xref: /openbsd-src/sys/nfs/nfs_subs.c (revision db3296cf5c1dd9058ceecc3a29fe4aaa0bd26000) 
1 /*	$OpenBSD: nfs_subs.c,v 1.43 2003/06/02 23:28:19 millert Exp $	*/
2 /*	$NetBSD: nfs_subs.c,v 1.27.4.3 1996/07/08 20:34:24 jtc Exp $	*/
3 
4 /*
5  * Copyright (c) 1989, 1993
6  *	The Regents of the University of California.  All rights reserved.
7  *
8  * This code is derived from software contributed to Berkeley by
9  * Rick Macklem at The University of Guelph.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. Neither the name of the University nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  *
35  *	@(#)nfs_subs.c	8.8 (Berkeley) 5/22/95
36  */
37 
38 
39 /*
40  * These functions support the macros and help fiddle mbuf chains for
41  * the nfs op functions. They do things like create the rpc header and
42  * copy data between mbuf chains and uio lists.
43  */
44 #include <sys/param.h>
45 #include <sys/proc.h>
46 #include <sys/systm.h>
47 #include <sys/kernel.h>
48 #include <sys/mount.h>
49 #include <sys/vnode.h>
50 #include <sys/namei.h>
51 #include <sys/mbuf.h>
52 #include <sys/socket.h>
53 #include <sys/socketvar.h>
54 #include <sys/stat.h>
55 #include <sys/malloc.h>
56 #include <sys/time.h>
57 
58 #include <uvm/uvm_extern.h>
59 
60 #include <nfs/rpcv2.h>
61 #include <nfs/nfsproto.h>
62 #include <nfs/nfsnode.h>
63 #include <nfs/nfs.h>
64 #include <nfs/xdr_subs.h>
65 #include <nfs/nfsm_subs.h>
66 #include <nfs/nfsmount.h>
67 #include <nfs/nfsrtt.h>
68 #include <nfs/nfs_var.h>
69 
70 #include <miscfs/specfs/specdev.h>
71 
72 #include <netinet/in.h>
73 #ifdef ISO
74 #include <netiso/iso.h>
75 #endif
76 
77 #include <dev/rndvar.h>
78 
79 #ifdef __GNUC__
80 #define INLINE __inline
81 #else
82 #define INLINE
83 #endif
84 
85 int	nfs_attrtimeo(struct nfsnode *np);
86 
87 /*
88  * Data items converted to xdr at startup, since they are constant
89  * This is kinda hokey, but may save a little time doing byte swaps
90  */
91 u_int32_t nfs_xdrneg1;
92 u_int32_t rpc_call, rpc_vers, rpc_reply, rpc_msgdenied, rpc_autherr,
93 	rpc_mismatch, rpc_auth_unix, rpc_msgaccepted,
94 	rpc_auth_kerb;
95 u_int32_t nfs_prog, nfs_true, nfs_false;
96 
97 /* And other global data */
98 static u_int32_t nfs_xid = 0;
99 static u_int32_t nfs_xid_touched = 0;
100 nfstype nfsv2_type[9] = { NFNON, NFREG, NFDIR, NFBLK, NFCHR, NFLNK, NFNON,
101 		      NFCHR, NFNON };
102 nfstype nfsv3_type[9] = { NFNON, NFREG, NFDIR, NFBLK, NFCHR, NFLNK, NFSOCK,
103 		      NFFIFO, NFNON };
104 enum vtype nv2tov_type[8] = { VNON, VREG, VDIR, VBLK, VCHR, VLNK, VNON, VNON };
105 enum vtype nv3tov_type[8]={ VNON, VREG, VDIR, VBLK, VCHR, VLNK, VSOCK, VFIFO };
106 int nfs_ticks;
107 
108 /*
109  * Mapping of old NFS Version 2 RPC numbers to generic numbers.
110  */
111 int nfsv3_procid[NFS_NPROCS] = {
112 	NFSPROC_NULL,
113 	NFSPROC_GETATTR,
114 	NFSPROC_SETATTR,
115 	NFSPROC_NOOP,
116 	NFSPROC_LOOKUP,
117 	NFSPROC_READLINK,
118 	NFSPROC_READ,
119 	NFSPROC_NOOP,
120 	NFSPROC_WRITE,
121 	NFSPROC_CREATE,
122 	NFSPROC_REMOVE,
123 	NFSPROC_RENAME,
124 	NFSPROC_LINK,
125 	NFSPROC_SYMLINK,
126 	NFSPROC_MKDIR,
127 	NFSPROC_RMDIR,
128 	NFSPROC_READDIR,
129 	NFSPROC_FSSTAT,
130 	NFSPROC_NOOP,
131 	NFSPROC_NOOP,
132 	NFSPROC_NOOP,
133 	NFSPROC_NOOP,
134 	NFSPROC_NOOP,
135 	NFSPROC_NOOP,
136 	NFSPROC_NOOP,
137 	NFSPROC_NOOP
138 };
139 
140 /*
141  * and the reverse mapping from generic to Version 2 procedure numbers
142  */
143 int nfsv2_procid[NFS_NPROCS] = {
144 	NFSV2PROC_NULL,
145 	NFSV2PROC_GETATTR,
146 	NFSV2PROC_SETATTR,
147 	NFSV2PROC_LOOKUP,
148 	NFSV2PROC_NOOP,
149 	NFSV2PROC_READLINK,
150 	NFSV2PROC_READ,
151 	NFSV2PROC_WRITE,
152 	NFSV2PROC_CREATE,
153 	NFSV2PROC_MKDIR,
154 	NFSV2PROC_SYMLINK,
155 	NFSV2PROC_CREATE,
156 	NFSV2PROC_REMOVE,
157 	NFSV2PROC_RMDIR,
158 	NFSV2PROC_RENAME,
159 	NFSV2PROC_LINK,
160 	NFSV2PROC_READDIR,
161 	NFSV2PROC_NOOP,
162 	NFSV2PROC_STATFS,
163 	NFSV2PROC_NOOP,
164 	NFSV2PROC_NOOP,
165 	NFSV2PROC_NOOP,
166 	NFSV2PROC_NOOP,
167 	NFSV2PROC_NOOP,
168 	NFSV2PROC_NOOP,
169 	NFSV2PROC_NOOP,
170 };
171 
172 /*
173  * Maps errno values to nfs error numbers.
174  * Use NFSERR_IO as the catch all for ones not specifically defined in
175  * RFC 1094.
176  */
177 static u_char nfsrv_v2errmap[ELAST] = {
178   NFSERR_PERM,	NFSERR_NOENT,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
179   NFSERR_NXIO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
180   NFSERR_IO,	NFSERR_IO,	NFSERR_ACCES,	NFSERR_IO,	NFSERR_IO,
181   NFSERR_IO,	NFSERR_EXIST,	NFSERR_IO,	NFSERR_NODEV,	NFSERR_NOTDIR,
182   NFSERR_ISDIR,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
183   NFSERR_IO,	NFSERR_FBIG,	NFSERR_NOSPC,	NFSERR_IO,	NFSERR_ROFS,
184   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
185   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
186   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
187   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
188   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
189   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
190   NFSERR_IO,	NFSERR_IO,	NFSERR_NAMETOL,	NFSERR_IO,	NFSERR_IO,
191   NFSERR_NOTEMPTY, NFSERR_IO,	NFSERR_IO,	NFSERR_DQUOT,	NFSERR_STALE,
192   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
193   NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
194   NFSERR_IO,
195 };
196 
197 /*
198  * Maps errno values to nfs error numbers.
199  * Although it is not obvious whether or not NFS clients really care if
200  * a returned error value is in the specified list for the procedure, the
201  * safest thing to do is filter them appropriately. For Version 2, the
202  * X/Open XNFS document is the only specification that defines error values
203  * for each RPC (The RFC simply lists all possible error values for all RPCs),
204  * so I have decided to not do this for Version 2.
205  * The first entry is the default error return and the rest are the valid
206  * errors for that RPC in increasing numeric order.
