1/*
2 * linux/fs/nfs/callback.c
3 *
4 * Copyright (C) 2004 Trond Myklebust
5 *
6 * NFSv4 callback handling
7 */
8
9#include <linux/completion.h>
10#include <linux/ip.h>
11#include <linux/module.h>
12#include <linux/sunrpc/svc.h>
13#include <linux/sunrpc/svcsock.h>
14#include <linux/nfs_fs.h>
15#include <linux/errno.h>
16#include <linux/mutex.h>
17#include <linux/freezer.h>
18#include <linux/kthread.h>
19#include <linux/sunrpc/svcauth_gss.h>
20#include <linux/sunrpc/bc_xprt.h>
21
22#include <net/inet_sock.h>
23
24#include "nfs4_fs.h"
25#include "callback.h"
26#include "internal.h"
27#include "netns.h"
28
29#define NFSDBG_FACILITY NFSDBG_CALLBACK
30
31struct nfs_callback_data {
32	unsigned int users;
33	struct svc_serv *serv;
34	struct svc_rqst *rqst;
35	struct task_struct *task;
36};
37
38static struct nfs_callback_data nfs_callback_info[NFS4_MAX_MINOR_VERSION + 1];
39static DEFINE_MUTEX(nfs_callback_mutex);
40static struct svc_program nfs4_callback_program;
41
42static int nfs4_callback_up_net(struct svc_serv *serv, struct net *net)
43{
44	int ret;
45	struct nfs_net *nn = net_generic(net, nfs_net_id);
46
47	ret = svc_create_xprt(serv, "tcp", net, PF_INET,
48				nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS);
49	if (ret <= 0)
50		goto out_err;
51	nn->nfs_callback_tcpport = ret;
52	dprintk("NFS: Callback listener port = %u (af %u, net %p)\n",
53			nn->nfs_callback_tcpport, PF_INET, net);
54
55	ret = svc_create_xprt(serv, "tcp", net, PF_INET6,
56				nfs_callback_set_tcpport, SVC_SOCK_ANONYMOUS);
57	if (ret > 0) {
58		nn->nfs_callback_tcpport6 = ret;
59		dprintk("NFS: Callback listener port = %u (af %u, net %p)\n",
60				nn->nfs_callback_tcpport6, PF_INET6, net);
61	} else if (ret != -EAFNOSUPPORT)
62		goto out_err;
63	return 0;
64
65out_err:
66	return (ret) ? ret : -ENOMEM;
67}
68
69/*
70 * This is the NFSv4 callback kernel thread.
71 */
72static int
73nfs4_callback_svc(void *vrqstp)
74{
75	int err;
76	struct svc_rqst *rqstp = vrqstp;
77
78	set_freezable();
79
80	while (!kthread_should_stop()) {
81		/*
82		 * Listen for a request on the socket
83		 */
84		err = svc_recv(rqstp, MAX_SCHEDULE_TIMEOUT);
85		if (err == -EAGAIN || err == -EINTR)
86			continue;
87		svc_process(rqstp);
88	}
89	return 0;
90}
91
92/*
93 * Prepare to bring up the NFSv4 callback service
94 */
95static struct svc_rqst *
96nfs4_callback_up(struct svc_serv *serv)
97{
98	return svc_prepare_thread(serv, &serv->sv_pools[0], NUMA_NO_NODE);
99}
100
101#if defined(CONFIG_NFS_V4_1)
102static int nfs41_callback_up_net(struct svc_serv *serv, struct net *net)
103{
104	/*
105	 * Create an svc_sock for the back channel service that shares the
106	 * fore channel connection.
