nfs_export.c revision a3745ee95227dbb143bbd14be46ddfe4ea429d49
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
/*
* Copyright 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T.
* All rights reserved.
*/
#include <sys/pathname.h>
#include <nfs/nfs_clnt.h>
#include <sys/pkp_hash.h>
static int unexport(exportinfo_t *);
static void exportfree(exportinfo_t *);
static int loadindex(exportdata_t *);
extern void nfsauth_cache_free(exportinfo_t *);
extern void sec_svc_freerootnames(int, int, caddr_t *);
#ifdef VOLATILE_FH_TEST
static void free_volrnm_list(exportinfo_t *);
#endif /* VOLATILE_FH_TEST */
/*
* This lock must be held when searching or modifiying
* the exportinfo list.
*/
/*
* "public" and default (root) location for public filehandle
*/
/*
* macro for static dtrace probes to trace server namespace ref count mods.
*/
static uint8_t
{
uint8_t h = 0;
while (len--)
h ^= *data++;
return (h);
}
/*
* File handle hash function, XOR over all bytes in fsid and fid.
*/
static unsigned
{
int len;
uint8_t h;
/*
* Sanity check the length before using it
* blindly in case the client trashed it.
*/
return ((unsigned)h);
}
/*
* Free the memory allocated within a secinfo entry.
*/
void
{
}
sizeof (rpc_gss_OID_desc));
}
}
/*
* Free a list of secinfo allocated in the exportdata structure.
*/
void
{
int i;
if (cnt == 0)
return;
for (i = 0; i < cnt; i++)
}
/*
* Allocate and copy a secinfo data from "from" to "to".
*
* This routine is used by srv_secinfo_add() to add a new flavor to an
* ancestor's export node. The rootnames are not copied because the
* allowable rootname access only applies to the explicit exported node,
* not its ancestor's.
*
* "to" should have already been allocated and zeroed before calling
* this routine.
*
* This routine is used under the protection of exported_lock (RW_WRITER).
*/
void
{
/* copy mechanism oid */
KM_SLEEP);
}
/* no need to copy the mode bits - s_flags */
}
/*
* Create a secinfo array without duplicates. The condensed
* flavor list is used to propagate flavor ref counts to an
* export's ancestor pseudonodes.
*/
static int
{
int ccnt, c;
int ncnt, n;
ncnt = 0;
for (c = 0; c < ccnt; c++) {
continue;
for (n = 0; n < ncnt; n++) {
break;
}
/*
* The structure copy below also copys ptrs embedded
* within struct secinfo. The ptrs are copied but
* they are never freed from the nodups array. If
* an ancestor's secinfo array doesn't contain one
* of the nodups flavors, then the entry is properly
* copied into the ancestor's secinfo array.
* (see srv_secinfo_copy)
*/
if (n == ncnt) {
ncnt++;
}
}
return (ncnt);
}
/*
* Add the new security flavors from newdata to the current list, pcursec.
* Upon return, *pcursec has the newly merged secinfo list.
*
* There should be at least 1 secinfo entry in newsec.
*
* This routine is used under the protection of exported_lock (RW_WRITER).
*/
static void
{
int ccnt, c; /* sec count in current data - curdata */
int n; /* index for newsec - newsecinfo */
int tcnt; /* total sec count after merge */
int mcnt; /* total sec count after merge */
for (n = 0; n < newcnt; n++) {
for (c = 0; c < ccnt; c++) {
tcnt--;
break;
}
}
}
return; /* no change; no new flavors */
/* move current secinfo list data to the new list */
for (c = 0; c < ccnt; c++)
/* Add the flavor that's not in the current data */
for (n = 0; n < newcnt; n++) {
for (c = 0; c < ccnt; c++) {
break;
}
/* This is the one. Add it. */
if (c == ccnt) {
if (is_pseudo)
mcnt++;
}
}
/*
* Done. Update curdata. Free the old secinfo list in
* curdata and return the new sec array info
*/
if (ccnt > 0)
}
/*
* For NFS V4.
* Remove the security data of the unexported node from its ancestors.
* Assume there is at least one flavor entry in the current sec list
* (pcursec).
*
* This routine is used under the protection of exported_lock (RW_WRITER).