207  */
208 static short nfsv3err_null[] = {
209 	0,
210 	0,
211 };
212 
213 static short nfsv3err_getattr[] = {
214 	NFSERR_IO,
215 	NFSERR_IO,
216 	NFSERR_STALE,
217 	NFSERR_BADHANDLE,
218 	NFSERR_SERVERFAULT,
219 	0,
220 };
221 
222 static short nfsv3err_setattr[] = {
223 	NFSERR_IO,
224 	NFSERR_PERM,
225 	NFSERR_IO,
226 	NFSERR_ACCES,
227 	NFSERR_INVAL,
228 	NFSERR_NOSPC,
229 	NFSERR_ROFS,
230 	NFSERR_DQUOT,
231 	NFSERR_STALE,
232 	NFSERR_BADHANDLE,
233 	NFSERR_NOT_SYNC,
234 	NFSERR_SERVERFAULT,
235 	0,
236 };
237 
238 static short nfsv3err_lookup[] = {
239 	NFSERR_IO,
240 	NFSERR_NOENT,
241 	NFSERR_IO,
242 	NFSERR_ACCES,
243 	NFSERR_NOTDIR,
244 	NFSERR_NAMETOL,
245 	NFSERR_STALE,
246 	NFSERR_BADHANDLE,
247 	NFSERR_SERVERFAULT,
248 	0,
249 };
250 
251 static short nfsv3err_access[] = {
252 	NFSERR_IO,
253 	NFSERR_IO,
254 	NFSERR_STALE,
255 	NFSERR_BADHANDLE,
256 	NFSERR_SERVERFAULT,
257 	0,
258 };
259 
260 static short nfsv3err_readlink[] = {
261 	NFSERR_IO,
262 	NFSERR_IO,
263 	NFSERR_ACCES,
264 	NFSERR_INVAL,
265 	NFSERR_STALE,
266 	NFSERR_BADHANDLE,
267 	NFSERR_NOTSUPP,
268 	NFSERR_SERVERFAULT,
269 	0,
270 };
271 
272 static short nfsv3err_read[] = {
273 	NFSERR_IO,
274 	NFSERR_IO,
275 	NFSERR_NXIO,
276 	NFSERR_ACCES,
277 	NFSERR_INVAL,
278 	NFSERR_STALE,
279 	NFSERR_BADHANDLE,
280 	NFSERR_SERVERFAULT,
281 	0,
282 };
283 
284 static short nfsv3err_write[] = {
285 	NFSERR_IO,
286 	NFSERR_IO,
287 	NFSERR_ACCES,
288 	NFSERR_INVAL,
289 	NFSERR_FBIG,
290 	NFSERR_NOSPC,
291 	NFSERR_ROFS,
292 	NFSERR_DQUOT,
293 	NFSERR_STALE,
294 	NFSERR_BADHANDLE,
295 	NFSERR_SERVERFAULT,
296 	0,
297 };
298 
299 static short nfsv3err_create[] = {
300 	NFSERR_IO,
301 	NFSERR_IO,
302 	NFSERR_ACCES,
303 	NFSERR_EXIST,
304 	NFSERR_NOTDIR,
305 	NFSERR_NOSPC,
306 	NFSERR_ROFS,
307 	NFSERR_NAMETOL,
308 	NFSERR_DQUOT,
309 	NFSERR_STALE,
310 	NFSERR_BADHANDLE,
311 	NFSERR_NOTSUPP,
312 	NFSERR_SERVERFAULT,
313 	0,
314 };
315 
316 static short nfsv3err_mkdir[] = {
317 	NFSERR_IO,
318 	NFSERR_IO,
319 	NFSERR_ACCES,
320 	NFSERR_EXIST,
321 	NFSERR_NOTDIR,
322 	NFSERR_NOSPC,
323 	NFSERR_ROFS,
324 	NFSERR_NAMETOL,
325 	NFSERR_DQUOT,
326 	NFSERR_STALE,
327 	NFSERR_BADHANDLE,
328 	NFSERR_NOTSUPP,
329 	NFSERR_SERVERFAULT,
330 	0,
331 };
332 
333 static short nfsv3err_symlink[] = {
334 	NFSERR_IO,
335 	NFSERR_IO,
336 	NFSERR_ACCES,
337 	NFSERR_EXIST,
338 	NFSERR_NOTDIR,
339 	NFSERR_NOSPC,
340 	NFSERR_ROFS,
341 	NFSERR_NAMETOL,
342 	NFSERR_DQUOT,
343 	NFSERR_STALE,
344 	NFSERR_BADHANDLE,
345 	NFSERR_NOTSUPP,
346 	NFSERR_SERVERFAULT,
347 	0,
348 };
349 
350 static short nfsv3err_mknod[] = {
351 	NFSERR_IO,
352 	NFSERR_IO,
353 	NFSERR_ACCES,
354 	NFSERR_EXIST,
355 	NFSERR_NOTDIR,
356 	NFSERR_NOSPC,
357 	NFSERR_ROFS,
358 	NFSERR_NAMETOL,
359 	NFSERR_DQUOT,
360 	NFSERR_STALE,
361 	NFSERR_BADHANDLE,
362 	NFSERR_NOTSUPP,
363 	NFSERR_SERVERFAULT,
364 	NFSERR_BADTYPE,
365 	0,
366 };
367 
368 static short nfsv3err_remove[] = {
369 	NFSERR_IO,
370 	NFSERR_NOENT,
371 	NFSERR_IO,
372 	NFSERR_ACCES,
373 	NFSERR_NOTDIR,
374 	NFSERR_ROFS,
375 	NFSERR_NAMETOL,
376 	NFSERR_STALE,
377 	NFSERR_BADHANDLE,
378 	NFSERR_SERVERFAULT,
379 	0,
380 };
381 
382 static short nfsv3err_rmdir[] = {
383 	NFSERR_IO,
384 	NFSERR_NOENT,
385 	NFSERR_IO,
386 	NFSERR_ACCES,
387 	NFSERR_EXIST,
388 	NFSERR_NOTDIR,
389 	NFSERR_INVAL,
390 	NFSERR_ROFS,
391 	NFSERR_NAMETOL,
392 	NFSERR_NOTEMPTY,
393 	NFSERR_STALE,
394 	NFSERR_BADHANDLE,
395 	NFSERR_NOTSUPP,
396 	NFSERR_SERVERFAULT,
397 	0,
398 };
399 
400 static short nfsv3err_rename[] = {
401 	NFSERR_IO,
402 	NFSERR_NOENT,
403 	NFSERR_IO,
404 	NFSERR_ACCES,
405 	NFSERR_EXIST,
406 	NFSERR_XDEV,
407 	NFSERR_NOTDIR,
408 	NFSERR_ISDIR,
409 	NFSERR_INVAL,
410 	NFSERR_NOSPC,
411 	NFSERR_ROFS,
412 	NFSERR_MLINK,
413 	NFSERR_NAMETOL,
414 	NFSERR_NOTEMPTY,
415 	NFSERR_DQUOT,
416 	NFSERR_STALE,
417 	NFSERR_BADHANDLE,
418 	NFSERR_NOTSUPP,
419 	NFSERR_SERVERFAULT,
420 	0,
421 };
422 
423 static short nfsv3err_link[] = {
424 	NFSERR_IO,
425 	NFSERR_IO,
426 	NFSERR_ACCES,
427 	NFSERR_EXIST,
428 	NFSERR_XDEV,
429 	NFSERR_NOTDIR,
430 	NFSERR_INVAL,
431 	NFSERR_NOSPC,
432 	NFSERR_ROFS,
433 	NFSERR_MLINK,
434 	NFSERR_NAMETOL,
435 	NFSERR_DQUOT,
436 	NFSERR_STALE,
437 	NFSERR_BADHANDLE,
438 	NFSERR_NOTSUPP,
439 	NFSERR_SERVERFAULT,
440 	0,
441 };
442 
443 static short nfsv3err_readdir[] = {
444 	NFSERR_IO,
445 	NFSERR_IO,
446 	NFSERR_ACCES,
447 	NFSERR_NOTDIR,
448 	NFSERR_STALE,
449 	NFSERR_BADHANDLE,
450 	NFSERR_BAD_COOKIE,
451 	NFSERR_TOOSMALL,
452 	NFSERR_SERVERFAULT,
453 	0,
454 };
455 
456 static short nfsv3err_readdirplus[] = {
457 	NFSERR_IO,
458 	NFSERR_IO,
459 	NFSERR_ACCES,
460 	NFSERR_NOTDIR,
461 	NFSERR_STALE,
462 	NFSERR_BADHANDLE,
463 	NFSERR_BAD_COOKIE,
464 	NFSERR_NOTSUPP,
465 	NFSERR_TOOSMALL,
466 	NFSERR_SERVERFAULT,
467 	0,
468 };
469 
470 static short nfsv3err_fsstat[] = {
471 	NFSERR_IO,
472 	NFSERR_IO,
473 	NFSERR_STALE,
474 	NFSERR_BADHANDLE,
475 	NFSERR_SERVERFAULT,
476 	0,
477 };
478 
479 static short nfsv3err_fsinfo[] = {
480 	NFSERR_STALE,
481 	NFSERR_STALE,
482 	NFSERR_BADHANDLE,
483 	NFSERR_SERVERFAULT,
484 	0,
485 };
486 
487 static short nfsv3err_pathconf[] = {
488 	NFSERR_STALE,
489 	NFSERR_STALE,
490 	NFSERR_BADHANDLE,
491 	NFSERR_SERVERFAULT,
492 	0,
493 };
494 
495 static short nfsv3err_commit[] = {
496 	NFSERR_IO,
497 	NFSERR_IO,
498 	NFSERR_STALE,
499 	NFSERR_BADHANDLE,
500 	NFSERR_SERVERFAULT,
501 	0,
502 };
503 
504 static short *nfsrv_v3errmap[] = {
505 	nfsv3err_null,
506 	nfsv3err_getattr,
507 	nfsv3err_setattr,
508 	nfsv3err_lookup,
509 	nfsv3err_access,
510 	nfsv3err_readlink,
511 	nfsv3err_read,
512 	nfsv3err_write,
513 	nfsv3err_create,
514 	nfsv3err_mkdir,
515 	nfsv3err_symlink,
516 	nfsv3err_mknod,
517 	nfsv3err_remove,
518 	nfsv3err_rmdir,
519 	nfsv3err_rename,
520 	nfsv3err_link,
521 	nfsv3err_readdir,
522 	nfsv3err_readdirplus,
523 	nfsv3err_fsstat,
524 	nfsv3err_fsinfo,
525 	nfsv3err_pathconf,
526 	nfsv3err_commit,
527 };
528 
529 extern struct proc *nfs_iodwant[NFS_MAXASYNCDAEMON];
530 extern struct nfsrtt nfsrtt;
531 extern struct nfsstats nfsstats;
532 extern nfstype nfsv2_type[9];
533 extern nfstype nfsv3_type[9];
534 extern struct nfsnodehashhead *nfsnodehashtbl;
535 extern u_long nfsnodehash;
536 
537 LIST_HEAD(nfsnodehashhead, nfsnode);
538 
539 /*
540  * Create the header for an rpc request packet
541  * The hsiz is the size of the rest of the nfs request header.
