2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * Rick Macklem at The University of Guelph.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #include <sys/cdefs.h>
37 __FBSDID("$FreeBSD$");
40 * These functions support the macros and help fiddle mbuf chains for
41 * the nfs op functions. They do things like create the rpc header and
42 * copy data between mbuf chains and uio lists.
44 #include <fs/nfs/nfsport.h>
46 extern u_int32_t newnfs_true, newnfs_false;
47 extern int nfs_pubfhset;
48 extern int nfsrv_clienthashsize;
49 extern int nfsrv_lockhashsize;
50 extern int nfsrv_sessionhashsize;
51 extern int nfsrv_useacl;
52 extern uid_t nfsrv_defaultuid;
53 extern gid_t nfsrv_defaultgid;
55 NFSD_VNET_DECLARE(struct nfsclienthashhead *, nfsclienthash);
56 NFSD_VNET_DECLARE(struct nfslockhashhead *, nfslockhash);
57 NFSD_VNET_DECLARE(struct nfssessionhash *, nfssessionhash);
58 NFSD_VNET_DECLARE(int, nfs_rootfhset);
59 NFSD_VNET_DECLARE(uid_t, nfsrv_defaultuid);
60 NFSD_VNET_DECLARE(gid_t, nfsrv_defaultgid);
62 NFSD_VNET_DEFINE(struct nfsdontlisthead, nfsrv_dontlisthead);
65 char nfs_v2pubfh[NFSX_V2FH];
66 struct nfsdontlisthead nfsrv_dontlisthead;
67 struct nfslayouthead nfsrv_recalllisthead;
68 static nfstype newnfsv2_type[9] = { NFNON, NFREG, NFDIR, NFBLK, NFCHR, NFLNK,
69 NFNON, NFCHR, NFNON };
70 extern nfstype nfsv34_type[9];
72 static u_int32_t nfsrv_isannfserr(u_int32_t);
74 SYSCTL_DECL(_vfs_nfsd);
76 static int enable_checkutf8 = 1;
77 SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_checkutf8, CTLFLAG_RW,
79 "Enable the NFSv4 check for the UTF8 compliant name required by rfc3530");
81 static int enable_nobodycheck = 1;
82 SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_nobodycheck, CTLFLAG_RW,
83 &enable_nobodycheck, 0,
84 "Enable the NFSv4 check when setting user nobody as owner");
86 static int enable_nogroupcheck = 1;
87 SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_nogroupcheck, CTLFLAG_RW,
88 &enable_nogroupcheck, 0,
89 "Enable the NFSv4 check when setting group nogroup as owner");
91 static char nfsrv_hexdigit(char, int *);
94 * Maps errno values to nfs error numbers.
95 * Use NFSERR_IO as the catch all for ones not specifically defined in
96 * RFC 1094. (It now includes the errors added for NFSv3.)
98 static u_char nfsrv_v2errmap[NFSERR_REMOTE] = {
99 NFSERR_PERM, NFSERR_NOENT, NFSERR_IO, NFSERR_IO, NFSERR_IO,
100 NFSERR_NXIO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
101 NFSERR_IO, NFSERR_IO, NFSERR_ACCES, NFSERR_IO, NFSERR_IO,
102 NFSERR_IO, NFSERR_EXIST, NFSERR_XDEV, NFSERR_NODEV, NFSERR_NOTDIR,
103 NFSERR_ISDIR, NFSERR_INVAL, NFSERR_IO, NFSERR_IO, NFSERR_IO,
104 NFSERR_IO, NFSERR_FBIG, NFSERR_NOSPC, NFSERR_IO, NFSERR_ROFS,
105 NFSERR_MLINK, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
106 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
107 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
108 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
109 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
110 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
111 NFSERR_IO, NFSERR_IO, NFSERR_NAMETOL, NFSERR_IO, NFSERR_IO,
112 NFSERR_NOTEMPTY, NFSERR_IO, NFSERR_IO, NFSERR_DQUOT, NFSERR_STALE,
117 * Maps errno values to nfs error numbers.
118 * Although it is not obvious whether or not NFS clients really care if
119 * a returned error value is in the specified list for the procedure, the
120 * safest thing to do is filter them appropriately. For Version 2, the
121 * X/Open XNFS document is the only specification that defines error values
122 * for each RPC (The RFC simply lists all possible error values for all RPCs),
123 * so I have decided to not do this for Version 2.
124 * The first entry is the default error return and the rest are the valid
125 * errors for that RPC in increasing numeric order.
