]> git.ipfire.org Git - thirdparty/linux.git/blame - fs/nfsd/nfs4state.c
projects / thirdparty / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'riscv-for-linus-5.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel...
[thirdparty/linux.git] / fs / nfsd / nfs4state.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2* Copyright (c) 2001 The Regents of the University of Michigan.
3* All rights reserved.
4*
5* Kendrick Smith <kmsmith@umich.edu>
6* Andy Adamson <kandros@umich.edu>
7*
8* Redistribution and use in source and binary forms, with or without
9* modification, are permitted provided that the following conditions
10* are met:
11*
12* 1. Redistributions of source code must retain the above copyright
13* notice, this list of conditions and the following disclaimer.
14* 2. Redistributions in binary form must reproduce the above copyright
15* notice, this list of conditions and the following disclaimer in the
16* documentation and/or other materials provided with the distribution.
17* 3. Neither the name of the University nor the names of its
18* contributors may be used to endorse or promote products derived
19* from this software without specific prior written permission.
20*
21* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
29* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
31* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32*
33*/
34
aceaf78d 35#include <linux/file.h>
b89f4321 36#include <linux/fs.h>
5a0e3ad6 37#include <linux/slab.h>
0964a3d3 38#include <linux/namei.h>
c2f1a551 39#include <linux/swap.h>
17456804 40#include <linux/pagemap.h>
7df302f7 41#include <linux/ratelimit.h>
68e76ad0 42#include <linux/sunrpc/svcauth_gss.h>
5976687a 43#include <linux/sunrpc/addr.h>
87545899 44#include <linux/jhash.h>
169319f1 45#include <linux/string_helpers.h>
9a74af21 46#include "xdr4.h"
06b332a5 47#include "xdr4cb.h"
0a3adade 48#include "vfs.h"
bfa4b365 49#include "current_stateid.h"
1da177e4 50
5e1533c7 51#include "netns.h"
9cf514cc 52#include "pnfs.h"
fd4f83fd 53#include "filecache.h"
5e1533c7 54
1da177e4
LT		 55#define NFSDDBG_FACILITY NFSDDBG_PROC
56
f32f3c2d
BF		 57#define all_ones {{~0,~0},~0}
58static const stateid_t one_stateid = {
59 .si_generation = ~0,
60 .si_opaque = all_ones,
61};
62static const stateid_t zero_stateid = {
63 /* all fields zero */
64};
19ff0f28
TM		 65static const stateid_t currentstateid = {
66 .si_generation = 1,
67};
fb500a7c
TM		 68static const stateid_t close_stateid = {
69 .si_generation = 0xffffffffU,
70};
f32f3c2d 71
ec6b5d7b 72static u64 current_sessionid = 1;
fd39ca9a 73
f32f3c2d
BF		 74#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
75#define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
19ff0f28 76#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
ae254dac 77#define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t)))
1da177e4 78
1da177e4 79/* forward declarations */
f9c00c3a 80static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner);
6011695d 81static void nfs4_free_ol_stateid(struct nfs4_stid *stid);
362063a5 82void nfsd4_end_grace(struct nfsd_net *nn);
624322f1 83static void _free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps);
1da177e4 84
8b671b80
BF		 85/* Locking: */
86
8b671b80
BF		 87/*
88 * Currently used for the del_recall_lru and file hash table. In an
89 * effort to decrease the scope of the client_mutex, this spinlock may
90 * eventually cover more:
91 */
cdc97505 92static DEFINE_SPINLOCK(state_lock);
8b671b80 93
4f34bd05
AE		 94enum nfsd4_st_mutex_lock_subclass {
95 OPEN_STATEID_MUTEX = 0,
96 LOCK_STATEID_MUTEX = 1,
97};
98
b401be22
JL		 99/*
100 * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for
101 * the refcount on the open stateid to drop.
102 */
103static DECLARE_WAIT_QUEUE_HEAD(close_wq);
104
89c905be
BF		 105/*
106 * A waitqueue where a writer to clients/#/ctl destroying a client can
107 * wait for cl_rpc_users to drop to 0 and then for the client to be
108 * unhashed.
109 */
110static DECLARE_WAIT_QUEUE_HEAD(expiry_wq);
111
9258a2d5 112static struct kmem_cache *client_slab;
abf1135b
CH		 113static struct kmem_cache *openowner_slab;
114static struct kmem_cache *lockowner_slab;
115static struct kmem_cache *file_slab;
116static struct kmem_cache *stateid_slab;
117static struct kmem_cache *deleg_slab;
8287f009 118static struct kmem_cache *odstate_slab;
e60d4398 119
66b2b9b2 120static void free_session(struct nfsd4_session *);
508dc6e1 121
c4cb8974 122static const struct nfsd4_callback_ops nfsd4_cb_recall_ops;
76d348fa 123static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops;
0162ac2b 124
f0f51f5c 125static bool is_session_dead(struct nfsd4_session *ses)
66b2b9b2 126{
f0f51f5c 127 return ses->se_flags & NFS4_SESSION_DEAD;
66b2b9b2
BF		 128}
129
f0f51f5c 130static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me)
508dc6e1 131{
f0f51f5c 132 if (atomic_read(&ses->se_ref) > ref_held_by_me)
66b2b9b2
BF		 133 return nfserr_jukebox;
134 ses->se_flags |= NFS4_SESSION_DEAD;
135 return nfs_ok;
508dc6e1
BH		 136}
137
221a6876
BF		 138static bool is_client_expired(struct nfs4_client *clp)
139{
140 return clp->cl_time == 0;
141}
142
221a6876
BF		 143static __be32 get_client_locked(struct nfs4_client *clp)
144{
0a880a28
TM		 145 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
146
147 lockdep_assert_held(&nn->client_lock);
148
221a6876
BF		 149 if (is_client_expired(clp))
150 return nfserr_expired;
14ed14cc 151 atomic_inc(&clp->cl_rpc_users);
221a6876
BF		 152 return nfs_ok;
153}
154
155/* must be called under the client_lock */
156static inline void
157renew_client_locked(struct nfs4_client *clp)
158{
159 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
160
161 if (is_client_expired(clp)) {
162 WARN_ON(1);
163 printk("%s: client (clientid %08x/%08x) already expired\n",
164 __func__,
165 clp->cl_clientid.cl_boot,
166 clp->cl_clientid.cl_id);
167 return;
168 }
169
170 dprintk("renewing client (clientid %08x/%08x)\n",
171 clp->cl_clientid.cl_boot,
172 clp->cl_clientid.cl_id);
173 list_move_tail(&clp->cl_lru, &nn->client_lru);
20b7d86f 174 clp->cl_time = ktime_get_boottime_seconds();
221a6876
BF		 175}
176
ba138435 177static void put_client_renew_locked(struct nfs4_client *clp)
221a6876 178{
0a880a28
TM		 179 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
180
181 lockdep_assert_held(&nn->client_lock);
182
14ed14cc 183 if (!atomic_dec_and_test(&clp->cl_rpc_users))
221a6876
BF		 184 return;
185 if (!is_client_expired(clp))
186 renew_client_locked(clp);
89c905be
BF		 187 else
188 wake_up_all(&expiry_wq);
221a6876
BF		 189}
190
4b24ca7d
JL		 191static void put_client_renew(struct nfs4_client *clp)
192{
193 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
194
14ed14cc 195 if (!atomic_dec_and_lock(&clp->cl_rpc_users, &nn->client_lock))
d6c249b4
JL		 196 return;
197 if (!is_client_expired(clp))
198 renew_client_locked(clp);
89c905be
BF		 199 else
200 wake_up_all(&expiry_wq);
4b24ca7d
JL		 201 spin_unlock(&nn->client_lock);
202}
203
d4e19e70
TM		 204static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses)
205{
206 __be32 status;
207
208 if (is_session_dead(ses))
209 return nfserr_badsession;
210 status = get_client_locked(ses->se_client);
211 if (status)
212 return status;
213 atomic_inc(&ses->se_ref);
214 return nfs_ok;
215}
216
217static void nfsd4_put_session_locked(struct nfsd4_session *ses)
218{
219 struct nfs4_client *clp = ses->se_client;
0a880a28
TM		 220 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
221
222 lockdep_assert_held(&nn->client_lock);
d4e19e70
TM		 223
224 if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses))
225 free_session(ses);
226 put_client_renew_locked(clp);
227}
228
229static void nfsd4_put_session(struct nfsd4_session *ses)
230{
231 struct nfs4_client *clp = ses->se_client;
232 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
233
234 spin_lock(&nn->client_lock);
235 nfsd4_put_session_locked(ses);
236 spin_unlock(&nn->client_lock);
237}
238
76d348fa
JL		 239static struct nfsd4_blocked_lock *
240find_blocked_lock(struct nfs4_lockowner *lo, struct knfsd_fh *fh,
241 struct nfsd_net *nn)
242{
243 struct nfsd4_blocked_lock *cur, *found = NULL;
244
0cc11a61 245 spin_lock(&nn->blocked_locks_lock);
76d348fa
JL		 246 list_for_each_entry(cur, &lo->lo_blocked, nbl_list) {
247 if (fh_match(fh, &cur->nbl_fh)) {
248 list_del_init(&cur->nbl_list);
7919d0a2 249 list_del_init(&cur->nbl_lru);
76d348fa
JL		 250 found = cur;
251 break;
252 }
253 }
0cc11a61 254 spin_unlock(&nn->blocked_locks_lock);
76d348fa 255 if (found)
cb03f94f 256 locks_delete_block(&found->nbl_lock);
76d348fa
JL		 257 return found;
258}
259
260static struct nfsd4_blocked_lock *
261find_or_allocate_block(struct nfs4_lockowner *lo, struct knfsd_fh *fh,
262 struct nfsd_net *nn)
263{
264 struct nfsd4_blocked_lock *nbl;
265
266 nbl = find_blocked_lock(lo, fh, nn);
267 if (!nbl) {
268 nbl= kmalloc(sizeof(*nbl), GFP_KERNEL);
269 if (nbl) {
e1e8399e
VA		 270 INIT_LIST_HEAD(&nbl->nbl_list);
271 INIT_LIST_HEAD(&nbl->nbl_lru);
76d348fa
JL		 272 fh_copy_shallow(&nbl->nbl_fh, fh);
273 locks_init_lock(&nbl->nbl_lock);
274 nfsd4_init_cb(&nbl->nbl_cb, lo->lo_owner.so_client,
275 &nfsd4_cb_notify_lock_ops,
276 NFSPROC4_CLNT_CB_NOTIFY_LOCK);
277 }
278 }
279 return nbl;
280}
281
282static void
283free_blocked_lock(struct nfsd4_blocked_lock *nbl)
284{
6aaafc43 285 locks_delete_block(&nbl->nbl_lock);
76d348fa
JL		 286 locks_release_private(&nbl->nbl_lock);
287 kfree(nbl);
288}
289
68ef3bc3
JL		 290static void
291remove_blocked_locks(struct nfs4_lockowner *lo)
292{
293 struct nfs4_client *clp = lo->lo_owner.so_client;
294 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
295 struct nfsd4_blocked_lock *nbl;
296 LIST_HEAD(reaplist);
297
298 /* Dequeue all blocked locks */
299 spin_lock(&nn->blocked_locks_lock);
300 while (!list_empty(&lo->lo_blocked)) {
301 nbl = list_first_entry(&lo->lo_blocked,
302 struct nfsd4_blocked_lock,
303 nbl_list);
304 list_del_init(&nbl->nbl_list);
305 list_move(&nbl->nbl_lru, &reaplist);
306 }
307 spin_unlock(&nn->blocked_locks_lock);
308
309 /* Now free them */
310 while (!list_empty(&reaplist)) {
311 nbl = list_first_entry(&reaplist, struct nfsd4_blocked_lock,
312 nbl_lru);
313 list_del_init(&nbl->nbl_lru);
68ef3bc3
JL		 314 free_blocked_lock(nbl);
315 }
316}
317
f456458e
JL		 318static void
319nfsd4_cb_notify_lock_prepare(struct nfsd4_callback *cb)
320{
321 struct nfsd4_blocked_lock *nbl = container_of(cb,
322 struct nfsd4_blocked_lock, nbl_cb);
323 locks_delete_block(&nbl->nbl_lock);
324}
325
76d348fa
JL		 326static int
327nfsd4_cb_notify_lock_done(struct nfsd4_callback *cb, struct rpc_task *task)
328{
329 /*
330 * Since this is just an optimization, we don't try very hard if it
331 * turns out not to succeed. We'll requeue it on NFS4ERR_DELAY, and
332 * just quit trying on anything else.
333 */
334 switch (task->tk_status) {
335 case -NFS4ERR_DELAY:
336 rpc_delay(task, 1 * HZ);
337 return 0;
338 default:
339 return 1;
340 }
341}
342
343static void
344nfsd4_cb_notify_lock_release(struct nfsd4_callback *cb)
345{
346 struct nfsd4_blocked_lock *nbl = container_of(cb,
347 struct nfsd4_blocked_lock, nbl_cb);
348
349 free_blocked_lock(nbl);
350}
351
352static const struct nfsd4_callback_ops nfsd4_cb_notify_lock_ops = {
f456458e 353 .prepare = nfsd4_cb_notify_lock_prepare,
76d348fa
JL		 354 .done = nfsd4_cb_notify_lock_done,
355 .release = nfsd4_cb_notify_lock_release,
356};
357
b5971afa
KM		 358static inline struct nfs4_stateowner *
359nfs4_get_stateowner(struct nfs4_stateowner *sop)
360{
361 atomic_inc(&sop->so_count);
362 return sop;
363}
364
7ffb5880 365static int
d4f0489f 366same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner)
7ffb5880
TM		 367{
368 return (sop->so_owner.len == owner->len) &&
d4f0489f 369 0 == memcmp(sop->so_owner.data, owner->data, owner->len);
7ffb5880
TM		 370}
371
372static struct nfs4_openowner *
373find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open,
d4f0489f 374 struct nfs4_client *clp)
7ffb5880
TM		 375{
376 struct nfs4_stateowner *so;
7ffb5880 377
d4f0489f 378 lockdep_assert_held(&clp->cl_lock);
7ffb5880 379
d4f0489f
TM		 380 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval],
381 so_strhash) {
7ffb5880
TM		 382 if (!so->so_is_open_owner)
383 continue;
b5971afa
KM		 384 if (same_owner_str(so, &open->op_owner))
385 return openowner(nfs4_get_stateowner(so));
7ffb5880
TM		 386 }
387 return NULL;
388}
389
390static struct nfs4_openowner *
391find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open,
d4f0489f 392 struct nfs4_client *clp)
7ffb5880
TM		 393{
394 struct nfs4_openowner *oo;
395
d4f0489f
TM		 396 spin_lock(&clp->cl_lock);
397 oo = find_openstateowner_str_locked(hashval, open, clp);
398 spin_unlock(&clp->cl_lock);
7ffb5880
TM		 399 return oo;
400}
401
1da177e4
LT		 402static inline u32
403opaque_hashval(const void *ptr, int nbytes)
404{
405 unsigned char *cptr = (unsigned char *) ptr;
406
407 u32 x = 0;
408 while (nbytes--) {
409 x *= 37;
410 x += *cptr++;
411 }
412 return x;
413}
414
5b095e99 415static void nfsd4_free_file_rcu(struct rcu_head *rcu)
32513b40 416{
5b095e99
JL		 417 struct nfs4_file *fp = container_of(rcu, struct nfs4_file, fi_rcu);
418
419 kmem_cache_free(file_slab, fp);
32513b40
BF		 420}
421
e6ba76e1 422void
13cd2184
N		 423put_nfs4_file(struct nfs4_file *fi)
424{
02e1215f
JL		 425 might_lock(&state_lock);
426
818a34eb 427 if (refcount_dec_and_lock(&fi->fi_ref, &state_lock)) {
5b095e99 428 hlist_del_rcu(&fi->fi_hash);
cdc97505 429 spin_unlock(&state_lock);
8287f009 430 WARN_ON_ONCE(!list_empty(&fi->fi_clnt_odstate));
5b095e99
JL		 431 WARN_ON_ONCE(!list_empty(&fi->fi_delegations));
432 call_rcu(&fi->fi_rcu, nfsd4_free_file_rcu);
8b671b80 433 }
13cd2184
N		 434}
435
eb82dd39 436static struct nfsd_file *
de18643d
TM		 437__nfs4_get_fd(struct nfs4_file *f, int oflag)
438{
439 if (f->fi_fds[oflag])
eb82dd39 440 return nfsd_file_get(f->fi_fds[oflag]);
de18643d
TM		 441 return NULL;
442}
443
eb82dd39 444static struct nfsd_file *
de18643d
TM		 445find_writeable_file_locked(struct nfs4_file *f)
446{
eb82dd39 447 struct nfsd_file *ret;
de18643d
TM		 448
449 lockdep_assert_held(&f->fi_lock);
450
451 ret = __nfs4_get_fd(f, O_WRONLY);
452 if (!ret)
453 ret = __nfs4_get_fd(f, O_RDWR);
454 return ret;
455}
456
eb82dd39 457static struct nfsd_file *
de18643d
TM		 458find_writeable_file(struct nfs4_file *f)
459{
eb82dd39 460 struct nfsd_file *ret;
de18643d
TM		 461
462 spin_lock(&f->fi_lock);
463 ret = find_writeable_file_locked(f);
464 spin_unlock(&f->fi_lock);
465
466 return ret;
467}
468
eb82dd39
JL		 469static struct nfsd_file *
470find_readable_file_locked(struct nfs4_file *f)
de18643d 471{
eb82dd39 472 struct nfsd_file *ret;
de18643d
TM		 473
474 lockdep_assert_held(&f->fi_lock);
475
476 ret = __nfs4_get_fd(f, O_RDONLY);
477 if (!ret)
478 ret = __nfs4_get_fd(f, O_RDWR);
479 return ret;
480}
481
eb82dd39 482static struct nfsd_file *
de18643d
TM		 483find_readable_file(struct nfs4_file *f)
484{
eb82dd39 485 struct nfsd_file *ret;
de18643d
TM		 486
487 spin_lock(&f->fi_lock);
488 ret = find_readable_file_locked(f);
489 spin_unlock(&f->fi_lock);
490
491 return ret;
492}
493
eb82dd39 494struct nfsd_file *
de18643d
TM		 495find_any_file(struct nfs4_file *f)
496{
eb82dd39 497 struct nfsd_file *ret;
de18643d 498
a451b123
TM		 499 if (!f)
500 return NULL;
de18643d
TM		 501 spin_lock(&f->fi_lock);
502 ret = __nfs4_get_fd(f, O_RDWR);
503 if (!ret) {
504 ret = __nfs4_get_fd(f, O_WRONLY);
505 if (!ret)
506 ret = __nfs4_get_fd(f, O_RDONLY);
507 }
508 spin_unlock(&f->fi_lock);
509 return ret;
510}
511
02a3508d 512static atomic_long_t num_delegations;
697ce9be 513unsigned long max_delegations;
ef0f3390
N		 514
515/*
516 * Open owner state (share locks)
517 */
518
16bfdaaf
BF		 519/* hash tables for lock and open owners */
520#define OWNER_HASH_BITS 8
521#define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS)
522#define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1)
ef0f3390 523
d4f0489f 524static unsigned int ownerstr_hashval(struct xdr_netobj *ownername)
ddc04c41
BF		 525{
526 unsigned int ret;
527
528 ret = opaque_hashval(ownername->data, ownername->len);
16bfdaaf 529 return ret & OWNER_HASH_MASK;
ddc04c41 530}
ef0f3390 531
ef0f3390
N		 532/* hash table for nfs4_file */
533#define FILE_HASH_BITS 8
534#define FILE_HASH_SIZE (1 << FILE_HASH_BITS)
35079582 535
ca943217 536static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh)
ddc04c41 537{
ca943217
TM		 538 return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0);
539}
540
541static unsigned int file_hashval(struct knfsd_fh *fh)
542{
543 return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1);
544}
545
89876f8c 546static struct hlist_head file_hashtbl[FILE_HASH_SIZE];
ef0f3390 547
12659651
JL		 548static void
549__nfs4_file_get_access(struct nfs4_file *fp, u32 access)
3477565e 550{
7214e860
JL		 551 lockdep_assert_held(&fp->fi_lock);
552
12659651
JL		 553 if (access & NFS4_SHARE_ACCESS_WRITE)
554 atomic_inc(&fp->fi_access[O_WRONLY]);
555 if (access & NFS4_SHARE_ACCESS_READ)
556 atomic_inc(&fp->fi_access[O_RDONLY]);
3477565e
BF		 557}
558
12659651
JL		 559static __be32
560nfs4_file_get_access(struct nfs4_file *fp, u32 access)
998db52c 561{
7214e860
JL		 562 lockdep_assert_held(&fp->fi_lock);
563
12659651
JL		 564 /* Does this access mode make sense? */
565 if (access & ~NFS4_SHARE_ACCESS_BOTH)
566 return nfserr_inval;
567
baeb4ff0
JL		 568 /* Does it conflict with a deny mode already set? */
569 if ((access & fp->fi_share_deny) != 0)
570 return nfserr_share_denied;
571
12659651
JL		 572 __nfs4_file_get_access(fp, access);
573 return nfs_ok;
998db52c
BF		 574}
575
baeb4ff0
JL		 576static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny)
577{
578 /* Common case is that there is no deny mode. */
579 if (deny) {
580 /* Does this deny mode make sense? */
581 if (deny & ~NFS4_SHARE_DENY_BOTH)
582 return nfserr_inval;
583
584 if ((deny & NFS4_SHARE_DENY_READ) &&
585 atomic_read(&fp->fi_access[O_RDONLY]))
586 return nfserr_share_denied;
587
588 if ((deny & NFS4_SHARE_DENY_WRITE) &&
589 atomic_read(&fp->fi_access[O_WRONLY]))
590 return nfserr_share_denied;
591 }
592 return nfs_ok;
593}
594
998db52c 595static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
f9d7562f 596{
de18643d
TM		 597 might_lock(&fp->fi_lock);
598
599 if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) {
fd4f83fd
JL		 600 struct nfsd_file *f1 = NULL;
601 struct nfsd_file *f2 = NULL;
de18643d 602
6d338b51 603 swap(f1, fp->fi_fds[oflag]);
0c7c3e67 604 if (atomic_read(&fp->fi_access[1 - oflag]) == 0)
6d338b51 605 swap(f2, fp->fi_fds[O_RDWR]);
de18643d
TM		 606 spin_unlock(&fp->fi_lock);
607 if (f1)
fd4f83fd 608 nfsd_file_put(f1);
de18643d 609 if (f2)
fd4f83fd 610 nfsd_file_put(f2);
f9d7562f
BF		 611 }
612}
613
12659651 614static void nfs4_file_put_access(struct nfs4_file *fp, u32 access)
998db52c 615{
12659651
JL		 616 WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH);
617
618 if (access & NFS4_SHARE_ACCESS_WRITE)
998db52c 619 __nfs4_file_put_access(fp, O_WRONLY);
12659651
JL		 620 if (access & NFS4_SHARE_ACCESS_READ)
621 __nfs4_file_put_access(fp, O_RDONLY);
998db52c
BF		 622}
623
8287f009
SB		 624/*
625 * Allocate a new open/delegation state counter. This is needed for
626 * pNFS for proper return on close semantics.
627 *
628 * Note that we only allocate it for pNFS-enabled exports, otherwise
629 * all pointers to struct nfs4_clnt_odstate are always NULL.
630 */
631static struct nfs4_clnt_odstate *
632alloc_clnt_odstate(struct nfs4_client *clp)
633{
634 struct nfs4_clnt_odstate *co;
635
636 co = kmem_cache_zalloc(odstate_slab, GFP_KERNEL);
637 if (co) {
638 co->co_client = clp;
cff7cb2e 639 refcount_set(&co->co_odcount, 1);
8287f009
SB		 640 }
641 return co;
642}
643
644static void
645hash_clnt_odstate_locked(struct nfs4_clnt_odstate *co)
646{
647 struct nfs4_file *fp = co->co_file;
648
649 lockdep_assert_held(&fp->fi_lock);
650 list_add(&co->co_perfile, &fp->fi_clnt_odstate);
651}
652
653static inline void
654get_clnt_odstate(struct nfs4_clnt_odstate *co)
655{
656 if (co)
cff7cb2e 657 refcount_inc(&co->co_odcount);
8287f009
SB		 658}
659
660static void
661put_clnt_odstate(struct nfs4_clnt_odstate *co)
662{
663 struct nfs4_file *fp;
664
665 if (!co)
666 return;
667
668 fp = co->co_file;
cff7cb2e 669 if (refcount_dec_and_lock(&co->co_odcount, &fp->fi_lock)) {
8287f009
SB		 670 list_del(&co->co_perfile);
671 spin_unlock(&fp->fi_lock);
672
673 nfsd4_return_all_file_layouts(co->co_client, fp);
674 kmem_cache_free(odstate_slab, co);
675 }
676}
677
678static struct nfs4_clnt_odstate *
679find_or_hash_clnt_odstate(struct nfs4_file *fp, struct nfs4_clnt_odstate *new)
680{
681 struct nfs4_clnt_odstate *co;
682 struct nfs4_client *cl;
683
684 if (!new)
685 return NULL;
686
687 cl = new->co_client;
688
689 spin_lock(&fp->fi_lock);
690 list_for_each_entry(co, &fp->fi_clnt_odstate, co_perfile) {
691 if (co->co_client == cl) {
692 get_clnt_odstate(co);
693 goto out;
694 }
695 }
696 co = new;
697 co->co_file = fp;
698 hash_clnt_odstate_locked(new);
699out:
700 spin_unlock(&fp->fi_lock);
701 return co;
702}
703
d19fb70d
KM		 704struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab,
705 void (*sc_free)(struct nfs4_stid *))
2a74aba7 706{
3abdb607 707 struct nfs4_stid *stid;
6136d2b4 708 int new_id;
2a74aba7 709
f8338834 710 stid = kmem_cache_zalloc(slab, GFP_KERNEL);
3abdb607
BF		 711 if (!stid)
712 return NULL;
713
4770d722
JL		 714 idr_preload(GFP_KERNEL);
715 spin_lock(&cl->cl_lock);
78599c42
BF		 716 /* Reserving 0 for start of file in nfsdfs "states" file: */
717 new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 1, 0, GFP_NOWAIT);
4770d722
JL		 718 spin_unlock(&cl->cl_lock);
719 idr_preload_end();
ebd6c707 720 if (new_id < 0)
3abdb607 721 goto out_free;
d19fb70d
KM		 722
723 stid->sc_free = sc_free;
2a74aba7 724 stid->sc_client = cl;
3abdb607
BF		 725 stid->sc_stateid.si_opaque.so_id = new_id;
726 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid;
2a74aba7 727 /* Will be incremented before return to client: */
a15dfcd5 728 refcount_set(&stid->sc_count, 1);
9767feb2 729 spin_lock_init(&stid->sc_lock);
624322f1 730 INIT_LIST_HEAD(&stid->sc_cp_list);
996e0938 731
996e0938 732 /*
3abdb607
BF		 733 * It shouldn't be a problem to reuse an opaque stateid value.
734 * I don't think it is for 4.1. But with 4.0 I worry that, for
735 * example, a stray write retransmission could be accepted by
736 * the server when it should have been rejected. Therefore,
737 * adopt a trick from the sctp code to attempt to maximize the
738 * amount of time until an id is reused, by ensuring they always
739 * "increase" (mod INT_MAX):
996e0938 740 */
3abdb607
BF		 741 return stid;
742out_free:
2c44a234 743 kmem_cache_free(slab, stid);
3abdb607 744 return NULL;
2a74aba7
BF		 745}
746
e0639dc5
OK		 747/*
748 * Create a unique stateid_t to represent each COPY.
749 */
624322f1
OK		 750static int nfs4_init_cp_state(struct nfsd_net *nn, copy_stateid_t *stid,
751 unsigned char sc_type)
e0639dc5
OK		 752{
753 int new_id;
754
9cc76801 755 stid->stid.si_opaque.so_clid.cl_boot = (u32)nn->boot_time;
624322f1
OK		 756 stid->stid.si_opaque.so_clid.cl_id = nn->s2s_cp_cl_id;
757 stid->sc_type = sc_type;
758
e0639dc5
OK		 759 idr_preload(GFP_KERNEL);
760 spin_lock(&nn->s2s_cp_lock);
624322f1
OK		 761 new_id = idr_alloc_cyclic(&nn->s2s_cp_stateids, stid, 0, 0, GFP_NOWAIT);
762 stid->stid.si_opaque.so_id = new_id;
e0639dc5
OK		 763 spin_unlock(&nn->s2s_cp_lock);
764 idr_preload_end();
765 if (new_id < 0)
766 return 0;
e0639dc5
OK		 767 return 1;
768}
769
624322f1
OK		 770int nfs4_init_copy_state(struct nfsd_net *nn, struct nfsd4_copy *copy)
771{
772 return nfs4_init_cp_state(nn, &copy->cp_stateid, NFS4_COPY_STID);
773}
774
775struct nfs4_cpntf_state *nfs4_alloc_init_cpntf_state(struct nfsd_net *nn,
776 struct nfs4_stid *p_stid)
777{
778 struct nfs4_cpntf_state *cps;
779
780 cps = kzalloc(sizeof(struct nfs4_cpntf_state), GFP_KERNEL);
781 if (!cps)
782 return NULL;
20b7d86f 783 cps->cpntf_time = ktime_get_boottime_seconds();
624322f1
OK		 784 refcount_set(&cps->cp_stateid.sc_count, 1);
785 if (!nfs4_init_cp_state(nn, &cps->cp_stateid, NFS4_COPYNOTIFY_STID))
786 goto out_free;
787 spin_lock(&nn->s2s_cp_lock);
788 list_add(&cps->cp_list, &p_stid->sc_cp_list);
789 spin_unlock(&nn->s2s_cp_lock);
790 return cps;
791out_free:
792 kfree(cps);
793 return NULL;
794}
795
796void nfs4_free_copy_state(struct nfsd4_copy *copy)
e0639dc5
OK		 797{
798 struct nfsd_net *nn;
799
624322f1 800 WARN_ON_ONCE(copy->cp_stateid.sc_type != NFS4_COPY_STID);
e0639dc5
OK		 801 nn = net_generic(copy->cp_clp->net, nfsd_net_id);
802 spin_lock(&nn->s2s_cp_lock);
624322f1
OK		 803 idr_remove(&nn->s2s_cp_stateids,
804 copy->cp_stateid.stid.si_opaque.so_id);
805 spin_unlock(&nn->s2s_cp_lock);
806}
807
808static void nfs4_free_cpntf_statelist(struct net *net, struct nfs4_stid *stid)
809{
810 struct nfs4_cpntf_state *cps;
811 struct nfsd_net *nn;
812
813 nn = net_generic(net, nfsd_net_id);
814 spin_lock(&nn->s2s_cp_lock);
815 while (!list_empty(&stid->sc_cp_list)) {
816 cps = list_first_entry(&stid->sc_cp_list,
817 struct nfs4_cpntf_state, cp_list);
818 _free_cpntf_state_locked(nn, cps);
819 }
e0639dc5
OK		 820 spin_unlock(&nn->s2s_cp_lock);
821}
822
b49e084d 823static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp)
4cdc951b 824{
6011695d 825 struct nfs4_stid *stid;
6011695d 826
d19fb70d 827 stid = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_ol_stateid);
6011695d
TM		 828 if (!stid)
829 return NULL;
830
d19fb70d 831 return openlockstateid(stid);
6011695d
TM		 832}
833
834static void nfs4_free_deleg(struct nfs4_stid *stid)
835{
6011695d
TM		 836 kmem_cache_free(deleg_slab, stid);
837 atomic_long_dec(&num_delegations);
4cdc951b
BF		 838}
839
6282cd56
N		 840/*
841 * When we recall a delegation, we should be careful not to hand it
842 * out again straight away.
843 * To ensure this we keep a pair of bloom filters ('new' and 'old')
844 * in which the filehandles of recalled delegations are "stored".
845 * If a filehandle appear in either filter, a delegation is blocked.
846 * When a delegation is recalled, the filehandle is stored in the "new"
847 * filter.
848 * Every 30 seconds we swap the filters and clear the "new" one,
849 * unless both are empty of course.
850 *
851 * Each filter is 256 bits. We hash the filehandle to 32bit and use the
852 * low 3 bytes as hash-table indices.
853 *
f54fe962 854 * 'blocked_delegations_lock', which is always taken in block_delegations(),
6282cd56
N		 855 * is used to manage concurrent access. Testing does not need the lock
856 * except when swapping the two filters.
857 */
f54fe962 858static DEFINE_SPINLOCK(blocked_delegations_lock);
6282cd56
N		 859static struct bloom_pair {
860 int entries, old_entries;
b3f255ef 861 time64_t swap_time;
6282cd56
N		 862 int new; /* index into 'set' */
863 DECLARE_BITMAP(set[2], 256);
864} blocked_delegations;
865
866static int delegation_blocked(struct knfsd_fh *fh)
867{
868 u32 hash;
869 struct bloom_pair *bd = &blocked_delegations;
870
871 if (bd->entries == 0)
872 return 0;
b3f255ef 873 if (ktime_get_seconds() - bd->swap_time > 30) {
f54fe962 874 spin_lock(&blocked_delegations_lock);
b3f255ef 875 if (ktime_get_seconds() - bd->swap_time > 30) {
6282cd56
N		 876 bd->entries -= bd->old_entries;
877 bd->old_entries = bd->entries;
878 memset(bd->set[bd->new], 0,
879 sizeof(bd->set[0]));
880 bd->new = 1-bd->new;
b3f255ef 881 bd->swap_time = ktime_get_seconds();
6282cd56 882 }
f54fe962 883 spin_unlock(&blocked_delegations_lock);
6282cd56 884 }
87545899 885 hash = jhash(&fh->fh_base, fh->fh_size, 0);
6282cd56
N		 886 if (test_bit(hash&255, bd->set[0]) &&
887 test_bit((hash>>8)&255, bd->set[0]) &&
888 test_bit((hash>>16)&255, bd->set[0]))
889 return 1;
890
891 if (test_bit(hash&255, bd->set[1]) &&
892 test_bit((hash>>8)&255, bd->set[1]) &&
893 test_bit((hash>>16)&255, bd->set[1]))
894 return 1;
895
896 return 0;
897}
898
899static void block_delegations(struct knfsd_fh *fh)
900{
901 u32 hash;
902 struct bloom_pair *bd = &blocked_delegations;
903
87545899 904 hash = jhash(&fh->fh_base, fh->fh_size, 0);
6282cd56 905
f54fe962 906 spin_lock(&blocked_delegations_lock);
6282cd56
N		 907 __set_bit(hash&255, bd->set[bd->new]);
908 __set_bit((hash>>8)&255, bd->set[bd->new]);
909 __set_bit((hash>>16)&255, bd->set[bd->new]);
910 if (bd->entries == 0)
b3f255ef 911 bd->swap_time = ktime_get_seconds();
6282cd56 912 bd->entries += 1;
f54fe962 913 spin_unlock(&blocked_delegations_lock);
6282cd56
N		 914}
915
1da177e4 916static struct nfs4_delegation *
86d29b10
BF		 917alloc_init_deleg(struct nfs4_client *clp, struct nfs4_file *fp,
918 struct svc_fh *current_fh,
8287f009 919 struct nfs4_clnt_odstate *odstate)
1da177e4
LT		 920{
921 struct nfs4_delegation *dp;
02a3508d 922 long n;
1da177e4
LT		 923
924 dprintk("NFSD alloc_init_deleg\n");
02a3508d
TM		 925 n = atomic_long_inc_return(&num_delegations);
926 if (n < 0 || n > max_delegations)
927 goto out_dec;
6282cd56 928 if (delegation_blocked(&current_fh->fh_handle))
02a3508d 929 goto out_dec;
d19fb70d 930 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab, nfs4_free_deleg));
5b2d21c1 931 if (dp == NULL)
02a3508d 932 goto out_dec;
6011695d 933
2a74aba7
BF		 934 /*
935 * delegation seqid's are never incremented. The 4.1 special
6136d2b4
BF		 936 * meaning of seqid 0 isn't meaningful, really, but let's avoid
937 * 0 anyway just for consistency and use 1:
2a74aba7
BF		 938 */
939 dp->dl_stid.sc_stateid.si_generation = 1;
ea1da636
N		 940 INIT_LIST_HEAD(&dp->dl_perfile);
941 INIT_LIST_HEAD(&dp->dl_perclnt);
1da177e4 942 INIT_LIST_HEAD(&dp->dl_recall_lru);
8287f009
SB		 943 dp->dl_clnt_odstate = odstate;
944 get_clnt_odstate(odstate);
99c41515 945 dp->dl_type = NFS4_OPEN_DELEGATE_READ;
f0b5de1b
CH		 946 dp->dl_retries = 1;
947 nfsd4_init_cb(&dp->dl_recall, dp->dl_stid.sc_client,
0162ac2b 948 &nfsd4_cb_recall_ops, NFSPROC4_CLNT_CB_RECALL);
86d29b10
BF		 949 get_nfs4_file(fp);
950 dp->dl_stid.sc_file = fp;
1da177e4 951 return dp;
02a3508d
TM		 952out_dec:
953 atomic_long_dec(&num_delegations);
954 return NULL;
1da177e4
LT		 955}
956
957void
6011695d 958nfs4_put_stid(struct nfs4_stid *s)
1da177e4 959{
11b9164a 960 struct nfs4_file *fp = s->sc_file;
6011695d
TM		 961 struct nfs4_client *clp = s->sc_client;
962
4770d722
JL		 963 might_lock(&clp->cl_lock);
964
a15dfcd5 965 if (!refcount_dec_and_lock(&s->sc_count, &clp->cl_lock)) {
b401be22 966 wake_up_all(&close_wq);
6011695d 967 return;
b401be22 968 }
6011695d 969 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id);
624322f1 970 nfs4_free_cpntf_statelist(clp->net, s);
4770d722 971 spin_unlock(&clp->cl_lock);
6011695d 972 s->sc_free(s);
11b9164a
TM		 973 if (fp)
974 put_nfs4_file(fp);
1da177e4
LT		 975}
976
9767feb2
JL		 977void
978nfs4_inc_and_copy_stateid(stateid_t *dst, struct nfs4_stid *stid)
979{
980 stateid_t *src = &stid->sc_stateid;
981
982 spin_lock(&stid->sc_lock);
983 if (unlikely(++src->si_generation == 0))
984 src->si_generation = 1;
985 memcpy(dst, src, sizeof(*dst));
986 spin_unlock(&stid->sc_lock);
987}
988
353601e7 989static void put_deleg_file(struct nfs4_file *fp)
1da177e4 990{
eb82dd39 991 struct nfsd_file *nf = NULL;
b8232d33 992
6bcc034e 993 spin_lock(&fp->fi_lock);
353601e7 994 if (--fp->fi_delegees == 0)
eb82dd39 995 swap(nf, fp->fi_deleg_file);
6bcc034e
JL		 996 spin_unlock(&fp->fi_lock);
997
eb82dd39
JL		 998 if (nf)
999 nfsd_file_put(nf);
353601e7
BF		 1000}
1001
1002static void nfs4_unlock_deleg_lease(struct nfs4_delegation *dp)
1003{
1004 struct nfs4_file *fp = dp->dl_stid.sc_file;
eb82dd39 1005 struct nfsd_file *nf = fp->fi_deleg_file;
353601e7
BF		 1006
1007 WARN_ON_ONCE(!fp->fi_delegees);
1008
eb82dd39 1009 vfs_setlease(nf->nf_file, F_UNLCK, NULL, (void **)&dp);
353601e7 1010 put_deleg_file(fp);
1da177e4
LT		 1011}
1012
0af6e690
BF		 1013static void destroy_unhashed_deleg(struct nfs4_delegation *dp)
1014{
1015 put_clnt_odstate(dp->dl_clnt_odstate);
353601e7 1016 nfs4_unlock_deleg_lease(dp);
0af6e690
BF		 1017 nfs4_put_stid(&dp->dl_stid);
1018}
1019
cd61c522 1020void nfs4_unhash_stid(struct nfs4_stid *s)
6136d2b4 1021{
3abdb607 1022 s->sc_type = 0;
6136d2b4
BF		 1023}
1024
34ed9872 1025/**
68b18f52 1026 * nfs4_delegation_exists - Discover if this delegation already exists
34ed9872
AE		 1027 * @clp: a pointer to the nfs4_client we're granting a delegation to
1028 * @fp: a pointer to the nfs4_file we're granting a delegation on
1029 *
1030 * Return:
68b18f52 1031 * On success: true iff an existing delegation is found
34ed9872
AE		 1032 */
1033
68b18f52
BF		 1034static bool
1035nfs4_delegation_exists(struct nfs4_client *clp, struct nfs4_file *fp)
34ed9872
AE		 1036{
1037 struct nfs4_delegation *searchdp = NULL;
1038 struct nfs4_client *searchclp = NULL;
1039
1040 lockdep_assert_held(&state_lock);
1041 lockdep_assert_held(&fp->fi_lock);
1042
1043 list_for_each_entry(searchdp, &fp->fi_delegations, dl_perfile) {
1044 searchclp = searchdp->dl_stid.sc_client;
1045 if (clp == searchclp) {
51d87bc2 1046 return true;
34ed9872
AE		 1047 }
1048 }
51d87bc2 1049 return false;
34ed9872
AE		 1050}
1051
1052/**
1053 * hash_delegation_locked - Add a delegation to the appropriate lists
1054 * @dp: a pointer to the nfs4_delegation we are adding.
1055 * @fp: a pointer to the nfs4_file we're granting a delegation on
1056 *
1057 * Return:
1058 * On success: NULL if the delegation was successfully hashed.
1059 *
1060 * On error: -EAGAIN if one was previously granted to this
1061 * nfs4_client for this nfs4_file. Delegation is not hashed.
