2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2009 Rick Macklem, University of Guelph
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
34 #include <fs/nfs/nfsport.h>
36 struct nfsrv_stablefirst nfsrv_stablefirst;
37 int nfsrv_issuedelegs = 0;
38 int nfsrv_dolocallocks = 0;
39 struct nfsv4lock nfsv4rootfs_lock;
41 extern int newnfs_numnfsd;
42 extern struct nfsstatsv1 nfsstatsv1;
43 extern int nfsrv_lease;
44 extern struct timeval nfsboottime;
45 extern u_int32_t newnfs_true, newnfs_false;
49 SYSCTL_DECL(_vfs_nfsd);
50 int nfsrv_statehashsize = NFSSTATEHASHSIZE;
51 SYSCTL_INT(_vfs_nfsd, OID_AUTO, statehashsize, CTLFLAG_RDTUN,
52 &nfsrv_statehashsize, 0,
53 "Size of state hash table set via loader.conf");
55 int nfsrv_clienthashsize = NFSCLIENTHASHSIZE;
56 SYSCTL_INT(_vfs_nfsd, OID_AUTO, clienthashsize, CTLFLAG_RDTUN,
57 &nfsrv_clienthashsize, 0,
58 "Size of client hash table set via loader.conf");
60 int nfsrv_lockhashsize = NFSLOCKHASHSIZE;
61 SYSCTL_INT(_vfs_nfsd, OID_AUTO, fhhashsize, CTLFLAG_RDTUN,
62 &nfsrv_lockhashsize, 0,
63 "Size of file handle hash table set via loader.conf");
65 int nfsrv_sessionhashsize = NFSSESSIONHASHSIZE;
66 SYSCTL_INT(_vfs_nfsd, OID_AUTO, sessionhashsize, CTLFLAG_RDTUN,
67 &nfsrv_sessionhashsize, 0,
68 "Size of session hash table set via loader.conf");
70 static int nfsrv_v4statelimit = NFSRV_V4STATELIMIT;
71 SYSCTL_INT(_vfs_nfsd, OID_AUTO, v4statelimit, CTLFLAG_RWTUN,
72 &nfsrv_v4statelimit, 0,
73 "High water limit for NFSv4 opens+locks+delegations");
75 static int nfsrv_writedelegifpos = 0;
76 SYSCTL_INT(_vfs_nfsd, OID_AUTO, writedelegifpos, CTLFLAG_RW,
77 &nfsrv_writedelegifpos, 0,
78 "Issue a write delegation for read opens if possible");
80 static int nfsrv_allowreadforwriteopen = 1;
81 SYSCTL_INT(_vfs_nfsd, OID_AUTO, allowreadforwriteopen, CTLFLAG_RW,
82 &nfsrv_allowreadforwriteopen, 0,
83 "Allow Reads to be done with Write Access StateIDs");
86 * Hash lists for nfs V4.
88 struct nfsclienthashhead *nfsclienthash;
89 struct nfslockhashhead *nfslockhash;
90 struct nfssessionhash *nfssessionhash;
91 #endif /* !APPLEKEXT */
93 static u_int32_t nfsrv_openpluslock = 0, nfsrv_delegatecnt = 0;
94 static time_t nfsrvboottime;
95 static int nfsrv_returnoldstateid = 0, nfsrv_clients = 0;
96 static int nfsrv_clienthighwater = NFSRV_CLIENTHIGHWATER;
97 static int nfsrv_nogsscallback = 0;
100 static void nfsrv_dumpaclient(struct nfsclient *clp,
101 struct nfsd_dumpclients *dumpp);
102 static void nfsrv_freeopenowner(struct nfsstate *stp, int cansleep,
104 static int nfsrv_freeopen(struct nfsstate *stp, vnode_t vp, int cansleep,
106 static void nfsrv_freelockowner(struct nfsstate *stp, vnode_t vp, int cansleep,
108 static void nfsrv_freeallnfslocks(struct nfsstate *stp, vnode_t vp,
109 int cansleep, NFSPROC_T *p);
110 static void nfsrv_freenfslock(struct nfslock *lop);
111 static void nfsrv_freenfslockfile(struct nfslockfile *lfp);
112 static void nfsrv_freedeleg(struct nfsstate *);
113 static int nfsrv_getstate(struct nfsclient *clp, nfsv4stateid_t *stateidp,
114 u_int32_t flags, struct nfsstate **stpp);
115 static void nfsrv_getowner(struct nfsstatehead *hp, struct nfsstate *new_stp,
116 struct nfsstate **stpp);
117 static int nfsrv_getlockfh(vnode_t vp, u_short flags,
118 struct nfslockfile *new_lfp, fhandle_t *nfhp, NFSPROC_T *p);
119 static int nfsrv_getlockfile(u_short flags, struct nfslockfile **new_lfpp,
120 struct nfslockfile **lfpp, fhandle_t *nfhp, int lockit);
121 static void nfsrv_insertlock(struct nfslock *new_lop,
122 struct nfslock *insert_lop, struct nfsstate *stp, struct nfslockfile *lfp);
123 static void nfsrv_updatelock(struct nfsstate *stp, struct nfslock **new_lopp,
124 struct nfslock **other_lopp, struct nfslockfile *lfp);
125 static int nfsrv_getipnumber(u_char *cp);
126 static int nfsrv_checkrestart(nfsquad_t clientid, u_int32_t flags,
127 nfsv4stateid_t *stateidp, int specialid);
128 static int nfsrv_checkgrace(struct nfsrv_descript *nd, struct nfsclient *clp,
130 static int nfsrv_docallback(struct nfsclient *clp, int procnum,
131 nfsv4stateid_t *stateidp, int trunc, fhandle_t *fhp,
132 struct nfsvattr *nap, nfsattrbit_t *attrbitp, NFSPROC_T *p);
133 static int nfsrv_cbcallargs(struct nfsrv_descript *nd, struct nfsclient *clp,
134 uint32_t callback, int op, const char *optag, struct nfsdsession **sepp);
135 static u_int32_t nfsrv_nextclientindex(void);
136 static u_int32_t nfsrv_nextstateindex(struct nfsclient *clp);
137 static void nfsrv_markstable(struct nfsclient *clp);
138 static int nfsrv_checkstable(struct nfsclient *clp);
139 static int nfsrv_clientconflict(struct nfsclient *clp, int *haslockp, struct
140 vnode *vp, NFSPROC_T *p);
141 static int nfsrv_delegconflict(struct nfsstate *stp, int *haslockp,
142 NFSPROC_T *p, vnode_t vp);
143 static int nfsrv_cleandeleg(vnode_t vp, struct nfslockfile *lfp,
144 struct nfsclient *clp, int *haslockp, NFSPROC_T *p);
145 static int nfsrv_notsamecredname(struct nfsrv_descript *nd,
146 struct nfsclient *clp);
147 static time_t nfsrv_leaseexpiry(void);
148 static void nfsrv_delaydelegtimeout(struct nfsstate *stp);
149 static int nfsrv_checkseqid(struct nfsrv_descript *nd, u_int32_t seqid,
150 struct nfsstate *stp, struct nfsrvcache *op);
151 static int nfsrv_nootherstate(struct nfsstate *stp);
152 static int nfsrv_locallock(vnode_t vp, struct nfslockfile *lfp, int flags,
153 uint64_t first, uint64_t end, struct nfslockconflict *cfp, NFSPROC_T *p);
154 static void nfsrv_localunlock(vnode_t vp, struct nfslockfile *lfp,
155 uint64_t init_first, uint64_t init_end, NFSPROC_T *p);
156 static int nfsrv_dolocal(vnode_t vp, struct nfslockfile *lfp, int flags,
157 int oldflags, uint64_t first, uint64_t end, struct nfslockconflict *cfp,
159 static void nfsrv_locallock_rollback(vnode_t vp, struct nfslockfile *lfp,
161 static void nfsrv_locallock_commit(struct nfslockfile *lfp, int flags,
162 uint64_t first, uint64_t end);
163 static void nfsrv_locklf(struct nfslockfile *lfp);
164 static void nfsrv_unlocklf(struct nfslockfile *lfp);
165 static struct nfsdsession *nfsrv_findsession(uint8_t *sessionid);
166 static int nfsrv_freesession(struct nfsdsession *sep, uint8_t *sessionid);
167 static int nfsv4_setcbsequence(struct nfsrv_descript *nd, struct nfsclient *clp,
168 int dont_replycache, struct nfsdsession **sepp);
169 static int nfsv4_getcbsession(struct nfsclient *clp, struct nfsdsession **sepp);
172 * Scan the client list for a match and either return the current one,
173 * create a new entry or return an error.
174 * If returning a non-error, the clp structure must either be linked into
175 * the client list or free'd.
178 nfsrv_setclient(struct nfsrv_descript *nd, struct nfsclient **new_clpp,
179 nfsquad_t *clientidp, nfsquad_t *confirmp, NFSPROC_T *p)
181 struct nfsclient *clp = NULL, *new_clp = *new_clpp;
183 struct nfsstate *stp, *tstp;
184 struct sockaddr_in *sad, *rad;
185 int zapit = 0, gotit, hasstate = 0, igotlock;
186 static u_int64_t confirm_index = 0;
189 * Check for state resource limit exceeded.
191 if (nfsrv_openpluslock > nfsrv_v4statelimit) {
192 error = NFSERR_RESOURCE;
196 if (nfsrv_issuedelegs == 0 ||
197 ((nd->nd_flag & ND_GSS) != 0 && nfsrv_nogsscallback != 0))
199 * Don't do callbacks when delegations are disabled or
200 * for AUTH_GSS unless enabled via nfsrv_nogsscallback.
201 * If establishing a callback connection is attempted
202 * when a firewall is blocking the callback path, the
203 * server may wait too long for the connect attempt to
204 * succeed during the Open. Some clients, such as Linux,
205 * may timeout and give up on the Open before the server
206 * replies. Also, since AUTH_GSS callbacks are not
207 * yet interoperability tested, they might cause the
208 * server to crap out, if they get past the Init call to
211 new_clp->lc_program = 0;
213 /* Lock out other nfsd threads */
214 NFSLOCKV4ROOTMUTEX();
215 nfsv4_relref(&nfsv4rootfs_lock);
217 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
218 NFSV4ROOTLOCKMUTEXPTR, NULL);
220 NFSUNLOCKV4ROOTMUTEX();
223 * Search for a match in the client list.
226 while (i < nfsrv_clienthashsize && !gotit) {
227 LIST_FOREACH(clp, &nfsclienthash[i], lc_hash) {
228 if (new_clp->lc_idlen == clp->lc_idlen &&
229 !NFSBCMP(new_clp->lc_id, clp->lc_id, clp->lc_idlen)) {
238 (clp->lc_flags & (LCL_NEEDSCONFIRM | LCL_ADMINREVOKED))) {
239 if ((nd->nd_flag & ND_NFSV41) != 0 && confirmp->lval[1] != 0) {
241 * For NFSv4.1, if confirmp->lval[1] is non-zero, the
242 * client is trying to update a confirmed clientid.
244 NFSLOCKV4ROOTMUTEX();
245 nfsv4_unlock(&nfsv4rootfs_lock, 1);
246 NFSUNLOCKV4ROOTMUTEX();
247 confirmp->lval[1] = 0;
248 error = NFSERR_NOENT;
252 * Get rid of the old one.
254 if (i != nfsrv_clienthashsize) {
255 LIST_REMOVE(clp, lc_hash);
256 nfsrv_cleanclient(clp, p);
257 nfsrv_freedeleglist(&clp->lc_deleg);
258 nfsrv_freedeleglist(&clp->lc_olddeleg);
262 * Add it after assigning a client id to it.
264 new_clp->lc_flags |= LCL_NEEDSCONFIRM;
265 if ((nd->nd_flag & ND_NFSV41) != 0)
266 new_clp->lc_confirm.lval[0] = confirmp->lval[0] =
269 confirmp->qval = new_clp->lc_confirm.qval =
271 clientidp->lval[0] = new_clp->lc_clientid.lval[0] =
272 (u_int32_t)nfsrvboottime;
273 clientidp->lval[1] = new_clp->lc_clientid.lval[1] =
274 nfsrv_nextclientindex();
275 new_clp->lc_stateindex = 0;
276 new_clp->lc_statemaxindex = 0;
277 new_clp->lc_cbref = 0;
278 new_clp->lc_expiry = nfsrv_leaseexpiry();
279 LIST_INIT(&new_clp->lc_open);
280 LIST_INIT(&new_clp->lc_deleg);
281 LIST_INIT(&new_clp->lc_olddeleg);
282 LIST_INIT(&new_clp->lc_session);
283 for (i = 0; i < nfsrv_statehashsize; i++)
284 LIST_INIT(&new_clp->lc_stateid[i]);
285 LIST_INSERT_HEAD(NFSCLIENTHASH(new_clp->lc_clientid), new_clp,
287 nfsstatsv1.srvclients++;
288 nfsrv_openpluslock++;
290 NFSLOCKV4ROOTMUTEX();
291 nfsv4_unlock(&nfsv4rootfs_lock, 1);
292 NFSUNLOCKV4ROOTMUTEX();
294 nfsrv_zapclient(clp, p);
300 * Now, handle the cases where the id is already issued.
302 if (nfsrv_notsamecredname(nd, clp)) {
304 * Check to see if there is expired state that should go away.
306 if (clp->lc_expiry < NFSD_MONOSEC &&
307 (!LIST_EMPTY(&clp->lc_open) || !LIST_EMPTY(&clp->lc_deleg))) {
308 nfsrv_cleanclient(clp, p);
309 nfsrv_freedeleglist(&clp->lc_deleg);
313 * If there is outstanding state, then reply NFSERR_CLIDINUSE per
314 * RFC3530 Sec. 8.1.2 last para.
316 if (!LIST_EMPTY(&clp->lc_deleg)) {
318 } else if (LIST_EMPTY(&clp->lc_open)) {
322 /* Look for an Open on the OpenOwner */
323 LIST_FOREACH(stp, &clp->lc_open, ls_list) {
324 if (!LIST_EMPTY(&stp->ls_open)) {
332 * If the uid doesn't match, return NFSERR_CLIDINUSE after
333 * filling out the correct ipaddr and portnum.
335 sad = NFSSOCKADDR(new_clp->lc_req.nr_nam, struct sockaddr_in *);
336 rad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr_in *);
337 sad->sin_addr.s_addr = rad->sin_addr.s_addr;
338 sad->sin_port = rad->sin_port;
339 NFSLOCKV4ROOTMUTEX();
340 nfsv4_unlock(&nfsv4rootfs_lock, 1);
341 NFSUNLOCKV4ROOTMUTEX();
342 error = NFSERR_CLIDINUSE;
347 if (NFSBCMP(new_clp->lc_verf, clp->lc_verf, NFSX_VERF)) {
349 * If the verifier has changed, the client has rebooted
350 * and a new client id is issued. The old state info
351 * can be thrown away once the SETCLIENTID_CONFIRM occurs.
353 LIST_REMOVE(clp, lc_hash);
354 new_clp->lc_flags |= LCL_NEEDSCONFIRM;
355 if ((nd->nd_flag & ND_NFSV41) != 0)
356 new_clp->lc_confirm.lval[0] = confirmp->lval[0] =
359 confirmp->qval = new_clp->lc_confirm.qval =
361 clientidp->lval[0] = new_clp->lc_clientid.lval[0] =
363 clientidp->lval[1] = new_clp->lc_clientid.lval[1] =
364 nfsrv_nextclientindex();
365 new_clp->lc_stateindex = 0;
366 new_clp->lc_statemaxindex = 0;
367 new_clp->lc_cbref = 0;
368 new_clp->lc_expiry = nfsrv_leaseexpiry();
371 * Save the state until confirmed.
373 LIST_NEWHEAD(&new_clp->lc_open, &clp->lc_open, ls_list);
374 LIST_FOREACH(tstp, &new_clp->lc_open, ls_list)
375 tstp->ls_clp = new_clp;
376 LIST_NEWHEAD(&new_clp->lc_deleg, &clp->lc_deleg, ls_list);
377 LIST_FOREACH(tstp, &new_clp->lc_deleg, ls_list)
378 tstp->ls_clp = new_clp;
379 LIST_NEWHEAD(&new_clp->lc_olddeleg, &clp->lc_olddeleg,
381 LIST_FOREACH(tstp, &new_clp->lc_olddeleg, ls_list)
382 tstp->ls_clp = new_clp;
383 for (i = 0; i < nfsrv_statehashsize; i++) {
384 LIST_NEWHEAD(&new_clp->lc_stateid[i],
385 &clp->lc_stateid[i], ls_hash);
386 LIST_FOREACH(tstp, &new_clp->lc_stateid[i], ls_hash)
387 tstp->ls_clp = new_clp;
389 LIST_INSERT_HEAD(NFSCLIENTHASH(new_clp->lc_clientid), new_clp,
391 nfsstatsv1.srvclients++;
392 nfsrv_openpluslock++;
394 NFSLOCKV4ROOTMUTEX();
395 nfsv4_unlock(&nfsv4rootfs_lock, 1);
396 NFSUNLOCKV4ROOTMUTEX();
399 * Must wait until any outstanding callback on the old clp
403 while (clp->lc_cbref) {
404 clp->lc_flags |= LCL_WAKEUPWANTED;
405 (void)mtx_sleep(clp, NFSSTATEMUTEXPTR, PZERO - 1,
406 "nfsd clp", 10 * hz);
409 nfsrv_zapclient(clp, p);
414 /* For NFSv4.1, mark that we found a confirmed clientid. */
415 if ((nd->nd_flag & ND_NFSV41) != 0) {
416 clientidp->lval[0] = clp->lc_clientid.lval[0];
417 clientidp->lval[1] = clp->lc_clientid.lval[1];
418 confirmp->lval[0] = 0; /* Ignored by client */
419 confirmp->lval[1] = 1;
422 * id and verifier match, so update the net address info
423 * and get rid of any existing callback authentication
424 * handle, so a new one will be acquired.
426 LIST_REMOVE(clp, lc_hash);
427 new_clp->lc_flags |= (LCL_NEEDSCONFIRM | LCL_DONTCLEAN);
428 new_clp->lc_expiry = nfsrv_leaseexpiry();
429 confirmp->qval = new_clp->lc_confirm.qval = ++confirm_index;
430 clientidp->lval[0] = new_clp->lc_clientid.lval[0] =
431 clp->lc_clientid.lval[0];
432 clientidp->lval[1] = new_clp->lc_clientid.lval[1] =
433 clp->lc_clientid.lval[1];
434 new_clp->lc_delegtime = clp->lc_delegtime;
435 new_clp->lc_stateindex = clp->lc_stateindex;
436 new_clp->lc_statemaxindex = clp->lc_statemaxindex;
437 new_clp->lc_cbref = 0;
438 LIST_NEWHEAD(&new_clp->lc_open, &clp->lc_open, ls_list);
439 LIST_FOREACH(tstp, &new_clp->lc_open, ls_list)
440 tstp->ls_clp = new_clp;
441 LIST_NEWHEAD(&new_clp->lc_deleg, &clp->lc_deleg, ls_list);
442 LIST_FOREACH(tstp, &new_clp->lc_deleg, ls_list)
443 tstp->ls_clp = new_clp;
444 LIST_NEWHEAD(&new_clp->lc_olddeleg, &clp->lc_olddeleg, ls_list);
445 LIST_FOREACH(tstp, &new_clp->lc_olddeleg, ls_list)
446 tstp->ls_clp = new_clp;
447 for (i = 0; i < nfsrv_statehashsize; i++) {
448 LIST_NEWHEAD(&new_clp->lc_stateid[i],
449 &clp->lc_stateid[i], ls_hash);
450 LIST_FOREACH(tstp, &new_clp->lc_stateid[i], ls_hash)
451 tstp->ls_clp = new_clp;
453 LIST_INSERT_HEAD(NFSCLIENTHASH(new_clp->lc_clientid), new_clp,
455 nfsstatsv1.srvclients++;
456 nfsrv_openpluslock++;
459 NFSLOCKV4ROOTMUTEX();
460 nfsv4_unlock(&nfsv4rootfs_lock, 1);
461 NFSUNLOCKV4ROOTMUTEX();
463 if ((nd->nd_flag & ND_NFSV41) == 0) {
465 * Must wait until any outstanding callback on the old clp
469 while (clp->lc_cbref) {
470 clp->lc_flags |= LCL_WAKEUPWANTED;
471 (void)mtx_sleep(clp, NFSSTATEMUTEXPTR, PZERO - 1,
475 nfsrv_zapclient(clp, p);
480 NFSEXITCODE2(error, nd);
485 * Check to see if the client id exists and optionally confirm it.
488 nfsrv_getclient(nfsquad_t clientid, int opflags, struct nfsclient **clpp,
489 struct nfsdsession *nsep, nfsquad_t confirm, uint32_t cbprogram,
490 struct nfsrv_descript *nd, NFSPROC_T *p)
492 struct nfsclient *clp;
493 struct nfsstate *stp;
495 struct nfsclienthashhead *hp;
496 int error = 0, igotlock, doneok;
497 struct nfssessionhash *shp;
498 struct nfsdsession *sep;
500 static uint64_t next_sess = 0;
504 if ((nd == NULL || (nd->nd_flag & ND_NFSV41) == 0 ||
505 opflags != CLOPS_RENEW) && nfsrvboottime != clientid.lval[0]) {
506 error = NFSERR_STALECLIENTID;
511 * If called with opflags == CLOPS_RENEW, the State Lock is
512 * already held. Otherwise, we need to get either that or,
513 * for the case of Confirm, lock out the nfsd threads.
515 if (opflags & CLOPS_CONFIRM) {
516 NFSLOCKV4ROOTMUTEX();
517 nfsv4_relref(&nfsv4rootfs_lock);
519 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
520 NFSV4ROOTLOCKMUTEXPTR, NULL);
523 * Create a new sessionid here, since we need to do it where
524 * there is a mutex held to serialize update of next_sess.
526 if ((nd->nd_flag & ND_NFSV41) != 0) {
527 sessid[0] = ++next_sess;
528 sessid[1] = clientid.qval;
530 NFSUNLOCKV4ROOTMUTEX();
531 } else if (opflags != CLOPS_RENEW) {
535 /* For NFSv4.1, the clp is acquired from the associated session. */
536 if (nd != NULL && (nd->nd_flag & ND_NFSV41) != 0 &&
537 opflags == CLOPS_RENEW) {
539 if ((nd->nd_flag & ND_HASSEQUENCE) != 0) {
540 shp = NFSSESSIONHASH(nd->nd_sessionid);
542 sep = nfsrv_findsession(nd->nd_sessionid);
545 NFSUNLOCKSESSION(shp);
548 hp = NFSCLIENTHASH(clientid);
549 LIST_FOREACH(clp, hp, lc_hash) {
550 if (clp->lc_clientid.lval[1] == clientid.lval[1])
555 if (opflags & CLOPS_CONFIRM)
556 error = NFSERR_STALECLIENTID;
558 error = NFSERR_EXPIRED;
559 } else if (clp->lc_flags & LCL_ADMINREVOKED) {
561 * If marked admin revoked, just return the error.
563 error = NFSERR_ADMINREVOKED;
566 if (opflags & CLOPS_CONFIRM) {
567 NFSLOCKV4ROOTMUTEX();
568 nfsv4_unlock(&nfsv4rootfs_lock, 1);
569 NFSUNLOCKV4ROOTMUTEX();
570 } else if (opflags != CLOPS_RENEW) {
577 * Perform any operations specified by the opflags.
579 if (opflags & CLOPS_CONFIRM) {
580 if (((nd->nd_flag & ND_NFSV41) != 0 &&
581 clp->lc_confirm.lval[0] != confirm.lval[0]) ||
582 ((nd->nd_flag & ND_NFSV41) == 0 &&
583 clp->lc_confirm.qval != confirm.qval))
584 error = NFSERR_STALECLIENTID;
585 else if (nfsrv_notsamecredname(nd, clp))
586 error = NFSERR_CLIDINUSE;
589 if ((clp->lc_flags & (LCL_NEEDSCONFIRM | LCL_DONTCLEAN)) ==
592 * Hang onto the delegations (as old delegations)
593 * for an Open with CLAIM_DELEGATE_PREV unless in
594 * grace, but get rid of the rest of the state.
596 nfsrv_cleanclient(clp, p);
597 nfsrv_freedeleglist(&clp->lc_olddeleg);
598 if (nfsrv_checkgrace(nd, clp, 0)) {
599 /* In grace, so just delete delegations */
600 nfsrv_freedeleglist(&clp->lc_deleg);
602 LIST_FOREACH(stp, &clp->lc_deleg, ls_list)
603 stp->ls_flags |= NFSLCK_OLDDELEG;
604 clp->lc_delegtime = NFSD_MONOSEC +
605 nfsrv_lease + NFSRV_LEASEDELTA;
606 LIST_NEWHEAD(&clp->lc_olddeleg, &clp->lc_deleg,
609 if ((nd->nd_flag & ND_NFSV41) != 0)
610 clp->lc_program = cbprogram;
612 clp->lc_flags &= ~(LCL_NEEDSCONFIRM | LCL_DONTCLEAN);
614 clp->lc_flags |= LCL_NEEDSCBNULL;
615 /* For NFSv4.1, link the session onto the client. */
617 /* Hold a reference on the xprt for a backchannel. */
618 if ((nsep->sess_crflags & NFSV4CRSESS_CONNBACKCHAN)
619 != 0 && clp->lc_req.nr_client == NULL) {
620 clp->lc_req.nr_client = (struct __rpc_client *)
621 clnt_bck_create(nd->nd_xprt->xp_socket,
622 cbprogram, NFSV4_CBVERS);
623 if (clp->lc_req.nr_client != NULL) {
624 SVC_ACQUIRE(nd->nd_xprt);
626 clp->lc_req.nr_client->cl_private;
627 /* Disable idle timeout. */
628 nd->nd_xprt->xp_idletimeout = 0;
629 nsep->sess_cbsess.nfsess_xprt = nd->nd_xprt;
631 nsep->sess_crflags &= ~NFSV4CRSESS_CONNBACKCHAN;
633 NFSBCOPY(sessid, nsep->sess_sessionid,
635 NFSBCOPY(sessid, nsep->sess_cbsess.nfsess_sessionid,
637 shp = NFSSESSIONHASH(nsep->sess_sessionid);
640 LIST_INSERT_HEAD(&shp->list, nsep, sess_hash);
641 LIST_INSERT_HEAD(&clp->lc_session, nsep, sess_list);
642 nsep->sess_clp = clp;
643 NFSUNLOCKSESSION(shp);
647 } else if (clp->lc_flags & LCL_NEEDSCONFIRM) {
648 error = NFSERR_EXPIRED;
652 * If called by the Renew Op, we must check the principal.
