaches the size of the server's total memory.
6498 *
6499 * For now we avoid this problem by imposing a hard limit on the number
6500 * of delegations, which varies according to the server's memory size.
6501 */
6502static void
6503set_max_delegations(void)
6504{
6505 /*
6506 * Allow at most 4 delegations per megabyte of RAM. Quick
6507 * estimates suggest that in the worst case (where every delegation
6508 * is for a different inode), a delegation could take about 1.5K,
6509 * giving a worst case usage of about 6% of memory.
6510 */
6511 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
6512}
6513
d85ed443 6514static int nfs4_state_create_net(struct net *net)
8daae4dc
SK		 6515{
6516 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
6517 int i;
6518
6519 nn->conf_id_hashtbl = kmalloc(sizeof(struct list_head) *
6520 CLIENT_HASH_SIZE, GFP_KERNEL);
6521 if (!nn->conf_id_hashtbl)
382a62e7 6522 goto err;
0a7ec377
SK		 6523 nn->unconf_id_hashtbl = kmalloc(sizeof(struct list_head) *
6524 CLIENT_HASH_SIZE, GFP_KERNEL);
6525 if (!nn->unconf_id_hashtbl)
6526 goto err_unconf_id;
1872de0e
SK		 6527 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) *
6528 SESSION_HASH_SIZE, GFP_KERNEL);
6529 if (!nn->sessionid_hashtbl)
6530 goto err_sessionid;
8daae4dc 6531
382a62e7 6532 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
8daae4dc 6533 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]);
0a7ec377 6534 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]);
382a62e7 6535 }
1872de0e
SK		 6536 for (i = 0; i < SESSION_HASH_SIZE; i++)
6537 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]);
382a62e7 6538 nn->conf_name_tree = RB_ROOT;
a99454aa 6539 nn->unconf_name_tree = RB_ROOT;
5ed58bb2 6540 INIT_LIST_HEAD(&nn->client_lru);
73758fed 6541 INIT_LIST_HEAD(&nn->close_lru);
e8c69d17 6542 INIT_LIST_HEAD(&nn->del_recall_lru);
c9a49628 6543 spin_lock_init(&nn->client_lock);
8daae4dc 6544
09121281 6545 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main);
d85ed443 6546 get_net(net);
09121281 6547
8daae4dc 6548 return 0;
382a62e7 6549
1872de0e 6550err_sessionid:
9b531137 6551 kfree(nn->unconf_id_hashtbl);
0a7ec377
SK		 6552err_unconf_id:
6553 kfree(nn->conf_id_hashtbl);
382a62e7
SK		 6554err:
6555 return -ENOMEM;
8daae4dc
SK		 6556}
6557
6558static void
4dce0ac9 6559nfs4_state_destroy_net(struct net *net)
8daae4dc
SK		 6560{
6561 int i;
6562 struct nfs4_client *clp = NULL;
6563 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
6564
6565 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
6566 while (!list_empty(&nn->conf_id_hashtbl[i])) {
6567 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
6568 destroy_client(clp);
6569 }
6570 }
a99454aa 6571
2b905635
KM		 6572 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
6573 while (!list_empty(&nn->unconf_id_hashtbl[i])) {
6574 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
6575 destroy_client(clp);
6576 }
a99454aa
SK		 6577 }
6578
1872de0e 6579 kfree(nn->sessionid_hashtbl);
0a7ec377 6580 kfree(nn->unconf_id_hashtbl);
8daae4dc 6581 kfree(nn->conf_id_hashtbl);
4dce0ac9 6582 put_net(net);
8daae4dc
SK		 6583}
6584
f252bc68 6585int
d85ed443 6586nfs4_state_start_net(struct net *net)
ac4d8ff2 6587{
5e1533c7 6588 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b5a1a81e
BF		 6589 int ret;
6590
d85ed443 6591 ret = nfs4_state_create_net(net);
8daae4dc
SK		 6592 if (ret)
6593 return ret;
2c142baa 6594 nn->boot_time = get_seconds();
a51c84ed 6595 nn->grace_ended = false;
c87fb4a3 6596 nn->nfsd4_manager.block_opens = true;
d4318acd
JL		 6597 locks_start_grace(net, &nn->nfsd4_manager);
6598 nfsd4_client_tracking_init(net);
d85ed443 6599 printk(KERN_INFO "NFSD: starting %ld-second grace period (net %p)\n",
5284b44e
SK		 6600 nn->nfsd4_grace, net);
6601 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ);
d85ed443
SK		 6602 return 0;
6603}
6604
6605/* initialization to perform when the nfsd service is started: */
6606
6607int
6608nfs4_state_start(void)
6609{
6610 int ret;
6611
b5a1a81e 6612 ret = set_callback_cred();
d85ed443
SK		 6613 if (ret)
6614 return -ENOMEM;
51a54568 6615 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4");
a6d6b781
JL		 6616 if (laundry_wq == NULL) {
6617 ret = -ENOMEM;
6618 goto out_recovery;
6619 }