127 static short nfsv3err_null[] = {
132 static short nfsv3err_getattr[] = {
142 static short nfsv3err_setattr[] = {
159 static short nfsv3err_lookup[] = {
173 static short nfsv3err_access[] = {
183 static short nfsv3err_readlink[] = {
196 static short nfsv3err_read[] = {
209 static short nfsv3err_write[] = {
225 static short nfsv3err_create[] = {
243 static short nfsv3err_mkdir[] = {
261 static short nfsv3err_symlink[] = {
279 static short nfsv3err_mknod[] = {
298 static short nfsv3err_remove[] = {
313 static short nfsv3err_rmdir[] = {
332 static short nfsv3err_rename[] = {
356 static short nfsv3err_link[] = {
377 static short nfsv3err_readdir[] = {
391 static short nfsv3err_readdirplus[] = {
406 static short nfsv3err_fsstat[] = {
416 static short nfsv3err_fsinfo[] = {
425 static short nfsv3err_pathconf[] = {
434 static short nfsv3err_commit[] = {
444 static short *nfsrv_v3errmap[] = {
462 nfsv3err_readdirplus,
470 * And the same for V4.
472 static short nfsv4err_null[] = {
477 static short nfsv4err_access[] = {
494 static short nfsv4err_close[] = {
518 static short nfsv4err_commit[] = {
536 static short nfsv4err_create[] = {
565 static short nfsv4err_delegpurge[] = {
573 NFSERR_STALECLIENTID,
577 static short nfsv4err_delegreturn[] = {
596 static short nfsv4err_getattr[] = {
613 static short nfsv4err_getfh[] = {
625 static short nfsv4err_link[] = {
657 static short nfsv4err_lock[] = {
683 NFSERR_RECLAIMCONFLICT,
687 NFSERR_STALECLIENTID,
692 static short nfsv4err_lockt[] = {
711 NFSERR_STALECLIENTID,
715 static short nfsv4err_locku[] = {
741 static short nfsv4err_lookup[] = {
764 static short nfsv4err_lookupp[] = {
780 static short nfsv4err_nverify[] = {
800 static short nfsv4err_open[] = {
831 NFSERR_RECLAIMCONFLICT,
837 NFSERR_STALECLIENTID,
843 static short nfsv4err_openattr[] = {
864 static short nfsv4err_openconfirm[] = {
885 static short nfsv4err_opendowngrade[] = {
905 static short nfsv4err_putfh[] = {
918 static short nfsv4err_putpubfh[] = {
926 static short nfsv4err_putrootfh[] = {
934 static short nfsv4err_read[] = {
962 static short nfsv4err_readdir[] = {
983 static short nfsv4err_readlink[] = {
1001 static short nfsv4err_remove[] = {
1016 NFSERR_NOFILEHANDLE,
1026 static short nfsv4err_rename[] = {
1043 NFSERR_NOFILEHANDLE,
1056 static short nfsv4err_renew[] = {
1059 NFSERR_ADMINREVOKED,
1066 NFSERR_STALECLIENTID,
1070 static short nfsv4err_restorefh[] = {
1083 static short nfsv4err_savefh[] = {
1088 NFSERR_NOFILEHANDLE,
1095 static short nfsv4err_secinfo[] = {
1107 NFSERR_NOFILEHANDLE,
1115 static short nfsv4err_setattr[] = {
1118 NFSERR_ADMINREVOKED,
1136 NFSERR_NOFILEHANDLE,
1145 NFSERR_STALESTATEID,
1149 static short nfsv4err_setclientid[] = {
1160 static short nfsv4err_setclientidconfirm[] = {
1166 NFSERR_STALECLIENTID,
1170 static short nfsv4err_verify[] = {
1181 NFSERR_NOFILEHANDLE,
1189 static short nfsv4err_write[] = {
1192 NFSERR_ADMINREVOKED,
1208 NFSERR_NOFILEHANDLE,
1217 NFSERR_STALESTATEID,
1221 static short nfsv4err_releaselockowner[] = {
1223 NFSERR_ADMINREVOKED,
1230 NFSERR_STALECLIENTID,
1234 static short *nfsrv_v4errmap[] = {
1242 nfsv4err_delegpurge,
1243 nfsv4err_delegreturn,
1255 nfsv4err_openconfirm,
1256 nfsv4err_opendowngrade,
1270 nfsv4err_setclientid,
1271 nfsv4err_setclientidconfirm,
1274 nfsv4err_releaselockowner,
1278 * Trim tlen bytes off the end of the mbuf list and then ensure
1279 * the end of the last mbuf is nul filled to a long boundary,
1280 * as indicated by the value of "nul".
1281 * Return the last mbuf in the updated list and free and mbufs
1282 * that follow it in the original list.
1283 * This is somewhat different than the old nfsrv_adj() with
1284 * support for ext_pgs mbufs. It frees the remaining mbufs
1285 * instead of setting them 0 length, since lists of ext_pgs
1286 * mbufs are all expected to be non-empty.
1289 nfsrv_adj(struct mbuf *mp, int len, int nul)
1291 struct mbuf *m, *m2;
1293 int i, lastlen, pgno, plen, tlen, trim;
1298 * Find the last mbuf after adjustment and
1299 * how much it needs to be adjusted by.
