1 /*
2 * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
29 /*
30 * Copyright (c) 1989, 1993
31 * The Regents of the University of California. All rights reserved.
32 *
33 * This code is derived from software contributed to Berkeley by
34 * Rick Macklem at The University of Guelph.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. All advertising materials mentioning features or use of this software
45 * must display the following acknowledgement:
46 * This product includes software developed by the University of
47 * California, Berkeley and its contributors.
48 * 4. Neither the name of the University nor the names of its contributors
49 * may be used to endorse or promote products derived from this software
50 * without specific prior written permission.
51 *
52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * SUCH DAMAGE.
63 *
64 * @(#)nfs_subs.c 8.8 (Berkeley) 5/22/95
65 * FreeBSD-Id: nfs_subs.c,v 1.47 1997/11/07 08:53:24 phk Exp $
66 */
67
68 #include <nfs/nfs_conf.h>
69 #if CONFIG_NFS
70
71 /*
72 * These functions support the macros and help fiddle mbuf chains for
73 * the nfs op functions. They do things like create the rpc header and
74 * copy data between mbuf chains and uio lists.
75 */
76 #include <sys/param.h>
77 #include <sys/proc.h>
78 #include <sys/kauth.h>
79 #include <sys/systm.h>
80 #include <sys/kernel.h>
81 #include <sys/mount_internal.h>
82 #include <sys/vnode_internal.h>
83 #include <sys/kpi_mbuf.h>
84 #include <sys/socket.h>
85 #include <sys/un.h>
86 #include <sys/stat.h>
87 #include <sys/malloc.h>
88 #include <sys/syscall.h>
89 #include <sys/ubc_internal.h>
90 #include <sys/fcntl.h>
91 #include <sys/uio.h>
92 #include <sys/domain.h>
93 #include <libkern/OSAtomic.h>
94 #include <kern/thread_call.h>
95 #include <kern/task.h>
96
97 #include <sys/vm.h>
98 #include <sys/vmparam.h>
99
100 #include <sys/time.h>
101 #include <kern/clock.h>
102
103 #include <nfs/rpcv2.h>
104 #include <nfs/nfsproto.h>
105 #include <nfs/nfs.h>
106 #include <nfs/nfsnode.h>
107 #if CONFIG_NFS_CLIENT
108 #define _NFS_XDR_SUBS_FUNCS_ /* define this to get xdrbuf function definitions */
109 #endif
110 #include <nfs/xdr_subs.h>
111 #include <nfs/nfsm_subs.h>
112 #include <nfs/nfs_gss.h>
113 #include <nfs/nfsmount.h>
114 #include <nfs/nfs_lock.h>
115
116 #include <miscfs/specfs/specdev.h>
117
118 #include <netinet/in.h>
119 #include <net/kpi_interface.h>
120
121 #include <sys/utfconv.h>
122
123 /*
124 * NFS globals
125 */
126 struct nfsclntstats __attribute__((aligned(8))) nfsclntstats;
127 struct nfsrvstats __attribute__((aligned(8))) nfsrvstats;
128 size_t nfs_mbuf_mhlen = 0, nfs_mbuf_minclsize = 0;
129
130 /* NFS debugging support */
131 uint32_t nfsclnt_debug_ctl;
132 uint32_t nfsrv_debug_ctl;
133
134 #include <libkern/libkern.h>
135 #include <stdarg.h>
136
137 void
nfs_printf(unsigned int debug_control,unsigned int facility,unsigned int level,const char * fmt,...)138 nfs_printf(unsigned int debug_control, unsigned int facility, unsigned int level, const char *fmt, ...)
139 {
140 va_list ap;
141
142 if (__NFS_IS_DBG(debug_control, facility, level)) {
143 va_start(ap, fmt);
144 vprintf(fmt, ap);
145 va_end(ap);
146 }
147 }
148
149
150 #define DISPLAYLEN 16
151
152 static bool
isprint(int ch)153 isprint(int ch)
154 {
155 return ch >= 0x20 && ch <= 0x7e;
156 }
157
158 static void
hexdump(void * data,size_t len)159 hexdump(void *data, size_t len)
160 {
161 size_t i, j;
162 unsigned char *d = data;
163 char *p, disbuf[3 * DISPLAYLEN + 1];
164
165 for (i = 0; i < len; i += DISPLAYLEN) {
166 for (p = disbuf, j = 0; (j + i) < len && j < DISPLAYLEN; j++, p += 3) {
167 snprintf(p, 4, "%2.2x ", d[i + j]);
168 }
169 for (; j < DISPLAYLEN; j++, p += 3) {
170 snprintf(p, 4, " ");
171 }
172 printf("%s ", disbuf);
173 for (p = disbuf, j = 0; (j + i) < len && j < DISPLAYLEN; j++, p++) {
174 snprintf(p, 2, "%c", isprint(d[i + j]) ? d[i + j] : '.');
175 }
176 printf("%s\n", disbuf);
177 }
178 }
179
180 void
nfs_dump_mbuf(const char * func,int lineno,const char * msg,mbuf_t mb)181 nfs_dump_mbuf(const char *func, int lineno, const char *msg, mbuf_t mb)
182 {
183 mbuf_t m;
184
185 printf("%s:%d %s\n", func, lineno, msg);
186 for (m = mb; m; m = mbuf_next(m)) {
187 hexdump(mbuf_data(m), mbuf_len(m));
188 }
189 }
190
191 int
nfs_maperr(const char * func,int error)192 nfs_maperr(const char *func, int error)
193 {
194 if (error < NFSERR_BADHANDLE || error > NFSERR_DIRBUFDROPPED) {
195 return error;
196 }
197 switch (error) {
198 case NFSERR_BADOWNER:
199 printf("%s: No name and/or group mapping err=%d\n", func, error);
200 return EPERM;
201 case NFSERR_BADNAME:
202 case NFSERR_BADCHAR:
203 printf("%s: nfs char/name not handled by server err=%d\n", func, error);
204 return ENOENT;
205 case NFSERR_STALE_CLIENTID:
206 case NFSERR_STALE_STATEID:
207 case NFSERR_EXPIRED:
208 case NFSERR_BAD_STATEID:
209 printf("%s: nfs recover err returned %d\n", func, error);
210 return EIO;
211 case NFSERR_BADHANDLE:
212 case NFSERR_SERVERFAULT:
213 case NFSERR_BADTYPE:
214 case NFSERR_FHEXPIRED:
215 case NFSERR_RESOURCE:
216 case NFSERR_MOVED:
217 case NFSERR_NOFILEHANDLE:
218 case NFSERR_MINOR_VERS_MISMATCH:
219 case NFSERR_OLD_STATEID:
220 case NFSERR_BAD_SEQID:
221 case NFSERR_LEASE_MOVED:
222 case NFSERR_RECLAIM_BAD:
223 case NFSERR_BADXDR:
224 case NFSERR_OP_ILLEGAL:
225 printf("%s: nfs client/server protocol prob err=%d\n", func, error);
226 return EIO;
227 default:
228 printf("%s: nfs err=%d\n", func, error);
229 return EIO;
230 }
231 }
232
233 /*
234 * functions to convert between NFS and VFS types
235 */
236 nfstype
vtonfs_type(enum vtype vtype,int nfsvers)237 vtonfs_type(enum vtype vtype, int nfsvers)
238 {
239 switch (vtype) {
240 case VNON:
241 return NFNON;
242 case VREG:
243 return NFREG;
244 case VDIR:
245 return NFDIR;
246 case VBLK:
247 return NFBLK;
248 case VCHR:
249 return NFCHR;
250 case VLNK:
251 return NFLNK;
252 case VSOCK:
253 if (nfsvers > NFS_VER2) {
254 return NFSOCK;
255 }
256 return NFNON;
257 case VFIFO:
258 if (nfsvers > NFS_VER2) {
259 return NFFIFO;
260 }
261 return NFNON;
262 case VBAD:
263 case VSTR:
264 case VCPLX:
265 default:
266 return NFNON;
267 }
268 }
269
270 enum vtype
nfstov_type(nfstype nvtype,int nfsvers)271 nfstov_type(nfstype nvtype, int nfsvers)
272 {
273 switch (nvtype) {
274 case NFNON:
275 return VNON;
276 case NFREG:
277 return VREG;
278 case NFDIR:
279 return VDIR;
280 case NFBLK:
281 return VBLK;
282 case NFCHR:
283 return VCHR;
284 case NFLNK:
285 return VLNK;
286 case NFSOCK:
287 if (nfsvers > NFS_VER2) {
288 return VSOCK;
289 }
290 OS_FALLTHROUGH;
291 case NFFIFO:
292 if (nfsvers > NFS_VER2) {
293 return VFIFO;
294 }
295 OS_FALLTHROUGH;
296 case NFATTRDIR:
297 if (nfsvers > NFS_VER3) {
298 return VDIR;
299 }
300 OS_FALLTHROUGH;
301 case NFNAMEDATTR:
302 if (nfsvers > NFS_VER3) {
303 return VREG;
304 }
305 OS_FALLTHROUGH;
306 default:
307 return VNON;
308 }
309 }
310
311 int
vtonfsv2_mode(enum vtype vtype,mode_t m)312 vtonfsv2_mode(enum vtype vtype, mode_t m)
313 {
314 switch (vtype) {
315 case VNON:
316 case VREG:
317 case VDIR:
318 case VBLK:
319 case VCHR:
320 case VLNK:
321 case VSOCK:
322 return MAKEIMODE(vtype, m);
323 case VFIFO:
324 return MAKEIMODE(VCHR, m);
325 case VBAD:
326 case VSTR:
327 case VCPLX:
328 default:
329 return MAKEIMODE(VNON, m);
330 }
331 }
332
333 #if CONFIG_NFS_SERVER
334
335 /*
336 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
337 */
338 int nfsv3_procid[NFS_NPROCS] = {
339 NFSPROC_NULL,
340 NFSPROC_GETATTR,
341 NFSPROC_SETATTR,
342 NFSPROC_NOOP,
343 NFSPROC_LOOKUP,
344 NFSPROC_READLINK,
345 NFSPROC_READ,
346 NFSPROC_NOOP,
347 NFSPROC_WRITE,
348 NFSPROC_CREATE,
349 NFSPROC_REMOVE,
350 NFSPROC_RENAME,
351 NFSPROC_LINK,
352 NFSPROC_SYMLINK,
353 NFSPROC_MKDIR,
354 NFSPROC_RMDIR,
355 NFSPROC_READDIR,
356 NFSPROC_FSSTAT,
357 NFSPROC_NOOP,
358 NFSPROC_NOOP,
359 NFSPROC_NOOP,
360 NFSPROC_NOOP,
361 NFSPROC_NOOP
362 };
363
364 #endif /* CONFIG_NFS_SERVER */
365
366 /*
367 * and the reverse mapping from generic to Version 2 procedure numbers
368 */
369 int nfsv2_procid[NFS_NPROCS] = {
370 NFSV2PROC_NULL,
371 NFSV2PROC_GETATTR,
372 NFSV2PROC_SETATTR,
373 NFSV2PROC_LOOKUP,
374 NFSV2PROC_NOOP,
375 NFSV2PROC_READLINK,
376 NFSV2PROC_READ,
377 NFSV2PROC_WRITE,
378 NFSV2PROC_CREATE,
379 NFSV2PROC_MKDIR,
380 NFSV2PROC_SYMLINK,
381 NFSV2PROC_CREATE,
382 NFSV2PROC_REMOVE,
383 NFSV2PROC_RMDIR,
384 NFSV2PROC_RENAME,
385 NFSV2PROC_LINK,
386 NFSV2PROC_READDIR,
387 NFSV2PROC_NOOP,
388 NFSV2PROC_STATFS,
389 NFSV2PROC_NOOP,
390 NFSV2PROC_NOOP,
391 NFSV2PROC_NOOP,
392 NFSV2PROC_NOOP
393 };
394
395
396 /*
397 * initialize NFS's cache of mbuf constants
398 */
399 void
nfs_mbuf_init(void)400 nfs_mbuf_init(void)
401 {
402 struct mbuf_stat ms;
403
404 mbuf_stats(&ms);
405 nfs_mbuf_mhlen = ms.mhlen;
406 nfs_mbuf_minclsize = ms.minclsize;
407 }
408
409 #if CONFIG_NFS_SERVER
410
411 static void
nfs_netopt_free(struct nfs_netopt * no)412 nfs_netopt_free(struct nfs_netopt *no)
413 {
414 if (no->no_addr) {
415 kfree_data(no->no_addr, no->no_addr->sa_len);
416 }
417 if (no->no_mask) {
418 kfree_data(no->no_mask, no->no_mask->sa_len);
419 }
420
421 kfree_type(struct nfs_netopt, no);
422 }
423
424 /*
425 * allocate a list of mbufs to hold the given amount of data
426 */
427 int
nfsm_mbuf_get_list(size_t size,mbuf_t * mp,int * mbcnt)428 nfsm_mbuf_get_list(size_t size, mbuf_t *mp, int *mbcnt)
429 {
430 int error, cnt;
431 mbuf_t mhead, mlast, m;
432 size_t len, mlen;
433
434 error = cnt = 0;
435 mhead = mlast = NULL;
436 len = 0;
437
438 while (len < size) {
439 nfsm_mbuf_getcluster(error, &m, (size - len));
440 if (error) {
441 break;
442 }
443 if (!mhead) {
444 mhead = m;
445 }
446 if (mlast && ((error = mbuf_setnext(mlast, m)))) {
447 mbuf_free(m);
448 break;
449 }
450 mlen = mbuf_maxlen(m);
451 if ((len + mlen) > size) {
452 mlen = size - len;
453 }
454 mbuf_setlen(m, mlen);
455 len += mlen;
456 cnt++;
457 mlast = m;
458 }
459
460 if (!error) {
461 *mp = mhead;
462 *mbcnt = cnt;
463 }
464 return error;
465 }
466
467 #endif /* CONFIG_NFS_SERVER */
468
469 /*
470 * nfsm_chain_new_mbuf()
471 *
472 * Add a new mbuf to the given chain.
473 */
474 int
nfsm_chain_new_mbuf(struct nfsm_chain * nmc,size_t sizehint)475 nfsm_chain_new_mbuf(struct nfsm_chain *nmc, size_t sizehint)
476 {
477 mbuf_t mb;
478 int error = 0;
479
480 if (nmc->nmc_flags & NFSM_CHAIN_FLAG_ADD_CLUSTERS) {
481 sizehint = nfs_mbuf_minclsize;
482 }
483
484 /* allocate a new mbuf */
485 nfsm_mbuf_getcluster(error, &mb, sizehint);
486 if (error) {
487 return error;
488 }
489 if (mb == NULL) {
490 panic("got NULL mbuf?");
491 }
492
493 /* do we have a current mbuf? */
494 if (nmc->nmc_mcur) {
495 /* first cap off current mbuf */
496 mbuf_setlen(nmc->nmc_mcur, nmc->nmc_ptr - (caddr_t)mbuf_data(nmc->nmc_mcur));
497 /* then append the new mbuf */
498 error = mbuf_setnext(nmc->nmc_mcur, mb);
499 if (error) {
500 mbuf_free(mb);
501 return error;
502 }
503 }
504
505 /* set up for using the new mbuf */
506 nmc->nmc_mcur = mb;
507 nmc->nmc_ptr = mbuf_data(mb);
508 nmc->nmc_left = mbuf_trailingspace(mb);
509
510 return 0;
511 }
512
513 /*
514 * nfsm_chain_add_opaque_f()
515 *
516 * Add "len" bytes of opaque data pointed to by "buf" to the given chain.
517 */
518 int
nfsm_chain_add_opaque_f(struct nfsm_chain * nmc,const u_char * buf,size_t len)519 nfsm_chain_add_opaque_f(struct nfsm_chain *nmc, const u_char *buf, size_t len)
520 {
521 size_t paddedlen, tlen;
522 int error;
523
524 paddedlen = nfsm_rndup(len);
525
526 while (paddedlen) {
527 if (!nmc->nmc_left) {
528 error = nfsm_chain_new_mbuf(nmc, paddedlen);
529 if (error) {
530 return error;
531 }
532 }
533 tlen = MIN(nmc->nmc_left, paddedlen);
534 if (tlen) {
535 if (len) {
536 if (tlen > len) {
537 tlen = len;
538 }
539 bcopy(buf, nmc->nmc_ptr, tlen);
540 } else {
541 bzero(nmc->nmc_ptr, tlen);
542 }
543 nmc->nmc_ptr += tlen;
544 nmc->nmc_left -= tlen;
545 paddedlen -= tlen;
546 if (len) {
547 buf += tlen;
548 len -= tlen;
549 }
550 }
551 }
552 return 0;
553 }
554
555 /*
556 * nfsm_chain_add_opaque_nopad_f()
557 *
558 * Add "len" bytes of opaque data pointed to by "buf" to the given chain.
559 * Do not XDR pad.
560 */
561 int
nfsm_chain_add_opaque_nopad_f(struct nfsm_chain * nmc,const u_char * buf,size_t len)562 nfsm_chain_add_opaque_nopad_f(struct nfsm_chain *nmc, const u_char *buf, size_t len)
563 {
564 size_t tlen;
565 int error;
566
567 while (len > 0) {
568 if (nmc->nmc_left <= 0) {
569 error = nfsm_chain_new_mbuf(nmc, len);
570 if (error) {
571 return error;
572 }
573 }
574 tlen = MIN(nmc->nmc_left, len);
575 bcopy(buf, nmc->nmc_ptr, tlen);
576 nmc->nmc_ptr += tlen;
577 nmc->nmc_left -= tlen;
578 len -= tlen;
579 buf += tlen;
580 }
581 return 0;
582 }
583
584 /*
585 * nfsm_chain_add_uio()
586 *
587 * Add "len" bytes of data from "uio" to the given chain.
588 */
589 int
nfsm_chain_add_uio(struct nfsm_chain * nmc,uio_t uio,size_t len)590 nfsm_chain_add_uio(struct nfsm_chain *nmc, uio_t uio, size_t len)
591 {
592 size_t paddedlen, tlen;
593 int error;
594
595 paddedlen = nfsm_rndup(len);
596
597 while (paddedlen) {
598 if (!nmc->nmc_left) {
599 error = nfsm_chain_new_mbuf(nmc, paddedlen);
600 if (error) {
601 return error;
602 }
603 }
604 tlen = MIN(nmc->nmc_left, paddedlen);
605 if (tlen) {
606 if (len) {
607 tlen = MIN(INT32_MAX, MIN(tlen, len));
608 uiomove(nmc->nmc_ptr, (int)tlen, uio);
609 } else {
610 bzero(nmc->nmc_ptr, tlen);
611 }
612 nmc->nmc_ptr += tlen;
613 nmc->nmc_left -= tlen;
614 paddedlen -= tlen;
615 if (len) {
616 len -= tlen;
617 }
618 }
619 }
620 return 0;
621 }
622
623 /*
624 * Find the length of the NFS mbuf chain
625 * up to the current encoding/decoding offset.
626 */
627 size_t
nfsm_chain_offset(struct nfsm_chain * nmc)628 nfsm_chain_offset(struct nfsm_chain *nmc)
629 {
630 mbuf_t mb;
631 size_t len = 0;
632
633 for (mb = nmc->nmc_mhead; mb; mb = mbuf_next(mb)) {
634 if (mb == nmc->nmc_mcur) {
635 return len + (nmc->nmc_ptr - (caddr_t) mbuf_data(mb));
636 }
637 len += mbuf_len(mb);
638 }
639
640 return len;
641 }
642
643 /*
644 * nfsm_chain_advance()
645 *
646 * Advance an nfsm_chain by "len" bytes.
647 */
648 int
nfsm_chain_advance(struct nfsm_chain * nmc,size_t len)649 nfsm_chain_advance(struct nfsm_chain *nmc, size_t len)
650 {
651 mbuf_t mb;
652
653 while (len) {
654 if (nmc->nmc_left >= len) {
655 nmc->nmc_left -= len;
656 nmc->nmc_ptr += len;
657 return 0;
658 }
659 len -= nmc->nmc_left;
660 nmc->nmc_mcur = mb = mbuf_next(nmc->nmc_mcur);
661 if (!mb) {
662 return EBADRPC;
663 }
664 nmc->nmc_ptr = mbuf_data(mb);
665 nmc->nmc_left = mbuf_len(mb);
666 }
667
668 return 0;
669 }
670
671 /*
672 * nfsm_chain_reverse()
673 *
674 * Reverse decode offset in an nfsm_chain by "len" bytes.
675 */
676 int
nfsm_chain_reverse(struct nfsm_chain * nmc,size_t len)677 nfsm_chain_reverse(struct nfsm_chain *nmc, size_t len)
678 {
679 size_t mlen, new_offset;
680 int error = 0;
681
682 mlen = nmc->nmc_ptr - (caddr_t) mbuf_data(nmc->nmc_mcur);
683 if (len <= mlen) {
684 nmc->nmc_ptr -= len;
685 nmc->nmc_left += len;
686 return 0;
687 }
688
689 new_offset = nfsm_chain_offset(nmc) - len;
690 nfsm_chain_dissect_init(error, nmc, nmc->nmc_mhead);
691 if (error) {
692 return error;
693 }
694
695 return nfsm_chain_advance(nmc, new_offset);
696 }
697
698 /*
699 * nfsm_chain_get_opaque_pointer_f()
700 *
701 * Return a pointer to the next "len" bytes of contiguous data in
702 * the mbuf chain. If the next "len" bytes are not contiguous, we
703 * try to manipulate the mbuf chain so that it is.
704 *
705 * The nfsm_chain is advanced by nfsm_rndup("len") bytes.
706 */
707 int
nfsm_chain_get_opaque_pointer_f(struct nfsm_chain * nmc,uint32_t len,u_char ** pptr)708 nfsm_chain_get_opaque_pointer_f(struct nfsm_chain *nmc, uint32_t len, u_char **pptr)
709 {
710 mbuf_t mbcur, mb;
711 uint32_t padlen;
712 size_t mblen, cplen, need, left;
713 u_char *ptr;
714 int error = 0;
715
716 /* move to next mbuf with data */
717 while (nmc->nmc_mcur && (nmc->nmc_left == 0)) {
718 mb = mbuf_next(nmc->nmc_mcur);
719 nmc->nmc_mcur = mb;
720 if (!mb) {
721 break;
722 }
723 nmc->nmc_ptr = mbuf_data(mb);
724 nmc->nmc_left = mbuf_len(mb);
725 }
726 /* check if we've run out of data */
727 if (!nmc->nmc_mcur) {
728 return EBADRPC;
729 }
730
731 /* do we already have a contiguous buffer? */
732 if (nmc->nmc_left >= len) {
733 /* the returned pointer will be the current pointer */
734 *pptr = (u_char*)nmc->nmc_ptr;
735 error = nfsm_chain_advance(nmc, nfsm_rndup(len));
736 return error;
737 }
738
739 padlen = nfsm_rndup(len) - len;
740
741 /* we need (len - left) more bytes */
742 mbcur = nmc->nmc_mcur;
743 left = nmc->nmc_left;
744 need = len - left;
745
746 if (need > mbuf_trailingspace(mbcur)) {
747 /*
748 * The needed bytes won't fit in the current mbuf so we'll
749 * allocate a new mbuf to hold the contiguous range of data.