1062 *
1063 */
1064
1065static int
931ee56c
BH		 1066hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp)
1067{
34ed9872
AE		 1068 struct nfs4_client *clp = dp->dl_stid.sc_client;
1069
cdc97505 1070 lockdep_assert_held(&state_lock);
417c6629 1071 lockdep_assert_held(&fp->fi_lock);
931ee56c 1072
68b18f52
BF		 1073 if (nfs4_delegation_exists(clp, fp))
1074 return -EAGAIN;
a15dfcd5 1075 refcount_inc(&dp->dl_stid.sc_count);
3fb87d13 1076 dp->dl_stid.sc_type = NFS4_DELEG_STID;
931ee56c 1077 list_add(&dp->dl_perfile, &fp->fi_delegations);
34ed9872
AE		 1078 list_add(&dp->dl_perclnt, &clp->cl_delegations);
1079 return 0;
931ee56c
BH		 1080}
1081
3fcbbd24 1082static bool
42690676 1083unhash_delegation_locked(struct nfs4_delegation *dp)
1da177e4 1084{
11b9164a 1085 struct nfs4_file *fp = dp->dl_stid.sc_file;
02e1215f 1086
42690676
JL		 1087 lockdep_assert_held(&state_lock);
1088
3fcbbd24
JL		 1089 if (list_empty(&dp->dl_perfile))
1090 return false;
1091
b0fc29d6 1092 dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID;
d55a166c
JL		 1093 /* Ensure that deleg break won't try to requeue it */
1094 ++dp->dl_time;
417c6629 1095 spin_lock(&fp->fi_lock);
931ee56c 1096 list_del_init(&dp->dl_perclnt);
1da177e4 1097 list_del_init(&dp->dl_recall_lru);
02e1215f
JL		 1098 list_del_init(&dp->dl_perfile);
1099 spin_unlock(&fp->fi_lock);
3fcbbd24 1100 return true;
3bd64a5b
BF		 1101}
1102
3bd64a5b
BF		 1103static void destroy_delegation(struct nfs4_delegation *dp)
1104{
3fcbbd24
JL		 1105 bool unhashed;
1106
42690676 1107 spin_lock(&state_lock);
3fcbbd24 1108 unhashed = unhash_delegation_locked(dp);
42690676 1109 spin_unlock(&state_lock);
0af6e690
BF		 1110 if (unhashed)
1111 destroy_unhashed_deleg(dp);
3bd64a5b
BF		 1112}
1113
1114static void revoke_delegation(struct nfs4_delegation *dp)
1115{
1116 struct nfs4_client *clp = dp->dl_stid.sc_client;
1117
2d4a532d
JL		 1118 WARN_ON(!list_empty(&dp->dl_recall_lru));
1119
0af6e690 1120 if (clp->cl_minorversion) {
3bd64a5b 1121 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID;
0af6e690 1122 refcount_inc(&dp->dl_stid.sc_count);
2d4a532d
JL		 1123 spin_lock(&clp->cl_lock);
1124 list_add(&dp->dl_recall_lru, &clp->cl_revoked);
1125 spin_unlock(&clp->cl_lock);
3bd64a5b 1126 }
0af6e690 1127 destroy_unhashed_deleg(dp);
3bd64a5b
BF		 1128}
1129
1da177e4
LT		 1130/*
1131 * SETCLIENTID state
1132 */
1133
ddc04c41
BF		 1134static unsigned int clientid_hashval(u32 id)
1135{
1136 return id & CLIENT_HASH_MASK;
1137}
1138
6b189105 1139static unsigned int clientstr_hashval(struct xdr_netobj name)
ddc04c41 1140{
6b189105 1141 return opaque_hashval(name.data, 8) & CLIENT_HASH_MASK;
ddc04c41
BF		 1142}
1143
f9d7562f
BF		 1144/*
1145 * We store the NONE, READ, WRITE, and BOTH bits separately in the
1146 * st_{access,deny}_bmap field of the stateid, in order to track not
1147 * only what share bits are currently in force, but also what
1148 * combinations of share bits previous opens have used. This allows us
1149 * to enforce the recommendation of rfc 3530 14.2.19 that the server
1150 * return an error if the client attempt to downgrade to a combination
1151 * of share bits not explicable by closing some of its previous opens.
1152 *
1153 * XXX: This enforcement is actually incomplete, since we don't keep
1154 * track of access/deny bit combinations; so, e.g., we allow:
1155 *
1156 * OPEN allow read, deny write
1157 * OPEN allow both, deny none
1158 * DOWNGRADE allow read, deny none
1159 *
1160 * which we should reject.
1161 */
5ae037e5
JL		 1162static unsigned int
1163bmap_to_share_mode(unsigned long bmap) {
f9d7562f 1164 int i;
5ae037e5 1165 unsigned int access = 0;
f9d7562f 1166
f9d7562f
BF		 1167 for (i = 1; i < 4; i++) {
1168 if (test_bit(i, &bmap))
5ae037e5 1169 access |= i;
f9d7562f 1170 }
5ae037e5 1171 return access;
f9d7562f
BF		 1172}
1173
82c5ff1b
JL		 1174/* set share access for a given stateid */
1175static inline void
1176set_access(u32 access, struct nfs4_ol_stateid *stp)
1177{
c11c591f
JL		 1178 unsigned char mask = 1 << access;
1179
1180 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
1181 stp->st_access_bmap |= mask;
82c5ff1b
JL		 1182}
1183
1184/* clear share access for a given stateid */
1185static inline void
1186clear_access(u32 access, struct nfs4_ol_stateid *stp)
1187{
c11c591f
JL		 1188 unsigned char mask = 1 << access;
1189
1190 WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH);
1191 stp->st_access_bmap &= ~mask;
82c5ff1b
JL		 1192}
1193
1194/* test whether a given stateid has access */
1195static inline bool
1196test_access(u32 access, struct nfs4_ol_stateid *stp)
1197{
c11c591f
JL		 1198 unsigned char mask = 1 << access;
1199
1200 return (bool)(stp->st_access_bmap & mask);
82c5ff1b
JL		 1201}
1202
ce0fc43c
JL		 1203/* set share deny for a given stateid */
1204static inline void
c11c591f 1205set_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 1206{
c11c591f
JL		 1207 unsigned char mask = 1 << deny;
1208
1209 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
1210 stp->st_deny_bmap |= mask;
ce0fc43c
JL		 1211}
1212
1213/* clear share deny for a given stateid */
1214static inline void
c11c591f 1215clear_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 1216{
c11c591f
JL		 1217 unsigned char mask = 1 << deny;
1218
1219 WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH);
1220 stp->st_deny_bmap &= ~mask;
ce0fc43c
JL		 1221}
1222
1223/* test whether a given stateid is denying specific access */
1224static inline bool
c11c591f 1225test_deny(u32 deny, struct nfs4_ol_stateid *stp)
ce0fc43c 1226{
c11c591f
JL		 1227 unsigned char mask = 1 << deny;
1228
1229 return (bool)(stp->st_deny_bmap & mask);
f9d7562f
BF		 1230}
1231
1232static int nfs4_access_to_omode(u32 access)
1233{
8f34a430 1234 switch (access & NFS4_SHARE_ACCESS_BOTH) {
f9d7562f
BF		 1235 case NFS4_SHARE_ACCESS_READ:
1236 return O_RDONLY;
1237 case NFS4_SHARE_ACCESS_WRITE:
1238 return O_WRONLY;
1239 case NFS4_SHARE_ACCESS_BOTH:
1240 return O_RDWR;
1241 }
063b0fb9
BF		 1242 WARN_ON_ONCE(1);
1243 return O_RDONLY;
f9d7562f
BF		 1244}
1245
baeb4ff0
JL		 1246/*
1247 * A stateid that had a deny mode associated with it is being released
1248 * or downgraded. Recalculate the deny mode on the file.
1249 */
1250static void
1251recalculate_deny_mode(struct nfs4_file *fp)
1252{
1253 struct nfs4_ol_stateid *stp;
1254
1255 spin_lock(&fp->fi_lock);
1256 fp->fi_share_deny = 0;
1257 list_for_each_entry(stp, &fp->fi_stateids, st_perfile)
1258 fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap);
1259 spin_unlock(&fp->fi_lock);
1260}
1261
1262static void
1263reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp)
1264{
1265 int i;
1266 bool change = false;
1267
1268 for (i = 1; i < 4; i++) {
1269 if ((i & deny) != i) {
1270 change = true;
1271 clear_deny(i, stp);
1272 }
1273 }
1274
1275 /* Recalculate per-file deny mode if there was a change */
1276 if (change)
11b9164a 1277 recalculate_deny_mode(stp->st_stid.sc_file);
baeb4ff0
JL		 1278}
1279
82c5ff1b
JL		 1280/* release all access and file references for a given stateid */
1281static void
1282release_all_access(struct nfs4_ol_stateid *stp)
1283{
1284 int i;
11b9164a 1285 struct nfs4_file *fp = stp->st_stid.sc_file;
baeb4ff0
JL		 1286
1287 if (fp && stp->st_deny_bmap != 0)
1288 recalculate_deny_mode(fp);
82c5ff1b
JL		 1289
1290 for (i = 1; i < 4; i++) {
1291 if (test_access(i, stp))
11b9164a 1292 nfs4_file_put_access(stp->st_stid.sc_file, i);
82c5ff1b
JL		 1293 clear_access(i, stp);
1294 }
1295}
1296
d50ffded
KM		 1297static inline void nfs4_free_stateowner(struct nfs4_stateowner *sop)
1298{
1299 kfree(sop->so_owner.data);
1300 sop->so_ops->so_free(sop);
1301}
1302
6b180f0b
JL		 1303static void nfs4_put_stateowner(struct nfs4_stateowner *sop)
1304{
a819ecc1
JL		 1305 struct nfs4_client *clp = sop->so_client;
1306
1307 might_lock(&clp->cl_lock);
1308
1309 if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock))
6b180f0b 1310 return;
8f4b54c5 1311 sop->so_ops->so_unhash(sop);
a819ecc1 1312 spin_unlock(&clp->cl_lock);
d50ffded 1313 nfs4_free_stateowner(sop);
6b180f0b
JL		 1314}
1315
a451b123
TM		 1316static bool
1317nfs4_ol_stateid_unhashed(const struct nfs4_ol_stateid *stp)
1318{
1319 return list_empty(&stp->st_perfile);
1320}
1321
e8568739 1322static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp)
529d7b2a 1323{
11b9164a 1324 struct nfs4_file *fp = stp->st_stid.sc_file;
1d31a253 1325
1c755dc1
JL		 1326 lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock);
1327
e8568739
JL		 1328 if (list_empty(&stp->st_perfile))
1329 return false;
1330
1d31a253 1331 spin_lock(&fp->fi_lock);
e8568739 1332 list_del_init(&stp->st_perfile);
1d31a253 1333 spin_unlock(&fp->fi_lock);
529d7b2a 1334 list_del(&stp->st_perstateowner);
e8568739 1335 return true;
529d7b2a
BF		 1336}
1337
6011695d 1338static void nfs4_free_ol_stateid(struct nfs4_stid *stid)
529d7b2a 1339{
6011695d 1340 struct nfs4_ol_stateid *stp = openlockstateid(stid);
4665e2ba 1341
8287f009 1342 put_clnt_odstate(stp->st_clnt_odstate);
6011695d 1343 release_all_access(stp);
d3134b10
JL		 1344 if (stp->st_stateowner)
1345 nfs4_put_stateowner(stp->st_stateowner);
6011695d 1346 kmem_cache_free(stateid_slab, stid);
529d7b2a
BF		 1347}
1348
b49e084d 1349static void nfs4_free_lock_stateid(struct nfs4_stid *stid)
529d7b2a 1350{
b49e084d
JL		 1351 struct nfs4_ol_stateid *stp = openlockstateid(stid);
1352 struct nfs4_lockowner *lo = lockowner(stp->st_stateowner);
eb82dd39 1353 struct nfsd_file *nf;
529d7b2a 1354
eb82dd39
JL		 1355 nf = find_any_file(stp->st_stid.sc_file);
1356 if (nf) {
1357 get_file(nf->nf_file);
1358 filp_close(nf->nf_file, (fl_owner_t)lo);
1359 nfsd_file_put(nf);
1360 }
b49e084d
JL		 1361 nfs4_free_ol_stateid(stid);
1362}
1363
2c41beb0
JL		 1364/*
1365 * Put the persistent reference to an already unhashed generic stateid, while
1366 * holding the cl_lock. If it's the last reference, then put it onto the
1367 * reaplist for later destruction.
1368 */
1369static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp,
1370 struct list_head *reaplist)
1371{
1372 struct nfs4_stid *s = &stp->st_stid;
1373 struct nfs4_client *clp = s->sc_client;
1374
1375 lockdep_assert_held(&clp->cl_lock);
1376
1377 WARN_ON_ONCE(!list_empty(&stp->st_locks));
1378
a15dfcd5 1379 if (!refcount_dec_and_test(&s->sc_count)) {
2c41beb0
JL		 1380 wake_up_all(&close_wq);
1381 return;
1382 }
1383
1384 idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id);
1385 list_add(&stp->st_locks, reaplist);
1386}
1387
e8568739 1388static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp)
b49e084d 1389{
f46c445b 1390 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock);
3c1c995c 1391
a451b123
TM		 1392 if (!unhash_ol_stateid(stp))
1393 return false;
3c1c995c 1394 list_del_init(&stp->st_locks);
cd61c522 1395 nfs4_unhash_stid(&stp->st_stid);
a451b123 1396 return true;
3c1c995c
JL		 1397}
1398
1399static void release_lock_stateid(struct nfs4_ol_stateid *stp)
1400{
f46c445b 1401 struct nfs4_client *clp = stp->st_stid.sc_client;
e8568739 1402 bool unhashed;
3c1c995c 1403
f46c445b 1404 spin_lock(&clp->cl_lock);
e8568739 1405 unhashed = unhash_lock_stateid(stp);
f46c445b 1406 spin_unlock(&clp->cl_lock);
e8568739
JL		 1407 if (unhashed)
1408 nfs4_put_stid(&stp->st_stid);
529d7b2a
BF		 1409}
1410
c58c6610 1411static void unhash_lockowner_locked(struct nfs4_lockowner *lo)
8f4b54c5 1412{
d4f0489f 1413 struct nfs4_client *clp = lo->lo_owner.so_client;
c58c6610 1414
d4f0489f 1415 lockdep_assert_held(&clp->cl_lock);
c58c6610 1416
8f4b54c5
JL		 1417 list_del_init(&lo->lo_owner.so_strhash);
1418}
1419
2c41beb0
JL		 1420/*
1421 * Free a list of generic stateids that were collected earlier after being
1422 * fully unhashed.
1423 */
1424static void
1425free_ol_stateid_reaplist(struct list_head *reaplist)
1426{
1427 struct nfs4_ol_stateid *stp;
fb94d766 1428 struct nfs4_file *fp;
2c41beb0
JL		 1429
1430 might_sleep();
1431
1432 while (!list_empty(reaplist)) {
1433 stp = list_first_entry(reaplist, struct nfs4_ol_stateid,
1434 st_locks);
1435 list_del(&stp->st_locks);
fb94d766 1436 fp = stp->st_stid.sc_file;
2c41beb0 1437 stp->st_stid.sc_free(&stp->st_stid);
fb94d766
KM		 1438 if (fp)
1439 put_nfs4_file(fp);
2c41beb0
JL		 1440 }
1441}
1442
d83017f9
JL		 1443static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp,
1444 struct list_head *reaplist)
3c87b9b7
TM		 1445{
1446 struct nfs4_ol_stateid *stp;
1447
e8568739
JL		 1448 lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock);
1449
3c87b9b7
TM		 1450 while (!list_empty(&open_stp->st_locks)) {
1451 stp = list_entry(open_stp->st_locks.next,
1452 struct nfs4_ol_stateid, st_locks);
e8568739 1453 WARN_ON(!unhash_lock_stateid(stp));
d83017f9 1454 put_ol_stateid_locked(stp, reaplist);
529d7b2a
BF		 1455 }
1456}
1457
e8568739 1458static bool unhash_open_stateid(struct nfs4_ol_stateid *stp,
d83017f9 1459 struct list_head *reaplist)
2283963f 1460{
2c41beb0
JL		 1461 lockdep_assert_held(&stp->st_stid.sc_client->cl_lock);
1462
a451b123
TM		 1463 if (!unhash_ol_stateid(stp))
1464 return false;
d83017f9 1465 release_open_stateid_locks(stp, reaplist);
a451b123 1466 return true;
38c387b5
BF		 1467}
1468
1469static void release_open_stateid(struct nfs4_ol_stateid *stp)
1470{
2c41beb0
JL		 1471 LIST_HEAD(reaplist);
1472
1473 spin_lock(&stp->st_stid.sc_client->cl_lock);
e8568739
JL		 1474 if (unhash_open_stateid(stp, &reaplist))
1475 put_ol_stateid_locked(stp, &reaplist);
2c41beb0
JL		 1476 spin_unlock(&stp->st_stid.sc_client->cl_lock);
1477 free_ol_stateid_reaplist(&reaplist);
2283963f
BF		 1478}
1479
7ffb5880 1480static void unhash_openowner_locked(struct nfs4_openowner *oo)
f1d110ca 1481{
d4f0489f 1482 struct nfs4_client *clp = oo->oo_owner.so_client;
7ffb5880 1483
d4f0489f 1484 lockdep_assert_held(&clp->cl_lock);
7ffb5880 1485
8f4b54c5
JL		 1486 list_del_init(&oo->oo_owner.so_strhash);
1487 list_del_init(&oo->oo_perclient);
f1d110ca
BF		 1488}
1489
f7a4d872
BF		 1490static void release_last_closed_stateid(struct nfs4_openowner *oo)
1491{
217526e7
JL		 1492 struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net,
1493 nfsd_net_id);
1494 struct nfs4_ol_stateid *s;
f7a4d872 1495
217526e7
JL		 1496 spin_lock(&nn->client_lock);
1497 s = oo->oo_last_closed_stid;
f7a4d872 1498 if (s) {
d3134b10 1499 list_del_init(&oo->oo_close_lru);
f7a4d872
BF		 1500 oo->oo_last_closed_stid = NULL;
1501 }
217526e7
JL		 1502 spin_unlock(&nn->client_lock);
1503 if (s)
1504 nfs4_put_stid(&s->st_stid);
f7a4d872
BF		 1505}
1506
2c41beb0 1507static void release_openowner(struct nfs4_openowner *oo)
8f4b54c5
JL		 1508{
1509 struct nfs4_ol_stateid *stp;
d4f0489f 1510 struct nfs4_client *clp = oo->oo_owner.so_client;
2c41beb0 1511 struct list_head reaplist;
7ffb5880 1512
2c41beb0 1513 INIT_LIST_HEAD(&reaplist);
8f4b54c5 1514
2c41beb0
JL		 1515 spin_lock(&clp->cl_lock);
1516 unhash_openowner_locked(oo);
8f4b54c5
JL		 1517 while (!list_empty(&oo->oo_owner.so_stateids)) {
1518 stp = list_first_entry(&oo->oo_owner.so_stateids,
1519 struct nfs4_ol_stateid, st_perstateowner);
e8568739
JL		 1520 if (unhash_open_stateid(stp, &reaplist))
1521 put_ol_stateid_locked(stp, &reaplist);
8f4b54c5 1522 }
d4f0489f 1523 spin_unlock(&clp->cl_lock);
2c41beb0 1524 free_ol_stateid_reaplist(&reaplist);
f7a4d872 1525 release_last_closed_stateid(oo);
6b180f0b 1526 nfs4_put_stateowner(&oo->oo_owner);
f1d110ca
BF		 1527}
1528
5282fd72
ME		 1529static inline int
1530hash_sessionid(struct nfs4_sessionid *sessionid)
1531{
1532 struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
1533
1534 return sid->sequence % SESSION_HASH_SIZE;
1535}
1536
135dd002 1537#ifdef CONFIG_SUNRPC_DEBUG
5282fd72
ME		 1538static inline void
1539dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1540{
1541 u32 *ptr = (u32 *)(&sessionid->data[0]);
1542 dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
1543}
8f199b82
TM		 1544#else
1545static inline void
1546dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
1547{
1548}
1549#endif
1550
9411b1d4
BF		 1551/*
1552 * Bump the seqid on cstate->replay_owner, and clear replay_owner if it
1553 * won't be used for replay.
1554 */
1555void nfsd4_bump_seqid(struct nfsd4_compound_state *cstate, __be32 nfserr)
1556{
1557 struct nfs4_stateowner *so = cstate->replay_owner;
1558
1559 if (nfserr == nfserr_replay_me)
1560 return;
1561
1562 if (!seqid_mutating_err(ntohl(nfserr))) {
58fb12e6 1563 nfsd4_cstate_clear_replay(cstate);
9411b1d4
BF		 1564 return;
1565 }
1566 if (!so)
1567 return;
1568 if (so->so_is_open_owner)
1569 release_last_closed_stateid(openowner(so));
1570 so->so_seqid++;
1571 return;
1572}
5282fd72 1573
ec6b5d7b
AA		 1574static void
1575gen_sessionid(struct nfsd4_session *ses)
1576{
1577 struct nfs4_client *clp = ses->se_client;
1578 struct nfsd4_sessionid *sid;
1579
1580 sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
1581 sid->clientid = clp->cl_clientid;
1582 sid->sequence = current_sessionid++;
1583 sid->reserved = 0;
1584}
1585
1586/*
a649637c
AA		 1587 * The protocol defines ca_maxresponssize_cached to include the size of
1588 * the rpc header, but all we need to cache is the data starting after
1589 * the end of the initial SEQUENCE operation--the rest we regenerate
1590 * each time. Therefore we can advertise a ca_maxresponssize_cached
1591 * value that is the number of bytes in our cache plus a few additional
1592 * bytes. In order to stay on the safe side, and not promise more than
1593 * we can cache, those additional bytes must be the minimum possible: 24
1594 * bytes of rpc header (xid through accept state, with AUTH_NULL
1595 * verifier), 12 for the compound header (with zero-length tag), and 44
1596 * for the SEQUENCE op response:
1597 */
1598#define NFSD_MIN_HDR_SEQ_SZ (24 + 12 + 44)
1599
557ce264
AA		 1600static void
1601free_session_slots(struct nfsd4_session *ses)
1602{
1603 int i;
1604
53da6a53
BF		 1605 for (i = 0; i < ses->se_fchannel.maxreqs; i++) {
1606 free_svc_cred(&ses->se_slots[i]->sl_cred);
557ce264 1607 kfree(ses->se_slots[i]);
53da6a53 1608 }
557ce264
AA		 1609}
1610
a649637c 1611/*
efe0cb6d
BF		 1612 * We don't actually need to cache the rpc and session headers, so we
1613 * can allocate a little less for each slot:
1614 */
55c760cf 1615static inline u32 slot_bytes(struct nfsd4_channel_attrs *ca)
efe0cb6d 1616{
55c760cf 1617 u32 size;
efe0cb6d 1618
55c760cf
BF		 1619 if (ca->maxresp_cached < NFSD_MIN_HDR_SEQ_SZ)
1620 size = 0;
1621 else
1622 size = ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
1623 return size + sizeof(struct nfsd4_slot);
5b6feee9 1624}
ec6b5d7b 1625
5b6feee9
BF		 1626/*
1627 * XXX: If we run out of reserved DRC memory we could (up to a point)
a649637c 1628 * re-negotiate active sessions and reduce their slot usage to make
42b2aa86 1629 * room for new connections. For now we just fail the create session.
ec6b5d7b 1630 */
2030ca56 1631static u32 nfsd4_get_drc_mem(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
ec6b5d7b 1632{
55c760cf
BF		 1633 u32 slotsize = slot_bytes(ca);
1634 u32 num = ca->maxreqs;
c54f24e3 1635 unsigned long avail, total_avail;
2030ca56 1636 unsigned int scale_factor;
ec6b5d7b 1637
5b6feee9 1638 spin_lock(&nfsd_drc_lock);
7f49fd5d
N		 1639 if (nfsd_drc_max_mem > nfsd_drc_mem_used)
1640 total_avail = nfsd_drc_max_mem - nfsd_drc_mem_used;
1641 else
1642 /* We have handed out more space than we chose in
1643 * set_max_drc() to allow. That isn't really a
1644 * problem as long as that doesn't make us think we
1645 * have lots more due to integer overflow.
1646 */
1647 total_avail = 0;
c54f24e3 1648 avail = min((unsigned long)NFSD_MAX_MEM_PER_SESSION, total_avail);
de766e57 1649 /*
2030ca56 1650 * Never use more than a fraction of the remaining memory,
7f49fd5d 1651 * unless it's the only way to give this client a slot.
2030ca56
N		 1652 * The chosen fraction is either 1/8 or 1/number of threads,
1653 * whichever is smaller. This ensures there are adequate
1654 * slots to support multiple clients per thread.
7f49fd5d
N		 1655 * Give the client one slot even if that would require
1656 * over-allocation--it is better than failure.
de766e57 1657 */
2030ca56
N		 1658 scale_factor = max_t(unsigned int, 8, nn->nfsd_serv->sv_nrthreads);
1659
1660 avail = clamp_t(unsigned long, avail, slotsize,
1661 total_avail/scale_factor);
5b6feee9 1662 num = min_t(int, num, avail / slotsize);
7f49fd5d 1663 num = max_t(int, num, 1);
5b6feee9
BF		 1664 nfsd_drc_mem_used += num * slotsize;
1665 spin_unlock(&nfsd_drc_lock);
ec6b5d7b 1666
5b6feee9
BF		 1667 return num;
1668}
ec6b5d7b 1669
55c760cf 1670static void nfsd4_put_drc_mem(struct nfsd4_channel_attrs *ca)
5b6feee9 1671{
55c760cf
BF		 1672 int slotsize = slot_bytes(ca);
1673
4bd9b0f4 1674 spin_lock(&nfsd_drc_lock);
55c760cf 1675 nfsd_drc_mem_used -= slotsize * ca->maxreqs;
4bd9b0f4 1676 spin_unlock(&nfsd_drc_lock);
5b6feee9 1677}
ec6b5d7b 1678
60810e54
KM		 1679static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fattrs,
1680 struct nfsd4_channel_attrs *battrs)
5b6feee9 1681{
60810e54
KM		 1682 int numslots = fattrs->maxreqs;
1683 int slotsize = slot_bytes(fattrs);
5b6feee9
BF		 1684 struct nfsd4_session *new;
1685 int mem, i;
a649637c 1686
5b6feee9
BF		 1687 BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
1688 + sizeof(struct nfsd4_session) > PAGE_SIZE);
1689 mem = numslots * sizeof(struct nfsd4_slot *);
ec6b5d7b 1690
5b6feee9
BF		 1691 new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
1692 if (!new)
1693 return NULL;
557ce264 1694 /* allocate each struct nfsd4_slot and data cache in one piece */
5b6feee9 1695 for (i = 0; i < numslots; i++) {
55c760cf 1696 new->se_slots[i] = kzalloc(slotsize, GFP_KERNEL);
5b6feee9 1697 if (!new->se_slots[i])
557ce264 1698 goto out_free;
557ce264 1699 }
60810e54
KM		 1700
1701 memcpy(&new->se_fchannel, fattrs, sizeof(struct nfsd4_channel_attrs));
1702 memcpy(&new->se_bchannel, battrs, sizeof(struct nfsd4_channel_attrs));
1703
5b6feee9
BF		 1704 return new;
1705out_free:
1706 while (i--)
1707 kfree(new->se_slots[i]);
1708 kfree(new);
1709 return NULL;
ec6b5d7b
AA		 1710}
1711
19cf5c02
BF		 1712static void free_conn(struct nfsd4_conn *c)
1713{
1714 svc_xprt_put(c->cn_xprt);
1715 kfree(c);
1716}
ec6b5d7b 1717
19cf5c02
BF		 1718static void nfsd4_conn_lost(struct svc_xpt_user *u)
1719{
1720 struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
1721 struct nfs4_client *clp = c->cn_session->se_client;
ec6b5d7b 1722
19cf5c02
BF		 1723 spin_lock(&clp->cl_lock);
1724 if (!list_empty(&c->cn_persession)) {
1725 list_del(&c->cn_persession);
1726 free_conn(c);
1727 }
eea49806 1728 nfsd4_probe_callback(clp);
2e4b7239 1729 spin_unlock(&clp->cl_lock);
19cf5c02 1730}
ec6b5d7b 1731
d29c374c 1732static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
c7662518 1733{
c7662518 1734 struct nfsd4_conn *conn;
ec6b5d7b 1735
c7662518
BF		 1736 conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
1737 if (!conn)
db90681d 1738 return NULL;
c7662518
BF		 1739 svc_xprt_get(rqstp->rq_xprt);
1740 conn->cn_xprt = rqstp->rq_xprt;
d29c374c 1741 conn->cn_flags = flags;
db90681d
BF		 1742 INIT_LIST_HEAD(&conn->cn_xpt_user.list);
1743 return conn;
1744}
a649637c 1745
328ead28
BF		 1746static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
1747{
1748 conn->cn_session = ses;
1749 list_add(&conn->cn_persession, &ses->se_conns);
ec6b5d7b
AA		 1750}
1751
db90681d 1752static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
557ce264 1753{
db90681d 1754 struct nfs4_client *clp = ses->se_client;
557ce264 1755
c7662518 1756 spin_lock(&clp->cl_lock);
328ead28 1757 __nfsd4_hash_conn(conn, ses);
c7662518 1758 spin_unlock(&clp->cl_lock);
557ce264
AA		 1759}
1760
21b75b01 1761static int nfsd4_register_conn(struct nfsd4_conn *conn)
efe0cb6d 1762{
19cf5c02 1763 conn->cn_xpt_user.callback = nfsd4_conn_lost;
21b75b01 1764 return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
efe0cb6d
BF		 1765}
1766
e1ff371f 1767static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
ec6b5d7b 1768{
21b75b01 1769 int ret;
ec6b5d7b 1770
db90681d 1771 nfsd4_hash_conn(conn, ses);
21b75b01
BF		 1772 ret = nfsd4_register_conn(conn);
1773 if (ret)
1774 /* oops; xprt is already down: */
1775 nfsd4_conn_lost(&conn->cn_xpt_user);
57a37144
BF		 1776 /* We may have gained or lost a callback channel: */
1777 nfsd4_probe_callback_sync(ses->se_client);
c7662518 1778}
ec6b5d7b 1779
e1ff371f 1780static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
1d1bc8f2
BF		 1781{
1782 u32 dir = NFS4_CDFC4_FORE;
1783
e1ff371f 1784 if (cses->flags & SESSION4_BACK_CHAN)
1d1bc8f2 1785 dir |= NFS4_CDFC4_BACK;
e1ff371f 1786 return alloc_conn(rqstp, dir);
1d1bc8f2
BF		 1787}
1788
1789/* must be called under client_lock */
19cf5c02 1790static void nfsd4_del_conns(struct nfsd4_session *s)
c7662518 1791{
19cf5c02
BF		 1792 struct nfs4_client *clp = s->se_client;
1793 struct nfsd4_conn *c;
ec6b5d7b 1794
19cf5c02
BF		 1795 spin_lock(&clp->cl_lock);
1796 while (!list_empty(&s->se_conns)) {
1797 c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
1798 list_del_init(&c->cn_persession);
1799 spin_unlock(&clp->cl_lock);
557ce264 1800
19cf5c02
BF		 1801 unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
1802 free_conn(c);
ec6b5d7b 1803
19cf5c02
BF		 1804 spin_lock(&clp->cl_lock);
1805 }
1806 spin_unlock(&clp->cl_lock);
c7662518 1807}
ec6b5d7b 1808
1377b69e
BF		 1809static void __free_session(struct nfsd4_session *ses)
1810{
1377b69e
BF		 1811 free_session_slots(ses);
1812 kfree(ses);
1813}
1814
66b2b9b2 1815static void free_session(struct nfsd4_session *ses)
c7662518 1816{
19cf5c02 1817 nfsd4_del_conns(ses);
55c760cf 1818 nfsd4_put_drc_mem(&ses->se_fchannel);
1377b69e 1819 __free_session(ses);
c7662518
BF		 1820}
1821
135ae827 1822static void init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
a827bcb2 1823{
a827bcb2 1824 int idx;
1872de0e 1825 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
a827bcb2 1826
ec6b5d7b
AA		 1827 new->se_client = clp;
1828 gen_sessionid(new);
ec6b5d7b 1829
c7662518
BF		 1830 INIT_LIST_HEAD(&new->se_conns);
1831
ac7c46f2 1832 new->se_cb_seq_nr = 1;
ec6b5d7b 1833 new->se_flags = cses->flags;
8b5ce5cd 1834 new->se_cb_prog = cses->callback_prog;
c6bb3ca2 1835 new->se_cb_sec = cses->cb_sec;
66b2b9b2 1836 atomic_set(&new->se_ref, 0);
5b6feee9 1837 idx = hash_sessionid(&new->se_sessionid);
1872de0e 1838 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]);
4c649378 1839 spin_lock(&clp->cl_lock);
ec6b5d7b 1840 list_add(&new->se_perclnt, &clp->cl_sessions);
4c649378 1841 spin_unlock(&clp->cl_lock);
60810e54 1842
b0d2e42c 1843 {
edd76786 1844 struct sockaddr *sa = svc_addr(rqstp);
dcbeaa68
BF		 1845 /*
1846 * This is a little silly; with sessions there's no real
1847 * use for the callback address. Use the peer address
1848 * as a reasonable default for now, but consider fixing
1849 * the rpc client not to require an address in the
1850 * future:
1851 */
edd76786
BF		 1852 rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
1853 clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
edd76786 1854 }
ec6b5d7b
AA		 1855}
1856
9089f1b4 1857/* caller must hold client_lock */
5282fd72 1858static struct nfsd4_session *
d4e19e70 1859__find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net)
5282fd72
ME		 1860{
1861 struct nfsd4_session *elem;
1862 int idx;
1872de0e 1863 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
5282fd72 1864
0a880a28
TM		 1865 lockdep_assert_held(&nn->client_lock);
1866
5282fd72
ME		 1867 dump_sessionid(__func__, sessionid);
1868 idx = hash_sessionid(sessionid);
5282fd72 1869 /* Search in the appropriate list */
1872de0e 1870 list_for_each_entry(elem, &nn->sessionid_hashtbl[idx], se_hash) {
5282fd72
ME		 1871 if (!memcmp(elem->se_sessionid.data, sessionid->data,
1872 NFS4_MAX_SESSIONID_LEN)) {
1873 return elem;
1874 }
1875 }
1876
1877 dprintk("%s: session not found\n", __func__);
1878 return NULL;
1879}
1880
d4e19e70
TM		 1881static struct nfsd4_session *
1882find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net,
1883 __be32 *ret)
1884{
1885 struct nfsd4_session *session;
1886 __be32 status = nfserr_badsession;
1887
1888 session = __find_in_sessionid_hashtbl(sessionid, net);
1889 if (!session)
1890 goto out;
1891 status = nfsd4_get_session_locked(session);
1892 if (status)
1893 session = NULL;
1894out:
1895 *ret = status;
1896 return session;
1897}
1898
9089f1b4 1899/* caller must hold client_lock */
7116ed6b 1900static void
5282fd72 1901unhash_session(struct nfsd4_session *ses)
7116ed6b 1902{
0a880a28
TM		 1903 struct nfs4_client *clp = ses->se_client;
1904 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1905
1906 lockdep_assert_held(&nn->client_lock);
1907
7116ed6b 1908 list_del(&ses->se_hash);
4c649378 1909 spin_lock(&ses->se_client->cl_lock);
7116ed6b 1910 list_del(&ses->se_perclnt);
4c649378 1911 spin_unlock(&ses->se_client->cl_lock);
5282fd72
ME		 1912}
1913
1da177e4
LT		 1914/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1915static int
2c142baa 1916STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1da177e4 1917{
bbc7f33a
BF		 1918 /*
1919 * We're assuming the clid was not given out from a boot
1920 * precisely 2^32 (about 136 years) before this one. That seems
1921 * a safe assumption:
1922 */
1923 if (clid->cl_boot == (u32)nn->boot_time)
1da177e4 1924 return 0;
9cc76801 1925 dprintk("NFSD stale clientid (%08x/%08x) boot_time %08llx\n",
2c142baa 1926 clid->cl_boot, clid->cl_id, nn->boot_time);
1da177e4
LT		 1927 return 1;
1928}
1929
1930/*
1931 * XXX Should we use a slab cache ?
1932 * This type of memory management is somewhat inefficient, but we use it
1933 * anyway since SETCLIENTID is not a common operation.
1934 */
35bba9a3 1935static struct nfs4_client *alloc_client(struct xdr_netobj name)
1da177e4
LT		 1936{
1937 struct nfs4_client *clp;
d4f0489f 1938 int i;
1da177e4 1939
9258a2d5 1940 clp = kmem_cache_zalloc(client_slab, GFP_KERNEL);
35bba9a3
BF		 1941 if (clp == NULL)
1942 return NULL;
6f4859b8 1943 xdr_netobj_dup(&clp->cl_name, &name, GFP_KERNEL);
d4f0489f
TM		 1944 if (clp->cl_name.data == NULL)
1945 goto err_no_name;
6da2ec56
KC		 1946 clp->cl_ownerstr_hashtbl = kmalloc_array(OWNER_HASH_SIZE,
1947 sizeof(struct list_head),
1948 GFP_KERNEL);
d4f0489f
TM		 1949 if (!clp->cl_ownerstr_hashtbl)
1950 goto err_no_hashtbl;
1951 for (i = 0; i < OWNER_HASH_SIZE; i++)
1952 INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]);
5694c93e
TM		 1953 INIT_LIST_HEAD(&clp->cl_sessions);
1954 idr_init(&clp->cl_stateids);
14ed14cc 1955 atomic_set(&clp->cl_rpc_users, 0);
5694c93e
TM		 1956 clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1957 INIT_LIST_HEAD(&clp->cl_idhash);
1958 INIT_LIST_HEAD(&clp->cl_openowners);
1959 INIT_LIST_HEAD(&clp->cl_delegations);
1960 INIT_LIST_HEAD(&clp->cl_lru);
5694c93e 1961 INIT_LIST_HEAD(&clp->cl_revoked);
9cf514cc
CH		 1962#ifdef CONFIG_NFSD_PNFS
1963 INIT_LIST_HEAD(&clp->cl_lo_states);
1964#endif
e0639dc5
OK		 1965 INIT_LIST_HEAD(&clp->async_copies);
1966 spin_lock_init(&clp->async_lock);
5694c93e
TM		 1967 spin_lock_init(&clp->cl_lock);
1968 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1da177e4 1969 return clp;
d4f0489f
TM		 1970err_no_hashtbl:
1971 kfree(clp->cl_name.data);
1972err_no_name:
9258a2d5 1973 kmem_cache_free(client_slab, clp);
d4f0489f 1974 return NULL;
1da177e4
LT		 1975}
1976
59f8e91b
BF		 1977static void __free_client(struct kref *k)
1978{
e8a79fb1
BF		 1979 struct nfsdfs_client *c = container_of(k, struct nfsdfs_client, cl_ref);
1980 struct nfs4_client *clp = container_of(c, struct nfs4_client, cl_nfsdfs);
59f8e91b
BF		 1981
1982 free_svc_cred(&clp->cl_cred);
1983 kfree(clp->cl_ownerstr_hashtbl);
1984 kfree(clp->cl_name.data);
79123444
BF		 1985 kfree(clp->cl_nii_domain.data);
1986 kfree(clp->cl_nii_name.data);
59f8e91b 1987 idr_destroy(&clp->cl_stateids);
59f8e91b
BF		 1988 kmem_cache_free(client_slab, clp);
1989}
1990
297e57a2 1991static void drop_client(struct nfs4_client *clp)
59f8e91b 1992{
e8a79fb1 1993 kref_put(&clp->cl_nfsdfs.cl_ref, __free_client);
59f8e91b
BF		 1994}
1995
4dd86e15 1996static void
1da177e4
LT		 1997free_client(struct nfs4_client *clp)
1998{
792c95dd
BF		 1999 while (!list_empty(&clp->cl_sessions)) {
2000 struct nfsd4_session *ses;
2001 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
2002 se_perclnt);
2003 list_del(&ses->se_perclnt);
66b2b9b2
BF		 2004 WARN_ON_ONCE(atomic_read(&ses->se_ref));
2005 free_session(ses);
792c95dd 2006 }
4cb57e30 2007 rpc_destroy_wait_queue(&clp->cl_cb_waitq);
89c905be 2008 if (clp->cl_nfsd_dentry) {
e8a79fb1 2009 nfsd_client_rmdir(clp->cl_nfsd_dentry);
89c905be
BF		 2010 clp->cl_nfsd_dentry = NULL;
2011 wake_up_all(&expiry_wq);
2012 }
59f8e91b 2013 drop_client(clp);
1da177e4
LT		 2014}
2015
84d38ac9 2016/* must be called under the client_lock */
4beb345b 2017static void
84d38ac9
BH		 2018unhash_client_locked(struct nfs4_client *clp)
2019{
4beb345b 2020 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
792c95dd
BF		 2021 struct nfsd4_session *ses;
2022
0a880a28
TM		 2023 lockdep_assert_held(&nn->client_lock);
2024
4beb345b
TM		 2025 /* Mark the client as expired! */
2026 clp->cl_time = 0;
2027 /* Make it invisible */
2028 if (!list_empty(&clp->cl_idhash)) {
2029 list_del_init(&clp->cl_idhash);
2030 if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags))
2031 rb_erase(&clp->cl_namenode, &nn->conf_name_tree);
2032 else
2033 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
2034 }
2035 list_del_init(&clp->cl_lru);
4c649378 2036 spin_lock(&clp->cl_lock);
792c95dd
BF		 2037 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
2038 list_del_init(&ses->se_hash);
4c649378 2039 spin_unlock(&clp->cl_lock);
84d38ac9
BH		 2040}
2041
1da177e4 2042static void
4beb345b
TM		 2043unhash_client(struct nfs4_client *clp)
2044{
2045 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2046
2047 spin_lock(&nn->client_lock);
2048 unhash_client_locked(clp);
2049 spin_unlock(&nn->client_lock);
2050}
2051
97403d95
JL		 2052static __be32 mark_client_expired_locked(struct nfs4_client *clp)
2053{
14ed14cc 2054 if (atomic_read(&clp->cl_rpc_users))
97403d95
JL		 2055 return nfserr_jukebox;
2056 unhash_client_locked(clp);
2057 return nfs_ok;
2058}
2059
4beb345b
TM		 2060static void
2061__destroy_client(struct nfs4_client *clp)
1da177e4 2062{
68ef3bc3 2063 int i;
fe0750e5 2064 struct nfs4_openowner *oo;
1da177e4 2065 struct nfs4_delegation *dp;
1da177e4
LT		 2066 struct list_head reaplist;
2067
1da177e4 2068 INIT_LIST_HEAD(&reaplist);
cdc97505 2069 spin_lock(&state_lock);
ea1da636
N		 2070 while (!list_empty(&clp->cl_delegations)) {
2071 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
3fcbbd24 2072 WARN_ON(!unhash_delegation_locked(dp));
42690676 2073 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 2074 }
cdc97505 2075 spin_unlock(&state_lock);
1da177e4
LT		 2076 while (!list_empty(&reaplist)) {
2077 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
42690676 2078 list_del_init(&dp->dl_recall_lru);
0af6e690 2079 destroy_unhashed_deleg(dp);
1da177e4 2080 }
2d4a532d 2081 while (!list_empty(&clp->cl_revoked)) {
c876486b 2082 dp = list_entry(clp->cl_revoked.next, struct nfs4_delegation, dl_recall_lru);
2d4a532d 2083 list_del_init(&dp->dl_recall_lru);
6011695d 2084 nfs4_put_stid(&dp->dl_stid);
956c4fee 2085 }
ea1da636 2086 while (!list_empty(&clp->cl_openowners)) {
fe0750e5 2087 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
b5971afa 2088 nfs4_get_stateowner(&oo->oo_owner);
fe0750e5 2089 release_openowner(oo);
1da177e4 2090 }
68ef3bc3
JL		 2091 for (i = 0; i < OWNER_HASH_SIZE; i++) {
2092 struct nfs4_stateowner *so, *tmp;
2093
2094 list_for_each_entry_safe(so, tmp, &clp->cl_ownerstr_hashtbl[i],
2095 so_strhash) {
2096 /* Should be no openowners at this point */
2097 WARN_ON_ONCE(so->so_is_open_owner);
2098 remove_blocked_locks(lockowner(so));
2099 }
2100 }
9cf514cc 2101 nfsd4_return_all_client_layouts(clp);
e0639dc5 2102 nfsd4_shutdown_copy(clp);
6ff8da08 2103 nfsd4_shutdown_callback(clp);
84d38ac9
BH		 2104 if (clp->cl_cb_conn.cb_xprt)
2105 svc_xprt_put(clp->cl_cb_conn.cb_xprt);
221a6876 2106 free_client(clp);
89c905be 2107 wake_up_all(&expiry_wq);
1da177e4
LT		 2108}
2109
4beb345b
TM		 2110static void
2111destroy_client(struct nfs4_client *clp)
2112{
2113 unhash_client(clp);
2114 __destroy_client(clp);
2115}
2116
362063a5
SM		 2117static void inc_reclaim_complete(struct nfs4_client *clp)
2118{
2119 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2120
2121 if (!nn->track_reclaim_completes)
2122 return;
2123 if (!nfsd4_find_reclaim_client(clp->cl_name, nn))
2124 return;
2125 if (atomic_inc_return(&nn->nr_reclaim_complete) ==
2126 nn->reclaim_str_hashtbl_size) {
2127 printk(KERN_INFO "NFSD: all clients done reclaiming, ending NFSv4 grace period (net %x)\n",
2128 clp->net->ns.inum);
2129 nfsd4_end_grace(nn);
2130 }
2131}
2132
0d22f68f
BF		 2133static void expire_client(struct nfs4_client *clp)
2134{
4beb345b 2135 unhash_client(clp);
0d22f68f 2136 nfsd4_client_record_remove(clp);
4beb345b 2137 __destroy_client(clp);
0d22f68f
BF		 2138}
2139
35bba9a3
BF		 2140static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
2141{
2142 memcpy(target->cl_verifier.data, source->data,
2143 sizeof(target->cl_verifier.data));
1da177e4
LT		 2144}
2145
35bba9a3
BF		 2146static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
2147{
1da177e4
LT		 2148 target->cl_clientid.cl_boot = source->cl_clientid.cl_boot;
2149 target->cl_clientid.cl_id = source->cl_clientid.cl_id;
2150}
2151
50043859
BF		 2152static int copy_cred(struct svc_cred *target, struct svc_cred *source)
2153{
2f10fdcb
N		 2154 target->cr_principal = kstrdup(source->cr_principal, GFP_KERNEL);
2155 target->cr_raw_principal = kstrdup(source->cr_raw_principal,
2156 GFP_KERNEL);
9abdda5d
CL		 2157 target->cr_targ_princ = kstrdup(source->cr_targ_princ, GFP_KERNEL);
2158 if ((source->cr_principal && !target->cr_principal) ||
2159 (source->cr_raw_principal && !target->cr_raw_principal) ||
2160 (source->cr_targ_princ && !target->cr_targ_princ))
2f10fdcb 2161 return -ENOMEM;
50043859 2162
d5497fc6 2163 target->cr_flavor = source->cr_flavor;
1da177e4
LT		 2164 target->cr_uid = source->cr_uid;
2165 target->cr_gid = source->cr_gid;
2166 target->cr_group_info = source->cr_group_info;
2167 get_group_info(target->cr_group_info);
0dc1531a
BF		 2168 target->cr_gss_mech = source->cr_gss_mech;
2169 if (source->cr_gss_mech)
2170 gss_mech_get(source->cr_gss_mech);
03a4e1f6 2171 return 0;
1da177e4
LT		 2172}
2173
ef17af2a 2174static int
ac55fdc4
JL		 2175compare_blob(const struct xdr_netobj *o1, const struct xdr_netobj *o2)
2176{
ef17af2a
RV		 2177 if (o1->len < o2->len)
2178 return -1;
2179 if (o1->len > o2->len)
2180 return 1;
2181 return memcmp(o1->data, o2->data, o1->len);
ac55fdc4
JL		 2182}
2183
1da177e4 2184static int
599e0a22
BF		 2185same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
2186{
2187 return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1da177e4
LT		 2188}
2189
2190static int
599e0a22
BF		 2191same_clid(clientid_t *cl1, clientid_t *cl2)
2192{
2193 return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1da177e4
LT		 2194}
2195
8fbba96e
BF		 2196static bool groups_equal(struct group_info *g1, struct group_info *g2)
2197{
2198 int i;
2199
2200 if (g1->ngroups != g2->ngroups)
2201 return false;
2202 for (i=0; i<g1->ngroups; i++)
81243eac 2203 if (!gid_eq(g1->gid[i], g2->gid[i]))
8fbba96e
BF		 2204 return false;
2205 return true;
2206}
2207
68eb3508
BF		 2208/*
2209 * RFC 3530 language requires clid_inuse be returned when the
2210 * "principal" associated with a requests differs from that previously
2211 * used. We use uid, gid's, and gss principal string as our best
2212 * approximation. We also don't want to allow non-gss use of a client
2213 * established using gss: in theory cr_principal should catch that
2214 * change, but in practice cr_principal can be null even in the gss case
2215 * since gssd doesn't always pass down a principal string.
