2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_serv.c 8.8 (Berkeley) 7/31/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 * nfs version 2 and 3 server calls to vnode ops
40 * - these routines generally have 3 phases
41 * 1 - break down and validate rpc request in mbuf list
42 * 2 - do the vnode ops for the request
43 * (surprisingly ?? many are very similar to syscalls in vfs_syscalls.c)
44 * 3 - build the rpc reply in an mbuf list
46 * - do not mix the phases, since the nfsm_?? macros can return failures
47 * on a bad rpc or similar and do not do any vrele() or vput()'s
49 * - the nfsm_reply() macro generates an nfs rpc reply with the nfs
50 * error number iff error != 0 whereas
51 * returning an error from the server function implies a fatal error
52 * such as a badly constructed rpc request that should be dropped without
54 * For nfsm_reply(), the case where error == EBADRPC is treated
55 * specially; after constructing a reply, it does an immediate
56 * `goto nfsmout' to avoid getting any V3 post-op status appended.
59 * Warning: always pay careful attention to resource cleanup on return
60 * and note that nfsm_*() macros can terminate a procedure on certain
63 * lookup() and namei()
64 * may return garbage in various structural fields/return elements
65 * if an error is returned, and may garbage up nd.ni_dvp even if no
66 * error is returned and you did not request LOCKPARENT or WANTPARENT.
68 * We use the ni_cnd.cn_flags 'HASBUF' flag to track whether the name
69 * buffer has been freed or not.
72 #include <sys/param.h>
73 #include <sys/systm.h>
75 #include <sys/namei.h>
76 #include <sys/unistd.h>
77 #include <sys/vnode.h>
78 #include <sys/mount.h>
79 #include <sys/socket.h>
80 #include <sys/socketvar.h>
81 #include <sys/malloc.h>
83 #include <sys/dirent.h>
85 #include <sys/kernel.h>
86 #include <sys/sysctl.h>
91 #include <vm/vm_extern.h>
92 #include <vm/vm_object.h>
94 #include <nfs/nfsproto.h>
95 #include <nfs/rpcv2.h>
96 #include <nfsserver/nfs.h>
97 #include <nfs/xdr_subs.h>
98 #include <nfsserver/nfsm_subs.h>
101 #define nfsdbprintf(info) printf info
103 #define nfsdbprintf(info)
106 #define MAX_COMMIT_COUNT (1024 * 1024)
108 #define NUM_HEURISTIC 1017
109 #define NHUSE_INIT 64
111 #define NHUSE_MAX 2048
113 static struct nfsheur {
114 struct vnode *nh_vp; /* vp to match (unreferenced pointer) */
115 off_t nh_nextr; /* next offset for sequential detection */
116 int nh_use; /* use count for selection */
117 int nh_seqcount; /* heuristic */
118 } nfsheur[NUM_HEURISTIC];
122 int nfsrvw_procrastinate = NFS_GATHERDELAY * 1000;
123 int nfsrvw_procrastinate_v3 = 0;
125 static struct timeval nfsver = { 0 };
127 SYSCTL_NODE(_vfs, OID_AUTO, nfsrv, CTLFLAG_RW, 0, "NFS server");
129 static int nfs_async;
130 static int nfs_commit_blks;
131 static int nfs_commit_miss;
132 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, async, CTLFLAG_RW, &nfs_async, 0, "");
133 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_blks, CTLFLAG_RW, &nfs_commit_blks, 0, "");
134 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_miss, CTLFLAG_RW, &nfs_commit_miss, 0, "");
136 struct nfsrvstats nfsrvstats;
137 SYSCTL_STRUCT(_vfs_nfsrv, NFS_NFSRVSTATS, nfsrvstats, CTLFLAG_RD,
138 &nfsrvstats, nfsrvstats, "S,nfsrvstats");
140 static int nfsrv_access_withgiant(struct vnode *vp, int flags,
141 struct ucred *cred, int rdonly, struct thread *td,
143 static int nfsrv_access(struct vnode *, int, struct ucred *, int,
144 struct thread *, int);
145 static void nfsrvw_coalesce(struct nfsrv_descript *,
146 struct nfsrv_descript *);
149 * Clear nameidata fields that are tested in nsfmout cleanup code prior
150 * to using first nfsm macro (that might jump to the cleanup code).
154 ndclear(struct nameidata *nd)
157 nd->ni_cnd.cn_flags = 0;
160 nd->ni_startdir = NULL;
164 * nfs v3 access service
167 nfsrv3_access(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
168 struct thread *td, struct mbuf **mrq)
170 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
171 struct sockaddr *nam = nfsd->nd_nam;
172 caddr_t dpos = nfsd->nd_dpos;
173 struct ucred *cred = &nfsd->nd_cr;
174 struct vnode *vp = NULL;
179 int error = 0, rdonly, getret;
180 struct mbuf *mb, *mreq;
181 struct vattr vattr, *vap = &vattr;
182 u_long testmode, nfsmode;
183 int v3 = (nfsd->nd_flag & ND_NFSV3);
187 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
189 panic("nfsrv3_access: v3 proc called on a v2 connection");
190 fhp = &nfh.fh_generic;
192 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
193 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
195 nfsm_reply(NFSX_UNSIGNED);
196 nfsm_srvpostop_attr(1, NULL);
200 nfsmode = fxdr_unsigned(u_int32_t, *tl);
202 mtx_lock(&Giant); /* VFS */
203 if ((nfsmode & NFSV3ACCESS_READ) &&
204 nfsrv_access_withgiant(vp, VREAD, cred, rdonly, td, 0))
205 nfsmode &= ~NFSV3ACCESS_READ;
206 if (vp->v_type == VDIR)
207 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND |
210 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND);
211 if ((nfsmode & testmode) &&
212 nfsrv_access_withgiant(vp, VWRITE, cred, rdonly, td, 0))
213 nfsmode &= ~testmode;
214 if (vp->v_type == VDIR)
215 testmode = NFSV3ACCESS_LOOKUP;
217 testmode = NFSV3ACCESS_EXECUTE;
218 if ((nfsmode & testmode) &&
219 nfsrv_access_withgiant(vp, VEXEC, cred, rdonly, td, 0))
220 nfsmode &= ~testmode;
221 getret = VOP_GETATTR(vp, vap, cred, td);
223 mtx_unlock(&Giant); /* VFS */
226 nfsm_reply(NFSX_POSTOPATTR(1) + NFSX_UNSIGNED);
227 nfsm_srvpostop_attr(getret, vap);
228 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
229 *tl = txdr_unsigned(nfsmode);
234 mtx_lock(&Giant); /* VFS */
236 mtx_unlock(&Giant); /* VFS */
243 * nfs getattr service
246 nfsrv_getattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
247 struct thread *td, struct mbuf **mrq)
249 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
250 struct sockaddr *nam = nfsd->nd_nam;
251 caddr_t dpos = nfsd->nd_dpos;
252 struct ucred *cred = &nfsd->nd_cr;
253 struct nfs_fattr *fp;
255 struct vattr *vap = &va;
256 struct vnode *vp = NULL;
260 int error = 0, rdonly;
261 struct mbuf *mb, *mreq;
265 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
266 fhp = &nfh.fh_generic;
268 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
275 mtx_lock(&Giant); /* VFS */
276 error = VOP_GETATTR(vp, vap, cred, td);
278 mtx_unlock(&Giant); /* VFS */
281 nfsm_reply(NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
286 fp = nfsm_build(struct nfs_fattr *,
287 NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
288 nfsm_srvfillattr(vap, fp);
295 mtx_lock(&Giant); /* VFS */
297 mtx_unlock(&Giant); /* VFS */
304 * nfs setattr service
307 nfsrv_setattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
308 struct thread *td, struct mbuf **mrq)
310 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
311 struct sockaddr *nam = nfsd->nd_nam;
312 caddr_t dpos = nfsd->nd_dpos;
313 struct ucred *cred = &nfsd->nd_cr;
314 struct vattr va, preat;
315 struct vattr *vap = &va;
316 struct nfsv2_sattr *sp;
317 struct nfs_fattr *fp;
318 struct vnode *vp = NULL;
323 int error = 0, rdonly, preat_ret = 1, postat_ret = 1;
324 int v3 = (nfsd->nd_flag & ND_NFSV3), gcheck = 0;
325 struct mbuf *mb, *mreq;
326 struct timespec guard;
327 struct mount *mp = NULL;
331 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
332 fhp = &nfh.fh_generic;
334 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
339 mtx_lock(&Giant); /* VFS */
340 (void) vn_start_write(NULL, &mp, V_WAIT);
341 mtx_unlock(&Giant); /* VFS */
346 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
347 gcheck = fxdr_unsigned(int, *tl);
349 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
350 fxdr_nfsv3time(tl, &guard);
353 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
355 * Nah nah nah nah na nah
356 * There is a bug in the Sun client that puts 0xffff in the mode
357 * field of sattr when it should put in 0xffffffff. The u_short
358 * doesn't sign extend.
359 * --> check the low order 2 bytes for 0xffff
361 if ((fxdr_unsigned(int, sp->sa_mode) & 0xffff) != 0xffff)
362 vap->va_mode = nfstov_mode(sp->sa_mode);
363 if (sp->sa_uid != nfsrv_nfs_xdrneg1)
364 vap->va_uid = fxdr_unsigned(uid_t, sp->sa_uid);
365 if (sp->sa_gid != nfsrv_nfs_xdrneg1)
366 vap->va_gid = fxdr_unsigned(gid_t, sp->sa_gid);
367 if (sp->sa_size != nfsrv_nfs_xdrneg1)
368 vap->va_size = fxdr_unsigned(u_quad_t, sp->sa_size);
369 if (sp->sa_atime.nfsv2_sec != nfsrv_nfs_xdrneg1) {
371 fxdr_nfsv2time(&sp->sa_atime, &vap->va_atime);
373 vap->va_atime.tv_sec =
374 fxdr_unsigned(int32_t, sp->sa_atime.nfsv2_sec);
375 vap->va_atime.tv_nsec = 0;
378 if (sp->sa_mtime.nfsv2_sec != nfsrv_nfs_xdrneg1)
379 fxdr_nfsv2time(&sp->sa_mtime, &vap->va_mtime);
384 * Now that we have all the fields, lets do it.
386 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
388 nfsm_reply(2 * NFSX_UNSIGNED);
390 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
396 * vp now an active resource, pay careful attention to cleanup
400 mtx_lock(&Giant); /* VFS */
401 error = preat_ret = VOP_GETATTR(vp, &preat, cred, td);
402 if (!error && gcheck &&
403 (preat.va_ctime.tv_sec != guard.tv_sec ||
404 preat.va_ctime.tv_nsec != guard.tv_nsec))
405 error = NFSERR_NOT_SYNC;
408 mtx_unlock(&Giant); /* VFS */
411 nfsm_reply(NFSX_WCCDATA(v3));
413 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
417 mtx_unlock(&Giant); /* VFS */
423 * If the size is being changed write acces is required, otherwise
424 * just check for a read only filesystem.
426 if (vap->va_size == ((u_quad_t)((quad_t) -1))) {
427 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
432 if (vp->v_type == VDIR) {
435 } else if ((error = nfsrv_access(vp, VWRITE, cred, rdonly,
440 mtx_lock(&Giant); /* VFS */
441 error = VOP_SETATTR(vp, vap, cred, td);
442 postat_ret = VOP_GETATTR(vp, vap, cred, td);
443 mtx_unlock(&Giant); /* VFS */
451 mtx_lock(&Giant); /* VFS */
453 mtx_unlock(&Giant); /* VFS */
458 nfsm_reply(NFSX_WCCORFATTR(v3));
460 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
462 /* v2 non-error case. */
463 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
464 nfsm_srvfillattr(vap, fp);
472 mtx_lock(&Giant); /* VFS */
475 vn_finished_write(mp);
476 mtx_unlock(&Giant); /* VFS */
485 nfsrv_lookup(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
486 struct thread *td, struct mbuf **mrq)
488 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
489 struct sockaddr *nam = nfsd->nd_nam;
490 caddr_t dpos = nfsd->nd_dpos;
491 struct ucred *cred = &nfsd->nd_cr;
492 struct nfs_fattr *fp;
493 struct nameidata nd, ind, *ndp = &nd;
494 struct vnode *vp, *dirp = NULL;
498 int error = 0, len, dirattr_ret = 1;
499 int v3 = (nfsd->nd_flag & ND_NFSV3), pubflag;
500 struct mbuf *mb, *mreq;
501 struct vattr va, dirattr, *vap = &va;
505 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
508 fhp = &nfh.fh_generic;
510 nfsm_srvnamesiz(len);
512 pubflag = nfs_ispublicfh(fhp);
514 nd.ni_cnd.cn_cred = cred;
515 nd.ni_cnd.cn_nameiop = LOOKUP;
516 nd.ni_cnd.cn_flags = LOCKLEAF | SAVESTART;
517 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
518 &dirp, v3, &dirattr, &dirattr_ret, td, pubflag);
521 * namei failure, only dirp to cleanup. Clear out garbarge from
522 * structure in case macros jump to nfsmout.
526 mtx_lock(&Giant); /* VFS */
532 mtx_unlock(&Giant); /* VFS */
534 nfsm_reply(NFSX_POSTOPATTR(v3));
536 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
542 * Locate index file for public filehandle
544 * error is 0 on entry and 0 on exit from this block.
