linux/fs/nfsd/nfs4xdr.c
<<
>>
Prefs 
   1/*
   2 *  Server-side XDR for NFSv4
   3 *
   4 *  Copyright (c) 2002 The Regents of the University of Michigan.
   5 *  All rights reserved.
   6 *
   7 *  Kendrick Smith <kmsmith@umich.edu>
   8 *  Andy Adamson   <andros@umich.edu>
   9 *
  10 *  Redistribution and use in source and binary forms, with or without
  11 *  modification, are permitted provided that the following conditions
  12 *  are met:
  13 *
  14 *  1. Redistributions of source code must retain the above copyright
  15 *     notice, this list of conditions and the following disclaimer.
  16 *  2. Redistributions in binary form must reproduce the above copyright
  17 *     notice, this list of conditions and the following disclaimer in the
  18 *     documentation and/or other materials provided with the distribution.
  19 *  3. Neither the name of the University nor the names of its
  20 *     contributors may be used to endorse or promote products derived
  21 *     from this software without specific prior written permission.
  22 *
  23 *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  24 *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  25 *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  26 *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  27 *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  28 *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  29 *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  30 *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  31 *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  32 *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  33 *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  34 */
  35
  36#include <linux/file.h>
  37#include <linux/slab.h>
  38#include <linux/namei.h>
  39#include <linux/statfs.h>
  40#include <linux/utsname.h>
  41#include <linux/pagemap.h>
  42#include <linux/sunrpc/svcauth_gss.h>
  43#include <linux/sunrpc/addr.h>
  44#include <linux/xattr.h>
  45#include <uapi/linux/xattr.h>
  46
  47#include "idmap.h"
  48#include "acl.h"
  49#include "xdr4.h"
  50#include "vfs.h"
  51#include "state.h"
  52#include "cache.h"
  53#include "netns.h"
  54#include "pnfs.h"
  55#include "filecache.h"
  56
  57#include "trace.h"
  58
  59#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
  60#include <linux/security.h>
  61#endif
  62
  63
  64#define NFSDDBG_FACILITY                NFSDDBG_XDR
  65
  66const u32 nfsd_suppattrs[3][3] = {
  67        {NFSD4_SUPPORTED_ATTRS_WORD0,
  68         NFSD4_SUPPORTED_ATTRS_WORD1,
  69         NFSD4_SUPPORTED_ATTRS_WORD2},
  70
  71        {NFSD4_1_SUPPORTED_ATTRS_WORD0,
  72         NFSD4_1_SUPPORTED_ATTRS_WORD1,
  73         NFSD4_1_SUPPORTED_ATTRS_WORD2},
  74
  75        {NFSD4_1_SUPPORTED_ATTRS_WORD0,
  76         NFSD4_1_SUPPORTED_ATTRS_WORD1,
  77         NFSD4_2_SUPPORTED_ATTRS_WORD2},
  78};
  79
  80/*
  81 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing
  82 * directory in order to indicate to the client that a filesystem boundary is present
  83 * We use a fixed fsid for a referral
  84 */
  85#define NFS4_REFERRAL_FSID_MAJOR        0x8000000ULL
  86#define NFS4_REFERRAL_FSID_MINOR        0x8000000ULL
  87
  88static __be32
  89check_filename(char *str, int len)
  90{
  91        int i;
  92
  93        if (len == 0)
  94                return nfserr_inval;
  95        if (len > NFS4_MAXNAMLEN)
  96                return nfserr_nametoolong;
  97        if (isdotent(str, len))
  98                return nfserr_badname;
  99        for (i = 0; i < len; i++)
 100                if (str[i] == '/')
 101                        return nfserr_badname;
 102        return 0;
 103}
 104
 105static int zero_clientid(clientid_t *clid)
 106{
 107        return (clid->cl_boot == 0) && (clid->cl_id == 0);
 108}
 109
 110/**
 111 * svcxdr_tmpalloc - allocate memory to be freed after compound processing
 112 * @argp: NFSv4 compound argument structure
 113 * @len: length of buffer to allocate
 114 *
 115 * Allocates a buffer of size @len to be freed when processing the compound
 116 * operation described in @argp finishes.
 117 */
 118static void *
 119svcxdr_tmpalloc(struct nfsd4_compoundargs *argp, u32 len)
 120{
 121        struct svcxdr_tmpbuf *tb;
 122
 123        tb = kmalloc(sizeof(*tb) + len, GFP_KERNEL);
 124        if (!tb)
 125                return NULL;
 126        tb->next = argp->to_free;
 127        argp->to_free = tb;
 128        return tb->buf;
 129}
 130
 131/*
 132 * For xdr strings that need to be passed to other kernel api's
 133 * as null-terminated strings.
 134 *
 135 * Note null-terminating in place usually isn't safe since the
 136 * buffer might end on a page boundary.
 137 */
 138static char *
 139svcxdr_dupstr(struct nfsd4_compoundargs *argp, void *buf, u32 len)
 140{
 141        char *p = svcxdr_tmpalloc(argp, len + 1);
 142
 143        if (!p)
 144                return NULL;
 145        memcpy(p, buf, len);
 146        p[len] = '\0';
 147        return p;
 148}
 149
 150static void *
 151svcxdr_savemem(struct nfsd4_compoundargs *argp, __be32 *p, u32 len)
 152{
 153        __be32 *tmp;
 154
 155        /*
 156         * The location of the decoded data item is stable,
 157         * so @p is OK to use. This is the common case.
 158         */
 159        if (p != argp->xdr->scratch.iov_base)
 160                return p;
 161
 162        tmp = svcxdr_tmpalloc(argp, len);
 163        if (!tmp)
 164                return NULL;
 165        memcpy(tmp, p, len);
 166        return tmp;
 167}
 168
 169/*
 170 * NFSv4 basic data type decoders
 171 */
 172
 173/*
 174 * This helper handles variable-length opaques which belong to protocol
 175 * elements that this implementation does not support.
 176 */
 177static __be32
 178nfsd4_decode_ignored_string(struct nfsd4_compoundargs *argp, u32 maxlen)
 179{
 180        u32 len;
 181
 182        if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 183                return nfserr_bad_xdr;
 184        if (maxlen && len > maxlen)
 185                return nfserr_bad_xdr;
 186        if (!xdr_inline_decode(argp->xdr, len))
 187                return nfserr_bad_xdr;
 188
 189        return nfs_ok;
 190}
 191
 192static __be32
 193nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o)
 194{
 195        __be32 *p;
 196        u32 len;
 197
 198        if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 199                return nfserr_bad_xdr;
 200        if (len == 0 || len > NFS4_OPAQUE_LIMIT)
 201                return nfserr_bad_xdr;
 202        p = xdr_inline_decode(argp->xdr, len);
 203        if (!p)
 204                return nfserr_bad_xdr;
 205        o->data = svcxdr_savemem(argp, p, len);
 206        if (!o->data)
 207                return nfserr_jukebox;
 208        o->len = len;
 209
 210        return nfs_ok;
 211}
 212
 213static __be32
 214nfsd4_decode_component4(struct nfsd4_compoundargs *argp, char **namp, u32 *lenp)
 215{
 216        __be32 *p, status;
 217
 218        if (xdr_stream_decode_u32(argp->xdr, lenp) < 0)
 219                return nfserr_bad_xdr;
 220        p = xdr_inline_decode(argp->xdr, *lenp);
 221        if (!p)
 222                return nfserr_bad_xdr;
 223        status = check_filename((char *)p, *lenp);
 224        if (status)
 225                return status;
 226        *namp = svcxdr_savemem(argp, p, *lenp);
 227        if (!*namp)
 228                return nfserr_jukebox;
 229
 230        return nfs_ok;
 231}
 232
 233static __be32
 234nfsd4_decode_nfstime4(struct nfsd4_compoundargs *argp, struct timespec64 *tv)
 235{
 236        __be32 *p;
 237
 238        p = xdr_inline_decode(argp->xdr, XDR_UNIT * 3);
 239        if (!p)
 240                return nfserr_bad_xdr;
 241        p = xdr_decode_hyper(p, &tv->tv_sec);
 242        tv->tv_nsec = be32_to_cpup(p++);
 243        if (tv->tv_nsec >= (u32)1000000000)
 244                return nfserr_inval;
 245        return nfs_ok;
 246}
 247
 248static __be32
 249nfsd4_decode_verifier4(struct nfsd4_compoundargs *argp, nfs4_verifier *verf)
 250{
 251        __be32 *p;
 252
 253        p = xdr_inline_decode(argp->xdr, NFS4_VERIFIER_SIZE);
 254        if (!p)
 255                return nfserr_bad_xdr;
 256        memcpy(verf->data, p, sizeof(verf->data));
 257        return nfs_ok;
 258}
 259
 260/**
 261 * nfsd4_decode_bitmap4 - Decode an NFSv4 bitmap4
 262 * @argp: NFSv4 compound argument structure
 263 * @bmval: pointer to an array of u32's to decode into
 264 * @bmlen: size of the @bmval array
 265 *
 266 * The server needs to return nfs_ok rather than nfserr_bad_xdr when
 267 * encountering bitmaps containing bits it does not recognize. This
 268 * includes bits in bitmap words past WORDn, where WORDn is the last
 269 * bitmap WORD the implementation currently supports. Thus we are
 270 * careful here to simply ignore bits in bitmap words that this
 271 * implementation has yet to support explicitly.
 272 *
 273 * Return values:
 274 *   %nfs_ok: @bmval populated successfully
 275 *   %nfserr_bad_xdr: the encoded bitmap was invalid
 276 */
 277static __be32
 278nfsd4_decode_bitmap4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen)
 279{
 280        ssize_t status;
 281
 282        status = xdr_stream_decode_uint32_array(argp->xdr, bmval, bmlen);
 283        return status == -EBADMSG ? nfserr_bad_xdr : nfs_ok;
 284}
 285
 286static __be32
 287nfsd4_decode_nfsace4(struct nfsd4_compoundargs *argp, struct nfs4_ace *ace)
 288{
 289        __be32 *p, status;
 290        u32 length;
 291
 292        if (xdr_stream_decode_u32(argp->xdr, &ace->type) < 0)
 293                return nfserr_bad_xdr;
 294        if (xdr_stream_decode_u32(argp->xdr, &ace->flag) < 0)
 295                return nfserr_bad_xdr;
 296        if (xdr_stream_decode_u32(argp->xdr, &ace->access_mask) < 0)
 297                return nfserr_bad_xdr;
 298
 299        if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 300                return nfserr_bad_xdr;
 301        p = xdr_inline_decode(argp->xdr, length);
 302        if (!p)
 303                return nfserr_bad_xdr;
 304        ace->whotype = nfs4_acl_get_whotype((char *)p, length);
 305        if (ace->whotype != NFS4_ACL_WHO_NAMED)
 306                status = nfs_ok;
 307        else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
 308                status = nfsd_map_name_to_gid(argp->rqstp,
 309                                (char *)p, length, &ace->who_gid);
 310        else
 311                status = nfsd_map_name_to_uid(argp->rqstp,
 312                                (char *)p, length, &ace->who_uid);
 313
 314        return status;
 315}
 316
 317/* A counted array of nfsace4's */
 318static noinline __be32
 319nfsd4_decode_acl(struct nfsd4_compoundargs *argp, struct nfs4_acl **acl)
 320{
 321        struct nfs4_ace *ace;
 322        __be32 status;
 323        u32 count;
 324
 325        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
 326                return nfserr_bad_xdr;
 327
 328        if (count > xdr_stream_remaining(argp->xdr) / 20)
 329                /*
 330                 * Even with 4-byte names there wouldn't be
 331                 * space for that many aces; something fishy is
 332                 * going on:
 333                 */
 334                return nfserr_fbig;
 335
 336        *acl = svcxdr_tmpalloc(argp, nfs4_acl_bytes(count));
 337        if (*acl == NULL)
 338                return nfserr_jukebox;
 339
 340        (*acl)->naces = count;
 341        for (ace = (*acl)->aces; ace < (*acl)->aces + count; ace++) {
 342                status = nfsd4_decode_nfsace4(argp, ace);
 343                if (status)
 344                        return status;
 345        }
 346
 347        return nfs_ok;
 348}
 349
 350static noinline __be32
 351nfsd4_decode_security_label(struct nfsd4_compoundargs *argp,
 352                            struct xdr_netobj *label)
 353{
 354        u32 lfs, pi, length;
 355        __be32 *p;
 356
 357        if (xdr_stream_decode_u32(argp->xdr, &lfs) < 0)
 358                return nfserr_bad_xdr;
 359        if (xdr_stream_decode_u32(argp->xdr, &pi) < 0)
 360                return nfserr_bad_xdr;
 361
 362        if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 363                return nfserr_bad_xdr;
 364        if (length > NFS4_MAXLABELLEN)
 365                return nfserr_badlabel;
 366        p = xdr_inline_decode(argp->xdr, length);
 367        if (!p)
 368                return nfserr_bad_xdr;
 369        label->len = length;
 370        label->data = svcxdr_dupstr(argp, p, length);
 371        if (!label->data)
 372                return nfserr_jukebox;
 373
 374        return nfs_ok;
 375}
 376
 377static __be32
 378nfsd4_decode_fattr4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen,
 379                    struct iattr *iattr, struct nfs4_acl **acl,
 380                    struct xdr_netobj *label, int *umask)
 381{
 382        unsigned int starting_pos;
 383        u32 attrlist4_count;
 384        __be32 *p, status;
 385
 386        iattr->ia_valid = 0;
 387        status = nfsd4_decode_bitmap4(argp, bmval, bmlen);
 388        if (status)
 389                return nfserr_bad_xdr;
 390
 391        if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0
 392            || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1
 393            || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) {
 394                if (nfsd_attrs_supported(argp->minorversion, bmval))
 395                        return nfserr_inval;
 396                return nfserr_attrnotsupp;
 397        }
 398
 399        if (xdr_stream_decode_u32(argp->xdr, &attrlist4_count) < 0)
 400                return nfserr_bad_xdr;
 401        starting_pos = xdr_stream_pos(argp->xdr);
 402
 403        if (bmval[0] & FATTR4_WORD0_SIZE) {
 404                u64 size;
 405
 406                if (xdr_stream_decode_u64(argp->xdr, &size) < 0)
 407                        return nfserr_bad_xdr;
 408                iattr->ia_size = size;
 409                iattr->ia_valid |= ATTR_SIZE;
 410        }
 411        if (bmval[0] & FATTR4_WORD0_ACL) {
 412                status = nfsd4_decode_acl(argp, acl);
 413                if (status)
 414                        return status;
 415        } else
 416                *acl = NULL;
 417        if (bmval[1] & FATTR4_WORD1_MODE) {
 418                u32 mode;
 419
 420                if (xdr_stream_decode_u32(argp->xdr, &mode) < 0)
 421                        return nfserr_bad_xdr;
 422                iattr->ia_mode = mode;
 423                iattr->ia_mode &= (S_IFMT | S_IALLUGO);
 424                iattr->ia_valid |= ATTR_MODE;
 425        }
 426        if (bmval[1] & FATTR4_WORD1_OWNER) {
 427                u32 length;
 428
 429                if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 430                        return nfserr_bad_xdr;
 431                p = xdr_inline_decode(argp->xdr, length);
 432                if (!p)
 433                        return nfserr_bad_xdr;
 434                status = nfsd_map_name_to_uid(argp->rqstp, (char *)p, length,
 435                                              &iattr->ia_uid);
 436                if (status)
 437                        return status;
 438                iattr->ia_valid |= ATTR_UID;
 439        }
 440        if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) {
 441                u32 length;
 442
 443                if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 444                        return nfserr_bad_xdr;
 445                p = xdr_inline_decode(argp->xdr, length);
 446                if (!p)
 447                        return nfserr_bad_xdr;
 448                status = nfsd_map_name_to_gid(argp->rqstp, (char *)p, length,
 449                                              &iattr->ia_gid);
 450                if (status)
 451                        return status;
 452                iattr->ia_valid |= ATTR_GID;
 453        }
 454        if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) {
 455                u32 set_it;
 456
 457                if (xdr_stream_decode_u32(argp->xdr, &set_it) < 0)
 458                        return nfserr_bad_xdr;
 459                switch (set_it) {
 460                case NFS4_SET_TO_CLIENT_TIME:
 461                        status = nfsd4_decode_nfstime4(argp, &iattr->ia_atime);
 462                        if (status)
 463                                return status;
 464                        iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);
 465                        break;
 466                case NFS4_SET_TO_SERVER_TIME:
 467                        iattr->ia_valid |= ATTR_ATIME;
 468                        break;
 469                default:
 470                        return nfserr_bad_xdr;
 471                }
 472        }
 473        if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) {
 474                u32 set_it;
 475
 476                if (xdr_stream_decode_u32(argp->xdr, &set_it) < 0)
 477                        return nfserr_bad_xdr;
 478                switch (set_it) {
 479                case NFS4_SET_TO_CLIENT_TIME:
 480                        status = nfsd4_decode_nfstime4(argp, &iattr->ia_mtime);
 481                        if (status)
 482                                return status;
 483                        iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET);
 484                        break;
 485                case NFS4_SET_TO_SERVER_TIME:
 486                        iattr->ia_valid |= ATTR_MTIME;
 487                        break;
 488                default:
 489                        return nfserr_bad_xdr;
 490                }
 491        }
 492        label->len = 0;
 493        if (IS_ENABLED(CONFIG_NFSD_V4_SECURITY_LABEL) &&
 494            bmval[2] & FATTR4_WORD2_SECURITY_LABEL) {
 495                status = nfsd4_decode_security_label(argp, label);
 496                if (status)
 497                        return status;
 498        }
 499        if (bmval[2] & FATTR4_WORD2_MODE_UMASK) {
 500                u32 mode, mask;
 501
 502                if (!umask)
 503                        return nfserr_bad_xdr;
 504                if (xdr_stream_decode_u32(argp->xdr, &mode) < 0)
 505                        return nfserr_bad_xdr;
 506                iattr->ia_mode = mode & (S_IFMT | S_IALLUGO);
 507                if (xdr_stream_decode_u32(argp->xdr, &mask) < 0)
 508                        return nfserr_bad_xdr;
 509                *umask = mask & S_IRWXUGO;
 510                iattr->ia_valid |= ATTR_MODE;
 511        }
 512
 513        /* request sanity: did attrlist4 contain the expected number of words? */
 514        if (attrlist4_count != xdr_stream_pos(argp->xdr) - starting_pos)
 515                return nfserr_bad_xdr;
 516
 517        return nfs_ok;
 518}
 519
 520static __be32
 521nfsd4_decode_stateid4(struct nfsd4_compoundargs *argp, stateid_t *sid)
 522{
 523        __be32 *p;
 524
 525        p = xdr_inline_decode(argp->xdr, NFS4_STATEID_SIZE);
 526        if (!p)
 527                return nfserr_bad_xdr;
 528        sid->si_generation = be32_to_cpup(p++);
 529        memcpy(&sid->si_opaque, p, sizeof(sid->si_opaque));
 530        return nfs_ok;
 531}
 532
 533static __be32
 534nfsd4_decode_clientid4(struct nfsd4_compoundargs *argp, clientid_t *clientid)
 535{
 536        __be32 *p;
 537
 538        p = xdr_inline_decode(argp->xdr, sizeof(__be64));
 539        if (!p)
 540                return nfserr_bad_xdr;
 541        memcpy(clientid, p, sizeof(*clientid));
 542        return nfs_ok;
 543}
 544
 545static __be32
 546nfsd4_decode_state_owner4(struct nfsd4_compoundargs *argp,
 547                          clientid_t *clientid, struct xdr_netobj *owner)
 548{
 549        __be32 status;
 550
 551        status = nfsd4_decode_clientid4(argp, clientid);
 552        if (status)
 553                return status;
 554        return nfsd4_decode_opaque(argp, owner);
 555}
 556
 557#ifdef CONFIG_NFSD_PNFS
 558static __be32
 559nfsd4_decode_deviceid4(struct nfsd4_compoundargs *argp,
 560                       struct nfsd4_deviceid *devid)
 561{
 562        __be32 *p;
 563
 564        p = xdr_inline_decode(argp->xdr, NFS4_DEVICEID4_SIZE);
 565        if (!p)
 566                return nfserr_bad_xdr;
 567        memcpy(devid, p, sizeof(*devid));
 568        return nfs_ok;
 569}
 570
 571static __be32
 572nfsd4_decode_layoutupdate4(struct nfsd4_compoundargs *argp,
 573                           struct nfsd4_layoutcommit *lcp)
 574{
 575        if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_layout_type) < 0)
 576                return nfserr_bad_xdr;
 577        if (lcp->lc_layout_type < LAYOUT_NFSV4_1_FILES)
 578                return nfserr_bad_xdr;
 579        if (lcp->lc_layout_type >= LAYOUT_TYPE_MAX)
 580                return nfserr_bad_xdr;
 581
 582        if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_up_len) < 0)
 583                return nfserr_bad_xdr;
 584        if (lcp->lc_up_len > 0) {
 585                lcp->lc_up_layout = xdr_inline_decode(argp->xdr, lcp->lc_up_len);
 586                if (!lcp->lc_up_layout)
 587                        return nfserr_bad_xdr;
 588        }
 589
 590        return nfs_ok;
 591}
 592
 593static __be32
 594nfsd4_decode_layoutreturn4(struct nfsd4_compoundargs *argp,
 595                           struct nfsd4_layoutreturn *lrp)
 596{
 597        __be32 status;
 598
 599        if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_return_type) < 0)
 600                return nfserr_bad_xdr;
 601        switch (lrp->lr_return_type) {
 602        case RETURN_FILE:
 603                if (xdr_stream_decode_u64(argp->xdr, &lrp->lr_seg.offset) < 0)
 604                        return nfserr_bad_xdr;
 605                if (xdr_stream_decode_u64(argp->xdr, &lrp->lr_seg.length) < 0)
 606                        return nfserr_bad_xdr;
 607                status = nfsd4_decode_stateid4(argp, &lrp->lr_sid);
 608                if (status)
 609                        return status;
 610                if (xdr_stream_decode_u32(argp->xdr, &lrp->lrf_body_len) < 0)
 611                        return nfserr_bad_xdr;
 612                if (lrp->lrf_body_len > 0) {
 613                        lrp->lrf_body = xdr_inline_decode(argp->xdr, lrp->lrf_body_len);
 614                        if (!lrp->lrf_body)
 615                                return nfserr_bad_xdr;
 616                }
 617                break;
 618        case RETURN_FSID:
 619        case RETURN_ALL:
 620                lrp->lr_seg.offset = 0;
 621                lrp->lr_seg.length = NFS4_MAX_UINT64;
 622                break;
 623        default:
 624                return nfserr_bad_xdr;
 625        }
 626
 627        return nfs_ok;
 628}
 629
 630#endif /* CONFIG_NFSD_PNFS */
 631
 632static __be32
 633nfsd4_decode_sessionid4(struct nfsd4_compoundargs *argp,
 634                        struct nfs4_sessionid *sessionid)
 635{
 636        __be32 *p;
 637
 638        p = xdr_inline_decode(argp->xdr, NFS4_MAX_SESSIONID_LEN);
 639        if (!p)
 640                return nfserr_bad_xdr;
 641        memcpy(sessionid->data, p, sizeof(sessionid->data));
 642        return nfs_ok;
 643}
 644
 645/* Defined in Appendix A of RFC 5531 */
 646static __be32
 647nfsd4_decode_authsys_parms(struct nfsd4_compoundargs *argp,
 648                           struct nfsd4_cb_sec *cbs)
 649{
 650        u32 stamp, gidcount, uid, gid;
 651        __be32 *p, status;
 652
 653        if (xdr_stream_decode_u32(argp->xdr, &stamp) < 0)
 654                return nfserr_bad_xdr;
 655        /* machine name */
 656        status = nfsd4_decode_ignored_string(argp, 255);
 657        if (status)
 658                return status;
 659        if (xdr_stream_decode_u32(argp->xdr, &uid) < 0)
 660                return nfserr_bad_xdr;
 661        if (xdr_stream_decode_u32(argp->xdr, &gid) < 0)
 662                return nfserr_bad_xdr;
 663        if (xdr_stream_decode_u32(argp->xdr, &gidcount) < 0)
 664                return nfserr_bad_xdr;
 665        if (gidcount > 16)
 666                return nfserr_bad_xdr;
 667        p = xdr_inline_decode(argp->xdr, gidcount << 2);
 668        if (!p)
 669                return nfserr_bad_xdr;
 670        if (cbs->flavor == (u32)(-1)) {
 671                struct user_namespace *userns = nfsd_user_namespace(argp->rqstp);
 672
 673                kuid_t kuid = make_kuid(userns, uid);
 674                kgid_t kgid = make_kgid(userns, gid);
 675                if (uid_valid(kuid) && gid_valid(kgid)) {
 676                        cbs->uid = kuid;
 677                        cbs->gid = kgid;
 678                        cbs->flavor = RPC_AUTH_UNIX;
 679                } else {
 680                        dprintk("RPC_AUTH_UNIX with invalid uid or gid, ignoring!\n");
 681                }
 682        }
 683
 684        return nfs_ok;
 685}
 686
 687static __be32
 688nfsd4_decode_gss_cb_handles4(struct nfsd4_compoundargs *argp,
 689                             struct nfsd4_cb_sec *cbs)
 690{
 691        __be32 status;
 692        u32 service;
 693
 694        dprintk("RPC_AUTH_GSS callback secflavor not supported!\n");
 695
 696        if (xdr_stream_decode_u32(argp->xdr, &service) < 0)
 697                return nfserr_bad_xdr;
 698        if (service < RPC_GSS_SVC_NONE || service > RPC_GSS_SVC_PRIVACY)
 699                return nfserr_bad_xdr;
 700        /* gcbp_handle_from_server */
 701        status = nfsd4_decode_ignored_string(argp, 0);
 702        if (status)
 703                return status;
 704        /* gcbp_handle_from_client */
 705        status = nfsd4_decode_ignored_string(argp, 0);
 706        if (status)
 707                return status;
 708
 709        return nfs_ok;
 710}
 711
 712/* a counted array of callback_sec_parms4 items */
 713static __be32
 714nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs)
 715{
 716        u32 i, secflavor, nr_secflavs;
 717        __be32 status;
 718
 719        /* callback_sec_params4 */
 720        if (xdr_stream_decode_u32(argp->xdr, &nr_secflavs) < 0)
 721                return nfserr_bad_xdr;
 722        if (nr_secflavs)
 723                cbs->flavor = (u32)(-1);
 724        else
 725                /* Is this legal? Be generous, take it to mean AUTH_NONE: */
 726                cbs->flavor = 0;
 727
 728        for (i = 0; i < nr_secflavs; ++i) {
 729                if (xdr_stream_decode_u32(argp->xdr, &secflavor) < 0)
 730                        return nfserr_bad_xdr;
 731                switch (secflavor) {
 732                case RPC_AUTH_NULL:
 733                        /* void */
 734                        if (cbs->flavor == (u32)(-1))
 735                                cbs->flavor = RPC_AUTH_NULL;
 736                        break;
 737                case RPC_AUTH_UNIX:
 738                        status = nfsd4_decode_authsys_parms(argp, cbs);
 739                        if (status)
 740                                return status;
 741                        break;
 742                case RPC_AUTH_GSS:
 743                        status = nfsd4_decode_gss_cb_handles4(argp, cbs);
 744                        if (status)
 745                                return status;
