linux/fs/nfsd/nfs4state.c
<<
>>
Prefs
   1/*
   2*  Copyright (c) 2001 The Regents of the University of Michigan.
   3*  All rights reserved.
   4*
   5*  Kendrick Smith <kmsmith@umich.edu>
   6*  Andy Adamson <kandros@umich.edu>
   7*
   8*  Redistribution and use in source and binary forms, with or without
   9*  modification, are permitted provided that the following conditions
  10*  are met:
  11*
  12*  1. Redistributions of source code must retain the above copyright
  13*     notice, this list of conditions and the following disclaimer.
  14*  2. Redistributions in binary form must reproduce the above copyright
  15*     notice, this list of conditions and the following disclaimer in the
  16*     documentation and/or other materials provided with the distribution.
  17*  3. Neither the name of the University nor the names of its
  18*     contributors may be used to endorse or promote products derived
  19*     from this software without specific prior written permission.
  20*
  21*  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  22*  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  23*  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  24*  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  25*  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  26*  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  27*  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  28*  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  29*  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  30*  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  31*  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  32*
  33*/
  34
  35#include <linux/file.h>
  36#include <linux/fs.h>
  37#include <linux/slab.h>
  38#include <linux/namei.h>
  39#include <linux/swap.h>
  40#include <linux/pagemap.h>
  41#include <linux/ratelimit.h>
  42#include <linux/sunrpc/svcauth_gss.h>
  43#include <linux/sunrpc/clnt.h>
  44#include "xdr4.h"
  45#include "vfs.h"
  46#include "current_stateid.h"
  47#include "fault_inject.h"
  48
  49#include "netns.h"
  50
  51#define NFSDDBG_FACILITY                NFSDDBG_PROC
  52
  53/* Globals */
  54time_t nfsd4_lease = 90;     /* default lease time */
  55time_t nfsd4_grace = 90;
  56
  57#define all_ones {{~0,~0},~0}
  58static const stateid_t one_stateid = {
  59        .si_generation = ~0,
  60        .si_opaque = all_ones,
  61};
  62static const stateid_t zero_stateid = {
  63        /* all fields zero */
  64};
  65static const stateid_t currentstateid = {
  66        .si_generation = 1,
  67};
  68
  69static u64 current_sessionid = 1;
  70
  71#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
  72#define ONE_STATEID(stateid)  (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
  73#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
  74
  75/* forward declarations */
  76static int check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner);
  77
  78/* Locking: */
  79
  80/* Currently used for almost all code touching nfsv4 state: */
  81static DEFINE_MUTEX(client_mutex);
  82
  83/*
  84 * Currently used for the del_recall_lru and file hash table.  In an
  85 * effort to decrease the scope of the client_mutex, this spinlock may
  86 * eventually cover more:
  87 */
  88static DEFINE_SPINLOCK(recall_lock);
  89
  90static struct kmem_cache *openowner_slab = NULL;
  91static struct kmem_cache *lockowner_slab = NULL;
  92static struct kmem_cache *file_slab = NULL;
  93static struct kmem_cache *stateid_slab = NULL;
  94static struct kmem_cache *deleg_slab = NULL;
  95
  96void
  97nfs4_lock_state(void)
  98{
  99        mutex_lock(&client_mutex);
 100}
 101
 102static void free_session(struct kref *);
 103
 104/* Must be called under the client_lock */
 105static void nfsd4_put_session_locked(struct nfsd4_session *ses)
 106{
 107        kref_put(&ses->se_ref, free_session);
 108}
 109
 110static void nfsd4_get_session(struct nfsd4_session *ses)
 111{
 112        kref_get(&ses->se_ref);
 113}
 114
 115void
 116nfs4_unlock_state(void)
 117{
 118        mutex_unlock(&client_mutex);
 119}
 120
 121static inline u32
 122opaque_hashval(const void *ptr, int nbytes)
 123{
 124        unsigned char *cptr = (unsigned char *) ptr;
 125
 126        u32 x = 0;
 127        while (nbytes--) {
 128                x *= 37;
 129                x += *cptr++;
 130        }
 131        return x;
 132}
 133
 134static struct list_head del_recall_lru;
 135
 136static void nfsd4_free_file(struct nfs4_file *f)
 137{
 138        kmem_cache_free(file_slab, f);
 139}
 140
 141static inline void
 142put_nfs4_file(struct nfs4_file *fi)
 143{
 144        if (atomic_dec_and_lock(&fi->fi_ref, &recall_lock)) {
 145                list_del(&fi->fi_hash);
 146                spin_unlock(&recall_lock);
 147                iput(fi->fi_inode);
 148                nfsd4_free_file(fi);
 149        }
 150}
 151
 152static inline void
 153get_nfs4_file(struct nfs4_file *fi)
 154{
 155        atomic_inc(&fi->fi_ref);
 156}
 157
 158static int num_delegations;
 159unsigned int max_delegations;
 160
 161/*
 162 * Open owner state (share locks)
 163 */
 164
 165/* hash tables for lock and open owners */
 166#define OWNER_HASH_BITS              8
 167#define OWNER_HASH_SIZE             (1 << OWNER_HASH_BITS)
 168#define OWNER_HASH_MASK             (OWNER_HASH_SIZE - 1)
 169
 170static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername)
 171{
 172        unsigned int ret;
 173
 174        ret = opaque_hashval(ownername->data, ownername->len);
 175        ret += clientid;
 176        return ret & OWNER_HASH_MASK;
 177}
 178
 179static struct list_head ownerstr_hashtbl[OWNER_HASH_SIZE];
 180
 181/* hash table for nfs4_file */
 182#define FILE_HASH_BITS                   8
 183#define FILE_HASH_SIZE                  (1 << FILE_HASH_BITS)
 184
 185static unsigned int file_hashval(struct inode *ino)
 186{
 187        /* XXX: why are we hashing on inode pointer, anyway? */
 188        return hash_ptr(ino, FILE_HASH_BITS);
 189}
 190
 191static struct list_head file_hashtbl[FILE_HASH_SIZE];
 192
 193static void __nfs4_file_get_access(struct nfs4_file *fp, int oflag)
 194{
 195        BUG_ON(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR]));
 196        atomic_inc(&fp->fi_access[oflag]);
 197}
 198
 199static void nfs4_file_get_access(struct nfs4_file *fp, int oflag)
 200{
 201        if (oflag == O_RDWR) {
 202                __nfs4_file_get_access(fp, O_RDONLY);
 203                __nfs4_file_get_access(fp, O_WRONLY);
 204        } else
 205                __nfs4_file_get_access(fp, oflag);
 206}
 207
 208static void nfs4_file_put_fd(struct nfs4_file *fp, int oflag)
 209{
 210        if (fp->fi_fds[oflag]) {
 211                fput(fp->fi_fds[oflag]);
 212                fp->fi_fds[oflag] = NULL;
 213        }
 214}
 215
 216static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
 217{
 218        if (atomic_dec_and_test(&fp->fi_access[oflag])) {
 219                nfs4_file_put_fd(fp, oflag);
 220                /*
 221                 * It's also safe to get rid of the RDWR open *if*
 222                 * we no longer have need of the other kind of access
 223                 * or if we already have the other kind of open:
 224                 */
 225                if (fp->fi_fds[1-oflag]
 226                        || atomic_read(&fp->fi_access[1 - oflag]) == 0)
 227                        nfs4_file_put_fd(fp, O_RDWR);
 228        }
 229}
 230
 231static void nfs4_file_put_access(struct nfs4_file *fp, int oflag)
 232{
 233        if (oflag == O_RDWR) {
 234                __nfs4_file_put_access(fp, O_RDONLY);
 235                __nfs4_file_put_access(fp, O_WRONLY);
 236        } else
 237                __nfs4_file_put_access(fp, oflag);
 238}
 239
 240static inline int get_new_stid(struct nfs4_stid *stid)
 241{
 242        static int min_stateid = 0;
 243        struct idr *stateids = &stid->sc_client->cl_stateids;
 244        int new_stid;
 245        int error;
 246
 247        error = idr_get_new_above(stateids, stid, min_stateid, &new_stid);
 248        /*
 249         * Note: the necessary preallocation was done in
 250         * nfs4_alloc_stateid().  The idr code caps the number of
 251         * preallocations that can exist at a time, but the state lock
 252         * prevents anyone from using ours before we get here:
 253         */
 254        BUG_ON(error);
 255        /*
 256         * It shouldn't be a problem to reuse an opaque stateid value.
 257         * I don't think it is for 4.1.  But with 4.0 I worry that, for
 258         * example, a stray write retransmission could be accepted by
 259         * the server when it should have been rejected.  Therefore,
 260         * adopt a trick from the sctp code to attempt to maximize the
 261         * amount of time until an id is reused, by ensuring they always
 262         * "increase" (mod INT_MAX):
 263         */
 264
 265        min_stateid = new_stid+1;
 266        if (min_stateid == INT_MAX)
 267                min_stateid = 0;
 268        return new_stid;
 269}
 270
 271static void init_stid(struct nfs4_stid *stid, struct nfs4_client *cl, unsigned char type)
 272{
 273        stateid_t *s = &stid->sc_stateid;
 274        int new_id;
 275
 276        stid->sc_type = type;
 277        stid->sc_client = cl;
 278        s->si_opaque.so_clid = cl->cl_clientid;
 279        new_id = get_new_stid(stid);
 280        s->si_opaque.so_id = (u32)new_id;
 281        /* Will be incremented before return to client: */
 282        s->si_generation = 0;
 283}
 284
 285static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab)
 286{
 287        struct idr *stateids = &cl->cl_stateids;
 288
 289        if (!idr_pre_get(stateids, GFP_KERNEL))
 290                return NULL;
 291        /*
 292         * Note: if we fail here (or any time between now and the time
 293         * we actually get the new idr), we won't need to undo the idr
 294         * preallocation, since the idr code caps the number of
 295         * preallocated entries.
 296         */
 297        return kmem_cache_alloc(slab, GFP_KERNEL);
 298}
 299
 300static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp)
 301{
 302        return openlockstateid(nfs4_alloc_stid(clp, stateid_slab));
 303}
 304
 305static struct nfs4_delegation *
 306alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh, u32 type)
 307{
 308        struct nfs4_delegation *dp;
 309        struct nfs4_file *fp = stp->st_file;
 310
 311        dprintk("NFSD alloc_init_deleg\n");
 312        /*
 313         * Major work on the lease subsystem (for example, to support
 314         * calbacks on stat) will be required before we can support
 315         * write delegations properly.
 316         */
 317        if (type != NFS4_OPEN_DELEGATE_READ)
 318                return NULL;
 319        if (fp->fi_had_conflict)
 320                return NULL;
 321        if (num_delegations > max_delegations)
 322                return NULL;
 323        dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab));
 324        if (dp == NULL)
 325                return dp;
 326        init_stid(&dp->dl_stid, clp, NFS4_DELEG_STID);
 327        /*
 328         * delegation seqid's are never incremented.  The 4.1 special
 329         * meaning of seqid 0 isn't meaningful, really, but let's avoid
 330         * 0 anyway just for consistency and use 1:
 331         */
 332        dp->dl_stid.sc_stateid.si_generation = 1;
 333        num_delegations++;
 334        INIT_LIST_HEAD(&dp->dl_perfile);
 335        INIT_LIST_HEAD(&dp->dl_perclnt);
 336        INIT_LIST_HEAD(&dp->dl_recall_lru);
 337        get_nfs4_file(fp);
 338        dp->dl_file = fp;
 339        dp->dl_type = type;
 340        fh_copy_shallow(&dp->dl_fh, &current_fh->fh_handle);
 341        dp->dl_time = 0;
 342        atomic_set(&dp->dl_count, 1);
 343        INIT_WORK(&dp->dl_recall.cb_work, nfsd4_do_callback_rpc);
 344        return dp;
 345}
 346
 347void
 348nfs4_put_delegation(struct nfs4_delegation *dp)
 349{
 350        if (atomic_dec_and_test(&dp->dl_count)) {
 351                dprintk("NFSD: freeing dp %p\n",dp);
 352                put_nfs4_file(dp->dl_file);
 353                kmem_cache_free(deleg_slab, dp);
 354                num_delegations--;
 355        }
 356}
 357
 358static void nfs4_put_deleg_lease(struct nfs4_file *fp)
 359{
 360        if (atomic_dec_and_test(&fp->fi_delegees)) {
 361                vfs_setlease(fp->fi_deleg_file, F_UNLCK, &fp->fi_lease);
 362                fp->fi_lease = NULL;
 363                fput(fp->fi_deleg_file);
 364                fp->fi_deleg_file = NULL;
 365        }
 366}
 367
 368static void unhash_stid(struct nfs4_stid *s)
 369{
 370        struct idr *stateids = &s->sc_client->cl_stateids;
 371
 372        idr_remove(stateids, s->sc_stateid.si_opaque.so_id);
 373}
 374
 375/* Called under the state lock. */
 376static void
 377unhash_delegation(struct nfs4_delegation *dp)
 378{
 379        unhash_stid(&dp->dl_stid);
 380        list_del_init(&dp->dl_perclnt);
 381        spin_lock(&recall_lock);
 382        list_del_init(&dp->dl_perfile);
 383        list_del_init(&dp->dl_recall_lru);
 384        spin_unlock(&recall_lock);
 385        nfs4_put_deleg_lease(dp->dl_file);
 386        nfs4_put_delegation(dp);
 387}
 388
 389/* 
 390 * SETCLIENTID state 
 391 */
 392
 393/* client_lock protects the client lru list and session hash table */
 394static DEFINE_SPINLOCK(client_lock);
 395
 396/* Hash tables for nfs4_clientid state */
 397#define CLIENT_HASH_BITS                 4
 398#define CLIENT_HASH_SIZE                (1 << CLIENT_HASH_BITS)
 399#define CLIENT_HASH_MASK                (CLIENT_HASH_SIZE - 1)
 400
 401static unsigned int clientid_hashval(u32 id)
 402{
 403        return id & CLIENT_HASH_MASK;
 404}
 405
 406static unsigned int clientstr_hashval(const char *name)
 407{
 408        return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
 409}
 410
 411/*
 412 * reclaim_str_hashtbl[] holds known client info from previous reset/reboot
 413 * used in reboot/reset lease grace period processing
 414 *
 415 * conf_id_hashtbl[], and conf_str_hashtbl[] hold confirmed
 416 * setclientid_confirmed info. 
 417 *
 418 * unconf_str_hastbl[] and unconf_id_hashtbl[] hold unconfirmed 
 419 * setclientid info.
 420 *
 421 * client_lru holds client queue ordered by nfs4_client.cl_time
 422 * for lease renewal.
 423 *
 424 * close_lru holds (open) stateowner queue ordered by nfs4_stateowner.so_time
 425 * for last close replay.
 426 */
 427static struct list_head reclaim_str_hashtbl[CLIENT_HASH_SIZE];
 428static int reclaim_str_hashtbl_size = 0;
 429static struct list_head conf_id_hashtbl[CLIENT_HASH_SIZE];
 430static struct list_head conf_str_hashtbl[CLIENT_HASH_SIZE];
 431static struct list_head unconf_str_hashtbl[CLIENT_HASH_SIZE];
 432static struct list_head unconf_id_hashtbl[CLIENT_HASH_SIZE];
 433static struct list_head client_lru;
 434static struct list_head close_lru;
 435
 436/*
 437 * We store the NONE, READ, WRITE, and BOTH bits separately in the
 438 * st_{access,deny}_bmap field of the stateid, in order to track not
 439 * only what share bits are currently in force, but also what
 440 * combinations of share bits previous opens have used.  This allows us
 441 * to enforce the recommendation of rfc 3530 14.2.19 that the server
 442 * return an error if the client attempt to downgrade to a combination
 443 * of share bits not explicable by closing some of its previous opens.
 444 *
 445 * XXX: This enforcement is actually incomplete, since we don't keep
 446 * track of access/deny bit combinations; so, e.g., we allow:
 447 *
 448 *      OPEN allow read, deny write
 449 *      OPEN allow both, deny none
 450 *      DOWNGRADE allow read, deny none
 451 *
 452 * which we should reject.