*
* Every element of remsec is an explicitly exported flavor. If
* srv_secinfo_remove() is called fom an exportfs error path, then
* the flavor list was derived from the user's share cmdline,
* and all flavors are explicit. If it was called from the unshare path,
* build_seclist_nodups() was called with the exponly flag.
*/
static void
int remcnt)
{
int ccnt, c; /* sec count in current data - cursec */
int r; /* sec count in removal data - remsec */
for (r = 0; r < remcnt; r++) {
/*
* counts are decremented and propagated to ancestors.
* Implicit flavor refs came from shared descendants, and
* they must be kept.
*/
if (! SEC_REF_EXPORTED(&remsec[r]))
continue;
for (c = 0; c < ccnt; c++) {
/*
* Decrement secinfo reference count by 1.
* If this entry is invalid after decrementing
* the count (i.e. count < 1), this entry will
* be removed.
*/
if (SEC_REF_INVALID(&cursec[c]))
tcnt--;
break;
}
}
}
return; /* no change; no flavors to remove */
if (tcnt == 0) {
*pcurcnt = 0;
return;
}
/* walk thru the given secinfo list to remove the flavors */
mcnt = 0;
for (c = 0; c < ccnt; c++) {
if (SEC_REF_INVALID(&cursec[c])) {
srv_secinfo_entry_free(&cursec[c]);
} else {
mcnt++;
}
}
/*
* Done. Update curdata.
* Free the existing secinfo list in curdata. All pointers
* within the list have either been moved to msec or freed
* if it's invalid.
*/
}
/*
* For the reshare case, sec flavor accounting happens in 3 steps:
* 1) propagate addition of new flavor refs up the ancestor tree
* 3) propagate removal of old flavor refs up the ancestor tree
*
* srv_secinfo_exp2exp() implements step 2 of a reshare. At this point,
* the new flavor list has already been propagated up through the
* ancestor tree via srv_secinfo_treeclimb().
*
* If there is more than 1 export reference to an old flavor (i.e. some
* of its children shared with this flavor), this flavor information
* needs to be transferred to the new exportdata struct. A flavor in
* the old exportdata has descendant refs when its s_refcnt > 1 or it
* is implicitly shared (M_SEC4_EXPORTED not set in s_flags).
*
* SEC_REF_EXPORTED() is only true when M_SEC4_EXPORTED is set
* SEC_REF_SELF() is only true when both M_SEC4_EXPORTED is set and s_refcnt==1
*
* Transferring descendant flavor refcnts happens in 2 passes:
* a) flavors used before (oldsecinfo) and after (curdata->ex_secinfo) reshare
* b) flavors used before but not after reshare
*
* This routine is used under the protection of exported_lock (RW_WRITER).
*/
void
{
int ccnt, c; /* sec count in current data - curdata */
int o; /* sec count in old data - oldsecinfo */
/*
* If the oldsecinfo has flavors with more than 1 reference count
* and the flavor is specified in the reshare, transfer the flavor
* refs to the new seclist (curdata.ex_secinfo).
*/
for (o = 0; o < ocnt; o++) {
if (SEC_REF_SELF(&oldsecinfo[o])) {
tcnt--;
continue;
}
for (c = 0; c < ccnt; c++) {
/*
* add old reference to the current
* secinfo count
*/
oldsecinfo[o].s_refcnt;
/*
* Delete the old export flavor
* reference. The initial reference
* was created during srv_secinfo_add,
* and the count is decremented below
* to account for the initial reference.
*/
if (SEC_REF_EXPORTED(&oldsecinfo[o]))
"reshare_xfer_common_child_refs",
tcnt--;
break;
}
}
}
return; /* no more transfer to do */
/*
* oldsecinfo has flavors referenced by its children that are not
* in the current (new) export flavor list. Add these flavors.
*/
/* move current secinfo list data to the new list */
for (c = 0; c < ccnt; c++)
/*
* Add the flavor that's not in the new export, but still
* referenced by its children.
*/
for (o = 0; o < ocnt; o++) {
if (! SEC_REF_SELF(&oldsecinfo[o])) {
for (c = 0; c < ccnt; c++) {
break;
}
/*
* This is the one. Add it. Decrement the ref count
* by 1 if the flavor is an explicitly shared flavor
* for the oldsecinfo export node.