 746                        break;
 747                default:
 748                        return nfserr_inval;
 749                }
 750        }
 751
 752        return nfs_ok;
 753}
 754
 755
 756/*
 757 * NFSv4 operation argument decoders
 758 */
 759
 760static __be32
 761nfsd4_decode_access(struct nfsd4_compoundargs *argp,
 762                    struct nfsd4_access *access)
 763{
 764        if (xdr_stream_decode_u32(argp->xdr, &access->ac_req_access) < 0)
 765                return nfserr_bad_xdr;
 766        return nfs_ok;
 767}
 768
 769static __be32
 770nfsd4_decode_close(struct nfsd4_compoundargs *argp, struct nfsd4_close *close)
 771{
 772        if (xdr_stream_decode_u32(argp->xdr, &close->cl_seqid) < 0)
 773                return nfserr_bad_xdr;
 774        return nfsd4_decode_stateid4(argp, &close->cl_stateid);
 775}
 776
 777
 778static __be32
 779nfsd4_decode_commit(struct nfsd4_compoundargs *argp, struct nfsd4_commit *commit)
 780{
 781        if (xdr_stream_decode_u64(argp->xdr, &commit->co_offset) < 0)
 782                return nfserr_bad_xdr;
 783        if (xdr_stream_decode_u32(argp->xdr, &commit->co_count) < 0)
 784                return nfserr_bad_xdr;
 785        return nfs_ok;
 786}
 787
 788static __be32
 789nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create)
 790{
 791        __be32 *p, status;
 792
 793        if (xdr_stream_decode_u32(argp->xdr, &create->cr_type) < 0)
 794                return nfserr_bad_xdr;
 795        switch (create->cr_type) {
 796        case NF4LNK:
 797                if (xdr_stream_decode_u32(argp->xdr, &create->cr_datalen) < 0)
 798                        return nfserr_bad_xdr;
 799                p = xdr_inline_decode(argp->xdr, create->cr_datalen);
 800                if (!p)
 801                        return nfserr_bad_xdr;
 802                create->cr_data = svcxdr_dupstr(argp, p, create->cr_datalen);
 803                if (!create->cr_data)
 804                        return nfserr_jukebox;
 805                break;
 806        case NF4BLK:
 807        case NF4CHR:
 808                if (xdr_stream_decode_u32(argp->xdr, &create->cr_specdata1) < 0)
 809                        return nfserr_bad_xdr;
 810                if (xdr_stream_decode_u32(argp->xdr, &create->cr_specdata2) < 0)
 811                        return nfserr_bad_xdr;
 812                break;
 813        case NF4SOCK:
 814        case NF4FIFO:
 815        case NF4DIR:
 816        default:
 817                break;
 818        }
 819        status = nfsd4_decode_component4(argp, &create->cr_name,
 820                                         &create->cr_namelen);
 821        if (status)
 822                return status;
 823        status = nfsd4_decode_fattr4(argp, create->cr_bmval,
 824                                    ARRAY_SIZE(create->cr_bmval),
 825                                    &create->cr_iattr, &create->cr_acl,
 826                                    &create->cr_label, &create->cr_umask);
 827        if (status)
 828                return status;
 829
 830        return nfs_ok;
 831}
 832
 833static inline __be32
 834nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, struct nfsd4_delegreturn *dr)
 835{
 836        return nfsd4_decode_stateid4(argp, &dr->dr_stateid);
 837}
 838
 839static inline __be32
 840nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, struct nfsd4_getattr *getattr)
 841{
 842        return nfsd4_decode_bitmap4(argp, getattr->ga_bmval,
 843                                    ARRAY_SIZE(getattr->ga_bmval));
 844}
 845
 846static __be32
 847nfsd4_decode_link(struct nfsd4_compoundargs *argp, struct nfsd4_link *link)
 848{
 849        return nfsd4_decode_component4(argp, &link->li_name, &link->li_namelen);
 850}
 851
 852static __be32
 853nfsd4_decode_open_to_lock_owner4(struct nfsd4_compoundargs *argp,
 854                                 struct nfsd4_lock *lock)
 855{
 856        __be32 status;
 857
 858        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_new_open_seqid) < 0)
 859                return nfserr_bad_xdr;
 860        status = nfsd4_decode_stateid4(argp, &lock->lk_new_open_stateid);
 861        if (status)
 862                return status;
 863        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_new_lock_seqid) < 0)
 864                return nfserr_bad_xdr;
 865        return nfsd4_decode_state_owner4(argp, &lock->lk_new_clientid,
 866                                         &lock->lk_new_owner);
 867}
 868
 869static __be32
 870nfsd4_decode_exist_lock_owner4(struct nfsd4_compoundargs *argp,
 871                               struct nfsd4_lock *lock)
 872{
 873        __be32 status;
 874
 875        status = nfsd4_decode_stateid4(argp, &lock->lk_old_lock_stateid);
 876        if (status)
 877                return status;
 878        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_old_lock_seqid) < 0)
 879                return nfserr_bad_xdr;
 880
 881        return nfs_ok;
 882}
 883
 884static __be32
 885nfsd4_decode_locker4(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock)
 886{
 887        if (xdr_stream_decode_bool(argp->xdr, &lock->lk_is_new) < 0)
 888                return nfserr_bad_xdr;
 889        if (lock->lk_is_new)
 890                return nfsd4_decode_open_to_lock_owner4(argp, lock);
 891        return nfsd4_decode_exist_lock_owner4(argp, lock);
 892}
 893
 894static __be32
 895nfsd4_decode_lock(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock)
 896{
 897        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_type) < 0)
 898                return nfserr_bad_xdr;
 899        if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT))
 900                return nfserr_bad_xdr;
 901        if (xdr_stream_decode_bool(argp->xdr, &lock->lk_reclaim) < 0)
 902                return nfserr_bad_xdr;
 903        if (xdr_stream_decode_u64(argp->xdr, &lock->lk_offset) < 0)
 904                return nfserr_bad_xdr;
 905        if (xdr_stream_decode_u64(argp->xdr, &lock->lk_length) < 0)
 906                return nfserr_bad_xdr;
 907        return nfsd4_decode_locker4(argp, lock);
 908}
 909
 910static __be32
 911nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, struct nfsd4_lockt *lockt)
 912{
 913        if (xdr_stream_decode_u32(argp->xdr, &lockt->lt_type) < 0)
 914                return nfserr_bad_xdr;
 915        if ((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT))
 916                return nfserr_bad_xdr;
 917        if (xdr_stream_decode_u64(argp->xdr, &lockt->lt_offset) < 0)
 918                return nfserr_bad_xdr;
 919        if (xdr_stream_decode_u64(argp->xdr, &lockt->lt_length) < 0)
 920                return nfserr_bad_xdr;
 921        return nfsd4_decode_state_owner4(argp, &lockt->lt_clientid,
 922                                         &lockt->lt_owner);
 923}
 924
 925static __be32
 926nfsd4_decode_locku(struct nfsd4_compoundargs *argp, struct nfsd4_locku *locku)
 927{
 928        __be32 status;
 929
 930        if (xdr_stream_decode_u32(argp->xdr, &locku->lu_type) < 0)
 931                return nfserr_bad_xdr;
 932        if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT))
 933                return nfserr_bad_xdr;
 934        if (xdr_stream_decode_u32(argp->xdr, &locku->lu_seqid) < 0)
 935                return nfserr_bad_xdr;
 936        status = nfsd4_decode_stateid4(argp, &locku->lu_stateid);
 937        if (status)
 938                return status;
 939        if (xdr_stream_decode_u64(argp->xdr, &locku->lu_offset) < 0)
 940                return nfserr_bad_xdr;
 941        if (xdr_stream_decode_u64(argp->xdr, &locku->lu_length) < 0)
 942                return nfserr_bad_xdr;
 943
 944        return nfs_ok;
 945}
 946
 947static __be32
 948nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, struct nfsd4_lookup *lookup)
 949{
 950        return nfsd4_decode_component4(argp, &lookup->lo_name, &lookup->lo_len);
 951}
 952
 953static __be32
 954nfsd4_decode_createhow4(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 955{
 956        __be32 status;
 957
 958        if (xdr_stream_decode_u32(argp->xdr, &open->op_createmode) < 0)
 959                return nfserr_bad_xdr;
 960        switch (open->op_createmode) {
 961        case NFS4_CREATE_UNCHECKED:
 962        case NFS4_CREATE_GUARDED:
 963                status = nfsd4_decode_fattr4(argp, open->op_bmval,
 964                                             ARRAY_SIZE(open->op_bmval),
 965                                             &open->op_iattr, &open->op_acl,
 966                                             &open->op_label, &open->op_umask);
 967                if (status)
 968                        return status;
 969                break;
 970        case NFS4_CREATE_EXCLUSIVE:
 971                status = nfsd4_decode_verifier4(argp, &open->op_verf);
 972                if (status)
 973                        return status;
 974                break;
 975        case NFS4_CREATE_EXCLUSIVE4_1:
 976                if (argp->minorversion < 1)
 977                        return nfserr_bad_xdr;
 978                status = nfsd4_decode_verifier4(argp, &open->op_verf);
 979                if (status)
 980                        return status;
 981                status = nfsd4_decode_fattr4(argp, open->op_bmval,
 982                                             ARRAY_SIZE(open->op_bmval),
 983                                             &open->op_iattr, &open->op_acl,
 984                                             &open->op_label, &open->op_umask);
 985                if (status)
 986                        return status;
 987                break;
 988        default:
 989                return nfserr_bad_xdr;
 990        }
 991
 992        return nfs_ok;
 993}
 994
 995static __be32
 996nfsd4_decode_openflag4(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 997{
 998        __be32 status;
 999
1000        if (xdr_stream_decode_u32(argp->xdr, &open->op_create) < 0)

1001                return nfserr_bad_xdr;
1002        switch (open->op_create) {
1003        case NFS4_OPEN_NOCREATE:
1004                break;
1005        case NFS4_OPEN_CREATE:
1006                status = nfsd4_decode_createhow4(argp, open);
1007                if (status)
1008                        return status;
1009                break;
1010        default:
1011                return nfserr_bad_xdr;
1012        }
1013
1014        return nfs_ok;
1015}
1016
1017static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when)
1018{
1019        u32 w;
1020
1021        if (xdr_stream_decode_u32(argp->xdr, &w) < 0)
1022                return nfserr_bad_xdr;
1023        *share_access = w & NFS4_SHARE_ACCESS_MASK;
1024        *deleg_want = w & NFS4_SHARE_WANT_MASK;
1025        if (deleg_when)
1026                *deleg_when = w & NFS4_SHARE_WHEN_MASK;
1027
1028        switch (w & NFS4_SHARE_ACCESS_MASK) {
1029        case NFS4_SHARE_ACCESS_READ:
1030        case NFS4_SHARE_ACCESS_WRITE:
1031        case NFS4_SHARE_ACCESS_BOTH:
1032                break;
1033        default:
1034                return nfserr_bad_xdr;
1035        }
1036        w &= ~NFS4_SHARE_ACCESS_MASK;
1037        if (!w)
1038                return nfs_ok;
1039        if (!argp->minorversion)
1040                return nfserr_bad_xdr;
1041        switch (w & NFS4_SHARE_WANT_MASK) {
1042        case NFS4_SHARE_WANT_NO_PREFERENCE:
1043        case NFS4_SHARE_WANT_READ_DELEG:
1044        case NFS4_SHARE_WANT_WRITE_DELEG:
1045        case NFS4_SHARE_WANT_ANY_DELEG:
1046        case NFS4_SHARE_WANT_NO_DELEG:
1047        case NFS4_SHARE_WANT_CANCEL:
1048                break;
1049        default:
1050                return nfserr_bad_xdr;
1051        }
1052        w &= ~NFS4_SHARE_WANT_MASK;
1053        if (!w)
1054                return nfs_ok;
1055
1056        if (!deleg_when)        /* open_downgrade */
1057                return nfserr_inval;
1058        switch (w) {
1059        case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL:
1060        case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED:
1061        case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL |
1062              NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED):
1063                return nfs_ok;
1064        }
1065        return nfserr_bad_xdr;
1066}
1067
1068static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x)
1069{
1070        if (xdr_stream_decode_u32(argp->xdr, x) < 0)
1071                return nfserr_bad_xdr;
1072        /* Note: unlike access bits, deny bits may be zero. */
1073        if (*x & ~NFS4_SHARE_DENY_BOTH)
1074                return nfserr_bad_xdr;
1075
1076        return nfs_ok;
1077}
1078
1079static __be32
1080nfsd4_decode_open_claim4(struct nfsd4_compoundargs *argp,
1081                         struct nfsd4_open *open)
1082{
1083        __be32 status;
1084
1085        if (xdr_stream_decode_u32(argp->xdr, &open->op_claim_type) < 0)
1086                return nfserr_bad_xdr;
1087        switch (open->op_claim_type) {
1088        case NFS4_OPEN_CLAIM_NULL:
1089        case NFS4_OPEN_CLAIM_DELEGATE_PREV:
1090                status = nfsd4_decode_component4(argp, &open->op_fname,
1091                                                 &open->op_fnamelen);
1092                if (status)
1093                        return status;
1094                break;
1095        case NFS4_OPEN_CLAIM_PREVIOUS:
1096                if (xdr_stream_decode_u32(argp->xdr, &open->op_delegate_type) < 0)
1097                        return nfserr_bad_xdr;
1098                break;
1099        case NFS4_OPEN_CLAIM_DELEGATE_CUR:
1100                status = nfsd4_decode_stateid4(argp, &open->op_delegate_stateid);
1101                if (status)
1102                        return status;
1103                status = nfsd4_decode_component4(argp, &open->op_fname,
1104                                                 &open->op_fnamelen);
1105                if (status)
1106                        return status;
1107                break;
1108        case NFS4_OPEN_CLAIM_FH:
1109        case NFS4_OPEN_CLAIM_DELEG_PREV_FH:
1110                if (argp->minorversion < 1)
1111                        return nfserr_bad_xdr;
1112                /* void */
1113                break;
1114        case NFS4_OPEN_CLAIM_DELEG_CUR_FH:
1115                if (argp->minorversion < 1)
1116                        return nfserr_bad_xdr;
1117                status = nfsd4_decode_stateid4(argp, &open->op_delegate_stateid);
1118                if (status)
1119                        return status;
1120                break;
1121        default:
1122                return nfserr_bad_xdr;
1123        }
1124
1125        return nfs_ok;
1126}
1127
1128static __be32
1129nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
1130{
1131        __be32 status;
1132        u32 dummy;
1133
1134        memset(open->op_bmval, 0, sizeof(open->op_bmval));
1135        open->op_iattr.ia_valid = 0;
1136        open->op_openowner = NULL;
1137
1138        open->op_xdr_error = 0;
1139        if (xdr_stream_decode_u32(argp->xdr, &open->op_seqid) < 0)
1140                return nfserr_bad_xdr;
1141        /* deleg_want is ignored */
1142        status = nfsd4_decode_share_access(argp, &open->op_share_access,
1143                                           &open->op_deleg_want, &dummy);
1144        if (status)
1145                return status;
1146        status = nfsd4_decode_share_deny(argp, &open->op_share_deny);
1147        if (status)
1148                return status;
1149        status = nfsd4_decode_state_owner4(argp, &open->op_clientid,
1150                                           &open->op_owner);
1151        if (status)
1152                return status;
1153        status = nfsd4_decode_openflag4(argp, open);
1154        if (status)
1155                return status;
1156        return nfsd4_decode_open_claim4(argp, open);
1157}
1158
1159static __be32
1160nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_open_confirm *open_conf)
1161{
1162        __be32 status;
1163
1164        if (argp->minorversion >= 1)
1165                return nfserr_notsupp;
1166
1167        status = nfsd4_decode_stateid4(argp, &open_conf->oc_req_stateid);
1168        if (status)
1169                return status;
1170        if (xdr_stream_decode_u32(argp->xdr, &open_conf->oc_seqid) < 0)
1171                return nfserr_bad_xdr;
1172
1173        return nfs_ok;
1174}
1175
1176static __be32
1177nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp, struct nfsd4_open_downgrade *open_down)
1178{
1179        __be32 status;
1180
1181        status = nfsd4_decode_stateid4(argp, &open_down->od_stateid);
1182        if (status)
1183                return status;
1184        if (xdr_stream_decode_u32(argp->xdr, &open_down->od_seqid) < 0)
1185                return nfserr_bad_xdr;
1186        /* deleg_want is ignored */
1187        status = nfsd4_decode_share_access(argp, &open_down->od_share_access,
1188                                           &open_down->od_deleg_want, NULL);
1189        if (status)
1190                return status;
1191        return nfsd4_decode_share_deny(argp, &open_down->od_share_deny);
1192}
1193
1194static __be32
1195nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh)
1196{
1197        __be32 *p;
1198
1199        if (xdr_stream_decode_u32(argp->xdr, &putfh->pf_fhlen) < 0)
1200                return nfserr_bad_xdr;
1201        if (putfh->pf_fhlen > NFS4_FHSIZE)
1202                return nfserr_bad_xdr;
1203        p = xdr_inline_decode(argp->xdr, putfh->pf_fhlen);
1204        if (!p)
1205                return nfserr_bad_xdr;
1206        putfh->pf_fhval = svcxdr_savemem(argp, p, putfh->pf_fhlen);
1207        if (!putfh->pf_fhval)
1208                return nfserr_jukebox;
1209
1210        return nfs_ok;
1211}
1212
1213static __be32
1214nfsd4_decode_putpubfh(struct nfsd4_compoundargs *argp, void *p)
1215{
1216        if (argp->minorversion == 0)
1217                return nfs_ok;
1218        return nfserr_notsupp;
1219}
1220
1221static __be32
1222nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read)
1223{
1224        __be32 status;
1225
1226        status = nfsd4_decode_stateid4(argp, &read->rd_stateid);
1227        if (status)
1228                return status;
1229        if (xdr_stream_decode_u64(argp->xdr, &read->rd_offset) < 0)
1230                return nfserr_bad_xdr;
1231        if (xdr_stream_decode_u32(argp->xdr, &read->rd_length) < 0)
1232                return nfserr_bad_xdr;
1233
1234        return nfs_ok;
1235}
1236
1237static __be32
1238nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, struct nfsd4_readdir *readdir)
1239{
1240        __be32 status;
1241
1242        if (xdr_stream_decode_u64(argp->xdr, &readdir->rd_cookie) < 0)
1243                return nfserr_bad_xdr;
1244        status = nfsd4_decode_verifier4(argp, &readdir->rd_verf);
1245        if (status)
1246                return status;
1247        if (xdr_stream_decode_u32(argp->xdr, &readdir->rd_dircount) < 0)
1248                return nfserr_bad_xdr;
1249        if (xdr_stream_decode_u32(argp->xdr, &readdir->rd_maxcount) < 0)
1250                return nfserr_bad_xdr;
1251        if (xdr_stream_decode_uint32_array(argp->xdr, readdir->rd_bmval,
1252                                           ARRAY_SIZE(readdir->rd_bmval)) < 0)
1253                return nfserr_bad_xdr;
1254
1255        return nfs_ok;
1256}
1257
1258static __be32
1259nfsd4_decode_remove(struct nfsd4_compoundargs *argp, struct nfsd4_remove *remove)
1260{
1261        return nfsd4_decode_component4(argp, &remove->rm_name, &remove->rm_namelen);
1262}
1263
1264static __be32
1265nfsd4_decode_rename(struct nfsd4_compoundargs *argp, struct nfsd4_rename *rename)
1266{
1267        __be32 status;
1268
1269        status = nfsd4_decode_component4(argp, &rename->rn_sname, &rename->rn_snamelen);
1270        if (status)
1271                return status;
1272        return nfsd4_decode_component4(argp, &rename->rn_tname, &rename->rn_tnamelen);
1273}
1274
1275static __be32
1276nfsd4_decode_renew(struct nfsd4_compoundargs *argp, clientid_t *clientid)
1277{
1278        return nfsd4_decode_clientid4(argp, clientid);
1279}
1280
1281static __be32
1282nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp,
1283                     struct nfsd4_secinfo *secinfo)
1284{
1285        return nfsd4_decode_component4(argp, &secinfo->si_name, &secinfo->si_namelen);
1286}
1287
1288static __be32
1289nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *setattr)
1290{
1291        __be32 status;
1292
1293        status = nfsd4_decode_stateid4(argp, &setattr->sa_stateid);
1294        if (status)
1295                return status;
1296        return nfsd4_decode_fattr4(argp, setattr->sa_bmval,
1297                                   ARRAY_SIZE(setattr->sa_bmval),
1298                                   &setattr->sa_iattr, &setattr->sa_acl,
1299                                   &setattr->sa_label, NULL);
1300}
1301
1302static __be32
1303nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid *setclientid)
1304{
1305        __be32 *p, status;
1306
1307        if (argp->minorversion >= 1)
1308                return nfserr_notsupp;
1309
1310        status = nfsd4_decode_verifier4(argp, &setclientid->se_verf);
1311        if (status)
1312                return status;
1313        status = nfsd4_decode_opaque(argp, &setclientid->se_name);
1314        if (status)
1315                return status;
1316        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_prog) < 0)
1317                return nfserr_bad_xdr;
1318        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_netid_len) < 0)
1319                return nfserr_bad_xdr;
1320        p = xdr_inline_decode(argp->xdr, setclientid->se_callback_netid_len);
1321        if (!p)
1322                return nfserr_bad_xdr;
1323        setclientid->se_callback_netid_val = svcxdr_savemem(argp, p,
1324                                                setclientid->se_callback_netid_len);
1325        if (!setclientid->se_callback_netid_val)
1326                return nfserr_jukebox;
1327
1328        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_addr_len) < 0)
1329                return nfserr_bad_xdr;
1330        p = xdr_inline_decode(argp->xdr, setclientid->se_callback_addr_len);
1331        if (!p)
1332                return nfserr_bad_xdr;
1333        setclientid->se_callback_addr_val = svcxdr_savemem(argp, p,
1334                                                setclientid->se_callback_addr_len);
1335        if (!setclientid->se_callback_addr_val)
1336                return nfserr_jukebox;
1337        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_ident) < 0)
1338                return nfserr_bad_xdr;
1339
1340        return nfs_ok;
1341}
1342
1343static __be32
1344nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid_confirm *scd_c)
1345{
1346        __be32 status;
1347
1348        if (argp->minorversion >= 1)
1349                return nfserr_notsupp;
1350
1351        status = nfsd4_decode_clientid4(argp, &scd_c->sc_clientid);
1352        if (status)
1353                return status;
1354        return nfsd4_decode_verifier4(argp, &scd_c->sc_confirm);
1355}
1356
1357/* Also used for NVERIFY */
1358static __be32
1359nfsd4_decode_verify(struct nfsd4_compoundargs *argp, struct nfsd4_verify *verify)
1360{
1361        __be32 *p, status;
1362
1363        status = nfsd4_decode_bitmap4(argp, verify->ve_bmval,
1364                                      ARRAY_SIZE(verify->ve_bmval));
1365        if (status)
1366                return status;
1367
1368        /* For convenience's sake, we compare raw xdr'd attributes in
1369         * nfsd4_proc_verify */
1370
1371        if (xdr_stream_decode_u32(argp->xdr, &verify->ve_attrlen) < 0)
1372                return nfserr_bad_xdr;
1373        p = xdr_inline_decode(argp->xdr, verify->ve_attrlen);
1374        if (!p)
1375                return nfserr_bad_xdr;
1376        verify->ve_attrval = svcxdr_savemem(argp, p, verify->ve_attrlen);
1377        if (!verify->ve_attrval)
1378                return nfserr_jukebox;
1379
1380        return nfs_ok;
1381}
1382
1383static __be32
1384nfsd4_decode_write(struct nfsd4_compoundargs *argp, struct nfsd4_write *write)
1385{
1386        __be32 status;
1387
1388        status = nfsd4_decode_stateid4(argp, &write->wr_stateid);
1389        if (status)
1390                return status;
1391        if (xdr_stream_decode_u64(argp->xdr, &write->wr_offset) < 0)
1392                return nfserr_bad_xdr;
1393        if (xdr_stream_decode_u32(argp->xdr, &write->wr_stable_how) < 0)
1394                return nfserr_bad_xdr;
1395        if (write->wr_stable_how > NFS_FILE_SYNC)
1396                return nfserr_bad_xdr;
1397        if (xdr_stream_decode_u32(argp->xdr, &write->wr_buflen) < 0)
1398                return nfserr_bad_xdr;
1399        if (!xdr_stream_subsegment(argp->xdr, &write->wr_payload, write->wr_buflen))
1400                return nfserr_bad_xdr;
1401
1402        return nfs_ok;
1403}
1404
1405static __be32
1406nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp, struct nfsd4_release_lockowner *rlockowner)
1407{
1408        __be32 status;
1409
1410        if (argp->minorversion >= 1)
1411                return nfserr_notsupp;
1412
1413        status = nfsd4_decode_state_owner4(argp, &rlockowner->rl_clientid,
1414                                           &rlockowner->rl_owner);
1415        if (status)
1416                return status;
1417
1418        if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid))
1419                return nfserr_inval;
1420
1421        return nfs_ok;
1422}
1423
1424static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp, struct nfsd4_backchannel_ctl *bc)
1425{
1426        if (xdr_stream_decode_u32(argp->xdr, &bc->bc_cb_program) < 0)
1427                return nfserr_bad_xdr;
1428        return nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec);
1429}
1430
1431static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp, struct nfsd4_bind_conn_to_session *bcts)
1432{
1433        u32 use_conn_in_rdma_mode;
1434        __be32 status;
1435
1436        status = nfsd4_decode_sessionid4(argp, &bcts->sessionid);
1437        if (status)
1438                return status;
1439        if (xdr_stream_decode_u32(argp->xdr, &bcts->dir) < 0)
1440                return nfserr_bad_xdr;
1441        if (xdr_stream_decode_u32(argp->xdr, &use_conn_in_rdma_mode) < 0)
1442                return nfserr_bad_xdr;
1443
1444        return nfs_ok;
1445}
1446
1447static __be32
1448nfsd4_decode_state_protect_ops(struct nfsd4_compoundargs *argp,
1449                               struct nfsd4_exchange_id *exid)
1450{
1451        __be32 status;
1452
1453        status = nfsd4_decode_bitmap4(argp, exid->spo_must_enforce,
1454                                      ARRAY_SIZE(exid->spo_must_enforce));
1455        if (status)
1456                return nfserr_bad_xdr;
1457        status = nfsd4_decode_bitmap4(argp, exid->spo_must_allow,
1458                                      ARRAY_SIZE(exid->spo_must_allow));
1459        if (status)
1460                return nfserr_bad_xdr;
1461
1462        return nfs_ok;
1463}
1464
1465/*
1466 * This implementation currently does not support SP4_SSV.
