nfs_subs.c revision 54970
1/*
2 * Copyright (c) 1989, 1993
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 3. All advertising materials mentioning features or use of this software
17 *    must display the following acknowledgement:
18 *	This product includes software developed by the University of
19 *	California, Berkeley and its contributors.
20 * 4. Neither the name of the University nor the names of its contributors
21 *    may be used to endorse or promote products derived from this software
22 *    without specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * SUCH DAMAGE.
35 *
36 *	@(#)nfs_subs.c  8.8 (Berkeley) 5/22/95
37 * $FreeBSD: head/sys/nfsclient/nfs_subs.c 54970 1999-12-21 20:21:12Z alfred $
38 */
39
40/*
41 * These functions support the macros and help fiddle mbuf chains for
42 * the nfs op functions. They do things like create the rpc header and
43 * copy data between mbuf chains and uio lists.
44 */
45#include <sys/param.h>
46#include <sys/systm.h>
47#include <sys/kernel.h>
48#include <sys/buf.h>
49#include <sys/proc.h>
50#include <sys/mount.h>
51#include <sys/vnode.h>
52#include <sys/namei.h>
53#include <sys/mbuf.h>
54#include <sys/socket.h>
55#include <sys/stat.h>
56#include <sys/malloc.h>
57#include <sys/sysent.h>
58#include <sys/syscall.h>
59#include <sys/conf.h>
60
61#include <vm/vm.h>
62#include <vm/vm_object.h>
63#include <vm/vm_extern.h>
64#include <vm/vm_zone.h>
65
66#include <nfs/rpcv2.h>
67#include <nfs/nfsproto.h>
68#include <nfs/nfs.h>
69#include <nfs/nfsnode.h>
70#include <nfs/xdr_subs.h>
71#include <nfs/nfsm_subs.h>
72#include <nfs/nfsmount.h>
73#include <nfs/nqnfs.h>
74#include <nfs/nfsrtt.h>
75
76#include <netinet/in.h>
77#ifdef ISO
78#include <netiso/iso.h>
79#endif
80
81/*
82 * Data items converted to xdr at startup, since they are constant
83 * This is kinda hokey, but may save a little time doing byte swaps
84 */
85u_int32_t nfs_xdrneg1;
86u_int32_t rpc_call, rpc_vers, rpc_reply, rpc_msgdenied, rpc_autherr,
87	rpc_mismatch, rpc_auth_unix, rpc_msgaccepted,
88	rpc_auth_kerb;
89u_int32_t nfs_prog, nqnfs_prog, nfs_true, nfs_false;
90
91/* And other global data */
92static u_int32_t nfs_xid = 0;
93static enum vtype nv2tov_type[8]= {
94	VNON, VREG, VDIR, VBLK, VCHR, VLNK, VNON,  VNON
95};
96enum vtype nv3tov_type[8]= {
97	VNON, VREG, VDIR, VBLK, VCHR, VLNK, VSOCK, VFIFO
98};
99
100int nfs_ticks;
101int nfs_pbuf_freecnt = -1;	/* start out unlimited */
102
103struct nfs_reqq nfs_reqq;
104struct nfssvc_sockhead nfssvc_sockhead;
105int nfssvc_sockhead_flag;
106struct nfsd_head nfsd_head;
107int nfsd_head_flag;
108struct nfs_bufq nfs_bufq;
109struct nqtimerhead nqtimerhead;
110struct nqfhhashhead *nqfhhashtbl;
111u_long nqfhhash;
112
113static void (*nfs_prev_lease_updatetime) __P((int));
114static int nfs_prev_nfssvc_sy_narg;
115static sy_call_t *nfs_prev_nfssvc_sy_call;
116
117#ifndef NFS_NOSERVER
118
119static vop_t *nfs_prev_vop_lease_check;
120
121/*
122 * Mapping of old NFS Version 2 RPC numbers to generic numbers.
123 */
124int nfsv3_procid[NFS_NPROCS] = {
125	NFSPROC_NULL,
126	NFSPROC_GETATTR,
127	NFSPROC_SETATTR,
128	NFSPROC_NOOP,
129	NFSPROC_LOOKUP,
130	NFSPROC_READLINK,
131	NFSPROC_READ,
132	NFSPROC_NOOP,
133	NFSPROC_WRITE,
134	NFSPROC_CREATE,
135	NFSPROC_REMOVE,
136	NFSPROC_RENAME,
137	NFSPROC_LINK,
138	NFSPROC_SYMLINK,
139	NFSPROC_MKDIR,
140	NFSPROC_RMDIR,
141	NFSPROC_READDIR,
142	NFSPROC_FSSTAT,
143	NFSPROC_NOOP,
144	NFSPROC_NOOP,
145	NFSPROC_NOOP,
146	NFSPROC_NOOP,
147	NFSPROC_NOOP,
148	NFSPROC_NOOP,
149	NFSPROC_NOOP,
150	NFSPROC_NOOP
151};
152
153#endif /* NFS_NOSERVER */
154/*
155 * and the reverse mapping from generic to Version 2 procedure numbers
156 */
157int nfsv2_procid[NFS_NPROCS] = {
158	NFSV2PROC_NULL,
159	NFSV2PROC_GETATTR,
160	NFSV2PROC_SETATTR,
161	NFSV2PROC_LOOKUP,
162	NFSV2PROC_NOOP,
163	NFSV2PROC_READLINK,
164	NFSV2PROC_READ,
165	NFSV2PROC_WRITE,
166	NFSV2PROC_CREATE,
167	NFSV2PROC_MKDIR,
168	NFSV2PROC_SYMLINK,
169	NFSV2PROC_CREATE,
170	NFSV2PROC_REMOVE,
171	NFSV2PROC_RMDIR,
172	NFSV2PROC_RENAME,
173	NFSV2PROC_LINK,
174	NFSV2PROC_READDIR,
175	NFSV2PROC_NOOP,
176	NFSV2PROC_STATFS,
177	NFSV2PROC_NOOP,
178	NFSV2PROC_NOOP,
179	NFSV2PROC_NOOP,
180	NFSV2PROC_NOOP,
181	NFSV2PROC_NOOP,
182	NFSV2PROC_NOOP,
183	NFSV2PROC_NOOP,
184};
185
186#ifndef NFS_NOSERVER
187/*
188 * Maps errno values to nfs error numbers.
189 * Use NFSERR_IO as the catch all for ones not specifically defined in
190 * RFC 1094.
191 */
192static u_char nfsrv_v2errmap[ELAST] = {
193  NFSERR_PERM,	NFSERR_NOENT,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
194  NFSERR_NXIO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
195  NFSERR_IO,	NFSERR_IO,	NFSERR_ACCES,	NFSERR_IO,	NFSERR_IO,
196  NFSERR_IO,	NFSERR_EXIST,	NFSERR_IO,	NFSERR_NODEV,	NFSERR_NOTDIR,
197  NFSERR_ISDIR,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
198  NFSERR_IO,	NFSERR_FBIG,	NFSERR_NOSPC,	NFSERR_IO,	NFSERR_ROFS,
199  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
200  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
201  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
202  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
203  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
204  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
205  NFSERR_IO,	NFSERR_IO,	NFSERR_NAMETOL,	NFSERR_IO,	NFSERR_IO,
206  NFSERR_NOTEMPTY, NFSERR_IO,	NFSERR_IO,	NFSERR_DQUOT,	NFSERR_STALE,
207  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
208  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
209  NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,	NFSERR_IO,
210  NFSERR_IO /* << Last is 86 */
211};
212
213/*
214 * Maps errno values to nfs error numbers.
215 * Although it is not obvious whether or not NFS clients really care if
216 * a returned error value is in the specified list for the procedure, the
217 * safest thing to do is filter them appropriately. For Version 2, the
218 * X/Open XNFS document is the only specification that defines error values
219 * for each RPC (The RFC simply lists all possible error values for all RPCs),
220 * so I have decided to not do this for Version 2.
221 * The first entry is the default error return and the rest are the valid
222 * errors for that RPC in increasing numeric order.