750 */
751 nfsm_mbuf_getcluster(error, &mb, len);
752 if (error) {
753 return error;
754 }
755 /* double check that this mbuf can hold all the data */
756 if (mbuf_maxlen(mb) < len) {
757 mbuf_free(mb);
758 return EOVERFLOW;
759 }
760
761 /* the returned pointer will be the new mbuf's data pointer */
762 *pptr = ptr = mbuf_data(mb);
763
764 /* copy "left" bytes to the new mbuf */
765 bcopy(nmc->nmc_ptr, ptr, left);
766 ptr += left;
767 mbuf_setlen(mb, left);
768
769 /* insert the new mbuf between the current and next mbufs */
770 error = mbuf_setnext(mb, mbuf_next(mbcur));
771 if (!error) {
772 error = mbuf_setnext(mbcur, mb);
773 }
774 if (error) {
775 mbuf_free(mb);
776 return error;
777 }
778
779 /* reduce current mbuf's length by "left" */
780 mbuf_setlen(mbcur, mbuf_len(mbcur) - left);
781
782 /*
783 * update nmc's state to point at the end of the mbuf
784 * where the needed data will be copied to.
785 */
786 nmc->nmc_mcur = mbcur = mb;
787 nmc->nmc_left = 0;
788 nmc->nmc_ptr = (caddr_t)ptr;
789 } else {
790 /* The rest of the data will fit in this mbuf. */
791
792 /* the returned pointer will be the current pointer */
793 *pptr = (u_char*)nmc->nmc_ptr;
794
795 /*
796 * update nmc's state to point at the end of the mbuf
797 * where the needed data will be copied to.
798 */
799 nmc->nmc_ptr += left;
800 nmc->nmc_left = 0;
801 }
802
803 /*
804 * move the next "need" bytes into the current
805 * mbuf from the mbufs that follow
806 */
807
808 /* extend current mbuf length */
809 mbuf_setlen(mbcur, mbuf_len(mbcur) + need);
810
811 /* mb follows mbufs we're copying/compacting data from */
812 mb = mbuf_next(mbcur);
813
814 while (need && mb) {
815 /* copy as much as we need/can */
816 ptr = mbuf_data(mb);
817 mblen = mbuf_len(mb);
818 cplen = MIN(mblen, need);
819 if (cplen) {
820 bcopy(ptr, nmc->nmc_ptr, cplen);
821 /*
822 * update the mbuf's pointer and length to reflect that
823 * the data was shifted to an earlier mbuf in the chain
824 */
825 error = mbuf_setdata(mb, ptr + cplen, mblen - cplen);
826 if (error) {
827 mbuf_setlen(mbcur, mbuf_len(mbcur) - need);
828 return error;
829 }
830 /* update pointer/need */
831 nmc->nmc_ptr += cplen;
832 need -= cplen;
833 }
834 /* if more needed, go to next mbuf */
835 if (need) {
836 mb = mbuf_next(mb);
837 }
838 }
839
840 /* did we run out of data in the mbuf chain? */
841 if (need) {
842 mbuf_setlen(mbcur, mbuf_len(mbcur) - need);
843 return EBADRPC;
844 }
845
846 /*
847 * update nmc's state to point after this contiguous data
848 *
849 * "mb" points to the last mbuf we copied data from so we
850 * just set nmc to point at whatever remains in that mbuf.
851 */
852 nmc->nmc_mcur = mb;
853 nmc->nmc_ptr = mbuf_data(mb);
854 nmc->nmc_left = mbuf_len(mb);
855
856 /* move past any padding */
857 if (padlen) {
858 error = nfsm_chain_advance(nmc, padlen);
859 }
860
861 return error;
862 }
863
864 /*
865 * nfsm_chain_get_opaque_f()
866 *
867 * Read the next "len" bytes in the chain into "buf".
868 * The nfsm_chain is advanced by nfsm_rndup("len") bytes.
869 */
870 int
nfsm_chain_get_opaque_f(struct nfsm_chain * nmc,size_t len,u_char * buf)871 nfsm_chain_get_opaque_f(struct nfsm_chain *nmc, size_t len, u_char *buf)
872 {
873 size_t cplen, padlen;
874 int error = 0;
875
876 padlen = nfsm_rndup(len) - len;
877
878 /* loop through mbufs copying all the data we need */
879 while (len && nmc->nmc_mcur) {
880 /* copy as much as we need/can */
881 cplen = MIN(nmc->nmc_left, len);
882 if (cplen) {
883 bcopy(nmc->nmc_ptr, buf, cplen);
884 nmc->nmc_ptr += cplen;
885 nmc->nmc_left -= cplen;
886 buf += cplen;
887 len -= cplen;
888 }
889 /* if more needed, go to next mbuf */
890 if (len) {
891 mbuf_t mb = mbuf_next(nmc->nmc_mcur);
892 nmc->nmc_mcur = mb;
893 nmc->nmc_ptr = mb ? mbuf_data(mb) : NULL;
894 nmc->nmc_left = mb ? mbuf_len(mb) : 0;
895 }
896 }
897
898 /* did we run out of data in the mbuf chain? */
899 if (len) {
900 return EBADRPC;
901 }
902
903 if (padlen) {
904 nfsm_chain_adv(error, nmc, padlen);
905 }
906
907 return error;
908 }
909
910 /*
911 * nfsm_chain_get_uio()
912 *
913 * Read the next "len" bytes in the chain into the given uio.
914 * The nfsm_chain is advanced by nfsm_rndup("len") bytes.
915 */
916 int
nfsm_chain_get_uio(struct nfsm_chain * nmc,size_t len,uio_t uio)917 nfsm_chain_get_uio(struct nfsm_chain *nmc, size_t len, uio_t uio)
918 {
919 size_t cplen, padlen;
920 int error = 0;
921
922 padlen = nfsm_rndup(len) - len;
923
924 /* loop through mbufs copying all the data we need */
925 while (len && nmc->nmc_mcur) {
926 /* copy as much as we need/can */
927 cplen = MIN(nmc->nmc_left, len);
928 if (cplen) {
929 cplen = MIN(cplen, INT32_MAX);
930 error = uiomove(nmc->nmc_ptr, (int)cplen, uio);
931 if (error) {
932 return error;
933 }
934 nmc->nmc_ptr += cplen;
935 nmc->nmc_left -= cplen;
936 len -= cplen;
937 }
938 /* if more needed, go to next mbuf */
939 if (len) {
940 mbuf_t mb = mbuf_next(nmc->nmc_mcur);
941 nmc->nmc_mcur = mb;
942 nmc->nmc_ptr = mb ? mbuf_data(mb) : NULL;
943 nmc->nmc_left = mb ? mbuf_len(mb) : 0;
944 }
945 }
946
947 /* did we run out of data in the mbuf chain? */
948 if (len) {
949 return EBADRPC;
950 }
951
952 if (padlen) {
953 nfsm_chain_adv(error, nmc, padlen);
954 }
955
956 return error;
957 }
958
959 #if CONFIG_NFS_CLIENT
960
961 int
nfsm_chain_add_string_nfc(struct nfsm_chain * nmc,const uint8_t * s,size_t slen)962 nfsm_chain_add_string_nfc(struct nfsm_chain *nmc, const uint8_t *s, size_t slen)
963 {
964 uint8_t smallbuf[64];
965 uint8_t *nfcname = smallbuf;
966 size_t buflen = sizeof(smallbuf), nfclen;
967 int error;
968
969 error = utf8_normalizestr(s, slen, nfcname, &nfclen, buflen, UTF_PRECOMPOSED | UTF_NO_NULL_TERM);
970 if (error == ENAMETOOLONG) {
971 buflen = MAXPATHLEN;
972 nfcname = zalloc(ZV_NAMEI);
973 error = utf8_normalizestr(s, slen, nfcname, &nfclen, buflen, UTF_PRECOMPOSED | UTF_NO_NULL_TERM);
974 }
975
976 /* if we got an error, just use the original string */
977 if (error) {
978 nfsm_chain_add_string(error, nmc, s, slen);
979 } else {
980 nfsm_chain_add_string(error, nmc, nfcname, nfclen);
981 }
982
983 if (nfcname && (nfcname != smallbuf)) {
984 NFS_ZFREE(ZV_NAMEI, nfcname);
985 }
986 return error;
987 }
988
989 /*
990 * Add a verifier that can reasonably be expected to be unique.
991 */
992 int
nfsm_chaim_add_exclusive_create_verifier(int error,struct nfsm_chain * nmreq,struct nfsmount * nmp)993 nfsm_chaim_add_exclusive_create_verifier(int error, struct nfsm_chain *nmreq, struct nfsmount *nmp)
994 {
995 uint32_t val;
996 uint64_t xid;
997 struct sockaddr ss;
998
999 nfs_get_xid(&xid);
1000 val = (uint32_t)(xid >> 32);
1001
1002 if (nmp->nm_nso && !sock_getsockname(nmp->nm_nso->nso_so, (struct sockaddr*)&ss, sizeof(ss))) {
1003 if (nmp->nm_saddr->sa_family == AF_INET) {
1004 val = ((struct sockaddr_in*)&ss)->sin_addr.s_addr;
1005 } else if (nmp->nm_saddr->sa_family == AF_INET6) {
1006 val = ((struct sockaddr_in6*)&ss)->sin6_addr.__u6_addr.__u6_addr32[3];
1007 }
1008 }
1009
1010 nfsm_chain_add_32(error, nmreq, val);
1011 nfsm_chain_add_32(error, nmreq, (uint32_t)xid);
1012
1013 return error;
1014 }
1015
1016 /*
1017 * Add an NFSv2 "sattr" structure to an mbuf chain
1018 */
1019 int
nfsm_chain_add_v2sattr_f(struct nfsm_chain * nmc,struct vnode_attr * vap,uint32_t szrdev)1020 nfsm_chain_add_v2sattr_f(struct nfsm_chain *nmc, struct vnode_attr *vap, uint32_t szrdev)
1021 {
1022 int error = 0;
1023
1024 nfsm_chain_add_32(error, nmc, vtonfsv2_mode(vap->va_type,
1025 (VATTR_IS_ACTIVE(vap, va_mode) ? vap->va_mode : 0600)));
1026 nfsm_chain_add_32(error, nmc,
1027 VATTR_IS_ACTIVE(vap, va_uid) ? vap->va_uid : (uint32_t)-1);
1028 nfsm_chain_add_32(error, nmc,
1029 VATTR_IS_ACTIVE(vap, va_gid) ? vap->va_gid : (uint32_t)-1);
1030 nfsm_chain_add_32(error, nmc, szrdev);
1031 nfsm_chain_add_v2time(error, nmc,
1032 VATTR_IS_ACTIVE(vap, va_access_time) ?
1033 &vap->va_access_time : NULL);
1034 nfsm_chain_add_v2time(error, nmc,
1035 VATTR_IS_ACTIVE(vap, va_modify_time) ?
1036 &vap->va_modify_time : NULL);
1037
1038 return error;
1039 }
1040
1041 /*
1042 * Add an NFSv3 "sattr" structure to an mbuf chain
1043 */
1044 int
nfsm_chain_add_v3sattr_f(__unused struct nfsmount * nmp,struct nfsm_chain * nmc,struct vnode_attr * vap)1045 nfsm_chain_add_v3sattr_f(
1046 __unused struct nfsmount *nmp,
1047 struct nfsm_chain *nmc,
1048 struct vnode_attr *vap)
1049 {
1050 int error = 0;
1051
1052 if (VATTR_IS_ACTIVE(vap, va_mode)) {
1053 nfsm_chain_add_32(error, nmc, TRUE);
1054 nfsm_chain_add_32(error, nmc, vap->va_mode);
1055 } else {
1056 nfsm_chain_add_32(error, nmc, FALSE);
1057 }
1058 if (VATTR_IS_ACTIVE(vap, va_uid)) {
1059 nfsm_chain_add_32(error, nmc, TRUE);
1060 nfsm_chain_add_32(error, nmc, vap->va_uid);
1061 } else {
1062 nfsm_chain_add_32(error, nmc, FALSE);
1063 }
1064 if (VATTR_IS_ACTIVE(vap, va_gid)) {
1065 nfsm_chain_add_32(error, nmc, TRUE);
1066 nfsm_chain_add_32(error, nmc, vap->va_gid);
1067 } else {
1068 nfsm_chain_add_32(error, nmc, FALSE);
1069 }
1070 if (VATTR_IS_ACTIVE(vap, va_data_size)) {
1071 nfsm_chain_add_32(error, nmc, TRUE);
1072 nfsm_chain_add_64(error, nmc, vap->va_data_size);
1073 } else {
1074 nfsm_chain_add_32(error, nmc, FALSE);
1075 }
1076 if (vap->va_vaflags & VA_UTIMES_NULL) {
1077 nfsm_chain_add_32(error, nmc, NFS_TIME_SET_TO_SERVER);
1078 nfsm_chain_add_32(error, nmc, NFS_TIME_SET_TO_SERVER);
1079 } else {
1080 if (VATTR_IS_ACTIVE(vap, va_access_time)) {
1081 nfsm_chain_add_32(error, nmc, NFS_TIME_SET_TO_CLIENT);
1082 nfsm_chain_add_32(error, nmc, vap->va_access_time.tv_sec);
1083 nfsm_chain_add_32(error, nmc, vap->va_access_time.tv_nsec);
1084 } else {
1085 nfsm_chain_add_32(error, nmc, NFS_TIME_DONT_CHANGE);
1086 }
1087 if (VATTR_IS_ACTIVE(vap, va_modify_time)) {
1088 nfsm_chain_add_32(error, nmc, NFS_TIME_SET_TO_CLIENT);
1089 nfsm_chain_add_32(error, nmc, vap->va_modify_time.tv_sec);
1090 nfsm_chain_add_32(error, nmc, vap->va_modify_time.tv_nsec);
1091 } else {
1092 nfsm_chain_add_32(error, nmc, NFS_TIME_DONT_CHANGE);
1093 }
1094 }
1095
1096
1097 return error;
1098 }
1099
1100
1101 /*
1102 * nfsm_chain_get_fh_attr()
1103 *
1104 * Get the file handle and attributes from an mbuf chain. (NFSv2/v3)
1105 */
1106 int
nfsm_chain_get_fh_attr(struct nfsmount * nmp,struct nfsm_chain * nmc,nfsnode_t dnp,vfs_context_t ctx,int nfsvers,uint64_t * xidp,fhandle_t * fhp,struct nfs_vattr * nvap)1107 nfsm_chain_get_fh_attr(
1108 struct nfsmount *nmp,
1109 struct nfsm_chain *nmc,
1110 nfsnode_t dnp,
1111 vfs_context_t ctx,
1112 int nfsvers,
1113 uint64_t *xidp,
1114 fhandle_t *fhp,
1115 struct nfs_vattr *nvap)
1116 {
1117 int error = 0, gotfh, gotattr;
1118
1119 gotfh = gotattr = 1;
1120
1121 if (nfsvers == NFS_VER3) { /* check for file handle */
1122 nfsm_chain_get_32(error, nmc, gotfh);
1123 }
1124 if (!error && gotfh) { /* get file handle */
1125 nfsm_chain_get_fh(error, nmc, nfsvers, fhp);
1126 } else {
1127 fhp->fh_len = 0;
1128 }
1129 if (nfsvers == NFS_VER3) { /* check for file attributes */
1130 nfsm_chain_get_32(error, nmc, gotattr);
1131 }
1132 nfsmout_if(error);
1133 if (gotattr) {
1134 if (!gotfh) { /* skip attributes */
1135 nfsm_chain_adv(error, nmc, NFSX_V3FATTR);
1136 } else { /* get attributes */
1137 error = nfs_parsefattr(nmp, nmc, nfsvers, nvap);
1138 }
1139 } else if (gotfh) {
1140 /* we need valid attributes in order to call nfs_nget() */
1141 if (nfs3_getattr_rpc(NULL, NFSTOMP(dnp), fhp->fh_data, fhp->fh_len, 0, ctx, nvap, xidp)) {
1142 gotattr = 0;
1143 fhp->fh_len = 0;
1144 }
1145 }
1146 nfsmout:
1147 return error;
1148 }
1149
1150 /*
1151 * Get and process NFSv3 WCC data from an mbuf chain
1152 */
1153 int
nfsm_chain_get_wcc_data_f(struct nfsm_chain * nmc,nfsnode_t np,struct timespec * premtime,int * newpostattr,u_int64_t * xidp)1154 nfsm_chain_get_wcc_data_f(
1155 struct nfsm_chain *nmc,
1156 nfsnode_t np,
1157 struct timespec *premtime,
1158 int *newpostattr,
1159 u_int64_t *xidp)
1160 {
1161 int error = 0;
1162 uint32_t flag = 0;
1163
1164 nfsm_chain_get_32(error, nmc, flag);
1165 if (!error && flag) {
1166 nfsm_chain_adv(error, nmc, 2 * NFSX_UNSIGNED);
1167 nfsm_chain_get_32(error, nmc, premtime->tv_sec);
1168 nfsm_chain_get_32(error, nmc, premtime->tv_nsec);
1169 nfsm_chain_adv(error, nmc, 2 * NFSX_UNSIGNED);
1170 } else {
1171 premtime->tv_sec = 0;
1172 premtime->tv_nsec = 0;
1173 }
1174 nfsm_chain_postop_attr_update_flag(error, nmc, np, *newpostattr, xidp);
1175
1176 return error;
1177 }
1178
1179 /*
1180 * Get the next RPC transaction ID (XID)
1181 */
1182 void
nfs_get_xid(uint64_t * xidp)1183 nfs_get_xid(uint64_t *xidp)
1184 {
1185 struct timeval tv;
1186
1187 lck_mtx_lock(&nfs_request_mutex);
1188 if (!nfs_xid) {
1189 /*
1190 * Derive initial xid from system time.
1191 *
1192 * Note: it's OK if this code inits nfs_xid to 0 (for example,
1193 * due to a broken clock) because we immediately increment it
1194 * and we guarantee to never use xid 0. So, nfs_xid should only
1195 * ever be 0 the first time this function is called.
1196 */
1197 microtime(&tv);
1198 nfs_xid = tv.tv_sec << 12;
1199 }
1200 if (++nfs_xid == 0) {
1201 /* Skip zero xid if it should ever happen. */
1202 nfs_xidwrap++;
1203 nfs_xid++;
1204 }
1205 *xidp = nfs_xid + (nfs_xidwrap << 32);
1206 lck_mtx_unlock(&nfs_request_mutex);
1207 }
1208
1209 /*
1210 * Build the RPC header and fill in the authorization info.
1211 * Returns the head of the mbuf list and the xid.
1212 */
1213
1214 int
nfsm_rpchead(struct nfsreq * req,mbuf_t mrest,u_int64_t * xidp,mbuf_t * mreqp)1215 nfsm_rpchead(
1216 struct nfsreq *req,
1217 mbuf_t mrest,
1218 u_int64_t *xidp,
1219 mbuf_t *mreqp)
1220 {
1221 struct nfsmount *nmp = req->r_nmp;
1222 int nfsvers = nmp->nm_vers;
1223 int proc = ((nfsvers == NFS_VER2) ? nfsv2_procid[req->r_procnum] : (int)req->r_procnum);
1224
1225 return nfsm_rpchead2(nmp, nmp->nm_sotype, NFS_PROG, nfsvers, proc,
1226 req->r_auth, req->r_cred, req, mrest, xidp, mreqp);
1227 }
1228
1229 /*
1230 * get_auiliary_groups: Gets the supplementary groups from a credential.
1231 *
1232 * IN: cred: credential to get the associated groups from.
1233 * OUT: groups: An array of gids of NGROUPS size.
1234 * IN: count: The number of groups to get; i.e.; the number of groups the server supports
1235 *
1236 * returns: The number of groups found.
1237 *
1238 * Just a wrapper around kauth_cred_getgroups to handle the case of a server supporting less
1239 * than NGROUPS.
1240 */
1241 static size_t
get_auxiliary_groups(kauth_cred_t cred,gid_t groups[NGROUPS],size_t count)1242 get_auxiliary_groups(kauth_cred_t cred, gid_t groups[NGROUPS], size_t count)
1243 {
1244 gid_t pgid;
1245 size_t maxcount = count < NGROUPS ? count + 1 : NGROUPS;
1246 size_t i;
1247
1248 for (i = 0; i < NGROUPS; i++) {
1249 groups[i] = -2; /* Initialize to the nobody group */
1250 }
1251 (void)kauth_cred_getgroups(cred, groups, &maxcount);
1252 if (maxcount < 1) {
1253 return maxcount;
1254 }
1255
1256 /*
1257 * kauth_get_groups returns the primary group followed by the
1258 * users auxiliary groups. If the number of groups the server supports
1259 * is less than NGROUPS, then we will drop the first group so that
1260 * we can send one more group over the wire.
1261 */
1262
1263
1264 if (count < NGROUPS) {
1265 pgid = kauth_cred_getgid(cred);
1266 if (pgid == groups[0]) {
1267 maxcount -= 1;
1268 for (i = 0; i < maxcount; i++) {
1269 groups[i] = groups[i + 1];
1270 }
1271 }
1272 }
1273
1274 return maxcount;
1275 }
1276
1277 int
nfsm_rpchead2(__unused struct nfsmount * nmp,int sotype,int prog,int vers,int proc,int auth_type,kauth_cred_t cred,struct nfsreq * req,mbuf_t mrest,u_int64_t * xidp,mbuf_t * mreqp)1278 nfsm_rpchead2(__unused struct nfsmount *nmp, int sotype, int prog, int vers, int proc, int auth_type,
1279 kauth_cred_t cred, struct nfsreq *req, mbuf_t mrest, u_int64_t *xidp, mbuf_t *mreqp)
1280 {
1281 mbuf_t mreq, mb;
1282 size_t i;
1283 int error, auth_len = 0, authsiz, reqlen;
1284 size_t headlen;
1285 struct nfsm_chain nmreq;
1286 gid_t grouplist[NGROUPS];
1287 size_t groupcount = 0;
1288
1289 /* calculate expected auth length */
1290 switch (auth_type) {
1291 case RPCAUTH_NONE:
1292 auth_len = 0;
1293 break;
1294 case RPCAUTH_SYS:
1295 {
1296 size_t count = nmp->nm_numgrps < NGROUPS ? nmp->nm_numgrps : NGROUPS;
1297
1298 if (!cred) {
1299 return EINVAL;
1300 }
1301 groupcount = get_auxiliary_groups(cred, grouplist, count);
1302 auth_len = ((uint32_t)groupcount + 5) * NFSX_UNSIGNED;
1303 break;
1304 }
1305 #if CONFIG_NFS_GSS
1306 case RPCAUTH_KRB5:
1307 case RPCAUTH_KRB5I:
1308 case RPCAUTH_KRB5P:
1309 if (!req || !cred) {
1310 return EINVAL;
1311 }
1312 auth_len = 5 * NFSX_UNSIGNED + 0; // zero context handle for now
1313 break;
1314 #endif /* CONFIG_NFS_GSS */
1315 default:
1316 return EINVAL;
1317 }
1318 authsiz = nfsm_rndup(auth_len);
1319
1320 /* allocate the packet */
1321 headlen = authsiz + 10 * NFSX_UNSIGNED;
1322 if (sotype == SOCK_STREAM) { /* also include room for any RPC Record Mark */
1323 headlen += NFSX_UNSIGNED;
1324 }
1325 if (headlen >= nfs_mbuf_minclsize) {
1326 error = mbuf_getpacket(MBUF_WAITOK, &mreq);
1327 } else {
1328 error = mbuf_gethdr(MBUF_WAITOK, MBUF_TYPE_DATA, &mreq);
1329 if (!error) {
1330 if (headlen < nfs_mbuf_mhlen) {
1331 mbuf_align_32(mreq, headlen);
1332 } else {
1333 mbuf_align_32(mreq, 8 * NFSX_UNSIGNED);
1334 }
1335 }
1336 }
1337 if (error) {
1338 /* unable to allocate packet */
1339 /* XXX should we keep statistics for these errors? */
1340 return error;
1341 }
1342
1343 /*
1344 * If the caller gave us a non-zero XID then use it because
1345 * it may be a higher-level resend with a GSSAPI credential.
