]> git.saurik.com Git - apple/xnu.git/blob - bsd/nfs/nfs_serv.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-1504.3.12.tar.gz
[apple/xnu.git] / bsd / nfs / nfs_serv.c
1 /*
2 * Copyright (c) 2000-2009 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
29 /*
30 * Copyright (c) 1989, 1993
31 * The Regents of the University of California. All rights reserved.
32 *
33 * This code is derived from software contributed to Berkeley by
34 * Rick Macklem at The University of Guelph.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. All advertising materials mentioning features or use of this software
45 * must display the following acknowledgement:
46 * This product includes software developed by the University of
47 * California, Berkeley and its contributors.
48 * 4. Neither the name of the University nor the names of its contributors
49 * may be used to endorse or promote products derived from this software
50 * without specific prior written permission.
51 *
52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * SUCH DAMAGE.
63 *
64 * @(#)nfs_serv.c 8.7 (Berkeley) 5/14/95
65 * FreeBSD-Id: nfs_serv.c,v 1.52 1997/10/28 15:59:05 bde Exp $
66 */
67
68 #include <sys/param.h>
69 #include <sys/systm.h>
70 #include <sys/proc.h>
71 #include <sys/kauth.h>
72 #include <sys/unistd.h>
73 #include <sys/malloc.h>
74 #include <sys/vnode.h>
75 #include <sys/mount_internal.h>
76 #include <sys/socket.h>
77 #include <sys/socketvar.h>
78 #include <sys/kpi_mbuf.h>
79 #include <sys/dirent.h>
80 #include <sys/stat.h>
81 #include <sys/kernel.h>
82 #include <sys/ubc.h>
83 #include <sys/vnode_internal.h>
84 #include <sys/uio_internal.h>
85 #include <libkern/OSAtomic.h>
86 #include <sys/fsevents.h>
87 #include <kern/thread_call.h>
88
89 #include <sys/vm.h>
90 #include <sys/vmparam.h>
91
92 #include <nfs/nfsproto.h>
93 #include <nfs/rpcv2.h>
94 #include <nfs/nfs.h>
95 #include <nfs/xdr_subs.h>
96 #include <nfs/nfsm_subs.h>
97 #include <nfs/nfsrvcache.h>
98 #include <nfs/nfs_gss.h>
99
100 #if NFSSERVER
101
102 /*
103 * NFS server globals
104 */
105
106 int nfsd_thread_count = 0;
107 int nfsd_thread_max = 0;
108 lck_grp_t *nfsd_lck_grp;
109 lck_mtx_t *nfsd_mutex;
110 struct nfsd_head nfsd_head, nfsd_queue;
111
112 lck_grp_t *nfsrv_slp_rwlock_group;
113 lck_grp_t *nfsrv_slp_mutex_group;
114 struct nfsrv_sockhead nfsrv_socklist, nfsrv_deadsocklist, nfsrv_sockwg,
115 nfsrv_sockwait, nfsrv_sockwork;
116 struct nfsrv_sock *nfsrv_udpsock = NULL;
117
118 /* NFS exports */
119 struct nfsrv_expfs_list nfsrv_exports;
120 struct nfsrv_export_hashhead *nfsrv_export_hashtbl = NULL;
121 int nfsrv_export_hash_size = NFSRVEXPHASHSZ;
122 u_long nfsrv_export_hash;
123 lck_grp_t *nfsrv_export_rwlock_group;
124 lck_rw_t nfsrv_export_rwlock;
125
126 #if CONFIG_FSE
127 /* NFS server file modification event generator */
128 struct nfsrv_fmod_hashhead *nfsrv_fmod_hashtbl;
129 u_long nfsrv_fmod_hash;
130 lck_grp_t *nfsrv_fmod_grp;
131 lck_mtx_t *nfsrv_fmod_mutex;
132 static int nfsrv_fmod_timer_on = 0;
133 int nfsrv_fsevents_enabled = 1;
134 #endif
135
136 /* NFS server timers */
137 #if CONFIG_FSE
138 thread_call_t nfsrv_fmod_timer_call;
139 #endif
140 thread_call_t nfsrv_deadsock_timer_call;
141 thread_call_t nfsrv_wg_timer_call;
142 int nfsrv_wg_timer_on;
143
144 /* globals for the active user list */
145 uint32_t nfsrv_user_stat_enabled = 1;
146 uint32_t nfsrv_user_stat_node_count = 0;
147 uint32_t nfsrv_user_stat_max_idle_sec = NFSRV_USER_STAT_DEF_IDLE_SEC;
148 uint32_t nfsrv_user_stat_max_nodes = NFSRV_USER_STAT_DEF_MAX_NODES;
149 lck_grp_t *nfsrv_active_user_mutex_group;
150
151 int nfsrv_wg_delay = NFSRV_WGATHERDELAY * 1000;
152 int nfsrv_wg_delay_v3 = 0;
153
154 int nfsrv_async = 0;
155
156 int nfsrv_authorize(vnode_t,vnode_t,kauth_action_t,vfs_context_t,struct nfs_export_options*,int);
157 int nfsrv_wg_coalesce(struct nfsrv_descript *, struct nfsrv_descript *);
158 void nfsrv_modified(vnode_t, vfs_context_t);
159
160 extern void IOSleep(int);
161 extern int safe_getpath(struct vnode *dvp, char *leafname, char *path, int _len, int *truncated_path);
162
163 /*
164 * Initialize the data structures for the server.
165 */
166
167 #define NFSRV_NOT_INITIALIZED 0
168 #define NFSRV_INITIALIZING 1
169 #define NFSRV_INITIALIZED 2
170 static volatile UInt32 nfsrv_initted = NFSRV_NOT_INITIALIZED;
171
172 int
173 nfsrv_is_initialized(void)
174 {
175 return (nfsrv_initted == NFSRV_INITIALIZED);
176 }
177
178 void
179 nfsrv_init(void)
180 {
181 /* make sure we init only once */
182 if (!OSCompareAndSwap(NFSRV_NOT_INITIALIZED, NFSRV_INITIALIZING, &nfsrv_initted)) {
183 /* wait until initialization is complete */
184 while (!nfsrv_is_initialized())
185 IOSleep(500);
186 return;
187 }
188
189 if (sizeof (struct nfsrv_sock) > NFS_SVCALLOC)
190 printf("struct nfsrv_sock bloated (> %dbytes)\n",NFS_SVCALLOC);
191
192 /* init nfsd mutex */
193 nfsd_lck_grp = lck_grp_alloc_init("nfsd", LCK_GRP_ATTR_NULL);
194 nfsd_mutex = lck_mtx_alloc_init(nfsd_lck_grp, LCK_ATTR_NULL);
195
196 /* init slp rwlock */
197 nfsrv_slp_rwlock_group = lck_grp_alloc_init("nfsrv-slp-rwlock", LCK_GRP_ATTR_NULL);
198 nfsrv_slp_mutex_group = lck_grp_alloc_init("nfsrv-slp-mutex", LCK_GRP_ATTR_NULL);
199
200 /* init export data structures */
201 LIST_INIT(&nfsrv_exports);
202 nfsrv_export_rwlock_group = lck_grp_alloc_init("nfsrv-export-rwlock", LCK_GRP_ATTR_NULL);
203 lck_rw_init(&nfsrv_export_rwlock, nfsrv_export_rwlock_group, LCK_ATTR_NULL);
204
205 /* init active user list mutex structures */
206 nfsrv_active_user_mutex_group = lck_grp_alloc_init("nfs-active-user-mutex", LCK_GRP_ATTR_NULL);
207
208 /* init nfs server request cache mutex */
209 nfsrv_reqcache_lck_grp = lck_grp_alloc_init("nfsrv_reqcache", LCK_GRP_ATTR_NULL);
210 nfsrv_reqcache_mutex = lck_mtx_alloc_init(nfsrv_reqcache_lck_grp, LCK_ATTR_NULL);
211
212 #if CONFIG_FSE
213 /* init NFS server file modified event generation */
214 nfsrv_fmod_hashtbl = hashinit(NFSRVFMODHASHSZ, M_TEMP, &nfsrv_fmod_hash);
215 nfsrv_fmod_grp = lck_grp_alloc_init("nfsrv_fmod", LCK_GRP_ATTR_NULL);
216 nfsrv_fmod_mutex = lck_mtx_alloc_init(nfsrv_fmod_grp, LCK_ATTR_NULL);
217 #endif
218
219 /* initialize NFS server timer callouts */
220 #if CONFIG_FSE
221 nfsrv_fmod_timer_call = thread_call_allocate(nfsrv_fmod_timer, NULL);
222 #endif
223 nfsrv_deadsock_timer_call = thread_call_allocate(nfsrv_deadsock_timer, NULL);
224 nfsrv_wg_timer_call = thread_call_allocate(nfsrv_wg_timer, NULL);
225
226 /* Init server data structures */
227 TAILQ_INIT(&nfsrv_socklist);
228 TAILQ_INIT(&nfsrv_sockwait);
229 TAILQ_INIT(&nfsrv_sockwork);
230 TAILQ_INIT(&nfsrv_deadsocklist);
231 TAILQ_INIT(&nfsrv_sockwg);
232 TAILQ_INIT(&nfsd_head);
233 TAILQ_INIT(&nfsd_queue);
234 nfsrv_udpsock = NULL;
235
236 /* initialization complete */
237 nfsrv_initted = NFSRV_INITIALIZED;
238 }
239
240
241 /*
242 *
243 * NFS version 2 and 3 server request processing functions
244 *
245 * These functions take the following parameters:
246 *
247 * struct nfsrv_descript *nd - the NFS request descriptor
248 * struct nfsrv_sock *slp - the NFS socket the request came in on
249 * vfs_context_t ctx - VFS context
250 * mbuf_t *mrepp - pointer to hold the reply mbuf list
251 *
252 * These routines generally have 3 phases:
253 *
254 * 1 - break down and validate the RPC request in the mbuf chain
255 * provided in nd->nd_nmreq.
256 * 2 - perform the vnode operations for the request
257 * (many are very similar to syscalls in vfs_syscalls.c and
258 * should therefore be kept in sync with those implementations)
259 * 3 - build the RPC reply in an mbuf chain (nmrep) and return the mbuf chain
260 *
261 */
262
263 /*
264 * nfs v3 access service
265 */
266 int
267 nfsrv_access(
268 struct nfsrv_descript *nd,
269 struct nfsrv_sock *slp,
270 vfs_context_t ctx,
271 mbuf_t *mrepp)
272 {
273 struct nfsm_chain *nmreq, nmrep;
274 vnode_t vp;
275 int error, attrerr;
276 struct vnode_attr vattr;
277 struct nfs_filehandle nfh;
278 u_int32_t nfsmode;
279 kauth_action_t testaction;
280 struct nfs_export *nx;
281 struct nfs_export_options *nxo;
282
283 error = 0;
284 attrerr = ENOENT;
285 nfsmode = 0;
286 nmreq = &nd->nd_nmreq;
287 nfsm_chain_null(&nmrep);
288 *mrepp = NULL;
289 vp = NULL;
290
291 nfsm_chain_get_fh_ptr(error, nmreq, NFS_VER3, nfh.nfh_fhp, nfh.nfh_len);
292 nfsm_chain_get_32(error, nmreq, nfsmode);
293 nfsmerr_if(error);
294 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
295 nfsmerr_if(error);
296
297 /* update export stats */
298 NFSStatAdd64(&nx->nx_stats.ops, 1);
299
300 /* update active user stats */
301 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
302
303 error = nfsrv_credcheck(nd, ctx, nx, nxo);
304 nfsmerr_if(error);
305
306 /*
307 * Each NFS mode bit is tested separately.
308 *
309 * XXX this code is nominally correct, but returns a pessimistic
310 * rather than optimistic result. It will be necessary to add
311 * an NFS-specific interface to the vnode_authorize code to
312 * obtain good performance in the optimistic mode.
313 */
314 if (nfsmode & NFS_ACCESS_READ) {
315 if (vnode_isdir(vp)) {
316 testaction =
317 KAUTH_VNODE_LIST_DIRECTORY |
318 KAUTH_VNODE_READ_EXTATTRIBUTES;
319 } else {
320 testaction =
321 KAUTH_VNODE_READ_DATA |
322 KAUTH_VNODE_READ_EXTATTRIBUTES;
323 }
324 if (nfsrv_authorize(vp, NULL, testaction, ctx, nxo, 0))
325 nfsmode &= ~NFS_ACCESS_READ;
326 }
327 if ((nfsmode & NFS_ACCESS_LOOKUP) &&
328 (!vnode_isdir(vp) ||
329 nfsrv_authorize(vp, NULL, KAUTH_VNODE_SEARCH, ctx, nxo, 0)))
330 nfsmode &= ~NFS_ACCESS_LOOKUP;
331 if (nfsmode & NFS_ACCESS_MODIFY) {
332 if (vnode_isdir(vp)) {
333 testaction =
334 KAUTH_VNODE_ADD_FILE |
335 KAUTH_VNODE_ADD_SUBDIRECTORY |
336 KAUTH_VNODE_DELETE_CHILD;
337 } else {
338 testaction =
339 KAUTH_VNODE_WRITE_DATA;
340 }
341 if (nfsrv_authorize(vp, NULL, testaction, ctx, nxo, 0))
342 nfsmode &= ~NFS_ACCESS_MODIFY;
343 }
344 if (nfsmode & NFS_ACCESS_EXTEND) {
345 if (vnode_isdir(vp)) {
346 testaction =
347 KAUTH_VNODE_ADD_FILE |
348 KAUTH_VNODE_ADD_SUBDIRECTORY;
349 } else {
350 testaction =
351 KAUTH_VNODE_WRITE_DATA |
352 KAUTH_VNODE_APPEND_DATA;
353 }
354 if (nfsrv_authorize(vp, NULL, testaction, ctx, nxo, 0))
355 nfsmode &= ~NFS_ACCESS_EXTEND;
356 }
357
358 /*
359 * Note concerning NFS_ACCESS_DELETE:
360 * For hard links, the answer may be wrong if the vnode
361 * has multiple parents with different permissions.
362 * Also, some clients (e.g. MacOSX 10.3) may incorrectly
363 * interpret the missing/cleared DELETE bit.
364 * So we'll just leave the DELETE bit alone. At worst,
365 * we're telling the client it might be able to do
366 * something it really can't.
367 */
368
369 if ((nfsmode & NFS_ACCESS_EXECUTE) &&
370 (vnode_isdir(vp) ||
371 nfsrv_authorize(vp, NULL, KAUTH_VNODE_EXECUTE, ctx, nxo, 0)))
372 nfsmode &= ~NFS_ACCESS_EXECUTE;
373
374 /* get postop attributes */
375 nfsm_srv_vattr_init(&vattr, NFS_VER3);
376 attrerr = vnode_getattr(vp, &vattr, ctx);
377
378 nfsmerr:
379 /* assemble reply */
380 nd->nd_repstat = error;
381 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(NFS_VER3) + NFSX_UNSIGNED);
382 nfsmout_if(error);
383 *mrepp = nmrep.nmc_mhead;
384 nfsmout_on_status(nd, error);
385 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &vattr);
386 if (!nd->nd_repstat)
387 nfsm_chain_add_32(error, &nmrep, nfsmode);
388 nfsmout:
389 nfsm_chain_build_done(error, &nmrep);
390 if (vp)
391 vnode_put(vp);
392 if (error) {
393 nfsm_chain_cleanup(&nmrep);
394 *mrepp = NULL;
395 }
396 return (error);
397 }
398
399 /*
400 * nfs getattr service
401 */
402 int
403 nfsrv_getattr(
404 struct nfsrv_descript *nd,
405 struct nfsrv_sock *slp,
406 vfs_context_t ctx,
407 mbuf_t *mrepp)
408 {
409 struct nfsm_chain *nmreq, nmrep;
410 struct vnode_attr vattr;
411 vnode_t vp;
412 int error;
413 struct nfs_filehandle nfh;
414 struct nfs_export *nx;
415 struct nfs_export_options *nxo;
416
417 error = 0;
418 nmreq = &nd->nd_nmreq;
419 nfsm_chain_null(&nmrep);
420 *mrepp = NULL;
421 vp = NULL;
422
423 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
424 nfsmerr_if(error);
425 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
426 nfsmerr_if(error);
427
428 /* update export stats */
429 NFSStatAdd64(&nx->nx_stats.ops, 1);
430
431 /* update active user stats */
432 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
433
434 error = nfsrv_credcheck(nd, ctx, nx, nxo);
435 nfsmerr_if(error);
436
437 nfsm_srv_vattr_init(&vattr, nd->nd_vers);
438 error = vnode_getattr(vp, &vattr, ctx);
439 vnode_put(vp);
440 vp = NULL;
441
442 nfsmerr:
443 /* assemble reply */
444 nd->nd_repstat = error;
445 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_FATTR(nd->nd_vers));
446 nfsmout_if(error);
447 *mrepp = nmrep.nmc_mhead;
448 nfsmout_if(nd->nd_repstat);
449 error = nfsm_chain_add_fattr(nd, &nmrep, &vattr);
450 nfsmout:
451 nfsm_chain_build_done(error, &nmrep);
452 if (vp)
453 vnode_put(vp);
454 if (error) {
455 nfsm_chain_cleanup(&nmrep);
456 *mrepp = NULL;
457 }
458 return (error);
459 }
460
461 /*
462 * nfs setattr service
463 */
464 int
465 nfsrv_setattr(
466 struct nfsrv_descript *nd,
467 struct nfsrv_sock *slp,
468 vfs_context_t ctx,
469 mbuf_t *mrepp)
470 {
471 struct nfsm_chain *nmreq, nmrep;
472 struct vnode_attr preattr, postattr;
473 struct vnode_attr vattr, *vap = &vattr;
474 vnode_t vp;
475 struct nfs_export *nx;
476 struct nfs_export_options *nxo;
477 int error, preattrerr, postattrerr, gcheck;
478 struct nfs_filehandle nfh;
479 struct timespec guard = { 0, 0 };
480 kauth_action_t action;
481 uid_t saved_uid;
482
483 error = 0;
484 preattrerr = postattrerr = ENOENT;
485 gcheck = 0;
486 nmreq = &nd->nd_nmreq;
487 nfsm_chain_null(&nmrep);
488 *mrepp = NULL;
489 vp = NULL;
490
491 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
492 nfsmerr_if(error);
493
494 VATTR_INIT(vap);
495 error = nfsm_chain_get_sattr(nd, nmreq, vap);
496 if (nd->nd_vers == NFS_VER3) {
497 nfsm_chain_get_32(error, nmreq, gcheck);
498 if (gcheck)
499 nfsm_chain_get_time(error, nmreq, nd->nd_vers, guard.tv_sec, guard.tv_nsec);
500 }
501 nfsmerr_if(error);
502
503 /*
504 * Save the original credential UID in case they are
505 * mapped and we need to map the IDs in the attributes.
506 */
507 saved_uid = kauth_cred_getuid(nd->nd_cr);
508
509 /*
510 * Now that we have all the fields, lets do it.
511 */
512 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
513 nfsmerr_if(error);
514
515 /* update export stats */
516 NFSStatAdd64(&nx->nx_stats.ops, 1);
517
518 /* update active user stats */
519 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
520
521 error = nfsrv_credcheck(nd, ctx, nx, nxo);
522 nfsmerr_if(error);
523
524 if (nd->nd_vers == NFS_VER3) {
525 nfsm_srv_pre_vattr_init(&preattr);
526 error = preattrerr = vnode_getattr(vp, &preattr, ctx);
527 if (!error && gcheck && VATTR_IS_SUPPORTED(&preattr, va_change_time) &&
528 (preattr.va_change_time.tv_sec != guard.tv_sec ||
529 preattr.va_change_time.tv_nsec != guard.tv_nsec))
530 error = NFSERR_NOT_SYNC;
531 if (!preattrerr && !VATTR_ALL_SUPPORTED(&preattr))
532 preattrerr = ENOENT;
533 nfsmerr_if(error);
534 }
535
536 /*
537 * If the credentials were mapped, we should
538 * map the same values in the attributes.
