2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_serv.c 8.8 (Berkeley) 7/31/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 * nfs version 2 and 3 server calls to vnode ops
40 * - these routines generally have 3 phases
41 * 1 - break down and validate rpc request in mbuf list
42 * 2 - do the vnode ops for the request
43 * (surprisingly ?? many are very similar to syscalls in vfs_syscalls.c)
44 * 3 - build the rpc reply in an mbuf list
46 * - do not mix the phases, since the nfsm_?? macros can return failures
47 * on a bad rpc or similar and do not do any vrele() or vput()'s
49 * - the nfsm_reply() macro generates an nfs rpc reply with the nfs
50 * error number iff error != 0 whereas
51 * returning an error from the server function implies a fatal error
52 * such as a badly constructed rpc request that should be dropped without
54 * For nfsm_reply(), the case where error == EBADRPC is treated
55 * specially; after constructing a reply, it does an immediate
56 * `goto nfsmout' to avoid getting any V3 post-op status appended.
59 * Warning: always pay careful attention to resource cleanup on return
60 * and note that nfsm_*() macros can terminate a procedure on certain
63 * lookup() and namei()
64 * may return garbage in various structural fields/return elements
65 * if an error is returned, and may garbage up nd.ni_dvp even if no
66 * error is returned and you did not request LOCKPARENT or WANTPARENT.
68 * We use the ni_cnd.cn_flags 'HASBUF' flag to track whether the name
69 * buffer has been freed or not.
72 #include <sys/param.h>
73 #include <sys/systm.h>
75 #include <sys/namei.h>
76 #include <sys/unistd.h>
77 #include <sys/vnode.h>
78 #include <sys/mount.h>
79 #include <sys/socket.h>
80 #include <sys/socketvar.h>
81 #include <sys/malloc.h>
84 #include <sys/dirent.h>
86 #include <sys/kernel.h>
87 #include <sys/sysctl.h>
92 #include <vm/vm_extern.h>
93 #include <vm/vm_object.h>
95 #include <nfs/nfsproto.h>
96 #include <nfsserver/nfs.h>
97 #include <nfs/xdr_subs.h>
98 #include <nfsserver/nfsm_subs.h>
100 FEATURE(nfsserver, "NFS server");
103 #define nfsdbprintf(info) printf info
105 #define nfsdbprintf(info)
108 #define MAX_COMMIT_COUNT (1024 * 1024)
110 #define MAX_REORDERED_RPC 16
111 #define NUM_HEURISTIC 1031
112 #define NHUSE_INIT 64
114 #define NHUSE_MAX 2048
116 static struct nfsheur {
117 struct vnode *nh_vp; /* vp to match (unreferenced pointer) */
118 off_t nh_nextoff; /* next offset for sequential detection */
119 int nh_use; /* use count for selection */
120 int nh_seqcount; /* heuristic */
121 } nfsheur[NUM_HEURISTIC];
125 int nfsrvw_procrastinate = NFS_GATHERDELAY * 1000;
126 int nfsrvw_procrastinate_v3 = 0;
128 static struct timeval nfsver = { 0 };
130 SYSCTL_NODE(_vfs, OID_AUTO, nfsrv, CTLFLAG_RW, 0, "NFS server");
132 static int nfs_async;
133 static int nfs_commit_blks;
134 static int nfs_commit_miss;
135 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, async, CTLFLAG_RW, &nfs_async, 0,
136 "Tell client that writes were synced even though they were not");
137 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_blks, CTLFLAG_RW, &nfs_commit_blks, 0,
138 "Number of completed commits");
139 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_miss, CTLFLAG_RW, &nfs_commit_miss, 0, "");
141 struct nfsrvstats nfsrvstats;
142 SYSCTL_STRUCT(_vfs_nfsrv, NFS_NFSRVSTATS, nfsrvstats, CTLFLAG_RW,
143 &nfsrvstats, nfsrvstats, "S,nfsrvstats");
145 static int nfsrv_access(struct vnode *, accmode_t, struct ucred *,
149 * Clear nameidata fields that are tested in nsfmout cleanup code prior
150 * to using first nfsm macro (that might jump to the cleanup code).
154 ndclear(struct nameidata *nd)
157 nd->ni_cnd.cn_flags = 0;
160 nd->ni_startdir = NULL;
161 nd->ni_strictrelative = 0;
165 * Takes two vfslocked integers and returns with at most one
166 * reference to giant. The return value indicates whether giant
167 * is held by either lock. This simplifies nfsrv ops by allowing
168 * them to track only one vfslocked var.
171 nfsrv_lockedpair(int vfs1, int vfs2)
175 VFS_UNLOCK_GIANT(vfs2);
177 return (vfs1 | vfs2);
181 nfsrv_lockedpair_nd(int vfs1, struct nameidata *nd)
185 vfs2 = NDHASGIANT(nd);
187 return nfsrv_lockedpair(vfs1, vfs2);
191 * Heuristic to detect sequential operation.
193 static struct nfsheur *
194 nfsrv_sequential_heuristic(struct uio *uio, struct vnode *vp)
199 /* Locate best candidate. */
201 hi = ((int)(vm_offset_t)vp / sizeof(struct vnode)) % NUM_HEURISTIC;
204 if (nfsheur[hi].nh_vp == vp) {
208 if (nfsheur[hi].nh_use > 0)
209 --nfsheur[hi].nh_use;
210 hi = (hi + 1) % NUM_HEURISTIC;
211 if (nfsheur[hi].nh_use < nh->nh_use)
215 /* Initialize hint if this is a new file. */
216 if (nh->nh_vp != vp) {
218 nh->nh_nextoff = uio->uio_offset;
219 nh->nh_use = NHUSE_INIT;
220 if (uio->uio_offset == 0)
226 /* Calculate heuristic. */
227 if ((uio->uio_offset == 0 && nh->nh_seqcount > 0) ||
228 uio->uio_offset == nh->nh_nextoff) {
229 /* See comments in vfs_vnops.c:sequential_heuristic(). */
230 nh->nh_seqcount += howmany(uio->uio_resid, 16384);
231 if (nh->nh_seqcount > IO_SEQMAX)
232 nh->nh_seqcount = IO_SEQMAX;
233 } else if (qabs(uio->uio_offset - nh->nh_nextoff) <= MAX_REORDERED_RPC *
234 imax(vp->v_mount->mnt_stat.f_iosize, uio->uio_resid)) {
235 /* Probably a reordered RPC, leave seqcount alone. */
236 } else if (nh->nh_seqcount > 1) {
237 nh->nh_seqcount /= 2;
241 nh->nh_use += NHUSE_INC;
242 if (nh->nh_use > NHUSE_MAX)
243 nh->nh_use = NHUSE_MAX;
248 * nfs v3 access service
251 nfsrv3_access(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
254 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
255 struct sockaddr *nam = nfsd->nd_nam;
256 caddr_t dpos = nfsd->nd_dpos;
257 struct ucred *cred = nfsd->nd_cr;
258 struct vnode *vp = NULL;
263 int error = 0, rdonly, getret;
264 struct mbuf *mb, *mreq;
265 struct vattr vattr, *vap = &vattr;
266 u_long testmode, nfsmode;
267 int v3 = (nfsd->nd_flag & ND_NFSV3);
270 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
272 panic("nfsrv3_access: v3 proc called on a v2 connection");
274 fhp = &nfh.fh_generic;
276 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
277 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
279 nfsm_reply(NFSX_UNSIGNED);
280 nfsm_srvpostop_attr(1, NULL);
284 nfsmode = fxdr_unsigned(u_int32_t, *tl);
285 if ((nfsmode & NFSV3ACCESS_READ) &&
286 nfsrv_access(vp, VREAD, cred, rdonly, 0))
287 nfsmode &= ~NFSV3ACCESS_READ;
288 if (vp->v_type == VDIR)
289 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND |
292 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND);
293 if ((nfsmode & testmode) &&
294 nfsrv_access(vp, VWRITE, cred, rdonly, 0))
295 nfsmode &= ~testmode;
296 if (vp->v_type == VDIR)
297 testmode = NFSV3ACCESS_LOOKUP;
299 testmode = NFSV3ACCESS_EXECUTE;
300 if ((nfsmode & testmode) &&
301 nfsrv_access(vp, VEXEC, cred, rdonly, 0))
302 nfsmode &= ~testmode;
303 getret = VOP_GETATTR(vp, vap, cred);
306 nfsm_reply(NFSX_POSTOPATTR(1) + NFSX_UNSIGNED);
307 nfsm_srvpostop_attr(getret, vap);
308 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
309 *tl = txdr_unsigned(nfsmode);
313 VFS_UNLOCK_GIANT(vfslocked);
318 * nfs getattr service
321 nfsrv_getattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
324 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
325 struct sockaddr *nam = nfsd->nd_nam;
326 caddr_t dpos = nfsd->nd_dpos;
327 struct ucred *cred = nfsd->nd_cr;
328 struct nfs_fattr *fp;
330 struct vattr *vap = &va;
331 struct vnode *vp = NULL;
335 int error = 0, rdonly;
336 struct mbuf *mb, *mreq;
339 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
341 fhp = &nfh.fh_generic;
343 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
349 error = VOP_GETATTR(vp, vap, cred);
352 nfsm_reply(NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
357 fp = nfsm_build(struct nfs_fattr *,
358 NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
359 nfsm_srvfillattr(vap, fp);
365 VFS_UNLOCK_GIANT(vfslocked);
370 * nfs setattr service
373 nfsrv_setattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
376 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
377 struct sockaddr *nam = nfsd->nd_nam;
378 caddr_t dpos = nfsd->nd_dpos;
379 struct ucred *cred = nfsd->nd_cr;
380 struct vattr va, preat;
381 struct vattr *vap = &va;
382 struct nfsv2_sattr *sp;
383 struct nfs_fattr *fp;
384 struct vnode *vp = NULL;
389 int error = 0, rdonly, preat_ret = 1, postat_ret = 1;
390 int v3 = (nfsd->nd_flag & ND_NFSV3), gcheck = 0;
391 struct mbuf *mb, *mreq;
392 struct timespec guard = { 0, 0 };
393 struct mount *mp = NULL;
397 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
399 fhp = &nfh.fh_generic;
401 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
405 vfslocked = VFS_LOCK_GIANT(mp);
406 (void) vn_start_write(NULL, &mp, V_WAIT);
407 vfs_rel(mp); /* The write holds a ref. */
411 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
412 gcheck = fxdr_unsigned(int, *tl);
414 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
415 fxdr_nfsv3time(tl, &guard);
418 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
420 * Nah nah nah nah na nah
421 * There is a bug in the Sun client that puts 0xffff in the mode
422 * field of sattr when it should put in 0xffffffff. The u_short
423 * doesn't sign extend.