1467 * This decoder simply skips over these arguments.
1468 */
1469static noinline __be32
1470nfsd4_decode_ssv_sp_parms(struct nfsd4_compoundargs *argp,
1471                          struct nfsd4_exchange_id *exid)
1472{
1473        u32 count, window, num_gss_handles;
1474        __be32 status;
1475
1476        /* ssp_ops */
1477        status = nfsd4_decode_state_protect_ops(argp, exid);
1478        if (status)
1479                return status;
1480
1481        /* ssp_hash_algs<> */
1482        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1483                return nfserr_bad_xdr;
1484        while (count--) {
1485                status = nfsd4_decode_ignored_string(argp, 0);
1486                if (status)
1487                        return status;
1488        }
1489
1490        /* ssp_encr_algs<> */
1491        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1492                return nfserr_bad_xdr;
1493        while (count--) {
1494                status = nfsd4_decode_ignored_string(argp, 0);
1495                if (status)
1496                        return status;
1497        }
1498
1499        if (xdr_stream_decode_u32(argp->xdr, &window) < 0)
1500                return nfserr_bad_xdr;
1501        if (xdr_stream_decode_u32(argp->xdr, &num_gss_handles) < 0)
1502                return nfserr_bad_xdr;
1503
1504        return nfs_ok;
1505}
1506
1507static __be32
1508nfsd4_decode_state_protect4_a(struct nfsd4_compoundargs *argp,
1509                              struct nfsd4_exchange_id *exid)
1510{
1511        __be32 status;
1512
1513        if (xdr_stream_decode_u32(argp->xdr, &exid->spa_how) < 0)
1514                return nfserr_bad_xdr;
1515        switch (exid->spa_how) {
1516        case SP4_NONE:
1517                break;
1518        case SP4_MACH_CRED:
1519                status = nfsd4_decode_state_protect_ops(argp, exid);
1520                if (status)
1521                        return status;
1522                break;
1523        case SP4_SSV:
1524                status = nfsd4_decode_ssv_sp_parms(argp, exid);
1525                if (status)
1526                        return status;
1527                break;
1528        default:
1529                return nfserr_bad_xdr;
1530        }
1531
1532        return nfs_ok;
1533}
1534
1535static __be32
1536nfsd4_decode_nfs_impl_id4(struct nfsd4_compoundargs *argp,
1537                          struct nfsd4_exchange_id *exid)
1538{
1539        __be32 status;
1540        u32 count;
1541
1542        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1543                return nfserr_bad_xdr;
1544        switch (count) {
1545        case 0:
1546                break;
1547        case 1:
1548                /* Note that RFC 8881 places no length limit on
1549                 * nii_domain, but this implementation permits no
1550                 * more than NFS4_OPAQUE_LIMIT bytes */
1551                status = nfsd4_decode_opaque(argp, &exid->nii_domain);
1552                if (status)
1553                        return status;
1554                /* Note that RFC 8881 places no length limit on
1555                 * nii_name, but this implementation permits no
1556                 * more than NFS4_OPAQUE_LIMIT bytes */
1557                status = nfsd4_decode_opaque(argp, &exid->nii_name);
1558                if (status)
1559                        return status;
1560                status = nfsd4_decode_nfstime4(argp, &exid->nii_time);
1561                if (status)
1562                        return status;
1563                break;
1564        default:
1565                return nfserr_bad_xdr;
1566        }
1567
1568        return nfs_ok;
1569}
1570
1571static __be32
1572nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp,
1573                         struct nfsd4_exchange_id *exid)
1574{
1575        __be32 status;
1576
1577        status = nfsd4_decode_verifier4(argp, &exid->verifier);
1578        if (status)
1579                return status;
1580        status = nfsd4_decode_opaque(argp, &exid->clname);
1581        if (status)
1582                return status;
1583        if (xdr_stream_decode_u32(argp->xdr, &exid->flags) < 0)
1584                return nfserr_bad_xdr;
1585        status = nfsd4_decode_state_protect4_a(argp, exid);
1586        if (status)
1587                return status;
1588        return nfsd4_decode_nfs_impl_id4(argp, exid);
1589}
1590
1591static __be32
1592nfsd4_decode_channel_attrs4(struct nfsd4_compoundargs *argp,
1593                            struct nfsd4_channel_attrs *ca)
1594{
1595        __be32 *p;
1596
1597        p = xdr_inline_decode(argp->xdr, XDR_UNIT * 7);
1598        if (!p)
1599                return nfserr_bad_xdr;
1600
1601        /* headerpadsz is ignored */
1602        p++;
1603        ca->maxreq_sz = be32_to_cpup(p++);
1604        ca->maxresp_sz = be32_to_cpup(p++);
1605        ca->maxresp_cached = be32_to_cpup(p++);
1606        ca->maxops = be32_to_cpup(p++);
1607        ca->maxreqs = be32_to_cpup(p++);
1608        ca->nr_rdma_attrs = be32_to_cpup(p);
1609        switch (ca->nr_rdma_attrs) {
1610        case 0:
1611                break;
1612        case 1:
1613                if (xdr_stream_decode_u32(argp->xdr, &ca->rdma_attrs) < 0)
1614                        return nfserr_bad_xdr;
1615                break;
1616        default:
1617                return nfserr_bad_xdr;
1618        }
1619
1620        return nfs_ok;
1621}
1622
1623static __be32
1624nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
1625                            struct nfsd4_create_session *sess)
1626{
1627        __be32 status;
1628
1629        status = nfsd4_decode_clientid4(argp, &sess->clientid);
1630        if (status)
1631                return status;
1632        if (xdr_stream_decode_u32(argp->xdr, &sess->seqid) < 0)
1633                return nfserr_bad_xdr;
1634        if (xdr_stream_decode_u32(argp->xdr, &sess->flags) < 0)
1635                return nfserr_bad_xdr;
1636        status = nfsd4_decode_channel_attrs4(argp, &sess->fore_channel);
1637        if (status)
1638                return status;
1639        status = nfsd4_decode_channel_attrs4(argp, &sess->back_channel);
1640        if (status)
1641                return status;
1642        if (xdr_stream_decode_u32(argp->xdr, &sess->callback_prog) < 0)
1643                return nfserr_bad_xdr;
1644        status = nfsd4_decode_cb_sec(argp, &sess->cb_sec);
1645        if (status)
1646                return status;
1647
1648        return nfs_ok;
1649}
1650
1651static __be32
1652nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp,
1653                             struct nfsd4_destroy_session *destroy_session)
1654{
1655        return nfsd4_decode_sessionid4(argp, &destroy_session->sessionid);
1656}
1657
1658static __be32
1659nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp,
1660                          struct nfsd4_free_stateid *free_stateid)
1661{
1662        return nfsd4_decode_stateid4(argp, &free_stateid->fr_stateid);
1663}
1664
1665#ifdef CONFIG_NFSD_PNFS
1666static __be32
1667nfsd4_decode_getdeviceinfo(struct nfsd4_compoundargs *argp,
1668                struct nfsd4_getdeviceinfo *gdev)
1669{
1670        __be32 status;
1671
1672        status = nfsd4_decode_deviceid4(argp, &gdev->gd_devid);
1673        if (status)
1674                return status;
1675        if (xdr_stream_decode_u32(argp->xdr, &gdev->gd_layout_type) < 0)
1676                return nfserr_bad_xdr;
1677        if (xdr_stream_decode_u32(argp->xdr, &gdev->gd_maxcount) < 0)
1678                return nfserr_bad_xdr;
1679        if (xdr_stream_decode_uint32_array(argp->xdr,
1680                                           &gdev->gd_notify_types, 1) < 0)
1681                return nfserr_bad_xdr;
1682
1683        return nfs_ok;
1684}
1685
1686static __be32
1687nfsd4_decode_layoutcommit(struct nfsd4_compoundargs *argp,
1688                          struct nfsd4_layoutcommit *lcp)
1689{
1690        __be32 *p, status;
1691
1692        if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_seg.offset) < 0)
1693                return nfserr_bad_xdr;
1694        if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_seg.length) < 0)
1695                return nfserr_bad_xdr;
1696        if (xdr_stream_decode_bool(argp->xdr, &lcp->lc_reclaim) < 0)
1697                return nfserr_bad_xdr;
1698        status = nfsd4_decode_stateid4(argp, &lcp->lc_sid);
1699        if (status)
1700                return status;
1701        if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_newoffset) < 0)
1702                return nfserr_bad_xdr;
1703        if (lcp->lc_newoffset) {
1704                if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_last_wr) < 0)
1705                        return nfserr_bad_xdr;
1706        } else
1707                lcp->lc_last_wr = 0;
1708        p = xdr_inline_decode(argp->xdr, XDR_UNIT);
1709        if (!p)
1710                return nfserr_bad_xdr;
1711        if (xdr_item_is_present(p)) {
1712                status = nfsd4_decode_nfstime4(argp, &lcp->lc_mtime);
1713                if (status)
1714                        return status;
1715        } else {
1716                lcp->lc_mtime.tv_nsec = UTIME_NOW;
1717        }
1718        return nfsd4_decode_layoutupdate4(argp, lcp);
1719}
1720
1721static __be32
1722nfsd4_decode_layoutget(struct nfsd4_compoundargs *argp,
1723                struct nfsd4_layoutget *lgp)
1724{
1725        __be32 status;
1726
1727        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_signal) < 0)
1728                return nfserr_bad_xdr;
1729        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_layout_type) < 0)
1730                return nfserr_bad_xdr;
1731        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_seg.iomode) < 0)
1732                return nfserr_bad_xdr;
1733        if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_seg.offset) < 0)
1734                return nfserr_bad_xdr;
1735        if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_seg.length) < 0)
1736                return nfserr_bad_xdr;
1737        if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_minlength) < 0)
1738                return nfserr_bad_xdr;
1739        status = nfsd4_decode_stateid4(argp, &lgp->lg_sid);
1740        if (status)
1741                return status;
1742        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_maxcount) < 0)
1743                return nfserr_bad_xdr;
1744
1745        return nfs_ok;
1746}
1747
1748static __be32
1749nfsd4_decode_layoutreturn(struct nfsd4_compoundargs *argp,
1750                struct nfsd4_layoutreturn *lrp)
1751{
1752        if (xdr_stream_decode_bool(argp->xdr, &lrp->lr_reclaim) < 0)
1753                return nfserr_bad_xdr;
1754        if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_layout_type) < 0)
1755                return nfserr_bad_xdr;
1756        if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_seg.iomode) < 0)
1757                return nfserr_bad_xdr;
1758        return nfsd4_decode_layoutreturn4(argp, lrp);
1759}
1760#endif /* CONFIG_NFSD_PNFS */
1761
1762static __be32 nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp,
1763                                           struct nfsd4_secinfo_no_name *sin)
1764{
1765        if (xdr_stream_decode_u32(argp->xdr, &sin->sin_style) < 0)
1766                return nfserr_bad_xdr;
1767        return nfs_ok;
1768}
1769
1770static __be32
1771nfsd4_decode_sequence(struct nfsd4_compoundargs *argp,
1772                      struct nfsd4_sequence *seq)
1773{
1774        __be32 *p, status;
1775
1776        status = nfsd4_decode_sessionid4(argp, &seq->sessionid);
1777        if (status)
1778                return status;
1779        p = xdr_inline_decode(argp->xdr, XDR_UNIT * 4);
1780        if (!p)
1781                return nfserr_bad_xdr;
1782        seq->seqid = be32_to_cpup(p++);
1783        seq->slotid = be32_to_cpup(p++);
1784        seq->maxslots = be32_to_cpup(p++);
1785        seq->cachethis = be32_to_cpup(p);
1786
1787        return nfs_ok;
1788}
1789
1790static __be32
1791nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_stateid *test_stateid)
1792{
1793        struct nfsd4_test_stateid_id *stateid;
1794        __be32 status;
1795        u32 i;
1796
1797        if (xdr_stream_decode_u32(argp->xdr, &test_stateid->ts_num_ids) < 0)
1798                return nfserr_bad_xdr;
1799
1800        INIT_LIST_HEAD(&test_stateid->ts_stateid_list);
1801        for (i = 0; i < test_stateid->ts_num_ids; i++) {
1802                stateid = svcxdr_tmpalloc(argp, sizeof(*stateid));
1803                if (!stateid)
1804                        return nfserrno(-ENOMEM);       /* XXX: not jukebox? */
1805                INIT_LIST_HEAD(&stateid->ts_id_list);
1806                list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list);
1807                status = nfsd4_decode_stateid4(argp, &stateid->ts_id_stateid);
1808                if (status)
1809                        return status;
1810        }
1811
1812        return nfs_ok;
1813}
1814
1815static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp,
1816                                            struct nfsd4_destroy_clientid *dc)
1817{
1818        return nfsd4_decode_clientid4(argp, &dc->clientid);
1819}
1820
1821static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp,
1822                                            struct nfsd4_reclaim_complete *rc)
1823{
1824        if (xdr_stream_decode_bool(argp->xdr, &rc->rca_one_fs) < 0)
1825                return nfserr_bad_xdr;
1826        return nfs_ok;
1827}
1828
1829static __be32
1830nfsd4_decode_fallocate(struct nfsd4_compoundargs *argp,
1831                       struct nfsd4_fallocate *fallocate)
1832{
1833        __be32 status;
1834
1835        status = nfsd4_decode_stateid4(argp, &fallocate->falloc_stateid);
1836        if (status)
1837                return status;
1838        if (xdr_stream_decode_u64(argp->xdr, &fallocate->falloc_offset) < 0)
1839                return nfserr_bad_xdr;
1840        if (xdr_stream_decode_u64(argp->xdr, &fallocate->falloc_length) < 0)
1841                return nfserr_bad_xdr;
1842
1843        return nfs_ok;
1844}
1845
1846static __be32 nfsd4_decode_nl4_server(struct nfsd4_compoundargs *argp,
1847                                      struct nl4_server *ns)
1848{
1849        struct nfs42_netaddr *naddr;
1850        __be32 *p;
1851
1852        if (xdr_stream_decode_u32(argp->xdr, &ns->nl4_type) < 0)
1853                return nfserr_bad_xdr;
1854
1855        /* currently support for 1 inter-server source server */
1856        switch (ns->nl4_type) {
1857        case NL4_NETADDR:
1858                naddr = &ns->u.nl4_addr;
1859
1860                if (xdr_stream_decode_u32(argp->xdr, &naddr->netid_len) < 0)
1861                        return nfserr_bad_xdr;
1862                if (naddr->netid_len > RPCBIND_MAXNETIDLEN)
1863                        return nfserr_bad_xdr;
1864
1865                p = xdr_inline_decode(argp->xdr, naddr->netid_len);
1866                if (!p)
1867                        return nfserr_bad_xdr;
1868                memcpy(naddr->netid, p, naddr->netid_len);
1869
1870                if (xdr_stream_decode_u32(argp->xdr, &naddr->addr_len) < 0)
1871                        return nfserr_bad_xdr;
1872                if (naddr->addr_len > RPCBIND_MAXUADDRLEN)
1873                        return nfserr_bad_xdr;
1874
1875                p = xdr_inline_decode(argp->xdr, naddr->addr_len);
1876                if (!p)
1877                        return nfserr_bad_xdr;
1878                memcpy(naddr->addr, p, naddr->addr_len);
1879                break;
1880        default:
1881                return nfserr_bad_xdr;
1882        }
1883
1884        return nfs_ok;
1885}
1886
1887static __be32
1888nfsd4_decode_copy(struct nfsd4_compoundargs *argp, struct nfsd4_copy *copy)
1889{
1890        struct nl4_server *ns_dummy;
1891        u32 consecutive, i, count;
1892        __be32 status;
1893
1894        status = nfsd4_decode_stateid4(argp, &copy->cp_src_stateid);
1895        if (status)
1896                return status;
1897        status = nfsd4_decode_stateid4(argp, &copy->cp_dst_stateid);
1898        if (status)
1899                return status;
1900        if (xdr_stream_decode_u64(argp->xdr, &copy->cp_src_pos) < 0)
1901                return nfserr_bad_xdr;
1902        if (xdr_stream_decode_u64(argp->xdr, &copy->cp_dst_pos) < 0)
1903                return nfserr_bad_xdr;
1904        if (xdr_stream_decode_u64(argp->xdr, &copy->cp_count) < 0)
1905                return nfserr_bad_xdr;
1906        /* ca_consecutive: we always do consecutive copies */
1907        if (xdr_stream_decode_u32(argp->xdr, &consecutive) < 0)
1908                return nfserr_bad_xdr;
1909        if (xdr_stream_decode_u32(argp->xdr, &copy->cp_synchronous) < 0)
1910                return nfserr_bad_xdr;
1911
1912        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1913                return nfserr_bad_xdr;
1914        copy->cp_intra = false;
1915        if (count == 0) { /* intra-server copy */
1916                copy->cp_intra = true;
1917                return nfs_ok;
1918        }
1919
1920        /* decode all the supplied server addresses but use only the first */
1921        status = nfsd4_decode_nl4_server(argp, &copy->cp_src);
1922        if (status)
1923                return status;
1924
1925        ns_dummy = kmalloc(sizeof(struct nl4_server), GFP_KERNEL);
1926        if (ns_dummy == NULL)
1927                return nfserrno(-ENOMEM);       /* XXX: jukebox? */
1928        for (i = 0; i < count - 1; i++) {
1929                status = nfsd4_decode_nl4_server(argp, ns_dummy);
1930                if (status) {
1931                        kfree(ns_dummy);
1932                        return status;
1933                }
1934        }
1935        kfree(ns_dummy);
1936
1937        return nfs_ok;
1938}
1939
1940static __be32
1941nfsd4_decode_copy_notify(struct nfsd4_compoundargs *argp,
1942                         struct nfsd4_copy_notify *cn)
1943{
1944        __be32 status;
1945
1946        status = nfsd4_decode_stateid4(argp, &cn->cpn_src_stateid);
1947        if (status)
1948                return status;
1949        return nfsd4_decode_nl4_server(argp, &cn->cpn_dst);
1950}
1951
1952static __be32
1953nfsd4_decode_offload_status(struct nfsd4_compoundargs *argp,
1954                            struct nfsd4_offload_status *os)
1955{
1956        return nfsd4_decode_stateid4(argp, &os->stateid);
1957}
1958
1959static __be32
1960nfsd4_decode_seek(struct nfsd4_compoundargs *argp, struct nfsd4_seek *seek)
1961{
1962        __be32 status;
1963
1964        status = nfsd4_decode_stateid4(argp, &seek->seek_stateid);
1965        if (status)
1966                return status;
1967        if (xdr_stream_decode_u64(argp->xdr, &seek->seek_offset) < 0)
1968                return nfserr_bad_xdr;
1969        if (xdr_stream_decode_u32(argp->xdr, &seek->seek_whence) < 0)
1970                return nfserr_bad_xdr;
1971
1972        return nfs_ok;
1973}
1974
1975static __be32
1976nfsd4_decode_clone(struct nfsd4_compoundargs *argp, struct nfsd4_clone *clone)
1977{
1978        __be32 status;
1979
1980        status = nfsd4_decode_stateid4(argp, &clone->cl_src_stateid);
1981        if (status)
1982                return status;
1983        status = nfsd4_decode_stateid4(argp, &clone->cl_dst_stateid);
1984        if (status)
1985                return status;
1986        if (xdr_stream_decode_u64(argp->xdr, &clone->cl_src_pos) < 0)
1987                return nfserr_bad_xdr;
1988        if (xdr_stream_decode_u64(argp->xdr, &clone->cl_dst_pos) < 0)
1989                return nfserr_bad_xdr;
1990        if (xdr_stream_decode_u64(argp->xdr, &clone->cl_count) < 0)
1991                return nfserr_bad_xdr;
1992
1993        return nfs_ok;
1994}
1995
1996/*
1997 * XDR data that is more than PAGE_SIZE in size is normally part of a
1998 * read or write. However, the size of extended attributes is limited
1999 * by the maximum request size, and then further limited by the underlying
2000 * filesystem limits. This can exceed PAGE_SIZE (currently, XATTR_SIZE_MAX

2001 * is 64k). Since there is no kvec- or page-based interface to xattrs,
2002 * and we're not dealing with contiguous pages, we need to do some copying.
2003 */
2004
2005/*
2006 * Decode data into buffer.
2007 */
2008static __be32
2009nfsd4_vbuf_from_vector(struct nfsd4_compoundargs *argp, struct xdr_buf *xdr,
2010                       char **bufp, u32 buflen)
2011{
2012        struct page **pages = xdr->pages;
2013        struct kvec *head = xdr->head;
2014        char *tmp, *dp;
2015        u32 len;
2016
2017        if (buflen <= head->iov_len) {
2018                /*
2019                 * We're in luck, the head has enough space. Just return
2020                 * the head, no need for copying.
2021                 */
2022                *bufp = head->iov_base;
2023                return 0;
2024        }
2025
2026        tmp = svcxdr_tmpalloc(argp, buflen);
2027        if (tmp == NULL)
2028                return nfserr_jukebox;
2029
2030        dp = tmp;
2031        memcpy(dp, head->iov_base, head->iov_len);
2032        buflen -= head->iov_len;
2033        dp += head->iov_len;
2034
2035        while (buflen > 0) {
2036                len = min_t(u32, buflen, PAGE_SIZE);
2037                memcpy(dp, page_address(*pages), len);
2038
2039                buflen -= len;
2040                dp += len;
2041                pages++;
2042        }
2043
2044        *bufp = tmp;
2045        return 0;
2046}
2047
2048/*
2049 * Get a user extended attribute name from the XDR buffer.
2050 * It will not have the "user." prefix, so prepend it.
2051 * Lastly, check for nul characters in the name.
2052 */
2053static __be32
2054nfsd4_decode_xattr_name(struct nfsd4_compoundargs *argp, char **namep)
2055{
2056        char *name, *sp, *dp;
2057        u32 namelen, cnt;
2058        __be32 *p;
2059
2060        if (xdr_stream_decode_u32(argp->xdr, &namelen) < 0)
2061                return nfserr_bad_xdr;
2062        if (namelen > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN))
2063                return nfserr_nametoolong;
2064        if (namelen == 0)
2065                return nfserr_bad_xdr;
2066        p = xdr_inline_decode(argp->xdr, namelen);
2067        if (!p)
2068                return nfserr_bad_xdr;
2069        name = svcxdr_tmpalloc(argp, namelen + XATTR_USER_PREFIX_LEN + 1);
2070        if (!name)
2071                return nfserr_jukebox;
2072        memcpy(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN);
2073
2074        /*
2075         * Copy the extended attribute name over while checking for 0
2076         * characters.
2077         */
2078        sp = (char *)p;
2079        dp = name + XATTR_USER_PREFIX_LEN;
2080        cnt = namelen;
2081
2082        while (cnt-- > 0) {
2083                if (*sp == '\0')
2084                        return nfserr_bad_xdr;
2085                *dp++ = *sp++;
2086        }
2087        *dp = '\0';
2088
2089        *namep = name;
2090
2091        return nfs_ok;
2092}
2093
2094/*
2095 * A GETXATTR op request comes without a length specifier. We just set the
2096 * maximum length for the reply based on XATTR_SIZE_MAX and the maximum
2097 * channel reply size. nfsd_getxattr will probe the length of the xattr,
2098 * check it against getxa_len, and allocate + return the value.
2099 */
2100static __be32
2101nfsd4_decode_getxattr(struct nfsd4_compoundargs *argp,
2102                      struct nfsd4_getxattr *getxattr)
2103{
2104        __be32 status;
2105        u32 maxcount;
2106
2107        status = nfsd4_decode_xattr_name(argp, &getxattr->getxa_name);
2108        if (status)
2109                return status;
2110
2111        maxcount = svc_max_payload(argp->rqstp);
2112        maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount);
2113
2114        getxattr->getxa_len = maxcount;
2115
2116        return status;
2117}
2118
2119static __be32
2120nfsd4_decode_setxattr(struct nfsd4_compoundargs *argp,
2121                      struct nfsd4_setxattr *setxattr)
2122{
2123        u32 flags, maxcount, size;
2124        __be32 status;
2125
2126        if (xdr_stream_decode_u32(argp->xdr, &flags) < 0)
2127                return nfserr_bad_xdr;
2128
2129        if (flags > SETXATTR4_REPLACE)
2130                return nfserr_inval;
2131        setxattr->setxa_flags = flags;
2132
2133        status = nfsd4_decode_xattr_name(argp, &setxattr->setxa_name);
2134        if (status)
2135                return status;
2136
2137        maxcount = svc_max_payload(argp->rqstp);
2138        maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount);
2139
2140        if (xdr_stream_decode_u32(argp->xdr, &size) < 0)
2141                return nfserr_bad_xdr;
2142        if (size > maxcount)
2143                return nfserr_xattr2big;
2144
2145        setxattr->setxa_len = size;
2146        if (size > 0) {
2147                struct xdr_buf payload;
2148
2149                if (!xdr_stream_subsegment(argp->xdr, &payload, size))
2150                        return nfserr_bad_xdr;
2151                status = nfsd4_vbuf_from_vector(argp, &payload,
2152                                                &setxattr->setxa_buf, size);
2153        }
2154
2155        return nfs_ok;
2156}
2157
2158static __be32
2159nfsd4_decode_listxattrs(struct nfsd4_compoundargs *argp,
2160                        struct nfsd4_listxattrs *listxattrs)
2161{
2162        u32 maxcount;
2163
2164        if (xdr_stream_decode_u64(argp->xdr, &listxattrs->lsxa_cookie) < 0)
2165                return nfserr_bad_xdr;
2166
2167        /*
2168         * If the cookie  is too large to have even one user.x attribute
2169         * plus trailing '\0' left in a maximum size buffer, it's invalid.
