2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_syscalls.c 8.5 (Berkeley) 3/30/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
38 #include "opt_inet6.h"
41 #include <sys/param.h>
42 #include <sys/systm.h>
43 #include <sys/sysproto.h>
44 #include <sys/kernel.h>
45 #include <sys/sysctl.h>
47 #include <sys/filedesc.h>
48 #include <sys/vnode.h>
49 #include <sys/malloc.h>
50 #include <sys/mount.h>
56 #include <sys/socket.h>
57 #include <sys/socketvar.h>
58 #include <sys/domain.h>
59 #include <sys/protosw.h>
60 #include <sys/namei.h>
61 #include <sys/fcntl.h>
62 #include <sys/lockf.h>
64 #include <netinet/in.h>
65 #include <netinet/tcp.h>
68 #include <netinet6/in6_var.h>
70 #include <nfs/xdr_subs.h>
71 #include <nfs/rpcv2.h>
72 #include <nfs/nfsproto.h>
73 #include <nfsserver/nfs.h>
74 #include <nfsserver/nfsm_subs.h>
75 #include <nfsserver/nfsrvcache.h>
77 #include <security/mac/mac_framework.h>
79 static MALLOC_DEFINE(M_NFSSVC, "nfss_srvsock", "Nfs server structure");
81 MALLOC_DEFINE(M_NFSRVDESC, "nfss_srvdesc", "NFS server socket descriptor");
82 MALLOC_DEFINE(M_NFSD, "nfss_daemon", "Nfs server daemon structure");
87 SYSCTL_DECL(_vfs_nfsrv);
90 int nfsrv_numnfsd = 0;
91 static int notstarted = 1;
93 static int nfs_privport = 0;
94 SYSCTL_INT(_vfs_nfsrv, NFS_NFSPRIVPORT, nfs_privport, CTLFLAG_RW,
95 &nfs_privport, 0, "");
96 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, gatherdelay, CTLFLAG_RW,
97 &nfsrvw_procrastinate, 0, "");
98 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, gatherdelay_v3, CTLFLAG_RW,
99 &nfsrvw_procrastinate_v3, 0, "");
101 static int nfssvc_addsock(struct file *, struct sockaddr *,
103 static void nfsrv_zapsock(struct nfssvc_sock *slp);
104 static int nfssvc_nfsd(struct thread *);
107 * NFS server system calls
111 * Nfs server psuedo system call for the nfsd's
112 * Based on the flag value it either:
113 * - adds a socket to the selection list
114 * - remains in the kernel as an nfsd
115 * - remains in the kernel as an nfsiod
116 * For INET6 we suppose that nfsd provides only IN6P_IPV6_V6ONLY sockets
117 * and that mountd provides
118 * - sockaddr with no IPv4-mapped addresses
119 * - mask for both INET and INET6 families if there is IPv4-mapped overlap
121 #ifndef _SYS_SYSPROTO_H_
128 nfssvc(struct thread *td, struct nfssvc_args *uap)
131 struct sockaddr *nam;
132 struct nfsd_args nfsdarg;
135 KASSERT(!mtx_owned(&Giant), ("nfssvc(): called with Giant"));
138 error = mac_check_system_nfsd(td->td_ucred);
142 error = priv_check(td, PRIV_NFSD);
147 while (nfssvc_sockhead_flag & SLP_INIT) {
148 nfssvc_sockhead_flag |= SLP_WANTINIT;
149 (void) msleep(&nfssvc_sockhead, &nfsd_mtx, PSOCK,
153 if (uap->flag & NFSSVC_ADDSOCK) {
154 error = copyin(uap->argp, (caddr_t)&nfsdarg, sizeof(nfsdarg));
157 if ((error = fget(td, nfsdarg.sock, &fp)) != 0)
159 if (fp->f_type != DTYPE_SOCKET) {
164 * Get the client address for connected sockets.
