1 /* $NetBSD: nfs_syscalls.c,v 1.75 2004/05/22 22:52:16 jonathan Exp $ */ 2 3 /* 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Rick Macklem at The University of Guelph. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * @(#)nfs_syscalls.c 8.5 (Berkeley) 3/30/95 35 */ 36 37 #include <sys/cdefs.h> 38 __KERNEL_RCSID(0, "$NetBSD: nfs_syscalls.c,v 1.75 2004/05/22 22:52:16 jonathan Exp $"); 39 40 #include "fs_nfs.h" 41 #include "opt_nfs.h" 42 #include "opt_nfsserver.h" 43 #include "opt_iso.h" 44 #include "opt_inet.h" 45 #include "opt_compat_netbsd.h" 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/kernel.h> 50 #include <sys/file.h> 51 #include <sys/stat.h> 52 #include <sys/vnode.h> 53 #include <sys/mount.h> 54 #include <sys/proc.h> 55 #include <sys/uio.h> 56 #include <sys/malloc.h> 57 #include <sys/buf.h> 58 #include <sys/mbuf.h> 59 #include <sys/socket.h> 60 #include <sys/socketvar.h> 61 #include <sys/signalvar.h> 62 #include <sys/domain.h> 63 #include <sys/protosw.h> 64 #include <sys/namei.h> 65 #include <sys/syslog.h> 66 #include <sys/filedesc.h> 67 #include <sys/kthread.h> 68 69 #include <sys/sa.h> 70 #include <sys/syscallargs.h> 71 72 #include <netinet/in.h> 73 #include <netinet/tcp.h> 74 #ifdef ISO 75 #include <netiso/iso.h> 76 #endif 77 #include <nfs/xdr_subs.h> 78 #include <nfs/rpcv2.h> 79 #include <nfs/nfsproto.h> 80 #include <nfs/nfs.h> 81 #include <nfs/nfsm_subs.h> 82 #include <nfs/nfsrvcache.h> 83 #include <nfs/nfsmount.h> 84 #include <nfs/nfsnode.h> 85 #include <nfs/nqnfs.h> 86 #include <nfs/nfsrtt.h> 87 #include <nfs/nfs_var.h> 88 89 /* Global defs. */ 90 extern int32_t (*nfsrv3_procs[NFS_NPROCS]) __P((struct nfsrv_descript *, 91 struct nfssvc_sock *, 92 struct proc *, struct mbuf **)); 93 extern time_t nqnfsstarttime; 94 extern int nfsrvw_procrastinate; 95 96 struct nfssvc_sock *nfs_udpsock; 97 #ifdef ISO 98 struct nfssvc_sock *nfs_cltpsock; 99 #endif 100 #ifdef INET6 101 struct nfssvc_sock *nfs_udp6sock; 102 #endif 103 int nuidhash_max = NFS_MAXUIDHASH; 104 int nfsd_waiting = 0; 105 #ifdef NFSSERVER 106 static int nfs_numnfsd = 0; 107 static int notstarted = 1; 108 static int modify_flag = 0; 109 static struct nfsdrt nfsdrt; 110 #endif 111 112 #ifdef NFSSERVER 113 struct simplelock nfsd_slock = SIMPLELOCK_INITIALIZER; 114 struct nfssvc_sockhead nfssvc_sockhead; 115 struct nfssvc_sockhead nfssvc_sockpending; 116 struct nfsdhead nfsd_head; 117 struct nfsdidlehead nfsd_idle_head; 118 119 int nfssvc_sockhead_flag; 120 int nfsd_head_flag; 121 #endif 122 123 MALLOC_DEFINE(M_NFSUID, "NFS uid", "Nfs uid mapping structure"); 124 125 #ifdef NFS 126 struct nfs_iod nfs_asyncdaemon[NFS_MAXASYNCDAEMON]; 127 int nfs_niothreads = -1; /* == "0, and has never been set" */ 128 #endif 129 130 #ifdef NFSSERVER 131 static void nfsd_rt __P((int, struct nfsrv_descript *, int)); 132 static struct nfssvc_sock *nfsrv_sockalloc __P((void)); 133 #endif 134 135 /* 136 * NFS server system calls 137 */ 138 139 140 /* 141 * Nfs server pseudo system call for the nfsd's 142 * Based on the flag value it either: 143 * - adds a socket to the selection list 144 * - remains in the kernel as an nfsd 145 * - remains in the kernel as an nfsiod 146 */ 147 int 148 sys_nfssvc(l, v, retval) 149 struct lwp *l; 150 void *v; 151 register_t *retval; 152 { 153 struct sys_nfssvc_args /* { 154 syscallarg(int) flag; 155 syscallarg(caddr_t) argp; 156 } */ *uap = v; 157 struct proc *p = l->l_proc; 158 int error; 159 #ifdef NFS 160 struct nameidata nd; 161 struct nfsmount *nmp; 162 struct nfsd_cargs ncd; 163 #endif 164 #ifdef NFSSERVER 165 int s; 166 struct file *fp; 167 struct mbuf *nam; 168 struct nfsd_args nfsdarg; 169 struct nfsd_srvargs nfsd_srvargs, *nsd = &nfsd_srvargs; 170 struct nfsd *nfsd; 171 struct nfssvc_sock *slp; 172 struct nfsuid *nuidp; 173 #endif 174 175 /* 176 * Must be super user 177 */ 178 error = suser(p->p_ucred, &p->p_acflag); 179 if (error) 180 return (error); 181 #ifdef NFSSERVER 182 s = splsoftnet(); 183 simple_lock(&nfsd_slock); 184 while (nfssvc_sockhead_flag & SLP_INIT) { 185 nfssvc_sockhead_flag |= SLP_WANTINIT; 186 (void) ltsleep(&nfssvc_sockhead, PSOCK, "nfsd init", 0, 187 &nfsd_slock); 188 } 189 simple_unlock(&nfsd_slock); 190 splx(s); 191 #endif 192 if (SCARG(uap, flag) & NFSSVC_BIOD) { 193 #if defined(NFS) && defined(COMPAT_14) 194 error = nfssvc_iod(l); 195 #else 196 error = ENOSYS; 197 #endif 