xref: /netbsd-src/usr.sbin/nfsd/nfsd.c (revision 6cf6fe02a981b55727c49c3d37b0d8191a98c0ee) 
1 /*	$NetBSD: nfsd.c,v 1.62 2014/03/29 13:50:53 gson Exp $	*/
2 
3 /*
4  * Copyright (c) 1989, 1993, 1994
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Rick Macklem at The University of Guelph.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 #include <sys/cdefs.h>
36 #ifndef lint
37 __COPYRIGHT("@(#) Copyright (c) 1989, 1993, 1994\
38  The Regents of the University of California.  All rights reserved.");
39 #endif /* not lint */
40 
41 #ifndef lint
42 #if 0
43 static char sccsid[] = "@(#)nfsd.c	8.9 (Berkeley) 3/29/95";
44 #else
45 __RCSID("$NetBSD: nfsd.c,v 1.62 2014/03/29 13:50:53 gson Exp $");
46 #endif
47 #endif /* not lint */
48 
49 #include <sys/param.h>
50 #include <sys/ioctl.h>
51 #include <sys/stat.h>
52 #include <sys/wait.h>
53 #include <sys/uio.h>
54 #include <sys/ucred.h>
55 #include <sys/mount.h>
56 #include <sys/socket.h>
57 #include <sys/socketvar.h>
58 #include <poll.h>
59 
60 #include <rpc/rpc.h>
61 #include <rpc/pmap_clnt.h>
62 #include <rpc/pmap_prot.h>
63 
64 #include <nfs/rpcv2.h>
65 #include <nfs/nfsproto.h>
66 #include <nfs/nfs.h>
67 
68 #include <err.h>
69 #include <errno.h>
70 #include <fcntl.h>
71 #include <grp.h>
72 #include <paths.h>
73 #include <pwd.h>
74 #include <pthread.h>
75 #include <signal.h>
76 #include <stdio.h>
77 #include <stdlib.h>
78 #include <string.h>
79 #include <syslog.h>
80 #include <unistd.h>
81 #include <netdb.h>
82 
83 /* Global defs */
84 #ifdef DEBUG
85 #define	syslog(e, s, args...)						\
86 do {									\
87     fprintf(stderr,(s), ## args);					\
88     fprintf(stderr, "\n");						\
89 } while (/*CONSTCOND*/0)
90 static int	debug = 1;
91 #else
92 static int	debug = 0;
93 #endif
94 
95 static void	nonfs(int);
96 __dead static void	usage(void);
97 
98 static void *
99 worker(void *dummy)
100 {
101 	struct	nfsd_srvargs nsd;
102 	int nfssvc_flag;
103 
104 	pthread_setname_np(pthread_self(), "slave", NULL);
105 	nfssvc_flag = NFSSVC_NFSD;
106 	memset(&nsd, 0, sizeof(nsd));
107 	while (nfssvc(nfssvc_flag, &nsd) < 0) {
108 		if (errno != ENEEDAUTH) {
109 			syslog(LOG_ERR, "nfssvc: %m");
110 			exit(1);
111 		}
112 		nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHINFAIL;
113 	}
114 
115 	return NULL;
116 }
117 
118 struct conf {
119 	struct addrinfo *ai;
120 	struct netconfig *nc;
121 	struct netbuf nb;
122 	struct pollfd pfd;
123 };
124 
125 #define NFS_UDP4	0
126 #define NFS_TCP4	1
127 #define NFS_UDP6	2
128 #define NFS_TCP6	3
129 
130 static int cfg_family[] = { PF_INET, PF_INET, PF_INET6, PF_INET6 };
131 static const char *cfg_netconf[] = { "udp", "tcp", "udp6", "tcp6" };
132 static int cfg_socktype[] = {
133     SOCK_DGRAM, SOCK_STREAM, SOCK_DGRAM, SOCK_STREAM };
134 static int cfg_protocol[] = {
135     IPPROTO_UDP, IPPROTO_TCP, IPPROTO_UDP, IPPROTO_TCP };
136 
137 static int
138 tryconf(struct conf *cfg, int t, int reregister)
139 {
140 	struct addrinfo hints;
141 	int ecode;
142 
143 	memset(cfg, 0, sizeof(*cfg));
144 	memset(&hints, 0, sizeof hints);
145 	hints.ai_flags = AI_PASSIVE;
146 	hints.ai_family = cfg_family[t];
147 	hints.ai_socktype = cfg_socktype[t];
148 	hints.ai_protocol = cfg_protocol[t];
149 
150 	ecode = getaddrinfo(NULL, "nfs", &hints, &cfg->ai);
151 	if (ecode != 0) {
152 		syslog(LOG_ERR, "getaddrinfo %s: %s", cfg_netconf[t],
153 		    gai_strerror(ecode));
154 		return -1;
155 	}
156 
157 	cfg->nc = getnetconfigent(cfg_netconf[t]);
158 
