2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_syscalls.c 8.5 (Berkeley) 3/30/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
38 #include "opt_inet6.h"
41 #include <sys/param.h>
42 #include <sys/systm.h>
43 #include <sys/sysproto.h>
44 #include <sys/kernel.h>
45 #include <sys/sysctl.h>
47 #include <sys/filedesc.h>
48 #include <sys/vnode.h>
49 #include <sys/malloc.h>
50 #include <sys/mount.h>
56 #include <sys/socket.h>
57 #include <sys/socketvar.h>
58 #include <sys/domain.h>
59 #include <sys/protosw.h>
60 #include <sys/namei.h>
61 #include <sys/fcntl.h>
62 #include <sys/lockf.h>
64 #include <netinet/in.h>
65 #include <netinet/tcp.h>
68 #include <netinet6/in6_var.h>
70 #include <nfs/xdr_subs.h>
71 #include <nfs/rpcv2.h>
72 #include <nfs/nfsproto.h>
73 #include <nfsserver/nfs.h>
74 #include <nfsserver/nfsm_subs.h>
75 #include <nfsserver/nfsrvcache.h>
77 #include <security/mac/mac_framework.h>
79 static MALLOC_DEFINE(M_NFSSVC, "nfsserver_srvsock", "Nfs server structure");
81 MALLOC_DEFINE(M_NFSRVDESC, "nfsserver_srvdesc", "NFS server socket descriptor");
82 MALLOC_DEFINE(M_NFSD, "nfsserver_daemon", "Nfs server daemon structure");
88 SYSCTL_DECL(_vfs_nfsrv);
91 int nfsrv_numnfsd = 0;
92 static int notstarted = 1;
94 static int nfs_privport = 0;
95 SYSCTL_INT(_vfs_nfsrv, NFS_NFSPRIVPORT, nfs_privport, CTLFLAG_RW,
96 &nfs_privport, 0, "");
97 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, gatherdelay, CTLFLAG_RW,
98 &nfsrvw_procrastinate, 0, "");
99 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, gatherdelay_v3, CTLFLAG_RW,
100 &nfsrvw_procrastinate_v3, 0, "");
102 static int nfssvc_addsock(struct file *, struct sockaddr *,
104 static void nfsrv_zapsock(struct nfssvc_sock *slp);
105 static int nfssvc_nfsd(struct thread *);
108 * NFS server system calls
112 * Nfs server psuedo system call for the nfsd's
113 * Based on the flag value it either:
114 * - adds a socket to the selection list
115 * - remains in the kernel as an nfsd
116 * - remains in the kernel as an nfsiod
117 * For INET6 we suppose that nfsd provides only IN6P_IPV6_V6ONLY sockets
118 * and that mountd provides
119 * - sockaddr with no IPv4-mapped addresses
120 * - mask for both INET and INET6 families if there is IPv4-mapped overlap
122 #ifndef _SYS_SYSPROTO_H_
132 nfssvc(struct thread *td, struct nfssvc_args *uap)
135 struct sockaddr *nam;
136 struct nfsd_args nfsdarg;
139 KASSERT(!mtx_owned(&Giant), ("nfssvc(): called with Giant"));
142 error = mac_check_system_nfsd(td->td_ucred);
146 error = priv_check(td, PRIV_NFSD);
151 while (nfssvc_sockhead_flag & SLP_INIT) {
152 nfssvc_sockhead_flag |= SLP_WANTINIT;
153 (void) msleep(&nfssvc_sockhead, &nfsd_mtx, PSOCK,
157 if (uap->flag & NFSSVC_ADDSOCK) {
158 error = copyin(uap->argp, (caddr_t)&nfsdarg, sizeof(nfsdarg));
161 if ((error = fget(td, nfsdarg.sock, &fp)) != 0)
163 if (fp->f_type != DTYPE_SOCKET) {
168 * Get the client address for connected sockets.