166 if (nfsdarg.name == NULL || nfsdarg.namelen == 0)
169 error = getsockaddr(&nam, nfsdarg.name,
176 error = nfssvc_addsock(fp, nam, td);
178 } else if (uap->flag & NFSSVC_NFSD) {
179 error = nfssvc_nfsd(td);
183 if (error == EINTR || error == ERESTART)
191 * Adds a socket to the list for servicing by nfsds.
194 nfssvc_addsock(struct file *fp, struct sockaddr *mynam, struct thread *td)
197 struct nfssvc_sock *slp;
206 * XXXRW: If this code is ever enabled, there's a race when running
211 * Add it to the list, as required.
213 if (so->so_proto->pr_protocol == IPPROTO_UDP) {
215 if (tslp->ns_flag & SLP_VALID) {
217 FREE(mynam, M_SONAME);
222 if (so->so_type == SOCK_STREAM)
223 siz = NFS_MAXPACKET + sizeof (u_long);
226 error = soreserve(so, siz, siz);
229 FREE(mynam, M_SONAME);
234 * Set protocol specific options { for now TCP only } and
235 * reserve some space. For datagram sockets, this can get called
236 * repeatedly for the same socket, but that isn't harmful.
238 if (so->so_type == SOCK_STREAM) {
242 bzero(&sopt, sizeof sopt);
243 sopt.sopt_dir = SOPT_SET;
244 sopt.sopt_level = SOL_SOCKET;
245 sopt.sopt_name = SO_KEEPALIVE;
246 sopt.sopt_val = &val;
247 sopt.sopt_valsize = sizeof val;
251 if (so->so_proto->pr_protocol == IPPROTO_TCP) {
255 bzero(&sopt, sizeof sopt);
256 sopt.sopt_dir = SOPT_SET;
257 sopt.sopt_level = IPPROTO_TCP;
258 sopt.sopt_name = TCP_NODELAY;
259 sopt.sopt_val = &val;
260 sopt.sopt_valsize = sizeof val;
264 SOCKBUF_LOCK(&so->so_rcv);
265 so->so_rcv.sb_flags &= ~SB_NOINTR;
266 so->so_rcv.sb_timeo = 0;
267 SOCKBUF_UNLOCK(&so->so_rcv);
268 SOCKBUF_LOCK(&so->so_snd);
269 so->so_snd.sb_flags &= ~SB_NOINTR;
270 so->so_snd.sb_timeo = 0;
271 SOCKBUF_UNLOCK(&so->so_snd);
273 slp = (struct nfssvc_sock *)
274 malloc(sizeof (struct nfssvc_sock), M_NFSSVC,
276 STAILQ_INIT(&slp->ns_rec);
278 TAILQ_INSERT_TAIL(&nfssvc_sockhead, slp, ns_chain);
285 * XXXRW: Socket locking here?
288 so->so_upcallarg = (caddr_t)slp;
289 so->so_upcall = nfsrv_rcv;
290 SOCKBUF_LOCK(&so->so_rcv);
291 so->so_rcv.sb_flags |= SB_UPCALL;
292 SOCKBUF_UNLOCK(&so->so_rcv);
293 slp->ns_flag = (SLP_VALID | SLP_NEEDQ);
301 * Called by nfssvc() for nfsds. Just loops around servicing rpc requests
302 * until it is killed by a signal.
305 nfssvc_nfsd(struct thread *td)
308 struct nfssvc_sock *slp;
310 struct nfsrv_descript *nd = NULL;
311 struct mbuf *m, *mreq;
312 int error = 0, cacherep, s, sotype, writes_todo;
322 nfsd = (struct nfsd *)
323 malloc(sizeof (struct nfsd), M_NFSD, M_WAITOK | M_ZERO);
328 TAILQ_INSERT_TAIL(&nfsd_head, nfsd, nfsd_chain);
332 * Loop getting rpc requests until SIGKILL.
