+ return error;
+}
+
+/* Table of maximum minor version for a given version */
+uint32_t maxminorverstab[] = {
+ 0, /* Version 0 (does not exist) */
+ 0, /* Version 1 (does not exist) */
+ 0, /* Version 2 */
+ 0, /* Version 3 */
+ 0, /* Version 4 */
+};
+
+#define NFS_MAX_SUPPORTED_VERSION ((long)(sizeof (maxminorverstab) / sizeof (uint32_t) - 1))
+#define NFS_MAX_SUPPORTED_MINOR_VERSION(v) ((long)(maxminorverstab[(v)]))
+
+#define DEFAULT_NFS_MIN_VERS VER2PVER(2, 0)
+#define DEFAULT_NFS_MAX_VERS VER2PVER(3, 0)
+
+/*
+ * Common code to mount an NFS file system.
+ */
+int
+mountnfs(
+ char *xdrbuf,
+ mount_t mp,
+ vfs_context_t ctx,
+ vnode_t *vpp)
+{
+ struct nfsmount *nmp;
+ nfsnode_t np;
+ int error = 0;
+ struct vfsstatfs *sbp;
+ struct xdrbuf xb;
+ uint32_t i, val, maxio, iosize, len;
+ uint32_t *mattrs;
+ uint32_t *mflags_mask;
+ uint32_t *mflags;
+ uint32_t argslength, attrslength;
+ uid_t set_owner;
+ struct nfs_location_index firstloc = {
+ .nli_flags = NLI_VALID,
+ .nli_loc = 0,
+ .nli_serv = 0,
+ .nli_addr = 0
+ };
+ static const struct nfs_etype nfs_default_etypes = {
+ .count = NFS_MAX_ETYPES,
+ .selected = NFS_MAX_ETYPES,
+ .etypes = { NFS_AES256_CTS_HMAC_SHA1_96,
+ NFS_AES128_CTS_HMAC_SHA1_96,
+ NFS_DES3_CBC_SHA1_KD}
+ };
+
+ /* make sure mbuf constants are set up */
+ if (!nfs_mbuf_mhlen) {
+ nfs_mbuf_init();
+ }
+
+ if (vfs_flags(mp) & MNT_UPDATE) {
+ nmp = VFSTONFS(mp);
+ /* update paths, file handles, etc, here XXX */
+ xb_free(xdrbuf);
+ return 0;
+ } else {
+ /* allocate an NFS mount structure for this mount */
+ MALLOC_ZONE(nmp, struct nfsmount *,
+ sizeof(struct nfsmount), M_NFSMNT, M_WAITOK);
+ if (!nmp) {
+ xb_free(xdrbuf);
+ return ENOMEM;
+ }
+ bzero((caddr_t)nmp, sizeof(struct nfsmount));
+ lck_mtx_init(&nmp->nm_lock, nfs_mount_grp, LCK_ATTR_NULL);
+ TAILQ_INIT(&nmp->nm_resendq);
+ TAILQ_INIT(&nmp->nm_iodq);
+ TAILQ_INIT(&nmp->nm_gsscl);
+ LIST_INIT(&nmp->nm_monlist);
+ vfs_setfsprivate(mp, nmp);
+ vfs_getnewfsid(mp);
+ nmp->nm_mountp = mp;
+ vfs_setauthopaque(mp);
+ /*
+ * Disable cache_lookup_path for NFS. NFS lookup always needs
+ * to be called to check if the directory attribute cache is
+ * valid and possibly purge the directory before calling
+ * cache_lookup.
+ */
+ vfs_setauthcache_ttl(mp, 0);
+
+ nfs_nhinit_finish();
+
+ nmp->nm_args = xdrbuf;
+
+ /* set up defaults */
+ nmp->nm_ref = 0;
+ nmp->nm_vers = 0;
+ nmp->nm_min_vers = DEFAULT_NFS_MIN_VERS;
+ nmp->nm_max_vers = DEFAULT_NFS_MAX_VERS;
+ nmp->nm_timeo = NFS_TIMEO;
+ nmp->nm_retry = NFS_RETRANS;
+ nmp->nm_sotype = 0;
+ nmp->nm_sofamily = 0;
+ nmp->nm_nfsport = 0;
+ nmp->nm_wsize = NFS_WSIZE;
+ nmp->nm_rsize = NFS_RSIZE;
+ nmp->nm_readdirsize = NFS_READDIRSIZE;
+ nmp->nm_numgrps = NFS_MAXGRPS;
+ nmp->nm_readahead = NFS_DEFRAHEAD;
+ nmp->nm_tprintf_delay = nfs_tprintf_delay;
+ if (nmp->nm_tprintf_delay < 0) {
+ nmp->nm_tprintf_delay = 0;
+ }
+ nmp->nm_tprintf_initial_delay = nfs_tprintf_initial_delay;
+ if (nmp->nm_tprintf_initial_delay < 0) {
+ nmp->nm_tprintf_initial_delay = 0;
+ }
+ nmp->nm_acregmin = NFS_MINATTRTIMO;
+ nmp->nm_acregmax = NFS_MAXATTRTIMO;
+ nmp->nm_acdirmin = NFS_MINDIRATTRTIMO;
+ nmp->nm_acdirmax = NFS_MAXDIRATTRTIMO;
+ nmp->nm_etype = nfs_default_etypes;
+ nmp->nm_auth = RPCAUTH_SYS;
+ nmp->nm_iodlink.tqe_next = NFSNOLIST;
+ nmp->nm_deadtimeout = 0;
+ nmp->nm_curdeadtimeout = 0;
+ NFS_BITMAP_SET(nmp->nm_flags, NFS_MFLAG_RDIRPLUS); /* enable RDIRPLUS by default. It will be reverted later in case NFSv2 is used */
+ NFS_BITMAP_SET(nmp->nm_flags, NFS_MFLAG_NOACL);
+ nmp->nm_realm = NULL;
+ nmp->nm_principal = NULL;
+ nmp->nm_sprinc = NULL;
+ }
+
+ mattrs = nmp->nm_mattrs;
+ mflags = nmp->nm_mflags;
+ mflags_mask = nmp->nm_mflags_mask;
+
+ /* set up NFS mount with args */
+ xb_init_buffer(&xb, xdrbuf, 2 * XDRWORD);
+ xb_get_32(error, &xb, val); /* version */
+ xb_get_32(error, &xb, argslength); /* args length */
+ nfsmerr_if(error);
+ xb_init_buffer(&xb, xdrbuf, argslength); /* restart parsing with actual buffer length */
+ xb_get_32(error, &xb, val); /* version */
+ xb_get_32(error, &xb, argslength); /* args length */
+ xb_get_32(error, &xb, val); /* XDR args version */
+ if (val != NFS_XDRARGS_VERSION_0 || argslength < ((4 + NFS_MATTR_BITMAP_LEN + 1) * XDRWORD)) {
+ error = EINVAL;
+ }
+ len = NFS_MATTR_BITMAP_LEN;
+ xb_get_bitmap(error, &xb, mattrs, len); /* mount attribute bitmap */
+ attrslength = 0;
+ xb_get_32(error, &xb, attrslength); /* attrs length */
+ if (!error && (attrslength > (argslength - ((4 + NFS_MATTR_BITMAP_LEN + 1) * XDRWORD)))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_FLAGS)) {
+ len = NFS_MFLAG_BITMAP_LEN;
+ xb_get_bitmap(error, &xb, mflags_mask, len); /* mount flag mask */
+ len = NFS_MFLAG_BITMAP_LEN;
+ xb_get_bitmap(error, &xb, mflags, len); /* mount flag values */
+ if (!error) {
+ /* clear all mask bits and OR in all the ones that are set */
+ nmp->nm_flags[0] &= ~mflags_mask[0];
+ nmp->nm_flags[0] |= (mflags_mask[0] & mflags[0]);
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_VERSION)) {
+ /* Can't specify a single version and a range */
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_VERSION_RANGE)) {
+ error = EINVAL;
+ }
+ xb_get_32(error, &xb, nmp->nm_vers);
+ if (nmp->nm_vers > NFS_MAX_SUPPORTED_VERSION ||
+ nmp->nm_vers < NFS_VER2) {
+ error = EINVAL;
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_MINOR_VERSION)) {
+ xb_get_32(error, &xb, nmp->nm_minor_vers);
+ } else {
+ nmp->nm_minor_vers = maxminorverstab[nmp->nm_vers];
+ }
+ if (nmp->nm_minor_vers > maxminorverstab[nmp->nm_vers]) {
+ error = EINVAL;
+ }
+ nmp->nm_max_vers = nmp->nm_min_vers =
+ VER2PVER(nmp->nm_vers, nmp->nm_minor_vers);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_MINOR_VERSION)) {
+ /* should have also gotten NFS version (and already gotten minor version) */
+ if (!NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_VERSION)) {
+ error = EINVAL;
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_VERSION_RANGE)) {
+ xb_get_32(error, &xb, nmp->nm_min_vers);
+ xb_get_32(error, &xb, nmp->nm_max_vers);
+ if ((nmp->nm_min_vers > nmp->nm_max_vers) ||
+ (PVER2MAJOR(nmp->nm_max_vers) > NFS_MAX_SUPPORTED_VERSION) ||
+ (PVER2MINOR(nmp->nm_min_vers) > maxminorverstab[PVER2MAJOR(nmp->nm_min_vers)]) ||
+ (PVER2MINOR(nmp->nm_max_vers) > maxminorverstab[PVER2MAJOR(nmp->nm_max_vers)])) {
+ error = EINVAL;
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READ_SIZE)) {
+ xb_get_32(error, &xb, nmp->nm_rsize);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_WRITE_SIZE)) {
+ xb_get_32(error, &xb, nmp->nm_wsize);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READDIR_SIZE)) {
+ xb_get_32(error, &xb, nmp->nm_readdirsize);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READAHEAD)) {
+ xb_get_32(error, &xb, nmp->nm_readahead);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_REG_MIN)) {
+ xb_get_32(error, &xb, nmp->nm_acregmin);
+ xb_skip(error, &xb, XDRWORD);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_REG_MAX)) {
+ xb_get_32(error, &xb, nmp->nm_acregmax);
+ xb_skip(error, &xb, XDRWORD);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_DIR_MIN)) {