170 if (nfsdarg.name == NULL || nfsdarg.namelen == 0)
173 error = getsockaddr(&nam, nfsdarg.name,
180 error = nfssvc_addsock(fp, nam, td);
182 } else if (uap->flag & NFSSVC_NFSD) {
183 error = nfssvc_nfsd(td);
187 if (error == EINTR || error == ERESTART)
195 * Adds a socket to the list for servicing by nfsds.
198 nfssvc_addsock(struct file *fp, struct sockaddr *mynam, struct thread *td)
201 struct nfssvc_sock *slp;
210 * XXXRW: If this code is ever enabled, there's a race when running
215 * Add it to the list, as required.
217 if (so->so_proto->pr_protocol == IPPROTO_UDP) {
219 if (tslp->ns_flag & SLP_VALID) {
221 FREE(mynam, M_SONAME);
226 if (so->so_type == SOCK_STREAM)
227 siz = NFS_MAXPACKET + sizeof (u_long);
230 error = soreserve(so, siz, siz);
233 FREE(mynam, M_SONAME);
238 * Set protocol specific options { for now TCP only } and
239 * reserve some space. For datagram sockets, this can get called
240 * repeatedly for the same socket, but that isn't harmful.
242 if (so->so_type == SOCK_STREAM) {
246 bzero(&sopt, sizeof sopt);
247 sopt.sopt_dir = SOPT_SET;
248 sopt.sopt_level = SOL_SOCKET;
249 sopt.sopt_name = SO_KEEPALIVE;
250 sopt.sopt_val = &val;
251 sopt.sopt_valsize = sizeof val;
255 if (so->so_proto->pr_protocol == IPPROTO_TCP) {
259 bzero(&sopt, sizeof sopt);
260 sopt.sopt_dir = SOPT_SET;
261 sopt.sopt_level = IPPROTO_TCP;
262 sopt.sopt_name = TCP_NODELAY;
263 sopt.sopt_val = &val;
264 sopt.sopt_valsize = sizeof val;
268 SOCKBUF_LOCK(&so->so_rcv);
269 so->so_rcv.sb_flags &= ~SB_NOINTR;
270 so->so_rcv.sb_timeo = 0;
271 SOCKBUF_UNLOCK(&so->so_rcv);
272 SOCKBUF_LOCK(&so->so_snd);
273 so->so_snd.sb_flags &= ~SB_NOINTR;
274 so->so_snd.sb_timeo = 0;
275 SOCKBUF_UNLOCK(&so->so_snd);
277 slp = (struct nfssvc_sock *)
278 malloc(sizeof (struct nfssvc_sock), M_NFSSVC,
280 STAILQ_INIT(&slp->ns_rec);
282 TAILQ_INSERT_TAIL(&nfssvc_sockhead, slp, ns_chain);
289 * XXXRW: Socket locking here?
292 so->so_upcallarg = (caddr_t)slp;
293 so->so_upcall = nfsrv_rcv;
294 SOCKBUF_LOCK(&so->so_rcv);
295 so->so_rcv.sb_flags |= SB_UPCALL;
296 SOCKBUF_UNLOCK(&so->so_rcv);
297 slp->ns_flag = (SLP_VALID | SLP_NEEDQ);
305 * Called by nfssvc() for nfsds. Just loops around servicing rpc requests
306 * until it is killed by a signal.
309 nfssvc_nfsd(struct thread *td)
312 struct nfssvc_sock *slp;
314 struct nfsrv_descript *nd = NULL;
315 struct mbuf *m, *mreq;
316 int error = 0, cacherep, s, sotype, writes_todo;
326 nfsd = (struct nfsd *)
327 malloc(sizeof (struct nfsd), M_NFSD, M_WAITOK | M_ZERO);
332 TAILQ_INSERT_TAIL(&nfsd_head, nfsd, nfsd_chain);
336 * Loop getting rpc requests until SIGKILL.
