2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_serv.c 8.8 (Berkeley) 7/31/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 * nfs version 2 and 3 server calls to vnode ops
40 * - these routines generally have 3 phases
41 * 1 - break down and validate rpc request in mbuf list
42 * 2 - do the vnode ops for the request
43 * (surprisingly ?? many are very similar to syscalls in vfs_syscalls.c)
44 * 3 - build the rpc reply in an mbuf list
46 * - do not mix the phases, since the nfsm_?? macros can return failures
47 * on a bad rpc or similar and do not do any vrele() or vput()'s
49 * - the nfsm_reply() macro generates an nfs rpc reply with the nfs
50 * error number iff error != 0 whereas
51 * returning an error from the server function implies a fatal error
52 * such as a badly constructed rpc request that should be dropped without
54 * For nfsm_reply(), the case where error == EBADRPC is treated
55 * specially; after constructing a reply, it does an immediate
56 * `goto nfsmout' to avoid getting any V3 post-op status appended.
59 * Warning: always pay careful attention to resource cleanup on return
60 * and note that nfsm_*() macros can terminate a procedure on certain
63 * lookup() and namei()
64 * may return garbage in various structural fields/return elements
65 * if an error is returned, and may garbage up nd.ni_dvp even if no
66 * error is returned and you did not request LOCKPARENT or WANTPARENT.
68 * We use the ni_cnd.cn_flags 'HASBUF' flag to track whether the name
69 * buffer has been freed or not.
72 #include <sys/param.h>
73 #include <sys/systm.h>
75 #include <sys/namei.h>
76 #include <sys/unistd.h>
77 #include <sys/vnode.h>
78 #include <sys/mount.h>
79 #include <sys/socket.h>
80 #include <sys/socketvar.h>
81 #include <sys/malloc.h>
84 #include <sys/dirent.h>
86 #include <sys/kernel.h>
87 #include <sys/sysctl.h>
92 #include <vm/vm_extern.h>
93 #include <vm/vm_object.h>
95 #include <nfs/nfsproto.h>
96 #include <nfsserver/nfs.h>
97 #include <nfs/xdr_subs.h>
98 #include <nfsserver/nfsm_subs.h>
101 #define nfsdbprintf(info) printf info
103 #define nfsdbprintf(info)
106 #define MAX_COMMIT_COUNT (1024 * 1024)
108 #define MAX_REORDERED_RPC 16
109 #define NUM_HEURISTIC 1031
110 #define NHUSE_INIT 64
112 #define NHUSE_MAX 2048
114 static struct nfsheur {
115 struct vnode *nh_vp; /* vp to match (unreferenced pointer) */
116 off_t nh_nextoff; /* next offset for sequential detection */
117 int nh_use; /* use count for selection */
118 int nh_seqcount; /* heuristic */
119 } nfsheur[NUM_HEURISTIC];
123 int nfsrvw_procrastinate = NFS_GATHERDELAY * 1000;
124 int nfsrvw_procrastinate_v3 = 0;
126 static struct timeval nfsver = { 0 };
128 SYSCTL_NODE(_vfs, OID_AUTO, nfsrv, CTLFLAG_RW, 0, "NFS server");
130 static int nfs_async;
131 static int nfs_commit_blks;
132 static int nfs_commit_miss;
133 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, async, CTLFLAG_RW, &nfs_async, 0,
134 "Tell client that writes were synced even though they were not");
135 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_blks, CTLFLAG_RW, &nfs_commit_blks, 0,
136 "Number of completed commits");
137 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, commit_miss, CTLFLAG_RW, &nfs_commit_miss, 0, "");
139 struct nfsrvstats nfsrvstats;
140 SYSCTL_STRUCT(_vfs_nfsrv, NFS_NFSRVSTATS, nfsrvstats, CTLFLAG_RW,
141 &nfsrvstats, nfsrvstats, "S,nfsrvstats");
143 static int nfsrv_access(struct vnode *, accmode_t, struct ucred *,
147 * Clear nameidata fields that are tested in nsfmout cleanup code prior
148 * to using first nfsm macro (that might jump to the cleanup code).
152 ndclear(struct nameidata *nd)
155 nd->ni_cnd.cn_flags = 0;
158 nd->ni_startdir = NULL;
162 * Takes two vfslocked integers and returns with at most one
163 * reference to giant. The return value indicates whether giant
164 * is held by either lock. This simplifies nfsrv ops by allowing
165 * them to track only one vfslocked var.
168 nfsrv_lockedpair(int vfs1, int vfs2)
172 VFS_UNLOCK_GIANT(vfs2);
174 return (vfs1 | vfs2);
178 nfsrv_lockedpair_nd(int vfs1, struct nameidata *nd)
182 vfs2 = NDHASGIANT(nd);
184 return nfsrv_lockedpair(vfs1, vfs2);
188 * Heuristic to detect sequential operation.
190 static struct nfsheur *
191 nfsrv_sequential_heuristic(struct uio *uio, struct vnode *vp)
196 /* Locate best candidate. */
198 hi = ((int)(vm_offset_t)vp / sizeof(struct vnode)) % NUM_HEURISTIC;
201 if (nfsheur[hi].nh_vp == vp) {
205 if (nfsheur[hi].nh_use > 0)
206 --nfsheur[hi].nh_use;
207 hi = (hi + 1) % NUM_HEURISTIC;
208 if (nfsheur[hi].nh_use < nh->nh_use)
212 /* Initialize hint if this is a new file. */
213 if (nh->nh_vp != vp) {
215 nh->nh_nextoff = uio->uio_offset;
216 nh->nh_use = NHUSE_INIT;
217 if (uio->uio_offset == 0)
223 /* Calculate heuristic. */
224 if ((uio->uio_offset == 0 && nh->nh_seqcount > 0) ||
225 uio->uio_offset == nh->nh_nextoff) {
226 /* See comments in vfs_vnops.c:sequential_heuristic(). */
227 nh->nh_seqcount += howmany(uio->uio_resid, 16384);
228 if (nh->nh_seqcount > IO_SEQMAX)
229 nh->nh_seqcount = IO_SEQMAX;
230 } else if (qabs(uio->uio_offset - nh->nh_nextoff) <= MAX_REORDERED_RPC *
231 imax(vp->v_mount->mnt_stat.f_iosize, uio->uio_resid)) {
232 /* Probably a reordered RPC, leave seqcount alone. */
233 } else if (nh->nh_seqcount > 1) {
234 nh->nh_seqcount /= 2;
238 nh->nh_use += NHUSE_INC;
239 if (nh->nh_use > NHUSE_MAX)
240 nh->nh_use = NHUSE_MAX;
245 * nfs v3 access service
248 nfsrv3_access(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
251 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
252 struct sockaddr *nam = nfsd->nd_nam;
253 caddr_t dpos = nfsd->nd_dpos;
254 struct ucred *cred = nfsd->nd_cr;
255 struct vnode *vp = NULL;
260 int error = 0, rdonly, getret;
261 struct mbuf *mb, *mreq;
262 struct vattr vattr, *vap = &vattr;
263 u_long testmode, nfsmode;
264 int v3 = (nfsd->nd_flag & ND_NFSV3);
267 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
269 panic("nfsrv3_access: v3 proc called on a v2 connection");
271 fhp = &nfh.fh_generic;
273 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
274 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
276 nfsm_reply(NFSX_UNSIGNED);
277 nfsm_srvpostop_attr(1, NULL);
281 nfsmode = fxdr_unsigned(u_int32_t, *tl);
282 if ((nfsmode & NFSV3ACCESS_READ) &&
283 nfsrv_access(vp, VREAD, cred, rdonly, 0))
284 nfsmode &= ~NFSV3ACCESS_READ;
285 if (vp->v_type == VDIR)
286 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND |
289 testmode = (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND);
290 if ((nfsmode & testmode) &&
291 nfsrv_access(vp, VWRITE, cred, rdonly, 0))
292 nfsmode &= ~testmode;
293 if (vp->v_type == VDIR)
294 testmode = NFSV3ACCESS_LOOKUP;
296 testmode = NFSV3ACCESS_EXECUTE;
297 if ((nfsmode & testmode) &&
298 nfsrv_access(vp, VEXEC, cred, rdonly, 0))
299 nfsmode &= ~testmode;
300 getret = VOP_GETATTR(vp, vap, cred);
303 nfsm_reply(NFSX_POSTOPATTR(1) + NFSX_UNSIGNED);
304 nfsm_srvpostop_attr(getret, vap);
305 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
306 *tl = txdr_unsigned(nfsmode);
310 VFS_UNLOCK_GIANT(vfslocked);
315 * nfs getattr service
318 nfsrv_getattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
321 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
322 struct sockaddr *nam = nfsd->nd_nam;
323 caddr_t dpos = nfsd->nd_dpos;
324 struct ucred *cred = nfsd->nd_cr;
325 struct nfs_fattr *fp;
327 struct vattr *vap = &va;
328 struct vnode *vp = NULL;
332 int error = 0, rdonly;
333 struct mbuf *mb, *mreq;
336 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
338 fhp = &nfh.fh_generic;
340 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
346 error = VOP_GETATTR(vp, vap, cred);
349 nfsm_reply(NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
354 fp = nfsm_build(struct nfs_fattr *,
355 NFSX_FATTR(nfsd->nd_flag & ND_NFSV3));
356 nfsm_srvfillattr(vap, fp);
362 VFS_UNLOCK_GIANT(vfslocked);
367 * nfs setattr service
370 nfsrv_setattr(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
373 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
374 struct sockaddr *nam = nfsd->nd_nam;
375 caddr_t dpos = nfsd->nd_dpos;
376 struct ucred *cred = nfsd->nd_cr;
377 struct vattr va, preat;
378 struct vattr *vap = &va;
379 struct nfsv2_sattr *sp;
380 struct nfs_fattr *fp;
381 struct vnode *vp = NULL;
386 int error = 0, rdonly, preat_ret = 1, postat_ret = 1;
387 int v3 = (nfsd->nd_flag & ND_NFSV3), gcheck = 0;
388 struct mbuf *mb, *mreq;
389 struct timespec guard = { 0, 0 };
390 struct mount *mp = NULL;
394 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
396 fhp = &nfh.fh_generic;
398 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
402 vfslocked = VFS_LOCK_GIANT(mp);
403 (void) vn_start_write(NULL, &mp, V_WAIT);
404 vfs_rel(mp); /* The write holds a ref. */
408 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
409 gcheck = fxdr_unsigned(int, *tl);
411 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
412 fxdr_nfsv3time(tl, &guard);
415 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
417 * Nah nah nah nah na nah
418 * There is a bug in the Sun client that puts 0xffff in the mode
419 * field of sattr when it should put in 0xffffffff. The u_short
420 * doesn't sign extend.
421 * --> check the low order 2 bytes for 0xffff
423 if ((fxdr_unsigned(int, sp->sa_mode) & 0xffff) != 0xffff)
424 vap->va_mode = nfstov_mode(sp->sa_mode);
425 if (sp->sa_uid != nfsrv_nfs_xdrneg1)
426 vap->va_uid = fxdr_unsigned(uid_t, sp->sa_uid);
427 if (sp->sa_gid != nfsrv_nfs_xdrneg1)
428 vap->va_gid = fxdr_unsigned(gid_t, sp->sa_gid);
429 if (sp->sa_size != nfsrv_nfs_xdrneg1)
430 vap->va_size = fxdr_unsigned(u_quad_t, sp->sa_size);
431 if (sp->sa_atime.nfsv2_sec != nfsrv_nfs_xdrneg1) {
433 fxdr_nfsv2time(&sp->sa_atime, &vap->va_atime);
435 vap->va_atime.tv_sec =
436 fxdr_unsigned(int32_t, sp->sa_atime.nfsv2_sec);
437 vap->va_atime.tv_nsec = 0;
440 if (sp->sa_mtime.nfsv2_sec != nfsrv_nfs_xdrneg1)
441 fxdr_nfsv2time(&sp->sa_mtime, &vap->va_mtime);
446 * Now that we have all the fields, lets do it.
