linux/fs/nfsd/nfs4xdr.c
<<
>>
Prefs 
   1/*
   2 *  Server-side XDR for NFSv4
   3 *
   4 *  Copyright (c) 2002 The Regents of the University of Michigan.
   5 *  All rights reserved.
   6 *
   7 *  Kendrick Smith <kmsmith@umich.edu>
   8 *  Andy Adamson   <andros@umich.edu>
   9 *
  10 *  Redistribution and use in source and binary forms, with or without
  11 *  modification, are permitted provided that the following conditions
  12 *  are met:
  13 *
  14 *  1. Redistributions of source code must retain the above copyright
  15 *     notice, this list of conditions and the following disclaimer.
  16 *  2. Redistributions in binary form must reproduce the above copyright
  17 *     notice, this list of conditions and the following disclaimer in the
  18 *     documentation and/or other materials provided with the distribution.
  19 *  3. Neither the name of the University nor the names of its
  20 *     contributors may be used to endorse or promote products derived
  21 *     from this software without specific prior written permission.
  22 *
  23 *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  24 *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  25 *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  26 *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  27 *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  28 *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  29 *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  30 *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  31 *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  32 *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  33 *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  34 */
  35
  36#include <linux/file.h>
  37#include <linux/slab.h>
  38#include <linux/namei.h>
  39#include <linux/statfs.h>
  40#include <linux/utsname.h>
  41#include <linux/pagemap.h>
  42#include <linux/sunrpc/svcauth_gss.h>
  43#include <linux/sunrpc/addr.h>
  44#include <linux/xattr.h>
  45#include <uapi/linux/xattr.h>
  46
  47#include "idmap.h"
  48#include "acl.h"
  49#include "xdr4.h"
  50#include "vfs.h"
  51#include "state.h"
  52#include "cache.h"
  53#include "netns.h"
  54#include "pnfs.h"
  55#include "filecache.h"
  56
  57#include "trace.h"
  58
  59#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
  60#include <linux/security.h>
  61#endif
  62
  63
  64#define NFSDDBG_FACILITY                NFSDDBG_XDR
  65
  66const u32 nfsd_suppattrs[3][3] = {
  67        {NFSD4_SUPPORTED_ATTRS_WORD0,
  68         NFSD4_SUPPORTED_ATTRS_WORD1,
  69         NFSD4_SUPPORTED_ATTRS_WORD2},
  70
  71        {NFSD4_1_SUPPORTED_ATTRS_WORD0,
  72         NFSD4_1_SUPPORTED_ATTRS_WORD1,
  73         NFSD4_1_SUPPORTED_ATTRS_WORD2},
  74
  75        {NFSD4_1_SUPPORTED_ATTRS_WORD0,
  76         NFSD4_1_SUPPORTED_ATTRS_WORD1,
  77         NFSD4_2_SUPPORTED_ATTRS_WORD2},
  78};
  79
  80/*
  81 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing
  82 * directory in order to indicate to the client that a filesystem boundary is present
  83 * We use a fixed fsid for a referral
  84 */
  85#define NFS4_REFERRAL_FSID_MAJOR        0x8000000ULL
  86#define NFS4_REFERRAL_FSID_MINOR        0x8000000ULL
  87
  88static __be32
  89check_filename(char *str, int len)
  90{
  91        int i;
  92
  93        if (len == 0)
  94                return nfserr_inval;
  95        if (len > NFS4_MAXNAMLEN)
  96                return nfserr_nametoolong;
  97        if (isdotent(str, len))
  98                return nfserr_badname;
  99        for (i = 0; i < len; i++)
 100                if (str[i] == '/')
 101                        return nfserr_badname;
 102        return 0;
 103}
 104
 105static int zero_clientid(clientid_t *clid)
 106{
 107        return (clid->cl_boot == 0) && (clid->cl_id == 0);
 108}
 109
 110/**
 111 * svcxdr_tmpalloc - allocate memory to be freed after compound processing
 112 * @argp: NFSv4 compound argument structure
 113 * @len: length of buffer to allocate
 114 *
 115 * Allocates a buffer of size @len to be freed when processing the compound
 116 * operation described in @argp finishes.
 117 */
 118static void *
 119svcxdr_tmpalloc(struct nfsd4_compoundargs *argp, u32 len)
 120{
 121        struct svcxdr_tmpbuf *tb;
 122
 123        tb = kmalloc(sizeof(*tb) + len, GFP_KERNEL);
 124        if (!tb)
 125                return NULL;
 126        tb->next = argp->to_free;
 127        argp->to_free = tb;
 128        return tb->buf;
 129}
 130
 131/*
 132 * For xdr strings that need to be passed to other kernel api's
 133 * as null-terminated strings.
 134 *
 135 * Note null-terminating in place usually isn't safe since the
 136 * buffer might end on a page boundary.
 137 */
 138static char *
 139svcxdr_dupstr(struct nfsd4_compoundargs *argp, void *buf, u32 len)
 140{
 141        char *p = svcxdr_tmpalloc(argp, len + 1);
 142
 143        if (!p)
 144                return NULL;
 145        memcpy(p, buf, len);
 146        p[len] = '\0';
 147        return p;
 148}
 149
 150static void *
 151svcxdr_savemem(struct nfsd4_compoundargs *argp, __be32 *p, u32 len)
 152{
 153        __be32 *tmp;
 154
 155        /*
 156         * The location of the decoded data item is stable,
 157         * so @p is OK to use. This is the common case.
 158         */
 159        if (p != argp->xdr->scratch.iov_base)
 160                return p;
 161
 162        tmp = svcxdr_tmpalloc(argp, len);
 163        if (!tmp)
 164                return NULL;
 165        memcpy(tmp, p, len);
 166        return tmp;
 167}
 168
 169/*
 170 * NFSv4 basic data type decoders
 171 */
 172
 173/*
 174 * This helper handles variable-length opaques which belong to protocol
 175 * elements that this implementation does not support.
 176 */
 177static __be32
 178nfsd4_decode_ignored_string(struct nfsd4_compoundargs *argp, u32 maxlen)
 179{
 180        u32 len;
 181
 182        if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 183                return nfserr_bad_xdr;
 184        if (maxlen && len > maxlen)
 185                return nfserr_bad_xdr;
 186        if (!xdr_inline_decode(argp->xdr, len))
 187                return nfserr_bad_xdr;
 188
 189        return nfs_ok;
 190}
 191
 192static __be32
 193nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o)
 194{
 195        __be32 *p;
 196        u32 len;
 197
 198        if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 199                return nfserr_bad_xdr;
 200        if (len == 0 || len > NFS4_OPAQUE_LIMIT)
 201                return nfserr_bad_xdr;
 202        p = xdr_inline_decode(argp->xdr, len);
 203        if (!p)
 204                return nfserr_bad_xdr;
 205        o->data = svcxdr_savemem(argp, p, len);
 206        if (!o->data)
 207                return nfserr_jukebox;
 208        o->len = len;
 209
 210        return nfs_ok;
 211}
 212
 213static __be32
 214nfsd4_decode_component4(struct nfsd4_compoundargs *argp, char **namp, u32 *lenp)
 215{
 216        __be32 *p, status;
 217
 218        if (xdr_stream_decode_u32(argp->xdr, lenp) < 0)
 219                return nfserr_bad_xdr;
 220        p = xdr_inline_decode(argp->xdr, *lenp);
 221        if (!p)
 222                return nfserr_bad_xdr;
 223        status = check_filename((char *)p, *lenp);
 224        if (status)
 225                return status;
 226        *namp = svcxdr_savemem(argp, p, *lenp);
 227        if (!*namp)
 228                return nfserr_jukebox;
 229
 230        return nfs_ok;
 231}
 232
 233static __be32
 234nfsd4_decode_nfstime4(struct nfsd4_compoundargs *argp, struct timespec64 *tv)
 235{
 236        __be32 *p;
 237
 238        p = xdr_inline_decode(argp->xdr, XDR_UNIT * 3);
 239        if (!p)
 240                return nfserr_bad_xdr;
 241        p = xdr_decode_hyper(p, &tv->tv_sec);
 242        tv->tv_nsec = be32_to_cpup(p++);
 243        if (tv->tv_nsec >= (u32)1000000000)
 244                return nfserr_inval;
 245        return nfs_ok;
 246}
 247
 248static __be32
 249nfsd4_decode_verifier4(struct nfsd4_compoundargs *argp, nfs4_verifier *verf)
 250{
 251        __be32 *p;
 252
 253        p = xdr_inline_decode(argp->xdr, NFS4_VERIFIER_SIZE);
 254        if (!p)
 255                return nfserr_bad_xdr;
 256        memcpy(verf->data, p, sizeof(verf->data));
 257        return nfs_ok;
 258}
 259
 260/**
 261 * nfsd4_decode_bitmap4 - Decode an NFSv4 bitmap4
 262 * @argp: NFSv4 compound argument structure
 263 * @bmval: pointer to an array of u32's to decode into
 264 * @bmlen: size of the @bmval array
 265 *
 266 * The server needs to return nfs_ok rather than nfserr_bad_xdr when
 267 * encountering bitmaps containing bits it does not recognize. This
 268 * includes bits in bitmap words past WORDn, where WORDn is the last
 269 * bitmap WORD the implementation currently supports. Thus we are
 270 * careful here to simply ignore bits in bitmap words that this
 271 * implementation has yet to support explicitly.
 272 *
 273 * Return values:
 274 *   %nfs_ok: @bmval populated successfully
 275 *   %nfserr_bad_xdr: the encoded bitmap was invalid
 276 */
 277static __be32
 278nfsd4_decode_bitmap4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen)
 279{
 280        ssize_t status;
 281
 282        status = xdr_stream_decode_uint32_array(argp->xdr, bmval, bmlen);
 283        return status == -EBADMSG ? nfserr_bad_xdr : nfs_ok;
 284}
 285
 286static __be32
 287nfsd4_decode_nfsace4(struct nfsd4_compoundargs *argp, struct nfs4_ace *ace)
 288{
 289        __be32 *p, status;
 290        u32 length;
 291
 292        if (xdr_stream_decode_u32(argp->xdr, &ace->type) < 0)
 293                return nfserr_bad_xdr;
 294        if (xdr_stream_decode_u32(argp->xdr, &ace->flag) < 0)
 295                return nfserr_bad_xdr;
 296        if (xdr_stream_decode_u32(argp->xdr, &ace->access_mask) < 0)
 297                return nfserr_bad_xdr;
 298
 299        if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 300                return nfserr_bad_xdr;
 301        p = xdr_inline_decode(argp->xdr, length);
 302        if (!p)
 303                return nfserr_bad_xdr;
 304        ace->whotype = nfs4_acl_get_whotype((char *)p, length);
 305        if (ace->whotype != NFS4_ACL_WHO_NAMED)
 306                status = nfs_ok;
 307        else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
 308                status = nfsd_map_name_to_gid(argp->rqstp,
 309                                (char *)p, length, &ace->who_gid);
 310        else
 311                status = nfsd_map_name_to_uid(argp->rqstp,
 312                                (char *)p, length, &ace->who_uid);
 313
 314        return status;
 315}
 316
 317/* A counted array of nfsace4's */
 318static noinline __be32
 319nfsd4_decode_acl(struct nfsd4_compoundargs *argp, struct nfs4_acl **acl)
 320{
 321        struct nfs4_ace *ace;
 322        __be32 status;
 323        u32 count;
 324
 325        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
 326                return nfserr_bad_xdr;
 327
 328        if (count > xdr_stream_remaining(argp->xdr) / 20)
 329                /*
 330                 * Even with 4-byte names there wouldn't be
 331                 * space for that many aces; something fishy is
 332                 * going on:
 333                 */
 334                return nfserr_fbig;
 335
 336        *acl = svcxdr_tmpalloc(argp, nfs4_acl_bytes(count));
 337        if (*acl == NULL)
 338                return nfserr_jukebox;
 339
 340        (*acl)->naces = count;
 341        for (ace = (*acl)->aces; ace < (*acl)->aces + count; ace++) {
 342                status = nfsd4_decode_nfsace4(argp, ace);
 343                if (status)
 344                        return status;
 345        }
 346
 347        return nfs_ok;
 348}
 349
 350static noinline __be32
 351nfsd4_decode_security_label(struct nfsd4_compoundargs *argp,
 352                            struct xdr_netobj *label)
 353{
 354        u32 lfs, pi, length;
 355        __be32 *p;
 356
 357        if (xdr_stream_decode_u32(argp->xdr, &lfs) < 0)
 358                return nfserr_bad_xdr;
 359        if (xdr_stream_decode_u32(argp->xdr, &pi) < 0)
 360                return nfserr_bad_xdr;
 361
 362        if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 363                return nfserr_bad_xdr;
 364        if (length > NFS4_MAXLABELLEN)
 365                return nfserr_badlabel;
 366        p = xdr_inline_decode(argp->xdr, length);
 367        if (!p)
 368                return nfserr_bad_xdr;
 369        label->len = length;
 370        label->data = svcxdr_dupstr(argp, p, length);
 371        if (!label->data)
 372                return nfserr_jukebox;
 373
 374        return nfs_ok;
 375}
 376
 377static __be32
 378nfsd4_decode_fattr4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen,
 379                    struct iattr *iattr, struct nfs4_acl **acl,
 380                    struct xdr_netobj *label, int *umask)
 381{
 382        unsigned int starting_pos;
 383        u32 attrlist4_count;
 384        __be32 *p, status;
 385
 386        iattr->ia_valid = 0;
 387        status = nfsd4_decode_bitmap4(argp, bmval, bmlen);
 388        if (status)
 389                return nfserr_bad_xdr;
 390
 391        if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0
 392            || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1
 393            || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) {
 394                if (nfsd_attrs_supported(argp->minorversion, bmval))
 395                        return nfserr_inval;
 396                return nfserr_attrnotsupp;
 397        }
 398
 399        if (xdr_stream_decode_u32(argp->xdr, &attrlist4_count) < 0)
 400                return nfserr_bad_xdr;
 401        starting_pos = xdr_stream_pos(argp->xdr);
 402
 403        if (bmval[0] & FATTR4_WORD0_SIZE) {
 404                u64 size;
 405
 406                if (xdr_stream_decode_u64(argp->xdr, &size) < 0)
 407                        return nfserr_bad_xdr;
 408                iattr->ia_size = size;
 409                iattr->ia_valid |= ATTR_SIZE;
 410        }
 411        if (bmval[0] & FATTR4_WORD0_ACL) {
 412                status = nfsd4_decode_acl(argp, acl);
 413                if (status)
 414                        return status;
 415        } else
 416                *acl = NULL;
 417        if (bmval[1] & FATTR4_WORD1_MODE) {
 418                u32 mode;
 419
 420                if (xdr_stream_decode_u32(argp->xdr, &mode) < 0)
 421                        return nfserr_bad_xdr;
 422                iattr->ia_mode = mode;
 423                iattr->ia_mode &= (S_IFMT | S_IALLUGO);
 424                iattr->ia_valid |= ATTR_MODE;
 425        }
 426        if (bmval[1] & FATTR4_WORD1_OWNER) {
 427                u32 length;
 428
 429                if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 430                        return nfserr_bad_xdr;
 431                p = xdr_inline_decode(argp->xdr, length);
 432                if (!p)
 433                        return nfserr_bad_xdr;
 434                status = nfsd_map_name_to_uid(argp->rqstp, (char *)p, length,
 435                                              &iattr->ia_uid);
 436                if (status)
 437                        return status;
 438                iattr->ia_valid |= ATTR_UID;
 439        }
 440        if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) {
 441                u32 length;
 442
 443                if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 444                        return nfserr_bad_xdr;
 445                p = xdr_inline_decode(argp->xdr, length);
 446                if (!p)
 447                        return nfserr_bad_xdr;
 448                status = nfsd_map_name_to_gid(argp->rqstp, (char *)p, length,
 449                                              &iattr->ia_gid);
 450                if (status)
 451                        return status;
 452                iattr->ia_valid |= ATTR_GID;
 453        }
 454        if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) {
 455                u32 set_it;
 456
 457                if (xdr_stream_decode_u32(argp->xdr, &set_it) < 0)
 458                        return nfserr_bad_xdr;
 459                switch (set_it) {
 460                case NFS4_SET_TO_CLIENT_TIME:
 461                        status = nfsd4_decode_nfstime4(argp, &iattr->ia_atime);
 462                        if (status)
 463                                return status;
 464                        iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);
 465                        break;
 466                case NFS4_SET_TO_SERVER_TIME:
 467                        iattr->ia_valid |= ATTR_ATIME;
 468                        break;
 469                default:
 470                        return nfserr_bad_xdr;
 471                }
 472        }
 473        if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) {
 474                u32 set_it;
 475
 476                if (xdr_stream_decode_u32(argp->xdr, &set_it) < 0)
 477                        return nfserr_bad_xdr;
 478                switch (set_it) {
 479                case NFS4_SET_TO_CLIENT_TIME:
 480                        status = nfsd4_decode_nfstime4(argp, &iattr->ia_mtime);
 481                        if (status)
 482                                return status;
 483                        iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET);
 484                        break;
 485                case NFS4_SET_TO_SERVER_TIME:
 486                        iattr->ia_valid |= ATTR_MTIME;
 487                        break;
 488                default:
 489                        return nfserr_bad_xdr;
 490                }
 491        }
 492        label->len = 0;
 493        if (IS_ENABLED(CONFIG_NFSD_V4_SECURITY_LABEL) &&
 494            bmval[2] & FATTR4_WORD2_SECURITY_LABEL) {
 495                status = nfsd4_decode_security_label(argp, label);
 496                if (status)
 497                        return status;
 498        }
 499        if (bmval[2] & FATTR4_WORD2_MODE_UMASK) {
 500                u32 mode, mask;
 501
 502                if (!umask)
 503                        return nfserr_bad_xdr;
 504                if (xdr_stream_decode_u32(argp->xdr, &mode) < 0)
 505                        return nfserr_bad_xdr;
 506                iattr->ia_mode = mode & (S_IFMT | S_IALLUGO);
 507                if (xdr_stream_decode_u32(argp->xdr, &mask) < 0)
 508                        return nfserr_bad_xdr;
 509                *umask = mask & S_IRWXUGO;
 510                iattr->ia_valid |= ATTR_MODE;
 511        }
 512
 513        /* request sanity: did attrlist4 contain the expected number of words? */
 514        if (attrlist4_count != xdr_stream_pos(argp->xdr) - starting_pos)
 515                return nfserr_bad_xdr;
 516
 517        return nfs_ok;
 518}
 519
 520static __be32
 521nfsd4_decode_stateid4(struct nfsd4_compoundargs *argp, stateid_t *sid)
 522{
 523        __be32 *p;
 524
 525        p = xdr_inline_decode(argp->xdr, NFS4_STATEID_SIZE);
 526        if (!p)
 527                return nfserr_bad_xdr;
 528        sid->si_generation = be32_to_cpup(p++);
 529        memcpy(&sid->si_opaque, p, sizeof(sid->si_opaque));
 530        return nfs_ok;
 531}
 532
 533static __be32
 534nfsd4_decode_clientid4(struct nfsd4_compoundargs *argp, clientid_t *clientid)
 535{
 536        __be32 *p;
 537
 538        p = xdr_inline_decode(argp->xdr, sizeof(__be64));
 539        if (!p)
 540                return nfserr_bad_xdr;
 541        memcpy(clientid, p, sizeof(*clientid));
 542        return nfs_ok;
 543}
 544
 545static __be32
 546nfsd4_decode_state_owner4(struct nfsd4_compoundargs *argp,
 547                          clientid_t *clientid, struct xdr_netobj *owner)
 548{
 549        __be32 status;
 550
 551        status = nfsd4_decode_clientid4(argp, clientid);
 552        if (status)
 553                return status;
 554        return nfsd4_decode_opaque(argp, owner);
 555}
 556
 557#ifdef CONFIG_NFSD_PNFS
 558static __be32
 559nfsd4_decode_deviceid4(struct nfsd4_compoundargs *argp,
 560                       struct nfsd4_deviceid *devid)
 561{
 562        __be32 *p;
 563
 564        p = xdr_inline_decode(argp->xdr, NFS4_DEVICEID4_SIZE);
 565        if (!p)
 566                return nfserr_bad_xdr;
 567        memcpy(devid, p, sizeof(*devid));
 568        return nfs_ok;
 569}
 570
 571static __be32
 572nfsd4_decode_layoutupdate4(struct nfsd4_compoundargs *argp,
 573                           struct nfsd4_layoutcommit *lcp)
 574{
 575        if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_layout_type) < 0)
 576                return nfserr_bad_xdr;
 577        if (lcp->lc_layout_type < LAYOUT_NFSV4_1_FILES)
 578                return nfserr_bad_xdr;
 579        if (lcp->lc_layout_type >= LAYOUT_TYPE_MAX)
 580                return nfserr_bad_xdr;
 581
 582        if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_up_len) < 0)
 583                return nfserr_bad_xdr;
 584        if (lcp->lc_up_len > 0) {
 585                lcp->lc_up_layout = xdr_inline_decode(argp->xdr, lcp->lc_up_len);
 586                if (!lcp->lc_up_layout)
 587                        return nfserr_bad_xdr;
 588        }
 589
 590        return nfs_ok;
 591}
 592
 593static __be32
 594nfsd4_decode_layoutreturn4(struct nfsd4_compoundargs *argp,
 595                           struct nfsd4_layoutreturn *lrp)
 596{
 597        __be32 status;
 598
 599        if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_return_type) < 0)
 600                return nfserr_bad_xdr;
 601        switch (lrp->lr_return_type) {
 602        case RETURN_FILE:
 603                if (xdr_stream_decode_u64(argp->xdr, &lrp->lr_seg.offset) < 0)
 604                        return nfserr_bad_xdr;
 605                if (xdr_stream_decode_u64(argp->xdr, &lrp->lr_seg.length) < 0)
 606                        return nfserr_bad_xdr;
 607                status = nfsd4_decode_stateid4(argp, &lrp->lr_sid);
 608                if (status)
 609                        return status;
 610                if (xdr_stream_decode_u32(argp->xdr, &lrp->lrf_body_len) < 0)
 611                        return nfserr_bad_xdr;
 612                if (lrp->lrf_body_len > 0) {
 613                        lrp->lrf_body = xdr_inline_decode(argp->xdr, lrp->lrf_body_len);
 614                        if (!lrp->lrf_body)
 615                                return nfserr_bad_xdr;
 616                }
 617                break;
 618        case RETURN_FSID:
 619        case RETURN_ALL:
 620                lrp->lr_seg.offset = 0;
 621                lrp->lr_seg.length = NFS4_MAX_UINT64;
 622                break;
 623        default:
 624                return nfserr_bad_xdr;
 625        }
 626
 627        return nfs_ok;
 628}
 629
 630#endif /* CONFIG_NFSD_PNFS */
 631
 632static __be32
 633nfsd4_decode_sessionid4(struct nfsd4_compoundargs *argp,
 634                        struct nfs4_sessionid *sessionid)
 635{
 636        __be32 *p;
 637
 638        p = xdr_inline_decode(argp->xdr, NFS4_MAX_SESSIONID_LEN);
 639        if (!p)
 640                return nfserr_bad_xdr;
 641        memcpy(sessionid->data, p, sizeof(sessionid->data));
 642        return nfs_ok;
 643}
 644
 645/* Defined in Appendix A of RFC 5531 */
 646static __be32
 647nfsd4_decode_authsys_parms(struct nfsd4_compoundargs *argp,
 648                           struct nfsd4_cb_sec *cbs)
 649{
 650        u32 stamp, gidcount, uid, gid;
 651        __be32 *p, status;
 652
 653        if (xdr_stream_decode_u32(argp->xdr, &stamp) < 0)
 654                return nfserr_bad_xdr;
 655        /* machine name */
 656        status = nfsd4_decode_ignored_string(argp, 255);
 657        if (status)
 658                return status;
 659        if (xdr_stream_decode_u32(argp->xdr, &uid) < 0)
 660                return nfserr_bad_xdr;
 661        if (xdr_stream_decode_u32(argp->xdr, &gid) < 0)
 662                return nfserr_bad_xdr;
 663        if (xdr_stream_decode_u32(argp->xdr, &gidcount) < 0)
 664                return nfserr_bad_xdr;
 665        if (gidcount > 16)
 666                return nfserr_bad_xdr;
 667        p = xdr_inline_decode(argp->xdr, gidcount << 2);
 668        if (!p)
 669                return nfserr_bad_xdr;
 670        if (cbs->flavor == (u32)(-1)) {
 671                struct user_namespace *userns = nfsd_user_namespace(argp->rqstp);
 672
 673                kuid_t kuid = make_kuid(userns, uid);
 674                kgid_t kgid = make_kgid(userns, gid);
 675                if (uid_valid(kuid) && gid_valid(kgid)) {
 676                        cbs->uid = kuid;
 677                        cbs->gid = kgid;
 678                        cbs->flavor = RPC_AUTH_UNIX;
 679                } else {
 680                        dprintk("RPC_AUTH_UNIX with invalid uid or gid, ignoring!\n");
 681                }
 682        }
 683
 684        return nfs_ok;
 685}
 686
 687static __be32
 688nfsd4_decode_gss_cb_handles4(struct nfsd4_compoundargs *argp,
 689                             struct nfsd4_cb_sec *cbs)
 690{
 691        __be32 status;
 692        u32 service;
 693
 694        dprintk("RPC_AUTH_GSS callback secflavor not supported!\n");
 695
 696        if (xdr_stream_decode_u32(argp->xdr, &service) < 0)
 697                return nfserr_bad_xdr;
 698        if (service < RPC_GSS_SVC_NONE || service > RPC_GSS_SVC_PRIVACY)
 699                return nfserr_bad_xdr;
 700        /* gcbp_handle_from_server */
 701        status = nfsd4_decode_ignored_string(argp, 0);
 702        if (status)
 703                return status;
 704        /* gcbp_handle_from_client */
 705        status = nfsd4_decode_ignored_string(argp, 0);
 706        if (status)
 707                return status;
 708
 709        return nfs_ok;
 710}
 711
 712/* a counted array of callback_sec_parms4 items */
 713static __be32
 714nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs)
 715{
 716        u32 i, secflavor, nr_secflavs;
 717        __be32 status;
 718
 719        /* callback_sec_params4 */
 720        if (xdr_stream_decode_u32(argp->xdr, &nr_secflavs) < 0)
 721                return nfserr_bad_xdr;
 722        if (nr_secflavs)
 723                cbs->flavor = (u32)(-1);
 724        else
 725                /* Is this legal? Be generous, take it to mean AUTH_NONE: */
 726                cbs->flavor = 0;
 727
 728        for (i = 0; i < nr_secflavs; ++i) {
 729                if (xdr_stream_decode_u32(argp->xdr, &secflavor) < 0)
 730                        return nfserr_bad_xdr;
 731                switch (secflavor) {
 732                case RPC_AUTH_NULL:
 733                        /* void */
 734                        if (cbs->flavor == (u32)(-1))
 735                                cbs->flavor = RPC_AUTH_NULL;
 736                        break;
 737                case RPC_AUTH_UNIX:
 738                        status = nfsd4_decode_authsys_parms(argp, cbs);
 739                        if (status)
 740                                return status;
 741                        break;
 742                case RPC_AUTH_GSS:
 743                        status = nfsd4_decode_gss_cb_handles4(argp, cbs);
 744                        if (status)
 745                                return status;