424 * --> check the low order 2 bytes for 0xffff
426 if ((fxdr_unsigned(int, sp->sa_mode) & 0xffff) != 0xffff)
427 vap->va_mode = nfstov_mode(sp->sa_mode);
428 if (sp->sa_uid != nfsrv_nfs_xdrneg1)
429 vap->va_uid = fxdr_unsigned(uid_t, sp->sa_uid);
430 if (sp->sa_gid != nfsrv_nfs_xdrneg1)
431 vap->va_gid = fxdr_unsigned(gid_t, sp->sa_gid);
432 if (sp->sa_size != nfsrv_nfs_xdrneg1)
433 vap->va_size = fxdr_unsigned(u_quad_t, sp->sa_size);
434 if (sp->sa_atime.nfsv2_sec != nfsrv_nfs_xdrneg1) {
436 fxdr_nfsv2time(&sp->sa_atime, &vap->va_atime);
438 vap->va_atime.tv_sec =
439 fxdr_unsigned(int32_t, sp->sa_atime.nfsv2_sec);
440 vap->va_atime.tv_nsec = 0;
443 if (sp->sa_mtime.nfsv2_sec != nfsrv_nfs_xdrneg1)
444 fxdr_nfsv2time(&sp->sa_mtime, &vap->va_mtime);
449 * Now that we have all the fields, lets do it.
451 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
452 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
454 nfsm_reply(2 * NFSX_UNSIGNED);
456 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
462 * vp now an active resource, pay careful attention to cleanup
465 error = preat_ret = VOP_GETATTR(vp, &preat, cred);
466 if (!error && gcheck &&
467 (preat.va_ctime.tv_sec != guard.tv_sec ||
468 preat.va_ctime.tv_nsec != guard.tv_nsec))
469 error = NFSERR_NOT_SYNC;
473 nfsm_reply(NFSX_WCCDATA(v3));
475 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
482 * If the size is being changed write acces is required, otherwise
483 * just check for a read only filesystem.
485 if (vap->va_size == ((u_quad_t)((quad_t) -1))) {
486 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
491 if (vp->v_type == VDIR) {
494 } else if ((error = nfsrv_access(vp, VWRITE, cred, rdonly,
498 error = VOP_SETATTR(vp, vap, cred);
499 postat_ret = VOP_GETATTR(vp, vap, cred);
507 nfsm_reply(NFSX_WCCORFATTR(v3));
509 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
511 /* v2 non-error case. */
512 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
513 nfsm_srvfillattr(vap, fp);
521 vn_finished_write(mp);
522 VFS_UNLOCK_GIANT(vfslocked);
530 nfsrv_lookup(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
533 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
534 struct sockaddr *nam = nfsd->nd_nam;
535 caddr_t dpos = nfsd->nd_dpos;
536 struct ucred *cred = nfsd->nd_cr;
537 struct nfs_fattr *fp;
538 struct nameidata nd, ind, *ndp = &nd;
539 struct vnode *vp, *dirp = NULL;
543 int error = 0, len, dirattr_ret = 1;
544 int v3 = (nfsd->nd_flag & ND_NFSV3), pubflag;
545 struct mbuf *mb, *mreq;
546 struct vattr va, dirattr, *vap = &va;
550 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
554 fhp = &nfh.fh_generic;
556 nfsm_srvnamesiz(len);
558 pubflag = nfs_ispublicfh(fhp);
560 nd.ni_cnd.cn_cred = cred;
561 nd.ni_cnd.cn_nameiop = LOOKUP;
562 nd.ni_cnd.cn_flags = LOCKLEAF | SAVESTART | MPSAFE;
563 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
564 &dirp, v3, &dirattr, &dirattr_ret, pubflag);
565 vfslocked = NDHASGIANT(&nd);
568 * namei failure, only dirp to cleanup. Clear out garbarge from
569 * structure in case macros jump to nfsmout.
577 nfsm_reply(NFSX_POSTOPATTR(v3));
579 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
585 * Locate index file for public filehandle
587 * error is 0 on entry and 0 on exit from this block.
591 if (nd.ni_vp->v_type == VDIR && nfs_pub.np_index != NULL) {
593 * Setup call to lookup() to see if we can find
594 * the index file. Arguably, this doesn't belong
595 * in a kernel.. Ugh. If an error occurs, do not
596 * try to install an index file and then clear the
599 * When we replace nd with ind and redirect ndp,
600 * maintenance of ni_startdir and ni_vp shift to
601 * ind and we have to clean them up in the old nd.
602 * However, the cnd resource continues to be maintained
603 * via the original nd. Confused? You aren't alone!
606 VOP_UNLOCK(nd.ni_vp, 0);
607 ind.ni_pathlen = strlen(nfs_pub.np_index);
608 ind.ni_cnd.cn_nameptr = ind.ni_cnd.cn_pnbuf =
610 ind.ni_startdir = nd.ni_vp;
611 VREF(ind.ni_startdir);
612 ind.ni_cnd.cn_flags &= ~GIANTHELD;
613 tvfslocked = VFS_LOCK_GIANT(ind.ni_startdir->v_mount);
615 nd.ni_cnd.cn_flags |= GIANTHELD;
616 error = lookup(&ind);
618 vfslocked = nfsrv_lockedpair_nd(vfslocked, &ind);
619 ind.ni_cnd.cn_flags &= ~GIANTHELD;
623 * Found an index file. Get rid of
624 * the old references. transfer nd.ni_vp'
630 vrele(nd.ni_startdir);
631 nd.ni_startdir = NULL;
637 * If the public filehandle was used, check that this lookup
638 * didn't result in a filehandle outside the publicly exported
639 * filesystem. We clear the poor vp here to avoid lockups due
643 if (ndp->ni_vp->v_mount != nfs_pub.np_mount) {
651 * Resources at this point:
652 * ndp->ni_vp may not be NULL
656 nfsm_reply(NFSX_POSTOPATTR(v3));
658 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
664 * Get underlying attribute, then release remaining resources ( for
665 * the same potential blocking reason ) and reply.
668 bzero((caddr_t)fhp, sizeof(nfh));
669 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
670 error = VOP_VPTOFH(vp, &fhp->fh_fid);
672 error = VOP_GETATTR(vp, vap, cred);
675 vrele(ndp->ni_startdir);
678 ndp->ni_startdir = NULL;
680 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPORFATTR(v3) + NFSX_POSTOPATTR(v3));
683 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
687 nfsm_srvfhtom(fhp, v3);
689 nfsm_srvpostop_attr(0, vap);
690 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
692 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
693 nfsm_srvfillattr(vap, fp);
697 if (ndp->ni_vp || dirp || ndp->ni_startdir) {
702 if (ndp->ni_startdir)
703 vrele(ndp->ni_startdir);
705 NDFREE(&nd, NDF_ONLY_PNBUF);
706 VFS_UNLOCK_GIANT(vfslocked);
711 * nfs readlink service
714 nfsrv_readlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
717 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
718 struct sockaddr *nam = nfsd->nd_nam;
719 caddr_t dpos = nfsd->nd_dpos;
720 struct ucred *cred = nfsd->nd_cr;
721 struct iovec iv[(NFS_MAXPATHLEN+MLEN-1)/MLEN];
722 struct iovec *ivp = iv;
726 int error = 0, rdonly, i, tlen, len, getret;
727 int v3 = (nfsd->nd_flag & ND_NFSV3);
728 struct mbuf *mb, *mp3, *nmp, *mreq;
729 struct vnode *vp = NULL;
733 struct uio io, *uiop = &io;
736 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
742 fhp = &nfh.fh_generic;
746 while (len < NFS_MAXPATHLEN) {
747 MGET(nmp, M_WAIT, MT_DATA);
749 nmp->m_len = NFSMSIZ(nmp);
756 if ((len + mp->m_len) > NFS_MAXPATHLEN) {
757 mp->m_len = NFS_MAXPATHLEN - len;
758 len = NFS_MAXPATHLEN;
761 ivp->iov_base = mtod(mp, caddr_t);
762 ivp->iov_len = mp->m_len;
767 uiop->uio_iovcnt = i;
768 uiop->uio_offset = 0;
769 uiop->uio_resid = len;
770 uiop->uio_rw = UIO_READ;
771 uiop->uio_segflg = UIO_SYSSPACE;
773 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
775 nfsm_reply(2 * NFSX_UNSIGNED);
777 nfsm_srvpostop_attr(1, NULL);
781 if (vp->v_type != VLNK) {
787 error = VOP_READLINK(vp, uiop, cred);
788 getret = VOP_GETATTR(vp, &attr, cred);
791 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_UNSIGNED);
793 nfsm_srvpostop_attr(getret, &attr);
798 if (uiop->uio_resid > 0) {
799 len -= uiop->uio_resid;
800 tlen = nfsm_rndup(len);
801 nfsm_adj(mp3, NFS_MAXPATHLEN-tlen, tlen-len);
803 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
804 *tl = txdr_unsigned(len);
812 VFS_UNLOCK_GIANT(vfslocked);
820 nfsrv_read(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
823 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
824 struct sockaddr *nam = nfsd->nd_nam;
825 caddr_t dpos = nfsd->nd_dpos;
826 struct ucred *cred = nfsd->nd_cr;
830 struct nfs_fattr *fp;
834 int error = 0, rdonly, cnt, len, left, siz, tlen, getret;
835 int v3 = (nfsd->nd_flag & ND_NFSV3), reqlen;
836 struct mbuf *mb, *mreq;
838 struct vnode *vp = NULL;
841 struct uio io, *uiop = &io;
842 struct vattr va, *vap = &va;
849 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
851 fhp = &nfh.fh_generic;
854 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
855 off = fxdr_hyper(tl);
857 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
858 off = (off_t)fxdr_unsigned(u_int32_t, *tl);
860 nfsm_srvstrsiz(reqlen, NFS_SRVMAXDATA(nfsd));
863 * Reference vp. If an error occurs, vp will be invalid, but we
864 * have to NULL it just in case. The macros might goto nfsmout
868 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
871 nfsm_reply(2 * NFSX_UNSIGNED);
873 nfsm_srvpostop_attr(1, NULL);
878 if (vp->v_type != VREG) {
882 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
885 if ((error = nfsrv_access(vp, VREAD, cred, rdonly, 1)) != 0)
886 error = nfsrv_access(vp, VEXEC, cred, rdonly, 1);
888 getret = VOP_GETATTR(vp, vap, cred);
894 nfsm_reply(NFSX_POSTOPATTR(v3));
896 nfsm_srvpostop_attr(getret, vap);
902 * Calculate byte count to read
904 if (off >= vap->va_size)
906 else if ((off + reqlen) > vap->va_size)
907 cnt = vap->va_size - off;
911 nfsm_reply(NFSX_POSTOPORFATTR(v3) + 3 * NFSX_UNSIGNED+nfsm_rndup(cnt));
913 tl = nfsm_build(u_int32_t *, NFSX_V3FATTR + 4 * NFSX_UNSIGNED);
914 *tl++ = nfsrv_nfs_true;
915 fp = (struct nfs_fattr *)tl;
916 tl += (NFSX_V3FATTR / sizeof (u_int32_t));
918 tl = nfsm_build(u_int32_t *, NFSX_V2FATTR + NFSX_UNSIGNED);
919 fp = (struct nfs_fattr *)tl;
920 tl += (NFSX_V2FATTR / sizeof (u_int32_t));
922 len = left = nfsm_rndup(cnt);
925 * Generate the mbuf list with the uio_iov ref. to it.
