LXR linux/fs/nfsd/nfs4xdr.c

   1/*
   2 *  Server-side XDR for NFSv4
   3 *
   4 *  Copyright (c) 2002 The Regents of the University of Michigan.
   5 *  All rights reserved.
   6 *
   7 *  Kendrick Smith <kmsmith@umich.edu>
   8 *  Andy Adamson   <andros@umich.edu>
   9 *
  10 *  Redistribution and use in source and binary forms, with or without
  11 *  modification, are permitted provided that the following conditions
  12 *  are met:
  13 *
  14 *  1. Redistributions of source code must retain the above copyright
  15 *     notice, this list of conditions and the following disclaimer.
  16 *  2. Redistributions in binary form must reproduce the above copyright
  17 *     notice, this list of conditions and the following disclaimer in the
  18 *     documentation and/or other materials provided with the distribution.
  19 *  3. Neither the name of the University nor the names of its
  20 *     contributors may be used to endorse or promote products derived
  21 *     from this software without specific prior written permission.
  22 *
  23 *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  24 *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  25 *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  26 *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  27 *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  28 *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  29 *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  30 *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  31 *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  32 *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  33 *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  34 */
  35
  36#include <linux/file.h>
  37#include <linux/slab.h>
  38#include <linux/namei.h>
  39#include <linux/statfs.h>
  40#include <linux/utsname.h>
  41#include <linux/pagemap.h>
  42#include <linux/sunrpc/svcauth_gss.h>
  43
  44#include "idmap.h"
  45#include "acl.h"
  46#include "xdr4.h"
  47#include "vfs.h"
  48#include "state.h"
  49#include "cache.h"
  50#include "netns.h"
  51#include "pnfs.h"
  52
  53#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
  54#include <linux/security.h>
  55#endif
  56
  57
  58#define NFSDDBG_FACILITY                NFSDDBG_XDR
  59
  60const u32 nfsd_suppattrs[3][3] = {
  61        {NFSD4_SUPPORTED_ATTRS_WORD0,
  62         NFSD4_SUPPORTED_ATTRS_WORD1,
  63         NFSD4_SUPPORTED_ATTRS_WORD2},
  64
  65        {NFSD4_1_SUPPORTED_ATTRS_WORD0,
  66         NFSD4_1_SUPPORTED_ATTRS_WORD1,
  67         NFSD4_1_SUPPORTED_ATTRS_WORD2},
  68
  69        {NFSD4_1_SUPPORTED_ATTRS_WORD0,
  70         NFSD4_1_SUPPORTED_ATTRS_WORD1,
  71         NFSD4_2_SUPPORTED_ATTRS_WORD2},
  72};
  73
  74/*
  75 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing
  76 * directory in order to indicate to the client that a filesystem boundary is present
  77 * We use a fixed fsid for a referral
  78 */
  79#define NFS4_REFERRAL_FSID_MAJOR        0x8000000ULL
  80#define NFS4_REFERRAL_FSID_MINOR        0x8000000ULL
  81
  82static __be32
  83check_filename(char *str, int len)
  84{
  85        int i;
  86
  87        if (len == 0)
  88                return nfserr_inval;
  89        if (isdotent(str, len))
  90                return nfserr_badname;
  91        for (i = 0; i < len; i++)
  92                if (str[i] == '/')
  93                        return nfserr_badname;
  94        return 0;
  95}
  96
  97#define DECODE_HEAD                             \
  98        __be32 *p;                              \
  99        __be32 status
 100#define DECODE_TAIL                             \
 101        status = 0;                             \
 102out:                                            \
 103        return status;                          \
 104xdr_error:                                      \
 105        dprintk("NFSD: xdr error (%s:%d)\n",    \
 106                        __FILE__, __LINE__);    \
 107        status = nfserr_bad_xdr;                \
 108        goto out
 109
 110#define READMEM(x,nbytes) do {                  \
 111        x = (char *)p;                          \
 112        p += XDR_QUADLEN(nbytes);               \
 113} while (0)
 114#define SAVEMEM(x,nbytes) do {                  \
 115        if (!(x = (p==argp->tmp || p == argp->tmpp) ? \
 116                savemem(argp, p, nbytes) :      \
 117                (char *)p)) {                   \
 118                dprintk("NFSD: xdr error (%s:%d)\n", \
 119                                __FILE__, __LINE__); \
 120                goto xdr_error;                 \
 121                }                               \
 122        p += XDR_QUADLEN(nbytes);               \
 123} while (0)
 124#define COPYMEM(x,nbytes) do {                  \
 125        memcpy((x), p, nbytes);                 \
 126        p += XDR_QUADLEN(nbytes);               \
 127} while (0)
 128
 129/* READ_BUF, read_buf(): nbytes must be <= PAGE_SIZE */
 130#define READ_BUF(nbytes)  do {                  \
 131        if (nbytes <= (u32)((char *)argp->end - (char *)argp->p)) {     \
 132                p = argp->p;                    \
 133                argp->p += XDR_QUADLEN(nbytes); \
 134        } else if (!(p = read_buf(argp, nbytes))) { \
 135                dprintk("NFSD: xdr error (%s:%d)\n", \
 136                                __FILE__, __LINE__); \
 137                goto xdr_error;                 \
 138        }                                       \
 139} while (0)
 140
 141static void next_decode_page(struct nfsd4_compoundargs *argp)
 142{
 143        argp->p = page_address(argp->pagelist[0]);
 144        argp->pagelist++;
 145        if (argp->pagelen < PAGE_SIZE) {
 146                argp->end = argp->p + XDR_QUADLEN(argp->pagelen);
 147                argp->pagelen = 0;
 148        } else {
 149                argp->end = argp->p + (PAGE_SIZE>>2);
 150                argp->pagelen -= PAGE_SIZE;
 151        }
 152}
 153
 154static __be32 *read_buf(struct nfsd4_compoundargs *argp, u32 nbytes)
 155{
 156        /* We want more bytes than seem to be available.
 157         * Maybe we need a new page, maybe we have just run out
 158         */
 159        unsigned int avail = (char *)argp->end - (char *)argp->p;
 160        __be32 *p;
 161
 162        if (argp->pagelen == 0) {
 163                struct kvec *vec = &argp->rqstp->rq_arg.tail[0];
 164
 165                if (!argp->tail) {
 166                        argp->tail = true;
 167                        avail = vec->iov_len;
 168                        argp->p = vec->iov_base;
 169                        argp->end = vec->iov_base + avail;
 170                }
 171
 172                if (avail < nbytes)
 173                        return NULL;
 174
 175                p = argp->p;
 176                argp->p += XDR_QUADLEN(nbytes);
 177                return p;
 178        }
 179
 180        if (avail + argp->pagelen < nbytes)
 181                return NULL;
 182        if (avail + PAGE_SIZE < nbytes) /* need more than a page !! */
 183                return NULL;
 184        /* ok, we can do it with the current plus the next page */
 185        if (nbytes <= sizeof(argp->tmp))
 186                p = argp->tmp;
 187        else {
 188                kfree(argp->tmpp);
 189                p = argp->tmpp = kmalloc(nbytes, GFP_KERNEL);
 190                if (!p)
 191                        return NULL;
 192                
 193        }
 194        /*
 195         * The following memcpy is safe because read_buf is always
 196         * called with nbytes > avail, and the two cases above both
 197         * guarantee p points to at least nbytes bytes.
 198         */
 199        memcpy(p, argp->p, avail);
 200        next_decode_page(argp);
 201        memcpy(((char*)p)+avail, argp->p, (nbytes - avail));
 202        argp->p += XDR_QUADLEN(nbytes - avail);
 203        return p;
 204}
 205
 206static int zero_clientid(clientid_t *clid)
 207{
 208        return (clid->cl_boot == 0) && (clid->cl_id == 0);
 209}
 210
 211/**
 212 * svcxdr_tmpalloc - allocate memory to be freed after compound processing
 213 * @argp: NFSv4 compound argument structure
 214 * @p: pointer to be freed (with kfree())
 215 *
 216 * Marks @p to be freed when processing the compound operation
 217 * described in @argp finishes.
 218 */
 219static void *
 220svcxdr_tmpalloc(struct nfsd4_compoundargs *argp, u32 len)
 221{
 222        struct svcxdr_tmpbuf *tb;
 223
 224        tb = kmalloc(sizeof(*tb) + len, GFP_KERNEL);
 225        if (!tb)
 226                return NULL;
 227        tb->next = argp->to_free;
 228        argp->to_free = tb;
 229        return tb->buf;
 230}
 231
 232/*
 233 * For xdr strings that need to be passed to other kernel api's
 234 * as null-terminated strings.
 235 *
 236 * Note null-terminating in place usually isn't safe since the
 237 * buffer might end on a page boundary.
 238 */
 239static char *
 240svcxdr_dupstr(struct nfsd4_compoundargs *argp, void *buf, u32 len)
 241{
 242        char *p = svcxdr_tmpalloc(argp, len + 1);
 243
 244        if (!p)
 245                return NULL;
 246        memcpy(p, buf, len);
 247        p[len] = '\0';
 248        return p;
 249}
 250
 251/**
 252 * savemem - duplicate a chunk of memory for later processing
 253 * @argp: NFSv4 compound argument structure to be freed with
 254 * @p: pointer to be duplicated
 255 * @nbytes: length to be duplicated
 256 *
 257 * Returns a pointer to a copy of @nbytes bytes of memory at @p
 258 * that are preserved until processing of the NFSv4 compound
 259 * operation described by @argp finishes.
 260 */
 261static char *savemem(struct nfsd4_compoundargs *argp, __be32 *p, int nbytes)
 262{
 263        void *ret;
 264
 265        ret = svcxdr_tmpalloc(argp, nbytes);
 266        if (!ret)
 267                return NULL;
 268        memcpy(ret, p, nbytes);
 269        return ret;
 270}
 271
 272static __be32
 273nfsd4_decode_time(struct nfsd4_compoundargs *argp, struct timespec64 *tv)
 274{
 275        DECODE_HEAD;
 276
 277        READ_BUF(12);
 278        p = xdr_decode_hyper(p, &tv->tv_sec);
 279        tv->tv_nsec = be32_to_cpup(p++);
 280        if (tv->tv_nsec >= (u32)1000000000)
 281                return nfserr_inval;
 282
 283        DECODE_TAIL;
 284}
 285
 286static __be32
 287nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval)
 288{
 289        u32 bmlen;
 290        DECODE_HEAD;
 291
 292        bmval[0] = 0;
 293        bmval[1] = 0;
 294        bmval[2] = 0;
 295
 296        READ_BUF(4);
 297        bmlen = be32_to_cpup(p++);
 298        if (bmlen > 1000)
 299                goto xdr_error;
 300
 301        READ_BUF(bmlen << 2);
 302        if (bmlen > 0)
 303                bmval[0] = be32_to_cpup(p++);
 304        if (bmlen > 1)
 305                bmval[1] = be32_to_cpup(p++);
 306        if (bmlen > 2)
 307                bmval[2] = be32_to_cpup(p++);
 308
 309        DECODE_TAIL;
 310}
 311
 312static __be32
 313nfsd4_decode_fattr(struct nfsd4_compoundargs *argp, u32 *bmval,
 314                   struct iattr *iattr, struct nfs4_acl **acl,
 315                   struct xdr_netobj *label, int *umask)
 316{
 317        int expected_len, len = 0;
 318        u32 dummy32;
 319        char *buf;
 320
 321        DECODE_HEAD;
 322        iattr->ia_valid = 0;
 323        if ((status = nfsd4_decode_bitmap(argp, bmval)))
 324                return status;
 325
 326        if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0
 327            || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1
 328            || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) {
 329                if (nfsd_attrs_supported(argp->minorversion, bmval))
 330                        return nfserr_inval;
 331                return nfserr_attrnotsupp;
 332        }
 333
 334        READ_BUF(4);
 335        expected_len = be32_to_cpup(p++);
 336
 337        if (bmval[0] & FATTR4_WORD0_SIZE) {
 338                READ_BUF(8);
 339                len += 8;
 340                p = xdr_decode_hyper(p, &iattr->ia_size);
 341                iattr->ia_valid |= ATTR_SIZE;
 342        }
 343        if (bmval[0] & FATTR4_WORD0_ACL) {
 344                u32 nace;
 345                struct nfs4_ace *ace;
 346
 347                READ_BUF(4); len += 4;
 348                nace = be32_to_cpup(p++);
 349
 350                if (nace > NFS4_ACL_MAX)
 351                        return nfserr_fbig;
 352
 353                *acl = svcxdr_tmpalloc(argp, nfs4_acl_bytes(nace));
 354                if (*acl == NULL)
 355                        return nfserr_jukebox;
 356
 357                (*acl)->naces = nace;
 358                for (ace = (*acl)->aces; ace < (*acl)->aces + nace; ace++) {
 359                        READ_BUF(16); len += 16;
 360                        ace->type = be32_to_cpup(p++);
 361                        ace->flag = be32_to_cpup(p++);
 362                        ace->access_mask = be32_to_cpup(p++);
 363                        dummy32 = be32_to_cpup(p++);
 364                        READ_BUF(dummy32);
 365                        len += XDR_QUADLEN(dummy32) << 2;
 366                        READMEM(buf, dummy32);
 367                        ace->whotype = nfs4_acl_get_whotype(buf, dummy32);
 368                        status = nfs_ok;
 369                        if (ace->whotype != NFS4_ACL_WHO_NAMED)
 370                                ;
 371                        else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
 372                                status = nfsd_map_name_to_gid(argp->rqstp,
 373                                                buf, dummy32, &ace->who_gid);
 374                        else
 375                                status = nfsd_map_name_to_uid(argp->rqstp,
 376                                                buf, dummy32, &ace->who_uid);
 377                        if (status)
 378                                return status;
 379                }
 380        } else
 381                *acl = NULL;
 382        if (bmval[1] & FATTR4_WORD1_MODE) {
 383                READ_BUF(4);
 384                len += 4;
 385                iattr->ia_mode = be32_to_cpup(p++);
 386                iattr->ia_mode &= (S_IFMT | S_IALLUGO);
 387                iattr->ia_valid |= ATTR_MODE;
 388        }
 389        if (bmval[1] & FATTR4_WORD1_OWNER) {
 390                READ_BUF(4);
 391                len += 4;
 392                dummy32 = be32_to_cpup(p++);
 393                READ_BUF(dummy32);
 394                len += (XDR_QUADLEN(dummy32) << 2);
 395                READMEM(buf, dummy32);
 396                if ((status = nfsd_map_name_to_uid(argp->rqstp, buf, dummy32, &iattr->ia_uid)))
 397                        return status;
 398                iattr->ia_valid |= ATTR_UID;
 399        }
 400        if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) {
 401                READ_BUF(4);
 402                len += 4;
 403                dummy32 = be32_to_cpup(p++);
 404                READ_BUF(dummy32);
 405                len += (XDR_QUADLEN(dummy32) << 2);
 406                READMEM(buf, dummy32);
 407                if ((status = nfsd_map_name_to_gid(argp->rqstp, buf, dummy32, &iattr->ia_gid)))
 408                        return status;
 409                iattr->ia_valid |= ATTR_GID;
 410        }
 411        if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) {
 412                READ_BUF(4);
 413                len += 4;
 414                dummy32 = be32_to_cpup(p++);
 415                switch (dummy32) {
 416                case NFS4_SET_TO_CLIENT_TIME:
 417                        len += 12;
 418                        status = nfsd4_decode_time(argp, &iattr->ia_atime);
 419                        if (status)
 420                                return status;
 421                        iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);
 422                        break;
 423                case NFS4_SET_TO_SERVER_TIME:
 424                        iattr->ia_valid |= ATTR_ATIME;
 425                        break;
 426                default:
 427                        goto xdr_error;
 428                }
 429        }
 430        if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) {
 431                READ_BUF(4);
 432                len += 4;
 433                dummy32 = be32_to_cpup(p++);
 434                switch (dummy32) {
 435                case NFS4_SET_TO_CLIENT_TIME:
 436                        len += 12;
 437                        status = nfsd4_decode_time(argp, &iattr->ia_mtime);
 438                        if (status)
 439                                return status;
 440                        iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET);
 441                        break;
 442                case NFS4_SET_TO_SERVER_TIME:
 443                        iattr->ia_valid |= ATTR_MTIME;
 444                        break;
 445                default:
 446                        goto xdr_error;
 447                }
 448        }
 449
 450        label->len = 0;
 451        if (IS_ENABLED(CONFIG_NFSD_V4_SECURITY_LABEL) &&
 452            bmval[2] & FATTR4_WORD2_SECURITY_LABEL) {
 453                READ_BUF(4);
 454                len += 4;
 455                dummy32 = be32_to_cpup(p++); /* lfs: we don't use it */
 456                READ_BUF(4);
 457                len += 4;
 458                dummy32 = be32_to_cpup(p++); /* pi: we don't use it either */
 459                READ_BUF(4);
 460                len += 4;
 461                dummy32 = be32_to_cpup(p++);
 462                READ_BUF(dummy32);
 463                if (dummy32 > NFS4_MAXLABELLEN)
 464                        return nfserr_badlabel;
 465                len += (XDR_QUADLEN(dummy32) << 2);
 466                READMEM(buf, dummy32);
 467                label->len = dummy32;
 468                label->data = svcxdr_dupstr(argp, buf, dummy32);
 469                if (!label->data)
 470                        return nfserr_jukebox;
 471        }
 472        if (bmval[2] & FATTR4_WORD2_MODE_UMASK) {
 473                if (!umask)
 474                        goto xdr_error;
 475                READ_BUF(8);
 476                len += 8;
 477                dummy32 = be32_to_cpup(p++);
 478                iattr->ia_mode = dummy32 & (S_IFMT | S_IALLUGO);
 479                dummy32 = be32_to_cpup(p++);
 480                *umask = dummy32 & S_IRWXUGO;
 481                iattr->ia_valid |= ATTR_MODE;
 482        }
 483        if (len != expected_len)
 484                goto xdr_error;
 485
 486        DECODE_TAIL;
 487}
 488
 489static __be32
 490nfsd4_decode_stateid(struct nfsd4_compoundargs *argp, stateid_t *sid)
 491{
 492        DECODE_HEAD;
 493
 494        READ_BUF(sizeof(stateid_t));
 495        sid->si_generation = be32_to_cpup(p++);
 496        COPYMEM(&sid->si_opaque, sizeof(stateid_opaque_t));
 497
 498        DECODE_TAIL;
 499}
 500
 501static __be32
 502nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access)
 503{
 504        DECODE_HEAD;
 505
 506        READ_BUF(4);
 507        access->ac_req_access = be32_to_cpup(p++);
 508
 509        DECODE_TAIL;
 510}
 511
 512static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs)
 513{
 514        DECODE_HEAD;
 515        struct user_namespace *userns = nfsd_user_namespace(argp->rqstp);
 516        u32 dummy, uid, gid;
 517        char *machine_name;
 518        int i;
 519        int nr_secflavs;
 520
 521        /* callback_sec_params4 */
 522        READ_BUF(4);
 523        nr_secflavs = be32_to_cpup(p++);
 524        if (nr_secflavs)
 525                cbs->flavor = (u32)(-1);
 526        else
 527                /* Is this legal? Be generous, take it to mean AUTH_NONE: */
 528                cbs->flavor = 0;
 529        for (i = 0; i < nr_secflavs; ++i) {
 530                READ_BUF(4);
 531                dummy = be32_to_cpup(p++);
 532                switch (dummy) {
 533                case RPC_AUTH_NULL:
 534                        /* Nothing to read */
 535                        if (cbs->flavor == (u32)(-1))
 536                                cbs->flavor = RPC_AUTH_NULL;
 537                        break;
 538                case RPC_AUTH_UNIX:
 539                        READ_BUF(8);
 540                        /* stamp */
 541                        dummy = be32_to_cpup(p++);
 542
 543                        /* machine name */
 544                        dummy = be32_to_cpup(p++);
 545                        READ_BUF(dummy);
 546                        SAVEMEM(machine_name, dummy);
 547
 548                        /* uid, gid */
 549                        READ_BUF(8);
 550                        uid = be32_to_cpup(p++);
 551                        gid = be32_to_cpup(p++);
 552
 553                        /* more gids */
 554                        READ_BUF(4);
 555                        dummy = be32_to_cpup(p++);
 556                        READ_BUF(dummy * 4);
 557                        if (cbs->flavor == (u32)(-1)) {
 558                                kuid_t kuid = make_kuid(userns, uid);
 559                                kgid_t kgid = make_kgid(userns, gid);
 560                                if (uid_valid(kuid) && gid_valid(kgid)) {
 561                                        cbs->uid = kuid;
 562                                        cbs->gid = kgid;
 563                                        cbs->flavor = RPC_AUTH_UNIX;
 564                                } else {
 565                                        dprintk("RPC_AUTH_UNIX with invalid"
 566                                                "uid or gid ignoring!\n");
 567                                }
 568                        }
 569                        break;
 570                case RPC_AUTH_GSS:
 571                        dprintk("RPC_AUTH_GSS callback secflavor "
 572                                "not supported!\n");
 573                        READ_BUF(8);
 574                        /* gcbp_service */
 575                        dummy = be32_to_cpup(p++);