1305 if (m->m_next == NULL)
1309 /* m is now the last mbuf and tlen the total length. */
1311 if (len >= m->m_len) {
1312 /* Need to trim away the last mbuf(s). */
1323 lastlen = m->m_len - len;
1326 * m is now the last mbuf after trimming and its length needs to
1328 * Adjust the last mbuf and set cp to point to where nuls must be
1331 if ((m->m_flags & M_EXTPG) != 0) {
1332 pgno = m->m_epg_npgs - 1;
1333 off = (pgno == 0) ? m->m_epg_1st_off : 0;
1334 plen = m_epg_pagelen(m, pgno, off);
1335 if (m->m_len > lastlen) {
1336 /* Trim this mbuf. */
1337 trim = m->m_len - lastlen;
1338 while (trim >= plen) {
1340 ("nfsrv_adj: freeing page 0"));
1342 pg = PHYS_TO_VM_PAGE(m->m_epg_pa[pgno]);
1343 vm_page_unwire_noq(pg);
1348 off = (pgno == 0) ? m->m_epg_1st_off : 0;
1349 plen = m_epg_pagelen(m, pgno, off);
1352 m->m_epg_last_len = plen;
1355 cp = (char *)(void *)PHYS_TO_DMAP(m->m_epg_pa[pgno]);
1356 cp += off + plen - nul;
1359 cp = mtod(m, char *) + m->m_len - nul;
1362 /* Write the nul bytes. */
1363 for (i = 0; i < nul; i++)
1366 /* Free up any mbufs past "m". */
1375 * Make these functions instead of macros, so that the kernel text size
1376 * doesn't get too big...
1379 nfsrv_wcc(struct nfsrv_descript *nd, int before_ret,
1380 struct nfsvattr *before_nvap, int after_ret, struct nfsvattr *after_nvap)
1385 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
1388 NFSM_BUILD(tl, u_int32_t *, 7 * NFSX_UNSIGNED);
1389 *tl++ = newnfs_true;
1390 txdr_hyper(before_nvap->na_size, tl);
1392 txdr_nfsv3time(&(before_nvap->na_mtime), tl);
1394 txdr_nfsv3time(&(before_nvap->na_ctime), tl);
1396 nfsrv_postopattr(nd, after_ret, after_nvap);
1400 nfsrv_postopattr(struct nfsrv_descript *nd, int after_ret,
1401 struct nfsvattr *after_nvap)
1405 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
1410 nfsrv_fillattr(nd, after_nvap);
1415 * Fill in file attributes for V2 and 3. For V4, call a separate
1416 * routine that sifts through all the attribute bits.
1419 nfsrv_fillattr(struct nfsrv_descript *nd, struct nfsvattr *nvap)
1421 struct nfs_fattr *fp;
1425 * Build space for the attribute structure.
1427 if (nd->nd_flag & ND_NFSV3)
1428 fattr_size = NFSX_V3FATTR;
1430 fattr_size = NFSX_V2FATTR;
1431 NFSM_BUILD(fp, struct nfs_fattr *, fattr_size);
1434 * Now just fill it all in.
1436 fp->fa_nlink = txdr_unsigned(nvap->na_nlink);
1437 fp->fa_uid = txdr_unsigned(nvap->na_uid);
1438 fp->fa_gid = txdr_unsigned(nvap->na_gid);
1439 if (nd->nd_flag & ND_NFSV3) {
1440 fp->fa_type = vtonfsv34_type(nvap->na_type);
1441 fp->fa_mode = vtonfsv34_mode(nvap->na_mode);
1442 txdr_hyper(nvap->na_size, (uint32_t*)&fp->fa3_size);
1443 txdr_hyper(nvap->na_bytes, (uint32_t*)&fp->fa3_used);
1444 fp->fa3_rdev.specdata1 = txdr_unsigned(NFSMAJOR(nvap->na_rdev));
1445 fp->fa3_rdev.specdata2 = txdr_unsigned(NFSMINOR(nvap->na_rdev));
1446 fp->fa3_fsid.nfsuquad[0] = 0;
1447 fp->fa3_fsid.nfsuquad[1] = txdr_unsigned(nvap->na_fsid);
1448 txdr_hyper(nvap->na_fileid, (uint32_t*)&fp->fa3_fileid);
1449 txdr_nfsv3time(&nvap->na_atime, &fp->fa3_atime);
1450 txdr_nfsv3time(&nvap->na_mtime, &fp->fa3_mtime);
1451 txdr_nfsv3time(&nvap->na_ctime, &fp->fa3_ctime);
1453 fp->fa_type = vtonfsv2_type(nvap->na_type);
1454 fp->fa_mode = vtonfsv2_mode(nvap->na_type, nvap->na_mode);
1455 fp->fa2_size = txdr_unsigned(nvap->na_size);
1456 fp->fa2_blocksize = txdr_unsigned(nvap->na_blocksize);
1457 if (nvap->na_type == VFIFO)
1458 fp->fa2_rdev = 0xffffffff;
1460 fp->fa2_rdev = txdr_unsigned(nvap->na_rdev);
1461 fp->fa2_blocks = txdr_unsigned(nvap->na_bytes / NFS_FABLKSIZE);
1462 fp->fa2_fsid = txdr_unsigned(nvap->na_fsid);
1463 fp->fa2_fileid = txdr_unsigned(nvap->na_fileid);
1464 txdr_nfsv2time(&nvap->na_atime, &fp->fa2_atime);
1465 txdr_nfsv2time(&nvap->na_mtime, &fp->fa2_mtime);
1466 txdr_nfsv2time(&nvap->na_ctime, &fp->fa2_ctime);
1471 * This function gets a file handle out of an mbuf list.