930 siz = min(M_TRAILINGSPACE(m), left);
936 MGET(m, M_WAIT, MT_DATA);
943 iv = malloc(i * sizeof (struct iovec),
945 uiop->uio_iov = iv2 = iv;
951 panic("nfsrv_read iov");
952 siz = min(M_TRAILINGSPACE(m), left);
954 iv->iov_base = mtod(m, caddr_t) + m->m_len;
963 uiop->uio_iovcnt = i;
964 uiop->uio_offset = off;
965 uiop->uio_resid = len;
966 uiop->uio_rw = UIO_READ;
967 uiop->uio_segflg = UIO_SYSSPACE;
969 nh = nfsrv_sequential_heuristic(uiop, vp);
970 ioflag |= nh->nh_seqcount << IO_SEQSHIFT;
971 error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
973 nh->nh_nextoff = uiop->uio_offset;
974 free((caddr_t)iv2, M_TEMP);
975 if (error || (getret = VOP_GETATTR(vp, vap, cred))) {
981 nfsm_reply(NFSX_POSTOPATTR(v3));
983 nfsm_srvpostop_attr(getret, vap);
991 nfsm_srvfillattr(vap, fp);
992 tlen = len - uiop->uio_resid;
993 cnt = cnt < tlen ? cnt : tlen;
994 tlen = nfsm_rndup(cnt);
995 if (len != tlen || tlen != cnt)
996 nfsm_adj(mb, len - tlen, tlen - cnt);
998 *tl++ = txdr_unsigned(cnt);
1000 *tl++ = nfsrv_nfs_true;
1002 *tl++ = nfsrv_nfs_false;
1004 *tl = txdr_unsigned(cnt);
1008 VFS_UNLOCK_GIANT(vfslocked);
1016 nfsrv_write(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1019 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1020 struct sockaddr *nam = nfsd->nd_nam;
1021 caddr_t dpos = nfsd->nd_dpos;
1022 struct ucred *cred = nfsd->nd_cr;
1026 struct nfs_fattr *fp;
1028 struct vattr va, forat;
1029 struct vattr *vap = &va;
1032 int error = 0, rdonly, len, forat_ret = 1;
1033 int ioflags, aftat_ret = 1, retlen = 0, zeroing, adjust;
1034 int stable = NFSV3WRITE_FILESYNC;
1035 int v3 = (nfsd->nd_flag & ND_NFSV3);
1036 struct mbuf *mb, *mreq;
1037 struct vnode *vp = NULL;
1041 struct uio io, *uiop = &io;
1043 struct mount *mntp = NULL;
1047 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1054 fhp = &nfh.fh_generic;
1056 if ((mntp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1060 vfslocked = VFS_LOCK_GIANT(mntp);
1061 (void) vn_start_write(NULL, &mntp, V_WAIT);
1062 vfs_rel(mntp); /* The write holds a ref. */
1064 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
1065 off = fxdr_hyper(tl);
1067 stable = fxdr_unsigned(int, *tl++);
1069 tl = nfsm_dissect_nonblock(u_int32_t *, 4 * NFSX_UNSIGNED);
1070 off = (off_t)fxdr_unsigned(u_int32_t, *++tl);
1073 stable = NFSV3WRITE_UNSTABLE;
1075 retlen = len = fxdr_unsigned(int32_t, *tl);
1079 * For NFS Version 2, it is not obvious what a write of zero length
1080 * should do, but I might as well be consistent with Version 3,
1081 * which is to return ok so long as there are no permission problems.
1089 adjust = dpos - mtod(mp, caddr_t);
1090 mp->m_len -= adjust;
1091 if (mp->m_len > 0 && adjust > 0)
1092 mp->m_data += adjust;
1096 else if (mp->m_len > 0) {
1099 mp->m_len -= (i - len);
1108 if (len > NFS_MAXDATA || len < 0 || i < len) {
1110 nfsm_reply(2 * NFSX_UNSIGNED);
1112 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1116 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
1117 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
1120 nfsm_reply(2 * NFSX_UNSIGNED);
1122 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1127 forat_ret = VOP_GETATTR(vp, &forat, cred);
1128 if (vp->v_type != VREG) {
1132 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
1135 error = nfsrv_access(vp, VWRITE, cred, rdonly, 1);
1139 nfsm_reply(NFSX_WCCDATA(v3));
1141 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1147 ivp = malloc(cnt * sizeof (struct iovec), M_TEMP,
1149 uiop->uio_iov = iv = ivp;
1150 uiop->uio_iovcnt = cnt;
1153 if (mp->m_len > 0) {
1154 ivp->iov_base = mtod(mp, caddr_t);
1155 ivp->iov_len = mp->m_len;
1163 * The IO_METASYNC flag indicates that all metadata (and not just
1164 * enough to ensure data integrity) mus be written to stable storage
1166 * (IO_METASYNC is not yet implemented in 4.4BSD-Lite.)
1168 if (stable == NFSV3WRITE_UNSTABLE)
1169 ioflags = IO_NODELOCKED;
1170 else if (stable == NFSV3WRITE_DATASYNC)
1171 ioflags = (IO_SYNC | IO_NODELOCKED);
1173 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1174 uiop->uio_resid = len;
1175 uiop->uio_rw = UIO_WRITE;
1176 uiop->uio_segflg = UIO_SYSSPACE;
1177 uiop->uio_td = NULL;
1178 uiop->uio_offset = off;
1179 nh = nfsrv_sequential_heuristic(uiop, vp);
1180 ioflags |= nh->nh_seqcount << IO_SEQSHIFT;
1181 error = VOP_WRITE(vp, uiop, ioflags, cred);
1183 nh->nh_nextoff = uiop->uio_offset;
1184 /* Unlocked write. */
1185 nfsrvstats.srvvop_writes++;
1186 free((caddr_t)iv, M_TEMP);
1188 aftat_ret = VOP_GETATTR(vp, vap, cred);
1194 nfsm_reply(NFSX_PREOPATTR(v3) + NFSX_POSTOPORFATTR(v3) +
1195 2 * NFSX_UNSIGNED + NFSX_WRITEVERF(v3));
1197 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1202 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
1203 *tl++ = txdr_unsigned(retlen);
1205 * If nfs_async is set, then pretend the write was FILESYNC.
1207 if (stable == NFSV3WRITE_UNSTABLE && !nfs_async)
1208 *tl++ = txdr_unsigned(stable);
1210 *tl++ = txdr_unsigned(NFSV3WRITE_FILESYNC);
1212 * Actually, there is no need to txdr these fields,
1213 * but it may make the values more human readable,
1214 * for debugging purposes.
1216 if (nfsver.tv_sec == 0)
1218 *tl++ = txdr_unsigned(nfsver.tv_sec);
1219 *tl = txdr_unsigned(nfsver.tv_usec);
1220 } else if (!error) {
1221 /* v2 non-error case. */
1222 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1223 nfsm_srvfillattr(vap, fp);
1229 vn_finished_write(mntp);
1230 VFS_UNLOCK_GIANT(vfslocked);
1235 * nfs create service
1236 * now does a truncate to 0 length via. setattr if it already exists
1239 nfsrv_create(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1242 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1243 struct sockaddr *nam = nfsd->nd_nam;
1244 caddr_t dpos = nfsd->nd_dpos;
1245 struct ucred *cred = nfsd->nd_cr;
1246 struct nfs_fattr *fp;
1247 struct vattr va, dirfor, diraft;
1248 struct vattr *vap = &va;
1249 struct nfsv2_sattr *sp;
1251 struct nameidata nd;
1253 int error = 0, rdev, len, tsize, dirfor_ret = 1, diraft_ret = 1;
1254 int v3 = (nfsd->nd_flag & ND_NFSV3), how, exclusive_flag = 0;
1255 struct mbuf *mb, *mreq;
1256 struct vnode *dirp = NULL;
1260 struct timespec cverf;
1261 struct mount *mp = NULL;
1265 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1272 fhp = &nfh.fh_generic;
1274 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1278 vfslocked = VFS_LOCK_GIANT(mp);
1279 (void) vn_start_write(NULL, &mp, V_WAIT);
1280 vfs_rel(mp); /* The write holds a ref. */
1281 nfsm_srvnamesiz(len);
1283 nd.ni_cnd.cn_cred = cred;
1284 nd.ni_cnd.cn_nameiop = CREATE;
1285 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE;
1288 * Call namei and do initial cleanup to get a few things
1289 * out of the way. If we get an initial error we cleanup
1290 * and return here to avoid special-casing the invalid nd
1291 * structure through the rest of the case. dirp may be
1292 * set even if an error occurs, but the nd structure will not
1293 * be valid at all if an error occurs so we have to invalidate it
1294 * prior to calling nfsm_reply ( which might goto nfsmout ).
1296 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
1297 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
1298 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1304 nfsm_reply(NFSX_WCCDATA(v3));
1306 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1312 * No error. Continue. State:
1314 * startdir is valid ( we release this immediately )
1316 * nd.ni_vp may be valid
1317 * nd.ni_dvp is valid
1319 * The error state is set through the code and we may also do some
1320 * opportunistic releasing of vnodes to avoid holding locks through
1321 * NFS I/O. The cleanup at the end is a catch-all
1326 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
1327 how = fxdr_unsigned(int, *tl);
1329 case NFSV3CREATE_GUARDED:
1335 case NFSV3CREATE_UNCHECKED:
1338 case NFSV3CREATE_EXCLUSIVE:
1339 tl = nfsm_dissect_nonblock(u_int32_t *,
1341 /* Unique bytes, endianness is not important. */
1342 cverf.tv_sec = (int32_t)tl[0];
1343 cverf.tv_nsec = tl[1];
1347 vap->va_type = VREG;
1349 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
1350 vap->va_type = IFTOVT(fxdr_unsigned(u_int32_t, sp->sa_mode));
1351 if (vap->va_type == VNON)
1352 vap->va_type = VREG;
1353 vap->va_mode = nfstov_mode(sp->sa_mode);
1354 switch (vap->va_type) {
1356 tsize = fxdr_unsigned(int32_t, sp->sa_size);
1358 vap->va_size = (u_quad_t)tsize;
1363 rdev = fxdr_unsigned(long, sp->sa_size);
1371 * Iff doesn't exist, create it
1372 * otherwise just truncate to 0 length
1373 * should I set the mode too ?
1375 * The only possible error we can have at this point is EEXIST.
1376 * nd.ni_vp will also be non-NULL in that case.
1378 if (nd.ni_vp == NULL) {
1379 if (vap->va_mode == (mode_t)VNOVAL)
1381 if (vap->va_type == VREG || vap->va_type == VSOCK) {
1382 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1384 NDFREE(&nd, NDF_ONLY_PNBUF);
1386 if (exclusive_flag) {
1389 vap->va_atime = cverf;
1390 error = VOP_SETATTR(nd.ni_vp, vap,
1394 } else if (vap->va_type == VCHR || vap->va_type == VBLK ||
1395 vap->va_type == VFIFO) {
1397 * NFSv2-specific code for creating device nodes
1400 * Handle SysV FIFO node special cases. All other
1401 * devices require super user to access.