539 */
540 if ((vap->va_uid == saved_uid) && (kauth_cred_getuid(nd->nd_cr) != saved_uid)) {
541 int ismember;
542 VATTR_SET(vap, va_uid, kauth_cred_getuid(nd->nd_cr));
543 if (kauth_cred_ismember_gid(nd->nd_cr, vap->va_gid, &ismember) || !ismember)
544 VATTR_SET(vap, va_gid, kauth_cred_getgid(nd->nd_cr));
545 }
546
547 /* Authorize the attribute changes. */
548 error = vnode_authattr(vp, vap, &action, ctx);
549 if (!error)
550 error = nfsrv_authorize(vp, NULL, action, ctx, nxo, 0);
551
552 /* set the new attributes */
553 if (!error)
554 error = vnode_setattr(vp, vap, ctx);
555
556 if (!error || (nd->nd_vers == NFS_VER3)) {
557 nfsm_srv_vattr_init(&postattr, nd->nd_vers);
558 postattrerr = vnode_getattr(vp, &postattr, ctx);
559 if (!error)
560 error = postattrerr;
561 }
562
563 nfsmerr:
564 if (vp)
565 vnode_put(vp);
566
567 /* assemble reply */
568 nd->nd_repstat = error;
569 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_WCCORFATTR(nd->nd_vers));
570 nfsmout_if(error);
571 *mrepp = nmrep.nmc_mhead;
572 nfsmout_on_status(nd, error);
573 if (nd->nd_vers == NFS_VER3)
574 nfsm_chain_add_wcc_data(error, nd, &nmrep,
575 preattrerr, &preattr, postattrerr, &postattr);
576 else
577 error = nfsm_chain_add_fattr(nd, &nmrep, &postattr);
578 nfsmout:
579 nfsm_chain_build_done(error, &nmrep);
580 if (error) {
581 nfsm_chain_cleanup(&nmrep);
582 *mrepp = NULL;
583 }
584 return (error);
585 }
586
587 /*
588 * nfs lookup rpc
589 */
590 int
591 nfsrv_lookup(
592 struct nfsrv_descript *nd,
593 struct nfsrv_sock *slp,
594 vfs_context_t ctx,
595 mbuf_t *mrepp)
596 {
597 struct nameidata ni;
598 vnode_t vp, dirp = NULL;
599 struct nfs_filehandle dnfh, nfh;
600 struct nfs_export *nx = NULL;
601 struct nfs_export_options *nxo;
602 int error, attrerr, dirattrerr, isdotdot;
603 uint32_t len = 0;
604 uid_t saved_uid;
605 struct vnode_attr va, dirattr, *vap = &va;
606 struct nfsm_chain *nmreq, nmrep;
607
608 error = 0;
609 attrerr = dirattrerr = ENOENT;
610 nmreq = &nd->nd_nmreq;
611 nfsm_chain_null(&nmrep);
612 saved_uid = kauth_cred_getuid(nd->nd_cr);
613
614 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, dnfh.nfh_fhp, dnfh.nfh_len);
615 nfsm_chain_get_32(error, nmreq, len);
616 nfsm_name_len_check(error, nd, len);
617 nfsmerr_if(error);
618
619 ni.ni_cnd.cn_nameiop = LOOKUP;
620 ni.ni_cnd.cn_flags = LOCKLEAF;
621 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
622 isdotdot = ((len == 2) && (ni.ni_cnd.cn_pnbuf[0] == '.') && (ni.ni_cnd.cn_pnbuf[1] == '.'));
623 if (!error) {
624 error = nfsrv_namei(nd, ctx, &ni, &dnfh, &dirp, &nx, &nxo);
625 if (nx != NULL) {
626 /* update export stats */
627 NFSStatAdd64(&nx->nx_stats.ops, 1);
628
629 /* update active user stats */
630 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
631 }
632 }
633
634 if (dirp) {
635 if (nd->nd_vers == NFS_VER3) {
636 nfsm_srv_vattr_init(&dirattr, NFS_VER3);
637 dirattrerr = vnode_getattr(dirp, &dirattr, ctx);
638 }
639 vnode_put(dirp);
640 }
641 nfsmerr_if(error);
642
643 nameidone(&ni);
644
645 vp = ni.ni_vp;
646 error = nfsrv_vptofh(nx, nd->nd_vers, (isdotdot ? &dnfh : NULL), vp, ctx, &nfh);
647 if (!error) {
648 nfsm_srv_vattr_init(vap, nd->nd_vers);
649 attrerr = vnode_getattr(vp, vap, ctx);
650 }
651 vnode_put(vp);
652
653 nfsmerr:
654 /* assemble reply */
655 nd->nd_repstat = error;
656 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_SRVFH(nd->nd_vers, &nfh) +
657 NFSX_POSTOPORFATTR(nd->nd_vers) + NFSX_POSTOPATTR(nd->nd_vers));
658 nfsmout_if(error);
659 *mrepp = nmrep.nmc_mhead;
660 if (nd->nd_repstat) {
661 if (nd->nd_vers == NFS_VER3)
662 nfsm_chain_add_postop_attr(error, nd, &nmrep, dirattrerr, &dirattr);
663 goto nfsmout;
664 }
665 nfsm_chain_add_fh(error, &nmrep, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
666 if (nd->nd_vers == NFS_VER3) {
667 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, vap);
668 nfsm_chain_add_postop_attr(error, nd, &nmrep, dirattrerr, &dirattr);
669 } else if (!error) {
670 error = nfsm_chain_add_fattr(nd, &nmrep, vap);
671 }
672 nfsmout:
673 nfsm_chain_build_done(error, &nmrep);
674 if (error) {
675 nfsm_chain_cleanup(&nmrep);
676 *mrepp = NULL;
677 }
678 return (error);
679 }
680
681 /*
682 * nfs readlink service
683 */
684 int
685 nfsrv_readlink(
686 struct nfsrv_descript *nd,
687 struct nfsrv_sock *slp,
688 vfs_context_t ctx,
689 mbuf_t *mrepp)
690 {
691 int error, mpcnt, tlen, len, attrerr;
692 vnode_t vp;
693 struct vnode_attr vattr;
694 struct nfs_filehandle nfh;
695 struct nfs_export *nx;
696 struct nfs_export_options *nxo;
697 struct nfsm_chain *nmreq, nmrep;
698 mbuf_t mpath, mp;
699 uio_t auio = NULL;
700 char uio_buf[ UIO_SIZEOF(4) ];
701 char *uio_bufp = &uio_buf[0];
702 int uio_buflen = UIO_SIZEOF(4);
703
704 error = 0;
705 attrerr = ENOENT;
706 nmreq = &nd->nd_nmreq;
707 nfsm_chain_null(&nmrep);
708 mpath = NULL;
709 vp = NULL;
710 len = NFS_MAXPATHLEN;
711
712 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
713 nfsmerr_if(error);
714
715 /* get mbuf list to hold symlink path */
716 error = nfsm_mbuf_get_list(len, &mpath, &mpcnt);
717 nfsmerr_if(error);
718 if (mpcnt > 4) {
719 uio_buflen = UIO_SIZEOF(mpcnt);
720 MALLOC(uio_bufp, char*, uio_buflen, M_TEMP, M_WAITOK);
721 if (!uio_bufp)
722 error = ENOMEM;
723 nfsmerr_if(error);
724 }
725 auio = uio_createwithbuffer(mpcnt, 0, UIO_SYSSPACE, UIO_READ, uio_bufp, uio_buflen);
726 if (!auio)
727 error = ENOMEM;
728 nfsmerr_if(error);
729
730 for (mp = mpath; mp; mp = mbuf_next(mp))
731 uio_addiov(auio, CAST_USER_ADDR_T((caddr_t)mbuf_data(mp)), mbuf_len(mp));
732
733 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
734 nfsmerr_if(error);
735
736 /* update export stats */
737 NFSStatAdd64(&nx->nx_stats.ops, 1);
738
739 /* update active user stats */
740 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
741
742 error = nfsrv_credcheck(nd, ctx, nx, nxo);
743 nfsmerr_if(error);
744
745 if (vnode_vtype(vp) != VLNK) {
746 if (nd->nd_vers == NFS_VER3)
747 error = EINVAL;
748 else
749 error = ENXIO;
750 }
751
752 if (!error)
753 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_READ_DATA, ctx, nxo, 0);
754 if (!error)
755 error = VNOP_READLINK(vp, auio, ctx);
756 if (vp) {
757 if (nd->nd_vers == NFS_VER3) {
758 nfsm_srv_vattr_init(&vattr, NFS_VER3);
759 attrerr = vnode_getattr(vp, &vattr, ctx);
760 }
761 vnode_put(vp);
762 vp = NULL;
763 }
764 if (error) {
765 mbuf_freem(mpath);
766 mpath = NULL;
767 }
768
769 nfsmerr:
770 /* assemble reply */
771 nd->nd_repstat = error;
772 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(nd->nd_vers) + NFSX_UNSIGNED);
773 nfsmout_if(error);
774 *mrepp = nmrep.nmc_mhead;
775 nfsmout_on_status(nd, error);
776 if (nd->nd_vers == NFS_VER3)
777 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &vattr);
778 if (error || nd->nd_repstat) {
779 nfsm_chain_build_done(error, &nmrep);
780 goto nfsmout;
781 }
782 if (auio && (uio_resid(auio) > 0)) {
783 len -= uio_resid(auio);
784 tlen = nfsm_rndup(len);
785 nfsm_adj(mpath, NFS_MAXPATHLEN-tlen, tlen-len);
786 }
787 nfsm_chain_add_32(error, &nmrep, len);
788 nfsm_chain_build_done(error, &nmrep);
789 nfsmout_if(error);
790 error = mbuf_setnext(nmrep.nmc_mcur, mpath);
791 if (!error)
792 mpath = NULL;
793 nfsmout:
794 if (vp)
795 vnode_put(vp);
796 if (mpath)
797 mbuf_freem(mpath);
798 if (uio_bufp != &uio_buf[0])
799 FREE(uio_bufp, M_TEMP);
800 if (error) {
801 nfsm_chain_cleanup(&nmrep);
802 *mrepp = NULL;
803 }
804 return (error);
805 }
806
807 /*
808 * nfs read service
809 */
810 int
811 nfsrv_read(
812 struct nfsrv_descript *nd,
813 struct nfsrv_sock *slp,
814 vfs_context_t ctx,
815 mbuf_t *mrepp)
816 {
817 int error, attrerr, mreadcnt;
818 uint32_t reqlen, maxlen, count, len, tlen, left;
819 mbuf_t mread, m;
820 vnode_t vp;
821 struct nfs_filehandle nfh;
822 struct nfs_export *nx;
823 struct nfs_export_options *nxo;
824 uio_t auio = NULL;
825 char *uio_bufp = NULL;
826 struct vnode_attr vattr, *vap = &vattr;
827 off_t off;
828 uid_t saved_uid;
829 char uio_buf[ UIO_SIZEOF(0) ];
830 struct nfsm_chain *nmreq, nmrep;
831
832 error = 0;
833 attrerr = ENOENT;
834 nmreq = &nd->nd_nmreq;
835 nfsm_chain_null(&nmrep);
836 mread = NULL;
837 vp = NULL;
838 len = reqlen = 0;
839 saved_uid = kauth_cred_getuid(nd->nd_cr);
840
841 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
842 nfsmerr_if(error);
843 if (nd->nd_vers == NFS_VER3)
844 nfsm_chain_get_64(error, nmreq, off);
845 else
846 nfsm_chain_get_32(error, nmreq, off);
847 nfsm_chain_get_32(error, nmreq, reqlen);
848 maxlen = NFSRV_NDMAXDATA(nd);
849 if (reqlen > maxlen)
850 reqlen = maxlen;
851 nfsmerr_if(error);
852 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
853 nfsmerr_if(error);
854
855 /* update export stats */
856 NFSStatAdd64(&nx->nx_stats.ops, 1);
857
858 error = nfsrv_credcheck(nd, ctx, nx, nxo);
859 nfsmerr_if(error);
860
861 if (vnode_vtype(vp) != VREG) {
862 if (nd->nd_vers == NFS_VER3)
863 error = EINVAL;
864 else
865 error = (vnode_vtype(vp) == VDIR) ? EISDIR : EACCES;
866 }
867
868 if (!error) {
869 if ((error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_READ_DATA, ctx, nxo, 1)))
870 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_EXECUTE, ctx, nxo, 1);
871 }
872 nfsm_srv_vattr_init(vap, nd->nd_vers);
873 attrerr = vnode_getattr(vp, vap, ctx);
874 if (!error)
875 error = attrerr;
876 nfsmerr_if(error);
877
878 if ((u_quad_t)off >= vap->va_data_size)
879 count = 0;
880 else if (((u_quad_t)off + reqlen) > vap->va_data_size)
881 count = nfsm_rndup(vap->va_data_size - off);
882 else
883 count = reqlen;
884
885 len = left = count;
886 if (count > 0) {
887 /* get mbuf list to hold read data */
888 error = nfsm_mbuf_get_list(count, &mread, &mreadcnt);
889 nfsmerr_if(error);
890 MALLOC(uio_bufp, char *, UIO_SIZEOF(mreadcnt), M_TEMP, M_WAITOK);
891 if (uio_bufp)
892 auio = uio_createwithbuffer(mreadcnt, off, UIO_SYSSPACE,
893 UIO_READ, uio_bufp, UIO_SIZEOF(mreadcnt));
894 if (!uio_bufp || !auio) {
895 error = ENOMEM;
896 goto errorexit;
897 }
898 for (m = mread; m; m = mbuf_next(m))
899 uio_addiov(auio, CAST_USER_ADDR_T((caddr_t)mbuf_data(m)), mbuf_len(m));
900 error = VNOP_READ(vp, auio, IO_NODELOCKED, ctx);
901 } else {
902 auio = uio_createwithbuffer(0, 0, UIO_SYSSPACE, UIO_READ, &uio_buf[0], sizeof(uio_buf));
903 if (!auio) {
904 error = ENOMEM;
905 goto errorexit;
906 }
907 }
908
909 errorexit:
910 if (!error || (nd->nd_vers == NFS_VER3)) {
911 nfsm_srv_vattr_init(vap, nd->nd_vers);
912 attrerr = vnode_getattr(vp, vap, ctx);
913 if (!error && (nd->nd_vers == NFS_VER2))
914 error = attrerr; /* NFSv2 must have attributes to return */
915 }
916 nfsmerr_if(error);
917
918 vnode_put(vp);
919 vp = NULL;
920
921 /* trim off any data not actually read */
922 len -= uio_resid(auio);
923 tlen = nfsm_rndup(len);
924 if (count != tlen || tlen != len)
925 nfsm_adj(mread, count - tlen, tlen - len);
926
927 nfsmerr:
928 /* assemble reply */
929 nd->nd_repstat = error;
930 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPORFATTR(nd->nd_vers) + 3 * NFSX_UNSIGNED);
931 nfsmout_if(error);
932 *mrepp = nmrep.nmc_mhead;
933 nfsmout_on_status(nd, error);
934 if (nd->nd_vers == NFS_VER3)
935 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, vap);
936 if (error || nd->nd_repstat) {
937 nfsm_chain_build_done(error, &nmrep);
938 goto nfsmout;
939 }
940 if (nd->nd_vers == NFS_VER3) {
941 nfsm_chain_add_32(error, &nmrep, len);
942 nfsm_chain_add_32(error, &nmrep, (len < reqlen) ? TRUE : FALSE);
943 } else {
944 error = nfsm_chain_add_fattr(nd, &nmrep, vap);
945 }
946 nfsm_chain_add_32(error, &nmrep, len);
947 nfsm_chain_build_done(error, &nmrep);
948 nfsmout_if(error);
949 error = mbuf_setnext(nmrep.nmc_mcur, mread);
950 if (!error)
951 mread = NULL;
952
953 /* update export stats */
954 NFSStatAdd64(&nx->nx_stats.bytes_read, len);
955
956 /* update active user stats */
957 nfsrv_update_user_stat(nx, nd, saved_uid, 1, len, 0);
958 nfsmout:
959 if (vp)
960 vnode_put(vp);
961 if (mread)
962 mbuf_freem(mread);
963 if (uio_bufp != NULL)
964 FREE(uio_bufp, M_TEMP);
965 if (error) {
966 nfsm_chain_cleanup(&nmrep);
967 *mrepp = NULL;
968 }
969 return (error);
970 }
971
972 #if CONFIG_FSE
973 /*
974 * NFS File modification reporting
975 *
976 * When the contents of a file are changed, a "content modified"
977 * fsevent needs to be issued. Normally this would be done at
978 * file close time. This is difficult for NFS because the protocol
979 * has no "close" operation. The client sends a stream of write
980 * requests that just stop. So we keep a hash table full of
981 * vnodes that have been written to recently, and issue a
982 * "content modified" fsevent only if there are no writes to
983 * a vnode for nfsrv_fmod_pendtime milliseconds.
984 */
985 int nfsrv_fmod_pending; /* count of vnodes being written to */
986 int nfsrv_fmod_pendtime = 1000; /* msec to wait */
987 int nfsrv_fmod_min_interval = 100; /* msec min interval between callbacks */
988
989 /*
990 * This function is called via the kernel's callout
991 * mechanism. Calls are made only when there are
992 * vnodes pending a fsevent creation, and no more
993 * frequently than every nfsrv_fmod_min_interval ms.
994 */
995 void
996 nfsrv_fmod_timer(__unused void *param0, __unused void *param1)
997 {
998 struct nfsrv_fmod_hashhead *headp, firehead;
999 struct nfsrv_fmod *fp, *nfp, *pfp;
1000 uint64_t timenow, next_deadline;
1001 int interval = 0, i, fmod_fire;
1002
1003 LIST_INIT(&firehead);
1004 lck_mtx_lock(nfsrv_fmod_mutex);
1005 again:
1006 clock_get_uptime(&timenow);
1007 clock_interval_to_deadline(nfsrv_fmod_pendtime, 1000 * 1000,
1008 &next_deadline);
1009
1010 /*
1011 * Scan all the hash chains
1012 */
1013 fmod_fire = 0;
1014 for (i = 0; i < NFSRVFMODHASHSZ; i++) {
1015 /*
1016 * For each hash chain, look for an entry
1017 * that has exceeded the deadline.
1018 */
1019 headp = &nfsrv_fmod_hashtbl[i];
1020 LIST_FOREACH(fp, headp, fm_link) {
1021 if (timenow >= fp->fm_deadline)
1022 break;
1023 if (fp->fm_deadline < next_deadline)
1024 next_deadline = fp->fm_deadline;
1025 }
1026
1027 /*
1028 * If we have an entry that's exceeded the
1029 * deadline, then the same is true for all
1030 * following entries in the chain, since they're
1031 * sorted in time order.
1032 */
1033 pfp = NULL;
1034 while (fp) {
1035 /* move each entry to the fire list */
1036 nfp = LIST_NEXT(fp, fm_link);
1037 LIST_REMOVE(fp, fm_link);
1038 fmod_fire++;
1039 if (pfp)
1040 LIST_INSERT_AFTER(pfp, fp, fm_link);
1041 else
1042 LIST_INSERT_HEAD(&firehead, fp, fm_link);
1043 pfp = fp;
1044 fp = nfp;
1045 }
1046 }
1047
1048 if (fmod_fire) {
1049 lck_mtx_unlock(nfsrv_fmod_mutex);
1050 /*
1051 * Fire off the content modified fsevent for each
1052 * entry and free it.
1053 */
1054 LIST_FOREACH_SAFE(fp, &firehead, fm_link, nfp) {
1055 if (nfsrv_fsevents_enabled)
1056 add_fsevent(FSE_CONTENT_MODIFIED, &fp->fm_context,
1057 FSE_ARG_VNODE, fp->fm_vp,
1058 FSE_ARG_DONE);
1059 vnode_put(fp->fm_vp);
1060 kauth_cred_unref(&fp->fm_context.vc_ucred);
1061 LIST_REMOVE(fp, fm_link);
1062 FREE(fp, M_TEMP);
1063 }
1064 lck_mtx_lock(nfsrv_fmod_mutex);
1065 nfsrv_fmod_pending -= fmod_fire;
1066 goto again;
1067 }
1068
1069 /*
1070 * If there are still pending entries, set up another
1071 * callout to handle them later. Set the timeout deadline
1072 * so that the callout happens when the oldest pending
1073 * entry is ready to send its fsevent.
1074 */
1075 if (nfsrv_fmod_pending > 0) {
1076 interval = (next_deadline - timenow) / (1000 * 1000);
1077 if (interval < nfsrv_fmod_min_interval)
1078 interval = nfsrv_fmod_min_interval;
1079 }
1080
1081 nfsrv_fmod_timer_on = interval > 0;
1082 if (nfsrv_fmod_timer_on)
1083 nfs_interval_timer_start(nfsrv_fmod_timer_call, interval);
1084
1085 lck_mtx_unlock(nfsrv_fmod_mutex);
1086 }
1087
1088 /*
1089 * When a vnode has been written to, enter it in the hash
1090 * table of vnodes pending creation of an fsevent. If the
1091 * callout timer isn't already running, schedule a callback
1092 * for nfsrv_fmod_pendtime msec from now.
1093 */
1094 void
1095 nfsrv_modified(vnode_t vp, vfs_context_t ctx)
1096 {
1097 uint64_t deadline;
1098 struct nfsrv_fmod *fp;
1099 struct nfsrv_fmod_hashhead *head;
1100
1101 lck_mtx_lock(nfsrv_fmod_mutex);
1102
1103 /*
1104 * Compute the time in the future when the
1105 * content modified fsevent is to be issued.
1106 */
1107 clock_interval_to_deadline(nfsrv_fmod_pendtime, 1000 * 1000, &deadline);
1108
1109 /*
1110 * Check if there's already a file content change fsevent
1111 * pending for this vnode. If there is, update its
1112 * timestamp and make sure it's at the front of the hash chain.
1113 */
1114 head = &nfsrv_fmod_hashtbl[NFSRVFMODHASH(vp)];
1115 LIST_FOREACH(fp, head, fm_link) {
1116 if (vp == fp->fm_vp) {
1117 fp->fm_deadline = deadline;
1118 if (fp != LIST_FIRST(head)) {
1119 LIST_REMOVE(fp, fm_link);
1120 LIST_INSERT_HEAD(head, fp, fm_link);
1121 }
1122 lck_mtx_unlock(nfsrv_fmod_mutex);
1123 return;
1124 }
1125 }
1126
1127 /*
1128 * First content change fsevent for this vnode.
1129 * Allocate a new file mod entry and add it
1130 * on the front of the hash chain.
1131 */
1132 if (vnode_get(vp) != 0)
1133 goto done;
1134 MALLOC(fp, struct nfsrv_fmod *, sizeof(*fp), M_TEMP, M_WAITOK);
1135 if (fp == NULL) {
1136 vnode_put(vp);
1137 goto done;
1138 }
1139 fp->fm_vp = vp;
1140 kauth_cred_ref(vfs_context_ucred(ctx));
1141 fp->fm_context = *ctx;
1142 fp->fm_deadline = deadline;
1143 LIST_INSERT_HEAD(head, fp, fm_link);
1144
1145 /*
1146 * If added to an empty hash table, then set the
1147 * callout timer to go off after nfsrv_fmod_pendtime.
1148 */
1149 nfsrv_fmod_pending++;
1150 if (!nfsrv_fmod_timer_on) {
1151 nfsrv_fmod_timer_on = 1;
1152 nfs_interval_timer_start(nfsrv_fmod_timer_call,
1153 nfsrv_fmod_pendtime);
1154 }
1155 done:
1156 lck_mtx_unlock(nfsrv_fmod_mutex);
1157 return;
1158 }
1159 #endif /* CONFIG_FSE */
1160
1161 /*
1162 * nfs write service
1163 */
1164 int
1165 nfsrv_write(
1166 struct nfsrv_descript *nd,
1167 struct nfsrv_sock *slp,
1168 vfs_context_t ctx,
1169 mbuf_t *mrepp)
1170 {
1171 struct vnode_attr preattr, postattr;
1172 int error, preattrerr, postattrerr;
1173 int ioflags, len, retlen;
1174 int mlen, mcount;
1175 int stable = NFS_WRITE_FILESYNC;
1176 mbuf_t m;
1177 vnode_t vp;
1178 struct nfs_filehandle nfh;
1179 struct nfs_export *nx;
1180 struct nfs_export_options *nxo;
1181 uio_t auio = NULL;
1182 char *uio_bufp = NULL;
1183 off_t off;
1184 uid_t saved_uid;
1185 struct nfsm_chain *nmreq, nmrep;
1186
1187 if (nd->nd_nmreq.nmc_mhead == NULL) {
1188 *mrepp = NULL;
1189 return (0);
1190 }
1191
1192 error = 0;
1193 preattrerr = postattrerr = ENOENT;
1194 saved_uid = kauth_cred_getuid(nd->nd_cr);
1195 nmreq = &nd->nd_nmreq;
1196 nfsm_chain_null(&nmrep);
1197 vp = NULL;
1198 len = retlen = 0;
1199
1200 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
1201 nfsmerr_if(error);
1202 if (nd->nd_vers == NFS_VER3) {
1203 nfsm_chain_get_64(error, nmreq, off);
1204 nfsm_chain_adv(error, nmreq, NFSX_UNSIGNED);
1205 nfsm_chain_get_32(error, nmreq, stable);
1206 } else {
1207 nfsm_chain_adv(error, nmreq, NFSX_UNSIGNED);
1208 nfsm_chain_get_32(error, nmreq, off);
1209 nfsm_chain_adv(error, nmreq, NFSX_UNSIGNED);
1210 if (nfsrv_async)
1211 stable = NFS_WRITE_UNSTABLE;
1212 }
1213 nfsm_chain_get_32(error, nmreq, len);
1214 nfsmerr_if(error);
1215 retlen = len;
1216
1217 /*
1218 * For NFS Version 2, it is not obvious what a write of zero length
1219 * should do, but I might as well be consistent with Version 3,
1220 * which is to return ok so long as there are no permission problems.
1221 */
1222
1223 if (len > 0) {
1224 error = nfsm_chain_trim_data(nmreq, len, &mlen);
1225 nfsmerr_if(error);
1226 } else {
1227 mlen = 0;
1228 }
1229 if ((len > NFSRV_MAXDATA) || (len < 0) || (mlen < len)) {
1230 error = EIO;
1231 goto nfsmerr;
1232 }
1233 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
1234 nfsmerr_if(error);
1235
1236 /* update export stats */
1237 NFSStatAdd64(&nx->nx_stats.ops, 1);
1238
1239 error = nfsrv_credcheck(nd, ctx, nx, nxo);
1240 nfsmerr_if(error);
1241
1242 if (nd->nd_vers == NFS_VER3) {
1243 nfsm_srv_pre_vattr_init(&preattr);
1244 preattrerr = vnode_getattr(vp, &preattr, ctx);
1245 }
1246 if (vnode_vtype(vp) != VREG) {
1247 if (nd->nd_vers == NFS_VER3)
1248 error = EINVAL;
1249 else
1250 error = (vnode_vtype(vp) == VDIR) ? EISDIR : EACCES;
1251 }
1252 if (!error)
1253 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_WRITE_DATA, ctx, nxo, 1);
1254 nfsmerr_if(error);
1255
1256 if (len > 0) {
1257 for (mcount=0, m=nmreq->nmc_mcur; m; m = mbuf_next(m))
1258 if (mbuf_len(m) > 0)
1259 mcount++;
1260 MALLOC(uio_bufp, char *, UIO_SIZEOF(mcount), M_TEMP, M_WAITOK);
1261 if (uio_bufp)
1262 auio = uio_createwithbuffer(mcount, off, UIO_SYSSPACE, UIO_WRITE, uio_bufp, UIO_SIZEOF(mcount));
1263 if (!uio_bufp || !auio)
1264 error = ENOMEM;
1265 nfsmerr_if(error);
1266 for (m = nmreq->nmc_mcur; m; m = mbuf_next(m))
1267 if ((mlen = mbuf_len(m)) > 0)
1268 uio_addiov(auio, CAST_USER_ADDR_T((caddr_t)mbuf_data(m)), mlen);
1269 /*
1270 * XXX The IO_METASYNC flag indicates that all metadata (and not just
1271 * enough to ensure data integrity) mus be written to stable storage
1272 * synchronously. (IO_METASYNC is not yet implemented in 4.4BSD-Lite.)