1472 * It returns 0 for success, EBADRPC otherwise.
1473 * If sets the third flagp argument to 1 if the file handle is
1474 * the public file handle.
1475 * For NFSv4, if the length is incorrect, set nd_repstat == NFSERR_BADHANDLE
1478 nfsrv_mtofh(struct nfsrv_descript *nd, struct nfsrvfh *fhp)
1481 int error = 0, len, copylen;
1483 if (nd->nd_flag & (ND_NFSV3 | ND_NFSV4)) {
1484 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
1485 len = fxdr_unsigned(int, *tl);
1486 if (len == 0 && nfs_pubfhset && (nd->nd_flag & ND_NFSV3) &&
1487 nd->nd_procnum == NFSPROC_LOOKUP) {
1488 nd->nd_flag |= ND_PUBLOOKUP;
1493 /* If len == NFSX_V4PNFSFH the RPC is a pNFS DS one. */
1494 if (len == NFSX_V4PNFSFH && (nd->nd_flag & ND_NFSV41) != 0) {
1495 copylen = NFSX_MYFH;
1496 len = NFSM_RNDUP(len);
1497 nd->nd_flag |= ND_DSSERVER;
1498 } else if (len < NFSRV_MINFH || len > NFSRV_MAXFH) {
1499 if (nd->nd_flag & ND_NFSV4) {
1500 if (len > 0 && len <= NFSX_V4FHMAX) {
1501 error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
1504 nd->nd_repstat = NFSERR_BADHANDLE;
1517 * For NFSv2, the file handle is always 32 bytes on the
1518 * wire, but this server only cares about the first
1519 * NFSRV_MAXFH bytes.
1522 copylen = NFSRV_MAXFH;
1524 NFSM_DISSECT(tl, u_int32_t *, len);
1525 if ((nd->nd_flag & ND_NFSV2) && nfs_pubfhset &&
1526 nd->nd_procnum == NFSPROC_LOOKUP &&
1527 !NFSBCMP((caddr_t)tl, nfs_v2pubfh, NFSX_V2FH)) {
1528 nd->nd_flag |= ND_PUBLOOKUP;
1531 NFSBCOPY(tl, (caddr_t)fhp->nfsrvfh_data, copylen);
1532 fhp->nfsrvfh_len = copylen;
1534 NFSEXITCODE2(error, nd);
1539 * Map errnos to NFS error numbers. For Version 3 and 4 also filter out error
1540 * numbers not specified for the associated procedure.
1541 * NFSPROC_NOOP is a special case, where the high order bits of nd_repstat
1542 * should be cleared. NFSPROC_NOOP is used to return errors when a valid
1543 * RPC procedure is not involved.
1544 * Returns the error number in XDR.
1547 nfsd_errmap(struct nfsrv_descript *nd)
1549 short *defaulterrp, *errp;
1551 if (!nd->nd_repstat)
1553 if ((nd->nd_repstat & NFSERR_AUTHERR) != 0)
1554 return (txdr_unsigned(NFSERR_ACCES));
1555 if (nd->nd_flag & (ND_NFSV3 | ND_NFSV4)) {
1556 if (nd->nd_procnum == NFSPROC_NOOP)
1557 return (txdr_unsigned(nd->nd_repstat & 0xffff));
1558 if (nd->nd_flag & ND_NFSV3)
1559 errp = defaulterrp = nfsrv_v3errmap[nd->nd_procnum];
1560 else if (nd->nd_repstat == EBADRPC)
1561 return (txdr_unsigned(NFSERR_BADXDR));
1562 else if (nd->nd_repstat == NFSERR_MINORVERMISMATCH ||
1563 nd->nd_repstat == NFSERR_OPILLEGAL)
1564 return (txdr_unsigned(nd->nd_repstat));
1565 else if (nd->nd_repstat == NFSERR_REPLYFROMCACHE)
1566 return (txdr_unsigned(NFSERR_IO));
1567 else if ((nd->nd_flag & ND_NFSV41) != 0) {
1568 if (nd->nd_repstat == EOPNOTSUPP)
1569 nd->nd_repstat = NFSERR_NOTSUPP;
1570 nd->nd_repstat = nfsrv_isannfserr(nd->nd_repstat);
1571 return (txdr_unsigned(nd->nd_repstat));
1573 errp = defaulterrp = nfsrv_v4errmap[nd->nd_procnum];
1575 if (*errp == nd->nd_repstat)
1576 return (txdr_unsigned(nd->nd_repstat));
1577 return (txdr_unsigned(*defaulterrp));
1579 if (nd->nd_repstat <= NFSERR_REMOTE)
1580 return (txdr_unsigned(nfsrv_v2errmap[nd->nd_repstat - 1]));
1581 return (txdr_unsigned(NFSERR_IO));
1585 * Check to see if the error is a valid NFS one. If not, replace it with
1589 nfsrv_isannfserr(u_int32_t errval)
1592 if (errval == NFSERR_OK)
1594 if (errval >= NFSERR_BADHANDLE && errval <= NFSERR_MAXERRVAL)
1596 if (errval > 0 && errval <= NFSERR_REMOTE)
1597 return (nfsrv_v2errmap[errval - 1]);
1602 * Check to see if setting a uid/gid is permitted when creating a new
1603 * file object. (Called when uid and/or gid is specified in the
1604 * settable attributes for V4.