1403 if (vap->va_type == VCHR && rdev == 0xffffffff)
1404 vap->va_type = VFIFO;
1405 if (vap->va_type != VFIFO &&
1406 (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV,
1410 vap->va_rdev = rdev;
1411 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1413 NDFREE(&nd, NDF_ONLY_PNBUF);
1420 * release dvp prior to lookup
1427 * Even though LOCKPARENT was cleared, ni_dvp may
1430 nd.ni_cnd.cn_nameiop = LOOKUP;
1431 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
1432 nd.ni_cnd.cn_thread = curthread;
1433 nd.ni_cnd.cn_cred = cred;
1434 tvfslocked = VFS_LOCK_GIANT(nd.ni_startdir->v_mount);
1436 nd.ni_cnd.cn_flags |= GIANTHELD;
1437 error = lookup(&nd);
1439 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1440 nd.ni_cnd.cn_flags &= ~GIANTHELD;
1444 if (nd.ni_cnd.cn_flags & ISSYMLINK) {
1452 if (vap->va_size != -1) {
1453 error = nfsrv_access(nd.ni_vp, VWRITE,
1454 cred, (nd.ni_cnd.cn_flags & RDONLY), 0);
1456 tempsize = vap->va_size;
1458 vap->va_size = tempsize;
1459 error = VOP_SETATTR(nd.ni_vp, vap, cred);
1465 bzero((caddr_t)fhp, sizeof(nfh));
1466 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
1467 error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
1469 error = VOP_GETATTR(nd.ni_vp, vap, cred);
1472 if (exclusive_flag && !error &&
1473 bcmp(&cverf, &vap->va_atime, sizeof (cverf)))
1475 if (dirp == nd.ni_dvp)
1476 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1478 /* Drop the other locks to avoid deadlock. */
1480 if (nd.ni_dvp == nd.ni_vp)
1490 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
1491 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1492 VOP_UNLOCK(dirp, 0);
1496 nfsm_reply(NFSX_SRVFH(v3) + NFSX_FATTR(v3) + NFSX_WCCDATA(v3));
1499 nfsm_srvpostop_fh(fhp);
1500 nfsm_srvpostop_attr(0, vap);
1502 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1503 } else if (!error) {
1504 /* v2 non-error case. */
1505 nfsm_srvfhtom(fhp, v3);
1506 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1507 nfsm_srvfillattr(vap, fp);
1513 if (nd.ni_dvp == nd.ni_vp)
1520 if (nd.ni_startdir) {
1521 vrele(nd.ni_startdir);
1522 nd.ni_startdir = NULL;
1526 NDFREE(&nd, NDF_ONLY_PNBUF);
1527 vn_finished_write(mp);
1528 VFS_UNLOCK_GIANT(vfslocked);
1533 * nfs v3 mknod service
1536 nfsrv_mknod(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1539 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1540 struct sockaddr *nam = nfsd->nd_nam;
1541 caddr_t dpos = nfsd->nd_dpos;
1542 struct ucred *cred = nfsd->nd_cr;
1543 struct vattr va, dirfor, diraft;
1544 struct vattr *vap = &va;
1545 struct thread *td = curthread;
1547 struct nameidata nd;
1549 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
1550 u_int32_t major, minor;
1552 struct mbuf *mb, *mreq;
1553 struct vnode *vp, *dirp = NULL;
1556 struct mount *mp = NULL;
1557 int v3 = (nfsd->nd_flag & ND_NFSV3);
1561 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1564 panic("nfsrv_mknod: v3 proc called on a v2 connection");
1567 fhp = &nfh.fh_generic;
1569 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1573 vfslocked = VFS_LOCK_GIANT(mp);
1574 (void) vn_start_write(NULL, &mp, V_WAIT);
1575 vfs_rel(mp); /* The write holds a ref. */
1576 nfsm_srvnamesiz(len);
1578 nd.ni_cnd.cn_cred = cred;
1579 nd.ni_cnd.cn_nameiop = CREATE;
1580 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE;
1583 * Handle nfs_namei() call. If an error occurs, the nd structure
1584 * is not valid. However, nfsm_*() routines may still jump to
1588 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
1589 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
1590 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1592 nfsm_reply(NFSX_WCCDATA(1));
1593 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1597 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
1598 vtyp = nfsv3tov_type(*tl);
1599 if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
1600 error = NFSERR_BADTYPE;
1605 if (vtyp == VCHR || vtyp == VBLK) {
1606 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
1607 major = fxdr_unsigned(u_int32_t, *tl++);
1608 minor = fxdr_unsigned(u_int32_t, *tl);
1609 vap->va_rdev = makedev(major, minor);
1613 * Iff doesn't exist, create it.
1619 vap->va_type = vtyp;
1620 if (vap->va_mode == (mode_t)VNOVAL)
1622 if (vtyp == VSOCK) {
1623 vrele(nd.ni_startdir);
1624 nd.ni_startdir = NULL;
1625 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1627 NDFREE(&nd, NDF_ONLY_PNBUF);
1629 if (vtyp != VFIFO && (error = priv_check_cred(cred,
1630 PRIV_VFS_MKNOD_DEV, 0)))
1632 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1634 NDFREE(&nd, NDF_ONLY_PNBUF);
1641 * Release dvp prior to lookup
1646 nd.ni_cnd.cn_nameiop = LOOKUP;
1647 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
1648 nd.ni_cnd.cn_thread = td;
1649 nd.ni_cnd.cn_cred = td->td_ucred;
1650 tvfslocked = VFS_LOCK_GIANT(nd.ni_startdir->v_mount);
1652 nd.ni_cnd.cn_flags |= GIANTHELD;
1653 error = lookup(&nd);
1655 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1656 nd.ni_cnd.cn_flags &= ~GIANTHELD;
1660 if (nd.ni_cnd.cn_flags & ISSYMLINK)
1665 * send response, cleanup, return.
1670 bzero((caddr_t)fhp, sizeof(nfh));
1671 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
1672 error = VOP_VPTOFH(vp, &fhp->fh_fid);
1674 error = VOP_GETATTR(vp, vap, cred);
1677 if (nd.ni_dvp == nd.ni_vp)
1688 if (nd.ni_startdir) {
1689 vrele(nd.ni_startdir);
1690 nd.ni_startdir = NULL;
1692 NDFREE(&nd, NDF_ONLY_PNBUF);
1694 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
1695 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1699 nfsm_reply(NFSX_SRVFH(1) + NFSX_POSTOPATTR(1) + NFSX_WCCDATA(1));
1702 nfsm_srvpostop_fh(fhp);
1703 nfsm_srvpostop_attr(0, vap);
1705 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1707 vn_finished_write(mp);
1708 VFS_UNLOCK_GIANT(vfslocked);
1712 if (nd.ni_dvp == nd.ni_vp)
1722 vrele(nd.ni_startdir);
1723 NDFREE(&nd, NDF_ONLY_PNBUF);
1724 vn_finished_write(mp);
1725 VFS_UNLOCK_GIANT(vfslocked);
1730 * nfs remove service
1733 nfsrv_remove(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1736 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1737 struct sockaddr *nam = nfsd->nd_nam;
1738 caddr_t dpos = nfsd->nd_dpos;
1739 struct ucred *cred = nfsd->nd_cr;
1740 struct nameidata nd;
1742 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
1743 int v3 = (nfsd->nd_flag & ND_NFSV3);
1744 struct mbuf *mb, *mreq;
1746 struct vattr dirfor, diraft;
1749 struct mount *mp = NULL;
1752 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1756 fhp = &nfh.fh_generic;
1758 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1762 vfslocked = VFS_LOCK_GIANT(mp);
1763 (void) vn_start_write(NULL, &mp, V_WAIT);
1764 vfs_rel(mp); /* The write holds a ref. */
1765 nfsm_srvnamesiz(len);
1767 nd.ni_cnd.cn_cred = cred;
1768 nd.ni_cnd.cn_nameiop = DELETE;
1769 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | MPSAFE;
1770 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
1771 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
1772 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1778 if (nd.ni_vp->v_type == VDIR) {
1779 error = EPERM; /* POSIX */
1783 * The root of a mounted filesystem cannot be deleted.
1785 if (nd.ni_vp->v_vflag & VV_ROOT) {
1791 error = VOP_REMOVE(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
1792 NDFREE(&nd, NDF_ONLY_PNBUF);
1796 if (dirp == nd.ni_dvp)
1797 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1799 /* Drop the other locks to avoid deadlock. */
1801 if (nd.ni_dvp == nd.ni_vp)
1811 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
1812 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1813 VOP_UNLOCK(dirp, 0);
1819 nfsm_reply(NFSX_WCCDATA(v3));
1821 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1824 NDFREE(&nd, NDF_ONLY_PNBUF);
1826 if (nd.ni_dvp == nd.ni_vp)
1833 vn_finished_write(mp);
1834 VFS_UNLOCK_GIANT(vfslocked);
1839 * nfs rename service
1842 nfsrv_rename(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1845 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1846 struct sockaddr *nam = nfsd->nd_nam;
1847 caddr_t dpos = nfsd->nd_dpos;
1848 struct ucred *cred = nfsd->nd_cr;
1850 int error = 0, len, len2, fdirfor_ret = 1, fdiraft_ret = 1;
1851 int tdirfor_ret = 1, tdiraft_ret = 1;
1852 int v3 = (nfsd->nd_flag & ND_NFSV3);
1853 struct mbuf *mb, *mreq;
1854 struct nameidata fromnd, tond;
1855 struct vnode *fvp, *tvp, *tdvp, *fdirp = NULL;
1856 struct vnode *tdirp = NULL;
1857 struct vattr fdirfor, fdiraft, tdirfor, tdiraft;
1859 fhandle_t *ffhp, *tfhp;
1861 struct mount *mp = NULL;
1864 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1869 ffhp = &fnfh.fh_generic;
1870 tfhp = &tnfh.fh_generic;
1873 * Clear fields incase goto nfsmout occurs from macro.
1879 nfsm_srvmtofh(ffhp);
1880 if ((mp = vfs_getvfs(&ffhp->fh_fsid)) == NULL) {
1884 vfslocked = VFS_LOCK_GIANT(mp);
1885 (void) vn_start_write(NULL, &mp, V_WAIT);
1886 vfs_rel(mp); /* The write holds a ref. */
1887 nfsm_srvnamesiz(len);
1889 * Remember our original uid so that we can reset cr_uid before
1890 * the second nfs_namei() call, in case it is remapped.
1892 saved_uid = cred->cr_uid;
1893 fromnd.ni_cnd.cn_cred = cred;
1894 fromnd.ni_cnd.cn_nameiop = DELETE;
1895 fromnd.ni_cnd.cn_flags = WANTPARENT | SAVESTART | MPSAFE;
1896 error = nfs_namei(&fromnd, nfsd, ffhp, len, slp, nam, &md,
1897 &dpos, &fdirp, v3, &fdirfor, &fdirfor_ret, FALSE);
1898 vfslocked = nfsrv_lockedpair_nd(vfslocked, &fromnd);
1904 nfsm_reply(2 * NFSX_WCCDATA(v3));
1906 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
1907 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
1913 nfsm_srvmtofh(tfhp);
1914 nfsm_srvnamesiz(len2);
1915 cred->cr_uid = saved_uid;
1916 tond.ni_cnd.cn_cred = cred;
1917 tond.ni_cnd.cn_nameiop = RENAME;
1918 tond.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART | MPSAFE;
1919 error = nfs_namei(&tond, nfsd, tfhp, len2, slp, nam, &md,
1920 &dpos, &tdirp, v3, &tdirfor, &tdirfor_ret, FALSE);
1921 vfslocked = nfsrv_lockedpair_nd(vfslocked, &tond);
1932 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
1938 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
1945 if (tvp->v_type == VDIR && tvp->v_mountedhere) {
1953 if (fvp->v_type == VDIR && fvp->v_mountedhere) {
1960 if (fvp->v_mount != tdvp->v_mount) {
1974 * If source is the same as the destination (that is the
1975 * same vnode with the same name in the same directory),
1976 * then there is nothing to do.