542  * (just used to decide if a cluster is a good idea)
543  */
544 struct mbuf *
545 nfsm_reqh(vp, procid, hsiz, bposp)
546 	struct vnode *vp;
547 	u_long procid;
548 	int hsiz;
549 	caddr_t *bposp;
550 {
551 	struct mbuf *mb;
552 	caddr_t bpos;
553 
554 	MGET(mb, M_WAIT, MT_DATA);
555 	if (hsiz >= MINCLSIZE)
556 		MCLGET(mb, M_WAIT);
557 	mb->m_len = 0;
558 	bpos = mtod(mb, caddr_t);
559 
560 	/* Finally, return values */
561 	*bposp = bpos;
562 	return (mb);
563 }
564 
565 /*
566  * Build the RPC header and fill in the authorization info.
567  * The authorization string argument is only used when the credentials
568  * come from outside of the kernel.
569  * Returns the head of the mbuf list.
570  */
571 struct mbuf *
572 nfsm_rpchead(cr, nmflag, procid, auth_type, auth_len, auth_str, verf_len,
573 	verf_str, mrest, mrest_len, mbp, xidp)
574 	struct ucred *cr;
575 	int nmflag;
576 	int procid;
577 	int auth_type;
578 	int auth_len;
579 	char *auth_str;
580 	int verf_len;
581 	char *verf_str;
582 	struct mbuf *mrest;
583 	int mrest_len;
584 	struct mbuf **mbp;
585 	u_int32_t *xidp;
586 {
587 	struct mbuf *mb;
588 	u_int32_t *tl;
589 	caddr_t bpos;
590 	int i;
591 	struct mbuf *mreq, *mb2;
592 	int siz, grpsiz, authsiz;
593 
594 	authsiz = nfsm_rndup(auth_len);
595 	MGETHDR(mb, M_WAIT, MT_DATA);
596 	if ((authsiz + 10 * NFSX_UNSIGNED) >= MINCLSIZE) {
597 		MCLGET(mb, M_WAIT);
598 	} else if ((authsiz + 10 * NFSX_UNSIGNED) < MHLEN) {
599 		MH_ALIGN(mb, authsiz + 10 * NFSX_UNSIGNED);
600 	} else {
601 		MH_ALIGN(mb, 8 * NFSX_UNSIGNED);
602 	}
603 	mb->m_len = 0;
604 	mreq = mb;
605 	bpos = mtod(mb, caddr_t);
606 
607 	/*
608 	 * First the RPC header.
609 	 */
610 	nfsm_build(tl, u_int32_t *, 8 * NFSX_UNSIGNED);
611 
612 	/* Get a new (non-zero) xid */
613 
614 	if ((nfs_xid == 0) && (nfs_xid_touched == 0)) {
615 		nfs_xid = arc4random();
616 		nfs_xid_touched = 1;
617 	} else {
618 		while ((*xidp = arc4random() % 256) == 0)
619 			;
620 		nfs_xid += *xidp;
621 	}
622 
623 	*tl++ = *xidp = txdr_unsigned(nfs_xid);
624 	*tl++ = rpc_call;
625 	*tl++ = rpc_vers;
626 	*tl++ = txdr_unsigned(NFS_PROG);
627 	if (nmflag & NFSMNT_NFSV3)
628 		*tl++ = txdr_unsigned(NFS_VER3);
629 	else
630 		*tl++ = txdr_unsigned(NFS_VER2);
631 	if (nmflag & NFSMNT_NFSV3)
632 		*tl++ = txdr_unsigned(procid);
633 	else
634 		*tl++ = txdr_unsigned(nfsv2_procid[procid]);
635 
636 	/*
637 	 * And then the authorization cred.
638 	 */
639 	*tl++ = txdr_unsigned(auth_type);
640 	*tl = txdr_unsigned(authsiz);
641 	switch (auth_type) {
642 	case RPCAUTH_UNIX:
643 		nfsm_build(tl, u_int32_t *, auth_len);
644 		*tl++ = 0;		/* stamp ?? */
645 		*tl++ = 0;		/* NULL hostname */
646 		*tl++ = txdr_unsigned(cr->cr_uid);
647 		*tl++ = txdr_unsigned(cr->cr_gid);
648 		grpsiz = (auth_len >> 2) - 5;
649 		*tl++ = txdr_unsigned(grpsiz);
650 		for (i = 0; i < grpsiz; i++)
651 			*tl++ = txdr_unsigned(cr->cr_groups[i]);
652 		break;
653 	case RPCAUTH_KERB4:
654 		siz = auth_len;
655 		while (siz > 0) {
656 			if (M_TRAILINGSPACE(mb) == 0) {
657 				MGET(mb2, M_WAIT, MT_DATA);
658 				if (siz >= MINCLSIZE)
659 					MCLGET(mb2, M_WAIT);
660 				mb->m_next = mb2;
661 				mb = mb2;
662 				mb->m_len = 0;
663 				bpos = mtod(mb, caddr_t);
664 			}
665 			i = min(siz, M_TRAILINGSPACE(mb));
666 			bcopy(auth_str, bpos, i);
667 			mb->m_len += i;
668 			auth_str += i;
669 			bpos += i;
670 			siz -= i;
671 		}
672 		if ((siz = (nfsm_rndup(auth_len) - auth_len)) > 0) {
673 			for (i = 0; i < siz; i++)
674 				*bpos++ = '\0';
675 			mb->m_len += siz;
676 		}
677 		break;
678 	};
679 
680 	/*
681 	 * And the verifier...