548 if (nd.ni_vp->v_type == VDIR && nfs_pub.np_index != NULL) {
550 * Setup call to lookup() to see if we can find
551 * the index file. Arguably, this doesn't belong
552 * in a kernel.. Ugh. If an error occurs, do not
553 * try to install an index file and then clear the
556 * When we replace nd with ind and redirect ndp,
557 * maintenance of ni_startdir and ni_vp shift to
558 * ind and we have to clean them up in the old nd.
559 * However, the cnd resource continues to be maintained
560 * via the original nd. Confused? You aren't alone!
563 VOP_UNLOCK(nd.ni_vp, 0, td);
564 ind.ni_pathlen = strlen(nfs_pub.np_index);
565 ind.ni_cnd.cn_nameptr = ind.ni_cnd.cn_pnbuf =
567 ind.ni_startdir = nd.ni_vp;
568 VREF(ind.ni_startdir);
570 error = lookup(&ind);
575 * Found an index file. Get rid of
576 * the old references. transfer nd.ni_vp'
582 vrele(nd.ni_startdir);
583 nd.ni_startdir = NULL;
589 * If the public filehandle was used, check that this lookup
590 * didn't result in a filehandle outside the publicly exported
591 * filesystem. We clear the poor vp here to avoid lockups due
595 if (ndp->ni_vp->v_mount != nfs_pub.np_mount) {
608 * Resources at this point:
609 * ndp->ni_vp may not be NULL
614 mtx_unlock(&Giant); /* VFS */
616 nfsm_reply(NFSX_POSTOPATTR(v3));
618 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
624 * Clear out some resources prior to potentially blocking. This
625 * is not as critical as ni_dvp resources in other routines, but
628 vrele(ndp->ni_startdir);
629 ndp->ni_startdir = NULL;
630 NDFREE(&nd, NDF_ONLY_PNBUF);
633 * Get underlying attribute, then release remaining resources ( for
634 * the same potential blocking reason ) and reply.
637 bzero((caddr_t)fhp, sizeof(nfh));
638 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
639 error = VFS_VPTOFH(vp, &fhp->fh_fid);
641 error = VOP_GETATTR(vp, vap, cred, td);
644 mtx_unlock(&Giant); /* VFS */
647 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPORFATTR(v3) + NFSX_POSTOPATTR(v3));
650 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
654 nfsm_srvfhtom(fhp, v3);
656 nfsm_srvpostop_attr(0, vap);
657 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
659 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
660 nfsm_srvfillattr(vap, fp);
666 mtx_lock(&Giant); /* VFS */
669 NDFREE(&nd, NDF_ONLY_PNBUF);
670 if (ndp->ni_startdir)
671 vrele(ndp->ni_startdir);
674 mtx_unlock(&Giant); /* VFS */
680 * nfs readlink service
683 nfsrv_readlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
684 struct thread *td, struct mbuf **mrq)
686 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
687 struct sockaddr *nam = nfsd->nd_nam;
688 caddr_t dpos = nfsd->nd_dpos;
689 struct ucred *cred = &nfsd->nd_cr;
690 struct iovec iv[(NFS_MAXPATHLEN+MLEN-1)/MLEN];
691 struct iovec *ivp = iv;
695 int error = 0, rdonly, i, tlen, len, getret;
696 int v3 = (nfsd->nd_flag & ND_NFSV3);
697 struct mbuf *mb, *mp3, *nmp, *mreq;
698 struct vnode *vp = NULL;
702 struct uio io, *uiop = &io;
706 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
711 fhp = &nfh.fh_generic;
716 while (len < NFS_MAXPATHLEN) {
717 MGET(nmp, M_TRYWAIT, MT_DATA);
718 MCLGET(nmp, M_TRYWAIT);
719 nmp->m_len = NFSMSIZ(nmp);
726 if ((len + mp->m_len) > NFS_MAXPATHLEN) {
727 mp->m_len = NFS_MAXPATHLEN - len;
728 len = NFS_MAXPATHLEN;
731 ivp->iov_base = mtod(mp, caddr_t);
732 ivp->iov_len = mp->m_len;
737 uiop->uio_iovcnt = i;
738 uiop->uio_offset = 0;
739 uiop->uio_resid = len;
740 uiop->uio_rw = UIO_READ;
741 uiop->uio_segflg = UIO_SYSSPACE;
744 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
746 nfsm_reply(2 * NFSX_UNSIGNED);
748 nfsm_srvpostop_attr(1, NULL);
753 mtx_lock(&Giant); /* VFS */
754 if (vp->v_type != VLNK) {
760 error = VOP_READLINK(vp, uiop, cred);
761 getret = VOP_GETATTR(vp, &attr, cred, td);
763 mtx_unlock(&Giant); /* VFS */
766 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_UNSIGNED);
768 nfsm_srvpostop_attr(getret, &attr);
773 if (uiop->uio_resid > 0) {
774 len -= uiop->uio_resid;
775 tlen = nfsm_rndup(len);
776 nfsm_adj(mp3, NFS_MAXPATHLEN-tlen, tlen-len);
778 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
779 *tl = txdr_unsigned(len);
788 mtx_lock(&Giant); /* VFS */
790 mtx_unlock(&Giant); /* VFS */
800 nfsrv_read(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
801 struct thread *td, struct mbuf **mrq)
803 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
804 struct sockaddr *nam = nfsd->nd_nam;
805 caddr_t dpos = nfsd->nd_dpos;
806 struct ucred *cred = &nfsd->nd_cr;
810 struct nfs_fattr *fp;
814 int error = 0, rdonly, cnt, len, left, siz, tlen, getret;
815 int v3 = (nfsd->nd_flag & ND_NFSV3), reqlen;
816 struct mbuf *mb, *mreq;
818 struct vnode *vp = NULL;
821 struct uio io, *uiop = &io;
822 struct vattr va, *vap = &va;
829 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
830 fhp = &nfh.fh_generic;
833 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
834 off = fxdr_hyper(tl);
836 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
837 off = (off_t)fxdr_unsigned(u_int32_t, *tl);
839 nfsm_srvstrsiz(reqlen, NFS_SRVMAXDATA(nfsd));
842 * Reference vp. If an error occurs, vp will be invalid, but we
843 * have to NULL it just in case. The macros might goto nfsmout
847 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
850 nfsm_reply(2 * NFSX_UNSIGNED);
852 nfsm_srvpostop_attr(1, NULL);
857 if (vp->v_type != VREG) {
861 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
864 mtx_lock(&Giant); /* VFS */
866 if ((error = nfsrv_access_withgiant(vp, VREAD, cred, rdonly,
868 error = nfsrv_access_withgiant(vp, VEXEC, cred,
871 getret = VOP_GETATTR(vp, vap, cred, td);
876 mtx_unlock(&Giant); /* VFS */
879 nfsm_reply(NFSX_POSTOPATTR(v3));
881 nfsm_srvpostop_attr(getret, vap);
885 mtx_unlock(&Giant); /* VFS */
889 * Calculate byte count to read
892 if (off >= vap->va_size)
894 else if ((off + reqlen) > vap->va_size)
895 cnt = vap->va_size - off;
900 * Calculate seqcount for heuristic
908 * Locate best candidate
911 hi = ((int)(vm_offset_t)vp / sizeof(struct vnode)) % NUM_HEURISTIC;
915 if (nfsheur[hi].nh_vp == vp) {
919 if (nfsheur[hi].nh_use > 0)
920 --nfsheur[hi].nh_use;
921 hi = (hi + 1) % NUM_HEURISTIC;
922 if (nfsheur[hi].nh_use < nh->nh_use)
926 if (nh->nh_vp != vp) {
929 nh->nh_use = NHUSE_INIT;
937 * Calculate heuristic
940 if ((off == 0 && nh->nh_seqcount > 0) || off == nh->nh_nextr) {
941 if (++nh->nh_seqcount > IO_SEQMAX)
942 nh->nh_seqcount = IO_SEQMAX;
943 } else if (nh->nh_seqcount > 1) {
948 nh->nh_use += NHUSE_INC;
949 if (nh->nh_use > NHUSE_MAX)
950 nh->nh_use = NHUSE_MAX;
951 ioflag |= nh->nh_seqcount << IO_SEQSHIFT;
954 nfsm_reply(NFSX_POSTOPORFATTR(v3) + 3 * NFSX_UNSIGNED+nfsm_rndup(cnt));
956 tl = nfsm_build(u_int32_t *, NFSX_V3FATTR + 4 * NFSX_UNSIGNED);
957 *tl++ = nfsrv_nfs_true;
958 fp = (struct nfs_fattr *)tl;
959 tl += (NFSX_V3FATTR / sizeof (u_int32_t));
961 tl = nfsm_build(u_int32_t *, NFSX_V2FATTR + NFSX_UNSIGNED);
962 fp = (struct nfs_fattr *)tl;
963 tl += (NFSX_V2FATTR / sizeof (u_int32_t));
965 len = left = nfsm_rndup(cnt);
969 * Generate the mbuf list with the uio_iov ref. to it.
974 siz = min(M_TRAILINGSPACE(m), left);
980 MGET(m, M_TRYWAIT, MT_DATA);
981 MCLGET(m, M_TRYWAIT);
987 MALLOC(iv, struct iovec *, i * sizeof (struct iovec),
989 uiop->uio_iov = iv2 = iv;
995 panic("nfsrv_read iov");
996 siz = min(M_TRAILINGSPACE(m), left);
998 iv->iov_base = mtod(m, caddr_t) + m->m_len;
1007 uiop->uio_iovcnt = i;
1008 uiop->uio_offset = off;
1009 uiop->uio_resid = len;
1010 uiop->uio_rw = UIO_READ;
1011 uiop->uio_segflg = UIO_SYSSPACE;
1012 mtx_lock(&Giant); /* VFS */
1013 error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
1014 off = uiop->uio_offset;
1016 FREE((caddr_t)iv2, M_TEMP);
1017 if (error || (getret = VOP_GETATTR(vp, vap, cred, td))) {
1022 mtx_unlock(&Giant); /* VFS */
1025 nfsm_reply(NFSX_POSTOPATTR(v3));
1027 nfsm_srvpostop_attr(getret, vap);
1032 uiop->uio_resid = 0;
1033 mtx_lock(&Giant); /* VFS */
1035 mtx_assert(&Giant, MA_OWNED); /* VFS */
1037 mtx_unlock(&Giant); /* VFS */
1040 nfsm_srvfillattr(vap, fp);
1041 tlen = len - uiop->uio_resid;
1042 cnt = cnt < tlen ? cnt : tlen;
1043 tlen = nfsm_rndup(cnt);
1044 if (len != tlen || tlen != cnt)
1045 nfsm_adj(mb, len - tlen, tlen - cnt);
1047 *tl++ = txdr_unsigned(cnt);
1049 *tl++ = nfsrv_nfs_true;
1051 *tl++ = nfsrv_nfs_false;
1053 *tl = txdr_unsigned(cnt);
1058 mtx_lock(&Giant); /* VFS */
1060 mtx_unlock(&Giant); /* VFS */
1070 nfsrv_write(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1071 struct thread *td, struct mbuf **mrq)
1073 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1074 struct sockaddr *nam = nfsd->nd_nam;
1075 caddr_t dpos = nfsd->nd_dpos;
1076 struct ucred *cred = &nfsd->nd_cr;
1080 struct nfs_fattr *fp;
1082 struct vattr va, forat;
1083 struct vattr *vap = &va;
1086 int error = 0, rdonly, len, forat_ret = 1;
1087 int ioflags, aftat_ret = 1, retlen = 0, zeroing, adjust;
1088 int stable = NFSV3WRITE_FILESYNC;
1089 int v3 = (nfsd->nd_flag & ND_NFSV3);
1090 struct mbuf *mb, *mreq;
1091 struct vnode *vp = NULL;
1094 struct uio io, *uiop = &io;
1096 struct mount *mntp = NULL;
1100 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1106 fhp = &nfh.fh_generic;
1108 if ((mntp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1113 mtx_lock(&Giant); /* VFS */
1114 (void) vn_start_write(NULL, &mntp, V_WAIT);
1115 mtx_unlock(&Giant); /* VFS */
1118 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
1119 off = fxdr_hyper(tl);
1121 stable = fxdr_unsigned(int, *tl++);
1123 tl = nfsm_dissect_nonblock(u_int32_t *, 4 * NFSX_UNSIGNED);
1124 off = (off_t)fxdr_unsigned(u_int32_t, *++tl);
1127 stable = NFSV3WRITE_UNSTABLE;
1129 retlen = len = fxdr_unsigned(int32_t, *tl);
1133 * For NFS Version 2, it is not obvious what a write of zero length
1134 * should do, but I might as well be consistent with Version 3,
1135 * which is to return ok so long as there are no permission problems.
