1 /* $NetBSD: nfsd.c,v 1.66 2016/03/17 15:25:46 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1989, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Rick Macklem at The University of Guelph. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 #ifndef lint 37 __COPYRIGHT("@(#) Copyright (c) 1989, 1993, 1994\ 38 The Regents of the University of California. All rights reserved."); 39 #endif /* not lint */ 40 41 #ifndef lint 42 #if 0 43 static char sccsid[] = "@(#)nfsd.c 8.9 (Berkeley) 3/29/95"; 44 #else 45 __RCSID("$NetBSD: nfsd.c,v 1.66 2016/03/17 15:25:46 christos Exp $"); 46 #endif 47 #endif /* not lint */ 48 49 #include <sys/param.h> 50 #include <sys/ioctl.h> 51 #include <sys/stat.h> 52 #include <sys/wait.h> 53 #include <sys/uio.h> 54 #include <sys/ucred.h> 55 #include <sys/mount.h> 56 #include <sys/socket.h> 57 #include <sys/socketvar.h> 58 #include <poll.h> 59 60 #include <rpc/rpc.h> 61 #include <rpc/pmap_clnt.h> 62 #include <rpc/pmap_prot.h> 63 64 #include <nfs/rpcv2.h> 65 #include <nfs/nfsproto.h> 66 #include <nfs/nfs.h> 67 68 #include <err.h> 69 #include <errno.h> 70 #include <fcntl.h> 71 #include <grp.h> 72 #include <paths.h> 73 #include <pwd.h> 74 #include <pthread.h> 75 #include <signal.h> 76 #include <stdio.h> 77 #include <stdlib.h> 78 #include <string.h> 79 #include <syslog.h> 80 #include <unistd.h> 81 #include <netdb.h> 82 83 #ifdef NFSD_RUMP 84 #include <rump/rump.h> 85 #include <rump/rump_syscalls.h> 86 87 #define nfssvc(a, b) rump_sys_nfssvc((a), (b)) 88 #define close(a) rump_sys_close(a) 89 #define poll(a, b, c) rump_sys_poll((a), (b), (c)) 90 #if 0 91 #define socket(a, b, c) rump_sys_socket((a), (b), (c)) 92 #define setsockopt(a, b, c, d, e) rump_sys_setsockopt((a), (b), (c), (d), (e)) 93 #define bind(a, b, c) rump_sys_bind((a), (b), (c)) 94 #define listen(a, b) rump_sys_listen((a), (b)) 95 #define accept(a, b, c) rump_sys_accept((a), (b), (c)) 96 #endif 97 #define main nfsd_main 98 int nfsd_main(int, char *[]); 99 #endif 100 101 /* Global defs */ 102 #if defined(DEBUG) || defined(NFSD_RUMP) 103 static int debug = 1; 104 #else 105 static int debug = 0; 106 #endif 107 108 #define logit(e, s, args...) \ 109 do { \ 110 if (debug) { \ 111 fprintf(stderr,(s), ## args); \ 112 fprintf(stderr, "\n"); \ 113 } else { \ 114 syslog(e, s, ## args); \ 115 } \ 116 } while (/*CONSTCOND*/0) 117 118 static void nonfs(int); 119 __dead static void usage(void); 120 121 static void * 122 worker(void *dummy) 123 { 124 struct nfsd_srvargs nsd; 125 int nfssvc_flag; 126 127 pthread_setname_np(pthread_self(), "slave", NULL); 128 nfssvc_flag = NFSSVC_NFSD; 129 memset(&nsd, 0, sizeof(nsd)); 130 while (nfssvc(nfssvc_flag, &nsd) < 0) { 131 if (errno != ENEEDAUTH) { 132 logit(LOG_ERR, "nfssvc: %s", strerror(errno)); 133 exit(1); 134 } 135 nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHINFAIL; 136 } 137 138 return NULL; 139 } 140 141 struct conf { 142 struct addrinfo *ai; 143 struct netconfig *nc; 144 struct netbuf nb; 145 struct pollfd pfd; 146 }; 147 148 #define NFS_UDP4 0 149 #define NFS_TCP4 1 150 #define NFS_UDP6 2 151 #define NFS_TCP6 3 152 153 static int cfg_family[] = { PF_INET, PF_INET, PF_INET6, PF_INET6 }; 154 static const char *cfg_netconf[] = { "udp", "tcp", "udp6", "tcp6" }; 155 static int cfg_socktype[] = { 156 SOCK_DGRAM, SOCK_STREAM, SOCK_DGRAM, SOCK_STREAM }; 157 static int cfg_protocol[] = { 158 IPPROTO_UDP, IPPROTO_TCP, IPPROTO_UDP, IPPROTO_TCP }; 159 160 static int 161 tryconf(struct conf *cfg, int t, int reregister) 162 { 163 struct addrinfo hints; 164 int ecode; 165 166 memset(&hints, 0, sizeof