2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_serv.c 8.8 (Berkeley) 7/31/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 * nfs version 2 and 3 server calls to vnode ops
40 * - these routines generally have 3 phases
41 * 1 - break down and validate rpc request in mbuf list
42 * 2 - do the vnode ops for the request
43 * (surprisingly ?? many are very similar to syscalls in vfs_syscalls.c)
44 * 3 - build the rpc reply in an mbuf list
46 * - do not mix the phases, since the nfsm_?? macros can return failures
47 * on a bad rpc or similar and do not do any vrele() or vput()'s
49 * - the nfsm_reply() macro generates an nfs rpc reply with the nfs
50 * error number iff error != 0 whereas
51 * returning an error from the server function implies a fatal error
52 * such as a badly constructed rpc request that should be dropped without
54 * For nfsm_reply(), the case where error == EBADRPC is treated
55 * specially; after constructing a reply, it does an immediate
56 * `goto nfsmout' to avoid getting any V3 post-op status appended.
59 * Warning: always pay careful attention to resource cleanup on return
60 * and note that nfsm_*() macros can terminate a procedure on certain
63 * lookup() and namei()
64 * may return garbage in various structural fields/return elements
65 * if an error is returned, and may garbage up nd.ni_dvp even if no
66 * error is returned and you did not request LOCKPARENT or WANTPARENT.
68 * We use the ni_cnd.cn_flags 'HASBUF' flag to track whether the name
69 * buffer has been freed or not.
72 #include <sys/param.h>
73 #include <sys/systm.h>
75 #include <sys/namei.h>
76 #include <sys/unistd.h>
77 #include <sys/vnode.h>
78 #include <sys/mount.h>
79 #include <sys/socket.h>
80 #include <sys/socketvar.h>
81 #include <sys/malloc.h>
83 #include <sys/dirent.h>
85 #include <sys/kernel.h>
86 #include <sys/sysctl.h>
91 #include <vm/vm_extern.h>
92 #include <vm/vm_object.h>
94 #include <nfs/nfsproto.h>
95 #include <nfs/rpcv2.h>
96 #include <nfsserver/nfs.h>
97 #include <nfs/xdr_subs.h>
98 #include <nfsserver/nfsm_subs.h>
101 #define nfsdbprintf(info) printf info
103 #define nfsdbprintf(info)
106 #define MAX_COMMIT_COUNT (1024 * 1024)
108 #define NUM_HEURISTIC 1017
109 #define NHUSE_INIT 64
111 #define NHUSE_MAX 2048
113 static struct nfsheur {
114 struct vnode *nh_vp; /* vp to match (unreferenced pointer) */
115 off_t nh_nextr; /* next offset for sequential detection */
116 int nh_use; /* use count for selection */
117 int nh_seqcount; /* heuristic */
118 } nfsheur[NUM_HEURISTIC];
122 int nfsrvw_procrastinate = NFS_GATHERDELAY * 1000;
123 int nfsrvw_procrastinate_v3 = 0;
125 static struct timeval nfsver = { 0 };
127 SYSCTL_NODE(_vfs, OID_AUTO, nfsrv, CTLFLAG_RW, 0, "NFS server");
129 static int nfs_async;
130 static int nfs_commit_blks;
131 static int nfs_commit_miss;
132 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, async, CTLFLAG_RW, &nfs_async, 0, "");
133 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_blks, CTLFLAG_RW, &nfs_commit_blks, 0, "");
134 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_miss, CTLFLAG_RW, &nfs_commit_miss, 0, "");
136 struct nfsrvstats nfsrvstats;
137 SYSCTL_STRUCT(_vfs_nfsrv, NFS_NFSRVSTATS, nfsrvstats, CTLFLAG_RD,
138 &nfsrvstats, nfsrvstats, "S,nfsrvstats");
140 static int nfsrv_access_withgiant(struct vnode *vp, int flags,
141 struct ucred *cred, int rdonly, struct thread *td,
143 static int nfsrv_access(struct vnode *, int, struct ucred *, int,
144 struct thread *, int);
145 static void nfsrvw_coalesce(struct nfsrv_descript *,
146 struct nfsrv_descript *);
149 * Clear nameidata fields that are tested in nsfmout cleanup code prior
150 * to using first nfsm macro (that might jump to the cleanup code).
154 ndclear(struct nameidata *nd)
157 nd->ni_cnd.cn_flags = 0;
160 nd->ni_startdir = NULL;
164 * nfs v3 access service
167 nfsrv3_access(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
168 struct thread *td, struct mbuf **mrq)
170 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
171 struct sockaddr *nam = nfsd->nd_nam;
172 caddr_t dpos = nfsd->nd_dpos;
173 struct ucred *cred = nfsd->nd_cr;
174 struct vnode *vp = NULL;
179 int error = 0, rdonly, getret;
180 struct mbuf *mb, *mreq;
181 struct vattr vattr, *vap = &vattr;
182 u_long testmode, nfsmode;
183 int v3 = (nfsd->nd_flag & ND_NFSV3);
187 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
189 panic("nfsrv3_access: v3 proc called on a v2 connection");
190 fhp = &nfh.fh_generic;
192 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
193 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
195 nfsm_reply(NFSX_UNSIGNED);
196 nfsm_srvpostop_attr(1, NULL);
200 nfsmode = fxdr_unsigned(u_int32_t, *tl);
202 mtx_lock(&Giant); /* VFS */
203 if ((nfsmode & NFSV3ACCESS_READ) &&
204 nfsrv_access_withgiant(vp, VREAD, cred, rdonly, td, 0))
205 nfsmode &= ~NFSV3ACCESS_READ;
206 if (vp->v_type == VDIR)
207 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND |
210 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND);
211 if ((nfsmode & testmode) &&
212 nfsrv_access_withgiant(vp, VWRITE, cred, rdonly, td, 0))
213 nfsmode &= ~testmode;
214 if (vp->v_type == VDIR)
215 testmode = NFSV3ACCESS_LOOKUP;
217 testmode = NFSV3ACCESS_EXECUTE;
218 if ((nfsmode & testmode) &&
219 nfsrv_access_withgiant(vp, VEXEC, cred, rdonly, td, 0))
220 nfsmode &= ~testmode;
221 getret = VOP_GETATTR(vp, vap, cred, td);
223 mtx_unlock(&Giant); /* VFS */
226 nfsm_reply(NFSX_POSTOPATTR(1) + NFSX_UNSIGNED);
227 nfsm_srvpostop_attr(getret, vap);
228 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
229 *tl = txdr_unsigned(nfsmode);
234 mtx_lock(&Giant); /* VFS */
236 mtx_unlock(&Giant); /* VFS */
243 * nfs getattr service
246 nfsrv_getattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
247 struct thread *td, struct mbuf **mrq)
249 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
250 struct sockaddr *nam = nfsd->nd_nam;
251 caddr_t dpos = nfsd->nd_dpos;
252 struct ucred *cred = nfsd->nd_cr;
253 struct nfs_fattr *fp;
255 struct vattr *vap = &va;
256 struct vnode *vp = NULL;
260 int error = 0, rdonly;
261 struct mbuf *mb, *mreq;
265 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
266 fhp = &nfh.fh_generic;
268 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
275 mtx_lock(&Giant); /* VFS */
276 error = VOP_GETATTR(vp, vap, cred, td);
278 mtx_unlock(&Giant); /* VFS */
281 nfsm_reply(NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
286 fp = nfsm_build(struct nfs_fattr *,
287 NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
288 nfsm_srvfillattr(vap, fp);
295 mtx_lock(&Giant); /* VFS */
297 mtx_unlock(&Giant); /* VFS */
304 * nfs setattr service
307 nfsrv_setattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
308 struct thread *td, struct mbuf **mrq)
310 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
311 struct sockaddr *nam = nfsd->nd_nam;
312 caddr_t dpos = nfsd->nd_dpos;
313 struct ucred *cred = nfsd->nd_cr;
314 struct vattr va, preat;
315 struct vattr *vap = &va;
316 struct nfsv2_sattr *sp;
317 struct nfs_fattr *fp;
318 struct vnode *vp = NULL;
323 int error = 0, rdonly, preat_ret = 1, postat_ret = 1;
324 int v3 = (nfsd->nd_flag & ND_NFSV3), gcheck = 0;
325 struct mbuf *mb, *mreq;
326 struct timespec guard;
327 struct mount *mp = NULL;
331 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
332 fhp = &nfh.fh_generic;
334 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
339 mtx_lock(&Giant); /* VFS */
340 (void) vn_start_write(NULL, &mp, V_WAIT);
341 mtx_unlock(&Giant); /* VFS */
346 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
347 gcheck = fxdr_unsigned(int, *tl);
349 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
350 fxdr_nfsv3time(tl, &guard);
353 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
355 * Nah nah nah nah na nah
356 * There is a bug in the Sun client that puts 0xffff in the mode
357 * field of sattr when it should put in 0xffffffff. The u_short
358 * doesn't sign extend.
359 * --> check the low order 2 bytes for 0xffff
361 if ((fxdr_unsigned(int, sp->sa_mode) & 0xffff) != 0xffff)
362 vap->va_mode = nfstov_mode(sp->sa_mode);
363 if (sp->sa_uid != nfsrv_nfs_xdrneg1)
364 vap->va_uid = fxdr_unsigned(uid_t, sp->sa_uid);
365 if (sp->sa_gid != nfsrv_nfs_xdrneg1)
366 vap->va_gid = fxdr_unsigned(gid_t, sp->sa_gid);
367 if (sp->sa_size != nfsrv_nfs_xdrneg1)
368 vap->va_size = fxdr_unsigned(u_quad_t, sp->sa_size);
369 if (sp->sa_atime.nfsv2_sec != nfsrv_nfs_xdrneg1) {
371 fxdr_nfsv2time(&sp->sa_atime, &vap->va_atime);
373 vap->va_atime.tv_sec =
374 fxdr_unsigned(int32_t, sp->sa_atime.nfsv2_sec);
375 vap->va_atime.tv_nsec = 0;
378 if (sp->sa_mtime.nfsv2_sec != nfsrv_nfs_xdrneg1)
379 fxdr_nfsv2time(&sp->sa_mtime, &vap->va_mtime);
384 * Now that we have all the fields, lets do it.
386 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
388 nfsm_reply(2 * NFSX_UNSIGNED);
390 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
396 * vp now an active resource, pay careful attention to cleanup
400 mtx_lock(&Giant); /* VFS */
401 error = preat_ret = VOP_GETATTR(vp, &preat, cred, td);
402 if (!error && gcheck &&
403 (preat.va_ctime.tv_sec != guard.tv_sec ||
404 preat.va_ctime.tv_nsec != guard.tv_nsec))
405 error = NFSERR_NOT_SYNC;
408 mtx_unlock(&Giant); /* VFS */
411 nfsm_reply(NFSX_WCCDATA(v3));
413 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
417 mtx_unlock(&Giant); /* VFS */
423 * If the size is being changed write acces is required, otherwise
424 * just check for a read only filesystem.
426 if (vap->va_size == ((u_quad_t)((quad_t) -1))) {
427 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
432 if (vp->v_type == VDIR) {
435 } else if ((error = nfsrv_access(vp, VWRITE, cred, rdonly,
440 mtx_lock(&Giant); /* VFS */
441 error = VOP_SETATTR(vp, vap, cred, td);
442 postat_ret = VOP_GETATTR(vp, vap, cred, td);
443 mtx_unlock(&Giant); /* VFS */
451 mtx_lock(&Giant); /* VFS */
453 mtx_unlock(&Giant); /* VFS */
458 nfsm_reply(NFSX_WCCORFATTR(v3));
460 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
462 /* v2 non-error case. */
463 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
464 nfsm_srvfillattr(vap, fp);
472 mtx_lock(&Giant); /* VFS */
475 vn_finished_write(mp);
476 mtx_unlock(&Giant); /* VFS */
485 nfsrv_lookup(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
486 struct thread *td, struct mbuf **mrq)
488 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
489 struct sockaddr *nam = nfsd->nd_nam;
490 caddr_t dpos = nfsd->nd_dpos;
491 struct ucred *cred = nfsd->nd_cr;
492 struct nfs_fattr *fp;
493 struct nameidata nd, ind, *ndp = &nd;
494 struct vnode *vp, *dirp = NULL;
498 int error = 0, len, dirattr_ret = 1;
499 int v3 = (nfsd->nd_flag & ND_NFSV3), pubflag;
500 struct mbuf *mb, *mreq;
501 struct vattr va, dirattr, *vap = &va;
505 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
508 fhp = &nfh.fh_generic;
510 nfsm_srvnamesiz(len);
512 pubflag = nfs_ispublicfh(fhp);
514 nd.ni_cnd.cn_cred = cred;
515 nd.ni_cnd.cn_nameiop = LOOKUP;
516 nd.ni_cnd.cn_flags = LOCKLEAF | SAVESTART;
517 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
518 &dirp, v3, &dirattr, &dirattr_ret, td, pubflag);
521 * namei failure, only dirp to cleanup. Clear out garbarge from
522 * structure in case macros jump to nfsmout.
526 mtx_lock(&Giant); /* VFS */
532 mtx_unlock(&Giant); /* VFS */
534 nfsm_reply(NFSX_POSTOPATTR(v3));
536 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
542 * Locate index file for public filehandle
544 * error is 0 on entry and 0 on exit from this block.