 576                        /* gcbp_handle_from_server */
 577                        dummy = be32_to_cpup(p++);
 578                        READ_BUF(dummy);
 579                        p += XDR_QUADLEN(dummy);
 580                        /* gcbp_handle_from_client */
 581                        READ_BUF(4);
 582                        dummy = be32_to_cpup(p++);
 583                        READ_BUF(dummy);
 584                        break;
 585                default:
 586                        dprintk("Illegal callback secflavor\n");
 587                        return nfserr_inval;
 588                }
 589        }
 590        DECODE_TAIL;
 591}
 592
 593static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp, struct nfsd4_backchannel_ctl *bc)
 594{
 595        DECODE_HEAD;
 596
 597        READ_BUF(4);
 598        bc->bc_cb_program = be32_to_cpup(p++);
 599        nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec);
 600
 601        DECODE_TAIL;
 602}
 603
 604static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp, struct nfsd4_bind_conn_to_session *bcts)
 605{
 606        DECODE_HEAD;
 607
 608        READ_BUF(NFS4_MAX_SESSIONID_LEN + 8);
 609        COPYMEM(bcts->sessionid.data, NFS4_MAX_SESSIONID_LEN);
 610        bcts->dir = be32_to_cpup(p++);
 611        /* XXX: skipping ctsa_use_conn_in_rdma_mode.  Perhaps Tom Tucker
 612         * could help us figure out we should be using it. */
 613        DECODE_TAIL;
 614}
 615
 616static __be32
 617nfsd4_decode_close(struct nfsd4_compoundargs *argp, struct nfsd4_close *close)
 618{
 619        DECODE_HEAD;
 620
 621        READ_BUF(4);
 622        close->cl_seqid = be32_to_cpup(p++);
 623        return nfsd4_decode_stateid(argp, &close->cl_stateid);
 624
 625        DECODE_TAIL;
 626}
 627
 628
 629static __be32
 630nfsd4_decode_commit(struct nfsd4_compoundargs *argp, struct nfsd4_commit *commit)
 631{
 632        DECODE_HEAD;
 633
 634        READ_BUF(12);
 635        p = xdr_decode_hyper(p, &commit->co_offset);
 636        commit->co_count = be32_to_cpup(p++);
 637
 638        DECODE_TAIL;
 639}
 640
 641static __be32
 642nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create)
 643{
 644        DECODE_HEAD;
 645
 646        READ_BUF(4);
 647        create->cr_type = be32_to_cpup(p++);
 648        switch (create->cr_type) {
 649        case NF4LNK:
 650                READ_BUF(4);
 651                create->cr_datalen = be32_to_cpup(p++);
 652                READ_BUF(create->cr_datalen);
 653                create->cr_data = svcxdr_dupstr(argp, p, create->cr_datalen);
 654                if (!create->cr_data)
 655                        return nfserr_jukebox;
 656                break;
 657        case NF4BLK:
 658        case NF4CHR:
 659                READ_BUF(8);
 660                create->cr_specdata1 = be32_to_cpup(p++);
 661                create->cr_specdata2 = be32_to_cpup(p++);
 662                break;
 663        case NF4SOCK:
 664        case NF4FIFO:
 665        case NF4DIR:
 666        default:
 667                break;
 668        }
 669
 670        READ_BUF(4);
 671        create->cr_namelen = be32_to_cpup(p++);
 672        READ_BUF(create->cr_namelen);
 673        SAVEMEM(create->cr_name, create->cr_namelen);
 674        if ((status = check_filename(create->cr_name, create->cr_namelen)))
 675                return status;
 676
 677        status = nfsd4_decode_fattr(argp, create->cr_bmval, &create->cr_iattr,
 678                                    &create->cr_acl, &create->cr_label,
 679                                    &create->cr_umask);
 680        if (status)
 681                goto out;
 682
 683        DECODE_TAIL;
 684}
 685
 686static inline __be32
 687nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, struct nfsd4_delegreturn *dr)
 688{
 689        return nfsd4_decode_stateid(argp, &dr->dr_stateid);
 690}
 691
 692static inline __be32
 693nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, struct nfsd4_getattr *getattr)
 694{
 695        return nfsd4_decode_bitmap(argp, getattr->ga_bmval);
 696}
 697
 698static __be32
 699nfsd4_decode_link(struct nfsd4_compoundargs *argp, struct nfsd4_link *link)
 700{
 701        DECODE_HEAD;
 702
 703        READ_BUF(4);
 704        link->li_namelen = be32_to_cpup(p++);
 705        READ_BUF(link->li_namelen);
 706        SAVEMEM(link->li_name, link->li_namelen);
 707        if ((status = check_filename(link->li_name, link->li_namelen)))
 708                return status;
 709
 710        DECODE_TAIL;
 711}
 712
 713static __be32
 714nfsd4_decode_lock(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock)
 715{
 716        DECODE_HEAD;
 717
 718        /*
 719        * type, reclaim(boolean), offset, length, new_lock_owner(boolean)
 720        */
 721        READ_BUF(28);
 722        lock->lk_type = be32_to_cpup(p++);
 723        if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT))
 724                goto xdr_error;
 725        lock->lk_reclaim = be32_to_cpup(p++);
 726        p = xdr_decode_hyper(p, &lock->lk_offset);
 727        p = xdr_decode_hyper(p, &lock->lk_length);
 728        lock->lk_is_new = be32_to_cpup(p++);
 729
 730        if (lock->lk_is_new) {
 731                READ_BUF(4);
 732                lock->lk_new_open_seqid = be32_to_cpup(p++);
 733                status = nfsd4_decode_stateid(argp, &lock->lk_new_open_stateid);
 734                if (status)
 735                        return status;
 736                READ_BUF(8 + sizeof(clientid_t));
 737                lock->lk_new_lock_seqid = be32_to_cpup(p++);
 738                COPYMEM(&lock->lk_new_clientid, sizeof(clientid_t));
 739                lock->lk_new_owner.len = be32_to_cpup(p++);
 740                READ_BUF(lock->lk_new_owner.len);
 741                READMEM(lock->lk_new_owner.data, lock->lk_new_owner.len);
 742        } else {
 743                status = nfsd4_decode_stateid(argp, &lock->lk_old_lock_stateid);
 744                if (status)
 745                        return status;
 746                READ_BUF(4);
 747                lock->lk_old_lock_seqid = be32_to_cpup(p++);
 748        }
 749
 750        DECODE_TAIL;
 751}
 752
 753static __be32
 754nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, struct nfsd4_lockt *lockt)
 755{
 756        DECODE_HEAD;
 757                        
 758        READ_BUF(32);
 759        lockt->lt_type = be32_to_cpup(p++);
 760        if((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT))
 761                goto xdr_error;
 762        p = xdr_decode_hyper(p, &lockt->lt_offset);
 763        p = xdr_decode_hyper(p, &lockt->lt_length);
 764        COPYMEM(&lockt->lt_clientid, 8);
 765        lockt->lt_owner.len = be32_to_cpup(p++);
 766        READ_BUF(lockt->lt_owner.len);
 767        READMEM(lockt->lt_owner.data, lockt->lt_owner.len);
 768
 769        DECODE_TAIL;
 770}
 771
 772static __be32
 773nfsd4_decode_locku(struct nfsd4_compoundargs *argp, struct nfsd4_locku *locku)
 774{
 775        DECODE_HEAD;
 776
 777        READ_BUF(8);
 778        locku->lu_type = be32_to_cpup(p++);
 779        if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT))
 780                goto xdr_error;
 781        locku->lu_seqid = be32_to_cpup(p++);
 782        status = nfsd4_decode_stateid(argp, &locku->lu_stateid);
 783        if (status)
 784                return status;
 785        READ_BUF(16);
 786        p = xdr_decode_hyper(p, &locku->lu_offset);
 787        p = xdr_decode_hyper(p, &locku->lu_length);
 788
 789        DECODE_TAIL;
 790}
 791
 792static __be32
 793nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, struct nfsd4_lookup *lookup)
 794{
 795        DECODE_HEAD;
 796
 797        READ_BUF(4);
 798        lookup->lo_len = be32_to_cpup(p++);
 799        READ_BUF(lookup->lo_len);
 800        SAVEMEM(lookup->lo_name, lookup->lo_len);
 801        if ((status = check_filename(lookup->lo_name, lookup->lo_len)))
 802                return status;
 803
 804        DECODE_TAIL;
 805}
 806
 807static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when)
 808{
 809        __be32 *p;
 810        u32 w;
 811
 812        READ_BUF(4);
 813        w = be32_to_cpup(p++);
 814        *share_access = w & NFS4_SHARE_ACCESS_MASK;
 815        *deleg_want = w & NFS4_SHARE_WANT_MASK;
 816        if (deleg_when)
 817                *deleg_when = w & NFS4_SHARE_WHEN_MASK;
 818
 819        switch (w & NFS4_SHARE_ACCESS_MASK) {
 820        case NFS4_SHARE_ACCESS_READ:
 821        case NFS4_SHARE_ACCESS_WRITE:
 822        case NFS4_SHARE_ACCESS_BOTH:
 823                break;
 824        default:
 825                return nfserr_bad_xdr;
 826        }
 827        w &= ~NFS4_SHARE_ACCESS_MASK;
 828        if (!w)
 829                return nfs_ok;
 830        if (!argp->minorversion)
 831                return nfserr_bad_xdr;
 832        switch (w & NFS4_SHARE_WANT_MASK) {
 833        case NFS4_SHARE_WANT_NO_PREFERENCE:
 834        case NFS4_SHARE_WANT_READ_DELEG:
 835        case NFS4_SHARE_WANT_WRITE_DELEG:
 836        case NFS4_SHARE_WANT_ANY_DELEG:
 837        case NFS4_SHARE_WANT_NO_DELEG:
 838        case NFS4_SHARE_WANT_CANCEL:
 839                break;
 840        default:
 841                return nfserr_bad_xdr;
 842        }
 843        w &= ~NFS4_SHARE_WANT_MASK;
 844        if (!w)
 845                return nfs_ok;
 846
 847        if (!deleg_when)        /* open_downgrade */
 848                return nfserr_inval;
 849        switch (w) {
 850        case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL:
 851        case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED:
 852        case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL |
 853              NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED):
 854                return nfs_ok;
 855        }
 856xdr_error:
 857        return nfserr_bad_xdr;
 858}
 859
 860static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x)
 861{
 862        __be32 *p;
 863
 864        READ_BUF(4);
 865        *x = be32_to_cpup(p++);
 866        /* Note: unlinke access bits, deny bits may be zero. */
 867        if (*x & ~NFS4_SHARE_DENY_BOTH)
 868                return nfserr_bad_xdr;
 869        return nfs_ok;
 870xdr_error:
 871        return nfserr_bad_xdr;
 872}
 873
 874static __be32 nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o)
 875{
 876        __be32 *p;
 877
 878        READ_BUF(4);
 879        o->len = be32_to_cpup(p++);
 880
 881        if (o->len == 0 || o->len > NFS4_OPAQUE_LIMIT)
 882                return nfserr_bad_xdr;
 883
 884        READ_BUF(o->len);
 885        SAVEMEM(o->data, o->len);
 886        return nfs_ok;
 887xdr_error:
 888        return nfserr_bad_xdr;
 889}
 890
 891static __be32
 892nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 893{
 894        DECODE_HEAD;
 895        u32 dummy;
 896
 897        memset(open->op_bmval, 0, sizeof(open->op_bmval));
 898        open->op_iattr.ia_valid = 0;
 899        open->op_openowner = NULL;
 900
 901        open->op_xdr_error = 0;
 902        /* seqid, share_access, share_deny, clientid, ownerlen */
 903        READ_BUF(4);
 904        open->op_seqid = be32_to_cpup(p++);
 905        /* decode, yet ignore deleg_when until supported */
 906        status = nfsd4_decode_share_access(argp, &open->op_share_access,
 907                                           &open->op_deleg_want, &dummy);
 908        if (status)
 909                goto xdr_error;
 910        status = nfsd4_decode_share_deny(argp, &open->op_share_deny);
 911        if (status)
 912                goto xdr_error;
 913        READ_BUF(sizeof(clientid_t));
 914        COPYMEM(&open->op_clientid, sizeof(clientid_t));
 915        status = nfsd4_decode_opaque(argp, &open->op_owner);
 916        if (status)
 917                goto xdr_error;
 918        READ_BUF(4);
 919        open->op_create = be32_to_cpup(p++);
 920        switch (open->op_create) {
 921        case NFS4_OPEN_NOCREATE:
 922                break;
 923        case NFS4_OPEN_CREATE:
 924                READ_BUF(4);
 925                open->op_createmode = be32_to_cpup(p++);
 926                switch (open->op_createmode) {
 927                case NFS4_CREATE_UNCHECKED:
 928                case NFS4_CREATE_GUARDED:
 929                        status = nfsd4_decode_fattr(argp, open->op_bmval,
 930                                &open->op_iattr, &open->op_acl, &open->op_label,
 931                                &open->op_umask);
 932                        if (status)
 933                                goto out;
 934                        break;
 935                case NFS4_CREATE_EXCLUSIVE:
 936                        READ_BUF(NFS4_VERIFIER_SIZE);
 937                        COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE);
 938                        break;
 939                case NFS4_CREATE_EXCLUSIVE4_1:
 940                        if (argp->minorversion < 1)
 941                                goto xdr_error;
 942                        READ_BUF(NFS4_VERIFIER_SIZE);
 943                        COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE);
 944                        status = nfsd4_decode_fattr(argp, open->op_bmval,
 945                                &open->op_iattr, &open->op_acl, &open->op_label,
 946                                &open->op_umask);
 947                        if (status)
 948                                goto out;
 949                        break;
 950                default:
 951                        goto xdr_error;
 952                }
 953                break;
 954        default:
 955                goto xdr_error;
 956        }
 957
 958        /* open_claim */
 959        READ_BUF(4);
 960        open->op_claim_type = be32_to_cpup(p++);
 961        switch (open->op_claim_type) {
 962        case NFS4_OPEN_CLAIM_NULL:
 963        case NFS4_OPEN_CLAIM_DELEGATE_PREV:
 964                READ_BUF(4);
 965                open->op_fname.len = be32_to_cpup(p++);
 966                READ_BUF(open->op_fname.len);
 967                SAVEMEM(open->op_fname.data, open->op_fname.len);
 968                if ((status = check_filename(open->op_fname.data, open->op_fname.len)))
 969                        return status;
 970                break;
 971        case NFS4_OPEN_CLAIM_PREVIOUS:
 972                READ_BUF(4);
 973                open->op_delegate_type = be32_to_cpup(p++);
 974                break;
 975        case NFS4_OPEN_CLAIM_DELEGATE_CUR:
 976                status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid);
 977                if (status)
 978                        return status;
 979                READ_BUF(4);
 980                open->op_fname.len = be32_to_cpup(p++);
 981                READ_BUF(open->op_fname.len);
 982                SAVEMEM(open->op_fname.data, open->op_fname.len);
 983                if ((status = check_filename(open->op_fname.data, open->op_fname.len)))
 984                        return status;
 985                break;
 986        case NFS4_OPEN_CLAIM_FH:
 987        case NFS4_OPEN_CLAIM_DELEG_PREV_FH:
 988                if (argp->minorversion < 1)
 989                        goto xdr_error;
 990                /* void */
 991                break;
 992        case NFS4_OPEN_CLAIM_DELEG_CUR_FH:
 993                if (argp->minorversion < 1)
 994                        goto xdr_error;
 995                status = nfsd4_decode_stateid(argp, &open->op_delegate_stateid);
 996                if (status)
 997                        return status;
 998                break;
 999        default:
1000                goto xdr_error;

1001        }
1002
1003        DECODE_TAIL;
1004}
1005
1006static __be32
1007nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_open_confirm *open_conf)
1008{
1009        DECODE_HEAD;
1010
1011        if (argp->minorversion >= 1)
1012                return nfserr_notsupp;
1013
1014        status = nfsd4_decode_stateid(argp, &open_conf->oc_req_stateid);
1015        if (status)
1016                return status;
1017        READ_BUF(4);
1018        open_conf->oc_seqid = be32_to_cpup(p++);
1019
1020        DECODE_TAIL;
1021}
1022
1023static __be32
1024nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp, struct nfsd4_open_downgrade *open_down)
1025{
1026        DECODE_HEAD;
1027                    
1028        status = nfsd4_decode_stateid(argp, &open_down->od_stateid);
1029        if (status)
1030                return status;
1031        READ_BUF(4);
1032        open_down->od_seqid = be32_to_cpup(p++);
1033        status = nfsd4_decode_share_access(argp, &open_down->od_share_access,
1034                                           &open_down->od_deleg_want, NULL);
1035        if (status)
1036                return status;
1037        status = nfsd4_decode_share_deny(argp, &open_down->od_share_deny);
1038        if (status)
1039                return status;
1040        DECODE_TAIL;
1041}
1042
1043static __be32
1044nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh)
1045{
1046        DECODE_HEAD;
1047
1048        READ_BUF(4);
1049        putfh->pf_fhlen = be32_to_cpup(p++);
1050        if (putfh->pf_fhlen > NFS4_FHSIZE)
1051                goto xdr_error;
1052        READ_BUF(putfh->pf_fhlen);
1053        SAVEMEM(putfh->pf_fhval, putfh->pf_fhlen);
1054
1055        DECODE_TAIL;
1056}
1057
1058static __be32
1059nfsd4_decode_putpubfh(struct nfsd4_compoundargs *argp, void *p)
1060{
1061        if (argp->minorversion == 0)
1062                return nfs_ok;
1063        return nfserr_notsupp;
1064}
1065
1066static __be32
1067nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read)
1068{
1069        DECODE_HEAD;
1070
1071        status = nfsd4_decode_stateid(argp, &read->rd_stateid);
1072        if (status)
1073                return status;
1074        READ_BUF(12);
1075        p = xdr_decode_hyper(p, &read->rd_offset);
1076        read->rd_length = be32_to_cpup(p++);
1077
1078        DECODE_TAIL;
1079}
1080
1081static __be32
1082nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, struct nfsd4_readdir *readdir)
1083{
1084        DECODE_HEAD;
1085
1086        READ_BUF(24);
1087        p = xdr_decode_hyper(p, &readdir->rd_cookie);
1088        COPYMEM(readdir->rd_verf.data, sizeof(readdir->rd_verf.data));
1089        readdir->rd_dircount = be32_to_cpup(p++);
1090        readdir->rd_maxcount = be32_to_cpup(p++);
1091        if ((status = nfsd4_decode_bitmap(argp, readdir->rd_bmval)))
1092                goto out;
1093
1094        DECODE_TAIL;
1095}
1096
1097static __be32
1098nfsd4_decode_remove(struct nfsd4_compoundargs *argp, struct nfsd4_remove *remove)
1099{
1100        DECODE_HEAD;
1101
1102        READ_BUF(4);
1103        remove->rm_namelen = be32_to_cpup(p++);
1104        READ_BUF(remove->rm_namelen);
1105        SAVEMEM(remove->rm_name, remove->rm_namelen);
1106        if ((status = check_filename(remove->rm_name, remove->rm_namelen)))
1107                return status;
1108
1109        DECODE_TAIL;
1110}
1111
1112static __be32
1113nfsd4_decode_rename(struct nfsd4_compoundargs *argp, struct nfsd4_rename *rename)
1114{
1115        DECODE_HEAD;
1116
1117        READ_BUF(4);
1118        rename->rn_snamelen = be32_to_cpup(p++);
1119        READ_BUF(rename->rn_snamelen);
1120        SAVEMEM(rename->rn_sname, rename->rn_snamelen);
1121        READ_BUF(4);
1122        rename->rn_tnamelen = be32_to_cpup(p++);
1123        READ_BUF(rename->rn_tnamelen);
1124        SAVEMEM(rename->rn_tname, rename->rn_tnamelen);
1125        if ((status = check_filename(rename->rn_sname, rename->rn_snamelen)))
1126                return status;
1127        if ((status = check_filename(rename->rn_tname, rename->rn_tnamelen)))
1128                return status;
1129
1130        DECODE_TAIL;
1131}
1132
1133static __be32
1134nfsd4_decode_renew(struct nfsd4_compoundargs *argp, clientid_t *clientid)
1135{
1136        DECODE_HEAD;
1137
1138        if (argp->minorversion >= 1)
1139                return nfserr_notsupp;
1140
1141        READ_BUF(sizeof(clientid_t));
1142        COPYMEM(clientid, sizeof(clientid_t));
1143
1144        DECODE_TAIL;
1145}
1146
1147static __be32
1148nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp,
1149                     struct nfsd4_secinfo *secinfo)
1150{
1151        DECODE_HEAD;
1152
1153        READ_BUF(4);
1154        secinfo->si_namelen = be32_to_cpup(p++);
1155        READ_BUF(secinfo->si_namelen);
1156        SAVEMEM(secinfo->si_name, secinfo->si_namelen);
1157        status = check_filename(secinfo->si_name, secinfo->si_namelen);
1158        if (status)
1159                return status;
1160        DECODE_TAIL;
1161}
1162
1163static __be32
1164nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp,
1165                     struct nfsd4_secinfo_no_name *sin)
1166{
1167        DECODE_HEAD;
1168
1169        READ_BUF(4);
1170        sin->sin_style = be32_to_cpup(p++);
1171        DECODE_TAIL;
1172}
1173
1174static __be32
1175nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *setattr)
1176{
1177        __be32 status;
1178
1179        status = nfsd4_decode_stateid(argp, &setattr->sa_stateid);
1180        if (status)
1181                return status;
1182        return nfsd4_decode_fattr(argp, setattr->sa_bmval, &setattr->sa_iattr,
1183                                  &setattr->sa_acl, &setattr->sa_label, NULL);
1184}
1185
1186static __be32
1187nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid *setclientid)
1188{
1189        DECODE_HEAD;
1190
1191        if (argp->minorversion >= 1)
1192                return nfserr_notsupp;
1193
1194        READ_BUF(NFS4_VERIFIER_SIZE);
1195        COPYMEM(setclientid->se_verf.data, NFS4_VERIFIER_SIZE);
1196
1197        status = nfsd4_decode_opaque(argp, &setclientid->se_name);
1198        if (status)
1199                return nfserr_bad_xdr;
1200        READ_BUF(8);
1201        setclientid->se_callback_prog = be32_to_cpup(p++);
1202        setclientid->se_callback_netid_len = be32_to_cpup(p++);
1203        READ_BUF(setclientid->se_callback_netid_len);
1204        SAVEMEM(setclientid->se_callback_netid_val, setclientid->se_callback_netid_len);
1205        READ_BUF(4);