223 */
224static short nfsv3err_null[] = {
225	0,
226	0,
227};
228
229static short nfsv3err_getattr[] = {
230	NFSERR_IO,
231	NFSERR_IO,
232	NFSERR_STALE,
233	NFSERR_BADHANDLE,
234	NFSERR_SERVERFAULT,
235	0,
236};
237
238static short nfsv3err_setattr[] = {
239	NFSERR_IO,
240	NFSERR_PERM,
241	NFSERR_IO,
242	NFSERR_ACCES,
243	NFSERR_INVAL,
244	NFSERR_NOSPC,
245	NFSERR_ROFS,
246	NFSERR_DQUOT,
247	NFSERR_STALE,
248	NFSERR_BADHANDLE,
249	NFSERR_NOT_SYNC,
250	NFSERR_SERVERFAULT,
251	0,
252};
253
254static short nfsv3err_lookup[] = {
255	NFSERR_IO,
256	NFSERR_NOENT,
257	NFSERR_IO,
258	NFSERR_ACCES,
259	NFSERR_NOTDIR,
260	NFSERR_NAMETOL,
261	NFSERR_STALE,
262	NFSERR_BADHANDLE,
263	NFSERR_SERVERFAULT,
264	0,
265};
266
267static short nfsv3err_access[] = {
268	NFSERR_IO,
269	NFSERR_IO,
270	NFSERR_STALE,
271	NFSERR_BADHANDLE,
272	NFSERR_SERVERFAULT,
273	0,
274};
275
276static short nfsv3err_readlink[] = {
277	NFSERR_IO,
278	NFSERR_IO,
279	NFSERR_ACCES,
280	NFSERR_INVAL,
281	NFSERR_STALE,
282	NFSERR_BADHANDLE,
283	NFSERR_NOTSUPP,
284	NFSERR_SERVERFAULT,
285	0,
286};
287
288static short nfsv3err_read[] = {
289	NFSERR_IO,
290	NFSERR_IO,
291	NFSERR_NXIO,
292	NFSERR_ACCES,
293	NFSERR_INVAL,
294	NFSERR_STALE,
295	NFSERR_BADHANDLE,
296	NFSERR_SERVERFAULT,
297	0,
298};
299
300static short nfsv3err_write[] = {
301	NFSERR_IO,
302	NFSERR_IO,
303	NFSERR_ACCES,
304	NFSERR_INVAL,
305	NFSERR_FBIG,
306	NFSERR_NOSPC,
307	NFSERR_ROFS,
308	NFSERR_DQUOT,
309	NFSERR_STALE,
310	NFSERR_BADHANDLE,
311	NFSERR_SERVERFAULT,
312	0,
313};
314
315static short nfsv3err_create[] = {
316	NFSERR_IO,
317	NFSERR_IO,
318	NFSERR_ACCES,
319	NFSERR_EXIST,
320	NFSERR_NOTDIR,
321	NFSERR_NOSPC,
322	NFSERR_ROFS,
323	NFSERR_NAMETOL,
324	NFSERR_DQUOT,
325	NFSERR_STALE,
326	NFSERR_BADHANDLE,
327	NFSERR_NOTSUPP,
328	NFSERR_SERVERFAULT,
329	0,
330};
331
332static short nfsv3err_mkdir[] = {
333	NFSERR_IO,
334	NFSERR_IO,
335	NFSERR_ACCES,
336	NFSERR_EXIST,
337	NFSERR_NOTDIR,
338	NFSERR_NOSPC,
339	NFSERR_ROFS,
340	NFSERR_NAMETOL,
341	NFSERR_DQUOT,
342	NFSERR_STALE,
343	NFSERR_BADHANDLE,
344	NFSERR_NOTSUPP,
345	NFSERR_SERVERFAULT,
346	0,
347};
348
349static short nfsv3err_symlink[] = {
350	NFSERR_IO,
351	NFSERR_IO,
352	NFSERR_ACCES,
353	NFSERR_EXIST,
354	NFSERR_NOTDIR,
355	NFSERR_NOSPC,
356	NFSERR_ROFS,
357	NFSERR_NAMETOL,
358	NFSERR_DQUOT,
359	NFSERR_STALE,
360	NFSERR_BADHANDLE,
361	NFSERR_NOTSUPP,
362	NFSERR_SERVERFAULT,
363	0,
364};
365
366static short nfsv3err_mknod[] = {
367	NFSERR_IO,
368	NFSERR_IO,
369	NFSERR_ACCES,
370	NFSERR_EXIST,
371	NFSERR_NOTDIR,
372	NFSERR_NOSPC,
373	NFSERR_ROFS,
374	NFSERR_NAMETOL,
375	NFSERR_DQUOT,
376	NFSERR_STALE,
377	NFSERR_BADHANDLE,
378	NFSERR_NOTSUPP,
379	NFSERR_SERVERFAULT,
380	NFSERR_BADTYPE,
381	0,
382};
383
384static short nfsv3err_remove[] = {
385	NFSERR_IO,
386	NFSERR_NOENT,
387	NFSERR_IO,
388	NFSERR_ACCES,
389	NFSERR_NOTDIR,
390	NFSERR_ROFS,
391	NFSERR_NAMETOL,
392	NFSERR_STALE,
393	NFSERR_BADHANDLE,
394	NFSERR_SERVERFAULT,
395	0,
396};
397
398static short nfsv3err_rmdir[] = {
399	NFSERR_IO,
400	NFSERR_NOENT,
401	NFSERR_IO,
402	NFSERR_ACCES,
403	NFSERR_EXIST,
404	NFSERR_NOTDIR,
405	NFSERR_INVAL,
406	NFSERR_ROFS,
407	NFSERR_NAMETOL,
408	NFSERR_NOTEMPTY,
409	NFSERR_STALE,
410	NFSERR_BADHANDLE,
411	NFSERR_NOTSUPP,
412	NFSERR_SERVERFAULT,
413	0,
414};
415
416static short nfsv3err_rename[] = {
417	NFSERR_IO,
418	NFSERR_NOENT,
419	NFSERR_IO,
420	NFSERR_ACCES,
421	NFSERR_EXIST,
422	NFSERR_XDEV,
423	NFSERR_NOTDIR,
424	NFSERR_ISDIR,
425	NFSERR_INVAL,
426	NFSERR_NOSPC,
427	NFSERR_ROFS,
428	NFSERR_MLINK,
429	NFSERR_NAMETOL,
430	NFSERR_NOTEMPTY,
431	NFSERR_DQUOT,
432	NFSERR_STALE,
433	NFSERR_BADHANDLE,
434	NFSERR_NOTSUPP,
435	NFSERR_SERVERFAULT,
436	0,
437};
438
439static short nfsv3err_link[] = {
440	NFSERR_IO,
441	NFSERR_IO,
442	NFSERR_ACCES,
443	NFSERR_EXIST,
444	NFSERR_XDEV,
445	NFSERR_NOTDIR,
446	NFSERR_INVAL,
447	NFSERR_NOSPC,
448	NFSERR_ROFS,
449	NFSERR_MLINK,
450	NFSERR_NAMETOL,
451	NFSERR_DQUOT,
452	NFSERR_STALE,
453	NFSERR_BADHANDLE,
454	NFSERR_NOTSUPP,
455	NFSERR_SERVERFAULT,
456	0,
457};
458
459static short nfsv3err_readdir[] = {
460	NFSERR_IO,
461	NFSERR_IO,
462	NFSERR_ACCES,
463	NFSERR_NOTDIR,
464	NFSERR_STALE,
465	NFSERR_BADHANDLE,
466	NFSERR_BAD_COOKIE,
467	NFSERR_TOOSMALL,
468	NFSERR_SERVERFAULT,
469	0,
470};
471
472static short nfsv3err_readdirplus[] = {
473	NFSERR_IO,
474	NFSERR_IO,
475	NFSERR_ACCES,
476	NFSERR_NOTDIR,
477	NFSERR_STALE,
478	NFSERR_BADHANDLE,
479	NFSERR_BAD_COOKIE,
480	NFSERR_NOTSUPP,
481	NFSERR_TOOSMALL,
482	NFSERR_SERVERFAULT,
483	0,
484};
485
486static short nfsv3err_fsstat[] = {
487	NFSERR_IO,
488	NFSERR_IO,
489	NFSERR_STALE,
490	NFSERR_BADHANDLE,
491	NFSERR_SERVERFAULT,
492	0,
493};
494
495static short nfsv3err_fsinfo[] = {
496	NFSERR_STALE,
497	NFSERR_STALE,
498	NFSERR_BADHANDLE,
499	NFSERR_SERVERFAULT,
500	0,
501};
502
503static short nfsv3err_pathconf[] = {
504	NFSERR_STALE,
505	NFSERR_STALE,
506	NFSERR_BADHANDLE,
507	NFSERR_SERVERFAULT,
508	0,
509};
510
511static short nfsv3err_commit[] = {
512	NFSERR_IO,
513	NFSERR_IO,
514	NFSERR_STALE,
515	NFSERR_BADHANDLE,
516	NFSERR_SERVERFAULT,
517	0,
518};
519
520static short *nfsrv_v3errmap[] = {
521	nfsv3err_null,
522	nfsv3err_getattr,
523	nfsv3err_setattr,
524	nfsv3err_lookup,
525	nfsv3err_access,
526	nfsv3err_readlink,
527	nfsv3err_read,
528	nfsv3err_write,
529	nfsv3err_create,
530	nfsv3err_mkdir,
531	nfsv3err_symlink,
532	nfsv3err_mknod,
533	nfsv3err_remove,
534	nfsv3err_rmdir,
535	nfsv3err_rename,
536	nfsv3err_link,
537	nfsv3err_readdir,
538	nfsv3err_readdirplus,
539	nfsv3err_fsstat,
540	nfsv3err_fsinfo,
541	nfsv3err_pathconf,
542	nfsv3err_commit,
543};
544
545#endif /* NFS_NOSERVER */
546
547extern struct nfsrtt nfsrtt;
548extern time_t nqnfsstarttime;
549extern int nqsrv_clockskew;
550extern int nqsrv_writeslack;
551extern int nqsrv_maxlease;
552extern struct nfsstats nfsstats;
553extern int nqnfs_piggy[NFS_NPROCS];
554extern nfstype nfsv2_type[9];
555extern nfstype nfsv3_type[9];
556extern struct nfsnodehashhead *nfsnodehashtbl;
557extern u_long nfsnodehash;
558
559struct nfssvc_args;
560extern int nfssvc(struct proc *, struct nfssvc_args *, int *);
561
562LIST_HEAD(nfsnodehashhead, nfsnode);
563
564int nfs_webnamei __P((struct nameidata *, struct vnode *, struct proc *));
565
566u_quad_t
567nfs_curusec()
568{
569	struct timeval tv;
570
571	getmicrotime(&tv);
572	return ((u_quad_t)tv.tv_sec * 1000000 + (u_quad_t)tv.tv_usec);
573}
574
575/*
576 * Create the header for an rpc request packet
577 * The hsiz is the size of the rest of the nfs request header.
578 * (just used to decide if a cluster is a good idea)
579 */
580struct mbuf *
581nfsm_reqh(vp, procid, hsiz, bposp)
582	struct vnode *vp;
583	u_long procid;
584	int hsiz;
585	caddr_t *bposp;
586{
587	register struct mbuf *mb;
588	register u_int32_t *tl;
589	register caddr_t bpos;
590	struct mbuf *mb2;
591	struct nfsmount *nmp;
592	int nqflag;
593
594	MGET(mb, M_WAIT, MT_DATA);
595	if (hsiz >= MINCLSIZE)
596		MCLGET(mb, M_WAIT);
597	mb->m_len = 0;
598	bpos = mtod(mb, caddr_t);
599
600	/*
601	 * For NQNFS, add lease request.
602	 */
603	if (vp) {
604		nmp = VFSTONFS(vp->v_mount);
605		if (nmp->nm_flag & NFSMNT_NQNFS) {
606			nqflag = NQNFS_NEEDLEASE(vp, procid);
607			if (nqflag) {
608				nfsm_build(tl, u_int32_t *, 2*NFSX_UNSIGNED);
609				*tl++ = txdr_unsigned(nqflag);
610				*tl = txdr_unsigned(nmp->nm_leaseterm);
611			} else {
612				nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED);
613				*tl = 0;
614			}
615		}
616	}
617	/* Finally, return values */
618	*bposp = bpos;
619	return (mb);
620}
621
622/*
623 * Build the RPC header and fill in the authorization info.
624 * The authorization string argument is only used when the credentials
625 * come from outside of the kernel.
626 * Returns the head of the mbuf list.
