1 /* $NetBSD: nfsd.c,v 1.72 2020/08/26 13:35:12 gson Exp $ */ 2 3 /* 4 * Copyright (c) 1989, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Rick Macklem at The University of Guelph. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 #ifndef lint 37 __COPYRIGHT("@(#) Copyright (c) 1989, 1993, 1994\ 38 The Regents of the University of California. All rights reserved."); 39 #endif /* not lint */ 40 41 #ifndef lint 42 #if 0 43 static char sccsid[] = "@(#)nfsd.c 8.9 (Berkeley) 3/29/95"; 44 #else 45 __RCSID("$NetBSD: nfsd.c,v 1.72 2020/08/26 13:35:12 gson Exp $"); 46 #endif 47 #endif /* not lint */ 48 49 #include <sys/param.h> 50 #include <sys/ioctl.h> 51 #include <sys/stat.h> 52 #include <sys/wait.h> 53 #include <sys/uio.h> 54 #include <sys/ucred.h> 55 #include <sys/mount.h> 56 #include <sys/socket.h> 57 #include <sys/socketvar.h> 58 #include <poll.h> 59 60 #include <rpc/rpc.h> 61 #include <rpc/pmap_clnt.h> 62 #include <rpc/pmap_prot.h> 63 64 #include <nfs/rpcv2.h> 65 #include <nfs/nfsproto.h> 66 #include <nfs/nfs.h> 67 68 #include <err.h> 69 #include <errno.h> 70 #include <fcntl.h> 71 #include <grp.h> 72 #include <paths.h> 73 #include <pwd.h> 74 #include <pthread.h> 75 #include <signal.h> 76 #include <stdio.h> 77 #include <stdlib.h> 78 #include <string.h> 79 #include <syslog.h> 80 #include <unistd.h> 81 #include <netdb.h> 82 83 #ifdef NFSD_RUMP 84 #include <rump/rump.h> 85 #include <rump/rump_syscallshotgun.h> 86 #include <rump/rump_syscalls.h> 87 88 #define nfssvc(a, b) rump_sys_nfssvc((a), (b)) 89 #define close(a) rump_sys_close(a) 90 #define poll(a, b, c) rump_sys_poll((a), (b), (c)) 91 #if 0 92 #define socket(a, b, c) rump_sys_socket((a), (b), (c)) 93 #define setsockopt(a, b, c, d, e) rump_sys_setsockopt((a), (b), (c), (d), (e)) 94 #define bind(a, b, c) rump_sys_bind((a), (b), (c)) 95 #define listen(a, b) rump_sys_listen((a), (b)) 96 #define accept(a, b, c) rump_sys_accept((a), (b), (c)) 97 #endif 98 #define main nfsd_main 99 int nfsd_main(int, char *[]); 100 #endif 101 102 /* Global defs */ 103 #if defined(DEBUG) || defined(NFSD_RUMP) 104 static int debug = 1; 105 #else 106 static int debug = 0; 107 #endif 108 109 #define logit(e, s, args...) \ 110 do { \ 111 if (debug) { \ 112 fprintf(stderr,(s), ## args); \ 113 fprintf(stderr, "\n"); \ 114 } else { \ 115 syslog(e, s, ## args); \ 116 } \ 117 } while (/*CONSTCOND*/0) 118 119 static void nonfs(int); 120 __dead static void usage(void); 121 122 static void * 123 worker(void *dummy) 124 { 125 struct nfsd_srvargs nsd; 126 int nfssvc_flag; 127 128 pthread_setname_np(pthread_self(), "slave", NULL); 129 nfssvc_flag = NFSSVC_NFSD; 130 memset(&nsd, 0, sizeof(nsd)); 131 while (nfssvc(nfssvc_flag, &nsd) < 0) { 132 if (errno != ENEEDAUTH) { 133 logit(LOG_ERR, "nfssvc: %s", strerror(errno)); 134 exit(1); 135 } 136 nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHINFAIL; 137 } 138 139 return NULL; 140 } 141 142 struct conf { 143 struct addrinfo *ai; 144 struct netconfig *nc; 145 struct netbuf nb; 146 struct pollfd pfd; 147 }; 148 149 #define NFS_UDP4 0 150 #define NFS_TCP4 1 151 #define NFS_UDP6 2 152 #define NFS_TCP6 3 153 154 static int cfg_family[] = { PF_INET, PF_INET, PF_INET6, PF_INET6 }; 155 static const char *cfg_netconf[] = { "udp", "tcp", "udp6", "tcp6" }; 156 static int cfg_socktype[] = { 157 SOCK_DGRAM, SOCK_STREAM, SOCK_DGRAM, SOCK_STREAM }; 158 static int cfg_protocol[] = { 159 IPPROTO_UDP, IPPROTO_TCP, IPPROTO_UDP, IPPROTO_TCP }; 160 161 static int 162 tryconf(struct conf *cfg, int t, int reregister) 163 { 164 struct addrinfo hints; 165 int ecode; 166 167 memset(&hints, 0, sizeof hints); 168 hints.ai_flags = AI_PASSIVE; 169 hints.ai_family = cfg_family[t]; 170 hints.ai_socktype = cfg_socktype[t]; 171 hints.ai_protocol = cfg_protocol[t]; 172 173 ecode = getaddrinfo(NULL, "nfs", &hints, &cfg->ai); 174 if (ecode != 0) { 175 logit(LOG_ERR, "getaddrinfo %s: %s", cfg_netconf[t], 176 gai_strerror(ecode)); 177 return -1; 178 } 179 180 cfg->nc = getnetconfigent(cfg_netconf[t]); 181 182 if (cfg->nc == NULL) { 183 logit(LOG_ERR, "getnetconfigent %s failed: %s", 184 cfg_netconf[t], strerror(errno)); 185 goto out; 186 } 187 188 cfg->nb.buf = cfg->ai->ai_addr; 189 cfg->nb.len = cfg->nb.maxlen = cfg->ai->ai_addrlen; 190 if (reregister) 191 if (!rpcb_set(RPCPROG_NFS, 2, cfg->nc, &cfg->nb)) { 192 logit(LOG_ERR, "rpcb_set %s failed", cfg_netconf[t]); 193 goto out1; 194 } 195 return 0; 196 out1: 197 freenetconfigent(cfg->nc); 198 cfg->nc = NULL; 199 out: 200 freeaddrinfo(cfg->ai); 201 cfg->ai = NULL; 202 return -1; 203 } 204 205 static int 206 setupsock(struct conf *cfg, struct pollfd *set, int p) 207 { 208 int sock; 209 struct nfsd_args nfsdargs; 210 struct addrinfo *ai = cfg->ai; 211 int on = 1; 212 213 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 214 215 if (sock == -1) { 216 logit(LOG_ERR, "can't create %s socket: %s", cfg_netconf[p], 217 strerror(errno)); 218 return -1; 219 } 220 if (cfg_family[p] == PF_INET6) { 221 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, 222 sizeof(on)) == -1) { 223 logit(LOG_ERR, "can't set v6-only binding for %s " 224 "socket: %s", cfg_netconf[p], strerror(errno)); 225 goto out; 226 } 227 } 228 229 if (cfg_protocol[p] == IPPROTO_TCP) { 230 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, 231 sizeof(on)) == -1) { 232 logit(LOG_ERR, "setsockopt SO_REUSEADDR for %s: %s", 233 cfg_netconf[p], strerror(errno)); 234 goto out; 235 } 236 } 237 238 if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) { 239 logit(LOG_ERR, "can't bind %s addr: %s", cfg_netconf[p], 240 strerror(errno)); 241 goto out; 242 } 243 244 if (cfg_protocol[p] == IPPROTO_TCP) { 245 if (listen(sock, 5) == -1) { 246 logit(LOG_ERR, "listen failed"); 247 goto out; 248 } 249 } 250 251 if (!rpcb_set(RPCPROG_NFS, 2, cfg->nc, &cfg->nb) || 252 !rpcb_set(RPCPROG_NFS, 3, cfg->nc, &cfg->nb)) { 253 logit(LOG_ERR, "can't register