1206        setclientid->se_callback_addr_len = be32_to_cpup(p++);
1207
1208        READ_BUF(setclientid->se_callback_addr_len);
1209        SAVEMEM(setclientid->se_callback_addr_val, setclientid->se_callback_addr_len);
1210        READ_BUF(4);
1211        setclientid->se_callback_ident = be32_to_cpup(p++);
1212
1213        DECODE_TAIL;
1214}
1215
1216static __be32
1217nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp, struct nfsd4_setclientid_confirm *scd_c)
1218{
1219        DECODE_HEAD;
1220
1221        if (argp->minorversion >= 1)
1222                return nfserr_notsupp;
1223
1224        READ_BUF(8 + NFS4_VERIFIER_SIZE);
1225        COPYMEM(&scd_c->sc_clientid, 8);
1226        COPYMEM(&scd_c->sc_confirm, NFS4_VERIFIER_SIZE);
1227
1228        DECODE_TAIL;
1229}
1230
1231/* Also used for NVERIFY */
1232static __be32
1233nfsd4_decode_verify(struct nfsd4_compoundargs *argp, struct nfsd4_verify *verify)
1234{
1235        DECODE_HEAD;
1236
1237        if ((status = nfsd4_decode_bitmap(argp, verify->ve_bmval)))
1238                goto out;
1239
1240        /* For convenience's sake, we compare raw xdr'd attributes in
1241         * nfsd4_proc_verify */
1242
1243        READ_BUF(4);
1244        verify->ve_attrlen = be32_to_cpup(p++);
1245        READ_BUF(verify->ve_attrlen);
1246        SAVEMEM(verify->ve_attrval, verify->ve_attrlen);
1247
1248        DECODE_TAIL;
1249}
1250
1251static __be32
1252nfsd4_decode_write(struct nfsd4_compoundargs *argp, struct nfsd4_write *write)
1253{
1254        int avail;
1255        int len;
1256        DECODE_HEAD;
1257
1258        status = nfsd4_decode_stateid(argp, &write->wr_stateid);
1259        if (status)
1260                return status;
1261        READ_BUF(16);
1262        p = xdr_decode_hyper(p, &write->wr_offset);
1263        write->wr_stable_how = be32_to_cpup(p++);
1264        if (write->wr_stable_how > NFS_FILE_SYNC)
1265                goto xdr_error;
1266        write->wr_buflen = be32_to_cpup(p++);
1267
1268        /* Sorry .. no magic macros for this.. *
1269         * READ_BUF(write->wr_buflen);
1270         * SAVEMEM(write->wr_buf, write->wr_buflen);
1271         */
1272        avail = (char*)argp->end - (char*)argp->p;
1273        if (avail + argp->pagelen < write->wr_buflen) {
1274                dprintk("NFSD: xdr error (%s:%d)\n",
1275                                __FILE__, __LINE__);
1276                goto xdr_error;
1277        }
1278        write->wr_head.iov_base = p;
1279        write->wr_head.iov_len = avail;
1280        write->wr_pagelist = argp->pagelist;
1281
1282        len = XDR_QUADLEN(write->wr_buflen) << 2;
1283        if (len >= avail) {
1284                int pages;
1285
1286                len -= avail;
1287
1288                pages = len >> PAGE_SHIFT;
1289                argp->pagelist += pages;
1290                argp->pagelen -= pages * PAGE_SIZE;
1291                len -= pages * PAGE_SIZE;
1292
1293                next_decode_page(argp);
1294        }
1295        argp->p += XDR_QUADLEN(len);
1296
1297        DECODE_TAIL;
1298}
1299
1300static __be32
1301nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp, struct nfsd4_release_lockowner *rlockowner)
1302{
1303        DECODE_HEAD;
1304
1305        if (argp->minorversion >= 1)
1306                return nfserr_notsupp;
1307
1308        READ_BUF(12);
1309        COPYMEM(&rlockowner->rl_clientid, sizeof(clientid_t));
1310        rlockowner->rl_owner.len = be32_to_cpup(p++);
1311        READ_BUF(rlockowner->rl_owner.len);
1312        READMEM(rlockowner->rl_owner.data, rlockowner->rl_owner.len);
1313
1314        if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid))
1315                return nfserr_inval;
1316        DECODE_TAIL;
1317}
1318
1319static __be32
1320nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp,
1321                         struct nfsd4_exchange_id *exid)
1322{
1323        int dummy, tmp;
1324        DECODE_HEAD;
1325
1326        READ_BUF(NFS4_VERIFIER_SIZE);
1327        COPYMEM(exid->verifier.data, NFS4_VERIFIER_SIZE);
1328
1329        status = nfsd4_decode_opaque(argp, &exid->clname);
1330        if (status)
1331                return nfserr_bad_xdr;
1332
1333        READ_BUF(4);
1334        exid->flags = be32_to_cpup(p++);
1335
1336        /* Ignore state_protect4_a */
1337        READ_BUF(4);
1338        exid->spa_how = be32_to_cpup(p++);
1339        switch (exid->spa_how) {
1340        case SP4_NONE:
1341                break;
1342        case SP4_MACH_CRED:
1343                /* spo_must_enforce */
1344                status = nfsd4_decode_bitmap(argp,
1345                                        exid->spo_must_enforce);
1346                if (status)
1347                        goto out;
1348                /* spo_must_allow */
1349                status = nfsd4_decode_bitmap(argp, exid->spo_must_allow);
1350                if (status)
1351                        goto out;
1352                break;
1353        case SP4_SSV:
1354                /* ssp_ops */
1355                READ_BUF(4);
1356                dummy = be32_to_cpup(p++);
1357                READ_BUF(dummy * 4);
1358                p += dummy;
1359
1360                READ_BUF(4);
1361                dummy = be32_to_cpup(p++);
1362                READ_BUF(dummy * 4);
1363                p += dummy;
1364
1365                /* ssp_hash_algs<> */
1366                READ_BUF(4);
1367                tmp = be32_to_cpup(p++);
1368                while (tmp--) {
1369                        READ_BUF(4);
1370                        dummy = be32_to_cpup(p++);
1371                        READ_BUF(dummy);
1372                        p += XDR_QUADLEN(dummy);
1373                }
1374
1375                /* ssp_encr_algs<> */
1376                READ_BUF(4);
1377                tmp = be32_to_cpup(p++);
1378                while (tmp--) {
1379                        READ_BUF(4);
1380                        dummy = be32_to_cpup(p++);
1381                        READ_BUF(dummy);
1382                        p += XDR_QUADLEN(dummy);
1383                }
1384
1385                /* ignore ssp_window and ssp_num_gss_handles: */
1386                READ_BUF(8);
1387                break;
1388        default:
1389                goto xdr_error;
1390        }
1391
1392        READ_BUF(4);    /* nfs_impl_id4 array length */
1393        dummy = be32_to_cpup(p++);
1394
1395        if (dummy > 1)
1396                goto xdr_error;
1397
1398        if (dummy == 1) {
1399                status = nfsd4_decode_opaque(argp, &exid->nii_domain);
1400                if (status)
1401                        goto xdr_error;
1402
1403                /* nii_name */
1404                status = nfsd4_decode_opaque(argp, &exid->nii_name);
1405                if (status)
1406                        goto xdr_error;
1407
1408                /* nii_date */
1409                status = nfsd4_decode_time(argp, &exid->nii_time);
1410                if (status)
1411                        goto xdr_error;
1412        }
1413        DECODE_TAIL;
1414}
1415
1416static __be32
1417nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
1418                            struct nfsd4_create_session *sess)
1419{
1420        DECODE_HEAD;
1421        u32 dummy;
1422
1423        READ_BUF(16);
1424        COPYMEM(&sess->clientid, 8);
1425        sess->seqid = be32_to_cpup(p++);
1426        sess->flags = be32_to_cpup(p++);
1427
1428        /* Fore channel attrs */
1429        READ_BUF(28);
1430        dummy = be32_to_cpup(p++); /* headerpadsz is always 0 */
1431        sess->fore_channel.maxreq_sz = be32_to_cpup(p++);
1432        sess->fore_channel.maxresp_sz = be32_to_cpup(p++);
1433        sess->fore_channel.maxresp_cached = be32_to_cpup(p++);
1434        sess->fore_channel.maxops = be32_to_cpup(p++);
1435        sess->fore_channel.maxreqs = be32_to_cpup(p++);
1436        sess->fore_channel.nr_rdma_attrs = be32_to_cpup(p++);
1437        if (sess->fore_channel.nr_rdma_attrs == 1) {
1438                READ_BUF(4);
1439                sess->fore_channel.rdma_attrs = be32_to_cpup(p++);
1440        } else if (sess->fore_channel.nr_rdma_attrs > 1) {
1441                dprintk("Too many fore channel attr bitmaps!\n");
1442                goto xdr_error;
1443        }
1444
1445        /* Back channel attrs */
1446        READ_BUF(28);
1447        dummy = be32_to_cpup(p++); /* headerpadsz is always 0 */
1448        sess->back_channel.maxreq_sz = be32_to_cpup(p++);
1449        sess->back_channel.maxresp_sz = be32_to_cpup(p++);
1450        sess->back_channel.maxresp_cached = be32_to_cpup(p++);
1451        sess->back_channel.maxops = be32_to_cpup(p++);
1452        sess->back_channel.maxreqs = be32_to_cpup(p++);
1453        sess->back_channel.nr_rdma_attrs = be32_to_cpup(p++);
1454        if (sess->back_channel.nr_rdma_attrs == 1) {
1455                READ_BUF(4);
1456                sess->back_channel.rdma_attrs = be32_to_cpup(p++);
1457        } else if (sess->back_channel.nr_rdma_attrs > 1) {
1458                dprintk("Too many back channel attr bitmaps!\n");
1459                goto xdr_error;
1460        }
1461
1462        READ_BUF(4);
1463        sess->callback_prog = be32_to_cpup(p++);
1464        nfsd4_decode_cb_sec(argp, &sess->cb_sec);
1465        DECODE_TAIL;
1466}
1467
1468static __be32
1469nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp,
1470                             struct nfsd4_destroy_session *destroy_session)
1471{
1472        DECODE_HEAD;
1473        READ_BUF(NFS4_MAX_SESSIONID_LEN);
1474        COPYMEM(destroy_session->sessionid.data, NFS4_MAX_SESSIONID_LEN);
1475
1476        DECODE_TAIL;
1477}
1478
1479static __be32
1480nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp,
1481                          struct nfsd4_free_stateid *free_stateid)
1482{
1483        DECODE_HEAD;
1484
1485        READ_BUF(sizeof(stateid_t));
1486        free_stateid->fr_stateid.si_generation = be32_to_cpup(p++);
1487        COPYMEM(&free_stateid->fr_stateid.si_opaque, sizeof(stateid_opaque_t));
1488
1489        DECODE_TAIL;
1490}
1491
1492static __be32
1493nfsd4_decode_sequence(struct nfsd4_compoundargs *argp,
1494                      struct nfsd4_sequence *seq)
1495{
1496        DECODE_HEAD;
1497
1498        READ_BUF(NFS4_MAX_SESSIONID_LEN + 16);
1499        COPYMEM(seq->sessionid.data, NFS4_MAX_SESSIONID_LEN);
1500        seq->seqid = be32_to_cpup(p++);
1501        seq->slotid = be32_to_cpup(p++);
1502        seq->maxslots = be32_to_cpup(p++);
1503        seq->cachethis = be32_to_cpup(p++);
1504
1505        DECODE_TAIL;
1506}
1507
1508static __be32
1509nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_stateid *test_stateid)
1510{
1511        int i;
1512        __be32 *p, status;
1513        struct nfsd4_test_stateid_id *stateid;
1514
1515        READ_BUF(4);
1516        test_stateid->ts_num_ids = ntohl(*p++);
1517
1518        INIT_LIST_HEAD(&test_stateid->ts_stateid_list);
1519
1520        for (i = 0; i < test_stateid->ts_num_ids; i++) {
1521                stateid = svcxdr_tmpalloc(argp, sizeof(*stateid));
1522                if (!stateid) {
1523                        status = nfserrno(-ENOMEM);
1524                        goto out;
1525                }
1526
1527                INIT_LIST_HEAD(&stateid->ts_id_list);
1528                list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list);
1529
1530                status = nfsd4_decode_stateid(argp, &stateid->ts_id_stateid);
1531                if (status)
1532                        goto out;
1533        }
1534
1535        status = 0;
1536out:
1537        return status;
1538xdr_error:
1539        dprintk("NFSD: xdr error (%s:%d)\n", __FILE__, __LINE__);
1540        status = nfserr_bad_xdr;
1541        goto out;
1542}
1543
1544static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp, struct nfsd4_destroy_clientid *dc)
1545{
1546        DECODE_HEAD;
1547
1548        READ_BUF(8);
1549        COPYMEM(&dc->clientid, 8);
1550
1551        DECODE_TAIL;
1552}
1553
1554static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp, struct nfsd4_reclaim_complete *rc)
1555{
1556        DECODE_HEAD;
1557
1558        READ_BUF(4);
1559        rc->rca_one_fs = be32_to_cpup(p++);
1560
1561        DECODE_TAIL;
1562}
1563
1564#ifdef CONFIG_NFSD_PNFS
1565static __be32
1566nfsd4_decode_getdeviceinfo(struct nfsd4_compoundargs *argp,
1567                struct nfsd4_getdeviceinfo *gdev)
1568{
1569        DECODE_HEAD;
1570        u32 num, i;
1571
1572        READ_BUF(sizeof(struct nfsd4_deviceid) + 3 * 4);
1573        COPYMEM(&gdev->gd_devid, sizeof(struct nfsd4_deviceid));
1574        gdev->gd_layout_type = be32_to_cpup(p++);
1575        gdev->gd_maxcount = be32_to_cpup(p++);
1576        num = be32_to_cpup(p++);
1577        if (num) {
1578                if (num > 1000)
1579                        goto xdr_error;
1580                READ_BUF(4 * num);
1581                gdev->gd_notify_types = be32_to_cpup(p++);
1582                for (i = 1; i < num; i++) {
1583                        if (be32_to_cpup(p++)) {
1584                                status = nfserr_inval;
1585                                goto out;
1586                        }
1587                }
1588        }
1589        DECODE_TAIL;
1590}
1591
1592static __be32
1593nfsd4_decode_layoutget(struct nfsd4_compoundargs *argp,
1594                struct nfsd4_layoutget *lgp)
1595{
1596        DECODE_HEAD;
1597
1598        READ_BUF(36);
1599        lgp->lg_signal = be32_to_cpup(p++);
1600        lgp->lg_layout_type = be32_to_cpup(p++);
1601        lgp->lg_seg.iomode = be32_to_cpup(p++);
1602        p = xdr_decode_hyper(p, &lgp->lg_seg.offset);
1603        p = xdr_decode_hyper(p, &lgp->lg_seg.length);
1604        p = xdr_decode_hyper(p, &lgp->lg_minlength);
1605
1606        status = nfsd4_decode_stateid(argp, &lgp->lg_sid);
1607        if (status)
1608                return status;
1609
1610        READ_BUF(4);
1611        lgp->lg_maxcount = be32_to_cpup(p++);
1612
1613        DECODE_TAIL;
1614}
1615
1616static __be32
1617nfsd4_decode_layoutcommit(struct nfsd4_compoundargs *argp,
1618                struct nfsd4_layoutcommit *lcp)
1619{
1620        DECODE_HEAD;
1621        u32 timechange;
1622
1623        READ_BUF(20);
1624        p = xdr_decode_hyper(p, &lcp->lc_seg.offset);
1625        p = xdr_decode_hyper(p, &lcp->lc_seg.length);
1626        lcp->lc_reclaim = be32_to_cpup(p++);
1627
1628        status = nfsd4_decode_stateid(argp, &lcp->lc_sid);
1629        if (status)
1630                return status;
1631
1632        READ_BUF(4);
1633        lcp->lc_newoffset = be32_to_cpup(p++);
1634        if (lcp->lc_newoffset) {
1635                READ_BUF(8);
1636                p = xdr_decode_hyper(p, &lcp->lc_last_wr);
1637        } else
1638                lcp->lc_last_wr = 0;
1639        READ_BUF(4);
1640        timechange = be32_to_cpup(p++);
1641        if (timechange) {
1642                status = nfsd4_decode_time(argp, &lcp->lc_mtime);
1643                if (status)
1644                        return status;
1645        } else {
1646                lcp->lc_mtime.tv_nsec = UTIME_NOW;
1647        }
1648        READ_BUF(8);
1649        lcp->lc_layout_type = be32_to_cpup(p++);
1650
1651        /*
1652         * Save the layout update in XDR format and let the layout driver deal
1653         * with it later.
1654         */
1655        lcp->lc_up_len = be32_to_cpup(p++);
1656        if (lcp->lc_up_len > 0) {
1657                READ_BUF(lcp->lc_up_len);
1658                READMEM(lcp->lc_up_layout, lcp->lc_up_len);
1659        }
1660
1661        DECODE_TAIL;
1662}
1663
1664static __be32
1665nfsd4_decode_layoutreturn(struct nfsd4_compoundargs *argp,
1666                struct nfsd4_layoutreturn *lrp)
1667{
1668        DECODE_HEAD;
1669
1670        READ_BUF(16);
1671        lrp->lr_reclaim = be32_to_cpup(p++);
1672        lrp->lr_layout_type = be32_to_cpup(p++);
1673        lrp->lr_seg.iomode = be32_to_cpup(p++);
1674        lrp->lr_return_type = be32_to_cpup(p++);
1675        if (lrp->lr_return_type == RETURN_FILE) {
1676                READ_BUF(16);
1677                p = xdr_decode_hyper(p, &lrp->lr_seg.offset);
1678                p = xdr_decode_hyper(p, &lrp->lr_seg.length);
1679
1680                status = nfsd4_decode_stateid(argp, &lrp->lr_sid);
1681                if (status)
1682                        return status;
1683
1684                READ_BUF(4);
1685                lrp->lrf_body_len = be32_to_cpup(p++);
1686                if (lrp->lrf_body_len > 0) {
1687                        READ_BUF(lrp->lrf_body_len);
1688                        READMEM(lrp->lrf_body, lrp->lrf_body_len);
1689                }
1690        } else {
1691                lrp->lr_seg.offset = 0;
1692                lrp->lr_seg.length = NFS4_MAX_UINT64;
1693        }
1694
1695        DECODE_TAIL;
1696}
1697#endif /* CONFIG_NFSD_PNFS */
1698
1699static __be32
1700nfsd4_decode_fallocate(struct nfsd4_compoundargs *argp,
1701                       struct nfsd4_fallocate *fallocate)
1702{
1703        DECODE_HEAD;
1704
1705        status = nfsd4_decode_stateid(argp, &fallocate->falloc_stateid);
1706        if (status)
1707                return status;
1708
1709        READ_BUF(16);
1710        p = xdr_decode_hyper(p, &fallocate->falloc_offset);
1711        xdr_decode_hyper(p, &fallocate->falloc_length);
1712
1713        DECODE_TAIL;
1714}
1715
1716static __be32
1717nfsd4_decode_clone(struct nfsd4_compoundargs *argp, struct nfsd4_clone *clone)
1718{
1719        DECODE_HEAD;
1720
1721        status = nfsd4_decode_stateid(argp, &clone->cl_src_stateid);
1722        if (status)
1723                return status;
1724        status = nfsd4_decode_stateid(argp, &clone->cl_dst_stateid);
1725        if (status)
1726                return status;
1727
1728        READ_BUF(8 + 8 + 8);
1729        p = xdr_decode_hyper(p, &clone->cl_src_pos);
1730        p = xdr_decode_hyper(p, &clone->cl_dst_pos);
1731        p = xdr_decode_hyper(p, &clone->cl_count);
1732        DECODE_TAIL;
1733}
1734
1735static __be32
1736nfsd4_decode_copy(struct nfsd4_compoundargs *argp, struct nfsd4_copy *copy)
1737{
1738        DECODE_HEAD;
1739        unsigned int tmp;
1740
1741        status = nfsd4_decode_stateid(argp, &copy->cp_src_stateid);
1742        if (status)
1743                return status;
1744        status = nfsd4_decode_stateid(argp, &copy->cp_dst_stateid);
1745        if (status)
1746                return status;
1747
1748        READ_BUF(8 + 8 + 8 + 4 + 4 + 4);
1749        p = xdr_decode_hyper(p, &copy->cp_src_pos);
1750        p = xdr_decode_hyper(p, &copy->cp_dst_pos);
1751        p = xdr_decode_hyper(p, &copy->cp_count);
1752        p++; /* ca_consecutive: we always do consecutive copies */
1753        copy->cp_synchronous = be32_to_cpup(p++);
1754        tmp = be32_to_cpup(p); /* Source server list not supported */
1755
1756        DECODE_TAIL;
1757}
1758
1759static __be32
1760nfsd4_decode_offload_status(struct nfsd4_compoundargs *argp,
1761                            struct nfsd4_offload_status *os)
1762{
1763        return nfsd4_decode_stateid(argp, &os->stateid);
1764}
1765
1766static __be32
1767nfsd4_decode_seek(struct nfsd4_compoundargs *argp, struct nfsd4_seek *seek)
1768{
1769        DECODE_HEAD;
1770
1771        status = nfsd4_decode_stateid(argp, &seek->seek_stateid);
1772        if (status)
1773                return status;
1774
1775        READ_BUF(8 + 4);
1776        p = xdr_decode_hyper(p, &seek->seek_offset);
1777        seek->seek_whence = be32_to_cpup(p);
1778
1779        DECODE_TAIL;
1780}
1781
1782static __be32
1783nfsd4_decode_noop(struct nfsd4_compoundargs *argp, void *p)
1784{
1785        return nfs_ok;
1786}
1787
1788static __be32
1789nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p)
1790{
1791        return nfserr_notsupp;
1792}
1793
1794typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *);
1795
1796static const nfsd4_dec nfsd4_dec_ops[] = {
1797        [OP_ACCESS]             = (nfsd4_dec)nfsd4_decode_access,
1798        [OP_CLOSE]              = (nfsd4_dec)nfsd4_decode_close,
1799        [OP_COMMIT]             = (nfsd4_dec)nfsd4_decode_commit,
1800        [OP_CREATE]             = (nfsd4_dec)nfsd4_decode_create,
1801        [OP_DELEGPURGE]         = (nfsd4_dec)nfsd4_decode_notsupp,
1802        [OP_DELEGRETURN]        = (nfsd4_dec)nfsd4_decode_delegreturn,
1803        [OP_GETATTR]            = (nfsd4_dec)nfsd4_decode_getattr,
1804        [OP_GETFH]              = (nfsd4_dec)nfsd4_decode_noop,
1805        [OP_LINK]               = (nfsd4_dec)nfsd4_decode_link,
1806        [OP_LOCK]               = (nfsd4_dec)nfsd4_decode_lock,
1807        [OP_LOCKT]              = (nfsd4_dec)nfsd4_decode_lockt,
1808        [OP_LOCKU]              = (nfsd4_dec)nfsd4_decode_locku,
1809        [OP_LOOKUP]             = (nfsd4_dec)nfsd4_decode_lookup,
1810        [OP_LOOKUPP]            = (nfsd4_dec)nfsd4_decode_noop,
1811        [OP_NVERIFY]            = (nfsd4_dec)nfsd4_decode_verify,
1812        [OP_OPEN]               = (nfsd4_dec)nfsd4_decode_open,
1813        [OP_OPENATTR]           = (nfsd4_dec)nfsd4_decode_notsupp,
1814        [OP_OPEN_CONFIRM]       = (nfsd4_dec)nfsd4_decode_open_confirm,
1815        [OP_OPEN_DOWNGRADE]     = (nfsd4_dec)nfsd4_decode_open_downgrade,
1816        [OP_PUTFH]              = (nfsd4_dec)nfsd4_decode_putfh,
1817        [OP_PUTPUBFH]           = (nfsd4_dec)nfsd4_decode_putpubfh,
1818        [OP_PUTROOTFH]          = (nfsd4_dec)nfsd4_decode_noop,
1819        [OP_READ]               = (nfsd4_dec)nfsd4_decode_read,
1820        [OP_READDIR]            = (nfsd4_dec)nfsd4_decode_readdir,
1821        [OP_READLINK]           = (nfsd4_dec)nfsd4_decode_noop,
1822        [OP_REMOVE]             = (nfsd4_dec)nfsd4_decode_remove,
1823        [OP_RENAME]             = (nfsd4_dec)nfsd4_decode_rename,
1824        [OP_RENEW]              = (nfsd4_dec)nfsd4_decode_renew,
1825        [OP_RESTOREFH]          = (nfsd4_dec)nfsd4_decode_noop,
1826        [OP_SAVEFH]             = (nfsd4_dec)nfsd4_decode_noop,
1827        [OP_SECINFO]            = (nfsd4_dec)nfsd4_decode_secinfo,