2216 */
2217static bool is_gss_cred(struct svc_cred *cr)
2218{
2219 /* Is cr_flavor one of the gss "pseudoflavors"?: */
2220 return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
2221}
2222
2223
5559b50a 2224static bool
599e0a22
BF		 2225same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
2226{
68eb3508 2227 if ((is_gss_cred(cr1) != is_gss_cred(cr2))
6fab8779
EB		 2228 || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
2229 || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
8fbba96e
BF		 2230 || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
2231 return false;
9abdda5d 2232 /* XXX: check that cr_targ_princ fields match ? */
8fbba96e
BF		 2233 if (cr1->cr_principal == cr2->cr_principal)
2234 return true;
2235 if (!cr1->cr_principal || !cr2->cr_principal)
2236 return false;
5559b50a 2237 return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1da177e4
LT		 2238}
2239
57266a6e
BF		 2240static bool svc_rqst_integrity_protected(struct svc_rqst *rqstp)
2241{
2242 struct svc_cred *cr = &rqstp->rq_cred;
2243 u32 service;
2244
c4720591
BF		 2245 if (!cr->cr_gss_mech)
2246 return false;
57266a6e
BF		 2247 service = gss_pseudoflavor_to_service(cr->cr_gss_mech, cr->cr_flavor);
2248 return service == RPC_GSS_SVC_INTEGRITY ||
2249 service == RPC_GSS_SVC_PRIVACY;
2250}
2251
dedeb13f 2252bool nfsd4_mach_creds_match(struct nfs4_client *cl, struct svc_rqst *rqstp)
57266a6e
BF		 2253{
2254 struct svc_cred *cr = &rqstp->rq_cred;
2255
2256 if (!cl->cl_mach_cred)
2257 return true;
2258 if (cl->cl_cred.cr_gss_mech != cr->cr_gss_mech)
2259 return false;
2260 if (!svc_rqst_integrity_protected(rqstp))
2261 return false;
414ca017
BF		 2262 if (cl->cl_cred.cr_raw_principal)
2263 return 0 == strcmp(cl->cl_cred.cr_raw_principal,
2264 cr->cr_raw_principal);
57266a6e
BF		 2265 if (!cr->cr_principal)
2266 return false;
2267 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal);
2268}
2269
294ac32e 2270static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn)
deda2faa 2271{
ab4684d1 2272 __be32 verf[2];
1da177e4 2273
f419992c
JL		 2274 /*
2275 * This is opaque to client, so no need to byte-swap. Use
2276 * __force to keep sparse happy
2277 */
9104ae49 2278 verf[0] = (__force __be32)(u32)ktime_get_real_seconds();
19311aa8 2279 verf[1] = (__force __be32)nn->clverifier_counter++;
ab4684d1 2280 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1da177e4
LT		 2281}
2282
294ac32e
JL		 2283static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn)
2284{
9cc76801 2285 clp->cl_clientid.cl_boot = (u32)nn->boot_time;
294ac32e
JL		 2286 clp->cl_clientid.cl_id = nn->clientid_counter++;
2287 gen_confirm(clp, nn);
2288}
2289
4770d722
JL		 2290static struct nfs4_stid *
2291find_stateid_locked(struct nfs4_client *cl, stateid_t *t)
4581d140 2292{
3abdb607
BF		 2293 struct nfs4_stid *ret;
2294
2295 ret = idr_find(&cl->cl_stateids, t->si_opaque.so_id);
2296 if (!ret || !ret->sc_type)
2297 return NULL;
2298 return ret;
4d71ab87
BF		 2299}
2300
4770d722
JL		 2301static struct nfs4_stid *
2302find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
f459e453
BF		 2303{
2304 struct nfs4_stid *s;
4d71ab87 2305
4770d722
JL		 2306 spin_lock(&cl->cl_lock);
2307 s = find_stateid_locked(cl, t);
2d3f9668
TM		 2308 if (s != NULL) {
2309 if (typemask & s->sc_type)
a15dfcd5 2310 refcount_inc(&s->sc_count);
2d3f9668
TM		 2311 else
2312 s = NULL;
2313 }
4770d722
JL		 2314 spin_unlock(&cl->cl_lock);
2315 return s;
4581d140
BF		 2316}
2317
a204f25e
BF		 2318static struct nfs4_client *get_nfsdfs_clp(struct inode *inode)
2319{
2320 struct nfsdfs_client *nc;
2321 nc = get_nfsdfs_client(inode);
2322 if (!nc)
2323 return NULL;
2324 return container_of(nc, struct nfs4_client, cl_nfsdfs);
2325}
2326
169319f1
BF		 2327static void seq_quote_mem(struct seq_file *m, char *data, int len)
2328{
2329 seq_printf(m, "\"");
2330 seq_escape_mem_ascii(m, data, len);
2331 seq_printf(m, "\"");
2332}
2333
97ad4031
BF		 2334static int client_info_show(struct seq_file *m, void *v)
2335{
2336 struct inode *inode = m->private;
97ad4031
BF		 2337 struct nfs4_client *clp;
2338 u64 clid;
2339
a204f25e
BF		 2340 clp = get_nfsdfs_clp(inode);
2341 if (!clp)
97ad4031 2342 return -ENXIO;
97ad4031
BF		 2343 memcpy(&clid, &clp->cl_clientid, sizeof(clid));
2344 seq_printf(m, "clientid: 0x%llx\n", clid);
169319f1
BF		 2345 seq_printf(m, "address: \"%pISpc\"\n", (struct sockaddr *)&clp->cl_addr);
2346 seq_printf(m, "name: ");
2347 seq_quote_mem(m, clp->cl_name.data, clp->cl_name.len);
2348 seq_printf(m, "\nminor version: %d\n", clp->cl_minorversion);
79123444
BF		 2349 if (clp->cl_nii_domain.data) {
2350 seq_printf(m, "Implementation domain: ");
2351 seq_quote_mem(m, clp->cl_nii_domain.data,
2352 clp->cl_nii_domain.len);
2353 seq_printf(m, "\nImplementation name: ");
2354 seq_quote_mem(m, clp->cl_nii_name.data, clp->cl_nii_name.len);
e29f4703 2355 seq_printf(m, "\nImplementation time: [%lld, %ld]\n",
79123444
BF		 2356 clp->cl_nii_time.tv_sec, clp->cl_nii_time.tv_nsec);
2357 }
97ad4031
BF		 2358 drop_client(clp);
2359
2360 return 0;
2361}
2362
2363static int client_info_open(struct inode *inode, struct file *file)
2364{
2365 return single_open(file, client_info_show, inode);
2366}
2367
2368static const struct file_operations client_info_fops = {
2369 .open = client_info_open,
2370 .read = seq_read,
2371 .llseek = seq_lseek,
2372 .release = single_release,
2373};
2374
78599c42
BF		 2375static void *states_start(struct seq_file *s, loff_t *pos)
2376 __acquires(&clp->cl_lock)
2377{
2378 struct nfs4_client *clp = s->private;
2379 unsigned long id = *pos;
2380 void *ret;
2381
2382 spin_lock(&clp->cl_lock);
2383 ret = idr_get_next_ul(&clp->cl_stateids, &id);
2384 *pos = id;
2385 return ret;
2386}
2387
2388static void *states_next(struct seq_file *s, void *v, loff_t *pos)
2389{
2390 struct nfs4_client *clp = s->private;
2391 unsigned long id = *pos;
2392 void *ret;
2393
2394 id = *pos;
2395 id++;
2396 ret = idr_get_next_ul(&clp->cl_stateids, &id);
2397 *pos = id;
2398 return ret;
2399}
2400
2401static void states_stop(struct seq_file *s, void *v)
2402 __releases(&clp->cl_lock)
2403{
2404 struct nfs4_client *clp = s->private;
2405
2406 spin_unlock(&clp->cl_lock);
2407}
2408
fd4f83fd 2409static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f)
78599c42 2410{
fd4f83fd 2411 struct inode *inode = f->nf_inode;
78599c42
BF		 2412
2413 seq_printf(s, "superblock: \"%02x:%02x:%ld\"",
2414 MAJOR(inode->i_sb->s_dev),
2415 MINOR(inode->i_sb->s_dev),
2416 inode->i_ino);
2417}
2418
2419static void nfs4_show_owner(struct seq_file *s, struct nfs4_stateowner *oo)
2420{
2421 seq_printf(s, "owner: ");
2422 seq_quote_mem(s, oo->so_owner.data, oo->so_owner.len);
2423}
2424
2425static int nfs4_show_open(struct seq_file *s, struct nfs4_stid *st)
2426{
2427 struct nfs4_ol_stateid *ols;
2428 struct nfs4_file *nf;
fd4f83fd 2429 struct nfsd_file *file;
78599c42
BF		 2430 struct nfs4_stateowner *oo;
2431 unsigned int access, deny;
2432
2433 if (st->sc_type != NFS4_OPEN_STID && st->sc_type != NFS4_LOCK_STID)
2434 return 0; /* XXX: or SEQ_SKIP? */
2435 ols = openlockstateid(st);
2436 oo = ols->st_stateowner;
2437 nf = st->sc_file;
2438 file = find_any_file(nf);
2439
2440 seq_printf(s, "- 0x%16phN: { type: open, ", &st->sc_stateid);
2441
2442 access = bmap_to_share_mode(ols->st_access_bmap);
2443 deny = bmap_to_share_mode(ols->st_deny_bmap);
2444
c4b77edb 2445 seq_printf(s, "access: %s%s, ",
78599c42
BF		 2446 access & NFS4_SHARE_ACCESS_READ ? "r" : "-",
2447 access & NFS4_SHARE_ACCESS_WRITE ? "w" : "-");
c4b77edb 2448 seq_printf(s, "deny: %s%s, ",
78599c42
BF		 2449 deny & NFS4_SHARE_ACCESS_READ ? "r" : "-",
2450 deny & NFS4_SHARE_ACCESS_WRITE ? "w" : "-");
2451
2452 nfs4_show_superblock(s, file);
2453 seq_printf(s, ", ");
2454 nfs4_show_owner(s, oo);
2455 seq_printf(s, " }\n");
fd4f83fd 2456 nfsd_file_put(file);
16d36e09
BF		 2457
2458 return 0;
2459}
2460
2461static int nfs4_show_lock(struct seq_file *s, struct nfs4_stid *st)
2462{
2463 struct nfs4_ol_stateid *ols;
2464 struct nfs4_file *nf;
fd4f83fd 2465 struct nfsd_file *file;
16d36e09
BF		 2466 struct nfs4_stateowner *oo;
2467
2468 ols = openlockstateid(st);
2469 oo = ols->st_stateowner;
2470 nf = st->sc_file;
2471 file = find_any_file(nf);
2472
2473 seq_printf(s, "- 0x%16phN: { type: lock, ", &st->sc_stateid);
2474
2475 /*
2476 * Note: a lock stateid isn't really the same thing as a lock,
2477 * it's the locking state held by one owner on a file, and there
2478 * may be multiple (or no) lock ranges associated with it.
2479 * (Same for the matter is true of open stateids.)
2480 */
78599c42 2481
16d36e09
BF		 2482 nfs4_show_superblock(s, file);
2483 /* XXX: open stateid? */
2484 seq_printf(s, ", ");
2485 nfs4_show_owner(s, oo);
2486 seq_printf(s, " }\n");
fd4f83fd 2487 nfsd_file_put(file);
78599c42
BF		 2488
2489 return 0;
2490}
2491
16d36e09
BF		 2492static int nfs4_show_deleg(struct seq_file *s, struct nfs4_stid *st)
2493{
2494 struct nfs4_delegation *ds;
2495 struct nfs4_file *nf;
eb82dd39 2496 struct nfsd_file *file;
16d36e09
BF		 2497
2498 ds = delegstateid(st);
2499 nf = st->sc_file;
2500 file = nf->fi_deleg_file;
2501
2502 seq_printf(s, "- 0x%16phN: { type: deleg, ", &st->sc_stateid);
2503
2504 /* Kinda dead code as long as we only support read delegs: */
2505 seq_printf(s, "access: %s, ",
2506 ds->dl_type == NFS4_OPEN_DELEGATE_READ ? "r" : "w");
2507
2508 /* XXX: lease time, whether it's being recalled. */
2509
2510 nfs4_show_superblock(s, file);
2511 seq_printf(s, " }\n");
2512
2513 return 0;
2514}
2515
0c4b62b0
BF		 2516static int nfs4_show_layout(struct seq_file *s, struct nfs4_stid *st)
2517{
2518 struct nfs4_layout_stateid *ls;
eb82dd39 2519 struct nfsd_file *file;
0c4b62b0
BF		 2520
2521 ls = container_of(st, struct nfs4_layout_stateid, ls_stid);
2522 file = ls->ls_file;
2523
2524 seq_printf(s, "- 0x%16phN: { type: layout, ", &st->sc_stateid);
2525
2526 /* XXX: What else would be useful? */
2527
2528 nfs4_show_superblock(s, file);
2529 seq_printf(s, " }\n");
2530
2531 return 0;
2532}
2533
78599c42
BF		 2534static int states_show(struct seq_file *s, void *v)
2535{
2536 struct nfs4_stid *st = v;
2537
2538 switch (st->sc_type) {
2539 case NFS4_OPEN_STID:
2540 return nfs4_show_open(s, st);
16d36e09
BF		 2541 case NFS4_LOCK_STID:
2542 return nfs4_show_lock(s, st);
2543 case NFS4_DELEG_STID:
2544 return nfs4_show_deleg(s, st);
0c4b62b0
BF		 2545 case NFS4_LAYOUT_STID:
2546 return nfs4_show_layout(s, st);
78599c42
BF		 2547 default:
2548 return 0; /* XXX: or SEQ_SKIP? */
2549 }
16d36e09 2550 /* XXX: copy stateids? */
78599c42
BF		 2551}
2552
2553static struct seq_operations states_seq_ops = {
2554 .start = states_start,
2555 .next = states_next,
2556 .stop = states_stop,
2557 .show = states_show
2558};
2559
2560static int client_states_open(struct inode *inode, struct file *file)
2561{
78599c42
BF		 2562 struct seq_file *s;
2563 struct nfs4_client *clp;
2564 int ret;
2565
a204f25e
BF		 2566 clp = get_nfsdfs_clp(inode);
2567 if (!clp)
78599c42 2568 return -ENXIO;
78599c42
BF		 2569
2570 ret = seq_open(file, &states_seq_ops);
2571 if (ret)
2572 return ret;
2573 s = file->private_data;
2574 s->private = clp;
2575 return 0;
2576}
2577
2578static int client_opens_release(struct inode *inode, struct file *file)
2579{
2580 struct seq_file *m = file->private_data;
2581 struct nfs4_client *clp = m->private;
2582
2583 /* XXX: alternatively, we could get/drop in seq start/stop */
2584 drop_client(clp);
2585 return 0;
2586}
2587
2588static const struct file_operations client_states_fops = {
2589 .open = client_states_open,
2590 .read = seq_read,
2591 .llseek = seq_lseek,
2592 .release = client_opens_release,
2593};
2594
89c905be
BF		 2595/*
2596 * Normally we refuse to destroy clients that are in use, but here the
2597 * administrator is telling us to just do it. We also want to wait
2598 * so the caller has a guarantee that the client's locks are gone by
2599 * the time the write returns:
2600 */
297e57a2 2601static void force_expire_client(struct nfs4_client *clp)
89c905be
BF		 2602{
2603 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
2604 bool already_expired;
2605
2606 spin_lock(&clp->cl_lock);
2607 clp->cl_time = 0;
2608 spin_unlock(&clp->cl_lock);
2609
2610 wait_event(expiry_wq, atomic_read(&clp->cl_rpc_users) == 0);
2611 spin_lock(&nn->client_lock);
2612 already_expired = list_empty(&clp->cl_lru);
2613 if (!already_expired)
2614 unhash_client_locked(clp);
2615 spin_unlock(&nn->client_lock);
2616
2617 if (!already_expired)
2618 expire_client(clp);
2619 else
2620 wait_event(expiry_wq, clp->cl_nfsd_dentry == NULL);
2621}
2622
2623static ssize_t client_ctl_write(struct file *file, const char __user *buf,
2624 size_t size, loff_t *pos)
2625{
2626 char *data;
2627 struct nfs4_client *clp;
2628
2629 data = simple_transaction_get(file, buf, size);
2630 if (IS_ERR(data))
2631 return PTR_ERR(data);
2632 if (size != 7 || 0 != memcmp(data, "expire\n", 7))
2633 return -EINVAL;
2634 clp = get_nfsdfs_clp(file_inode(file));
2635 if (!clp)
2636 return -ENXIO;
2637 force_expire_client(clp);
2638 drop_client(clp);
2639 return 7;
2640}
2641
2642static const struct file_operations client_ctl_fops = {
2643 .write = client_ctl_write,
2644 .release = simple_transaction_release,
2645};
2646
97ad4031
BF		 2647static const struct tree_descr client_files[] = {
2648 [0] = {"info", &client_info_fops, S_IRUSR},
78599c42 2649 [1] = {"states", &client_states_fops, S_IRUSR},
6cbfad5f 2650 [2] = {"ctl", &client_ctl_fops, S_IWUSR},
78599c42 2651 [3] = {""},
97ad4031
BF		 2652};
2653
2216d449 2654static struct nfs4_client *create_client(struct xdr_netobj name,
b09333c4
RL		 2655 struct svc_rqst *rqstp, nfs4_verifier *verf)
2656{
2657 struct nfs4_client *clp;
2658 struct sockaddr *sa = svc_addr(rqstp);
03a4e1f6 2659 int ret;
c212cecf 2660 struct net *net = SVC_NET(rqstp);
e8a79fb1 2661 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b09333c4
RL		 2662
2663 clp = alloc_client(name);
2664 if (clp == NULL)
2665 return NULL;
2666
03a4e1f6
BF		 2667 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
2668 if (ret) {
03a4e1f6 2669 free_client(clp);
03a4e1f6 2670 return NULL;
b09333c4 2671 }
e8a79fb1
BF		 2672 gen_clid(clp, nn);
2673 kref_init(&clp->cl_nfsdfs.cl_ref);
0162ac2b 2674 nfsd4_init_cb(&clp->cl_cb_null, clp, NULL, NFSPROC4_CLNT_CB_NULL);
20b7d86f 2675 clp->cl_time = ktime_get_boottime_seconds();
b09333c4 2676 clear_bit(0, &clp->cl_cb_slot_busy);
b09333c4 2677 copy_verf(clp, verf);
3bade247 2678 memcpy(&clp->cl_addr, sa, sizeof(struct sockaddr_storage));
edd76786 2679 clp->cl_cb_session = NULL;
c212cecf 2680 clp->net = net;
e8a79fb1 2681 clp->cl_nfsd_dentry = nfsd_client_mkdir(nn, &clp->cl_nfsdfs,
97ad4031
BF		 2682 clp->cl_clientid.cl_id - nn->clientid_base,
2683 client_files);
e8a79fb1
BF		 2684 if (!clp->cl_nfsd_dentry) {
2685 free_client(clp);
2686 return NULL;
2687 }
b09333c4
RL		 2688 return clp;
2689}
2690
fd39ca9a 2691static void
ac55fdc4
JL		 2692add_clp_to_name_tree(struct nfs4_client *new_clp, struct rb_root *root)
2693{
2694 struct rb_node **new = &(root->rb_node), *parent = NULL;
2695 struct nfs4_client *clp;
2696
2697 while (*new) {
2698 clp = rb_entry(*new, struct nfs4_client, cl_namenode);
2699 parent = *new;
2700
2701 if (compare_blob(&clp->cl_name, &new_clp->cl_name) > 0)
2702 new = &((*new)->rb_left);
2703 else
2704 new = &((*new)->rb_right);
2705 }
2706
2707 rb_link_node(&new_clp->cl_namenode, parent, new);
2708 rb_insert_color(&new_clp->cl_namenode, root);
2709}
2710
2711static struct nfs4_client *
2712find_clp_in_name_tree(struct xdr_netobj *name, struct rb_root *root)
2713{
ef17af2a 2714 int cmp;
ac55fdc4
JL		 2715 struct rb_node *node = root->rb_node;
2716 struct nfs4_client *clp;
2717
2718 while (node) {
2719 clp = rb_entry(node, struct nfs4_client, cl_namenode);
2720 cmp = compare_blob(&clp->cl_name, name);
2721 if (cmp > 0)
2722 node = node->rb_left;
2723 else if (cmp < 0)
2724 node = node->rb_right;
2725 else
2726 return clp;
2727 }
2728 return NULL;
2729}
2730
2731static void
2732add_to_unconfirmed(struct nfs4_client *clp)
1da177e4
LT		 2733{
2734 unsigned int idhashval;
0a7ec377 2735 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 2736
0a880a28
TM		 2737 lockdep_assert_held(&nn->client_lock);
2738
ac55fdc4 2739 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
a99454aa 2740 add_clp_to_name_tree(clp, &nn->unconf_name_tree);
1da177e4 2741 idhashval = clientid_hashval(clp->cl_clientid.cl_id);
0a7ec377 2742 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]);
3dbacee6 2743 renew_client_locked(clp);
1da177e4
LT		 2744}
2745
fd39ca9a 2746static void
1da177e4
LT		 2747move_to_confirmed(struct nfs4_client *clp)
2748{
2749 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
8daae4dc 2750 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id);
1da177e4 2751
0a880a28
TM		 2752 lockdep_assert_held(&nn->client_lock);
2753
1da177e4 2754 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
8daae4dc 2755 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]);
a99454aa 2756 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree);
382a62e7 2757 add_clp_to_name_tree(clp, &nn->conf_name_tree);
ac55fdc4 2758 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags);
3dbacee6 2759 renew_client_locked(clp);
1da177e4
LT		 2760}
2761
2762static struct nfs4_client *
bfa85e83 2763find_client_in_id_table(struct list_head *tbl, clientid_t *clid, bool sessions)
1da177e4
LT		 2764{
2765 struct nfs4_client *clp;
2766 unsigned int idhashval = clientid_hashval(clid->cl_id);
2767
bfa85e83 2768 list_for_each_entry(clp, &tbl[idhashval], cl_idhash) {
a50d2ad1 2769 if (same_clid(&clp->cl_clientid, clid)) {
d15c077e
BF		 2770 if ((bool)clp->cl_minorversion != sessions)
2771 return NULL;
3dbacee6 2772 renew_client_locked(clp);
1da177e4 2773 return clp;
a50d2ad1 2774 }
1da177e4
LT		 2775 }
2776 return NULL;
2777}
2778
bfa85e83
BF		 2779static struct nfs4_client *
2780find_confirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
2781{
2782 struct list_head *tbl = nn->conf_id_hashtbl;
2783
0a880a28 2784 lockdep_assert_held(&nn->client_lock);
bfa85e83
BF		 2785 return find_client_in_id_table(tbl, clid, sessions);
2786}
2787
1da177e4 2788static struct nfs4_client *
0a7ec377 2789find_unconfirmed_client(clientid_t *clid, bool sessions, struct nfsd_net *nn)
1da177e4 2790{
bfa85e83 2791 struct list_head *tbl = nn->unconf_id_hashtbl;
1da177e4 2792
0a880a28 2793 lockdep_assert_held(&nn->client_lock);
bfa85e83 2794 return find_client_in_id_table(tbl, clid, sessions);
1da177e4
LT		 2795}
2796
6e5f15c9 2797static bool clp_used_exchangeid(struct nfs4_client *clp)
a1bcecd2 2798{
6e5f15c9 2799 return clp->cl_exchange_flags != 0;
e203d506 2800}
a1bcecd2 2801
28ce6054 2802static struct nfs4_client *
382a62e7 2803find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 2804{
0a880a28 2805 lockdep_assert_held(&nn->client_lock);
382a62e7 2806 return find_clp_in_name_tree(name, &nn->conf_name_tree);
28ce6054
N		 2807}
2808
2809static struct nfs4_client *
a99454aa 2810find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn)
28ce6054 2811{
0a880a28 2812 lockdep_assert_held(&nn->client_lock);
a99454aa 2813 return find_clp_in_name_tree(name, &nn->unconf_name_tree);
28ce6054
N		 2814}
2815
fd39ca9a 2816static void
6f3d772f 2817gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1da177e4 2818{
07263f1e 2819 struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
6f3d772f
TU		 2820 struct sockaddr *sa = svc_addr(rqstp);
2821 u32 scopeid = rpc_get_scope_id(sa);
7077ecba
JL		 2822 unsigned short expected_family;
2823
2824 /* Currently, we only support tcp and tcp6 for the callback channel */
2825 if (se->se_callback_netid_len == 3 &&
2826 !memcmp(se->se_callback_netid_val, "tcp", 3))
2827 expected_family = AF_INET;
2828 else if (se->se_callback_netid_len == 4 &&
2829 !memcmp(se->se_callback_netid_val, "tcp6", 4))
2830 expected_family = AF_INET6;
2831 else
1da177e4
LT		 2832 goto out_err;
2833
c212cecf 2834 conn->cb_addrlen = rpc_uaddr2sockaddr(clp->net, se->se_callback_addr_val,
aa9a4ec7 2835 se->se_callback_addr_len,
07263f1e
BF		 2836 (struct sockaddr *)&conn->cb_addr,
2837 sizeof(conn->cb_addr));
aa9a4ec7 2838
07263f1e 2839 if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1da177e4 2840 goto out_err;
aa9a4ec7 2841
07263f1e
BF		 2842 if (conn->cb_addr.ss_family == AF_INET6)
2843 ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
fbf4665f 2844
07263f1e
BF		 2845 conn->cb_prog = se->se_callback_prog;
2846 conn->cb_ident = se->se_callback_ident;
849a1cf1 2847 memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1da177e4
LT		 2848 return;
2849out_err:
07263f1e
BF		 2850 conn->cb_addr.ss_family = AF_UNSPEC;
2851 conn->cb_addrlen = 0;
4ab495bf 2852 dprintk("NFSD: this client (clientid %08x/%08x) "
1da177e4
LT		 2853 "will not receive delegations\n",
2854 clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
2855
1da177e4
LT		 2856 return;
2857}
2858
074fe897 2859/*
067e1ace 2860 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size.
074fe897 2861 */
b607664e 2862static void
074fe897 2863nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
074fe897 2864{
f5236013 2865 struct xdr_buf *buf = resp->xdr.buf;
557ce264
AA		 2866 struct nfsd4_slot *slot = resp->cstate.slot;
2867 unsigned int base;
074fe897 2868
557ce264 2869 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 2870
085def3a 2871 slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
557ce264
AA		 2872 slot->sl_opcnt = resp->opcnt;
2873 slot->sl_status = resp->cstate.status;
53da6a53
BF		 2874 free_svc_cred(&slot->sl_cred);
2875 copy_cred(&slot->sl_cred, &resp->rqstp->rq_cred);
074fe897 2876
085def3a
BF		 2877 if (!nfsd4_cache_this(resp)) {
2878 slot->sl_flags &= ~NFSD4_SLOT_CACHED;
bf864a31 2879 return;
074fe897 2880 }
085def3a
BF		 2881 slot->sl_flags |= NFSD4_SLOT_CACHED;
2882
f5236013
BF		 2883 base = resp->cstate.data_offset;
2884 slot->sl_datalen = buf->len - base;
2885 if (read_bytes_from_xdr_buf(buf, base, slot->sl_data, slot->sl_datalen))
d3f03403
DC		 2886 WARN(1, "%s: sessions DRC could not cache compound\n",
2887 __func__);
557ce264 2888 return;
074fe897
AA		 2889}
2890
2891/*
abfabf8c
AA		 2892 * Encode the replay sequence operation from the slot values.
2893 * If cachethis is FALSE encode the uncached rep error on the next
2894 * operation which sets resp->p and increments resp->opcnt for
2895 * nfs4svc_encode_compoundres.
074fe897 2896 *
074fe897 2897 */
abfabf8c
AA		 2898static __be32
2899nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
2900 struct nfsd4_compoundres *resp)
074fe897 2901{
abfabf8c
AA		 2902 struct nfsd4_op *op;
2903 struct nfsd4_slot *slot = resp->cstate.slot;
bf864a31 2904
abfabf8c
AA		 2905 /* Encode the replayed sequence operation */
2906 op = &args->ops[resp->opcnt - 1];
2907 nfsd4_encode_operation(resp, op);
bf864a31 2908
085def3a
BF		 2909 if (slot->sl_flags & NFSD4_SLOT_CACHED)
2910 return op->status;
2911 if (args->opcnt == 1) {
2912 /*
2913 * The original operation wasn't a solo sequence--we
2914 * always cache those--so this retry must not match the
2915 * original:
2916 */
2917 op->status = nfserr_seq_false_retry;
2918 } else {
abfabf8c
AA		 2919 op = &args->ops[resp->opcnt++];
2920 op->status = nfserr_retry_uncached_rep;
2921 nfsd4_encode_operation(resp, op);
074fe897 2922 }
abfabf8c 2923 return op->status;
074fe897
AA		 2924}
2925
2926/*
557ce264
AA		 2927 * The sequence operation is not cached because we can use the slot and
2928 * session values.
074fe897 2929 */
3ca2eb98 2930static __be32
bf864a31
AA		 2931nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
2932 struct nfsd4_sequence *seq)
074fe897 2933{
557ce264 2934 struct nfsd4_slot *slot = resp->cstate.slot;
f5236013
BF		 2935 struct xdr_stream *xdr = &resp->xdr;
2936 __be32 *p;
074fe897
AA		 2937 __be32 status;
2938
557ce264 2939 dprintk("--> %s slot %p\n", __func__, slot);
074fe897 2940
abfabf8c 2941 status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
0da7b19c 2942 if (status)
abfabf8c 2943 return status;
074fe897 2944
f5236013
BF		 2945 p = xdr_reserve_space(xdr, slot->sl_datalen);
2946 if (!p) {
2947 WARN_ON_ONCE(1);
2948 return nfserr_serverfault;
2949 }
2950 xdr_encode_opaque_fixed(p, slot->sl_data, slot->sl_datalen);
2951 xdr_commit_encode(xdr);
074fe897 2952
557ce264 2953 resp->opcnt = slot->sl_opcnt;
f5236013 2954 return slot->sl_status;
074fe897
AA		 2955}
2956
0733d213
AA		 2957/*
2958 * Set the exchange_id flags returned by the server.
2959 */
2960static void
2961nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
2962{
9cf514cc
CH		 2963#ifdef CONFIG_NFSD_PNFS
2964 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_PNFS_MDS;
2965#else
0733d213 2966 new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
9cf514cc 2967#endif
0733d213
AA		 2968
2969 /* Referrals are supported, Migration is not. */
2970 new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
2971
2972 /* set the wire flags to return to client. */
2973 clid->flags = new->cl_exchange_flags;
2974}
2975
4eaea134
BF		 2976static bool client_has_openowners(struct nfs4_client *clp)
2977{
2978 struct nfs4_openowner *oo;
2979
2980 list_for_each_entry(oo, &clp->cl_openowners, oo_perclient) {
2981 if (!list_empty(&oo->oo_owner.so_stateids))
2982 return true;
2983 }
2984 return false;
2985}
2986
631fc9ea
BF		 2987static bool client_has_state(struct nfs4_client *clp)
2988{
4eaea134 2989 return client_has_openowners(clp)
47e970be
KM		 2990#ifdef CONFIG_NFSD_PNFS
2991 || !list_empty(&clp->cl_lo_states)
2992#endif
6eccece9 2993 || !list_empty(&clp->cl_delegations)
e0639dc5
OK		 2994 || !list_empty(&clp->cl_sessions)
2995 || !list_empty(&clp->async_copies);
631fc9ea
BF		 2996}
2997
79123444
BF		 2998static __be32 copy_impl_id(struct nfs4_client *clp,
2999 struct nfsd4_exchange_id *exid)
3000{
3001 if (!exid->nii_domain.data)
3002 return 0;
3003 xdr_netobj_dup(&clp->cl_nii_domain, &exid->nii_domain, GFP_KERNEL);
3004 if (!clp->cl_nii_domain.data)
3005 return nfserr_jukebox;
3006 xdr_netobj_dup(&clp->cl_nii_name, &exid->nii_name, GFP_KERNEL);
3007 if (!clp->cl_nii_name.data)
3008 return nfserr_jukebox;
e29f4703 3009 clp->cl_nii_time = exid->nii_time;
79123444
BF		 3010 return 0;
3011}
3012
069b6ad4 3013__be32
eb69853d
CH		 3014nfsd4_exchange_id(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3015 union nfsd4_op_u *u)
069b6ad4 3016{
eb69853d 3017 struct nfsd4_exchange_id *exid = &u->exchange_id;
3dbacee6
TM		 3018 struct nfs4_client *conf, *new;
3019 struct nfs4_client *unconf = NULL;
57b7b43b 3020 __be32 status;
363168b4 3021 char addr_str[INET6_ADDRSTRLEN];
0733d213 3022 nfs4_verifier verf = exid->verifier;
363168b4 3023 struct sockaddr *sa = svc_addr(rqstp);
83e08fd4 3024 bool update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
c212cecf 3025 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0733d213 3026
363168b4 3027 rpc_ntop(sa, addr_str, sizeof(addr_str));
0733d213 3028 dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
363168b4 3029 "ip_addr=%s flags %x, spa_how %d\n",
0733d213 3030 __func__, rqstp, exid, exid->clname.len, exid->clname.data,
363168b4 3031 addr_str, exid->flags, exid->spa_how);
0733d213 3032
a084daf5 3033 if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
0733d213
AA		 3034 return nfserr_inval;
3035
50c7b948
BF		 3036 new = create_client(exid->clname, rqstp, &verf);
3037 if (new == NULL)
3038 return nfserr_jukebox;
79123444
BF		 3039 status = copy_impl_id(new, exid);
3040 if (status)
3041 goto out_nolock;
50c7b948 3042
0733d213 3043 switch (exid->spa_how) {
57266a6e 3044 case SP4_MACH_CRED:
ed941643
AE		 3045 exid->spo_must_enforce[0] = 0;
3046 exid->spo_must_enforce[1] = (
3047 1 << (OP_BIND_CONN_TO_SESSION - 32) |
3048 1 << (OP_EXCHANGE_ID - 32) |
3049 1 << (OP_CREATE_SESSION - 32) |
3050 1 << (OP_DESTROY_SESSION - 32) |
3051 1 << (OP_DESTROY_CLIENTID - 32));
3052
3053 exid->spo_must_allow[0] &= (1 << (OP_CLOSE) |
3054 1 << (OP_OPEN_DOWNGRADE) |
3055 1 << (OP_LOCKU) |
3056 1 << (OP_DELEGRETURN));
3057
3058 exid->spo_must_allow[1] &= (
3059 1 << (OP_TEST_STATEID - 32) |
3060 1 << (OP_FREE_STATEID - 32));
50c7b948
BF		 3061 if (!svc_rqst_integrity_protected(rqstp)) {
3062 status = nfserr_inval;
3063 goto out_nolock;
920dd9bb
BF		 3064 }
3065 /*
3066 * Sometimes userspace doesn't give us a principal.