159 	if (cfg->nc == NULL) {
160 		syslog(LOG_ERR, "getnetconfigent %s failed: %m",
161 		    cfg_netconf[t]);
162 		goto out;
163 	}
164 
165 	cfg->nb.buf = cfg->ai->ai_addr;
166 	cfg->nb.len = cfg->nb.maxlen = cfg->ai->ai_addrlen;
167 	if (reregister)
168 		if (!rpcb_set(RPCPROG_NFS, 2, cfg->nc, &cfg->nb)) {
169 			syslog(LOG_ERR, "rpcb_set %s failed", cfg_netconf[t]);
170 			goto out1;
171 		}
172 	return 0;
173 out1:
174 	freenetconfigent(cfg->nc);
175 	cfg->nc = NULL;
176 out:
177 	freeaddrinfo(cfg->ai);
178 	cfg->ai = NULL;
179 	return -1;
180 }
181 
182 static int
183 setupsock(struct conf *cfg, struct pollfd *set, int p)
184 {
185 	int sock;
186 	struct nfsd_args nfsdargs;
187 	struct addrinfo *ai = cfg->ai;
188 	int on = 1;
189 
190 	sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
191 
192 	if (sock == -1) {
193 		syslog(LOG_ERR, "can't create %s socket: %m", cfg_netconf[p]);
194 		return -1;
195 	}
196 	if (cfg_family[p] == PF_INET6) {
197 		if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on,
198 		    sizeof(on)) == -1) {
199 			syslog(LOG_ERR, "can't set v6-only binding for %s "
200 			    "socket: %m", cfg_netconf[p]);
201 			goto out;
202 		}
203 	}
204 
205 	if (cfg_protocol[p] == IPPROTO_TCP) {
206 		if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on,
207 		    sizeof(on)) == -1) {
208 			syslog(LOG_ERR, "setsockopt SO_REUSEADDR for %s: %m",
209 			    cfg_netconf[p]);
210 			goto out;
211 		}
212 	}
213 
214 	if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
215 		syslog(LOG_ERR, "can't bind %s addr: %m", cfg_netconf[p]);
216 		goto out;
217 	}
218 
219 	if (cfg_protocol[p] == IPPROTO_TCP) {
220 		if (listen(sock, 5) == -1) {
221 			syslog(LOG_ERR, "listen failed");
222 			goto out;
223 		}
224 	}
225 
226 	if (!rpcb_set(RPCPROG_NFS, 2, cfg->nc, &cfg->nb) ||
227 	    !rpcb_set(RPCPROG_NFS, 3, cfg->nc, &cfg->nb)) {
228 		syslog(LOG_ERR, "can't register with %s portmap",
229 		    cfg_netconf[p]);
230 		goto out;
231 	}
232 
233 
234 	if (cfg_protocol[p] == IPPROTO_TCP)
235 		set->fd = sock;
236 	else {
237 		nfsdargs.sock = sock;
238 		nfsdargs.name = NULL;
239 		nfsdargs.namelen = 0;
240 		if (nfssvc(NFSSVC_ADDSOCK, &nfsdargs) < 0) {
241 			syslog(LOG_ERR, "can't add %s socket", cfg_netconf[p]);
242 			goto out;
243 		}
244 		(void)close(sock);
245 	}
246 	return 0;
247 out:
248 	(void)close(sock);
249 	return -1;
250 }
251 
252 /*
253  * The functions daemon2_fork() and daemon2_detach() below provide
254  * functionality similar to daemon(3) but split into two phases.
255  * daemon2_fork() is called early, before creating resources that
256  * cannot be inherited across a fork, such as threads or kqueues.
257  * When the daemon is ready to provide service, daemon2_detach()
258  * is called to complete the daemonization and signal the parent
259  * process to exit.
260  *
261  * These functions could potentially be moved to a library and
262  * shared by other daemons.
263  *
264  * The return value from daemon2_fork() is a file descriptor to
265  * be passed as the first argument to daemon2_detach().
266  */
267 
268 static int
269 daemon2_fork(void)
270 {
271 	 int i;
272 	 int fd;
273 	 int r;
274 	 pid_t pid;
275 	 int detach_msg_pipe[2];
276 
277 	 /*
278 	  * Set up a pipe for singalling the parent, making sure the
279 	  * write end does not get allocated one of the file
280 	  * descriptors that may be closed in daemon2_detach().  The
281 	  * read end does not need such protection.