1346 * Otherwise, allocate a new one.
1347 */
1348 if (*xidp == 0) {
1349 nfs_get_xid(xidp);
1350 }
1351
1352 /* build the header(s) */
1353 nfsm_chain_init(&nmreq, mreq);
1354
1355 /* First, if it's a TCP stream insert space for an RPC record mark */
1356 if (sotype == SOCK_STREAM) {
1357 nfsm_chain_add_32(error, &nmreq, 0);
1358 }
1359
1360 /* Then the RPC header. */
1361 nfsm_chain_add_32(error, &nmreq, (*xidp & 0xffffffff));
1362 nfsm_chain_add_32(error, &nmreq, RPC_CALL);
1363 nfsm_chain_add_32(error, &nmreq, RPC_VER2);
1364 nfsm_chain_add_32(error, &nmreq, prog);
1365 nfsm_chain_add_32(error, &nmreq, vers);
1366 nfsm_chain_add_32(error, &nmreq, proc);
1367
1368 #if CONFIG_NFS_GSS
1369 add_cred:
1370 #endif
1371 switch (auth_type) {
1372 case RPCAUTH_NONE:
1373 nfsm_chain_add_32(error, &nmreq, RPCAUTH_NONE); /* auth */
1374 nfsm_chain_add_32(error, &nmreq, 0); /* length */
1375 nfsm_chain_add_32(error, &nmreq, RPCAUTH_NONE); /* verf */
1376 nfsm_chain_add_32(error, &nmreq, 0); /* length */
1377 nfsm_chain_build_done(error, &nmreq);
1378 /* Append the args mbufs */
1379 if (!error) {
1380 error = mbuf_setnext(nmreq.nmc_mcur, mrest);
1381 }
1382 break;
1383 case RPCAUTH_SYS: {
1384 nfsm_chain_add_32(error, &nmreq, RPCAUTH_SYS);
1385 nfsm_chain_add_32(error, &nmreq, authsiz);
1386 {
1387 nfsm_chain_add_32(error, &nmreq, 0); /* stamp */
1388 }
1389 nfsm_chain_add_32(error, &nmreq, 0); /* zero-length hostname */
1390 nfsm_chain_add_32(error, &nmreq, kauth_cred_getuid(cred)); /* UID */
1391 nfsm_chain_add_32(error, &nmreq, kauth_cred_getgid(cred)); /* GID */
1392 nfsm_chain_add_32(error, &nmreq, groupcount);/* additional GIDs */
1393 for (i = 0; i < groupcount; i++) {
1394 nfsm_chain_add_32(error, &nmreq, grouplist[i]);
1395 }
1396
1397 /* And the verifier... */
1398 nfsm_chain_add_32(error, &nmreq, RPCAUTH_NONE); /* flavor */
1399 nfsm_chain_add_32(error, &nmreq, 0); /* length */
1400 nfsm_chain_build_done(error, &nmreq);
1401
1402 /* Append the args mbufs */
1403 if (!error) {
1404 error = mbuf_setnext(nmreq.nmc_mcur, mrest);
1405 }
1406 break;
1407 }
1408 #if CONFIG_NFS_GSS
1409 case RPCAUTH_KRB5:
1410 case RPCAUTH_KRB5I:
1411 case RPCAUTH_KRB5P:
1412 error = nfs_gss_clnt_cred_put(req, &nmreq, mrest);
1413 if (error == ENEEDAUTH) {
1414 size_t count = nmp->nm_numgrps < NGROUPS ? nmp->nm_numgrps : NGROUPS;
1415
1416 /*
1417 * Use sec=sys for this user
1418 */
1419 error = 0;
1420 req->r_auth = auth_type = RPCAUTH_SYS;
1421 groupcount = get_auxiliary_groups(cred, grouplist, count);
1422 auth_len = ((uint32_t)groupcount + 5) * NFSX_UNSIGNED;
1423 authsiz = nfsm_rndup(auth_len);
1424 goto add_cred;
1425 }
1426 break;
1427 #endif /* CONFIG_NFS_GSS */
1428 }
1429 ;
1430
1431 /* finish setting up the packet */
1432 if (!error) {
1433 error = mbuf_pkthdr_setrcvif(mreq, 0);
1434 }
1435
1436 if (error) {
1437 mbuf_freem(mreq);
1438 return error;
1439 }
1440
1441 /* Calculate the size of the request */
1442 reqlen = 0;
1443 for (mb = nmreq.nmc_mhead; mb; mb = mbuf_next(mb)) {
1444 reqlen += mbuf_len(mb);
1445 }
1446
1447 mbuf_pkthdr_setlen(mreq, reqlen);
1448
1449 /*
1450 * If the request goes on a TCP stream,
1451 * set its size in the RPC record mark.
1452 * The record mark count doesn't include itself
1453 * and the last fragment bit is set.
1454 */
1455 if (sotype == SOCK_STREAM) {
1456 nfsm_chain_set_recmark(error, &nmreq,
1457 (reqlen - NFSX_UNSIGNED) | 0x80000000);
1458 }
1459
1460 *mreqp = mreq;
1461 return 0;
1462 }
1463
1464 /*
1465 * Parse an NFS file attribute structure out of an mbuf chain.
1466 */
1467 int
nfs_parsefattr(__unused struct nfsmount * nmp,struct nfsm_chain * nmc,int nfsvers,struct nfs_vattr * nvap)1468 nfs_parsefattr(
1469 __unused struct nfsmount *nmp,
1470 struct nfsm_chain *nmc,
1471 int nfsvers,
1472 struct nfs_vattr *nvap)
1473 {
1474 int error = 0;
1475 enum vtype vtype;
1476 nfstype nvtype;
1477 uint32_t vmode, val, val2;
1478 dev_t rdev;
1479
1480 val = val2 = 0;
1481 NVATTR_INIT(nvap);
1482
1483 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_TYPE);
1484 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_MODE);
1485 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_NUMLINKS);
1486 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_OWNER);
1487 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_OWNER_GROUP);
1488 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_SIZE);
1489 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_SPACE_USED);
1490 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_RAWDEV);
1491 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_FSID);
1492 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_FILEID);
1493 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_TIME_ACCESS);
1494 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_TIME_MODIFY);
1495 NFS_BITMAP_SET(nvap->nva_bitmap, NFS_FATTR_TIME_METADATA);
1496
1497 nfsm_chain_get_32(error, nmc, nvtype);
1498 nfsm_chain_get_32(error, nmc, vmode);
1499 nfsmout_if(error);
1500
1501 if (nfsvers == NFS_VER3) {
1502 nvap->nva_type = vtype = nfstov_type(nvtype, nfsvers);
1503 } else {
1504 /*
1505 * The duplicate information returned in fa_type and fa_mode
1506 * is an ambiguity in the NFS version 2 protocol.
1507 *
1508 * VREG should be taken literally as a regular file. If a
1509 * server intends to return some type information differently
1510 * in the upper bits of the mode field (e.g. for sockets, or
1511 * FIFOs), NFSv2 mandates fa_type to be VNON. Anyway, we
1512 * leave the examination of the mode bits even in the VREG
1513 * case to avoid breakage for bogus servers, but we make sure
1514 * that there are actually type bits set in the upper part of
1515 * fa_mode (and failing that, trust the va_type field).
1516 *
1517 * NFSv3 cleared the issue, and requires fa_mode to not
1518 * contain any type information (while also introducing
1519 * sockets and FIFOs for fa_type).
1520 */
1521 vtype = nfstov_type(nvtype, nfsvers);
1522 if ((vtype == VNON) || ((vtype == VREG) && ((vmode & S_IFMT) != 0))) {
1523 vtype = IFTOVT(vmode);
1524 }
1525 nvap->nva_type = vtype;
1526 }
1527
1528 nvap->nva_mode = (vmode & 07777);
1529
1530 nfsm_chain_get_32(error, nmc, nvap->nva_nlink);
1531 nfsm_chain_get_32(error, nmc, nvap->nva_uid);
1532 nfsm_chain_get_32(error, nmc, nvap->nva_gid);
1533
1534 if (nfsvers == NFS_VER3) {
1535 nfsm_chain_get_64(error, nmc, nvap->nva_size);
1536 nfsm_chain_get_64(error, nmc, nvap->nva_bytes);
1537 nfsm_chain_get_32(error, nmc, nvap->nva_rawdev.specdata1);
1538 nfsm_chain_get_32(error, nmc, nvap->nva_rawdev.specdata2);
1539 nfsmout_if(error);
1540 nfsm_chain_get_64(error, nmc, nvap->nva_fsid.major);
1541 nvap->nva_fsid.minor = 0;
1542 nfsm_chain_get_64(error, nmc, nvap->nva_fileid);
1543 } else {
1544 nfsm_chain_get_32(error, nmc, nvap->nva_size);
1545 nfsm_chain_adv(error, nmc, NFSX_UNSIGNED);
1546 nfsm_chain_get_32(error, nmc, rdev);
1547 nfsmout_if(error);
1548 nvap->nva_rawdev.specdata1 = major(rdev);
1549 nvap->nva_rawdev.specdata2 = minor(rdev);
1550 nfsm_chain_get_32(error, nmc, val); /* blocks */
1551 nfsmout_if(error);
1552 nvap->nva_bytes = val * NFS_FABLKSIZE;
1553 nfsm_chain_get_32(error, nmc, val);
1554 nfsmout_if(error);
1555 nvap->nva_fsid.major = (uint64_t)val;
1556 nvap->nva_fsid.minor = 0;
1557 nfsm_chain_get_32(error, nmc, val);
1558 nfsmout_if(error);
1559 nvap->nva_fileid = (uint64_t)val;
1560 /* Really ugly NFSv2 kludge. */
1561 if ((vtype == VCHR) && (rdev == (dev_t)0xffffffff)) {
1562 nvap->nva_type = VFIFO;
1563 }
1564 }
1565 nfsm_chain_get_time(error, nmc, nfsvers,
1566 nvap->nva_timesec[NFSTIME_ACCESS],
1567 nvap->nva_timensec[NFSTIME_ACCESS]);
1568 nfsm_chain_get_time(error, nmc, nfsvers,
1569 nvap->nva_timesec[NFSTIME_MODIFY],
1570 nvap->nva_timensec[NFSTIME_MODIFY]);
1571 nfsm_chain_get_time(error, nmc, nfsvers,
1572 nvap->nva_timesec[NFSTIME_CHANGE],
1573 nvap->nva_timensec[NFSTIME_CHANGE]);
1574
1575 nfsmout:
1576 return error;
1577 }
1578
1579
1580 /*
1581 * Load the attribute cache (that lives in the nfsnode entry) with
1582 * the value pointed to by nvap, unless the file type in the attribute
1583 * cache doesn't match the file type in the nvap, in which case log a
1584 * warning and return ESTALE.
1585 *
1586 * If the dontshrink flag is set, then it's not safe to call ubc_setsize()
1587 * to shrink the size of the file.
1588 */
1589 int
nfs_loadattrcache(nfsnode_t np,struct nfs_vattr * nvap,u_int64_t * xidp,int dontshrink)1590 nfs_loadattrcache(
1591 nfsnode_t np,
1592 struct nfs_vattr *nvap,
1593 u_int64_t *xidp,
1594 int dontshrink)
1595 {
1596 mount_t mp;
1597 vnode_t vp;
1598 struct timeval now;
1599 struct nfs_vattr *npnvap;
1600 int xattr = np->n_vattr.nva_flags & NFS_FFLAG_IS_ATTR;
1601 int referral = np->n_vattr.nva_flags & NFS_FFLAG_TRIGGER_REFERRAL;
1602 int aclbit, monitored, error = 0;
1603 kauth_acl_t acl;
1604 struct nfsmount *nmp;
1605 uint32_t events = np->n_events;
1606
1607 if (np->n_hflag & NHINIT) {
1608 vp = NULL;
1609 mp = np->n_mount;
1610 } else {
1611 vp = NFSTOV(np);
1612 mp = vnode_mount(vp);
1613 }
1614 monitored = vp ? vnode_ismonitored(vp) : 0;
1615
1616 FSDBG_TOP(527, np, vp, *xidp >> 32, *xidp);
1617
1618 if (!((nmp = VFSTONFS(mp)))) {
1619 FSDBG_BOT(527, ENXIO, 1, 0, *xidp);
1620 return ENXIO;
1621 }
1622
1623 if (*xidp < np->n_xid) {
1624 /*
1625 * We have already updated attributes with a response from
1626 * a later request. The attributes we have here are probably
1627 * stale so we drop them (just return). However, our
1628 * out-of-order receipt could be correct - if the requests were
1629 * processed out of order at the server. Given the uncertainty
1630 * we invalidate our cached attributes. *xidp is zeroed here
1631 * to indicate the attributes were dropped - only getattr
1632 * cares - it needs to retry the rpc.
1633 */
1634 NATTRINVALIDATE(np);
1635 FSDBG_BOT(527, 0, np, np->n_xid, *xidp);
1636 *xidp = 0;
1637 return 0;
1638 }
1639
1640 if (vp && (nvap->nva_type != vnode_vtype(vp))) {
1641 /*
1642 * The filehandle has changed type on us. This can be
1643 * caused by either the server not having unique filehandles
1644 * or because another client has removed the previous
1645 * filehandle and a new object (of a different type)
1646 * has been created with the same filehandle.
1647 *
1648 * We can't simply switch the type on the vnode because
1649 * there may be type-specific fields that need to be
1650 * cleaned up or set up.
1651 *
1652 * So, what should we do with this vnode?
1653 *
1654 * About the best we can do is log a warning and return
1655 * an error. ESTALE is about the closest error, but it
1656 * is a little strange that we come up with this error
1657 * internally instead of simply passing it through from
1658 * the server. Hopefully, the vnode will be reclaimed
1659 * soon so the filehandle can be reincarnated as the new
1660 * object type.
1661 */
1662 printf("nfs loadattrcache vnode changed type, was %d now %d\n",
1663 vnode_vtype(vp), nvap->nva_type);
1664 error = ESTALE;
1665 if (monitored) {
1666 events |= VNODE_EVENT_DELETE;
1667 }
1668 goto out;
1669 }
1670
1671 npnvap = &np->n_vattr;
1672
1673 /*
1674 * The ACL cache needs special handling because it is not
1675 * always updated. Save current ACL cache state so it can
1676 * be restored after copying the new attributes into place.
1677 */
1678 aclbit = NFS_BITMAP_ISSET(npnvap->nva_bitmap, NFS_FATTR_ACL);
1679 acl = npnvap->nva_acl;
1680
1681 if (monitored) {
1682 /*
1683 * For monitored nodes, check for attribute changes that should generate events.
1684 */
1685 if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_NUMLINKS) &&
1686 (nvap->nva_nlink != npnvap->nva_nlink)) {
1687 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_LINK;
1688 }
1689 if (events & VNODE_EVENT_PERMS) {
1690 /* no need to do all the checking if it's already set */;
1691 } else if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_MODE) &&
1692 (nvap->nva_mode != npnvap->nva_mode)) {
1693 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_PERMS;
1694 } else if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_OWNER) &&
1695 (nvap->nva_uid != npnvap->nva_uid)) {
1696 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_PERMS;
1697 } else if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_OWNER_GROUP) &&
1698 (nvap->nva_gid != npnvap->nva_gid)) {
1699 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_PERMS;
1700 #if CONFIG_NFS4
1701 } else if (nmp->nm_vers >= NFS_VER4) {
1702 if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_OWNER) &&
1703 !kauth_guid_equal(&nvap->nva_uuuid, &npnvap->nva_uuuid)) {
1704 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_PERMS;
1705 } else if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_OWNER_GROUP) &&
1706 !kauth_guid_equal(&nvap->nva_guuid, &npnvap->nva_guuid)) {
1707 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_PERMS;
1708 } else if ((NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_ACL) &&
1709 nvap->nva_acl && npnvap->nva_acl &&
1710 ((nvap->nva_acl->acl_entrycount != npnvap->nva_acl->acl_entrycount) ||
1711 bcmp(nvap->nva_acl, npnvap->nva_acl, KAUTH_ACL_COPYSIZE(nvap->nva_acl))))) {
1712 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_PERMS;
1713 }
1714 #endif
1715 }
1716 if (/* Oh, C... */
1717 #if CONFIG_NFS4
1718 ((nmp->nm_vers >= NFS_VER4) && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_CHANGE) && (nvap->nva_change != npnvap->nva_change)) ||
1719 #endif
1720 (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_TIME_MODIFY) &&
1721 ((nvap->nva_timesec[NFSTIME_MODIFY] != npnvap->nva_timesec[NFSTIME_MODIFY]) ||
1722 (nvap->nva_timensec[NFSTIME_MODIFY] != npnvap->nva_timensec[NFSTIME_MODIFY])))) {
1723 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_WRITE;
1724 }
1725 if (!events && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_RAWDEV) &&
1726 ((nvap->nva_rawdev.specdata1 != npnvap->nva_rawdev.specdata1) ||
1727 (nvap->nva_rawdev.specdata2 != npnvap->nva_rawdev.specdata2))) {
1728 events |= VNODE_EVENT_ATTRIB;
1729 }
1730 if (!events && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_FILEID) &&
1731 (nvap->nva_fileid != npnvap->nva_fileid)) {
1732 events |= VNODE_EVENT_ATTRIB;
1733 }
1734 if (!events && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_ARCHIVE) &&
1735 ((nvap->nva_flags & NFS_FFLAG_ARCHIVED) != (npnvap->nva_flags & NFS_FFLAG_ARCHIVED))) {
1736 events |= VNODE_EVENT_ATTRIB;
1737 }
1738 if (!events && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_HIDDEN) &&
1739 ((nvap->nva_flags & NFS_FFLAG_HIDDEN) != (npnvap->nva_flags & NFS_FFLAG_HIDDEN))) {
1740 events |= VNODE_EVENT_ATTRIB;
1741 }
1742 if (!events && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_TIME_CREATE) &&
1743 ((nvap->nva_timesec[NFSTIME_CREATE] != npnvap->nva_timesec[NFSTIME_CREATE]) ||
1744 (nvap->nva_timensec[NFSTIME_CREATE] != npnvap->nva_timensec[NFSTIME_CREATE]))) {
1745 events |= VNODE_EVENT_ATTRIB;
1746 }
1747 if (!events && NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_TIME_BACKUP) &&
1748 ((nvap->nva_timesec[NFSTIME_BACKUP] != npnvap->nva_timesec[NFSTIME_BACKUP]) ||
1749 (nvap->nva_timensec[NFSTIME_BACKUP] != npnvap->nva_timensec[NFSTIME_BACKUP]))) {
1750 events |= VNODE_EVENT_ATTRIB;
1751 }
1752 }
1753
1754 #if CONFIG_NFS4
1755 /* Copy the attributes to the attribute cache */
1756 if (nmp->nm_vers >= NFS_VER4 && npnvap->nva_flags & NFS_FFLAG_PARTIAL_WRITE) {
1757 /*
1758 * NFSv4 WRITE RPCs contain partial GETATTR requests - only type, change, size, metadatatime and modifytime are requested.
1759 * In such cases, we do not update the time stamp - but the requested attributes.
1760 */
1761 NFS_BITMAP_COPY_ATTR(nvap, npnvap, TYPE, type);
1762 NFS_BITMAP_COPY_ATTR(nvap, npnvap, CHANGE, change);
1763 NFS_BITMAP_COPY_ATTR(nvap, npnvap, SIZE, size);
1764 NFS_BITMAP_COPY_TIME(nvap, npnvap, METADATA, CHANGE);
1765 NFS_BITMAP_COPY_TIME(nvap, npnvap, MODIFY, MODIFY);
1766 } else
1767 #endif /* CONFIG_NFS4 */
1768 {
1769 bcopy((caddr_t)nvap, (caddr_t)npnvap, sizeof(*nvap));
1770 microuptime(&now);
1771 np->n_attrstamp = now.tv_sec;
1772 }
1773
1774 np->n_xid = *xidp;
1775 /* NFS_FFLAG_IS_ATTR and NFS_FFLAG_TRIGGER_REFERRAL need to be sticky... */
1776 if (vp && xattr) {
1777 nvap->nva_flags |= xattr;
1778 }
1779 if (vp && referral) {
1780 nvap->nva_flags |= referral;
1781 }
1782
1783 if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_ACL)) {
1784 /* we're updating the ACL */
1785 if (nvap->nva_acl) {
1786 /* make a copy of the acl for the cache */
1787 npnvap->nva_acl = kauth_acl_alloc(nvap->nva_acl->acl_entrycount);
1788 if (npnvap->nva_acl) {
1789 bcopy(nvap->nva_acl, npnvap->nva_acl, KAUTH_ACL_COPYSIZE(nvap->nva_acl));
1790 } else {
1791 /* can't make a copy to cache, invalidate ACL cache */
1792 NFS_BITMAP_CLR(npnvap->nva_bitmap, NFS_FATTR_ACL);
1793 NACLINVALIDATE(np);
1794 aclbit = 0;
1795 }
1796 }
1797 if (acl) {
1798 kauth_acl_free(acl);
1799 acl = NULL;
1800 }
1801 }
1802 if (NFS_BITMAP_ISSET(nvap->nva_bitmap, NFS_FATTR_ACL)) {
1803 /* update the ACL timestamp */
1804 microuptime(&now);
1805 np->n_aclstamp = now.tv_sec;
1806 } else {
1807 /* we aren't updating the ACL, so restore original values */
1808 if (aclbit) {
1809 NFS_BITMAP_SET(npnvap->nva_bitmap, NFS_FATTR_ACL);
1810 }
1811 npnvap->nva_acl = acl;
1812 }
1813
1814 #if CONFIG_TRIGGERS
1815 #if CONFIG_NFS4
1816 /*
1817 * For NFSv4, if the fsid doesn't match the fsid for the mount, then
1818 * this node is for a different file system on the server. So we mark
1819 * this node as a trigger node that will trigger the mirror mount.