b5a1a81e
BF		 6620 ret = nfsd4_create_callback_queue();
6621 if (ret)
6622 goto out_free_laundry;
09121281 6623
c2f1a551 6624 set_max_delegations();
d85ed443 6625
b5a1a81e 6626 return 0;
d85ed443 6627
b5a1a81e
BF		 6628out_free_laundry:
6629 destroy_workqueue(laundry_wq);
a6d6b781 6630out_recovery:
b5a1a81e 6631 return ret;
1da177e4
LT		 6632}
6633
f252bc68 6634void
4dce0ac9 6635nfs4_state_shutdown_net(struct net *net)
1da177e4 6636{
1da177e4 6637 struct nfs4_delegation *dp = NULL;
1da177e4 6638 struct list_head *pos, *next, reaplist;
4dce0ac9 6639 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 6640
4dce0ac9
SK		 6641 cancel_delayed_work_sync(&nn->laundromat_work);
6642 locks_end_grace(&nn->nfsd4_manager);
ac55fdc4 6643
1da177e4 6644 INIT_LIST_HEAD(&reaplist);
cdc97505 6645 spin_lock(&state_lock);
e8c69d17 6646 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 6647 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676
JL		 6648 unhash_delegation_locked(dp);
6649 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 6650 }
cdc97505 6651 spin_unlock(&state_lock);
1da177e4
LT		 6652 list_for_each_safe(pos, next, &reaplist) {
6653 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676 6654 list_del_init(&dp->dl_recall_lru);
8287f009 6655 put_clnt_odstate(dp->dl_clnt_odstate);
afbda402 6656 nfs4_put_deleg_lease(dp->dl_stid.sc_file);
6011695d 6657 nfs4_put_stid(&dp->dl_stid);
1da177e4
LT		 6658 }
6659
3320fef1 6660 nfsd4_client_tracking_exit(net);
4dce0ac9 6661 nfs4_state_destroy_net(net);
1da177e4
LT		 6662}
6663
6664void
6665nfs4_state_shutdown(void)
6666{
5e8d5c29 6667 destroy_workqueue(laundry_wq);
c3935e30 6668 nfsd4_destroy_callback_queue();
1da177e4 6669}
8b70484c
TM		 6670
6671static void
6672get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
6673{
37c593c5
TM		 6674 if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
6675 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
8b70484c
TM		 6676}
6677
6678static void
6679put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
6680{
37c593c5
TM		 6681 if (cstate->minorversion) {
6682 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
6683 SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
6684 }
6685}
6686
6687void
6688clear_current_stateid(struct nfsd4_compound_state *cstate)
6689{
6690 CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
8b70484c
TM		 6691}
6692
62cd4a59
TM		 6693/*
6694 * functions to set current state id
6695 */
9428fe1a
TM		 6696void
6697nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
6698{
6699 put_stateid(cstate, &odp->od_stateid);
6700}
6701
8b70484c
TM		 6702void
6703nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
6704{
6705 put_stateid(cstate, &open->op_stateid);
6706}
6707
62cd4a59
TM		 6708void
6709nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
6710{
6711 put_stateid(cstate, &close->cl_stateid);
6712}
6713
6714void
6715nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
6716{
6717 put_stateid(cstate, &lock->lk_resp_stateid);
6718}
6719
6720/*
6721 * functions to consume current state id
6722 */
1e97b519 6723
9428fe1a
TM		 6724void
6725nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
6726{
6727 get_stateid(cstate, &odp->od_stateid);
6728}
6729
6730void
6731nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
6732{
6733 get_stateid(cstate, &drp->dr_stateid);
6734}
6735
1e97b519
TM		 6736void
6737nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
6738{
6739 get_stateid(cstate, &fsp->fr_stateid);
6740}
6741
6742void
6743nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
6744{
6745 get_stateid(cstate, &setattr->sa_stateid);
6746}
6747
8b70484c
TM		 6748void
6749nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
6750{
6751 get_stateid(cstate, &close->cl_stateid);
6752}
6753
6754void
62cd4a59 6755nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
8b70484c 6756{
62cd4a59 6757 get_stateid(cstate, &locku->lu_stateid);
8b70484c 6758}
30813e27
TM		 6759
6760void
6761nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
6762{
6763 get_stateid(cstate, &read->rd_stateid);
6764}
6765
6766void
6767nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
6768{
6769 get_stateid(cstate, &write->wr_stateid);
6770}
Ubuntu Hirsute Linux kernel mirror