1143 adjust = dpos - mtod(mp, caddr_t);
1144 mp->m_len -= adjust;
1145 if (mp->m_len > 0 && adjust > 0)
1146 mp->m_data += adjust;
1150 else if (mp->m_len > 0) {
1153 mp->m_len -= (i - len);
1162 if (len > NFS_MAXDATA || len < 0 || i < len) {
1164 nfsm_reply(2 * NFSX_UNSIGNED);
1166 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1170 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
1173 nfsm_reply(2 * NFSX_UNSIGNED);
1175 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1181 mtx_lock(&Giant); /* VFS */
1182 forat_ret = VOP_GETATTR(vp, &forat, cred, td);
1183 mtx_unlock(&Giant); /* VFS */
1186 if (vp->v_type != VREG) {
1190 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
1193 error = nfsrv_access(vp, VWRITE, cred, rdonly, td, 1);
1196 mtx_lock(&Giant); /* VFS */
1198 mtx_unlock(&Giant); /* VFS */
1201 nfsm_reply(NFSX_WCCDATA(v3));
1203 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1210 MALLOC(ivp, struct iovec *, cnt * sizeof (struct iovec), M_TEMP,
1212 uiop->uio_iov = iv = ivp;
1213 uiop->uio_iovcnt = cnt;
1216 if (mp->m_len > 0) {
1217 ivp->iov_base = mtod(mp, caddr_t);
1218 ivp->iov_len = mp->m_len;
1226 * The IO_METASYNC flag indicates that all metadata (and not just
1227 * enough to ensure data integrity) mus be written to stable storage
1229 * (IO_METASYNC is not yet implemented in 4.4BSD-Lite.)
1231 if (stable == NFSV3WRITE_UNSTABLE)
1232 ioflags = IO_NODELOCKED;
1233 else if (stable == NFSV3WRITE_DATASYNC)
1234 ioflags = (IO_SYNC | IO_NODELOCKED);
1236 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1237 uiop->uio_resid = len;
1238 uiop->uio_rw = UIO_WRITE;
1239 uiop->uio_segflg = UIO_SYSSPACE;
1240 uiop->uio_td = NULL;
1241 uiop->uio_offset = off;
1242 mtx_lock(&Giant); /* VFS */
1243 error = VOP_WRITE(vp, uiop, ioflags, cred);
1244 /* XXXRW: unlocked write. */
1245 nfsrvstats.srvvop_writes++;
1246 FREE((caddr_t)iv, M_TEMP);
1248 mtx_lock(&Giant); /* VFS */
1249 mtx_assert(&Giant, MA_OWNED); /* VFS */
1250 aftat_ret = VOP_GETATTR(vp, vap, cred, td);
1252 mtx_unlock(&Giant); /* VFS */
1259 nfsm_reply(NFSX_PREOPATTR(v3) + NFSX_POSTOPORFATTR(v3) +
1260 2 * NFSX_UNSIGNED + NFSX_WRITEVERF(v3));
1262 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1267 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
1268 *tl++ = txdr_unsigned(retlen);
1270 * If nfs_async is set, then pretend the write was FILESYNC.
1272 if (stable == NFSV3WRITE_UNSTABLE && !nfs_async)
1273 *tl++ = txdr_unsigned(stable);
1275 *tl++ = txdr_unsigned(NFSV3WRITE_FILESYNC);
1277 * Actually, there is no need to txdr these fields,
1278 * but it may make the values more human readable,
1279 * for debugging purposes.
1281 if (nfsver.tv_sec == 0)
1283 *tl++ = txdr_unsigned(nfsver.tv_sec);
1284 *tl = txdr_unsigned(nfsver.tv_usec);
1285 } else if (!error) {
1286 /* v2 non-error case. */
1287 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1288 nfsm_srvfillattr(vap, fp);
1294 mtx_lock(&Giant); /* VFS */
1297 vn_finished_write(mntp);
1298 mtx_unlock(&Giant); /* VFS */
1304 * For the purposes of write gathering, we must decide if the credential
1305 * associated with two pending requests have equivilent privileges. Since
1306 * NFS only uses a subset of the BSD ucred -- the effective uid and group
1307 * IDs -- we have a compare routine that checks only the relevant fields.
1310 nfsrv_samecred(struct ucred *cr1, struct ucred *cr2)
1314 if (cr1->cr_uid != cr2->cr_uid)
1316 if (cr1->cr_ngroups != cr2->cr_ngroups)
1318 for (i = 0; i < cr1->cr_ngroups; i++) {
1319 if (cr1->cr_groups[i] != cr2->cr_groups[i])
1326 * NFS write service with write gathering support. Called when
1327 * nfsrvw_procrastinate > 0.
1328 * See: Chet Juszczak, "Improving the Write Performance of an NFS Server",
1329 * in Proc. of the Winter 1994 Usenix Conference, pg. 247-259, San Franscisco,
1333 nfsrv_writegather(struct nfsrv_descript **ndp, struct nfssvc_sock *slp,
1334 struct thread *td, struct mbuf **mrq)
1338 struct nfsrv_descript *wp, *nfsd, *owp, *swp;
1339 struct nfs_fattr *fp;
1342 struct nfsrvw_delayhash *wpp;
1344 struct vattr va, forat;
1347 int error = 0, rdonly, len, forat_ret = 1;
1348 int ioflags, aftat_ret = 1, s, adjust, v3, zeroing;
1349 struct mbuf *mb, *mreq, *mrep, *md;
1350 struct vnode *vp = NULL;
1351 struct uio io, *uiop = &io;
1353 struct mount *mntp = NULL;
1357 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1366 mrep = nfsd->nd_mrep;
1368 dpos = nfsd->nd_dpos;
1369 cred = &nfsd->nd_cr;
1370 v3 = (nfsd->nd_flag & ND_NFSV3);
1371 LIST_INIT(&nfsd->nd_coalesce);
1372 nfsd->nd_mreq = NULL;
1373 nfsd->nd_stable = NFSV3WRITE_FILESYNC;
1374 cur_usec = nfs_curusec();
1375 nfsd->nd_time = cur_usec +
1376 (v3 ? nfsrvw_procrastinate_v3 : nfsrvw_procrastinate);
1379 * Now, get the write header..
1381 nfsm_srvmtofh(&nfsd->nd_fh);
1383 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
1384 nfsd->nd_off = fxdr_hyper(tl);
1386 nfsd->nd_stable = fxdr_unsigned(int, *tl++);
1388 tl = nfsm_dissect_nonblock(u_int32_t *, 4 * NFSX_UNSIGNED);
1389 nfsd->nd_off = (off_t)fxdr_unsigned(u_int32_t, *++tl);
1392 nfsd->nd_stable = NFSV3WRITE_UNSTABLE;
1394 len = fxdr_unsigned(int32_t, *tl);
1396 nfsd->nd_eoff = nfsd->nd_off + len;
1399 * Trim the header out of the mbuf list and trim off any trailing
1400 * junk so that the mbuf list has only the write data.
1408 adjust = dpos - mtod(mp, caddr_t);
1409 mp->m_len -= adjust;
1410 if (mp->m_len > 0 && adjust > 0)
1411 mp->m_data += adjust;
1418 mp->m_len -= (i - len);
1424 if (len > NFS_MAXDATA || len < 0 || i < len) {
1429 nfsm_writereply(2 * NFSX_UNSIGNED);
1431 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, &va);
1432 nfsd->nd_mreq = mreq;
1433 nfsd->nd_mrep = NULL;
1438 * Add this entry to the hash and time queues.
1442 wp = LIST_FIRST(&slp->ns_tq);
1443 while (wp && wp->nd_time < nfsd->nd_time) {
1445 wp = LIST_NEXT(wp, nd_tq);
1447 NFS_DPF(WG, ("Q%03x", nfsd->nd_retxid & 0xfff));
1449 LIST_INSERT_AFTER(owp, nfsd, nd_tq);
1451 LIST_INSERT_HEAD(&slp->ns_tq, nfsd, nd_tq);
1453 if (nfsd->nd_mrep) {
1454 wpp = NWDELAYHASH(slp, nfsd->nd_fh.fh_fid.fid_data);
1456 wp = LIST_FIRST(wpp);
1458 bcmp((caddr_t)&nfsd->nd_fh,(caddr_t)&wp->nd_fh, NFSX_V3FH)){
1460 wp = LIST_NEXT(wp, nd_hash);
1462 while (wp && wp->nd_off < nfsd->nd_off &&
1463 !bcmp((caddr_t)&nfsd->nd_fh,(caddr_t)&wp->nd_fh, NFSX_V3FH)) {
1465 wp = LIST_NEXT(wp, nd_hash);
1468 LIST_INSERT_AFTER(owp, nfsd, nd_hash);
1471 * Search the hash list for overlapping entries and
1474 for(; nfsd && NFSW_CONTIG(owp, nfsd); nfsd = wp) {
1475 wp = LIST_NEXT(nfsd, nd_hash);
1476 if (nfsrv_samecred(&owp->nd_cr, &nfsd->nd_cr))
1477 nfsrvw_coalesce(owp, nfsd);
1480 LIST_INSERT_HEAD(wpp, nfsd, nd_hash);
1487 * Now, do VOP_WRITE()s for any one(s) that need to be done now
1488 * and generate the associated reply mbuf list(s).
1491 cur_usec = nfs_curusec();
1493 for (nfsd = LIST_FIRST(&slp->ns_tq); nfsd; nfsd = owp) {
1494 owp = LIST_NEXT(nfsd, nd_tq);
1495 if (nfsd->nd_time > cur_usec)
1499 NFS_DPF(WG, ("P%03x", nfsd->nd_retxid & 0xfff));
1500 LIST_REMOVE(nfsd, nd_tq);
1501 LIST_REMOVE(nfsd, nd_hash);
1503 mrep = nfsd->nd_mrep;
1504 nfsd->nd_mrep = NULL;
1505 cred = &nfsd->nd_cr;
1506 v3 = (nfsd->nd_flag & ND_NFSV3);
1507 forat_ret = aftat_ret = 1;
1508 error = nfsrv_fhtovp(&nfsd->nd_fh, 1, &vp, cred, slp,
1509 nfsd->nd_nam, &rdonly, TRUE);
1513 mtx_lock(&Giant); /* VFS */
1514 forat_ret = VOP_GETATTR(vp, &forat, cred, td);
1515 mtx_unlock(&Giant); /* VFS */
1518 if (vp->v_type != VREG) {
1522 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
1528 mtx_lock(&Giant); /* VFS */
1530 error = nfsrv_access_withgiant(vp, VWRITE, cred, rdonly,
1532 if (nfsd->nd_stable == NFSV3WRITE_UNSTABLE)
1533 ioflags = IO_NODELOCKED;
1534 else if (nfsd->nd_stable == NFSV3WRITE_DATASYNC)
1535 ioflags = (IO_SYNC | IO_NODELOCKED);
1537 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1538 uiop->uio_rw = UIO_WRITE;
1539 uiop->uio_segflg = UIO_SYSSPACE;
1540 uiop->uio_td = NULL;
1541 uiop->uio_offset = nfsd->nd_off;
1542 uiop->uio_resid = nfsd->nd_eoff - nfsd->nd_off;
1543 if (uiop->uio_resid > 0) {
1551 uiop->uio_iovcnt = i;
1552 MALLOC(iov, struct iovec *, i * sizeof (struct iovec),
1554 uiop->uio_iov = ivp = iov;
1557 if (mp->m_len > 0) {
1558 ivp->iov_base = mtod(mp, caddr_t);
1559 ivp->iov_len = mp->m_len;
1565 if (vn_start_write(vp, &mntp, V_NOWAIT) != 0) {
1566 VOP_UNLOCK(vp, 0, td);
1567 error = vn_start_write(NULL, &mntp, V_WAIT);
1568 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
1572 error = VOP_WRITE(vp, uiop, ioflags, cred);
1573 /* XXXRW: unlocked write. */
1574 nfsrvstats.srvvop_writes++;
1575 vn_finished_write(mntp);
1577 FREE((caddr_t)iov, M_TEMP);
1581 aftat_ret = VOP_GETATTR(vp, &va, cred, td);
1585 mtx_unlock(&Giant); /* VFS */
1589 * Loop around generating replies for all write rpcs that have
1590 * now been completed.
1594 NFS_DPF(WG, ("R%03x", nfsd->nd_retxid & 0xfff));
1596 nfsm_writereply(NFSX_WCCDATA(v3));
1598 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, &va);
1601 nfsm_writereply(NFSX_PREOPATTR(v3) +
1602 NFSX_POSTOPORFATTR(v3) + 2 * NFSX_UNSIGNED +
1603 NFSX_WRITEVERF(v3));
1605 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, &va);
1606 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
1607 *tl++ = txdr_unsigned(nfsd->nd_len);
1608 *tl++ = txdr_unsigned(swp->nd_stable);
1610 * Actually, there is no need to txdr these fields,
1611 * but it may make the values more human readable,
1612 * for debugging purposes.
1614 if (nfsver.tv_sec == 0)
1616 *tl++ = txdr_unsigned(nfsver.tv_sec);
1617 *tl = txdr_unsigned(nfsver.tv_usec);
1619 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1620 nfsm_srvfillattr(&va, fp);
1623 nfsd->nd_mreq = mreq;
1625 panic("nfsrv_write: nd_mrep not free");
1628 * Done. Put it at the head of the timer queue so that
1629 * the final phase can return the reply.
1634 LIST_INSERT_HEAD(&slp->ns_tq, nfsd, nd_tq);
1636 nfsd = LIST_FIRST(&swp->nd_coalesce);
1638 LIST_REMOVE(nfsd, nd_tq);
1644 LIST_INSERT_HEAD(&slp->ns_tq, swp, nd_tq);
1651 * Search for a reply to return.
