/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2014 Nexenta Systems, Inc. All rights reserved.
*/
/*
* A version of VOP_FID that deals with a remote VOP_FID for nfs.
* If vp is an nfs node, nfs4_fid() returns EREMOTE, nfs3_fid() and nfs_fid()
* returns the filehandle of vp as its fid. When nfs uses fid to set the
* exportinfo filehandle template, a remote nfs filehandle would be too big for
* the fid of the exported directory. This routine remaps the value of the
* attribute va_nodeid of vp to be the fid of vp, so that the fid can fit.
*
* We need this fid mainly for setting up NFSv4 server namespace where an
* nfs filesystem is also part of it. Thus, need to be able to setup a pseudo
* exportinfo for an nfs node.
*
* e.g. mount a filesystem on top of a nfs dir, and then share the new mount
* (like exporting a local disk from a "diskless" client)
*/
int
{
int error;
/*
* XXX nfs4_fid() does nothing and returns EREMOTE.
* XXX nfs3_fid()/nfs_fid() returns nfs filehandle as its fid
* which has a bigger length than local fid.
* NFS_FH4MAXDATA is the size of
* fhandle4_t.fh_xdata[NFS_FH4MAXDATA].
*
* Note: nfs[2,3,4]_fid() only gets called for diskless clients.
*/
if (error)
return (error);
return (0);
}
return (error);
}
/*
* Get an nfsv4 vnode of the given fid from the visible list of an
* nfs filesystem or get the exi_vp if it is the root node.
*/
int
{
int error;
/* check if the given fid is in the visible list */
return (0);
}
}
/* check if the given fid is the same as the exported node */
if (error)
return (error);
return (0);
}
return (ENOENT);
}
/*
* Create a pseudo export entry
*
* This is an export entry that's created as the
* side-effect of a "real" export. As a part of
* a real export, the pathname to the export is
* checked to see if all the directory components
* are accessible via an NFSv4 client, i.e. are
* exported. If treeclimb_export() finds an unexported
* mountpoint along the path, then it calls this
* function to export it.
*
* This pseudo export differs from a real export in that
* it only allows read-only access. A "visible" list of
* directories is added to filter lookup and readdir results
* to only contain dirnames which lead to descendant shares.
*
* A visible list has a per-file-system scope. Any exportinfo
* struct (real or pseudo) can have a visible list as long as
* a) its export root is VROOT
* b) a descendant of the export root is shared
*/
struct exportinfo *
struct exportdata *exdata)
{
int vpathlen;
int i;
VSW_VOLATILEDEV) ? 1 : 0;
/*
* Build up the template fhandle
*/
if (vpathlen)
/* Transfer the secinfo data from exdata to this new pseudo node */
if (exdata)
/*
* Initialize auth cache and auth cache lock
*/
for (i = 0; i < AUTH_TABLESIZE; i++) {
sizeof (struct auth_cache_clnt),
}
/*
* Insert the new entry at the front of the export list
*/
return (exi);
}
/*
* Free a list of visible directories
*/
void
{
}
}
/*
* Connects newchild (or subtree with newchild in head)
* to the parent node. We always add it to the beginning
* of sibling list.
*/
static void
{
}
/* Look up among direct children a node with the exact tree_vis pointer */
static treenode_t *
{
for (t = t->tree_child_first; t; t = t->tree_sibling)
return (t);
return (NULL);
}
/*
* Add new node to the head of subtree pointed by 'n'. n can be NULL.
* Interconnects the new treenode with exp_visible and exportinfo
* if needed.
*/
static treenode_t *
{
if (n) {
tnode->tree_child_first = n;
n->tree_parent = tnode;
}
if (v) {
}
if (e) {
}
return (tnode);
}
/*
* Removes node from the tree and frees the treenode struct.
* Does not free structures pointed by tree_exi and tree_vis,
* they should be already freed.
