1
2
3
4
5
6
7
8
9
10
11#include <linux/exportfs.h>
12
13#include <linux/sunrpc/svcauth_gss.h>
14#include "nfsd.h"
15#include "vfs.h"
16#include "auth.h"
17#include "trace.h"
18
19#define NFSDDBG_FACILITY NFSDDBG_FH
20
21
22
23
24
25
26
27
28static int nfsd_acceptable(void *expv, struct dentry *dentry)
29{
30 struct svc_export *exp = expv;
31 int rv;
32 struct dentry *tdentry;
33 struct dentry *parent;
34
35 if (exp->ex_flags & NFSEXP_NOSUBTREECHECK)
36 return 1;
37
38 tdentry = dget(dentry);
39 while (tdentry != exp->ex_path.dentry && !IS_ROOT(tdentry)) {
40
41 int err;
42 parent = dget_parent(tdentry);
43 err = inode_permission(&init_user_ns,
44 d_inode(parent), MAY_EXEC);
45 if (err < 0) {
46 dput(parent);
47 break;
48 }
49 dput(tdentry);
50 tdentry = parent;
51 }
52 if (tdentry != exp->ex_path.dentry)
53 dprintk("nfsd_acceptable failed at %p %pd\n", tdentry, tdentry);
54 rv = (tdentry == exp->ex_path.dentry);
55 dput(tdentry);
56 return rv;
57}
58
59
60
61
62
63
64static inline __be32
65nfsd_mode_check(struct svc_rqst *rqstp, struct dentry *dentry,
66 umode_t requested)
67{
68 umode_t mode = d_inode(dentry)->i_mode & S_IFMT;
69
70 if (requested == 0)
71 return nfs_ok;
72 if (mode == requested) {
73 if (mode == S_IFDIR && !d_can_lookup(dentry)) {
74 WARN_ON_ONCE(1);
75 return nfserr_notdir;
76 }
77 return nfs_ok;
78 }
79
80
81
82
83 if (rqstp->rq_vers == 4 && mode == S_IFLNK)
84 return nfserr_symlink;
85 if (requested == S_IFDIR)
86 return nfserr_notdir;
87 if (mode == S_IFDIR)
88 return nfserr_isdir;
89 return nfserr_inval;
90}
91
92static bool nfsd_originating_port_ok(struct svc_rqst *rqstp, int flags)
93{
94 if (flags & NFSEXP_INSECURE_PORT)
95 return true;
96
97 if (rqstp->rq_cred.cr_flavor >= RPC_AUTH_GSS)
98 return true;
99 return test_bit(RQ_SECURE, &rqstp->rq_flags);
100}
101
102static __be32 nfsd_setuser_and_check_port(struct svc_rqst *rqstp,
103 struct svc_export *exp)
104{
105 int flags = nfsexp_flags(rqstp, exp);
106
107
108 if (!nfsd_originating_port_ok(rqstp, flags)) {
109 RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
110 dprintk("nfsd: request from insecure port %s!\n",
111 svc_print_addr(rqstp, buf, sizeof(buf)));
112 return nfserr_perm;
113 }
114
115
116 return nfserrno(nfsd_setuser(rqstp, exp));
117}
118
119static inline __be32 check_pseudo_root(struct svc_rqst *rqstp,
120 struct dentry *dentry, struct svc_export *exp)
121{
122 if (!(exp->ex_flags & NFSEXP_V4ROOT))
123 return nfs_ok;
124
125
126
127
128
129
130 if (!nfsd_v4client(rqstp))
131 return nfserr_stale;
132
133
134
135
136 if (unlikely(!d_is_dir(dentry) &&
137 !d_is_symlink(dentry)))
138 return nfserr_stale;
139
140
141
142
143
144 if (unlikely(dentry != exp->ex_path.dentry))
145 return nfserr_stale;
146 return nfs_ok;
147}
148
149
150
151
152
153
154static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct svc_fh *fhp)
155{
156 struct knfsd_fh *fh = &fhp->fh_handle;
157 struct fid *fid = NULL, sfid;
158 struct svc_export *exp;
159 struct dentry *dentry;
160 int fileid_type;
161 int data_left = fh->fh_size/4;