1607 nfsrv_checkuidgid(struct nfsrv_descript *nd, struct nfsvattr *nvap)
1612 * If not setting either uid nor gid, it's OK.
1614 if (NFSVNO_NOTSETUID(nvap) && NFSVNO_NOTSETGID(nvap))
1616 if ((NFSVNO_ISSETUID(nvap) &&
1617 nvap->na_uid == NFSD_VNET(nfsrv_defaultuid) &&
1618 enable_nobodycheck == 1) ||
1619 (NFSVNO_ISSETGID(nvap) &&
1620 nvap->na_gid == NFSD_VNET(nfsrv_defaultgid) &&
1621 enable_nogroupcheck == 1)) {
1622 error = NFSERR_BADOWNER;
1625 if (nd->nd_cred->cr_uid == 0)
1627 if ((NFSVNO_ISSETUID(nvap) && nvap->na_uid != nd->nd_cred->cr_uid) ||
1628 (NFSVNO_ISSETGID(nvap) && nvap->na_gid != nd->nd_cred->cr_gid &&
1629 !groupmember(nvap->na_gid, nd->nd_cred)))
1630 error = NFSERR_PERM;
1633 NFSEXITCODE2(error, nd);
1638 * and this routine fixes up the settable attributes for V4 if allowed
1639 * by nfsrv_checkuidgid().
1642 nfsrv_fixattr(struct nfsrv_descript *nd, vnode_t vp,
1643 struct nfsvattr *nvap, NFSACL_T *aclp, NFSPROC_T *p, nfsattrbit_t *attrbitp,
1644 struct nfsexstuff *exp)
1647 struct nfsvattr nva;
1650 nfsattrbit_t nattrbits;
1653 * Maybe this should be done for V2 and 3 but it never has been
1654 * and nobody seems to be upset, so I think it's best not to change
1655 * the V2 and 3 semantics.
1657 if ((nd->nd_flag & ND_NFSV4) == 0)
1659 NFSVNO_ATTRINIT(&nva);
1660 NFSZERO_ATTRBIT(&nattrbits);
1661 tuid = nd->nd_cred->cr_uid;
1662 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNER) &&
1663 NFSVNO_ISSETUID(nvap) &&
1664 nvap->na_uid != nd->nd_cred->cr_uid) {
1665 if (nd->nd_cred->cr_uid == 0) {
1666 nva.na_uid = nvap->na_uid;
1668 NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_OWNER);
1670 NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_OWNER);
1673 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEACCESSSET) &&
1674 NFSVNO_ISSETATIME(nvap)) {
1675 nva.na_atime = nvap->na_atime;
1677 NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_TIMEACCESSSET);
1679 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_TIMEMODIFYSET) &&
1680 NFSVNO_ISSETMTIME(nvap)) {
1681 nva.na_mtime = nvap->na_mtime;
1683 NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_TIMEMODIFYSET);
1685 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_OWNERGROUP) &&
1686 NFSVNO_ISSETGID(nvap)) {
1687 if (nvap->na_gid == nd->nd_cred->cr_gid ||
1688 groupmember(nvap->na_gid, nd->nd_cred)) {
1689 nd->nd_cred->cr_uid = 0;
1690 nva.na_gid = nvap->na_gid;
1692 NFSSETBIT_ATTRBIT(&nattrbits, NFSATTRBIT_OWNERGROUP);
1694 NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_OWNERGROUP);
1698 error = nfsvno_setattr(vp, &nva, nd->nd_cred, p, exp);
1700 NFSCLRALL_ATTRBIT(attrbitp, &nattrbits);
1703 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_SIZE) &&
1704 NFSVNO_ISSETSIZE(nvap) && nvap->na_size != (u_quad_t)0) {
1705 NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_SIZE);
1707 #ifdef NFS4_ACL_EXTATTR_NAME
1708 if (NFSISSET_ATTRBIT(attrbitp, NFSATTRBIT_ACL) &&
1709 nfsrv_useacl != 0 && aclp != NULL) {
1710 if (aclp->acl_cnt > 0) {
1711 error = nfsrv_setacl(vp, aclp, nd->nd_cred, p);
1713 NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_ACL);
1718 NFSCLRBIT_ATTRBIT(attrbitp, NFSATTRBIT_ACL);
1719 nd->nd_cred->cr_uid = tuid;
1722 NFSEXITCODE2(0, nd);
1726 * Translate an ASCII hex digit to it's binary value. Return -1 if the
1727 * char isn't a hex digit.