448 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
449 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
451 nfsm_reply(2 * NFSX_UNSIGNED);
453 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
459 * vp now an active resource, pay careful attention to cleanup
462 error = preat_ret = VOP_GETATTR(vp, &preat, cred);
463 if (!error && gcheck &&
464 (preat.va_ctime.tv_sec != guard.tv_sec ||
465 preat.va_ctime.tv_nsec != guard.tv_nsec))
466 error = NFSERR_NOT_SYNC;
470 nfsm_reply(NFSX_WCCDATA(v3));
472 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
479 * If the size is being changed write acces is required, otherwise
480 * just check for a read only filesystem.
482 if (vap->va_size == ((u_quad_t)((quad_t) -1))) {
483 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
488 if (vp->v_type == VDIR) {
491 } else if ((error = nfsrv_access(vp, VWRITE, cred, rdonly,
495 error = VOP_SETATTR(vp, vap, cred);
496 postat_ret = VOP_GETATTR(vp, vap, cred);
504 nfsm_reply(NFSX_WCCORFATTR(v3));
506 nfsm_srvwcc_data(preat_ret, &preat, postat_ret, vap);
508 /* v2 non-error case. */
509 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
510 nfsm_srvfillattr(vap, fp);
518 vn_finished_write(mp);
519 VFS_UNLOCK_GIANT(vfslocked);
527 nfsrv_lookup(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
530 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
531 struct sockaddr *nam = nfsd->nd_nam;
532 caddr_t dpos = nfsd->nd_dpos;
533 struct ucred *cred = nfsd->nd_cr;
534 struct nfs_fattr *fp;
535 struct nameidata nd, ind, *ndp = &nd;
536 struct vnode *vp, *dirp = NULL;
540 int error = 0, len, dirattr_ret = 1;
541 int v3 = (nfsd->nd_flag & ND_NFSV3), pubflag;
542 struct mbuf *mb, *mreq;
543 struct vattr va, dirattr, *vap = &va;
547 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
551 fhp = &nfh.fh_generic;
553 nfsm_srvnamesiz(len);
555 pubflag = nfs_ispublicfh(fhp);
557 nd.ni_cnd.cn_cred = cred;
558 nd.ni_cnd.cn_nameiop = LOOKUP;
559 nd.ni_cnd.cn_flags = LOCKLEAF | SAVESTART | MPSAFE;
560 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
561 &dirp, v3, &dirattr, &dirattr_ret, pubflag);
562 vfslocked = NDHASGIANT(&nd);
565 * namei failure, only dirp to cleanup. Clear out garbarge from
566 * structure in case macros jump to nfsmout.
574 nfsm_reply(NFSX_POSTOPATTR(v3));
576 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
582 * Locate index file for public filehandle
584 * error is 0 on entry and 0 on exit from this block.
588 if (nd.ni_vp->v_type == VDIR && nfs_pub.np_index != NULL) {
590 * Setup call to lookup() to see if we can find
591 * the index file. Arguably, this doesn't belong
592 * in a kernel.. Ugh. If an error occurs, do not
593 * try to install an index file and then clear the
596 * When we replace nd with ind and redirect ndp,
597 * maintenance of ni_startdir and ni_vp shift to
598 * ind and we have to clean them up in the old nd.
599 * However, the cnd resource continues to be maintained
600 * via the original nd. Confused? You aren't alone!
603 VOP_UNLOCK(nd.ni_vp, 0);
604 ind.ni_pathlen = strlen(nfs_pub.np_index);
605 ind.ni_cnd.cn_nameptr = ind.ni_cnd.cn_pnbuf =
607 ind.ni_startdir = nd.ni_vp;
608 VREF(ind.ni_startdir);
609 ind.ni_cnd.cn_flags &= ~GIANTHELD;
610 tvfslocked = VFS_LOCK_GIANT(ind.ni_startdir->v_mount);
612 nd.ni_cnd.cn_flags |= GIANTHELD;
613 error = lookup(&ind);
615 vfslocked = nfsrv_lockedpair_nd(vfslocked, &ind);
616 ind.ni_cnd.cn_flags &= ~GIANTHELD;
620 * Found an index file. Get rid of
621 * the old references. transfer nd.ni_vp'
627 vrele(nd.ni_startdir);
628 nd.ni_startdir = NULL;
634 * If the public filehandle was used, check that this lookup
635 * didn't result in a filehandle outside the publicly exported
636 * filesystem. We clear the poor vp here to avoid lockups due
640 if (ndp->ni_vp->v_mount != nfs_pub.np_mount) {
648 * Resources at this point:
649 * ndp->ni_vp may not be NULL
653 nfsm_reply(NFSX_POSTOPATTR(v3));
655 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
661 * Get underlying attribute, then release remaining resources ( for
662 * the same potential blocking reason ) and reply.
665 bzero((caddr_t)fhp, sizeof(nfh));
666 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
667 error = VOP_VPTOFH(vp, &fhp->fh_fid);
669 error = VOP_GETATTR(vp, vap, cred);
672 vrele(ndp->ni_startdir);
675 ndp->ni_startdir = NULL;
677 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPORFATTR(v3) + NFSX_POSTOPATTR(v3));
680 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
684 nfsm_srvfhtom(fhp, v3);
686 nfsm_srvpostop_attr(0, vap);
687 nfsm_srvpostop_attr(dirattr_ret, &dirattr);
689 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
690 nfsm_srvfillattr(vap, fp);
694 if (ndp->ni_vp || dirp || ndp->ni_startdir) {
699 if (ndp->ni_startdir)
700 vrele(ndp->ni_startdir);
702 NDFREE(&nd, NDF_ONLY_PNBUF);
703 VFS_UNLOCK_GIANT(vfslocked);
708 * nfs readlink service
711 nfsrv_readlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
714 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
715 struct sockaddr *nam = nfsd->nd_nam;
716 caddr_t dpos = nfsd->nd_dpos;
717 struct ucred *cred = nfsd->nd_cr;
718 struct iovec iv[(NFS_MAXPATHLEN+MLEN-1)/MLEN];
719 struct iovec *ivp = iv;
723 int error = 0, rdonly, i, tlen, len, getret;
724 int v3 = (nfsd->nd_flag & ND_NFSV3);
725 struct mbuf *mb, *mp3, *nmp, *mreq;
726 struct vnode *vp = NULL;
730 struct uio io, *uiop = &io;
733 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
739 fhp = &nfh.fh_generic;
743 while (len < NFS_MAXPATHLEN) {
744 MGET(nmp, M_WAIT, MT_DATA);
746 nmp->m_len = NFSMSIZ(nmp);
753 if ((len + mp->m_len) > NFS_MAXPATHLEN) {
754 mp->m_len = NFS_MAXPATHLEN - len;
755 len = NFS_MAXPATHLEN;
758 ivp->iov_base = mtod(mp, caddr_t);
759 ivp->iov_len = mp->m_len;
764 uiop->uio_iovcnt = i;
765 uiop->uio_offset = 0;
766 uiop->uio_resid = len;
767 uiop->uio_rw = UIO_READ;
768 uiop->uio_segflg = UIO_SYSSPACE;
770 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
772 nfsm_reply(2 * NFSX_UNSIGNED);
774 nfsm_srvpostop_attr(1, NULL);
778 if (vp->v_type != VLNK) {
784 error = VOP_READLINK(vp, uiop, cred);
785 getret = VOP_GETATTR(vp, &attr, cred);
788 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_UNSIGNED);
790 nfsm_srvpostop_attr(getret, &attr);
795 if (uiop->uio_resid > 0) {
796 len -= uiop->uio_resid;
797 tlen = nfsm_rndup(len);
798 nfsm_adj(mp3, NFS_MAXPATHLEN-tlen, tlen-len);
800 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
801 *tl = txdr_unsigned(len);
809 VFS_UNLOCK_GIANT(vfslocked);
817 nfsrv_read(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
820 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
821 struct sockaddr *nam = nfsd->nd_nam;
822 caddr_t dpos = nfsd->nd_dpos;
823 struct ucred *cred = nfsd->nd_cr;
827 struct nfs_fattr *fp;
831 int error = 0, rdonly, cnt, len, left, siz, tlen, getret;
832 int v3 = (nfsd->nd_flag & ND_NFSV3), reqlen;
833 struct mbuf *mb, *mreq;
835 struct vnode *vp = NULL;
838 struct uio io, *uiop = &io;
839 struct vattr va, *vap = &va;
846 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
848 fhp = &nfh.fh_generic;
851 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
852 off = fxdr_hyper(tl);
854 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
855 off = (off_t)fxdr_unsigned(u_int32_t, *tl);
857 nfsm_srvstrsiz(reqlen, NFS_SRVMAXDATA(nfsd));
860 * Reference vp. If an error occurs, vp will be invalid, but we
861 * have to NULL it just in case. The macros might goto nfsmout
865 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
868 nfsm_reply(2 * NFSX_UNSIGNED);
870 nfsm_srvpostop_attr(1, NULL);
875 if (vp->v_type != VREG) {
879 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
882 if ((error = nfsrv_access(vp, VREAD, cred, rdonly, 1)) != 0)
883 error = nfsrv_access(vp, VEXEC, cred, rdonly, 1);
885 getret = VOP_GETATTR(vp, vap, cred);
891 nfsm_reply(NFSX_POSTOPATTR(v3));
893 nfsm_srvpostop_attr(getret, vap);
899 * Calculate byte count to read
901 if (off >= vap->va_size)
903 else if ((off + reqlen) > vap->va_size)
904 cnt = vap->va_size - off;
908 nfsm_reply(NFSX_POSTOPORFATTR(v3) + 3 * NFSX_UNSIGNED+nfsm_rndup(cnt));
910 tl = nfsm_build(u_int32_t *, NFSX_V3FATTR + 4 * NFSX_UNSIGNED);
911 *tl++ = nfsrv_nfs_true;
912 fp = (struct nfs_fattr *)tl;
913 tl += (NFSX_V3FATTR / sizeof (u_int32_t));
915 tl = nfsm_build(u_int32_t *, NFSX_V2FATTR + NFSX_UNSIGNED);
916 fp = (struct nfs_fattr *)tl;
917 tl += (NFSX_V2FATTR / sizeof (u_int32_t));
919 len = left = nfsm_rndup(cnt);
922 * Generate the mbuf list with the uio_iov ref. to it.