1273 */
1274 if (stable == NFS_WRITE_UNSTABLE)
1275 ioflags = IO_NODELOCKED;
1276 else if (stable == NFS_WRITE_DATASYNC)
1277 ioflags = (IO_SYNC | IO_NODELOCKED);
1278 else
1279 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1280
1281 error = VNOP_WRITE(vp, auio, ioflags, ctx);
1282 OSAddAtomic(1, &nfsstats.srvvop_writes);
1283
1284 /* update export stats */
1285 NFSStatAdd64(&nx->nx_stats.bytes_written, len);
1286
1287 /* update active user stats */
1288 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, len);
1289
1290 #if CONFIG_FSE
1291 if (nfsrv_fsevents_enabled && !error && need_fsevent(FSE_CONTENT_MODIFIED, vp))
1292 nfsrv_modified(vp, ctx);
1293 #endif
1294 }
1295 nfsm_srv_vattr_init(&postattr, nd->nd_vers);
1296 postattrerr = vnode_getattr(vp, &postattr, ctx);
1297 if (!error && (nd->nd_vers == NFS_VER2))
1298 error = postattrerr; /* NFSv2 must have attributes to return */
1299 vnode_put(vp);
1300 vp = NULL;
1301
1302 nfsmerr:
1303 /* assemble reply */
1304 nd->nd_repstat = error;
1305 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_PREOPATTR(nd->nd_vers) +
1306 NFSX_POSTOPORFATTR(nd->nd_vers) + 2 * NFSX_UNSIGNED +
1307 NFSX_WRITEVERF(nd->nd_vers));
1308 nfsmout_if(error);
1309 *mrepp = nmrep.nmc_mhead;
1310 nfsmout_on_status(nd, error);
1311 if (nd->nd_vers == NFS_VER3) {
1312 nfsm_chain_add_wcc_data(error, nd, &nmrep,
1313 preattrerr, &preattr, postattrerr, &postattr);
1314 nfsmout_if(error || nd->nd_repstat);
1315 nfsm_chain_add_32(error, &nmrep, retlen);
1316 /* If nfsrv_async is set, then pretend the write was FILESYNC. */
1317 if ((stable == NFS_WRITE_UNSTABLE) && !nfsrv_async)
1318 nfsm_chain_add_32(error, &nmrep, stable);
1319 else
1320 nfsm_chain_add_32(error, &nmrep, NFS_WRITE_FILESYNC);
1321 /* write verifier */
1322 nfsm_chain_add_32(error, &nmrep, nx->nx_exptime.tv_sec);
1323 nfsm_chain_add_32(error, &nmrep, nx->nx_exptime.tv_usec);
1324 } else {
1325 error = nfsm_chain_add_fattr(nd, &nmrep, &postattr);
1326 }
1327 nfsmout:
1328 nfsm_chain_build_done(error, &nmrep);
1329 if (vp)
1330 vnode_put(vp);
1331 if (uio_bufp != NULL)
1332 FREE(uio_bufp, M_TEMP);
1333 if (error) {
1334 nfsm_chain_cleanup(&nmrep);
1335 *mrepp = NULL;
1336 }
1337 return (error);
1338 }
1339
1340 /*
1341 * NFS write service with write gathering support. Called when
1342 * nfsrv_wg_delay > 0.
1343 * See: Chet Juszczak, "Improving the Write Performance of an NFS Server",
1344 * in Proc. of the Winter 1994 Usenix Conference, pg. 247-259, San Franscisco,
1345 * Jan. 1994.
1346 */
1347
1348 #define NWDELAYHASH(sock, f) \
1349 (&(sock)->ns_wdelayhashtbl[(*((u_int32_t *)(f))) % NFS_WDELAYHASHSIZ])
1350 /* These macros compare nfsrv_descript structures. */
1351 #define NFSW_CONTIG(o, n) \
1352 (((o)->nd_eoff >= (n)->nd_off) && nfsrv_fhmatch(&(o)->nd_fh, &(n)->nd_fh))
1353 /*
1354 * XXX The following is an incorrect comparison; it fails to take into account
1355 * XXX scoping of MAC labels, but we currently lack KPI for credential
1356 * XXX comparisons.
1357 */
1358 #define NFSW_SAMECRED(o, n) \
1359 (!bcmp((caddr_t)(o)->nd_cr, (caddr_t)(n)->nd_cr, \
1360 sizeof (struct ucred)))
1361
1362 int
1363 nfsrv_writegather(
1364 struct nfsrv_descript **ndp,
1365 struct nfsrv_sock *slp,
1366 vfs_context_t ctx,
1367 mbuf_t *mrepp)
1368 {
1369 struct nfsrv_descript *nd, *wp, *owp, *swp;
1370 struct nfs_export *nx;
1371 struct nfs_export_options *nxo;
1372 struct nfsrv_wg_delayhash *wpp;
1373 uid_t saved_uid;
1374 struct vnode_attr preattr, postattr;
1375 int error, mlen, i, ioflags, tlen;
1376 int preattrerr, postattrerr;
1377 vnode_t vp;
1378 mbuf_t m;
1379 uio_t auio = NULL;
1380 char *uio_bufp = NULL;
1381 u_quad_t cur_usec;
1382 struct timeval now;
1383 struct nfsm_chain *nmreq, nmrep;
1384
1385 error = 0;
1386 preattrerr = postattrerr = ENOENT;
1387 nfsm_chain_null(&nmrep);
1388 vp = NULL;
1389
1390 *mrepp = NULL;
1391 if (*ndp) {
1392 nd = *ndp;
1393 *ndp = NULL;
1394 nmreq = &nd->nd_nmreq;
1395 LIST_INIT(&nd->nd_coalesce);
1396 nd->nd_mrep = NULL;
1397 nd->nd_stable = NFS_WRITE_FILESYNC;
1398 microuptime(&now);
1399 cur_usec = (u_quad_t)now.tv_sec * 1000000 + (u_quad_t)now.tv_usec;
1400 nd->nd_time = cur_usec +
1401 ((nd->nd_vers == NFS_VER3) ? nfsrv_wg_delay_v3 : nfsrv_wg_delay);
1402
1403 /* Now, get the write header... */
1404 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nd->nd_fh.nfh_fhp, nd->nd_fh.nfh_len);
1405 /* XXX shouldn't we be checking for invalid FHs before doing any more work? */
1406 nfsmerr_if(error);
1407 if (nd->nd_vers == NFS_VER3) {
1408 nfsm_chain_get_64(error, nmreq, nd->nd_off);
1409 nfsm_chain_adv(error, nmreq, NFSX_UNSIGNED);
1410 nfsm_chain_get_32(error, nmreq, nd->nd_stable);
1411 } else {
1412 nfsm_chain_adv(error, nmreq, NFSX_UNSIGNED);
1413 nfsm_chain_get_32(error, nmreq, nd->nd_off);
1414 nfsm_chain_adv(error, nmreq, NFSX_UNSIGNED);
1415 if (nfsrv_async)
1416 nd->nd_stable = NFS_WRITE_UNSTABLE;
1417 }
1418 nfsm_chain_get_32(error, nmreq, nd->nd_len);
1419 nfsmerr_if(error);
1420 nd->nd_eoff = nd->nd_off + nd->nd_len;
1421
1422 if (nd->nd_len > 0) {
1423 error = nfsm_chain_trim_data(nmreq, nd->nd_len, &mlen);
1424 nfsmerr_if(error);
1425 } else {
1426 mlen = 0;
1427 }
1428
1429 if ((nd->nd_len > NFSRV_MAXDATA) || (nd->nd_len < 0) || (mlen < nd->nd_len)) {
1430 error = EIO;
1431 nfsmerr:
1432 nd->nd_repstat = error;
1433 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_WCCDATA(nd->nd_vers));
1434 if (!error) {
1435 nd->nd_mrep = nmrep.nmc_mhead;
1436 if (nd->nd_vers == NFS_VER3)
1437 nfsm_chain_add_wcc_data(error, nd, &nmrep,
1438 preattrerr, &preattr, postattrerr, &postattr);
1439 }
1440 nfsm_chain_build_done(error, &nmrep);
1441 nd->nd_time = 1;
1442 }
1443
1444 /*
1445 * Add this entry to the hash and time queues.
1446 */
1447 lck_mtx_lock(&slp->ns_wgmutex);
1448 owp = NULL;
1449 wp = slp->ns_tq.lh_first;
1450 while (wp && wp->nd_time < nd->nd_time) {
1451 owp = wp;
1452 wp = wp->nd_tq.le_next;
1453 }
1454 if (owp) {
1455 LIST_INSERT_AFTER(owp, nd, nd_tq);
1456 } else {
1457 LIST_INSERT_HEAD(&slp->ns_tq, nd, nd_tq);
1458 }
1459 if (!error) {
1460 wpp = NWDELAYHASH(slp, nd->nd_fh.nfh_fid);
1461 owp = NULL;
1462 wp = wpp->lh_first;
1463 while (wp && !nfsrv_fhmatch(&nd->nd_fh, &wp->nd_fh)) {
1464 owp = wp;
1465 wp = wp->nd_hash.le_next;
1466 }
1467 while (wp && (wp->nd_off < nd->nd_off) &&
1468 nfsrv_fhmatch(&nd->nd_fh, &wp->nd_fh)) {
1469 owp = wp;
1470 wp = wp->nd_hash.le_next;
1471 }
1472 if (owp) {
1473 LIST_INSERT_AFTER(owp, nd, nd_hash);
1474 /*
1475 * Search the hash list for overlapping entries and
1476 * coalesce.
1477 */
1478 for(; nd && NFSW_CONTIG(owp, nd); nd = wp) {
1479 wp = nd->nd_hash.le_next;
1480 if (NFSW_SAMECRED(owp, nd))
1481 nfsrv_wg_coalesce(owp, nd);
1482 }
1483 } else {
1484 LIST_INSERT_HEAD(wpp, nd, nd_hash);
1485 }
1486 }
1487 } else {
1488 lck_mtx_lock(&slp->ns_wgmutex);
1489 }
1490
1491 /*
1492 * Now, do VNOP_WRITE()s for any one(s) that need to be done now
1493 * and generate the associated reply mbuf list(s).
1494 */
1495 loop1:
1496 microuptime(&now);
1497 cur_usec = (u_quad_t)now.tv_sec * 1000000 + (u_quad_t)now.tv_usec;
1498 for (nd = slp->ns_tq.lh_first; nd; nd = owp) {
1499 owp = nd->nd_tq.le_next;
1500 if (nd->nd_time > cur_usec)
1501 break;
1502 if (nd->nd_mrep)
1503 continue;
1504 LIST_REMOVE(nd, nd_tq);
1505 LIST_REMOVE(nd, nd_hash);
1506 nmreq = &nd->nd_nmreq;
1507 preattrerr = postattrerr = ENOENT;
1508
1509 /* save the incoming uid before mapping, */
1510 /* for updating active user stats later */
1511 saved_uid = kauth_cred_getuid(nd->nd_cr);
1512
1513 error = nfsrv_fhtovp(&nd->nd_fh, nd, &vp, &nx, &nxo);
1514 if (!error) {
1515 /* update per-export stats */
1516 NFSStatAdd64(&nx->nx_stats.ops, 1);
1517
1518 error = nfsrv_credcheck(nd, ctx, nx, nxo);
1519 if (error)
1520 vnode_put(vp);
1521 }
1522 if (!error) {
1523 if (nd->nd_vers == NFS_VER3) {
1524 nfsm_srv_pre_vattr_init(&preattr);
1525 preattrerr = vnode_getattr(vp, &preattr, ctx);
1526 }
1527 if (vnode_vtype(vp) != VREG) {
1528 if (nd->nd_vers == NFS_VER3)
1529 error = EINVAL;
1530 else
1531 error = (vnode_vtype(vp) == VDIR) ? EISDIR : EACCES;
1532 }
1533 } else
1534 vp = NULL;
1535 if (!error)
1536 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_WRITE_DATA, ctx, nxo, 1);
1537
1538 if (nd->nd_stable == NFS_WRITE_UNSTABLE)
1539 ioflags = IO_NODELOCKED;
1540 else if (nd->nd_stable == NFS_WRITE_DATASYNC)
1541 ioflags = (IO_SYNC | IO_NODELOCKED);
1542 else
1543 ioflags = (IO_METASYNC | IO_SYNC | IO_NODELOCKED);
1544
1545 if (!error && ((nd->nd_eoff - nd->nd_off) > 0)) {
1546 for (i=0, m=nmreq->nmc_mhead; m; m = mbuf_next(m))
1547 if (mbuf_len(m) > 0)
1548 i++;
1549
1550 MALLOC(uio_bufp, char *, UIO_SIZEOF(i), M_TEMP, M_WAITOK);
1551 if (uio_bufp)
1552 auio = uio_createwithbuffer(i, nd->nd_off, UIO_SYSSPACE,
1553 UIO_WRITE, uio_bufp, UIO_SIZEOF(i));
1554 if (!uio_bufp || !auio)
1555 error = ENOMEM;
1556 if (!error) {
1557 for (m = nmreq->nmc_mhead; m; m = mbuf_next(m))
1558 if ((tlen = mbuf_len(m)) > 0)
1559 uio_addiov(auio, CAST_USER_ADDR_T((caddr_t)mbuf_data(m)), tlen);
1560 error = VNOP_WRITE(vp, auio, ioflags, ctx);
1561 OSAddAtomic(1, &nfsstats.srvvop_writes);
1562
1563 /* update export stats */
1564 NFSStatAdd64(&nx->nx_stats.bytes_written, nd->nd_len);
1565 /* update active user stats */
1566 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, nd->nd_len);
1567
1568 #if CONFIG_FSE
1569 if (nfsrv_fsevents_enabled && !error && need_fsevent(FSE_CONTENT_MODIFIED, vp))
1570 nfsrv_modified(vp, ctx);
1571 #endif
1572 }
1573 if (uio_bufp) {
1574 FREE(uio_bufp, M_TEMP);
1575 uio_bufp = NULL;
1576 }
1577 }
1578 if (vp) {
1579 nfsm_srv_vattr_init(&postattr, nd->nd_vers);
1580 postattrerr = vnode_getattr(vp, &postattr, ctx);
1581 vnode_put(vp);
1582 }
1583
1584 /*
1585 * Loop around generating replies for all write rpcs that have
1586 * now been completed.
1587 */
1588 swp = nd;
1589 do {
1590 if (error) {
1591 nd->nd_repstat = error;
1592 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_WCCDATA(nd->nd_vers));
1593 if (!error && (nd->nd_vers == NFS_VER3)) {
1594 nfsm_chain_add_wcc_data(error, nd, &nmrep,
1595 preattrerr, &preattr, postattrerr, &postattr);
1596 }
1597 } else {
1598 nd->nd_repstat = error;
1599 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_PREOPATTR(nd->nd_vers) +
1600 NFSX_POSTOPORFATTR(nd->nd_vers) + 2 * NFSX_UNSIGNED +
1601 NFSX_WRITEVERF(nd->nd_vers));
1602 if (!error && (nd->nd_vers == NFS_VER3)) {
1603 nfsm_chain_add_wcc_data(error, nd, &nmrep,
1604 preattrerr, &preattr, postattrerr, &postattr);
1605 nfsm_chain_add_32(error, &nmrep, nd->nd_len);
1606 nfsm_chain_add_32(error, &nmrep, nd->nd_stable);
1607 /* write verifier */
1608 nfsm_chain_add_32(error, &nmrep, nx->nx_exptime.tv_sec);
1609 nfsm_chain_add_32(error, &nmrep, nx->nx_exptime.tv_usec);
1610 } else if (!error) {
1611 error = nfsm_chain_add_fattr(nd, &nmrep, &postattr);
1612 }
1613 }
1614 nfsm_chain_build_done(error, &nmrep);
1615 nfsmerr_if(error);
1616 nd->nd_mrep = nmrep.nmc_mhead;
1617
1618 /*
1619 * Done. Put it at the head of the timer queue so that
1620 * the final phase can return the reply.
1621 */
1622 if (nd != swp) {
1623 nd->nd_time = 1;
1624 LIST_INSERT_HEAD(&slp->ns_tq, nd, nd_tq);
1625 }
1626 nd = swp->nd_coalesce.lh_first;
1627 if (nd) {
1628 LIST_REMOVE(nd, nd_tq);
1629 }
1630 } while (nd);
1631 swp->nd_time = 1;
1632 LIST_INSERT_HEAD(&slp->ns_tq, swp, nd_tq);
1633 goto loop1;
1634 }
1635
1636 /*
1637 * Search for a reply to return.
1638 */
1639 for (nd = slp->ns_tq.lh_first; nd; nd = nd->nd_tq.le_next)
1640 if (nd->nd_mrep) {
1641 LIST_REMOVE(nd, nd_tq);
1642 *mrepp = nd->nd_mrep;
1643 *ndp = nd;
1644 break;
1645 }
1646 slp->ns_wgtime = slp->ns_tq.lh_first ? slp->ns_tq.lh_first->nd_time : 0;
1647 lck_mtx_unlock(&slp->ns_wgmutex);
1648
1649 /*
1650 * If we've just created a write pending gather,
1651 * start the timer to check on it soon to make sure
1652 * the write will be completed.
1653 *
1654 * Add/Remove the socket in the nfsrv_sockwg queue as needed.
1655 */
1656 lck_mtx_lock(nfsd_mutex);
1657 if (slp->ns_wgtime) {
1658 if (slp->ns_wgq.tqe_next == SLPNOLIST) {
1659 TAILQ_INSERT_HEAD(&nfsrv_sockwg, slp, ns_wgq);
1660 }
1661 if (!nfsrv_wg_timer_on) {
1662 nfsrv_wg_timer_on = 1;
1663 nfs_interval_timer_start(nfsrv_wg_timer_call,
1664 NFSRV_WGATHERDELAY);
1665 }
1666 } else if (slp->ns_wgq.tqe_next != SLPNOLIST) {
1667 TAILQ_REMOVE(&nfsrv_sockwg, slp, ns_wgq);
1668 slp->ns_wgq.tqe_next = SLPNOLIST;
1669 }
1670 lck_mtx_unlock(nfsd_mutex);
1671
1672 return (0);
1673 }
1674
1675 /*
1676 * Coalesce the write request nd into owp. To do this we must:
1677 * - remove nd from the queues
1678 * - merge nd->nd_nmreq into owp->nd_nmreq
1679 * - update the nd_eoff and nd_stable for owp
1680 * - put nd on owp's nd_coalesce list
1681 */
1682 int
1683 nfsrv_wg_coalesce(struct nfsrv_descript *owp, struct nfsrv_descript *nd)
1684 {
1685 int overlap, error;
1686 mbuf_t mp, mpnext;
1687 struct nfsrv_descript *p;
1688
1689 LIST_REMOVE(nd, nd_hash);
1690 LIST_REMOVE(nd, nd_tq);
1691 if (owp->nd_eoff < nd->nd_eoff) {
1692 overlap = owp->nd_eoff - nd->nd_off;
1693 if (overlap < 0)
1694 return (EIO);
1695 if (overlap > 0)
1696 mbuf_adj(nd->nd_nmreq.nmc_mhead, overlap);
1697 mp = owp->nd_nmreq.nmc_mhead;
1698 while ((mpnext = mbuf_next(mp)))
1699 mp = mpnext;
1700 error = mbuf_setnext(mp, nd->nd_nmreq.nmc_mhead);
1701 if (error)
1702 return (error);
1703 owp->nd_eoff = nd->nd_eoff;
1704 } else {
1705 mbuf_freem(nd->nd_nmreq.nmc_mhead);
1706 }
1707 nd->nd_nmreq.nmc_mhead = NULL;
1708 nd->nd_nmreq.nmc_mcur = NULL;
1709 if (nd->nd_stable == NFS_WRITE_FILESYNC)
1710 owp->nd_stable = NFS_WRITE_FILESYNC;
1711 else if ((nd->nd_stable == NFS_WRITE_DATASYNC) &&
1712 (owp->nd_stable == NFS_WRITE_UNSTABLE))
1713 owp->nd_stable = NFS_WRITE_DATASYNC;
1714 LIST_INSERT_HEAD(&owp->nd_coalesce, nd, nd_tq);
1715
1716 /*
1717 * If nd had anything else coalesced into it, transfer them
1718 * to owp, otherwise their replies will never get sent.
1719 */
1720 while ((p = nd->nd_coalesce.lh_first)) {
1721 LIST_REMOVE(p, nd_tq);
1722 LIST_INSERT_HEAD(&owp->nd_coalesce, p, nd_tq);
1723 }
1724 return (0);
1725 }
1726
1727 /*
1728 * Scan the write gathering queues for writes that need to be
1729 * completed now.
1730 */
1731 void
1732 nfsrv_wg_timer(__unused void *param0, __unused void *param1)
1733 {
1734 struct timeval now;
1735 uint64_t cur_usec, next_usec;
1736 int interval;
1737 struct nfsrv_sock *slp;
1738 int writes_pending = 0;
1739
1740 microuptime(&now);
1741 cur_usec = (uint64_t)now.tv_sec * 1000000 + (uint64_t)now.tv_usec;
1742 next_usec = cur_usec + (NFSRV_WGATHERDELAY * 1000);
1743
1744 lck_mtx_lock(nfsd_mutex);
1745 TAILQ_FOREACH(slp, &nfsrv_sockwg, ns_wgq) {
1746 if (slp->ns_wgtime) {
1747 writes_pending++;
1748 if (slp->ns_wgtime <= cur_usec) {
1749 lck_rw_lock_exclusive(&slp->ns_rwlock);
1750 slp->ns_flag |= SLP_DOWRITES;
1751 lck_rw_done(&slp->ns_rwlock);
1752 nfsrv_wakenfsd(slp);
1753 continue;
1754 }
1755 if (slp->ns_wgtime < next_usec)
1756 next_usec = slp->ns_wgtime;
1757 }
1758 }
1759
1760 if (writes_pending == 0) {
1761 nfsrv_wg_timer_on = 0;
1762 lck_mtx_unlock(nfsd_mutex);
1763 return;
1764 }
1765 lck_mtx_unlock(nfsd_mutex);
1766
1767 /*
1768 * Return the number of msec to wait again
1769 */
1770 interval = (next_usec - cur_usec) / 1000;
1771 if (interval < 1)
1772 interval = 1;
1773 nfs_interval_timer_start(nfsrv_wg_timer_call, interval);
1774 }
1775
1776 /*
1777 * Sort the group list in increasing numerical order.
1778 * (Insertion sort by Chris Torek, who was grossed out by the bubble sort
1779 * that used to be here.)