1820 */
1821 if ((nmp->nm_vers >= NFS_VER4) && (nvap->nva_type == VDIR) &&
1822 ((np->n_vattr.nva_fsid.major != nmp->nm_fsid.major) ||
1823 (np->n_vattr.nva_fsid.minor != nmp->nm_fsid.minor))) {
1824 np->n_vattr.nva_flags |= NFS_FFLAG_TRIGGER;
1825 }
1826 #endif /* CONFIG_NFS4 */
1827 #endif /* CONFIG_TRIGGERS */
1828
1829 if (!vp || (nvap->nva_type != VREG)) {
1830 np->n_size = nvap->nva_size;
1831 } else if (nvap->nva_size != np->n_size) {
1832 FSDBG(527, np, nvap->nva_size, np->n_size, (nvap->nva_type == VREG) | (np->n_flag & NMODIFIED ? 6 : 4));
1833 if (!UBCINFOEXISTS(vp) || (dontshrink && (nvap->nva_size < np->n_size))) {
1834 /* asked not to shrink, so stick with current size */
1835 FSDBG(527, np, np->n_size, np->n_vattr.nva_size, 0xf00d0001);
1836 nvap->nva_size = np->n_size;
1837 NATTRINVALIDATE(np);
1838 } else if ((np->n_flag & NMODIFIED) && (nvap->nva_size < np->n_size)) {
1839 /* if we've modified, stick with larger size */
1840 FSDBG(527, np, np->n_size, np->n_vattr.nva_size, 0xf00d0002);
1841 nvap->nva_size = np->n_size;
1842 npnvap->nva_size = np->n_size;
1843 } else {
1844 /*
1845 * n_size is protected by the data lock, so we need to
1846 * defer updating it until it's safe. We save the new size
1847 * and set a flag and it'll get updated the next time we get/drop
1848 * the data lock or the next time we do a getattr.
1849 */
1850 np->n_newsize = nvap->nva_size;
1851 SET(np->n_flag, NUPDATESIZE);
1852 if (monitored) {
1853 events |= VNODE_EVENT_ATTRIB | VNODE_EVENT_EXTEND;
1854 }
1855 }
1856 }
1857
1858 if (np->n_flag & NCHG) {
1859 if (np->n_flag & NACC) {
1860 nvap->nva_timesec[NFSTIME_ACCESS] = np->n_atim.tv_sec;
1861 nvap->nva_timensec[NFSTIME_ACCESS] = np->n_atim.tv_nsec;
1862 }
1863 if (np->n_flag & NUPD) {
1864 nvap->nva_timesec[NFSTIME_MODIFY] = np->n_mtim.tv_sec;
1865 nvap->nva_timensec[NFSTIME_MODIFY] = np->n_mtim.tv_nsec;
1866 }
1867 }
1868
1869 out:
1870 if (monitored && events) {
1871 nfs_vnode_notify(np, events);
1872 }
1873 FSDBG_BOT(527, error, np, np->n_size, *xidp);
1874 return error;
1875 }
1876
1877 /*
1878 * Calculate the attribute timeout based on
1879 * how recently the file has been modified.
1880 */
1881 long
nfs_attrcachetimeout(nfsnode_t np)1882 nfs_attrcachetimeout(nfsnode_t np)
1883 {
1884 struct nfsmount *nmp;
1885 struct timeval now;
1886 int isdir;
1887 long timeo;
1888
1889 nmp = NFSTONMP(np);
1890 if (nfs_mount_gone(nmp)) {
1891 return 0;
1892 }
1893
1894 isdir = vnode_isdir(NFSTOV(np));
1895 #if CONFIG_NFS4
1896 if ((nmp->nm_vers >= NFS_VER4) && (np->n_openflags & N_DELEG_MASK)) {
1897 /* If we have a delegation, we always use the max timeout. */
1898 timeo = isdir ? nmp->nm_acdirmax : nmp->nm_acregmax;
1899 } else
1900 #endif
1901 if ((np)->n_flag & NMODIFIED) {
1902 /* If we have modifications, we always use the min timeout. */
1903 timeo = isdir ? nmp->nm_acdirmin : nmp->nm_acregmin;
1904 } else {
1905 /* Otherwise, we base the timeout on how old the file seems. */
1906 /* Note that if the client and server clocks are way out of sync, */
1907 /* timeout will probably get clamped to a min or max value */
1908 microtime(&now);
1909 timeo = (now.tv_sec - (np)->n_vattr.nva_timesec[NFSTIME_MODIFY]) / 10;
1910 if (isdir) {
1911 if (timeo < nmp->nm_acdirmin) {
1912 timeo = nmp->nm_acdirmin;
1913 } else if (timeo > nmp->nm_acdirmax) {
1914 timeo = nmp->nm_acdirmax;
1915 }
1916 } else {
1917 if (timeo < nmp->nm_acregmin) {
1918 timeo = nmp->nm_acregmin;
1919 } else if (timeo > nmp->nm_acregmax) {
1920 timeo = nmp->nm_acregmax;
1921 }
1922 }
1923 }
1924
1925 return timeo;
1926 }
1927
1928 /*
1929 * Check the attribute cache time stamp.
1930 * If the cache is valid, copy contents to *nvaper and return 0
1931 * otherwise return an error.
1932 * Must be called with the node locked.
1933 */
1934 int
nfs_getattrcache(nfsnode_t np,struct nfs_vattr * nvaper,int flags)1935 nfs_getattrcache(nfsnode_t np, struct nfs_vattr *nvaper, int flags)
1936 {
1937 struct nfs_vattr *nvap;
1938 struct timeval nowup;
1939 long timeo;
1940 struct nfsmount *nmp;
1941
1942 /* Check if the attributes are valid. */
1943 if (!NATTRVALID(np) || ((flags & NGA_ACL) && !NACLVALID(np))) {
1944 FSDBG(528, np, 0, 0xffffff01, ENOENT);
1945 OSAddAtomic64(1, &nfsclntstats.attrcache_misses);
1946 return ENOENT;
1947 }
1948
1949 nmp = NFSTONMP(np);
1950 if (nfs_mount_gone(nmp)) {
1951 return ENXIO;
1952 }
1953 /*
1954 * Verify the cached attributes haven't timed out.
1955 * If the server isn't responding, skip the check
1956 * and return cached attributes.
1957 */
1958 if (!nfs_use_cache(nmp)) {
1959 microuptime(&nowup);
1960 if (np->n_attrstamp > nowup.tv_sec) {
1961 printf("NFS: Attribute time stamp is in the future by %ld seconds. Invalidating cache\n",
1962 np->n_attrstamp - nowup.tv_sec);
1963 NATTRINVALIDATE(np);
1964 NACCESSINVALIDATE(np);
1965 return ENOENT;
1966 }
1967 timeo = nfs_attrcachetimeout(np);
1968 if ((nowup.tv_sec - np->n_attrstamp) >= timeo) {
1969 FSDBG(528, np, 0, 0xffffff02, ENOENT);
1970 OSAddAtomic64(1, &nfsclntstats.attrcache_misses);
1971 return ENOENT;
1972 }
1973 if ((flags & NGA_ACL) && ((nowup.tv_sec - np->n_aclstamp) >= timeo)) {
1974 FSDBG(528, np, 0, 0xffffff02, ENOENT);
1975 OSAddAtomic64(1, &nfsclntstats.attrcache_misses);
1976 return ENOENT;
1977 }
1978 }
1979
1980 nvap = &np->n_vattr;
1981 FSDBG(528, np, nvap->nva_size, np->n_size, 0xcace);
1982 OSAddAtomic64(1, &nfsclntstats.attrcache_hits);
1983
1984 if (nvap->nva_type != VREG) {
1985 np->n_size = nvap->nva_size;
1986 } else if (nvap->nva_size != np->n_size) {
1987 FSDBG(528, np, nvap->nva_size, np->n_size, (nvap->nva_type == VREG) | (np->n_flag & NMODIFIED ? 6 : 4));
1988 if ((np->n_flag & NMODIFIED) && (nvap->nva_size < np->n_size)) {
1989 /* if we've modified, stick with larger size */
1990 nvap->nva_size = np->n_size;
1991 } else {
1992 /*
1993 * n_size is protected by the data lock, so we need to
1994 * defer updating it until it's safe. We save the new size
1995 * and set a flag and it'll get updated the next time we get/drop
1996 * the data lock or the next time we do a getattr.
1997 */
1998 np->n_newsize = nvap->nva_size;
1999 SET(np->n_flag, NUPDATESIZE);
2000 }
2001 }
2002
2003 bcopy((caddr_t)nvap, (caddr_t)nvaper, sizeof(struct nfs_vattr));
2004 if (np->n_flag & NCHG) {
2005 if (np->n_flag & NACC) {
2006 nvaper->nva_timesec[NFSTIME_ACCESS] = np->n_atim.tv_sec;
2007 nvaper->nva_timensec[NFSTIME_ACCESS] = np->n_atim.tv_nsec;
2008 }
2009 if (np->n_flag & NUPD) {
2010 nvaper->nva_timesec[NFSTIME_MODIFY] = np->n_mtim.tv_sec;
2011 nvaper->nva_timensec[NFSTIME_MODIFY] = np->n_mtim.tv_nsec;
2012 }
2013 }
2014 if (nvap->nva_acl) {
2015 if (flags & NGA_ACL) {
2016 nvaper->nva_acl = kauth_acl_alloc(nvap->nva_acl->acl_entrycount);
2017 if (!nvaper->nva_acl) {
2018 return ENOMEM;
2019 }
2020 bcopy(nvap->nva_acl, nvaper->nva_acl, KAUTH_ACL_COPYSIZE(nvap->nva_acl));
2021 } else {
2022 nvaper->nva_acl = NULL;
2023 }
2024 }
2025 return 0;
2026 }
2027
2028 /*
2029 * When creating file system objects:
2030 * Don't bother setting UID if it's the same as the credential performing the create.
2031 * Don't bother setting GID if it's the same as the directory or credential.
2032 */
2033 void
nfs_avoid_needless_id_setting_on_create(nfsnode_t dnp,struct vnode_attr * vap,vfs_context_t ctx)2034 nfs_avoid_needless_id_setting_on_create(nfsnode_t dnp, struct vnode_attr *vap, vfs_context_t ctx)
2035 {
2036 if (VATTR_IS_ACTIVE(vap, va_uid)) {
2037 if (kauth_cred_getuid(vfs_context_ucred(ctx)) == vap->va_uid) {
2038 VATTR_CLEAR_ACTIVE(vap, va_uid);
2039 VATTR_CLEAR_ACTIVE(vap, va_uuuid);
2040 }
2041 }
2042 if (VATTR_IS_ACTIVE(vap, va_gid)) {
2043 if ((vap->va_gid == dnp->n_vattr.nva_gid) ||
2044 (kauth_cred_getgid(vfs_context_ucred(ctx)) == vap->va_gid)) {
2045 VATTR_CLEAR_ACTIVE(vap, va_gid);
2046 VATTR_CLEAR_ACTIVE(vap, va_guuid);
2047 }
2048 }
2049 }
2050
2051 /*
2052 * Convert a universal address string to a sockaddr structure.
2053 *
2054 * Universal addresses can be in the following formats:
2055 *
2056 * d = decimal (IPv4)
2057 * x = hexadecimal (IPv6)
2058 * p = port (decimal)
2059 *
2060 * d.d.d.d
2061 * d.d.d.d.p.p
2062 * x:x:x:x:x:x:x:x
2063 * x:x:x:x:x:x:x:x.p.p
2064 * x:x:x:x:x:x:d.d.d.d
2065 * x:x:x:x:x:x:d.d.d.d.p.p
2066 *
2067 * IPv6 strings can also have a series of zeroes elided
2068 * IPv6 strings can also have a %scope suffix at the end (after any port)
2069 *
2070 * rules & exceptions:
2071 * - value before : is hex
2072 * - value before . is dec
2073 * - once . hit, all values are dec
2074 * - hex+port case means value before first dot is actually hex
2075 * - . is always preceded by digits except if last hex was double-colon
2076 *
2077 * scan, converting #s to bytes
2078 * first time a . is encountered, scan the rest to count them.
2079 * 2 dots = just port
2080 * 3 dots = just IPv4 no port
2081 * 5 dots = IPv4 and port
2082 */
2083
2084 #define IS_DIGIT(C) \
2085 (((C) >= '0') && ((C) <= '9'))
2086
2087 #define IS_XDIGIT(C) \
2088 (IS_DIGIT(C) || \
2089 (((C) >= 'A') && ((C) <= 'F')) || \
2090 (((C) >= 'a') && ((C) <= 'f')))
2091
2092 int
nfs_uaddr2sockaddr(const char * uaddr,struct sockaddr * addr)2093 nfs_uaddr2sockaddr(const char *uaddr, struct sockaddr *addr)
2094 {
2095 const char *p, *pd; /* pointers to current character in scan */
2096 const char *pnum; /* pointer to current number to decode */
2097 const char *pscope; /* pointer to IPv6 scope ID */
2098 uint8_t a[18]; /* octet array to store address bytes */
2099 int i; /* index of next octet to decode */
2100 int dci; /* index of octet to insert double-colon zeroes */
2101 int dcount, xdcount; /* count of digits in current number */
2102 int needmore; /* set when we know we need more input (e.g. after colon, period) */
2103 int dots; /* # of dots */
2104 int hex; /* contains hex values */
2105 unsigned long val; /* decoded value */
2106 int s; /* index used for sliding array to insert elided zeroes */
2107
2108 /* AF_LOCAL address are paths that start with '/' or are empty */
2109 if (*uaddr == '/' || *uaddr == '\0') { /* AF_LOCAL address */
2110 struct sockaddr_un *sun = (struct sockaddr_un *)addr;
2111 sun->sun_family = AF_LOCAL;
2112 sun->sun_len = sizeof(struct sockaddr_un);
2113 strlcpy(sun->sun_path, uaddr, sizeof(sun->sun_path));
2114
2115 return 1;
2116 }
2117
2118 #define HEXVALUE 0
2119 #define DECIMALVALUE 1
2120
2121 #define GET(TYPE) \
2122 do { \
2123 if ((dcount <= 0) || (dcount > (((TYPE) == DECIMALVALUE) ? 3 : 4))) \
2124 return (0); \
2125 if (((TYPE) == DECIMALVALUE) && xdcount) \
2126 return (0); \
2127 val = strtoul(pnum, NULL, ((TYPE) == DECIMALVALUE) ? 10 : 16); \
2128 if (((TYPE) == DECIMALVALUE) && (val >= 256)) \
2129 return (0); \
2130 /* check if there is room left in the array */ \
2131 if (i > (int)(sizeof(a) - (((TYPE) == HEXVALUE) ? 2 : 1) - ((dci != -1) ? 2 : 0))) \
2132 return (0); \
2133 if ((TYPE) == HEXVALUE) \
2134 a[i++] = ((val >> 8) & 0xff); \
2135 a[i++] = (val & 0xff); \
2136 } while (0)
2137
2138 hex = 0;
2139 dots = 0;
2140 dci = -1;
2141 i = dcount = xdcount = 0;
2142 pnum = p = uaddr;
2143 pscope = NULL;
2144 needmore = 1;
2145 if ((*p == ':') && (*++p != ':')) { /* if it starts with colon, gotta be a double */
2146 return 0;
2147 }
2148
2149 while (*p) {
2150 if (IS_XDIGIT(*p)) {
2151 dcount++;
2152 if (!IS_DIGIT(*p)) {
2153 xdcount++;
2154 }
2155 needmore = 0;
2156 p++;
2157 } else if (*p == '.') {
2158 /* rest is decimal IPv4 dotted quad and/or port */
2159 if (!dots) {
2160 /* this is the first, so count them */
2161 for (pd = p; *pd; pd++) {
2162 if (*pd == '.') {
2163 if (++dots > 5) {
2164 return 0;
2165 }
2166 } else if (hex && (*pd == '%')) {
2167 break;
2168 } else if ((*pd < '0') || (*pd > '9')) {
2169 return 0;
2170 }
2171 }
2172 if ((dots != 2) && (dots != 3) && (dots != 5)) {
2173 return 0;
2174 }
2175 if (hex && (dots == 2)) { /* hex+port */
2176 if (!dcount && needmore) {
2177 return 0;
2178 }
2179 if (dcount) { /* last hex may be elided zero */
2180 GET(HEXVALUE);
2181 }
2182 } else {
2183 GET(DECIMALVALUE);
2184 }
2185 } else {
2186 GET(DECIMALVALUE);
2187 }
2188 dcount = xdcount = 0;
2189 needmore = 1;
2190 pnum = ++p;
2191 } else if (*p == ':') {
2192 hex = 1;
2193 if (dots) {
2194 return 0;
2195 }
2196 if (!dcount) { /* missing number, probably double colon */
2197 if (dci >= 0) { /* can only have one double colon */
2198 return 0;
2199 }
2200 dci = i;
2201 needmore = 0;
2202 } else {
2203 GET(HEXVALUE);
2204 dcount = xdcount = 0;
2205 needmore = 1;
2206 }
2207 pnum = ++p;
2208 } else if (*p == '%') { /* scope ID delimiter */
2209 if (!hex) {
2210 return 0;
2211 }
2212 p++;
2213 pscope = p;
2214 break;
2215 } else { /* unexpected character */
2216 return 0;
2217 }
2218 }
2219 if (needmore && !dcount) {
2220 return 0;
2221 }
2222 if (dcount) { /* decode trailing number */
2223 GET(dots ? DECIMALVALUE : HEXVALUE);
2224 }
2225 if (dci >= 0) { /* got a double-colon at i, need to insert a range of zeroes */
2226 /* if we got a port, slide to end of array */
2227 /* otherwise, slide to end of address (non-port) values */
2228 int end = ((dots == 2) || (dots == 5)) ? sizeof(a) : (sizeof(a) - 2);
2229 if (i % 2) { /* length of zero range must be multiple of 2 */
2230 return 0;
2231 }
2232 if (i >= end) { /* no room? */
2233 return 0;
2234 }
2235 /* slide (i-dci) numbers up from index dci */
2236 for (s = 0; s < (i - dci); s++) {
2237 a[end - 1 - s] = a[i - 1 - s];
2238 }
2239 /* zero (end-i) numbers at index dci */
2240 for (s = 0; s < (end - i); s++) {
2241 a[dci + s] = 0;
2242 }
2243 i = end;
2244 }
2245
2246 /* copy out resulting socket address */
2247 if (hex) {
2248 struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)addr;
2249 if ((((dots == 0) || (dots == 3)) && (i != (sizeof(a) - 2)))) {
2250 return 0;
2251 }
2252 if ((((dots == 2) || (dots == 5)) && (i != sizeof(a)))) {
2253 return 0;
2254 }
2255 bzero(sin6, sizeof(struct sockaddr_in6));
2256 sin6->sin6_len = sizeof(struct sockaddr_in6);
2257 sin6->sin6_family = AF_INET6;
2258 bcopy(a, &sin6->sin6_addr.s6_addr, sizeof(struct in6_addr));
2259 if ((dots == 5) || (dots == 2)) {
2260 sin6->sin6_port = htons((in_port_t)((a[16] << 8) | a[17]));
2261 }
2262 if (pscope) {
2263 for (p = pscope; IS_DIGIT(*p); p++) {
2264 ;
2265 }
2266 if (*p && !IS_DIGIT(*p)) { /* name */
2267 ifnet_t interface = NULL;
2268 if (ifnet_find_by_name(pscope, &interface) == 0) {
2269 sin6->sin6_scope_id = ifnet_index(interface);
2270 }
2271 if (interface) {
2272 ifnet_release(interface);
2273 }
2274 } else { /* decimal number */
2275 sin6->sin6_scope_id = (uint32_t)strtoul(pscope, NULL, 10);
2276 }
2277 /* XXX should we also embed scope id for linklocal? */
2278 }
2279 } else {
2280 struct sockaddr_in *sin = (struct sockaddr_in*)addr;
2281 if ((dots != 3) && (dots != 5)) {
2282 return 0;
2283 }
2284 if ((dots == 3) && (i != 4)) {
2285 return 0;
2286 }
2287 if ((dots == 5) && (i != 6)) {
2288 return 0;
2289 }
2290 bzero(sin, sizeof(struct sockaddr_in));
2291 sin->sin_len = sizeof(struct sockaddr_in);
2292 sin->sin_family = AF_INET;
2293 bcopy(a, &sin->sin_addr.s_addr, sizeof(struct in_addr));
2294 if (dots == 5) {
2295 sin->sin_port = htons((in_port_t)((a[4] << 8) | a[5]));
2296 }
2297 }
2298 return 1;
2299 }
2300
2301 /* Is a mount gone away? */
2302 int
nfs_mount_gone(struct nfsmount * nmp)2303 nfs_mount_gone(struct nfsmount *nmp)
2304 {
2305 return !nmp || vfs_isforce(nmp->nm_mountp) || (nmp->nm_state & (NFSSTA_FORCE | NFSSTA_DEAD));
2306 }
2307
2308 /*
2309 * Return some of the more significant mount options
2310 * as a string, e.g. "'ro,hard,intr,tcp,vers=3,sec=krb5,deadtimeout=0'
2311 */
2312 int
nfs_mountopts(struct nfsmount * nmp,char * buf,int buflen)2313 nfs_mountopts(struct nfsmount *nmp, char *buf, int buflen)
2314 {
2315 int c;
2316
2317 c = snprintf(buf, buflen, "%s,%s,%s,%s,vers=%d,sec=%s,%sdeadtimeout=%d",
2318 (vfs_flags(nmp->nm_mountp) & MNT_RDONLY) ? "ro" : "rw",
2319 NMFLAG(nmp, SOFT) ? "soft" : "hard",
2320 NMFLAG(nmp, INTR) ? "intr" : "nointr",
2321 nmp->nm_sotype == SOCK_STREAM ? "tcp" : "udp",
2322 nmp->nm_vers,
2323 nmp->nm_auth == RPCAUTH_KRB5 ? "krb5" :
2324 nmp->nm_auth == RPCAUTH_KRB5I ? "krb5i" :
2325 nmp->nm_auth == RPCAUTH_KRB5P ? "krb5p" :
2326 nmp->nm_auth == RPCAUTH_SYS ? "sys" : "none",
2327 nmp->nm_lockmode == NFS_LOCK_MODE_ENABLED ? "locks," :
2328 nmp->nm_lockmode == NFS_LOCK_MODE_DISABLED ? "nolocks," :
2329 nmp->nm_lockmode == NFS_LOCK_MODE_LOCAL ? "locallocks," : "",
2330 nmp->nm_deadtimeout);
2331
2332 return c > buflen ? ENOMEM : 0;
2333 }
2334
2335 #endif /* CONFIG_NFS_CLIENT */
2336
2337 /*
2338 * Schedule a callout thread to run an NFS timer function
2339 * interval milliseconds in the future.
