Root/
1 | #define MSNFS /* HACK HACK */ |
2 | /* |
3 | * File operations used by nfsd. Some of these have been ripped from |
4 | * other parts of the kernel because they weren't exported, others |
5 | * are partial duplicates with added or changed functionality. |
6 | * |
7 | * Note that several functions dget() the dentry upon which they want |
8 | * to act, most notably those that create directory entries. Response |
9 | * dentry's are dput()'d if necessary in the release callback. |
10 | * So if you notice code paths that apparently fail to dput() the |
11 | * dentry, don't worry--they have been taken care of. |
12 | * |
13 | * Copyright (C) 1995-1999 Olaf Kirch <okir@monad.swb.de> |
14 | * Zerocpy NFS support (C) 2002 Hirokazu Takahashi <taka@valinux.co.jp> |
15 | */ |
16 | |
17 | #include <linux/fs.h> |
18 | #include <linux/file.h> |
19 | #include <linux/splice.h> |
20 | #include <linux/fcntl.h> |
21 | #include <linux/namei.h> |
22 | #include <linux/delay.h> |
23 | #include <linux/fsnotify.h> |
24 | #include <linux/posix_acl_xattr.h> |
25 | #include <linux/xattr.h> |
26 | #include <linux/jhash.h> |
27 | #include <linux/ima.h> |
28 | #include <linux/slab.h> |
29 | #include <asm/uaccess.h> |
30 | #include <linux/exportfs.h> |
31 | #include <linux/writeback.h> |
32 | |
33 | #ifdef CONFIG_NFSD_V3 |
34 | #include "xdr3.h" |
35 | #endif /* CONFIG_NFSD_V3 */ |
36 | |
37 | #ifdef CONFIG_NFSD_V4 |
38 | #include <linux/nfs4_acl.h> |
39 | #include <linux/nfsd_idmap.h> |
40 | #endif /* CONFIG_NFSD_V4 */ |
41 | |
42 | #include "nfsd.h" |
43 | #include "vfs.h" |
44 | |
45 | #define NFSDDBG_FACILITY NFSDDBG_FILEOP |
46 | |
47 | |
48 | /* |
49 | * This is a cache of readahead params that help us choose the proper |
50 | * readahead strategy. Initially, we set all readahead parameters to 0 |
51 | * and let the VFS handle things. |
52 | * If you increase the number of cached files very much, you'll need to |
53 | * add a hash table here. |
54 | */ |
55 | struct raparms { |
56 | struct raparms *p_next; |
57 | unsigned int p_count; |
58 | ino_t p_ino; |
59 | dev_t p_dev; |
60 | int p_set; |
61 | struct file_ra_state p_ra; |
62 | unsigned int p_hindex; |
63 | }; |
64 | |
65 | struct raparm_hbucket { |
66 | struct raparms *pb_head; |
67 | spinlock_t pb_lock; |
68 | } ____cacheline_aligned_in_smp; |
69 | |
70 | #define RAPARM_HASH_BITS 4 |
71 | #define RAPARM_HASH_SIZE (1<<RAPARM_HASH_BITS) |
72 | #define RAPARM_HASH_MASK (RAPARM_HASH_SIZE-1) |
73 | static struct raparm_hbucket raparm_hash[RAPARM_HASH_SIZE]; |
74 | |
75 | /* |
76 | * Called from nfsd_lookup and encode_dirent. Check if we have crossed |
77 | * a mount point. |
78 | * Returns -EAGAIN or -ETIMEDOUT leaving *dpp and *expp unchanged, |
79 | * or nfs_ok having possibly changed *dpp and *expp |
80 | */ |
81 | int |
82 | nfsd_cross_mnt(struct svc_rqst *rqstp, struct dentry **dpp, |
83 | struct svc_export **expp) |
84 | { |
85 | struct svc_export *exp = *expp, *exp2 = NULL; |
86 | struct dentry *dentry = *dpp; |
87 | struct path path = {.mnt = mntget(exp->ex_path.mnt), |
88 | .dentry = dget(dentry)}; |
89 | int err = 0; |
90 | |
91 | while (d_mountpoint(path.dentry) && follow_down(&path)) |
92 | ; |
93 | |
94 | exp2 = rqst_exp_get_by_name(rqstp, &path); |
95 | if (IS_ERR(exp2)) { |
96 | err = PTR_ERR(exp2); |
97 | /* |
98 | * We normally allow NFS clients to continue |
99 | * "underneath" a mountpoint that is not exported. |
100 | * The exception is V4ROOT, where no traversal is ever |
101 | * allowed without an explicit export of the new |
102 | * directory. |
103 | */ |
104 | if (err == -ENOENT && !(exp->ex_flags & NFSEXP_V4ROOT)) |
105 | err = 0; |
106 | path_put(&path); |
107 | goto out; |
108 | } |
109 | if (nfsd_v4client(rqstp) || |
110 | (exp->ex_flags & NFSEXP_CROSSMOUNT) || EX_NOHIDE(exp2)) { |
111 | /* successfully crossed mount point */ |
112 | /* |
113 | * This is subtle: path.dentry is *not* on path.mnt |
114 | * at this point. The only reason we are safe is that |
115 | * original mnt is pinned down by exp, so we should |
116 | * put path *before* putting exp |
117 | */ |
118 | *dpp = path.dentry; |
119 | path.dentry = dentry; |
120 | *expp = exp2; |
121 | exp2 = exp; |
122 | } |
123 | path_put(&path); |
124 | exp_put(exp2); |
125 | out: |
126 | return err; |
127 | } |
128 | |
129 | static void follow_to_parent(struct path *path) |
130 | { |
131 | struct dentry *dp; |
132 | |
133 | while (path->dentry == path->mnt->mnt_root && follow_up(path)) |
134 | ; |
135 | dp = dget_parent(path->dentry); |
136 | dput(path->dentry); |
137 | path->dentry = dp; |
138 | } |
139 | |
140 | static int nfsd_lookup_parent(struct svc_rqst *rqstp, struct dentry *dparent, struct svc_export **exp, struct dentry **dentryp) |
141 | { |
142 | struct svc_export *exp2; |
143 | struct path path = {.mnt = mntget((*exp)->ex_path.mnt), |
144 | .dentry = dget(dparent)}; |
145 | |
146 | follow_to_parent(&path); |
147 | |
148 | exp2 = rqst_exp_parent(rqstp, &path); |
149 | if (PTR_ERR(exp2) == -ENOENT) { |
150 | *dentryp = dget(dparent); |
151 | } else if (IS_ERR(exp2)) { |
152 | path_put(&path); |
153 | return PTR_ERR(exp2); |
154 | } else { |
155 | *dentryp = dget(path.dentry); |
156 | exp_put(*exp); |
157 | *exp = exp2; |
158 | } |
159 | path_put(&path); |
160 | return 0; |
161 | } |
162 | |
163 | /* |
164 | * For nfsd purposes, we treat V4ROOT exports as though there was an |
165 | * export at *every* directory. |
166 | */ |
167 | int nfsd_mountpoint(struct dentry *dentry, struct svc_export *exp) |
168 | { |
169 | if (d_mountpoint(dentry)) |
170 | return 1; |
171 | if (!(exp->ex_flags & NFSEXP_V4ROOT)) |
172 | return 0; |
173 | return dentry->d_inode != NULL; |
174 | } |
175 | |
176 | __be32 |
177 | nfsd_lookup_dentry(struct svc_rqst *rqstp, struct svc_fh *fhp, |
178 | const char *name, unsigned int len, |
179 | struct svc_export **exp_ret, struct dentry **dentry_ret) |
180 | { |
181 | struct svc_export *exp; |
182 | struct dentry *dparent; |
183 | struct dentry *dentry; |
184 | __be32 err; |
185 | int host_err; |
186 | |
187 | dprintk("nfsd: nfsd_lookup(fh %s, %.*s)\n", SVCFH_fmt(fhp), len,name); |
188 | |
189 | /* Obtain dentry and export. */ |
190 | err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_EXEC); |
191 | if (err) |
192 | return err; |
193 | |
194 | dparent = fhp->fh_dentry; |
195 | exp = fhp->fh_export; |
196 | exp_get(exp); |
197 | |
198 | /* Lookup the name, but don't follow links */ |
199 | if (isdotent(name, len)) { |
200 | if (len==1) |
201 | dentry = dget(dparent); |
202 | else if (dparent != exp->ex_path.dentry) |
203 | dentry = dget_parent(dparent); |
204 | else if (!EX_NOHIDE(exp) && !nfsd_v4client(rqstp)) |
205 | dentry = dget(dparent); /* .. == . just like at / */ |
206 | else { |
207 | /* checking mountpoint crossing is very different when stepping up */ |
208 | host_err = nfsd_lookup_parent(rqstp, dparent, &exp, &dentry); |
209 | if (host_err) |
210 | goto out_nfserr; |
211 | } |
212 | } else { |
213 | fh_lock(fhp); |
214 | dentry = lookup_one_len(name, dparent, len); |
215 | host_err = PTR_ERR(dentry); |
216 | if (IS_ERR(dentry)) |
217 | goto out_nfserr; |
218 | /* |
219 | * check if we have crossed a mount point ... |
220 | */ |
221 | if (nfsd_mountpoint(dentry, exp)) { |
222 | if ((host_err = nfsd_cross_mnt(rqstp, &dentry, &exp))) { |
223 | dput(dentry); |
224 | goto out_nfserr; |
225 | } |
226 | } |
227 | } |
228 | *dentry_ret = dentry; |
229 | *exp_ret = exp; |
230 | return 0; |
231 | |
232 | out_nfserr: |
233 | exp_put(exp); |
234 | return nfserrno(host_err); |
235 | } |
236 | |
237 | /* |
238 | * Look up one component of a pathname. |
239 | * N.B. After this call _both_ fhp and resfh need an fh_put |
240 | * |
241 | * If the lookup would cross a mountpoint, and the mounted filesystem |
242 | * is exported to the client with NFSEXP_NOHIDE, then the lookup is |
243 | * accepted as it stands and the mounted directory is |
244 | * returned. Otherwise the covered directory is returned. |
245 | * NOTE: this mountpoint crossing is not supported properly by all |
246 | * clients and is explicitly disallowed for NFSv3 |
247 | * NeilBrown <neilb@cse.unsw.edu.au> |
248 | */ |
249 | __be32 |
250 | nfsd_lookup(struct svc_rqst *rqstp, struct svc_fh *fhp, const char *name, |
251 | unsigned int len, struct svc_fh *resfh) |
252 | { |
253 | struct svc_export *exp; |
254 | struct dentry *dentry; |
255 | __be32 err; |
256 | |
257 | err = nfsd_lookup_dentry(rqstp, fhp, name, len, &exp, &dentry); |
258 | if (err) |
259 | return err; |
260 | err = check_nfsd_access(exp, rqstp); |
261 | if (err) |
262 | goto out; |
263 | /* |
264 | * Note: we compose the file handle now, but as the |
265 | * dentry may be negative, it may need to be updated. |
266 | */ |
267 | err = fh_compose(resfh, exp, dentry, fhp); |
268 | if (!err && !dentry->d_inode) |