1780 */
1781 void
1782 nfsrv_group_sort(gid_t *list, int num)
1783 {
1784 int i, j;
1785 gid_t v;
1786
1787 /* Insertion sort. */
1788 for (i = 1; i < num; i++) {
1789 v = list[i];
1790 /* find correct slot for value v, moving others up */
1791 for (j = i; --j >= 0 && v < list[j];)
1792 list[j + 1] = list[j];
1793 list[j + 1] = v;
1794 }
1795 }
1796
1797 /*
1798 * nfs create service
1799 * now does a truncate to 0 length via. setattr if it already exists
1800 */
1801 int
1802 nfsrv_create(
1803 struct nfsrv_descript *nd,
1804 struct nfsrv_sock *slp,
1805 vfs_context_t ctx,
1806 mbuf_t *mrepp)
1807 {
1808 struct vnode_attr dpreattr, dpostattr, postattr;
1809 struct vnode_attr va, *vap = &va;
1810 struct nameidata ni;
1811 int error, rdev, dpreattrerr, dpostattrerr, postattrerr;
1812 int how, exclusive_flag;
1813 uint32_t len = 0, cnflags;
1814 vnode_t vp, dvp, dirp;
1815 struct nfs_filehandle nfh;
1816 struct nfs_export *nx = NULL;
1817 struct nfs_export_options *nxo;
1818 u_quad_t tempsize;
1819 u_char cverf[NFSX_V3CREATEVERF];
1820 uid_t saved_uid;
1821 struct nfsm_chain *nmreq, nmrep;
1822
1823 error = 0;
1824 dpreattrerr = dpostattrerr = postattrerr = ENOENT;
1825 nmreq = &nd->nd_nmreq;
1826 nfsm_chain_null(&nmrep);
1827 vp = dvp = dirp = NULL;
1828 exclusive_flag = 0;
1829 ni.ni_cnd.cn_nameiop = 0;
1830 rdev = 0;
1831
1832 /*
1833 * Save the original credential UID in case they are
1834 * mapped and we need to map the IDs in the attributes.
1835 */
1836 saved_uid = kauth_cred_getuid(nd->nd_cr);
1837
1838 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
1839 nfsm_chain_get_32(error, nmreq, len);
1840 nfsm_name_len_check(error, nd, len);
1841 nfsmerr_if(error);
1842
1843 ni.ni_cnd.cn_nameiop = CREATE;
1844 ni.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
1845 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
1846 if (!error) {
1847 error = nfsrv_namei(nd, ctx, &ni, &nfh, &dirp, &nx, &nxo);
1848 if (nx != NULL) {
1849 /* update export stats */
1850 NFSStatAdd64(&nx->nx_stats.ops, 1);
1851
1852 /* update active user stats */
1853 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
1854 }
1855 }
1856 if (dirp) {
1857 if (nd->nd_vers == NFS_VER3) {
1858 nfsm_srv_pre_vattr_init(&dpreattr);
1859 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
1860 } else {
1861 vnode_put(dirp);
1862 dirp = NULL;
1863 }
1864 }
1865
1866 if (error) {
1867 ni.ni_cnd.cn_nameiop = 0;
1868 goto nfsmerr;
1869 }
1870
1871 dvp = ni.ni_dvp;
1872 vp = ni.ni_vp;
1873 VATTR_INIT(vap);
1874
1875 if (nd->nd_vers == NFS_VER3) {
1876 nfsm_chain_get_32(error, nmreq, how);
1877 nfsmerr_if(error);
1878 switch (how) {
1879 case NFS_CREATE_GUARDED:
1880 if (vp) {
1881 error = EEXIST;
1882 break;
1883 }
1884 case NFS_CREATE_UNCHECKED:
1885 error = nfsm_chain_get_sattr(nd, nmreq, vap);
1886 break;
1887 case NFS_CREATE_EXCLUSIVE:
1888 nfsm_chain_get_opaque(error, nmreq, NFSX_V3CREATEVERF, cverf);
1889 exclusive_flag = 1;
1890 if (vp == NULL)
1891 VATTR_SET(vap, va_mode, 0);
1892 break;
1893 };
1894 VATTR_SET(vap, va_type, VREG);
1895 } else {
1896 enum vtype v_type;
1897
1898 error = nfsm_chain_get_sattr(nd, nmreq, vap);
1899 nfsmerr_if(error);
1900 v_type = vap->va_type;
1901 if (v_type == VNON)
1902 v_type = VREG;
1903 VATTR_SET(vap, va_type, v_type);
1904
1905 switch (v_type) {
1906 case VCHR:
1907 case VBLK:
1908 case VFIFO:
1909 rdev = vap->va_data_size;
1910 VATTR_CLEAR_ACTIVE(vap, va_data_size);
1911 break;
1912 default:
1913 break;
1914 };
1915 }
1916 nfsmerr_if(error);
1917
1918 /*
1919 * If it doesn't exist, create it
1920 * otherwise just truncate to 0 length
1921 * should I set the mode too ??
1922 */
1923 if (vp == NULL) {
1924 kauth_acl_t xacl = NULL;
1925
1926 /*
1927 * If the credentials were mapped, we should
1928 * map the same values in the attributes.
1929 */
1930 if ((vap->va_uid == saved_uid) && (kauth_cred_getuid(nd->nd_cr) != saved_uid)) {
1931 int ismember;
1932 VATTR_SET(vap, va_uid, kauth_cred_getuid(nd->nd_cr));
1933 if (kauth_cred_ismember_gid(nd->nd_cr, vap->va_gid, &ismember) || !ismember)
1934 VATTR_SET(vap, va_gid, kauth_cred_getgid(nd->nd_cr));
1935 }
1936
1937 /* authorize before creating */
1938 error = nfsrv_authorize(dvp, NULL, KAUTH_VNODE_ADD_FILE, ctx, nxo, 0);
1939
1940 /* construct ACL and handle inheritance */
1941 if (!error) {
1942 error = kauth_acl_inherit(dvp,
1943 NULL,
1944 &xacl,
1945 0 /* !isdir */,
1946 ctx);
1947
1948 if (!error && xacl != NULL)
1949 VATTR_SET(vap, va_acl, xacl);
1950 }
1951 VATTR_CLEAR_ACTIVE(vap, va_data_size);
1952 VATTR_CLEAR_ACTIVE(vap, va_access_time);
1953
1954 /* validate new-file security information */
1955 if (!error) {
1956 error = vnode_authattr_new(dvp, vap, 0, ctx);
1957 if (error && (VATTR_IS_ACTIVE(vap, va_uid) || VATTR_IS_ACTIVE(vap, va_gid))) {
1958 /*
1959 * Most NFS servers just ignore the UID/GID attributes, so we
1960 * try ignoring them if that'll help the request succeed.
1961 */
1962 VATTR_CLEAR_ACTIVE(vap, va_uid);
1963 VATTR_CLEAR_ACTIVE(vap, va_gid);
1964 error = vnode_authattr_new(dvp, vap, 0, ctx);
1965 }
1966 }
1967
1968 if (vap->va_type == VREG || vap->va_type == VSOCK) {
1969
1970 if (!error)
1971 error = VNOP_CREATE(dvp, &vp, &ni.ni_cnd, vap, ctx);
1972
1973 if (!error && !VATTR_ALL_SUPPORTED(vap))
1974 /*
1975 * If some of the requested attributes weren't handled by the VNOP,
1976 * use our fallback code.
1977 */
1978 error = vnode_setattr_fallback(vp, vap, ctx);
1979
1980 if (xacl != NULL)
1981 kauth_acl_free(xacl);
1982
1983 if (!error) {
1984 if (exclusive_flag) {
1985 exclusive_flag = 0;
1986 VATTR_INIT(vap);
1987 bcopy(cverf, (caddr_t)&vap->va_access_time,
1988 NFSX_V3CREATEVERF);
1989 VATTR_SET_ACTIVE(vap, va_access_time);
1990 // skip authorization, as this is an
1991 // NFS internal implementation detail.
1992 error = vnode_setattr(vp, vap, ctx);
1993 }
1994
1995 #if CONFIG_FSE
1996 if (nfsrv_fsevents_enabled && need_fsevent(FSE_CREATE_FILE, vp)) {
1997 add_fsevent(FSE_CREATE_FILE, ctx,
1998 FSE_ARG_VNODE, vp,
1999 FSE_ARG_DONE);
2000 }
2001 #endif
2002 }
2003
2004 } else if (vap->va_type == VCHR || vap->va_type == VBLK ||
2005 vap->va_type == VFIFO) {
2006 if (vap->va_type == VCHR && rdev == (int)0xffffffff)
2007 VATTR_SET(vap, va_type, VFIFO);
2008 if (vap->va_type != VFIFO) {
2009 error = suser(nd->nd_cr, NULL);
2010 nfsmerr_if(error);
2011 }
2012 VATTR_SET(vap, va_rdev, (dev_t)rdev);
2013
2014 error = VNOP_MKNOD(dvp, &vp, &ni.ni_cnd, vap, ctx);
2015
2016 if (xacl != NULL)
2017 kauth_acl_free(xacl);
2018
2019 nfsmerr_if(error);
2020
2021 if (vp) {
2022 vnode_recycle(vp);
2023 vnode_put(vp);
2024 vp = NULL;
2025 }
2026 ni.ni_cnd.cn_nameiop = LOOKUP;
2027 ni.ni_cnd.cn_flags &= ~LOCKPARENT;
2028 ni.ni_cnd.cn_context = ctx;
2029 ni.ni_startdir = dvp;
2030 ni.ni_usedvp = dvp;
2031 cnflags = ni.ni_cnd.cn_flags; /* store in case we have to restore */
2032 while ((error = lookup(&ni)) == ERECYCLE) {
2033 ni.ni_cnd.cn_flags = cnflags;
2034 ni.ni_cnd.cn_nameptr = ni.ni_cnd.cn_pnbuf;
2035 ni.ni_usedvp = ni.ni_dvp = ni.ni_startdir = dvp;
2036 }
2037 if (!error) {
2038 if (ni.ni_cnd.cn_flags & ISSYMLINK)
2039 error = EINVAL;
2040 vp = ni.ni_vp;
2041 }
2042 nfsmerr_if(error);
2043 } else {
2044 error = ENXIO;
2045 }
2046 /*
2047 * nameidone has to happen before we vnode_put(dvp)
2048 * since it may need to release the fs_nodelock on the dvp
2049 */
2050 nameidone(&ni);
2051 ni.ni_cnd.cn_nameiop = 0;
2052
2053 vnode_put(dvp);
2054 } else {
2055 /*
2056 * nameidone has to happen before we vnode_put(dvp)
2057 * since it may need to release the fs_nodelock on the dvp
2058 */
2059 nameidone(&ni);
2060 ni.ni_cnd.cn_nameiop = 0;
2061
2062 vnode_put(dvp);
2063
2064 if (!error && VATTR_IS_ACTIVE(vap, va_data_size)) {
2065 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_WRITE_DATA,
2066 ctx, nxo, 0);
2067 if (!error) {
2068 tempsize = vap->va_data_size;
2069 VATTR_INIT(vap);
2070 VATTR_SET(vap, va_data_size, tempsize);
2071 error = vnode_setattr(vp, vap, ctx);
2072 }
2073 }
2074 }
2075 if (!error) {
2076 error = nfsrv_vptofh(nx, nd->nd_vers, NULL, vp, ctx, &nfh);
2077 if (!error) {
2078 nfsm_srv_vattr_init(&postattr, nd->nd_vers);
2079 postattrerr = vnode_getattr(vp, &postattr, ctx);
2080 if (nd->nd_vers == NFS_VER2)
2081 error = postattrerr;
2082 }
2083 }
2084 if (vp)
2085 vnode_put(vp);
2086
2087 if (nd->nd_vers == NFS_VER3) {
2088 if (exclusive_flag && !error &&
2089 bcmp(cverf, &postattr.va_access_time, NFSX_V3CREATEVERF))
2090 error = EEXIST;
2091 nfsm_srv_vattr_init(&dpostattr, NFS_VER3);
2092 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
2093 vnode_put(dirp);
2094 dirp = NULL;
2095 }
2096
2097 nfsmerr:
2098 /* assemble reply */
2099 nd->nd_repstat = error;
2100 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_SRVFH(nd->nd_vers, &nfh) +
2101 NFSX_FATTR(nd->nd_vers) + NFSX_WCCDATA(nd->nd_vers));
2102 nfsmout_if(error);
2103 *mrepp = nmrep.nmc_mhead;
2104 nfsmout_on_status(nd, error);
2105 if (nd->nd_vers == NFS_VER3) {
2106 if (!nd->nd_repstat) {
2107 nfsm_chain_add_postop_fh(error, &nmrep, nfh.nfh_fhp, nfh.nfh_len);
2108 nfsm_chain_add_postop_attr(error, nd, &nmrep, postattrerr, &postattr);
2109 }
2110 nfsm_chain_add_wcc_data(error, nd, &nmrep,
2111 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
2112 } else {
2113 nfsm_chain_add_fh(error, &nmrep, NFS_VER2, nfh.nfh_fhp, nfh.nfh_len);
2114 if (!error)
2115 error = nfsm_chain_add_fattr(nd, &nmrep, &postattr);
2116 }
2117 nfsmout:
2118 nfsm_chain_build_done(error, &nmrep);
2119 if (ni.ni_cnd.cn_nameiop) {
2120 /*
2121 * nameidone has to happen before we vnode_put(dvp)
2122 * since it may need to release the fs_nodelock on the dvp
2123 */
2124 nameidone(&ni);
2125
2126 if (vp)
2127 vnode_put(vp);
2128 vnode_put(dvp);
2129 }
2130 if (dirp)
2131 vnode_put(dirp);
2132 if (error) {
2133 nfsm_chain_cleanup(&nmrep);
2134 *mrepp = NULL;
2135 }
2136 return (error);
2137 }
2138
2139 /*
2140 * nfs v3 mknod service
2141 */
2142 int
2143 nfsrv_mknod(
2144 struct nfsrv_descript *nd,
2145 struct nfsrv_sock *slp,
2146 vfs_context_t ctx,
2147 mbuf_t *mrepp)
2148 {
2149 struct vnode_attr dpreattr, dpostattr, postattr;
2150 struct vnode_attr va, *vap = &va;
2151 struct nameidata ni;
2152 int error, dpreattrerr, dpostattrerr, postattrerr;
2153 uint32_t len = 0, cnflags;
2154 u_int32_t major = 0, minor = 0;
2155 enum vtype vtyp;
2156 vnode_t vp, dvp, dirp;
2157 struct nfs_filehandle nfh;
2158 struct nfs_export *nx = NULL;
2159 struct nfs_export_options *nxo;
2160 uid_t saved_uid;
2161 kauth_acl_t xacl = NULL;
2162 struct nfsm_chain *nmreq, nmrep;
2163
2164 error = 0;
2165 dpreattrerr = dpostattrerr = postattrerr = ENOENT;
2166 nmreq = &nd->nd_nmreq;
2167 nfsm_chain_null(&nmrep);
2168 vp = dvp = dirp = NULL;
2169 ni.ni_cnd.cn_nameiop = 0;
2170
2171 /*
2172 * Save the original credential UID in case they are
2173 * mapped and we need to map the IDs in the attributes.
2174 */
2175 saved_uid = kauth_cred_getuid(nd->nd_cr);
2176
2177 nfsm_chain_get_fh_ptr(error, nmreq, NFS_VER3, nfh.nfh_fhp, nfh.nfh_len);
2178 nfsm_chain_get_32(error, nmreq, len);
2179 nfsm_name_len_check(error, nd, len);
2180 nfsmerr_if(error);
2181
2182 ni.ni_cnd.cn_nameiop = CREATE;
2183 ni.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
2184 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
2185 if (!error) {
2186 error = nfsrv_namei(nd, ctx, &ni, &nfh, &dirp, &nx, &nxo);
2187 if (nx != NULL) {
2188 /* update export stats */
2189 NFSStatAdd64(&nx->nx_stats.ops, 1);
2190
2191 /* update active user stats */
2192 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
2193 }
2194 }
2195 if (dirp) {
2196 nfsm_srv_pre_vattr_init(&dpreattr);
2197 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
2198 }
2199 if (error) {
2200 ni.ni_cnd.cn_nameiop = 0;
2201 goto nfsmerr;
2202 }
2203
2204 dvp = ni.ni_dvp;
2205 vp = ni.ni_vp;
2206
2207 nfsm_chain_get_32(error, nmreq, vtyp);
2208 nfsmerr_if(error);
2209 vtyp = nfstov_type(vtyp, NFS_VER3);
2210 if (!error && (vtyp != VCHR) && (vtyp != VBLK) && (vtyp != VSOCK) && (vtyp != VFIFO)) {
2211 error = NFSERR_BADTYPE;
2212 goto out;
2213 }
2214
2215 VATTR_INIT(vap);
2216 error = nfsm_chain_get_sattr(nd, nmreq, vap);
2217 if ((vtyp == VCHR) || (vtyp == VBLK)) {
2218 nfsm_chain_get_32(error, nmreq, major);
2219 nfsm_chain_get_32(error, nmreq, minor);
2220 nfsmerr_if(error);
2221 VATTR_SET(vap, va_rdev, makedev(major, minor));
2222 }
2223 nfsmerr_if(error);
2224
2225 /*
2226 * If it doesn't exist, create it.
2227 */
2228 if (vp) {
2229 error = EEXIST;
2230 goto out;
2231 }
2232 VATTR_SET(vap, va_type, vtyp);
2233
2234 /*
2235 * If the credentials were mapped, we should
2236 * map the same values in the attributes.
2237 */
2238 if ((vap->va_uid == saved_uid) && (kauth_cred_getuid(nd->nd_cr) != saved_uid)) {
2239 int ismember;
2240 VATTR_SET(vap, va_uid, kauth_cred_getuid(nd->nd_cr));
2241 if (kauth_cred_ismember_gid(nd->nd_cr, vap->va_gid, &ismember) || !ismember)
2242 VATTR_SET(vap, va_gid, kauth_cred_getgid(nd->nd_cr));
2243 }
2244
2245 /* authorize before creating */
2246 error = nfsrv_authorize(dvp, NULL, KAUTH_VNODE_ADD_FILE, ctx, nxo, 0);
2247
2248 /* construct ACL and handle inheritance */
2249 if (!error) {
2250 error = kauth_acl_inherit(dvp,
2251 NULL,
2252 &xacl,
2253 0 /* !isdir */,
2254 ctx);
2255
2256 if (!error && xacl != NULL)
2257 VATTR_SET(vap, va_acl, xacl);
2258 }
2259 VATTR_CLEAR_ACTIVE(vap, va_data_size);
2260 VATTR_CLEAR_ACTIVE(vap, va_access_time);
2261
2262 /* validate new-file security information */
2263 if (!error) {
2264 error = vnode_authattr_new(dvp, vap, 0, ctx);
2265 if (error && (VATTR_IS_ACTIVE(vap, va_uid) || VATTR_IS_ACTIVE(vap, va_gid))) {
2266 /*
2267 * Most NFS servers just ignore the UID/GID attributes, so we
2268 * try ignoring them if that'll help the request succeed.
2269 */
2270 VATTR_CLEAR_ACTIVE(vap, va_uid);
2271 VATTR_CLEAR_ACTIVE(vap, va_gid);
2272 error = vnode_authattr_new(dvp, vap, 0, ctx);
2273 }
2274 }
2275 if (error)
2276 goto out1;
2277
2278 if (vtyp == VSOCK) {
2279 error = VNOP_CREATE(dvp, &vp, &ni.ni_cnd, vap, ctx);
2280
2281 if (!error && !VATTR_ALL_SUPPORTED(vap))
2282 /*
2283 * If some of the requested attributes weren't handled by the VNOP,
2284 * use our fallback code.
2285 */
2286 error = vnode_setattr_fallback(vp, vap, ctx);
2287 } else {
2288 if (vtyp != VFIFO && (error = suser(nd->nd_cr, (u_short *)0)))
2289 goto out1;
2290 if ((error = VNOP_MKNOD(dvp, &vp, &ni.ni_cnd, vap, ctx)))
2291 goto out1;
2292 if (vp) {
2293 vnode_recycle(vp);
2294 vnode_put(vp);
2295 vp = NULL;
2296 }
2297 ni.ni_cnd.cn_nameiop = LOOKUP;
2298 ni.ni_cnd.cn_flags &= ~LOCKPARENT;
2299 ni.ni_cnd.cn_context = vfs_context_current();
2300 ni.ni_startdir = dvp;
2301 ni.ni_usedvp = dvp;
2302 cnflags = ni.ni_cnd.cn_flags; /* store in case we have to restore */
2303 while ((error = lookup(&ni)) == ERECYCLE) {
2304 ni.ni_cnd.cn_flags = cnflags;
2305 ni.ni_cnd.cn_nameptr = ni.ni_cnd.cn_pnbuf;
2306 ni.ni_usedvp = ni.ni_dvp = ni.ni_startdir = dvp;
2307 }
2308 if (!error) {
2309 vp = ni.ni_vp;
2310 if (ni.ni_cnd.cn_flags & ISSYMLINK)
2311 error = EINVAL;
2312 }
2313 }
2314 out1:
2315 if (xacl != NULL)
2316 kauth_acl_free(xacl);
2317 out:
2318 /*
2319 * nameidone has to happen before we vnode_put(dvp)
2320 * since it may need to release the fs_nodelock on the dvp
2321 */
2322 nameidone(&ni);
2323 ni.ni_cnd.cn_nameiop = 0;
2324
2325 vnode_put(dvp);
2326 dvp = NULL;
2327
2328 if (!error) {
2329 error = nfsrv_vptofh(nx, NFS_VER3, NULL, vp, ctx, &nfh);
2330 if (!error) {
2331 nfsm_srv_vattr_init(&postattr, NFS_VER3);
2332 postattrerr = vnode_getattr(vp, &postattr, ctx);
2333 }
2334 }
2335 if (vp) {
2336 vnode_put(vp);
2337 vp = NULL;
2338 }
2339
2340 nfsm_srv_vattr_init(&dpostattr, NFS_VER3);
2341 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
2342 vnode_put(dirp);
2343 dirp = NULL;
2344
2345 nfsmerr:
2346 /* assemble reply */
2347 nd->nd_repstat = error;
2348 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_SRVFH(NFS_VER3, &nfh) +
2349 NFSX_POSTOPATTR(NFS_VER3) + NFSX_WCCDATA(NFS_VER3));
2350 nfsmout_if(error);
2351 *mrepp = nmrep.nmc_mhead;
2352 nfsmout_on_status(nd, error);
2353 if (!nd->nd_repstat) {
2354 nfsm_chain_add_postop_fh(error, &nmrep, nfh.nfh_fhp, nfh.nfh_len);
2355 nfsm_chain_add_postop_attr(error, nd, &nmrep, postattrerr, &postattr);
2356 }
2357 nfsm_chain_add_wcc_data(error, nd, &nmrep,
2358 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
2359 nfsmout:
2360 nfsm_chain_build_done(error, &nmrep);
2361 if (ni.ni_cnd.cn_nameiop) {
2362 /*
2363 * nameidone has to happen before we vnode_put(dvp)
2364 * since it may need to release the fs_nodelock on the dvp
2365 */
2366 nameidone(&ni);
2367
2368 if (vp)
2369 vnode_put(vp);
2370 vnode_put(dvp);
2371 }
2372 if (dvp)
2373 vnode_put(dvp);
2374 if (vp)
2375 vnode_put(vp);
2376 if (dirp)
2377 vnode_put(dirp);
2378 if (error) {
2379 nfsm_chain_cleanup(&nmrep);
2380 *mrepp = NULL;
2381 }
2382 return (error);
2383 }
2384
2385 /*
2386 * nfs remove service
2387 */
2388 int
2389 nfsrv_remove(
2390 struct nfsrv_descript *nd,
2391 struct nfsrv_sock *slp,
2392 vfs_context_t ctx,
2393 mbuf_t *mrepp)
2394 {
2395 struct nameidata ni;
2396 int error, dpreattrerr, dpostattrerr;
2397 uint32_t len = 0;
2398 uid_t saved_uid;
2399 vnode_t vp, dvp, dirp = NULL;
2400 struct vnode_attr dpreattr, dpostattr;
2401 struct nfs_filehandle nfh;
2402 struct nfs_export *nx = NULL;
2403 struct nfs_export_options *nxo;
2404 struct nfsm_chain *nmreq, nmrep;
2405
2406 error = 0;
2407 dpreattrerr = dpostattrerr = ENOENT;
2408 saved_uid = kauth_cred_getuid(nd->nd_cr);
2409 dvp = vp = dirp = NULL;
2410 nmreq = &nd->nd_nmreq;
2411 nfsm_chain_null(&nmrep);
2412
2413 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
2414 nfsm_chain_get_32(error, nmreq, len);
2415 nfsm_name_len_check(error, nd, len);
2416 nfsmerr_if(error);
2417
2418 ni.ni_cnd.cn_nameiop = DELETE;
2419 ni.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
2420 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
2421 if (!error) {
2422 error = nfsrv_namei(nd, ctx, &ni, &nfh, &dirp, &nx, &nxo);
2423 if (nx != NULL) {
2424 /* update export stats */
2425 NFSStatAdd64(&nx->nx_stats.ops, 1);
2426
2427 /* update active user stats */
2428 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
2429 }
2430 }
2431 if (dirp) {
2432 if (nd->nd_vers == NFS_VER3) {
2433 nfsm_srv_pre_vattr_init(&dpreattr);
2434 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
2435 } else {
2436 vnode_put(dirp);
2437 dirp = NULL;
2438 }
2439 }
2440
2441 if (!error) {
2442 dvp = ni.ni_dvp;
2443 vp = ni.ni_vp;
2444
2445 if (vnode_vtype(vp) == VDIR)
2446 error = EPERM; /* POSIX */
2447 else if (vnode_isvroot(vp))
2448 /*
2449 * The root of a mounted filesystem cannot be deleted.