 453 */
 454static unsigned int
 455bmap_to_share_mode(unsigned long bmap) {
 456        int i;
 457        unsigned int access = 0;
 458
 459        for (i = 1; i < 4; i++) {
 460                if (test_bit(i, &bmap))
 461                        access |= i;
 462        }
 463        return access;
 464}
 465
 466static bool
 467test_share(struct nfs4_ol_stateid *stp, struct nfsd4_open *open) {
 468        unsigned int access, deny;
 469
 470        access = bmap_to_share_mode(stp->st_access_bmap);
 471        deny = bmap_to_share_mode(stp->st_deny_bmap);
 472        if ((access & open->op_share_deny) || (deny & open->op_share_access))
 473                return false;
 474        return true;
 475}
 476
 477/* set share access for a given stateid */
 478static inline void
 479set_access(u32 access, struct nfs4_ol_stateid *stp)
 480{
 481        __set_bit(access, &stp->st_access_bmap);
 482}
 483
 484/* clear share access for a given stateid */
 485static inline void
 486clear_access(u32 access, struct nfs4_ol_stateid *stp)
 487{
 488        __clear_bit(access, &stp->st_access_bmap);
 489}
 490
 491/* test whether a given stateid has access */
 492static inline bool
 493test_access(u32 access, struct nfs4_ol_stateid *stp)
 494{
 495        return test_bit(access, &stp->st_access_bmap);
 496}
 497
 498/* set share deny for a given stateid */
 499static inline void
 500set_deny(u32 access, struct nfs4_ol_stateid *stp)
 501{
 502        __set_bit(access, &stp->st_deny_bmap);
 503}
 504
 505/* clear share deny for a given stateid */
 506static inline void
 507clear_deny(u32 access, struct nfs4_ol_stateid *stp)
 508{
 509        __clear_bit(access, &stp->st_deny_bmap);
 510}
 511
 512/* test whether a given stateid is denying specific access */
 513static inline bool
 514test_deny(u32 access, struct nfs4_ol_stateid *stp)
 515{
 516        return test_bit(access, &stp->st_deny_bmap);
 517}
 518
 519static int nfs4_access_to_omode(u32 access)
 520{
 521        switch (access & NFS4_SHARE_ACCESS_BOTH) {
 522        case NFS4_SHARE_ACCESS_READ:
 523                return O_RDONLY;
 524        case NFS4_SHARE_ACCESS_WRITE:
 525                return O_WRONLY;
 526        case NFS4_SHARE_ACCESS_BOTH:
 527                return O_RDWR;
 528        }
 529        BUG();
 530}
 531
 532/* release all access and file references for a given stateid */
 533static void
 534release_all_access(struct nfs4_ol_stateid *stp)
 535{
 536        int i;
 537
 538        for (i = 1; i < 4; i++) {
 539                if (test_access(i, stp))
 540                        nfs4_file_put_access(stp->st_file,
 541                                             nfs4_access_to_omode(i));
 542                clear_access(i, stp);
 543        }
 544}
 545
 546static void unhash_generic_stateid(struct nfs4_ol_stateid *stp)
 547{
 548        list_del(&stp->st_perfile);
 549        list_del(&stp->st_perstateowner);
 550}
 551
 552static void close_generic_stateid(struct nfs4_ol_stateid *stp)
 553{
 554        release_all_access(stp);
 555        put_nfs4_file(stp->st_file);
 556        stp->st_file = NULL;
 557}
 558
 559static void free_generic_stateid(struct nfs4_ol_stateid *stp)
 560{
 561        kmem_cache_free(stateid_slab, stp);
 562}
 563
 564static void release_lock_stateid(struct nfs4_ol_stateid *stp)
 565{
 566        struct file *file;
 567
 568        unhash_generic_stateid(stp);
 569        unhash_stid(&stp->st_stid);
 570        file = find_any_file(stp->st_file);
 571        if (file)
 572                locks_remove_posix(file, (fl_owner_t)lockowner(stp->st_stateowner));
 573        close_generic_stateid(stp);
 574        free_generic_stateid(stp);
 575}
 576
 577static void unhash_lockowner(struct nfs4_lockowner *lo)
 578{
 579        struct nfs4_ol_stateid *stp;
 580
 581        list_del(&lo->lo_owner.so_strhash);
 582        list_del(&lo->lo_perstateid);
 583        list_del(&lo->lo_owner_ino_hash);
 584        while (!list_empty(&lo->lo_owner.so_stateids)) {
 585                stp = list_first_entry(&lo->lo_owner.so_stateids,
 586                                struct nfs4_ol_stateid, st_perstateowner);
 587                release_lock_stateid(stp);
 588        }
 589}
 590
 591static void release_lockowner(struct nfs4_lockowner *lo)
 592{
 593        unhash_lockowner(lo);
 594        nfs4_free_lockowner(lo);
 595}
 596
 597static void
 598release_stateid_lockowners(struct nfs4_ol_stateid *open_stp)
 599{
 600        struct nfs4_lockowner *lo;
 601
 602        while (!list_empty(&open_stp->st_lockowners)) {
 603                lo = list_entry(open_stp->st_lockowners.next,
 604                                struct nfs4_lockowner, lo_perstateid);
 605                release_lockowner(lo);
 606        }
 607}
 608
 609static void unhash_open_stateid(struct nfs4_ol_stateid *stp)
 610{
 611        unhash_generic_stateid(stp);
 612        release_stateid_lockowners(stp);
 613        close_generic_stateid(stp);
 614}
 615
 616static void release_open_stateid(struct nfs4_ol_stateid *stp)
 617{
 618        unhash_open_stateid(stp);
 619        unhash_stid(&stp->st_stid);
 620        free_generic_stateid(stp);
 621}
 622
 623static void unhash_openowner(struct nfs4_openowner *oo)
 624{
 625        struct nfs4_ol_stateid *stp;
 626
 627        list_del(&oo->oo_owner.so_strhash);
 628        list_del(&oo->oo_perclient);
 629        while (!list_empty(&oo->oo_owner.so_stateids)) {
 630                stp = list_first_entry(&oo->oo_owner.so_stateids,
 631                                struct nfs4_ol_stateid, st_perstateowner);
 632                release_open_stateid(stp);
 633        }
 634}
 635
 636static void release_last_closed_stateid(struct nfs4_openowner *oo)
 637{
 638        struct nfs4_ol_stateid *s = oo->oo_last_closed_stid;
 639
 640        if (s) {
 641                unhash_stid(&s->st_stid);
 642                free_generic_stateid(s);
 643                oo->oo_last_closed_stid = NULL;
 644        }
 645}
 646
 647static void release_openowner(struct nfs4_openowner *oo)
 648{
 649        unhash_openowner(oo);
 650        list_del(&oo->oo_close_lru);
 651        release_last_closed_stateid(oo);
 652        nfs4_free_openowner(oo);
 653}
 654
 655#define SESSION_HASH_SIZE       512
 656static struct list_head sessionid_hashtbl[SESSION_HASH_SIZE];
 657
 658static inline int
 659hash_sessionid(struct nfs4_sessionid *sessionid)
 660{
 661        struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
 662
 663        return sid->sequence % SESSION_HASH_SIZE;
 664}
 665
 666#ifdef NFSD_DEBUG
 667static inline void
 668dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
 669{
 670        u32 *ptr = (u32 *)(&sessionid->data[0]);
 671        dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
 672}
 673#else
 674static inline void
 675dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
 676{
 677}
 678#endif
 679
 680
 681static void
 682gen_sessionid(struct nfsd4_session *ses)
 683{
 684        struct nfs4_client *clp = ses->se_client;
 685        struct nfsd4_sessionid *sid;
 686
 687        sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
 688        sid->clientid = clp->cl_clientid;
 689        sid->sequence = current_sessionid++;
 690        sid->reserved = 0;
 691}
 692
 693/*
 694 * The protocol defines ca_maxresponssize_cached to include the size of
 695 * the rpc header, but all we need to cache is the data starting after
 696 * the end of the initial SEQUENCE operation--the rest we regenerate
 697 * each time.  Therefore we can advertise a ca_maxresponssize_cached
 698 * value that is the number of bytes in our cache plus a few additional
 699 * bytes.  In order to stay on the safe side, and not promise more than
 700 * we can cache, those additional bytes must be the minimum possible: 24
 701 * bytes of rpc header (xid through accept state, with AUTH_NULL
 702 * verifier), 12 for the compound header (with zero-length tag), and 44
 703 * for the SEQUENCE op response:
 704 */
 705#define NFSD_MIN_HDR_SEQ_SZ  (24 + 12 + 44)
 706
 707static void
 708free_session_slots(struct nfsd4_session *ses)
 709{
 710        int i;
 711
 712        for (i = 0; i < ses->se_fchannel.maxreqs; i++)
 713                kfree(ses->se_slots[i]);
 714}
 715
 716/*
 717 * We don't actually need to cache the rpc and session headers, so we
 718 * can allocate a little less for each slot:
 719 */
 720static inline int slot_bytes(struct nfsd4_channel_attrs *ca)
 721{
 722        return ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
 723}
 724
 725static int nfsd4_sanitize_slot_size(u32 size)
 726{
 727        size -= NFSD_MIN_HDR_SEQ_SZ; /* We don't cache the rpc header */
 728        size = min_t(u32, size, NFSD_SLOT_CACHE_SIZE);
 729
 730        return size;
 731}
 732
 733/*
 734 * XXX: If we run out of reserved DRC memory we could (up to a point)
 735 * re-negotiate active sessions and reduce their slot usage to make
 736 * room for new connections. For now we just fail the create session.
 737 */
 738static int nfsd4_get_drc_mem(int slotsize, u32 num)
 739{
 740        int avail;
 741
 742        num = min_t(u32, num, NFSD_MAX_SLOTS_PER_SESSION);
 743
 744        spin_lock(&nfsd_drc_lock);
 745        avail = min_t(int, NFSD_MAX_MEM_PER_SESSION,
 746                        nfsd_drc_max_mem - nfsd_drc_mem_used);
 747        num = min_t(int, num, avail / slotsize);
 748        nfsd_drc_mem_used += num * slotsize;
 749        spin_unlock(&nfsd_drc_lock);
 750
 751        return num;
 752}
 753
 754static void nfsd4_put_drc_mem(int slotsize, int num)
 755{
 756        spin_lock(&nfsd_drc_lock);
 757        nfsd_drc_mem_used -= slotsize * num;
 758        spin_unlock(&nfsd_drc_lock);
 759}
 760
 761static struct nfsd4_session *alloc_session(int slotsize, int numslots)
 762{
 763        struct nfsd4_session *new;
 764        int mem, i;
 765
 766        BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
 767                        + sizeof(struct nfsd4_session) > PAGE_SIZE);
 768        mem = numslots * sizeof(struct nfsd4_slot *);
 769
 770        new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
 771        if (!new)
 772                return NULL;
 773        /* allocate each struct nfsd4_slot and data cache in one piece */
 774        for (i = 0; i < numslots; i++) {
 775                mem = sizeof(struct nfsd4_slot) + slotsize;
 776                new->se_slots[i] = kzalloc(mem, GFP_KERNEL);
 777                if (!new->se_slots[i])
 778                        goto out_free;
 779        }
 780        return new;
 781out_free:
 782        while (i--)
 783                kfree(new->se_slots[i]);
 784        kfree(new);
 785        return NULL;
 786}
 787
 788static void init_forechannel_attrs(struct nfsd4_channel_attrs *new, struct nfsd4_channel_attrs *req, int numslots, int slotsize)
 789{
 790        u32 maxrpc = nfsd_serv->sv_max_mesg;
 791
 792        new->maxreqs = numslots;
 793        new->maxresp_cached = min_t(u32, req->maxresp_cached,
 794                                        slotsize + NFSD_MIN_HDR_SEQ_SZ);
 795        new->maxreq_sz = min_t(u32, req->maxreq_sz, maxrpc);
 796        new->maxresp_sz = min_t(u32, req->maxresp_sz, maxrpc);
 797        new->maxops = min_t(u32, req->maxops, NFSD_MAX_OPS_PER_COMPOUND);
 798}
 799
 800static void free_conn(struct nfsd4_conn *c)
 801{
 802        svc_xprt_put(c->cn_xprt);
 803        kfree(c);
 804}
 805
 806static void nfsd4_conn_lost(struct svc_xpt_user *u)
 807{
 808        struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
 809        struct nfs4_client *clp = c->cn_session->se_client;
 810
 811        spin_lock(&clp->cl_lock);
 812        if (!list_empty(&c->cn_persession)) {
 813                list_del(&c->cn_persession);
 814                free_conn(c);
 815        }
 816        spin_unlock(&clp->cl_lock);
 817        nfsd4_probe_callback(clp);
 818}
 819
 820static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
 821{
 822        struct nfsd4_conn *conn;
 823
 824        conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
 825        if (!conn)
 826                return NULL;
 827        svc_xprt_get(rqstp->rq_xprt);
 828        conn->cn_xprt = rqstp->rq_xprt;
 829        conn->cn_flags = flags;
 830        INIT_LIST_HEAD(&conn->cn_xpt_user.list);
 831        return conn;
 832}
 833
 834static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
 835{
 836        conn->cn_session = ses;
 837        list_add(&conn->cn_persession, &ses->se_conns);
 838}
 839
 840static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
 841{
 842        struct nfs4_client *clp = ses->se_client;
 843
 844        spin_lock(&clp->cl_lock);
 845        __nfsd4_hash_conn(conn, ses);
 846        spin_unlock(&clp->cl_lock);
 847}
 848
 849static int nfsd4_register_conn(struct nfsd4_conn *conn)
 850{
 851        conn->cn_xpt_user.callback = nfsd4_conn_lost;
 852        return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
 853}
 854
 855static __be32 nfsd4_new_conn(struct svc_rqst *rqstp, struct nfsd4_session *ses, u32 dir)
 856{
 857        struct nfsd4_conn *conn;
 858        int ret;
 859
 860        conn = alloc_conn(rqstp, dir);
 861        if (!conn)
 862                return nfserr_jukebox;
 863        nfsd4_hash_conn(conn, ses);
 864        ret = nfsd4_register_conn(conn);
 865        if (ret)
 866                /* oops; xprt is already down: */
 867                nfsd4_conn_lost(&conn->cn_xpt_user);
 868        if (ses->se_client->cl_cb_state == NFSD4_CB_DOWN &&
 869                dir & NFS4_CDFC4_BACK) {
 870                /* callback channel may be back up */
 871                nfsd4_probe_callback(ses->se_client);
 872        }
 873        return nfs_ok;
 874}
 875
 876static __be32 nfsd4_new_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_session *ses)
 877{
 878        u32 dir = NFS4_CDFC4_FORE;
 879
 880        if (ses->se_flags & SESSION4_BACK_CHAN)
 881                dir |= NFS4_CDFC4_BACK;
 882
 883        return nfsd4_new_conn(rqstp, ses, dir);
 884}
 885
 886/* must be called under client_lock */
 887static void nfsd4_del_conns(struct nfsd4_session *s)
 888{
 889        struct nfs4_client *clp = s->se_client;
 890        struct nfsd4_conn *c;
 891
 892        spin_lock(&clp->cl_lock);
 893        while (!list_empty(&s->se_conns)) {
 894                c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
 895                list_del_init(&c->cn_persession);
 896                spin_unlock(&clp->cl_lock);
 897
 898                unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
 899                free_conn(c);
 900
 901                spin_lock(&clp->cl_lock);
 902        }
 903        spin_unlock(&clp->cl_lock);
 904}
 905
 906static void free_session(struct kref *kref)
 907{
 908        struct nfsd4_session *ses;
 909        int mem;
 910
 911        lockdep_assert_held(&client_lock);
 912        ses = container_of(kref, struct nfsd4_session, se_ref);
 913        nfsd4_del_conns(ses);
 914        spin_lock(&nfsd_drc_lock);
 915        mem = ses->se_fchannel.maxreqs * slot_bytes(&ses->se_fchannel);
 916        nfsd_drc_mem_used -= mem;
 917        spin_unlock(&nfsd_drc_lock);
 918        free_session_slots(ses);
 919        kfree(ses);
 920}
 921
 922void nfsd4_put_session(struct nfsd4_session *ses)
 923{
 924        spin_lock(&client_lock);
 925        nfsd4_put_session_locked(ses);
 926        spin_unlock(&client_lock);
 927}
 928
 929static struct nfsd4_session *alloc_init_session(struct svc_rqst *rqstp, struct nfs4_client *clp, struct nfsd4_create_session *cses)
 930{
 931        struct nfsd4_session *new;
 932        struct nfsd4_channel_attrs *fchan = &cses->fore_channel;
 933        int numslots, slotsize;
 934        __be32 status;
 935        int idx;
 936
 937        /*
 938         * Note decreasing slot size below client's request may
 939         * make it difficult for client to function correctly, whereas
 940         * decreasing the number of slots will (just?) affect
 941         * performance.  When short on memory we therefore prefer to
 942         * decrease number of slots instead of their size.
 943         */
 944        slotsize = nfsd4_sanitize_slot_size(fchan->maxresp_cached);
 945        numslots = nfsd4_get_drc_mem(slotsize, fchan->maxreqs);
 946        if (numslots < 1)
 947                return NULL;
 948
 949        new = alloc_session(slotsize, numslots);
 950        if (!new) {
 951                nfsd4_put_drc_mem(slotsize, fchan->maxreqs);
 952                return NULL;
 953        }
 954        init_forechannel_attrs(&new->se_fchannel, fchan, numslots, slotsize);
 955
 956        new->se_client = clp;
 957        gen_sessionid(new);
 958
 959        INIT_LIST_HEAD(&new->se_conns);
 960
 961        new->se_cb_seq_nr = 1;
 962        new->se_flags = cses->flags;
 963        new->se_cb_prog = cses->callback_prog;
 964        kref_init(&new->se_ref);
 965        idx = hash_sessionid(&new->se_sessionid);
 966        spin_lock(&client_lock);
 967        list_add(&new->se_hash, &sessionid_hashtbl[idx]);
 968        spin_lock(&clp->cl_lock);
 969        list_add(&new->se_perclnt, &clp->cl_sessions);
 970        spin_unlock(&clp->cl_lock);
 971        spin_unlock(&client_lock);
 972
 973        status = nfsd4_new_conn_from_crses(rqstp, new);
 974        /* whoops: benny points out, status is ignored! (err, or bogus) */
 975        if (status) {
 976                spin_lock(&client_lock);
 977                free_session(&new->se_ref);
 978                spin_unlock(&client_lock);
 979                return NULL;
 980        }
 981        if (cses->flags & SESSION4_BACK_CHAN) {
 982                struct sockaddr *sa = svc_addr(rqstp);
 983                /*
 984                 * This is a little silly; with sessions there's no real
 985                 * use for the callback address.  Use the peer address
 986                 * as a reasonable default for now, but consider fixing
 987                 * the rpc client not to require an address in the
 988                 * future:
 989                 */
 990                rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
 991                clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
 992        }
 993        nfsd4_probe_callback(clp);
 994        return new;
 995}
 996
 997/* caller must hold client_lock */
 998static struct nfsd4_session *
 999find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid)
1000{
1001        struct nfsd4_session *elem;
1002        int idx;
1003
1004        dump_sessionid(__func__, sessionid);
1005        idx = hash_sessionid(sessionid);
1006        /* Search in the appropriate list */
1007        list_for_each_entry(elem, &sessionid_hashtbl[idx], se_hash) {
1008                if (!memcmp(elem->se_sessionid.data, sessionid->data,
1009                            NFS4_MAX_SESSIONID_LEN)) {
1010                        return elem;
1011                }
1012        }
1013
1014        dprintk("%s: session not found\n", __func__);
1015        return NULL;
1016}
1017
1018/* caller must hold client_lock */
1019static void
1020unhash_session(struct nfsd4_session *ses)
1021{
1022        list_del(&ses->se_hash);
1023        spin_lock(&ses->se_client->cl_lock);
1024        list_del(&ses->se_perclnt);
1025        spin_unlock(&ses->se_client->cl_lock);
1026}
1027
1028/* must be called under the client_lock */
1029static inline void
1030renew_client_locked(struct nfs4_client *clp)
1031{
1032        if (is_client_expired(clp)) {
1033                WARN_ON(1);
1034                printk("%s: client (clientid %08x/%08x) already expired\n",
1035                        __func__,
1036                        clp->cl_clientid.cl_boot,
1037                        clp->cl_clientid.cl_id);
1038                return;
1039        }
1040
1041        dprintk("renewing client (clientid %08x/%08x)\n", 
1042                        clp->cl_clientid.cl_boot, 
1043                        clp->cl_clientid.cl_id);
1044        list_move_tail(&clp->cl_lru, &client_lru);
1045        clp->cl_time = get_seconds();
1046}
1047
1048static inline void
1049renew_client(struct nfs4_client *clp)
1050{
1051        spin_lock(&client_lock);
1052        renew_client_locked(clp);
1053        spin_unlock(&client_lock);
1054}
1055
1056/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1057static int
1058STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1059{
1060        if (clid->cl_boot == nn->boot_time)
1061                return 0;
1062        dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
1063                clid->cl_boot, clid->cl_id, nn->boot_time);
1064        return 1;
1065}
1066
1067/* 
1068 * XXX Should we use a slab cache ?
1069 * This type of memory management is somewhat inefficient, but we use it
1070 * anyway since SETCLIENTID is not a common operation.
1071 */
1072static struct nfs4_client *alloc_client(struct xdr_netobj name)
1073{
1074        struct nfs4_client *clp;
1075
1076        clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1077        if (clp == NULL)
1078                return NULL;
1079        clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
1080        if (clp->cl_name.data == NULL) {
1081                kfree(clp);
1082                return NULL;
1083        }
1084        clp->cl_name.len = name.len;
1085        return clp;
1086}
1087
1088static inline void
1089free_client(struct nfs4_client *clp)
1090{
1091        lockdep_assert_held(&client_lock);
1092        while (!list_empty(&clp->cl_sessions)) {
1093                struct nfsd4_session *ses;
1094                ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1095                                se_perclnt);
1096                list_del(&ses->se_perclnt);
1097                nfsd4_put_session_locked(ses);
1098        }
1099        free_svc_cred(&clp->cl_cred);
1100        kfree(clp->cl_name.data);
1101        kfree(clp);
1102}
1103
1104void
1105release_session_client(struct nfsd4_session *session)
1106{
1107        struct nfs4_client *clp = session->se_client;
1108
1109        if (!atomic_dec_and_lock(&clp->cl_refcount, &client_lock))
1110                return;
1111        if (is_client_expired(clp)) {
1112                free_client(clp);
1113                session->se_client = NULL;
1114        } else
1115                renew_client_locked(clp);
1116        spin_unlock(&client_lock);
1117}
1118
1119/* must be called under the client_lock */
1120static inline void
1121unhash_client_locked(struct nfs4_client *clp)
1122{
1123        struct nfsd4_session *ses;
1124
1125        mark_client_expired(clp);
1126        list_del(&clp->cl_lru);
1127        spin_lock(&clp->cl_lock);
1128        list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1129                list_del_init(&ses->se_hash);
1130        spin_unlock(&clp->cl_lock);
1131}
1132
1133static void
1134expire_client(struct nfs4_client *clp)
1135{
1136        struct nfs4_openowner *oo;
1137        struct nfs4_delegation *dp;
1138        struct list_head reaplist;
1139
1140        INIT_LIST_HEAD(&reaplist);
1141        spin_lock(&recall_lock);
1142        while (!list_empty(&clp->cl_delegations)) {
1143                dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
1144                list_del_init(&dp->dl_perclnt);
1145                list_move(&dp->dl_recall_lru, &reaplist);
1146        }
1147        spin_unlock(&recall_lock);
1148        while (!list_empty(&reaplist)) {
1149                dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
1150                unhash_delegation(dp);
1151        }
1152        while (!list_empty(&clp->cl_openowners)) {
1153                oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
1154                release_openowner(oo);
1155        }
1156        nfsd4_shutdown_callback(clp);
1157        if (clp->cl_cb_conn.cb_xprt)
1158                svc_xprt_put(clp->cl_cb_conn.cb_xprt);
1159        list_del(&clp->cl_idhash);
1160        list_del(&clp->cl_strhash);
1161        spin_lock(&client_lock);
1162        unhash_client_locked(clp);
1163        if (atomic_read(&clp->cl_refcount) == 0)
1164                free_client(clp);
1165        spin_unlock(&client_lock);
1166}
1167
1168static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1169{
1170        memcpy(target->cl_verifier.data, source->data,
1171                        sizeof(target->cl_verifier.data));
1172}
1173
1174static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1175{
1176        target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 
1177        target->cl_clientid.cl_id = source->cl_clientid.cl_id; 
1178}
1179
1180static int copy_cred(struct svc_cred *target, struct svc_cred *source)
1181{
1182        if (source->cr_principal) {
1183                target->cr_principal =
1184                                kstrdup(source->cr_principal, GFP_KERNEL);
1185                if (target->cr_principal == NULL)
1186                        return -ENOMEM;
1187        } else
1188                target->cr_principal = NULL;
1189        target->cr_flavor = source->cr_flavor;
1190        target->cr_uid = source->cr_uid;
1191        target->cr_gid = source->cr_gid;
1192        target->cr_group_info = source->cr_group_info;
1193        get_group_info(target->cr_group_info);
1194        return 0;
1195}
1196
1197static int same_name(const char *n1, const char *n2)
1198{
1199        return 0 == memcmp(n1, n2, HEXDIR_LEN);
1200}
1201
1202static int
1203same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
1204{
1205        return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1206}
1207
1208static int
1209same_clid(clientid_t *cl1, clientid_t *cl2)
1210{
1211        return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1212}
1213
1214static bool groups_equal(struct group_info *g1, struct group_info *g2)
1215{
1216        int i;
1217
1218        if (g1->ngroups != g2->ngroups)
1219                return false;
1220        for (i=0; i<g1->ngroups; i++)
1221                if (GROUP_AT(g1, i) != GROUP_AT(g2, i))
1222                        return false;
1223        return true;
1224}
1225
1226/*
1227 * RFC 3530 language requires clid_inuse be returned when the
1228 * "principal" associated with a requests differs from that previously
1229 * used.  We use uid, gid's, and gss principal string as our best
1230 * approximation.  We also don't want to allow non-gss use of a client
1231 * established using gss: in theory cr_principal should catch that
1232 * change, but in practice cr_principal can be null even in the gss case
1233 * since gssd doesn't always pass down a principal string.