682 	 */
683 	nfsm_build(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
684 	if (verf_str) {
685 		*tl++ = txdr_unsigned(RPCAUTH_KERB4);
686 		*tl = txdr_unsigned(verf_len);
687 		siz = verf_len;
688 		while (siz > 0) {
689 			if (M_TRAILINGSPACE(mb) == 0) {
690 				MGET(mb2, M_WAIT, MT_DATA);
691 				if (siz >= MINCLSIZE)
692 					MCLGET(mb2, M_WAIT);
693 				mb->m_next = mb2;
694 				mb = mb2;
695 				mb->m_len = 0;
696 				bpos = mtod(mb, caddr_t);
697 			}
698 			i = min(siz, M_TRAILINGSPACE(mb));
699 			bcopy(verf_str, bpos, i);
700 			mb->m_len += i;
701 			verf_str += i;
702 			bpos += i;
703 			siz -= i;
704 		}
705 		if ((siz = (nfsm_rndup(verf_len) - verf_len)) > 0) {
706 			for (i = 0; i < siz; i++)
707 				*bpos++ = '\0';
708 			mb->m_len += siz;
709 		}
710 	} else {
711 		*tl++ = txdr_unsigned(RPCAUTH_NULL);
712 		*tl = 0;
713 	}
714 	mb->m_next = mrest;
715 	mreq->m_pkthdr.len = authsiz + 10 * NFSX_UNSIGNED + mrest_len;
716 	mreq->m_pkthdr.rcvif = (struct ifnet *)0;
717 	*mbp = mb;
718 	return (mreq);
719 }
720 
721 /*
722  * copies mbuf chain to the uio scatter/gather list
723  */
724 int
725 nfsm_mbuftouio(mrep, uiop, siz, dpos)
726 	struct mbuf **mrep;
727 	struct uio *uiop;
728 	int siz;
729 	caddr_t *dpos;
730 {
731 	char *mbufcp, *uiocp;
732 	int xfer, left, len;
733 	struct mbuf *mp;
734 	long uiosiz, rem;
735 	int error = 0;
736 
737 	mp = *mrep;
738 	mbufcp = *dpos;
739 	len = mtod(mp, caddr_t)+mp->m_len-mbufcp;
740 	rem = nfsm_rndup(siz)-siz;
741 	while (siz > 0) {
742 		if (uiop->uio_iovcnt <= 0 || uiop->uio_iov == NULL)
743 			return (EFBIG);
744 		left = uiop->uio_iov->iov_len;
745 		uiocp = uiop->uio_iov->iov_base;
746 		if (left > siz)
747 			left = siz;
748 		uiosiz = left;
749 		while (left > 0) {
750 			while (len == 0) {
751 				mp = mp->m_next;
752 				if (mp == NULL)
753 					return (EBADRPC);
754 				mbufcp = mtod(mp, caddr_t);
755 				len = mp->m_len;
756 			}
757 			xfer = (left > len) ? len : left;
758 #ifdef notdef
759 			/* Not Yet.. */
760 			if (uiop->uio_iov->iov_op != NULL)
761 				(*(uiop->uio_iov->iov_op))
762 				(mbufcp, uiocp, xfer);
763 			else
764 #endif
765 			if (uiop->uio_segflg == UIO_SYSSPACE)
766 				bcopy(mbufcp, uiocp, xfer);
767 			else
768 				copyout(mbufcp, uiocp, xfer);
769 			left -= xfer;
770 			len -= xfer;
771 			mbufcp += xfer;
772 			uiocp += xfer;
773 			uiop->uio_offset += xfer;
774 			uiop->uio_resid -= xfer;
775 		}
776 		if (uiop->uio_iov->iov_len <= siz) {
777 			uiop->uio_iovcnt--;
778 			uiop->uio_iov++;
779 		} else {
780 			uiop->uio_iov->iov_base += uiosiz;
781 			uiop->uio_iov->iov_len -= uiosiz;
782 		}
783 		siz -= uiosiz;
784 	}
785 	*dpos = mbufcp;
786 	*mrep = mp;
787 	if (rem > 0) {
788 		if (len < rem)
789 			error = nfs_adv(mrep, dpos, rem, len);
790 		else
791 			*dpos += rem;
792 	}
793 	return (error);
794 }
795 
796 /*
797  * copies a uio scatter/gather list to an mbuf chain.
798  * NOTE: can ony handle iovcnt == 1
799  */
800 int
801 nfsm_uiotombuf(uiop, mq, siz, bpos)
802 	struct uio *uiop;
803 	struct mbuf **mq;
804 	int siz;
805 	caddr_t *bpos;
806 {
807 	char *uiocp;
808 	struct mbuf *mp, *mp2;
809 	int xfer, left, mlen;
810 	int uiosiz, clflg, rem;
811 	char *cp;
812 
813 #ifdef DIAGNOSTIC
814 	if (uiop->uio_iovcnt != 1)
815 		panic("nfsm_uiotombuf: iovcnt != 1");
816 #endif
817 
818 	if (siz > MLEN)		/* or should it >= MCLBYTES ?? */
819 		clflg = 1;
820 	else
821 		clflg = 0;
822 	rem = nfsm_rndup(siz)-siz;
823 	mp = mp2 = *mq;
824 	while (siz > 0) {
825 		left = uiop->uio_iov->iov_len;
826 		uiocp = uiop->uio_iov->iov_base;
827 		if (left > siz)
828 			left = siz;
829 		uiosiz = left;
830 		while (left > 0) {
831 			mlen = M_TRAILINGSPACE(mp);
832 			if (mlen == 0) {
833 				MGET(mp, M_WAIT, MT_DATA);
834 				if (clflg)
835 					MCLGET(mp, M_WAIT);
836 				mp->m_len = 0;
837 				mp2->m_next = mp;
838 				mp2 = mp;
839 				mlen = M_TRAILINGSPACE(mp);
840 			}
841 			xfer = (left > mlen) ? mlen : left;
842 #ifdef notdef
843 			/* Not Yet.. */
844 			if (uiop->uio_iov->iov_op != NULL)
845 				(*(uiop->uio_iov->iov_op))
846 				(uiocp, mtod(mp, caddr_t)+mp->m_len, xfer);
847 			else
848 #endif
849 			if (uiop->uio_segflg == UIO_SYSSPACE)
850 				bcopy(uiocp, mtod(mp, caddr_t)+mp->m_len, xfer);
851 			else
852 				copyin(uiocp, mtod(mp, caddr_t)+mp->m_len, xfer);
853 			mp->m_len += xfer;
854 			left -= xfer;
855 			uiocp += xfer;
856 			uiop->uio_offset += xfer;
857 			uiop->uio_resid -= xfer;
858 		}
859 		uiop->uio_iov->iov_base += uiosiz;
860 		uiop->uio_iov->iov_len -= uiosiz;
861 		siz -= uiosiz;
862 	}
863 	if (rem > 0) {
864 		if (rem > M_TRAILINGSPACE(mp)) {
865 			MGET(mp, M_WAIT, MT_DATA);
866 			mp->m_len = 0;
867 			mp2->m_next = mp;
868 		}
869 		cp = mtod(mp, caddr_t)+mp->m_len;
870 		for (left = 0; left < rem; left++)
871 			*cp++ = '\0';
872 		mp->m_len += rem;
873 		*bpos = cp;
874 	} else
875 		*bpos = mtod(mp, caddr_t)+mp->m_len;
876 	*mq = mp;
877 	return (0);
878 }
879 
880 /*
881  * Help break down an mbuf chain by setting the first siz bytes contiguous
882  * pointed to by returned val.
883  * This is used by the macros nfsm_dissect and nfsm_dissecton for tough
884  * cases. (The macros use the vars. dpos and dpos2)
885  */
886 int
887 nfsm_disct(mdp, dposp, siz, left, cp2)
888 	struct mbuf **mdp;
889 	caddr_t *dposp;
890 	int siz;
891 	int left;
892 	caddr_t *cp2;
893 {
894 	struct mbuf *mp, *mp2;
895 	int siz2, xfer;
896 	caddr_t p;
897 
898 	mp = *mdp;
899 	while (left == 0) {
900 		*mdp = mp = mp->m_next;
901 		if (mp == NULL)
902 			return (EBADRPC);
903 		left = mp->m_len;
904 		*dposp = mtod(mp, caddr_t);
905 	}
906 	if (left >= siz) {
907 		*cp2 = *dposp;
908 		*dposp += siz;
909 	} else if (mp->m_next == NULL) {
910 		return (EBADRPC);
911 	} else if (siz > MHLEN) {
912 		panic("nfs S too big");
913 	} else {
914 		MGET(mp2, M_WAIT, MT_DATA);
915 		mp2->m_next = mp->m_next;
916 		mp->m_next = mp2;
917 		mp->m_len -= left;
918 		mp = mp2;
919 		*cp2 = p = mtod(mp, caddr_t);
920 		bcopy(*dposp, p, left);		/* Copy what was left */
921 		siz2 = siz-left;
922 		p += left;
923 		mp2 = mp->m_next;
924 		/* Loop around copying up the siz2 bytes */
925 		while (siz2 > 0) {
926 			if (mp2 == NULL)
927 				return (EBADRPC);
928 			xfer = (siz2 > mp2->m_len) ? mp2->m_len : siz2;
929 			if (xfer > 0) {
930 				bcopy(mtod(mp2, caddr_t), p, xfer);
931 				NFSMADV(mp2, xfer);
932 				mp2->m_len -= xfer;
933 				p += xfer;
934 				siz2 -= xfer;
935 			}
936 			if (siz2 > 0)
937 				mp2 = mp2->m_next;
938 		}
939 		mp->m_len = siz;
940 		*mdp = mp2;
941 		*dposp = mtod(mp2, caddr_t);
942 	}
943 	return (0);
944 }
945 
946 /*
947  * Advance the position in the mbuf chain.
948  */
949 int
950 nfs_adv(mdp, dposp, offs, left)
951 	struct mbuf **mdp;
952 	caddr_t *dposp;
953 	int offs;
954 	int left;
955 {
956 	struct mbuf *m;
957 	int s;
958 
959 	m = *mdp;
960 	s = left;
961 	while (s < offs) {
962 		offs -= s;
963 		m = m->m_next;
964 		if (m == NULL)
965 			return (EBADRPC);
966 		s = m->m_len;
967 	}
968 	*mdp = m;
969 	*dposp = mtod(m, caddr_t)+offs;
970 	return (0);
971 }
972 
973 /*
974  * Copy a string into mbufs for the hard cases...