hints); 167 hints.ai_flags = AI_PASSIVE; 168 hints.ai_family = cfg_family[t]; 169 hints.ai_socktype = cfg_socktype[t]; 170 hints.ai_protocol = cfg_protocol[t]; 171 172 ecode = getaddrinfo(NULL, "nfs", &hints, &cfg->ai); 173 if (ecode != 0) { 174 logit(LOG_ERR, "getaddrinfo %s: %s", cfg_netconf[t], 175 gai_strerror(ecode)); 176 return -1; 177 } 178 179 cfg->nc = getnetconfigent(cfg_netconf[t]); 180 181 if (cfg->nc == NULL) { 182 logit(LOG_ERR, "getnetconfigent %s failed: %s", 183 cfg_netconf[t], strerror(errno)); 184 goto out; 185 } 186 187 cfg->nb.buf = cfg->ai->ai_addr; 188 cfg->nb.len = cfg->nb.maxlen = cfg->ai->ai_addrlen; 189 if (reregister) 190 if (!rpcb_set(RPCPROG_NFS, 2, cfg->nc, &cfg->nb)) { 191 logit(LOG_ERR, "rpcb_set %s failed", cfg_netconf[t]); 192 goto out1; 193 } 194 return 0; 195 out1: 196 freenetconfigent(cfg->nc); 197 cfg->nc = NULL; 198 out: 199 freeaddrinfo(cfg->ai); 200 cfg->ai = NULL; 201 return -1; 202 } 203 204 static int 205 setupsock(struct conf *cfg, struct pollfd *set, int p) 206 { 207 int sock; 208 struct nfsd_args nfsdargs; 209 struct addrinfo *ai = cfg->ai; 210 int on = 1; 211 212 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 213 214 if (sock == -1) { 215 logit(LOG_ERR, "can't create %s socket: %s", cfg_netconf[p], 216 strerror(errno)); 217 return -1; 218 } 219 if (cfg_family[p] == PF_INET6) { 220 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, 221 sizeof(on)) == -1) { 222 logit(LOG_ERR, "can't set v6-only binding for %s " 223 "socket: %s", cfg_netconf[p], strerror(errno)); 224 goto out; 225 } 226 } 227 228 if (cfg_protocol[p] == IPPROTO_TCP) { 229 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, 230 sizeof(on)) == -1) { 231 logit(LOG_ERR, "setsockopt SO_REUSEADDR for %s: %s", 232 cfg_netconf[p], strerror(errno)); 233 goto out; 234 } 235 } 236 237 if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) { 238 logit(LOG_ERR, "can't bind %s addr: %s", cfg_netconf[p], 239 strerror(errno)); 240 goto out; 241 } 242 243 if (cfg_protocol[p] == IPPROTO_TCP) { 244 if (listen(sock, 5) == -1) { 245 logit(LOG_ERR, "listen failed"); 246 goto out; 247 } 248 } 249 250 if (!rpcb_set(RPCPROG_NFS, 2, cfg->nc, &cfg->nb) || 251 !rpcb_set(RPCPROG_NFS, 3, cfg->nc, &cfg->nb)) { 252 logit(LOG_ERR, "can't register with %s portmap", 253 cfg_netconf[p]); 254 goto out; 255 } 256 257 258 if (cfg_protocol[p] == IPPROTO_TCP) 259 set->fd = sock; 260 else { 261 nfsdargs.sock = sock; 262 nfsdargs.name = NULL; 263 nfsdargs.namelen = 0; 264 if (nfssvc(NFSSVC_ADDSOCK, &nfsdargs) < 0) { 265 logit(LOG_ERR, "can't add %s socket: %s", 266 cfg_netconf[p], strerror(errno)); 267 goto out; 268 } 269 (void)close(sock); 270 } 271 return 0; 272 out: 273 (void)close(sock); 274 return -1; 275 } 276 277 /* 278 * The functions daemon2_fork() and daemon2_detach() below provide 279 * functionality similar to daemon(3) but split into two phases. 280 * daemon2_fork() is called early, before creating resources that 281 * cannot be inherited across a fork, such as threads or kqueues. 282 * When the daemon is ready to provide service, daemon2_detach() 283 * is called to complete the daemonization and signal the parent 284 * process to exit. 285 * 286 * These functions could potentially be moved to a library and 287 * shared by other daemons. 288 * 289 * The return value from daemon2_fork() is a file descriptor to 290 * be passed as the first argument to daemon2_detach(). 