2450 */
2451 error = EBUSY;
2452 else
2453 error = nfsrv_authorize(vp, dvp, KAUTH_VNODE_DELETE, ctx, nxo, 0);
2454
2455 if (!error) {
2456 #if CONFIG_FSE
2457 char *path = NULL;
2458 int plen;
2459 fse_info finfo;
2460
2461 if (nfsrv_fsevents_enabled && need_fsevent(FSE_DELETE, dvp)) {
2462 plen = MAXPATHLEN;
2463 if ((path = get_pathbuff()) && !vn_getpath(vp, path, &plen)) {
2464 get_fse_info(vp, &finfo, ctx);
2465 } else if (path) {
2466 release_pathbuff(path);
2467 path = NULL;
2468 }
2469 }
2470 #endif
2471 error = VNOP_REMOVE(dvp, vp, &ni.ni_cnd, 0, ctx);
2472
2473 #if CONFIG_FSE
2474 if (path) {
2475 if (!error)
2476 add_fsevent(FSE_DELETE, ctx,
2477 FSE_ARG_STRING, plen, path,
2478 FSE_ARG_FINFO, &finfo,
2479 FSE_ARG_DONE);
2480 release_pathbuff(path);
2481 }
2482 #endif
2483 }
2484
2485 /*
2486 * nameidone has to happen before we vnode_put(dvp)
2487 * since it may need to release the fs_nodelock on the dvp
2488 */
2489 nameidone(&ni);
2490
2491 vnode_put(vp);
2492 vnode_put(dvp);
2493 }
2494
2495 nfsmerr:
2496 if (dirp) {
2497 nfsm_srv_vattr_init(&dpostattr, nd->nd_vers);
2498 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
2499 vnode_put(dirp);
2500 }
2501
2502 /* assemble reply */
2503 nd->nd_repstat = error;
2504 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_WCCDATA(nd->nd_vers));
2505 nfsmout_if(error);
2506 *mrepp = nmrep.nmc_mhead;
2507 nfsmout_on_status(nd, error);
2508 if (nd->nd_vers == NFS_VER3)
2509 nfsm_chain_add_wcc_data(error, nd, &nmrep,
2510 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
2511 nfsmout:
2512 nfsm_chain_build_done(error, &nmrep);
2513 if (error) {
2514 nfsm_chain_cleanup(&nmrep);
2515 *mrepp = NULL;
2516 }
2517 return (error);
2518 }
2519
2520 /*
2521 * nfs rename service
2522 */
2523 int
2524 nfsrv_rename(
2525 struct nfsrv_descript *nd,
2526 struct nfsrv_sock *slp,
2527 vfs_context_t ctx,
2528 mbuf_t *mrepp)
2529 {
2530 kauth_cred_t saved_cred = NULL;
2531 uid_t saved_uid;
2532 int error;
2533 uint32_t fromlen, tolen;
2534 int fdpreattrerr, fdpostattrerr;
2535 int tdpreattrerr, tdpostattrerr;
2536 char *frompath = NULL, *topath = NULL;
2537 struct nameidata fromni, toni;
2538 vnode_t fvp, tvp, tdvp, fdvp, fdirp, tdirp;
2539 struct vnode_attr fdpreattr, fdpostattr;
2540 struct vnode_attr tdpreattr, tdpostattr;
2541 struct nfs_filehandle fnfh, tnfh;
2542 struct nfs_export *fnx, *tnx;
2543 struct nfs_export_options *fnxo, *tnxo;
2544 enum vtype fvtype, tvtype;
2545 int holding_mntlock;
2546 mount_t locked_mp;
2547 struct nfsm_chain *nmreq, nmrep;
2548 char *from_name, *to_name;
2549 #if CONFIG_FSE
2550 int from_len=0, to_len=0;
2551 fse_info from_finfo, to_finfo;
2552 #endif
2553 u_char didstats = 0;
2554 const char *oname;
2555
2556 error = 0;
2557 fdpreattrerr = fdpostattrerr = ENOENT;
2558 tdpreattrerr = tdpostattrerr = ENOENT;
2559 saved_uid = kauth_cred_getuid(nd->nd_cr);
2560 fromlen = tolen = 0;
2561 frompath = topath = NULL;
2562 fdirp = tdirp = NULL;
2563 nmreq = &nd->nd_nmreq;
2564 nfsm_chain_null(&nmrep);
2565
2566 /*
2567 * these need to be set before calling any code
2568 * that they may take us out through the error path.
2569 */
2570 holding_mntlock = 0;
2571 fvp = tvp = NULL;
2572 fdvp = tdvp = NULL;
2573 locked_mp = NULL;
2574
2575 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, fnfh.nfh_fhp, fnfh.nfh_len);
2576 nfsm_chain_get_32(error, nmreq, fromlen);
2577 nfsm_name_len_check(error, nd, fromlen);
2578 nfsmerr_if(error);
2579 error = nfsm_chain_get_path_namei(nmreq, fromlen, &fromni);
2580 nfsmerr_if(error);
2581 frompath = fromni.ni_cnd.cn_pnbuf;
2582
2583 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, tnfh.nfh_fhp, tnfh.nfh_len);
2584 nfsm_chain_get_32(error, nmreq, tolen);
2585 nfsm_name_len_check(error, nd, tolen);
2586 nfsmerr_if(error);
2587 error = nfsm_chain_get_path_namei(nmreq, tolen, &toni);
2588 nfsmerr_if(error);
2589 topath = toni.ni_cnd.cn_pnbuf;
2590
2591 /*
2592 * Remember our original uid so that we can reset cr_uid before
2593 * the second nfsrv_namei() call, in case it is remapped.
2594 */
2595 saved_cred = nd->nd_cr;
2596 kauth_cred_ref(saved_cred);
2597 retry:
2598 fromni.ni_cnd.cn_nameiop = DELETE;
2599 fromni.ni_cnd.cn_flags = WANTPARENT;
2600
2601 fromni.ni_cnd.cn_pnbuf = frompath;
2602 frompath = NULL;
2603 fromni.ni_cnd.cn_pnlen = MAXPATHLEN;
2604 fromni.ni_cnd.cn_flags |= HASBUF;
2605
2606 error = nfsrv_namei(nd, ctx, &fromni, &fnfh, &fdirp, &fnx, &fnxo);
2607 if (error)
2608 goto out;
2609 fdvp = fromni.ni_dvp;
2610 fvp = fromni.ni_vp;
2611
2612 if (fdirp) {
2613 if (nd->nd_vers == NFS_VER3) {
2614 nfsm_srv_pre_vattr_init(&fdpreattr);
2615 fdpreattrerr = vnode_getattr(fdirp, &fdpreattr, ctx);
2616 } else {
2617 vnode_put(fdirp);
2618 fdirp = NULL;
2619 }
2620 }
2621 fvtype = vnode_vtype(fvp);
2622
2623 /* reset credential if it was remapped */
2624 if (nd->nd_cr != saved_cred) {
2625 kauth_cred_ref(saved_cred);
2626 kauth_cred_unref(&nd->nd_cr);
2627 ctx->vc_ucred = nd->nd_cr = saved_cred;
2628 }
2629
2630 toni.ni_cnd.cn_nameiop = RENAME;
2631 toni.ni_cnd.cn_flags = WANTPARENT;
2632
2633 toni.ni_cnd.cn_pnbuf = topath;
2634 topath = NULL;
2635 toni.ni_cnd.cn_pnlen = MAXPATHLEN;
2636 toni.ni_cnd.cn_flags |= HASBUF;
2637
2638 if (fvtype == VDIR)
2639 toni.ni_cnd.cn_flags |= WILLBEDIR;
2640
2641 tnx = NULL;
2642 error = nfsrv_namei(nd, ctx, &toni, &tnfh, &tdirp, &tnx, &tnxo);
2643 if (error) {
2644 /*
2645 * Translate error code for rename("dir1", "dir2/.").
2646 */
2647 if (error == EISDIR && fvtype == VDIR) {
2648 if (nd->nd_vers == NFS_VER3)
2649 error = EINVAL;
2650 else
2651 error = ENOTEMPTY;
2652 }
2653 goto out;
2654 }
2655 tdvp = toni.ni_dvp;
2656 tvp = toni.ni_vp;
2657
2658 if (!didstats) {
2659 /* update export stats once only */
2660 if (tnx != NULL) {
2661 /* update export stats */
2662 NFSStatAdd64(&tnx->nx_stats.ops, 1);
2663
2664 /* update active user stats */
2665 nfsrv_update_user_stat(tnx, nd, saved_uid, 1, 0, 0);
2666 didstats = 1;
2667 }
2668 }
2669
2670 if (tdirp) {
2671 if (nd->nd_vers == NFS_VER3) {
2672 nfsm_srv_pre_vattr_init(&tdpreattr);
2673 tdpreattrerr = vnode_getattr(tdirp, &tdpreattr, ctx);
2674 } else {
2675 vnode_put(tdirp);
2676 tdirp = NULL;
2677 }
2678 }
2679
2680 if (tvp != NULL) {
2681 tvtype = vnode_vtype(tvp);
2682
2683 if (fvtype == VDIR && tvtype != VDIR) {
2684 if (nd->nd_vers == NFS_VER3)
2685 error = EEXIST;
2686 else
2687 error = EISDIR;
2688 goto out;
2689 } else if (fvtype != VDIR && tvtype == VDIR) {
2690 if (nd->nd_vers == NFS_VER3)
2691 error = EEXIST;
2692 else
2693 error = ENOTDIR;
2694 goto out;
2695 }
2696 if (tvtype == VDIR && vnode_mountedhere(tvp)) {
2697 if (nd->nd_vers == NFS_VER3)
2698 error = EXDEV;
2699 else
2700 error = ENOTEMPTY;
2701 goto out;
2702 }
2703 }
2704 if (fvp == tdvp) {
2705 if (nd->nd_vers == NFS_VER3)
2706 error = EINVAL;
2707 else
2708 error = ENOTEMPTY;
2709 goto out;
2710 }
2711
2712 /*
2713 * Authorization.
2714 *
2715 * If tvp is a directory and not the same as fdvp, or tdvp is not the same as fdvp,
2716 * the node is moving between directories and we need rights to remove from the
2717 * old and add to the new.
2718 *
2719 * If tvp already exists and is not a directory, we need to be allowed to delete it.
2720 *
2721 * Note that we do not inherit when renaming. XXX this needs to be revisited to
2722 * implement the deferred-inherit bit.
2723 */
2724 {
2725 int moving = 0;
2726
2727 error = 0;
2728 if ((tvp != NULL) && vnode_isdir(tvp)) {
2729 if (tvp != fdvp)
2730 moving = 1;
2731 } else if (tdvp != fdvp) {
2732 moving = 1;
2733 }
2734 if (moving) {
2735 /* moving out of fdvp, must have delete rights */
2736 if ((error = nfsrv_authorize(fvp, fdvp, KAUTH_VNODE_DELETE, ctx, fnxo, 0)) != 0)
2737 goto auth_exit;
2738 /* moving into tdvp or tvp, must have rights to add */
2739 if ((error = nfsrv_authorize(((tvp != NULL) && vnode_isdir(tvp)) ? tvp : tdvp,
2740 NULL,
2741 vnode_isdir(fvp) ? KAUTH_VNODE_ADD_SUBDIRECTORY : KAUTH_VNODE_ADD_FILE,
2742 ctx, tnxo, 0)) != 0)
2743 goto auth_exit;
2744 } else {
2745 /* node staying in same directory, must be allowed to add new name */
2746 if ((error = nfsrv_authorize(fdvp, NULL,
2747 vnode_isdir(fvp) ? KAUTH_VNODE_ADD_SUBDIRECTORY : KAUTH_VNODE_ADD_FILE,
2748 ctx, fnxo, 0)) != 0)
2749 goto auth_exit;
2750 }
2751 /* overwriting tvp */
2752 if ((tvp != NULL) && !vnode_isdir(tvp) &&
2753 ((error = nfsrv_authorize(tvp, tdvp, KAUTH_VNODE_DELETE, ctx, tnxo, 0)) != 0))
2754 goto auth_exit;
2755
2756 /* XXX more checks? */
2757
2758 auth_exit:
2759 /* authorization denied */
2760 if (error != 0)
2761 goto out;
2762 }
2763
2764 if ((vnode_mount(fvp) != vnode_mount(tdvp)) ||
2765 (tvp && (vnode_mount(fvp) != vnode_mount(tvp)))) {
2766 if (nd->nd_vers == NFS_VER3)
2767 error = EXDEV;
2768 else
2769 error = ENOTEMPTY;
2770 goto out;
2771 }
2772 /*
2773 * The following edge case is caught here:
2774 * (to cannot be a descendent of from)
2775 *
2776 * o fdvp
2777 * /
2778 * /
2779 * o fvp
2780 * \
2781 * \
2782 * o tdvp
2783 * /
2784 * /
2785 * o tvp
2786 */
2787 if (tdvp->v_parent == fvp) {
2788 if (nd->nd_vers == NFS_VER3)
2789 error = EXDEV;
2790 else
2791 error = ENOTEMPTY;
2792 goto out;
2793 }
2794 if (fvtype == VDIR && vnode_mountedhere(fvp)) {
2795 if (nd->nd_vers == NFS_VER3)
2796 error = EXDEV;
2797 else
2798 error = ENOTEMPTY;
2799 goto out;
2800 }
2801 /*
2802 * If source is the same as the destination (that is the
2803 * same vnode) then there is nothing to do...
2804 * EXCEPT if the underlying file system supports case
2805 * insensitivity and is case preserving. In this case
2806 * the file system needs to handle the special case of
2807 * getting the same vnode as target (fvp) and source (tvp).
2808 *
2809 * Only file systems that support pathconf selectors _PC_CASE_SENSITIVE
2810 * and _PC_CASE_PRESERVING can have this exception, and they need to
2811 * handle the special case of getting the same vnode as target and
2812 * source. NOTE: Then the target is unlocked going into vnop_rename,
2813 * so not to cause locking problems. There is a single reference on tvp.
2814 *
2815 * NOTE - that fvp == tvp also occurs if they are hard linked - NOTE
2816 * that correct behaviour then is just to remove the source (link)
2817 */
2818 if ((fvp == tvp) && (fdvp == tdvp)) {
2819 if (fromni.ni_cnd.cn_namelen == toni.ni_cnd.cn_namelen &&
2820 !bcmp(fromni.ni_cnd.cn_nameptr, toni.ni_cnd.cn_nameptr,
2821 fromni.ni_cnd.cn_namelen)) {
2822 goto out;
2823 }
2824 }
2825
2826 if (holding_mntlock && vnode_mount(fvp) != locked_mp) {
2827 /*
2828 * we're holding a reference and lock
2829 * on locked_mp, but it no longer matches
2830 * what we want to do... so drop our hold
2831 */
2832 mount_unlock_renames(locked_mp);
2833 mount_drop(locked_mp, 0);
2834 holding_mntlock = 0;
2835 }
2836 if (tdvp != fdvp && fvtype == VDIR) {
2837 /*
2838 * serialize renames that re-shape
2839 * the tree... if holding_mntlock is
2840 * set, then we're ready to go...
2841 * otherwise we
2842 * first need to drop the iocounts
2843 * we picked up, second take the
2844 * lock to serialize the access,
2845 * then finally start the lookup
2846 * process over with the lock held
2847 */
2848 if (!holding_mntlock) {
2849 /*
2850 * need to grab a reference on
2851 * the mount point before we
2852 * drop all the iocounts... once
2853 * the iocounts are gone, the mount
2854 * could follow
2855 */
2856 locked_mp = vnode_mount(fvp);
2857 mount_ref(locked_mp, 0);
2858
2859 /* make a copy of to path to pass to nfsrv_namei() again */
2860 MALLOC_ZONE(topath, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
2861 if (topath)
2862 bcopy(toni.ni_cnd.cn_pnbuf, topath, tolen + 1);
2863
2864 /*
2865 * nameidone has to happen before we vnode_put(tdvp)
2866 * since it may need to release the fs_nodelock on the tdvp
2867 */
2868 nameidone(&toni);
2869
2870 if (tvp)
2871 vnode_put(tvp);
2872 vnode_put(tdvp);
2873
2874 /* make a copy of from path to pass to nfsrv_namei() again */
2875 MALLOC_ZONE(frompath, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
2876 if (frompath)
2877 bcopy(fromni.ni_cnd.cn_pnbuf, frompath, fromlen + 1);
2878
2879 /*
2880 * nameidone has to happen before we vnode_put(fdvp)
2881 * since it may need to release the fs_nodelock on the fdvp
2882 */
2883 nameidone(&fromni);
2884
2885 vnode_put(fvp);
2886 vnode_put(fdvp);
2887
2888 if (fdirp) {
2889 vnode_put(fdirp);
2890 fdirp = NULL;
2891 }
2892 if (tdirp) {
2893 vnode_put(tdirp);
2894 tdirp = NULL;
2895 }
2896 mount_lock_renames(locked_mp);
2897 holding_mntlock = 1;
2898
2899 fvp = tvp = NULL;
2900 fdvp = tdvp = NULL;
2901
2902 fdpreattrerr = tdpreattrerr = ENOENT;
2903
2904 if (!topath || !frompath) {
2905 /* we couldn't allocate a path, so bail */
2906 error = ENOMEM;
2907 goto out;
2908 }
2909
2910 /* reset credential if it was remapped */
2911 if (nd->nd_cr != saved_cred) {
2912 kauth_cred_ref(saved_cred);
2913 kauth_cred_unref(&nd->nd_cr);
2914 ctx->vc_ucred = nd->nd_cr = saved_cred;
2915 }
2916
2917 goto retry;
2918 }
2919 } else {
2920 /*
2921 * when we dropped the iocounts to take
2922 * the lock, we allowed the identity of
2923 * the various vnodes to change... if they did,
2924 * we may no longer be dealing with a rename
2925 * that reshapes the tree... once we're holding
2926 * the iocounts, the vnodes can't change type
2927 * so we're free to drop the lock at this point
2928 * and continue on
2929 */
2930 if (holding_mntlock) {
2931 mount_unlock_renames(locked_mp);
2932 mount_drop(locked_mp, 0);
2933 holding_mntlock = 0;
2934 }
2935 }
2936
2937 // save these off so we can later verify that fvp is the same
2938 vnode_t oparent;
2939 oname = fvp->v_name;
2940 oparent = fvp->v_parent;
2941
2942 /*
2943 * If generating an fsevent, then
2944 * stash any pre-rename info we may need.
2945 */
2946 #if CONFIG_FSE
2947 if (nfsrv_fsevents_enabled && need_fsevent(FSE_RENAME, fvp)) {
2948 int from_truncated = 0, to_truncated = 0;
2949
2950 get_fse_info(fvp, &from_finfo, ctx);
2951 if (tvp)
2952 get_fse_info(tvp, &to_finfo, ctx);
2953
2954 from_name = get_pathbuff();
2955 if (from_name) {
2956 from_len = safe_getpath(fdvp, fromni.ni_cnd.cn_nameptr, from_name, MAXPATHLEN, &from_truncated);
2957 }
2958
2959 to_name = from_name ? get_pathbuff() : NULL;
2960 if (to_name) {
2961 to_len = safe_getpath(tdvp, toni.ni_cnd.cn_nameptr, to_name, MAXPATHLEN, &to_truncated);
2962 }
2963
2964 if (from_truncated || to_truncated) {
2965 from_finfo.mode |= FSE_TRUNCATED_PATH;
2966 }
2967
2968 } else {
2969 from_name = NULL;
2970 to_name = NULL;
2971 }
2972 #else /* CONFIG_FSE */
2973 from_name = NULL;
2974 to_name = NULL;
2975 #endif /* CONFIG_FSE */
2976
2977 error = VNOP_RENAME(fromni.ni_dvp, fromni.ni_vp, &fromni.ni_cnd,
2978 toni.ni_dvp, toni.ni_vp, &toni.ni_cnd, ctx);
2979 /*
2980 * fix up name & parent pointers. note that we first
2981 * check that fvp has the same name/parent pointers it
2982 * had before the rename call... this is a 'weak' check
2983 * at best...
2984 */
2985 if (oname == fvp->v_name && oparent == fvp->v_parent) {
2986 int update_flags;
2987 update_flags = VNODE_UPDATE_NAME;
2988 if (fdvp != tdvp)
2989 update_flags |= VNODE_UPDATE_PARENT;
2990 vnode_update_identity(fvp, tdvp, toni.ni_cnd.cn_nameptr,
2991 toni.ni_cnd.cn_namelen, toni.ni_cnd.cn_hash, update_flags);
2992 }
2993
2994 /*
2995 * If the rename is OK and we've got the paths
2996 * then add an fsevent.
