linux/fs/nfsd/nfs4state.c
<<
>>
Prefs
   1/*
   2*  Copyright (c) 2001 The Regents of the University of Michigan.
   3*  All rights reserved.
   4*
   5*  Kendrick Smith <kmsmith@umich.edu>
   6*  Andy Adamson <kandros@umich.edu>
   7*
   8*  Redistribution and use in source and binary forms, with or without
   9*  modification, are permitted provided that the following conditions
  10*  are met:
  11*
  12*  1. Redistributions of source code must retain the above copyright
  13*     notice, this list of conditions and the following disclaimer.
  14*  2. Redistributions in binary form must reproduce the above copyright
  15*     notice, this list of conditions and the following disclaimer in the
  16*     documentation and/or other materials provided with the distribution.
  17*  3. Neither the name of the University nor the names of its
  18*     contributors may be used to endorse or promote products derived
  19*     from this software without specific prior written permission.
  20*
  21*  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  22*  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  23*  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  24*  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  25*  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  26*  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  27*  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  28*  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  29*  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  30*  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  31*  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  32*
  33*/
  34
  35#include <linux/file.h>
  36#include <linux/fs.h>
  37#include <linux/slab.h>
  38#include <linux/namei.h>
  39#include <linux/swap.h>
  40#include <linux/pagemap.h>
  41#include <linux/ratelimit.h>
  42#include <linux/sunrpc/svcauth_gss.h>
  43#include <linux/sunrpc/clnt.h>
  44#include "xdr4.h"
  45#include "vfs.h"
  46#include "current_stateid.h"
  47#include "fault_inject.h"
  48
  49#include "netns.h"
  50
  51#define NFSDDBG_FACILITY                NFSDDBG_PROC
  52
  53/* Globals */
  54time_t nfsd4_lease = 90;     /* default lease time */
  55time_t nfsd4_grace = 90;
  56
  57#define all_ones {{~0,~0},~0}
  58static const stateid_t one_stateid = {
  59        .si_generation = ~0,
  60        .si_opaque = all_ones,
  61};
  62static const stateid_t zero_stateid = {
  63        /* all fields zero */
  64};
  65static const stateid_t currentstateid = {
  66        .si_generation = 1,
  67};
  68
  69static u64 current_sessionid = 1;
  70
  71#define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t)))
  72#define ONE_STATEID(stateid)  (!memcmp((stateid), &one_stateid, sizeof(stateid_t)))
  73#define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t)))
  74
  75/* forward declarations */
  76static int check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner);
  77
  78/* Locking: */
  79
  80/* Currently used for almost all code touching nfsv4 state: */
  81static DEFINE_MUTEX(client_mutex);
  82
  83/*
  84 * Currently used for the del_recall_lru and file hash table.  In an
  85 * effort to decrease the scope of the client_mutex, this spinlock may
  86 * eventually cover more:
  87 */
  88static DEFINE_SPINLOCK(recall_lock);
  89
  90static struct kmem_cache *openowner_slab = NULL;
  91static struct kmem_cache *lockowner_slab = NULL;
  92static struct kmem_cache *file_slab = NULL;
  93static struct kmem_cache *stateid_slab = NULL;
  94static struct kmem_cache *deleg_slab = NULL;
  95
  96void
  97nfs4_lock_state(void)
  98{
  99        mutex_lock(&client_mutex);
 100}
 101
 102static void free_session(struct kref *);
 103
 104/* Must be called under the client_lock */
 105static void nfsd4_put_session_locked(struct nfsd4_session *ses)
 106{
 107        kref_put(&ses->se_ref, free_session);
 108}
 109
 110static void nfsd4_get_session(struct nfsd4_session *ses)
 111{
 112        kref_get(&ses->se_ref);
 113}
 114
 115void
 116nfs4_unlock_state(void)
 117{
 118        mutex_unlock(&client_mutex);
 119}
 120
 121static inline u32
 122opaque_hashval(const void *ptr, int nbytes)
 123{
 124        unsigned char *cptr = (unsigned char *) ptr;
 125
 126        u32 x = 0;
 127        while (nbytes--) {
 128                x *= 37;
 129                x += *cptr++;
 130        }
 131        return x;
 132}
 133
 134static struct list_head del_recall_lru;
 135
 136static void nfsd4_free_file(struct nfs4_file *f)
 137{
 138        kmem_cache_free(file_slab, f);
 139}
 140
 141static inline void
 142put_nfs4_file(struct nfs4_file *fi)
 143{
 144        if (atomic_dec_and_lock(&fi->fi_ref, &recall_lock)) {
 145                list_del(&fi->fi_hash);
 146                spin_unlock(&recall_lock);
 147                iput(fi->fi_inode);
 148                nfsd4_free_file(fi);
 149        }
 150}
 151
 152static inline void
 153get_nfs4_file(struct nfs4_file *fi)
 154{
 155        atomic_inc(&fi->fi_ref);
 156}
 157
 158static int num_delegations;
 159unsigned int max_delegations;
 160
 161/*
 162 * Open owner state (share locks)
 163 */
 164
 165/* hash tables for lock and open owners */
 166#define OWNER_HASH_BITS              8
 167#define OWNER_HASH_SIZE             (1 << OWNER_HASH_BITS)
 168#define OWNER_HASH_MASK             (OWNER_HASH_SIZE - 1)
 169
 170static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername)
 171{
 172        unsigned int ret;
 173
 174        ret = opaque_hashval(ownername->data, ownername->len);
 175        ret += clientid;
 176        return ret & OWNER_HASH_MASK;
 177}
 178
 179static struct list_head ownerstr_hashtbl[OWNER_HASH_SIZE];
 180
 181/* hash table for nfs4_file */
 182#define FILE_HASH_BITS                   8
 183#define FILE_HASH_SIZE                  (1 << FILE_HASH_BITS)
 184
 185static unsigned int file_hashval(struct inode *ino)
 186{
 187        /* XXX: why are we hashing on inode pointer, anyway? */
 188        return hash_ptr(ino, FILE_HASH_BITS);
 189}
 190
 191static struct list_head file_hashtbl[FILE_HASH_SIZE];
 192
 193static void __nfs4_file_get_access(struct nfs4_file *fp, int oflag)
 194{
 195        BUG_ON(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR]));
 196        atomic_inc(&fp->fi_access[oflag]);
 197}
 198
 199static void nfs4_file_get_access(struct nfs4_file *fp, int oflag)
 200{
 201        if (oflag == O_RDWR) {
 202                __nfs4_file_get_access(fp, O_RDONLY);
 203                __nfs4_file_get_access(fp, O_WRONLY);
 204        } else
 205                __nfs4_file_get_access(fp, oflag);
 206}
 207
 208static void nfs4_file_put_fd(struct nfs4_file *fp, int oflag)
 209{
 210        if (fp->fi_fds[oflag]) {
 211                fput(fp->fi_fds[oflag]);
 212                fp->fi_fds[oflag] = NULL;
 213        }
 214}
 215
 216static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag)
 217{
 218        if (atomic_dec_and_test(&fp->fi_access[oflag])) {
 219                nfs4_file_put_fd(fp, oflag);
 220                /*
 221                 * It's also safe to get rid of the RDWR open *if*
 222                 * we no longer have need of the other kind of access
 223                 * or if we already have the other kind of open:
 224                 */
 225                if (fp->fi_fds[1-oflag]
 226                        || atomic_read(&fp->fi_access[1 - oflag]) == 0)
 227                        nfs4_file_put_fd(fp, O_RDWR);
 228        }
 229}
 230
 231static void nfs4_file_put_access(struct nfs4_file *fp, int oflag)
 232{
 233        if (oflag == O_RDWR) {
 234                __nfs4_file_put_access(fp, O_RDONLY);
 235                __nfs4_file_put_access(fp, O_WRONLY);
 236        } else
 237                __nfs4_file_put_access(fp, oflag);
 238}
 239
 240static inline int get_new_stid(struct nfs4_stid *stid)
 241{
 242        static int min_stateid = 0;
 243        struct idr *stateids = &stid->sc_client->cl_stateids;
 244        int new_stid;
 245        int error;
 246
 247        error = idr_get_new_above(stateids, stid, min_stateid, &new_stid);
 248        /*
 249         * Note: the necessary preallocation was done in
 250         * nfs4_alloc_stateid().  The idr code caps the number of
 251         * preallocations that can exist at a time, but the state lock
 252         * prevents anyone from using ours before we get here:
 253         */
 254        BUG_ON(error);
 255        /*
 256         * It shouldn't be a problem to reuse an opaque stateid value.
 257         * I don't think it is for 4.1.  But with 4.0 I worry that, for
 258         * example, a stray write retransmission could be accepted by
 259         * the server when it should have been rejected.  Therefore,
 260         * adopt a trick from the sctp code to attempt to maximize the
 261         * amount of time until an id is reused, by ensuring they always
 262         * "increase" (mod INT_MAX):
 263         */
 264
 265        min_stateid = new_stid+1;
 266        if (min_stateid == INT_MAX)
 267                min_stateid = 0;
 268        return new_stid;
 269}
 270
 271static void init_stid(struct nfs4_stid *stid, struct nfs4_client *cl, unsigned char type)
 272{
 273        stateid_t *s = &stid->sc_stateid;
 274        int new_id;
 275
 276        stid->sc_type = type;
 277        stid->sc_client = cl;
 278        s->si_opaque.so_clid = cl->cl_clientid;
 279        new_id = get_new_stid(stid);
 280        s->si_opaque.so_id = (u32)new_id;
 281        /* Will be incremented before return to client: */
 282        s->si_generation = 0;
 283}
 284
 285static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct kmem_cache *slab)
 286{
 287        struct idr *stateids = &cl->cl_stateids;
 288
 289        if (!idr_pre_get(stateids, GFP_KERNEL))
 290                return NULL;
 291        /*
 292         * Note: if we fail here (or any time between now and the time
 293         * we actually get the new idr), we won't need to undo the idr
 294         * preallocation, since the idr code caps the number of
 295         * preallocated entries.
 296         */
 297        return kmem_cache_alloc(slab, GFP_KERNEL);
 298}
 299
 300static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp)
 301{
 302        return openlockstateid(nfs4_alloc_stid(clp, stateid_slab));
 303}
 304
 305static struct nfs4_delegation *
 306alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh, u32 type)
 307{
 308        struct nfs4_delegation *dp;
 309        struct nfs4_file *fp = stp->st_file;
 310
 311        dprintk("NFSD alloc_init_deleg\n");
 312        /*
 313         * Major work on the lease subsystem (for example, to support
 314         * calbacks on stat) will be required before we can support
 315         * write delegations properly.
 316         */
 317        if (type != NFS4_OPEN_DELEGATE_READ)
 318                return NULL;
 319        if (fp->fi_had_conflict)
 320                return NULL;
 321        if (num_delegations > max_delegations)
 322                return NULL;
 323        dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab));
 324        if (dp == NULL)
 325                return dp;
 326        init_stid(&dp->dl_stid, clp, NFS4_DELEG_STID);
 327        /*
 328         * delegation seqid's are never incremented.  The 4.1 special
 329         * meaning of seqid 0 isn't meaningful, really, but let's avoid
 330         * 0 anyway just for consistency and use 1:
 331         */
 332        dp->dl_stid.sc_stateid.si_generation = 1;
 333        num_delegations++;
 334        INIT_LIST_HEAD(&dp->dl_perfile);
 335        INIT_LIST_HEAD(&dp->dl_perclnt);
 336        INIT_LIST_HEAD(&dp->dl_recall_lru);
 337        get_nfs4_file(fp);
 338        dp->dl_file = fp;
 339        dp->dl_type = type;
 340        fh_copy_shallow(&dp->dl_fh, &current_fh->fh_handle);
 341        dp->dl_time = 0;
 342        atomic_set(&dp->dl_count, 1);
 343        INIT_WORK(&dp->dl_recall.cb_work, nfsd4_do_callback_rpc);
 344        return dp;
 345}
 346
 347void
 348nfs4_put_delegation(struct nfs4_delegation *dp)
 349{
 350        if (atomic_dec_and_test(&dp->dl_count)) {
 351                dprintk("NFSD: freeing dp %p\n",dp);
 352                put_nfs4_file(dp->dl_file);
 353                kmem_cache_free(deleg_slab, dp);
 354                num_delegations--;
 355        }
 356}
 357
 358static void nfs4_put_deleg_lease(struct nfs4_file *fp)
 359{
 360        if (atomic_dec_and_test(&fp->fi_delegees)) {
 361                vfs_setlease(fp->fi_deleg_file, F_UNLCK, &fp->fi_lease);
 362                fp->fi_lease = NULL;
 363                fput(fp->fi_deleg_file);
 364                fp->fi_deleg_file = NULL;
 365        }
 366}
 367
 368static void unhash_stid(struct nfs4_stid *s)
 369{
 370        struct idr *stateids = &s->sc_client->cl_stateids;
 371
 372        idr_remove(stateids, s->sc_stateid.si_opaque.so_id);
 373}
 374
 375/* Called under the state lock. */
 376static void
 377unhash_delegation(struct nfs4_delegation *dp)
 378{
 379        unhash_stid(&dp->dl_stid);
 380        list_del_init(&dp->dl_perclnt);
 381        spin_lock(&recall_lock);
 382        list_del_init(&dp->dl_perfile);
 383        list_del_init(&dp->dl_recall_lru);
 384        spin_unlock(&recall_lock);
 385        nfs4_put_deleg_lease(dp->dl_file);
 386        nfs4_put_delegation(dp);
 387}
 388
 389/* 
 390 * SETCLIENTID state 
 391 */
 392
 393/* client_lock protects the client lru list and session hash table */
 394static DEFINE_SPINLOCK(client_lock);
 395
 396/* Hash tables for nfs4_clientid state */
 397#define CLIENT_HASH_BITS                 4
 398#define CLIENT_HASH_SIZE                (1 << CLIENT_HASH_BITS)
 399#define CLIENT_HASH_MASK                (CLIENT_HASH_SIZE - 1)
 400
 401static unsigned int clientid_hashval(u32 id)
 402{
 403        return id & CLIENT_HASH_MASK;
 404}
 405
 406static unsigned int clientstr_hashval(const char *name)
 407{
 408        return opaque_hashval(name, 8) & CLIENT_HASH_MASK;
 409}
 410
 411/*
 412 * reclaim_str_hashtbl[] holds known client info from previous reset/reboot
 413 * used in reboot/reset lease grace period processing
 414 *
 415 * conf_id_hashtbl[], and conf_str_hashtbl[] hold confirmed
 416 * setclientid_confirmed info. 
 417 *
 418 * unconf_str_hastbl[] and unconf_id_hashtbl[] hold unconfirmed 
 419 * setclientid info.
 420 *
 421 * client_lru holds client queue ordered by nfs4_client.cl_time
 422 * for lease renewal.
 423 *
 424 * close_lru holds (open) stateowner queue ordered by nfs4_stateowner.so_time
 425 * for last close replay.
 426 */
 427static struct list_head reclaim_str_hashtbl[CLIENT_HASH_SIZE];
 428static int reclaim_str_hashtbl_size = 0;
 429static struct list_head conf_id_hashtbl[CLIENT_HASH_SIZE];
 430static struct list_head conf_str_hashtbl[CLIENT_HASH_SIZE];
 431static struct list_head unconf_str_hashtbl[CLIENT_HASH_SIZE];
 432static struct list_head unconf_id_hashtbl[CLIENT_HASH_SIZE];
 433static struct list_head client_lru;
 434static struct list_head close_lru;
 435
 436/*
 437 * We store the NONE, READ, WRITE, and BOTH bits separately in the
 438 * st_{access,deny}_bmap field of the stateid, in order to track not
 439 * only what share bits are currently in force, but also what
 440 * combinations of share bits previous opens have used.  This allows us
 441 * to enforce the recommendation of rfc 3530 14.2.19 that the server
 442 * return an error if the client attempt to downgrade to a combination
 443 * of share bits not explicable by closing some of its previous opens.
 444 *
 445 * XXX: This enforcement is actually incomplete, since we don't keep
 446 * track of access/deny bit combinations; so, e.g., we allow:
 447 *
 448 *      OPEN allow read, deny write
 449 *      OPEN allow both, deny none
 450 *      DOWNGRADE allow read, deny none
 451 *
 452 * which we should reject.
 453 */
 454static unsigned int
 455bmap_to_share_mode(unsigned long bmap) {
 456        int i;
 457        unsigned int access = 0;
 458
 459        for (i = 1; i < 4; i++) {
 460                if (test_bit(i, &bmap))
 461                        access |= i;
 462        }
 463        return access;
 464}
 465
 466static bool
 467test_share(struct nfs4_ol_stateid *stp, struct nfsd4_open *open) {
 468        unsigned int access, deny;
 469
 470        access = bmap_to_share_mode(stp->st_access_bmap);
 471        deny = bmap_to_share_mode(stp->st_deny_bmap);
 472        if ((access & open->op_share_deny) || (deny & open->op_share_access))
 473                return false;
 474        return true;
 475}
 476
 477/* set share access for a given stateid */
 478static inline void
 479set_access(u32 access, struct nfs4_ol_stateid *stp)
 480{
 481        __set_bit(access, &stp->st_access_bmap);
 482}
 483
 484/* clear share access for a given stateid */
 485static inline void
 486clear_access(u32 access, struct nfs4_ol_stateid *stp)
 487{
 488        __clear_bit(access, &stp->st_access_bmap);
 489}
 490
 491/* test whether a given stateid has access */
 492static inline bool
 493test_access(u32 access, struct nfs4_ol_stateid *stp)
 494{
 495        return test_bit(access, &stp->st_access_bmap);
 496}
 497
 498/* set share deny for a given stateid */
 499static inline void
 500set_deny(u32 access, struct nfs4_ol_stateid *stp)
 501{
 502        __set_bit(access, &stp->st_deny_bmap);
 503}
 504
 505/* clear share deny for a given stateid */
 506static inline void
 507clear_deny(u32 access, struct nfs4_ol_stateid *stp)
 508{
 509        __clear_bit(access, &stp->st_deny_bmap);
 510}
 511
 512/* test whether a given stateid is denying specific access */
 513static inline bool
 514test_deny(u32 access, struct nfs4_ol_stateid *stp)
 515{
 516        return test_bit(access, &stp->st_deny_bmap);
 517}
 518
 519static int nfs4_access_to_omode(u32 access)
 520{
 521        switch (access & NFS4_SHARE_ACCESS_BOTH) {
 522        case NFS4_SHARE_ACCESS_READ:
 523                return O_RDONLY;
 524        case NFS4_SHARE_ACCESS_WRITE:
 525                return O_WRONLY;
 526        case NFS4_SHARE_ACCESS_BOTH:
 527                return O_RDWR;
 528        }
 529        BUG();
 530}
 531
 532/* release all access and file references for a given stateid */
 533static void
 534release_all_access(struct nfs4_ol_stateid *stp)
 535{
 536        int i;
 537
 538        for (i = 1; i < 4; i++) {
 539                if (test_access(i, stp))
 540                        nfs4_file_put_access(stp->st_file,
 541                                             nfs4_access_to_omode(i));
 542                clear_access(i, stp);
 543        }
 544}
 545
 546static void unhash_generic_stateid(struct nfs4_ol_stateid *stp)
 547{
 548        list_del(&stp->st_perfile);
 549        list_del(&stp->st_perstateowner);
 550}
 551
 552static void close_generic_stateid(struct nfs4_ol_stateid *stp)
 553{
 554        release_all_access(stp);
 555        put_nfs4_file(stp->st_file);
 556        stp->st_file = NULL;
 557}
 558
 559static void free_generic_stateid(struct nfs4_ol_stateid *stp)
 560{
 561        kmem_cache_free(stateid_slab, stp);
 562}
 563
 564static void release_lock_stateid(struct nfs4_ol_stateid *stp)
 565{
 566        struct file *file;
 567
 568        unhash_generic_stateid(stp);
 569        unhash_stid(&stp->st_stid);
 570        file = find_any_file(stp->st_file);
 571        if (file)
 572                locks_remove_posix(file, (fl_owner_t)lockowner(stp->st_stateowner));
 573        close_generic_stateid(stp);
 574        free_generic_stateid(stp);
 575}
 576
 577static void unhash_lockowner(struct nfs4_lockowner *lo)
 578{
 579        struct nfs4_ol_stateid *stp;
 580
 581        list_del(&lo->lo_owner.so_strhash);
 582        list_del(&lo->lo_perstateid);
 583        list_del(&lo->lo_owner_ino_hash);
 584        while (!list_empty(&lo->lo_owner.so_stateids)) {
 585                stp = list_first_entry(&lo->lo_owner.so_stateids,
 586                                struct nfs4_ol_stateid, st_perstateowner);
 587                release_lock_stateid(stp);
 588        }
 589}
 590
 591static void release_lockowner(struct nfs4_lockowner *lo)
 592{
 593        unhash_lockowner(lo);
 594        nfs4_free_lockowner(lo);
 595}
 596
 597static void
 598release_stateid_lockowners(struct nfs4_ol_stateid *open_stp)
 599{
 600        struct nfs4_lockowner *lo;
 601
 602        while (!list_empty(&open_stp->st_lockowners)) {
 603                lo = list_entry(open_stp->st_lockowners.next,
 604                                struct nfs4_lockowner, lo_perstateid);
 605                release_lockowner(lo);
 606        }
 607}
 608
 609static void unhash_open_stateid(struct nfs4_ol_stateid *stp)
 610{
 611        unhash_generic_stateid(stp);
 612        release_stateid_lockowners(stp);
 613        close_generic_stateid(stp);
 614}
 615
 616static void release_open_stateid(struct nfs4_ol_stateid *stp)
 617{
 618        unhash_open_stateid(stp);
 619        unhash_stid(&stp->st_stid);
 620        free_generic_stateid(stp);
 621}
 622
 623static void unhash_openowner(struct nfs4_openowner *oo)
 624{
 625        struct nfs4_ol_stateid *stp;
 626
 627        list_del(&oo->oo_owner.so_strhash);
 628        list_del(&oo->oo_perclient);
 629        while (!list_empty(&oo->oo_owner.so_stateids)) {
 630                stp = list_first_entry(&oo->oo_owner.so_stateids,
 631                                struct nfs4_ol_stateid, st_perstateowner);
 632                release_open_stateid(stp);
 633        }
 634}
 635
 636static void release_last_closed_stateid(struct nfs4_openowner *oo)
 637{
 638        struct nfs4_ol_stateid *s = oo->oo_last_closed_stid;
 639
 640        if (s) {
 641                unhash_stid(&s->st_stid);
 642                free_generic_stateid(s);
 643                oo->oo_last_closed_stid = NULL;
 644        }
 645}
 646
 647static void release_openowner(struct nfs4_openowner *oo)
 648{
 649        unhash_openowner(oo);
 650        list_del(&oo->oo_close_lru);
 651        release_last_closed_stateid(oo);
 652        nfs4_free_openowner(oo);
 653}
 654
 655#define SESSION_HASH_SIZE       512
 656static struct list_head sessionid_hashtbl[SESSION_HASH_SIZE];
 657
 658static inline int
 659hash_sessionid(struct nfs4_sessionid *sessionid)
 660{
 661        struct nfsd4_sessionid *sid = (struct nfsd4_sessionid *)sessionid;
 662
 663        return sid->sequence % SESSION_HASH_SIZE;
 664}
 665
 666#ifdef NFSD_DEBUG
 667static inline void
 668dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
 669{
 670        u32 *ptr = (u32 *)(&sessionid->data[0]);
 671        dprintk("%s: %u:%u:%u:%u\n", fn, ptr[0], ptr[1], ptr[2], ptr[3]);
 672}
 673#else
 674static inline void
 675dump_sessionid(const char *fn, struct nfs4_sessionid *sessionid)
 676{
 677}
 678#endif
 679
 680
 681static void
 682gen_sessionid(struct nfsd4_session *ses)
 683{
 684        struct nfs4_client *clp = ses->se_client;
 685        struct nfsd4_sessionid *sid;
 686
 687        sid = (struct nfsd4_sessionid *)ses->se_sessionid.data;
 688        sid->clientid = clp->cl_clientid;
 689        sid->sequence = current_sessionid++;
 690        sid->reserved = 0;
 691}
 692
 693/*
 694 * The protocol defines ca_maxresponssize_cached to include the size of
 695 * the rpc header, but all we need to cache is the data starting after
 696 * the end of the initial SEQUENCE operation--the rest we regenerate
 697 * each time.  Therefore we can advertise a ca_maxresponssize_cached
 698 * value that is the number of bytes in our cache plus a few additional
 699 * bytes.  In order to stay on the safe side, and not promise more than
 700 * we can cache, those additional bytes must be the minimum possible: 24
 701 * bytes of rpc header (xid through accept state, with AUTH_NULL
 702 * verifier), 12 for the compound header (with zero-length tag), and 44
 703 * for the SEQUENCE op response:
 704 */
 705#define NFSD_MIN_HDR_SEQ_SZ  (24 + 12 + 44)
 706
 707static void
 708free_session_slots(struct nfsd4_session *ses)
 709{
 710        int i;
 711
 712        for (i = 0; i < ses->se_fchannel.maxreqs; i++)
 713                kfree(ses->se_slots[i]);
 714}
 715
 716/*
 717 * We don't actually need to cache the rpc and session headers, so we
 718 * can allocate a little less for each slot:
 719 */
 720static inline int slot_bytes(struct nfsd4_channel_attrs *ca)
 721{
 722        return ca->maxresp_cached - NFSD_MIN_HDR_SEQ_SZ;
 723}
 724
 725static int nfsd4_sanitize_slot_size(u32 size)
 726{
 727        size -= NFSD_MIN_HDR_SEQ_SZ; /* We don't cache the rpc header */
 728        size = min_t(u32, size, NFSD_SLOT_CACHE_SIZE);
 729
 730        return size;
 731}
 732
 733/*
 734 * XXX: If we run out of reserved DRC memory we could (up to a point)
 735 * re-negotiate active sessions and reduce their slot usage to make
 736 * room for new connections. For now we just fail the create session.