1730 nfsrv_hexdigit(char c, int *err)
1734 if (c >= '0' && c <= '9')
1736 if (c >= 'a' && c <= 'f')
1737 return (c - 'a' + ((char)10));
1738 if (c >= 'A' && c <= 'F')
1739 return (c - 'A' + ((char)10));
1742 return (1); /* BOGUS */
1746 * Check to see if NFSERR_MOVED can be returned for this op. Return 1 iff
1750 nfsrv_errmoved(int op)
1754 errp = nfsrv_v4errmap[op];
1755 while (*errp != 0) {
1756 if (*errp == NFSERR_MOVED)
1764 * Fill in attributes for a Referral.
1765 * (Return the number of bytes of XDR created.)
1768 nfsrv_putreferralattr(struct nfsrv_descript *nd, nfsattrbit_t *retbitp,
1769 struct nfsreferral *refp, int getattr, int *reterrp)
1771 u_int32_t *tl, *retnump;
1773 int prefixnum, retnum = 0, i, len, bitpos, rderrbit = 0, nonrefbit = 0;
1774 int fslocationsbit = 0;
1775 nfsattrbit_t tmpbits, refbits;
1777 NFSREFERRAL_ATTRBIT(&refbits);
1779 NFSCLRBIT_ATTRBIT(&refbits, NFSATTRBIT_RDATTRERROR);
1780 else if (NFSISSET_ATTRBIT(retbitp, NFSATTRBIT_RDATTRERROR))
1782 if (NFSISSET_ATTRBIT(retbitp, NFSATTRBIT_FSLOCATIONS))
1786 * Check for the case where unsupported referral attributes are
1789 NFSSET_ATTRBIT(&tmpbits, retbitp);
1790 NFSCLRALL_ATTRBIT(&tmpbits, &refbits);
1791 if (NFSNONZERO_ATTRBIT(&tmpbits))
1794 if (nonrefbit && !fslocationsbit && (getattr || !rderrbit)) {
1795 *reterrp = NFSERR_MOVED;
1800 * Now we can fill in the attributes.
1802 NFSSET_ATTRBIT(&tmpbits, retbitp);
1803 NFSCLRNOT_ATTRBIT(&tmpbits, &refbits);
1806 * Put out the attribute bitmap for the ones being filled in
1807 * and get the field for the number of attributes returned.
1809 prefixnum = nfsrv_putattrbit(nd, &tmpbits);
1810 NFSM_BUILD(retnump, u_int32_t *, NFSX_UNSIGNED);
1811 prefixnum += NFSX_UNSIGNED;
1814 * Now, loop around filling in the attributes for each bit set.
1816 for (bitpos = 0; bitpos < NFSATTRBIT_MAX; bitpos++) {
1817 if (NFSISSET_ATTRBIT(&tmpbits, bitpos)) {
1819 case NFSATTRBIT_TYPE:
1820 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
1821 *tl = txdr_unsigned(NFDIR);
1822 retnum += NFSX_UNSIGNED;
1824 case NFSATTRBIT_FSID:
1825 NFSM_BUILD(tl, u_int32_t *, NFSX_V4FSID);
1827 *tl++ = txdr_unsigned(NFSV4ROOT_FSID0);
1829 *tl = txdr_unsigned(NFSV4ROOT_REFERRAL);
1830 retnum += NFSX_V4FSID;
1832 case NFSATTRBIT_RDATTRERROR:
1833 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
1835 *tl = txdr_unsigned(NFSERR_MOVED);
1838 retnum += NFSX_UNSIGNED;
1840 case NFSATTRBIT_FSLOCATIONS:
1841 retnum += nfsm_strtom(nd, "/", 1);
1842 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
1843 *tl = txdr_unsigned(refp->nfr_srvcnt);
1844 retnum += NFSX_UNSIGNED;
1845 cp = refp->nfr_srvlist;
1846 for (i = 0; i < refp->nfr_srvcnt; i++) {
1847 NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
1848 *tl = txdr_unsigned(1);
1849 retnum += NFSX_UNSIGNED;
1850 cp2 = STRCHR(cp, ':');
1855 retnum += nfsm_strtom(nd, cp, len);
1858 cp2 = STRCHR(cp, ',');
1863 retnum += nfsm_strtom(nd, cp, len);
1868 case NFSATTRBIT_MOUNTEDONFILEID:
1869 NFSM_BUILD(tl, u_int32_t *, NFSX_HYPER);
1870 txdr_hyper(refp->nfr_dfileno, tl);
1871 retnum += NFSX_HYPER;
1874 printf("EEK! Bad V4 refattr bitpos=%d\n", bitpos);
1878 *retnump = txdr_unsigned(retnum);
1879 return (retnum + prefixnum);
1883 * Parse a file name out of a request.