548 if (nd.ni_vp->v_type == VDIR && nfs_pub.np_index != NULL) {
550 * Setup call to lookup() to see if we can find
551 * the index file. Arguably, this doesn't belong
552 * in a kernel.. Ugh. If an error occurs, do not
553 * try to install an index file and then clear the
556 * When we replace nd with ind and redirect ndp,
557 * maintenance of ni_startdir and ni_vp shift to
558 * ind and we have to clean them up in the old nd.
559 * However, the cnd resource continues to be maintained
560 * via the original nd. Confused? You aren't alone!
563 VOP_UNLOCK(nd.ni_vp, 0, td);
564 ind.ni_pathlen = strlen(nfs_pub.np_index);
565 ind.ni_cnd.cn_nameptr = ind.ni_cnd.cn_pnbuf =
567 ind.ni_startdir = nd.ni_vp;
568 VREF(ind.ni_startdir);
570 error = lookup(&ind);
575 * Found an index file. Get rid of
576 * the old references. transfer nd.ni_vp'
582 vrele(nd.ni_startdir);
583 nd.ni_startdir = NULL;
589 * If the public filehandle was used, check that this lookup
590 * didn't result in a filehandle outside the publicly exported
591 * filesystem. We clear the poor vp here to avoid lockups due
595 if (ndp->ni_vp->v_mount != nfs_pub.np_mount) {
608 * Resources at this point:
609 * ndp->ni_vp may not be NULL
614 mtx_unlock(&Giant); /* VFS */
616 nfsm_reply(NFSX_POSTOPATTR(v3));
618 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
624 * Clear out some resources prior to potentially blocking. This
625 * is not as critical as ni_dvp resources in other routines, but
628 vrele(ndp->ni_startdir);
629 ndp->ni_startdir = NULL;
630 NDFREE(&nd, NDF_ONLY_PNBUF);
633 * Get underlying attribute, then release remaining resources ( for
634 * the same potential blocking reason ) and reply.
637 bzero((caddr_t)fhp, sizeof(nfh));
638 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
639 error = VFS_VPTOFH(vp, &fhp->fh_fid);
641 error = VOP_GETATTR(vp, vap, cred, td);
644 mtx_unlock(&Giant); /* VFS */
647 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPORFATTR(v3) + NFSX_POSTOPATTR(v3));
650 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
654 nfsm_srvfhtom(fhp, v3);
656 nfsm_srvpostop_attr(0, vap);
657 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
659 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
660 nfsm_srvfillattr(vap, fp);
666 mtx_lock(&Giant); /* VFS */
671 NDFREE(&nd, NDF_ONLY_PNBUF);
672 if (ndp->ni_startdir)
673 vrele(ndp->ni_startdir);
674 mtx_unlock(&Giant); /* VFS */
680 * nfs readlink service
683 nfsrv_readlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
684 struct thread *td, struct mbuf **mrq)
686 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
687 struct sockaddr *nam = nfsd->nd_nam;
688 caddr_t dpos = nfsd->nd_dpos;
689 struct ucred *cred = nfsd->nd_cr;
690 struct iovec iv[(NFS_MAXPATHLEN+MLEN-1)/MLEN];
691 struct iovec *ivp = iv;
695 int error = 0, rdonly, i, tlen, len, getret;
696 int v3 = (nfsd->nd_flag & ND_NFSV3);
697 struct mbuf *mb, *mp3, *nmp, *mreq;
698 struct vnode *vp = NULL;
702 struct uio io, *uiop = &io;
706 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
711 fhp = &nfh.fh_generic;
716 while (len < NFS_MAXPATHLEN) {
717 MGET(nmp, M_TRYWAIT, MT_DATA);
718 MCLGET(nmp, M_TRYWAIT);
719 nmp->m_len = NFSMSIZ(nmp);
726 if ((len + mp->m_len) > NFS_MAXPATHLEN) {
727 mp->m_len = NFS_MAXPATHLEN - len;
728 len = NFS_MAXPATHLEN;
731 ivp->iov_base = mtod(mp, caddr_t);
732 ivp->iov_len = mp->m_len;
737 uiop->uio_iovcnt = i;
738 uiop->uio_offset = 0;
739 uiop->uio_resid = len;
740 uiop->uio_rw = UIO_READ;
741 uiop->uio_segflg = UIO_SYSSPACE;
744 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
746 nfsm_reply(2 * NFSX_UNSIGNED);
748 nfsm_srvpostop_attr(1, NULL);
753 mtx_lock(&Giant); /* VFS */
754 if (vp->v_type != VLNK) {
760 error = VOP_READLINK(vp, uiop, cred);
761 getret = VOP_GETATTR(vp, &attr, cred, td);
763 mtx_unlock(&Giant); /* VFS */
766 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_UNSIGNED);
768 nfsm_srvpostop_attr(getret, &attr);
773 if (uiop->uio_resid > 0) {
774 len -= uiop->uio_resid;
775 tlen = nfsm_rndup(len);
776 nfsm_adj(mp3, NFS_MAXPATHLEN-tlen, tlen-len);
778 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
779 *tl = txdr_unsigned(len);
788 mtx_lock(&Giant); /* VFS */
790 mtx_unlock(&Giant); /* VFS */
800 nfsrv_read(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
801 struct thread *td, struct mbuf **mrq)
803 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
804 struct sockaddr *nam = nfsd->nd_nam;
805 caddr_t dpos = nfsd->nd_dpos;
806 struct ucred *cred = nfsd->nd_cr;
810 struct nfs_fattr *fp;
814 int error = 0, rdonly, cnt, len, left, siz, tlen, getret;
815 int v3 = (nfsd->nd_flag & ND_NFSV3), reqlen;
816 struct mbuf *mb, *mreq;
818 struct vnode *vp = NULL;
821 struct uio io, *uiop = &io;
822 struct vattr va, *vap = &va;
829 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
830 fhp = &nfh.fh_generic;
833 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
834 off = fxdr_hyper(tl);
836 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
837 off = (off_t)fxdr_unsigned(u_int32_t, *tl);
839 nfsm_srvstrsiz(reqlen, NFS_SRVMAXDATA(nfsd));
842 * Reference vp. If an error occurs, vp will be invalid, but we
843 * have to NULL it just in case. The macros might goto nfsmout
847 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
850 nfsm_reply(2 * NFSX_UNSIGNED);
852 nfsm_srvpostop_attr(1, NULL);
857 if (vp->v_type != VREG) {
861 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
864 mtx_lock(&Giant); /* VFS */
866 if ((error = nfsrv_access_withgiant(vp, VREAD, cred, rdonly,
868 error = nfsrv_access_withgiant(vp, VEXEC, cred,
871 getret = VOP_GETATTR(vp, vap, cred, td);
876 mtx_unlock(&Giant); /* VFS */
879 nfsm_reply(NFSX_POSTOPATTR(v3));
881 nfsm_srvpostop_attr(getret, vap);
885 mtx_unlock(&Giant); /* VFS */
889 * Calculate byte count to read
892 if (off >= vap->va_size)
894 else if ((off + reqlen) > vap->va_size)
895 cnt = vap->va_size - off;
900 * Calculate seqcount for heuristic
908 * Locate best candidate
911 hi = ((int)(vm_offset_t)vp / sizeof(struct vnode)) % NUM_HEURISTIC;
915 if (nfsheur[hi].nh_vp == vp) {
919 if (nfsheur[hi].nh_use > 0)
920 --nfsheur[hi].nh_use;
921 hi = (hi + 1) % NUM_HEURISTIC;
922 if (nfsheur[hi].nh_use < nh->nh_use)
926 if (nh->nh_vp != vp) {
929 nh->nh_use = NHUSE_INIT;
937 * Calculate heuristic
940 if ((off == 0 && nh->nh_seqcount > 0) || off == nh->nh_nextr) {
941 if (++nh->nh_seqcount > IO_SEQMAX)
942 nh->nh_seqcount = IO_SEQMAX;
943 } else if (nh->nh_seqcount > 1) {
948 nh->nh_use += NHUSE_INC;
949 if (nh->nh_use > NHUSE_MAX)
950 nh->nh_use = NHUSE_MAX;
951 ioflag |= nh->nh_seqcount << IO_SEQSHIFT;
954 nfsm_reply(NFSX_POSTOPORFATTR(v3) + 3 * NFSX_UNSIGNED+nfsm_rndup(cnt));
956 tl = nfsm_build(u_int32_t *, NFSX_V3FATTR + 4 * NFSX_UNSIGNED);
957 *tl++ = nfsrv_nfs_true;
958 fp = (struct nfs_fattr *)tl;
959 tl += (NFSX_V3FATTR / sizeof (u_int32_t));
961 tl = nfsm_build(u_int32_t *, NFSX_V2FATTR + NFSX_UNSIGNED);
962 fp = (struct nfs_fattr *)tl;
963 tl += (NFSX_V2FATTR / sizeof (u_int32_t));
965 len = left = nfsm_rndup(cnt);
969 * Generate the mbuf list with the uio_iov ref. to it.
974 siz = min(M_TRAILINGSPACE(m), left);
980 MGET(m, M_TRYWAIT, MT_DATA);
981 MCLGET(m, M_TRYWAIT);
987 MALLOC(iv, struct iovec *, i * sizeof (struct iovec),
989 uiop->uio_iov = iv2 = iv;
995 panic("nfsrv_read iov");
996 siz = min(M_TRAILINGSPACE(m), left);
998 iv->iov_base = mtod(m, caddr_t) + m->m_len;
1007 uiop->uio_iovcnt = i;
1008 uiop->uio_offset = off;
1009 uiop->uio_resid = len;
1010 uiop->uio_rw = UIO_READ;
1011 uiop->uio_segflg = UIO_SYSSPACE;
1012 mtx_lock(&Giant); /* VFS */
1013 error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
1014 off = uiop->uio_offset;
1016 FREE((caddr_t)iv2, M_TEMP);
1017 if (error || (getret = VOP_GETATTR(vp, vap, cred, td))) {
1022 mtx_unlock(&Giant); /* VFS */
1025 nfsm_reply(NFSX_POSTOPATTR(v3));
1027 nfsm_srvpostop_attr(getret, vap);
1032 uiop->uio_resid = 0;
1033 mtx_lock(&Giant); /* VFS */
1035 mtx_assert(&Giant, MA_OWNED); /* VFS */
1037 mtx_unlock(&Giant); /* VFS */
1040 nfsm_srvfillattr(vap, fp);
1041 tlen = len - uiop->uio_resid;
1042 cnt = cnt < tlen ? cnt : tlen;
1043 tlen = nfsm_rndup(cnt);
1044 if (len != tlen || tlen != cnt)
1045 nfsm_adj(mb, len - tlen, tlen - cnt);
1047 *tl++ = txdr_unsigned(cnt);
1049 *tl++ = nfsrv_nfs_true;
1051 *tl++ = nfsrv_nfs_false;
1053 *tl = txdr_unsigned(cnt);
1058 mtx_lock(&Giant); /* VFS */
1060 mtx_unlock(&Giant); /* VFS */
1070 nfsrv_write(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1071 struct thread *td, struct mbuf **mrq)
1073 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1074 struct sockaddr *nam = nfsd->nd_nam;
1075 caddr_t dpos = nfsd->nd_dpos;
1076 struct ucred *cred = nfsd->nd_cr;
1080 struct nfs_fattr *fp;
1082 struct vattr va, forat;
1083 struct vattr *vap = &va;
1086 int error = 0, rdonly, len, forat_ret = 1;
1087 int ioflags, aftat_ret = 1, retlen = 0, zeroing, adjust;
1088 int stable = NFSV3WRITE_FILESYNC;
1089 int v3 = (nfsd->nd_flag & ND_NFSV3);
1090 struct mbuf *mb, *mreq;
1091 struct vnode *vp = NULL;
1094 struct uio io, *uiop = &io;
1096 struct mount *mntp = NULL;
1100 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1106 fhp = &nfh.fh_generic;
1108 if ((mntp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1113 mtx_lock(&Giant); /* VFS */
1114 (void) vn_start_write(NULL, &mntp, V_WAIT);
1115 mtx_unlock(&Giant); /* VFS */
1118 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
1119 off = fxdr_hyper(tl);
1121 stable = fxdr_unsigned(int, *tl++);
1123 tl = nfsm_dissect_nonblock(u_int32_t *, 4 * NFSX_UNSIGNED);
1124 off = (off_t)fxdr_unsigned(u_int32_t, *++tl);
1127 stable = NFSV3WRITE_UNSTABLE;
1129 retlen = len = fxdr_unsigned(int32_t, *tl);
1133 * For NFS Version 2, it is not obvious what a write of zero length
1134 * should do, but I might as well be consistent with Version 3,
1135 * which is to return ok so long as there are no permission problems.