2997 */
2998 #if CONFIG_FSE
2999 if (nfsrv_fsevents_enabled && !error && from_name && to_name) {
3000 if (tvp) {
3001 add_fsevent(FSE_RENAME, ctx,
3002 FSE_ARG_STRING, from_len, from_name,
3003 FSE_ARG_FINFO, &from_finfo,
3004 FSE_ARG_STRING, to_len, to_name,
3005 FSE_ARG_FINFO, &to_finfo,
3006 FSE_ARG_DONE);
3007 } else {
3008 add_fsevent(FSE_RENAME, ctx,
3009 FSE_ARG_STRING, from_len, from_name,
3010 FSE_ARG_FINFO, &from_finfo,
3011 FSE_ARG_STRING, to_len, to_name,
3012 FSE_ARG_DONE);
3013 }
3014 }
3015 if (from_name)
3016 release_pathbuff(from_name);
3017 if (to_name)
3018 release_pathbuff(to_name);
3019 #endif /* CONFIG_FSE */
3020 from_name = to_name = NULL;
3021
3022 out:
3023 if (holding_mntlock) {
3024 mount_unlock_renames(locked_mp);
3025 mount_drop(locked_mp, 0);
3026 holding_mntlock = 0;
3027 }
3028 if (tdvp) {
3029 /*
3030 * nameidone has to happen before we vnode_put(tdvp)
3031 * since it may need to release the fs_nodelock on the tdvp
3032 */
3033 nameidone(&toni);
3034 if (tvp)
3035 vnode_put(tvp);
3036 vnode_put(tdvp);
3037
3038 tdvp = NULL;
3039 }
3040 if (fdvp) {
3041 /*
3042 * nameidone has to happen before we vnode_put(fdvp)
3043 * since it may need to release the fs_nodelock on the fdvp
3044 */
3045 nameidone(&fromni);
3046
3047 if (fvp)
3048 vnode_put(fvp);
3049 vnode_put(fdvp);
3050
3051 fdvp = NULL;
3052 }
3053 if (fdirp) {
3054 nfsm_srv_vattr_init(&fdpostattr, nd->nd_vers);
3055 fdpostattrerr = vnode_getattr(fdirp, &fdpostattr, ctx);
3056 vnode_put(fdirp);
3057 fdirp = NULL;
3058 }
3059 if (tdirp) {
3060 nfsm_srv_vattr_init(&tdpostattr, nd->nd_vers);
3061 tdpostattrerr = vnode_getattr(tdirp, &tdpostattr, ctx);
3062 vnode_put(tdirp);
3063 tdirp = NULL;
3064 }
3065
3066 nfsmerr:
3067 /* assemble reply */
3068 nd->nd_repstat = error;
3069 error = nfsrv_rephead(nd, slp, &nmrep, 2 * NFSX_WCCDATA(nd->nd_vers));
3070 nfsmout_if(error);
3071 *mrepp = nmrep.nmc_mhead;
3072 nfsmout_on_status(nd, error);
3073 if (nd->nd_vers == NFS_VER3) {
3074 nfsm_chain_add_wcc_data(error, nd, &nmrep,
3075 fdpreattrerr, &fdpreattr, fdpostattrerr, &fdpostattr);
3076 nfsm_chain_add_wcc_data(error, nd, &nmrep,
3077 tdpreattrerr, &tdpreattr, tdpostattrerr, &tdpostattr);
3078 }
3079 nfsmout:
3080 nfsm_chain_build_done(error, &nmrep);
3081 if (holding_mntlock) {
3082 mount_unlock_renames(locked_mp);
3083 mount_drop(locked_mp, 0);
3084 }
3085 if (tdvp) {
3086 /*
3087 * nameidone has to happen before we vnode_put(tdvp)
3088 * since it may need to release the fs_nodelock on the tdvp
3089 */
3090 nameidone(&toni);
3091
3092 if (tvp)
3093 vnode_put(tvp);
3094 vnode_put(tdvp);
3095 }
3096 if (fdvp) {
3097 /*
3098 * nameidone has to happen before we vnode_put(fdvp)
3099 * since it may need to release the fs_nodelock on the fdvp
3100 */
3101 nameidone(&fromni);
3102
3103 if (fvp)
3104 vnode_put(fvp);
3105 vnode_put(fdvp);
3106 }
3107 if (fdirp)
3108 vnode_put(fdirp);
3109 if (tdirp)
3110 vnode_put(tdirp);
3111 if (frompath)
3112 FREE_ZONE(frompath, MAXPATHLEN, M_NAMEI);
3113 if (topath)
3114 FREE_ZONE(topath, MAXPATHLEN, M_NAMEI);
3115 if (saved_cred)
3116 kauth_cred_unref(&saved_cred);
3117 if (error) {
3118 nfsm_chain_cleanup(&nmrep);
3119 *mrepp = NULL;
3120 }
3121 return (error);
3122 }
3123
3124 /*
3125 * nfs link service
3126 */
3127 int
3128 nfsrv_link(
3129 struct nfsrv_descript *nd,
3130 struct nfsrv_sock *slp,
3131 vfs_context_t ctx,
3132 mbuf_t *mrepp)
3133 {
3134 struct nameidata ni;
3135 int error, dpreattrerr, dpostattrerr, attrerr;
3136 uint32_t len = 0;
3137 vnode_t vp, xp, dvp, dirp;
3138 struct vnode_attr dpreattr, dpostattr, attr;
3139 struct nfs_filehandle nfh, dnfh;
3140 struct nfs_export *nx;
3141 struct nfs_export_options *nxo;
3142 struct nfsm_chain *nmreq, nmrep;
3143
3144 error = 0;
3145 dpreattrerr = dpostattrerr = attrerr = ENOENT;
3146 vp = xp = dvp = dirp = NULL;
3147 nmreq = &nd->nd_nmreq;
3148 nfsm_chain_null(&nmrep);
3149
3150 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
3151 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, dnfh.nfh_fhp, dnfh.nfh_len);
3152 nfsm_chain_get_32(error, nmreq, len);
3153 nfsm_name_len_check(error, nd, len);
3154 nfsmerr_if(error);
3155 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
3156 nfsmerr_if(error);
3157
3158 /* update export stats */
3159 NFSStatAdd64(&nx->nx_stats.ops, 1);
3160
3161 /* update active user stats */
3162 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
3163
3164 error = nfsrv_credcheck(nd, ctx, nx, nxo);
3165 nfsmerr_if(error);
3166
3167 /* we're not allowed to link to directories... */
3168 if (vnode_vtype(vp) == VDIR) {
3169 error = EPERM; /* POSIX */
3170 goto out;
3171 }
3172
3173 /* ...or to anything that kauth doesn't want us to (eg. immutable items) */
3174 if ((error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_LINKTARGET, ctx, nxo, 0)) != 0)
3175 goto out;
3176
3177 ni.ni_cnd.cn_nameiop = CREATE;
3178 ni.ni_cnd.cn_flags = LOCKPARENT;
3179 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
3180 if (!error)
3181 error = nfsrv_namei(nd, ctx, &ni, &dnfh, &dirp, &nx, &nxo);
3182 if (dirp) {
3183 if (nd->nd_vers == NFS_VER3) {
3184 nfsm_srv_pre_vattr_init(&dpreattr);
3185 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
3186 } else {
3187 vnode_put(dirp);
3188 dirp = NULL;
3189 }
3190 }
3191 if (error)
3192 goto out;
3193 dvp = ni.ni_dvp;
3194 xp = ni.ni_vp;
3195
3196 if (xp != NULL)
3197 error = EEXIST;
3198 else if (vnode_mount(vp) != vnode_mount(dvp))
3199 error = EXDEV;
3200 else
3201 error = nfsrv_authorize(dvp, NULL, KAUTH_VNODE_ADD_FILE, ctx, nxo, 0);
3202
3203 if (!error)
3204 error = VNOP_LINK(vp, dvp, &ni.ni_cnd, ctx);
3205
3206 #if CONFIG_FSE
3207 if (nfsrv_fsevents_enabled && !error && need_fsevent(FSE_CREATE_FILE, dvp)) {
3208 char *target_path = NULL;
3209 int plen, truncated=0;
3210 fse_info finfo;
3211
3212 /* build the path to the new link file */
3213 target_path = get_pathbuff();
3214 if (target_path) {
3215 plen = safe_getpath(dvp, ni.ni_cnd.cn_nameptr, target_path, MAXPATHLEN, &truncated);
3216
3217 if (get_fse_info(vp, &finfo, ctx) == 0) {
3218 if (truncated) {
3219 finfo.mode |= FSE_TRUNCATED_PATH;
3220 }
3221 add_fsevent(FSE_CREATE_FILE, ctx,
3222 FSE_ARG_STRING, plen, target_path,
3223 FSE_ARG_FINFO, &finfo,
3224 FSE_ARG_DONE);
3225 }
3226
3227 release_pathbuff(target_path);
3228 }
3229 }
3230 #endif
3231
3232 /*
3233 * nameidone has to happen before we vnode_put(dvp)
3234 * since it may need to release the fs_nodelock on the dvp
3235 */
3236 nameidone(&ni);
3237
3238 if (xp)
3239 vnode_put(xp);
3240 vnode_put(dvp);
3241 out:
3242 if (nd->nd_vers == NFS_VER3) {
3243 nfsm_srv_vattr_init(&attr, NFS_VER3);
3244 attrerr = vnode_getattr(vp, &attr, ctx);
3245 }
3246 if (dirp) {
3247 nfsm_srv_vattr_init(&dpostattr, nd->nd_vers);
3248 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
3249 vnode_put(dirp);
3250 dirp = NULL;
3251 }
3252 vnode_put(vp);
3253 vp = NULL;
3254
3255 nfsmerr:
3256 /* assemble reply */
3257 nd->nd_repstat = error;
3258 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(nd->nd_vers) + NFSX_WCCDATA(nd->nd_vers));
3259 nfsmout_if(error);
3260 *mrepp = nmrep.nmc_mhead;
3261 nfsmout_on_status(nd, error);
3262 if (nd->nd_vers == NFS_VER3) {
3263 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
3264 nfsm_chain_add_wcc_data(error, nd, &nmrep,
3265 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
3266 }
3267 nfsmout:
3268 nfsm_chain_build_done(error, &nmrep);
3269 if (vp)
3270 vnode_put(vp);
3271 if (error) {
3272 nfsm_chain_cleanup(&nmrep);
3273 *mrepp = NULL;
3274 }
3275 return (error);
3276 }
3277
3278 /*
3279 * nfs symbolic link service
3280 */
3281 int
3282 nfsrv_symlink(
3283 struct nfsrv_descript *nd,
3284 struct nfsrv_sock *slp,
3285 vfs_context_t ctx,
3286 mbuf_t *mrepp)
3287 {
3288 struct vnode_attr dpreattr, dpostattr, postattr;
3289 struct vnode_attr va, *vap = &va;
3290 struct nameidata ni;
3291 int error, dpreattrerr, dpostattrerr, postattrerr;
3292 uint32_t len = 0, linkdatalen, cnflags;
3293 uid_t saved_uid;
3294 char *linkdata;
3295 vnode_t vp, dvp, dirp;
3296 struct nfs_filehandle nfh;
3297 struct nfs_export *nx = NULL;
3298 struct nfs_export_options *nxo;
3299 uio_t auio = NULL;
3300 char uio_buf[ UIO_SIZEOF(1) ];
3301 struct nfsm_chain *nmreq, nmrep;
3302
3303 error = 0;
3304 dpreattrerr = dpostattrerr = postattrerr = ENOENT;
3305 nmreq = &nd->nd_nmreq;
3306 nfsm_chain_null(&nmrep);
3307 linkdata = NULL;
3308 dirp = NULL;
3309
3310 /*
3311 * Save the original credential UID in case they are
3312 * mapped and we need to map the IDs in the attributes.
3313 */
3314 saved_uid = kauth_cred_getuid(nd->nd_cr);
3315
3316 ni.ni_cnd.cn_nameiop = 0;
3317 vp = dvp = NULL;
3318
3319 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
3320 nfsm_chain_get_32(error, nmreq, len);
3321 nfsm_name_len_check(error, nd, len);
3322 nfsmerr_if(error);
3323
3324 ni.ni_cnd.cn_nameiop = CREATE;
3325 ni.ni_cnd.cn_flags = LOCKPARENT;
3326 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
3327 if (!error) {
3328 error = nfsrv_namei(nd, ctx, &ni, &nfh, &dirp, &nx, &nxo);
3329 if (nx != NULL) {
3330 /* update export stats */
3331 NFSStatAdd64(&nx->nx_stats.ops, 1);
3332
3333 /* update active user stats */
3334 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
3335 }
3336 }
3337 if (dirp) {
3338 if (nd->nd_vers == NFS_VER3) {
3339 nfsm_srv_pre_vattr_init(&dpreattr);
3340 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
3341 } else {
3342 vnode_put(dirp);
3343 dirp = NULL;
3344 }
3345 }
3346 if (error) {
3347 ni.ni_cnd.cn_nameiop = 0;
3348 goto out1;
3349 }
3350 dvp = ni.ni_dvp;
3351 vp = ni.ni_vp;
3352
3353 VATTR_INIT(vap);
3354 if (nd->nd_vers == NFS_VER3)
3355 error = nfsm_chain_get_sattr(nd, nmreq, vap);
3356 nfsm_chain_get_32(error, nmreq, linkdatalen);
3357 if (!error && (((nd->nd_vers == NFS_VER2) && (linkdatalen > NFS_MAXPATHLEN)) ||
3358 ((nd->nd_vers == NFS_VER3) && (linkdatalen > MAXPATHLEN))))
3359 error = NFSERR_NAMETOL;
3360 nfsmerr_if(error);
3361 MALLOC(linkdata, caddr_t, linkdatalen + 1, M_TEMP, M_WAITOK);
3362 if (linkdata)
3363 auio = uio_createwithbuffer(1, 0, UIO_SYSSPACE, UIO_READ,
3364 &uio_buf[0], sizeof(uio_buf));
3365 if (!linkdata || !auio) {
3366 error = ENOMEM;
3367 goto out;
3368 }
3369 uio_addiov(auio, CAST_USER_ADDR_T(linkdata), linkdatalen);
3370 error = nfsm_chain_get_uio(nmreq, linkdatalen, auio);
3371 if (!error && (nd->nd_vers == NFS_VER2))
3372 error = nfsm_chain_get_sattr(nd, nmreq, vap);
3373 nfsmerr_if(error);
3374 *(linkdata + linkdatalen) = '\0';
3375 if (vp) {
3376 error = EEXIST;
3377 goto out;
3378 }
3379
3380 /*
3381 * If the credentials were mapped, we should
3382 * map the same values in the attributes.
3383 */
3384 if ((vap->va_uid == saved_uid) && (kauth_cred_getuid(nd->nd_cr) != saved_uid)) {
3385 int ismember;
3386 VATTR_SET(vap, va_uid, kauth_cred_getuid(nd->nd_cr));
3387 if (kauth_cred_ismember_gid(nd->nd_cr, vap->va_gid, &ismember) || !ismember)
3388 VATTR_SET(vap, va_gid, kauth_cred_getgid(nd->nd_cr));
3389 }
3390 VATTR_SET(vap, va_type, VLNK);
3391 VATTR_CLEAR_ACTIVE(vap, va_data_size);
3392 VATTR_CLEAR_ACTIVE(vap, va_access_time);
3393
3394 /* authorize before creating */
3395 error = nfsrv_authorize(dvp, NULL, KAUTH_VNODE_ADD_FILE, ctx, nxo, 0);
3396
3397 /* validate given attributes */
3398 if (!error) {
3399 error = vnode_authattr_new(dvp, vap, 0, ctx);
3400 if (error && (VATTR_IS_ACTIVE(vap, va_uid) || VATTR_IS_ACTIVE(vap, va_gid))) {
3401 /*
3402 * Most NFS servers just ignore the UID/GID attributes, so we
3403 * try ignoring them if that'll help the request succeed.
3404 */
3405 VATTR_CLEAR_ACTIVE(vap, va_uid);
3406 VATTR_CLEAR_ACTIVE(vap, va_gid);
3407 error = vnode_authattr_new(dvp, vap, 0, ctx);
3408 }
3409 }
3410 if (!error)
3411 error = VNOP_SYMLINK(dvp, &vp, &ni.ni_cnd, vap, linkdata, ctx);
3412
3413 if (!error && (nd->nd_vers == NFS_VER3)) {
3414 if (vp == NULL) {
3415 ni.ni_cnd.cn_nameiop = LOOKUP;
3416 ni.ni_cnd.cn_flags &= ~(LOCKPARENT | FOLLOW);
3417 ni.ni_cnd.cn_flags |= (NOFOLLOW | LOCKLEAF);
3418 ni.ni_cnd.cn_context = ctx;
3419 ni.ni_startdir = dvp;
3420 ni.ni_usedvp = dvp;
3421 cnflags = ni.ni_cnd.cn_flags; /* store in case we have to restore */
3422 while ((error = lookup(&ni)) == ERECYCLE) {
3423 ni.ni_cnd.cn_flags = cnflags;
3424 ni.ni_cnd.cn_nameptr = ni.ni_cnd.cn_pnbuf;
3425 ni.ni_usedvp = ni.ni_dvp = ni.ni_startdir = dvp;
3426 }
3427 if (!error)
3428 vp = ni.ni_vp;
3429 }
3430 if (!error) {
3431 error = nfsrv_vptofh(nx, NFS_VER3, NULL, vp, ctx, &nfh);
3432 if (!error) {
3433 nfsm_srv_vattr_init(&postattr, NFS_VER3);
3434 postattrerr = vnode_getattr(vp, &postattr, ctx);
3435 }
3436 }
3437 }
3438
3439 #if CONFIG_FSE
3440 if (nfsrv_fsevents_enabled && !error && vp) {
3441 add_fsevent(FSE_CREATE_FILE, ctx,
3442 FSE_ARG_VNODE, vp,
3443 FSE_ARG_DONE);
3444 }
3445 #endif
3446 out:
3447 /*
3448 * nameidone has to happen before we vnode_put(dvp)
3449 * since it may need to release the fs_nodelock on the dvp
3450 */
3451 nameidone(&ni);
3452 ni.ni_cnd.cn_nameiop = 0;
3453 if (vp)
3454 vnode_put(vp);
3455 vnode_put(dvp);
3456 out1:
3457 if (linkdata) {
3458 FREE(linkdata, M_TEMP);
3459 linkdata = NULL;
3460 }
3461 if (dirp) {
3462 nfsm_srv_vattr_init(&dpostattr, nd->nd_vers);
3463 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
3464 vnode_put(dirp);
3465 dirp = NULL;
3466 }
3467
3468 nfsmerr:
3469 /* assemble reply */
3470 nd->nd_repstat = error;
3471 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_SRVFH(nd->nd_vers, &nfh) +
3472 NFSX_POSTOPATTR(nd->nd_vers) + NFSX_WCCDATA(nd->nd_vers));
3473 nfsmout_if(error);
3474 *mrepp = nmrep.nmc_mhead;
3475 nfsmout_on_status(nd, error);
3476 if (nd->nd_vers == NFS_VER3) {
3477 if (!nd->nd_repstat) {
3478 nfsm_chain_add_postop_fh(error, &nmrep, nfh.nfh_fhp, nfh.nfh_len);
3479 nfsm_chain_add_postop_attr(error, nd, &nmrep, postattrerr, &postattr);
3480 }
3481 nfsm_chain_add_wcc_data(error, nd, &nmrep,
3482 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
3483 }
3484 nfsmout:
3485 nfsm_chain_build_done(error, &nmrep);
3486 if (ni.ni_cnd.cn_nameiop) {
3487 /*
3488 * nameidone has to happen before we vnode_put(dvp)
3489 * since it may need to release the fs_nodelock on the dvp
3490 */
3491 nameidone(&ni);
3492
3493 if (vp)
3494 vnode_put(vp);
3495 vnode_put(dvp);
3496 }
3497 if (dirp)
3498 vnode_put(dirp);
3499 if (linkdata)
3500 FREE(linkdata, M_TEMP);
3501 if (error) {
3502 nfsm_chain_cleanup(&nmrep);
3503 *mrepp = NULL;
3504 }
3505 return (error);
3506 }
3507
3508 /*
3509 * nfs mkdir service
3510 */
3511 int
3512 nfsrv_mkdir(
3513 struct nfsrv_descript *nd,
3514 struct nfsrv_sock *slp,
3515 vfs_context_t ctx,
3516 mbuf_t *mrepp)
3517 {
3518 struct vnode_attr dpreattr, dpostattr, postattr;
3519 struct vnode_attr va, *vap = &va;
3520 struct nameidata ni;
3521 int error, dpreattrerr, dpostattrerr, postattrerr;
3522 uint32_t len = 0;
3523 vnode_t vp, dvp, dirp;
3524 struct nfs_filehandle nfh;
3525 struct nfs_export *nx = NULL;
3526 struct nfs_export_options *nxo;
3527 uid_t saved_uid;
3528 kauth_acl_t xacl = NULL;
3529 struct nfsm_chain *nmreq, nmrep;
3530
3531 error = 0;
3532 dpreattrerr = dpostattrerr = postattrerr = ENOENT;
3533 nmreq = &nd->nd_nmreq;
3534 nfsm_chain_null(&nmrep);
3535
3536 /*
3537 * Save the original credential UID in case they are
3538 * mapped and we need to map the IDs in the attributes.
3539 */
3540 saved_uid = kauth_cred_getuid(nd->nd_cr);
3541
3542 ni.ni_cnd.cn_nameiop = 0;
3543 vp = dvp = dirp = NULL;
3544
3545 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
3546 nfsm_chain_get_32(error, nmreq, len);
3547 nfsm_name_len_check(error, nd, len);
3548 nfsmerr_if(error);
3549
3550 ni.ni_cnd.cn_nameiop = CREATE;
3551 ni.ni_cnd.cn_flags = LOCKPARENT;
3552 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
3553 if (!error) {
3554 error = nfsrv_namei(nd, ctx, &ni, &nfh, &dirp, &nx, &nxo);
3555 if (nx != NULL) {
3556 /* update export stats */
3557 NFSStatAdd64(&nx->nx_stats.ops, 1);
3558
3559 /* update active user stats */
3560 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
3561 }
3562 }
3563 if (dirp) {
3564 if (nd->nd_vers == NFS_VER3) {
3565 nfsm_srv_pre_vattr_init(&dpreattr);
3566 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
3567 } else {
3568 vnode_put(dirp);
3569 dirp = NULL;
3570 }
3571 }
3572 if (error) {
3573 ni.ni_cnd.cn_nameiop = 0;
3574 goto nfsmerr;
3575 }
3576 dvp = ni.ni_dvp;
3577 vp = ni.ni_vp;
3578
3579 VATTR_INIT(vap);
3580 error = nfsm_chain_get_sattr(nd, nmreq, vap);
3581 nfsmerr_if(error);
3582 VATTR_SET(vap, va_type, VDIR);
3583
3584 if (vp != NULL) {
3585 /*
3586 * nameidone has to happen before we vnode_put(dvp)
3587 * since it may need to release the fs_nodelock on the dvp
3588 */
3589 nameidone(&ni);
3590 vnode_put(dvp);
3591 vnode_put(vp);
3592 error = EEXIST;
3593 goto out;
3594 }
3595
3596 /*
3597 * If the credentials were mapped, we should
3598 * map the same values in the attributes.
3599 */
3600 if ((vap->va_uid == saved_uid) && (kauth_cred_getuid(nd->nd_cr) != saved_uid)) {
3601 int ismember;
3602 VATTR_SET(vap, va_uid, kauth_cred_getuid(nd->nd_cr));
3603 if (kauth_cred_ismember_gid(nd->nd_cr, vap->va_gid, &ismember) || !ismember)
3604 VATTR_SET(vap, va_gid, kauth_cred_getgid(nd->nd_cr));
3605 }
3606
3607 error = nfsrv_authorize(dvp, NULL, KAUTH_VNODE_ADD_SUBDIRECTORY, ctx, nxo, 0);
3608
3609 /* construct ACL and handle inheritance */
3610 if (!error) {
3611 error = kauth_acl_inherit(dvp,
3612 NULL,
3613 &xacl, /* isdir */
3614 1,
3615 ctx);
3616
3617 if (!error && xacl != NULL)
3618 VATTR_SET(vap, va_acl, xacl);
3619 }
3620 VATTR_CLEAR_ACTIVE(vap, va_data_size);
3621 VATTR_CLEAR_ACTIVE(vap, va_access_time);
3622
3623 /* validate new-file security information */
3624 if (!error) {
3625 error = vnode_authattr_new(dvp, vap, 0, ctx);
3626 if (error && (VATTR_IS_ACTIVE(vap, va_uid) || VATTR_IS_ACTIVE(vap, va_gid))) {
3627 /*
3628 * Most NFS servers just ignore the UID/GID attributes, so we
3629 * try ignoring them if that'll help the request succeed.
3630 */
3631 VATTR_CLEAR_ACTIVE(vap, va_uid);
3632 VATTR_CLEAR_ACTIVE(vap, va_gid);
3633 error = vnode_authattr_new(dvp, vap, 0, ctx);
3634 }
3635 }
3636
3637 if (!error)
3638 error = VNOP_MKDIR(dvp, &vp, &ni.ni_cnd, vap, ctx);
3639
3640 #if CONFIG_FSE
3641 if (nfsrv_fsevents_enabled && !error)
3642 add_fsevent(FSE_CREATE_DIR, ctx, FSE_ARG_VNODE, vp, FSE_ARG_DONE);
3643 #endif
3644
3645 if (!error && !VATTR_ALL_SUPPORTED(vap))
3646 /*
3647 * If some of the requested attributes weren't handled by the VNOP,
3648 * use our fallback code.