927 siz = min(M_TRAILINGSPACE(m), left);
933 MGET(m, M_WAIT, MT_DATA);
940 iv = malloc(i * sizeof (struct iovec),
942 uiop->uio_iov = iv2 = iv;
948 panic("nfsrv_read iov");
949 siz = min(M_TRAILINGSPACE(m), left);
951 iv->iov_base = mtod(m, caddr_t) + m->m_len;
960 uiop->uio_iovcnt = i;
961 uiop->uio_offset = off;
962 uiop->uio_resid = len;
963 uiop->uio_rw = UIO_READ;
964 uiop->uio_segflg = UIO_SYSSPACE;
965 nh = nfsrv_sequential_heuristic(uiop, vp);
966 ioflag |= nh->nh_seqcount << IO_SEQSHIFT;
967 error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
969 nh->nh_nextoff = uiop->uio_offset;
970 free((caddr_t)iv2, M_TEMP);
971 if (error || (getret = VOP_GETATTR(vp, vap, cred))) {
977 nfsm_reply(NFSX_POSTOPATTR(v3));
979 nfsm_srvpostop_attr(getret, vap);
987 nfsm_srvfillattr(vap, fp);
988 tlen = len - uiop->uio_resid;
989 cnt = cnt < tlen ? cnt : tlen;
990 tlen = nfsm_rndup(cnt);
991 if (len != tlen || tlen != cnt)
992 nfsm_adj(mb, len - tlen, tlen - cnt);
994 *tl++ = txdr_unsigned(cnt);
996 *tl++ = nfsrv_nfs_true;
998 *tl++ = nfsrv_nfs_false;
1000 *tl = txdr_unsigned(cnt);
1004 VFS_UNLOCK_GIANT(vfslocked);
1012 nfsrv_write(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1015 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1016 struct sockaddr *nam = nfsd->nd_nam;
1017 caddr_t dpos = nfsd->nd_dpos;
1018 struct ucred *cred = nfsd->nd_cr;
1022 struct nfs_fattr *fp;
1024 struct vattr va, forat;
1025 struct vattr *vap = &va;
1028 int error = 0, rdonly, len, forat_ret = 1;
1029 int ioflags, aftat_ret = 1, retlen = 0, zeroing, adjust;
1030 int stable = NFSV3WRITE_FILESYNC;
1031 int v3 = (nfsd->nd_flag & ND_NFSV3);
1032 struct mbuf *mb, *mreq;
1033 struct vnode *vp = NULL;
1037 struct uio io, *uiop = &io;
1039 struct mount *mntp = NULL;
1043 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1050 fhp = &nfh.fh_generic;
1052 if ((mntp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1056 vfslocked = VFS_LOCK_GIANT(mntp);
1057 (void) vn_start_write(NULL, &mntp, V_WAIT);
1058 vfs_rel(mntp); /* The write holds a ref. */
1060 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
1061 off = fxdr_hyper(tl);
1063 stable = fxdr_unsigned(int, *tl++);
1065 tl = nfsm_dissect_nonblock(u_int32_t *, 4 * NFSX_UNSIGNED);
1066 off = (off_t)fxdr_unsigned(u_int32_t, *++tl);
1069 stable = NFSV3WRITE_UNSTABLE;
1071 retlen = len = fxdr_unsigned(int32_t, *tl);
1075 * For NFS Version 2, it is not obvious what a write of zero length
1076 * should do, but I might as well be consistent with Version 3,
1077 * which is to return ok so long as there are no permission problems.
1085 adjust = dpos - mtod(mp, caddr_t);
1086 mp->m_len -= adjust;
1087 if (mp->m_len > 0 && adjust > 0)
1088 mp->m_data += adjust;
1092 else if (mp->m_len > 0) {
1095 mp->m_len -= (i - len);
1104 if (len > NFS_MAXDATA || len < 0 || i < len) {
1106 nfsm_reply(2 * NFSX_UNSIGNED);
1108 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1112 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
1113 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
1116 nfsm_reply(2 * NFSX_UNSIGNED);
1118 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1123 forat_ret = VOP_GETATTR(vp, &forat, cred);
1124 if (vp->v_type != VREG) {
1128 error = (vp->v_type == VDIR) ? EISDIR : EACCES;
1131 error = nfsrv_access(vp, VWRITE, cred, rdonly, 1);
1135 nfsm_reply(NFSX_WCCDATA(v3));
1137 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1143 ivp = malloc(cnt * sizeof (struct iovec), M_TEMP,
1145 uiop->uio_iov = iv = ivp;
1146 uiop->uio_iovcnt = cnt;
1149 if (mp->m_len > 0) {
1150 ivp->iov_base = mtod(mp, caddr_t);
1151 ivp->iov_len = mp->m_len;
1159 * The IO_METASYNC flag indicates that all metadata (and not just
1160 * enough to ensure data integrity) mus be written to stable storage
1162 * (IO_METASYNC is not yet implemented in 4.4BSD-Lite.)
1164 if (stable == NFSV3WRITE_UNSTABLE)
1165 ioflags = IO_NODELOCKED;
1166 else if (stable == NFSV3WRITE_DATASYNC)
1167 ioflags = (IO_SYNC | IO_NODELOCKED);
1169 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1170 uiop->uio_resid = len;
1171 uiop->uio_rw = UIO_WRITE;
1172 uiop->uio_segflg = UIO_SYSSPACE;
1173 uiop->uio_td = NULL;
1174 uiop->uio_offset = off;
1175 nh = nfsrv_sequential_heuristic(uiop, vp);
1176 ioflags |= nh->nh_seqcount << IO_SEQSHIFT;
1177 error = VOP_WRITE(vp, uiop, ioflags, cred);
1179 nh->nh_nextoff = uiop->uio_offset;
1180 /* Unlocked write. */
1181 nfsrvstats.srvvop_writes++;
1182 free((caddr_t)iv, M_TEMP);
1184 aftat_ret = VOP_GETATTR(vp, vap, cred);
1190 nfsm_reply(NFSX_PREOPATTR(v3) + NFSX_POSTOPORFATTR(v3) +
1191 2 * NFSX_UNSIGNED + NFSX_WRITEVERF(v3));
1193 nfsm_srvwcc_data(forat_ret, &forat, aftat_ret, vap);
1198 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
1199 *tl++ = txdr_unsigned(retlen);
1201 * If nfs_async is set, then pretend the write was FILESYNC.
1203 if (stable == NFSV3WRITE_UNSTABLE && !nfs_async)
1204 *tl++ = txdr_unsigned(stable);
1206 *tl++ = txdr_unsigned(NFSV3WRITE_FILESYNC);
1208 * Actually, there is no need to txdr these fields,
1209 * but it may make the values more human readable,
1210 * for debugging purposes.
1212 if (nfsver.tv_sec == 0)
1214 *tl++ = txdr_unsigned(nfsver.tv_sec);
1215 *tl = txdr_unsigned(nfsver.tv_usec);
1216 } else if (!error) {
1217 /* v2 non-error case. */
1218 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1219 nfsm_srvfillattr(vap, fp);
1225 vn_finished_write(mntp);
1226 VFS_UNLOCK_GIANT(vfslocked);
1231 * nfs create service
1232 * now does a truncate to 0 length via. setattr if it already exists
1235 nfsrv_create(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1238 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1239 struct sockaddr *nam = nfsd->nd_nam;
1240 caddr_t dpos = nfsd->nd_dpos;
1241 struct ucred *cred = nfsd->nd_cr;
1242 struct nfs_fattr *fp;
1243 struct vattr va, dirfor, diraft;
1244 struct vattr *vap = &va;
1245 struct nfsv2_sattr *sp;
1247 struct nameidata nd;
1249 int error = 0, rdev, len, tsize, dirfor_ret = 1, diraft_ret = 1;
1250 int v3 = (nfsd->nd_flag & ND_NFSV3), how, exclusive_flag = 0;
1251 struct mbuf *mb, *mreq;
1252 struct vnode *dirp = NULL;
1256 struct timespec cverf;
1257 struct mount *mp = NULL;
1261 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1268 fhp = &nfh.fh_generic;
1270 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1274 vfslocked = VFS_LOCK_GIANT(mp);
1275 (void) vn_start_write(NULL, &mp, V_WAIT);
1276 vfs_rel(mp); /* The write holds a ref. */
1277 nfsm_srvnamesiz(len);
1279 nd.ni_cnd.cn_cred = cred;
1280 nd.ni_cnd.cn_nameiop = CREATE;
1281 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE;
1284 * Call namei and do initial cleanup to get a few things
1285 * out of the way. If we get an initial error we cleanup
1286 * and return here to avoid special-casing the invalid nd
1287 * structure through the rest of the case. dirp may be
1288 * set even if an error occurs, but the nd structure will not
1289 * be valid at all if an error occurs so we have to invalidate it
1290 * prior to calling nfsm_reply ( which might goto nfsmout ).
1292 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
1293 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
1294 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1300 nfsm_reply(NFSX_WCCDATA(v3));
1302 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1308 * No error. Continue. State:
1310 * startdir is valid ( we release this immediately )
1312 * nd.ni_vp may be valid
1313 * nd.ni_dvp is valid
1315 * The error state is set through the code and we may also do some
1316 * opportunistic releasing of vnodes to avoid holding locks through
1317 * NFS I/O. The cleanup at the end is a catch-all
1322 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
1323 how = fxdr_unsigned(int, *tl);
1325 case NFSV3CREATE_GUARDED:
1331 case NFSV3CREATE_UNCHECKED:
1334 case NFSV3CREATE_EXCLUSIVE:
1335 tl = nfsm_dissect_nonblock(u_int32_t *,
1337 /* Unique bytes, endianness is not important. */
1338 cverf.tv_sec = (int32_t)tl[0];
1339 cverf.tv_nsec = tl[1];
1343 vap->va_type = VREG;
1345 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
1346 vap->va_type = IFTOVT(fxdr_unsigned(u_int32_t, sp->sa_mode));
1347 if (vap->va_type == VNON)
1348 vap->va_type = VREG;
1349 vap->va_mode = nfstov_mode(sp->sa_mode);
1350 switch (vap->va_type) {
1352 tsize = fxdr_unsigned(int32_t, sp->sa_size);
1354 vap->va_size = (u_quad_t)tsize;
1359 rdev = fxdr_unsigned(long, sp->sa_size);
1367 * Iff doesn't exist, create it
1368 * otherwise just truncate to 0 length
1369 * should I set the mode too ?
1371 * The only possible error we can have at this point is EEXIST.
1372 * nd.ni_vp will also be non-NULL in that case.
1374 if (nd.ni_vp == NULL) {
1375 if (vap->va_mode == (mode_t)VNOVAL)
1377 if (vap->va_type == VREG || vap->va_type == VSOCK) {
1378 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1380 NDFREE(&nd, NDF_ONLY_PNBUF);
1382 if (exclusive_flag) {
1385 vap->va_atime = cverf;
1386 error = VOP_SETATTR(nd.ni_vp, vap,
1390 } else if (vap->va_type == VCHR || vap->va_type == VBLK ||
1391 vap->va_type == VFIFO) {
1393 * NFSv2-specific code for creating device nodes
1396 * Handle SysV FIFO node special cases. All other
1397 * devices require super user to access.