269 | err = nfserr_noent; |
270 | out: |
271 | dput(dentry); |
272 | exp_put(exp); |
273 | return err; |
274 | } |
275 | |
276 | /* |
277 | * Commit metadata changes to stable storage. |
278 | */ |
279 | static int |
280 | commit_metadata(struct svc_fh *fhp) |
281 | { |
282 | struct inode *inode = fhp->fh_dentry->d_inode; |
283 | const struct export_operations *export_ops = inode->i_sb->s_export_op; |
284 | int error = 0; |
285 | |
286 | if (!EX_ISSYNC(fhp->fh_export)) |
287 | return 0; |
288 | |
289 | if (export_ops->commit_metadata) { |
290 | error = export_ops->commit_metadata(inode); |
291 | } else { |
292 | struct writeback_control wbc = { |
293 | .sync_mode = WB_SYNC_ALL, |
294 | .nr_to_write = 0, /* metadata only */ |
295 | }; |
296 | |
297 | error = sync_inode(inode, &wbc); |
298 | } |
299 | |
300 | return error; |
301 | } |
302 | |
303 | /* |
304 | * Set various file attributes. |
305 | * N.B. After this call fhp needs an fh_put |
306 | */ |
307 | __be32 |
308 | nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap, |
309 | int check_guard, time_t guardtime) |
310 | { |
311 | struct dentry *dentry; |
312 | struct inode *inode; |
313 | int accmode = NFSD_MAY_SATTR; |
314 | int ftype = 0; |
315 | __be32 err; |
316 | int host_err; |
317 | int size_change = 0; |
318 | |
319 | if (iap->ia_valid & (ATTR_ATIME | ATTR_MTIME | ATTR_SIZE)) |
320 | accmode |= NFSD_MAY_WRITE|NFSD_MAY_OWNER_OVERRIDE; |
321 | if (iap->ia_valid & ATTR_SIZE) |
322 | ftype = S_IFREG; |
323 | |
324 | /* Get inode */ |
325 | err = fh_verify(rqstp, fhp, ftype, accmode); |
326 | if (err) |
327 | goto out; |
328 | |
329 | dentry = fhp->fh_dentry; |
330 | inode = dentry->d_inode; |
331 | |
332 | /* Ignore any mode updates on symlinks */ |
333 | if (S_ISLNK(inode->i_mode)) |
334 | iap->ia_valid &= ~ATTR_MODE; |
335 | |
336 | if (!iap->ia_valid) |
337 | goto out; |
338 | |
339 | /* |
340 | * NFSv2 does not differentiate between "set-[ac]time-to-now" |
341 | * which only requires access, and "set-[ac]time-to-X" which |
342 | * requires ownership. |
343 | * So if it looks like it might be "set both to the same time which |
344 | * is close to now", and if inode_change_ok fails, then we |
345 | * convert to "set to now" instead of "set to explicit time" |
346 | * |
347 | * We only call inode_change_ok as the last test as technically |
348 | * it is not an interface that we should be using. It is only |
349 | * valid if the filesystem does not define it's own i_op->setattr. |
350 | */ |
351 | #define BOTH_TIME_SET (ATTR_ATIME_SET | ATTR_MTIME_SET) |
352 | #define MAX_TOUCH_TIME_ERROR (30*60) |
353 | if ((iap->ia_valid & BOTH_TIME_SET) == BOTH_TIME_SET && |
354 | iap->ia_mtime.tv_sec == iap->ia_atime.tv_sec) { |
355 | /* |
356 | * Looks probable. |
357 | * |
358 | * Now just make sure time is in the right ballpark. |
359 | * Solaris, at least, doesn't seem to care what the time |
360 | * request is. We require it be within 30 minutes of now. |
361 | */ |
362 | time_t delta = iap->ia_atime.tv_sec - get_seconds(); |
363 | if (delta < 0) |
364 | delta = -delta; |
365 | if (delta < MAX_TOUCH_TIME_ERROR && |
366 | inode_change_ok(inode, iap) != 0) { |
367 | /* |
368 | * Turn off ATTR_[AM]TIME_SET but leave ATTR_[AM]TIME. |
369 | * This will cause notify_change to set these times |
370 | * to "now" |
371 | */ |
372 | iap->ia_valid &= ~BOTH_TIME_SET; |
373 | } |
374 | } |
375 | |
376 | /* |
377 | * The size case is special. |
378 | * It changes the file as well as the attributes. |
379 | */ |
380 | if (iap->ia_valid & ATTR_SIZE) { |
381 | if (iap->ia_size < inode->i_size) { |
382 | err = nfsd_permission(rqstp, fhp->fh_export, dentry, |
383 | NFSD_MAY_TRUNC|NFSD_MAY_OWNER_OVERRIDE); |
384 | if (err) |
385 | goto out; |
386 | } |
387 | |
388 | /* |
389 | * If we are changing the size of the file, then |
390 | * we need to break all leases. |
391 | */ |
392 | host_err = break_lease(inode, O_WRONLY | O_NONBLOCK); |
393 | if (host_err == -EWOULDBLOCK) |
394 | host_err = -ETIMEDOUT; |
395 | if (host_err) /* ENOMEM or EWOULDBLOCK */ |
396 | goto out_nfserr; |
397 | |
398 | host_err = get_write_access(inode); |
399 | if (host_err) |
400 | goto out_nfserr; |
401 | |
402 | size_change = 1; |
403 | host_err = locks_verify_truncate(inode, NULL, iap->ia_size); |
404 | if (host_err) { |
405 | put_write_access(inode); |
406 | goto out_nfserr; |
407 | } |
408 | } |
409 | |
410 | /* sanitize the mode change */ |
411 | if (iap->ia_valid & ATTR_MODE) { |
412 | iap->ia_mode &= S_IALLUGO; |
413 | iap->ia_mode |= (inode->i_mode & ~S_IALLUGO); |
414 | } |
415 | |
416 | /* Revoke setuid/setgid on chown */ |
417 | if (!S_ISDIR(inode->i_mode) && |
418 | (((iap->ia_valid & ATTR_UID) && iap->ia_uid != inode->i_uid) || |
419 | ((iap->ia_valid & ATTR_GID) && iap->ia_gid != inode->i_gid))) { |
420 | iap->ia_valid |= ATTR_KILL_PRIV; |
421 | if (iap->ia_valid & ATTR_MODE) { |
422 | /* we're setting mode too, just clear the s*id bits */ |
423 | iap->ia_mode &= ~S_ISUID; |
424 | if (iap->ia_mode & S_IXGRP) |
425 | iap->ia_mode &= ~S_ISGID; |
426 | } else { |
427 | /* set ATTR_KILL_* bits and let VFS handle it */ |
428 | iap->ia_valid |= (ATTR_KILL_SUID | ATTR_KILL_SGID); |
429 | } |
430 | } |
431 | |
432 | /* Change the attributes. */ |
433 | |
434 | iap->ia_valid |= ATTR_CTIME; |
435 | |
436 | err = nfserr_notsync; |
437 | if (!check_guard || guardtime == inode->i_ctime.tv_sec) { |
438 | fh_lock(fhp); |
439 | host_err = notify_change(dentry, iap); |
440 | err = nfserrno(host_err); |
441 | fh_unlock(fhp); |
442 | } |
443 | if (size_change) |
444 | put_write_access(inode); |
445 | if (!err) |
446 | if (EX_ISSYNC(fhp->fh_export)) |
447 | write_inode_now(inode, 1); |
448 | out: |
449 | return err; |
450 | |
451 | out_nfserr: |
452 | err = nfserrno(host_err); |
453 | goto out; |
454 | } |
455 | |
456 | #if defined(CONFIG_NFSD_V2_ACL) || \ |
457 | defined(CONFIG_NFSD_V3_ACL) || \ |
458 | defined(CONFIG_NFSD_V4) |
459 | static ssize_t nfsd_getxattr(struct dentry *dentry, char *key, void **buf) |
460 | { |
461 | ssize_t buflen; |
462 | ssize_t ret; |
463 | |
464 | buflen = vfs_getxattr(dentry, key, NULL, 0); |
465 | if (buflen <= 0) |
466 | return buflen; |
467 | |
468 | *buf = kmalloc(buflen, GFP_KERNEL); |
469 | if (!*buf) |
470 | return -ENOMEM; |
471 | |
472 | ret = vfs_getxattr(dentry, key, *buf, buflen); |
473 | if (ret < 0) |
474 | kfree(*buf); |
475 | return ret; |
476 | } |
477 | #endif |
478 | |
479 | #if defined(CONFIG_NFSD_V4) |
480 | static int |
481 | set_nfsv4_acl_one(struct dentry *dentry, struct posix_acl *pacl, char *key) |
482 | { |
483 | int len; |
484 | size_t buflen; |
485 | char *buf = NULL; |
486 | int error = 0; |
487 | |
488 | buflen = posix_acl_xattr_size(pacl->a_count); |
489 | buf = kmalloc(buflen, GFP_KERNEL); |
490 | error = -ENOMEM; |
491 | if (buf == NULL) |
492 | goto out; |
493 | |
494 | len = posix_acl_to_xattr(pacl, buf, buflen); |
495 | if (len < 0) { |
496 | error = len; |
497 | goto out; |
498 | } |
499 | |
500 | error = vfs_setxattr(dentry, key, buf, len, 0); |
501 | out: |
502 | kfree(buf); |
503 | return error; |
504 | } |
505 | |
506 | __be32 |
507 | nfsd4_set_nfs4_acl(struct svc_rqst *rqstp, struct svc_fh *fhp, |
508 | struct nfs4_acl *acl) |
509 | { |
510 | __be32 error; |
511 | int host_error; |
512 | struct dentry *dentry; |
513 | struct inode *inode; |
514 | struct posix_acl *pacl = NULL, *dpacl = NULL; |
515 | unsigned int flags = 0; |
516 | |
517 | /* Get inode */ |
518 | error = fh_verify(rqstp, fhp, 0 /* S_IFREG */, NFSD_MAY_SATTR); |
519 | if (error) |
520 | return error; |
521 | |
522 | dentry = fhp->fh_dentry; |
523 | inode = dentry->d_inode; |
524 | if (S_ISDIR(inode->i_mode)) |
525 | flags = NFS4_ACL_DIR; |
526 | |
527 | host_error = nfs4_acl_nfsv4_to_posix(acl, &pacl, &dpacl, flags); |
528 | if (host_error == -EINVAL) { |
529 | return nfserr_attrnotsupp; |
530 | } else if (host_error < 0) |
531 | goto out_nfserr; |
532 | |
533 | host_error = set_nfsv4_acl_one(dentry, pacl, POSIX_ACL_XATTR_ACCESS); |
534 | if (host_error < 0) |
535 | goto out_release; |
536 | |
537 | if (S_ISDIR(inode->i_mode)) |
538 | host_error = set_nfsv4_acl_one(dentry, dpacl, POSIX_ACL_XATTR_DEFAULT); |
539 | |
540 | out_release: |
541 | posix_acl_release(pacl); |
542 | posix_acl_release(dpacl); |
543 | out_nfserr: |
544 | if (host_error == -EOPNOTSUPP) |
545 | return nfserr_attrnotsupp; |
546 | else |
547 | return nfserrno(host_error); |
548 | } |
549 | |
550 | static struct posix_acl * |
551 | _get_posix_acl(struct dentry *dentry, char *key) |
552 | { |
553 | void *buf = NULL; |
554 | struct posix_acl *pacl = NULL; |
555 | int buflen; |
556 | |
557 | buflen = nfsd_getxattr(dentry, key, &buf); |
558 | if (!buflen) |
559 | buflen = -ENODATA; |
560 | if (buflen <= 0) |
561 | return ERR_PTR(buflen); |
562 | |
563 | pacl = posix_acl_from_xattr(buf, buflen); |