 737 */
 738static int nfsd4_get_drc_mem(int slotsize, u32 num)
 739{
 740        int avail;
 741
 742        num = min_t(u32, num, NFSD_MAX_SLOTS_PER_SESSION);
 743
 744        spin_lock(&nfsd_drc_lock);
 745        avail = min_t(int, NFSD_MAX_MEM_PER_SESSION,
 746                        nfsd_drc_max_mem - nfsd_drc_mem_used);
 747        num = min_t(int, num, avail / slotsize);
 748        nfsd_drc_mem_used += num * slotsize;
 749        spin_unlock(&nfsd_drc_lock);
 750
 751        return num;
 752}
 753
 754static void nfsd4_put_drc_mem(int slotsize, int num)
 755{
 756        spin_lock(&nfsd_drc_lock);
 757        nfsd_drc_mem_used -= slotsize * num;
 758        spin_unlock(&nfsd_drc_lock);
 759}
 760
 761static struct nfsd4_session *__alloc_session(int slotsize, int numslots)
 762{
 763        struct nfsd4_session *new;
 764        int mem, i;
 765
 766        BUILD_BUG_ON(NFSD_MAX_SLOTS_PER_SESSION * sizeof(struct nfsd4_slot *)
 767                        + sizeof(struct nfsd4_session) > PAGE_SIZE);
 768        mem = numslots * sizeof(struct nfsd4_slot *);
 769
 770        new = kzalloc(sizeof(*new) + mem, GFP_KERNEL);
 771        if (!new)
 772                return NULL;
 773        /* allocate each struct nfsd4_slot and data cache in one piece */
 774        for (i = 0; i < numslots; i++) {
 775                mem = sizeof(struct nfsd4_slot) + slotsize;
 776                new->se_slots[i] = kzalloc(mem, GFP_KERNEL);
 777                if (!new->se_slots[i])
 778                        goto out_free;
 779        }
 780        return new;
 781out_free:
 782        while (i--)
 783                kfree(new->se_slots[i]);
 784        kfree(new);
 785        return NULL;
 786}
 787
 788static void init_forechannel_attrs(struct nfsd4_channel_attrs *new, struct nfsd4_channel_attrs *req, int numslots, int slotsize)
 789{
 790        u32 maxrpc = nfsd_serv->sv_max_mesg;
 791
 792        new->maxreqs = numslots;
 793        new->maxresp_cached = min_t(u32, req->maxresp_cached,
 794                                        slotsize + NFSD_MIN_HDR_SEQ_SZ);
 795        new->maxreq_sz = min_t(u32, req->maxreq_sz, maxrpc);
 796        new->maxresp_sz = min_t(u32, req->maxresp_sz, maxrpc);
 797        new->maxops = min_t(u32, req->maxops, NFSD_MAX_OPS_PER_COMPOUND);
 798}
 799
 800static void free_conn(struct nfsd4_conn *c)
 801{
 802        svc_xprt_put(c->cn_xprt);
 803        kfree(c);
 804}
 805
 806static void nfsd4_conn_lost(struct svc_xpt_user *u)
 807{
 808        struct nfsd4_conn *c = container_of(u, struct nfsd4_conn, cn_xpt_user);
 809        struct nfs4_client *clp = c->cn_session->se_client;
 810
 811        spin_lock(&clp->cl_lock);
 812        if (!list_empty(&c->cn_persession)) {
 813                list_del(&c->cn_persession);
 814                free_conn(c);
 815        }
 816        spin_unlock(&clp->cl_lock);
 817        nfsd4_probe_callback(clp);
 818}
 819
 820static struct nfsd4_conn *alloc_conn(struct svc_rqst *rqstp, u32 flags)
 821{
 822        struct nfsd4_conn *conn;
 823
 824        conn = kmalloc(sizeof(struct nfsd4_conn), GFP_KERNEL);
 825        if (!conn)
 826                return NULL;
 827        svc_xprt_get(rqstp->rq_xprt);
 828        conn->cn_xprt = rqstp->rq_xprt;
 829        conn->cn_flags = flags;
 830        INIT_LIST_HEAD(&conn->cn_xpt_user.list);
 831        return conn;
 832}
 833
 834static void __nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
 835{
 836        conn->cn_session = ses;
 837        list_add(&conn->cn_persession, &ses->se_conns);
 838}
 839
 840static void nfsd4_hash_conn(struct nfsd4_conn *conn, struct nfsd4_session *ses)
 841{
 842        struct nfs4_client *clp = ses->se_client;
 843
 844        spin_lock(&clp->cl_lock);
 845        __nfsd4_hash_conn(conn, ses);
 846        spin_unlock(&clp->cl_lock);
 847}
 848
 849static int nfsd4_register_conn(struct nfsd4_conn *conn)
 850{
 851        conn->cn_xpt_user.callback = nfsd4_conn_lost;
 852        return register_xpt_user(conn->cn_xprt, &conn->cn_xpt_user);
 853}
 854
 855static void nfsd4_init_conn(struct svc_rqst *rqstp, struct nfsd4_conn *conn, struct nfsd4_session *ses)
 856{
 857        int ret;
 858
 859        nfsd4_hash_conn(conn, ses);
 860        ret = nfsd4_register_conn(conn);
 861        if (ret)
 862                /* oops; xprt is already down: */
 863                nfsd4_conn_lost(&conn->cn_xpt_user);
 864        if (conn->cn_flags & NFS4_CDFC4_BACK) {
 865                /* callback channel may be back up */
 866                nfsd4_probe_callback(ses->se_client);
 867        }
 868}
 869
 870static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses)
 871{
 872        u32 dir = NFS4_CDFC4_FORE;
 873
 874        if (cses->flags & SESSION4_BACK_CHAN)
 875                dir |= NFS4_CDFC4_BACK;
 876        return alloc_conn(rqstp, dir);
 877}
 878
 879/* must be called under client_lock */
 880static void nfsd4_del_conns(struct nfsd4_session *s)
 881{
 882        struct nfs4_client *clp = s->se_client;
 883        struct nfsd4_conn *c;
 884
 885        spin_lock(&clp->cl_lock);
 886        while (!list_empty(&s->se_conns)) {
 887                c = list_first_entry(&s->se_conns, struct nfsd4_conn, cn_persession);
 888                list_del_init(&c->cn_persession);
 889                spin_unlock(&clp->cl_lock);
 890
 891                unregister_xpt_user(c->cn_xprt, &c->cn_xpt_user);
 892                free_conn(c);
 893
 894                spin_lock(&clp->cl_lock);
 895        }
 896        spin_unlock(&clp->cl_lock);
 897}
 898
 899static void __free_session(struct nfsd4_session *ses)
 900{
 901        nfsd4_put_drc_mem(slot_bytes(&ses->se_fchannel), ses->se_fchannel.maxreqs);
 902        free_session_slots(ses);
 903        kfree(ses);
 904}
 905
 906static void free_session(struct kref *kref)
 907{
 908        struct nfsd4_session *ses;
 909
 910        lockdep_assert_held(&client_lock);
 911        ses = container_of(kref, struct nfsd4_session, se_ref);
 912        nfsd4_del_conns(ses);
 913        __free_session(ses);
 914}
 915
 916void nfsd4_put_session(struct nfsd4_session *ses)
 917{
 918        spin_lock(&client_lock);
 919        nfsd4_put_session_locked(ses);
 920        spin_unlock(&client_lock);
 921}
 922
 923static struct nfsd4_session *alloc_session(struct nfsd4_channel_attrs *fchan)
 924{
 925        struct nfsd4_session *new;
 926        int numslots, slotsize;
 927        /*
 928         * Note decreasing slot size below client's request may
 929         * make it difficult for client to function correctly, whereas
 930         * decreasing the number of slots will (just?) affect
 931         * performance.  When short on memory we therefore prefer to
 932         * decrease number of slots instead of their size.
 933         */
 934        slotsize = nfsd4_sanitize_slot_size(fchan->maxresp_cached);
 935        numslots = nfsd4_get_drc_mem(slotsize, fchan->maxreqs);
 936        if (numslots < 1)
 937                return NULL;
 938
 939        new = __alloc_session(slotsize, numslots);
 940        if (!new) {
 941                nfsd4_put_drc_mem(slotsize, fchan->maxreqs);
 942                return NULL;
 943        }
 944        init_forechannel_attrs(&new->se_fchannel, fchan, numslots, slotsize);
 945        return new;
 946}
 947
 948static struct nfsd4_session *init_session(struct svc_rqst *rqstp, struct nfsd4_session *new, struct nfs4_client *clp, struct nfsd4_create_session *cses)
 949{
 950        int idx;
 951
 952        new->se_client = clp;
 953        gen_sessionid(new);
 954
 955        INIT_LIST_HEAD(&new->se_conns);
 956
 957        new->se_cb_seq_nr = 1;
 958        new->se_flags = cses->flags;
 959        new->se_cb_prog = cses->callback_prog;
 960        kref_init(&new->se_ref);
 961        idx = hash_sessionid(&new->se_sessionid);
 962        spin_lock(&client_lock);
 963        list_add(&new->se_hash, &sessionid_hashtbl[idx]);
 964        spin_lock(&clp->cl_lock);
 965        list_add(&new->se_perclnt, &clp->cl_sessions);
 966        spin_unlock(&clp->cl_lock);
 967        spin_unlock(&client_lock);
 968
 969        if (cses->flags & SESSION4_BACK_CHAN) {
 970                struct sockaddr *sa = svc_addr(rqstp);
 971                /*
 972                 * This is a little silly; with sessions there's no real
 973                 * use for the callback address.  Use the peer address
 974                 * as a reasonable default for now, but consider fixing
 975                 * the rpc client not to require an address in the
 976                 * future:
 977                 */
 978                rpc_copy_addr((struct sockaddr *)&clp->cl_cb_conn.cb_addr, sa);
 979                clp->cl_cb_conn.cb_addrlen = svc_addr_len(sa);
 980        }
 981        return new;
 982}
 983
 984/* caller must hold client_lock */
 985static struct nfsd4_session *
 986find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid)
 987{
 988        struct nfsd4_session *elem;
 989        int idx;
 990
 991        dump_sessionid(__func__, sessionid);
 992        idx = hash_sessionid(sessionid);
 993        /* Search in the appropriate list */
 994        list_for_each_entry(elem, &sessionid_hashtbl[idx], se_hash) {
 995                if (!memcmp(elem->se_sessionid.data, sessionid->data,
 996                            NFS4_MAX_SESSIONID_LEN)) {
 997                        return elem;
 998                }
 999        }
1000
1001        dprintk("%s: session not found\n", __func__);
1002        return NULL;
1003}
1004
1005/* caller must hold client_lock */
1006static void
1007unhash_session(struct nfsd4_session *ses)
1008{
1009        list_del(&ses->se_hash);
1010        spin_lock(&ses->se_client->cl_lock);
1011        list_del(&ses->se_perclnt);
1012        spin_unlock(&ses->se_client->cl_lock);
1013}
1014
1015/* must be called under the client_lock */
1016static inline void
1017renew_client_locked(struct nfs4_client *clp)
1018{
1019        if (is_client_expired(clp)) {
1020                WARN_ON(1);
1021                printk("%s: client (clientid %08x/%08x) already expired\n",
1022                        __func__,
1023                        clp->cl_clientid.cl_boot,
1024                        clp->cl_clientid.cl_id);
1025                return;
1026        }
1027
1028        dprintk("renewing client (clientid %08x/%08x)\n", 
1029                        clp->cl_clientid.cl_boot, 
1030                        clp->cl_clientid.cl_id);
1031        list_move_tail(&clp->cl_lru, &client_lru);
1032        clp->cl_time = get_seconds();
1033}
1034
1035static inline void
1036renew_client(struct nfs4_client *clp)
1037{
1038        spin_lock(&client_lock);
1039        renew_client_locked(clp);
1040        spin_unlock(&client_lock);
1041}
1042
1043/* SETCLIENTID and SETCLIENTID_CONFIRM Helper functions */
1044static int
1045STALE_CLIENTID(clientid_t *clid, struct nfsd_net *nn)
1046{
1047        if (clid->cl_boot == nn->boot_time)
1048                return 0;
1049        dprintk("NFSD stale clientid (%08x/%08x) boot_time %08lx\n",
1050                clid->cl_boot, clid->cl_id, nn->boot_time);
1051        return 1;
1052}
1053
1054/* 
1055 * XXX Should we use a slab cache ?
1056 * This type of memory management is somewhat inefficient, but we use it
1057 * anyway since SETCLIENTID is not a common operation.
1058 */
1059static struct nfs4_client *alloc_client(struct xdr_netobj name)
1060{
1061        struct nfs4_client *clp;
1062
1063        clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL);
1064        if (clp == NULL)
1065                return NULL;
1066        clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL);
1067        if (clp->cl_name.data == NULL) {
1068                kfree(clp);
1069                return NULL;
1070        }
1071        clp->cl_name.len = name.len;
1072        return clp;
1073}
1074
1075static inline void
1076free_client(struct nfs4_client *clp)
1077{
1078        lockdep_assert_held(&client_lock);
1079        while (!list_empty(&clp->cl_sessions)) {
1080                struct nfsd4_session *ses;
1081                ses = list_entry(clp->cl_sessions.next, struct nfsd4_session,
1082                                se_perclnt);
1083                list_del(&ses->se_perclnt);
1084                nfsd4_put_session_locked(ses);
1085        }
1086        free_svc_cred(&clp->cl_cred);
1087        kfree(clp->cl_name.data);
1088        kfree(clp);
1089}
1090
1091void
1092release_session_client(struct nfsd4_session *session)
1093{
1094        struct nfs4_client *clp = session->se_client;
1095
1096        if (!atomic_dec_and_lock(&clp->cl_refcount, &client_lock))
1097                return;
1098        if (is_client_expired(clp)) {
1099                free_client(clp);
1100                session->se_client = NULL;
1101        } else
1102                renew_client_locked(clp);
1103        spin_unlock(&client_lock);
1104}
1105
1106/* must be called under the client_lock */
1107static inline void
1108unhash_client_locked(struct nfs4_client *clp)
1109{
1110        struct nfsd4_session *ses;
1111
1112        mark_client_expired(clp);
1113        list_del(&clp->cl_lru);
1114        spin_lock(&clp->cl_lock);
1115        list_for_each_entry(ses, &clp->cl_sessions, se_perclnt)
1116                list_del_init(&ses->se_hash);
1117        spin_unlock(&clp->cl_lock);
1118}
1119
1120static void
1121destroy_client(struct nfs4_client *clp)
1122{
1123        struct nfs4_openowner *oo;
1124        struct nfs4_delegation *dp;
1125        struct list_head reaplist;
1126
1127        INIT_LIST_HEAD(&reaplist);
1128        spin_lock(&recall_lock);
1129        while (!list_empty(&clp->cl_delegations)) {
1130                dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt);
1131                list_del_init(&dp->dl_perclnt);
1132                list_move(&dp->dl_recall_lru, &reaplist);
1133        }
1134        spin_unlock(&recall_lock);
1135        while (!list_empty(&reaplist)) {
1136                dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru);
1137                unhash_delegation(dp);
1138        }
1139        while (!list_empty(&clp->cl_openowners)) {
1140                oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient);
1141                release_openowner(oo);
1142        }
1143        nfsd4_shutdown_callback(clp);
1144        if (clp->cl_cb_conn.cb_xprt)
1145                svc_xprt_put(clp->cl_cb_conn.cb_xprt);
1146        list_del(&clp->cl_idhash);
1147        list_del(&clp->cl_strhash);
1148        spin_lock(&client_lock);
1149        unhash_client_locked(clp);
1150        if (atomic_read(&clp->cl_refcount) == 0)
1151                free_client(clp);
1152        spin_unlock(&client_lock);
1153}
1154
1155static void expire_client(struct nfs4_client *clp)
1156{
1157        nfsd4_client_record_remove(clp);
1158        destroy_client(clp);
1159}
1160
1161static void copy_verf(struct nfs4_client *target, nfs4_verifier *source)
1162{
1163        memcpy(target->cl_verifier.data, source->data,
1164                        sizeof(target->cl_verifier.data));
1165}
1166
1167static void copy_clid(struct nfs4_client *target, struct nfs4_client *source)
1168{
1169        target->cl_clientid.cl_boot = source->cl_clientid.cl_boot; 
1170        target->cl_clientid.cl_id = source->cl_clientid.cl_id; 
1171}
1172
1173static int copy_cred(struct svc_cred *target, struct svc_cred *source)
1174{
1175        if (source->cr_principal) {
1176                target->cr_principal =
1177                                kstrdup(source->cr_principal, GFP_KERNEL);
1178                if (target->cr_principal == NULL)
1179                        return -ENOMEM;
1180        } else
1181                target->cr_principal = NULL;
1182        target->cr_flavor = source->cr_flavor;
1183        target->cr_uid = source->cr_uid;
1184        target->cr_gid = source->cr_gid;
1185        target->cr_group_info = source->cr_group_info;
1186        get_group_info(target->cr_group_info);
1187        return 0;
1188}
1189
1190static int same_name(const char *n1, const char *n2)
1191{
1192        return 0 == memcmp(n1, n2, HEXDIR_LEN);
1193}
1194
1195static int
1196same_verf(nfs4_verifier *v1, nfs4_verifier *v2)
1197{
1198        return 0 == memcmp(v1->data, v2->data, sizeof(v1->data));
1199}
1200
1201static int
1202same_clid(clientid_t *cl1, clientid_t *cl2)
1203{
1204        return (cl1->cl_boot == cl2->cl_boot) && (cl1->cl_id == cl2->cl_id);
1205}
1206
1207static bool groups_equal(struct group_info *g1, struct group_info *g2)
1208{
1209        int i;
1210
1211        if (g1->ngroups != g2->ngroups)
1212                return false;
1213        for (i=0; i<g1->ngroups; i++)
1214                if (GROUP_AT(g1, i) != GROUP_AT(g2, i))
1215                        return false;
1216        return true;
1217}
1218
1219/*
1220 * RFC 3530 language requires clid_inuse be returned when the
1221 * "principal" associated with a requests differs from that previously
1222 * used.  We use uid, gid's, and gss principal string as our best
1223 * approximation.  We also don't want to allow non-gss use of a client
1224 * established using gss: in theory cr_principal should catch that
1225 * change, but in practice cr_principal can be null even in the gss case
1226 * since gssd doesn't always pass down a principal string.