2340 */
2341 void
nfs_interval_timer_start(thread_call_t call,time_t interval)2342 nfs_interval_timer_start(thread_call_t call, time_t interval)
2343 {
2344 uint64_t deadline;
2345
2346 clock_interval_to_deadline((int)interval, 1000 * 1000, &deadline);
2347 thread_call_enter_delayed(call, deadline);
2348 }
2349
2350
2351 #if CONFIG_NFS_SERVER
2352
2353 int nfsrv_cmp_secflavs(struct nfs_sec *, struct nfs_sec *);
2354 int nfsrv_hang_addrlist(struct nfs_export *, struct user_nfs_export_args *);
2355 int nfsrv_free_netopt(struct radix_node *, void *);
2356 int nfsrv_free_addrlist(struct nfs_export *, struct user_nfs_export_args *);
2357 struct nfs_export_options *nfsrv_export_lookup(struct nfs_export *, mbuf_t);
2358 struct nfs_export *nfsrv_fhtoexport(struct nfs_filehandle *);
2359 struct nfs_user_stat_node *nfsrv_get_user_stat_node(struct nfs_active_user_list *, struct sockaddr *, uid_t);
2360 void nfsrv_init_user_list(struct nfs_active_user_list *);
2361 void nfsrv_free_user_list(struct nfs_active_user_list *);
2362
2363 /*
2364 * add NFSv3 WCC data to an mbuf chain
2365 */
2366 int
nfsm_chain_add_wcc_data_f(struct nfsrv_descript * nd,struct nfsm_chain * nmc,int preattrerr,struct vnode_attr * prevap,int postattrerr,struct vnode_attr * postvap)2367 nfsm_chain_add_wcc_data_f(
2368 struct nfsrv_descript *nd,
2369 struct nfsm_chain *nmc,
2370 int preattrerr,
2371 struct vnode_attr *prevap,
2372 int postattrerr,
2373 struct vnode_attr *postvap)
2374 {
2375 int error = 0;
2376
2377 if (preattrerr) {
2378 nfsm_chain_add_32(error, nmc, FALSE);
2379 } else {
2380 nfsm_chain_add_32(error, nmc, TRUE);
2381 nfsm_chain_add_64(error, nmc, prevap->va_data_size);
2382 nfsm_chain_add_time(error, nmc, NFS_VER3, &prevap->va_modify_time);
2383 nfsm_chain_add_time(error, nmc, NFS_VER3, &prevap->va_change_time);
2384 }
2385 nfsm_chain_add_postop_attr(error, nd, nmc, postattrerr, postvap);
2386
2387 return error;
2388 }
2389
2390 /*
2391 * Extract a lookup path from the given mbufs and store it in
2392 * a newly allocated buffer saved in the given nameidata structure.
2393 */
2394 int
nfsm_chain_get_path_namei(struct nfsm_chain * nmc,uint32_t len,struct nameidata * nip)2395 nfsm_chain_get_path_namei(
2396 struct nfsm_chain *nmc,
2397 uint32_t len,
2398 struct nameidata *nip)
2399 {
2400 struct componentname *cnp = &nip->ni_cnd;
2401 int error = 0;
2402 char *cp;
2403
2404 if (len > (MAXPATHLEN - 1)) {
2405 return ENAMETOOLONG;
2406 }
2407
2408 /*
2409 * Get a buffer for the name to be translated, and copy the
2410 * name into the buffer.
2411 */
2412 cnp->cn_pnbuf = zalloc(ZV_NAMEI);
2413 cnp->cn_pnlen = MAXPATHLEN;
2414 cnp->cn_flags |= HASBUF;
2415
2416 /* Copy the name from the mbuf list to the string */
2417 cp = cnp->cn_pnbuf;
2418 nfsm_chain_get_opaque(error, nmc, len, cp);
2419 if (error) {
2420 goto out;
2421 }
2422 cnp->cn_pnbuf[len] = '\0';
2423
2424 /* sanity check the string */
2425 if ((strlen(cp) != len) || strchr(cp, '/')) {
2426 error = EACCES;
2427 }
2428 out:
2429 if (error) {
2430 if (cnp->cn_pnbuf) {
2431 NFS_ZFREE(ZV_NAMEI, cnp->cn_pnbuf);
2432 }
2433 cnp->cn_flags &= ~HASBUF;
2434 } else {
2435 nip->ni_pathlen = len;
2436 }
2437 return error;
2438 }
2439
2440 /*
2441 * Set up nameidata for a lookup() call and do it.
2442 */
2443 int
nfsrv_namei(struct nfsrv_descript * nd,vfs_context_t ctx,struct nameidata * nip,struct nfs_filehandle * nfhp,vnode_t * retdirp,struct nfs_export ** nxp,struct nfs_export_options ** nxop)2444 nfsrv_namei(
2445 struct nfsrv_descript *nd,
2446 vfs_context_t ctx,
2447 struct nameidata *nip,
2448 struct nfs_filehandle *nfhp,
2449 vnode_t *retdirp,
2450 struct nfs_export **nxp,
2451 struct nfs_export_options **nxop)
2452 {
2453 vnode_t dp;
2454 int error;
2455 struct componentname *cnp = &nip->ni_cnd;
2456 uint32_t cnflags;
2457 char *tmppn;
2458
2459 *retdirp = NULL;
2460
2461 /*
2462 * Extract and set starting directory.
2463 */
2464 error = nfsrv_fhtovp(nfhp, nd, &dp, nxp, nxop);
2465 if (error) {
2466 goto out;
2467 }
2468 error = nfsrv_credcheck(nd, ctx, *nxp, *nxop);
2469 if (error || (vnode_vtype(dp) != VDIR)) {
2470 vnode_put(dp);
2471 error = ENOTDIR;
2472 goto out;
2473 }
2474 *retdirp = dp;
2475
2476 nip->ni_cnd.cn_context = ctx;
2477
2478 if (*nxop && ((*nxop)->nxo_flags & NX_READONLY)) {
2479 cnp->cn_flags |= RDONLY;
2480 }
2481
2482 cnp->cn_flags |= NOCROSSMOUNT;
2483 cnp->cn_nameptr = cnp->cn_pnbuf;
2484 nip->ni_usedvp = nip->ni_startdir = dp;
2485 nip->ni_rootdir = rootvnode;
2486
2487 /*
2488 * And call lookup() to do the real work
2489 */
2490 cnflags = nip->ni_cnd.cn_flags; /* store in case we have to restore */
2491 while ((error = lookup(nip)) == ERECYCLE) {
2492 nip->ni_cnd.cn_flags = cnflags;
2493 cnp->cn_nameptr = cnp->cn_pnbuf;
2494 nip->ni_usedvp = nip->ni_dvp = nip->ni_startdir = dp;
2495 }
2496 if (error) {
2497 goto out;
2498 }
2499
2500 /* Check for encountering a symbolic link */
2501 if (cnp->cn_flags & ISSYMLINK) {
2502 if (cnp->cn_flags & (LOCKPARENT | WANTPARENT)) {
2503 vnode_put(nip->ni_dvp);
2504 }
2505 if (nip->ni_vp) {
2506 vnode_put(nip->ni_vp);
2507 nip->ni_vp = NULL;
2508 }
2509 error = EINVAL;
2510 }
2511 out:
2512 if (error) {
2513 tmppn = cnp->cn_pnbuf;
2514 cnp->cn_pnbuf = NULL;
2515 cnp->cn_flags &= ~HASBUF;
2516 NFS_ZFREE(ZV_NAMEI, tmppn);
2517 }
2518 return error;
2519 }
2520
2521 /*
2522 * A fiddled version of m_adj() that ensures null fill to a 4-byte
2523 * boundary and only trims off the back end
2524 */
2525 void
nfsm_adj(mbuf_t mp,int len,int nul)2526 nfsm_adj(mbuf_t mp, int len, int nul)
2527 {
2528 mbuf_t m, mnext;
2529 int count, i;
2530 long mlen;
2531 char *cp;
2532
2533 /*
2534 * Trim from tail. Scan the mbuf chain,
2535 * calculating its length and finding the last mbuf.
2536 * If the adjustment only affects this mbuf, then just
2537 * adjust and return. Otherwise, rescan and truncate
2538 * after the remaining size.
2539 */
2540 count = 0;
2541 m = mp;
2542 for (;;) {
2543 mlen = mbuf_len(m);
2544 count += mlen;
2545 mnext = mbuf_next(m);
2546 if (mnext == NULL) {
2547 break;
2548 }
2549 m = mnext;
2550 }
2551 if (mlen > len) {
2552 mlen -= len;
2553 mbuf_setlen(m, mlen);
2554 if (nul > 0) {
2555 cp = (caddr_t)mbuf_data(m) + mlen - nul;
2556 for (i = 0; i < nul; i++) {
2557 *cp++ = '\0';
2558 }
2559 }
2560 return;
2561 }
2562 count -= len;
2563 if (count < 0) {
2564 count = 0;
2565 }
2566 /*
2567 * Correct length for chain is "count".
2568 * Find the mbuf with last data, adjust its length,
2569 * and toss data from remaining mbufs on chain.
2570 */
2571 for (m = mp; m; m = mbuf_next(m)) {
2572 mlen = mbuf_len(m);
2573 if (mlen >= count) {
2574 mlen = count;
2575 mbuf_setlen(m, count);
2576 if (nul > 0) {
2577 cp = (caddr_t)mbuf_data(m) + mlen - nul;
2578 for (i = 0; i < nul; i++) {
2579 *cp++ = '\0';
2580 }
2581 }
2582 break;
2583 }
2584 count -= mlen;
2585 }
2586 for (m = mbuf_next(m); m; m = mbuf_next(m)) {
2587 mbuf_setlen(m, 0);
2588 }
2589 }
2590
2591 /*
2592 * Trim the header out of the mbuf list and trim off any trailing
2593 * junk so that the mbuf list has only the write data.
2594 */
2595 int
nfsm_chain_trim_data(struct nfsm_chain * nmc,int len,int * mlen)2596 nfsm_chain_trim_data(struct nfsm_chain *nmc, int len, int *mlen)
2597 {
2598 int cnt = 0;
2599 long dlen, adjust;
2600 caddr_t data;
2601 mbuf_t m;
2602
2603 if (mlen) {
2604 *mlen = 0;
2605 }
2606
2607 /* trim header */
2608 for (m = nmc->nmc_mhead; m && (m != nmc->nmc_mcur); m = mbuf_next(m)) {
2609 mbuf_setlen(m, 0);
2610 }
2611 if (!m) {
2612 return EIO;
2613 }
2614
2615 /* trim current mbuf */
2616 data = mbuf_data(m);
2617 dlen = mbuf_len(m);
2618 adjust = nmc->nmc_ptr - data;
2619 dlen -= adjust;
2620 if ((dlen > 0) && (adjust > 0)) {
2621 if (mbuf_setdata(m, nmc->nmc_ptr, dlen)) {
2622 return EIO;
2623 }
2624 } else {
2625 mbuf_setlen(m, dlen);
2626 }
2627
2628 /* skip next len bytes */
2629 for (; m && (cnt < len); m = mbuf_next(m)) {
2630 dlen = mbuf_len(m);
2631 cnt += dlen;
2632 if (cnt > len) {
2633 /* truncate to end of data */
2634 mbuf_setlen(m, dlen - (cnt - len));
2635 if (m == nmc->nmc_mcur) {
2636 nmc->nmc_left -= (cnt - len);
2637 }
2638 cnt = len;
2639 }
2640 }
2641 if (mlen) {
2642 *mlen = cnt;
2643 }
2644
2645 /* trim any trailing data */
2646 if (m == nmc->nmc_mcur) {
2647 nmc->nmc_left = 0;
2648 }
2649 for (; m; m = mbuf_next(m)) {
2650 mbuf_setlen(m, 0);
2651 }
2652
2653 return 0;
2654 }
2655
2656 int
nfsm_chain_add_fattr(struct nfsrv_descript * nd,struct nfsm_chain * nmc,struct vnode_attr * vap)2657 nfsm_chain_add_fattr(
2658 struct nfsrv_descript *nd,
2659 struct nfsm_chain *nmc,
2660 struct vnode_attr *vap)
2661 {
2662 int error = 0;
2663
2664 // XXX Should we assert here that all fields are supported?
2665
2666 nfsm_chain_add_32(error, nmc, vtonfs_type(vap->va_type, nd->nd_vers));
2667 if (nd->nd_vers == NFS_VER3) {
2668 nfsm_chain_add_32(error, nmc, vap->va_mode & 07777);
2669 } else {
2670 nfsm_chain_add_32(error, nmc, vtonfsv2_mode(vap->va_type, vap->va_mode));
2671 }
2672 nfsm_chain_add_32(error, nmc, vap->va_nlink);
2673 nfsm_chain_add_32(error, nmc, vap->va_uid);
2674 nfsm_chain_add_32(error, nmc, vap->va_gid);
2675 if (nd->nd_vers == NFS_VER3) {
2676 nfsm_chain_add_64(error, nmc, vap->va_data_size);
2677 nfsm_chain_add_64(error, nmc, vap->va_data_alloc);
2678 nfsm_chain_add_32(error, nmc, major(vap->va_rdev));
2679 nfsm_chain_add_32(error, nmc, minor(vap->va_rdev));
2680 nfsm_chain_add_64(error, nmc, vap->va_fsid);
2681 nfsm_chain_add_64(error, nmc, vap->va_fileid);
2682 } else {
2683 nfsm_chain_add_32(error, nmc, vap->va_data_size);
2684 nfsm_chain_add_32(error, nmc, NFS_FABLKSIZE);
2685 if (vap->va_type == VFIFO) {
2686 nfsm_chain_add_32(error, nmc, 0xffffffff);
2687 } else {
2688 nfsm_chain_add_32(error, nmc, vap->va_rdev);
2689 }
2690 nfsm_chain_add_32(error, nmc, vap->va_data_alloc / NFS_FABLKSIZE);
2691 nfsm_chain_add_32(error, nmc, vap->va_fsid);
2692 nfsm_chain_add_32(error, nmc, vap->va_fileid);
2693 }
2694 nfsm_chain_add_time(error, nmc, nd->nd_vers, &vap->va_access_time);
2695 nfsm_chain_add_time(error, nmc, nd->nd_vers, &vap->va_modify_time);
2696 nfsm_chain_add_time(error, nmc, nd->nd_vers, &vap->va_change_time);
2697
2698 return error;
2699 }
2700
2701 int
nfsm_chain_get_sattr(struct nfsrv_descript * nd,struct nfsm_chain * nmc,struct vnode_attr * vap)2702 nfsm_chain_get_sattr(
2703 struct nfsrv_descript *nd,
2704 struct nfsm_chain *nmc,
2705 struct vnode_attr *vap)
2706 {
2707 int error = 0;
2708 uint32_t val = 0;
2709 uint64_t val64 = 0;
2710 struct timespec now;
2711
2712 if (nd->nd_vers == NFS_VER2) {
2713 /*
2714 * There is/was a bug in the Sun client that puts 0xffff in the mode
2715 * field of sattr when it should put in 0xffffffff. The u_short
2716 * doesn't sign extend. So check the low order 2 bytes for 0xffff.
2717 */
2718 nfsm_chain_get_32(error, nmc, val);
2719 if ((val & 0xffff) != 0xffff) {
2720 VATTR_SET(vap, va_mode, val & 07777);
2721 /* save the "type" bits for NFSv2 create */
2722 VATTR_SET(vap, va_type, IFTOVT(val));
2723 VATTR_CLEAR_ACTIVE(vap, va_type);
2724 }
2725 nfsm_chain_get_32(error, nmc, val);
2726 if (val != (uint32_t)-1) {
2727 VATTR_SET(vap, va_uid, val);
2728 }
2729 nfsm_chain_get_32(error, nmc, val);
2730 if (val != (uint32_t)-1) {
2731 VATTR_SET(vap, va_gid, val);
2732 }
2733 /* save the "size" bits for NFSv2 create (even if they appear unset) */
2734 nfsm_chain_get_32(error, nmc, val);
2735 VATTR_SET(vap, va_data_size, val);
2736 if (val == (uint32_t)-1) {
2737 VATTR_CLEAR_ACTIVE(vap, va_data_size);
2738 }
2739 nfsm_chain_get_time(error, nmc, NFS_VER2,
2740 vap->va_access_time.tv_sec,
2741 vap->va_access_time.tv_nsec);
2742 if (vap->va_access_time.tv_sec != -1) {
2743 VATTR_SET_ACTIVE(vap, va_access_time);
2744 }
2745 nfsm_chain_get_time(error, nmc, NFS_VER2,
2746 vap->va_modify_time.tv_sec,
2747 vap->va_modify_time.tv_nsec);
2748 if (vap->va_modify_time.tv_sec != -1) {
2749 VATTR_SET_ACTIVE(vap, va_modify_time);
2750 }
2751 return error;
2752 }
2753
2754 /* NFSv3 */
2755 nfsm_chain_get_32(error, nmc, val);
2756 if (val) {
2757 nfsm_chain_get_32(error, nmc, val);
2758 VATTR_SET(vap, va_mode, val & 07777);
2759 }
2760 nfsm_chain_get_32(error, nmc, val);
2761 if (val) {
2762 nfsm_chain_get_32(error, nmc, val);
2763 VATTR_SET(vap, va_uid, val);
2764 }
2765 nfsm_chain_get_32(error, nmc, val);
2766 if (val) {
2767 nfsm_chain_get_32(error, nmc, val);
2768 VATTR_SET(vap, va_gid, val);
2769 }
2770 nfsm_chain_get_32(error, nmc, val);
2771 if (val) {
2772 nfsm_chain_get_64(error, nmc, val64);
2773 VATTR_SET(vap, va_data_size, val64);
2774 }
2775 nanotime(&now);
2776 nfsm_chain_get_32(error, nmc, val);
2777 switch (val) {
2778 case NFS_TIME_SET_TO_CLIENT:
2779 nfsm_chain_get_time(error, nmc, nd->nd_vers,
2780 vap->va_access_time.tv_sec,
2781 vap->va_access_time.tv_nsec);
2782 VATTR_SET_ACTIVE(vap, va_access_time);
2783 vap->va_vaflags &= ~VA_UTIMES_NULL;
2784 break;
2785 case NFS_TIME_SET_TO_SERVER:
2786 VATTR_SET(vap, va_access_time, now);
2787 vap->va_vaflags |= VA_UTIMES_NULL;
2788 break;
2789 }
2790 nfsm_chain_get_32(error, nmc, val);
2791 switch (val) {
2792 case NFS_TIME_SET_TO_CLIENT:
2793 nfsm_chain_get_time(error, nmc, nd->nd_vers,
2794 vap->va_modify_time.tv_sec,
2795 vap->va_modify_time.tv_nsec);
2796 VATTR_SET_ACTIVE(vap, va_modify_time);
2797 vap->va_vaflags &= ~VA_UTIMES_NULL;
2798 break;
2799 case NFS_TIME_SET_TO_SERVER:
2800 VATTR_SET(vap, va_modify_time, now);
2801 if (!VATTR_IS_ACTIVE(vap, va_access_time)) {
2802 vap->va_vaflags |= VA_UTIMES_NULL;
2803 }
2804 break;
2805 }
2806
2807 return error;
2808 }
2809
2810 /*
2811 * Compare two security flavor structs
2812 */
2813 int
nfsrv_cmp_secflavs(struct nfs_sec * sf1,struct nfs_sec * sf2)2814 nfsrv_cmp_secflavs(struct nfs_sec *sf1, struct nfs_sec *sf2)
2815 {
2816 int i;
2817
2818 if (sf1->count != sf2->count) {
2819 return 1;
2820 }
2821 for (i = 0; i < sf1->count; i++) {
2822 if (sf1->flavors[i] != sf2->flavors[i]) {
2823 return 1;
2824 }
2825 }
2826 return 0;
2827 }
2828
2829 /*
2830 * Build hash lists of net addresses and hang them off the NFS export.
2831 * Called by nfsrv_export() to set up the lists of export addresses.
2832 */
2833 int
nfsrv_hang_addrlist(struct nfs_export * nx,struct user_nfs_export_args * unxa)2834 nfsrv_hang_addrlist(struct nfs_export *nx, struct user_nfs_export_args *unxa)
2835 {
2836 struct nfs_export_net_args nxna;
2837 struct nfs_netopt *no, *rn_no;
2838 struct radix_node_head *rnh;
2839 struct radix_node *rn;
2840 struct sockaddr *saddr, *smask;
2841 struct domain *dom;
2842 size_t i, ss_minsize;
2843 int error;
2844 unsigned int net;
2845 user_addr_t uaddr;
2846 kauth_cred_t cred;
2847
2848 uaddr = unxa->nxa_nets;
2849 ss_minsize = sizeof(((struct sockaddr_storage *)0)->ss_len) + sizeof(((struct sockaddr_storage *)0)->ss_family);
2850 for (net = 0; net < unxa->nxa_netcount; net++, uaddr += sizeof(nxna)) {
2851 error = copyin(uaddr, &nxna, sizeof(nxna));
2852 if (error) {
2853 return error;
2854 }
2855
2856 if (nxna.nxna_addr.ss_len > sizeof(struct sockaddr_storage) ||
2857 (nxna.nxna_addr.ss_len != 0 && nxna.nxna_addr.ss_len < ss_minsize) ||
2858 nxna.nxna_mask.ss_len > sizeof(struct sockaddr_storage) ||
2859 (nxna.nxna_mask.ss_len != 0 && nxna.nxna_mask.ss_len < ss_minsize) ||
2860 nxna.nxna_addr.ss_family > AF_MAX ||
2861 nxna.nxna_mask.ss_family > AF_MAX) {
2862 return EINVAL;
2863 }
2864
2865 if (nxna.nxna_flags & (NX_MAPROOT | NX_MAPALL)) {
2866 struct posix_cred temp_pcred;
2867 bzero(&temp_pcred, sizeof(temp_pcred));
2868 temp_pcred.cr_uid = nxna.nxna_cred.cr_uid;
2869 temp_pcred.cr_ngroups = nxna.nxna_cred.cr_ngroups;
2870 for (i = 0; i < (size_t)nxna.nxna_cred.cr_ngroups && i < NGROUPS; i++) {
2871 temp_pcred.cr_groups[i] = nxna.nxna_cred.cr_groups[i];
2872 }
2873 cred = posix_cred_create(&temp_pcred);
2874 if (!IS_VALID_CRED(cred)) {
2875 return ENOMEM;
2876 }
2877 } else {
2878 cred = NOCRED;
2879 }
2880
2881 if (nxna.nxna_addr.ss_len == 0) {
2882 /* No address means this is a default/world export */
2883 if (nx->nx_flags & NX_DEFAULTEXPORT) {
2884 if (IS_VALID_CRED(cred)) {
2885 kauth_cred_unref(&cred);
2886 }
2887 return EEXIST;
2888 }
2889 nx->nx_flags |= NX_DEFAULTEXPORT;
2890 nx->nx_defopt.nxo_flags = nxna.nxna_flags;
2891 nx->nx_defopt.nxo_cred = cred;
2892 bcopy(&nxna.nxna_sec, &nx->nx_defopt.nxo_sec, sizeof(struct nfs_sec));
2893 nx->nx_expcnt++;
2894 continue;
2895 }
2896
2897 no = kalloc_type(struct nfs_netopt, Z_WAITOK | Z_ZERO | Z_NOFAIL);
2898 no->no_opt.nxo_flags = nxna.nxna_flags;
2899 no->no_opt.nxo_cred = cred;
2900 bcopy(&nxna.nxna_sec, &no->no_opt.nxo_sec, sizeof(struct nfs_sec));
2901
2902 if (nxna.nxna_addr.ss_len) {
2903 no->no_addr = kalloc_data(nxna.nxna_addr.ss_len, M_WAITOK);
2904 bcopy(&nxna.nxna_addr, no->no_addr, nxna.nxna_addr.ss_len);
2905 }
2906 saddr = no->no_addr;
2907
2908 if (nxna.nxna_mask.ss_len) {
2909 no->no_mask = kalloc_data(nxna.nxna_mask.ss_len, M_WAITOK);
2910 bcopy(&nxna.nxna_mask, no->no_mask, nxna.nxna_mask.ss_len);
2911 }
2912 smask = no->no_mask;
2913
2914 sa_family_t family = saddr->sa_family;
2915 if ((rnh = nx->nx_rtable[family]) == 0) {
2916 /*
2917 * Seems silly to initialize every AF when most are not
2918 * used, do so on demand here
2919 */
2920 TAILQ_FOREACH(dom, &domains, dom_entry) {
2921 if (dom->dom_family == family && dom->dom_rtattach) {
2922 dom->dom_rtattach((void **)&nx->nx_rtable[family],
2923 dom->dom_rtoffset);
2924 break;
2925 }
2926 }
2927 if ((rnh = nx->nx_rtable[family]) == 0) {
2928 if (IS_VALID_CRED(cred)) {
2929 kauth_cred_unref(&cred);
2930 }
2931 nfs_netopt_free(no);
2932 return ENOBUFS;
2933 }
2934 }
2935 rn = (*rnh->rnh_addaddr)((caddr_t)saddr, (caddr_t)smask, rnh, no->no_rnodes);
2936 if (rn == 0) {
2937 /*
2938 * One of the reasons that rnh_addaddr may fail is that
2939 * the entry already exists. To check for this case, we
2940 * look up the entry to see if it is there. If so, we
2941 * do not need to make a new entry but do continue.