1399 if (vap->va_type == VCHR && rdev == 0xffffffff)
1400 vap->va_type = VFIFO;
1401 if (vap->va_type != VFIFO &&
1402 (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV,
1406 vap->va_rdev = rdev;
1407 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1409 NDFREE(&nd, NDF_ONLY_PNBUF);
1416 * release dvp prior to lookup
1423 * Even though LOCKPARENT was cleared, ni_dvp may
1426 nd.ni_cnd.cn_nameiop = LOOKUP;
1427 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
1428 nd.ni_cnd.cn_thread = curthread;
1429 nd.ni_cnd.cn_cred = cred;
1430 tvfslocked = VFS_LOCK_GIANT(nd.ni_startdir->v_mount);
1432 nd.ni_cnd.cn_flags |= GIANTHELD;
1433 error = lookup(&nd);
1435 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1436 nd.ni_cnd.cn_flags &= ~GIANTHELD;
1440 if (nd.ni_cnd.cn_flags & ISSYMLINK) {
1448 if (vap->va_size != -1) {
1449 error = nfsrv_access(nd.ni_vp, VWRITE,
1450 cred, (nd.ni_cnd.cn_flags & RDONLY), 0);
1452 tempsize = vap->va_size;
1454 vap->va_size = tempsize;
1455 error = VOP_SETATTR(nd.ni_vp, vap, cred);
1461 bzero((caddr_t)fhp, sizeof(nfh));
1462 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
1463 error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
1465 error = VOP_GETATTR(nd.ni_vp, vap, cred);
1468 if (exclusive_flag && !error &&
1469 bcmp(&cverf, &vap->va_atime, sizeof (cverf)))
1471 if (dirp == nd.ni_dvp)
1472 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1474 /* Drop the other locks to avoid deadlock. */
1476 if (nd.ni_dvp == nd.ni_vp)
1486 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
1487 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1488 VOP_UNLOCK(dirp, 0);
1492 nfsm_reply(NFSX_SRVFH(v3) + NFSX_FATTR(v3) + NFSX_WCCDATA(v3));
1495 nfsm_srvpostop_fh(fhp);
1496 nfsm_srvpostop_attr(0, vap);
1498 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1499 } else if (!error) {
1500 /* v2 non-error case. */
1501 nfsm_srvfhtom(fhp, v3);
1502 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
1503 nfsm_srvfillattr(vap, fp);
1509 if (nd.ni_dvp == nd.ni_vp)
1516 if (nd.ni_startdir) {
1517 vrele(nd.ni_startdir);
1518 nd.ni_startdir = NULL;
1522 NDFREE(&nd, NDF_ONLY_PNBUF);
1523 vn_finished_write(mp);
1524 VFS_UNLOCK_GIANT(vfslocked);
1529 * nfs v3 mknod service
1532 nfsrv_mknod(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1535 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1536 struct sockaddr *nam = nfsd->nd_nam;
1537 caddr_t dpos = nfsd->nd_dpos;
1538 struct ucred *cred = nfsd->nd_cr;
1539 struct vattr va, dirfor, diraft;
1540 struct vattr *vap = &va;
1541 struct thread *td = curthread;
1543 struct nameidata nd;
1545 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
1546 u_int32_t major, minor;
1548 struct mbuf *mb, *mreq;
1549 struct vnode *vp, *dirp = NULL;
1552 struct mount *mp = NULL;
1553 int v3 = (nfsd->nd_flag & ND_NFSV3);
1557 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1560 panic("nfsrv_mknod: v3 proc called on a v2 connection");
1563 fhp = &nfh.fh_generic;
1565 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1569 vfslocked = VFS_LOCK_GIANT(mp);
1570 (void) vn_start_write(NULL, &mp, V_WAIT);
1571 vfs_rel(mp); /* The write holds a ref. */
1572 nfsm_srvnamesiz(len);
1574 nd.ni_cnd.cn_cred = cred;
1575 nd.ni_cnd.cn_nameiop = CREATE;
1576 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE;
1579 * Handle nfs_namei() call. If an error occurs, the nd structure
1580 * is not valid. However, nfsm_*() routines may still jump to
1584 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
1585 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
1586 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1588 nfsm_reply(NFSX_WCCDATA(1));
1589 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1593 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
1594 vtyp = nfsv3tov_type(*tl);
1595 if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
1596 error = NFSERR_BADTYPE;
1601 if (vtyp == VCHR || vtyp == VBLK) {
1602 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
1603 major = fxdr_unsigned(u_int32_t, *tl++);
1604 minor = fxdr_unsigned(u_int32_t, *tl);
1605 vap->va_rdev = makedev(major, minor);
1609 * Iff doesn't exist, create it.
1615 vap->va_type = vtyp;
1616 if (vap->va_mode == (mode_t)VNOVAL)
1618 if (vtyp == VSOCK) {
1619 vrele(nd.ni_startdir);
1620 nd.ni_startdir = NULL;
1621 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1623 NDFREE(&nd, NDF_ONLY_PNBUF);
1625 if (vtyp != VFIFO && (error = priv_check_cred(cred,
1626 PRIV_VFS_MKNOD_DEV, 0)))
1628 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
1630 NDFREE(&nd, NDF_ONLY_PNBUF);
1637 * Release dvp prior to lookup
1642 nd.ni_cnd.cn_nameiop = LOOKUP;
1643 nd.ni_cnd.cn_flags &= ~(LOCKPARENT);
1644 nd.ni_cnd.cn_thread = td;
1645 nd.ni_cnd.cn_cred = td->td_ucred;
1646 tvfslocked = VFS_LOCK_GIANT(nd.ni_startdir->v_mount);
1648 nd.ni_cnd.cn_flags |= GIANTHELD;
1649 error = lookup(&nd);
1651 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1652 nd.ni_cnd.cn_flags &= ~GIANTHELD;
1656 if (nd.ni_cnd.cn_flags & ISSYMLINK)
1661 * send response, cleanup, return.
1666 bzero((caddr_t)fhp, sizeof(nfh));
1667 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
1668 error = VOP_VPTOFH(vp, &fhp->fh_fid);
1670 error = VOP_GETATTR(vp, vap, cred);
1673 if (nd.ni_dvp == nd.ni_vp)
1684 if (nd.ni_startdir) {
1685 vrele(nd.ni_startdir);
1686 nd.ni_startdir = NULL;
1688 NDFREE(&nd, NDF_ONLY_PNBUF);
1690 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
1691 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1695 nfsm_reply(NFSX_SRVFH(1) + NFSX_POSTOPATTR(1) + NFSX_WCCDATA(1));
1698 nfsm_srvpostop_fh(fhp);
1699 nfsm_srvpostop_attr(0, vap);
1701 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1703 vn_finished_write(mp);
1704 VFS_UNLOCK_GIANT(vfslocked);
1708 if (nd.ni_dvp == nd.ni_vp)
1718 vrele(nd.ni_startdir);
1719 NDFREE(&nd, NDF_ONLY_PNBUF);
1720 vn_finished_write(mp);
1721 VFS_UNLOCK_GIANT(vfslocked);
1726 * nfs remove service
1729 nfsrv_remove(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1732 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1733 struct sockaddr *nam = nfsd->nd_nam;
1734 caddr_t dpos = nfsd->nd_dpos;
1735 struct ucred *cred = nfsd->nd_cr;
1736 struct nameidata nd;
1738 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
1739 int v3 = (nfsd->nd_flag & ND_NFSV3);
1740 struct mbuf *mb, *mreq;
1742 struct vattr dirfor, diraft;
1745 struct mount *mp = NULL;
1748 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1752 fhp = &nfh.fh_generic;
1754 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
1758 vfslocked = VFS_LOCK_GIANT(mp);
1759 (void) vn_start_write(NULL, &mp, V_WAIT);
1760 vfs_rel(mp); /* The write holds a ref. */
1761 nfsm_srvnamesiz(len);
1763 nd.ni_cnd.cn_cred = cred;
1764 nd.ni_cnd.cn_nameiop = DELETE;
1765 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | MPSAFE;
1766 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
1767 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
1768 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
1774 if (nd.ni_vp->v_type == VDIR) {
1775 error = EPERM; /* POSIX */
1779 * The root of a mounted filesystem cannot be deleted.
1781 if (nd.ni_vp->v_vflag & VV_ROOT) {
1787 error = VOP_REMOVE(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
1788 NDFREE(&nd, NDF_ONLY_PNBUF);
1792 if (dirp == nd.ni_dvp)
1793 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1795 /* Drop the other locks to avoid deadlock. */
1797 if (nd.ni_dvp == nd.ni_vp)
1807 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
1808 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
1809 VOP_UNLOCK(dirp, 0);
1815 nfsm_reply(NFSX_WCCDATA(v3));
1817 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
1820 NDFREE(&nd, NDF_ONLY_PNBUF);
1822 if (nd.ni_dvp == nd.ni_vp)
1829 vn_finished_write(mp);
1830 VFS_UNLOCK_GIANT(vfslocked);
1835 * nfs rename service
1838 nfsrv_rename(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
1841 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
1842 struct sockaddr *nam = nfsd->nd_nam;
1843 caddr_t dpos = nfsd->nd_dpos;
1844 struct ucred *cred = nfsd->nd_cr;
1846 int error = 0, len, len2, fdirfor_ret = 1, fdiraft_ret = 1;
1847 int tdirfor_ret = 1, tdiraft_ret = 1;
1848 int v3 = (nfsd->nd_flag & ND_NFSV3);
1849 struct mbuf *mb, *mreq;
1850 struct nameidata fromnd, tond;
1851 struct vnode *fvp, *tvp, *tdvp, *fdirp = NULL;
1852 struct vnode *tdirp = NULL;
1853 struct vattr fdirfor, fdiraft, tdirfor, tdiraft;
1855 fhandle_t *ffhp, *tfhp;
1857 struct mount *mp = NULL;
1860 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
1865 ffhp = &fnfh.fh_generic;
1866 tfhp = &tnfh.fh_generic;
1869 * Clear fields incase goto nfsmout occurs from macro.
1875 nfsm_srvmtofh(ffhp);
1876 if ((mp = vfs_getvfs(&ffhp->fh_fsid)) == NULL) {
1880 vfslocked = VFS_LOCK_GIANT(mp);
1881 (void) vn_start_write(NULL, &mp, V_WAIT);
1882 vfs_rel(mp); /* The write holds a ref. */
1883 nfsm_srvnamesiz(len);
1885 * Remember our original uid so that we can reset cr_uid before
1886 * the second nfs_namei() call, in case it is remapped.
1888 saved_uid = cred->cr_uid;
1889 fromnd.ni_cnd.cn_cred = cred;
1890 fromnd.ni_cnd.cn_nameiop = DELETE;
1891 fromnd.ni_cnd.cn_flags = WANTPARENT | SAVESTART | MPSAFE;
1892 error = nfs_namei(&fromnd, nfsd, ffhp, len, slp, nam, &md,
1893 &dpos, &fdirp, v3, &fdirfor, &fdirfor_ret, FALSE);
1894 vfslocked = nfsrv_lockedpair_nd(vfslocked, &fromnd);
1900 nfsm_reply(2 * NFSX_WCCDATA(v3));
1902 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
1903 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
1909 nfsm_srvmtofh(tfhp);
1910 nfsm_srvnamesiz(len2);
1911 cred->cr_uid = saved_uid;
1912 tond.ni_cnd.cn_cred = cred;
1913 tond.ni_cnd.cn_nameiop = RENAME;
1914 tond.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART | MPSAFE;
1915 error = nfs_namei(&tond, nfsd, tfhp, len2, slp, nam, &md,
1916 &dpos, &tdirp, v3, &tdirfor, &tdirfor_ret, FALSE);
1917 vfslocked = nfsrv_lockedpair_nd(vfslocked, &tond);
1928 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
1934 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
1941 if (tvp->v_type == VDIR && tvp->v_mountedhere) {
1949 if (fvp->v_type == VDIR && fvp->v_mountedhere) {
1956 if (fvp->v_mount != tdvp->v_mount) {
1970 * If source is the same as the destination (that is the
1971 * same vnode with the same name in the same directory),
1972 * then there is nothing to do.
1974 if (fvp == tvp && fromnd.ni_dvp == tdvp &&
1975 fromnd.ni_cnd.cn_namelen == tond.ni_cnd.cn_namelen &&
1976 !bcmp(fromnd.ni_cnd.cn_nameptr, tond.ni_cnd.cn_nameptr,
1977 fromnd.ni_cnd.cn_namelen))
1982 * The VOP_RENAME function releases all vnode references &
1983 * locks prior to returning so we need to clear the pointers
1984 * to bypass cleanup code later on.