627 */
628struct mbuf *
629nfsm_rpchead(cr, nmflag, procid, auth_type, auth_len, auth_str, verf_len,
630	verf_str, mrest, mrest_len, mbp, xidp)
631	register struct ucred *cr;
632	int nmflag;
633	int procid;
634	int auth_type;
635	int auth_len;
636	char *auth_str;
637	int verf_len;
638	char *verf_str;
639	struct mbuf *mrest;
640	int mrest_len;
641	struct mbuf **mbp;
642	u_int32_t *xidp;
643{
644	register struct mbuf *mb;
645	register u_int32_t *tl;
646	register caddr_t bpos;
647	register int i;
648	struct mbuf *mreq, *mb2;
649	int siz, grpsiz, authsiz;
650
651	authsiz = nfsm_rndup(auth_len);
652	MGETHDR(mb, M_WAIT, MT_DATA);
653	if ((authsiz + 10 * NFSX_UNSIGNED) >= MINCLSIZE) {
654		MCLGET(mb, M_WAIT);
655	} else if ((authsiz + 10 * NFSX_UNSIGNED) < MHLEN) {
656		MH_ALIGN(mb, authsiz + 10 * NFSX_UNSIGNED);
657	} else {
658		MH_ALIGN(mb, 8 * NFSX_UNSIGNED);
659	}
660	mb->m_len = 0;
661	mreq = mb;
662	bpos = mtod(mb, caddr_t);
663
664	/*
665	 * First the RPC header.
666	 */
667	nfsm_build(tl, u_int32_t *, 8 * NFSX_UNSIGNED);
668
669	/* Get a pretty random xid to start with */
670	if (!nfs_xid)
671		nfs_xid = random();
672	/*
673	 * Skip zero xid if it should ever happen.
674	 */
675	if (++nfs_xid == 0)
676		nfs_xid++;
677
678	*tl++ = *xidp = txdr_unsigned(nfs_xid);
679	*tl++ = rpc_call;
680	*tl++ = rpc_vers;
681	if (nmflag & NFSMNT_NQNFS) {
682		*tl++ = txdr_unsigned(NQNFS_PROG);
683		*tl++ = txdr_unsigned(NQNFS_VER3);
684	} else {
685		*tl++ = txdr_unsigned(NFS_PROG);
686		if (nmflag & NFSMNT_NFSV3)
687			*tl++ = txdr_unsigned(NFS_VER3);
688		else
689			*tl++ = txdr_unsigned(NFS_VER2);
690	}
691	if (nmflag & NFSMNT_NFSV3)
692		*tl++ = txdr_unsigned(procid);
693	else
694		*tl++ = txdr_unsigned(nfsv2_procid[procid]);
695
696	/*
697	 * And then the authorization cred.
698	 */
699	*tl++ = txdr_unsigned(auth_type);
700	*tl = txdr_unsigned(authsiz);
701	switch (auth_type) {
702	case RPCAUTH_UNIX:
703		nfsm_build(tl, u_int32_t *, auth_len);
704		*tl++ = 0;		/* stamp ?? */
705		*tl++ = 0;		/* NULL hostname */
706		*tl++ = txdr_unsigned(cr->cr_uid);
707		*tl++ = txdr_unsigned(cr->cr_groups[0]);
708		grpsiz = (auth_len >> 2) - 5;
709		*tl++ = txdr_unsigned(grpsiz);
710		for (i = 1; i <= grpsiz; i++)
711			*tl++ = txdr_unsigned(cr->cr_groups[i]);
712		break;
713	case RPCAUTH_KERB4:
714		siz = auth_len;
715		while (siz > 0) {
716			if (M_TRAILINGSPACE(mb) == 0) {
717				MGET(mb2, M_WAIT, MT_DATA);
718				if (siz >= MINCLSIZE)
719					MCLGET(mb2, M_WAIT);
720				mb->m_next = mb2;
721				mb = mb2;
722				mb->m_len = 0;
723				bpos = mtod(mb, caddr_t);
724			}
725			i = min(siz, M_TRAILINGSPACE(mb));
726			bcopy(auth_str, bpos, i);
727			mb->m_len += i;
728			auth_str += i;
729			bpos += i;
730			siz -= i;
731		}
732		if ((siz = (nfsm_rndup(auth_len) - auth_len)) > 0) {
733			for (i = 0; i < siz; i++)
734				*bpos++ = '\0';
735			mb->m_len += siz;
736		}
737		break;
738	};
739
740	/*
741	 * And the verifier...
742	 */
743	nfsm_build(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
744	if (verf_str) {
745		*tl++ = txdr_unsigned(RPCAUTH_KERB4);
746		*tl = txdr_unsigned(verf_len);
747		siz = verf_len;
748		while (siz > 0) {
749			if (M_TRAILINGSPACE(mb) == 0) {
750				MGET(mb2, M_WAIT, MT_DATA);
751				if (siz >= MINCLSIZE)
752					MCLGET(mb2, M_WAIT);
753				mb->m_next = mb2;
754				mb = mb2;
755				mb->m_len = 0;
756				bpos = mtod(mb, caddr_t);
757			}
758			i = min(siz, M_TRAILINGSPACE(mb));
759			bcopy(verf_str, bpos, i);
760			mb->m_len += i;
761			verf_str += i;
762			bpos += i;
763			siz -= i;
764		}
765		if ((siz = (nfsm_rndup(verf_len) - verf_len)) > 0) {
766			for (i = 0; i < siz; i++)
767				*bpos++ = '\0';
768			mb->m_len += siz;
769		}
770	} else {
771		*tl++ = txdr_unsigned(RPCAUTH_NULL);
772		*tl = 0;
773	}
774	mb->m_next = mrest;
775	mreq->m_pkthdr.len = authsiz + 10 * NFSX_UNSIGNED + mrest_len;
776	mreq->m_pkthdr.rcvif = (struct ifnet *)0;
777	*mbp = mb;
778	return (mreq);
779}
780
781/*
782 * copies mbuf chain to the uio scatter/gather list
783 */
784int
785nfsm_mbuftouio(mrep, uiop, siz, dpos)
786	struct mbuf **mrep;
787	register struct uio *uiop;
788	int siz;
789	caddr_t *dpos;
790{
791	register char *mbufcp, *uiocp;
792	register int xfer, left, len;
793	register struct mbuf *mp;
794	long uiosiz, rem;
795	int error = 0;
796
797	mp = *mrep;
798	mbufcp = *dpos;
799	len = mtod(mp, caddr_t)+mp->m_len-mbufcp;
800	rem = nfsm_rndup(siz)-siz;
801	while (siz > 0) {
802		if (uiop->uio_iovcnt <= 0 || uiop->uio_iov == NULL)
803			return (EFBIG);
804		left = uiop->uio_iov->iov_len;
805		uiocp = uiop->uio_iov->iov_base;
806		if (left > siz)
807			left = siz;
808		uiosiz = left;
809		while (left > 0) {
810			while (len == 0) {
811				mp = mp->m_next;
812				if (mp == NULL)
813					return (EBADRPC);
814				mbufcp = mtod(mp, caddr_t);
815				len = mp->m_len;
816			}
817			xfer = (left > len) ? len : left;
818#ifdef notdef
819			/* Not Yet.. */
820			if (uiop->uio_iov->iov_op != NULL)
821				(*(uiop->uio_iov->iov_op))
822				(mbufcp, uiocp, xfer);
823			else
824#endif
825			if (uiop->uio_segflg == UIO_SYSSPACE)
826				bcopy(mbufcp, uiocp, xfer);
827			else
828				copyout(mbufcp, uiocp, xfer);
829			left -= xfer;
830			len -= xfer;
831			mbufcp += xfer;
832			uiocp += xfer;
833			uiop->uio_offset += xfer;
834			uiop->uio_resid -= xfer;
835		}
836		if (uiop->uio_iov->iov_len <= siz) {
837			uiop->uio_iovcnt--;
838			uiop->uio_iov++;
839		} else {
840			uiop->uio_iov->iov_base += uiosiz;
841			uiop->uio_iov->iov_len -= uiosiz;
842		}
843		siz -= uiosiz;
844	}
845	*dpos = mbufcp;
846	*mrep = mp;
847	if (rem > 0) {
848		if (len < rem)
849			error = nfs_adv(mrep, dpos, rem, len);
850		else
851			*dpos += rem;
852	}
853	return (error);
854}
855
856/*
857 * copies a uio scatter/gather list to an mbuf chain.
858 * NOTE: can ony handle iovcnt == 1
859 */
860int
861nfsm_uiotombuf(uiop, mq, siz, bpos)
862	register struct uio *uiop;
863	struct mbuf **mq;
864	int siz;
865	caddr_t *bpos;
866{
867	register char *uiocp;
868	register struct mbuf *mp, *mp2;
869	register int xfer, left, mlen;
870	int uiosiz, clflg, rem;
871	char *cp;
872
873#ifdef DIAGNOSTIC
874	if (uiop->uio_iovcnt != 1)
875		panic("nfsm_uiotombuf: iovcnt != 1");
876#endif
877
878	if (siz > MLEN)		/* or should it >= MCLBYTES ?? */
879		clflg = 1;
880	else
881		clflg = 0;
882	rem = nfsm_rndup(siz)-siz;
883	mp = mp2 = *mq;
884	while (siz > 0) {
885		left = uiop->uio_iov->iov_len;
886		uiocp = uiop->uio_iov->iov_base;
887		if (left > siz)
888			left = siz;
889		uiosiz = left;
890		while (left > 0) {
891			mlen = M_TRAILINGSPACE(mp);
892			if (mlen == 0) {
893				MGET(mp, M_WAIT, MT_DATA);
894				if (clflg)
895					MCLGET(mp, M_WAIT);
896				mp->m_len = 0;
897				mp2->m_next = mp;
898				mp2 = mp;
899				mlen = M_TRAILINGSPACE(mp);
900			}
901			xfer = (left > mlen) ? mlen : left;
902#ifdef notdef
903			/* Not Yet.. */
904			if (uiop->uio_iov->iov_op != NULL)
905				(*(uiop->uio_iov->iov_op))
906				(uiocp, mtod(mp, caddr_t)+mp->m_len, xfer);
907			else
908#endif
909			if (uiop->uio_segflg == UIO_SYSSPACE)
910				bcopy(uiocp, mtod(mp, caddr_t)+mp->m_len, xfer);
911			else
912				copyin(uiocp, mtod(mp, caddr_t)+mp->m_len, xfer);
913			mp->m_len += xfer;
914			left -= xfer;
915			uiocp += xfer;
916			uiop->uio_offset += xfer;
917			uiop->uio_resid -= xfer;
918		}
919		uiop->uio_iov->iov_base += uiosiz;
920		uiop->uio_iov->iov_len -= uiosiz;
921		siz -= uiosiz;
922	}
923	if (rem > 0) {
924		if (rem > M_TRAILINGSPACE(mp)) {
925			MGET(mp, M_WAIT, MT_DATA);
926			mp->m_len = 0;
927			mp2->m_next = mp;
928		}
929		cp = mtod(mp, caddr_t)+mp->m_len;
930		for (left = 0; left < rem; left++)
931			*cp++ = '\0';
932		mp->m_len += rem;
933		*bpos = cp;
934	} else
935		*bpos = mtod(mp, caddr_t)+mp->m_len;
936	*mq = mp;
937	return (0);
938}
939
940/*
941 * Help break down an mbuf chain by setting the first siz bytes contiguous
942 * pointed to by returned val.