564 | kfree(buf); |
565 | return pacl; |
566 | } |
567 | |
568 | int |
569 | nfsd4_get_nfs4_acl(struct svc_rqst *rqstp, struct dentry *dentry, struct nfs4_acl **acl) |
570 | { |
571 | struct inode *inode = dentry->d_inode; |
572 | int error = 0; |
573 | struct posix_acl *pacl = NULL, *dpacl = NULL; |
574 | unsigned int flags = 0; |
575 | |
576 | pacl = _get_posix_acl(dentry, POSIX_ACL_XATTR_ACCESS); |
577 | if (IS_ERR(pacl) && PTR_ERR(pacl) == -ENODATA) |
578 | pacl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); |
579 | if (IS_ERR(pacl)) { |
580 | error = PTR_ERR(pacl); |
581 | pacl = NULL; |
582 | goto out; |
583 | } |
584 | |
585 | if (S_ISDIR(inode->i_mode)) { |
586 | dpacl = _get_posix_acl(dentry, POSIX_ACL_XATTR_DEFAULT); |
587 | if (IS_ERR(dpacl) && PTR_ERR(dpacl) == -ENODATA) |
588 | dpacl = NULL; |
589 | else if (IS_ERR(dpacl)) { |
590 | error = PTR_ERR(dpacl); |
591 | dpacl = NULL; |
592 | goto out; |
593 | } |
594 | flags = NFS4_ACL_DIR; |
595 | } |
596 | |
597 | *acl = nfs4_acl_posix_to_nfsv4(pacl, dpacl, flags); |
598 | if (IS_ERR(*acl)) { |
599 | error = PTR_ERR(*acl); |
600 | *acl = NULL; |
601 | } |
602 | out: |
603 | posix_acl_release(pacl); |
604 | posix_acl_release(dpacl); |
605 | return error; |
606 | } |
607 | |
608 | #endif /* defined(CONFIG_NFS_V4) */ |
609 | |
610 | #ifdef CONFIG_NFSD_V3 |
611 | /* |
612 | * Check server access rights to a file system object |
613 | */ |
614 | struct accessmap { |
615 | u32 access; |
616 | int how; |
617 | }; |
618 | static struct accessmap nfs3_regaccess[] = { |
619 | { NFS3_ACCESS_READ, NFSD_MAY_READ }, |
620 | { NFS3_ACCESS_EXECUTE, NFSD_MAY_EXEC }, |
621 | { NFS3_ACCESS_MODIFY, NFSD_MAY_WRITE|NFSD_MAY_TRUNC }, |
622 | { NFS3_ACCESS_EXTEND, NFSD_MAY_WRITE }, |
623 | |
624 | { 0, 0 } |
625 | }; |
626 | |
627 | static struct accessmap nfs3_diraccess[] = { |
628 | { NFS3_ACCESS_READ, NFSD_MAY_READ }, |
629 | { NFS3_ACCESS_LOOKUP, NFSD_MAY_EXEC }, |
630 | { NFS3_ACCESS_MODIFY, NFSD_MAY_EXEC|NFSD_MAY_WRITE|NFSD_MAY_TRUNC}, |
631 | { NFS3_ACCESS_EXTEND, NFSD_MAY_EXEC|NFSD_MAY_WRITE }, |
632 | { NFS3_ACCESS_DELETE, NFSD_MAY_REMOVE }, |
633 | |
634 | { 0, 0 } |
635 | }; |
636 | |
637 | static struct accessmap nfs3_anyaccess[] = { |
638 | /* Some clients - Solaris 2.6 at least, make an access call |
639 | * to the server to check for access for things like /dev/null |
640 | * (which really, the server doesn't care about). So |
641 | * We provide simple access checking for them, looking |
642 | * mainly at mode bits, and we make sure to ignore read-only |
643 | * filesystem checks |
644 | */ |
645 | { NFS3_ACCESS_READ, NFSD_MAY_READ }, |
646 | { NFS3_ACCESS_EXECUTE, NFSD_MAY_EXEC }, |
647 | { NFS3_ACCESS_MODIFY, NFSD_MAY_WRITE|NFSD_MAY_LOCAL_ACCESS }, |
648 | { NFS3_ACCESS_EXTEND, NFSD_MAY_WRITE|NFSD_MAY_LOCAL_ACCESS }, |
649 | |
650 | { 0, 0 } |
651 | }; |
652 | |
653 | __be32 |
654 | nfsd_access(struct svc_rqst *rqstp, struct svc_fh *fhp, u32 *access, u32 *supported) |
655 | { |
656 | struct accessmap *map; |
657 | struct svc_export *export; |
658 | struct dentry *dentry; |
659 | u32 query, result = 0, sresult = 0; |
660 | __be32 error; |
661 | |
662 | error = fh_verify(rqstp, fhp, 0, NFSD_MAY_NOP); |
663 | if (error) |
664 | goto out; |
665 | |
666 | export = fhp->fh_export; |
667 | dentry = fhp->fh_dentry; |
668 | |
669 | if (S_ISREG(dentry->d_inode->i_mode)) |
670 | map = nfs3_regaccess; |
671 | else if (S_ISDIR(dentry->d_inode->i_mode)) |
672 | map = nfs3_diraccess; |
673 | else |
674 | map = nfs3_anyaccess; |
675 | |
676 | |
677 | query = *access; |
678 | for (; map->access; map++) { |
679 | if (map->access & query) { |
680 | __be32 err2; |
681 | |
682 | sresult |= map->access; |
683 | |
684 | err2 = nfsd_permission(rqstp, export, dentry, map->how); |
685 | switch (err2) { |
686 | case nfs_ok: |
687 | result |= map->access; |
688 | break; |
689 | |
690 | /* the following error codes just mean the access was not allowed, |
691 | * rather than an error occurred */ |
692 | case nfserr_rofs: |
693 | case nfserr_acces: |
694 | case nfserr_perm: |
695 | /* simply don't "or" in the access bit. */ |
696 | break; |
697 | default: |
698 | error = err2; |
699 | goto out; |
700 | } |
701 | } |
702 | } |
703 | *access = result; |
704 | if (supported) |
705 | *supported = sresult; |
706 | |
707 | out: |
708 | return error; |
709 | } |
710 | #endif /* CONFIG_NFSD_V3 */ |
711 | |
712 | |
713 | |
714 | /* |
715 | * Open an existing file or directory. |
716 | * The access argument indicates the type of open (read/write/lock) |
717 | * N.B. After this call fhp needs an fh_put |
718 | */ |
719 | __be32 |
720 | nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, |
721 | int access, struct file **filp) |
722 | { |
723 | struct dentry *dentry; |
724 | struct inode *inode; |
725 | int flags = O_RDONLY|O_LARGEFILE; |
726 | __be32 err; |
727 | int host_err; |
728 | |
729 | validate_process_creds(); |
730 | |
731 | /* |
732 | * If we get here, then the client has already done an "open", |
733 | * and (hopefully) checked permission - so allow OWNER_OVERRIDE |
734 | * in case a chmod has now revoked permission. |
735 | */ |
736 | err = fh_verify(rqstp, fhp, type, access | NFSD_MAY_OWNER_OVERRIDE); |
737 | if (err) |
738 | goto out; |
739 | |
740 | dentry = fhp->fh_dentry; |
741 | inode = dentry->d_inode; |
742 | |
743 | /* Disallow write access to files with the append-only bit set |
744 | * or any access when mandatory locking enabled |
745 | */ |
746 | err = nfserr_perm; |
747 | if (IS_APPEND(inode) && (access & NFSD_MAY_WRITE)) |
748 | goto out; |
749 | /* |
750 | * We must ignore files (but only files) which might have mandatory |
751 | * locks on them because there is no way to know if the accesser has |
752 | * the lock. |
753 | */ |
754 | if (S_ISREG((inode)->i_mode) && mandatory_lock(inode)) |
755 | goto out; |
756 | |
757 | if (!inode->i_fop) |
758 | goto out; |
759 | |
760 | /* |
761 | * Check to see if there are any leases on this file. |
762 | * This may block while leases are broken. |
763 | */ |
764 | host_err = break_lease(inode, O_NONBLOCK | ((access & NFSD_MAY_WRITE) ? O_WRONLY : 0)); |
765 | if (host_err == -EWOULDBLOCK) |
766 | host_err = -ETIMEDOUT; |
767 | if (host_err) /* NOMEM or WOULDBLOCK */ |
768 | goto out_nfserr; |
769 | |
770 | if (access & NFSD_MAY_WRITE) { |
771 | if (access & NFSD_MAY_READ) |
772 | flags = O_RDWR|O_LARGEFILE; |
773 | else |
774 | flags = O_WRONLY|O_LARGEFILE; |
775 | } |
776 | *filp = dentry_open(dget(dentry), mntget(fhp->fh_export->ex_path.mnt), |
777 | flags, current_cred()); |
778 | if (IS_ERR(*filp)) |
779 | host_err = PTR_ERR(*filp); |
780 | else |
781 | host_err = ima_file_check(*filp, access); |
782 | out_nfserr: |
783 | err = nfserrno(host_err); |
784 | out: |
785 | validate_process_creds(); |
786 | return err; |
787 | } |
788 | |
789 | /* |
790 | * Close a file. |
791 | */ |
792 | void |
793 | nfsd_close(struct file *filp) |
794 | { |
795 | fput(filp); |
796 | } |
797 | |
798 | /* |
799 | * Obtain the readahead parameters for the file |
800 | * specified by (dev, ino). |
801 | */ |
802 | |
803 | static inline struct raparms * |
804 | nfsd_get_raparms(dev_t dev, ino_t ino) |
805 | { |
806 | struct raparms *ra, **rap, **frap = NULL; |
807 | int depth = 0; |
808 | unsigned int hash; |
809 | struct raparm_hbucket *rab; |
810 | |
811 | hash = jhash_2words(dev, ino, 0xfeedbeef) & RAPARM_HASH_MASK; |
812 | rab = &raparm_hash[hash]; |
813 | |
814 | spin_lock(&rab->pb_lock); |
815 | for (rap = &rab->pb_head; (ra = *rap); rap = &ra->p_next) { |
816 | if (ra->p_ino == ino && ra->p_dev == dev) |
817 | goto found; |
818 | depth++; |
819 | if (ra->p_count == 0) |
820 | frap = rap; |
821 | } |
822 | depth = nfsdstats.ra_size*11/10; |
823 | if (!frap) { |
824 | spin_unlock(&rab->pb_lock); |
825 | return NULL; |
826 | } |
827 | rap = frap; |
828 | ra = *frap; |
829 | ra->p_dev = dev; |
830 | ra->p_ino = ino; |
831 | ra->p_set = 0; |
832 | ra->p_hindex = hash; |
833 | found: |
834 | if (rap != &rab->pb_head) { |
835 | *rap = ra->p_next; |
836 | ra->p_next = rab->pb_head; |
837 | rab->pb_head = ra; |
838 | } |
839 | ra->p_count++; |
840 | nfsdstats.ra_depth[depth*10/nfsdstats.ra_size]++; |
841 | spin_unlock(&rab->pb_lock); |
842 | return ra; |
843 | } |
844 | |
845 | /* |
846 | * Grab and keep cached pages associated with a file in the svc_rqst |
847 | * so that they can be passed to the network sendmsg/sendpage routines |
848 | * directly. They will be released after the sending has completed. |
849 | */ |
850 | static int |
851 | nfsd_splice_actor(struct pipe_inode_info *pipe, struct pipe_buffer *buf, |
852 | struct splice_desc *sd) |
853 | { |
854 | struct svc_rqst *rqstp = sd->u.data; |
855 | struct page **pp = rqstp->rq_respages + rqstp->rq_resused; |
856 | struct page *page = buf->page; |