*/
if (c == ccnt) {
if (SEC_REF_EXPORTED(&oldsecinfo[o]))
"reshare_xfer_implicit_child_refs",
mcnt++;
}
}
}
/*
* Done. Update curdata, free the existing secinfo list in
* curdata and set the new value.
*/
if (ccnt > 0)
}
/*
* When unsharing an old export node and the old node becomes a pseudo node,
* if there is more than 1 export reference to an old flavor (i.e. some of
* its children shared with this flavor), this flavor information needs to
* be transferred to the new shared node.
*
* This routine is used under the protection of exported_lock (RW_WRITER).
*/
void
{
int ocnt, o; /* sec count in transfer data - trandata */
/*
* If the olddata has flavors with more than 1 reference count,
* transfer the information to the curdata.
*/
for (o = 0; o < ocnt; o++) {
tcnt--;
}
if (tcnt == 0)
return; /* no transfer to do */
mcnt = 0;
for (o = 0; o < ocnt; o++) {
/*
* Decrement the reference count by 1 if the flavor is
* an explicitly shared flavor for the olddata export
* node.
*/
mcnt++;
}
}
/*
* Done. Update curdata.
* Free up the existing secinfo list in curdata and
* set the new value.
*/
}
/*
* Find for given treenode the exportinfo which has its
* exp_visible linked on its exi_visible list.
*
* Note: We could add new pointer either to treenode or
* to exp_visible, which will point there directly.
* This would buy some speed for some memory.
*/
{
for (;;) {
break;
}
}
return (exi_ret);
}
/*
* For NFS V4.
* Add or remove the newly exported or unexported security flavors of the
* given exportinfo from its ancestors upto the system root.
*/
void
{
if (seccnt == 0)
return;
/*
* If flavors are being added and the new export root isn't
* also VROOT, its implicitly allowed flavors are inherited from
* from its pseudonode.
* Note - for VROOT exports the implicitly allowed flavors were
* transferred from the PSEUDO export in exportfs()
*/
}
/*
* Move to parent node and propagate sec flavor
* to exportinfo and to visible structures.
*/
while (tnode) {
/* If there is exportinfo, update it */
if (isadd)
else
}
/* Update every visible - only root node has no visible */
if (isadd)
FALSE);
else
}
}
}
/* hash_name is a text substitution for either fid_hash or path_hash */
void
{
exportinfo_t **bckt;
}
/*
* Initialization routine for export routines. Should only be called once.
*/
int
nfs_exportinit(void)
{
int error;
/*
* Allocate the place holder for the public file handle, which
* is all zeroes. It is initially set to the root filesystem.
*/
if (error) {
return (error);
}
/* setup the fhandle template */
/*
* Publish the exportinfo in the hash table
*/
nfslog_init();
return (0);
}
/*
* Finalization routine for export routines. Called to cleanup previously
* initialization work when the NFS server module could not be loaded correctly.
*/
void
nfs_exportfini(void)
{
/*
* Deallocate the place holder for the public file handle.
*/
}
/*
* Check if 2 gss mechanism identifiers are the same.
*
* return FALSE if not the same.
* return TRUE if the same.
*/
static bool_t
{
return (TRUE);
return (FALSE);
}
/*
* This routine is used by rpc to map rpc security number
* to nfs specific security flavor number.
*
* The gss callback prototype is
* callback(struct svc_req *, gss_cred_id_t *, gss_ctx_id_t *,
* rpc_gss_lock_t *, void **),
* since nfs does not use the gss_cred_id_t/gss_ctx_id_t arguments
* we cast them to void.
*/
/*ARGSUSED*/
{
int i, j;
struct exportinfo *exi;
/*
* We don't deal with delegated credentials.
*/
if (deleg != GSS_C_NO_CREDENTIAL)
return (FALSE);
for (i = 0; i < EXPTABLESIZE; i++) {
while (exi) {
seconfig_t *se;
int seccnt;
for (j = 0; j < seccnt; j++) {
/*
* If there is a map of the triplet
* (mechanism, service, qop) between
* raw_cred and the exported flavor,
* get the psudo flavor number.
* Also qop should not be NULL, it
* should be "default" or something
* else.
*/
(se->sc_service ==
goto done;
}
}
}
}
}
done:
/*
* If no nfs pseudo number mapping can be found in the export
* table, assign the nfsflavor to NFS_FLAVOR_NOMAP. In V4, we may
* recover the flavor mismatch from NFS layer (NFS4ERR_WRONGSEC).