 746                        break;
 747                default:
 748                        return nfserr_inval;
 749                }
 750        }
 751
 752        return nfs_ok;
 753}
 754
 755
 756/*
 757 * NFSv4 operation argument decoders
 758 */
 759
 760static __be32
 761nfsd4_decode_access(struct nfsd4_compoundargs *argp,
 762                    struct nfsd4_access *access)
 763{
 764        if (xdr_stream_decode_u32(argp->xdr, &access->ac_req_access) < 0)
 765                return nfserr_bad_xdr;
 766        return nfs_ok;
 767}
 768
 769static __be32
 770nfsd4_decode_close(struct nfsd4_compoundargs *argp, struct nfsd4_close *close)
 771{
 772        if (xdr_stream_decode_u32(argp->xdr, &close->cl_seqid) < 0)
 773                return nfserr_bad_xdr;
 774        return nfsd4_decode_stateid4(argp, &close->cl_stateid);
 775}
 776
 777
 778static __be32
 779nfsd4_decode_commit(struct nfsd4_compoundargs *argp, struct nfsd4_commit *commit)
 780{
 781        if (xdr_stream_decode_u64(argp->xdr, &commit->co_offset) < 0)
 782                return nfserr_bad_xdr;
 783        if (xdr_stream_decode_u32(argp->xdr, &commit->co_count) < 0)
 784                return nfserr_bad_xdr;
 785        return nfs_ok;
 786}
 787
 788static __be32
 789nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create)
 790{
 791        __be32 *p, status;
 792
 793        if (xdr_stream_decode_u32(argp->xdr, &create->cr_type) < 0)
 794                return nfserr_bad_xdr;
 795        switch (create->cr_type) {
 796        case NF4LNK:
 797                if (xdr_stream_decode_u32(argp->xdr, &create->cr_datalen) < 0)
 798                        return nfserr_bad_xdr;
 799                p = xdr_inline_decode(argp->xdr, create->cr_datalen);
 800                if (!p)
 801                        return nfserr_bad_xdr;
 802                create->cr_data = svcxdr_dupstr(argp, p, create->cr_datalen);
 803                if (!create->cr_data)
 804                        return nfserr_jukebox;
 805                break;
 806        case NF4BLK:
 807        case NF4CHR:
 808                if (xdr_stream_decode_u32(argp->xdr, &create->cr_specdata1) < 0)
 809                        return nfserr_bad_xdr;
 810                if (xdr_stream_decode_u32(argp->xdr, &create->cr_specdata2) < 0)
 811                        return nfserr_bad_xdr;
 812                break;
 813        case NF4SOCK:
 814        case NF4FIFO:
 815        case NF4DIR:
 816        default:
 817                break;
 818        }
 819        status = nfsd4_decode_component4(argp, &create->cr_name,
 820                                         &create->cr_namelen);
 821        if (status)
 822                return status;
 823        status = nfsd4_decode_fattr4(argp, create->cr_bmval,
 824                                    ARRAY_SIZE(create->cr_bmval),
 825                                    &create->cr_iattr, &create->cr_acl,
 826                                    &create->cr_label, &create->cr_umask);
 827        if (status)
 828                return status;
 829
 830        return nfs_ok;
 831}
 832
 833static inline __be32
 834nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, struct nfsd4_delegreturn *dr)
 835{
 836        return nfsd4_decode_stateid4(argp, &dr->dr_stateid);
 837}
 838
 839static inline __be32
 840nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, struct nfsd4_getattr *getattr)
 841{
 842        return nfsd4_decode_bitmap4(argp, getattr->ga_bmval,
 843                                    ARRAY_SIZE(getattr->ga_bmval));
 844}
 845
 846static __be32
 847nfsd4_decode_link(struct nfsd4_compoundargs *argp, struct nfsd4_link *link)
 848{
 849        return nfsd4_decode_component4(argp, &link->li_name, &link->li_namelen);
 850}
 851
 852static __be32
 853nfsd4_decode_open_to_lock_owner4(struct nfsd4_compoundargs *argp,
 854                                 struct nfsd4_lock *lock)
 855{
 856        __be32 status;
 857
 858        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_new_open_seqid) < 0)
 859                return nfserr_bad_xdr;
 860        status = nfsd4_decode_stateid4(argp, &lock->lk_new_open_stateid);
 861        if (status)
 862                return status;
 863        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_new_lock_seqid) < 0)
 864                return nfserr_bad_xdr;
 865        return nfsd4_decode_state_owner4(argp, &lock->lk_new_clientid,
 866                                         &lock->lk_new_owner);
 867}
 868
 869static __be32
 870nfsd4_decode_exist_lock_owner4(struct nfsd4_compoundargs *argp,
 871                               struct nfsd4_lock *lock)
 872{
 873        __be32 status;
 874
 875        status = nfsd4_decode_stateid4(argp, &lock->lk_old_lock_stateid);
 876        if (status)
 877                return status;
 878        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_old_lock_seqid) < 0)
 879                return nfserr_bad_xdr;
 880
 881        return nfs_ok;
 882}
 883
 884static __be32
 885nfsd4_decode_locker4(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock)
 886{
 887        if (xdr_stream_decode_bool(argp->xdr, &lock->lk_is_new) < 0)
 888                return nfserr_bad_xdr;
 889        if (lock->lk_is_new)
 890                return nfsd4_decode_open_to_lock_owner4(argp, lock);
 891        return nfsd4_decode_exist_lock_owner4(argp, lock);
 892}
 893
 894static __be32
 895nfsd4_decode_lock(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock)
 896{
 897        if (xdr_stream_decode_u32(argp->xdr, &lock->lk_type) < 0)
 898                return nfserr_bad_xdr;
 899        if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT))
 900                return nfserr_bad_xdr;
 901        if (xdr_stream_decode_bool(argp->xdr, &lock->lk_reclaim) < 0)
 902                return nfserr_bad_xdr;
 903        if (xdr_stream_decode_u64(argp->xdr, &lock->lk_offset) < 0)
 904                return nfserr_bad_xdr;
 905        if (xdr_stream_decode_u64(argp->xdr, &lock->lk_length) < 0)
 906                return nfserr_bad_xdr;
 907        return nfsd4_decode_locker4(argp, lock);
 908}
 909
 910static __be32
 911nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, struct nfsd4_lockt *lockt)
 912{
 913        if (xdr_stream_decode_u32(argp->xdr, &lockt->lt_type) < 0)
 914                return nfserr_bad_xdr;
 915        if ((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT))
 916                return nfserr_bad_xdr;
 917        if (xdr_stream_decode_u64(argp->xdr, &lockt->lt_offset) < 0)
 918                return nfserr_bad_xdr;
 919        if (xdr_stream_decode_u64(argp->xdr, &lockt->lt_length) < 0)
 920                return nfserr_bad_xdr;
 921        return nfsd4_decode_state_owner4(argp, &lockt->lt_clientid,
 922                                         &lockt->lt_owner);
 923}
 924
 925static __be32
 926nfsd4_decode_locku(struct nfsd4_compoundargs *argp, struct nfsd4_locku *locku)
 927{
 928        __be32 status;
 929
 930        if (xdr_stream_decode_u32(argp->xdr, &locku->lu_type) < 0)
 931                return nfserr_bad_xdr;
 932        if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT))
 933                return nfserr_bad_xdr;
 934        if (xdr_stream_decode_u32(argp->xdr, &locku->lu_seqid) < 0)
 935                return nfserr_bad_xdr;
 936        status = nfsd4_decode_stateid4(argp, &locku->lu_stateid);
 937        if (status)
 938                return status;
 939        if (xdr_stream_decode_u64(argp->xdr, &locku->lu_offset) < 0)
 940                return nfserr_bad_xdr;
 941        if (xdr_stream_decode_u64(argp->xdr, &locku->lu_length) < 0)
 942                return nfserr_bad_xdr;
 943
 944        return nfs_ok;
 945}
 946
 947static __be32
 948nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, struct nfsd4_lookup *lookup)
 949{
 950        return nfsd4_decode_component4(argp, &lookup->lo_name, &lookup->lo_len);
 951}
 952
 953static __be32
 954nfsd4_decode_createhow4(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 955{
 956        __be32 status;
 957
 958        if (xdr_stream_decode_u32(argp->xdr, &open->op_createmode) < 0)
 959                return nfserr_bad_xdr;
 960        switch (open->op_createmode) {
 961        case NFS4_CREATE_UNCHECKED:
 962        case NFS4_CREATE_GUARDED:
 963                status = nfsd4_decode_fattr4(argp, open->op_bmval,
 964                                             ARRAY_SIZE(open->op_bmval),
 965                                             &open->op_iattr, &open->op_acl,
 966                                             &open->op_label, &open->op_umask);
 967                if (status)
 968                        return status;
 969                break;
 970        case NFS4_CREATE_EXCLUSIVE:
 971                status = nfsd4_decode_verifier4(argp, &open->op_verf);
 972                if (status)
 973                        return status;
 974                break;
 975        case NFS4_CREATE_EXCLUSIVE4_1:
 976                if (argp->minorversion < 1)
 977                        return nfserr_bad_xdr;
 978                status = nfsd4_decode_verifier4(argp, &open->op_verf);
 979                if (status)
 980                        return status;
 981                status = nfsd4_decode_fattr4(argp, open->op_bmval,
 982                                             ARRAY_SIZE(open->op_bmval),
 983                                             &open->op_iattr, &open->op_acl,
 984                                             &open->op_label, &open->op_umask);
 985                if (status)
 986                        return status;
 987                break;
 988        default:
 989                return nfserr_bad_xdr;
 990        }
 991
 992        return nfs_ok;
 993}
 994
 995static __be32
 996nfsd4_decode_openflag4(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 997{
 998        __be32 status;
 999
1000        if (xdr_stream_decode_u32(argp->xdr, &open->op_create) < 0)

1001                return nfserr_bad_xdr;
1002        switch (open->op_create) {
1003        case NFS4_OPEN_NOCREATE:
1004                break;
1005        case NFS4_OPEN_CREATE:
1006                status = nfsd4_decode_createhow4(argp, open);
1007                if (status)
1008                        return status;
1009                break;
1010        default:
1011                return nfserr_bad_xdr;
1012        }
1013
1014        return nfs_ok;
1015}
1016
1017static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when)
1018{
1019        u32 w;
1020
1021        if (xdr_stream_decode_u32(argp->xdr, &w) < 0)
1022                return nfserr_bad_xdr;
1023        *share_access = w & NFS4_SHARE_ACCESS_MASK;
1024        *deleg_want = w & NFS4_SHARE_WANT_MASK;
1025        if (deleg_when)
1026                *deleg_when = w & NFS4_SHARE_WHEN_MASK;
1027
1028        switch (w & NFS4_SHARE_ACCESS_MASK) {
1029        case NFS4_SHARE_ACCESS_READ:
1030        case NFS4_SHARE_ACCESS_WRITE:
1031        case NFS4_SHARE_ACCESS_BOTH:
1032                break;
1033        default:
1034                return nfserr_bad_xdr;
1035        }
1036        w &= ~NFS4_SHARE_ACCESS_MASK;
1037        if (!w)
1038                return nfs_ok;
1039        if (!argp->minorversion)
1040                return nfserr_bad_xdr;
1041        switch (w & NFS4_SHARE_WANT_MASK) {
1042        case NFS4_SHARE_WANT_NO_PREFERENCE:
1043        case NFS4_SHARE_WANT_READ_DELEG:
1044        case NFS4_SHARE_WANT_WRITE_DELEG:
1045        case NFS4_SHARE_WANT_ANY_DELEG:
1046        case NFS4_SHARE_WANT_NO_DELEG:
1047        case NFS4_SHARE_WANT_CANCEL:
1048                break;
1049        default:
1050                return nfserr_bad_xdr;
1051        }
1052        w &= ~NFS4_SHARE_WANT_MASK;
1053        if (!w)
1054                return nfs_ok;
1055
1056        if (!deleg_when)        /* open_downgrade */
1057                return nfserr_inval;
1058        switch (w) {
1059        case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL:
1060        case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED:
1061        case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL |
1062              NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED):
1063                return nfs_ok;
1064        }
1065        return nfserr_bad_xdr;
1066}
1067
1068static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x)
1069{
1070        if (xdr_stream_decode_u32(argp->xdr, x) < 0)
1071                return nfserr_bad_xdr;
1072        /* Note: unlike access bits, deny bits may be zero. */
1073        if (*x & ~NFS4_SHARE_DENY_BOTH)
1074                return nfserr_bad_xdr;
1075
1076        return nfs_ok;
1077}
1078
1079static __be32
1080nfsd4_decode_open_claim4(struct nfsd4_compoundargs *argp,
1081                         struct nfsd4_open *open)
1082{
1083        __be32 status;
1084
1085        if (xdr_stream_decode_u32(argp->xdr, &open->op_claim_type) < 0)
1086                return nfserr_bad_xdr;
1087        switch (open->op_claim_type) {
1088        case NFS4_OPEN_CLAIM_NULL:
1089        case NFS4_OPEN_CLAIM_DELEGATE_PREV:
1090                status = nfsd4_decode_component4(argp, &open->op_fname,
1091                                                 &open->op_fnamelen);
1092                if (status)
1093                        return status;
1094                break;
1095        case NFS4_OPEN_CLAIM_PREVIOUS:
1096                if (xdr_stream_decode_u32(argp->xdr, &open->op_delegate_type) < 0)
1097                        return nfserr_bad_xdr;
1098                break;
1099        case NFS4_OPEN_CLAIM_DELEGATE_CUR:
1100                status = nfsd4_decode_stateid4(argp, &open->op_delegate_stateid);
1101                if (status)
1102                        return status;
1103                status = nfsd4_decode_component4(argp, &open->op_fname,
1104                                                 &open->op_fnamelen);
1105                if (status)
1106                        return status;
1107                break;
1108        case NFS4_OPEN_CLAIM_FH:
1109        case NFS4_OPEN_CLAIM_DELEG_PREV_FH:
1110                if (argp->minorversion < 1)
1111                        return nfserr_bad_xdr;
1112                /* void */
1113                break;
1114        case NFS4_OPEN_CLAIM_DELEG_CUR_FH:
1115                if (argp->minorversion < 1)
1116                        return nfserr_bad_xdr;
1117                status = nfsd4_decode_stateid4(argp, &open->op_delegate_stateid);
1118                if (status)
1119                        return status;
1120                break;
1121        default:
1122                return nfserr_bad_xdr;
1123        }
1124
1125        return nfs_ok;
1126}
1127
1128static __be32
1129nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
1130{
1131        __be32 status;
1132        u32 dummy;
1133
1134        memset(open->op_bmval, 0, sizeof(open->op_bmval));
1135        open->op_iattr.ia_valid = 0;
1136        open->op_openowner = NULL;
1137
1138        open->op_xdr_error = 0;
1139        if (xdr_stream_decode_u32(argp->xdr, &open->op_seqid) < 0)
1140                return nfserr_bad_xdr;
1141        /* deleg_want is ignored */
1142        status = nfsd4_decode_share_access(argp, &open->op_share_access,
1143                                           &open->op_deleg_want, &dummy);
1144        if (status)
1145                return status;
1146        status = nfsd4_decode_share_deny(argp, &open->op_share_deny);
1147        if (status)
1148                return status;
1149        status = nfsd4_decode_state_owner4(argp, &open->op_clientid,
1150                                           &open->op_owner);
1151        if (status)
1152                return status;
1153        status = nfsd4_decode_openflag4(argp, open);
1154        if (status)
1155                return status;
1156        return nfsd4_decode_open_claim4(argp, open);
1157}
1158
1159static __be32
1160nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_open_confirm *open_conf)
1161{
1162        __be32 status;
1163
1164        if (argp->minorversion >= 1)
1165                return nfserr_notsupp;
1166
1167        status = nfsd4_decode_stateid4(argp, &open_conf->oc_req_stateid);
1168        if (status)
1169                return status;
1170        if (xdr_stream_decode_u32(argp->xdr, &open_conf->oc_seqid) < 0)
1171                return nfserr_bad_xdr;
1172
1173        return nfs_ok;
1174}
1175
1176static __be32
1177nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp, struct nfsd4_open_downgrade *open_down)
1178{
1179        __be32 status;
1180
1181        status = nfsd4_decode_stateid4(argp, &open_down->od_stateid);
1182        if (status)
1183                return status;
1184        if (xdr_stream_decode_u32(argp->xdr, &open_down->od_seqid) < 0)
1185                return nfserr_bad_xdr;
1186        /* deleg_want is ignored */
1187        status = nfsd4_decode_share_access(argp, &open_down->od_share_access,
1188                                           &open_down->od_deleg_want, NULL);
1189        if (status)
1190                return status;
1191        return nfsd4_decode_share_deny(argp, &open_down->od_share_deny);
1192}
1193
1194static __be32
1195nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh)
1196{
1197        __be32 *p;
1198
1199        if (xdr_stream_decode_u32(argp->xdr, &putfh->pf_fhlen) < 0)
1200                return nfserr_bad_xdr;
1201        if (putfh->pf_fhlen > NFS4_FHSIZE)
1202                return nfserr_bad_xdr;
1203        p = xdr_inline_decode(argp->xdr, putfh->pf_fhlen);
1204        if (!p)
1205                return nfserr_bad_xdr;
1206        putfh->pf_fhval = svcxdr_savemem(argp, p, putfh->pf_fhlen);
1207        if (!putfh->pf_fhval)
1208                return nfserr_jukebox;
1209
1210        return nfs_ok;
1211}
1212
1213static __be32
1214nfsd4_decode_putpubfh(struct nfsd4_compoundargs *argp, void *p)
1215{
1216        if (argp->minorversion == 0)
1217                return nfs_ok;
1218        return nfserr_notsupp;
1219}
1220
1221static __be32
1222nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read)
1223{
1224        __be32 status;
1225
1226        status = nfsd4_decode_stateid4(argp, &read->rd_stateid);
1227        if (status)
1228                return status;
1229        if (xdr_stream_decode_u64(argp->xdr, &read->rd_offset) < 0)
1230                return nfserr_bad_xdr;
1231        if (xdr_stream_decode_u32(argp->xdr, &read->rd_length) < 0)
1232                return nfserr_bad_xdr;
1233
1234        return nfs_ok;
1235}
1236
1237static __be32
1238nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, struct nfsd4_readdir *readdir)
1239{
1240        __be32 status;
1241
1242        if (xdr_stream_decode_u64(argp->xdr, &readdir->rd_cookie) < 0)
1243                return nfserr_bad_xdr;
1244        status = nfsd4_decode_verifier4(argp, &readdir->rd_verf);
1245        if (status)
1246                return status;
1247        if (xdr_stream_decode_u32(argp->xdr, &readdir->rd_dircount) < 0)
1248                return nfserr_bad_xdr;
1249        if (xdr_stream_decode_u32(argp->xdr, &readdir->rd_maxcount) < 0)
1250                return nfserr_bad_xdr;
1251        if (xdr_stream_decode_uint32_array(argp->xdr, readdir->rd_bmval,
1252                                           ARRAY_SIZE(readdir->rd_bmval)) < 0)
1253                return nfserr_bad_xdr;
1254
1255        return nfs_ok;
1256}
1257
1258static __be32
1259nfsd4_decode_remove(struct nfsd4_compoundargs *argp, struct nfsd4_remove *remove)
1260{
1261        return nfsd4_decode_component4(argp, &remove->rm_name, &remove->rm_namelen);
1262}
1263
1264static __be32
1265nfsd4_decode_rename(struct nfsd4_compoundargs *argp, struct nfsd4_rename *rename)
1266{
1267        __be32 status;
1268
1269        status = nfsd4_decode_component4(argp, &rename->rn_sname, &rename->rn_snamelen);
1270        if (status)
1271                return status;
1272        return nfsd4_decode_component4(argp, &rename->rn_tname, &rename->rn_tnamelen);
1273}
1274
1275static __be32
1276nfsd4_decode_renew(struct nfsd4_compoundargs *argp, clientid_t *clientid)
1277{
1278        return nfsd4_decode_clientid4(argp, clientid);
1279}
1280
1281static __be32
1282nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp,
1283                     struct nfsd4_secinfo *secinfo)
1284{
1285        return nfsd4_decode_component4(argp, &secinfo->si_name, &secinfo->si_namelen);
1286}
1287
1288static __be32
1289nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *setattr)
1290{
1291        __be32 status;
1292
1293        status = nfsd4_decode_stateid4(argp, &setattr->sa_stateid);
1294        if (status)
1295                return status;
1296        return nfsd4_decode_fattr4(argp, setattr->sa_bmval,
1297                                   ARRAY_SIZE(setattr->sa_bmval),
1298                                   &setattr->sa_iattr, &setattr->sa_acl,
1299                                   &setattr->sa_label, NULL);
1300}
1301
1302static __be32
1303nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid *setclientid)
1304{
1305        __be32 *p, status;
1306
1307        if (argp->minorversion >= 1)
1308                return nfserr_notsupp;
1309
1310        status = nfsd4_decode_verifier4(argp, &setclientid->se_verf);
1311        if (status)
1312                return status;
1313        status = nfsd4_decode_opaque(argp, &setclientid->se_name);
1314        if (status)
1315                return status;
1316        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_prog) < 0)
1317                return nfserr_bad_xdr;
1318        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_netid_len) < 0)
1319                return nfserr_bad_xdr;
1320        p = xdr_inline_decode(argp->xdr, setclientid->se_callback_netid_len);
1321        if (!p)
1322                return nfserr_bad_xdr;
1323        setclientid->se_callback_netid_val = svcxdr_savemem(argp, p,
1324                                                setclientid->se_callback_netid_len);
1325        if (!setclientid->se_callback_netid_val)
1326                return nfserr_jukebox;
1327
1328        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_addr_len) < 0)
1329                return nfserr_bad_xdr;
1330        p = xdr_inline_decode(argp->xdr, setclientid->se_callback_addr_len);
1331        if (!p)
1332                return nfserr_bad_xdr;
1333        setclientid->se_callback_addr_val = svcxdr_savemem(argp, p,
1334                                                setclientid->se_callback_addr_len);
1335        if (!setclientid->se_callback_addr_val)
1336                return nfserr_jukebox;
1337        if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_ident) < 0)
1338                return nfserr_bad_xdr;
1339
1340        return nfs_ok;
1341}
1342
1343static __be32
1344nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid_confirm *scd_c)
1345{
1346        __be32 status;
1347
1348        if (argp->minorversion >= 1)
1349                return nfserr_notsupp;
1350
1351        status = nfsd4_decode_clientid4(argp, &scd_c->sc_clientid);
1352        if (status)
1353                return status;
1354        return nfsd4_decode_verifier4(argp, &scd_c->sc_confirm);
1355}
1356
1357/* Also used for NVERIFY */
1358static __be32
1359nfsd4_decode_verify(struct nfsd4_compoundargs *argp, struct nfsd4_verify *verify)
1360{
1361        __be32 *p, status;
1362
1363        status = nfsd4_decode_bitmap4(argp, verify->ve_bmval,
1364                                      ARRAY_SIZE(verify->ve_bmval));
1365        if (status)
1366                return status;
1367
1368        /* For convenience's sake, we compare raw xdr'd attributes in
1369         * nfsd4_proc_verify */
1370
1371        if (xdr_stream_decode_u32(argp->xdr, &verify->ve_attrlen) < 0)
1372                return nfserr_bad_xdr;
1373        p = xdr_inline_decode(argp->xdr, verify->ve_attrlen);
1374        if (!p)
1375                return nfserr_bad_xdr;
1376        verify->ve_attrval = svcxdr_savemem(argp, p, verify->ve_attrlen);
1377        if (!verify->ve_attrval)
1378                return nfserr_jukebox;
1379
1380        return nfs_ok;
1381}
1382
1383static __be32
1384nfsd4_decode_write(struct nfsd4_compoundargs *argp, struct nfsd4_write *write)
1385{
1386        __be32 status;
1387
1388        status = nfsd4_decode_stateid4(argp, &write->wr_stateid);
1389        if (status)
1390                return status;
1391        if (xdr_stream_decode_u64(argp->xdr, &write->wr_offset) < 0)
1392                return nfserr_bad_xdr;
1393        if (xdr_stream_decode_u32(argp->xdr, &write->wr_stable_how) < 0)
1394                return nfserr_bad_xdr;
1395        if (write->wr_stable_how > NFS_FILE_SYNC)
1396                return nfserr_bad_xdr;
1397        if (xdr_stream_decode_u32(argp->xdr, &write->wr_buflen) < 0)
1398                return nfserr_bad_xdr;
1399        if (!xdr_stream_subsegment(argp->xdr, &write->wr_payload, write->wr_buflen))
1400                return nfserr_bad_xdr;
1401
1402        return nfs_ok;
1403}
1404
1405static __be32
1406nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp, struct nfsd4_release_lockowner *rlockowner)
1407{
1408        __be32 status;
1409
1410        if (argp->minorversion >= 1)
1411                return nfserr_notsupp;
1412
1413        status = nfsd4_decode_state_owner4(argp, &rlockowner->rl_clientid,
1414                                           &rlockowner->rl_owner);
1415        if (status)
1416                return status;
1417
1418        if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid))
1419                return nfserr_inval;
1420
1421        return nfs_ok;
1422}
1423
1424static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp, struct nfsd4_backchannel_ctl *bc)
1425{
1426        if (xdr_stream_decode_u32(argp->xdr, &bc->bc_cb_program) < 0)
1427                return nfserr_bad_xdr;
1428        return nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec);
1429}
1430
1431static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp, struct nfsd4_bind_conn_to_session *bcts)
1432{
1433        u32 use_conn_in_rdma_mode;
1434        __be32 status;
1435
1436        status = nfsd4_decode_sessionid4(argp, &bcts->sessionid);
1437        if (status)
1438                return status;
1439        if (xdr_stream_decode_u32(argp->xdr, &bcts->dir) < 0)
1440                return nfserr_bad_xdr;
1441        if (xdr_stream_decode_u32(argp->xdr, &use_conn_in_rdma_mode) < 0)
1442                return nfserr_bad_xdr;
1443
1444        return nfs_ok;
1445}
1446
1447static __be32
1448nfsd4_decode_state_protect_ops(struct nfsd4_compoundargs *argp,
1449                               struct nfsd4_exchange_id *exid)
1450{
1451        __be32 status;
1452
1453        status = nfsd4_decode_bitmap4(argp, exid->spo_must_enforce,
1454                                      ARRAY_SIZE(exid->spo_must_enforce));
1455        if (status)
1456                return nfserr_bad_xdr;
1457        status = nfsd4_decode_bitmap4(argp, exid->spo_must_allow,
1458                                      ARRAY_SIZE(exid->spo_must_allow));
1459        if (status)
1460                return nfserr_bad_xdr;
1461
1462        return nfs_ok;
1463}
1464
1465/*
1466 * This implementation currently does not support SP4_SSV.