1978 if (fvp == tvp && fromnd.ni_dvp == tdvp &&
1979 fromnd.ni_cnd.cn_namelen == tond.ni_cnd.cn_namelen &&
1980 !bcmp(fromnd.ni_cnd.cn_nameptr, tond.ni_cnd.cn_nameptr,
1981 fromnd.ni_cnd.cn_namelen))
1986 * The VOP_RENAME function releases all vnode references &
1987 * locks prior to returning so we need to clear the pointers
1988 * to bypass cleanup code later on.
1990 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
1991 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
1992 fromnd.ni_dvp = NULL;
1993 fromnd.ni_vp = NULL;
1997 NDFREE(&fromnd, NDF_ONLY_PNBUF);
1998 NDFREE(&tond, NDF_ONLY_PNBUF);
2006 nfsm_reply(2 * NFSX_WCCDATA(v3));
2008 /* Release existing locks to prevent deadlock. */
2010 if (tond.ni_dvp == tond.ni_vp)
2021 vn_lock(fdirp, LK_EXCLUSIVE | LK_RETRY);
2022 fdiraft_ret = VOP_GETATTR(fdirp, &fdiraft, cred);
2023 VOP_UNLOCK(fdirp, 0);
2026 vn_lock(tdirp, LK_EXCLUSIVE | LK_RETRY);
2027 tdiraft_ret = VOP_GETATTR(tdirp, &tdiraft, cred);
2028 VOP_UNLOCK(tdirp, 0);
2030 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
2031 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
2038 * Clear out tond related fields
2041 if (tond.ni_dvp == tond.ni_vp)
2050 if (tond.ni_startdir)
2051 vrele(tond.ni_startdir);
2052 NDFREE(&tond, NDF_ONLY_PNBUF);
2054 * Clear out fromnd related fields
2058 if (fromnd.ni_startdir)
2059 vrele(fromnd.ni_startdir);
2060 NDFREE(&fromnd, NDF_ONLY_PNBUF);
2062 vrele(fromnd.ni_dvp);
2064 vrele(fromnd.ni_vp);
2066 vn_finished_write(mp);
2067 VFS_UNLOCK_GIANT(vfslocked);
2075 nfsrv_link(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2078 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2079 struct sockaddr *nam = nfsd->nd_nam;
2080 caddr_t dpos = nfsd->nd_dpos;
2081 struct ucred *cred = nfsd->nd_cr;
2082 struct nameidata nd;
2084 int error = 0, rdonly, len, dirfor_ret = 1, diraft_ret = 1;
2085 int getret = 1, v3 = (nfsd->nd_flag & ND_NFSV3);
2086 struct mbuf *mb, *mreq;
2087 struct vnode *vp = NULL, *xp, *dirp = NULL;
2088 struct vattr dirfor, diraft, at;
2090 fhandle_t *fhp, *dfhp;
2091 struct mount *mp = NULL;
2095 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2099 fhp = &nfh.fh_generic;
2100 dfhp = &dnfh.fh_generic;
2102 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2106 vfslocked = VFS_LOCK_GIANT(mp);
2107 (void) vn_start_write(NULL, &mp, V_WAIT);
2108 vfs_rel(mp); /* The write holds a ref. */
2109 nfsm_srvmtofh(dfhp);
2110 nfsm_srvnamesiz(len);
2112 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
2113 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
2115 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2117 nfsm_srvpostop_attr(getret, &at);
2118 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2125 getret = VOP_GETATTR(vp, &at, cred);
2126 if (vp->v_type == VDIR) {
2127 error = EPERM; /* POSIX */
2131 nd.ni_cnd.cn_cred = cred;
2132 nd.ni_cnd.cn_nameiop = CREATE;
2133 nd.ni_cnd.cn_flags = LOCKPARENT | MPSAFE | MPSAFE;
2134 error = nfs_namei(&nd, nfsd, dfhp, len, slp, nam, &md, &dpos,
2135 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2136 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2154 if (vp->v_mount != xp->v_mount) {
2160 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2161 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
2162 NDFREE(&nd, NDF_ONLY_PNBUF);
2167 getret = VOP_GETATTR(vp, &at, cred);
2170 if (dirp == nd.ni_dvp)
2171 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2173 /* Release existing locks to prevent deadlock. */
2175 if (nd.ni_dvp == nd.ni_vp)
2185 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2186 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2187 VOP_UNLOCK(dirp, 0);
2191 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2193 nfsm_srvpostop_attr(getret, &at);
2194 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2200 NDFREE(&nd, NDF_ONLY_PNBUF);
2204 if (nd.ni_dvp == nd.ni_vp)
2213 vn_finished_write(mp);
2214 VFS_UNLOCK_GIANT(vfslocked);
2219 * nfs symbolic link service
2222 nfsrv_symlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2225 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2226 struct sockaddr *nam = nfsd->nd_nam;
2227 caddr_t dpos = nfsd->nd_dpos;
2228 struct ucred *cred = nfsd->nd_cr;
2229 struct vattr va, dirfor, diraft;
2230 struct nameidata nd;
2231 struct vattr *vap = &va;
2232 struct nfsv2_sattr *sp;
2233 char *bpos, *pathcp = NULL;
2236 int error = 0, len, len2, dirfor_ret = 1, diraft_ret = 1;
2237 int v3 = (nfsd->nd_flag & ND_NFSV3);
2238 struct mbuf *mb, *mreq;
2239 struct vnode *dirp = NULL;
2242 struct mount *mp = NULL;
2246 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2250 fhp = &nfh.fh_generic;
2252 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2256 vfslocked = VFS_LOCK_GIANT(mp);
2257 (void) vn_start_write(NULL, &mp, V_WAIT);
2258 vfs_rel(mp); /* The write holds a ref. */
2259 nfsm_srvnamesiz(len);
2260 nd.ni_cnd.cn_cred = cred;
2261 nd.ni_cnd.cn_nameiop = CREATE;
2262 nd.ni_cnd.cn_flags = LOCKPARENT | SAVESTART | MPSAFE;
2263 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
2264 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2265 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2270 nfsm_srvpathsiz(len2);
2278 pathcp = malloc(len2 + 1, M_TEMP, M_WAITOK);
2279 iv.iov_base = pathcp;
2281 io.uio_resid = len2;
2285 io.uio_segflg = UIO_SYSSPACE;
2286 io.uio_rw = UIO_READ;
2288 nfsm_mtouio(&io, len2);
2290 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
2291 vap->va_mode = nfstov_mode(sp->sa_mode);
2293 *(pathcp + len2) = '\0';
2300 * issue symlink op. SAVESTART is set so the underlying path component
2301 * is only freed by the VOP if an error occurs.
2303 if (vap->va_mode == (mode_t)VNOVAL)
2305 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap, pathcp);
2307 NDFREE(&nd, NDF_ONLY_PNBUF);
2312 * releases directory prior to potential lookup op.
2320 * Issue lookup. Leave SAVESTART set so we can easily free
2321 * the name buffer later on.
2323 * since LOCKPARENT is not set, ni_dvp will be garbage on
2324 * return whether an error occurs or not.
2326 nd.ni_cnd.cn_nameiop = LOOKUP;
2327 nd.ni_cnd.cn_flags &= ~(LOCKPARENT | FOLLOW);
2328 nd.ni_cnd.cn_flags |= (NOFOLLOW | LOCKLEAF);
2329 nd.ni_cnd.cn_thread = curthread;
2330 nd.ni_cnd.cn_cred = cred;
2331 tvfslocked = VFS_LOCK_GIANT(nd.ni_startdir->v_mount);
2333 nd.ni_cnd.cn_flags |= GIANTHELD;
2334 error = lookup(&nd);
2336 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2337 nd.ni_cnd.cn_flags &= ~GIANTHELD;
2340 bzero((caddr_t)fhp, sizeof(nfh));
2341 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
2342 error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
2344 error = VOP_GETATTR(nd.ni_vp, vap, cred);
2352 * These releases aren't strictly required, does even doing them
2353 * make any sense? XXX can nfsm_reply() block?
2356 free(pathcp, M_TEMP);
2360 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2361 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2362 VOP_UNLOCK(dirp, 0);
2364 if (nd.ni_startdir) {
2365 vrele(nd.ni_startdir);
2366 nd.ni_startdir = NULL;
2368 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2371 nfsm_srvpostop_fh(fhp);
2372 nfsm_srvpostop_attr(0, vap);
2374 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2380 NDFREE(&nd, NDF_ONLY_PNBUF);
2382 if (nd.ni_dvp == nd.ni_vp)
2390 vrele(nd.ni_startdir);
2394 free(pathcp, M_TEMP);
2396 vn_finished_write(mp);
2397 VFS_UNLOCK_GIANT(vfslocked);
2405 nfsrv_mkdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2408 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2409 struct sockaddr *nam = nfsd->nd_nam;
2410 caddr_t dpos = nfsd->nd_dpos;
2411 struct ucred *cred = nfsd->nd_cr;
2412 struct vattr va, dirfor, diraft;
2413 struct vattr *vap = &va;
2414 struct nfs_fattr *fp;
2415 struct nameidata nd;
2418 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2419 int v3 = (nfsd->nd_flag & ND_NFSV3);
2420 struct mbuf *mb, *mreq;
2421 struct vnode *dirp = NULL;
2425 struct mount *mp = NULL;
2428 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2432 fhp = &nfh.fh_generic;
2434 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2438 vfslocked = VFS_LOCK_GIANT(mp);
2439 (void) vn_start_write(NULL, &mp, V_WAIT);
2440 vfs_rel(mp); /* The write holds a ref. */
2441 nfsm_srvnamesiz(len);
2442 nd.ni_cnd.cn_cred = cred;
2443 nd.ni_cnd.cn_nameiop = CREATE;
2444 nd.ni_cnd.cn_flags = LOCKPARENT | MPSAFE;
2446 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
2447 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2448 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2454 nfsm_reply(NFSX_WCCDATA(v3));
2456 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2464 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
2465 vap->va_mode = nfstov_mode(*tl++);
2469 * At this point nd.ni_dvp is referenced and exclusively locked and
2470 * nd.ni_vp, if it exists, is referenced but not locked.
2473 vap->va_type = VDIR;
2474 if (nd.ni_vp != NULL) {
2475 NDFREE(&nd, NDF_ONLY_PNBUF);
2481 * Issue mkdir op. Since SAVESTART is not set, the pathname
2482 * component is freed by the VOP call. This will fill-in
2483 * nd.ni_vp, reference, and exclusively lock it.