1227 */
1228static bool is_gss_cred(struct svc_cred *cr)
1229{
1230        /* Is cr_flavor one of the gss "pseudoflavors"?: */
1231        return (cr->cr_flavor > RPC_AUTH_MAXFLAVOR);
1232}
1233
1234
1235static bool
1236same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
1237{
1238        if ((is_gss_cred(cr1) != is_gss_cred(cr2))
1239                || (cr1->cr_uid != cr2->cr_uid)
1240                || (cr1->cr_gid != cr2->cr_gid)
1241                || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1242                return false;
1243        if (cr1->cr_principal == cr2->cr_principal)
1244                return true;
1245        if (!cr1->cr_principal || !cr2->cr_principal)
1246                return false;
1247        return 0 == strcmp(cr1->cr_principal, cr2->cr_principal);
1248}
1249
1250static void gen_clid(struct nfs4_client *clp)
1251{
1252        static u32 current_clientid = 1;
1253        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
1254
1255        clp->cl_clientid.cl_boot = nn->boot_time;
1256        clp->cl_clientid.cl_id = current_clientid++; 
1257}
1258
1259static void gen_confirm(struct nfs4_client *clp)
1260{
1261        __be32 verf[2];
1262        static u32 i;
1263
1264        verf[0] = (__be32)get_seconds();
1265        verf[1] = (__be32)i++;
1266        memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data));
1267}
1268
1269static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t)
1270{
1271        return idr_find(&cl->cl_stateids, t->si_opaque.so_id);
1272}
1273
1274static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask)
1275{
1276        struct nfs4_stid *s;
1277
1278        s = find_stateid(cl, t);
1279        if (!s)
1280                return NULL;
1281        if (typemask & s->sc_type)
1282                return s;
1283        return NULL;
1284}
1285
1286static struct nfs4_client *create_client(struct xdr_netobj name, char *recdir,
1287                struct svc_rqst *rqstp, nfs4_verifier *verf)
1288{
1289        struct nfs4_client *clp;
1290        struct sockaddr *sa = svc_addr(rqstp);
1291        int ret;
1292
1293        clp = alloc_client(name);
1294        if (clp == NULL)
1295                return NULL;
1296
1297        INIT_LIST_HEAD(&clp->cl_sessions);
1298        ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred);
1299        if (ret) {
1300                spin_lock(&client_lock);
1301                free_client(clp);
1302                spin_unlock(&client_lock);
1303                return NULL;
1304        }
1305        idr_init(&clp->cl_stateids);
1306        memcpy(clp->cl_recdir, recdir, HEXDIR_LEN);
1307        atomic_set(&clp->cl_refcount, 0);
1308        clp->cl_cb_state = NFSD4_CB_UNKNOWN;
1309        INIT_LIST_HEAD(&clp->cl_idhash);
1310        INIT_LIST_HEAD(&clp->cl_strhash);
1311        INIT_LIST_HEAD(&clp->cl_openowners);
1312        INIT_LIST_HEAD(&clp->cl_delegations);
1313        INIT_LIST_HEAD(&clp->cl_lru);
1314        INIT_LIST_HEAD(&clp->cl_callbacks);
1315        spin_lock_init(&clp->cl_lock);
1316        INIT_WORK(&clp->cl_cb_null.cb_work, nfsd4_do_callback_rpc);
1317        clp->cl_time = get_seconds();
1318        clear_bit(0, &clp->cl_cb_slot_busy);
1319        rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
1320        copy_verf(clp, verf);
1321        rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
1322        gen_confirm(clp);
1323        clp->cl_cb_session = NULL;
1324        return clp;
1325}
1326
1327static void
1328add_to_unconfirmed(struct nfs4_client *clp, unsigned int strhashval)
1329{
1330        unsigned int idhashval;
1331
1332        list_add(&clp->cl_strhash, &unconf_str_hashtbl[strhashval]);
1333        idhashval = clientid_hashval(clp->cl_clientid.cl_id);
1334        list_add(&clp->cl_idhash, &unconf_id_hashtbl[idhashval]);
1335        renew_client(clp);
1336}
1337
1338static void
1339move_to_confirmed(struct nfs4_client *clp)
1340{
1341        unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id);
1342        unsigned int strhashval;
1343
1344        dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp);
1345        list_move(&clp->cl_idhash, &conf_id_hashtbl[idhashval]);
1346        strhashval = clientstr_hashval(clp->cl_recdir);
1347        list_move(&clp->cl_strhash, &conf_str_hashtbl[strhashval]);
1348        renew_client(clp);
1349}
1350
1351static struct nfs4_client *
1352find_confirmed_client(clientid_t *clid, bool sessions)
1353{
1354        struct nfs4_client *clp;
1355        unsigned int idhashval = clientid_hashval(clid->cl_id);
1356
1357        list_for_each_entry(clp, &conf_id_hashtbl[idhashval], cl_idhash) {
1358                if (same_clid(&clp->cl_clientid, clid)) {
1359                        if ((bool)clp->cl_minorversion != sessions)
1360                                return NULL;
1361                        renew_client(clp);
1362                        return clp;
1363                }
1364        }
1365        return NULL;
1366}
1367
1368static struct nfs4_client *
1369find_unconfirmed_client(clientid_t *clid, bool sessions)
1370{
1371        struct nfs4_client *clp;
1372        unsigned int idhashval = clientid_hashval(clid->cl_id);
1373
1374        list_for_each_entry(clp, &unconf_id_hashtbl[idhashval], cl_idhash) {
1375                if (same_clid(&clp->cl_clientid, clid)) {
1376                        if ((bool)clp->cl_minorversion != sessions)
1377                                return NULL;
1378                        return clp;
1379                }
1380        }
1381        return NULL;
1382}
1383
1384static bool clp_used_exchangeid(struct nfs4_client *clp)
1385{
1386        return clp->cl_exchange_flags != 0;
1387} 
1388
1389static struct nfs4_client *
1390find_confirmed_client_by_str(const char *dname, unsigned int hashval)
1391{
1392        struct nfs4_client *clp;
1393
1394        list_for_each_entry(clp, &conf_str_hashtbl[hashval], cl_strhash) {
1395                if (same_name(clp->cl_recdir, dname))
1396                        return clp;
1397        }
1398        return NULL;
1399}
1400
1401static struct nfs4_client *
1402find_unconfirmed_client_by_str(const char *dname, unsigned int hashval)
1403{
1404        struct nfs4_client *clp;
1405
1406        list_for_each_entry(clp, &unconf_str_hashtbl[hashval], cl_strhash) {
1407                if (same_name(clp->cl_recdir, dname))
1408                        return clp;
1409        }
1410        return NULL;
1411}
1412
1413static void
1414gen_callback(struct nfs4_client *clp, struct nfsd4_setclientid *se, struct svc_rqst *rqstp)
1415{
1416        struct nfs4_cb_conn *conn = &clp->cl_cb_conn;
1417        struct sockaddr *sa = svc_addr(rqstp);
1418        u32 scopeid = rpc_get_scope_id(sa);
1419        unsigned short expected_family;
1420
1421        /* Currently, we only support tcp and tcp6 for the callback channel */
1422        if (se->se_callback_netid_len == 3 &&
1423            !memcmp(se->se_callback_netid_val, "tcp", 3))
1424                expected_family = AF_INET;
1425        else if (se->se_callback_netid_len == 4 &&
1426                 !memcmp(se->se_callback_netid_val, "tcp6", 4))
1427                expected_family = AF_INET6;
1428        else
1429                goto out_err;
1430
1431        conn->cb_addrlen = rpc_uaddr2sockaddr(&init_net, se->se_callback_addr_val,
1432                                            se->se_callback_addr_len,
1433                                            (struct sockaddr *)&conn->cb_addr,
1434                                            sizeof(conn->cb_addr));
1435
1436        if (!conn->cb_addrlen || conn->cb_addr.ss_family != expected_family)
1437                goto out_err;
1438
1439        if (conn->cb_addr.ss_family == AF_INET6)
1440                ((struct sockaddr_in6 *)&conn->cb_addr)->sin6_scope_id = scopeid;
1441
1442        conn->cb_prog = se->se_callback_prog;
1443        conn->cb_ident = se->se_callback_ident;
1444        memcpy(&conn->cb_saddr, &rqstp->rq_daddr, rqstp->rq_daddrlen);
1445        return;
1446out_err:
1447        conn->cb_addr.ss_family = AF_UNSPEC;
1448        conn->cb_addrlen = 0;
1449        dprintk(KERN_INFO "NFSD: this client (clientid %08x/%08x) "
1450                "will not receive delegations\n",
1451                clp->cl_clientid.cl_boot, clp->cl_clientid.cl_id);
1452
1453        return;
1454}
1455
1456/*
1457 * Cache a reply. nfsd4_check_drc_limit() has bounded the cache size.
1458 */
1459void
1460nfsd4_store_cache_entry(struct nfsd4_compoundres *resp)
1461{
1462        struct nfsd4_slot *slot = resp->cstate.slot;
1463        unsigned int base;
1464
1465        dprintk("--> %s slot %p\n", __func__, slot);
1466
1467        slot->sl_opcnt = resp->opcnt;
1468        slot->sl_status = resp->cstate.status;
1469
1470        slot->sl_flags |= NFSD4_SLOT_INITIALIZED;
1471        if (nfsd4_not_cached(resp)) {
1472                slot->sl_datalen = 0;
1473                return;
1474        }
1475        slot->sl_datalen = (char *)resp->p - (char *)resp->cstate.datap;
1476        base = (char *)resp->cstate.datap -
1477                                        (char *)resp->xbuf->head[0].iov_base;
1478        if (read_bytes_from_xdr_buf(resp->xbuf, base, slot->sl_data,
1479                                    slot->sl_datalen))
1480                WARN("%s: sessions DRC could not cache compound\n", __func__);
1481        return;
1482}
1483
1484/*
1485 * Encode the replay sequence operation from the slot values.
1486 * If cachethis is FALSE encode the uncached rep error on the next
1487 * operation which sets resp->p and increments resp->opcnt for
1488 * nfs4svc_encode_compoundres.
1489 *
1490 */
1491static __be32
1492nfsd4_enc_sequence_replay(struct nfsd4_compoundargs *args,
1493                          struct nfsd4_compoundres *resp)
1494{
1495        struct nfsd4_op *op;
1496        struct nfsd4_slot *slot = resp->cstate.slot;
1497
1498        /* Encode the replayed sequence operation */
1499        op = &args->ops[resp->opcnt - 1];
1500        nfsd4_encode_operation(resp, op);
1501
1502        /* Return nfserr_retry_uncached_rep in next operation. */
1503        if (args->opcnt > 1 && !(slot->sl_flags & NFSD4_SLOT_CACHETHIS)) {
1504                op = &args->ops[resp->opcnt++];
1505                op->status = nfserr_retry_uncached_rep;
1506                nfsd4_encode_operation(resp, op);
1507        }
1508        return op->status;
1509}
1510
1511/*
1512 * The sequence operation is not cached because we can use the slot and
1513 * session values.
1514 */
1515__be32
1516nfsd4_replay_cache_entry(struct nfsd4_compoundres *resp,
1517                         struct nfsd4_sequence *seq)
1518{
1519        struct nfsd4_slot *slot = resp->cstate.slot;
1520        __be32 status;
1521
1522        dprintk("--> %s slot %p\n", __func__, slot);
1523
1524        /* Either returns 0 or nfserr_retry_uncached */
1525        status = nfsd4_enc_sequence_replay(resp->rqstp->rq_argp, resp);
1526        if (status == nfserr_retry_uncached_rep)
1527                return status;
1528
1529        /* The sequence operation has been encoded, cstate->datap set. */
1530        memcpy(resp->cstate.datap, slot->sl_data, slot->sl_datalen);
1531
1532        resp->opcnt = slot->sl_opcnt;
1533        resp->p = resp->cstate.datap + XDR_QUADLEN(slot->sl_datalen);
1534        status = slot->sl_status;
1535
1536        return status;
1537}
1538
1539/*
1540 * Set the exchange_id flags returned by the server.
1541 */
1542static void
1543nfsd4_set_ex_flags(struct nfs4_client *new, struct nfsd4_exchange_id *clid)
1544{
1545        /* pNFS is not supported */
1546        new->cl_exchange_flags |= EXCHGID4_FLAG_USE_NON_PNFS;
1547
1548        /* Referrals are supported, Migration is not. */
1549        new->cl_exchange_flags |= EXCHGID4_FLAG_SUPP_MOVED_REFER;
1550
1551        /* set the wire flags to return to client. */
1552        clid->flags = new->cl_exchange_flags;
1553}
1554
1555static bool client_has_state(struct nfs4_client *clp)
1556{
1557        /*
1558         * Note clp->cl_openowners check isn't quite right: there's no
1559         * need to count owners without stateid's.
1560         *
1561         * Also note we should probably be using this in 4.0 case too.
1562         */
1563        return !list_empty(&clp->cl_openowners)
1564                || !list_empty(&clp->cl_delegations)
1565                || !list_empty(&clp->cl_sessions);
1566}
1567
1568__be32
1569nfsd4_exchange_id(struct svc_rqst *rqstp,
1570                  struct nfsd4_compound_state *cstate,
1571                  struct nfsd4_exchange_id *exid)
1572{
1573        struct nfs4_client *unconf, *conf, *new;
1574        __be32 status;
1575        unsigned int            strhashval;
1576        char                    dname[HEXDIR_LEN];
1577        char                    addr_str[INET6_ADDRSTRLEN];
1578        nfs4_verifier           verf = exid->verifier;
1579        struct sockaddr         *sa = svc_addr(rqstp);
1580        bool    update = exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A;
1581
1582        rpc_ntop(sa, addr_str, sizeof(addr_str));
1583        dprintk("%s rqstp=%p exid=%p clname.len=%u clname.data=%p "
1584                "ip_addr=%s flags %x, spa_how %d\n",
1585                __func__, rqstp, exid, exid->clname.len, exid->clname.data,
1586                addr_str, exid->flags, exid->spa_how);
1587
1588        if (exid->flags & ~EXCHGID4_FLAG_MASK_A)
1589                return nfserr_inval;
1590
1591        /* Currently only support SP4_NONE */
1592        switch (exid->spa_how) {
1593        case SP4_NONE:
1594                break;
1595        case SP4_SSV:
1596                return nfserr_serverfault;
1597        default:
1598                BUG();                          /* checked by xdr code */
1599        case SP4_MACH_CRED:
1600                return nfserr_serverfault;      /* no excuse :-/ */
1601        }
1602
1603        status = nfs4_make_rec_clidname(dname, &exid->clname);
1604
1605        if (status)
1606                return status;
1607
1608        strhashval = clientstr_hashval(dname);
1609
1610        /* Cases below refer to rfc 5661 section 18.35.4: */
1611        nfs4_lock_state();
1612        conf = find_confirmed_client_by_str(dname, strhashval);
1613        if (conf) {
1614                bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred);
1615                bool verfs_match = same_verf(&verf, &conf->cl_verifier);
1616
1617                if (update) {
1618                        if (!clp_used_exchangeid(conf)) { /* buggy client */
1619                                status = nfserr_inval;
1620                                goto out;
1621                        }
1622                        if (!creds_match) { /* case 9 */
1623                                status = nfserr_perm;
1624                                goto out;
1625                        }
1626                        if (!verfs_match) { /* case 8 */
1627                                status = nfserr_not_same;
1628                                goto out;
1629                        }
1630                        /* case 6 */
1631                        exid->flags |= EXCHGID4_FLAG_CONFIRMED_R;
1632                        new = conf;
1633                        goto out_copy;
1634                }
1635                if (!creds_match) { /* case 3 */
1636                        if (client_has_state(conf)) {
1637                                status = nfserr_clid_inuse;
1638                                goto out;
1639                        }
1640                        expire_client(conf);
1641                        goto out_new;
1642                }
1643                if (verfs_match) { /* case 2 */
1644                        conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R;
1645                        new = conf;
1646                        goto out_copy;
1647                }
1648                /* case 5, client reboot */
1649                goto out_new;
1650        }
1651
1652        if (update) { /* case 7 */
1653                status = nfserr_noent;
1654                goto out;
1655        }
1656
1657        unconf  = find_unconfirmed_client_by_str(dname, strhashval);
1658        if (unconf) /* case 4, possible retry or client restart */
1659                expire_client(unconf);
1660
1661        /* case 1 (normal case) */
1662out_new:
1663        new = create_client(exid->clname, dname, rqstp, &verf);
1664        if (new == NULL) {
1665                status = nfserr_jukebox;
1666                goto out;
1667        }
1668        new->cl_minorversion = 1;
1669
1670        gen_clid(new);
1671        add_to_unconfirmed(new, strhashval);
1672out_copy:
1673        exid->clientid.cl_boot = new->cl_clientid.cl_boot;
1674        exid->clientid.cl_id = new->cl_clientid.cl_id;
1675
1676        exid->seqid = new->cl_cs_slot.sl_seqid + 1;
1677        nfsd4_set_ex_flags(new, exid);
1678
1679        dprintk("nfsd4_exchange_id seqid %d flags %x\n",
1680                new->cl_cs_slot.sl_seqid, new->cl_exchange_flags);
1681        status = nfs_ok;
1682
1683out:
1684        nfs4_unlock_state();
1685        return status;
1686}
1687
1688static __be32
1689check_slot_seqid(u32 seqid, u32 slot_seqid, int slot_inuse)
1690{
1691        dprintk("%s enter. seqid %d slot_seqid %d\n", __func__, seqid,
1692                slot_seqid);
1693
1694        /* The slot is in use, and no response has been sent. */
1695        if (slot_inuse) {
1696                if (seqid == slot_seqid)
1697                        return nfserr_jukebox;
1698                else
1699                        return nfserr_seq_misordered;
1700        }
1701        /* Note unsigned 32-bit arithmetic handles wraparound: */
1702        if (likely(seqid == slot_seqid + 1))
1703                return nfs_ok;
1704        if (seqid == slot_seqid)
1705                return nfserr_replay_cache;
1706        return nfserr_seq_misordered;
1707}
1708
1709/*
1710 * Cache the create session result into the create session single DRC
1711 * slot cache by saving the xdr structure. sl_seqid has been set.
1712 * Do this for solo or embedded create session operations.
1713 */
1714static void
1715nfsd4_cache_create_session(struct nfsd4_create_session *cr_ses,
1716                           struct nfsd4_clid_slot *slot, __be32 nfserr)
1717{
1718        slot->sl_status = nfserr;
1719        memcpy(&slot->sl_cr_ses, cr_ses, sizeof(*cr_ses));
1720}
1721
1722static __be32
1723nfsd4_replay_create_session(struct nfsd4_create_session *cr_ses,
1724                            struct nfsd4_clid_slot *slot)
1725{
1726        memcpy(cr_ses, &slot->sl_cr_ses, sizeof(*cr_ses));
1727        return slot->sl_status;
1728}
1729
1730#define NFSD_MIN_REQ_HDR_SEQ_SZ ((\
1731                        2 * 2 + /* credential,verifier: AUTH_NULL, length 0 */ \
1732                        1 +     /* MIN tag is length with zero, only length */ \
1733                        3 +     /* version, opcount, opcode */ \
1734                        XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
1735                                /* seqid, slotID, slotID, cache */ \
1736                        4 ) * sizeof(__be32))
1737
1738#define NFSD_MIN_RESP_HDR_SEQ_SZ ((\
1739                        2 +     /* verifier: AUTH_NULL, length 0 */\
1740                        1 +     /* status */ \
1741                        1 +     /* MIN tag is length with zero, only length */ \
1742                        3 +     /* opcount, opcode, opstatus*/ \
1743                        XDR_QUADLEN(NFS4_MAX_SESSIONID_LEN) + \
1744                                /* seqid, slotID, slotID, slotID, status */ \
1745                        5 ) * sizeof(__be32))
1746
1747static bool check_forechannel_attrs(struct nfsd4_channel_attrs fchannel)
1748{
1749        return fchannel.maxreq_sz < NFSD_MIN_REQ_HDR_SEQ_SZ
1750                || fchannel.maxresp_sz < NFSD_MIN_RESP_HDR_SEQ_SZ;
1751}
1752
1753__be32
1754nfsd4_create_session(struct svc_rqst *rqstp,
1755                     struct nfsd4_compound_state *cstate,
1756                     struct nfsd4_create_session *cr_ses)
1757{
1758        struct sockaddr *sa = svc_addr(rqstp);
1759        struct nfs4_client *conf, *unconf;
1760        struct nfsd4_session *new;
1761        struct nfsd4_conn *conn;
1762        struct nfsd4_clid_slot *cs_slot = NULL;
1763        __be32 status = 0;
1764
1765        if (cr_ses->flags & ~SESSION4_FLAG_MASK_A)
1766                return nfserr_inval;
1767        if (check_forechannel_attrs(cr_ses->fore_channel))
1768                return nfserr_toosmall;
1769        new = alloc_session(&cr_ses->fore_channel);
1770        if (!new)
1771                return nfserr_jukebox;
1772        status = nfserr_jukebox;
1773        conn = alloc_conn_from_crses(rqstp, cr_ses);
1774        if (!conn)
1775                goto out_free_session;
1776
1777        nfs4_lock_state();
1778        unconf = find_unconfirmed_client(&cr_ses->clientid, true);
1779        conf = find_confirmed_client(&cr_ses->clientid, true);
1780
1781        if (conf) {
1782                cs_slot = &conf->cl_cs_slot;
1783                status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
1784                if (status == nfserr_replay_cache) {
1785                        status = nfsd4_replay_create_session(cr_ses, cs_slot);
1786                        goto out_free_conn;
1787                } else if (cr_ses->seqid != cs_slot->sl_seqid + 1) {
1788                        status = nfserr_seq_misordered;
1789                        goto out_free_conn;
1790                }
1791        } else if (unconf) {
1792                unsigned int hash;
1793                struct nfs4_client *old;
1794                if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) ||
1795                    !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) {
1796                        status = nfserr_clid_inuse;
1797                        goto out_free_conn;
1798                }
1799                cs_slot = &unconf->cl_cs_slot;
1800                status = check_slot_seqid(cr_ses->seqid, cs_slot->sl_seqid, 0);
1801                if (status) {
1802                        /* an unconfirmed replay returns misordered */
1803                        status = nfserr_seq_misordered;
1804                        goto out_free_conn;
1805                }
1806                hash = clientstr_hashval(unconf->cl_recdir);
1807                old = find_confirmed_client_by_str(unconf->cl_recdir, hash);
1808                if (old)
1809                        expire_client(old);
1810                move_to_confirmed(unconf);
1811                conf = unconf;
1812        } else {
1813                status = nfserr_stale_clientid;
1814                goto out_free_conn;
1815        }
1816        status = nfs_ok;
1817        /*
1818         * We do not support RDMA or persistent sessions
1819         */
1820        cr_ses->flags &= ~SESSION4_PERSIST;
1821        cr_ses->flags &= ~SESSION4_RDMA;
1822
1823        init_session(rqstp, new, conf, cr_ses);
1824        nfsd4_init_conn(rqstp, conn, new);
1825
1826        memcpy(cr_ses->sessionid.data, new->se_sessionid.data,
1827               NFS4_MAX_SESSIONID_LEN);
1828        memcpy(&cr_ses->fore_channel, &new->se_fchannel,
1829                sizeof(struct nfsd4_channel_attrs));
1830        cs_slot->sl_seqid++;
1831        cr_ses->seqid = cs_slot->sl_seqid;
1832
1833        /* cache solo and embedded create sessions under the state lock */
1834        nfsd4_cache_create_session(cr_ses, cs_slot, status);
1835out:
1836        nfs4_unlock_state();
1837        dprintk("%s returns %d\n", __func__, ntohl(status));
1838        return status;
1839out_free_conn:
1840        free_conn(conn);
1841out_free_session:
1842        __free_session(new);
1843        goto out;
1844}
1845
1846static bool nfsd4_last_compound_op(struct svc_rqst *rqstp)
1847{
1848        struct nfsd4_compoundres *resp = rqstp->rq_resp;
1849        struct nfsd4_compoundargs *argp = rqstp->rq_argp;
1850
1851        return argp->opcnt == resp->opcnt;
1852}
1853
1854static __be32 nfsd4_map_bcts_dir(u32 *dir)
1855{
1856        switch (*dir) {
1857        case NFS4_CDFC4_FORE:
1858        case NFS4_CDFC4_BACK:
1859                return nfs_ok;
1860        case NFS4_CDFC4_FORE_OR_BOTH:
1861        case NFS4_CDFC4_BACK_OR_BOTH:
1862                *dir = NFS4_CDFC4_BOTH;
1863                return nfs_ok;
1864        };
1865        return nfserr_inval;
1866}
1867
1868__be32 nfsd4_bind_conn_to_session(struct svc_rqst *rqstp,
1869                     struct nfsd4_compound_state *cstate,
1870                     struct nfsd4_bind_conn_to_session *bcts)
1871{
1872        __be32 status;
1873        struct nfsd4_conn *conn;
1874
1875        if (!nfsd4_last_compound_op(rqstp))
1876                return nfserr_not_only_op;
1877        spin_lock(&client_lock);
1878        cstate->session = find_in_sessionid_hashtbl(&bcts->sessionid);
1879        /* Sorta weird: we only need the refcnt'ing because new_conn acquires
1880         * client_lock iself: */
1881        if (cstate->session) {
1882                nfsd4_get_session(cstate->session);
1883                atomic_inc(&cstate->session->se_client->cl_refcount);
1884        }
1885        spin_unlock(&client_lock);
1886        if (!cstate->session)
1887                return nfserr_badsession;
1888
1889        status = nfsd4_map_bcts_dir(&bcts->dir);
1890        if (status)
1891                return status;
1892        conn = alloc_conn(rqstp, bcts->dir);
1893        if (!conn)
1894                return nfserr_jukebox;
1895        nfsd4_init_conn(rqstp, conn, cstate->session);
1896        return nfs_ok;
1897}
1898
1899static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
1900{
1901        if (!session)
1902                return 0;
1903        return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
1904}
1905
1906__be32
1907nfsd4_destroy_session(struct svc_rqst *r,
1908                      struct nfsd4_compound_state *cstate,
1909                      struct nfsd4_destroy_session *sessionid)
1910{
1911        struct nfsd4_session *ses;
1912        __be32 status = nfserr_badsession;
1913
1914        /* Notes:
1915         * - The confirmed nfs4_client->cl_sessionid holds destroyed sessinid
1916         * - Should we return nfserr_back_chan_busy if waiting for
1917         *   callbacks on to-be-destroyed session?