+ xb_get_32(error, &xb, nmp->nm_acdirmin);
+ xb_skip(error, &xb, XDRWORD);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_DIR_MAX)) {
+ xb_get_32(error, &xb, nmp->nm_acdirmax);
+ xb_skip(error, &xb, XDRWORD);
+ }
+ nfsmerr_if(error);
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_LOCK_MODE)) {
+ xb_get_32(error, &xb, val);
+ switch (val) {
+ case NFS_LOCK_MODE_DISABLED:
+ case NFS_LOCK_MODE_LOCAL:
+#if CONFIG_NFS4
+ if (nmp->nm_vers >= NFS_VER4) {
+ /* disabled/local lock mode only allowed on v2/v3 */
+ error = EINVAL;
+ break;
+ }
+#endif
+ /* FALLTHROUGH */
+ case NFS_LOCK_MODE_ENABLED:
+ nmp->nm_lockmode = val;
+ break;
+ default:
+ error = EINVAL;
+ }
+ }
+ nfsmerr_if(error);
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SECURITY)) {
+ uint32_t seccnt;
+ xb_get_32(error, &xb, seccnt);
+ if (!error && ((seccnt < 1) || (seccnt > NX_MAX_SEC_FLAVORS))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ nmp->nm_sec.count = seccnt;
+ for (i = 0; i < seccnt; i++) {
+ xb_get_32(error, &xb, nmp->nm_sec.flavors[i]);
+ /* Check for valid security flavor */
+ switch (nmp->nm_sec.flavors[i]) {
+ case RPCAUTH_NONE:
+ case RPCAUTH_SYS:
+ case RPCAUTH_KRB5:
+ case RPCAUTH_KRB5I:
+ case RPCAUTH_KRB5P:
+ break;
+ default:
+ error = EINVAL;
+ }
+ }
+ /* start with the first flavor */
+ nmp->nm_auth = nmp->nm_sec.flavors[0];
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_KERB_ETYPE)) {
+ uint32_t etypecnt;
+ xb_get_32(error, &xb, etypecnt);
+ if (!error && ((etypecnt < 1) || (etypecnt > NFS_MAX_ETYPES))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ nmp->nm_etype.count = etypecnt;
+ xb_get_32(error, &xb, nmp->nm_etype.selected);
+ nfsmerr_if(error);
+ if (etypecnt) {
+ nmp->nm_etype.selected = etypecnt; /* Nothing is selected yet, so set selected to count */
+ for (i = 0; i < etypecnt; i++) {
+ xb_get_32(error, &xb, nmp->nm_etype.etypes[i]);
+ /* Check for valid encryption type */
+ switch (nmp->nm_etype.etypes[i]) {
+ case NFS_DES3_CBC_SHA1_KD:
+ case NFS_AES128_CTS_HMAC_SHA1_96:
+ case NFS_AES256_CTS_HMAC_SHA1_96:
+ break;
+ default:
+ error = EINVAL;
+ }
+ }
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MAX_GROUP_LIST)) {
+ xb_get_32(error, &xb, nmp->nm_numgrps);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SOCKET_TYPE)) {
+ char sotype[16];
+
+ *sotype = '\0';
+ xb_get_32(error, &xb, val);
+ if (!error && ((val < 3) || (val > sizeof(sotype)))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, sotype, val, 0);
+ nfsmerr_if(error);
+ sotype[val] = '\0';
+ if (!strcmp(sotype, "tcp")) {
+ nmp->nm_sotype = SOCK_STREAM;
+ } else if (!strcmp(sotype, "udp")) {
+ nmp->nm_sotype = SOCK_DGRAM;
+ } else if (!strcmp(sotype, "tcp4")) {
+ nmp->nm_sotype = SOCK_STREAM;
+ nmp->nm_sofamily = AF_INET;
+ } else if (!strcmp(sotype, "udp4")) {
+ nmp->nm_sotype = SOCK_DGRAM;
+ nmp->nm_sofamily = AF_INET;
+ } else if (!strcmp(sotype, "tcp6")) {
+ nmp->nm_sotype = SOCK_STREAM;
+ nmp->nm_sofamily = AF_INET6;
+ } else if (!strcmp(sotype, "udp6")) {
+ nmp->nm_sotype = SOCK_DGRAM;
+ nmp->nm_sofamily = AF_INET6;
+ } else if (!strcmp(sotype, "inet4")) {
+ nmp->nm_sofamily = AF_INET;
+ } else if (!strcmp(sotype, "inet6")) {
+ nmp->nm_sofamily = AF_INET6;
+ } else if (!strcmp(sotype, "inet")) {
+ nmp->nm_sofamily = 0; /* ok */
+ } else if (!strcmp(sotype, "ticotsord")) {
+ nmp->nm_sofamily = AF_LOCAL;
+ nmp->nm_sotype = SOCK_STREAM;
+ } else if (!strcmp(sotype, "ticlts")) {
+ nmp->nm_sofamily = AF_LOCAL;
+ nmp->nm_sotype = SOCK_DGRAM;
+ } else {
+ error = EINVAL;
+ }
+#if CONFIG_NFS4
+ if (!error && (nmp->nm_vers >= NFS_VER4) && nmp->nm_sotype &&
+ (nmp->nm_sotype != SOCK_STREAM)) {
+ error = EINVAL; /* NFSv4 is only allowed over TCP. */
+ }
+#endif
+ if (error) {
+ NFS_VFS_DBG("EINVAL sotype = \"%s\"\n", sotype);
+ }
+ nfsmerr_if(error);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_PORT)) {
+ xb_get_32(error, &xb, nmp->nm_nfsport);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MOUNT_PORT)) {
+ xb_get_32(error, &xb, nmp->nm_mountport);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_REQUEST_TIMEOUT)) {
+ /* convert from time to 0.1s units */
+ xb_get_32(error, &xb, nmp->nm_timeo);
+ xb_get_32(error, &xb, val);
+ nfsmerr_if(error);
+ if (val >= 1000000000) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ nmp->nm_timeo *= 10;
+ nmp->nm_timeo += (val + 100000000 - 1) / 100000000;
+ /* now convert to ticks */
+ nmp->nm_timeo = (nmp->nm_timeo * NFS_HZ + 5) / 10;
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SOFT_RETRY_COUNT)) {
+ xb_get_32(error, &xb, val);
+ if (!error && (val > 1)) {
+ nmp->nm_retry = val;
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_DEAD_TIMEOUT)) {
+ xb_get_32(error, &xb, nmp->nm_deadtimeout);
+ xb_skip(error, &xb, XDRWORD);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_FH)) {
+ nfsmerr_if(error);
+ MALLOC(nmp->nm_fh, fhandle_t *, sizeof(fhandle_t), M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_fh) {
+ error = ENOMEM;
+ }
+ xb_get_32(error, &xb, nmp->nm_fh->fh_len);
+ nfsmerr_if(error);
+ if ((size_t)nmp->nm_fh->fh_len > sizeof(nmp->nm_fh->fh_data)) {
+ error = EINVAL;
+ } else {
+ error = xb_get_bytes(&xb, (char*)&nmp->nm_fh->fh_data[0], nmp->nm_fh->fh_len, 0);
+ }
+ }
+ nfsmerr_if(error);
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_FS_LOCATIONS)) {
+ uint32_t loc, serv, addr, comp;
+ struct nfs_fs_location *fsl;
+ struct nfs_fs_server *fss;
+ struct nfs_fs_path *fsp;
+
+ xb_get_32(error, &xb, nmp->nm_locations.nl_numlocs); /* fs location count */
+ /* sanity check location count */
+ if (!error && ((nmp->nm_locations.nl_numlocs < 1) || (nmp->nm_locations.nl_numlocs > 256))) {
+ NFS_VFS_DBG("Invalid number of fs_locations: %d", nmp->nm_locations.nl_numlocs);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(nmp->nm_locations.nl_locations, struct nfs_fs_location **, nmp->nm_locations.nl_numlocs * sizeof(struct nfs_fs_location*), M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_locations.nl_locations) {
+ error = ENOMEM;
+ }
+ for (loc = 0; loc < nmp->nm_locations.nl_numlocs; loc++) {
+ nfsmerr_if(error);
+ MALLOC(fsl, struct nfs_fs_location *, sizeof(struct nfs_fs_location), M_TEMP, M_WAITOK | M_ZERO);
+ if (!fsl) {
+ error = ENOMEM;
+ }
+ nmp->nm_locations.nl_locations[loc] = fsl;
+ xb_get_32(error, &xb, fsl->nl_servcount); /* server count */
+ /* sanity check server count */
+ if (!error && ((fsl->nl_servcount < 1) || (fsl->nl_servcount > 256))) {
+ NFS_VFS_DBG("Invalid server count %d", fsl->nl_servcount);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(fsl->nl_servers, struct nfs_fs_server **, fsl->nl_servcount * sizeof(struct nfs_fs_server*), M_TEMP, M_WAITOK | M_ZERO);
+ if (!fsl->nl_servers) {
+ error = ENOMEM;
+ NFS_VFS_DBG("Server count = %d, error = %d\n", fsl->nl_servcount, error);
+ }
+ for (serv = 0; serv < fsl->nl_servcount; serv++) {
+ nfsmerr_if(error);
+ MALLOC(fss, struct nfs_fs_server *, sizeof(struct nfs_fs_server), M_TEMP, M_WAITOK | M_ZERO);
+ if (!fss) {
+ error = ENOMEM;
+ }
+ fsl->nl_servers[serv] = fss;