975  */
976 int
977 nfsm_strtmbuf(mb, bpos, cp, siz)
978 	struct mbuf **mb;
979 	char **bpos;
980 	char *cp;
981 	long siz;
982 {
983 	struct mbuf *m1 = NULL, *m2;
984 	long left, xfer, len, tlen;
985 	u_int32_t *tl;
986 	int putsize;
987 
988 	putsize = 1;
989 	m2 = *mb;
990 	left = M_TRAILINGSPACE(m2);
991 	if (left > 0) {
992 		tl = ((u_int32_t *)(*bpos));
993 		*tl++ = txdr_unsigned(siz);
994 		putsize = 0;
995 		left -= NFSX_UNSIGNED;
996 		m2->m_len += NFSX_UNSIGNED;
997 		if (left > 0) {
998 			bcopy(cp, (caddr_t) tl, left);
999 			siz -= left;
1000 			cp += left;
1001 			m2->m_len += left;
1002 			left = 0;
1003 		}
1004 	}
1005 	/* Loop around adding mbufs */
1006 	while (siz > 0) {
1007 		MGET(m1, M_WAIT, MT_DATA);
1008 		if (siz > MLEN)
1009 			MCLGET(m1, M_WAIT);
1010 		m1->m_len = NFSMSIZ(m1);
1011 		m2->m_next = m1;
1012 		m2 = m1;
1013 		tl = mtod(m1, u_int32_t *);
1014 		tlen = 0;
1015 		if (putsize) {
1016 			*tl++ = txdr_unsigned(siz);
1017 			m1->m_len -= NFSX_UNSIGNED;
1018 			tlen = NFSX_UNSIGNED;
1019 			putsize = 0;
1020 		}
1021 		if (siz < m1->m_len) {
1022 			len = nfsm_rndup(siz);
1023 			xfer = siz;
1024 			if (xfer < len)
1025 				*(tl+(xfer>>2)) = 0;
1026 		} else {
1027 			xfer = len = m1->m_len;
1028 		}
1029 		bcopy(cp, (caddr_t) tl, xfer);
1030 		m1->m_len = len+tlen;
1031 		siz -= xfer;
1032 		cp += xfer;
1033 	}
1034 	*mb = m1;
1035 	*bpos = mtod(m1, caddr_t)+m1->m_len;
1036 	return (0);
1037 }
1038 
1039 /*
1040  * Called once to initialize data structures...
1041  */
1042 void
1043 nfs_init()
1044 {
1045 	static struct timeout nfs_timer_to;
1046 
1047 	nfsrtt.pos = 0;
1048 	rpc_vers = txdr_unsigned(RPC_VER2);
1049 	rpc_call = txdr_unsigned(RPC_CALL);
1050 	rpc_reply = txdr_unsigned(RPC_REPLY);
1051 	rpc_msgdenied = txdr_unsigned(RPC_MSGDENIED);
1052 	rpc_msgaccepted = txdr_unsigned(RPC_MSGACCEPTED);
1053 	rpc_mismatch = txdr_unsigned(RPC_MISMATCH);
1054 	rpc_autherr = txdr_unsigned(RPC_AUTHERR);
1055 	rpc_auth_unix = txdr_unsigned(RPCAUTH_UNIX);
1056 	rpc_auth_kerb = txdr_unsigned(RPCAUTH_KERB4);
1057 	nfs_prog = txdr_unsigned(NFS_PROG);
1058 	nfs_true = txdr_unsigned(TRUE);
1059 	nfs_false = txdr_unsigned(FALSE);
1060 	nfs_xdrneg1 = txdr_unsigned(-1);
1061 	nfs_ticks = (hz * NFS_TICKINTVL + 500) / 1000;
1062 	if (nfs_ticks < 1)
1063 		nfs_ticks = 1;
1064 #ifdef NFSSERVER
1065 	nfsrv_init(0);			/* Init server data structures */
1066 	nfsrv_initcache();		/* Init the server request cache */
1067 #endif /* NFSSERVER */
1068 
1069 	/*
1070 	 * Initialize reply list and start timer
1071 	 */
1072 	TAILQ_INIT(&nfs_reqq);
1073 
1074 	timeout_set(&nfs_timer_to, nfs_timer, &nfs_timer_to);
1075 	nfs_timer(&nfs_timer_to);
1076 }
1077 
1078 #ifdef NFSCLIENT
1079 int
1080 nfs_vfs_init(vfsp)
1081 	struct vfsconf *vfsp;
1082 {
1083 	int i;
1084 
1085 	/* Ensure async daemons disabled */
1086 	for (i = 0; i < NFS_MAXASYNCDAEMON; i++)
1087 		nfs_iodwant[i] = (struct proc *)0;
1088 	TAILQ_INIT(&nfs_bufq);
1089 	nfs_nhinit();			/* Init the nfsnode table */
1090 
1091 	return (0);
1092 }
1093 
1094 /*
1095  * Attribute cache routines.
1096  * nfs_loadattrcache() - loads or updates the cache contents from attributes
1097  *	that are on the mbuf list
1098  * nfs_getattrcache() - returns valid attributes if found in cache, returns
1099  *	error otherwise
1100  */
1101 
1102 /*
1103  * Load the attribute cache (that lives in the nfsnode entry) with
1104  * the values on the mbuf list and
1105  * Iff vap not NULL
1106  *    copy the attributes to *vaper
1107  */
1108 int
1109 nfs_loadattrcache(vpp, mdp, dposp, vaper)
1110 	struct vnode **vpp;
1111 	struct mbuf **mdp;
1112 	caddr_t *dposp;
1113 	struct vattr *vaper;
1114 {
1115 	struct vnode *vp = *vpp;
1116 	struct vattr *vap;
1117 	struct nfs_fattr *fp;
1118 	extern int (**spec_nfsv2nodeop_p)(void *);
1119 	struct nfsnode *np;
1120 	int32_t t1;
1121 	caddr_t cp2;
1122 	int error = 0;
1123 	int32_t rdev;
1124 	struct mbuf *md;
1125 	enum vtype vtyp;
1126 	u_short vmode;
1127 	struct timespec mtime;
1128 	struct vnode *nvp;
1129 	int v3 = NFS_ISV3(vp);
1130 
1131 	md = *mdp;
1132 	t1 = (mtod(md, caddr_t) + md->m_len) - *dposp;
1133 	error = nfsm_disct(mdp, dposp, NFSX_FATTR(v3), t1, &cp2);
1134 	if (error)
1135 		return (error);
1136 	fp = (struct nfs_fattr *)cp2;
1137 	if (v3) {
1138 		vtyp = nfsv3tov_type(fp->fa_type);
1139 		vmode = fxdr_unsigned(u_short, fp->fa_mode);
1140 		rdev = makedev(fxdr_unsigned(u_char, fp->fa3_rdev.specdata1),
1141 			fxdr_unsigned(u_char, fp->fa3_rdev.specdata2));
1142 		fxdr_nfsv3time(&fp->fa3_mtime, &mtime);
1143 	} else {
1144 		vtyp = nfsv2tov_type(fp->fa_type);
1145 		vmode = fxdr_unsigned(u_short, fp->fa_mode);
1146 		if (vtyp == VNON || vtyp == VREG)
1147 			vtyp = IFTOVT(vmode);
1148 		rdev = fxdr_unsigned(int32_t, fp->fa2_rdev);
1149 		fxdr_nfsv2time(&fp->fa2_mtime, &mtime);
1150 
1151 		/*
1152 		 * Really ugly NFSv2 kludge.
1153 		 */
1154 		if (vtyp == VCHR && rdev == 0xffffffff)
1155 			vtyp = VFIFO;
1156 	}
1157 
1158 	/*
1159 	 * If v_type == VNON it is a new node, so fill in the v_type,
1160 	 * n_mtime fields. Check to see if it represents a special
1161 	 * device, and if so, check for a possible alias. Once the
1162 	 * correct vnode has been obtained, fill in the rest of the
1163 	 * information.
1164 	 */
1165 	np = VTONFS(vp);
1166 	if (vp->v_type != vtyp) {
1167 		vp->v_type = vtyp;
1168 		if (vp->v_type == VFIFO) {
1169 #ifndef FIFO
1170 			return (EOPNOTSUPP);
1171 #else
1172 			extern int (**fifo_nfsv2nodeop_p)(void *);
1173 			vp->v_op = fifo_nfsv2nodeop_p;
1174 #endif /* FIFO */
1175 		}
1176 		if (vp->v_type == VCHR || vp->v_type == VBLK) {
1177 			vp->v_op = spec_nfsv2nodeop_p;
1178 			nvp = checkalias(vp, (dev_t)rdev, vp->v_mount);
1179 			if (nvp) {
1180 				/*
1181 				 * Discard unneeded vnode, but save its nfsnode.
1182 				 * Since the nfsnode does not have a lock, its
1183 				 * vnode lock has to be carried over.
1184 				 */
1185 
1186 				nvp->v_vnlock = vp->v_vnlock;
1187 				vp->v_vnlock = NULL;
1188 				nvp->v_data = vp->v_data;
1189 				vp->v_data = NULL;
1190 				vp->v_op = spec_vnodeop_p;
1191 				vrele(vp);
1192 				vgone(vp);
1193 				/*
1194 				 * Reinitialize aliased node.