107	 * Returns the input port (0) and sets the svc_serv bc_xprt on success
108	 */
109	return svc_create_xprt(serv, "tcp-bc", net, PF_INET, 0,
110			      SVC_SOCK_ANONYMOUS);
111}
112
113/*
114 * The callback service for NFSv4.1 callbacks
115 */
116static int
117nfs41_callback_svc(void *vrqstp)
118{
119	struct svc_rqst *rqstp = vrqstp;
120	struct svc_serv *serv = rqstp->rq_server;
121	struct rpc_rqst *req;
122	int error;
123	DEFINE_WAIT(wq);
124
125	set_freezable();
126
127	while (!kthread_should_stop()) {
128		if (try_to_freeze())
129			continue;
130
131		prepare_to_wait(&serv->sv_cb_waitq, &wq, TASK_INTERRUPTIBLE);
132		spin_lock_bh(&serv->sv_cb_lock);
133		if (!list_empty(&serv->sv_cb_list)) {
134			req = list_first_entry(&serv->sv_cb_list,
135					struct rpc_rqst, rq_bc_list);
136			list_del(&req->rq_bc_list);
137			spin_unlock_bh(&serv->sv_cb_lock);
138			finish_wait(&serv->sv_cb_waitq, &wq);
139			dprintk("Invoking bc_svc_process()\n");
140			error = bc_svc_process(serv, req, rqstp);
141			dprintk("bc_svc_process() returned w/ error code= %d\n",
142				error);
143		} else {
144			spin_unlock_bh(&serv->sv_cb_lock);
145			schedule();
146			finish_wait(&serv->sv_cb_waitq, &wq);
147		}
148		flush_signals(current);
149	}
150	return 0;
151}
152
153/*
154 * Bring up the NFSv4.1 callback service
155 */
156static struct svc_rqst *
157nfs41_callback_up(struct svc_serv *serv)
158{
159	struct svc_rqst *rqstp;
160
161	INIT_LIST_HEAD(&serv->sv_cb_list);
162	spin_lock_init(&serv->sv_cb_lock);
163	init_waitqueue_head(&serv->sv_cb_waitq);
164	rqstp = svc_prepare_thread(serv, &serv->sv_pools[0], NUMA_NO_NODE);
165	if (IS_ERR(rqstp)) {
166		svc_xprt_put(serv->sv_bc_xprt);
167		serv->sv_bc_xprt = NULL;
168	}
169	dprintk("--> %s return %d\n", __func__, PTR_ERR_OR_ZERO(rqstp));
170	return rqstp;
171}
172
173static void nfs_minorversion_callback_svc_setup(struct svc_serv *serv,
174		struct svc_rqst **rqstpp, int (**callback_svc)(void *vrqstp))
175{
176	*rqstpp = nfs41_callback_up(serv);
177	*callback_svc = nfs41_callback_svc;
178}
179
180static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt,
181		struct svc_serv *serv)
182{
183	if (minorversion)
184		/*
185		 * Save the svc_serv in the transport so that it can
186		 * be referenced when the session backchannel is initialized
187		 */
188		xprt->bc_serv = serv;
189}
190#else
191static int nfs41_callback_up_net(struct svc_serv *serv, struct net *net)
192{
193	return 0;
194}
195
196static void nfs_minorversion_callback_svc_setup(struct svc_serv *serv,
197		struct svc_rqst **rqstpp, int (**callback_svc)(void *vrqstp))
198{
199	*rqstpp = ERR_PTR(-ENOTSUPP);
200	*callback_svc = ERR_PTR(-ENOTSUPP);
201}
202
203static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt,
204		struct svc_serv *serv)
205{
206}
207#endif /* CONFIG_NFS_V4_1 */
208
209static int nfs_callback_start_svc(int minorversion, struct rpc_xprt *xprt,
210				  struct svc_serv *serv)
211{
212	struct svc_rqst *rqstp;
213	int (*callback_svc)(void *vrqstp);
214	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
215	int ret;
216
217	nfs_callback_bc_serv(minorversion, xprt, serv);
218
219	if (cb_info->task)
220		return 0;
221
222	switch (minorversion) {
223	case 0:
224		/* v4.0 callback setup */
225		rqstp = nfs4_callback_up(serv);
226		callback_svc = nfs4_callback_svc;
227		break;
228	default:
229		nfs_minorversion_callback_svc_setup(serv,
230				&rqstp, &callback_svc);
231	}
232
233	if (IS_ERR(rqstp))
234		return PTR_ERR(rqstp);
235
236	svc_sock_update_bufs(serv);
237
238	cb_info->serv = serv;
239	cb_info->rqst = rqstp;
240	cb_info->task = kthread_create(callback_svc, cb_info->rqst,
241				    "nfsv4.%u-svc", minorversion);
242	if (IS_ERR(cb_info->task)) {