*/
static void
{
treenode_t *s; /* s for sibling */
return;
}
/* This node is first child */
/* This node is not first child */
} else {
s = parent->tree_child_first;
while (s->tree_sibling != node)
s = s->tree_sibling;
}
}
/*
* When we export a new directory we need to add a new
* path segment through the pseudofs to reach the new
* directory. This new path is reflected in a list of
* directories added to the "visible" list.
*
* Here there are two lists of visible fids: one hanging off the
* pseudo exportinfo, and the one we want to add. It's possible
* that the two lists share a common path segment
* and have some common directories. We need to combine
* the lists so there's no duplicate entries. Where a common
* path component is found, the vis_count field is bumped.
*
* This example shows that the treenode chain (tree_head) and
* exp_visible chain (vis_head) can differ in length. The latter
* can be shorter. The outer loop must loop over the vis_head chain.
*
* share /x/a
* mkdir -p /x/y/a/b
* share /x/y/a/b
*
* When more_visible() is called during the second share,
* the existing namespace is following:
* exp_visible_t
* treenode_t exportinfo_t v0 v1
* ns_root+---+ +------------+ +---+ +---+
* t0| / |........| E0 pseudo |->| x |->| a |
* +---+ +------------+ +---+ +---+
* | / /
* +---+ / /
* t1| x |------------------------ /
* +---+ /
* | /
* +---+ /
* t2| a |-------------------------
* +---+........+------------+
* | E1 real |
* +------------+
*
* This is being added:
*
* tree_head vis_head
* +---+ +---+
* t3| x |->| x |v2
* +---+ +---+
* | |
* +---+ +---+ v4 v5
* t4| y |->| y |v3 +------------+ +---+ +---+
* +---+\ +---+ | E2 pseudo |->| a |->| b |
* | \....... >+------------+ +---+ +---+
* +---+ / /
* t5| a |--------------------------- /
* +---+ /
* | /
* +---+-------------------------------
* t6| b | +------------+
* +---+..........>| E3 real |
* +------------+
*
* more_visible() will:
* - kmem_free() t3 and v2
* - add t4, t5, t6 as a child of t1 (t4 will become sibling of t2)
* - add v3 to the end of E0->exi_visible
*
* Note that v4 and v5 were already processed in pseudo_exportfs() and
* added to E2. The outer loop of more_visible() will loop only over v2
* and v3. The inner loop of more_visible() always loops over v0 and v1.
*
* Illustration for this scenario:
*
* mkdir -p /v/a/b/c
* share /v/a/b/c
*
* EXISTING
* treenode
* namespace: +-----------+ visibles
* |exportinfo |-->v->a->b->c
* connect_point->+---+--->+-----------+
* | / |T0
* +---+
* | NEW treenode chain:
* child->+---+
* | v |T1 +---+<-curr
* +---+ N1| v |
* | +---+
* +---+ |
* | a |T2 +---+<-tree_head
* +---+ N2| a1|
* | +---+
* +---+ |
* | b |T3 +---+
* +---+ N3| b |
* | +---+
* +---+ |
* | c |T4 +---+
* +---+ N4| c1|
* +---+
*
* The picture above illustrates the position of following pointers after line
* 'child = tree_find_child_by_vis(connect_point, curr->tree_vis);'
* was executed for the first time in the outer 'for' loop:
*
* connect_point..parent treenode in the EXISTING namespace to which the 'curr'
* should be connected. If 'connect_point' already has a child
* with the same value of tree_vis as the curr->tree_vis is,
* the 'curr' will not be added, but kmem_free()d.
* child..........the result of tree_find_child_by_vis()
* curr...........currently processed treenode from the NEW treenode chain
* tree_head......current head of the NEW treenode chain, in this case it was
* already moved down to its child - preparation for another loop
*
* What will happen to NEW treenodes N1, N2, N3, N4 in more_visible() later:
*
* N1: is merged - i.e. N1 is kmem_free()d. T0 has a child T1 with the same
* tree_vis as N1
* N2: is added as a new child of T1
* Note: not just N2, but the whole chain N2->N3->N4 is added
* N3: not processed separately (it was added together with N2)
* Even that N3 and T3 have same tree_vis, they are NOT merged, but will
* become duplicates.