198 } else if (SCARG(uap, flag) & NFSSVC_MNTD) { 199 #ifndef NFS 200 error = ENOSYS; 201 #else 202 error = copyin(SCARG(uap, argp), (caddr_t)&ncd, sizeof (ncd)); 203 if (error) 204 return (error); 205 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, 206 ncd.ncd_dirp, p); 207 error = namei(&nd); 208 if (error) 209 return (error); 210 if ((nd.ni_vp->v_flag & VROOT) == 0) 211 error = EINVAL; 212 nmp = VFSTONFS(nd.ni_vp->v_mount); 213 vput(nd.ni_vp); 214 if (error) 215 return (error); 216 if ((nmp->nm_iflag & NFSMNT_MNTD) && 217 (SCARG(uap, flag) & NFSSVC_GOTAUTH) == 0) 218 return (0); 219 nmp->nm_iflag |= NFSMNT_MNTD; 220 error = nqnfs_clientd(nmp, p->p_ucred, &ncd, SCARG(uap, flag), 221 SCARG(uap, argp), l); 222 #endif /* NFS */ 223 } else if (SCARG(uap, flag) & NFSSVC_ADDSOCK) { 224 #ifndef NFSSERVER 225 error = ENOSYS; 226 #else 227 error = copyin(SCARG(uap, argp), (caddr_t)&nfsdarg, 228 sizeof(nfsdarg)); 229 if (error) 230 return (error); 231 /* getsock() will use the descriptor for us */ 232 error = getsock(p->p_fd, nfsdarg.sock, &fp); 233 if (error) 234 return (error); 235 /* 236 * Get the client address for connected sockets. 237 */ 238 if (nfsdarg.name == NULL || nfsdarg.namelen == 0) 239 nam = (struct mbuf *)0; 240 else { 241 error = sockargs(&nam, nfsdarg.name, nfsdarg.namelen, 242 MT_SONAME); 243 if (error) { 244 FILE_UNUSE(fp, NULL); 245 return (error); 246 } 247 } 248 error = nfssvc_addsock(fp, nam); 249 FILE_UNUSE(fp, NULL); 250 #endif /* !NFSSERVER */ 251 } else { 252 #ifndef NFSSERVER 253 error = ENOSYS; 254 #else 255 error = copyin(SCARG(uap, argp), (caddr_t)nsd, sizeof (*nsd)); 256 if (error) 257 return (error); 258 if ((SCARG(uap, flag) & NFSSVC_AUTHIN) && 259 ((nfsd = nsd->nsd_nfsd)) != NULL && 260 (nfsd->nfsd_slp->ns_flag & SLP_VALID)) { 261 slp = nfsd->nfsd_slp; 262 263 /* 264 * First check to see if another nfsd has already 265 * added this credential. 266 */ 267 LIST_FOREACH(nuidp, NUIDHASH(slp,nsd->nsd_cr.cr_uid), 268 nu_hash) { 269 if (nuidp->nu_cr.cr_uid == nsd->nsd_cr.cr_uid && 270 (!nfsd->nfsd_nd->nd_nam2 || 271 netaddr_match(NU_NETFAM(nuidp), 272 &nuidp->nu_haddr, nfsd->nfsd_nd->nd_nam2))) 273 break; 274 } 275 if (nuidp) { 276 nfsrv_setcred(&nuidp->nu_cr,&nfsd->nfsd_nd->nd_cr); 277 nfsd->nfsd_nd->nd_flag |= ND_KERBFULL; 278 } else { 279 /* 280 * Nope, so we will. 281 */ 282 if (slp->ns_numuids < nuidhash_max) { 283 slp->ns_numuids++; 284 nuidp = (struct nfsuid *) 285 malloc(sizeof (struct nfsuid), M_NFSUID, 286 M_WAITOK); 287 } else 288 nuidp = (struct nfsuid *)0; 289 if ((slp->ns_flag & SLP_VALID) == 0) { 290 if (nuidp) 291 free((caddr_t)nuidp, M_NFSUID); 292 } else { 293 if (nuidp == (struct nfsuid *)0) { 294 nuidp = TAILQ_FIRST(&slp->ns_uidlruhead); 295 LIST_REMOVE(nuidp, nu_hash); 296 TAILQ_REMOVE(&slp->ns_uidlruhead, nuidp, 297 nu_lru); 298 if (nuidp->nu_flag & NU_NAM) 299 m_freem(nuidp->nu_nam); 300 } 301 nuidp->nu_flag = 0; 302 crcvt(&nuidp->nu_cr, &nsd->nsd_cr); 303 if (nuidp->nu_cr.cr_ngroups > NGROUPS) 304 nuidp->nu_cr.cr_ngroups = NGROUPS; 305 nuidp->nu_cr.cr_ref = 1; 306 nuidp->nu_timestamp = nsd->nsd_timestamp; 307 nuidp->nu_expire = time.tv_sec + nsd->nsd_ttl; 308 /* 309 * and save the session key in nu_key. 310 */ 311 memcpy(nuidp->nu_key, nsd->nsd_key, 312 sizeof(nsd->nsd_key)); 313 if (nfsd->nfsd_nd->nd_nam2) { 314 struct sockaddr_in *saddr; 315 316 saddr = mtod(nfsd->nfsd_nd->nd_nam2, 317 struct sockaddr_in *); 318 switch (saddr->sin_family) { 319 case AF_INET: 320 nuidp->nu_flag |= NU_INETADDR; 321 nuidp->nu_inetaddr = 322 saddr->sin_addr.s_addr; 323 break; 324 case AF_ISO: 325 default: 326 nuidp->nu_flag |= NU_NAM; 327 nuidp->nu_nam = m_copym( 328 nfsd->nfsd_nd->nd_nam2, 0, 329 M_COPYALL, M_WAIT); 330 break; 331 }; 332 } 333 TAILQ_INSERT_TAIL(&slp->ns_uidlruhead, nuidp, 334 nu_lru); 335 LIST_INSERT_HEAD(NUIDHASH(slp, nsd->nsd_uid), 336 nuidp, nu_hash); 337 nfsrv_setcred(&nuidp->nu_cr, 338 &nfsd->nfsd_nd->nd_cr); 339 nfsd->nfsd_nd->nd_flag |= ND_KERBFULL; 340 } 341 } 342 } 343 if ((SCARG(uap, flag) & NFSSVC_AUTHINFAIL) && 344 (nfsd = nsd->nsd_nfsd)) 345 nfsd->nfsd_flag |= NFSD_AUTHFAIL; 346 error = nfssvc_nfsd(nsd, SCARG(uap, argp), l); 347 #endif /* !NFSSERVER */ 348 } 349 if (error == EINTR || error == ERESTART) 350 error = 0; 351 return (error); 352 } 353 354 #ifdef NFSSERVER 355 MALLOC_DEFINE(M_NFSD, "NFS daemon", "Nfs server daemon structure"); 356 MALLOC_DEFINE(M_NFSSVC, "NFS srvsock", "Nfs server structure"); 357 struct pool nfs_srvdesc_pool; 358 359 static struct nfssvc_sock * 360 nfsrv_sockalloc() 361 { 362 struct nfssvc_sock *slp; 363 int s; 364 365 slp = (struct nfssvc_sock *) 366 malloc(sizeof (struct nfssvc_sock), M_NFSSVC, M_WAITOK); 367 memset(slp, 0, sizeof (struct nfssvc_sock)); 368 TAILQ_INIT(&slp->ns_uidlruhead); 369 s = splsoftnet(); 370 simple_lock(&nfsd_slock); 371 TAILQ_INSERT_TAIL(&nfssvc_sockhead, slp, ns_chain); 372 simple_unlock(&nfsd_slock); 373 splx(s); 374 375 return slp; 376 } 377 378 /* 379 * Adds a socket to the list for servicing by nfsds. 