3067 * Which is a bug, really. Anyway, we can't enforce
3068 * MACH_CRED in that case, better to give up now:
3069 */
414ca017
BF		 3070 if (!new->cl_cred.cr_principal &&
3071 !new->cl_cred.cr_raw_principal) {
920dd9bb
BF		 3072 status = nfserr_serverfault;
3073 goto out_nolock;
50c7b948
BF		 3074 }
3075 new->cl_mach_cred = true;
0733d213
AA		 3076 case SP4_NONE:
3077 break;
063b0fb9
BF		 3078 default: /* checked by xdr code */
3079 WARN_ON_ONCE(1);
0a4c9265 3080 /* fall through */
0733d213 3081 case SP4_SSV:
8edf4b02
KM		 3082 status = nfserr_encr_alg_unsupp;
3083 goto out_nolock;
0733d213
AA		 3084 }
3085
2dbb269d 3086 /* Cases below refer to rfc 5661 section 18.35.4: */
3dbacee6 3087 spin_lock(&nn->client_lock);
382a62e7 3088 conf = find_confirmed_client_by_name(&exid->clname, nn);
0733d213 3089 if (conf) {
83e08fd4
BF		 3090 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
3091 bool verfs_match = same_verf(&verf, &conf->cl_verifier);
3092
136e658d
BF		 3093 if (update) {
3094 if (!clp_used_exchangeid(conf)) { /* buggy client */
2dbb269d 3095 status = nfserr_inval;
1a308118
BF		 3096 goto out;
3097 }
dedeb13f 3098 if (!nfsd4_mach_creds_match(conf, rqstp)) {
57266a6e
BF		 3099 status = nfserr_wrong_cred;
3100 goto out;
3101 }
136e658d 3102 if (!creds_match) { /* case 9 */
ea236d07 3103 status = nfserr_perm;
136e658d
BF		 3104 goto out;
3105 }
3106 if (!verfs_match) { /* case 8 */
0733d213
AA		 3107 status = nfserr_not_same;
3108 goto out;
3109 }
136e658d
BF		 3110 /* case 6 */
3111 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d 3112 goto out_copy;
0733d213 3113 }
136e658d 3114 if (!creds_match) { /* case 3 */
631fc9ea
BF		 3115 if (client_has_state(conf)) {
3116 status = nfserr_clid_inuse;
0733d213
AA		 3117 goto out;
3118 }
0733d213
AA		 3119 goto out_new;
3120 }
136e658d 3121 if (verfs_match) { /* case 2 */
0f1ba0ef 3122 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
136e658d
BF		 3123 goto out_copy;
3124 }
3125 /* case 5, client reboot */
3dbacee6 3126 conf = NULL;
136e658d 3127 goto out_new;
6ddbbbfe
MS		 3128 }
3129
2dbb269d 3130 if (update) { /* case 7 */
6ddbbbfe
MS		 3131 status = nfserr_noent;
3132 goto out;
0733d213
AA		 3133 }
3134
a99454aa 3135 unconf = find_unconfirmed_client_by_name(&exid->clname, nn);
2dbb269d 3136 if (unconf) /* case 4, possible retry or client restart */
3dbacee6 3137 unhash_client_locked(unconf);
0733d213 3138
2dbb269d 3139 /* case 1 (normal case) */
0733d213 3140out_new:
fd699b8a
JL		 3141 if (conf) {
3142 status = mark_client_expired_locked(conf);
3143 if (status)
3144 goto out;
3145 }
4f540e29 3146 new->cl_minorversion = cstate->minorversion;
ed941643
AE		 3147 new->cl_spo_must_allow.u.words[0] = exid->spo_must_allow[0];
3148 new->cl_spo_must_allow.u.words[1] = exid->spo_must_allow[1];
0733d213 3149
ac55fdc4 3150 add_to_unconfirmed(new);
3dbacee6 3151 swap(new, conf);
0733d213 3152out_copy:
5cc40fd7
TM		 3153 exid->clientid.cl_boot = conf->cl_clientid.cl_boot;
3154 exid->clientid.cl_id = conf->cl_clientid.cl_id;
0733d213 3155
5cc40fd7
TM		 3156 exid->seqid = conf->cl_cs_slot.sl_seqid + 1;
3157 nfsd4_set_ex_flags(conf, exid);
0733d213
AA		 3158
3159 dprintk("nfsd4_exchange_id seqid %d flags %x\n",
5cc40fd7 3160 conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags);
0733d213
AA		 3161 status = nfs_ok;
3162
3163out:
3dbacee6 3164 spin_unlock(&nn->client_lock);
50c7b948 3165out_nolock:
5cc40fd7 3166 if (new)
3dbacee6
TM		 3167 expire_client(new);
3168 if (unconf)
3169 expire_client(unconf);
0733d213 3170 return status;
069b6ad4
AA		 3171}
3172
57b7b43b 3173static __be32
88e588d5 3174check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
b85d4c01 3175{
88e588d5
AA		 3176 dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
3177 slot_seqid);
b85d4c01
BH		 3178
3179 /* The slot is in use, and no response has been sent. */
88e588d5
AA		 3180 if (slot_inuse) {
3181 if (seqid == slot_seqid)
b85d4c01
BH		 3182 return nfserr_jukebox;
3183 else
3184 return nfserr_seq_misordered;
3185 }
f6d82485 3186 /* Note unsigned 32-bit arithmetic handles wraparound: */
88e588d5 3187 if (likely(seqid == slot_seqid + 1))
b85d4c01 3188 return nfs_ok;
88e588d5 3189 if (seqid == slot_seqid)
b85d4c01 3190 return nfserr_replay_cache;
b85d4c01
BH		 3191 return nfserr_seq_misordered;
3192}
3193
49557cc7
AA		 3194/*
3195 * Cache the create session result into the create session single DRC
3196 * slot cache by saving the xdr structure. sl_seqid has been set.
3197 * Do this for solo or embedded create session operations.
3198 */
3199static void
3200nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
57b7b43b 3201 struct nfsd4_clid_slot *slot, __be32 nfserr)
49557cc7
AA		 3202{
3203 slot->sl_status = nfserr;
3204 memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
3205}
3206
3207static __be32
3208nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
3209 struct nfsd4_clid_slot *slot)
3210{
3211 memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
3212 return slot->sl_status;
3213}
3214
1b74c25b
MJ		 3215#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
3216 2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
3217 1 + /* MIN tag is length with zero, only length */ \
3218 3 + /* version, opcount, opcode */ \
3219 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
3220 /* seqid, slotID, slotID, cache */ \
3221 4 ) * sizeof(__be32))
3222
3223#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
3224 2 + /* verifier: AUTH_NULL, length 0 */\
3225 1 + /* status */ \
3226 1 + /* MIN tag is length with zero, only length */ \
3227 3 + /* opcount, opcode, opstatus*/ \
3228 XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
3229 /* seqid, slotID, slotID, slotID, status */ \
3230 5 ) * sizeof(__be32))
3231
55c760cf 3232static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfsd_net *nn)
1b74c25b 3233{
55c760cf
BF		 3234 u32 maxrpc = nn->nfsd_serv->sv_max_mesg;
3235
373cd409
BF		 3236 if (ca->maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ)
3237 return nfserr_toosmall;
3238 if (ca->maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ)
3239 return nfserr_toosmall;
55c760cf
BF		 3240 ca->headerpadsz = 0;
3241 ca->maxreq_sz = min_t(u32, ca->maxreq_sz, maxrpc);
3242 ca->maxresp_sz = min_t(u32, ca->maxresp_sz, maxrpc);
3243 ca->maxops = min_t(u32, ca->maxops, NFSD_MAX_OPS_PER_COMPOUND);
3244 ca->maxresp_cached = min_t(u32, ca->maxresp_cached,
3245 NFSD_SLOT_CACHE_SIZE + NFSD_MIN_HDR_SEQ_SZ);
3246 ca->maxreqs = min_t(u32, ca->maxreqs, NFSD_MAX_SLOTS_PER_SESSION);
3247 /*
3248 * Note decreasing slot size below client's request may make it
3249 * difficult for client to function correctly, whereas
3250 * decreasing the number of slots will (just?) affect
3251 * performance. When short on memory we therefore prefer to
3252 * decrease number of slots instead of their size. Clients that
3253 * request larger slots than they need will get poor results:
7f49fd5d
N		 3254 * Note that we always allow at least one slot, because our
3255 * accounting is soft and provides no guarantees either way.
55c760cf 3256 */
2030ca56 3257 ca->maxreqs = nfsd4_get_drc_mem(ca, nn);
55c760cf 3258
373cd409 3259 return nfs_ok;
1b74c25b
MJ		 3260}
3261
4500632f
CL		 3262/*
3263 * Server's NFSv4.1 backchannel support is AUTH_SYS-only for now.
3264 * These are based on similar macros in linux/sunrpc/msg_prot.h .
3265 */
3266#define RPC_MAX_HEADER_WITH_AUTH_SYS \
3267 (RPC_CALLHDRSIZE + 2 * (2 + UNX_CALLSLACK))
3268
3269#define RPC_MAX_REPHEADER_WITH_AUTH_SYS \
3270 (RPC_REPHDRSIZE + (2 + NUL_REPLYSLACK))
3271
8a891633 3272#define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
4500632f 3273 RPC_MAX_HEADER_WITH_AUTH_SYS) * sizeof(__be32))
8a891633 3274#define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
4500632f
CL		 3275 RPC_MAX_REPHEADER_WITH_AUTH_SYS) * \
3276 sizeof(__be32))
8a891633 3277
06b332a5 3278static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
1b74c25b 3279{
06b332a5
BF		 3280 ca->headerpadsz = 0;
3281
8a891633 3282 if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
06b332a5 3283 return nfserr_toosmall;
8a891633 3284 if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
06b332a5
BF		 3285 return nfserr_toosmall;
3286 ca->maxresp_cached = 0;
3287 if (ca->maxops < 2)
3288 return nfserr_toosmall;
3289
3290 return nfs_ok;
1b74c25b
MJ		 3291}
3292
b78724b7
BF		 3293static __be32 nfsd4_check_cb_sec(struct nfsd4_cb_sec *cbs)
3294{
3295 switch (cbs->flavor) {
3296 case RPC_AUTH_NULL:
3297 case RPC_AUTH_UNIX:
3298 return nfs_ok;
3299 default:
3300 /*
3301 * GSS case: the spec doesn't allow us to return this
3302 * error. But it also doesn't allow us not to support
3303 * GSS.
3304 * I'd rather this fail hard than return some error the
3305 * client might think it can already handle:
3306 */
3307 return nfserr_encr_alg_unsupp;
3308 }
3309}
3310
069b6ad4
AA		 3311__be32
3312nfsd4_create_session(struct svc_rqst *rqstp,
eb69853d 3313 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u)
069b6ad4 3314{
eb69853d 3315 struct nfsd4_create_session *cr_ses = &u->create_session;
363168b4 3316 struct sockaddr *sa = svc_addr(rqstp);
ec6b5d7b 3317 struct nfs4_client *conf, *unconf;
d20c11d8 3318 struct nfs4_client *old = NULL;
ac7c46f2 3319 struct nfsd4_session *new;
81f0b2a4 3320 struct nfsd4_conn *conn;
49557cc7 3321 struct nfsd4_clid_slot *cs_slot = NULL;
57b7b43b 3322 __be32 status = 0;
8daae4dc 3323 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
ec6b5d7b 3324
a62573dc
MJ		 3325 if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
3326 return nfserr_inval;
b78724b7
BF		 3327 status = nfsd4_check_cb_sec(&cr_ses->cb_sec);
3328 if (status)
3329 return status;
55c760cf 3330 status = check_forechannel_attrs(&cr_ses->fore_channel, nn);
06b332a5
BF		 3331 if (status)
3332 return status;
3333 status = check_backchannel_attrs(&cr_ses->back_channel);
373cd409 3334 if (status)
f403e450 3335 goto out_release_drc_mem;
81f0b2a4 3336 status = nfserr_jukebox;
60810e54 3337 new = alloc_session(&cr_ses->fore_channel, &cr_ses->back_channel);
55c760cf
BF		 3338 if (!new)
3339 goto out_release_drc_mem;
81f0b2a4
BF		 3340 conn = alloc_conn_from_crses(rqstp, cr_ses);
3341 if (!conn)
3342 goto out_free_session;
a62573dc 3343
d20c11d8 3344 spin_lock(&nn->client_lock);
0a7ec377 3345 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn);
8daae4dc 3346 conf = find_confirmed_client(&cr_ses->clientid, true, nn);
78389046 3347 WARN_ON_ONCE(conf && unconf);
ec6b5d7b
AA		 3348
3349 if (conf) {
57266a6e 3350 status = nfserr_wrong_cred;
dedeb13f 3351 if (!nfsd4_mach_creds_match(conf, rqstp))
57266a6e 3352 goto out_free_conn;
49557cc7
AA		 3353 cs_slot = &conf->cl_cs_slot;
3354 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
f5e22bb6
KM		 3355 if (status) {
3356 if (status == nfserr_replay_cache)
3357 status = nfsd4_replay_create_session(cr_ses, cs_slot);
81f0b2a4 3358 goto out_free_conn;
ec6b5d7b 3359 }
ec6b5d7b
AA		 3360 } else if (unconf) {
3361 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
363168b4 3362 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
ec6b5d7b 3363 status = nfserr_clid_inuse;
81f0b2a4 3364 goto out_free_conn;
ec6b5d7b 3365 }
57266a6e 3366 status = nfserr_wrong_cred;
dedeb13f 3367 if (!nfsd4_mach_creds_match(unconf, rqstp))
57266a6e 3368 goto out_free_conn;
49557cc7
AA		 3369 cs_slot = &unconf->cl_cs_slot;
3370 status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
38eb76a5
AA		 3371 if (status) {
3372 /* an unconfirmed replay returns misordered */
ec6b5d7b 3373 status = nfserr_seq_misordered;
81f0b2a4 3374 goto out_free_conn;
ec6b5d7b 3375 }
382a62e7 3376 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
221a6876 3377 if (old) {
d20c11d8 3378 status = mark_client_expired_locked(old);
7abea1e8
JL		 3379 if (status) {
3380 old = NULL;
221a6876 3381 goto out_free_conn;
7abea1e8 3382 }
221a6876 3383 }
8f9d3d3b 3384 move_to_confirmed(unconf);
ec6b5d7b
AA		 3385 conf = unconf;
3386 } else {
3387 status = nfserr_stale_clientid;
81f0b2a4 3388 goto out_free_conn;
ec6b5d7b 3389 }
81f0b2a4 3390 status = nfs_ok;
4ce85c8c 3391 /* Persistent sessions are not supported */
408b79bc 3392 cr_ses->flags &= ~SESSION4_PERSIST;
4ce85c8c 3393 /* Upshifting from TCP to RDMA is not supported */
408b79bc
BF		 3394 cr_ses->flags &= ~SESSION4_RDMA;
3395
81f0b2a4 3396 init_session(rqstp, new, conf, cr_ses);
d20c11d8 3397 nfsd4_get_session_locked(new);
81f0b2a4 3398
ac7c46f2 3399 memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
ec6b5d7b 3400 NFS4_MAX_SESSIONID_LEN);
86c3e16c 3401 cs_slot->sl_seqid++;
49557cc7 3402 cr_ses->seqid = cs_slot->sl_seqid;
ec6b5d7b 3403
d20c11d8 3404 /* cache solo and embedded create sessions under the client_lock */
49557cc7 3405 nfsd4_cache_create_session(cr_ses, cs_slot, status);
d20c11d8
JL		 3406 spin_unlock(&nn->client_lock);
3407 /* init connection and backchannel */
3408 nfsd4_init_conn(rqstp, conn, new);
3409 nfsd4_put_session(new);
d20c11d8
JL		 3410 if (old)
3411 expire_client(old);
ec6b5d7b 3412 return status;
81f0b2a4 3413out_free_conn:
d20c11d8 3414 spin_unlock(&nn->client_lock);
81f0b2a4 3415 free_conn(conn);
d20c11d8
JL		 3416 if (old)
3417 expire_client(old);
81f0b2a4
BF		 3418out_free_session:
3419 __free_session(new);
55c760cf
BF		 3420out_release_drc_mem:
3421 nfsd4_put_drc_mem(&cr_ses->fore_channel);
1ca50792 3422 return status;
069b6ad4
AA		 3423}
3424
1d1bc8f2
BF		 3425static __be32 nfsd4_map_bcts_dir(u32 *dir)
3426{
3427 switch (*dir) {
3428 case NFS4_CDFC4_FORE:
3429 case NFS4_CDFC4_BACK:
3430 return nfs_ok;
3431 case NFS4_CDFC4_FORE_OR_BOTH:
3432 case NFS4_CDFC4_BACK_OR_BOTH:
3433 *dir = NFS4_CDFC4_BOTH;
3434 return nfs_ok;
fc5fc5d7 3435 }
1d1bc8f2
BF		 3436 return nfserr_inval;
3437}
3438
eb69853d
CH		 3439__be32 nfsd4_backchannel_ctl(struct svc_rqst *rqstp,
3440 struct nfsd4_compound_state *cstate,
3441 union nfsd4_op_u *u)
cb73a9f4 3442{
eb69853d 3443 struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl;
cb73a9f4 3444 struct nfsd4_session *session = cstate->session;
c9a49628 3445 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
b78724b7 3446 __be32 status;
cb73a9f4 3447
b78724b7
BF		 3448 status = nfsd4_check_cb_sec(&bc->bc_cb_sec);
3449 if (status)
3450 return status;
c9a49628 3451 spin_lock(&nn->client_lock);
cb73a9f4
BF		 3452 session->se_cb_prog = bc->bc_cb_program;
3453 session->se_cb_sec = bc->bc_cb_sec;
c9a49628 3454 spin_unlock(&nn->client_lock);
cb73a9f4
BF		 3455
3456 nfsd4_probe_callback(session->se_client);
3457
3458 return nfs_ok;
3459}
3460
1d1bc8f2
BF		 3461__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
3462 struct nfsd4_compound_state *cstate,
eb69853d 3463 union nfsd4_op_u *u)
1d1bc8f2 3464{
eb69853d 3465 struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session;
1d1bc8f2 3466 __be32 status;
3ba63671 3467 struct nfsd4_conn *conn;
4f6e6c17 3468 struct nfsd4_session *session;
d4e19e70
TM		 3469 struct net *net = SVC_NET(rqstp);
3470 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1d1bc8f2
BF		 3471
3472 if (!nfsd4_last_compound_op(rqstp))
3473 return nfserr_not_only_op;
c9a49628 3474 spin_lock(&nn->client_lock);
d4e19e70 3475 session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status);
c9a49628 3476 spin_unlock(&nn->client_lock);
4f6e6c17 3477 if (!session)
d4e19e70 3478 goto out_no_session;
57266a6e 3479 status = nfserr_wrong_cred;
dedeb13f 3480 if (!nfsd4_mach_creds_match(session->se_client, rqstp))
57266a6e 3481 goto out;
1d1bc8f2 3482 status = nfsd4_map_bcts_dir(&bcts->dir);
3ba63671 3483 if (status)
4f6e6c17 3484 goto out;
3ba63671 3485 conn = alloc_conn(rqstp, bcts->dir);
4f6e6c17 3486 status = nfserr_jukebox;
3ba63671 3487 if (!conn)
4f6e6c17
BF		 3488 goto out;
3489 nfsd4_init_conn(rqstp, conn, session);
3490 status = nfs_ok;
3491out:
d4e19e70
TM		 3492 nfsd4_put_session(session);
3493out_no_session:
4f6e6c17 3494 return status;
1d1bc8f2
BF		 3495}
3496
665d5072 3497static bool nfsd4_compound_in_session(struct nfsd4_compound_state *cstate, struct nfs4_sessionid *sid)
5d4cec2f 3498{
665d5072 3499 if (!cstate->session)
51d87bc2 3500 return false;
665d5072 3501 return !memcmp(sid, &cstate->session->se_sessionid, sizeof(*sid));
5d4cec2f
BF		 3502}
3503
069b6ad4 3504__be32
eb69853d
CH		 3505nfsd4_destroy_session(struct svc_rqst *r, struct nfsd4_compound_state *cstate,
3506 union nfsd4_op_u *u)
069b6ad4 3507{
ca0552f4 3508 struct nfs4_sessionid *sessionid = &u->destroy_session.sessionid;
e10e0cfc 3509 struct nfsd4_session *ses;
abcdff09 3510 __be32 status;
f0f51f5c 3511 int ref_held_by_me = 0;
d4e19e70
TM		 3512 struct net *net = SVC_NET(r);
3513 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
e10e0cfc 3514
abcdff09 3515 status = nfserr_not_only_op;
ca0552f4 3516 if (nfsd4_compound_in_session(cstate, sessionid)) {
57716355 3517 if (!nfsd4_last_compound_op(r))
abcdff09 3518 goto out;
f0f51f5c 3519 ref_held_by_me++;
57716355 3520 }
ca0552f4 3521 dump_sessionid(__func__, sessionid);
c9a49628 3522 spin_lock(&nn->client_lock);
ca0552f4 3523 ses = find_in_sessionid_hashtbl(sessionid, net, &status);
abcdff09
BF		 3524 if (!ses)
3525 goto out_client_lock;
57266a6e 3526 status = nfserr_wrong_cred;
dedeb13f 3527 if (!nfsd4_mach_creds_match(ses->se_client, r))
d4e19e70 3528 goto out_put_session;
f0f51f5c 3529 status = mark_session_dead_locked(ses, 1 + ref_held_by_me);
66b2b9b2 3530 if (status)
f0f51f5c 3531 goto out_put_session;
e10e0cfc 3532 unhash_session(ses);
c9a49628 3533 spin_unlock(&nn->client_lock);
e10e0cfc 3534
84f5f7cc 3535 nfsd4_probe_callback_sync(ses->se_client);
19cf5c02 3536
c9a49628 3537 spin_lock(&nn->client_lock);
e10e0cfc 3538 status = nfs_ok;
f0f51f5c 3539out_put_session:
d4e19e70 3540 nfsd4_put_session_locked(ses);
abcdff09
BF		 3541out_client_lock:
3542 spin_unlock(&nn->client_lock);
e10e0cfc 3543out:
e10e0cfc 3544 return status;
069b6ad4
AA		 3545}
3546
a663bdd8 3547static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
328ead28
BF		 3548{
3549 struct nfsd4_conn *c;
3550
3551 list_for_each_entry(c, &s->se_conns, cn_persession) {
a663bdd8 3552 if (c->cn_xprt == xpt) {
328ead28
BF		 3553 return c;
3554 }
3555 }
3556 return NULL;
3557}
3558
57266a6e 3559static __be32 nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
328ead28
BF		 3560{
3561 struct nfs4_client *clp = ses->se_client;
a663bdd8 3562 struct nfsd4_conn *c;
57266a6e 3563 __be32 status = nfs_ok;
21b75b01 3564 int ret;
328ead28
BF		 3565
3566 spin_lock(&clp->cl_lock);
a663bdd8 3567 c = __nfsd4_find_conn(new->cn_xprt, ses);
57266a6e
BF		 3568 if (c)
3569 goto out_free;
3570 status = nfserr_conn_not_bound_to_session;
3571 if (clp->cl_mach_cred)
3572 goto out_free;
328ead28
BF		 3573 __nfsd4_hash_conn(new, ses);
3574 spin_unlock(&clp->cl_lock);
21b75b01
BF		 3575 ret = nfsd4_register_conn(new);
3576 if (ret)
3577 /* oops; xprt is already down: */
3578 nfsd4_conn_lost(&new->cn_xpt_user);
57266a6e
BF		 3579 return nfs_ok;
3580out_free:
3581 spin_unlock(&clp->cl_lock);
3582 free_conn(new);
3583 return status;
328ead28
BF		 3584}
3585
868b89c3
MJ		 3586static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
3587{
3588 struct nfsd4_compoundargs *args = rqstp->rq_argp;
3589
3590 return args->opcnt > session->se_fchannel.maxops;
3591}
3592
ae82a8d0
MJ		 3593static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
3594 struct nfsd4_session *session)
3595{
3596 struct xdr_buf *xb = &rqstp->rq_arg;
3597
3598 return xb->len > session->se_fchannel.maxreq_sz;
3599}
3600
53da6a53
BF		 3601static bool replay_matches_cache(struct svc_rqst *rqstp,
3602 struct nfsd4_sequence *seq, struct nfsd4_slot *slot)
3603{
3604 struct nfsd4_compoundargs *argp = rqstp->rq_argp;
3605
3606 if ((bool)(slot->sl_flags & NFSD4_SLOT_CACHETHIS) !=
3607 (bool)seq->cachethis)
3608 return false;
3609 /*
6e73e92b
SM		 3610 * If there's an error then the reply can have fewer ops than
3611 * the call.
53da6a53 3612 */
6e73e92b
SM		 3613 if (slot->sl_opcnt < argp->opcnt && !slot->sl_status)
3614 return false;
3615 /*
3616 * But if we cached a reply with *more* ops than the call you're
3617 * sending us now, then this new call is clearly not really a
3618 * replay of the old one:
3619 */
3620 if (slot->sl_opcnt > argp->opcnt)
53da6a53
BF		 3621 return false;
3622 /* This is the only check explicitly called by spec: */
3623 if (!same_creds(&rqstp->rq_cred, &slot->sl_cred))
3624 return false;
3625 /*
3626 * There may be more comparisons we could actually do, but the
3627 * spec doesn't require us to catch every case where the calls
3628 * don't match (that would require caching the call as well as
3629 * the reply), so we don't bother.
3630 */
3631 return true;
3632}
3633
069b6ad4 3634__be32
eb69853d
CH		 3635nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3636 union nfsd4_op_u *u)
069b6ad4 3637{
eb69853d 3638 struct nfsd4_sequence *seq = &u->sequence;
f9bb94c4 3639 struct nfsd4_compoundres *resp = rqstp->rq_resp;
47ee5298 3640 struct xdr_stream *xdr = &resp->xdr;
b85d4c01 3641 struct nfsd4_session *session;
221a6876 3642 struct nfs4_client *clp;
b85d4c01 3643 struct nfsd4_slot *slot;
a663bdd8 3644 struct nfsd4_conn *conn;
57b7b43b 3645 __be32 status;
47ee5298 3646 int buflen;
d4e19e70
TM		 3647 struct net *net = SVC_NET(rqstp);
3648 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b85d4c01 3649
f9bb94c4
AA		 3650 if (resp->opcnt != 1)
3651 return nfserr_sequence_pos;
3652
a663bdd8
BF		 3653 /*
3654 * Will be either used or freed by nfsd4_sequence_check_conn
3655 * below.
3656 */
3657 conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
3658 if (!conn)
3659 return nfserr_jukebox;
3660
c9a49628 3661 spin_lock(&nn->client_lock);
d4e19e70 3662 session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status);
b85d4c01 3663 if (!session)
221a6876
BF		 3664 goto out_no_session;
3665 clp = session->se_client;
b85d4c01 3666
868b89c3
MJ		 3667 status = nfserr_too_many_ops;
3668 if (nfsd4_session_too_many_ops(rqstp, session))
66b2b9b2 3669 goto out_put_session;
868b89c3 3670
ae82a8d0
MJ		 3671 status = nfserr_req_too_big;
3672 if (nfsd4_request_too_big(rqstp, session))
66b2b9b2 3673 goto out_put_session;
ae82a8d0 3674
b85d4c01 3675 status = nfserr_badslot;
6c18ba9f 3676 if (seq->slotid >= session->se_fchannel.maxreqs)
66b2b9b2 3677 goto out_put_session;
b85d4c01 3678
557ce264 3679 slot = session->se_slots[seq->slotid];
b85d4c01
BH		 3680 dprintk("%s: slotid %d\n", __func__, seq->slotid);
3681
a8dfdaeb
AA		 3682 /* We do not negotiate the number of slots yet, so set the
3683 * maxslots to the session maxreqs which is used to encode
3684 * sr_highest_slotid and the sr_target_slot id to maxslots */
3685 seq->maxslots = session->se_fchannel.maxreqs;
3686
73e79482
BF		 3687 status = check_slot_seqid(seq->seqid, slot->sl_seqid,
3688 slot->sl_flags & NFSD4_SLOT_INUSE);
b85d4c01 3689 if (status == nfserr_replay_cache) {
bf5c43c8
BF		 3690 status = nfserr_seq_misordered;
3691 if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
66b2b9b2 3692 goto out_put_session;
53da6a53
BF		 3693 status = nfserr_seq_false_retry;
3694 if (!replay_matches_cache(rqstp, seq, slot))
3695 goto out_put_session;
b85d4c01
BH		 3696 cstate->slot = slot;
3697 cstate->session = session;
4b24ca7d 3698 cstate->clp = clp;
da3846a2 3699 /* Return the cached reply status and set cstate->status
557ce264 3700 * for nfsd4_proc_compound processing */
bf864a31 3701 status = nfsd4_replay_cache_entry(resp, seq);
da3846a2 3702 cstate->status = nfserr_replay_cache;
aaf84eb9 3703 goto out;
b85d4c01
BH		 3704 }
3705 if (status)
66b2b9b2 3706 goto out_put_session;
b85d4c01 3707
57266a6e 3708 status = nfsd4_sequence_check_conn(conn, session);
a663bdd8 3709 conn = NULL;
57266a6e
BF		 3710 if (status)
3711 goto out_put_session;
328ead28 3712
47ee5298
BF		 3713 buflen = (seq->cachethis) ?
3714 session->se_fchannel.maxresp_cached :
3715 session->se_fchannel.maxresp_sz;
3716 status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :
3717 nfserr_rep_too_big;
a5cddc88 3718 if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))
47ee5298 3719 goto out_put_session;
32aaa62e 3720 svc_reserve(rqstp, buflen);
47ee5298
BF		 3721
3722 status = nfs_ok;
b85d4c01 3723 /* Success! bump slot seqid */
b85d4c01 3724 slot->sl_seqid = seq->seqid;
bf5c43c8 3725 slot->sl_flags |= NFSD4_SLOT_INUSE;
73e79482
BF		 3726 if (seq->cachethis)
3727 slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
bf5c43c8
BF		 3728 else
3729 slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
b85d4c01
BH		 3730
3731 cstate->slot = slot;
3732 cstate->session = session;
4b24ca7d 3733 cstate->clp = clp;
b85d4c01 3734
b85d4c01 3735out:
221a6876
BF		 3736 switch (clp->cl_cb_state) {
3737 case NFSD4_CB_DOWN:
3738 seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
3739 break;
3740 case NFSD4_CB_FAULT:
3741 seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
3742 break;
3743 default:
3744 seq->status_flags = 0;
aaf84eb9 3745 }
3bd64a5b
BF		 3746 if (!list_empty(&clp->cl_revoked))
3747 seq->status_flags |= SEQ4_STATUS_RECALLABLE_STATE_REVOKED;
221a6876 3748out_no_session:
3f42d2c4
KM		 3749 if (conn)
3750 free_conn(conn);
c9a49628 3751 spin_unlock(&nn->client_lock);
b85d4c01 3752 return status;
66b2b9b2 3753out_put_session:
d4e19e70 3754 nfsd4_put_session_locked(session);
221a6876 3755 goto out_no_session;
069b6ad4
AA		 3756}
3757
b607664e
TM		 3758void
3759nfsd4_sequence_done(struct nfsd4_compoundres *resp)
3760{
3761 struct nfsd4_compound_state *cs = &resp->cstate;
3762
3763 if (nfsd4_has_session(cs)) {
b607664e
TM		 3764 if (cs->status != nfserr_replay_cache) {
3765 nfsd4_store_cache_entry(resp);
3766 cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE;
3767 }
d4e19e70 3768 /* Drop session reference that was taken in nfsd4_sequence() */
b607664e 3769 nfsd4_put_session(cs->session);
4b24ca7d
JL		 3770 } else if (cs->clp)
3771 put_client_renew(cs->clp);
b607664e
TM		 3772}
3773
345c2842 3774__be32
eb69853d
CH		 3775nfsd4_destroy_clientid(struct svc_rqst *rqstp,
3776 struct nfsd4_compound_state *cstate,
3777 union nfsd4_op_u *u)
345c2842 3778{
eb69853d 3779 struct nfsd4_destroy_clientid *dc = &u->destroy_clientid;
6b10ad19
TM		 3780 struct nfs4_client *conf, *unconf;
3781 struct nfs4_client *clp = NULL;
57b7b43b 3782 __be32 status = 0;
8daae4dc 3783 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
345c2842 3784
6b10ad19 3785 spin_lock(&nn->client_lock);
0a7ec377 3786 unconf = find_unconfirmed_client(&dc->clientid, true, nn);
8daae4dc 3787 conf = find_confirmed_client(&dc->clientid, true, nn);
78389046 3788 WARN_ON_ONCE(conf && unconf);
345c2842
MJ		 3789
3790 if (conf) {
c0293b01 3791 if (client_has_state(conf)) {
345c2842
MJ		 3792 status = nfserr_clientid_busy;
3793 goto out;
3794 }
fd699b8a
JL		 3795 status = mark_client_expired_locked(conf);
3796 if (status)
3797 goto out;
6b10ad19 3798 clp = conf;
345c2842
MJ		 3799 } else if (unconf)
3800 clp = unconf;
3801 else {
3802 status = nfserr_stale_clientid;
3803 goto out;
3804 }
dedeb13f 3805 if (!nfsd4_mach_creds_match(clp, rqstp)) {
6b10ad19 3806 clp = NULL;
57266a6e
BF		 3807 status = nfserr_wrong_cred;
3808 goto out;
3809 }
6b10ad19 3810 unhash_client_locked(clp);
345c2842 3811out:
6b10ad19 3812 spin_unlock(&nn->client_lock);
6b10ad19
TM		 3813 if (clp)
3814 expire_client(clp);
345c2842
MJ		 3815 return status;
3816}
3817
4dc6ec00 3818__be32
eb69853d
CH		 3819nfsd4_reclaim_complete(struct svc_rqst *rqstp,
3820 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u)
4dc6ec00 3821{
eb69853d 3822 struct nfsd4_reclaim_complete *rc = &u->reclaim_complete;
57b7b43b 3823 __be32 status = 0;
bcecf1cc 3824
4dc6ec00
BF		 3825 if (rc->rca_one_fs) {
3826 if (!cstate->current_fh.fh_dentry)
3827 return nfserr_nofilehandle;
3828 /*
3829 * We don't take advantage of the rca_one_fs case.
3830 * That's OK, it's optional, we can safely ignore it.
3831 */
d28c442f 3832 return nfs_ok;
4dc6ec00 3833 }
bcecf1cc 3834
bcecf1cc 3835 status = nfserr_complete_already;
a52d726b
JL		 3836 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
3837 &cstate->session->se_client->cl_flags))
bcecf1cc
MJ		 3838 goto out;
3839
3840 status = nfserr_stale_clientid;
3841 if (is_client_expired(cstate->session->se_client))
4dc6ec00
BF		 3842 /*
3843 * The following error isn't really legal.
3844 * But we only get here if the client just explicitly
3845 * destroyed the client. Surely it no longer cares what
3846 * error it gets back on an operation for the dead
3847 * client.
3848 */
bcecf1cc
MJ		 3849 goto out;
3850
3851 status = nfs_ok;
2a4317c5 3852 nfsd4_client_record_create(cstate->session->se_client);
362063a5 3853 inc_reclaim_complete(cstate->session->se_client);
bcecf1cc 3854out:
bcecf1cc 3855 return status;
4dc6ec00
BF		 3856}
3857
b37ad28b 3858__be32
b591480b 3859nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 3860 union nfsd4_op_u *u)
1da177e4 3861{
eb69853d 3862 struct nfsd4_setclientid *setclid = &u->setclientid;
a084daf5 3863 struct xdr_netobj clname = setclid->se_name;
1da177e4 3864 nfs4_verifier clverifier = setclid->se_verf;
3dbacee6
TM		 3865 struct nfs4_client *conf, *new;
3866 struct nfs4_client *unconf = NULL;
b37ad28b 3867 __be32 status;
c212cecf
SK		 3868 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
3869
5cc40fd7
TM		 3870 new = create_client(clname, rqstp, &clverifier);
3871 if (new == NULL)
3872 return nfserr_jukebox;
63db4632 3873 /* Cases below refer to rfc 3530 section 14.2.33: */
3dbacee6 3874 spin_lock(&nn->client_lock);
382a62e7 3875 conf = find_confirmed_client_by_name(&clname, nn);
2b634821 3876 if (conf && client_has_state(conf)) {
63db4632 3877 /* case 0: */
1da177e4 3878 status = nfserr_clid_inuse;
e203d506
BF		 3879 if (clp_used_exchangeid(conf))
3880 goto out;
026722c2 3881 if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
363168b4
JL		 3882 char addr_str[INET6_ADDRSTRLEN];
3883 rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
3884 sizeof(addr_str));
3885 dprintk("NFSD: setclientid: string in use by client "
3886 "at %s\n", addr_str);
1da177e4
LT		 3887 goto out;
3888 }
1da177e4 3889 }
a99454aa 3890 unconf = find_unconfirmed_client_by_name(&clname, nn);
8f930711 3891 if (unconf)
3dbacee6 3892 unhash_client_locked(unconf);
41eb1670 3893 if (conf && same_verf(&conf->cl_verifier, &clverifier)) {
63db4632 3894 /* case 1: probable callback update */
1da177e4 3895 copy_clid(new, conf);
41eb1670
KM		 3896 gen_confirm(new, nn);
3897 } else /* case 4 (new client) or cases 2, 3 (client reboot): */
e8a79fb1 3898 ;
8323c3b2 3899 new->cl_minorversion = 0;
6f3d772f 3900 gen_callback(new, setclid, rqstp);
ac55fdc4 3901 add_to_unconfirmed(new);
1da177e4
LT		 3902 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
3903 setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
3904 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
5cc40fd7 3905 new = NULL;
1da177e4
LT		 3906 status = nfs_ok;
3907out:
3dbacee6 3908 spin_unlock(&nn->client_lock);
5cc40fd7
TM		 3909 if (new)
3910 free_client(new);
3dbacee6
TM		 3911 if (unconf)
3912 expire_client(unconf);
1da177e4
LT		 3913 return status;
3914}
3915
3916
b37ad28b 3917__be32
b591480b 3918nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
eb69853d
CH		 3919 struct nfsd4_compound_state *cstate,
3920 union nfsd4_op_u *u)
1da177e4 3921{
eb69853d
CH		 3922 struct nfsd4_setclientid_confirm *setclientid_confirm =
3923 &u->setclientid_confirm;
21ab45a4 3924 struct nfs4_client *conf, *unconf;
d20c11d8 3925 struct nfs4_client *old = NULL;
1da177e4
LT		 3926 nfs4_verifier confirm = setclientid_confirm->sc_confirm;
3927 clientid_t * clid = &setclientid_confirm->sc_clientid;
b37ad28b 3928 __be32 status;
7f2210fa 3929 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 3930
2c142baa 3931 if (STALE_CLIENTID(clid, nn))
1da177e4 3932 return nfserr_stale_clientid;
21ab45a4 3933
d20c11d8 3934 spin_lock(&nn->client_lock);
8daae4dc 3935 conf = find_confirmed_client(clid, false, nn);
0a7ec377 3936 unconf = find_unconfirmed_client(clid, false, nn);
a186e767 3937 /*
8695b90a
BF		 3938 * We try hard to give out unique clientid's, so if we get an
3939 * attempt to confirm the same clientid with a different cred,
f984a7ce
BF		 3940 * the client may be buggy; this should never happen.