+ xb_get_32(error, &xb, val); /* server name length */
+ /* sanity check server name length */
+ if (!error && (val > MAXPATHLEN)) {
+ NFS_VFS_DBG("Invalid server name length %d", val);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(fss->ns_name, char *, val + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!fss->ns_name) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, fss->ns_name, val, 0); /* server name */
+ xb_get_32(error, &xb, fss->ns_addrcount); /* address count */
+ /* sanity check address count (OK to be zero) */
+ if (!error && (fss->ns_addrcount > 256)) {
+ NFS_VFS_DBG("Invalid address count %d", fss->ns_addrcount);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ if (fss->ns_addrcount > 0) {
+ MALLOC(fss->ns_addresses, char **, fss->ns_addrcount * sizeof(char *), M_TEMP, M_WAITOK | M_ZERO);
+ if (!fss->ns_addresses) {
+ error = ENOMEM;
+ }
+ for (addr = 0; addr < fss->ns_addrcount; addr++) {
+ xb_get_32(error, &xb, val); /* address length */
+ /* sanity check address length */
+ if (!error && val > 128) {
+ NFS_VFS_DBG("Invalid address length %d", val);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(fss->ns_addresses[addr], char *, val + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!fss->ns_addresses[addr]) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, fss->ns_addresses[addr], val, 0); /* address */
+ }
+ }
+ xb_get_32(error, &xb, val); /* server info length */
+ xb_skip(error, &xb, val); /* skip server info */
+ }
+ /* get pathname */
+ fsp = &fsl->nl_path;
+ xb_get_32(error, &xb, fsp->np_compcount); /* component count */
+ /* sanity check component count */
+ if (!error && (fsp->np_compcount > MAXPATHLEN)) {
+ NFS_VFS_DBG("Invalid component count %d", fsp->np_compcount);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ if (fsp->np_compcount) {
+ MALLOC(fsp->np_components, char **, fsp->np_compcount * sizeof(char*), M_TEMP, M_WAITOK | M_ZERO);
+ if (!fsp->np_components) {
+ error = ENOMEM;
+ }
+ }
+ for (comp = 0; comp < fsp->np_compcount; comp++) {
+ xb_get_32(error, &xb, val); /* component length */
+ /* sanity check component length */
+ if (!error && (val == 0)) {
+ /*
+ * Apparently some people think a path with zero components should
+ * be encoded with one zero-length component. So, just ignore any
+ * zero length components.
+ */
+ comp--;
+ fsp->np_compcount--;
+ if (fsp->np_compcount == 0) {
+ FREE(fsp->np_components, M_TEMP);
+ fsp->np_components = NULL;
+ }
+ continue;
+ }
+ if (!error && ((val < 1) || (val > MAXPATHLEN))) {
+ NFS_VFS_DBG("Invalid component path length %d", val);
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(fsp->np_components[comp], char *, val + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!fsp->np_components[comp]) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, fsp->np_components[comp], val, 0); /* component */
+ }
+ xb_get_32(error, &xb, val); /* fs location info length */
+ NFS_VFS_DBG("Skipping fs location info bytes %d", val);
+ xb_skip(error, &xb, xdr_rndup(val)); /* skip fs location info */
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MNTFLAGS)) {
+ xb_skip(error, &xb, XDRWORD);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MNTFROM)) {
+ xb_get_32(error, &xb, len);
+ nfsmerr_if(error);
+ val = len;
+ if (val >= sizeof(vfs_statfs(mp)->f_mntfromname)) {
+ val = sizeof(vfs_statfs(mp)->f_mntfromname) - 1;
+ }
+ error = xb_get_bytes(&xb, vfs_statfs(mp)->f_mntfromname, val, 0);
+ if ((len - val) > 0) {
+ xb_skip(error, &xb, len - val);
+ }
+ nfsmerr_if(error);
+ vfs_statfs(mp)->f_mntfromname[val] = '\0';
+ }
+ nfsmerr_if(error);
+
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_REALM)) {
+ xb_get_32(error, &xb, len);
+ if (!error && ((len < 1) || (len > MAXPATHLEN))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ /* allocate an extra byte for a leading '@' if its not already prepended to the realm */
+ MALLOC(nmp->nm_realm, char *, len + 2, M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_realm) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, nmp->nm_realm, len, 0);
+ if (error == 0 && *nmp->nm_realm != '@') {
+ bcopy(nmp->nm_realm, &nmp->nm_realm[1], len);
+ nmp->nm_realm[0] = '@';
+ }
+ }
+ nfsmerr_if(error);
+
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_PRINCIPAL)) {
+ xb_get_32(error, &xb, len);
+ if (!error && ((len < 1) || (len > MAXPATHLEN))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(nmp->nm_principal, char *, len + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_principal) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, nmp->nm_principal, len, 0);
+ }
+ nfsmerr_if(error);
+
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SVCPRINCIPAL)) {
+ xb_get_32(error, &xb, len);
+ if (!error && ((len < 1) || (len > MAXPATHLEN))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(nmp->nm_sprinc, char *, len + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_sprinc) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, nmp->nm_sprinc, len, 0);
+ }
+ nfsmerr_if(error);
+
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_LOCAL_NFS_PORT)) {
+ if (nmp->nm_nfsport) {
+ error = EINVAL;
+ NFS_VFS_DBG("Can't have ports specified over incompatible socket families");
+ }
+ nfsmerr_if(error);
+ xb_get_32(error, &xb, len);
+ if (!error && ((len < 1) || (len > sizeof(((struct sockaddr_un *)0)->sun_path)))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(nmp->nm_nfs_localport, char *, len + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_nfs_localport) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, nmp->nm_nfs_localport, len, 0);
+ nmp->nm_sofamily = AF_LOCAL;
+ nmp->nm_nfsport = 1; /* We use the now deprecated tpcmux port to indcate that we have an AF_LOCAL port */
+ NFS_VFS_DBG("Setting nfs local port %s (%d)\n", nmp->nm_nfs_localport, nmp->nm_nfsport);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_LOCAL_MOUNT_PORT)) {
+ if (nmp->nm_mountport) {
+ error = EINVAL;
+ NFS_VFS_DBG("Can't have ports specified over mulitple socket families");
+ }
+ nfsmerr_if(error);
+ xb_get_32(error, &xb, len);
+ if (!error && ((len < 1) || (len > sizeof(((struct sockaddr_un *)0)->sun_path)))) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+ MALLOC(nmp->nm_mount_localport, char *, len + 1, M_TEMP, M_WAITOK | M_ZERO);
+ if (!nmp->nm_mount_localport) {
+ error = ENOMEM;
+ }
+ nfsmerr_if(error);
+ error = xb_get_bytes(&xb, nmp->nm_mount_localport, len, 0);
+ nmp->nm_sofamily = AF_LOCAL;
+ nmp->nm_mountport = 1; /* We use the now deprecated tpcmux port to indcate that we have an AF_LOCAL port */
+ NFS_VFS_DBG("Setting mount local port %s (%d)\n", nmp->nm_mount_localport, nmp->nm_mountport);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SET_MOUNT_OWNER)) {
+ xb_get_32(error, &xb, set_owner);
+ nfsmerr_if(error);
+ error = vfs_context_suser(ctx);
+ /*
+ * root can set owner to whatever, user can set owner to self
+ */
+ if ((error) && (set_owner == kauth_cred_getuid(vfs_context_ucred(ctx)))) {
+ /* ok for non-root can set owner to self */
+ error = 0;
+ }
+ nfsmerr_if(error);
+ }
+
+ /*
+ * Sanity check/finalize settings.