380 */ 381 int 382 nfssvc_addsock(fp, mynam) 383 struct file *fp; 384 struct mbuf *mynam; 385 { 386 struct mbuf *m; 387 int siz; 388 struct nfssvc_sock *slp; 389 struct socket *so; 390 struct nfssvc_sock *tslp; 391 int error, s; 392 393 so = (struct socket *)fp->f_data; 394 tslp = (struct nfssvc_sock *)0; 395 /* 396 * Add it to the list, as required. 397 */ 398 if (so->so_proto->pr_protocol == IPPROTO_UDP) { 399 #ifdef INET6 400 if (so->so_proto->pr_domain->dom_family == AF_INET6) 401 tslp = nfs_udp6sock; 402 else 403 #endif 404 tslp = nfs_udpsock; 405 if (tslp->ns_flag & SLP_VALID) { 406 m_freem(mynam); 407 return (EPERM); 408 } 409 #ifdef ISO 410 } else if (so->so_proto->pr_protocol == ISOPROTO_CLTP) { 411 tslp = nfs_cltpsock; 412 if (tslp->ns_flag & SLP_VALID) { 413 m_freem(mynam); 414 return (EPERM); 415 } 416 #endif /* ISO */ 417 } 418 if (so->so_type == SOCK_STREAM) 419 siz = NFS_MAXPACKET + sizeof (u_long); 420 else 421 siz = NFS_MAXPACKET; 422 error = soreserve(so, siz, siz); 423 if (error) { 424 m_freem(mynam); 425 return (error); 426 } 427 428 /* 429 * Set protocol specific options { for now TCP only } and 430 * reserve some space. For datagram sockets, this can get called 431 * repeatedly for the same socket, but that isn't harmful. 432 */ 433 if (so->so_type == SOCK_STREAM) { 434 m = m_get(M_WAIT, MT_SOOPTS); 435 MCLAIM(m, &nfs_mowner); 436 *mtod(m, int32_t *) = 1; 437 m->m_len = sizeof(int32_t); 438 sosetopt(so, SOL_SOCKET, SO_KEEPALIVE, m); 439 } 440 if ((so->so_proto->pr_domain->dom_family == AF_INET 441 #ifdef INET6 442 || so->so_proto->pr_domain->dom_family == AF_INET6 443 #endif 444 ) && 445 so->so_proto->pr_protocol == IPPROTO_TCP) { 446 m = m_get(M_WAIT, MT_SOOPTS); 447 MCLAIM(m, &nfs_mowner); 448 *mtod(m, int32_t *) = 1; 449 m->m_len = sizeof(int32_t); 450 sosetopt(so, IPPROTO_TCP, TCP_NODELAY, m); 451 } 452 so->so_rcv.sb_flags &= ~SB_NOINTR; 453 so->so_rcv.sb_timeo = 0; 454 so->so_snd.sb_flags &= ~SB_NOINTR; 455 so->so_snd.sb_timeo = 0; 456 if (tslp) 457 slp = tslp; 458 else { 459 slp = nfsrv_sockalloc(); 460 } 461 slp->ns_so = so; 462 slp->ns_nam = mynam; 463 fp->f_count++; 464 slp->ns_fp = fp; 465 s = splsoftnet(); 466 so->so_upcallarg = (caddr_t)slp; 467 so->so_upcall = nfsrv_rcv; 468 so->so_rcv.sb_flags |= SB_UPCALL; 469 slp->ns_flag = (SLP_VALID | SLP_NEEDQ); 470 nfsrv_wakenfsd(slp); 471 splx(s); 472 return (0); 473 } 474 475 /* 476 * Called by nfssvc() for nfsds. Just loops around servicing rpc requests 477 * until it is killed by a signal. 478 */ 479 int 480 nfssvc_nfsd(nsd, argp, l) 481 struct nfsd_srvargs *nsd; 482 caddr_t argp; 483 struct lwp *l; 484 { 485 struct mbuf *m; 486 int siz; 487 struct nfssvc_sock *slp; 488 struct socket *so; 489 int *solockp; 490 struct nfsd *nfsd = nsd->nsd_nfsd; 491 struct nfsrv_descript *nd = NULL; 492 struct mbuf *mreq; 493 int error = 0, cacherep, s, sotype, writes_todo; 494 u_quad_t cur_usec; 495 struct proc *p = l->l_proc; 496 497 #ifndef nolint 498 cacherep = RC_DOIT; 499 writes_todo = 0; 500 #endif 501 s = splsoftnet(); 502 if (nfsd == (struct nfsd *)0) { 503 nsd->nsd_nfsd = nfsd = (struct nfsd *) 504 malloc(sizeof (struct nfsd), M_NFSD, M_WAITOK); 505 memset((caddr_t)nfsd, 0, sizeof (struct nfsd)); 506 nfsd->nfsd_procp = p; 507 simple_lock(&nfsd_slock); 508 TAILQ_INSERT_TAIL(&nfsd_head, nfsd, nfsd_chain); 509 nfs_numnfsd++; 510 simple_unlock(&nfsd_slock); 511 } 512 PHOLD(l); 513 /* 514 * Loop getting rpc requests until SIGKILL. 