with %s portmap", 254 cfg_netconf[p]); 255 goto out; 256 } 257 258 259 if (cfg_protocol[p] == IPPROTO_TCP) 260 set->fd = sock; 261 else { 262 nfsdargs.sock = sock; 263 nfsdargs.name = NULL; 264 nfsdargs.namelen = 0; 265 if (nfssvc(NFSSVC_ADDSOCK, &nfsdargs) < 0) { 266 logit(LOG_ERR, "can't add %s socket: %s", 267 cfg_netconf[p], strerror(errno)); 268 goto out; 269 } 270 (void)close(sock); 271 } 272 return 0; 273 out: 274 (void)close(sock); 275 return -1; 276 } 277 278 /* 279 * The functions daemon2_fork() and daemon2_detach() below provide 280 * functionality similar to daemon(3) but split into two phases. 281 * daemon2_fork() is called early, before creating resources that 282 * cannot be inherited across a fork, such as threads or kqueues. 283 * When the daemon is ready to provide service, daemon2_detach() 284 * is called to complete the daemonization and signal the parent 285 * process to exit. 286 * 287 * These functions could potentially be moved to a library and 288 * shared by other daemons. 289 * 290 * The return value from daemon2_fork() is a file descriptor to 291 * be passed as the first argument to daemon2_detach(). 292 */ 293 294 static int 295 daemon2_fork(void) 296 { 297 int i; 298 int fd; 299 int r; 300 pid_t pid; 301 int detach_msg_pipe[2]; 302 303 /* 304 * Set up a pipe for signalling the parent, making sure the 305 * write end does not get allocated one of the file 306 * descriptors that may be closed in daemon2_detach(). The 307 * read end does not need such protection. 308 */ 309 for (i = 0; i < 3; i++) { 310 r = pipe2(detach_msg_pipe, O_CLOEXEC|O_NOSIGPIPE); 311 if (r < 0) 312 return -1; 313 if (detach_msg_pipe[1] <= STDERR_FILENO && 314 (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { 315 (void)dup2(fd, detach_msg_pipe[0]); 316 (void)dup2(fd, detach_msg_pipe[1]); 317 if (fd > STDERR_FILENO) 318 (void)close(fd); 319 continue; 320 } 321 break; 322 } 323 324 pid = fork(); 325 switch (pid) { 326 case -1: 327 return -1; 328 case 0: 329 /* child */ 330 (void)close(detach_msg_pipe[0]); 331 (void)write(detach_msg_pipe[1], "", 1); 332 return detach_msg_pipe[1]; 333 default: 334 break; 335 } 336 337 /* Parent */ 338 (void)close(detach_msg_pipe[1]); 339 340 for (;;) { 341 ssize_t nread; 342 char dummy; 343 nread = read(detach_msg_pipe[0], &dummy, 1); 344 if (nread < 0) { 345 if (errno == EINTR) 346 continue; 347 _exit(1); 348 } else if (nread == 0) { 349 _exit(1); 350 } else { /* nread > 0 */ 351 _exit(0); 352 } 353 } 354 } 355 356 static int 357 daemon2_detach(int parentfd, int nochdir, int noclose) 358 { 359 int fd; 360 361 if (setsid() == -1) 362 return -1; 363 364 if (!nochdir) 365 (void)chdir("/"); 366 367 if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { 368 (void)dup2(fd, STDIN_FILENO); 369 (void)dup2(fd, STDOUT_FILENO); 370 (void)dup2(fd, STDERR_FILENO); 371 if (fd > STDERR_FILENO) 372 (void)close(fd); 373 } 374 375 while (1) { 376 ssize_t r = write(parentfd, "", 