162 __be32 error;
163
164 error = nfserr_stale;
165 if (rqstp->rq_vers > 2)
166 error = nfserr_badhandle;
167 if (rqstp->rq_vers == 4 && fh->fh_size == 0)
168 return nfserr_nofilehandle;
169
170 if (fh->fh_version == 1) {
171 int len;
172
173 if (--data_left < 0)
174 return error;
175 if (fh->fh_auth_type != 0)
176 return error;
177 len = key_len(fh->fh_fsid_type) / 4;
178 if (len == 0)
179 return error;
180 if (fh->fh_fsid_type == FSID_MAJOR_MINOR) {
181
182 len = key_len(FSID_ENCODE_DEV)/4;
183 fh->fh_fsid_type = FSID_ENCODE_DEV;
184
185
186
187
188
189
190 fh->fh_fsid[0] = new_encode_dev(MKDEV(ntohl((__force __be32)fh->fh_fsid[0]),
191 ntohl((__force __be32)fh->fh_fsid[1])));
192 fh->fh_fsid[1] = fh->fh_fsid[2];
193 }
194 data_left -= len;
195 if (data_left < 0)
196 return error;
197 exp = rqst_exp_find(rqstp, fh->fh_fsid_type, fh->fh_fsid);
198 fid = (struct fid *)(fh->fh_fsid + len);
199 } else {
200 __u32 tfh[2];
201 dev_t xdev;
202 ino_t xino;
203
204 if (fh->fh_size != NFS_FHSIZE)
205 return error;
206
207 xdev = old_decode_dev(fh->ofh_xdev);
208 xino = u32_to_ino_t(fh->ofh_xino);
209 mk_fsid(FSID_DEV, tfh, xdev, xino, 0, NULL);
210 exp = rqst_exp_find(rqstp, FSID_DEV, tfh);
211 }
212
213 error = nfserr_stale;
214 if (IS_ERR(exp)) {
215 trace_nfsd_set_fh_dentry_badexport(rqstp, fhp, PTR_ERR(exp));
216
217 if (PTR_ERR(exp) == -ENOENT)
218 return error;
219
220 return nfserrno(PTR_ERR(exp));
221 }
222
223 if (exp->ex_flags & NFSEXP_NOSUBTREECHECK) {
224
225
226
227
228
229
230
231
232
233 struct cred *new = prepare_creds();
234 if (!new) {
235 error = nfserrno(-ENOMEM);
236 goto out;
237 }
238 new->cap_effective =
239 cap_raise_nfsd_set(new->cap_effective,
240 new->cap_permitted);
241 put_cred(override_creds(new));
242 put_cred(new);
243 } else {
244 error = nfsd_setuser_and_check_port(rqstp, exp);
245 if (error)
246 goto out;
247 }
248
249
250
251
252 error = nfserr_stale;
253 if (rqstp->rq_vers > 2)
254 error = nfserr_badhandle;
255
256 if (fh->fh_version != 1) {
257 sfid.i32.ino = fh->ofh_ino;
258 sfid.i32.gen = fh->ofh_generation;
259 sfid.i32.parent_ino = fh->ofh_dirino;
260 fid = &sfid;
261 data_left = 3;
262 if (fh->ofh_dirino == 0)
263 fileid_type = FILEID_INO32_GEN;
264 else
265 fileid_type = FILEID_INO32_GEN_PARENT;
266 } else
267 fileid_type = fh->fh_fileid_type;
268
269 if (fileid_type == FILEID_ROOT)
270 dentry = dget(exp->ex_path.dentry);
271 else {
272 dentry = exportfs_decode_fh_raw(exp->ex_path.mnt, fid,
273 data_left, fileid_type,
274 nfsd_acceptable, exp);
275 if (IS_ERR_OR_NULL(dentry)) {
276 trace_nfsd_set_fh_dentry_badhandle(rqstp, fhp,
277 dentry ? PTR_ERR(dentry) : -ESTALE);
278 switch (PTR_ERR(dentry)) {
279 case -ENOMEM:
280 case -ETIMEDOUT:
281 break;
282 default:
283 dentry = ERR_PTR(-ESTALE);
284 }
285 }
286 }
287 if (dentry == NULL)
288 goto out;
289 if (IS_ERR(dentry)) {
290 if (PTR_ERR(dentry) != -EINVAL)
291 error = nfserrno(PTR_ERR(dentry));
292 goto out;
293 }
294
295 if (d_is_dir(dentry) &&
296 (dentry->d_flags & DCACHE_DISCONNECTED)) {