857 | size_t size; |
858 | int ret; |
859 | |
860 | ret = buf->ops->confirm(pipe, buf); |
861 | if (unlikely(ret)) |
862 | return ret; |
863 | |
864 | size = sd->len; |
865 | |
866 | if (rqstp->rq_res.page_len == 0) { |
867 | get_page(page); |
868 | put_page(*pp); |
869 | *pp = page; |
870 | rqstp->rq_resused++; |
871 | rqstp->rq_res.page_base = buf->offset; |
872 | rqstp->rq_res.page_len = size; |
873 | } else if (page != pp[-1]) { |
874 | get_page(page); |
875 | if (*pp) |
876 | put_page(*pp); |
877 | *pp = page; |
878 | rqstp->rq_resused++; |
879 | rqstp->rq_res.page_len += size; |
880 | } else |
881 | rqstp->rq_res.page_len += size; |
882 | |
883 | return size; |
884 | } |
885 | |
886 | static int nfsd_direct_splice_actor(struct pipe_inode_info *pipe, |
887 | struct splice_desc *sd) |
888 | { |
889 | return __splice_from_pipe(pipe, sd, nfsd_splice_actor); |
890 | } |
891 | |
892 | static inline int svc_msnfs(struct svc_fh *ffhp) |
893 | { |
894 | #ifdef MSNFS |
895 | return (ffhp->fh_export->ex_flags & NFSEXP_MSNFS); |
896 | #else |
897 | return 0; |
898 | #endif |
899 | } |
900 | |
901 | static __be32 |
902 | nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, |
903 | loff_t offset, struct kvec *vec, int vlen, unsigned long *count) |
904 | { |
905 | struct inode *inode; |
906 | struct raparms *ra; |
907 | mm_segment_t oldfs; |
908 | __be32 err; |
909 | int host_err; |
910 | |
911 | err = nfserr_perm; |
912 | inode = file->f_path.dentry->d_inode; |
913 | |
914 | if (svc_msnfs(fhp) && !lock_may_read(inode, offset, *count)) |
915 | goto out; |
916 | |
917 | /* Get readahead parameters */ |
918 | ra = nfsd_get_raparms(inode->i_sb->s_dev, inode->i_ino); |
919 | |
920 | if (ra && ra->p_set) |
921 | file->f_ra = ra->p_ra; |
922 | |
923 | if (file->f_op->splice_read && rqstp->rq_splice_ok) { |
924 | struct splice_desc sd = { |
925 | .len = 0, |
926 | .total_len = *count, |
927 | .pos = offset, |
928 | .u.data = rqstp, |
929 | }; |
930 | |
931 | rqstp->rq_resused = 1; |
932 | host_err = splice_direct_to_actor(file, &sd, nfsd_direct_splice_actor); |
933 | } else { |
934 | oldfs = get_fs(); |
935 | set_fs(KERNEL_DS); |
936 | host_err = vfs_readv(file, (struct iovec __user *)vec, vlen, &offset); |
937 | set_fs(oldfs); |
938 | } |
939 | |
940 | /* Write back readahead params */ |
941 | if (ra) { |
942 | struct raparm_hbucket *rab = &raparm_hash[ra->p_hindex]; |
943 | spin_lock(&rab->pb_lock); |
944 | ra->p_ra = file->f_ra; |
945 | ra->p_set = 1; |
946 | ra->p_count--; |
947 | spin_unlock(&rab->pb_lock); |
948 | } |
949 | |
950 | if (host_err >= 0) { |
951 | nfsdstats.io_read += host_err; |
952 | *count = host_err; |
953 | err = 0; |
954 | fsnotify_access(file->f_path.dentry); |
955 | } else |
956 | err = nfserrno(host_err); |
957 | out: |
958 | return err; |
959 | } |
960 | |
961 | static void kill_suid(struct dentry *dentry) |
962 | { |
963 | struct iattr ia; |
964 | ia.ia_valid = ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; |
965 | |
966 | mutex_lock(&dentry->d_inode->i_mutex); |
967 | notify_change(dentry, &ia); |
968 | mutex_unlock(&dentry->d_inode->i_mutex); |
969 | } |
970 | |
971 | /* |
972 | * Gathered writes: If another process is currently writing to the file, |
973 | * there's a high chance this is another nfsd (triggered by a bulk write |
974 | * from a client's biod). Rather than syncing the file with each write |
975 | * request, we sleep for 10 msec. |
976 | * |
977 | * I don't know if this roughly approximates C. Juszak's idea of |
978 | * gathered writes, but it's a nice and simple solution (IMHO), and it |
979 | * seems to work:-) |
980 | * |
981 | * Note: we do this only in the NFSv2 case, since v3 and higher have a |
982 | * better tool (separate unstable writes and commits) for solving this |
983 | * problem. |
984 | */ |
985 | static int wait_for_concurrent_writes(struct file *file) |
986 | { |
987 | struct inode *inode = file->f_path.dentry->d_inode; |
988 | static ino_t last_ino; |
989 | static dev_t last_dev; |
990 | int err = 0; |
991 | |
992 | if (atomic_read(&inode->i_writecount) > 1 |
993 | || (last_ino == inode->i_ino && last_dev == inode->i_sb->s_dev)) { |
994 | dprintk("nfsd: write defer %d\n", task_pid_nr(current)); |
995 | msleep(10); |
996 | dprintk("nfsd: write resume %d\n", task_pid_nr(current)); |
997 | } |
998 | |
999 | if (inode->i_state & I_DIRTY) { |
1000 | dprintk("nfsd: write sync %d\n", task_pid_nr(current)); |
1001 | err = vfs_fsync(file, file->f_path.dentry, 0); |
1002 | } |
1003 | last_ino = inode->i_ino; |
1004 | last_dev = inode->i_sb->s_dev; |
1005 | return err; |
1006 | } |
1007 | |
1008 | static __be32 |
1009 | nfsd_vfs_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, |
1010 | loff_t offset, struct kvec *vec, int vlen, |
1011 | unsigned long *cnt, int *stablep) |
1012 | { |
1013 | struct svc_export *exp; |
1014 | struct dentry *dentry; |
1015 | struct inode *inode; |
1016 | mm_segment_t oldfs; |
1017 | __be32 err = 0; |
1018 | int host_err; |
1019 | int stable = *stablep; |
1020 | int use_wgather; |
1021 | |
1022 | #ifdef MSNFS |
1023 | err = nfserr_perm; |
1024 | |
1025 | if ((fhp->fh_export->ex_flags & NFSEXP_MSNFS) && |
1026 | (!lock_may_write(file->f_path.dentry->d_inode, offset, *cnt))) |
1027 | goto out; |
1028 | #endif |
1029 | |
1030 | dentry = file->f_path.dentry; |
1031 | inode = dentry->d_inode; |
1032 | exp = fhp->fh_export; |
1033 | |
1034 | /* |
1035 | * Request sync writes if |
1036 | * - the sync export option has been set, or |
1037 | * - the client requested O_SYNC behavior (NFSv3 feature). |
1038 | * - The file system doesn't support fsync(). |
1039 | * When NFSv2 gathered writes have been configured for this volume, |
1040 | * flushing the data to disk is handled separately below. |
1041 | */ |
1042 | use_wgather = (rqstp->rq_vers == 2) && EX_WGATHER(exp); |
1043 | |
1044 | if (!file->f_op->fsync) {/* COMMIT3 cannot work */ |
1045 | stable = 2; |
1046 | *stablep = 2; /* FILE_SYNC */ |
1047 | } |
1048 | |
1049 | if (!EX_ISSYNC(exp)) |
1050 | stable = 0; |
1051 | if (stable && !use_wgather) { |
1052 | spin_lock(&file->f_lock); |
1053 | file->f_flags |= O_SYNC; |
1054 | spin_unlock(&file->f_lock); |
1055 | } |
1056 | |
1057 | /* Write the data. */ |
1058 | oldfs = get_fs(); set_fs(KERNEL_DS); |
1059 | host_err = vfs_writev(file, (struct iovec __user *)vec, vlen, &offset); |
1060 | set_fs(oldfs); |
1061 | if (host_err < 0) |
1062 | goto out_nfserr; |
1063 | *cnt = host_err; |
1064 | nfsdstats.io_write += host_err; |
1065 | fsnotify_modify(file->f_path.dentry); |
1066 | |
1067 | /* clear setuid/setgid flag after write */ |
1068 | if (inode->i_mode & (S_ISUID | S_ISGID)) |
1069 | kill_suid(dentry); |
1070 | |
1071 | if (stable && use_wgather) |
1072 | host_err = wait_for_concurrent_writes(file); |
1073 | |
1074 | out_nfserr: |
1075 | dprintk("nfsd: write complete host_err=%d\n", host_err); |
1076 | if (host_err >= 0) |
1077 | err = 0; |
1078 | else |
1079 | err = nfserrno(host_err); |
1080 | out: |
1081 | return err; |
1082 | } |
1083 | |
1084 | /* |
1085 | * Read data from a file. count must contain the requested read count |
1086 | * on entry. On return, *count contains the number of bytes actually read. |
1087 | * N.B. After this call fhp needs an fh_put |
1088 | */ |
1089 | __be32 |
1090 | nfsd_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, |
1091 | loff_t offset, struct kvec *vec, int vlen, |
1092 | unsigned long *count) |
1093 | { |
1094 | __be32 err; |
1095 | |
1096 | if (file) { |
1097 | err = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, |
1098 | NFSD_MAY_READ|NFSD_MAY_OWNER_OVERRIDE); |
1099 | if (err) |
1100 | goto out; |
1101 | err = nfsd_vfs_read(rqstp, fhp, file, offset, vec, vlen, count); |
1102 | } else { |
1103 | err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); |
1104 | if (err) |
1105 | goto out; |
1106 | err = nfsd_vfs_read(rqstp, fhp, file, offset, vec, vlen, count); |
1107 | nfsd_close(file); |
1108 | } |
1109 | out: |
1110 | return err; |
1111 | } |
1112 | |
1113 | /* |
1114 | * Write data to a file. |
1115 | * The stable flag requests synchronous writes. |
1116 | * N.B. After this call fhp needs an fh_put |
1117 | */ |
1118 | __be32 |
1119 | nfsd_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, |
1120 | loff_t offset, struct kvec *vec, int vlen, unsigned long *cnt, |
1121 | int *stablep) |
1122 | { |
1123 | __be32 err = 0; |
1124 | |
1125 | if (file) { |
1126 | err = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, |
1127 | NFSD_MAY_WRITE|NFSD_MAY_OWNER_OVERRIDE); |
1128 | if (err) |
1129 | goto out; |
1130 | err = nfsd_vfs_write(rqstp, fhp, file, offset, vec, vlen, cnt, |
1131 | stablep); |
1132 | } else { |
1133 | err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_WRITE, &file); |
1134 | if (err) |
1135 | goto out; |