291 */ 292 293 static int 294 daemon2_fork(void) 295 { 296 int i; 297 int fd; 298 int r; 299 pid_t pid; 300 int detach_msg_pipe[2]; 301 302 /* 303 * Set up a pipe for signalling the parent, making sure the 304 * write end does not get allocated one of the file 305 * descriptors that may be closed in daemon2_detach(). The 306 * read end does not need such protection. 307 */ 308 for (i = 0; i < 3; i++) { 309 r = pipe2(detach_msg_pipe, O_CLOEXEC|O_NOSIGPIPE); 310 if (r < 0) 311 return -1; 312 if (detach_msg_pipe[1] <= STDERR_FILENO && 313 (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { 314 (void)dup2(fd, detach_msg_pipe[0]); 315 (void)dup2(fd, detach_msg_pipe[1]); 316 if (fd > STDERR_FILENO) 317 (void)close(fd); 318 continue; 319 } 320 break; 321 } 322 323 pid = fork(); 324 switch (pid) { 325 case -1: 326 return -1; 327 case 0: 328 /* child */ 329 (void)close(detach_msg_pipe[0]); 330 return detach_msg_pipe[1]; 331 default: 332 break; 333 } 334 335 /* Parent */ 336 (void)close(detach_msg_pipe[1]); 337 338 for (;;) { 339 ssize_t nread; 340 char dummy; 341 nread = read(detach_msg_pipe[0], &dummy, 1); 342 if (nread < 0) { 343 if (errno == EINTR) 344 continue; 345 _exit(1); 346 } else if (nread == 0) { 347 _exit(1); 348 } else { /* nread > 0 */ 349 _exit(0); 350 } 351 } 352 } 353 354 static int 355 daemon2_detach(int parentfd, int nochdir, int noclose) 356 { 357 int fd; 358 359 if (setsid() == -1) 360 return -1; 361 362 if (!nochdir) 363 (void)chdir("/"); 364 365 if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { 366 (void)dup2(fd, STDIN_FILENO); 367 (void)dup2(fd, STDOUT_FILENO); 368 (void)dup2(fd, STDERR_FILENO); 369 if (fd > STDERR_FILENO) 370 (void)close(fd); 371 } 372 373 while (1) { 374 ssize_t r = write(parentfd, "", 1); 375 if (r < 0) { 376 if (errno == EINTR) 377 continue; 378 else if (errno == EPIPE) 379 break; 380 else 381 return -1; 382 } else if (r == 0) { 383 /* Should not happen */ 384 return -1; 385 } else { 386 break; 387 } 388 } 389 390 (void)close(parentfd); 391 392 return 0; 393 } 394 395 /* 396 * Nfs server daemon mostly just a user context for nfssvc() 397 * 398 * 1 - do file descriptor and signal cleanup 399 * 2 - create the nfsd thread(s) 400 * 3 - create server socket(s) 401 * 4 - register socket with portmap 402 * 403 * For connectionless protocols, just pass the socket into the kernel via 404 * nfssvc(). 405 * For connection based sockets, loop doing accepts. When you get a new 406 * socket from accept, pass the msgsock into the kernel via nfssvc(). 407 * The arguments are: 408 * -r - reregister with portmapper 409 * -t - support only tcp nfs clients 410 * -u - support only udp nfs clients 411 * -n num how many threads to create. 412 * -4 - use only ipv4 413 * -6 - use only ipv6 414 */ 415 int 416 main(int argc, char *argv[]) 417 { 418 struct conf cfg[4]; 419 struct pollfd set[__arraycount(cfg)]; 420 int ch, connect_type_cnt; 421 size_t i, nfsdcnt; 422 int reregister; 423 int tcpflag, udpflag; 424 int ip6flag, ip4flag; 425 int s, compat; 426 int parent_fd = -1; 427 428 #define DEFNFSDCNT 4 429 nfsdcnt = DEFNFSDCNT; 430 compat = reregister = 0; 431 tcpflag = udpflag = 1; 432 ip6flag = ip4flag = 1; 433 #define GETOPT "46dn:rtu" 434 #define USAGE "[-46drtu] [-n num_servers]" 435 while ((ch = getopt(argc, argv, GETOPT)) != -1) { 436 switch (ch) { 437 case '6': 438 ip6flag = 1; 439 ip4flag = 0; 440 s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP); 441 if (s < 0 && (errno == EPROTONOSUPPORT || 442 errno == EPFNOSUPPORT || errno == EAFNOSUPPORT)) 443 ip6flag = 0; 444 else 445 close(s); 446 break; 447 case '4': 448 ip6flag = 0; 449 ip4flag = 1; 450 s = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); 451 if (s < 0 && (errno == EPROTONOSUPPORT || 452 errno == EPFNOSUPPORT || errno == EAFNOSUPPORT)) 453 ip4flag = 0; 454 else 455 close(s); 456 break; 457 case 'd': 458 debug++; 459 break; 460 case 'n': 461 nfsdcnt = atoi(optarg); 462 if (nfsdcnt < 1) { 463 warnx("nfsd count %zu; reset to %d", nfsdcnt, 464 DEFNFSDCNT); 465 nfsdcnt = DEFNFSDCNT; 466 } 467 break; 468 case 'r': 469 reregister = 1; 470 break; 471 case 't': 472 compat |= 2; 473 tcpflag = 1; 474 udpflag = 0; 475 break; 476 case 'u': 477 compat |= 1; 478 tcpflag = 0; 479 udpflag = 1; 480 break; 481 default: 482 case '?': 483 usage(); 484 } 485 } 486 argv += optind; 487 argc -= optind; 488 489 if (compat == 3) { 490 warnx("Old -tu options detected; enabling both udp and tcp."); 491 warnx("This is the default behavior now and you can remove"); 492 warnx("all options."); 493 tcpflag = udpflag = 1; 494 if (ip6flag == 1 && ip4flag == 0) 495 ip4flag = 1; 496 } 497 498 if (debug == 0) { 499 parent_fd = daemon2_fork(); 500 openlog("nfsd", LOG_PID, LOG_DAEMON); 501 } 502 503 504 memset(cfg, 0, sizeof(cfg)); 505 for (i = 0; i < __arraycount(cfg); i++) { 506 if (ip4flag == 0 && cfg_family[i] == PF_INET) 507 continue; 508 if (ip6flag == 0 && cfg_family[i] == PF_INET6) 509 continue; 510 if (tcpflag == 0 && cfg_protocol[i] == IPPROTO_TCP) 511 continue; 512 if (udpflag == 0 && cfg_protocol[i] == IPPROTO_UDP) 513 continue; 514 tryconf(&cfg[i], i, reregister); 515 } 516 517 for (i = 0; i < nfsdcnt; i++) { 518 pthread_t t; 519 int error; 520 521 error = pthread_create(&t, NULL, worker, NULL); 522 if (error) { 523 errno = error; 524 logit(LOG_ERR, "pthread_create: %s", strerror(errno)); 525 exit(1); 526 } 527 } 528 529 connect_type_cnt = 0; 530 for (i = 0; i < __arraycount(cfg); i++) { 531 set[i].fd = -1; 532 set[i].events = POLLIN; 533 set[i].revents = 0; 534 535 if (cfg[i].nc == NULL) 536 continue; 537 538 setupsock(&cfg[i], &set[i], i); 539 if (set[i].fd != -1) 540 connect_type_cnt++; 541 542 } 543 544 if (connect_type_cnt == 0) 545 exit(0); 546 547 pthread_setname_np(pthread_self(), "master", NULL); 548 549 if (debug == 0) { 550 daemon2_detach(parent_fd, 0, 0); 551 (void)signal(SIGHUP, SIG_IGN); 552 (void)signal(SIGINT, SIG_IGN); 553 (void)signal(SIGQUIT, SIG_IGN); 554 (void)signal(SIGSYS, nonfs); 555 } 556 557 /* 558 * Loop forever accepting connections and passing the sockets 559 * into the kernel for the mounts. 560 */ 561 for (;;) { 562 if (poll(set, __arraycount(set), INFTIM) == -1) { 563 logit(LOG_ERR, "poll failed: %s", strerror(errno)); 564 exit(1); 565 } 566 567 for (i = 0; i < __arraycount(set); i++) { 568 struct nfsd_args nfsdargs; 569 struct sockaddr_storage ss; 570 socklen_t len; 571 int msgsock; 572 int on = 1; 573 574 if ((set[i].revents & POLLIN) == 0) 575 continue; 576 len = sizeof(ss); 577 if ((msgsock = accept(set[i].fd, 578 (struct sockaddr *)&ss, &len)) == -1) { 579 int serrno = errno; 580 logit(LOG_ERR, "accept failed: %s", 581 strerror(errno)); 582 if (serrno == EINTR || serrno == ECONNABORTED) 583 continue; 584 exit(1); 585 } 586 if (setsockopt(msgsock, SOL_SOCKET, SO_KEEPALIVE, &on, 587 sizeof(on)) == -1) 588 logit(LOG_ERR, "setsockopt SO_KEEPALIVE: %s", 589 strerror(errno)); 590 nfsdargs.sock = msgsock; 591 nfsdargs.name = (void *)&ss; 592 nfsdargs.namelen = len; 593 nfssvc(NFSSVC_ADDSOCK, &nfsdargs); 594 (void)close(msgsock); 595 } 596 } 597 } 598 599 static void 600 usage(void) 601 { 602 (void)fprintf(stderr, "Usage: %s %s\n", getprogname(), USAGE); 603 exit(1); 604 } 605 606 static void 607 nonfs(int signo) 608 { 609 logit(LOG_ERR, "missing system call: NFS not available."); 610 } 611