1143 adjust = dpos - mtod(mp, caddr_t);
1144 mp->m_len -= adjust;
1145 if (mp->m_len > 0 && adjust > 0)
1146 mp->m_data += adjust;
1150 else if (mp->m_len > 0) {
1153 mp->m_len -= (i - len);
1162 if (len > NFS_MAXDATA || len < 0 || i < len) {
1164 nfsm_reply(2 * NFSX_UNSIGNED);
1166 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1170 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
1173 nfsm_reply(2 * NFSX_UNSIGNED);
1175 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1181 mtx_lock(&Giant); /* VFS */
1182 forat_ret = VOP_GETATTR(vp, &forat, cred, td);
1183 mtx_unlock(&Giant); /* VFS */
1186 if (vp->v_type != VREG) {
1190 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
1193 error = nfsrv_access(vp, VWRITE, cred, rdonly, td, 1);
1196 mtx_lock(&Giant); /* VFS */
1198 mtx_unlock(&Giant); /* VFS */
1201 nfsm_reply(NFSX_WCCDATA(v3));
1203 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1210 MALLOC(ivp, struct iovec *, cnt * sizeof (struct iovec), M_TEMP,
1212 uiop->uio_iov = iv = ivp;
1213 uiop->uio_iovcnt = cnt;
1216 if (mp->m_len > 0) {
1217 ivp->iov_base = mtod(mp, caddr_t);
1218 ivp->iov_len = mp->m_len;
1226 * The IO_METASYNC flag indicates that all metadata (and not just
1227 * enough to ensure data integrity) mus be written to stable storage
1229 * (IO_METASYNC is not yet implemented in 4.4BSD-Lite.)
1231 if (stable == NFSV3WRITE_UNSTABLE)
1232 ioflags = IO_NODELOCKED;
1233 else if (stable == NFSV3WRITE_DATASYNC)
1234 ioflags = (IO_SYNC | IO_NODELOCKED);
1236 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1237 uiop->uio_resid = len;
1238 uiop->uio_rw = UIO_WRITE;
1239 uiop->uio_segflg = UIO_SYSSPACE;
1240 uiop->uio_td = NULL;
1241 uiop->uio_offset = off;
1242 mtx_lock(&Giant); /* VFS */
1243 error = VOP_WRITE(vp, uiop, ioflags, cred);
1244 /* XXXRW: unlocked write. */
1245 nfsrvstats.srvvop_writes++;
1246 FREE((caddr_t)iv, M_TEMP);
1248 mtx_lock(&Giant); /* VFS */
1249 mtx_assert(&Giant, MA_OWNED); /* VFS */
1250 aftat_ret = VOP_GETATTR(vp, vap, cred, td);
1252 mtx_unlock(&Giant); /* VFS */
1259 nfsm_reply(NFSX_PREOPATTR(v3) + NFSX_POSTOPORFATTR(v3) +
1260 2 * NFSX_UNSIGNED + NFSX_WRITEVERF(v3));
1262 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1267 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
1268 *tl++ = txdr_unsigned(retlen);
1270 * If nfs_async is set, then pretend the write was FILESYNC.
1272 if (stable == NFSV3WRITE_UNSTABLE && !nfs_async)
1273 *tl++ = txdr_unsigned(stable);
1275 *tl++ = txdr_unsigned(NFSV3WRITE_FILESYNC);
1277 * Actually, there is no need to txdr these fields,
1278 * but it may make the values more human readable,
1279 * for debugging purposes.
1281 if (nfsver.tv_sec == 0)
1283 *tl++ = txdr_unsigned(nfsver.tv_sec);
1284 *tl = txdr_unsigned(nfsver.tv_usec);
1285 } else if (!error) {
1286 /* v2 non-error case. */
1287 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1288 nfsm_srvfillattr(vap, fp);
1294 mtx_lock(&Giant); /* VFS */
1297 vn_finished_write(mntp);
1298 mtx_unlock(&Giant); /* VFS */
1304 * For the purposes of write gathering, we must decide if the credential
1305 * associated with two pending requests have equivilent privileges. Since
1306 * NFS only uses a subset of the BSD ucred -- the effective uid and group
1307 * IDs -- we have a compare routine that checks only the relevant fields.
1310 nfsrv_samecred(struct ucred *cr1, struct ucred *cr2)
1314 if (cr1->cr_uid != cr2->cr_uid)
1316 if (cr1->cr_ngroups != cr2->cr_ngroups)
1318 for (i = 0; i < cr1->cr_ngroups; i++) {
1319 if (cr1->cr_groups[i] != cr2->cr_groups[i])
1326 * NFS write service with write gathering support. Called when
1327 * nfsrvw_procrastinate > 0.
1328 * See: Chet Juszczak, "Improving the Write Performance of an NFS Server",
1329 * in Proc. of the Winter 1994 Usenix Conference, pg. 247-259, San Franscisco,
1333 nfsrv_writegather(struct nfsrv_descript **ndp, struct nfssvc_sock *slp,
1334 struct thread *td, struct mbuf **mrq)
1338 struct nfsrv_descript *wp, *nfsd, *owp, *swp;
1339 struct nfs_fattr *fp;
1342 struct nfsrvw_delayhash *wpp;
1344 struct vattr va, forat;
1347 int error = 0, rdonly, len, forat_ret = 1;
1348 int ioflags, aftat_ret = 1, s, adjust, v3, zeroing;
1349 struct mbuf *mb, *mreq, *mrep, *md;
1350 struct vnode *vp = NULL;
1351 struct uio io, *uiop = &io;
1353 struct mount *mntp = NULL;
1357 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1366 mrep = nfsd->nd_mrep;
1368 dpos = nfsd->nd_dpos;
1370 v3 = (nfsd->nd_flag & ND_NFSV3);
1371 LIST_INIT(&nfsd->nd_coalesce);
1372 nfsd->nd_mreq = NULL;
1373 nfsd->nd_stable = NFSV3WRITE_FILESYNC;
1374 cur_usec = nfs_curusec();
1375 nfsd->nd_time = cur_usec +
1376 (v3 ? nfsrvw_procrastinate_v3 : nfsrvw_procrastinate);
1379 * Now, get the write header..
1381 nfsm_srvmtofh(&nfsd->nd_fh);
1383 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
1384 nfsd->nd_off = fxdr_hyper(tl);
1386 nfsd->nd_stable = fxdr_unsigned(int, *tl++);
1388 tl = nfsm_dissect_nonblock(u_int32_t *, 4 * NFSX_UNSIGNED);
1389 nfsd->nd_off = (off_t)fxdr_unsigned(u_int32_t, *++tl);
1392 nfsd->nd_stable = NFSV3WRITE_UNSTABLE;
1394 len = fxdr_unsigned(int32_t, *tl);
1396 nfsd->nd_eoff = nfsd->nd_off + len;
1399 * Trim the header out of the mbuf list and trim off any trailing
1400 * junk so that the mbuf list has only the write data.
1408 adjust = dpos - mtod(mp, caddr_t);
1409 mp->m_len -= adjust;
1410 if (mp->m_len > 0 && adjust > 0)
1411 mp->m_data += adjust;
1418 mp->m_len -= (i - len);
1424 if (len > NFS_MAXDATA || len < 0 || i < len) {
1429 nfsm_writereply(2 * NFSX_UNSIGNED);
1431 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, &va);
1432 nfsd->nd_mreq = mreq;
1433 nfsd->nd_mrep = NULL;
1438 * Add this entry to the hash and time queues.
1442 wp = LIST_FIRST(&slp->ns_tq);
1443 while (wp && wp->nd_time < nfsd->nd_time) {
1445 wp = LIST_NEXT(wp, nd_tq);
1447 NFS_DPF(WG, ("Q%03x", nfsd->nd_retxid & 0xfff));
1449 LIST_INSERT_AFTER(owp, nfsd, nd_tq);
1451 LIST_INSERT_HEAD(&slp->ns_tq, nfsd, nd_tq);
1453 if (nfsd->nd_mrep) {
1454 wpp = NWDELAYHASH(slp, nfsd->nd_fh.fh_fid.fid_data);
1456 wp = LIST_FIRST(wpp);
1458 bcmp((caddr_t)&nfsd->nd_fh,(caddr_t)&wp->nd_fh, NFSX_V3FH)){
1460 wp = LIST_NEXT(wp, nd_hash);
1462 while (wp && wp->nd_off < nfsd->nd_off &&
1463 !bcmp((caddr_t)&nfsd->nd_fh,(caddr_t)&wp->nd_fh, NFSX_V3FH)) {
1465 wp = LIST_NEXT(wp, nd_hash);
1468 LIST_INSERT_AFTER(owp, nfsd, nd_hash);
1471 * Search the hash list for overlapping entries and
1474 for(; nfsd && NFSW_CONTIG(owp, nfsd); nfsd = wp) {
1475 wp = LIST_NEXT(nfsd, nd_hash);
1476 if (nfsrv_samecred(owp->nd_cr, nfsd->nd_cr))
1477 nfsrvw_coalesce(owp, nfsd);
1480 LIST_INSERT_HEAD(wpp, nfsd, nd_hash);
1487 * Now, do VOP_WRITE()s for any one(s) that need to be done now
1488 * and generate the associated reply mbuf list(s).
1491 cur_usec = nfs_curusec();
1493 for (nfsd = LIST_FIRST(&slp->ns_tq); nfsd; nfsd = owp) {
1494 owp = LIST_NEXT(nfsd, nd_tq);
1495 if (nfsd->nd_time > cur_usec)
1499 NFS_DPF(WG, ("P%03x", nfsd->nd_retxid & 0xfff));
1500 LIST_REMOVE(nfsd, nd_tq);
1501 LIST_REMOVE(nfsd, nd_hash);
1503 mrep = nfsd->nd_mrep;
1504 nfsd->nd_mrep = NULL;
1506 v3 = (nfsd->nd_flag & ND_NFSV3);
1507 forat_ret = aftat_ret = 1;
1508 error = nfsrv_fhtovp(&nfsd->nd_fh, 1, &vp, cred, slp,
1509 nfsd->nd_nam, &rdonly, TRUE);
1513 mtx_lock(&Giant); /* VFS */
1514 forat_ret = VOP_GETATTR(vp, &forat, cred, td);
1515 mtx_unlock(&Giant); /* VFS */
1518 if (vp->v_type != VREG) {
1522 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
1528 mtx_lock(&Giant); /* VFS */
1530 error = nfsrv_access_withgiant(vp, VWRITE, cred, rdonly,
1532 if (nfsd->nd_stable == NFSV3WRITE_UNSTABLE)
1533 ioflags = IO_NODELOCKED;
1534 else if (nfsd->nd_stable == NFSV3WRITE_DATASYNC)
1535 ioflags = (IO_SYNC | IO_NODELOCKED);
1537 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1538 uiop->uio_rw = UIO_WRITE;
1539 uiop->uio_segflg = UIO_SYSSPACE;
1540 uiop->uio_td = NULL;
1541 uiop->uio_offset = nfsd->nd_off;
1542 uiop->uio_resid = nfsd->nd_eoff - nfsd->nd_off;
1543 if (uiop->uio_resid > 0) {
1551 uiop->uio_iovcnt = i;
1552 MALLOC(iov, struct iovec *, i * sizeof (struct iovec),
1554 uiop->uio_iov = ivp = iov;
1557 if (mp->m_len > 0) {
1558 ivp->iov_base = mtod(mp, caddr_t);
1559 ivp->iov_len = mp->m_len;
1565 if (vn_start_write(vp, &mntp, V_NOWAIT) != 0) {
1566 VOP_UNLOCK(vp, 0, td);
1567 error = vn_start_write(NULL, &mntp, V_WAIT);
1568 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
1572 error = VOP_WRITE(vp, uiop, ioflags, cred);
1573 /* XXXRW: unlocked write. */
1574 nfsrvstats.srvvop_writes++;
1575 vn_finished_write(mntp);
1577 FREE((caddr_t)iov, M_TEMP);
1581 aftat_ret = VOP_GETATTR(vp, &va, cred, td);
1585 mtx_unlock(&Giant); /* VFS */
1589 * Loop around generating replies for all write rpcs that have
1590 * now been completed.
1594 NFS_DPF(WG, ("R%03x", nfsd->nd_retxid & 0xfff));
1596 nfsm_writereply(NFSX_WCCDATA(v3));
1598 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, &va);
1601 nfsm_writereply(NFSX_PREOPATTR(v3) +
1602 NFSX_POSTOPORFATTR(v3) + 2 * NFSX_UNSIGNED +
1603 NFSX_WRITEVERF(v3));
1605 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, &va);
1606 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
1607 *tl++ = txdr_unsigned(nfsd->nd_len);
1608 *tl++ = txdr_unsigned(swp->nd_stable);
1610 * Actually, there is no need to txdr these fields,
1611 * but it may make the values more human readable,
1612 * for debugging purposes.
1614 if (nfsver.tv_sec == 0)
1616 *tl++ = txdr_unsigned(nfsver.tv_sec);
1617 *tl = txdr_unsigned(nfsver.tv_usec);
1619 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1620 nfsm_srvfillattr(&va, fp);
1623 nfsd->nd_mreq = mreq;
1625 panic("nfsrv_write: nd_mrep not free");
1628 * Done. Put it at the head of the timer queue so that
1629 * the final phase can return the reply.
1634 LIST_INSERT_HEAD(&slp->ns_tq, nfsd, nd_tq);
1636 nfsd = LIST_FIRST(&swp->nd_coalesce);
1638 LIST_REMOVE(nfsd, nd_tq);
1644 LIST_INSERT_HEAD(&slp->ns_tq, swp, nd_tq);
1651 * Search for a reply to return.