1886 nfsrv_parsename(struct nfsrv_descript *nd, char *bufp, u_long *hashp,
1887 NFSPATHLEN_T *outlenp)
1889 char *fromcp, *tocp, val = '\0';
1892 int rem, len, error = 0, pubtype = 0, outlen = 0, percent = 0;
1901 * For V4, check for lookup parent.
1902 * Otherwise, get the component name.
1904 if ((nd->nd_flag & ND_NFSV4) && (nd->nd_procnum == NFSV4OP_LOOKUPP ||
1905 nd->nd_procnum == NFSV4OP_SECINFONONAME)) {
1907 hash += ((u_char)'.');
1909 hash += ((u_char)'.');
1913 * First, get the name length.
1915 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
1916 len = fxdr_unsigned(int, *tl);
1917 if (len > NFS_MAXNAMLEN) {
1918 nd->nd_repstat = NFSERR_NAMETOL;
1921 } else if (len <= 0) {
1922 nd->nd_repstat = NFSERR_INVAL;
1928 * Now, copy the component name into the buffer.
1930 fromcp = nd->nd_dpos;
1932 rem = mtod(md, caddr_t) + md->m_len - fromcp;
1933 for (i = 0; i < len; i++) {
1940 fromcp = mtod(md, caddr_t);
1943 if (*fromcp == '\0') {
1944 nd->nd_repstat = EACCES;
1949 * For lookups on the public filehandle, do some special
1950 * processing on the name. (The public file handle is the
1951 * root of the public file system for this server.)
1953 if (nd->nd_flag & ND_PUBLOOKUP) {
1955 * If the first char is ASCII, it is a canonical
1956 * path, otherwise it is a native path. (RFC2054
1957 * doesn't actually state what it is if the first
1958 * char isn't ASCII or 0x80, so I assume native.)
1959 * pubtype == 1 -> native path
1960 * pubtype == 2 -> canonical path
1963 if (*fromcp & 0x80) {
1965 * Since RFC2054 doesn't indicate
1966 * that a native path of just 0x80
1967 * isn't allowed, I'll replace the
1968 * 0x80 with '/' instead of just
1978 * '/' only allowed in a native path
1980 if (*fromcp == '/' && pubtype != 1) {
1981 nd->nd_repstat = EACCES;
1987 * For the special case of 2 hex digits after a
1988 * '%' in an absolute path, calculate the value.
1989 * percent == 1 -> indicates "get first hex digit"
1990 * percent == 2 -> indicates "get second hex digit"
1993 digit = nfsrv_hexdigit(*fromcp, &error);
1995 nd->nd_repstat = EACCES;
2006 hash += ((u_char)val);
2010 if (*fromcp == '%' && pubtype == 2) {
2012 * Must be followed by 2 hex digits
2014 if ((len - i) < 3) {
2015 nd->nd_repstat = EACCES;
2022 hash += ((u_char)*fromcp);
2028 * Normal, non lookup on public, name.
2030 if (*fromcp == '/') {
2031 if (nd->nd_flag & ND_NFSV4)
2032 nd->nd_repstat = NFSERR_BADNAME;
2034 nd->nd_repstat = EACCES;
2038 hash += ((u_char)*fromcp);
2046 nd->nd_dpos = fromcp;
2047 i = NFSM_RNDUP(len) - len;
2052 error = nfsm_advance(nd, i, rem);
2059 * For v4, don't allow lookups of '.' or '..' and
2060 * also check for non-utf8 strings.
2062 if (nd->nd_flag & ND_NFSV4) {
2063 if ((outlen == 1 && bufp[0] == '.') ||
2064 (outlen == 2 && bufp[0] == '.' &&
2066 nd->nd_repstat = NFSERR_BADNAME;
2070 if (enable_checkutf8 == 1 &&
2071 nfsrv_checkutf8((u_int8_t *)bufp, outlen)) {
2072 nd->nd_repstat = NFSERR_INVAL;
2079 *outlenp = (size_t)outlen + 1;
2083 NFSEXITCODE2(error, nd);
2094 * Initialize client queues. Don't free/reinitialize
2095 * them when nfsds are restarted.