2942 *
2943 * XXX should this be rnh_lookup() instead?
2944 */
2945 int matched = 0;
2946 rn = (*rnh->rnh_matchaddr)((caddr_t)saddr, rnh);
2947 rn_no = (struct nfs_netopt *)rn;
2948 if (rn != 0 && (rn->rn_flags & RNF_ROOT) == 0 &&
2949 (rn_no->no_opt.nxo_flags == nxna.nxna_flags) &&
2950 (!nfsrv_cmp_secflavs(&rn_no->no_opt.nxo_sec, &nxna.nxna_sec))) {
2951 kauth_cred_t cred2 = rn_no->no_opt.nxo_cred;
2952 if (cred == cred2) {
2953 /* creds are same (or both NULL) */
2954 matched = 1;
2955 } else if (cred && cred2 && (kauth_cred_getuid(cred) == kauth_cred_getuid(cred2))) {
2956 /*
2957 * Now compare the effective and
2958 * supplementary groups...
2959 *
2960 * Note: This comparison, as written,
2961 * does not correctly indicate that
2962 * the groups are equivalent, since
2963 * other than the first supplementary
2964 * group, which is also the effective
2965 * group, order on the remaining groups
2966 * doesn't matter, and this is an
2967 * ordered compare.
2968 */
2969 gid_t groups[NGROUPS];
2970 gid_t groups2[NGROUPS];
2971 size_t groupcount = NGROUPS;
2972 size_t group2count = NGROUPS;
2973
2974 if (!kauth_cred_getgroups(cred, groups, &groupcount) &&
2975 !kauth_cred_getgroups(cred2, groups2, &group2count) &&
2976 groupcount == group2count) {
2977 for (i = 0; i < group2count; i++) {
2978 if (groups[i] != groups2[i]) {
2979 break;
2980 }
2981 }
2982 if (i >= group2count || i >= NGROUPS) {
2983 matched = 1;
2984 }
2985 }
2986 }
2987 }
2988 if (IS_VALID_CRED(cred)) {
2989 kauth_cred_unref(&cred);
2990 }
2991 nfs_netopt_free(no);
2992 if (matched) {
2993 continue;
2994 }
2995 return EPERM;
2996 }
2997 nx->nx_expcnt++;
2998 }
2999
3000 return 0;
3001 }
3002
3003 /*
3004 * In order to properly track an export's netopt count, we need to pass
3005 * an additional argument to nfsrv_free_netopt() so that it can decrement
3006 * the export's netopt count.
3007 */
3008 struct nfsrv_free_netopt_arg {
3009 uint32_t *cnt;
3010 struct radix_node_head *rnh;
3011 };
3012
3013 int
nfsrv_free_netopt(struct radix_node * rn,void * w)3014 nfsrv_free_netopt(struct radix_node *rn, void *w)
3015 {
3016 struct nfsrv_free_netopt_arg *fna = (struct nfsrv_free_netopt_arg *)w;
3017 struct radix_node_head *rnh = fna->rnh;
3018 uint32_t *cnt = fna->cnt;
3019 struct nfs_netopt *nno = (struct nfs_netopt *)rn;
3020
3021 (*rnh->rnh_deladdr)(rn->rn_key, rn->rn_mask, rnh);
3022 if (IS_VALID_CRED(nno->no_opt.nxo_cred)) {
3023 kauth_cred_unref(&nno->no_opt.nxo_cred);
3024 }
3025 nfs_netopt_free(nno);
3026 *cnt -= 1;
3027 return 0;
3028 }
3029
3030 /*
3031 * Free the net address hash lists that are hanging off the mount points.
3032 */
3033 int
nfsrv_free_addrlist(struct nfs_export * nx,struct user_nfs_export_args * unxa)3034 nfsrv_free_addrlist(struct nfs_export *nx, struct user_nfs_export_args *unxa)
3035 {
3036 struct nfs_export_net_args nxna;
3037 struct radix_node_head *rnh;
3038 struct radix_node *rn;
3039 struct nfsrv_free_netopt_arg fna;
3040 struct nfs_netopt *nno;
3041 size_t ss_minsize;
3042 user_addr_t uaddr;
3043 unsigned int net;
3044 int i, error;
3045
3046 if (!unxa || !unxa->nxa_netcount) {
3047 /* delete everything */
3048 for (i = 0; i <= AF_MAX; i++) {
3049 if ((rnh = nx->nx_rtable[i])) {
3050 fna.rnh = rnh;
3051 fna.cnt = &nx->nx_expcnt;
3052 (*rnh->rnh_walktree)(rnh, nfsrv_free_netopt, (caddr_t)&fna);
3053 _FREE((caddr_t)rnh, M_RTABLE);
3054 nx->nx_rtable[i] = 0;
3055 }
3056 }
3057 return 0;
3058 }
3059
3060 /* delete only the exports specified */
3061 uaddr = unxa->nxa_nets;
3062 ss_minsize = sizeof(((struct sockaddr_storage *)0)->ss_len) + sizeof(((struct sockaddr_storage *)0)->ss_family);
3063 for (net = 0; net < unxa->nxa_netcount; net++, uaddr += sizeof(nxna)) {
3064 error = copyin(uaddr, &nxna, sizeof(nxna));
3065 if (error) {
3066 return error;
3067 }
3068
3069 if (nxna.nxna_addr.ss_len == 0) {
3070 /* No address means this is a default/world export */
3071 if (nx->nx_flags & NX_DEFAULTEXPORT) {
3072 nx->nx_flags &= ~NX_DEFAULTEXPORT;
3073 if (IS_VALID_CRED(nx->nx_defopt.nxo_cred)) {
3074 kauth_cred_unref(&nx->nx_defopt.nxo_cred);
3075 }
3076 nx->nx_expcnt--;
3077 }
3078 continue;
3079 }
3080
3081 if (nxna.nxna_addr.ss_len > sizeof(struct sockaddr_storage) ||
3082 (nxna.nxna_addr.ss_len != 0 && nxna.nxna_addr.ss_len < ss_minsize) ||
3083 nxna.nxna_addr.ss_family > AF_MAX) {
3084 printf("nfsrv_free_addrlist: invalid socket address (%u)\n", net);
3085 continue;
3086 }
3087
3088 if (nxna.nxna_mask.ss_len > sizeof(struct sockaddr_storage) ||
3089 (nxna.nxna_mask.ss_len != 0 && nxna.nxna_mask.ss_len < ss_minsize) ||
3090 nxna.nxna_mask.ss_family > AF_MAX) {
3091 printf("nfsrv_free_addrlist: invalid socket mask (%u)\n", net);
3092 continue;
3093 }
3094
3095 if ((rnh = nx->nx_rtable[nxna.nxna_addr.ss_family]) == 0) {
3096 /* AF not initialized? */
3097 if (!(unxa->nxa_flags & NXA_ADD)) {
3098 printf("nfsrv_free_addrlist: address not found (0)\n");
3099 }
3100 continue;
3101 }
3102
3103 rn = (*rnh->rnh_lookup)(&nxna.nxna_addr,
3104 nxna.nxna_mask.ss_len ? &nxna.nxna_mask : NULL, rnh);
3105 if (!rn || (rn->rn_flags & RNF_ROOT)) {
3106 if (!(unxa->nxa_flags & NXA_ADD)) {
3107 printf("nfsrv_free_addrlist: address not found (1)\n");
3108 }
3109 continue;
3110 }
3111
3112 (*rnh->rnh_deladdr)(rn->rn_key, rn->rn_mask, rnh);
3113 nno = (struct nfs_netopt *)rn;
3114 if (IS_VALID_CRED(nno->no_opt.nxo_cred)) {
3115 kauth_cred_unref(&nno->no_opt.nxo_cred);
3116 }
3117 nfs_netopt_free(nno);
3118
3119 nx->nx_expcnt--;
3120 if (nx->nx_expcnt == ((nx->nx_flags & NX_DEFAULTEXPORT) ? 1 : 0)) {
3121 /* no more entries in rnh, so free it up */
3122 _FREE((caddr_t)rnh, M_RTABLE);
3123 nx->nx_rtable[nxna.nxna_addr.ss_family] = 0;
3124 }
3125 }
3126
3127 return 0;
3128 }
3129
3130 void enablequotas(struct mount *mp, vfs_context_t ctx); // XXX
3131
3132 #define DATA_VOLUME_MP "/System/Volumes/Data" // PLATFORM_DATA_VOLUME_MOUNT_POINT
3133
3134 int
nfsrv_export(struct user_nfs_export_args * unxa,vfs_context_t ctx)3135 nfsrv_export(struct user_nfs_export_args *unxa, vfs_context_t ctx)
3136 {
3137 int error = 0;
3138 size_t pathlen, nxfs_pathlen;
3139 struct nfs_exportfs *nxfs, *nxfs2, *nxfs3;
3140 struct nfs_export *nx, *nx2, *nx3;
3141 struct nfs_filehandle nfh;
3142 struct nameidata mnd, xnd;
3143 vnode_t mvp = NULL, xvp = NULL;
3144 mount_t mp = NULL;
3145 char path[MAXPATHLEN], *nxfs_path;
3146 char fl_pathbuff[MAXPATHLEN];
3147 int fl_pathbuff_len = MAXPATHLEN;
3148 int expisroot;
3149 size_t datavol_len = strlen(DATA_VOLUME_MP);
3150
3151 if (unxa->nxa_flags == NXA_CHECK) {
3152 /* just check if the path is an NFS-exportable file system */
3153 error = copyinstr(unxa->nxa_fspath, path, MAXPATHLEN, &pathlen);
3154 if (error) {
3155 return error;
3156 }
3157 NDINIT(&mnd, LOOKUP, OP_LOOKUP, FOLLOW | LOCKLEAF | AUDITVNPATH1,
3158 UIO_SYSSPACE, CAST_USER_ADDR_T(path), ctx);
3159 error = namei(&mnd);
3160 if (error) {
3161 return error;
3162 }
3163 mvp = mnd.ni_vp;
3164 mp = vnode_mount(mvp);
3165 /* make sure it's the root of a file system */
3166 if (!vnode_isvroot(mvp)) {
3167 error = EINVAL;
3168 }
3169 /* make sure the file system is NFS-exportable */
3170 if (!error) {
3171 nfh.nfh_len = NFSV3_MAX_FID_SIZE;
3172 error = VFS_VPTOFH(mvp, (int*)&nfh.nfh_len, &nfh.nfh_fid[0], NULL);
3173 }
3174 if (!error && (nfh.nfh_len > (int)NFSV3_MAX_FID_SIZE)) {
3175 error = EIO;
3176 }
3177 if (!error && !(mp->mnt_vtable->vfc_vfsflags & VFC_VFSREADDIR_EXTENDED)) {
3178 error = EISDIR;
3179 }
3180 vnode_put(mvp);
3181 nameidone(&mnd);
3182 return error;
3183 }
3184
3185 /* all other operations: must be super user */
3186 if ((error = vfs_context_suser(ctx))) {
3187 return error;
3188 }
3189
3190 if (unxa->nxa_flags & NXA_DELETE_ALL) {
3191 /* delete all exports on all file systems */
3192 lck_rw_lock_exclusive(&nfsrv_export_rwlock);
3193 while ((nxfs = LIST_FIRST(&nfsrv_exports))) {
3194 mp = vfs_getvfs_by_mntonname(nxfs->nxfs_path);
3195 if (mp) {
3196 vfs_clearflags(mp, MNT_EXPORTED);
3197 mount_iterdrop(mp);
3198 mp = NULL;
3199 }
3200 /* delete all exports on this file system */
3201 while ((nx = LIST_FIRST(&nxfs->nxfs_exports))) {
3202 LIST_REMOVE(nx, nx_next);
3203 LIST_REMOVE(nx, nx_hash);
3204 /* delete all netopts for this export */
3205 nfsrv_free_addrlist(nx, NULL);
3206 nx->nx_flags &= ~NX_DEFAULTEXPORT;
3207 if (IS_VALID_CRED(nx->nx_defopt.nxo_cred)) {
3208 kauth_cred_unref(&nx->nx_defopt.nxo_cred);
3209 }
3210 /* free active user list for this export */
3211 nfsrv_free_user_list(&nx->nx_user_list);
3212 kfree_data_addr(nx->nx_path);
3213 kfree_type(struct nfs_export, nx);
3214 }
3215 LIST_REMOVE(nxfs, nxfs_next);
3216 kfree_data_addr(nxfs->nxfs_path);
3217 kfree_type(struct nfs_exportfs, nxfs);
3218 }
3219 if (nfsrv_export_hashtbl) {
3220 /* all exports deleted, clean up export hash table */
3221 FREE(nfsrv_export_hashtbl, M_TEMP);
3222 nfsrv_export_hashtbl = NULL;
3223 }
3224 lck_rw_done(&nfsrv_export_rwlock);
3225 return 0;
3226 }
3227
3228 error = copyinstr(unxa->nxa_fspath, path, MAXPATHLEN, &pathlen);
3229 if (error) {
3230 return error;
3231 }
3232
3233 lck_rw_lock_exclusive(&nfsrv_export_rwlock);
3234
3235 /* init export hash table if not already */
3236 if (!nfsrv_export_hashtbl) {
3237 if (nfsrv_export_hash_size <= 0) {
3238 nfsrv_export_hash_size = NFSRVEXPHASHSZ;
3239 }
3240 nfsrv_export_hashtbl = hashinit(nfsrv_export_hash_size, M_TEMP, &nfsrv_export_hash);
3241 }
3242
3243 // first check if we've already got an exportfs with the given ID
3244 LIST_FOREACH(nxfs, &nfsrv_exports, nxfs_next) {
3245 if (nxfs->nxfs_id == unxa->nxa_fsid) {
3246 break;
3247 }
3248 }
3249 if (nxfs) {
3250 /* verify exported FS path matches given path */
3251 if (strncmp(path, nxfs->nxfs_path, MAXPATHLEN) &&
3252 (strncmp(path, DATA_VOLUME_MP, datavol_len) || strncmp(path + datavol_len, nxfs->nxfs_path, MAXPATHLEN - datavol_len))) {
3253 error = EEXIST;
3254 goto unlock_out;
3255 }
3256 if ((unxa->nxa_flags & (NXA_ADD | NXA_OFFLINE)) == NXA_ADD) {
3257 /* find exported FS root vnode */
3258 NDINIT(&mnd, LOOKUP, OP_LOOKUP, FOLLOW | LOCKLEAF | AUDITVNPATH1,
3259 UIO_SYSSPACE, CAST_USER_ADDR_T(nxfs->nxfs_path), ctx);
3260 error = namei(&mnd);
3261 if (error) {
3262 goto unlock_out;
3263 }
3264 mvp = mnd.ni_vp;
3265 /* make sure it's (still) the root of a file system */
3266 if (!vnode_isvroot(mvp)) {
3267 error = EINVAL;
3268 goto out;
3269 }
3270 /* if adding, verify that the mount is still what we expect */
3271 mp = vfs_getvfs_by_mntonname(nxfs->nxfs_path);
3272 if (!mp) {
3273 /* check for firmlink-free path */
3274 if (vn_getpath_ext(mvp, NULLVP, fl_pathbuff, &fl_pathbuff_len, VN_GETPATH_NO_FIRMLINK) == 0 &&
3275 fl_pathbuff_len > 0 &&
3276 !strncmp(nxfs->nxfs_path, fl_pathbuff, MAXPATHLEN)) {
3277 mp = vfs_getvfs_by_mntonname(vfs_statfs(vnode_mount(mvp))->f_mntonname);
3278 }
3279 }
3280 if (mp) {
3281 mount_ref(mp, 0);
3282 mount_iterdrop(mp);
3283 }
3284 /* sanity check: this should be same mount */
3285 if (mp != vnode_mount(mvp)) {
3286 error = EINVAL;
3287 goto out;
3288 }
3289 }
3290 } else {
3291 /* no current exported file system with that ID */
3292 if (!(unxa->nxa_flags & NXA_ADD)) {
3293 error = ENOENT;
3294 goto unlock_out;
3295 }
3296
3297 /* find exported FS root vnode */
3298 NDINIT(&mnd, LOOKUP, OP_LOOKUP, FOLLOW | LOCKLEAF | AUDITVNPATH1,
3299 UIO_SYSSPACE, CAST_USER_ADDR_T(path), ctx);
3300 error = namei(&mnd);
3301 if (error) {
3302 if (!(unxa->nxa_flags & NXA_OFFLINE)) {
3303 goto unlock_out;
3304 }
3305 } else {
3306 mvp = mnd.ni_vp;
3307 /* make sure it's the root of a file system */
3308 if (!vnode_isvroot(mvp)) {
3309 /* bail if not marked offline */
3310 if (!(unxa->nxa_flags & NXA_OFFLINE)) {
3311 error = EINVAL;
3312 goto out;
3313 }
3314 vnode_put(mvp);
3315 nameidone(&mnd);
3316 mvp = NULL;
3317 } else {
3318 mp = vnode_mount(mvp);
3319 mount_ref(mp, 0);
3320
3321 /* make sure the file system is NFS-exportable */
3322 nfh.nfh_len = NFSV3_MAX_FID_SIZE;
3323 error = VFS_VPTOFH(mvp, (int*)&nfh.nfh_len, &nfh.nfh_fid[0], NULL);
3324 if (!error && (nfh.nfh_len > (int)NFSV3_MAX_FID_SIZE)) {
3325 error = EIO;
3326 }
3327 if (!error && !(mp->mnt_vtable->vfc_vfsflags & VFC_VFSREADDIR_EXTENDED)) {
3328 error = EISDIR;
3329 }
3330 if (error) {
3331 goto out;
3332 }
3333 }
3334 }
3335
3336 /* add an exportfs for it */
3337 nxfs = kalloc_type(struct nfs_exportfs, Z_WAITOK | Z_ZERO | Z_NOFAIL);
3338 nxfs->nxfs_id = unxa->nxa_fsid;
3339 if (mp) {
3340 nxfs_path = mp->mnt_vfsstat.f_mntonname;
3341 nxfs_pathlen = sizeof(mp->mnt_vfsstat.f_mntonname);
3342 } else {
3343 nxfs_path = path;
3344 nxfs_pathlen = pathlen;
3345 }
3346 nxfs->nxfs_path = kalloc_data(nxfs_pathlen, Z_WAITOK);
3347 if (!nxfs->nxfs_path) {
3348 kfree_type(struct nfs_exportfs, nxfs);
3349 error = ENOMEM;
3350 goto out;
3351 }
3352 bcopy(nxfs_path, nxfs->nxfs_path, nxfs_pathlen);
3353 /* insert into list in reverse-sorted order */
3354 nxfs3 = NULL;
3355 LIST_FOREACH(nxfs2, &nfsrv_exports, nxfs_next) {
3356 if (strncmp(nxfs->nxfs_path, nxfs2->nxfs_path, MAXPATHLEN) > 0) {
3357 break;
3358 }
3359 nxfs3 = nxfs2;
3360 }
3361 if (nxfs2) {
3362 LIST_INSERT_BEFORE(nxfs2, nxfs, nxfs_next);
3363 } else if (nxfs3) {
3364 LIST_INSERT_AFTER(nxfs3, nxfs, nxfs_next);
3365 } else {
3366 LIST_INSERT_HEAD(&nfsrv_exports, nxfs, nxfs_next);
3367 }
3368
3369 /* make sure any quotas are enabled before we export the file system */
3370 if (mp) {
3371 enablequotas(mp, ctx);
3372 }
3373 }
3374
3375 if (unxa->nxa_exppath) {
3376 error = copyinstr(unxa->nxa_exppath, path, MAXPATHLEN, &pathlen);
3377 if (error) {
3378 goto out;
3379 }
3380 LIST_FOREACH(nx, &nxfs->nxfs_exports, nx_next) {
3381 if (nx->nx_id == unxa->nxa_expid) {
3382 break;
3383 }
3384 }
3385 if (nx) {
3386 /* verify exported FS path matches given path */
3387 if (strncmp(path, nx->nx_path, MAXPATHLEN)) {
3388 error = EEXIST;
3389 goto out;
3390 }
3391 } else {
3392 /* no current export with that ID */
3393 if (!(unxa->nxa_flags & NXA_ADD)) {
3394 error = ENOENT;
3395 goto out;
3396 }
3397 /* add an export for it */
3398 nx = kalloc_type(struct nfs_export, Z_WAITOK | Z_ZERO | Z_NOFAIL);
3399 nx->nx_id = unxa->nxa_expid;
3400 nx->nx_fs = nxfs;
3401 microtime(&nx->nx_exptime);
3402 nx->nx_path = kalloc_data(pathlen, Z_WAITOK);
3403 if (!nx->nx_path) {
3404 error = ENOMEM;
3405 kfree_type(struct nfs_export, nx);
3406 nx = NULL;
3407 goto out1;
3408 }
3409 bcopy(path, nx->nx_path, pathlen);
3410 /* initialize the active user list */
3411 nfsrv_init_user_list(&nx->nx_user_list);
3412 /* insert into list in reverse-sorted order */
3413 nx3 = NULL;
3414 LIST_FOREACH(nx2, &nxfs->nxfs_exports, nx_next) {
3415 if (strncmp(nx->nx_path, nx2->nx_path, MAXPATHLEN) > 0) {
3416 break;
3417 }
3418 nx3 = nx2;
3419 }
3420 if (nx2) {
3421 LIST_INSERT_BEFORE(nx2, nx, nx_next);
3422 } else if (nx3) {
3423 LIST_INSERT_AFTER(nx3, nx, nx_next);
3424 } else {
3425 LIST_INSERT_HEAD(&nxfs->nxfs_exports, nx, nx_next);
3426 }
3427 /* insert into hash */
3428 LIST_INSERT_HEAD(NFSRVEXPHASH(nxfs->nxfs_id, nx->nx_id), nx, nx_hash);
3429
3430 /*
3431 * We don't allow/support nested exports. Check if the new entry
3432 * nests with the entries before and after or if there's an
3433 * entry for the file system root and subdirs.