1654 LIST_FOREACH(nfsd, &slp->ns_tq, nd_tq)
1655 if (nfsd->nd_mreq) {
1656 NFS_DPF(WG, ("X%03x", nfsd->nd_retxid & 0xfff));
1657 LIST_REMOVE(nfsd, nd_tq);
1658 *mrq = nfsd->nd_mreq;
1667 * Coalesce the write request nfsd into owp. To do this we must:
1668 * - remove nfsd from the queues
1669 * - merge nfsd->nd_mrep into owp->nd_mrep
1670 * - update the nd_eoff and nd_stable for owp
1671 * - put nfsd on owp's nd_coalesce list
1672 * NB: Must be called at splsoftclock().
1675 nfsrvw_coalesce(struct nfsrv_descript *owp, struct nfsrv_descript *nfsd)
1679 struct nfsrv_descript *p;
1683 NFS_DPF(WG, ("C%03x-%03x",
1684 nfsd->nd_retxid & 0xfff, owp->nd_retxid & 0xfff));
1685 LIST_REMOVE(nfsd, nd_hash);
1686 LIST_REMOVE(nfsd, nd_tq);
1687 if (owp->nd_eoff < nfsd->nd_eoff) {
1688 overlap = owp->nd_eoff - nfsd->nd_off;
1690 panic("nfsrv_coalesce: bad off");
1692 m_adj(nfsd->nd_mrep, overlap);
1696 mp->m_next = nfsd->nd_mrep;
1697 owp->nd_eoff = nfsd->nd_eoff;
1699 m_freem(nfsd->nd_mrep);
1700 nfsd->nd_mrep = NULL;
1701 if (nfsd->nd_stable == NFSV3WRITE_FILESYNC)
1702 owp->nd_stable = NFSV3WRITE_FILESYNC;
1703 else if (nfsd->nd_stable == NFSV3WRITE_DATASYNC &&
1704 owp->nd_stable == NFSV3WRITE_UNSTABLE)
1705 owp->nd_stable = NFSV3WRITE_DATASYNC;
1706 LIST_INSERT_HEAD(&owp->nd_coalesce, nfsd, nd_tq);
1709 * If nfsd had anything else coalesced into it, transfer them
1710 * to owp, otherwise their replies will never get sent.
1712 for (p = LIST_FIRST(&nfsd->nd_coalesce); p;
1713 p = LIST_FIRST(&nfsd->nd_coalesce)) {
1714 LIST_REMOVE(p, nd_tq);
1715 LIST_INSERT_HEAD(&owp->nd_coalesce, p, nd_tq);
1720 * nfs create service
1721 * now does a truncate to 0 length via. setattr if it already exists
1724 nfsrv_create(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1725 struct thread *td, struct mbuf **mrq)
1727 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1728 struct sockaddr *nam = nfsd->nd_nam;
1729 caddr_t dpos = nfsd->nd_dpos;
1730 struct ucred *cred = nfsd->nd_cr;
1731 struct nfs_fattr *fp;
1732 struct vattr va, dirfor, diraft;
1733 struct vattr *vap = &va;
1734 struct nfsv2_sattr *sp;
1736 struct nameidata nd;
1738 int error = 0, rdev, len, tsize, dirfor_ret = 1, diraft_ret = 1;
1739 int v3 = (nfsd->nd_flag & ND_NFSV3), how, exclusive_flag = 0;
1741 struct mbuf *mb, *mreq;
1742 struct vnode *dirp = NULL;
1746 u_char cverf[NFSX_V3CREATEVERF];
1747 struct mount *mp = NULL;
1751 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1757 fhp = &nfh.fh_generic;
1759 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1764 mtx_lock(&Giant); /* VFS */
1765 (void) vn_start_write(NULL, &mp, V_WAIT);
1766 mtx_unlock(&Giant); /* VFS */
1768 nfsm_srvnamesiz(len);
1770 nd.ni_cnd.cn_cred = cred;
1771 nd.ni_cnd.cn_nameiop = CREATE;
1772 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART;
1775 * Call namei and do initial cleanup to get a few things
1776 * out of the way. If we get an initial error we cleanup
1777 * and return here to avoid special-casing the invalid nd
1778 * structure through the rest of the case. dirp may be
1779 * set even if an error occurs, but the nd structure will not
1780 * be valid at all if an error occurs so we have to invalidate it
1781 * prior to calling nfsm_reply ( which might goto nfsmout ).
1783 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
1784 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
1787 mtx_lock(&Giant); /* VFS */
1789 mtx_unlock(&Giant); /* VFS */
1794 nfsm_reply(NFSX_WCCDATA(v3));
1796 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1802 * No error. Continue. State:
1804 * startdir is valid ( we release this immediately )
1806 * nd.ni_vp may be valid
1807 * nd.ni_dvp is valid
1809 * The error state is set through the code and we may also do some
1810 * opportunistic releasing of vnodes to avoid holding locks through
1811 * NFS I/O. The cleanup at the end is a catch-all
1816 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
1817 how = fxdr_unsigned(int, *tl);
1819 case NFSV3CREATE_GUARDED:
1825 case NFSV3CREATE_UNCHECKED:
1828 case NFSV3CREATE_EXCLUSIVE:
1829 cp = nfsm_dissect_nonblock(caddr_t, NFSX_V3CREATEVERF);
1830 bcopy(cp, cverf, NFSX_V3CREATEVERF);
1834 vap->va_type = VREG;
1836 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
1837 vap->va_type = IFTOVT(fxdr_unsigned(u_int32_t, sp->sa_mode));
1838 if (vap->va_type == VNON)
1839 vap->va_type = VREG;
1840 vap->va_mode = nfstov_mode(sp->sa_mode);
1841 switch (vap->va_type) {
1843 tsize = fxdr_unsigned(int32_t, sp->sa_size);
1845 vap->va_size = (u_quad_t)tsize;
1850 rdev = fxdr_unsigned(long, sp->sa_size);
1858 * Iff doesn't exist, create it
1859 * otherwise just truncate to 0 length
1860 * should I set the mode too ?
1862 * The only possible error we can have at this point is EEXIST.
1863 * nd.ni_vp will also be non-NULL in that case.
1866 mtx_lock(&Giant); /* VFS */
1867 if (nd.ni_vp == NULL) {
1868 if (vap->va_mode == (mode_t)VNOVAL)
1870 if (vap->va_type == VREG || vap->va_type == VSOCK) {
1871 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1873 NDFREE(&nd, NDF_ONLY_PNBUF);
1875 if (exclusive_flag) {
1878 bcopy(cverf, (caddr_t)&vap->va_atime,
1880 error = VOP_SETATTR(nd.ni_vp, vap, cred,
1884 } else if (vap->va_type == VCHR || vap->va_type == VBLK ||
1885 vap->va_type == VFIFO) {
1887 * NFSv2-specific code for creating device nodes
1890 * Handle SysV FIFO node special cases. All other
1891 * devices require super user to access.
1893 if (vap->va_type == VCHR && rdev == 0xffffffff)
1894 vap->va_type = VFIFO;
1895 if (vap->va_type != VFIFO &&
1896 (error = suser_cred(cred, 0))) {
1899 vap->va_rdev = rdev;
1900 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1902 NDFREE(&nd, NDF_ONLY_PNBUF);
1909 * release dvp prior to lookup
1917 * Even though LOCKPARENT was cleared, ni_dvp may
1920 nd.ni_cnd.cn_nameiop = LOOKUP;
1921 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
1922 nd.ni_cnd.cn_thread = td;
1923 nd.ni_cnd.cn_cred = cred;
1925 error = lookup(&nd);
1930 if (nd.ni_cnd.cn_flags & ISSYMLINK) {
1938 if (vap->va_size != -1) {
1939 error = nfsrv_access_withgiant(nd.ni_vp, VWRITE,
1940 cred, (nd.ni_cnd.cn_flags & RDONLY), td, 0);
1942 tempsize = vap->va_size;
1944 vap->va_size = tempsize;
1945 error = VOP_SETATTR(nd.ni_vp, vap, cred,
1952 bzero((caddr_t)fhp, sizeof(nfh));
1953 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
1954 error = VFS_VPTOFH(nd.ni_vp, &fhp->fh_fid);
1956 error = VOP_GETATTR(nd.ni_vp, vap, cred, td);
1959 if (exclusive_flag && !error &&
1960 bcmp(cverf, (caddr_t)&vap->va_atime, NFSX_V3CREATEVERF))
1962 if (dirp == nd.ni_dvp)
1963 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
1965 /* Drop the other locks to avoid deadlock. */
1967 if (nd.ni_dvp == nd.ni_vp)
1977 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
1978 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
1979 VOP_UNLOCK(dirp, 0, td);
1983 NFSD_UNLOCK_ASSERT();
1984 mtx_unlock(&Giant); /* VFS */
1988 nfsm_reply(NFSX_SRVFH(v3) + NFSX_FATTR(v3) + NFSX_WCCDATA(v3));
1991 nfsm_srvpostop_fh(fhp);
1992 nfsm_srvpostop_attr(0, vap);
1994 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1995 } else if (!error) {
1996 /* v2 non-error case. */
1997 nfsm_srvfhtom(fhp, v3);
1998 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1999 nfsm_srvfillattr(vap, fp);
2006 mtx_lock(&Giant); /* VFS */
2008 if (nd.ni_dvp == nd.ni_vp)
2015 if (nd.ni_startdir) {
2016 vrele(nd.ni_startdir);
2017 nd.ni_startdir = NULL;
2021 NDFREE(&nd, NDF_ONLY_PNBUF);
2022 vn_finished_write(mp);
2023 mtx_unlock(&Giant); /* VFS */
2029 * nfs v3 mknod service
2032 nfsrv_mknod(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2033 struct thread *td, struct mbuf **mrq)
2035 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2036 struct sockaddr *nam = nfsd->nd_nam;
2037 caddr_t dpos = nfsd->nd_dpos;
2038 struct ucred *cred = nfsd->nd_cr;
2039 struct vattr va, dirfor, diraft;
2040 struct vattr *vap = &va;
2042 struct nameidata nd;
2044 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2045 u_int32_t major, minor;
2047 struct mbuf *mb, *mreq;
2048 struct vnode *vp, *dirp = NULL;
2051 struct mount *mp = NULL;
2052 int v3 = (nfsd->nd_flag & ND_NFSV3);
2056 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2058 panic("nfsrv_mknod: v3 proc called on a v2 connection");
2061 fhp = &nfh.fh_generic;
2063 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2068 mtx_lock(&Giant); /* VFS */
2069 (void) vn_start_write(NULL, &mp, V_WAIT);
2070 mtx_unlock(&Giant); /* VFS */
2072 nfsm_srvnamesiz(len);
2074 nd.ni_cnd.cn_cred = cred;
2075 nd.ni_cnd.cn_nameiop = CREATE;
2076 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART;
2079 * Handle nfs_namei() call. If an error occurs, the nd structure
2080 * is not valid. However, nfsm_*() routines may still jump to
2084 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
2085 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2087 nfsm_reply(NFSX_WCCDATA(1));
2088 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2092 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
2093 vtyp = nfsv3tov_type(*tl);
2094 if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
2096 mtx_lock(&Giant); /* VFS */
2097 error = NFSERR_BADTYPE;
2102 if (vtyp == VCHR || vtyp == VBLK) {
2103 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
2104 major = fxdr_unsigned(u_int32_t, *tl++);
2105 minor = fxdr_unsigned(u_int32_t, *tl);
2106 vap->va_rdev = makedev(major, minor);
2110 * Iff doesn't exist, create it.
2114 mtx_lock(&Giant); /* VFS */
2118 vap->va_type = vtyp;
2119 if (vap->va_mode == (mode_t)VNOVAL)
2122 mtx_lock(&Giant); /* VFS */
2123 if (vtyp == VSOCK) {
2124 vrele(nd.ni_startdir);
2125 nd.ni_startdir = NULL;
2126 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
2128 NDFREE(&nd, NDF_ONLY_PNBUF);
2130 if (vtyp != VFIFO && (error = suser_cred(cred, 0)))
2132 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
2134 NDFREE(&nd, NDF_ONLY_PNBUF);
2141 * Release dvp prior to lookup
2146 nd.ni_cnd.cn_nameiop = LOOKUP;
2147 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
2148 nd.ni_cnd.cn_thread = td;
2149 nd.ni_cnd.cn_cred = td->td_ucred;
2151 error = lookup(&nd);
2156 if (nd.ni_cnd.cn_flags & ISSYMLINK)
2161 * send response, cleanup, return.