1467 * This decoder simply skips over these arguments.
1468 */
1469static noinline __be32
1470nfsd4_decode_ssv_sp_parms(struct nfsd4_compoundargs *argp,
1471                          struct nfsd4_exchange_id *exid)
1472{
1473        u32 count, window, num_gss_handles;
1474        __be32 status;
1475
1476        /* ssp_ops */
1477        status = nfsd4_decode_state_protect_ops(argp, exid);
1478        if (status)
1479                return status;
1480
1481        /* ssp_hash_algs<> */
1482        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1483                return nfserr_bad_xdr;
1484        while (count--) {
1485                status = nfsd4_decode_ignored_string(argp, 0);
1486                if (status)
1487                        return status;
1488        }
1489
1490        /* ssp_encr_algs<> */
1491        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1492                return nfserr_bad_xdr;
1493        while (count--) {
1494                status = nfsd4_decode_ignored_string(argp, 0);
1495                if (status)
1496                        return status;
1497        }
1498
1499        if (xdr_stream_decode_u32(argp->xdr, &window) < 0)
1500                return nfserr_bad_xdr;
1501        if (xdr_stream_decode_u32(argp->xdr, &num_gss_handles) < 0)
1502                return nfserr_bad_xdr;
1503
1504        return nfs_ok;
1505}
1506
1507static __be32
1508nfsd4_decode_state_protect4_a(struct nfsd4_compoundargs *argp,
1509                              struct nfsd4_exchange_id *exid)
1510{
1511        __be32 status;
1512
1513        if (xdr_stream_decode_u32(argp->xdr, &exid->spa_how) < 0)
1514                return nfserr_bad_xdr;
1515        switch (exid->spa_how) {
1516        case SP4_NONE:
1517                break;
1518        case SP4_MACH_CRED:
1519                status = nfsd4_decode_state_protect_ops(argp, exid);
1520                if (status)
1521                        return status;
1522                break;
1523        case SP4_SSV:
1524                status = nfsd4_decode_ssv_sp_parms(argp, exid);
1525                if (status)
1526                        return status;
1527                break;
1528        default:
1529                return nfserr_bad_xdr;
1530        }
1531
1532        return nfs_ok;
1533}
1534
1535static __be32
1536nfsd4_decode_nfs_impl_id4(struct nfsd4_compoundargs *argp,
1537                          struct nfsd4_exchange_id *exid)
1538{
1539        __be32 status;
1540        u32 count;
1541
1542        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1543                return nfserr_bad_xdr;
1544        switch (count) {
1545        case 0:
1546                break;
1547        case 1:
1548                /* Note that RFC 8881 places no length limit on
1549                 * nii_domain, but this implementation permits no
1550                 * more than NFS4_OPAQUE_LIMIT bytes */
1551                status = nfsd4_decode_opaque(argp, &exid->nii_domain);
1552                if (status)
1553                        return status;
1554                /* Note that RFC 8881 places no length limit on
1555                 * nii_name, but this implementation permits no
1556                 * more than NFS4_OPAQUE_LIMIT bytes */
1557                status = nfsd4_decode_opaque(argp, &exid->nii_name);
1558                if (status)
1559                        return status;
1560                status = nfsd4_decode_nfstime4(argp, &exid->nii_time);
1561                if (status)
1562                        return status;
1563                break;
1564        default:
1565                return nfserr_bad_xdr;
1566        }
1567
1568        return nfs_ok;
1569}
1570
1571static __be32
1572nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp,
1573                         struct nfsd4_exchange_id *exid)
1574{
1575        __be32 status;
1576
1577        status = nfsd4_decode_verifier4(argp, &exid->verifier);
1578        if (status)
1579                return status;
1580        status = nfsd4_decode_opaque(argp, &exid->clname);
1581        if (status)
1582                return status;
1583        if (xdr_stream_decode_u32(argp->xdr, &exid->flags) < 0)
1584                return nfserr_bad_xdr;
1585        status = nfsd4_decode_state_protect4_a(argp, exid);
1586        if (status)
1587                return status;
1588        return nfsd4_decode_nfs_impl_id4(argp, exid);
1589}
1590
1591static __be32
1592nfsd4_decode_channel_attrs4(struct nfsd4_compoundargs *argp,
1593                            struct nfsd4_channel_attrs *ca)
1594{
1595        __be32 *p;
1596
1597        p = xdr_inline_decode(argp->xdr, XDR_UNIT * 7);
1598        if (!p)
1599                return nfserr_bad_xdr;
1600
1601        /* headerpadsz is ignored */
1602        p++;
1603        ca->maxreq_sz = be32_to_cpup(p++);
1604        ca->maxresp_sz = be32_to_cpup(p++);
1605        ca->maxresp_cached = be32_to_cpup(p++);
1606        ca->maxops = be32_to_cpup(p++);
1607        ca->maxreqs = be32_to_cpup(p++);
1608        ca->nr_rdma_attrs = be32_to_cpup(p);
1609        switch (ca->nr_rdma_attrs) {
1610        case 0:
1611                break;
1612        case 1:
1613                if (xdr_stream_decode_u32(argp->xdr, &ca->rdma_attrs) < 0)
1614                        return nfserr_bad_xdr;
1615                break;
1616        default:
1617                return nfserr_bad_xdr;
1618        }
1619
1620        return nfs_ok;
1621}
1622
1623static __be32
1624nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
1625                            struct nfsd4_create_session *sess)
1626{
1627        __be32 status;
1628
1629        status = nfsd4_decode_clientid4(argp, &sess->clientid);
1630        if (status)
1631                return status;
1632        if (xdr_stream_decode_u32(argp->xdr, &sess->seqid) < 0)
1633                return nfserr_bad_xdr;
1634        if (xdr_stream_decode_u32(argp->xdr, &sess->flags) < 0)
1635                return nfserr_bad_xdr;
1636        status = nfsd4_decode_channel_attrs4(argp, &sess->fore_channel);
1637        if (status)
1638                return status;
1639        status = nfsd4_decode_channel_attrs4(argp, &sess->back_channel);
1640        if (status)
1641                return status;
1642        if (xdr_stream_decode_u32(argp->xdr, &sess->callback_prog) < 0)
1643                return nfserr_bad_xdr;
1644        status = nfsd4_decode_cb_sec(argp, &sess->cb_sec);
1645        if (status)
1646                return status;
1647
1648        return nfs_ok;
1649}
1650
1651static __be32
1652nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp,
1653                             struct nfsd4_destroy_session *destroy_session)
1654{
1655        return nfsd4_decode_sessionid4(argp, &destroy_session->sessionid);
1656}
1657
1658static __be32
1659nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp,
1660                          struct nfsd4_free_stateid *free_stateid)
1661{
1662        return nfsd4_decode_stateid4(argp, &free_stateid->fr_stateid);
1663}
1664
1665#ifdef CONFIG_NFSD_PNFS
1666static __be32
1667nfsd4_decode_getdeviceinfo(struct nfsd4_compoundargs *argp,
1668                struct nfsd4_getdeviceinfo *gdev)
1669{
1670        __be32 status;
1671
1672        status = nfsd4_decode_deviceid4(argp, &gdev->gd_devid);
1673        if (status)
1674                return status;
1675        if (xdr_stream_decode_u32(argp->xdr, &gdev->gd_layout_type) < 0)
1676                return nfserr_bad_xdr;
1677        if (xdr_stream_decode_u32(argp->xdr, &gdev->gd_maxcount) < 0)
1678                return nfserr_bad_xdr;
1679        if (xdr_stream_decode_uint32_array(argp->xdr,
1680                                           &gdev->gd_notify_types, 1) < 0)
1681                return nfserr_bad_xdr;
1682
1683        return nfs_ok;
1684}
1685
1686static __be32
1687nfsd4_decode_layoutcommit(struct nfsd4_compoundargs *argp,
1688                          struct nfsd4_layoutcommit *lcp)
1689{
1690        __be32 *p, status;
1691
1692        if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_seg.offset) < 0)
1693                return nfserr_bad_xdr;
1694        if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_seg.length) < 0)
1695                return nfserr_bad_xdr;
1696        if (xdr_stream_decode_bool(argp->xdr, &lcp->lc_reclaim) < 0)
1697                return nfserr_bad_xdr;
1698        status = nfsd4_decode_stateid4(argp, &lcp->lc_sid);
1699        if (status)
1700                return status;
1701        if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_newoffset) < 0)
1702                return nfserr_bad_xdr;
1703        if (lcp->lc_newoffset) {
1704                if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_last_wr) < 0)
1705                        return nfserr_bad_xdr;
1706        } else
1707                lcp->lc_last_wr = 0;
1708        p = xdr_inline_decode(argp->xdr, XDR_UNIT);
1709        if (!p)
1710                return nfserr_bad_xdr;
1711        if (xdr_item_is_present(p)) {
1712                status = nfsd4_decode_nfstime4(argp, &lcp->lc_mtime);
1713                if (status)
1714                        return status;
1715        } else {
1716                lcp->lc_mtime.tv_nsec = UTIME_NOW;
1717        }
1718        return nfsd4_decode_layoutupdate4(argp, lcp);
1719}
1720
1721static __be32
1722nfsd4_decode_layoutget(struct nfsd4_compoundargs *argp,
1723                struct nfsd4_layoutget *lgp)
1724{
1725        __be32 status;
1726
1727        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_signal) < 0)
1728                return nfserr_bad_xdr;
1729        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_layout_type) < 0)
1730                return nfserr_bad_xdr;
1731        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_seg.iomode) < 0)
1732                return nfserr_bad_xdr;
1733        if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_seg.offset) < 0)
1734                return nfserr_bad_xdr;
1735        if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_seg.length) < 0)
1736                return nfserr_bad_xdr;
1737        if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_minlength) < 0)
1738                return nfserr_bad_xdr;
1739        status = nfsd4_decode_stateid4(argp, &lgp->lg_sid);
1740        if (status)
1741                return status;
1742        if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_maxcount) < 0)
1743                return nfserr_bad_xdr;
1744
1745        return nfs_ok;
1746}
1747
1748static __be32
1749nfsd4_decode_layoutreturn(struct nfsd4_compoundargs *argp,
1750                struct nfsd4_layoutreturn *lrp)
1751{
1752        if (xdr_stream_decode_bool(argp->xdr, &lrp->lr_reclaim) < 0)
1753                return nfserr_bad_xdr;
1754        if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_layout_type) < 0)
1755                return nfserr_bad_xdr;
1756        if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_seg.iomode) < 0)
1757                return nfserr_bad_xdr;
1758        return nfsd4_decode_layoutreturn4(argp, lrp);
1759}
1760#endif /* CONFIG_NFSD_PNFS */
1761
1762static __be32 nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp,
1763                                           struct nfsd4_secinfo_no_name *sin)
1764{
1765        if (xdr_stream_decode_u32(argp->xdr, &sin->sin_style) < 0)
1766                return nfserr_bad_xdr;
1767        return nfs_ok;
1768}
1769
1770static __be32
1771nfsd4_decode_sequence(struct nfsd4_compoundargs *argp,
1772                      struct nfsd4_sequence *seq)
1773{
1774        __be32 *p, status;
1775
1776        status = nfsd4_decode_sessionid4(argp, &seq->sessionid);
1777        if (status)
1778                return status;
1779        p = xdr_inline_decode(argp->xdr, XDR_UNIT * 4);
1780        if (!p)
1781                return nfserr_bad_xdr;
1782        seq->seqid = be32_to_cpup(p++);
1783        seq->slotid = be32_to_cpup(p++);
1784        seq->maxslots = be32_to_cpup(p++);
1785        seq->cachethis = be32_to_cpup(p);
1786
1787        return nfs_ok;
1788}
1789
1790static __be32
1791nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_stateid *test_stateid)
1792{
1793        struct nfsd4_test_stateid_id *stateid;
1794        __be32 status;
1795        u32 i;
1796
1797        if (xdr_stream_decode_u32(argp->xdr, &test_stateid->ts_num_ids) < 0)
1798                return nfserr_bad_xdr;
1799
1800        INIT_LIST_HEAD(&test_stateid->ts_stateid_list);
1801        for (i = 0; i < test_stateid->ts_num_ids; i++) {
1802                stateid = svcxdr_tmpalloc(argp, sizeof(*stateid));
1803                if (!stateid)
1804                        return nfserrno(-ENOMEM);       /* XXX: not jukebox? */
1805                INIT_LIST_HEAD(&stateid->ts_id_list);
1806                list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list);
1807                status = nfsd4_decode_stateid4(argp, &stateid->ts_id_stateid);
1808                if (status)
1809                        return status;
1810        }
1811
1812        return nfs_ok;
1813}
1814
1815static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp,
1816                                            struct nfsd4_destroy_clientid *dc)
1817{
1818        return nfsd4_decode_clientid4(argp, &dc->clientid);
1819}
1820
1821static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp,
1822                                            struct nfsd4_reclaim_complete *rc)
1823{
1824        if (xdr_stream_decode_bool(argp->xdr, &rc->rca_one_fs) < 0)
1825                return nfserr_bad_xdr;
1826        return nfs_ok;
1827}
1828
1829static __be32
1830nfsd4_decode_fallocate(struct nfsd4_compoundargs *argp,
1831                       struct nfsd4_fallocate *fallocate)
1832{
1833        __be32 status;
1834
1835        status = nfsd4_decode_stateid4(argp, &fallocate->falloc_stateid);
1836        if (status)
1837                return status;
1838        if (xdr_stream_decode_u64(argp->xdr, &fallocate->falloc_offset) < 0)
1839                return nfserr_bad_xdr;
1840        if (xdr_stream_decode_u64(argp->xdr, &fallocate->falloc_length) < 0)
1841                return nfserr_bad_xdr;
1842
1843        return nfs_ok;
1844}
1845
1846static __be32 nfsd4_decode_nl4_server(struct nfsd4_compoundargs *argp,
1847                                      struct nl4_server *ns)
1848{
1849        struct nfs42_netaddr *naddr;
1850        __be32 *p;
1851
1852        if (xdr_stream_decode_u32(argp->xdr, &ns->nl4_type) < 0)
1853                return nfserr_bad_xdr;
1854
1855        /* currently support for 1 inter-server source server */
1856        switch (ns->nl4_type) {
1857        case NL4_NETADDR:
1858                naddr = &ns->u.nl4_addr;
1859
1860                if (xdr_stream_decode_u32(argp->xdr, &naddr->netid_len) < 0)
1861                        return nfserr_bad_xdr;
1862                if (naddr->netid_len > RPCBIND_MAXNETIDLEN)
1863                        return nfserr_bad_xdr;
1864
1865                p = xdr_inline_decode(argp->xdr, naddr->netid_len);
1866                if (!p)
1867                        return nfserr_bad_xdr;
1868                memcpy(naddr->netid, p, naddr->netid_len);
1869
1870                if (xdr_stream_decode_u32(argp->xdr, &naddr->addr_len) < 0)
1871                        return nfserr_bad_xdr;
1872                if (naddr->addr_len > RPCBIND_MAXUADDRLEN)
1873                        return nfserr_bad_xdr;
1874
1875                p = xdr_inline_decode(argp->xdr, naddr->addr_len);
1876                if (!p)
1877                        return nfserr_bad_xdr;
1878                memcpy(naddr->addr, p, naddr->addr_len);
1879                break;
1880        default:
1881                return nfserr_bad_xdr;
1882        }
1883
1884        return nfs_ok;
1885}
1886
1887static __be32
1888nfsd4_decode_copy(struct nfsd4_compoundargs *argp, struct nfsd4_copy *copy)
1889{
1890        struct nl4_server *ns_dummy;
1891        u32 consecutive, i, count;
1892        __be32 status;
1893
1894        status = nfsd4_decode_stateid4(argp, &copy->cp_src_stateid);
1895        if (status)
1896                return status;
1897        status = nfsd4_decode_stateid4(argp, &copy->cp_dst_stateid);
1898        if (status)
1899                return status;
1900        if (xdr_stream_decode_u64(argp->xdr, &copy->cp_src_pos) < 0)
1901                return nfserr_bad_xdr;
1902        if (xdr_stream_decode_u64(argp->xdr, &copy->cp_dst_pos) < 0)
1903                return nfserr_bad_xdr;
1904        if (xdr_stream_decode_u64(argp->xdr, &copy->cp_count) < 0)
1905                return nfserr_bad_xdr;
1906        /* ca_consecutive: we always do consecutive copies */
1907        if (xdr_stream_decode_u32(argp->xdr, &consecutive) < 0)
1908                return nfserr_bad_xdr;
1909        if (xdr_stream_decode_u32(argp->xdr, &copy->cp_synchronous) < 0)
1910                return nfserr_bad_xdr;
1911
1912        if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1913                return nfserr_bad_xdr;
1914        copy->cp_intra = false;
1915        if (count == 0) { /* intra-server copy */
1916                copy->cp_intra = true;
1917                return nfs_ok;
1918        }
1919
1920        /* decode all the supplied server addresses but use only the first */
1921        status = nfsd4_decode_nl4_server(argp, &copy->cp_src);
1922        if (status)
1923                return status;
1924
1925        ns_dummy = kmalloc(sizeof(struct nl4_server), GFP_KERNEL);
1926        if (ns_dummy == NULL)
1927                return nfserrno(-ENOMEM);       /* XXX: jukebox? */
1928        for (i = 0; i < count - 1; i++) {
1929                status = nfsd4_decode_nl4_server(argp, ns_dummy);
1930                if (status) {
1931                        kfree(ns_dummy);
1932                        return status;
1933                }
1934        }
1935        kfree(ns_dummy);
1936
1937        return nfs_ok;
1938}
1939
1940static __be32
1941nfsd4_decode_copy_notify(struct nfsd4_compoundargs *argp,
1942                         struct nfsd4_copy_notify *cn)
1943{
1944        __be32 status;
1945
1946        status = nfsd4_decode_stateid4(argp, &cn->cpn_src_stateid);
1947        if (status)
1948                return status;
1949        return nfsd4_decode_nl4_server(argp, &cn->cpn_dst);
1950}
1951
1952static __be32
1953nfsd4_decode_offload_status(struct nfsd4_compoundargs *argp,
1954                            struct nfsd4_offload_status *os)
1955{
1956        return nfsd4_decode_stateid4(argp, &os->stateid);
1957}
1958
1959static __be32
1960nfsd4_decode_seek(struct nfsd4_compoundargs *argp, struct nfsd4_seek *seek)
1961{
1962        __be32 status;
1963
1964        status = nfsd4_decode_stateid4(argp, &seek->seek_stateid);
1965        if (status)
1966                return status;
1967        if (xdr_stream_decode_u64(argp->xdr, &seek->seek_offset) < 0)
1968                return nfserr_bad_xdr;
1969        if (xdr_stream_decode_u32(argp->xdr, &seek->seek_whence) < 0)
1970                return nfserr_bad_xdr;
1971
1972        return nfs_ok;
1973}
1974
1975static __be32
1976nfsd4_decode_clone(struct nfsd4_compoundargs *argp, struct nfsd4_clone *clone)
1977{
1978        __be32 status;
1979
1980        status = nfsd4_decode_stateid4(argp, &clone->cl_src_stateid);
1981        if (status)
1982                return status;
1983        status = nfsd4_decode_stateid4(argp, &clone->cl_dst_stateid);
1984        if (status)
1985                return status;
1986        if (xdr_stream_decode_u64(argp->xdr, &clone->cl_src_pos) < 0)
1987                return nfserr_bad_xdr;
1988        if (xdr_stream_decode_u64(argp->xdr, &clone->cl_dst_pos) < 0)
1989                return nfserr_bad_xdr;
1990        if (xdr_stream_decode_u64(argp->xdr, &clone->cl_count) < 0)
1991                return nfserr_bad_xdr;
1992
1993        return nfs_ok;
1994}
1995
1996/*
1997 * XDR data that is more than PAGE_SIZE in size is normally part of a
1998 * read or write. However, the size of extended attributes is limited
1999 * by the maximum request size, and then further limited by the underlying
2000 * filesystem limits. This can exceed PAGE_SIZE (currently, XATTR_SIZE_MAX

2001 * is 64k). Since there is no kvec- or page-based interface to xattrs,
2002 * and we're not dealing with contiguous pages, we need to do some copying.
2003 */
2004
2005/*
2006 * Decode data into buffer.
2007 */
2008static __be32
2009nfsd4_vbuf_from_vector(struct nfsd4_compoundargs *argp, struct xdr_buf *xdr,
2010                       char **bufp, u32 buflen)
2011{
2012        struct page **pages = xdr->pages;
2013        struct kvec *head = xdr->head;
2014        char *tmp, *dp;
2015        u32 len;
2016
2017        if (buflen <= head->iov_len) {
2018                /*
2019                 * We're in luck, the head has enough space. Just return
2020                 * the head, no need for copying.
2021                 */
2022                *bufp = head->iov_base;
2023                return 0;
2024        }
2025
2026        tmp = svcxdr_tmpalloc(argp, buflen);
2027        if (tmp == NULL)
2028                return nfserr_jukebox;
2029
2030        dp = tmp;
2031        memcpy(dp, head->iov_base, head->iov_len);
2032        buflen -= head->iov_len;
2033        dp += head->iov_len;
2034
2035        while (buflen > 0) {
2036                len = min_t(u32, buflen, PAGE_SIZE);
2037                memcpy(dp, page_address(*pages), len);
2038
2039                buflen -= len;
2040                dp += len;
2041                pages++;
2042        }
2043
2044        *bufp = tmp;
2045        return 0;
2046}
2047
2048/*
2049 * Get a user extended attribute name from the XDR buffer.
2050 * It will not have the "user." prefix, so prepend it.
2051 * Lastly, check for nul characters in the name.
2052 */
2053static __be32
2054nfsd4_decode_xattr_name(struct nfsd4_compoundargs *argp, char **namep)
2055{
2056        char *name, *sp, *dp;
2057        u32 namelen, cnt;
2058        __be32 *p;
2059
2060        if (xdr_stream_decode_u32(argp->xdr, &namelen) < 0)
2061                return nfserr_bad_xdr;
2062        if (namelen > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN))
2063                return nfserr_nametoolong;
2064        if (namelen == 0)
2065                return nfserr_bad_xdr;
2066        p = xdr_inline_decode(argp->xdr, namelen);
2067        if (!p)
2068                return nfserr_bad_xdr;
2069        name = svcxdr_tmpalloc(argp, namelen + XATTR_USER_PREFIX_LEN + 1);
2070        if (!name)
2071                return nfserr_jukebox;
2072        memcpy(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN);
2073
2074        /*
2075         * Copy the extended attribute name over while checking for 0
2076         * characters.
2077         */
2078        sp = (char *)p;
2079        dp = name + XATTR_USER_PREFIX_LEN;
2080        cnt = namelen;
2081
2082        while (cnt-- > 0) {
2083                if (*sp == '\0')
2084                        return nfserr_bad_xdr;
2085                *dp++ = *sp++;
2086        }
2087        *dp = '\0';
2088
2089        *namep = name;
2090
2091        return nfs_ok;
2092}
2093
2094/*
2095 * A GETXATTR op request comes without a length specifier. We just set the
2096 * maximum length for the reply based on XATTR_SIZE_MAX and the maximum
2097 * channel reply size. nfsd_getxattr will probe the length of the xattr,
2098 * check it against getxa_len, and allocate + return the value.
2099 */
2100static __be32
2101nfsd4_decode_getxattr(struct nfsd4_compoundargs *argp,
2102                      struct nfsd4_getxattr *getxattr)
2103{
2104        __be32 status;
2105        u32 maxcount;
2106
2107        status = nfsd4_decode_xattr_name(argp, &getxattr->getxa_name);
2108        if (status)
2109                return status;
2110
2111        maxcount = svc_max_payload(argp->rqstp);
2112        maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount);
2113
2114        getxattr->getxa_len = maxcount;
2115
2116        return status;
2117}
2118
2119static __be32
2120nfsd4_decode_setxattr(struct nfsd4_compoundargs *argp,
2121                      struct nfsd4_setxattr *setxattr)
2122{
2123        u32 flags, maxcount, size;
2124        __be32 status;
2125
2126        if (xdr_stream_decode_u32(argp->xdr, &flags) < 0)
2127                return nfserr_bad_xdr;
2128
2129        if (flags > SETXATTR4_REPLACE)
2130                return nfserr_inval;
2131        setxattr->setxa_flags = flags;
2132
2133        status = nfsd4_decode_xattr_name(argp, &setxattr->setxa_name);
2134        if (status)
2135                return status;
2136
2137        maxcount = svc_max_payload(argp->rqstp);
2138        maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount);
2139
2140        if (xdr_stream_decode_u32(argp->xdr, &size) < 0)
2141                return nfserr_bad_xdr;
2142        if (size > maxcount)
2143                return nfserr_xattr2big;
2144
2145        setxattr->setxa_len = size;
2146        if (size > 0) {
2147                struct xdr_buf payload;
2148
2149                if (!xdr_stream_subsegment(argp->xdr, &payload, size))
2150                        return nfserr_bad_xdr;
2151                status = nfsd4_vbuf_from_vector(argp, &payload,
2152                                                &setxattr->setxa_buf, size);
2153        }
2154
2155        return nfs_ok;
2156}
2157
2158static __be32
2159nfsd4_decode_listxattrs(struct nfsd4_compoundargs *argp,
2160                        struct nfsd4_listxattrs *listxattrs)
2161{
2162        u32 maxcount;
2163
2164        if (xdr_stream_decode_u64(argp->xdr, &listxattrs->lsxa_cookie) < 0)
2165                return nfserr_bad_xdr;
2166
2167        /*
2168         * If the cookie  is too large to have even one user.x attribute
2169         * plus trailing '\0' left in a maximum size buffer, it's invalid.