2485 if (vap->va_mode == (mode_t)VNOVAL)
2487 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
2488 NDFREE(&nd, NDF_ONLY_PNBUF);
2495 bzero((caddr_t)fhp, sizeof(nfh));
2496 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
2497 error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
2499 error = VOP_GETATTR(nd.ni_vp, vap, cred);
2503 if (dirp == nd.ni_dvp) {
2504 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2506 /* Release existing locks to prevent deadlock. */
2508 NDFREE(&nd, NDF_ONLY_PNBUF);
2509 if (nd.ni_dvp == nd.ni_vp && vpexcl)
2522 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2523 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2524 VOP_UNLOCK(dirp, 0);
2527 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2530 nfsm_srvpostop_fh(fhp);
2531 nfsm_srvpostop_attr(0, vap);
2533 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2534 } else if (!error) {
2535 /* v2 non-error case. */
2536 nfsm_srvfhtom(fhp, v3);
2537 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
2538 nfsm_srvfillattr(vap, fp);
2545 NDFREE(&nd, NDF_ONLY_PNBUF);
2546 if (nd.ni_dvp == nd.ni_vp && vpexcl)
2559 vn_finished_write(mp);
2560 VFS_UNLOCK_GIANT(vfslocked);
2568 nfsrv_rmdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2571 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2572 struct sockaddr *nam = nfsd->nd_nam;
2573 caddr_t dpos = nfsd->nd_dpos;
2574 struct ucred *cred = nfsd->nd_cr;
2576 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2577 int v3 = (nfsd->nd_flag & ND_NFSV3);
2578 struct mbuf *mb, *mreq;
2579 struct vnode *vp, *dirp = NULL;
2580 struct vattr dirfor, diraft;
2583 struct nameidata nd;
2584 struct mount *mp = NULL;
2587 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2591 fhp = &nfh.fh_generic;
2593 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2597 vfslocked = VFS_LOCK_GIANT(mp);
2598 (void) vn_start_write(NULL, &mp, V_WAIT);
2599 vfs_rel(mp); /* The write holds a ref. */
2600 nfsm_srvnamesiz(len);
2601 nd.ni_cnd.cn_cred = cred;
2602 nd.ni_cnd.cn_nameiop = DELETE;
2603 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | MPSAFE;
2604 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
2605 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2606 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2612 nfsm_reply(NFSX_WCCDATA(v3));
2614 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2619 if (vp->v_type != VDIR) {
2624 * No rmdir "." please.
2626 if (nd.ni_dvp == vp) {
2631 * The root of a mounted filesystem cannot be deleted.
2633 if (vp->v_vflag & VV_ROOT)
2637 * Issue or abort op. Since SAVESTART is not set, path name
2638 * component is freed by the VOP after either.
2641 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
2642 NDFREE(&nd, NDF_ONLY_PNBUF);
2645 if (dirp == nd.ni_dvp)
2646 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2648 /* Release existing locks to prevent deadlock. */
2650 if (nd.ni_dvp == nd.ni_vp)
2659 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2660 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2661 VOP_UNLOCK(dirp, 0);
2664 nfsm_reply(NFSX_WCCDATA(v3));
2667 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2671 NDFREE(&nd, NDF_ONLY_PNBUF);
2673 if (nd.ni_dvp == nd.ni_vp)
2683 vn_finished_write(mp);
2684 VFS_UNLOCK_GIANT(vfslocked);
2689 * nfs readdir service
2690 * - mallocs what it thinks is enough to read
2691 * count rounded up to a multiple of NFS_DIRBLKSIZ <= NFS_MAXREADDIR
2692 * - calls VOP_READDIR()
2693 * - loops around building the reply
2694 * if the output generated exceeds count break out of loop
2695 * The nfsm_clget macro is used here so that the reply will be packed
2696 * tightly in mbuf clusters.
2697 * - it only knows that it has encountered eof when the VOP_READDIR()
2699 * - as such one readdir rpc will return eof false although you are there
2700 * and then the next will return eof
2701 * - it trims out records with d_fileno == 0
2702 * this doesn't matter for Unix clients, but they might confuse clients
2704 * NB: It is tempting to set eof to true if the VOP_READDIR() reads less
2705 * than requested, but this may not apply to all filesystems. For
2706 * example, client NFS does not { although it is never remote mounted
2708 * The alternate call nfsrv_readdirplus() does lookups as well.
2709 * PS: The NFS protocol spec. does not clarify what the "count" byte
2710 * argument is a count of.. just name strings and file id's or the
2711 * entire reply rpc or ...
2712 * I tried just file name and id sizes and it confused the Sun client,
2713 * so I am using the full rpc size now. The "paranoia.." comment refers
2714 * to including the status longwords that are not a part of the dir.
2715 * "entry" structures, but are in the rpc.
2719 u_int32_t fl_postopok;
2720 u_int32_t fl_fattr[NFSX_V3FATTR / sizeof (u_int32_t)];
2722 u_int32_t fl_fhsize;
2723 u_int32_t fl_nfh[NFSX_V3FH / sizeof (u_int32_t)];
2727 nfsrv_readdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2730 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2731 struct sockaddr *nam = nfsd->nd_nam;
2732 caddr_t dpos = nfsd->nd_dpos;
2733 struct ucred *cred = nfsd->nd_cr;
2740 struct mbuf *mb, *mreq;
2741 char *cpos, *cend, *rbuf;
2742 struct vnode *vp = NULL;
2748 int len, nlen, rem, xfer, tsiz, i, error = 0, getret = 1;
2749 int siz, cnt, fullsiz, eofflag, rdonly, ncookies;
2750 int v3 = (nfsd->nd_flag & ND_NFSV3);
2751 u_quad_t off, toff, verf;
2752 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
2753 int vfslocked, not_zfs;
2755 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2757 fhp = &nfh.fh_generic;
2760 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
2761 toff = fxdr_hyper(tl);
2763 verf = fxdr_hyper(tl);
2766 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
2767 toff = fxdr_unsigned(u_quad_t, *tl++);
2768 verf = 0; /* shut up gcc */
2771 cnt = fxdr_unsigned(int, *tl);
2772 siz = ((cnt + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
2773 xfer = NFS_SRVMAXDATA(nfsd);
2779 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
2780 if (!error && vp->v_type != VDIR) {
2786 nfsm_reply(NFSX_UNSIGNED);
2788 nfsm_srvpostop_attr(getret, &at);
2794 * Obtain lock on vnode for this section of the code
2797 error = getret = VOP_GETATTR(vp, &at, cred);
2800 * XXX This check may be too strict for Solaris 2.5 clients.
2802 if (!error && toff && verf && verf != at.va_filerev)
2803 error = NFSERR_BAD_COOKIE;
2807 error = nfsrv_access(vp, VEXEC, cred, rdonly, 0);
2811 nfsm_reply(NFSX_POSTOPATTR(v3));
2813 nfsm_srvpostop_attr(getret, &at);
2817 not_zfs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "zfs") != 0;
2821 * end section. Allocate rbuf and continue
2823 rbuf = malloc(siz, M_TEMP, M_WAITOK);
2826 iv.iov_len = fullsiz;
2829 io.uio_offset = (off_t)off;
2830 io.uio_resid = fullsiz;
2831 io.uio_segflg = UIO_SYSSPACE;
2832 io.uio_rw = UIO_READ;
2836 free((caddr_t)cookies, M_TEMP);
2839 vn_lock(vp, LK_SHARED | LK_RETRY);
2840 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
2841 off = (off_t)io.uio_offset;
2842 if (!cookies && !error)
2843 error = NFSERR_PERM;
2845 getret = VOP_GETATTR(vp, &at, cred);
2853 free((caddr_t)rbuf, M_TEMP);
2855 free((caddr_t)cookies, M_TEMP);
2856 nfsm_reply(NFSX_POSTOPATTR(v3));
2858 nfsm_srvpostop_attr(getret, &at);
2863 siz -= io.uio_resid;
2866 * If nothing read, return eof
2872 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) +
2875 nfsm_srvpostop_attr(getret, &at);
2876 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
2877 txdr_hyper(at.va_filerev, tl);
2880 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
2881 *tl++ = nfsrv_nfs_false;
2882 *tl = nfsrv_nfs_true;
2883 free((caddr_t)rbuf, M_TEMP);
2884 free((caddr_t)cookies, M_TEMP);
2891 * Check for degenerate cases of nothing useful read.
2892 * If so go try again
2896 dp = (struct dirent *)cpos;
2899 * For some reason FreeBSD's ufs_readdir() chooses to back the
2900 * directory offset up to a block boundary, so it is necessary to
2901 * skip over the records that precede the requested offset. This
2902 * requires the assumption that file offset cookies monotonically
2904 * Since the offset cookies don't monotonically increase for ZFS,
2905 * this is not done when ZFS is the file system.
2907 while (cpos < cend && ncookies > 0 &&
2908 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
2909 (not_zfs != 0 && ((u_quad_t)(*cookiep)) <= toff))) {
2910 cpos += dp->d_reclen;
2911 dp = (struct dirent *)cpos;
2915 if (cpos >= cend || ncookies == 0) {
2921 len = 3 * NFSX_UNSIGNED; /* paranoia, probably can be 0 */
2922 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) + siz);
2924 nfsm_srvpostop_attr(getret, &at);
2925 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
2926 txdr_hyper(at.va_filerev, tl);
2930 be = bp + M_TRAILINGSPACE(mp);
2932 /* Loop through the records and build reply */
2933 while (cpos < cend && ncookies > 0) {
2934 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
2935 nlen = dp->d_namlen;
2936 rem = nfsm_rndup(nlen) - nlen;
2937 len += (4 * NFSX_UNSIGNED + nlen + rem);
2939 len += 2 * NFSX_UNSIGNED;
2945 * Build the directory record xdr from
2949 *tl = nfsrv_nfs_true;
2950 bp += NFSX_UNSIGNED;
2954 bp += NFSX_UNSIGNED;
2957 *tl = txdr_unsigned(dp->d_fileno);
2958 bp += NFSX_UNSIGNED;
2960 *tl = txdr_unsigned(nlen);
2961 bp += NFSX_UNSIGNED;
2963 /* And loop around copying the name */
2972 bcopy(cp, bp, tsiz);
2978 /* And null pad to an int32_t boundary. */
2979 for (i = 0; i < rem; i++)
2983 /* Finish off the record */
2986 bp += NFSX_UNSIGNED;
2989 *tl = txdr_unsigned(*cookiep);
2990 bp += NFSX_UNSIGNED;
2992 cpos += dp->d_reclen;
2993 dp = (struct dirent *)cpos;
3000 *tl = nfsrv_nfs_false;
3001 bp += NFSX_UNSIGNED;
3004 *tl = nfsrv_nfs_true;
3006 *tl = nfsrv_nfs_false;
3007 bp += NFSX_UNSIGNED;
3010 mp->m_len = bp - mtod(mp, caddr_t);
3012 mp->m_len += bp - bpos;
3013 free((caddr_t)rbuf, M_TEMP);
3014 free((caddr_t)cookies, M_TEMP);
3019 VFS_UNLOCK_GIANT(vfslocked);
3024 nfsrv_readdirplus(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3027 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3028 struct sockaddr *nam = nfsd->nd_nam;
3029 caddr_t dpos = nfsd->nd_dpos;
3030 struct ucred *cred = nfsd->nd_cr;
3037 struct mbuf *mb, *mreq;
3038 char *cpos, *cend, *rbuf;
3039 struct vnode *vp = NULL, *nvp;
3042 fhandle_t *fhp, *nfhp = (fhandle_t *)fl.fl_nfh;
3045 struct vattr va, at, *vap = &va;
3046 struct nfs_fattr *fp;
3047 int len, nlen, rem, xfer, tsiz, i, error = 0, error1, getret = 1;
3049 int siz, cnt, fullsiz, eofflag, rdonly, dirlen, ncookies;
3050 u_quad_t off, toff, verf;
3051 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
3052 int v3 = (nfsd->nd_flag & ND_NFSV3);
3053 int usevget = 1, vfslocked;
3054 struct componentname cn;
3055 struct mount *mntp = NULL;
3058 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3062 panic("nfsrv_readdirplus: v3 proc called on a v2 connection");
3063 fhp = &nfh.fh_generic;
3065 tl = nfsm_dissect_nonblock(u_int32_t *, 6 * NFSX_UNSIGNED);
3066 toff = fxdr_hyper(tl);
3068 verf = fxdr_hyper(tl);
3070 siz = fxdr_unsigned(int, *tl++);
3071 cnt = fxdr_unsigned(int, *tl);
3073 siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3074 xfer = NFS_SRVMAXDATA(nfsd);
3080 error = nfsrv_fhtovp(fhp, NFSRV_FLAG_BUSY, &vp, &vfslocked, nfsd, slp,
3085 if (vp->v_type != VDIR) {
3093 nfsm_reply(NFSX_UNSIGNED);
3094 nfsm_srvpostop_attr(getret, &at);
3098 error = getret = VOP_GETATTR(vp, &at, cred);
3101 * XXX This check may be too strict for Solaris 2.5 clients.