2164 NFSD_UNLOCK_ASSERT();
2167 bzero((caddr_t)fhp, sizeof(nfh));
2168 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
2169 error = VFS_VPTOFH(vp, &fhp->fh_fid);
2171 error = VOP_GETATTR(vp, vap, cred, td);
2174 if (nd.ni_dvp == nd.ni_vp)
2185 if (nd.ni_startdir) {
2186 vrele(nd.ni_startdir);
2187 nd.ni_startdir = NULL;
2189 NDFREE(&nd, NDF_ONLY_PNBUF);
2191 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2192 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2193 VOP_UNLOCK(dirp, 0, td);
2195 mtx_unlock(&Giant); /* VFS */
2199 nfsm_reply(NFSX_SRVFH(1) + NFSX_POSTOPATTR(1) + NFSX_WCCDATA(1));
2202 nfsm_srvpostop_fh(fhp);
2203 nfsm_srvpostop_attr(0, vap);
2205 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2208 mtx_lock(&Giant); /* VFS */
2209 vn_finished_write(mp);
2210 mtx_unlock(&Giant); /* VFS */
2216 mtx_lock(&Giant); /* VFS */
2218 if (nd.ni_dvp == nd.ni_vp)
2228 vrele(nd.ni_startdir);
2229 NDFREE(&nd, NDF_ONLY_PNBUF);
2230 vn_finished_write(mp);
2231 mtx_unlock(&Giant); /* VFS */
2237 * nfs remove service
2240 nfsrv_remove(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2241 struct thread *td, struct mbuf **mrq)
2243 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2244 struct sockaddr *nam = nfsd->nd_nam;
2245 caddr_t dpos = nfsd->nd_dpos;
2246 struct ucred *cred = nfsd->nd_cr;
2247 struct nameidata nd;
2249 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2250 int v3 = (nfsd->nd_flag & ND_NFSV3);
2251 struct mbuf *mb, *mreq;
2253 struct vattr dirfor, diraft;
2256 struct mount *mp = NULL;
2260 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2263 fhp = &nfh.fh_generic;
2265 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2270 mtx_lock(&Giant); /* VFS */
2271 (void) vn_start_write(NULL, &mp, V_WAIT);
2272 mtx_unlock(&Giant); /* VFS */
2274 nfsm_srvnamesiz(len);
2276 nd.ni_cnd.cn_cred = cred;
2277 nd.ni_cnd.cn_nameiop = DELETE;
2278 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
2279 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
2280 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2282 mtx_lock(&Giant); /* VFS */
2288 if (nd.ni_vp->v_type == VDIR) {
2289 error = EPERM; /* POSIX */
2293 * The root of a mounted filesystem cannot be deleted.
2295 if (nd.ni_vp->v_vflag & VV_ROOT) {
2300 NFSD_UNLOCK_ASSERT();
2302 error = VOP_REMOVE(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
2303 NDFREE(&nd, NDF_ONLY_PNBUF);
2307 if (dirp == nd.ni_dvp)
2308 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2310 /* Drop the other locks to avoid deadlock. */
2312 if (nd.ni_dvp == nd.ni_vp)
2322 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2323 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2324 VOP_UNLOCK(dirp, 0, td);
2329 mtx_unlock(&Giant); /* VFS */
2333 nfsm_reply(NFSX_WCCDATA(v3));
2335 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2341 mtx_lock(&Giant); /* VFS */
2342 NDFREE(&nd, NDF_ONLY_PNBUF);
2344 if (nd.ni_dvp == nd.ni_vp)
2351 vn_finished_write(mp);
2352 mtx_unlock(&Giant); /* VFS */
2358 * nfs rename service
2361 nfsrv_rename(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2362 struct thread *td, struct mbuf **mrq)
2364 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2365 struct sockaddr *nam = nfsd->nd_nam;
2366 caddr_t dpos = nfsd->nd_dpos;
2367 struct ucred *cred = nfsd->nd_cr;
2369 int error = 0, len, len2, fdirfor_ret = 1, fdiraft_ret = 1;
2370 int tdirfor_ret = 1, tdiraft_ret = 1;
2371 int v3 = (nfsd->nd_flag & ND_NFSV3);
2372 struct mbuf *mb, *mreq;
2373 struct nameidata fromnd, tond;
2374 struct vnode *fvp, *tvp, *tdvp, *fdirp = NULL;
2375 struct vnode *tdirp = NULL;
2376 struct vattr fdirfor, fdiraft, tdirfor, tdiraft;
2378 fhandle_t *ffhp, *tfhp;
2380 struct mount *mp = NULL;
2384 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2388 ffhp = &fnfh.fh_generic;
2389 tfhp = &tnfh.fh_generic;
2392 * Clear fields incase goto nfsmout occurs from macro.
2398 nfsm_srvmtofh(ffhp);
2399 if ((mp = vfs_getvfs(&ffhp->fh_fsid)) == NULL) {
2405 (void) vn_start_write(NULL, &mp, V_WAIT);
2408 nfsm_srvnamesiz(len);
2410 * Remember our original uid so that we can reset cr_uid before
2411 * the second nfs_namei() call, in case it is remapped.
2413 saved_uid = cred->cr_uid;
2414 fromnd.ni_cnd.cn_cred = cred;
2415 fromnd.ni_cnd.cn_nameiop = DELETE;
2416 fromnd.ni_cnd.cn_flags = WANTPARENT | SAVESTART;
2417 error = nfs_namei(&fromnd, ffhp, len, slp, nam, &md,
2418 &dpos, &fdirp, v3, &fdirfor, &fdirfor_ret, td, FALSE);
2421 mtx_lock(&Giant); /* VFS */
2423 mtx_unlock(&Giant); /* VFS */
2428 nfsm_reply(2 * NFSX_WCCDATA(v3));
2430 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
2431 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
2437 nfsm_srvmtofh(tfhp);
2438 nfsm_srvnamesiz(len2);
2439 cred->cr_uid = saved_uid;
2440 tond.ni_cnd.cn_cred = cred;
2441 tond.ni_cnd.cn_nameiop = RENAME;
2442 tond.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART;
2443 error = nfs_namei(&tond, tfhp, len2, slp, nam, &md,
2444 &dpos, &tdirp, v3, &tdirfor, &tdirfor_ret, td, FALSE);
2446 mtx_lock(&Giant); /* VFS */
2452 mtx_unlock(&Giant); /* VFS */
2460 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
2466 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
2473 if (tvp->v_type == VDIR && tvp->v_mountedhere) {
2481 if (fvp->v_type == VDIR && fvp->v_mountedhere) {
2488 if (fvp->v_mount != tdvp->v_mount) {
2502 * If source is the same as the destination (that is the
2503 * same vnode with the same name in the same directory),
2504 * then there is nothing to do.
2506 if (fvp == tvp && fromnd.ni_dvp == tdvp &&
2507 fromnd.ni_cnd.cn_namelen == tond.ni_cnd.cn_namelen &&
2508 !bcmp(fromnd.ni_cnd.cn_nameptr, tond.ni_cnd.cn_nameptr,
2509 fromnd.ni_cnd.cn_namelen))
2512 NFSD_UNLOCK_ASSERT();
2515 * The VOP_RENAME function releases all vnode references &
2516 * locks prior to returning so we need to clear the pointers
2517 * to bypass cleanup code later on.
2519 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
2520 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
2521 fromnd.ni_dvp = NULL;
2522 fromnd.ni_vp = NULL;
2526 fromnd.ni_cnd.cn_flags &= ~HASBUF;
2527 tond.ni_cnd.cn_flags &= ~HASBUF;
2535 mtx_unlock(&Giant); /* VFS */
2539 nfsm_reply(2 * NFSX_WCCDATA(v3));
2541 /* Release existing locks to prevent deadlock. */
2543 mtx_lock(&Giant); /* VFS */
2545 if (tond.ni_dvp == tond.ni_vp)
2556 vn_lock(fdirp, LK_EXCLUSIVE | LK_RETRY, td);
2557 fdiraft_ret = VOP_GETATTR(fdirp, &fdiraft, cred, td);
2558 VOP_UNLOCK(fdirp, 0, td);
2561 vn_lock(tdirp, LK_EXCLUSIVE | LK_RETRY, td);
2562 tdiraft_ret = VOP_GETATTR(tdirp, &tdiraft, cred, td);
2563 VOP_UNLOCK(tdirp, 0, td);
2565 mtx_unlock(&Giant); /* VFS */
2567 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
2568 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
2575 * Clear out tond related fields
2579 mtx_lock(&Giant); /* VFS */
2581 if (tond.ni_dvp == tond.ni_vp)
2590 if (tond.ni_startdir)
2591 vrele(tond.ni_startdir);
2592 NDFREE(&tond, NDF_ONLY_PNBUF);
2594 * Clear out fromnd related fields
2598 if (fromnd.ni_startdir)
2599 vrele(fromnd.ni_startdir);
2600 NDFREE(&fromnd, NDF_ONLY_PNBUF);
2602 vrele(fromnd.ni_dvp);
2604 vrele(fromnd.ni_vp);
2606 vn_finished_write(mp);
2607 mtx_unlock(&Giant); /* VFS */
2616 nfsrv_link(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2617 struct thread *td, struct mbuf **mrq)
2619 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2620 struct sockaddr *nam = nfsd->nd_nam;
2621 caddr_t dpos = nfsd->nd_dpos;
2622 struct ucred *cred = nfsd->nd_cr;
2623 struct nameidata nd;
2625 int error = 0, rdonly, len, dirfor_ret = 1, diraft_ret = 1;
2626 int getret = 1, v3 = (nfsd->nd_flag & ND_NFSV3);
2627 struct mbuf *mb, *mreq;
2628 struct vnode *vp = NULL, *xp, *dirp = NULL;
2629 struct vattr dirfor, diraft, at;
2631 fhandle_t *fhp, *dfhp;
2632 struct mount *mp = NULL;
2636 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2639 fhp = &nfh.fh_generic;
2640 dfhp = &dnfh.fh_generic;
2642 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2647 mtx_lock(&Giant); /* VFS */
2648 (void) vn_start_write(NULL, &mp, V_WAIT);
2649 mtx_unlock(&Giant); /* VFS */
2651 nfsm_srvmtofh(dfhp);
2652 nfsm_srvnamesiz(len);
2654 error = nfsrv_fhtovp(fhp, TRUE, &vp, cred, slp, nam, &rdonly, TRUE);
2656 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2658 nfsm_srvpostop_attr(getret, &at);
2659 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2666 mtx_lock(&Giant); /* VFS */
2668 getret = VOP_GETATTR(vp, &at, cred, td);
2669 if (vp->v_type == VDIR) {
2670 error = EPERM; /* POSIX */
2673 VOP_UNLOCK(vp, 0, td);
2674 nd.ni_cnd.cn_cred = cred;
2675 nd.ni_cnd.cn_nameiop = CREATE;
2676 nd.ni_cnd.cn_flags = LOCKPARENT;
2677 mtx_unlock(&Giant); /* VFS */
2679 error = nfs_namei(&nd, dfhp, len, slp, nam, &md, &dpos,
2680 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2682 mtx_lock(&Giant); /* VFS */
2700 if (vp->v_mount != xp->v_mount) {
2706 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2707 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
2708 NDFREE(&nd, NDF_ONLY_PNBUF);
2713 getret = VOP_GETATTR(vp, &at, cred, td);
2716 if (dirp == nd.ni_dvp)
2717 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2719 /* Release existing locks to prevent deadlock. */
2721 if (nd.ni_dvp == nd.ni_vp)
2731 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2732 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2733 VOP_UNLOCK(dirp, 0, td);
2736 mtx_unlock(&Giant); /* VFS */
2740 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2742 nfsm_srvpostop_attr(getret, &at);
2743 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2751 mtx_lock(&Giant); /* VFS */
2752 NDFREE(&nd, NDF_ONLY_PNBUF);
2756 if (nd.ni_dvp == nd.ni_vp)
2765 vn_finished_write(mp);
2766 mtx_unlock(&Giant); /* VFS */
2772 * nfs symbolic link service
2775 nfsrv_symlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2776 struct thread *td, struct mbuf **mrq)
2778 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2779 struct sockaddr *nam = nfsd->nd_nam;
2780 caddr_t dpos = nfsd->nd_dpos;
2781 struct ucred *cred = nfsd->nd_cr;
2782 struct vattr va, dirfor, diraft;
2783 struct nameidata nd;
2784 struct vattr *vap = &va;
2785 struct nfsv2_sattr *sp;
2786 char *bpos, *pathcp = NULL;
2789 int error = 0, len, len2, dirfor_ret = 1, diraft_ret = 1;
2790 int v3 = (nfsd->nd_flag & ND_NFSV3);
2791 struct mbuf *mb, *mreq;
2792 struct vnode *dirp = NULL;
2795 struct mount *mp = NULL;
2799 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2802 fhp = &nfh.fh_generic;
2804 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2806 mtx_lock(&Giant); /* VFS */
2811 mtx_lock(&Giant); /* VFS */
2812 (void) vn_start_write(NULL, &mp, V_WAIT);
2813 mtx_unlock(&Giant); /* VFS */
2815 nfsm_srvnamesiz(len);
2816 nd.ni_cnd.cn_cred = cred;
2817 nd.ni_cnd.cn_nameiop = CREATE;
2818 nd.ni_cnd.cn_flags = LOCKPARENT | SAVESTART;
2819 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
2820 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
2822 mtx_lock(&Giant); /* VFS */
2833 nfsm_srvpathsiz(len2);
2834 MALLOC(pathcp, caddr_t, len2 + 1, M_TEMP, M_WAITOK);
2835 iv.iov_base = pathcp;
2837 io.uio_resid = len2;
2841 io.uio_segflg = UIO_SYSSPACE;
2842 io.uio_rw = UIO_READ;
2844 nfsm_mtouio(&io, len2);
2846 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
2847 vap->va_mode = nfstov_mode(sp->sa_mode);
2849 *(pathcp + len2) = '\0';
2856 * issue symlink op. SAVESTART is set so the underlying path component
2857 * is only freed by the VOP if an error occurs.
2859 if (vap->va_mode == (mode_t)VNOVAL)
2861 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap, pathcp);
2863 NDFREE(&nd, NDF_ONLY_PNBUF);
2868 * releases directory prior to potential lookup op.
2876 * Issue lookup. Leave SAVESTART set so we can easily free
2877 * the name buffer later on.