335 if ((nfsd->nfsd_flag & NFSD_REQINPROG) == 0) {
336 while (nfsd->nfsd_slp == NULL &&
337 (nfsd_head_flag & NFSD_CHECKSLP) == 0) {
338 nfsd->nfsd_flag |= NFSD_WAITING;
340 error = msleep(nfsd, &nfsd_mtx,
341 PSOCK | PCATCH, "-", 0);
346 if (nfsd->nfsd_slp == NULL &&
347 (nfsd_head_flag & NFSD_CHECKSLP) != 0) {
348 TAILQ_FOREACH(slp, &nfssvc_sockhead, ns_chain) {
349 if ((slp->ns_flag & (SLP_VALID | SLP_DOREC))
350 == (SLP_VALID | SLP_DOREC)) {
351 slp->ns_flag &= ~SLP_DOREC;
353 nfsd->nfsd_slp = slp;
358 nfsd_head_flag &= ~NFSD_CHECKSLP;
360 if ((slp = nfsd->nfsd_slp) == NULL)
362 if (slp->ns_flag & SLP_VALID) {
363 if (slp->ns_flag & SLP_DISCONN)
365 else if (slp->ns_flag & SLP_NEEDQ) {
366 slp->ns_flag &= ~SLP_NEEDQ;
367 (void) nfs_slplock(slp, 1);
369 nfsrv_rcv(slp->ns_so, (caddr_t)slp,
374 error = nfsrv_dorec(slp, nfsd, &nd);
375 cur_usec = nfs_curusec();
376 if (error && LIST_FIRST(&slp->ns_tq) &&
377 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec) {
383 nfsd->nfsd_flag |= NFSD_REQINPROG;
387 slp = nfsd->nfsd_slp;
389 if (error || (slp->ns_flag & SLP_VALID) == 0) {
391 if (nd->nd_cr != NULL)
393 free((caddr_t)nd, M_NFSRVDESC);
396 nfsd->nfsd_slp = NULL;
397 nfsd->nfsd_flag &= ~NFSD_REQINPROG;
402 sotype = slp->ns_so->so_type;
404 getmicrotime(&nd->nd_starttime);
406 nd->nd_nam = nd->nd_nam2;
408 nd->nd_nam = slp->ns_nam;
411 * Check to see if authorization is needed.
413 cacherep = nfsrv_getcache(nd, &mreq);
416 /* Check if source port is privileged */
418 struct sockaddr *nam = nd->nd_nam;
419 struct sockaddr_in *sin;
421 sin = (struct sockaddr_in *)nam;
423 * INET/INET6 - same code:
424 * sin_port and sin6_port are at same offset
426 port = ntohs(sin->sin_port);
427 if (port >= IPPORT_RESERVED &&
428 nd->nd_procnum != NFSPROC_NULL) {
430 char b6[INET6_ADDRSTRLEN];
431 #if defined(KLD_MODULE)
432 /* Do not use ip6_sprintf: the nfs module should work without INET6. */
433 #define ip6_sprintf(buf, a) \
434 (sprintf((buf), "%x:%x:%x:%x:%x:%x:%x:%x", \
435 (a)->s6_addr16[0], (a)->s6_addr16[1], \
436 (a)->s6_addr16[2], (a)->s6_addr16[3], \
437 (a)->s6_addr16[4], (a)->s6_addr16[5], \
438 (a)->s6_addr16[6], (a)->s6_addr16[7]), \
442 nd->nd_procnum = NFSPROC_NOOP;
443 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_TOOWEAK);
445 printf("NFS request from unprivileged port (%s:%d)\n",
447 sin->sin_family == AF_INET6 ?