943 * This is used by the macros nfsm_dissect and nfsm_dissecton for tough
944 * cases. (The macros use the vars. dpos and dpos2)
945 */
946int
947nfsm_disct(mdp, dposp, siz, left, cp2)
948	struct mbuf **mdp;
949	caddr_t *dposp;
950	int siz;
951	int left;
952	caddr_t *cp2;
953{
954	register struct mbuf *mp, *mp2;
955	register int siz2, xfer;
956	register caddr_t p;
957
958	mp = *mdp;
959	while (left == 0) {
960		*mdp = mp = mp->m_next;
961		if (mp == NULL)
962			return (EBADRPC);
963		left = mp->m_len;
964		*dposp = mtod(mp, caddr_t);
965	}
966	if (left >= siz) {
967		*cp2 = *dposp;
968		*dposp += siz;
969	} else if (mp->m_next == NULL) {
970		return (EBADRPC);
971	} else if (siz > MHLEN) {
972		panic("nfs S too big");
973	} else {
974		MGET(mp2, M_WAIT, MT_DATA);
975		mp2->m_next = mp->m_next;
976		mp->m_next = mp2;
977		mp->m_len -= left;
978		mp = mp2;
979		*cp2 = p = mtod(mp, caddr_t);
980		bcopy(*dposp, p, left);		/* Copy what was left */
981		siz2 = siz-left;
982		p += left;
983		mp2 = mp->m_next;
984		/* Loop around copying up the siz2 bytes */
985		while (siz2 > 0) {
986			if (mp2 == NULL)
987				return (EBADRPC);
988			xfer = (siz2 > mp2->m_len) ? mp2->m_len : siz2;
989			if (xfer > 0) {
990				bcopy(mtod(mp2, caddr_t), p, xfer);
991				NFSMADV(mp2, xfer);
992				mp2->m_len -= xfer;
993				p += xfer;
994				siz2 -= xfer;
995			}
996			if (siz2 > 0)
997				mp2 = mp2->m_next;
998		}
999		mp->m_len = siz;
1000		*mdp = mp2;
1001		*dposp = mtod(mp2, caddr_t);
1002	}
1003	return (0);
1004}
1005
1006/*
1007 * Advance the position in the mbuf chain.
1008 */
1009int
1010nfs_adv(mdp, dposp, offs, left)
1011	struct mbuf **mdp;
1012	caddr_t *dposp;
1013	int offs;
1014	int left;
1015{
1016	register struct mbuf *m;
1017	register int s;
1018
1019	m = *mdp;
1020	s = left;
1021	while (s < offs) {
1022		offs -= s;
1023		m = m->m_next;
1024		if (m == NULL)
1025			return (EBADRPC);
1026		s = m->m_len;
1027	}
1028	*mdp = m;
1029	*dposp = mtod(m, caddr_t)+offs;
1030	return (0);
1031}
1032
1033/*
1034 * Copy a string into mbufs for the hard cases...
1035 */
1036int
1037nfsm_strtmbuf(mb, bpos, cp, siz)
1038	struct mbuf **mb;
1039	char **bpos;
1040	const char *cp;
1041	long siz;
1042{
1043	register struct mbuf *m1 = NULL, *m2;
1044	long left, xfer, len, tlen;
1045	u_int32_t *tl;
1046	int putsize;
1047
1048	putsize = 1;
1049	m2 = *mb;
1050	left = M_TRAILINGSPACE(m2);
1051	if (left > 0) {
1052		tl = ((u_int32_t *)(*bpos));
1053		*tl++ = txdr_unsigned(siz);
1054		putsize = 0;
1055		left -= NFSX_UNSIGNED;
1056		m2->m_len += NFSX_UNSIGNED;
1057		if (left > 0) {
1058			bcopy(cp, (caddr_t) tl, left);
1059			siz -= left;
1060			cp += left;
1061			m2->m_len += left;
1062			left = 0;
1063		}
1064	}
1065	/* Loop around adding mbufs */
1066	while (siz > 0) {
1067		MGET(m1, M_WAIT, MT_DATA);
1068		if (siz > MLEN)
1069			MCLGET(m1, M_WAIT);
1070		m1->m_len = NFSMSIZ(m1);
1071		m2->m_next = m1;
1072		m2 = m1;
1073		tl = mtod(m1, u_int32_t *);
1074		tlen = 0;
1075		if (putsize) {
1076			*tl++ = txdr_unsigned(siz);
1077			m1->m_len -= NFSX_UNSIGNED;
1078			tlen = NFSX_UNSIGNED;
1079			putsize = 0;
1080		}
1081		if (siz < m1->m_len) {
1082			len = nfsm_rndup(siz);
1083			xfer = siz;
1084			if (xfer < len)
1085				*(tl+(xfer>>2)) = 0;
1086		} else {
1087			xfer = len = m1->m_len;
1088		}
1089		bcopy(cp, (caddr_t) tl, xfer);
1090		m1->m_len = len+tlen;
1091		siz -= xfer;
1092		cp += xfer;
1093	}
1094	*mb = m1;
1095	*bpos = mtod(m1, caddr_t)+m1->m_len;
1096	return (0);
1097}
1098
1099/*
1100 * Called once to initialize data structures...
1101 */
1102int
1103nfs_init(vfsp)
1104	struct vfsconf *vfsp;
1105{
1106	register int i;
1107
1108	nfsmount_zone = zinit("NFSMOUNT", sizeof(struct nfsmount), 0, 0, 1);
1109
1110	/*
1111	 * Check to see if major data structures haven't bloated.
1112	 */
1113	if (sizeof (struct nfssvc_sock) > NFS_SVCALLOC) {
1114		printf("struct nfssvc_sock bloated (> %dbytes)\n",NFS_SVCALLOC);
1115		printf("Try reducing NFS_UIDHASHSIZ\n");
1116	}
1117	if (sizeof (struct nfsuid) > NFS_UIDALLOC) {
1118		printf("struct nfsuid bloated (> %dbytes)\n",NFS_UIDALLOC);
1119		printf("Try unionizing the nu_nickname and nu_flag fields\n");
1120	}
1121	nfs_mount_type = vfsp->vfc_typenum;
1122	nfsrtt.pos = 0;
1123	rpc_vers = txdr_unsigned(RPC_VER2);
1124	rpc_call = txdr_unsigned(RPC_CALL);
1125	rpc_reply = txdr_unsigned(RPC_REPLY);
1126	rpc_msgdenied = txdr_unsigned(RPC_MSGDENIED);
1127	rpc_msgaccepted = txdr_unsigned(RPC_MSGACCEPTED);
1128	rpc_mismatch = txdr_unsigned(RPC_MISMATCH);
1129	rpc_autherr = txdr_unsigned(RPC_AUTHERR);
1130	rpc_auth_unix = txdr_unsigned(RPCAUTH_UNIX);
1131	rpc_auth_kerb = txdr_unsigned(RPCAUTH_KERB4);
1132	nfs_prog = txdr_unsigned(NFS_PROG);
1133	nqnfs_prog = txdr_unsigned(NQNFS_PROG);
1134	nfs_true = txdr_unsigned(TRUE);
1135	nfs_false = txdr_unsigned(FALSE);
1136	nfs_xdrneg1 = txdr_unsigned(-1);
1137	nfs_ticks = (hz * NFS_TICKINTVL + 500) / 1000;
1138	if (nfs_ticks < 1)
1139		nfs_ticks = 1;
1140	/* Ensure async daemons disabled */
1141	for (i = 0; i < NFS_MAXASYNCDAEMON; i++) {
1142		nfs_iodwant[i] = (struct proc *)0;
1143		nfs_iodmount[i] = (struct nfsmount *)0;
1144	}
1145	nfs_nhinit();			/* Init the nfsnode table */
1146#ifndef NFS_NOSERVER
1147	nfsrv_init(0);			/* Init server data structures */
1148	nfsrv_initcache();		/* Init the server request cache */
1149#endif
1150
1151	/*
1152	 * Initialize the nqnfs server stuff.
1153	 */
1154	if (nqnfsstarttime == 0) {
1155		nqnfsstarttime = boottime.tv_sec + nqsrv_maxlease
1156			+ nqsrv_clockskew + nqsrv_writeslack;
1157		NQLOADNOVRAM(nqnfsstarttime);
1158		CIRCLEQ_INIT(&nqtimerhead);
1159		nqfhhashtbl = hashinit(NQLCHSZ, M_NQLEASE, &nqfhhash);
1160	}
1161
1162	/*
1163	 * Initialize reply list and start timer
1164	 */
1165	TAILQ_INIT(&nfs_reqq);
1166
1167	nfs_timer(0);
1168
1169	/*
1170	 * Set up lease_check and lease_updatetime so that other parts
1171	 * of the system can call us, if we are loadable.
1172	 */
1173#ifndef NFS_NOSERVER
1174	nfs_prev_vop_lease_check = default_vnodeop_p[VOFFSET(vop_lease)];
1175	default_vnodeop_p[VOFFSET(vop_lease)] = (vop_t *)nqnfs_vop_lease_check;
1176#endif
1177	nfs_prev_lease_updatetime = lease_updatetime;
1178	lease_updatetime = nfs_lease_updatetime;
1179	nfs_prev_nfssvc_sy_narg = sysent[SYS_nfssvc].sy_narg;
1180	sysent[SYS_nfssvc].sy_narg = 2;
1181	nfs_prev_nfssvc_sy_call = sysent[SYS_nfssvc].sy_call;
1182	sysent[SYS_nfssvc].sy_call = (sy_call_t *)nfssvc;
1183
1184	nfs_pbuf_freecnt = nswbuf / 2 + 1;
1185
1186	return (0);
1187}
1188
1189int
1190nfs_uninit(vfsp)
1191	struct vfsconf *vfsp;
1192{
1193
1194	untimeout(nfs_timer, (void *)NULL, nfs_timer_handle);
1195	nfs_mount_type = -1;
1196#ifndef NFS_NOSERVER
1197	default_vnodeop_p[VOFFSET(vop_lease)] = nfs_prev_vop_lease_check;
1198#endif
1199	lease_updatetime = nfs_prev_lease_updatetime;
1200	sysent[SYS_nfssvc].sy_narg = nfs_prev_nfssvc_sy_narg;
1201	sysent[SYS_nfssvc].sy_call = nfs_prev_nfssvc_sy_call;
1202	return (0);
1203}
1204
1205/*
1206 * Attribute cache routines.