2879 * since LOCKPARENT is not set, ni_dvp will be garbage on
2880 * return whether an error occurs or not.
2882 nd.ni_cnd.cn_nameiop = LOOKUP;
2883 nd.ni_cnd.cn_flags &= ~(LOCKPARENT | FOLLOW);
2884 nd.ni_cnd.cn_flags |= (NOFOLLOW | LOCKLEAF);
2885 nd.ni_cnd.cn_thread = td;
2886 nd.ni_cnd.cn_cred = cred;
2888 error = lookup(&nd);
2892 bzero((caddr_t)fhp, sizeof(nfh));
2893 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
2894 error = VFS_VPTOFH(nd.ni_vp, &fhp->fh_fid);
2896 error = VOP_GETATTR(nd.ni_vp, vap, cred,
2904 NFSD_UNLOCK_ASSERT();
2906 * These releases aren't strictly required, does even doing them
2907 * make any sense? XXX can nfsm_reply() block?
2910 FREE(pathcp, M_TEMP);
2914 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
2915 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
2916 VOP_UNLOCK(dirp, 0, td);
2918 if (nd.ni_startdir) {
2919 vrele(nd.ni_startdir);
2920 nd.ni_startdir = NULL;
2922 mtx_unlock(&Giant); /* VFS */
2924 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2927 nfsm_srvpostop_fh(fhp);
2928 nfsm_srvpostop_attr(0, vap);
2930 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2938 mtx_lock(&Giant); /* VFS */
2939 NDFREE(&nd, NDF_ONLY_PNBUF);
2941 if (nd.ni_dvp == nd.ni_vp)
2949 vrele(nd.ni_startdir);
2953 FREE(pathcp, M_TEMP);
2955 vn_finished_write(mp);
2956 mtx_unlock(&Giant); /* VFS */
2965 nfsrv_mkdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2966 struct thread *td, struct mbuf **mrq)
2968 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2969 struct sockaddr *nam = nfsd->nd_nam;
2970 caddr_t dpos = nfsd->nd_dpos;
2971 struct ucred *cred = nfsd->nd_cr;
2972 struct vattr va, dirfor, diraft;
2973 struct vattr *vap = &va;
2974 struct nfs_fattr *fp;
2975 struct nameidata nd;
2978 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2979 int v3 = (nfsd->nd_flag & ND_NFSV3);
2980 struct mbuf *mb, *mreq;
2981 struct vnode *dirp = NULL;
2985 struct mount *mp = NULL;
2989 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2992 fhp = &nfh.fh_generic;
2994 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2996 mtx_lock(&Giant); /* VFS */
3001 mtx_lock(&Giant); /* VFS */
3002 (void) vn_start_write(NULL, &mp, V_WAIT);
3003 mtx_unlock(&Giant); /* VFS */
3005 nfsm_srvnamesiz(len);
3006 nd.ni_cnd.cn_cred = cred;
3007 nd.ni_cnd.cn_nameiop = CREATE;
3008 nd.ni_cnd.cn_flags = LOCKPARENT;
3010 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
3011 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
3014 mtx_lock(&Giant); /* VFS */
3016 mtx_unlock(&Giant); /* VFS */
3021 nfsm_reply(NFSX_WCCDATA(v3));
3023 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3031 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
3032 vap->va_mode = nfstov_mode(*tl++);
3036 * At this point nd.ni_dvp is referenced and exclusively locked and
3037 * nd.ni_vp, if it exists, is referenced but not locked.
3041 mtx_lock(&Giant); /* VFS */
3042 vap->va_type = VDIR;
3043 if (nd.ni_vp != NULL) {
3044 NDFREE(&nd, NDF_ONLY_PNBUF);
3050 * Issue mkdir op. Since SAVESTART is not set, the pathname
3051 * component is freed by the VOP call. This will fill-in
3052 * nd.ni_vp, reference, and exclusively lock it.
3054 if (vap->va_mode == (mode_t)VNOVAL)
3056 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
3057 NDFREE(&nd, NDF_ONLY_PNBUF);
3064 bzero((caddr_t)fhp, sizeof(nfh));
3065 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
3066 error = VFS_VPTOFH(nd.ni_vp, &fhp->fh_fid);
3068 error = VOP_GETATTR(nd.ni_vp, vap, cred, td);
3071 NFSD_UNLOCK_ASSERT();
3073 if (dirp == nd.ni_dvp) {
3074 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3076 /* Release existing locks to prevent deadlock. */
3078 NDFREE(&nd, NDF_ONLY_PNBUF);
3079 if (nd.ni_dvp == nd.ni_vp && vpexcl)
3092 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
3093 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3094 VOP_UNLOCK(dirp, 0, td);
3097 mtx_unlock(&Giant); /* VFS */
3099 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
3102 nfsm_srvpostop_fh(fhp);
3103 nfsm_srvpostop_attr(0, vap);
3105 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3106 } else if (!error) {
3107 /* v2 non-error case. */
3108 nfsm_srvfhtom(fhp, v3);
3109 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
3110 nfsm_srvfillattr(vap, fp);
3118 mtx_lock(&Giant); /* VFS */
3120 NDFREE(&nd, NDF_ONLY_PNBUF);
3121 if (nd.ni_dvp == nd.ni_vp && vpexcl)
3134 vn_finished_write(mp);
3135 mtx_unlock(&Giant); /* VFS */
3144 nfsrv_rmdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3145 struct thread *td, struct mbuf **mrq)
3147 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3148 struct sockaddr *nam = nfsd->nd_nam;
3149 caddr_t dpos = nfsd->nd_dpos;
3150 struct ucred *cred = nfsd->nd_cr;
3152 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
3153 int v3 = (nfsd->nd_flag & ND_NFSV3);
3154 struct mbuf *mb, *mreq;
3155 struct vnode *vp, *dirp = NULL;
3156 struct vattr dirfor, diraft;
3159 struct nameidata nd;
3160 struct mount *mp = NULL;
3164 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3167 fhp = &nfh.fh_generic;
3169 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
3174 mtx_lock(&Giant); /* VFS */
3175 (void) vn_start_write(NULL, &mp, V_WAIT);
3176 mtx_unlock(&Giant); /* VFS */
3178 nfsm_srvnamesiz(len);
3179 nd.ni_cnd.cn_cred = cred;
3180 nd.ni_cnd.cn_nameiop = DELETE;
3181 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
3182 error = nfs_namei(&nd, fhp, len, slp, nam, &md, &dpos,
3183 &dirp, v3, &dirfor, &dirfor_ret, td, FALSE);
3186 mtx_lock(&Giant); /* VFS */
3188 mtx_unlock(&Giant); /* VFS */
3193 nfsm_reply(NFSX_WCCDATA(v3));
3195 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3200 if (vp->v_type != VDIR) {
3205 * No rmdir "." please.
3207 if (nd.ni_dvp == vp) {
3212 * The root of a mounted filesystem cannot be deleted.
3214 if (vp->v_vflag & VV_ROOT)
3218 * Issue or abort op. Since SAVESTART is not set, path name
3219 * component is freed by the VOP after either.
3223 mtx_lock(&Giant); /* VFS */
3225 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3226 NDFREE(&nd, NDF_ONLY_PNBUF);
3229 if (dirp == nd.ni_dvp)
3230 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3232 /* Release existing locks to prevent deadlock. */
3234 if (nd.ni_dvp == nd.ni_vp)
3243 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY, td);
3244 diraft_ret = VOP_GETATTR(dirp, &diraft, cred, td);
3245 VOP_UNLOCK(dirp, 0, td);
3248 mtx_unlock(&Giant); /* VFS */
3250 nfsm_reply(NFSX_WCCDATA(v3));
3253 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
3259 mtx_lock(&Giant); /* VFS */
3260 NDFREE(&nd, NDF_ONLY_PNBUF);
3262 if (nd.ni_dvp == nd.ni_vp)
3272 vn_finished_write(mp);
3273 mtx_unlock(&Giant); /* VFS */
3279 * nfs readdir service
3280 * - mallocs what it thinks is enough to read
3281 * count rounded up to a multiple of NFS_DIRBLKSIZ <= NFS_MAXREADDIR
3282 * - calls VOP_READDIR()
3283 * - loops around building the reply
3284 * if the output generated exceeds count break out of loop
3285 * The nfsm_clget macro is used here so that the reply will be packed
3286 * tightly in mbuf clusters.
3287 * - it only knows that it has encountered eof when the VOP_READDIR()
3289 * - as such one readdir rpc will return eof false although you are there
3290 * and then the next will return eof
3291 * - it trims out records with d_fileno == 0
3292 * this doesn't matter for Unix clients, but they might confuse clients
3294 * NB: It is tempting to set eof to true if the VOP_READDIR() reads less
3295 * than requested, but this may not apply to all filesystems. For
3296 * example, client NFS does not { although it is never remote mounted
3298 * The alternate call nfsrv_readdirplus() does lookups as well.
3299 * PS: The NFS protocol spec. does not clarify what the "count" byte
3300 * argument is a count of.. just name strings and file id's or the
3301 * entire reply rpc or ...
3302 * I tried just file name and id sizes and it confused the Sun client,
3303 * so I am using the full rpc size now. The "paranoia.." comment refers
3304 * to including the status longwords that are not a part of the dir.
3305 * "entry" structures, but are in the rpc.
3309 u_int32_t fl_postopok;
3310 u_int32_t fl_fattr[NFSX_V3FATTR / sizeof (u_int32_t)];
3312 u_int32_t fl_fhsize;
3313 u_int32_t fl_nfh[NFSX_V3FH / sizeof (u_int32_t)];
3317 nfsrv_readdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3318 struct thread *td, struct mbuf **mrq)
3320 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3321 struct sockaddr *nam = nfsd->nd_nam;
3322 caddr_t dpos = nfsd->nd_dpos;
3323 struct ucred *cred = nfsd->nd_cr;
3330 struct mbuf *mb, *mreq;
3331 char *cpos, *cend, *rbuf;
3332 struct vnode *vp = NULL;
3338 int len, nlen, rem, xfer, tsiz, i, error = 0, getret = 1;
3339 int siz, cnt, fullsiz, eofflag, rdonly, ncookies;
3340 int v3 = (nfsd->nd_flag & ND_NFSV3);
3341 u_quad_t off, toff, verf;
3342 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
3346 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3347 fhp = &nfh.fh_generic;
3350 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
3351 toff = fxdr_hyper(tl);
3353 verf = fxdr_hyper(tl);
3356 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
3357 toff = fxdr_unsigned(u_quad_t, *tl++);
3358 verf = 0; /* shut up gcc */
3361 cnt = fxdr_unsigned(int, *tl);
3362 siz = ((cnt + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3363 xfer = NFS_SRVMAXDATA(nfsd);
3369 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
3370 if (!error && vp->v_type != VDIR) {
3373 mtx_lock(&Giant); /* VFS */
3375 mtx_unlock(&Giant); /* VFS */
3380 nfsm_reply(NFSX_UNSIGNED);
3382 nfsm_srvpostop_attr(getret, &at);
3388 * Obtain lock on vnode for this section of the code
3391 mtx_lock(&Giant); /* VFS */
3393 error = getret = VOP_GETATTR(vp, &at, cred, td);
3396 * XXX This check may be too strict for Solaris 2.5 clients.
3398 if (!error && toff && verf && verf != at.va_filerev)
3399 error = NFSERR_BAD_COOKIE;
3403 error = nfsrv_access_withgiant(vp, VEXEC, cred, rdonly, td, 0);
3406 mtx_unlock(&Giant); /* VFS */
3409 nfsm_reply(NFSX_POSTOPATTR(v3));
3411 nfsm_srvpostop_attr(getret, &at);
3415 VOP_UNLOCK(vp, 0, td);
3418 * end section. Allocate rbuf and continue
3420 MALLOC(rbuf, caddr_t, siz, M_TEMP, M_WAITOK);
3422 NFSD_UNLOCK_ASSERT();
3424 iv.iov_len = fullsiz;
3427 io.uio_offset = (off_t)off;
3428 io.uio_resid = fullsiz;
3429 io.uio_segflg = UIO_SYSSPACE;
3430 io.uio_rw = UIO_READ;
3433 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3435 free((caddr_t)cookies, M_TEMP);
3438 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
3439 off = (off_t)io.uio_offset;
3440 if (!cookies && !error)
3441 error = NFSERR_PERM;
3443 getret = VOP_GETATTR(vp, &at, cred, td);
3447 VOP_UNLOCK(vp, 0, td);
3450 mtx_unlock(&Giant); /* VFS */
3452 free((caddr_t)rbuf, M_TEMP);
3454 free((caddr_t)cookies, M_TEMP);
3456 nfsm_reply(NFSX_POSTOPATTR(v3));
3458 nfsm_srvpostop_attr(getret, &at);
3463 siz -= io.uio_resid;
3466 * If nothing read, return eof
3471 mtx_unlock(&Giant); /* VFS */
3474 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) +
3477 nfsm_srvpostop_attr(getret, &at);
3478 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
3479 txdr_hyper(at.va_filerev, tl);
3482 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3483 *tl++ = nfsrv_nfs_false;
3484 *tl = nfsrv_nfs_true;
3485 FREE((caddr_t)rbuf, M_TEMP);
3486 FREE((caddr_t)cookies, M_TEMP);
3493 * Check for degenerate cases of nothing useful read.