1986 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
1987 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
1988 fromnd.ni_dvp = NULL;
1989 fromnd.ni_vp = NULL;
1993 NDFREE(&fromnd, NDF_ONLY_PNBUF);
1994 NDFREE(&tond, NDF_ONLY_PNBUF);
2002 nfsm_reply(2 * NFSX_WCCDATA(v3));
2004 /* Release existing locks to prevent deadlock. */
2006 if (tond.ni_dvp == tond.ni_vp)
2017 vn_lock(fdirp, LK_EXCLUSIVE | LK_RETRY);
2018 fdiraft_ret = VOP_GETATTR(fdirp, &fdiraft, cred);
2019 VOP_UNLOCK(fdirp, 0);
2022 vn_lock(tdirp, LK_EXCLUSIVE | LK_RETRY);
2023 tdiraft_ret = VOP_GETATTR(tdirp, &tdiraft, cred);
2024 VOP_UNLOCK(tdirp, 0);
2026 nfsm_srvwcc_data(fdirfor_ret, &fdirfor, fdiraft_ret, &fdiraft);
2027 nfsm_srvwcc_data(tdirfor_ret, &tdirfor, tdiraft_ret, &tdiraft);
2034 * Clear out tond related fields
2037 if (tond.ni_dvp == tond.ni_vp)
2046 if (tond.ni_startdir)
2047 vrele(tond.ni_startdir);
2048 NDFREE(&tond, NDF_ONLY_PNBUF);
2050 * Clear out fromnd related fields
2054 if (fromnd.ni_startdir)
2055 vrele(fromnd.ni_startdir);
2056 NDFREE(&fromnd, NDF_ONLY_PNBUF);
2058 vrele(fromnd.ni_dvp);
2060 vrele(fromnd.ni_vp);
2062 vn_finished_write(mp);
2063 VFS_UNLOCK_GIANT(vfslocked);
2071 nfsrv_link(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2074 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2075 struct sockaddr *nam = nfsd->nd_nam;
2076 caddr_t dpos = nfsd->nd_dpos;
2077 struct ucred *cred = nfsd->nd_cr;
2078 struct nameidata nd;
2080 int error = 0, rdonly, len, dirfor_ret = 1, diraft_ret = 1;
2081 int getret = 1, v3 = (nfsd->nd_flag & ND_NFSV3);
2082 struct mbuf *mb, *mreq;
2083 struct vnode *vp = NULL, *xp, *dirp = NULL;
2084 struct vattr dirfor, diraft, at;
2086 fhandle_t *fhp, *dfhp;
2087 struct mount *mp = NULL;
2091 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2095 fhp = &nfh.fh_generic;
2096 dfhp = &dnfh.fh_generic;
2098 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2102 vfslocked = VFS_LOCK_GIANT(mp);
2103 (void) vn_start_write(NULL, &mp, V_WAIT);
2104 vfs_rel(mp); /* The write holds a ref. */
2105 nfsm_srvmtofh(dfhp);
2106 nfsm_srvnamesiz(len);
2108 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
2109 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
2111 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2113 nfsm_srvpostop_attr(getret, &at);
2114 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2121 getret = VOP_GETATTR(vp, &at, cred);
2122 if (vp->v_type == VDIR) {
2123 error = EPERM; /* POSIX */
2127 nd.ni_cnd.cn_cred = cred;
2128 nd.ni_cnd.cn_nameiop = CREATE;
2129 nd.ni_cnd.cn_flags = LOCKPARENT | MPSAFE | MPSAFE;
2130 error = nfs_namei(&nd, nfsd, dfhp, len, slp, nam, &md, &dpos,
2131 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2132 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2150 if (vp->v_mount != xp->v_mount) {
2156 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2157 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
2158 NDFREE(&nd, NDF_ONLY_PNBUF);
2163 getret = VOP_GETATTR(vp, &at, cred);
2166 if (dirp == nd.ni_dvp)
2167 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2169 /* Release existing locks to prevent deadlock. */
2171 if (nd.ni_dvp == nd.ni_vp)
2181 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2182 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2183 VOP_UNLOCK(dirp, 0);
2187 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2189 nfsm_srvpostop_attr(getret, &at);
2190 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2196 NDFREE(&nd, NDF_ONLY_PNBUF);
2200 if (nd.ni_dvp == nd.ni_vp)
2209 vn_finished_write(mp);
2210 VFS_UNLOCK_GIANT(vfslocked);
2215 * nfs symbolic link service
2218 nfsrv_symlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2221 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2222 struct sockaddr *nam = nfsd->nd_nam;
2223 caddr_t dpos = nfsd->nd_dpos;
2224 struct ucred *cred = nfsd->nd_cr;
2225 struct vattr va, dirfor, diraft;
2226 struct nameidata nd;
2227 struct vattr *vap = &va;
2228 struct nfsv2_sattr *sp;
2229 char *bpos, *pathcp = NULL;
2232 int error = 0, len, len2, dirfor_ret = 1, diraft_ret = 1;
2233 int v3 = (nfsd->nd_flag & ND_NFSV3);
2234 struct mbuf *mb, *mreq;
2235 struct vnode *dirp = NULL;
2238 struct mount *mp = NULL;
2242 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2246 fhp = &nfh.fh_generic;
2248 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2252 vfslocked = VFS_LOCK_GIANT(mp);
2253 (void) vn_start_write(NULL, &mp, V_WAIT);
2254 vfs_rel(mp); /* The write holds a ref. */
2255 nfsm_srvnamesiz(len);
2256 nd.ni_cnd.cn_cred = cred;
2257 nd.ni_cnd.cn_nameiop = CREATE;
2258 nd.ni_cnd.cn_flags = LOCKPARENT | SAVESTART | MPSAFE;
2259 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
2260 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2261 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2266 nfsm_srvpathsiz(len2);
2274 pathcp = malloc(len2 + 1, M_TEMP, M_WAITOK);
2275 iv.iov_base = pathcp;
2277 io.uio_resid = len2;
2281 io.uio_segflg = UIO_SYSSPACE;
2282 io.uio_rw = UIO_READ;
2284 nfsm_mtouio(&io, len2);
2286 sp = nfsm_dissect_nonblock(struct nfsv2_sattr *, NFSX_V2SATTR);
2287 vap->va_mode = nfstov_mode(sp->sa_mode);
2289 *(pathcp + len2) = '\0';
2296 * issue symlink op. SAVESTART is set so the underlying path component
2297 * is only freed by the VOP if an error occurs.
2299 if (vap->va_mode == (mode_t)VNOVAL)
2301 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap, pathcp);
2303 NDFREE(&nd, NDF_ONLY_PNBUF);
2308 * releases directory prior to potential lookup op.
2316 * Issue lookup. Leave SAVESTART set so we can easily free
2317 * the name buffer later on.
2319 * since LOCKPARENT is not set, ni_dvp will be garbage on
2320 * return whether an error occurs or not.
2322 nd.ni_cnd.cn_nameiop = LOOKUP;
2323 nd.ni_cnd.cn_flags &= ~(LOCKPARENT | FOLLOW);
2324 nd.ni_cnd.cn_flags |= (NOFOLLOW | LOCKLEAF);
2325 nd.ni_cnd.cn_thread = curthread;
2326 nd.ni_cnd.cn_cred = cred;
2327 tvfslocked = VFS_LOCK_GIANT(nd.ni_startdir->v_mount);
2329 nd.ni_cnd.cn_flags |= GIANTHELD;
2330 error = lookup(&nd);
2332 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2333 nd.ni_cnd.cn_flags &= ~GIANTHELD;
2336 bzero((caddr_t)fhp, sizeof(nfh));
2337 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
2338 error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
2340 error = VOP_GETATTR(nd.ni_vp, vap, cred);
2348 * These releases aren't strictly required, does even doing them
2349 * make any sense? XXX can nfsm_reply() block?
2352 free(pathcp, M_TEMP);
2356 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2357 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2358 VOP_UNLOCK(dirp, 0);
2360 if (nd.ni_startdir) {
2361 vrele(nd.ni_startdir);
2362 nd.ni_startdir = NULL;
2364 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2367 nfsm_srvpostop_fh(fhp);
2368 nfsm_srvpostop_attr(0, vap);
2370 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2376 NDFREE(&nd, NDF_ONLY_PNBUF);
2378 if (nd.ni_dvp == nd.ni_vp)
2386 vrele(nd.ni_startdir);
2390 free(pathcp, M_TEMP);
2392 vn_finished_write(mp);
2393 VFS_UNLOCK_GIANT(vfslocked);
2401 nfsrv_mkdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2404 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2405 struct sockaddr *nam = nfsd->nd_nam;
2406 caddr_t dpos = nfsd->nd_dpos;
2407 struct ucred *cred = nfsd->nd_cr;
2408 struct vattr va, dirfor, diraft;
2409 struct vattr *vap = &va;
2410 struct nfs_fattr *fp;
2411 struct nameidata nd;
2414 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2415 int v3 = (nfsd->nd_flag & ND_NFSV3);
2416 struct mbuf *mb, *mreq;
2417 struct vnode *dirp = NULL;
2421 struct mount *mp = NULL;
2424 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2428 fhp = &nfh.fh_generic;
2430 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2434 vfslocked = VFS_LOCK_GIANT(mp);
2435 (void) vn_start_write(NULL, &mp, V_WAIT);
2436 vfs_rel(mp); /* The write holds a ref. */
2437 nfsm_srvnamesiz(len);
2438 nd.ni_cnd.cn_cred = cred;
2439 nd.ni_cnd.cn_nameiop = CREATE;
2440 nd.ni_cnd.cn_flags = LOCKPARENT | MPSAFE;
2442 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
2443 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2444 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2450 nfsm_reply(NFSX_WCCDATA(v3));
2452 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2460 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
2461 vap->va_mode = nfstov_mode(*tl++);
2465 * At this point nd.ni_dvp is referenced and exclusively locked and
2466 * nd.ni_vp, if it exists, is referenced but not locked.
2469 vap->va_type = VDIR;
2470 if (nd.ni_vp != NULL) {
2471 NDFREE(&nd, NDF_ONLY_PNBUF);
2477 * Issue mkdir op. Since SAVESTART is not set, the pathname
2478 * component is freed by the VOP call. This will fill-in
2479 * nd.ni_vp, reference, and exclusively lock it.