1918         * - Do we need to clear any callback info from previous session?
1919         */
1920
1921        if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
1922                if (!nfsd4_last_compound_op(r))
1923                        return nfserr_not_only_op;
1924        }
1925        dump_sessionid(__func__, &sessionid->sessionid);
1926        spin_lock(&client_lock);
1927        ses = find_in_sessionid_hashtbl(&sessionid->sessionid);
1928        if (!ses) {
1929                spin_unlock(&client_lock);
1930                goto out;
1931        }
1932
1933        unhash_session(ses);
1934        spin_unlock(&client_lock);
1935
1936        nfs4_lock_state();
1937        nfsd4_probe_callback_sync(ses->se_client);
1938        nfs4_unlock_state();
1939
1940        spin_lock(&client_lock);
1941        nfsd4_del_conns(ses);
1942        nfsd4_put_session_locked(ses);
1943        spin_unlock(&client_lock);
1944        status = nfs_ok;
1945out:
1946        dprintk("%s returns %d\n", __func__, ntohl(status));
1947        return status;
1948}
1949
1950static struct nfsd4_conn *__nfsd4_find_conn(struct svc_xprt *xpt, struct nfsd4_session *s)
1951{
1952        struct nfsd4_conn *c;
1953
1954        list_for_each_entry(c, &s->se_conns, cn_persession) {
1955                if (c->cn_xprt == xpt) {
1956                        return c;
1957                }
1958        }
1959        return NULL;
1960}
1961
1962static void nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_session *ses)
1963{
1964        struct nfs4_client *clp = ses->se_client;
1965        struct nfsd4_conn *c;
1966        int ret;
1967
1968        spin_lock(&clp->cl_lock);
1969        c = __nfsd4_find_conn(new->cn_xprt, ses);
1970        if (c) {
1971                spin_unlock(&clp->cl_lock);
1972                free_conn(new);
1973                return;
1974        }
1975        __nfsd4_hash_conn(new, ses);
1976        spin_unlock(&clp->cl_lock);
1977        ret = nfsd4_register_conn(new);
1978        if (ret)
1979                /* oops; xprt is already down: */
1980                nfsd4_conn_lost(&new->cn_xpt_user);
1981        return;
1982}
1983
1984static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session)
1985{
1986        struct nfsd4_compoundargs *args = rqstp->rq_argp;
1987
1988        return args->opcnt > session->se_fchannel.maxops;
1989}
1990
1991static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
1992                                  struct nfsd4_session *session)
1993{
1994        struct xdr_buf *xb = &rqstp->rq_arg;
1995
1996        return xb->len > session->se_fchannel.maxreq_sz;
1997}
1998
1999__be32
2000nfsd4_sequence(struct svc_rqst *rqstp,
2001               struct nfsd4_compound_state *cstate,
2002               struct nfsd4_sequence *seq)
2003{
2004        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2005        struct nfsd4_session *session;
2006        struct nfsd4_slot *slot;
2007        struct nfsd4_conn *conn;
2008        __be32 status;
2009
2010        if (resp->opcnt != 1)
2011                return nfserr_sequence_pos;
2012
2013        /*
2014         * Will be either used or freed by nfsd4_sequence_check_conn
2015         * below.
2016         */
2017        conn = alloc_conn(rqstp, NFS4_CDFC4_FORE);
2018        if (!conn)
2019                return nfserr_jukebox;
2020
2021        spin_lock(&client_lock);
2022        status = nfserr_badsession;
2023        session = find_in_sessionid_hashtbl(&seq->sessionid);
2024        if (!session)
2025                goto out;
2026
2027        status = nfserr_too_many_ops;
2028        if (nfsd4_session_too_many_ops(rqstp, session))
2029                goto out;
2030
2031        status = nfserr_req_too_big;
2032        if (nfsd4_request_too_big(rqstp, session))
2033                goto out;
2034
2035        status = nfserr_badslot;
2036        if (seq->slotid >= session->se_fchannel.maxreqs)
2037                goto out;
2038
2039        slot = session->se_slots[seq->slotid];
2040        dprintk("%s: slotid %d\n", __func__, seq->slotid);
2041
2042        /* We do not negotiate the number of slots yet, so set the
2043         * maxslots to the session maxreqs which is used to encode
2044         * sr_highest_slotid and the sr_target_slot id to maxslots */
2045        seq->maxslots = session->se_fchannel.maxreqs;
2046
2047        status = check_slot_seqid(seq->seqid, slot->sl_seqid,
2048                                        slot->sl_flags & NFSD4_SLOT_INUSE);
2049        if (status == nfserr_replay_cache) {
2050                status = nfserr_seq_misordered;
2051                if (!(slot->sl_flags & NFSD4_SLOT_INITIALIZED))
2052                        goto out;
2053                cstate->slot = slot;
2054                cstate->session = session;
2055                /* Return the cached reply status and set cstate->status
2056                 * for nfsd4_proc_compound processing */
2057                status = nfsd4_replay_cache_entry(resp, seq);
2058                cstate->status = nfserr_replay_cache;
2059                goto out;
2060        }
2061        if (status)
2062                goto out;
2063
2064        nfsd4_sequence_check_conn(conn, session);
2065        conn = NULL;
2066
2067        /* Success! bump slot seqid */
2068        slot->sl_seqid = seq->seqid;
2069        slot->sl_flags |= NFSD4_SLOT_INUSE;
2070        if (seq->cachethis)
2071                slot->sl_flags |= NFSD4_SLOT_CACHETHIS;
2072        else
2073                slot->sl_flags &= ~NFSD4_SLOT_CACHETHIS;
2074
2075        cstate->slot = slot;
2076        cstate->session = session;
2077
2078out:
2079        /* Hold a session reference until done processing the compound. */
2080        if (cstate->session) {
2081                struct nfs4_client *clp = session->se_client;
2082
2083                nfsd4_get_session(cstate->session);
2084                atomic_inc(&clp->cl_refcount);
2085                switch (clp->cl_cb_state) {
2086                case NFSD4_CB_DOWN:
2087                        seq->status_flags = SEQ4_STATUS_CB_PATH_DOWN;
2088                        break;
2089                case NFSD4_CB_FAULT:
2090                        seq->status_flags = SEQ4_STATUS_BACKCHANNEL_FAULT;
2091                        break;
2092                default:
2093                        seq->status_flags = 0;
2094                }
2095        }
2096        kfree(conn);
2097        spin_unlock(&client_lock);
2098        dprintk("%s: return %d\n", __func__, ntohl(status));
2099        return status;
2100}
2101
2102__be32
2103nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc)
2104{
2105        struct nfs4_client *conf, *unconf, *clp;
2106        __be32 status = 0;
2107
2108        nfs4_lock_state();
2109        unconf = find_unconfirmed_client(&dc->clientid, true);
2110        conf = find_confirmed_client(&dc->clientid, true);
2111
2112        if (conf) {
2113                clp = conf;
2114
2115                if (!is_client_expired(conf) && client_has_state(conf)) {
2116                        status = nfserr_clientid_busy;
2117                        goto out;
2118                }
2119
2120                /* rfc5661 18.50.3 */
2121                if (cstate->session && conf == cstate->session->se_client) {
2122                        status = nfserr_clientid_busy;
2123                        goto out;
2124                }
2125        } else if (unconf)
2126                clp = unconf;
2127        else {
2128                status = nfserr_stale_clientid;
2129                goto out;
2130        }
2131
2132        expire_client(clp);
2133out:
2134        nfs4_unlock_state();
2135        dprintk("%s return %d\n", __func__, ntohl(status));
2136        return status;
2137}
2138
2139__be32
2140nfsd4_reclaim_complete(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_reclaim_complete *rc)
2141{
2142        __be32 status = 0;
2143
2144        if (rc->rca_one_fs) {
2145                if (!cstate->current_fh.fh_dentry)
2146                        return nfserr_nofilehandle;
2147                /*
2148                 * We don't take advantage of the rca_one_fs case.
2149                 * That's OK, it's optional, we can safely ignore it.
2150                 */
2151                 return nfs_ok;
2152        }
2153
2154        nfs4_lock_state();
2155        status = nfserr_complete_already;
2156        if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE,
2157                             &cstate->session->se_client->cl_flags))
2158                goto out;
2159
2160        status = nfserr_stale_clientid;
2161        if (is_client_expired(cstate->session->se_client))
2162                /*
2163                 * The following error isn't really legal.
2164                 * But we only get here if the client just explicitly
2165                 * destroyed the client.  Surely it no longer cares what
2166                 * error it gets back on an operation for the dead
2167                 * client.
2168                 */
2169                goto out;
2170
2171        status = nfs_ok;
2172        nfsd4_client_record_create(cstate->session->se_client);
2173out:
2174        nfs4_unlock_state();
2175        return status;
2176}
2177
2178__be32
2179nfsd4_setclientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
2180                  struct nfsd4_setclientid *setclid)
2181{
2182        struct xdr_netobj       clname = setclid->se_name;
2183        nfs4_verifier           clverifier = setclid->se_verf;
2184        unsigned int            strhashval;
2185        struct nfs4_client      *conf, *unconf, *new;
2186        __be32                  status;
2187        char                    dname[HEXDIR_LEN];
2188        
2189        status = nfs4_make_rec_clidname(dname, &clname);
2190        if (status)
2191                return status;
2192
2193        strhashval = clientstr_hashval(dname);
2194
2195        /* Cases below refer to rfc 3530 section 14.2.33: */
2196        nfs4_lock_state();
2197        conf = find_confirmed_client_by_str(dname, strhashval);
2198        if (conf) {
2199                /* case 0: */
2200                status = nfserr_clid_inuse;
2201                if (clp_used_exchangeid(conf))
2202                        goto out;
2203                if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
2204                        char addr_str[INET6_ADDRSTRLEN];
2205                        rpc_ntop((struct sockaddr *) &conf->cl_addr, addr_str,
2206                                 sizeof(addr_str));
2207                        dprintk("NFSD: setclientid: string in use by client "
2208                                "at %s\n", addr_str);
2209                        goto out;
2210                }
2211        }
2212        unconf = find_unconfirmed_client_by_str(dname, strhashval);
2213        if (unconf)
2214                expire_client(unconf);
2215        status = nfserr_jukebox;
2216        new = create_client(clname, dname, rqstp, &clverifier);
2217        if (new == NULL)
2218                goto out;
2219        if (conf && same_verf(&conf->cl_verifier, &clverifier))
2220                /* case 1: probable callback update */
2221                copy_clid(new, conf);
2222        else /* case 4 (new client) or cases 2, 3 (client reboot): */
2223                gen_clid(new);
2224        new->cl_minorversion = 0;
2225        gen_callback(new, setclid, rqstp);
2226        add_to_unconfirmed(new, strhashval);
2227        setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot;
2228        setclid->se_clientid.cl_id = new->cl_clientid.cl_id;
2229        memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data));
2230        status = nfs_ok;
2231out:
2232        nfs4_unlock_state();
2233        return status;
2234}
2235
2236
2237__be32
2238nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
2239                         struct nfsd4_compound_state *cstate,
2240                         struct nfsd4_setclientid_confirm *setclientid_confirm)
2241{
2242        struct nfs4_client *conf, *unconf;
2243        nfs4_verifier confirm = setclientid_confirm->sc_confirm; 
2244        clientid_t * clid = &setclientid_confirm->sc_clientid;
2245        __be32 status;
2246        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
2247
2248        if (STALE_CLIENTID(clid, nn))
2249                return nfserr_stale_clientid;
2250        nfs4_lock_state();
2251
2252        conf = find_confirmed_client(clid, false);
2253        unconf = find_unconfirmed_client(clid, false);
2254        /*
2255         * We try hard to give out unique clientid's, so if we get an
2256         * attempt to confirm the same clientid with a different cred,
2257         * there's a bug somewhere.  Let's charitably assume it's our
2258         * bug.
2259         */
2260        status = nfserr_serverfault;
2261        if (unconf && !same_creds(&unconf->cl_cred, &rqstp->rq_cred))
2262                goto out;
2263        if (conf && !same_creds(&conf->cl_cred, &rqstp->rq_cred))
2264                goto out;
2265        /* cases below refer to rfc 3530 section 14.2.34: */
2266        if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
2267                if (conf && !unconf) /* case 2: probable retransmit */
2268                        status = nfs_ok;
2269                else /* case 4: client hasn't noticed we rebooted yet? */
2270                        status = nfserr_stale_clientid;
2271                goto out;
2272        }
2273        status = nfs_ok;
2274        if (conf) { /* case 1: callback update */
2275                nfsd4_change_callback(conf, &unconf->cl_cb_conn);
2276                nfsd4_probe_callback(conf);
2277                expire_client(unconf);
2278        } else { /* case 3: normal case; new or rebooted client */
2279                unsigned int hash = clientstr_hashval(unconf->cl_recdir);
2280
2281                conf = find_confirmed_client_by_str(unconf->cl_recdir, hash);
2282                if (conf)
2283                        expire_client(conf);
2284                move_to_confirmed(unconf);
2285                nfsd4_probe_callback(unconf);
2286        }
2287out:
2288        nfs4_unlock_state();
2289        return status;
2290}
2291
2292static struct nfs4_file *nfsd4_alloc_file(void)
2293{
2294        return kmem_cache_alloc(file_slab, GFP_KERNEL);
2295}
2296
2297/* OPEN Share state helper functions */
2298static void nfsd4_init_file(struct nfs4_file *fp, struct inode *ino)
2299{
2300        unsigned int hashval = file_hashval(ino);
2301
2302        atomic_set(&fp->fi_ref, 1);
2303        INIT_LIST_HEAD(&fp->fi_hash);
2304        INIT_LIST_HEAD(&fp->fi_stateids);
2305        INIT_LIST_HEAD(&fp->fi_delegations);
2306        fp->fi_inode = igrab(ino);
2307        fp->fi_had_conflict = false;
2308        fp->fi_lease = NULL;
2309        memset(fp->fi_fds, 0, sizeof(fp->fi_fds));
2310        memset(fp->fi_access, 0, sizeof(fp->fi_access));
2311        spin_lock(&recall_lock);
2312        list_add(&fp->fi_hash, &file_hashtbl[hashval]);
2313        spin_unlock(&recall_lock);
2314}
2315
2316static void
2317nfsd4_free_slab(struct kmem_cache **slab)
2318{
2319        if (*slab == NULL)
2320                return;
2321        kmem_cache_destroy(*slab);
2322        *slab = NULL;
2323}
2324
2325void
2326nfsd4_free_slabs(void)
2327{
2328        nfsd4_free_slab(&openowner_slab);
2329        nfsd4_free_slab(&lockowner_slab);
2330        nfsd4_free_slab(&file_slab);
2331        nfsd4_free_slab(&stateid_slab);
2332        nfsd4_free_slab(&deleg_slab);
2333}
2334
2335int
2336nfsd4_init_slabs(void)
2337{
2338        openowner_slab = kmem_cache_create("nfsd4_openowners",
2339                        sizeof(struct nfs4_openowner), 0, 0, NULL);
2340        if (openowner_slab == NULL)
2341                goto out_nomem;
2342        lockowner_slab = kmem_cache_create("nfsd4_lockowners",
2343                        sizeof(struct nfs4_lockowner), 0, 0, NULL);
2344        if (lockowner_slab == NULL)
2345                goto out_nomem;
2346        file_slab = kmem_cache_create("nfsd4_files",
2347                        sizeof(struct nfs4_file), 0, 0, NULL);
2348        if (file_slab == NULL)
2349                goto out_nomem;
2350        stateid_slab = kmem_cache_create("nfsd4_stateids",
2351                        sizeof(struct nfs4_ol_stateid), 0, 0, NULL);
2352        if (stateid_slab == NULL)
2353                goto out_nomem;
2354        deleg_slab = kmem_cache_create("nfsd4_delegations",
2355                        sizeof(struct nfs4_delegation), 0, 0, NULL);
2356        if (deleg_slab == NULL)
2357                goto out_nomem;
2358        return 0;
2359out_nomem:
2360        nfsd4_free_slabs();
2361        dprintk("nfsd4: out of memory while initializing nfsv4\n");
2362        return -ENOMEM;
2363}
2364
2365void nfs4_free_openowner(struct nfs4_openowner *oo)
2366{
2367        kfree(oo->oo_owner.so_owner.data);
2368        kmem_cache_free(openowner_slab, oo);
2369}
2370
2371void nfs4_free_lockowner(struct nfs4_lockowner *lo)
2372{
2373        kfree(lo->lo_owner.so_owner.data);
2374        kmem_cache_free(lockowner_slab, lo);
2375}
2376
2377static void init_nfs4_replay(struct nfs4_replay *rp)
2378{
2379        rp->rp_status = nfserr_serverfault;
2380        rp->rp_buflen = 0;
2381        rp->rp_buf = rp->rp_ibuf;
2382}
2383
2384static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp)
2385{
2386        struct nfs4_stateowner *sop;
2387
2388        sop = kmem_cache_alloc(slab, GFP_KERNEL);
2389        if (!sop)
2390                return NULL;
2391
2392        sop->so_owner.data = kmemdup(owner->data, owner->len, GFP_KERNEL);
2393        if (!sop->so_owner.data) {
2394                kmem_cache_free(slab, sop);
2395                return NULL;
2396        }
2397        sop->so_owner.len = owner->len;
2398
2399        INIT_LIST_HEAD(&sop->so_stateids);
2400        sop->so_client = clp;
2401        init_nfs4_replay(&sop->so_replay);
2402        return sop;
2403}
2404
2405static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval)
2406{
2407        list_add(&oo->oo_owner.so_strhash, &ownerstr_hashtbl[strhashval]);
2408        list_add(&oo->oo_perclient, &clp->cl_openowners);
2409}
2410
2411static struct nfs4_openowner *
2412alloc_init_open_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfsd4_open *open) {
2413        struct nfs4_openowner *oo;
2414
2415        oo = alloc_stateowner(openowner_slab, &open->op_owner, clp);
2416        if (!oo)
2417                return NULL;
2418        oo->oo_owner.so_is_open_owner = 1;
2419        oo->oo_owner.so_seqid = open->op_seqid;
2420        oo->oo_flags = NFS4_OO_NEW;
2421        oo->oo_time = 0;
2422        oo->oo_last_closed_stid = NULL;
2423        INIT_LIST_HEAD(&oo->oo_close_lru);
2424        hash_openowner(oo, clp, strhashval);
2425        return oo;
2426}
2427
2428static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) {
2429        struct nfs4_openowner *oo = open->op_openowner;
2430        struct nfs4_client *clp = oo->oo_owner.so_client;
2431
2432        init_stid(&stp->st_stid, clp, NFS4_OPEN_STID);
2433        INIT_LIST_HEAD(&stp->st_lockowners);
2434        list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids);
2435        list_add(&stp->st_perfile, &fp->fi_stateids);
2436        stp->st_stateowner = &oo->oo_owner;
2437        get_nfs4_file(fp);
2438        stp->st_file = fp;
2439        stp->st_access_bmap = 0;
2440        stp->st_deny_bmap = 0;
2441        set_access(open->op_share_access, stp);
2442        set_deny(open->op_share_deny, stp);
2443        stp->st_openstp = NULL;
2444}
2445
2446static void
2447move_to_close_lru(struct nfs4_openowner *oo)
2448{
2449        dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo);
2450
2451        list_move_tail(&oo->oo_close_lru, &close_lru);
2452        oo->oo_time = get_seconds();
2453}
2454
2455static int
2456same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner,
2457                                                        clientid_t *clid)
2458{
2459        return (sop->so_owner.len == owner->len) &&
2460                0 == memcmp(sop->so_owner.data, owner->data, owner->len) &&
2461                (sop->so_client->cl_clientid.cl_id == clid->cl_id);
2462}
2463
2464static struct nfs4_openowner *
2465find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, bool sessions)
2466{
2467        struct nfs4_stateowner *so;
2468        struct nfs4_openowner *oo;
2469        struct nfs4_client *clp;
2470
2471        list_for_each_entry(so, &ownerstr_hashtbl[hashval], so_strhash) {
2472                if (!so->so_is_open_owner)
2473                        continue;
2474                if (same_owner_str(so, &open->op_owner, &open->op_clientid)) {
2475                        oo = openowner(so);
2476                        clp = oo->oo_owner.so_client;
2477                        if ((bool)clp->cl_minorversion != sessions)
2478                                return NULL;
2479                        renew_client(oo->oo_owner.so_client);
2480                        return oo;
2481                }
2482        }
2483        return NULL;
2484}
2485
2486/* search file_hashtbl[] for file */
2487static struct nfs4_file *
2488find_file(struct inode *ino)
2489{
2490        unsigned int hashval = file_hashval(ino);
2491        struct nfs4_file *fp;
2492
2493        spin_lock(&recall_lock);
2494        list_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) {
2495                if (fp->fi_inode == ino) {
2496                        get_nfs4_file(fp);
2497                        spin_unlock(&recall_lock);
2498                        return fp;
2499                }
2500        }
2501        spin_unlock(&recall_lock);
2502        return NULL;
2503}
2504
2505/*