+ */
+
+ if (nmp->nm_timeo < NFS_MINTIMEO) {
+ nmp->nm_timeo = NFS_MINTIMEO;
+ } else if (nmp->nm_timeo > NFS_MAXTIMEO) {
+ nmp->nm_timeo = NFS_MAXTIMEO;
+ }
+ if (nmp->nm_retry > NFS_MAXREXMIT) {
+ nmp->nm_retry = NFS_MAXREXMIT;
+ }
+
+ if (nmp->nm_numgrps > NFS_MAXGRPS) {
+ nmp->nm_numgrps = NFS_MAXGRPS;
+ }
+ if (nmp->nm_readahead > NFS_MAXRAHEAD) {
+ nmp->nm_readahead = NFS_MAXRAHEAD;
+ }
+ if (nmp->nm_acregmin > nmp->nm_acregmax) {
+ nmp->nm_acregmin = nmp->nm_acregmax;
+ }
+ if (nmp->nm_acdirmin > nmp->nm_acdirmax) {
+ nmp->nm_acdirmin = nmp->nm_acdirmax;
+ }
+
+ /* need at least one fs location */
+ if (nmp->nm_locations.nl_numlocs < 1) {
+ error = EINVAL;
+ }
+ nfsmerr_if(error);
+
+ if (!NM_OMATTR_GIVEN(nmp, MNTFROM)) {
+ /* init mount's mntfromname to first location */
+ nfs_location_mntfromname(&nmp->nm_locations, firstloc,
+ vfs_statfs(mp)->f_mntfromname,
+ sizeof(vfs_statfs(mp)->f_mntfromname), 0);
+ }
+
+ /* Need to save the mounting credential for v4. */
+ nmp->nm_mcred = vfs_context_ucred(ctx);
+ if (IS_VALID_CRED(nmp->nm_mcred)) {
+ kauth_cred_ref(nmp->nm_mcred);
+ }
+
+ /*
+ * If a reserved port is required, check for that privilege.
+ * (Note that mirror mounts are exempt because the privilege was
+ * already checked for the original mount.)
+ */
+ if (NMFLAG(nmp, RESVPORT) && !vfs_iskernelmount(mp)) {
+ error = priv_check_cred(nmp->nm_mcred, PRIV_NETINET_RESERVEDPORT, 0);
+ }
+ nfsmerr_if(error);
+
+ /* set up the version-specific function tables */
+ if (nmp->nm_vers < NFS_VER4) {
+ nmp->nm_funcs = &nfs3_funcs;
+ } else {
+#if CONFIG_NFS4
+ nmp->nm_funcs = &nfs4_funcs;
+#else
+ /* don't go any further if we don't support NFS4 */
+ nmp->nm_funcs = NULL;
+ error = ENOTSUP;
+ nfsmerr_if(error);
+#endif
+ }
+
+ /* do mount's initial socket connection */
+ error = nfs_mount_connect(nmp);
+ nfsmerr_if(error);
+
+ /* sanity check settings now that version/connection is set */
+ if (nmp->nm_vers == NFS_VER2) { /* ignore RDIRPLUS on NFSv2 */
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_RDIRPLUS);
+ }
+#if CONFIG_NFS4
+ if (nmp->nm_vers >= NFS_VER4) {
+ if (NFS_BITMAP_ISSET(nmp->nm_flags, NFS_MFLAG_ACLONLY)) { /* aclonly trumps noacl */
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_NOACL);
+ }
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_CALLUMNT);
+ if (nmp->nm_lockmode != NFS_LOCK_MODE_ENABLED) {
+ error = EINVAL; /* disabled/local lock mode only allowed on v2/v3 */
+ }
+ } else {
+#endif
+ /* ignore these if not v4 */
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_NOCALLBACK);
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_NAMEDATTR);
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_NOACL);
+ NFS_BITMAP_CLR(nmp->nm_flags, NFS_MFLAG_ACLONLY);
+#if CONFIG_NFS4
+}
+#endif
+ nfsmerr_if(error);
+
+ if (nmp->nm_sotype == SOCK_DGRAM) {
+ /* I/O size defaults for UDP are different */
+ if (!NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READ_SIZE)) {
+ nmp->nm_rsize = NFS_DGRAM_RSIZE;
+ }
+ if (!NFS_BITMAP_ISSET(mattrs, NFS_MATTR_WRITE_SIZE)) {
+ nmp->nm_wsize = NFS_DGRAM_WSIZE;
+ }
+ }
+
+ /* round down I/O sizes to multiple of NFS_FABLKSIZE */
+ nmp->nm_rsize &= ~(NFS_FABLKSIZE - 1);
+ if (nmp->nm_rsize <= 0) {
+ nmp->nm_rsize = NFS_FABLKSIZE;
+ }
+ nmp->nm_wsize &= ~(NFS_FABLKSIZE - 1);
+ if (nmp->nm_wsize <= 0) {
+ nmp->nm_wsize = NFS_FABLKSIZE;
+ }
+
+ /* and limit I/O sizes to maximum allowed */
+ maxio = (nmp->nm_vers == NFS_VER2) ? NFS_V2MAXDATA :
+ (nmp->nm_sotype == SOCK_DGRAM) ? NFS_MAXDGRAMDATA : NFS_MAXDATA;
+ if (maxio > NFS_MAXBSIZE) {
+ maxio = NFS_MAXBSIZE;
+ }
+ if (nmp->nm_rsize > maxio) {
+ nmp->nm_rsize = maxio;
+ }
+ if (nmp->nm_wsize > maxio) {
+ nmp->nm_wsize = maxio;
+ }
+
+ if (nmp->nm_readdirsize > maxio) {
+ nmp->nm_readdirsize = maxio;
+ }
+ if (nmp->nm_readdirsize > nmp->nm_rsize) {
+ nmp->nm_readdirsize = nmp->nm_rsize;
+ }
+
+ /* Set up the sockets and related info */
+ if (nmp->nm_sotype == SOCK_DGRAM) {
+ TAILQ_INIT(&nmp->nm_cwndq);
+ }
+
+ if (nmp->nm_saddr->sa_family == AF_LOCAL) {
+ struct sockaddr_un *un = (struct sockaddr_un *)nmp->nm_saddr;
+ size_t size;
+ int n = snprintf(vfs_statfs(mp)->f_mntfromname, sizeof(vfs_statfs(mp)->f_mntfromname), "<%s>:", un->sun_path);
+
+ if (n > 0 && (size_t)n < sizeof(vfs_statfs(mp)->f_mntfromname)) {
+ size = sizeof(vfs_statfs(mp)->f_mntfromname) - n;
+ nfs_location_mntfromname(&nmp->nm_locations, firstloc,
+ &vfs_statfs(mp)->f_mntfromname[n], size, 1);
+ }
+ }
+
+
+ /*
+ * Get the root node/attributes from the NFS server and
+ * do any basic, version-specific setup.
+ */
+ error = nmp->nm_funcs->nf_mount(nmp, ctx, &np);
+ nfsmerr_if(error);
+
+ /*
+ * A reference count is needed on the node representing the
+ * remote root. If this object is not persistent, then backward
+ * traversals of the mount point (i.e. "..") will not work if
+ * the node gets flushed out of the cache.
+ */
+ nmp->nm_dnp = np;
+ *vpp = NFSTOV(np);
+
+
+ /* get usecount and drop iocount */
+ error = vnode_ref(*vpp);
+ vnode_put(*vpp);
+ if (error) {
+ vnode_recycle(*vpp);
+ goto nfsmerr;
+ }
+
+ /*
+ * Do statfs to ensure static info gets set to reasonable values.
+ */
+ if ((error = nmp->nm_funcs->nf_update_statfs(nmp, ctx))) {
+ int error2 = vnode_getwithref(*vpp);
+ vnode_rele(*vpp);
+ if (!error2) {
+ vnode_put(*vpp);
+ }
+ vnode_recycle(*vpp);
+ goto nfsmerr;
+ }
+ sbp = vfs_statfs(mp);
+ sbp->f_bsize = nmp->nm_fsattr.nfsa_bsize;
+ sbp->f_blocks = nmp->nm_fsattr.nfsa_space_total / sbp->f_bsize;
+ sbp->f_bfree = nmp->nm_fsattr.nfsa_space_free / sbp->f_bsize;
+ sbp->f_bavail = nmp->nm_fsattr.nfsa_space_avail / sbp->f_bsize;
+ sbp->f_bused = (nmp->nm_fsattr.nfsa_space_total / sbp->f_bsize) -
+ (nmp->nm_fsattr.nfsa_space_free / sbp->f_bsize);
+ sbp->f_files = nmp->nm_fsattr.nfsa_files_total;
+ sbp->f_ffree = nmp->nm_fsattr.nfsa_files_free;
+ sbp->f_iosize = nfs_iosize;
+
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SET_MOUNT_OWNER)) {
+ sbp->f_owner = set_owner;
+ }
+
+ /*
+ * Calculate the size used for I/O buffers. Use the larger
+ * of the two sizes to minimise NFS requests but make sure
+ * that it is at least one VM page to avoid wasting buffer
+ * space and to allow easy mmapping of I/O buffers.
+ * The read/write RPC calls handle the splitting up of
+ * buffers into multiple requests if the buffer size is
+ * larger than the I/O size.
+ */
+ iosize = max(nmp->nm_rsize, nmp->nm_wsize);
+ if (iosize < PAGE_SIZE) {
+ iosize = PAGE_SIZE;
+ }
+ nmp->nm_biosize = trunc_page_32(iosize);
+
+ /* For NFSv3 and greater, there is a (relatively) reliable ACCESS call. */
+ if (nmp->nm_vers > NFS_VER2 && !NMFLAG(nmp, NOOPAQUE_AUTH)
+ ) {
+ vfs_setauthopaqueaccess(mp);
+ }
+
+ switch (nmp->nm_lockmode) {
+ case NFS_LOCK_MODE_DISABLED:
+ break;
+ case NFS_LOCK_MODE_LOCAL:
+ vfs_setlocklocal(nmp->nm_mountp);
+ break;
+ case NFS_LOCK_MODE_ENABLED:
+ default:
+ if (nmp->nm_vers <= NFS_VER3) {
+ nfs_lockd_mount_register(nmp);
+ }
+ break;
+ }
+
+
+ /* success! */
+ lck_mtx_lock(&nmp->nm_lock);
+ nmp->nm_state |= NFSSTA_MOUNTED;
+ lck_mtx_unlock(&nmp->nm_lock);
+ return 0;
+nfsmerr:
+ nfs_mount_drain_and_cleanup(nmp);
+ return error;
+}
+
+#if CONFIG_TRIGGERS
+
+/*
+ * We've detected a file system boundary on the server and
+ * need to mount a new file system so that our file systems
+ * MIRROR the file systems on the server.