3494 * If so go try again
3498 dp = (struct dirent *)cpos;
3501 * For some reason FreeBSD's ufs_readdir() chooses to back the
3502 * directory offset up to a block boundary, so it is necessary to
3503 * skip over the records that precede the requested offset. This
3504 * requires the assumption that file offset cookies monotonically
3507 while (cpos < cend && ncookies > 0 &&
3508 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
3509 ((u_quad_t)(*cookiep)) <= toff)) {
3510 cpos += dp->d_reclen;
3511 dp = (struct dirent *)cpos;
3515 if (cpos >= cend || ncookies == 0) {
3521 mtx_unlock(&Giant); /* VFS */
3523 len = 3 * NFSX_UNSIGNED; /* paranoia, probably can be 0 */
3524 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) + siz);
3526 nfsm_srvpostop_attr(getret, &at);
3527 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3528 txdr_hyper(at.va_filerev, tl);
3532 be = bp + M_TRAILINGSPACE(mp);
3534 /* Loop through the records and build reply */
3535 while (cpos < cend && ncookies > 0) {
3536 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
3537 nlen = dp->d_namlen;
3538 rem = nfsm_rndup(nlen) - nlen;
3539 len += (4 * NFSX_UNSIGNED + nlen + rem);
3541 len += 2 * NFSX_UNSIGNED;
3547 * Build the directory record xdr from
3551 *tl = nfsrv_nfs_true;
3552 bp += NFSX_UNSIGNED;
3556 bp += NFSX_UNSIGNED;
3559 *tl = txdr_unsigned(dp->d_fileno);
3560 bp += NFSX_UNSIGNED;
3562 *tl = txdr_unsigned(nlen);
3563 bp += NFSX_UNSIGNED;
3565 /* And loop around copying the name */
3574 bcopy(cp, bp, tsiz);
3580 /* And null pad to an int32_t boundary. */
3581 for (i = 0; i < rem; i++)
3585 /* Finish off the record */
3588 bp += NFSX_UNSIGNED;
3591 *tl = txdr_unsigned(*cookiep);
3592 bp += NFSX_UNSIGNED;
3594 cpos += dp->d_reclen;
3595 dp = (struct dirent *)cpos;
3600 mtx_lock(&Giant); /* VFS */
3602 mtx_unlock(&Giant); /* VFS */
3606 *tl = nfsrv_nfs_false;
3607 bp += NFSX_UNSIGNED;
3610 *tl = nfsrv_nfs_true;
3612 *tl = nfsrv_nfs_false;
3613 bp += NFSX_UNSIGNED;
3616 mp->m_len = bp - mtod(mp, caddr_t);
3618 mp->m_len += bp - bpos;
3619 FREE((caddr_t)rbuf, M_TEMP);
3620 FREE((caddr_t)cookies, M_TEMP);
3626 mtx_lock(&Giant); /* VFS */
3628 mtx_unlock(&Giant); /* VFS */
3635 nfsrv_readdirplus(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3636 struct thread *td, struct mbuf **mrq)
3638 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3639 struct sockaddr *nam = nfsd->nd_nam;
3640 caddr_t dpos = nfsd->nd_dpos;
3641 struct ucred *cred = nfsd->nd_cr;
3648 struct mbuf *mb, *mreq;
3649 char *cpos, *cend, *rbuf;
3650 struct vnode *vp = NULL, *nvp;
3653 fhandle_t *fhp, *nfhp = (fhandle_t *)fl.fl_nfh;
3656 struct vattr va, at, *vap = &va;
3657 struct nfs_fattr *fp;
3658 int len, nlen, rem, xfer, tsiz, i, error = 0, getret = 1;
3659 int siz, cnt, fullsiz, eofflag, rdonly, dirlen, ncookies;
3660 u_quad_t off, toff, verf;
3661 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
3662 int v3 = (nfsd->nd_flag & ND_NFSV3);
3666 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3668 panic("nfsrv_readdirplus: v3 proc called on a v2 connection");
3669 fhp = &nfh.fh_generic;
3671 tl = nfsm_dissect_nonblock(u_int32_t *, 6 * NFSX_UNSIGNED);
3672 toff = fxdr_hyper(tl);
3674 verf = fxdr_hyper(tl);
3676 siz = fxdr_unsigned(int, *tl++);
3677 cnt = fxdr_unsigned(int, *tl);
3679 siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3680 xfer = NFS_SRVMAXDATA(nfsd);
3686 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
3687 if (!error && vp->v_type != VDIR) {
3690 mtx_lock(&Giant); /* VFS */
3692 mtx_unlock(&Giant); /* VFS */
3697 nfsm_reply(NFSX_UNSIGNED);
3698 nfsm_srvpostop_attr(getret, &at);
3703 mtx_lock(&Giant); /* VFS */
3704 error = getret = VOP_GETATTR(vp, &at, cred, td);
3707 * XXX This check may be too strict for Solaris 2.5 clients.
3709 if (!error && toff && verf && verf != at.va_filerev)
3710 error = NFSERR_BAD_COOKIE;
3713 error = nfsrv_access_withgiant(vp, VEXEC, cred, rdonly, td, 0);
3716 mtx_unlock(&Giant); /* VFS */
3719 nfsm_reply(NFSX_V3POSTOPATTR);
3720 nfsm_srvpostop_attr(getret, &at);
3724 VOP_UNLOCK(vp, 0, td);
3725 MALLOC(rbuf, caddr_t, siz, M_TEMP, M_WAITOK);
3727 NFSD_UNLOCK_ASSERT();
3729 iv.iov_len = fullsiz;
3732 io.uio_offset = (off_t)off;
3733 io.uio_resid = fullsiz;
3734 io.uio_segflg = UIO_SYSSPACE;
3735 io.uio_rw = UIO_READ;
3738 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3740 free((caddr_t)cookies, M_TEMP);
3743 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
3744 off = (u_quad_t)io.uio_offset;
3745 getret = VOP_GETATTR(vp, &at, cred, td);
3746 VOP_UNLOCK(vp, 0, td);
3747 if (!cookies && !error)
3748 error = NFSERR_PERM;
3753 mtx_unlock(&Giant); /* VFS */
3756 free((caddr_t)cookies, M_TEMP);
3757 free((caddr_t)rbuf, M_TEMP);
3759 nfsm_reply(NFSX_V3POSTOPATTR);
3760 nfsm_srvpostop_attr(getret, &at);
3765 siz -= io.uio_resid;
3768 * If nothing read, return eof
3773 mtx_unlock(&Giant); /* VFS */
3776 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3778 nfsm_srvpostop_attr(getret, &at);
3779 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
3780 txdr_hyper(at.va_filerev, tl);
3782 *tl++ = nfsrv_nfs_false;
3783 *tl = nfsrv_nfs_true;
3784 FREE((caddr_t)cookies, M_TEMP);
3785 FREE((caddr_t)rbuf, M_TEMP);
3792 * Check for degenerate cases of nothing useful read.
3793 * If so go try again
3797 dp = (struct dirent *)cpos;
3800 * For some reason FreeBSD's ufs_readdir() chooses to back the
3801 * directory offset up to a block boundary, so it is necessary to
3802 * skip over the records that precede the requested offset. This
3803 * requires the assumption that file offset cookies monotonically
3806 while (cpos < cend && ncookies > 0 &&
3807 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
3808 ((u_quad_t)(*cookiep)) <= toff)) {
3809 cpos += dp->d_reclen;
3810 dp = (struct dirent *)cpos;
3814 if (cpos >= cend || ncookies == 0) {
3821 * Probe one of the directory entries to see if the filesystem
3824 if (VFS_VGET(vp->v_mount, dp->d_fileno, LK_EXCLUSIVE, &nvp) ==
3826 error = NFSERR_NOTSUPP;
3828 mtx_unlock(&Giant); /* VFS */
3830 free((caddr_t)cookies, M_TEMP);
3831 free((caddr_t)rbuf, M_TEMP);
3833 nfsm_reply(NFSX_V3POSTOPATTR);
3834 nfsm_srvpostop_attr(getret, &at);
3839 mtx_unlock(&Giant); /* VFS */
3842 dirlen = len = NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3846 nfsm_srvpostop_attr(getret, &at);
3847 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3848 txdr_hyper(at.va_filerev, tl);
3851 be = bp + M_TRAILINGSPACE(mp);
3854 mtx_lock(&Giant); /* VFS */
3855 /* Loop through the records and build reply */
3856 while (cpos < cend && ncookies > 0) {
3857 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
3858 nlen = dp->d_namlen;
3859 rem = nfsm_rndup(nlen)-nlen;
3862 * For readdir_and_lookup get the vnode using
3865 if (VFS_VGET(vp->v_mount, dp->d_fileno, LK_EXCLUSIVE,
3868 bzero((caddr_t)nfhp, NFSX_V3FH);
3870 nvp->v_mount->mnt_stat.f_fsid;
3871 if (VFS_VPTOFH(nvp, &nfhp->fh_fid)) {
3876 if (VOP_GETATTR(nvp, vap, cred, td)) {
3885 * If either the dircount or maxcount will be
3886 * exceeded, get out now. Both of these lengths
3887 * are calculated conservatively, including all
3890 len += (8 * NFSX_UNSIGNED + nlen + rem + NFSX_V3FH +
3892 dirlen += (6 * NFSX_UNSIGNED + nlen + rem);
3893 if (len > cnt || dirlen > fullsiz) {
3899 * Build the directory record xdr from
3902 fp = (struct nfs_fattr *)&fl.fl_fattr;
3903 nfsm_srvfillattr(vap, fp);
3904 fl.fl_fhsize = txdr_unsigned(NFSX_V3FH);
3905 fl.fl_fhok = nfsrv_nfs_true;
3906 fl.fl_postopok = nfsrv_nfs_true;
3907 fl.fl_off.nfsuquad[0] = 0;
3908 fl.fl_off.nfsuquad[1] = txdr_unsigned(*cookiep);
3911 *tl = nfsrv_nfs_true;
3912 bp += NFSX_UNSIGNED;
3915 bp += NFSX_UNSIGNED;
3917 *tl = txdr_unsigned(dp->d_fileno);
3918 bp += NFSX_UNSIGNED;
3920 *tl = txdr_unsigned(nlen);
3921 bp += NFSX_UNSIGNED;
3923 /* And loop around copying the name */
3928 if ((bp + xfer) > be)
3932 bcopy(cp, bp, tsiz);
3938 /* And null pad to an int32_t boundary. */
3939 for (i = 0; i < rem; i++)
3943 * Now copy the flrep structure out.
3945 xfer = sizeof (struct flrep);
3949 if ((bp + xfer) > be)
3953 bcopy(cp, bp, tsiz);
3961 NFSD_UNLOCK_ASSERT();
3962 cpos += dp->d_reclen;
3963 dp = (struct dirent *)cpos;
3968 mtx_unlock(&Giant); /* VFS */
3971 *tl = nfsrv_nfs_false;
3972 bp += NFSX_UNSIGNED;
3976 *tl = nfsrv_nfs_true;
3978 *tl = nfsrv_nfs_false;
3979 bp += NFSX_UNSIGNED;
3982 mp->m_len = bp - mtod(mp, caddr_t);
3984 mp->m_len += bp - bpos;
3985 FREE((caddr_t)cookies, M_TEMP);
3986 FREE((caddr_t)rbuf, M_TEMP);
3991 mtx_lock(&Giant); /* VFS */
3993 mtx_unlock(&Giant); /* VFS */
4000 * nfs commit service
4003 nfsrv_commit(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4004 struct thread *td, struct mbuf **mrq)
4006 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4007 struct sockaddr *nam = nfsd->nd_nam;
4008 caddr_t dpos = nfsd->nd_dpos;
4009 struct ucred *cred = nfsd->nd_cr;
4010 struct vattr bfor, aft;
4011 struct vnode *vp = NULL;
4016 int error = 0, rdonly, for_ret = 1, aft_ret = 1, cnt;
4017 struct mbuf *mb, *mreq;
4019 struct mount *mp = NULL;
4020 int v3 = (nfsd->nd_flag & ND_NFSV3);
4024 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4026 panic("nfsrv_commit: v3 proc called on a v2 connection");
4027 fhp = &nfh.fh_generic;
4029 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
4034 mtx_lock(&Giant); /* VFS */
4035 (void) vn_start_write(NULL, &mp, V_WAIT);
4036 mtx_unlock(&Giant); /* VFS */
4038 tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
4041 * XXX At this time VOP_FSYNC() does not accept offset and byte
4042 * count parameters, so these arguments are useless (someday maybe).
4044 off = fxdr_hyper(tl);
4046 cnt = fxdr_unsigned(int, *tl);
4047 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4049 nfsm_reply(2 * NFSX_UNSIGNED);
4050 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
4055 mtx_lock(&Giant); /* VFS */
4056 for_ret = VOP_GETATTR(vp, &bfor, cred, td);
4058 if (cnt > MAX_COMMIT_COUNT) {
4060 * Give up and do the whole thing
4063 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
4064 VM_OBJECT_LOCK(vp->v_object);
4065 vm_object_page_clean(vp->v_object, 0, 0, OBJPC_SYNC);
4066 VM_OBJECT_UNLOCK(vp->v_object);
4068 error = VOP_FSYNC(vp, MNT_WAIT, td);
4071 * Locate and synchronously write any buffers that fall
4072 * into the requested range. Note: we are assuming that
4073 * f_iosize is a power of 2.