515 */ 516 for (;;) { 517 if ((nfsd->nfsd_flag & NFSD_REQINPROG) == 0) { 518 simple_lock(&nfsd_slock); 519 while (nfsd->nfsd_slp == (struct nfssvc_sock *)0 && 520 (nfsd_head_flag & NFSD_CHECKSLP) == 0) { 521 SLIST_INSERT_HEAD(&nfsd_idle_head, nfsd, 522 nfsd_idle); 523 nfsd->nfsd_flag |= NFSD_WAITING; 524 nfsd_waiting++; 525 error = ltsleep(nfsd, PSOCK | PCATCH, "nfsd", 526 0, &nfsd_slock); 527 nfsd_waiting--; 528 if (error) { 529 slp = nfsd->nfsd_slp; 530 nfsd->nfsd_slp = NULL; 531 if (!slp) 532 SLIST_REMOVE(&nfsd_idle_head, 533 nfsd, nfsd, nfsd_idle); 534 simple_unlock(&nfsd_slock); 535 if (slp) { 536 nfsrv_wakenfsd(slp); 537 nfsrv_slpderef(slp); 538 } 539 goto done; 540 } 541 } 542 if (nfsd->nfsd_slp == (struct nfssvc_sock *)0 && 543 (nfsd_head_flag & NFSD_CHECKSLP) != 0) { 544 slp = TAILQ_FIRST(&nfssvc_sockpending); 545 if (slp) { 546 KASSERT((slp->ns_flag & 547 (SLP_VALID | SLP_DOREC)) 548 == (SLP_VALID | SLP_DOREC)); 549 TAILQ_REMOVE(&nfssvc_sockpending, slp, 550 ns_pending); 551 slp->ns_flag &= ~SLP_DOREC; 552 slp->ns_sref++; 553 nfsd->nfsd_slp = slp; 554 } else 555 nfsd_head_flag &= ~NFSD_CHECKSLP; 556 } 557 simple_unlock(&nfsd_slock); 558 if ((slp = nfsd->nfsd_slp) == (struct nfssvc_sock *)0) 559 continue; 560 if (slp->ns_flag & SLP_VALID) { 561 if (slp->ns_flag & SLP_DISCONN) 562 nfsrv_zapsock(slp); 563 else if (slp->ns_flag & SLP_NEEDQ) { 564 slp->ns_flag &= ~SLP_NEEDQ; 565 (void) nfs_sndlock(&slp->ns_solock, 566 (struct nfsreq *)0); 567 nfsrv_rcv(slp->ns_so, (caddr_t)slp, 568 M_WAIT); 569 nfs_sndunlock(&slp->ns_solock); 570 } 571 error = nfsrv_dorec(slp, nfsd, &nd); 572 cur_usec = (u_quad_t)time.tv_sec * 1000000 + 573 (u_quad_t)time.tv_usec; 574 if (error && LIST_FIRST(&slp->ns_tq) && 575 LIST_FIRST(&slp->ns_tq)->nd_time <= 576 cur_usec) { 577 error = 0; 578 cacherep = RC_DOIT; 579 writes_todo = 1; 580 } else 581 writes_todo = 0; 582 nfsd->nfsd_flag |= NFSD_REQINPROG; 583 } 584 } else { 585 error = 0; 586 slp = nfsd->nfsd_slp; 587 } 588 if (error || (slp->ns_flag & SLP_VALID) == 0) { 589 if (nd) { 590 pool_put(&nfs_srvdesc_pool, nd); 591 nd = NULL; 592 } 593 nfsd->nfsd_slp = (struct nfssvc_sock *)0; 594 nfsd->nfsd_flag &= ~NFSD_REQINPROG; 595 nfsrv_slpderef(slp); 596 continue; 597 } 598 splx(s); 599 so = slp->ns_so; 600 sotype = so->so_type; 601 if (so->so_proto->pr_flags & PR_CONNREQUIRED) 602 solockp = &slp->ns_solock; 603 else 604 solockp = (int *)0; 605 if (nd) { 606 nd->nd_starttime = time; 607 if (nd->nd_nam2) 608 nd->nd_nam = nd->nd_nam2; 609 else 610 nd->nd_nam = slp->ns_nam; 611 612 /* 613 * Check to see if authorization is needed. 614 */ 615 if (nfsd->nfsd_flag & NFSD_NEEDAUTH) { 616 nfsd->nfsd_flag &= ~NFSD_NEEDAUTH; 617 nsd->nsd_haddr = mtod(nd->nd_nam, 618 struct sockaddr_in *)->sin_addr.s_addr; 619 nsd->nsd_authlen = nfsd->nfsd_authlen; 620 nsd->nsd_verflen = nfsd->nfsd_verflen; 621 if (!copyout(nfsd->nfsd_authstr, 622 nsd->nsd_authstr, nfsd->nfsd_authlen) && 623 !copyout(nfsd->nfsd_verfstr, 624 nsd->nsd_verfstr, nfsd->nfsd_verflen) && 625 !copyout(nsd, argp, sizeof (*nsd))) { 626 PRELE(l); 627 return (ENEEDAUTH); 628 } 629 cacherep = RC_DROPIT; 630 } else 631 cacherep = nfsrv_getcache(nd, slp, &mreq); 632 633 /* 634 * Check for just starting up for NQNFS and send 635 * fake "try again later" replies to the NQNFS clients. 636 */ 637 if (notstarted && nqnfsstarttime <= time.tv_sec) { 638 if (modify_flag) { 639 nqnfsstarttime = 640 time.tv_sec + nqsrv_writeslack; 641 modify_flag = 0; 642 } else 643 notstarted = 0; 644 } 645 if (notstarted) { 646 if ((nd->nd_flag & ND_NQNFS) == 0) 647 cacherep = RC_DROPIT; 648 else if (nd->nd_procnum != NFSPROC_WRITE) { 649 nd->nd_procnum = NFSPROC_NOOP; 650 nd->nd_repstat = NQNFS_TRYLATER; 651 cacherep = RC_DOIT; 652 } else 653 modify_flag = 1; 654 } else if (nfsd->nfsd_flag & NFSD_AUTHFAIL) { 655 nfsd->nfsd_flag &= ~NFSD_AUTHFAIL; 656 nd->nd_procnum = NFSPROC_NOOP; 657 nd->nd_repstat = 658 (NFSERR_AUTHERR | AUTH_TOOWEAK); 659 cacherep = RC_DOIT; 660 } 661 } 662 663 /* 664 * Loop to get all the write rpc relies that have been 665 * gathered together. 666 */ 667 do { 668 #ifdef DIAGNOSTIC 669 int lockcount; 670 #endif 671 switch (cacherep) { 672 case RC_DOIT: 673 #ifdef DIAGNOSTIC 674 /* 675 * NFS server procs should neither release 676 * locks already held, nor leave things 677 * locked. Catch this sooner, rather than 678 * later (when we try to relock something we 679 * already have locked). Careful inspection 680 * of the failing routine usually turns up the 681 * lock leak.. once we know what it is.. 682 */ 683 lockcount = l->l_locks; 684 #endif 685 if (writes_todo || (!