*
* For example:
* server first shares with krb5i;
* client mounts with krb5i;
* server re-shares with krb5p;
* client tries with krb5i, but no mapping can be found;
* rpcsec_gss module calls this routine to do the mapping,
* if this routine fails, request is rejected from
* the rpc layer.
* What we need is to let the nfs layer rejects the request.
* For V4, we can reject with NFS4ERR_WRONGSEC and the client
* may recover from it by getting the new flavor via SECINFO.
*
* nfs pseudo number for RPCSEC_GSS mapping (see nfssec.conf)
* is owned by IANA (see RFC 2623).
*
* XXX NFS_FLAVOR_NOMAP is defined in Solaris to work around
* the implementation issue. This number should not overlap with
* any new IANA defined pseudo flavor numbers.
*/
*cookie = (void *)NFS_FLAVOR_NOMAP;
return (TRUE);
}
/*
* Exportfs system call; credentials should be checked before
* calling this function.
*/
int
{
struct exportdata *kex;
int error;
char *pathbuf;
char *log_buffer;
char *tagbuf;
int callback;
int allocd_seccnt;
int newcnt;
int oldcnt;
int i;
/* Read in pathname from userspace */
return (error);
/* Walk the export list looking for that pathname */
break;
}
}
/* Is this an unshare? */
return (EINVAL);
return (error);
}
/* It is a share or a re-share */
/*
* if fname resolves to / we get EINVAL error
* since we wanted the parent vnode. Try again
* with NULL dvp.
*/
}
/* Last component of fname not found */
}
if (error) {
if (ex1)
return (error);
}
/*
* 'vp' may be an AUTOFS node, so we perform a
* VOP_ACCESS() to trigger the mount of the
* intended filesystem, so we can share the intended
* filesystem instead of the AUTOFS filesystem.
*/
/*
* We're interested in the top most filesystem.
* This is specially important when uap->dname is a trigger
* AUTOFS node, since we're really interested in sharing the
* filesystem AUTOFS mounted as result of the VOP_ACCESS()
* call not the AUTOFS node itself.
*/
if (ex1)
return (error);
}
}
/* Do not allow sharing another vnode for already shared path */
return (EEXIST);
}
if (ex1)
/*
* Get the vfs id
*/
if (error) {
/*
* If VOP_FID returns ENOSPC then the fid supplied
* is too small. For now we simply return EREMOTE.
*/
return (error);
}
/*
* Do not allow re-sharing a shared vnode under a different path
* PSEUDO export has ex_path fabricated, e.g. "/tmp (pseudo)", skip it.
*/
return (EEXIST);
}
}
VSW_VOLATILEDEV) ? 1 : 0;
/*
* Initialize auth cache lock
*/
/*
* Build up the template fhandle
*/
goto out1;
}
/*
* Load in everything, and do sanity checking
*/
STRUCT_SIZE(uexi))) {
goto out1;
}
"NFS: exportfs requires export struct version 2 - got %d\n",
kex->ex_version);
goto out1;
}
/*
* Must have at least one security entry
*/
goto out1;
}
/*
* Copy the exported pathname into
* an appropriately sized buffer.
*/
goto out1;
}
/*
* Get the path to the logging buffer and the tag
*/
&kex->ex_log_bufferlen)) {
goto out2;
}
kex->ex_log_buffer =
goto out3;
}
}
/*
* Load the security information for each flavor
*/
goto out4;
}
/*
* All of these nested structures need to be converted to
* the kernel native format.
*/
if (model != DATAMODEL_NATIVE) {
}
}
/*
* And now copy rootnames for each individual secinfo.
*/
callback = 0;
allocd_seccnt = 0;
goto out5;
}
}
/* Copyin mechanism type */
goto out5;
}
goto out5;
}
callback = 1;
} else
}
/*
* Init the secinfo reference count and mark these flavors
* explicitly exported flavors.
*/
}
/*
* Set up rpcsec_gss callback routine entry if any.
*/
if (callback) {
(void *)&cb);
}
(void *)&cb);
}
}
/*
* Check the index flag. Do this here to avoid holding the
* lock while dealing with the index option (as we do with
* the public option).