3941 *
3942 * Nevertheless, RFC 7530 recommends INUSE for this case:
a186e767 3943 */
f984a7ce 3944 status = nfserr_clid_inuse;
8695b90a
BF		 3945 if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
3946 goto out;
3947 if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
3948 goto out;
63db4632 3949 /* cases below refer to rfc 3530 section 14.2.34: */
90d700b7 3950 if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
7d22fc11
BF		 3951 if (conf && same_verf(&confirm, &conf->cl_confirm)) {
3952 /* case 2: probable retransmit */
1da177e4 3953 status = nfs_ok;
7d22fc11 3954 } else /* case 4: client hasn't noticed we rebooted yet? */
90d700b7
BF		 3955 status = nfserr_stale_clientid;
3956 goto out;
3957 }
3958 status = nfs_ok;
3959 if (conf) { /* case 1: callback update */
d20c11d8
JL		 3960 old = unconf;
3961 unhash_client_locked(old);
8695b90a 3962 nfsd4_change_callback(conf, &unconf->cl_cb_conn);
90d700b7 3963 } else { /* case 3: normal case; new or rebooted client */
d20c11d8
JL		 3964 old = find_confirmed_client_by_name(&unconf->cl_name, nn);
3965 if (old) {
2b634821
BF		 3966 status = nfserr_clid_inuse;
3967 if (client_has_state(old)
3968 && !same_creds(&unconf->cl_cred,
3969 &old->cl_cred))
3970 goto out;
d20c11d8 3971 status = mark_client_expired_locked(old);
7abea1e8
JL		 3972 if (status) {
3973 old = NULL;
221a6876 3974 goto out;
7abea1e8 3975 }
221a6876 3976 }
8695b90a 3977 move_to_confirmed(unconf);
d20c11d8 3978 conf = unconf;
08e8987c 3979 }
d20c11d8
JL		 3980 get_client_locked(conf);
3981 spin_unlock(&nn->client_lock);
3982 nfsd4_probe_callback(conf);
3983 spin_lock(&nn->client_lock);
3984 put_client_renew_locked(conf);
1da177e4 3985out:
d20c11d8
JL		 3986 spin_unlock(&nn->client_lock);
3987 if (old)
3988 expire_client(old);
1da177e4
LT		 3989 return status;
3990}
3991
32513b40
BF		 3992static struct nfs4_file *nfsd4_alloc_file(void)
3993{
3994 return kmem_cache_alloc(file_slab, GFP_KERNEL);
3995}
3996
1da177e4 3997/* OPEN Share state helper functions */
5b095e99
JL		 3998static void nfsd4_init_file(struct knfsd_fh *fh, unsigned int hashval,
3999 struct nfs4_file *fp)
1da177e4 4000{
950e0118
TM		 4001 lockdep_assert_held(&state_lock);
4002
818a34eb 4003 refcount_set(&fp->fi_ref, 1);
1d31a253 4004 spin_lock_init(&fp->fi_lock);
32513b40
BF		 4005 INIT_LIST_HEAD(&fp->fi_stateids);
4006 INIT_LIST_HEAD(&fp->fi_delegations);
8287f009 4007 INIT_LIST_HEAD(&fp->fi_clnt_odstate);
e2cf80d7 4008 fh_copy_shallow(&fp->fi_fhandle, fh);
0c637be8 4009 fp->fi_deleg_file = NULL;
32513b40 4010 fp->fi_had_conflict = false;
baeb4ff0 4011 fp->fi_share_deny = 0;
32513b40
BF		 4012 memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
4013 memset(fp->fi_access, 0, sizeof(fp->fi_access));
9cf514cc
CH		 4014#ifdef CONFIG_NFSD_PNFS
4015 INIT_LIST_HEAD(&fp->fi_lo_states);
c5c707f9 4016 atomic_set(&fp->fi_lo_recalls, 0);
9cf514cc 4017#endif
5b095e99 4018 hlist_add_head_rcu(&fp->fi_hash, &file_hashtbl[hashval]);
1da177e4
LT		 4019}
4020
e8ff2a84 4021void
1da177e4
LT		 4022nfsd4_free_slabs(void)
4023{
9258a2d5 4024 kmem_cache_destroy(client_slab);
abf1135b
CH		 4025 kmem_cache_destroy(openowner_slab);
4026 kmem_cache_destroy(lockowner_slab);
4027 kmem_cache_destroy(file_slab);
4028 kmem_cache_destroy(stateid_slab);
4029 kmem_cache_destroy(deleg_slab);
9258a2d5 4030 kmem_cache_destroy(odstate_slab);
e60d4398 4031}
1da177e4 4032
72083396 4033int
e60d4398
N		 4034nfsd4_init_slabs(void)
4035{
9258a2d5
JL		 4036 client_slab = kmem_cache_create("nfsd4_clients",
4037 sizeof(struct nfs4_client), 0, 0, NULL);
4038 if (client_slab == NULL)
4039 goto out;
fe0750e5
BF		 4040 openowner_slab = kmem_cache_create("nfsd4_openowners",
4041 sizeof(struct nfs4_openowner), 0, 0, NULL);
4042 if (openowner_slab == NULL)
9258a2d5 4043 goto out_free_client_slab;
fe0750e5 4044 lockowner_slab = kmem_cache_create("nfsd4_lockowners",
3c40794b 4045 sizeof(struct nfs4_lockowner), 0, 0, NULL);
fe0750e5 4046 if (lockowner_slab == NULL)
abf1135b 4047 goto out_free_openowner_slab;
e60d4398 4048 file_slab = kmem_cache_create("nfsd4_files",
20c2df83 4049 sizeof(struct nfs4_file), 0, 0, NULL);
e60d4398 4050 if (file_slab == NULL)
abf1135b 4051 goto out_free_lockowner_slab;
5ac049ac 4052 stateid_slab = kmem_cache_create("nfsd4_stateids",
dcef0413 4053 sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
5ac049ac 4054 if (stateid_slab == NULL)
abf1135b 4055 goto out_free_file_slab;
5b2d21c1 4056 deleg_slab = kmem_cache_create("nfsd4_delegations",
20c2df83 4057 sizeof(struct nfs4_delegation), 0, 0, NULL);
5b2d21c1 4058 if (deleg_slab == NULL)
abf1135b 4059 goto out_free_stateid_slab;
8287f009
SB		 4060 odstate_slab = kmem_cache_create("nfsd4_odstate",
4061 sizeof(struct nfs4_clnt_odstate), 0, 0, NULL);
4062 if (odstate_slab == NULL)
4063 goto out_free_deleg_slab;
e60d4398 4064 return 0;
abf1135b 4065
8287f009
SB		 4066out_free_deleg_slab:
4067 kmem_cache_destroy(deleg_slab);
abf1135b
CH		 4068out_free_stateid_slab:
4069 kmem_cache_destroy(stateid_slab);
4070out_free_file_slab:
4071 kmem_cache_destroy(file_slab);
4072out_free_lockowner_slab:
4073 kmem_cache_destroy(lockowner_slab);
4074out_free_openowner_slab:
4075 kmem_cache_destroy(openowner_slab);
9258a2d5
JL		 4076out_free_client_slab:
4077 kmem_cache_destroy(client_slab);
abf1135b 4078out:
e60d4398
N		 4079 dprintk("nfsd4: out of memory while initializing nfsv4\n");
4080 return -ENOMEM;
1da177e4
LT		 4081}
4082
ff194bd9 4083static void init_nfs4_replay(struct nfs4_replay *rp)
1da177e4 4084{
ff194bd9
BF		 4085 rp->rp_status = nfserr_serverfault;
4086 rp->rp_buflen = 0;
4087 rp->rp_buf = rp->rp_ibuf;
58fb12e6
JL		 4088 mutex_init(&rp->rp_mutex);
4089}
4090
4091static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate,
4092 struct nfs4_stateowner *so)
4093{
4094 if (!nfsd4_has_session(cstate)) {
4095 mutex_lock(&so->so_replay.rp_mutex);
b5971afa 4096 cstate->replay_owner = nfs4_get_stateowner(so);
58fb12e6
JL		 4097 }
4098}
4099
4100void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate)
4101{
4102 struct nfs4_stateowner *so = cstate->replay_owner;
4103
4104 if (so != NULL) {
4105 cstate->replay_owner = NULL;
4106 mutex_unlock(&so->so_replay.rp_mutex);
4107 nfs4_put_stateowner(so);
4108 }
1da177e4
LT		 4109}
4110
fe0750e5 4111static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
ff194bd9 4112{
1da177e4 4113 struct nfs4_stateowner *sop;
1da177e4 4114
fe0750e5 4115 sop = kmem_cache_alloc(slab, GFP_KERNEL);
ff194bd9
BF		 4116 if (!sop)
4117 return NULL;
4118
6f4859b8 4119 xdr_netobj_dup(&sop->so_owner, owner, GFP_KERNEL);
ff194bd9 4120 if (!sop->so_owner.data) {
fe0750e5 4121 kmem_cache_free(slab, sop);
1da177e4 4122 return NULL;
ff194bd9 4123 }
ff194bd9 4124
ea1da636 4125 INIT_LIST_HEAD(&sop->so_stateids);
ff194bd9
BF		 4126 sop->so_client = clp;
4127 init_nfs4_replay(&sop->so_replay);
6b180f0b 4128 atomic_set(&sop->so_count, 1);
ff194bd9
BF		 4129 return sop;
4130}
4131
fe0750e5 4132static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
ff194bd9 4133{
d4f0489f 4134 lockdep_assert_held(&clp->cl_lock);
9b531137 4135
d4f0489f
TM		 4136 list_add(&oo->oo_owner.so_strhash,
4137 &clp->cl_ownerstr_hashtbl[strhashval]);
fe0750e5 4138 list_add(&oo->oo_perclient, &clp->cl_openowners);
ff194bd9
BF		 4139}
4140
8f4b54c5
JL		 4141static void nfs4_unhash_openowner(struct nfs4_stateowner *so)
4142{
d4f0489f 4143 unhash_openowner_locked(openowner(so));
8f4b54c5
JL		 4144}
4145
6b180f0b
JL		 4146static void nfs4_free_openowner(struct nfs4_stateowner *so)
4147{
4148 struct nfs4_openowner *oo = openowner(so);
4149
4150 kmem_cache_free(openowner_slab, oo);
4151}
4152
4153static const struct nfs4_stateowner_operations openowner_ops = {
8f4b54c5
JL		 4154 .so_unhash = nfs4_unhash_openowner,
4155 .so_free = nfs4_free_openowner,
6b180f0b
JL		 4156};
4157
7fc0564e
AE		 4158static struct nfs4_ol_stateid *
4159nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
4160{
4161 struct nfs4_ol_stateid *local, *ret = NULL;
4162 struct nfs4_openowner *oo = open->op_openowner;
4163
4164 lockdep_assert_held(&fp->fi_lock);
4165
4166 list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
4167 /* ignore lock owners */
4168 if (local->st_stateowner->so_is_open_owner == 0)
4169 continue;
15ca08d3
TM		 4170 if (local->st_stateowner != &oo->oo_owner)
4171 continue;
4172 if (local->st_stid.sc_type == NFS4_OPEN_STID) {
7fc0564e 4173 ret = local;
a15dfcd5 4174 refcount_inc(&ret->st_stid.sc_count);
7fc0564e
AE		 4175 break;
4176 }
4177 }
4178 return ret;
4179}
4180
15ca08d3
TM		 4181static __be32
4182nfsd4_verify_open_stid(struct nfs4_stid *s)
4183{
4184 __be32 ret = nfs_ok;
4185
4186 switch (s->sc_type) {
4187 default:
4188 break;
4f176417 4189 case 0:
15ca08d3
TM		 4190 case NFS4_CLOSED_STID:
4191 case NFS4_CLOSED_DELEG_STID:
4192 ret = nfserr_bad_stateid;
4193 break;
4194 case NFS4_REVOKED_DELEG_STID:
4195 ret = nfserr_deleg_revoked;
4196 }
4197 return ret;
4198}
4199
4200/* Lock the stateid st_mutex, and deal with races with CLOSE */
4201static __be32
4202nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp)
4203{
4204 __be32 ret;
4205
4f34bd05 4206 mutex_lock_nested(&stp->st_mutex, LOCK_STATEID_MUTEX);
15ca08d3
TM		 4207 ret = nfsd4_verify_open_stid(&stp->st_stid);
4208 if (ret != nfs_ok)
4209 mutex_unlock(&stp->st_mutex);
4210 return ret;
4211}
4212
4213static struct nfs4_ol_stateid *
4214nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
4215{
4216 struct nfs4_ol_stateid *stp;
4217 for (;;) {
4218 spin_lock(&fp->fi_lock);
4219 stp = nfsd4_find_existing_open(fp, open);
4220 spin_unlock(&fp->fi_lock);
4221 if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok)
4222 break;
4223 nfs4_put_stid(&stp->st_stid);
4224 }
4225 return stp;
4226}
4227
fe0750e5 4228static struct nfs4_openowner *
13d6f66b 4229alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
db24b3b4
JL		 4230 struct nfsd4_compound_state *cstate)
4231{
13d6f66b 4232 struct nfs4_client *clp = cstate->clp;
7ffb5880 4233 struct nfs4_openowner *oo, *ret;
ff194bd9 4234
fe0750e5
BF		 4235 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
4236 if (!oo)
ff194bd9 4237 return NULL;
6b180f0b 4238 oo->oo_owner.so_ops = &openowner_ops;
fe0750e5
BF		 4239 oo->oo_owner.so_is_open_owner = 1;
4240 oo->oo_owner.so_seqid = open->op_seqid;
d3134b10 4241 oo->oo_flags = 0;
db24b3b4
JL		 4242 if (nfsd4_has_session(cstate))
4243 oo->oo_flags |= NFS4_OO_CONFIRMED;
fe0750e5 4244 oo->oo_time = 0;
38c387b5 4245 oo->oo_last_closed_stid = NULL;
fe0750e5 4246 INIT_LIST_HEAD(&oo->oo_close_lru);
d4f0489f
TM		 4247 spin_lock(&clp->cl_lock);
4248 ret = find_openstateowner_str_locked(strhashval, open, clp);
7ffb5880
TM		 4249 if (ret == NULL) {
4250 hash_openowner(oo, clp, strhashval);
4251 ret = oo;
4252 } else
d50ffded
KM		 4253 nfs4_free_stateowner(&oo->oo_owner);
4254
d4f0489f 4255 spin_unlock(&clp->cl_lock);
c5952338 4256 return ret;
1da177e4
LT		 4257}
4258
7fc0564e 4259static struct nfs4_ol_stateid *
8c7245ab 4260init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open)
7fc0564e
AE		 4261{
4262
fe0750e5 4263 struct nfs4_openowner *oo = open->op_openowner;
7fc0564e 4264 struct nfs4_ol_stateid *retstp = NULL;
8c7245ab 4265 struct nfs4_ol_stateid *stp;
1da177e4 4266
8c7245ab 4267 stp = open->op_stp;
5cc1fb2a
OD		 4268 /* We are moving these outside of the spinlocks to avoid the warnings */
4269 mutex_init(&stp->st_mutex);
4f34bd05 4270 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX);
5cc1fb2a 4271
15ca08d3 4272retry:
7fc0564e
AE		 4273 spin_lock(&oo->oo_owner.so_client->cl_lock);
4274 spin_lock(&fp->fi_lock);
4275
4276 retstp = nfsd4_find_existing_open(fp, open);
4277 if (retstp)
4278 goto out_unlock;
8c7245ab
OD		 4279
4280 open->op_stp = NULL;
a15dfcd5 4281 refcount_inc(&stp->st_stid.sc_count);
3abdb607 4282 stp->st_stid.sc_type = NFS4_OPEN_STID;
3c87b9b7 4283 INIT_LIST_HEAD(&stp->st_locks);
b5971afa 4284 stp->st_stateowner = nfs4_get_stateowner(&oo->oo_owner);
13cd2184 4285 get_nfs4_file(fp);
11b9164a 4286 stp->st_stid.sc_file = fp;
1da177e4
LT		 4287 stp->st_access_bmap = 0;
4288 stp->st_deny_bmap = 0;
4c4cd222 4289 stp->st_openstp = NULL;
1c755dc1 4290 list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
1d31a253 4291 list_add(&stp->st_perfile, &fp->fi_stateids);
7fc0564e
AE		 4292
4293out_unlock:
1d31a253 4294 spin_unlock(&fp->fi_lock);
1c755dc1 4295 spin_unlock(&oo->oo_owner.so_client->cl_lock);
5cc1fb2a 4296 if (retstp) {
15ca08d3
TM		 4297 /* Handle races with CLOSE */
4298 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) {
4299 nfs4_put_stid(&retstp->st_stid);
4300 goto retry;
4301 }
8c7245ab 4302 /* To keep mutex tracking happy */
5cc1fb2a 4303 mutex_unlock(&stp->st_mutex);
8c7245ab 4304 stp = retstp;
5cc1fb2a 4305 }
8c7245ab 4306 return stp;
1da177e4
LT		 4307}
4308
d3134b10
JL		 4309/*
4310 * In the 4.0 case we need to keep the owners around a little while to handle
4311 * CLOSE replay. We still do need to release any file access that is held by
4312 * them before returning however.
4313 */
fd39ca9a 4314static void
d3134b10 4315move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net)
1da177e4 4316{
217526e7 4317 struct nfs4_ol_stateid *last;
d3134b10
JL		 4318 struct nfs4_openowner *oo = openowner(s->st_stateowner);
4319 struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net,
4320 nfsd_net_id);
73758fed 4321
fe0750e5 4322 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
1da177e4 4323
b401be22
JL		 4324 /*
4325 * We know that we hold one reference via nfsd4_close, and another
4326 * "persistent" reference for the client. If the refcount is higher
4327 * than 2, then there are still calls in progress that are using this
4328 * stateid. We can't put the sc_file reference until they are finished.
4329 * Wait for the refcount to drop to 2. Since it has been unhashed,
4330 * there should be no danger of the refcount going back up again at
4331 * this point.
4332 */
a15dfcd5 4333 wait_event(close_wq, refcount_read(&s->st_stid.sc_count) == 2);
b401be22 4334
d3134b10
JL		 4335 release_all_access(s);
4336 if (s->st_stid.sc_file) {
4337 put_nfs4_file(s->st_stid.sc_file);
4338 s->st_stid.sc_file = NULL;
4339 }
217526e7
JL		 4340
4341 spin_lock(&nn->client_lock);
4342 last = oo->oo_last_closed_stid;
d3134b10 4343 oo->oo_last_closed_stid = s;
73758fed 4344 list_move_tail(&oo->oo_close_lru, &nn->close_lru);
20b7d86f 4345 oo->oo_time = ktime_get_boottime_seconds();
217526e7
JL		 4346 spin_unlock(&nn->client_lock);
4347 if (last)
4348 nfs4_put_stid(&last->st_stid);
1da177e4
LT		 4349}
4350
1da177e4
LT		 4351/* search file_hashtbl[] for file */
4352static struct nfs4_file *
5b095e99 4353find_file_locked(struct knfsd_fh *fh, unsigned int hashval)
1da177e4 4354{
1da177e4
LT		 4355 struct nfs4_file *fp;
4356
36a80491
MB		 4357 hlist_for_each_entry_rcu(fp, &file_hashtbl[hashval], fi_hash,
4358 lockdep_is_held(&state_lock)) {
4d94c2ef 4359 if (fh_match(&fp->fi_fhandle, fh)) {
818a34eb 4360 if (refcount_inc_not_zero(&fp->fi_ref))
5b095e99 4361 return fp;
13cd2184 4362 }
1da177e4
LT		 4363 }
4364 return NULL;
4365}
4366
e6ba76e1 4367struct nfs4_file *
ca943217 4368find_file(struct knfsd_fh *fh)
950e0118
TM		 4369{
4370 struct nfs4_file *fp;
5b095e99 4371 unsigned int hashval = file_hashval(fh);
950e0118 4372
5b095e99
JL		 4373 rcu_read_lock();
4374 fp = find_file_locked(fh, hashval);
4375 rcu_read_unlock();
950e0118
TM		 4376 return fp;
4377}
4378
4379static struct nfs4_file *
f9c00c3a 4380find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh)
950e0118
TM		 4381{
4382 struct nfs4_file *fp;
5b095e99
JL		 4383 unsigned int hashval = file_hashval(fh);
4384
4385 rcu_read_lock();
4386 fp = find_file_locked(fh, hashval);
4387 rcu_read_unlock();
4388 if (fp)
4389 return fp;
950e0118
TM		 4390
4391 spin_lock(&state_lock);
5b095e99
JL		 4392 fp = find_file_locked(fh, hashval);
4393 if (likely(fp == NULL)) {
4394 nfsd4_init_file(fh, hashval, new);
950e0118
TM		 4395 fp = new;
4396 }
4397 spin_unlock(&state_lock);
4398
4399 return fp;
4400}
4401
1da177e4
LT		 4402/*
4403 * Called to check deny when READ with all zero stateid or
4404 * WRITE with all zero or all one stateid
4405 */
b37ad28b 4406static __be32
1da177e4
LT		 4407nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
4408{
1da177e4 4409 struct nfs4_file *fp;
baeb4ff0 4410 __be32 ret = nfs_ok;
1da177e4 4411
ca943217 4412 fp = find_file(&current_fh->fh_handle);
13cd2184 4413 if (!fp)
baeb4ff0
JL		 4414 return ret;
4415 /* Check for conflicting share reservations */
1d31a253 4416 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 4417 if (fp->fi_share_deny & deny_type)
4418 ret = nfserr_locked;
1d31a253 4419 spin_unlock(&fp->fi_lock);
13cd2184
N		 4420 put_nfs4_file(fp);
4421 return ret;
1da177e4
LT		 4422}
4423
0162ac2b 4424static void nfsd4_cb_recall_prepare(struct nfsd4_callback *cb)
1da177e4 4425{
0162ac2b 4426 struct nfs4_delegation *dp = cb_to_delegation(cb);
11b9164a
TM		 4427 struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net,
4428 nfsd_net_id);
e8c69d17 4429
11b9164a 4430 block_delegations(&dp->dl_stid.sc_file->fi_fhandle);
f54fe962 4431
dff1399f 4432 /*
f54fe962
JL		 4433 * We can't do this in nfsd_break_deleg_cb because it is
4434 * already holding inode->i_lock.
4435 *
dff1399f
JL		 4436 * If the dl_time != 0, then we know that it has already been
4437 * queued for a lease break. Don't queue it again.
4438 */
f54fe962 4439 spin_lock(&state_lock);
dff1399f 4440 if (dp->dl_time == 0) {
20b7d86f 4441 dp->dl_time = ktime_get_boottime_seconds();
02e1215f 4442 list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru);
dff1399f 4443 }
02e1215f
JL		 4444 spin_unlock(&state_lock);
4445}
1da177e4 4446
0162ac2b
CH		 4447static int nfsd4_cb_recall_done(struct nfsd4_callback *cb,
4448 struct rpc_task *task)
4449{
4450 struct nfs4_delegation *dp = cb_to_delegation(cb);
4451
a457974f
AE		 4452 if (dp->dl_stid.sc_type == NFS4_CLOSED_DELEG_STID)
4453 return 1;
4454
0162ac2b
CH		 4455 switch (task->tk_status) {
4456 case 0:
4457 return 1;
1c73b9d2
SM		 4458 case -NFS4ERR_DELAY:
4459 rpc_delay(task, 2 * HZ);
4460 return 0;
0162ac2b
CH		 4461 case -EBADHANDLE:
4462 case -NFS4ERR_BAD_STATEID:
4463 /*
4464 * Race: client probably got cb_recall before open reply
4465 * granting delegation.
4466 */
4467 if (dp->dl_retries--) {
4468 rpc_delay(task, 2 * HZ);
4469 return 0;
4470 }
4471 /*FALLTHRU*/
4472 default:
1c73b9d2 4473 return 1;
0162ac2b
CH		 4474 }
4475}
4476
4477static void nfsd4_cb_recall_release(struct nfsd4_callback *cb)
4478{
4479 struct nfs4_delegation *dp = cb_to_delegation(cb);
4480
4481 nfs4_put_stid(&dp->dl_stid);
4482}
4483
c4cb8974 4484static const struct nfsd4_callback_ops nfsd4_cb_recall_ops = {
0162ac2b
CH		 4485 .prepare = nfsd4_cb_recall_prepare,
4486 .done = nfsd4_cb_recall_done,
4487 .release = nfsd4_cb_recall_release,
4488};
4489
02e1215f
JL		 4490static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
4491{
4492 /*
4493 * We're assuming the state code never drops its reference
4494 * without first removing the lease. Since we're in this lease
4a269efb
BF		 4495 * callback (and since the lease code is serialized by the
4496 * i_lock) we know the server hasn't removed the lease yet, and
4497 * we know it's safe to take a reference.
02e1215f 4498 */
a15dfcd5 4499 refcount_inc(&dp->dl_stid.sc_count);
f0b5de1b 4500 nfsd4_run_cb(&dp->dl_recall);
6b57d9c8
BF		 4501}
4502
1c8c601a 4503/* Called from break_lease() with i_lock held. */
4d01b7f5
JL		 4504static bool
4505nfsd_break_deleg_cb(struct file_lock *fl)
6b57d9c8 4506{
4d01b7f5 4507 bool ret = false;
653e514e
BF		 4508 struct nfs4_delegation *dp = (struct nfs4_delegation *)fl->fl_owner;
4509 struct nfs4_file *fp = dp->dl_stid.sc_file;
6b57d9c8 4510
0272e1fd
BF		 4511 /*
4512 * We don't want the locks code to timeout the lease for us;
acfdf5c3 4513 * we'll remove it ourself if a delegation isn't returned
6b57d9c8 4514 * in time:
0272e1fd
BF		 4515 */
4516 fl->fl_break_time = 0;
1da177e4 4517
02e1215f 4518 spin_lock(&fp->fi_lock);
417c6629 4519 fp->fi_had_conflict = true;
353601e7 4520 nfsd_break_one_deleg(dp);
02e1215f 4521 spin_unlock(&fp->fi_lock);
4d01b7f5 4522 return ret;
1da177e4
LT		 4523}
4524
c45198ed 4525static int
7448cc37
JL		 4526nfsd_change_deleg_cb(struct file_lock *onlist, int arg,
4527 struct list_head *dispose)
1da177e4
LT		 4528{
4529 if (arg & F_UNLCK)
c45198ed 4530 return lease_modify(onlist, arg, dispose);
1da177e4
LT		 4531 else
4532 return -EAGAIN;
4533}
4534
7b021967 4535static const struct lock_manager_operations nfsd_lease_mng_ops = {
8fb47a4f
BF		 4536 .lm_break = nfsd_break_deleg_cb,
4537 .lm_change = nfsd_change_deleg_cb,
1da177e4
LT		 4538};
4539
7a8711c9
BF		 4540static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
4541{
4542 if (nfsd4_has_session(cstate))
4543 return nfs_ok;
4544 if (seqid == so->so_seqid - 1)
4545 return nfserr_replay_me;
4546 if (seqid == so->so_seqid)
4547 return nfs_ok;
4548 return nfserr_bad_seqid;
4549}
1da177e4 4550
4b24ca7d
JL		 4551static __be32 lookup_clientid(clientid_t *clid,
4552 struct nfsd4_compound_state *cstate,
b7342204
OK		 4553 struct nfsd_net *nn,
4554 bool sessions)
4b24ca7d
JL		 4555{
4556 struct nfs4_client *found;
4557
4558 if (cstate->clp) {
4559 found = cstate->clp;
4560 if (!same_clid(&found->cl_clientid, clid))
4561 return nfserr_stale_clientid;
4562 return nfs_ok;
4563 }
4564
4565 if (STALE_CLIENTID(clid, nn))
4566 return nfserr_stale_clientid;
4567
4568 /*
4569 * For v4.1+ we get the client in the SEQUENCE op. If we don't have one
4570 * cached already then we know this is for is for v4.0 and "sessions"
4571 * will be false.
4572 */
4573 WARN_ON_ONCE(cstate->session);
3e339f96 4574 spin_lock(&nn->client_lock);
b7342204 4575 found = find_confirmed_client(clid, sessions, nn);
3e339f96
TM		 4576 if (!found) {
4577 spin_unlock(&nn->client_lock);
4b24ca7d 4578 return nfserr_expired;
3e339f96 4579 }
14ed14cc 4580 atomic_inc(&found->cl_rpc_users);
3e339f96 4581 spin_unlock(&nn->client_lock);
4b24ca7d
JL		 4582
4583 /* Cache the nfs4_client in cstate! */
4584 cstate->clp = found;
4b24ca7d
JL		 4585 return nfs_ok;
4586}
4587
b37ad28b 4588__be32
6668958f 4589nfsd4_process_open1(struct nfsd4_compound_state *cstate,
3320fef1 4590 struct nfsd4_open *open, struct nfsd_net *nn)
1da177e4 4591{
1da177e4
LT		 4592 clientid_t *clientid = &open->op_clientid;
4593 struct nfs4_client *clp = NULL;
4594 unsigned int strhashval;
fe0750e5 4595 struct nfs4_openowner *oo = NULL;
4cdc951b 4596 __be32 status;
1da177e4 4597
2c142baa 4598 if (STALE_CLIENTID(&open->op_clientid, nn))
1da177e4 4599 return nfserr_stale_clientid;
32513b40
BF		 4600 /*
4601 * In case we need it later, after we've already created the
4602 * file and don't want to risk a further failure:
4603 */
4604 open->op_file = nfsd4_alloc_file();
4605 if (open->op_file == NULL)
4606 return nfserr_jukebox;
1da177e4 4607
b7342204 4608 status = lookup_clientid(clientid, cstate, nn, false);
2d91e895
TM		 4609 if (status)
4610 return status;
4611 clp = cstate->clp;
4612
d4f0489f
TM		 4613 strhashval = ownerstr_hashval(&open->op_owner);
4614 oo = find_openstateowner_str(strhashval, open, clp);
fe0750e5
BF		 4615 open->op_openowner = oo;
4616 if (!oo) {
bcf130f9 4617 goto new_owner;
1da177e4 4618 }
dad1c067 4619 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
0f442aa2 4620 /* Replace unconfirmed owners without checking for replay. */
fe0750e5
BF		 4621 release_openowner(oo);
4622 open->op_openowner = NULL;
bcf130f9 4623 goto new_owner;
0f442aa2 4624 }
4cdc951b
BF		 4625 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
4626 if (status)
4627 return status;
4cdc951b 4628 goto alloc_stateid;
bcf130f9 4629new_owner:
13d6f66b 4630 oo = alloc_init_open_stateowner(strhashval, open, cstate);
bcf130f9
BF		 4631 if (oo == NULL)
4632 return nfserr_jukebox;
4633 open->op_openowner = oo;
4cdc951b 4634alloc_stateid:
b49e084d 4635 open->op_stp = nfs4_alloc_open_stateid(clp);
4cdc951b
BF		 4636 if (!open->op_stp)
4637 return nfserr_jukebox;
8287f009
SB		 4638
4639 if (nfsd4_has_session(cstate) &&
4640 (cstate->current_fh.fh_export->ex_flags & NFSEXP_PNFS)) {
4641 open->op_odstate = alloc_clnt_odstate(clp);
4642 if (!open->op_odstate)
4643 return nfserr_jukebox;
4644 }
4645
0f442aa2 4646 return nfs_ok;
1da177e4
LT		 4647}
4648
b37ad28b 4649static inline __be32
4a6e43e6
N		 4650nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
4651{
4652 if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
4653 return nfserr_openmode;
4654 else
4655 return nfs_ok;
4656}
4657
f459e453 4658static int share_access_to_flags(u32 share_access)
52f4fb43 4659{
f459e453 4660 return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
52f4fb43
N		 4661}
4662
38c2f4b1 4663static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
24a0111e 4664{
f459e453 4665 struct nfs4_stid *ret;
24a0111e 4666
95da1b3a
AE		 4667 ret = find_stateid_by_type(cl, s,
4668 NFS4_DELEG_STID|NFS4_REVOKED_DELEG_STID);
f459e453
BF		 4669 if (!ret)
4670 return NULL;
4671 return delegstateid(ret);
24a0111e
BF		 4672}
4673
8b289b2c
BF		 4674static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
4675{
4676 return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
4677 open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
4678}
4679
b37ad28b 4680static __be32
41d22663 4681nfs4_check_deleg(struct nfs4_client *cl, struct nfsd4_open *open,
567d9829
N		 4682 struct nfs4_delegation **dp)
4683{
4684 int flags;
b37ad28b 4685 __be32 status = nfserr_bad_stateid;
dcd94cc2 4686 struct nfs4_delegation *deleg;
567d9829 4687
dcd94cc2
TM		 4688 deleg = find_deleg_stateid(cl, &open->op_delegate_stateid);
4689 if (deleg == NULL)
c44c5eeb 4690 goto out;
95da1b3a
AE		 4691 if (deleg->dl_stid.sc_type == NFS4_REVOKED_DELEG_STID) {
4692 nfs4_put_stid(&deleg->dl_stid);
4693 if (cl->cl_minorversion)
4694 status = nfserr_deleg_revoked;
4695 goto out;
4696 }
24a0111e 4697 flags = share_access_to_flags(open->op_share_access);
dcd94cc2
TM		 4698 status = nfs4_check_delegmode(deleg, flags);
4699 if (status) {
4700 nfs4_put_stid(&deleg->dl_stid);
4701 goto out;
4702 }
4703 *dp = deleg;
c44c5eeb 4704out:
8b289b2c 4705 if (!nfsd4_is_deleg_cur(open))
c44c5eeb
N		 4706 return nfs_ok;
4707 if (status)
4708 return status;
dad1c067 4709 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
c44c5eeb 4710 return nfs_ok;
567d9829
N		 4711}
4712
21fb4016
BF		 4713static inline int nfs4_access_to_access(u32 nfs4_access)
4714{
4715 int flags = 0;
4716
4717 if (nfs4_access & NFS4_SHARE_ACCESS_READ)
4718 flags |= NFSD_MAY_READ;
4719 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
4720 flags |= NFSD_MAY_WRITE;
4721 return flags;
4722}
4723
7e6a72e5
CH		 4724static inline __be32
4725nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
4726 struct nfsd4_open *open)
4727{
4728 struct iattr iattr = {
4729 .ia_valid = ATTR_SIZE,
4730 .ia_size = 0,
4731 };
4732 if (!open->op_truncate)
4733 return 0;
4734 if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
4735 return nfserr_inval;
2a1aa489 4736 return nfsd_setattr(rqstp, fh, &iattr, 0, (time64_t)0);
7e6a72e5
CH		 4737}
4738
0c12eaff 4739static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
6eb3a1d0
JL		 4740 struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp,
4741 struct nfsd4_open *open)
f9d7562f 4742{
fd4f83fd 4743 struct nfsd_file *nf = NULL;
f9d7562f 4744 __be32 status;
0c12eaff
CB		 4745 int oflag = nfs4_access_to_omode(open->op_share_access);
4746 int access = nfs4_access_to_access(open->op_share_access);
baeb4ff0 4747 unsigned char old_access_bmap, old_deny_bmap;
0c12eaff 4748
de18643d 4749 spin_lock(&fp->fi_lock);
baeb4ff0
JL		 4750
4751 /*
4752 * Are we trying to set a deny mode that would conflict with
4753 * current access?
4754 */
4755 status = nfs4_file_check_deny(fp, open->op_share_deny);
4756 if (status != nfs_ok) {
4757 spin_unlock(&fp->fi_lock);
4758 goto out;
4759 }
4760
4761 /* set access to the file */
4762 status = nfs4_file_get_access(fp, open->op_share_access);
4763 if (status != nfs_ok) {
4764 spin_unlock(&fp->fi_lock);
4765 goto out;
4766 }
4767
4768 /* Set access bits in stateid */
4769 old_access_bmap = stp->st_access_bmap;
4770 set_access(open->op_share_access, stp);
4771
4772 /* Set new deny mask */
4773 old_deny_bmap = stp->st_deny_bmap;
4774 set_deny(open->op_share_deny, stp);
4775 fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
4776
f9d7562f 4777 if (!fp->fi_fds[oflag]) {
de18643d 4778 spin_unlock(&fp->fi_lock);
fd4f83fd 4779 status = nfsd_file_acquire(rqstp, cur_fh, access, &nf);
f9d7562f 4780 if (status)
baeb4ff0 4781 goto out_put_access;
de18643d
TM		 4782 spin_lock(&fp->fi_lock);
4783 if (!fp->fi_fds[oflag]) {
fd4f83fd
JL		 4784 fp->fi_fds[oflag] = nf;
4785 nf = NULL;
de18643d 4786 }
f9d7562f 4787 }
de18643d 4788 spin_unlock(&fp->fi_lock);
fd4f83fd
JL		 4789 if (nf)
4790 nfsd_file_put(nf);
f9d7562f 4791
7e6a72e5
CH		 4792 status = nfsd4_truncate(rqstp, cur_fh, open);
4793 if (status)
4794 goto out_put_access;
7e6a72e5
CH		 4795out:
4796 return status;
baeb4ff0
JL		 4797out_put_access:
4798 stp->st_access_bmap = old_access_bmap;
4799 nfs4_file_put_access(fp, open->op_share_access);
4800 reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp);
4801 goto out;
1da177e4
LT		 4802}
4803
b37ad28b 4804static __be32
dcef0413 4805nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
1da177e4 4806{
b37ad28b 4807 __be32 status;
6ac75368 4808 unsigned char old_deny_bmap = stp->st_deny_bmap;
1da177e4 4809
6eb3a1d0 4810 if (!test_access(open->op_share_access, stp))
baeb4ff0 4811 return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open);
7e6a72e5 4812
baeb4ff0
JL		 4813 /* test and set deny mode */
4814 spin_lock(&fp->fi_lock);
4815 status = nfs4_file_check_deny(fp, open->op_share_deny);
4816 if (status == nfs_ok) {
baeb4ff0
JL		 4817 set_deny(open->op_share_deny, stp);
4818 fp->fi_share_deny |=
4819 (open->op_share_deny & NFS4_SHARE_DENY_BOTH);
4820 }
4821 spin_unlock(&fp->fi_lock);
4822
4823 if (status != nfs_ok)
1da177e4 4824 return status;
1da177e4 4825
baeb4ff0
JL		 4826 status = nfsd4_truncate(rqstp, cur_fh, open);
4827 if (status != nfs_ok)
4828 reset_union_bmap_deny(old_deny_bmap, stp);
4829 return status;
4830}
1da177e4 4831
14a24e99
BF		 4832/* Should we give out recallable state?: */
4833static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
4834{
4835 if (clp->cl_cb_state == NFSD4_CB_UP)
4836 return true;
4837 /*
4838 * In the sessions case, since we don't have to establish a
4839 * separate connection for callbacks, we assume it's OK
4840 * until we hear otherwise:
4841 */
4842 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
4843}
4844
653e514e
BF		 4845static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp,
4846 int flag)
22d38c4c
BF		 4847{
4848 struct file_lock *fl;
4849
4850 fl = locks_alloc_lock();
4851 if (!fl)
4852 return NULL;
22d38c4c 4853 fl->fl_lmops = &nfsd_lease_mng_ops;
617588d5 4854 fl->fl_flags = FL_DELEG;
22d38c4c
BF		 4855 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
4856 fl->fl_end = OFFSET_MAX;
653e514e 4857 fl->fl_owner = (fl_owner_t)dp;
22d38c4c 4858 fl->fl_pid = current->tgid;
eb82dd39 4859 fl->fl_file = dp->dl_stid.sc_file->fi_deleg_file->nf_file;
22d38c4c
BF		 4860 return fl;
4861}
4862
0b26693c
JL		 4863static struct nfs4_delegation *
4864nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh,
8287f009 4865 struct nfs4_file *fp, struct nfs4_clnt_odstate *odstate)
acfdf5c3 4866{
68b18f52 4867 int status = 0;
0b26693c 4868 struct nfs4_delegation *dp;
eb82dd39 4869 struct nfsd_file *nf;
353601e7 4870 struct file_lock *fl;
417c6629 4871
353601e7
BF		 4872 /*
4873 * The fi_had_conflict and nfs_get_existing_delegation checks
4874 * here are just optimizations; we'll need to recheck them at
4875 * the end:
4876 */
bf7bd3e9 4877 if (fp->fi_had_conflict)
0b26693c
JL		 4878 return ERR_PTR(-EAGAIN);
4879
eb82dd39
JL		 4880 nf = find_readable_file(fp);
4881 if (!nf) {
353601e7
BF		 4882 /* We should always have a readable file here */
4883 WARN_ON_ONCE(1);
4884 return ERR_PTR(-EBADF);
4885 }
34ed9872
AE		 4886 spin_lock(&state_lock);
4887 spin_lock(&fp->fi_lock);
68b18f52
BF		 4888 if (nfs4_delegation_exists(clp, fp))
4889 status = -EAGAIN;
353601e7 4890 else if (!fp->fi_deleg_file) {
eb82dd39 4891 fp->fi_deleg_file = nf;
353601e7
BF		 4892 /* increment early to prevent fi_deleg_file from being
4893 * cleared */
4894 fp->fi_delegees = 1;
eb82dd39 4895 nf = NULL;
353601e7
BF		 4896 } else
4897 fp->fi_delegees++;
34ed9872
AE		 4898 spin_unlock(&fp->fi_lock);
4899 spin_unlock(&state_lock);
eb82dd39
JL		 4900 if (nf)
4901 nfsd_file_put(nf);
34ed9872
AE		 4902 if (status)
4903 return ERR_PTR(status);
4904
353601e7 4905 status = -ENOMEM;
86d29b10 4906 dp = alloc_init_deleg(clp, fp, fh, odstate);
0b26693c 4907 if (!dp)
353601e7
BF		 4908 goto out_delegees;
4909
4910 fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ);
4911 if (!fl)
bd8d7250 4912 goto out_clnt_odstate;
353601e7 4913
eb82dd39 4914 status = vfs_setlease(fp->fi_deleg_file->nf_file, fl->fl_type, &fl, NULL);
353601e7
BF		 4915 if (fl)
4916 locks_free_lock(fl);
4917 if (status)
4918 goto out_clnt_odstate;
0b26693c 4919
417c6629
JL		 4920 spin_lock(&state_lock);
4921 spin_lock(&fp->fi_lock);
353601e7 4922 if (fp->fi_had_conflict)
417c6629 4923 status = -EAGAIN;
353601e7
BF		 4924 else
4925 status = hash_delegation_locked(dp, fp);
417c6629 4926 spin_unlock(&fp->fi_lock);
cdc97505 4927 spin_unlock(&state_lock);
353601e7
BF		 4928
4929 if (status)
692ad280
AE		 4930 goto out_unlock;
4931
0b26693c 4932 return dp;
692ad280 4933out_unlock:
eb82dd39 4934 vfs_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp);
353601e7
BF		 4935out_clnt_odstate:
4936 put_clnt_odstate(dp->dl_clnt_odstate);
353601e7
BF		 4937 nfs4_put_stid(&dp->dl_stid);
4938out_delegees:
4939 put_deleg_file(fp);
4940 return ERR_PTR(status);
edab9782
BF		 4941}
4942
4aa8913c
BH		 4943static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
4944{
4945 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
4946 if (status == -EAGAIN)
4947 open->op_why_no_deleg = WND4_CONTENTION;
4948 else {
4949 open->op_why_no_deleg = WND4_RESOURCE;
4950 switch (open->op_deleg_want) {
4951 case NFS4_SHARE_WANT_READ_DELEG:
4952 case NFS4_SHARE_WANT_WRITE_DELEG:
4953 case NFS4_SHARE_WANT_ANY_DELEG:
4954 break;
4955 case NFS4_SHARE_WANT_CANCEL:
4956 open->op_why_no_deleg = WND4_CANCELLED;
4957 break;
4958 case NFS4_SHARE_WANT_NO_DELEG:
063b0fb9 4959 WARN_ON_ONCE(1);
4aa8913c
BH		 4960 }
4961 }
4962}
4963
1da177e4
LT		 4964/*
4965 * Attempt to hand out a delegation.
99c41515
BF		 4966 *
4967 * Note we don't support write delegations, and won't until the vfs has
4968 * proper support for them.
1da177e4
LT		 4969 */
4970static void
4cf59221
JL		 4971nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open,
4972 struct nfs4_ol_stateid *stp)
1da177e4
LT		 4973{
4974 struct nfs4_delegation *dp;
4cf59221
JL		 4975 struct nfs4_openowner *oo = openowner(stp->st_stateowner);
4976 struct nfs4_client *clp = stp->st_stid.sc_client;
14a24e99 4977 int cb_up;
99c41515 4978 int status = 0;
1da177e4 4979
fe0750e5 4980 cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
7b190fec
N		 4981 open->op_recall = 0;
4982 switch (open->op_claim_type) {
4983 case NFS4_OPEN_CLAIM_PREVIOUS:
2bf23875 4984 if (!cb_up)
7b190fec 4985 open->op_recall = 1;
99c41515
BF		 4986 if (open->op_delegate_type != NFS4_OPEN_DELEGATE_READ)
4987 goto out_no_deleg;
7b190fec
N		 4988 break;
4989 case NFS4_OPEN_CLAIM_NULL:
ed47b062 4990 case NFS4_OPEN_CLAIM_FH:
99c41515
BF		 4991 /*
4992 * Let's not give out any delegations till everyone's
c87fb4a3
BF		 4993 * had the chance to reclaim theirs, *and* until
4994 * NLM locks have all been reclaimed:
99c41515 4995 */
4cf59221 4996 if (locks_in_grace(clp->net))
99c41515 4997 goto out_no_deleg;
dad1c067 4998 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
99c41515 4999 goto out_no_deleg;
9a0590ae
SD		 5000 /*
5001 * Also, if the file was opened for write or
5002 * create, there's a good chance the client's
5003 * about to write to it, resulting in an
5004 * immediate recall (since we don't support
5005 * write delegations):
5006 */
7b190fec 5007 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
99c41515
BF		 5008 goto out_no_deleg;
5009 if (open->op_create == NFS4_OPEN_CREATE)
5010 goto out_no_deleg;
7b190fec
N		 5011 break;
5012 default:
99c41515 5013 goto out_no_deleg;
7b190fec 5014 }
8287f009 5015 dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file, stp->st_clnt_odstate);
0b26693c 5016 if (IS_ERR(dp))
dd239cc0 5017 goto out_no_deleg;
1da177e4 5018
d5477a8d 5019 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
1da177e4 5020
8c10cbdb 5021 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
d5477a8d 5022 STATEID_VAL(&dp->dl_stid.sc_stateid));
99c41515 5023 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ;
67cb1279 5024 nfs4_put_stid(&dp->dl_stid);
dd239cc0 5025 return;
dd239cc0 5026out_no_deleg:
99c41515
BF		 5027 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE;
5028 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
d08d32e6 5029 open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE) {
99c41515 5030 dprintk("NFSD: WARNING: refusing delegation reclaim\n");
d08d32e6
BF		 5031 open->op_recall = 1;
5032 }
99c41515
BF		 5033
5034 /* 4.1 client asking for a delegation? */
5035 if (open->op_deleg_want)
5036 nfsd4_open_deleg_none_ext(open, status);
5037 return;
1da177e4
LT		 5038}
5039
e27f49c3
BH		 5040static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
5041 struct nfs4_delegation *dp)
5042{
5043 if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
5044 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
5045 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
5046 open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
5047 } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
5048 dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
5049 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
5050 open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
5051 }
5052 /* Otherwise the client must be confused wanting a delegation
5053 * it already has, therefore we don't return
5054 * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
5055 */
5056}
5057
b37ad28b 5058__be32
1da177e4
LT		 5059nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
5060{
6668958f 5061 struct nfsd4_compoundres *resp = rqstp->rq_resp;
38c2f4b1 5062 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
1da177e4 5063 struct nfs4_file *fp = NULL;
dcef0413 5064 struct nfs4_ol_stateid *stp = NULL;
567d9829 5065 struct nfs4_delegation *dp = NULL;
b37ad28b 5066 __be32 status;
d8a1a000 5067 bool new_stp = false;
1da177e4 5068
1da177e4
LT		 5069 /*
5070 * Lookup file; if found, lookup stateid and check open request,
5071 * and check for delegations in the process of being recalled.