1234 */
1235static bool is_gss_cred(struct svc_cred *cr)
1236{
1237        /* Is cr_flavor one of the gss "pseudoflavors"?: */
1238        return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
1239}
1240
1241
1242static bool
1243same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
1244{
1245        if ((is_gss_cred(cr1) != is_gss_cred(cr2))
1246                || (cr1->cr_uid != cr2->cr_uid)
1247                || (cr1->cr_gid != cr2->cr_gid)
1248                || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1249                return false;
1250        if (cr1->cr_principal == cr2->cr_principal)
1251                return true;
1252        if (!cr1->cr_principal || !cr2->cr_principal)
1253                return false;
1254        return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1255}
1256
1257static void gen_clid(struct nfs4_client *clp)
1258{
1259        static u32 current_clientid = 1;
1260        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
1261
1262        clp->cl_clientid.cl_boot = nn->boot_time;
1263        clp->cl_clientid.cl_id = current_clientid++; 
1264}
1265
1266static void gen_confirm(struct nfs4_client *clp)
1267{
1268        __be32 verf[2];
1269        static u32 i;
1270
1271        verf[0] = (__be32)get_seconds();
1272        verf[1] = (__be32)i++;
1273        memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1274}
1275
1276static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t)
1277{
1278        return idr_find(&cl->cl_stateids, t->si_opaque.so_id);
1279}
1280
1281static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
1282{
1283        struct nfs4_stid *s;
1284
1285        s = find_stateid(cl, t);
1286        if (!s)
1287                return NULL;
1288        if (typemask & s->sc_type)
1289                return s;
1290        return NULL;
1291}
1292
1293static struct nfs4_client *create_client(struct xdr_netobj name, char *recdir,
1294                struct svc_rqst *rqstp, nfs4_verifier *verf)
1295{
1296        struct nfs4_client *clp;
1297        struct sockaddr *sa = svc_addr(rqstp);
1298        int ret;
1299
1300        clp = alloc_client(name);
1301        if (clp == NULL)
1302                return NULL;
1303
1304        INIT_LIST_HEAD(&clp->cl_sessions);
1305        ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
1306        if (ret) {
1307                spin_lock(&client_lock);
1308                free_client(clp);
1309                spin_unlock(&client_lock);
1310                return NULL;
1311        }
1312        idr_init(&clp->cl_stateids);
1313        memcpy(clp->cl_recdir, recdir, HEXDIR_LEN);
1314        atomic_set(&clp->cl_refcount, 0);
1315        clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1316        INIT_LIST_HEAD(&clp->cl_idhash);
1317        INIT_LIST_HEAD(&clp->cl_strhash);
1318        INIT_LIST_HEAD(&clp->cl_openowners);
1319        INIT_LIST_HEAD(&clp->cl_delegations);
1320        INIT_LIST_HEAD(&clp->cl_lru);
1321        INIT_LIST_HEAD(&clp->cl_callbacks);
1322        spin_lock_init(&clp->cl_lock);
1323        INIT_WORK(&clp->cl_cb_null.cb_work, nfsd4_do_callback_rpc);
1324        clp->cl_time = get_seconds();
1325        clear_bit(0, &clp->cl_cb_slot_busy);
1326        rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1327        copy_verf(clp, verf);
1328        rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
1329        gen_confirm(clp);
1330        clp->cl_cb_session = NULL;
1331        return clp;
1332}
1333
1334static void
1335add_to_unconfirmed(struct nfs4_client *clp, unsigned int strhashval)
1336{
1337        unsigned int idhashval;
1338
1339        list_add(&clp->cl_strhash, &unconf_str_hashtbl[strhashval]);
1340        idhashval = clientid_hashval(clp->cl_clientid.cl_id);
1341        list_add(&clp->cl_idhash, &unconf_id_hashtbl[idhashval]);
1342        renew_client(clp);
1343}
1344
1345static void
1346move_to_confirmed(struct nfs4_client *clp)
1347{
1348        unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
1349        unsigned int strhashval;
1350
1351        dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
1352        list_move(&clp->cl_idhash, &conf_id_hashtbl[idhashval]);
1353        strhashval = clientstr_hashval(clp->cl_recdir);
1354        list_move(&clp->cl_strhash, &conf_str_hashtbl[strhashval]);
1355        renew_client(clp);
1356}
1357
1358static struct nfs4_client *
1359find_confirmed_client(clientid_t *clid)
1360{
1361        struct nfs4_client *clp;
1362        unsigned int idhashval = clientid_hashval(clid->cl_id);
1363
1364        list_for_each_entry(clp, &conf_id_hashtbl[idhashval], cl_idhash) {
1365                if (same_clid(&clp->cl_clientid, clid)) {
1366                        renew_client(clp);
1367                        return clp;
1368                }
1369        }
1370        return NULL;
1371}
1372
1373static struct nfs4_client *
1374find_unconfirmed_client(clientid_t *clid)
1375{
1376        struct nfs4_client *clp;
1377        unsigned int idhashval = clientid_hashval(clid->cl_id);
1378
1379        list_for_each_entry(clp, &unconf_id_hashtbl[idhashval], cl_idhash) {
1380                if (same_clid(&clp->cl_clientid, clid))
1381                        return clp;
1382        }
1383        return NULL;
1384}
1385
1386static bool clp_used_exchangeid(struct nfs4_client *clp)
1387{
1388        return clp->cl_exchange_flags != 0;
1389} 
1390
1391static struct nfs4_client *
1392find_confirmed_client_by_str(const char *dname, unsigned int hashval)
1393{
1394        struct nfs4_client *clp;
1395
1396        list_for_each_entry(clp, &conf_str_hashtbl[hashval], cl_strhash) {
1397                if (same_name(clp->cl_recdir, dname))
1398                        return clp;
1399        }
1400        return NULL;
1401}
1402
1403static struct nfs4_client *
1404find_unconfirmed_client_by_str(const char *dname, unsigned int hashval)
1405{
1406        struct nfs4_client *clp;
1407
1408        list_for_each_entry(clp, &unconf_str_hashtbl[hashval], cl_strhash) {
1409                if (same_name(clp->cl_recdir, dname))
1410                        return clp;
1411        }
1412        return NULL;
1413}
1414
1415static void
1416gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1417{
1418        struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
1419        struct sockaddr *sa = svc_addr(rqstp);
1420        u32 scopeid = rpc_get_scope_id(sa);
1421        unsigned short expected_family;
1422
1423        /* Currently, we only support tcp and tcp6 for the callback channel */
1424        if (se->se_callback_netid_len == 3 &&
1425            !memcmp(se->se_callback_netid_val, "tcp", 3))
1426                expected_family = AF_INET;
1427        else if (se->se_callback_netid_len == 4 &&
1428                 !memcmp(se->se_callback_netid_val, "tcp6", 4))
1429                expected_family = AF_INET6;
1430        else
1431                goto out_err;
1432
1433        conn->cb_addrlen = rpc_uaddr2sockaddr(&init_net, se->se_callback_addr_val,
1434                                            se->se_callback_addr_len,
1435                                            (struct sockaddr *)&conn->cb_addr,
1436                                            sizeof(conn->cb_addr));
1437
1438        if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1439                goto out_err;
1440
1441        if (conn->cb_addr.ss_family == AF_INET6)
1442                ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
1443
1444        conn->cb_prog = se->se_callback_prog;
1445        conn->cb_ident = se->se_callback_ident;
1446        memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1447        return;
1448out_err:
1449        conn->cb_addr.ss_family = AF_UNSPEC;
1450        conn->cb_addrlen = 0;
1451        dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
1452                "will not receive delegations\n",
1453                clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
1454
1455        return;
1456}
1457
1458/*
1459 * Cache a reply. nfsd4_check_drc_limit() has bounded the cache size.
1460 */
1461void
1462nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
1463{
1464        struct nfsd4_slot *slot = resp->cstate.slot;
1465        unsigned int base;
1466
1467        dprintk("--> %s slot %p\n", __func__, slot);
1468
1469        slot->sl_opcnt = resp->opcnt;
1470        slot->sl_status = resp->cstate.status;
1471
1472        slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
1473        if (nfsd4_not_cached(resp)) {
1474                slot->sl_datalen = 0;
1475                return;
1476        }
1477        slot->sl_datalen = (char *)resp->p - (char *)resp->cstate.datap;
1478        base = (char *)resp->cstate.datap -
1479                                        (char *)resp->xbuf->head[0].iov_base;
1480        if (read_bytes_from_xdr_buf(resp->xbuf, base, slot->sl_data,
1481                                    slot->sl_datalen))
1482                WARN("%s: sessions DRC could not cache compound\n", __func__);
1483        return;
1484}
1485
1486/*
1487 * Encode the replay sequence operation from the slot values.
1488 * If cachethis is FALSE encode the uncached rep error on the next
1489 * operation which sets resp->p and increments resp->opcnt for
1490 * nfs4svc_encode_compoundres.
1491 *
1492 */
1493static __be32
1494nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
1495                          struct nfsd4_compoundres *resp)
1496{
1497        struct nfsd4_op *op;
1498        struct nfsd4_slot *slot = resp->cstate.slot;
1499
1500        /* Encode the replayed sequence operation */
1501        op = &args->ops[resp->opcnt - 1];
1502        nfsd4_encode_operation(resp, op);
1503
1504        /* Return nfserr_retry_uncached_rep in next operation. */
1505        if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
1506                op = &args->ops[resp->opcnt++];
1507                op->status = nfserr_retry_uncached_rep;
1508                nfsd4_encode_operation(resp, op);
1509        }
1510        return op->status;
1511}
1512
1513/*
1514 * The sequence operation is not cached because we can use the slot and
1515 * session values.
1516 */
1517__be32
1518nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
1519                         struct nfsd4_sequence *seq)
1520{
1521        struct nfsd4_slot *slot = resp->cstate.slot;
1522        __be32 status;
1523
1524        dprintk("--> %s slot %p\n", __func__, slot);
1525
1526        /* Either returns 0 or nfserr_retry_uncached */
1527        status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
1528        if (status == nfserr_retry_uncached_rep)
1529                return status;
1530
1531        /* The sequence operation has been encoded, cstate->datap set. */
1532        memcpy(resp->cstate.datap, slot->sl_data, slot->sl_datalen);
1533
1534        resp->opcnt = slot->sl_opcnt;
1535        resp->p = resp->cstate.datap + XDR_QUADLEN(slot->sl_datalen);
1536        status = slot->sl_status;
1537
1538        return status;
1539}
1540
1541/*
1542 * Set the exchange_id flags returned by the server.
1543 */
1544static void
1545nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
1546{
1547        /* pNFS is not supported */
1548        new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
1549
1550        /* Referrals are supported, Migration is not. */
1551        new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
1552
1553        /* set the wire flags to return to client. */
1554        clid->flags = new->cl_exchange_flags;
1555}
1556
1557static bool client_has_state(struct nfs4_client *clp)
1558{
1559        /*
1560         * Note clp->cl_openowners check isn't quite right: there's no
1561         * need to count owners without stateid's.
1562         *
1563         * Also note we should probably be using this in 4.0 case too.
1564         */
1565        return !list_empty(&clp->cl_openowners)
1566                || !list_empty(&clp->cl_delegations)
1567                || !list_empty(&clp->cl_sessions);
1568}
1569
1570__be32
1571nfsd4_exchange_id(struct svc_rqst *rqstp,
1572                  struct nfsd4_compound_state *cstate,
1573                  struct nfsd4_exchange_id *exid)
1574{
1575        struct nfs4_client *unconf, *conf, *new;
1576        __be32 status;
1577        unsigned int            strhashval;
1578        char                    dname[HEXDIR_LEN];
1579        char                    addr_str[INET6_ADDRSTRLEN];
1580        nfs4_verifier           verf = exid->verifier;
1581        struct sockaddr         *sa = svc_addr(rqstp);
1582        bool    update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
1583
1584        rpc_ntop(sa, addr_str, sizeof(addr_str));
1585        dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
1586                "ip_addr=%s flags %x, spa_how %d\n",
1587                __func__, rqstp, exid, exid->clname.len, exid->clname.data,
1588                addr_str, exid->flags, exid->spa_how);
1589
1590        if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
1591                return nfserr_inval;
1592
1593        /* Currently only support SP4_NONE */
1594        switch (exid->spa_how) {
1595        case SP4_NONE:
1596                break;
1597        case SP4_SSV:
1598                return nfserr_serverfault;
1599        default:
1600                BUG();                          /* checked by xdr code */
1601        case SP4_MACH_CRED:
1602                return nfserr_serverfault;      /* no excuse :-/ */
1603        }
1604
1605        status = nfs4_make_rec_clidname(dname, &exid->clname);
1606
1607        if (status)
1608                return status;
1609
1610        strhashval = clientstr_hashval(dname);
1611
1612        /* Cases below refer to rfc 5661 section 18.35.4: */
1613        nfs4_lock_state();
1614        conf = find_confirmed_client_by_str(dname, strhashval);
1615        if (conf) {
1616                bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
1617                bool verfs_match = same_verf(&verf, &conf->cl_verifier);
1618
1619                if (update) {
1620                        if (!clp_used_exchangeid(conf)) { /* buggy client */
1621                                status = nfserr_inval;
1622                                goto out;
1623                        }
1624                        if (!creds_match) { /* case 9 */
1625                                status = nfserr_perm;
1626                                goto out;
1627                        }
1628                        if (!verfs_match) { /* case 8 */
1629                                status = nfserr_not_same;
1630                                goto out;
1631                        }
1632                        /* case 6 */
1633                        exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
1634                        new = conf;
1635                        goto out_copy;
1636                }
1637                if (!creds_match) { /* case 3 */
1638                        if (client_has_state(conf)) {
1639                                status = nfserr_clid_inuse;
1640                                goto out;
1641                        }
1642                        expire_client(conf);
1643                        goto out_new;
1644                }
1645                if (verfs_match) { /* case 2 */
1646                        conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
1647                        new = conf;
1648                        goto out_copy;
1649                }
1650                /* case 5, client reboot */
1651                goto out_new;
1652        }
1653
1654        if (update) { /* case 7 */
1655                status = nfserr_noent;
1656                goto out;
1657        }
1658
1659        unconf  = find_unconfirmed_client_by_str(dname, strhashval);
1660        if (unconf) /* case 4, possible retry or client restart */
1661                expire_client(unconf);
1662
1663        /* case 1 (normal case) */
1664out_new:
1665        new = create_client(exid->clname, dname, rqstp, &verf);
1666        if (new == NULL) {
1667                status = nfserr_jukebox;
1668                goto out;
1669        }
1670
1671        gen_clid(new);
1672        add_to_unconfirmed(new, strhashval);
1673out_copy:
1674        exid->clientid.cl_boot = new->cl_clientid.cl_boot;
1675        exid->clientid.cl_id = new->cl_clientid.cl_id;
1676
1677        exid->seqid = new->cl_cs_slot.sl_seqid + 1;
1678        nfsd4_set_ex_flags(new, exid);
1679
1680        dprintk("nfsd4_exchange_id seqid %d flags %x\n",
1681                new->cl_cs_slot.sl_seqid, new->cl_exchange_flags);
1682        status = nfs_ok;
1683
1684out:
1685        nfs4_unlock_state();
1686        return status;
1687}
1688
1689static __be32
1690check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
1691{
1692        dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
1693                slot_seqid);
1694
1695        /* The slot is in use, and no response has been sent. */
1696        if (slot_inuse) {
1697                if (seqid == slot_seqid)
1698                        return nfserr_jukebox;
1699                else
1700                        return nfserr_seq_misordered;
1701        }
1702        /* Note unsigned 32-bit arithmetic handles wraparound: */
1703        if (likely(seqid == slot_seqid + 1))
1704                return nfs_ok;
1705        if (seqid == slot_seqid)
1706                return nfserr_replay_cache;
1707        return nfserr_seq_misordered;
1708}
1709
1710/*
1711 * Cache the create session result into the create session single DRC
1712 * slot cache by saving the xdr structure. sl_seqid has been set.
1713 * Do this for solo or embedded create session operations.