1654 LIST_FOREACH(nfsd, &slp->ns_tq, nd_tq)
1655 if (nfsd->nd_mreq) {
1656 NFS_DPF(WG, ("X%03x", nfsd->nd_retxid & 0xfff));
1657 LIST_REMOVE(nfsd, nd_tq);
1658 *mrq = nfsd->nd_mreq;
1667 * Coalesce the write request nfsd into owp. To do this we must:
1668 * - remove nfsd from the queues
1669 * - merge nfsd->nd_mrep into owp->nd_mrep
1670 * - update the nd_eoff and nd_stable for owp
1671 * - put nfsd on owp's nd_coalesce list
1672 * NB: Must be called at splsoftclock().
1675 nfsrvw_coalesce(struct nfsrv_descript *owp, struct nfsrv_descript *nfsd)
1679 struct nfsrv_descript *p;
1683 NFS_DPF(WG, ("C%03x-%03x",
1684 nfsd->nd_retxid & 0xfff, owp->nd_retxid & 0xfff));
1685 LIST_REMOVE(nfsd, nd_hash);
1686 LIST_REMOVE(nfsd, nd_tq);
1687 if (owp->nd_eoff < nfsd->nd_eoff) {
1688 overlap = owp->nd_eoff - nfsd->nd_off;
1690 panic("nfsrv_coalesce: bad off");
1692 m_adj(nfsd->nd_mrep, overlap);
1696 mp->m_next = nfsd->nd_mrep;
1697 owp->nd_eoff = nfsd->nd_eoff;
1699 m_freem(nfsd->nd_mrep);
1700 nfsd->nd_mrep = NULL;
1701 if (nfsd->nd_stable == NFSV3WRITE_FILESYNC)
1702 owp->nd_stable = NFSV3WRITE_FILESYNC;
1703 else if (nfsd->nd_stable == NFSV3WRITE_DATASYNC &&
1704 owp->nd_stable == NFSV3WRITE_UNSTABLE)
1705 owp->nd_stable = NFSV3WRITE_DATASYNC;
1706 LIST_INSERT_HEAD(&owp->nd_coalesce, nfsd, nd_tq);
1709 * If nfsd had anything else coalesced into it, transfer them
1710 * to owp, otherwise their replies will never get sent.
1712 for (p = LIST_FIRST(&nfsd->nd_coalesce); p;
1713 p = LIST_FIRST(&nfsd->nd_coalesce)) {
1714 LIST_REMOVE(p, nd_tq);
1715 LIST_INSERT_HEAD(&owp->nd_coalesce, p, nd_tq);
1720 * nfs create service
1721 * now does a truncate to 0 length via. setattr if it already exists
1724 nfsrv_create(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1725 struct thread *td, struct mbuf **mrq)
1727 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1728 struct sockaddr *nam = nfsd->nd_nam;
1729 caddr_t dpos = nfsd->nd_dpos;
1730 struct ucred *cred = &nfsd->nd_cr;
1731 struct nfs_fattr *fp;
1732 struct vattr va, dirfor, diraft;
1733 struct vattr *vap = &va;
1734 struct nfsv2_sattr *sp;
1736 struct nameidata nd;
1738 int error = 0, rdev, len, tsize, dirfor_ret = 1, diraft_ret = 1;
1739 int v3 = (nfsd->nd_flag & ND_NFSV3), how, exclusive_flag = 0;
1741 struct mbuf *mb, *mreq;
1742 struct vnode *dirp = NULL;
1746 u_char cverf[NFSX_V3CREATEVERF];
1747 struct mount *mp = NULL;
1751 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1757 fhp = &nfh.fh_generic;
1759 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1764 mtx_lock(&Giant); /* VFS */
1765 (void) vn_start_write(NULL, &mp, V_WAIT);
1766 mtx_unlock(&Giant); /* VFS */
1768 nfsm_srvnamesiz(len);
1770 nd.ni_cnd.cn_cred = cred;
1771 nd.ni_cnd.cn_nameiop = CREATE;
1772 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART;
1775 * Call namei and do initial cleanup to get a few things
1776 * out of the way. If we get an initial error we cleanup
1777 * and return here to avoid special-casing the invalid nd
1778 * structure through the rest of the case. dirp may be
1779 * set even if an error occurs, but the nd structure will not
1780 * be valid at all if an error occurs so we have to invalidate it
1781 * prior to calling nfsm_reply ( which might goto nfsmout ).
1783 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
1784 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
1787 mtx_lock(&Giant); /* VFS */
1789 mtx_unlock(&Giant); /* VFS */
1794 nfsm_reply(NFSX_WCCDATA(v3));
1796 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1802 * No error. Continue. State:
1804 * startdir is valid ( we release this immediately )
1806 * nd.ni_vp may be valid
1807 * nd.ni_dvp is valid
1809 * The error state is set through the code and we may also do some
1810 * opportunistic releasing of vnodes to avoid holding locks through
1811 * NFS I/O. The cleanup at the end is a catch-all
1816 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
1817 how = fxdr_unsigned(int, *tl);
1819 case NFSV3CREATE_GUARDED:
1825 case NFSV3CREATE_UNCHECKED:
1828 case NFSV3CREATE_EXCLUSIVE:
1829 cp = nfsm_dissect_nonblock(caddr_t, NFSX_V3CREATEVERF);
1830 bcopy(cp, cverf, NFSX_V3CREATEVERF);
1834 vap->va_type = VREG;
1836 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
1837 vap->va_type = IFTOVT(fxdr_unsigned(u_int32_t, sp->sa_mode));
1838 if (vap->va_type == VNON)
1839 vap->va_type = VREG;
1840 vap->va_mode = nfstov_mode(sp->sa_mode);
1841 switch (vap->va_type) {
1843 tsize = fxdr_unsigned(int32_t, sp->sa_size);
1845 vap->va_size = (u_quad_t)tsize;
1850 rdev = fxdr_unsigned(long, sp->sa_size);
1858 * Iff doesn't exist, create it
1859 * otherwise just truncate to 0 length
1860 * should I set the mode too ?
1862 * The only possible error we can have at this point is EEXIST.
1863 * nd.ni_vp will also be non-NULL in that case.
1866 mtx_lock(&Giant); /* VFS */
1867 if (nd.ni_vp == NULL) {
1868 if (vap->va_mode == (mode_t)VNOVAL)
1870 if (vap->va_type == VREG || vap->va_type == VSOCK) {
1871 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1873 NDFREE(&nd, NDF_ONLY_PNBUF);
1875 if (exclusive_flag) {
1878 bcopy(cverf, (caddr_t)&vap->va_atime,
1880 error = VOP_SETATTR(nd.ni_vp, vap, cred,
1884 } else if (vap->va_type == VCHR || vap->va_type == VBLK ||
1885 vap->va_type == VFIFO) {
1887 * NFSv2-specific code for creating device nodes
1890 * Handle SysV FIFO node special cases. All other
1891 * devices require super user to access.
1893 if (vap->va_type == VCHR && rdev == 0xffffffff)
1894 vap->va_type = VFIFO;
1895 if (vap->va_type != VFIFO &&
1896 (error = suser_cred(cred, 0))) {
1899 vap->va_rdev = rdev;
1900 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1902 NDFREE(&nd, NDF_ONLY_PNBUF);
1909 * release dvp prior to lookup
1917 * Even though LOCKPARENT was cleared, ni_dvp may
1920 nd.ni_cnd.cn_nameiop = LOOKUP;
1921 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
1922 nd.ni_cnd.cn_thread = td;
1923 nd.ni_cnd.cn_cred = cred;
1925 error = lookup(&nd);
1930 if (nd.ni_cnd.cn_flags & ISSYMLINK) {
1938 if (vap->va_size != -1) {
1939 error = nfsrv_access_withgiant(nd.ni_vp, VWRITE,
1940 cred, (nd.ni_cnd.cn_flags & RDONLY), td, 0);
1942 tempsize = vap->va_size;
1944 vap->va_size = tempsize;
1945 error = VOP_SETATTR(nd.ni_vp, vap, cred,
1952 bzero((caddr_t)fhp, sizeof(nfh));
1953 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
1954 error = VFS_VPTOFH(nd.ni_vp, &fhp->fh_fid);
1956 error = VOP_GETATTR(nd.ni_vp, vap, cred, td);
1959 if (exclusive_flag && !error &&
1960 bcmp(cverf, (caddr_t)&vap->va_atime, NFSX_V3CREATEVERF))
1962 if (dirp == nd.ni_dvp)
1963 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
1965 /* Drop the other locks to avoid deadlock. */
1967 if (nd.ni_dvp == nd.ni_vp)
1977 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
1978 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
1979 VOP_UNLOCK(dirp, 0, td);
1983 NFSD_UNLOCK_ASSERT();
1984 mtx_unlock(&Giant); /* VFS */
1988 nfsm_reply(NFSX_SRVFH(v3) + NFSX_FATTR(v3) + NFSX_WCCDATA(v3));
1991 nfsm_srvpostop_fh(fhp);
1992 nfsm_srvpostop_attr(0, vap);
1994 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1995 } else if (!error) {
1996 /* v2 non-error case. */
1997 nfsm_srvfhtom(fhp, v3);
1998 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1999 nfsm_srvfillattr(vap, fp);
2006 mtx_lock(&Giant); /* VFS */
2007 if (nd.ni_startdir) {
2008 vrele(nd.ni_startdir);
2009 nd.ni_startdir = NULL;
2013 NDFREE(&nd, NDF_ONLY_PNBUF);
2015 if (nd.ni_dvp == nd.ni_vp)
2022 vn_finished_write(mp);
2023 mtx_unlock(&Giant); /* VFS */
2029 * nfs v3 mknod service
2032 nfsrv_mknod(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2033 struct thread *td, struct mbuf **mrq)
2035 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2036 struct sockaddr *nam = nfsd->nd_nam;
2037 caddr_t dpos = nfsd->nd_dpos;
2038 struct ucred *cred = &nfsd->nd_cr;
2039 struct vattr va, dirfor, diraft;
2040 struct vattr *vap = &va;
2042 struct nameidata nd;
2044 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2045 u_int32_t major, minor;
2047 struct mbuf *mb, *mreq;
2048 struct vnode *vp, *dirp = NULL;
2051 struct mount *mp = NULL;
2052 int v3 = (nfsd->nd_flag & ND_NFSV3);
2056 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2058 panic("nfsrv_mknod: v3 proc called on a v2 connection");
2061 fhp = &nfh.fh_generic;
2063 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2068 mtx_lock(&Giant); /* VFS */
2069 (void) vn_start_write(NULL, &mp, V_WAIT);
2070 mtx_unlock(&Giant); /* VFS */
2072 nfsm_srvnamesiz(len);
2074 nd.ni_cnd.cn_cred = cred;
2075 nd.ni_cnd.cn_nameiop = CREATE;
2076 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART;
2079 * Handle nfs_namei() call. If an error occurs, the nd structure
2080 * is not valid. However, nfsm_*() routines may still jump to
2084 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
2085 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2087 nfsm_reply(NFSX_WCCDATA(1));
2088 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2092 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
2093 vtyp = nfsv3tov_type(*tl);
2094 if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
2095 error = NFSERR_BADTYPE;
2100 if (vtyp == VCHR || vtyp == VBLK) {
2101 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
2102 major = fxdr_unsigned(u_int32_t, *tl++);
2103 minor = fxdr_unsigned(u_int32_t, *tl);
2104 vap->va_rdev = makedev(major, minor);
2108 * Iff doesn't exist, create it.
2114 vap->va_type = vtyp;
2115 if (vap->va_mode == (mode_t)VNOVAL)
2118 mtx_lock(&Giant); /* VFS */
2119 if (vtyp == VSOCK) {
2120 vrele(nd.ni_startdir);
2121 nd.ni_startdir = NULL;
2122 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
2124 NDFREE(&nd, NDF_ONLY_PNBUF);
2126 if (vtyp != VFIFO && (error = suser_cred(cred, 0)))
2128 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
2130 NDFREE(&nd, NDF_ONLY_PNBUF);
2137 * Release dvp prior to lookup
2142 nd.ni_cnd.cn_nameiop = LOOKUP;
2143 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
2144 nd.ni_cnd.cn_thread = td;
2145 nd.ni_cnd.cn_cred = td->td_ucred;
2147 error = lookup(&nd);
2152 if (nd.ni_cnd.cn_flags & ISSYMLINK)
2157 * send response, cleanup, return.