2170         */
2171        if (listxattrs->lsxa_cookie >=
2172            (XATTR_LIST_MAX / (XATTR_USER_PREFIX_LEN + 2)))
2173                return nfserr_badcookie;
2174
2175        if (xdr_stream_decode_u32(argp->xdr, &maxcount) < 0)
2176                return nfserr_bad_xdr;
2177        if (maxcount < 8)
2178                /* Always need at least 2 words (length and one character) */
2179                return nfserr_inval;
2180
2181        maxcount = min(maxcount, svc_max_payload(argp->rqstp));
2182        listxattrs->lsxa_maxcount = maxcount;
2183
2184        return nfs_ok;
2185}
2186
2187static __be32
2188nfsd4_decode_removexattr(struct nfsd4_compoundargs *argp,
2189                         struct nfsd4_removexattr *removexattr)
2190{
2191        return nfsd4_decode_xattr_name(argp, &removexattr->rmxa_name);
2192}
2193
2194static __be32
2195nfsd4_decode_noop(struct nfsd4_compoundargs *argp, void *p)
2196{
2197        return nfs_ok;
2198}
2199
2200static __be32
2201nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p)
2202{
2203        return nfserr_notsupp;
2204}
2205
2206typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *);
2207
2208static const nfsd4_dec nfsd4_dec_ops[] = {
2209        [OP_ACCESS]             = (nfsd4_dec)nfsd4_decode_access,
2210        [OP_CLOSE]              = (nfsd4_dec)nfsd4_decode_close,
2211        [OP_COMMIT]             = (nfsd4_dec)nfsd4_decode_commit,
2212        [OP_CREATE]             = (nfsd4_dec)nfsd4_decode_create,
2213        [OP_DELEGPURGE]         = (nfsd4_dec)nfsd4_decode_notsupp,
2214        [OP_DELEGRETURN]        = (nfsd4_dec)nfsd4_decode_delegreturn,
2215        [OP_GETATTR]            = (nfsd4_dec)nfsd4_decode_getattr,
2216        [OP_GETFH]              = (nfsd4_dec)nfsd4_decode_noop,
2217        [OP_LINK]               = (nfsd4_dec)nfsd4_decode_link,
2218        [OP_LOCK]               = (nfsd4_dec)nfsd4_decode_lock,
2219        [OP_LOCKT]              = (nfsd4_dec)nfsd4_decode_lockt,
2220        [OP_LOCKU]              = (nfsd4_dec)nfsd4_decode_locku,
2221        [OP_LOOKUP]             = (nfsd4_dec)nfsd4_decode_lookup,
2222        [OP_LOOKUPP]            = (nfsd4_dec)nfsd4_decode_noop,
2223        [OP_NVERIFY]            = (nfsd4_dec)nfsd4_decode_verify,
2224        [OP_OPEN]               = (nfsd4_dec)nfsd4_decode_open,
2225        [OP_OPENATTR]           = (nfsd4_dec)nfsd4_decode_notsupp,
2226        [OP_OPEN_CONFIRM]       = (nfsd4_dec)nfsd4_decode_open_confirm,
2227        [OP_OPEN_DOWNGRADE]     = (nfsd4_dec)nfsd4_decode_open_downgrade,
2228        [OP_PUTFH]              = (nfsd4_dec)nfsd4_decode_putfh,
2229        [OP_PUTPUBFH]           = (nfsd4_dec)nfsd4_decode_putpubfh,
2230        [OP_PUTROOTFH]          = (nfsd4_dec)nfsd4_decode_noop,
2231        [OP_READ]               = (nfsd4_dec)nfsd4_decode_read,
2232        [OP_READDIR]            = (nfsd4_dec)nfsd4_decode_readdir,
2233        [OP_READLINK]           = (nfsd4_dec)nfsd4_decode_noop,
2234        [OP_REMOVE]             = (nfsd4_dec)nfsd4_decode_remove,
2235        [OP_RENAME]             = (nfsd4_dec)nfsd4_decode_rename,
2236        [OP_RENEW]              = (nfsd4_dec)nfsd4_decode_renew,
2237        [OP_RESTOREFH]          = (nfsd4_dec)nfsd4_decode_noop,
2238        [OP_SAVEFH]             = (nfsd4_dec)nfsd4_decode_noop,
2239        [OP_SECINFO]            = (nfsd4_dec)nfsd4_decode_secinfo,
2240        [OP_SETATTR]            = (nfsd4_dec)nfsd4_decode_setattr,
2241        [OP_SETCLIENTID]        = (nfsd4_dec)nfsd4_decode_setclientid,
2242        [OP_SETCLIENTID_CONFIRM] = (nfsd4_dec)nfsd4_decode_setclientid_confirm,
2243        [OP_VERIFY]             = (nfsd4_dec)nfsd4_decode_verify,
2244        [OP_WRITE]              = (nfsd4_dec)nfsd4_decode_write,
2245        [OP_RELEASE_LOCKOWNER]  = (nfsd4_dec)nfsd4_decode_release_lockowner,
2246
2247        /* new operations for NFSv4.1 */
2248        [OP_BACKCHANNEL_CTL]    = (nfsd4_dec)nfsd4_decode_backchannel_ctl,
2249        [OP_BIND_CONN_TO_SESSION]= (nfsd4_dec)nfsd4_decode_bind_conn_to_session,
2250        [OP_EXCHANGE_ID]        = (nfsd4_dec)nfsd4_decode_exchange_id,
2251        [OP_CREATE_SESSION]     = (nfsd4_dec)nfsd4_decode_create_session,
2252        [OP_DESTROY_SESSION]    = (nfsd4_dec)nfsd4_decode_destroy_session,
2253        [OP_FREE_STATEID]       = (nfsd4_dec)nfsd4_decode_free_stateid,
2254        [OP_GET_DIR_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp,
2255#ifdef CONFIG_NFSD_PNFS
2256        [OP_GETDEVICEINFO]      = (nfsd4_dec)nfsd4_decode_getdeviceinfo,
2257        [OP_GETDEVICELIST]      = (nfsd4_dec)nfsd4_decode_notsupp,
2258        [OP_LAYOUTCOMMIT]       = (nfsd4_dec)nfsd4_decode_layoutcommit,
2259        [OP_LAYOUTGET]          = (nfsd4_dec)nfsd4_decode_layoutget,
2260        [OP_LAYOUTRETURN]       = (nfsd4_dec)nfsd4_decode_layoutreturn,
2261#else
2262        [OP_GETDEVICEINFO]      = (nfsd4_dec)nfsd4_decode_notsupp,
2263        [OP_GETDEVICELIST]      = (nfsd4_dec)nfsd4_decode_notsupp,
2264        [OP_LAYOUTCOMMIT]       = (nfsd4_dec)nfsd4_decode_notsupp,
2265        [OP_LAYOUTGET]          = (nfsd4_dec)nfsd4_decode_notsupp,
2266        [OP_LAYOUTRETURN]       = (nfsd4_dec)nfsd4_decode_notsupp,
2267#endif
2268        [OP_SECINFO_NO_NAME]    = (nfsd4_dec)nfsd4_decode_secinfo_no_name,
2269        [OP_SEQUENCE]           = (nfsd4_dec)nfsd4_decode_sequence,
2270        [OP_SET_SSV]            = (nfsd4_dec)nfsd4_decode_notsupp,
2271        [OP_TEST_STATEID]       = (nfsd4_dec)nfsd4_decode_test_stateid,
2272        [OP_WANT_DELEGATION]    = (nfsd4_dec)nfsd4_decode_notsupp,
2273        [OP_DESTROY_CLIENTID]   = (nfsd4_dec)nfsd4_decode_destroy_clientid,
2274        [OP_RECLAIM_COMPLETE]   = (nfsd4_dec)nfsd4_decode_reclaim_complete,
2275
2276        /* new operations for NFSv4.2 */
2277        [OP_ALLOCATE]           = (nfsd4_dec)nfsd4_decode_fallocate,
2278        [OP_COPY]               = (nfsd4_dec)nfsd4_decode_copy,
2279        [OP_COPY_NOTIFY]        = (nfsd4_dec)nfsd4_decode_copy_notify,
2280        [OP_DEALLOCATE]         = (nfsd4_dec)nfsd4_decode_fallocate,
2281        [OP_IO_ADVISE]          = (nfsd4_dec)nfsd4_decode_notsupp,
2282        [OP_LAYOUTERROR]        = (nfsd4_dec)nfsd4_decode_notsupp,
2283        [OP_LAYOUTSTATS]        = (nfsd4_dec)nfsd4_decode_notsupp,
2284        [OP_OFFLOAD_CANCEL]     = (nfsd4_dec)nfsd4_decode_offload_status,
2285        [OP_OFFLOAD_STATUS]     = (nfsd4_dec)nfsd4_decode_offload_status,
2286        [OP_READ_PLUS]          = (nfsd4_dec)nfsd4_decode_read,
2287        [OP_SEEK]               = (nfsd4_dec)nfsd4_decode_seek,
2288        [OP_WRITE_SAME]         = (nfsd4_dec)nfsd4_decode_notsupp,
2289        [OP_CLONE]              = (nfsd4_dec)nfsd4_decode_clone,
2290        /* RFC 8276 extended atributes operations */
2291        [OP_GETXATTR]           = (nfsd4_dec)nfsd4_decode_getxattr,
2292        [OP_SETXATTR]           = (nfsd4_dec)nfsd4_decode_setxattr,
2293        [OP_LISTXATTRS]         = (nfsd4_dec)nfsd4_decode_listxattrs,
2294        [OP_REMOVEXATTR]        = (nfsd4_dec)nfsd4_decode_removexattr,
2295};
2296
2297static inline bool
2298nfsd4_opnum_in_range(struct nfsd4_compoundargs *argp, struct nfsd4_op *op)
2299{
2300        if (op->opnum < FIRST_NFS4_OP)
2301                return false;
2302        else if (argp->minorversion == 0 && op->opnum > LAST_NFS40_OP)
2303                return false;
2304        else if (argp->minorversion == 1 && op->opnum > LAST_NFS41_OP)
2305                return false;
2306        else if (argp->minorversion == 2 && op->opnum > LAST_NFS42_OP)
2307                return false;
2308        return true;
2309}
2310
2311static bool
2312nfsd4_decode_compound(struct nfsd4_compoundargs *argp)
2313{
2314        struct nfsd4_op *op;
2315        bool cachethis = false;
2316        int auth_slack= argp->rqstp->rq_auth_slack;
2317        int max_reply = auth_slack + 8; /* opcnt, status */
2318        int readcount = 0;
2319        int readbytes = 0;
2320        __be32 *p;
2321        int i;
2322
2323        if (xdr_stream_decode_u32(argp->xdr, &argp->taglen) < 0)
2324                return false;
2325        max_reply += XDR_UNIT;
2326        argp->tag = NULL;
2327        if (unlikely(argp->taglen)) {
2328                if (argp->taglen > NFSD4_MAX_TAGLEN)
2329                        return false;
2330                p = xdr_inline_decode(argp->xdr, argp->taglen);
2331                if (!p)
2332                        return false;
2333                argp->tag = svcxdr_savemem(argp, p, argp->taglen);
2334                if (!argp->tag)
2335                        return false;
2336                max_reply += xdr_align_size(argp->taglen);
2337        }
2338
2339        if (xdr_stream_decode_u32(argp->xdr, &argp->minorversion) < 0)
2340                return false;
2341        if (xdr_stream_decode_u32(argp->xdr, &argp->opcnt) < 0)
2342                return false;
2343
2344        /*
2345         * NFS4ERR_RESOURCE is a more helpful error than GARBAGE_ARGS
2346         * here, so we return success at the xdr level so that
2347         * nfsd4_proc can handle this is an NFS-level error.
2348         */
2349        if (argp->opcnt > NFSD_MAX_OPS_PER_COMPOUND)
2350                return true;
2351
2352        if (argp->opcnt > ARRAY_SIZE(argp->iops)) {
2353                argp->ops = kzalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL);
2354                if (!argp->ops) {
2355                        argp->ops = argp->iops;
2356                        dprintk("nfsd: couldn't allocate room for COMPOUND\n");
2357                        return false;
2358                }
2359        }
2360
2361        if (argp->minorversion > NFSD_SUPPORTED_MINOR_VERSION)
2362                argp->opcnt = 0;
2363
2364        for (i = 0; i < argp->opcnt; i++) {
2365                op = &argp->ops[i];
2366                op->replay = NULL;
2367
2368                if (xdr_stream_decode_u32(argp->xdr, &op->opnum) < 0)
2369                        return false;
2370                if (nfsd4_opnum_in_range(argp, op)) {
2371                        op->status = nfsd4_dec_ops[op->opnum](argp, &op->u);
2372                        if (op->status != nfs_ok)
2373                                trace_nfsd_compound_decode_err(argp->rqstp,
2374                                                               argp->opcnt, i,
2375                                                               op->opnum,
2376                                                               op->status);
2377                } else {
2378                        op->opnum = OP_ILLEGAL;
2379                        op->status = nfserr_op_illegal;
2380                }
2381                op->opdesc = OPDESC(op);
2382                /*
2383                 * We'll try to cache the result in the DRC if any one
2384                 * op in the compound wants to be cached:
2385                 */
2386                cachethis |= nfsd4_cache_this_op(op);
2387
2388                if (op->opnum == OP_READ || op->opnum == OP_READ_PLUS) {
2389                        readcount++;
2390                        readbytes += nfsd4_max_reply(argp->rqstp, op);
2391                } else
2392                        max_reply += nfsd4_max_reply(argp->rqstp, op);
2393                /*
2394                 * OP_LOCK and OP_LOCKT may return a conflicting lock.
2395                 * (Special case because it will just skip encoding this
2396                 * if it runs out of xdr buffer space, and it is the only
2397                 * operation that behaves this way.)
2398                 */
2399                if (op->opnum == OP_LOCK || op->opnum == OP_LOCKT)
2400                        max_reply += NFS4_OPAQUE_LIMIT;
2401
2402                if (op->status) {
2403                        argp->opcnt = i+1;
2404                        break;
2405                }
2406        }
2407        /* Sessions make the DRC unnecessary: */
2408        if (argp->minorversion)
2409                cachethis = false;
2410        svc_reserve(argp->rqstp, max_reply + readbytes);
2411        argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE;
2412
2413        if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack)
2414                clear_bit(RQ_SPLICE_OK, &argp->rqstp->rq_flags);
2415
2416        return true;
2417}
2418
2419static __be32 *encode_change(__be32 *p, struct kstat *stat, struct inode *inode,
2420                             struct svc_export *exp)
2421{
2422        if (exp->ex_flags & NFSEXP_V4ROOT) {
2423                *p++ = cpu_to_be32(convert_to_wallclock(exp->cd->flush_time));
2424                *p++ = 0;
2425        } else
2426                p = xdr_encode_hyper(p, nfsd4_change_attribute(stat, inode));
2427        return p;
2428}
2429
2430/*
2431 * ctime (in NFSv4, time_metadata) is not writeable, and the client
2432 * doesn't really care what resolution could theoretically be stored by
2433 * the filesystem.
2434 *
2435 * The client cares how close together changes can be while still
2436 * guaranteeing ctime changes.  For most filesystems (which have
2437 * timestamps with nanosecond fields) that is limited by the resolution
2438 * of the time returned from current_time() (which I'm assuming to be
2439 * 1/HZ).
2440 */
2441static __be32 *encode_time_delta(__be32 *p, struct inode *inode)
2442{
2443        struct timespec64 ts;
2444        u32 ns;
2445
2446        ns = max_t(u32, NSEC_PER_SEC/HZ, inode->i_sb->s_time_gran);
2447        ts = ns_to_timespec64(ns);
2448
2449        p = xdr_encode_hyper(p, ts.tv_sec);
2450        *p++ = cpu_to_be32(ts.tv_nsec);
2451
2452        return p;
2453}
2454
2455static __be32 *encode_cinfo(__be32 *p, struct nfsd4_change_info *c)
2456{
2457        *p++ = cpu_to_be32(c->atomic);
2458        p = xdr_encode_hyper(p, c->before_change);
2459        p = xdr_encode_hyper(p, c->after_change);
2460        return p;
2461}
2462
2463/* Encode as an array of strings the string given with components
2464 * separated @sep, escaped with esc_enter and esc_exit.
2465 */
2466static __be32 nfsd4_encode_components_esc(struct xdr_stream *xdr, char sep,
2467                                          char *components, char esc_enter,
2468                                          char esc_exit)
2469{
2470        __be32 *p;
2471        __be32 pathlen;
2472        int pathlen_offset;
2473        int strlen, count=0;
2474        char *str, *end, *next;
2475
2476        dprintk("nfsd4_encode_components(%s)\n", components);
2477
2478        pathlen_offset = xdr->buf->len;
2479        p = xdr_reserve_space(xdr, 4);
2480        if (!p)
2481                return nfserr_resource;
2482        p++; /* We will fill this in with @count later */
2483
2484        end = str = components;
2485        while (*end) {
2486                bool found_esc = false;
2487
2488                /* try to parse as esc_start, ..., esc_end, sep */
2489                if (*str == esc_enter) {
2490                        for (; *end && (*end != esc_exit); end++)
2491                                /* find esc_exit or end of string */;
2492                        next = end + 1;
2493                        if (*end && (!*next || *next == sep)) {
2494                                str++;
2495                                found_esc = true;
2496                        }
2497                }
2498
2499                if (!found_esc)
2500                        for (; *end && (*end != sep); end++)
2501                                /* find sep or end of string */;
2502
2503                strlen = end - str;
2504                if (strlen) {
2505                        p = xdr_reserve_space(xdr, strlen + 4);
2506                        if (!p)
2507                                return nfserr_resource;
2508                        p = xdr_encode_opaque(p, str, strlen);
2509                        count++;
2510                }
2511                else
2512                        end++;
2513                if (found_esc)
2514                        end = next;
2515
2516                str = end;
2517        }
2518        pathlen = htonl(count);
2519        write_bytes_to_xdr_buf(xdr->buf, pathlen_offset, &pathlen, 4);
2520        return 0;
2521}
2522
2523/* Encode as an array of strings the string given with components
2524 * separated @sep.
2525 */
2526static __be32 nfsd4_encode_components(struct xdr_stream *xdr, char sep,
2527                                      char *components)
2528{
2529        return nfsd4_encode_components_esc(xdr, sep, components, 0, 0);
2530}
2531
2532/*
2533 * encode a location element of a fs_locations structure
2534 */
2535static __be32 nfsd4_encode_fs_location4(struct xdr_stream *xdr,
2536                                        struct nfsd4_fs_location *location)
2537{
2538        __be32 status;
2539
2540        status = nfsd4_encode_components_esc(xdr, ':', location->hosts,
2541                                                '[', ']');
2542        if (status)
2543                return status;
2544        status = nfsd4_encode_components(xdr, '/', location->path);
2545        if (status)
2546                return status;
2547        return 0;
2548}
2549
2550/*
2551 * Encode a path in RFC3530 'pathname4' format
2552 */
2553static __be32 nfsd4_encode_path(struct xdr_stream *xdr,
2554                                const struct path *root,
2555                                const struct path *path)
2556{
2557        struct path cur = *path;
2558        __be32 *p;
2559        struct dentry **components = NULL;
2560        unsigned int ncomponents = 0;
2561        __be32 err = nfserr_jukebox;
2562
2563        dprintk("nfsd4_encode_components(");
2564
2565        path_get(&cur);
2566        /* First walk the path up to the nfsd root, and store the
2567         * dentries/path components in an array.
2568         */
2569        for (;;) {
2570                if (path_equal(&cur, root))
2571                        break;
2572                if (cur.dentry == cur.mnt->mnt_root) {
2573                        if (follow_up(&cur))
2574                                continue;
2575                        goto out_free;
2576                }
2577                if ((ncomponents & 15) == 0) {
2578                        struct dentry **new;
2579                        new = krealloc(components,
2580                                        sizeof(*new) * (ncomponents + 16),
2581                                        GFP_KERNEL);
2582                        if (!new)
2583                                goto out_free;
2584                        components = new;
2585                }
2586                components[ncomponents++] = cur.dentry;
2587                cur.dentry = dget_parent(cur.dentry);
2588        }
2589        err = nfserr_resource;
2590        p = xdr_reserve_space(xdr, 4);
2591        if (!p)
2592                goto out_free;
2593        *p++ = cpu_to_be32(ncomponents);
2594
2595        while (ncomponents) {
2596                struct dentry *dentry = components[ncomponents - 1];
2597                unsigned int len;
2598
2599                spin_lock(&dentry->d_lock);
2600                len = dentry->d_name.len;
2601                p = xdr_reserve_space(xdr, len + 4);
2602                if (!p) {
2603                        spin_unlock(&dentry->d_lock);
2604                        goto out_free;
2605                }
2606                p = xdr_encode_opaque(p, dentry->d_name.name, len);
2607                dprintk("/%pd", dentry);
2608                spin_unlock(&dentry->d_lock);
2609                dput(dentry);
2610                ncomponents--;
2611        }
2612
2613        err = 0;
2614out_free:
2615        dprintk(")\n");
2616        while (ncomponents)
2617                dput(components[--ncomponents]);
2618        kfree(components);
2619        path_put(&cur);
2620        return err;
2621}
2622
2623static __be32 nfsd4_encode_fsloc_fsroot(struct xdr_stream *xdr,
2624                        struct svc_rqst *rqstp, const struct path *path)
2625{
2626        struct svc_export *exp_ps;
2627        __be32 res;
2628
2629        exp_ps = rqst_find_fsidzero_export(rqstp);
2630        if (IS_ERR(exp_ps))
2631                return nfserrno(PTR_ERR(exp_ps));
2632        res = nfsd4_encode_path(xdr, &exp_ps->ex_path, path);
2633        exp_put(exp_ps);
2634        return res;
2635}
2636
2637/*
2638 *  encode a fs_locations structure
2639 */
2640static __be32 nfsd4_encode_fs_locations(struct xdr_stream *xdr,
2641                        struct svc_rqst *rqstp, struct svc_export *exp)
2642{
2643        __be32 status;
2644        int i;
2645        __be32 *p;
2646        struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs;
2647
2648        status = nfsd4_encode_fsloc_fsroot(xdr, rqstp, &exp->ex_path);
2649        if (status)
2650                return status;
2651        p = xdr_reserve_space(xdr, 4);
2652        if (!p)
2653                return nfserr_resource;
2654        *p++ = cpu_to_be32(fslocs->locations_count);
2655        for (i=0; i<fslocs->locations_count; i++) {
2656                status = nfsd4_encode_fs_location4(xdr, &fslocs->locations[i]);
2657                if (status)
2658                        return status;
2659        }
2660        return 0;
2661}
2662
2663static u32 nfs4_file_type(umode_t mode)
2664{
2665        switch (mode & S_IFMT) {
2666        case S_IFIFO:   return NF4FIFO;
2667        case S_IFCHR:   return NF4CHR;
2668        case S_IFDIR:   return NF4DIR;
2669        case S_IFBLK:   return NF4BLK;
2670        case S_IFLNK:   return NF4LNK;
2671        case S_IFREG:   return NF4REG;
2672        case S_IFSOCK:  return NF4SOCK;
2673        default:        return NF4BAD;
2674        }
2675}
2676
2677static inline __be32
2678nfsd4_encode_aclname(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2679                     struct nfs4_ace *ace)
2680{
2681        if (ace->whotype != NFS4_ACL_WHO_NAMED)
2682                return nfs4_acl_write_who(xdr, ace->whotype);
2683        else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
2684                return nfsd4_encode_group(xdr, rqstp, ace->who_gid);
2685        else
2686                return nfsd4_encode_user(xdr, rqstp, ace->who_uid);
2687}
2688
2689static inline __be32
2690nfsd4_encode_layout_types(struct xdr_stream *xdr, u32 layout_types)
2691{
2692        __be32          *p;
2693        unsigned long   i = hweight_long(layout_types);
2694
2695        p = xdr_reserve_space(xdr, 4 + 4 * i);
2696        if (!p)
2697                return nfserr_resource;
2698
2699        *p++ = cpu_to_be32(i);
2700
2701        for (i = LAYOUT_NFSV4_1_FILES; i < LAYOUT_TYPE_MAX; ++i)
2702                if (layout_types & (1 << i))
2703                        *p++ = cpu_to_be32(i);
2704
2705        return 0;
2706}
2707
2708#define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \
2709                              FATTR4_WORD0_RDATTR_ERROR)
2710#define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID
2711#define WORD2_ABSENT_FS_ATTRS 0
2712
2713#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2714static inline __be32
2715nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2716                            void *context, int len)
2717{
2718        __be32 *p;
2719
2720        p = xdr_reserve_space(xdr, len + 4 + 4 + 4);
2721        if (!p)
2722                return nfserr_resource;
2723
2724        /*
2725         * For now we use a 0 here to indicate the null translation; in
2726         * the future we may place a call to translation code here.