1714 */
1715static void
1716nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
1717                           struct nfsd4_clid_slot *slot, __be32 nfserr)
1718{
1719        slot->sl_status = nfserr;
1720        memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
1721}
1722
1723static __be32
1724nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
1725                            struct nfsd4_clid_slot *slot)
1726{
1727        memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
1728        return slot->sl_status;
1729}
1730
1731#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
1732                        2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
1733                        1 +     /* MIN tag is length with zero, only length */ \
1734                        3 +     /* version, opcount, opcode */ \
1735                        XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
1736                                /* seqid, slotID, slotID, cache */ \
1737                        4 ) * sizeof(__be32))
1738
1739#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
1740                        2 +     /* verifier: AUTH_NULL, length 0 */\
1741                        1 +     /* status */ \
1742                        1 +     /* MIN tag is length with zero, only length */ \
1743                        3 +     /* opcount, opcode, opstatus*/ \
1744                        XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
1745                                /* seqid, slotID, slotID, slotID, status */ \
1746                        5 ) * sizeof(__be32))
1747
1748static bool check_forechannel_attrs(struct nfsd4_channel_attrs fchannel)
1749{
1750        return fchannel.maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ
1751                || fchannel.maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ;
1752}
1753
1754__be32
1755nfsd4_create_session(struct svc_rqst *rqstp,
1756                     struct nfsd4_compound_state *cstate,
1757                     struct nfsd4_create_session *cr_ses)
1758{
1759        struct sockaddr *sa = svc_addr(rqstp);
1760        struct nfs4_client *conf, *unconf;
1761        struct nfsd4_session *new;
1762        struct nfsd4_clid_slot *cs_slot = NULL;
1763        bool confirm_me = false;
1764        __be32 status = 0;
1765
1766        if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
1767                return nfserr_inval;
1768
1769        nfs4_lock_state();
1770        unconf = find_unconfirmed_client(&cr_ses->clientid);
1771        conf = find_confirmed_client(&cr_ses->clientid);
1772
1773        if (conf) {
1774                cs_slot = &conf->cl_cs_slot;
1775                status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
1776                if (status == nfserr_replay_cache) {
1777                        status = nfsd4_replay_create_session(cr_ses, cs_slot);
1778                        goto out;
1779                } else if (cr_ses->seqid != cs_slot->sl_seqid + 1) {
1780                        status = nfserr_seq_misordered;
1781                        goto out;
1782                }
1783        } else if (unconf) {
1784                if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
1785                    !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
1786                        status = nfserr_clid_inuse;
1787                        goto out;
1788                }
1789                cs_slot = &unconf->cl_cs_slot;
1790                status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
1791                if (status) {
1792                        /* an unconfirmed replay returns misordered */
1793                        status = nfserr_seq_misordered;
1794                        goto out;
1795                }
1796                confirm_me = true;
1797                conf = unconf;
1798        } else {
1799                status = nfserr_stale_clientid;
1800                goto out;
1801        }
1802
1803        /*
1804         * XXX: we should probably set this at creation time, and check
1805         * for consistent minorversion use throughout:
1806         */
1807        conf->cl_minorversion = 1;
1808        /*
1809         * We do not support RDMA or persistent sessions
1810         */
1811        cr_ses->flags &= ~SESSION4_PERSIST;
1812        cr_ses->flags &= ~SESSION4_RDMA;
1813
1814        status = nfserr_toosmall;
1815        if (check_forechannel_attrs(cr_ses->fore_channel))
1816                goto out;
1817
1818        status = nfserr_jukebox;
1819        new = alloc_init_session(rqstp, conf, cr_ses);
1820        if (!new)
1821                goto out;
1822        status = nfs_ok;
1823        memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
1824               NFS4_MAX_SESSIONID_LEN);
1825        memcpy(&cr_ses->fore_channel, &new->se_fchannel,
1826                sizeof(struct nfsd4_channel_attrs));
1827        cs_slot->sl_seqid++;
1828        cr_ses->seqid = cs_slot->sl_seqid;
1829
1830        /* cache solo and embedded create sessions under the state lock */
1831        nfsd4_cache_create_session(cr_ses, cs_slot, status);
1832        if (confirm_me) {
1833                unsigned int hash = clientstr_hashval(unconf->cl_recdir);
1834                struct nfs4_client *old =
1835                        find_confirmed_client_by_str(conf->cl_recdir, hash);
1836                if (old)
1837                        expire_client(old);
1838                move_to_confirmed(conf);
1839        }
1840out:
1841        nfs4_unlock_state();
1842        dprintk("%s returns %d\n", __func__, ntohl(status));
1843        return status;
1844}
1845
1846static bool nfsd4_last_compound_op(struct svc_rqst *rqstp)
1847{
1848        struct nfsd4_compoundres *resp = rqstp->rq_resp;
1849        struct nfsd4_compoundargs *argp = rqstp->rq_argp;
1850
1851        return argp->opcnt == resp->opcnt;
1852}
1853
1854static __be32 nfsd4_map_bcts_dir(u32 *dir)
1855{
1856        switch (*dir) {
1857        case NFS4_CDFC4_FORE:
1858        case NFS4_CDFC4_BACK:
1859                return nfs_ok;
1860        case NFS4_CDFC4_FORE_OR_BOTH:
1861        case NFS4_CDFC4_BACK_OR_BOTH:
1862                *dir = NFS4_CDFC4_BOTH;
1863                return nfs_ok;
1864        };
1865        return nfserr_inval;
1866}
1867
1868__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
1869                     struct nfsd4_compound_state *cstate,
1870                     struct nfsd4_bind_conn_to_session *bcts)
1871{
1872        __be32 status;
1873
1874        if (!nfsd4_last_compound_op(rqstp))
1875                return nfserr_not_only_op;
1876        spin_lock(&client_lock);
1877        cstate->session = find_in_sessionid_hashtbl(&bcts->sessionid);
1878        /* Sorta weird: we only need the refcnt'ing because new_conn acquires
1879         * client_lock iself: */
1880        if (cstate->session) {
1881                nfsd4_get_session(cstate->session);
1882                atomic_inc(&cstate->session->se_client->cl_refcount);
1883        }
1884        spin_unlock(&client_lock);
1885        if (!cstate->session)
1886                return nfserr_badsession;
1887
1888        status = nfsd4_map_bcts_dir(&bcts->dir);
1889        if (!status)
1890                nfsd4_new_conn(rqstp, cstate->session, bcts->dir);
1891        return status;
1892}
1893
1894static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
1895{
1896        if (!session)
1897                return 0;
1898        return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
1899}
1900
1901__be32
1902nfsd4_destroy_session(struct svc_rqst *r,
1903                      struct nfsd4_compound_state *cstate,
1904                      struct nfsd4_destroy_session *sessionid)
1905{
1906        struct nfsd4_session *ses;
1907        __be32 status = nfserr_badsession;
1908
1909        /* Notes:
1910         * - The confirmed nfs4_client->cl_sessionid holds destroyed sessinid
1911         * - Should we return nfserr_back_chan_busy if waiting for
1912         *   callbacks on to-be-destroyed session?
1913         * - Do we need to clear any callback info from previous session?
1914         */
1915
1916        if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
1917                if (!nfsd4_last_compound_op(r))
1918                        return nfserr_not_only_op;
1919        }
1920        dump_sessionid(__func__, &sessionid->sessionid);
1921        spin_lock(&client_lock);
1922        ses = find_in_sessionid_hashtbl(&sessionid->sessionid);
1923        if (!ses) {
1924                spin_unlock(&client_lock);
1925                goto out;
1926        }
1927
1928        unhash_session(ses);
1929        spin_unlock(&client_lock);
1930
1931        nfs4_lock_state();
1932        nfsd4_probe_callback_sync(ses->se_client);
1933        nfs4_unlock_state();
1934
1935        spin_lock(&client_lock);
1936        nfsd4_del_conns(ses);
1937        nfsd4_put_session_locked(ses);
1938        spin_unlock(&client_lock);
1939        status = nfs_ok;
1940out:
1941        dprintk("%s returns %d\n", __func__, ntohl(status));
1942        return status;
1943}
1944
1945static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
1946{
1947        struct nfsd4_conn *c;
1948
1949        list_for_each_entry(c, &s->se_conns, cn_persession) {
1950                if (c->cn_xprt == xpt) {
1951                        return c;
1952                }
1953        }
1954        return NULL;
1955}
1956
1957static void nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
1958{
1959        struct nfs4_client *clp = ses->se_client;
1960        struct nfsd4_conn *c;
1961        int ret;
1962
1963        spin_lock(&clp->cl_lock);
1964        c = __nfsd4_find_conn(new->cn_xprt, ses);
1965        if (c) {
1966                spin_unlock(&clp->cl_lock);
1967                free_conn(new);
1968                return;
1969        }
1970        __nfsd4_hash_conn(new, ses);
1971        spin_unlock(&clp->cl_lock);
1972        ret = nfsd4_register_conn(new);
1973        if (ret)
1974                /* oops; xprt is already down: */
1975                nfsd4_conn_lost(&new->cn_xpt_user);
1976        return;
1977}
1978
1979static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
1980{
1981        struct nfsd4_compoundargs *args = rqstp->rq_argp;
1982
1983        return args->opcnt > session->se_fchannel.maxops;
1984}
1985
1986static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
1987                                  struct nfsd4_session *session)
1988{
1989        struct xdr_buf *xb = &rqstp->rq_arg;
1990
1991        return xb->len > session->se_fchannel.maxreq_sz;
1992}
1993
1994__be32
1995nfsd4_sequence(struct svc_rqst *rqstp,
1996               struct nfsd4_compound_state *cstate,
1997               struct nfsd4_sequence *seq)
1998{
1999        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2000        struct nfsd4_session *session;
2001        struct nfsd4_slot *slot;
2002        struct nfsd4_conn *conn;
2003        __be32 status;
2004
2005        if (resp->opcnt != 1)
2006                return nfserr_sequence_pos;
2007
2008        /*
2009         * Will be either used or freed by nfsd4_sequence_check_conn
2010         * below.
2011         */
2012        conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
2013        if (!conn)
2014                return nfserr_jukebox;
2015
2016        spin_lock(&client_lock);
2017        status = nfserr_badsession;
2018        session = find_in_sessionid_hashtbl(&seq->sessionid);
2019        if (!session)
2020                goto out;
2021
2022        status = nfserr_too_many_ops;
2023        if (nfsd4_session_too_many_ops(rqstp, session))
2024                goto out;
2025
2026        status = nfserr_req_too_big;
2027        if (nfsd4_request_too_big(rqstp, session))
2028                goto out;
2029
2030        status = nfserr_badslot;
2031        if (seq->slotid >= session->se_fchannel.maxreqs)
2032                goto out;
2033
2034        slot = session->se_slots[seq->slotid];
2035        dprintk("%s: slotid %d\n", __func__, seq->slotid);
2036
2037        /* We do not negotiate the number of slots yet, so set the
2038         * maxslots to the session maxreqs which is used to encode
2039         * sr_highest_slotid and the sr_target_slot id to maxslots */
2040        seq->maxslots = session->se_fchannel.maxreqs;
2041
2042        status = check_slot_seqid(seq->seqid, slot->sl_seqid,
2043                                        slot->sl_flags & NFSD4_SLOT_INUSE);
2044        if (status == nfserr_replay_cache) {
2045                status = nfserr_seq_misordered;
2046                if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
2047                        goto out;
2048                cstate->slot = slot;
2049                cstate->session = session;
2050                /* Return the cached reply status and set cstate->status
2051                 * for nfsd4_proc_compound processing */
2052                status = nfsd4_replay_cache_entry(resp, seq);
2053                cstate->status = nfserr_replay_cache;
2054                goto out;
2055        }
2056        if (status)
2057                goto out;
2058
2059        nfsd4_sequence_check_conn(conn, session);
2060        conn = NULL;
2061
2062        /* Success! bump slot seqid */
2063        slot->sl_seqid = seq->seqid;
2064        slot->sl_flags |= NFSD4_SLOT_INUSE;
2065        if (seq->cachethis)
2066                slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
2067        else
2068                slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
2069
2070        cstate->slot = slot;
2071        cstate->session = session;
2072
2073out:
2074        /* Hold a session reference until done processing the compound. */
2075        if (cstate->session) {
2076                struct nfs4_client *clp = session->se_client;
2077
2078                nfsd4_get_session(cstate->session);
2079                atomic_inc(&clp->cl_refcount);
2080                switch (clp->cl_cb_state) {
2081                case NFSD4_CB_DOWN:
2082                        seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
2083                        break;
2084                case NFSD4_CB_FAULT:
2085                        seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
2086                        break;
2087                default:
2088                        seq->status_flags = 0;
2089                }
2090        }
2091        kfree(conn);
2092        spin_unlock(&client_lock);
2093        dprintk("%s: return %d\n", __func__, ntohl(status));
2094        return status;
2095}
2096
2097__be32
2098nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
2099{
2100        struct nfs4_client *conf, *unconf, *clp;
2101        __be32 status = 0;
2102
2103        nfs4_lock_state();
2104        unconf = find_unconfirmed_client(&dc->clientid);
2105        conf = find_confirmed_client(&dc->clientid);
2106
2107        if (conf) {
2108                clp = conf;
2109
2110                if (!is_client_expired(conf) && client_has_state(conf)) {
2111                        status = nfserr_clientid_busy;
2112                        goto out;
2113                }
2114
2115                /* rfc5661 18.50.3 */
2116                if (cstate->session && conf == cstate->session->se_client) {
2117                        status = nfserr_clientid_busy;
2118                        goto out;
2119                }
2120        } else if (unconf)
2121                clp = unconf;
2122        else {
2123                status = nfserr_stale_clientid;
2124                goto out;
2125        }
2126
2127        expire_client(clp);
2128out:
2129        nfs4_unlock_state();
2130        dprintk("%s return %d\n", __func__, ntohl(status));
2131        return status;
2132}
2133
2134__be32
2135nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
2136{
2137        __be32 status = 0;
2138
2139        if (rc->rca_one_fs) {
2140                if (!cstate->current_fh.fh_dentry)
2141                        return nfserr_nofilehandle;
2142                /*
2143                 * We don't take advantage of the rca_one_fs case.
2144                 * That's OK, it's optional, we can safely ignore it.
2145                 */
2146                 return nfs_ok;
2147        }
2148
2149        nfs4_lock_state();
2150        status = nfserr_complete_already;
2151        if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
2152                             &cstate->session->se_client->cl_flags))
2153                goto out;
2154
2155        status = nfserr_stale_clientid;
2156        if (is_client_expired(cstate->session->se_client))
2157                /*
2158                 * The following error isn't really legal.
2159                 * But we only get here if the client just explicitly
2160                 * destroyed the client.  Surely it no longer cares what
2161                 * error it gets back on an operation for the dead
2162                 * client.
2163                 */
2164                goto out;
2165
2166        status = nfs_ok;
2167        nfsd4_client_record_create(cstate->session->se_client);
2168out:
2169        nfs4_unlock_state();
2170        return status;
2171}
2172
2173__be32
2174nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
2175                  struct nfsd4_setclientid *setclid)
2176{
2177        struct xdr_netobj       clname = setclid->se_name;
2178        nfs4_verifier           clverifier = setclid->se_verf;
2179        unsigned int            strhashval;
2180        struct nfs4_client      *conf, *unconf, *new;
2181        __be32                  status;
2182        char                    dname[HEXDIR_LEN];
2183        
2184        status = nfs4_make_rec_clidname(dname, &clname);
2185        if (status)
2186                return status;
2187
2188        strhashval = clientstr_hashval(dname);
2189
2190        /* Cases below refer to rfc 3530 section 14.2.33: */
2191        nfs4_lock_state();
2192        conf = find_confirmed_client_by_str(dname, strhashval);
2193        if (conf) {
2194                /* case 0: */
2195                status = nfserr_clid_inuse;
2196                if (clp_used_exchangeid(conf))
2197                        goto out;
2198                if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
2199                        char addr_str[INET6_ADDRSTRLEN];
2200                        rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
2201                                 sizeof(addr_str));
2202                        dprintk("NFSD: setclientid: string in use by client "
2203                                "at %s\n", addr_str);
2204                        goto out;
2205                }
2206        }
2207        unconf = find_unconfirmed_client_by_str(dname, strhashval);
2208        if (unconf)
2209                expire_client(unconf);
2210        status = nfserr_jukebox;
2211        new = create_client(clname, dname, rqstp, &clverifier);
2212        if (new == NULL)
2213                goto out;
2214        if (conf && same_verf(&conf->cl_verifier, &clverifier))
2215                /* case 1: probable callback update */
2216                copy_clid(new, conf);
2217        else /* case 4 (new client) or cases 2, 3 (client reboot): */
2218                gen_clid(new);
2219        /*
2220         * XXX: we should probably set this at creation time, and check
2221         * for consistent minorversion use throughout:
2222         */
2223        new->cl_minorversion = 0;
2224        gen_callback(new, setclid, rqstp);
2225        add_to_unconfirmed(new, strhashval);
2226        setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
2227        setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
2228        memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
2229        status = nfs_ok;
2230out:
2231        nfs4_unlock_state();
2232        return status;
2233}
2234
2235
2236__be32
2237nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
2238                         struct nfsd4_compound_state *cstate,
2239                         struct nfsd4_setclientid_confirm *setclientid_confirm)
2240{
2241        struct nfs4_client *conf, *unconf;
2242        nfs4_verifier confirm = setclientid_confirm->sc_confirm; 
2243        clientid_t * clid = &setclientid_confirm->sc_clientid;
2244        __be32 status;
2245        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
2246
2247        if (STALE_CLIENTID(clid, nn))
2248                return nfserr_stale_clientid;
2249        nfs4_lock_state();
2250
2251        conf = find_confirmed_client(clid);
2252        unconf = find_unconfirmed_client(clid);
2253        /*
2254         * We try hard to give out unique clientid's, so if we get an
2255         * attempt to confirm the same clientid with a different cred,
2256         * there's a bug somewhere.  Let's charitably assume it's our
2257         * bug.