+ *
+ * Build the mount arguments for the new mount and call kernel_mount().
+ */
+int
+nfs_mirror_mount_domount(vnode_t dvp, vnode_t vp, vfs_context_t ctx)
+{
+ nfsnode_t np = VTONFS(vp);
+#if CONFIG_NFS4
+ nfsnode_t dnp = VTONFS(dvp);
+#endif
+ struct nfsmount *nmp = NFSTONMP(np);
+ char fstype[MFSTYPENAMELEN], *mntfromname = NULL, *path = NULL, *relpath, *p, *cp;
+ int error = 0, pathbuflen = MAXPATHLEN, i, mntflags = 0, referral, skipcopy = 0;
+ size_t nlen;
+ struct xdrbuf xb, xbnew;
+ uint32_t mattrs[NFS_MATTR_BITMAP_LEN];
+ uint32_t newmattrs[NFS_MATTR_BITMAP_LEN];
+ uint32_t newmflags[NFS_MFLAG_BITMAP_LEN];
+ uint32_t newmflags_mask[NFS_MFLAG_BITMAP_LEN];
+ uint32_t argslength = 0, val, count, mlen, mlen2, rlen, relpathcomps;
+ uint32_t argslength_offset, attrslength_offset, end_offset;
+ uint32_t numlocs, loc, numserv, serv, numaddr, addr, numcomp, comp;
+ char buf[XDRWORD];
+ struct nfs_fs_locations nfsls;
+
+ referral = (np->n_vattr.nva_flags & NFS_FFLAG_TRIGGER_REFERRAL);
+ if (referral) {
+ bzero(&nfsls, sizeof(nfsls));
+ }
+
+ xb_init(&xbnew, XDRBUF_NONE);
+
+ if (!nmp || (nmp->nm_state & (NFSSTA_FORCE | NFSSTA_DEAD))) {
+ return ENXIO;
+ }
+
+ /* allocate a couple path buffers we need */
+ MALLOC_ZONE(mntfromname, char *, pathbuflen, M_NAMEI, M_WAITOK);
+ if (!mntfromname) {
+ error = ENOMEM;
+ goto nfsmerr;
+ }
+ MALLOC_ZONE(path, char *, pathbuflen, M_NAMEI, M_WAITOK);
+ if (!path) {
+ error = ENOMEM;
+ goto nfsmerr;
+ }
+
+ /* get the path for the directory being mounted on */
+ error = vn_getpath(vp, path, &pathbuflen);
+ if (error) {
+ error = ENOMEM;
+ goto nfsmerr;
+ }
+
+ /*
+ * Set up the mntfromname for the new mount based on the
+ * current mount's mntfromname and the directory's path
+ * relative to the current mount's mntonname.
+ * Set up relpath to point at the relative path on the current mount.
+ * Also, count the number of components in relpath.
+ * We'll be adding those to each fs location path in the new args.
+ */
+ nlen = strlcpy(mntfromname, vfs_statfs(nmp->nm_mountp)->f_mntfromname, MAXPATHLEN);
+ if ((nlen > 0) && (mntfromname[nlen - 1] == '/')) { /* avoid double '/' in new name */
+ mntfromname[nlen - 1] = '\0';
+ nlen--;
+ }
+ relpath = mntfromname + nlen;
+ nlen = strlcat(mntfromname, path + strlen(vfs_statfs(nmp->nm_mountp)->f_mntonname), MAXPATHLEN);
+ if (nlen >= MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ goto nfsmerr;
+ }
+ /* count the number of components in relpath */
+ p = relpath;
+ while (*p && (*p == '/')) {
+ p++;
+ }
+ relpathcomps = 0;
+ while (*p) {
+ relpathcomps++;
+ while (*p && (*p != '/')) {
+ p++;
+ }
+ while (*p && (*p == '/')) {
+ p++;
+ }
+ }
+
+ /* grab a copy of the file system type */
+ vfs_name(vnode_mount(vp), fstype);
+
+ /* for referrals, fetch the fs locations */
+ if (referral) {
+ const char *vname = vnode_getname(NFSTOV(np));
+ if (!vname) {
+ error = ENOENT;
+ }
+#if CONFIG_NFS4
+ else {
+ error = nfs4_get_fs_locations(nmp, dnp, NULL, 0, vname, ctx, &nfsls);
+ vnode_putname(vname);
+ if (!error && (nfsls.nl_numlocs < 1)) {
+ error = ENOENT;
+ }
+ }
+#endif
+ nfsmerr_if(error);
+ }
+
+ /* set up NFS mount args based on current mount args */
+
+#define xb_copy_32(E, XBSRC, XBDST, V) \
+ do { \
+ if (E) break; \
+ xb_get_32((E), (XBSRC), (V)); \
+ if (skipcopy) break; \
+ xb_add_32((E), (XBDST), (V)); \
+ } while (0)
+#define xb_copy_opaque(E, XBSRC, XBDST) \
+ do { \
+ uint32_t __count, __val; \
+ xb_copy_32((E), (XBSRC), (XBDST), __count); \
+ if (E) break; \
+ __count = nfsm_rndup(__count); \
+ __count /= XDRWORD; \
+ while (__count-- > 0) \
+ xb_copy_32((E), (XBSRC), (XBDST), __val); \
+ } while (0)
+
+ xb_init_buffer(&xb, nmp->nm_args, 2 * XDRWORD);
+ xb_get_32(error, &xb, val); /* version */
+ xb_get_32(error, &xb, argslength); /* args length */
+ xb_init_buffer(&xb, nmp->nm_args, argslength);
+
+ xb_init_buffer(&xbnew, NULL, 0);
+ xb_copy_32(error, &xb, &xbnew, val); /* version */
+ argslength_offset = xb_offset(&xbnew);
+ xb_copy_32(error, &xb, &xbnew, val); /* args length */
+ xb_copy_32(error, &xb, &xbnew, val); /* XDR args version */
+ count = NFS_MATTR_BITMAP_LEN;
+ xb_get_bitmap(error, &xb, mattrs, count); /* mount attribute bitmap */
+ nfsmerr_if(error);
+ for (i = 0; i < NFS_MATTR_BITMAP_LEN; i++) {
+ newmattrs[i] = mattrs[i];
+ }
+ if (referral) {
+ NFS_BITMAP_SET(newmattrs, NFS_MATTR_FS_LOCATIONS);
+ NFS_BITMAP_CLR(newmattrs, NFS_MATTR_MNTFROM);
+ } else {
+ NFS_BITMAP_SET(newmattrs, NFS_MATTR_FH);
+ }
+ NFS_BITMAP_SET(newmattrs, NFS_MATTR_FLAGS);
+ NFS_BITMAP_SET(newmattrs, NFS_MATTR_MNTFLAGS);
+ NFS_BITMAP_SET(newmattrs, NFS_MATTR_SET_MOUNT_OWNER);
+ xb_add_bitmap(error, &xbnew, newmattrs, NFS_MATTR_BITMAP_LEN);
+ attrslength_offset = xb_offset(&xbnew);
+ xb_copy_32(error, &xb, &xbnew, val); /* attrs length */
+ NFS_BITMAP_ZERO(newmflags_mask, NFS_MFLAG_BITMAP_LEN);
+ NFS_BITMAP_ZERO(newmflags, NFS_MFLAG_BITMAP_LEN);
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_FLAGS)) {
+ count = NFS_MFLAG_BITMAP_LEN;
+ xb_get_bitmap(error, &xb, newmflags_mask, count); /* mount flag mask bitmap */
+ count = NFS_MFLAG_BITMAP_LEN;
+ xb_get_bitmap(error, &xb, newmflags, count); /* mount flag bitmap */
+ }
+ NFS_BITMAP_SET(newmflags_mask, NFS_MFLAG_EPHEMERAL);
+ NFS_BITMAP_SET(newmflags, NFS_MFLAG_EPHEMERAL);
+ xb_add_bitmap(error, &xbnew, newmflags_mask, NFS_MFLAG_BITMAP_LEN);
+ xb_add_bitmap(error, &xbnew, newmflags, NFS_MFLAG_BITMAP_LEN);
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_VERSION)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_MINOR_VERSION)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_VERSION_RANGE)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READ_SIZE)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_WRITE_SIZE)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READDIR_SIZE)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_READAHEAD)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_REG_MIN)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_REG_MAX)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_DIR_MIN)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_ATTRCACHE_DIR_MAX)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_LOCK_MODE)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SECURITY)) {
+ xb_copy_32(error, &xb, &xbnew, count);
+ while (!error && (count-- > 0)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_KERB_ETYPE)) {
+ xb_copy_32(error, &xb, &xbnew, count);
+ xb_add_32(error, &xbnew, -1);
+ while (!error && (count-- > 0)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MAX_GROUP_LIST)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SOCKET_TYPE)) {