1828        [OP_SETATTR]            = (nfsd4_dec)nfsd4_decode_setattr,
1829        [OP_SETCLIENTID]        = (nfsd4_dec)nfsd4_decode_setclientid,
1830        [OP_SETCLIENTID_CONFIRM] = (nfsd4_dec)nfsd4_decode_setclientid_confirm,
1831        [OP_VERIFY]             = (nfsd4_dec)nfsd4_decode_verify,
1832        [OP_WRITE]              = (nfsd4_dec)nfsd4_decode_write,
1833        [OP_RELEASE_LOCKOWNER]  = (nfsd4_dec)nfsd4_decode_release_lockowner,
1834
1835        /* new operations for NFSv4.1 */
1836        [OP_BACKCHANNEL_CTL]    = (nfsd4_dec)nfsd4_decode_backchannel_ctl,
1837        [OP_BIND_CONN_TO_SESSION]= (nfsd4_dec)nfsd4_decode_bind_conn_to_session,
1838        [OP_EXCHANGE_ID]        = (nfsd4_dec)nfsd4_decode_exchange_id,
1839        [OP_CREATE_SESSION]     = (nfsd4_dec)nfsd4_decode_create_session,
1840        [OP_DESTROY_SESSION]    = (nfsd4_dec)nfsd4_decode_destroy_session,
1841        [OP_FREE_STATEID]       = (nfsd4_dec)nfsd4_decode_free_stateid,
1842        [OP_GET_DIR_DELEGATION] = (nfsd4_dec)nfsd4_decode_notsupp,
1843#ifdef CONFIG_NFSD_PNFS
1844        [OP_GETDEVICEINFO]      = (nfsd4_dec)nfsd4_decode_getdeviceinfo,
1845        [OP_GETDEVICELIST]      = (nfsd4_dec)nfsd4_decode_notsupp,
1846        [OP_LAYOUTCOMMIT]       = (nfsd4_dec)nfsd4_decode_layoutcommit,
1847        [OP_LAYOUTGET]          = (nfsd4_dec)nfsd4_decode_layoutget,
1848        [OP_LAYOUTRETURN]       = (nfsd4_dec)nfsd4_decode_layoutreturn,
1849#else
1850        [OP_GETDEVICEINFO]      = (nfsd4_dec)nfsd4_decode_notsupp,
1851        [OP_GETDEVICELIST]      = (nfsd4_dec)nfsd4_decode_notsupp,
1852        [OP_LAYOUTCOMMIT]       = (nfsd4_dec)nfsd4_decode_notsupp,
1853        [OP_LAYOUTGET]          = (nfsd4_dec)nfsd4_decode_notsupp,
1854        [OP_LAYOUTRETURN]       = (nfsd4_dec)nfsd4_decode_notsupp,
1855#endif
1856        [OP_SECINFO_NO_NAME]    = (nfsd4_dec)nfsd4_decode_secinfo_no_name,
1857        [OP_SEQUENCE]           = (nfsd4_dec)nfsd4_decode_sequence,
1858        [OP_SET_SSV]            = (nfsd4_dec)nfsd4_decode_notsupp,
1859        [OP_TEST_STATEID]       = (nfsd4_dec)nfsd4_decode_test_stateid,
1860        [OP_WANT_DELEGATION]    = (nfsd4_dec)nfsd4_decode_notsupp,
1861        [OP_DESTROY_CLIENTID]   = (nfsd4_dec)nfsd4_decode_destroy_clientid,
1862        [OP_RECLAIM_COMPLETE]   = (nfsd4_dec)nfsd4_decode_reclaim_complete,
1863
1864        /* new operations for NFSv4.2 */
1865        [OP_ALLOCATE]           = (nfsd4_dec)nfsd4_decode_fallocate,
1866        [OP_COPY]               = (nfsd4_dec)nfsd4_decode_copy,
1867        [OP_COPY_NOTIFY]        = (nfsd4_dec)nfsd4_decode_notsupp,
1868        [OP_DEALLOCATE]         = (nfsd4_dec)nfsd4_decode_fallocate,
1869        [OP_IO_ADVISE]          = (nfsd4_dec)nfsd4_decode_notsupp,
1870        [OP_LAYOUTERROR]        = (nfsd4_dec)nfsd4_decode_notsupp,
1871        [OP_LAYOUTSTATS]        = (nfsd4_dec)nfsd4_decode_notsupp,
1872        [OP_OFFLOAD_CANCEL]     = (nfsd4_dec)nfsd4_decode_offload_status,
1873        [OP_OFFLOAD_STATUS]     = (nfsd4_dec)nfsd4_decode_offload_status,
1874        [OP_READ_PLUS]          = (nfsd4_dec)nfsd4_decode_notsupp,
1875        [OP_SEEK]               = (nfsd4_dec)nfsd4_decode_seek,
1876        [OP_WRITE_SAME]         = (nfsd4_dec)nfsd4_decode_notsupp,
1877        [OP_CLONE]              = (nfsd4_dec)nfsd4_decode_clone,
1878};
1879
1880static inline bool
1881nfsd4_opnum_in_range(struct nfsd4_compoundargs *argp, struct nfsd4_op *op)
1882{
1883        if (op->opnum < FIRST_NFS4_OP)
1884                return false;
1885        else if (argp->minorversion == 0 && op->opnum > LAST_NFS40_OP)
1886                return false;
1887        else if (argp->minorversion == 1 && op->opnum > LAST_NFS41_OP)
1888                return false;
1889        else if (argp->minorversion == 2 && op->opnum > LAST_NFS42_OP)
1890                return false;
1891        return true;
1892}
1893
1894static __be32
1895nfsd4_decode_compound(struct nfsd4_compoundargs *argp)
1896{
1897        DECODE_HEAD;
1898        struct nfsd4_op *op;
1899        bool cachethis = false;
1900        int auth_slack= argp->rqstp->rq_auth_slack;
1901        int max_reply = auth_slack + 8; /* opcnt, status */
1902        int readcount = 0;
1903        int readbytes = 0;
1904        int i;
1905
1906        READ_BUF(4);
1907        argp->taglen = be32_to_cpup(p++);
1908        READ_BUF(argp->taglen);
1909        SAVEMEM(argp->tag, argp->taglen);
1910        READ_BUF(8);
1911        argp->minorversion = be32_to_cpup(p++);
1912        argp->opcnt = be32_to_cpup(p++);
1913        max_reply += 4 + (XDR_QUADLEN(argp->taglen) << 2);
1914
1915        if (argp->taglen > NFSD4_MAX_TAGLEN)
1916                goto xdr_error;
1917        /*
1918         * NFS4ERR_RESOURCE is a more helpful error than GARBAGE_ARGS
1919         * here, so we return success at the xdr level so that
1920         * nfsd4_proc can handle this is an NFS-level error.
1921         */
1922        if (argp->opcnt > NFSD_MAX_OPS_PER_COMPOUND)
1923                return 0;
1924
1925        if (argp->opcnt > ARRAY_SIZE(argp->iops)) {
1926                argp->ops = kzalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL);
1927                if (!argp->ops) {
1928                        argp->ops = argp->iops;
1929                        dprintk("nfsd: couldn't allocate room for COMPOUND\n");
1930                        goto xdr_error;
1931                }
1932        }
1933
1934        if (argp->minorversion > NFSD_SUPPORTED_MINOR_VERSION)
1935                argp->opcnt = 0;
1936
1937        for (i = 0; i < argp->opcnt; i++) {
1938                op = &argp->ops[i];
1939                op->replay = NULL;
1940
1941                READ_BUF(4);
1942                op->opnum = be32_to_cpup(p++);
1943
1944                if (nfsd4_opnum_in_range(argp, op))
1945                        op->status = nfsd4_dec_ops[op->opnum](argp, &op->u);
1946                else {
1947                        op->opnum = OP_ILLEGAL;
1948                        op->status = nfserr_op_illegal;
1949                }
1950                op->opdesc = OPDESC(op);
1951                /*
1952                 * We'll try to cache the result in the DRC if any one
1953                 * op in the compound wants to be cached:
1954                 */
1955                cachethis |= nfsd4_cache_this_op(op);
1956
1957                if (op->opnum == OP_READ) {
1958                        readcount++;
1959                        readbytes += nfsd4_max_reply(argp->rqstp, op);
1960                } else
1961                        max_reply += nfsd4_max_reply(argp->rqstp, op);
1962                /*
1963                 * OP_LOCK and OP_LOCKT may return a conflicting lock.
1964                 * (Special case because it will just skip encoding this
1965                 * if it runs out of xdr buffer space, and it is the only
1966                 * operation that behaves this way.)
1967                 */
1968                if (op->opnum == OP_LOCK || op->opnum == OP_LOCKT)
1969                        max_reply += NFS4_OPAQUE_LIMIT;
1970
1971                if (op->status) {
1972                        argp->opcnt = i+1;
1973                        break;
1974                }
1975        }
1976        /* Sessions make the DRC unnecessary: */
1977        if (argp->minorversion)
1978                cachethis = false;
1979        svc_reserve(argp->rqstp, max_reply + readbytes);
1980        argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE;
1981
1982        if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack)
1983                clear_bit(RQ_SPLICE_OK, &argp->rqstp->rq_flags);
1984
1985        DECODE_TAIL;
1986}
1987
1988static __be32 *encode_change(__be32 *p, struct kstat *stat, struct inode *inode,
1989                             struct svc_export *exp)
1990{
1991        if (exp->ex_flags & NFSEXP_V4ROOT) {
1992                *p++ = cpu_to_be32(convert_to_wallclock(exp->cd->flush_time));
1993                *p++ = 0;
1994        } else if (IS_I_VERSION(inode)) {
1995                p = xdr_encode_hyper(p, nfsd4_change_attribute(stat, inode));
1996        } else {
1997                *p++ = cpu_to_be32(stat->ctime.tv_sec);
1998                *p++ = cpu_to_be32(stat->ctime.tv_nsec);
1999        }
2000        return p;

2001}
2002
2003/*
2004 * ctime (in NFSv4, time_metadata) is not writeable, and the client
2005 * doesn't really care what resolution could theoretically be stored by
2006 * the filesystem.
2007 *
2008 * The client cares how close together changes can be while still
2009 * guaranteeing ctime changes.  For most filesystems (which have
2010 * timestamps with nanosecond fields) that is limited by the resolution
2011 * of the time returned from current_time() (which I'm assuming to be
2012 * 1/HZ).
2013 */
2014static __be32 *encode_time_delta(__be32 *p, struct inode *inode)
2015{
2016        struct timespec ts;
2017        u32 ns;
2018
2019        ns = max_t(u32, NSEC_PER_SEC/HZ, inode->i_sb->s_time_gran);
2020        ts = ns_to_timespec(ns);
2021
2022        p = xdr_encode_hyper(p, ts.tv_sec);
2023        *p++ = cpu_to_be32(ts.tv_nsec);
2024
2025        return p;
2026}
2027
2028static __be32 *encode_cinfo(__be32 *p, struct nfsd4_change_info *c)
2029{
2030        *p++ = cpu_to_be32(c->atomic);
2031        if (c->change_supported) {
2032                p = xdr_encode_hyper(p, c->before_change);
2033                p = xdr_encode_hyper(p, c->after_change);
2034        } else {
2035                *p++ = cpu_to_be32(c->before_ctime_sec);
2036                *p++ = cpu_to_be32(c->before_ctime_nsec);
2037                *p++ = cpu_to_be32(c->after_ctime_sec);
2038                *p++ = cpu_to_be32(c->after_ctime_nsec);
2039        }
2040        return p;
2041}
2042
2043/* Encode as an array of strings the string given with components
2044 * separated @sep, escaped with esc_enter and esc_exit.
2045 */
2046static __be32 nfsd4_encode_components_esc(struct xdr_stream *xdr, char sep,
2047                                          char *components, char esc_enter,
2048                                          char esc_exit)
2049{
2050        __be32 *p;
2051        __be32 pathlen;
2052        int pathlen_offset;
2053        int strlen, count=0;
2054        char *str, *end, *next;
2055
2056        dprintk("nfsd4_encode_components(%s)\n", components);
2057
2058        pathlen_offset = xdr->buf->len;
2059        p = xdr_reserve_space(xdr, 4);
2060        if (!p)
2061                return nfserr_resource;
2062        p++; /* We will fill this in with @count later */
2063
2064        end = str = components;
2065        while (*end) {
2066                bool found_esc = false;
2067
2068                /* try to parse as esc_start, ..., esc_end, sep */
2069                if (*str == esc_enter) {
2070                        for (; *end && (*end != esc_exit); end++)
2071                                /* find esc_exit or end of string */;
2072                        next = end + 1;
2073                        if (*end && (!*next || *next == sep)) {
2074                                str++;
2075                                found_esc = true;
2076                        }
2077                }
2078
2079                if (!found_esc)
2080                        for (; *end && (*end != sep); end++)
2081                                /* find sep or end of string */;
2082
2083                strlen = end - str;
2084                if (strlen) {
2085                        p = xdr_reserve_space(xdr, strlen + 4);
2086                        if (!p)
2087                                return nfserr_resource;
2088                        p = xdr_encode_opaque(p, str, strlen);
2089                        count++;
2090                }
2091                else
2092                        end++;
2093                if (found_esc)
2094                        end = next;
2095
2096                str = end;
2097        }
2098        pathlen = htonl(count);
2099        write_bytes_to_xdr_buf(xdr->buf, pathlen_offset, &pathlen, 4);
2100        return 0;
2101}
2102
2103/* Encode as an array of strings the string given with components
2104 * separated @sep.
2105 */
2106static __be32 nfsd4_encode_components(struct xdr_stream *xdr, char sep,
2107                                      char *components)
2108{
2109        return nfsd4_encode_components_esc(xdr, sep, components, 0, 0);
2110}
2111
2112/*
2113 * encode a location element of a fs_locations structure
2114 */
2115static __be32 nfsd4_encode_fs_location4(struct xdr_stream *xdr,
2116                                        struct nfsd4_fs_location *location)
2117{
2118        __be32 status;
2119
2120        status = nfsd4_encode_components_esc(xdr, ':', location->hosts,
2121                                                '[', ']');
2122        if (status)
2123                return status;
2124        status = nfsd4_encode_components(xdr, '/', location->path);
2125        if (status)
2126                return status;
2127        return 0;
2128}
2129
2130/*
2131 * Encode a path in RFC3530 'pathname4' format
2132 */
2133static __be32 nfsd4_encode_path(struct xdr_stream *xdr,
2134                                const struct path *root,
2135                                const struct path *path)
2136{
2137        struct path cur = *path;
2138        __be32 *p;
2139        struct dentry **components = NULL;
2140        unsigned int ncomponents = 0;
2141        __be32 err = nfserr_jukebox;
2142
2143        dprintk("nfsd4_encode_components(");
2144
2145        path_get(&cur);
2146        /* First walk the path up to the nfsd root, and store the
2147         * dentries/path components in an array.
2148         */
2149        for (;;) {
2150                if (path_equal(&cur, root))
2151                        break;
2152                if (cur.dentry == cur.mnt->mnt_root) {
2153                        if (follow_up(&cur))
2154                                continue;
2155                        goto out_free;
2156                }
2157                if ((ncomponents & 15) == 0) {
2158                        struct dentry **new;
2159                        new = krealloc(components,
2160                                        sizeof(*new) * (ncomponents + 16),
2161                                        GFP_KERNEL);
2162                        if (!new)
2163                                goto out_free;
2164                        components = new;
2165                }
2166                components[ncomponents++] = cur.dentry;
2167                cur.dentry = dget_parent(cur.dentry);
2168        }
2169        err = nfserr_resource;
2170        p = xdr_reserve_space(xdr, 4);
2171        if (!p)
2172                goto out_free;
2173        *p++ = cpu_to_be32(ncomponents);
2174
2175        while (ncomponents) {
2176                struct dentry *dentry = components[ncomponents - 1];
2177                unsigned int len;
2178
2179                spin_lock(&dentry->d_lock);
2180                len = dentry->d_name.len;
2181                p = xdr_reserve_space(xdr, len + 4);
2182                if (!p) {
2183                        spin_unlock(&dentry->d_lock);
2184                        goto out_free;
2185                }
2186                p = xdr_encode_opaque(p, dentry->d_name.name, len);
2187                dprintk("/%pd", dentry);
2188                spin_unlock(&dentry->d_lock);
2189                dput(dentry);
2190                ncomponents--;
2191        }
2192
2193        err = 0;
2194out_free:
2195        dprintk(")\n");
2196        while (ncomponents)
2197                dput(components[--ncomponents]);
2198        kfree(components);
2199        path_put(&cur);
2200        return err;
2201}
2202
2203static __be32 nfsd4_encode_fsloc_fsroot(struct xdr_stream *xdr,
2204                        struct svc_rqst *rqstp, const struct path *path)
2205{
2206        struct svc_export *exp_ps;
2207        __be32 res;
2208
2209        exp_ps = rqst_find_fsidzero_export(rqstp);
2210        if (IS_ERR(exp_ps))
2211                return nfserrno(PTR_ERR(exp_ps));
2212        res = nfsd4_encode_path(xdr, &exp_ps->ex_path, path);
2213        exp_put(exp_ps);
2214        return res;
2215}
2216
2217/*
2218 *  encode a fs_locations structure
2219 */
2220static __be32 nfsd4_encode_fs_locations(struct xdr_stream *xdr,
2221                        struct svc_rqst *rqstp, struct svc_export *exp)
2222{
2223        __be32 status;
2224        int i;
2225        __be32 *p;
2226        struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs;
2227
2228        status = nfsd4_encode_fsloc_fsroot(xdr, rqstp, &exp->ex_path);
2229        if (status)
2230                return status;
2231        p = xdr_reserve_space(xdr, 4);
2232        if (!p)
2233                return nfserr_resource;
2234        *p++ = cpu_to_be32(fslocs->locations_count);
2235        for (i=0; i<fslocs->locations_count; i++) {
2236                status = nfsd4_encode_fs_location4(xdr, &fslocs->locations[i]);
2237                if (status)
2238                        return status;
2239        }
2240        return 0;
2241}
2242
2243static u32 nfs4_file_type(umode_t mode)
2244{
2245        switch (mode & S_IFMT) {
2246        case S_IFIFO:   return NF4FIFO;
2247        case S_IFCHR:   return NF4CHR;
2248        case S_IFDIR:   return NF4DIR;
2249        case S_IFBLK:   return NF4BLK;
2250        case S_IFLNK:   return NF4LNK;
2251        case S_IFREG:   return NF4REG;
2252        case S_IFSOCK:  return NF4SOCK;
2253        default:        return NF4BAD;
2254        };
2255}
2256
2257static inline __be32
2258nfsd4_encode_aclname(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2259                     struct nfs4_ace *ace)
2260{
2261        if (ace->whotype != NFS4_ACL_WHO_NAMED)
2262                return nfs4_acl_write_who(xdr, ace->whotype);
2263        else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
2264                return nfsd4_encode_group(xdr, rqstp, ace->who_gid);
2265        else
2266                return nfsd4_encode_user(xdr, rqstp, ace->who_uid);
2267}
2268
2269static inline __be32
2270nfsd4_encode_layout_types(struct xdr_stream *xdr, u32 layout_types)
2271{
2272        __be32          *p;
2273        unsigned long   i = hweight_long(layout_types);
2274
2275        p = xdr_reserve_space(xdr, 4 + 4 * i);
2276        if (!p)
2277                return nfserr_resource;
2278
2279        *p++ = cpu_to_be32(i);
2280
2281        for (i = LAYOUT_NFSV4_1_FILES; i < LAYOUT_TYPE_MAX; ++i)
2282                if (layout_types & (1 << i))
2283                        *p++ = cpu_to_be32(i);
2284
2285        return 0;
2286}
2287
2288#define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \
2289                              FATTR4_WORD0_RDATTR_ERROR)
2290#define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID
2291#define WORD2_ABSENT_FS_ATTRS 0
2292
2293#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2294static inline __be32
2295nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2296                            void *context, int len)
2297{
2298        __be32 *p;
2299
2300        p = xdr_reserve_space(xdr, len + 4 + 4 + 4);
2301        if (!p)
2302                return nfserr_resource;
2303
2304        /*
2305         * For now we use a 0 here to indicate the null translation; in
2306         * the future we may place a call to translation code here.
2307         */
2308        *p++ = cpu_to_be32(0); /* lfs */
2309        *p++ = cpu_to_be32(0); /* pi */
2310        p = xdr_encode_opaque(p, context, len);
2311        return 0;
2312}
2313#else
2314static inline __be32
2315nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2316                            void *context, int len)
2317{ return 0; }
2318#endif
2319
2320static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *bmval2, u32 *rdattr_err)
2321{
2322        /* As per referral draft:  */
2323        if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS ||
2324            *bmval1 & ~WORD1_ABSENT_FS_ATTRS) {
2325                if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR ||
2326                    *bmval0 & FATTR4_WORD0_FS_LOCATIONS)
2327                        *rdattr_err = NFSERR_MOVED;
2328                else
2329                        return nfserr_moved;
2330        }
2331        *bmval0 &= WORD0_ABSENT_FS_ATTRS;
2332        *bmval1 &= WORD1_ABSENT_FS_ATTRS;
2333        *bmval2 &= WORD2_ABSENT_FS_ATTRS;
2334        return 0;
2335}
2336
2337
2338static int get_parent_attributes(struct svc_export *exp, struct kstat *stat)
2339{
2340        struct path path = exp->ex_path;
2341        int err;
2342
2343        path_get(&path);
2344        while (follow_up(&path)) {
2345                if (path.dentry != path.mnt->mnt_root)
2346                        break;
2347        }
2348        err = vfs_getattr(&path, stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
2349        path_put(&path);
2350        return err;
2351}
2352
2353static __be32
2354nfsd4_encode_bitmap(struct xdr_stream *xdr, u32 bmval0, u32 bmval1, u32 bmval2)
2355{
2356        __be32 *p;
2357
2358        if (bmval2) {
2359                p = xdr_reserve_space(xdr, 16);
2360                if (!p)
2361                        goto out_resource;
2362                *p++ = cpu_to_be32(3);
2363                *p++ = cpu_to_be32(bmval0);
2364                *p++ = cpu_to_be32(bmval1);
2365                *p++ = cpu_to_be32(bmval2);
2366        } else if (bmval1) {
2367                p = xdr_reserve_space(xdr, 12);
2368                if (!p)
2369                        goto out_resource;
2370                *p++ = cpu_to_be32(2);
2371                *p++ = cpu_to_be32(bmval0);
2372                *p++ = cpu_to_be32(bmval1);
2373        } else {
2374                p = xdr_reserve_space(xdr, 8);
2375                if (!p)
2376                        goto out_resource;
2377                *p++ = cpu_to_be32(1);
2378                *p++ = cpu_to_be32(bmval0);
2379        }
2380
2381        return 0;
2382out_resource:
2383        return nfserr_resource;
2384}
2385
2386/*
2387 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle
2388 * ourselves.