2258         */
2259        status = nfserr_serverfault;
2260        if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
2261                goto out;
2262        if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
2263                goto out;
2264        /* cases below refer to rfc 3530 section 14.2.34: */
2265        if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
2266                if (conf && !unconf) /* case 2: probable retransmit */
2267                        status = nfs_ok;
2268                else /* case 4: client hasn't noticed we rebooted yet? */
2269                        status = nfserr_stale_clientid;
2270                goto out;
2271        }
2272        status = nfs_ok;
2273        if (conf) { /* case 1: callback update */
2274                nfsd4_change_callback(conf, &unconf->cl_cb_conn);
2275                nfsd4_probe_callback(conf);
2276                expire_client(unconf);
2277        } else { /* case 3: normal case; new or rebooted client */
2278                unsigned int hash = clientstr_hashval(unconf->cl_recdir);
2279
2280                conf = find_confirmed_client_by_str(unconf->cl_recdir, hash);
2281                if (conf) {
2282                        nfsd4_client_record_remove(conf);
2283                        expire_client(conf);
2284                }
2285                move_to_confirmed(unconf);
2286                nfsd4_probe_callback(unconf);
2287        }
2288out:
2289        nfs4_unlock_state();
2290        return status;
2291}
2292
2293static struct nfs4_file *nfsd4_alloc_file(void)
2294{
2295        return kmem_cache_alloc(file_slab, GFP_KERNEL);
2296}
2297
2298/* OPEN Share state helper functions */
2299static void nfsd4_init_file(struct nfs4_file *fp, struct inode *ino)
2300{
2301        unsigned int hashval = file_hashval(ino);
2302
2303        atomic_set(&fp->fi_ref, 1);
2304        INIT_LIST_HEAD(&fp->fi_hash);
2305        INIT_LIST_HEAD(&fp->fi_stateids);
2306        INIT_LIST_HEAD(&fp->fi_delegations);
2307        fp->fi_inode = igrab(ino);
2308        fp->fi_had_conflict = false;
2309        fp->fi_lease = NULL;
2310        memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
2311        memset(fp->fi_access, 0, sizeof(fp->fi_access));
2312        spin_lock(&recall_lock);
2313        list_add(&fp->fi_hash, &file_hashtbl[hashval]);
2314        spin_unlock(&recall_lock);
2315}
2316
2317static void
2318nfsd4_free_slab(struct kmem_cache **slab)
2319{
2320        if (*slab == NULL)
2321                return;
2322        kmem_cache_destroy(*slab);
2323        *slab = NULL;
2324}
2325
2326void
2327nfsd4_free_slabs(void)
2328{
2329        nfsd4_free_slab(&openowner_slab);
2330        nfsd4_free_slab(&lockowner_slab);
2331        nfsd4_free_slab(&file_slab);
2332        nfsd4_free_slab(&stateid_slab);
2333        nfsd4_free_slab(&deleg_slab);
2334}
2335
2336int
2337nfsd4_init_slabs(void)
2338{
2339        openowner_slab = kmem_cache_create("nfsd4_openowners",
2340                        sizeof(struct nfs4_openowner), 0, 0, NULL);
2341        if (openowner_slab == NULL)
2342                goto out_nomem;
2343        lockowner_slab = kmem_cache_create("nfsd4_lockowners",
2344                        sizeof(struct nfs4_openowner), 0, 0, NULL);
2345        if (lockowner_slab == NULL)
2346                goto out_nomem;
2347        file_slab = kmem_cache_create("nfsd4_files",
2348                        sizeof(struct nfs4_file), 0, 0, NULL);
2349        if (file_slab == NULL)
2350                goto out_nomem;
2351        stateid_slab = kmem_cache_create("nfsd4_stateids",
2352                        sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
2353        if (stateid_slab == NULL)
2354                goto out_nomem;
2355        deleg_slab = kmem_cache_create("nfsd4_delegations",
2356                        sizeof(struct nfs4_delegation), 0, 0, NULL);
2357        if (deleg_slab == NULL)
2358                goto out_nomem;
2359        return 0;
2360out_nomem:
2361        nfsd4_free_slabs();
2362        dprintk("nfsd4: out of memory while initializing nfsv4\n");
2363        return -ENOMEM;
2364}
2365
2366void nfs4_free_openowner(struct nfs4_openowner *oo)
2367{
2368        kfree(oo->oo_owner.so_owner.data);
2369        kmem_cache_free(openowner_slab, oo);
2370}
2371
2372void nfs4_free_lockowner(struct nfs4_lockowner *lo)
2373{
2374        kfree(lo->lo_owner.so_owner.data);
2375        kmem_cache_free(lockowner_slab, lo);
2376}
2377
2378static void init_nfs4_replay(struct nfs4_replay *rp)
2379{
2380        rp->rp_status = nfserr_serverfault;
2381        rp->rp_buflen = 0;
2382        rp->rp_buf = rp->rp_ibuf;
2383}
2384
2385static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
2386{
2387        struct nfs4_stateowner *sop;
2388
2389        sop = kmem_cache_alloc(slab, GFP_KERNEL);
2390        if (!sop)
2391                return NULL;
2392
2393        sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
2394        if (!sop->so_owner.data) {
2395                kmem_cache_free(slab, sop);
2396                return NULL;
2397        }
2398        sop->so_owner.len = owner->len;
2399
2400        INIT_LIST_HEAD(&sop->so_stateids);
2401        sop->so_client = clp;
2402        init_nfs4_replay(&sop->so_replay);
2403        return sop;
2404}
2405
2406static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
2407{
2408        list_add(&oo->oo_owner.so_strhash, &ownerstr_hashtbl[strhashval]);
2409        list_add(&oo->oo_perclient, &clp->cl_openowners);
2410}
2411
2412static struct nfs4_openowner *
2413alloc_init_open_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfsd4_open *open) {
2414        struct nfs4_openowner *oo;
2415
2416        oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
2417        if (!oo)
2418                return NULL;
2419        oo->oo_owner.so_is_open_owner = 1;
2420        oo->oo_owner.so_seqid = open->op_seqid;
2421        oo->oo_flags = NFS4_OO_NEW;
2422        oo->oo_time = 0;
2423        oo->oo_last_closed_stid = NULL;
2424        INIT_LIST_HEAD(&oo->oo_close_lru);
2425        hash_openowner(oo, clp, strhashval);
2426        return oo;
2427}
2428
2429static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) {
2430        struct nfs4_openowner *oo = open->op_openowner;
2431        struct nfs4_client *clp = oo->oo_owner.so_client;
2432
2433        init_stid(&stp->st_stid, clp, NFS4_OPEN_STID);
2434        INIT_LIST_HEAD(&stp->st_lockowners);
2435        list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
2436        list_add(&stp->st_perfile, &fp->fi_stateids);
2437        stp->st_stateowner = &oo->oo_owner;
2438        get_nfs4_file(fp);
2439        stp->st_file = fp;
2440        stp->st_access_bmap = 0;
2441        stp->st_deny_bmap = 0;
2442        set_access(open->op_share_access, stp);
2443        set_deny(open->op_share_deny, stp);
2444        stp->st_openstp = NULL;
2445}
2446
2447static void
2448move_to_close_lru(struct nfs4_openowner *oo)
2449{
2450        dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
2451
2452        list_move_tail(&oo->oo_close_lru, &close_lru);
2453        oo->oo_time = get_seconds();
2454}
2455
2456static int
2457same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner,
2458                                                        clientid_t *clid)
2459{
2460        return (sop->so_owner.len == owner->len) &&
2461                0 == memcmp(sop->so_owner.data, owner->data, owner->len) &&
2462                (sop->so_client->cl_clientid.cl_id == clid->cl_id);
2463}
2464
2465static struct nfs4_openowner *
2466find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open)
2467{
2468        struct nfs4_stateowner *so;
2469        struct nfs4_openowner *oo;
2470
2471        list_for_each_entry(so, &ownerstr_hashtbl[hashval], so_strhash) {
2472                if (!so->so_is_open_owner)
2473                        continue;
2474                if (same_owner_str(so, &open->op_owner, &open->op_clientid)) {
2475                        oo = openowner(so);
2476                        renew_client(oo->oo_owner.so_client);
2477                        return oo;
2478                }
2479        }
2480        return NULL;
2481}
2482
2483/* search file_hashtbl[] for file */
2484static struct nfs4_file *
2485find_file(struct inode *ino)
2486{
2487        unsigned int hashval = file_hashval(ino);
2488        struct nfs4_file *fp;
2489
2490        spin_lock(&recall_lock);
2491        list_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) {
2492                if (fp->fi_inode == ino) {
2493                        get_nfs4_file(fp);
2494                        spin_unlock(&recall_lock);
2495                        return fp;
2496                }
2497        }
2498        spin_unlock(&recall_lock);
2499        return NULL;
2500}
2501
2502/*
2503 * Called to check deny when READ with all zero stateid or
2504 * WRITE with all zero or all one stateid
2505 */
2506static __be32
2507nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
2508{
2509        struct inode *ino = current_fh->fh_dentry->d_inode;
2510        struct nfs4_file *fp;
2511        struct nfs4_ol_stateid *stp;
2512        __be32 ret;
2513
2514        dprintk("NFSD: nfs4_share_conflict\n");
2515
2516        fp = find_file(ino);
2517        if (!fp)
2518                return nfs_ok;
2519        ret = nfserr_locked;
2520        /* Search for conflicting share reservations */
2521        list_for_each_entry(stp, &fp->fi_stateids, st_perfile) {
2522                if (test_deny(deny_type, stp) ||
2523                    test_deny(NFS4_SHARE_DENY_BOTH, stp))
2524                        goto out;
2525        }
2526        ret = nfs_ok;
2527out:
2528        put_nfs4_file(fp);
2529        return ret;
2530}
2531
2532static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
2533{
2534        /* We're assuming the state code never drops its reference
2535         * without first removing the lease.  Since we're in this lease
2536         * callback (and since the lease code is serialized by the kernel
2537         * lock) we know the server hasn't removed the lease yet, we know
2538         * it's safe to take a reference: */
2539        atomic_inc(&dp->dl_count);
2540
2541        list_add_tail(&dp->dl_recall_lru, &del_recall_lru);
2542
2543        /* only place dl_time is set. protected by lock_flocks*/
2544        dp->dl_time = get_seconds();
2545
2546        nfsd4_cb_recall(dp);
2547}
2548
2549/* Called from break_lease() with lock_flocks() held. */
2550static void nfsd_break_deleg_cb(struct file_lock *fl)
2551{
2552        struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
2553        struct nfs4_delegation *dp;
2554
2555        BUG_ON(!fp);
2556        /* We assume break_lease is only called once per lease: */
2557        BUG_ON(fp->fi_had_conflict);
2558        /*
2559         * We don't want the locks code to timeout the lease for us;
2560         * we'll remove it ourself if a delegation isn't returned
2561         * in time:
2562         */
2563        fl->fl_break_time = 0;
2564
2565        spin_lock(&recall_lock);
2566        fp->fi_had_conflict = true;
2567        list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
2568                nfsd_break_one_deleg(dp);
2569        spin_unlock(&recall_lock);
2570}
2571
2572static
2573int nfsd_change_deleg_cb(struct file_lock **onlist, int arg)
2574{
2575        if (arg & F_UNLCK)
2576                return lease_modify(onlist, arg);
2577        else
2578                return -EAGAIN;
2579}
2580
2581static const struct lock_manager_operations nfsd_lease_mng_ops = {
2582        .lm_break = nfsd_break_deleg_cb,
2583        .lm_change = nfsd_change_deleg_cb,
2584};
2585
2586static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
2587{
2588        if (nfsd4_has_session(cstate))
2589                return nfs_ok;
2590        if (seqid == so->so_seqid - 1)
2591                return nfserr_replay_me;
2592        if (seqid == so->so_seqid)
2593                return nfs_ok;
2594        return nfserr_bad_seqid;
2595}
2596
2597__be32
2598nfsd4_process_open1(struct nfsd4_compound_state *cstate,
2599                    struct nfsd4_open *open)
2600{
2601        clientid_t *clientid = &open->op_clientid;
2602        struct nfs4_client *clp = NULL;
2603        unsigned int strhashval;
2604        struct nfs4_openowner *oo = NULL;
2605        __be32 status;
2606        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
2607
2608        if (STALE_CLIENTID(&open->op_clientid, nn))
2609                return nfserr_stale_clientid;
2610        /*
2611         * In case we need it later, after we've already created the
2612         * file and don't want to risk a further failure:
2613         */
2614        open->op_file = nfsd4_alloc_file();
2615        if (open->op_file == NULL)
2616                return nfserr_jukebox;
2617
2618        strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner);
2619        oo = find_openstateowner_str(strhashval, open);
2620        open->op_openowner = oo;
2621        if (!oo) {
2622                clp = find_confirmed_client(clientid);
2623                if (clp == NULL)
2624                        return nfserr_expired;
2625                goto new_owner;
2626        }
2627        if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
2628                /* Replace unconfirmed owners without checking for replay. */
2629                clp = oo->oo_owner.so_client;
2630                release_openowner(oo);
2631                open->op_openowner = NULL;
2632                goto new_owner;
2633        }
2634        status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
2635        if (status)
2636                return status;
2637        clp = oo->oo_owner.so_client;
2638        goto alloc_stateid;
2639new_owner:
2640        oo = alloc_init_open_stateowner(strhashval, clp, open);
2641        if (oo == NULL)
2642                return nfserr_jukebox;
2643        open->op_openowner = oo;
2644alloc_stateid:
2645        open->op_stp = nfs4_alloc_stateid(clp);
2646        if (!open->op_stp)
2647                return nfserr_jukebox;
2648        return nfs_ok;
2649}
2650
2651static inline __be32
2652nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
2653{
2654        if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
2655                return nfserr_openmode;
2656        else
2657                return nfs_ok;
2658}
2659
2660static int share_access_to_flags(u32 share_access)
2661{
2662        return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
2663}
2664
2665static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
2666{
2667        struct nfs4_stid *ret;
2668
2669        ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID);
2670        if (!ret)
2671                return NULL;
2672        return delegstateid(ret);
2673}
2674
2675static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
2676{
2677        return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
2678               open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
2679}
2680
2681static __be32
2682nfs4_check_deleg(struct nfs4_client *cl, struct nfs4_file *fp, struct nfsd4_open *open,
2683                struct nfs4_delegation **dp)
2684{
2685        int flags;
2686        __be32 status = nfserr_bad_stateid;
2687
2688        *dp = find_deleg_stateid(cl, &open->op_delegate_stateid);
2689        if (*dp == NULL)
2690                goto out;
2691        flags = share_access_to_flags(open->op_share_access);
2692        status = nfs4_check_delegmode(*dp, flags);
2693        if (status)
2694                *dp = NULL;
2695out:
2696        if (!nfsd4_is_deleg_cur(open))
2697                return nfs_ok;
2698        if (status)
2699                return status;
2700        open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
2701        return nfs_ok;
2702}
2703
2704static __be32
2705nfs4_check_open(struct nfs4_file *fp, struct nfsd4_open *open, struct nfs4_ol_stateid **stpp)
2706{
2707        struct nfs4_ol_stateid *local;
2708        struct nfs4_openowner *oo = open->op_openowner;
2709
2710        list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
2711                /* ignore lock owners */
2712                if (local->st_stateowner->so_is_open_owner == 0)
2713                        continue;
2714                /* remember if we have seen this open owner */
2715                if (local->st_stateowner == &oo->oo_owner)
2716                        *stpp = local;
2717                /* check for conflicting share reservations */
2718                if (!test_share(local, open))
2719                        return nfserr_share_denied;
2720        }
2721        return nfs_ok;
2722}
2723
2724static void nfs4_free_stateid(struct nfs4_ol_stateid *s)
2725{
2726        kmem_cache_free(stateid_slab, s);
2727}
2728
2729static inline int nfs4_access_to_access(u32 nfs4_access)
2730{
2731        int flags = 0;
2732
2733        if (nfs4_access & NFS4_SHARE_ACCESS_READ)
2734                flags |= NFSD_MAY_READ;
2735        if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
2736                flags |= NFSD_MAY_WRITE;
2737        return flags;
2738}
2739
2740static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
2741                struct svc_fh *cur_fh, struct nfsd4_open *open)
2742{
2743        __be32 status;
2744        int oflag = nfs4_access_to_omode(open->op_share_access);
2745        int access = nfs4_access_to_access(open->op_share_access);
2746
2747        if (!fp->fi_fds[oflag]) {
2748                status = nfsd_open(rqstp, cur_fh, S_IFREG, access,
2749                        &fp->fi_fds[oflag]);
2750                if (status)
2751                        return status;
2752        }
2753        nfs4_file_get_access(fp, oflag);
2754
2755        return nfs_ok;
2756}
2757
2758static inline __be32
2759nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
2760                struct nfsd4_open *open)
2761{
2762        struct iattr iattr = {
2763                .ia_valid = ATTR_SIZE,
2764                .ia_size = 0,
2765        };
2766        if (!open->op_truncate)
2767                return 0;
2768        if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
2769                return nfserr_inval;
2770        return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
2771}
2772
2773static __be32
2774nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
2775{
2776        u32 op_share_access = open->op_share_access;
2777        bool new_access;
2778        __be32 status;
2779
2780        new_access = !test_access(op_share_access, stp);
2781        if (new_access) {
2782                status = nfs4_get_vfs_file(rqstp, fp, cur_fh, open);
2783                if (status)
2784                        return status;
2785        }
2786        status = nfsd4_truncate(rqstp, cur_fh, open);
2787        if (status) {
2788                if (new_access) {
2789                        int oflag = nfs4_access_to_omode(op_share_access);
2790                        nfs4_file_put_access(fp, oflag);
2791                }
2792                return status;
2793        }
2794        /* remember the open */
2795        set_access(op_share_access, stp);
2796        set_deny(open->op_share_deny, stp);
2797
2798        return nfs_ok;
2799}
2800
2801
2802static void
2803nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session)
2804{
2805        open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
2806}
2807
2808/* Should we give out recallable state?: */
2809static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
2810{
2811        if (clp->cl_cb_state == NFSD4_CB_UP)
2812                return true;
2813        /*
2814         * In the sessions case, since we don't have to establish a
2815         * separate connection for callbacks, we assume it's OK
2816         * until we hear otherwise:
2817         */
2818        return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
2819}
2820
2821static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, int flag)
2822{
2823        struct file_lock *fl;
2824
2825        fl = locks_alloc_lock();
2826        if (!fl)
2827                return NULL;
2828        locks_init_lock(fl);
2829        fl->fl_lmops = &nfsd_lease_mng_ops;
2830        fl->fl_flags = FL_LEASE;
2831        fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
2832        fl->fl_end = OFFSET_MAX;
2833        fl->fl_owner = (fl_owner_t)(dp->dl_file);
2834        fl->fl_pid = current->tgid;
2835        return fl;
2836}
2837
2838static int nfs4_setlease(struct nfs4_delegation *dp, int flag)
2839{
2840        struct nfs4_file *fp = dp->dl_file;
2841        struct file_lock *fl;
2842        int status;
2843
2844        fl = nfs4_alloc_init_lease(dp, flag);
2845        if (!fl)
2846                return -ENOMEM;
2847        fl->fl_file = find_readable_file(fp);
2848        list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
2849        status = vfs_setlease(fl->fl_file, fl->fl_type, &fl);
2850        if (status) {
2851                list_del_init(&dp->dl_perclnt);
2852                locks_free_lock(fl);
2853                return -ENOMEM;
2854        }
2855        fp->fi_lease = fl;
2856        fp->fi_deleg_file = fl->fl_file;
2857        get_file(fp->fi_deleg_file);
2858        atomic_set(&fp->fi_delegees, 1);
2859        list_add(&dp->dl_perfile, &fp->fi_delegations);
2860        return 0;
2861}
2862
2863static int nfs4_set_delegation(struct nfs4_delegation *dp, int flag)
2864{
2865        struct nfs4_file *fp = dp->dl_file;
2866
2867        if (!fp->fi_lease)
2868                return nfs4_setlease(dp, flag);
2869        spin_lock(&recall_lock);
2870        if (fp->fi_had_conflict) {
2871                spin_unlock(&recall_lock);
2872                return -EAGAIN;
2873        }
2874        atomic_inc(&fp->fi_delegees);
2875        list_add(&dp->dl_perfile, &fp->fi_delegations);
2876        spin_unlock(&recall_lock);
2877        list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
2878        return 0;
2879}
2880
2881static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
2882{
2883        open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
2884        if (status == -EAGAIN)
2885                open->op_why_no_deleg = WND4_CONTENTION;
2886        else {
2887                open->op_why_no_deleg = WND4_RESOURCE;
2888                switch (open->op_deleg_want) {
2889                case NFS4_SHARE_WANT_READ_DELEG:
2890                case NFS4_SHARE_WANT_WRITE_DELEG:
2891                case NFS4_SHARE_WANT_ANY_DELEG:
2892                        break;
2893                case NFS4_SHARE_WANT_CANCEL:
2894                        open->op_why_no_deleg = WND4_CANCELLED;
2895                        break;
2896                case NFS4_SHARE_WANT_NO_DELEG:
2897                        BUG();  /* not supposed to get here */
2898                }
2899        }
2900}
2901
2902/*
2903 * Attempt to hand out a delegation.
2904 */
2905static void
2906nfs4_open_delegation(struct net *net, struct svc_fh *fh,
2907                     struct nfsd4_open *open, struct nfs4_ol_stateid *stp)
2908{
2909        struct nfs4_delegation *dp;
2910        struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner);
2911        int cb_up;
2912        int status = 0, flag = 0;
2913
2914        cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
2915        flag = NFS4_OPEN_DELEGATE_NONE;
2916        open->op_recall = 0;
2917        switch (open->op_claim_type) {
2918                case NFS4_OPEN_CLAIM_PREVIOUS:
2919                        if (!cb_up)
2920                                open->op_recall = 1;
2921                        flag = open->op_delegate_type;
2922                        if (flag == NFS4_OPEN_DELEGATE_NONE)
2923                                goto out;
2924                        break;
2925                case NFS4_OPEN_CLAIM_NULL:
2926                        /* Let's not give out any delegations till everyone's
2927                         * had the chance to reclaim theirs.... */
2928                        if (locks_in_grace(net))
2929                                goto out;
2930                        if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
2931                                goto out;
2932                        if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
2933                                flag = NFS4_OPEN_DELEGATE_WRITE;
2934                        else
2935                                flag = NFS4_OPEN_DELEGATE_READ;
2936                        break;
2937                default:
2938                        goto out;
2939        }
2940
2941        dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh, flag);
2942        if (dp == NULL)
2943                goto out_no_deleg;
2944        status = nfs4_set_delegation(dp, flag);
2945        if (status)
2946                goto out_free;
2947
2948        memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
2949
2950        dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
2951                STATEID_VAL(&dp->dl_stid.sc_stateid));
2952out:
2953        open->op_delegate_type = flag;
2954        if (flag == NFS4_OPEN_DELEGATE_NONE) {
2955                if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
2956                    open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE)
2957                        dprintk("NFSD: WARNING: refusing delegation reclaim\n");
2958
2959                /* 4.1 client asking for a delegation? */
2960                if (open->op_deleg_want)
2961                        nfsd4_open_deleg_none_ext(open, status);
2962        }
2963        return;
2964out_free:
2965        nfs4_put_delegation(dp);
2966out_no_deleg:
2967        flag = NFS4_OPEN_DELEGATE_NONE;
2968        goto out;
2969}
2970
2971static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
2972                                        struct nfs4_delegation *dp)
2973{
2974        if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
2975            dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
2976                open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
2977                open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
2978        } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
2979                   dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
2980                open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
2981                open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
2982        }
2983        /* Otherwise the client must be confused wanting a delegation
2984         * it already has, therefore we don't return
2985         * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
2986         */
2987}
2988
2989/*
2990 * called with nfs4_lock_state() held.
2991 */
2992__be32
2993nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
2994{
2995        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2996        struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
2997        struct nfs4_file *fp = NULL;
2998        struct inode *ino = current_fh->fh_dentry->d_inode;
2999        struct nfs4_ol_stateid *stp = NULL;
3000        struct nfs4_delegation *dp = NULL;
3001        __be32 status;
3002
3003        /*
3004         * Lookup file; if found, lookup stateid and check open request,
3005         * and check for delegations in the process of being recalled.
3006         * If not found, create the nfs4_file struct
3007         */
3008        fp = find_file(ino);
3009        if (fp) {
3010                if ((status = nfs4_check_open(fp, open, &stp)))
3011                        goto out;
3012                status = nfs4_check_deleg(cl, fp, open, &dp);
3013                if (status)
3014                        goto out;
3015        } else {
3016                status = nfserr_bad_stateid;
3017                if (nfsd4_is_deleg_cur(open))
3018                        goto out;
3019                status = nfserr_jukebox;
3020                fp = open->op_file;
3021                open->op_file = NULL;
3022                nfsd4_init_file(fp, ino);
3023        }
3024
3025        /*
3026         * OPEN the file, or upgrade an existing OPEN.
3027         * If truncate fails, the OPEN fails.
3028         */
3029        if (stp) {
3030                /* Stateid was found, this is an OPEN upgrade */
3031                status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
3032                if (status)
3033                        goto out;
3034        } else {
3035                status = nfs4_get_vfs_file(rqstp, fp, current_fh, open);
3036                if (status)
3037                        goto out;
3038                status = nfsd4_truncate(rqstp, current_fh, open);
3039                if (status)
3040                        goto out;
3041                stp = open->op_stp;
3042                open->op_stp = NULL;
3043                init_open_stateid(stp, fp, open);
3044        }
3045        update_stateid(&stp->st_stid.sc_stateid);
3046        memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3047
3048        if (nfsd4_has_session(&resp->cstate)) {
3049                open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
3050
3051                if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
3052                        open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3053                        open->op_why_no_deleg = WND4_NOT_WANTED;
3054                        goto nodeleg;
3055                }
3056        }
3057
3058        /*
3059        * Attempt to hand out a delegation. No error return, because the
3060        * OPEN succeeds even if we fail.