1195 				 */
1196 				np->n_vnode = nvp;
1197 				*vpp = vp = nvp;
1198 			}
1199 		}
1200 		np->n_mtime = mtime.tv_sec;
1201 	}
1202 	vap = &np->n_vattr;
1203 	vap->va_type = vtyp;
1204 	vap->va_mode = (vmode & 07777);
1205 	vap->va_rdev = (dev_t)rdev;
1206 	vap->va_mtime = mtime;
1207 	vap->va_fsid = vp->v_mount->mnt_stat.f_fsid.val[0];
1208 	if (v3) {
1209 		vap->va_nlink = fxdr_unsigned(u_short, fp->fa_nlink);
1210 		vap->va_uid = fxdr_unsigned(uid_t, fp->fa_uid);
1211 		vap->va_gid = fxdr_unsigned(gid_t, fp->fa_gid);
1212 		vap->va_size = fxdr_hyper(&fp->fa3_size);
1213 		vap->va_blocksize = NFS_FABLKSIZE;
1214 		vap->va_bytes = fxdr_hyper(&fp->fa3_used);
1215 		vap->va_fileid = fxdr_unsigned(int32_t,
1216 		    fp->fa3_fileid.nfsuquad[1]);
1217 		fxdr_nfsv3time(&fp->fa3_atime, &vap->va_atime);
1218 		fxdr_nfsv3time(&fp->fa3_ctime, &vap->va_ctime);
1219 		vap->va_flags = 0;
1220 		vap->va_filerev = 0;
1221 	} else {
1222 		vap->va_nlink = fxdr_unsigned(u_short, fp->fa_nlink);
1223 		vap->va_uid = fxdr_unsigned(uid_t, fp->fa_uid);
1224 		vap->va_gid = fxdr_unsigned(gid_t, fp->fa_gid);
1225 		vap->va_size = fxdr_unsigned(u_int32_t, fp->fa2_size);
1226 		vap->va_blocksize = fxdr_unsigned(int32_t, fp->fa2_blocksize);
1227 		vap->va_bytes =
1228 		    (u_quad_t)fxdr_unsigned(int32_t, fp->fa2_blocks) *
1229 		    NFS_FABLKSIZE;
1230 		vap->va_fileid = fxdr_unsigned(int32_t, fp->fa2_fileid);
1231 		fxdr_nfsv2time(&fp->fa2_atime, &vap->va_atime);
1232 		vap->va_flags = 0;
1233 		vap->va_ctime.tv_sec = fxdr_unsigned(u_int32_t,
1234 		    fp->fa2_ctime.nfsv2_sec);
1235 		vap->va_ctime.tv_nsec = 0;
1236 		vap->va_gen = fxdr_unsigned(u_int32_t,fp->fa2_ctime.nfsv2_usec);
1237 		vap->va_filerev = 0;
1238 	}
1239 	if (vap->va_size != np->n_size) {
1240 		if (vap->va_type == VREG) {
1241 			if (np->n_flag & NMODIFIED) {
1242 				if (vap->va_size < np->n_size)
1243 					vap->va_size = np->n_size;
1244 				else
1245 					np->n_size = vap->va_size;
1246 			} else
1247 				np->n_size = vap->va_size;
1248 			uvm_vnp_setsize(vp, np->n_size);
1249 		} else
1250 			np->n_size = vap->va_size;
1251 	}
1252 	np->n_attrstamp = time.tv_sec;
1253 	if (vaper != NULL) {
1254 		bcopy((caddr_t)vap, (caddr_t)vaper, sizeof(*vap));
1255 		if (np->n_flag & NCHG) {
1256 			if (np->n_flag & NACC)
1257 				vaper->va_atime = np->n_atim;
1258 			if (np->n_flag & NUPD)
1259 				vaper->va_mtime = np->n_mtim;
1260 		}
1261 	}
1262 	return (0);
1263 }
1264 
1265 INLINE int
1266 nfs_attrtimeo (np)
1267 	struct nfsnode *np;
1268 {
1269 	struct vnode *vp = np->n_vnode;
1270 	struct nfsmount *nmp = VFSTONFS(vp->v_mount);
1271 	int tenthage = (time.tv_sec - np->n_mtime) / 10;
1272 	int minto, maxto;
1273 
1274 	if (vp->v_type == VDIR) {
1275 		maxto = nmp->nm_acdirmax;
1276 		minto = nmp->nm_acdirmin;
1277 	}
1278 	else {
1279 		maxto = nmp->nm_acregmax;
1280 		minto = nmp->nm_acregmin;
1281 	}
1282 
1283 	if (np->n_flag & NMODIFIED || tenthage < minto)
1284 		return minto;
1285 	else if (tenthage < maxto)
1286 		return tenthage;
1287 	else
1288 		return maxto;
1289 }
1290 
1291 /*
1292  * Check the time stamp
1293  * If the cache is valid, copy contents to *vap and return 0
1294  * otherwise return an error
1295  */
1296 int
1297 nfs_getattrcache(vp, vaper)
1298 	struct vnode *vp;
1299 	struct vattr *vaper;
1300 {
1301 	struct nfsnode *np = VTONFS(vp);
1302 	struct vattr *vap;
1303 
1304 	if ((time.tv_sec - np->n_attrstamp) >= nfs_attrtimeo(np)) {
1305 		nfsstats.attrcache_misses++;
1306 		return (ENOENT);
1307 	}
1308 	nfsstats.attrcache_hits++;
1309 	vap = &np->n_vattr;
1310 	if (vap->va_size != np->n_size) {
1311 		if (vap->va_type == VREG) {
1312 			if (np->n_flag & NMODIFIED) {
1313 				if (vap->va_size < np->n_size)
1314 					vap->va_size = np->n_size;
1315 				else
1316 					np->n_size = vap->va_size;
1317 			} else
1318 				np->n_size = vap->va_size;
1319 			uvm_vnp_setsize(vp, np->n_size);
1320 		} else
1321 			np->n_size = vap->va_size;
1322 	}
1323 	bcopy((caddr_t)vap, (caddr_t)vaper, sizeof(struct vattr));
1324 	if (np->n_flag & NCHG) {
1325 		if (np->n_flag & NACC)
1326 			vaper->va_atime = np->n_atim;
1327 		if (np->n_flag & NUPD)
1328 			vaper->va_mtime = np->n_mtim;
1329 	}
1330 	return (0);
1331 }
1332 #endif /* NFSCLIENT */
1333 
1334 /*
1335  * Set up nameidata for a lookup() call and do it
1336  */
1337 int
1338 nfs_namei(ndp, fhp, len, slp, nam, mdp, dposp, retdirp, p, kerbflag)
1339 	struct nameidata *ndp;
1340 	fhandle_t *fhp;
1341 	int len;
1342 	struct nfssvc_sock *slp;
1343 	struct mbuf *nam;
1344 	struct mbuf **mdp;
1345 	caddr_t *dposp;
1346 	struct vnode **retdirp;
1347 	struct proc *p;
1348 	int kerbflag;
1349 {
1350 	int i, rem;
1351 	struct mbuf *md;
1352 	char *fromcp, *tocp;
1353 	struct vnode *dp;
1354 	int error, rdonly;
1355 	struct componentname *cnp = &ndp->ni_cnd;
1356 
1357 	*retdirp = (struct vnode *)0;
1358 	MALLOC(cnp->cn_pnbuf, char *, len + 1, M_NAMEI, M_WAITOK);
1359 	/*
1360 	 * Copy the name from the mbuf list to ndp->ni_pnbuf
1361 	 * and set the various ndp fields appropriately.
1362 	 */
1363 	fromcp = *dposp;
1364 	tocp = cnp->cn_pnbuf;
1365 	md = *mdp;
1366 	rem = mtod(md, caddr_t) + md->m_len - fromcp;
1367 	cnp->cn_hash = 0;
1368 	for (i = 0; i < len; i++) {
1369 		while (rem == 0) {
1370 			md = md->m_next;
1371 			if (md == NULL) {
1372 				error = EBADRPC;
1373 				goto out;
1374 			}
1375 			fromcp = mtod(md, caddr_t);
1376 			rem = md->m_len;
1377 		}
1378 		if (*fromcp == '\0' || *fromcp == '/') {
1379 			error = EACCES;
1380 			goto out;
1381 		}
1382 		cnp->cn_hash += (u_char)*fromcp;
1383 		*tocp++ = *fromcp++;
1384 		rem--;
1385 	}
1386 	*tocp = '\0';
1387 	*mdp = md;
1388 	*dposp = fromcp;
1389 	len = nfsm_rndup(len)-len;
1390 	if (len > 0) {
1391 		if (rem >= len)
1392 			*dposp += len;
1393 		else if ((error = nfs_adv(mdp, dposp, len, rem)) != 0)
1394 			goto out;
1395 	}
1396 	ndp->ni_pathlen = tocp - cnp->cn_pnbuf;
1397 	cnp->cn_nameptr = cnp->cn_pnbuf;
1398 	/*
1399 	 * Extract and set starting directory.