*/
goto out5;
}
goto out5;
}
goto out6;
}
/*
* Insert the new entry at the front of the export list
*/
/*
* Check the rest of the list for an old entry for the fs.
* If one is found then unlink it, wait until this is the
* only reference and then free it.
*/
break;
}
}
/*
* If the public filehandle is pointing at the
* old entry, then point it back at the root.
*/
/*
* If the public flag is on, make the global exi_public
* point to this entry and turn off the public bit so that
* we can distinguish it from the place holder export.
*/
exi_public = exi;
}
#ifdef VOLATILE_FH_TEST
/*
* Set up the volatile_id value if volatile on share.
* The list of volatile renamed filehandles is always destroyed,
* if the fs was reshared.
*/
#endif /* VOLATILE_FH_TEST */
/*
* If this is a new export, then climb up
* the tree and check if any pseudo exports
* need to be created to provide a path for
* NFS v4 clients.
*/
if (error)
goto out7;
} else {
/* If it's a re-export update namespace tree */
}
/*
* build a unique flavor list from the flavors specified
* in the share cmd. unique means that each flavor only
* appears once in the secinfo list -- no duplicates allowed.
*/
/*
* If re-sharing an old export entry, update the secinfo data
* depending on if the old entry is a pseudo node or not.
*/
/*
* The dir being shared is a pseudo export root (which
* will be transformed into a real export root). The
* flavor(s) of the new share were propagated to the
* ancestors by srv_secinfo_treeclimb() above. Now
* transfer the implicit flavor refs from the old
* pseudo exprot root to the new (real) export root.
*/
} else {
/*
* First transfer implicit flavor refs to new export.
* Remove old flavor refs last.
*/
}
}
/*
* If it's a re-export and the old entry has a pseudonode list,
* transfer it to the new export.
*/
}
/*
* Log share operation to this buffer only.
*/
}
return (0);
out7:
/* Unlink the new export in exptable. */
out6:
out5:
/* free partially completed allocation */
while (--allocd_seccnt >= 0) {
}
if (kex->ex_secinfo) {
}
out4:
out3:
out2:
out1:
return (error);
}
/*
* Remove the exportinfo from the export list
*/
void
{
}
/*
* Unexport an exported filesystem
*/
static int
{
int curcnt;
/* Check if exi is still linked in the export table */
return (EINVAL);
}
/*
* Remove security flavors before treeclimb_unexport() is called
* because srv_secinfo_treeclimb needs the namespace tree
*/
/*
* If there's a visible list, then need to leave
* a pseudo export here to retain the visible list
* for paths to exports below.
*/
if (exi->exi_visible) {
struct exportinfo *newexi;
/* interconnect the existing treenode with the new exportinfo */
} else {
}
/*
* Need to call into the NFSv4 server and release all data
* held on this particular export. This is important since
* the v4 server may be holding file locks or vnodes under
* this export.
*/
/*
* Notify the lock manager that the filesystem is being
* unexported.
*/
/*
* If this was a public export, restore
* the public filehandle to the root.
*/
if (exi == exi_public) {
}
}
return (0);
}
/*
* Get file handle system call.
* Takes file name and returns a file handle for it.
* Credentials must be verified before calling.
*/
int
{
char buf[NFS3_MAXFHSIZE];
int l = NFS3_MAXFHSIZE;
struct exportinfo *exi;
int error;
int vers;
#ifdef lint
#endif
/*
* if fname resolves to / we get EINVAL error
* since we wanted the parent vnode. Try again
* with NULL dvp.
*/
}
/*
* Last component of fname not found
*/
}
}
if (error)
return (error);
/*
* 'vp' may be an AUTOFS node, so we perform a
* VOP_ACCESS() to trigger the mount of the
* intended filesystem, so we can share the intended
* filesystem instead of the AUTOFS filesystem.
*/
/*
* We're interested in the top most filesystem.
* This is specially important when uap->dname is a trigger
* AUTOFS node, since we're really interested in sharing the
* filesystem AUTOFS mounted as result of the VOP_ACCESS()
* call not the AUTOFS node itself.
*/
return (error);
}
}
if (!error) {
if (vers == NFS_VERSION) {
l = NFS_FHSIZE;
if (!error && (l > sizeof (fhandle3_t)))
if (!error) {
i = 0;
i += sz;
/*
* For backwards compatibility, the
* fid length may be less than
* NFS_FHMAXDATA, but it was always
* encoded as NFS_FHMAXDATA bytes.