5072 * If not found, create the nfs4_file struct
5073 */
f9c00c3a 5074 fp = find_or_add_file(open->op_file, &current_fh->fh_handle);
950e0118 5075 if (fp != open->op_file) {
41d22663 5076 status = nfs4_check_deleg(cl, open, &dp);
c44c5eeb
N		 5077 if (status)
5078 goto out;
15ca08d3 5079 stp = nfsd4_find_and_lock_existing_open(fp, open);
1da177e4 5080 } else {
950e0118 5081 open->op_file = NULL;
c44c5eeb 5082 status = nfserr_bad_stateid;
8b289b2c 5083 if (nfsd4_is_deleg_cur(open))
c44c5eeb 5084 goto out;
1da177e4
LT		 5085 }
5086
d8a1a000
TM		 5087 if (!stp) {
5088 stp = init_open_stateid(fp, open);
5089 if (!open->op_stp)
5090 new_stp = true;
5091 }
5092
1da177e4
LT		 5093 /*
5094 * OPEN the file, or upgrade an existing OPEN.
5095 * If truncate fails, the OPEN fails.
d8a1a000
TM		 5096 *
5097 * stp is already locked.
1da177e4 5098 */
d8a1a000 5099 if (!new_stp) {
1da177e4 5100 /* Stateid was found, this is an OPEN upgrade */
f9d7562f 5101 status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
35a92fe8 5102 if (status) {
feb9dad5 5103 mutex_unlock(&stp->st_mutex);
1da177e4 5104 goto out;
35a92fe8 5105 }
1da177e4 5106 } else {
6eb3a1d0
JL		 5107 status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
5108 if (status) {
d8a1a000 5109 stp->st_stid.sc_type = NFS4_CLOSED_STID;
6eb3a1d0 5110 release_open_stateid(stp);
d8a1a000 5111 mutex_unlock(&stp->st_mutex);
6eb3a1d0
JL		 5112 goto out;
5113 }
8287f009
SB		 5114
5115 stp->st_clnt_odstate = find_or_hash_clnt_odstate(fp,
5116 open->op_odstate);
5117 if (stp->st_clnt_odstate == open->op_odstate)
5118 open->op_odstate = NULL;
1da177e4 5119 }
d8a1a000 5120
9767feb2 5121 nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid);
feb9dad5 5122 mutex_unlock(&stp->st_mutex);
1da177e4 5123
d24433cd 5124 if (nfsd4_has_session(&resp->cstate)) {
d24433cd
BH		 5125 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
5126 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
5127 open->op_why_no_deleg = WND4_NOT_WANTED;
5128 goto nodeleg;
5129 }
5130 }
5131
1da177e4
LT		 5132 /*
5133 * Attempt to hand out a delegation. No error return, because the
5134 * OPEN succeeds even if we fail.
5135 */
4cf59221 5136 nfs4_open_delegation(current_fh, open, stp);
d24433cd 5137nodeleg:
1da177e4
LT		 5138 status = nfs_ok;
5139
8c10cbdb 5140 dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
dcef0413 5141 STATEID_VAL(&stp->st_stid.sc_stateid));
1da177e4 5142out:
d24433cd
BH		 5143 /* 4.1 client trying to upgrade/downgrade delegation? */
5144 if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
e27f49c3
BH		 5145 open->op_deleg_want)
5146 nfsd4_deleg_xgrade_none_ext(open, dp);
d24433cd 5147
13cd2184
N		 5148 if (fp)
5149 put_nfs4_file(fp);
37515177 5150 if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
87186022 5151 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
1da177e4
LT		 5152 /*
5153 * To finish the open response, we just need to set the rflags.
5154 */
5155 open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
19e4c347
JL		 5156 if (nfsd4_has_session(&resp->cstate))
5157 open->op_rflags |= NFS4_OPEN_RESULT_MAY_NOTIFY_LOCK;
5158 else if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED))
1da177e4 5159 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
19e4c347 5160
dcd94cc2
TM		 5161 if (dp)
5162 nfs4_put_stid(&dp->dl_stid);
d6f2bc5d
TM		 5163 if (stp)
5164 nfs4_put_stid(&stp->st_stid);
1da177e4
LT		 5165
5166 return status;
5167}
5168
58fb12e6 5169void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate,
42297899 5170 struct nfsd4_open *open)
d29b20cd
BF		 5171{
5172 if (open->op_openowner) {
d3134b10
JL		 5173 struct nfs4_stateowner *so = &open->op_openowner->oo_owner;
5174
5175 nfsd4_cstate_assign_replay(cstate, so);
5176 nfs4_put_stateowner(so);
d29b20cd 5177 }
32513b40 5178 if (open->op_file)
5b095e99 5179 kmem_cache_free(file_slab, open->op_file);
4cdc951b 5180 if (open->op_stp)
6011695d 5181 nfs4_put_stid(&open->op_stp->st_stid);
8287f009
SB		 5182 if (open->op_odstate)
5183 kmem_cache_free(odstate_slab, open->op_odstate);
d29b20cd
BF		 5184}
5185
b37ad28b 5186__be32
b591480b 5187nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 5188 union nfsd4_op_u *u)
1da177e4 5189{
eb69853d 5190 clientid_t *clid = &u->renew;
1da177e4 5191 struct nfs4_client *clp;
b37ad28b 5192 __be32 status;
7f2210fa 5193 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 5194
1da177e4
LT		 5195 dprintk("process_renew(%08x/%08x): starting\n",
5196 clid->cl_boot, clid->cl_id);
b7342204 5197 status = lookup_clientid(clid, cstate, nn, false);
9b2ef62b 5198 if (status)
1da177e4 5199 goto out;
4b24ca7d 5200 clp = cstate->clp;
1da177e4 5201 status = nfserr_cb_path_down;
ea1da636 5202 if (!list_empty(&clp->cl_delegations)
77a3569d 5203 && clp->cl_cb_state != NFSD4_CB_UP)
1da177e4
LT		 5204 goto out;
5205 status = nfs_ok;
5206out:
1da177e4
LT		 5207 return status;
5208}
5209
7f5ef2e9 5210void
12760c66 5211nfsd4_end_grace(struct nfsd_net *nn)
a76b4319 5212{
33dcc481 5213 /* do nothing if grace period already ended */
a51c84ed 5214 if (nn->grace_ended)
33dcc481
JL		 5215 return;
5216
a51c84ed 5217 nn->grace_ended = true;
70b28235
BF		 5218 /*
5219 * If the server goes down again right now, an NFSv4
5220 * client will still be allowed to reclaim after it comes back up,
5221 * even if it hasn't yet had a chance to reclaim state this time.
5222 *
5223 */
919b8049 5224 nfsd4_record_grace_done(nn);
70b28235
BF		 5225 /*
5226 * At this point, NFSv4 clients can still reclaim. But if the
5227 * server crashes, any that have not yet reclaimed will be out
5228 * of luck on the next boot.
5229 *
5230 * (NFSv4.1+ clients are considered to have reclaimed once they
5231 * call RECLAIM_COMPLETE. NFSv4.0 clients are considered to
5232 * have reclaimed after their first OPEN.)
5233 */
5e1533c7 5234 locks_end_grace(&nn->nfsd4_manager);
70b28235
BF		 5235 /*
5236 * At this point, and once lockd and/or any other containers
5237 * exit their grace period, further reclaims will fail and
5238 * regular locking can resume.
5239 */
a76b4319
N		 5240}
5241
03f318ca
BF		 5242/*
5243 * If we've waited a lease period but there are still clients trying to
5244 * reclaim, wait a little longer to give them a chance to finish.
5245 */
5246static bool clients_still_reclaiming(struct nfsd_net *nn)
5247{
20b7d86f
AB		 5248 time64_t double_grace_period_end = nn->boot_time +
5249 2 * nn->nfsd4_lease;
03f318ca 5250
362063a5
SM		 5251 if (nn->track_reclaim_completes &&
5252 atomic_read(&nn->nr_reclaim_complete) ==
5253 nn->reclaim_str_hashtbl_size)
5254 return false;
03f318ca
BF		 5255 if (!nn->somebody_reclaimed)
5256 return false;
5257 nn->somebody_reclaimed = false;
5258 /*
5259 * If we've given them *two* lease times to reclaim, and they're
5260 * still not done, give up:
5261 */
20b7d86f 5262 if (ktime_get_boottime_seconds() > double_grace_period_end)
03f318ca
BF		 5263 return false;
5264 return true;
5265}
5266
20b7d86f 5267static time64_t
09121281 5268nfs4_laundromat(struct nfsd_net *nn)
1da177e4
LT		 5269{
5270 struct nfs4_client *clp;
fe0750e5 5271 struct nfs4_openowner *oo;
1da177e4 5272 struct nfs4_delegation *dp;
217526e7 5273 struct nfs4_ol_stateid *stp;
7919d0a2 5274 struct nfsd4_blocked_lock *nbl;
1da177e4 5275 struct list_head *pos, *next, reaplist;
20b7d86f
AB		 5276 time64_t cutoff = ktime_get_boottime_seconds() - nn->nfsd4_lease;
5277 time64_t t, new_timeo = nn->nfsd4_lease;
624322f1
OK		 5278 struct nfs4_cpntf_state *cps;
5279 copy_stateid_t *cps_t;
5280 int i;
1da177e4 5281
1da177e4 5282 dprintk("NFSD: laundromat service - starting\n");
03f318ca
BF		 5283
5284 if (clients_still_reclaiming(nn)) {
5285 new_timeo = 0;
5286 goto out;
5287 }
362063a5 5288 dprintk("NFSD: end of grace period\n");
12760c66 5289 nfsd4_end_grace(nn);
36acb66b 5290 INIT_LIST_HEAD(&reaplist);
624322f1
OK		 5291
5292 spin_lock(&nn->s2s_cp_lock);
5293 idr_for_each_entry(&nn->s2s_cp_stateids, cps_t, i) {
5294 cps = container_of(cps_t, struct nfs4_cpntf_state, cp_stateid);
5295 if (cps->cp_stateid.sc_type == NFS4_COPYNOTIFY_STID &&
20b7d86f 5296 cps->cpntf_time > cutoff)
624322f1
OK		 5297 _free_cpntf_state_locked(nn, cps);
5298 }
5299 spin_unlock(&nn->s2s_cp_lock);
5300
c9a49628 5301 spin_lock(&nn->client_lock);
5ed58bb2 5302 list_for_each_safe(pos, next, &nn->client_lru) {
1da177e4 5303 clp = list_entry(pos, struct nfs4_client, cl_lru);
20b7d86f 5304 if (clp->cl_time > cutoff) {
1da177e4 5305 t = clp->cl_time - cutoff;
a832e7ae 5306 new_timeo = min(new_timeo, t);
1da177e4
LT		 5307 break;
5308 }
221a6876 5309 if (mark_client_expired_locked(clp)) {
d7682988
BH		 5310 dprintk("NFSD: client in use (clientid %08x)\n",
5311 clp->cl_clientid.cl_id);
5312 continue;
5313 }
4864af97 5314 list_add(&clp->cl_lru, &reaplist);
36acb66b 5315 }
c9a49628 5316 spin_unlock(&nn->client_lock);
36acb66b
BH		 5317 list_for_each_safe(pos, next, &reaplist) {
5318 clp = list_entry(pos, struct nfs4_client, cl_lru);
1da177e4
LT		 5319 dprintk("NFSD: purging unused client (clientid %08x)\n",
5320 clp->cl_clientid.cl_id);
4864af97 5321 list_del_init(&clp->cl_lru);
1da177e4
LT		 5322 expire_client(clp);
5323 }
cdc97505 5324 spin_lock(&state_lock);
e8c69d17 5325 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 5326 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
20b7d86f 5327 if (dp->dl_time > cutoff) {
a832e7ae
JL		 5328 t = dp->dl_time - cutoff;
5329 new_timeo = min(new_timeo, t);
1da177e4
LT		 5330 break;
5331 }
3fcbbd24 5332 WARN_ON(!unhash_delegation_locked(dp));
42690676 5333 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 5334 }
cdc97505 5335 spin_unlock(&state_lock);
2d4a532d
JL		 5336 while (!list_empty(&reaplist)) {
5337 dp = list_first_entry(&reaplist, struct nfs4_delegation,
5338 dl_recall_lru);
5339 list_del_init(&dp->dl_recall_lru);
3bd64a5b 5340 revoke_delegation(dp);
1da177e4 5341 }
217526e7
JL		 5342
5343 spin_lock(&nn->client_lock);
5344 while (!list_empty(&nn->close_lru)) {
5345 oo = list_first_entry(&nn->close_lru, struct nfs4_openowner,
5346 oo_close_lru);
20b7d86f 5347 if (oo->oo_time > cutoff) {
a832e7ae
JL		 5348 t = oo->oo_time - cutoff;
5349 new_timeo = min(new_timeo, t);
1da177e4
LT		 5350 break;
5351 }
217526e7
JL		 5352 list_del_init(&oo->oo_close_lru);
5353 stp = oo->oo_last_closed_stid;
5354 oo->oo_last_closed_stid = NULL;
5355 spin_unlock(&nn->client_lock);
5356 nfs4_put_stid(&stp->st_stid);
5357 spin_lock(&nn->client_lock);
1da177e4 5358 }
217526e7
JL		 5359 spin_unlock(&nn->client_lock);
5360
7919d0a2
JL		 5361 /*
5362 * It's possible for a client to try and acquire an already held lock
5363 * that is being held for a long time, and then lose interest in it.
5364 * So, we clean out any un-revisited request after a lease period
5365 * under the assumption that the client is no longer interested.
5366 *
5367 * RFC5661, sec. 9.6 states that the client must not rely on getting
5368 * notifications and must continue to poll for locks, even when the
5369 * server supports them. Thus this shouldn't lead to clients blocking
5370 * indefinitely once the lock does become free.
5371 */
5372 BUG_ON(!list_empty(&reaplist));
0cc11a61 5373 spin_lock(&nn->blocked_locks_lock);
7919d0a2
JL		 5374 while (!list_empty(&nn->blocked_locks_lru)) {
5375 nbl = list_first_entry(&nn->blocked_locks_lru,
5376 struct nfsd4_blocked_lock, nbl_lru);
20b7d86f 5377 if (nbl->nbl_time > cutoff) {
7919d0a2
JL		 5378 t = nbl->nbl_time - cutoff;
5379 new_timeo = min(new_timeo, t);
5380 break;
5381 }
5382 list_move(&nbl->nbl_lru, &reaplist);
5383 list_del_init(&nbl->nbl_list);
5384 }
0cc11a61 5385 spin_unlock(&nn->blocked_locks_lock);
7919d0a2
JL		 5386
5387 while (!list_empty(&reaplist)) {
64ebe124 5388 nbl = list_first_entry(&reaplist,
7919d0a2
JL		 5389 struct nfsd4_blocked_lock, nbl_lru);
5390 list_del_init(&nbl->nbl_lru);
7919d0a2
JL		 5391 free_blocked_lock(nbl);
5392 }
03f318ca 5393out:
20b7d86f 5394 new_timeo = max_t(time64_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT);
a832e7ae 5395 return new_timeo;
1da177e4
LT		 5396}
5397
a254b246
HH		 5398static struct workqueue_struct *laundry_wq;
5399static void laundromat_main(struct work_struct *);
a254b246
HH		 5400
5401static void
09121281 5402laundromat_main(struct work_struct *laundry)
1da177e4 5403{
20b7d86f 5404 time64_t t;
2e55f3ab 5405 struct delayed_work *dwork = to_delayed_work(laundry);
09121281
SK		 5406 struct nfsd_net *nn = container_of(dwork, struct nfsd_net,
5407 laundromat_work);
1da177e4 5408
09121281 5409 t = nfs4_laundromat(nn);
20b7d86f 5410 dprintk("NFSD: laundromat_main - sleeping for %lld seconds\n", t);
09121281 5411 queue_delayed_work(laundry_wq, &nn->laundromat_work, t*HZ);
1da177e4
LT		 5412}
5413
8fcd461d 5414static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_stid *stp)
1da177e4 5415{
8fcd461d 5416 if (!fh_match(&fhp->fh_handle, &stp->sc_file->fi_fhandle))
f7a4d872
BF		 5417 return nfserr_bad_stateid;
5418 return nfs_ok;
1da177e4
LT		 5419}
5420
1da177e4 5421static inline int
82c5ff1b 5422access_permit_read(struct nfs4_ol_stateid *stp)
1da177e4 5423{
82c5ff1b
JL		 5424 return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
5425 test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
5426 test_access(NFS4_SHARE_ACCESS_WRITE, stp);
1da177e4
LT		 5427}
5428
5429static inline int
82c5ff1b 5430access_permit_write(struct nfs4_ol_stateid *stp)
1da177e4 5431{
82c5ff1b
JL		 5432 return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
5433 test_access(NFS4_SHARE_ACCESS_BOTH, stp);
1da177e4
LT		 5434}
5435
5436static
dcef0413 5437__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
1da177e4 5438{
b37ad28b 5439 __be32 status = nfserr_openmode;
1da177e4 5440
02921914
BF		 5441 /* For lock stateid's, we test the parent open, not the lock: */
5442 if (stp->st_openstp)
5443 stp = stp->st_openstp;
82c5ff1b 5444 if ((flags & WR_STATE) && !access_permit_write(stp))
1da177e4 5445 goto out;
82c5ff1b 5446 if ((flags & RD_STATE) && !access_permit_read(stp))
1da177e4
LT		 5447 goto out;
5448 status = nfs_ok;
5449out:
5450 return status;
5451}
5452
b37ad28b 5453static inline __be32
5ccb0066 5454check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
1da177e4 5455{
203a8c8e 5456 if (ONE_STATEID(stateid) && (flags & RD_STATE))
1da177e4 5457 return nfs_ok;
c87fb4a3 5458 else if (opens_in_grace(net)) {
25985edc 5459 /* Answer in remaining cases depends on existence of
1da177e4
LT		 5460 * conflicting state; so we must wait out the grace period. */
5461 return nfserr_grace;
5462 } else if (flags & WR_STATE)
5463 return nfs4_share_conflict(current_fh,
5464 NFS4_SHARE_DENY_WRITE);
5465 else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
5466 return nfs4_share_conflict(current_fh,
5467 NFS4_SHARE_DENY_READ);
5468}
5469
5470/*
5471 * Allow READ/WRITE during grace period on recovered state only for files
5472 * that are not able to provide mandatory locking.
5473 */
5474static inline int
5ccb0066 5475grace_disallows_io(struct net *net, struct inode *inode)
1da177e4 5476{
c87fb4a3 5477 return opens_in_grace(net) && mandatory_lock(inode);
1da177e4
LT		 5478}
5479
57b7b43b 5480static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
0836f587 5481{
6668958f
AA		 5482 /*
5483 * When sessions are used the stateid generation number is ignored
5484 * when it is zero.
5485 */
28dde241 5486 if (has_session && in->si_generation == 0)
81b82965
BF		 5487 return nfs_ok;
5488
5489 if (in->si_generation == ref->si_generation)
5490 return nfs_ok;
6668958f 5491
0836f587 5492 /* If the client sends us a stateid from the future, it's buggy: */
14b7f4a1 5493 if (nfsd4_stateid_generation_after(in, ref))
0836f587
BF		 5494 return nfserr_bad_stateid;
5495 /*
81b82965
BF		 5496 * However, we could see a stateid from the past, even from a
5497 * non-buggy client. For example, if the client sends a lock
5498 * while some IO is outstanding, the lock may bump si_generation
5499 * while the IO is still in flight. The client could avoid that
5500 * situation by waiting for responses on all the IO requests,
5501 * but better performance may result in retrying IO that
5502 * receives an old_stateid error if requests are rarely
5503 * reordered in flight:
0836f587 5504 */
81b82965 5505 return nfserr_old_stateid;
0836f587
BF		 5506}
5507
03da3169
TM		 5508static __be32 nfsd4_stid_check_stateid_generation(stateid_t *in, struct nfs4_stid *s, bool has_session)
5509{
5510 __be32 ret;
5511
5512 spin_lock(&s->sc_lock);
5513 ret = nfsd4_verify_open_stid(s);
5514 if (ret == nfs_ok)
5515 ret = check_stateid_generation(in, &s->sc_stateid, has_session);
5516 spin_unlock(&s->sc_lock);
5517 return ret;
5518}
5519
ebe9cb3b
CH		 5520static __be32 nfsd4_check_openowner_confirmed(struct nfs4_ol_stateid *ols)
5521{
5522 if (ols->st_stateowner->so_is_open_owner &&
5523 !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
5524 return nfserr_bad_stateid;
5525 return nfs_ok;
5526}
5527
7df302f7 5528static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
17456804 5529{
97b7e3b6 5530 struct nfs4_stid *s;
1af71cc8 5531 __be32 status = nfserr_bad_stateid;
17456804 5532
ae254dac
AE		 5533 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) ||
5534 CLOSE_STATEID(stateid))
1af71cc8 5535 return status;
663e36f0 5536 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid))
1af71cc8 5537 return status;
1af71cc8
JL		 5538 spin_lock(&cl->cl_lock);
5539 s = find_stateid_locked(cl, stateid);
97b7e3b6 5540 if (!s)
1af71cc8 5541 goto out_unlock;
03da3169 5542 status = nfsd4_stid_check_stateid_generation(stateid, s, 1);
17456804 5543 if (status)
1af71cc8 5544 goto out_unlock;
23340032
BF		 5545 switch (s->sc_type) {
5546 case NFS4_DELEG_STID:
1af71cc8
JL		 5547 status = nfs_ok;
5548 break;
3bd64a5b 5549 case NFS4_REVOKED_DELEG_STID:
1af71cc8
JL		 5550 status = nfserr_deleg_revoked;
5551 break;
23340032
BF		 5552 case NFS4_OPEN_STID:
5553 case NFS4_LOCK_STID:
ebe9cb3b 5554 status = nfsd4_check_openowner_confirmed(openlockstateid(s));
1af71cc8 5555 break;
23340032
BF		 5556 default:
5557 printk("unknown stateid type %x\n", s->sc_type);
b0fc29d6 5558 /* Fallthrough */
23340032 5559 case NFS4_CLOSED_STID:
b0fc29d6 5560 case NFS4_CLOSED_DELEG_STID:
1af71cc8 5561 status = nfserr_bad_stateid;
23340032 5562 }
1af71cc8
JL		 5563out_unlock:
5564 spin_unlock(&cl->cl_lock);
5565 return status;
17456804
BS		 5566}
5567
cd61c522 5568__be32
2dd6e458
TM		 5569nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate,
5570 stateid_t *stateid, unsigned char typemask,
5571 struct nfs4_stid **s, struct nfsd_net *nn)
38c2f4b1 5572{
0eb6f20a 5573 __be32 status;
95da1b3a
AE		 5574 bool return_revoked = false;
5575
5576 /*
5577 * only return revoked delegations if explicitly asked.
5578 * otherwise we report revoked or bad_stateid status.
5579 */
5580 if (typemask & NFS4_REVOKED_DELEG_STID)
5581 return_revoked = true;
5582 else if (typemask & NFS4_DELEG_STID)
5583 typemask |= NFS4_REVOKED_DELEG_STID;
38c2f4b1 5584
ae254dac
AE		 5585 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) ||
5586 CLOSE_STATEID(stateid))
38c2f4b1 5587 return nfserr_bad_stateid;
b7342204
OK		 5588 status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn,
5589 false);
a8a7c677 5590 if (status == nfserr_stale_clientid) {
4b24ca7d 5591 if (cstate->session)
a8a7c677 5592 return nfserr_bad_stateid;
38c2f4b1 5593 return nfserr_stale_stateid;
a8a7c677 5594 }
0eb6f20a
BF		 5595 if (status)
5596 return status;
4b24ca7d 5597 *s = find_stateid_by_type(cstate->clp, stateid, typemask);
38c2f4b1
BF		 5598 if (!*s)
5599 return nfserr_bad_stateid;
95da1b3a
AE		 5600 if (((*s)->sc_type == NFS4_REVOKED_DELEG_STID) && !return_revoked) {
5601 nfs4_put_stid(*s);
5602 if (cstate->minorversion)
5603 return nfserr_deleg_revoked;
5604 return nfserr_bad_stateid;
5605 }
38c2f4b1 5606 return nfs_ok;
38c2f4b1
BF		 5607}
5608
eb82dd39 5609static struct nfsd_file *
a0649b2d
CH		 5610nfs4_find_file(struct nfs4_stid *s, int flags)
5611{
af90f707
CH		 5612 if (!s)
5613 return NULL;
5614
a0649b2d
CH		 5615 switch (s->sc_type) {
5616 case NFS4_DELEG_STID:
5617 if (WARN_ON_ONCE(!s->sc_file->fi_deleg_file))
5618 return NULL;
eb82dd39 5619 return nfsd_file_get(s->sc_file->fi_deleg_file);
a0649b2d
CH		 5620 case NFS4_OPEN_STID:
5621 case NFS4_LOCK_STID:
5622 if (flags & RD_STATE)
5623 return find_readable_file(s->sc_file);
5624 else
5625 return find_writeable_file(s->sc_file);
5626 break;
5627 }
5628
5629 return NULL;
5630}
5631
5632static __be32
d8836f77 5633nfs4_check_olstateid(struct nfs4_ol_stateid *ols, int flags)
a0649b2d
CH		 5634{
5635 __be32 status;
5636
a0649b2d
CH		 5637 status = nfsd4_check_openowner_confirmed(ols);
5638 if (status)
5639 return status;
5640 return nfs4_check_openmode(ols, flags);
5641}
5642
af90f707
CH		 5643static __be32
5644nfs4_check_file(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfs4_stid *s,
5c4583b2 5645 struct nfsd_file **nfp, int flags)
af90f707
CH		 5646{
5647 int acc = (flags & RD_STATE) ? NFSD_MAY_READ : NFSD_MAY_WRITE;
eb82dd39 5648 struct nfsd_file *nf;
af90f707
CH		 5649 __be32 status;
5650
eb82dd39
JL		 5651 nf = nfs4_find_file(s, flags);
5652 if (nf) {
af90f707
CH		 5653 status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry,
5654 acc | NFSD_MAY_OWNER_OVERRIDE);
5c4583b2
JL		 5655 if (status) {
5656 nfsd_file_put(nf);
eb82dd39 5657 goto out;
5c4583b2 5658 }
af90f707 5659 } else {
eb82dd39 5660 status = nfsd_file_acquire(rqstp, fhp, acc, &nf);
af90f707
CH		 5661 if (status)
5662 return status;
af90f707 5663 }
5c4583b2 5664 *nfp = nf;
eb82dd39 5665out:
eb82dd39 5666 return status;
af90f707 5667}
624322f1
OK		 5668static void
5669_free_cpntf_state_locked(struct nfsd_net *nn, struct nfs4_cpntf_state *cps)
5670{
5671 WARN_ON_ONCE(cps->cp_stateid.sc_type != NFS4_COPYNOTIFY_STID);
5672 if (!refcount_dec_and_test(&cps->cp_stateid.sc_count))
5673 return;
5674 list_del(&cps->cp_list);
5675 idr_remove(&nn->s2s_cp_stateids,
5676 cps->cp_stateid.stid.si_opaque.so_id);
5677 kfree(cps);
5678}
b7342204
OK		 5679/*
5680 * A READ from an inter server to server COPY will have a
5681 * copy stateid. Look up the copy notify stateid from the
5682 * idr structure and take a reference on it.
5683 */
ce0887ac
OK		 5684__be32 manage_cpntf_state(struct nfsd_net *nn, stateid_t *st,
5685 struct nfs4_client *clp,
5686 struct nfs4_cpntf_state **cps)
b7342204
OK		 5687{
5688 copy_stateid_t *cps_t;
5689 struct nfs4_cpntf_state *state = NULL;
5690
5691 if (st->si_opaque.so_clid.cl_id != nn->s2s_cp_cl_id)
5692 return nfserr_bad_stateid;
5693 spin_lock(&nn->s2s_cp_lock);
5694 cps_t = idr_find(&nn->s2s_cp_stateids, st->si_opaque.so_id);
5695 if (cps_t) {
5696 state = container_of(cps_t, struct nfs4_cpntf_state,
5697 cp_stateid);
5277a79e
DC		 5698 if (state->cp_stateid.sc_type != NFS4_COPYNOTIFY_STID) {
5699 state = NULL;
5700 goto unlock;
5701 }
ce0887ac
OK		 5702 if (!clp)
5703 refcount_inc(&state->cp_stateid.sc_count);
5704 else
5705 _free_cpntf_state_locked(nn, state);
b7342204 5706 }
5277a79e 5707unlock:
b7342204
OK		 5708 spin_unlock(&nn->s2s_cp_lock);
5709 if (!state)
5710 return nfserr_bad_stateid;
ce0887ac
OK		 5711 if (!clp && state)
5712 *cps = state;
b7342204
OK		 5713 return 0;
5714}
5715
5716static __be32 find_cpntf_state(struct nfsd_net *nn, stateid_t *st,
5717 struct nfs4_stid **stid)
5718{
5719 __be32 status;
5720 struct nfs4_cpntf_state *cps = NULL;
5721 struct nfsd4_compound_state cstate;
5722
ce0887ac 5723 status = manage_cpntf_state(nn, st, NULL, &cps);
b7342204
OK		 5724 if (status)
5725 return status;
5726
20b7d86f 5727 cps->cpntf_time = ktime_get_boottime_seconds();
b7342204
OK		 5728 memset(&cstate, 0, sizeof(cstate));
5729 status = lookup_clientid(&cps->cp_p_clid, &cstate, nn, true);
5730 if (status)
5731 goto out;
5732 status = nfsd4_lookup_stateid(&cstate, &cps->cp_p_stateid,
5733 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
5734 stid, nn);
5735 put_client_renew(cstate.clp);
5736out:
5737 nfs4_put_cpntf_state(nn, cps);
5738 return status;
5739}
624322f1
OK		 5740
5741void nfs4_put_cpntf_state(struct nfsd_net *nn, struct nfs4_cpntf_state *cps)
5742{
5743 spin_lock(&nn->s2s_cp_lock);
5744 _free_cpntf_state_locked(nn, cps);
5745 spin_unlock(&nn->s2s_cp_lock);
5746}
af90f707 5747
1da177e4 5748/*
a0649b2d
CH		 5749 * Checks for stateid operations
5750 */
b37ad28b 5751__be32
af90f707 5752nfs4_preprocess_stateid_op(struct svc_rqst *rqstp,
aa0d6aed 5753 struct nfsd4_compound_state *cstate, struct svc_fh *fhp,
624322f1
OK		 5754 stateid_t *stateid, int flags, struct nfsd_file **nfp,
5755 struct nfs4_stid **cstid)
1da177e4 5756{
a0649b2d 5757 struct inode *ino = d_inode(fhp->fh_dentry);
af90f707 5758 struct net *net = SVC_NET(rqstp);
3320fef1 5759 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
af90f707 5760 struct nfs4_stid *s = NULL;
b37ad28b 5761 __be32 status;
1da177e4 5762
5c4583b2
JL		 5763 if (nfp)
5764 *nfp = NULL;
1da177e4 5765
5ccb0066 5766 if (grace_disallows_io(net, ino))
1da177e4
LT		 5767 return nfserr_grace;
5768
af90f707
CH		 5769 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) {
5770 status = check_special_stateids(net, fhp, stateid, flags);
5771 goto done;
5772 }
1da177e4 5773
2dd6e458 5774 status = nfsd4_lookup_stateid(cstate, stateid,
db24b3b4 5775 NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID,
2dd6e458 5776 &s, nn);
b7342204
OK		 5777 if (status == nfserr_bad_stateid)
5778 status = find_cpntf_state(nn, stateid, &s);
38c2f4b1 5779 if (status)
c2d1d6a8 5780 return status;
03da3169 5781 status = nfsd4_stid_check_stateid_generation(stateid, s,
a0649b2d 5782 nfsd4_has_session(cstate));
69064a27
BF		 5783 if (status)
5784 goto out;
a0649b2d 5785
f7a4d872
BF		 5786 switch (s->sc_type) {
5787 case NFS4_DELEG_STID:
a0649b2d 5788 status = nfs4_check_delegmode(delegstateid(s), flags);
f7a4d872
BF		 5789 break;
5790 case NFS4_OPEN_STID:
5791 case NFS4_LOCK_STID:
d8836f77 5792 status = nfs4_check_olstateid(openlockstateid(s), flags);
f7a4d872
BF		 5793 break;
5794 default:
14bcab1a 5795 status = nfserr_bad_stateid;
a0649b2d
CH		 5796 break;
5797 }
8fcd461d
JL		 5798 if (status)
5799 goto out;
5800 status = nfs4_check_fh(fhp, s);
a0649b2d 5801
af90f707 5802done:
5c4583b2
JL		 5803 if (status == nfs_ok && nfp)
5804 status = nfs4_check_file(rqstp, fhp, s, nfp, flags);
1da177e4 5805out:
624322f1
OK		 5806 if (s) {
5807 if (!status && cstid)
5808 *cstid = s;
5809 else
5810 nfs4_put_stid(s);
5811 }
1da177e4
LT		 5812 return status;
5813}
5814
17456804
BS		 5815/*
5816 * Test if the stateid is valid
5817 */
5818__be32
5819nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 5820 union nfsd4_op_u *u)
17456804 5821{
eb69853d 5822 struct nfsd4_test_stateid *test_stateid = &u->test_stateid;
03cfb420
BS		 5823 struct nfsd4_test_stateid_id *stateid;
5824 struct nfs4_client *cl = cstate->session->se_client;
5825
03cfb420 5826 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
7df302f7
CL		 5827 stateid->ts_id_status =
5828 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
03cfb420 5829
17456804
BS		 5830 return nfs_ok;
5831}
5832
42691398
CL		 5833static __be32
5834nfsd4_free_lock_stateid(stateid_t *stateid, struct nfs4_stid *s)
5835{
5836 struct nfs4_ol_stateid *stp = openlockstateid(s);
5837 __be32 ret;
5838
659aefb6
TM		 5839 ret = nfsd4_lock_ol_stateid(stp);
5840 if (ret)
5841 goto out_put_stid;
42691398
CL		 5842
5843 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
5844 if (ret)
5845 goto out;
5846
5847 ret = nfserr_locks_held;
5848 if (check_for_locks(stp->st_stid.sc_file,
5849 lockowner(stp->st_stateowner)))
5850 goto out;
5851
5852 release_lock_stateid(stp);
5853 ret = nfs_ok;
5854
5855out:
5856 mutex_unlock(&stp->st_mutex);
659aefb6 5857out_put_stid:
42691398
CL		 5858 nfs4_put_stid(s);
5859 return ret;
5860}
5861
e1ca12df
BS		 5862__be32
5863nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 5864 union nfsd4_op_u *u)
e1ca12df 5865{
eb69853d 5866 struct nfsd4_free_stateid *free_stateid = &u->free_stateid;
e1ca12df 5867 stateid_t *stateid = &free_stateid->fr_stateid;
2da1cec7 5868 struct nfs4_stid *s;
3bd64a5b 5869 struct nfs4_delegation *dp;
38c2f4b1 5870 struct nfs4_client *cl = cstate->session->se_client;
2da1cec7 5871 __be32 ret = nfserr_bad_stateid;
e1ca12df 5872
1af71cc8
JL		 5873 spin_lock(&cl->cl_lock);
5874 s = find_stateid_locked(cl, stateid);
2da1cec7 5875 if (!s)
1af71cc8 5876 goto out_unlock;
03da3169 5877 spin_lock(&s->sc_lock);
2da1cec7
BF		 5878 switch (s->sc_type) {
5879 case NFS4_DELEG_STID:
e1ca12df 5880 ret = nfserr_locks_held;
1af71cc8 5881 break;
2da1cec7 5882 case NFS4_OPEN_STID:
2da1cec7
BF		 5883 ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
5884 if (ret)
1af71cc8
JL		 5885 break;
5886 ret = nfserr_locks_held;
f7a4d872 5887 break;
1af71cc8 5888 case NFS4_LOCK_STID:
03da3169 5889 spin_unlock(&s->sc_lock);
a15dfcd5 5890 refcount_inc(&s->sc_count);
1af71cc8 5891 spin_unlock(&cl->cl_lock);
42691398 5892 ret = nfsd4_free_lock_stateid(stateid, s);
1af71cc8 5893 goto out;
3bd64a5b 5894 case NFS4_REVOKED_DELEG_STID:
03da3169 5895 spin_unlock(&s->sc_lock);
3bd64a5b 5896 dp = delegstateid(s);
2d4a532d
JL		 5897 list_del_init(&dp->dl_recall_lru);
5898 spin_unlock(&cl->cl_lock);
6011695d 5899 nfs4_put_stid(s);
3bd64a5b 5900 ret = nfs_ok;
1af71cc8
JL		 5901 goto out;
5902 /* Default falls through and returns nfserr_bad_stateid */
e1ca12df 5903 }
03da3169 5904 spin_unlock(&s->sc_lock);
1af71cc8
JL		 5905out_unlock:
5906 spin_unlock(&cl->cl_lock);
e1ca12df 5907out:
e1ca12df
BS		 5908 return ret;
5909}
5910
4c4cd222
N		 5911static inline int
5912setlkflg (int type)
5913{
5914 return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
5915 RD_STATE : WR_STATE;
5916}
1da177e4 5917
dcef0413 5918static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
c0a5d93e
BF		 5919{
5920 struct svc_fh *current_fh = &cstate->current_fh;
5921 struct nfs4_stateowner *sop = stp->st_stateowner;
5922 __be32 status;
5923
c0a5d93e
BF		 5924 status = nfsd4_check_seqid(cstate, sop, seqid);
5925 if (status)
5926 return status;
9271d7e5
TM		 5927 status = nfsd4_lock_ol_stateid(stp);
5928 if (status != nfs_ok)
5929 return status;
f7a4d872 5930 status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
35a92fe8
JL		 5931 if (status == nfs_ok)
5932 status = nfs4_check_fh(current_fh, &stp->st_stid);
5933 if (status != nfs_ok)
feb9dad5 5934 mutex_unlock(&stp->st_mutex);
35a92fe8 5935 return status;
c0a5d93e
BF		 5936}
5937
1da177e4
LT		 5938/*
5939 * Checks for sequence id mutating operations.