282 	  */
283 	 for (i = 0; i < 3; i++) {
284 		 r = pipe2(detach_msg_pipe, O_CLOEXEC|O_NOSIGPIPE);
285 		 if (r < 0)
286 			 return -1;
287 		 if (detach_msg_pipe[1] <= STDERR_FILENO &&
288 		     (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
289 			 (void)dup2(fd, detach_msg_pipe[0]);
290 			 (void)dup2(fd, detach_msg_pipe[1]);
291 			 if (fd > STDERR_FILENO)
292 				 (void)close(fd);
293 			 continue;
294 		 }
295 		 break;
296 	 }
297 
298 	 pid = fork();
299 	 switch (pid) {
300 	 case -1:
301 		 return -1;
302 	 case 0:
303 		 /* child */
304 		 (void)close(detach_msg_pipe[0]);
305 		 return detach_msg_pipe[1];
306 	 default:
307 		 break;
308 	}
309 
310 	/* Parent */
311 	(void)close(detach_msg_pipe[1]);
312 
313 	for (;;) {
314 		ssize_t nread;
315 		char dummy;
316 		nread = read(detach_msg_pipe[0], &dummy, 1);
317 		if (nread < 0) {
318 			if (errno == EINTR)
319 				continue;
320 			_exit(1);
321 		} else if (nread == 0) {
322 			_exit(1);
323 		} else { /* nread > 0 */
324 			_exit(0);
325 		}
326 	}
327 }
328 
329 static int
330 daemon2_detach(int parentfd, int nochdir, int noclose)
331 {
332 	int fd;
333 
334 	if (setsid() == -1)
335 		return -1;
336 
337 	if (!nochdir)
338 		(void)chdir("/");
339 
340 	if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
341 		(void)dup2(fd, STDIN_FILENO);
342 		(void)dup2(fd, STDOUT_FILENO);
343 		(void)dup2(fd, STDERR_FILENO);
344 		if (fd > STDERR_FILENO)
345 			(void)close(fd);
346 	}
347 
348 	while (1) {
349 		ssize_t r = write(parentfd, "", 1);
350 		if (r < 0) {
351 			if (errno == EINTR)
352 				continue;
353 			else if (errno == EPIPE)
354 				break;
355 			else
356 				return -1;
357 		} else if (r == 0) {
358 			/* Should not happen */
359 			return -1;
360 		} else {
361 			break;
362 		}
363 	}
364 
365 	(void)close(parentfd);
366 
367 	return 0;
368 }
369 
370 /*
371  * Nfs server daemon mostly just a user context for nfssvc()
372  *
373  * 1 - do file descriptor and signal cleanup
374  * 2 - create the nfsd thread(s)
375  * 3 - create server socket(s)
376  * 4 - register socket with portmap
377  *
378  * For connectionless protocols, just pass the socket into the kernel via
379  * nfssvc().
380  * For connection based sockets, loop doing accepts. When you get a new
381  * socket from accept, pass the msgsock into the kernel via nfssvc().
382  * The arguments are:
383  *	-r - reregister with portmapper
384  *	-t - support only tcp nfs clients
385  *	-u - support only udp nfs clients
386  *	-n num how many threads to create.
387  *	-4 - use only ipv4
388  *	-6 - use only ipv6
389  */
390 int
391 main(int argc, char *argv[])
392 {
393 	struct conf cfg[4];
394 	struct pollfd set[__arraycount(cfg)];
395 	int ch, connect_type_cnt;
396 	size_t i, nfsdcnt;
397 	int reregister;
398 	int tcpflag, udpflag;
399 	int ip6flag, ip4flag;
400 	int s, compat;
401 	int parent_fd = -1;
402 
403 #define	DEFNFSDCNT	 4
404 	nfsdcnt = DEFNFSDCNT;
405 	compat = reregister = 0;
406 	tcpflag = udpflag = 1;
407 	ip6flag = ip4flag = 1;
408 #define	GETOPT	"46n:rtu"
409 #define	USAGE	"[-46rtu] [-n num_servers]"
410 	while ((ch = getopt(argc, argv, GETOPT)) != -1) {
411 		switch (ch) {
412 		case '6':
413 			ip6flag = 1;
414 			ip4flag = 0;
415 			s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
416 			if (s < 0 && (errno == EPROTONOSUPPORT ||
417 			    errno == EPFNOSUPPORT || errno == EAFNOSUPPORT))
418 				ip6flag = 0;
419 			else
420 				close(s);
421 			break;
422 		case '4':
423 			ip6flag = 0;
424 			ip4flag = 1;
425 			s = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
426 			if (s < 0 && (errno == EPROTONOSUPPORT ||
427 			    errno == EPFNOSUPPORT || errno == EAFNOSUPPORT))