(nd->nd_flag & ND_NFSV3) && 686 nd->nd_procnum == NFSPROC_WRITE && 687 nfsrvw_procrastinate > 0 && !notstarted)) 688 error = nfsrv_writegather(&nd, slp, 689 nfsd->nfsd_procp, &mreq); 690 else 691 error = 692 (*(nfsrv3_procs[nd->nd_procnum])) 693 (nd, slp, nfsd->nfsd_procp, &mreq); 694 #ifdef DIAGNOSTIC 695 if (l->l_locks != lockcount) { 696 /* 697 * If you see this panic, audit 698 * nfsrv3_procs[nd->nd_procnum] for 699 * vnode locking errors (usually, it's 700 * due to forgetting to vput() 701 * something). 702 */ 703 #ifdef DEBUG 704 extern void printlockedvnodes(void); 705 printlockedvnodes(); 706 #endif 707 printf("nfsd: locking botch in op %d" 708 " (before %d, after %d)\n", 709 nd ? nd->nd_procnum : -1, 710 lockcount, l->l_locks); 711 } 712 #endif 713 if (mreq == NULL) 714 break; 715 if (error) { 716 if (nd->nd_procnum != NQNFSPROC_VACATED) 717 nfsstats.srv_errs++; 718 nfsrv_updatecache(nd, FALSE, mreq); 719 if (nd->nd_nam2) 720 m_freem(nd->nd_nam2); 721 break; 722 } 723 nfsstats.srvrpccnt[nd->nd_procnum]++; 724 nfsrv_updatecache(nd, TRUE, mreq); 725 nd->nd_mrep = (struct mbuf *)0; 726 case RC_REPLY: 727 m = mreq; 728 siz = 0; 729 while (m) { 730 siz += m->m_len; 731 m = m->m_next; 732 } 733 if (siz <= 0 || siz > NFS_MAXPACKET) { 734 printf("mbuf siz=%d\n",siz); 735 panic("Bad nfs svc reply"); 736 } 737 m = mreq; 738 m->m_pkthdr.len = siz; 739 m->m_pkthdr.rcvif = (struct ifnet *)0; 740 /* 741 * For stream protocols, prepend a Sun RPC 742 * Record Mark. 743 */ 744 if (sotype == SOCK_STREAM) { 745 M_PREPEND(m, NFSX_UNSIGNED, M_WAIT); 746 *mtod(m, u_int32_t *) = 747 htonl(0x80000000 | siz); 748 } 749 if (solockp) 750 (void) nfs_sndlock(solockp, NULL); 751 if (slp->ns_flag & SLP_VALID) { 752 error = 753 nfs_send(so, nd->nd_nam2, m, NULL, p); 754 } else { 755 error = EPIPE; 756 m_freem(m); 757 } 758 if (nfsrtton) 759 nfsd_rt(sotype, nd, cacherep); 760 if (nd->nd_nam2) 761 m_free(nd->nd_nam2); 762 if (nd->nd_mrep) 763 m_freem(nd->nd_mrep); 764 if (error == EPIPE) 765 nfsrv_zapsock(slp); 766 if (solockp) 767 nfs_sndunlock(solockp); 768 if (error == EINTR || error == ERESTART) { 769 pool_put(&nfs_srvdesc_pool, nd); 770 nfsrv_slpderef(slp); 771 s = splsoftnet(); 772 goto done; 773 } 774 break; 775 case RC_DROPIT: 776 if (nfsrtton) 777 nfsd_rt(sotype, nd, cacherep); 778 m_freem(nd->nd_mrep); 779 m_freem(nd->nd_nam2); 780 break; 781 } 782 if (nd) { 783 pool_put(&nfs_srvdesc_pool, nd); 784 nd = NULL; 785 } 786 787 /* 788 * Check to see if there are outstanding writes that 789 * need to be serviced. 790 */ 791 cur_usec = (u_quad_t)time.tv_sec * 1000000 + 792 (u_quad_t)time.tv_usec; 793 s = splsoftclock(); 794 if (LIST_FIRST(&slp->ns_tq) && 795 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec) { 796 cacherep = RC_DOIT; 797 writes_todo = 1; 798 } else 799 writes_todo = 0; 800 splx(s); 801 } while (writes_todo); 802 s = splsoftnet(); 803 if (nfsrv_dorec(slp, nfsd, &nd)) { 804 nfsd->nfsd_flag &= ~NFSD_REQINPROG; 805 nfsd->nfsd_slp = NULL; 806 nfsrv_slpderef(slp); 807 } 808 } 809 done: 810 PRELE(l); 811 simple_lock(&nfsd_slock); 812 TAILQ_REMOVE(&nfsd_head, nfsd, nfsd_chain); 813 simple_unlock(&nfsd_slock); 814 splx(s); 815 free((caddr_t)nfsd, M_NFSD); 816 nsd->nsd_nfsd = (struct nfsd *)0; 817 if (--nfs_numnfsd == 0) 818 nfsrv_init(TRUE); /* Reinitialize everything */ 819 return (error); 820 } 821 822 /* 823 * Shut down a socket associated with an nfssvc_sock structure. 824 * Should be called with the send lock set, if required. 825 * The trick here is to increment the sref at the start, so that the nfsds 826 * will stop using it and clear ns_flag at the end so that it will not be 827 * reassigned during cleanup. 828 * 829 * called at splsoftnet. 830 */ 831 void 832 nfsrv_zapsock(slp) 833 struct nfssvc_sock *slp; 834 { 835 struct nfsuid *nuidp, *nnuidp; 836 struct nfsrv_descript *nwp, *nnwp; 837 struct socket *so; 838 struct file *fp; 839 int s; 840 841 simple_lock(&nfsd_slock); 842 if ((slp->ns_flag & SLP_VALID) != 0) { 843 simple_unlock(&nfsd_slock); 844 return; 845 } 846 if (slp->ns_flag & SLP_DOREC) { 847 TAILQ_REMOVE(&nfssvc_sockpending, slp, ns_pending); 848 } 849 slp->ns_flag &= ~SLP_ALLFLAGS; 850 simple_unlock(&nfsd_slock); 851 fp = slp->ns_fp; 852 if (fp) { 853 simple_lock(&fp->f_slock); 854 FILE_USE(fp); 855 slp->ns_fp = (struct file *)0; 856 so = slp->ns_so; 857 so->so_upcall = NULL; 858 so->so_upcallarg = NULL; 859 