654 if (!error && (opflags & CLOPS_RENEWOP)) {
655 if (nfsrv_notsamecredname(nd, clp)) {
657 for (i = 0; i < nfsrv_statehashsize && doneok == 0; i++) {
658 LIST_FOREACH(stp, &clp->lc_stateid[i], ls_hash) {
659 if ((stp->ls_flags & NFSLCK_OPEN) &&
660 stp->ls_uid == nd->nd_cred->cr_uid) {
667 error = NFSERR_ACCES;
669 if (!error && (clp->lc_flags & LCL_CBDOWN))
670 error = NFSERR_CBPATHDOWN;
672 if ((!error || error == NFSERR_CBPATHDOWN) &&
673 (opflags & CLOPS_RENEW)) {
674 clp->lc_expiry = nfsrv_leaseexpiry();
676 if (opflags & CLOPS_CONFIRM) {
677 NFSLOCKV4ROOTMUTEX();
678 nfsv4_unlock(&nfsv4rootfs_lock, 1);
679 NFSUNLOCKV4ROOTMUTEX();
680 } else if (opflags != CLOPS_RENEW) {
687 NFSEXITCODE2(error, nd);
692 * Perform the NFSv4.1 destroy clientid.
695 nfsrv_destroyclient(nfsquad_t clientid, NFSPROC_T *p)
697 struct nfsclient *clp;
698 struct nfsclienthashhead *hp;
699 int error = 0, i, igotlock;
701 if (nfsrvboottime != clientid.lval[0]) {
702 error = NFSERR_STALECLIENTID;
706 /* Lock out other nfsd threads */
707 NFSLOCKV4ROOTMUTEX();
708 nfsv4_relref(&nfsv4rootfs_lock);
710 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
711 NFSV4ROOTLOCKMUTEXPTR, NULL);
712 } while (igotlock == 0);
713 NFSUNLOCKV4ROOTMUTEX();
715 hp = NFSCLIENTHASH(clientid);
716 LIST_FOREACH(clp, hp, lc_hash) {
717 if (clp->lc_clientid.lval[1] == clientid.lval[1])
721 NFSLOCKV4ROOTMUTEX();
722 nfsv4_unlock(&nfsv4rootfs_lock, 1);
723 NFSUNLOCKV4ROOTMUTEX();
724 /* Just return ok, since it is gone. */
728 /* Scan for state on the clientid. */
729 for (i = 0; i < nfsrv_statehashsize; i++)
730 if (!LIST_EMPTY(&clp->lc_stateid[i])) {
731 NFSLOCKV4ROOTMUTEX();
732 nfsv4_unlock(&nfsv4rootfs_lock, 1);
733 NFSUNLOCKV4ROOTMUTEX();
734 error = NFSERR_CLIENTIDBUSY;
737 if (!LIST_EMPTY(&clp->lc_session) || !LIST_EMPTY(&clp->lc_deleg)) {
738 NFSLOCKV4ROOTMUTEX();
739 nfsv4_unlock(&nfsv4rootfs_lock, 1);
740 NFSUNLOCKV4ROOTMUTEX();
741 error = NFSERR_CLIENTIDBUSY;
745 /* Destroy the clientid and return ok. */
746 nfsrv_cleanclient(clp, p);
747 nfsrv_freedeleglist(&clp->lc_deleg);
748 nfsrv_freedeleglist(&clp->lc_olddeleg);
749 LIST_REMOVE(clp, lc_hash);
750 NFSLOCKV4ROOTMUTEX();
751 nfsv4_unlock(&nfsv4rootfs_lock, 1);
752 NFSUNLOCKV4ROOTMUTEX();
753 nfsrv_zapclient(clp, p);
755 NFSEXITCODE2(error, nd);
760 * Called from the new nfssvc syscall to admin revoke a clientid.
761 * Returns 0 for success, error otherwise.
764 nfsrv_adminrevoke(struct nfsd_clid *revokep, NFSPROC_T *p)
766 struct nfsclient *clp = NULL;
771 * First, lock out the nfsd so that state won't change while the
772 * revocation record is being written to the stable storage restart
775 NFSLOCKV4ROOTMUTEX();
777 igotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
778 NFSV4ROOTLOCKMUTEXPTR, NULL);
780 NFSUNLOCKV4ROOTMUTEX();
783 * Search for a match in the client list.
786 while (i < nfsrv_clienthashsize && !gotit) {
787 LIST_FOREACH(clp, &nfsclienthash[i], lc_hash) {
788 if (revokep->nclid_idlen == clp->lc_idlen &&
789 !NFSBCMP(revokep->nclid_id, clp->lc_id, clp->lc_idlen)) {
797 NFSLOCKV4ROOTMUTEX();
798 nfsv4_unlock(&nfsv4rootfs_lock, 0);
799 NFSUNLOCKV4ROOTMUTEX();
805 * Now, write out the revocation record
807 nfsrv_writestable(clp->lc_id, clp->lc_idlen, NFSNST_REVOKE, p);
808 nfsrv_backupstable();
811 * and clear out the state, marking the clientid revoked.
813 clp->lc_flags &= ~LCL_CALLBACKSON;
814 clp->lc_flags |= LCL_ADMINREVOKED;
815 nfsrv_cleanclient(clp, p);
816 nfsrv_freedeleglist(&clp->lc_deleg);
817 nfsrv_freedeleglist(&clp->lc_olddeleg);
818 NFSLOCKV4ROOTMUTEX();
819 nfsv4_unlock(&nfsv4rootfs_lock, 0);
820 NFSUNLOCKV4ROOTMUTEX();
828 * Dump out stats for all clients. Called from nfssvc(2), that is used
832 nfsrv_dumpclients(struct nfsd_dumpclients *dumpp, int maxcnt)
834 struct nfsclient *clp;
838 * First, get a reference on the nfsv4rootfs_lock so that an
839 * exclusive lock cannot be acquired while dumping the clients.
841 NFSLOCKV4ROOTMUTEX();
842 nfsv4_getref(&nfsv4rootfs_lock, NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
843 NFSUNLOCKV4ROOTMUTEX();
846 * Rattle through the client lists until done.
848 while (i < nfsrv_clienthashsize && cnt < maxcnt) {
849 clp = LIST_FIRST(&nfsclienthash[i]);
850 while (clp != LIST_END(&nfsclienthash[i]) && cnt < maxcnt) {
851 nfsrv_dumpaclient(clp, &dumpp[cnt]);
853 clp = LIST_NEXT(clp, lc_hash);
858 dumpp[cnt].ndcl_clid.nclid_idlen = 0;
860 NFSLOCKV4ROOTMUTEX();
861 nfsv4_relref(&nfsv4rootfs_lock);
862 NFSUNLOCKV4ROOTMUTEX();
866 * Dump stats for a client. Must be called with the NFSSTATELOCK and spl'd.
869 nfsrv_dumpaclient(struct nfsclient *clp, struct nfsd_dumpclients *dumpp)
871 struct nfsstate *stp, *openstp, *lckownstp;
873 struct sockaddr *sad;
874 struct sockaddr_in *rad;
875 struct sockaddr_in6 *rad6;
877 dumpp->ndcl_nopenowners = dumpp->ndcl_nlockowners = 0;
878 dumpp->ndcl_nopens = dumpp->ndcl_nlocks = 0;
879 dumpp->ndcl_ndelegs = dumpp->ndcl_nolddelegs = 0;
880 dumpp->ndcl_flags = clp->lc_flags;
881 dumpp->ndcl_clid.nclid_idlen = clp->lc_idlen;
882 NFSBCOPY(clp->lc_id, dumpp->ndcl_clid.nclid_id, clp->lc_idlen);
883 sad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr *);
884 dumpp->ndcl_addrfam = sad->sa_family;
885 if (sad->sa_family == AF_INET) {
886 rad = (struct sockaddr_in *)sad;
887 dumpp->ndcl_cbaddr.sin_addr = rad->sin_addr;
889 rad6 = (struct sockaddr_in6 *)sad;
890 dumpp->ndcl_cbaddr.sin6_addr = rad6->sin6_addr;
894 * Now, scan the state lists and total up the opens and locks.
896 LIST_FOREACH(stp, &clp->lc_open, ls_list) {
897 dumpp->ndcl_nopenowners++;
898 LIST_FOREACH(openstp, &stp->ls_open, ls_list) {
899 dumpp->ndcl_nopens++;
900 LIST_FOREACH(lckownstp, &openstp->ls_open, ls_list) {
901 dumpp->ndcl_nlockowners++;
902 LIST_FOREACH(lop, &lckownstp->ls_lock, lo_lckowner) {
903 dumpp->ndcl_nlocks++;
910 * and the delegation lists.
912 LIST_FOREACH(stp, &clp->lc_deleg, ls_list) {
913 dumpp->ndcl_ndelegs++;
915 LIST_FOREACH(stp, &clp->lc_olddeleg, ls_list) {
916 dumpp->ndcl_nolddelegs++;
921 * Dump out lock stats for a file.
924 nfsrv_dumplocks(vnode_t vp, struct nfsd_dumplocks *ldumpp, int maxcnt,
927 struct nfsstate *stp;
930 struct nfslockfile *lfp;
931 struct sockaddr *sad;
932 struct sockaddr_in *rad;
933 struct sockaddr_in6 *rad6;
937 ret = nfsrv_getlockfh(vp, 0, NULL, &nfh, p);
939 * First, get a reference on the nfsv4rootfs_lock so that an
940 * exclusive lock on it cannot be acquired while dumping the locks.
942 NFSLOCKV4ROOTMUTEX();
943 nfsv4_getref(&nfsv4rootfs_lock, NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
944 NFSUNLOCKV4ROOTMUTEX();
947 ret = nfsrv_getlockfile(0, NULL, &lfp, &nfh, 0);
949 ldumpp[0].ndlck_clid.nclid_idlen = 0;
951 NFSLOCKV4ROOTMUTEX();
952 nfsv4_relref(&nfsv4rootfs_lock);
953 NFSUNLOCKV4ROOTMUTEX();
958 * For each open share on file, dump it out.
960 stp = LIST_FIRST(&lfp->lf_open);
961 while (stp != LIST_END(&lfp->lf_open) && cnt < maxcnt) {
962 ldumpp[cnt].ndlck_flags = stp->ls_flags;
963 ldumpp[cnt].ndlck_stateid.seqid = stp->ls_stateid.seqid;
964 ldumpp[cnt].ndlck_stateid.other[0] = stp->ls_stateid.other[0];
965 ldumpp[cnt].ndlck_stateid.other[1] = stp->ls_stateid.other[1];
966 ldumpp[cnt].ndlck_stateid.other[2] = stp->ls_stateid.other[2];
967 ldumpp[cnt].ndlck_owner.nclid_idlen =
968 stp->ls_openowner->ls_ownerlen;
969 NFSBCOPY(stp->ls_openowner->ls_owner,
970 ldumpp[cnt].ndlck_owner.nclid_id,
971 stp->ls_openowner->ls_ownerlen);
972 ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen;
973 NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id,
974 stp->ls_clp->lc_idlen);
975 sad=NFSSOCKADDR(stp->ls_clp->lc_req.nr_nam, struct sockaddr *);
976 ldumpp[cnt].ndlck_addrfam = sad->sa_family;
977 if (sad->sa_family == AF_INET) {
978 rad = (struct sockaddr_in *)sad;
979 ldumpp[cnt].ndlck_cbaddr.sin_addr = rad->sin_addr;
981 rad6 = (struct sockaddr_in6 *)sad;
982 ldumpp[cnt].ndlck_cbaddr.sin6_addr = rad6->sin6_addr;
984 stp = LIST_NEXT(stp, ls_file);
991 lop = LIST_FIRST(&lfp->lf_lock);
992 while (lop != LIST_END(&lfp->lf_lock) && cnt < maxcnt) {
994 ldumpp[cnt].ndlck_flags = lop->lo_flags;
995 ldumpp[cnt].ndlck_first = lop->lo_first;
996 ldumpp[cnt].ndlck_end = lop->lo_end;
997 ldumpp[cnt].ndlck_stateid.seqid = stp->ls_stateid.seqid;
998 ldumpp[cnt].ndlck_stateid.other[0] = stp->ls_stateid.other[0];
999 ldumpp[cnt].ndlck_stateid.other[1] = stp->ls_stateid.other[1];
1000 ldumpp[cnt].ndlck_stateid.other[2] = stp->ls_stateid.other[2];
1001 ldumpp[cnt].ndlck_owner.nclid_idlen = stp->ls_ownerlen;
1002 NFSBCOPY(stp->ls_owner, ldumpp[cnt].ndlck_owner.nclid_id,
1004 ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen;
1005 NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id,
1006 stp->ls_clp->lc_idlen);
1007 sad=NFSSOCKADDR(stp->ls_clp->lc_req.nr_nam, struct sockaddr *);
1008 ldumpp[cnt].ndlck_addrfam = sad->sa_family;
1009 if (sad->sa_family == AF_INET) {
1010 rad = (struct sockaddr_in *)sad;
1011 ldumpp[cnt].ndlck_cbaddr.sin_addr = rad->sin_addr;
1013 rad6 = (struct sockaddr_in6 *)sad;
1014 ldumpp[cnt].ndlck_cbaddr.sin6_addr = rad6->sin6_addr;
1016 lop = LIST_NEXT(lop, lo_lckfile);
1021 * and the delegations.
1023 stp = LIST_FIRST(&lfp->lf_deleg);
1024 while (stp != LIST_END(&lfp->lf_deleg) && cnt < maxcnt) {
1025 ldumpp[cnt].ndlck_flags = stp->ls_flags;
1026 ldumpp[cnt].ndlck_stateid.seqid = stp->ls_stateid.seqid;
1027 ldumpp[cnt].ndlck_stateid.other[0] = stp->ls_stateid.other[0];
1028 ldumpp[cnt].ndlck_stateid.other[1] = stp->ls_stateid.other[1];
1029 ldumpp[cnt].ndlck_stateid.other[2] = stp->ls_stateid.other[2];
1030 ldumpp[cnt].ndlck_owner.nclid_idlen = 0;
1031 ldumpp[cnt].ndlck_clid.nclid_idlen = stp->ls_clp->lc_idlen;
1032 NFSBCOPY(stp->ls_clp->lc_id, ldumpp[cnt].ndlck_clid.nclid_id,
1033 stp->ls_clp->lc_idlen);
1034 sad=NFSSOCKADDR(stp->ls_clp->lc_req.nr_nam, struct sockaddr *);
1035 ldumpp[cnt].ndlck_addrfam = sad->sa_family;
1036 if (sad->sa_family == AF_INET) {
1037 rad = (struct sockaddr_in *)sad;
1038 ldumpp[cnt].ndlck_cbaddr.sin_addr = rad->sin_addr;
1040 rad6 = (struct sockaddr_in6 *)sad;
1041 ldumpp[cnt].ndlck_cbaddr.sin6_addr = rad6->sin6_addr;
1043 stp = LIST_NEXT(stp, ls_file);
1048 * If list isn't full, mark end of list by setting the client name
1052 ldumpp[cnt].ndlck_clid.nclid_idlen = 0;
1054 NFSLOCKV4ROOTMUTEX();
1055 nfsv4_relref(&nfsv4rootfs_lock);
1056 NFSUNLOCKV4ROOTMUTEX();
1060 * Server timer routine. It can scan any linked list, so long
1061 * as it holds the spin/mutex lock and there is no exclusive lock on
1063 * (For OpenBSD, a kthread is ok. For FreeBSD, I think it is ok
1064 * to do this from a callout, since the spin locks work. For
1065 * Darwin, I'm not sure what will work correctly yet.)
1066 * Should be called once per second.
1069 nfsrv_servertimer(void)
1071 struct nfsclient *clp, *nclp;
1072 struct nfsstate *stp, *nstp;
1076 * Make sure nfsboottime is set. This is used by V3 as well
1077 * as V4. Note that nfsboottime is not nfsrvboottime, which is
1078 * only used by the V4 server for leases.
1080 if (nfsboottime.tv_sec == 0)
1081 NFSSETBOOTTIME(nfsboottime);
1084 * If server hasn't started yet, just return.
1087 if (nfsrv_stablefirst.nsf_eograce == 0) {
1091 if (!(nfsrv_stablefirst.nsf_flags & NFSNSF_UPDATEDONE)) {
1092 if (!(nfsrv_stablefirst.nsf_flags & NFSNSF_GRACEOVER) &&
1093 NFSD_MONOSEC > nfsrv_stablefirst.nsf_eograce)
1094 nfsrv_stablefirst.nsf_flags |=
1095 (NFSNSF_GRACEOVER | NFSNSF_NEEDLOCK);
1101 * Try and get a reference count on the nfsv4rootfs_lock so that
1102 * no nfsd thread can acquire an exclusive lock on it before this
1103 * call is done. If it is already exclusively locked, just return.
1105 NFSLOCKV4ROOTMUTEX();
1106 got_ref = nfsv4_getref_nonblock(&nfsv4rootfs_lock);
1107 NFSUNLOCKV4ROOTMUTEX();
1114 * For each client...
1116 for (i = 0; i < nfsrv_clienthashsize; i++) {
1117 clp = LIST_FIRST(&nfsclienthash[i]);
1118 while (clp != LIST_END(&nfsclienthash[i])) {
1119 nclp = LIST_NEXT(clp, lc_hash);
1120 if (!(clp->lc_flags & LCL_EXPIREIT)) {
1121 if (((clp->lc_expiry + NFSRV_STALELEASE) < NFSD_MONOSEC
1122 && ((LIST_EMPTY(&clp->lc_deleg)
1123 && LIST_EMPTY(&clp->lc_open)) ||
1124 nfsrv_clients > nfsrv_clienthighwater)) ||
1125 (clp->lc_expiry + NFSRV_MOULDYLEASE) < NFSD_MONOSEC ||
1126 (clp->lc_expiry < NFSD_MONOSEC &&
1127 (nfsrv_openpluslock * 10 / 9) > nfsrv_v4statelimit)) {
1129 * Lease has expired several nfsrv_lease times ago:
1131 * - no state is associated with it
1133 * - above high water mark for number of clients
1134 * (nfsrv_clienthighwater should be large enough
1135 * that this only occurs when clients fail to
1136 * use the same nfs_client_id4.id. Maybe somewhat
1137 * higher that the maximum number of clients that
1138 * will mount this server?)
1140 * Lease has expired a very long time ago
1142 * Lease has expired PLUS the number of opens + locks
1143 * has exceeded 90% of capacity
1145 * --> Mark for expiry. The actual expiry will be done
1146 * by an nfsd sometime soon.
1148 clp->lc_flags |= LCL_EXPIREIT;
1149 nfsrv_stablefirst.nsf_flags |=
1150 (NFSNSF_NEEDLOCK | NFSNSF_EXPIREDCLIENT);
1153 * If there are no opens, increment no open tick cnt
1154 * If time exceeds NFSNOOPEN, mark it to be thrown away
1155 * otherwise, if there is an open, reset no open time
1156 * Hopefully, this will avoid excessive re-creation
1157 * of open owners and subsequent open confirms.
1159 stp = LIST_FIRST(&clp->lc_open);
1160 while (stp != LIST_END(&clp->lc_open)) {
1161 nstp = LIST_NEXT(stp, ls_list);
1162 if (LIST_EMPTY(&stp->ls_open)) {
1164 if (stp->ls_noopens > NFSNOOPEN ||
1165 (nfsrv_openpluslock * 2) >
1167 nfsrv_stablefirst.nsf_flags |=
1170 stp->ls_noopens = 0;
1180 NFSLOCKV4ROOTMUTEX();
1181 nfsv4_relref(&nfsv4rootfs_lock);
1182 NFSUNLOCKV4ROOTMUTEX();
1186 * The following set of functions free up the various data structures.
1189 * Clear out all open/lock state related to this nfsclient.
1190 * Caller must hold an exclusive lock on nfsv4rootfs_lock, so that
1191 * there are no other active nfsd threads.
1194 nfsrv_cleanclient(struct nfsclient *clp, NFSPROC_T *p)
1196 struct nfsstate *stp, *nstp;
1197 struct nfsdsession *sep, *nsep;
1199 LIST_FOREACH_SAFE(stp, &clp->lc_open, ls_list, nstp)
1200 nfsrv_freeopenowner(stp, 1, p);
1201 if ((clp->lc_flags & LCL_ADMINREVOKED) == 0)
1202 LIST_FOREACH_SAFE(sep, &clp->lc_session, sess_list, nsep)
1203 (void)nfsrv_freesession(sep, NULL);
1207 * Free a client that has been cleaned. It should also already have been
1208 * removed from the lists.
1209 * (Just to be safe w.r.t. newnfs_disconnect(), call this function when
1210 * softclock interrupts are enabled.)
1213 nfsrv_zapclient(struct nfsclient *clp, NFSPROC_T *p)
1217 if ((clp->lc_flags & (LCL_GSS | LCL_CALLBACKSON)) ==
1218 (LCL_GSS | LCL_CALLBACKSON) &&
1219 (clp->lc_hand.nfsh_flag & NFSG_COMPLETE) &&
1220 clp->lc_handlelen > 0) {
1221 clp->lc_hand.nfsh_flag &= ~NFSG_COMPLETE;
1222 clp->lc_hand.nfsh_flag |= NFSG_DESTROYED;
1223 (void) nfsrv_docallback(clp, NFSV4PROC_CBNULL,
1224 NULL, 0, NULL, NULL, NULL, p);
1227 newnfs_disconnect(&clp->lc_req);
1228 NFSSOCKADDRFREE(clp->lc_req.nr_nam);
1229 NFSFREEMUTEX(&clp->lc_req.nr_mtx);
1230 free(clp->lc_stateid, M_NFSDCLIENT);
1231 free(clp, M_NFSDCLIENT);
1233 nfsstatsv1.srvclients--;
1234 nfsrv_openpluslock--;
1240 * Free a list of delegation state structures.
1241 * (This function will also free all nfslockfile structures that no
1242 * longer have associated state.)
1245 nfsrv_freedeleglist(struct nfsstatehead *sthp)
1247 struct nfsstate *stp, *nstp;
1249 LIST_FOREACH_SAFE(stp, sthp, ls_list, nstp) {
1250 nfsrv_freedeleg(stp);
1256 * Free up a delegation.
1259 nfsrv_freedeleg(struct nfsstate *stp)
1261 struct nfslockfile *lfp;
1263 LIST_REMOVE(stp, ls_hash);
1264 LIST_REMOVE(stp, ls_list);
1265 LIST_REMOVE(stp, ls_file);
1267 if (LIST_EMPTY(&lfp->lf_open) &&
1268 LIST_EMPTY(&lfp->lf_lock) && LIST_EMPTY(&lfp->lf_deleg) &&
1269 LIST_EMPTY(&lfp->lf_locallock) && LIST_EMPTY(&lfp->lf_rollback) &&
1270 lfp->lf_usecount == 0 &&
1271 nfsv4_testlock(&lfp->lf_locallock_lck) == 0)
1272 nfsrv_freenfslockfile(lfp);
1273 FREE((caddr_t)stp, M_NFSDSTATE);
1274 nfsstatsv1.srvdelegates--;
1275 nfsrv_openpluslock--;
1276 nfsrv_delegatecnt--;
1280 * This function frees an open owner and all associated opens.
1283 nfsrv_freeopenowner(struct nfsstate *stp, int cansleep, NFSPROC_T *p)
1285 struct nfsstate *nstp, *tstp;
1287 LIST_REMOVE(stp, ls_list);
1289 * Now, free all associated opens.
1291 nstp = LIST_FIRST(&stp->ls_open);
1292 while (nstp != LIST_END(&stp->ls_open)) {
1294 nstp = LIST_NEXT(nstp, ls_list);
1295 (void) nfsrv_freeopen(tstp, NULL, cansleep, p);
1298 nfsrvd_derefcache(stp->ls_op);
1299 FREE((caddr_t)stp, M_NFSDSTATE);
1300 nfsstatsv1.srvopenowners--;
1301 nfsrv_openpluslock--;
1305 * This function frees an open (nfsstate open structure) with all associated
1306 * lock_owners and locks. It also frees the nfslockfile structure iff there
1307 * are no other opens on the file.
1308 * Returns 1 if it free'd the nfslockfile, 0 otherwise.
1311 nfsrv_freeopen(struct nfsstate *stp, vnode_t vp, int cansleep, NFSPROC_T *p)
1313 struct nfsstate *nstp, *tstp;
1314 struct nfslockfile *lfp;
1317 LIST_REMOVE(stp, ls_hash);
1318 LIST_REMOVE(stp, ls_list);
1319 LIST_REMOVE(stp, ls_file);
1323 * Now, free all lockowners associated with this open.
1325 LIST_FOREACH_SAFE(tstp, &stp->ls_open, ls_list, nstp)
1326 nfsrv_freelockowner(tstp, vp, cansleep, p);
1329 * The nfslockfile is freed here if there are no locks
1330 * associated with the open.
1331 * If there are locks associated with the open, the
1332 * nfslockfile structure can be freed via nfsrv_freelockowner().
1333 * Acquire the state mutex to avoid races with calls to
1334 * nfsrv_getlockfile().
1338 if (lfp != NULL && LIST_EMPTY(&lfp->lf_open) &&
1339 LIST_EMPTY(&lfp->lf_deleg) && LIST_EMPTY(&lfp->lf_lock) &&
1340 LIST_EMPTY(&lfp->lf_locallock) && LIST_EMPTY(&lfp->lf_rollback) &&
1341 lfp->lf_usecount == 0 &&
1342 (cansleep != 0 || nfsv4_testlock(&lfp->lf_locallock_lck) == 0)) {
1343 nfsrv_freenfslockfile(lfp);
1349 FREE((caddr_t)stp, M_NFSDSTATE);
1350 nfsstatsv1.srvopens--;
1351 nfsrv_openpluslock--;
1356 * Frees a lockowner and all associated locks.