297 printk("nfsd: find_fh_dentry returned a DISCONNECTED directory: %pd2\n",
298 dentry);
299 }
300
301 fhp->fh_dentry = dentry;
302 fhp->fh_export = exp;
303
304 switch (rqstp->rq_vers) {
305 case 4:
306 if (dentry->d_sb->s_export_op->flags & EXPORT_OP_NOATOMIC_ATTR)
307 fhp->fh_no_atomic_attr = true;
308 break;
309 case 3:
310 if (dentry->d_sb->s_export_op->flags & EXPORT_OP_NOWCC)
311 fhp->fh_no_wcc = true;
312 break;
313 case 2:
314 fhp->fh_no_wcc = true;
315 }
316
317 return 0;
318out:
319 exp_put(exp);
320 return error;
321}
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350__be32
351fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, umode_t type, int access)
352{
353 struct svc_export *exp = NULL;
354 struct dentry *dentry;
355 __be32 error;
356
357 dprintk("nfsd: fh_verify(%s)\n", SVCFH_fmt(fhp));
358
359 if (!fhp->fh_dentry) {
360 error = nfsd_set_fh_dentry(rqstp, fhp);
361 if (error)
362 goto out;
363 }
364 dentry = fhp->fh_dentry;
365 exp = fhp->fh_export;
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382 error = check_pseudo_root(rqstp, dentry, exp);
383 if (error)
384 goto out;
385
386 error = nfsd_setuser_and_check_port(rqstp, exp);
387 if (error)
388 goto out;
389
390 error = nfsd_mode_check(rqstp, dentry, type);
391 if (error)
392 goto out;
393
394
395
396
397
398
399 if (access & NFSD_MAY_LOCK || access & NFSD_MAY_BYPASS_GSS)
400 goto skip_pseudoflavor_check;
401
402
403
404
405
406 if (access & NFSD_MAY_BYPASS_GSS_ON_ROOT
407 && exp->ex_path.dentry == dentry)
408 goto skip_pseudoflavor_check;
409
410 error = check_nfsd_access(exp, rqstp);
411 if (error)
412 goto out;
413
414skip_pseudoflavor_check:
415
416 error = nfsd_permission(rqstp, exp, dentry, access);
417
418 if (error) {
419 dprintk("fh_verify: %pd2 permission failure, "
420 "acc=%x, error=%d\n",
421 dentry,
422 access, ntohl(error));
423 }
424out:
425 if (error == nfserr_stale)
426 nfsd_stats_fh_stale_inc(exp);
427 return error;
428}
429
430
431
432
433
434
435
436
437
438static void _fh_update(struct svc_fh *fhp, struct svc_export *exp,
439 struct dentry *dentry)
440{
441 if (dentry != exp->ex_path.dentry) {
442 struct fid *fid = (struct fid *)
443 (fhp->fh_handle.fh_fsid + fhp->fh_handle.fh_size/4 - 1);
444 int maxsize = (fhp->fh_maxsize - fhp->fh_handle.fh_size)/4;
445 int subtreecheck = !(exp->ex_flags & NFSEXP_NOSUBTREECHECK);
446
447 fhp->fh_handle.fh_fileid_type =
448 exportfs_encode_fh(dentry, fid, &maxsize, subtreecheck);
449 fhp->fh_handle.fh_size += maxsize * 4;
450 } else {
451 fhp->fh_handle.fh_fileid_type = FILEID_ROOT;
452 }
453}
454
455
456
457
458static inline void _fh_update_old(struct dentry *dentry,
459 struct svc_export *exp,
460 struct knfsd_fh *fh)
461{
462 fh->ofh_ino = ino_t_to_u32(d_inode(dentry)->i_ino);
463 fh->ofh_generation = d_inode(dentry)->i_generation;
464 if (d_is_dir(dentry) ||
465 (exp->ex_flags & NFSEXP_NOSUBTREECHECK))
466 fh->ofh_dirino = 0;
467}
468
469static bool is_root_export(struct svc_export *exp)
470{
471 return exp->ex_path.dentry == exp->ex_path.dentry->d_sb->s_root;