1); 377 if (r < 0) { 378 if (errno == EINTR) 379 continue; 380 else if (errno == EPIPE) 381 break; 382 else 383 return -1; 384 } else if (r == 0) { 385 /* Should not happen */ 386 return -1; 387 } else { 388 break; 389 } 390 } 391 392 (void)close(parentfd); 393 394 return 0; 395 } 396 397 /* 398 * Nfs server daemon mostly just a user context for nfssvc() 399 * 400 * 1 - do file descriptor and signal cleanup 401 * 2 - create the nfsd thread(s) 402 * 3 - create server socket(s) 403 * 4 - register socket with portmap 404 * 405 * For connectionless protocols, just pass the socket into the kernel via 406 * nfssvc(). 407 * For connection based sockets, loop doing accepts. When you get a new 408 * socket from accept, pass the msgsock into the kernel via nfssvc(). 409 * The arguments are: 410 * -r - reregister with portmapper 411 * -t - support only tcp nfs clients 412 * -u - support only udp nfs clients 413 * -n num how many threads to create. 414 * -4 - use only ipv4 415 * -6 - use only ipv6 416 */ 417 int 418 main(int argc, char *argv[]) 419 { 420 struct conf cfg[4]; 421 struct pollfd set[__arraycount(cfg)]; 422 int ch, connect_type_cnt; 423 size_t i, nfsdcnt; 424 int reregister; 425 int tcpflag, udpflag; 426 int ip6flag, ip4flag; 427 int s, compat; 428 int parent_fd = -1; 429 pthread_t *workers; 430 431 #define DEFNFSDCNT 4 432 nfsdcnt = DEFNFSDCNT; 433 compat = reregister = 0; 434 tcpflag = udpflag = 1; 435 ip6flag = ip4flag = 1; 436 #define GETOPT "46dn:rtu" 437 #define USAGE "[-46drtu] [-n num_servers]" 438 while ((ch = getopt(argc, argv, GETOPT)) != -1) { 439 switch (ch) { 440 case '6': 441 ip6flag = 1; 442 ip4flag = 0; 443 s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP); 444 if (s < 0 && (errno == EPROTONOSUPPORT || 445 errno == EPFNOSUPPORT || errno == EAFNOSUPPORT)) 446 ip6flag = 0; 447 else 448 close(s); 449 break; 450 case '4': 451 ip6flag = 0; 452 ip4flag = 1; 453 s = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); 454 if (s < 0 && (errno == EPROTONOSUPPORT || 455 errno == EPFNOSUPPORT || errno == EAFNOSUPPORT)) 456 ip4flag = 0; 457 else 458 close(s); 459 break; 460 case 'd': 461 debug++; 462 break; 463 case 'n': 464 nfsdcnt = atoi(optarg); 465 if (nfsdcnt < 1) { 466 warnx("nfsd count %zu; reset to %d", nfsdcnt, 467 DEFNFSDCNT); 468 nfsdcnt = DEFNFSDCNT; 469 } 470 break; 471 case 'r': 472 reregister = 1; 473 break; 474 case 't': 475 compat |= 2; 476 tcpflag = 1; 477 udpflag = 0; 478 break; 479 case 'u': 480 compat |= 1; 481 tcpflag = 0; 482 udpflag = 1; 483 break; 484 default: 485 case '?': 486 usage(); 487 } 488 } 489 argv += optind; 490 argc -= optind; 491 492 if (compat == 3) { 493 warnx("Old -tu options detected; enabling both udp and tcp."); 494 warnx("This is the default behavior now and you can remove"); 495 warnx("all options."); 496 tcpflag = udpflag = 1; 497 if (ip6flag == 1 && ip4flag == 0) 498 ip4flag = 1; 499 } 500 501 if (debug == 0) { 502 parent_fd = daemon2_fork(); 503 if (parent_fd == -1) 504 logit(LOG_ERR, "daemon2_fork failed"); 505 openlog("nfsd", LOG_PID, LOG_DAEMON); 506 } 507 508 509 memset(cfg, 0, sizeof(cfg)); 510 for (i = 0; i < __arraycount(cfg); i++) { 511 if (ip4flag == 0 && cfg_family[i] == PF_INET) 512 continue; 513 if (ip6flag == 0 && cfg_family[i] == PF_INET6) 514 continue; 515 if (tcpflag == 0 && cfg_protocol[i] == IPPROTO_TCP) 516 continue; 517 if (udpflag == 0 && cfg_protocol[i] == IPPROTO_UDP) 518 continue; 519 tryconf(&cfg[i], i, reregister); 520 } 521 522 workers = calloc(nfsdcnt, sizeof(*workers)); 523 if (workers == NULL) { 524 logit(LOG_ERR, "thread alloc %s", strerror(errno)); 525 exit(1); 526 } 527 528 for (i = 0; i < nfsdcnt; i++) { 529 int error; 530 531 error = pthread_create(&workers[i], NULL, worker, NULL); 532 if (error) { 533 errno = error; 534 logit(LOG_ERR, "pthread_create: %s", strerror(errno)); 535 exit(1); 536 } 537 } 538 539 connect_type_cnt = 0; 540 for (i = 0; i < __arraycount(cfg); i++) { 541 set[i].fd = -1; 542 set[i].events = POLLIN; 543 set[i].revents = 0; 544 545 if (cfg[i].nc == NULL) 546 continue; 547 548 setupsock(&cfg[i], &set[i], i); 549 if (set[i].fd != -1) 550 connect_type_cnt++; 551 } 552 553 pthread_setname_np(pthread_self(), "master", NULL); 554 555 if (debug == 0) { 556 daemon2_detach(parent_fd, 0, 0); 557 (void)signal(SIGHUP, SIG_IGN); 558 (void)signal(SIGINT, SIG_IGN); 559 (void)signal(SIGQUIT, SIG_IGN); 560 (void)signal(SIGSYS, nonfs); 561 } 562 563 if (connect_type_cnt == 0) { 564 for (i = 0; i < nfsdcnt; i++) 565 pthread_join(workers[i], NULL); 566 exit(0); 567 } 568 569 /* 570 * Loop forever accepting connections and passing the sockets 571 * into the kernel for the mounts. 572 */ 573 for (;;) { 574 if (poll(set, __arraycount(set), INFTIM) == -1) { 575 logit(LOG_ERR, "poll failed: %s", strerror(errno)); 576 exit(1); 577 } 578 579 for (i = 0; i < __arraycount(set); i++) { 580 struct nfsd_args nfsdargs; 581 struct sockaddr_storage ss; 582 socklen_t len; 583 int msgsock; 584 int on = 1; 585 586 if ((set[i].revents & POLLIN) == 0) 587 continue; 588 len = sizeof(ss); 589 if ((msgsock = accept(set[i].fd, 590 (struct sockaddr *)&ss, &len)) == -1) { 591 int serrno = errno; 592 logit(LOG_ERR, "accept failed: %s", 593 strerror(errno)); 594 if (serrno == EINTR || serrno == ECONNABORTED) 595 continue; 596 exit(1); 597 } 598 if (setsockopt(msgsock, SOL_SOCKET, SO_KEEPALIVE, &on, 599 sizeof(on)) == -1) 600 logit(LOG_ERR, "setsockopt SO_KEEPALIVE: %s", 601 strerror(errno)); 602 nfsdargs.sock = msgsock; 603 nfsdargs.name = (void *)&ss; 604 nfsdargs.namelen = len; 605 nfssvc(NFSSVC_ADDSOCK, &nfsdargs); 606 (void)close(msgsock); 607 } 608 } 609 } 610 611 static void 612 usage(void) 613 { 614 (void)fprintf(stderr, "Usage: %s %s\n", getprogname(), USAGE); 615 exit(1); 616 } 617 618 static void 619 nonfs(int signo) 620 { 621 logit(LOG_ERR, "missing system call: NFS not available."); 622 } 623