1359 nfsrv_freelockowner(struct nfsstate *stp, vnode_t vp, int cansleep,
1363 LIST_REMOVE(stp, ls_hash);
1364 LIST_REMOVE(stp, ls_list);
1365 nfsrv_freeallnfslocks(stp, vp, cansleep, p);
1367 nfsrvd_derefcache(stp->ls_op);
1368 FREE((caddr_t)stp, M_NFSDSTATE);
1369 nfsstatsv1.srvlockowners--;
1370 nfsrv_openpluslock--;
1374 * Free all the nfs locks on a lockowner.
1377 nfsrv_freeallnfslocks(struct nfsstate *stp, vnode_t vp, int cansleep,
1380 struct nfslock *lop, *nlop;
1381 struct nfsrollback *rlp, *nrlp;
1382 struct nfslockfile *lfp = NULL;
1385 uint64_t first, end;
1388 ASSERT_VOP_UNLOCKED(vp, "nfsrv_freeallnfslocks: vnode locked");
1389 lop = LIST_FIRST(&stp->ls_lock);
1390 while (lop != LIST_END(&stp->ls_lock)) {
1391 nlop = LIST_NEXT(lop, lo_lckowner);
1393 * Since all locks should be for the same file, lfp should
1398 else if (lfp != lop->lo_lfp)
1399 panic("allnfslocks");
1401 * If vp is NULL and cansleep != 0, a vnode must be acquired
1402 * from the file handle. This only occurs when called from
1403 * nfsrv_cleanclient().
1406 if (nfsrv_dolocallocks == 0)
1408 else if (vp == NULL && cansleep != 0) {
1409 tvp = nfsvno_getvp(&lfp->lf_fh);
1410 NFSVOPUNLOCK(tvp, 0);
1419 first = lop->lo_first;
1421 nfsrv_freenfslock(lop);
1422 nfsrv_localunlock(tvp, lfp, first, end, p);
1423 LIST_FOREACH_SAFE(rlp, &lfp->lf_rollback, rlck_list,
1425 free(rlp, M_NFSDROLLBACK);
1426 LIST_INIT(&lfp->lf_rollback);
1428 nfsrv_freenfslock(lop);
1431 if (vp == NULL && tvp != NULL)
1436 * Free an nfslock structure.
1439 nfsrv_freenfslock(struct nfslock *lop)
1442 if (lop->lo_lckfile.le_prev != NULL) {
1443 LIST_REMOVE(lop, lo_lckfile);
1444 nfsstatsv1.srvlocks--;
1445 nfsrv_openpluslock--;
1447 LIST_REMOVE(lop, lo_lckowner);
1448 FREE((caddr_t)lop, M_NFSDLOCK);
1452 * This function frees an nfslockfile structure.
1455 nfsrv_freenfslockfile(struct nfslockfile *lfp)
1458 LIST_REMOVE(lfp, lf_hash);
1459 FREE((caddr_t)lfp, M_NFSDLOCKFILE);
1463 * This function looks up an nfsstate structure via stateid.
1466 nfsrv_getstate(struct nfsclient *clp, nfsv4stateid_t *stateidp, __unused u_int32_t flags,
1467 struct nfsstate **stpp)
1469 struct nfsstate *stp;
1470 struct nfsstatehead *hp;
1474 hp = NFSSTATEHASH(clp, *stateidp);
1475 LIST_FOREACH(stp, hp, ls_hash) {
1476 if (!NFSBCMP(stp->ls_stateid.other, stateidp->other,
1482 * If no state id in list, return NFSERR_BADSTATEID.
1484 if (stp == LIST_END(hp)) {
1485 error = NFSERR_BADSTATEID;
1496 * This function gets an nfsstate structure via owner string.
1499 nfsrv_getowner(struct nfsstatehead *hp, struct nfsstate *new_stp,
1500 struct nfsstate **stpp)
1502 struct nfsstate *stp;
1505 LIST_FOREACH(stp, hp, ls_list) {
1506 if (new_stp->ls_ownerlen == stp->ls_ownerlen &&
1507 !NFSBCMP(new_stp->ls_owner,stp->ls_owner,stp->ls_ownerlen)) {
1515 * Lock control function called to update lock status.
1516 * Returns 0 upon success, -1 if there is no lock and the flags indicate
1517 * that one isn't to be created and an NFSERR_xxx for other errors.
1518 * The structures new_stp and new_lop are passed in as pointers that should
1519 * be set to NULL if the structure is used and shouldn't be free'd.
1520 * For the NFSLCK_TEST and NFSLCK_CHECK cases, the structures are
1521 * never used and can safely be allocated on the stack. For all other
1522 * cases, *new_stpp and *new_lopp should be malloc'd before the call,
1523 * in case they are used.
1526 nfsrv_lockctrl(vnode_t vp, struct nfsstate **new_stpp,
1527 struct nfslock **new_lopp, struct nfslockconflict *cfp,
1528 nfsquad_t clientid, nfsv4stateid_t *stateidp,
1529 __unused struct nfsexstuff *exp,
1530 struct nfsrv_descript *nd, NFSPROC_T *p)
1532 struct nfslock *lop;
1533 struct nfsstate *new_stp = *new_stpp;
1534 struct nfslock *new_lop = *new_lopp;
1535 struct nfsstate *tstp, *mystp, *nstp;
1537 struct nfslockfile *lfp;
1538 struct nfslock *other_lop = NULL;
1539 struct nfsstate *stp, *lckstp = NULL;
1540 struct nfsclient *clp = NULL;
1542 int error = 0, haslock = 0, ret, reterr;
1543 int getlckret, delegation = 0, filestruct_locked, vnode_unlocked = 0;
1545 uint64_t first, end;
1546 uint32_t lock_flags;
1548 if (new_stp->ls_flags & (NFSLCK_CHECK | NFSLCK_SETATTR)) {
1550 * Note the special cases of "all 1s" or "all 0s" stateids and
1551 * let reads with all 1s go ahead.
1553 if (new_stp->ls_stateid.seqid == 0x0 &&
1554 new_stp->ls_stateid.other[0] == 0x0 &&
1555 new_stp->ls_stateid.other[1] == 0x0 &&
1556 new_stp->ls_stateid.other[2] == 0x0)
1558 else if (new_stp->ls_stateid.seqid == 0xffffffff &&
1559 new_stp->ls_stateid.other[0] == 0xffffffff &&
1560 new_stp->ls_stateid.other[1] == 0xffffffff &&
1561 new_stp->ls_stateid.other[2] == 0xffffffff)
1566 * Check for restart conditions (client and server).
1568 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
1569 &new_stp->ls_stateid, specialid);
1574 * Check for state resource limit exceeded.
1576 if ((new_stp->ls_flags & NFSLCK_LOCK) &&
1577 nfsrv_openpluslock > nfsrv_v4statelimit) {
1578 error = NFSERR_RESOURCE;
1583 * For the lock case, get another nfslock structure,
1584 * just in case we need it.
1585 * Malloc now, before we start sifting through the linked lists,
1586 * in case we have to wait for memory.
1589 if (new_stp->ls_flags & NFSLCK_LOCK)
1590 MALLOC(other_lop, struct nfslock *, sizeof (struct nfslock),
1591 M_NFSDLOCK, M_WAITOK);
1592 filestruct_locked = 0;
1597 * Get the lockfile structure for CFH now, so we can do a sanity
1598 * check against the stateid, before incrementing the seqid#, since
1599 * we want to return NFSERR_BADSTATEID on failure and the seqid#
1600 * shouldn't be incremented for this case.
1601 * If nfsrv_getlockfile() returns -1, it means "not found", which
1602 * will be handled later.
1603 * If we are doing Lock/LockU and local locking is enabled, sleep
1604 * lock the nfslockfile structure.
1606 getlckret = nfsrv_getlockfh(vp, new_stp->ls_flags, NULL, &nfh, p);
1608 if (getlckret == 0) {
1609 if ((new_stp->ls_flags & (NFSLCK_LOCK | NFSLCK_UNLOCK)) != 0 &&
1610 nfsrv_dolocallocks != 0 && nd->nd_repstat == 0) {
1611 getlckret = nfsrv_getlockfile(new_stp->ls_flags, NULL,
1614 filestruct_locked = 1;
1616 getlckret = nfsrv_getlockfile(new_stp->ls_flags, NULL,
1619 if (getlckret != 0 && getlckret != -1)
1622 if (filestruct_locked != 0) {
1623 LIST_INIT(&lfp->lf_rollback);
1624 if ((new_stp->ls_flags & NFSLCK_LOCK)) {
1626 * For local locking, do the advisory locking now, so
1627 * that any conflict can be detected. A failure later
1628 * can be rolled back locally. If an error is returned,
1629 * struct nfslockfile has been unlocked and any local
1630 * locking rolled back.
1633 if (vnode_unlocked == 0) {
1634 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl1");
1636 NFSVOPUNLOCK(vp, 0);
1638 reterr = nfsrv_locallock(vp, lfp,
1639 (new_lop->lo_flags & (NFSLCK_READ | NFSLCK_WRITE)),
1640 new_lop->lo_first, new_lop->lo_end, cfp, p);
1645 if (specialid == 0) {
1646 if (new_stp->ls_flags & NFSLCK_TEST) {
1648 * RFC 3530 does not list LockT as an op that renews a
1649 * lease, but the consensus seems to be that it is ok
1650 * for a server to do so.
1652 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
1653 (nfsquad_t)((u_quad_t)0), 0, nd, p);
1656 * Since NFSERR_EXPIRED, NFSERR_ADMINREVOKED are not valid
1657 * error returns for LockT, just go ahead and test for a lock,
1658 * since there are no locks for this client, but other locks
1659 * can conflict. (ie. same client will always be false)
1661 if (error == NFSERR_EXPIRED || error == NFSERR_ADMINREVOKED)
1665 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
1666 (nfsquad_t)((u_quad_t)0), 0, nd, p);
1669 * Look up the stateid
1671 error = nfsrv_getstate(clp, &new_stp->ls_stateid,
1672 new_stp->ls_flags, &stp);
1674 * do some sanity checks for an unconfirmed open or a
1675 * stateid that refers to the wrong file, for an open stateid
1677 if (error == 0 && (stp->ls_flags & NFSLCK_OPEN) &&
1678 ((stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM) ||
1679 (getlckret == 0 && stp->ls_lfp != lfp))){
1681 * NFSLCK_SETATTR should return OK rather than NFSERR_BADSTATEID
1682 * The only exception is using SETATTR with SIZE.
1684 if ((new_stp->ls_flags &
1685 (NFSLCK_SETATTR | NFSLCK_CHECK)) != NFSLCK_SETATTR)
1686 error = NFSERR_BADSTATEID;
1690 (stp->ls_flags & (NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) &&
1691 getlckret == 0 && stp->ls_lfp != lfp)
1692 error = NFSERR_BADSTATEID;
1695 * If the lockowner stateid doesn't refer to the same file,
1696 * I believe that is considered ok, since some clients will
1697 * only create a single lockowner and use that for all locks
1699 * For now, log it as a diagnostic, instead of considering it
1702 if (error == 0 && (stp->ls_flags &
1703 (NFSLCK_OPEN | NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) == 0 &&
1704 getlckret == 0 && stp->ls_lfp != lfp) {
1706 printf("Got a lock statid for different file open\n");
1709 error = NFSERR_BADSTATEID;
1714 if (new_stp->ls_flags & NFSLCK_OPENTOLOCK) {
1716 * If haslock set, we've already checked the seqid.
1719 if (stp->ls_flags & NFSLCK_OPEN)
1720 error = nfsrv_checkseqid(nd, new_stp->ls_seq,
1721 stp->ls_openowner, new_stp->ls_op);
1723 error = NFSERR_BADSTATEID;
1726 nfsrv_getowner(&stp->ls_open, new_stp, &lckstp);
1729 * I believe this should be an error, but it
1730 * isn't obvious what NFSERR_xxx would be
1731 * appropriate, so I'll use NFSERR_INVAL for now.
1733 error = NFSERR_INVAL;
1736 } else if (new_stp->ls_flags&(NFSLCK_LOCK|NFSLCK_UNLOCK)) {
1738 * If haslock set, ditto above.
1741 if (stp->ls_flags & NFSLCK_OPEN)
1742 error = NFSERR_BADSTATEID;
1744 error = nfsrv_checkseqid(nd, new_stp->ls_seq,
1745 stp, new_stp->ls_op);
1753 * If the seqid part of the stateid isn't the same, return
1754 * NFSERR_OLDSTATEID for cases other than I/O Ops.
1755 * For I/O Ops, only return NFSERR_OLDSTATEID if
1756 * nfsrv_returnoldstateid is set. (The consensus on the email
1757 * list was that most clients would prefer to not receive
1758 * NFSERR_OLDSTATEID for I/O Ops, but the RFC suggests that that
1759 * is what will happen, so I use the nfsrv_returnoldstateid to
1760 * allow for either server configuration.)
1762 if (!error && stp->ls_stateid.seqid!=new_stp->ls_stateid.seqid &&
1763 (((nd->nd_flag & ND_NFSV41) == 0 &&
1764 (!(new_stp->ls_flags & NFSLCK_CHECK) ||
1765 nfsrv_returnoldstateid)) ||
1766 ((nd->nd_flag & ND_NFSV41) != 0 &&
1767 new_stp->ls_stateid.seqid != 0)))
1768 error = NFSERR_OLDSTATEID;
1773 * Now we can check for grace.
1776 error = nfsrv_checkgrace(nd, clp, new_stp->ls_flags);
1777 if ((new_stp->ls_flags & NFSLCK_RECLAIM) && !error &&
1778 nfsrv_checkstable(clp))
1779 error = NFSERR_NOGRACE;
1781 * If we successfully Reclaimed state, note that.
1783 if ((new_stp->ls_flags & NFSLCK_RECLAIM) && !error)
1784 nfsrv_markstable(clp);
1787 * At this point, either error == NFSERR_BADSTATEID or the
1788 * seqid# has been updated, so we can return any error.
1789 * If error == 0, there may be an error in:
1790 * nd_repstat - Set by the calling function.
1791 * reterr - Set above, if getting the nfslockfile structure
1792 * or acquiring the local lock failed.
1793 * (If both of these are set, nd_repstat should probably be
1794 * returned, since that error was detected before this
1797 if (error != 0 || nd->nd_repstat != 0 || reterr != 0) {
1799 if (nd->nd_repstat != 0)
1800 error = nd->nd_repstat;
1804 if (filestruct_locked != 0) {
1805 /* Roll back local locks. */
1807 if (vnode_unlocked == 0) {
1808 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl2");
1810 NFSVOPUNLOCK(vp, 0);
1812 nfsrv_locallock_rollback(vp, lfp, p);
1814 nfsrv_unlocklf(lfp);
1821 * Check the nfsrv_getlockfile return.
1822 * Returned -1 if no structure found.
1824 if (getlckret == -1) {
1825 error = NFSERR_EXPIRED;
1827 * Called from lockt, so no lock is OK.
1829 if (new_stp->ls_flags & NFSLCK_TEST) {
1831 } else if (new_stp->ls_flags &
1832 (NFSLCK_CHECK | NFSLCK_SETATTR)) {
1834 * Called to check for a lock, OK if the stateid is all
1835 * 1s or all 0s, but there should be an nfsstate
1837 * (ie. If there is no open, I'll assume no share
1843 error = NFSERR_BADSTATEID;
1850 * For NFSLCK_CHECK and NFSLCK_LOCK, test for a share conflict.
1851 * For NFSLCK_CHECK, allow a read if write access is granted,
1852 * but check for a deny. For NFSLCK_LOCK, require correct access,
1853 * which implies a conflicting deny can't exist.
1855 if (new_stp->ls_flags & (NFSLCK_CHECK | NFSLCK_LOCK)) {
1857 * Four kinds of state id:
1858 * - specialid (all 0s or all 1s), only for NFSLCK_CHECK
1859 * - stateid for an open
1860 * - stateid for a delegation
1861 * - stateid for a lock owner
1864 if (stp->ls_flags & (NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) {
1867 nfsrv_delaydelegtimeout(stp);
1868 } else if (stp->ls_flags & NFSLCK_OPEN) {
1871 mystp = stp->ls_openstp;
1874 * If locking or checking, require correct access
1877 if (((new_stp->ls_flags & NFSLCK_LOCK) &&
1878 !((new_lop->lo_flags >> NFSLCK_LOCKSHIFT) &
1879 mystp->ls_flags & NFSLCK_ACCESSBITS)) ||
1880 ((new_stp->ls_flags & (NFSLCK_CHECK|NFSLCK_READACCESS)) ==
1881 (NFSLCK_CHECK | NFSLCK_READACCESS) &&
1882 !(mystp->ls_flags & NFSLCK_READACCESS) &&
1883 nfsrv_allowreadforwriteopen == 0) ||
1884 ((new_stp->ls_flags & (NFSLCK_CHECK|NFSLCK_WRITEACCESS)) ==
1885 (NFSLCK_CHECK | NFSLCK_WRITEACCESS) &&
1886 !(mystp->ls_flags & NFSLCK_WRITEACCESS))) {
1887 if (filestruct_locked != 0) {
1888 /* Roll back local locks. */
1890 if (vnode_unlocked == 0) {
1891 ASSERT_VOP_ELOCKED(vp,
1894 NFSVOPUNLOCK(vp, 0);
1896 nfsrv_locallock_rollback(vp, lfp, p);
1898 nfsrv_unlocklf(lfp);
1901 error = NFSERR_OPENMODE;
1906 if ((new_stp->ls_flags & NFSLCK_CHECK) && !delegation) {
1908 * Check for a conflicting deny bit.
1910 LIST_FOREACH(tstp, &lfp->lf_open, ls_file) {
1911 if (tstp != mystp) {
1912 bits = tstp->ls_flags;
1913 bits >>= NFSLCK_SHIFT;
1914 if (new_stp->ls_flags & bits & NFSLCK_ACCESSBITS) {
1915 KASSERT(vnode_unlocked == 0,
1916 ("nfsrv_lockctrl: vnode unlocked1"));
1917 ret = nfsrv_clientconflict(tstp->ls_clp, &haslock,
1921 * nfsrv_clientconflict unlocks state
1922 * when it returns non-zero.
1930 error = NFSERR_PERM;
1932 error = NFSERR_OPENMODE;
1938 /* We're outta here */
1945 * For setattr, just get rid of all the Delegations for other clients.
1947 if (new_stp->ls_flags & NFSLCK_SETATTR) {
1948 KASSERT(vnode_unlocked == 0,
1949 ("nfsrv_lockctrl: vnode unlocked2"));
1950 ret = nfsrv_cleandeleg(vp, lfp, clp, &haslock, p);
1953 * nfsrv_cleandeleg() unlocks state when it
1963 if (!(new_stp->ls_flags & NFSLCK_CHECK) ||
1964 (LIST_EMPTY(&lfp->lf_open) && LIST_EMPTY(&lfp->lf_lock) &&
1965 LIST_EMPTY(&lfp->lf_deleg))) {
1972 * Check for a conflicting delegation. If one is found, call
1973 * nfsrv_delegconflict() to handle it. If the v4root lock hasn't
1974 * been set yet, it will get the lock. Otherwise, it will recall
1975 * the delegation. Then, we try try again...
1976 * I currently believe the conflict algorithm to be:
1977 * For Lock Ops (Lock/LockT/LockU)
1978 * - there is a conflict iff a different client has a write delegation
1979 * For Reading (Read Op)
1980 * - there is a conflict iff a different client has a write delegation
1981 * (the specialids are always a different client)
1982 * For Writing (Write/Setattr of size)
1983 * - there is a conflict if a different client has any delegation
1984 * - there is a conflict if the same client has a read delegation
1985 * (I don't understand why this isn't allowed, but that seems to be
1986 * the current consensus?)
1988 tstp = LIST_FIRST(&lfp->lf_deleg);
1989 while (tstp != LIST_END(&lfp->lf_deleg)) {
1990 nstp = LIST_NEXT(tstp, ls_file);
1991 if ((((new_stp->ls_flags&(NFSLCK_LOCK|NFSLCK_UNLOCK|NFSLCK_TEST))||
1992 ((new_stp->ls_flags & NFSLCK_CHECK) &&
1993 (new_lop->lo_flags & NFSLCK_READ))) &&
1994 clp != tstp->ls_clp &&
1995 (tstp->ls_flags & NFSLCK_DELEGWRITE)) ||
1996 ((new_stp->ls_flags & NFSLCK_CHECK) &&
1997 (new_lop->lo_flags & NFSLCK_WRITE) &&
1998 (clp != tstp->ls_clp ||
1999 (tstp->ls_flags & NFSLCK_DELEGREAD)))) {
2001 if (filestruct_locked != 0) {
2002 /* Roll back local locks. */
2004 if (vnode_unlocked == 0) {
2005 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl4");
2006 NFSVOPUNLOCK(vp, 0);
2008 nfsrv_locallock_rollback(vp, lfp, p);
2010 nfsrv_unlocklf(lfp);
2012 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
2014 if ((vp->v_iflag & VI_DOOMED) != 0)
2015 ret = NFSERR_SERVERFAULT;
2019 ret = nfsrv_delegconflict(tstp, &haslock, p, vp);
2022 * nfsrv_delegconflict unlocks state when it
2023 * returns non-zero, which it always does.
2026 FREE((caddr_t)other_lop, M_NFSDLOCK);
2036 /* Never gets here. */
2042 * Handle the unlock case by calling nfsrv_updatelock().
2043 * (Should I have done some access checking above for unlock? For now,
2044 * just let it happen.)
2046 if (new_stp->ls_flags & NFSLCK_UNLOCK) {
2047 first = new_lop->lo_first;
2048 end = new_lop->lo_end;
2049 nfsrv_updatelock(stp, new_lopp, &other_lop, lfp);
2050 stateidp->seqid = ++(stp->ls_stateid.seqid);
2051 if ((nd->nd_flag & ND_NFSV41) != 0 && stateidp->seqid == 0)
2052 stateidp->seqid = stp->ls_stateid.seqid = 1;
2053 stateidp->other[0] = stp->ls_stateid.other[0];
2054 stateidp->other[1] = stp->ls_stateid.other[1];
2055 stateidp->other[2] = stp->ls_stateid.other[2];
2056 if (filestruct_locked != 0) {
2058 if (vnode_unlocked == 0) {
2059 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl5");
2061 NFSVOPUNLOCK(vp, 0);
2063 /* Update the local locks. */
2064 nfsrv_localunlock(vp, lfp, first, end, p);
2066 nfsrv_unlocklf(lfp);
2073 * Search for a conflicting lock. A lock conflicts if:
2074 * - the lock range overlaps and
2075 * - at least one lock is a write lock and
2076 * - it is not owned by the same lock owner
2079 LIST_FOREACH(lop, &lfp->lf_lock, lo_lckfile) {
2080 if (new_lop->lo_end > lop->lo_first &&
2081 new_lop->lo_first < lop->lo_end &&
2082 (new_lop->lo_flags == NFSLCK_WRITE ||
2083 lop->lo_flags == NFSLCK_WRITE) &&
2084 lckstp != lop->lo_stp &&
2085 (clp != lop->lo_stp->ls_clp ||
2086 lckstp->ls_ownerlen != lop->lo_stp->ls_ownerlen ||
2087 NFSBCMP(lckstp->ls_owner, lop->lo_stp->ls_owner,
2088 lckstp->ls_ownerlen))) {
2090 FREE((caddr_t)other_lop, M_NFSDLOCK);
2093 if (vnode_unlocked != 0)
2094 ret = nfsrv_clientconflict(lop->lo_stp->ls_clp, &haslock,
2097 ret = nfsrv_clientconflict(lop->lo_stp->ls_clp, &haslock,
2100 if (filestruct_locked != 0) {
2101 if (vnode_unlocked == 0) {
2102 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl6");
2103 NFSVOPUNLOCK(vp, 0);
2105 /* Roll back local locks. */
2106 nfsrv_locallock_rollback(vp, lfp, p);
2108 nfsrv_unlocklf(lfp);
2110 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
2112 if ((vp->v_iflag & VI_DOOMED) != 0) {
2113 error = NFSERR_SERVERFAULT;
2118 * nfsrv_clientconflict() unlocks state when it
2125 * Found a conflicting lock, so record the conflict and
2128 if (cfp != NULL && ret == 0) {
2129 cfp->cl_clientid.lval[0]=lop->lo_stp->ls_stateid.other[0];
2130 cfp->cl_clientid.lval[1]=lop->lo_stp->ls_stateid.other[1];
2131 cfp->cl_first = lop->lo_first;
2132 cfp->cl_end = lop->lo_end;
2133 cfp->cl_flags = lop->lo_flags;
2134 cfp->cl_ownerlen = lop->lo_stp->ls_ownerlen;
2135 NFSBCOPY(lop->lo_stp->ls_owner, cfp->cl_owner,
2139 error = NFSERR_PERM;
2140 else if (new_stp->ls_flags & NFSLCK_RECLAIM)
2141 error = NFSERR_RECLAIMCONFLICT;
2142 else if (new_stp->ls_flags & NFSLCK_CHECK)
2143 error = NFSERR_LOCKED;
2145 error = NFSERR_DENIED;
2146 if (filestruct_locked != 0 && ret == 0) {
2147 /* Roll back local locks. */
2149 if (vnode_unlocked == 0) {
2150 ASSERT_VOP_ELOCKED(vp, "nfsrv_lockctrl7");
2152 NFSVOPUNLOCK(vp, 0);
2154 nfsrv_locallock_rollback(vp, lfp, p);
2156 nfsrv_unlocklf(lfp);
2166 * We only get here if there was no lock that conflicted.
2168 if (new_stp->ls_flags & (NFSLCK_TEST | NFSLCK_CHECK)) {
2174 * We only get here when we are creating or modifying a lock.