472}
473
474static struct super_block *exp_sb(struct svc_export *exp)
475{
476 return exp->ex_path.dentry->d_sb;
477}
478
479static bool fsid_type_ok_for_exp(u8 fsid_type, struct svc_export *exp)
480{
481 switch (fsid_type) {
482 case FSID_DEV:
483 if (!old_valid_dev(exp_sb(exp)->s_dev))
484 return false;
485 fallthrough;
486 case FSID_MAJOR_MINOR:
487 case FSID_ENCODE_DEV:
488 return exp_sb(exp)->s_type->fs_flags & FS_REQUIRES_DEV;
489 case FSID_NUM:
490 return exp->ex_flags & NFSEXP_FSID;
491 case FSID_UUID8:
492 case FSID_UUID16:
493 if (!is_root_export(exp))
494 return false;
495 fallthrough;
496 case FSID_UUID4_INUM:
497 case FSID_UUID16_INUM:
498 return exp->ex_uuid != NULL;
499 }
500 return true;
501}
502
503
504static void set_version_and_fsid_type(struct svc_fh *fhp, struct svc_export *exp, struct svc_fh *ref_fh)
505{
506 u8 version;
507 u8 fsid_type;
508retry:
509 version = 1;
510 if (ref_fh && ref_fh->fh_export == exp) {
511 version = ref_fh->fh_handle.fh_version;
512 fsid_type = ref_fh->fh_handle.fh_fsid_type;
513
514 ref_fh = NULL;
515
516 switch (version) {
517 case 0xca:
518 fsid_type = FSID_DEV;
519 break;
520 case 1:
521 break;
522 default:
523 goto retry;
524 }
525
526
527
528
529
530
531
532 if (!fsid_type_ok_for_exp(fsid_type, exp))
533 goto retry;
534 } else if (exp->ex_flags & NFSEXP_FSID) {
535 fsid_type = FSID_NUM;
536 } else if (exp->ex_uuid) {
537 if (fhp->fh_maxsize >= 64) {
538 if (is_root_export(exp))
539 fsid_type = FSID_UUID16;
540 else
541 fsid_type = FSID_UUID16_INUM;
542 } else {
543 if (is_root_export(exp))
544 fsid_type = FSID_UUID8;
545 else
546 fsid_type = FSID_UUID4_INUM;
547 }
548 } else if (!old_valid_dev(exp_sb(exp)->s_dev))
549
550 fsid_type = FSID_ENCODE_DEV;
551 else
552 fsid_type = FSID_DEV;
553 fhp->fh_handle.fh_version = version;
554 if (version)
555 fhp->fh_handle.fh_fsid_type = fsid_type;
556}
557
558__be32
559fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
560 struct svc_fh *ref_fh)
561{
562
563
564
565
566
567
568
569
570 struct inode * inode = d_inode(dentry);
571 dev_t ex_dev = exp_sb(exp)->s_dev;
572
573 dprintk("nfsd: fh_compose(exp %02x:%02x/%ld %pd2, ino=%ld)\n",
574 MAJOR(ex_dev), MINOR(ex_dev),
575 (long) d_inode(exp->ex_path.dentry)->i_ino,
576 dentry,
577 (inode ? inode->i_ino : 0));
578
579
580
581
582
583 set_version_and_fsid_type(fhp, exp, ref_fh);
584
585
586 fhp->fh_no_wcc = ref_fh ? ref_fh->fh_no_wcc : false;
587
588 if (ref_fh == fhp)
589 fh_put(ref_fh);
590
591 if (fhp->fh_locked || fhp->fh_dentry) {
592 printk(KERN_ERR "fh_compose: fh %pd2 not initialized!\n",
593 dentry);
594 }
595 if (fhp->fh_maxsize < NFS_FHSIZE)
596 printk(KERN_ERR "fh_compose: called with maxsize %d! %pd2\n",
597 fhp->fh_maxsize,
598 dentry);
599
600 fhp->fh_dentry = dget(dentry);
601 fhp->fh_export = exp_get(exp);
602
603 if (fhp->fh_handle.fh_version == 0xca) {
604
605 memset(&fhp->fh_handle.fh_base, 0, NFS_FHSIZE);
606 fhp->fh_handle.fh_size = NFS_FHSIZE;
607 fhp->fh_handle.ofh_dcookie = 0xfeebbaca;