*/
i += sz;
if (pad > 0) {
i += pad;
l += pad;
}
i += sz;
if (pad > 0) {
i += pad;
l += pad;
}
}
/*
* If we need to do NFS logging, the filehandle
* must be downsized to 32 bytes.
*/
i = 0;
i += sz;
i += sz;
sz = NFS_FHMAXDATA;
i += sz;
i += sz;
sz = NFS_FHMAXDATA;
i += sz;
}
}
}
if (!error) {
}
}
}
return (error);
}
/*
* Strategy: if vp is in the export list, then
* return the associated file handle. Otherwise, ".."
* once up the vp and try again, until the root of the
* filesystem is reached.
*/
struct exportinfo *
{
int error;
struct exportinfo *exi;
}
*walk = 0;
for (;;) {
if (error) {
/*
* If vop_fid_pseudo returns ENOSPC then the fid
* supplied is too small. For now we simply
* return EREMOTE.
*/
break;
}
if (v4srv)
else
/*
* Found the export info
*/
break;
}
/*
* We have just failed finding a matching export.
* If we're at the root of this filesystem, then
* it's time to stop (with failure).
*/
break;
}
(*walk)++;
/*
* Now, do a ".." up vp. If dvp is supplied, use it,
* otherwise, look it up.
*/
if (error)
break;
}
}
}
if (error != 0) {
return (NULL);
}
return (exi);
}
int
{
int i, nfsflavor;
/*
* Get the nfs flavor number from xprt.
*/
SEC_REF_EXPORTED(sp + i))
return (TRUE);
}
return (FALSE);
}
/*
* Make an fhandle from a vnode
*/
int
{
int error;
if (error) {
/*
* Should be something other than EREMOTE
*/
return (EREMOTE);
}
return (0);
}
/*
* This routine makes an overloaded V2 fhandle which contains
* sec modes.
*
* Note that the first four octets contain the length octet,
* the status octet, and two padded octets to make them XDR
* four-octet aligned.
*
* 1 2 3 4 32
* +---+---+---+---+---+---+---+---+ +---+---+---+---+ +---+
* | l | s | | | sec_1 |...| sec_n |...| |
* +---+---+---+---+---+---+---+---+ +---+---+---+---+ +---+
*
* where
*
* the status octet s indicates whether there are more security
* flavors (1 means yes, 0 means no) that require the client to
* perform another 0x81 LOOKUP to get them,
*
* the length octet l is the length describing the number of
* valid octets that follow. (l = 4 * n, where n is the number
* of security flavors sent in the current overloaded filehandle.)
*
* sec_index should always be in the inclusive range: [1 - ex_seccnt],
* and it tells server where to start within the secinfo array.
* Usually it will always be 1; however, if more flavors are used
* for the public export than can be encoded in the overloaded FH
* (7 for NFS2), subsequent SNEGO MCLs will have a larger index
* so the server will pick up where it left off from the previous
* MCL reply.
*
* With NFS4 support, implicitly allowed flavors are also in
* the secinfo array; however, they should not be returned in
* SNEGO MCL replies.
*/
int
{
char *c;
return (EREMOTE);
/*
* WebNFS clients need to know the unique set of explicitly
* shared flavors in used for the public export. When
* "TRUE" is passed to build_seclist_nodups(), only explicitly
* shared flavors are included in the list.
*/
return (EREMOTE);
c = (char *)fh;
/*
* Encode the length octet representing the number of
* security flavors (in bytes) in this overloaded fh.
*/
*c = cnt * sizeof (int);
/*
* Encode the status octet that indicates whether there
* are more security flavors the client needs to get.
*/
/*
* put security flavors in the overloaded fh
*/
for (i = 0; i < cnt; i++) {
}
return (0);
}
/*
* Make an nfs_fh3 from a vnode
*/
int
{
int error;
if (error)
return (EREMOTE);
return (0);
}
/*
* This routine makes an overloaded V3 fhandle which contains
* sec modes.
*
* 1 4
* +--+--+--+--+
* | len |
* +--+--+--+--+
* up to 64
* +--+--+--+--+--+--+--+--+--+--+--+--+ +--+--+--+--+
* |s | | | | sec_1 | sec_2 | ... | sec_n |
* +--+--+--+--+--+--+--+--+--+--+--+--+ +--+--+--+--+
*
* len = 4 * (n+1), where n is the number of security flavors
* sent in the current overloaded filehandle.