* N4: not processed separately
*/
static void
{
int found;
/*
* If exportinfo doesn't already have a visible
* list just assign the entire supplied list.
*/
/* Update the change timestamp */
return;
}
/* The outer loop traverses the supplied list. */
found = 0;
/* The inner loop searches the exportinfo visible list. */
found = 1;
/* Transfer vis_exported from vp1 to vp2. */
break;
}
}
/* If not found - add to the end of the list */
if (! found) {
}
if (! connect_point) /* No longer merging */
continue;
/*
* The inner loop could set curr->tree_vis to the EXISTING
* exp_visible vp2, so we can search among the children of
* connect_point for the curr->tree_vis. No need for EQFID.
*/
/*
* Merging cannot be done if a valid child->tree_exi would
* be overwritten by a new curr->tree_exi.
*/
if (child &&
}
} else { /* Branching */
/* Update the change timestamp */
}
}
}
/*
* Remove one visible entry from the pseudo exportfs.
*
* When we unexport a directory, we have to remove path
* components from the visible list in the pseudo exportfs
* entry. The supplied visible contains one fid of one path
* component. The visible list of the export
* is checked against provided visible, matching fid has its
* reference count decremented. If a reference count drops to
* zero, then it means no paths now use this directory, so its
* fid can be removed from the visible list.
*
* When the last path is removed, the visible list will be null.
*/
static void
{
/*
* Decrement the ref count.
* Remove the entry if it's zero.
*/
else
vp2->vis_seccnt);
}
break;
}
}
}
/*
* This function checks the path to a new export to
* check whether all the pathname components are
* exported. It works by climbing the file tree one
* component at a time via "..", crossing mountpoints
* if necessary until an export entry is found, or the
* system root is reached.
*
* If an unexported mountpoint is found, then
* a new pseudo export is added and the pathname from
* the mountpoint down to the export is added to the
* visible list for the new pseudo export. If an existing
* pseudo export is found, then the pathname is added
* to its visible list.
*
* Note that there's some tests for exportdir.
* The exportinfo entry that's passed as a parameter
* is that of the real export and exportdir is set
* for this case.
*
* Here is an example of a possible setup:
*
* () - a new fs; fs mount point
* EXPORT - a real exported node
* PSEUDO - a pseudo node
* vis - visible list
* f# - security flavor#
* (f#) - security flavor# propagated from its descendents
* "" - covered vnode
*
*
* /
* |
* (a) PSEUDO (f1,f2)
* | vis: b,b,"c","n"
* |
* b
* ---------|------------------
* | |
* (c) EXPORT,f1(f2) (n) PSEUDO (f1,f2)
* | vis: "e","d" | vis: m,m,,p,q,"o"
* | |
* ------------------ -------------------
* | | | | |
* (d) (e) f m EXPORT,f1(f2) p
* EXPORT EXPORT | |
* f1 f2 | |
* | | |
* j (o) EXPORT,f2 q EXPORT f2
*
*/
int
{
int error;
int exportdir;
gethrestime(&now);
exportdir = 1;
for (;;) {
if (error)
break;
/*
* The root of the file system needs special handling
*/
if (! exportdir) {
/*
* Check if this VROOT dir is already exported.
* If so, then attach the pseudonodes. If not,
* then continue .. traversal until we hit a
* VROOT export (pseudo or real).
*/
vp);
/*
* Found an export info
*
* Extend the list of visible
* directories whether it's a pseudo
* or a real export.
*/
break; /* and climb no further */
}
/*
* Found the root directory of a filesystem
* that isn't exported. Need to export
* this as a pseudo export so that an NFS v4
* client can do lookups in it.
*/
NULL);
}
/* at system root */
/*
* If sharing "/", new_exi is shared exportinfo
* (exip). Otherwise, new_exi is exportinfo
* created by pseudo_exportfs() above.