4075 int iosize = vp->v_mount->mnt_stat.f_iosize;
4076 int iomask = iosize - 1;
4081 * Align to iosize boundry, super-align to page boundry.
4084 cnt += off & iomask;
4085 off &= ~(u_quad_t)iomask;
4087 if (off & PAGE_MASK) {
4088 cnt += off & PAGE_MASK;
4089 off &= ~(u_quad_t)PAGE_MASK;
4091 lblkno = off / iosize;
4094 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
4095 VM_OBJECT_LOCK(vp->v_object);
4096 vm_object_page_clean(vp->v_object, off / PAGE_SIZE, (cnt + PAGE_MASK) / PAGE_SIZE, OBJPC_SYNC);
4097 VM_OBJECT_UNLOCK(vp->v_object);
4106 * If we have a buffer and it is marked B_DELWRI we
4107 * have to lock and write it. Otherwise the prior
4108 * write is assumed to have already been committed.
4110 * gbincore() can return invalid buffers now so we
4111 * have to check that bit as well (though B_DELWRI
4112 * should not be set if B_INVAL is set there could be
4113 * a race here since we haven't locked the buffer).
4115 if ((bp = gbincore(&vp->v_bufobj, lblkno)) != NULL) {
4116 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_SLEEPFAIL |
4117 LK_INTERLOCK, VI_MTX(vp)) == ENOLCK) {
4119 continue; /* retry */
4121 if ((bp->b_flags & (B_DELWRI|B_INVAL)) ==
4124 bp->b_flags &= ~B_ASYNC;
4141 aft_ret = VOP_GETATTR(vp, &aft, cred, td);
4143 mtx_unlock(&Giant); /* VFS */
4148 nfsm_reply(NFSX_V3WCCDATA + NFSX_V3WRITEVERF);
4149 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
4151 tl = nfsm_build(u_int32_t *, NFSX_V3WRITEVERF);
4152 if (nfsver.tv_sec == 0)
4154 *tl++ = txdr_unsigned(nfsver.tv_sec);
4155 *tl = txdr_unsigned(nfsver.tv_usec);
4162 mtx_lock(&Giant); /* VFS */
4165 vn_finished_write(mp);
4166 mtx_unlock(&Giant); /* VFS */
4172 * nfs statfs service
4175 nfsrv_statfs(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4176 struct thread *td, struct mbuf **mrq)
4178 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4179 struct sockaddr *nam = nfsd->nd_nam;
4180 caddr_t dpos = nfsd->nd_dpos;
4181 struct ucred *cred = nfsd->nd_cr;
4183 struct nfs_statfs *sfp;
4185 int error = 0, rdonly, getret = 1;
4186 int v3 = (nfsd->nd_flag & ND_NFSV3);
4187 struct mbuf *mb, *mreq;
4188 struct vnode *vp = NULL;
4192 struct statfs statfs;
4197 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4198 fhp = &nfh.fh_generic;
4200 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4202 nfsm_reply(NFSX_UNSIGNED);
4204 nfsm_srvpostop_attr(getret, &at);
4210 mtx_lock(&Giant); /* VFS */
4211 error = VFS_STATFS(vp->v_mount, sf, td);
4212 getret = VOP_GETATTR(vp, &at, cred, td);
4214 mtx_unlock(&Giant); /* VFS */
4217 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_STATFS(v3));
4219 nfsm_srvpostop_attr(getret, &at);
4224 sfp = nfsm_build(struct nfs_statfs *, NFSX_STATFS(v3));
4226 tval = (u_quad_t)sf->f_blocks;
4227 tval *= (u_quad_t)sf->f_bsize;
4228 txdr_hyper(tval, &sfp->sf_tbytes);
4229 tval = (u_quad_t)sf->f_bfree;
4230 tval *= (u_quad_t)sf->f_bsize;
4231 txdr_hyper(tval, &sfp->sf_fbytes);
4233 * Don't send negative values for available space,
4234 * since this field is unsigned in the NFS protocol.
4235 * Otherwise, the client would see absurdly high
4236 * numbers for free space.
4238 if (sf->f_bavail < 0)
4241 tval = (u_quad_t)sf->f_bavail;
4242 tval *= (u_quad_t)sf->f_bsize;
4243 txdr_hyper(tval, &sfp->sf_abytes);
4244 sfp->sf_tfiles.nfsuquad[0] = 0;
4245 sfp->sf_tfiles.nfsuquad[1] = txdr_unsigned(sf->f_files);
4246 sfp->sf_ffiles.nfsuquad[0] = 0;
4247 sfp->sf_ffiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
4248 sfp->sf_afiles.nfsuquad[0] = 0;
4249 sfp->sf_afiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
4250 sfp->sf_invarsec = 0;
4252 sfp->sf_tsize = txdr_unsigned(NFS_MAXDGRAMDATA);
4253 sfp->sf_bsize = txdr_unsigned(sf->f_bsize);
4254 sfp->sf_blocks = txdr_unsigned(sf->f_blocks);
4255 sfp->sf_bfree = txdr_unsigned(sf->f_bfree);
4256 if (sf->f_bavail < 0)
4259 sfp->sf_bavail = txdr_unsigned(sf->f_bavail);
4265 mtx_lock(&Giant); /* VFS */
4267 mtx_unlock(&Giant); /* VFS */
4274 * nfs fsinfo service
4277 nfsrv_fsinfo(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4278 struct thread *td, struct mbuf **mrq)
4280 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4281 struct sockaddr *nam = nfsd->nd_nam;
4282 caddr_t dpos = nfsd->nd_dpos;
4283 struct ucred *cred = nfsd->nd_cr;
4284 struct nfsv3_fsinfo *sip;
4286 int error = 0, rdonly, getret = 1, pref;
4287 struct mbuf *mb, *mreq;
4288 struct vnode *vp = NULL;
4294 int v3 = (nfsd->nd_flag & ND_NFSV3);
4298 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4300 panic("nfsrv_fsinfo: v3 proc called on a v2 connection");
4301 fhp = &nfh.fh_generic;
4303 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4305 nfsm_reply(NFSX_UNSIGNED);
4306 nfsm_srvpostop_attr(getret, &at);
4312 mtx_lock(&Giant); /* VFS */
4313 /* XXX Try to make a guess on the max file size. */
4314 VFS_STATFS(vp->v_mount, &sb, td);
4315 maxfsize = (u_quad_t)0x80000000 * sb.f_bsize - 1;
4317 getret = VOP_GETATTR(vp, &at, cred, td);
4319 mtx_unlock(&Giant); /* VFS */
4322 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3FSINFO);
4323 nfsm_srvpostop_attr(getret, &at);
4324 sip = nfsm_build(struct nfsv3_fsinfo *, NFSX_V3FSINFO);
4328 * There should be filesystem VFS OP(s) to get this information.
4329 * For now, assume ufs.
4331 if (slp->ns_so->so_type == SOCK_DGRAM)
4332 pref = NFS_MAXDGRAMDATA;
4335 sip->fs_rtmax = txdr_unsigned(pref);
4336 sip->fs_rtpref = txdr_unsigned(pref);
4337 sip->fs_rtmult = txdr_unsigned(NFS_FABLKSIZE);
4338 sip->fs_wtmax = txdr_unsigned(pref);
4339 sip->fs_wtpref = txdr_unsigned(pref);
4340 sip->fs_wtmult = txdr_unsigned(NFS_FABLKSIZE);
4341 sip->fs_dtpref = txdr_unsigned(pref);
4342 txdr_hyper(maxfsize, &sip->fs_maxfilesize);
4343 sip->fs_timedelta.nfsv3_sec = 0;
4344 sip->fs_timedelta.nfsv3_nsec = txdr_unsigned(1);
4345 sip->fs_properties = txdr_unsigned(NFSV3FSINFO_LINK |
4346 NFSV3FSINFO_SYMLINK | NFSV3FSINFO_HOMOGENEOUS |
4347 NFSV3FSINFO_CANSETTIME);
4352 mtx_lock(&Giant); /* VFS */
4354 mtx_unlock(&Giant); /* VFS */
4361 * nfs pathconf service
4364 nfsrv_pathconf(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4365 struct thread *td, struct mbuf **mrq)
4367 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
4368 struct sockaddr *nam = nfsd->nd_nam;
4369 caddr_t dpos = nfsd->nd_dpos;
4370 struct ucred *cred = nfsd->nd_cr;
4371 struct nfsv3_pathconf *pc;
4373 int error = 0, rdonly, getret = 1;
4374 register_t linkmax, namemax, chownres, notrunc;
4375 struct mbuf *mb, *mreq;
4376 struct vnode *vp = NULL;
4380 int v3 = (nfsd->nd_flag & ND_NFSV3);
4384 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4386 panic("nfsrv_pathconf: v3 proc called on a v2 connection");
4387 fhp = &nfh.fh_generic;
4389 error = nfsrv_fhtovp(fhp, 1, &vp, cred, slp, nam, &rdonly, TRUE);
4391 nfsm_reply(NFSX_UNSIGNED);
4392 nfsm_srvpostop_attr(getret, &at);
4397 mtx_lock(&Giant); /* VFS */
4398 error = VOP_PATHCONF(vp, _PC_LINK_MAX, &linkmax);
4400 error = VOP_PATHCONF(vp, _PC_NAME_MAX, &namemax);
4402 error = VOP_PATHCONF(vp, _PC_CHOWN_RESTRICTED, &chownres);
4404 error = VOP_PATHCONF(vp, _PC_NO_TRUNC, ¬runc);
4405 getret = VOP_GETATTR(vp, &at, cred, td);
4407 mtx_unlock(&Giant); /* VFS */
4410 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3PATHCONF);
4411 nfsm_srvpostop_attr(getret, &at);
4416 pc = nfsm_build(struct nfsv3_pathconf *, NFSX_V3PATHCONF);
4418 pc->pc_linkmax = txdr_unsigned(linkmax);
4419 pc->pc_namemax = txdr_unsigned(namemax);
4420 pc->pc_notrunc = txdr_unsigned(notrunc);
4421 pc->pc_chownrestricted = txdr_unsigned(chownres);
4424 * These should probably be supported by VOP_PATHCONF(), but
4425 * until msdosfs is exportable (why would you want to?), the
4426 * Unix defaults should be ok.
4428 pc->pc_caseinsensitive = nfsrv_nfs_false;
4429 pc->pc_casepreserving = nfsrv_nfs_true;
4434 mtx_lock(&Giant); /* VFS */
4436 mtx_unlock(&Giant); /* VFS */
4443 * Null operation, used by clients to ping server
4447 nfsrv_null(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4448 struct thread *td, struct mbuf **mrq)
4450 struct mbuf *mrep = nfsd->nd_mrep;
4452 int error = NFSERR_RETVOID;
4453 struct mbuf *mb, *mreq;
4457 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4465 * No operation, used for obsolete procedures
4469 nfsrv_noop(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
4470 struct thread *td, struct mbuf **mrq)
4472 struct mbuf *mrep = nfsd->nd_mrep;
4475 struct mbuf *mb, *mreq;
4479 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4480 if (nfsd->nd_repstat)
4481 error = nfsd->nd_repstat;
4483 error = EPROCUNAVAIL;
4492 * Perform access checking for vnodes obtained from file handles that would
4493 * refer to files already opened by a Unix client. You cannot just use
4494 * vn_writechk() and VOP_ACCESS() for two reasons.
4495 * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write
4497 * 2 - The owner is to be given access irrespective of mode bits for some
4498 * operations, so that processes that chmod after opening a file don't
4499 * break. I don't like this because it opens a security hole, but since
4500 * the nfs server opens a security hole the size of a barn door anyhow,
4503 * The exception to rule 2 is EPERM. If a file is IMMUTABLE, VOP_ACCESS()
4504 * will return EPERM instead of EACCESS. EPERM is always an error.
4506 * There are two versions: one to be called while holding Giant (which is
4507 * needed due to use of VFS), and the other called with the NFS server lock
4508 * (which will be dropped and reacquired). This is necessary because
4509 * nfsrv_access checks are required from both classes of contexts.
4512 nfsrv_access_withgiant(struct vnode *vp, int flags, struct ucred *cred,
4513 int rdonly, struct thread *td, int override)
4520 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
4522 if (flags & VWRITE) {
4523 /* Just vn_writechk() changed to check rdonly */
4525 * Disallow write attempts on read-only filesystems;
4526 * unless the file is a socket or a block or character
4527 * device resident on the filesystem.
4529 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
4530 switch (vp->v_type) {
4540 * If there's shared text associated with
4541 * the inode, we can't allow writing.
4543 if (vp->v_vflag & VV_TEXT)
4547 error = VOP_GETATTR(vp, &vattr, cred, td);
4550 error = VOP_ACCESS(vp, flags, cred, td);
4552 * Allow certain operations for the owner (reads and writes
4553 * on files that are already open).
4555 if (override && error == EACCES && cred->cr_uid == vattr.va_uid)
4561 nfsrv_access(struct vnode *vp, int flags, struct ucred *cred, int rdonly,
4562 struct thread *td, int override)
4569 mtx_lock(&Giant); /* VFS */
4570 error = nfsrv_access_withgiant(vp, flags, cred, rdonly, td, override);
4571 mtx_unlock(&Giant); /* VFS */