2170         */
2171        if (listxattrs->lsxa_cookie >=
2172            (XATTR_LIST_MAX / (XATTR_USER_PREFIX_LEN + 2)))
2173                return nfserr_badcookie;
2174
2175        if (xdr_stream_decode_u32(argp->xdr, &maxcount) < 0)
2176                return nfserr_bad_xdr;
2177        if (maxcount < 8)
2178                /* Always need at least 2 words (length and one character) */
2179                return nfserr_inval;
2180
2181        maxcount = min(maxcount, svc_max_payload(argp->rqstp));
2182        listxattrs->lsxa_maxcount = maxcount;
2183
2184        return nfs_ok;
2185}
2186
2187static __be32
2188nfsd4_decode_removexattr(struct nfsd4_compoundargs *argp,
2189                         struct nfsd4_removexattr *removexattr)
2190{
2191        return nfsd4_decode_xattr_name(argp, &removexattr->rmxa_name);
2192}
2193
2194static __be32
2195nfsd4_decode_noop(struct nfsd4_compoundargs *argp, void *p)
2196{
2197        return nfs_ok;
2198}
2199
2200static __be32
2201nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p)
2202{
2203        return nfserr_notsupp;
2204}
2205
2206typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *);
2207
2208static const nfsd4_dec nfsd4_dec_ops[] = {
2209        [OP_ACCESS]             = (nfsd4_dec)nfsd4_decode_access,
2210        [OP_CLOSE]              = (nfsd4_dec)nfsd4_decode_close,
2211        [OP_COMMIT]             = (nfsd4_dec)nfsd4_decode_commit,
2212        [OP_CREATE]             = (nfsd4_dec)nfsd4_decode_create,
2213        [OP_DELEGPURGE]         = (nfsd4_dec)nfsd4_decode_notsupp,
2214        [OP_DELEGRETURN]        = (nfsd4_dec)nfsd4_decode_delegreturn,
2215        [OP_GETATTR]            = (nfsd4_dec)nfsd4_decode_getattr,
2216        [OP_GETFH]              = (nfsd4_dec)nfsd4_decode_noop,
2217        [OP_LINK]               = (nfsd4_dec)nfsd4_decode_link,
2218        [OP_LOCK]               = (nfsd4_dec)nfsd4_decode_lock,
2219        [OP_LOCKT]              = (nfsd4_dec)nfsd4_decode_lockt,
2220        [OP_LOCKU]              = (nfsd4_dec)nfsd4_decode_locku,
2221        [OP_LOOKUP]             = (nfsd4_dec)nfsd4_decode_lookup,
2222        [OP_LOOKUPP]            = (nfsd4_dec)nfsd4_decode_noop,
2223        [OP_NVERIFY]            = (nfsd4_dec)nfsd4_decode_verify,
2224        [OP_OPEN]               = (nfsd4_dec)nfsd4_decode_open,
2225        [OP_OPENATTR]           = (nfsd4_dec)nfsd4_decode_notsupp,
2226        [OP_OPEN_CONFIRM]       = (nfsd4_dec)nfsd4_decode_open_confirm,
2227        [OP_OPEN_DOWNGRADE]     = (nfsd4_dec)nfsd4_decode_open_downgrade,
2228        [OP_PUTFH]              = (nfsd4_dec)nfsd4_decode_putfh,
2229        [OP_PUTPUBFH]           = (nfsd4_dec)nfsd4_decode_putpubfh,
2230        [OP_PUTROOTFH]          = (nfsd4_dec)nfsd4_decode_noop,
2231        [OP_READ]               = (nfsd4_dec)nfsd4_decode_read,
2232        [OP_READDIR]            = (nfsd4_dec)nfsd4_decode_readdir,
2233        [OP_READLINK]           = (nfsd4_dec)nfsd4_decode_noop,
2234        [OP_REMOVE]             = (nfsd4_dec)nfsd4_decode_remove,
2235        [OP_RENAME]             = (nfsd4_dec)nfsd4_decode_rename,
2236        [OP_RENEW]              = (nfsd4_dec)nfsd4_decode_renew,
2237        [OP_RESTOREFH]          = (nfsd4_dec)nfsd4_decode_noop,
2238        [OP_SAVEFH]             = (nfsd4_dec)nfsd4_decode_noop,
2239        [OP_SECINFO]            = (nfsd4_dec)nfsd4_decode_secinfo,
2240        [OP_SETATTR]            = (nfsd4_dec)nfsd4_decode_setattr,
2241        [OP_SETCLIENTID]        = (nfsd4_dec)nfsd4_decode_setclientid,
2242        [OP_SETCLIENTID_CONFIRM] = (nfsd4_dec)nfsd4_decode_setclientid_confirm,
2243        [OP_VERIFY]             = (nfsd4_dec)nfsd4_decode_verify,
2244        [OP_WRITE]              = (nfsd4_dec)nfsd4_decode_write,
2245        [OP_RELEASE_LOCKOWNER]  = (nfsd4_dec)nfsd4_decode_release_lockowner,
2246
2247        /* new operations for NFSv4.1 */
2248        [OP_BACKCHANNEL_CTL]    = (nfsd4_dec)nfsd4_decode_backchannel_ctl,
2249        [OP_BIND_CONN_TO_SESSION]= (nfsd4_dec)nfsd4_decode_bind_conn_to_session,
2250        [OP_EXCHANGE_ID]        = (nfsd4_dec)nfsd4_decode_exchange_id,
2251        [OP_CREATE_SESSION]     = (nfsd4_dec)nfsd4_decode_create_session,
2252        [OP_DESTROY_SESSION]    = (nfsd4_dec)nfsd4_decode_destroy_session,
2253        [OP_FREE_STATEID]       = (nfsd4_dec)nfsd4_decode_free_stateid,
2254        [OP_GET_DIR_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp,
2255#ifdef CONFIG_NFSD_PNFS
2256        [OP_GETDEVICEINFO]      = (nfsd4_dec)nfsd4_decode_getdeviceinfo,
2257        [OP_GETDEVICELIST]      = (nfsd4_dec)nfsd4_decode_notsupp,
2258        [OP_LAYOUTCOMMIT]       = (nfsd4_dec)nfsd4_decode_layoutcommit,
2259        [OP_LAYOUTGET]          = (nfsd4_dec)nfsd4_decode_layoutget,
2260        [OP_LAYOUTRETURN]       = (nfsd4_dec)nfsd4_decode_layoutreturn,
2261#else
2262        [OP_GETDEVICEINFO]      = (nfsd4_dec)nfsd4_decode_notsupp,
2263        [OP_GETDEVICELIST]      = (nfsd4_dec)nfsd4_decode_notsupp,
2264        [OP_LAYOUTCOMMIT]       = (nfsd4_dec)nfsd4_decode_notsupp,
2265        [OP_LAYOUTGET]          = (nfsd4_dec)nfsd4_decode_notsupp,
2266        [OP_LAYOUTRETURN]       = (nfsd4_dec)nfsd4_decode_notsupp,
2267#endif
2268        [OP_SECINFO_NO_NAME]    = (nfsd4_dec)nfsd4_decode_secinfo_no_name,
2269        [OP_SEQUENCE]           = (nfsd4_dec)nfsd4_decode_sequence,
2270        [OP_SET_SSV]            = (nfsd4_dec)nfsd4_decode_notsupp,
2271        [OP_TEST_STATEID]       = (nfsd4_dec)nfsd4_decode_test_stateid,
2272        [OP_WANT_DELEGATION]    = (nfsd4_dec)nfsd4_decode_notsupp,
2273        [OP_DESTROY_CLIENTID]   = (nfsd4_dec)nfsd4_decode_destroy_clientid,
2274        [OP_RECLAIM_COMPLETE]   = (nfsd4_dec)nfsd4_decode_reclaim_complete,
2275
2276        /* new operations for NFSv4.2 */
2277        [OP_ALLOCATE]           = (nfsd4_dec)nfsd4_decode_fallocate,
2278        [OP_COPY]               = (nfsd4_dec)nfsd4_decode_copy,
2279        [OP_COPY_NOTIFY]        = (nfsd4_dec)nfsd4_decode_copy_notify,
2280        [OP_DEALLOCATE]         = (nfsd4_dec)nfsd4_decode_fallocate,
2281        [OP_IO_ADVISE]          = (nfsd4_dec)nfsd4_decode_notsupp,
2282        [OP_LAYOUTERROR]        = (nfsd4_dec)nfsd4_decode_notsupp,
2283        [OP_LAYOUTSTATS]        = (nfsd4_dec)nfsd4_decode_notsupp,
2284        [OP_OFFLOAD_CANCEL]     = (nfsd4_dec)nfsd4_decode_offload_status,
2285        [OP_OFFLOAD_STATUS]     = (nfsd4_dec)nfsd4_decode_offload_status,
2286        [OP_READ_PLUS]          = (nfsd4_dec)nfsd4_decode_read,
2287        [OP_SEEK]               = (nfsd4_dec)nfsd4_decode_seek,
2288        [OP_WRITE_SAME]         = (nfsd4_dec)nfsd4_decode_notsupp,
2289        [OP_CLONE]              = (nfsd4_dec)nfsd4_decode_clone,
2290        /* RFC 8276 extended atributes operations */
2291        [OP_GETXATTR]           = (nfsd4_dec)nfsd4_decode_getxattr,
2292        [OP_SETXATTR]           = (nfsd4_dec)nfsd4_decode_setxattr,
2293        [OP_LISTXATTRS]         = (nfsd4_dec)nfsd4_decode_listxattrs,
2294        [OP_REMOVEXATTR]        = (nfsd4_dec)nfsd4_decode_removexattr,
2295};
2296
2297static inline bool
2298nfsd4_opnum_in_range(struct nfsd4_compoundargs *argp, struct nfsd4_op *op)
2299{
2300        if (op->opnum < FIRST_NFS4_OP)
2301                return false;
2302        else if (argp->minorversion == 0 && op->opnum > LAST_NFS40_OP)
2303                return false;
2304        else if (argp->minorversion == 1 && op->opnum > LAST_NFS41_OP)
2305                return false;
2306        else if (argp->minorversion == 2 && op->opnum > LAST_NFS42_OP)
2307                return false;
2308        return true;
2309}
2310
2311static bool
2312nfsd4_decode_compound(struct nfsd4_compoundargs *argp)
2313{
2314        struct nfsd4_op *op;
2315        bool cachethis = false;
2316        int auth_slack= argp->rqstp->rq_auth_slack;
2317        int max_reply = auth_slack + 8; /* opcnt, status */
2318        int readcount = 0;
2319        int readbytes = 0;
2320        __be32 *p;
2321        int i;
2322
2323        if (xdr_stream_decode_u32(argp->xdr, &argp->taglen) < 0)
2324                return false;
2325        max_reply += XDR_UNIT;
2326        argp->tag = NULL;
2327        if (unlikely(argp->taglen)) {
2328                if (argp->taglen > NFSD4_MAX_TAGLEN)
2329                        return false;
2330                p = xdr_inline_decode(argp->xdr, argp->taglen);
2331                if (!p)
2332                        return false;
2333                argp->tag = svcxdr_savemem(argp, p, argp->taglen);
2334                if (!argp->tag)
2335                        return false;
2336                max_reply += xdr_align_size(argp->taglen);
2337        }
2338
2339        if (xdr_stream_decode_u32(argp->xdr, &argp->minorversion) < 0)
2340                return false;
2341        if (xdr_stream_decode_u32(argp->xdr, &argp->opcnt) < 0)
2342                return false;
2343
2344        /*
2345         * NFS4ERR_RESOURCE is a more helpful error than GARBAGE_ARGS
2346         * here, so we return success at the xdr level so that
2347         * nfsd4_proc can handle this is an NFS-level error.
2348         */
2349        if (argp->opcnt > NFSD_MAX_OPS_PER_COMPOUND)
2350                return true;
2351
2352        if (argp->opcnt > ARRAY_SIZE(argp->iops)) {
2353                argp->ops = kzalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL);
2354                if (!argp->ops) {
2355                        argp->ops = argp->iops;
2356                        dprintk("nfsd: couldn't allocate room for COMPOUND\n");
2357                        return false;
2358                }
2359        }
2360
2361        if (argp->minorversion > NFSD_SUPPORTED_MINOR_VERSION)
2362                argp->opcnt = 0;
2363
2364        for (i = 0; i < argp->opcnt; i++) {
2365                op = &argp->ops[i];
2366                op->replay = NULL;
2367
2368                if (xdr_stream_decode_u32(argp->xdr, &op->opnum) < 0)
2369                        return false;
2370                if (nfsd4_opnum_in_range(argp, op)) {
2371                        op->status = nfsd4_dec_ops[op->opnum](argp, &op->u);
2372                        if (op->status != nfs_ok)
2373                                trace_nfsd_compound_decode_err(argp->rqstp,
2374                                                               argp->opcnt, i,
2375                                                               op->opnum,
2376                                                               op->status);
2377                } else {
2378                        op->opnum = OP_ILLEGAL;
2379                        op->status = nfserr_op_illegal;
2380                }
2381                op->opdesc = OPDESC(op);
2382                /*
2383                 * We'll try to cache the result in the DRC if any one
2384                 * op in the compound wants to be cached:
2385                 */
2386                cachethis |= nfsd4_cache_this_op(op);
2387
2388                if (op->opnum == OP_READ || op->opnum == OP_READ_PLUS) {
2389                        readcount++;
2390                        readbytes += nfsd4_max_reply(argp->rqstp, op);
2391                } else
2392                        max_reply += nfsd4_max_reply(argp->rqstp, op);
2393                /*
2394                 * OP_LOCK and OP_LOCKT may return a conflicting lock.
2395                 * (Special case because it will just skip encoding this
2396                 * if it runs out of xdr buffer space, and it is the only
2397                 * operation that behaves this way.)
2398                 */
2399                if (op->opnum == OP_LOCK || op->opnum == OP_LOCKT)
2400                        max_reply += NFS4_OPAQUE_LIMIT;
2401
2402                if (op->status) {
2403                        argp->opcnt = i+1;
2404                        break;
2405                }
2406        }
2407        /* Sessions make the DRC unnecessary: */
2408        if (argp->minorversion)
2409                cachethis = false;
2410        svc_reserve(argp->rqstp, max_reply + readbytes);
2411        argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE;
2412
2413        if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack)
2414                clear_bit(RQ_SPLICE_OK, &argp->rqstp->rq_flags);
2415
2416        return true;
2417}
2418
2419static __be32 *encode_change(__be32 *p, struct kstat *stat, struct inode *inode,
2420                             struct svc_export *exp)
2421{
2422        if (exp->ex_flags & NFSEXP_V4ROOT) {
2423                *p++ = cpu_to_be32(convert_to_wallclock(exp->cd->flush_time));
2424                *p++ = 0;
2425        } else
2426                p = xdr_encode_hyper(p, nfsd4_change_attribute(stat, inode));
2427        return p;
2428}
2429
2430/*
2431 * ctime (in NFSv4, time_metadata) is not writeable, and the client
2432 * doesn't really care what resolution could theoretically be stored by
2433 * the filesystem.
2434 *
2435 * The client cares how close together changes can be while still
2436 * guaranteeing ctime changes.  For most filesystems (which have
2437 * timestamps with nanosecond fields) that is limited by the resolution
2438 * of the time returned from current_time() (which I'm assuming to be
2439 * 1/HZ).
2440 */
2441static __be32 *encode_time_delta(__be32 *p, struct inode *inode)
2442{
2443        struct timespec64 ts;
2444        u32 ns;
2445
2446        ns = max_t(u32, NSEC_PER_SEC/HZ, inode->i_sb->s_time_gran);
2447        ts = ns_to_timespec64(ns);
2448
2449        p = xdr_encode_hyper(p, ts.tv_sec);
2450        *p++ = cpu_to_be32(ts.tv_nsec);
2451
2452        return p;
2453}
2454
2455static __be32 *encode_cinfo(__be32 *p, struct nfsd4_change_info *c)
2456{
2457        *p++ = cpu_to_be32(c->atomic);
2458        p = xdr_encode_hyper(p, c->before_change);
2459        p = xdr_encode_hyper(p, c->after_change);
2460        return p;
2461}
2462
2463/* Encode as an array of strings the string given with components
2464 * separated @sep, escaped with esc_enter and esc_exit.
2465 */
2466static __be32 nfsd4_encode_components_esc(struct xdr_stream *xdr, char sep,
2467                                          char *components, char esc_enter,
2468                                          char esc_exit)
2469{
2470        __be32 *p;
2471        __be32 pathlen;
2472        int pathlen_offset;
2473        int strlen, count=0;
2474        char *str, *end, *next;
2475
2476        dprintk("nfsd4_encode_components(%s)\n", components);
2477
2478        pathlen_offset = xdr->buf->len;
2479        p = xdr_reserve_space(xdr, 4);
2480        if (!p)
2481                return nfserr_resource;
2482        p++; /* We will fill this in with @count later */
2483
2484        end = str = components;
2485        while (*end) {
2486                bool found_esc = false;
2487
2488                /* try to parse as esc_start, ..., esc_end, sep */
2489                if (*str == esc_enter) {
2490                        for (; *end && (*end != esc_exit); end++)
2491                                /* find esc_exit or end of string */;
2492                        next = end + 1;
2493                        if (*end && (!*next || *next == sep)) {
2494                                str++;
2495                                found_esc = true;
2496                        }
2497                }
2498
2499                if (!found_esc)
2500                        for (; *end && (*end != sep); end++)
2501                                /* find sep or end of string */;
2502
2503                strlen = end - str;
2504                if (strlen) {
2505                        p = xdr_reserve_space(xdr, strlen + 4);
2506                        if (!p)
2507                                return nfserr_resource;
2508                        p = xdr_encode_opaque(p, str, strlen);
2509                        count++;
2510                }
2511                else
2512                        end++;
2513                if (found_esc)
2514                        end = next;
2515
2516                str = end;
2517        }
2518        pathlen = htonl(count);
2519        write_bytes_to_xdr_buf(xdr->buf, pathlen_offset, &pathlen, 4);
2520        return 0;
2521}
2522
2523/* Encode as an array of strings the string given with components
2524 * separated @sep.
2525 */
2526static __be32 nfsd4_encode_components(struct xdr_stream *xdr, char sep,
2527                                      char *components)
2528{
2529        return nfsd4_encode_components_esc(xdr, sep, components, 0, 0);
2530}
2531
2532/*
2533 * encode a location element of a fs_locations structure
2534 */
2535static __be32 nfsd4_encode_fs_location4(struct xdr_stream *xdr,
2536                                        struct nfsd4_fs_location *location)
2537{
2538        __be32 status;
2539
2540        status = nfsd4_encode_components_esc(xdr, ':', location->hosts,
2541                                                '[', ']');
2542        if (status)
2543                return status;
2544        status = nfsd4_encode_components(xdr, '/', location->path);
2545        if (status)
2546                return status;
2547        return 0;
2548}
2549
2550/*
2551 * Encode a path in RFC3530 'pathname4' format
2552 */
2553static __be32 nfsd4_encode_path(struct xdr_stream *xdr,
2554                                const struct path *root,
2555                                const struct path *path)
2556{
2557        struct path cur = *path;
2558        __be32 *p;
2559        struct dentry **components = NULL;
2560        unsigned int ncomponents = 0;
2561        __be32 err = nfserr_jukebox;
2562
2563        dprintk("nfsd4_encode_components(");
2564
2565        path_get(&cur);
2566        /* First walk the path up to the nfsd root, and store the
2567         * dentries/path components in an array.
2568         */
2569        for (;;) {
2570                if (path_equal(&cur, root))
2571                        break;
2572                if (cur.dentry == cur.mnt->mnt_root) {
2573                        if (follow_up(&cur))
2574                                continue;
2575                        goto out_free;
2576                }
2577                if ((ncomponents & 15) == 0) {
2578                        struct dentry **new;
2579                        new = krealloc(components,
2580                                        sizeof(*new) * (ncomponents + 16),
2581                                        GFP_KERNEL);
2582                        if (!new)
2583                                goto out_free;
2584                        components = new;
2585                }
2586                components[ncomponents++] = cur.dentry;
2587                cur.dentry = dget_parent(cur.dentry);
2588        }
2589        err = nfserr_resource;
2590        p = xdr_reserve_space(xdr, 4);
2591        if (!p)
2592                goto out_free;
2593        *p++ = cpu_to_be32(ncomponents);
2594
2595        while (ncomponents) {
2596                struct dentry *dentry = components[ncomponents - 1];
2597                unsigned int len;
2598
2599                spin_lock(&dentry->d_lock);
2600                len = dentry->d_name.len;
2601                p = xdr_reserve_space(xdr, len + 4);
2602                if (!p) {
2603                        spin_unlock(&dentry->d_lock);
2604                        goto out_free;
2605                }
2606                p = xdr_encode_opaque(p, dentry->d_name.name, len);
2607                dprintk("/%pd", dentry);
2608                spin_unlock(&dentry->d_lock);
2609                dput(dentry);
2610                ncomponents--;
2611        }
2612
2613        err = 0;
2614out_free:
2615        dprintk(")\n");
2616        while (ncomponents)
2617                dput(components[--ncomponents]);
2618        kfree(components);
2619        path_put(&cur);
2620        return err;
2621}
2622
2623static __be32 nfsd4_encode_fsloc_fsroot(struct xdr_stream *xdr,
2624                        struct svc_rqst *rqstp, const struct path *path)
2625{
2626        struct svc_export *exp_ps;
2627        __be32 res;
2628
2629        exp_ps = rqst_find_fsidzero_export(rqstp);
2630        if (IS_ERR(exp_ps))
2631                return nfserrno(PTR_ERR(exp_ps));
2632        res = nfsd4_encode_path(xdr, &exp_ps->ex_path, path);
2633        exp_put(exp_ps);
2634        return res;
2635}
2636
2637/*
2638 *  encode a fs_locations structure
2639 */
2640static __be32 nfsd4_encode_fs_locations(struct xdr_stream *xdr,
2641                        struct svc_rqst *rqstp, struct svc_export *exp)
2642{
2643        __be32 status;
2644        int i;
2645        __be32 *p;
2646        struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs;
2647
2648        status = nfsd4_encode_fsloc_fsroot(xdr, rqstp, &exp->ex_path);
2649        if (status)
2650                return status;
2651        p = xdr_reserve_space(xdr, 4);
2652        if (!p)
2653                return nfserr_resource;
2654        *p++ = cpu_to_be32(fslocs->locations_count);
2655        for (i=0; i<fslocs->locations_count; i++) {
2656                status = nfsd4_encode_fs_location4(xdr, &fslocs->locations[i]);
2657                if (status)
2658                        return status;
2659        }
2660        return 0;
2661}
2662
2663static u32 nfs4_file_type(umode_t mode)
2664{
2665        switch (mode & S_IFMT) {
2666        case S_IFIFO:   return NF4FIFO;
2667        case S_IFCHR:   return NF4CHR;
2668        case S_IFDIR:   return NF4DIR;
2669        case S_IFBLK:   return NF4BLK;
2670        case S_IFLNK:   return NF4LNK;
2671        case S_IFREG:   return NF4REG;
2672        case S_IFSOCK:  return NF4SOCK;
2673        default:        return NF4BAD;
2674        }
2675}
2676
2677static inline __be32
2678nfsd4_encode_aclname(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2679                     struct nfs4_ace *ace)
2680{
2681        if (ace->whotype != NFS4_ACL_WHO_NAMED)
2682                return nfs4_acl_write_who(xdr, ace->whotype);
2683        else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
2684                return nfsd4_encode_group(xdr, rqstp, ace->who_gid);
2685        else
2686                return nfsd4_encode_user(xdr, rqstp, ace->who_uid);
2687}
2688
2689static inline __be32
2690nfsd4_encode_layout_types(struct xdr_stream *xdr, u32 layout_types)
2691{
2692        __be32          *p;
2693        unsigned long   i = hweight_long(layout_types);
2694
2695        p = xdr_reserve_space(xdr, 4 + 4 * i);
2696        if (!p)
2697                return nfserr_resource;
2698
2699        *p++ = cpu_to_be32(i);
2700
2701        for (i = LAYOUT_NFSV4_1_FILES; i < LAYOUT_TYPE_MAX; ++i)
2702                if (layout_types & (1 << i))
2703                        *p++ = cpu_to_be32(i);
2704
2705        return 0;
2706}
2707
2708#define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \
2709                              FATTR4_WORD0_RDATTR_ERROR)
2710#define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID
2711#define WORD2_ABSENT_FS_ATTRS 0
2712
2713#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2714static inline __be32
2715nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2716                            void *context, int len)
2717{
2718        __be32 *p;
2719
2720        p = xdr_reserve_space(xdr, len + 4 + 4 + 4);
2721        if (!p)
2722                return nfserr_resource;
2723
2724        /*
2725         * For now we use a 0 here to indicate the null translation; in
2726         * the future we may place a call to translation code here.