*/
new_exi);
/* Update the change timestamp */
break;
}
/*
* Traverse across the mountpoint and continue the
* climb on the mounted-on filesystem.
*/
exportdir = 0;
continue;
}
/*
* Do a getattr to obtain the nodeid (inode num)
* for this vnode.
*/
if (error)
break;
/*
* Add this directory fid to visible list
*/
visp->vis_seccnt = 0;
/*
* Will set treenode's pointer to exportinfo to
* 1. shared exportinfo (exip) - if first visit here
* 2. freshly allocated pseudo export (if any)
* 3. null otherwise
*/
/*
* Now, do a ".." to find parent dir of vp.
*/
error = 0;
}
if (error)
break;
exportdir = 0;
}
/*
* We can have set error due to error in:
* 1. vop_fid_pseudo()
* 2. VOP_GETATTR()
* 3. VOP_LOOKUP()
* We must free pseudo exportinfos, visibles and treenodes.
* Visibles are referenced from treenode_t::tree_vis and
* exportinfo_t::exi_visible. To avoid double freeing, only
* exi_visible pointer is used, via exi_rele(), for the clean-up.
*/
if (error) {
/* Free unconnected visibles, if there are any. */
if (vis_head)
/* Connect unconnected exportinfo, if there is any. */
while (tree_head) {
/* exip will be freed in exportfs() */
if (e && e != exip) {
export_unlink(e);
exi_rele(e);
}
}
}
return (error);
}
/*
* Walk up the tree and:
* 1. release pseudo exportinfo if it has no child
* 2. release visible in parent's exportinfo
* 3. delete non-exported leaf nodes from tree
*
* Deleting of nodes will start only if the unshared
* node was a leaf node.
* Deleting of nodes will finish when we reach a node which
* has children or is a real export, then we might still need
* to continue releasing visibles, until we reach VROOT node.
*/
void
{
/*
* The unshared exportinfo was unlinked in unexport().
* Zeroing tree_exi ensures that we will skip it.
*/
/* Stop at VROOT node which is exported or has child */
break;
/* Release pseudo export if it has no child */
}
/* Release visible in parent's exportinfo */
/* Continue with parent */
/* Remove itself, if this is a leaf and non-exported node */
!TREE_EXPORTED(old_nd)) {
}
}
/* Update the change timestamp */
if (connect_point != NULL)
}
/*
* Traverse backward across mountpoint from the
* root vnode of a filesystem to its mounted-on
* vnode.
*/
vnode_t *
{
for (;;) {
break;
/* lock vfs to prevent unmount of this vfs */
break;
}
/*
* Hold nextvp to prevent unmount. After unlock vfs and
* rele tvp, any number of overlays could be unmounted.
* Putting a hold on vfs_vnodecovered will only allow
* tvp's vfs to be unmounted. Of course if caller placed
* extra hold on vp before calling untraverse, the following
* hold would not be needed. Since prev actions of caller
* are unknown, we need to hold here just to be safe.
*/
}
return (tvp);
}
/*
* Given an exportinfo, climb up to find the exportinfo for the VROOT
* of the filesystem.
*
* e.g. /
* |
* a (VROOT) pseudo-exportinfo
* |
* b
* |
* c #share /a/b/c
* |
* d
*
* where c is in the same filesystem as a.
* So, get_root_export(*exportinfo_for_c) returns exportinfo_for_a
*
* If d is shared, then c will be put into a's visible list.
* Note: visible list is per filesystem and is attached to the
* VROOT exportinfo.
*/
struct exportinfo *
{
while (tnode) {
break;
}
}
return (exi);
}
/*
* Return true if the supplied vnode has a sub-directory exported.
*/
int
{
/*
* An exported root vnode has a sub-dir shared if it has a visible list.
* i.e. if it does not have a visible list, then there is no node in
* this filesystem leads to any other shared node.
*/
/*
* Only the exportinfo of a fs root node may have a visible list.
* Either it is a pseudo root node, or a real exported root node.