2175 * There are two variants:
2176 * - exist_lock_owner where lock_owner exists
2177 * - open_to_lock_owner with new lock_owner
2179 first = new_lop->lo_first;
2180 end = new_lop->lo_end;
2181 lock_flags = new_lop->lo_flags;
2182 if (!(new_stp->ls_flags & NFSLCK_OPENTOLOCK)) {
2183 nfsrv_updatelock(lckstp, new_lopp, &other_lop, lfp);
2184 stateidp->seqid = ++(lckstp->ls_stateid.seqid);
2185 if ((nd->nd_flag & ND_NFSV41) != 0 && stateidp->seqid == 0)
2186 stateidp->seqid = lckstp->ls_stateid.seqid = 1;
2187 stateidp->other[0] = lckstp->ls_stateid.other[0];
2188 stateidp->other[1] = lckstp->ls_stateid.other[1];
2189 stateidp->other[2] = lckstp->ls_stateid.other[2];
2192 * The new open_to_lock_owner case.
2193 * Link the new nfsstate into the lists.
2195 new_stp->ls_seq = new_stp->ls_opentolockseq;
2196 nfsrvd_refcache(new_stp->ls_op);
2197 stateidp->seqid = new_stp->ls_stateid.seqid = 1;
2198 stateidp->other[0] = new_stp->ls_stateid.other[0] =
2199 clp->lc_clientid.lval[0];
2200 stateidp->other[1] = new_stp->ls_stateid.other[1] =
2201 clp->lc_clientid.lval[1];
2202 stateidp->other[2] = new_stp->ls_stateid.other[2] =
2203 nfsrv_nextstateindex(clp);
2204 new_stp->ls_clp = clp;
2205 LIST_INIT(&new_stp->ls_lock);
2206 new_stp->ls_openstp = stp;
2207 new_stp->ls_lfp = lfp;
2208 nfsrv_insertlock(new_lop, (struct nfslock *)new_stp, new_stp,
2210 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_stp->ls_stateid),
2212 LIST_INSERT_HEAD(&stp->ls_open, new_stp, ls_list);
2215 nfsstatsv1.srvlockowners++;
2216 nfsrv_openpluslock++;
2218 if (filestruct_locked != 0) {
2220 nfsrv_locallock_commit(lfp, lock_flags, first, end);
2222 nfsrv_unlocklf(lfp);
2228 NFSLOCKV4ROOTMUTEX();
2229 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2230 NFSUNLOCKV4ROOTMUTEX();
2232 if (vnode_unlocked != 0) {
2233 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
2234 if (error == 0 && (vp->v_iflag & VI_DOOMED) != 0)
2235 error = NFSERR_SERVERFAULT;
2238 FREE((caddr_t)other_lop, M_NFSDLOCK);
2239 NFSEXITCODE2(error, nd);
2244 * Check for state errors for Open.
2245 * repstat is passed back out as an error if more critical errors
2249 nfsrv_opencheck(nfsquad_t clientid, nfsv4stateid_t *stateidp,
2250 struct nfsstate *new_stp, vnode_t vp, struct nfsrv_descript *nd,
2251 NFSPROC_T *p, int repstat)
2253 struct nfsstate *stp, *nstp;
2254 struct nfsclient *clp;
2255 struct nfsstate *ownerstp;
2256 struct nfslockfile *lfp, *new_lfp;
2257 int error = 0, haslock = 0, ret, readonly = 0, getfhret = 0;
2259 if ((new_stp->ls_flags & NFSLCK_SHAREBITS) == NFSLCK_READACCESS)
2262 * Check for restart conditions (client and server).
2264 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
2265 &new_stp->ls_stateid, 0);
2270 * Check for state resource limit exceeded.
2271 * Technically this should be SMP protected, but the worst
2272 * case error is "out by one or two" on the count when it
2273 * returns NFSERR_RESOURCE and the limit is just a rather
2274 * arbitrary high water mark, so no harm is done.
2276 if (nfsrv_openpluslock > nfsrv_v4statelimit) {
2277 error = NFSERR_RESOURCE;
2282 MALLOC(new_lfp, struct nfslockfile *, sizeof (struct nfslockfile),
2283 M_NFSDLOCKFILE, M_WAITOK);
2285 getfhret = nfsrv_getlockfh(vp, new_stp->ls_flags, new_lfp,
2289 * Get the nfsclient structure.
2291 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
2292 (nfsquad_t)((u_quad_t)0), 0, nd, p);
2295 * Look up the open owner. See if it needs confirmation and
2296 * check the seq#, as required.
2299 nfsrv_getowner(&clp->lc_open, new_stp, &ownerstp);
2301 if (!error && ownerstp) {
2302 error = nfsrv_checkseqid(nd, new_stp->ls_seq, ownerstp,
2305 * If the OpenOwner hasn't been confirmed, assume the
2306 * old one was a replay and this one is ok.
2307 * See: RFC3530 Sec. 14.2.18.
2309 if (error == NFSERR_BADSEQID &&
2310 (ownerstp->ls_flags & NFSLCK_NEEDSCONFIRM))
2318 error = nfsrv_checkgrace(nd, clp, new_stp->ls_flags);
2319 if ((new_stp->ls_flags & NFSLCK_RECLAIM) && !error &&
2320 nfsrv_checkstable(clp))
2321 error = NFSERR_NOGRACE;
2324 * If none of the above errors occurred, let repstat be
2327 if (repstat && !error)
2332 NFSLOCKV4ROOTMUTEX();
2333 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2334 NFSUNLOCKV4ROOTMUTEX();
2336 free((caddr_t)new_lfp, M_NFSDLOCKFILE);
2341 * If vp == NULL, the file doesn't exist yet, so return ok.
2342 * (This always happens on the first pass, so haslock must be 0.)
2346 FREE((caddr_t)new_lfp, M_NFSDLOCKFILE);
2351 * Get the structure for the underlying file.
2356 error = nfsrv_getlockfile(new_stp->ls_flags, &new_lfp, &lfp,
2359 FREE((caddr_t)new_lfp, M_NFSDLOCKFILE);
2363 NFSLOCKV4ROOTMUTEX();
2364 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2365 NFSUNLOCKV4ROOTMUTEX();
2371 * Search for a conflicting open/share.
2373 if (new_stp->ls_flags & NFSLCK_DELEGCUR) {
2375 * For Delegate_Cur, search for the matching Delegation,
2376 * which indicates no conflict.
2377 * An old delegation should have been recovered by the
2378 * client doing a Claim_DELEGATE_Prev, so I won't let
2379 * it match and return NFSERR_EXPIRED. Should I let it
2382 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
2383 if (!(stp->ls_flags & NFSLCK_OLDDELEG) &&
2384 (((nd->nd_flag & ND_NFSV41) != 0 &&
2385 stateidp->seqid == 0) ||
2386 stateidp->seqid == stp->ls_stateid.seqid) &&
2387 !NFSBCMP(stateidp->other, stp->ls_stateid.other,
2391 if (stp == LIST_END(&lfp->lf_deleg) ||
2392 ((new_stp->ls_flags & NFSLCK_WRITEACCESS) &&
2393 (stp->ls_flags & NFSLCK_DELEGREAD))) {
2396 NFSLOCKV4ROOTMUTEX();
2397 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2398 NFSUNLOCKV4ROOTMUTEX();
2400 error = NFSERR_EXPIRED;
2406 * Check for access/deny bit conflicts. I check for the same
2407 * owner as well, in case the client didn't bother.
2409 LIST_FOREACH(stp, &lfp->lf_open, ls_file) {
2410 if (!(new_stp->ls_flags & NFSLCK_DELEGCUR) &&
2411 (((new_stp->ls_flags & NFSLCK_ACCESSBITS) &
2412 ((stp->ls_flags>>NFSLCK_SHIFT) & NFSLCK_ACCESSBITS))||
2413 ((stp->ls_flags & NFSLCK_ACCESSBITS) &
2414 ((new_stp->ls_flags>>NFSLCK_SHIFT)&NFSLCK_ACCESSBITS)))){
2415 ret = nfsrv_clientconflict(stp->ls_clp,&haslock,vp,p);
2418 * nfsrv_clientconflict() unlocks
2419 * state when it returns non-zero.
2424 error = NFSERR_PERM;
2425 else if (new_stp->ls_flags & NFSLCK_RECLAIM)
2426 error = NFSERR_RECLAIMCONFLICT;
2428 error = NFSERR_SHAREDENIED;
2432 NFSLOCKV4ROOTMUTEX();
2433 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2434 NFSUNLOCKV4ROOTMUTEX();
2441 * Check for a conflicting delegation. If one is found, call
2442 * nfsrv_delegconflict() to handle it. If the v4root lock hasn't
2443 * been set yet, it will get the lock. Otherwise, it will recall
2444 * the delegation. Then, we try try again...
2445 * (If NFSLCK_DELEGCUR is set, it has a delegation, so there
2446 * isn't a conflict.)
2447 * I currently believe the conflict algorithm to be:
2448 * For Open with Read Access and Deny None
2449 * - there is a conflict iff a different client has a write delegation
2450 * For Open with other Write Access or any Deny except None
2451 * - there is a conflict if a different client has any delegation
2452 * - there is a conflict if the same client has a read delegation
2453 * (The current consensus is that this last case should be
2454 * considered a conflict since the client with a read delegation
2455 * could have done an Open with ReadAccess and WriteDeny
2456 * locally and then not have checked for the WriteDeny.)
2457 * Don't check for a Reclaim, since that will be dealt with
2458 * by nfsrv_openctrl().
2460 if (!(new_stp->ls_flags &
2461 (NFSLCK_DELEGPREV | NFSLCK_DELEGCUR | NFSLCK_RECLAIM))) {
2462 stp = LIST_FIRST(&lfp->lf_deleg);
2463 while (stp != LIST_END(&lfp->lf_deleg)) {
2464 nstp = LIST_NEXT(stp, ls_file);
2465 if ((readonly && stp->ls_clp != clp &&
2466 (stp->ls_flags & NFSLCK_DELEGWRITE)) ||
2467 (!readonly && (stp->ls_clp != clp ||
2468 (stp->ls_flags & NFSLCK_DELEGREAD)))) {
2469 ret = nfsrv_delegconflict(stp, &haslock, p, vp);
2472 * nfsrv_delegconflict() unlocks state
2473 * when it returns non-zero.
2486 NFSLOCKV4ROOTMUTEX();
2487 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2488 NFSUNLOCKV4ROOTMUTEX();
2492 NFSEXITCODE2(error, nd);
2497 * Open control function to create/update open state for an open.
2500 nfsrv_openctrl(struct nfsrv_descript *nd, vnode_t vp,
2501 struct nfsstate **new_stpp, nfsquad_t clientid, nfsv4stateid_t *stateidp,
2502 nfsv4stateid_t *delegstateidp, u_int32_t *rflagsp, struct nfsexstuff *exp,
2503 NFSPROC_T *p, u_quad_t filerev)
2505 struct nfsstate *new_stp = *new_stpp;
2506 struct nfsstate *stp, *nstp;
2507 struct nfsstate *openstp = NULL, *new_open, *ownerstp, *new_deleg;
2508 struct nfslockfile *lfp, *new_lfp;
2509 struct nfsclient *clp;
2510 int error = 0, haslock = 0, ret, delegate = 1, writedeleg = 1;
2511 int readonly = 0, cbret = 1, getfhret = 0;
2512 int gotstate = 0, len = 0;
2513 u_char *clidp = NULL;
2515 if ((new_stp->ls_flags & NFSLCK_SHAREBITS) == NFSLCK_READACCESS)
2518 * Check for restart conditions (client and server).
2519 * (Paranoia, should have been detected by nfsrv_opencheck().)
2520 * If an error does show up, return NFSERR_EXPIRED, since the
2521 * the seqid# has already been incremented.
2523 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
2524 &new_stp->ls_stateid, 0);
2526 printf("Nfsd: openctrl unexpected restart err=%d\n",
2528 error = NFSERR_EXPIRED;
2532 clidp = malloc(NFSV4_OPAQUELIMIT, M_TEMP, M_WAITOK);
2534 MALLOC(new_lfp, struct nfslockfile *, sizeof (struct nfslockfile),
2535 M_NFSDLOCKFILE, M_WAITOK);
2536 MALLOC(new_open, struct nfsstate *, sizeof (struct nfsstate),
2537 M_NFSDSTATE, M_WAITOK);
2538 MALLOC(new_deleg, struct nfsstate *, sizeof (struct nfsstate),
2539 M_NFSDSTATE, M_WAITOK);
2540 getfhret = nfsrv_getlockfh(vp, new_stp->ls_flags, new_lfp,
2544 * Get the client structure. Since the linked lists could be changed
2545 * by other nfsd processes if this process does a tsleep(), one of
2546 * two things must be done.
2547 * 1 - don't tsleep()
2549 * 2 - get the nfsv4_lock() { indicated by haslock == 1 }
2550 * before using the lists, since this lock stops the other
2551 * nfsd. This should only be used for rare cases, since it
2552 * essentially single threads the nfsd.
2553 * At this time, it is only done for cases where the stable
2554 * storage file must be written prior to completion of state
2557 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
2558 (nfsquad_t)((u_quad_t)0), 0, nd, p);
2559 if (!error && (clp->lc_flags & LCL_NEEDSCBNULL) &&
2562 * This happens on the first open for a client
2563 * that supports callbacks.
2567 * Although nfsrv_docallback() will sleep, clp won't
2568 * go away, since they are only removed when the
2569 * nfsv4_lock() has blocked the nfsd threads. The
2570 * fields in clp can change, but having multiple
2571 * threads do this Null callback RPC should be
2574 cbret = nfsrv_docallback(clp, NFSV4PROC_CBNULL,
2575 NULL, 0, NULL, NULL, NULL, p);
2577 clp->lc_flags &= ~LCL_NEEDSCBNULL;
2579 clp->lc_flags |= LCL_CALLBACKSON;
2583 * Look up the open owner. See if it needs confirmation and
2584 * check the seq#, as required.
2587 nfsrv_getowner(&clp->lc_open, new_stp, &ownerstp);
2591 printf("Nfsd: openctrl unexpected state err=%d\n",
2593 free((caddr_t)new_lfp, M_NFSDLOCKFILE);
2594 free((caddr_t)new_open, M_NFSDSTATE);
2595 free((caddr_t)new_deleg, M_NFSDSTATE);
2597 NFSLOCKV4ROOTMUTEX();
2598 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2599 NFSUNLOCKV4ROOTMUTEX();
2601 error = NFSERR_EXPIRED;
2605 if (new_stp->ls_flags & NFSLCK_RECLAIM)
2606 nfsrv_markstable(clp);
2609 * Get the structure for the underlying file.
2614 error = nfsrv_getlockfile(new_stp->ls_flags, &new_lfp, &lfp,
2617 FREE((caddr_t)new_lfp, M_NFSDLOCKFILE);
2620 printf("Nfsd openctrl unexpected getlockfile err=%d\n",
2622 free((caddr_t)new_open, M_NFSDSTATE);
2623 free((caddr_t)new_deleg, M_NFSDSTATE);
2625 NFSLOCKV4ROOTMUTEX();
2626 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2627 NFSUNLOCKV4ROOTMUTEX();
2633 * Search for a conflicting open/share.
2635 if (new_stp->ls_flags & NFSLCK_DELEGCUR) {
2637 * For Delegate_Cur, search for the matching Delegation,
2638 * which indicates no conflict.
2639 * An old delegation should have been recovered by the
2640 * client doing a Claim_DELEGATE_Prev, so I won't let
2641 * it match and return NFSERR_EXPIRED. Should I let it
2644 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
2645 if (!(stp->ls_flags & NFSLCK_OLDDELEG) &&
2646 (((nd->nd_flag & ND_NFSV41) != 0 &&
2647 stateidp->seqid == 0) ||
2648 stateidp->seqid == stp->ls_stateid.seqid) &&
2649 !NFSBCMP(stateidp->other, stp->ls_stateid.other,
2653 if (stp == LIST_END(&lfp->lf_deleg) ||
2654 ((new_stp->ls_flags & NFSLCK_WRITEACCESS) &&
2655 (stp->ls_flags & NFSLCK_DELEGREAD))) {
2657 printf("Nfsd openctrl unexpected expiry\n");
2658 free((caddr_t)new_open, M_NFSDSTATE);
2659 free((caddr_t)new_deleg, M_NFSDSTATE);
2661 NFSLOCKV4ROOTMUTEX();
2662 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2663 NFSUNLOCKV4ROOTMUTEX();
2665 error = NFSERR_EXPIRED;
2670 * Don't issue a Delegation, since one already exists and
2671 * delay delegation timeout, as required.
2674 nfsrv_delaydelegtimeout(stp);
2678 * Check for access/deny bit conflicts. I also check for the
2679 * same owner, since the client might not have bothered to check.
2680 * Also, note an open for the same file and owner, if found,
2681 * which is all we do here for Delegate_Cur, since conflict
2682 * checking is already done.
2684 LIST_FOREACH(stp, &lfp->lf_open, ls_file) {
2685 if (ownerstp && stp->ls_openowner == ownerstp)
2687 if (!(new_stp->ls_flags & NFSLCK_DELEGCUR)) {
2689 * If another client has the file open, the only
2690 * delegation that can be issued is a Read delegation
2691 * and only if it is a Read open with Deny none.
2693 if (clp != stp->ls_clp) {
2694 if ((stp->ls_flags & NFSLCK_SHAREBITS) ==
2700 if(((new_stp->ls_flags & NFSLCK_ACCESSBITS) &
2701 ((stp->ls_flags>>NFSLCK_SHIFT) & NFSLCK_ACCESSBITS))||
2702 ((stp->ls_flags & NFSLCK_ACCESSBITS) &
2703 ((new_stp->ls_flags>>NFSLCK_SHIFT)&NFSLCK_ACCESSBITS))){
2704 ret = nfsrv_clientconflict(stp->ls_clp,&haslock,vp,p);
2707 * nfsrv_clientconflict() unlocks state
2708 * when it returns non-zero.
2710 free((caddr_t)new_open, M_NFSDSTATE);
2711 free((caddr_t)new_deleg, M_NFSDSTATE);
2716 error = NFSERR_PERM;
2717 else if (new_stp->ls_flags & NFSLCK_RECLAIM)
2718 error = NFSERR_RECLAIMCONFLICT;
2720 error = NFSERR_SHAREDENIED;
2724 NFSLOCKV4ROOTMUTEX();
2725 nfsv4_unlock(&nfsv4rootfs_lock, 1);
2726 NFSUNLOCKV4ROOTMUTEX();
2728 free((caddr_t)new_open, M_NFSDSTATE);
2729 free((caddr_t)new_deleg, M_NFSDSTATE);
2730 printf("nfsd openctrl unexpected client cnfl\n");
2737 * Check for a conflicting delegation. If one is found, call
2738 * nfsrv_delegconflict() to handle it. If the v4root lock hasn't
2739 * been set yet, it will get the lock. Otherwise, it will recall
2740 * the delegation. Then, we try try again...
2741 * (If NFSLCK_DELEGCUR is set, it has a delegation, so there
2742 * isn't a conflict.)
2743 * I currently believe the conflict algorithm to be:
2744 * For Open with Read Access and Deny None
2745 * - there is a conflict iff a different client has a write delegation
2746 * For Open with other Write Access or any Deny except None
2747 * - there is a conflict if a different client has any delegation
2748 * - there is a conflict if the same client has a read delegation
2749 * (The current consensus is that this last case should be
2750 * considered a conflict since the client with a read delegation
2751 * could have done an Open with ReadAccess and WriteDeny
2752 * locally and then not have checked for the WriteDeny.)
2754 if (!(new_stp->ls_flags & (NFSLCK_DELEGPREV | NFSLCK_DELEGCUR))) {
2755 stp = LIST_FIRST(&lfp->lf_deleg);
2756 while (stp != LIST_END(&lfp->lf_deleg)) {
2757 nstp = LIST_NEXT(stp, ls_file);
2758 if (stp->ls_clp != clp && (stp->ls_flags & NFSLCK_DELEGREAD))
2762 if ((readonly && stp->ls_clp != clp &&
2763 (stp->ls_flags & NFSLCK_DELEGWRITE)) ||
2764 (!readonly && (stp->ls_clp != clp ||
2765 (stp->ls_flags & NFSLCK_DELEGREAD)))) {
2766 if (new_stp->ls_flags & NFSLCK_RECLAIM) {
2769 ret = nfsrv_delegconflict(stp, &haslock, p, vp);
2772 * nfsrv_delegconflict() unlocks state
2773 * when it returns non-zero.
2775 printf("Nfsd openctrl unexpected deleg cnfl\n");
2776 free((caddr_t)new_open, M_NFSDSTATE);
2777 free((caddr_t)new_deleg, M_NFSDSTATE);
2792 * We only get here if there was no open that conflicted.
2793 * If an open for the owner exists, or in the access/deny bits.
2794 * Otherwise it is a new open. If the open_owner hasn't been
2795 * confirmed, replace the open with the new one needing confirmation,
2796 * otherwise add the open.
2798 if (new_stp->ls_flags & NFSLCK_DELEGPREV) {
2800 * Handle NFSLCK_DELEGPREV by searching the old delegations for
2801 * a match. If found, just move the old delegation to the current
2802 * delegation list and issue open. If not found, return
2805 LIST_FOREACH(stp, &clp->lc_olddeleg, ls_list) {
2806 if (stp->ls_lfp == lfp) {
2808 if (stp->ls_clp != clp)
2809 panic("olddeleg clp");
2810 LIST_REMOVE(stp, ls_list);
2811 LIST_REMOVE(stp, ls_hash);
2812 stp->ls_flags &= ~NFSLCK_OLDDELEG;
2813 stp->ls_stateid.seqid = delegstateidp->seqid = 1;
2814 stp->ls_stateid.other[0] = delegstateidp->other[0] =
2815 clp->lc_clientid.lval[0];
2816 stp->ls_stateid.other[1] = delegstateidp->other[1] =
2817 clp->lc_clientid.lval[1];
2818 stp->ls_stateid.other[2] = delegstateidp->other[2] =
2819 nfsrv_nextstateindex(clp);
2820 stp->ls_compref = nd->nd_compref;
2821 LIST_INSERT_HEAD(&clp->lc_deleg, stp, ls_list);
2822 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
2823 stp->ls_stateid), stp, ls_hash);
2824 if (stp->ls_flags & NFSLCK_DELEGWRITE)
2825 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
2827 *rflagsp |= NFSV4OPEN_READDELEGATE;
2828 clp->lc_delegtime = NFSD_MONOSEC +
2829 nfsrv_lease + NFSRV_LEASEDELTA;
2832 * Now, do the associated open.
2834 new_open->ls_stateid.seqid = 1;
2835 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
2836 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
2837 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
2838 new_open->ls_flags = (new_stp->ls_flags&NFSLCK_DENYBITS)|
2840 if (stp->ls_flags & NFSLCK_DELEGWRITE)
2841 new_open->ls_flags |= (NFSLCK_READACCESS |
2842 NFSLCK_WRITEACCESS);
2844 new_open->ls_flags |= NFSLCK_READACCESS;
2845 new_open->ls_uid = new_stp->ls_uid;
2846 new_open->ls_lfp = lfp;
2847 new_open->ls_clp = clp;
2848 LIST_INIT(&new_open->ls_open);
2849 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
2850 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
2853 * and handle the open owner
2856 new_open->ls_openowner = ownerstp;
2857 LIST_INSERT_HEAD(&ownerstp->ls_open,new_open,ls_list);
2859 new_open->ls_openowner = new_stp;
2860 new_stp->ls_flags = 0;
2861 nfsrvd_refcache(new_stp->ls_op);
2862 new_stp->ls_noopens = 0;
2863 LIST_INIT(&new_stp->ls_open);
2864 LIST_INSERT_HEAD(&new_stp->ls_open, new_open, ls_list);
2865 LIST_INSERT_HEAD(&clp->lc_open, new_stp, ls_list);
2867 nfsstatsv1.srvopenowners++;
2868 nfsrv_openpluslock++;
2872 nfsstatsv1.srvopens++;
2873 nfsrv_openpluslock++;
2877 if (stp == LIST_END(&clp->lc_olddeleg))
2878 error = NFSERR_EXPIRED;
2879 } else if (new_stp->ls_flags & (NFSLCK_DELEGREAD | NFSLCK_DELEGWRITE)) {
2881 * Scan to see that no delegation for this client and file
2882 * doesn't already exist.
2883 * There also shouldn't yet be an Open for this file and
2886 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
2887 if (stp->ls_clp == clp)
2890 if (stp == LIST_END(&lfp->lf_deleg) && openstp == NULL) {
2892 * This is the Claim_Previous case with a delegation
2893 * type != Delegate_None.
2896 * First, add the delegation. (Although we must issue the
2897 * delegation, we can also ask for an immediate return.)
2899 new_deleg->ls_stateid.seqid = delegstateidp->seqid = 1;
2900 new_deleg->ls_stateid.other[0] = delegstateidp->other[0] =
2901 clp->lc_clientid.lval[0];
2902 new_deleg->ls_stateid.other[1] = delegstateidp->other[1] =
2903 clp->lc_clientid.lval[1];
2904 new_deleg->ls_stateid.other[2] = delegstateidp->other[2] =
2905 nfsrv_nextstateindex(clp);
2906 if (new_stp->ls_flags & NFSLCK_DELEGWRITE) {
2907 new_deleg->ls_flags = (NFSLCK_DELEGWRITE |
2908 NFSLCK_READACCESS | NFSLCK_WRITEACCESS);
2909 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
2911 new_deleg->ls_flags = (NFSLCK_DELEGREAD |
2913 *rflagsp |= NFSV4OPEN_READDELEGATE;
2915 new_deleg->ls_uid = new_stp->ls_uid;
2916 new_deleg->ls_lfp = lfp;
2917 new_deleg->ls_clp = clp;
2918 new_deleg->ls_filerev = filerev;
2919 new_deleg->ls_compref = nd->nd_compref;
2920 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg, ls_file);
2921 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
2922 new_deleg->ls_stateid), new_deleg, ls_hash);
2923 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg, ls_list);
2925 if (delegate == 2 || nfsrv_issuedelegs == 0 ||
2926 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) !=
2928 NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt) ||
2929 !NFSVNO_DELEGOK(vp))
2930 *rflagsp |= NFSV4OPEN_RECALL;
2931 nfsstatsv1.srvdelegates++;
2932 nfsrv_openpluslock++;
2933 nfsrv_delegatecnt++;
2936 * Now, do the associated open.