1136 | |
1137 | if (cnt) |
1138 | err = nfsd_vfs_write(rqstp, fhp, file, offset, vec, vlen, |
1139 | cnt, stablep); |
1140 | nfsd_close(file); |
1141 | } |
1142 | out: |
1143 | return err; |
1144 | } |
1145 | |
1146 | #ifdef CONFIG_NFSD_V3 |
1147 | /* |
1148 | * Commit all pending writes to stable storage. |
1149 | * |
1150 | * Note: we only guarantee that data that lies within the range specified |
1151 | * by the 'offset' and 'count' parameters will be synced. |
1152 | * |
1153 | * Unfortunately we cannot lock the file to make sure we return full WCC |
1154 | * data to the client, as locking happens lower down in the filesystem. |
1155 | */ |
1156 | __be32 |
1157 | nfsd_commit(struct svc_rqst *rqstp, struct svc_fh *fhp, |
1158 | loff_t offset, unsigned long count) |
1159 | { |
1160 | struct file *file; |
1161 | loff_t end = LLONG_MAX; |
1162 | __be32 err = nfserr_inval; |
1163 | |
1164 | if (offset < 0) |
1165 | goto out; |
1166 | if (count != 0) { |
1167 | end = offset + (loff_t)count - 1; |
1168 | if (end < offset) |
1169 | goto out; |
1170 | } |
1171 | |
1172 | err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_WRITE, &file); |
1173 | if (err) |
1174 | goto out; |
1175 | if (EX_ISSYNC(fhp->fh_export)) { |
1176 | int err2 = vfs_fsync_range(file, file->f_path.dentry, |
1177 | offset, end, 0); |
1178 | |
1179 | if (err2 != -EINVAL) |
1180 | err = nfserrno(err2); |
1181 | else |
1182 | err = nfserr_notsupp; |
1183 | } |
1184 | |
1185 | nfsd_close(file); |
1186 | out: |
1187 | return err; |
1188 | } |
1189 | #endif /* CONFIG_NFSD_V3 */ |
1190 | |
1191 | static __be32 |
1192 | nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp, |
1193 | struct iattr *iap) |
1194 | { |
1195 | /* |
1196 | * Mode has already been set earlier in create: |
1197 | */ |
1198 | iap->ia_valid &= ~ATTR_MODE; |
1199 | /* |
1200 | * Setting uid/gid works only for root. Irix appears to |
1201 | * send along the gid on create when it tries to implement |
1202 | * setgid directories via NFS: |
1203 | */ |
1204 | if (current_fsuid() != 0) |
1205 | iap->ia_valid &= ~(ATTR_UID|ATTR_GID); |
1206 | if (iap->ia_valid) |
1207 | return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0); |
1208 | return 0; |
1209 | } |
1210 | |
1211 | /* HPUX client sometimes creates a file in mode 000, and sets size to 0. |
1212 | * setting size to 0 may fail for some specific file systems by the permission |
1213 | * checking which requires WRITE permission but the mode is 000. |
1214 | * we ignore the resizing(to 0) on the just new created file, since the size is |
1215 | * 0 after file created. |
1216 | * |
1217 | * call this only after vfs_create() is called. |
1218 | * */ |
1219 | static void |
1220 | nfsd_check_ignore_resizing(struct iattr *iap) |
1221 | { |
1222 | if ((iap->ia_valid & ATTR_SIZE) && (iap->ia_size == 0)) |
1223 | iap->ia_valid &= ~ATTR_SIZE; |
1224 | } |
1225 | |
1226 | /* |
1227 | * Create a file (regular, directory, device, fifo); UNIX sockets |
1228 | * not yet implemented. |
1229 | * If the response fh has been verified, the parent directory should |
1230 | * already be locked. Note that the parent directory is left locked. |
1231 | * |
1232 | * N.B. Every call to nfsd_create needs an fh_put for _both_ fhp and resfhp |
1233 | */ |
1234 | __be32 |
1235 | nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp, |
1236 | char *fname, int flen, struct iattr *iap, |
1237 | int type, dev_t rdev, struct svc_fh *resfhp) |
1238 | { |
1239 | struct dentry *dentry, *dchild = NULL; |
1240 | struct inode *dirp; |
1241 | __be32 err; |
1242 | __be32 err2; |
1243 | int host_err; |
1244 | |
1245 | err = nfserr_perm; |
1246 | if (!flen) |
1247 | goto out; |
1248 | err = nfserr_exist; |
1249 | if (isdotent(fname, flen)) |
1250 | goto out; |
1251 | |
1252 | err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); |
1253 | if (err) |
1254 | goto out; |
1255 | |
1256 | dentry = fhp->fh_dentry; |
1257 | dirp = dentry->d_inode; |
1258 | |
1259 | err = nfserr_notdir; |
1260 | if (!dirp->i_op->lookup) |
1261 | goto out; |
1262 | /* |
1263 | * Check whether the response file handle has been verified yet. |
1264 | * If it has, the parent directory should already be locked. |
1265 | */ |
1266 | if (!resfhp->fh_dentry) { |
1267 | /* called from nfsd_proc_mkdir, or possibly nfsd3_proc_create */ |
1268 | fh_lock_nested(fhp, I_MUTEX_PARENT); |
1269 | dchild = lookup_one_len(fname, dentry, flen); |
1270 | host_err = PTR_ERR(dchild); |
1271 | if (IS_ERR(dchild)) |
1272 | goto out_nfserr; |
1273 | err = fh_compose(resfhp, fhp->fh_export, dchild, fhp); |
1274 | if (err) |
1275 | goto out; |
1276 | } else { |
1277 | /* called from nfsd_proc_create */ |
1278 | dchild = dget(resfhp->fh_dentry); |
1279 | if (!fhp->fh_locked) { |
1280 | /* not actually possible */ |
1281 | printk(KERN_ERR |
1282 | "nfsd_create: parent %s/%s not locked!\n", |
1283 | dentry->d_parent->d_name.name, |
1284 | dentry->d_name.name); |
1285 | err = nfserr_io; |
1286 | goto out; |
1287 | } |
1288 | } |
1289 | /* |
1290 | * Make sure the child dentry is still negative ... |
1291 | */ |
1292 | err = nfserr_exist; |
1293 | if (dchild->d_inode) { |
1294 | dprintk("nfsd_create: dentry %s/%s not negative!\n", |
1295 | dentry->d_name.name, dchild->d_name.name); |
1296 | goto out; |
1297 | } |
1298 | |
1299 | if (!(iap->ia_valid & ATTR_MODE)) |
1300 | iap->ia_mode = 0; |
1301 | iap->ia_mode = (iap->ia_mode & S_IALLUGO) | type; |
1302 | |
1303 | err = nfserr_inval; |
1304 | if (!S_ISREG(type) && !S_ISDIR(type) && !special_file(type)) { |
1305 | printk(KERN_WARNING "nfsd: bad file type %o in nfsd_create\n", |
1306 | type); |
1307 | goto out; |
1308 | } |
1309 | |
1310 | host_err = mnt_want_write(fhp->fh_export->ex_path.mnt); |
1311 | if (host_err) |
1312 | goto out_nfserr; |
1313 | |
1314 | /* |
1315 | * Get the dir op function pointer. |
1316 | */ |
1317 | err = 0; |
1318 | switch (type) { |
1319 | case S_IFREG: |
1320 | host_err = vfs_create(dirp, dchild, iap->ia_mode, NULL); |
1321 | if (!host_err) |
1322 | nfsd_check_ignore_resizing(iap); |
1323 | break; |
1324 | case S_IFDIR: |
1325 | host_err = vfs_mkdir(dirp, dchild, iap->ia_mode); |
1326 | break; |
1327 | case S_IFCHR: |
1328 | case S_IFBLK: |
1329 | case S_IFIFO: |
1330 | case S_IFSOCK: |
1331 | host_err = vfs_mknod(dirp, dchild, iap->ia_mode, rdev); |
1332 | break; |
1333 | } |
1334 | if (host_err < 0) { |
1335 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1336 | goto out_nfserr; |
1337 | } |
1338 | |
1339 | err = nfsd_create_setattr(rqstp, resfhp, iap); |
1340 | |
1341 | /* |
1342 | * nfsd_setattr already committed the child. Transactional filesystems |
1343 | * had a chance to commit changes for both parent and child |
1344 | * simultaneously making the following commit_metadata a noop. |
1345 | */ |
1346 | err2 = nfserrno(commit_metadata(fhp)); |
1347 | if (err2) |
1348 | err = err2; |
1349 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1350 | /* |
1351 | * Update the file handle to get the new inode info. |
1352 | */ |
1353 | if (!err) |
1354 | err = fh_update(resfhp); |
1355 | out: |
1356 | if (dchild && !IS_ERR(dchild)) |
1357 | dput(dchild); |
1358 | return err; |
1359 | |
1360 | out_nfserr: |
1361 | err = nfserrno(host_err); |
1362 | goto out; |
1363 | } |
1364 | |
1365 | #ifdef CONFIG_NFSD_V3 |
1366 | /* |
1367 | * NFSv3 version of nfsd_create |
1368 | */ |
1369 | __be32 |
1370 | nfsd_create_v3(struct svc_rqst *rqstp, struct svc_fh *fhp, |
1371 | char *fname, int flen, struct iattr *iap, |
1372 | struct svc_fh *resfhp, int createmode, u32 *verifier, |
1373 | int *truncp, int *created) |
1374 | { |
1375 | struct dentry *dentry, *dchild = NULL; |
1376 | struct inode *dirp; |
1377 | __be32 err; |
1378 | int host_err; |
1379 | __u32 v_mtime=0, v_atime=0; |
1380 | |
1381 | err = nfserr_perm; |
1382 | if (!flen) |
1383 | goto out; |
1384 | err = nfserr_exist; |
1385 | if (isdotent(fname, flen)) |
1386 | goto out; |
1387 | if (!(iap->ia_valid & ATTR_MODE)) |
1388 | iap->ia_mode = 0; |
1389 | err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); |
1390 | if (err) |
1391 | goto out; |
1392 | |
1393 | dentry = fhp->fh_dentry; |
1394 | dirp = dentry->d_inode; |
1395 | |
1396 | /* Get all the sanity checks out of the way before |
1397 | * we lock the parent. */ |
1398 | err = nfserr_notdir; |
1399 | if (!dirp->i_op->lookup) |
1400 | goto out; |
1401 | fh_lock_nested(fhp, I_MUTEX_PARENT); |
1402 | |
1403 | /* |
1404 | * Compose the response file handle. |
1405 | */ |
1406 | dchild = lookup_one_len(fname, dentry, flen); |
1407 | host_err = PTR_ERR(dchild); |
1408 | if (IS_ERR(dchild)) |
1409 | goto out_nfserr; |
1410 | |
1411 | err = fh_compose(resfhp, fhp->fh_export, dchild, fhp); |
1412 | if (err) |
1413 | goto out; |
1414 | |
1415 | if (createmode == NFS3_CREATE_EXCLUSIVE) { |