*/
if (!exi->exi_visible)
return (0);
/* Get the fid of the vnode */
return (0);
}
/*
* See if vp is in the visible list of the root node exportinfo.
*/
/*
* If vp is an exported non-root node with only 1 path
* count (for itself), it indicates no sub-dir shared
* using this vp as a path.
*/
break;
return (1);
}
}
return (0);
}
/*
* Returns true if the supplied vnode is visible
* in this export. If vnode is visible, return
* vis_exported in expseudo.
*/
int
{
/*
* First check to see if vp is export root.
*
* A pseudo export root can never be exported
* (it would be a real export then); however,
* it is always visible. If a pseudo root object
* was exported by server admin, then the entire
* pseudo exportinfo (and all visible entries) would
* be destroyed. A pseudo exportinfo only exists
* to provide access to real (descendant) export(s).
*
* Previously, rootdir was special cased here; however,
* the export root special case handles the rootdir
* case also.
*/
*expseudo = 0;
return (1);
}
/*
* Only a PSEUDO node has a visible list or an exported VROOT
* node may have a visible list.
*/
/* Get the fid of the vnode */
*expseudo = 0;
return (0);
}
/*
* We can't trust VN_CMP() above because of LOFS.
* Even though VOP_CMP will do the right thing for LOFS
* objects, VN_CMP will short circuit out early when the
* vnode ops ptrs are different. Just in case we're dealing
*
* expseudo is not set because this is not an export
*/
*expseudo = 0;
return (1);
}
/* See if it matches any fid in the visible list */
return (1);
}
}
*expseudo = 0;
return (0);
}
/*
* Returns true if the supplied vnode is the
* directory of an export point.
*/
int
{
/*
* First check to see if vp is the export root
* This check required for the case of lookup ..
* where .. is a V_ROOT vnode and a pseudo exportroot.
* Pseudo export root objects do not have an entry
* in the visible list even though every V_ROOT
* pseudonode is visible. It is safe to compare
* vp here because pseudo_exportfs put a hold on
* it when exi_vp was initialized.
*
* Note: VN_CMP() won't match for LOFS shares, but they're
*/
return (1);
/* Get the fid of the vnode */
return (0);
return (1);
}
/* See if it matches any fid in the visible list */
return (visp->vis_exported);
}
return (0);
}
/*
* Returns true if the supplied inode is visible
* in this export. This function is used by
* readdir which uses inode numbers from the
* directory.
*
* NOTE: this code does not match inode number for ".",
* but it isn't required because NFS4 server rddir
* skips . and .. entries.
*/
int
struct exp_visible **visp)
{
/*
* Only a PSEUDO node has a visible list or an exported VROOT
* node may have a visible list.
*/
return (1);
}
return (0);
}
/*
* The change attribute value of the root of nfs pseudo namespace.
*
* The ns_root_change is protected by exported_lock because all of the treenode
* operations are protected by exported_lock too.
*/
/*
* Get the change attribute from visible and returns TRUE.
* If the change value is not available returns FALSE.
*/
{
/*
* First check to see if vp is export root.
*/
goto exproot;
/*
* Only a PSEUDO node has a visible list or an exported VROOT
* node may have a visible list.
*/
/* Get the fid of the vnode */
return (FALSE);
/*
* We can't trust VN_CMP() above because of LOFS.
* Even though VOP_CMP will do the right thing for LOFS
* objects, VN_CMP will short circuit out early when the
* vnode ops ptrs are different. Just in case we're dealing
*/
goto exproot;
/* See if it matches any fid in the visible list */
return (TRUE);
}
}
return (FALSE);
/* The VROOT export have its visible available through treenode */
} else {
*change = ns_root_change;
}
return (TRUE);
}
/*
* Update the change attribute value for a particular treenode. The change
* attribute value is stored in the visible attached to the treenode, or in the
* ns_root_change.
*
* If the change value is not supplied, the current time is used.
*/
void
{
*vis_change = *change;
else
}