3061        */
3062        nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp);
3063nodeleg:
3064        status = nfs_ok;
3065
3066        dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
3067                STATEID_VAL(&stp->st_stid.sc_stateid));
3068out:
3069        /* 4.1 client trying to upgrade/downgrade delegation? */
3070        if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
3071            open->op_deleg_want)
3072                nfsd4_deleg_xgrade_none_ext(open, dp);
3073
3074        if (fp)
3075                put_nfs4_file(fp);
3076        if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
3077                nfs4_set_claim_prev(open, nfsd4_has_session(&resp->cstate));
3078        /*
3079        * To finish the open response, we just need to set the rflags.
3080        */
3081        open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
3082        if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) &&
3083            !nfsd4_has_session(&resp->cstate))
3084                open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
3085
3086        return status;
3087}
3088
3089void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status)
3090{
3091        if (open->op_openowner) {
3092                struct nfs4_openowner *oo = open->op_openowner;
3093
3094                if (!list_empty(&oo->oo_owner.so_stateids))
3095                        list_del_init(&oo->oo_close_lru);
3096                if (oo->oo_flags & NFS4_OO_NEW) {
3097                        if (status) {
3098                                release_openowner(oo);
3099                                open->op_openowner = NULL;
3100                        } else
3101                                oo->oo_flags &= ~NFS4_OO_NEW;
3102                }
3103        }
3104        if (open->op_file)
3105                nfsd4_free_file(open->op_file);
3106        if (open->op_stp)
3107                nfs4_free_stateid(open->op_stp);
3108}
3109
3110__be32
3111nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3112            clientid_t *clid)
3113{
3114        struct nfs4_client *clp;
3115        __be32 status;
3116        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
3117
3118        nfs4_lock_state();
3119        dprintk("process_renew(%08x/%08x): starting\n", 
3120                        clid->cl_boot, clid->cl_id);
3121        status = nfserr_stale_clientid;
3122        if (STALE_CLIENTID(clid, nn))
3123                goto out;
3124        clp = find_confirmed_client(clid);
3125        status = nfserr_expired;
3126        if (clp == NULL) {
3127                /* We assume the client took too long to RENEW. */
3128                dprintk("nfsd4_renew: clientid not found!\n");
3129                goto out;
3130        }
3131        status = nfserr_cb_path_down;
3132        if (!list_empty(&clp->cl_delegations)
3133                        && clp->cl_cb_state != NFSD4_CB_UP)
3134                goto out;
3135        status = nfs_ok;
3136out:
3137        nfs4_unlock_state();
3138        return status;
3139}
3140
3141static void
3142nfsd4_end_grace(struct net *net)
3143{
3144        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
3145
3146        /* do nothing if grace period already ended */
3147        if (nn->grace_ended)
3148                return;
3149
3150        dprintk("NFSD: end of grace period\n");
3151        nn->grace_ended = true;
3152        nfsd4_record_grace_done(net, nn->boot_time);
3153        locks_end_grace(&nn->nfsd4_manager);
3154        /*
3155         * Now that every NFSv4 client has had the chance to recover and
3156         * to see the (possibly new, possibly shorter) lease time, we
3157         * can safely set the next grace time to the current lease time:
3158         */
3159        nfsd4_grace = nfsd4_lease;
3160}
3161
3162static time_t
3163nfs4_laundromat(void)
3164{
3165        struct nfs4_client *clp;
3166        struct nfs4_openowner *oo;
3167        struct nfs4_delegation *dp;
3168        struct list_head *pos, *next, reaplist;
3169        time_t cutoff = get_seconds() - nfsd4_lease;
3170        time_t t, clientid_val = nfsd4_lease;
3171        time_t u, test_val = nfsd4_lease;
3172
3173        nfs4_lock_state();
3174
3175        dprintk("NFSD: laundromat service - starting\n");
3176        nfsd4_end_grace(&init_net);
3177        INIT_LIST_HEAD(&reaplist);
3178        spin_lock(&client_lock);
3179        list_for_each_safe(pos, next, &client_lru) {
3180                clp = list_entry(pos, struct nfs4_client, cl_lru);
3181                if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
3182                        t = clp->cl_time - cutoff;
3183                        if (clientid_val > t)
3184                                clientid_val = t;
3185                        break;
3186                }
3187                if (atomic_read(&clp->cl_refcount)) {
3188                        dprintk("NFSD: client in use (clientid %08x)\n",
3189                                clp->cl_clientid.cl_id);
3190                        continue;
3191                }
3192                unhash_client_locked(clp);
3193                list_add(&clp->cl_lru, &reaplist);
3194        }
3195        spin_unlock(&client_lock);
3196        list_for_each_safe(pos, next, &reaplist) {
3197                clp = list_entry(pos, struct nfs4_client, cl_lru);
3198                dprintk("NFSD: purging unused client (clientid %08x)\n",
3199                        clp->cl_clientid.cl_id);
3200                nfsd4_client_record_remove(clp);
3201                expire_client(clp);
3202        }
3203        spin_lock(&recall_lock);
3204        list_for_each_safe(pos, next, &del_recall_lru) {
3205                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3206                if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
3207                        u = dp->dl_time - cutoff;
3208                        if (test_val > u)
3209                                test_val = u;
3210                        break;
3211                }
3212                list_move(&dp->dl_recall_lru, &reaplist);
3213        }
3214        spin_unlock(&recall_lock);
3215        list_for_each_safe(pos, next, &reaplist) {
3216                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3217                unhash_delegation(dp);
3218        }
3219        test_val = nfsd4_lease;
3220        list_for_each_safe(pos, next, &close_lru) {
3221                oo = container_of(pos, struct nfs4_openowner, oo_close_lru);
3222                if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) {
3223                        u = oo->oo_time - cutoff;
3224                        if (test_val > u)
3225                                test_val = u;
3226                        break;
3227                }
3228                release_openowner(oo);
3229        }
3230        if (clientid_val < NFSD_LAUNDROMAT_MINTIMEOUT)
3231                clientid_val = NFSD_LAUNDROMAT_MINTIMEOUT;
3232        nfs4_unlock_state();
3233        return clientid_val;
3234}
3235
3236static struct workqueue_struct *laundry_wq;
3237static void laundromat_main(struct work_struct *);
3238static DECLARE_DELAYED_WORK(laundromat_work, laundromat_main);
3239
3240static void
3241laundromat_main(struct work_struct *not_used)
3242{
3243        time_t t;
3244
3245        t = nfs4_laundromat();
3246        dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
3247        queue_delayed_work(laundry_wq, &laundromat_work, t*HZ);
3248}
3249
3250static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp)
3251{
3252        if (fhp->fh_dentry->d_inode != stp->st_file->fi_inode)
3253                return nfserr_bad_stateid;
3254        return nfs_ok;
3255}
3256
3257static int
3258STALE_STATEID(stateid_t *stateid, struct nfsd_net *nn)
3259{
3260        if (stateid->si_opaque.so_clid.cl_boot == nn->boot_time)
3261                return 0;
3262        dprintk("NFSD: stale stateid " STATEID_FMT "!\n",
3263                STATEID_VAL(stateid));
3264        return 1;
3265}
3266
3267static inline int
3268access_permit_read(struct nfs4_ol_stateid *stp)
3269{
3270        return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
3271                test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
3272                test_access(NFS4_SHARE_ACCESS_WRITE, stp);
3273}
3274
3275static inline int
3276access_permit_write(struct nfs4_ol_stateid *stp)
3277{
3278        return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
3279                test_access(NFS4_SHARE_ACCESS_BOTH, stp);
3280}
3281
3282static
3283__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
3284{
3285        __be32 status = nfserr_openmode;
3286
3287        /* For lock stateid's, we test the parent open, not the lock: */
3288        if (stp->st_openstp)
3289                stp = stp->st_openstp;
3290        if ((flags & WR_STATE) && !access_permit_write(stp))
3291                goto out;
3292        if ((flags & RD_STATE) && !access_permit_read(stp))
3293                goto out;
3294        status = nfs_ok;
3295out:
3296        return status;
3297}
3298
3299static inline __be32
3300check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
3301{
3302        if (ONE_STATEID(stateid) && (flags & RD_STATE))
3303                return nfs_ok;
3304        else if (locks_in_grace(net)) {
3305                /* Answer in remaining cases depends on existence of
3306                 * conflicting state; so we must wait out the grace period. */
3307                return nfserr_grace;
3308        } else if (flags & WR_STATE)
3309                return nfs4_share_conflict(current_fh,
3310                                NFS4_SHARE_DENY_WRITE);
3311        else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
3312                return nfs4_share_conflict(current_fh,
3313                                NFS4_SHARE_DENY_READ);
3314}
3315
3316/*
3317 * Allow READ/WRITE during grace period on recovered state only for files
3318 * that are not able to provide mandatory locking.
3319 */
3320static inline int
3321grace_disallows_io(struct net *net, struct inode *inode)
3322{
3323        return locks_in_grace(net) && mandatory_lock(inode);
3324}
3325
3326/* Returns true iff a is later than b: */
3327static bool stateid_generation_after(stateid_t *a, stateid_t *b)
3328{
3329        return (s32)a->si_generation - (s32)b->si_generation > 0;
3330}
3331
3332static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
3333{
3334        /*
3335         * When sessions are used the stateid generation number is ignored
3336         * when it is zero.
3337         */
3338        if (has_session && in->si_generation == 0)
3339                return nfs_ok;
3340
3341        if (in->si_generation == ref->si_generation)
3342                return nfs_ok;
3343
3344        /* If the client sends us a stateid from the future, it's buggy: */
3345        if (stateid_generation_after(in, ref))
3346                return nfserr_bad_stateid;
3347        /*
3348         * However, we could see a stateid from the past, even from a
3349         * non-buggy client.  For example, if the client sends a lock
3350         * while some IO is outstanding, the lock may bump si_generation
3351         * while the IO is still in flight.  The client could avoid that
3352         * situation by waiting for responses on all the IO requests,
3353         * but better performance may result in retrying IO that
3354         * receives an old_stateid error if requests are rarely
3355         * reordered in flight:
3356         */
3357        return nfserr_old_stateid;
3358}
3359
3360static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
3361{
3362        struct nfs4_stid *s;
3363        struct nfs4_ol_stateid *ols;
3364        __be32 status;
3365
3366        if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
3367                return nfserr_bad_stateid;
3368        /* Client debugging aid. */
3369        if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
3370                char addr_str[INET6_ADDRSTRLEN];
3371                rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
3372                                 sizeof(addr_str));
3373                pr_warn_ratelimited("NFSD: client %s testing state ID "
3374                                        "with incorrect client ID\n", addr_str);
3375                return nfserr_bad_stateid;
3376        }
3377        s = find_stateid(cl, stateid);
3378        if (!s)
3379                return nfserr_bad_stateid;
3380        status = check_stateid_generation(stateid, &s->sc_stateid, 1);
3381        if (status)
3382                return status;
3383        if (!(s->sc_type & (NFS4_OPEN_STID | NFS4_LOCK_STID)))
3384                return nfs_ok;
3385        ols = openlockstateid(s);
3386        if (ols->st_stateowner->so_is_open_owner
3387            && !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
3388                return nfserr_bad_stateid;
3389        return nfs_ok;
3390}
3391
3392static __be32 nfsd4_lookup_stateid(stateid_t *stateid, unsigned char typemask, struct nfs4_stid **s)
3393{
3394        struct nfs4_client *cl;
3395        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
3396
3397        if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
3398                return nfserr_bad_stateid;
3399        if (STALE_STATEID(stateid, nn))
3400                return nfserr_stale_stateid;
3401        cl = find_confirmed_client(&stateid->si_opaque.so_clid);
3402        if (!cl)
3403                return nfserr_expired;
3404        *s = find_stateid_by_type(cl, stateid, typemask);
3405        if (!*s)
3406                return nfserr_bad_stateid;
3407        return nfs_ok;
3408
3409}
3410
3411/*
3412* Checks for stateid operations
3413*/
3414__be32
3415nfs4_preprocess_stateid_op(struct net *net, struct nfsd4_compound_state *cstate,
3416                           stateid_t *stateid, int flags, struct file **filpp)
3417{
3418        struct nfs4_stid *s;
3419        struct nfs4_ol_stateid *stp = NULL;
3420        struct nfs4_delegation *dp = NULL;
3421        struct svc_fh *current_fh = &cstate->current_fh;
3422        struct inode *ino = current_fh->fh_dentry->d_inode;
3423        __be32 status;
3424
3425        if (filpp)
3426                *filpp = NULL;
3427
3428        if (grace_disallows_io(net, ino))
3429                return nfserr_grace;
3430
3431        if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
3432                return check_special_stateids(net, current_fh, stateid, flags);
3433
3434        status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, &s);
3435        if (status)
3436                return status;
3437        status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate));
3438        if (status)
3439                goto out;
3440        switch (s->sc_type) {
3441        case NFS4_DELEG_STID:
3442                dp = delegstateid(s);
3443                status = nfs4_check_delegmode(dp, flags);
3444                if (status)
3445                        goto out;
3446                if (filpp) {
3447                        *filpp = dp->dl_file->fi_deleg_file;
3448                        BUG_ON(!*filpp);
3449                }
3450                break;
3451        case NFS4_OPEN_STID:
3452        case NFS4_LOCK_STID:
3453                stp = openlockstateid(s);
3454                status = nfs4_check_fh(current_fh, stp);
3455                if (status)
3456                        goto out;
3457                if (stp->st_stateowner->so_is_open_owner
3458                    && !(openowner(stp->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
3459                        goto out;
3460                status = nfs4_check_openmode(stp, flags);
3461                if (status)
3462                        goto out;
3463                if (filpp) {
3464                        if (flags & RD_STATE)
3465                                *filpp = find_readable_file(stp->st_file);
3466                        else
3467                                *filpp = find_writeable_file(stp->st_file);
3468                }
3469                break;
3470        default:
3471                return nfserr_bad_stateid;
3472        }
3473        status = nfs_ok;
3474out:
3475        return status;
3476}
3477
3478static __be32
3479nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp)
3480{
3481        if (check_for_locks(stp->st_file, lockowner(stp->st_stateowner)))
3482                return nfserr_locks_held;
3483        release_lock_stateid(stp);
3484        return nfs_ok;
3485}
3486
3487/*
3488 * Test if the stateid is valid
3489 */
3490__be32
3491nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3492                   struct nfsd4_test_stateid *test_stateid)
3493{
3494        struct nfsd4_test_stateid_id *stateid;
3495        struct nfs4_client *cl = cstate->session->se_client;
3496
3497        nfs4_lock_state();
3498        list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
3499                stateid->ts_id_status =
3500                        nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
3501        nfs4_unlock_state();
3502
3503        return nfs_ok;
3504}
3505
3506__be32
3507nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3508                   struct nfsd4_free_stateid *free_stateid)
3509{
3510        stateid_t *stateid = &free_stateid->fr_stateid;
3511        struct nfs4_stid *s;
3512        struct nfs4_client *cl = cstate->session->se_client;
3513        __be32 ret = nfserr_bad_stateid;
3514
3515        nfs4_lock_state();
3516        s = find_stateid(cl, stateid);
3517        if (!s)
3518                goto out;
3519        switch (s->sc_type) {
3520        case NFS4_DELEG_STID:
3521                ret = nfserr_locks_held;
3522                goto out;
3523        case NFS4_OPEN_STID:
3524        case NFS4_LOCK_STID:
3525                ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
3526                if (ret)
3527                        goto out;
3528                if (s->sc_type == NFS4_LOCK_STID)
3529                        ret = nfsd4_free_lock_stateid(openlockstateid(s));
3530                else
3531                        ret = nfserr_locks_held;
3532                break;
3533        default:
3534                ret = nfserr_bad_stateid;
3535        }
3536out:
3537        nfs4_unlock_state();
3538        return ret;
3539}
3540
3541static inline int
3542setlkflg (int type)
3543{
3544        return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
3545                RD_STATE : WR_STATE;
3546}
3547
3548static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
3549{
3550        struct svc_fh *current_fh = &cstate->current_fh;
3551        struct nfs4_stateowner *sop = stp->st_stateowner;
3552        __be32 status;
3553
3554        status = nfsd4_check_seqid(cstate, sop, seqid);
3555        if (status)
3556                return status;
3557        if (stp->st_stid.sc_type == NFS4_CLOSED_STID)
3558                /*
3559                 * "Closed" stateid's exist *only* to return
3560                 * nfserr_replay_me from the previous step.
3561                 */
3562                return nfserr_bad_stateid;
3563        status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
3564        if (status)
3565                return status;
3566        return nfs4_check_fh(current_fh, stp);
3567}
3568
3569/* 
3570 * Checks for sequence id mutating operations. 