243		ret = PTR_ERR(cb_info->task);
244		svc_exit_thread(cb_info->rqst);
245		cb_info->rqst = NULL;
246		cb_info->task = NULL;
247		return ret;
248	}
249	rqstp->rq_task = cb_info->task;
250	wake_up_process(cb_info->task);
251	dprintk("nfs_callback_up: service started\n");
252	return 0;
253}
254
255static void nfs_callback_down_net(u32 minorversion, struct svc_serv *serv, struct net *net)
256{
257	struct nfs_net *nn = net_generic(net, nfs_net_id);
258
259	if (--nn->cb_users[minorversion])
260		return;
261
262	dprintk("NFS: destroy per-net callback data; net=%p\n", net);
263	svc_shutdown_net(serv, net);
264}
265
266static int nfs_callback_up_net(int minorversion, struct svc_serv *serv, struct net *net)
267{
268	struct nfs_net *nn = net_generic(net, nfs_net_id);
269	int ret;
270
271	if (nn->cb_users[minorversion]++)
272		return 0;
273
274	dprintk("NFS: create per-net callback data; net=%p\n", net);
275
276	ret = svc_bind(serv, net);
277	if (ret < 0) {
278		printk(KERN_WARNING "NFS: bind callback service failed\n");
279		goto err_bind;
280	}
281
282	switch (minorversion) {
283		case 0:
284			ret = nfs4_callback_up_net(serv, net);
285			break;
286		case 1:
287		case 2:
288			ret = nfs41_callback_up_net(serv, net);
289			break;
290		default:
291			printk(KERN_ERR "NFS: unknown callback version: %d\n",
292					minorversion);
293			ret = -EINVAL;
294			break;
295	}
296
297	if (ret < 0) {
298		printk(KERN_ERR "NFS: callback service start failed\n");
299		goto err_socks;
300	}
301	return 0;
302
303err_socks:
304	svc_rpcb_cleanup(serv, net);
305err_bind:
306	dprintk("NFS: Couldn't create callback socket: err = %d; "
307			"net = %p\n", ret, net);
308	return ret;
309}
310
311static struct svc_serv *nfs_callback_create_svc(int minorversion)
312{
313	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
314	struct svc_serv *serv;
315
316	/*
317	 * Check whether we're already up and running.
318	 */
319	if (cb_info->task) {
320		/*
321		 * Note: increase service usage, because later in case of error
322		 * svc_destroy() will be called.
323		 */
324		svc_get(cb_info->serv);
325		return cb_info->serv;
326	}
327
328	/*
329	 * Sanity check: if there's no task,
330	 * we should be the first user ...
331	 */
332	if (cb_info->users)
333		printk(KERN_WARNING "nfs_callback_create_svc: no kthread, %d users??\n",
334			cb_info->users);
335
336	serv = svc_create(&nfs4_callback_program, NFS4_CALLBACK_BUFSIZE, NULL);
337	if (!serv) {
338		printk(KERN_ERR "nfs_callback_create_svc: create service failed\n");
339		return ERR_PTR(-ENOMEM);
340	}
341	/* As there is only one thread we need to over-ride the
342	 * default maximum of 80 connections
343	 */
344	serv->sv_maxconn = 1024;
345	dprintk("nfs_callback_create_svc: service created\n");
346	return serv;
347}
348
349/*
350 * Bring up the callback thread if it is not already up.
351 */
352int nfs_callback_up(u32 minorversion, struct rpc_xprt *xprt)
353{
354	struct svc_serv *serv;
355	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
356	int ret;
357	struct net *net = xprt->xprt_net;
358
359	mutex_lock(&nfs_callback_mutex);
360
361	serv = nfs_callback_create_svc(minorversion);
362	if (IS_ERR(serv)) {
363		ret = PTR_ERR(serv);
364		goto err_create;
365	}
366
367	ret = nfs_callback_up_net(minorversion, serv, net);
368	if (ret < 0)
369		goto err_net;
370
371	ret = nfs_callback_start_svc(minorversion, xprt, serv);
372	if (ret < 0)
373		goto err_start;
374
375	cb_info->users++;
376	/*
377	 * svc_create creates the svc_serv with sv_nrthreads == 1, and then
378	 * svc_prepare_thread increments that. So we need to call svc_destroy
379	 * on both success and failure so that the refcount is 1 when the
380	 * thread exits.