1207 * nfs_loadattrcache() - loads or updates the cache contents from attributes
1208 *	that are on the mbuf list
1209 * nfs_getattrcache() - returns valid attributes if found in cache, returns
1210 *	error otherwise
1211 */
1212
1213/*
1214 * Load the attribute cache (that lives in the nfsnode entry) with
1215 * the values on the mbuf list and
1216 * Iff vap not NULL
1217 *    copy the attributes to *vaper
1218 */
1219int
1220nfs_loadattrcache(vpp, mdp, dposp, vaper)
1221	struct vnode **vpp;
1222	struct mbuf **mdp;
1223	caddr_t *dposp;
1224	struct vattr *vaper;
1225{
1226	register struct vnode *vp = *vpp;
1227	register struct vattr *vap;
1228	register struct nfs_fattr *fp;
1229	register struct nfsnode *np;
1230	register int32_t t1;
1231	caddr_t cp2;
1232	int error = 0, rdev;
1233	struct mbuf *md;
1234	enum vtype vtyp;
1235	u_short vmode;
1236	struct timespec mtime;
1237	int v3 = NFS_ISV3(vp);
1238
1239	md = *mdp;
1240	t1 = (mtod(md, caddr_t) + md->m_len) - *dposp;
1241	if ((error = nfsm_disct(mdp, dposp, NFSX_FATTR(v3), t1, &cp2)) != 0)
1242		return (error);
1243	fp = (struct nfs_fattr *)cp2;
1244	if (v3) {
1245		vtyp = nfsv3tov_type(fp->fa_type);
1246		vmode = fxdr_unsigned(u_short, fp->fa_mode);
1247		rdev = makeudev(fxdr_unsigned(int, fp->fa3_rdev.specdata1),
1248			fxdr_unsigned(int, fp->fa3_rdev.specdata2));
1249		fxdr_nfsv3time(&fp->fa3_mtime, &mtime);
1250	} else {
1251		vtyp = nfsv2tov_type(fp->fa_type);
1252		vmode = fxdr_unsigned(u_short, fp->fa_mode);
1253		/*
1254		 * XXX
1255		 *
1256		 * The duplicate information returned in fa_type and fa_mode
1257		 * is an ambiguity in the NFS version 2 protocol.
1258		 *
1259		 * VREG should be taken literally as a regular file.  If a
1260		 * server intents to return some type information differently
1261		 * in the upper bits of the mode field (e.g. for sockets, or
1262		 * FIFOs), NFSv2 mandates fa_type to be VNON.  Anyway, we
1263		 * leave the examination of the mode bits even in the VREG
1264		 * case to avoid breakage for bogus servers, but we make sure
1265		 * that there are actually type bits set in the upper part of
1266		 * fa_mode (and failing that, trust the va_type field).
1267		 *
1268		 * NFSv3 cleared the issue, and requires fa_mode to not
1269		 * contain any type information (while also introduing sockets
1270		 * and FIFOs for fa_type).
1271		 */
1272		if (vtyp == VNON || (vtyp == VREG && (vmode & S_IFMT) != 0))
1273			vtyp = IFTOVT(vmode);
1274		rdev = fxdr_unsigned(int32_t, fp->fa2_rdev);
1275		fxdr_nfsv2time(&fp->fa2_mtime, &mtime);
1276
1277		/*
1278		 * Really ugly NFSv2 kludge.
1279		 */
1280		if (vtyp == VCHR && rdev == 0xffffffff)
1281			vtyp = VFIFO;
1282	}
1283
1284	/*
1285	 * If v_type == VNON it is a new node, so fill in the v_type,
1286	 * n_mtime fields. Check to see if it represents a special
1287	 * device, and if so, check for a possible alias. Once the
1288	 * correct vnode has been obtained, fill in the rest of the
1289	 * information.
1290	 */
1291	np = VTONFS(vp);
1292	if (vp->v_type != vtyp) {
1293		vp->v_type = vtyp;
1294		if (vp->v_type == VFIFO) {
1295			vp->v_op = fifo_nfsv2nodeop_p;
1296		}
1297		if (vp->v_type == VCHR || vp->v_type == VBLK) {
1298			vp->v_op = spec_nfsv2nodeop_p;
1299			addaliasu(vp, rdev);
1300		}
1301		np->n_mtime = mtime.tv_sec;
1302	}
1303	vap = &np->n_vattr;
1304	vap->va_type = vtyp;
1305	vap->va_mode = (vmode & 07777);
1306	vap->va_rdev = rdev;
1307	vap->va_mtime = mtime;
1308	vap->va_fsid = vp->v_mount->mnt_stat.f_fsid.val[0];
1309	if (v3) {
1310		vap->va_nlink = fxdr_unsigned(u_short, fp->fa_nlink);
1311		vap->va_uid = fxdr_unsigned(uid_t, fp->fa_uid);
1312		vap->va_gid = fxdr_unsigned(gid_t, fp->fa_gid);
1313		vap->va_size = fxdr_hyper(&fp->fa3_size);
1314		vap->va_blocksize = NFS_FABLKSIZE;
1315		vap->va_bytes = fxdr_hyper(&fp->fa3_used);
1316		vap->va_fileid = fxdr_unsigned(int32_t,
1317		    fp->fa3_fileid.nfsuquad[1]);
1318		fxdr_nfsv3time(&fp->fa3_atime, &vap->va_atime);
1319		fxdr_nfsv3time(&fp->fa3_ctime, &vap->va_ctime);
1320		vap->va_flags = 0;
1321		vap->va_filerev = 0;
1322	} else {
1323		vap->va_nlink = fxdr_unsigned(u_short, fp->fa_nlink);
1324		vap->va_uid = fxdr_unsigned(uid_t, fp->fa_uid);
1325		vap->va_gid = fxdr_unsigned(gid_t, fp->fa_gid);
1326		vap->va_size = fxdr_unsigned(u_int32_t, fp->fa2_size);
1327		vap->va_blocksize = fxdr_unsigned(int32_t, fp->fa2_blocksize);
1328		vap->va_bytes = (u_quad_t)fxdr_unsigned(int32_t, fp->fa2_blocks)
1329		    * NFS_FABLKSIZE;
1330		vap->va_fileid = fxdr_unsigned(int32_t, fp->fa2_fileid);
1331		fxdr_nfsv2time(&fp->fa2_atime, &vap->va_atime);
1332		vap->va_flags = 0;
1333		vap->va_ctime.tv_sec = fxdr_unsigned(u_int32_t,
1334		    fp->fa2_ctime.nfsv2_sec);
1335		vap->va_ctime.tv_nsec = 0;
1336		vap->va_gen = fxdr_unsigned(u_int32_t,fp->fa2_ctime.nfsv2_usec);
1337		vap->va_filerev = 0;
1338	}
1339	if (vap->va_size != np->n_size) {
1340		if (vap->va_type == VREG) {
1341			if (np->n_flag & NMODIFIED) {
1342				if (vap->va_size < np->n_size)
1343					vap->va_size = np->n_size;
1344				else
1345					np->n_size = vap->va_size;
1346			} else {
1347				np->n_size = vap->va_size;
1348			}
1349			vnode_pager_setsize(vp, np->n_size);
1350		} else {
1351			np->n_size = vap->va_size;
1352		}
1353	}
1354	np->n_attrstamp = time_second;
1355	if (vaper != NULL) {
1356		bcopy((caddr_t)vap, (caddr_t)vaper, sizeof(*vap));
1357		if (np->n_flag & NCHG) {
1358			if (np->n_flag & NACC)
1359				vaper->va_atime = np->n_atim;
1360			if (np->n_flag & NUPD)
1361				vaper->va_mtime = np->n_mtim;
1362		}
1363	}
1364	return (0);
1365}
1366
1367#ifdef NFS_ACDEBUG
1368#include <sys/sysctl.h>
1369SYSCTL_DECL(_vfs_nfs);
1370static int nfs_acdebug;
1371SYSCTL_INT(_vfs_nfs, OID_AUTO, acdebug, CTLFLAG_RW, &nfs_acdebug, 0, "");
1372#endif
1373
1374/*
1375 * Check the time stamp
1376 * If the cache is valid, copy contents to *vap and return 0
1377 * otherwise return an error
1378 */
1379int
1380nfs_getattrcache(vp, vaper)
1381	register struct vnode *vp;
1382	struct vattr *vaper;
1383{
1384	register struct nfsnode *np;
1385	register struct vattr *vap;
1386	struct nfsmount *nmp;
1387	int timeo;
1388
1389	np = VTONFS(vp);
1390	vap = &np->n_vattr;
1391	nmp = VFSTONFS(vp->v_mount);
1392	/* XXX n_mtime doesn't seem to be updated on a miss-and-reload */
1393	timeo = (time_second - np->n_mtime) / 10;
1394
1395#ifdef NFS_ACDEBUG
1396	if (nfs_acdebug>1)
1397		printf("nfs_getattrcache: initial timeo = %d\n", timeo);
1398#endif
1399
1400	if (vap->va_type == VDIR) {
1401		if ((np->n_flag & NMODIFIED) || timeo < nmp->nm_acdirmin)
1402			timeo = nmp->nm_acdirmin;
1403		else if (timeo > nmp->nm_acdirmax)
1404			timeo = nmp->nm_acdirmax;
1405	} else {
1406		if ((np->n_flag & NMODIFIED) || timeo < nmp->nm_acregmin)
1407			timeo = nmp->nm_acregmin;
1408		else if (timeo > nmp->nm_acregmax)
1409			timeo = nmp->nm_acregmax;
1410	}
1411
1412#ifdef NFS_ACDEBUG
1413	if (nfs_acdebug > 2)
1414		printf("acregmin %d; acregmax %d; acdirmin %d; acdirmax %d\n",
1415			nmp->nm_acregmin, nmp->nm_acregmax,
1416			nmp->nm_acdirmin, nmp->nm_acdirmax);
1417
1418	if (nfs_acdebug)
1419		printf("nfs_getattrcache: age = %d; final timeo = %d\n",
1420			(time_second - np->n_attrstamp), timeo);
1421#endif
1422
1423	if ((time_second - np->n_attrstamp) >= timeo) {
1424		nfsstats.attrcache_misses++;
1425		return (ENOENT);
1426	}
1427	nfsstats.attrcache_hits++;
1428	if (vap->va_size != np->n_size) {
1429		if (vap->va_type == VREG) {
1430			if (np->n_flag & NMODIFIED) {
1431				if (vap->va_size < np->n_size)
1432					vap->va_size = np->n_size;
1433				else
1434					np->n_size = vap->va_size;
1435			} else {
1436				np->n_size = vap->va_size;
1437			}
1438			vnode_pager_setsize(vp, np->n_size);
1439		} else {
1440			np->n_size = vap->va_size;
1441		}
1442	}
1443	bcopy((caddr_t)vap, (caddr_t)vaper, sizeof(struct vattr));
1444	if (np->n_flag & NCHG) {
1445		if (np->n_flag & NACC)
1446			vaper->va_atime = np->n_atim;
1447		if (np->n_flag & NUPD)
1448			vaper->va_mtime = np->n_mtim;
1449	}
1450	return (0);
1451}
1452
1453#ifndef NFS_NOSERVER
1454/*
1455 * Set up nameidata for a lookup() call and do it.