so->so_rcv.sb_flags &= ~SB_UPCALL; 860 soshutdown(so, SHUT_RDWR); 861 closef(fp, (struct proc *)0); 862 if (slp->ns_nam) 863 m_free(slp->ns_nam); 864 m_freem(slp->ns_raw); 865 m_freem(slp->ns_rec); 866 for (nuidp = TAILQ_FIRST(&slp->ns_uidlruhead); nuidp != 0; 867 nuidp = nnuidp) { 868 nnuidp = TAILQ_NEXT(nuidp, nu_lru); 869 LIST_REMOVE(nuidp, nu_hash); 870 TAILQ_REMOVE(&slp->ns_uidlruhead, nuidp, nu_lru); 871 if (nuidp->nu_flag & NU_NAM) 872 m_freem(nuidp->nu_nam); 873 free((caddr_t)nuidp, M_NFSUID); 874 } 875 s = splsoftclock(); 876 for (nwp = LIST_FIRST(&slp->ns_tq); nwp; nwp = nnwp) { 877 nnwp = LIST_NEXT(nwp, nd_tq); 878 LIST_REMOVE(nwp, nd_tq); 879 pool_put(&nfs_srvdesc_pool, nwp); 880 } 881 LIST_INIT(&slp->ns_tq); 882 splx(s); 883 } 884 } 885 886 /* 887 * Derefence a server socket structure. If it has no more references and 888 * is no longer valid, you can throw it away. 889 */ 890 void 891 nfsrv_slpderef(slp) 892 struct nfssvc_sock *slp; 893 { 894 LOCK_ASSERT(!simple_lock_held(&nfsd_slock)); 895 896 if (--(slp->ns_sref) == 0 && (slp->ns_flag & SLP_VALID) == 0) { 897 int s = splsoftnet(); 898 simple_lock(&nfsd_slock); 899 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain); 900 simple_unlock(&nfsd_slock); 901 splx(s); 902 free(slp, M_NFSSVC); 903 } 904 } 905 906 /* 907 * Initialize the data structures for the server. 908 * Handshake with any new nfsds starting up to avoid any chance of 909 * corruption. 910 */ 911 void 912 nfsrv_init(terminating) 913 int terminating; 914 { 915 struct nfssvc_sock *slp; 916 int s; 917 918 s = splsoftnet(); 919 simple_lock(&nfsd_slock); 920 if (nfssvc_sockhead_flag & SLP_INIT) 921 panic("nfsd init"); 922 nfssvc_sockhead_flag |= SLP_INIT; 923 924 if (terminating) { 925 while ((slp = TAILQ_FIRST(&nfssvc_sockhead)) != NULL) { 926 TAILQ_REMOVE(&nfssvc_sockhead, slp, ns_chain); 927 simple_unlock(&nfsd_slock); 928 if (slp->ns_flag & SLP_VALID) 929 nfsrv_zapsock(slp); 930 free(slp, M_NFSSVC); 931 simple_lock(&nfsd_slock); 932 } 933 simple_unlock(&nfsd_slock); 934 splx(s); 935 nfsrv_cleancache(); /* And clear out server cache */ 936 } else { 937 simple_unlock(&nfsd_slock); 938 splx(s); 939 nfs_pub.np_valid = 0; 940 } 941 942 TAILQ_INIT(&nfssvc_sockhead); 943 TAILQ_INIT(&nfssvc_sockpending); 944 nfssvc_sockhead_flag &= ~SLP_INIT; 945 946 TAILQ_INIT(&nfsd_head); 947 SLIST_INIT(&nfsd_idle_head); 948 nfsd_head_flag &= ~NFSD_CHECKSLP; 949 950 nfs_udpsock = nfsrv_sockalloc(); 951 952 #ifdef INET6 953 nfs_udp6sock = nfsrv_sockalloc(); 954 #endif 955 956 #ifdef ISO 957 nfs_cltpsock = nfsrv_sockalloc(); 958 #endif 959 960 simple_lock(&nfsd_slock); 961 if (nfssvc_sockhead_flag & SLP_WANTINIT) { 962 nfssvc_sockhead_flag &= ~SLP_WANTINIT; 963 wakeup(&nfssvc_sockhead); 964 } 965 simple_unlock(&nfsd_slock); 966 splx(s); 967 } 968 969 /* 970 * Add entries to the server monitor log. 971 */ 972 static void 973 nfsd_rt(sotype, nd, cacherep) 974 int sotype; 975 struct nfsrv_descript *nd; 976 int cacherep; 977 { 978 struct drt *rt; 979 980 rt = &nfsdrt.drt[nfsdrt.pos]; 981 if (cacherep == RC_DOIT) 982 rt->flag = 0; 983 else if (cacherep == RC_REPLY) 984 rt->flag = DRT_CACHEREPLY; 985 else 986 rt->flag = DRT_CACHEDROP; 987 if (sotype == SOCK_STREAM) 988 rt->flag |= DRT_TCP; 989 if (nd->nd_flag & ND_NQNFS) 990 rt->flag |= DRT_NQNFS; 991 else if (nd->nd_flag & ND_NFSV3) 992 rt->flag |= DRT_NFSV3; 993 rt->proc = nd->nd_procnum; 994 if (mtod(nd->nd_nam, struct sockaddr *)->sa_family == AF_INET) 995 rt->ipadr = mtod(nd->nd_nam, struct sockaddr_in *)->sin_addr.s_addr; 996 else 997 rt->ipadr = INADDR_ANY; 998 rt->resptime = ((time.tv_sec - nd->nd_starttime.tv_sec) * 1000000) + 999 (time.tv_usec - nd->nd_starttime.tv_usec); 1000 rt->tstamp = time; 1001 nfsdrt.pos = (nfsdrt.pos + 1) % NFSRTTLOGSIZ; 1002 } 1003 #endif /* NFSSERVER */ 1004 1005 #ifdef NFS 1006 1007 int nfs_defect = 0; 1008 /* 1009 * Asynchronous I/O threads for client nfs. 1010 * They do read-ahead and write-behind operations on the block I/O cache. 1011 * Never returns unless it fails or gets killed. 