381	 */
382err_net:
383	svc_destroy(serv);
384err_create:
385	mutex_unlock(&nfs_callback_mutex);
386	return ret;
387
388err_start:
389	nfs_callback_down_net(minorversion, serv, net);
390	dprintk("NFS: Couldn't create server thread; err = %d\n", ret);
391	goto err_net;
392}
393
394/*
395 * Kill the callback thread if it's no longer being used.
396 */
397void nfs_callback_down(int minorversion, struct net *net)
398{
399	struct nfs_callback_data *cb_info = &nfs_callback_info[minorversion];
400
401	mutex_lock(&nfs_callback_mutex);
402	nfs_callback_down_net(minorversion, cb_info->serv, net);
403	cb_info->users--;
404	if (cb_info->users == 0 && cb_info->task != NULL) {
405		kthread_stop(cb_info->task);
406		dprintk("nfs_callback_down: service stopped\n");
407		svc_exit_thread(cb_info->rqst);
408		dprintk("nfs_callback_down: service destroyed\n");
409		cb_info->serv = NULL;
410		cb_info->rqst = NULL;
411		cb_info->task = NULL;
412	}
413	mutex_unlock(&nfs_callback_mutex);
414}
415
416/* Boolean check of RPC_AUTH_GSS principal */
417int
418check_gss_callback_principal(struct nfs_client *clp, struct svc_rqst *rqstp)
419{
420	char *p = rqstp->rq_cred.cr_principal;
421
422	if (rqstp->rq_authop->flavour != RPC_AUTH_GSS)
423		return 1;
424
425	/* No RPC_AUTH_GSS on NFSv4.1 back channel yet */
426	if (clp->cl_minorversion != 0)
427		return 0;
428	/*
429	 * It might just be a normal user principal, in which case
430	 * userspace won't bother to tell us the name at all.
431	 */
432	if (p == NULL)
433		return 0;
434
435	/*
436	 * Did we get the acceptor from userland during the SETCLIENID
437	 * negotiation?
438	 */
439	if (clp->cl_acceptor)
440		return !strcmp(p, clp->cl_acceptor);
441
442	/*
443	 * Otherwise try to verify it using the cl_hostname. Note that this
444	 * doesn't work if a non-canonical hostname was used in the devname.
445	 */
446
447	/* Expect a GSS_C_NT_HOSTBASED_NAME like "nfs@serverhostname" */
448
449	if (memcmp(p, "nfs@", 4) != 0)
450		return 0;
451	p += 4;
452	if (strcmp(p, clp->cl_hostname) != 0)
453		return 0;
454	return 1;
455}
456
457/*
458 * pg_authenticate method for nfsv4 callback threads.
459 *
460 * The authflavor has been negotiated, so an incorrect flavor is a server
461 * bug. Drop packets with incorrect authflavor.
462 *
463 * All other checking done after NFS decoding where the nfs_client can be
464 * found in nfs4_callback_compound
465 */
466static int nfs_callback_authenticate(struct svc_rqst *rqstp)
467{
468	switch (rqstp->rq_authop->flavour) {
469	case RPC_AUTH_NULL:
470		if (rqstp->rq_proc != CB_NULL)
471			return SVC_DROP;
472		break;
473	case RPC_AUTH_GSS:
474		/* No RPC_AUTH_GSS support yet in NFSv4.1 */
475		 if (svc_is_backchannel(rqstp))
476			return SVC_DROP;
477	}
478	return SVC_OK;
479}
480
481/*
482 * Define NFS4 callback program
483 */
484static struct svc_version *nfs4_callback_version[] = {
485	[1] = &nfs4_callback_version1,
486	[4] = &nfs4_callback_version4,
487};
488
489static struct svc_stat nfs4_callback_stats;
490
491static struct svc_program nfs4_callback_program = {
492	.pg_prog = NFS4_CALLBACK,			/* RPC service number */
493	.pg_nvers = ARRAY_SIZE(nfs4_callback_version),	/* Number of entries */
494	.pg_vers = nfs4_callback_version,		/* version table */
495	.pg_name = "NFSv4 callback",			/* service name */
496	.pg_class = "nfs",				/* authentication class */
497	.pg_stats = &nfs4_callback_stats,
498	.pg_authenticate = nfs_callback_authenticate,
499};
500