1456 *
1457 * If pubflag is set, this call is done for a lookup operation on the
1458 * public filehandle. In that case we allow crossing mountpoints and
1459 * absolute pathnames. However, the caller is expected to check that
1460 * the lookup result is within the public fs, and deny access if
1461 * it is not.
1462 *
1463 * nfs_namei() clears out garbage fields that namei() might leave garbage.
1464 * This is mainly ni_vp and ni_dvp when an error occurs, and ni_dvp when no
1465 * error occurs but the parent was not requested.
1466 *
1467 * dirp may be set whether an error is returned or not, and must be
1468 * released by the caller.
1469 */
1470int
1471nfs_namei(ndp, fhp, len, slp, nam, mdp, dposp, retdirp, p, kerbflag, pubflag)
1472	register struct nameidata *ndp;
1473	fhandle_t *fhp;
1474	int len;
1475	struct nfssvc_sock *slp;
1476	struct sockaddr *nam;
1477	struct mbuf **mdp;
1478	caddr_t *dposp;
1479	struct vnode **retdirp;
1480	struct proc *p;
1481	int kerbflag, pubflag;
1482{
1483	register int i, rem;
1484	register struct mbuf *md;
1485	register char *fromcp, *tocp, *cp;
1486	struct iovec aiov;
1487	struct uio auio;
1488	struct vnode *dp;
1489	int error, rdonly, linklen;
1490	struct componentname *cnp = &ndp->ni_cnd;
1491
1492	*retdirp = (struct vnode *)0;
1493	cnp->cn_pnbuf = zalloc(namei_zone);
1494
1495	/*
1496	 * Copy the name from the mbuf list to ndp->ni_pnbuf
1497	 * and set the various ndp fields appropriately.
1498	 */
1499	fromcp = *dposp;
1500	tocp = cnp->cn_pnbuf;
1501	md = *mdp;
1502	rem = mtod(md, caddr_t) + md->m_len - fromcp;
1503	for (i = 0; i < len; i++) {
1504		while (rem == 0) {
1505			md = md->m_next;
1506			if (md == NULL) {
1507				error = EBADRPC;
1508				goto out;
1509			}
1510			fromcp = mtod(md, caddr_t);
1511			rem = md->m_len;
1512		}
1513		if (*fromcp == '\0' || (!pubflag && *fromcp == '/')) {
1514			error = EACCES;
1515			goto out;
1516		}
1517		*tocp++ = *fromcp++;
1518		rem--;
1519	}
1520	*tocp = '\0';
1521	*mdp = md;
1522	*dposp = fromcp;
1523	len = nfsm_rndup(len)-len;
1524	if (len > 0) {
1525		if (rem >= len)
1526			*dposp += len;
1527		else if ((error = nfs_adv(mdp, dposp, len, rem)) != 0)
1528			goto out;
1529	}
1530
1531	/*
1532	 * Extract and set starting directory.
1533	 */
1534	error = nfsrv_fhtovp(fhp, FALSE, &dp, ndp->ni_cnd.cn_cred, slp,
1535	    nam, &rdonly, kerbflag, pubflag);
1536	if (error)
1537		goto out;
1538	if (dp->v_type != VDIR) {
1539		vrele(dp);
1540		error = ENOTDIR;
1541		goto out;
1542	}
1543
1544	if (rdonly)
1545		cnp->cn_flags |= RDONLY;
1546
1547	/*
1548	 * Set return directory.  Reference to dp is implicitly transfered
1549	 * to the returned pointer
1550	 */
1551	*retdirp = dp;
1552
1553	if (pubflag) {
1554		/*
1555		 * Oh joy. For WebNFS, handle those pesky '%' escapes,
1556		 * and the 'native path' indicator.
1557		 */
1558		cp = zalloc(namei_zone);
1559		fromcp = cnp->cn_pnbuf;
1560		tocp = cp;
1561		if ((unsigned char)*fromcp >= WEBNFS_SPECCHAR_START) {
1562			switch ((unsigned char)*fromcp) {
1563			case WEBNFS_NATIVE_CHAR:
1564				/*
1565				 * 'Native' path for us is the same
1566				 * as a path according to the NFS spec,
1567				 * just skip the escape char.
1568				 */
1569				fromcp++;
1570				break;
1571			/*
1572			 * More may be added in the future, range 0x80-0xff
1573			 */
1574			default:
1575				error = EIO;
1576				zfree(namei_zone, cp);
1577				goto out;
1578			}
1579		}
1580		/*
1581		 * Translate the '%' escapes, URL-style.
1582		 */
1583		while (*fromcp != '\0') {
1584			if (*fromcp == WEBNFS_ESC_CHAR) {
1585				if (fromcp[1] != '\0' && fromcp[2] != '\0') {
1586					fromcp++;
1587					*tocp++ = HEXSTRTOI(fromcp);
1588					fromcp += 2;
1589					continue;
1590				} else {
1591					error = ENOENT;
1592					zfree(namei_zone, cp);
1593					goto out;
1594				}
1595			} else
1596				*tocp++ = *fromcp++;
1597		}
1598		*tocp = '\0';
1599		zfree(namei_zone, cnp->cn_pnbuf);
1600		cnp->cn_pnbuf = cp;
1601	}
1602
1603	ndp->ni_pathlen = (tocp - cnp->cn_pnbuf) + 1;
1604	ndp->ni_segflg = UIO_SYSSPACE;
1605
1606	if (pubflag) {
1607		ndp->ni_rootdir = rootvnode;
1608		ndp->ni_loopcnt = 0;
1609		if (cnp->cn_pnbuf[0] == '/')
1610			dp = rootvnode;
1611	} else {
1612		cnp->cn_flags |= NOCROSSMOUNT;
1613	}
1614
1615	/*
1616	 * Initialize for scan, set ni_startdir and bump ref on dp again
1617	 * becuase lookup() will dereference ni_startdir.
1618	 */
1619
1620	cnp->cn_proc = p;
1621	VREF(dp);
1622	ndp->ni_startdir = dp;
1623
1624	for (;;) {
1625		cnp->cn_nameptr = cnp->cn_pnbuf;
1626		/*
1627		 * Call lookup() to do the real work.  If an error occurs,
1628		 * ndp->ni_vp and ni_dvp are left uninitialized or NULL and
1629		 * we do not have to dereference anything before returning.
1630		 * In either case ni_startdir will be dereferenced and NULLed
1631		 * out.
1632		 */
1633		error = lookup(ndp);
1634		if (error)
1635			break;
1636
1637		/*
1638		 * Check for encountering a symbolic link.  Trivial
1639		 * termination occurs if no symlink encountered.
1640		 * Note: zfree is safe because error is 0, so we will
1641		 * not zfree it again when we break.
1642		 */
1643		if ((cnp->cn_flags & ISSYMLINK) == 0) {
1644			nfsrv_object_create(ndp->ni_vp);
1645			if (cnp->cn_flags & (SAVENAME | SAVESTART))
1646				cnp->cn_flags |= HASBUF;
1647			else
1648				zfree(namei_zone, cnp->cn_pnbuf);
1649			break;
1650		}
1651
1652		/*
1653		 * Validate symlink
1654		 */
1655		if ((cnp->cn_flags & LOCKPARENT) && ndp->ni_pathlen == 1)
1656			VOP_UNLOCK(ndp->ni_dvp, 0, p);
1657		if (!pubflag) {
1658			error = EINVAL;
1659			goto badlink2;
1660		}
1661
1662		if (ndp->ni_loopcnt++ >= MAXSYMLINKS) {
1663			error = ELOOP;
1664			goto badlink2;
1665		}
1666		if (ndp->ni_pathlen > 1)
1667			cp = zalloc(namei_zone);
1668		else
1669			cp = cnp->cn_pnbuf;
1670		aiov.iov_base = cp;
1671		aiov.iov_len = MAXPATHLEN;
1672		auio.uio_iov = &aiov;
1673		auio.uio_iovcnt = 1;
1674		auio.uio_offset = 0;
1675		auio.uio_rw = UIO_READ;
1676		auio.uio_segflg = UIO_SYSSPACE;
1677		auio.uio_procp = (struct proc *)0;
1678		auio.uio_resid = MAXPATHLEN;
1679		error = VOP_READLINK(ndp->ni_vp, &auio, cnp->cn_cred);
1680		if (error) {
1681		badlink1:
1682			if (ndp->ni_pathlen > 1)
1683				zfree(namei_zone, cp);
1684		badlink2:
1685			vrele(ndp->ni_dvp);
1686			vput(ndp->ni_vp);
1687			break;
1688		}
1689		linklen = MAXPATHLEN - auio.uio_resid;
1690		if (linklen == 0) {
1691			error = ENOENT;
1692			goto badlink1;
1693		}
1694		if (linklen + ndp->ni_pathlen >= MAXPATHLEN) {
1695			error = ENAMETOOLONG;
1696			goto badlink1;
1697		}
1698
1699		/*
1700		 * Adjust or replace path
1701		 */
1702		if (ndp->ni_pathlen > 1) {
1703			bcopy(ndp->ni_next, cp + linklen, ndp->ni_pathlen);
1704			zfree(namei_zone, cnp->cn_pnbuf);
1705			cnp->cn_pnbuf = cp;
1706		} else
1707			cnp->cn_pnbuf[linklen] = '\0';
1708		ndp->ni_pathlen += linklen;
1709
1710		/*
1711		 * Cleanup refs for next loop and check if root directory
1712		 * should replace current directory.  Normally ni_dvp
1713		 * becomes the new base directory and is cleaned up when
1714		 * we loop.  Explicitly null pointers after invalidation
1715		 * to clarify operation.