2160 NFSD_UNLOCK_ASSERT();
2161 if (nd.ni_startdir) {
2162 vrele(nd.ni_startdir);
2163 nd.ni_startdir = NULL;
2165 NDFREE(&nd, NDF_ONLY_PNBUF);
2167 if (nd.ni_dvp == nd.ni_vp)
2175 bzero((caddr_t)fhp, sizeof(nfh));
2176 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
2177 error = VFS_VPTOFH(vp, &fhp->fh_fid);
2179 error = VOP_GETATTR(vp, vap, cred, td);
2187 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2188 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2189 VOP_UNLOCK(dirp, 0, td);
2191 mtx_unlock(&Giant); /* VFS */
2195 nfsm_reply(NFSX_SRVFH(1) + NFSX_POSTOPATTR(1) + NFSX_WCCDATA(1));
2198 nfsm_srvpostop_fh(fhp);
2199 nfsm_srvpostop_attr(0, vap);
2201 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2204 mtx_lock(&Giant); /* VFS */
2205 vn_finished_write(mp);
2206 mtx_unlock(&Giant); /* VFS */
2212 mtx_lock(&Giant); /* VFS */
2216 vrele(nd.ni_startdir);
2217 NDFREE(&nd, NDF_ONLY_PNBUF);
2219 if (nd.ni_dvp == nd.ni_vp)
2226 vn_finished_write(mp);
2227 mtx_unlock(&Giant); /* VFS */
2233 * nfs remove service
2236 nfsrv_remove(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2237 struct thread *td, struct mbuf **mrq)
2239 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2240 struct sockaddr *nam = nfsd->nd_nam;
2241 caddr_t dpos = nfsd->nd_dpos;
2242 struct ucred *cred = &nfsd->nd_cr;
2243 struct nameidata nd;
2245 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2246 int v3 = (nfsd->nd_flag & ND_NFSV3);
2247 struct mbuf *mb, *mreq;
2249 struct vattr dirfor, diraft;
2252 struct mount *mp = NULL;
2256 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2259 fhp = &nfh.fh_generic;
2261 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2266 mtx_lock(&Giant); /* VFS */
2267 (void) vn_start_write(NULL, &mp, V_WAIT);
2268 mtx_unlock(&Giant); /* VFS */
2270 nfsm_srvnamesiz(len);
2272 nd.ni_cnd.cn_cred = cred;
2273 nd.ni_cnd.cn_nameiop = DELETE;
2274 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
2275 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
2276 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2278 mtx_lock(&Giant); /* VFS */
2284 if (nd.ni_vp->v_type == VDIR) {
2285 error = EPERM; /* POSIX */
2289 * The root of a mounted filesystem cannot be deleted.
2291 if (nd.ni_vp->v_vflag & VV_ROOT) {
2296 NFSD_UNLOCK_ASSERT();
2298 error = VOP_REMOVE(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
2299 NDFREE(&nd, NDF_ONLY_PNBUF);
2303 if (dirp == nd.ni_dvp)
2304 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2306 /* Drop the other locks to avoid deadlock. */
2308 if (nd.ni_dvp == nd.ni_vp)
2318 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2319 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2320 VOP_UNLOCK(dirp, 0, td);
2325 mtx_unlock(&Giant); /* VFS */
2329 nfsm_reply(NFSX_WCCDATA(v3));
2331 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2337 mtx_lock(&Giant); /* VFS */
2338 NDFREE(&nd, NDF_ONLY_PNBUF);
2340 if (nd.ni_dvp == nd.ni_vp)
2347 vn_finished_write(mp);
2348 mtx_unlock(&Giant); /* VFS */
2354 * nfs rename service
2357 nfsrv_rename(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2358 struct thread *td, struct mbuf **mrq)
2360 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2361 struct sockaddr *nam = nfsd->nd_nam;
2362 caddr_t dpos = nfsd->nd_dpos;
2363 struct ucred *cred = &nfsd->nd_cr;
2365 int error = 0, len, len2, fdirfor_ret = 1, fdiraft_ret = 1;
2366 int tdirfor_ret = 1, tdiraft_ret = 1;
2367 int v3 = (nfsd->nd_flag & ND_NFSV3);
2368 struct mbuf *mb, *mreq;
2369 struct nameidata fromnd, tond;
2370 struct vnode *fvp, *tvp, *tdvp, *fdirp = NULL;
2371 struct vnode *tdirp = NULL;
2372 struct vattr fdirfor, fdiraft, tdirfor, tdiraft;
2374 fhandle_t *ffhp, *tfhp;
2376 struct mount *mp = NULL;
2380 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2384 ffhp = &fnfh.fh_generic;
2385 tfhp = &tnfh.fh_generic;
2388 * Clear fields incase goto nfsmout occurs from macro.
2394 nfsm_srvmtofh(ffhp);
2395 if ((mp = vfs_getvfs(&ffhp->fh_fsid)) == NULL) {
2401 (void) vn_start_write(NULL, &mp, V_WAIT);
2404 nfsm_srvnamesiz(len);
2406 * Remember our original uid so that we can reset cr_uid before
2407 * the second nfs_namei() call, in case it is remapped.
2409 saved_uid = cred->cr_uid;
2410 fromnd.ni_cnd.cn_cred = cred;
2411 fromnd.ni_cnd.cn_nameiop = DELETE;
2412 fromnd.ni_cnd.cn_flags = WANTPARENT | SAVESTART;
2413 error = nfs_namei(&fromnd, ffhp, len, slp, nam, &md,
2414 &dpos, &fdirp, v3, &fdirfor, &fdirfor_ret, td, FALSE);
2417 mtx_lock(&Giant); /* VFS */
2419 mtx_unlock(&Giant); /* VFS */
2424 nfsm_reply(2 * NFSX_WCCDATA(v3));
2426 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
2427 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
2433 nfsm_srvmtofh(tfhp);
2434 nfsm_srvnamesiz(len2);
2435 cred->cr_uid = saved_uid;
2436 tond.ni_cnd.cn_cred = cred;
2437 tond.ni_cnd.cn_nameiop = RENAME;
2438 tond.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART;
2439 error = nfs_namei(&tond, tfhp, len2, slp, nam, &md,
2440 &dpos, &tdirp, v3, &tdirfor, &tdirfor_ret, td, FALSE);
2442 mtx_lock(&Giant); /* VFS */
2448 mtx_unlock(&Giant); /* VFS */
2456 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
2462 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
2469 if (tvp->v_type == VDIR && tvp->v_mountedhere) {
2477 if (fvp->v_type == VDIR && fvp->v_mountedhere) {
2484 if (fvp->v_mount != tdvp->v_mount) {
2498 * If source is the same as the destination (that is the
2499 * same vnode with the same name in the same directory),
2500 * then there is nothing to do.
2502 if (fvp == tvp && fromnd.ni_dvp == tdvp &&
2503 fromnd.ni_cnd.cn_namelen == tond.ni_cnd.cn_namelen &&
2504 !bcmp(fromnd.ni_cnd.cn_nameptr, tond.ni_cnd.cn_nameptr,
2505 fromnd.ni_cnd.cn_namelen))
2508 NFSD_UNLOCK_ASSERT();
2511 * The VOP_RENAME function releases all vnode references &
2512 * locks prior to returning so we need to clear the pointers
2513 * to bypass cleanup code later on.
2515 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
2516 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
2517 fromnd.ni_dvp = NULL;
2518 fromnd.ni_vp = NULL;
2522 fromnd.ni_cnd.cn_flags &= ~HASBUF;
2523 tond.ni_cnd.cn_flags &= ~HASBUF;
2531 mtx_unlock(&Giant); /* VFS */
2535 nfsm_reply(2 * NFSX_WCCDATA(v3));
2537 /* Release existing locks to prevent deadlock. */
2539 mtx_lock(&Giant); /* VFS */
2541 if (tond.ni_dvp == tond.ni_vp)
2552 vn_lock(fdirp, LK_EXCLUSIVE | LK_RETRY, td);
2553 fdiraft_ret = VOP_GETATTR(fdirp, &fdiraft, cred, td);
2554 VOP_UNLOCK(fdirp, 0, td);
2557 vn_lock(tdirp, LK_EXCLUSIVE | LK_RETRY, td);
2558 tdiraft_ret = VOP_GETATTR(tdirp, &tdiraft, cred, td);
2559 VOP_UNLOCK(tdirp, 0, td);
2561 mtx_unlock(&Giant); /* VFS */
2563 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
2564 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
2571 * Clear out tond related fields
2575 mtx_lock(&Giant); /* VFS */
2578 if (tond.ni_startdir)
2579 vrele(tond.ni_startdir);
2580 NDFREE(&tond, NDF_ONLY_PNBUF);
2582 if (tond.ni_dvp == tond.ni_vp)
2591 * Clear out fromnd related fields
2595 if (fromnd.ni_startdir)
2596 vrele(fromnd.ni_startdir);
2597 NDFREE(&fromnd, NDF_ONLY_PNBUF);
2599 vrele(fromnd.ni_dvp);
2601 vrele(fromnd.ni_vp);
2603 vn_finished_write(mp);
2604 mtx_unlock(&Giant); /* VFS */
2613 nfsrv_link(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2614 struct thread *td, struct mbuf **mrq)
2616 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2617 struct sockaddr *nam = nfsd->nd_nam;
2618 caddr_t dpos = nfsd->nd_dpos;
2619 struct ucred *cred = &nfsd->nd_cr;
2620 struct nameidata nd;
2622 int error = 0, rdonly, len, dirfor_ret = 1, diraft_ret = 1;
2623 int getret = 1, v3 = (nfsd->nd_flag & ND_NFSV3);
2624 struct mbuf *mb, *mreq;
2625 struct vnode *vp = NULL, *xp, *dirp = NULL;
2626 struct vattr dirfor, diraft, at;
2628 fhandle_t *fhp, *dfhp;
2629 struct mount *mp = NULL;
2633 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2636 fhp = &nfh.fh_generic;
2637 dfhp = &dnfh.fh_generic;
2639 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2644 mtx_lock(&Giant); /* VFS */
2645 (void) vn_start_write(NULL, &mp, V_WAIT);
2646 mtx_unlock(&Giant); /* VFS */
2648 nfsm_srvmtofh(dfhp);
2649 nfsm_srvnamesiz(len);
2651 error = nfsrv_fhtovp(fhp, TRUE, &vp, cred, slp, nam, &rdonly, TRUE);
2653 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2655 nfsm_srvpostop_attr(getret, &at);
2656 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2663 mtx_lock(&Giant); /* VFS */
2665 getret = VOP_GETATTR(vp, &at, cred, td);
2666 if (vp->v_type == VDIR) {
2667 error = EPERM; /* POSIX */
2670 VOP_UNLOCK(vp, 0, td);
2671 nd.ni_cnd.cn_cred = cred;
2672 nd.ni_cnd.cn_nameiop = CREATE;
2673 nd.ni_cnd.cn_flags = LOCKPARENT;
2674 mtx_unlock(&Giant); /* VFS */
2676 error = nfs_namei(&nd, dfhp, len, slp, nam, &md, &dpos,
2677 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2679 mtx_lock(&Giant); /* VFS */
2697 if (vp->v_mount != xp->v_mount) {
2703 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2704 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
2705 NDFREE(&nd, NDF_ONLY_PNBUF);
2710 getret = VOP_GETATTR(vp, &at, cred, td);
2713 if (dirp == nd.ni_dvp)
2714 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2716 /* Release existing locks to prevent deadlock. */
2718 if (nd.ni_dvp == nd.ni_vp)
2728 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2729 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2730 VOP_UNLOCK(dirp, 0, td);
2733 mtx_unlock(&Giant); /* VFS */
2737 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2739 nfsm_srvpostop_attr(getret, &at);
2740 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2748 mtx_lock(&Giant); /* VFS */
2749 NDFREE(&nd, NDF_ONLY_PNBUF);
2755 if (nd.ni_dvp == nd.ni_vp)
2762 vn_finished_write(mp);
2763 mtx_unlock(&Giant); /* VFS */
2769 * nfs symbolic link service
2772 nfsrv_symlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2773 struct thread *td, struct mbuf **mrq)
2775 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2776 struct sockaddr *nam = nfsd->nd_nam;
2777 caddr_t dpos = nfsd->nd_dpos;
2778 struct ucred *cred = &nfsd->nd_cr;
2779 struct vattr va, dirfor, diraft;
2780 struct nameidata nd;
2781 struct vattr *vap = &va;
2782 struct nfsv2_sattr *sp;
2783 char *bpos, *pathcp = NULL;
2786 int error = 0, len, len2, dirfor_ret = 1, diraft_ret = 1;
2787 int v3 = (nfsd->nd_flag & ND_NFSV3);
2788 struct mbuf *mb, *mreq;
2789 struct vnode *dirp = NULL;
2792 struct mount *mp = NULL;
2796 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2799 fhp = &nfh.fh_generic;
2801 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2803 mtx_lock(&Giant); /* VFS */
2808 mtx_lock(&Giant); /* VFS */
2809 (void) vn_start_write(NULL, &mp, V_WAIT);
2810 mtx_unlock(&Giant); /* VFS */
2812 nfsm_srvnamesiz(len);
2813 nd.ni_cnd.cn_cred = cred;
2814 nd.ni_cnd.cn_nameiop = CREATE;
2815 nd.ni_cnd.cn_flags = LOCKPARENT | SAVESTART;
2816 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
2817 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2819 mtx_lock(&Giant); /* VFS */
2830 nfsm_srvpathsiz(len2);
2831 MALLOC(pathcp, caddr_t, len2 + 1, M_TEMP, M_WAITOK);
2832 iv.iov_base = pathcp;
2834 io.uio_resid = len2;
2838 io.uio_segflg = UIO_SYSSPACE;
2839 io.uio_rw = UIO_READ;
2841 nfsm_mtouio(&io, len2);
2843 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
2844 vap->va_mode = nfstov_mode(sp->sa_mode);
2846 *(pathcp + len2) = '\0';
2853 * issue symlink op. SAVESTART is set so the underlying path component
2854 * is only freed by the VOP if an error occurs.