2481 if (vap->va_mode == (mode_t)VNOVAL)
2483 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
2484 NDFREE(&nd, NDF_ONLY_PNBUF);
2491 bzero((caddr_t)fhp, sizeof(nfh));
2492 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
2493 error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
2495 error = VOP_GETATTR(nd.ni_vp, vap, cred);
2499 if (dirp == nd.ni_dvp) {
2500 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2502 /* Release existing locks to prevent deadlock. */
2504 NDFREE(&nd, NDF_ONLY_PNBUF);
2505 if (nd.ni_dvp == nd.ni_vp && vpexcl)
2518 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2519 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2520 VOP_UNLOCK(dirp, 0);
2523 nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPATTR(v3) + NFSX_WCCDATA(v3));
2526 nfsm_srvpostop_fh(fhp);
2527 nfsm_srvpostop_attr(0, vap);
2529 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2530 } else if (!error) {
2531 /* v2 non-error case. */
2532 nfsm_srvfhtom(fhp, v3);
2533 fp = nfsm_build(struct nfs_fattr *, NFSX_V2FATTR);
2534 nfsm_srvfillattr(vap, fp);
2541 NDFREE(&nd, NDF_ONLY_PNBUF);
2542 if (nd.ni_dvp == nd.ni_vp && vpexcl)
2555 vn_finished_write(mp);
2556 VFS_UNLOCK_GIANT(vfslocked);
2564 nfsrv_rmdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2567 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2568 struct sockaddr *nam = nfsd->nd_nam;
2569 caddr_t dpos = nfsd->nd_dpos;
2570 struct ucred *cred = nfsd->nd_cr;
2572 int error = 0, len, dirfor_ret = 1, diraft_ret = 1;
2573 int v3 = (nfsd->nd_flag & ND_NFSV3);
2574 struct mbuf *mb, *mreq;
2575 struct vnode *vp, *dirp = NULL;
2576 struct vattr dirfor, diraft;
2579 struct nameidata nd;
2580 struct mount *mp = NULL;
2583 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2587 fhp = &nfh.fh_generic;
2589 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
2593 vfslocked = VFS_LOCK_GIANT(mp);
2594 (void) vn_start_write(NULL, &mp, V_WAIT);
2595 vfs_rel(mp); /* The write holds a ref. */
2596 nfsm_srvnamesiz(len);
2597 nd.ni_cnd.cn_cred = cred;
2598 nd.ni_cnd.cn_nameiop = DELETE;
2599 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | MPSAFE;
2600 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
2601 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
2602 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
2608 nfsm_reply(NFSX_WCCDATA(v3));
2610 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2615 if (vp->v_type != VDIR) {
2620 * No rmdir "." please.
2622 if (nd.ni_dvp == vp) {
2627 * The root of a mounted filesystem cannot be deleted.
2629 if (vp->v_vflag & VV_ROOT)
2633 * Issue or abort op. Since SAVESTART is not set, path name
2634 * component is freed by the VOP after either.
2637 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
2638 NDFREE(&nd, NDF_ONLY_PNBUF);
2641 if (dirp == nd.ni_dvp)
2642 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2644 /* Release existing locks to prevent deadlock. */
2646 if (nd.ni_dvp == nd.ni_vp)
2655 vn_lock(dirp, LK_EXCLUSIVE | LK_RETRY);
2656 diraft_ret = VOP_GETATTR(dirp, &diraft, cred);
2657 VOP_UNLOCK(dirp, 0);
2660 nfsm_reply(NFSX_WCCDATA(v3));
2663 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
2667 NDFREE(&nd, NDF_ONLY_PNBUF);
2669 if (nd.ni_dvp == nd.ni_vp)
2679 vn_finished_write(mp);
2680 VFS_UNLOCK_GIANT(vfslocked);
2685 * nfs readdir service
2686 * - mallocs what it thinks is enough to read
2687 * count rounded up to a multiple of NFS_DIRBLKSIZ <= NFS_MAXREADDIR
2688 * - calls VOP_READDIR()
2689 * - loops around building the reply
2690 * if the output generated exceeds count break out of loop
2691 * The nfsm_clget macro is used here so that the reply will be packed
2692 * tightly in mbuf clusters.
2693 * - it only knows that it has encountered eof when the VOP_READDIR()
2695 * - as such one readdir rpc will return eof false although you are there
2696 * and then the next will return eof
2697 * - it trims out records with d_fileno == 0
2698 * this doesn't matter for Unix clients, but they might confuse clients
2700 * NB: It is tempting to set eof to true if the VOP_READDIR() reads less
2701 * than requested, but this may not apply to all filesystems. For
2702 * example, client NFS does not { although it is never remote mounted
2704 * The alternate call nfsrv_readdirplus() does lookups as well.
2705 * PS: The NFS protocol spec. does not clarify what the "count" byte
2706 * argument is a count of.. just name strings and file id's or the
2707 * entire reply rpc or ...
2708 * I tried just file name and id sizes and it confused the Sun client,
2709 * so I am using the full rpc size now. The "paranoia.." comment refers
2710 * to including the status longwords that are not a part of the dir.
2711 * "entry" structures, but are in the rpc.
2715 u_int32_t fl_postopok;
2716 u_int32_t fl_fattr[NFSX_V3FATTR / sizeof (u_int32_t)];
2718 u_int32_t fl_fhsize;
2719 u_int32_t fl_nfh[NFSX_V3FH / sizeof (u_int32_t)];
2723 nfsrv_readdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
2726 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
2727 struct sockaddr *nam = nfsd->nd_nam;
2728 caddr_t dpos = nfsd->nd_dpos;
2729 struct ucred *cred = nfsd->nd_cr;
2736 struct mbuf *mb, *mreq;
2737 char *cpos, *cend, *rbuf;
2738 struct vnode *vp = NULL;
2744 int len, nlen, rem, xfer, tsiz, i, error = 0, getret = 1;
2745 int siz, cnt, fullsiz, eofflag, rdonly, ncookies;
2746 int v3 = (nfsd->nd_flag & ND_NFSV3);
2747 u_quad_t off, toff, verf;
2748 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
2749 int vfslocked, not_zfs;
2751 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
2753 fhp = &nfh.fh_generic;
2756 tl = nfsm_dissect_nonblock(u_int32_t *, 5 * NFSX_UNSIGNED);
2757 toff = fxdr_hyper(tl);
2759 verf = fxdr_hyper(tl);
2762 tl = nfsm_dissect_nonblock(u_int32_t *, 2 * NFSX_UNSIGNED);
2763 toff = fxdr_unsigned(u_quad_t, *tl++);
2764 verf = 0; /* shut up gcc */
2767 cnt = fxdr_unsigned(int, *tl);
2768 siz = ((cnt + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
2769 xfer = NFS_SRVMAXDATA(nfsd);
2775 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
2776 if (!error && vp->v_type != VDIR) {
2782 nfsm_reply(NFSX_UNSIGNED);
2784 nfsm_srvpostop_attr(getret, &at);
2790 * Obtain lock on vnode for this section of the code
2793 error = getret = VOP_GETATTR(vp, &at, cred);
2796 * XXX This check may be too strict for Solaris 2.5 clients.
2798 if (!error && toff && verf && verf != at.va_filerev)
2799 error = NFSERR_BAD_COOKIE;
2803 error = nfsrv_access(vp, VEXEC, cred, rdonly, 0);
2807 nfsm_reply(NFSX_POSTOPATTR(v3));
2809 nfsm_srvpostop_attr(getret, &at);
2813 not_zfs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "zfs") != 0;
2817 * end section. Allocate rbuf and continue
2819 rbuf = malloc(siz, M_TEMP, M_WAITOK);
2822 iv.iov_len = fullsiz;
2825 io.uio_offset = (off_t)off;
2826 io.uio_resid = fullsiz;
2827 io.uio_segflg = UIO_SYSSPACE;
2828 io.uio_rw = UIO_READ;
2832 free((caddr_t)cookies, M_TEMP);
2835 vn_lock(vp, LK_SHARED | LK_RETRY);
2836 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
2837 off = (off_t)io.uio_offset;
2838 if (!cookies && !error)
2839 error = NFSERR_PERM;
2841 getret = VOP_GETATTR(vp, &at, cred);
2849 free((caddr_t)rbuf, M_TEMP);
2851 free((caddr_t)cookies, M_TEMP);
2852 nfsm_reply(NFSX_POSTOPATTR(v3));
2854 nfsm_srvpostop_attr(getret, &at);
2859 siz -= io.uio_resid;
2862 * If nothing read, return eof
2868 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) +
2871 nfsm_srvpostop_attr(getret, &at);
2872 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
2873 txdr_hyper(at.va_filerev, tl);
2876 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
2877 *tl++ = nfsrv_nfs_false;
2878 *tl = nfsrv_nfs_true;
2879 free((caddr_t)rbuf, M_TEMP);
2880 free((caddr_t)cookies, M_TEMP);
2887 * Check for degenerate cases of nothing useful read.
2888 * If so go try again
2892 dp = (struct dirent *)cpos;
2895 * For some reason FreeBSD's ufs_readdir() chooses to back the
2896 * directory offset up to a block boundary, so it is necessary to
2897 * skip over the records that precede the requested offset. This
2898 * requires the assumption that file offset cookies monotonically
2900 * Since the offset cookies don't monotonically increase for ZFS,
2901 * this is not done when ZFS is the file system.
2903 while (cpos < cend && ncookies > 0 &&
2904 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
2905 (not_zfs != 0 && ((u_quad_t)(*cookiep)) <= toff))) {
2906 cpos += dp->d_reclen;
2907 dp = (struct dirent *)cpos;
2911 if (cpos >= cend || ncookies == 0) {
2917 len = 3 * NFSX_UNSIGNED; /* paranoia, probably can be 0 */
2918 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_COOKIEVERF(v3) + siz);
2920 nfsm_srvpostop_attr(getret, &at);
2921 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
2922 txdr_hyper(at.va_filerev, tl);
2926 be = bp + M_TRAILINGSPACE(mp);
2928 /* Loop through the records and build reply */
2929 while (cpos < cend && ncookies > 0) {
2930 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
2931 nlen = dp->d_namlen;
2932 rem = nfsm_rndup(nlen) - nlen;
2933 len += (4 * NFSX_UNSIGNED + nlen + rem);
2935 len += 2 * NFSX_UNSIGNED;
2941 * Build the directory record xdr from
2945 *tl = nfsrv_nfs_true;
2946 bp += NFSX_UNSIGNED;
2950 bp += NFSX_UNSIGNED;
2953 *tl = txdr_unsigned(dp->d_fileno);
2954 bp += NFSX_UNSIGNED;
2956 *tl = txdr_unsigned(nlen);
2957 bp += NFSX_UNSIGNED;
2959 /* And loop around copying the name */
2968 bcopy(cp, bp, tsiz);
2974 /* And null pad to an int32_t boundary. */
2975 for (i = 0; i < rem; i++)
2979 /* Finish off the record */
2982 bp += NFSX_UNSIGNED;
2985 *tl = txdr_unsigned(*cookiep);
2986 bp += NFSX_UNSIGNED;
2988 cpos += dp->d_reclen;
2989 dp = (struct dirent *)cpos;
2996 *tl = nfsrv_nfs_false;
2997 bp += NFSX_UNSIGNED;
3000 *tl = nfsrv_nfs_true;
3002 *tl = nfsrv_nfs_false;
3003 bp += NFSX_UNSIGNED;
3006 mp->m_len = bp - mtod(mp, caddr_t);
3008 mp->m_len += bp - bpos;
3009 free((caddr_t)rbuf, M_TEMP);
3010 free((caddr_t)cookies, M_TEMP);
3015 VFS_UNLOCK_GIANT(vfslocked);
3020 nfsrv_readdirplus(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3023 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3024 struct sockaddr *nam = nfsd->nd_nam;
3025 caddr_t dpos = nfsd->nd_dpos;
3026 struct ucred *cred = nfsd->nd_cr;
3033 struct mbuf *mb, *mreq;
3034 char *cpos, *cend, *rbuf;
3035 struct vnode *vp = NULL, *nvp;
3038 fhandle_t *fhp, *nfhp = (fhandle_t *)fl.fl_nfh;
3041 struct vattr va, at, *vap = &va;
3042 struct nfs_fattr *fp;
3043 int len, nlen, rem, xfer, tsiz, i, error = 0, error1, getret = 1;
3045 int siz, cnt, fullsiz, eofflag, rdonly, dirlen, ncookies;
3046 u_quad_t off, toff, verf;
3047 u_long *cookies = NULL, *cookiep; /* needs to be int64_t or off_t */
3048 int v3 = (nfsd->nd_flag & ND_NFSV3);
3049 int usevget = 1, vfslocked;
3050 struct componentname cn;
3051 struct mount *mntp = NULL;
3054 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3058 panic("nfsrv_readdirplus: v3 proc called on a v2 connection");
3059 fhp = &nfh.fh_generic;
3061 tl = nfsm_dissect_nonblock(u_int32_t *, 6 * NFSX_UNSIGNED);
3062 toff = fxdr_hyper(tl);
3064 verf = fxdr_hyper(tl);
3066 siz = fxdr_unsigned(int, *tl++);
3067 cnt = fxdr_unsigned(int, *tl);
3069 siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3070 xfer = NFS_SRVMAXDATA(nfsd);
3076 error = nfsrv_fhtovp(fhp, NFSRV_FLAG_BUSY, &vp, &vfslocked, nfsd, slp,
3081 if (vp->v_type != VDIR) {
3089 nfsm_reply(NFSX_UNSIGNED);
3090 nfsm_srvpostop_attr(getret, &at);
3094 error = getret = VOP_GETATTR(vp, &at, cred);
3097 * XXX This check may be too strict for Solaris 2.5 clients.