3571 */
3572static __be32
3573nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
3574                         stateid_t *stateid, char typemask,
3575                         struct nfs4_ol_stateid **stpp)
3576{
3577        __be32 status;
3578        struct nfs4_stid *s;
3579
3580        dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
3581                seqid, STATEID_VAL(stateid));
3582
3583        *stpp = NULL;
3584        status = nfsd4_lookup_stateid(stateid, typemask, &s);
3585        if (status)
3586                return status;
3587        *stpp = openlockstateid(s);
3588        cstate->replay_owner = (*stpp)->st_stateowner;
3589
3590        return nfs4_seqid_op_checks(cstate, stateid, seqid, *stpp);
3591}
3592
3593static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, stateid_t *stateid, struct nfs4_ol_stateid **stpp)
3594{
3595        __be32 status;
3596        struct nfs4_openowner *oo;
3597
3598        status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
3599                                                NFS4_OPEN_STID, stpp);
3600        if (status)
3601                return status;
3602        oo = openowner((*stpp)->st_stateowner);
3603        if (!(oo->oo_flags & NFS4_OO_CONFIRMED))
3604                return nfserr_bad_stateid;
3605        return nfs_ok;
3606}
3607
3608__be32
3609nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3610                   struct nfsd4_open_confirm *oc)
3611{
3612        __be32 status;
3613        struct nfs4_openowner *oo;
3614        struct nfs4_ol_stateid *stp;
3615
3616        dprintk("NFSD: nfsd4_open_confirm on file %.*s\n",
3617                        (int)cstate->current_fh.fh_dentry->d_name.len,
3618                        cstate->current_fh.fh_dentry->d_name.name);
3619
3620        status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
3621        if (status)
3622                return status;
3623
3624        nfs4_lock_state();
3625
3626        status = nfs4_preprocess_seqid_op(cstate,
3627                                        oc->oc_seqid, &oc->oc_req_stateid,
3628                                        NFS4_OPEN_STID, &stp);
3629        if (status)
3630                goto out;
3631        oo = openowner(stp->st_stateowner);
3632        status = nfserr_bad_stateid;
3633        if (oo->oo_flags & NFS4_OO_CONFIRMED)
3634                goto out;
3635        oo->oo_flags |= NFS4_OO_CONFIRMED;
3636        update_stateid(&stp->st_stid.sc_stateid);
3637        memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3638        dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
3639                __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
3640
3641        nfsd4_client_record_create(oo->oo_owner.so_client);
3642        status = nfs_ok;
3643out:
3644        if (!cstate->replay_owner)
3645                nfs4_unlock_state();
3646        return status;
3647}
3648
3649static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
3650{
3651        if (!test_access(access, stp))
3652                return;
3653        nfs4_file_put_access(stp->st_file, nfs4_access_to_omode(access));
3654        clear_access(access, stp);
3655}
3656
3657static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
3658{
3659        switch (to_access) {
3660        case NFS4_SHARE_ACCESS_READ:
3661                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
3662                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
3663                break;
3664        case NFS4_SHARE_ACCESS_WRITE:
3665                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
3666                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
3667                break;
3668        case NFS4_SHARE_ACCESS_BOTH:
3669                break;
3670        default:
3671                BUG();
3672        }
3673}
3674
3675static void
3676reset_union_bmap_deny(unsigned long deny, struct nfs4_ol_stateid *stp)
3677{
3678        int i;
3679        for (i = 0; i < 4; i++) {
3680                if ((i & deny) != i)
3681                        clear_deny(i, stp);
3682        }
3683}
3684
3685__be32
3686nfsd4_open_downgrade(struct svc_rqst *rqstp,
3687                     struct nfsd4_compound_state *cstate,
3688                     struct nfsd4_open_downgrade *od)
3689{
3690        __be32 status;
3691        struct nfs4_ol_stateid *stp;
3692
3693        dprintk("NFSD: nfsd4_open_downgrade on file %.*s\n", 
3694                        (int)cstate->current_fh.fh_dentry->d_name.len,
3695                        cstate->current_fh.fh_dentry->d_name.name);
3696
3697        /* We don't yet support WANT bits: */
3698        if (od->od_deleg_want)
3699                dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
3700                        od->od_deleg_want);
3701
3702        nfs4_lock_state();
3703        status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3704                                        &od->od_stateid, &stp);
3705        if (status)
3706                goto out; 
3707        status = nfserr_inval;
3708        if (!test_access(od->od_share_access, stp)) {
3709                dprintk("NFSD: access not a subset current bitmap: 0x%lx, input access=%08x\n",
3710                        stp->st_access_bmap, od->od_share_access);
3711                goto out;
3712        }
3713        if (!test_deny(od->od_share_deny, stp)) {
3714                dprintk("NFSD:deny not a subset current bitmap: 0x%lx, input deny=%08x\n",
3715                        stp->st_deny_bmap, od->od_share_deny);
3716                goto out;
3717        }
3718        nfs4_stateid_downgrade(stp, od->od_share_access);
3719
3720        reset_union_bmap_deny(od->od_share_deny, stp);
3721
3722        update_stateid(&stp->st_stid.sc_stateid);
3723        memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3724        status = nfs_ok;
3725out:
3726        if (!cstate->replay_owner)
3727                nfs4_unlock_state();
3728        return status;
3729}
3730
3731void nfsd4_purge_closed_stateid(struct nfs4_stateowner *so)
3732{
3733        struct nfs4_openowner *oo;
3734        struct nfs4_ol_stateid *s;
3735
3736        if (!so->so_is_open_owner)
3737                return;
3738        oo = openowner(so);
3739        s = oo->oo_last_closed_stid;
3740        if (!s)
3741                return;
3742        if (!(oo->oo_flags & NFS4_OO_PURGE_CLOSE)) {
3743                /* Release the last_closed_stid on the next seqid bump: */
3744                oo->oo_flags |= NFS4_OO_PURGE_CLOSE;
3745                return;
3746        }
3747        oo->oo_flags &= ~NFS4_OO_PURGE_CLOSE;
3748        release_last_closed_stateid(oo);
3749}
3750
3751static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
3752{
3753        unhash_open_stateid(s);
3754        s->st_stid.sc_type = NFS4_CLOSED_STID;
3755}
3756
3757/*
3758 * nfs4_unlock_state() called after encode
3759 */
3760__be32
3761nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3762            struct nfsd4_close *close)
3763{
3764        __be32 status;
3765        struct nfs4_openowner *oo;
3766        struct nfs4_ol_stateid *stp;
3767
3768        dprintk("NFSD: nfsd4_close on file %.*s\n", 
3769                        (int)cstate->current_fh.fh_dentry->d_name.len,
3770                        cstate->current_fh.fh_dentry->d_name.name);
3771
3772        nfs4_lock_state();
3773        status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
3774                                        &close->cl_stateid,
3775                                        NFS4_OPEN_STID|NFS4_CLOSED_STID,
3776                                        &stp);
3777        if (status)
3778                goto out; 
3779        oo = openowner(stp->st_stateowner);
3780        status = nfs_ok;
3781        update_stateid(&stp->st_stid.sc_stateid);
3782        memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3783
3784        nfsd4_close_open_stateid(stp);
3785        release_last_closed_stateid(oo);
3786        oo->oo_last_closed_stid = stp;
3787
3788        if (list_empty(&oo->oo_owner.so_stateids)) {
3789                if (cstate->minorversion) {
3790                        release_openowner(oo);
3791                        cstate->replay_owner = NULL;
3792                } else {
3793                        /*
3794                         * In the 4.0 case we need to keep the owners around a
3795                         * little while to handle CLOSE replay.
3796                         */
3797                        if (list_empty(&oo->oo_owner.so_stateids))
3798                                move_to_close_lru(oo);
3799                }
3800        }
3801out:
3802        if (!cstate->replay_owner)
3803                nfs4_unlock_state();
3804        return status;
3805}
3806
3807__be32
3808nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3809                  struct nfsd4_delegreturn *dr)
3810{
3811        struct nfs4_delegation *dp;
3812        stateid_t *stateid = &dr->dr_stateid;
3813        struct nfs4_stid *s;
3814        struct inode *inode;
3815        __be32 status;
3816
3817        if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
3818                return status;
3819        inode = cstate->current_fh.fh_dentry->d_inode;
3820
3821        nfs4_lock_state();
3822        status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID, &s);
3823        if (status)
3824                goto out;
3825        dp = delegstateid(s);
3826        status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
3827        if (status)
3828                goto out;
3829
3830        unhash_delegation(dp);
3831out:
3832        nfs4_unlock_state();
3833
3834        return status;
3835}
3836
3837
3838#define LOFF_OVERFLOW(start, len)      ((u64)(len) > ~(u64)(start))
3839
3840#define LOCKOWNER_INO_HASH_BITS 8
3841#define LOCKOWNER_INO_HASH_SIZE (1 << LOCKOWNER_INO_HASH_BITS)
3842#define LOCKOWNER_INO_HASH_MASK (LOCKOWNER_INO_HASH_SIZE - 1)
3843
3844static inline u64
3845end_offset(u64 start, u64 len)
3846{
3847        u64 end;
3848
3849        end = start + len;
3850        return end >= start ? end: NFS4_MAX_UINT64;
3851}
3852
3853/* last octet in a range */
3854static inline u64
3855last_byte_offset(u64 start, u64 len)
3856{
3857        u64 end;
3858
3859        BUG_ON(!len);
3860        end = start + len;
3861        return end > start ? end - 1: NFS4_MAX_UINT64;
3862}
3863
3864static unsigned int lockowner_ino_hashval(struct inode *inode, u32 cl_id, struct xdr_netobj *ownername)
3865{
3866        return (file_hashval(inode) + cl_id
3867                        + opaque_hashval(ownername->data, ownername->len))
3868                & LOCKOWNER_INO_HASH_MASK;
3869}
3870
3871static struct list_head lockowner_ino_hashtbl[LOCKOWNER_INO_HASH_SIZE];
3872
3873/*
3874 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
3875 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
3876 * byte, because of sign extension problems.  Since NFSv4 calls for 64-bit
3877 * locking, this prevents us from being completely protocol-compliant.  The
3878 * real solution to this problem is to start using unsigned file offsets in
3879 * the VFS, but this is a very deep change!
3880 */
3881static inline void
3882nfs4_transform_lock_offset(struct file_lock *lock)
3883{
3884        if (lock->fl_start < 0)
3885                lock->fl_start = OFFSET_MAX;
3886        if (lock->fl_end < 0)
3887                lock->fl_end = OFFSET_MAX;
3888}
3889
3890/* Hack!: For now, we're defining this just so we can use a pointer to it
3891 * as a unique cookie to identify our (NFSv4's) posix locks. */
3892static const struct lock_manager_operations nfsd_posix_mng_ops  = {
3893};
3894
3895static inline void
3896nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
3897{
3898        struct nfs4_lockowner *lo;
3899
3900        if (fl->fl_lmops == &nfsd_posix_mng_ops) {
3901                lo = (struct nfs4_lockowner *) fl->fl_owner;
3902                deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
3903                                        lo->lo_owner.so_owner.len, GFP_KERNEL);
3904                if (!deny->ld_owner.data)
3905                        /* We just don't care that much */
3906                        goto nevermind;
3907                deny->ld_owner.len = lo->lo_owner.so_owner.len;
3908                deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
3909        } else {
3910nevermind:
3911                deny->ld_owner.len = 0;
3912                deny->ld_owner.data = NULL;
3913                deny->ld_clientid.cl_boot = 0;
3914                deny->ld_clientid.cl_id = 0;
3915        }
3916        deny->ld_start = fl->fl_start;
3917        deny->ld_length = NFS4_MAX_UINT64;
3918        if (fl->fl_end != NFS4_MAX_UINT64)
3919                deny->ld_length = fl->fl_end - fl->fl_start + 1;        
3920        deny->ld_type = NFS4_READ_LT;
3921        if (fl->fl_type != F_RDLCK)
3922                deny->ld_type = NFS4_WRITE_LT;
3923}
3924
3925static bool same_lockowner_ino(struct nfs4_lockowner *lo, struct inode *inode, clientid_t *clid, struct xdr_netobj *owner)
3926{
3927        struct nfs4_ol_stateid *lst;
3928
3929        if (!same_owner_str(&lo->lo_owner, owner, clid))
3930                return false;
3931        lst = list_first_entry(&lo->lo_owner.so_stateids,
3932                               struct nfs4_ol_stateid, st_perstateowner);
3933        return lst->st_file->fi_inode == inode;
3934}
3935
3936static struct nfs4_lockowner *
3937find_lockowner_str(struct inode *inode, clientid_t *clid,
3938                struct xdr_netobj *owner)
3939{
3940        unsigned int hashval = lockowner_ino_hashval(inode, clid->cl_id, owner);
3941        struct nfs4_lockowner *lo;
3942
3943        list_for_each_entry(lo, &lockowner_ino_hashtbl[hashval], lo_owner_ino_hash) {
3944                if (same_lockowner_ino(lo, inode, clid, owner))
3945                        return lo;
3946        }
3947        return NULL;
3948}
3949
3950static void hash_lockowner(struct nfs4_lockowner *lo, unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp)
3951{
3952        struct inode *inode = open_stp->st_file->fi_inode;
3953        unsigned int inohash = lockowner_ino_hashval(inode,
3954                        clp->cl_clientid.cl_id, &lo->lo_owner.so_owner);
3955
3956        list_add(&lo->lo_owner.so_strhash, &ownerstr_hashtbl[strhashval]);
3957        list_add(&lo->lo_owner_ino_hash, &lockowner_ino_hashtbl[inohash]);
3958        list_add(&lo->lo_perstateid, &open_stp->st_lockowners);
3959}
3960
3961/*
3962 * Alloc a lock owner structure.
3963 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 
3964 * occurred. 
3965 *
3966 * strhashval = ownerstr_hashval
3967 */
3968
3969static struct nfs4_lockowner *
3970alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) {
3971        struct nfs4_lockowner *lo;
3972
3973        lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
3974        if (!lo)
3975                return NULL;
3976        INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
3977        lo->lo_owner.so_is_open_owner = 0;
3978        /* It is the openowner seqid that will be incremented in encode in the
3979         * case of new lockowners; so increment the lock seqid manually: */
3980        lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1;
3981        hash_lockowner(lo, strhashval, clp, open_stp);
3982        return lo;
3983}
3984
3985static struct nfs4_ol_stateid *
3986alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp, struct nfs4_ol_stateid *open_stp)
3987{
3988        struct nfs4_ol_stateid *stp;
3989        struct nfs4_client *clp = lo->lo_owner.so_client;
3990
3991        stp = nfs4_alloc_stateid(clp);
3992        if (stp == NULL)
3993                return NULL;
3994        init_stid(&stp->st_stid, clp, NFS4_LOCK_STID);
3995        list_add(&stp->st_perfile, &fp->fi_stateids);
3996        list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
3997        stp->st_stateowner = &lo->lo_owner;
3998        get_nfs4_file(fp);
3999        stp->st_file = fp;
4000        stp->st_access_bmap = 0;
4001        stp->st_deny_bmap = open_stp->st_deny_bmap;
4002        stp->st_openstp = open_stp;
4003        return stp;
4004}
4005
4006static int
4007check_lock_length(u64 offset, u64 length)
4008{
4009        return ((length == 0)  || ((length != NFS4_MAX_UINT64) &&
4010             LOFF_OVERFLOW(offset, length)));
4011}
4012
4013static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
4014{
4015        struct nfs4_file *fp = lock_stp->st_file;
4016        int oflag = nfs4_access_to_omode(access);
4017
4018        if (test_access(access, lock_stp))
4019                return;
4020        nfs4_file_get_access(fp, oflag);
4021        set_access(access, lock_stp);
4022}
4023
4024static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new)
4025{
4026        struct nfs4_file *fi = ost->st_file;
4027        struct nfs4_openowner *oo = openowner(ost->st_stateowner);
4028        struct nfs4_client *cl = oo->oo_owner.so_client;
4029        struct nfs4_lockowner *lo;
4030        unsigned int strhashval;
4031
4032        lo = find_lockowner_str(fi->fi_inode, &cl->cl_clientid, &lock->v.new.owner);
4033        if (lo) {
4034                if (!cstate->minorversion)
4035                        return nfserr_bad_seqid;
4036                /* XXX: a lockowner always has exactly one stateid: */
4037                *lst = list_first_entry(&lo->lo_owner.so_stateids,
4038                                struct nfs4_ol_stateid, st_perstateowner);
4039                return nfs_ok;
4040        }
4041        strhashval = ownerstr_hashval(cl->cl_clientid.cl_id,
4042                        &lock->v.new.owner);
4043        lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
4044        if (lo == NULL)
4045                return nfserr_jukebox;
4046        *lst = alloc_init_lock_stateid(lo, fi, ost);
4047        if (*lst == NULL) {
4048                release_lockowner(lo);
4049                return nfserr_jukebox;
4050        }
4051        *new = true;
4052        return nfs_ok;
4053}
4054
4055/*
4056 *  LOCK operation 
4057 */
4058__be32
4059nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4060           struct nfsd4_lock *lock)
4061{
4062        struct nfs4_openowner *open_sop = NULL;
4063        struct nfs4_lockowner *lock_sop = NULL;
4064        struct nfs4_ol_stateid *lock_stp;
4065        struct file *filp = NULL;
4066        struct file_lock file_lock;
4067        struct file_lock conflock;
4068        __be32 status = 0;
4069        bool new_state = false;
4070        int lkflg;
4071        int err;
4072        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
4073
4074        dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
4075                (long long) lock->lk_offset,
4076                (long long) lock->lk_length);
4077
4078        if (check_lock_length(lock->lk_offset, lock->lk_length))
4079                 return nfserr_inval;
4080
4081        if ((status = fh_verify(rqstp, &cstate->current_fh,
4082                                S_IFREG, NFSD_MAY_LOCK))) {
4083                dprintk("NFSD: nfsd4_lock: permission denied!\n");
4084                return status;
4085        }
4086
4087        nfs4_lock_state();
4088
4089        if (lock->lk_is_new) {
4090                struct nfs4_ol_stateid *open_stp = NULL;
4091
4092                if (nfsd4_has_session(cstate))
4093                        /* See rfc 5661 18.10.3: given clientid is ignored: */
4094                        memcpy(&lock->v.new.clientid,
4095                                &cstate->session->se_client->cl_clientid,
4096                                sizeof(clientid_t));
4097
4098                status = nfserr_stale_clientid;
4099                if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
4100                        goto out;
4101
4102                /* validate and update open stateid and open seqid */
4103                status = nfs4_preprocess_confirmed_seqid_op(cstate,
4104                                        lock->lk_new_open_seqid,
4105                                        &lock->lk_new_open_stateid,
4106                                        &open_stp);
4107                if (status)
4108                        goto out;
4109                open_sop = openowner(open_stp->st_stateowner);
4110                status = nfserr_bad_stateid;
4111                if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
4112                                                &lock->v.new.clientid))
4113                        goto out;
4114                status = lookup_or_create_lock_state(cstate, open_stp, lock,
4115                                                        &lock_stp, &new_state);
4116        } else
4117                status = nfs4_preprocess_seqid_op(cstate,
4118                                       lock->lk_old_lock_seqid,
4119                                       &lock->lk_old_lock_stateid,
4120                                       NFS4_LOCK_STID, &lock_stp);
4121        if (status)
4122                goto out;
4123        lock_sop = lockowner(lock_stp->st_stateowner);
4124
4125        lkflg = setlkflg(lock->lk_type);
4126        status = nfs4_check_openmode(lock_stp, lkflg);
4127        if (status)
4128                goto out;
4129
4130        status = nfserr_grace;
4131        if (locks_in_grace(SVC_NET(rqstp)) && !lock->lk_reclaim)
4132                goto out;
4133        status = nfserr_no_grace;
4134        if (!locks_in_grace(SVC_NET(rqstp)) && lock->lk_reclaim)
4135                goto out;
4136
4137        locks_init_lock(&file_lock);
4138        switch (lock->lk_type) {
4139                case NFS4_READ_LT:
4140                case NFS4_READW_LT:
4141                        filp = find_readable_file(lock_stp->st_file);
4142                        if (filp)
4143                                get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
4144                        file_lock.fl_type = F_RDLCK;
4145                        break;
4146                case NFS4_WRITE_LT:
4147                case NFS4_WRITEW_LT:
4148                        filp = find_writeable_file(lock_stp->st_file);
4149                        if (filp)
4150                                get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
4151                        file_lock.fl_type = F_WRLCK;
4152                        break;
4153                default:
4154                        status = nfserr_inval;
4155                goto out;
4156        }
4157        if (!filp) {
4158                status = nfserr_openmode;
4159                goto out;
4160        }
4161        file_lock.fl_owner = (fl_owner_t)lock_sop;
4162        file_lock.fl_pid = current->tgid;
4163        file_lock.fl_file = filp;
4164        file_lock.fl_flags = FL_POSIX;
4165        file_lock.fl_lmops = &nfsd_posix_mng_ops;
4166
4167        file_lock.fl_start = lock->lk_offset;
4168        file_lock.fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
4169        nfs4_transform_lock_offset(&file_lock);
4170
4171        /*
4172        * Try to lock the file in the VFS.
4173        * Note: locks.c uses the BKL to protect the inode's lock list.
4174        */
4175
4176        err = vfs_lock_file(filp, F_SETLK, &file_lock, &conflock);
4177        switch (-err) {
4178        case 0: /* success! */
4179                update_stateid(&lock_stp->st_stid.sc_stateid);
4180                memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid, 
4181                                sizeof(stateid_t));
4182                status = 0;
4183                break;
4184        case (EAGAIN):          /* conflock holds conflicting lock */
4185                status = nfserr_denied;
4186                dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
4187                nfs4_set_lock_denied(&conflock, &lock->lk_denied);
4188                break;
4189        case (EDEADLK):
4190                status = nfserr_deadlock;
4191                break;
4192        default:
4193                dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
4194                status = nfserrno(err);
4195                break;
4196        }
4197out:
4198        if (status && new_state)
4199                release_lockowner(lock_sop);
4200        if (!cstate->replay_owner)
4201                nfs4_unlock_state();
4202        return status;
4203}
4204
4205/*
4206 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
4207 * so we do a temporary open here just to get an open file to pass to
4208 * vfs_test_lock.  (Arguably perhaps test_lock should be done with an
4209 * inode operation.)