1416 | /* solaris7 gets confused (bugid 4218508) if these have |
1417 | * the high bit set, so just clear the high bits. If this is |
1418 | * ever changed to use different attrs for storing the |
1419 | * verifier, then do_open_lookup() will also need to be fixed |
1420 | * accordingly. |
1421 | */ |
1422 | v_mtime = verifier[0]&0x7fffffff; |
1423 | v_atime = verifier[1]&0x7fffffff; |
1424 | } |
1425 | |
1426 | host_err = mnt_want_write(fhp->fh_export->ex_path.mnt); |
1427 | if (host_err) |
1428 | goto out_nfserr; |
1429 | if (dchild->d_inode) { |
1430 | err = 0; |
1431 | |
1432 | switch (createmode) { |
1433 | case NFS3_CREATE_UNCHECKED: |
1434 | if (! S_ISREG(dchild->d_inode->i_mode)) |
1435 | err = nfserr_exist; |
1436 | else if (truncp) { |
1437 | /* in nfsv4, we need to treat this case a little |
1438 | * differently. we don't want to truncate the |
1439 | * file now; this would be wrong if the OPEN |
1440 | * fails for some other reason. furthermore, |
1441 | * if the size is nonzero, we should ignore it |
1442 | * according to spec! |
1443 | */ |
1444 | *truncp = (iap->ia_valid & ATTR_SIZE) && !iap->ia_size; |
1445 | } |
1446 | else { |
1447 | iap->ia_valid &= ATTR_SIZE; |
1448 | goto set_attr; |
1449 | } |
1450 | break; |
1451 | case NFS3_CREATE_EXCLUSIVE: |
1452 | if ( dchild->d_inode->i_mtime.tv_sec == v_mtime |
1453 | && dchild->d_inode->i_atime.tv_sec == v_atime |
1454 | && dchild->d_inode->i_size == 0 ) |
1455 | break; |
1456 | /* fallthru */ |
1457 | case NFS3_CREATE_GUARDED: |
1458 | err = nfserr_exist; |
1459 | } |
1460 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1461 | goto out; |
1462 | } |
1463 | |
1464 | host_err = vfs_create(dirp, dchild, iap->ia_mode, NULL); |
1465 | if (host_err < 0) { |
1466 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1467 | goto out_nfserr; |
1468 | } |
1469 | if (created) |
1470 | *created = 1; |
1471 | |
1472 | nfsd_check_ignore_resizing(iap); |
1473 | |
1474 | if (createmode == NFS3_CREATE_EXCLUSIVE) { |
1475 | /* Cram the verifier into atime/mtime */ |
1476 | iap->ia_valid = ATTR_MTIME|ATTR_ATIME |
1477 | | ATTR_MTIME_SET|ATTR_ATIME_SET; |
1478 | /* XXX someone who knows this better please fix it for nsec */ |
1479 | iap->ia_mtime.tv_sec = v_mtime; |
1480 | iap->ia_atime.tv_sec = v_atime; |
1481 | iap->ia_mtime.tv_nsec = 0; |
1482 | iap->ia_atime.tv_nsec = 0; |
1483 | } |
1484 | |
1485 | set_attr: |
1486 | err = nfsd_create_setattr(rqstp, resfhp, iap); |
1487 | |
1488 | /* |
1489 | * nfsd_setattr already committed the child (and possibly also the parent). |
1490 | */ |
1491 | if (!err) |
1492 | err = nfserrno(commit_metadata(fhp)); |
1493 | |
1494 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1495 | /* |
1496 | * Update the filehandle to get the new inode info. |
1497 | */ |
1498 | if (!err) |
1499 | err = fh_update(resfhp); |
1500 | |
1501 | out: |
1502 | fh_unlock(fhp); |
1503 | if (dchild && !IS_ERR(dchild)) |
1504 | dput(dchild); |
1505 | return err; |
1506 | |
1507 | out_nfserr: |
1508 | err = nfserrno(host_err); |
1509 | goto out; |
1510 | } |
1511 | #endif /* CONFIG_NFSD_V3 */ |
1512 | |
1513 | /* |
1514 | * Read a symlink. On entry, *lenp must contain the maximum path length that |
1515 | * fits into the buffer. On return, it contains the true length. |
1516 | * N.B. After this call fhp needs an fh_put |
1517 | */ |
1518 | __be32 |
1519 | nfsd_readlink(struct svc_rqst *rqstp, struct svc_fh *fhp, char *buf, int *lenp) |
1520 | { |
1521 | struct dentry *dentry; |
1522 | struct inode *inode; |
1523 | mm_segment_t oldfs; |
1524 | __be32 err; |
1525 | int host_err; |
1526 | |
1527 | err = fh_verify(rqstp, fhp, S_IFLNK, NFSD_MAY_NOP); |
1528 | if (err) |
1529 | goto out; |
1530 | |
1531 | dentry = fhp->fh_dentry; |
1532 | inode = dentry->d_inode; |
1533 | |
1534 | err = nfserr_inval; |
1535 | if (!inode->i_op->readlink) |
1536 | goto out; |
1537 | |
1538 | touch_atime(fhp->fh_export->ex_path.mnt, dentry); |
1539 | /* N.B. Why does this call need a get_fs()?? |
1540 | * Remove the set_fs and watch the fireworks:-) --okir |
1541 | */ |
1542 | |
1543 | oldfs = get_fs(); set_fs(KERNEL_DS); |
1544 | host_err = inode->i_op->readlink(dentry, buf, *lenp); |
1545 | set_fs(oldfs); |
1546 | |
1547 | if (host_err < 0) |
1548 | goto out_nfserr; |
1549 | *lenp = host_err; |
1550 | err = 0; |
1551 | out: |
1552 | return err; |
1553 | |
1554 | out_nfserr: |
1555 | err = nfserrno(host_err); |
1556 | goto out; |
1557 | } |
1558 | |
1559 | /* |
1560 | * Create a symlink and look up its inode |
1561 | * N.B. After this call _both_ fhp and resfhp need an fh_put |
1562 | */ |
1563 | __be32 |
1564 | nfsd_symlink(struct svc_rqst *rqstp, struct svc_fh *fhp, |
1565 | char *fname, int flen, |
1566 | char *path, int plen, |
1567 | struct svc_fh *resfhp, |
1568 | struct iattr *iap) |
1569 | { |
1570 | struct dentry *dentry, *dnew; |
1571 | __be32 err, cerr; |
1572 | int host_err; |
1573 | |
1574 | err = nfserr_noent; |
1575 | if (!flen || !plen) |
1576 | goto out; |
1577 | err = nfserr_exist; |
1578 | if (isdotent(fname, flen)) |
1579 | goto out; |
1580 | |
1581 | err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); |
1582 | if (err) |
1583 | goto out; |
1584 | fh_lock(fhp); |
1585 | dentry = fhp->fh_dentry; |
1586 | dnew = lookup_one_len(fname, dentry, flen); |
1587 | host_err = PTR_ERR(dnew); |
1588 | if (IS_ERR(dnew)) |
1589 | goto out_nfserr; |
1590 | |
1591 | host_err = mnt_want_write(fhp->fh_export->ex_path.mnt); |
1592 | if (host_err) |
1593 | goto out_nfserr; |
1594 | |
1595 | if (unlikely(path[plen] != 0)) { |
1596 | char *path_alloced = kmalloc(plen+1, GFP_KERNEL); |
1597 | if (path_alloced == NULL) |
1598 | host_err = -ENOMEM; |
1599 | else { |
1600 | strncpy(path_alloced, path, plen); |
1601 | path_alloced[plen] = 0; |
1602 | host_err = vfs_symlink(dentry->d_inode, dnew, path_alloced); |
1603 | kfree(path_alloced); |
1604 | } |
1605 | } else |
1606 | host_err = vfs_symlink(dentry->d_inode, dnew, path); |
1607 | err = nfserrno(host_err); |
1608 | if (!err) |
1609 | err = nfserrno(commit_metadata(fhp)); |
1610 | fh_unlock(fhp); |
1611 | |
1612 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1613 | |
1614 | cerr = fh_compose(resfhp, fhp->fh_export, dnew, fhp); |
1615 | dput(dnew); |
1616 | if (err==0) err = cerr; |
1617 | out: |
1618 | return err; |
1619 | |
1620 | out_nfserr: |
1621 | err = nfserrno(host_err); |
1622 | goto out; |
1623 | } |
1624 | |
1625 | /* |
1626 | * Create a hardlink |
1627 | * N.B. After this call _both_ ffhp and tfhp need an fh_put |
1628 | */ |
1629 | __be32 |
1630 | nfsd_link(struct svc_rqst *rqstp, struct svc_fh *ffhp, |
1631 | char *name, int len, struct svc_fh *tfhp) |
1632 | { |
1633 | struct dentry *ddir, *dnew, *dold; |
1634 | struct inode *dirp, *dest; |
1635 | __be32 err; |
1636 | int host_err; |
1637 | |
1638 | err = fh_verify(rqstp, ffhp, S_IFDIR, NFSD_MAY_CREATE); |
1639 | if (err) |
1640 | goto out; |
1641 | err = fh_verify(rqstp, tfhp, -S_IFDIR, NFSD_MAY_NOP); |
1642 | if (err) |
1643 | goto out; |
1644 | |
1645 | err = nfserr_perm; |
1646 | if (!len) |
1647 | goto out; |
1648 | err = nfserr_exist; |
1649 | if (isdotent(name, len)) |
1650 | goto out; |
1651 | |
1652 | fh_lock_nested(ffhp, I_MUTEX_PARENT); |
1653 | ddir = ffhp->fh_dentry; |
1654 | dirp = ddir->d_inode; |
1655 | |
1656 | dnew = lookup_one_len(name, ddir, len); |
1657 | host_err = PTR_ERR(dnew); |
1658 | if (IS_ERR(dnew)) |
1659 | goto out_nfserr; |
1660 | |
1661 | dold = tfhp->fh_dentry; |
1662 | dest = dold->d_inode; |
1663 | |
1664 | host_err = mnt_want_write(tfhp->fh_export->ex_path.mnt); |
1665 | if (host_err) { |
1666 | err = nfserrno(host_err); |
1667 | goto out_dput; |
1668 | } |
1669 | host_err = vfs_link(dold, dirp, dnew); |
1670 | if (!host_err) { |
1671 | err = nfserrno(commit_metadata(ffhp)); |
1672 | if (!err) |
1673 | err = nfserrno(commit_metadata(tfhp)); |
1674 | } else { |
1675 | if (host_err == -EXDEV && rqstp->rq_vers == 2) |
1676 | err = nfserr_acces; |
1677 | else |
1678 | err = nfserrno(host_err); |
1679 | } |
1680 | mnt_drop_write(tfhp->fh_export->ex_path.mnt); |
1681 | out_dput: |
1682 | dput(dnew); |
1683 | out_unlock: |
1684 | fh_unlock(ffhp); |
1685 | out: |
1686 | return err; |
1687 | |
1688 | out_nfserr: |
1689 | err = nfserrno(host_err); |
1690 | goto out_unlock; |
1691 | } |
1692 | |
1693 | /* |
1694 | * Rename a file |
1695 | * N.B. After this call _both_ ffhp and tfhp need an fh_put |
1696 | */ |
1697 | __be32 |
1698 | nfsd_rename(struct svc_rqst *rqstp, struct svc_fh *ffhp, char *fname, int flen, |
1699 | struct svc_fh *tfhp, char *tname, int tlen) |
1700 | { |
1701 | struct dentry *fdentry, *tdentry, *odentry, *ndentry, *trap; |
1702 | struct inode *fdir, *tdir; |
1703 | __be32 err; |
1704 | int host_err; |
1705 | |
1706 | err = fh_verify(rqstp, ffhp, S_IFDIR, NFSD_MAY_REMOVE); |
1707 | if (err) |