3649 */
3650 error = vnode_setattr_fallback(vp, vap, ctx);
3651
3652 if (xacl != NULL)
3653 kauth_acl_free(xacl);
3654
3655 if (!error) {
3656 error = nfsrv_vptofh(nx, nd->nd_vers, NULL, vp, ctx, &nfh);
3657 if (!error) {
3658 nfsm_srv_vattr_init(&postattr, nd->nd_vers);
3659 postattrerr = vnode_getattr(vp, &postattr, ctx);
3660 if (nd->nd_vers == NFS_VER2)
3661 error = postattrerr;
3662 }
3663 vnode_put(vp);
3664 vp = NULL;
3665 }
3666 /*
3667 * nameidone has to happen before we vnode_put(dvp)
3668 * since it may need to release the fs_nodelock on the dvp
3669 */
3670 nameidone(&ni);
3671 vnode_put(dvp);
3672 out:
3673 ni.ni_cnd.cn_nameiop = 0;
3674
3675 if (dirp) {
3676 nfsm_srv_vattr_init(&dpostattr, nd->nd_vers);
3677 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
3678 vnode_put(dirp);
3679 dirp = NULL;
3680 }
3681
3682 nfsmerr:
3683 /* assemble reply */
3684 nd->nd_repstat = error;
3685 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_SRVFH(nd->nd_vers, &nfh) +
3686 NFSX_POSTOPATTR(nd->nd_vers) + NFSX_WCCDATA(nd->nd_vers));
3687 nfsmout_if(error);
3688 *mrepp = nmrep.nmc_mhead;
3689 nfsmout_on_status(nd, error);
3690 if (nd->nd_vers == NFS_VER3) {
3691 if (!nd->nd_repstat) {
3692 nfsm_chain_add_postop_fh(error, &nmrep, nfh.nfh_fhp, nfh.nfh_len);
3693 nfsm_chain_add_postop_attr(error, nd, &nmrep, postattrerr, &postattr);
3694 }
3695 nfsm_chain_add_wcc_data(error, nd, &nmrep,
3696 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
3697 } else {
3698 nfsm_chain_add_fh(error, &nmrep, NFS_VER2, nfh.nfh_fhp, nfh.nfh_len);
3699 if (!error)
3700 error = nfsm_chain_add_fattr(nd, &nmrep, &postattr);
3701 }
3702 nfsmout:
3703 nfsm_chain_build_done(error, &nmrep);
3704 if (ni.ni_cnd.cn_nameiop) {
3705 /*
3706 * nameidone has to happen before we vnode_put(dvp)
3707 * since it may need to release the fs_nodelock on the dvp
3708 */
3709 nameidone(&ni);
3710 vnode_put(dvp);
3711 if (vp)
3712 vnode_put(vp);
3713 }
3714 if (dirp)
3715 vnode_put(dirp);
3716 if (error) {
3717 nfsm_chain_cleanup(&nmrep);
3718 *mrepp = NULL;
3719 }
3720 return (error);
3721 }
3722
3723 /*
3724 * nfs rmdir service
3725 */
3726 int
3727 nfsrv_rmdir(
3728 struct nfsrv_descript *nd,
3729 struct nfsrv_sock *slp,
3730 vfs_context_t ctx,
3731 mbuf_t *mrepp)
3732 {
3733 int error, dpreattrerr, dpostattrerr;
3734 uint32_t len = 0;
3735 uid_t saved_uid;
3736 vnode_t vp, dvp, dirp;
3737 struct vnode_attr dpreattr, dpostattr;
3738 struct nfs_filehandle nfh;
3739 struct nfs_export *nx = NULL;
3740 struct nfs_export_options *nxo;
3741 struct nameidata ni;
3742 struct nfsm_chain *nmreq, nmrep;
3743
3744 error = 0;
3745 dpreattrerr = dpostattrerr = ENOENT;
3746 saved_uid = kauth_cred_getuid(nd->nd_cr);
3747 nmreq = &nd->nd_nmreq;
3748 nfsm_chain_null(&nmrep);
3749
3750 vp = dvp = dirp = NULL;
3751
3752 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
3753 nfsm_chain_get_32(error, nmreq, len);
3754 nfsm_name_len_check(error, nd, len);
3755 nfsmerr_if(error);
3756
3757 ni.ni_cnd.cn_nameiop = DELETE;
3758 ni.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF;
3759 error = nfsm_chain_get_path_namei(nmreq, len, &ni);
3760 if (!error) {
3761 error = nfsrv_namei(nd, ctx, &ni, &nfh, &dirp, &nx, &nxo);
3762 if (nx != NULL) {
3763 /* update export stats */
3764 NFSStatAdd64(&nx->nx_stats.ops, 1);
3765
3766 /* update active user stats */
3767 nfsrv_update_user_stat(nx, nd, saved_uid, 1, 0, 0);
3768 }
3769 }
3770 if (dirp) {
3771 if (nd->nd_vers == NFS_VER3) {
3772 nfsm_srv_pre_vattr_init(&dpreattr);
3773 dpreattrerr = vnode_getattr(dirp, &dpreattr, ctx);
3774 } else {
3775 vnode_put(dirp);
3776 dirp = NULL;
3777 }
3778 }
3779 nfsmerr_if(error);
3780
3781 dvp = ni.ni_dvp;
3782 vp = ni.ni_vp;
3783
3784 if (vnode_vtype(vp) != VDIR) {
3785 error = ENOTDIR;
3786 goto out;
3787 }
3788 /*
3789 * No rmdir "." please.
3790 */
3791 if (dvp == vp) {
3792 error = EINVAL;
3793 goto out;
3794 }
3795 /*
3796 * The root of a mounted filesystem cannot be deleted.
3797 */
3798 if (vnode_isvroot(vp))
3799 error = EBUSY;
3800 if (!error)
3801 error = nfsrv_authorize(vp, dvp, KAUTH_VNODE_DELETE, ctx, nxo, 0);
3802 if (!error) {
3803 #if CONFIG_FSE
3804 char *path = NULL;
3805 int plen;
3806 fse_info finfo;
3807
3808 if (nfsrv_fsevents_enabled && need_fsevent(FSE_DELETE, dvp)) {
3809 plen = MAXPATHLEN;
3810 if ((path = get_pathbuff()) && !vn_getpath(vp, path, &plen)) {
3811 get_fse_info(vp, &finfo, ctx);
3812 } else if (path) {
3813 release_pathbuff(path);
3814 path = NULL;
3815 }
3816 }
3817 #endif /* CONFIG_FSE */
3818
3819 error = VNOP_RMDIR(dvp, vp, &ni.ni_cnd, ctx);
3820
3821 #if CONFIG_FSE
3822 if (path) {
3823 if (!error)
3824 add_fsevent(FSE_DELETE, ctx,
3825 FSE_ARG_STRING, plen, path,
3826 FSE_ARG_FINFO, &finfo,
3827 FSE_ARG_DONE);
3828 release_pathbuff(path);
3829 }
3830 #endif /* CONFIG_FSE */
3831 }
3832 out:
3833 /*
3834 * nameidone has to happen before we vnode_put(dvp)
3835 * since it may need to release the fs_nodelock on the dvp
3836 */
3837 nameidone(&ni);
3838
3839 vnode_put(dvp);
3840 vnode_put(vp);
3841
3842 if (dirp) {
3843 nfsm_srv_vattr_init(&dpostattr, nd->nd_vers);
3844 dpostattrerr = vnode_getattr(dirp, &dpostattr, ctx);
3845 vnode_put(dirp);
3846 dirp = NULL;
3847 }
3848
3849 nfsmerr:
3850 /* assemble reply */
3851 nd->nd_repstat = error;
3852 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_WCCDATA(nd->nd_vers));
3853 nfsmout_if(error);
3854 *mrepp = nmrep.nmc_mhead;
3855 nfsmout_on_status(nd, error);
3856 if (nd->nd_vers == NFS_VER3)
3857 nfsm_chain_add_wcc_data(error, nd, &nmrep,
3858 dpreattrerr, &dpreattr, dpostattrerr, &dpostattr);
3859 nfsmout:
3860 nfsm_chain_build_done(error, &nmrep);
3861 if (dirp)
3862 vnode_put(dirp);
3863 if (error) {
3864 nfsm_chain_cleanup(&nmrep);
3865 *mrepp = NULL;
3866 }
3867 return (error);
3868 }
3869
3870 /*
3871 * nfs readdir service
3872 * - mallocs what it thinks is enough to read
3873 * count rounded up to a multiple of NFS_DIRBLKSIZ <= NFS_MAXREADDIR
3874 * - calls VNOP_READDIR()
3875 * - loops around building the reply
3876 * if the output generated exceeds count break out of loop
3877 * The nfsm_clget macro is used here so that the reply will be packed
3878 * tightly in mbuf clusters.
3879 * - it only knows that it has encountered eof when the VNOP_READDIR()
3880 * reads nothing
3881 * - as such one readdir rpc will return eof false although you are there
3882 * and then the next will return eof
3883 * - it trims out records with d_fileno == 0
3884 * this doesn't matter for Unix clients, but they might confuse clients
3885 * for other os'.
3886 * NB: It is tempting to set eof to true if the VNOP_READDIR() reads less
3887 * than requested, but this may not apply to all filesystems. For
3888 * example, client NFS does not { although it is never remote mounted
3889 * anyhow }
3890 * The alternate call nfsrv_readdirplus() does lookups as well.
3891 * PS: The XNFS protocol spec clearly describes what the "count"s arguments
3892 * are supposed to cover. For readdir, the count is the total number of
3893 * bytes included in everything from the directory's postopattr through
3894 * the EOF flag. For readdirplus, the maxcount is the same, and the
3895 * dircount includes all that except for the entry attributes and handles.
3896 */
3897 int
3898 nfsrv_readdir(
3899 struct nfsrv_descript *nd,
3900 struct nfsrv_sock *slp,
3901 vfs_context_t ctx,
3902 mbuf_t *mrepp)
3903 {
3904 struct direntry *dp;
3905 char *cpos, *cend, *rbuf;
3906 vnode_t vp;
3907 struct vnode_attr attr;
3908 struct nfs_filehandle nfh;
3909 struct nfs_export *nx;
3910 struct nfs_export_options *nxo;
3911 uio_t auio = NULL;
3912 char uio_buf[ UIO_SIZEOF(1) ];
3913 int len, nlen, rem, xfer, error, attrerr;
3914 int siz, count, fullsiz, eofflag, nentries;
3915 u_quad_t off, toff, verf;
3916 int vnopflag;
3917 struct nfsm_chain *nmreq, nmrep;
3918
3919 error = 0;
3920 attrerr = ENOENT;
3921 count = nentries = 0;
3922 nmreq = &nd->nd_nmreq;
3923 nfsm_chain_null(&nmrep);
3924 rbuf = NULL;
3925 vp = NULL;
3926
3927 vnopflag = VNODE_READDIR_EXTENDED | VNODE_READDIR_REQSEEKOFF;
3928
3929 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
3930 if (nd->nd_vers == NFS_VER3) {
3931 nfsm_chain_get_64(error, nmreq, toff);
3932 nfsm_chain_get_64(error, nmreq, verf);
3933 } else {
3934 nfsm_chain_get_32(error, nmreq, toff);
3935 }
3936 nfsm_chain_get_32(error, nmreq, count);
3937 nfsmerr_if(error);
3938
3939 off = toff;
3940 siz = ((count + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
3941 xfer = NFSRV_NDMAXDATA(nd);
3942 if (siz > xfer)
3943 siz = xfer;
3944 fullsiz = siz;
3945
3946 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
3947 nfsmerr_if(error);
3948
3949 /* update export stats */
3950 NFSStatAdd64(&nx->nx_stats.ops, 1);
3951
3952 /* update active user stats */
3953 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
3954
3955 error = nfsrv_credcheck(nd, ctx, nx, nxo);
3956 nfsmerr_if(error);
3957
3958 if ((nd->nd_vers == NFS_VER2) || (nxo->nxo_flags & NX_32BITCLIENTS))
3959 vnopflag |= VNODE_READDIR_SEEKOFF32;
3960 if (nd->nd_vers == NFS_VER3) {
3961 nfsm_srv_vattr_init(&attr, NFS_VER3);
3962 error = attrerr = vnode_getattr(vp, &attr, ctx);
3963 if (!error && toff && verf && (verf != attr.va_filerev))
3964 error = NFSERR_BAD_COOKIE;
3965 }
3966 if (!error)
3967 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_LIST_DIRECTORY, ctx, nxo, 0);
3968 nfsmerr_if(error);
3969
3970 MALLOC(rbuf, caddr_t, siz, M_TEMP, M_WAITOK);
3971 if (rbuf)
3972 auio = uio_createwithbuffer(1, 0, UIO_SYSSPACE, UIO_READ,
3973 &uio_buf[0], sizeof(uio_buf));
3974 if (!rbuf || !auio) {
3975 error = ENOMEM;
3976 goto nfsmerr;
3977 }
3978 again:
3979 uio_reset(auio, off, UIO_SYSSPACE, UIO_READ);
3980 uio_addiov(auio, CAST_USER_ADDR_T(rbuf), fullsiz);
3981 eofflag = 0;
3982 error = VNOP_READDIR(vp, auio, vnopflag, &eofflag, &nentries, ctx);
3983 off = uio_offset(auio);
3984
3985 if (nd->nd_vers == NFS_VER3) {
3986 nfsm_srv_vattr_init(&attr, NFS_VER3);
3987 attrerr = vnode_getattr(vp, &attr, ctx);
3988 }
3989 nfsmerr_if(error);
3990
3991 if (uio_resid(auio) != 0) {
3992 siz -= uio_resid(auio);
3993
3994 /* If nothing read, return empty reply with eof set */
3995 if (siz == 0) {
3996 vnode_put(vp);
3997 vp = NULL;
3998 FREE(rbuf, M_TEMP);
3999 /* assemble reply */
4000 nd->nd_repstat = error;
4001 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(nd->nd_vers) +
4002 NFSX_COOKIEVERF(nd->nd_vers) + 2 * NFSX_UNSIGNED);
4003 nfsmout_if(error);
4004 *mrepp = nmrep.nmc_mhead;
4005 nfsmout_on_status(nd, error);
4006 if (nd->nd_vers == NFS_VER3) {
4007 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4008 nfsm_chain_add_64(error, &nmrep, attr.va_filerev);
4009 }
4010 nfsm_chain_add_32(error, &nmrep, FALSE);
4011 nfsm_chain_add_32(error, &nmrep, TRUE);
4012 nfsm_chain_build_done(error, &nmrep);
4013 return (error);
4014 }
4015 }
4016
4017 /*
4018 * Check for degenerate cases of nothing useful read.
4019 * If so go try again
4020 */
4021 cpos = rbuf;
4022 cend = rbuf + siz;
4023 dp = (struct direntry *)cpos;
4024 while ((dp->d_fileno == 0) && (cpos < cend) && (nentries > 0)) {
4025 cpos += dp->d_reclen;
4026 dp = (struct direntry *)cpos;
4027 nentries--;
4028 }
4029 if ((cpos >= cend) || (nentries == 0)) {
4030 toff = off;
4031 siz = fullsiz;
4032 goto again;
4033 }
4034
4035 vnode_put(vp);
4036 vp = NULL;
4037
4038 /* assemble reply */
4039 nd->nd_repstat = error;
4040 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(nd->nd_vers) +
4041 NFSX_COOKIEVERF(nd->nd_vers) + siz);
4042 nfsmout_if(error);
4043 *mrepp = nmrep.nmc_mhead;
4044 nfsmout_on_status(nd, error);
4045 nmrep.nmc_flags |= NFSM_CHAIN_FLAG_ADD_CLUSTERS;
4046
4047 len = 2 * NFSX_UNSIGNED;
4048 if (nd->nd_vers == NFS_VER3) {
4049 len += NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF;
4050 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4051 nfsm_chain_add_64(error, &nmrep, attr.va_filerev);
4052 nfsmerr_if(error);
4053 }
4054
4055 /* Loop through the records and build reply */
4056 while ((cpos < cend) && (nentries > 0)) {
4057 if (dp->d_fileno != 0) {
4058 nlen = dp->d_namlen;
4059 if ((nd->nd_vers == NFS_VER2) && (nlen > NFS_MAXNAMLEN))
4060 nlen = NFS_MAXNAMLEN;
4061 rem = nfsm_rndup(nlen)-nlen;
4062 len += (4 * NFSX_UNSIGNED + nlen + rem);
4063 if (nd->nd_vers == NFS_VER3)
4064 len += 2 * NFSX_UNSIGNED;
4065 if (len > count) {
4066 eofflag = 0;
4067 break;
4068 }
4069 /* Build the directory record xdr from the direntry. */
4070 nfsm_chain_add_32(error, &nmrep, TRUE);
4071 if (nd->nd_vers == NFS_VER3) {
4072 nfsm_chain_add_64(error, &nmrep, dp->d_fileno);
4073 } else {
4074 nfsm_chain_add_32(error, &nmrep, dp->d_fileno);
4075 }
4076 nfsm_chain_add_string(error, &nmrep, dp->d_name, nlen);
4077 if (nd->nd_vers == NFS_VER3) {
4078 if (vnopflag & VNODE_READDIR_SEEKOFF32)
4079 dp->d_seekoff &= 0x00000000ffffffffULL;
4080 nfsm_chain_add_64(error, &nmrep, dp->d_seekoff);
4081 } else {
4082 nfsm_chain_add_32(error, &nmrep, dp->d_seekoff);
4083 }
4084 nfsmerr_if(error);
4085 }
4086 cpos += dp->d_reclen;
4087 dp = (struct direntry *)cpos;
4088 nentries--;
4089 }
4090 nfsm_chain_add_32(error, &nmrep, FALSE);
4091 nfsm_chain_add_32(error, &nmrep, eofflag ? TRUE : FALSE);
4092 FREE(rbuf, M_TEMP);
4093 goto nfsmout;
4094 nfsmerr:
4095 if (rbuf)
4096 FREE(rbuf, M_TEMP);
4097 if (vp)
4098 vnode_put(vp);
4099 nd->nd_repstat = error;
4100 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(nd->nd_vers));
4101 nfsmout_if(error);
4102 *mrepp = nmrep.nmc_mhead;
4103 nfsmout_on_status(nd, error);
4104 if (nd->nd_vers == NFS_VER3)
4105 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4106 nfsmout:
4107 nfsm_chain_build_done(error, &nmrep);
4108 if (error) {
4109 nfsm_chain_cleanup(&nmrep);
4110 *mrepp = NULL;
4111 }
4112 return (error);
4113 }
4114
4115 int
4116 nfsrv_readdirplus(
4117 struct nfsrv_descript *nd,
4118 struct nfsrv_sock *slp,
4119 vfs_context_t ctx,
4120 mbuf_t *mrepp)
4121 {
4122 struct direntry *dp;
4123 char *cpos, *cend, *rbuf;
4124 vnode_t vp, nvp;
4125 struct nfs_filehandle dnfh, nfh;
4126 struct nfs_export *nx;
4127 struct nfs_export_options *nxo;
4128 uio_t auio = NULL;
4129 char uio_buf[ UIO_SIZEOF(1) ];
4130 struct vnode_attr attr, va, *vap = &va;
4131 int len, nlen, rem, xfer, error, attrerr, gotfh, gotattr;
4132 int siz, dircount, maxcount, fullsiz, eofflag, dirlen, nentries, isdotdot;
4133 u_quad_t off, toff, verf;
4134 int vnopflag;
4135 struct nfsm_chain *nmreq, nmrep;
4136
4137 error = 0;
4138 attrerr = ENOENT;
4139 nentries = 0;
4140 nmreq = &nd->nd_nmreq;
4141 nfsm_chain_null(&nmrep);
4142 rbuf = NULL;
4143 vp = NULL;
4144 dircount = maxcount = 0;
4145
4146 vnopflag = VNODE_READDIR_EXTENDED | VNODE_READDIR_REQSEEKOFF;
4147
4148 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, dnfh.nfh_fhp, dnfh.nfh_len);
4149 nfsm_chain_get_64(error, nmreq, toff);
4150 nfsm_chain_get_64(error, nmreq, verf);
4151 nfsm_chain_get_32(error, nmreq, dircount);
4152 nfsm_chain_get_32(error, nmreq, maxcount);
4153 nfsmerr_if(error);
4154
4155 off = toff;
4156 xfer = NFSRV_NDMAXDATA(nd);
4157 dircount = ((dircount + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
4158 if (dircount > xfer)
4159 dircount = xfer;
4160 fullsiz = siz = dircount;
4161 maxcount = ((maxcount + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1));
4162 if (maxcount > xfer)
4163 maxcount = xfer;
4164
4165 error = nfsrv_fhtovp(&dnfh, nd, &vp, &nx, &nxo);
4166 nfsmerr_if(error);
4167
4168 /* update export stats */
4169 NFSStatAdd64(&nx->nx_stats.ops, 1);
4170
4171 /* update active user stats */
4172 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
4173
4174 error = nfsrv_credcheck(nd, ctx, nx, nxo);
4175 nfsmerr_if(error);
4176
4177 if (nxo->nxo_flags & NX_32BITCLIENTS)
4178 vnopflag |= VNODE_READDIR_SEEKOFF32;
4179
4180 nfsm_srv_vattr_init(&attr, NFS_VER3);
4181 error = attrerr = vnode_getattr(vp, &attr, ctx);
4182 if (!error && toff && verf && (verf != attr.va_filerev))
4183 error = NFSERR_BAD_COOKIE;
4184 if (!error)
4185 error = nfsrv_authorize(vp, NULL, KAUTH_VNODE_LIST_DIRECTORY, ctx, nxo, 0);
4186 nfsmerr_if(error);
4187
4188 MALLOC(rbuf, caddr_t, siz, M_TEMP, M_WAITOK);
4189 if (rbuf)
4190 auio = uio_createwithbuffer(1, 0, UIO_SYSSPACE, UIO_READ,
4191 &uio_buf[0], sizeof(uio_buf));
4192 if (!rbuf || !auio) {
4193 error = ENOMEM;
4194 goto nfsmerr;
4195 }
4196
4197 again:
4198 uio_reset(auio, off, UIO_SYSSPACE, UIO_READ);
4199 uio_addiov(auio, CAST_USER_ADDR_T(rbuf), fullsiz);
4200 eofflag = 0;
4201 error = VNOP_READDIR(vp, auio, vnopflag, &eofflag, &nentries, ctx);
4202 off = uio_offset(auio);
4203 nfsm_srv_vattr_init(&attr, NFS_VER3);
4204 attrerr = vnode_getattr(vp, &attr, ctx);
4205 nfsmerr_if(error);
4206
4207 if (uio_resid(auio) != 0) {
4208 siz -= uio_resid(auio);
4209
4210 /* If nothing read, return empty reply with eof set */
4211 if (siz == 0) {
4212 vnode_put(vp);
4213 vp = NULL;
4214 FREE(rbuf, M_TEMP);
4215 /* assemble reply */
4216 nd->nd_repstat = error;
4217 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_V3POSTOPATTR +
4218 NFSX_V3COOKIEVERF + 2 * NFSX_UNSIGNED);
4219 nfsmout_if(error);
4220 *mrepp = nmrep.nmc_mhead;
4221 nfsmout_on_status(nd, error);
4222 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4223 nfsm_chain_add_64(error, &nmrep, attr.va_filerev);
4224 nfsm_chain_add_32(error, &nmrep, FALSE);
4225 nfsm_chain_add_32(error, &nmrep, TRUE);
4226 nfsm_chain_build_done(error, &nmrep);
4227 return (error);
4228 }
4229 }
4230
4231 /*
4232 * Check for degenerate cases of nothing useful read.
4233 * If so go try again
4234 */
4235 cpos = rbuf;
4236 cend = rbuf + siz;
4237 dp = (struct direntry *)cpos;
4238 while ((dp->d_fileno == 0) && (cpos < cend) && (nentries > 0)) {
4239 cpos += dp->d_reclen;
4240 dp = (struct direntry *)cpos;
4241 nentries--;
4242 }
4243 if ((cpos >= cend) || (nentries == 0)) {
4244 toff = off;
4245 siz = fullsiz;
4246 goto again;
4247 }
4248
4249 /*
4250 * Probe one of the directory entries to see if the filesystem
4251 * supports VGET.