*
* the status octet s indicates whether there are more security
* mechanisms (1 means yes, 0 means no) that require the client
* to perform another 0x81 LOOKUP to get them.
*
* Three octets are padded after the status octet.
*/
int
{
char *c;
return (EREMOTE);
/*
* WebNFS clients need to know the unique set of explicitly
* shared flavors in used for the public export. When
* "TRUE" is passed to build_seclist_nodups(), only explicitly
* shared flavors are included in the list.
*/
return (EREMOTE);
/*
* Place the length in fh3_length representing the number
* of security flavors (in bytes) in this overloaded fh.
*/
/*
* Encode the status octet that indicates whether there
* are more security flavors the client needs to get.
*/
*c = totalcnt > fh_max_cnt;
/*
* put security flavors in the overloaded fh
*/
for (i = 0; i < cnt; i++) {
}
return (0);
}
/*
* Make an nfs_fh4 from a vnode
*/
int
{
int error;
/*
* vop_fid_pseudo() is used to set up NFSv4 namespace, so
* use vop_fid_pseudo() here to get the fid instead of VOP_FID.
*/
if (error)
return (error);
#ifdef VOLATILE_FH_TEST
/*
* XXX (temporary?)
* Use the rnode volatile_id value to add volatility to the fh.
*
* For testing purposes there are currently two scenarios, based
* on whether the filesystem was shared with "volatile_fh"
* or "expire_on_rename". In the first case, use the value of
* export struct share_time as the volatile_id. In the second
* case use the vnode volatile_id value (which is set to the
* time in which the file was renamed).
*
* Note that the above are temporary constructs for testing only
* XXX
*/
} else {
fh_fmtp->fh4_volatile_id = 0;
}
#endif /* VOLATILE_FH_TEST */
return (0);
}
/*
* Convert an fhandle into a vnode.
* Uses the file id (fh_len + fh_data) in the fhandle to get the vnode.
* WARNING: users of this routine must do a VN_RELE on the vnode when they
* are done with it.
*/
vnode_t *
{
int error;
"fhtovp_start");
"fhtovp_end:(%S)", "exi NULL");
return (NULL); /* not exported */
}
if (PUBLIC_FH2(fh)) {
"fhtovp_end:(%S)", "root not exported");
return (NULL);
}
return (vp);
}
"fhtovp_end:(%S)", "VFS_GET failed or vp NULL");
return (NULL);
}
"fhtovp_end:(%S)", "end");
return (vp);
}
/*
* Convert an fhandle into a vnode.
* Uses the file id (fh_len + fh_data) in the fhandle to get the vnode.
* WARNING: users of this routine must do a VN_RELE on the vnode when they
* are done with it.
* This is just like nfs_fhtovp() but without the exportinfo argument.
*/
vnode_t *
{
int error;
return (NULL);
return (NULL);
return (vp);
}
/*
* Convert an nfs_fh3 into a vnode.
* Uses the file id (fh_len + fh_data) in the file handle to get the vnode.
* WARNING: users of this routine must do a VN_RELE on the vnode when they
* are done with it.
*/
vnode_t *
{
int error;
return (NULL); /* not exported */
if (PUBLIC_FH3(fh)) {
return (NULL);
return (vp);
}
return (NULL);
return (NULL);
return (vp);
}
/*
* Convert an nfs_fh3 into a vnode.
* Uses the file id (fh_len + fh_data) in the file handle to get the vnode.
* WARNING: users of this routine must do a VN_RELE on the vnode when they
* are done with it.
* BTW: This is just like nfs3_fhtovp() but without the exportinfo arg.
* Also, vfsp is accessed through getvfs() rather using exportinfo !!
*/
vnode_t *
{
int error;
return (NULL);
return (NULL);
return (NULL);
return (vp);
}
/*
* Convert an nfs_fh4 into a vnode.
* Uses the file id (fh_len + fh_data) in the file handle to get the vnode.
* WARNING: users of this routine must do a VN_RELE on the vnode when they
* are done with it.