2727         */
2728        *p++ = cpu_to_be32(0); /* lfs */
2729        *p++ = cpu_to_be32(0); /* pi */
2730        p = xdr_encode_opaque(p, context, len);
2731        return 0;
2732}
2733#else
2734static inline __be32
2735nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2736                            void *context, int len)
2737{ return 0; }
2738#endif
2739
2740static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *bmval2, u32 *rdattr_err)
2741{
2742        /* As per referral draft:  */
2743        if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS ||
2744            *bmval1 & ~WORD1_ABSENT_FS_ATTRS) {
2745                if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR ||
2746                    *bmval0 & FATTR4_WORD0_FS_LOCATIONS)
2747                        *rdattr_err = NFSERR_MOVED;
2748                else
2749                        return nfserr_moved;
2750        }
2751        *bmval0 &= WORD0_ABSENT_FS_ATTRS;
2752        *bmval1 &= WORD1_ABSENT_FS_ATTRS;
2753        *bmval2 &= WORD2_ABSENT_FS_ATTRS;
2754        return 0;
2755}
2756
2757
2758static int get_parent_attributes(struct svc_export *exp, struct kstat *stat)
2759{
2760        struct path path = exp->ex_path;
2761        int err;
2762
2763        path_get(&path);
2764        while (follow_up(&path)) {
2765                if (path.dentry != path.mnt->mnt_root)
2766                        break;
2767        }
2768        err = vfs_getattr(&path, stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
2769        path_put(&path);
2770        return err;
2771}
2772
2773static __be32
2774nfsd4_encode_bitmap(struct xdr_stream *xdr, u32 bmval0, u32 bmval1, u32 bmval2)
2775{
2776        __be32 *p;
2777
2778        if (bmval2) {
2779                p = xdr_reserve_space(xdr, 16);
2780                if (!p)
2781                        goto out_resource;
2782                *p++ = cpu_to_be32(3);
2783                *p++ = cpu_to_be32(bmval0);
2784                *p++ = cpu_to_be32(bmval1);
2785                *p++ = cpu_to_be32(bmval2);
2786        } else if (bmval1) {
2787                p = xdr_reserve_space(xdr, 12);
2788                if (!p)
2789                        goto out_resource;
2790                *p++ = cpu_to_be32(2);
2791                *p++ = cpu_to_be32(bmval0);
2792                *p++ = cpu_to_be32(bmval1);
2793        } else {
2794                p = xdr_reserve_space(xdr, 8);
2795                if (!p)
2796                        goto out_resource;
2797                *p++ = cpu_to_be32(1);
2798                *p++ = cpu_to_be32(bmval0);
2799        }
2800
2801        return 0;
2802out_resource:
2803        return nfserr_resource;
2804}
2805
2806/*
2807 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle
2808 * ourselves.
2809 */
2810static __be32
2811nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp,
2812                struct svc_export *exp,
2813                struct dentry *dentry, u32 *bmval,
2814                struct svc_rqst *rqstp, int ignore_crossmnt)
2815{
2816        u32 bmval0 = bmval[0];
2817        u32 bmval1 = bmval[1];
2818        u32 bmval2 = bmval[2];
2819        struct kstat stat;
2820        struct svc_fh *tempfh = NULL;
2821        struct kstatfs statfs;
2822        __be32 *p;
2823        int starting_len = xdr->buf->len;
2824        int attrlen_offset;
2825        __be32 attrlen;
2826        u32 dummy;
2827        u64 dummy64;
2828        u32 rdattr_err = 0;
2829        __be32 status;
2830        int err;
2831        struct nfs4_acl *acl = NULL;
2832#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2833        void *context = NULL;
2834        int contextlen;
2835#endif
2836        bool contextsupport = false;
2837        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2838        u32 minorversion = resp->cstate.minorversion;
2839        struct path path = {
2840                .mnt    = exp->ex_path.mnt,
2841                .dentry = dentry,
2842        };
2843        struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2844
2845        BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1);
2846        BUG_ON(!nfsd_attrs_supported(minorversion, bmval));
2847
2848        if (exp->ex_fslocs.migrated) {
2849                status = fattr_handle_absent_fs(&bmval0, &bmval1, &bmval2, &rdattr_err);
2850                if (status)
2851                        goto out;
2852        }
2853
2854        err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
2855        if (err)
2856                goto out_nfserr;
2857        if (!(stat.result_mask & STATX_BTIME))
2858                /* underlying FS does not offer btime so we can't share it */
2859                bmval1 &= ~FATTR4_WORD1_TIME_CREATE;
2860        if ((bmval0 & (FATTR4_WORD0_FILES_AVAIL | FATTR4_WORD0_FILES_FREE |
2861                        FATTR4_WORD0_FILES_TOTAL | FATTR4_WORD0_MAXNAME)) ||
2862            (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE |
2863                       FATTR4_WORD1_SPACE_TOTAL))) {
2864                err = vfs_statfs(&path, &statfs);
2865                if (err)
2866                        goto out_nfserr;
2867        }
2868        if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) {
2869                tempfh = kmalloc(sizeof(struct svc_fh), GFP_KERNEL);
2870                status = nfserr_jukebox;
2871                if (!tempfh)
2872                        goto out;
2873                fh_init(tempfh, NFS4_FHSIZE);
2874                status = fh_compose(tempfh, exp, dentry, NULL);
2875                if (status)
2876                        goto out;
2877                fhp = tempfh;
2878        }
2879        if (bmval0 & FATTR4_WORD0_ACL) {
2880                err = nfsd4_get_nfs4_acl(rqstp, dentry, &acl);
2881                if (err == -EOPNOTSUPP)
2882                        bmval0 &= ~FATTR4_WORD0_ACL;
2883                else if (err == -EINVAL) {
2884                        status = nfserr_attrnotsupp;
2885                        goto out;
2886                } else if (err != 0)
2887                        goto out_nfserr;
2888        }
2889
2890#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2891        if ((bmval2 & FATTR4_WORD2_SECURITY_LABEL) ||
2892             bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) {
2893                if (exp->ex_flags & NFSEXP_SECURITY_LABEL)
2894                        err = security_inode_getsecctx(d_inode(dentry),
2895                                                &context, &contextlen);
2896                else
2897                        err = -EOPNOTSUPP;
2898                contextsupport = (err == 0);
2899                if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) {
2900                        if (err == -EOPNOTSUPP)
2901                                bmval2 &= ~FATTR4_WORD2_SECURITY_LABEL;
2902                        else if (err)
2903                                goto out_nfserr;
2904                }
2905        }
2906#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
2907
2908        status = nfsd4_encode_bitmap(xdr, bmval0, bmval1, bmval2);
2909        if (status)
2910                goto out;
2911
2912        attrlen_offset = xdr->buf->len;
2913        p = xdr_reserve_space(xdr, 4);
2914        if (!p)
2915                goto out_resource;
2916        p++;                /* to be backfilled later */
2917
2918        if (bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) {
2919                u32 supp[3];
2920
2921                memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
2922
2923                if (!IS_POSIXACL(dentry->d_inode))
2924                        supp[0] &= ~FATTR4_WORD0_ACL;
2925                if (!contextsupport)
2926                        supp[2] &= ~FATTR4_WORD2_SECURITY_LABEL;
2927                if (!supp[2]) {
2928                        p = xdr_reserve_space(xdr, 12);
2929                        if (!p)
2930                                goto out_resource;
2931                        *p++ = cpu_to_be32(2);
2932                        *p++ = cpu_to_be32(supp[0]);
2933                        *p++ = cpu_to_be32(supp[1]);
2934                } else {
2935                        p = xdr_reserve_space(xdr, 16);
2936                        if (!p)
2937                                goto out_resource;
2938                        *p++ = cpu_to_be32(3);
2939                        *p++ = cpu_to_be32(supp[0]);
2940                        *p++ = cpu_to_be32(supp[1]);
2941                        *p++ = cpu_to_be32(supp[2]);
2942                }
2943        }
2944        if (bmval0 & FATTR4_WORD0_TYPE) {
2945                p = xdr_reserve_space(xdr, 4);
2946                if (!p)
2947                        goto out_resource;
2948                dummy = nfs4_file_type(stat.mode);
2949                if (dummy == NF4BAD) {
2950                        status = nfserr_serverfault;
2951                        goto out;
2952                }
2953                *p++ = cpu_to_be32(dummy);
2954        }
2955        if (bmval0 & FATTR4_WORD0_FH_EXPIRE_TYPE) {
2956                p = xdr_reserve_space(xdr, 4);
2957                if (!p)
2958                        goto out_resource;
2959                if (exp->ex_flags & NFSEXP_NOSUBTREECHECK)
2960                        *p++ = cpu_to_be32(NFS4_FH_PERSISTENT);
2961                else
2962                        *p++ = cpu_to_be32(NFS4_FH_PERSISTENT|
2963                                                NFS4_FH_VOL_RENAME);
2964        }
2965        if (bmval0 & FATTR4_WORD0_CHANGE) {
2966                p = xdr_reserve_space(xdr, 8);
2967                if (!p)
2968                        goto out_resource;
2969                p = encode_change(p, &stat, d_inode(dentry), exp);
2970        }
2971        if (bmval0 & FATTR4_WORD0_SIZE) {
2972                p = xdr_reserve_space(xdr, 8);
2973                if (!p)
2974                        goto out_resource;
2975                p = xdr_encode_hyper(p, stat.size);
2976        }
2977        if (bmval0 & FATTR4_WORD0_LINK_SUPPORT) {
2978                p = xdr_reserve_space(xdr, 4);
2979                if (!p)
2980                        goto out_resource;
2981                *p++ = cpu_to_be32(1);
2982        }
2983        if (bmval0 & FATTR4_WORD0_SYMLINK_SUPPORT) {
2984                p = xdr_reserve_space(xdr, 4);
2985                if (!p)
2986                        goto out_resource;
2987                *p++ = cpu_to_be32(1);
2988        }
2989        if (bmval0 & FATTR4_WORD0_NAMED_ATTR) {
2990                p = xdr_reserve_space(xdr, 4);
2991                if (!p)
2992                        goto out_resource;
2993                *p++ = cpu_to_be32(0);
2994        }
2995        if (bmval0 & FATTR4_WORD0_FSID) {
2996                p = xdr_reserve_space(xdr, 16);
2997                if (!p)
2998                        goto out_resource;
2999                if (exp->ex_fslocs.migrated) {
3000                        p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MAJOR);

3001                        p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MINOR);
3002                } else switch(fsid_source(fhp)) {
3003                case FSIDSOURCE_FSID:
3004                        p = xdr_encode_hyper(p, (u64)exp->ex_fsid);
3005                        p = xdr_encode_hyper(p, (u64)0);
3006                        break;
3007                case FSIDSOURCE_DEV:
3008                        *p++ = cpu_to_be32(0);
3009                        *p++ = cpu_to_be32(MAJOR(stat.dev));
3010                        *p++ = cpu_to_be32(0);
3011                        *p++ = cpu_to_be32(MINOR(stat.dev));
3012                        break;
3013                case FSIDSOURCE_UUID:
3014                        p = xdr_encode_opaque_fixed(p, exp->ex_uuid,
3015                                                                EX_UUID_LEN);
3016                        break;
3017                }
3018        }
3019        if (bmval0 & FATTR4_WORD0_UNIQUE_HANDLES) {
3020                p = xdr_reserve_space(xdr, 4);
3021                if (!p)
3022                        goto out_resource;
3023                *p++ = cpu_to_be32(0);
3024        }
3025        if (bmval0 & FATTR4_WORD0_LEASE_TIME) {
3026                p = xdr_reserve_space(xdr, 4);
3027                if (!p)
3028                        goto out_resource;
3029                *p++ = cpu_to_be32(nn->nfsd4_lease);
3030        }
3031        if (bmval0 & FATTR4_WORD0_RDATTR_ERROR) {
3032                p = xdr_reserve_space(xdr, 4);
3033                if (!p)
3034                        goto out_resource;
3035                *p++ = cpu_to_be32(rdattr_err);
3036        }
3037        if (bmval0 & FATTR4_WORD0_ACL) {
3038                struct nfs4_ace *ace;
3039
3040                if (acl == NULL) {
3041                        p = xdr_reserve_space(xdr, 4);
3042                        if (!p)
3043                                goto out_resource;
3044
3045                        *p++ = cpu_to_be32(0);
3046                        goto out_acl;
3047                }
3048                p = xdr_reserve_space(xdr, 4);
3049                if (!p)
3050                        goto out_resource;
3051                *p++ = cpu_to_be32(acl->naces);
3052
3053                for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) {
3054                        p = xdr_reserve_space(xdr, 4*3);
3055                        if (!p)
3056                                goto out_resource;
3057                        *p++ = cpu_to_be32(ace->type);
3058                        *p++ = cpu_to_be32(ace->flag);
3059                        *p++ = cpu_to_be32(ace->access_mask &
3060                                                        NFS4_ACE_MASK_ALL);
3061                        status = nfsd4_encode_aclname(xdr, rqstp, ace);
3062                        if (status)
3063                                goto out;
3064                }
3065        }
3066out_acl:
3067        if (bmval0 & FATTR4_WORD0_ACLSUPPORT) {
3068                p = xdr_reserve_space(xdr, 4);
3069                if (!p)
3070                        goto out_resource;
3071                *p++ = cpu_to_be32(IS_POSIXACL(dentry->d_inode) ?
3072                        ACL4_SUPPORT_ALLOW_ACL|ACL4_SUPPORT_DENY_ACL : 0);
3073        }
3074        if (bmval0 & FATTR4_WORD0_CANSETTIME) {
3075                p = xdr_reserve_space(xdr, 4);
3076                if (!p)
3077                        goto out_resource;
3078                *p++ = cpu_to_be32(1);
3079        }
3080        if (bmval0 & FATTR4_WORD0_CASE_INSENSITIVE) {
3081                p = xdr_reserve_space(xdr, 4);
3082                if (!p)
3083                        goto out_resource;
3084                *p++ = cpu_to_be32(0);
3085        }
3086        if (bmval0 & FATTR4_WORD0_CASE_PRESERVING) {
3087                p = xdr_reserve_space(xdr, 4);
3088                if (!p)
3089                        goto out_resource;
3090                *p++ = cpu_to_be32(1);
3091        }
3092        if (bmval0 & FATTR4_WORD0_CHOWN_RESTRICTED) {
3093                p = xdr_reserve_space(xdr, 4);
3094                if (!p)
3095                        goto out_resource;
3096                *p++ = cpu_to_be32(1);
3097        }
3098        if (bmval0 & FATTR4_WORD0_FILEHANDLE) {
3099                p = xdr_reserve_space(xdr, fhp->fh_handle.fh_size + 4);
3100                if (!p)
3101                        goto out_resource;
3102                p = xdr_encode_opaque(p, &fhp->fh_handle.fh_raw,
3103                                        fhp->fh_handle.fh_size);
3104        }
3105        if (bmval0 & FATTR4_WORD0_FILEID) {
3106                p = xdr_reserve_space(xdr, 8);
3107                if (!p)
3108                        goto out_resource;
3109                p = xdr_encode_hyper(p, stat.ino);
3110        }
3111        if (bmval0 & FATTR4_WORD0_FILES_AVAIL) {
3112                p = xdr_reserve_space(xdr, 8);
3113                if (!p)
3114                        goto out_resource;
3115                p = xdr_encode_hyper(p, (u64) statfs.f_ffree);
3116        }
3117        if (bmval0 & FATTR4_WORD0_FILES_FREE) {
3118                p = xdr_reserve_space(xdr, 8);
3119                if (!p)
3120                        goto out_resource;
3121                p = xdr_encode_hyper(p, (u64) statfs.f_ffree);
3122        }
3123        if (bmval0 & FATTR4_WORD0_FILES_TOTAL) {
3124                p = xdr_reserve_space(xdr, 8);
3125                if (!p)
3126                        goto out_resource;
3127                p = xdr_encode_hyper(p, (u64) statfs.f_files);
3128        }
3129        if (bmval0 & FATTR4_WORD0_FS_LOCATIONS) {
3130                status = nfsd4_encode_fs_locations(xdr, rqstp, exp);
3131                if (status)
3132                        goto out;
3133        }
3134        if (bmval0 & FATTR4_WORD0_HOMOGENEOUS) {
3135                p = xdr_reserve_space(xdr, 4);
3136                if (!p)
3137                        goto out_resource;
3138                *p++ = cpu_to_be32(1);
3139        }
3140        if (bmval0 & FATTR4_WORD0_MAXFILESIZE) {
3141                p = xdr_reserve_space(xdr, 8);
3142                if (!p)
3143                        goto out_resource;
3144                p = xdr_encode_hyper(p, exp->ex_path.mnt->mnt_sb->s_maxbytes);
3145        }
3146        if (bmval0 & FATTR4_WORD0_MAXLINK) {
3147                p = xdr_reserve_space(xdr, 4);
3148                if (!p)
3149                        goto out_resource;
3150                *p++ = cpu_to_be32(255);
3151        }
3152        if (bmval0 & FATTR4_WORD0_MAXNAME) {
3153                p = xdr_reserve_space(xdr, 4);
3154                if (!p)
3155                        goto out_resource;
3156                *p++ = cpu_to_be32(statfs.f_namelen);
3157        }
3158        if (bmval0 & FATTR4_WORD0_MAXREAD) {
3159                p = xdr_reserve_space(xdr, 8);
3160                if (!p)
3161                        goto out_resource;
3162                p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp));
3163        }
3164        if (bmval0 & FATTR4_WORD0_MAXWRITE) {
3165                p = xdr_reserve_space(xdr, 8);
3166                if (!p)
3167                        goto out_resource;
3168                p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp));
3169        }
3170        if (bmval1 & FATTR4_WORD1_MODE) {
3171                p = xdr_reserve_space(xdr, 4);
3172                if (!p)
3173                        goto out_resource;
3174                *p++ = cpu_to_be32(stat.mode & S_IALLUGO);
3175        }
3176        if (bmval1 & FATTR4_WORD1_NO_TRUNC) {
3177                p = xdr_reserve_space(xdr, 4);
3178                if (!p)
3179                        goto out_resource;
3180                *p++ = cpu_to_be32(1);
3181        }
3182        if (bmval1 & FATTR4_WORD1_NUMLINKS) {
3183                p = xdr_reserve_space(xdr, 4);
3184                if (!p)
3185                        goto out_resource;
3186                *p++ = cpu_to_be32(stat.nlink);
3187        }
3188        if (bmval1 & FATTR4_WORD1_OWNER) {
3189                status = nfsd4_encode_user(xdr, rqstp, stat.uid);
3190                if (status)
3191                        goto out;
3192        }
3193        if (bmval1 & FATTR4_WORD1_OWNER_GROUP) {
3194                status = nfsd4_encode_group(xdr, rqstp, stat.gid);
3195                if (status)
3196                        goto out;
3197        }
3198        if (bmval1 & FATTR4_WORD1_RAWDEV) {
3199                p = xdr_reserve_space(xdr, 8);
3200                if (!p)
3201                        goto out_resource;
3202                *p++ = cpu_to_be32((u32) MAJOR(stat.rdev));
3203                *p++ = cpu_to_be32((u32) MINOR(stat.rdev));
3204        }
3205        if (bmval1 & FATTR4_WORD1_SPACE_AVAIL) {
3206                p = xdr_reserve_space(xdr, 8);
3207                if (!p)
3208                        goto out_resource;
3209                dummy64 = (u64)statfs.f_bavail * (u64)statfs.f_bsize;
3210                p = xdr_encode_hyper(p, dummy64);
3211        }
3212        if (bmval1 & FATTR4_WORD1_SPACE_FREE) {
3213                p = xdr_reserve_space(xdr, 8);
3214                if (!p)
3215                        goto out_resource;
3216                dummy64 = (u64)statfs.f_bfree * (u64)statfs.f_bsize;
3217                p = xdr_encode_hyper(p, dummy64);
3218        }
3219        if (bmval1 & FATTR4_WORD1_SPACE_TOTAL) {
3220                p = xdr_reserve_space(xdr, 8);
3221                if (!p)
3222                        goto out_resource;
3223                dummy64 = (u64)statfs.f_blocks * (u64)statfs.f_bsize;
3224                p = xdr_encode_hyper(p, dummy64);
3225        }
3226        if (bmval1 & FATTR4_WORD1_SPACE_USED) {
3227                p = xdr_reserve_space(xdr, 8);
3228                if (!p)
3229                        goto out_resource;
3230                dummy64 = (u64)stat.blocks << 9;
3231                p = xdr_encode_hyper(p, dummy64);
3232        }
3233        if (bmval1 & FATTR4_WORD1_TIME_ACCESS) {
3234                p = xdr_reserve_space(xdr, 12);
3235                if (!p)
3236                        goto out_resource;
3237                p = xdr_encode_hyper(p, (s64)stat.atime.tv_sec);
3238                *p++ = cpu_to_be32(stat.atime.tv_nsec);
3239        }
3240        if (bmval1 & FATTR4_WORD1_TIME_DELTA) {
3241                p = xdr_reserve_space(xdr, 12);
3242                if (!p)
3243                        goto out_resource;
3244                p = encode_time_delta(p, d_inode(dentry));
3245        }
3246        if (bmval1 & FATTR4_WORD1_TIME_METADATA) {
3247                p = xdr_reserve_space(xdr, 12);
3248                if (!p)
3249                        goto out_resource;
3250                p = xdr_encode_hyper(p, (s64)stat.ctime.tv_sec);
3251                *p++ = cpu_to_be32(stat.ctime.tv_nsec);
3252        }
3253        if (bmval1 & FATTR4_WORD1_TIME_MODIFY) {
3254                p = xdr_reserve_space(xdr, 12);
3255                if (!p)
3256                        goto out_resource;
3257                p = xdr_encode_hyper(p, (s64)stat.mtime.tv_sec);
3258                *p++ = cpu_to_be32(stat.mtime.tv_nsec);
3259        }
3260        if (bmval1 & FATTR4_WORD1_TIME_CREATE) {
3261                p = xdr_reserve_space(xdr, 12);
3262                if (!p)
3263                        goto out_resource;
3264                p = xdr_encode_hyper(p, (s64)stat.btime.tv_sec);
3265                *p++ = cpu_to_be32(stat.btime.tv_nsec);
3266        }
3267        if (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) {
3268                struct kstat parent_stat;
3269                u64 ino = stat.ino;
3270
3271                p = xdr_reserve_space(xdr, 8);
3272                if (!p)
3273                        goto out_resource;
3274                /*
3275                 * Get parent's attributes if not ignoring crossmount
3276                 * and this is the root of a cross-mounted filesystem.
3277                 */
3278                if (ignore_crossmnt == 0 &&
3279                    dentry == exp->ex_path.mnt->mnt_root) {
3280                        err = get_parent_attributes(exp, &parent_stat);
3281                        if (err)
3282                                goto out_nfserr;
3283                        ino = parent_stat.ino;
3284                }
3285                p = xdr_encode_hyper(p, ino);
3286        }
3287#ifdef CONFIG_NFSD_PNFS
3288        if (bmval1 & FATTR4_WORD1_FS_LAYOUT_TYPES) {
3289                status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types);
3290                if (status)
3291                        goto out;
3292        }
3293
3294        if (bmval2 & FATTR4_WORD2_LAYOUT_TYPES) {
3295                status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types);
3296                if (status)
3297                        goto out;
3298        }
3299
3300        if (bmval2 & FATTR4_WORD2_LAYOUT_BLKSIZE) {
3301                p = xdr_reserve_space(xdr, 4);
3302                if (!p)
3303                        goto out_resource;
3304                *p++ = cpu_to_be32(stat.blksize);
3305        }
3306#endif /* CONFIG_NFSD_PNFS */
3307        if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) {
3308                u32 supp[3];
3309
3310                memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
3311                supp[0] &= NFSD_SUPPATTR_EXCLCREAT_WORD0;
3312                supp[1] &= NFSD_SUPPATTR_EXCLCREAT_WORD1;
3313                supp[2] &= NFSD_SUPPATTR_EXCLCREAT_WORD2;
3314
3315                status = nfsd4_encode_bitmap(xdr, supp[0], supp[1], supp[2]);
3316                if (status)
3317                        goto out;
3318        }
3319
3320#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3321        if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) {
3322                status = nfsd4_encode_security_label(xdr, rqstp, context,
3323                                                                contextlen);
3324                if (status)
3325                        goto out;
3326        }
3327#endif
3328
3329        if (bmval2 & FATTR4_WORD2_XATTR_SUPPORT) {
3330                p = xdr_reserve_space(xdr, 4);
3331                if (!p)
3332                        goto out_resource;
3333                err = xattr_supported_namespace(d_inode(dentry),
3334                                                XATTR_USER_PREFIX);
3335                *p++ = cpu_to_be32(err == 0);
3336        }
3337
3338        attrlen = htonl(xdr->buf->len - attrlen_offset - 4);
3339        write_bytes_to_xdr_buf(xdr->buf, attrlen_offset, &attrlen, 4);
3340        status = nfs_ok;
3341
3342out:
3343#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3344        if (context)
3345                security_release_secctx(context, contextlen);
3346#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
3347        kfree(acl);
3348        if (tempfh) {
3349                fh_put(tempfh);
3350                kfree(tempfh);
3351        }
3352        if (status)
3353                xdr_truncate_encode(xdr, starting_len);
3354        return status;
3355out_nfserr:
3356        status = nfserrno(err);
3357        goto out;
3358out_resource:
3359        status = nfserr_resource;
3360        goto out;
3361}
3362
3363static void svcxdr_init_encode_from_buffer(struct xdr_stream *xdr,
3364                                struct xdr_buf *buf, __be32 *p, int bytes)
3365{
3366        xdr->scratch.iov_len = 0;
3367        memset(buf, 0, sizeof(struct xdr_buf));
3368        buf->head[0].iov_base = p;
3369        buf->head[0].iov_len = 0;
3370        buf->len = 0;
3371        xdr->buf = buf;
3372        xdr->iov = buf->head;
3373        xdr->p = p;
3374        xdr->end = (void *)p + bytes;
3375        buf->buflen = bytes;
3376}
3377
3378__be32 nfsd4_encode_fattr_to_buf(__be32 **p, int words,
3379                        struct svc_fh *fhp, struct svc_export *exp,
3380                        struct dentry *dentry, u32 *bmval,
3381                        struct svc_rqst *rqstp, int ignore_crossmnt)
3382{
3383        struct xdr_buf dummy;
3384        struct xdr_stream xdr;
3385        __be32 ret;
3386
3387        svcxdr_init_encode_from_buffer(&xdr, &dummy, *p, words << 2);
3388        ret = nfsd4_encode_fattr(&xdr, fhp, exp, dentry, bmval, rqstp,
3389                                                        ignore_crossmnt);
3390        *p = xdr.p;
3391        return ret;
3392}
3393
3394static inline int attributes_need_mount(u32 *bmval)
3395{
3396        if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME))
3397                return 1;
3398        if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID)
3399                return 1;
3400        return 0;
3401}
3402
3403static __be32
3404nfsd4_encode_dirent_fattr(struct xdr_stream *xdr, struct nfsd4_readdir *cd,
3405                        const char *name, int namlen)
3406{
3407        struct svc_export *exp = cd->rd_fhp->fh_export;
3408        struct dentry *dentry;
3409        __be32 nfserr;
3410        int ignore_crossmnt = 0;
3411
3412        dentry = lookup_positive_unlocked(name, cd->rd_fhp->fh_dentry, namlen);
3413        if (IS_ERR(dentry))
3414                return nfserrno(PTR_ERR(dentry));
3415
3416        exp_get(exp);
3417        /*
3418         * In the case of a mountpoint, the client may be asking for
3419         * attributes that are only properties of the underlying filesystem
3420         * as opposed to the cross-mounted file system. In such a case,
3421         * we will not follow the cross mount and will fill the attribtutes
3422         * directly from the mountpoint dentry.