1400 	 */
1401 	error = nfsrv_fhtovp(fhp, FALSE, &dp, ndp->ni_cnd.cn_cred, slp,
1402 	    nam, &rdonly, kerbflag);
1403 	if (error)
1404 		goto out;
1405 	if (dp->v_type != VDIR) {
1406 		vrele(dp);
1407 		error = ENOTDIR;
1408 		goto out;
1409 	}
1410 	VREF(dp);
1411 	*retdirp = dp;
1412 	ndp->ni_startdir = dp;
1413 	if (rdonly)
1414 		cnp->cn_flags |= (NOCROSSMOUNT | RDONLY);
1415 	else
1416 		cnp->cn_flags |= NOCROSSMOUNT;
1417 	/*
1418 	 * And call lookup() to do the real work
1419 	 */
1420 	cnp->cn_proc = p;
1421 	error = lookup(ndp);
1422 	if (error)
1423 		goto out;
1424 	/*
1425 	 * Check for encountering a symbolic link
1426 	 */
1427 	if (cnp->cn_flags & ISSYMLINK) {
1428 		if ((cnp->cn_flags & LOCKPARENT) && ndp->ni_pathlen == 1)
1429 			vput(ndp->ni_dvp);
1430 		else
1431 			vrele(ndp->ni_dvp);
1432 		vput(ndp->ni_vp);
1433 		ndp->ni_vp = NULL;
1434 		error = EINVAL;
1435 		goto out;
1436 	}
1437 	/*
1438 	 * Check for saved name request
1439 	 */
1440 	if (cnp->cn_flags & (SAVENAME | SAVESTART)) {
1441 		cnp->cn_flags |= HASBUF;
1442 		return (0);
1443 	}
1444 out:
1445 	FREE(cnp->cn_pnbuf, M_NAMEI);
1446 	return (error);
1447 }
1448 
1449 /*
1450  * A fiddled version of m_adj() that ensures null fill to a long
1451  * boundary and only trims off the back end
1452  */
1453 void
1454 nfsm_adj(mp, len, nul)
1455 	struct mbuf *mp;
1456 	int len;
1457 	int nul;
1458 {
1459 	struct mbuf *m;
1460 	int count, i;
1461 	char *cp;
1462 
1463 	/*
1464 	 * Trim from tail.  Scan the mbuf chain,
1465 	 * calculating its length and finding the last mbuf.
1466 	 * If the adjustment only affects this mbuf, then just
1467 	 * adjust and return.  Otherwise, rescan and truncate
1468 	 * after the remaining size.
1469 	 */
1470 	count = 0;
1471 	m = mp;
1472 	for (;;) {
1473 		count += m->m_len;
1474 		if (m->m_next == (struct mbuf *)0)
1475 			break;
1476 		m = m->m_next;
1477 	}
1478 	if (m->m_len > len) {
1479 		m->m_len -= len;
1480 		if (nul > 0) {
1481 			cp = mtod(m, caddr_t)+m->m_len-nul;
1482 			for (i = 0; i < nul; i++)
1483 				*cp++ = '\0';
1484 		}
1485 		return;
1486 	}
1487 	count -= len;
1488 	if (count < 0)
1489 		count = 0;
1490 	/*
1491 	 * Correct length for chain is "count".
1492 	 * Find the mbuf with last data, adjust its length,
1493 	 * and toss data from remaining mbufs on chain.
1494 	 */
1495 	for (m = mp; m; m = m->m_next) {
1496 		if (m->m_len >= count) {
1497 			m->m_len = count;
1498 			if (nul > 0) {
1499 				cp = mtod(m, caddr_t)+m->m_len-nul;
1500 				for (i = 0; i < nul; i++)
1501 					*cp++ = '\0';
1502 			}
1503 			break;
1504 		}
1505 		count -= m->m_len;
1506 	}
1507 	for (m = m->m_next;m;m = m->m_next)
1508 		m->m_len = 0;
1509 }
1510 
1511 /*
1512  * Make these functions instead of macros, so that the kernel text size
1513  * doesn't get too big...
1514  */
1515 void
1516 nfsm_srvwcc(nfsd, before_ret, before_vap, after_ret, after_vap, mbp, bposp)
1517 	struct nfsrv_descript *nfsd;
1518 	int before_ret;
1519 	struct vattr *before_vap;
1520 	int after_ret;
1521 	struct vattr *after_vap;
1522 	struct mbuf **mbp;
1523 	char **bposp;
1524 {
1525 	struct mbuf *mb = *mbp, *mb2;
1526 	char *bpos = *bposp;
1527 	u_int32_t *tl;
1528 
1529 	if (before_ret) {
1530 		nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED);
1531 		*tl = nfs_false;
1532 	} else {
1533 		nfsm_build(tl, u_int32_t *, 7 * NFSX_UNSIGNED);
1534 		*tl++ = nfs_true;
1535 		txdr_hyper(before_vap->va_size, tl);
1536 		tl += 2;
1537 		txdr_nfsv3time(&(before_vap->va_mtime), tl);
1538 		tl += 2;
1539 		txdr_nfsv3time(&(before_vap->va_ctime), tl);
1540 	}
1541 	*bposp = bpos;
1542 	*mbp = mb;
1543 	nfsm_srvpostopattr(nfsd, after_ret, after_vap, mbp, bposp);
1544 }
1545 
1546 void
1547 nfsm_srvpostopattr(nfsd, after_ret, after_vap, mbp, bposp)
1548 	struct nfsrv_descript *nfsd;
1549 	int after_ret;
1550 	struct vattr *after_vap;
1551 	struct mbuf **mbp;
1552 	char **bposp;
1553 {
1554 	struct mbuf *mb = *mbp, *mb2;
1555 	char *bpos = *bposp;
1556 	u_int32_t *tl;
1557 	struct nfs_fattr *fp;
1558 
1559 	if (after_ret) {
1560 		nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED);
1561 		*tl = nfs_false;
1562 	} else {
1563 		nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED + NFSX_V3FATTR);
1564 		*tl++ = nfs_true;
1565 		fp = (struct nfs_fattr *)tl;
1566 		nfsm_srvfattr(nfsd, after_vap, fp);
1567 	}
1568 	*mbp = mb;
1569 	*bposp = bpos;
1570 }
1571 
1572 void
1573 nfsm_srvfattr(nfsd, vap, fp)
1574 	struct nfsrv_descript *nfsd;
1575 	struct vattr *vap;
1576 	struct nfs_fattr *fp;
1577 {
1578 
1579 	fp->fa_nlink = txdr_unsigned(vap->va_nlink);
1580 	fp->fa_uid = txdr_unsigned(vap->va_uid);
1581 	fp->fa_gid = txdr_unsigned(vap->va_gid);
1582 	if (nfsd->nd_flag & ND_NFSV3) {
1583 		fp->fa_type = vtonfsv3_type(vap->va_type);
1584 		fp->fa_mode = vtonfsv3_mode(vap->va_mode);
1585 		txdr_hyper(vap->va_size, &fp->fa3_size);
1586 		txdr_hyper(vap->va_bytes, &fp->fa3_used);
1587 		fp->fa3_rdev.specdata1 = txdr_unsigned(major(vap->va_rdev));
1588 		fp->fa3_rdev.specdata2 = txdr_unsigned(minor(vap->va_rdev));
1589 		fp->fa3_fsid.nfsuquad[0] = 0;
1590 		fp->fa3_fsid.nfsuquad[1] = txdr_unsigned(vap->va_fsid);
1591 		fp->fa3_fileid.nfsuquad[0] = 0;
1592 		fp->fa3_fileid.nfsuquad[1] = txdr_unsigned(vap->va_fileid);
1593 		txdr_nfsv3time(&vap->va_atime, &fp->fa3_atime);
1594 		txdr_nfsv3time(&vap->va_mtime, &fp->fa3_mtime);
1595 		txdr_nfsv3time(&vap->va_ctime, &fp->fa3_ctime);
1596 	} else {
1597 		fp->fa_type = vtonfsv2_type(vap->va_type);
1598 		fp->fa_mode = vtonfsv2_mode(vap->va_type, vap->va_mode);
1599 		fp->fa2_size = txdr_unsigned(vap->va_size);
1600 		fp->fa2_blocksize = txdr_unsigned(vap->va_blocksize);
1601 		if (vap->va_type == VFIFO)
1602 			fp->fa2_rdev = 0xffffffff;
1603 		else
1604 			fp->fa2_rdev = txdr_unsigned(vap->va_rdev);
1605 		fp->fa2_blocks = txdr_unsigned(vap->va_bytes / NFS_FABLKSIZE);
1606 		fp->fa2_fsid = txdr_unsigned(vap->va_fsid);
1607 		fp->fa2_fileid = txdr_unsigned(vap->va_fileid);
1608 		txdr_nfsv2time(&vap->va_atime, &fp->fa2_atime);
1609 		txdr_nfsv2time(&vap->va_mtime, &fp->fa2_mtime);
1610 		txdr_nfsv2time(&vap->va_ctime, &fp->fa2_ctime);
1611 	}
1612 }
1613 
1614 /*
1615  * nfsrv_fhtovp() - convert a fh to a vnode ptr (optionally locked)
1616  * 	- look up fsid in mount list (if not found ret error)
1617  *	- get vp and export rights by calling VFS_FHTOVP() and VFS_CHECKEXP()
1618  *	- if cred->cr_uid == 0 or MNT_EXPORTANON set it to credanon
1619  *	- if not lockflag unlock it with VOP_UNLOCK()
1620  */
1621 int
1622 nfsrv_fhtovp(fhp, lockflag, vpp, cred, slp, nam, rdonlyp, kerbflag)
1623 	fhandle_t *fhp;
1624 	int lockflag;
1625 	struct vnode **vpp;
1626 	struct ucred *cred;
1627 	struct nfssvc_sock *slp;
1628 	struct mbuf *nam;
1629 	int *rdonlyp;
1630 	int kerbflag;
1631 {
1632 	struct proc *p = curproc;	/* XXX */
1633 	struct mount *mp;
1634 	int i;
1635 	struct ucred *credanon;
1636 	int error, exflags;
1637 	struct sockaddr_in *saddr;
1638 
1639 	*vpp = (struct vnode *)0;
1640 	mp = vfs_getvfs(&fhp->fh_fsid);
1641 
1642 	if (!mp)
1643 		return (ESTALE);
1644 	error = VFS_CHECKEXP(mp, nam, &exflags, &credanon);
1645 	if (error)
1646 		return (error);
1647 	error = VFS_FHTOVP(mp, &fhp->fh_fid, vpp);
1648 	if (error)
1649 		return (error);
1650 
1651 	saddr = mtod(nam, struct sockaddr_in *);
1652 	if (saddr->sin_family == AF_INET &&
1653 	    (ntohs(saddr->sin_port) >= IPPORT_RESERVED ||
1654 	    (slp->ns_so->so_type == SOCK_STREAM && ntohs(saddr->sin_port) == 20))) {
1655 		vput(*vpp);
1656 		return (NFSERR_AUTHERR | AUTH_TOOWEAK);
1657 	}
1658 
1659 	/*
1660 	 * Check/setup credentials.