3434 */
3435 error = 0;
3436 if ((nx3 && !strncmp(nx3->nx_path, nx->nx_path, pathlen - 1) &&
3437 (nx3->nx_path[pathlen - 1] == '/')) ||
3438 (nx2 && !strncmp(nx2->nx_path, nx->nx_path, strlen(nx2->nx_path)) &&
3439 (nx->nx_path[strlen(nx2->nx_path)] == '/'))) {
3440 error = EINVAL;
3441 }
3442 if (!error) {
3443 /* check export conflict with fs root export and vice versa */
3444 expisroot = !nx->nx_path[0] ||
3445 ((nx->nx_path[0] == '.') && !nx->nx_path[1]);
3446 LIST_FOREACH(nx2, &nxfs->nxfs_exports, nx_next) {
3447 if (expisroot) {
3448 if (nx2 != nx) {
3449 break;
3450 }
3451 } else if (!nx2->nx_path[0]) {
3452 break;
3453 } else if ((nx2->nx_path[0] == '.') && !nx2->nx_path[1]) {
3454 break;
3455 }
3456 }
3457 if (nx2) {
3458 error = EINVAL;
3459 }
3460 }
3461 if (error) {
3462 /*
3463 * Don't actually return an error because mountd is
3464 * probably about to delete the conflicting export.
3465 * This can happen when a new export momentarily conflicts
3466 * with an old export while the transition is being made.
3467 * Theoretically, mountd could be written to avoid this
3468 * transient situation - but it would greatly increase the
3469 * complexity of mountd for very little overall benefit.
3470 */
3471 printf("nfsrv_export: warning: nested exports: %s/%s\n",
3472 nxfs->nxfs_path, nx->nx_path);
3473 error = 0;
3474 }
3475 nx->nx_fh.nfh_xh.nxh_flags = NXHF_INVALIDFH;
3476 }
3477 /* make sure file handle is set up */
3478 if ((nx->nx_fh.nfh_xh.nxh_version != htonl(NFS_FH_VERSION)) ||
3479 (nx->nx_fh.nfh_xh.nxh_flags & NXHF_INVALIDFH)) {
3480 /* try to set up export root file handle */
3481 nx->nx_fh.nfh_xh.nxh_version = htonl(NFS_FH_VERSION);
3482 nx->nx_fh.nfh_xh.nxh_fsid = htonl(nx->nx_fs->nxfs_id);
3483 nx->nx_fh.nfh_xh.nxh_expid = htonl(nx->nx_id);
3484 nx->nx_fh.nfh_xh.nxh_flags = 0;
3485 nx->nx_fh.nfh_xh.nxh_reserved = 0;
3486 nx->nx_fh.nfh_fhp = (u_char*)&nx->nx_fh.nfh_xh;
3487 bzero(&nx->nx_fh.nfh_fid[0], NFSV2_MAX_FID_SIZE);
3488 if (mvp) {
3489 /* find export root vnode */
3490 if (!nx->nx_path[0] || ((nx->nx_path[0] == '.') && !nx->nx_path[1])) {
3491 /* exporting file system's root directory */
3492 xvp = mvp;
3493 vnode_get(xvp);
3494 } else {
3495 NDINIT(&xnd, LOOKUP, OP_LOOKUP, LOCKLEAF, UIO_SYSSPACE, CAST_USER_ADDR_T(path), ctx);
3496 xnd.ni_pathlen = (uint32_t)pathlen - 1; // pathlen max value is equal to MAXPATHLEN
3497 xnd.ni_cnd.cn_nameptr = xnd.ni_cnd.cn_pnbuf = path;
3498 xnd.ni_startdir = mvp;
3499 xnd.ni_usedvp = mvp;
3500 xnd.ni_rootdir = rootvnode;
3501 while ((error = lookup(&xnd)) == ERECYCLE) {
3502 xnd.ni_cnd.cn_flags = LOCKLEAF;
3503 xnd.ni_cnd.cn_nameptr = xnd.ni_cnd.cn_pnbuf;
3504 xnd.ni_usedvp = xnd.ni_dvp = xnd.ni_startdir = mvp;
3505 }
3506 if (error) {
3507 goto out1;
3508 }
3509 xvp = xnd.ni_vp;
3510 }
3511
3512 if (vnode_vtype(xvp) != VDIR) {
3513 error = EINVAL;
3514 vnode_put(xvp);
3515 goto out1;
3516 }
3517
3518 /* grab file handle */
3519 nx->nx_fh.nfh_len = NFSV3_MAX_FID_SIZE;
3520 error = VFS_VPTOFH(xvp, (int*)&nx->nx_fh.nfh_len, &nx->nx_fh.nfh_fid[0], NULL);
3521 if (!error && (nx->nx_fh.nfh_len > (int)NFSV3_MAX_FID_SIZE)) {
3522 error = EIO;
3523 } else {
3524 nx->nx_fh.nfh_xh.nxh_fidlen = nx->nx_fh.nfh_len;
3525 nx->nx_fh.nfh_len += sizeof(nx->nx_fh.nfh_xh);
3526 }
3527
3528 vnode_put(xvp);
3529 if (error) {
3530 goto out1;
3531 }
3532 } else {
3533 nx->nx_fh.nfh_xh.nxh_flags = NXHF_INVALIDFH;
3534 nx->nx_fh.nfh_xh.nxh_fidlen = 0;
3535 nx->nx_fh.nfh_len = sizeof(nx->nx_fh.nfh_xh);
3536 }
3537 }
3538 } else {
3539 nx = NULL;
3540 }
3541
3542 /* perform the export changes */
3543 if (unxa->nxa_flags & NXA_DELETE) {
3544 if (!nx) {
3545 /* delete all exports on this file system */
3546 while ((nx = LIST_FIRST(&nxfs->nxfs_exports))) {
3547 LIST_REMOVE(nx, nx_next);
3548 LIST_REMOVE(nx, nx_hash);
3549 /* delete all netopts for this export */
3550 nfsrv_free_addrlist(nx, NULL);
3551 nx->nx_flags &= ~NX_DEFAULTEXPORT;
3552 if (IS_VALID_CRED(nx->nx_defopt.nxo_cred)) {
3553 kauth_cred_unref(&nx->nx_defopt.nxo_cred);
3554 }
3555 /* delete active user list for this export */
3556 nfsrv_free_user_list(&nx->nx_user_list);
3557 kfree_data_addr(nx->nx_path);
3558 kfree_type(struct nfs_export, nx);
3559 }
3560 goto out1;
3561 } else if (!unxa->nxa_netcount) {
3562 /* delete all netopts for this export */
3563 nfsrv_free_addrlist(nx, NULL);
3564 nx->nx_flags &= ~NX_DEFAULTEXPORT;
3565 if (IS_VALID_CRED(nx->nx_defopt.nxo_cred)) {
3566 kauth_cred_unref(&nx->nx_defopt.nxo_cred);
3567 }
3568 } else {
3569 /* delete only the netopts for the given addresses */
3570 error = nfsrv_free_addrlist(nx, unxa);
3571 if (error) {
3572 goto out1;
3573 }
3574 }
3575 }
3576 if (unxa->nxa_flags & NXA_ADD) {
3577 /*
3578 * If going offline set the export time so that when
3579 * coming back on line we will present a new write verifier
3580 * to the client.
3581 */
3582 if (unxa->nxa_flags & NXA_OFFLINE) {
3583 microtime(&nx->nx_exptime);
3584 }
3585
3586 error = nfsrv_hang_addrlist(nx, unxa);
3587 if (!error && mp) {
3588 vfs_setflags(mp, MNT_EXPORTED);
3589 }
3590 }
3591
3592 out1:
3593 if (nx && !nx->nx_expcnt) {
3594 /* export has no export options */
3595 LIST_REMOVE(nx, nx_next);
3596 LIST_REMOVE(nx, nx_hash);
3597 /* delete active user list for this export */
3598 nfsrv_free_user_list(&nx->nx_user_list);
3599 kfree_data_addr(nx->nx_path);
3600 kfree_type(struct nfs_export, nx);
3601 }
3602 if (LIST_EMPTY(&nxfs->nxfs_exports)) {
3603 /* exported file system has no more exports */
3604 LIST_REMOVE(nxfs, nxfs_next);
3605 kfree_data_addr(nxfs->nxfs_path);
3606 kfree_type(struct nfs_exportfs, nxfs);
3607 if (mp) {
3608 vfs_clearflags(mp, MNT_EXPORTED);
3609 }
3610 }
3611
3612 out:
3613 if (mvp) {
3614 vnode_put(mvp);
3615 nameidone(&mnd);
3616 }
3617 unlock_out:
3618 if (mp) {
3619 mount_drop(mp, 0);
3620 }
3621 lck_rw_done(&nfsrv_export_rwlock);
3622 return error;
3623 }
3624
3625 /*
3626 * Check if there is a least one export that will allow this address.
3627 *
3628 * Return 0, if there is an export that will allow this address,
3629 * else return EACCES
3630 */
3631 int
nfsrv_check_exports_allow_address(mbuf_t nam)3632 nfsrv_check_exports_allow_address(mbuf_t nam)
3633 {
3634 struct nfs_exportfs *nxfs;
3635 struct nfs_export *nx;
3636 struct nfs_export_options *nxo = NULL;
3637
3638 if (nam == NULL) {
3639 return EACCES;
3640 }
3641
3642 lck_rw_lock_shared(&nfsrv_export_rwlock);
3643 LIST_FOREACH(nxfs, &nfsrv_exports, nxfs_next) {
3644 LIST_FOREACH(nx, &nxfs->nxfs_exports, nx_next) {
3645 /* A little optimizing by checking for the default first */
3646 if (nx->nx_flags & NX_DEFAULTEXPORT) {
3647 nxo = &nx->nx_defopt;
3648 }
3649 if (nxo || (nxo = nfsrv_export_lookup(nx, nam))) {
3650 goto found;
3651 }
3652 }
3653 }
3654 found:
3655 lck_rw_done(&nfsrv_export_rwlock);
3656
3657 return nxo ? 0 : EACCES;
3658 }
3659
3660 struct nfs_export_options *
nfsrv_export_lookup(struct nfs_export * nx,mbuf_t nam)3661 nfsrv_export_lookup(struct nfs_export *nx, mbuf_t nam)
3662 {
3663 struct nfs_export_options *nxo = NULL;
3664 struct nfs_netopt *no = NULL;
3665 struct radix_node_head *rnh;
3666 struct sockaddr *saddr;
3667
3668 /* Lookup in the export list first. */
3669 if (nam != NULL) {
3670 saddr = mbuf_data(nam);
3671 if (saddr->sa_family > AF_MAX) {
3672 /* Bogus sockaddr? Don't match anything. */
3673 return NULL;
3674 }
3675 rnh = nx->nx_rtable[saddr->sa_family];
3676 if (rnh != NULL) {
3677 no = (struct nfs_netopt *)
3678 (*rnh->rnh_matchaddr)((caddr_t)saddr, rnh);
3679 if (no && no->no_rnodes->rn_flags & RNF_ROOT) {
3680 no = NULL;
3681 }
3682 if (no) {
3683 nxo = &no->no_opt;
3684 }
3685 }
3686 }
3687 /* If no address match, use the default if it exists. */
3688 if ((nxo == NULL) && (nx->nx_flags & NX_DEFAULTEXPORT)) {
3689 nxo = &nx->nx_defopt;
3690 }
3691 return nxo;
3692 }
3693
3694 /* find an export for the given handle */
3695 struct nfs_export *
nfsrv_fhtoexport(struct nfs_filehandle * nfhp)3696 nfsrv_fhtoexport(struct nfs_filehandle *nfhp)
3697 {
3698 struct nfs_exphandle *nxh = (struct nfs_exphandle*)nfhp->nfh_fhp;
3699 struct nfs_export *nx;
3700 uint32_t fsid, expid;
3701
3702 if (!nfsrv_export_hashtbl) {
3703 return NULL;
3704 }
3705 fsid = ntohl(nxh->nxh_fsid);
3706 expid = ntohl(nxh->nxh_expid);
3707 nx = NFSRVEXPHASH(fsid, expid)->lh_first;
3708 for (; nx; nx = LIST_NEXT(nx, nx_hash)) {
3709 if (nx->nx_fs->nxfs_id != fsid) {
3710 continue;
3711 }
3712 if (nx->nx_id != expid) {
3713 continue;
3714 }
3715 break;
3716 }
3717 return nx;
3718 }
3719
3720 struct nfsrv_getvfs_by_mntonname_callback_args {
3721 const char *path; /* IN */
3722 mount_t mp; /* OUT */
3723 };
3724
3725 static int
nfsrv_getvfs_by_mntonname_callback(mount_t mp,void * v)3726 nfsrv_getvfs_by_mntonname_callback(mount_t mp, void *v)
3727 {
3728 struct nfsrv_getvfs_by_mntonname_callback_args * const args = v;
3729 char real_mntonname[MAXPATHLEN];
3730 int pathbuflen = MAXPATHLEN;
3731 vnode_t rvp;
3732 int error;
3733
3734 error = VFS_ROOT(mp, &rvp, vfs_context_current());
3735 if (error) {
3736 goto out;
3737 }
3738 error = vn_getpath_ext(rvp, NULLVP, real_mntonname, &pathbuflen,
3739 VN_GETPATH_FSENTER | VN_GETPATH_NO_FIRMLINK);
3740 vnode_put(rvp);
3741 if (error) {
3742 goto out;
3743 }
3744 if (strcmp(args->path, real_mntonname) == 0) {
3745 error = vfs_busy(mp, LK_NOWAIT);
3746 if (error == 0) {
3747 args->mp = mp;
3748 }
3749 return VFS_RETURNED_DONE;
3750 }
3751 out:
3752 return VFS_RETURNED;
3753 }
3754
3755 static mount_t
nfsrv_getvfs_by_mntonname(char * path)3756 nfsrv_getvfs_by_mntonname(char *path)
3757 {
3758 struct nfsrv_getvfs_by_mntonname_callback_args args = {
3759 .path = path,
3760 .mp = NULL,
3761 };
3762 mount_t mp;
3763 int error;
3764
3765 mp = vfs_getvfs_by_mntonname(path);
3766 if (mp) {
3767 error = vfs_busy(mp, LK_NOWAIT);
3768 mount_iterdrop(mp);
3769 if (error) {
3770 mp = NULL;
3771 }
3772 } else if (vfs_iterate(0, nfsrv_getvfs_by_mntonname_callback,
3773 &args) == 0) {
3774 mp = args.mp;
3775 }
3776 return mp;
3777 }
3778
3779 /*
3780 * nfsrv_fhtovp() - convert FH to vnode and export info
3781 */
3782 int
nfsrv_fhtovp(struct nfs_filehandle * nfhp,struct nfsrv_descript * nd,vnode_t * vpp,struct nfs_export ** nxp,struct nfs_export_options ** nxop)3783 nfsrv_fhtovp(
3784 struct nfs_filehandle *nfhp,
3785 struct nfsrv_descript *nd,
3786 vnode_t *vpp,
3787 struct nfs_export **nxp,
3788 struct nfs_export_options **nxop)
3789 {
3790 struct nfs_exphandle *nxh = (struct nfs_exphandle*)nfhp->nfh_fhp;
3791 struct nfs_export_options *nxo;
3792 u_char *fidp;
3793 int error;
3794 struct mount *mp;
3795 mbuf_t nam = NULL;
3796 uint32_t v;
3797 int i, valid;
3798
3799 *vpp = NULL;
3800 *nxp = NULL;
3801 *nxop = NULL;
3802
3803 if (nd != NULL) {
3804 nam = nd->nd_nam;
3805 }
3806
3807 v = ntohl(nxh->nxh_version);
3808 if (v != NFS_FH_VERSION) {
3809 /* file handle format not supported */
3810 return ESTALE;
3811 }
3812 if (nfhp->nfh_len > NFSV3_MAX_FH_SIZE) {
3813 return EBADRPC;
3814 }
3815 if (nfhp->nfh_len < (int)sizeof(struct nfs_exphandle)) {
3816 return ESTALE;
3817 }
3818 v = ntohs(nxh->nxh_flags);
3819 if (v & NXHF_INVALIDFH) {
3820 return ESTALE;
3821 }
3822
3823 *nxp = nfsrv_fhtoexport(nfhp);
3824 if (!*nxp) {
3825 return ESTALE;
3826 }
3827
3828 /* Get the export option structure for this <export, client> tuple. */
3829 *nxop = nxo = nfsrv_export_lookup(*nxp, nam);
3830 if (nam && (*nxop == NULL)) {
3831 return EACCES;
3832 }
3833
3834 if (nd != NULL) {
3835 /* Validate the security flavor of the request */
3836 for (i = 0, valid = 0; i < nxo->nxo_sec.count; i++) {
3837 if (nd->nd_sec == nxo->nxo_sec.flavors[i]) {
3838 valid = 1;
3839 break;
3840 }
3841 }
3842 if (!valid) {
3843 /*
3844 * RFC 2623 section 2.3.2 recommends no authentication
3845 * requirement for certain NFS procedures used for mounting.
3846 * This allows an unauthenticated superuser on the client
3847 * to do mounts for the benefit of authenticated users.
3848 */
3849 if (nd->nd_vers == NFS_VER2) {
3850 if (nd->nd_procnum == NFSV2PROC_GETATTR ||
3851 nd->nd_procnum == NFSV2PROC_STATFS) {
3852 valid = 1;
3853 }
3854 }
3855 if (nd->nd_vers == NFS_VER3) {
3856 if (nd->nd_procnum == NFSPROC_FSINFO) {
3857 valid = 1;
3858 }
3859 }
3860
3861 if (!valid) {
3862 return NFSERR_AUTHERR | AUTH_REJECTCRED;
3863 }
3864 }
3865 }
3866
3867 if (nxo && (nxo->nxo_flags & NX_OFFLINE)) {
3868 return (nd == NULL || nd->nd_vers == NFS_VER2) ? ESTALE : NFSERR_TRYLATER;
3869 }
3870
3871 /* find mount structure */
3872 mp = nfsrv_getvfs_by_mntonname((*nxp)->nx_fs->nxfs_path);
3873 if (!mp) {
3874 /*
3875 * We have an export, but no mount?
3876 * Perhaps the export just hasn't been marked offline yet.
3877 */
3878 return (nd == NULL || nd->nd_vers == NFS_VER2) ? ESTALE : NFSERR_TRYLATER;
3879 }
3880
3881 fidp = nfhp->nfh_fhp + sizeof(*nxh);
3882 error = VFS_FHTOVP(mp, nxh->nxh_fidlen, fidp, vpp, NULL);
3883 vfs_unbusy(mp);
3884 if (error) {
3885 return error;
3886 }
3887 /* vnode pointer should be good at this point or ... */
3888 if (*vpp == NULL) {
3889 return ESTALE;
3890 }
3891 return 0;
3892 }
3893
3894 /*
3895 * nfsrv_credcheck() - check/map credentials according
3896 * to given export options.
3897 */
3898 int
nfsrv_credcheck(struct nfsrv_descript * nd,vfs_context_t ctx,__unused struct nfs_export * nx,struct nfs_export_options * nxo)3899 nfsrv_credcheck(
3900 struct nfsrv_descript *nd,
3901 vfs_context_t ctx,
3902 __unused struct nfs_export *nx,
3903 struct nfs_export_options *nxo)
3904 {
3905 if (nxo && nxo->nxo_cred) {
3906 if ((nxo->nxo_flags & NX_MAPALL) ||
3907 ((nxo->nxo_flags & NX_MAPROOT) && !suser(nd->nd_cr, NULL))) {
3908 kauth_cred_ref(nxo->nxo_cred);
3909 kauth_cred_unref(&nd->nd_cr);
3910 nd->nd_cr = nxo->nxo_cred;
3911 }
3912 }
3913 ctx->vc_ucred = nd->nd_cr;
3914 return 0;
3915 }
3916
3917 /*
3918 * nfsrv_vptofh() - convert vnode to file handle for given export
3919 *
3920 * If the caller is passing in a vnode for a ".." directory entry,
3921 * they can pass a directory NFS file handle (dnfhp) which will be
3922 * checked against the root export file handle. If it matches, we
3923 * refuse to provide the file handle for the out-of-export directory.
3924 */
3925 int
nfsrv_vptofh(struct nfs_export * nx,int nfsvers,struct nfs_filehandle * dnfhp,vnode_t vp,vfs_context_t ctx,struct nfs_filehandle * nfhp)3926 nfsrv_vptofh(
3927 struct nfs_export *nx,
3928 int nfsvers,
3929 struct nfs_filehandle *dnfhp,
3930 vnode_t vp,
3931 vfs_context_t ctx,
3932 struct nfs_filehandle *nfhp)
3933 {
3934 int error;
3935 uint32_t maxfidsize;
3936
3937 nfhp->nfh_fhp = (u_char*)&nfhp->nfh_xh;
3938 nfhp->nfh_xh.nxh_version = htonl(NFS_FH_VERSION);
3939 nfhp->nfh_xh.nxh_fsid = htonl(nx->nx_fs->nxfs_id);
3940 nfhp->nfh_xh.nxh_expid = htonl(nx->nx_id);
3941 nfhp->nfh_xh.nxh_flags = 0;
3942 nfhp->nfh_xh.nxh_reserved = 0;
3943
3944 if (nfsvers == NFS_VER2) {
3945 bzero(&nfhp->nfh_fid[0], NFSV2_MAX_FID_SIZE);
3946 }
3947
3948 /* if directory FH matches export root, return invalid FH */
3949 if (dnfhp && nfsrv_fhmatch(dnfhp, &nx->nx_fh)) {
3950 if (nfsvers == NFS_VER2) {
3951 nfhp->nfh_len = NFSX_V2FH;
3952 } else {
3953 nfhp->nfh_len = sizeof(nfhp->nfh_xh);
3954 }
3955 nfhp->nfh_xh.nxh_fidlen = 0;
3956 nfhp->nfh_xh.nxh_flags = htons(NXHF_INVALIDFH);
3957 return 0;
3958 }
3959
3960 if (nfsvers == NFS_VER2) {
3961 maxfidsize = NFSV2_MAX_FID_SIZE;
3962 } else {
3963 maxfidsize = NFSV3_MAX_FID_SIZE;
3964 }
3965 nfhp->nfh_len = maxfidsize;
3966
3967 error = VFS_VPTOFH(vp, (int*)&nfhp->nfh_len, &nfhp->nfh_fid[0], ctx);
3968 if (error) {
3969 return error;
3970 }
3971 if (nfhp->nfh_len > maxfidsize) {
3972 return EOVERFLOW;
3973 }
3974 nfhp->nfh_xh.nxh_fidlen = nfhp->nfh_len;
3975 nfhp->nfh_len += sizeof(nfhp->nfh_xh);
3976 if ((nfsvers == NFS_VER2) && (nfhp->nfh_len < NFSX_V2FH)) {
3977 nfhp->nfh_len = NFSX_V2FH;
3978 }
3979
3980 return 0;
3981 }
3982
3983 /*
3984 * Compare two file handles to see it they're the same.
3985 * Note that we don't use nfh_len because that may include
3986 * padding in an NFSv2 file handle.
3987 */
3988 int
nfsrv_fhmatch(struct nfs_filehandle * fh1,struct nfs_filehandle * fh2)3989 nfsrv_fhmatch(struct nfs_filehandle *fh1, struct nfs_filehandle *fh2)
3990 {
3991 struct nfs_exphandle *nxh1, *nxh2;
3992 int len1, len2;
3993
3994 nxh1 = (struct nfs_exphandle *)fh1->nfh_fhp;
3995 nxh2 = (struct nfs_exphandle *)fh2->nfh_fhp;
3996 len1 = sizeof(fh1->nfh_xh) + nxh1->nxh_fidlen;
3997 len2 = sizeof(fh2->nfh_xh) + nxh2->nxh_fidlen;
3998 if (len1 != len2) {
3999 return 0;
4000 }
4001 if (bcmp(nxh1, nxh2, len1)) {
4002 return 0;
4003 }
4004 return 1;
4005 }
4006
4007 /*
4008 * Functions for dealing with active user lists
4009 */
4010
4011 /*
4012 * Search the hash table for a user node with a matching IP address and uid field.