1012 */ 1013 1014 int 1015 nfssvc_iod(l) 1016 struct lwp *l; 1017 { 1018 struct buf *bp; 1019 int i; 1020 struct nfs_iod *myiod; 1021 struct nfsmount *nmp; 1022 int error = 0; 1023 struct proc *p = l->l_proc; 1024 1025 /* 1026 * Assign my position or return error if too many already running 1027 */ 1028 myiod = NULL; 1029 for (i = 0; i < NFS_MAXASYNCDAEMON; i++) 1030 if (nfs_asyncdaemon[i].nid_proc == NULL) { 1031 myiod = &nfs_asyncdaemon[i]; 1032 break; 1033 } 1034 if (myiod == NULL) 1035 return (EBUSY); 1036 myiod->nid_proc = p; 1037 nfs_numasync++; 1038 PHOLD(l); 1039 /* 1040 * Just loop around doing our stuff until SIGKILL 1041 */ 1042 for (;;) { 1043 while (/*CONSTCOND*/ TRUE) { 1044 simple_lock(&myiod->nid_slock); 1045 nmp = myiod->nid_mount; 1046 if (nmp) { 1047 simple_lock(&nmp->nm_slock); 1048 if (!TAILQ_EMPTY(&nmp->nm_bufq)) { 1049 simple_unlock(&myiod->nid_slock); 1050 break; 1051 } 1052 nmp->nm_bufqiods--; 1053 simple_unlock(&nmp->nm_slock); 1054 } 1055 myiod->nid_want = p; 1056 myiod->nid_mount = NULL; 1057 error = ltsleep(&myiod->nid_want, 1058 PWAIT | PCATCH | PNORELOCK, "nfsidl", 0, 1059 &myiod->nid_slock); 1060 if (error) 1061 goto quit; 1062 } 1063 1064 while ((bp = TAILQ_FIRST(&nmp->nm_bufq)) != NULL) { 1065 /* Take one off the front of the list */ 1066 TAILQ_REMOVE(&nmp->nm_bufq, bp, b_freelist); 1067 nmp->nm_bufqlen--; 1068 if (nmp->nm_bufqwant && 1069 nmp->nm_bufqlen < 2 * nfs_numasync) { 1070 nmp->nm_bufqwant = FALSE; 1071 wakeup(&nmp->nm_bufq); 1072 } 1073 simple_unlock(&nmp->nm_slock); 1074 (void) nfs_doio(bp, NULL); 1075 simple_lock(&nmp->nm_slock); 1076 /* 1077 * If there are more than one iod on this mount, then defect 1078 * so that the iods can be shared out fairly between the mounts 1079 */ 1080 if (nfs_defect && nmp->nm_bufqiods > 1) { 1081 myiod->nid_mount = NULL; 1082 nmp->nm_bufqiods--; 1083 break; 1084 } 1085 } 1086 simple_unlock(&nmp->nm_slock); 1087 } 1088 quit: 1089 PRELE(l); 1090 if (nmp) 1091 nmp->nm_bufqiods--; 1092 myiod->nid_want = NULL; 1093 myiod->nid_mount = NULL; 1094 myiod->nid_proc = NULL; 1095 nfs_numasync--; 1096 1097 return error; 1098 } 1099 1100 void 1101 nfs_iodinit() 1102 { 1103 int i; 1104 1105 for (i = 0; i < NFS_MAXASYNCDAEMON; i++) 1106 simple_lock_init(&nfs_asyncdaemon[i].nid_slock); 1107 } 1108 1109 void 1110 start_nfsio(arg) 1111 void *arg; 1112 { 1113 nfssvc_iod(curlwp); 1114 1115 kthread_exit(0); 1116 } 1117 1118 void 1119 nfs_getset_niothreads(set) 1120 int set; 1121 { 1122 int i, have, start; 1123 1124 for (have = 0, i = 0; i < NFS_MAXASYNCDAEMON; i++) 1125 if (nfs_asyncdaemon[i].nid_proc != NULL) 1126 have++; 1127 1128 if (set) { 1129 /* clamp to sane range */ 1130 nfs_niothreads = max(0, min(nfs_niothreads, NFS_MAXASYNCDAEMON)); 1131 1132 start = nfs_niothreads - have; 1133 1134 while (start > 0) { 1135 kthread_create1(start_nfsio, NULL, NULL, "nfsio"); 1136 start--; 1137 } 1138 1139 for (i = 0; (start < 0) && (i < NFS_MAXASYNCDAEMON); i++) 1140 if (nfs_asyncdaemon[i].nid_proc != NULL) { 1141 psignal(nfs_asyncdaemon[i].nid_proc, SIGKILL); 1142 start++; 1143 } 1144 } else { 1145 if (nfs_niothreads >= 0) 1146 nfs_niothreads = have; 1147 } 1148 } 1149 1150 /* 1151 * Get an authorization string for the uid by having the mount_nfs sitting 1152 * on this mount point porpous out of the kernel and do it. 1153 */ 1154 int 1155 nfs_getauth(nmp, rep, cred, auth_str, auth_len, verf_str, verf_len, key) 1156 struct nfsmount *nmp; 1157 struct nfsreq *rep; 1158 struct ucred *cred; 1159 char **auth_str; 1160 int *auth_len; 1161 char *verf_str; 1162 int *verf_len; 1163 NFSKERBKEY_T key; /* return session key */ 1164 { 1165 int error = 0; 1166 1167 while ((nmp->nm_iflag & NFSMNT_WAITAUTH) == 0) { 1168 nmp->nm_iflag |= NFSMNT_WANTAUTH; 1169 (void) tsleep((caddr_t)&nmp->nm_authtype, PSOCK, 1170 "nfsauth1", 2 * hz); 1171 error = nfs_sigintr(nmp, rep, rep->r_procp); 1172 if (error) { 1173 nmp->nm_iflag &= ~NFSMNT_WANTAUTH; 1174 return (error); 1175 } 1176 } 1177 nmp->nm_iflag &= ~(NFSMNT_WAITAUTH | NFSMNT_WANTAUTH); 1178 nmp->nm_authstr = *auth_str = (char *)malloc(RPCAUTH_MAXSIZ, M_TEMP, M_WAITOK); 1179 nmp->nm_authlen = RPCAUTH_MAXSIZ; 1180 nmp->nm_verfstr = verf_str; 1181 nmp->nm_verflen = *verf_len; 1182 nmp->nm_authuid = cred->cr_uid; 1183 wakeup((caddr_t)&nmp->nm_authstr); 1184 1185 /* 1186 * And wait for mount_nfs to do its stuff. 