3423         */
3424        if (nfsd_mountpoint(dentry, exp)) {
3425                int err;
3426
3427                if (!(exp->ex_flags & NFSEXP_V4ROOT)
3428                                && !attributes_need_mount(cd->rd_bmval)) {
3429                        ignore_crossmnt = 1;
3430                        goto out_encode;
3431                }
3432                /*
3433                 * Why the heck aren't we just using nfsd_lookup??
3434                 * Different "."/".." handling?  Something else?
3435                 * At least, add a comment here to explain....
3436                 */
3437                err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp);
3438                if (err) {
3439                        nfserr = nfserrno(err);
3440                        goto out_put;
3441                }
3442                nfserr = check_nfsd_access(exp, cd->rd_rqstp);
3443                if (nfserr)
3444                        goto out_put;
3445
3446        }
3447out_encode:
3448        nfserr = nfsd4_encode_fattr(xdr, NULL, exp, dentry, cd->rd_bmval,
3449                                        cd->rd_rqstp, ignore_crossmnt);
3450out_put:
3451        dput(dentry);
3452        exp_put(exp);
3453        return nfserr;
3454}
3455
3456static __be32 *
3457nfsd4_encode_rdattr_error(struct xdr_stream *xdr, __be32 nfserr)
3458{
3459        __be32 *p;
3460
3461        p = xdr_reserve_space(xdr, 20);
3462        if (!p)
3463                return NULL;
3464        *p++ = htonl(2);
3465        *p++ = htonl(FATTR4_WORD0_RDATTR_ERROR); /* bmval0 */
3466        *p++ = htonl(0);                         /* bmval1 */
3467
3468        *p++ = htonl(4);     /* attribute length */
3469        *p++ = nfserr;       /* no htonl */
3470        return p;
3471}
3472
3473static int
3474nfsd4_encode_dirent(void *ccdv, const char *name, int namlen,
3475                    loff_t offset, u64 ino, unsigned int d_type)
3476{
3477        struct readdir_cd *ccd = ccdv;
3478        struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common);
3479        struct xdr_stream *xdr = cd->xdr;
3480        int start_offset = xdr->buf->len;
3481        int cookie_offset;
3482        u32 name_and_cookie;
3483        int entry_bytes;
3484        __be32 nfserr = nfserr_toosmall;
3485        __be64 wire_offset;
3486        __be32 *p;
3487
3488        /* In nfsv4, "." and ".." never make it onto the wire.. */
3489        if (name && isdotent(name, namlen)) {
3490                cd->common.err = nfs_ok;
3491                return 0;
3492        }
3493
3494        if (cd->cookie_offset) {
3495                wire_offset = cpu_to_be64(offset);
3496                write_bytes_to_xdr_buf(xdr->buf, cd->cookie_offset,
3497                                                        &wire_offset, 8);
3498        }
3499
3500        p = xdr_reserve_space(xdr, 4);
3501        if (!p)
3502                goto fail;
3503        *p++ = xdr_one;                             /* mark entry present */
3504        cookie_offset = xdr->buf->len;
3505        p = xdr_reserve_space(xdr, 3*4 + namlen);
3506        if (!p)
3507                goto fail;
3508        p = xdr_encode_hyper(p, OFFSET_MAX);        /* offset of next entry */
3509        p = xdr_encode_array(p, name, namlen);      /* name length & name */
3510
3511        nfserr = nfsd4_encode_dirent_fattr(xdr, cd, name, namlen);
3512        switch (nfserr) {
3513        case nfs_ok:
3514                break;
3515        case nfserr_resource:
3516                nfserr = nfserr_toosmall;
3517                goto fail;
3518        case nfserr_noent:
3519                xdr_truncate_encode(xdr, start_offset);
3520                goto skip_entry;
3521        default:
3522                /*
3523                 * If the client requested the RDATTR_ERROR attribute,
3524                 * we stuff the error code into this attribute
3525                 * and continue.  If this attribute was not requested,
3526                 * then in accordance with the spec, we fail the
3527                 * entire READDIR operation(!)
3528                 */
3529                if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR))
3530                        goto fail;
3531                p = nfsd4_encode_rdattr_error(xdr, nfserr);
3532                if (p == NULL) {
3533                        nfserr = nfserr_toosmall;
3534                        goto fail;
3535                }
3536        }
3537        nfserr = nfserr_toosmall;
3538        entry_bytes = xdr->buf->len - start_offset;
3539        if (entry_bytes > cd->rd_maxcount)
3540                goto fail;
3541        cd->rd_maxcount -= entry_bytes;
3542        /*
3543         * RFC 3530 14.2.24 describes rd_dircount as only a "hint", and
3544         * notes that it could be zero. If it is zero, then the server
3545         * should enforce only the rd_maxcount value.
3546         */
3547        if (cd->rd_dircount) {
3548                name_and_cookie = 4 + 4 * XDR_QUADLEN(namlen) + 8;
3549                if (name_and_cookie > cd->rd_dircount && cd->cookie_offset)
3550                        goto fail;
3551                cd->rd_dircount -= min(cd->rd_dircount, name_and_cookie);
3552                if (!cd->rd_dircount)
3553                        cd->rd_maxcount = 0;
3554        }
3555
3556        cd->cookie_offset = cookie_offset;
3557skip_entry:
3558        cd->common.err = nfs_ok;
3559        return 0;
3560fail:
3561        xdr_truncate_encode(xdr, start_offset);
3562        cd->common.err = nfserr;
3563        return -EINVAL;
3564}
3565
3566static __be32
3567nfsd4_encode_stateid(struct xdr_stream *xdr, stateid_t *sid)
3568{
3569        __be32 *p;
3570
3571        p = xdr_reserve_space(xdr, sizeof(stateid_t));
3572        if (!p)
3573                return nfserr_resource;
3574        *p++ = cpu_to_be32(sid->si_generation);
3575        p = xdr_encode_opaque_fixed(p, &sid->si_opaque,
3576                                        sizeof(stateid_opaque_t));
3577        return 0;
3578}
3579
3580static __be32
3581nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_access *access)
3582{
3583        struct xdr_stream *xdr = resp->xdr;
3584        __be32 *p;
3585
3586        p = xdr_reserve_space(xdr, 8);
3587        if (!p)
3588                return nfserr_resource;
3589        *p++ = cpu_to_be32(access->ac_supported);
3590        *p++ = cpu_to_be32(access->ac_resp_access);
3591        return 0;
3592}
3593
3594static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_bind_conn_to_session *bcts)
3595{
3596        struct xdr_stream *xdr = resp->xdr;
3597        __be32 *p;
3598
3599        p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 8);
3600        if (!p)
3601                return nfserr_resource;
3602        p = xdr_encode_opaque_fixed(p, bcts->sessionid.data,
3603                                        NFS4_MAX_SESSIONID_LEN);
3604        *p++ = cpu_to_be32(bcts->dir);
3605        /* Upshifting from TCP to RDMA is not supported */
3606        *p++ = cpu_to_be32(0);
3607        return 0;
3608}
3609
3610static __be32
3611nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_close *close)
3612{
3613        struct xdr_stream *xdr = resp->xdr;
3614
3615        return nfsd4_encode_stateid(xdr, &close->cl_stateid);
3616}
3617
3618
3619static __be32
3620nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_commit *commit)
3621{
3622        struct xdr_stream *xdr = resp->xdr;
3623        __be32 *p;
3624
3625        p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
3626        if (!p)
3627                return nfserr_resource;
3628        p = xdr_encode_opaque_fixed(p, commit->co_verf.data,
3629                                                NFS4_VERIFIER_SIZE);
3630        return 0;
3631}
3632
3633static __be32
3634nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_create *create)
3635{
3636        struct xdr_stream *xdr = resp->xdr;
3637        __be32 *p;
3638
3639        p = xdr_reserve_space(xdr, 20);
3640        if (!p)
3641                return nfserr_resource;
3642        encode_cinfo(p, &create->cr_cinfo);
3643        return nfsd4_encode_bitmap(xdr, create->cr_bmval[0],
3644                        create->cr_bmval[1], create->cr_bmval[2]);
3645}
3646
3647static __be32
3648nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_getattr *getattr)
3649{
3650        struct svc_fh *fhp = getattr->ga_fhp;
3651        struct xdr_stream *xdr = resp->xdr;
3652
3653        return nfsd4_encode_fattr(xdr, fhp, fhp->fh_export, fhp->fh_dentry,
3654                                    getattr->ga_bmval, resp->rqstp, 0);
3655}
3656
3657static __be32
3658nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr, struct svc_fh **fhpp)
3659{
3660        struct xdr_stream *xdr = resp->xdr;
3661        struct svc_fh *fhp = *fhpp;
3662        unsigned int len;
3663        __be32 *p;
3664
3665        len = fhp->fh_handle.fh_size;
3666        p = xdr_reserve_space(xdr, len + 4);
3667        if (!p)
3668                return nfserr_resource;
3669        p = xdr_encode_opaque(p, &fhp->fh_handle.fh_raw, len);
3670        return 0;
3671}
3672
3673/*
3674* Including all fields other than the name, a LOCK4denied structure requires
3675*   8(clientid) + 4(namelen) + 8(offset) + 8(length) + 4(type) = 32 bytes.
3676*/
3677static __be32
3678nfsd4_encode_lock_denied(struct xdr_stream *xdr, struct nfsd4_lock_denied *ld)
3679{
3680        struct xdr_netobj *conf = &ld->ld_owner;
3681        __be32 *p;
3682
3683again:
3684        p = xdr_reserve_space(xdr, 32 + XDR_LEN(conf->len));
3685        if (!p) {
3686                /*
3687                 * Don't fail to return the result just because we can't
3688                 * return the conflicting open:
3689                 */
3690                if (conf->len) {
3691                        kfree(conf->data);
3692                        conf->len = 0;
3693                        conf->data = NULL;
3694                        goto again;
3695                }
3696                return nfserr_resource;
3697        }
3698        p = xdr_encode_hyper(p, ld->ld_start);
3699        p = xdr_encode_hyper(p, ld->ld_length);
3700        *p++ = cpu_to_be32(ld->ld_type);
3701        if (conf->len) {
3702                p = xdr_encode_opaque_fixed(p, &ld->ld_clientid, 8);
3703                p = xdr_encode_opaque(p, conf->data, conf->len);
3704                kfree(conf->data);
3705        }  else {  /* non - nfsv4 lock in conflict, no clientid nor owner */
3706                p = xdr_encode_hyper(p, (u64)0); /* clientid */
3707                *p++ = cpu_to_be32(0); /* length of owner name */
3708        }
3709        return nfserr_denied;
3710}
3711
3712static __be32
3713nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lock *lock)
3714{
3715        struct xdr_stream *xdr = resp->xdr;
3716
3717        if (!nfserr)
3718                nfserr = nfsd4_encode_stateid(xdr, &lock->lk_resp_stateid);
3719        else if (nfserr == nfserr_denied)
3720                nfserr = nfsd4_encode_lock_denied(xdr, &lock->lk_denied);
3721
3722        return nfserr;
3723}
3724
3725static __be32
3726nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lockt *lockt)
3727{
3728        struct xdr_stream *xdr = resp->xdr;
3729
3730        if (nfserr == nfserr_denied)
3731                nfsd4_encode_lock_denied(xdr, &lockt->lt_denied);
3732        return nfserr;
3733}
3734
3735static __be32
3736nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_locku *locku)
3737{
3738        struct xdr_stream *xdr = resp->xdr;
3739
3740        return nfsd4_encode_stateid(xdr, &locku->lu_stateid);
3741}
3742
3743
3744static __be32
3745nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_link *link)
3746{
3747        struct xdr_stream *xdr = resp->xdr;
3748        __be32 *p;
3749
3750        p = xdr_reserve_space(xdr, 20);
3751        if (!p)
3752                return nfserr_resource;
3753        p = encode_cinfo(p, &link->li_cinfo);
3754        return 0;
3755}
3756
3757
3758static __be32
3759nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open *open)
3760{
3761        struct xdr_stream *xdr = resp->xdr;
3762        __be32 *p;
3763
3764        nfserr = nfsd4_encode_stateid(xdr, &open->op_stateid);
3765        if (nfserr)
3766                return nfserr;
3767        p = xdr_reserve_space(xdr, 24);
3768        if (!p)
3769                return nfserr_resource;
3770        p = encode_cinfo(p, &open->op_cinfo);
3771        *p++ = cpu_to_be32(open->op_rflags);
3772
3773        nfserr = nfsd4_encode_bitmap(xdr, open->op_bmval[0], open->op_bmval[1],
3774                                        open->op_bmval[2]);
3775        if (nfserr)
3776                return nfserr;
3777
3778        p = xdr_reserve_space(xdr, 4);
3779        if (!p)
3780                return nfserr_resource;
3781
3782        *p++ = cpu_to_be32(open->op_delegate_type);
3783        switch (open->op_delegate_type) {
3784        case NFS4_OPEN_DELEGATE_NONE:
3785                break;
3786        case NFS4_OPEN_DELEGATE_READ:
3787                nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid);
3788                if (nfserr)
3789                        return nfserr;
3790                p = xdr_reserve_space(xdr, 20);
3791                if (!p)
3792                        return nfserr_resource;
3793                *p++ = cpu_to_be32(open->op_recall);
3794
3795                /*
3796                 * TODO: ACE's in delegations
3797                 */
3798                *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
3799                *p++ = cpu_to_be32(0);
3800                *p++ = cpu_to_be32(0);
3801                *p++ = cpu_to_be32(0);   /* XXX: is NULL principal ok? */
3802                break;
3803        case NFS4_OPEN_DELEGATE_WRITE:
3804                nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid);
3805                if (nfserr)
3806                        return nfserr;
3807                p = xdr_reserve_space(xdr, 32);
3808                if (!p)
3809                        return nfserr_resource;
3810                *p++ = cpu_to_be32(0);
3811
3812                /*
3813                 * TODO: space_limit's in delegations
3814                 */
3815                *p++ = cpu_to_be32(NFS4_LIMIT_SIZE);
3816                *p++ = cpu_to_be32(~(u32)0);
3817                *p++ = cpu_to_be32(~(u32)0);
3818
3819                /*
3820                 * TODO: ACE's in delegations
3821                 */
3822                *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
3823                *p++ = cpu_to_be32(0);
3824                *p++ = cpu_to_be32(0);
3825                *p++ = cpu_to_be32(0);   /* XXX: is NULL principal ok? */
3826                break;
3827        case NFS4_OPEN_DELEGATE_NONE_EXT: /* 4.1 */
3828                switch (open->op_why_no_deleg) {
3829                case WND4_CONTENTION:
3830                case WND4_RESOURCE:
3831                        p = xdr_reserve_space(xdr, 8);
3832                        if (!p)
3833                                return nfserr_resource;
3834                        *p++ = cpu_to_be32(open->op_why_no_deleg);
3835                        /* deleg signaling not supported yet: */
3836                        *p++ = cpu_to_be32(0);
3837                        break;
3838                default:
3839                        p = xdr_reserve_space(xdr, 4);
3840                        if (!p)
3841                                return nfserr_resource;
3842                        *p++ = cpu_to_be32(open->op_why_no_deleg);
3843                }
3844                break;
3845        default:
3846                BUG();
3847        }
3848        /* XXX save filehandle here */
3849        return 0;
3850}
3851
3852static __be32
3853nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_confirm *oc)
3854{
3855        struct xdr_stream *xdr = resp->xdr;
3856
3857        return nfsd4_encode_stateid(xdr, &oc->oc_resp_stateid);
3858}
3859
3860static __be32
3861nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_downgrade *od)
3862{
3863        struct xdr_stream *xdr = resp->xdr;
3864
3865        return nfsd4_encode_stateid(xdr, &od->od_stateid);
3866}
3867
3868static __be32 nfsd4_encode_splice_read(
3869                                struct nfsd4_compoundres *resp,
3870                                struct nfsd4_read *read,
3871                                struct file *file, unsigned long maxcount)
3872{
3873        struct xdr_stream *xdr = resp->xdr;
3874        struct xdr_buf *buf = xdr->buf;
3875        int status, space_left;
3876        u32 eof;
3877        __be32 nfserr;
3878        __be32 *p = xdr->p - 2;
3879
3880        /* Make sure there will be room for padding if needed */
3881        if (xdr->end - xdr->p < 1)
3882                return nfserr_resource;
3883
3884        nfserr = nfsd_splice_read(read->rd_rqstp, read->rd_fhp,
3885                                  file, read->rd_offset, &maxcount, &eof);
3886        read->rd_length = maxcount;
3887        if (nfserr)
3888                goto out_err;
3889        status = svc_encode_result_payload(read->rd_rqstp,
3890                                           buf->head[0].iov_len, maxcount);
3891        if (status) {
3892                nfserr = nfserrno(status);
3893                goto out_err;
3894        }
3895
3896        *(p++) = htonl(eof);
3897        *(p++) = htonl(maxcount);
3898
3899        buf->page_len = maxcount;
3900        buf->len += maxcount;
3901        xdr->page_ptr += (buf->page_base + maxcount + PAGE_SIZE - 1)
3902                                                        / PAGE_SIZE;
3903
3904        /* Use rest of head for padding and remaining ops: */
3905        buf->tail[0].iov_base = xdr->p;
3906        buf->tail[0].iov_len = 0;
3907        xdr->iov = buf->tail;
3908        if (maxcount&3) {
3909                int pad = 4 - (maxcount&3);
3910
3911                *(xdr->p++) = 0;
3912
3913                buf->tail[0].iov_base += maxcount&3;
3914                buf->tail[0].iov_len = pad;
3915                buf->len += pad;
3916        }
3917
3918        space_left = min_t(int, (void *)xdr->end - (void *)xdr->p,
3919                                buf->buflen - buf->len);
3920        buf->buflen = buf->len + space_left;
3921        xdr->end = (__be32 *)((void *)xdr->end + space_left);
3922
3923        return 0;
3924
3925out_err:
3926        /*
3927         * nfsd_splice_actor may have already messed with the
3928         * page length; reset it so as not to confuse
3929         * xdr_truncate_encode in our caller.
3930         */
3931        buf->page_len = 0;
3932        return nfserr;
3933}
3934
3935static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp,
3936                                 struct nfsd4_read *read,
3937                                 struct file *file, unsigned long maxcount)
3938{
3939        struct xdr_stream *xdr = resp->xdr;
3940        u32 eof;
3941        int starting_len = xdr->buf->len - 8;
3942        __be32 nfserr;
3943        __be32 tmp;
3944        int pad;
3945
3946        read->rd_vlen = xdr_reserve_space_vec(xdr, resp->rqstp->rq_vec, maxcount);
3947        if (read->rd_vlen < 0)
3948                return nfserr_resource;
3949
3950        nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset,
3951                            resp->rqstp->rq_vec, read->rd_vlen, &maxcount,
3952                            &eof);
3953        read->rd_length = maxcount;
3954        if (nfserr)
3955                return nfserr;
3956        if (svc_encode_result_payload(resp->rqstp, starting_len + 8, maxcount))
3957                return nfserr_io;
3958        xdr_truncate_encode(xdr, starting_len + 8 + xdr_align_size(maxcount));
3959
3960        tmp = htonl(eof);
3961        write_bytes_to_xdr_buf(xdr->buf, starting_len    , &tmp, 4);
3962        tmp = htonl(maxcount);
3963        write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4);
3964
3965        tmp = xdr_zero;
3966        pad = (maxcount&3) ? 4 - (maxcount&3) : 0;
3967        write_bytes_to_xdr_buf(xdr->buf, starting_len + 8 + maxcount,
3968                                                                &tmp, pad);
3969        return 0;
3970
3971}
3972
3973static __be32
3974nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr,
3975                  struct nfsd4_read *read)
3976{
3977        unsigned long maxcount;
3978        struct xdr_stream *xdr = resp->xdr;
3979        struct file *file;
3980        int starting_len = xdr->buf->len;
3981        __be32 *p;
3982
3983        if (nfserr)
3984                return nfserr;
3985        file = read->rd_nf->nf_file;
3986
3987        p = xdr_reserve_space(xdr, 8); /* eof flag and byte count */
3988        if (!p) {
3989                WARN_ON_ONCE(test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags));
3990                return nfserr_resource;
3991        }
3992        if (resp->xdr->buf->page_len &&
3993            test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags)) {
3994                WARN_ON_ONCE(1);
3995                return nfserr_resource;
3996        }
3997        xdr_commit_encode(xdr);
3998
3999        maxcount = min_t(unsigned long, read->rd_length,
4000                         (xdr->buf->buflen - xdr->buf->len));

4001
4002        if (file->f_op->splice_read &&
4003            test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags))
4004                nfserr = nfsd4_encode_splice_read(resp, read, file, maxcount);
4005        else
4006                nfserr = nfsd4_encode_readv(resp, read, file, maxcount);
4007
4008        if (nfserr)
4009                xdr_truncate_encode(xdr, starting_len);
4010
4011        return nfserr;
4012}
4013
4014static __be32
4015nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readlink *readlink)
4016{
4017        int maxcount;
4018        __be32 wire_count;
4019        int zero = 0;
4020        struct xdr_stream *xdr = resp->xdr;
4021        int length_offset = xdr->buf->len;
4022        int status;
4023        __be32 *p;
4024
4025        p = xdr_reserve_space(xdr, 4);
4026        if (!p)
4027                return nfserr_resource;
4028        maxcount = PAGE_SIZE;
4029
4030        p = xdr_reserve_space(xdr, maxcount);
4031        if (!p)
4032                return nfserr_resource;
4033        /*
4034         * XXX: By default, vfs_readlink() will truncate symlinks if they
4035         * would overflow the buffer.  Is this kosher in NFSv4?  If not, one
4036         * easy fix is: if vfs_readlink() precisely fills the buffer, assume
4037         * that truncation occurred, and return NFS4ERR_RESOURCE.
4038         */
4039        nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp,
4040                                                (char *)p, &maxcount);
4041        if (nfserr == nfserr_isdir)
4042                nfserr = nfserr_inval;
4043        if (nfserr)
4044                goto out_err;
4045        status = svc_encode_result_payload(readlink->rl_rqstp, length_offset,
4046                                           maxcount);
4047        if (status) {
4048                nfserr = nfserrno(status);
4049                goto out_err;
4050        }
4051
4052        wire_count = htonl(maxcount);
4053        write_bytes_to_xdr_buf(xdr->buf, length_offset, &wire_count, 4);
4054        xdr_truncate_encode(xdr, length_offset + 4 + ALIGN(maxcount, 4));
4055        if (maxcount & 3)
4056                write_bytes_to_xdr_buf(xdr->buf, length_offset + 4 + maxcount,
4057                                                &zero, 4 - (maxcount&3));
4058        return 0;
4059
4060out_err:
4061        xdr_truncate_encode(xdr, length_offset);
4062        return nfserr;
4063}
4064
4065static __be32
4066nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readdir *readdir)
4067{
4068        int maxcount;
4069        int bytes_left;
4070        loff_t offset;
4071        __be64 wire_offset;
4072        struct xdr_stream *xdr = resp->xdr;
4073        int starting_len = xdr->buf->len;
4074        __be32 *p;
4075
4076        p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
4077        if (!p)
4078                return nfserr_resource;
4079
4080        /* XXX: Following NFSv3, we ignore the READDIR verifier for now. */
4081        *p++ = cpu_to_be32(0);
4082        *p++ = cpu_to_be32(0);
4083        xdr->buf->head[0].iov_len = (char *)xdr->p -
4084                                    (char *)xdr->buf->head[0].iov_base;
4085
4086        /*
4087         * Number of bytes left for directory entries allowing for the
4088         * final 8 bytes of the readdir and a following failed op:
4089         */
4090        bytes_left = xdr->buf->buflen - xdr->buf->len
4091                        - COMPOUND_ERR_SLACK_SPACE - 8;
4092        if (bytes_left < 0) {
4093                nfserr = nfserr_resource;
4094                goto err_no_verf;
4095        }
4096        maxcount = svc_max_payload(resp->rqstp);
4097        maxcount = min_t(u32, readdir->rd_maxcount, maxcount);
4098        /*
4099         * Note the rfc defines rd_maxcount as the size of the
4100         * READDIR4resok structure, which includes the verifier above
4101         * and the 8 bytes encoded at the end of this function:
4102         */
4103        if (maxcount < 16) {
4104                nfserr = nfserr_toosmall;
4105                goto err_no_verf;
4106        }
4107        maxcount = min_t(int, maxcount-16, bytes_left);
4108
4109        /* RFC 3530 14.2.24 allows us to ignore dircount when it's 0: */
4110        if (!readdir->rd_dircount)
4111                readdir->rd_dircount = svc_max_payload(resp->rqstp);
4112
4113        readdir->xdr = xdr;
4114        readdir->rd_maxcount = maxcount;
4115        readdir->common.err = 0;
4116        readdir->cookie_offset = 0;
4117
4118        offset = readdir->rd_cookie;
4119        nfserr = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp,
4120                              &offset,
4121                              &readdir->common, nfsd4_encode_dirent);
4122        if (nfserr == nfs_ok &&
4123            readdir->common.err == nfserr_toosmall &&
4124            xdr->buf->len == starting_len + 8) {
4125                /* nothing encoded; which limit did we hit?: */
4126                if (maxcount - 16 < bytes_left)
4127                        /* It was the fault of rd_maxcount: */
4128                        nfserr = nfserr_toosmall;
4129                else
4130                        /* We ran out of buffer space: */
4131                        nfserr = nfserr_resource;
4132        }
4133        if (nfserr)
4134                goto err_no_verf;
4135
4136        if (readdir->cookie_offset) {
4137                wire_offset = cpu_to_be64(offset);
4138                write_bytes_to_xdr_buf(xdr->buf, readdir->cookie_offset,
4139                                                        &wire_offset, 8);
4140        }
4141
4142        p = xdr_reserve_space(xdr, 8);
4143        if (!p) {
4144                WARN_ON_ONCE(1);
4145                goto err_no_verf;
4146        }
4147        *p++ = 0;       /* no more entries */
4148        *p++ = htonl(readdir->common.err == nfserr_eof);
4149
4150        return 0;
4151err_no_verf:
4152        xdr_truncate_encode(xdr, starting_len);
4153        return nfserr;
4154}
4155
4156static __be32
4157nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_remove *remove)
4158{
4159        struct xdr_stream *xdr = resp->xdr;
4160        __be32 *p;
4161
4162        p = xdr_reserve_space(xdr, 20);
4163        if (!p)
4164                return nfserr_resource;
4165        p = encode_cinfo(p, &remove->rm_cinfo);
4166        return 0;
4167}
4168
4169static __be32
4170nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_rename *rename)
4171{
4172        struct xdr_stream *xdr = resp->xdr;
4173        __be32 *p;
4174
4175        p = xdr_reserve_space(xdr, 40);
4176        if (!p)
4177                return nfserr_resource;
4178        p = encode_cinfo(p, &rename->rn_sinfo);
4179        p = encode_cinfo(p, &rename->rn_tinfo);
4180        return 0;
4181}
4182
4183static __be32
4184nfsd4_do_encode_secinfo(struct xdr_stream *xdr, struct svc_export *exp)
4185{
4186        u32 i, nflavs, supported;
4187        struct exp_flavor_info *flavs;
4188        struct exp_flavor_info def_flavs[2];
4189        __be32 *p, *flavorsp;
4190        static bool report = true;
4191
4192        if (exp->ex_nflavors) {
4193                flavs = exp->ex_flavors;
4194                nflavs = exp->ex_nflavors;
4195        } else { /* Handling of some defaults in absence of real secinfo: */
4196                flavs = def_flavs;
4197                if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) {
4198                        nflavs = 2;
4199                        flavs[0].pseudoflavor = RPC_AUTH_UNIX;
4200                        flavs[1].pseudoflavor = RPC_AUTH_NULL;
4201                } else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) {
4202                        nflavs = 1;
4203                        flavs[0].pseudoflavor
4204                                        = svcauth_gss_flavor(exp->ex_client);
4205                } else {
4206                        nflavs = 1;
4207                        flavs[0].pseudoflavor
4208                                        = exp->ex_client->flavour->flavour;
4209                }
4210        }
4211
4212        supported = 0;
4213        p = xdr_reserve_space(xdr, 4);
4214        if (!p)
4215                return nfserr_resource;
4216        flavorsp = p++;         /* to be backfilled later */
4217
4218        for (i = 0; i < nflavs; i++) {
4219                rpc_authflavor_t pf = flavs[i].pseudoflavor;
4220                struct rpcsec_gss_info info;
4221
4222                if (rpcauth_get_gssinfo(pf, &info) == 0) {
4223                        supported++;
4224                        p = xdr_reserve_space(xdr, 4 + 4 +
4225                                              XDR_LEN(info.oid.len) + 4 + 4);
4226                        if (!p)
4227                                return nfserr_resource;
4228                        *p++ = cpu_to_be32(RPC_AUTH_GSS);
4229                        p = xdr_encode_opaque(p,  info.oid.data, info.oid.len);
4230                        *p++ = cpu_to_be32(info.qop);
4231                        *p++ = cpu_to_be32(info.service);
4232                } else if (pf < RPC_AUTH_MAXFLAVOR) {
4233                        supported++;
4234                        p = xdr_reserve_space(xdr, 4);
4235                        if (!p)
4236                                return nfserr_resource;
4237                        *p++ = cpu_to_be32(pf);
4238                } else {
4239                        if (report)
4240                                pr_warn("NFS: SECINFO: security flavor %u "
4241                                        "is not supported\n", pf);
4242                }
4243        }
4244
4245        if (nflavs != supported)
4246                report = false;
4247        *flavorsp = htonl(supported);
4248        return 0;
4249}
4250
4251static __be32
4252nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
4253                     struct nfsd4_secinfo *secinfo)
4254{
4255        struct xdr_stream *xdr = resp->xdr;
4256
4257        return nfsd4_do_encode_secinfo(xdr, secinfo->si_exp);
4258}
4259
4260static __be32
4261nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr,
4262                     struct nfsd4_secinfo_no_name *secinfo)
4263{
4264        struct xdr_stream *xdr = resp->xdr;
4265
4266        return nfsd4_do_encode_secinfo(xdr, secinfo->sin_exp);
4267}
4268
4269/*
4270 * The SETATTR encode routine is special -- it always encodes a bitmap,
4271 * regardless of the error status.