5940 */
b37ad28b 5941static __be32
dd453dfd 5942nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
2288d0e3 5943 stateid_t *stateid, char typemask,
3320fef1
SK		 5944 struct nfs4_ol_stateid **stpp,
5945 struct nfsd_net *nn)
1da177e4 5946{
0836f587 5947 __be32 status;
38c2f4b1 5948 struct nfs4_stid *s;
e17f99b7 5949 struct nfs4_ol_stateid *stp = NULL;
1da177e4 5950
8c10cbdb
BH		 5951 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
5952 seqid, STATEID_VAL(stateid));
3a4f98bb 5953
1da177e4 5954 *stpp = NULL;
2dd6e458 5955 status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn);
c0a5d93e
BF		 5956 if (status)
5957 return status;
e17f99b7 5958 stp = openlockstateid(s);
58fb12e6 5959 nfsd4_cstate_assign_replay(cstate, stp->st_stateowner);
1da177e4 5960
e17f99b7 5961 status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp);
fd911011 5962 if (!status)
e17f99b7 5963 *stpp = stp;
fd911011
TM		 5964 else
5965 nfs4_put_stid(&stp->st_stid);
e17f99b7 5966 return status;
c0a5d93e 5967}
39325bd0 5968
3320fef1
SK		 5969static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
5970 stateid_t *stateid, struct nfs4_ol_stateid **stpp, struct nfsd_net *nn)
c0a5d93e
BF		 5971{
5972 __be32 status;
5973 struct nfs4_openowner *oo;
4cbfc9f7 5974 struct nfs4_ol_stateid *stp;
1da177e4 5975
c0a5d93e 5976 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
4cbfc9f7 5977 NFS4_OPEN_STID, &stp, nn);
7a8711c9
BF		 5978 if (status)
5979 return status;
4cbfc9f7
TM		 5980 oo = openowner(stp->st_stateowner);
5981 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
feb9dad5 5982 mutex_unlock(&stp->st_mutex);
4cbfc9f7 5983 nfs4_put_stid(&stp->st_stid);
3a4f98bb 5984 return nfserr_bad_stateid;
4cbfc9f7
TM		 5985 }
5986 *stpp = stp;
3a4f98bb 5987 return nfs_ok;
1da177e4
LT		 5988}
5989
b37ad28b 5990__be32
ca364317 5991nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 5992 union nfsd4_op_u *u)
1da177e4 5993{
eb69853d 5994 struct nfsd4_open_confirm *oc = &u->open_confirm;
b37ad28b 5995 __be32 status;
fe0750e5 5996 struct nfs4_openowner *oo;
dcef0413 5997 struct nfs4_ol_stateid *stp;
3320fef1 5998 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 5999
a6a9f18f
AV		 6000 dprintk("NFSD: nfsd4_open_confirm on file %pd\n",
6001 cstate->current_fh.fh_dentry);
1da177e4 6002
ca364317 6003 status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
a8cddc5d
BF		 6004 if (status)
6005 return status;
1da177e4 6006
9072d5c6 6007 status = nfs4_preprocess_seqid_op(cstate,
ca364317 6008 oc->oc_seqid, &oc->oc_req_stateid,
3320fef1 6009 NFS4_OPEN_STID, &stp, nn);
9072d5c6 6010 if (status)
68b66e82 6011 goto out;
fe0750e5 6012 oo = openowner(stp->st_stateowner);
68b66e82 6013 status = nfserr_bad_stateid;
35a92fe8 6014 if (oo->oo_flags & NFS4_OO_CONFIRMED) {
feb9dad5 6015 mutex_unlock(&stp->st_mutex);
2585fc79 6016 goto put_stateid;
35a92fe8 6017 }
dad1c067 6018 oo->oo_flags |= NFS4_OO_CONFIRMED;
9767feb2 6019 nfs4_inc_and_copy_stateid(&oc->oc_resp_stateid, &stp->st_stid);
feb9dad5 6020 mutex_unlock(&stp->st_mutex);
8c10cbdb 6021 dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
dcef0413 6022 __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
c7b9a459 6023
2a4317c5 6024 nfsd4_client_record_create(oo->oo_owner.so_client);
68b66e82 6025 status = nfs_ok;
2585fc79
TM		 6026put_stateid:
6027 nfs4_put_stid(&stp->st_stid);
1da177e4 6028out:
9411b1d4 6029 nfsd4_bump_seqid(cstate, status);
1da177e4
LT		 6030 return status;
6031}
6032
6409a5a6 6033static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
1da177e4 6034{
82c5ff1b 6035 if (!test_access(access, stp))
6409a5a6 6036 return;
11b9164a 6037 nfs4_file_put_access(stp->st_stid.sc_file, access);
82c5ff1b 6038 clear_access(access, stp);
6409a5a6 6039}
f197c271 6040
6409a5a6
BF		 6041static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
6042{
6043 switch (to_access) {
6044 case NFS4_SHARE_ACCESS_READ:
6045 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
6046 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
6047 break;
6048 case NFS4_SHARE_ACCESS_WRITE:
6049 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
6050 nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
6051 break;
6052 case NFS4_SHARE_ACCESS_BOTH:
6053 break;
6054 default:
063b0fb9 6055 WARN_ON_ONCE(1);
1da177e4
LT		 6056 }
6057}
6058
b37ad28b 6059__be32
ca364317 6060nfsd4_open_downgrade(struct svc_rqst *rqstp,
eb69853d 6061 struct nfsd4_compound_state *cstate, union nfsd4_op_u *u)
1da177e4 6062{
eb69853d 6063 struct nfsd4_open_downgrade *od = &u->open_downgrade;
b37ad28b 6064 __be32 status;
dcef0413 6065 struct nfs4_ol_stateid *stp;
3320fef1 6066 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 6067
a6a9f18f
AV		 6068 dprintk("NFSD: nfsd4_open_downgrade on file %pd\n",
6069 cstate->current_fh.fh_dentry);
1da177e4 6070
c30e92df 6071 /* We don't yet support WANT bits: */
2c8bd7e0
BH		 6072 if (od->od_deleg_want)
6073 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
6074 od->od_deleg_want);
1da177e4 6075
c0a5d93e 6076 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3320fef1 6077 &od->od_stateid, &stp, nn);
9072d5c6 6078 if (status)
1da177e4 6079 goto out;
1da177e4 6080 status = nfserr_inval;
82c5ff1b 6081 if (!test_access(od->od_share_access, stp)) {
c11c591f 6082 dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n",
1da177e4 6083 stp->st_access_bmap, od->od_share_access);
0667b1e9 6084 goto put_stateid;
1da177e4 6085 }
ce0fc43c 6086 if (!test_deny(od->od_share_deny, stp)) {
c11c591f 6087 dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n",
1da177e4 6088 stp->st_deny_bmap, od->od_share_deny);
0667b1e9 6089 goto put_stateid;
1da177e4 6090 }
6409a5a6 6091 nfs4_stateid_downgrade(stp, od->od_share_access);
ce0fc43c 6092 reset_union_bmap_deny(od->od_share_deny, stp);
9767feb2 6093 nfs4_inc_and_copy_stateid(&od->od_stateid, &stp->st_stid);
1da177e4 6094 status = nfs_ok;
0667b1e9 6095put_stateid:
feb9dad5 6096 mutex_unlock(&stp->st_mutex);
0667b1e9 6097 nfs4_put_stid(&stp->st_stid);
1da177e4 6098out:
9411b1d4 6099 nfsd4_bump_seqid(cstate, status);
1da177e4
LT		 6100 return status;
6101}
6102
f7a4d872
BF		 6103static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
6104{
acf9295b 6105 struct nfs4_client *clp = s->st_stid.sc_client;
e8568739 6106 bool unhashed;
d83017f9 6107 LIST_HEAD(reaplist);
acf9295b 6108
2c41beb0 6109 spin_lock(&clp->cl_lock);
e8568739 6110 unhashed = unhash_open_stateid(s, &reaplist);
acf9295b 6111
d83017f9 6112 if (clp->cl_minorversion) {
e8568739
JL		 6113 if (unhashed)
6114 put_ol_stateid_locked(s, &reaplist);
d83017f9
JL		 6115 spin_unlock(&clp->cl_lock);
6116 free_ol_stateid_reaplist(&reaplist);
6117 } else {
6118 spin_unlock(&clp->cl_lock);
6119 free_ol_stateid_reaplist(&reaplist);
e8568739
JL		 6120 if (unhashed)
6121 move_to_close_lru(s, clp->net);
d83017f9 6122 }
38c387b5
BF		 6123}
6124
1da177e4
LT		 6125/*
6126 * nfs4_unlock_state() called after encode
6127 */
b37ad28b 6128__be32
ca364317 6129nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 6130 union nfsd4_op_u *u)
1da177e4 6131{
eb69853d 6132 struct nfsd4_close *close = &u->close;
b37ad28b 6133 __be32 status;
dcef0413 6134 struct nfs4_ol_stateid *stp;
3320fef1
SK		 6135 struct net *net = SVC_NET(rqstp);
6136 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 6137
a6a9f18f
AV		 6138 dprintk("NFSD: nfsd4_close on file %pd\n",
6139 cstate->current_fh.fh_dentry);
1da177e4 6140
f7a4d872
BF		 6141 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
6142 &close->cl_stateid,
6143 NFS4_OPEN_STID|NFS4_CLOSED_STID,
3320fef1 6144 &stp, nn);
9411b1d4 6145 nfsd4_bump_seqid(cstate, status);
9072d5c6 6146 if (status)
1da177e4 6147 goto out;
15ca08d3
TM		 6148
6149 stp->st_stid.sc_type = NFS4_CLOSED_STID;
bd2decac
JL		 6150
6151 /*
6152 * Technically we don't _really_ have to increment or copy it, since
6153 * it should just be gone after this operation and we clobber the
6154 * copied value below, but we continue to do so here just to ensure
6155 * that racing ops see that there was a state change.
6156 */
9767feb2 6157 nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid);
1da177e4 6158
f7a4d872 6159 nfsd4_close_open_stateid(stp);
15ca08d3 6160 mutex_unlock(&stp->st_mutex);
8a0b589d 6161
bd2decac
JL		 6162 /* v4.1+ suggests that we send a special stateid in here, since the
6163 * clients should just ignore this anyway. Since this is not useful
6164 * for v4.0 clients either, we set it to the special close_stateid
6165 * universally.
6166 *
6167 * See RFC5661 section 18.2.4, and RFC7530 section 16.2.5
6168 */
6169 memcpy(&close->cl_stateid, &close_stateid, sizeof(close->cl_stateid));
fb500a7c 6170
8a0b589d
TM		 6171 /* put reference from nfs4_preprocess_seqid_op */
6172 nfs4_put_stid(&stp->st_stid);
1da177e4 6173out:
1da177e4
LT		 6174 return status;
6175}
6176
b37ad28b 6177__be32
ca364317 6178nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 6179 union nfsd4_op_u *u)
1da177e4 6180{
eb69853d 6181 struct nfsd4_delegreturn *dr = &u->delegreturn;
203a8c8e
BF		 6182 struct nfs4_delegation *dp;
6183 stateid_t *stateid = &dr->dr_stateid;
38c2f4b1 6184 struct nfs4_stid *s;
b37ad28b 6185 __be32 status;
3320fef1 6186 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 6187
ca364317 6188 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
203a8c8e 6189 return status;
1da177e4 6190
2dd6e458 6191 status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn);
38c2f4b1 6192 if (status)
203a8c8e 6193 goto out;
38c2f4b1 6194 dp = delegstateid(s);
03da3169 6195 status = nfsd4_stid_check_stateid_generation(stateid, &dp->dl_stid, nfsd4_has_session(cstate));
203a8c8e 6196 if (status)
fd911011 6197 goto put_stateid;
203a8c8e 6198
3bd64a5b 6199 destroy_delegation(dp);
fd911011
TM		 6200put_stateid:
6201 nfs4_put_stid(&dp->dl_stid);
1da177e4
LT		 6202out:
6203 return status;
6204}
6205
87df4de8
BH		 6206static inline u64
6207end_offset(u64 start, u64 len)
6208{
6209 u64 end;
6210
6211 end = start + len;
6212 return end >= start ? end: NFS4_MAX_UINT64;
6213}
6214
6215/* last octet in a range */
6216static inline u64
6217last_byte_offset(u64 start, u64 len)
6218{
6219 u64 end;
6220
063b0fb9 6221 WARN_ON_ONCE(!len);
87df4de8
BH		 6222 end = start + len;
6223 return end > start ? end - 1: NFS4_MAX_UINT64;
6224}
6225
1da177e4
LT		 6226/*
6227 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
6228 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
6229 * byte, because of sign extension problems. Since NFSv4 calls for 64-bit
6230 * locking, this prevents us from being completely protocol-compliant. The
6231 * real solution to this problem is to start using unsigned file offsets in
6232 * the VFS, but this is a very deep change!
6233 */
6234static inline void
6235nfs4_transform_lock_offset(struct file_lock *lock)
6236{
6237 if (lock->fl_start < 0)
6238 lock->fl_start = OFFSET_MAX;
6239 if (lock->fl_end < 0)
6240 lock->fl_end = OFFSET_MAX;
6241}
6242
cae80b30
JL		 6243static fl_owner_t
6244nfsd4_fl_get_owner(fl_owner_t owner)
aef9583b 6245{
cae80b30
JL		 6246 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner;
6247
6248 nfs4_get_stateowner(&lo->lo_owner);
6249 return owner;
aef9583b
KM		 6250}
6251
cae80b30
JL		 6252static void
6253nfsd4_fl_put_owner(fl_owner_t owner)
aef9583b 6254{
cae80b30 6255 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)owner;
aef9583b 6256
cae80b30 6257 if (lo)
aef9583b 6258 nfs4_put_stateowner(&lo->lo_owner);
aef9583b
KM		 6259}
6260
76d348fa
JL		 6261static void
6262nfsd4_lm_notify(struct file_lock *fl)
6263{
6264 struct nfs4_lockowner *lo = (struct nfs4_lockowner *)fl->fl_owner;
6265 struct net *net = lo->lo_owner.so_client->net;
6266 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
6267 struct nfsd4_blocked_lock *nbl = container_of(fl,
6268 struct nfsd4_blocked_lock, nbl_lock);
6269 bool queue = false;
6270
7919d0a2 6271 /* An empty list means that something else is going to be using it */
0cc11a61 6272 spin_lock(&nn->blocked_locks_lock);
76d348fa
JL		 6273 if (!list_empty(&nbl->nbl_list)) {
6274 list_del_init(&nbl->nbl_list);
7919d0a2 6275 list_del_init(&nbl->nbl_lru);
76d348fa
JL		 6276 queue = true;
6277 }
0cc11a61 6278 spin_unlock(&nn->blocked_locks_lock);
76d348fa
JL		 6279
6280 if (queue)
6281 nfsd4_run_cb(&nbl->nbl_cb);
6282}
6283
7b021967 6284static const struct lock_manager_operations nfsd_posix_mng_ops = {
76d348fa 6285 .lm_notify = nfsd4_lm_notify,
aef9583b
KM		 6286 .lm_get_owner = nfsd4_fl_get_owner,
6287 .lm_put_owner = nfsd4_fl_put_owner,
d5b9026a 6288};
1da177e4
LT		 6289
6290static inline void
6291nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
6292{
fe0750e5 6293 struct nfs4_lockowner *lo;
1da177e4 6294
d5b9026a 6295 if (fl->fl_lmops == &nfsd_posix_mng_ops) {
fe0750e5 6296 lo = (struct nfs4_lockowner *) fl->fl_owner;
6f4859b8
BF		 6297 xdr_netobj_dup(&deny->ld_owner, &lo->lo_owner.so_owner,
6298 GFP_KERNEL);
7c13f344
BF		 6299 if (!deny->ld_owner.data)
6300 /* We just don't care that much */
6301 goto nevermind;
fe0750e5 6302 deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
d5b9026a 6303 } else {
7c13f344
BF		 6304nevermind:
6305 deny->ld_owner.len = 0;
6306 deny->ld_owner.data = NULL;
d5b9026a
N		 6307 deny->ld_clientid.cl_boot = 0;
6308 deny->ld_clientid.cl_id = 0;
1da177e4
LT		 6309 }
6310 deny->ld_start = fl->fl_start;
87df4de8
BH		 6311 deny->ld_length = NFS4_MAX_UINT64;
6312 if (fl->fl_end != NFS4_MAX_UINT64)
1da177e4
LT		 6313 deny->ld_length = fl->fl_end - fl->fl_start + 1;
6314 deny->ld_type = NFS4_READ_LT;
6315 if (fl->fl_type != F_RDLCK)
6316 deny->ld_type = NFS4_WRITE_LT;
6317}
6318
fe0750e5 6319static struct nfs4_lockowner *
c8623999 6320find_lockowner_str_locked(struct nfs4_client *clp, struct xdr_netobj *owner)
1da177e4 6321{
d4f0489f 6322 unsigned int strhashval = ownerstr_hashval(owner);
b3c32bcd 6323 struct nfs4_stateowner *so;
1da177e4 6324
0a880a28
TM		 6325 lockdep_assert_held(&clp->cl_lock);
6326
d4f0489f
TM		 6327 list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval],
6328 so_strhash) {
b3c32bcd
TM		 6329 if (so->so_is_open_owner)
6330 continue;
b5971afa
KM		 6331 if (same_owner_str(so, owner))
6332 return lockowner(nfs4_get_stateowner(so));
1da177e4
LT		 6333 }
6334 return NULL;
6335}
6336
c58c6610 6337static struct nfs4_lockowner *
c8623999 6338find_lockowner_str(struct nfs4_client *clp, struct xdr_netobj *owner)
c58c6610
TM		 6339{
6340 struct nfs4_lockowner *lo;
6341
d4f0489f 6342 spin_lock(&clp->cl_lock);
c8623999 6343 lo = find_lockowner_str_locked(clp, owner);
d4f0489f 6344 spin_unlock(&clp->cl_lock);
c58c6610
TM		 6345 return lo;
6346}
6347
8f4b54c5
JL		 6348static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop)
6349{
c58c6610 6350 unhash_lockowner_locked(lockowner(sop));
8f4b54c5
JL		 6351}
6352
6b180f0b
JL		 6353static void nfs4_free_lockowner(struct nfs4_stateowner *sop)
6354{
6355 struct nfs4_lockowner *lo = lockowner(sop);
6356
6357 kmem_cache_free(lockowner_slab, lo);
6358}
6359
6360static const struct nfs4_stateowner_operations lockowner_ops = {
8f4b54c5
JL		 6361 .so_unhash = nfs4_unhash_lockowner,
6362 .so_free = nfs4_free_lockowner,
6b180f0b
JL		 6363};
6364
1da177e4
LT		 6365/*
6366 * Alloc a lock owner structure.
6367 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has
25985edc 6368 * occurred.
1da177e4 6369 *
16bfdaaf 6370 * strhashval = ownerstr_hashval
1da177e4 6371 */
fe0750e5 6372static struct nfs4_lockowner *
c58c6610
TM		 6373alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp,
6374 struct nfs4_ol_stateid *open_stp,
6375 struct nfsd4_lock *lock)
6376{
c58c6610 6377 struct nfs4_lockowner *lo, *ret;
1da177e4 6378
fe0750e5
BF		 6379 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
6380 if (!lo)
1da177e4 6381 return NULL;
76d348fa 6382 INIT_LIST_HEAD(&lo->lo_blocked);
fe0750e5
BF		 6383 INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
6384 lo->lo_owner.so_is_open_owner = 0;
5db1c03f 6385 lo->lo_owner.so_seqid = lock->lk_new_lock_seqid;
6b180f0b 6386 lo->lo_owner.so_ops = &lockowner_ops;
d4f0489f 6387 spin_lock(&clp->cl_lock);
c8623999 6388 ret = find_lockowner_str_locked(clp, &lock->lk_new_owner);
c58c6610
TM		 6389 if (ret == NULL) {
6390 list_add(&lo->lo_owner.so_strhash,
d4f0489f 6391 &clp->cl_ownerstr_hashtbl[strhashval]);
c58c6610
TM		 6392 ret = lo;
6393 } else
d50ffded
KM		 6394 nfs4_free_stateowner(&lo->lo_owner);
6395
d4f0489f 6396 spin_unlock(&clp->cl_lock);
340f0ba1 6397 return ret;
1da177e4
LT		 6398}
6399
fd1fd685 6400static struct nfs4_ol_stateid *
a451b123
TM		 6401find_lock_stateid(const struct nfs4_lockowner *lo,
6402 const struct nfs4_ol_stateid *ost)
fd1fd685
TM		 6403{
6404 struct nfs4_ol_stateid *lst;
fd1fd685 6405
a451b123 6406 lockdep_assert_held(&ost->st_stid.sc_client->cl_lock);
fd1fd685 6407
a451b123
TM		 6408 /* If ost is not hashed, ost->st_locks will not be valid */
6409 if (!nfs4_ol_stateid_unhashed(ost))
6410 list_for_each_entry(lst, &ost->st_locks, st_locks) {
6411 if (lst->st_stateowner == &lo->lo_owner) {
6412 refcount_inc(&lst->st_stid.sc_count);
6413 return lst;
6414 }
fd1fd685 6415 }
fd1fd685
TM		 6416 return NULL;
6417}
6418
beeca19c 6419static struct nfs4_ol_stateid *
356a95ec
JL		 6420init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo,
6421 struct nfs4_file *fp, struct inode *inode,
6422 struct nfs4_ol_stateid *open_stp)
1da177e4 6423{
d3b313a4 6424 struct nfs4_client *clp = lo->lo_owner.so_client;
beeca19c 6425 struct nfs4_ol_stateid *retstp;
1da177e4 6426
beeca19c 6427 mutex_init(&stp->st_mutex);
4f34bd05 6428 mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX);
beeca19c
TM		 6429retry:
6430 spin_lock(&clp->cl_lock);
a451b123
TM		 6431 if (nfs4_ol_stateid_unhashed(open_stp))
6432 goto out_close;
6433 retstp = find_lock_stateid(lo, open_stp);
beeca19c 6434 if (retstp)
a451b123 6435 goto out_found;
a15dfcd5 6436 refcount_inc(&stp->st_stid.sc_count);
3abdb607 6437 stp->st_stid.sc_type = NFS4_LOCK_STID;
b5971afa 6438 stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner);
13cd2184 6439 get_nfs4_file(fp);
11b9164a 6440 stp->st_stid.sc_file = fp;
0997b173 6441 stp->st_access_bmap = 0;
1da177e4 6442 stp->st_deny_bmap = open_stp->st_deny_bmap;
4c4cd222 6443 stp->st_openstp = open_stp;
a451b123 6444 spin_lock(&fp->fi_lock);
3c87b9b7 6445 list_add(&stp->st_locks, &open_stp->st_locks);
1c755dc1 6446 list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
1d31a253
TM		 6447 list_add(&stp->st_perfile, &fp->fi_stateids);
6448 spin_unlock(&fp->fi_lock);
beeca19c 6449 spin_unlock(&clp->cl_lock);
beeca19c 6450 return stp;
a451b123
TM		 6451out_found:
6452 spin_unlock(&clp->cl_lock);
6453 if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) {
6454 nfs4_put_stid(&retstp->st_stid);
6455 goto retry;
6456 }
6457 /* To keep mutex tracking happy */
6458 mutex_unlock(&stp->st_mutex);
6459 return retstp;
6460out_close:
6461 spin_unlock(&clp->cl_lock);
6462 mutex_unlock(&stp->st_mutex);
6463 return NULL;
1da177e4
LT		 6464}
6465
356a95ec
JL		 6466static struct nfs4_ol_stateid *
6467find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi,
6468 struct inode *inode, struct nfs4_ol_stateid *ost,
6469 bool *new)
6470{
6471 struct nfs4_stid *ns = NULL;
6472 struct nfs4_ol_stateid *lst;
6473 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
6474 struct nfs4_client *clp = oo->oo_owner.so_client;
6475
beeca19c 6476 *new = false;
356a95ec 6477 spin_lock(&clp->cl_lock);
a451b123 6478 lst = find_lock_stateid(lo, ost);
356a95ec 6479 spin_unlock(&clp->cl_lock);
beeca19c
TM		 6480 if (lst != NULL) {
6481 if (nfsd4_lock_ol_stateid(lst) == nfs_ok)
6482 goto out;
6483 nfs4_put_stid(&lst->st_stid);
6484 }
6485 ns = nfs4_alloc_stid(clp, stateid_slab, nfs4_free_lock_stateid);
6486 if (ns == NULL)
6487 return NULL;
6488
6489 lst = init_lock_stateid(openlockstateid(ns), lo, fi, inode, ost);
6490 if (lst == openlockstateid(ns))
6491 *new = true;
6492 else
356a95ec 6493 nfs4_put_stid(ns);
beeca19c 6494out:
356a95ec
JL		 6495 return lst;
6496}
c53530da 6497
fd39ca9a 6498static int
1da177e4
LT		 6499check_lock_length(u64 offset, u64 length)
6500{
e7969315
KM		 6501 return ((length == 0) || ((length != NFS4_MAX_UINT64) &&
6502 (length > ~offset)));
1da177e4
LT		 6503}
6504
dcef0413 6505static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
0997b173 6506{
11b9164a 6507 struct nfs4_file *fp = lock_stp->st_stid.sc_file;
0997b173 6508
7214e860
JL		 6509 lockdep_assert_held(&fp->fi_lock);
6510
82c5ff1b 6511 if (test_access(access, lock_stp))
0997b173 6512 return;
12659651 6513 __nfs4_file_get_access(fp, access);
82c5ff1b 6514 set_access(access, lock_stp);
0997b173
BF		 6515}
6516
356a95ec
JL		 6517static __be32
6518lookup_or_create_lock_state(struct nfsd4_compound_state *cstate,
6519 struct nfs4_ol_stateid *ost,
6520 struct nfsd4_lock *lock,
dd257933 6521 struct nfs4_ol_stateid **plst, bool *new)
64a284d0 6522{
5db1c03f 6523 __be32 status;
11b9164a 6524 struct nfs4_file *fi = ost->st_stid.sc_file;
64a284d0
BF		 6525 struct nfs4_openowner *oo = openowner(ost->st_stateowner);
6526 struct nfs4_client *cl = oo->oo_owner.so_client;
2b0143b5 6527 struct inode *inode = d_inode(cstate->current_fh.fh_dentry);
64a284d0 6528 struct nfs4_lockowner *lo;
dd257933 6529 struct nfs4_ol_stateid *lst;
64a284d0
BF		 6530 unsigned int strhashval;
6531
c8623999 6532 lo = find_lockowner_str(cl, &lock->lk_new_owner);
c53530da 6533 if (!lo) {
76f6c9e1 6534 strhashval = ownerstr_hashval(&lock->lk_new_owner);
c53530da
JL		 6535 lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
6536 if (lo == NULL)
6537 return nfserr_jukebox;
6538 } else {
6539 /* with an existing lockowner, seqids must be the same */
5db1c03f 6540 status = nfserr_bad_seqid;
c53530da
JL		 6541 if (!cstate->minorversion &&
6542 lock->lk_new_lock_seqid != lo->lo_owner.so_seqid)
5db1c03f 6543 goto out;
64a284d0 6544 }
c53530da 6545
dd257933
JL		 6546 lst = find_or_create_lock_stateid(lo, fi, inode, ost, new);
6547 if (lst == NULL) {
5db1c03f
JL		 6548 status = nfserr_jukebox;
6549 goto out;
64a284d0 6550 }
dd257933 6551
5db1c03f 6552 status = nfs_ok;
dd257933 6553 *plst = lst;
5db1c03f
JL		 6554out:
6555 nfs4_put_stateowner(&lo->lo_owner);
6556 return status;
64a284d0
BF		 6557}
6558
1da177e4
LT		 6559/*
6560 * LOCK operation
6561 */
b37ad28b 6562__be32
ca364317 6563nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 6564 union nfsd4_op_u *u)
1da177e4 6565{
eb69853d 6566 struct nfsd4_lock *lock = &u->lock;
fe0750e5
BF		 6567 struct nfs4_openowner *open_sop = NULL;
6568 struct nfs4_lockowner *lock_sop = NULL;
3d0fabd5 6569 struct nfs4_ol_stateid *lock_stp = NULL;
0667b1e9 6570 struct nfs4_ol_stateid *open_stp = NULL;
7214e860 6571 struct nfs4_file *fp;
eb82dd39 6572 struct nfsd_file *nf = NULL;
76d348fa 6573 struct nfsd4_blocked_lock *nbl = NULL;
21179d81
JL		 6574 struct file_lock *file_lock = NULL;
6575 struct file_lock *conflock = NULL;
b37ad28b 6576 __be32 status = 0;
b34f27aa 6577 int lkflg;
b8dd7b9a 6578 int err;
5db1c03f 6579 bool new = false;
76d348fa
JL		 6580 unsigned char fl_type;
6581 unsigned int fl_flags = FL_POSIX;
3320fef1
SK		 6582 struct net *net = SVC_NET(rqstp);
6583 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4
LT		 6584
6585 dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
6586 (long long) lock->lk_offset,
6587 (long long) lock->lk_length);
6588
1da177e4
LT		 6589 if (check_lock_length(lock->lk_offset, lock->lk_length))
6590 return nfserr_inval;
6591
ca364317 6592 if ((status = fh_verify(rqstp, &cstate->current_fh,
8837abca 6593 S_IFREG, NFSD_MAY_LOCK))) {
a6f6ef2f
AA		 6594 dprintk("NFSD: nfsd4_lock: permission denied!\n");
6595 return status;
6596 }
6597
1da177e4 6598 if (lock->lk_is_new) {
684e5638
BF		 6599 if (nfsd4_has_session(cstate))
6600 /* See rfc 5661 18.10.3: given clientid is ignored: */
76f6c9e1 6601 memcpy(&lock->lk_new_clientid,
684e5638
BF		 6602 &cstate->session->se_client->cl_clientid,
6603 sizeof(clientid_t));
6604
1da177e4 6605 status = nfserr_stale_clientid;
2c142baa 6606 if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
1da177e4 6607 goto out;
1da177e4 6608
1da177e4 6609 /* validate and update open stateid and open seqid */
c0a5d93e 6610 status = nfs4_preprocess_confirmed_seqid_op(cstate,
1da177e4
LT		 6611 lock->lk_new_open_seqid,
6612 &lock->lk_new_open_stateid,
3320fef1 6613 &open_stp, nn);
37515177 6614 if (status)
1da177e4 6615 goto out;
feb9dad5 6616 mutex_unlock(&open_stp->st_mutex);
fe0750e5 6617 open_sop = openowner(open_stp->st_stateowner);
b34f27aa 6618 status = nfserr_bad_stateid;
684e5638 6619 if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
76f6c9e1 6620 &lock->lk_new_clientid))
b34f27aa 6621 goto out;
64a284d0 6622 status = lookup_or_create_lock_state(cstate, open_stp, lock,
5db1c03f 6623 &lock_stp, &new);
3d0fabd5 6624 } else {
dd453dfd 6625 status = nfs4_preprocess_seqid_op(cstate,
fe0750e5
BF		 6626 lock->lk_old_lock_seqid,
6627 &lock->lk_old_lock_stateid,
3320fef1 6628 NFS4_LOCK_STID, &lock_stp, nn);
3d0fabd5 6629 }
e1aaa891
BF		 6630 if (status)
6631 goto out;
64a284d0 6632 lock_sop = lockowner(lock_stp->st_stateowner);
1da177e4 6633
b34f27aa
BF		 6634 lkflg = setlkflg(lock->lk_type);
6635 status = nfs4_check_openmode(lock_stp, lkflg);
6636 if (status)
6637 goto out;
6638
0dd395dc 6639 status = nfserr_grace;
3320fef1 6640 if (locks_in_grace(net) && !lock->lk_reclaim)
0dd395dc
N		 6641 goto out;
6642 status = nfserr_no_grace;
3320fef1 6643 if (!locks_in_grace(net) && lock->lk_reclaim)
0dd395dc
N		 6644 goto out;
6645
11b9164a 6646 fp = lock_stp->st_stid.sc_file;
1da177e4 6647 switch (lock->lk_type) {
1da177e4 6648 case NFS4_READW_LT:
76d348fa
JL		 6649 if (nfsd4_has_session(cstate))
6650 fl_flags |= FL_SLEEP;
6651 /* Fallthrough */
6652 case NFS4_READ_LT:
7214e860 6653 spin_lock(&fp->fi_lock);
eb82dd39
JL		 6654 nf = find_readable_file_locked(fp);
6655 if (nf)
0997b173 6656 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
7214e860 6657 spin_unlock(&fp->fi_lock);
76d348fa 6658 fl_type = F_RDLCK;
529d7b2a 6659 break;
1da177e4 6660 case NFS4_WRITEW_LT:
76d348fa
JL		 6661 if (nfsd4_has_session(cstate))
6662 fl_flags |= FL_SLEEP;
6663 /* Fallthrough */
6664 case NFS4_WRITE_LT:
7214e860 6665 spin_lock(&fp->fi_lock);
eb82dd39
JL		 6666 nf = find_writeable_file_locked(fp);
6667 if (nf)
0997b173 6668 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
7214e860 6669 spin_unlock(&fp->fi_lock);
76d348fa 6670 fl_type = F_WRLCK;
529d7b2a 6671 break;
1da177e4
LT		 6672 default:
6673 status = nfserr_inval;
6674 goto out;
6675 }
76d348fa 6676
eb82dd39 6677 if (!nf) {
f9d7562f
BF		 6678 status = nfserr_openmode;
6679 goto out;
6680 }
aef9583b 6681
76d348fa
JL		 6682 nbl = find_or_allocate_block(lock_sop, &fp->fi_fhandle, nn);
6683 if (!nbl) {
6684 dprintk("NFSD: %s: unable to allocate block!\n", __func__);
6685 status = nfserr_jukebox;
6686 goto out;
6687 }
6688
6689 file_lock = &nbl->nbl_lock;
6690 file_lock->fl_type = fl_type;
aef9583b 6691 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(&lock_sop->lo_owner));
21179d81 6692 file_lock->fl_pid = current->tgid;
eb82dd39 6693 file_lock->fl_file = nf->nf_file;
76d348fa 6694 file_lock->fl_flags = fl_flags;
21179d81
JL		 6695 file_lock->fl_lmops = &nfsd_posix_mng_ops;
6696 file_lock->fl_start = lock->lk_offset;
6697 file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
6698 nfs4_transform_lock_offset(file_lock);
6699
6700 conflock = locks_alloc_lock();
6701 if (!conflock) {
6702 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
6703 status = nfserr_jukebox;
6704 goto out;
6705 }
1da177e4 6706
76d348fa 6707 if (fl_flags & FL_SLEEP) {
20b7d86f 6708 nbl->nbl_time = ktime_get_boottime_seconds();
0cc11a61 6709 spin_lock(&nn->blocked_locks_lock);
76d348fa 6710 list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked);
7919d0a2 6711 list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru);
0cc11a61 6712 spin_unlock(&nn->blocked_locks_lock);
76d348fa
JL		 6713 }
6714
eb82dd39 6715 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, conflock);
76d348fa 6716 switch (err) {
1da177e4 6717 case 0: /* success! */
9767feb2 6718 nfs4_inc_and_copy_stateid(&lock->lk_resp_stateid, &lock_stp->st_stid);
b8dd7b9a 6719 status = 0;
03f318ca
BF		 6720 if (lock->lk_reclaim)
6721 nn->somebody_reclaimed = true;
eb76b3fd 6722 break;
76d348fa
JL		 6723 case FILE_LOCK_DEFERRED:
6724 nbl = NULL;
6725 /* Fallthrough */
6726 case -EAGAIN: /* conflock holds conflicting lock */
eb76b3fd
AA		 6727 status = nfserr_denied;
6728 dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
21179d81 6729 nfs4_set_lock_denied(conflock, &lock->lk_denied);
eb76b3fd 6730 break;
76d348fa 6731 case -EDEADLK:
1da177e4 6732 status = nfserr_deadlock;
eb76b3fd 6733 break;
3e772463 6734 default:
fd85b817 6735 dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
3e772463 6736 status = nfserrno(err);
eb76b3fd 6737 break;
1da177e4 6738 }
1da177e4 6739out:
76d348fa
JL		 6740 if (nbl) {
6741 /* dequeue it if we queued it before */
6742 if (fl_flags & FL_SLEEP) {
0cc11a61 6743 spin_lock(&nn->blocked_locks_lock);
76d348fa 6744 list_del_init(&nbl->nbl_list);
7919d0a2 6745 list_del_init(&nbl->nbl_lru);
0cc11a61 6746 spin_unlock(&nn->blocked_locks_lock);
76d348fa
JL		 6747 }
6748 free_blocked_lock(nbl);
6749 }
eb82dd39
JL		 6750 if (nf)
6751 nfsd_file_put(nf);
5db1c03f
JL		 6752 if (lock_stp) {
6753 /* Bump seqid manually if the 4.0 replay owner is openowner */
6754 if (cstate->replay_owner &&
6755 cstate->replay_owner != &lock_sop->lo_owner &&
6756 seqid_mutating_err(ntohl(status)))
6757 lock_sop->lo_owner.so_seqid++;
6758
6759 /*
6760 * If this is a new, never-before-used stateid, and we are
6761 * returning an error, then just go ahead and release it.
6762 */
25020720 6763 if (status && new)
5db1c03f 6764 release_lock_stateid(lock_stp);
beeca19c
TM		 6765
6766 mutex_unlock(&lock_stp->st_mutex);
5db1c03f 6767
3d0fabd5 6768 nfs4_put_stid(&lock_stp->st_stid);
5db1c03f 6769 }
0667b1e9
TM		 6770 if (open_stp)
6771 nfs4_put_stid(&open_stp->st_stid);
9411b1d4 6772 nfsd4_bump_seqid(cstate, status);
21179d81
JL		 6773 if (conflock)
6774 locks_free_lock(conflock);
1da177e4
LT		 6775 return status;
6776}
6777
55ef1274
BF		 6778/*
6779 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
6780 * so we do a temporary open here just to get an open file to pass to
6781 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
6782 * inode operation.)
6783 */
04da6e9d 6784static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
55ef1274 6785{
6b556ca2
JL		 6786 struct nfsd_file *nf;
6787 __be32 err = nfsd_file_acquire(rqstp, fhp, NFSD_MAY_READ, &nf);
04da6e9d 6788 if (!err) {
6b556ca2
JL		 6789 err = nfserrno(vfs_test_lock(nf->nf_file, lock));
6790 nfsd_file_put(nf);
04da6e9d 6791 }
55ef1274
BF		 6792 return err;
6793}
6794
1da177e4
LT		 6795/*
6796 * LOCKT operation
6797 */
b37ad28b 6798__be32
ca364317 6799nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 6800 union nfsd4_op_u *u)
1da177e4 6801{
eb69853d 6802 struct nfsd4_lockt *lockt = &u->lockt;
21179d81 6803 struct file_lock *file_lock = NULL;
5db1c03f 6804 struct nfs4_lockowner *lo = NULL;
b37ad28b 6805 __be32 status;
7f2210fa 6806 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1da177e4 6807
5ccb0066 6808 if (locks_in_grace(SVC_NET(rqstp)))
1da177e4
LT		 6809 return nfserr_grace;
6810
6811 if (check_lock_length(lockt->lt_offset, lockt->lt_length))
6812 return nfserr_inval;
6813
9b2ef62b 6814 if (!nfsd4_has_session(cstate)) {
b7342204
OK		 6815 status = lookup_clientid(&lockt->lt_clientid, cstate, nn,
6816 false);
9b2ef62b
BF		 6817 if (status)
6818 goto out;
6819 }
1da177e4 6820
75c096f7 6821 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
1da177e4 6822 goto out;
1da177e4 6823
21179d81
JL		 6824 file_lock = locks_alloc_lock();
6825 if (!file_lock) {
6826 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
6827 status = nfserr_jukebox;
6828 goto out;
6829 }
6cd90662 6830
1da177e4
LT		 6831 switch (lockt->lt_type) {
6832 case NFS4_READ_LT:
6833 case NFS4_READW_LT:
21179d81 6834 file_lock->fl_type = F_RDLCK;
f50c9d79 6835 break;
1da177e4
LT		 6836 case NFS4_WRITE_LT:
6837 case NFS4_WRITEW_LT:
21179d81 6838 file_lock->fl_type = F_WRLCK;
f50c9d79 6839 break;
1da177e4 6840 default:
2fdada03 6841 dprintk("NFSD: nfs4_lockt: bad lock type!\n");
1da177e4 6842 status = nfserr_inval;
f50c9d79 6843 goto out;
1da177e4
LT		 6844 }
6845
c8623999 6846 lo = find_lockowner_str(cstate->clp, &lockt->lt_owner);
fe0750e5 6847 if (lo)
21179d81
JL		 6848 file_lock->fl_owner = (fl_owner_t)lo;
6849 file_lock->fl_pid = current->tgid;
6850 file_lock->fl_flags = FL_POSIX;
1da177e4 6851
21179d81
JL		 6852 file_lock->fl_start = lockt->lt_offset;
6853 file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
1da177e4 6854
21179d81 6855 nfs4_transform_lock_offset(file_lock);
1da177e4 6856
21179d81 6857 status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
04da6e9d 6858 if (status)
fd85b817 6859 goto out;
04da6e9d 6860
21179d81 6861 if (file_lock->fl_type != F_UNLCK) {
1da177e4 6862 status = nfserr_denied;
21179d81 6863 nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
1da177e4
LT		 6864 }
6865out:
5db1c03f
JL		 6866 if (lo)
6867 nfs4_put_stateowner(&lo->lo_owner);
21179d81
JL		 6868 if (file_lock)
6869 locks_free_lock(file_lock);
1da177e4
LT		 6870 return status;
6871}
6872
b37ad28b 6873__be32
ca364317 6874nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
eb69853d 6875 union nfsd4_op_u *u)
1da177e4 6876{
eb69853d 6877 struct nfsd4_locku *locku = &u->locku;
dcef0413 6878 struct nfs4_ol_stateid *stp;
eb82dd39 6879 struct nfsd_file *nf = NULL;
21179d81 6880 struct file_lock *file_lock = NULL;
b37ad28b 6881 __be32 status;
b8dd7b9a 6882 int err;
3320fef1
SK		 6883 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
6884
1da177e4
LT		 6885 dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
6886 (long long) locku->lu_offset,
6887 (long long) locku->lu_length);
6888
6889 if (check_lock_length(locku->lu_offset, locku->lu_length))
6890 return nfserr_inval;
6891
9072d5c6 6892 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
3320fef1
SK		 6893 &locku->lu_stateid, NFS4_LOCK_STID,
6894 &stp, nn);
9072d5c6 6895 if (status)
1da177e4 6896 goto out;
eb82dd39
JL		 6897 nf = find_any_file(stp->st_stid.sc_file);
6898 if (!nf) {
f9d7562f 6899 status = nfserr_lock_range;
858cc573 6900 goto put_stateid;
f9d7562f 6901 }
21179d81
JL		 6902 file_lock = locks_alloc_lock();
6903 if (!file_lock) {
6904 dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
6905 status = nfserr_jukebox;
eb82dd39 6906 goto put_file;
21179d81 6907 }
6cd90662 6908
21179d81 6909 file_lock->fl_type = F_UNLCK;
aef9583b 6910 file_lock->fl_owner = (fl_owner_t)lockowner(nfs4_get_stateowner(stp->st_stateowner));
21179d81 6911 file_lock->fl_pid = current->tgid;
eb82dd39 6912 file_lock->fl_file = nf->nf_file;
21179d81
JL		 6913 file_lock->fl_flags = FL_POSIX;
6914 file_lock->fl_lmops = &nfsd_posix_mng_ops;
6915 file_lock->fl_start = locku->lu_offset;
6916
6917 file_lock->fl_end = last_byte_offset(locku->lu_offset,
6918 locku->lu_length);
6919 nfs4_transform_lock_offset(file_lock);
1da177e4 6920
eb82dd39 6921 err = vfs_lock_file(nf->nf_file, F_SETLK, file_lock, NULL);
b8dd7b9a 6922 if (err) {
fd85b817 6923 dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
1da177e4
LT		 6924 goto out_nfserr;
6925 }
9767feb2 6926 nfs4_inc_and_copy_stateid(&locku->lu_stateid, &stp->st_stid);
eb82dd39
JL		 6927put_file:
6928 nfsd_file_put(nf);
858cc573 6929put_stateid:
feb9dad5 6930 mutex_unlock(&stp->st_mutex);
858cc573 6931 nfs4_put_stid(&stp->st_stid);
1da177e4 6932out:
9411b1d4 6933 nfsd4_bump_seqid(cstate, status);
21179d81
JL		 6934 if (file_lock)
6935 locks_free_lock(file_lock);
1da177e4
LT		 6936 return status;
6937
6938out_nfserr:
b8dd7b9a 6939 status = nfserrno(err);
eb82dd39 6940 goto put_file;
1da177e4
LT		 6941}
6942
6943/*
6944 * returns
f9c00c3a
JL		 6945 * true: locks held by lockowner
6946 * false: no locks held by lockowner
1da177e4 6947 */
f9c00c3a
JL		 6948static bool
6949check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner)
1da177e4 6950{
bd61e0a9 6951 struct file_lock *fl;
f9c00c3a 6952 int status = false;
eb82dd39 6953 struct nfsd_file *nf = find_any_file(fp);
f9c00c3a 6954 struct inode *inode;
bd61e0a9 6955 struct file_lock_context *flctx;
f9c00c3a 6956
eb82dd39 6957 if (!nf) {
f9c00c3a
JL		 6958 /* Any valid lock stateid should have some sort of access */
6959 WARN_ON_ONCE(1);
6960 return status;
6961 }
6962
eb82dd39 6963 inode = locks_inode(nf->nf_file);
bd61e0a9
JL		 6964 flctx = inode->i_flctx;
6965
6966 if (flctx && !list_empty_careful(&flctx->flc_posix)) {
6109c850 6967 spin_lock(&flctx->flc_lock);
bd61e0a9
JL		 6968 list_for_each_entry(fl, &flctx->flc_posix, fl_list) {
6969 if (fl->fl_owner == (fl_owner_t)lowner) {
6970 status = true;
6971 break;
6972 }
796dadfd 6973 }
6109c850 6974 spin_unlock(&flctx->flc_lock);
1da177e4 6975 }
eb82dd39 6976 nfsd_file_put(nf);
1da177e4
LT		 6977 return status;
6978}
6979
b37ad28b 6980__be32
b591480b
BF		 6981nfsd4_release_lockowner(struct svc_rqst *rqstp,
6982 struct nfsd4_compound_state *cstate,
eb69853d 6983 union nfsd4_op_u *u)
1da177e4 6984{
eb69853d 6985 struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner;
1da177e4 6986 clientid_t *clid = &rlockowner->rl_clientid;
882e9d25
JL		 6987 struct nfs4_stateowner *sop;
6988 struct nfs4_lockowner *lo = NULL;
dcef0413 6989 struct nfs4_ol_stateid *stp;
1da177e4 6990 struct xdr_netobj *owner = &rlockowner->rl_owner;
d4f0489f 6991 unsigned int hashval = ownerstr_hashval(owner);
b37ad28b 6992 __be32 status;
7f2210fa 6993 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
c58c6610 6994 struct nfs4_client *clp;
88584818 6995 LIST_HEAD (reaplist);
1da177e4
LT		 6996
6997 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
6998 clid->cl_boot, clid->cl_id);
6999
b7342204 7000 status = lookup_clientid(clid, cstate, nn, false);
9b2ef62b 7001 if (status)
51f5e783 7002 return status;
9b2ef62b 7003
d4f0489f 7004 clp = cstate->clp;
fd44907c 7005 /* Find the matching lock stateowner */
d4f0489f 7006 spin_lock(&clp->cl_lock);
882e9d25 7007 list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval],
d4f0489f 7008 so_strhash) {
fd44907c 7009
882e9d25
JL		 7010 if (sop->so_is_open_owner || !same_owner_str(sop, owner))
7011 continue;
fd44907c 7012
882e9d25
JL		 7013 /* see if there are still any locks associated with it */
7014 lo = lockowner(sop);
7015 list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) {
7016 if (check_for_locks(stp->st_stid.sc_file, lo)) {
7017 status = nfserr_locks_held;
7018 spin_unlock(&clp->cl_lock);
51f5e783 7019 return status;
882e9d25 7020 }
5adfd885 7021 }
882e9d25 7022
b5971afa 7023 nfs4_get_stateowner(sop);
882e9d25 7024 break;
1da177e4 7025 }
88584818
CL		 7026 if (!lo) {
7027 spin_unlock(&clp->cl_lock);
7028 return status;
7029 }
7030
7031 unhash_lockowner_locked(lo);
7032 while (!list_empty(&lo->lo_owner.so_stateids)) {
7033 stp = list_first_entry(&lo->lo_owner.so_stateids,
7034 struct nfs4_ol_stateid,
7035 st_perstateowner);
7036 WARN_ON(!unhash_lock_stateid(stp));
7037 put_ol_stateid_locked(stp, &reaplist);
7038 }
c58c6610 7039 spin_unlock(&clp->cl_lock);
88584818 7040 free_ol_stateid_reaplist(&reaplist);
68ef3bc3 7041 remove_blocked_locks(lo);
88584818
CL		 7042 nfs4_put_stateowner(&lo->lo_owner);
7043
1da177e4
LT		 7044 return status;
7045}
7046
7047static inline struct nfs4_client_reclaim *
a55370a3 7048alloc_reclaim(void)
1da177e4 7049{
a55370a3 7050 return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
1da177e4
LT		 7051}
7052
0ce0c2b5 7053bool
6b189105 7054nfs4_has_reclaimed_state(struct xdr_netobj name, struct nfsd_net *nn)
c7b9a459 7055{
0ce0c2b5 7056 struct nfs4_client_reclaim *crp;
c7b9a459 7057
52e19c09 7058 crp = nfsd4_find_reclaim_client(name, nn);
0ce0c2b5 7059 return (crp && crp->cr_clp);
c7b9a459
N		 7060}
7061
1da177e4
LT		 7062/*
7063 * failure => all reset bets are off, nfserr_no_grace...