2727         */
2728        *p++ = cpu_to_be32(0); /* lfs */
2729        *p++ = cpu_to_be32(0); /* pi */
2730        p = xdr_encode_opaque(p, context, len);
2731        return 0;
2732}
2733#else
2734static inline __be32
2735nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2736                            void *context, int len)
2737{ return 0; }
2738#endif
2739
2740static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *bmval2, u32 *rdattr_err)
2741{
2742        /* As per referral draft:  */
2743        if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS ||
2744            *bmval1 & ~WORD1_ABSENT_FS_ATTRS) {
2745                if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR ||
2746                    *bmval0 & FATTR4_WORD0_FS_LOCATIONS)
2747                        *rdattr_err = NFSERR_MOVED;
2748                else
2749                        return nfserr_moved;
2750        }
2751        *bmval0 &= WORD0_ABSENT_FS_ATTRS;
2752        *bmval1 &= WORD1_ABSENT_FS_ATTRS;
2753        *bmval2 &= WORD2_ABSENT_FS_ATTRS;
2754        return 0;
2755}
2756
2757
2758static int get_parent_attributes(struct svc_export *exp, struct kstat *stat)
2759{
2760        struct path path = exp->ex_path;
2761        int err;
2762
2763        path_get(&path);
2764        while (follow_up(&path)) {
2765                if (path.dentry != path.mnt->mnt_root)
2766                        break;
2767        }
2768        err = vfs_getattr(&path, stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
2769        path_put(&path);
2770        return err;
2771}
2772
2773static __be32
2774nfsd4_encode_bitmap(struct xdr_stream *xdr, u32 bmval0, u32 bmval1, u32 bmval2)
2775{
2776        __be32 *p;
2777
2778        if (bmval2) {
2779                p = xdr_reserve_space(xdr, 16);
2780                if (!p)
2781                        goto out_resource;
2782                *p++ = cpu_to_be32(3);
2783                *p++ = cpu_to_be32(bmval0);
2784                *p++ = cpu_to_be32(bmval1);
2785                *p++ = cpu_to_be32(bmval2);
2786        } else if (bmval1) {
2787                p = xdr_reserve_space(xdr, 12);
2788                if (!p)
2789                        goto out_resource;
2790                *p++ = cpu_to_be32(2);
2791                *p++ = cpu_to_be32(bmval0);
2792                *p++ = cpu_to_be32(bmval1);
2793        } else {
2794                p = xdr_reserve_space(xdr, 8);
2795                if (!p)
2796                        goto out_resource;
2797                *p++ = cpu_to_be32(1);
2798                *p++ = cpu_to_be32(bmval0);
2799        }
2800
2801        return 0;
2802out_resource:
2803        return nfserr_resource;
2804}
2805
2806/*
2807 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle
2808 * ourselves.
2809 */
2810static __be32
2811nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp,
2812                struct svc_export *exp,
2813                struct dentry *dentry, u32 *bmval,
2814                struct svc_rqst *rqstp, int ignore_crossmnt)
2815{
2816        u32 bmval0 = bmval[0];
2817        u32 bmval1 = bmval[1];
2818        u32 bmval2 = bmval[2];
2819        struct kstat stat;
2820        struct svc_fh *tempfh = NULL;
2821        struct kstatfs statfs;
2822        __be32 *p;
2823        int starting_len = xdr->buf->len;
2824        int attrlen_offset;
2825        __be32 attrlen;
2826        u32 dummy;
2827        u64 dummy64;
2828        u32 rdattr_err = 0;
2829        __be32 status;
2830        int err;
2831        struct nfs4_acl *acl = NULL;
2832#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2833        void *context = NULL;
2834        int contextlen;
2835#endif
2836        bool contextsupport = false;
2837        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2838        u32 minorversion = resp->cstate.minorversion;
2839        struct path path = {
2840                .mnt    = exp->ex_path.mnt,
2841                .dentry = dentry,
2842        };
2843        struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2844
2845        BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1);
2846        BUG_ON(!nfsd_attrs_supported(minorversion, bmval));
2847
2848        if (exp->ex_fslocs.migrated) {
2849                status = fattr_handle_absent_fs(&bmval0, &bmval1, &bmval2, &rdattr_err);
2850                if (status)
2851                        goto out;
2852        }
2853
2854        err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
2855        if (err)
2856                goto out_nfserr;
2857        if ((bmval0 & (FATTR4_WORD0_FILES_AVAIL | FATTR4_WORD0_FILES_FREE |
2858                        FATTR4_WORD0_FILES_TOTAL | FATTR4_WORD0_MAXNAME)) ||
2859            (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE |
2860                       FATTR4_WORD1_SPACE_TOTAL))) {
2861                err = vfs_statfs(&path, &statfs);
2862                if (err)
2863                        goto out_nfserr;
2864        }
2865        if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) {
2866                tempfh = kmalloc(sizeof(struct svc_fh), GFP_KERNEL);
2867                status = nfserr_jukebox;
2868                if (!tempfh)
2869                        goto out;
2870                fh_init(tempfh, NFS4_FHSIZE);
2871                status = fh_compose(tempfh, exp, dentry, NULL);
2872                if (status)
2873                        goto out;
2874                fhp = tempfh;
2875        }
2876        if (bmval0 & FATTR4_WORD0_ACL) {
2877                err = nfsd4_get_nfs4_acl(rqstp, dentry, &acl);
2878                if (err == -EOPNOTSUPP)
2879                        bmval0 &= ~FATTR4_WORD0_ACL;
2880                else if (err == -EINVAL) {
2881                        status = nfserr_attrnotsupp;
2882                        goto out;
2883                } else if (err != 0)
2884                        goto out_nfserr;
2885        }
2886
2887#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2888        if ((bmval2 & FATTR4_WORD2_SECURITY_LABEL) ||
2889             bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) {
2890                if (exp->ex_flags & NFSEXP_SECURITY_LABEL)
2891                        err = security_inode_getsecctx(d_inode(dentry),
2892                                                &context, &contextlen);
2893                else
2894                        err = -EOPNOTSUPP;
2895                contextsupport = (err == 0);
2896                if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) {
2897                        if (err == -EOPNOTSUPP)
2898                                bmval2 &= ~FATTR4_WORD2_SECURITY_LABEL;
2899                        else if (err)
2900                                goto out_nfserr;
2901                }
2902        }
2903#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
2904
2905        status = nfsd4_encode_bitmap(xdr, bmval0, bmval1, bmval2);
2906        if (status)
2907                goto out;
2908
2909        attrlen_offset = xdr->buf->len;
2910        p = xdr_reserve_space(xdr, 4);
2911        if (!p)
2912                goto out_resource;
2913        p++;                /* to be backfilled later */
2914
2915        if (bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) {
2916                u32 supp[3];
2917
2918                memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
2919
2920                if (!IS_POSIXACL(dentry->d_inode))
2921                        supp[0] &= ~FATTR4_WORD0_ACL;
2922                if (!contextsupport)
2923                        supp[2] &= ~FATTR4_WORD2_SECURITY_LABEL;
2924                if (!supp[2]) {
2925                        p = xdr_reserve_space(xdr, 12);
2926                        if (!p)
2927                                goto out_resource;
2928                        *p++ = cpu_to_be32(2);
2929                        *p++ = cpu_to_be32(supp[0]);
2930                        *p++ = cpu_to_be32(supp[1]);
2931                } else {
2932                        p = xdr_reserve_space(xdr, 16);
2933                        if (!p)
2934                                goto out_resource;
2935                        *p++ = cpu_to_be32(3);
2936                        *p++ = cpu_to_be32(supp[0]);
2937                        *p++ = cpu_to_be32(supp[1]);
2938                        *p++ = cpu_to_be32(supp[2]);
2939                }
2940        }
2941        if (bmval0 & FATTR4_WORD0_TYPE) {
2942                p = xdr_reserve_space(xdr, 4);
2943                if (!p)
2944                        goto out_resource;
2945                dummy = nfs4_file_type(stat.mode);
2946                if (dummy == NF4BAD) {
2947                        status = nfserr_serverfault;
2948                        goto out;
2949                }
2950                *p++ = cpu_to_be32(dummy);
2951        }
2952        if (bmval0 & FATTR4_WORD0_FH_EXPIRE_TYPE) {
2953                p = xdr_reserve_space(xdr, 4);
2954                if (!p)
2955                        goto out_resource;
2956                if (exp->ex_flags & NFSEXP_NOSUBTREECHECK)
2957                        *p++ = cpu_to_be32(NFS4_FH_PERSISTENT);
2958                else
2959                        *p++ = cpu_to_be32(NFS4_FH_PERSISTENT|
2960                                                NFS4_FH_VOL_RENAME);
2961        }
2962        if (bmval0 & FATTR4_WORD0_CHANGE) {
2963                p = xdr_reserve_space(xdr, 8);
2964                if (!p)
2965                        goto out_resource;
2966                p = encode_change(p, &stat, d_inode(dentry), exp);
2967        }
2968        if (bmval0 & FATTR4_WORD0_SIZE) {
2969                p = xdr_reserve_space(xdr, 8);
2970                if (!p)
2971                        goto out_resource;
2972                p = xdr_encode_hyper(p, stat.size);
2973        }
2974        if (bmval0 & FATTR4_WORD0_LINK_SUPPORT) {
2975                p = xdr_reserve_space(xdr, 4);
2976                if (!p)
2977                        goto out_resource;
2978                *p++ = cpu_to_be32(1);
2979        }
2980        if (bmval0 & FATTR4_WORD0_SYMLINK_SUPPORT) {
2981                p = xdr_reserve_space(xdr, 4);
2982                if (!p)
2983                        goto out_resource;
2984                *p++ = cpu_to_be32(1);
2985        }
2986        if (bmval0 & FATTR4_WORD0_NAMED_ATTR) {
2987                p = xdr_reserve_space(xdr, 4);
2988                if (!p)
2989                        goto out_resource;
2990                *p++ = cpu_to_be32(0);
2991        }
2992        if (bmval0 & FATTR4_WORD0_FSID) {
2993                p = xdr_reserve_space(xdr, 16);
2994                if (!p)
2995                        goto out_resource;
2996                if (exp->ex_fslocs.migrated) {
2997                        p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MAJOR);
2998                        p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MINOR);
2999                } else switch(fsid_source(fhp)) {
3000                case FSIDSOURCE_FSID:

3001                        p = xdr_encode_hyper(p, (u64)exp->ex_fsid);
3002                        p = xdr_encode_hyper(p, (u64)0);
3003                        break;
3004                case FSIDSOURCE_DEV:
3005                        *p++ = cpu_to_be32(0);
3006                        *p++ = cpu_to_be32(MAJOR(stat.dev));
3007                        *p++ = cpu_to_be32(0);
3008                        *p++ = cpu_to_be32(MINOR(stat.dev));
3009                        break;
3010                case FSIDSOURCE_UUID:
3011                        p = xdr_encode_opaque_fixed(p, exp->ex_uuid,
3012                                                                EX_UUID_LEN);
3013                        break;
3014                }
3015        }
3016        if (bmval0 & FATTR4_WORD0_UNIQUE_HANDLES) {
3017                p = xdr_reserve_space(xdr, 4);
3018                if (!p)
3019                        goto out_resource;
3020                *p++ = cpu_to_be32(0);
3021        }
3022        if (bmval0 & FATTR4_WORD0_LEASE_TIME) {
3023                p = xdr_reserve_space(xdr, 4);
3024                if (!p)
3025                        goto out_resource;
3026                *p++ = cpu_to_be32(nn->nfsd4_lease);
3027        }
3028        if (bmval0 & FATTR4_WORD0_RDATTR_ERROR) {
3029                p = xdr_reserve_space(xdr, 4);
3030                if (!p)
3031                        goto out_resource;
3032                *p++ = cpu_to_be32(rdattr_err);
3033        }
3034        if (bmval0 & FATTR4_WORD0_ACL) {
3035                struct nfs4_ace *ace;
3036
3037                if (acl == NULL) {
3038                        p = xdr_reserve_space(xdr, 4);
3039                        if (!p)
3040                                goto out_resource;
3041
3042                        *p++ = cpu_to_be32(0);
3043                        goto out_acl;
3044                }
3045                p = xdr_reserve_space(xdr, 4);
3046                if (!p)
3047                        goto out_resource;
3048                *p++ = cpu_to_be32(acl->naces);
3049
3050                for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) {
3051                        p = xdr_reserve_space(xdr, 4*3);
3052                        if (!p)
3053                                goto out_resource;
3054                        *p++ = cpu_to_be32(ace->type);
3055                        *p++ = cpu_to_be32(ace->flag);
3056                        *p++ = cpu_to_be32(ace->access_mask &
3057                                                        NFS4_ACE_MASK_ALL);
3058                        status = nfsd4_encode_aclname(xdr, rqstp, ace);
3059                        if (status)
3060                                goto out;
3061                }
3062        }
3063out_acl:
3064        if (bmval0 & FATTR4_WORD0_ACLSUPPORT) {
3065                p = xdr_reserve_space(xdr, 4);
3066                if (!p)
3067                        goto out_resource;
3068                *p++ = cpu_to_be32(IS_POSIXACL(dentry->d_inode) ?
3069                        ACL4_SUPPORT_ALLOW_ACL|ACL4_SUPPORT_DENY_ACL : 0);
3070        }
3071        if (bmval0 & FATTR4_WORD0_CANSETTIME) {
3072                p = xdr_reserve_space(xdr, 4);
3073                if (!p)
3074                        goto out_resource;
3075                *p++ = cpu_to_be32(1);
3076        }
3077        if (bmval0 & FATTR4_WORD0_CASE_INSENSITIVE) {
3078                p = xdr_reserve_space(xdr, 4);
3079                if (!p)
3080                        goto out_resource;
3081                *p++ = cpu_to_be32(0);
3082        }
3083        if (bmval0 & FATTR4_WORD0_CASE_PRESERVING) {
3084                p = xdr_reserve_space(xdr, 4);
3085                if (!p)
3086                        goto out_resource;
3087                *p++ = cpu_to_be32(1);
3088        }
3089        if (bmval0 & FATTR4_WORD0_CHOWN_RESTRICTED) {
3090                p = xdr_reserve_space(xdr, 4);
3091                if (!p)
3092                        goto out_resource;
3093                *p++ = cpu_to_be32(1);
3094        }
3095        if (bmval0 & FATTR4_WORD0_FILEHANDLE) {
3096                p = xdr_reserve_space(xdr, fhp->fh_handle.fh_size + 4);
3097                if (!p)
3098                        goto out_resource;
3099                p = xdr_encode_opaque(p, &fhp->fh_handle.fh_raw,
3100                                        fhp->fh_handle.fh_size);
3101        }
3102        if (bmval0 & FATTR4_WORD0_FILEID) {
3103                p = xdr_reserve_space(xdr, 8);
3104                if (!p)
3105                        goto out_resource;
3106                p = xdr_encode_hyper(p, stat.ino);
3107        }
3108        if (bmval0 & FATTR4_WORD0_FILES_AVAIL) {
3109                p = xdr_reserve_space(xdr, 8);
3110                if (!p)
3111                        goto out_resource;
3112                p = xdr_encode_hyper(p, (u64) statfs.f_ffree);
3113        }
3114        if (bmval0 & FATTR4_WORD0_FILES_FREE) {
3115                p = xdr_reserve_space(xdr, 8);
3116                if (!p)
3117                        goto out_resource;
3118                p = xdr_encode_hyper(p, (u64) statfs.f_ffree);
3119        }
3120        if (bmval0 & FATTR4_WORD0_FILES_TOTAL) {
3121                p = xdr_reserve_space(xdr, 8);
3122                if (!p)
3123                        goto out_resource;
3124                p = xdr_encode_hyper(p, (u64) statfs.f_files);
3125        }
3126        if (bmval0 & FATTR4_WORD0_FS_LOCATIONS) {
3127                status = nfsd4_encode_fs_locations(xdr, rqstp, exp);
3128                if (status)
3129                        goto out;
3130        }
3131        if (bmval0 & FATTR4_WORD0_HOMOGENEOUS) {
3132                p = xdr_reserve_space(xdr, 4);
3133                if (!p)
3134                        goto out_resource;
3135                *p++ = cpu_to_be32(1);
3136        }
3137        if (bmval0 & FATTR4_WORD0_MAXFILESIZE) {
3138                p = xdr_reserve_space(xdr, 8);
3139                if (!p)
3140                        goto out_resource;
3141                p = xdr_encode_hyper(p, exp->ex_path.mnt->mnt_sb->s_maxbytes);
3142        }
3143        if (bmval0 & FATTR4_WORD0_MAXLINK) {
3144                p = xdr_reserve_space(xdr, 4);
3145                if (!p)
3146                        goto out_resource;
3147                *p++ = cpu_to_be32(255);
3148        }
3149        if (bmval0 & FATTR4_WORD0_MAXNAME) {
3150                p = xdr_reserve_space(xdr, 4);
3151                if (!p)
3152                        goto out_resource;
3153                *p++ = cpu_to_be32(statfs.f_namelen);
3154        }
3155        if (bmval0 & FATTR4_WORD0_MAXREAD) {
3156                p = xdr_reserve_space(xdr, 8);
3157                if (!p)
3158                        goto out_resource;
3159                p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp));
3160        }
3161        if (bmval0 & FATTR4_WORD0_MAXWRITE) {
3162                p = xdr_reserve_space(xdr, 8);
3163                if (!p)
3164                        goto out_resource;
3165                p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp));
3166        }
3167        if (bmval1 & FATTR4_WORD1_MODE) {
3168                p = xdr_reserve_space(xdr, 4);
3169                if (!p)
3170                        goto out_resource;
3171                *p++ = cpu_to_be32(stat.mode & S_IALLUGO);
3172        }
3173        if (bmval1 & FATTR4_WORD1_NO_TRUNC) {
3174                p = xdr_reserve_space(xdr, 4);
3175                if (!p)
3176                        goto out_resource;
3177                *p++ = cpu_to_be32(1);
3178        }
3179        if (bmval1 & FATTR4_WORD1_NUMLINKS) {
3180                p = xdr_reserve_space(xdr, 4);
3181                if (!p)
3182                        goto out_resource;
3183                *p++ = cpu_to_be32(stat.nlink);
3184        }
3185        if (bmval1 & FATTR4_WORD1_OWNER) {
3186                status = nfsd4_encode_user(xdr, rqstp, stat.uid);
3187                if (status)
3188                        goto out;
3189        }
3190        if (bmval1 & FATTR4_WORD1_OWNER_GROUP) {
3191                status = nfsd4_encode_group(xdr, rqstp, stat.gid);
3192                if (status)
3193                        goto out;
3194        }
3195        if (bmval1 & FATTR4_WORD1_RAWDEV) {
3196                p = xdr_reserve_space(xdr, 8);
3197                if (!p)
3198                        goto out_resource;
3199                *p++ = cpu_to_be32((u32) MAJOR(stat.rdev));
3200                *p++ = cpu_to_be32((u32) MINOR(stat.rdev));
3201        }
3202        if (bmval1 & FATTR4_WORD1_SPACE_AVAIL) {
3203                p = xdr_reserve_space(xdr, 8);
3204                if (!p)
3205                        goto out_resource;
3206                dummy64 = (u64)statfs.f_bavail * (u64)statfs.f_bsize;
3207                p = xdr_encode_hyper(p, dummy64);
3208        }
3209        if (bmval1 & FATTR4_WORD1_SPACE_FREE) {
3210                p = xdr_reserve_space(xdr, 8);
3211                if (!p)
3212                        goto out_resource;
3213                dummy64 = (u64)statfs.f_bfree * (u64)statfs.f_bsize;
3214                p = xdr_encode_hyper(p, dummy64);
3215        }
3216        if (bmval1 & FATTR4_WORD1_SPACE_TOTAL) {
3217                p = xdr_reserve_space(xdr, 8);
3218                if (!p)
3219                        goto out_resource;
3220                dummy64 = (u64)statfs.f_blocks * (u64)statfs.f_bsize;
3221                p = xdr_encode_hyper(p, dummy64);
3222        }
3223        if (bmval1 & FATTR4_WORD1_SPACE_USED) {
3224                p = xdr_reserve_space(xdr, 8);
3225                if (!p)
3226                        goto out_resource;
3227                dummy64 = (u64)stat.blocks << 9;
3228                p = xdr_encode_hyper(p, dummy64);
3229        }
3230        if (bmval1 & FATTR4_WORD1_TIME_ACCESS) {
3231                p = xdr_reserve_space(xdr, 12);
3232                if (!p)
3233                        goto out_resource;
3234                p = xdr_encode_hyper(p, (s64)stat.atime.tv_sec);
3235                *p++ = cpu_to_be32(stat.atime.tv_nsec);
3236        }
3237        if (bmval1 & FATTR4_WORD1_TIME_DELTA) {
3238                p = xdr_reserve_space(xdr, 12);
3239                if (!p)
3240                        goto out_resource;
3241                p = encode_time_delta(p, d_inode(dentry));
3242        }
3243        if (bmval1 & FATTR4_WORD1_TIME_METADATA) {
3244                p = xdr_reserve_space(xdr, 12);
3245                if (!p)
3246                        goto out_resource;
3247                p = xdr_encode_hyper(p, (s64)stat.ctime.tv_sec);
3248                *p++ = cpu_to_be32(stat.ctime.tv_nsec);
3249        }
3250        if (bmval1 & FATTR4_WORD1_TIME_MODIFY) {
3251                p = xdr_reserve_space(xdr, 12);
3252                if (!p)
3253                        goto out_resource;
3254                p = xdr_encode_hyper(p, (s64)stat.mtime.tv_sec);
3255                *p++ = cpu_to_be32(stat.mtime.tv_nsec);
3256        }
3257        if (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) {
3258                struct kstat parent_stat;
3259                u64 ino = stat.ino;
3260
3261                p = xdr_reserve_space(xdr, 8);
3262                if (!p)
3263                        goto out_resource;
3264                /*
3265                 * Get parent's attributes if not ignoring crossmount
3266                 * and this is the root of a cross-mounted filesystem.
3267                 */
3268                if (ignore_crossmnt == 0 &&
3269                    dentry == exp->ex_path.mnt->mnt_root) {
3270                        err = get_parent_attributes(exp, &parent_stat);
3271                        if (err)
3272                                goto out_nfserr;
3273                        ino = parent_stat.ino;
3274                }
3275                p = xdr_encode_hyper(p, ino);
3276        }
3277#ifdef CONFIG_NFSD_PNFS
3278        if (bmval1 & FATTR4_WORD1_FS_LAYOUT_TYPES) {
3279                status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types);
3280                if (status)
3281                        goto out;
3282        }
3283
3284        if (bmval2 & FATTR4_WORD2_LAYOUT_TYPES) {
3285                status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types);
3286                if (status)
3287                        goto out;
3288        }
3289
3290        if (bmval2 & FATTR4_WORD2_LAYOUT_BLKSIZE) {
3291                p = xdr_reserve_space(xdr, 4);
3292                if (!p)
3293                        goto out_resource;
3294                *p++ = cpu_to_be32(stat.blksize);
3295        }
3296#endif /* CONFIG_NFSD_PNFS */
3297        if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) {
3298                u32 supp[3];
3299
3300                memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
3301                supp[0] &= NFSD_SUPPATTR_EXCLCREAT_WORD0;
3302                supp[1] &= NFSD_SUPPATTR_EXCLCREAT_WORD1;
3303                supp[2] &= NFSD_SUPPATTR_EXCLCREAT_WORD2;
3304
3305                status = nfsd4_encode_bitmap(xdr, supp[0], supp[1], supp[2]);
3306                if (status)
3307                        goto out;
3308        }
3309
3310#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3311        if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) {
3312                status = nfsd4_encode_security_label(xdr, rqstp, context,
3313                                                                contextlen);
3314                if (status)
3315                        goto out;
3316        }
3317#endif
3318
3319        if (bmval2 & FATTR4_WORD2_XATTR_SUPPORT) {
3320                p = xdr_reserve_space(xdr, 4);
3321                if (!p)
3322                        goto out_resource;
3323                err = xattr_supported_namespace(d_inode(dentry),
3324                                                XATTR_USER_PREFIX);
3325                *p++ = cpu_to_be32(err == 0);
3326        }
3327
3328        attrlen = htonl(xdr->buf->len - attrlen_offset - 4);
3329        write_bytes_to_xdr_buf(xdr->buf, attrlen_offset, &attrlen, 4);
3330        status = nfs_ok;
3331
3332out:
3333#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3334        if (context)
3335                security_release_secctx(context, contextlen);
3336#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
3337        kfree(acl);
3338        if (tempfh) {
3339                fh_put(tempfh);
3340                kfree(tempfh);
3341        }
3342        if (status)
3343                xdr_truncate_encode(xdr, starting_len);
3344        return status;
3345out_nfserr:
3346        status = nfserrno(err);
3347        goto out;
3348out_resource:
3349        status = nfserr_resource;
3350        goto out;
3351}
3352
3353static void svcxdr_init_encode_from_buffer(struct xdr_stream *xdr,
3354                                struct xdr_buf *buf, __be32 *p, int bytes)
3355{
3356        xdr->scratch.iov_len = 0;
3357        memset(buf, 0, sizeof(struct xdr_buf));
3358        buf->head[0].iov_base = p;
3359        buf->head[0].iov_len = 0;
3360        buf->len = 0;
3361        xdr->buf = buf;
3362        xdr->iov = buf->head;
3363        xdr->p = p;
3364        xdr->end = (void *)p + bytes;
3365        buf->buflen = bytes;
3366}
3367
3368__be32 nfsd4_encode_fattr_to_buf(__be32 **p, int words,
3369                        struct svc_fh *fhp, struct svc_export *exp,
3370                        struct dentry *dentry, u32 *bmval,
3371                        struct svc_rqst *rqstp, int ignore_crossmnt)
3372{
3373        struct xdr_buf dummy;
3374        struct xdr_stream xdr;
3375        __be32 ret;
3376
3377        svcxdr_init_encode_from_buffer(&xdr, &dummy, *p, words << 2);
3378        ret = nfsd4_encode_fattr(&xdr, fhp, exp, dentry, bmval, rqstp,
3379                                                        ignore_crossmnt);
3380        *p = xdr.p;
3381        return ret;
3382}
3383
3384static inline int attributes_need_mount(u32 *bmval)
3385{
3386        if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME))
3387                return 1;
3388        if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID)
3389                return 1;
3390        return 0;
3391}
3392
3393static __be32
3394nfsd4_encode_dirent_fattr(struct xdr_stream *xdr, struct nfsd4_readdir *cd,
3395                        const char *name, int namlen)
3396{
3397        struct svc_export *exp = cd->rd_fhp->fh_export;
3398        struct dentry *dentry;
3399        __be32 nfserr;
3400        int ignore_crossmnt = 0;
3401
3402        dentry = lookup_positive_unlocked(name, cd->rd_fhp->fh_dentry, namlen);
3403        if (IS_ERR(dentry))
3404                return nfserrno(PTR_ERR(dentry));
3405
3406        exp_get(exp);
3407        /*
3408         * In the case of a mountpoint, the client may be asking for
3409         * attributes that are only properties of the underlying filesystem
3410         * as opposed to the cross-mounted file system. In such a case,
3411         * we will not follow the cross mount and will fill the attribtutes
3412         * directly from the mountpoint dentry.