4252 */
4253 if ((error = VFS_VGET(vnode_mount(vp), (ino64_t)dp->d_fileno, &nvp, ctx))) {
4254 if (error == ENOTSUP) /* let others get passed back */
4255 error = NFSERR_NOTSUPP;
4256 goto nfsmerr;
4257 }
4258 vnode_put(nvp);
4259
4260 /* assemble reply */
4261 nd->nd_repstat = error;
4262 error = nfsrv_rephead(nd, slp, &nmrep, maxcount);
4263 nfsmout_if(error);
4264 *mrepp = nmrep.nmc_mhead;
4265 nfsmout_on_status(nd, error);
4266 nmrep.nmc_flags |= NFSM_CHAIN_FLAG_ADD_CLUSTERS;
4267
4268 dirlen = len = NFSX_V3POSTOPATTR + NFSX_V3COOKIEVERF + 2 * NFSX_UNSIGNED;
4269 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4270 nfsm_chain_add_64(error, &nmrep, attr.va_filerev);
4271 nfsmerr_if(error);
4272
4273 /* Loop through the records and build reply */
4274 while ((cpos < cend) && (nentries > 0)) {
4275 if (dp->d_fileno != 0) {
4276 nlen = dp->d_namlen;
4277 rem = nfsm_rndup(nlen)-nlen;
4278 gotfh = gotattr = 1;
4279
4280 /* Got to get the vnode for lookup per entry. */
4281 if (VFS_VGET(vnode_mount(vp), (ino64_t)dp->d_fileno, &nvp, ctx)) {
4282 /* Can't get the vnode... so no fh or attrs */
4283 gotfh = gotattr = 0;
4284 } else {
4285 isdotdot = ((dp->d_namlen == 2) &&
4286 (dp->d_name[0] == '.') && (dp->d_name[1] == '.'));
4287 if (nfsrv_vptofh(nx, 0, (isdotdot ? &dnfh : NULL), nvp, ctx, &nfh))
4288 gotfh = 0;
4289 nfsm_srv_vattr_init(vap, NFS_VER3);
4290 if (vnode_getattr(nvp, vap, ctx))
4291 gotattr = 0;
4292 vnode_put(nvp);
4293 }
4294
4295 /*
4296 * If either the dircount or maxcount will be
4297 * exceeded, get out now. Both of these lengths
4298 * are calculated conservatively, including all
4299 * XDR overheads.
4300 */
4301 len += 8 * NFSX_UNSIGNED + nlen + rem;
4302 if (gotattr)
4303 len += NFSX_V3FATTR;
4304 if (gotfh)
4305 len += NFSX_UNSIGNED + nfsm_rndup(nfh.nfh_len);
4306 dirlen += 6 * NFSX_UNSIGNED + nlen + rem;
4307 if ((len > maxcount) || (dirlen > dircount)) {
4308 eofflag = 0;
4309 break;
4310 }
4311
4312 /* Build the directory record xdr from the direntry. */
4313 nfsm_chain_add_32(error, &nmrep, TRUE);
4314 nfsm_chain_add_64(error, &nmrep, dp->d_fileno);
4315 nfsm_chain_add_string(error, &nmrep, dp->d_name, nlen);
4316 if (vnopflag & VNODE_READDIR_SEEKOFF32)
4317 dp->d_seekoff &= 0x00000000ffffffffULL;
4318 nfsm_chain_add_64(error, &nmrep, dp->d_seekoff);
4319 nfsm_chain_add_postop_attr(error, nd, &nmrep, (gotattr ? 0 : ENOENT), vap);
4320 if (gotfh)
4321 nfsm_chain_add_postop_fh(error, &nmrep, nfh.nfh_fhp, nfh.nfh_len);
4322 else
4323 nfsm_chain_add_32(error, &nmrep, FALSE);
4324 nfsmerr_if(error);
4325 }
4326 cpos += dp->d_reclen;
4327 dp = (struct direntry *)cpos;
4328 nentries--;
4329 }
4330 vnode_put(vp);
4331 vp = NULL;
4332 nfsm_chain_add_32(error, &nmrep, FALSE);
4333 nfsm_chain_add_32(error, &nmrep, eofflag ? TRUE : FALSE);
4334 FREE(rbuf, M_TEMP);
4335 goto nfsmout;
4336 nfsmerr:
4337 if (rbuf)
4338 FREE(rbuf, M_TEMP);
4339 nd->nd_repstat = error;
4340 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_V3POSTOPATTR);
4341 nfsmout_if(error);
4342 *mrepp = nmrep.nmc_mhead;
4343 nfsmout_on_status(nd, error);
4344 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4345 nfsmout:
4346 nfsm_chain_build_done(error, &nmrep);
4347 if (vp)
4348 vnode_put(vp);
4349 if (error) {
4350 nfsm_chain_cleanup(&nmrep);
4351 *mrepp = NULL;
4352 }
4353 return (error);
4354 }
4355
4356 /*
4357 * nfs commit service
4358 */
4359 int
4360 nfsrv_commit(
4361 struct nfsrv_descript *nd,
4362 struct nfsrv_sock *slp,
4363 vfs_context_t ctx,
4364 mbuf_t *mrepp)
4365 {
4366 vnode_t vp;
4367 struct nfs_filehandle nfh;
4368 struct nfs_export *nx;
4369 struct nfs_export_options *nxo;
4370 int error, preattrerr, postattrerr, count;
4371 struct vnode_attr preattr, postattr;
4372 u_quad_t off;
4373 struct nfsm_chain *nmreq, nmrep;
4374
4375 error = 0;
4376 preattrerr = postattrerr = ENOENT;
4377 nmreq = &nd->nd_nmreq;
4378 nfsm_chain_null(&nmrep);
4379 vp = NULL;
4380
4381 /*
4382 * XXX At this time VNOP_FSYNC() does not accept offset and byte
4383 * count parameters, so those arguments are useless (someday maybe).
4384 */
4385
4386 nfsm_chain_get_fh_ptr(error, nmreq, NFS_VER3, nfh.nfh_fhp, nfh.nfh_len);
4387 nfsm_chain_get_64(error, nmreq, off);
4388 nfsm_chain_get_32(error, nmreq, count);
4389 nfsmerr_if(error);
4390
4391 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
4392 nfsmerr_if(error);
4393
4394 /* update export stats */
4395 NFSStatAdd64(&nx->nx_stats.ops, 1);
4396
4397 /* update active user stats */
4398 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
4399
4400 error = nfsrv_credcheck(nd, ctx, nx, nxo);
4401 nfsmerr_if(error);
4402
4403 nfsm_srv_pre_vattr_init(&preattr);
4404 preattrerr = vnode_getattr(vp, &preattr, ctx);
4405
4406 error = VNOP_FSYNC(vp, MNT_WAIT, ctx);
4407
4408 nfsm_srv_vattr_init(&postattr, 1);
4409 postattrerr = vnode_getattr(vp, &postattr, ctx);
4410
4411 nfsmerr:
4412 if (vp)
4413 vnode_put(vp);
4414
4415 /* assemble reply */
4416 nd->nd_repstat = error;
4417 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_V3WCCDATA + NFSX_V3WRITEVERF);
4418 nfsmout_if(error);
4419 *mrepp = nmrep.nmc_mhead;
4420 nfsmout_on_status(nd, error);
4421 nfsm_chain_add_wcc_data(error, nd, &nmrep,
4422 preattrerr, &preattr, postattrerr, &postattr);
4423 if (!nd->nd_repstat) {
4424 nfsm_chain_add_32(error, &nmrep, nx->nx_exptime.tv_sec);
4425 nfsm_chain_add_32(error, &nmrep, nx->nx_exptime.tv_usec);
4426 }
4427 nfsmout:
4428 nfsm_chain_build_done(error, &nmrep);
4429 if (error) {
4430 nfsm_chain_cleanup(&nmrep);
4431 *mrepp = NULL;
4432 }
4433 return (error);
4434 }
4435
4436 /*
4437 * nfs statfs service
4438 */
4439 int
4440 nfsrv_statfs(
4441 struct nfsrv_descript *nd,
4442 struct nfsrv_sock *slp,
4443 vfs_context_t ctx,
4444 mbuf_t *mrepp)
4445 {
4446 struct vfs_attr va;
4447 int error, attrerr;
4448 vnode_t vp;
4449 struct vnode_attr attr;
4450 struct nfs_filehandle nfh;
4451 struct nfs_export *nx;
4452 struct nfs_export_options *nxo;
4453 off_t blksize;
4454 struct nfsm_chain *nmreq, nmrep;
4455
4456 error = 0;
4457 attrerr = ENOENT;
4458 nmreq = &nd->nd_nmreq;
4459 nfsm_chain_null(&nmrep);
4460 vp = NULL;
4461 blksize = 512;
4462
4463 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
4464 nfsmerr_if(error);
4465 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
4466 nfsmerr_if(error);
4467
4468 /* update export stats */
4469 NFSStatAdd64(&nx->nx_stats.ops, 1);
4470
4471 /* update active user stats */
4472 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
4473
4474 error = nfsrv_credcheck(nd, ctx, nx, nxo);
4475 nfsmerr_if(error);
4476
4477 VFSATTR_INIT(&va);
4478 VFSATTR_WANTED(&va, f_blocks);
4479 VFSATTR_WANTED(&va, f_bavail);
4480 VFSATTR_WANTED(&va, f_files);
4481 VFSATTR_WANTED(&va, f_ffree);
4482 error = vfs_getattr(vnode_mount(vp), &va, ctx);
4483 blksize = vnode_mount(vp)->mnt_vfsstat.f_bsize;
4484
4485 if (nd->nd_vers == NFS_VER3) {
4486 nfsm_srv_vattr_init(&attr, nd->nd_vers);
4487 attrerr = vnode_getattr(vp, &attr, ctx);
4488 }
4489
4490 nfsmerr:
4491 if (vp)
4492 vnode_put(vp);
4493
4494 /* assemble reply */
4495 nd->nd_repstat = error;
4496 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_POSTOPATTR(nd->nd_vers) + NFSX_STATFS(nd->nd_vers));
4497 nfsmout_if(error);
4498 *mrepp = nmrep.nmc_mhead;
4499 nfsmout_on_status(nd, error);
4500 if (nd->nd_vers == NFS_VER3)
4501 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4502 nfsmout_if(nd->nd_repstat);
4503
4504 if (nd->nd_vers == NFS_VER3) {
4505 nfsm_chain_add_64(error, &nmrep, va.f_blocks * blksize);
4506 nfsm_chain_add_64(error, &nmrep, va.f_bfree * blksize);
4507 nfsm_chain_add_64(error, &nmrep, va.f_bavail * blksize);
4508 nfsm_chain_add_64(error, &nmrep, va.f_files);
4509 nfsm_chain_add_64(error, &nmrep, va.f_ffree);
4510 nfsm_chain_add_64(error, &nmrep, va.f_ffree);
4511 nfsm_chain_add_32(error, &nmrep, 0); /* invarsec */
4512 } else {
4513 nfsm_chain_add_32(error, &nmrep, NFS_V2MAXDATA);
4514 nfsm_chain_add_32(error, &nmrep, blksize);
4515 nfsm_chain_add_32(error, &nmrep, va.f_blocks);
4516 nfsm_chain_add_32(error, &nmrep, va.f_bfree);
4517 nfsm_chain_add_32(error, &nmrep, va.f_bavail);
4518 }
4519 nfsmout:
4520 nfsm_chain_build_done(error, &nmrep);
4521 if (error) {
4522 nfsm_chain_cleanup(&nmrep);
4523 *mrepp = NULL;
4524 }
4525 return (error);
4526 }
4527
4528 /*
4529 * nfs fsinfo service
4530 */
4531 int
4532 nfsrv_fsinfo(
4533 struct nfsrv_descript *nd,
4534 struct nfsrv_sock *slp,
4535 vfs_context_t ctx,
4536 mbuf_t *mrepp)
4537 {
4538 int error, attrerr, prefsize, maxsize;
4539 vnode_t vp;
4540 struct vnode_attr attr;
4541 struct nfs_filehandle nfh;
4542 struct nfs_export *nx;
4543 struct nfs_export_options *nxo;
4544 struct nfsm_chain *nmreq, nmrep;
4545
4546 error = 0;
4547 attrerr = ENOENT;
4548 nmreq = &nd->nd_nmreq;
4549 nfsm_chain_null(&nmrep);
4550 vp = NULL;
4551
4552 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
4553 nfsmerr_if(error);
4554 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
4555 nfsmerr_if(error);
4556
4557 /* update export stats */
4558 NFSStatAdd64(&nx->nx_stats.ops, 1);
4559
4560 /* update active user stats */
4561 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
4562
4563 error = nfsrv_credcheck(nd, ctx, nx, nxo);
4564 nfsmerr_if(error);
4565
4566 nfsm_srv_vattr_init(&attr, NFS_VER3);
4567 attrerr = vnode_getattr(vp, &attr, ctx);
4568
4569 nfsmerr:
4570 if (vp)
4571 vnode_put(vp);
4572
4573 /* assemble reply */
4574 nd->nd_repstat = error;
4575 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_V3POSTOPATTR + NFSX_V3FSINFO);
4576 nfsmout_if(error);
4577 *mrepp = nmrep.nmc_mhead;
4578 nfsmout_on_status(nd, error);
4579 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4580 nfsmout_if(nd->nd_repstat);
4581
4582 /*
4583 * XXX There should be file system VFS OP(s) to get this information.
4584 * For now, assume our usual NFS defaults.
4585 */
4586 if (slp->ns_sotype == SOCK_DGRAM) {
4587 maxsize = NFS_MAXDGRAMDATA;
4588 prefsize = NFS_PREFDGRAMDATA;
4589 } else
4590 maxsize = prefsize = NFSRV_MAXDATA;
4591
4592 nfsm_chain_add_32(error, &nmrep, maxsize);
4593 nfsm_chain_add_32(error, &nmrep, prefsize);
4594 nfsm_chain_add_32(error, &nmrep, NFS_FABLKSIZE);
4595 nfsm_chain_add_32(error, &nmrep, maxsize);
4596 nfsm_chain_add_32(error, &nmrep, prefsize);
4597 nfsm_chain_add_32(error, &nmrep, NFS_FABLKSIZE);
4598 nfsm_chain_add_32(error, &nmrep, prefsize);
4599 nfsm_chain_add_64(error, &nmrep, 0xffffffffffffffffULL);
4600 nfsm_chain_add_32(error, &nmrep, 0);
4601 nfsm_chain_add_32(error, &nmrep, 1);
4602 /* XXX link/symlink support should be taken from volume capabilities */
4603 nfsm_chain_add_32(error, &nmrep,
4604 NFSV3FSINFO_LINK | NFSV3FSINFO_SYMLINK |
4605 NFSV3FSINFO_HOMOGENEOUS | NFSV3FSINFO_CANSETTIME);
4606
4607 nfsmout:
4608 nfsm_chain_build_done(error, &nmrep);
4609 if (error) {
4610 nfsm_chain_cleanup(&nmrep);
4611 *mrepp = NULL;
4612 }
4613 return (error);
4614 }
4615
4616 /*
4617 * nfs pathconf service
4618 */
4619 int
4620 nfsrv_pathconf(
4621 struct nfsrv_descript *nd,
4622 struct nfsrv_sock *slp,
4623 vfs_context_t ctx,
4624 mbuf_t *mrepp)
4625 {
4626 int error, attrerr, linkmax, namemax;
4627 int chownres, notrunc, case_sensitive, case_preserving;
4628 vnode_t vp;
4629 struct vnode_attr attr;
4630 struct nfs_filehandle nfh;
4631 struct nfs_export *nx;
4632 struct nfs_export_options *nxo;
4633 struct nfsm_chain *nmreq, nmrep;
4634
4635 error = 0;
4636 attrerr = ENOENT;
4637 nmreq = &nd->nd_nmreq;
4638 nfsm_chain_null(&nmrep);
4639 vp = NULL;
4640
4641 nfsm_chain_get_fh_ptr(error, nmreq, nd->nd_vers, nfh.nfh_fhp, nfh.nfh_len);
4642 nfsmerr_if(error);
4643 error = nfsrv_fhtovp(&nfh, nd, &vp, &nx, &nxo);
4644 nfsmerr_if(error);
4645
4646 /* update export stats */
4647 NFSStatAdd64(&nx->nx_stats.ops, 1);
4648
4649 /* update active user stats */
4650 nfsrv_update_user_stat(nx, nd, kauth_cred_getuid(nd->nd_cr), 1, 0, 0);
4651
4652 error = nfsrv_credcheck(nd, ctx, nx, nxo);
4653 nfsmerr_if(error);
4654
4655 error = VNOP_PATHCONF(vp, _PC_LINK_MAX, &linkmax, ctx);
4656 if (!error)
4657 error = VNOP_PATHCONF(vp, _PC_NAME_MAX, &namemax, ctx);
4658 if (!error)
4659 error = VNOP_PATHCONF(vp, _PC_CHOWN_RESTRICTED, &chownres, ctx);
4660 if (!error)
4661 error = VNOP_PATHCONF(vp, _PC_NO_TRUNC, &notrunc, ctx);
4662 if (!error)
4663 error = VNOP_PATHCONF(vp, _PC_CASE_SENSITIVE, &case_sensitive, ctx);
4664 if (!error)
4665 error = VNOP_PATHCONF(vp, _PC_CASE_PRESERVING, &case_preserving, ctx);
4666
4667 nfsm_srv_vattr_init(&attr, NFS_VER3);
4668 attrerr = vnode_getattr(vp, &attr, ctx);
4669
4670 nfsmerr:
4671 if (vp)
4672 vnode_put(vp);
4673
4674 /* assemble reply */
4675 nd->nd_repstat = error;
4676 error = nfsrv_rephead(nd, slp, &nmrep, NFSX_V3POSTOPATTR + NFSX_V3PATHCONF);
4677 nfsmout_if(error);
4678 *mrepp = nmrep.nmc_mhead;
4679 nfsmout_on_status(nd, error);
4680 nfsm_chain_add_postop_attr(error, nd, &nmrep, attrerr, &attr);
4681 nfsmout_if(nd->nd_repstat);
4682
4683 nfsm_chain_add_32(error, &nmrep, linkmax);
4684 nfsm_chain_add_32(error, &nmrep, namemax);
4685 nfsm_chain_add_32(error, &nmrep, notrunc);
4686 nfsm_chain_add_32(error, &nmrep, chownres);
4687 nfsm_chain_add_32(error, &nmrep, !case_sensitive);
4688 nfsm_chain_add_32(error, &nmrep, case_preserving);
4689
4690 nfsmout:
4691 nfsm_chain_build_done(error, &nmrep);
4692 if (error) {
4693 nfsm_chain_cleanup(&nmrep);
4694 *mrepp = NULL;
4695 }
4696 return (error);
4697 }
4698
4699 /*
4700 * Null operation, used by clients to ping server
4701 */
4702 /* ARGSUSED */
4703 int
4704 nfsrv_null(
4705 struct nfsrv_descript *nd,
4706 struct nfsrv_sock *slp,
4707 __unused vfs_context_t ctx,
4708 mbuf_t *mrepp)
4709 {
4710 int error = NFSERR_RETVOID;
4711 struct nfsm_chain nmrep;
4712
4713 /*
4714 * RPCSEC_GSS context setup ?
4715 */
4716 if (nd->nd_gss_context)
4717 return(nfs_gss_svc_ctx_init(nd, slp, mrepp));
4718
4719 nfsm_chain_null(&nmrep);
4720
4721 /* assemble reply */
4722 nd->nd_repstat = error;
4723 error = nfsrv_rephead(nd, slp, &nmrep, 0);
4724 nfsmout_if(error);
4725 *mrepp = nmrep.nmc_mhead;
4726 nfsmout:
4727 nfsm_chain_build_done(error, &nmrep);
4728 if (error) {
4729 nfsm_chain_cleanup(&nmrep);
4730 *mrepp = NULL;
4731 }
4732 return (error);
4733 }
4734
4735 /*
4736 * No operation, used for obsolete procedures
4737 */
4738 /* ARGSUSED */
4739 int
4740 nfsrv_noop(
4741 struct nfsrv_descript *nd,
4742 struct nfsrv_sock *slp,
4743 __unused vfs_context_t ctx,
4744 mbuf_t *mrepp)
4745 {
4746 int error;
4747 struct nfsm_chain nmrep;
4748
4749 nfsm_chain_null(&nmrep);
4750
4751 if (nd->nd_repstat)
4752 error = nd->nd_repstat;
4753 else
4754 error = EPROCUNAVAIL;
4755
4756 /* assemble reply */
4757 nd->nd_repstat = error;
4758 error = nfsrv_rephead(nd, slp, &nmrep, 0);
4759 nfsmout_if(error);
4760 *mrepp = nmrep.nmc_mhead;
4761 nfsmout:
4762 nfsm_chain_build_done(error, &nmrep);
4763 if (error) {
4764 nfsm_chain_cleanup(&nmrep);
4765 *mrepp = NULL;
4766 }
4767 return (error);
4768 }
4769
4770 int (*nfsrv_procs[NFS_NPROCS])(struct nfsrv_descript *nd,
4771 struct nfsrv_sock *slp,
4772 vfs_context_t ctx,
4773 mbuf_t *mrepp) = {
4774 nfsrv_null,
4775 nfsrv_getattr,
4776 nfsrv_setattr,
4777 nfsrv_lookup,
4778 nfsrv_access,
4779 nfsrv_readlink,
4780 nfsrv_read,
4781 nfsrv_write,
4782 nfsrv_create,
4783 nfsrv_mkdir,
4784 nfsrv_symlink,
4785 nfsrv_mknod,
4786 nfsrv_remove,
4787 nfsrv_rmdir,
4788 nfsrv_rename,
4789 nfsrv_link,
4790 nfsrv_readdir,
4791 nfsrv_readdirplus,
4792 nfsrv_statfs,
4793 nfsrv_fsinfo,
4794 nfsrv_pathconf,
4795 nfsrv_commit,
4796 nfsrv_noop
4797 };
4798
4799 /*
4800 * Perform access checking for vnodes obtained from file handles that would
4801 * refer to files already opened by a Unix client. You cannot just use
4802 * vnode_authorize() for two reasons.
4803 * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write case
4804 * 2 - The owner is to be given access irrespective of mode bits so that
4805 * processes that chmod after opening a file don't break. I don't like
4806 * this because it opens a security hole, but since the nfs server opens
4807 * a security hole the size of a barn door anyhow, what the heck.
4808 *
4809 * The exception to rule 2 is EPERM. If a file is IMMUTABLE, vnode_authorize()
4810 * will return EPERM instead of EACCESS. EPERM is always an error.
4811 */
4812
4813 int
4814 nfsrv_authorize(
4815 vnode_t vp,
4816 vnode_t dvp,
4817 kauth_action_t action,
4818 vfs_context_t ctx,
4819 struct nfs_export_options *nxo,
4820 int override)
4821 {
4822 struct vnode_attr vattr;
4823 int error;
4824
4825 if (action & KAUTH_VNODE_WRITE_RIGHTS) {
4826 /*
4827 * Disallow write attempts on read-only exports;
4828 * unless the file is a socket or a block or character
4829 * device resident on the file system.
4830 */
4831 if (nxo->nxo_flags & NX_READONLY) {
4832 switch (vnode_vtype(vp)) {
4833 case VREG: case VDIR: case VLNK: case VCPLX:
4834 return (EROFS);
4835 default:
4836 break;
4837 }
4838 }
4839 }
4840 error = vnode_authorize(vp, dvp, action, ctx);
4841 /*
4842 * Allow certain operations for the owner (reads and writes
4843 * on files that are already open). Picking up from FreeBSD.
4844 */
4845 if (override && (error == EACCES)) {
4846 VATTR_INIT(&vattr);
4847 VATTR_WANTED(&vattr, va_uid);
4848 if ((vnode_getattr(vp, &vattr, ctx) == 0) &&
4849 (kauth_cred_getuid(vfs_context_ucred(ctx)) == vattr.va_uid))
4850 error = 0;
4851 }
4852 return error;
4853 }
4854
4855 #endif /* NFSSERVER */
4856
mirror of XNU