339 if ((nfsd->nfsd_flag & NFSD_REQINPROG) == 0) {
340 while (nfsd->nfsd_slp == NULL &&
341 (nfsd_head_flag & NFSD_CHECKSLP) == 0) {
342 nfsd->nfsd_flag |= NFSD_WAITING;
344 error = msleep(nfsd, &nfsd_mtx,
345 PSOCK | PCATCH, "-", 0);
350 if (nfsd->nfsd_slp == NULL &&
351 (nfsd_head_flag & NFSD_CHECKSLP) != 0) {
352 TAILQ_FOREACH(slp, &nfssvc_sockhead, ns_chain) {
353 if ((slp->ns_flag & (SLP_VALID | SLP_DOREC))
354 == (SLP_VALID | SLP_DOREC)) {
355 slp->ns_flag &= ~SLP_DOREC;
357 nfsd->nfsd_slp = slp;
362 nfsd_head_flag &= ~NFSD_CHECKSLP;
364 if ((slp = nfsd->nfsd_slp) == NULL)
366 if (slp->ns_flag & SLP_VALID) {
367 if (slp->ns_flag & SLP_DISCONN)
369 else if (slp->ns_flag & SLP_NEEDQ) {
370 slp->ns_flag &= ~SLP_NEEDQ;
371 (void) nfs_slplock(slp, 1);
373 nfsrv_rcv(slp->ns_so, (caddr_t)slp,
378 error = nfsrv_dorec(slp, nfsd, &nd);
379 cur_usec = nfs_curusec();
380 if (error && LIST_FIRST(&slp->ns_tq) &&
381 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec) {
387 nfsd->nfsd_flag |= NFSD_REQINPROG;
391 slp = nfsd->nfsd_slp;
393 if (error || (slp->ns_flag & SLP_VALID) == 0) {
395 if (nd->nd_cr != NULL)
397 free((caddr_t)nd, M_NFSRVDESC);
400 nfsd->nfsd_slp = NULL;
401 nfsd->nfsd_flag &= ~NFSD_REQINPROG;
406 sotype = slp->ns_so->so_type;
408 getmicrotime(&nd->nd_starttime);
410 nd->nd_nam = nd->nd_nam2;
412 nd->nd_nam = slp->ns_nam;
415 * Check to see if authorization is needed.
417 cacherep = nfsrv_getcache(nd, &mreq);
420 /* Check if source port is privileged */
422 struct sockaddr *nam = nd->nd_nam;
423 struct sockaddr_in *sin;
425 sin = (struct sockaddr_in *)nam;
427 * INET/INET6 - same code:
428 * sin_port and sin6_port are at same offset
430 port = ntohs(sin->sin_port);
431 if (port >= IPPORT_RESERVED &&
432 nd->nd_procnum != NFSPROC_NULL) {
434 char b6[INET6_ADDRSTRLEN];
435 #if defined(KLD_MODULE)
436 /* Do not use ip6_sprintf: the nfs module should work without INET6. */
437 #define ip6_sprintf(buf, a) \
438 (sprintf((buf), "%x:%x:%x:%x:%x:%x:%x:%x", \
439 (a)->s6_addr16[0], (a)->s6_addr16[1], \
440 (a)->s6_addr16[2], (a)->s6_addr16[3], \
441 (a)->s6_addr16[4], (a)->s6_addr16[5], \
442 (a)->s6_addr16[6], (a)->s6_addr16[7]), \
446 nd->nd_procnum = NFSPROC_NOOP;
447 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK);
449 printf("NFS request from unprivileged port (%s:%d)\n",
451 sin->sin_family == AF_INET6 ?