+ xb_copy_opaque(error, &xb, &xbnew);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_NFS_PORT)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MOUNT_PORT)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_REQUEST_TIMEOUT)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SOFT_RETRY_COUNT)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_DEAD_TIMEOUT)) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_FH)) {
+ xb_get_32(error, &xb, count);
+ xb_skip(error, &xb, count);
+ }
+ if (!referral) {
+ /* set the initial file handle to the directory's file handle */
+ xb_add_fh(error, &xbnew, np->n_fhp, np->n_fhsize);
+ }
+ /* copy/extend/skip fs locations */
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_FS_LOCATIONS)) {
+ numlocs = numserv = numaddr = numcomp = 0;
+ if (referral) { /* don't copy the fs locations for a referral */
+ skipcopy = 1;
+ }
+ xb_copy_32(error, &xb, &xbnew, numlocs); /* location count */
+ for (loc = 0; !error && (loc < numlocs); loc++) {
+ xb_copy_32(error, &xb, &xbnew, numserv); /* server count */
+ for (serv = 0; !error && (serv < numserv); serv++) {
+ xb_copy_opaque(error, &xb, &xbnew); /* server name */
+ xb_copy_32(error, &xb, &xbnew, numaddr); /* address count */
+ for (addr = 0; !error && (addr < numaddr); addr++) {
+ xb_copy_opaque(error, &xb, &xbnew); /* address */
+ }
+ xb_copy_opaque(error, &xb, &xbnew); /* server info */
+ }
+ /* pathname */
+ xb_get_32(error, &xb, numcomp); /* component count */
+ if (!skipcopy) {
+ uint64_t totalcomps = numcomp + relpathcomps;
+
+ /* set error to ERANGE in the event of overflow */
+ if (totalcomps > UINT32_MAX) {
+ nfsmerr_if((error = ERANGE));
+ }
+
+ xb_add_32(error, &xbnew, (uint32_t) totalcomps); /* new component count */
+ }
+ for (comp = 0; !error && (comp < numcomp); comp++) {
+ xb_copy_opaque(error, &xb, &xbnew); /* component */
+ }
+ /* add additional components */
+ p = relpath;
+ while (*p && (*p == '/')) {
+ p++;
+ }
+ while (*p && !error) {
+ cp = p;
+ while (*p && (*p != '/')) {
+ p++;
+ }
+ xb_add_string(error, &xbnew, cp, (p - cp)); /* component */
+ while (*p && (*p == '/')) {
+ p++;
+ }
+ }
+ xb_copy_opaque(error, &xb, &xbnew); /* fs location info */
+ }
+ if (referral) {
+ skipcopy = 0;
+ }
+ }
+ if (referral) {
+ /* add referral's fs locations */
+ xb_add_32(error, &xbnew, nfsls.nl_numlocs); /* FS_LOCATIONS */
+ for (loc = 0; !error && (loc < nfsls.nl_numlocs); loc++) {
+ xb_add_32(error, &xbnew, nfsls.nl_locations[loc]->nl_servcount);
+ for (serv = 0; !error && (serv < nfsls.nl_locations[loc]->nl_servcount); serv++) {
+ xb_add_string(error, &xbnew, nfsls.nl_locations[loc]->nl_servers[serv]->ns_name,
+ strlen(nfsls.nl_locations[loc]->nl_servers[serv]->ns_name));
+ xb_add_32(error, &xbnew, nfsls.nl_locations[loc]->nl_servers[serv]->ns_addrcount);
+ for (addr = 0; !error && (addr < nfsls.nl_locations[loc]->nl_servers[serv]->ns_addrcount); addr++) {
+ xb_add_string(error, &xbnew, nfsls.nl_locations[loc]->nl_servers[serv]->ns_addresses[addr],
+ strlen(nfsls.nl_locations[loc]->nl_servers[serv]->ns_addresses[addr]));
+ }
+ xb_add_32(error, &xbnew, 0); /* empty server info */
+ }
+ xb_add_32(error, &xbnew, nfsls.nl_locations[loc]->nl_path.np_compcount);
+ for (comp = 0; !error && (comp < nfsls.nl_locations[loc]->nl_path.np_compcount); comp++) {
+ xb_add_string(error, &xbnew, nfsls.nl_locations[loc]->nl_path.np_components[comp],
+ strlen(nfsls.nl_locations[loc]->nl_path.np_components[comp]));
+ }
+ xb_add_32(error, &xbnew, 0); /* empty fs location info */
+ }
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MNTFLAGS)) {
+ xb_get_32(error, &xb, mntflags);
+ }
+ /*
+ * We add the following mount flags to the ones for the mounted-on mount:
+ * MNT_DONTBROWSE - to keep the mount from showing up as a separate volume
+ * MNT_AUTOMOUNTED - to keep DiskArb from retriggering the mount after
+ * an unmount (looking for /.autodiskmounted)
+ */
+ mntflags |= (MNT_AUTOMOUNTED | MNT_DONTBROWSE);
+ xb_add_32(error, &xbnew, mntflags);
+ if (!referral && NFS_BITMAP_ISSET(mattrs, NFS_MATTR_MNTFROM)) {
+ /* copy mntfrom string and add relpath */
+ rlen = strlen(relpath);
+ xb_get_32(error, &xb, mlen);
+ nfsmerr_if(error);
+ mlen2 = mlen + ((relpath[0] != '/') ? 1 : 0) + rlen;
+ xb_add_32(error, &xbnew, mlen2);
+ count = mlen / XDRWORD;
+ /* copy the original string */
+ while (count-- > 0) {
+ xb_copy_32(error, &xb, &xbnew, val);
+ }
+ if (!error && (mlen % XDRWORD)) {
+ error = xb_get_bytes(&xb, buf, mlen % XDRWORD, 0);
+ if (!error) {
+ error = xb_add_bytes(&xbnew, buf, mlen % XDRWORD, 1);
+ }
+ }
+ /* insert a '/' if the relative path doesn't start with one */
+ if (!error && (relpath[0] != '/')) {
+ buf[0] = '/';
+ error = xb_add_bytes(&xbnew, buf, 1, 1);
+ }
+ /* add the additional relative path */
+ if (!error) {
+ error = xb_add_bytes(&xbnew, relpath, rlen, 1);
+ }
+ /* make sure the resulting string has the right number of pad bytes */
+ if (!error && (mlen2 != nfsm_rndup(mlen2))) {
+ bzero(buf, sizeof(buf));
+ count = nfsm_rndup(mlen2) - mlen2;
+ error = xb_add_bytes(&xbnew, buf, count, 1);
+ }
+ }
+ /*
+ * The following string copies rely on the fact that we already validated
+ * these data when creating the initial mount point.
+ */
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_REALM)) {
+ xb_add_string(error, &xbnew, nmp->nm_realm, strlen(nmp->nm_realm));
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_PRINCIPAL)) {
+ xb_add_string(error, &xbnew, nmp->nm_principal, strlen(nmp->nm_principal));
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SVCPRINCIPAL)) {
+ xb_add_string(error, &xbnew, nmp->nm_sprinc, strlen(nmp->nm_sprinc));
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_LOCAL_NFS_PORT)) {
+ xb_add_string(error, &xbnew, nmp->nm_nfs_localport, strlen(nmp->nm_nfs_localport));
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_LOCAL_MOUNT_PORT)) {
+ xb_add_string(error, &xbnew, nmp->nm_mount_localport, strlen(nmp->nm_mount_localport));
+ }
+ if (NFS_BITMAP_ISSET(mattrs, NFS_MATTR_SET_MOUNT_OWNER)) {
+ /* drop embedded owner value */
+ xb_get_32(error, &xb, count);
+ }
+ /* New mount always gets same owner as this mount */
+ xb_add_32(error, &xbnew, vnode_mount(vp)->mnt_vfsstat.f_owner);
+ xb_build_done(error, &xbnew);
+
+ /* update opaque counts */
+ end_offset = xb_offset(&xbnew);
+ if (!error) {
+ error = xb_seek(&xbnew, argslength_offset);
+ argslength = end_offset - argslength_offset + XDRWORD /*version*/;
+ xb_add_32(error, &xbnew, argslength);
+ }
+ if (!error) {
+ error = xb_seek(&xbnew, attrslength_offset);
+ xb_add_32(error, &xbnew, end_offset - attrslength_offset - XDRWORD /*don't include length field*/);
+ }
+ nfsmerr_if(error);
+
+ /*
+ * For kernel_mount() call, use the existing mount flags (instead of the
+ * original flags) because flags like MNT_NOSUID and MNT_NODEV may have
+ * been silently enforced. Also, in terms of MACF, the _kernel_ is
+ * performing the mount (and enforcing all of the mount options), so we
+ * use the kernel context for the mount call.