2389 */
2390static __be32
2391nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp,
2392                struct svc_export *exp,
2393                struct dentry *dentry, u32 *bmval,
2394                struct svc_rqst *rqstp, int ignore_crossmnt)
2395{
2396        u32 bmval0 = bmval[0];
2397        u32 bmval1 = bmval[1];
2398        u32 bmval2 = bmval[2];
2399        struct kstat stat;
2400        struct svc_fh *tempfh = NULL;
2401        struct kstatfs statfs;
2402        __be32 *p;
2403        int starting_len = xdr->buf->len;
2404        int attrlen_offset;
2405        __be32 attrlen;
2406        u32 dummy;
2407        u64 dummy64;
2408        u32 rdattr_err = 0;
2409        __be32 status;
2410        int err;
2411        struct nfs4_acl *acl = NULL;
2412#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2413        void *context = NULL;
2414        int contextlen;
2415#endif
2416        bool contextsupport = false;
2417        struct nfsd4_compoundres *resp = rqstp->rq_resp;
2418        u32 minorversion = resp->cstate.minorversion;
2419        struct path path = {
2420                .mnt    = exp->ex_path.mnt,
2421                .dentry = dentry,
2422        };
2423        struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
2424
2425        BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1);
2426        BUG_ON(!nfsd_attrs_supported(minorversion, bmval));
2427
2428        if (exp->ex_fslocs.migrated) {
2429                status = fattr_handle_absent_fs(&bmval0, &bmval1, &bmval2, &rdattr_err);
2430                if (status)
2431                        goto out;
2432        }
2433
2434        err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
2435        if (err)
2436                goto out_nfserr;
2437        if ((bmval0 & (FATTR4_WORD0_FILES_AVAIL | FATTR4_WORD0_FILES_FREE |
2438                        FATTR4_WORD0_FILES_TOTAL | FATTR4_WORD0_MAXNAME)) ||
2439            (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE |
2440                       FATTR4_WORD1_SPACE_TOTAL))) {
2441                err = vfs_statfs(&path, &statfs);
2442                if (err)
2443                        goto out_nfserr;
2444        }
2445        if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) {
2446                tempfh = kmalloc(sizeof(struct svc_fh), GFP_KERNEL);
2447                status = nfserr_jukebox;
2448                if (!tempfh)
2449                        goto out;
2450                fh_init(tempfh, NFS4_FHSIZE);
2451                status = fh_compose(tempfh, exp, dentry, NULL);
2452                if (status)
2453                        goto out;
2454                fhp = tempfh;
2455        }
2456        if (bmval0 & FATTR4_WORD0_ACL) {
2457                err = nfsd4_get_nfs4_acl(rqstp, dentry, &acl);
2458                if (err == -EOPNOTSUPP)
2459                        bmval0 &= ~FATTR4_WORD0_ACL;
2460                else if (err == -EINVAL) {
2461                        status = nfserr_attrnotsupp;
2462                        goto out;
2463                } else if (err != 0)
2464                        goto out_nfserr;
2465        }
2466
2467#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2468        if ((bmval2 & FATTR4_WORD2_SECURITY_LABEL) ||
2469             bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) {
2470                if (exp->ex_flags & NFSEXP_SECURITY_LABEL)
2471                        err = security_inode_getsecctx(d_inode(dentry),
2472                                                &context, &contextlen);
2473                else
2474                        err = -EOPNOTSUPP;
2475                contextsupport = (err == 0);
2476                if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) {
2477                        if (err == -EOPNOTSUPP)
2478                                bmval2 &= ~FATTR4_WORD2_SECURITY_LABEL;
2479                        else if (err)
2480                                goto out_nfserr;
2481                }
2482        }
2483#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
2484
2485        status = nfsd4_encode_bitmap(xdr, bmval0, bmval1, bmval2);
2486        if (status)
2487                goto out;
2488
2489        attrlen_offset = xdr->buf->len;
2490        p = xdr_reserve_space(xdr, 4);
2491        if (!p)
2492                goto out_resource;
2493        p++;                /* to be backfilled later */
2494
2495        if (bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) {
2496                u32 supp[3];
2497
2498                memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
2499
2500                if (!IS_POSIXACL(dentry->d_inode))
2501                        supp[0] &= ~FATTR4_WORD0_ACL;
2502                if (!contextsupport)
2503                        supp[2] &= ~FATTR4_WORD2_SECURITY_LABEL;
2504                if (!supp[2]) {
2505                        p = xdr_reserve_space(xdr, 12);
2506                        if (!p)
2507                                goto out_resource;
2508                        *p++ = cpu_to_be32(2);
2509                        *p++ = cpu_to_be32(supp[0]);
2510                        *p++ = cpu_to_be32(supp[1]);
2511                } else {
2512                        p = xdr_reserve_space(xdr, 16);
2513                        if (!p)
2514                                goto out_resource;
2515                        *p++ = cpu_to_be32(3);
2516                        *p++ = cpu_to_be32(supp[0]);
2517                        *p++ = cpu_to_be32(supp[1]);
2518                        *p++ = cpu_to_be32(supp[2]);
2519                }
2520        }
2521        if (bmval0 & FATTR4_WORD0_TYPE) {
2522                p = xdr_reserve_space(xdr, 4);
2523                if (!p)
2524                        goto out_resource;
2525                dummy = nfs4_file_type(stat.mode);
2526                if (dummy == NF4BAD) {
2527                        status = nfserr_serverfault;
2528                        goto out;
2529                }
2530                *p++ = cpu_to_be32(dummy);
2531        }
2532        if (bmval0 & FATTR4_WORD0_FH_EXPIRE_TYPE) {
2533                p = xdr_reserve_space(xdr, 4);
2534                if (!p)
2535                        goto out_resource;
2536                if (exp->ex_flags & NFSEXP_NOSUBTREECHECK)
2537                        *p++ = cpu_to_be32(NFS4_FH_PERSISTENT);
2538                else
2539                        *p++ = cpu_to_be32(NFS4_FH_PERSISTENT|
2540                                                NFS4_FH_VOL_RENAME);
2541        }
2542        if (bmval0 & FATTR4_WORD0_CHANGE) {
2543                p = xdr_reserve_space(xdr, 8);
2544                if (!p)
2545                        goto out_resource;
2546                p = encode_change(p, &stat, d_inode(dentry), exp);
2547        }
2548        if (bmval0 & FATTR4_WORD0_SIZE) {
2549                p = xdr_reserve_space(xdr, 8);
2550                if (!p)
2551                        goto out_resource;
2552                p = xdr_encode_hyper(p, stat.size);
2553        }
2554        if (bmval0 & FATTR4_WORD0_LINK_SUPPORT) {
2555                p = xdr_reserve_space(xdr, 4);
2556                if (!p)
2557                        goto out_resource;
2558                *p++ = cpu_to_be32(1);
2559        }
2560        if (bmval0 & FATTR4_WORD0_SYMLINK_SUPPORT) {
2561                p = xdr_reserve_space(xdr, 4);
2562                if (!p)
2563                        goto out_resource;
2564                *p++ = cpu_to_be32(1);
2565        }
2566        if (bmval0 & FATTR4_WORD0_NAMED_ATTR) {
2567                p = xdr_reserve_space(xdr, 4);
2568                if (!p)
2569                        goto out_resource;
2570                *p++ = cpu_to_be32(0);
2571        }
2572        if (bmval0 & FATTR4_WORD0_FSID) {
2573                p = xdr_reserve_space(xdr, 16);
2574                if (!p)
2575                        goto out_resource;
2576                if (exp->ex_fslocs.migrated) {
2577                        p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MAJOR);
2578                        p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MINOR);
2579                } else switch(fsid_source(fhp)) {
2580                case FSIDSOURCE_FSID:
2581                        p = xdr_encode_hyper(p, (u64)exp->ex_fsid);
2582                        p = xdr_encode_hyper(p, (u64)0);
2583                        break;
2584                case FSIDSOURCE_DEV:
2585                        *p++ = cpu_to_be32(0);
2586                        *p++ = cpu_to_be32(MAJOR(stat.dev));
2587                        *p++ = cpu_to_be32(0);
2588                        *p++ = cpu_to_be32(MINOR(stat.dev));
2589                        break;
2590                case FSIDSOURCE_UUID:
2591                        p = xdr_encode_opaque_fixed(p, exp->ex_uuid,
2592                                                                EX_UUID_LEN);
2593                        break;
2594                }
2595        }
2596        if (bmval0 & FATTR4_WORD0_UNIQUE_HANDLES) {
2597                p = xdr_reserve_space(xdr, 4);
2598                if (!p)
2599                        goto out_resource;
2600                *p++ = cpu_to_be32(0);
2601        }
2602        if (bmval0 & FATTR4_WORD0_LEASE_TIME) {
2603                p = xdr_reserve_space(xdr, 4);
2604                if (!p)
2605                        goto out_resource;
2606                *p++ = cpu_to_be32(nn->nfsd4_lease);
2607        }
2608        if (bmval0 & FATTR4_WORD0_RDATTR_ERROR) {
2609                p = xdr_reserve_space(xdr, 4);
2610                if (!p)
2611                        goto out_resource;
2612                *p++ = cpu_to_be32(rdattr_err);
2613        }
2614        if (bmval0 & FATTR4_WORD0_ACL) {
2615                struct nfs4_ace *ace;
2616
2617                if (acl == NULL) {
2618                        p = xdr_reserve_space(xdr, 4);
2619                        if (!p)
2620                                goto out_resource;
2621
2622                        *p++ = cpu_to_be32(0);
2623                        goto out_acl;
2624                }
2625                p = xdr_reserve_space(xdr, 4);
2626                if (!p)
2627                        goto out_resource;
2628                *p++ = cpu_to_be32(acl->naces);
2629
2630                for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) {
2631                        p = xdr_reserve_space(xdr, 4*3);
2632                        if (!p)
2633                                goto out_resource;
2634                        *p++ = cpu_to_be32(ace->type);
2635                        *p++ = cpu_to_be32(ace->flag);
2636                        *p++ = cpu_to_be32(ace->access_mask &
2637                                                        NFS4_ACE_MASK_ALL);
2638                        status = nfsd4_encode_aclname(xdr, rqstp, ace);
2639                        if (status)
2640                                goto out;
2641                }
2642        }
2643out_acl:
2644        if (bmval0 & FATTR4_WORD0_ACLSUPPORT) {
2645                p = xdr_reserve_space(xdr, 4);
2646                if (!p)
2647                        goto out_resource;
2648                *p++ = cpu_to_be32(IS_POSIXACL(dentry->d_inode) ?
2649                        ACL4_SUPPORT_ALLOW_ACL|ACL4_SUPPORT_DENY_ACL : 0);
2650        }
2651        if (bmval0 & FATTR4_WORD0_CANSETTIME) {
2652                p = xdr_reserve_space(xdr, 4);
2653                if (!p)
2654                        goto out_resource;
2655                *p++ = cpu_to_be32(1);
2656        }
2657        if (bmval0 & FATTR4_WORD0_CASE_INSENSITIVE) {
2658                p = xdr_reserve_space(xdr, 4);
2659                if (!p)
2660                        goto out_resource;
2661                *p++ = cpu_to_be32(0);
2662        }
2663        if (bmval0 & FATTR4_WORD0_CASE_PRESERVING) {
2664                p = xdr_reserve_space(xdr, 4);
2665                if (!p)
2666                        goto out_resource;
2667                *p++ = cpu_to_be32(1);
2668        }
2669        if (bmval0 & FATTR4_WORD0_CHOWN_RESTRICTED) {
2670                p = xdr_reserve_space(xdr, 4);
2671                if (!p)
2672                        goto out_resource;
2673                *p++ = cpu_to_be32(1);
2674        }
2675        if (bmval0 & FATTR4_WORD0_FILEHANDLE) {
2676                p = xdr_reserve_space(xdr, fhp->fh_handle.fh_size + 4);
2677                if (!p)
2678                        goto out_resource;
2679                p = xdr_encode_opaque(p, &fhp->fh_handle.fh_base,
2680                                        fhp->fh_handle.fh_size);
2681        }
2682        if (bmval0 & FATTR4_WORD0_FILEID) {
2683                p = xdr_reserve_space(xdr, 8);
2684                if (!p)
2685                        goto out_resource;
2686                p = xdr_encode_hyper(p, stat.ino);
2687        }
2688        if (bmval0 & FATTR4_WORD0_FILES_AVAIL) {
2689                p = xdr_reserve_space(xdr, 8);
2690                if (!p)
2691                        goto out_resource;
2692                p = xdr_encode_hyper(p, (u64) statfs.f_ffree);
2693        }
2694        if (bmval0 & FATTR4_WORD0_FILES_FREE) {
2695                p = xdr_reserve_space(xdr, 8);
2696                if (!p)
2697                        goto out_resource;
2698                p = xdr_encode_hyper(p, (u64) statfs.f_ffree);
2699        }
2700        if (bmval0 & FATTR4_WORD0_FILES_TOTAL) {
2701                p = xdr_reserve_space(xdr, 8);
2702                if (!p)
2703                        goto out_resource;
2704                p = xdr_encode_hyper(p, (u64) statfs.f_files);
2705        }
2706        if (bmval0 & FATTR4_WORD0_FS_LOCATIONS) {
2707                status = nfsd4_encode_fs_locations(xdr, rqstp, exp);
2708                if (status)
2709                        goto out;
2710        }
2711        if (bmval0 & FATTR4_WORD0_HOMOGENEOUS) {
2712                p = xdr_reserve_space(xdr, 4);
2713                if (!p)
2714                        goto out_resource;
2715                *p++ = cpu_to_be32(1);
2716        }
2717        if (bmval0 & FATTR4_WORD0_MAXFILESIZE) {
2718                p = xdr_reserve_space(xdr, 8);
2719                if (!p)
2720                        goto out_resource;
2721                p = xdr_encode_hyper(p, exp->ex_path.mnt->mnt_sb->s_maxbytes);
2722        }
2723        if (bmval0 & FATTR4_WORD0_MAXLINK) {
2724                p = xdr_reserve_space(xdr, 4);
2725                if (!p)
2726                        goto out_resource;
2727                *p++ = cpu_to_be32(255);
2728        }
2729        if (bmval0 & FATTR4_WORD0_MAXNAME) {
2730                p = xdr_reserve_space(xdr, 4);
2731                if (!p)
2732                        goto out_resource;
2733                *p++ = cpu_to_be32(statfs.f_namelen);
2734        }
2735        if (bmval0 & FATTR4_WORD0_MAXREAD) {
2736                p = xdr_reserve_space(xdr, 8);
2737                if (!p)
2738                        goto out_resource;
2739                p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp));
2740        }
2741        if (bmval0 & FATTR4_WORD0_MAXWRITE) {
2742                p = xdr_reserve_space(xdr, 8);
2743                if (!p)
2744                        goto out_resource;
2745                p = xdr_encode_hyper(p, (u64) svc_max_payload(rqstp));
2746        }
2747        if (bmval1 & FATTR4_WORD1_MODE) {
2748                p = xdr_reserve_space(xdr, 4);
2749                if (!p)
2750                        goto out_resource;
2751                *p++ = cpu_to_be32(stat.mode & S_IALLUGO);
2752        }
2753        if (bmval1 & FATTR4_WORD1_NO_TRUNC) {
2754                p = xdr_reserve_space(xdr, 4);
2755                if (!p)
2756                        goto out_resource;
2757                *p++ = cpu_to_be32(1);
2758        }
2759        if (bmval1 & FATTR4_WORD1_NUMLINKS) {
2760                p = xdr_reserve_space(xdr, 4);
2761                if (!p)
2762                        goto out_resource;
2763                *p++ = cpu_to_be32(stat.nlink);
2764        }
2765        if (bmval1 & FATTR4_WORD1_OWNER) {
2766                status = nfsd4_encode_user(xdr, rqstp, stat.uid);
2767                if (status)
2768                        goto out;
2769        }
2770        if (bmval1 & FATTR4_WORD1_OWNER_GROUP) {
2771                status = nfsd4_encode_group(xdr, rqstp, stat.gid);
2772                if (status)
2773                        goto out;
2774        }
2775        if (bmval1 & FATTR4_WORD1_RAWDEV) {
2776                p = xdr_reserve_space(xdr, 8);
2777                if (!p)
2778                        goto out_resource;
2779                *p++ = cpu_to_be32((u32) MAJOR(stat.rdev));
2780                *p++ = cpu_to_be32((u32) MINOR(stat.rdev));
2781        }
2782        if (bmval1 & FATTR4_WORD1_SPACE_AVAIL) {
2783                p = xdr_reserve_space(xdr, 8);
2784                if (!p)
2785                        goto out_resource;
2786                dummy64 = (u64)statfs.f_bavail * (u64)statfs.f_bsize;
2787                p = xdr_encode_hyper(p, dummy64);
2788        }
2789        if (bmval1 & FATTR4_WORD1_SPACE_FREE) {
2790                p = xdr_reserve_space(xdr, 8);
2791                if (!p)
2792                        goto out_resource;
2793                dummy64 = (u64)statfs.f_bfree * (u64)statfs.f_bsize;
2794                p = xdr_encode_hyper(p, dummy64);
2795        }
2796        if (bmval1 & FATTR4_WORD1_SPACE_TOTAL) {
2797                p = xdr_reserve_space(xdr, 8);
2798                if (!p)
2799                        goto out_resource;
2800                dummy64 = (u64)statfs.f_blocks * (u64)statfs.f_bsize;
2801                p = xdr_encode_hyper(p, dummy64);
2802        }
2803        if (bmval1 & FATTR4_WORD1_SPACE_USED) {
2804                p = xdr_reserve_space(xdr, 8);
2805                if (!p)
2806                        goto out_resource;
2807                dummy64 = (u64)stat.blocks << 9;
2808                p = xdr_encode_hyper(p, dummy64);
2809        }
2810        if (bmval1 & FATTR4_WORD1_TIME_ACCESS) {
2811                p = xdr_reserve_space(xdr, 12);
2812                if (!p)
2813                        goto out_resource;
2814                p = xdr_encode_hyper(p, (s64)stat.atime.tv_sec);
2815                *p++ = cpu_to_be32(stat.atime.tv_nsec);
2816        }
2817        if (bmval1 & FATTR4_WORD1_TIME_DELTA) {
2818                p = xdr_reserve_space(xdr, 12);
2819                if (!p)
2820                        goto out_resource;
2821                p = encode_time_delta(p, d_inode(dentry));
2822        }
2823        if (bmval1 & FATTR4_WORD1_TIME_METADATA) {
2824                p = xdr_reserve_space(xdr, 12);
2825                if (!p)
2826                        goto out_resource;
2827                p = xdr_encode_hyper(p, (s64)stat.ctime.tv_sec);
2828                *p++ = cpu_to_be32(stat.ctime.tv_nsec);
2829        }
2830        if (bmval1 & FATTR4_WORD1_TIME_MODIFY) {
2831                p = xdr_reserve_space(xdr, 12);
2832                if (!p)
2833                        goto out_resource;
2834                p = xdr_encode_hyper(p, (s64)stat.mtime.tv_sec);
2835                *p++ = cpu_to_be32(stat.mtime.tv_nsec);
2836        }
2837        if (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) {
2838                struct kstat parent_stat;
2839                u64 ino = stat.ino;
2840
2841                p = xdr_reserve_space(xdr, 8);
2842                if (!p)
2843                        goto out_resource;
2844                /*
2845                 * Get parent's attributes if not ignoring crossmount
2846                 * and this is the root of a cross-mounted filesystem.