1187 */ 1188 while ((nmp->nm_iflag & NFSMNT_HASAUTH) == 0 && error == 0) { 1189 (void) tsleep((caddr_t)&nmp->nm_authlen, PSOCK, 1190 "nfsauth2", 2 * hz); 1191 error = nfs_sigintr(nmp, rep, rep->r_procp); 1192 } 1193 if (nmp->nm_iflag & NFSMNT_AUTHERR) { 1194 nmp->nm_iflag &= ~NFSMNT_AUTHERR; 1195 error = EAUTH; 1196 } 1197 if (error) 1198 free((caddr_t)*auth_str, M_TEMP); 1199 else { 1200 *auth_len = nmp->nm_authlen; 1201 *verf_len = nmp->nm_verflen; 1202 memcpy(key, nmp->nm_key, sizeof (NFSKERBKEY_T)); 1203 } 1204 nmp->nm_iflag &= ~NFSMNT_HASAUTH; 1205 nmp->nm_iflag |= NFSMNT_WAITAUTH; 1206 if (nmp->nm_iflag & NFSMNT_WANTAUTH) { 1207 nmp->nm_iflag &= ~NFSMNT_WANTAUTH; 1208 wakeup((caddr_t)&nmp->nm_authtype); 1209 } 1210 return (error); 1211 } 1212 1213 /* 1214 * Get a nickname authenticator and verifier. 1215 */ 1216 int 1217 nfs_getnickauth(nmp, cred, auth_str, auth_len, verf_str, verf_len) 1218 struct nfsmount *nmp; 1219 struct ucred *cred; 1220 char **auth_str; 1221 int *auth_len; 1222 char *verf_str; 1223 int verf_len; 1224 { 1225 struct nfsuid *nuidp; 1226 u_int32_t *nickp, *verfp; 1227 struct timeval ktvin, ktvout; 1228 1229 #ifdef DIAGNOSTIC 1230 if (verf_len < (4 * NFSX_UNSIGNED)) 1231 panic("nfs_getnickauth verf too small"); 1232 #endif 1233 LIST_FOREACH(nuidp, NMUIDHASH(nmp, cred->cr_uid), nu_hash) { 1234 if (nuidp->nu_cr.cr_uid == cred->cr_uid) 1235 break; 1236 } 1237 if (!nuidp || nuidp->nu_expire < time.tv_sec) 1238 return (EACCES); 1239 1240 /* 1241 * Move to the end of the lru list (end of lru == most recently used). 1242 */ 1243 TAILQ_REMOVE(&nmp->nm_uidlruhead, nuidp, nu_lru); 1244 TAILQ_INSERT_TAIL(&nmp->nm_uidlruhead, nuidp, nu_lru); 1245 1246 nickp = (u_int32_t *)malloc(2 * NFSX_UNSIGNED, M_TEMP, M_WAITOK); 1247 *nickp++ = txdr_unsigned(RPCAKN_NICKNAME); 1248 *nickp = txdr_unsigned(nuidp->nu_nickname); 1249 *auth_str = (char *)nickp; 1250 *auth_len = 2 * NFSX_UNSIGNED; 1251 1252 /* 1253 * Now we must encrypt the verifier and package it up. 1254 */ 1255 verfp = (u_int32_t *)verf_str; 1256 *verfp++ = txdr_unsigned(RPCAKN_NICKNAME); 1257 if (time.tv_sec > nuidp->nu_timestamp.tv_sec || 1258 (time.tv_sec == nuidp->nu_timestamp.tv_sec && 1259 time.tv_usec > nuidp->nu_timestamp.tv_usec)) 1260 nuidp->nu_timestamp = time; 1261 else 1262 nuidp->nu_timestamp.tv_usec++; 1263 ktvin.tv_sec = txdr_unsigned(nuidp->nu_timestamp.tv_sec); 1264 ktvin.tv_usec = txdr_unsigned(nuidp->nu_timestamp.tv_usec); 1265 1266 /* 1267 * Now encrypt the timestamp verifier in ecb mode using the session 1268 * key. 1269 */ 1270 #ifdef NFSKERB 1271 XXX 1272 #endif 1273 1274 *verfp++ = ktvout.tv_sec; 1275 *verfp++ = ktvout.tv_usec; 1276 *verfp = 0; 1277 return (0); 1278 } 1279 1280 /* 1281 * Save the current nickname in a hash list entry on the mount point. 1282 */ 1283 int 1284 nfs_savenickauth(nmp, cred, len, key, mdp, dposp, mrep) 1285 struct nfsmount *nmp; 1286 struct ucred *cred; 1287 int len; 1288 NFSKERBKEY_T key; 1289 struct mbuf **mdp; 1290 char **dposp; 1291 struct mbuf *mrep; 1292 { 1293 struct nfsuid *nuidp; 1294 u_int32_t *tl; 1295 int32_t t1; 1296 struct mbuf *md = *mdp; 1297 struct timeval ktvin, ktvout; 1298 u_int32_t nick; 1299 char *dpos = *dposp, *cp2; 1300 int deltasec, error = 0; 1301 1302 if (len == (3 * NFSX_UNSIGNED)) { 1303 nfsm_dissect(tl, u_int32_t *, 3 * NFSX_UNSIGNED); 1304 ktvin.tv_sec = *tl++; 1305 ktvin.tv_usec = *tl++; 1306 nick = fxdr_unsigned(u_int32_t, *tl); 1307 1308 /* 1309 * Decrypt the timestamp in ecb mode. 1310 */ 1311 #ifdef NFSKERB 1312 XXX 1313 #endif 1314 ktvout.tv_sec = fxdr_unsigned(long, ktvout.tv_sec); 1315 ktvout.tv_usec = fxdr_unsigned(long, ktvout.tv_usec); 1316 deltasec = time.tv_sec - ktvout.tv_sec; 1317 if (deltasec < 0) 1318 deltasec = -deltasec; 1319 /* 1320 * If ok, add it to the hash list for the mount point. 1321 */ 1322 if (deltasec <= NFS_KERBCLOCKSKEW) { 1323 if (nmp->nm_numuids < nuidhash_max) { 1324 nmp->nm_numuids++; 1325 nuidp = (struct nfsuid *) 1326 malloc(sizeof (struct nfsuid), M_NFSUID, 1327 M_WAITOK); 1328 } else { 1329 nuidp = TAILQ_FIRST(&nmp->nm_uidlruhead); 1330 LIST_REMOVE(nuidp, nu_hash); 1331 TAILQ_REMOVE(&nmp->nm_uidlruhead, nuidp, 1332 nu_lru); 1333 } 1334 nuidp->nu_flag = 0; 1335 nuidp->nu_cr.cr_uid = cred->cr_uid; 1336 nuidp->nu_expire = time.tv_sec + NFS_KERBTTL; 1337 nuidp->nu_timestamp = ktvout; 1338 nuidp->nu_nickname = nick; 1339 memcpy(nuidp->nu_key, key, sizeof (NFSKERBKEY_T)); 1340 TAILQ_INSERT_TAIL(&nmp->nm_uidlruhead, nuidp, 1341 nu_lru); 1342 LIST_INSERT_HEAD(NMUIDHASH(nmp, cred->cr_uid), 1343 nuidp, nu_hash); 1344 } 1345 } else 1346 nfsm_adv(nfsm_rndup(len)); 1347 nfsmout: 1348 *mdp = md; 1349 *dposp = dpos; 1350 return (error); 1351 } 1352 #endif /* NFS */ 1353