2506 * Called to check deny when READ with all zero stateid or
2507 * WRITE with all zero or all one stateid
2508 */
2509static __be32
2510nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type)
2511{
2512        struct inode *ino = current_fh->fh_dentry->d_inode;
2513        struct nfs4_file *fp;
2514        struct nfs4_ol_stateid *stp;
2515        __be32 ret;
2516
2517        dprintk("NFSD: nfs4_share_conflict\n");
2518
2519        fp = find_file(ino);
2520        if (!fp)
2521                return nfs_ok;
2522        ret = nfserr_locked;
2523        /* Search for conflicting share reservations */
2524        list_for_each_entry(stp, &fp->fi_stateids, st_perfile) {
2525                if (test_deny(deny_type, stp) ||
2526                    test_deny(NFS4_SHARE_DENY_BOTH, stp))
2527                        goto out;
2528        }
2529        ret = nfs_ok;
2530out:
2531        put_nfs4_file(fp);
2532        return ret;
2533}
2534
2535static void nfsd_break_one_deleg(struct nfs4_delegation *dp)
2536{
2537        /* We're assuming the state code never drops its reference
2538         * without first removing the lease.  Since we're in this lease
2539         * callback (and since the lease code is serialized by the kernel
2540         * lock) we know the server hasn't removed the lease yet, we know
2541         * it's safe to take a reference: */
2542        atomic_inc(&dp->dl_count);
2543
2544        list_add_tail(&dp->dl_recall_lru, &del_recall_lru);
2545
2546        /* only place dl_time is set. protected by lock_flocks*/
2547        dp->dl_time = get_seconds();
2548
2549        nfsd4_cb_recall(dp);
2550}
2551
2552/* Called from break_lease() with lock_flocks() held. */
2553static void nfsd_break_deleg_cb(struct file_lock *fl)
2554{
2555        struct nfs4_file *fp = (struct nfs4_file *)fl->fl_owner;
2556        struct nfs4_delegation *dp;
2557
2558        BUG_ON(!fp);
2559        /* We assume break_lease is only called once per lease: */
2560        BUG_ON(fp->fi_had_conflict);
2561        /*
2562         * We don't want the locks code to timeout the lease for us;
2563         * we'll remove it ourself if a delegation isn't returned
2564         * in time:
2565         */
2566        fl->fl_break_time = 0;
2567
2568        spin_lock(&recall_lock);
2569        fp->fi_had_conflict = true;
2570        list_for_each_entry(dp, &fp->fi_delegations, dl_perfile)
2571                nfsd_break_one_deleg(dp);
2572        spin_unlock(&recall_lock);
2573}
2574
2575static
2576int nfsd_change_deleg_cb(struct file_lock **onlist, int arg)
2577{
2578        if (arg & F_UNLCK)
2579                return lease_modify(onlist, arg);
2580        else
2581                return -EAGAIN;
2582}
2583
2584static const struct lock_manager_operations nfsd_lease_mng_ops = {
2585        .lm_break = nfsd_break_deleg_cb,
2586        .lm_change = nfsd_change_deleg_cb,
2587};
2588
2589static __be32 nfsd4_check_seqid(struct nfsd4_compound_state *cstate, struct nfs4_stateowner *so, u32 seqid)
2590{
2591        if (nfsd4_has_session(cstate))
2592                return nfs_ok;
2593        if (seqid == so->so_seqid - 1)
2594                return nfserr_replay_me;
2595        if (seqid == so->so_seqid)
2596                return nfs_ok;
2597        return nfserr_bad_seqid;
2598}
2599
2600__be32
2601nfsd4_process_open1(struct nfsd4_compound_state *cstate,
2602                    struct nfsd4_open *open)
2603{
2604        clientid_t *clientid = &open->op_clientid;
2605        struct nfs4_client *clp = NULL;
2606        unsigned int strhashval;
2607        struct nfs4_openowner *oo = NULL;
2608        __be32 status;
2609        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
2610
2611        if (STALE_CLIENTID(&open->op_clientid, nn))
2612                return nfserr_stale_clientid;
2613        /*
2614         * In case we need it later, after we've already created the
2615         * file and don't want to risk a further failure:
2616         */
2617        open->op_file = nfsd4_alloc_file();
2618        if (open->op_file == NULL)
2619                return nfserr_jukebox;
2620
2621        strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner);
2622        oo = find_openstateowner_str(strhashval, open, cstate->minorversion);
2623        open->op_openowner = oo;
2624        if (!oo) {
2625                clp = find_confirmed_client(clientid, cstate->minorversion);
2626                if (clp == NULL)
2627                        return nfserr_expired;
2628                goto new_owner;
2629        }
2630        if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) {
2631                /* Replace unconfirmed owners without checking for replay. */
2632                clp = oo->oo_owner.so_client;
2633                release_openowner(oo);
2634                open->op_openowner = NULL;
2635                goto new_owner;
2636        }
2637        status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid);
2638        if (status)
2639                return status;
2640        clp = oo->oo_owner.so_client;
2641        goto alloc_stateid;
2642new_owner:
2643        oo = alloc_init_open_stateowner(strhashval, clp, open);
2644        if (oo == NULL)
2645                return nfserr_jukebox;
2646        open->op_openowner = oo;
2647alloc_stateid:
2648        open->op_stp = nfs4_alloc_stateid(clp);
2649        if (!open->op_stp)
2650                return nfserr_jukebox;
2651        return nfs_ok;
2652}
2653
2654static inline __be32
2655nfs4_check_delegmode(struct nfs4_delegation *dp, int flags)
2656{
2657        if ((flags & WR_STATE) && (dp->dl_type == NFS4_OPEN_DELEGATE_READ))
2658                return nfserr_openmode;
2659        else
2660                return nfs_ok;
2661}
2662
2663static int share_access_to_flags(u32 share_access)
2664{
2665        return share_access == NFS4_SHARE_ACCESS_READ ? RD_STATE : WR_STATE;
2666}
2667
2668static struct nfs4_delegation *find_deleg_stateid(struct nfs4_client *cl, stateid_t *s)
2669{
2670        struct nfs4_stid *ret;
2671
2672        ret = find_stateid_by_type(cl, s, NFS4_DELEG_STID);
2673        if (!ret)
2674                return NULL;
2675        return delegstateid(ret);
2676}
2677
2678static bool nfsd4_is_deleg_cur(struct nfsd4_open *open)
2679{
2680        return open->op_claim_type == NFS4_OPEN_CLAIM_DELEGATE_CUR ||
2681               open->op_claim_type == NFS4_OPEN_CLAIM_DELEG_CUR_FH;
2682}
2683
2684static __be32
2685nfs4_check_deleg(struct nfs4_client *cl, struct nfs4_file *fp, struct nfsd4_open *open,
2686                struct nfs4_delegation **dp)
2687{
2688        int flags;
2689        __be32 status = nfserr_bad_stateid;
2690
2691        *dp = find_deleg_stateid(cl, &open->op_delegate_stateid);
2692        if (*dp == NULL)
2693                goto out;
2694        flags = share_access_to_flags(open->op_share_access);
2695        status = nfs4_check_delegmode(*dp, flags);
2696        if (status)
2697                *dp = NULL;
2698out:
2699        if (!nfsd4_is_deleg_cur(open))
2700                return nfs_ok;
2701        if (status)
2702                return status;
2703        open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
2704        return nfs_ok;
2705}
2706
2707static __be32
2708nfs4_check_open(struct nfs4_file *fp, struct nfsd4_open *open, struct nfs4_ol_stateid **stpp)
2709{
2710        struct nfs4_ol_stateid *local;
2711        struct nfs4_openowner *oo = open->op_openowner;
2712
2713        list_for_each_entry(local, &fp->fi_stateids, st_perfile) {
2714                /* ignore lock owners */
2715                if (local->st_stateowner->so_is_open_owner == 0)
2716                        continue;
2717                /* remember if we have seen this open owner */
2718                if (local->st_stateowner == &oo->oo_owner)
2719                        *stpp = local;
2720                /* check for conflicting share reservations */
2721                if (!test_share(local, open))
2722                        return nfserr_share_denied;
2723        }
2724        return nfs_ok;
2725}
2726
2727static inline int nfs4_access_to_access(u32 nfs4_access)
2728{
2729        int flags = 0;
2730
2731        if (nfs4_access & NFS4_SHARE_ACCESS_READ)
2732                flags |= NFSD_MAY_READ;
2733        if (nfs4_access & NFS4_SHARE_ACCESS_WRITE)
2734                flags |= NFSD_MAY_WRITE;
2735        return flags;
2736}
2737
2738static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp,
2739                struct svc_fh *cur_fh, struct nfsd4_open *open)
2740{
2741        __be32 status;
2742        int oflag = nfs4_access_to_omode(open->op_share_access);
2743        int access = nfs4_access_to_access(open->op_share_access);
2744
2745        if (!fp->fi_fds[oflag]) {
2746                status = nfsd_open(rqstp, cur_fh, S_IFREG, access,
2747                        &fp->fi_fds[oflag]);
2748                if (status)
2749                        return status;
2750        }
2751        nfs4_file_get_access(fp, oflag);
2752
2753        return nfs_ok;
2754}
2755
2756static inline __be32
2757nfsd4_truncate(struct svc_rqst *rqstp, struct svc_fh *fh,
2758                struct nfsd4_open *open)
2759{
2760        struct iattr iattr = {
2761                .ia_valid = ATTR_SIZE,
2762                .ia_size = 0,
2763        };
2764        if (!open->op_truncate)
2765                return 0;
2766        if (!(open->op_share_access & NFS4_SHARE_ACCESS_WRITE))
2767                return nfserr_inval;
2768        return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0);
2769}
2770
2771static __be32
2772nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open)
2773{
2774        u32 op_share_access = open->op_share_access;
2775        bool new_access;
2776        __be32 status;
2777
2778        new_access = !test_access(op_share_access, stp);
2779        if (new_access) {
2780                status = nfs4_get_vfs_file(rqstp, fp, cur_fh, open);
2781                if (status)
2782                        return status;
2783        }
2784        status = nfsd4_truncate(rqstp, cur_fh, open);
2785        if (status) {
2786                if (new_access) {
2787                        int oflag = nfs4_access_to_omode(op_share_access);
2788                        nfs4_file_put_access(fp, oflag);
2789                }
2790                return status;
2791        }
2792        /* remember the open */
2793        set_access(op_share_access, stp);
2794        set_deny(open->op_share_deny, stp);
2795
2796        return nfs_ok;
2797}
2798
2799
2800static void
2801nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session)
2802{
2803        open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
2804}
2805
2806/* Should we give out recallable state?: */
2807static bool nfsd4_cb_channel_good(struct nfs4_client *clp)
2808{
2809        if (clp->cl_cb_state == NFSD4_CB_UP)
2810                return true;
2811        /*
2812         * In the sessions case, since we don't have to establish a
2813         * separate connection for callbacks, we assume it's OK
2814         * until we hear otherwise:
2815         */
2816        return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN;
2817}
2818
2819static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, int flag)
2820{
2821        struct file_lock *fl;
2822
2823        fl = locks_alloc_lock();
2824        if (!fl)
2825                return NULL;
2826        locks_init_lock(fl);
2827        fl->fl_lmops = &nfsd_lease_mng_ops;
2828        fl->fl_flags = FL_LEASE;
2829        fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK;
2830        fl->fl_end = OFFSET_MAX;
2831        fl->fl_owner = (fl_owner_t)(dp->dl_file);
2832        fl->fl_pid = current->tgid;
2833        return fl;
2834}
2835
2836static int nfs4_setlease(struct nfs4_delegation *dp, int flag)
2837{
2838        struct nfs4_file *fp = dp->dl_file;
2839        struct file_lock *fl;
2840        int status;
2841
2842        fl = nfs4_alloc_init_lease(dp, flag);
2843        if (!fl)
2844                return -ENOMEM;
2845        fl->fl_file = find_readable_file(fp);
2846        list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
2847        status = vfs_setlease(fl->fl_file, fl->fl_type, &fl);
2848        if (status) {
2849                list_del_init(&dp->dl_perclnt);
2850                locks_free_lock(fl);
2851                return -ENOMEM;
2852        }
2853        fp->fi_lease = fl;
2854        fp->fi_deleg_file = get_file(fl->fl_file);
2855        atomic_set(&fp->fi_delegees, 1);
2856        list_add(&dp->dl_perfile, &fp->fi_delegations);
2857        return 0;
2858}
2859
2860static int nfs4_set_delegation(struct nfs4_delegation *dp, int flag)
2861{
2862        struct nfs4_file *fp = dp->dl_file;
2863
2864        if (!fp->fi_lease)
2865                return nfs4_setlease(dp, flag);
2866        spin_lock(&recall_lock);
2867        if (fp->fi_had_conflict) {
2868                spin_unlock(&recall_lock);
2869                return -EAGAIN;
2870        }
2871        atomic_inc(&fp->fi_delegees);
2872        list_add(&dp->dl_perfile, &fp->fi_delegations);
2873        spin_unlock(&recall_lock);
2874        list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations);
2875        return 0;
2876}
2877
2878static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status)
2879{
2880        open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
2881        if (status == -EAGAIN)
2882                open->op_why_no_deleg = WND4_CONTENTION;
2883        else {
2884                open->op_why_no_deleg = WND4_RESOURCE;
2885                switch (open->op_deleg_want) {
2886                case NFS4_SHARE_WANT_READ_DELEG:
2887                case NFS4_SHARE_WANT_WRITE_DELEG:
2888                case NFS4_SHARE_WANT_ANY_DELEG:
2889                        break;
2890                case NFS4_SHARE_WANT_CANCEL:
2891                        open->op_why_no_deleg = WND4_CANCELLED;
2892                        break;
2893                case NFS4_SHARE_WANT_NO_DELEG:
2894                        BUG();  /* not supposed to get here */
2895                }
2896        }
2897}
2898
2899/*
2900 * Attempt to hand out a delegation.
2901 */
2902static void
2903nfs4_open_delegation(struct net *net, struct svc_fh *fh,
2904                     struct nfsd4_open *open, struct nfs4_ol_stateid *stp)
2905{
2906        struct nfs4_delegation *dp;
2907        struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner);
2908        int cb_up;
2909        int status = 0, flag = 0;
2910
2911        cb_up = nfsd4_cb_channel_good(oo->oo_owner.so_client);
2912        flag = NFS4_OPEN_DELEGATE_NONE;
2913        open->op_recall = 0;
2914        switch (open->op_claim_type) {
2915                case NFS4_OPEN_CLAIM_PREVIOUS:
2916                        if (!cb_up)
2917                                open->op_recall = 1;
2918                        flag = open->op_delegate_type;
2919                        if (flag == NFS4_OPEN_DELEGATE_NONE)
2920                                goto out;
2921                        break;
2922                case NFS4_OPEN_CLAIM_NULL:
2923                        /* Let's not give out any delegations till everyone's
2924                         * had the chance to reclaim theirs.... */
2925                        if (locks_in_grace(net))
2926                                goto out;
2927                        if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED))
2928                                goto out;
2929                        if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
2930                                flag = NFS4_OPEN_DELEGATE_WRITE;
2931                        else
2932                                flag = NFS4_OPEN_DELEGATE_READ;
2933                        break;
2934                default:
2935                        goto out;
2936        }
2937
2938        dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh, flag);
2939        if (dp == NULL)
2940                goto out_no_deleg;
2941        status = nfs4_set_delegation(dp, flag);
2942        if (status)
2943                goto out_free;
2944
2945        memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid));
2946
2947        dprintk("NFSD: delegation stateid=" STATEID_FMT "\n",
2948                STATEID_VAL(&dp->dl_stid.sc_stateid));
2949out:
2950        open->op_delegate_type = flag;
2951        if (flag == NFS4_OPEN_DELEGATE_NONE) {
2952                if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS &&
2953                    open->op_delegate_type != NFS4_OPEN_DELEGATE_NONE)
2954                        dprintk("NFSD: WARNING: refusing delegation reclaim\n");
2955
2956                /* 4.1 client asking for a delegation? */
2957                if (open->op_deleg_want)
2958                        nfsd4_open_deleg_none_ext(open, status);
2959        }
2960        return;
2961out_free:
2962        nfs4_put_delegation(dp);
2963out_no_deleg:
2964        flag = NFS4_OPEN_DELEGATE_NONE;
2965        goto out;
2966}
2967
2968static void nfsd4_deleg_xgrade_none_ext(struct nfsd4_open *open,
2969                                        struct nfs4_delegation *dp)
2970{
2971        if (open->op_deleg_want == NFS4_SHARE_WANT_READ_DELEG &&
2972            dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
2973                open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
2974                open->op_why_no_deleg = WND4_NOT_SUPP_DOWNGRADE;
2975        } else if (open->op_deleg_want == NFS4_SHARE_WANT_WRITE_DELEG &&
2976                   dp->dl_type == NFS4_OPEN_DELEGATE_WRITE) {
2977                open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
2978                open->op_why_no_deleg = WND4_NOT_SUPP_UPGRADE;
2979        }
2980        /* Otherwise the client must be confused wanting a delegation
2981         * it already has, therefore we don't return
2982         * NFS4_OPEN_DELEGATE_NONE_EXT and reason.
2983         */
2984}
2985
2986/*
2987 * called with nfs4_lock_state() held.
2988 */
2989__be32
2990nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open)
2991{
2992        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2993        struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
2994        struct nfs4_file *fp = NULL;
2995        struct inode *ino = current_fh->fh_dentry->d_inode;
2996        struct nfs4_ol_stateid *stp = NULL;
2997        struct nfs4_delegation *dp = NULL;
2998        __be32 status;
2999
3000        /*
3001         * Lookup file; if found, lookup stateid and check open request,
3002         * and check for delegations in the process of being recalled.
3003         * If not found, create the nfs4_file struct
3004         */
3005        fp = find_file(ino);
3006        if (fp) {
3007                if ((status = nfs4_check_open(fp, open, &stp)))
3008                        goto out;
3009                status = nfs4_check_deleg(cl, fp, open, &dp);
3010                if (status)
3011                        goto out;
3012        } else {
3013                status = nfserr_bad_stateid;
3014                if (nfsd4_is_deleg_cur(open))
3015                        goto out;
3016                status = nfserr_jukebox;
3017                fp = open->op_file;
3018                open->op_file = NULL;
3019                nfsd4_init_file(fp, ino);
3020        }
3021
3022        /*
3023         * OPEN the file, or upgrade an existing OPEN.
3024         * If truncate fails, the OPEN fails.
3025         */
3026        if (stp) {
3027                /* Stateid was found, this is an OPEN upgrade */
3028                status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
3029                if (status)
3030                        goto out;
3031        } else {
3032                status = nfs4_get_vfs_file(rqstp, fp, current_fh, open);
3033                if (status)
3034                        goto out;
3035                status = nfsd4_truncate(rqstp, current_fh, open);
3036                if (status)
3037                        goto out;
3038                stp = open->op_stp;
3039                open->op_stp = NULL;
3040                init_open_stateid(stp, fp, open);
3041        }
3042        update_stateid(&stp->st_stid.sc_stateid);
3043        memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3044
3045        if (nfsd4_has_session(&resp->cstate)) {
3046                open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED;
3047
3048                if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) {
3049                        open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT;
3050                        open->op_why_no_deleg = WND4_NOT_WANTED;
3051                        goto nodeleg;
3052                }
3053        }
3054
3055        /*
3056        * Attempt to hand out a delegation. No error return, because the
3057        * OPEN succeeds even if we fail.
3058        */
3059        nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp);
3060nodeleg:
3061        status = nfs_ok;
3062
3063        dprintk("%s: stateid=" STATEID_FMT "\n", __func__,
3064                STATEID_VAL(&stp->st_stid.sc_stateid));
3065out:
3066        /* 4.1 client trying to upgrade/downgrade delegation? */
3067        if (open->op_delegate_type == NFS4_OPEN_DELEGATE_NONE && dp &&
3068            open->op_deleg_want)
3069                nfsd4_deleg_xgrade_none_ext(open, dp);
3070
3071        if (fp)
3072                put_nfs4_file(fp);
3073        if (status == 0 && open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS)
3074                nfs4_set_claim_prev(open, nfsd4_has_session(&resp->cstate));
3075        /*
3076        * To finish the open response, we just need to set the rflags.