608 fhp->fh_handle.ofh_dev = old_encode_dev(ex_dev);
609 fhp->fh_handle.ofh_xdev = fhp->fh_handle.ofh_dev;
610 fhp->fh_handle.ofh_xino =
611 ino_t_to_u32(d_inode(exp->ex_path.dentry)->i_ino);
612 fhp->fh_handle.ofh_dirino = ino_t_to_u32(parent_ino(dentry));
613 if (inode)
614 _fh_update_old(dentry, exp, &fhp->fh_handle);
615 } else {
616 fhp->fh_handle.fh_size =
617 key_len(fhp->fh_handle.fh_fsid_type) + 4;
618 fhp->fh_handle.fh_auth_type = 0;
619
620 mk_fsid(fhp->fh_handle.fh_fsid_type,
621 fhp->fh_handle.fh_fsid,
622 ex_dev,
623 d_inode(exp->ex_path.dentry)->i_ino,
624 exp->ex_fsid, exp->ex_uuid);
625
626 if (inode)
627 _fh_update(fhp, exp, dentry);
628 if (fhp->fh_handle.fh_fileid_type == FILEID_INVALID) {
629 fh_put(fhp);
630 return nfserr_opnotsupp;
631 }
632 }
633
634 return 0;
635}
636
637
638
639
640
641__be32
642fh_update(struct svc_fh *fhp)
643{
644 struct dentry *dentry;
645
646 if (!fhp->fh_dentry)
647 goto out_bad;
648
649 dentry = fhp->fh_dentry;
650 if (d_really_is_negative(dentry))
651 goto out_negative;
652 if (fhp->fh_handle.fh_version != 1) {
653 _fh_update_old(dentry, fhp->fh_export, &fhp->fh_handle);
654 } else {
655 if (fhp->fh_handle.fh_fileid_type != FILEID_ROOT)
656 return 0;
657
658 _fh_update(fhp, fhp->fh_export, dentry);
659 if (fhp->fh_handle.fh_fileid_type == FILEID_INVALID)
660 return nfserr_opnotsupp;
661 }
662 return 0;
663out_bad:
664 printk(KERN_ERR "fh_update: fh not verified!\n");
665 return nfserr_serverfault;
666out_negative:
667 printk(KERN_ERR "fh_update: %pd2 still negative!\n",
668 dentry);
669 return nfserr_serverfault;
670}
671
672
673
674
675void
676fh_put(struct svc_fh *fhp)
677{
678 struct dentry * dentry = fhp->fh_dentry;
679 struct svc_export * exp = fhp->fh_export;
680 if (dentry) {
681 fh_unlock(fhp);
682 fhp->fh_dentry = NULL;
683 dput(dentry);
684 fh_clear_wcc(fhp);
685 }
686 fh_drop_write(fhp);
687 if (exp) {
688 exp_put(exp);
689 fhp->fh_export = NULL;
690 }
691 fhp->fh_no_wcc = false;
692 return;
693}
694
695
696
697
698char * SVCFH_fmt(struct svc_fh *fhp)
699{
700 struct knfsd_fh *fh = &fhp->fh_handle;
701
702 static char buf[80];
703 sprintf(buf, "%d: %08x %08x %08x %08x %08x %08x",
704 fh->fh_size,
705 fh->fh_base.fh_pad[0],
706 fh->fh_base.fh_pad[1],
707 fh->fh_base.fh_pad[2],
708 fh->fh_base.fh_pad[3],
709 fh->fh_base.fh_pad[4],
710 fh->fh_base.fh_pad[5]);
711 return buf;
712}
713
714enum fsid_source fsid_source(const struct svc_fh *fhp)
715{
716 if (fhp->fh_handle.fh_version != 1)
717 return FSIDSOURCE_DEV;
718 switch(fhp->fh_handle.fh_fsid_type) {
719 case FSID_DEV:
720 case FSID_ENCODE_DEV:
721 case FSID_MAJOR_MINOR:
722 if (exp_sb(fhp->fh_export)->s_type->fs_flags & FS_REQUIRES_DEV)
723 return FSIDSOURCE_DEV;
724 break;
725 case FSID_NUM:
726 if (fhp->fh_export->ex_flags & NFSEXP_FSID)
727 return FSIDSOURCE_FSID;
728 break;
729 default:
730 break;
731 }
732
733
734
735 if (fhp->fh_export->ex_flags & NFSEXP_FSID)
736 return FSIDSOURCE_FSID;
737 if (fhp->fh_export->ex_uuid)
738 return FSIDSOURCE_UUID;
739 return FSIDSOURCE_DEV;
740}
741