448 ip6_sprintf(b6, &satosin6(sin)->sin6_addr) :
449 #if defined(KLD_MODULE)
453 inet_ntoa(sin->sin_addr), port);
460 * Loop to get all the write rpc relies that have been
466 if (nd && (nd->nd_flag & ND_NFSV3))
467 procrastinate = nfsrvw_procrastinate_v3;
469 procrastinate = nfsrvw_procrastinate;
471 if (writes_todo || (!(nd->nd_flag & ND_NFSV3) &&
472 nd->nd_procnum == NFSPROC_WRITE &&
473 procrastinate > 0 && !notstarted))
474 error = nfsrv_writegather(&nd, slp,
475 nfsd->nfsd_td, &mreq);
477 error = (*(nfsrv3_procs[nd->nd_procnum]))(nd,
478 slp, nfsd->nfsd_td, &mreq);
482 if (error != 0 && error != NFSERR_RETVOID) {
483 nfsrvstats.srv_errs++;
484 nfsrv_updatecache(nd, FALSE, mreq);
486 FREE(nd->nd_nam2, M_SONAME);
489 nfsrvstats.srvrpccnt[nd->nd_procnum]++;
490 nfsrv_updatecache(nd, TRUE, mreq);
495 siz = m_length(mreq, NULL);
496 if (siz <= 0 || siz > NFS_MAXPACKET) {
497 printf("mbuf siz=%d\n",siz);
498 panic("Bad nfs svc reply");
501 m->m_pkthdr.len = siz;
502 m->m_pkthdr.rcvif = NULL;
504 * For stream protocols, prepend a Sun RPC
507 if (sotype == SOCK_STREAM) {
508 M_PREPEND(m, NFSX_UNSIGNED, M_TRYWAIT);
509 *mtod(m, u_int32_t *) = htonl(0x80000000 | siz);
512 if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED)
513 (void) nfs_slplock(slp, 1);
514 if (slp->ns_flag & SLP_VALID) {
516 error = nfsrv_send(slp->ns_so, nd->nd_nam2, m);
523 FREE(nd->nd_nam2, M_SONAME);
525 m_freem(nd->nd_mrep);
528 if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED)
530 if (error == EINTR || error == ERESTART) {
531 if (nd->nd_cr != NULL)
533 free((caddr_t)nd, M_NFSRVDESC);
540 m_freem(nd->nd_mrep);
542 FREE(nd->nd_nam2, M_SONAME);
546 if (nd->nd_cr != NULL)
548 FREE((caddr_t)nd, M_NFSRVDESC);
553 * Check to see if there are outstanding writes that
554 * need to be serviced.
556 cur_usec = nfs_curusec();
558 if (LIST_FIRST(&slp->ns_tq) &&
559 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec) {
565 } while (writes_todo);
567 if (nfsrv_dorec(slp, nfsd, &nd)) {
568 nfsd->nfsd_flag &= ~NFSD_REQINPROG;
569 nfsd->nfsd_slp = NULL;
572 KASSERT(!(debug_mpsafenet == 0 && !mtx_owned(&Giant)),
573 ("nfssvc_nfsd(): debug.mpsafenet=0 && !Giant"));
574 KASSERT(!(debug_mpsafenet == 1 && mtx_owned(&Giant)),
575 ("nfssvc_nfsd(): debug.mpsafenet=1 && Giant"));
578 KASSERT(!(debug_mpsafenet == 0 && !mtx_owned(&Giant)),
579 ("nfssvc_nfsd(): debug.mpsafenet=0 && !Giant"));
580 KASSERT(!(debug_mpsafenet == 1 && mtx_owned(&Giant)),
581 ("nfssvc_nfsd(): debug.mpsafenet=1 && Giant"));
582 TAILQ_REMOVE(&nfsd_head, nfsd, nfsd_chain);
584 free((caddr_t)nfsd, M_NFSD);
585 if (--nfsrv_numnfsd == 0)
586 nfsrv_init(TRUE); /* Reinitialize everything */
592 * Shut down a socket associated with an nfssvc_sock structure.
593 * Should be called with the send lock set, if required.
594 * The trick here is to increment the sref at the start, so that the nfsds
595 * will stop using it and clear ns_flag at the end so that it will not be
596 * reassigned during cleanup.