3413         */
3414        if (nfsd_mountpoint(dentry, exp)) {
3415                int err;
3416
3417                if (!(exp->ex_flags & NFSEXP_V4ROOT)
3418                                && !attributes_need_mount(cd->rd_bmval)) {
3419                        ignore_crossmnt = 1;
3420                        goto out_encode;
3421                }
3422                /*
3423                 * Why the heck aren't we just using nfsd_lookup??
3424                 * Different "."/".." handling?  Something else?
3425                 * At least, add a comment here to explain....
3426                 */
3427                err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp);
3428                if (err) {
3429                        nfserr = nfserrno(err);
3430                        goto out_put;
3431                }
3432                nfserr = check_nfsd_access(exp, cd->rd_rqstp);
3433                if (nfserr)
3434                        goto out_put;
3435
3436        }
3437out_encode:
3438        nfserr = nfsd4_encode_fattr(xdr, NULL, exp, dentry, cd->rd_bmval,
3439                                        cd->rd_rqstp, ignore_crossmnt);
3440out_put:
3441        dput(dentry);
3442        exp_put(exp);
3443        return nfserr;
3444}
3445
3446static __be32 *
3447nfsd4_encode_rdattr_error(struct xdr_stream *xdr, __be32 nfserr)
3448{
3449        __be32 *p;
3450
3451        p = xdr_reserve_space(xdr, 20);
3452        if (!p)
3453                return NULL;
3454        *p++ = htonl(2);
3455        *p++ = htonl(FATTR4_WORD0_RDATTR_ERROR); /* bmval0 */
3456        *p++ = htonl(0);                         /* bmval1 */
3457
3458        *p++ = htonl(4);     /* attribute length */
3459        *p++ = nfserr;       /* no htonl */
3460        return p;
3461}
3462
3463static int
3464nfsd4_encode_dirent(void *ccdv, const char *name, int namlen,
3465                    loff_t offset, u64 ino, unsigned int d_type)
3466{
3467        struct readdir_cd *ccd = ccdv;
3468        struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common);
3469        struct xdr_stream *xdr = cd->xdr;
3470        int start_offset = xdr->buf->len;
3471        int cookie_offset;
3472        u32 name_and_cookie;
3473        int entry_bytes;
3474        __be32 nfserr = nfserr_toosmall;
3475        __be64 wire_offset;
3476        __be32 *p;
3477
3478        /* In nfsv4, "." and ".." never make it onto the wire.. */
3479        if (name && isdotent(name, namlen)) {
3480                cd->common.err = nfs_ok;
3481                return 0;
3482        }
3483
3484        if (cd->cookie_offset) {
3485                wire_offset = cpu_to_be64(offset);
3486                write_bytes_to_xdr_buf(xdr->buf, cd->cookie_offset,
3487                                                        &wire_offset, 8);
3488        }
3489
3490        p = xdr_reserve_space(xdr, 4);
3491        if (!p)
3492                goto fail;
3493        *p++ = xdr_one;                             /* mark entry present */
3494        cookie_offset = xdr->buf->len;
3495        p = xdr_reserve_space(xdr, 3*4 + namlen);
3496        if (!p)
3497                goto fail;
3498        p = xdr_encode_hyper(p, OFFSET_MAX);        /* offset of next entry */
3499        p = xdr_encode_array(p, name, namlen);      /* name length & name */
3500
3501        nfserr = nfsd4_encode_dirent_fattr(xdr, cd, name, namlen);
3502        switch (nfserr) {
3503        case nfs_ok:
3504                break;
3505        case nfserr_resource:
3506                nfserr = nfserr_toosmall;
3507                goto fail;
3508        case nfserr_noent:
3509                xdr_truncate_encode(xdr, start_offset);
3510                goto skip_entry;
3511        default:
3512                /*
3513                 * If the client requested the RDATTR_ERROR attribute,
3514                 * we stuff the error code into this attribute
3515                 * and continue.  If this attribute was not requested,
3516                 * then in accordance with the spec, we fail the
3517                 * entire READDIR operation(!)
3518                 */
3519                if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR))
3520                        goto fail;
3521                p = nfsd4_encode_rdattr_error(xdr, nfserr);
3522                if (p == NULL) {
3523                        nfserr = nfserr_toosmall;
3524                        goto fail;
3525                }
3526        }
3527        nfserr = nfserr_toosmall;
3528        entry_bytes = xdr->buf->len - start_offset;
3529        if (entry_bytes > cd->rd_maxcount)
3530                goto fail;
3531        cd->rd_maxcount -= entry_bytes;
3532        /*
3533         * RFC 3530 14.2.24 describes rd_dircount as only a "hint", and
3534         * notes that it could be zero. If it is zero, then the server
3535         * should enforce only the rd_maxcount value.
3536         */
3537        if (cd->rd_dircount) {
3538                name_and_cookie = 4 + 4 * XDR_QUADLEN(namlen) + 8;
3539                if (name_and_cookie > cd->rd_dircount && cd->cookie_offset)
3540                        goto fail;
3541                cd->rd_dircount -= min(cd->rd_dircount, name_and_cookie);
3542                if (!cd->rd_dircount)
3543                        cd->rd_maxcount = 0;
3544        }
3545
3546        cd->cookie_offset = cookie_offset;
3547skip_entry:
3548        cd->common.err = nfs_ok;
3549        return 0;
3550fail:
3551        xdr_truncate_encode(xdr, start_offset);
3552        cd->common.err = nfserr;
3553        return -EINVAL;
3554}
3555
3556static __be32
3557nfsd4_encode_stateid(struct xdr_stream *xdr, stateid_t *sid)
3558{
3559        __be32 *p;
3560
3561        p = xdr_reserve_space(xdr, sizeof(stateid_t));
3562        if (!p)
3563                return nfserr_resource;
3564        *p++ = cpu_to_be32(sid->si_generation);
3565        p = xdr_encode_opaque_fixed(p, &sid->si_opaque,
3566                                        sizeof(stateid_opaque_t));
3567        return 0;
3568}
3569
3570static __be32
3571nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_access *access)
3572{
3573        struct xdr_stream *xdr = resp->xdr;
3574        __be32 *p;
3575
3576        p = xdr_reserve_space(xdr, 8);
3577        if (!p)
3578                return nfserr_resource;
3579        *p++ = cpu_to_be32(access->ac_supported);
3580        *p++ = cpu_to_be32(access->ac_resp_access);
3581        return 0;
3582}
3583
3584static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_bind_conn_to_session *bcts)
3585{
3586        struct xdr_stream *xdr = resp->xdr;
3587        __be32 *p;
3588
3589        p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 8);
3590        if (!p)
3591                return nfserr_resource;
3592        p = xdr_encode_opaque_fixed(p, bcts->sessionid.data,
3593                                        NFS4_MAX_SESSIONID_LEN);
3594        *p++ = cpu_to_be32(bcts->dir);
3595        /* Upshifting from TCP to RDMA is not supported */
3596        *p++ = cpu_to_be32(0);
3597        return 0;
3598}
3599
3600static __be32
3601nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_close *close)
3602{
3603        struct xdr_stream *xdr = resp->xdr;
3604
3605        return nfsd4_encode_stateid(xdr, &close->cl_stateid);
3606}
3607
3608
3609static __be32
3610nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_commit *commit)
3611{
3612        struct xdr_stream *xdr = resp->xdr;
3613        __be32 *p;
3614
3615        p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
3616        if (!p)
3617                return nfserr_resource;
3618        p = xdr_encode_opaque_fixed(p, commit->co_verf.data,
3619                                                NFS4_VERIFIER_SIZE);
3620        return 0;
3621}
3622
3623static __be32
3624nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_create *create)
3625{
3626        struct xdr_stream *xdr = resp->xdr;
3627        __be32 *p;
3628
3629        p = xdr_reserve_space(xdr, 20);
3630        if (!p)
3631                return nfserr_resource;
3632        encode_cinfo(p, &create->cr_cinfo);
3633        return nfsd4_encode_bitmap(xdr, create->cr_bmval[0],
3634                        create->cr_bmval[1], create->cr_bmval[2]);
3635}
3636
3637static __be32
3638nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_getattr *getattr)
3639{
3640        struct svc_fh *fhp = getattr->ga_fhp;
3641        struct xdr_stream *xdr = resp->xdr;
3642
3643        return nfsd4_encode_fattr(xdr, fhp, fhp->fh_export, fhp->fh_dentry,
3644                                    getattr->ga_bmval, resp->rqstp, 0);
3645}
3646
3647static __be32
3648nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr, struct svc_fh **fhpp)
3649{
3650        struct xdr_stream *xdr = resp->xdr;
3651        struct svc_fh *fhp = *fhpp;
3652        unsigned int len;
3653        __be32 *p;
3654
3655        len = fhp->fh_handle.fh_size;
3656        p = xdr_reserve_space(xdr, len + 4);
3657        if (!p)
3658                return nfserr_resource;
3659        p = xdr_encode_opaque(p, &fhp->fh_handle.fh_raw, len);
3660        return 0;
3661}
3662
3663/*
3664* Including all fields other than the name, a LOCK4denied structure requires
3665*   8(clientid) + 4(namelen) + 8(offset) + 8(length) + 4(type) = 32 bytes.
3666*/
3667static __be32
3668nfsd4_encode_lock_denied(struct xdr_stream *xdr, struct nfsd4_lock_denied *ld)
3669{
3670        struct xdr_netobj *conf = &ld->ld_owner;
3671        __be32 *p;
3672
3673again:
3674        p = xdr_reserve_space(xdr, 32 + XDR_LEN(conf->len));
3675        if (!p) {
3676                /*
3677                 * Don't fail to return the result just because we can't
3678                 * return the conflicting open:
3679                 */
3680                if (conf->len) {
3681                        kfree(conf->data);
3682                        conf->len = 0;
3683                        conf->data = NULL;
3684                        goto again;
3685                }
3686                return nfserr_resource;
3687        }
3688        p = xdr_encode_hyper(p, ld->ld_start);
3689        p = xdr_encode_hyper(p, ld->ld_length);
3690        *p++ = cpu_to_be32(ld->ld_type);
3691        if (conf->len) {
3692                p = xdr_encode_opaque_fixed(p, &ld->ld_clientid, 8);
3693                p = xdr_encode_opaque(p, conf->data, conf->len);
3694                kfree(conf->data);
3695        }  else {  /* non - nfsv4 lock in conflict, no clientid nor owner */
3696                p = xdr_encode_hyper(p, (u64)0); /* clientid */
3697                *p++ = cpu_to_be32(0); /* length of owner name */
3698        }
3699        return nfserr_denied;
3700}
3701
3702static __be32
3703nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lock *lock)
3704{
3705        struct xdr_stream *xdr = resp->xdr;
3706
3707        if (!nfserr)
3708                nfserr = nfsd4_encode_stateid(xdr, &lock->lk_resp_stateid);
3709        else if (nfserr == nfserr_denied)
3710                nfserr = nfsd4_encode_lock_denied(xdr, &lock->lk_denied);
3711
3712        return nfserr;
3713}
3714
3715static __be32
3716nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lockt *lockt)
3717{
3718        struct xdr_stream *xdr = resp->xdr;
3719
3720        if (nfserr == nfserr_denied)
3721                nfsd4_encode_lock_denied(xdr, &lockt->lt_denied);
3722        return nfserr;
3723}
3724
3725static __be32
3726nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_locku *locku)
3727{
3728        struct xdr_stream *xdr = resp->xdr;
3729
3730        return nfsd4_encode_stateid(xdr, &locku->lu_stateid);
3731}
3732
3733
3734static __be32
3735nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_link *link)
3736{
3737        struct xdr_stream *xdr = resp->xdr;
3738        __be32 *p;
3739
3740        p = xdr_reserve_space(xdr, 20);
3741        if (!p)
3742                return nfserr_resource;
3743        p = encode_cinfo(p, &link->li_cinfo);
3744        return 0;
3745}
3746
3747
3748static __be32
3749nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open *open)
3750{
3751        struct xdr_stream *xdr = resp->xdr;
3752        __be32 *p;
3753
3754        nfserr = nfsd4_encode_stateid(xdr, &open->op_stateid);
3755        if (nfserr)
3756                return nfserr;
3757        p = xdr_reserve_space(xdr, 24);
3758        if (!p)
3759                return nfserr_resource;
3760        p = encode_cinfo(p, &open->op_cinfo);
3761        *p++ = cpu_to_be32(open->op_rflags);
3762
3763        nfserr = nfsd4_encode_bitmap(xdr, open->op_bmval[0], open->op_bmval[1],
3764                                        open->op_bmval[2]);
3765        if (nfserr)
3766                return nfserr;
3767
3768        p = xdr_reserve_space(xdr, 4);
3769        if (!p)
3770                return nfserr_resource;
3771
3772        *p++ = cpu_to_be32(open->op_delegate_type);
3773        switch (open->op_delegate_type) {
3774        case NFS4_OPEN_DELEGATE_NONE:
3775                break;
3776        case NFS4_OPEN_DELEGATE_READ:
3777                nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid);
3778                if (nfserr)
3779                        return nfserr;
3780                p = xdr_reserve_space(xdr, 20);
3781                if (!p)
3782                        return nfserr_resource;
3783                *p++ = cpu_to_be32(open->op_recall);
3784
3785                /*
3786                 * TODO: ACE's in delegations
3787                 */
3788                *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
3789                *p++ = cpu_to_be32(0);
3790                *p++ = cpu_to_be32(0);
3791                *p++ = cpu_to_be32(0);   /* XXX: is NULL principal ok? */
3792                break;
3793        case NFS4_OPEN_DELEGATE_WRITE:
3794                nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid);
3795                if (nfserr)
3796                        return nfserr;
3797                p = xdr_reserve_space(xdr, 32);
3798                if (!p)
3799                        return nfserr_resource;
3800                *p++ = cpu_to_be32(0);
3801
3802                /*
3803                 * TODO: space_limit's in delegations
3804                 */
3805                *p++ = cpu_to_be32(NFS4_LIMIT_SIZE);
3806                *p++ = cpu_to_be32(~(u32)0);
3807                *p++ = cpu_to_be32(~(u32)0);
3808
3809                /*
3810                 * TODO: ACE's in delegations
3811                 */
3812                *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
3813                *p++ = cpu_to_be32(0);
3814                *p++ = cpu_to_be32(0);
3815                *p++ = cpu_to_be32(0);   /* XXX: is NULL principal ok? */
3816                break;
3817        case NFS4_OPEN_DELEGATE_NONE_EXT: /* 4.1 */
3818                switch (open->op_why_no_deleg) {
3819                case WND4_CONTENTION:
3820                case WND4_RESOURCE:
3821                        p = xdr_reserve_space(xdr, 8);
3822                        if (!p)
3823                                return nfserr_resource;
3824                        *p++ = cpu_to_be32(open->op_why_no_deleg);
3825                        /* deleg signaling not supported yet: */
3826                        *p++ = cpu_to_be32(0);
3827                        break;
3828                default:
3829                        p = xdr_reserve_space(xdr, 4);
3830                        if (!p)
3831                                return nfserr_resource;
3832                        *p++ = cpu_to_be32(open->op_why_no_deleg);
3833                }
3834                break;
3835        default:
3836                BUG();
3837        }
3838        /* XXX save filehandle here */
3839        return 0;
3840}
3841
3842static __be32
3843nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_confirm *oc)
3844{
3845        struct xdr_stream *xdr = resp->xdr;
3846
3847        return nfsd4_encode_stateid(xdr, &oc->oc_resp_stateid);
3848}
3849
3850static __be32
3851nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_downgrade *od)
3852{
3853        struct xdr_stream *xdr = resp->xdr;
3854
3855        return nfsd4_encode_stateid(xdr, &od->od_stateid);
3856}
3857
3858static __be32 nfsd4_encode_splice_read(
3859                                struct nfsd4_compoundres *resp,
3860                                struct nfsd4_read *read,
3861                                struct file *file, unsigned long maxcount)
3862{
3863        struct xdr_stream *xdr = resp->xdr;
3864        struct xdr_buf *buf = xdr->buf;
3865        int status, space_left;
3866        u32 eof;
3867        __be32 nfserr;
3868        __be32 *p = xdr->p - 2;
3869
3870        /* Make sure there will be room for padding if needed */
3871        if (xdr->end - xdr->p < 1)
3872                return nfserr_resource;
3873
3874        nfserr = nfsd_splice_read(read->rd_rqstp, read->rd_fhp,
3875                                  file, read->rd_offset, &maxcount, &eof);
3876        read->rd_length = maxcount;
3877        if (nfserr)
3878                goto out_err;
3879        status = svc_encode_result_payload(read->rd_rqstp,
3880                                           buf->head[0].iov_len, maxcount);
3881        if (status) {
3882                nfserr = nfserrno(status);
3883                goto out_err;
3884        }
3885
3886        *(p++) = htonl(eof);
3887        *(p++) = htonl(maxcount);
3888
3889        buf->page_len = maxcount;
3890        buf->len += maxcount;
3891        xdr->page_ptr += (buf->page_base + maxcount + PAGE_SIZE - 1)
3892                                                        / PAGE_SIZE;
3893
3894        /* Use rest of head for padding and remaining ops: */
3895        buf->tail[0].iov_base = xdr->p;
3896        buf->tail[0].iov_len = 0;
3897        xdr->iov = buf->tail;
3898        if (maxcount&3) {
3899                int pad = 4 - (maxcount&3);
3900
3901                *(xdr->p++) = 0;
3902
3903                buf->tail[0].iov_base += maxcount&3;
3904                buf->tail[0].iov_len = pad;
3905                buf->len += pad;
3906        }
3907
3908        space_left = min_t(int, (void *)xdr->end - (void *)xdr->p,
3909                                buf->buflen - buf->len);
3910        buf->buflen = buf->len + space_left;
3911        xdr->end = (__be32 *)((void *)xdr->end + space_left);
3912
3913        return 0;
3914
3915out_err:
3916        /*
3917         * nfsd_splice_actor may have already messed with the
3918         * page length; reset it so as not to confuse
3919         * xdr_truncate_encode in our caller.
3920         */
3921        buf->page_len = 0;
3922        return nfserr;
3923}
3924
3925static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp,
3926                                 struct nfsd4_read *read,
3927                                 struct file *file, unsigned long maxcount)
3928{
3929        struct xdr_stream *xdr = resp->xdr;
3930        u32 eof;
3931        int starting_len = xdr->buf->len - 8;
3932        __be32 nfserr;
3933        __be32 tmp;
3934        int pad;
3935
3936        read->rd_vlen = xdr_reserve_space_vec(xdr, resp->rqstp->rq_vec, maxcount);
3937        if (read->rd_vlen < 0)
3938                return nfserr_resource;
3939
3940        nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset,
3941                            resp->rqstp->rq_vec, read->rd_vlen, &maxcount,
3942                            &eof);
3943        read->rd_length = maxcount;
3944        if (nfserr)
3945                return nfserr;
3946        if (svc_encode_result_payload(resp->rqstp, starting_len + 8, maxcount))
3947                return nfserr_io;
3948        xdr_truncate_encode(xdr, starting_len + 8 + xdr_align_size(maxcount));
3949
3950        tmp = htonl(eof);
3951        write_bytes_to_xdr_buf(xdr->buf, starting_len    , &tmp, 4);
3952        tmp = htonl(maxcount);
3953        write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4);
3954
3955        tmp = xdr_zero;
3956        pad = (maxcount&3) ? 4 - (maxcount&3) : 0;
3957        write_bytes_to_xdr_buf(xdr->buf, starting_len + 8 + maxcount,
3958                                                                &tmp, pad);
3959        return 0;
3960
3961}
3962
3963static __be32
3964nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr,
3965                  struct nfsd4_read *read)
3966{
3967        unsigned long maxcount;
3968        struct xdr_stream *xdr = resp->xdr;
3969        struct file *file;
3970        int starting_len = xdr->buf->len;
3971        __be32 *p;
3972
3973        if (nfserr)
3974                return nfserr;
3975        file = read->rd_nf->nf_file;
3976
3977        p = xdr_reserve_space(xdr, 8); /* eof flag and byte count */
3978        if (!p) {
3979                WARN_ON_ONCE(test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags));
3980                return nfserr_resource;
3981        }
3982        if (resp->xdr->buf->page_len &&
3983            test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags)) {
3984                WARN_ON_ONCE(1);
3985                return nfserr_resource;
3986        }
3987        xdr_commit_encode(xdr);
3988
3989        maxcount = min_t(unsigned long, read->rd_length,
3990                         (xdr->buf->buflen - xdr->buf->len));
3991
3992        if (file->f_op->splice_read &&
3993            test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags))
3994                nfserr = nfsd4_encode_splice_read(resp, read, file, maxcount);
3995        else
3996                nfserr = nfsd4_encode_readv(resp, read, file, maxcount);
3997
3998        if (nfserr)
3999                xdr_truncate_encode(xdr, starting_len);
4000

4001        return nfserr;
4002}
4003
4004static __be32
4005nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readlink *readlink)
4006{
4007        int maxcount;
4008        __be32 wire_count;
4009        int zero = 0;
4010        struct xdr_stream *xdr = resp->xdr;
4011        int length_offset = xdr->buf->len;
4012        int status;
4013        __be32 *p;
4014
4015        p = xdr_reserve_space(xdr, 4);
4016        if (!p)
4017                return nfserr_resource;
4018        maxcount = PAGE_SIZE;
4019
4020        p = xdr_reserve_space(xdr, maxcount);
4021        if (!p)
4022                return nfserr_resource;
4023        /*
4024         * XXX: By default, vfs_readlink() will truncate symlinks if they
4025         * would overflow the buffer.  Is this kosher in NFSv4?  If not, one
4026         * easy fix is: if vfs_readlink() precisely fills the buffer, assume
4027         * that truncation occurred, and return NFS4ERR_RESOURCE.
4028         */
4029        nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp,
4030                                                (char *)p, &maxcount);
4031        if (nfserr == nfserr_isdir)
4032                nfserr = nfserr_inval;
4033        if (nfserr)
4034                goto out_err;
4035        status = svc_encode_result_payload(readlink->rl_rqstp, length_offset,
4036                                           maxcount);
4037        if (status) {
4038                nfserr = nfserrno(status);
4039                goto out_err;
4040        }
4041
4042        wire_count = htonl(maxcount);
4043        write_bytes_to_xdr_buf(xdr->buf, length_offset, &wire_count, 4);
4044        xdr_truncate_encode(xdr, length_offset + 4 + ALIGN(maxcount, 4));
4045        if (maxcount & 3)
4046                write_bytes_to_xdr_buf(xdr->buf, length_offset + 4 + maxcount,
4047                                                &zero, 4 - (maxcount&3));
4048        return 0;
4049
4050out_err:
4051        xdr_truncate_encode(xdr, length_offset);
4052        return nfserr;
4053}
4054
4055static __be32
4056nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readdir *readdir)
4057{
4058        int maxcount;
4059        int bytes_left;
4060        loff_t offset;
4061        __be64 wire_offset;
4062        struct xdr_stream *xdr = resp->xdr;
4063        int starting_len = xdr->buf->len;
4064        __be32 *p;
4065
4066        p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
4067        if (!p)
4068                return nfserr_resource;
4069
4070        /* XXX: Following NFSv3, we ignore the READDIR verifier for now. */
4071        *p++ = cpu_to_be32(0);
4072        *p++ = cpu_to_be32(0);
4073        xdr->buf->head[0].iov_len = (char *)xdr->p -
4074                                    (char *)xdr->buf->head[0].iov_base;
4075
4076        /*
4077         * Number of bytes left for directory entries allowing for the
4078         * final 8 bytes of the readdir and a following failed op:
4079         */
4080        bytes_left = xdr->buf->buflen - xdr->buf->len
4081                        - COMPOUND_ERR_SLACK_SPACE - 8;
4082        if (bytes_left < 0) {
4083                nfserr = nfserr_resource;
4084                goto err_no_verf;
4085        }
4086        maxcount = svc_max_payload(resp->rqstp);
4087        maxcount = min_t(u32, readdir->rd_maxcount, maxcount);
4088        /*
4089         * Note the rfc defines rd_maxcount as the size of the
4090         * READDIR4resok structure, which includes the verifier above
4091         * and the 8 bytes encoded at the end of this function:
4092         */
4093        if (maxcount < 16) {
4094                nfserr = nfserr_toosmall;
4095                goto err_no_verf;
4096        }
4097        maxcount = min_t(int, maxcount-16, bytes_left);
4098
4099        /* RFC 3530 14.2.24 allows us to ignore dircount when it's 0: */
4100        if (!readdir->rd_dircount)
4101                readdir->rd_dircount = svc_max_payload(resp->rqstp);
4102
4103        readdir->xdr = xdr;
4104        readdir->rd_maxcount = maxcount;
4105        readdir->common.err = 0;
4106        readdir->cookie_offset = 0;
4107
4108        offset = readdir->rd_cookie;
4109        nfserr = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp,
4110                              &offset,
4111                              &readdir->common, nfsd4_encode_dirent);
4112        if (nfserr == nfs_ok &&
4113            readdir->common.err == nfserr_toosmall &&
4114            xdr->buf->len == starting_len + 8) {
4115                /* nothing encoded; which limit did we hit?: */
4116                if (maxcount - 16 < bytes_left)
4117                        /* It was the fault of rd_maxcount: */
4118                        nfserr = nfserr_toosmall;
4119                else
4120                        /* We ran out of buffer space: */
4121                        nfserr = nfserr_resource;
4122        }
4123        if (nfserr)
4124                goto err_no_verf;
4125
4126        if (readdir->cookie_offset) {
4127                wire_offset = cpu_to_be64(offset);
4128                write_bytes_to_xdr_buf(xdr->buf, readdir->cookie_offset,
4129                                                        &wire_offset, 8);
4130        }
4131
4132        p = xdr_reserve_space(xdr, 8);
4133        if (!p) {
4134                WARN_ON_ONCE(1);
4135                goto err_no_verf;
4136        }
4137        *p++ = 0;       /* no more entries */
4138        *p++ = htonl(readdir->common.err == nfserr_eof);
4139
4140        return 0;
4141err_no_verf:
4142        xdr_truncate_encode(xdr, starting_len);
4143        return nfserr;
4144}
4145
4146static __be32
4147nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_remove *remove)
4148{
4149        struct xdr_stream *xdr = resp->xdr;
4150        __be32 *p;
4151
4152        p = xdr_reserve_space(xdr, 20);
4153        if (!p)
4154                return nfserr_resource;
4155        p = encode_cinfo(p, &remove->rm_cinfo);
4156        return 0;
4157}
4158
4159static __be32
4160nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_rename *rename)
4161{
4162        struct xdr_stream *xdr = resp->xdr;
4163        __be32 *p;
4164
4165        p = xdr_reserve_space(xdr, 40);
4166        if (!p)
4167                return nfserr_resource;
4168        p = encode_cinfo(p, &rename->rn_sinfo);
4169        p = encode_cinfo(p, &rename->rn_tinfo);
4170        return 0;
4171}
4172
4173static __be32
4174nfsd4_do_encode_secinfo(struct xdr_stream *xdr, struct svc_export *exp)
4175{
4176        u32 i, nflavs, supported;
4177        struct exp_flavor_info *flavs;
4178        struct exp_flavor_info def_flavs[2];
4179        __be32 *p, *flavorsp;
4180        static bool report = true;
4181
4182        if (exp->ex_nflavors) {
4183                flavs = exp->ex_flavors;
4184                nflavs = exp->ex_nflavors;
4185        } else { /* Handling of some defaults in absence of real secinfo: */
4186                flavs = def_flavs;
4187                if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) {
4188                        nflavs = 2;
4189                        flavs[0].pseudoflavor = RPC_AUTH_UNIX;
4190                        flavs[1].pseudoflavor = RPC_AUTH_NULL;
4191                } else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) {
4192                        nflavs = 1;
4193                        flavs[0].pseudoflavor
4194                                        = svcauth_gss_flavor(exp->ex_client);
4195                } else {
4196                        nflavs = 1;
4197                        flavs[0].pseudoflavor
4198                                        = exp->ex_client->flavour->flavour;
4199                }
4200        }
4201
4202        supported = 0;
4203        p = xdr_reserve_space(xdr, 4);
4204        if (!p)
4205                return nfserr_resource;
4206        flavorsp = p++;         /* to be backfilled later */
4207
4208        for (i = 0; i < nflavs; i++) {
4209                rpc_authflavor_t pf = flavs[i].pseudoflavor;
4210                struct rpcsec_gss_info info;
4211
4212                if (rpcauth_get_gssinfo(pf, &info) == 0) {
4213                        supported++;
4214                        p = xdr_reserve_space(xdr, 4 + 4 +
4215                                              XDR_LEN(info.oid.len) + 4 + 4);
4216                        if (!p)
4217                                return nfserr_resource;
4218                        *p++ = cpu_to_be32(RPC_AUTH_GSS);
4219                        p = xdr_encode_opaque(p,  info.oid.data, info.oid.len);
4220                        *p++ = cpu_to_be32(info.qop);
4221                        *p++ = cpu_to_be32(info.service);
4222                } else if (pf < RPC_AUTH_MAXFLAVOR) {
4223                        supported++;
4224                        p = xdr_reserve_space(xdr, 4);
4225                        if (!p)
4226                                return nfserr_resource;
4227                        *p++ = cpu_to_be32(pf);
4228                } else {
4229                        if (report)
4230                                pr_warn("NFS: SECINFO: security flavor %u "
4231                                        "is not supported\n", pf);
4232                }
4233        }
4234
4235        if (nflavs != supported)
4236                report = false;
4237        *flavorsp = htonl(supported);
4238        return 0;
4239}
4240
4241static __be32
4242nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
4243                     struct nfsd4_secinfo *secinfo)
4244{
4245        struct xdr_stream *xdr = resp->xdr;
4246
4247        return nfsd4_do_encode_secinfo(xdr, secinfo->si_exp);
4248}
4249
4250static __be32
4251nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr,
4252                     struct nfsd4_secinfo_no_name *secinfo)
4253{
4254        struct xdr_stream *xdr = resp->xdr;
4255
4256        return nfsd4_do_encode_secinfo(xdr, secinfo->sin_exp);
4257}
4258
4259/*
4260 * The SETATTR encode routine is special -- it always encodes a bitmap,
4261 * regardless of the error status.