3077        */
3078        open->op_rflags = NFS4_OPEN_RESULT_LOCKTYPE_POSIX;
3079        if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) &&
3080            !nfsd4_has_session(&resp->cstate))
3081                open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM;
3082
3083        return status;
3084}
3085
3086void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status)
3087{
3088        if (open->op_openowner) {
3089                struct nfs4_openowner *oo = open->op_openowner;
3090
3091                if (!list_empty(&oo->oo_owner.so_stateids))
3092                        list_del_init(&oo->oo_close_lru);
3093                if (oo->oo_flags & NFS4_OO_NEW) {
3094                        if (status) {
3095                                release_openowner(oo);
3096                                open->op_openowner = NULL;
3097                        } else
3098                                oo->oo_flags &= ~NFS4_OO_NEW;
3099                }
3100        }
3101        if (open->op_file)
3102                nfsd4_free_file(open->op_file);
3103        if (open->op_stp)
3104                free_generic_stateid(open->op_stp);
3105}
3106
3107__be32
3108nfsd4_renew(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3109            clientid_t *clid)
3110{
3111        struct nfs4_client *clp;
3112        __be32 status;
3113        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
3114
3115        nfs4_lock_state();
3116        dprintk("process_renew(%08x/%08x): starting\n", 
3117                        clid->cl_boot, clid->cl_id);
3118        status = nfserr_stale_clientid;
3119        if (STALE_CLIENTID(clid, nn))
3120                goto out;
3121        clp = find_confirmed_client(clid, cstate->minorversion);
3122        status = nfserr_expired;
3123        if (clp == NULL) {
3124                /* We assume the client took too long to RENEW. */
3125                dprintk("nfsd4_renew: clientid not found!\n");
3126                goto out;
3127        }
3128        status = nfserr_cb_path_down;
3129        if (!list_empty(&clp->cl_delegations)
3130                        && clp->cl_cb_state != NFSD4_CB_UP)
3131                goto out;
3132        status = nfs_ok;
3133out:
3134        nfs4_unlock_state();
3135        return status;
3136}
3137
3138static void
3139nfsd4_end_grace(struct net *net)
3140{
3141        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
3142
3143        /* do nothing if grace period already ended */
3144        if (nn->grace_ended)
3145                return;
3146
3147        dprintk("NFSD: end of grace period\n");
3148        nn->grace_ended = true;
3149        nfsd4_record_grace_done(net, nn->boot_time);
3150        locks_end_grace(&nn->nfsd4_manager);
3151        /*
3152         * Now that every NFSv4 client has had the chance to recover and
3153         * to see the (possibly new, possibly shorter) lease time, we
3154         * can safely set the next grace time to the current lease time:
3155         */
3156        nfsd4_grace = nfsd4_lease;
3157}
3158
3159static time_t
3160nfs4_laundromat(void)
3161{
3162        struct nfs4_client *clp;
3163        struct nfs4_openowner *oo;
3164        struct nfs4_delegation *dp;
3165        struct list_head *pos, *next, reaplist;
3166        time_t cutoff = get_seconds() - nfsd4_lease;
3167        time_t t, clientid_val = nfsd4_lease;
3168        time_t u, test_val = nfsd4_lease;
3169
3170        nfs4_lock_state();
3171
3172        dprintk("NFSD: laundromat service - starting\n");
3173        nfsd4_end_grace(&init_net);
3174        INIT_LIST_HEAD(&reaplist);
3175        spin_lock(&client_lock);
3176        list_for_each_safe(pos, next, &client_lru) {
3177                clp = list_entry(pos, struct nfs4_client, cl_lru);
3178                if (time_after((unsigned long)clp->cl_time, (unsigned long)cutoff)) {
3179                        t = clp->cl_time - cutoff;
3180                        if (clientid_val > t)
3181                                clientid_val = t;
3182                        break;
3183                }
3184                if (atomic_read(&clp->cl_refcount)) {
3185                        dprintk("NFSD: client in use (clientid %08x)\n",
3186                                clp->cl_clientid.cl_id);
3187                        continue;
3188                }
3189                unhash_client_locked(clp);
3190                list_add(&clp->cl_lru, &reaplist);
3191        }
3192        spin_unlock(&client_lock);
3193        list_for_each_safe(pos, next, &reaplist) {
3194                clp = list_entry(pos, struct nfs4_client, cl_lru);
3195                dprintk("NFSD: purging unused client (clientid %08x)\n",
3196                        clp->cl_clientid.cl_id);
3197                expire_client(clp);
3198        }
3199        spin_lock(&recall_lock);
3200        list_for_each_safe(pos, next, &del_recall_lru) {
3201                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3202                if (time_after((unsigned long)dp->dl_time, (unsigned long)cutoff)) {
3203                        u = dp->dl_time - cutoff;
3204                        if (test_val > u)
3205                                test_val = u;
3206                        break;
3207                }
3208                list_move(&dp->dl_recall_lru, &reaplist);
3209        }
3210        spin_unlock(&recall_lock);
3211        list_for_each_safe(pos, next, &reaplist) {
3212                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
3213                unhash_delegation(dp);
3214        }
3215        test_val = nfsd4_lease;
3216        list_for_each_safe(pos, next, &close_lru) {
3217                oo = container_of(pos, struct nfs4_openowner, oo_close_lru);
3218                if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) {
3219                        u = oo->oo_time - cutoff;
3220                        if (test_val > u)
3221                                test_val = u;
3222                        break;
3223                }
3224                release_openowner(oo);
3225        }
3226        if (clientid_val < NFSD_LAUNDROMAT_MINTIMEOUT)
3227                clientid_val = NFSD_LAUNDROMAT_MINTIMEOUT;
3228        nfs4_unlock_state();
3229        return clientid_val;
3230}
3231
3232static struct workqueue_struct *laundry_wq;
3233static void laundromat_main(struct work_struct *);
3234static DECLARE_DELAYED_WORK(laundromat_work, laundromat_main);
3235
3236static void
3237laundromat_main(struct work_struct *not_used)
3238{
3239        time_t t;
3240
3241        t = nfs4_laundromat();
3242        dprintk("NFSD: laundromat_main - sleeping for %ld seconds\n", t);
3243        queue_delayed_work(laundry_wq, &laundromat_work, t*HZ);
3244}
3245
3246static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp)
3247{
3248        if (fhp->fh_dentry->d_inode != stp->st_file->fi_inode)
3249                return nfserr_bad_stateid;
3250        return nfs_ok;
3251}
3252
3253static int
3254STALE_STATEID(stateid_t *stateid, struct nfsd_net *nn)
3255{
3256        if (stateid->si_opaque.so_clid.cl_boot == nn->boot_time)
3257                return 0;
3258        dprintk("NFSD: stale stateid " STATEID_FMT "!\n",
3259                STATEID_VAL(stateid));
3260        return 1;
3261}
3262
3263static inline int
3264access_permit_read(struct nfs4_ol_stateid *stp)
3265{
3266        return test_access(NFS4_SHARE_ACCESS_READ, stp) ||
3267                test_access(NFS4_SHARE_ACCESS_BOTH, stp) ||
3268                test_access(NFS4_SHARE_ACCESS_WRITE, stp);
3269}
3270
3271static inline int
3272access_permit_write(struct nfs4_ol_stateid *stp)
3273{
3274        return test_access(NFS4_SHARE_ACCESS_WRITE, stp) ||
3275                test_access(NFS4_SHARE_ACCESS_BOTH, stp);
3276}
3277
3278static
3279__be32 nfs4_check_openmode(struct nfs4_ol_stateid *stp, int flags)
3280{
3281        __be32 status = nfserr_openmode;
3282
3283        /* For lock stateid's, we test the parent open, not the lock: */
3284        if (stp->st_openstp)
3285                stp = stp->st_openstp;
3286        if ((flags & WR_STATE) && !access_permit_write(stp))
3287                goto out;
3288        if ((flags & RD_STATE) && !access_permit_read(stp))
3289                goto out;
3290        status = nfs_ok;
3291out:
3292        return status;
3293}
3294
3295static inline __be32
3296check_special_stateids(struct net *net, svc_fh *current_fh, stateid_t *stateid, int flags)
3297{
3298        if (ONE_STATEID(stateid) && (flags & RD_STATE))
3299                return nfs_ok;
3300        else if (locks_in_grace(net)) {
3301                /* Answer in remaining cases depends on existence of
3302                 * conflicting state; so we must wait out the grace period. */
3303                return nfserr_grace;
3304        } else if (flags & WR_STATE)
3305                return nfs4_share_conflict(current_fh,
3306                                NFS4_SHARE_DENY_WRITE);
3307        else /* (flags & RD_STATE) && ZERO_STATEID(stateid) */
3308                return nfs4_share_conflict(current_fh,
3309                                NFS4_SHARE_DENY_READ);
3310}
3311
3312/*
3313 * Allow READ/WRITE during grace period on recovered state only for files
3314 * that are not able to provide mandatory locking.
3315 */
3316static inline int
3317grace_disallows_io(struct net *net, struct inode *inode)
3318{
3319        return locks_in_grace(net) && mandatory_lock(inode);
3320}
3321
3322/* Returns true iff a is later than b: */
3323static bool stateid_generation_after(stateid_t *a, stateid_t *b)
3324{
3325        return (s32)a->si_generation - (s32)b->si_generation > 0;
3326}
3327
3328static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)
3329{
3330        /*
3331         * When sessions are used the stateid generation number is ignored
3332         * when it is zero.
3333         */
3334        if (has_session && in->si_generation == 0)
3335                return nfs_ok;
3336
3337        if (in->si_generation == ref->si_generation)
3338                return nfs_ok;
3339
3340        /* If the client sends us a stateid from the future, it's buggy: */
3341        if (stateid_generation_after(in, ref))
3342                return nfserr_bad_stateid;
3343        /*
3344         * However, we could see a stateid from the past, even from a
3345         * non-buggy client.  For example, if the client sends a lock
3346         * while some IO is outstanding, the lock may bump si_generation
3347         * while the IO is still in flight.  The client could avoid that
3348         * situation by waiting for responses on all the IO requests,
3349         * but better performance may result in retrying IO that
3350         * receives an old_stateid error if requests are rarely
3351         * reordered in flight:
3352         */
3353        return nfserr_old_stateid;
3354}
3355
3356static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid)
3357{
3358        struct nfs4_stid *s;
3359        struct nfs4_ol_stateid *ols;
3360        __be32 status;
3361
3362        if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
3363                return nfserr_bad_stateid;
3364        /* Client debugging aid. */
3365        if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) {
3366                char addr_str[INET6_ADDRSTRLEN];
3367                rpc_ntop((struct sockaddr *)&cl->cl_addr, addr_str,
3368                                 sizeof(addr_str));
3369                pr_warn_ratelimited("NFSD: client %s testing state ID "
3370                                        "with incorrect client ID\n", addr_str);
3371                return nfserr_bad_stateid;
3372        }
3373        s = find_stateid(cl, stateid);
3374        if (!s)
3375                return nfserr_bad_stateid;
3376        status = check_stateid_generation(stateid, &s->sc_stateid, 1);
3377        if (status)
3378                return status;
3379        if (!(s->sc_type & (NFS4_OPEN_STID | NFS4_LOCK_STID)))
3380                return nfs_ok;
3381        ols = openlockstateid(s);
3382        if (ols->st_stateowner->so_is_open_owner
3383            && !(openowner(ols->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
3384                return nfserr_bad_stateid;
3385        return nfs_ok;
3386}
3387
3388static __be32 nfsd4_lookup_stateid(stateid_t *stateid, unsigned char typemask, struct nfs4_stid **s, bool sessions)
3389{
3390        struct nfs4_client *cl;
3391        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
3392
3393        if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
3394                return nfserr_bad_stateid;
3395        if (STALE_STATEID(stateid, nn))
3396                return nfserr_stale_stateid;
3397        cl = find_confirmed_client(&stateid->si_opaque.so_clid, sessions);
3398        if (!cl)
3399                return nfserr_expired;
3400        *s = find_stateid_by_type(cl, stateid, typemask);
3401        if (!*s)
3402                return nfserr_bad_stateid;
3403        return nfs_ok;
3404
3405}
3406
3407/*
3408* Checks for stateid operations
3409*/
3410__be32
3411nfs4_preprocess_stateid_op(struct net *net, struct nfsd4_compound_state *cstate,
3412                           stateid_t *stateid, int flags, struct file **filpp)
3413{
3414        struct nfs4_stid *s;
3415        struct nfs4_ol_stateid *stp = NULL;
3416        struct nfs4_delegation *dp = NULL;
3417        struct svc_fh *current_fh = &cstate->current_fh;
3418        struct inode *ino = current_fh->fh_dentry->d_inode;
3419        __be32 status;
3420
3421        if (filpp)
3422                *filpp = NULL;
3423
3424        if (grace_disallows_io(net, ino))
3425                return nfserr_grace;
3426
3427        if (ZERO_STATEID(stateid) || ONE_STATEID(stateid))
3428                return check_special_stateids(net, current_fh, stateid, flags);
3429
3430        status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, &s, cstate->minorversion);
3431        if (status)
3432                return status;
3433        status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate));
3434        if (status)
3435                goto out;
3436        switch (s->sc_type) {
3437        case NFS4_DELEG_STID:
3438                dp = delegstateid(s);
3439                status = nfs4_check_delegmode(dp, flags);
3440                if (status)
3441                        goto out;
3442                if (filpp) {
3443                        *filpp = dp->dl_file->fi_deleg_file;
3444                        BUG_ON(!*filpp);
3445                }
3446                break;
3447        case NFS4_OPEN_STID:
3448        case NFS4_LOCK_STID:
3449                stp = openlockstateid(s);
3450                status = nfs4_check_fh(current_fh, stp);
3451                if (status)
3452                        goto out;
3453                if (stp->st_stateowner->so_is_open_owner
3454                    && !(openowner(stp->st_stateowner)->oo_flags & NFS4_OO_CONFIRMED))
3455                        goto out;
3456                status = nfs4_check_openmode(stp, flags);
3457                if (status)
3458                        goto out;
3459                if (filpp) {
3460                        if (flags & RD_STATE)
3461                                *filpp = find_readable_file(stp->st_file);
3462                        else
3463                                *filpp = find_writeable_file(stp->st_file);
3464                }
3465                break;
3466        default:
3467                return nfserr_bad_stateid;
3468        }
3469        status = nfs_ok;
3470out:
3471        return status;
3472}
3473
3474static __be32
3475nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp)
3476{
3477        if (check_for_locks(stp->st_file, lockowner(stp->st_stateowner)))
3478                return nfserr_locks_held;
3479        release_lock_stateid(stp);
3480        return nfs_ok;
3481}
3482
3483/*
3484 * Test if the stateid is valid
3485 */
3486__be32
3487nfsd4_test_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3488                   struct nfsd4_test_stateid *test_stateid)
3489{
3490        struct nfsd4_test_stateid_id *stateid;
3491        struct nfs4_client *cl = cstate->session->se_client;
3492
3493        nfs4_lock_state();
3494        list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list)
3495                stateid->ts_id_status =
3496                        nfsd4_validate_stateid(cl, &stateid->ts_id_stateid);
3497        nfs4_unlock_state();
3498
3499        return nfs_ok;
3500}
3501
3502__be32
3503nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3504                   struct nfsd4_free_stateid *free_stateid)
3505{
3506        stateid_t *stateid = &free_stateid->fr_stateid;
3507        struct nfs4_stid *s;
3508        struct nfs4_client *cl = cstate->session->se_client;
3509        __be32 ret = nfserr_bad_stateid;
3510
3511        nfs4_lock_state();
3512        s = find_stateid(cl, stateid);
3513        if (!s)
3514                goto out;
3515        switch (s->sc_type) {
3516        case NFS4_DELEG_STID:
3517                ret = nfserr_locks_held;
3518                goto out;
3519        case NFS4_OPEN_STID:
3520        case NFS4_LOCK_STID:
3521                ret = check_stateid_generation(stateid, &s->sc_stateid, 1);
3522                if (ret)
3523                        goto out;
3524                if (s->sc_type == NFS4_LOCK_STID)
3525                        ret = nfsd4_free_lock_stateid(openlockstateid(s));
3526                else
3527                        ret = nfserr_locks_held;
3528                break;
3529        default:
3530                ret = nfserr_bad_stateid;
3531        }
3532out:
3533        nfs4_unlock_state();
3534        return ret;
3535}
3536
3537static inline int
3538setlkflg (int type)
3539{
3540        return (type == NFS4_READW_LT || type == NFS4_READ_LT) ?
3541                RD_STATE : WR_STATE;
3542}
3543
3544static __be32 nfs4_seqid_op_checks(struct nfsd4_compound_state *cstate, stateid_t *stateid, u32 seqid, struct nfs4_ol_stateid *stp)
3545{
3546        struct svc_fh *current_fh = &cstate->current_fh;
3547        struct nfs4_stateowner *sop = stp->st_stateowner;
3548        __be32 status;
3549
3550        status = nfsd4_check_seqid(cstate, sop, seqid);
3551        if (status)
3552                return status;
3553        if (stp->st_stid.sc_type == NFS4_CLOSED_STID)
3554                /*
3555                 * "Closed" stateid's exist *only* to return
3556                 * nfserr_replay_me from the previous step.
3557                 */
3558                return nfserr_bad_stateid;
3559        status = check_stateid_generation(stateid, &stp->st_stid.sc_stateid, nfsd4_has_session(cstate));
3560        if (status)
3561                return status;
3562        return nfs4_check_fh(current_fh, stp);
3563}
3564
3565/* 
3566 * Checks for sequence id mutating operations. 
3567 */
3568static __be32
3569nfs4_preprocess_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid,
3570                         stateid_t *stateid, char typemask,
3571                         struct nfs4_ol_stateid **stpp)
3572{
3573        __be32 status;
3574        struct nfs4_stid *s;
3575
3576        dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__,
3577                seqid, STATEID_VAL(stateid));
3578
3579        *stpp = NULL;
3580        status = nfsd4_lookup_stateid(stateid, typemask, &s, cstate->minorversion);
3581        if (status)
3582                return status;
3583        *stpp = openlockstateid(s);
3584        cstate->replay_owner = (*stpp)->st_stateowner;
3585
3586        return nfs4_seqid_op_checks(cstate, stateid, seqid, *stpp);
3587}
3588
3589static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, stateid_t *stateid, struct nfs4_ol_stateid **stpp)
3590{
3591        __be32 status;
3592        struct nfs4_openowner *oo;
3593
3594        status = nfs4_preprocess_seqid_op(cstate, seqid, stateid,
3595                                                NFS4_OPEN_STID, stpp);
3596        if (status)
3597                return status;
3598        oo = openowner((*stpp)->st_stateowner);
3599        if (!(oo->oo_flags & NFS4_OO_CONFIRMED))
3600                return nfserr_bad_stateid;
3601        return nfs_ok;
3602}
3603
3604__be32
3605nfsd4_open_confirm(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3606                   struct nfsd4_open_confirm *oc)
3607{
3608        __be32 status;
3609        struct nfs4_openowner *oo;
3610        struct nfs4_ol_stateid *stp;
3611
3612        dprintk("NFSD: nfsd4_open_confirm on file %.*s\n",
3613                        (int)cstate->current_fh.fh_dentry->d_name.len,
3614                        cstate->current_fh.fh_dentry->d_name.name);
3615
3616        status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0);
3617        if (status)
3618                return status;
3619
3620        nfs4_lock_state();
3621
3622        status = nfs4_preprocess_seqid_op(cstate,
3623                                        oc->oc_seqid, &oc->oc_req_stateid,
3624                                        NFS4_OPEN_STID, &stp);
3625        if (status)
3626                goto out;
3627        oo = openowner(stp->st_stateowner);
3628        status = nfserr_bad_stateid;
3629        if (oo->oo_flags & NFS4_OO_CONFIRMED)
3630                goto out;
3631        oo->oo_flags |= NFS4_OO_CONFIRMED;
3632        update_stateid(&stp->st_stid.sc_stateid);
3633        memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3634        dprintk("NFSD: %s: success, seqid=%d stateid=" STATEID_FMT "\n",
3635                __func__, oc->oc_seqid, STATEID_VAL(&stp->st_stid.sc_stateid));
3636
3637        nfsd4_client_record_create(oo->oo_owner.so_client);
3638        status = nfs_ok;
3639out:
3640        if (!cstate->replay_owner)
3641                nfs4_unlock_state();
3642        return status;
3643}
3644
3645static inline void nfs4_stateid_downgrade_bit(struct nfs4_ol_stateid *stp, u32 access)
3646{
3647        if (!test_access(access, stp))
3648                return;
3649        nfs4_file_put_access(stp->st_file, nfs4_access_to_omode(access));
3650        clear_access(access, stp);
3651}
3652
3653static inline void nfs4_stateid_downgrade(struct nfs4_ol_stateid *stp, u32 to_access)
3654{
3655        switch (to_access) {
3656        case NFS4_SHARE_ACCESS_READ:
3657                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_WRITE);
3658                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
3659                break;
3660        case NFS4_SHARE_ACCESS_WRITE:
3661                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_READ);
3662                nfs4_stateid_downgrade_bit(stp, NFS4_SHARE_ACCESS_BOTH);
3663                break;
3664        case NFS4_SHARE_ACCESS_BOTH:
3665                break;
3666        default:
3667                BUG();
3668        }
3669}
3670
3671static void
3672reset_union_bmap_deny(unsigned long deny, struct nfs4_ol_stateid *stp)
3673{
3674        int i;
3675        for (i = 0; i < 4; i++) {
3676                if ((i & deny) != i)
3677                        clear_deny(i, stp);
3678        }
3679}
3680
3681__be32
3682nfsd4_open_downgrade(struct svc_rqst *rqstp,
3683                     struct nfsd4_compound_state *cstate,
3684                     struct nfsd4_open_downgrade *od)
3685{
3686        __be32 status;
3687        struct nfs4_ol_stateid *stp;
3688
3689        dprintk("NFSD: nfsd4_open_downgrade on file %.*s\n", 
3690                        (int)cstate->current_fh.fh_dentry->d_name.len,
3691                        cstate->current_fh.fh_dentry->d_name.name);
3692
3693        /* We don't yet support WANT bits: */
3694        if (od->od_deleg_want)
3695                dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__,
3696                        od->od_deleg_want);
3697
3698        nfs4_lock_state();
3699        status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid,
3700                                        &od->od_stateid, &stp);
3701        if (status)
3702                goto out; 
3703        status = nfserr_inval;
3704        if (!test_access(od->od_share_access, stp)) {
3705                dprintk("NFSD: access not a subset current bitmap: 0x%lx, input access=%08x\n",
3706                        stp->st_access_bmap, od->od_share_access);
3707                goto out;
3708        }
3709        if (!test_deny(od->od_share_deny, stp)) {
3710                dprintk("NFSD:deny not a subset current bitmap: 0x%lx, input deny=%08x\n",
3711                        stp->st_deny_bmap, od->od_share_deny);
3712                goto out;
3713        }
3714        nfs4_stateid_downgrade(stp, od->od_share_access);
3715
3716        reset_union_bmap_deny(od->od_share_deny, stp);
3717
3718        update_stateid(&stp->st_stid.sc_stateid);
3719        memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3720        status = nfs_ok;
3721out:
3722        if (!cstate->replay_owner)
3723                nfs4_unlock_state();
3724        return status;
3725}
3726
3727void nfsd4_purge_closed_stateid(struct nfs4_stateowner *so)
3728{
3729        struct nfs4_openowner *oo;
3730        struct nfs4_ol_stateid *s;
3731
3732        if (!so->so_is_open_owner)
3733                return;
3734        oo = openowner(so);
3735        s = oo->oo_last_closed_stid;
3736        if (!s)
3737                return;
3738        if (!(oo->oo_flags & NFS4_OO_PURGE_CLOSE)) {
3739                /* Release the last_closed_stid on the next seqid bump: */
3740                oo->oo_flags |= NFS4_OO_PURGE_CLOSE;
3741                return;
3742        }
3743        oo->oo_flags &= ~NFS4_OO_PURGE_CLOSE;
3744        release_last_closed_stateid(oo);
3745}
3746
3747static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
3748{
3749        unhash_open_stateid(s);
3750        s->st_stid.sc_type = NFS4_CLOSED_STID;
3751}
3752
3753/*
3754 * nfs4_unlock_state() called after encode
3755 */
3756__be32
3757nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3758            struct nfsd4_close *close)
3759{
3760        __be32 status;
3761        struct nfs4_openowner *oo;
3762        struct nfs4_ol_stateid *stp;
3763
3764        dprintk("NFSD: nfsd4_close on file %.*s\n", 
3765                        (int)cstate->current_fh.fh_dentry->d_name.len,
3766                        cstate->current_fh.fh_dentry->d_name.name);
3767
3768        nfs4_lock_state();
3769        status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid,
3770                                        &close->cl_stateid,
3771                                        NFS4_OPEN_STID|NFS4_CLOSED_STID,
3772                                        &stp);
3773        if (status)
3774                goto out; 
3775        oo = openowner(stp->st_stateowner);
3776        status = nfs_ok;
3777        update_stateid(&stp->st_stid.sc_stateid);
3778        memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
3779
3780        nfsd4_close_open_stateid(stp);
3781        release_last_closed_stateid(oo);
3782        oo->oo_last_closed_stid = stp;
3783
3784        if (list_empty(&oo->oo_owner.so_stateids)) {
3785                if (cstate->minorversion) {
3786                        release_openowner(oo);
3787                        cstate->replay_owner = NULL;
3788                } else {
3789                        /*
3790                         * In the 4.0 case we need to keep the owners around a
3791                         * little while to handle CLOSE replay.