6b189105
SM		 7064 *
7065 * The caller is responsible for freeing name.data if NULL is returned (it
7066 * will be freed in nfs4_remove_reclaim_record in the normal case).
1da177e4 7067 */
772a9bbb 7068struct nfs4_client_reclaim *
6ee95d1c
SM		 7069nfs4_client_to_reclaim(struct xdr_netobj name, struct xdr_netobj princhash,
7070 struct nfsd_net *nn)
1da177e4
LT		 7071{
7072 unsigned int strhashval;
772a9bbb 7073 struct nfs4_client_reclaim *crp;
1da177e4 7074
6b189105 7075 dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", name.len, name.data);
a55370a3 7076 crp = alloc_reclaim();
772a9bbb
JL		 7077 if (crp) {
7078 strhashval = clientstr_hashval(name);
7079 INIT_LIST_HEAD(&crp->cr_strhash);
52e19c09 7080 list_add(&crp->cr_strhash, &nn->reclaim_str_hashtbl[strhashval]);
6b189105
SM		 7081 crp->cr_name.data = name.data;
7082 crp->cr_name.len = name.len;
6ee95d1c
SM		 7083 crp->cr_princhash.data = princhash.data;
7084 crp->cr_princhash.len = princhash.len;
0ce0c2b5 7085 crp->cr_clp = NULL;
52e19c09 7086 nn->reclaim_str_hashtbl_size++;
772a9bbb
JL		 7087 }
7088 return crp;
1da177e4
LT		 7089}
7090
ce30e539 7091void
52e19c09 7092nfs4_remove_reclaim_record(struct nfs4_client_reclaim *crp, struct nfsd_net *nn)
ce30e539
JL		 7093{
7094 list_del(&crp->cr_strhash);
6b189105 7095 kfree(crp->cr_name.data);
6ee95d1c 7096 kfree(crp->cr_princhash.data);
ce30e539 7097 kfree(crp);
52e19c09 7098 nn->reclaim_str_hashtbl_size--;
ce30e539
JL		 7099}
7100
2a4317c5 7101void
52e19c09 7102nfs4_release_reclaim(struct nfsd_net *nn)
1da177e4
LT		 7103{
7104 struct nfs4_client_reclaim *crp = NULL;
7105 int i;
7106
1da177e4 7107 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
52e19c09
SK		 7108 while (!list_empty(&nn->reclaim_str_hashtbl[i])) {
7109 crp = list_entry(nn->reclaim_str_hashtbl[i].next,
1da177e4 7110 struct nfs4_client_reclaim, cr_strhash);
52e19c09 7111 nfs4_remove_reclaim_record(crp, nn);
1da177e4
LT		 7112 }
7113 }
063b0fb9 7114 WARN_ON_ONCE(nn->reclaim_str_hashtbl_size);
1da177e4
LT		 7115}
7116
7117/*
7118 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
2a4317c5 7119struct nfs4_client_reclaim *
6b189105 7120nfsd4_find_reclaim_client(struct xdr_netobj name, struct nfsd_net *nn)
1da177e4
LT		 7121{
7122 unsigned int strhashval;
1da177e4
LT		 7123 struct nfs4_client_reclaim *crp = NULL;
7124
6b189105 7125 dprintk("NFSD: nfs4_find_reclaim_client for name %.*s\n", name.len, name.data);
1da177e4 7126
6b189105 7127 strhashval = clientstr_hashval(name);
52e19c09 7128 list_for_each_entry(crp, &nn->reclaim_str_hashtbl[strhashval], cr_strhash) {
6b189105 7129 if (compare_blob(&crp->cr_name, &name) == 0) {
1da177e4
LT		 7130 return crp;
7131 }
7132 }
7133 return NULL;
7134}
7135
7136/*
7137* Called from OPEN. Look for clientid in reclaim list.
7138*/
b37ad28b 7139__be32
0fe492db
TM		 7140nfs4_check_open_reclaim(clientid_t *clid,
7141 struct nfsd4_compound_state *cstate,
7142 struct nfsd_net *nn)
1da177e4 7143{
0fe492db 7144 __be32 status;
a52d726b
JL		 7145
7146 /* find clientid in conf_id_hashtbl */
b7342204 7147 status = lookup_clientid(clid, cstate, nn, false);
0fe492db 7148 if (status)
a52d726b
JL		 7149 return nfserr_reclaim_bad;
7150
3b3e7b72
JL		 7151 if (test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags))
7152 return nfserr_no_grace;
7153
0fe492db
TM		 7154 if (nfsd4_client_record_check(cstate->clp))
7155 return nfserr_reclaim_bad;
7156
7157 return nfs_ok;
1da177e4
LT		 7158}
7159
65178db4 7160#ifdef CONFIG_NFSD_FAULT_INJECTION
016200c3
JL		 7161static inline void
7162put_client(struct nfs4_client *clp)
7163{
14ed14cc 7164 atomic_dec(&clp->cl_rpc_users);
016200c3
JL		 7165}
7166
285abdee
JL		 7167static struct nfs4_client *
7168nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size)
7169{
7170 struct nfs4_client *clp;
7171 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7172 nfsd_net_id);
7173
7174 if (!nfsd_netns_ready(nn))
7175 return NULL;
7176
7177 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
7178 if (memcmp(&clp->cl_addr, addr, addr_size) == 0)
7179 return clp;
7180 }
7181 return NULL;
7182}
7183
7ec0e36f 7184u64
285abdee 7185nfsd_inject_print_clients(void)
7ec0e36f
JL		 7186{
7187 struct nfs4_client *clp;
7188 u64 count = 0;
7189 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7190 nfsd_net_id);
7191 char buf[INET6_ADDRSTRLEN];
7192
7193 if (!nfsd_netns_ready(nn))
7194 return 0;
7195
7196 spin_lock(&nn->client_lock);
7197 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
7198 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
7199 pr_info("NFS Client: %s\n", buf);
7200 ++count;
7201 }
7202 spin_unlock(&nn->client_lock);
7203
7204 return count;
7205}
65178db4 7206
a0926d15 7207u64
285abdee 7208nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size)
a0926d15
JL		 7209{
7210 u64 count = 0;
7211 struct nfs4_client *clp;
7212 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7213 nfsd_net_id);
7214
7215 if (!nfsd_netns_ready(nn))
7216 return count;
7217
7218 spin_lock(&nn->client_lock);
7219 clp = nfsd_find_client(addr, addr_size);
7220 if (clp) {
7221 if (mark_client_expired_locked(clp) == nfs_ok)
7222 ++count;
7223 else
7224 clp = NULL;
7225 }
7226 spin_unlock(&nn->client_lock);
7227
7228 if (clp)
7229 expire_client(clp);
7230
7231 return count;
7232}
7233
69fc9edf 7234u64
285abdee 7235nfsd_inject_forget_clients(u64 max)
69fc9edf
JL		 7236{
7237 u64 count = 0;
7238 struct nfs4_client *clp, *next;
7239 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7240 nfsd_net_id);
7241 LIST_HEAD(reaplist);
7242
7243 if (!nfsd_netns_ready(nn))
7244 return count;
7245
7246 spin_lock(&nn->client_lock);
7247 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
7248 if (mark_client_expired_locked(clp) == nfs_ok) {
7249 list_add(&clp->cl_lru, &reaplist);
7250 if (max != 0 && ++count >= max)
7251 break;
7252 }
7253 }
7254 spin_unlock(&nn->client_lock);
7255
7256 list_for_each_entry_safe(clp, next, &reaplist, cl_lru)
7257 expire_client(clp);
7258
7259 return count;
7260}
7261
184c1847
BS		 7262static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
7263 const char *type)
7264{
7265 char buf[INET6_ADDRSTRLEN];
0a5c33e2 7266 rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
184c1847
BS		 7267 printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
7268}
7269
016200c3
JL		 7270static void
7271nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst,
7272 struct list_head *collect)
7273{
7274 struct nfs4_client *clp = lst->st_stid.sc_client;
7275 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7276 nfsd_net_id);
7277
7278 if (!collect)
7279 return;
7280
7281 lockdep_assert_held(&nn->client_lock);
14ed14cc 7282 atomic_inc(&clp->cl_rpc_users);
016200c3
JL		 7283 list_add(&lst->st_locks, collect);
7284}
7285
3c87b9b7 7286static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max,
3738d50e 7287 struct list_head *collect,
e8568739 7288 bool (*func)(struct nfs4_ol_stateid *))
fc29171f
BS		 7289{
7290 struct nfs4_openowner *oop;
fc29171f 7291 struct nfs4_ol_stateid *stp, *st_next;
3c87b9b7 7292 struct nfs4_ol_stateid *lst, *lst_next;
fc29171f
BS		 7293 u64 count = 0;
7294
016200c3 7295 spin_lock(&clp->cl_lock);
fc29171f 7296 list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) {
3c87b9b7
TM		 7297 list_for_each_entry_safe(stp, st_next,
7298 &oop->oo_owner.so_stateids, st_perstateowner) {
7299 list_for_each_entry_safe(lst, lst_next,
7300 &stp->st_locks, st_locks) {
3738d50e 7301 if (func) {
e8568739
JL		 7302 if (func(lst))
7303 nfsd_inject_add_lock_to_list(lst,
7304 collect);
3738d50e 7305 }
016200c3
JL		 7306 ++count;
7307 /*
7308 * Despite the fact that these functions deal
7309 * with 64-bit integers for "count", we must
7310 * ensure that it doesn't blow up the
14ed14cc 7311 * clp->cl_rpc_users. Throw a warning if we
016200c3
JL		 7312 * start to approach INT_MAX here.
7313 */
7314 WARN_ON_ONCE(count == (INT_MAX / 2));
7315 if (count == max)
7316 goto out;
fc29171f
BS		 7317 }
7318 }
7319 }
016200c3
JL		 7320out:
7321 spin_unlock(&clp->cl_lock);
fc29171f
BS		 7322
7323 return count;
7324}
7325
016200c3
JL		 7326static u64
7327nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect,
7328 u64 max)
fc29171f 7329{
016200c3 7330 return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid);
fc29171f
BS		 7331}
7332
016200c3
JL		 7333static u64
7334nfsd_print_client_locks(struct nfs4_client *clp)
184c1847 7335{
016200c3 7336 u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL);
184c1847
BS		 7337 nfsd_print_count(clp, count, "locked files");
7338 return count;
7339}
7340
016200c3 7341u64
285abdee 7342nfsd_inject_print_locks(void)
016200c3
JL		 7343{
7344 struct nfs4_client *clp;
7345 u64 count = 0;
7346 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7347 nfsd_net_id);
7348
7349 if (!nfsd_netns_ready(nn))
7350 return 0;
7351
7352 spin_lock(&nn->client_lock);
7353 list_for_each_entry(clp, &nn->client_lru, cl_lru)
7354 count += nfsd_print_client_locks(clp);
7355 spin_unlock(&nn->client_lock);
7356
7357 return count;
7358}
7359
7360static void
7361nfsd_reap_locks(struct list_head *reaplist)
7362{
7363 struct nfs4_client *clp;
7364 struct nfs4_ol_stateid *stp, *next;
7365
7366 list_for_each_entry_safe(stp, next, reaplist, st_locks) {
7367 list_del_init(&stp->st_locks);
7368 clp = stp->st_stid.sc_client;
7369 nfs4_put_stid(&stp->st_stid);
7370 put_client(clp);
7371 }
7372}
7373
7374u64
285abdee 7375nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size)
016200c3
JL		 7376{
7377 unsigned int count = 0;
7378 struct nfs4_client *clp;
7379 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7380 nfsd_net_id);
7381 LIST_HEAD(reaplist);
7382
7383 if (!nfsd_netns_ready(nn))
7384 return count;
7385
7386 spin_lock(&nn->client_lock);
7387 clp = nfsd_find_client(addr, addr_size);
7388 if (clp)
7389 count = nfsd_collect_client_locks(clp, &reaplist, 0);
7390 spin_unlock(&nn->client_lock);
7391 nfsd_reap_locks(&reaplist);
7392 return count;
7393}
7394
7395u64
285abdee 7396nfsd_inject_forget_locks(u64 max)
016200c3
JL		 7397{
7398 u64 count = 0;
7399 struct nfs4_client *clp;
7400 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7401 nfsd_net_id);
7402 LIST_HEAD(reaplist);
7403
7404 if (!nfsd_netns_ready(nn))
7405 return count;
7406
7407 spin_lock(&nn->client_lock);
7408 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
7409 count += nfsd_collect_client_locks(clp, &reaplist, max - count);
7410 if (max != 0 && count >= max)
7411 break;
7412 }
7413 spin_unlock(&nn->client_lock);
7414 nfsd_reap_locks(&reaplist);
7415 return count;
7416}
7417
82e05efa
JL		 7418static u64
7419nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max,
7420 struct list_head *collect,
7421 void (*func)(struct nfs4_openowner *))
4dbdbda8
BS		 7422{
7423 struct nfs4_openowner *oop, *next;
82e05efa
JL		 7424 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7425 nfsd_net_id);
4dbdbda8
BS		 7426 u64 count = 0;
7427
82e05efa
JL		 7428 lockdep_assert_held(&nn->client_lock);
7429
7430 spin_lock(&clp->cl_lock);
4dbdbda8 7431 list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) {
82e05efa 7432 if (func) {
4dbdbda8 7433 func(oop);
82e05efa 7434 if (collect) {
14ed14cc 7435 atomic_inc(&clp->cl_rpc_users);
82e05efa
JL		 7436 list_add(&oop->oo_perclient, collect);
7437 }
7438 }
7439 ++count;
7440 /*
7441 * Despite the fact that these functions deal with
7442 * 64-bit integers for "count", we must ensure that
14ed14cc 7443 * it doesn't blow up the clp->cl_rpc_users. Throw a
82e05efa
JL		 7444 * warning if we start to approach INT_MAX here.
7445 */
7446 WARN_ON_ONCE(count == (INT_MAX / 2));
7447 if (count == max)
4dbdbda8
BS		 7448 break;
7449 }
82e05efa
JL		 7450 spin_unlock(&clp->cl_lock);
7451
7452 return count;
7453}
7454
7455static u64
7456nfsd_print_client_openowners(struct nfs4_client *clp)
7457{
7458 u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL);
7459
7460 nfsd_print_count(clp, count, "openowners");
7461 return count;
7462}
7463
7464static u64
7465nfsd_collect_client_openowners(struct nfs4_client *clp,
7466 struct list_head *collect, u64 max)
7467{
7468 return nfsd_foreach_client_openowner(clp, max, collect,
7469 unhash_openowner_locked);
7470}
7471
7472u64
285abdee 7473nfsd_inject_print_openowners(void)
82e05efa
JL		 7474{
7475 struct nfs4_client *clp;
7476 u64 count = 0;
7477 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7478 nfsd_net_id);
7479
7480 if (!nfsd_netns_ready(nn))
7481 return 0;
7482
7483 spin_lock(&nn->client_lock);
7484 list_for_each_entry(clp, &nn->client_lru, cl_lru)
7485 count += nfsd_print_client_openowners(clp);
7486 spin_unlock(&nn->client_lock);
4dbdbda8
BS		 7487
7488 return count;
7489}
7490
82e05efa
JL		 7491static void
7492nfsd_reap_openowners(struct list_head *reaplist)
7493{
7494 struct nfs4_client *clp;
7495 struct nfs4_openowner *oop, *next;
7496
7497 list_for_each_entry_safe(oop, next, reaplist, oo_perclient) {
7498 list_del_init(&oop->oo_perclient);
7499 clp = oop->oo_owner.so_client;
7500 release_openowner(oop);
7501 put_client(clp);
7502 }
7503}
7504
7505u64
285abdee
JL		 7506nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr,
7507 size_t addr_size)
4dbdbda8 7508{
82e05efa
JL		 7509 unsigned int count = 0;
7510 struct nfs4_client *clp;
7511 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7512 nfsd_net_id);
7513 LIST_HEAD(reaplist);
7514
7515 if (!nfsd_netns_ready(nn))
7516 return count;
7517
7518 spin_lock(&nn->client_lock);
7519 clp = nfsd_find_client(addr, addr_size);
7520 if (clp)
7521 count = nfsd_collect_client_openowners(clp, &reaplist, 0);
7522 spin_unlock(&nn->client_lock);
7523 nfsd_reap_openowners(&reaplist);
7524 return count;
4dbdbda8
BS		 7525}
7526
82e05efa 7527u64
285abdee 7528nfsd_inject_forget_openowners(u64 max)
184c1847 7529{
82e05efa
JL		 7530 u64 count = 0;
7531 struct nfs4_client *clp;
7532 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7533 nfsd_net_id);
7534 LIST_HEAD(reaplist);
7535
7536 if (!nfsd_netns_ready(nn))
7537 return count;
7538
7539 spin_lock(&nn->client_lock);
7540 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
7541 count += nfsd_collect_client_openowners(clp, &reaplist,
7542 max - count);
7543 if (max != 0 && count >= max)
7544 break;
7545 }
7546 spin_unlock(&nn->client_lock);
7547 nfsd_reap_openowners(&reaplist);
184c1847
BS		 7548 return count;
7549}
7550
269de30f
BS		 7551static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max,
7552 struct list_head *victims)
7553{
7554 struct nfs4_delegation *dp, *next;
98d5c7c5
JL		 7555 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7556 nfsd_net_id);
269de30f
BS		 7557 u64 count = 0;
7558
98d5c7c5
JL		 7559 lockdep_assert_held(&nn->client_lock);
7560
7561 spin_lock(&state_lock);
269de30f 7562 list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) {
dff1399f
JL		 7563 if (victims) {
7564 /*
7565 * It's not safe to mess with delegations that have a
7566 * non-zero dl_time. They might have already been broken
7567 * and could be processed by the laundromat outside of
7568 * the state_lock. Just leave them be.
7569 */
7570 if (dp->dl_time != 0)
7571 continue;
7572
14ed14cc 7573 atomic_inc(&clp->cl_rpc_users);
3fcbbd24 7574 WARN_ON(!unhash_delegation_locked(dp));
42690676 7575 list_add(&dp->dl_recall_lru, victims);
dff1399f 7576 }
98d5c7c5
JL		 7577 ++count;
7578 /*
7579 * Despite the fact that these functions deal with
7580 * 64-bit integers for "count", we must ensure that
14ed14cc 7581 * it doesn't blow up the clp->cl_rpc_users. Throw a
98d5c7c5
JL		 7582 * warning if we start to approach INT_MAX here.
7583 */
7584 WARN_ON_ONCE(count == (INT_MAX / 2));
7585 if (count == max)
269de30f
BS		 7586 break;
7587 }
98d5c7c5 7588 spin_unlock(&state_lock);
269de30f
BS		 7589 return count;
7590}
7591
98d5c7c5
JL		 7592static u64
7593nfsd_print_client_delegations(struct nfs4_client *clp)
269de30f 7594{
98d5c7c5 7595 u64 count = nfsd_find_all_delegations(clp, 0, NULL);
269de30f 7596
98d5c7c5
JL		 7597 nfsd_print_count(clp, count, "delegations");
7598 return count;
7599}
7600
7601u64
285abdee 7602nfsd_inject_print_delegations(void)
98d5c7c5
JL		 7603{
7604 struct nfs4_client *clp;
7605 u64 count = 0;
7606 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7607 nfsd_net_id);
7608
7609 if (!nfsd_netns_ready(nn))
7610 return 0;
269de30f 7611
98d5c7c5
JL		 7612 spin_lock(&nn->client_lock);
7613 list_for_each_entry(clp, &nn->client_lru, cl_lru)
7614 count += nfsd_print_client_delegations(clp);
7615 spin_unlock(&nn->client_lock);
7616
7617 return count;
7618}
7619
7620static void
7621nfsd_forget_delegations(struct list_head *reaplist)
7622{
7623 struct nfs4_client *clp;
7624 struct nfs4_delegation *dp, *next;
7625
7626 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) {
2d4a532d 7627 list_del_init(&dp->dl_recall_lru);
98d5c7c5 7628 clp = dp->dl_stid.sc_client;
3bd64a5b 7629 revoke_delegation(dp);
98d5c7c5 7630 put_client(clp);
2d4a532d 7631 }
98d5c7c5
JL		 7632}
7633
7634u64
285abdee
JL		 7635nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr,
7636 size_t addr_size)
98d5c7c5
JL		 7637{
7638 u64 count = 0;
7639 struct nfs4_client *clp;
7640 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7641 nfsd_net_id);
7642 LIST_HEAD(reaplist);
7643
7644 if (!nfsd_netns_ready(nn))
7645 return count;
7646
7647 spin_lock(&nn->client_lock);
7648 clp = nfsd_find_client(addr, addr_size);
7649 if (clp)
7650 count = nfsd_find_all_delegations(clp, 0, &reaplist);
7651 spin_unlock(&nn->client_lock);
7652
7653 nfsd_forget_delegations(&reaplist);
7654 return count;
7655}
269de30f 7656
98d5c7c5 7657u64
285abdee 7658nfsd_inject_forget_delegations(u64 max)
98d5c7c5
JL		 7659{
7660 u64 count = 0;
7661 struct nfs4_client *clp;
7662 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7663 nfsd_net_id);
7664 LIST_HEAD(reaplist);
7665
7666 if (!nfsd_netns_ready(nn))
7667 return count;
7668
7669 spin_lock(&nn->client_lock);
7670 list_for_each_entry(clp, &nn->client_lru, cl_lru) {
7671 count += nfsd_find_all_delegations(clp, max - count, &reaplist);
7672 if (max != 0 && count >= max)
7673 break;
7674 }
7675 spin_unlock(&nn->client_lock);
7676 nfsd_forget_delegations(&reaplist);
269de30f
BS		 7677 return count;
7678}
7679
98d5c7c5
JL		 7680static void
7681nfsd_recall_delegations(struct list_head *reaplist)
269de30f 7682{
98d5c7c5
JL		 7683 struct nfs4_client *clp;
7684 struct nfs4_delegation *dp, *next;
269de30f 7685
98d5c7c5 7686 list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) {
dff1399f 7687 list_del_init(&dp->dl_recall_lru);
98d5c7c5
JL		 7688 clp = dp->dl_stid.sc_client;
7689 /*
7690 * We skipped all entries that had a zero dl_time before,
7691 * so we can now reset the dl_time back to 0. If a delegation
7692 * break comes in now, then it won't make any difference since
7693 * we're recalling it either way.
7694 */
7695 spin_lock(&state_lock);
dff1399f 7696 dp->dl_time = 0;
98d5c7c5 7697 spin_unlock(&state_lock);
269de30f 7698 nfsd_break_one_deleg(dp);
98d5c7c5 7699 put_client(clp);
dff1399f 7700 }
98d5c7c5 7701}
269de30f 7702
98d5c7c5 7703u64
285abdee 7704nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr,
98d5c7c5
JL		 7705 size_t addr_size)
7706{
7707 u64 count = 0;
7708 struct nfs4_client *clp;
7709 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7710 nfsd_net_id);
7711 LIST_HEAD(reaplist);
7712
7713 if (!nfsd_netns_ready(nn))
7714 return count;
7715
7716 spin_lock(&nn->client_lock);
7717 clp = nfsd_find_client(addr, addr_size);
7718 if (clp)
7719 count = nfsd_find_all_delegations(clp, 0, &reaplist);
7720 spin_unlock(&nn->client_lock);
7721
7722 nfsd_recall_delegations(&reaplist);
269de30f
BS		 7723 return count;
7724}
7725
98d5c7c5 7726u64
285abdee 7727nfsd_inject_recall_delegations(u64 max)
184c1847
BS		 7728{
7729 u64 count = 0;
98d5c7c5
JL		 7730 struct nfs4_client *clp, *next;
7731 struct nfsd_net *nn = net_generic(current->nsproxy->net_ns,
7732 nfsd_net_id);
7733 LIST_HEAD(reaplist);
184c1847 7734
98d5c7c5
JL		 7735 if (!nfsd_netns_ready(nn))
7736 return count;
184c1847 7737
98d5c7c5
JL		 7738 spin_lock(&nn->client_lock);
7739 list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
7740 count += nfsd_find_all_delegations(clp, max - count, &reaplist);
7741 if (max != 0 && ++count >= max)
7742 break;
7743 }
7744 spin_unlock(&nn->client_lock);
7745 nfsd_recall_delegations(&reaplist);
184c1847
BS		 7746 return count;
7747}
65178db4
BS		 7748#endif /* CONFIG_NFSD_FAULT_INJECTION */
7749
c2f1a551
MS		 7750/*
7751 * Since the lifetime of a delegation isn't limited to that of an open, a
7752 * client may quite reasonably hang on to a delegation as long as it has
7753 * the inode cached. This becomes an obvious problem the first time a
7754 * client's inode cache approaches the size of the server's total memory.
7755 *
7756 * For now we avoid this problem by imposing a hard limit on the number
7757 * of delegations, which varies according to the server's memory size.
7758 */
7759static void
7760set_max_delegations(void)
7761{
7762 /*
7763 * Allow at most 4 delegations per megabyte of RAM. Quick
7764 * estimates suggest that in the worst case (where every delegation
7765 * is for a different inode), a delegation could take about 1.5K,
7766 * giving a worst case usage of about 6% of memory.
7767 */
7768 max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
7769}
7770
d85ed443 7771static int nfs4_state_create_net(struct net *net)
8daae4dc
SK		 7772{
7773 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
7774 int i;
7775
6da2ec56
KC		 7776 nn->conf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE,
7777 sizeof(struct list_head),
7778 GFP_KERNEL);
8daae4dc 7779 if (!nn->conf_id_hashtbl)
382a62e7 7780 goto err;
6da2ec56
KC		 7781 nn->unconf_id_hashtbl = kmalloc_array(CLIENT_HASH_SIZE,
7782 sizeof(struct list_head),
7783 GFP_KERNEL);
0a7ec377
SK		 7784 if (!nn->unconf_id_hashtbl)
7785 goto err_unconf_id;
6da2ec56
KC		 7786 nn->sessionid_hashtbl = kmalloc_array(SESSION_HASH_SIZE,
7787 sizeof(struct list_head),
7788 GFP_KERNEL);
1872de0e
SK		 7789 if (!nn->sessionid_hashtbl)
7790 goto err_sessionid;
8daae4dc 7791
382a62e7 7792 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
8daae4dc 7793 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]);
0a7ec377 7794 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]);
382a62e7 7795 }
1872de0e
SK		 7796 for (i = 0; i < SESSION_HASH_SIZE; i++)
7797 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]);
382a62e7 7798 nn->conf_name_tree = RB_ROOT;
a99454aa 7799 nn->unconf_name_tree = RB_ROOT;
9cc76801 7800 nn->boot_time = ktime_get_real_seconds();
81833de1
VA		 7801 nn->grace_ended = false;
7802 nn->nfsd4_manager.block_opens = true;
7803 INIT_LIST_HEAD(&nn->nfsd4_manager.list);
5ed58bb2 7804 INIT_LIST_HEAD(&nn->client_lru);
73758fed 7805 INIT_LIST_HEAD(&nn->close_lru);
e8c69d17 7806 INIT_LIST_HEAD(&nn->del_recall_lru);
c9a49628 7807 spin_lock_init(&nn->client_lock);
e0639dc5
OK		 7808 spin_lock_init(&nn->s2s_cp_lock);
7809 idr_init(&nn->s2s_cp_stateids);
8daae4dc 7810
0cc11a61
JL		 7811 spin_lock_init(&nn->blocked_locks_lock);
7812 INIT_LIST_HEAD(&nn->blocked_locks_lru);
7813
09121281 7814 INIT_DELAYED_WORK(&nn->laundromat_work, laundromat_main);
d85ed443 7815 get_net(net);
09121281 7816
8daae4dc 7817 return 0;
382a62e7 7818
1872de0e 7819err_sessionid:
9b531137 7820 kfree(nn->unconf_id_hashtbl);
0a7ec377
SK		 7821err_unconf_id:
7822 kfree(nn->conf_id_hashtbl);
382a62e7
SK		 7823err:
7824 return -ENOMEM;
8daae4dc
SK		 7825}
7826
7827static void
4dce0ac9 7828nfs4_state_destroy_net(struct net *net)
8daae4dc
SK		 7829{
7830 int i;
7831 struct nfs4_client *clp = NULL;
7832 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
7833
7834 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
7835 while (!list_empty(&nn->conf_id_hashtbl[i])) {
7836 clp = list_entry(nn->conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
7837 destroy_client(clp);
7838 }
7839 }
a99454aa 7840
68ef3bc3
JL		 7841 WARN_ON(!list_empty(&nn->blocked_locks_lru));
7842
2b905635
KM		 7843 for (i = 0; i < CLIENT_HASH_SIZE; i++) {
7844 while (!list_empty(&nn->unconf_id_hashtbl[i])) {
7845 clp = list_entry(nn->unconf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
7846 destroy_client(clp);
7847 }
a99454aa
SK		 7848 }
7849
1872de0e 7850 kfree(nn->sessionid_hashtbl);
0a7ec377 7851 kfree(nn->unconf_id_hashtbl);
8daae4dc 7852 kfree(nn->conf_id_hashtbl);
4dce0ac9 7853 put_net(net);
8daae4dc
SK		 7854}
7855
f252bc68 7856int
d85ed443 7857nfs4_state_start_net(struct net *net)
ac4d8ff2 7858{
5e1533c7 7859 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
b5a1a81e
BF		 7860 int ret;
7861
d85ed443 7862 ret = nfs4_state_create_net(net);
8daae4dc
SK		 7863 if (ret)
7864 return ret;
d4318acd
JL		 7865 locks_start_grace(net, &nn->nfsd4_manager);
7866 nfsd4_client_tracking_init(net);
362063a5
SM		 7867 if (nn->track_reclaim_completes && nn->reclaim_str_hashtbl_size == 0)
7868 goto skip_grace;
20b7d86f 7869 printk(KERN_INFO "NFSD: starting %lld-second grace period (net %x)\n",
7e981a8a 7870 nn->nfsd4_grace, net->ns.inum);
5284b44e 7871 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_grace * HZ);
d85ed443 7872 return 0;
362063a5
SM		 7873
7874skip_grace:
7875 printk(KERN_INFO "NFSD: no clients to reclaim, skipping NFSv4 grace period (net %x)\n",
7876 net->ns.inum);
7877 queue_delayed_work(laundry_wq, &nn->laundromat_work, nn->nfsd4_lease * HZ);
7878 nfsd4_end_grace(nn);
7879 return 0;
d85ed443
SK		 7880}
7881
7882/* initialization to perform when the nfsd service is started: */
7883
7884int
7885nfs4_state_start(void)
7886{
7887 int ret;
7888
51a54568 7889 laundry_wq = alloc_workqueue("%s", WQ_UNBOUND, 0, "nfsd4");
a6d6b781
JL		 7890 if (laundry_wq == NULL) {
7891 ret = -ENOMEM;
a26dd64f 7892 goto out;
a6d6b781 7893 }
b5a1a81e
BF		 7894 ret = nfsd4_create_callback_queue();
7895 if (ret)
7896 goto out_free_laundry;
09121281 7897
c2f1a551 7898 set_max_delegations();
b5a1a81e 7899 return 0;
d85ed443 7900
b5a1a81e
BF		 7901out_free_laundry:
7902 destroy_workqueue(laundry_wq);
a26dd64f 7903out:
b5a1a81e 7904 return ret;
1da177e4
LT		 7905}
7906
f252bc68 7907void
4dce0ac9 7908nfs4_state_shutdown_net(struct net *net)
1da177e4 7909{
1da177e4 7910 struct nfs4_delegation *dp = NULL;
1da177e4 7911 struct list_head *pos, *next, reaplist;
4dce0ac9 7912 struct nfsd_net *nn = net_generic(net, nfsd_net_id);
1da177e4 7913
4dce0ac9
SK		 7914 cancel_delayed_work_sync(&nn->laundromat_work);
7915 locks_end_grace(&nn->nfsd4_manager);
ac55fdc4 7916
1da177e4 7917 INIT_LIST_HEAD(&reaplist);
cdc97505 7918 spin_lock(&state_lock);
e8c69d17 7919 list_for_each_safe(pos, next, &nn->del_recall_lru) {
1da177e4 7920 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3fcbbd24 7921 WARN_ON(!unhash_delegation_locked(dp));
42690676 7922 list_add(&dp->dl_recall_lru, &reaplist);
1da177e4 7923 }
cdc97505 7924 spin_unlock(&state_lock);
1da177e4
LT		 7925 list_for_each_safe(pos, next, &reaplist) {
7926 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
42690676 7927 list_del_init(&dp->dl_recall_lru);
0af6e690 7928 destroy_unhashed_deleg(dp);
1da177e4
LT		 7929 }
7930
3320fef1 7931 nfsd4_client_tracking_exit(net);
4dce0ac9 7932 nfs4_state_destroy_net(net);
1da177e4
LT		 7933}
7934
7935void
7936nfs4_state_shutdown(void)
7937{
5e8d5c29 7938 destroy_workqueue(laundry_wq);
c3935e30 7939 nfsd4_destroy_callback_queue();
1da177e4 7940}
8b70484c
TM		 7941
7942static void
7943get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
7944{
51100d2b
OK		 7945 if (HAS_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG) &&
7946 CURRENT_STATEID(stateid))
37c593c5 7947 memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
8b70484c
TM		 7948}
7949
7950static void
7951put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
7952{
37c593c5
TM		 7953 if (cstate->minorversion) {
7954 memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
51100d2b 7955 SET_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG);
37c593c5
TM		 7956 }
7957}
7958
7959void
7960clear_current_stateid(struct nfsd4_compound_state *cstate)
7961{
51100d2b 7962 CLEAR_CSTATE_FLAG(cstate, CURRENT_STATE_ID_FLAG);
8b70484c
TM		 7963}
7964
62cd4a59
TM		 7965/*
7966 * functions to set current state id
7967 */
9428fe1a 7968void
b60e9859
CH		 7969nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate,
7970 union nfsd4_op_u *u)
9428fe1a 7971{
b60e9859 7972 put_stateid(cstate, &u->open_downgrade.od_stateid);
9428fe1a
TM		 7973}
7974
8b70484c 7975void
b60e9859
CH		 7976nfsd4_set_openstateid(struct nfsd4_compound_state *cstate,
7977 union nfsd4_op_u *u)
8b70484c 7978{
b60e9859 7979 put_stateid(cstate, &u->open.op_stateid);
8b70484c
TM		 7980}
7981
62cd4a59 7982void
b60e9859
CH		 7983nfsd4_set_closestateid(struct nfsd4_compound_state *cstate,
7984 union nfsd4_op_u *u)
62cd4a59 7985{
b60e9859 7986 put_stateid(cstate, &u->close.cl_stateid);
62cd4a59
TM		 7987}
7988
7989void
b60e9859
CH		 7990nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate,
7991 union nfsd4_op_u *u)
62cd4a59 7992{
b60e9859 7993 put_stateid(cstate, &u->lock.lk_resp_stateid);
62cd4a59
TM		 7994}
7995
7996/*
7997 * functions to consume current state id
7998 */
1e97b519 7999
9428fe1a 8000void
57832e7b
CH		 8001nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate,
8002 union nfsd4_op_u *u)
9428fe1a 8003{
57832e7b 8004 get_stateid(cstate, &u->open_downgrade.od_stateid);
9428fe1a
TM		 8005}
8006
8007void
57832e7b
CH		 8008nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate,
8009 union nfsd4_op_u *u)
9428fe1a 8010{
57832e7b 8011 get_stateid(cstate, &u->delegreturn.dr_stateid);
9428fe1a
TM		 8012}
8013
1e97b519 8014void
57832e7b
CH		 8015nfsd4_get_freestateid(struct nfsd4_compound_state *cstate,
8016 union nfsd4_op_u *u)
1e97b519 8017{
57832e7b 8018 get_stateid(cstate, &u->free_stateid.fr_stateid);
1e97b519
TM		 8019}
8020
8021void
57832e7b
CH		 8022nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate,
8023 union nfsd4_op_u *u)
1e97b519 8024{
57832e7b 8025 get_stateid(cstate, &u->setattr.sa_stateid);
1e97b519
TM		 8026}
8027
8b70484c 8028void
57832e7b
CH		 8029nfsd4_get_closestateid(struct nfsd4_compound_state *cstate,
8030 union nfsd4_op_u *u)
8b70484c 8031{
57832e7b 8032 get_stateid(cstate, &u->close.cl_stateid);
8b70484c
TM		 8033}
8034
8035void
57832e7b
CH		 8036nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate,
8037 union nfsd4_op_u *u)
8b70484c 8038{
57832e7b 8039 get_stateid(cstate, &u->locku.lu_stateid);
8b70484c 8040}
30813e27
TM		 8041
8042void
57832e7b
CH		 8043nfsd4_get_readstateid(struct nfsd4_compound_state *cstate,
8044 union nfsd4_op_u *u)
30813e27 8045{
57832e7b 8046 get_stateid(cstate, &u->read.rd_stateid);
30813e27
TM		 8047}
8048
8049void
57832e7b
CH		 8050nfsd4_get_writestateid(struct nfsd4_compound_state *cstate,
8051 union nfsd4_op_u *u)
30813e27 8052{
57832e7b 8053 get_stateid(cstate, &u->write.wr_stateid);
30813e27 8054}
A mirror of Linus' kernel repository