3099 if (!error && toff && verf && verf != at.va_filerev)
3100 error = NFSERR_BAD_COOKIE;
3103 error = nfsrv_access(vp, VEXEC, cred, rdonly, 0);
3108 nfsm_reply(NFSX_V3POSTOPATTR);
3109 nfsm_srvpostop_attr(getret, &at);
3113 not_zfs = strcmp(vp->v_mount->mnt_vfc->vfc_name, "zfs") != 0;
3116 rbuf = malloc(siz, M_TEMP, M_WAITOK);
3119 iv.iov_len = fullsiz;
3122 io.uio_offset = (off_t)off;
3123 io.uio_resid = fullsiz;
3124 io.uio_segflg = UIO_SYSSPACE;
3125 io.uio_rw = UIO_READ;
3130 free((caddr_t)cookies, M_TEMP);
3133 vn_lock(vp, LK_SHARED | LK_RETRY);
3134 error = VOP_READDIR(vp, &io, cred, &eofflag, &ncookies, &cookies);
3135 off = (u_quad_t)io.uio_offset;
3136 getret = VOP_GETATTR(vp, &at, cred);
3139 if (!cookies && !error)
3140 error = NFSERR_PERM;
3147 free((caddr_t)cookies, M_TEMP);
3148 free((caddr_t)rbuf, M_TEMP);
3149 nfsm_reply(NFSX_V3POSTOPATTR);
3150 nfsm_srvpostop_attr(getret, &at);
3155 siz -= io.uio_resid;
3158 * If nothing read, return eof
3164 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3166 nfsm_srvpostop_attr(getret, &at);
3167 tl = nfsm_build(u_int32_t *, 4 * NFSX_UNSIGNED);
3168 txdr_hyper(at.va_filerev, tl);
3170 *tl++ = nfsrv_nfs_false;
3171 *tl = nfsrv_nfs_true;
3172 free((caddr_t)cookies, M_TEMP);
3173 free((caddr_t)rbuf, M_TEMP);
3180 * Check for degenerate cases of nothing useful read.
3181 * If so go try again
3185 dp = (struct dirent *)cpos;
3188 * For some reason FreeBSD's ufs_readdir() chooses to back the
3189 * directory offset up to a block boundary, so it is necessary to
3190 * skip over the records that precede the requested offset. This
3191 * requires the assumption that file offset cookies monotonically
3193 * Since the offset cookies don't monotonically increase for ZFS,
3194 * this is not done when ZFS is the file system.
3196 while (cpos < cend && ncookies > 0 &&
3197 (dp->d_fileno == 0 || dp->d_type == DT_WHT ||
3198 (not_zfs != 0 && ((u_quad_t)(*cookiep)) <= toff))) {
3199 cpos += dp->d_reclen;
3200 dp = (struct dirent *)cpos;
3204 if (cpos >= cend || ncookies == 0) {
3210 dirlen = len = NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF +
3213 nfsm_srvpostop_attr(getret, &at);
3214 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
3215 txdr_hyper(at.va_filerev, tl);
3218 be = bp + M_TRAILINGSPACE(mp);
3220 /* Loop through the records and build reply */
3221 while (cpos < cend && ncookies > 0) {
3222 if (dp->d_fileno != 0 && dp->d_type != DT_WHT) {
3223 nlen = dp->d_namlen;
3224 rem = nfsm_rndup(nlen)-nlen;
3228 * For readdir_and_lookup get the vnode using
3231 error = VFS_VGET(mntp, dp->d_fileno, LK_SHARED,
3233 if (error != 0 && error != EOPNOTSUPP) {
3236 } else if (error == EOPNOTSUPP) {
3238 * VFS_VGET() not supported?
3239 * Let's switch to VOP_LOOKUP().
3243 cn.cn_nameiop = LOOKUP;
3244 cn.cn_flags = ISLASTCN | NOFOLLOW | \
3245 LOCKSHARED | LOCKLEAF | MPSAFE;
3246 cn.cn_lkflags = LK_SHARED | LK_RETRY;
3248 cn.cn_thread = curthread;
3252 cn.cn_nameptr = dp->d_name;
3253 cn.cn_namelen = dp->d_namlen;
3254 if (dp->d_namlen == 2 &&
3255 dp->d_name[0] == '.' &&
3256 dp->d_name[1] == '.') {
3257 cn.cn_flags |= ISDOTDOT;
3259 cn.cn_flags &= ~ISDOTDOT;
3262 vn_lock(vp, LK_SHARED | LK_RETRY);
3265 if ((vp->v_vflag & VV_ROOT) != 0 &&
3266 (cn.cn_flags & ISDOTDOT) != 0) {
3269 } else if (VOP_LOOKUP(vp, &nvp, &cn) != 0)
3273 bzero((caddr_t)nfhp, NFSX_V3FH);
3274 nfhp->fh_fsid = nvp->v_mount->mnt_stat.f_fsid;
3275 if ((error1 = VOP_VPTOFH(nvp, &nfhp->fh_fid)) == 0)
3276 error1 = VOP_GETATTR(nvp, vap, cred);
3277 if (!usevget && vp == nvp)
3286 * If either the dircount or maxcount will be
3287 * exceeded, get out now. Both of these lengths
3288 * are calculated conservatively, including all
3291 len += (8 * NFSX_UNSIGNED + nlen + rem + NFSX_V3FH +
3293 dirlen += (6 * NFSX_UNSIGNED + nlen + rem);
3294 if (len > cnt || dirlen > fullsiz) {
3300 * Build the directory record xdr from
3303 fp = (struct nfs_fattr *)&fl.fl_fattr;
3304 nfsm_srvfillattr(vap, fp);
3305 fl.fl_fhsize = txdr_unsigned(NFSX_V3FH);
3306 fl.fl_fhok = nfsrv_nfs_true;
3307 fl.fl_postopok = nfsrv_nfs_true;
3308 fl.fl_off.nfsuquad[0] = 0;
3309 fl.fl_off.nfsuquad[1] = txdr_unsigned(*cookiep);
3312 *tl = nfsrv_nfs_true;
3313 bp += NFSX_UNSIGNED;
3316 bp += NFSX_UNSIGNED;
3318 *tl = txdr_unsigned(dp->d_fileno);
3319 bp += NFSX_UNSIGNED;
3321 *tl = txdr_unsigned(nlen);
3322 bp += NFSX_UNSIGNED;
3324 /* And loop around copying the name */
3329 if ((bp + xfer) > be)
3333 bcopy(cp, bp, tsiz);
3339 /* And null pad to an int32_t boundary. */
3340 for (i = 0; i < rem; i++)
3344 * Now copy the flrep structure out.
3346 xfer = sizeof (struct flrep);
3350 if ((bp + xfer) > be)
3354 bcopy(cp, bp, tsiz);
3362 cpos += dp->d_reclen;
3363 dp = (struct dirent *)cpos;
3367 if (!usevget && vp_locked)
3373 *tl = nfsrv_nfs_false;
3374 bp += NFSX_UNSIGNED;
3377 *tl = nfsrv_nfs_true;
3379 *tl = nfsrv_nfs_false;
3380 bp += NFSX_UNSIGNED;
3383 mp->m_len = bp - mtod(mp, caddr_t);
3385 mp->m_len += bp - bpos;
3386 free((caddr_t)cookies, M_TEMP);
3387 free((caddr_t)rbuf, M_TEMP);
3393 VFS_UNLOCK_GIANT(vfslocked);
3398 * nfs commit service
3401 nfsrv_commit(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3404 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3405 struct sockaddr *nam = nfsd->nd_nam;
3406 caddr_t dpos = nfsd->nd_dpos;
3407 struct ucred *cred = nfsd->nd_cr;
3408 struct vattr bfor, aft;
3409 struct vnode *vp = NULL;
3414 int error = 0, rdonly, for_ret = 1, aft_ret = 1, cnt;
3415 struct mbuf *mb, *mreq;
3417 struct mount *mp = NULL;
3418 int v3 = (nfsd->nd_flag & ND_NFSV3);
3422 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3425 panic("nfsrv_commit: v3 proc called on a v2 connection");
3426 fhp = &nfh.fh_generic;
3428 if ((mp = vfs_getvfs(&fhp->fh_fsid)) == NULL) {
3432 vfslocked = VFS_LOCK_GIANT(mp);
3433 (void) vn_start_write(NULL, &mp, V_WAIT);
3434 vfs_rel(mp); /* The write holds a ref. */
3435 tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
3438 * XXX At this time VOP_FSYNC() does not accept offset and byte
3439 * count parameters, so these arguments are useless (someday maybe).
3441 off = fxdr_hyper(tl);
3443 cnt = fxdr_unsigned(int, *tl);
3444 error = nfsrv_fhtovp(fhp, 0, &vp, &tvfslocked, nfsd, slp, nam, &rdonly);
3445 vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
3447 nfsm_reply(2 * NFSX_UNSIGNED);
3448 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
3452 for_ret = VOP_GETATTR(vp, &bfor, cred);
3454 if (cnt > MAX_COMMIT_COUNT) {
3456 * Give up and do the whole thing
3459 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
3460 VM_OBJECT_LOCK(vp->v_object);
3461 vm_object_page_clean(vp->v_object, 0, 0, OBJPC_SYNC);
3462 VM_OBJECT_UNLOCK(vp->v_object);
3464 error = VOP_FSYNC(vp, MNT_WAIT, curthread);
3467 * Locate and synchronously write any buffers that fall
3468 * into the requested range. Note: we are assuming that
3469 * f_iosize is a power of 2.
3471 int iosize = vp->v_mount->mnt_stat.f_iosize;
3472 int iomask = iosize - 1;
3477 * Align to iosize boundry, super-align to page boundry.
3480 cnt += off & iomask;
3481 off &= ~(u_quad_t)iomask;
3483 if (off & PAGE_MASK) {
3484 cnt += off & PAGE_MASK;
3485 off &= ~(u_quad_t)PAGE_MASK;
3487 lblkno = off / iosize;
3490 (vp->v_object->flags & OBJ_MIGHTBEDIRTY)) {
3491 VM_OBJECT_LOCK(vp->v_object);
3492 vm_object_page_clean(vp->v_object, OFF_TO_IDX(off),
3493 OFF_TO_IDX(off + cnt + PAGE_MASK), OBJPC_SYNC);
3494 VM_OBJECT_UNLOCK(vp->v_object);
3503 * If we have a buffer and it is marked B_DELWRI we
3504 * have to lock and write it. Otherwise the prior
3505 * write is assumed to have already been committed.