3103 if (!error && toff && verf && verf != at.va_filerev)
3104 error = NFSERR_BAD_COOKIE;
3107 error = nfsrv_access(vp, VEXEC, cred, rdonly, 0);
3112 nfsm_reply(NFSX_V3POSTOPATTR);
3113 nfsm_srvpostop_attr(getret, &at);
3117 not_zfs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "zfs") != 0;
3120 rbuf = malloc(siz, M_TEMP, M_WAITOK);
3123 iv.iov_len = fullsiz;
3126 io.uio_offset = (off_t)off;
3127 io.uio_resid = fullsiz;
3128 io.uio_segflg = UIO_SYSSPACE;
3129 io.uio_rw = UIO_READ;
3134 free((caddr_t)cookies, M_TEMP);
3137 vn_lock(vp, LK_SHARED | LK_RETRY);
3138 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
3139 off = (u_quad_t)io.uio_offset;
3140 getret = VOP_GETATTR(vp, &at, cred);
3143 if (!cookies && !error)
3144 error = NFSERR_PERM;
3151 free((caddr_t)cookies, M_TEMP);
3152 free((caddr_t)rbuf, M_TEMP);
3153 nfsm_reply(NFSX_V3POSTOPATTR);
3154 nfsm_srvpostop_attr(getret, &at);
3159 siz -= io.uio_resid;
3162 * If nothing read, return eof
3168 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3170 nfsm_srvpostop_attr(getret, &at);
3171 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
3172 txdr_hyper(at.va_filerev, tl);
3174 *tl++ = nfsrv_nfs_false;
3175 *tl = nfsrv_nfs_true;
3176 free((caddr_t)cookies, M_TEMP);
3177 free((caddr_t)rbuf, M_TEMP);
3184 * Check for degenerate cases of nothing useful read.
3185 * If so go try again
3189 dp = (struct dirent *)cpos;
3192 * For some reason FreeBSD's ufs_readdir() chooses to back the
3193 * directory offset up to a block boundary, so it is necessary to
3194 * skip over the records that precede the requested offset. This
3195 * requires the assumption that file offset cookies monotonically
3197 * Since the offset cookies don't monotonically increase for ZFS,
3198 * this is not done when ZFS is the file system.
3200 while (cpos < cend && ncookies > 0 &&
3201 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
3202 (not_zfs != 0 && ((u_quad_t)(*cookiep)) <= toff))) {
3203 cpos += dp->d_reclen;
3204 dp = (struct dirent *)cpos;
3208 if (cpos >= cend || ncookies == 0) {
3214 dirlen = len = NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3217 nfsm_srvpostop_attr(getret, &at);
3218 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3219 txdr_hyper(at.va_filerev, tl);
3222 be = bp + M_TRAILINGSPACE(mp);
3224 /* Loop through the records and build reply */
3225 while (cpos < cend && ncookies > 0) {
3226 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
3227 nlen = dp->d_namlen;
3228 rem = nfsm_rndup(nlen)-nlen;
3232 * For readdir_and_lookup get the vnode using
3235 error = VFS_VGET(mntp, dp->d_fileno, LK_SHARED,
3237 if (error != 0 && error != EOPNOTSUPP) {
3240 } else if (error == EOPNOTSUPP) {
3242 * VFS_VGET() not supported?
3243 * Let's switch to VOP_LOOKUP().
3247 cn.cn_nameiop = LOOKUP;
3248 cn.cn_flags = ISLASTCN | NOFOLLOW | \
3249 LOCKSHARED | LOCKLEAF | MPSAFE;
3250 cn.cn_lkflags = LK_SHARED | LK_RETRY;
3252 cn.cn_thread = curthread;
3256 cn.cn_nameptr = dp->d_name;
3257 cn.cn_namelen = dp->d_namlen;
3258 if (dp->d_namlen == 2 &&
3259 dp->d_name[0] == '.' &&
3260 dp->d_name[1] == '.') {
3261 cn.cn_flags |= ISDOTDOT;
3263 cn.cn_flags &= ~ISDOTDOT;
3266 vn_lock(vp, LK_SHARED | LK_RETRY);
3269 if ((vp->v_vflag & VV_ROOT) != 0 &&
3270 (cn.cn_flags & ISDOTDOT) != 0) {
3273 } else if (VOP_LOOKUP(vp, &nvp, &cn) != 0)
3277 bzero((caddr_t)nfhp, NFSX_V3FH);
3278 nfhp->fh_fsid = nvp->v_mount->mnt_stat.f_fsid;
3279 if ((error1 = VOP_VPTOFH(nvp, &nfhp->fh_fid)) == 0)
3280 error1 = VOP_GETATTR(nvp, vap, cred);
3281 if (!usevget && vp == nvp)
3290 * If either the dircount or maxcount will be
3291 * exceeded, get out now. Both of these lengths
3292 * are calculated conservatively, including all
3295 len += (8 * NFSX_UNSIGNED + nlen + rem + NFSX_V3FH +
3297 dirlen += (6 * NFSX_UNSIGNED + nlen + rem);
3298 if (len > cnt || dirlen > fullsiz) {
3304 * Build the directory record xdr from
3307 fp = (struct nfs_fattr *)&fl.fl_fattr;
3308 nfsm_srvfillattr(vap, fp);
3309 fl.fl_fhsize = txdr_unsigned(NFSX_V3FH);
3310 fl.fl_fhok = nfsrv_nfs_true;
3311 fl.fl_postopok = nfsrv_nfs_true;
3312 fl.fl_off.nfsuquad[0] = 0;
3313 fl.fl_off.nfsuquad[1] = txdr_unsigned(*cookiep);
3316 *tl = nfsrv_nfs_true;
3317 bp += NFSX_UNSIGNED;
3320 bp += NFSX_UNSIGNED;
3322 *tl = txdr_unsigned(dp->d_fileno);
3323 bp += NFSX_UNSIGNED;
3325 *tl = txdr_unsigned(nlen);
3326 bp += NFSX_UNSIGNED;
3328 /* And loop around copying the name */
3333 if ((bp + xfer) > be)
3337 bcopy(cp, bp, tsiz);
3343 /* And null pad to an int32_t boundary. */
3344 for (i = 0; i < rem; i++)
3348 * Now copy the flrep structure out.
3350 xfer = sizeof (struct flrep);
3354 if ((bp + xfer) > be)
3358 bcopy(cp, bp, tsiz);
3366 cpos += dp->d_reclen;
3367 dp = (struct dirent *)cpos;
3371 if (!usevget && vp_locked)
3377 *tl = nfsrv_nfs_false;
3378 bp += NFSX_UNSIGNED;
3381 *tl = nfsrv_nfs_true;
3383 *tl = nfsrv_nfs_false;
3384 bp += NFSX_UNSIGNED;
3387 mp->m_len = bp - mtod(mp, caddr_t);
3389 mp->m_len += bp - bpos;
3390 free((caddr_t)cookies, M_TEMP);
3391 free((caddr_t)rbuf, M_TEMP);
3397 VFS_UNLOCK_GIANT(vfslocked);
3402 * nfs commit service
3405 nfsrv_commit(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3408 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3409 struct sockaddr *nam = nfsd->nd_nam;
3410 caddr_t dpos = nfsd->nd_dpos;
3411 struct ucred *cred = nfsd->nd_cr;
3412 struct vattr bfor, aft;
3413 struct vnode *vp = NULL;
3418 int error = 0, rdonly, for_ret = 1, aft_ret = 1, cnt;
3419 struct mbuf *mb, *mreq;
3421 struct mount *mp = NULL;
3422 int v3 = (nfsd->nd_flag & ND_NFSV3);
3426 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3429 panic("nfsrv_commit: v3 proc called on a v2 connection");
3430 fhp = &nfh.fh_generic;
3432 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
3436 vfslocked = VFS_LOCK_GIANT(mp);
3437 (void) vn_start_write(NULL, &mp, V_WAIT);
3438 vfs_rel(mp); /* The write holds a ref. */
3439 tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
3442 * XXX At this time VOP_FSYNC() does not accept offset and byte
3443 * count parameters, so these arguments are useless (someday maybe).
3445 off = fxdr_hyper(tl);
3447 cnt = fxdr_unsigned(int, *tl);
3448 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
3449 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
3451 nfsm_reply(2 * NFSX_UNSIGNED);
3452 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
3456 for_ret = VOP_GETATTR(vp, &bfor, cred);
3458 if (cnt > MAX_COMMIT_COUNT) {
3460 * Give up and do the whole thing
3463 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
3464 VM_OBJECT_LOCK(vp->v_object);
3465 vm_object_page_clean(vp->v_object, 0, 0, OBJPC_SYNC);
3466 VM_OBJECT_UNLOCK(vp->v_object);
3468 error = VOP_FSYNC(vp, MNT_WAIT, curthread);
3471 * Locate and synchronously write any buffers that fall
3472 * into the requested range. Note: we are assuming that
3473 * f_iosize is a power of 2.
3475 int iosize = vp->v_mount->mnt_stat.f_iosize;
3476 int iomask = iosize - 1;
3481 * Align to iosize boundry, super-align to page boundry.