428 				ip4flag = 0;
429 			else
430 				close(s);
431 			break;
432 		case 'n':
433 			nfsdcnt = atoi(optarg);
434 			if (nfsdcnt < 1) {
435 				warnx("nfsd count %zu; reset to %d", nfsdcnt,
436 				    DEFNFSDCNT);
437 				nfsdcnt = DEFNFSDCNT;
438 			}
439 			break;
440 		case 'r':
441 			reregister = 1;
442 			break;
443 		case 't':
444 			compat |= 2;
445 			tcpflag = 1;
446 			udpflag = 0;
447 			break;
448 		case 'u':
449 			compat |= 1;
450 			tcpflag = 0;
451 			udpflag = 1;
452 			break;
453 		default:
454 		case '?':
455 			usage();
456 		}
457 	}
458 	argv += optind;
459 	argc -= optind;
460 
461 	if (compat == 3) {
462 		warnx("Old -tu options detected; enabling both udp and tcp.");
463 		warnx("This is the default behavior now and you can remove");
464 		warnx("all options.");
465 		tcpflag = udpflag = 1;
466 		if (ip6flag == 1 && ip4flag == 0)
467 			ip4flag = 1;
468 	}
469 
470 	if (debug == 0) {
471 		parent_fd = daemon2_fork();
472 	}
473 
474 	openlog("nfsd", LOG_PID, LOG_DAEMON);
475 
476 	for (i = 0; i < __arraycount(cfg); i++) {
477 		if (ip4flag == 0 && cfg_family[i] == PF_INET)
478 			continue;
479 		if (ip6flag == 0 && cfg_family[i] == PF_INET6)
480 			continue;
481 		if (tcpflag == 0 && cfg_protocol[i] == IPPROTO_TCP)
482 			continue;
483 		if (udpflag == 0 && cfg_protocol[i] == IPPROTO_UDP)
484 			continue;
485 		tryconf(&cfg[i], i, reregister);
486 	}
487 
488 	for (i = 0; i < nfsdcnt; i++) {
489 		pthread_t t;
490 		int error;
491 
492 		error = pthread_create(&t, NULL, worker, NULL);
493 		if (error) {
494 			errno = error;
495 			syslog(LOG_ERR, "pthread_create: %m");
496 			exit(1);
497 		}
498 	}
499 
500 	connect_type_cnt = 0;
501 	for (i = 0; i < __arraycount(cfg); i++) {
502 		set[i].fd = -1;
503 		set[i].events = POLLIN;
504 		set[i].revents = 0;
505 
506 		if (cfg[i].nc == NULL)
507 			continue;
508 
509 		setupsock(&cfg[i], &set[i], i);
510 		if (set[i].fd != -1)
511 			connect_type_cnt++;
512 
513 	}
514 
515 	if (connect_type_cnt == 0)
516 		exit(0);
517 
518 	pthread_setname_np(pthread_self(), "master", NULL);
519 
520 	if (debug == 0) {
521 		daemon2_detach(parent_fd, 0, 0);
522 		(void)signal(SIGHUP, SIG_IGN);
523 		(void)signal(SIGINT, SIG_IGN);
524 		(void)signal(SIGQUIT, SIG_IGN);
525 		(void)signal(SIGSYS, nonfs);
526 	}
527 
528 	/*
529 	 * Loop forever accepting connections and passing the sockets
530 	 * into the kernel for the mounts.
531 	 */
532 	for (;;) {
533 		if (poll(set, __arraycount(set), INFTIM) == -1) {
534 			syslog(LOG_ERR, "poll failed: %m");
535 			exit(1);
536 		}
537 
538 		for (i = 0; i < __arraycount(set); i++) {
539 			struct nfsd_args nfsdargs;
540 			struct sockaddr_storage ss;
541 			socklen_t len;
542 			int msgsock;
543 			int on = 1;
544 
545 			if ((set[i].revents & POLLIN) == 0)
546 				continue;
547 			len = sizeof(ss);
548 			if ((msgsock = accept(set[i].fd,
549 			    (struct sockaddr *)&ss, &len)) == -1) {
550 				int serrno = errno;
551 				syslog(LOG_ERR, "accept failed: %m");
552 				if (serrno == EINTR || serrno == ECONNABORTED)
553 					continue;
554 				exit(1);
555 			}
556 			if (setsockopt(msgsock, SOL_SOCKET, SO_KEEPALIVE, &on,
557 			    sizeof(on)) == -1)
558 				syslog(LOG_ERR, "setsockopt SO_KEEPALIVE: %m");
559 			nfsdargs.sock = msgsock;
560 			nfsdargs.name = (void *)&ss;
561 			nfsdargs.namelen = len;
562 			nfssvc(NFSSVC_ADDSOCK, &nfsdargs);
563 			(void)close(msgsock);
564 		}
565 	}
566 }
567 
568 static void
569 usage(void)
570 {
571 	(void)fprintf(stderr, "Usage: %s %s\n", getprogname(), USAGE);
572 	exit(1);
573 }
574 
575 static void
576 nonfs(int signo)
577 {
578 	syslog(LOG_ERR, "missing system call: NFS not available.");
579 }
580