1716		 */
1717		vput(ndp->ni_vp);
1718		ndp->ni_vp = NULL;
1719
1720		if (cnp->cn_pnbuf[0] == '/') {
1721			vrele(ndp->ni_dvp);
1722			ndp->ni_dvp = ndp->ni_rootdir;
1723			VREF(ndp->ni_dvp);
1724		}
1725		ndp->ni_startdir = ndp->ni_dvp;
1726		ndp->ni_dvp = NULL;
1727	}
1728
1729	/*
1730	 * nfs_namei() guarentees that fields will not contain garbage
1731	 * whether an error occurs or not.  This allows the caller to track
1732	 * cleanup state trivially.
1733	 */
1734out:
1735	if (error) {
1736		zfree(namei_zone, cnp->cn_pnbuf);
1737		ndp->ni_vp = NULL;
1738		ndp->ni_dvp = NULL;
1739		ndp->ni_startdir = NULL;
1740		cnp->cn_flags &= ~HASBUF;
1741	} else if ((ndp->ni_cnd.cn_flags & (WANTPARENT|LOCKPARENT)) == 0) {
1742		ndp->ni_dvp = NULL;
1743	}
1744	return (error);
1745}
1746
1747/*
1748 * A fiddled version of m_adj() that ensures null fill to a long
1749 * boundary and only trims off the back end
1750 */
1751void
1752nfsm_adj(mp, len, nul)
1753	struct mbuf *mp;
1754	register int len;
1755	int nul;
1756{
1757	register struct mbuf *m;
1758	register int count, i;
1759	register char *cp;
1760
1761	/*
1762	 * Trim from tail.  Scan the mbuf chain,
1763	 * calculating its length and finding the last mbuf.
1764	 * If the adjustment only affects this mbuf, then just
1765	 * adjust and return.  Otherwise, rescan and truncate
1766	 * after the remaining size.
1767	 */
1768	count = 0;
1769	m = mp;
1770	for (;;) {
1771		count += m->m_len;
1772		if (m->m_next == (struct mbuf *)0)
1773			break;
1774		m = m->m_next;
1775	}
1776	if (m->m_len > len) {
1777		m->m_len -= len;
1778		if (nul > 0) {
1779			cp = mtod(m, caddr_t)+m->m_len-nul;
1780			for (i = 0; i < nul; i++)
1781				*cp++ = '\0';
1782		}
1783		return;
1784	}
1785	count -= len;
1786	if (count < 0)
1787		count = 0;
1788	/*
1789	 * Correct length for chain is "count".
1790	 * Find the mbuf with last data, adjust its length,
1791	 * and toss data from remaining mbufs on chain.
1792	 */
1793	for (m = mp; m; m = m->m_next) {
1794		if (m->m_len >= count) {
1795			m->m_len = count;
1796			if (nul > 0) {
1797				cp = mtod(m, caddr_t)+m->m_len-nul;
1798				for (i = 0; i < nul; i++)
1799					*cp++ = '\0';
1800			}
1801			break;
1802		}
1803		count -= m->m_len;
1804	}
1805	for (m = m->m_next;m;m = m->m_next)
1806		m->m_len = 0;
1807}
1808
1809/*
1810 * Make these functions instead of macros, so that the kernel text size
1811 * doesn't get too big...
1812 */
1813void
1814nfsm_srvwcc(nfsd, before_ret, before_vap, after_ret, after_vap, mbp, bposp)
1815	struct nfsrv_descript *nfsd;
1816	int before_ret;
1817	register struct vattr *before_vap;
1818	int after_ret;
1819	struct vattr *after_vap;
1820	struct mbuf **mbp;
1821	char **bposp;
1822{
1823	register struct mbuf *mb = *mbp, *mb2;
1824	register char *bpos = *bposp;
1825	register u_int32_t *tl;
1826
1827	if (before_ret) {
1828		nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED);
1829		*tl = nfs_false;
1830	} else {
1831		nfsm_build(tl, u_int32_t *, 7 * NFSX_UNSIGNED);
1832		*tl++ = nfs_true;
1833		txdr_hyper(before_vap->va_size, tl);
1834		tl += 2;
1835		txdr_nfsv3time(&(before_vap->va_mtime), tl);
1836		tl += 2;
1837		txdr_nfsv3time(&(before_vap->va_ctime), tl);
1838	}
1839	*bposp = bpos;
1840	*mbp = mb;
1841	nfsm_srvpostopattr(nfsd, after_ret, after_vap, mbp, bposp);
1842}
1843
1844void
1845nfsm_srvpostopattr(nfsd, after_ret, after_vap, mbp, bposp)
1846	struct nfsrv_descript *nfsd;
1847	int after_ret;
1848	struct vattr *after_vap;
1849	struct mbuf **mbp;
1850	char **bposp;
1851{
1852	register struct mbuf *mb = *mbp, *mb2;
1853	register char *bpos = *bposp;
1854	register u_int32_t *tl;
1855	register struct nfs_fattr *fp;
1856
1857	if (after_ret) {
1858		nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED);
1859		*tl = nfs_false;
1860	} else {
1861		nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED + NFSX_V3FATTR);
1862		*tl++ = nfs_true;
1863		fp = (struct nfs_fattr *)tl;
1864		nfsm_srvfattr(nfsd, after_vap, fp);
1865	}
1866	*mbp = mb;
1867	*bposp = bpos;
1868}
1869
1870void
1871nfsm_srvfattr(nfsd, vap, fp)
1872	register struct nfsrv_descript *nfsd;
1873	register struct vattr *vap;
1874	register struct nfs_fattr *fp;
1875{
1876
1877	fp->fa_nlink = txdr_unsigned(vap->va_nlink);
1878	fp->fa_uid = txdr_unsigned(vap->va_uid);
1879	fp->fa_gid = txdr_unsigned(vap->va_gid);
1880	if (nfsd->nd_flag & ND_NFSV3) {
1881		fp->fa_type = vtonfsv3_type(vap->va_type);
1882		fp->fa_mode = vtonfsv3_mode(vap->va_mode);
1883		txdr_hyper(vap->va_size, &fp->fa3_size);
1884		txdr_hyper(vap->va_bytes, &fp->fa3_used);
1885		fp->fa3_rdev.specdata1 = txdr_unsigned(umajor(vap->va_rdev));
1886		fp->fa3_rdev.specdata2 = txdr_unsigned(uminor(vap->va_rdev));
1887		fp->fa3_fsid.nfsuquad[0] = 0;
1888		fp->fa3_fsid.nfsuquad[1] = txdr_unsigned(vap->va_fsid);
1889		fp->fa3_fileid.nfsuquad[0] = 0;
1890		fp->fa3_fileid.nfsuquad[1] = txdr_unsigned(vap->va_fileid);
1891		txdr_nfsv3time(&vap->va_atime, &fp->fa3_atime);
1892		txdr_nfsv3time(&vap->va_mtime, &fp->fa3_mtime);
1893		txdr_nfsv3time(&vap->va_ctime, &fp->fa3_ctime);
1894	} else {
1895		fp->fa_type = vtonfsv2_type(vap->va_type);
1896		fp->fa_mode = vtonfsv2_mode(vap->va_type, vap->va_mode);
1897		fp->fa2_size = txdr_unsigned(vap->va_size);
1898		fp->fa2_blocksize = txdr_unsigned(vap->va_blocksize);
1899		if (vap->va_type == VFIFO)
1900			fp->fa2_rdev = 0xffffffff;
1901		else
1902			fp->fa2_rdev = txdr_unsigned(vap->va_rdev);
1903		fp->fa2_blocks = txdr_unsigned(vap->va_bytes / NFS_FABLKSIZE);
1904		fp->fa2_fsid = txdr_unsigned(vap->va_fsid);
1905		fp->fa2_fileid = txdr_unsigned(vap->va_fileid);
1906		txdr_nfsv2time(&vap->va_atime, &fp->fa2_atime);
1907		txdr_nfsv2time(&vap->va_mtime, &fp->fa2_mtime);
1908		txdr_nfsv2time(&vap->va_ctime, &fp->fa2_ctime);
1909	}
1910}
1911
1912/*
1913 * nfsrv_fhtovp() - convert a fh to a vnode ptr (optionally locked)
1914 * 	- look up fsid in mount list (if not found ret error)
1915 *	- get vp and export rights by calling VFS_FHTOVP()
1916 *	- if cred->cr_uid == 0 or MNT_EXPORTANON set it to credanon
1917 *	- if not lockflag unlock it with VOP_UNLOCK()
1918 */
1919int
1920nfsrv_fhtovp(fhp, lockflag, vpp, cred, slp, nam, rdonlyp, kerbflag, pubflag)
1921	fhandle_t *fhp;
1922	int lockflag;
1923	struct vnode **vpp;
1924	struct ucred *cred;
1925	struct nfssvc_sock *slp;
1926	struct sockaddr *nam;
1927	int *rdonlyp;
1928	int kerbflag;
1929	int pubflag;
1930{
1931	struct proc *p = curproc; /* XXX */
1932	register struct mount *mp;
1933	register int i;
1934	struct ucred *credanon;
1935	int error, exflags;
1936#ifdef MNT_EXNORESPORT		/* XXX needs mountd and /etc/exports help yet */
1937	struct sockaddr_int *saddr;
1938#endif
1939
1940	*vpp = (struct vnode *)0;
1941
1942	if (nfs_ispublicfh(fhp)) {
1943		if (!pubflag || !nfs_pub.np_valid)
1944			return (ESTALE);
1945		fhp = &nfs_pub.np_handle;
1946	}
1947
1948	mp = vfs_getvfs(&fhp->fh_fsid);
1949	if (!mp)
1950		return (ESTALE);
1951	error = VFS_CHECKEXP(mp, nam, &exflags, &credanon);
1952	if (error)
1953		return (error);
1954	error = VFS_FHTOVP(mp, &fhp->fh_fid, vpp);
1955	if (error)
1956		return (error);
1957#ifdef MNT_EXNORESPORT
1958	if (!(exflags & (MNT_EXNORESPORT|MNT_EXPUBLIC))) {
1959		saddr = (struct sockaddr_in *)nam;
1960		if (saddr->sin_family == AF_INET &&
1961		    ntohs(saddr->sin_port) >= IPPORT_RESERVED) {
1962			vput(*vpp);
1963			*vpp = NULL;
1964			return (NFSERR_AUTHERR | AUTH_TOOWEAK);
1965		}
1966	}
1967#endif
1968	/*
1969	 * Check/setup credentials.