2938 new_open->ls_stateid.seqid = 1;
2939 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
2940 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
2941 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
2942 new_open->ls_flags = (new_stp->ls_flags & NFSLCK_DENYBITS) |
2944 if (new_stp->ls_flags & NFSLCK_DELEGWRITE)
2945 new_open->ls_flags |= (NFSLCK_READACCESS |
2946 NFSLCK_WRITEACCESS);
2948 new_open->ls_flags |= NFSLCK_READACCESS;
2949 new_open->ls_uid = new_stp->ls_uid;
2950 new_open->ls_lfp = lfp;
2951 new_open->ls_clp = clp;
2952 LIST_INIT(&new_open->ls_open);
2953 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
2954 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
2957 * and handle the open owner
2960 new_open->ls_openowner = ownerstp;
2961 LIST_INSERT_HEAD(&ownerstp->ls_open, new_open, ls_list);
2963 new_open->ls_openowner = new_stp;
2964 new_stp->ls_flags = 0;
2965 nfsrvd_refcache(new_stp->ls_op);
2966 new_stp->ls_noopens = 0;
2967 LIST_INIT(&new_stp->ls_open);
2968 LIST_INSERT_HEAD(&new_stp->ls_open, new_open, ls_list);
2969 LIST_INSERT_HEAD(&clp->lc_open, new_stp, ls_list);
2971 nfsstatsv1.srvopenowners++;
2972 nfsrv_openpluslock++;
2976 nfsstatsv1.srvopens++;
2977 nfsrv_openpluslock++;
2979 error = NFSERR_RECLAIMCONFLICT;
2981 } else if (ownerstp) {
2982 if (ownerstp->ls_flags & NFSLCK_NEEDSCONFIRM) {
2983 /* Replace the open */
2984 if (ownerstp->ls_op)
2985 nfsrvd_derefcache(ownerstp->ls_op);
2986 ownerstp->ls_op = new_stp->ls_op;
2987 nfsrvd_refcache(ownerstp->ls_op);
2988 ownerstp->ls_seq = new_stp->ls_seq;
2989 *rflagsp |= NFSV4OPEN_RESULTCONFIRM;
2990 stp = LIST_FIRST(&ownerstp->ls_open);
2991 stp->ls_flags = (new_stp->ls_flags & NFSLCK_SHAREBITS) |
2993 stp->ls_stateid.seqid = 1;
2994 stp->ls_uid = new_stp->ls_uid;
2995 if (lfp != stp->ls_lfp) {
2996 LIST_REMOVE(stp, ls_file);
2997 LIST_INSERT_HEAD(&lfp->lf_open, stp, ls_file);
3001 } else if (openstp) {
3002 openstp->ls_flags |= (new_stp->ls_flags & NFSLCK_SHAREBITS);
3003 openstp->ls_stateid.seqid++;
3004 if ((nd->nd_flag & ND_NFSV41) != 0 &&
3005 openstp->ls_stateid.seqid == 0)
3006 openstp->ls_stateid.seqid = 1;
3009 * This is where we can choose to issue a delegation.
3011 if (delegate == 0 || writedeleg == 0 ||
3012 NFSVNO_EXRDONLY(exp) || (readonly != 0 &&
3013 nfsrv_writedelegifpos == 0) ||
3014 !NFSVNO_DELEGOK(vp) ||
3015 (new_stp->ls_flags & NFSLCK_WANTRDELEG) != 0 ||
3016 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) !=
3018 *rflagsp |= NFSV4OPEN_WDCONTENTION;
3019 else if (nfsrv_issuedelegs == 0 ||
3020 NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt))
3021 *rflagsp |= NFSV4OPEN_WDRESOURCE;
3022 else if ((new_stp->ls_flags & NFSLCK_WANTNODELEG) != 0)
3023 *rflagsp |= NFSV4OPEN_WDNOTWANTED;
3025 new_deleg->ls_stateid.seqid = delegstateidp->seqid = 1;
3026 new_deleg->ls_stateid.other[0] = delegstateidp->other[0]
3027 = clp->lc_clientid.lval[0];
3028 new_deleg->ls_stateid.other[1] = delegstateidp->other[1]
3029 = clp->lc_clientid.lval[1];
3030 new_deleg->ls_stateid.other[2] = delegstateidp->other[2]
3031 = nfsrv_nextstateindex(clp);
3032 new_deleg->ls_flags = (NFSLCK_DELEGWRITE |
3033 NFSLCK_READACCESS | NFSLCK_WRITEACCESS);
3034 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3035 new_deleg->ls_uid = new_stp->ls_uid;
3036 new_deleg->ls_lfp = lfp;
3037 new_deleg->ls_clp = clp;
3038 new_deleg->ls_filerev = filerev;
3039 new_deleg->ls_compref = nd->nd_compref;
3040 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg, ls_file);
3041 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3042 new_deleg->ls_stateid), new_deleg, ls_hash);
3043 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg, ls_list);
3045 nfsstatsv1.srvdelegates++;
3046 nfsrv_openpluslock++;
3047 nfsrv_delegatecnt++;
3050 new_open->ls_stateid.seqid = 1;
3051 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
3052 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
3053 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
3054 new_open->ls_flags = (new_stp->ls_flags & NFSLCK_SHAREBITS)|
3056 new_open->ls_uid = new_stp->ls_uid;
3057 new_open->ls_openowner = ownerstp;
3058 new_open->ls_lfp = lfp;
3059 new_open->ls_clp = clp;
3060 LIST_INIT(&new_open->ls_open);
3061 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
3062 LIST_INSERT_HEAD(&ownerstp->ls_open, new_open, ls_list);
3063 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
3067 nfsstatsv1.srvopens++;
3068 nfsrv_openpluslock++;
3071 * This is where we can choose to issue a delegation.
3073 if (delegate == 0 || (writedeleg == 0 && readonly == 0) ||
3074 !NFSVNO_DELEGOK(vp) ||
3075 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) !=
3077 *rflagsp |= NFSV4OPEN_WDCONTENTION;
3078 else if (nfsrv_issuedelegs == 0 ||
3079 NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt))
3080 *rflagsp |= NFSV4OPEN_WDRESOURCE;
3081 else if ((new_stp->ls_flags & NFSLCK_WANTNODELEG) != 0)
3082 *rflagsp |= NFSV4OPEN_WDNOTWANTED;
3084 new_deleg->ls_stateid.seqid = delegstateidp->seqid = 1;
3085 new_deleg->ls_stateid.other[0] = delegstateidp->other[0]
3086 = clp->lc_clientid.lval[0];
3087 new_deleg->ls_stateid.other[1] = delegstateidp->other[1]
3088 = clp->lc_clientid.lval[1];
3089 new_deleg->ls_stateid.other[2] = delegstateidp->other[2]
3090 = nfsrv_nextstateindex(clp);
3091 if (writedeleg && !NFSVNO_EXRDONLY(exp) &&
3092 (nfsrv_writedelegifpos || !readonly) &&
3093 (new_stp->ls_flags & NFSLCK_WANTRDELEG) == 0) {
3094 new_deleg->ls_flags = (NFSLCK_DELEGWRITE |
3095 NFSLCK_READACCESS | NFSLCK_WRITEACCESS);
3096 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3098 new_deleg->ls_flags = (NFSLCK_DELEGREAD |
3100 *rflagsp |= NFSV4OPEN_READDELEGATE;
3102 new_deleg->ls_uid = new_stp->ls_uid;
3103 new_deleg->ls_lfp = lfp;
3104 new_deleg->ls_clp = clp;
3105 new_deleg->ls_filerev = filerev;
3106 new_deleg->ls_compref = nd->nd_compref;
3107 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg, ls_file);
3108 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3109 new_deleg->ls_stateid), new_deleg, ls_hash);
3110 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg, ls_list);
3112 nfsstatsv1.srvdelegates++;
3113 nfsrv_openpluslock++;
3114 nfsrv_delegatecnt++;
3119 * New owner case. Start the open_owner sequence with a
3120 * Needs confirmation (unless a reclaim) and hang the
3123 new_open->ls_stateid.seqid = 1;
3124 new_open->ls_stateid.other[0] = clp->lc_clientid.lval[0];
3125 new_open->ls_stateid.other[1] = clp->lc_clientid.lval[1];
3126 new_open->ls_stateid.other[2] = nfsrv_nextstateindex(clp);
3127 new_open->ls_flags = (new_stp->ls_flags & NFSLCK_SHAREBITS) |
3129 new_open->ls_uid = new_stp->ls_uid;
3130 LIST_INIT(&new_open->ls_open);
3131 new_open->ls_openowner = new_stp;
3132 new_open->ls_lfp = lfp;
3133 new_open->ls_clp = clp;
3134 LIST_INSERT_HEAD(&lfp->lf_open, new_open, ls_file);
3135 if (new_stp->ls_flags & NFSLCK_RECLAIM) {
3136 new_stp->ls_flags = 0;
3137 } else if ((nd->nd_flag & ND_NFSV41) != 0) {
3138 /* NFSv4.1 never needs confirmation. */
3139 new_stp->ls_flags = 0;
3142 * This is where we can choose to issue a delegation.
3144 if (delegate && nfsrv_issuedelegs &&
3145 (writedeleg || readonly) &&
3146 (clp->lc_flags & (LCL_CALLBACKSON | LCL_CBDOWN)) ==
3148 !NFSRV_V4DELEGLIMIT(nfsrv_delegatecnt) &&
3149 NFSVNO_DELEGOK(vp) &&
3150 ((nd->nd_flag & ND_NFSV41) == 0 ||
3151 (new_stp->ls_flags & NFSLCK_WANTNODELEG) == 0)) {
3152 new_deleg->ls_stateid.seqid =
3153 delegstateidp->seqid = 1;
3154 new_deleg->ls_stateid.other[0] =
3155 delegstateidp->other[0]
3156 = clp->lc_clientid.lval[0];
3157 new_deleg->ls_stateid.other[1] =
3158 delegstateidp->other[1]
3159 = clp->lc_clientid.lval[1];
3160 new_deleg->ls_stateid.other[2] =
3161 delegstateidp->other[2]
3162 = nfsrv_nextstateindex(clp);
3163 if (writedeleg && !NFSVNO_EXRDONLY(exp) &&
3164 (nfsrv_writedelegifpos || !readonly) &&
3165 ((nd->nd_flag & ND_NFSV41) == 0 ||
3166 (new_stp->ls_flags & NFSLCK_WANTRDELEG) ==
3168 new_deleg->ls_flags =
3169 (NFSLCK_DELEGWRITE |
3171 NFSLCK_WRITEACCESS);
3172 *rflagsp |= NFSV4OPEN_WRITEDELEGATE;
3174 new_deleg->ls_flags =
3177 *rflagsp |= NFSV4OPEN_READDELEGATE;
3179 new_deleg->ls_uid = new_stp->ls_uid;
3180 new_deleg->ls_lfp = lfp;
3181 new_deleg->ls_clp = clp;
3182 new_deleg->ls_filerev = filerev;
3183 new_deleg->ls_compref = nd->nd_compref;
3184 LIST_INSERT_HEAD(&lfp->lf_deleg, new_deleg,
3186 LIST_INSERT_HEAD(NFSSTATEHASH(clp,
3187 new_deleg->ls_stateid), new_deleg, ls_hash);
3188 LIST_INSERT_HEAD(&clp->lc_deleg, new_deleg,
3191 nfsstatsv1.srvdelegates++;
3192 nfsrv_openpluslock++;
3193 nfsrv_delegatecnt++;
3196 * Since NFSv4.1 never does an OpenConfirm, the first
3197 * open state will be acquired here.
3199 if (!(clp->lc_flags & LCL_STAMPEDSTABLE)) {
3200 clp->lc_flags |= LCL_STAMPEDSTABLE;
3201 len = clp->lc_idlen;
3202 NFSBCOPY(clp->lc_id, clidp, len);
3206 *rflagsp |= NFSV4OPEN_RESULTCONFIRM;
3207 new_stp->ls_flags = NFSLCK_NEEDSCONFIRM;
3209 nfsrvd_refcache(new_stp->ls_op);
3210 new_stp->ls_noopens = 0;
3211 LIST_INIT(&new_stp->ls_open);
3212 LIST_INSERT_HEAD(&new_stp->ls_open, new_open, ls_list);
3213 LIST_INSERT_HEAD(&clp->lc_open, new_stp, ls_list);
3214 LIST_INSERT_HEAD(NFSSTATEHASH(clp, new_open->ls_stateid),
3219 nfsstatsv1.srvopens++;
3220 nfsrv_openpluslock++;
3221 nfsstatsv1.srvopenowners++;
3222 nfsrv_openpluslock++;
3225 stateidp->seqid = openstp->ls_stateid.seqid;
3226 stateidp->other[0] = openstp->ls_stateid.other[0];
3227 stateidp->other[1] = openstp->ls_stateid.other[1];
3228 stateidp->other[2] = openstp->ls_stateid.other[2];
3232 NFSLOCKV4ROOTMUTEX();
3233 nfsv4_unlock(&nfsv4rootfs_lock, 1);
3234 NFSUNLOCKV4ROOTMUTEX();
3237 FREE((caddr_t)new_open, M_NFSDSTATE);
3239 FREE((caddr_t)new_deleg, M_NFSDSTATE);
3242 * If the NFSv4.1 client just acquired its first open, write a timestamp
3243 * to the stable storage file.
3245 if (gotstate != 0) {
3246 nfsrv_writestable(clidp, len, NFSNST_NEWSTATE, p);
3247 nfsrv_backupstable();
3251 free(clidp, M_TEMP);
3252 NFSEXITCODE2(error, nd);
3257 * Open update. Does the confirm, downgrade and close.
3260 nfsrv_openupdate(vnode_t vp, struct nfsstate *new_stp, nfsquad_t clientid,
3261 nfsv4stateid_t *stateidp, struct nfsrv_descript *nd, NFSPROC_T *p)
3263 struct nfsstate *stp, *ownerstp;
3264 struct nfsclient *clp;
3265 struct nfslockfile *lfp;
3267 int error = 0, gotstate = 0, len = 0;
3268 u_char *clidp = NULL;
3271 * Check for restart conditions (client and server).
3273 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
3274 &new_stp->ls_stateid, 0);
3278 clidp = malloc(NFSV4_OPAQUELIMIT, M_TEMP, M_WAITOK);
3281 * Get the open structure via clientid and stateid.
3283 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
3284 (nfsquad_t)((u_quad_t)0), 0, nd, p);
3286 error = nfsrv_getstate(clp, &new_stp->ls_stateid,
3287 new_stp->ls_flags, &stp);
3290 * Sanity check the open.
3292 if (!error && (!(stp->ls_flags & NFSLCK_OPEN) ||
3293 (!(new_stp->ls_flags & NFSLCK_CONFIRM) &&
3294 (stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM)) ||
3295 ((new_stp->ls_flags & NFSLCK_CONFIRM) &&
3296 (!(stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM)))))
3297 error = NFSERR_BADSTATEID;
3300 error = nfsrv_checkseqid(nd, new_stp->ls_seq,
3301 stp->ls_openowner, new_stp->ls_op);
3302 if (!error && stp->ls_stateid.seqid != new_stp->ls_stateid.seqid &&
3303 (((nd->nd_flag & ND_NFSV41) == 0 &&
3304 !(new_stp->ls_flags & NFSLCK_CONFIRM)) ||
3305 ((nd->nd_flag & ND_NFSV41) != 0 &&
3306 new_stp->ls_stateid.seqid != 0)))
3307 error = NFSERR_OLDSTATEID;
3308 if (!error && vnode_vtype(vp) != VREG) {
3309 if (vnode_vtype(vp) == VDIR)
3310 error = NFSERR_ISDIR;
3312 error = NFSERR_INVAL;
3317 * If a client tries to confirm an Open with a bad
3318 * seqid# and there are no byte range locks or other Opens
3319 * on the openowner, just throw it away, so the next use of the
3320 * openowner will start a fresh seq#.
3322 if (error == NFSERR_BADSEQID &&
3323 (new_stp->ls_flags & NFSLCK_CONFIRM) &&
3324 nfsrv_nootherstate(stp))
3325 nfsrv_freeopenowner(stp->ls_openowner, 0, p);
3331 * Set the return stateid.
3333 stateidp->seqid = stp->ls_stateid.seqid + 1;
3334 if ((nd->nd_flag & ND_NFSV41) != 0 && stateidp->seqid == 0)
3335 stateidp->seqid = 1;
3336 stateidp->other[0] = stp->ls_stateid.other[0];
3337 stateidp->other[1] = stp->ls_stateid.other[1];
3338 stateidp->other[2] = stp->ls_stateid.other[2];
3340 * Now, handle the three cases.
3342 if (new_stp->ls_flags & NFSLCK_CONFIRM) {
3344 * If the open doesn't need confirmation, it seems to me that
3345 * there is a client error, but I'll just log it and keep going?
3347 if (!(stp->ls_openowner->ls_flags & NFSLCK_NEEDSCONFIRM))
3348 printf("Nfsv4d: stray open confirm\n");
3349 stp->ls_openowner->ls_flags = 0;
3350 stp->ls_stateid.seqid++;
3351 if ((nd->nd_flag & ND_NFSV41) != 0 &&
3352 stp->ls_stateid.seqid == 0)
3353 stp->ls_stateid.seqid = 1;
3354 if (!(clp->lc_flags & LCL_STAMPEDSTABLE)) {
3355 clp->lc_flags |= LCL_STAMPEDSTABLE;
3356 len = clp->lc_idlen;
3357 NFSBCOPY(clp->lc_id, clidp, len);
3361 } else if (new_stp->ls_flags & NFSLCK_CLOSE) {
3362 ownerstp = stp->ls_openowner;
3364 if (nfsrv_dolocallocks != 0 && !LIST_EMPTY(&stp->ls_open)) {
3365 /* Get the lf lock */
3368 ASSERT_VOP_ELOCKED(vp, "nfsrv_openupdate");
3369 NFSVOPUNLOCK(vp, 0);
3370 if (nfsrv_freeopen(stp, vp, 1, p) == 0) {
3372 nfsrv_unlocklf(lfp);
3375 NFSVOPLOCK(vp, LK_EXCLUSIVE | LK_RETRY);
3377 (void) nfsrv_freeopen(stp, NULL, 0, p);
3382 * Update the share bits, making sure that the new set are a
3383 * subset of the old ones.
3385 bits = (new_stp->ls_flags & NFSLCK_SHAREBITS);
3386 if (~(stp->ls_flags) & bits) {
3388 error = NFSERR_INVAL;
3391 stp->ls_flags = (bits | NFSLCK_OPEN);
3392 stp->ls_stateid.seqid++;
3393 if ((nd->nd_flag & ND_NFSV41) != 0 &&
3394 stp->ls_stateid.seqid == 0)
3395 stp->ls_stateid.seqid = 1;
3400 * If the client just confirmed its first open, write a timestamp
3401 * to the stable storage file.
3403 if (gotstate != 0) {
3404 nfsrv_writestable(clidp, len, NFSNST_NEWSTATE, p);
3405 nfsrv_backupstable();
3409 free(clidp, M_TEMP);
3410 NFSEXITCODE2(error, nd);
3415 * Delegation update. Does the purge and return.
3418 nfsrv_delegupdate(struct nfsrv_descript *nd, nfsquad_t clientid,
3419 nfsv4stateid_t *stateidp, vnode_t vp, int op, struct ucred *cred,
3422 struct nfsstate *stp;
3423 struct nfsclient *clp;
3428 * Do a sanity check against the file handle for DelegReturn.
3431 error = nfsvno_getfh(vp, &fh, p);
3436 * Check for restart conditions (client and server).
3438 if (op == NFSV4OP_DELEGRETURN)
3439 error = nfsrv_checkrestart(clientid, NFSLCK_DELEGRETURN,
3442 error = nfsrv_checkrestart(clientid, NFSLCK_DELEGPURGE,
3447 * Get the open structure via clientid and stateid.
3450 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
3451 (nfsquad_t)((u_quad_t)0), 0, nd, p);
3453 if (error == NFSERR_CBPATHDOWN)
3455 if (error == NFSERR_STALECLIENTID && op == NFSV4OP_DELEGRETURN)
3456 error = NFSERR_STALESTATEID;
3458 if (!error && op == NFSV4OP_DELEGRETURN) {
3459 error = nfsrv_getstate(clp, stateidp, NFSLCK_DELEGRETURN, &stp);
3460 if (!error && stp->ls_stateid.seqid != stateidp->seqid &&
3461 ((nd->nd_flag & ND_NFSV41) == 0 || stateidp->seqid != 0))
3462 error = NFSERR_OLDSTATEID;
3465 * NFSERR_EXPIRED means that the state has gone away,
3466 * so Delegations have been purged. Just return ok.
3468 if (error == NFSERR_EXPIRED && op == NFSV4OP_DELEGPURGE) {
3478 if (op == NFSV4OP_DELEGRETURN) {
3479 if (NFSBCMP((caddr_t)&fh, (caddr_t)&stp->ls_lfp->lf_fh,
3480 sizeof (fhandle_t))) {
3482 error = NFSERR_BADSTATEID;
3485 nfsrv_freedeleg(stp);
3487 nfsrv_freedeleglist(&clp->lc_olddeleg);
3498 * Release lock owner.
3501 nfsrv_releaselckown(struct nfsstate *new_stp, nfsquad_t clientid,
3504 struct nfsstate *stp, *nstp, *openstp, *ownstp;
3505 struct nfsclient *clp;
3509 * Check for restart conditions (client and server).
3511 error = nfsrv_checkrestart(clientid, new_stp->ls_flags,
3512 &new_stp->ls_stateid, 0);
3518 * Get the lock owner by name.
3520 error = nfsrv_getclient(clientid, CLOPS_RENEW, &clp, NULL,
3521 (nfsquad_t)((u_quad_t)0), 0, NULL, p);
3526 LIST_FOREACH(ownstp, &clp->lc_open, ls_list) {
3527 LIST_FOREACH(openstp, &ownstp->ls_open, ls_list) {
3528 stp = LIST_FIRST(&openstp->ls_open);
3529 while (stp != LIST_END(&openstp->ls_open)) {
3530 nstp = LIST_NEXT(stp, ls_list);
3532 * If the owner matches, check for locks and
3533 * then free or return an error.
3535 if (stp->ls_ownerlen == new_stp->ls_ownerlen &&
3536 !NFSBCMP(stp->ls_owner, new_stp->ls_owner,
3538 if (LIST_EMPTY(&stp->ls_lock)) {
3539 nfsrv_freelockowner(stp, NULL, 0, p);
3542 error = NFSERR_LOCKSHELD;
3558 * Get the file handle for a lock structure.
3561 nfsrv_getlockfh(vnode_t vp, u_short flags, struct nfslockfile *new_lfp,
3562 fhandle_t *nfhp, NFSPROC_T *p)
3564 fhandle_t *fhp = NULL;
3568 * For lock, use the new nfslock structure, otherwise just
3569 * a fhandle_t on the stack.
3571 if (flags & NFSLCK_OPEN) {
3572 KASSERT(new_lfp != NULL, ("nfsrv_getlockfh: new_lfp NULL"));
3573 fhp = &new_lfp->lf_fh;
3577 panic("nfsrv_getlockfh");
3579 error = nfsvno_getfh(vp, fhp, p);
3585 * Get an nfs lock structure. Allocate one, as required, and return a
3587 * Returns an NFSERR_xxx upon failure or -1 to indicate no current lock.
3590 nfsrv_getlockfile(u_short flags, struct nfslockfile **new_lfpp,
3591 struct nfslockfile **lfpp, fhandle_t *nfhp, int lockit)
3593 struct nfslockfile *lfp;
3594 fhandle_t *fhp = NULL, *tfhp;
3595 struct nfslockhashhead *hp;
3596 struct nfslockfile *new_lfp = NULL;
3599 * For lock, use the new nfslock structure, otherwise just
3600 * a fhandle_t on the stack.
3602 if (flags & NFSLCK_OPEN) {
3603 new_lfp = *new_lfpp;
3604 fhp = &new_lfp->lf_fh;
3608 panic("nfsrv_getlockfile");
3611 hp = NFSLOCKHASH(fhp);
3612 LIST_FOREACH(lfp, hp, lf_hash) {
3614 if (NFSVNO_CMPFH(fhp, tfhp)) {
3621 if (!(flags & NFSLCK_OPEN))
3625 * No match, so chain the new one into the list.
3627 LIST_INIT(&new_lfp->lf_open);
3628 LIST_INIT(&new_lfp->lf_lock);
3629 LIST_INIT(&new_lfp->lf_deleg);
3630 LIST_INIT(&new_lfp->lf_locallock);
3631 LIST_INIT(&new_lfp->lf_rollback);
3632 new_lfp->lf_locallock_lck.nfslock_usecnt = 0;
3633 new_lfp->lf_locallock_lck.nfslock_lock = 0;
3634 new_lfp->lf_usecount = 0;
3635 LIST_INSERT_HEAD(hp, new_lfp, lf_hash);
3642 * This function adds a nfslock lock structure to the list for the associated
3643 * nfsstate and nfslockfile structures. It will be inserted after the
3644 * entry pointed at by insert_lop.