3484 cnt += off & iomask;
3485 off &= ~(u_quad_t)iomask;
3487 if (off & PAGE_MASK) {
3488 cnt += off & PAGE_MASK;
3489 off &= ~(u_quad_t)PAGE_MASK;
3491 lblkno = off / iosize;
3494 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
3495 VM_OBJECT_LOCK(vp->v_object);
3496 vm_object_page_clean(vp->v_object, off, off + cnt,
3498 VM_OBJECT_UNLOCK(vp->v_object);
3507 * If we have a buffer and it is marked B_DELWRI we
3508 * have to lock and write it. Otherwise the prior
3509 * write is assumed to have already been committed.
3511 * gbincore() can return invalid buffers now so we
3512 * have to check that bit as well (though B_DELWRI
3513 * should not be set if B_INVAL is set there could be
3514 * a race here since we haven't locked the buffer).
3516 if ((bp = gbincore(&vp->v_bufobj, lblkno)) != NULL) {
3517 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_SLEEPFAIL |
3518 LK_INTERLOCK, BO_MTX(bo)) == ENOLCK) {
3520 continue; /* retry */
3522 if ((bp->b_flags & (B_DELWRI|B_INVAL)) ==
3525 bp->b_flags &= ~B_ASYNC;
3541 aft_ret = VOP_GETATTR(vp, &aft, cred);
3545 nfsm_reply(NFSX_V3WCCDATA + NFSX_V3WRITEVERF);
3546 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
3548 tl = nfsm_build(u_int32_t *, NFSX_V3WRITEVERF);
3549 if (nfsver.tv_sec == 0)
3551 *tl++ = txdr_unsigned(nfsver.tv_sec);
3552 *tl = txdr_unsigned(nfsver.tv_usec);
3559 vn_finished_write(mp);
3560 VFS_UNLOCK_GIANT(vfslocked);
3565 * nfs statfs service
3568 nfsrv_statfs(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3571 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3572 struct sockaddr *nam = nfsd->nd_nam;
3573 caddr_t dpos = nfsd->nd_dpos;
3574 struct ucred *cred = nfsd->nd_cr;
3576 struct nfs_statfs *sfp;
3578 int error = 0, rdonly, getret = 1;
3579 int v3 = (nfsd->nd_flag & ND_NFSV3);
3580 struct mbuf *mb, *mreq;
3581 struct vnode *vp = NULL;
3585 struct statfs statfs;
3589 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3591 fhp = &nfh.fh_generic;
3593 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
3595 nfsm_reply(NFSX_UNSIGNED);
3597 nfsm_srvpostop_attr(getret, &at);
3602 error = VFS_STATFS(vp->v_mount, sf);
3603 getret = VOP_GETATTR(vp, &at, cred);
3606 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_STATFS(v3));
3608 nfsm_srvpostop_attr(getret, &at);
3613 sfp = nfsm_build(struct nfs_statfs *, NFSX_STATFS(v3));
3615 tval = (u_quad_t)sf->f_blocks;
3616 tval *= (u_quad_t)sf->f_bsize;
3617 txdr_hyper(tval, &sfp->sf_tbytes);
3618 tval = (u_quad_t)sf->f_bfree;
3619 tval *= (u_quad_t)sf->f_bsize;
3620 txdr_hyper(tval, &sfp->sf_fbytes);
3622 * Don't send negative values for available space,
3623 * since this field is unsigned in the NFS protocol.
3624 * Otherwise, the client would see absurdly high
3625 * numbers for free space.
3627 if (sf->f_bavail < 0)
3630 tval = (u_quad_t)sf->f_bavail;
3631 tval *= (u_quad_t)sf->f_bsize;
3632 txdr_hyper(tval, &sfp->sf_abytes);
3633 sfp->sf_tfiles.nfsuquad[0] = 0;
3634 sfp->sf_tfiles.nfsuquad[1] = txdr_unsigned(sf->f_files);
3635 sfp->sf_ffiles.nfsuquad[0] = 0;
3636 sfp->sf_ffiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
3637 sfp->sf_afiles.nfsuquad[0] = 0;
3638 sfp->sf_afiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
3639 sfp->sf_invarsec = 0;
3641 sfp->sf_tsize = txdr_unsigned(NFS_MAXDGRAMDATA);
3642 sfp->sf_bsize = txdr_unsigned(sf->f_bsize);
3643 sfp->sf_blocks = txdr_unsigned(sf->f_blocks);
3644 sfp->sf_bfree = txdr_unsigned(sf->f_bfree);
3645 if (sf->f_bavail < 0)
3648 sfp->sf_bavail = txdr_unsigned(sf->f_bavail);
3653 VFS_UNLOCK_GIANT(vfslocked);
3658 * nfs fsinfo service
3661 nfsrv_fsinfo(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3664 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3665 struct sockaddr *nam = nfsd->nd_nam;
3666 caddr_t dpos = nfsd->nd_dpos;
3667 struct ucred *cred = nfsd->nd_cr;
3668 struct nfsv3_fsinfo *sip;
3670 int error = 0, rdonly, getret = 1, pref;
3671 struct mbuf *mb, *mreq;
3672 struct vnode *vp = NULL;
3678 int v3 = (nfsd->nd_flag & ND_NFSV3);
3681 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3683 panic("nfsrv_fsinfo: v3 proc called on a v2 connection");
3684 fhp = &nfh.fh_generic;
3687 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
3689 nfsm_reply(NFSX_UNSIGNED);
3690 nfsm_srvpostop_attr(getret, &at);
3695 /* XXX Try to make a guess on the max file size. */
3696 VFS_STATFS(vp->v_mount, &sb);
3697 maxfsize = (u_quad_t)0x80000000 * sb.f_bsize - 1;
3699 getret = VOP_GETATTR(vp, &at, cred);
3702 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3FSINFO);
3703 nfsm_srvpostop_attr(getret, &at);
3704 sip = nfsm_build(struct nfsv3_fsinfo *, NFSX_V3FSINFO);
3708 * There should be filesystem VFS OP(s) to get this information.
3709 * For now, assume ufs.
3711 pref = NFS_SRVMAXDATA(nfsd);
3712 sip->fs_rtmax = txdr_unsigned(pref);
3713 sip->fs_rtpref = txdr_unsigned(pref);
3714 sip->fs_rtmult = txdr_unsigned(NFS_FABLKSIZE);
3715 sip->fs_wtmax = txdr_unsigned(pref);
3716 sip->fs_wtpref = txdr_unsigned(pref);
3717 sip->fs_wtmult = txdr_unsigned(NFS_FABLKSIZE);
3718 sip->fs_dtpref = txdr_unsigned(pref);
3719 txdr_hyper(maxfsize, &sip->fs_maxfilesize);
3720 sip->fs_timedelta.nfsv3_sec = 0;
3721 sip->fs_timedelta.nfsv3_nsec = txdr_unsigned(1);
3722 sip->fs_properties = txdr_unsigned(NFSV3FSINFO_LINK |
3723 NFSV3FSINFO_SYMLINK | NFSV3FSINFO_HOMOGENEOUS |
3724 NFSV3FSINFO_CANSETTIME);
3728 VFS_UNLOCK_GIANT(vfslocked);
3733 * nfs pathconf service
3736 nfsrv_pathconf(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3739 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3740 struct sockaddr *nam = nfsd->nd_nam;
3741 caddr_t dpos = nfsd->nd_dpos;
3742 struct ucred *cred = nfsd->nd_cr;
3743 struct nfsv3_pathconf *pc;
3745 int error = 0, rdonly, getret = 1;
3746 register_t linkmax, namemax, chownres, notrunc;
3747 struct mbuf *mb, *mreq;
3748 struct vnode *vp = NULL;
3752 int v3 = (nfsd->nd_flag & ND_NFSV3);
3755 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3757 panic("nfsrv_pathconf: v3 proc called on a v2 connection");
3759 fhp = &nfh.fh_generic;
3761 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
3763 nfsm_reply(NFSX_UNSIGNED);
3764 nfsm_srvpostop_attr(getret, &at);
3768 error = VOP_PATHCONF(vp, _PC_LINK_MAX, &linkmax);
3770 error = VOP_PATHCONF(vp, _PC_NAME_MAX, &namemax);
3772 error = VOP_PATHCONF(vp, _PC_CHOWN_RESTRICTED, &chownres);
3774 error = VOP_PATHCONF(vp, _PC_NO_TRUNC, ¬runc);
3775 getret = VOP_GETATTR(vp, &at, cred);
3778 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3PATHCONF);
3779 nfsm_srvpostop_attr(getret, &at);
3784 pc = nfsm_build(struct nfsv3_pathconf *, NFSX_V3PATHCONF);
3786 pc->pc_linkmax = txdr_unsigned(linkmax);
3787 pc->pc_namemax = txdr_unsigned(namemax);
3788 pc->pc_notrunc = txdr_unsigned(notrunc);
3789 pc->pc_chownrestricted = txdr_unsigned(chownres);
3792 * These should probably be supported by VOP_PATHCONF(), but
3793 * until msdosfs is exportable (why would you want to?), the
3794 * Unix defaults should be ok.
3796 pc->pc_caseinsensitive = nfsrv_nfs_false;
3797 pc->pc_casepreserving = nfsrv_nfs_true;
3801 VFS_UNLOCK_GIANT(vfslocked);
3806 * Null operation, used by clients to ping server
3810 nfsrv_null(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3813 struct mbuf *mrep = nfsd->nd_mrep;
3815 int error = NFSERR_RETVOID;
3816 struct mbuf *mb, *mreq;
3818 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3825 * No operation, used for obsolete procedures
3829 nfsrv_noop(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3832 struct mbuf *mrep = nfsd->nd_mrep;
3835 struct mbuf *mb, *mreq;
3837 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3838 if (nfsd->nd_repstat)
3839 error = nfsd->nd_repstat;
3841 error = EPROCUNAVAIL;
3849 * Perform access checking for vnodes obtained from file handles that would
3850 * refer to files already opened by a Unix client. You cannot just use
3851 * vn_writechk() and VOP_ACCESS() for two reasons.
3852 * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write
3854 * 2 - The owner is to be given access irrespective of mode bits for some
3855 * operations, so that processes that chmod after opening a file don't
3856 * break. I don't like this because it opens a security hole, but since
3857 * the nfs server opens a security hole the size of a barn door anyhow,
3860 * The exception to rule 2 is EPERM. If a file is IMMUTABLE, VOP_ACCESS()
3861 * will return EPERM instead of EACCES. EPERM is always an error.
3864 nfsrv_access(struct vnode *vp, accmode_t accmode, struct ucred *cred,
3865 int rdonly, int override)
3870 VFS_ASSERT_GIANT(vp->v_mount);
3872 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3874 if (accmode & VWRITE) {
3875 /* Just vn_writechk() changed to check rdonly */
3877 * Disallow write attempts on read-only filesystems;
3878 * unless the file is a socket or a block or character
3879 * device resident on the filesystem.
3881 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
3882 switch (vp->v_type) {
3892 * If there's shared text associated with
3893 * the inode, we can't allow writing.
3895 if (VOP_IS_TEXT(vp))
3899 error = VOP_GETATTR(vp, &vattr, cred);
3902 error = VOP_ACCESS(vp, accmode, cred, curthread);
3904 * Allow certain operations for the owner (reads and writes
3905 * on files that are already open).
3907 if (override && error == EACCES && cred->cr_uid == vattr.va_uid)
projects / FreeBSD / releng / 9.3.git / blob