4262 */
4263static __be32
4264nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setattr *setattr)
4265{
4266        struct xdr_stream *xdr = resp->xdr;
4267        __be32 *p;
4268
4269        p = xdr_reserve_space(xdr, 16);
4270        if (!p)
4271                return nfserr_resource;
4272        if (nfserr) {
4273                *p++ = cpu_to_be32(3);
4274                *p++ = cpu_to_be32(0);
4275                *p++ = cpu_to_be32(0);
4276                *p++ = cpu_to_be32(0);
4277        }
4278        else {
4279                *p++ = cpu_to_be32(3);
4280                *p++ = cpu_to_be32(setattr->sa_bmval[0]);
4281                *p++ = cpu_to_be32(setattr->sa_bmval[1]);
4282                *p++ = cpu_to_be32(setattr->sa_bmval[2]);
4283        }
4284        return nfserr;
4285}
4286
4287static __be32
4288nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setclientid *scd)
4289{
4290        struct xdr_stream *xdr = resp->xdr;
4291        __be32 *p;
4292
4293        if (!nfserr) {
4294                p = xdr_reserve_space(xdr, 8 + NFS4_VERIFIER_SIZE);
4295                if (!p)
4296                        return nfserr_resource;
4297                p = xdr_encode_opaque_fixed(p, &scd->se_clientid, 8);
4298                p = xdr_encode_opaque_fixed(p, &scd->se_confirm,
4299                                                NFS4_VERIFIER_SIZE);
4300        }
4301        else if (nfserr == nfserr_clid_inuse) {
4302                p = xdr_reserve_space(xdr, 8);
4303                if (!p)
4304                        return nfserr_resource;
4305                *p++ = cpu_to_be32(0);
4306                *p++ = cpu_to_be32(0);
4307        }
4308        return nfserr;
4309}
4310
4311static __be32
4312nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_write *write)
4313{
4314        struct xdr_stream *xdr = resp->xdr;
4315        __be32 *p;
4316
4317        p = xdr_reserve_space(xdr, 16);
4318        if (!p)
4319                return nfserr_resource;
4320        *p++ = cpu_to_be32(write->wr_bytes_written);
4321        *p++ = cpu_to_be32(write->wr_how_written);
4322        p = xdr_encode_opaque_fixed(p, write->wr_verifier.data,
4323                                                NFS4_VERIFIER_SIZE);
4324        return 0;
4325}
4326
4327static __be32
4328nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr,
4329                         struct nfsd4_exchange_id *exid)
4330{
4331        struct xdr_stream *xdr = resp->xdr;
4332        __be32 *p;
4333        char *major_id;
4334        char *server_scope;
4335        int major_id_sz;
4336        int server_scope_sz;
4337        uint64_t minor_id = 0;
4338        struct nfsd_net *nn = net_generic(SVC_NET(resp->rqstp), nfsd_net_id);
4339
4340        major_id = nn->nfsd_name;
4341        major_id_sz = strlen(nn->nfsd_name);
4342        server_scope = nn->nfsd_name;
4343        server_scope_sz = strlen(nn->nfsd_name);
4344
4345        p = xdr_reserve_space(xdr,
4346                8 /* eir_clientid */ +
4347                4 /* eir_sequenceid */ +
4348                4 /* eir_flags */ +
4349                4 /* spr_how */);
4350        if (!p)
4351                return nfserr_resource;
4352
4353        p = xdr_encode_opaque_fixed(p, &exid->clientid, 8);
4354        *p++ = cpu_to_be32(exid->seqid);
4355        *p++ = cpu_to_be32(exid->flags);
4356
4357        *p++ = cpu_to_be32(exid->spa_how);
4358
4359        switch (exid->spa_how) {
4360        case SP4_NONE:
4361                break;
4362        case SP4_MACH_CRED:
4363                /* spo_must_enforce bitmap: */
4364                nfserr = nfsd4_encode_bitmap(xdr,
4365                                        exid->spo_must_enforce[0],
4366                                        exid->spo_must_enforce[1],
4367                                        exid->spo_must_enforce[2]);
4368                if (nfserr)
4369                        return nfserr;
4370                /* spo_must_allow bitmap: */
4371                nfserr = nfsd4_encode_bitmap(xdr,
4372                                        exid->spo_must_allow[0],
4373                                        exid->spo_must_allow[1],
4374                                        exid->spo_must_allow[2]);
4375                if (nfserr)
4376                        return nfserr;
4377                break;
4378        default:
4379                WARN_ON_ONCE(1);
4380        }
4381
4382        p = xdr_reserve_space(xdr,
4383                8 /* so_minor_id */ +
4384                4 /* so_major_id.len */ +
4385                (XDR_QUADLEN(major_id_sz) * 4) +
4386                4 /* eir_server_scope.len */ +
4387                (XDR_QUADLEN(server_scope_sz) * 4) +
4388                4 /* eir_server_impl_id.count (0) */);
4389        if (!p)
4390                return nfserr_resource;
4391
4392        /* The server_owner struct */
4393        p = xdr_encode_hyper(p, minor_id);      /* Minor id */
4394        /* major id */
4395        p = xdr_encode_opaque(p, major_id, major_id_sz);
4396
4397        /* Server scope */
4398        p = xdr_encode_opaque(p, server_scope, server_scope_sz);
4399
4400        /* Implementation id */
4401        *p++ = cpu_to_be32(0);  /* zero length nfs_impl_id4 array */
4402        return 0;
4403}
4404
4405static __be32
4406nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr,
4407                            struct nfsd4_create_session *sess)
4408{
4409        struct xdr_stream *xdr = resp->xdr;
4410        __be32 *p;
4411
4412        p = xdr_reserve_space(xdr, 24);
4413        if (!p)
4414                return nfserr_resource;
4415        p = xdr_encode_opaque_fixed(p, sess->sessionid.data,
4416                                        NFS4_MAX_SESSIONID_LEN);
4417        *p++ = cpu_to_be32(sess->seqid);
4418        *p++ = cpu_to_be32(sess->flags);
4419
4420        p = xdr_reserve_space(xdr, 28);
4421        if (!p)
4422                return nfserr_resource;
4423        *p++ = cpu_to_be32(0); /* headerpadsz */
4424        *p++ = cpu_to_be32(sess->fore_channel.maxreq_sz);
4425        *p++ = cpu_to_be32(sess->fore_channel.maxresp_sz);
4426        *p++ = cpu_to_be32(sess->fore_channel.maxresp_cached);
4427        *p++ = cpu_to_be32(sess->fore_channel.maxops);
4428        *p++ = cpu_to_be32(sess->fore_channel.maxreqs);
4429        *p++ = cpu_to_be32(sess->fore_channel.nr_rdma_attrs);
4430
4431        if (sess->fore_channel.nr_rdma_attrs) {
4432                p = xdr_reserve_space(xdr, 4);
4433                if (!p)
4434                        return nfserr_resource;
4435                *p++ = cpu_to_be32(sess->fore_channel.rdma_attrs);
4436        }
4437
4438        p = xdr_reserve_space(xdr, 28);
4439        if (!p)
4440                return nfserr_resource;
4441        *p++ = cpu_to_be32(0); /* headerpadsz */
4442        *p++ = cpu_to_be32(sess->back_channel.maxreq_sz);
4443        *p++ = cpu_to_be32(sess->back_channel.maxresp_sz);
4444        *p++ = cpu_to_be32(sess->back_channel.maxresp_cached);
4445        *p++ = cpu_to_be32(sess->back_channel.maxops);
4446        *p++ = cpu_to_be32(sess->back_channel.maxreqs);
4447        *p++ = cpu_to_be32(sess->back_channel.nr_rdma_attrs);
4448
4449        if (sess->back_channel.nr_rdma_attrs) {
4450                p = xdr_reserve_space(xdr, 4);
4451                if (!p)
4452                        return nfserr_resource;
4453                *p++ = cpu_to_be32(sess->back_channel.rdma_attrs);
4454        }
4455        return 0;
4456}
4457
4458static __be32
4459nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr,
4460                      struct nfsd4_sequence *seq)
4461{
4462        struct xdr_stream *xdr = resp->xdr;
4463        __be32 *p;
4464
4465        p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 20);
4466        if (!p)
4467                return nfserr_resource;
4468        p = xdr_encode_opaque_fixed(p, seq->sessionid.data,
4469                                        NFS4_MAX_SESSIONID_LEN);
4470        *p++ = cpu_to_be32(seq->seqid);
4471        *p++ = cpu_to_be32(seq->slotid);
4472        /* Note slotid's are numbered from zero: */
4473        *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_highest_slotid */
4474        *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_target_highest_slotid */
4475        *p++ = cpu_to_be32(seq->status_flags);
4476
4477        resp->cstate.data_offset = xdr->buf->len; /* DRC cache data pointer */
4478        return 0;
4479}
4480
4481static __be32
4482nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr,
4483                          struct nfsd4_test_stateid *test_stateid)
4484{
4485        struct xdr_stream *xdr = resp->xdr;
4486        struct nfsd4_test_stateid_id *stateid, *next;
4487        __be32 *p;
4488
4489        p = xdr_reserve_space(xdr, 4 + (4 * test_stateid->ts_num_ids));
4490        if (!p)
4491                return nfserr_resource;
4492        *p++ = htonl(test_stateid->ts_num_ids);
4493
4494        list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) {
4495                *p++ = stateid->ts_id_status;
4496        }
4497
4498        return 0;
4499}
4500
4501#ifdef CONFIG_NFSD_PNFS
4502static __be32
4503nfsd4_encode_getdeviceinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
4504                struct nfsd4_getdeviceinfo *gdev)
4505{
4506        struct xdr_stream *xdr = resp->xdr;
4507        const struct nfsd4_layout_ops *ops;
4508        u32 starting_len = xdr->buf->len, needed_len;
4509        __be32 *p;
4510
4511        p = xdr_reserve_space(xdr, 4);
4512        if (!p)
4513                return nfserr_resource;
4514
4515        *p++ = cpu_to_be32(gdev->gd_layout_type);
4516
4517        /* If maxcount is 0 then just update notifications */
4518        if (gdev->gd_maxcount != 0) {
4519                ops = nfsd4_layout_ops[gdev->gd_layout_type];
4520                nfserr = ops->encode_getdeviceinfo(xdr, gdev);
4521                if (nfserr) {
4522                        /*
4523                         * We don't bother to burden the layout drivers with
4524                         * enforcing gd_maxcount, just tell the client to
4525                         * come back with a bigger buffer if it's not enough.
4526                         */
4527                        if (xdr->buf->len + 4 > gdev->gd_maxcount)
4528                                goto toosmall;
4529                        return nfserr;
4530                }
4531        }
4532
4533        if (gdev->gd_notify_types) {
4534                p = xdr_reserve_space(xdr, 4 + 4);
4535                if (!p)
4536                        return nfserr_resource;
4537                *p++ = cpu_to_be32(1);                  /* bitmap length */
4538                *p++ = cpu_to_be32(gdev->gd_notify_types);
4539        } else {
4540                p = xdr_reserve_space(xdr, 4);
4541                if (!p)
4542                        return nfserr_resource;
4543                *p++ = 0;
4544        }
4545
4546        return 0;
4547toosmall:
4548        dprintk("%s: maxcount too small\n", __func__);
4549        needed_len = xdr->buf->len + 4 /* notifications */;
4550        xdr_truncate_encode(xdr, starting_len);
4551        p = xdr_reserve_space(xdr, 4);
4552        if (!p)
4553                return nfserr_resource;
4554        *p++ = cpu_to_be32(needed_len);
4555        return nfserr_toosmall;
4556}
4557
4558static __be32
4559nfsd4_encode_layoutget(struct nfsd4_compoundres *resp, __be32 nfserr,
4560                struct nfsd4_layoutget *lgp)
4561{
4562        struct xdr_stream *xdr = resp->xdr;
4563        const struct nfsd4_layout_ops *ops;
4564        __be32 *p;
4565
4566        p = xdr_reserve_space(xdr, 36 + sizeof(stateid_opaque_t));
4567        if (!p)
4568                return nfserr_resource;
4569
4570        *p++ = cpu_to_be32(1);  /* we always set return-on-close */
4571        *p++ = cpu_to_be32(lgp->lg_sid.si_generation);
4572        p = xdr_encode_opaque_fixed(p, &lgp->lg_sid.si_opaque,
4573                                    sizeof(stateid_opaque_t));
4574
4575        *p++ = cpu_to_be32(1);  /* we always return a single layout */
4576        p = xdr_encode_hyper(p, lgp->lg_seg.offset);
4577        p = xdr_encode_hyper(p, lgp->lg_seg.length);
4578        *p++ = cpu_to_be32(lgp->lg_seg.iomode);
4579        *p++ = cpu_to_be32(lgp->lg_layout_type);
4580
4581        ops = nfsd4_layout_ops[lgp->lg_layout_type];
4582        return ops->encode_layoutget(xdr, lgp);
4583}
4584
4585static __be32
4586nfsd4_encode_layoutcommit(struct nfsd4_compoundres *resp, __be32 nfserr,
4587                          struct nfsd4_layoutcommit *lcp)
4588{
4589        struct xdr_stream *xdr = resp->xdr;
4590        __be32 *p;
4591
4592        p = xdr_reserve_space(xdr, 4);
4593        if (!p)
4594                return nfserr_resource;
4595        *p++ = cpu_to_be32(lcp->lc_size_chg);
4596        if (lcp->lc_size_chg) {
4597                p = xdr_reserve_space(xdr, 8);
4598                if (!p)
4599                        return nfserr_resource;
4600                p = xdr_encode_hyper(p, lcp->lc_newsize);
4601        }
4602
4603        return 0;
4604}
4605
4606static __be32
4607nfsd4_encode_layoutreturn(struct nfsd4_compoundres *resp, __be32 nfserr,
4608                struct nfsd4_layoutreturn *lrp)
4609{
4610        struct xdr_stream *xdr = resp->xdr;
4611        __be32 *p;
4612
4613        p = xdr_reserve_space(xdr, 4);
4614        if (!p)
4615                return nfserr_resource;
4616        *p++ = cpu_to_be32(lrp->lrs_present);
4617        if (lrp->lrs_present)
4618                return nfsd4_encode_stateid(xdr, &lrp->lr_sid);
4619        return 0;
4620}
4621#endif /* CONFIG_NFSD_PNFS */
4622
4623static __be32
4624nfsd42_encode_write_res(struct nfsd4_compoundres *resp,
4625                struct nfsd42_write_res *write, bool sync)
4626{
4627        __be32 *p;
4628        p = xdr_reserve_space(resp->xdr, 4);
4629        if (!p)
4630                return nfserr_resource;
4631
4632        if (sync)
4633                *p++ = cpu_to_be32(0);
4634        else {
4635                __be32 nfserr;
4636                *p++ = cpu_to_be32(1);
4637                nfserr = nfsd4_encode_stateid(resp->xdr, &write->cb_stateid);
4638                if (nfserr)
4639                        return nfserr;
4640        }
4641        p = xdr_reserve_space(resp->xdr, 8 + 4 + NFS4_VERIFIER_SIZE);
4642        if (!p)
4643                return nfserr_resource;
4644
4645        p = xdr_encode_hyper(p, write->wr_bytes_written);
4646        *p++ = cpu_to_be32(write->wr_stable_how);
4647        p = xdr_encode_opaque_fixed(p, write->wr_verifier.data,
4648                                    NFS4_VERIFIER_SIZE);
4649        return nfs_ok;
4650}
4651
4652static __be32
4653nfsd42_encode_nl4_server(struct nfsd4_compoundres *resp, struct nl4_server *ns)
4654{
4655        struct xdr_stream *xdr = resp->xdr;
4656        struct nfs42_netaddr *addr;
4657        __be32 *p;
4658
4659        p = xdr_reserve_space(xdr, 4);
4660        *p++ = cpu_to_be32(ns->nl4_type);
4661
4662        switch (ns->nl4_type) {
4663        case NL4_NETADDR:
4664                addr = &ns->u.nl4_addr;
4665
4666                /* netid_len, netid, uaddr_len, uaddr (port included
4667                 * in RPCBIND_MAXUADDRLEN)
4668                 */
4669                p = xdr_reserve_space(xdr,
4670                        4 /* netid len */ +
4671                        (XDR_QUADLEN(addr->netid_len) * 4) +
4672                        4 /* uaddr len */ +
4673                        (XDR_QUADLEN(addr->addr_len) * 4));
4674                if (!p)
4675                        return nfserr_resource;
4676
4677                *p++ = cpu_to_be32(addr->netid_len);
4678                p = xdr_encode_opaque_fixed(p, addr->netid,
4679                                            addr->netid_len);
4680                *p++ = cpu_to_be32(addr->addr_len);
4681                p = xdr_encode_opaque_fixed(p, addr->addr,
4682                                        addr->addr_len);
4683                break;
4684        default:
4685                WARN_ON_ONCE(ns->nl4_type != NL4_NETADDR);
4686                return nfserr_inval;
4687        }
4688
4689        return 0;
4690}
4691
4692static __be32
4693nfsd4_encode_copy(struct nfsd4_compoundres *resp, __be32 nfserr,
4694                  struct nfsd4_copy *copy)
4695{
4696        __be32 *p;
4697
4698        nfserr = nfsd42_encode_write_res(resp, &copy->cp_res,
4699                                         !!copy->cp_synchronous);
4700        if (nfserr)
4701                return nfserr;
4702
4703        p = xdr_reserve_space(resp->xdr, 4 + 4);
4704        *p++ = xdr_one; /* cr_consecutive */
4705        *p++ = cpu_to_be32(copy->cp_synchronous);
4706        return 0;
4707}
4708
4709static __be32
4710nfsd4_encode_offload_status(struct nfsd4_compoundres *resp, __be32 nfserr,
4711                            struct nfsd4_offload_status *os)
4712{
4713        struct xdr_stream *xdr = resp->xdr;
4714        __be32 *p;
4715
4716        p = xdr_reserve_space(xdr, 8 + 4);
4717        if (!p)
4718                return nfserr_resource;
4719        p = xdr_encode_hyper(p, os->count);
4720        *p++ = cpu_to_be32(0);
4721        return nfserr;
4722}
4723
4724static __be32
4725nfsd4_encode_read_plus_data(struct nfsd4_compoundres *resp,
4726                            struct nfsd4_read *read,
4727                            unsigned long *maxcount, u32 *eof,
4728                            loff_t *pos)
4729{
4730        struct xdr_stream *xdr = resp->xdr;
4731        struct file *file = read->rd_nf->nf_file;
4732        int starting_len = xdr->buf->len;
4733        loff_t hole_pos;
4734        __be32 nfserr;
4735        __be32 *p, tmp;
4736        __be64 tmp64;
4737
4738        hole_pos = pos ? *pos : vfs_llseek(file, read->rd_offset, SEEK_HOLE);
4739        if (hole_pos > read->rd_offset)
4740                *maxcount = min_t(unsigned long, *maxcount, hole_pos - read->rd_offset);
4741        *maxcount = min_t(unsigned long, *maxcount, (xdr->buf->buflen - xdr->buf->len));
4742
4743        /* Content type, offset, byte count */
4744        p = xdr_reserve_space(xdr, 4 + 8 + 4);
4745        if (!p)
4746                return nfserr_resource;
4747
4748        read->rd_vlen = xdr_reserve_space_vec(xdr, resp->rqstp->rq_vec, *maxcount);
4749        if (read->rd_vlen < 0)
4750                return nfserr_resource;
4751
4752        nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset,
4753                            resp->rqstp->rq_vec, read->rd_vlen, maxcount, eof);
4754        if (nfserr)
4755                return nfserr;
4756        xdr_truncate_encode(xdr, starting_len + 16 + xdr_align_size(*maxcount));
4757
4758        tmp = htonl(NFS4_CONTENT_DATA);
4759        write_bytes_to_xdr_buf(xdr->buf, starting_len,      &tmp,   4);
4760        tmp64 = cpu_to_be64(read->rd_offset);
4761        write_bytes_to_xdr_buf(xdr->buf, starting_len + 4,  &tmp64, 8);
4762        tmp = htonl(*maxcount);
4763        write_bytes_to_xdr_buf(xdr->buf, starting_len + 12, &tmp,   4);
4764
4765        tmp = xdr_zero;
4766        write_bytes_to_xdr_buf(xdr->buf, starting_len + 16 + *maxcount, &tmp,
4767                               xdr_pad_size(*maxcount));
4768        return nfs_ok;
4769}
4770
4771static __be32
4772nfsd4_encode_read_plus_hole(struct nfsd4_compoundres *resp,
4773                            struct nfsd4_read *read,
4774                            unsigned long *maxcount, u32 *eof)
4775{
4776        struct file *file = read->rd_nf->nf_file;
4777        loff_t data_pos = vfs_llseek(file, read->rd_offset, SEEK_DATA);
4778        loff_t f_size = i_size_read(file_inode(file));
4779        unsigned long count;
4780        __be32 *p;
4781
4782        if (data_pos == -ENXIO)
4783                data_pos = f_size;
4784        else if (data_pos <= read->rd_offset || (data_pos < f_size && data_pos % PAGE_SIZE))
4785                return nfsd4_encode_read_plus_data(resp, read, maxcount, eof, &f_size);
4786        count = data_pos - read->rd_offset;
4787
4788        /* Content type, offset, byte count */
4789        p = xdr_reserve_space(resp->xdr, 4 + 8 + 8);
4790        if (!p)
4791                return nfserr_resource;
4792
4793        *p++ = htonl(NFS4_CONTENT_HOLE);
4794        p = xdr_encode_hyper(p, read->rd_offset);
4795        p = xdr_encode_hyper(p, count);
4796
4797        *eof = (read->rd_offset + count) >= f_size;
4798        *maxcount = min_t(unsigned long, count, *maxcount);
4799        return nfs_ok;
4800}
4801
4802static __be32
4803nfsd4_encode_read_plus(struct nfsd4_compoundres *resp, __be32 nfserr,
4804                       struct nfsd4_read *read)
4805{
4806        unsigned long maxcount, count;
4807        struct xdr_stream *xdr = resp->xdr;
4808        struct file *file;
4809        int starting_len = xdr->buf->len;
4810        int last_segment = xdr->buf->len;
4811        int segments = 0;
4812        __be32 *p, tmp;
4813        bool is_data;
4814        loff_t pos;
4815        u32 eof;
4816
4817        if (nfserr)
4818                return nfserr;
4819        file = read->rd_nf->nf_file;
4820
4821        /* eof flag, segment count */
4822        p = xdr_reserve_space(xdr, 4 + 4);
4823        if (!p)
4824                return nfserr_resource;
4825        xdr_commit_encode(xdr);
4826
4827        maxcount = min_t(unsigned long, read->rd_length,
4828                         (xdr->buf->buflen - xdr->buf->len));
4829        count    = maxcount;
4830
4831        eof = read->rd_offset >= i_size_read(file_inode(file));
4832        if (eof)
4833                goto out;
4834
4835        pos = vfs_llseek(file, read->rd_offset, SEEK_HOLE);
4836        is_data = pos > read->rd_offset;
4837
4838        while (count > 0 && !eof) {
4839                maxcount = count;
4840                if (is_data)
4841                        nfserr = nfsd4_encode_read_plus_data(resp, read, &maxcount, &eof,
4842                                                segments == 0 ? &pos : NULL);
4843                else
4844                        nfserr = nfsd4_encode_read_plus_hole(resp, read, &maxcount, &eof);
4845                if (nfserr)
4846                        goto out;
4847                count -= maxcount;
4848                read->rd_offset += maxcount;
4849                is_data = !is_data;
4850                last_segment = xdr->buf->len;
4851                segments++;
4852        }
4853
4854out:
4855        if (nfserr && segments == 0)
4856                xdr_truncate_encode(xdr, starting_len);
4857        else {
4858                if (nfserr) {
4859                        xdr_truncate_encode(xdr, last_segment);
4860                        nfserr = nfs_ok;
4861                        eof = 0;
4862                }
4863                tmp = htonl(eof);
4864                write_bytes_to_xdr_buf(xdr->buf, starting_len,     &tmp, 4);
4865                tmp = htonl(segments);
4866                write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4);
4867        }
4868
4869        return nfserr;
4870}
4871
4872static __be32
4873nfsd4_encode_copy_notify(struct nfsd4_compoundres *resp, __be32 nfserr,
4874                         struct nfsd4_copy_notify *cn)
4875{
4876        struct xdr_stream *xdr = resp->xdr;
4877        __be32 *p;
4878
4879        if (nfserr)
4880                return nfserr;
4881
4882        /* 8 sec, 4 nsec */
4883        p = xdr_reserve_space(xdr, 12);
4884        if (!p)
4885                return nfserr_resource;
4886
4887        /* cnr_lease_time */
4888        p = xdr_encode_hyper(p, cn->cpn_sec);
4889        *p++ = cpu_to_be32(cn->cpn_nsec);
4890
4891        /* cnr_stateid */
4892        nfserr = nfsd4_encode_stateid(xdr, &cn->cpn_cnr_stateid);
4893        if (nfserr)
4894                return nfserr;
4895
4896        /* cnr_src.nl_nsvr */
4897        p = xdr_reserve_space(xdr, 4);
4898        if (!p)
4899                return nfserr_resource;
4900
4901        *p++ = cpu_to_be32(1);
4902
4903        return nfsd42_encode_nl4_server(resp, &cn->cpn_src);
4904}
4905
4906static __be32
4907nfsd4_encode_seek(struct nfsd4_compoundres *resp, __be32 nfserr,
4908                  struct nfsd4_seek *seek)
4909{
4910        __be32 *p;
4911
4912        p = xdr_reserve_space(resp->xdr, 4 + 8);
4913        *p++ = cpu_to_be32(seek->seek_eof);
4914        p = xdr_encode_hyper(p, seek->seek_pos);
4915
4916        return 0;
4917}
4918
4919static __be32
4920nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr, void *p)
4921{
4922        return nfserr;
4923}
4924
4925/*
4926 * Encode kmalloc-ed buffer in to XDR stream.