1970	 */
1971	if (exflags & MNT_EXKERB) {
1972		if (!kerbflag) {
1973			vput(*vpp);
1974			*vpp = NULL;
1975			return (NFSERR_AUTHERR | AUTH_TOOWEAK);
1976		}
1977	} else if (kerbflag) {
1978		vput(*vpp);
1979		*vpp = NULL;
1980		return (NFSERR_AUTHERR | AUTH_TOOWEAK);
1981	} else if (cred->cr_uid == 0 || (exflags & MNT_EXPORTANON)) {
1982		cred->cr_uid = credanon->cr_uid;
1983		for (i = 0; i < credanon->cr_ngroups && i < NGROUPS; i++)
1984			cred->cr_groups[i] = credanon->cr_groups[i];
1985		cred->cr_ngroups = i;
1986	}
1987	if (exflags & MNT_EXRDONLY)
1988		*rdonlyp = 1;
1989	else
1990		*rdonlyp = 0;
1991
1992	nfsrv_object_create(*vpp);
1993
1994	if (!lockflag)
1995		VOP_UNLOCK(*vpp, 0, p);
1996	return (0);
1997}
1998
1999
2000/*
2001 * WebNFS: check if a filehandle is a public filehandle. For v3, this
2002 * means a length of 0, for v2 it means all zeroes. nfsm_srvmtofh has
2003 * transformed this to all zeroes in both cases, so check for it.
2004 */
2005int
2006nfs_ispublicfh(fhp)
2007	fhandle_t *fhp;
2008{
2009	char *cp = (char *)fhp;
2010	int i;
2011
2012	for (i = 0; i < NFSX_V3FH; i++)
2013		if (*cp++ != 0)
2014			return (FALSE);
2015	return (TRUE);
2016}
2017
2018#endif /* NFS_NOSERVER */
2019/*
2020 * This function compares two net addresses by family and returns TRUE
2021 * if they are the same host.
2022 * If there is any doubt, return FALSE.
2023 * The AF_INET family is handled as a special case so that address mbufs
2024 * don't need to be saved to store "struct in_addr", which is only 4 bytes.
2025 */
2026int
2027netaddr_match(family, haddr, nam)
2028	int family;
2029	union nethostaddr *haddr;
2030	struct sockaddr *nam;
2031{
2032	register struct sockaddr_in *inetaddr;
2033
2034	switch (family) {
2035	case AF_INET:
2036		inetaddr = (struct sockaddr_in *)nam;
2037		if (inetaddr->sin_family == AF_INET &&
2038		    inetaddr->sin_addr.s_addr == haddr->had_inetaddr)
2039			return (1);
2040		break;
2041#ifdef ISO
2042	case AF_ISO:
2043	    {
2044		register struct sockaddr_iso *isoaddr1, *isoaddr2;
2045
2046		isoaddr1 = (struct sockaddr_iso *)nam;
2047		isoaddr2 = (struct sockaddr_iso *)haddr->had_nam;
2048		if (isoaddr1->siso_family == AF_ISO &&
2049		    isoaddr1->siso_nlen > 0 &&
2050		    isoaddr1->siso_nlen == isoaddr2->siso_nlen &&
2051		    SAME_ISOADDR(isoaddr1, isoaddr2))
2052			return (1);
2053		break;
2054	    }
2055#endif	/* ISO */
2056	default:
2057		break;
2058	};
2059	return (0);
2060}
2061
2062static nfsuint64 nfs_nullcookie = { { 0, 0 } };
2063/*
2064 * This function finds the directory cookie that corresponds to the
2065 * logical byte offset given.
2066 */
2067nfsuint64 *
2068nfs_getcookie(np, off, add)
2069	register struct nfsnode *np;
2070	off_t off;
2071	int add;
2072{
2073	register struct nfsdmap *dp, *dp2;
2074	register int pos;
2075
2076	pos = (uoff_t)off / NFS_DIRBLKSIZ;
2077	if (pos == 0 || off < 0) {
2078#ifdef DIAGNOSTIC
2079		if (add)
2080			panic("nfs getcookie add at <= 0");
2081#endif
2082		return (&nfs_nullcookie);
2083	}
2084	pos--;
2085	dp = np->n_cookies.lh_first;
2086	if (!dp) {
2087		if (add) {
2088			MALLOC(dp, struct nfsdmap *, sizeof (struct nfsdmap),
2089				M_NFSDIROFF, M_WAITOK);
2090			dp->ndm_eocookie = 0;
2091			LIST_INSERT_HEAD(&np->n_cookies, dp, ndm_list);
2092		} else
2093			return ((nfsuint64 *)0);
2094	}
2095	while (pos >= NFSNUMCOOKIES) {
2096		pos -= NFSNUMCOOKIES;
2097		if (dp->ndm_list.le_next) {
2098			if (!add && dp->ndm_eocookie < NFSNUMCOOKIES &&
2099				pos >= dp->ndm_eocookie)
2100				return ((nfsuint64 *)0);
2101			dp = dp->ndm_list.le_next;
2102		} else if (add) {
2103			MALLOC(dp2, struct nfsdmap *, sizeof (struct nfsdmap),
2104				M_NFSDIROFF, M_WAITOK);
2105			dp2->ndm_eocookie = 0;
2106			LIST_INSERT_AFTER(dp, dp2, ndm_list);
2107			dp = dp2;
2108		} else
2109			return ((nfsuint64 *)0);
2110	}
2111	if (pos >= dp->ndm_eocookie) {
2112		if (add)
2113			dp->ndm_eocookie = pos + 1;
2114		else
2115			return ((nfsuint64 *)0);
2116	}
2117	return (&dp->ndm_cookies[pos]);
2118}
2119
2120/*
2121 * Invalidate cached directory information, except for the actual directory
2122 * blocks (which are invalidated separately).
2123 * Done mainly to avoid the use of stale offset cookies.
2124 */
2125void
2126nfs_invaldir(vp)
2127	register struct vnode *vp;
2128{
2129	register struct nfsnode *np = VTONFS(vp);
2130
2131#ifdef DIAGNOSTIC
2132	if (vp->v_type != VDIR)
2133		panic("nfs: invaldir not dir");
2134#endif
2135	np->n_direofoffset = 0;
2136	np->n_cookieverf.nfsuquad[0] = 0;
2137	np->n_cookieverf.nfsuquad[1] = 0;
2138	if (np->n_cookies.lh_first)
2139		np->n_cookies.lh_first->ndm_eocookie = 0;
2140}
2141
2142/*
2143 * The write verifier has changed (probably due to a server reboot), so all
2144 * B_NEEDCOMMIT blocks will have to be written again. Since they are on the
2145 * dirty block list as B_DELWRI, all this takes is clearing the B_NEEDCOMMIT
2146 * and B_CLUSTEROK flags.  Once done the new write verifier can be set for the
2147 * mount point.
2148 *
2149 * B_CLUSTEROK must be cleared along with B_NEEDCOMMIT because stage 1 data
2150 * writes are not clusterable.
2151 */
2152void
2153nfs_clearcommit(mp)
2154	struct mount *mp;
2155{
2156	register struct vnode *vp, *nvp;
2157	register struct buf *bp, *nbp;
2158	int s;
2159
2160	s = splbio();
2161loop:
2162	for (vp = mp->mnt_vnodelist.lh_first; vp; vp = nvp) {
2163		if (vp->v_mount != mp)	/* Paranoia */
2164			goto loop;
2165		nvp = vp->v_mntvnodes.le_next;
2166		for (bp = TAILQ_FIRST(&vp->v_dirtyblkhd); bp; bp = nbp) {
2167			nbp = TAILQ_NEXT(bp, b_vnbufs);
2168			if (BUF_REFCNT(bp) == 0 &&
2169			    (bp->b_flags & (B_DELWRI | B_NEEDCOMMIT))
2170				== (B_DELWRI | B_NEEDCOMMIT))
2171				bp->b_flags &= ~(B_NEEDCOMMIT | B_CLUSTEROK);
2172		}
2173	}
2174	splx(s);
2175}
2176
2177#ifndef NFS_NOSERVER
2178/*
2179 * Map errnos to NFS error numbers. For Version 3 also filter out error
2180 * numbers not specified for the associated procedure.
2181 */
2182int
2183nfsrv_errmap(nd, err)
2184	struct nfsrv_descript *nd;
2185	register int err;
2186{
2187	register short *defaulterrp, *errp;
2188
2189	if (nd->nd_flag & ND_NFSV3) {
2190	    if (nd->nd_procnum <= NFSPROC_COMMIT) {
2191		errp = defaulterrp = nfsrv_v3errmap[nd->nd_procnum];
2192		while (*++errp) {
2193			if (*errp == err)
2194				return (err);
2195			else if (*errp > err)
2196				break;
2197		}
2198		return ((int)*defaulterrp);
2199	    } else
2200		return (err & 0xffff);
2201	}
2202	if (err <= ELAST)
2203		return ((int)nfsrv_v2errmap[err - 1]);
2204	return (NFSERR_IO);
2205}
2206
2207int
2208nfsrv_object_create(vp)
2209	struct vnode *vp;
2210{
2211
2212	if (vp == NULL || vp->v_type != VREG)
2213		return (1);
2214	return (vfs_object_create(vp, curproc,
2215				  curproc ? curproc->p_ucred : NULL));
2216}
2217
2218/*
2219 * Sort the group list in increasing numerical order.
2220 * (Insertion sort by Chris Torek, who was grossed out by the bubble sort
2221 *  that used to be here.)
2222 */
2223void
2224nfsrvw_sort(list, num)
2225        register gid_t *list;
2226        register int num;
2227{
2228	register int i, j;
2229	gid_t v;
2230
2231	/* Insertion sort. */
2232	for (i = 1; i < num; i++) {
2233		v = list[i];
2234		/* find correct slot for value v, moving others up */
2235		for (j = i; --j >= 0 && v < list[j];)
2236			list[j + 1] = list[j];
2237		list[j + 1] = v;
2238	}
2239}
2240
2241/*
2242 * copy credentials making sure that the result can be compared with bcmp().
2243 */
2244void
2245nfsrv_setcred(incred, outcred)
2246	register struct ucred *incred, *outcred;
2247{
2248	register int i;
2249
2250	bzero((caddr_t)outcred, sizeof (struct ucred));
2251	outcred->cr_ref = 1;
2252	outcred->cr_uid = incred->cr_uid;
2253	outcred->cr_ngroups = incred->cr_ngroups;
2254	for (i = 0; i < incred->cr_ngroups; i++)
2255		outcred->cr_groups[i] = incred->cr_groups[i];
2256	nfsrvw_sort(outcred->cr_groups, outcred->cr_ngroups);
2257}
2258#endif /* NFS_NOSERVER */
2259