3792                         */
3793                        if (list_empty(&oo->oo_owner.so_stateids))
3794                                move_to_close_lru(oo);
3795                }
3796        }
3797out:
3798        if (!cstate->replay_owner)
3799                nfs4_unlock_state();
3800        return status;
3801}
3802
3803__be32
3804nfsd4_delegreturn(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
3805                  struct nfsd4_delegreturn *dr)
3806{
3807        struct nfs4_delegation *dp;
3808        stateid_t *stateid = &dr->dr_stateid;
3809        struct nfs4_stid *s;
3810        struct inode *inode;
3811        __be32 status;
3812
3813        if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
3814                return status;
3815        inode = cstate->current_fh.fh_dentry->d_inode;
3816
3817        nfs4_lock_state();
3818        status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID, &s, cstate->minorversion);
3819        if (status)
3820                goto out;
3821        dp = delegstateid(s);
3822        status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate));
3823        if (status)
3824                goto out;
3825
3826        unhash_delegation(dp);
3827out:
3828        nfs4_unlock_state();
3829
3830        return status;
3831}
3832
3833
3834#define LOFF_OVERFLOW(start, len)      ((u64)(len) > ~(u64)(start))
3835
3836#define LOCKOWNER_INO_HASH_BITS 8
3837#define LOCKOWNER_INO_HASH_SIZE (1 << LOCKOWNER_INO_HASH_BITS)
3838#define LOCKOWNER_INO_HASH_MASK (LOCKOWNER_INO_HASH_SIZE - 1)
3839
3840static inline u64
3841end_offset(u64 start, u64 len)
3842{
3843        u64 end;
3844
3845        end = start + len;
3846        return end >= start ? end: NFS4_MAX_UINT64;
3847}
3848
3849/* last octet in a range */
3850static inline u64
3851last_byte_offset(u64 start, u64 len)
3852{
3853        u64 end;
3854
3855        BUG_ON(!len);
3856        end = start + len;
3857        return end > start ? end - 1: NFS4_MAX_UINT64;
3858}
3859
3860static unsigned int lockowner_ino_hashval(struct inode *inode, u32 cl_id, struct xdr_netobj *ownername)
3861{
3862        return (file_hashval(inode) + cl_id
3863                        + opaque_hashval(ownername->data, ownername->len))
3864                & LOCKOWNER_INO_HASH_MASK;
3865}
3866
3867static struct list_head lockowner_ino_hashtbl[LOCKOWNER_INO_HASH_SIZE];
3868
3869/*
3870 * TODO: Linux file offsets are _signed_ 64-bit quantities, which means that
3871 * we can't properly handle lock requests that go beyond the (2^63 - 1)-th
3872 * byte, because of sign extension problems.  Since NFSv4 calls for 64-bit
3873 * locking, this prevents us from being completely protocol-compliant.  The
3874 * real solution to this problem is to start using unsigned file offsets in
3875 * the VFS, but this is a very deep change!
3876 */
3877static inline void
3878nfs4_transform_lock_offset(struct file_lock *lock)
3879{
3880        if (lock->fl_start < 0)
3881                lock->fl_start = OFFSET_MAX;
3882        if (lock->fl_end < 0)
3883                lock->fl_end = OFFSET_MAX;
3884}
3885
3886/* Hack!: For now, we're defining this just so we can use a pointer to it
3887 * as a unique cookie to identify our (NFSv4's) posix locks. */
3888static const struct lock_manager_operations nfsd_posix_mng_ops  = {
3889};
3890
3891static inline void
3892nfs4_set_lock_denied(struct file_lock *fl, struct nfsd4_lock_denied *deny)
3893{
3894        struct nfs4_lockowner *lo;
3895
3896        if (fl->fl_lmops == &nfsd_posix_mng_ops) {
3897                lo = (struct nfs4_lockowner *) fl->fl_owner;
3898                deny->ld_owner.data = kmemdup(lo->lo_owner.so_owner.data,
3899                                        lo->lo_owner.so_owner.len, GFP_KERNEL);
3900                if (!deny->ld_owner.data)
3901                        /* We just don't care that much */
3902                        goto nevermind;
3903                deny->ld_owner.len = lo->lo_owner.so_owner.len;
3904                deny->ld_clientid = lo->lo_owner.so_client->cl_clientid;
3905        } else {
3906nevermind:
3907                deny->ld_owner.len = 0;
3908                deny->ld_owner.data = NULL;
3909                deny->ld_clientid.cl_boot = 0;
3910                deny->ld_clientid.cl_id = 0;
3911        }
3912        deny->ld_start = fl->fl_start;
3913        deny->ld_length = NFS4_MAX_UINT64;
3914        if (fl->fl_end != NFS4_MAX_UINT64)
3915                deny->ld_length = fl->fl_end - fl->fl_start + 1;        
3916        deny->ld_type = NFS4_READ_LT;
3917        if (fl->fl_type != F_RDLCK)
3918                deny->ld_type = NFS4_WRITE_LT;
3919}
3920
3921static bool same_lockowner_ino(struct nfs4_lockowner *lo, struct inode *inode, clientid_t *clid, struct xdr_netobj *owner)
3922{
3923        struct nfs4_ol_stateid *lst;
3924
3925        if (!same_owner_str(&lo->lo_owner, owner, clid))
3926                return false;
3927        lst = list_first_entry(&lo->lo_owner.so_stateids,
3928                               struct nfs4_ol_stateid, st_perstateowner);
3929        return lst->st_file->fi_inode == inode;
3930}
3931
3932static struct nfs4_lockowner *
3933find_lockowner_str(struct inode *inode, clientid_t *clid,
3934                struct xdr_netobj *owner)
3935{
3936        unsigned int hashval = lockowner_ino_hashval(inode, clid->cl_id, owner);
3937        struct nfs4_lockowner *lo;
3938
3939        list_for_each_entry(lo, &lockowner_ino_hashtbl[hashval], lo_owner_ino_hash) {
3940                if (same_lockowner_ino(lo, inode, clid, owner))
3941                        return lo;
3942        }
3943        return NULL;
3944}
3945
3946static void hash_lockowner(struct nfs4_lockowner *lo, unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp)
3947{
3948        struct inode *inode = open_stp->st_file->fi_inode;
3949        unsigned int inohash = lockowner_ino_hashval(inode,
3950                        clp->cl_clientid.cl_id, &lo->lo_owner.so_owner);
3951
3952        list_add(&lo->lo_owner.so_strhash, &ownerstr_hashtbl[strhashval]);
3953        list_add(&lo->lo_owner_ino_hash, &lockowner_ino_hashtbl[inohash]);
3954        list_add(&lo->lo_perstateid, &open_stp->st_lockowners);
3955}
3956
3957/*
3958 * Alloc a lock owner structure.
3959 * Called in nfsd4_lock - therefore, OPEN and OPEN_CONFIRM (if needed) has 
3960 * occurred. 
3961 *
3962 * strhashval = ownerstr_hashval
3963 */
3964
3965static struct nfs4_lockowner *
3966alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) {
3967        struct nfs4_lockowner *lo;
3968
3969        lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp);
3970        if (!lo)
3971                return NULL;
3972        INIT_LIST_HEAD(&lo->lo_owner.so_stateids);
3973        lo->lo_owner.so_is_open_owner = 0;
3974        /* It is the openowner seqid that will be incremented in encode in the
3975         * case of new lockowners; so increment the lock seqid manually: */
3976        lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1;
3977        hash_lockowner(lo, strhashval, clp, open_stp);
3978        return lo;
3979}
3980
3981static struct nfs4_ol_stateid *
3982alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp, struct nfs4_ol_stateid *open_stp)
3983{
3984        struct nfs4_ol_stateid *stp;
3985        struct nfs4_client *clp = lo->lo_owner.so_client;
3986
3987        stp = nfs4_alloc_stateid(clp);
3988        if (stp == NULL)
3989                return NULL;
3990        init_stid(&stp->st_stid, clp, NFS4_LOCK_STID);
3991        list_add(&stp->st_perfile, &fp->fi_stateids);
3992        list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids);
3993        stp->st_stateowner = &lo->lo_owner;
3994        get_nfs4_file(fp);
3995        stp->st_file = fp;
3996        stp->st_access_bmap = 0;
3997        stp->st_deny_bmap = open_stp->st_deny_bmap;
3998        stp->st_openstp = open_stp;
3999        return stp;
4000}
4001
4002static int
4003check_lock_length(u64 offset, u64 length)
4004{
4005        return ((length == 0)  || ((length != NFS4_MAX_UINT64) &&
4006             LOFF_OVERFLOW(offset, length)));
4007}
4008
4009static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access)
4010{
4011        struct nfs4_file *fp = lock_stp->st_file;
4012        int oflag = nfs4_access_to_omode(access);
4013
4014        if (test_access(access, lock_stp))
4015                return;
4016        nfs4_file_get_access(fp, oflag);
4017        set_access(access, lock_stp);
4018}
4019
4020static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new)
4021{
4022        struct nfs4_file *fi = ost->st_file;
4023        struct nfs4_openowner *oo = openowner(ost->st_stateowner);
4024        struct nfs4_client *cl = oo->oo_owner.so_client;
4025        struct nfs4_lockowner *lo;
4026        unsigned int strhashval;
4027
4028        lo = find_lockowner_str(fi->fi_inode, &cl->cl_clientid, &lock->v.new.owner);
4029        if (lo) {
4030                if (!cstate->minorversion)
4031                        return nfserr_bad_seqid;
4032                /* XXX: a lockowner always has exactly one stateid: */
4033                *lst = list_first_entry(&lo->lo_owner.so_stateids,
4034                                struct nfs4_ol_stateid, st_perstateowner);
4035                return nfs_ok;
4036        }
4037        strhashval = ownerstr_hashval(cl->cl_clientid.cl_id,
4038                        &lock->v.new.owner);
4039        lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock);
4040        if (lo == NULL)
4041                return nfserr_jukebox;
4042        *lst = alloc_init_lock_stateid(lo, fi, ost);
4043        if (*lst == NULL) {
4044                release_lockowner(lo);
4045                return nfserr_jukebox;
4046        }
4047        *new = true;
4048        return nfs_ok;
4049}
4050
4051/*
4052 *  LOCK operation 
4053 */
4054__be32
4055nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4056           struct nfsd4_lock *lock)
4057{
4058        struct nfs4_openowner *open_sop = NULL;
4059        struct nfs4_lockowner *lock_sop = NULL;
4060        struct nfs4_ol_stateid *lock_stp;
4061        struct file *filp = NULL;
4062        struct file_lock *file_lock = NULL;
4063        struct file_lock *conflock = NULL;
4064        __be32 status = 0;
4065        bool new_state = false;
4066        int lkflg;
4067        int err;
4068        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
4069
4070        dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
4071                (long long) lock->lk_offset,
4072                (long long) lock->lk_length);
4073
4074        if (check_lock_length(lock->lk_offset, lock->lk_length))
4075                 return nfserr_inval;
4076
4077        if ((status = fh_verify(rqstp, &cstate->current_fh,
4078                                S_IFREG, NFSD_MAY_LOCK))) {
4079                dprintk("NFSD: nfsd4_lock: permission denied!\n");
4080                return status;
4081        }
4082
4083        nfs4_lock_state();
4084
4085        if (lock->lk_is_new) {
4086                struct nfs4_ol_stateid *open_stp = NULL;
4087
4088                if (nfsd4_has_session(cstate))
4089                        /* See rfc 5661 18.10.3: given clientid is ignored: */
4090                        memcpy(&lock->v.new.clientid,
4091                                &cstate->session->se_client->cl_clientid,
4092                                sizeof(clientid_t));
4093
4094                status = nfserr_stale_clientid;
4095                if (STALE_CLIENTID(&lock->lk_new_clientid, nn))
4096                        goto out;
4097
4098                /* validate and update open stateid and open seqid */
4099                status = nfs4_preprocess_confirmed_seqid_op(cstate,
4100                                        lock->lk_new_open_seqid,
4101                                        &lock->lk_new_open_stateid,
4102                                        &open_stp);
4103                if (status)
4104                        goto out;
4105                open_sop = openowner(open_stp->st_stateowner);
4106                status = nfserr_bad_stateid;
4107                if (!same_clid(&open_sop->oo_owner.so_client->cl_clientid,
4108                                                &lock->v.new.clientid))
4109                        goto out;
4110                status = lookup_or_create_lock_state(cstate, open_stp, lock,
4111                                                        &lock_stp, &new_state);
4112        } else
4113                status = nfs4_preprocess_seqid_op(cstate,
4114                                       lock->lk_old_lock_seqid,
4115                                       &lock->lk_old_lock_stateid,
4116                                       NFS4_LOCK_STID, &lock_stp);
4117        if (status)
4118                goto out;
4119        lock_sop = lockowner(lock_stp->st_stateowner);
4120
4121        lkflg = setlkflg(lock->lk_type);
4122        status = nfs4_check_openmode(lock_stp, lkflg);
4123        if (status)
4124                goto out;
4125
4126        status = nfserr_grace;
4127        if (locks_in_grace(SVC_NET(rqstp)) && !lock->lk_reclaim)
4128                goto out;
4129        status = nfserr_no_grace;
4130        if (!locks_in_grace(SVC_NET(rqstp)) && lock->lk_reclaim)
4131                goto out;
4132
4133        file_lock = locks_alloc_lock();
4134        if (!file_lock) {
4135                dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4136                status = nfserr_jukebox;
4137                goto out;
4138        }
4139
4140        locks_init_lock(file_lock);
4141        switch (lock->lk_type) {
4142                case NFS4_READ_LT:
4143                case NFS4_READW_LT:
4144                        filp = find_readable_file(lock_stp->st_file);
4145                        if (filp)
4146                                get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ);
4147                        file_lock->fl_type = F_RDLCK;
4148                        break;
4149                case NFS4_WRITE_LT:
4150                case NFS4_WRITEW_LT:
4151                        filp = find_writeable_file(lock_stp->st_file);
4152                        if (filp)
4153                                get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE);
4154                        file_lock->fl_type = F_WRLCK;
4155                        break;
4156                default:
4157                        status = nfserr_inval;
4158                goto out;
4159        }
4160        if (!filp) {
4161                status = nfserr_openmode;
4162                goto out;
4163        }
4164        file_lock->fl_owner = (fl_owner_t)lock_sop;
4165        file_lock->fl_pid = current->tgid;
4166        file_lock->fl_file = filp;
4167        file_lock->fl_flags = FL_POSIX;
4168        file_lock->fl_lmops = &nfsd_posix_mng_ops;
4169        file_lock->fl_start = lock->lk_offset;
4170        file_lock->fl_end = last_byte_offset(lock->lk_offset, lock->lk_length);
4171        nfs4_transform_lock_offset(file_lock);
4172
4173        conflock = locks_alloc_lock();
4174        if (!conflock) {
4175                dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4176                status = nfserr_jukebox;
4177                goto out;
4178        }
4179
4180        err = vfs_lock_file(filp, F_SETLK, file_lock, conflock);
4181        switch (-err) {
4182        case 0: /* success! */
4183                update_stateid(&lock_stp->st_stid.sc_stateid);
4184                memcpy(&lock->lk_resp_stateid, &lock_stp->st_stid.sc_stateid, 
4185                                sizeof(stateid_t));
4186                status = 0;
4187                break;
4188        case (EAGAIN):          /* conflock holds conflicting lock */
4189                status = nfserr_denied;
4190                dprintk("NFSD: nfsd4_lock: conflicting lock found!\n");
4191                nfs4_set_lock_denied(conflock, &lock->lk_denied);
4192                break;
4193        case (EDEADLK):
4194                status = nfserr_deadlock;
4195                break;
4196        default:
4197                dprintk("NFSD: nfsd4_lock: vfs_lock_file() failed! status %d\n",err);
4198                status = nfserrno(err);
4199                break;
4200        }
4201out:
4202        if (status && new_state)
4203                release_lockowner(lock_sop);
4204        if (!cstate->replay_owner)
4205                nfs4_unlock_state();
4206        if (file_lock)
4207                locks_free_lock(file_lock);
4208        if (conflock)
4209                locks_free_lock(conflock);
4210        return status;
4211}
4212
4213/*
4214 * The NFSv4 spec allows a client to do a LOCKT without holding an OPEN,
4215 * so we do a temporary open here just to get an open file to pass to
4216 * vfs_test_lock.  (Arguably perhaps test_lock should be done with an
4217 * inode operation.)
4218 */
4219static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
4220{
4221        struct file *file;
4222        __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
4223        if (!err) {
4224                err = nfserrno(vfs_test_lock(file, lock));
4225                nfsd_close(file);
4226        }
4227        return err;
4228}
4229
4230/*
4231 * LOCKT operation
4232 */
4233__be32
4234nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4235            struct nfsd4_lockt *lockt)
4236{
4237        struct inode *inode;
4238        struct file_lock *file_lock = NULL;
4239        struct nfs4_lockowner *lo;
4240        __be32 status;
4241        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
4242
4243        if (locks_in_grace(SVC_NET(rqstp)))
4244                return nfserr_grace;
4245
4246        if (check_lock_length(lockt->lt_offset, lockt->lt_length))
4247                 return nfserr_inval;
4248
4249        nfs4_lock_state();
4250
4251        status = nfserr_stale_clientid;
4252        if (!nfsd4_has_session(cstate) && STALE_CLIENTID(&lockt->lt_clientid, nn))
4253                goto out;
4254
4255        if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0)))
4256                goto out;
4257
4258        inode = cstate->current_fh.fh_dentry->d_inode;
4259        file_lock = locks_alloc_lock();
4260        if (!file_lock) {
4261                dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4262                status = nfserr_jukebox;
4263                goto out;
4264        }
4265        locks_init_lock(file_lock);
4266        switch (lockt->lt_type) {
4267                case NFS4_READ_LT:
4268                case NFS4_READW_LT:
4269                        file_lock->fl_type = F_RDLCK;
4270                break;
4271                case NFS4_WRITE_LT:
4272                case NFS4_WRITEW_LT:
4273                        file_lock->fl_type = F_WRLCK;
4274                break;
4275                default:
4276                        dprintk("NFSD: nfs4_lockt: bad lock type!\n");
4277                        status = nfserr_inval;
4278                goto out;
4279        }
4280
4281        lo = find_lockowner_str(inode, &lockt->lt_clientid, &lockt->lt_owner);
4282        if (lo)
4283                file_lock->fl_owner = (fl_owner_t)lo;
4284        file_lock->fl_pid = current->tgid;
4285        file_lock->fl_flags = FL_POSIX;
4286
4287        file_lock->fl_start = lockt->lt_offset;
4288        file_lock->fl_end = last_byte_offset(lockt->lt_offset, lockt->lt_length);
4289
4290        nfs4_transform_lock_offset(file_lock);
4291
4292        status = nfsd_test_lock(rqstp, &cstate->current_fh, file_lock);
4293        if (status)
4294                goto out;
4295
4296        if (file_lock->fl_type != F_UNLCK) {
4297                status = nfserr_denied;
4298                nfs4_set_lock_denied(file_lock, &lockt->lt_denied);
4299        }
4300out:
4301        nfs4_unlock_state();
4302        if (file_lock)
4303                locks_free_lock(file_lock);
4304        return status;
4305}
4306
4307__be32
4308nfsd4_locku(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4309            struct nfsd4_locku *locku)
4310{
4311        struct nfs4_ol_stateid *stp;
4312        struct file *filp = NULL;
4313        struct file_lock *file_lock = NULL;
4314        __be32 status;
4315        int err;
4316                                                        
4317        dprintk("NFSD: nfsd4_locku: start=%Ld length=%Ld\n",
4318                (long long) locku->lu_offset,
4319                (long long) locku->lu_length);
4320
4321        if (check_lock_length(locku->lu_offset, locku->lu_length))
4322                 return nfserr_inval;
4323
4324        nfs4_lock_state();
4325                                                                                
4326        status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid,
4327                                        &locku->lu_stateid, NFS4_LOCK_STID, &stp);
4328        if (status)
4329                goto out;
4330        filp = find_any_file(stp->st_file);
4331        if (!filp) {
4332                status = nfserr_lock_range;
4333                goto out;
4334        }
4335        file_lock = locks_alloc_lock();
4336        if (!file_lock) {
4337                dprintk("NFSD: %s: unable to allocate lock!\n", __func__);
4338                status = nfserr_jukebox;
4339                goto out;
4340        }
4341        locks_init_lock(file_lock);
4342        file_lock->fl_type = F_UNLCK;
4343        file_lock->fl_owner = (fl_owner_t)lockowner(stp->st_stateowner);
4344        file_lock->fl_pid = current->tgid;
4345        file_lock->fl_file = filp;
4346        file_lock->fl_flags = FL_POSIX;
4347        file_lock->fl_lmops = &nfsd_posix_mng_ops;
4348        file_lock->fl_start = locku->lu_offset;
4349
4350        file_lock->fl_end = last_byte_offset(locku->lu_offset,
4351                                                locku->lu_length);
4352        nfs4_transform_lock_offset(file_lock);
4353
4354        /*
4355        *  Try to unlock the file in the VFS.