4927 */
4928static __be32
4929nfsd4_vbuf_to_stream(struct xdr_stream *xdr, char *buf, u32 buflen)
4930{
4931        u32 cplen;
4932        __be32 *p;
4933
4934        cplen = min_t(unsigned long, buflen,
4935                      ((void *)xdr->end - (void *)xdr->p));
4936        p = xdr_reserve_space(xdr, cplen);
4937        if (!p)
4938                return nfserr_resource;
4939
4940        memcpy(p, buf, cplen);
4941        buf += cplen;
4942        buflen -= cplen;
4943
4944        while (buflen) {
4945                cplen = min_t(u32, buflen, PAGE_SIZE);
4946                p = xdr_reserve_space(xdr, cplen);
4947                if (!p)
4948                        return nfserr_resource;
4949
4950                memcpy(p, buf, cplen);
4951
4952                if (cplen < PAGE_SIZE) {
4953                        /*
4954                         * We're done, with a length that wasn't page
4955                         * aligned, so possibly not word aligned. Pad
4956                         * any trailing bytes with 0.
4957                         */
4958                        xdr_encode_opaque_fixed(p, NULL, cplen);
4959                        break;
4960                }
4961
4962                buflen -= PAGE_SIZE;
4963                buf += PAGE_SIZE;
4964        }
4965
4966        return 0;
4967}
4968
4969static __be32
4970nfsd4_encode_getxattr(struct nfsd4_compoundres *resp, __be32 nfserr,
4971                      struct nfsd4_getxattr *getxattr)
4972{
4973        struct xdr_stream *xdr = resp->xdr;
4974        __be32 *p, err;
4975
4976        p = xdr_reserve_space(xdr, 4);
4977        if (!p)
4978                return nfserr_resource;
4979
4980        *p = cpu_to_be32(getxattr->getxa_len);
4981
4982        if (getxattr->getxa_len == 0)
4983                return 0;
4984
4985        err = nfsd4_vbuf_to_stream(xdr, getxattr->getxa_buf,
4986                                    getxattr->getxa_len);
4987
4988        kvfree(getxattr->getxa_buf);
4989
4990        return err;
4991}
4992
4993static __be32
4994nfsd4_encode_setxattr(struct nfsd4_compoundres *resp, __be32 nfserr,
4995                      struct nfsd4_setxattr *setxattr)
4996{
4997        struct xdr_stream *xdr = resp->xdr;
4998        __be32 *p;
4999
5000        p = xdr_reserve_space(xdr, 20);

5001        if (!p)
5002                return nfserr_resource;
5003
5004        encode_cinfo(p, &setxattr->setxa_cinfo);
5005
5006        return 0;
5007}
5008
5009/*
5010 * See if there are cookie values that can be rejected outright.
5011 */
5012static __be32
5013nfsd4_listxattr_validate_cookie(struct nfsd4_listxattrs *listxattrs,
5014                                u32 *offsetp)
5015{
5016        u64 cookie = listxattrs->lsxa_cookie;
5017
5018        /*
5019         * If the cookie is larger than the maximum number we can fit
5020         * in either the buffer we just got back from vfs_listxattr, or,
5021         * XDR-encoded, in the return buffer, it's invalid.
5022         */
5023        if (cookie > (listxattrs->lsxa_len) / (XATTR_USER_PREFIX_LEN + 2))
5024                return nfserr_badcookie;
5025
5026        if (cookie > (listxattrs->lsxa_maxcount /
5027                      (XDR_QUADLEN(XATTR_USER_PREFIX_LEN + 2) + 4)))
5028                return nfserr_badcookie;
5029
5030        *offsetp = (u32)cookie;
5031        return 0;
5032}
5033
5034static __be32
5035nfsd4_encode_listxattrs(struct nfsd4_compoundres *resp, __be32 nfserr,
5036                        struct nfsd4_listxattrs *listxattrs)
5037{
5038        struct xdr_stream *xdr = resp->xdr;
5039        u32 cookie_offset, count_offset, eof;
5040        u32 left, xdrleft, slen, count;
5041        u32 xdrlen, offset;
5042        u64 cookie;
5043        char *sp;
5044        __be32 status, tmp;
5045        __be32 *p;
5046        u32 nuser;
5047
5048        eof = 1;
5049
5050        status = nfsd4_listxattr_validate_cookie(listxattrs, &offset);
5051        if (status)
5052                goto out;
5053
5054        /*
5055         * Reserve space for the cookie and the name array count. Record
5056         * the offsets to save them later.
5057         */
5058        cookie_offset = xdr->buf->len;
5059        count_offset = cookie_offset + 8;
5060        p = xdr_reserve_space(xdr, 12);
5061        if (!p) {
5062                status = nfserr_resource;
5063                goto out;
5064        }
5065
5066        count = 0;
5067        left = listxattrs->lsxa_len;
5068        sp = listxattrs->lsxa_buf;
5069        nuser = 0;
5070
5071        xdrleft = listxattrs->lsxa_maxcount;
5072
5073        while (left > 0 && xdrleft > 0) {
5074                slen = strlen(sp);
5075
5076                /*
5077                 * Check if this is a "user." attribute, skip it if not.
5078                 */
5079                if (strncmp(sp, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
5080                        goto contloop;
5081
5082                slen -= XATTR_USER_PREFIX_LEN;
5083                xdrlen = 4 + ((slen + 3) & ~3);
5084                if (xdrlen > xdrleft) {
5085                        if (count == 0) {
5086                                /*
5087                                 * Can't even fit the first attribute name.
5088                                 */
5089                                status = nfserr_toosmall;
5090                                goto out;
5091                        }
5092                        eof = 0;
5093                        goto wreof;
5094                }
5095
5096                left -= XATTR_USER_PREFIX_LEN;
5097                sp += XATTR_USER_PREFIX_LEN;
5098                if (nuser++ < offset)
5099                        goto contloop;
5100
5101
5102                p = xdr_reserve_space(xdr, xdrlen);
5103                if (!p) {
5104                        status = nfserr_resource;
5105                        goto out;
5106                }
5107
5108                xdr_encode_opaque(p, sp, slen);
5109
5110                xdrleft -= xdrlen;
5111                count++;
5112contloop:
5113                sp += slen + 1;
5114                left -= slen + 1;
5115        }
5116
5117        /*
5118         * If there were user attributes to copy, but we didn't copy
5119         * any, the offset was too large (e.g. the cookie was invalid).
5120         */
5121        if (nuser > 0 && count == 0) {
5122                status = nfserr_badcookie;
5123                goto out;
5124        }
5125
5126wreof:
5127        p = xdr_reserve_space(xdr, 4);
5128        if (!p) {
5129                status = nfserr_resource;
5130                goto out;
5131        }
5132        *p = cpu_to_be32(eof);
5133
5134        cookie = offset + count;
5135
5136        write_bytes_to_xdr_buf(xdr->buf, cookie_offset, &cookie, 8);
5137        tmp = cpu_to_be32(count);
5138        write_bytes_to_xdr_buf(xdr->buf, count_offset, &tmp, 4);
5139out:
5140        if (listxattrs->lsxa_len)
5141                kvfree(listxattrs->lsxa_buf);
5142        return status;
5143}
5144
5145static __be32
5146nfsd4_encode_removexattr(struct nfsd4_compoundres *resp, __be32 nfserr,
5147                         struct nfsd4_removexattr *removexattr)
5148{
5149        struct xdr_stream *xdr = resp->xdr;
5150        __be32 *p;
5151
5152        p = xdr_reserve_space(xdr, 20);
5153        if (!p)
5154                return nfserr_resource;
5155
5156        p = encode_cinfo(p, &removexattr->rmxa_cinfo);
5157        return 0;
5158}
5159
5160typedef __be32(* nfsd4_enc)(struct nfsd4_compoundres *, __be32, void *);
5161
5162/*
5163 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1
5164 * since we don't need to filter out obsolete ops as this is
5165 * done in the decoding phase.
5166 */
5167static const nfsd4_enc nfsd4_enc_ops[] = {
5168        [OP_ACCESS]             = (nfsd4_enc)nfsd4_encode_access,
5169        [OP_CLOSE]              = (nfsd4_enc)nfsd4_encode_close,
5170        [OP_COMMIT]             = (nfsd4_enc)nfsd4_encode_commit,
5171        [OP_CREATE]             = (nfsd4_enc)nfsd4_encode_create,
5172        [OP_DELEGPURGE]         = (nfsd4_enc)nfsd4_encode_noop,
5173        [OP_DELEGRETURN]        = (nfsd4_enc)nfsd4_encode_noop,
5174        [OP_GETATTR]            = (nfsd4_enc)nfsd4_encode_getattr,
5175        [OP_GETFH]              = (nfsd4_enc)nfsd4_encode_getfh,
5176        [OP_LINK]               = (nfsd4_enc)nfsd4_encode_link,
5177        [OP_LOCK]               = (nfsd4_enc)nfsd4_encode_lock,
5178        [OP_LOCKT]              = (nfsd4_enc)nfsd4_encode_lockt,
5179        [OP_LOCKU]              = (nfsd4_enc)nfsd4_encode_locku,
5180        [OP_LOOKUP]             = (nfsd4_enc)nfsd4_encode_noop,
5181        [OP_LOOKUPP]            = (nfsd4_enc)nfsd4_encode_noop,
5182        [OP_NVERIFY]            = (nfsd4_enc)nfsd4_encode_noop,
5183        [OP_OPEN]               = (nfsd4_enc)nfsd4_encode_open,
5184        [OP_OPENATTR]           = (nfsd4_enc)nfsd4_encode_noop,
5185        [OP_OPEN_CONFIRM]       = (nfsd4_enc)nfsd4_encode_open_confirm,
5186        [OP_OPEN_DOWNGRADE]     = (nfsd4_enc)nfsd4_encode_open_downgrade,
5187        [OP_PUTFH]              = (nfsd4_enc)nfsd4_encode_noop,
5188        [OP_PUTPUBFH]           = (nfsd4_enc)nfsd4_encode_noop,
5189        [OP_PUTROOTFH]          = (nfsd4_enc)nfsd4_encode_noop,
5190        [OP_READ]               = (nfsd4_enc)nfsd4_encode_read,
5191        [OP_READDIR]            = (nfsd4_enc)nfsd4_encode_readdir,
5192        [OP_READLINK]           = (nfsd4_enc)nfsd4_encode_readlink,
5193        [OP_REMOVE]             = (nfsd4_enc)nfsd4_encode_remove,
5194        [OP_RENAME]             = (nfsd4_enc)nfsd4_encode_rename,
5195        [OP_RENEW]              = (nfsd4_enc)nfsd4_encode_noop,
5196        [OP_RESTOREFH]          = (nfsd4_enc)nfsd4_encode_noop,
5197        [OP_SAVEFH]             = (nfsd4_enc)nfsd4_encode_noop,
5198        [OP_SECINFO]            = (nfsd4_enc)nfsd4_encode_secinfo,
5199        [OP_SETATTR]            = (nfsd4_enc)nfsd4_encode_setattr,
5200        [OP_SETCLIENTID]        = (nfsd4_enc)nfsd4_encode_setclientid,
5201        [OP_SETCLIENTID_CONFIRM] = (nfsd4_enc)nfsd4_encode_noop,
5202        [OP_VERIFY]             = (nfsd4_enc)nfsd4_encode_noop,
5203        [OP_WRITE]              = (nfsd4_enc)nfsd4_encode_write,
5204        [OP_RELEASE_LOCKOWNER]  = (nfsd4_enc)nfsd4_encode_noop,
5205
5206        /* NFSv4.1 operations */
5207        [OP_BACKCHANNEL_CTL]    = (nfsd4_enc)nfsd4_encode_noop,
5208        [OP_BIND_CONN_TO_SESSION] = (nfsd4_enc)nfsd4_encode_bind_conn_to_session,
5209        [OP_EXCHANGE_ID]        = (nfsd4_enc)nfsd4_encode_exchange_id,
5210        [OP_CREATE_SESSION]     = (nfsd4_enc)nfsd4_encode_create_session,
5211        [OP_DESTROY_SESSION]    = (nfsd4_enc)nfsd4_encode_noop,
5212        [OP_FREE_STATEID]       = (nfsd4_enc)nfsd4_encode_noop,
5213        [OP_GET_DIR_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop,
5214#ifdef CONFIG_NFSD_PNFS
5215        [OP_GETDEVICEINFO]      = (nfsd4_enc)nfsd4_encode_getdeviceinfo,
5216        [OP_GETDEVICELIST]      = (nfsd4_enc)nfsd4_encode_noop,
5217        [OP_LAYOUTCOMMIT]       = (nfsd4_enc)nfsd4_encode_layoutcommit,
5218        [OP_LAYOUTGET]          = (nfsd4_enc)nfsd4_encode_layoutget,
5219        [OP_LAYOUTRETURN]       = (nfsd4_enc)nfsd4_encode_layoutreturn,
5220#else
5221        [OP_GETDEVICEINFO]      = (nfsd4_enc)nfsd4_encode_noop,
5222        [OP_GETDEVICELIST]      = (nfsd4_enc)nfsd4_encode_noop,
5223        [OP_LAYOUTCOMMIT]       = (nfsd4_enc)nfsd4_encode_noop,
5224        [OP_LAYOUTGET]          = (nfsd4_enc)nfsd4_encode_noop,
5225        [OP_LAYOUTRETURN]       = (nfsd4_enc)nfsd4_encode_noop,
5226#endif
5227        [OP_SECINFO_NO_NAME]    = (nfsd4_enc)nfsd4_encode_secinfo_no_name,
5228        [OP_SEQUENCE]           = (nfsd4_enc)nfsd4_encode_sequence,
5229        [OP_SET_SSV]            = (nfsd4_enc)nfsd4_encode_noop,
5230        [OP_TEST_STATEID]       = (nfsd4_enc)nfsd4_encode_test_stateid,
5231        [OP_WANT_DELEGATION]    = (nfsd4_enc)nfsd4_encode_noop,
5232        [OP_DESTROY_CLIENTID]   = (nfsd4_enc)nfsd4_encode_noop,
5233        [OP_RECLAIM_COMPLETE]   = (nfsd4_enc)nfsd4_encode_noop,
5234
5235        /* NFSv4.2 operations */
5236        [OP_ALLOCATE]           = (nfsd4_enc)nfsd4_encode_noop,
5237        [OP_COPY]               = (nfsd4_enc)nfsd4_encode_copy,
5238        [OP_COPY_NOTIFY]        = (nfsd4_enc)nfsd4_encode_copy_notify,
5239        [OP_DEALLOCATE]         = (nfsd4_enc)nfsd4_encode_noop,
5240        [OP_IO_ADVISE]          = (nfsd4_enc)nfsd4_encode_noop,
5241        [OP_LAYOUTERROR]        = (nfsd4_enc)nfsd4_encode_noop,
5242        [OP_LAYOUTSTATS]        = (nfsd4_enc)nfsd4_encode_noop,
5243        [OP_OFFLOAD_CANCEL]     = (nfsd4_enc)nfsd4_encode_noop,
5244        [OP_OFFLOAD_STATUS]     = (nfsd4_enc)nfsd4_encode_offload_status,
5245        [OP_READ_PLUS]          = (nfsd4_enc)nfsd4_encode_read_plus,
5246        [OP_SEEK]               = (nfsd4_enc)nfsd4_encode_seek,
5247        [OP_WRITE_SAME]         = (nfsd4_enc)nfsd4_encode_noop,
5248        [OP_CLONE]              = (nfsd4_enc)nfsd4_encode_noop,
5249
5250        /* RFC 8276 extended atributes operations */
5251        [OP_GETXATTR]           = (nfsd4_enc)nfsd4_encode_getxattr,
5252        [OP_SETXATTR]           = (nfsd4_enc)nfsd4_encode_setxattr,
5253        [OP_LISTXATTRS]         = (nfsd4_enc)nfsd4_encode_listxattrs,
5254        [OP_REMOVEXATTR]        = (nfsd4_enc)nfsd4_encode_removexattr,
5255};
5256
5257/*
5258 * Calculate whether we still have space to encode repsize bytes.
5259 * There are two considerations:
5260 *     - For NFS versions >=4.1, the size of the reply must stay within
5261 *       session limits
5262 *     - For all NFS versions, we must stay within limited preallocated
5263 *       buffer space.
5264 *
5265 * This is called before the operation is processed, so can only provide
5266 * an upper estimate.  For some nonidempotent operations (such as
5267 * getattr), it's not necessarily a problem if that estimate is wrong,
5268 * as we can fail it after processing without significant side effects.
5269 */
5270__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 respsize)
5271{
5272        struct xdr_buf *buf = &resp->rqstp->rq_res;
5273        struct nfsd4_slot *slot = resp->cstate.slot;
5274
5275        if (buf->len + respsize <= buf->buflen)
5276                return nfs_ok;
5277        if (!nfsd4_has_session(&resp->cstate))
5278                return nfserr_resource;
5279        if (slot->sl_flags & NFSD4_SLOT_CACHETHIS) {
5280                WARN_ON_ONCE(1);
5281                return nfserr_rep_too_big_to_cache;
5282        }
5283        return nfserr_rep_too_big;
5284}
5285
5286void
5287nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op)
5288{
5289        struct xdr_stream *xdr = resp->xdr;
5290        struct nfs4_stateowner *so = resp->cstate.replay_owner;
5291        struct svc_rqst *rqstp = resp->rqstp;
5292        const struct nfsd4_operation *opdesc = op->opdesc;
5293        int post_err_offset;
5294        nfsd4_enc encoder;
5295        __be32 *p;
5296
5297        p = xdr_reserve_space(xdr, 8);
5298        if (!p) {
5299                WARN_ON_ONCE(1);
5300                return;
5301        }
5302        *p++ = cpu_to_be32(op->opnum);
5303        post_err_offset = xdr->buf->len;
5304
5305        if (op->opnum == OP_ILLEGAL)
5306                goto status;
5307        if (op->status && opdesc &&
5308                        !(opdesc->op_flags & OP_NONTRIVIAL_ERROR_ENCODE))
5309                goto status;
5310        BUG_ON(op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) ||
5311               !nfsd4_enc_ops[op->opnum]);
5312        encoder = nfsd4_enc_ops[op->opnum];
5313        op->status = encoder(resp, op->status, &op->u);
5314        if (op->status)
5315                trace_nfsd_compound_encode_err(rqstp, op->opnum, op->status);
5316        if (opdesc && opdesc->op_release)
5317                opdesc->op_release(&op->u);
5318        xdr_commit_encode(xdr);
5319
5320        /* nfsd4_check_resp_size guarantees enough room for error status */
5321        if (!op->status) {
5322                int space_needed = 0;
5323                if (!nfsd4_last_compound_op(rqstp))
5324                        space_needed = COMPOUND_ERR_SLACK_SPACE;
5325                op->status = nfsd4_check_resp_size(resp, space_needed);
5326        }
5327        if (op->status == nfserr_resource && nfsd4_has_session(&resp->cstate)) {
5328                struct nfsd4_slot *slot = resp->cstate.slot;
5329
5330                if (slot->sl_flags & NFSD4_SLOT_CACHETHIS)
5331                        op->status = nfserr_rep_too_big_to_cache;
5332                else
5333                        op->status = nfserr_rep_too_big;
5334        }
5335        if (op->status == nfserr_resource ||
5336            op->status == nfserr_rep_too_big ||
5337            op->status == nfserr_rep_too_big_to_cache) {
5338                /*
5339                 * The operation may have already been encoded or
5340                 * partially encoded.  No op returns anything additional
5341                 * in the case of one of these three errors, so we can
5342                 * just truncate back to after the status.  But it's a
5343                 * bug if we had to do this on a non-idempotent op:
5344                 */
5345                warn_on_nonidempotent_op(op);
5346                xdr_truncate_encode(xdr, post_err_offset);
5347        }
5348        if (so) {
5349                int len = xdr->buf->len - post_err_offset;
5350
5351                so->so_replay.rp_status = op->status;
5352                so->so_replay.rp_buflen = len;
5353                read_bytes_from_xdr_buf(xdr->buf, post_err_offset,
5354                                                so->so_replay.rp_buf, len);
5355        }
5356status:
5357        /* Note that op->status is already in network byte order: */
5358        write_bytes_to_xdr_buf(xdr->buf, post_err_offset - 4, &op->status, 4);
5359}
5360
5361/* 
5362 * Encode the reply stored in the stateowner reply cache 
5363 * 
5364 * XDR note: do not encode rp->rp_buflen: the buffer contains the
5365 * previously sent already encoded operation.
5366 */
5367void
5368nfsd4_encode_replay(struct xdr_stream *xdr, struct nfsd4_op *op)
5369{
5370        __be32 *p;
5371        struct nfs4_replay *rp = op->replay;
5372
5373        p = xdr_reserve_space(xdr, 8 + rp->rp_buflen);
5374        if (!p) {
5375                WARN_ON_ONCE(1);
5376                return;
5377        }
5378        *p++ = cpu_to_be32(op->opnum);
5379        *p++ = rp->rp_status;  /* already xdr'ed */
5380
5381        p = xdr_encode_opaque_fixed(p, rp->rp_buf, rp->rp_buflen);
5382}
5383
5384void nfsd4_release_compoundargs(struct svc_rqst *rqstp)
5385{
5386        struct nfsd4_compoundargs *args = rqstp->rq_argp;
5387
5388        if (args->ops != args->iops) {
5389                kfree(args->ops);
5390                args->ops = args->iops;
5391        }
5392        while (args->to_free) {
5393                struct svcxdr_tmpbuf *tb = args->to_free;
5394                args->to_free = tb->next;
5395                kfree(tb);
5396        }
5397}
5398
5399bool
5400nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
5401{
5402        struct nfsd4_compoundargs *args = rqstp->rq_argp;
5403
5404        /* svcxdr_tmp_alloc */
5405        args->to_free = NULL;
5406
5407        args->xdr = xdr;
5408        args->ops = args->iops;
5409        args->rqstp = rqstp;
5410
5411        return nfsd4_decode_compound(args);
5412}
5413
5414bool
5415nfs4svc_encode_compoundres(struct svc_rqst *rqstp, struct xdr_stream *xdr)
5416{
5417        struct nfsd4_compoundres *resp = rqstp->rq_resp;
5418        struct xdr_buf *buf = xdr->buf;
5419        __be32 *p;
5420
5421        WARN_ON_ONCE(buf->len != buf->head[0].iov_len + buf->page_len +
5422                                 buf->tail[0].iov_len);
5423
5424        /*
5425         * Send buffer space for the following items is reserved
5426         * at the top of nfsd4_proc_compound().
5427         */
5428        p = resp->statusp;
5429
5430        *p++ = resp->cstate.status;
5431
5432        rqstp->rq_next_page = xdr->page_ptr + 1;
5433
5434        *p++ = htonl(resp->taglen);
5435        memcpy(p, resp->tag, resp->taglen);
5436        p += XDR_QUADLEN(resp->taglen);
5437        *p++ = htonl(resp->opcnt);
5438
5439        nfsd4_sequence_done(resp);
5440        return true;
5441}
5442
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.