2856 if (vap->va_mode == (mode_t)VNOVAL)
2858 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap, pathcp);
2860 NDFREE(&nd, NDF_ONLY_PNBUF);
2865 * releases directory prior to potential lookup op.
2873 * Issue lookup. Leave SAVESTART set so we can easily free
2874 * the name buffer later on.
2876 * since LOCKPARENT is not set, ni_dvp will be garbage on
2877 * return whether an error occurs or not.
2879 nd.ni_cnd.cn_nameiop = LOOKUP;
2880 nd.ni_cnd.cn_flags &= ~(LOCKPARENT | FOLLOW);
2881 nd.ni_cnd.cn_flags |= (NOFOLLOW | LOCKLEAF);
2882 nd.ni_cnd.cn_thread = td;
2883 nd.ni_cnd.cn_cred = cred;
2885 error = lookup(&nd);
2889 bzero((caddr_t)fhp, sizeof(nfh));
2890 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
2891 error = VFS_VPTOFH(nd.ni_vp, &fhp->fh_fid);
2893 error = VOP_GETATTR(nd.ni_vp, vap, cred,
2901 NFSD_UNLOCK_ASSERT();
2903 * These releases aren't strictly required, does even doing them
2904 * make any sense? XXX can nfsm_reply() block?
2907 FREE(pathcp, M_TEMP);
2911 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2912 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2913 VOP_UNLOCK(dirp, 0, td);
2915 if (nd.ni_startdir) {
2916 vrele(nd.ni_startdir);
2917 nd.ni_startdir = NULL;
2919 mtx_unlock(&Giant); /* VFS */
2921 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2924 nfsm_srvpostop_fh(fhp);
2925 nfsm_srvpostop_attr(0, vap);
2927 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2935 mtx_lock(&Giant); /* VFS */
2936 NDFREE(&nd, NDF_ONLY_PNBUF);
2938 if (nd.ni_dvp == nd.ni_vp)
2946 vrele(nd.ni_startdir);
2950 FREE(pathcp, M_TEMP);
2952 vn_finished_write(mp);
2953 mtx_unlock(&Giant); /* VFS */
2962 nfsrv_mkdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2963 struct thread *td, struct mbuf **mrq)
2965 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2966 struct sockaddr *nam = nfsd->nd_nam;
2967 caddr_t dpos = nfsd->nd_dpos;
2968 struct ucred *cred = &nfsd->nd_cr;
2969 struct vattr va, dirfor, diraft;
2970 struct vattr *vap = &va;
2971 struct nfs_fattr *fp;
2972 struct nameidata nd;
2975 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2976 int v3 = (nfsd->nd_flag & ND_NFSV3);
2977 struct mbuf *mb, *mreq;
2978 struct vnode *dirp = NULL;
2982 struct mount *mp = NULL;
2986 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2989 fhp = &nfh.fh_generic;
2991 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2993 mtx_lock(&Giant); /* VFS */
2998 mtx_lock(&Giant); /* VFS */
2999 (void) vn_start_write(NULL, &mp, V_WAIT);
3000 mtx_unlock(&Giant); /* VFS */
3002 nfsm_srvnamesiz(len);
3003 nd.ni_cnd.cn_cred = cred;
3004 nd.ni_cnd.cn_nameiop = CREATE;
3005 nd.ni_cnd.cn_flags = LOCKPARENT;
3007 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
3008 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
3011 mtx_lock(&Giant); /* VFS */
3013 mtx_unlock(&Giant); /* VFS */
3018 nfsm_reply(NFSX_WCCDATA(v3));
3020 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3028 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
3029 vap->va_mode = nfstov_mode(*tl++);
3033 * At this point nd.ni_dvp is referenced and exclusively locked and
3034 * nd.ni_vp, if it exists, is referenced but not locked.
3038 mtx_lock(&Giant); /* VFS */
3039 vap->va_type = VDIR;
3040 if (nd.ni_vp != NULL) {
3041 NDFREE(&nd, NDF_ONLY_PNBUF);
3047 * Issue mkdir op. Since SAVESTART is not set, the pathname
3048 * component is freed by the VOP call. This will fill-in
3049 * nd.ni_vp, reference, and exclusively lock it.
3051 if (vap->va_mode == (mode_t)VNOVAL)
3053 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
3054 NDFREE(&nd, NDF_ONLY_PNBUF);
3061 bzero((caddr_t)fhp, sizeof(nfh));
3062 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
3063 error = VFS_VPTOFH(nd.ni_vp, &fhp->fh_fid);
3065 error = VOP_GETATTR(nd.ni_vp, vap, cred, td);
3068 NFSD_UNLOCK_ASSERT();
3070 if (dirp == nd.ni_dvp) {
3071 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3073 /* Release existing locks to prevent deadlock. */
3075 NDFREE(&nd, NDF_ONLY_PNBUF);
3076 if (nd.ni_dvp == nd.ni_vp && vpexcl)
3089 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
3090 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3091 VOP_UNLOCK(dirp, 0, td);
3094 mtx_unlock(&Giant); /* VFS */
3096 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
3099 nfsm_srvpostop_fh(fhp);
3100 nfsm_srvpostop_attr(0, vap);
3102 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3103 } else if (!error) {
3104 /* v2 non-error case. */
3105 nfsm_srvfhtom(fhp, v3);
3106 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
3107 nfsm_srvfillattr(vap, fp);
3115 mtx_lock(&Giant); /* VFS */
3119 NDFREE(&nd, NDF_ONLY_PNBUF);
3120 if (nd.ni_dvp == nd.ni_vp && vpexcl)
3131 vn_finished_write(mp);
3132 mtx_unlock(&Giant); /* VFS */
3141 nfsrv_rmdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3142 struct thread *td, struct mbuf **mrq)
3144 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3145 struct sockaddr *nam = nfsd->nd_nam;
3146 caddr_t dpos = nfsd->nd_dpos;
3147 struct ucred *cred = &nfsd->nd_cr;
3149 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
3150 int v3 = (nfsd->nd_flag & ND_NFSV3);
3151 struct mbuf *mb, *mreq;
3152 struct vnode *vp, *dirp = NULL;
3153 struct vattr dirfor, diraft;
3156 struct nameidata nd;
3157 struct mount *mp = NULL;
3161 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3164 fhp = &nfh.fh_generic;
3166 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
3171 mtx_lock(&Giant); /* VFS */
3172 (void) vn_start_write(NULL, &mp, V_WAIT);
3173 mtx_unlock(&Giant); /* VFS */
3175 nfsm_srvnamesiz(len);
3176 nd.ni_cnd.cn_cred = cred;
3177 nd.ni_cnd.cn_nameiop = DELETE;
3178 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
3179 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
3180 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
3183 mtx_lock(&Giant); /* VFS */
3185 mtx_unlock(&Giant); /* VFS */
3190 nfsm_reply(NFSX_WCCDATA(v3));
3192 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3197 if (vp->v_type != VDIR) {
3202 * No rmdir "." please.
3204 if (nd.ni_dvp == vp) {
3209 * The root of a mounted filesystem cannot be deleted.
3211 if (vp->v_vflag & VV_ROOT)
3215 * Issue or abort op. Since SAVESTART is not set, path name
3216 * component is freed by the VOP after either.
3220 mtx_lock(&Giant); /* VFS */
3222 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3223 NDFREE(&nd, NDF_ONLY_PNBUF);
3226 if (dirp == nd.ni_dvp)
3227 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3229 /* Release existing locks to prevent deadlock. */
3231 if (nd.ni_dvp == nd.ni_vp)
3240 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
3241 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3242 VOP_UNLOCK(dirp, 0, td);
3245 mtx_unlock(&Giant); /* VFS */
3247 nfsm_reply(NFSX_WCCDATA(v3));
3250 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3256 mtx_lock(&Giant); /* VFS */
3257 NDFREE(&nd, NDF_ONLY_PNBUF);
3261 if (nd.ni_dvp == nd.ni_vp)
3269 vn_finished_write(mp);
3270 mtx_unlock(&Giant); /* VFS */
3276 * nfs readdir service
3277 * - mallocs what it thinks is enough to read
3278 * count rounded up to a multiple of NFS_DIRBLKSIZ <= NFS_MAXREADDIR
3279 * - calls VOP_READDIR()
3280 * - loops around building the reply
3281 * if the output generated exceeds count break out of loop
3282 * The nfsm_clget macro is used here so that the reply will be packed
3283 * tightly in mbuf clusters.
3284 * - it only knows that it has encountered eof when the VOP_READDIR()
3286 * - as such one readdir rpc will return eof false although you are there
3287 * and then the next will return eof
3288 * - it trims out records with d_fileno == 0
3289 * this doesn't matter for Unix clients, but they might confuse clients
3291 * NB: It is tempting to set eof to true if the VOP_READDIR() reads less
3292 * than requested, but this may not apply to all filesystems. For
3293 * example, client NFS does not { although it is never remote mounted
3295 * The alternate call nfsrv_readdirplus() does lookups as well.
3296 * PS: The NFS protocol spec. does not clarify what the "count" byte
3297 * argument is a count of.. just name strings and file id's or the
3298 * entire reply rpc or ...
3299 * I tried just file name and id sizes and it confused the Sun client,
3300 * so I am using the full rpc size now. The "paranoia.." comment refers
3301 * to including the status longwords that are not a part of the dir.
3302 * "entry" structures, but are in the rpc.
3306 u_int32_t fl_postopok;
3307 u_int32_t fl_fattr[NFSX_V3FATTR / sizeof (u_int32_t)];
3309 u_int32_t fl_fhsize;
3310 u_int32_t fl_nfh[NFSX_V3FH / sizeof (u_int32_t)];
3314 nfsrv_readdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3315 struct thread *td, struct mbuf **mrq)
3317 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3318 struct sockaddr *nam = nfsd->nd_nam;
3319 caddr_t dpos = nfsd->nd_dpos;
3320 struct ucred *cred = &nfsd->nd_cr;
3327 struct mbuf *mb, *mreq;
3328 char *cpos, *cend, *rbuf;
3329 struct vnode *vp = NULL;
3335 int len, nlen, rem, xfer, tsiz, i, error = 0, getret = 1;
3336 int siz, cnt, fullsiz, eofflag, rdonly, ncookies;
3337 int v3 = (nfsd->nd_flag & ND_NFSV3);
3338 u_quad_t off, toff, verf;
3339 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
3343 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3344 fhp = &nfh.fh_generic;
3347 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
3348 toff = fxdr_hyper(tl);
3350 verf = fxdr_hyper(tl);
3353 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
3354 toff = fxdr_unsigned(u_quad_t, *tl++);
3355 verf = 0; /* shut up gcc */
3358 cnt = fxdr_unsigned(int, *tl);
3359 siz = ((cnt + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3360 xfer = NFS_SRVMAXDATA(nfsd);
3366 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
3367 if (!error && vp->v_type != VDIR) {
3370 mtx_lock(&Giant); /* VFS */
3372 mtx_unlock(&Giant); /* VFS */
3377 nfsm_reply(NFSX_UNSIGNED);
3379 nfsm_srvpostop_attr(getret, &at);
3385 * Obtain lock on vnode for this section of the code
3388 mtx_lock(&Giant); /* VFS */
3390 error = getret = VOP_GETATTR(vp, &at, cred, td);
3393 * XXX This check may be too strict for Solaris 2.5 clients.
3395 if (!error && toff && verf && verf != at.va_filerev)
3396 error = NFSERR_BAD_COOKIE;
3400 error = nfsrv_access_withgiant(vp, VEXEC, cred, rdonly, td, 0);
3403 mtx_unlock(&Giant); /* VFS */
3406 nfsm_reply(NFSX_POSTOPATTR(v3));
3408 nfsm_srvpostop_attr(getret, &at);
3412 VOP_UNLOCK(vp, 0, td);
3415 * end section. Allocate rbuf and continue
3417 MALLOC(rbuf, caddr_t, siz, M_TEMP, M_WAITOK);
3419 NFSD_UNLOCK_ASSERT();
3421 iv.iov_len = fullsiz;
3424 io.uio_offset = (off_t)off;
3425 io.uio_resid = fullsiz;
3426 io.uio_segflg = UIO_SYSSPACE;
3427 io.uio_rw = UIO_READ;
3430 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3432 free((caddr_t)cookies, M_TEMP);
3435 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
3436 off = (off_t)io.uio_offset;
3437 if (!cookies && !error)
3438 error = NFSERR_PERM;
3440 getret = VOP_GETATTR(vp, &at, cred, td);
3444 VOP_UNLOCK(vp, 0, td);
3447 mtx_unlock(&Giant); /* VFS */
3449 free((caddr_t)rbuf, M_TEMP);
3451 free((caddr_t)cookies, M_TEMP);
3453 nfsm_reply(NFSX_POSTOPATTR(v3));
3455 nfsm_srvpostop_attr(getret, &at);
3460 siz -= io.uio_resid;
3463 * If nothing read, return eof
3468 mtx_unlock(&Giant); /* VFS */
3471 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) +
3474 nfsm_srvpostop_attr(getret, &at);
3475 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
3476 txdr_hyper(at.va_filerev, tl);
3479 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3480 *tl++ = nfsrv_nfs_false;
3481 *tl = nfsrv_nfs_true;
3482 FREE((caddr_t)rbuf, M_TEMP);
3483 FREE((caddr_t)cookies, M_TEMP);
3490 * Check for degenerate cases of nothing useful read.