+ */
+ mntflags = vnode_vfsvisflags(vp);
+ mntflags |= (MNT_AUTOMOUNTED | MNT_DONTBROWSE);
+ ctx = vfs_context_kernel();
+
+ /* do the mount */
+ error = kernel_mount(fstype, dvp, vp, path, xb_buffer_base(&xbnew), argslength,
+ mntflags, KERNEL_MOUNT_PERMIT_UNMOUNT | KERNEL_MOUNT_NOAUTH, ctx);
+
+nfsmerr:
+ if (error) {
+ printf("nfs: mirror mount of %s on %s failed (%d)\n",
+ mntfromname, path, error);
+ }
+ /* clean up */
+ xb_cleanup(&xbnew);
+ if (referral) {
+ nfs_fs_locations_cleanup(&nfsls);
+ }
+ if (path) {
+ FREE_ZONE(path, MAXPATHLEN, M_NAMEI);
+ }
+ if (mntfromname) {
+ FREE_ZONE(mntfromname, MAXPATHLEN, M_NAMEI);
+ }
+ if (!error) {
+ nfs_ephemeral_mount_harvester_start();
+ }
+ return error;
+}
+
+/*
+ * trigger vnode functions
+ */
+#define NFS_TRIGGER_DEBUG 1
+
+resolver_result_t
+nfs_mirror_mount_trigger_resolve(
+ vnode_t vp,
+ const struct componentname *cnp,
+ enum path_operation pop,
+ __unused int flags,
+ __unused void *data,
+ vfs_context_t ctx)
+{
+ nfsnode_t np = VTONFS(vp);
+ vnode_t pvp = NULLVP;
+ int error = 0;
+ int didBusy = 0;
+ resolver_result_t result;
+
+ /*
+ * We have a trigger node that doesn't have anything mounted on it yet.
+ * We'll do the mount if either:
+ * (a) this isn't the last component of the path OR
+ * (b) this is an op that looks like it should trigger the mount.
+ */
+ if (cnp->cn_flags & ISLASTCN) {
+ switch (pop) {
+ case OP_MOUNT:
+ case OP_UNMOUNT:
+ case OP_STATFS:
+ case OP_LINK:
+ case OP_UNLINK:
+ case OP_RENAME:
+ case OP_MKNOD:
+ case OP_MKFIFO:
+ case OP_SYMLINK:
+ case OP_ACCESS:
+ case OP_GETATTR:
+ case OP_MKDIR:
+ case OP_RMDIR:
+ case OP_REVOKE:
+ case OP_GETXATTR:
+ case OP_LISTXATTR:
+ /* don't perform the mount for these operations */
+ result = vfs_resolver_result(np->n_trigseq, RESOLVER_NOCHANGE, 0);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger RESOLVE: no change, last %d nameiop %d, seq %d",
+ (cnp->cn_flags & ISLASTCN) ? 1 : 0, cnp->cn_nameiop, np->n_trigseq);
+#endif
+ return result;
+ case OP_OPEN:
+ case OP_CHDIR:
+ case OP_CHROOT:
+ case OP_TRUNCATE:
+ case OP_COPYFILE:
+ case OP_PATHCONF:
+ case OP_READLINK:
+ case OP_SETATTR:
+ case OP_EXCHANGEDATA:
+ case OP_SEARCHFS:
+ case OP_FSCTL:
+ case OP_SETXATTR:
+ case OP_REMOVEXATTR:
+ default:
+ /* go ahead and do the mount */
+ break;
+ }
+ }
+
+ if (vnode_mountedhere(vp) != NULL) {
+ /*
+ * Um... there's already something mounted.
+ * Been there. Done that. Let's just say it succeeded.
+ */
+ error = 0;
+ goto skipmount;
+ }
+
+ if ((error = nfs_node_set_busy(np, vfs_context_thread(ctx)))) {
+ result = vfs_resolver_result(np->n_trigseq, RESOLVER_ERROR, error);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger RESOLVE: busy error %d, last %d nameiop %d, seq %d",
+ error, (cnp->cn_flags & ISLASTCN) ? 1 : 0, cnp->cn_nameiop, np->n_trigseq);
+#endif
+ return result;
+ }
+ didBusy = 1;
+
+ /* Check again, in case the mount happened while we were setting busy */
+ if (vnode_mountedhere(vp) != NULL) {
+ /* Been there. Done that. Let's just say it succeeded. */
+ error = 0;
+ goto skipmount;
+ }
+ nfs_node_lock_force(np);
+ if (np->n_flag & NDISARMTRIGGER) {
+ error = ECANCELED;
+ nfs_node_unlock(np);
+ goto skipmount;
+ }
+ nfs_node_unlock(np);
+
+ pvp = vnode_getparent(vp);
+ if (pvp == NULLVP) {
+ error = EINVAL;
+ }
+ if (!error) {
+ error = nfs_mirror_mount_domount(pvp, vp, ctx);
+ }
+skipmount:
+ if (!error) {
+ np->n_trigseq++;
+ }
+ result = vfs_resolver_result(np->n_trigseq, error ? RESOLVER_ERROR : RESOLVER_RESOLVED, error);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger RESOLVE: %s %d, last %d nameiop %d, seq %d",
+ error ? "error" : "resolved", error,
+ (cnp->cn_flags & ISLASTCN) ? 1 : 0, cnp->cn_nameiop, np->n_trigseq);
+#endif
+
+ if (pvp != NULLVP) {
+ vnode_put(pvp);
+ }
+ if (didBusy) {
+ nfs_node_clear_busy(np);
+ }
+ return result;
+}
+
+resolver_result_t
+nfs_mirror_mount_trigger_unresolve(
+ vnode_t vp,
+ int flags,
+ __unused void *data,
+ vfs_context_t ctx)
+{
+ nfsnode_t np = VTONFS(vp);
+ mount_t mp;
+ int error;
+ resolver_result_t result;
+
+ if ((error = nfs_node_set_busy(np, vfs_context_thread(ctx)))) {
+ result = vfs_resolver_result(np->n_trigseq, RESOLVER_ERROR, error);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger UNRESOLVE: busy error %d, seq %d", error, np->n_trigseq);
+#endif
+ return result;
+ }
+
+ mp = vnode_mountedhere(vp);
+ if (!mp) {
+ error = EINVAL;
+ }
+ if (!error) {
+ error = vfs_unmountbyfsid(&(vfs_statfs(mp)->f_fsid), flags, ctx);
+ }
+ if (!error) {
+ np->n_trigseq++;
+ }
+ result = vfs_resolver_result(np->n_trigseq, error ? RESOLVER_ERROR : RESOLVER_UNRESOLVED, error);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger UNRESOLVE: %s %d, seq %d",
+ error ? "error" : "unresolved", error, np->n_trigseq);
+#endif
+ nfs_node_clear_busy(np);
+ return result;
+}
+
+resolver_result_t
+nfs_mirror_mount_trigger_rearm(
+ vnode_t vp,
+ __unused int flags,
+ __unused void *data,
+ vfs_context_t ctx)
+{
+ nfsnode_t np = VTONFS(vp);
+ int error;
+ resolver_result_t result;
+
+ if ((error = nfs_node_set_busy(np, vfs_context_thread(ctx)))) {
+ result = vfs_resolver_result(np->n_trigseq, RESOLVER_ERROR, error);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger REARM: busy error %d, seq %d", error, np->n_trigseq);
+#endif
+ return result;
+ }
+
+ np->n_trigseq++;
+ result = vfs_resolver_result(np->n_trigseq,
+ vnode_mountedhere(vp) ? RESOLVER_RESOLVED : RESOLVER_UNRESOLVED, 0);
+#ifdef NFS_TRIGGER_DEBUG
+ NP(np, "nfs trigger REARM: %s, seq %d",
+ vnode_mountedhere(vp) ? "resolved" : "unresolved", np->n_trigseq);
+#endif
+ nfs_node_clear_busy(np);
+ return result;
+}
+
+/*
+ * Periodically attempt to unmount ephemeral (mirror) mounts in an attempt to limit
+ * the number of unused mounts.
+ */
+
+#define NFS_EPHEMERAL_MOUNT_HARVEST_INTERVAL 120 /* how often the harvester runs */
+struct nfs_ephemeral_mount_harvester_info {
+ fsid_t fsid; /* FSID that we need to try to unmount */
+ uint32_t mountcount; /* count of ephemeral mounts seen in scan */
+};
+/* various globals for the harvester */
+static thread_call_t nfs_ephemeral_mount_harvester_timer = NULL;
+static int nfs_ephemeral_mount_harvester_on = 0;
+
+kern_return_t thread_terminate(thread_t);
+
+static int
+nfs_ephemeral_mount_harvester_callback(mount_t mp, void *arg)
+{
+ struct nfs_ephemeral_mount_harvester_info *hinfo = arg;
+ struct nfsmount *nmp;
+ struct timeval now;
+
+ if (strcmp(mp->mnt_vfsstat.f_fstypename, "nfs")) {
+ return VFS_RETURNED;
+ }
+ nmp = VFSTONFS(mp);
+ if (!nmp || !NMFLAG(nmp, EPHEMERAL)
+ ) {
+ return VFS_RETURNED;
+ }
+ hinfo->mountcount++;
+
+ /* avoid unmounting mounts that have been triggered within the last harvest interval */
+ microtime(&now);
+ if ((nmp->nm_mounttime >> 32) > ((uint32_t)now.tv_sec - NFS_EPHEMERAL_MOUNT_HARVEST_INTERVAL)) {
+ return VFS_RETURNED;
+ }
+
+ if (hinfo->fsid.val[0] || hinfo->fsid.val[1]) {
+ /* attempt to unmount previously-found ephemeral mount */
+ vfs_unmountbyfsid(&hinfo->fsid, 0, vfs_context_kernel());
+ hinfo->fsid.val[0] = hinfo->fsid.val[1] = 0;
+ }
+
+ /*
+ * We can't call unmount here since we hold a mount iter ref
+ * on mp so save its fsid for the next call iteration to unmount.