4272 */
4273static __be32
4274nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setattr *setattr)
4275{
4276        struct xdr_stream *xdr = resp->xdr;
4277        __be32 *p;
4278
4279        p = xdr_reserve_space(xdr, 16);
4280        if (!p)
4281                return nfserr_resource;
4282        if (nfserr) {
4283                *p++ = cpu_to_be32(3);
4284                *p++ = cpu_to_be32(0);
4285                *p++ = cpu_to_be32(0);
4286                *p++ = cpu_to_be32(0);
4287        }
4288        else {
4289                *p++ = cpu_to_be32(3);
4290                *p++ = cpu_to_be32(setattr->sa_bmval[0]);
4291                *p++ = cpu_to_be32(setattr->sa_bmval[1]);
4292                *p++ = cpu_to_be32(setattr->sa_bmval[2]);
4293        }
4294        return nfserr;
4295}
4296
4297static __be32
4298nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setclientid *scd)
4299{
4300        struct xdr_stream *xdr = resp->xdr;
4301        __be32 *p;
4302
4303        if (!nfserr) {
4304                p = xdr_reserve_space(xdr, 8 + NFS4_VERIFIER_SIZE);
4305                if (!p)
4306                        return nfserr_resource;
4307                p = xdr_encode_opaque_fixed(p, &scd->se_clientid, 8);
4308                p = xdr_encode_opaque_fixed(p, &scd->se_confirm,
4309                                                NFS4_VERIFIER_SIZE);
4310        }
4311        else if (nfserr == nfserr_clid_inuse) {
4312                p = xdr_reserve_space(xdr, 8);
4313                if (!p)
4314                        return nfserr_resource;
4315                *p++ = cpu_to_be32(0);
4316                *p++ = cpu_to_be32(0);
4317        }
4318        return nfserr;
4319}
4320
4321static __be32
4322nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_write *write)
4323{
4324        struct xdr_stream *xdr = resp->xdr;
4325        __be32 *p;
4326
4327        p = xdr_reserve_space(xdr, 16);
4328        if (!p)
4329                return nfserr_resource;
4330        *p++ = cpu_to_be32(write->wr_bytes_written);
4331        *p++ = cpu_to_be32(write->wr_how_written);
4332        p = xdr_encode_opaque_fixed(p, write->wr_verifier.data,
4333                                                NFS4_VERIFIER_SIZE);
4334        return 0;
4335}
4336
4337static __be32
4338nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr,
4339                         struct nfsd4_exchange_id *exid)
4340{
4341        struct xdr_stream *xdr = resp->xdr;
4342        __be32 *p;
4343        char *major_id;
4344        char *server_scope;
4345        int major_id_sz;
4346        int server_scope_sz;
4347        uint64_t minor_id = 0;
4348        struct nfsd_net *nn = net_generic(SVC_NET(resp->rqstp), nfsd_net_id);
4349
4350        major_id = nn->nfsd_name;
4351        major_id_sz = strlen(nn->nfsd_name);
4352        server_scope = nn->nfsd_name;
4353        server_scope_sz = strlen(nn->nfsd_name);
4354
4355        p = xdr_reserve_space(xdr,
4356                8 /* eir_clientid */ +
4357                4 /* eir_sequenceid */ +
4358                4 /* eir_flags */ +
4359                4 /* spr_how */);
4360        if (!p)
4361                return nfserr_resource;
4362
4363        p = xdr_encode_opaque_fixed(p, &exid->clientid, 8);
4364        *p++ = cpu_to_be32(exid->seqid);
4365        *p++ = cpu_to_be32(exid->flags);
4366
4367        *p++ = cpu_to_be32(exid->spa_how);
4368
4369        switch (exid->spa_how) {
4370        case SP4_NONE:
4371                break;
4372        case SP4_MACH_CRED:
4373                /* spo_must_enforce bitmap: */
4374                nfserr = nfsd4_encode_bitmap(xdr,
4375                                        exid->spo_must_enforce[0],
4376                                        exid->spo_must_enforce[1],
4377                                        exid->spo_must_enforce[2]);
4378                if (nfserr)
4379                        return nfserr;
4380                /* spo_must_allow bitmap: */
4381                nfserr = nfsd4_encode_bitmap(xdr,
4382                                        exid->spo_must_allow[0],
4383                                        exid->spo_must_allow[1],
4384                                        exid->spo_must_allow[2]);
4385                if (nfserr)
4386                        return nfserr;
4387                break;
4388        default:
4389                WARN_ON_ONCE(1);
4390        }
4391
4392        p = xdr_reserve_space(xdr,
4393                8 /* so_minor_id */ +
4394                4 /* so_major_id.len */ +
4395                (XDR_QUADLEN(major_id_sz) * 4) +
4396                4 /* eir_server_scope.len */ +
4397                (XDR_QUADLEN(server_scope_sz) * 4) +
4398                4 /* eir_server_impl_id.count (0) */);
4399        if (!p)
4400                return nfserr_resource;
4401
4402        /* The server_owner struct */
4403        p = xdr_encode_hyper(p, minor_id);      /* Minor id */
4404        /* major id */
4405        p = xdr_encode_opaque(p, major_id, major_id_sz);
4406
4407        /* Server scope */
4408        p = xdr_encode_opaque(p, server_scope, server_scope_sz);
4409
4410        /* Implementation id */
4411        *p++ = cpu_to_be32(0);  /* zero length nfs_impl_id4 array */
4412        return 0;
4413}
4414
4415static __be32
4416nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr,
4417                            struct nfsd4_create_session *sess)
4418{
4419        struct xdr_stream *xdr = resp->xdr;
4420        __be32 *p;
4421
4422        p = xdr_reserve_space(xdr, 24);
4423        if (!p)
4424                return nfserr_resource;
4425        p = xdr_encode_opaque_fixed(p, sess->sessionid.data,
4426                                        NFS4_MAX_SESSIONID_LEN);
4427        *p++ = cpu_to_be32(sess->seqid);
4428        *p++ = cpu_to_be32(sess->flags);
4429
4430        p = xdr_reserve_space(xdr, 28);
4431        if (!p)
4432                return nfserr_resource;
4433        *p++ = cpu_to_be32(0); /* headerpadsz */
4434        *p++ = cpu_to_be32(sess->fore_channel.maxreq_sz);
4435        *p++ = cpu_to_be32(sess->fore_channel.maxresp_sz);
4436        *p++ = cpu_to_be32(sess->fore_channel.maxresp_cached);
4437        *p++ = cpu_to_be32(sess->fore_channel.maxops);
4438        *p++ = cpu_to_be32(sess->fore_channel.maxreqs);
4439        *p++ = cpu_to_be32(sess->fore_channel.nr_rdma_attrs);
4440
4441        if (sess->fore_channel.nr_rdma_attrs) {
4442                p = xdr_reserve_space(xdr, 4);
4443                if (!p)
4444                        return nfserr_resource;
4445                *p++ = cpu_to_be32(sess->fore_channel.rdma_attrs);
4446        }
4447
4448        p = xdr_reserve_space(xdr, 28);
4449        if (!p)
4450                return nfserr_resource;
4451        *p++ = cpu_to_be32(0); /* headerpadsz */
4452        *p++ = cpu_to_be32(sess->back_channel.maxreq_sz);
4453        *p++ = cpu_to_be32(sess->back_channel.maxresp_sz);
4454        *p++ = cpu_to_be32(sess->back_channel.maxresp_cached);
4455        *p++ = cpu_to_be32(sess->back_channel.maxops);
4456        *p++ = cpu_to_be32(sess->back_channel.maxreqs);
4457        *p++ = cpu_to_be32(sess->back_channel.nr_rdma_attrs);
4458
4459        if (sess->back_channel.nr_rdma_attrs) {
4460                p = xdr_reserve_space(xdr, 4);
4461                if (!p)
4462                        return nfserr_resource;
4463                *p++ = cpu_to_be32(sess->back_channel.rdma_attrs);
4464        }
4465        return 0;
4466}
4467
4468static __be32
4469nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr,
4470                      struct nfsd4_sequence *seq)
4471{
4472        struct xdr_stream *xdr = resp->xdr;
4473        __be32 *p;
4474
4475        p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 20);
4476        if (!p)
4477                return nfserr_resource;
4478        p = xdr_encode_opaque_fixed(p, seq->sessionid.data,
4479                                        NFS4_MAX_SESSIONID_LEN);
4480        *p++ = cpu_to_be32(seq->seqid);
4481        *p++ = cpu_to_be32(seq->slotid);
4482        /* Note slotid's are numbered from zero: */
4483        *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_highest_slotid */
4484        *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_target_highest_slotid */
4485        *p++ = cpu_to_be32(seq->status_flags);
4486
4487        resp->cstate.data_offset = xdr->buf->len; /* DRC cache data pointer */
4488        return 0;
4489}
4490
4491static __be32
4492nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr,
4493                          struct nfsd4_test_stateid *test_stateid)
4494{
4495        struct xdr_stream *xdr = resp->xdr;
4496        struct nfsd4_test_stateid_id *stateid, *next;
4497        __be32 *p;
4498
4499        p = xdr_reserve_space(xdr, 4 + (4 * test_stateid->ts_num_ids));
4500        if (!p)
4501                return nfserr_resource;
4502        *p++ = htonl(test_stateid->ts_num_ids);
4503
4504        list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) {
4505                *p++ = stateid->ts_id_status;
4506        }
4507
4508        return 0;
4509}
4510
4511#ifdef CONFIG_NFSD_PNFS
4512static __be32
4513nfsd4_encode_getdeviceinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
4514                struct nfsd4_getdeviceinfo *gdev)
4515{
4516        struct xdr_stream *xdr = resp->xdr;
4517        const struct nfsd4_layout_ops *ops;
4518        u32 starting_len = xdr->buf->len, needed_len;
4519        __be32 *p;
4520
4521        p = xdr_reserve_space(xdr, 4);
4522        if (!p)
4523                return nfserr_resource;
4524
4525        *p++ = cpu_to_be32(gdev->gd_layout_type);
4526
4527        /* If maxcount is 0 then just update notifications */
4528        if (gdev->gd_maxcount != 0) {
4529                ops = nfsd4_layout_ops[gdev->gd_layout_type];
4530                nfserr = ops->encode_getdeviceinfo(xdr, gdev);
4531                if (nfserr) {
4532                        /*
4533                         * We don't bother to burden the layout drivers with
4534                         * enforcing gd_maxcount, just tell the client to
4535                         * come back with a bigger buffer if it's not enough.
4536                         */
4537                        if (xdr->buf->len + 4 > gdev->gd_maxcount)
4538                                goto toosmall;
4539                        return nfserr;
4540                }
4541        }
4542
4543        if (gdev->gd_notify_types) {
4544                p = xdr_reserve_space(xdr, 4 + 4);
4545                if (!p)
4546                        return nfserr_resource;
4547                *p++ = cpu_to_be32(1);                  /* bitmap length */
4548                *p++ = cpu_to_be32(gdev->gd_notify_types);
4549        } else {
4550                p = xdr_reserve_space(xdr, 4);
4551                if (!p)
4552                        return nfserr_resource;
4553                *p++ = 0;
4554        }
4555
4556        return 0;
4557toosmall:
4558        dprintk("%s: maxcount too small\n", __func__);
4559        needed_len = xdr->buf->len + 4 /* notifications */;
4560        xdr_truncate_encode(xdr, starting_len);
4561        p = xdr_reserve_space(xdr, 4);
4562        if (!p)
4563                return nfserr_resource;
4564        *p++ = cpu_to_be32(needed_len);
4565        return nfserr_toosmall;
4566}
4567
4568static __be32
4569nfsd4_encode_layoutget(struct nfsd4_compoundres *resp, __be32 nfserr,
4570                struct nfsd4_layoutget *lgp)
4571{
4572        struct xdr_stream *xdr = resp->xdr;
4573        const struct nfsd4_layout_ops *ops;
4574        __be32 *p;
4575
4576        p = xdr_reserve_space(xdr, 36 + sizeof(stateid_opaque_t));
4577        if (!p)
4578                return nfserr_resource;
4579
4580        *p++ = cpu_to_be32(1);  /* we always set return-on-close */
4581        *p++ = cpu_to_be32(lgp->lg_sid.si_generation);
4582        p = xdr_encode_opaque_fixed(p, &lgp->lg_sid.si_opaque,
4583                                    sizeof(stateid_opaque_t));
4584
4585        *p++ = cpu_to_be32(1);  /* we always return a single layout */
4586        p = xdr_encode_hyper(p, lgp->lg_seg.offset);
4587        p = xdr_encode_hyper(p, lgp->lg_seg.length);
4588        *p++ = cpu_to_be32(lgp->lg_seg.iomode);
4589        *p++ = cpu_to_be32(lgp->lg_layout_type);
4590
4591        ops = nfsd4_layout_ops[lgp->lg_layout_type];
4592        return ops->encode_layoutget(xdr, lgp);
4593}
4594
4595static __be32
4596nfsd4_encode_layoutcommit(struct nfsd4_compoundres *resp, __be32 nfserr,
4597                          struct nfsd4_layoutcommit *lcp)
4598{
4599        struct xdr_stream *xdr = resp->xdr;
4600        __be32 *p;
4601
4602        p = xdr_reserve_space(xdr, 4);
4603        if (!p)
4604                return nfserr_resource;
4605        *p++ = cpu_to_be32(lcp->lc_size_chg);
4606        if (lcp->lc_size_chg) {
4607                p = xdr_reserve_space(xdr, 8);
4608                if (!p)
4609                        return nfserr_resource;
4610                p = xdr_encode_hyper(p, lcp->lc_newsize);
4611        }
4612
4613        return 0;
4614}
4615
4616static __be32
4617nfsd4_encode_layoutreturn(struct nfsd4_compoundres *resp, __be32 nfserr,
4618                struct nfsd4_layoutreturn *lrp)
4619{
4620        struct xdr_stream *xdr = resp->xdr;
4621        __be32 *p;
4622
4623        p = xdr_reserve_space(xdr, 4);
4624        if (!p)
4625                return nfserr_resource;
4626        *p++ = cpu_to_be32(lrp->lrs_present);
4627        if (lrp->lrs_present)
4628                return nfsd4_encode_stateid(xdr, &lrp->lr_sid);
4629        return 0;
4630}
4631#endif /* CONFIG_NFSD_PNFS */
4632
4633static __be32
4634nfsd42_encode_write_res(struct nfsd4_compoundres *resp,
4635                struct nfsd42_write_res *write, bool sync)
4636{
4637        __be32 *p;
4638        p = xdr_reserve_space(resp->xdr, 4);
4639        if (!p)
4640                return nfserr_resource;
4641
4642        if (sync)
4643                *p++ = cpu_to_be32(0);
4644        else {
4645                __be32 nfserr;
4646                *p++ = cpu_to_be32(1);
4647                nfserr = nfsd4_encode_stateid(resp->xdr, &write->cb_stateid);
4648                if (nfserr)
4649                        return nfserr;
4650        }
4651        p = xdr_reserve_space(resp->xdr, 8 + 4 + NFS4_VERIFIER_SIZE);
4652        if (!p)
4653                return nfserr_resource;
4654
4655        p = xdr_encode_hyper(p, write->wr_bytes_written);
4656        *p++ = cpu_to_be32(write->wr_stable_how);
4657        p = xdr_encode_opaque_fixed(p, write->wr_verifier.data,
4658                                    NFS4_VERIFIER_SIZE);
4659        return nfs_ok;
4660}
4661
4662static __be32
4663nfsd42_encode_nl4_server(struct nfsd4_compoundres *resp, struct nl4_server *ns)
4664{
4665        struct xdr_stream *xdr = resp->xdr;
4666        struct nfs42_netaddr *addr;
4667        __be32 *p;
4668
4669        p = xdr_reserve_space(xdr, 4);
4670        *p++ = cpu_to_be32(ns->nl4_type);
4671
4672        switch (ns->nl4_type) {
4673        case NL4_NETADDR:
4674                addr = &ns->u.nl4_addr;
4675
4676                /* netid_len, netid, uaddr_len, uaddr (port included
4677                 * in RPCBIND_MAXUADDRLEN)
4678                 */
4679                p = xdr_reserve_space(xdr,
4680                        4 /* netid len */ +
4681                        (XDR_QUADLEN(addr->netid_len) * 4) +
4682                        4 /* uaddr len */ +
4683                        (XDR_QUADLEN(addr->addr_len) * 4));
4684                if (!p)
4685                        return nfserr_resource;
4686
4687                *p++ = cpu_to_be32(addr->netid_len);
4688                p = xdr_encode_opaque_fixed(p, addr->netid,
4689                                            addr->netid_len);
4690                *p++ = cpu_to_be32(addr->addr_len);
4691                p = xdr_encode_opaque_fixed(p, addr->addr,
4692                                        addr->addr_len);
4693                break;
4694        default:
4695                WARN_ON_ONCE(ns->nl4_type != NL4_NETADDR);
4696                return nfserr_inval;
4697        }
4698
4699        return 0;
4700}
4701
4702static __be32
4703nfsd4_encode_copy(struct nfsd4_compoundres *resp, __be32 nfserr,
4704                  struct nfsd4_copy *copy)
4705{
4706        __be32 *p;
4707
4708        nfserr = nfsd42_encode_write_res(resp, &copy->cp_res,
4709                                         !!copy->cp_synchronous);
4710        if (nfserr)
4711                return nfserr;
4712
4713        p = xdr_reserve_space(resp->xdr, 4 + 4);
4714        *p++ = xdr_one; /* cr_consecutive */
4715        *p++ = cpu_to_be32(copy->cp_synchronous);
4716        return 0;
4717}
4718
4719static __be32
4720nfsd4_encode_offload_status(struct nfsd4_compoundres *resp, __be32 nfserr,
4721                            struct nfsd4_offload_status *os)
4722{
4723        struct xdr_stream *xdr = resp->xdr;
4724        __be32 *p;
4725
4726        p = xdr_reserve_space(xdr, 8 + 4);
4727        if (!p)
4728                return nfserr_resource;
4729        p = xdr_encode_hyper(p, os->count);
4730        *p++ = cpu_to_be32(0);
4731        return nfserr;
4732}
4733
4734static __be32
4735nfsd4_encode_read_plus_data(struct nfsd4_compoundres *resp,
4736                            struct nfsd4_read *read,
4737                            unsigned long *maxcount, u32 *eof,
4738                            loff_t *pos)
4739{
4740        struct xdr_stream *xdr = resp->xdr;
4741        struct file *file = read->rd_nf->nf_file;
4742        int starting_len = xdr->buf->len;
4743        loff_t hole_pos;
4744        __be32 nfserr;
4745        __be32 *p, tmp;
4746        __be64 tmp64;
4747
4748        hole_pos = pos ? *pos : vfs_llseek(file, read->rd_offset, SEEK_HOLE);
4749        if (hole_pos > read->rd_offset)
4750                *maxcount = min_t(unsigned long, *maxcount, hole_pos - read->rd_offset);
4751        *maxcount = min_t(unsigned long, *maxcount, (xdr->buf->buflen - xdr->buf->len));
4752
4753        /* Content type, offset, byte count */
4754        p = xdr_reserve_space(xdr, 4 + 8 + 4);
4755        if (!p)
4756                return nfserr_resource;
4757
4758        read->rd_vlen = xdr_reserve_space_vec(xdr, resp->rqstp->rq_vec, *maxcount);
4759        if (read->rd_vlen < 0)
4760                return nfserr_resource;
4761
4762        nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset,
4763                            resp->rqstp->rq_vec, read->rd_vlen, maxcount, eof);
4764        if (nfserr)
4765                return nfserr;
4766        xdr_truncate_encode(xdr, starting_len + 16 + xdr_align_size(*maxcount));
4767
4768        tmp = htonl(NFS4_CONTENT_DATA);
4769        write_bytes_to_xdr_buf(xdr->buf, starting_len,      &tmp,   4);
4770        tmp64 = cpu_to_be64(read->rd_offset);
4771        write_bytes_to_xdr_buf(xdr->buf, starting_len + 4,  &tmp64, 8);
4772        tmp = htonl(*maxcount);
4773        write_bytes_to_xdr_buf(xdr->buf, starting_len + 12, &tmp,   4);
4774
4775        tmp = xdr_zero;
4776        write_bytes_to_xdr_buf(xdr->buf, starting_len + 16 + *maxcount, &tmp,
4777                               xdr_pad_size(*maxcount));
4778        return nfs_ok;
4779}
4780
4781static __be32
4782nfsd4_encode_read_plus_hole(struct nfsd4_compoundres *resp,
4783                            struct nfsd4_read *read,
4784                            unsigned long *maxcount, u32 *eof)
4785{
4786        struct file *file = read->rd_nf->nf_file;
4787        loff_t data_pos = vfs_llseek(file, read->rd_offset, SEEK_DATA);
4788        loff_t f_size = i_size_read(file_inode(file));
4789        unsigned long count;
4790        __be32 *p;
4791
4792        if (data_pos == -ENXIO)
4793                data_pos = f_size;
4794        else if (data_pos <= read->rd_offset || (data_pos < f_size && data_pos % PAGE_SIZE))
4795                return nfsd4_encode_read_plus_data(resp, read, maxcount, eof, &f_size);
4796        count = data_pos - read->rd_offset;
4797
4798        /* Content type, offset, byte count */
4799        p = xdr_reserve_space(resp->xdr, 4 + 8 + 8);
4800        if (!p)
4801                return nfserr_resource;
4802
4803        *p++ = htonl(NFS4_CONTENT_HOLE);
4804        p = xdr_encode_hyper(p, read->rd_offset);
4805        p = xdr_encode_hyper(p, count);
4806
4807        *eof = (read->rd_offset + count) >= f_size;
4808        *maxcount = min_t(unsigned long, count, *maxcount);
4809        return nfs_ok;
4810}
4811
4812static __be32
4813nfsd4_encode_read_plus(struct nfsd4_compoundres *resp, __be32 nfserr,
4814                       struct nfsd4_read *read)
4815{
4816        unsigned long maxcount, count;
4817        struct xdr_stream *xdr = resp->xdr;
4818        struct file *file;
4819        int starting_len = xdr->buf->len;
4820        int last_segment = xdr->buf->len;
4821        int segments = 0;
4822        __be32 *p, tmp;
4823        bool is_data;
4824        loff_t pos;
4825        u32 eof;
4826
4827        if (nfserr)
4828                return nfserr;
4829        file = read->rd_nf->nf_file;
4830
4831        /* eof flag, segment count */
4832        p = xdr_reserve_space(xdr, 4 + 4);
4833        if (!p)
4834                return nfserr_resource;
4835        xdr_commit_encode(xdr);
4836
4837        maxcount = min_t(unsigned long, read->rd_length,
4838                         (xdr->buf->buflen - xdr->buf->len));
4839        count    = maxcount;
4840
4841        eof = read->rd_offset >= i_size_read(file_inode(file));
4842        if (eof)
4843                goto out;
4844
4845        pos = vfs_llseek(file, read->rd_offset, SEEK_HOLE);
4846        is_data = pos > read->rd_offset;
4847
4848        while (count > 0 && !eof) {
4849                maxcount = count;
4850                if (is_data)
4851                        nfserr = nfsd4_encode_read_plus_data(resp, read, &maxcount, &eof,
4852                                                segments == 0 ? &pos : NULL);
4853                else
4854                        nfserr = nfsd4_encode_read_plus_hole(resp, read, &maxcount, &eof);
4855                if (nfserr)
4856                        goto out;
4857                count -= maxcount;
4858                read->rd_offset += maxcount;
4859                is_data = !is_data;
4860                last_segment = xdr->buf->len;
4861                segments++;
4862        }
4863
4864out:
4865        if (nfserr && segments == 0)
4866                xdr_truncate_encode(xdr, starting_len);
4867        else {
4868                if (nfserr) {
4869                        xdr_truncate_encode(xdr, last_segment);
4870                        nfserr = nfs_ok;
4871                        eof = 0;
4872                }
4873                tmp = htonl(eof);
4874                write_bytes_to_xdr_buf(xdr->buf, starting_len,     &tmp, 4);
4875                tmp = htonl(segments);
4876                write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4);
4877        }
4878
4879        return nfserr;
4880}
4881
4882static __be32
4883nfsd4_encode_copy_notify(struct nfsd4_compoundres *resp, __be32 nfserr,
4884                         struct nfsd4_copy_notify *cn)
4885{
4886        struct xdr_stream *xdr = resp->xdr;
4887        __be32 *p;
4888
4889        if (nfserr)
4890                return nfserr;
4891
4892        /* 8 sec, 4 nsec */
4893        p = xdr_reserve_space(xdr, 12);
4894        if (!p)
4895                return nfserr_resource;
4896
4897        /* cnr_lease_time */
4898        p = xdr_encode_hyper(p, cn->cpn_sec);
4899        *p++ = cpu_to_be32(cn->cpn_nsec);
4900
4901        /* cnr_stateid */
4902        nfserr = nfsd4_encode_stateid(xdr, &cn->cpn_cnr_stateid);
4903        if (nfserr)
4904                return nfserr;
4905
4906        /* cnr_src.nl_nsvr */
4907        p = xdr_reserve_space(xdr, 4);
4908        if (!p)
4909                return nfserr_resource;
4910
4911        *p++ = cpu_to_be32(1);
4912
4913        return nfsd42_encode_nl4_server(resp, &cn->cpn_src);
4914}
4915
4916static __be32
4917nfsd4_encode_seek(struct nfsd4_compoundres *resp, __be32 nfserr,
4918                  struct nfsd4_seek *seek)
4919{
4920        __be32 *p;
4921
4922        p = xdr_reserve_space(resp->xdr, 4 + 8);
4923        *p++ = cpu_to_be32(seek->seek_eof);
4924        p = xdr_encode_hyper(p, seek->seek_pos);
4925
4926        return 0;
4927}
4928
4929static __be32
4930nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr, void *p)
4931{
4932        return nfserr;
4933}
4934
4935/*
4936 * Encode kmalloc-ed buffer in to XDR stream.