3491 * If so go try again
3495 dp = (struct dirent *)cpos;
3498 * For some reason FreeBSD's ufs_readdir() chooses to back the
3499 * directory offset up to a block boundary, so it is necessary to
3500 * skip over the records that precede the requested offset. This
3501 * requires the assumption that file offset cookies monotonically
3504 while (cpos < cend && ncookies > 0 &&
3505 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
3506 ((u_quad_t)(*cookiep)) <= toff)) {
3507 cpos += dp->d_reclen;
3508 dp = (struct dirent *)cpos;
3512 if (cpos >= cend || ncookies == 0) {
3518 mtx_unlock(&Giant); /* VFS */
3520 len = 3 * NFSX_UNSIGNED; /* paranoia, probably can be 0 */
3521 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) + siz);
3523 nfsm_srvpostop_attr(getret, &at);
3524 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3525 txdr_hyper(at.va_filerev, tl);
3529 be = bp + M_TRAILINGSPACE(mp);
3531 /* Loop through the records and build reply */
3532 while (cpos < cend && ncookies > 0) {
3533 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
3534 nlen = dp->d_namlen;
3535 rem = nfsm_rndup(nlen) - nlen;
3536 len += (4 * NFSX_UNSIGNED + nlen + rem);
3538 len += 2 * NFSX_UNSIGNED;
3544 * Build the directory record xdr from
3548 *tl = nfsrv_nfs_true;
3549 bp += NFSX_UNSIGNED;
3553 bp += NFSX_UNSIGNED;
3556 *tl = txdr_unsigned(dp->d_fileno);
3557 bp += NFSX_UNSIGNED;
3559 *tl = txdr_unsigned(nlen);
3560 bp += NFSX_UNSIGNED;
3562 /* And loop around copying the name */
3571 bcopy(cp, bp, tsiz);
3577 /* And null pad to an int32_t boundary. */
3578 for (i = 0; i < rem; i++)
3582 /* Finish off the record */
3585 bp += NFSX_UNSIGNED;
3588 *tl = txdr_unsigned(*cookiep);
3589 bp += NFSX_UNSIGNED;
3591 cpos += dp->d_reclen;
3592 dp = (struct dirent *)cpos;
3597 mtx_lock(&Giant); /* VFS */
3599 mtx_unlock(&Giant); /* VFS */
3603 *tl = nfsrv_nfs_false;
3604 bp += NFSX_UNSIGNED;
3607 *tl = nfsrv_nfs_true;
3609 *tl = nfsrv_nfs_false;
3610 bp += NFSX_UNSIGNED;
3613 mp->m_len = bp - mtod(mp, caddr_t);
3615 mp->m_len += bp - bpos;
3616 FREE((caddr_t)rbuf, M_TEMP);
3617 FREE((caddr_t)cookies, M_TEMP);
3623 mtx_lock(&Giant); /* VFS */
3625 mtx_unlock(&Giant); /* VFS */
3632 nfsrv_readdirplus(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3633 struct thread *td, struct mbuf **mrq)
3635 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3636 struct sockaddr *nam = nfsd->nd_nam;
3637 caddr_t dpos = nfsd->nd_dpos;
3638 struct ucred *cred = &nfsd->nd_cr;
3645 struct mbuf *mb, *mreq;
3646 char *cpos, *cend, *rbuf;
3647 struct vnode *vp = NULL, *nvp;
3650 fhandle_t *fhp, *nfhp = (fhandle_t *)fl.fl_nfh;
3653 struct vattr va, at, *vap = &va;
3654 struct nfs_fattr *fp;
3655 int len, nlen, rem, xfer, tsiz, i, error = 0, getret = 1;
3656 int siz, cnt, fullsiz, eofflag, rdonly, dirlen, ncookies;
3657 u_quad_t off, toff, verf;
3658 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
3659 int v3 = (nfsd->nd_flag & ND_NFSV3);
3663 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3665 panic("nfsrv_readdirplus: v3 proc called on a v2 connection");
3666 fhp = &nfh.fh_generic;
3668 tl = nfsm_dissect_nonblock(u_int32_t *, 6 * NFSX_UNSIGNED);
3669 toff = fxdr_hyper(tl);
3671 verf = fxdr_hyper(tl);
3673 siz = fxdr_unsigned(int, *tl++);
3674 cnt = fxdr_unsigned(int, *tl);
3676 siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3677 xfer = NFS_SRVMAXDATA(nfsd);
3683 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
3684 if (!error && vp->v_type != VDIR) {
3687 mtx_lock(&Giant); /* VFS */
3689 mtx_unlock(&Giant); /* VFS */
3694 nfsm_reply(NFSX_UNSIGNED);
3695 nfsm_srvpostop_attr(getret, &at);
3700 mtx_lock(&Giant); /* VFS */
3701 error = getret = VOP_GETATTR(vp, &at, cred, td);
3704 * XXX This check may be too strict for Solaris 2.5 clients.
3706 if (!error && toff && verf && verf != at.va_filerev)
3707 error = NFSERR_BAD_COOKIE;
3710 error = nfsrv_access_withgiant(vp, VEXEC, cred, rdonly, td, 0);
3713 mtx_unlock(&Giant); /* VFS */
3716 nfsm_reply(NFSX_V3POSTOPATTR);
3717 nfsm_srvpostop_attr(getret, &at);
3721 VOP_UNLOCK(vp, 0, td);
3722 MALLOC(rbuf, caddr_t, siz, M_TEMP, M_WAITOK);
3724 NFSD_UNLOCK_ASSERT();
3726 iv.iov_len = fullsiz;
3729 io.uio_offset = (off_t)off;
3730 io.uio_resid = fullsiz;
3731 io.uio_segflg = UIO_SYSSPACE;
3732 io.uio_rw = UIO_READ;
3735 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3737 free((caddr_t)cookies, M_TEMP);
3740 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
3741 off = (u_quad_t)io.uio_offset;
3742 getret = VOP_GETATTR(vp, &at, cred, td);
3743 VOP_UNLOCK(vp, 0, td);
3744 if (!cookies && !error)
3745 error = NFSERR_PERM;
3750 mtx_unlock(&Giant); /* VFS */
3753 free((caddr_t)cookies, M_TEMP);
3754 free((caddr_t)rbuf, M_TEMP);
3756 nfsm_reply(NFSX_V3POSTOPATTR);
3757 nfsm_srvpostop_attr(getret, &at);
3762 siz -= io.uio_resid;
3765 * If nothing read, return eof
3770 mtx_unlock(&Giant); /* VFS */
3773 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3775 nfsm_srvpostop_attr(getret, &at);
3776 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
3777 txdr_hyper(at.va_filerev, tl);
3779 *tl++ = nfsrv_nfs_false;
3780 *tl = nfsrv_nfs_true;
3781 FREE((caddr_t)cookies, M_TEMP);
3782 FREE((caddr_t)rbuf, M_TEMP);
3789 * Check for degenerate cases of nothing useful read.
3790 * If so go try again
3794 dp = (struct dirent *)cpos;
3797 * For some reason FreeBSD's ufs_readdir() chooses to back the
3798 * directory offset up to a block boundary, so it is necessary to
3799 * skip over the records that precede the requested offset. This
3800 * requires the assumption that file offset cookies monotonically
3803 while (cpos < cend && ncookies > 0 &&
3804 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
3805 ((u_quad_t)(*cookiep)) <= toff)) {
3806 cpos += dp->d_reclen;
3807 dp = (struct dirent *)cpos;
3811 if (cpos >= cend || ncookies == 0) {
3818 * Probe one of the directory entries to see if the filesystem
3821 if (VFS_VGET(vp->v_mount, dp->d_fileno, LK_EXCLUSIVE, &nvp) ==
3823 error = NFSERR_NOTSUPP;
3825 mtx_unlock(&Giant); /* VFS */
3827 free((caddr_t)cookies, M_TEMP);
3828 free((caddr_t)rbuf, M_TEMP);
3830 nfsm_reply(NFSX_V3POSTOPATTR);
3831 nfsm_srvpostop_attr(getret, &at);
3836 mtx_unlock(&Giant); /* VFS */
3839 dirlen = len = NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3843 nfsm_srvpostop_attr(getret, &at);
3844 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3845 txdr_hyper(at.va_filerev, tl);
3848 be = bp + M_TRAILINGSPACE(mp);
3851 mtx_lock(&Giant); /* VFS */
3852 /* Loop through the records and build reply */
3853 while (cpos < cend && ncookies > 0) {
3854 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
3855 nlen = dp->d_namlen;
3856 rem = nfsm_rndup(nlen)-nlen;
3859 * For readdir_and_lookup get the vnode using
3862 if (VFS_VGET(vp->v_mount, dp->d_fileno, LK_EXCLUSIVE,
3865 bzero((caddr_t)nfhp, NFSX_V3FH);
3867 nvp->v_mount->mnt_stat.f_fsid;
3868 if (VFS_VPTOFH(nvp, &nfhp->fh_fid)) {
3873 if (VOP_GETATTR(nvp, vap, cred, td)) {
3882 * If either the dircount or maxcount will be
3883 * exceeded, get out now. Both of these lengths
3884 * are calculated conservatively, including all
3887 len += (8 * NFSX_UNSIGNED + nlen + rem + NFSX_V3FH +
3889 dirlen += (6 * NFSX_UNSIGNED + nlen + rem);
3890 if (len > cnt || dirlen > fullsiz) {
3896 * Build the directory record xdr from
3899 fp = (struct nfs_fattr *)&fl.fl_fattr;
3900 nfsm_srvfillattr(vap, fp);
3901 fl.fl_fhsize = txdr_unsigned(NFSX_V3FH);
3902 fl.fl_fhok = nfsrv_nfs_true;
3903 fl.fl_postopok = nfsrv_nfs_true;
3904 fl.fl_off.nfsuquad[0] = 0;
3905 fl.fl_off.nfsuquad[1] = txdr_unsigned(*cookiep);
3908 *tl = nfsrv_nfs_true;
3909 bp += NFSX_UNSIGNED;
3912 bp += NFSX_UNSIGNED;
3914 *tl = txdr_unsigned(dp->d_fileno);
3915 bp += NFSX_UNSIGNED;
3917 *tl = txdr_unsigned(nlen);
3918 bp += NFSX_UNSIGNED;
3920 /* And loop around copying the name */
3925 if ((bp + xfer) > be)
3929 bcopy(cp, bp, tsiz);
3935 /* And null pad to an int32_t boundary. */
3936 for (i = 0; i < rem; i++)
3940 * Now copy the flrep structure out.
3942 xfer = sizeof (struct flrep);
3946 if ((bp + xfer) > be)
3950 bcopy(cp, bp, tsiz);
3958 NFSD_UNLOCK_ASSERT();
3959 cpos += dp->d_reclen;
3960 dp = (struct dirent *)cpos;
3965 mtx_unlock(&Giant); /* VFS */
3968 *tl = nfsrv_nfs_false;
3969 bp += NFSX_UNSIGNED;
3973 *tl = nfsrv_nfs_true;
3975 *tl = nfsrv_nfs_false;
3976 bp += NFSX_UNSIGNED;
3979 mp->m_len = bp - mtod(mp, caddr_t);
3981 mp->m_len += bp - bpos;
3982 FREE((caddr_t)cookies, M_TEMP);
3983 FREE((caddr_t)rbuf, M_TEMP);
3988 mtx_lock(&Giant); /* VFS */
3990 mtx_unlock(&Giant); /* VFS */
3997 * nfs commit service
4000 nfsrv_commit(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4001 struct thread *td, struct mbuf **mrq)
4003 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4004 struct sockaddr *nam = nfsd->nd_nam;
4005 caddr_t dpos = nfsd->nd_dpos;
4006 struct ucred *cred = &nfsd->nd_cr;
4007 struct vattr bfor, aft;
4008 struct vnode *vp = NULL;
4013 int error = 0, rdonly, for_ret = 1, aft_ret = 1, cnt;
4014 struct mbuf *mb, *mreq;
4016 struct mount *mp = NULL;
4017 int v3 = (nfsd->nd_flag & ND_NFSV3);
4021 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4023 panic("nfsrv_commit: v3 proc called on a v2 connection");
4024 fhp = &nfh.fh_generic;
4026 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
4031 mtx_lock(&Giant); /* VFS */
4032 (void) vn_start_write(NULL, &mp, V_WAIT);
4033 mtx_unlock(&Giant); /* VFS */
4035 tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
4038 * XXX At this time VOP_FSYNC() does not accept offset and byte
4039 * count parameters, so these arguments are useless (someday maybe).
4041 off = fxdr_hyper(tl);
4043 cnt = fxdr_unsigned(int, *tl);
4044 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4046 nfsm_reply(2 * NFSX_UNSIGNED);
4047 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
4052 mtx_lock(&Giant); /* VFS */
4053 for_ret = VOP_GETATTR(vp, &bfor, cred, td);
4055 if (cnt > MAX_COMMIT_COUNT) {
4057 * Give up and do the whole thing
4060 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
4061 VM_OBJECT_LOCK(vp->v_object);
4062 vm_object_page_clean(vp->v_object, 0, 0, OBJPC_SYNC);
4063 VM_OBJECT_UNLOCK(vp->v_object);
4065 error = VOP_FSYNC(vp, MNT_WAIT, td);
4068 * Locate and synchronously write any buffers that fall
4069 * into the requested range. Note: we are assuming that
4070 * f_iosize is a power of 2.