*/
vnode_t *
{
int error;
#ifdef VOLATILE_FH_TEST
uint32_t volatile_id = 0;
#endif /* VOLATILE_FH_TEST */
*statp = NFS4ERR_STALE;
return (NULL); /* not exported */
}
/* caller should have checked this */
#ifdef VOLATILE_FH_TEST
/* XXX check if volatile - should be changed later */
/*
* Filesystem is shared with volatile filehandles
*/
else
return (NULL);
}
}
/*
* XXX even if test_volatile_fh false, the fh may contain a
* volatile id if obtained when the test was set.
*/
#endif /* VOLATILE_FH_TEST */
/*
* If we can not get vp from VFS_VGET, perhaps this is
* Check it out.
*/
*statp = NFS4ERR_STALE;
return (NULL);
}
/* XXX - disgusting hack */
return (vp);
}
/*
* Find the export structure associated with the given filesystem.
* If found, then increment the ref count (exi_count).
*/
struct exportinfo *
{
struct exportinfo *exi;
/*
* If this is the place holder for the
* public file handle, then return the
* real export entry for the public file
* handle.
*/
exi = exi_public;
}
return (exi);
}
}
return (NULL);
}
/*
* "old school" version of checkexport() for NFS4. NFS4
* rfs4_compound holds exported_lock for duration of compound
* processing. This version doesn't manipulate exi_count
* since NFS4 breaks fundamental assumptions in the exi_count
* design.
*/
struct exportinfo *
{
struct exportinfo *exi;
/*
* If this is the place holder for the
* public file handle, then return the
* real export entry for the public file
* handle.
*/
exi = exi_public;
}
/*
* If vp is given, check if vp is the
* same vnode as the exported node.
*
* Since VOP_FID of a lofs node returns the
* fid of its real node (ufs), the exported
* node for lofs and (pseudo) ufs may have
* the same fsid and fid.
*/
return (exi);
}
}
return (NULL);
}
/*
* Free an entire export list node
*/
void
{
struct exportdata *ex;
struct charset_cache *cache;
/*
* if there is a character set mapping cached, clean it up.
*/
}
}
if (exi->exi_visible)
#ifdef VOLATILE_FH_TEST
#endif /* VOLATILE_FH_TEST */
}
/*
* load the index file from user space into kernel space.
*/
static int
{
int error;
/*
* copyinstr copies the complete string including the NULL and
* returns the len with the NULL byte included in the calculation
* as long as the max length is not exceeded.
*/
return (error);
return (0);
}
void
{
}
/*
* When a thread completes using exi, it should call exi_rele().
* exi_rele() decrements exi_count. It releases exi if exi_count == 0, i.e.
* if this is the last user of exi and exi is not on exportinfo list anymore
*/
void
{
} else
}
#ifdef VOLATILE_FH_TEST
/*
* Test for volatile fh's - add file handle to list and set its volatile id
* to time it was renamed. If EX_VOLFH is also on and the fs is reshared,
* the vol_rename queue is purged.
*
* XXX This code is for unit testing purposes only... To correctly use it, it
* needs to tie a rename list to the export struct and (more
* important), protect access to the exi rename list using a write lock.
*/
/*
* get the fh vol record if it's in the volatile on rename list. Don't check
* volatile_id in the file handle - compare only the file handles.
*/
static struct ex_vol_rename *
{
struct ex_vol_rename *p = NULL;
/* XXX shouldn't we assert &exported_lock held? */
return (NULL);
}
sizeof (fhandle4_t)) == 0)
break;
}
return (p);
}
/*
* get the volatile id for the fh (if there is - else return 0). Ignore the
* volatile_id in the file handle - compare only the file handles.
*/
static uint32_t
{
struct ex_vol_rename *p;
return (volatile_id);
}
/*
* Free the volatile on rename list - will be called if a filesystem is
* unshared or reshared without EX_VOLRNM
*/
static void
{
struct ex_vol_rename *p, *pnext;
/* no need to hold mutex lock - this one is called from exportfree */
kmem_free(p, sizeof (*p));
}
}
/*
* Add a file handle to the volatile on rename list.
*/
void
{
struct ex_vol_rename *p;
char fhbuf[NFS4_FHSIZE];
int error;
return;
}
if (p == NULL) {
p = kmem_alloc(sizeof (*p), KM_SLEEP);
exi->exi_vol_rename = p;
}
}
#endif /* VOLATILE_FH_TEST */