2847                 */
2848                if (ignore_crossmnt == 0 &&
2849                    dentry == exp->ex_path.mnt->mnt_root) {
2850                        err = get_parent_attributes(exp, &parent_stat);
2851                        if (err)
2852                                goto out_nfserr;
2853                        ino = parent_stat.ino;
2854                }
2855                p = xdr_encode_hyper(p, ino);
2856        }
2857#ifdef CONFIG_NFSD_PNFS
2858        if (bmval1 & FATTR4_WORD1_FS_LAYOUT_TYPES) {
2859                status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types);
2860                if (status)
2861                        goto out;
2862        }
2863
2864        if (bmval2 & FATTR4_WORD2_LAYOUT_TYPES) {
2865                status = nfsd4_encode_layout_types(xdr, exp->ex_layout_types);
2866                if (status)
2867                        goto out;
2868        }
2869
2870        if (bmval2 & FATTR4_WORD2_LAYOUT_BLKSIZE) {
2871                p = xdr_reserve_space(xdr, 4);
2872                if (!p)
2873                        goto out_resource;
2874                *p++ = cpu_to_be32(stat.blksize);
2875        }
2876#endif /* CONFIG_NFSD_PNFS */
2877        if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) {
2878                u32 supp[3];
2879
2880                memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
2881                supp[0] &= NFSD_SUPPATTR_EXCLCREAT_WORD0;
2882                supp[1] &= NFSD_SUPPATTR_EXCLCREAT_WORD1;
2883                supp[2] &= NFSD_SUPPATTR_EXCLCREAT_WORD2;
2884
2885                status = nfsd4_encode_bitmap(xdr, supp[0], supp[1], supp[2]);
2886                if (status)
2887                        goto out;
2888        }
2889
2890        if (bmval2 & FATTR4_WORD2_CHANGE_ATTR_TYPE) {
2891                p = xdr_reserve_space(xdr, 4);
2892                if (!p)
2893                        goto out_resource;
2894                if (IS_I_VERSION(d_inode(dentry)))
2895                        *p++ = cpu_to_be32(NFS4_CHANGE_TYPE_IS_MONOTONIC_INCR);
2896                else
2897                        *p++ = cpu_to_be32(NFS4_CHANGE_TYPE_IS_TIME_METADATA);
2898        }
2899
2900#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2901        if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) {
2902                status = nfsd4_encode_security_label(xdr, rqstp, context,
2903                                                                contextlen);
2904                if (status)
2905                        goto out;
2906        }
2907#endif
2908
2909        attrlen = htonl(xdr->buf->len - attrlen_offset - 4);
2910        write_bytes_to_xdr_buf(xdr->buf, attrlen_offset, &attrlen, 4);
2911        status = nfs_ok;
2912
2913out:
2914#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2915        if (context)
2916                security_release_secctx(context, contextlen);
2917#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
2918        kfree(acl);
2919        if (tempfh) {
2920                fh_put(tempfh);
2921                kfree(tempfh);
2922        }
2923        if (status)
2924                xdr_truncate_encode(xdr, starting_len);
2925        return status;
2926out_nfserr:
2927        status = nfserrno(err);
2928        goto out;
2929out_resource:
2930        status = nfserr_resource;
2931        goto out;
2932}
2933
2934static void svcxdr_init_encode_from_buffer(struct xdr_stream *xdr,
2935                                struct xdr_buf *buf, __be32 *p, int bytes)
2936{
2937        xdr->scratch.iov_len = 0;
2938        memset(buf, 0, sizeof(struct xdr_buf));
2939        buf->head[0].iov_base = p;
2940        buf->head[0].iov_len = 0;
2941        buf->len = 0;
2942        xdr->buf = buf;
2943        xdr->iov = buf->head;
2944        xdr->p = p;
2945        xdr->end = (void *)p + bytes;
2946        buf->buflen = bytes;
2947}
2948
2949__be32 nfsd4_encode_fattr_to_buf(__be32 **p, int words,
2950                        struct svc_fh *fhp, struct svc_export *exp,
2951                        struct dentry *dentry, u32 *bmval,
2952                        struct svc_rqst *rqstp, int ignore_crossmnt)
2953{
2954        struct xdr_buf dummy;
2955        struct xdr_stream xdr;
2956        __be32 ret;
2957
2958        svcxdr_init_encode_from_buffer(&xdr, &dummy, *p, words << 2);
2959        ret = nfsd4_encode_fattr(&xdr, fhp, exp, dentry, bmval, rqstp,
2960                                                        ignore_crossmnt);
2961        *p = xdr.p;
2962        return ret;
2963}
2964
2965static inline int attributes_need_mount(u32 *bmval)
2966{
2967        if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME))
2968                return 1;
2969        if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID)
2970                return 1;
2971        return 0;
2972}
2973
2974static __be32
2975nfsd4_encode_dirent_fattr(struct xdr_stream *xdr, struct nfsd4_readdir *cd,
2976                        const char *name, int namlen)
2977{
2978        struct svc_export *exp = cd->rd_fhp->fh_export;
2979        struct dentry *dentry;
2980        __be32 nfserr;
2981        int ignore_crossmnt = 0;
2982
2983        dentry = lookup_one_len_unlocked(name, cd->rd_fhp->fh_dentry, namlen);
2984        if (IS_ERR(dentry))
2985                return nfserrno(PTR_ERR(dentry));
2986        if (d_really_is_negative(dentry)) {
2987                /*
2988                 * we're not holding the i_mutex here, so there's
2989                 * a window where this directory entry could have gone
2990                 * away.
2991                 */
2992                dput(dentry);
2993                return nfserr_noent;
2994        }
2995
2996        exp_get(exp);
2997        /*
2998         * In the case of a mountpoint, the client may be asking for
2999         * attributes that are only properties of the underlying filesystem
3000         * as opposed to the cross-mounted file system. In such a case,

3001         * we will not follow the cross mount and will fill the attribtutes
3002         * directly from the mountpoint dentry.
3003         */
3004        if (nfsd_mountpoint(dentry, exp)) {
3005                int err;
3006
3007                if (!(exp->ex_flags & NFSEXP_V4ROOT)
3008                                && !attributes_need_mount(cd->rd_bmval)) {
3009                        ignore_crossmnt = 1;
3010                        goto out_encode;
3011                }
3012                /*
3013                 * Why the heck aren't we just using nfsd_lookup??
3014                 * Different "."/".." handling?  Something else?
3015                 * At least, add a comment here to explain....
3016                 */
3017                err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp);
3018                if (err) {
3019                        nfserr = nfserrno(err);
3020                        goto out_put;
3021                }
3022                nfserr = check_nfsd_access(exp, cd->rd_rqstp);
3023                if (nfserr)
3024                        goto out_put;
3025
3026        }
3027out_encode:
3028        nfserr = nfsd4_encode_fattr(xdr, NULL, exp, dentry, cd->rd_bmval,
3029                                        cd->rd_rqstp, ignore_crossmnt);
3030out_put:
3031        dput(dentry);
3032        exp_put(exp);
3033        return nfserr;
3034}
3035
3036static __be32 *
3037nfsd4_encode_rdattr_error(struct xdr_stream *xdr, __be32 nfserr)
3038{
3039        __be32 *p;
3040
3041        p = xdr_reserve_space(xdr, 20);
3042        if (!p)
3043                return NULL;
3044        *p++ = htonl(2);
3045        *p++ = htonl(FATTR4_WORD0_RDATTR_ERROR); /* bmval0 */
3046        *p++ = htonl(0);                         /* bmval1 */
3047
3048        *p++ = htonl(4);     /* attribute length */
3049        *p++ = nfserr;       /* no htonl */
3050        return p;
3051}
3052
3053static int
3054nfsd4_encode_dirent(void *ccdv, const char *name, int namlen,
3055                    loff_t offset, u64 ino, unsigned int d_type)
3056{
3057        struct readdir_cd *ccd = ccdv;
3058        struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common);
3059        struct xdr_stream *xdr = cd->xdr;
3060        int start_offset = xdr->buf->len;
3061        int cookie_offset;
3062        u32 name_and_cookie;
3063        int entry_bytes;
3064        __be32 nfserr = nfserr_toosmall;
3065        __be64 wire_offset;
3066        __be32 *p;
3067
3068        /* In nfsv4, "." and ".." never make it onto the wire.. */
3069        if (name && isdotent(name, namlen)) {
3070                cd->common.err = nfs_ok;
3071                return 0;
3072        }
3073
3074        if (cd->cookie_offset) {
3075                wire_offset = cpu_to_be64(offset);
3076                write_bytes_to_xdr_buf(xdr->buf, cd->cookie_offset,
3077                                                        &wire_offset, 8);
3078        }
3079
3080        p = xdr_reserve_space(xdr, 4);
3081        if (!p)
3082                goto fail;
3083        *p++ = xdr_one;                             /* mark entry present */
3084        cookie_offset = xdr->buf->len;
3085        p = xdr_reserve_space(xdr, 3*4 + namlen);
3086        if (!p)
3087                goto fail;
3088        p = xdr_encode_hyper(p, NFS_OFFSET_MAX);    /* offset of next entry */
3089        p = xdr_encode_array(p, name, namlen);      /* name length & name */
3090
3091        nfserr = nfsd4_encode_dirent_fattr(xdr, cd, name, namlen);
3092        switch (nfserr) {
3093        case nfs_ok:
3094                break;
3095        case nfserr_resource:
3096                nfserr = nfserr_toosmall;
3097                goto fail;
3098        case nfserr_noent:
3099                xdr_truncate_encode(xdr, start_offset);
3100                goto skip_entry;
3101        default:
3102                /*
3103                 * If the client requested the RDATTR_ERROR attribute,
3104                 * we stuff the error code into this attribute
3105                 * and continue.  If this attribute was not requested,
3106                 * then in accordance with the spec, we fail the
3107                 * entire READDIR operation(!)
3108                 */
3109                if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR))
3110                        goto fail;
3111                p = nfsd4_encode_rdattr_error(xdr, nfserr);
3112                if (p == NULL) {
3113                        nfserr = nfserr_toosmall;
3114                        goto fail;
3115                }
3116        }
3117        nfserr = nfserr_toosmall;
3118        entry_bytes = xdr->buf->len - start_offset;
3119        if (entry_bytes > cd->rd_maxcount)
3120                goto fail;
3121        cd->rd_maxcount -= entry_bytes;
3122        /*
3123         * RFC 3530 14.2.24 describes rd_dircount as only a "hint", so
3124         * let's always let through the first entry, at least:
3125         */
3126        if (!cd->rd_dircount)
3127                goto fail;
3128        name_and_cookie = 4 + 4 * XDR_QUADLEN(namlen) + 8;
3129        if (name_and_cookie > cd->rd_dircount && cd->cookie_offset)
3130                goto fail;
3131        cd->rd_dircount -= min(cd->rd_dircount, name_and_cookie);
3132
3133        cd->cookie_offset = cookie_offset;
3134skip_entry:
3135        cd->common.err = nfs_ok;
3136        return 0;
3137fail:
3138        xdr_truncate_encode(xdr, start_offset);
3139        cd->common.err = nfserr;
3140        return -EINVAL;
3141}
3142
3143static __be32
3144nfsd4_encode_stateid(struct xdr_stream *xdr, stateid_t *sid)
3145{
3146        __be32 *p;
3147
3148        p = xdr_reserve_space(xdr, sizeof(stateid_t));
3149        if (!p)
3150                return nfserr_resource;
3151        *p++ = cpu_to_be32(sid->si_generation);
3152        p = xdr_encode_opaque_fixed(p, &sid->si_opaque,
3153                                        sizeof(stateid_opaque_t));
3154        return 0;
3155}
3156
3157static __be32
3158nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_access *access)
3159{
3160        struct xdr_stream *xdr = &resp->xdr;
3161        __be32 *p;
3162
3163        p = xdr_reserve_space(xdr, 8);
3164        if (!p)
3165                return nfserr_resource;
3166        *p++ = cpu_to_be32(access->ac_supported);
3167        *p++ = cpu_to_be32(access->ac_resp_access);
3168        return 0;
3169}
3170
3171static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_bind_conn_to_session *bcts)
3172{
3173        struct xdr_stream *xdr = &resp->xdr;
3174        __be32 *p;
3175
3176        p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 8);
3177        if (!p)
3178                return nfserr_resource;
3179        p = xdr_encode_opaque_fixed(p, bcts->sessionid.data,
3180                                        NFS4_MAX_SESSIONID_LEN);
3181        *p++ = cpu_to_be32(bcts->dir);
3182        /* Upshifting from TCP to RDMA is not supported */
3183        *p++ = cpu_to_be32(0);
3184        return 0;
3185}
3186
3187static __be32
3188nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_close *close)
3189{
3190        struct xdr_stream *xdr = &resp->xdr;
3191
3192        return nfsd4_encode_stateid(xdr, &close->cl_stateid);
3193}
3194
3195
3196static __be32
3197nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_commit *commit)
3198{
3199        struct xdr_stream *xdr = &resp->xdr;
3200        __be32 *p;
3201
3202        p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
3203        if (!p)
3204                return nfserr_resource;
3205        p = xdr_encode_opaque_fixed(p, commit->co_verf.data,
3206                                                NFS4_VERIFIER_SIZE);
3207        return 0;
3208}
3209
3210static __be32
3211nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_create *create)
3212{
3213        struct xdr_stream *xdr = &resp->xdr;
3214        __be32 *p;
3215
3216        p = xdr_reserve_space(xdr, 20);
3217        if (!p)
3218                return nfserr_resource;
3219        encode_cinfo(p, &create->cr_cinfo);
3220        nfserr = nfsd4_encode_bitmap(xdr, create->cr_bmval[0],
3221                        create->cr_bmval[1], create->cr_bmval[2]);
3222        return 0;
3223}
3224
3225static __be32
3226nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_getattr *getattr)
3227{
3228        struct svc_fh *fhp = getattr->ga_fhp;
3229        struct xdr_stream *xdr = &resp->xdr;
3230
3231        return nfsd4_encode_fattr(xdr, fhp, fhp->fh_export, fhp->fh_dentry,
3232                                    getattr->ga_bmval, resp->rqstp, 0);
3233}
3234
3235static __be32
3236nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr, struct svc_fh **fhpp)
3237{
3238        struct xdr_stream *xdr = &resp->xdr;
3239        struct svc_fh *fhp = *fhpp;
3240        unsigned int len;
3241        __be32 *p;
3242
3243        len = fhp->fh_handle.fh_size;
3244        p = xdr_reserve_space(xdr, len + 4);
3245        if (!p)
3246                return nfserr_resource;
3247        p = xdr_encode_opaque(p, &fhp->fh_handle.fh_base, len);
3248        return 0;
3249}
3250
3251/*
3252* Including all fields other than the name, a LOCK4denied structure requires
3253*   8(clientid) + 4(namelen) + 8(offset) + 8(length) + 4(type) = 32 bytes.
3254*/
3255static __be32
3256nfsd4_encode_lock_denied(struct xdr_stream *xdr, struct nfsd4_lock_denied *ld)
3257{
3258        struct xdr_netobj *conf = &ld->ld_owner;
3259        __be32 *p;
3260
3261again:
3262        p = xdr_reserve_space(xdr, 32 + XDR_LEN(conf->len));
3263        if (!p) {
3264                /*
3265                 * Don't fail to return the result just because we can't
3266                 * return the conflicting open:
3267                 */
3268                if (conf->len) {
3269                        kfree(conf->data);
3270                        conf->len = 0;
3271                        conf->data = NULL;
3272                        goto again;
3273                }
3274                return nfserr_resource;
3275        }
3276        p = xdr_encode_hyper(p, ld->ld_start);
3277        p = xdr_encode_hyper(p, ld->ld_length);
3278        *p++ = cpu_to_be32(ld->ld_type);
3279        if (conf->len) {
3280                p = xdr_encode_opaque_fixed(p, &ld->ld_clientid, 8);
3281                p = xdr_encode_opaque(p, conf->data, conf->len);
3282                kfree(conf->data);
3283        }  else {  /* non - nfsv4 lock in conflict, no clientid nor owner */
3284                p = xdr_encode_hyper(p, (u64)0); /* clientid */
3285                *p++ = cpu_to_be32(0); /* length of owner name */
3286        }
3287        return nfserr_denied;
3288}
3289
3290static __be32
3291nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lock *lock)
3292{
3293        struct xdr_stream *xdr = &resp->xdr;
3294
3295        if (!nfserr)
3296                nfserr = nfsd4_encode_stateid(xdr, &lock->lk_resp_stateid);
3297        else if (nfserr == nfserr_denied)
3298                nfserr = nfsd4_encode_lock_denied(xdr, &lock->lk_denied);
3299
3300        return nfserr;
3301}
3302
3303static __be32
3304nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_lockt *lockt)
3305{
3306        struct xdr_stream *xdr = &resp->xdr;
3307
3308        if (nfserr == nfserr_denied)
3309                nfsd4_encode_lock_denied(xdr, &lockt->lt_denied);
3310        return nfserr;
3311}
3312
3313static __be32
3314nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_locku *locku)
3315{
3316        struct xdr_stream *xdr = &resp->xdr;
3317
3318        return nfsd4_encode_stateid(xdr, &locku->lu_stateid);
3319}
3320
3321
3322static __be32
3323nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_link *link)
3324{
3325        struct xdr_stream *xdr = &resp->xdr;
3326        __be32 *p;
3327
3328        p = xdr_reserve_space(xdr, 20);
3329        if (!p)
3330                return nfserr_resource;
3331        p = encode_cinfo(p, &link->li_cinfo);
3332        return 0;
3333}
3334
3335
3336static __be32
3337nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open *open)
3338{
3339        struct xdr_stream *xdr = &resp->xdr;
3340        __be32 *p;
3341
3342        nfserr = nfsd4_encode_stateid(xdr, &open->op_stateid);
3343        if (nfserr)
3344                return nfserr;
3345        p = xdr_reserve_space(xdr, 24);
3346        if (!p)
3347                return nfserr_resource;
3348        p = encode_cinfo(p, &open->op_cinfo);
3349        *p++ = cpu_to_be32(open->op_rflags);
3350
3351        nfserr = nfsd4_encode_bitmap(xdr, open->op_bmval[0], open->op_bmval[1],
3352                                        open->op_bmval[2]);
3353        if (nfserr)
3354                return nfserr;
3355
3356        p = xdr_reserve_space(xdr, 4);
3357        if (!p)
3358                return nfserr_resource;
3359
3360        *p++ = cpu_to_be32(open->op_delegate_type);
3361        switch (open->op_delegate_type) {
3362        case NFS4_OPEN_DELEGATE_NONE:
3363                break;
3364        case NFS4_OPEN_DELEGATE_READ:
3365                nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid);
3366                if (nfserr)
3367                        return nfserr;
3368                p = xdr_reserve_space(xdr, 20);
3369                if (!p)
3370                        return nfserr_resource;
3371                *p++ = cpu_to_be32(open->op_recall);
3372
3373                /*
3374                 * TODO: ACE's in delegations
3375                 */
3376                *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
3377                *p++ = cpu_to_be32(0);
3378                *p++ = cpu_to_be32(0);
3379                *p++ = cpu_to_be32(0);   /* XXX: is NULL principal ok? */
3380                break;
3381        case NFS4_OPEN_DELEGATE_WRITE:
3382                nfserr = nfsd4_encode_stateid(xdr, &open->op_delegate_stateid);
3383                if (nfserr)
3384                        return nfserr;
3385                p = xdr_reserve_space(xdr, 32);
3386                if (!p)
3387                        return nfserr_resource;
3388                *p++ = cpu_to_be32(0);
3389
3390                /*
3391                 * TODO: space_limit's in delegations
3392                 */
3393                *p++ = cpu_to_be32(NFS4_LIMIT_SIZE);
3394                *p++ = cpu_to_be32(~(u32)0);
3395                *p++ = cpu_to_be32(~(u32)0);
3396
3397                /*
3398                 * TODO: ACE's in delegations
3399                 */
3400                *p++ = cpu_to_be32(NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
3401                *p++ = cpu_to_be32(0);
3402                *p++ = cpu_to_be32(0);
3403                *p++ = cpu_to_be32(0);   /* XXX: is NULL principal ok? */
3404                break;
3405        case NFS4_OPEN_DELEGATE_NONE_EXT: /* 4.1 */
3406                switch (open->op_why_no_deleg) {
3407                case WND4_CONTENTION:
3408                case WND4_RESOURCE:
3409                        p = xdr_reserve_space(xdr, 8);
3410                        if (!p)
3411                                return nfserr_resource;
3412                        *p++ = cpu_to_be32(open->op_why_no_deleg);
3413                        /* deleg signaling not supported yet: */
3414                        *p++ = cpu_to_be32(0);
3415                        break;
3416                default:
3417                        p = xdr_reserve_space(xdr, 4);
3418                        if (!p)
3419                                return nfserr_resource;
3420                        *p++ = cpu_to_be32(open->op_why_no_deleg);
3421                }
3422                break;
3423        default:
3424                BUG();
3425        }
3426        /* XXX save filehandle here */
3427        return 0;
3428}
3429
3430static __be32
3431nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_confirm *oc)
3432{
3433        struct xdr_stream *xdr = &resp->xdr;
3434
3435        return nfsd4_encode_stateid(xdr, &oc->oc_resp_stateid);
3436}
3437
3438static __be32
3439nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_open_downgrade *od)
3440{
3441        struct xdr_stream *xdr = &resp->xdr;
3442
3443        return nfsd4_encode_stateid(xdr, &od->od_stateid);
3444}
3445
3446static __be32 nfsd4_encode_splice_read(
3447                                struct nfsd4_compoundres *resp,
3448                                struct nfsd4_read *read,
3449                                struct file *file, unsigned long maxcount)
3450{
3451        struct xdr_stream *xdr = &resp->xdr;
3452        struct xdr_buf *buf = xdr->buf;
3453        u32 eof;
3454        long len;
3455        int space_left;
3456        __be32 nfserr;
3457        __be32 *p = xdr->p - 2;
3458
3459        /* Make sure there will be room for padding if needed */
3460        if (xdr->end - xdr->p < 1)
3461                return nfserr_resource;
3462
3463        len = maxcount;
3464        nfserr = nfsd_splice_read(read->rd_rqstp, read->rd_fhp,
3465                                  file, read->rd_offset, &maxcount);
3466        read->rd_length = maxcount;
3467        if (nfserr) {
3468                /*
3469                 * nfsd_splice_actor may have already messed with the
3470                 * page length; reset it so as not to confuse
3471                 * xdr_truncate_encode:
3472                 */
3473                buf->page_len = 0;
3474                return nfserr;
3475        }
3476
3477        eof = nfsd_eof_on_read(len, maxcount, read->rd_offset,
3478                                d_inode(read->rd_fhp->fh_dentry)->i_size);
3479
3480        *(p++) = htonl(eof);
3481        *(p++) = htonl(maxcount);
3482
3483        buf->page_len = maxcount;
3484        buf->len += maxcount;
3485        xdr->page_ptr += (buf->page_base + maxcount + PAGE_SIZE - 1)
3486                                                        / PAGE_SIZE;
3487
3488        /* Use rest of head for padding and remaining ops: */
3489        buf->tail[0].iov_base = xdr->p;
3490        buf->tail[0].iov_len = 0;
3491        xdr->iov = buf->tail;
3492        if (maxcount&3) {
3493                int pad = 4 - (maxcount&3);
3494
3495                *(xdr->p++) = 0;
3496
3497                buf->tail[0].iov_base += maxcount&3;
3498                buf->tail[0].iov_len = pad;
3499                buf->len += pad;
3500        }
3501
3502        space_left = min_t(int, (void *)xdr->end - (void *)xdr->p,
3503                                buf->buflen - buf->len);
3504        buf->buflen = buf->len + space_left;
3505        xdr->end = (__be32 *)((void *)xdr->end + space_left);
3506
3507        return 0;
3508}
3509
3510static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp,
3511                                 struct nfsd4_read *read,
3512                                 struct file *file, unsigned long maxcount)
3513{
3514        struct xdr_stream *xdr = &resp->xdr;
3515        u32 eof;
3516        int v;
3517        int starting_len = xdr->buf->len - 8;
3518        long len;
3519        int thislen;
3520        __be32 nfserr;
3521        __be32 tmp;
3522        __be32 *p;
3523        u32 zzz = 0;
3524        int pad;
3525
3526        len = maxcount;
3527        v = 0;
3528
3529        thislen = min_t(long, len, ((void *)xdr->end - (void *)xdr->p));
3530        p = xdr_reserve_space(xdr, (thislen+3)&~3);
3531        WARN_ON_ONCE(!p);
3532        resp->rqstp->rq_vec[v].iov_base = p;
3533        resp->rqstp->rq_vec[v].iov_len = thislen;
3534        v++;
3535        len -= thislen;
3536
3537        while (len) {
3538                thislen = min_t(long, len, PAGE_SIZE);
3539                p = xdr_reserve_space(xdr, (thislen+3)&~3);
3540                WARN_ON_ONCE(!p);
3541                resp->rqstp->rq_vec[v].iov_base = p;
3542                resp->rqstp->rq_vec[v].iov_len = thislen;
3543                v++;
3544                len -= thislen;
3545        }
3546        read->rd_vlen = v;
3547
3548        len = maxcount;
3549        nfserr = nfsd_readv(resp->rqstp, read->rd_fhp, file, read->rd_offset,
3550                            resp->rqstp->rq_vec, read->rd_vlen, &maxcount);
3551        read->rd_length = maxcount;
3552        if (nfserr)
3553                return nfserr;
3554        xdr_truncate_encode(xdr, starting_len + 8 + ((maxcount+3)&~3));
3555
3556        eof = nfsd_eof_on_read(len, maxcount, read->rd_offset,
3557                                d_inode(read->rd_fhp->fh_dentry)->i_size);
3558
3559        tmp = htonl(eof);
3560        write_bytes_to_xdr_buf(xdr->buf, starting_len    , &tmp, 4);
3561        tmp = htonl(maxcount);
3562        write_bytes_to_xdr_buf(xdr->buf, starting_len + 4, &tmp, 4);
3563
3564        pad = (maxcount&3) ? 4 - (maxcount&3) : 0;
3565        write_bytes_to_xdr_buf(xdr->buf, starting_len + 8 + maxcount,
3566                                                                &zzz, pad);
3567        return 0;
3568
3569}
3570
3571static __be32
3572nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr,
3573                  struct nfsd4_read *read)
3574{
3575        unsigned long maxcount;
3576        struct xdr_stream *xdr = &resp->xdr;
3577        struct file *file = read->rd_filp;
3578        int starting_len = xdr->buf->len;
3579        struct raparms *ra = NULL;
3580        __be32 *p;
3581
3582        p = xdr_reserve_space(xdr, 8); /* eof flag and byte count */
3583        if (!p) {
3584                WARN_ON_ONCE(test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags));
3585                return nfserr_resource;
3586        }
3587        if (resp->xdr.buf->page_len &&
3588            test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags)) {
3589                WARN_ON_ONCE(1);
3590                return nfserr_resource;
3591        }
3592        xdr_commit_encode(xdr);
3593
3594        maxcount = svc_max_payload(resp->rqstp);
3595        maxcount = min_t(unsigned long, maxcount,
3596                         (xdr->buf->buflen - xdr->buf->len));
3597        maxcount = min_t(unsigned long, maxcount, read->rd_length);
3598
3599        if (read->rd_tmp_file)
3600                ra = nfsd_init_raparms(file);
3601
3602        if (file->f_op->splice_read &&
3603            test_bit(RQ_SPLICE_OK, &resp->rqstp->rq_flags))
3604                nfserr = nfsd4_encode_splice_read(resp, read, file, maxcount);
3605        else
3606                nfserr = nfsd4_encode_readv(resp, read, file, maxcount);
3607
3608        if (ra)
3609                nfsd_put_raparams(file, ra);
3610
3611        if (nfserr)
3612                xdr_truncate_encode(xdr, starting_len);
3613
3614        return nfserr;
3615}
3616
3617static __be32
3618nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readlink *readlink)
3619{
3620        int maxcount;
3621        __be32 wire_count;
3622        int zero = 0;
3623        struct xdr_stream *xdr = &resp->xdr;
3624        int length_offset = xdr->buf->len;
3625        __be32 *p;
3626
3627        p = xdr_reserve_space(xdr, 4);
3628        if (!p)
3629                return nfserr_resource;
3630        maxcount = PAGE_SIZE;
3631
3632        p = xdr_reserve_space(xdr, maxcount);
3633        if (!p)
3634                return nfserr_resource;
3635        /*
3636         * XXX: By default, vfs_readlink() will truncate symlinks if they
3637         * would overflow the buffer.  Is this kosher in NFSv4?  If not, one
3638         * easy fix is: if vfs_readlink() precisely fills the buffer, assume
3639         * that truncation occurred, and return NFS4ERR_RESOURCE.