4072 int iosize = vp->v_mount->mnt_stat.f_iosize;
4073 int iomask = iosize - 1;
4078 * Align to iosize boundry, super-align to page boundry.
4081 cnt += off & iomask;
4082 off &= ~(u_quad_t)iomask;
4084 if (off & PAGE_MASK) {
4085 cnt += off & PAGE_MASK;
4086 off &= ~(u_quad_t)PAGE_MASK;
4088 lblkno = off / iosize;
4091 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
4092 VM_OBJECT_LOCK(vp->v_object);
4093 vm_object_page_clean(vp->v_object, off / PAGE_SIZE, (cnt + PAGE_MASK) / PAGE_SIZE, OBJPC_SYNC);
4094 VM_OBJECT_UNLOCK(vp->v_object);
4103 * If we have a buffer and it is marked B_DELWRI we
4104 * have to lock and write it. Otherwise the prior
4105 * write is assumed to have already been committed.
4107 * gbincore() can return invalid buffers now so we
4108 * have to check that bit as well (though B_DELWRI
4109 * should not be set if B_INVAL is set there could be
4110 * a race here since we haven't locked the buffer).
4112 if ((bp = gbincore(&vp->v_bufobj, lblkno)) != NULL) {
4113 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_SLEEPFAIL |
4114 LK_INTERLOCK, VI_MTX(vp)) == ENOLCK) {
4116 continue; /* retry */
4118 if ((bp->b_flags & (B_DELWRI|B_INVAL)) ==
4121 bp->b_flags &= ~B_ASYNC;
4138 aft_ret = VOP_GETATTR(vp, &aft, cred, td);
4140 mtx_unlock(&Giant); /* VFS */
4145 nfsm_reply(NFSX_V3WCCDATA + NFSX_V3WRITEVERF);
4146 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
4148 tl = nfsm_build(u_int32_t *, NFSX_V3WRITEVERF);
4149 if (nfsver.tv_sec == 0)
4151 *tl++ = txdr_unsigned(nfsver.tv_sec);
4152 *tl = txdr_unsigned(nfsver.tv_usec);
4159 mtx_lock(&Giant); /* VFS */
4162 vn_finished_write(mp);
4163 mtx_unlock(&Giant); /* VFS */
4169 * nfs statfs service
4172 nfsrv_statfs(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4173 struct thread *td, struct mbuf **mrq)
4175 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4176 struct sockaddr *nam = nfsd->nd_nam;
4177 caddr_t dpos = nfsd->nd_dpos;
4178 struct ucred *cred = &nfsd->nd_cr;
4180 struct nfs_statfs *sfp;
4182 int error = 0, rdonly, getret = 1;
4183 int v3 = (nfsd->nd_flag & ND_NFSV3);
4184 struct mbuf *mb, *mreq;
4185 struct vnode *vp = NULL;
4189 struct statfs statfs;
4194 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4195 fhp = &nfh.fh_generic;
4197 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4199 nfsm_reply(NFSX_UNSIGNED);
4201 nfsm_srvpostop_attr(getret, &at);
4207 mtx_lock(&Giant); /* VFS */
4208 error = VFS_STATFS(vp->v_mount, sf, td);
4209 getret = VOP_GETATTR(vp, &at, cred, td);
4211 mtx_unlock(&Giant); /* VFS */
4214 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_STATFS(v3));
4216 nfsm_srvpostop_attr(getret, &at);
4221 sfp = nfsm_build(struct nfs_statfs *, NFSX_STATFS(v3));
4223 tval = (u_quad_t)sf->f_blocks;
4224 tval *= (u_quad_t)sf->f_bsize;
4225 txdr_hyper(tval, &sfp->sf_tbytes);
4226 tval = (u_quad_t)sf->f_bfree;
4227 tval *= (u_quad_t)sf->f_bsize;
4228 txdr_hyper(tval, &sfp->sf_fbytes);
4230 * Don't send negative values for available space,
4231 * since this field is unsigned in the NFS protocol.
4232 * Otherwise, the client would see absurdly high
4233 * numbers for free space.
4235 if (sf->f_bavail < 0)
4238 tval = (u_quad_t)sf->f_bavail;
4239 tval *= (u_quad_t)sf->f_bsize;
4240 txdr_hyper(tval, &sfp->sf_abytes);
4241 sfp->sf_tfiles.nfsuquad[0] = 0;
4242 sfp->sf_tfiles.nfsuquad[1] = txdr_unsigned(sf->f_files);
4243 sfp->sf_ffiles.nfsuquad[0] = 0;
4244 sfp->sf_ffiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
4245 sfp->sf_afiles.nfsuquad[0] = 0;
4246 sfp->sf_afiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
4247 sfp->sf_invarsec = 0;
4249 sfp->sf_tsize = txdr_unsigned(NFS_MAXDGRAMDATA);
4250 sfp->sf_bsize = txdr_unsigned(sf->f_bsize);
4251 sfp->sf_blocks = txdr_unsigned(sf->f_blocks);
4252 sfp->sf_bfree = txdr_unsigned(sf->f_bfree);
4253 if (sf->f_bavail < 0)
4256 sfp->sf_bavail = txdr_unsigned(sf->f_bavail);
4262 mtx_lock(&Giant); /* VFS */
4264 mtx_unlock(&Giant); /* VFS */
4271 * nfs fsinfo service
4274 nfsrv_fsinfo(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4275 struct thread *td, struct mbuf **mrq)
4277 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4278 struct sockaddr *nam = nfsd->nd_nam;
4279 caddr_t dpos = nfsd->nd_dpos;
4280 struct ucred *cred = &nfsd->nd_cr;
4281 struct nfsv3_fsinfo *sip;
4283 int error = 0, rdonly, getret = 1, pref;
4284 struct mbuf *mb, *mreq;
4285 struct vnode *vp = NULL;
4291 int v3 = (nfsd->nd_flag & ND_NFSV3);
4295 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4297 panic("nfsrv_fsinfo: v3 proc called on a v2 connection");
4298 fhp = &nfh.fh_generic;
4300 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4302 nfsm_reply(NFSX_UNSIGNED);
4303 nfsm_srvpostop_attr(getret, &at);
4309 mtx_lock(&Giant); /* VFS */
4310 /* XXX Try to make a guess on the max file size. */
4311 VFS_STATFS(vp->v_mount, &sb, td);
4312 maxfsize = (u_quad_t)0x80000000 * sb.f_bsize - 1;
4314 getret = VOP_GETATTR(vp, &at, cred, td);
4316 mtx_unlock(&Giant); /* VFS */
4319 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3FSINFO);
4320 nfsm_srvpostop_attr(getret, &at);
4321 sip = nfsm_build(struct nfsv3_fsinfo *, NFSX_V3FSINFO);
4325 * There should be filesystem VFS OP(s) to get this information.
4326 * For now, assume ufs.
4328 if (slp->ns_so->so_type == SOCK_DGRAM)
4329 pref = NFS_MAXDGRAMDATA;
4332 sip->fs_rtmax = txdr_unsigned(pref);
4333 sip->fs_rtpref = txdr_unsigned(pref);
4334 sip->fs_rtmult = txdr_unsigned(NFS_FABLKSIZE);
4335 sip->fs_wtmax = txdr_unsigned(pref);
4336 sip->fs_wtpref = txdr_unsigned(pref);
4337 sip->fs_wtmult = txdr_unsigned(NFS_FABLKSIZE);
4338 sip->fs_dtpref = txdr_unsigned(pref);
4339 txdr_hyper(maxfsize, &sip->fs_maxfilesize);
4340 sip->fs_timedelta.nfsv3_sec = 0;
4341 sip->fs_timedelta.nfsv3_nsec = txdr_unsigned(1);
4342 sip->fs_properties = txdr_unsigned(NFSV3FSINFO_LINK |
4343 NFSV3FSINFO_SYMLINK | NFSV3FSINFO_HOMOGENEOUS |
4344 NFSV3FSINFO_CANSETTIME);
4349 mtx_lock(&Giant); /* VFS */
4351 mtx_unlock(&Giant); /* VFS */
4358 * nfs pathconf service
4361 nfsrv_pathconf(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4362 struct thread *td, struct mbuf **mrq)
4364 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4365 struct sockaddr *nam = nfsd->nd_nam;
4366 caddr_t dpos = nfsd->nd_dpos;
4367 struct ucred *cred = &nfsd->nd_cr;
4368 struct nfsv3_pathconf *pc;
4370 int error = 0, rdonly, getret = 1;
4371 register_t linkmax, namemax, chownres, notrunc;
4372 struct mbuf *mb, *mreq;
4373 struct vnode *vp = NULL;
4377 int v3 = (nfsd->nd_flag & ND_NFSV3);
4381 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4383 panic("nfsrv_pathconf: v3 proc called on a v2 connection");
4384 fhp = &nfh.fh_generic;
4386 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4388 nfsm_reply(NFSX_UNSIGNED);
4389 nfsm_srvpostop_attr(getret, &at);
4394 mtx_lock(&Giant); /* VFS */
4395 error = VOP_PATHCONF(vp, _PC_LINK_MAX, &linkmax);
4397 error = VOP_PATHCONF(vp, _PC_NAME_MAX, &namemax);
4399 error = VOP_PATHCONF(vp, _PC_CHOWN_RESTRICTED, &chownres);
4401 error = VOP_PATHCONF(vp, _PC_NO_TRUNC, ¬runc);
4402 getret = VOP_GETATTR(vp, &at, cred, td);
4404 mtx_unlock(&Giant); /* VFS */
4407 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3PATHCONF);
4408 nfsm_srvpostop_attr(getret, &at);
4413 pc = nfsm_build(struct nfsv3_pathconf *, NFSX_V3PATHCONF);
4415 pc->pc_linkmax = txdr_unsigned(linkmax);
4416 pc->pc_namemax = txdr_unsigned(namemax);
4417 pc->pc_notrunc = txdr_unsigned(notrunc);
4418 pc->pc_chownrestricted = txdr_unsigned(chownres);
4421 * These should probably be supported by VOP_PATHCONF(), but
4422 * until msdosfs is exportable (why would you want to?), the
4423 * Unix defaults should be ok.
4425 pc->pc_caseinsensitive = nfsrv_nfs_false;
4426 pc->pc_casepreserving = nfsrv_nfs_true;
4431 mtx_lock(&Giant); /* VFS */
4433 mtx_unlock(&Giant); /* VFS */
4440 * Null operation, used by clients to ping server
4444 nfsrv_null(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4445 struct thread *td, struct mbuf **mrq)
4447 struct mbuf *mrep = nfsd->nd_mrep;
4449 int error = NFSERR_RETVOID;
4450 struct mbuf *mb, *mreq;
4454 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4462 * No operation, used for obsolete procedures
4466 nfsrv_noop(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4467 struct thread *td, struct mbuf **mrq)
4469 struct mbuf *mrep = nfsd->nd_mrep;
4472 struct mbuf *mb, *mreq;
4476 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4477 if (nfsd->nd_repstat)
4478 error = nfsd->nd_repstat;
4480 error = EPROCUNAVAIL;
4489 * Perform access checking for vnodes obtained from file handles that would
4490 * refer to files already opened by a Unix client. You cannot just use
4491 * vn_writechk() and VOP_ACCESS() for two reasons.
4492 * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write
4494 * 2 - The owner is to be given access irrespective of mode bits for some
4495 * operations, so that processes that chmod after opening a file don't
4496 * break. I don't like this because it opens a security hole, but since
4497 * the nfs server opens a security hole the size of a barn door anyhow,
4500 * The exception to rule 2 is EPERM. If a file is IMMUTABLE, VOP_ACCESS()
4501 * will return EPERM instead of EACCESS. EPERM is always an error.
4503 * There are two versions: one to be called while holding Giant (which is
4504 * needed due to use of VFS), and the other called with the NFS server lock
4505 * (which will be dropped and reacquired). This is necessary because
4506 * nfsrv_access checks are required from both classes of contexts.
4509 nfsrv_access_withgiant(struct vnode *vp, int flags, struct ucred *cred,
4510 int rdonly, struct thread *td, int override)
4517 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4519 if (flags & VWRITE) {
4520 /* Just vn_writechk() changed to check rdonly */
4522 * Disallow write attempts on read-only filesystems;
4523 * unless the file is a socket or a block or character
4524 * device resident on the filesystem.
4526 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
4527 switch (vp->v_type) {
4537 * If there's shared text associated with
4538 * the inode, we can't allow writing.
4540 if (vp->v_vflag & VV_TEXT)
4544 error = VOP_GETATTR(vp, &vattr, cred, td);
4547 error = VOP_ACCESS(vp, flags, cred, td);
4549 * Allow certain operations for the owner (reads and writes
4550 * on files that are already open).
4552 if (override && error == EACCES && cred->cr_uid == vattr.va_uid)
4558 nfsrv_access(struct vnode *vp, int flags, struct ucred *cred, int rdonly,
4559 struct thread *td, int override)
4566 mtx_lock(&Giant); /* VFS */
4567 error = nfsrv_access_withgiant(vp, flags, cred, rdonly, td, override);
4568 mtx_unlock(&Giant); /* VFS */