599 nfsrv_zapsock(struct nfssvc_sock *slp)
601 struct nfsrv_descript *nwp, *nnwp;
604 struct nfsrv_rec *rec;
611 * XXXRW: By clearing all flags, other threads/etc should ignore
612 * this slp and we can safely release nfsd_mtx so we can clean
615 slp->ns_flag &= ~SLP_ALLFLAGS;
621 SOCKBUF_LOCK(&so->so_rcv);
622 so->so_rcv.sb_flags &= ~SB_UPCALL;
623 SOCKBUF_UNLOCK(&so->so_rcv);
624 so->so_upcall = NULL;
625 so->so_upcallarg = NULL;
626 soshutdown(so, SHUT_RDWR);
630 FREE(slp->ns_nam, M_SONAME);
631 m_freem(slp->ns_raw);
632 while ((rec = STAILQ_FIRST(&slp->ns_rec)) != NULL) {
633 STAILQ_REMOVE_HEAD(&slp->ns_rec, nr_link);
635 FREE(rec->nr_address, M_SONAME);
636 m_freem(rec->nr_packet);
637 free(rec, M_NFSRVDESC);
640 for (nwp = LIST_FIRST(&slp->ns_tq); nwp; nwp = nnwp) {
641 nnwp = LIST_NEXT(nwp, nd_tq);
642 LIST_REMOVE(nwp, nd_tq);
643 if (nwp->nd_cr != NULL)
645 free((caddr_t)nwp, M_NFSRVDESC);
647 LIST_INIT(&slp->ns_tq);
653 * Derefence a server socket structure. If it has no more references and
654 * is no longer valid, you can throw it away.
657 nfsrv_slpderef(struct nfssvc_sock *slp)
662 if (--(slp->ns_sref) == 0 && (slp->ns_flag & SLP_VALID) == 0) {
663 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain);
664 free((caddr_t)slp, M_NFSSVC);
669 * Lock a socket against others.
671 * XXXRW: Wait argument is always 1 in the caller. Replace with a real
675 nfs_slplock(struct nfssvc_sock *slp, int wait)
677 int *statep = &slp->ns_solock;
681 if (!wait && (*statep & NFSRV_SNDLOCK))
682 return(0); /* already locked, fail */
683 while (*statep & NFSRV_SNDLOCK) {
684 *statep |= NFSRV_WANTSND;
685 (void) msleep(statep, &nfsd_mtx, PZERO - 1, "nfsslplck", 0);
687 *statep |= NFSRV_SNDLOCK;
692 * Unlock the stream socket for others.
695 nfs_slpunlock(struct nfssvc_sock *slp)
697 int *statep = &slp->ns_solock;
701 if ((*statep & NFSRV_SNDLOCK) == 0)
702 panic("nfs slpunlock");
703 *statep &= ~NFSRV_SNDLOCK;
704 if (*statep & NFSRV_WANTSND) {
705 *statep &= ~NFSRV_WANTSND;
711 * Initialize the data structures for the server.
712 * Handshake with any new nfsds starting up to avoid any chance of
716 nfsrv_init(int terminating)
718 struct nfssvc_sock *slp, *nslp;
723 if (nfssvc_sockhead_flag & SLP_INIT)
725 nfssvc_sockhead_flag |= SLP_INIT;
727 TAILQ_FOREACH_SAFE(slp, &nfssvc_sockhead, ns_chain, nslp) {
728 if (slp->ns_flag & SLP_VALID)
730 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain);
731 free((caddr_t)slp, M_NFSSVC);
733 nfsrv_cleancache(); /* And clear out server cache */
735 nfs_pub.np_valid = 0;
737 TAILQ_INIT(&nfssvc_sockhead);
738 nfssvc_sockhead_flag &= ~SLP_INIT;
739 if (nfssvc_sockhead_flag & SLP_WANTINIT) {
740 nfssvc_sockhead_flag &= ~SLP_WANTINIT;
741 wakeup(&nfssvc_sockhead);
744 TAILQ_INIT(&nfsd_head);
745 nfsd_head_flag &= ~NFSD_CHECKSLP;
748 nfs_udpsock = (struct nfssvc_sock *)
749 malloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO);
750 STAILQ_INIT(&nfs_udpsock->ns_rec);
751 TAILQ_INSERT_HEAD(&nfssvc_sockhead, nfs_udpsock, ns_chain);
753 nfs_cltpsock = (struct nfssvc_sock *)
754 malloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK | M_ZERO);
755 STAILQ_INIT(&nfs_cltpsock->ns_rec);
756 TAILQ_INSERT_TAIL(&nfssvc_sockhead, nfs_cltpsock, ns_chain);