4013 * If found, the node's tm_last timestamp is updated and the node is returned.
4014 *
4015 * If not found, a new node is allocated (or reclaimed via LRU), initialized, and returned.
4016 * Returns NULL if a new node could not be allocated OR saddr length exceeds sizeof(unode->sock).
4017 *
4018 * The list's user_mutex lock MUST be held.
4019 */
4020 struct nfs_user_stat_node *
nfsrv_get_user_stat_node(struct nfs_active_user_list * list,struct sockaddr * saddr,uid_t uid)4021 nfsrv_get_user_stat_node(struct nfs_active_user_list *list, struct sockaddr *saddr, uid_t uid)
4022 {
4023 struct nfs_user_stat_node *unode;
4024 struct timeval now;
4025 struct nfs_user_stat_hashtbl_head *head;
4026
4027 /* seach the hash table */
4028 head = NFS_USER_STAT_HASH(list->user_hashtbl, uid);
4029 LIST_FOREACH(unode, head, hash_link) {
4030 if ((uid == unode->uid) && (nfs_sockaddr_cmp(saddr, (struct sockaddr*)&unode->sock) == 0)) {
4031 /* found matching node */
4032 break;
4033 }
4034 }
4035
4036 if (unode) {
4037 /* found node in the hash table, now update lru position */
4038 TAILQ_REMOVE(&list->user_lru, unode, lru_link);
4039 TAILQ_INSERT_TAIL(&list->user_lru, unode, lru_link);
4040
4041 /* update time stamp */
4042 microtime(&now);
4043 unode->tm_last = (uint32_t)now.tv_sec;
4044 return unode;
4045 }
4046
4047 if (saddr->sa_len > sizeof(((struct nfs_user_stat_node *)0)->sock)) {
4048 /* saddr length exceeds maximum value */
4049 return NULL;
4050 }
4051
4052 if (list->node_count < nfsrv_user_stat_max_nodes) {
4053 /* Allocate a new node */
4054 unode = kalloc_type(struct nfs_user_stat_node,
4055 Z_WAITOK | Z_ZERO | Z_NOFAIL);
4056
4057 /* increment node count */
4058 OSAddAtomic(1, &nfsrv_user_stat_node_count);
4059 list->node_count++;
4060 } else {
4061 /* reuse the oldest node in the lru list */
4062 unode = TAILQ_FIRST(&list->user_lru);
4063
4064 if (!unode) {
4065 return NULL;
4066 }
4067
4068 /* Remove the node */
4069 TAILQ_REMOVE(&list->user_lru, unode, lru_link);
4070 LIST_REMOVE(unode, hash_link);
4071 }
4072
4073 /* Initialize the node */
4074 unode->uid = uid;
4075 bcopy(saddr, &unode->sock, MIN(saddr->sa_len, sizeof(unode->sock)));
4076 microtime(&now);
4077 unode->ops = 0;
4078 unode->bytes_read = 0;
4079 unode->bytes_written = 0;
4080 unode->tm_start = (uint32_t)now.tv_sec;
4081 unode->tm_last = (uint32_t)now.tv_sec;
4082
4083 /* insert the node */
4084 TAILQ_INSERT_TAIL(&list->user_lru, unode, lru_link);
4085 LIST_INSERT_HEAD(head, unode, hash_link);
4086
4087 return unode;
4088 }
4089
4090 void
nfsrv_update_user_stat(struct nfs_export * nx,struct nfsrv_descript * nd,uid_t uid,u_int ops,u_int rd_bytes,u_int wr_bytes)4091 nfsrv_update_user_stat(struct nfs_export *nx, struct nfsrv_descript *nd, uid_t uid, u_int ops, u_int rd_bytes, u_int wr_bytes)
4092 {
4093 struct nfs_user_stat_node *unode;
4094 struct nfs_active_user_list *ulist;
4095 struct sockaddr *saddr;
4096
4097 if ((!nfsrv_user_stat_enabled) || (!nx) || (!nd) || (!nd->nd_nam)) {
4098 return;
4099 }
4100
4101 saddr = (struct sockaddr *)mbuf_data(nd->nd_nam);
4102
4103 /* check address family before going any further */
4104 if ((saddr->sa_family != AF_INET) && (saddr->sa_family != AF_INET6)) {
4105 return;
4106 }
4107
4108 ulist = &nx->nx_user_list;
4109
4110 /* lock the active user list */
4111 lck_mtx_lock(&ulist->user_mutex);
4112
4113 /* get the user node */
4114 unode = nfsrv_get_user_stat_node(ulist, saddr, uid);
4115
4116 if (!unode) {
4117 lck_mtx_unlock(&ulist->user_mutex);
4118 return;
4119 }
4120
4121 /* update counters */
4122 unode->ops += ops;
4123 unode->bytes_read += rd_bytes;
4124 unode->bytes_written += wr_bytes;
4125
4126 /* done */
4127 lck_mtx_unlock(&ulist->user_mutex);
4128 }
4129
4130 /* initialize an active user list */
4131 void
nfsrv_init_user_list(struct nfs_active_user_list * ulist)4132 nfsrv_init_user_list(struct nfs_active_user_list *ulist)
4133 {
4134 uint i;
4135
4136 /* initialize the lru */
4137 TAILQ_INIT(&ulist->user_lru);
4138
4139 /* initialize the hash table */
4140 for (i = 0; i < NFS_USER_STAT_HASH_SIZE; i++) {
4141 LIST_INIT(&ulist->user_hashtbl[i]);
4142 }
4143 ulist->node_count = 0;
4144
4145 lck_mtx_init(&ulist->user_mutex, &nfsrv_active_user_mutex_group, LCK_ATTR_NULL);
4146 }
4147
4148 /* Free all nodes in an active user list */
4149 void
nfsrv_free_user_list(struct nfs_active_user_list * ulist)4150 nfsrv_free_user_list(struct nfs_active_user_list *ulist)
4151 {
4152 struct nfs_user_stat_node *unode;
4153
4154 if (!ulist) {
4155 return;
4156 }
4157
4158 while ((unode = TAILQ_FIRST(&ulist->user_lru))) {
4159 /* Remove node and free */
4160 TAILQ_REMOVE(&ulist->user_lru, unode, lru_link);
4161 LIST_REMOVE(unode, hash_link);
4162 kfree_type(struct nfs_user_stat_node, unode);
4163
4164 /* decrement node count */
4165 OSAddAtomic(-1, &nfsrv_user_stat_node_count);
4166 }
4167 ulist->node_count = 0;
4168
4169 lck_mtx_destroy(&ulist->user_mutex, &nfsrv_active_user_mutex_group);
4170 }
4171
4172 /* Reclaim old expired user nodes from active user lists. */
4173 void
nfsrv_active_user_list_reclaim(void)4174 nfsrv_active_user_list_reclaim(void)
4175 {
4176 struct nfs_exportfs *nxfs;
4177 struct nfs_export *nx;
4178 struct nfs_active_user_list *ulist;
4179 struct nfs_user_stat_hashtbl_head oldlist;
4180 struct nfs_user_stat_node *unode, *unode_next;
4181 struct timeval now;
4182 long tstale;
4183
4184 LIST_INIT(&oldlist);
4185
4186 lck_rw_lock_shared(&nfsrv_export_rwlock);
4187 microtime(&now);
4188 tstale = now.tv_sec - nfsrv_user_stat_max_idle_sec;
4189 LIST_FOREACH(nxfs, &nfsrv_exports, nxfs_next) {
4190 LIST_FOREACH(nx, &nxfs->nxfs_exports, nx_next) {
4191 /* Scan through all user nodes of this export */
4192 ulist = &nx->nx_user_list;
4193 lck_mtx_lock(&ulist->user_mutex);
4194 for (unode = TAILQ_FIRST(&ulist->user_lru); unode; unode = unode_next) {
4195 unode_next = TAILQ_NEXT(unode, lru_link);
4196
4197 /* check if this node has expired */
4198 if (unode->tm_last >= tstale) {
4199 break;
4200 }
4201
4202 /* Remove node from the active user list */
4203 TAILQ_REMOVE(&ulist->user_lru, unode, lru_link);
4204 LIST_REMOVE(unode, hash_link);
4205
4206 /* Add node to temp list */
4207 LIST_INSERT_HEAD(&oldlist, unode, hash_link);
4208
4209 /* decrement node count */
4210 OSAddAtomic(-1, &nfsrv_user_stat_node_count);
4211 ulist->node_count--;
4212 }
4213 /* can unlock this export's list now */
4214 lck_mtx_unlock(&ulist->user_mutex);
4215 }
4216 }
4217 lck_rw_done(&nfsrv_export_rwlock);
4218
4219 /* Free expired nodes */
4220 while ((unode = LIST_FIRST(&oldlist))) {
4221 LIST_REMOVE(unode, hash_link);
4222 kfree_type(struct nfs_user_stat_node, unode);
4223 }
4224 }
4225
4226 /*
4227 * Maps errno values to nfs error numbers.
4228 * Use NFSERR_IO as the catch all for ones not specifically defined in
4229 * RFC 1094.
4230 */
4231 static u_char nfsrv_v2errmap[] = {
4232 NFSERR_PERM, NFSERR_NOENT, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4233 NFSERR_NXIO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4234 NFSERR_IO, NFSERR_IO, NFSERR_ACCES, NFSERR_IO, NFSERR_IO,
4235 NFSERR_IO, NFSERR_EXIST, NFSERR_IO, NFSERR_NODEV, NFSERR_NOTDIR,
4236 NFSERR_ISDIR, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4237 NFSERR_IO, NFSERR_FBIG, NFSERR_NOSPC, NFSERR_IO, NFSERR_ROFS,
4238 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4239 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4240 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4241 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4242 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4243 NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO, NFSERR_IO,
4244 NFSERR_IO, NFSERR_IO, NFSERR_NAMETOL, NFSERR_IO, NFSERR_IO,
4245 NFSERR_NOTEMPTY, NFSERR_IO, NFSERR_IO, NFSERR_DQUOT, NFSERR_STALE,
4246 };
4247
4248 /*
4249 * Maps errno values to nfs error numbers.
4250 * Although it is not obvious whether or not NFS clients really care if
4251 * a returned error value is in the specified list for the procedure, the
4252 * safest thing to do is filter them appropriately. For Version 2, the
4253 * X/Open XNFS document is the only specification that defines error values
4254 * for each RPC (The RFC simply lists all possible error values for all RPCs),
4255 * so I have decided to not do this for Version 2.
4256 * The first entry is the default error return and the rest are the valid
4257 * errors for that RPC in increasing numeric order.
4258 */
4259 static short nfsv3err_null[] = {
4260 0,
4261 0,
4262 };
4263
4264 static short nfsv3err_getattr[] = {
4265 NFSERR_IO,
4266 NFSERR_IO,
4267 NFSERR_STALE,
4268 NFSERR_BADHANDLE,
4269 NFSERR_SERVERFAULT,
4270 NFSERR_TRYLATER,
4271 0,
4272 };
4273
4274 static short nfsv3err_setattr[] = {
4275 NFSERR_IO,
4276 NFSERR_PERM,
4277 NFSERR_IO,
4278 NFSERR_ACCES,
4279 NFSERR_INVAL,
4280 NFSERR_NOSPC,
4281 NFSERR_ROFS,
4282 NFSERR_DQUOT,
4283 NFSERR_STALE,
4284 NFSERR_BADHANDLE,
4285 NFSERR_NOT_SYNC,
4286 NFSERR_SERVERFAULT,
4287 NFSERR_TRYLATER,
4288 0,
4289 };
4290
4291 static short nfsv3err_lookup[] = {
4292 NFSERR_IO,
4293 NFSERR_NOENT,
4294 NFSERR_IO,
4295 NFSERR_ACCES,
4296 NFSERR_NOTDIR,
4297 NFSERR_NAMETOL,
4298 NFSERR_STALE,
4299 NFSERR_BADHANDLE,
4300 NFSERR_SERVERFAULT,
4301 NFSERR_TRYLATER,
4302 0,
4303 };
4304
4305 static short nfsv3err_access[] = {
4306 NFSERR_IO,
4307 NFSERR_IO,
4308 NFSERR_STALE,
4309 NFSERR_BADHANDLE,
4310 NFSERR_SERVERFAULT,
4311 NFSERR_TRYLATER,
4312 0,
4313 };
4314
4315 static short nfsv3err_readlink[] = {
4316 NFSERR_IO,
4317 NFSERR_IO,
4318 NFSERR_ACCES,
4319 NFSERR_INVAL,
4320 NFSERR_STALE,
4321 NFSERR_BADHANDLE,
4322 NFSERR_NOTSUPP,
4323 NFSERR_SERVERFAULT,
4324 NFSERR_TRYLATER,
4325 0,
4326 };
4327
4328 static short nfsv3err_read[] = {
4329 NFSERR_IO,
4330 NFSERR_IO,
4331 NFSERR_NXIO,
4332 NFSERR_ACCES,
4333 NFSERR_INVAL,
4334 NFSERR_STALE,
4335 NFSERR_BADHANDLE,
4336 NFSERR_SERVERFAULT,
4337 NFSERR_TRYLATER,
4338 0,
4339 };
4340
4341 static short nfsv3err_write[] = {
4342 NFSERR_IO,
4343 NFSERR_IO,
4344 NFSERR_ACCES,
4345 NFSERR_INVAL,
4346 NFSERR_FBIG,
4347 NFSERR_NOSPC,
4348 NFSERR_ROFS,
4349 NFSERR_DQUOT,
4350 NFSERR_STALE,
4351 NFSERR_BADHANDLE,
4352 NFSERR_SERVERFAULT,
4353 NFSERR_TRYLATER,
4354 0,
4355 };
4356
4357 static short nfsv3err_create[] = {
4358 NFSERR_IO,
4359 NFSERR_IO,
4360 NFSERR_ACCES,
4361 NFSERR_EXIST,
4362 NFSERR_NOTDIR,
4363 NFSERR_NOSPC,
4364 NFSERR_ROFS,
4365 NFSERR_NAMETOL,
4366 NFSERR_DQUOT,
4367 NFSERR_STALE,
4368 NFSERR_BADHANDLE,
4369 NFSERR_NOTSUPP,
4370 NFSERR_SERVERFAULT,
4371 NFSERR_TRYLATER,
4372 0,
4373 };
4374
4375 static short nfsv3err_mkdir[] = {
4376 NFSERR_IO,
4377 NFSERR_IO,
4378 NFSERR_ACCES,
4379 NFSERR_EXIST,
4380 NFSERR_NOTDIR,
4381 NFSERR_NOSPC,
4382 NFSERR_ROFS,
4383 NFSERR_NAMETOL,
4384 NFSERR_DQUOT,
4385 NFSERR_STALE,
4386 NFSERR_BADHANDLE,
4387 NFSERR_NOTSUPP,
4388 NFSERR_SERVERFAULT,
4389 NFSERR_TRYLATER,
4390 0,
4391 };
4392
4393 static short nfsv3err_symlink[] = {
4394 NFSERR_IO,
4395 NFSERR_IO,
4396 NFSERR_ACCES,
4397 NFSERR_EXIST,
4398 NFSERR_NOTDIR,
4399 NFSERR_NOSPC,
4400 NFSERR_ROFS,
4401 NFSERR_NAMETOL,
4402 NFSERR_DQUOT,
4403 NFSERR_STALE,
4404 NFSERR_BADHANDLE,
4405 NFSERR_NOTSUPP,
4406 NFSERR_SERVERFAULT,
4407 NFSERR_TRYLATER,
4408 0,
4409 };
4410
4411 static short nfsv3err_mknod[] = {
4412 NFSERR_IO,
4413 NFSERR_IO,
4414 NFSERR_ACCES,
4415 NFSERR_EXIST,
4416 NFSERR_NOTDIR,
4417 NFSERR_NOSPC,
4418 NFSERR_ROFS,
4419 NFSERR_NAMETOL,
4420 NFSERR_DQUOT,
4421 NFSERR_STALE,
4422 NFSERR_BADHANDLE,
4423 NFSERR_NOTSUPP,
4424 NFSERR_SERVERFAULT,
4425 NFSERR_BADTYPE,
4426 NFSERR_TRYLATER,
4427 0,
4428 };
4429
4430 static short nfsv3err_remove[] = {
4431 NFSERR_IO,
4432 NFSERR_NOENT,
4433 NFSERR_IO,
4434 NFSERR_ACCES,
4435 NFSERR_NOTDIR,
4436 NFSERR_ROFS,
4437 NFSERR_NAMETOL,
4438 NFSERR_STALE,
4439 NFSERR_BADHANDLE,
4440 NFSERR_SERVERFAULT,
4441 NFSERR_TRYLATER,
4442 0,
4443 };
4444
4445 static short nfsv3err_rmdir[] = {
4446 NFSERR_IO,
4447 NFSERR_NOENT,
4448 NFSERR_IO,
4449 NFSERR_ACCES,
4450 NFSERR_EXIST,
4451 NFSERR_NOTDIR,
4452 NFSERR_INVAL,
4453 NFSERR_ROFS,
4454 NFSERR_NAMETOL,
4455 NFSERR_NOTEMPTY,
4456 NFSERR_STALE,
4457 NFSERR_BADHANDLE,
4458 NFSERR_NOTSUPP,
4459 NFSERR_SERVERFAULT,
4460 NFSERR_TRYLATER,
4461 0,
4462 };
4463
4464 static short nfsv3err_rename[] = {
4465 NFSERR_IO,
4466 NFSERR_NOENT,
4467 NFSERR_IO,
4468 NFSERR_ACCES,
4469 NFSERR_EXIST,
4470 NFSERR_XDEV,
4471 NFSERR_NOTDIR,
4472 NFSERR_ISDIR,
4473 NFSERR_INVAL,
4474 NFSERR_NOSPC,
4475 NFSERR_ROFS,
4476 NFSERR_MLINK,
4477 NFSERR_NAMETOL,
4478 NFSERR_NOTEMPTY,
4479 NFSERR_DQUOT,
4480 NFSERR_STALE,
4481 NFSERR_BADHANDLE,
4482 NFSERR_NOTSUPP,
4483 NFSERR_SERVERFAULT,
4484 NFSERR_TRYLATER,
4485 0,
4486 };
4487
4488 static short nfsv3err_link[] = {
4489 NFSERR_IO,
4490 NFSERR_IO,
4491 NFSERR_ACCES,
4492 NFSERR_EXIST,
4493 NFSERR_XDEV,
4494 NFSERR_NOTDIR,
4495 NFSERR_INVAL,
4496 NFSERR_NOSPC,
4497 NFSERR_ROFS,
4498 NFSERR_MLINK,
4499 NFSERR_NAMETOL,
4500 NFSERR_DQUOT,
4501 NFSERR_STALE,
4502 NFSERR_BADHANDLE,
4503 NFSERR_NOTSUPP,
4504 NFSERR_SERVERFAULT,
4505 NFSERR_TRYLATER,
4506 0,
4507 };
4508
4509 static short nfsv3err_readdir[] = {
4510 NFSERR_IO,
4511 NFSERR_IO,
4512 NFSERR_ACCES,
4513 NFSERR_NOTDIR,
4514 NFSERR_STALE,
4515 NFSERR_BADHANDLE,
4516 NFSERR_BAD_COOKIE,
4517 NFSERR_TOOSMALL,
4518 NFSERR_SERVERFAULT,
4519 NFSERR_TRYLATER,
4520 0,
4521 };
4522
4523 static short nfsv3err_readdirplus[] = {
4524 NFSERR_IO,
4525 NFSERR_IO,
4526 NFSERR_ACCES,
4527 NFSERR_NOTDIR,
4528 NFSERR_STALE,
4529 NFSERR_BADHANDLE,
4530 NFSERR_BAD_COOKIE,
4531 NFSERR_NOTSUPP,
4532 NFSERR_TOOSMALL,
4533 NFSERR_SERVERFAULT,
4534 NFSERR_TRYLATER,
4535 0,
4536 };
4537
4538 static short nfsv3err_fsstat[] = {
4539 NFSERR_IO,
4540 NFSERR_IO,
4541 NFSERR_STALE,
4542 NFSERR_BADHANDLE,
4543 NFSERR_SERVERFAULT,
4544 NFSERR_TRYLATER,
4545 0,
4546 };
4547
4548 static short nfsv3err_fsinfo[] = {
4549 NFSERR_STALE,
4550 NFSERR_STALE,
4551 NFSERR_BADHANDLE,
4552 NFSERR_SERVERFAULT,
4553 NFSERR_TRYLATER,
4554 0,
4555 };
4556
4557 static short nfsv3err_pathconf[] = {
4558 NFSERR_STALE,
4559 NFSERR_STALE,
4560 NFSERR_BADHANDLE,
4561 NFSERR_SERVERFAULT,
4562 NFSERR_TRYLATER,
4563 0,
4564 };
4565
4566 static short nfsv3err_commit[] = {
4567 NFSERR_IO,
4568 NFSERR_IO,
4569 NFSERR_STALE,
4570 NFSERR_BADHANDLE,
4571 NFSERR_SERVERFAULT,
4572 NFSERR_TRYLATER,
4573 0,
4574 };
4575
4576 static short *nfsrv_v3errmap[] = {
4577 nfsv3err_null,
4578 nfsv3err_getattr,
4579 nfsv3err_setattr,
4580 nfsv3err_lookup,
4581 nfsv3err_access,
4582 nfsv3err_readlink,
4583 nfsv3err_read,
4584 nfsv3err_write,
4585 nfsv3err_create,
4586 nfsv3err_mkdir,
4587 nfsv3err_symlink,
4588 nfsv3err_mknod,
4589 nfsv3err_remove,
4590 nfsv3err_rmdir,
4591 nfsv3err_rename,
4592 nfsv3err_link,
4593 nfsv3err_readdir,
4594 nfsv3err_readdirplus,
4595 nfsv3err_fsstat,
4596 nfsv3err_fsinfo,
4597 nfsv3err_pathconf,
4598 nfsv3err_commit,
4599 };
4600
4601 /*
4602 * Map errnos to NFS error numbers. For Version 3 also filter out error
4603 * numbers not specified for the associated procedure.
4604 */
4605 int
nfsrv_errmap(struct nfsrv_descript * nd,int err)4606 nfsrv_errmap(struct nfsrv_descript *nd, int err)
4607 {
4608 short *defaulterrp, *errp;
4609
4610 if (nd->nd_vers == NFS_VER2) {
4611 if (err <= (int)sizeof(nfsrv_v2errmap)) {
4612 return (int)nfsrv_v2errmap[err - 1];
4613 }
4614 return NFSERR_IO;
4615 }
4616 /* NFSv3 */
4617 if (nd->nd_procnum > NFSPROC_COMMIT) {
4618 return err & 0xffff;
4619 }
4620 errp = defaulterrp = nfsrv_v3errmap[nd->nd_procnum];
4621 while (*++errp) {
4622 if (*errp == err) {
4623 return err;
4624 } else if (*errp > err) {
4625 break;
4626 }
4627 }
4628 return (int)*defaulterrp;
4629 }
4630
4631 #endif /* CONFIG_NFS_SERVER */
4632
4633 #endif /* CONFIG_NFS */
4634