3647 nfsrv_insertlock(struct nfslock *new_lop, struct nfslock *insert_lop,
3648 struct nfsstate *stp, struct nfslockfile *lfp)
3650 struct nfslock *lop, *nlop;
3652 new_lop->lo_stp = stp;
3653 new_lop->lo_lfp = lfp;
3656 /* Insert in increasing lo_first order */
3657 lop = LIST_FIRST(&lfp->lf_lock);
3658 if (lop == LIST_END(&lfp->lf_lock) ||
3659 new_lop->lo_first <= lop->lo_first) {
3660 LIST_INSERT_HEAD(&lfp->lf_lock, new_lop, lo_lckfile);
3662 nlop = LIST_NEXT(lop, lo_lckfile);
3663 while (nlop != LIST_END(&lfp->lf_lock) &&
3664 nlop->lo_first < new_lop->lo_first) {
3666 nlop = LIST_NEXT(lop, lo_lckfile);
3668 LIST_INSERT_AFTER(lop, new_lop, lo_lckfile);
3671 new_lop->lo_lckfile.le_prev = NULL; /* list not used */
3675 * Insert after insert_lop, which is overloaded as stp or lfp for
3678 if (stp == NULL && (struct nfslockfile *)insert_lop == lfp)
3679 LIST_INSERT_HEAD(&lfp->lf_locallock, new_lop, lo_lckowner);
3680 else if ((struct nfsstate *)insert_lop == stp)
3681 LIST_INSERT_HEAD(&stp->ls_lock, new_lop, lo_lckowner);
3683 LIST_INSERT_AFTER(insert_lop, new_lop, lo_lckowner);
3685 nfsstatsv1.srvlocks++;
3686 nfsrv_openpluslock++;
3691 * This function updates the locking for a lock owner and given file. It
3692 * maintains a list of lock ranges ordered on increasing file offset that
3693 * are NFSLCK_READ or NFSLCK_WRITE and non-overlapping (aka POSIX style).
3694 * It always adds new_lop to the list and sometimes uses the one pointed
3698 nfsrv_updatelock(struct nfsstate *stp, struct nfslock **new_lopp,
3699 struct nfslock **other_lopp, struct nfslockfile *lfp)
3701 struct nfslock *new_lop = *new_lopp;
3702 struct nfslock *lop, *tlop, *ilop;
3703 struct nfslock *other_lop = *other_lopp;
3704 int unlock = 0, myfile = 0;
3708 * Work down the list until the lock is merged.
3710 if (new_lop->lo_flags & NFSLCK_UNLOCK)
3713 ilop = (struct nfslock *)stp;
3714 lop = LIST_FIRST(&stp->ls_lock);
3716 ilop = (struct nfslock *)lfp;
3717 lop = LIST_FIRST(&lfp->lf_locallock);
3719 while (lop != NULL) {
3721 * Only check locks for this file that aren't before the start of
3724 if (lop->lo_lfp == lfp) {
3726 if (lop->lo_end >= new_lop->lo_first) {
3727 if (new_lop->lo_end < lop->lo_first) {
3729 * If the new lock ends before the start of the
3730 * current lock's range, no merge, just insert
3735 if (new_lop->lo_flags == lop->lo_flags ||
3736 (new_lop->lo_first <= lop->lo_first &&
3737 new_lop->lo_end >= lop->lo_end)) {
3739 * This lock can be absorbed by the new lock/unlock.
3740 * This happens when it covers the entire range
3741 * of the old lock or is contiguous
3742 * with the old lock and is of the same type or an
3745 if (lop->lo_first < new_lop->lo_first)
3746 new_lop->lo_first = lop->lo_first;
3747 if (lop->lo_end > new_lop->lo_end)
3748 new_lop->lo_end = lop->lo_end;
3750 lop = LIST_NEXT(lop, lo_lckowner);
3751 nfsrv_freenfslock(tlop);
3756 * All these cases are for contiguous locks that are not the
3757 * same type, so they can't be merged.
3759 if (new_lop->lo_first <= lop->lo_first) {
3761 * This case is where the new lock overlaps with the
3762 * first part of the old lock. Move the start of the
3763 * old lock to just past the end of the new lock. The
3764 * new lock will be inserted in front of the old, since
3765 * ilop hasn't been updated. (We are done now.)
3767 lop->lo_first = new_lop->lo_end;
3770 if (new_lop->lo_end >= lop->lo_end) {
3772 * This case is where the new lock overlaps with the
3773 * end of the old lock's range. Move the old lock's
3774 * end to just before the new lock's first and insert
3775 * the new lock after the old lock.
3776 * Might not be done yet, since the new lock could
3777 * overlap further locks with higher ranges.
3779 lop->lo_end = new_lop->lo_first;
3781 lop = LIST_NEXT(lop, lo_lckowner);
3785 * The final case is where the new lock's range is in the
3786 * middle of the current lock's and splits the current lock
3787 * up. Use *other_lopp to handle the second part of the
3788 * split old lock range. (We are done now.)
3789 * For unlock, we use new_lop as other_lop and tmp, since
3790 * other_lop and new_lop are the same for this case.
3791 * We noted the unlock case above, so we don't need
3792 * new_lop->lo_flags any longer.
3794 tmp = new_lop->lo_first;
3795 if (other_lop == NULL) {
3797 panic("nfsd srv update unlock");
3798 other_lop = new_lop;
3801 other_lop->lo_first = new_lop->lo_end;
3802 other_lop->lo_end = lop->lo_end;
3803 other_lop->lo_flags = lop->lo_flags;
3804 other_lop->lo_stp = stp;
3805 other_lop->lo_lfp = lfp;
3807 nfsrv_insertlock(other_lop, lop, stp, lfp);
3814 lop = LIST_NEXT(lop, lo_lckowner);
3815 if (myfile && (lop == NULL || lop->lo_lfp != lfp))
3820 * Insert the new lock in the list at the appropriate place.
3823 nfsrv_insertlock(new_lop, ilop, stp, lfp);
3829 * This function handles sequencing of locks, etc.
3830 * It returns an error that indicates what the caller should do.
3833 nfsrv_checkseqid(struct nfsrv_descript *nd, u_int32_t seqid,
3834 struct nfsstate *stp, struct nfsrvcache *op)
3838 if ((nd->nd_flag & ND_NFSV41) != 0)
3839 /* NFSv4.1 ignores the open_seqid and lock_seqid. */
3841 if (op != nd->nd_rp)
3842 panic("nfsrvstate checkseqid");
3843 if (!(op->rc_flag & RC_INPROG))
3844 panic("nfsrvstate not inprog");
3845 if (stp->ls_op && stp->ls_op->rc_refcnt <= 0) {
3846 printf("refcnt=%d\n", stp->ls_op->rc_refcnt);
3847 panic("nfsrvstate op refcnt");
3849 if ((stp->ls_seq + 1) == seqid) {
3851 nfsrvd_derefcache(stp->ls_op);
3853 nfsrvd_refcache(op);
3854 stp->ls_seq = seqid;
3856 } else if (stp->ls_seq == seqid && stp->ls_op &&
3857 op->rc_xid == stp->ls_op->rc_xid &&
3858 op->rc_refcnt == 0 &&
3859 op->rc_reqlen == stp->ls_op->rc_reqlen &&
3860 op->rc_cksum == stp->ls_op->rc_cksum) {
3861 if (stp->ls_op->rc_flag & RC_INPROG) {
3862 error = NFSERR_DONTREPLY;
3865 nd->nd_rp = stp->ls_op;
3866 nd->nd_rp->rc_flag |= RC_INPROG;
3867 nfsrvd_delcache(op);
3868 error = NFSERR_REPLYFROMCACHE;
3871 error = NFSERR_BADSEQID;
3874 NFSEXITCODE2(error, nd);
3879 * Get the client ip address for callbacks. If the strings can't be parsed,
3880 * just set lc_program to 0 to indicate no callbacks are possible.
3881 * (For cases where the address can't be parsed or is 0.0.0.0.0.0, set
3882 * the address to the client's transport address. This won't be used
3883 * for callbacks, but can be printed out by nfsstats for info.)
3884 * Return error if the xdr can't be parsed, 0 otherwise.
3887 nfsrv_getclientipaddr(struct nfsrv_descript *nd, struct nfsclient *clp)
3892 struct sockaddr_in *rad, *sad;
3893 u_char protocol[5], addr[24];
3894 int error = 0, cantparse = 0;
3904 rad = NFSSOCKADDR(clp->lc_req.nr_nam, struct sockaddr_in *);
3905 rad->sin_family = AF_INET;
3906 rad->sin_len = sizeof (struct sockaddr_in);
3907 rad->sin_addr.s_addr = 0;
3909 clp->lc_req.nr_client = NULL;
3910 clp->lc_req.nr_lock = 0;
3911 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
3912 i = fxdr_unsigned(int, *tl);
3913 if (i >= 3 && i <= 4) {
3914 error = nfsrv_mtostr(nd, protocol, i);
3917 if (!strcmp(protocol, "tcp")) {
3918 clp->lc_flags |= LCL_TCPCALLBACK;
3919 clp->lc_req.nr_sotype = SOCK_STREAM;
3920 clp->lc_req.nr_soproto = IPPROTO_TCP;
3921 } else if (!strcmp(protocol, "udp")) {
3922 clp->lc_req.nr_sotype = SOCK_DGRAM;
3923 clp->lc_req.nr_soproto = IPPROTO_UDP;
3930 error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
3935 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
3936 i = fxdr_unsigned(int, *tl);
3938 error = NFSERR_BADXDR;
3940 } else if (i == 0) {
3942 } else if (!cantparse && i <= 23 && i >= 11) {
3943 error = nfsrv_mtostr(nd, addr, i);
3948 * Parse out the address fields. We expect 6 decimal numbers
3949 * separated by '.'s.
3953 while (*cp && i < 6) {
3955 while (*cp2 && *cp2 != '.')
3963 j = nfsrv_getipnumber(cp);
3968 port.cval[5 - i] = j;
3977 if (ip.ival != 0x0) {
3978 rad->sin_addr.s_addr = htonl(ip.ival);
3979 rad->sin_port = htons(port.sval);
3987 error = nfsm_advance(nd, NFSM_RNDUP(i), -1);
3993 sad = NFSSOCKADDR(nd->nd_nam, struct sockaddr_in *);
3994 if (sad->sin_family == AF_INET) {
3995 rad->sin_addr.s_addr = sad->sin_addr.s_addr;
3996 rad->sin_port = 0x0;
3998 clp->lc_program = 0;
4001 NFSEXITCODE2(error, nd);
4006 * Turn a string of up to three decimal digits into a number. Return -1 upon
4010 nfsrv_getipnumber(u_char *cp)
4015 if (j > 2 || *cp < '0' || *cp > '9')
4028 * This function checks for restart conditions.
4031 nfsrv_checkrestart(nfsquad_t clientid, u_int32_t flags,
4032 nfsv4stateid_t *stateidp, int specialid)
4037 * First check for a server restart. Open, LockT, ReleaseLockOwner
4038 * and DelegPurge have a clientid, the rest a stateid.
4041 (NFSLCK_OPEN | NFSLCK_TEST | NFSLCK_RELEASE | NFSLCK_DELEGPURGE)) {
4042 if (clientid.lval[0] != nfsrvboottime) {
4043 ret = NFSERR_STALECLIENTID;
4046 } else if (stateidp->other[0] != nfsrvboottime &&
4048 ret = NFSERR_STALESTATEID;
4053 * Read, Write, Setattr and LockT can return NFSERR_GRACE and do
4054 * not use a lock/open owner seqid#, so the check can be done now.
4055 * (The others will be checked, as required, later.)
4057 if (!(flags & (NFSLCK_CHECK | NFSLCK_TEST)))
4061 ret = nfsrv_checkgrace(NULL, NULL, flags);
4073 nfsrv_checkgrace(struct nfsrv_descript *nd, struct nfsclient *clp,
4078 if ((nfsrv_stablefirst.nsf_flags & NFSNSF_GRACEOVER) != 0) {
4079 if (flags & NFSLCK_RECLAIM) {
4080 error = NFSERR_NOGRACE;
4084 if (!(flags & NFSLCK_RECLAIM)) {
4085 error = NFSERR_GRACE;
4088 if (nd != NULL && clp != NULL &&
4089 (nd->nd_flag & ND_NFSV41) != 0 &&
4090 (clp->lc_flags & LCL_RECLAIMCOMPLETE) != 0) {
4091 error = NFSERR_NOGRACE;
4096 * If grace is almost over and we are still getting Reclaims,
4097 * extend grace a bit.
4099 if ((NFSD_MONOSEC + NFSRV_LEASEDELTA) >
4100 nfsrv_stablefirst.nsf_eograce)
4101 nfsrv_stablefirst.nsf_eograce = NFSD_MONOSEC +
4111 * Do a server callback.
4114 nfsrv_docallback(struct nfsclient *clp, int procnum,
4115 nfsv4stateid_t *stateidp, int trunc, fhandle_t *fhp,
4116 struct nfsvattr *nap, nfsattrbit_t *attrbitp, NFSPROC_T *p)
4120 struct nfsrv_descript nfsd, *nd = &nfsd;
4124 struct nfsdsession *sep = NULL;
4126 cred = newnfs_getcred();
4127 NFSLOCKSTATE(); /* mostly for lc_cbref++ */
4128 if (clp->lc_flags & LCL_NEEDSCONFIRM) {
4135 * Fill the callback program# and version into the request
4136 * structure for newnfs_connect() to use.
4138 clp->lc_req.nr_prog = clp->lc_program;
4140 if ((clp->lc_flags & LCL_NFSV41) != 0)
4141 clp->lc_req.nr_vers = NFSV41_CBVERS;
4144 clp->lc_req.nr_vers = NFSV4_CBVERS;
4147 * First, fill in some of the fields of nd and cr.
4149 nd->nd_flag = ND_NFSV4;
4150 if (clp->lc_flags & LCL_GSS)
4151 nd->nd_flag |= ND_KERBV;
4152 if ((clp->lc_flags & LCL_NFSV41) != 0)
4153 nd->nd_flag |= ND_NFSV41;
4155 cred->cr_uid = clp->lc_uid;
4156 cred->cr_gid = clp->lc_gid;
4157 callback = clp->lc_callback;
4159 cred->cr_ngroups = 1;
4162 * Get the first mbuf for the request.
4164 MGET(m, M_WAITOK, MT_DATA);
4166 nd->nd_mreq = nd->nd_mb = m;
4167 nd->nd_bpos = NFSMTOD(m, caddr_t);
4170 * and build the callback request.
4172 if (procnum == NFSV4OP_CBGETATTR) {
4173 nd->nd_procnum = NFSV4PROC_CBCOMPOUND;
4174 error = nfsrv_cbcallargs(nd, clp, callback, NFSV4OP_CBGETATTR,
4175 "CB Getattr", &sep);
4177 mbuf_freem(nd->nd_mreq);
4180 (void)nfsm_fhtom(nd, (u_int8_t *)fhp, NFSX_MYFH, 0);
4181 (void)nfsrv_putattrbit(nd, attrbitp);
4182 } else if (procnum == NFSV4OP_CBRECALL) {
4183 nd->nd_procnum = NFSV4PROC_CBCOMPOUND;
4184 error = nfsrv_cbcallargs(nd, clp, callback, NFSV4OP_CBRECALL,
4187 mbuf_freem(nd->nd_mreq);
4190 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED + NFSX_STATEID);
4191 *tl++ = txdr_unsigned(stateidp->seqid);
4192 NFSBCOPY((caddr_t)stateidp->other, (caddr_t)tl,
4194 tl += (NFSX_STATEIDOTHER / NFSX_UNSIGNED);
4199 (void)nfsm_fhtom(nd, (u_int8_t *)fhp, NFSX_MYFH, 0);
4200 } else if (procnum == NFSV4PROC_CBNULL) {
4201 nd->nd_procnum = NFSV4PROC_CBNULL;
4202 if ((clp->lc_flags & LCL_NFSV41) != 0) {
4203 error = nfsv4_getcbsession(clp, &sep);
4205 mbuf_freem(nd->nd_mreq);
4210 error = NFSERR_SERVERFAULT;
4211 mbuf_freem(nd->nd_mreq);
4216 * Call newnfs_connect(), as required, and then newnfs_request().
4218 (void) newnfs_sndlock(&clp->lc_req.nr_lock);
4219 if (clp->lc_req.nr_client == NULL) {
4220 if ((clp->lc_flags & LCL_NFSV41) != 0)
4221 error = ECONNREFUSED;
4222 else if (nd->nd_procnum == NFSV4PROC_CBNULL)
4223 error = newnfs_connect(NULL, &clp->lc_req, cred,
4226 error = newnfs_connect(NULL, &clp->lc_req, cred,
4229 newnfs_sndunlock(&clp->lc_req.nr_lock);
4231 if ((nd->nd_flag & ND_NFSV41) != 0) {
4232 KASSERT(sep != NULL, ("sep NULL"));
4233 if (sep->sess_cbsess.nfsess_xprt != NULL)
4234 error = newnfs_request(nd, NULL, clp,
4235 &clp->lc_req, NULL, NULL, cred,
4236 clp->lc_program, clp->lc_req.nr_vers, NULL,
4237 1, NULL, &sep->sess_cbsess);
4240 * This should probably never occur, but if a
4241 * client somehow does an RPC without a
4242 * SequenceID Op that causes a callback just
4243 * after the nfsd threads have been terminated
4244 * and restared we could conceivably get here
4245 * without a backchannel xprt.
4247 printf("nfsrv_docallback: no xprt\n");
4248 error = ECONNREFUSED;
4250 nfsrv_freesession(sep, NULL);
4252 error = newnfs_request(nd, NULL, clp, &clp->lc_req,
4253 NULL, NULL, cred, clp->lc_program,
4254 clp->lc_req.nr_vers, NULL, 1, NULL, NULL);
4260 * If error is set here, the Callback path isn't working
4261 * properly, so twiddle the appropriate LCL_ flags.
4262 * (nd_repstat != 0 indicates the Callback path is working,
4263 * but the callback failed on the client.)
4267 * Mark the callback pathway down, which disabled issuing
4268 * of delegations and gets Renew to return NFSERR_CBPATHDOWN.
4271 clp->lc_flags |= LCL_CBDOWN;
4275 * Callback worked. If the callback path was down, disable
4276 * callbacks, so no more delegations will be issued. (This
4277 * is done on the assumption that the callback pathway is
4281 if (clp->lc_flags & LCL_CBDOWN)
4282 clp->lc_flags &= ~(LCL_CBDOWN | LCL_CALLBACKSON);
4285 error = nd->nd_repstat;
4286 else if (error == 0 && procnum == NFSV4OP_CBGETATTR)
4287 error = nfsv4_loadattr(nd, NULL, nap, NULL, NULL, 0,
4288 NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL,
4290 mbuf_freem(nd->nd_mrep);
4294 if ((clp->lc_flags & LCL_WAKEUPWANTED) && clp->lc_cbref == 0) {
4295 clp->lc_flags &= ~LCL_WAKEUPWANTED;
4305 * Set up the compound RPC for the callback.
4308 nfsrv_cbcallargs(struct nfsrv_descript *nd, struct nfsclient *clp,
4309 uint32_t callback, int op, const char *optag, struct nfsdsession **sepp)
4314 len = strlen(optag);
4315 (void)nfsm_strtom(nd, optag, len);
4316 NFSM_BUILD(tl, uint32_t *, 4 * NFSX_UNSIGNED);
4317 if ((nd->nd_flag & ND_NFSV41) != 0) {
4318 *tl++ = txdr_unsigned(NFSV41_MINORVERSION);
4319 *tl++ = txdr_unsigned(callback);
4320 *tl++ = txdr_unsigned(2);
4321 *tl = txdr_unsigned(NFSV4OP_CBSEQUENCE);
4322 error = nfsv4_setcbsequence(nd, clp, 1, sepp);
4325 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
4326 *tl = txdr_unsigned(op);
4328 *tl++ = txdr_unsigned(NFSV4_MINORVERSION);
4329 *tl++ = txdr_unsigned(callback);
4330 *tl++ = txdr_unsigned(1);
4331 *tl = txdr_unsigned(op);
4337 * Return the next index# for a clientid. Mostly just increment and return
4338 * the next one, but... if the 32bit unsigned does actually wrap around,
4339 * it should be rebooted.
4340 * At an average rate of one new client per second, it will wrap around in
4341 * approximately 136 years. (I think the server will have been shut
4342 * down or rebooted before then.)
4345 nfsrv_nextclientindex(void)
4347 static u_int32_t client_index = 0;
4350 if (client_index != 0)
4351 return (client_index);
4353 printf("%s: out of clientids\n", __func__);
4354 return (client_index);
4358 * Return the next index# for a stateid. Mostly just increment and return
4359 * the next one, but... if the 32bit unsigned does actually wrap around
4360 * (will a BSD server stay up that long?), find
4361 * new start and end values.
4364 nfsrv_nextstateindex(struct nfsclient *clp)
4366 struct nfsstate *stp;
4368 u_int32_t canuse, min_index, max_index;
4370 if (!(clp->lc_flags & LCL_INDEXNOTOK)) {
4371 clp->lc_stateindex++;
4372 if (clp->lc_stateindex != clp->lc_statemaxindex)
4373 return (clp->lc_stateindex);
4377 * Yuck, we've hit the end.
4378 * Look for a new min and max.
4381 max_index = 0xffffffff;
4382 for (i = 0; i < nfsrv_statehashsize; i++) {
4383 LIST_FOREACH(stp, &clp->lc_stateid[i], ls_hash) {
4384 if (stp->ls_stateid.other[2] > 0x80000000) {
4385 if (stp->ls_stateid.other[2] < max_index)
4386 max_index = stp->ls_stateid.other[2];
4388 if (stp->ls_stateid.other[2] > min_index)
4389 min_index = stp->ls_stateid.other[2];
4395 * Yikes, highly unlikely, but I'll handle it anyhow.
4397 if (min_index == 0x80000000 && max_index == 0x80000001) {
4400 * Loop around until we find an unused entry. Return that
4401 * and set LCL_INDEXNOTOK, so the search will continue next time.
4402 * (This is one of those rare cases where a goto is the
4403 * cleanest way to code the loop.)
4406 for (i = 0; i < nfsrv_statehashsize; i++) {
4407 LIST_FOREACH(stp, &clp->lc_stateid[i], ls_hash) {
4408 if (stp->ls_stateid.other[2] == canuse) {
4414 clp->lc_flags |= LCL_INDEXNOTOK;
4419 * Ok to start again from min + 1.
4421 clp->lc_stateindex = min_index + 1;
4422 clp->lc_statemaxindex = max_index;
4423 clp->lc_flags &= ~LCL_INDEXNOTOK;
4424 return (clp->lc_stateindex);
4428 * The following functions handle the stable storage file that deals with
4429 * the edge conditions described in RFC3530 Sec. 8.6.3.
4430 * The file is as follows:
4431 * - a single record at the beginning that has the lease time of the
4432 * previous server instance (before the last reboot) and the nfsrvboottime
4433 * values for the previous server boots.
4434 * These previous boot times are used to ensure that the current
4435 * nfsrvboottime does not, somehow, get set to a previous one.
4436 * (This is important so that Stale ClientIDs and StateIDs can
4438 * The number of previous nfsvrboottime values precedes the list.
4439 * - followed by some number of appended records with:
4440 * - client id string
4441 * - flag that indicates it is a record revoking state via lease
4442 * expiration or similar
4443 * OR has successfully acquired state.
4444 * These structures vary in length, with the client string at the end, up
4445 * to NFSV4_OPAQUELIMIT in size.
4447 * At the end of the grace period, the file is truncated, the first
4448 * record is rewritten with updated information and any acquired state
4449 * records for successful reclaims of state are written.
4451 * Subsequent records are appended when the first state is issued to
4452 * a client and when state is revoked for a client.
4454 * When reading the file in, state issued records that come later in
4455 * the file override older ones, since the append log is in cronological order.
4456 * If, for some reason, the file can't be read, the grace period is
4457 * immediately terminated and all reclaims get NFSERR_NOGRACE.
4461 * Read in the stable storage file. Called by nfssvc() before the nfsd
4462 * processes start servicing requests.
4465 nfsrv_setupstable(NFSPROC_T *p)
4467 struct nfsrv_stablefirst *sf = &nfsrv_stablefirst;
4468 struct nfsrv_stable *sp, *nsp;
4469 struct nfst_rec *tsp;
4470 int error, i, tryagain;
4472 ssize_t aresid, len;
4475 * If NFSNSF_UPDATEDONE is set, this is a restart of the nfsds without
4476 * a reboot, so state has not been lost.
4478 if (sf->nsf_flags & NFSNSF_UPDATEDONE)
4481 * Set Grace over just until the file reads successfully.
4483 nfsrvboottime = time_second;
4484 LIST_INIT(&sf->nsf_head);
4485 sf->nsf_flags = (NFSNSF_GRACEOVER | NFSNSF_NEEDLOCK);
4486 sf->nsf_eograce = NFSD_MONOSEC + NFSRV_LEASEDELTA;
4487 if (sf->nsf_fp == NULL)
4489 error = NFSD_RDWR(UIO_READ, NFSFPVNODE(sf->nsf_fp),
4490 (caddr_t)&sf->nsf_rec, sizeof (struct nfsf_rec), off, UIO_SYSSPACE,
4491 0, NFSFPCRED(sf->nsf_fp), &aresid, p);
4492 if (error || aresid || sf->nsf_numboots == 0 ||
4493 sf->nsf_numboots > NFSNSF_MAXNUMBOOTS)
4497 * Now, read in the boottimes.
4499 sf->nsf_bootvals = (time_t *)malloc((sf->nsf_numboots + 1) *
4500 sizeof (time_t), M_TEMP, M_WAITOK);
4501 off = sizeof (struct nfsf_rec);
4502 error = NFSD_RDWR(UIO_READ, NFSFPVNODE(sf->nsf_fp),
4503 (caddr_t)sf->nsf_bootvals, sf->nsf_numboots * sizeof (time_t), off,
4504 UIO_SYSSPACE, 0, NFSFPCRED(sf->nsf_fp), &aresid, p);
4505 if (error || aresid) {
4506 free((caddr_t)sf->nsf_bootvals, M_TEMP);
4507 sf->nsf_bootvals = NULL;
4512 * Make sure this nfsrvboottime is different from all recorded
4517 for (i = 0; i < sf->nsf_numboots; i++) {
4518 if (nfsrvboottime == sf->nsf_bootvals[i]) {
4526 sf->nsf_flags |= NFSNSF_OK;
4527 off += (sf->nsf_numboots * sizeof (time_t));
4530 * Read through the file, building a list of records for grace
4532 * Each record is between sizeof (struct nfst_rec) and
4533 * sizeof (struct nfst_rec) + NFSV4_OPAQUELIMIT - 1
4534 * and is actually sizeof (struct nfst_rec) + nst_len - 1.