1708 | goto out; |
1709 | err = fh_verify(rqstp, tfhp, S_IFDIR, NFSD_MAY_CREATE); |
1710 | if (err) |
1711 | goto out; |
1712 | |
1713 | fdentry = ffhp->fh_dentry; |
1714 | fdir = fdentry->d_inode; |
1715 | |
1716 | tdentry = tfhp->fh_dentry; |
1717 | tdir = tdentry->d_inode; |
1718 | |
1719 | err = (rqstp->rq_vers == 2) ? nfserr_acces : nfserr_xdev; |
1720 | if (ffhp->fh_export != tfhp->fh_export) |
1721 | goto out; |
1722 | |
1723 | err = nfserr_perm; |
1724 | if (!flen || isdotent(fname, flen) || !tlen || isdotent(tname, tlen)) |
1725 | goto out; |
1726 | |
1727 | /* cannot use fh_lock as we need deadlock protective ordering |
1728 | * so do it by hand */ |
1729 | trap = lock_rename(tdentry, fdentry); |
1730 | ffhp->fh_locked = tfhp->fh_locked = 1; |
1731 | fill_pre_wcc(ffhp); |
1732 | fill_pre_wcc(tfhp); |
1733 | |
1734 | odentry = lookup_one_len(fname, fdentry, flen); |
1735 | host_err = PTR_ERR(odentry); |
1736 | if (IS_ERR(odentry)) |
1737 | goto out_nfserr; |
1738 | |
1739 | host_err = -ENOENT; |
1740 | if (!odentry->d_inode) |
1741 | goto out_dput_old; |
1742 | host_err = -EINVAL; |
1743 | if (odentry == trap) |
1744 | goto out_dput_old; |
1745 | |
1746 | ndentry = lookup_one_len(tname, tdentry, tlen); |
1747 | host_err = PTR_ERR(ndentry); |
1748 | if (IS_ERR(ndentry)) |
1749 | goto out_dput_old; |
1750 | host_err = -ENOTEMPTY; |
1751 | if (ndentry == trap) |
1752 | goto out_dput_new; |
1753 | |
1754 | if (svc_msnfs(ffhp) && |
1755 | ((atomic_read(&odentry->d_count) > 1) |
1756 | || (atomic_read(&ndentry->d_count) > 1))) { |
1757 | host_err = -EPERM; |
1758 | goto out_dput_new; |
1759 | } |
1760 | |
1761 | host_err = -EXDEV; |
1762 | if (ffhp->fh_export->ex_path.mnt != tfhp->fh_export->ex_path.mnt) |
1763 | goto out_dput_new; |
1764 | host_err = mnt_want_write(ffhp->fh_export->ex_path.mnt); |
1765 | if (host_err) |
1766 | goto out_dput_new; |
1767 | |
1768 | host_err = vfs_rename(fdir, odentry, tdir, ndentry); |
1769 | if (!host_err) { |
1770 | host_err = commit_metadata(tfhp); |
1771 | if (!host_err) |
1772 | host_err = commit_metadata(ffhp); |
1773 | } |
1774 | |
1775 | mnt_drop_write(ffhp->fh_export->ex_path.mnt); |
1776 | |
1777 | out_dput_new: |
1778 | dput(ndentry); |
1779 | out_dput_old: |
1780 | dput(odentry); |
1781 | out_nfserr: |
1782 | err = nfserrno(host_err); |
1783 | |
1784 | /* we cannot reply on fh_unlock on the two filehandles, |
1785 | * as that would do the wrong thing if the two directories |
1786 | * were the same, so again we do it by hand |
1787 | */ |
1788 | fill_post_wcc(ffhp); |
1789 | fill_post_wcc(tfhp); |
1790 | unlock_rename(tdentry, fdentry); |
1791 | ffhp->fh_locked = tfhp->fh_locked = 0; |
1792 | |
1793 | out: |
1794 | return err; |
1795 | } |
1796 | |
1797 | /* |
1798 | * Unlink a file or directory |
1799 | * N.B. After this call fhp needs an fh_put |
1800 | */ |
1801 | __be32 |
1802 | nfsd_unlink(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, |
1803 | char *fname, int flen) |
1804 | { |
1805 | struct dentry *dentry, *rdentry; |
1806 | struct inode *dirp; |
1807 | __be32 err; |
1808 | int host_err; |
1809 | |
1810 | err = nfserr_acces; |
1811 | if (!flen || isdotent(fname, flen)) |
1812 | goto out; |
1813 | err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_REMOVE); |
1814 | if (err) |
1815 | goto out; |
1816 | |
1817 | fh_lock_nested(fhp, I_MUTEX_PARENT); |
1818 | dentry = fhp->fh_dentry; |
1819 | dirp = dentry->d_inode; |
1820 | |
1821 | rdentry = lookup_one_len(fname, dentry, flen); |
1822 | host_err = PTR_ERR(rdentry); |
1823 | if (IS_ERR(rdentry)) |
1824 | goto out_nfserr; |
1825 | |
1826 | if (!rdentry->d_inode) { |
1827 | dput(rdentry); |
1828 | err = nfserr_noent; |
1829 | goto out; |
1830 | } |
1831 | |
1832 | if (!type) |
1833 | type = rdentry->d_inode->i_mode & S_IFMT; |
1834 | |
1835 | host_err = mnt_want_write(fhp->fh_export->ex_path.mnt); |
1836 | if (host_err) |
1837 | goto out_nfserr; |
1838 | |
1839 | if (type != S_IFDIR) { /* It's UNLINK */ |
1840 | #ifdef MSNFS |
1841 | if ((fhp->fh_export->ex_flags & NFSEXP_MSNFS) && |
1842 | (atomic_read(&rdentry->d_count) > 1)) { |
1843 | host_err = -EPERM; |
1844 | } else |
1845 | #endif |
1846 | host_err = vfs_unlink(dirp, rdentry); |
1847 | } else { /* It's RMDIR */ |
1848 | host_err = vfs_rmdir(dirp, rdentry); |
1849 | } |
1850 | |
1851 | dput(rdentry); |
1852 | |
1853 | if (!host_err) |
1854 | host_err = commit_metadata(fhp); |
1855 | |
1856 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
1857 | out_nfserr: |
1858 | err = nfserrno(host_err); |
1859 | out: |
1860 | return err; |
1861 | } |
1862 | |
1863 | /* |
1864 | * We do this buffering because we must not call back into the file |
1865 | * system's ->lookup() method from the filldir callback. That may well |
1866 | * deadlock a number of file systems. |
1867 | * |
1868 | * This is based heavily on the implementation of same in XFS. |
1869 | */ |
1870 | struct buffered_dirent { |
1871 | u64 ino; |
1872 | loff_t offset; |
1873 | int namlen; |
1874 | unsigned int d_type; |
1875 | char name[]; |
1876 | }; |
1877 | |
1878 | struct readdir_data { |
1879 | char *dirent; |
1880 | size_t used; |
1881 | int full; |
1882 | }; |
1883 | |
1884 | static int nfsd_buffered_filldir(void *__buf, const char *name, int namlen, |
1885 | loff_t offset, u64 ino, unsigned int d_type) |
1886 | { |
1887 | struct readdir_data *buf = __buf; |
1888 | struct buffered_dirent *de = (void *)(buf->dirent + buf->used); |
1889 | unsigned int reclen; |
1890 | |
1891 | reclen = ALIGN(sizeof(struct buffered_dirent) + namlen, sizeof(u64)); |
1892 | if (buf->used + reclen > PAGE_SIZE) { |
1893 | buf->full = 1; |
1894 | return -EINVAL; |
1895 | } |
1896 | |
1897 | de->namlen = namlen; |
1898 | de->offset = offset; |
1899 | de->ino = ino; |
1900 | de->d_type = d_type; |
1901 | memcpy(de->name, name, namlen); |
1902 | buf->used += reclen; |
1903 | |
1904 | return 0; |
1905 | } |
1906 | |
1907 | static __be32 nfsd_buffered_readdir(struct file *file, filldir_t func, |
1908 | struct readdir_cd *cdp, loff_t *offsetp) |
1909 | { |
1910 | struct readdir_data buf; |
1911 | struct buffered_dirent *de; |
1912 | int host_err; |
1913 | int size; |
1914 | loff_t offset; |
1915 | |
1916 | buf.dirent = (void *)__get_free_page(GFP_KERNEL); |
1917 | if (!buf.dirent) |
1918 | return nfserrno(-ENOMEM); |
1919 | |
1920 | offset = *offsetp; |
1921 | |
1922 | while (1) { |
1923 | struct inode *dir_inode = file->f_path.dentry->d_inode; |
1924 | unsigned int reclen; |
1925 | |
1926 | cdp->err = nfserr_eof; /* will be cleared on successful read */ |
1927 | buf.used = 0; |
1928 | buf.full = 0; |
1929 | |
1930 | host_err = vfs_readdir(file, nfsd_buffered_filldir, &buf); |
1931 | if (buf.full) |
1932 | host_err = 0; |
1933 | |
1934 | if (host_err < 0) |
1935 | break; |
1936 | |
1937 | size = buf.used; |
1938 | |
1939 | if (!size) |
1940 | break; |
1941 | |
1942 | /* |
1943 | * Various filldir functions may end up calling back into |
1944 | * lookup_one_len() and the file system's ->lookup() method. |
1945 | * These expect i_mutex to be held, as it would within readdir. |
1946 | */ |
1947 | host_err = mutex_lock_killable(&dir_inode->i_mutex); |
1948 | if (host_err) |
1949 | break; |
1950 | |
1951 | de = (struct buffered_dirent *)buf.dirent; |
1952 | while (size > 0) { |
1953 | offset = de->offset; |
1954 | |
1955 | if (func(cdp, de->name, de->namlen, de->offset, |
1956 | de->ino, de->d_type)) |
1957 | break; |
1958 | |
1959 | if (cdp->err != nfs_ok) |
1960 | break; |
1961 | |
1962 | reclen = ALIGN(sizeof(*de) + de->namlen, |
1963 | sizeof(u64)); |
1964 | size -= reclen; |
1965 | de = (struct buffered_dirent *)((char *)de + reclen); |
1966 | } |
1967 | mutex_unlock(&dir_inode->i_mutex); |
1968 | if (size > 0) /* We bailed out early */ |
1969 | break; |
1970 | |
1971 | offset = vfs_llseek(file, 0, SEEK_CUR); |
1972 | } |
1973 | |
1974 | free_page((unsigned long)(buf.dirent)); |
1975 | |
1976 | if (host_err) |
1977 | return nfserrno(host_err); |
1978 | |
1979 | *offsetp = offset; |
1980 | return cdp->err; |
1981 | } |
1982 | |
1983 | /* |
1984 | * Read entries from a directory. |
1985 | * The NFSv3/4 verifier we ignore for now. |
1986 | */ |
1987 | __be32 |
1988 | nfsd_readdir(struct svc_rqst *rqstp, struct svc_fh *fhp, loff_t *offsetp, |
1989 | struct readdir_cd *cdp, filldir_t func) |
1990 | { |
1991 | __be32 err; |
1992 | struct file *file; |
1993 | loff_t offset = *offsetp; |
1994 | |
1995 | err = nfsd_open(rqstp, fhp, S_IFDIR, NFSD_MAY_READ, &file); |
1996 | if (err) |
1997 | goto out; |
1998 | |
1999 | offset = vfs_llseek(file, offset, 0); |
2000 | if (offset < 0) { |
2001 | err = nfserrno((int)offset); |
2002 | goto out_close; |
2003 | } |
2004 | |
2005 | err = nfsd_buffered_readdir(file, func, cdp, offsetp); |
2006 | |
2007 | if (err == nfserr_eof || err == nfserr_toosmall) |