4210 */
4211static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
4212{
4213        struct file *file;
4214        __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
4215        if (!err) {
4216                err = nfserrno(vfs_test_lock(file, lock));
4217                nfsd_close(file);
4218        }
4219        return err;
4220}
4221
4222/*
4223 * LOCKT operation
4224 */
4225__be32
4226nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4227            struct nfsd4_lockt *lockt)
4228{
4229        struct inode *inode;
4230        struct file_lock file_lock;
4231        struct nfs4_lockowner *lo;
4232        __be32 status;
4233        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
4234
4235        if (locks_in_grace(SVC_NET(rqstp)))
4236                return nfserr_grace;
4237
4238        if (check_lock_length(lockt->lt_offset, lockt->lt_length))
4239                 return nfserr_inval;
4240
4241        nfs4_lock_state();
4242
4243        status = nfserr_stale_clientid;
4244        if (!nfsd4_has_session(cstate) && STALE_CLIENTID(&lockt->lt_clientid, nn))
4245                goto out;
4246
4247        if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
4248                goto out;
4249
4250        inode = cstate->current_fh.fh_dentry->d_inode;
4251        locks_init_lock(&file_lock);
4252        switch (lockt->lt_type) {
4253                case NFS4_READ_LT:
4254                case NFS4_READW_LT:
4255                        file_lock.fl_type = F_RDLCK;
4256                break;
4257                case NFS4_WRITE_LT:
4258                case NFS4_WRITEW_LT:
4259                        file_lock.fl_type = F_WRLCK;
4260                break;
4261                default:
4262                        dprintk("NFSD: nfs4_lockt: bad lock type!\n");
4263                        status = nfserr_inval;
4264                goto out;
4265        }
4266
4267        lo = find_lockowner_str(inode, &lockt->lt_clientid, &lockt->lt_owner);
4268        if (lo)
4269                file_lock.fl_owner = (fl_owner_t)lo;
4270        file_lock.fl_pid = current->tgid;
4271        file_lock.fl_flags = FL_POSIX;
4272
4273        file_lock.fl_start = lockt->lt_offset;
4274        file_lock.fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
4275
4276        nfs4_transform_lock_offset(&file_lock);
4277
4278        status = nfsd_test_lock(rqstp, &cstate->current_fh, &file_lock);
4279        if (status)
4280                goto out;
4281
4282        if (file_lock.fl_type != F_UNLCK) {
4283                status = nfserr_denied;
4284                nfs4_set_lock_denied(&file_lock, &lockt->lt_denied);
4285        }
4286out:
4287        nfs4_unlock_state();
4288        return status;
4289}
4290
4291__be32
4292nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4293            struct nfsd4_locku *locku)
4294{
4295        struct nfs4_ol_stateid *stp;
4296        struct file *filp = NULL;
4297        struct file_lock file_lock;
4298        __be32 status;
4299        int err;
4300                                                        
4301        dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
4302                (long long) locku->lu_offset,
4303                (long long) locku->lu_length);
4304
4305        if (check_lock_length(locku->lu_offset, locku->lu_length))
4306                 return nfserr_inval;
4307
4308        nfs4_lock_state();
4309                                                                                
4310        status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
4311                                        &locku->lu_stateid, NFS4_LOCK_STID, &stp);
4312        if (status)
4313                goto out;
4314        filp = find_any_file(stp->st_file);
4315        if (!filp) {
4316                status = nfserr_lock_range;
4317                goto out;
4318        }
4319        BUG_ON(!filp);
4320        locks_init_lock(&file_lock);
4321        file_lock.fl_type = F_UNLCK;
4322        file_lock.fl_owner = (fl_owner_t)lockowner(stp->st_stateowner);
4323        file_lock.fl_pid = current->tgid;
4324        file_lock.fl_file = filp;
4325        file_lock.fl_flags = FL_POSIX; 
4326        file_lock.fl_lmops = &nfsd_posix_mng_ops;
4327        file_lock.fl_start = locku->lu_offset;
4328
4329        file_lock.fl_end = last_byte_offset(locku->lu_offset, locku->lu_length);
4330        nfs4_transform_lock_offset(&file_lock);
4331
4332        /*
4333        *  Try to unlock the file in the VFS.
4334        */
4335        err = vfs_lock_file(filp, F_SETLK, &file_lock, NULL);
4336        if (err) {
4337                dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
4338                goto out_nfserr;
4339        }
4340        /*
4341        * OK, unlock succeeded; the only thing left to do is update the stateid.
4342        */
4343        update_stateid(&stp->st_stid.sc_stateid);
4344        memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
4345
4346out:
4347        if (!cstate->replay_owner)
4348                nfs4_unlock_state();
4349        return status;
4350
4351out_nfserr:
4352        status = nfserrno(err);
4353        goto out;
4354}
4355
4356/*
4357 * returns
4358 *      1: locks held by lockowner
4359 *      0: no locks held by lockowner
4360 */
4361static int
4362check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner)
4363{
4364        struct file_lock **flpp;
4365        struct inode *inode = filp->fi_inode;
4366        int status = 0;
4367
4368        lock_flocks();
4369        for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) {
4370                if ((*flpp)->fl_owner == (fl_owner_t)lowner) {
4371                        status = 1;
4372                        goto out;
4373                }
4374        }
4375out:
4376        unlock_flocks();
4377        return status;
4378}
4379
4380__be32
4381nfsd4_release_lockowner(struct svc_rqst *rqstp,
4382                        struct nfsd4_compound_state *cstate,
4383                        struct nfsd4_release_lockowner *rlockowner)
4384{
4385        clientid_t *clid = &rlockowner->rl_clientid;
4386        struct nfs4_stateowner *sop;
4387        struct nfs4_lockowner *lo;
4388        struct nfs4_ol_stateid *stp;
4389        struct xdr_netobj *owner = &rlockowner->rl_owner;
4390        struct list_head matches;
4391        unsigned int hashval = ownerstr_hashval(clid->cl_id, owner);
4392        __be32 status;
4393        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
4394
4395        dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
4396                clid->cl_boot, clid->cl_id);
4397
4398        /* XXX check for lease expiration */
4399
4400        status = nfserr_stale_clientid;
4401        if (STALE_CLIENTID(clid, nn))
4402                return status;
4403
4404        nfs4_lock_state();
4405
4406        status = nfserr_locks_held;
4407        INIT_LIST_HEAD(&matches);
4408
4409        list_for_each_entry(sop, &ownerstr_hashtbl[hashval], so_strhash) {
4410                if (sop->so_is_open_owner)
4411                        continue;
4412                if (!same_owner_str(sop, owner, clid))
4413                        continue;
4414                list_for_each_entry(stp, &sop->so_stateids,
4415                                st_perstateowner) {
4416                        lo = lockowner(sop);
4417                        if (check_for_locks(stp->st_file, lo))
4418                                goto out;
4419                        list_add(&lo->lo_list, &matches);
4420                }
4421        }
4422        /* Clients probably won't expect us to return with some (but not all)
4423         * of the lockowner state released; so don't release any until all
4424         * have been checked. */
4425        status = nfs_ok;
4426        while (!list_empty(&matches)) {
4427                lo = list_entry(matches.next, struct nfs4_lockowner,
4428                                                                lo_list);
4429                /* unhash_stateowner deletes so_perclient only
4430                 * for openowners. */
4431                list_del(&lo->lo_list);
4432                release_lockowner(lo);
4433        }
4434out:
4435        nfs4_unlock_state();
4436        return status;
4437}
4438
4439static inline struct nfs4_client_reclaim *
4440alloc_reclaim(void)
4441{
4442        return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
4443}
4444
4445int
4446nfs4_has_reclaimed_state(const char *name, bool use_exchange_id)
4447{
4448        unsigned int strhashval = clientstr_hashval(name);
4449        struct nfs4_client *clp;
4450
4451        clp = find_confirmed_client_by_str(name, strhashval);
4452        if (!clp)
4453                return 0;
4454        return test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags);
4455}
4456
4457/*
4458 * failure => all reset bets are off, nfserr_no_grace...
4459 */
4460int
4461nfs4_client_to_reclaim(const char *name)
4462{
4463        unsigned int strhashval;
4464        struct nfs4_client_reclaim *crp = NULL;
4465
4466        dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
4467        crp = alloc_reclaim();
4468        if (!crp)
4469                return 0;
4470        strhashval = clientstr_hashval(name);
4471        INIT_LIST_HEAD(&crp->cr_strhash);
4472        list_add(&crp->cr_strhash, &reclaim_str_hashtbl[strhashval]);
4473        memcpy(crp->cr_recdir, name, HEXDIR_LEN);
4474        reclaim_str_hashtbl_size++;
4475        return 1;
4476}
4477
4478void
4479nfs4_release_reclaim(void)
4480{
4481        struct nfs4_client_reclaim *crp = NULL;
4482        int i;
4483
4484        for (i = 0; i < CLIENT_HASH_SIZE; i++) {
4485                while (!list_empty(&reclaim_str_hashtbl[i])) {
4486                        crp = list_entry(reclaim_str_hashtbl[i].next,
4487                                        struct nfs4_client_reclaim, cr_strhash);
4488                        list_del(&crp->cr_strhash);
4489                        kfree(crp);
4490                        reclaim_str_hashtbl_size--;
4491                }
4492        }
4493        BUG_ON(reclaim_str_hashtbl_size);
4494}
4495
4496/*
4497 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
4498struct nfs4_client_reclaim *
4499nfsd4_find_reclaim_client(struct nfs4_client *clp)
4500{
4501        unsigned int strhashval;
4502        struct nfs4_client_reclaim *crp = NULL;
4503
4504        dprintk("NFSD: nfs4_find_reclaim_client for %.*s with recdir %s\n",
4505                            clp->cl_name.len, clp->cl_name.data,
4506                            clp->cl_recdir);
4507
4508        /* find clp->cl_name in reclaim_str_hashtbl */
4509        strhashval = clientstr_hashval(clp->cl_recdir);
4510        list_for_each_entry(crp, &reclaim_str_hashtbl[strhashval], cr_strhash) {
4511                if (same_name(crp->cr_recdir, clp->cl_recdir)) {
4512                        return crp;
4513                }
4514        }
4515        return NULL;
4516}
4517
4518/*
4519* Called from OPEN. Look for clientid in reclaim list.
4520*/
4521__be32
4522nfs4_check_open_reclaim(clientid_t *clid)
4523{
4524        struct nfs4_client *clp;
4525
4526        /* find clientid in conf_id_hashtbl */
4527        clp = find_confirmed_client(clid);
4528        if (clp == NULL)
4529                return nfserr_reclaim_bad;
4530
4531        return nfsd4_client_record_check(clp) ? nfserr_reclaim_bad : nfs_ok;
4532}
4533
4534#ifdef CONFIG_NFSD_FAULT_INJECTION
4535
4536void nfsd_forget_clients(u64 num)
4537{
4538        struct nfs4_client *clp, *next;
4539        int count = 0;
4540
4541        nfs4_lock_state();
4542        list_for_each_entry_safe(clp, next, &client_lru, cl_lru) {
4543                nfsd4_client_record_remove(clp);
4544                expire_client(clp);
4545                if (++count == num)
4546                        break;
4547        }
4548        nfs4_unlock_state();
4549
4550        printk(KERN_INFO "NFSD: Forgot %d clients", count);
4551}
4552
4553static void release_lockowner_sop(struct nfs4_stateowner *sop)
4554{
4555        release_lockowner(lockowner(sop));
4556}
4557
4558static void release_openowner_sop(struct nfs4_stateowner *sop)
4559{
4560        release_openowner(openowner(sop));
4561}
4562
4563static int nfsd_release_n_owners(u64 num, bool is_open_owner,
4564                                void (*release_sop)(struct nfs4_stateowner *))
4565{
4566        int i, count = 0;
4567        struct nfs4_stateowner *sop, *next;
4568
4569        for (i = 0; i < OWNER_HASH_SIZE; i++) {
4570                list_for_each_entry_safe(sop, next, &ownerstr_hashtbl[i], so_strhash) {
4571                        if (sop->so_is_open_owner != is_open_owner)
4572                                continue;
4573                        release_sop(sop);
4574                        if (++count == num)
4575                                return count;
4576                }
4577        }
4578        return count;
4579}
4580
4581void nfsd_forget_locks(u64 num)
4582{
4583        int count;
4584
4585        nfs4_lock_state();
4586        count = nfsd_release_n_owners(num, false, release_lockowner_sop);
4587        nfs4_unlock_state();
4588
4589        printk(KERN_INFO "NFSD: Forgot %d locks", count);
4590}
4591
4592void nfsd_forget_openowners(u64 num)
4593{
4594        int count;
4595
4596        nfs4_lock_state();
4597        count = nfsd_release_n_owners(num, true, release_openowner_sop);
4598        nfs4_unlock_state();
4599
4600        printk(KERN_INFO "NFSD: Forgot %d open owners", count);
4601}
4602
4603int nfsd_process_n_delegations(u64 num, struct list_head *list)
4604{
4605        int i, count = 0;
4606        struct nfs4_file *fp, *fnext;
4607        struct nfs4_delegation *dp, *dnext;
4608
4609        for (i = 0; i < FILE_HASH_SIZE; i++) {
4610                list_for_each_entry_safe(fp, fnext, &file_hashtbl[i], fi_hash) {
4611                        list_for_each_entry_safe(dp, dnext, &fp->fi_delegations, dl_perfile) {
4612                                list_move(&dp->dl_recall_lru, list);
4613                                if (++count == num)
4614                                        return count;
4615                        }
4616                }
4617        }
4618
4619        return count;
4620}
4621
4622void nfsd_forget_delegations(u64 num)
4623{
4624        unsigned int count;
4625        LIST_HEAD(victims);
4626        struct nfs4_delegation *dp, *dnext;
4627
4628        spin_lock(&recall_lock);
4629        count = nfsd_process_n_delegations(num, &victims);
4630        spin_unlock(&recall_lock);
4631
4632        nfs4_lock_state();
4633        list_for_each_entry_safe(dp, dnext, &victims, dl_recall_lru)
4634                unhash_delegation(dp);
4635        nfs4_unlock_state();
4636
4637        printk(KERN_INFO "NFSD: Forgot %d delegations", count);
4638}
4639
4640void nfsd_recall_delegations(u64 num)
4641{
4642        unsigned int count;
4643        LIST_HEAD(victims);
4644        struct nfs4_delegation *dp, *dnext;
4645
4646        spin_lock(&recall_lock);
4647        count = nfsd_process_n_delegations(num, &victims);
4648        list_for_each_entry_safe(dp, dnext, &victims, dl_recall_lru) {
4649                list_del(&dp->dl_recall_lru);
4650                nfsd_break_one_deleg(dp);
4651        }
4652        spin_unlock(&recall_lock);
4653
4654        printk(KERN_INFO "NFSD: Recalled %d delegations", count);
4655}
4656
4657#endif /* CONFIG_NFSD_FAULT_INJECTION */
4658
4659/* initialization to perform at module load time: */
4660
4661void
4662nfs4_state_init(void)
4663{
4664        int i;
4665
4666        for (i = 0; i < CLIENT_HASH_SIZE; i++) {
4667                INIT_LIST_HEAD(&conf_id_hashtbl[i]);
4668                INIT_LIST_HEAD(&conf_str_hashtbl[i]);
4669                INIT_LIST_HEAD(&unconf_str_hashtbl[i]);
4670                INIT_LIST_HEAD(&unconf_id_hashtbl[i]);
4671                INIT_LIST_HEAD(&reclaim_str_hashtbl[i]);
4672        }
4673        for (i = 0; i < SESSION_HASH_SIZE; i++)
4674                INIT_LIST_HEAD(&sessionid_hashtbl[i]);
4675        for (i = 0; i < FILE_HASH_SIZE; i++) {
4676                INIT_LIST_HEAD(&file_hashtbl[i]);
4677        }
4678        for (i = 0; i < OWNER_HASH_SIZE; i++) {
4679                INIT_LIST_HEAD(&ownerstr_hashtbl[i]);
4680        }
4681        for (i = 0; i < LOCKOWNER_INO_HASH_SIZE; i++)
4682                INIT_LIST_HEAD(&lockowner_ino_hashtbl[i]);
4683        INIT_LIST_HEAD(&close_lru);
4684        INIT_LIST_HEAD(&client_lru);
4685        INIT_LIST_HEAD(&del_recall_lru);
4686        reclaim_str_hashtbl_size = 0;
4687}
4688
4689/*
4690 * Since the lifetime of a delegation isn't limited to that of an open, a
4691 * client may quite reasonably hang on to a delegation as long as it has
4692 * the inode cached.  This becomes an obvious problem the first time a
4693 * client's inode cache approaches the size of the server's total memory.
4694 *
4695 * For now we avoid this problem by imposing a hard limit on the number
4696 * of delegations, which varies according to the server's memory size.
4697 */
4698static void
4699set_max_delegations(void)
4700{
4701        /*
4702         * Allow at most 4 delegations per megabyte of RAM.  Quick
4703         * estimates suggest that in the worst case (where every delegation
4704         * is for a different inode), a delegation could take about 1.5K,
4705         * giving a worst case usage of about 6% of memory.
4706         */
4707        max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
4708}
4709
4710/* initialization to perform when the nfsd service is started: */
4711
4712int
4713nfs4_state_start(void)
4714{
4715        struct net *net = &init_net;
4716        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
4717        int ret;
4718
4719        /*
4720         * FIXME: For now, we hang most of the pernet global stuff off of
4721         * init_net until nfsd is fully containerized. Eventually, we'll
4722         * need to pass a net pointer into this function, take a reference
4723         * to that instead and then do most of the rest of this on a per-net
4724         * basis.
4725         */
4726        get_net(net);
4727        nfsd4_client_tracking_init(net);
4728        nn->boot_time = get_seconds();
4729        locks_start_grace(net, &nn->nfsd4_manager);
4730        nn->grace_ended = false;
4731        printk(KERN_INFO "NFSD: starting %ld-second grace period\n",
4732               nfsd4_grace);
4733        ret = set_callback_cred();
4734        if (ret) {
4735                ret = -ENOMEM;
4736                goto out_recovery;
4737        }
4738        laundry_wq = create_singlethread_workqueue("nfsd4");
4739        if (laundry_wq == NULL) {
4740                ret = -ENOMEM;
4741                goto out_recovery;
4742        }
4743        ret = nfsd4_create_callback_queue();
4744        if (ret)
4745                goto out_free_laundry;
4746        queue_delayed_work(laundry_wq, &laundromat_work, nfsd4_grace * HZ);
4747        set_max_delegations();
4748        return 0;
4749out_free_laundry:
4750        destroy_workqueue(laundry_wq);
4751out_recovery:
4752        nfsd4_client_tracking_exit(net);
4753        put_net(net);
4754        return ret;
4755}
4756
4757static void
4758__nfs4_state_shutdown(void)
4759{
4760        int i;
4761        struct nfs4_client *clp = NULL;
4762        struct nfs4_delegation *dp = NULL;
4763        struct list_head *pos, *next, reaplist;
4764
4765        for (i = 0; i < CLIENT_HASH_SIZE; i++) {
4766                while (!list_empty(&conf_id_hashtbl[i])) {
4767                        clp = list_entry(conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
4768                        expire_client(clp);
4769                }
4770                while (!list_empty(&unconf_str_hashtbl[i])) {
4771                        clp = list_entry(unconf_str_hashtbl[i].next, struct nfs4_client, cl_strhash);
4772                        expire_client(clp);
4773                }
4774        }
4775        INIT_LIST_HEAD(&reaplist);
4776        spin_lock(&recall_lock);
4777        list_for_each_safe(pos, next, &del_recall_lru) {
4778                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4779                list_move(&dp->dl_recall_lru, &reaplist);
4780        }
4781        spin_unlock(&recall_lock);
4782        list_for_each_safe(pos, next, &reaplist) {
4783                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4784                unhash_delegation(dp);
4785        }
4786
4787        nfsd4_client_tracking_exit(&init_net);
4788        put_net(&init_net);
4789}
4790
4791void
4792nfs4_state_shutdown(void)
4793{
4794        struct net *net = &init_net;
4795        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
4796
4797        cancel_delayed_work_sync(&laundromat_work);
4798        destroy_workqueue(laundry_wq);
4799        locks_end_grace(&nn->nfsd4_manager);
4800        nfs4_lock_state();
4801        __nfs4_state_shutdown();
4802        nfs4_unlock_state();
4803        nfsd4_destroy_callback_queue();
4804}
4805
4806static void
4807get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
4808{
4809        if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
4810                memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
4811}
4812
4813static void
4814put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
4815{
4816        if (cstate->minorversion) {
4817                memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
4818                SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
4819        }
4820}
4821
4822void
4823clear_current_stateid(struct nfsd4_compound_state *cstate)
4824{
4825        CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
4826}
4827
4828/*
4829 * functions to set current state id
4830 */
4831void
4832nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
4833{
4834        put_stateid(cstate, &odp->od_stateid);
4835}
4836
4837void
4838nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
4839{
4840        put_stateid(cstate, &open->op_stateid);
4841}
4842
4843void
4844nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
4845{
4846        put_stateid(cstate, &close->cl_stateid);
4847}
4848
4849void
4850nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
4851{
4852        put_stateid(cstate, &lock->lk_resp_stateid);
4853}
4854
4855/*
4856 * functions to consume current state id
4857 */
4858
4859void
4860nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
4861{
4862        get_stateid(cstate, &odp->od_stateid);
4863}
4864
4865void
4866nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
4867{
4868        get_stateid(cstate, &drp->dr_stateid);
4869}
4870
4871void
4872nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
4873{
4874        get_stateid(cstate, &fsp->fr_stateid);
4875}
4876
4877void
4878nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
4879{
4880        get_stateid(cstate, &setattr->sa_stateid);
4881}
4882
4883void
4884nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
4885{
4886        get_stateid(cstate, &close->cl_stateid);
4887}
4888
4889void
4890nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
4891{
4892        get_stateid(cstate, &locku->lu_stateid);
4893}
4894
4895void
4896nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
4897{
4898        get_stateid(cstate, &read->rd_stateid);
4899}
4900
4901void
4902nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
4903{
4904        get_stateid(cstate, &write->wr_stateid);
4905}
4906
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.