3507 * gbincore() can return invalid buffers now so we
3508 * have to check that bit as well (though B_DELWRI
3509 * should not be set if B_INVAL is set there could be
3510 * a race here since we haven't locked the buffer).
3512 if ((bp = gbincore(&vp->v_bufobj, lblkno)) != NULL) {
3513 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_SLEEPFAIL |
3514 LK_INTERLOCK, BO_MTX(bo)) == ENOLCK) {
3516 continue; /* retry */
3518 if ((bp->b_flags & (B_DELWRI|B_INVAL)) ==
3521 bp->b_flags &= ~B_ASYNC;
3537 aft_ret = VOP_GETATTR(vp, &aft, cred);
3541 nfsm_reply(NFSX_V3WCCDATA + NFSX_V3WRITEVERF);
3542 nfsm_srvwcc_data(for_ret, &bfor, aft_ret, &aft);
3544 tl = nfsm_build(u_int32_t *, NFSX_V3WRITEVERF);
3545 if (nfsver.tv_sec == 0)
3547 *tl++ = txdr_unsigned(nfsver.tv_sec);
3548 *tl = txdr_unsigned(nfsver.tv_usec);
3555 vn_finished_write(mp);
3556 VFS_UNLOCK_GIANT(vfslocked);
3561 * nfs statfs service
3564 nfsrv_statfs(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3567 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3568 struct sockaddr *nam = nfsd->nd_nam;
3569 caddr_t dpos = nfsd->nd_dpos;
3570 struct ucred *cred = nfsd->nd_cr;
3572 struct nfs_statfs *sfp;
3574 int error = 0, rdonly, getret = 1;
3575 int v3 = (nfsd->nd_flag & ND_NFSV3);
3576 struct mbuf *mb, *mreq;
3577 struct vnode *vp = NULL;
3581 struct statfs statfs;
3585 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3587 fhp = &nfh.fh_generic;
3589 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
3591 nfsm_reply(NFSX_UNSIGNED);
3593 nfsm_srvpostop_attr(getret, &at);
3598 error = VFS_STATFS(vp->v_mount, sf);
3599 getret = VOP_GETATTR(vp, &at, cred);
3602 nfsm_reply(NFSX_POSTOPATTR(v3) + NFSX_STATFS(v3));
3604 nfsm_srvpostop_attr(getret, &at);
3609 sfp = nfsm_build(struct nfs_statfs *, NFSX_STATFS(v3));
3611 tval = (u_quad_t)sf->f_blocks;
3612 tval *= (u_quad_t)sf->f_bsize;
3613 txdr_hyper(tval, &sfp->sf_tbytes);
3614 tval = (u_quad_t)sf->f_bfree;
3615 tval *= (u_quad_t)sf->f_bsize;
3616 txdr_hyper(tval, &sfp->sf_fbytes);
3618 * Don't send negative values for available space,
3619 * since this field is unsigned in the NFS protocol.
3620 * Otherwise, the client would see absurdly high
3621 * numbers for free space.
3623 if (sf->f_bavail < 0)
3626 tval = (u_quad_t)sf->f_bavail;
3627 tval *= (u_quad_t)sf->f_bsize;
3628 txdr_hyper(tval, &sfp->sf_abytes);
3629 sfp->sf_tfiles.nfsuquad[0] = 0;
3630 sfp->sf_tfiles.nfsuquad[1] = txdr_unsigned(sf->f_files);
3631 sfp->sf_ffiles.nfsuquad[0] = 0;
3632 sfp->sf_ffiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
3633 sfp->sf_afiles.nfsuquad[0] = 0;
3634 sfp->sf_afiles.nfsuquad[1] = txdr_unsigned(sf->f_ffree);
3635 sfp->sf_invarsec = 0;
3637 sfp->sf_tsize = txdr_unsigned(NFS_MAXDGRAMDATA);
3638 sfp->sf_bsize = txdr_unsigned(sf->f_bsize);
3639 sfp->sf_blocks = txdr_unsigned(sf->f_blocks);
3640 sfp->sf_bfree = txdr_unsigned(sf->f_bfree);
3641 if (sf->f_bavail < 0)
3644 sfp->sf_bavail = txdr_unsigned(sf->f_bavail);
3649 VFS_UNLOCK_GIANT(vfslocked);
3654 * nfs fsinfo service
3657 nfsrv_fsinfo(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3660 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3661 struct sockaddr *nam = nfsd->nd_nam;
3662 caddr_t dpos = nfsd->nd_dpos;
3663 struct ucred *cred = nfsd->nd_cr;
3664 struct nfsv3_fsinfo *sip;
3666 int error = 0, rdonly, getret = 1, pref;
3667 struct mbuf *mb, *mreq;
3668 struct vnode *vp = NULL;
3674 int v3 = (nfsd->nd_flag & ND_NFSV3);
3677 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3679 panic("nfsrv_fsinfo: v3 proc called on a v2 connection");
3680 fhp = &nfh.fh_generic;
3683 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
3685 nfsm_reply(NFSX_UNSIGNED);
3686 nfsm_srvpostop_attr(getret, &at);
3691 /* XXX Try to make a guess on the max file size. */
3692 VFS_STATFS(vp->v_mount, &sb);
3693 maxfsize = (u_quad_t)0x80000000 * sb.f_bsize - 1;
3695 getret = VOP_GETATTR(vp, &at, cred);
3698 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3FSINFO);
3699 nfsm_srvpostop_attr(getret, &at);
3700 sip = nfsm_build(struct nfsv3_fsinfo *, NFSX_V3FSINFO);
3704 * There should be filesystem VFS OP(s) to get this information.
3705 * For now, assume ufs.
3707 pref = NFS_SRVMAXDATA(nfsd);
3708 sip->fs_rtmax = txdr_unsigned(pref);
3709 sip->fs_rtpref = txdr_unsigned(pref);
3710 sip->fs_rtmult = txdr_unsigned(NFS_FABLKSIZE);
3711 sip->fs_wtmax = txdr_unsigned(pref);
3712 sip->fs_wtpref = txdr_unsigned(pref);
3713 sip->fs_wtmult = txdr_unsigned(NFS_FABLKSIZE);
3714 sip->fs_dtpref = txdr_unsigned(pref);
3715 txdr_hyper(maxfsize, &sip->fs_maxfilesize);
3716 sip->fs_timedelta.nfsv3_sec = 0;
3717 sip->fs_timedelta.nfsv3_nsec = txdr_unsigned(1);
3718 sip->fs_properties = txdr_unsigned(NFSV3FSINFO_LINK |
3719 NFSV3FSINFO_SYMLINK | NFSV3FSINFO_HOMOGENEOUS |
3720 NFSV3FSINFO_CANSETTIME);
3724 VFS_UNLOCK_GIANT(vfslocked);
3729 * nfs pathconf service
3732 nfsrv_pathconf(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3735 struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md;
3736 struct sockaddr *nam = nfsd->nd_nam;
3737 caddr_t dpos = nfsd->nd_dpos;
3738 struct ucred *cred = nfsd->nd_cr;
3739 struct nfsv3_pathconf *pc;
3741 int error = 0, rdonly, getret = 1;
3742 register_t linkmax, namemax, chownres, notrunc;
3743 struct mbuf *mb, *mreq;
3744 struct vnode *vp = NULL;
3748 int v3 = (nfsd->nd_flag & ND_NFSV3);
3751 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3753 panic("nfsrv_pathconf: v3 proc called on a v2 connection");
3755 fhp = &nfh.fh_generic;
3757 error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, nam, &rdonly);
3759 nfsm_reply(NFSX_UNSIGNED);
3760 nfsm_srvpostop_attr(getret, &at);
3764 error = VOP_PATHCONF(vp, _PC_LINK_MAX, &linkmax);
3766 error = VOP_PATHCONF(vp, _PC_NAME_MAX, &namemax);
3768 error = VOP_PATHCONF(vp, _PC_CHOWN_RESTRICTED, &chownres);
3770 error = VOP_PATHCONF(vp, _PC_NO_TRUNC, ¬runc);
3771 getret = VOP_GETATTR(vp, &at, cred);
3774 nfsm_reply(NFSX_V3POSTOPATTR + NFSX_V3PATHCONF);
3775 nfsm_srvpostop_attr(getret, &at);
3780 pc = nfsm_build(struct nfsv3_pathconf *, NFSX_V3PATHCONF);
3782 pc->pc_linkmax = txdr_unsigned(linkmax);
3783 pc->pc_namemax = txdr_unsigned(namemax);
3784 pc->pc_notrunc = txdr_unsigned(notrunc);
3785 pc->pc_chownrestricted = txdr_unsigned(chownres);
3788 * These should probably be supported by VOP_PATHCONF(), but
3789 * until msdosfs is exportable (why would you want to?), the
3790 * Unix defaults should be ok.
3792 pc->pc_caseinsensitive = nfsrv_nfs_false;
3793 pc->pc_casepreserving = nfsrv_nfs_true;
3797 VFS_UNLOCK_GIANT(vfslocked);
3802 * Null operation, used by clients to ping server
3806 nfsrv_null(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3809 struct mbuf *mrep = nfsd->nd_mrep;
3811 int error = NFSERR_RETVOID;
3812 struct mbuf *mb, *mreq;
3814 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3821 * No operation, used for obsolete procedures
3825 nfsrv_noop(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
3828 struct mbuf *mrep = nfsd->nd_mrep;
3831 struct mbuf *mb, *mreq;
3833 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3834 if (nfsd->nd_repstat)
3835 error = nfsd->nd_repstat;
3837 error = EPROCUNAVAIL;
3845 * Perform access checking for vnodes obtained from file handles that would
3846 * refer to files already opened by a Unix client. You cannot just use
3847 * vn_writechk() and VOP_ACCESS() for two reasons.
3848 * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write
3850 * 2 - The owner is to be given access irrespective of mode bits for some
3851 * operations, so that processes that chmod after opening a file don't
3852 * break. I don't like this because it opens a security hole, but since
3853 * the nfs server opens a security hole the size of a barn door anyhow,
3856 * The exception to rule 2 is EPERM. If a file is IMMUTABLE, VOP_ACCESS()
3857 * will return EPERM instead of EACCES. EPERM is always an error.
3860 nfsrv_access(struct vnode *vp, accmode_t accmode, struct ucred *cred,
3861 int rdonly, int override)
3866 VFS_ASSERT_GIANT(vp->v_mount);
3868 nfsdbprintf(("%s %d\n", __FILE__, __LINE__));
3870 if (accmode & VWRITE) {
3871 /* Just vn_writechk() changed to check rdonly */
3873 * Disallow write attempts on read-only filesystems;
3874 * unless the file is a socket or a block or character
3875 * device resident on the filesystem.
3877 if (rdonly || (vp->v_mount->mnt_flag & MNT_RDONLY)) {
3878 switch (vp->v_type) {
3888 * If there's shared text associated with
3889 * the inode, we can't allow writing.
3891 if (vp->v_vflag & VV_TEXT)
3895 error = VOP_GETATTR(vp, &vattr, cred);
3898 error = VOP_ACCESS(vp, accmode, cred, curthread);
3900 * Allow certain operations for the owner (reads and writes
3901 * on files that are already open).
3903 if (override && error == EACCES && cred->cr_uid == vattr.va_uid)
projects / FreeBSD / stable / 8.git / blob