2008 | err = nfs_ok; /* can still be found in ->err */ |
2009 | out_close: |
2010 | nfsd_close(file); |
2011 | out: |
2012 | return err; |
2013 | } |
2014 | |
2015 | /* |
2016 | * Get file system stats |
2017 | * N.B. After this call fhp needs an fh_put |
2018 | */ |
2019 | __be32 |
2020 | nfsd_statfs(struct svc_rqst *rqstp, struct svc_fh *fhp, struct kstatfs *stat, int access) |
2021 | { |
2022 | __be32 err = fh_verify(rqstp, fhp, 0, NFSD_MAY_NOP | access); |
2023 | if (!err && vfs_statfs(fhp->fh_dentry,stat)) |
2024 | err = nfserr_io; |
2025 | return err; |
2026 | } |
2027 | |
2028 | static int exp_rdonly(struct svc_rqst *rqstp, struct svc_export *exp) |
2029 | { |
2030 | return nfsexp_flags(rqstp, exp) & NFSEXP_READONLY; |
2031 | } |
2032 | |
2033 | /* |
2034 | * Check for a user's access permissions to this inode. |
2035 | */ |
2036 | __be32 |
2037 | nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, |
2038 | struct dentry *dentry, int acc) |
2039 | { |
2040 | struct inode *inode = dentry->d_inode; |
2041 | struct path path; |
2042 | int err; |
2043 | |
2044 | if (acc == NFSD_MAY_NOP) |
2045 | return 0; |
2046 | #if 0 |
2047 | dprintk("nfsd: permission 0x%x%s%s%s%s%s%s%s mode 0%o%s%s%s\n", |
2048 | acc, |
2049 | (acc & NFSD_MAY_READ)? " read" : "", |
2050 | (acc & NFSD_MAY_WRITE)? " write" : "", |
2051 | (acc & NFSD_MAY_EXEC)? " exec" : "", |
2052 | (acc & NFSD_MAY_SATTR)? " sattr" : "", |
2053 | (acc & NFSD_MAY_TRUNC)? " trunc" : "", |
2054 | (acc & NFSD_MAY_LOCK)? " lock" : "", |
2055 | (acc & NFSD_MAY_OWNER_OVERRIDE)? " owneroverride" : "", |
2056 | inode->i_mode, |
2057 | IS_IMMUTABLE(inode)? " immut" : "", |
2058 | IS_APPEND(inode)? " append" : "", |
2059 | __mnt_is_readonly(exp->ex_path.mnt)? " ro" : ""); |
2060 | dprintk(" owner %d/%d user %d/%d\n", |
2061 | inode->i_uid, inode->i_gid, current_fsuid(), current_fsgid()); |
2062 | #endif |
2063 | |
2064 | /* Normally we reject any write/sattr etc access on a read-only file |
2065 | * system. But if it is IRIX doing check on write-access for a |
2066 | * device special file, we ignore rofs. |
2067 | */ |
2068 | if (!(acc & NFSD_MAY_LOCAL_ACCESS)) |
2069 | if (acc & (NFSD_MAY_WRITE | NFSD_MAY_SATTR | NFSD_MAY_TRUNC)) { |
2070 | if (exp_rdonly(rqstp, exp) || |
2071 | __mnt_is_readonly(exp->ex_path.mnt)) |
2072 | return nfserr_rofs; |
2073 | if (/* (acc & NFSD_MAY_WRITE) && */ IS_IMMUTABLE(inode)) |
2074 | return nfserr_perm; |
2075 | } |
2076 | if ((acc & NFSD_MAY_TRUNC) && IS_APPEND(inode)) |
2077 | return nfserr_perm; |
2078 | |
2079 | if (acc & NFSD_MAY_LOCK) { |
2080 | /* If we cannot rely on authentication in NLM requests, |
2081 | * just allow locks, otherwise require read permission, or |
2082 | * ownership |
2083 | */ |
2084 | if (exp->ex_flags & NFSEXP_NOAUTHNLM) |
2085 | return 0; |
2086 | else |
2087 | acc = NFSD_MAY_READ | NFSD_MAY_OWNER_OVERRIDE; |
2088 | } |
2089 | /* |
2090 | * The file owner always gets access permission for accesses that |
2091 | * would normally be checked at open time. This is to make |
2092 | * file access work even when the client has done a fchmod(fd, 0). |
2093 | * |
2094 | * However, `cp foo bar' should fail nevertheless when bar is |
2095 | * readonly. A sensible way to do this might be to reject all |
2096 | * attempts to truncate a read-only file, because a creat() call |
2097 | * always implies file truncation. |
2098 | * ... but this isn't really fair. A process may reasonably call |
2099 | * ftruncate on an open file descriptor on a file with perm 000. |
2100 | * We must trust the client to do permission checking - using "ACCESS" |
2101 | * with NFSv3. |
2102 | */ |
2103 | if ((acc & NFSD_MAY_OWNER_OVERRIDE) && |
2104 | inode->i_uid == current_fsuid()) |
2105 | return 0; |
2106 | |
2107 | /* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */ |
2108 | err = inode_permission(inode, acc & (MAY_READ|MAY_WRITE|MAY_EXEC)); |
2109 | |
2110 | /* Allow read access to binaries even when mode 111 */ |
2111 | if (err == -EACCES && S_ISREG(inode->i_mode) && |
2112 | acc == (NFSD_MAY_READ | NFSD_MAY_OWNER_OVERRIDE)) |
2113 | err = inode_permission(inode, MAY_EXEC); |
2114 | if (err) |
2115 | goto nfsd_out; |
2116 | |
2117 | /* Do integrity (permission) checking now, but defer incrementing |
2118 | * IMA counts to the actual file open. |
2119 | */ |
2120 | path.mnt = exp->ex_path.mnt; |
2121 | path.dentry = dentry; |
2122 | nfsd_out: |
2123 | return err? nfserrno(err) : 0; |
2124 | } |
2125 | |
2126 | void |
2127 | nfsd_racache_shutdown(void) |
2128 | { |
2129 | struct raparms *raparm, *last_raparm; |
2130 | unsigned int i; |
2131 | |
2132 | dprintk("nfsd: freeing readahead buffers.\n"); |
2133 | |
2134 | for (i = 0; i < RAPARM_HASH_SIZE; i++) { |
2135 | raparm = raparm_hash[i].pb_head; |
2136 | while(raparm) { |
2137 | last_raparm = raparm; |
2138 | raparm = raparm->p_next; |
2139 | kfree(last_raparm); |
2140 | } |
2141 | raparm_hash[i].pb_head = NULL; |
2142 | } |
2143 | } |
2144 | /* |
2145 | * Initialize readahead param cache |
2146 | */ |
2147 | int |
2148 | nfsd_racache_init(int cache_size) |
2149 | { |
2150 | int i; |
2151 | int j = 0; |
2152 | int nperbucket; |
2153 | struct raparms **raparm = NULL; |
2154 | |
2155 | |
2156 | if (raparm_hash[0].pb_head) |
2157 | return 0; |
2158 | nperbucket = DIV_ROUND_UP(cache_size, RAPARM_HASH_SIZE); |
2159 | if (nperbucket < 2) |
2160 | nperbucket = 2; |
2161 | cache_size = nperbucket * RAPARM_HASH_SIZE; |
2162 | |
2163 | dprintk("nfsd: allocating %d readahead buffers.\n", cache_size); |
2164 | |
2165 | for (i = 0; i < RAPARM_HASH_SIZE; i++) { |
2166 | spin_lock_init(&raparm_hash[i].pb_lock); |
2167 | |
2168 | raparm = &raparm_hash[i].pb_head; |
2169 | for (j = 0; j < nperbucket; j++) { |
2170 | *raparm = kzalloc(sizeof(struct raparms), GFP_KERNEL); |
2171 | if (!*raparm) |
2172 | goto out_nomem; |
2173 | raparm = &(*raparm)->p_next; |
2174 | } |
2175 | *raparm = NULL; |
2176 | } |
2177 | |
2178 | nfsdstats.ra_size = cache_size; |
2179 | return 0; |
2180 | |
2181 | out_nomem: |
2182 | dprintk("nfsd: kmalloc failed, freeing readahead buffers\n"); |
2183 | nfsd_racache_shutdown(); |
2184 | return -ENOMEM; |
2185 | } |
2186 | |
2187 | #if defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) |
2188 | struct posix_acl * |
2189 | nfsd_get_posix_acl(struct svc_fh *fhp, int type) |
2190 | { |
2191 | struct inode *inode = fhp->fh_dentry->d_inode; |
2192 | char *name; |
2193 | void *value = NULL; |
2194 | ssize_t size; |
2195 | struct posix_acl *acl; |
2196 | |
2197 | if (!IS_POSIXACL(inode)) |
2198 | return ERR_PTR(-EOPNOTSUPP); |
2199 | |
2200 | switch (type) { |
2201 | case ACL_TYPE_ACCESS: |
2202 | name = POSIX_ACL_XATTR_ACCESS; |
2203 | break; |
2204 | case ACL_TYPE_DEFAULT: |
2205 | name = POSIX_ACL_XATTR_DEFAULT; |
2206 | break; |
2207 | default: |
2208 | return ERR_PTR(-EOPNOTSUPP); |
2209 | } |
2210 | |
2211 | size = nfsd_getxattr(fhp->fh_dentry, name, &value); |
2212 | if (size < 0) |
2213 | return ERR_PTR(size); |
2214 | |
2215 | acl = posix_acl_from_xattr(value, size); |
2216 | kfree(value); |
2217 | return acl; |
2218 | } |
2219 | |
2220 | int |
2221 | nfsd_set_posix_acl(struct svc_fh *fhp, int type, struct posix_acl *acl) |
2222 | { |
2223 | struct inode *inode = fhp->fh_dentry->d_inode; |
2224 | char *name; |
2225 | void *value = NULL; |
2226 | size_t size; |
2227 | int error; |
2228 | |
2229 | if (!IS_POSIXACL(inode) || |
2230 | !inode->i_op->setxattr || !inode->i_op->removexattr) |
2231 | return -EOPNOTSUPP; |
2232 | switch(type) { |
2233 | case ACL_TYPE_ACCESS: |
2234 | name = POSIX_ACL_XATTR_ACCESS; |
2235 | break; |
2236 | case ACL_TYPE_DEFAULT: |
2237 | name = POSIX_ACL_XATTR_DEFAULT; |
2238 | break; |
2239 | default: |
2240 | return -EOPNOTSUPP; |
2241 | } |
2242 | |
2243 | if (acl && acl->a_count) { |
2244 | size = posix_acl_xattr_size(acl->a_count); |
2245 | value = kmalloc(size, GFP_KERNEL); |
2246 | if (!value) |
2247 | return -ENOMEM; |
2248 | error = posix_acl_to_xattr(acl, value, size); |
2249 | if (error < 0) |
2250 | goto getout; |
2251 | size = error; |
2252 | } else |
2253 | size = 0; |
2254 | |
2255 | error = mnt_want_write(fhp->fh_export->ex_path.mnt); |
2256 | if (error) |
2257 | goto getout; |
2258 | if (size) |
2259 | error = vfs_setxattr(fhp->fh_dentry, name, value, size, 0); |
2260 | else { |
2261 | if (!S_ISDIR(inode->i_mode) && type == ACL_TYPE_DEFAULT) |
2262 | error = 0; |
2263 | else { |
2264 | error = vfs_removexattr(fhp->fh_dentry, name); |
2265 | if (error == -ENODATA) |
2266 | error = 0; |
2267 | } |
2268 | } |
2269 | mnt_drop_write(fhp->fh_export->ex_path.mnt); |
2270 | |
2271 | getout: |
2272 | kfree(value); |
2273 | return error; |
2274 | } |
2275 | #endif /* defined(CONFIG_NFSD_V2_ACL) || defined(CONFIG_NFSD_V3_ACL) */ |
2276 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9