3640         */
3641        nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp,
3642                                                (char *)p, &maxcount);
3643        if (nfserr == nfserr_isdir)
3644                nfserr = nfserr_inval;
3645        if (nfserr) {
3646                xdr_truncate_encode(xdr, length_offset);
3647                return nfserr;
3648        }
3649
3650        wire_count = htonl(maxcount);
3651        write_bytes_to_xdr_buf(xdr->buf, length_offset, &wire_count, 4);
3652        xdr_truncate_encode(xdr, length_offset + 4 + ALIGN(maxcount, 4));
3653        if (maxcount & 3)
3654                write_bytes_to_xdr_buf(xdr->buf, length_offset + 4 + maxcount,
3655                                                &zero, 4 - (maxcount&3));
3656        return 0;
3657}
3658
3659static __be32
3660nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_readdir *readdir)
3661{
3662        int maxcount;
3663        int bytes_left;
3664        loff_t offset;
3665        __be64 wire_offset;
3666        struct xdr_stream *xdr = &resp->xdr;
3667        int starting_len = xdr->buf->len;
3668        __be32 *p;
3669
3670        p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
3671        if (!p)
3672                return nfserr_resource;
3673
3674        /* XXX: Following NFSv3, we ignore the READDIR verifier for now. */
3675        *p++ = cpu_to_be32(0);
3676        *p++ = cpu_to_be32(0);
3677        resp->xdr.buf->head[0].iov_len = ((char *)resp->xdr.p)
3678                                - (char *)resp->xdr.buf->head[0].iov_base;
3679
3680        /*
3681         * Number of bytes left for directory entries allowing for the
3682         * final 8 bytes of the readdir and a following failed op:
3683         */
3684        bytes_left = xdr->buf->buflen - xdr->buf->len
3685                        - COMPOUND_ERR_SLACK_SPACE - 8;
3686        if (bytes_left < 0) {
3687                nfserr = nfserr_resource;
3688                goto err_no_verf;
3689        }
3690        maxcount = svc_max_payload(resp->rqstp);
3691        maxcount = min_t(u32, readdir->rd_maxcount, maxcount);
3692        /*
3693         * Note the rfc defines rd_maxcount as the size of the
3694         * READDIR4resok structure, which includes the verifier above
3695         * and the 8 bytes encoded at the end of this function:
3696         */
3697        if (maxcount < 16) {
3698                nfserr = nfserr_toosmall;
3699                goto err_no_verf;
3700        }
3701        maxcount = min_t(int, maxcount-16, bytes_left);
3702
3703        /* RFC 3530 14.2.24 allows us to ignore dircount when it's 0: */
3704        if (!readdir->rd_dircount)
3705                readdir->rd_dircount = svc_max_payload(resp->rqstp);
3706
3707        readdir->xdr = xdr;
3708        readdir->rd_maxcount = maxcount;
3709        readdir->common.err = 0;
3710        readdir->cookie_offset = 0;
3711
3712        offset = readdir->rd_cookie;
3713        nfserr = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp,
3714                              &offset,
3715                              &readdir->common, nfsd4_encode_dirent);
3716        if (nfserr == nfs_ok &&
3717            readdir->common.err == nfserr_toosmall &&
3718            xdr->buf->len == starting_len + 8) {
3719                /* nothing encoded; which limit did we hit?: */
3720                if (maxcount - 16 < bytes_left)
3721                        /* It was the fault of rd_maxcount: */
3722                        nfserr = nfserr_toosmall;
3723                else
3724                        /* We ran out of buffer space: */
3725                        nfserr = nfserr_resource;
3726        }
3727        if (nfserr)
3728                goto err_no_verf;
3729
3730        if (readdir->cookie_offset) {
3731                wire_offset = cpu_to_be64(offset);
3732                write_bytes_to_xdr_buf(xdr->buf, readdir->cookie_offset,
3733                                                        &wire_offset, 8);
3734        }
3735
3736        p = xdr_reserve_space(xdr, 8);
3737        if (!p) {
3738                WARN_ON_ONCE(1);
3739                goto err_no_verf;
3740        }
3741        *p++ = 0;       /* no more entries */
3742        *p++ = htonl(readdir->common.err == nfserr_eof);
3743
3744        return 0;
3745err_no_verf:
3746        xdr_truncate_encode(xdr, starting_len);
3747        return nfserr;
3748}
3749
3750static __be32
3751nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_remove *remove)
3752{
3753        struct xdr_stream *xdr = &resp->xdr;
3754        __be32 *p;
3755
3756        p = xdr_reserve_space(xdr, 20);
3757        if (!p)
3758                return nfserr_resource;
3759        p = encode_cinfo(p, &remove->rm_cinfo);
3760        return 0;
3761}
3762
3763static __be32
3764nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_rename *rename)
3765{
3766        struct xdr_stream *xdr = &resp->xdr;
3767        __be32 *p;
3768
3769        p = xdr_reserve_space(xdr, 40);
3770        if (!p)
3771                return nfserr_resource;
3772        p = encode_cinfo(p, &rename->rn_sinfo);
3773        p = encode_cinfo(p, &rename->rn_tinfo);
3774        return 0;
3775}
3776
3777static __be32
3778nfsd4_do_encode_secinfo(struct xdr_stream *xdr, struct svc_export *exp)
3779{
3780        u32 i, nflavs, supported;
3781        struct exp_flavor_info *flavs;
3782        struct exp_flavor_info def_flavs[2];
3783        __be32 *p, *flavorsp;
3784        static bool report = true;
3785
3786        if (exp->ex_nflavors) {
3787                flavs = exp->ex_flavors;
3788                nflavs = exp->ex_nflavors;
3789        } else { /* Handling of some defaults in absence of real secinfo: */
3790                flavs = def_flavs;
3791                if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) {
3792                        nflavs = 2;
3793                        flavs[0].pseudoflavor = RPC_AUTH_UNIX;
3794                        flavs[1].pseudoflavor = RPC_AUTH_NULL;
3795                } else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) {
3796                        nflavs = 1;
3797                        flavs[0].pseudoflavor
3798                                        = svcauth_gss_flavor(exp->ex_client);
3799                } else {
3800                        nflavs = 1;
3801                        flavs[0].pseudoflavor
3802                                        = exp->ex_client->flavour->flavour;
3803                }
3804        }
3805
3806        supported = 0;
3807        p = xdr_reserve_space(xdr, 4);
3808        if (!p)
3809                return nfserr_resource;
3810        flavorsp = p++;         /* to be backfilled later */
3811
3812        for (i = 0; i < nflavs; i++) {
3813                rpc_authflavor_t pf = flavs[i].pseudoflavor;
3814                struct rpcsec_gss_info info;
3815
3816                if (rpcauth_get_gssinfo(pf, &info) == 0) {
3817                        supported++;
3818                        p = xdr_reserve_space(xdr, 4 + 4 +
3819                                              XDR_LEN(info.oid.len) + 4 + 4);
3820                        if (!p)
3821                                return nfserr_resource;
3822                        *p++ = cpu_to_be32(RPC_AUTH_GSS);
3823                        p = xdr_encode_opaque(p,  info.oid.data, info.oid.len);
3824                        *p++ = cpu_to_be32(info.qop);
3825                        *p++ = cpu_to_be32(info.service);
3826                } else if (pf < RPC_AUTH_MAXFLAVOR) {
3827                        supported++;
3828                        p = xdr_reserve_space(xdr, 4);
3829                        if (!p)
3830                                return nfserr_resource;
3831                        *p++ = cpu_to_be32(pf);
3832                } else {
3833                        if (report)
3834                                pr_warn("NFS: SECINFO: security flavor %u "
3835                                        "is not supported\n", pf);
3836                }
3837        }
3838
3839        if (nflavs != supported)
3840                report = false;
3841        *flavorsp = htonl(supported);
3842        return 0;
3843}
3844
3845static __be32
3846nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
3847                     struct nfsd4_secinfo *secinfo)
3848{
3849        struct xdr_stream *xdr = &resp->xdr;
3850
3851        return nfsd4_do_encode_secinfo(xdr, secinfo->si_exp);
3852}
3853
3854static __be32
3855nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr,
3856                     struct nfsd4_secinfo_no_name *secinfo)
3857{
3858        struct xdr_stream *xdr = &resp->xdr;
3859
3860        return nfsd4_do_encode_secinfo(xdr, secinfo->sin_exp);
3861}
3862
3863/*
3864 * The SETATTR encode routine is special -- it always encodes a bitmap,
3865 * regardless of the error status.
3866 */
3867static __be32
3868nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setattr *setattr)
3869{
3870        struct xdr_stream *xdr = &resp->xdr;
3871        __be32 *p;
3872
3873        p = xdr_reserve_space(xdr, 16);
3874        if (!p)
3875                return nfserr_resource;
3876        if (nfserr) {
3877                *p++ = cpu_to_be32(3);
3878                *p++ = cpu_to_be32(0);
3879                *p++ = cpu_to_be32(0);
3880                *p++ = cpu_to_be32(0);
3881        }
3882        else {
3883                *p++ = cpu_to_be32(3);
3884                *p++ = cpu_to_be32(setattr->sa_bmval[0]);
3885                *p++ = cpu_to_be32(setattr->sa_bmval[1]);
3886                *p++ = cpu_to_be32(setattr->sa_bmval[2]);
3887        }
3888        return nfserr;
3889}
3890
3891static __be32
3892nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_setclientid *scd)
3893{
3894        struct xdr_stream *xdr = &resp->xdr;
3895        __be32 *p;
3896
3897        if (!nfserr) {
3898                p = xdr_reserve_space(xdr, 8 + NFS4_VERIFIER_SIZE);
3899                if (!p)
3900                        return nfserr_resource;
3901                p = xdr_encode_opaque_fixed(p, &scd->se_clientid, 8);
3902                p = xdr_encode_opaque_fixed(p, &scd->se_confirm,
3903                                                NFS4_VERIFIER_SIZE);
3904        }
3905        else if (nfserr == nfserr_clid_inuse) {
3906                p = xdr_reserve_space(xdr, 8);
3907                if (!p)
3908                        return nfserr_resource;
3909                *p++ = cpu_to_be32(0);
3910                *p++ = cpu_to_be32(0);
3911        }
3912        return nfserr;
3913}
3914
3915static __be32
3916nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr, struct nfsd4_write *write)
3917{
3918        struct xdr_stream *xdr = &resp->xdr;
3919        __be32 *p;
3920
3921        p = xdr_reserve_space(xdr, 16);
3922        if (!p)
3923                return nfserr_resource;
3924        *p++ = cpu_to_be32(write->wr_bytes_written);
3925        *p++ = cpu_to_be32(write->wr_how_written);
3926        p = xdr_encode_opaque_fixed(p, write->wr_verifier.data,
3927                                                NFS4_VERIFIER_SIZE);
3928        return 0;
3929}
3930
3931static __be32
3932nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr,
3933                         struct nfsd4_exchange_id *exid)
3934{
3935        struct xdr_stream *xdr = &resp->xdr;
3936        __be32 *p;
3937        char *major_id;
3938        char *server_scope;
3939        int major_id_sz;
3940        int server_scope_sz;
3941        uint64_t minor_id = 0;
3942
3943        major_id = utsname()->nodename;
3944        major_id_sz = strlen(major_id);
3945        server_scope = utsname()->nodename;
3946        server_scope_sz = strlen(server_scope);
3947
3948        p = xdr_reserve_space(xdr,
3949                8 /* eir_clientid */ +
3950                4 /* eir_sequenceid */ +
3951                4 /* eir_flags */ +
3952                4 /* spr_how */);
3953        if (!p)
3954                return nfserr_resource;
3955
3956        p = xdr_encode_opaque_fixed(p, &exid->clientid, 8);
3957        *p++ = cpu_to_be32(exid->seqid);
3958        *p++ = cpu_to_be32(exid->flags);
3959
3960        *p++ = cpu_to_be32(exid->spa_how);
3961
3962        switch (exid->spa_how) {
3963        case SP4_NONE:
3964                break;
3965        case SP4_MACH_CRED:
3966                /* spo_must_enforce bitmap: */
3967                nfserr = nfsd4_encode_bitmap(xdr,
3968                                        exid->spo_must_enforce[0],
3969                                        exid->spo_must_enforce[1],
3970                                        exid->spo_must_enforce[2]);
3971                if (nfserr)
3972                        return nfserr;
3973                /* spo_must_allow bitmap: */
3974                nfserr = nfsd4_encode_bitmap(xdr,
3975                                        exid->spo_must_allow[0],
3976                                        exid->spo_must_allow[1],
3977                                        exid->spo_must_allow[2]);
3978                if (nfserr)
3979                        return nfserr;
3980                break;
3981        default:
3982                WARN_ON_ONCE(1);
3983        }
3984
3985        p = xdr_reserve_space(xdr,
3986                8 /* so_minor_id */ +
3987                4 /* so_major_id.len */ +
3988                (XDR_QUADLEN(major_id_sz) * 4) +
3989                4 /* eir_server_scope.len */ +
3990                (XDR_QUADLEN(server_scope_sz) * 4) +
3991                4 /* eir_server_impl_id.count (0) */);
3992        if (!p)
3993                return nfserr_resource;
3994
3995        /* The server_owner struct */
3996        p = xdr_encode_hyper(p, minor_id);      /* Minor id */
3997        /* major id */
3998        p = xdr_encode_opaque(p, major_id, major_id_sz);
3999
4000        /* Server scope */

4001        p = xdr_encode_opaque(p, server_scope, server_scope_sz);
4002
4003        /* Implementation id */
4004        *p++ = cpu_to_be32(0);  /* zero length nfs_impl_id4 array */
4005        return 0;
4006}
4007
4008static __be32
4009nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr,
4010                            struct nfsd4_create_session *sess)
4011{
4012        struct xdr_stream *xdr = &resp->xdr;
4013        __be32 *p;
4014
4015        p = xdr_reserve_space(xdr, 24);
4016        if (!p)
4017                return nfserr_resource;
4018        p = xdr_encode_opaque_fixed(p, sess->sessionid.data,
4019                                        NFS4_MAX_SESSIONID_LEN);
4020        *p++ = cpu_to_be32(sess->seqid);
4021        *p++ = cpu_to_be32(sess->flags);
4022
4023        p = xdr_reserve_space(xdr, 28);
4024        if (!p)
4025                return nfserr_resource;
4026        *p++ = cpu_to_be32(0); /* headerpadsz */
4027        *p++ = cpu_to_be32(sess->fore_channel.maxreq_sz);
4028        *p++ = cpu_to_be32(sess->fore_channel.maxresp_sz);
4029        *p++ = cpu_to_be32(sess->fore_channel.maxresp_cached);
4030        *p++ = cpu_to_be32(sess->fore_channel.maxops);
4031        *p++ = cpu_to_be32(sess->fore_channel.maxreqs);
4032        *p++ = cpu_to_be32(sess->fore_channel.nr_rdma_attrs);
4033
4034        if (sess->fore_channel.nr_rdma_attrs) {
4035                p = xdr_reserve_space(xdr, 4);
4036                if (!p)
4037                        return nfserr_resource;
4038                *p++ = cpu_to_be32(sess->fore_channel.rdma_attrs);
4039        }
4040
4041        p = xdr_reserve_space(xdr, 28);
4042        if (!p)
4043                return nfserr_resource;
4044        *p++ = cpu_to_be32(0); /* headerpadsz */
4045        *p++ = cpu_to_be32(sess->back_channel.maxreq_sz);
4046        *p++ = cpu_to_be32(sess->back_channel.maxresp_sz);
4047        *p++ = cpu_to_be32(sess->back_channel.maxresp_cached);
4048        *p++ = cpu_to_be32(sess->back_channel.maxops);
4049        *p++ = cpu_to_be32(sess->back_channel.maxreqs);
4050        *p++ = cpu_to_be32(sess->back_channel.nr_rdma_attrs);
4051
4052        if (sess->back_channel.nr_rdma_attrs) {
4053                p = xdr_reserve_space(xdr, 4);
4054                if (!p)
4055                        return nfserr_resource;
4056                *p++ = cpu_to_be32(sess->back_channel.rdma_attrs);
4057        }
4058        return 0;
4059}
4060
4061static __be32
4062nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr,
4063                      struct nfsd4_sequence *seq)
4064{
4065        struct xdr_stream *xdr = &resp->xdr;
4066        __be32 *p;
4067
4068        p = xdr_reserve_space(xdr, NFS4_MAX_SESSIONID_LEN + 20);
4069        if (!p)
4070                return nfserr_resource;
4071        p = xdr_encode_opaque_fixed(p, seq->sessionid.data,
4072                                        NFS4_MAX_SESSIONID_LEN);
4073        *p++ = cpu_to_be32(seq->seqid);
4074        *p++ = cpu_to_be32(seq->slotid);
4075        /* Note slotid's are numbered from zero: */
4076        *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_highest_slotid */
4077        *p++ = cpu_to_be32(seq->maxslots - 1); /* sr_target_highest_slotid */
4078        *p++ = cpu_to_be32(seq->status_flags);
4079
4080        resp->cstate.data_offset = xdr->buf->len; /* DRC cache data pointer */
4081        return 0;
4082}
4083
4084static __be32
4085nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr,
4086                          struct nfsd4_test_stateid *test_stateid)
4087{
4088        struct xdr_stream *xdr = &resp->xdr;
4089        struct nfsd4_test_stateid_id *stateid, *next;
4090        __be32 *p;
4091
4092        p = xdr_reserve_space(xdr, 4 + (4 * test_stateid->ts_num_ids));
4093        if (!p)
4094                return nfserr_resource;
4095        *p++ = htonl(test_stateid->ts_num_ids);
4096
4097        list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) {
4098                *p++ = stateid->ts_id_status;
4099        }
4100
4101        return 0;
4102}
4103
4104#ifdef CONFIG_NFSD_PNFS
4105static __be32
4106nfsd4_encode_getdeviceinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
4107                struct nfsd4_getdeviceinfo *gdev)
4108{
4109        struct xdr_stream *xdr = &resp->xdr;
4110        const struct nfsd4_layout_ops *ops;
4111        u32 starting_len = xdr->buf->len, needed_len;
4112        __be32 *p;
4113
4114        p = xdr_reserve_space(xdr, 4);
4115        if (!p)
4116                return nfserr_resource;
4117
4118        *p++ = cpu_to_be32(gdev->gd_layout_type);
4119
4120        /* If maxcount is 0 then just update notifications */
4121        if (gdev->gd_maxcount != 0) {
4122                ops = nfsd4_layout_ops[gdev->gd_layout_type];
4123                nfserr = ops->encode_getdeviceinfo(xdr, gdev);
4124                if (nfserr) {
4125                        /*
4126                         * We don't bother to burden the layout drivers with
4127                         * enforcing gd_maxcount, just tell the client to
4128                         * come back with a bigger buffer if it's not enough.