4536 tsp = (struct nfst_rec *)malloc(sizeof (struct nfst_rec) +
4537 NFSV4_OPAQUELIMIT - 1, M_TEMP, M_WAITOK);
4539 error = NFSD_RDWR(UIO_READ, NFSFPVNODE(sf->nsf_fp),
4540 (caddr_t)tsp, sizeof (struct nfst_rec) + NFSV4_OPAQUELIMIT - 1,
4541 off, UIO_SYSSPACE, 0, NFSFPCRED(sf->nsf_fp), &aresid, p);
4542 len = (sizeof (struct nfst_rec) + NFSV4_OPAQUELIMIT - 1) - aresid;
4543 if (error || (len > 0 && (len < sizeof (struct nfst_rec) ||
4544 len < (sizeof (struct nfst_rec) + tsp->len - 1)))) {
4546 * Yuck, the file has been corrupted, so just return
4547 * after clearing out any restart state, so the grace period
4550 LIST_FOREACH_SAFE(sp, &sf->nsf_head, nst_list, nsp) {
4551 LIST_REMOVE(sp, nst_list);
4552 free((caddr_t)sp, M_TEMP);
4554 free((caddr_t)tsp, M_TEMP);
4555 sf->nsf_flags &= ~NFSNSF_OK;
4556 free((caddr_t)sf->nsf_bootvals, M_TEMP);
4557 sf->nsf_bootvals = NULL;
4561 off += sizeof (struct nfst_rec) + tsp->len - 1;
4563 * Search the list for a matching client.
4565 LIST_FOREACH(sp, &sf->nsf_head, nst_list) {
4566 if (tsp->len == sp->nst_len &&
4567 !NFSBCMP(tsp->client, sp->nst_client, tsp->len))
4570 if (sp == LIST_END(&sf->nsf_head)) {
4571 sp = (struct nfsrv_stable *)malloc(tsp->len +
4572 sizeof (struct nfsrv_stable) - 1, M_TEMP,
4574 NFSBCOPY((caddr_t)tsp, (caddr_t)&sp->nst_rec,
4575 sizeof (struct nfst_rec) + tsp->len - 1);
4576 LIST_INSERT_HEAD(&sf->nsf_head, sp, nst_list);
4578 if (tsp->flag == NFSNST_REVOKE)
4579 sp->nst_flag |= NFSNST_REVOKE;
4582 * A subsequent timestamp indicates the client
4583 * did a setclientid/confirm and any previous
4584 * revoke is no longer relevant.
4586 sp->nst_flag &= ~NFSNST_REVOKE;
4590 free((caddr_t)tsp, M_TEMP);
4591 sf->nsf_flags = NFSNSF_OK;
4592 sf->nsf_eograce = NFSD_MONOSEC + sf->nsf_lease +
4597 * Update the stable storage file, now that the grace period is over.
4600 nfsrv_updatestable(NFSPROC_T *p)
4602 struct nfsrv_stablefirst *sf = &nfsrv_stablefirst;
4603 struct nfsrv_stable *sp, *nsp;
4605 struct nfsvattr nva;
4607 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 500000)
4612 if (sf->nsf_fp == NULL || (sf->nsf_flags & NFSNSF_UPDATEDONE))
4614 sf->nsf_flags |= NFSNSF_UPDATEDONE;
4616 * Ok, we need to rewrite the stable storage file.
4617 * - truncate to 0 length
4618 * - write the new first structure
4619 * - loop through the data structures, writing out any that
4620 * have timestamps older than the old boot
4622 if (sf->nsf_bootvals) {
4624 for (i = sf->nsf_numboots - 2; i >= 0; i--)
4625 sf->nsf_bootvals[i + 1] = sf->nsf_bootvals[i];
4627 sf->nsf_numboots = 1;
4628 sf->nsf_bootvals = (time_t *)malloc(sizeof (time_t),
4631 sf->nsf_bootvals[0] = nfsrvboottime;
4632 sf->nsf_lease = nfsrv_lease;
4633 NFSVNO_ATTRINIT(&nva);
4634 NFSVNO_SETATTRVAL(&nva, size, 0);
4635 vp = NFSFPVNODE(sf->nsf_fp);
4636 vn_start_write(vp, &mp, V_WAIT);
4637 if (NFSVOPLOCK(vp, LK_EXCLUSIVE) == 0) {
4638 error = nfsvno_setattr(vp, &nva, NFSFPCRED(sf->nsf_fp), p,
4640 NFSVOPUNLOCK(vp, 0);
4643 vn_finished_write(mp);
4645 error = NFSD_RDWR(UIO_WRITE, vp,
4646 (caddr_t)&sf->nsf_rec, sizeof (struct nfsf_rec), (off_t)0,
4647 UIO_SYSSPACE, IO_SYNC, NFSFPCRED(sf->nsf_fp), NULL, p);
4649 error = NFSD_RDWR(UIO_WRITE, vp,
4650 (caddr_t)sf->nsf_bootvals,
4651 sf->nsf_numboots * sizeof (time_t),
4652 (off_t)(sizeof (struct nfsf_rec)),
4653 UIO_SYSSPACE, IO_SYNC, NFSFPCRED(sf->nsf_fp), NULL, p);
4654 free((caddr_t)sf->nsf_bootvals, M_TEMP);
4655 sf->nsf_bootvals = NULL;
4657 sf->nsf_flags &= ~NFSNSF_OK;
4658 printf("EEK! Can't write NfsV4 stable storage file\n");
4661 sf->nsf_flags |= NFSNSF_OK;
4664 * Loop through the list and write out timestamp records for
4665 * any clients that successfully reclaimed state.
4667 LIST_FOREACH_SAFE(sp, &sf->nsf_head, nst_list, nsp) {
4668 if (sp->nst_flag & NFSNST_GOTSTATE) {
4669 nfsrv_writestable(sp->nst_client, sp->nst_len,
4670 NFSNST_NEWSTATE, p);
4671 sp->nst_clp->lc_flags |= LCL_STAMPEDSTABLE;
4673 LIST_REMOVE(sp, nst_list);
4674 free((caddr_t)sp, M_TEMP);
4676 nfsrv_backupstable();
4680 * Append a record to the stable storage file.
4683 nfsrv_writestable(u_char *client, int len, int flag, NFSPROC_T *p)
4685 struct nfsrv_stablefirst *sf = &nfsrv_stablefirst;
4686 struct nfst_rec *sp;
4689 if (!(sf->nsf_flags & NFSNSF_OK) || sf->nsf_fp == NULL)
4691 sp = (struct nfst_rec *)malloc(sizeof (struct nfst_rec) +
4692 len - 1, M_TEMP, M_WAITOK);
4694 NFSBCOPY(client, sp->client, len);
4696 error = NFSD_RDWR(UIO_WRITE, NFSFPVNODE(sf->nsf_fp),
4697 (caddr_t)sp, sizeof (struct nfst_rec) + len - 1, (off_t)0,
4698 UIO_SYSSPACE, (IO_SYNC | IO_APPEND), NFSFPCRED(sf->nsf_fp), NULL, p);
4699 free((caddr_t)sp, M_TEMP);
4701 sf->nsf_flags &= ~NFSNSF_OK;
4702 printf("EEK! Can't write NfsV4 stable storage file\n");
4707 * This function is called during the grace period to mark a client
4708 * that successfully reclaimed state.
4711 nfsrv_markstable(struct nfsclient *clp)
4713 struct nfsrv_stable *sp;
4716 * First find the client structure.
4718 LIST_FOREACH(sp, &nfsrv_stablefirst.nsf_head, nst_list) {
4719 if (sp->nst_len == clp->lc_idlen &&
4720 !NFSBCMP(sp->nst_client, clp->lc_id, sp->nst_len))
4723 if (sp == LIST_END(&nfsrv_stablefirst.nsf_head))
4727 * Now, just mark it and set the nfsclient back pointer.
4729 sp->nst_flag |= NFSNST_GOTSTATE;
4734 * This function is called for a reclaim, to see if it gets grace.
4735 * It returns 0 if a reclaim is allowed, 1 otherwise.
4738 nfsrv_checkstable(struct nfsclient *clp)
4740 struct nfsrv_stable *sp;
4743 * First, find the entry for the client.
4745 LIST_FOREACH(sp, &nfsrv_stablefirst.nsf_head, nst_list) {
4746 if (sp->nst_len == clp->lc_idlen &&
4747 !NFSBCMP(sp->nst_client, clp->lc_id, sp->nst_len))
4752 * If not in the list, state was revoked or no state was issued
4753 * since the previous reboot, a reclaim is denied.
4755 if (sp == LIST_END(&nfsrv_stablefirst.nsf_head) ||
4756 (sp->nst_flag & NFSNST_REVOKE) ||
4757 !(nfsrv_stablefirst.nsf_flags & NFSNSF_OK))
4763 * Test for and try to clear out a conflicting client. This is called by
4764 * nfsrv_lockctrl() and nfsrv_openctrl() when conflicts with other clients
4766 * The trick here is that it can't revoke a conflicting client with an
4767 * expired lease unless it holds the v4root lock, so...
4768 * If no v4root lock, get the lock and return 1 to indicate "try again".
4769 * Return 0 to indicate the conflict can't be revoked and 1 to indicate
4770 * the revocation worked and the conflicting client is "bye, bye", so it
4771 * can be tried again.
4772 * Return 2 to indicate that the vnode is VI_DOOMED after NFSVOPLOCK().
4773 * Unlocks State before a non-zero value is returned.
4776 nfsrv_clientconflict(struct nfsclient *clp, int *haslockp, vnode_t vp,
4779 int gotlock, lktype = 0;
4782 * If lease hasn't expired, we can't fix it.
4784 if (clp->lc_expiry >= NFSD_MONOSEC ||
4785 !(nfsrv_stablefirst.nsf_flags & NFSNSF_UPDATEDONE))
4787 if (*haslockp == 0) {
4790 lktype = NFSVOPISLOCKED(vp);
4791 NFSVOPUNLOCK(vp, 0);
4793 NFSLOCKV4ROOTMUTEX();
4794 nfsv4_relref(&nfsv4rootfs_lock);
4796 gotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
4797 NFSV4ROOTLOCKMUTEXPTR, NULL);
4799 NFSUNLOCKV4ROOTMUTEX();
4802 NFSVOPLOCK(vp, lktype | LK_RETRY);
4803 if ((vp->v_iflag & VI_DOOMED) != 0)
4811 * Ok, we can expire the conflicting client.
4813 nfsrv_writestable(clp->lc_id, clp->lc_idlen, NFSNST_REVOKE, p);
4814 nfsrv_backupstable();
4815 nfsrv_cleanclient(clp, p);
4816 nfsrv_freedeleglist(&clp->lc_deleg);
4817 nfsrv_freedeleglist(&clp->lc_olddeleg);
4818 LIST_REMOVE(clp, lc_hash);
4819 nfsrv_zapclient(clp, p);
4824 * Resolve a delegation conflict.
4825 * Returns 0 to indicate the conflict was resolved without sleeping.
4826 * Return -1 to indicate that the caller should check for conflicts again.
4827 * Return > 0 for an error that should be returned, normally NFSERR_DELAY.
4829 * Also, manipulate the nfsv4root_lock, as required. It isn't changed
4830 * for a return of 0, since there was no sleep and it could be required
4831 * later. It is released for a return of NFSERR_DELAY, since the caller
4832 * will return that error. It is released when a sleep was done waiting
4833 * for the delegation to be returned or expire (so that other nfsds can
4834 * handle ops). Then, it must be acquired for the write to stable storage.
4835 * (This function is somewhat similar to nfsrv_clientconflict(), but
4836 * the semantics differ in a couple of subtle ways. The return of 0
4837 * indicates the conflict was resolved without sleeping here, not
4838 * that the conflict can't be resolved and the handling of nfsv4root_lock
4839 * differs, as noted above.)
4840 * Unlocks State before returning a non-zero value.
4843 nfsrv_delegconflict(struct nfsstate *stp, int *haslockp, NFSPROC_T *p,
4846 struct nfsclient *clp = stp->ls_clp;
4847 int gotlock, error, lktype = 0, retrycnt, zapped_clp;
4848 nfsv4stateid_t tstateid;
4852 * If the conflict is with an old delegation...
4854 if (stp->ls_flags & NFSLCK_OLDDELEG) {
4856 * You can delete it, if it has expired.
4858 if (clp->lc_delegtime < NFSD_MONOSEC) {
4859 nfsrv_freedeleg(stp);
4866 * During this delay, the old delegation could expire or it
4867 * could be recovered by the client via an Open with
4868 * CLAIM_DELEGATE_PREV.
4869 * Release the nfsv4root_lock, if held.
4873 NFSLOCKV4ROOTMUTEX();
4874 nfsv4_unlock(&nfsv4rootfs_lock, 1);
4875 NFSUNLOCKV4ROOTMUTEX();
4877 error = NFSERR_DELAY;
4882 * It's a current delegation, so:
4883 * - check to see if the delegation has expired
4884 * - if so, get the v4root lock and then expire it
4886 if (!(stp->ls_flags & NFSLCK_DELEGRECALL)) {
4888 * - do a recall callback, since not yet done
4889 * For now, never allow truncate to be set. To use
4890 * truncate safely, it must be guaranteed that the
4891 * Remove, Rename or Setattr with size of 0 will
4892 * succeed and that would require major changes to
4893 * the VFS/Vnode OPs.
4894 * Set the expiry time large enough so that it won't expire
4895 * until after the callback, then set it correctly, once
4896 * the callback is done. (The delegation will now time
4897 * out whether or not the Recall worked ok. The timeout
4898 * will be extended when ops are done on the delegation
4899 * stateid, up to the timelimit.)
4901 stp->ls_delegtime = NFSD_MONOSEC + (2 * nfsrv_lease) +
4903 stp->ls_delegtimelimit = NFSD_MONOSEC + (6 * nfsrv_lease) +
4905 stp->ls_flags |= NFSLCK_DELEGRECALL;
4908 * Loop NFSRV_CBRETRYCNT times while the CBRecall replies
4909 * NFSERR_BADSTATEID or NFSERR_BADHANDLE. This is done
4910 * in order to try and avoid a race that could happen
4911 * when a CBRecall request passed the Open reply with
4912 * the delegation in it when transitting the network.
4913 * Since nfsrv_docallback will sleep, don't use stp after
4916 NFSBCOPY((caddr_t)&stp->ls_stateid, (caddr_t)&tstateid,
4918 NFSBCOPY((caddr_t)&stp->ls_lfp->lf_fh, (caddr_t)&tfh,
4923 NFSLOCKV4ROOTMUTEX();
4924 nfsv4_unlock(&nfsv4rootfs_lock, 1);
4925 NFSUNLOCKV4ROOTMUTEX();
4929 error = nfsrv_docallback(clp, NFSV4OP_CBRECALL,
4930 &tstateid, 0, &tfh, NULL, NULL, p);
4932 } while ((error == NFSERR_BADSTATEID ||
4933 error == NFSERR_BADHANDLE) && retrycnt < NFSV4_CBRETRYCNT);
4934 error = NFSERR_DELAY;
4938 if (clp->lc_expiry >= NFSD_MONOSEC &&
4939 stp->ls_delegtime >= NFSD_MONOSEC) {
4942 * A recall has been done, but it has not yet expired.
4947 NFSLOCKV4ROOTMUTEX();
4948 nfsv4_unlock(&nfsv4rootfs_lock, 1);
4949 NFSUNLOCKV4ROOTMUTEX();
4951 error = NFSERR_DELAY;
4956 * If we don't yet have the lock, just get it and then return,
4957 * since we need that before deleting expired state, such as
4959 * When getting the lock, unlock the vnode, so other nfsds that
4960 * are in progress, won't get stuck waiting for the vnode lock.
4962 if (*haslockp == 0) {
4965 lktype = NFSVOPISLOCKED(vp);
4966 NFSVOPUNLOCK(vp, 0);
4968 NFSLOCKV4ROOTMUTEX();
4969 nfsv4_relref(&nfsv4rootfs_lock);
4971 gotlock = nfsv4_lock(&nfsv4rootfs_lock, 1, NULL,
4972 NFSV4ROOTLOCKMUTEXPTR, NULL);
4974 NFSUNLOCKV4ROOTMUTEX();
4977 NFSVOPLOCK(vp, lktype | LK_RETRY);
4978 if ((vp->v_iflag & VI_DOOMED) != 0) {
4980 NFSLOCKV4ROOTMUTEX();
4981 nfsv4_unlock(&nfsv4rootfs_lock, 1);
4982 NFSUNLOCKV4ROOTMUTEX();
4983 error = NFSERR_PERM;
4993 * Ok, we can delete the expired delegation.
4994 * First, write the Revoke record to stable storage and then
4995 * clear out the conflict.
4996 * Since all other nfsd threads are now blocked, we can safely
4997 * sleep without the state changing.
4999 nfsrv_writestable(clp->lc_id, clp->lc_idlen, NFSNST_REVOKE, p);
5000 nfsrv_backupstable();
5001 if (clp->lc_expiry < NFSD_MONOSEC) {
5002 nfsrv_cleanclient(clp, p);
5003 nfsrv_freedeleglist(&clp->lc_deleg);
5004 nfsrv_freedeleglist(&clp->lc_olddeleg);
5005 LIST_REMOVE(clp, lc_hash);
5008 nfsrv_freedeleg(stp);
5012 nfsrv_zapclient(clp, p);
5021 * Check for a remove allowed, if remove is set to 1 and get rid of
5025 nfsrv_checkremove(vnode_t vp, int remove, NFSPROC_T *p)
5027 struct nfsstate *stp;
5028 struct nfslockfile *lfp;
5029 int error, haslock = 0;
5033 * First, get the lock file structure.
5034 * (A return of -1 means no associated state, so remove ok.)
5036 error = nfsrv_getlockfh(vp, NFSLCK_CHECK, NULL, &nfh, p);
5040 error = nfsrv_getlockfile(NFSLCK_CHECK, NULL, &lfp, &nfh, 0);
5044 NFSLOCKV4ROOTMUTEX();
5045 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5046 NFSUNLOCKV4ROOTMUTEX();
5054 * Now, we must Recall any delegations.
5056 error = nfsrv_cleandeleg(vp, lfp, NULL, &haslock, p);
5059 * nfsrv_cleandeleg() unlocks state for non-zero
5065 NFSLOCKV4ROOTMUTEX();
5066 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5067 NFSUNLOCKV4ROOTMUTEX();
5073 * Now, look for a conflicting open share.
5077 * If the entry in the directory was the last reference to the
5078 * corresponding filesystem object, the object can be destroyed
5080 if(lfp->lf_usecount>1)
5081 LIST_FOREACH(stp, &lfp->lf_open, ls_file) {
5082 if (stp->ls_flags & NFSLCK_WRITEDENY) {
5083 error = NFSERR_FILEOPEN;
5091 NFSLOCKV4ROOTMUTEX();
5092 nfsv4_unlock(&nfsv4rootfs_lock, 1);
5093 NFSUNLOCKV4ROOTMUTEX();
5102 * Clear out all delegations for the file referred to by lfp.
5103 * May return NFSERR_DELAY, if there will be a delay waiting for
5104 * delegations to expire.
5105 * Returns -1 to indicate it slept while recalling a delegation.
5106 * This function has the side effect of deleting the nfslockfile structure,
5107 * if it no longer has associated state and didn't have to sleep.
5108 * Unlocks State before a non-zero value is returned.
5111 nfsrv_cleandeleg(vnode_t vp, struct nfslockfile *lfp,
5112 struct nfsclient *clp, int *haslockp, NFSPROC_T *p)
5114 struct nfsstate *stp, *nstp;
5117 stp = LIST_FIRST(&lfp->lf_deleg);
5118 while (stp != LIST_END(&lfp->lf_deleg)) {
5119 nstp = LIST_NEXT(stp, ls_file);
5120 if (stp->ls_clp != clp) {
5121 ret = nfsrv_delegconflict(stp, haslockp, p, vp);
5124 * nfsrv_delegconflict() unlocks state
5125 * when it returns non-zero.
5138 * There are certain operations that, when being done outside of NFSv4,
5139 * require that any NFSv4 delegation for the file be recalled.
5140 * This function is to be called for those cases:
5141 * VOP_RENAME() - When a delegation is being recalled for any reason,
5142 * the client may have to do Opens against the server, using the file's
5143 * final component name. If the file has been renamed on the server,
5144 * that component name will be incorrect and the Open will fail.
5145 * VOP_REMOVE() - Theoretically, a client could Open a file after it has
5146 * been removed on the server, if there is a delegation issued to
5147 * that client for the file. I say "theoretically" since clients
5148 * normally do an Access Op before the Open and that Access Op will
5149 * fail with ESTALE. Note that NFSv2 and 3 don't even do Opens, so
5150 * they will detect the file's removal in the same manner. (There is
5151 * one case where RFC3530 allows a client to do an Open without first
5152 * doing an Access Op, which is passage of a check against the ACE
5153 * returned with a Write delegation, but current practice is to ignore
5154 * the ACE and always do an Access Op.)
5155 * Since the functions can only be called with an unlocked vnode, this
5156 * can't be done at this time.
5157 * VOP_ADVLOCK() - When a client holds a delegation, it can issue byte range
5158 * locks locally in the client, which are not visible to the server. To
5159 * deal with this, issuing of delegations for a vnode must be disabled
5160 * and all delegations for the vnode recalled. This is done via the
5161 * second function, using the VV_DISABLEDELEG vflag on the vnode.
5164 nfsd_recalldelegation(vnode_t vp, NFSPROC_T *p)
5170 * First, check to see if the server is currently running and it has
5171 * been called for a regular file when issuing delegations.
5173 if (newnfs_numnfsd == 0 || vp->v_type != VREG ||
5174 nfsrv_issuedelegs == 0)
5177 KASSERT((NFSVOPISLOCKED(vp) != LK_EXCLUSIVE), ("vp %p is locked", vp));
5179 * First, get a reference on the nfsv4rootfs_lock so that an
5180 * exclusive lock cannot be acquired by another thread.
5182 NFSLOCKV4ROOTMUTEX();
5183 nfsv4_getref(&nfsv4rootfs_lock, NULL, NFSV4ROOTLOCKMUTEXPTR, NULL);
5184 NFSUNLOCKV4ROOTMUTEX();
5187 * Now, call nfsrv_checkremove() in a loop while it returns
5188 * NFSERR_DELAY. Return upon any other error or when timed out.
5190 starttime = NFSD_MONOSEC;
5192 if (NFSVOPLOCK(vp, LK_EXCLUSIVE) == 0) {
5193 error = nfsrv_checkremove(vp, 0, p);
5194 NFSVOPUNLOCK(vp, 0);
5197 if (error == NFSERR_DELAY) {
5198 if (NFSD_MONOSEC - starttime > NFS_REMOVETIMEO)
5200 /* Sleep for a short period of time */
5201 (void) nfs_catnap(PZERO, 0, "nfsremove");
5203 } while (error == NFSERR_DELAY);
5204 NFSLOCKV4ROOTMUTEX();
5205 nfsv4_relref(&nfsv4rootfs_lock);
5206 NFSUNLOCKV4ROOTMUTEX();
5210 nfsd_disabledelegation(vnode_t vp, NFSPROC_T *p)
5213 #ifdef VV_DISABLEDELEG
5215 * First, flag issuance of delegations disabled.
5217 atomic_set_long(&vp->v_vflag, VV_DISABLEDELEG);
5221 * Then call nfsd_recalldelegation() to get rid of all extant
5224 nfsd_recalldelegation(vp, p);
5228 * Check for conflicting locks, etc. and then get rid of delegations.
5229 * (At one point I thought that I should get rid of delegations for any
5230 * Setattr, since it could potentially disallow the I/O op (read or write)
5231 * allowed by the delegation. However, Setattr Ops that aren't changing
5232 * the size get a stateid of all 0s, so you can't tell if it is a delegation
5233 * for the same client or a different one, so I decided to only get rid
5234 * of delegations for other clients when the size is being changed.)
5235 * In general, a Setattr can disable NFS I/O Ops that are outstanding, such
5236 * as Write backs, even if there is no delegation, so it really isn't any
5240 nfsrv_checksetattr(vnode_t vp, struct nfsrv_descript *nd,
5241 nfsv4stateid_t *stateidp, struct nfsvattr *nvap, nfsattrbit_t *attrbitp,
5242 struct nfsexstuff *exp, NFSPROC_T *p)
5244 struct nfsstate st, *stp = &st;
5245 struct nfslock lo, *lop = &lo;
5249 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SIZE)) {
5250 stp->ls_flags = (NFSLCK_CHECK | NFSLCK_WRITEACCESS);
5251 lop->lo_first = nvap->na_size;
5256 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNER) ||
5257 NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNERGROUP) ||
5258 NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_MODE) ||
5259 NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_ACL))
5260 stp->ls_flags |= NFSLCK_SETATTR;
5261 if (stp->ls_flags == 0)
5263 lop->lo_end = NFS64BITSSET;
5264 lop->lo_flags = NFSLCK_WRITE;
5265 stp->ls_ownerlen = 0;
5267 stp->ls_uid = nd->nd_cred->cr_uid;
5268 stp->ls_stateid.seqid = stateidp->seqid;
5269 clientid.lval[0] = stp->ls_stateid.other[0] = stateidp->other[0];
5270 clientid.lval[1] = stp->ls_stateid.other[1] = stateidp->other[1];
5271 stp->ls_stateid.other[2] = stateidp->other[2];
5272 error = nfsrv_lockctrl(vp, &stp, &lop, NULL, clientid,
5273 stateidp, exp, nd, p);
5276 NFSEXITCODE2(error, nd);
5281 * Check for a write delegation and do a CBGETATTR if there is one, updating
5282 * the attributes, as required.