4937 */
4938static __be32
4939nfsd4_vbuf_to_stream(struct xdr_stream *xdr, char *buf, u32 buflen)
4940{
4941        u32 cplen;
4942        __be32 *p;
4943
4944        cplen = min_t(unsigned long, buflen,
4945                      ((void *)xdr->end - (void *)xdr->p));
4946        p = xdr_reserve_space(xdr, cplen);
4947        if (!p)
4948                return nfserr_resource;
4949
4950        memcpy(p, buf, cplen);
4951        buf += cplen;
4952        buflen -= cplen;
4953
4954        while (buflen) {
4955                cplen = min_t(u32, buflen, PAGE_SIZE);
4956                p = xdr_reserve_space(xdr, cplen);
4957                if (!p)
4958                        return nfserr_resource;
4959
4960                memcpy(p, buf, cplen);
4961
4962                if (cplen < PAGE_SIZE) {
4963                        /*
4964                         * We're done, with a length that wasn't page
4965                         * aligned, so possibly not word aligned. Pad
4966                         * any trailing bytes with 0.
4967                         */
4968                        xdr_encode_opaque_fixed(p, NULL, cplen);
4969                        break;
4970                }
4971
4972                buflen -= PAGE_SIZE;
4973                buf += PAGE_SIZE;
4974        }
4975
4976        return 0;
4977}
4978
4979static __be32
4980nfsd4_encode_getxattr(struct nfsd4_compoundres *resp, __be32 nfserr,
4981                      struct nfsd4_getxattr *getxattr)
4982{
4983        struct xdr_stream *xdr = resp->xdr;
4984        __be32 *p, err;
4985
4986        p = xdr_reserve_space(xdr, 4);
4987        if (!p)
4988                return nfserr_resource;
4989
4990        *p = cpu_to_be32(getxattr->getxa_len);
4991
4992        if (getxattr->getxa_len == 0)
4993                return 0;
4994
4995        err = nfsd4_vbuf_to_stream(xdr, getxattr->getxa_buf,
4996                                    getxattr->getxa_len);
4997
4998        kvfree(getxattr->getxa_buf);
4999
5000        return err;

5001}
5002
5003static __be32
5004nfsd4_encode_setxattr(struct nfsd4_compoundres *resp, __be32 nfserr,
5005                      struct nfsd4_setxattr *setxattr)
5006{
5007        struct xdr_stream *xdr = resp->xdr;
5008        __be32 *p;
5009
5010        p = xdr_reserve_space(xdr, 20);
5011        if (!p)
5012                return nfserr_resource;
5013
5014        encode_cinfo(p, &setxattr->setxa_cinfo);
5015
5016        return 0;
5017}
5018
5019/*
5020 * See if there are cookie values that can be rejected outright.
5021 */
5022static __be32
5023nfsd4_listxattr_validate_cookie(struct nfsd4_listxattrs *listxattrs,
5024                                u32 *offsetp)
5025{
5026        u64 cookie = listxattrs->lsxa_cookie;
5027
5028        /*
5029         * If the cookie is larger than the maximum number we can fit
5030         * in either the buffer we just got back from vfs_listxattr, or,
5031         * XDR-encoded, in the return buffer, it's invalid.
5032         */
5033        if (cookie > (listxattrs->lsxa_len) / (XATTR_USER_PREFIX_LEN + 2))
5034                return nfserr_badcookie;
5035
5036        if (cookie > (listxattrs->lsxa_maxcount /
5037                      (XDR_QUADLEN(XATTR_USER_PREFIX_LEN + 2) + 4)))
5038                return nfserr_badcookie;
5039
5040        *offsetp = (u32)cookie;
5041        return 0;
5042}
5043
5044static __be32
5045nfsd4_encode_listxattrs(struct nfsd4_compoundres *resp, __be32 nfserr,
5046                        struct nfsd4_listxattrs *listxattrs)
5047{
5048        struct xdr_stream *xdr = resp->xdr;
5049        u32 cookie_offset, count_offset, eof;
5050        u32 left, xdrleft, slen, count;
5051        u32 xdrlen, offset;
5052        u64 cookie;
5053        char *sp;
5054        __be32 status, tmp;
5055        __be32 *p;
5056        u32 nuser;
5057
5058        eof = 1;
5059
5060        status = nfsd4_listxattr_validate_cookie(listxattrs, &offset);
5061        if (status)
5062                goto out;
5063
5064        /*
5065         * Reserve space for the cookie and the name array count. Record
5066         * the offsets to save them later.
5067         */
5068        cookie_offset = xdr->buf->len;
5069        count_offset = cookie_offset + 8;
5070        p = xdr_reserve_space(xdr, 12);
5071        if (!p) {
5072                status = nfserr_resource;
5073                goto out;
5074        }
5075
5076        count = 0;
5077        left = listxattrs->lsxa_len;
5078        sp = listxattrs->lsxa_buf;
5079        nuser = 0;
5080
5081        xdrleft = listxattrs->lsxa_maxcount;
5082
5083        while (left > 0 && xdrleft > 0) {
5084                slen = strlen(sp);
5085
5086                /*
5087                 * Check if this is a "user." attribute, skip it if not.
5088                 */
5089                if (strncmp(sp, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
5090                        goto contloop;
5091
5092                slen -= XATTR_USER_PREFIX_LEN;
5093                xdrlen = 4 + ((slen + 3) & ~3);
5094                if (xdrlen > xdrleft) {
5095                        if (count == 0) {
5096                                /*
5097                                 * Can't even fit the first attribute name.
5098                                 */
5099                                status = nfserr_toosmall;
5100                                goto out;
5101                        }
5102                        eof = 0;
5103                        goto wreof;
5104                }
5105
5106                left -= XATTR_USER_PREFIX_LEN;
5107                sp += XATTR_USER_PREFIX_LEN;
5108                if (nuser++ < offset)
5109                        goto contloop;
5110
5111
5112                p = xdr_reserve_space(xdr, xdrlen);
5113                if (!p) {
5114                        status = nfserr_resource;
5115                        goto out;
5116                }
5117
5118                xdr_encode_opaque(p, sp, slen);
5119
5120                xdrleft -= xdrlen;
5121                count++;
5122contloop:
5123                sp += slen + 1;
5124                left -= slen + 1;
5125        }
5126
5127        /*
5128         * If there were user attributes to copy, but we didn't copy
5129         * any, the offset was too large (e.g. the cookie was invalid).
5130         */
5131        if (nuser > 0 && count == 0) {
5132                status = nfserr_badcookie;
5133                goto out;
5134        }
5135
5136wreof:
5137        p = xdr_reserve_space(xdr, 4);
5138        if (!p) {
5139                status = nfserr_resource;
5140                goto out;
5141        }
5142        *p = cpu_to_be32(eof);
5143
5144        cookie = offset + count;
5145
5146        write_bytes_to_xdr_buf(xdr->buf, cookie_offset, &cookie, 8);
5147        tmp = cpu_to_be32(count);
5148        write_bytes_to_xdr_buf(xdr->buf, count_offset, &tmp, 4);
5149out:
5150        if (listxattrs->lsxa_len)
5151                kvfree(listxattrs->lsxa_buf);
5152        return status;
5153}
5154
5155static __be32
5156nfsd4_encode_removexattr(struct nfsd4_compoundres *resp, __be32 nfserr,
5157                         struct nfsd4_removexattr *removexattr)
5158{
5159        struct xdr_stream *xdr = resp->xdr;
5160        __be32 *p;
5161
5162        p = xdr_reserve_space(xdr, 20);
5163        if (!p)
5164                return nfserr_resource;
5165
5166        p = encode_cinfo(p, &removexattr->rmxa_cinfo);
5167        return 0;
5168}
5169
5170typedef __be32(* nfsd4_enc)(struct nfsd4_compoundres *, __be32, void *);
5171
5172/*
5173 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1
5174 * since we don't need to filter out obsolete ops as this is
5175 * done in the decoding phase.
5176 */
5177static const nfsd4_enc nfsd4_enc_ops[] = {
5178        [OP_ACCESS]             = (nfsd4_enc)nfsd4_encode_access,
5179        [OP_CLOSE]              = (nfsd4_enc)nfsd4_encode_close,
5180        [OP_COMMIT]             = (nfsd4_enc)nfsd4_encode_commit,
5181        [OP_CREATE]             = (nfsd4_enc)nfsd4_encode_create,
5182        [OP_DELEGPURGE]         = (nfsd4_enc)nfsd4_encode_noop,
5183        [OP_DELEGRETURN]        = (nfsd4_enc)nfsd4_encode_noop,
5184        [OP_GETATTR]            = (nfsd4_enc)nfsd4_encode_getattr,
5185        [OP_GETFH]              = (nfsd4_enc)nfsd4_encode_getfh,
5186        [OP_LINK]               = (nfsd4_enc)nfsd4_encode_link,
5187        [OP_LOCK]               = (nfsd4_enc)nfsd4_encode_lock,
5188        [OP_LOCKT]              = (nfsd4_enc)nfsd4_encode_lockt,
5189        [OP_LOCKU]              = (nfsd4_enc)nfsd4_encode_locku,
5190        [OP_LOOKUP]             = (nfsd4_enc)nfsd4_encode_noop,
5191        [OP_LOOKUPP]            = (nfsd4_enc)nfsd4_encode_noop,
5192        [OP_NVERIFY]            = (nfsd4_enc)nfsd4_encode_noop,
5193        [OP_OPEN]               = (nfsd4_enc)nfsd4_encode_open,
5194        [OP_OPENATTR]           = (nfsd4_enc)nfsd4_encode_noop,
5195        [OP_OPEN_CONFIRM]       = (nfsd4_enc)nfsd4_encode_open_confirm,
5196        [OP_OPEN_DOWNGRADE]     = (nfsd4_enc)nfsd4_encode_open_downgrade,
5197        [OP_PUTFH]              = (nfsd4_enc)nfsd4_encode_noop,
5198        [OP_PUTPUBFH]           = (nfsd4_enc)nfsd4_encode_noop,
5199        [OP_PUTROOTFH]          = (nfsd4_enc)nfsd4_encode_noop,
5200        [OP_READ]               = (nfsd4_enc)nfsd4_encode_read,
5201        [OP_READDIR]            = (nfsd4_enc)nfsd4_encode_readdir,
5202        [OP_READLINK]           = (nfsd4_enc)nfsd4_encode_readlink,
5203        [OP_REMOVE]             = (nfsd4_enc)nfsd4_encode_remove,
5204        [OP_RENAME]             = (nfsd4_enc)nfsd4_encode_rename,
5205        [OP_RENEW]              = (nfsd4_enc)nfsd4_encode_noop,
5206        [OP_RESTOREFH]          = (nfsd4_enc)nfsd4_encode_noop,
5207        [OP_SAVEFH]             = (nfsd4_enc)nfsd4_encode_noop,
5208        [OP_SECINFO]            = (nfsd4_enc)nfsd4_encode_secinfo,
5209        [OP_SETATTR]            = (nfsd4_enc)nfsd4_encode_setattr,
5210        [OP_SETCLIENTID]        = (nfsd4_enc)nfsd4_encode_setclientid,
5211        [OP_SETCLIENTID_CONFIRM] = (nfsd4_enc)nfsd4_encode_noop,
5212        [OP_VERIFY]             = (nfsd4_enc)nfsd4_encode_noop,
5213        [OP_WRITE]              = (nfsd4_enc)nfsd4_encode_write,
5214        [OP_RELEASE_LOCKOWNER]  = (nfsd4_enc)nfsd4_encode_noop,
5215
5216        /* NFSv4.1 operations */
5217        [OP_BACKCHANNEL_CTL]    = (nfsd4_enc)nfsd4_encode_noop,
5218        [OP_BIND_CONN_TO_SESSION] = (nfsd4_enc)nfsd4_encode_bind_conn_to_session,
5219        [OP_EXCHANGE_ID]        = (nfsd4_enc)nfsd4_encode_exchange_id,
5220        [OP_CREATE_SESSION]     = (nfsd4_enc)nfsd4_encode_create_session,
5221        [OP_DESTROY_SESSION]    = (nfsd4_enc)nfsd4_encode_noop,
5222        [OP_FREE_STATEID]       = (nfsd4_enc)nfsd4_encode_noop,
5223        [OP_GET_DIR_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop,
5224#ifdef CONFIG_NFSD_PNFS
5225        [OP_GETDEVICEINFO]      = (nfsd4_enc)nfsd4_encode_getdeviceinfo,
5226        [OP_GETDEVICELIST]      = (nfsd4_enc)nfsd4_encode_noop,
5227        [OP_LAYOUTCOMMIT]       = (nfsd4_enc)nfsd4_encode_layoutcommit,
5228        [OP_LAYOUTGET]          = (nfsd4_enc)nfsd4_encode_layoutget,
5229        [OP_LAYOUTRETURN]       = (nfsd4_enc)nfsd4_encode_layoutreturn,
5230#else
5231        [OP_GETDEVICEINFO]      = (nfsd4_enc)nfsd4_encode_noop,
5232        [OP_GETDEVICELIST]      = (nfsd4_enc)nfsd4_encode_noop,
5233        [OP_LAYOUTCOMMIT]       = (nfsd4_enc)nfsd4_encode_noop,
5234        [OP_LAYOUTGET]          = (nfsd4_enc)nfsd4_encode_noop,
5235        [OP_LAYOUTRETURN]       = (nfsd4_enc)nfsd4_encode_noop,
5236#endif
5237        [OP_SECINFO_NO_NAME]    = (nfsd4_enc)nfsd4_encode_secinfo_no_name,
5238        [OP_SEQUENCE]           = (nfsd4_enc)nfsd4_encode_sequence,
5239        [OP_SET_SSV]            = (nfsd4_enc)nfsd4_encode_noop,
5240        [OP_TEST_STATEID]       = (nfsd4_enc)nfsd4_encode_test_stateid,
5241        [OP_WANT_DELEGATION]    = (nfsd4_enc)nfsd4_encode_noop,
5242        [OP_DESTROY_CLIENTID]   = (nfsd4_enc)nfsd4_encode_noop,
5243        [OP_RECLAIM_COMPLETE]   = (nfsd4_enc)nfsd4_encode_noop,
5244
5245        /* NFSv4.2 operations */
5246        [OP_ALLOCATE]           = (nfsd4_enc)nfsd4_encode_noop,
5247        [OP_COPY]               = (nfsd4_enc)nfsd4_encode_copy,
5248        [OP_COPY_NOTIFY]        = (nfsd4_enc)nfsd4_encode_copy_notify,
5249        [OP_DEALLOCATE]         = (nfsd4_enc)nfsd4_encode_noop,
5250        [OP_IO_ADVISE]          = (nfsd4_enc)nfsd4_encode_noop,
5251        [OP_LAYOUTERROR]        = (nfsd4_enc)nfsd4_encode_noop,
5252        [OP_LAYOUTSTATS]        = (nfsd4_enc)nfsd4_encode_noop,
5253        [OP_OFFLOAD_CANCEL]     = (nfsd4_enc)nfsd4_encode_noop,
5254        [OP_OFFLOAD_STATUS]     = (nfsd4_enc)nfsd4_encode_offload_status,
5255        [OP_READ_PLUS]          = (nfsd4_enc)nfsd4_encode_read_plus,
5256        [OP_SEEK]               = (nfsd4_enc)nfsd4_encode_seek,
5257        [OP_WRITE_SAME]         = (nfsd4_enc)nfsd4_encode_noop,
5258        [OP_CLONE]              = (nfsd4_enc)nfsd4_encode_noop,
5259
5260        /* RFC 8276 extended atributes operations */
5261        [OP_GETXATTR]           = (nfsd4_enc)nfsd4_encode_getxattr,
5262        [OP_SETXATTR]           = (nfsd4_enc)nfsd4_encode_setxattr,
5263        [OP_LISTXATTRS]         = (nfsd4_enc)nfsd4_encode_listxattrs,
5264        [OP_REMOVEXATTR]        = (nfsd4_enc)nfsd4_encode_removexattr,
5265};
5266
5267/*
5268 * Calculate whether we still have space to encode repsize bytes.
5269 * There are two considerations:
5270 *     - For NFS versions >=4.1, the size of the reply must stay within
5271 *       session limits
5272 *     - For all NFS versions, we must stay within limited preallocated
5273 *       buffer space.
5274 *
5275 * This is called before the operation is processed, so can only provide
5276 * an upper estimate.  For some nonidempotent operations (such as
5277 * getattr), it's not necessarily a problem if that estimate is wrong,
5278 * as we can fail it after processing without significant side effects.
5279 */
5280__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 respsize)
5281{
5282        struct xdr_buf *buf = &resp->rqstp->rq_res;
5283        struct nfsd4_slot *slot = resp->cstate.slot;
5284
5285        if (buf->len + respsize <= buf->buflen)
5286                return nfs_ok;
5287        if (!nfsd4_has_session(&resp->cstate))
5288                return nfserr_resource;
5289        if (slot->sl_flags & NFSD4_SLOT_CACHETHIS) {
5290                WARN_ON_ONCE(1);
5291                return nfserr_rep_too_big_to_cache;
5292        }
5293        return nfserr_rep_too_big;
5294}
5295
5296void
5297nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op)
5298{
5299        struct xdr_stream *xdr = resp->xdr;
5300        struct nfs4_stateowner *so = resp->cstate.replay_owner;
5301        struct svc_rqst *rqstp = resp->rqstp;
5302        const struct nfsd4_operation *opdesc = op->opdesc;
5303        int post_err_offset;
5304        nfsd4_enc encoder;
5305        __be32 *p;
5306
5307        p = xdr_reserve_space(xdr, 8);
5308        if (!p) {
5309                WARN_ON_ONCE(1);
5310                return;
5311        }
5312        *p++ = cpu_to_be32(op->opnum);
5313        post_err_offset = xdr->buf->len;
5314
5315        if (op->opnum == OP_ILLEGAL)
5316                goto status;
5317        if (op->status && opdesc &&
5318                        !(opdesc->op_flags & OP_NONTRIVIAL_ERROR_ENCODE))
5319                goto status;
5320        BUG_ON(op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) ||
5321               !nfsd4_enc_ops[op->opnum]);
5322        encoder = nfsd4_enc_ops[op->opnum];
5323        op->status = encoder(resp, op->status, &op->u);
5324        if (op->status)
5325                trace_nfsd_compound_encode_err(rqstp, op->opnum, op->status);
5326        if (opdesc && opdesc->op_release)
5327                opdesc->op_release(&op->u);
5328        xdr_commit_encode(xdr);
5329
5330        /* nfsd4_check_resp_size guarantees enough room for error status */
5331        if (!op->status) {
5332                int space_needed = 0;
5333                if (!nfsd4_last_compound_op(rqstp))
5334                        space_needed = COMPOUND_ERR_SLACK_SPACE;
5335                op->status = nfsd4_check_resp_size(resp, space_needed);
5336        }
5337        if (op->status == nfserr_resource && nfsd4_has_session(&resp->cstate)) {
5338                struct nfsd4_slot *slot = resp->cstate.slot;
5339
5340                if (slot->sl_flags & NFSD4_SLOT_CACHETHIS)
5341                        op->status = nfserr_rep_too_big_to_cache;
5342                else
5343                        op->status = nfserr_rep_too_big;
5344        }
5345        if (op->status == nfserr_resource ||
5346            op->status == nfserr_rep_too_big ||
5347            op->status == nfserr_rep_too_big_to_cache) {
5348                /*
5349                 * The operation may have already been encoded or
5350                 * partially encoded.  No op returns anything additional
5351                 * in the case of one of these three errors, so we can
5352                 * just truncate back to after the status.  But it's a
5353                 * bug if we had to do this on a non-idempotent op:
5354                 */
5355                warn_on_nonidempotent_op(op);
5356                xdr_truncate_encode(xdr, post_err_offset);
5357        }
5358        if (so) {
5359                int len = xdr->buf->len - post_err_offset;
5360
5361                so->so_replay.rp_status = op->status;
5362                so->so_replay.rp_buflen = len;
5363                read_bytes_from_xdr_buf(xdr->buf, post_err_offset,
5364                                                so->so_replay.rp_buf, len);
5365        }
5366status:
5367        /* Note that op->status is already in network byte order: */
5368        write_bytes_to_xdr_buf(xdr->buf, post_err_offset - 4, &op->status, 4);
5369}
5370
5371/* 
5372 * Encode the reply stored in the stateowner reply cache 
5373 * 
5374 * XDR note: do not encode rp->rp_buflen: the buffer contains the
5375 * previously sent already encoded operation.
5376 */
5377void
5378nfsd4_encode_replay(struct xdr_stream *xdr, struct nfsd4_op *op)
5379{
5380        __be32 *p;
5381        struct nfs4_replay *rp = op->replay;
5382
5383        p = xdr_reserve_space(xdr, 8 + rp->rp_buflen);
5384        if (!p) {
5385                WARN_ON_ONCE(1);
5386                return;
5387        }
5388        *p++ = cpu_to_be32(op->opnum);
5389        *p++ = rp->rp_status;  /* already xdr'ed */
5390
5391        p = xdr_encode_opaque_fixed(p, rp->rp_buf, rp->rp_buflen);
5392}
5393
5394void nfsd4_release_compoundargs(struct svc_rqst *rqstp)
5395{
5396        struct nfsd4_compoundargs *args = rqstp->rq_argp;
5397
5398        if (args->ops != args->iops) {
5399                kfree(args->ops);
5400                args->ops = args->iops;
5401        }
5402        while (args->to_free) {
5403                struct svcxdr_tmpbuf *tb = args->to_free;
5404                args->to_free = tb->next;
5405                kfree(tb);
5406        }
5407}
5408
5409bool
5410nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
5411{
5412        struct nfsd4_compoundargs *args = rqstp->rq_argp;
5413
5414        /* svcxdr_tmp_alloc */
5415        args->to_free = NULL;
5416
5417        args->xdr = xdr;
5418        args->ops = args->iops;
5419        args->rqstp = rqstp;
5420
5421        return nfsd4_decode_compound(args);
5422}
5423
5424bool
5425nfs4svc_encode_compoundres(struct svc_rqst *rqstp, struct xdr_stream *xdr)
5426{
5427        struct nfsd4_compoundres *resp = rqstp->rq_resp;
5428        struct xdr_buf *buf = xdr->buf;
5429        __be32 *p;
5430
5431        WARN_ON_ONCE(buf->len != buf->head[0].iov_len + buf->page_len +
5432                                 buf->tail[0].iov_len);
5433
5434        /*
5435         * Send buffer space for the following items is reserved
5436         * at the top of nfsd4_proc_compound().
5437         */
5438        p = resp->statusp;
5439
5440        *p++ = resp->cstate.status;
5441
5442        rqstp->rq_next_page = xdr->page_ptr + 1;
5443
5444        *p++ = htonl(resp->taglen);
5445        memcpy(p, resp->tag, resp->taglen);
5446        p += XDR_QUADLEN(resp->taglen);
5447        *p++ = htonl(resp->opcnt);
5448
5449        nfsd4_sequence_done(resp);
5450        return true;
5451}
5452
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.