2097 NFSD_VNET(nfsclienthash) = malloc(sizeof(struct nfsclienthashhead) *
2098 nfsrv_clienthashsize, M_NFSDCLIENT, M_WAITOK | M_ZERO);
2099 for (i = 0; i < nfsrv_clienthashsize; i++)
2100 LIST_INIT(&NFSD_VNET(nfsclienthash)[i]);
2101 NFSD_VNET(nfslockhash) = malloc(sizeof(struct nfslockhashhead) *
2102 nfsrv_lockhashsize, M_NFSDLOCKFILE, M_WAITOK | M_ZERO);
2103 for (i = 0; i < nfsrv_lockhashsize; i++)
2104 LIST_INIT(&NFSD_VNET(nfslockhash)[i]);
2105 NFSD_VNET(nfssessionhash) = malloc(sizeof(struct nfssessionhash) *
2106 nfsrv_sessionhashsize, M_NFSDSESSION, M_WAITOK | M_ZERO);
2107 for (i = 0; i < nfsrv_sessionhashsize; i++) {
2108 mtx_init(&NFSD_VNET(nfssessionhash)[i].mtx, "nfssm", NULL,
2110 LIST_INIT(&NFSD_VNET(nfssessionhash)[i].list);
2112 LIST_INIT(&nfsrv_dontlisthead);
2113 TAILQ_INIT(&nfsrv_recalllisthead);
2115 /* and the v2 pubfh should be all zeros */
2116 NFSBZERO(nfs_v2pubfh, NFSX_V2FH);
2120 * Check the v4 root exports.
2121 * Return 0 if ok, 1 otherwise.
2124 nfsd_checkrootexp(struct nfsrv_descript *nd)
2127 if (NFSD_VNET(nfs_rootfhset) == 0)
2128 return (NFSERR_AUTHERR | AUTH_FAILED);
2130 * For NFSv4.1/4.2, if the client specifies SP4_NONE, then these
2131 * operations are allowed regardless of the value of the "sec=XXX"
2132 * field in the V4: exports line.
2133 * As such, these Kerberos checks only apply to NFSv4.0 mounts.
2135 if ((nd->nd_flag & ND_NFSV41) != 0)
2137 if ((nd->nd_flag & (ND_GSS | ND_EXAUTHSYS)) == ND_EXAUTHSYS)
2139 if ((nd->nd_flag & (ND_GSSINTEGRITY | ND_EXGSSINTEGRITY)) ==
2140 (ND_GSSINTEGRITY | ND_EXGSSINTEGRITY))
2142 if ((nd->nd_flag & (ND_GSSPRIVACY | ND_EXGSSPRIVACY)) ==
2143 (ND_GSSPRIVACY | ND_EXGSSPRIVACY))
2145 if ((nd->nd_flag & (ND_GSS | ND_GSSINTEGRITY | ND_GSSPRIVACY |
2146 ND_EXGSS)) == (ND_GSS | ND_EXGSS))
2148 return (NFSERR_AUTHERR | AUTH_TOOWEAK);
2150 if ((nd->nd_flag & ND_EXTLS) == 0)
2152 if ((nd->nd_flag & (ND_TLSCERTUSER | ND_EXTLSCERTUSER)) ==
2153 (ND_TLSCERTUSER | ND_EXTLSCERTUSER))
2155 if ((nd->nd_flag & (ND_TLSCERT | ND_EXTLSCERT | ND_EXTLSCERTUSER)) ==
2156 (ND_TLSCERT | ND_EXTLSCERT))
2158 if ((nd->nd_flag & (ND_TLS | ND_EXTLSCERTUSER | ND_EXTLSCERT)) ==
2162 /* There is currently no auth_stat for this. */
2163 if ((nd->nd_flag & ND_TLS) == 0)
2164 return (NFSERR_AUTHERR | AUTH_NEEDS_TLS);
2165 return (NFSERR_AUTHERR | AUTH_NEEDS_TLS_MUTUAL_HOST);
2167 return (NFSERR_AUTHERR | AUTH_TOOWEAK);
2171 * Parse the first part of an NFSv4 compound to find out what the minor
2175 nfsd_getminorvers(struct nfsrv_descript *nd, u_char *tag, u_char **tagstrp,
2176 int *taglenp, u_int32_t *minversp)
2179 int error = 0, taglen = -1;
2180 u_char *tagstr = NULL;
2182 NFSM_DISSECT(tl, uint32_t *, NFSX_UNSIGNED);
2183 taglen = fxdr_unsigned(int, *tl);
2184 if (taglen < 0 || taglen > NFSV4_OPAQUELIMIT) {
2188 if (taglen <= NFSV4_SMALLSTR)
2191 tagstr = malloc(taglen + 1, M_TEMP, M_WAITOK);
2192 error = nfsrv_mtostr(nd, tagstr, taglen);
2195 NFSM_DISSECT(tl, uint32_t *, NFSX_UNSIGNED);
2196 *minversp = fxdr_unsigned(u_int32_t, *tl);
2198 if (*minversp == NFSV41_MINORVERSION)
2199 nd->nd_flag |= ND_NFSV41;
2200 else if (*minversp == NFSV42_MINORVERSION)
2201 nd->nd_flag |= (ND_NFSV41 | ND_NFSV42);
2204 if (tagstr != NULL && taglen > NFSV4_SMALLSTR)
2205 free(tagstr, M_TEMP);