5283 * Should I return an error if I can't get the attributes? (For now, I'll
5287 nfsrv_checkgetattr(struct nfsrv_descript *nd, vnode_t vp,
5288 struct nfsvattr *nvap, nfsattrbit_t *attrbitp, struct ucred *cred,
5291 struct nfsstate *stp;
5292 struct nfslockfile *lfp;
5293 struct nfsclient *clp;
5294 struct nfsvattr nva;
5297 nfsattrbit_t cbbits;
5298 u_quad_t delegfilerev;
5300 NFSCBGETATTR_ATTRBIT(attrbitp, &cbbits);
5301 if (!NFSNONZERO_ATTRBIT(&cbbits))
5305 * Get the lock file structure.
5306 * (A return of -1 means no associated state, so return ok.)
5308 error = nfsrv_getlockfh(vp, NFSLCK_CHECK, NULL, &nfh, p);
5311 error = nfsrv_getlockfile(NFSLCK_CHECK, NULL, &lfp, &nfh, 0);
5320 * Now, look for a write delegation.
5322 LIST_FOREACH(stp, &lfp->lf_deleg, ls_file) {
5323 if (stp->ls_flags & NFSLCK_DELEGWRITE)
5326 if (stp == LIST_END(&lfp->lf_deleg)) {
5331 delegfilerev = stp->ls_filerev;
5334 * If the Write delegation was issued as a part of this Compound RPC
5335 * or if we have an Implied Clientid (used in a previous Op in this
5336 * compound) and it is the client the delegation was issued to,
5338 * I also assume that it is from the same client iff the network
5339 * host IP address is the same as the callback address. (Not
5340 * exactly correct by the RFC, but avoids a lot of Getattr
5343 if (nd->nd_compref == stp->ls_compref ||
5344 ((nd->nd_flag & ND_IMPLIEDCLID) &&
5345 clp->lc_clientid.qval == nd->nd_clientid.qval) ||
5346 nfsaddr2_match(clp->lc_req.nr_nam, nd->nd_nam)) {
5352 * We are now done with the delegation state structure,
5353 * so the statelock can be released and we can now tsleep().
5357 * Now, we must do the CB Getattr callback, to see if Change or Size
5360 if (clp->lc_expiry >= NFSD_MONOSEC) {
5362 NFSVNO_ATTRINIT(&nva);
5363 nva.na_filerev = NFS64BITSSET;
5364 error = nfsrv_docallback(clp, NFSV4OP_CBGETATTR, NULL,
5365 0, &nfh, &nva, &cbbits, p);
5367 if ((nva.na_filerev != NFS64BITSSET &&
5368 nva.na_filerev > delegfilerev) ||
5369 (NFSVNO_ISSETSIZE(&nva) &&
5370 nva.na_size != nvap->na_size)) {
5371 error = nfsvno_updfilerev(vp, nvap, cred, p);
5372 if (NFSVNO_ISSETSIZE(&nva))
5373 nvap->na_size = nva.na_size;
5376 error = 0; /* Ignore callback errors for now. */
5382 NFSEXITCODE2(error, nd);
5387 * This function looks for openowners that haven't had any opens for
5388 * a while and throws them away. Called by an nfsd when NFSNSF_NOOPENS
5392 nfsrv_throwawayopens(NFSPROC_T *p)
5394 struct nfsclient *clp, *nclp;
5395 struct nfsstate *stp, *nstp;
5399 nfsrv_stablefirst.nsf_flags &= ~NFSNSF_NOOPENS;
5401 * For each client...
5403 for (i = 0; i < nfsrv_clienthashsize; i++) {
5404 LIST_FOREACH_SAFE(clp, &nfsclienthash[i], lc_hash, nclp) {
5405 LIST_FOREACH_SAFE(stp, &clp->lc_open, ls_list, nstp) {
5406 if (LIST_EMPTY(&stp->ls_open) &&
5407 (stp->ls_noopens > NFSNOOPEN ||
5408 (nfsrv_openpluslock * 2) >
5409 nfsrv_v4statelimit))
5410 nfsrv_freeopenowner(stp, 0, p);
5418 * This function checks to see if the credentials are the same.
5419 * Returns 1 for not same, 0 otherwise.
5422 nfsrv_notsamecredname(struct nfsrv_descript *nd, struct nfsclient *clp)
5425 if (nd->nd_flag & ND_GSS) {
5426 if (!(clp->lc_flags & LCL_GSS))
5428 if (clp->lc_flags & LCL_NAME) {
5429 if (nd->nd_princlen != clp->lc_namelen ||
5430 NFSBCMP(nd->nd_principal, clp->lc_name,
5436 if (nd->nd_cred->cr_uid == clp->lc_uid)
5440 } else if (clp->lc_flags & LCL_GSS)
5443 * For AUTH_SYS, allow the same uid or root. (This is underspecified
5444 * in RFC3530, which talks about principals, but doesn't say anything
5445 * about uids for AUTH_SYS.)
5447 if (nd->nd_cred->cr_uid == clp->lc_uid || nd->nd_cred->cr_uid == 0)
5454 * Calculate the lease expiry time.
5457 nfsrv_leaseexpiry(void)
5460 if (nfsrv_stablefirst.nsf_eograce > NFSD_MONOSEC)
5461 return (NFSD_MONOSEC + 2 * (nfsrv_lease + NFSRV_LEASEDELTA));
5462 return (NFSD_MONOSEC + nfsrv_lease + NFSRV_LEASEDELTA);
5466 * Delay the delegation timeout as far as ls_delegtimelimit, as required.
5469 nfsrv_delaydelegtimeout(struct nfsstate *stp)
5472 if ((stp->ls_flags & NFSLCK_DELEGRECALL) == 0)
5475 if ((stp->ls_delegtime + 15) > NFSD_MONOSEC &&
5476 stp->ls_delegtime < stp->ls_delegtimelimit) {
5477 stp->ls_delegtime += nfsrv_lease;
5478 if (stp->ls_delegtime > stp->ls_delegtimelimit)
5479 stp->ls_delegtime = stp->ls_delegtimelimit;
5484 * This function checks to see if there is any other state associated
5485 * with the openowner for this Open.
5486 * It returns 1 if there is no other state, 0 otherwise.
5489 nfsrv_nootherstate(struct nfsstate *stp)
5491 struct nfsstate *tstp;
5493 LIST_FOREACH(tstp, &stp->ls_openowner->ls_open, ls_list) {
5494 if (tstp != stp || !LIST_EMPTY(&tstp->ls_lock))
5501 * Create a list of lock deltas (changes to local byte range locking
5502 * that can be rolled back using the list) and apply the changes via
5503 * nfsvno_advlock(). Optionally, lock the list. It is expected that either
5504 * the rollback or update function will be called after this.
5505 * It returns an error (and rolls back, as required), if any nfsvno_advlock()
5506 * call fails. If it returns an error, it will unlock the list.
5509 nfsrv_locallock(vnode_t vp, struct nfslockfile *lfp, int flags,
5510 uint64_t first, uint64_t end, struct nfslockconflict *cfp, NFSPROC_T *p)
5512 struct nfslock *lop, *nlop;
5515 /* Loop through the list of locks. */
5516 lop = LIST_FIRST(&lfp->lf_locallock);
5517 while (first < end && lop != NULL) {
5518 nlop = LIST_NEXT(lop, lo_lckowner);
5519 if (first >= lop->lo_end) {
5522 } else if (first < lop->lo_first) {
5523 /* new one starts before entry in list */
5524 if (end <= lop->lo_first) {
5525 /* no overlap between old and new */
5526 error = nfsrv_dolocal(vp, lfp, flags,
5527 NFSLCK_UNLOCK, first, end, cfp, p);
5532 /* handle fragment overlapped with new one */
5533 error = nfsrv_dolocal(vp, lfp, flags,
5534 NFSLCK_UNLOCK, first, lop->lo_first, cfp,
5538 first = lop->lo_first;
5541 /* new one overlaps this entry in list */
5542 if (end <= lop->lo_end) {
5543 /* overlaps all of new one */
5544 error = nfsrv_dolocal(vp, lfp, flags,
5545 lop->lo_flags, first, end, cfp, p);
5550 /* handle fragment overlapped with new one */
5551 error = nfsrv_dolocal(vp, lfp, flags,
5552 lop->lo_flags, first, lop->lo_end, cfp, p);
5555 first = lop->lo_end;
5560 if (first < end && error == 0)
5561 /* handle fragment past end of list */
5562 error = nfsrv_dolocal(vp, lfp, flags, NFSLCK_UNLOCK, first,
5570 * Local lock unlock. Unlock all byte ranges that are no longer locked
5571 * by NFSv4. To do this, unlock any subranges of first-->end that
5572 * do not overlap with the byte ranges of any lock in the lfp->lf_lock
5573 * list. This list has all locks for the file held by other
5574 * <clientid, lockowner> tuples. The list is ordered by increasing
5575 * lo_first value, but may have entries that overlap each other, for
5576 * the case of read locks.
5579 nfsrv_localunlock(vnode_t vp, struct nfslockfile *lfp, uint64_t init_first,
5580 uint64_t init_end, NFSPROC_T *p)
5582 struct nfslock *lop;
5583 uint64_t first, end, prevfirst;
5587 while (first < init_end) {
5588 /* Loop through all nfs locks, adjusting first and end */
5590 LIST_FOREACH(lop, &lfp->lf_lock, lo_lckfile) {
5591 KASSERT(prevfirst <= lop->lo_first,
5592 ("nfsv4 locks out of order"));
5593 KASSERT(lop->lo_first < lop->lo_end,
5594 ("nfsv4 bogus lock"));
5595 prevfirst = lop->lo_first;
5596 if (first >= lop->lo_first &&
5597 first < lop->lo_end)
5599 * Overlaps with initial part, so trim
5600 * off that initial part by moving first past
5603 first = lop->lo_end;
5604 else if (end > lop->lo_first &&
5605 lop->lo_first > first) {
5607 * This lock defines the end of the
5608 * segment to unlock, so set end to the
5609 * start of it and break out of the loop.
5611 end = lop->lo_first;
5616 * There is no segment left to do, so
5617 * break out of this loop and then exit
5618 * the outer while() since first will be set
5619 * to end, which must equal init_end here.
5624 /* Unlock this segment */
5625 (void) nfsrv_dolocal(vp, lfp, NFSLCK_UNLOCK,
5626 NFSLCK_READ, first, end, NULL, p);
5627 nfsrv_locallock_commit(lfp, NFSLCK_UNLOCK,
5631 * Now move past this segment and look for any further
5632 * segment in the range, if there is one.
5640 * Do the local lock operation and update the rollback list, as required.
5641 * Perform the rollback and return the error if nfsvno_advlock() fails.
5644 nfsrv_dolocal(vnode_t vp, struct nfslockfile *lfp, int flags, int oldflags,
5645 uint64_t first, uint64_t end, struct nfslockconflict *cfp, NFSPROC_T *p)
5647 struct nfsrollback *rlp;
5648 int error = 0, ltype, oldltype;
5650 if (flags & NFSLCK_WRITE)
5652 else if (flags & NFSLCK_READ)
5656 if (oldflags & NFSLCK_WRITE)
5658 else if (oldflags & NFSLCK_READ)
5662 if (ltype == oldltype || (oldltype == F_WRLCK && ltype == F_RDLCK))
5665 error = nfsvno_advlock(vp, ltype, first, end, p);
5668 cfp->cl_clientid.lval[0] = 0;
5669 cfp->cl_clientid.lval[1] = 0;
5671 cfp->cl_end = NFS64BITSSET;
5672 cfp->cl_flags = NFSLCK_WRITE;
5673 cfp->cl_ownerlen = 5;
5674 NFSBCOPY("LOCAL", cfp->cl_owner, 5);
5676 nfsrv_locallock_rollback(vp, lfp, p);
5677 } else if (ltype != F_UNLCK) {
5678 rlp = malloc(sizeof (struct nfsrollback), M_NFSDROLLBACK,
5680 rlp->rlck_first = first;
5681 rlp->rlck_end = end;
5682 rlp->rlck_type = oldltype;
5683 LIST_INSERT_HEAD(&lfp->lf_rollback, rlp, rlck_list);
5692 * Roll back local lock changes and free up the rollback list.
5695 nfsrv_locallock_rollback(vnode_t vp, struct nfslockfile *lfp, NFSPROC_T *p)
5697 struct nfsrollback *rlp, *nrlp;
5699 LIST_FOREACH_SAFE(rlp, &lfp->lf_rollback, rlck_list, nrlp) {
5700 (void) nfsvno_advlock(vp, rlp->rlck_type, rlp->rlck_first,
5702 free(rlp, M_NFSDROLLBACK);
5704 LIST_INIT(&lfp->lf_rollback);
5708 * Update local lock list and delete rollback list (ie now committed to the
5709 * local locks). Most of the work is done by the internal function.
5712 nfsrv_locallock_commit(struct nfslockfile *lfp, int flags, uint64_t first,
5715 struct nfsrollback *rlp, *nrlp;
5716 struct nfslock *new_lop, *other_lop;
5718 new_lop = malloc(sizeof (struct nfslock), M_NFSDLOCK, M_WAITOK);
5719 if (flags & (NFSLCK_READ | NFSLCK_WRITE))
5720 other_lop = malloc(sizeof (struct nfslock), M_NFSDLOCK,
5724 new_lop->lo_flags = flags;
5725 new_lop->lo_first = first;
5726 new_lop->lo_end = end;
5727 nfsrv_updatelock(NULL, &new_lop, &other_lop, lfp);
5728 if (new_lop != NULL)
5729 free(new_lop, M_NFSDLOCK);
5730 if (other_lop != NULL)
5731 free(other_lop, M_NFSDLOCK);
5733 /* and get rid of the rollback list */
5734 LIST_FOREACH_SAFE(rlp, &lfp->lf_rollback, rlck_list, nrlp)
5735 free(rlp, M_NFSDROLLBACK);
5736 LIST_INIT(&lfp->lf_rollback);
5740 * Lock the struct nfslockfile for local lock updating.
5743 nfsrv_locklf(struct nfslockfile *lfp)
5747 /* lf_usecount ensures *lfp won't be free'd */
5750 gotlock = nfsv4_lock(&lfp->lf_locallock_lck, 1, NULL,
5751 NFSSTATEMUTEXPTR, NULL);
5752 } while (gotlock == 0);
5757 * Unlock the struct nfslockfile after local lock updating.
5760 nfsrv_unlocklf(struct nfslockfile *lfp)
5763 nfsv4_unlock(&lfp->lf_locallock_lck, 0);
5767 * Clear out all state for the NFSv4 server.
5768 * Must be called by a thread that can sleep when no nfsds are running.
5771 nfsrv_throwawayallstate(NFSPROC_T *p)
5773 struct nfsclient *clp, *nclp;
5774 struct nfslockfile *lfp, *nlfp;
5778 * For each client, clean out the state and then free the structure.
5780 for (i = 0; i < nfsrv_clienthashsize; i++) {
5781 LIST_FOREACH_SAFE(clp, &nfsclienthash[i], lc_hash, nclp) {
5782 nfsrv_cleanclient(clp, p);
5783 nfsrv_freedeleglist(&clp->lc_deleg);
5784 nfsrv_freedeleglist(&clp->lc_olddeleg);
5785 free(clp->lc_stateid, M_NFSDCLIENT);
5786 free(clp, M_NFSDCLIENT);
5791 * Also, free up any remaining lock file structures.
5793 for (i = 0; i < nfsrv_lockhashsize; i++) {
5794 LIST_FOREACH_SAFE(lfp, &nfslockhash[i], lf_hash, nlfp) {
5795 printf("nfsd unload: fnd a lock file struct\n");
5796 nfsrv_freenfslockfile(lfp);
5802 * Check the sequence# for the session and slot provided as an argument.
5803 * Also, renew the lease if the session will return NFS_OK.
5806 nfsrv_checksequence(struct nfsrv_descript *nd, uint32_t sequenceid,
5807 uint32_t *highest_slotidp, uint32_t *target_highest_slotidp, int cache_this,
5808 uint32_t *sflagsp, NFSPROC_T *p)
5810 struct nfsdsession *sep;
5811 struct nfssessionhash *shp;
5815 shp = NFSSESSIONHASH(nd->nd_sessionid);
5816 NFSLOCKSESSION(shp);
5817 sep = nfsrv_findsession(nd->nd_sessionid);
5819 NFSUNLOCKSESSION(shp);
5820 return (NFSERR_BADSESSION);
5822 error = nfsv4_seqsession(sequenceid, nd->nd_slotid, *highest_slotidp,
5823 sep->sess_slots, NULL, NFSV4_SLOTS - 1);
5825 NFSUNLOCKSESSION(shp);
5828 if (cache_this != 0)
5829 nd->nd_flag |= ND_SAVEREPLY;
5830 /* Renew the lease. */
5831 sep->sess_clp->lc_expiry = nfsrv_leaseexpiry();
5832 nd->nd_clientid.qval = sep->sess_clp->lc_clientid.qval;
5833 nd->nd_flag |= ND_IMPLIEDCLID;
5836 * If this session handles the backchannel, save the nd_xprt for this
5837 * RPC, since this is the one being used.
5839 if (sep->sess_clp->lc_req.nr_client != NULL &&
5840 (sep->sess_crflags & NFSV4CRSESS_CONNBACKCHAN) != 0) {
5841 savxprt = sep->sess_cbsess.nfsess_xprt;
5842 SVC_ACQUIRE(nd->nd_xprt);
5843 nd->nd_xprt->xp_p2 =
5844 sep->sess_clp->lc_req.nr_client->cl_private;
5845 nd->nd_xprt->xp_idletimeout = 0; /* Disable timeout. */
5846 sep->sess_cbsess.nfsess_xprt = nd->nd_xprt;
5847 if (savxprt != NULL)
5848 SVC_RELEASE(savxprt);
5852 if (sep->sess_clp->lc_req.nr_client == NULL)
5853 *sflagsp |= NFSV4SEQ_CBPATHDOWN;
5854 NFSUNLOCKSESSION(shp);
5855 if (error == NFSERR_EXPIRED) {
5856 *sflagsp |= NFSV4SEQ_EXPIREDALLSTATEREVOKED;
5858 } else if (error == NFSERR_ADMINREVOKED) {
5859 *sflagsp |= NFSV4SEQ_ADMINSTATEREVOKED;
5862 *highest_slotidp = *target_highest_slotidp = NFSV4_SLOTS - 1;
5867 * Check/set reclaim complete for this session/clientid.
5870 nfsrv_checkreclaimcomplete(struct nfsrv_descript *nd)
5872 struct nfsdsession *sep;
5873 struct nfssessionhash *shp;
5876 shp = NFSSESSIONHASH(nd->nd_sessionid);
5878 NFSLOCKSESSION(shp);
5879 sep = nfsrv_findsession(nd->nd_sessionid);
5881 NFSUNLOCKSESSION(shp);
5883 return (NFSERR_BADSESSION);
5886 /* Check to see if reclaim complete has already happened. */
5887 if ((sep->sess_clp->lc_flags & LCL_RECLAIMCOMPLETE) != 0)
5888 error = NFSERR_COMPLETEALREADY;
5890 sep->sess_clp->lc_flags |= LCL_RECLAIMCOMPLETE;
5891 NFSUNLOCKSESSION(shp);
5897 * Cache the reply in a session slot.
5900 nfsrv_cache_session(uint8_t *sessionid, uint32_t slotid, int repstat,
5903 struct nfsdsession *sep;
5904 struct nfssessionhash *shp;
5906 shp = NFSSESSIONHASH(sessionid);
5907 NFSLOCKSESSION(shp);
5908 sep = nfsrv_findsession(sessionid);
5910 NFSUNLOCKSESSION(shp);
5911 printf("nfsrv_cache_session: no session\n");
5915 nfsv4_seqsess_cacherep(slotid, sep->sess_slots, repstat, m);
5916 NFSUNLOCKSESSION(shp);
5920 * Search for a session that matches the sessionid.
5922 static struct nfsdsession *
5923 nfsrv_findsession(uint8_t *sessionid)
5925 struct nfsdsession *sep;
5926 struct nfssessionhash *shp;
5928 shp = NFSSESSIONHASH(sessionid);
5929 LIST_FOREACH(sep, &shp->list, sess_hash) {
5930 if (!NFSBCMP(sessionid, sep->sess_sessionid, NFSX_V4SESSIONID))
5937 * Destroy a session.
5940 nfsrv_destroysession(struct nfsrv_descript *nd, uint8_t *sessionid)
5942 int error, samesess;
5945 if (!NFSBCMP(sessionid, nd->nd_sessionid, NFSX_V4SESSIONID)) {
5947 if ((nd->nd_flag & ND_LASTOP) == 0)
5948 return (NFSERR_BADSESSION);
5950 error = nfsrv_freesession(NULL, sessionid);
5951 if (error == 0 && samesess != 0)
5952 nd->nd_flag &= ~ND_HASSEQUENCE;
5957 * Free up a session structure.
5960 nfsrv_freesession(struct nfsdsession *sep, uint8_t *sessionid)
5962 struct nfssessionhash *shp;
5967 shp = NFSSESSIONHASH(sessionid);
5968 NFSLOCKSESSION(shp);
5969 sep = nfsrv_findsession(sessionid);
5971 shp = NFSSESSIONHASH(sep->sess_sessionid);
5972 NFSLOCKSESSION(shp);
5976 if (sep->sess_refcnt > 0) {
5977 NFSUNLOCKSESSION(shp);
5981 LIST_REMOVE(sep, sess_hash);
5982 LIST_REMOVE(sep, sess_list);
5984 NFSUNLOCKSESSION(shp);
5987 return (NFSERR_BADSESSION);
5988 for (i = 0; i < NFSV4_SLOTS; i++)
5989 if (sep->sess_slots[i].nfssl_reply != NULL)
5990 m_freem(sep->sess_slots[i].nfssl_reply);
5991 if (sep->sess_cbsess.nfsess_xprt != NULL)
5992 SVC_RELEASE(sep->sess_cbsess.nfsess_xprt);
5993 free(sep, M_NFSDSESSION);
5999 * RFC5661 says that it should fail when there are associated opens, locks
6000 * or delegations. Since stateids represent opens, I don't see how you can
6001 * free an open stateid (it will be free'd when closed), so this function
6002 * only works for lock stateids (freeing the lock_owner) or delegations.
6005 nfsrv_freestateid(struct nfsrv_descript *nd, nfsv4stateid_t *stateidp,
6008 struct nfsclient *clp;
6009 struct nfsstate *stp;
6014 * Look up the stateid
6016 error = nfsrv_getclient((nfsquad_t)((u_quad_t)0), CLOPS_RENEW, &clp,
6017 NULL, (nfsquad_t)((u_quad_t)0), 0, nd, p);
6019 /* First, check for a delegation. */
6020 LIST_FOREACH(stp, &clp->lc_deleg, ls_list) {
6021 if (!NFSBCMP(stp->ls_stateid.other, stateidp->other,
6026 nfsrv_freedeleg(stp);
6031 /* Not a delegation, try for a lock_owner. */
6033 error = nfsrv_getstate(clp, stateidp, 0, &stp);
6034 if (error == 0 && ((stp->ls_flags & (NFSLCK_OPEN | NFSLCK_DELEGREAD |
6035 NFSLCK_DELEGWRITE)) != 0 || (stp->ls_flags & NFSLCK_LOCK) == 0))
6036 /* Not a lock_owner stateid. */
6037 error = NFSERR_LOCKSHELD;
6038 if (error == 0 && !LIST_EMPTY(&stp->ls_lock))
6039 error = NFSERR_LOCKSHELD;
6041 nfsrv_freelockowner(stp, NULL, 0, p);
6047 * Generate the xdr for an NFSv4.1 CBSequence Operation.
6050 nfsv4_setcbsequence(struct nfsrv_descript *nd, struct nfsclient *clp,
6051 int dont_replycache, struct nfsdsession **sepp)
6053 struct nfsdsession *sep;
6054 uint32_t *tl, slotseq = 0;
6055 int maxslot, slotpos;
6056 uint8_t sessionid[NFSX_V4SESSIONID];
6059 error = nfsv4_getcbsession(clp, sepp);
6063 (void)nfsv4_sequencelookup(NULL, &sep->sess_cbsess, &slotpos, &maxslot,
6064 &slotseq, sessionid);
6065 KASSERT(maxslot >= 0, ("nfsv4_setcbsequence neg maxslot"));
6067 /* Build the Sequence arguments. */
6068 NFSM_BUILD(tl, uint32_t *, NFSX_V4SESSIONID + 5 * NFSX_UNSIGNED);
6069 bcopy(sessionid, tl, NFSX_V4SESSIONID);
6070 tl += NFSX_V4SESSIONID / NFSX_UNSIGNED;
6071 nd->nd_slotseq = tl;
6072 *tl++ = txdr_unsigned(slotseq);
6073 *tl++ = txdr_unsigned(slotpos);
6074 *tl++ = txdr_unsigned(maxslot);
6075 if (dont_replycache == 0)
6076 *tl++ = newnfs_true;
6078 *tl++ = newnfs_false;
6079 *tl = 0; /* No referring call list, for now. */
6080 nd->nd_flag |= ND_HASSEQUENCE;
6085 * Get a session for the callback.
6088 nfsv4_getcbsession(struct nfsclient *clp, struct nfsdsession **sepp)
6090 struct nfsdsession *sep;
6093 LIST_FOREACH(sep, &clp->lc_session, sess_list) {
6094 if ((sep->sess_crflags & NFSV4CRSESS_CONNBACKCHAN) != 0)
6099 return (NFSERR_BADSESSION);
6108 * Free up all backchannel xprts. This needs to be done when the nfsd threads
6109 * exit, since those transports will all be going away.
6110 * This is only called after all the nfsd threads are done performing RPCs,
6111 * so locking shouldn't be an issue.
6114 nfsrv_freeallbackchannel_xprts(void)
6116 struct nfsdsession *sep;
6117 struct nfsclient *clp;
6121 for (i = 0; i < nfsrv_clienthashsize; i++) {
6122 LIST_FOREACH(clp, &nfsclienthash[i], lc_hash) {
6123 LIST_FOREACH(sep, &clp->lc_session, sess_list) {
6124 xprt = sep->sess_cbsess.nfsess_xprt;
6125 sep->sess_cbsess.nfsess_xprt = NULL;