452 ip6_sprintf(b6, &satosin6(sin)->sin6_addr) :
453 #if defined(KLD_MODULE)
457 inet_ntoa(sin->sin_addr), port);
464 * Loop to get all the write rpc relies that have been
470 if (nd && (nd->nd_flag & ND_NFSV3))
471 procrastinate = nfsrvw_procrastinate_v3;
473 procrastinate = nfsrvw_procrastinate;
474 if (writes_todo || (!(nd->nd_flag & ND_NFSV3) &&
475 nd->nd_procnum == NFSPROC_WRITE &&
476 procrastinate > 0 && !notstarted))
477 error = nfsrv_writegather(&nd, slp,
478 nfsd->nfsd_td, &mreq);
480 error = (*(nfsrv3_procs[nd->nd_procnum]))(nd,
481 slp, nfsd->nfsd_td, &mreq);
484 if (error != 0 && error != NFSERR_RETVOID) {
485 nfsrvstats.srv_errs++;
486 nfsrv_updatecache(nd, FALSE, mreq);
488 FREE(nd->nd_nam2, M_SONAME);
491 nfsrvstats.srvrpccnt[nd->nd_procnum]++;
492 nfsrv_updatecache(nd, TRUE, mreq);
497 siz = m_length(mreq, NULL);
498 if (siz <= 0 || siz > NFS_MAXPACKET) {
499 printf("mbuf siz=%d\n",siz);
500 panic("Bad nfs svc reply");
503 m->m_pkthdr.len = siz;
504 m->m_pkthdr.rcvif = NULL;
506 * For stream protocols, prepend a Sun RPC
509 if (sotype == SOCK_STREAM) {
510 M_PREPEND(m, NFSX_UNSIGNED, M_TRYWAIT);
511 *mtod(m, u_int32_t *) = htonl(0x80000000 | siz);
514 if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED)
515 (void) nfs_slplock(slp, 1);
516 if (slp->ns_flag & SLP_VALID) {
518 error = nfsrv_send(slp->ns_so, nd->nd_nam2, m);
525 FREE(nd->nd_nam2, M_SONAME);
527 m_freem(nd->nd_mrep);
530 if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED)
532 if (error == EINTR || error == ERESTART) {
533 if (nd->nd_cr != NULL)
535 free((caddr_t)nd, M_NFSRVDESC);
542 m_freem(nd->nd_mrep);
544 FREE(nd->nd_nam2, M_SONAME);
548 if (nd->nd_cr != NULL)
550 FREE((caddr_t)nd, M_NFSRVDESC);
555 * Check to see if there are outstanding writes that
556 * need to be serviced.
558 cur_usec = nfs_curusec();
560 if (LIST_FIRST(&slp->ns_tq) &&
561 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec) {
567 } while (writes_todo);
569 if (nfsrv_dorec(slp, nfsd, &nd)) {
570 nfsd->nfsd_flag &= ~NFSD_REQINPROG;
571 nfsd->nfsd_slp = NULL;
574 KASSERT(!(debug_mpsafenet == 0 && !mtx_owned(&Giant)),
575 ("nfssvc_nfsd(): debug.mpsafenet=0 && !Giant"));
576 KASSERT(!(debug_mpsafenet == 1 && mtx_owned(&Giant)),
577 ("nfssvc_nfsd(): debug.mpsafenet=1 && Giant"));
580 KASSERT(!(debug_mpsafenet == 0 && !mtx_owned(&Giant)),
581 ("nfssvc_nfsd(): debug.mpsafenet=0 && !Giant"));
582 KASSERT(!(debug_mpsafenet == 1 && mtx_owned(&Giant)),
583 ("nfssvc_nfsd(): debug.mpsafenet=1 && Giant"));
584 TAILQ_REMOVE(&nfsd_head, nfsd, nfsd_chain);
586 free((caddr_t)nfsd, M_NFSD);
587 if (--nfsrv_numnfsd == 0)
588 nfsrv_init(TRUE); /* Reinitialize everything */
594 * Shut down a socket associated with an nfssvc_sock structure.
595 * Should be called with the send lock set, if required.
596 * The trick here is to increment the sref at the start, so that the nfsds
597 * will stop using it and clear ns_flag at the end so that it will not be
598 * reassigned during cleanup.