4356        */
4357        err = vfs_lock_file(filp, F_SETLK, file_lock, NULL);
4358        if (err) {
4359                dprintk("NFSD: nfs4_locku: vfs_lock_file failed!\n");
4360                goto out_nfserr;
4361        }
4362        /*
4363        * OK, unlock succeeded; the only thing left to do is update the stateid.
4364        */
4365        update_stateid(&stp->st_stid.sc_stateid);
4366        memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t));
4367
4368out:
4369        if (!cstate->replay_owner)
4370                nfs4_unlock_state();
4371        if (file_lock)
4372                locks_free_lock(file_lock);
4373        return status;
4374
4375out_nfserr:
4376        status = nfserrno(err);
4377        goto out;
4378}
4379
4380/*
4381 * returns
4382 *      1: locks held by lockowner
4383 *      0: no locks held by lockowner
4384 */
4385static int
4386check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner)
4387{
4388        struct file_lock **flpp;
4389        struct inode *inode = filp->fi_inode;
4390        int status = 0;
4391
4392        lock_flocks();
4393        for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) {
4394                if ((*flpp)->fl_owner == (fl_owner_t)lowner) {
4395                        status = 1;
4396                        goto out;
4397                }
4398        }
4399out:
4400        unlock_flocks();
4401        return status;
4402}
4403
4404__be32
4405nfsd4_release_lockowner(struct svc_rqst *rqstp,
4406                        struct nfsd4_compound_state *cstate,
4407                        struct nfsd4_release_lockowner *rlockowner)
4408{
4409        clientid_t *clid = &rlockowner->rl_clientid;
4410        struct nfs4_stateowner *sop;
4411        struct nfs4_lockowner *lo;
4412        struct nfs4_ol_stateid *stp;
4413        struct xdr_netobj *owner = &rlockowner->rl_owner;
4414        struct list_head matches;
4415        unsigned int hashval = ownerstr_hashval(clid->cl_id, owner);
4416        __be32 status;
4417        struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
4418
4419        dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n",
4420                clid->cl_boot, clid->cl_id);
4421
4422        /* XXX check for lease expiration */
4423
4424        status = nfserr_stale_clientid;
4425        if (STALE_CLIENTID(clid, nn))
4426                return status;
4427
4428        nfs4_lock_state();
4429
4430        status = nfserr_locks_held;
4431        INIT_LIST_HEAD(&matches);
4432
4433        list_for_each_entry(sop, &ownerstr_hashtbl[hashval], so_strhash) {
4434                if (sop->so_is_open_owner)
4435                        continue;
4436                if (!same_owner_str(sop, owner, clid))
4437                        continue;
4438                list_for_each_entry(stp, &sop->so_stateids,
4439                                st_perstateowner) {
4440                        lo = lockowner(sop);
4441                        if (check_for_locks(stp->st_file, lo))
4442                                goto out;
4443                        list_add(&lo->lo_list, &matches);
4444                }
4445        }
4446        /* Clients probably won't expect us to return with some (but not all)
4447         * of the lockowner state released; so don't release any until all
4448         * have been checked. */
4449        status = nfs_ok;
4450        while (!list_empty(&matches)) {
4451                lo = list_entry(matches.next, struct nfs4_lockowner,
4452                                                                lo_list);
4453                /* unhash_stateowner deletes so_perclient only
4454                 * for openowners. */
4455                list_del(&lo->lo_list);
4456                release_lockowner(lo);
4457        }
4458out:
4459        nfs4_unlock_state();
4460        return status;
4461}
4462
4463static inline struct nfs4_client_reclaim *
4464alloc_reclaim(void)
4465{
4466        return kmalloc(sizeof(struct nfs4_client_reclaim), GFP_KERNEL);
4467}
4468
4469int
4470nfs4_has_reclaimed_state(const char *name, bool use_exchange_id)
4471{
4472        unsigned int strhashval = clientstr_hashval(name);
4473        struct nfs4_client *clp;
4474
4475        clp = find_confirmed_client_by_str(name, strhashval);
4476        if (!clp)
4477                return 0;
4478        return test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags);
4479}
4480
4481/*
4482 * failure => all reset bets are off, nfserr_no_grace...
4483 */
4484int
4485nfs4_client_to_reclaim(const char *name)
4486{
4487        unsigned int strhashval;
4488        struct nfs4_client_reclaim *crp = NULL;
4489
4490        dprintk("NFSD nfs4_client_to_reclaim NAME: %.*s\n", HEXDIR_LEN, name);
4491        crp = alloc_reclaim();
4492        if (!crp)
4493                return 0;
4494        strhashval = clientstr_hashval(name);
4495        INIT_LIST_HEAD(&crp->cr_strhash);
4496        list_add(&crp->cr_strhash, &reclaim_str_hashtbl[strhashval]);
4497        memcpy(crp->cr_recdir, name, HEXDIR_LEN);
4498        reclaim_str_hashtbl_size++;
4499        return 1;
4500}
4501
4502void
4503nfs4_release_reclaim(void)
4504{
4505        struct nfs4_client_reclaim *crp = NULL;
4506        int i;
4507
4508        for (i = 0; i < CLIENT_HASH_SIZE; i++) {
4509                while (!list_empty(&reclaim_str_hashtbl[i])) {
4510                        crp = list_entry(reclaim_str_hashtbl[i].next,
4511                                        struct nfs4_client_reclaim, cr_strhash);
4512                        list_del(&crp->cr_strhash);
4513                        kfree(crp);
4514                        reclaim_str_hashtbl_size--;
4515                }
4516        }
4517        BUG_ON(reclaim_str_hashtbl_size);
4518}
4519
4520/*
4521 * called from OPEN, CLAIM_PREVIOUS with a new clientid. */
4522struct nfs4_client_reclaim *
4523nfsd4_find_reclaim_client(struct nfs4_client *clp)
4524{
4525        unsigned int strhashval;
4526        struct nfs4_client_reclaim *crp = NULL;
4527
4528        dprintk("NFSD: nfs4_find_reclaim_client for %.*s with recdir %s\n",
4529                            clp->cl_name.len, clp->cl_name.data,
4530                            clp->cl_recdir);
4531
4532        /* find clp->cl_name in reclaim_str_hashtbl */
4533        strhashval = clientstr_hashval(clp->cl_recdir);
4534        list_for_each_entry(crp, &reclaim_str_hashtbl[strhashval], cr_strhash) {
4535                if (same_name(crp->cr_recdir, clp->cl_recdir)) {
4536                        return crp;
4537                }
4538        }
4539        return NULL;
4540}
4541
4542/*
4543* Called from OPEN. Look for clientid in reclaim list.
4544*/
4545__be32
4546nfs4_check_open_reclaim(clientid_t *clid, bool sessions)
4547{
4548        struct nfs4_client *clp;
4549
4550        /* find clientid in conf_id_hashtbl */
4551        clp = find_confirmed_client(clid, sessions);
4552        if (clp == NULL)
4553                return nfserr_reclaim_bad;
4554
4555        return nfsd4_client_record_check(clp) ? nfserr_reclaim_bad : nfs_ok;
4556}
4557
4558#ifdef CONFIG_NFSD_FAULT_INJECTION
4559
4560void nfsd_forget_clients(u64 num)
4561{
4562        struct nfs4_client *clp, *next;
4563        int count = 0;
4564
4565        nfs4_lock_state();
4566        list_for_each_entry_safe(clp, next, &client_lru, cl_lru) {
4567                expire_client(clp);
4568                if (++count == num)
4569                        break;
4570        }
4571        nfs4_unlock_state();
4572
4573        printk(KERN_INFO "NFSD: Forgot %d clients", count);
4574}
4575
4576static void release_lockowner_sop(struct nfs4_stateowner *sop)
4577{
4578        release_lockowner(lockowner(sop));
4579}
4580
4581static void release_openowner_sop(struct nfs4_stateowner *sop)
4582{
4583        release_openowner(openowner(sop));
4584}
4585
4586static int nfsd_release_n_owners(u64 num, bool is_open_owner,
4587                                void (*release_sop)(struct nfs4_stateowner *))
4588{
4589        int i, count = 0;
4590        struct nfs4_stateowner *sop, *next;
4591
4592        for (i = 0; i < OWNER_HASH_SIZE; i++) {
4593                list_for_each_entry_safe(sop, next, &ownerstr_hashtbl[i], so_strhash) {
4594                        if (sop->so_is_open_owner != is_open_owner)
4595                                continue;
4596                        release_sop(sop);
4597                        if (++count == num)
4598                                return count;
4599                }
4600        }
4601        return count;
4602}
4603
4604void nfsd_forget_locks(u64 num)
4605{
4606        int count;
4607
4608        nfs4_lock_state();
4609        count = nfsd_release_n_owners(num, false, release_lockowner_sop);
4610        nfs4_unlock_state();
4611
4612        printk(KERN_INFO "NFSD: Forgot %d locks", count);
4613}
4614
4615void nfsd_forget_openowners(u64 num)
4616{
4617        int count;
4618
4619        nfs4_lock_state();
4620        count = nfsd_release_n_owners(num, true, release_openowner_sop);
4621        nfs4_unlock_state();
4622
4623        printk(KERN_INFO "NFSD: Forgot %d open owners", count);
4624}
4625
4626static int nfsd_process_n_delegations(u64 num, struct list_head *list)
4627{
4628        int i, count = 0;
4629        struct nfs4_file *fp, *fnext;
4630        struct nfs4_delegation *dp, *dnext;
4631
4632        for (i = 0; i < FILE_HASH_SIZE; i++) {
4633                list_for_each_entry_safe(fp, fnext, &file_hashtbl[i], fi_hash) {
4634                        list_for_each_entry_safe(dp, dnext, &fp->fi_delegations, dl_perfile) {
4635                                list_move(&dp->dl_recall_lru, list);
4636                                if (++count == num)
4637                                        return count;
4638                        }
4639                }
4640        }
4641
4642        return count;
4643}
4644
4645void nfsd_forget_delegations(u64 num)
4646{
4647        unsigned int count;
4648        LIST_HEAD(victims);
4649        struct nfs4_delegation *dp, *dnext;
4650
4651        spin_lock(&recall_lock);
4652        count = nfsd_process_n_delegations(num, &victims);
4653        spin_unlock(&recall_lock);
4654
4655        nfs4_lock_state();
4656        list_for_each_entry_safe(dp, dnext, &victims, dl_recall_lru)
4657                unhash_delegation(dp);
4658        nfs4_unlock_state();
4659
4660        printk(KERN_INFO "NFSD: Forgot %d delegations", count);
4661}
4662
4663void nfsd_recall_delegations(u64 num)
4664{
4665        unsigned int count;
4666        LIST_HEAD(victims);
4667        struct nfs4_delegation *dp, *dnext;
4668
4669        spin_lock(&recall_lock);
4670        count = nfsd_process_n_delegations(num, &victims);
4671        list_for_each_entry_safe(dp, dnext, &victims, dl_recall_lru) {
4672                list_del(&dp->dl_recall_lru);
4673                nfsd_break_one_deleg(dp);
4674        }
4675        spin_unlock(&recall_lock);
4676
4677        printk(KERN_INFO "NFSD: Recalled %d delegations", count);
4678}
4679
4680#endif /* CONFIG_NFSD_FAULT_INJECTION */
4681
4682/* initialization to perform at module load time: */
4683
4684void
4685nfs4_state_init(void)
4686{
4687        int i;
4688
4689        for (i = 0; i < CLIENT_HASH_SIZE; i++) {
4690                INIT_LIST_HEAD(&conf_id_hashtbl[i]);
4691                INIT_LIST_HEAD(&conf_str_hashtbl[i]);
4692                INIT_LIST_HEAD(&unconf_str_hashtbl[i]);
4693                INIT_LIST_HEAD(&unconf_id_hashtbl[i]);
4694                INIT_LIST_HEAD(&reclaim_str_hashtbl[i]);
4695        }
4696        for (i = 0; i < SESSION_HASH_SIZE; i++)
4697                INIT_LIST_HEAD(&sessionid_hashtbl[i]);
4698        for (i = 0; i < FILE_HASH_SIZE; i++) {
4699                INIT_LIST_HEAD(&file_hashtbl[i]);
4700        }
4701        for (i = 0; i < OWNER_HASH_SIZE; i++) {
4702                INIT_LIST_HEAD(&ownerstr_hashtbl[i]);
4703        }
4704        for (i = 0; i < LOCKOWNER_INO_HASH_SIZE; i++)
4705                INIT_LIST_HEAD(&lockowner_ino_hashtbl[i]);
4706        INIT_LIST_HEAD(&close_lru);
4707        INIT_LIST_HEAD(&client_lru);
4708        INIT_LIST_HEAD(&del_recall_lru);
4709        reclaim_str_hashtbl_size = 0;
4710}
4711
4712/*
4713 * Since the lifetime of a delegation isn't limited to that of an open, a
4714 * client may quite reasonably hang on to a delegation as long as it has
4715 * the inode cached.  This becomes an obvious problem the first time a
4716 * client's inode cache approaches the size of the server's total memory.
4717 *
4718 * For now we avoid this problem by imposing a hard limit on the number
4719 * of delegations, which varies according to the server's memory size.
4720 */
4721static void
4722set_max_delegations(void)
4723{
4724        /*
4725         * Allow at most 4 delegations per megabyte of RAM.  Quick
4726         * estimates suggest that in the worst case (where every delegation
4727         * is for a different inode), a delegation could take about 1.5K,
4728         * giving a worst case usage of about 6% of memory.
4729         */
4730        max_delegations = nr_free_buffer_pages() >> (20 - 2 - PAGE_SHIFT);
4731}
4732
4733/* initialization to perform when the nfsd service is started: */
4734
4735int
4736nfs4_state_start(void)
4737{
4738        struct net *net = &init_net;
4739        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
4740        int ret;
4741
4742        /*
4743         * FIXME: For now, we hang most of the pernet global stuff off of
4744         * init_net until nfsd is fully containerized. Eventually, we'll
4745         * need to pass a net pointer into this function, take a reference
4746         * to that instead and then do most of the rest of this on a per-net
4747         * basis.
4748         */
4749        get_net(net);
4750        nfsd4_client_tracking_init(net);
4751        nn->boot_time = get_seconds();
4752        locks_start_grace(net, &nn->nfsd4_manager);
4753        nn->grace_ended = false;
4754        printk(KERN_INFO "NFSD: starting %ld-second grace period\n",
4755               nfsd4_grace);
4756        ret = set_callback_cred();
4757        if (ret) {
4758                ret = -ENOMEM;
4759                goto out_recovery;
4760        }
4761        laundry_wq = create_singlethread_workqueue("nfsd4");
4762        if (laundry_wq == NULL) {
4763                ret = -ENOMEM;
4764                goto out_recovery;
4765        }
4766        ret = nfsd4_create_callback_queue();
4767        if (ret)
4768                goto out_free_laundry;
4769        queue_delayed_work(laundry_wq, &laundromat_work, nfsd4_grace * HZ);
4770        set_max_delegations();
4771        return 0;
4772out_free_laundry:
4773        destroy_workqueue(laundry_wq);
4774out_recovery:
4775        nfsd4_client_tracking_exit(net);
4776        put_net(net);
4777        return ret;
4778}
4779
4780static void
4781__nfs4_state_shutdown(void)
4782{
4783        int i;
4784        struct nfs4_client *clp = NULL;
4785        struct nfs4_delegation *dp = NULL;
4786        struct list_head *pos, *next, reaplist;
4787
4788        for (i = 0; i < CLIENT_HASH_SIZE; i++) {
4789                while (!list_empty(&conf_id_hashtbl[i])) {
4790                        clp = list_entry(conf_id_hashtbl[i].next, struct nfs4_client, cl_idhash);
4791                        destroy_client(clp);
4792                }
4793                while (!list_empty(&unconf_str_hashtbl[i])) {
4794                        clp = list_entry(unconf_str_hashtbl[i].next, struct nfs4_client, cl_strhash);
4795                        destroy_client(clp);
4796                }
4797        }
4798        INIT_LIST_HEAD(&reaplist);
4799        spin_lock(&recall_lock);
4800        list_for_each_safe(pos, next, &del_recall_lru) {
4801                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4802                list_move(&dp->dl_recall_lru, &reaplist);
4803        }
4804        spin_unlock(&recall_lock);
4805        list_for_each_safe(pos, next, &reaplist) {
4806                dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru);
4807                unhash_delegation(dp);
4808        }
4809
4810        nfsd4_client_tracking_exit(&init_net);
4811        put_net(&init_net);
4812}
4813
4814void
4815nfs4_state_shutdown(void)
4816{
4817        struct net *net = &init_net;
4818        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
4819
4820        cancel_delayed_work_sync(&laundromat_work);
4821        destroy_workqueue(laundry_wq);
4822        locks_end_grace(&nn->nfsd4_manager);
4823        nfs4_lock_state();
4824        __nfs4_state_shutdown();
4825        nfs4_unlock_state();
4826        nfsd4_destroy_callback_queue();
4827}
4828
4829static void
4830get_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
4831{
4832        if (HAS_STATE_ID(cstate, CURRENT_STATE_ID_FLAG) && CURRENT_STATEID(stateid))
4833                memcpy(stateid, &cstate->current_stateid, sizeof(stateid_t));
4834}
4835
4836static void
4837put_stateid(struct nfsd4_compound_state *cstate, stateid_t *stateid)
4838{
4839        if (cstate->minorversion) {
4840                memcpy(&cstate->current_stateid, stateid, sizeof(stateid_t));
4841                SET_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
4842        }
4843}
4844
4845void
4846clear_current_stateid(struct nfsd4_compound_state *cstate)
4847{
4848        CLEAR_STATE_ID(cstate, CURRENT_STATE_ID_FLAG);
4849}
4850
4851/*
4852 * functions to set current state id
4853 */
4854void
4855nfsd4_set_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
4856{
4857        put_stateid(cstate, &odp->od_stateid);
4858}
4859
4860void
4861nfsd4_set_openstateid(struct nfsd4_compound_state *cstate, struct nfsd4_open *open)
4862{
4863        put_stateid(cstate, &open->op_stateid);
4864}
4865
4866void
4867nfsd4_set_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
4868{
4869        put_stateid(cstate, &close->cl_stateid);
4870}
4871
4872void
4873nfsd4_set_lockstateid(struct nfsd4_compound_state *cstate, struct nfsd4_lock *lock)
4874{
4875        put_stateid(cstate, &lock->lk_resp_stateid);
4876}
4877
4878/*
4879 * functions to consume current state id
4880 */
4881
4882void
4883nfsd4_get_opendowngradestateid(struct nfsd4_compound_state *cstate, struct nfsd4_open_downgrade *odp)
4884{
4885        get_stateid(cstate, &odp->od_stateid);
4886}
4887
4888void
4889nfsd4_get_delegreturnstateid(struct nfsd4_compound_state *cstate, struct nfsd4_delegreturn *drp)
4890{
4891        get_stateid(cstate, &drp->dr_stateid);
4892}
4893
4894void
4895nfsd4_get_freestateid(struct nfsd4_compound_state *cstate, struct nfsd4_free_stateid *fsp)
4896{
4897        get_stateid(cstate, &fsp->fr_stateid);
4898}
4899
4900void
4901nfsd4_get_setattrstateid(struct nfsd4_compound_state *cstate, struct nfsd4_setattr *setattr)
4902{
4903        get_stateid(cstate, &setattr->sa_stateid);
4904}
4905
4906void
4907nfsd4_get_closestateid(struct nfsd4_compound_state *cstate, struct nfsd4_close *close)
4908{
4909        get_stateid(cstate, &close->cl_stateid);
4910}
4911
4912void
4913nfsd4_get_lockustateid(struct nfsd4_compound_state *cstate, struct nfsd4_locku *locku)
4914{
4915        get_stateid(cstate, &locku->lu_stateid);
4916}
4917
4918void
4919nfsd4_get_readstateid(struct nfsd4_compound_state *cstate, struct nfsd4_read *read)
4920{
4921        get_stateid(cstate, &read->rd_stateid);
4922}
4923
4924void
4925nfsd4_get_writestateid(struct nfsd4_compound_state *cstate, struct nfsd4_write *write)
4926{
4927        get_stateid(cstate, &write->wr_stateid);
4928}
4929
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.