+ */
+ hinfo->fsid.val[0] = mp->mnt_vfsstat.f_fsid.val[0];
+ hinfo->fsid.val[1] = mp->mnt_vfsstat.f_fsid.val[1];
+
+ return VFS_RETURNED;
+}
+
+/*
+ * Spawn a thread to do the ephemeral mount harvesting.
+ */
+static void
+nfs_ephemeral_mount_harvester_timer_func(void)
+{
+ thread_t thd;
+
+ if (kernel_thread_start(nfs_ephemeral_mount_harvester, NULL, &thd) == KERN_SUCCESS) {
+ thread_deallocate(thd);
+ }
+}
+
+/*
+ * Iterate all mounts looking for NFS ephemeral mounts to try to unmount.
+ */
+void
+nfs_ephemeral_mount_harvester(__unused void *arg, __unused wait_result_t wr)
+{
+ struct nfs_ephemeral_mount_harvester_info hinfo;
+ uint64_t deadline;
+
+ hinfo.mountcount = 0;
+ hinfo.fsid.val[0] = hinfo.fsid.val[1] = 0;
+ vfs_iterate(VFS_ITERATE_TAIL_FIRST, nfs_ephemeral_mount_harvester_callback, &hinfo);
+ if (hinfo.fsid.val[0] || hinfo.fsid.val[1]) {
+ /* attempt to unmount last found ephemeral mount */
+ vfs_unmountbyfsid(&hinfo.fsid, 0, vfs_context_kernel());
+ }
+
+ lck_mtx_lock(nfs_global_mutex);
+ if (!hinfo.mountcount) {
+ /* no more ephemeral mounts - don't need timer */
+ nfs_ephemeral_mount_harvester_on = 0;
+ } else {
+ /* re-arm the timer */
+ clock_interval_to_deadline(NFS_EPHEMERAL_MOUNT_HARVEST_INTERVAL, NSEC_PER_SEC, &deadline);
+ thread_call_enter_delayed(nfs_ephemeral_mount_harvester_timer, deadline);
+ nfs_ephemeral_mount_harvester_on = 1;
+ }
+ lck_mtx_unlock(nfs_global_mutex);
+
+ /* thread done */
+ thread_terminate(current_thread());
+}
+
+/*
+ * Make sure the NFS ephemeral mount harvester timer is running.
+ */
+void
+nfs_ephemeral_mount_harvester_start(void)
+{
+ uint64_t deadline;
+
+ lck_mtx_lock(nfs_global_mutex);
+ if (nfs_ephemeral_mount_harvester_on) {
+ lck_mtx_unlock(nfs_global_mutex);
+ return;
+ }
+ if (nfs_ephemeral_mount_harvester_timer == NULL) {
+ nfs_ephemeral_mount_harvester_timer = thread_call_allocate((thread_call_func_t)nfs_ephemeral_mount_harvester_timer_func, NULL);
+ }
+ clock_interval_to_deadline(NFS_EPHEMERAL_MOUNT_HARVEST_INTERVAL, NSEC_PER_SEC, &deadline);
+ thread_call_enter_delayed(nfs_ephemeral_mount_harvester_timer, deadline);
+ nfs_ephemeral_mount_harvester_on = 1;
+ lck_mtx_unlock(nfs_global_mutex);
+}
+
+#endif
+
+/*
+ * Send a MOUNT protocol MOUNT request to the server to get the initial file handle (and security).
+ */
+int
+nfs3_mount_rpc(struct nfsmount *nmp, struct sockaddr *sa, int sotype, int nfsvers, char *path, vfs_context_t ctx, int timeo, fhandle_t *fh, struct nfs_sec *sec)
+{
+ int error = 0, slen, mntproto;
+ thread_t thd = vfs_context_thread(ctx);
+ kauth_cred_t cred = vfs_context_ucred(ctx);
+ uint64_t xid = 0;
+ struct nfsm_chain nmreq, nmrep;
+ mbuf_t mreq;
+ uint32_t mntvers, mntport, val;
+ struct sockaddr_storage ss;
+ struct sockaddr *saddr = (struct sockaddr*)&ss;
+ struct sockaddr_un *sun = (struct sockaddr_un*)saddr;
+
+ nfsm_chain_null(&nmreq);
+ nfsm_chain_null(&nmrep);
+
+ mntvers = (nfsvers == NFS_VER2) ? RPCMNT_VER1 : RPCMNT_VER3;
+ mntproto = (NM_OMFLAG(nmp, MNTUDP) || (sotype == SOCK_DGRAM)) ? IPPROTO_UDP : IPPROTO_TCP;
+ sec->count = 0;
+
+ bcopy(sa, saddr, min(sizeof(ss), sa->sa_len));
+ if (saddr->sa_family == AF_INET) {
+ if (nmp->nm_mountport) {
+ ((struct sockaddr_in*)saddr)->sin_port = htons(nmp->nm_mountport);
+ }
+ mntport = ntohs(((struct sockaddr_in*)saddr)->sin_port);
+ } else if (saddr->sa_family == AF_INET6) {
+ if (nmp->nm_mountport) {
+ ((struct sockaddr_in6*)saddr)->sin6_port = htons(nmp->nm_mountport);
+ }
+ mntport = ntohs(((struct sockaddr_in6*)saddr)->sin6_port);
+ } else { /* Local domain socket */
+ mntport = ((struct sockaddr_un *)saddr)->sun_path[0]; /* Do we have and address? */
+ mntproto = IPPROTO_TCP; /* XXX rpcbind only listens on streams sockets for now */
+ }
+
+ while (!mntport) {
+ error = nfs_portmap_lookup(nmp, ctx, saddr, NULL, RPCPROG_MNT, mntvers,
+ mntproto == IPPROTO_UDP ? SOCK_DGRAM : SOCK_STREAM, timeo);
+ nfsmout_if(error);
+ if (saddr->sa_family == AF_INET) {
+ mntport = ntohs(((struct sockaddr_in*)saddr)->sin_port);
+ } else if (saddr->sa_family == AF_INET6) {
+ mntport = ntohs(((struct sockaddr_in6*)saddr)->sin6_port);
+ } else if (saddr->sa_family == AF_LOCAL) {
+ mntport = ((struct sockaddr_un*)saddr)->sun_path[0];
+ }
+ if (!mntport) {
+ /* if not found and TCP, then retry with UDP */
+ if (mntproto == IPPROTO_UDP) {
+ error = EPROGUNAVAIL;
+ break;
+ }
+ mntproto = IPPROTO_UDP;
+ bcopy(sa, saddr, min(sizeof(ss), sa->sa_len));
+ if (saddr->sa_family == AF_LOCAL) {
+ strlcpy(sun->sun_path, RPCB_TICLTS_PATH, sizeof(sun->sun_path));
+ }
+ }
+ }
+ nfsmout_if(error || !mntport);
+
+ /* MOUNT protocol MOUNT request */
+ slen = strlen(path);
+ nfsm_chain_build_alloc_init(error, &nmreq, NFSX_UNSIGNED + nfsm_rndup(slen));
+ nfsm_chain_add_name(error, &nmreq, path, slen, nmp);
+ nfsm_chain_build_done(error, &nmreq);
+ nfsmout_if(error);
+ error = nfsm_rpchead2(nmp, (mntproto == IPPROTO_UDP) ? SOCK_DGRAM : SOCK_STREAM,
+ RPCPROG_MNT, mntvers, RPCMNT_MOUNT,
+ RPCAUTH_SYS, cred, NULL, nmreq.nmc_mhead, &xid, &mreq);
+ nfsmout_if(error);
+ nmreq.nmc_mhead = NULL;
+ error = nfs_aux_request(nmp, thd, saddr, NULL,
+ ((mntproto == IPPROTO_UDP) ? SOCK_DGRAM : SOCK_STREAM),
+ mreq, R_XID32(xid), 1, timeo, &nmrep);
+ nfsmout_if(error);
+ nfsm_chain_get_32(error, &nmrep, val);
+ if (!error && val) {
+ error = val;
+ }
+ nfsm_chain_get_fh(error, &nmrep, nfsvers, fh);
+ if (!error && (nfsvers > NFS_VER2)) {
+ sec->count = NX_MAX_SEC_FLAVORS;
+ error = nfsm_chain_get_secinfo(&nmrep, &sec->flavors[0], &sec->count);
+ }
+nfsmout:
+ nfsm_chain_cleanup(&nmreq);
+ nfsm_chain_cleanup(&nmrep);
+ return error;
+}
+
+
+/*
+ * Send a MOUNT protocol UNMOUNT request to tell the server we've unmounted it.
+ */
+void
+nfs3_umount_rpc(struct nfsmount *nmp, vfs_context_t ctx, int timeo)
+{
+ int error = 0, slen, mntproto;
+ thread_t thd = vfs_context_thread(ctx);
+ kauth_cred_t cred = vfs_context_ucred(ctx);
+ char *path;
+ uint64_t xid = 0;
+ struct nfsm_chain nmreq, nmrep;
+ mbuf_t mreq;
+ uint32_t mntvers, mntport;
+ struct sockaddr_storage ss;
+ struct sockaddr *saddr = (struct sockaddr*)&ss;
+
+ if (!nmp->nm_saddr) {
+ return;