4129                         */
4130                        if (xdr->buf->len + 4 > gdev->gd_maxcount)
4131                                goto toosmall;
4132                        return nfserr;
4133                }
4134        }
4135
4136        if (gdev->gd_notify_types) {
4137                p = xdr_reserve_space(xdr, 4 + 4);
4138                if (!p)
4139                        return nfserr_resource;
4140                *p++ = cpu_to_be32(1);                  /* bitmap length */
4141                *p++ = cpu_to_be32(gdev->gd_notify_types);
4142        } else {
4143                p = xdr_reserve_space(xdr, 4);
4144                if (!p)
4145                        return nfserr_resource;
4146                *p++ = 0;
4147        }
4148
4149        return 0;
4150toosmall:
4151        dprintk("%s: maxcount too small\n", __func__);
4152        needed_len = xdr->buf->len + 4 /* notifications */;
4153        xdr_truncate_encode(xdr, starting_len);
4154        p = xdr_reserve_space(xdr, 4);
4155        if (!p)
4156                return nfserr_resource;
4157        *p++ = cpu_to_be32(needed_len);
4158        return nfserr_toosmall;
4159}
4160
4161static __be32
4162nfsd4_encode_layoutget(struct nfsd4_compoundres *resp, __be32 nfserr,
4163                struct nfsd4_layoutget *lgp)
4164{
4165        struct xdr_stream *xdr = &resp->xdr;
4166        const struct nfsd4_layout_ops *ops;
4167        __be32 *p;
4168
4169        p = xdr_reserve_space(xdr, 36 + sizeof(stateid_opaque_t));
4170        if (!p)
4171                return nfserr_resource;
4172
4173        *p++ = cpu_to_be32(1);  /* we always set return-on-close */
4174        *p++ = cpu_to_be32(lgp->lg_sid.si_generation);
4175        p = xdr_encode_opaque_fixed(p, &lgp->lg_sid.si_opaque,
4176                                    sizeof(stateid_opaque_t));
4177
4178        *p++ = cpu_to_be32(1);  /* we always return a single layout */
4179        p = xdr_encode_hyper(p, lgp->lg_seg.offset);
4180        p = xdr_encode_hyper(p, lgp->lg_seg.length);
4181        *p++ = cpu_to_be32(lgp->lg_seg.iomode);
4182        *p++ = cpu_to_be32(lgp->lg_layout_type);
4183
4184        ops = nfsd4_layout_ops[lgp->lg_layout_type];
4185        return ops->encode_layoutget(xdr, lgp);
4186}
4187
4188static __be32
4189nfsd4_encode_layoutcommit(struct nfsd4_compoundres *resp, __be32 nfserr,
4190                          struct nfsd4_layoutcommit *lcp)
4191{
4192        struct xdr_stream *xdr = &resp->xdr;
4193        __be32 *p;
4194
4195        p = xdr_reserve_space(xdr, 4);
4196        if (!p)
4197                return nfserr_resource;
4198        *p++ = cpu_to_be32(lcp->lc_size_chg);
4199        if (lcp->lc_size_chg) {
4200                p = xdr_reserve_space(xdr, 8);
4201                if (!p)
4202                        return nfserr_resource;
4203                p = xdr_encode_hyper(p, lcp->lc_newsize);
4204        }
4205
4206        return 0;
4207}
4208
4209static __be32
4210nfsd4_encode_layoutreturn(struct nfsd4_compoundres *resp, __be32 nfserr,
4211                struct nfsd4_layoutreturn *lrp)
4212{
4213        struct xdr_stream *xdr = &resp->xdr;
4214        __be32 *p;
4215
4216        p = xdr_reserve_space(xdr, 4);
4217        if (!p)
4218                return nfserr_resource;
4219        *p++ = cpu_to_be32(lrp->lrs_present);
4220        if (lrp->lrs_present)
4221                return nfsd4_encode_stateid(xdr, &lrp->lr_sid);
4222        return 0;
4223}
4224#endif /* CONFIG_NFSD_PNFS */
4225
4226static __be32
4227nfsd42_encode_write_res(struct nfsd4_compoundres *resp,
4228                struct nfsd42_write_res *write, bool sync)
4229{
4230        __be32 *p;
4231        p = xdr_reserve_space(&resp->xdr, 4);
4232        if (!p)
4233                return nfserr_resource;
4234
4235        if (sync)
4236                *p++ = cpu_to_be32(0);
4237        else {
4238                __be32 nfserr;
4239                *p++ = cpu_to_be32(1);
4240                nfserr = nfsd4_encode_stateid(&resp->xdr, &write->cb_stateid);
4241                if (nfserr)
4242                        return nfserr;
4243        }
4244        p = xdr_reserve_space(&resp->xdr, 8 + 4 + NFS4_VERIFIER_SIZE);
4245        if (!p)
4246                return nfserr_resource;
4247
4248        p = xdr_encode_hyper(p, write->wr_bytes_written);
4249        *p++ = cpu_to_be32(write->wr_stable_how);
4250        p = xdr_encode_opaque_fixed(p, write->wr_verifier.data,
4251                                    NFS4_VERIFIER_SIZE);
4252        return nfs_ok;
4253}
4254
4255static __be32
4256nfsd4_encode_copy(struct nfsd4_compoundres *resp, __be32 nfserr,
4257                  struct nfsd4_copy *copy)
4258{
4259        __be32 *p;
4260
4261        nfserr = nfsd42_encode_write_res(resp, &copy->cp_res,
4262                        copy->cp_synchronous);
4263        if (nfserr)
4264                return nfserr;
4265
4266        p = xdr_reserve_space(&resp->xdr, 4 + 4);
4267        *p++ = xdr_one; /* cr_consecutive */
4268        *p++ = cpu_to_be32(copy->cp_synchronous);
4269        return 0;
4270}
4271
4272static __be32
4273nfsd4_encode_offload_status(struct nfsd4_compoundres *resp, __be32 nfserr,
4274                            struct nfsd4_offload_status *os)
4275{
4276        struct xdr_stream *xdr = &resp->xdr;
4277        __be32 *p;
4278
4279        p = xdr_reserve_space(xdr, 8 + 4);
4280        if (!p)
4281                return nfserr_resource;
4282        p = xdr_encode_hyper(p, os->count);
4283        *p++ = cpu_to_be32(0);
4284
4285        return nfserr;
4286}
4287
4288static __be32
4289nfsd4_encode_seek(struct nfsd4_compoundres *resp, __be32 nfserr,
4290                  struct nfsd4_seek *seek)
4291{
4292        __be32 *p;
4293
4294        p = xdr_reserve_space(&resp->xdr, 4 + 8);
4295        *p++ = cpu_to_be32(seek->seek_eof);
4296        p = xdr_encode_hyper(p, seek->seek_pos);
4297
4298        return 0;
4299}
4300
4301static __be32
4302nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr, void *p)
4303{
4304        return nfserr;
4305}
4306
4307typedef __be32(* nfsd4_enc)(struct nfsd4_compoundres *, __be32, void *);
4308
4309/*
4310 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1
4311 * since we don't need to filter out obsolete ops as this is
4312 * done in the decoding phase.
4313 */
4314static const nfsd4_enc nfsd4_enc_ops[] = {
4315        [OP_ACCESS]             = (nfsd4_enc)nfsd4_encode_access,
4316        [OP_CLOSE]              = (nfsd4_enc)nfsd4_encode_close,
4317        [OP_COMMIT]             = (nfsd4_enc)nfsd4_encode_commit,
4318        [OP_CREATE]             = (nfsd4_enc)nfsd4_encode_create,
4319        [OP_DELEGPURGE]         = (nfsd4_enc)nfsd4_encode_noop,
4320        [OP_DELEGRETURN]        = (nfsd4_enc)nfsd4_encode_noop,
4321        [OP_GETATTR]            = (nfsd4_enc)nfsd4_encode_getattr,
4322        [OP_GETFH]              = (nfsd4_enc)nfsd4_encode_getfh,
4323        [OP_LINK]               = (nfsd4_enc)nfsd4_encode_link,
4324        [OP_LOCK]               = (nfsd4_enc)nfsd4_encode_lock,
4325        [OP_LOCKT]              = (nfsd4_enc)nfsd4_encode_lockt,
4326        [OP_LOCKU]              = (nfsd4_enc)nfsd4_encode_locku,
4327        [OP_LOOKUP]             = (nfsd4_enc)nfsd4_encode_noop,
4328        [OP_LOOKUPP]            = (nfsd4_enc)nfsd4_encode_noop,
4329        [OP_NVERIFY]            = (nfsd4_enc)nfsd4_encode_noop,
4330        [OP_OPEN]               = (nfsd4_enc)nfsd4_encode_open,
4331        [OP_OPENATTR]           = (nfsd4_enc)nfsd4_encode_noop,
4332        [OP_OPEN_CONFIRM]       = (nfsd4_enc)nfsd4_encode_open_confirm,
4333        [OP_OPEN_DOWNGRADE]     = (nfsd4_enc)nfsd4_encode_open_downgrade,
4334        [OP_PUTFH]              = (nfsd4_enc)nfsd4_encode_noop,
4335        [OP_PUTPUBFH]           = (nfsd4_enc)nfsd4_encode_noop,
4336        [OP_PUTROOTFH]          = (nfsd4_enc)nfsd4_encode_noop,
4337        [OP_READ]               = (nfsd4_enc)nfsd4_encode_read,
4338        [OP_READDIR]            = (nfsd4_enc)nfsd4_encode_readdir,
4339        [OP_READLINK]           = (nfsd4_enc)nfsd4_encode_readlink,
4340        [OP_REMOVE]             = (nfsd4_enc)nfsd4_encode_remove,
4341        [OP_RENAME]             = (nfsd4_enc)nfsd4_encode_rename,
4342        [OP_RENEW]              = (nfsd4_enc)nfsd4_encode_noop,
4343        [OP_RESTOREFH]          = (nfsd4_enc)nfsd4_encode_noop,
4344        [OP_SAVEFH]             = (nfsd4_enc)nfsd4_encode_noop,
4345        [OP_SECINFO]            = (nfsd4_enc)nfsd4_encode_secinfo,
4346        [OP_SETATTR]            = (nfsd4_enc)nfsd4_encode_setattr,
4347        [OP_SETCLIENTID]        = (nfsd4_enc)nfsd4_encode_setclientid,
4348        [OP_SETCLIENTID_CONFIRM] = (nfsd4_enc)nfsd4_encode_noop,
4349        [OP_VERIFY]             = (nfsd4_enc)nfsd4_encode_noop,
4350        [OP_WRITE]              = (nfsd4_enc)nfsd4_encode_write,
4351        [OP_RELEASE_LOCKOWNER]  = (nfsd4_enc)nfsd4_encode_noop,
4352
4353        /* NFSv4.1 operations */
4354        [OP_BACKCHANNEL_CTL]    = (nfsd4_enc)nfsd4_encode_noop,
4355        [OP_BIND_CONN_TO_SESSION] = (nfsd4_enc)nfsd4_encode_bind_conn_to_session,
4356        [OP_EXCHANGE_ID]        = (nfsd4_enc)nfsd4_encode_exchange_id,
4357        [OP_CREATE_SESSION]     = (nfsd4_enc)nfsd4_encode_create_session,
4358        [OP_DESTROY_SESSION]    = (nfsd4_enc)nfsd4_encode_noop,
4359        [OP_FREE_STATEID]       = (nfsd4_enc)nfsd4_encode_noop,
4360        [OP_GET_DIR_DELEGATION] = (nfsd4_enc)nfsd4_encode_noop,
4361#ifdef CONFIG_NFSD_PNFS
4362        [OP_GETDEVICEINFO]      = (nfsd4_enc)nfsd4_encode_getdeviceinfo,
4363        [OP_GETDEVICELIST]      = (nfsd4_enc)nfsd4_encode_noop,
4364        [OP_LAYOUTCOMMIT]       = (nfsd4_enc)nfsd4_encode_layoutcommit,
4365        [OP_LAYOUTGET]          = (nfsd4_enc)nfsd4_encode_layoutget,
4366        [OP_LAYOUTRETURN]       = (nfsd4_enc)nfsd4_encode_layoutreturn,
4367#else
4368        [OP_GETDEVICEINFO]      = (nfsd4_enc)nfsd4_encode_noop,
4369        [OP_GETDEVICELIST]      = (nfsd4_enc)nfsd4_encode_noop,
4370        [OP_LAYOUTCOMMIT]       = (nfsd4_enc)nfsd4_encode_noop,
4371        [OP_LAYOUTGET]          = (nfsd4_enc)nfsd4_encode_noop,
4372        [OP_LAYOUTRETURN]       = (nfsd4_enc)nfsd4_encode_noop,
4373#endif
4374        [OP_SECINFO_NO_NAME]    = (nfsd4_enc)nfsd4_encode_secinfo_no_name,
4375        [OP_SEQUENCE]           = (nfsd4_enc)nfsd4_encode_sequence,
4376        [OP_SET_SSV]            = (nfsd4_enc)nfsd4_encode_noop,
4377        [OP_TEST_STATEID]       = (nfsd4_enc)nfsd4_encode_test_stateid,
4378        [OP_WANT_DELEGATION]    = (nfsd4_enc)nfsd4_encode_noop,
4379        [OP_DESTROY_CLIENTID]   = (nfsd4_enc)nfsd4_encode_noop,
4380        [OP_RECLAIM_COMPLETE]   = (nfsd4_enc)nfsd4_encode_noop,
4381
4382        /* NFSv4.2 operations */
4383        [OP_ALLOCATE]           = (nfsd4_enc)nfsd4_encode_noop,
4384        [OP_COPY]               = (nfsd4_enc)nfsd4_encode_copy,
4385        [OP_COPY_NOTIFY]        = (nfsd4_enc)nfsd4_encode_noop,
4386        [OP_DEALLOCATE]         = (nfsd4_enc)nfsd4_encode_noop,
4387        [OP_IO_ADVISE]          = (nfsd4_enc)nfsd4_encode_noop,
4388        [OP_LAYOUTERROR]        = (nfsd4_enc)nfsd4_encode_noop,
4389        [OP_LAYOUTSTATS]        = (nfsd4_enc)nfsd4_encode_noop,
4390        [OP_OFFLOAD_CANCEL]     = (nfsd4_enc)nfsd4_encode_noop,
4391        [OP_OFFLOAD_STATUS]     = (nfsd4_enc)nfsd4_encode_offload_status,
4392        [OP_READ_PLUS]          = (nfsd4_enc)nfsd4_encode_noop,
4393        [OP_SEEK]               = (nfsd4_enc)nfsd4_encode_seek,
4394        [OP_WRITE_SAME]         = (nfsd4_enc)nfsd4_encode_noop,
4395        [OP_CLONE]              = (nfsd4_enc)nfsd4_encode_noop,
4396};
4397
4398/*
4399 * Calculate whether we still have space to encode repsize bytes.
4400 * There are two considerations:
4401 *     - For NFS versions >=4.1, the size of the reply must stay within
4402 *       session limits
4403 *     - For all NFS versions, we must stay within limited preallocated
4404 *       buffer space.
4405 *
4406 * This is called before the operation is processed, so can only provide
4407 * an upper estimate.  For some nonidempotent operations (such as
4408 * getattr), it's not necessarily a problem if that estimate is wrong,
4409 * as we can fail it after processing without significant side effects.
4410 */
4411__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 respsize)
4412{
4413        struct xdr_buf *buf = &resp->rqstp->rq_res;
4414        struct nfsd4_slot *slot = resp->cstate.slot;
4415
4416        if (buf->len + respsize <= buf->buflen)
4417                return nfs_ok;
4418        if (!nfsd4_has_session(&resp->cstate))
4419                return nfserr_resource;
4420        if (slot->sl_flags & NFSD4_SLOT_CACHETHIS) {
4421                WARN_ON_ONCE(1);
4422                return nfserr_rep_too_big_to_cache;
4423        }
4424        return nfserr_rep_too_big;
4425}
4426
4427void
4428nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op)
4429{
4430        struct xdr_stream *xdr = &resp->xdr;
4431        struct nfs4_stateowner *so = resp->cstate.replay_owner;
4432        struct svc_rqst *rqstp = resp->rqstp;
4433        const struct nfsd4_operation *opdesc = op->opdesc;
4434        int post_err_offset;
4435        nfsd4_enc encoder;
4436        __be32 *p;
4437
4438        p = xdr_reserve_space(xdr, 8);
4439        if (!p) {
4440                WARN_ON_ONCE(1);
4441                return;
4442        }
4443        *p++ = cpu_to_be32(op->opnum);
4444        post_err_offset = xdr->buf->len;
4445
4446        if (op->opnum == OP_ILLEGAL)
4447                goto status;
4448        if (op->status && opdesc &&
4449                        !(opdesc->op_flags & OP_NONTRIVIAL_ERROR_ENCODE))
4450                goto status;
4451        BUG_ON(op->opnum < 0 || op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) ||
4452               !nfsd4_enc_ops[op->opnum]);
4453        encoder = nfsd4_enc_ops[op->opnum];
4454        op->status = encoder(resp, op->status, &op->u);
4455        if (opdesc && opdesc->op_release)
4456                opdesc->op_release(&op->u);
4457        xdr_commit_encode(xdr);
4458
4459        /* nfsd4_check_resp_size guarantees enough room for error status */
4460        if (!op->status) {
4461                int space_needed = 0;
4462                if (!nfsd4_last_compound_op(rqstp))
4463                        space_needed = COMPOUND_ERR_SLACK_SPACE;
4464                op->status = nfsd4_check_resp_size(resp, space_needed);
4465        }
4466        if (op->status == nfserr_resource && nfsd4_has_session(&resp->cstate)) {
4467                struct nfsd4_slot *slot = resp->cstate.slot;
4468
4469                if (slot->sl_flags & NFSD4_SLOT_CACHETHIS)
4470                        op->status = nfserr_rep_too_big_to_cache;
4471                else
4472                        op->status = nfserr_rep_too_big;
4473        }
4474        if (op->status == nfserr_resource ||
4475            op->status == nfserr_rep_too_big ||
4476            op->status == nfserr_rep_too_big_to_cache) {
4477                /*
4478                 * The operation may have already been encoded or
4479                 * partially encoded.  No op returns anything additional
4480                 * in the case of one of these three errors, so we can
4481                 * just truncate back to after the status.  But it's a
4482                 * bug if we had to do this on a non-idempotent op:
4483                 */
4484                warn_on_nonidempotent_op(op);
4485                xdr_truncate_encode(xdr, post_err_offset);
4486        }
4487        if (so) {
4488                int len = xdr->buf->len - post_err_offset;
4489
4490                so->so_replay.rp_status = op->status;
4491                so->so_replay.rp_buflen = len;
4492                read_bytes_from_xdr_buf(xdr->buf, post_err_offset,
4493                                                so->so_replay.rp_buf, len);
4494        }
4495status:
4496        /* Note that op->status is already in network byte order: */
4497        write_bytes_to_xdr_buf(xdr->buf, post_err_offset - 4, &op->status, 4);
4498}
4499
4500/* 
4501 * Encode the reply stored in the stateowner reply cache 
4502 * 
4503 * XDR note: do not encode rp->rp_buflen: the buffer contains the
4504 * previously sent already encoded operation.
4505 */
4506void
4507nfsd4_encode_replay(struct xdr_stream *xdr, struct nfsd4_op *op)
4508{
4509        __be32 *p;
4510        struct nfs4_replay *rp = op->replay;
4511
4512        BUG_ON(!rp);
4513
4514        p = xdr_reserve_space(xdr, 8 + rp->rp_buflen);
4515        if (!p) {
4516                WARN_ON_ONCE(1);
4517                return;
4518        }
4519        *p++ = cpu_to_be32(op->opnum);
4520        *p++ = rp->rp_status;  /* already xdr'ed */
4521
4522        p = xdr_encode_opaque_fixed(p, rp->rp_buf, rp->rp_buflen);
4523}
4524
4525int
4526nfs4svc_encode_voidres(struct svc_rqst *rqstp, __be32 *p)
4527{
4528        return xdr_ressize_check(rqstp, p);
4529}
4530
4531void nfsd4_release_compoundargs(struct svc_rqst *rqstp)
4532{
4533        struct nfsd4_compoundargs *args = rqstp->rq_argp;
4534
4535        if (args->ops != args->iops) {
4536                kfree(args->ops);
4537                args->ops = args->iops;
4538        }
4539        kfree(args->tmpp);
4540        args->tmpp = NULL;
4541        while (args->to_free) {
4542                struct svcxdr_tmpbuf *tb = args->to_free;
4543                args->to_free = tb->next;
4544                kfree(tb);
4545        }
4546}
4547
4548int
4549nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, __be32 *p)
4550{
4551        struct nfsd4_compoundargs *args = rqstp->rq_argp;
4552
4553        if (rqstp->rq_arg.head[0].iov_len % 4) {
4554                /* client is nuts */
4555                dprintk("%s: compound not properly padded! (peeraddr=%pISc xid=0x%x)",
4556                        __func__, svc_addr(rqstp), be32_to_cpu(rqstp->rq_xid));
4557                return 0;
4558        }
4559        args->p = p;
4560        args->end = rqstp->rq_arg.head[0].iov_base + rqstp->rq_arg.head[0].iov_len;
4561        args->pagelist = rqstp->rq_arg.pages;
4562        args->pagelen = rqstp->rq_arg.page_len;
4563        args->tail = false;
4564        args->tmpp = NULL;
4565        args->to_free = NULL;
4566        args->ops = args->iops;
4567        args->rqstp = rqstp;
4568
4569        return !nfsd4_decode_compound(args);
4570}
4571
4572int
4573nfs4svc_encode_compoundres(struct svc_rqst *rqstp, __be32 *p)
4574{
4575        /*
4576         * All that remains is to write the tag and operation count...
4577         */
4578        struct nfsd4_compoundres *resp = rqstp->rq_resp;
4579        struct xdr_buf *buf = resp->xdr.buf;
4580
4581        WARN_ON_ONCE(buf->len != buf->head[0].iov_len + buf->page_len +
4582                                 buf->tail[0].iov_len);
4583
4584        rqstp->rq_next_page = resp->xdr.page_ptr + 1;
4585
4586        p = resp->tagp;
4587        *p++ = htonl(resp->taglen);
4588        memcpy(p, resp->tag, resp->taglen);
4589        p += XDR_QUADLEN(resp->taglen);
4590        *p++ = htonl(resp->opcnt);
4591
4592        nfsd4_sequence_done(resp);
4593        return 1;
4594}
4595
4596/*
4597 * Local variables:
4598 *  c-basic-offset: 8
4599 * End:
4600 */
4601