601 nfsrv_zapsock(struct nfssvc_sock *slp)
603 struct nfsrv_descript *nwp, *nnwp;
606 struct nfsrv_rec *rec;
613 * XXXRW: By clearing all flags, other threads/etc should ignore
614 * this slp and we can safely release nfsd_mtx so we can clean
617 slp->ns_flag &= ~SLP_ALLFLAGS;
623 SOCKBUF_LOCK(&so->so_rcv);
624 so->so_rcv.sb_flags &= ~SB_UPCALL;
625 SOCKBUF_UNLOCK(&so->so_rcv);
626 so->so_upcall = NULL;
627 so->so_upcallarg = NULL;
628 soshutdown(so, SHUT_RDWR);
632 FREE(slp->ns_nam, M_SONAME);
633 m_freem(slp->ns_raw);
634 while ((rec = STAILQ_FIRST(&slp->ns_rec)) != NULL) {
635 STAILQ_REMOVE_HEAD(&slp->ns_rec, nr_link);
637 FREE(rec->nr_address, M_SONAME);
638 m_freem(rec->nr_packet);
639 free(rec, M_NFSRVDESC);
642 for (nwp = LIST_FIRST(&slp->ns_tq); nwp; nwp = nnwp) {
643 nnwp = LIST_NEXT(nwp, nd_tq);
644 LIST_REMOVE(nwp, nd_tq);
645 if (nwp->nd_cr != NULL)
647 free((caddr_t)nwp, M_NFSRVDESC);
649 LIST_INIT(&slp->ns_tq);
655 * Derefence a server socket structure. If it has no more references and
656 * is no longer valid, you can throw it away.
659 nfsrv_slpderef(struct nfssvc_sock *slp)
664 if (--(slp->ns_sref) == 0 && (slp->ns_flag & SLP_VALID) == 0) {
665 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain);
666 free((caddr_t)slp, M_NFSSVC);
671 * Lock a socket against others.
673 * XXXRW: Wait argument is always 1 in the caller. Replace with a real
677 nfs_slplock(struct nfssvc_sock *slp, int wait)
679 int *statep = &slp->ns_solock;
683 if (!wait && (*statep & NFSRV_SNDLOCK))
684 return(0); /* already locked, fail */
685 while (*statep & NFSRV_SNDLOCK) {
686 *statep |= NFSRV_WANTSND;
687 (void) msleep(statep, &nfsd_mtx, PZERO - 1, "nfsslplck", 0);
689 *statep |= NFSRV_SNDLOCK;
694 * Unlock the stream socket for others.
697 nfs_slpunlock(struct nfssvc_sock *slp)
699 int *statep = &slp->ns_solock;
703 if ((*statep & NFSRV_SNDLOCK) == 0)
704 panic("nfs slpunlock");
705 *statep &= ~NFSRV_SNDLOCK;
706 if (*statep & NFSRV_WANTSND) {
707 *statep &= ~NFSRV_WANTSND;
713 * Initialize the data structures for the server.
714 * Handshake with any new nfsds starting up to avoid any chance of
718 nfsrv_init(int terminating)
720 struct nfssvc_sock *slp, *nslp;
725 if (nfssvc_sockhead_flag & SLP_INIT)
727 nfssvc_sockhead_flag |= SLP_INIT;
729 TAILQ_FOREACH_SAFE(slp, &nfssvc_sockhead, ns_chain, nslp) {
730 if (slp->ns_flag & SLP_VALID)
732 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain);
733 free((caddr_t)slp, M_NFSSVC);
735 nfsrv_cleancache(); /* And clear out server cache */
737 nfs_pub.np_valid = 0;
739 TAILQ_INIT(&nfssvc_sockhead);
740 nfssvc_sockhead_flag &= ~SLP_INIT;
741 if (nfssvc_sockhead_flag & SLP_WANTINIT) {
742 nfssvc_sockhead_flag &= ~SLP_WANTINIT;
743 wakeup(&nfssvc_sockhead);
746 TAILQ_INIT(&nfsd_head);
747 nfsd_head_flag &= ~NFSD_CHECKSLP;
750 nfs_udpsock = (struct nfssvc_sock *)
751 malloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO);
752 STAILQ_INIT(&nfs_udpsock->ns_rec);
753 TAILQ_INSERT_HEAD(&nfssvc_sockhead, nfs_udpsock, ns_chain);
755 nfs_cltpsock = (struct nfssvc_sock *)
756 malloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO);
757 STAILQ_INIT(&nfs_cltpsock->ns_rec);
758 TAILQ_INSERT_TAIL(&nfssvc_sockhead, nfs_cltpsock, ns_chain);