1661 	 */
1662 	if (exflags & MNT_EXKERB) {
1663 		if (!kerbflag) {
1664 			vput(*vpp);
1665 			return (NFSERR_AUTHERR | AUTH_TOOWEAK);
1666 		}
1667 	} else if (kerbflag) {
1668 		vput(*vpp);
1669 		return (NFSERR_AUTHERR | AUTH_TOOWEAK);
1670 	} else if (cred->cr_uid == 0 || (exflags & MNT_EXPORTANON)) {
1671 		cred->cr_uid = credanon->cr_uid;
1672 		cred->cr_gid = credanon->cr_gid;
1673 		for (i = 0; i < credanon->cr_ngroups && i < NGROUPS; i++)
1674 			cred->cr_groups[i] = credanon->cr_groups[i];
1675 		cred->cr_ngroups = i;
1676 	}
1677 	if (exflags & MNT_EXRDONLY)
1678 		*rdonlyp = 1;
1679 	else
1680 		*rdonlyp = 0;
1681 	if (!lockflag)
1682 		VOP_UNLOCK(*vpp, 0, p);
1683 
1684 	return (0);
1685 }
1686 
1687 /*
1688  * This function compares two net addresses by family and returns TRUE
1689  * if they are the same host.
1690  * If there is any doubt, return FALSE.
1691  * The AF_INET family is handled as a special case so that address mbufs
1692  * don't need to be saved to store "struct in_addr", which is only 4 bytes.
1693  */
1694 int
1695 netaddr_match(family, haddr, nam)
1696 	int family;
1697 	union nethostaddr *haddr;
1698 	struct mbuf *nam;
1699 {
1700 	struct sockaddr_in *inetaddr;
1701 
1702 	switch (family) {
1703 	case AF_INET:
1704 		inetaddr = mtod(nam, struct sockaddr_in *);
1705 		if (inetaddr->sin_family == AF_INET &&
1706 		    inetaddr->sin_addr.s_addr == haddr->had_inetaddr)
1707 			return (1);
1708 		break;
1709 #ifdef ISO
1710 	case AF_ISO:
1711 	    {
1712 		struct sockaddr_iso *isoaddr1, *isoaddr2;
1713 
1714 		isoaddr1 = mtod(nam, struct sockaddr_iso *);
1715 		isoaddr2 = mtod(haddr->had_nam, struct sockaddr_iso *);
1716 		if (isoaddr1->siso_family == AF_ISO &&
1717 		    isoaddr1->siso_nlen > 0 &&
1718 		    isoaddr1->siso_nlen == isoaddr2->siso_nlen &&
1719 		    SAME_ISOADDR(isoaddr1, isoaddr2))
1720 			return (1);
1721 		break;
1722 	    }
1723 #endif	/* ISO */
1724 	default:
1725 		break;
1726 	};
1727 	return (0);
1728 }
1729 
1730 /*
1731  * The write verifier has changed (probably due to a server reboot), so all
1732  * B_NEEDCOMMIT blocks will have to be written again. Since they are on the
1733  * dirty block list as B_DELWRI, all this takes is clearing the B_NEEDCOMMIT
1734  * flag. Once done the new write verifier can be set for the mount point.
1735  */
1736 void
1737 nfs_clearcommit(mp)
1738 	struct mount *mp;
1739 {
1740 	struct vnode *vp, *nvp;
1741 	struct buf *bp, *nbp;
1742 	int s;
1743 
1744 	s = splbio();
1745 loop:
1746 	for (vp = LIST_FIRST(&mp->mnt_vnodelist); vp != NULL; vp = nvp) {
1747 		if (vp->v_mount != mp)	/* Paranoia */
1748 			goto loop;
1749 		nvp = LIST_NEXT(vp, v_mntvnodes);
1750 		for (bp = LIST_FIRST(&vp->v_dirtyblkhd); bp != NULL; bp = nbp) {
1751 			nbp = LIST_NEXT(bp, b_vnbufs);
1752 			if ((bp->b_flags & (B_BUSY | B_DELWRI | B_NEEDCOMMIT))
1753 				== (B_DELWRI | B_NEEDCOMMIT))
1754 				bp->b_flags &= ~B_NEEDCOMMIT;
1755 		}
1756 	}
1757 	splx(s);
1758 }
1759 
1760 /*
1761  * Map errnos to NFS error numbers. For Version 3 also filter out error
1762  * numbers not specified for the associated procedure.
1763  */
1764 int
1765 nfsrv_errmap(nd, err)
1766 	struct nfsrv_descript *nd;
1767 	int err;
1768 {
1769 	short *defaulterrp, *errp;
1770 
1771 	if (nd->nd_flag & ND_NFSV3) {
1772 	    if (nd->nd_procnum <= NFSPROC_COMMIT) {
1773 		errp = defaulterrp = nfsrv_v3errmap[nd->nd_procnum];
1774 		while (*++errp) {
1775 			if (*errp == err)
1776 				return (err);
1777 			else if (*errp > err)
1778 				break;
1779 		}
1780 		return ((int)*defaulterrp);
1781 	    } else
1782 		return (err & 0xffff);
1783 	}
1784 	if (err <= ELAST)
1785 		return ((int)nfsrv_v2errmap[err - 1]);
1786 	return (NFSERR_IO);
1787 }
1788 
1789 /*
1790  * Sort the group list in increasing numerical order.
1791  * (Insertion sort by Chris Torek, who was grossed out by the bubble sort
1792  *  that used to be here.)
1793  */
1794 void
1795 nfsrvw_sort(list, num)
1796         gid_t *list;
1797         int num;
1798 {
1799 	int i, j;
1800 	gid_t v;
1801 
1802 	/* Insertion sort. */
1803 	for (i = 1; i < num; i++) {
1804 		v = list[i];
1805 		/* find correct slot for value v, moving others up */
1806 		for (j = i; --j >= 0 && v < list[j];)
1807 			list[j + 1] = list[j];
1808 		list[j + 1] = v;
1809 	}
1810 }
1811 
1812 /*
1813  * copy credentials making sure that the result can be compared with bcmp().
1814  */
1815 void
1816 nfsrv_setcred(incred, outcred)
1817 	struct ucred *incred, *outcred;
1818 {
1819 	int i;
1820 
1821 	bzero((caddr_t)outcred, sizeof (struct ucred));
1822 	outcred->cr_ref = 1;
1823 	outcred->cr_uid = incred->cr_uid;
1824 	outcred->cr_gid = incred->cr_gid;
1825 	outcred->cr_ngroups = incred->cr_ngroups;
1826 	for (i = 0; i < incred->cr_ngroups; i++)
1827 		outcred->cr_groups[i] = incred->cr_groups[i];
1828 	nfsrvw_sort(outcred->cr_groups, outcred->cr_ngroups);
1829 }
1830