nfs_lock.c revision 101744
1/*- 2 * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. Berkeley Software Design Inc's name may not be used to endorse or 13 * promote products derived from this software without specific prior 14 * written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * from BSDI nfs_lock.c,v 2.4 1998/12/14 23:49:56 jch Exp 29 */ 30 31#include <sys/cdefs.h> 32__FBSDID("$FreeBSD: head/sys/nfsclient/nfs_lock.c 101744 2002-08-12 16:43:04Z rwatson $"); 33 34#include <sys/param.h> 35#include <sys/systm.h> 36#include <sys/fcntl.h> 37#include <sys/kernel.h> /* for hz */ 38#include <sys/lock.h> 39#include <sys/malloc.h> 40#include <sys/lockf.h> /* for hz */ /* Must come after sys/malloc.h */ 41#include <sys/mbuf.h> 42#include <sys/mount.h> 43#include <sys/namei.h> 44#include <sys/proc.h> 45#include <sys/resourcevar.h> 46#include <sys/socket.h> 47#include <sys/socket.h> 48#include <sys/unistd.h> 49#include <sys/vnode.h> 50 51#include <machine/limits.h> 52 53#include <net/if.h> 54 55#include <nfs/rpcv2.h> 56#include <nfs/nfsproto.h> 57#include <nfsclient/nfs.h> 58#include <nfsclient/nfsmount.h> 59#include <nfsclient/nfsnode.h> 60#include <nfsclient/nfs_lock.h> 61#include <nfsclient/nlminfo.h> 62 63#define NFSOWNER_1ST_LEVEL_START 1 /* initial entries */ 64#define NFSOWNER_2ND_LEVEL 256 /* some power of 2 */ 65 66#define NFSOWNER(tbl, i) \ 67 (tbl)[(i) / NFSOWNER_2ND_LEVEL][(i) % NFSOWNER_2ND_LEVEL] 68 69/* 70 * XXX 71 * We have to let the process know if the call succeeded. I'm using an extra 72 * field in the p_nlminfo field in the proc structure, as it is already for 73 * lockd stuff. 74 */ 75 76/* 77 * nfs_advlock -- 78 * NFS advisory byte-level locks. 79 */ 80int 81nfs_dolock(struct vop_advlock_args *ap) 82{ 83 LOCKD_MSG msg; 84 struct nameidata nd; 85 struct thread *td; 86 struct vnode *vp, *wvp; 87 int error, error1; 88 struct flock *fl; 89 int fmode, ioflg; 90 struct proc *p; 91 92 td = curthread; 93 p = td->td_proc; 94 95 vp = ap->a_vp; 96 fl = ap->a_fl; 97 98 /* 99 * the NLM protocol doesn't allow the server to return an error 100 * on ranges, so we do it. 101 */ 102 if (fl->l_whence != SEEK_END) { 103 if ((fl->l_whence != SEEK_CUR && fl->l_whence != SEEK_SET) || 104 fl->l_start < 0 || 105 (fl->l_len < 0 && 106 (fl->l_start == 0 || fl->l_start + fl->l_len < 0))) 107 return (EINVAL); 108 if (fl->l_len > 0 && 109 (fl->l_len - 1 > OFF_MAX - fl->l_start)) 110 return (EOVERFLOW); 111 } 112 113 /* 114 * Fill in the information structure. 115 */ 116 msg.lm_version = LOCKD_MSG_VERSION; 117 msg.lm_msg_ident.pid = p->p_pid; 118 /* 119 * if there is no nfsowner table yet, allocate one. 120 */ 121 if (p->p_nlminfo == NULL) { 122 MALLOC(p->p_nlminfo, struct nlminfo *, 123 sizeof(struct nlminfo), M_LOCKF, M_WAITOK | M_ZERO); 124 p->p_nlminfo->pid_start = p->p_stats->p_start; 125 } 126 msg.lm_msg_ident.pid_start = p->p_nlminfo->pid_start; 127 msg.lm_msg_ident.msg_seq = ++(p->p_nlminfo->msg_seq); 128 129 msg.lm_fl = *fl; 130 msg.lm_wait = ap->a_flags & F_WAIT; 131 msg.lm_getlk = ap->a_op == F_GETLK; 132 /* 133 * XXX: the lm_cred assignment below directly exports a ucred 134 * structure to userland. This is probably wrong, and should at 135 * least be xucred. 136 */ 137 bcopy(VFSTONFS(vp->v_mount)->nm_nam, &msg.lm_addr, 138 min(sizeof msg.lm_addr, VFSTONFS(vp->v_mount)->nm_nam->sa_len)); 139 msg.lm_fh_len = NFS_ISV3(vp) ? VTONFS(vp)->n_fhsize : NFSX_V2FH; 140 bcopy(VTONFS(vp)->n_fhp, msg.lm_fh, msg.lm_fh_len); 141 msg.lm_nfsv3 = NFS_ISV3(vp); 142 msg.lm_cred = *(td->td_ucred); 143 144 /* 145 * Open the lock fifo. If for any reason we don't find the fifo, it 146 * means that the lock daemon isn't running. Translate any missing 147 * file error message for the user, otherwise the application will 148 * complain that the user's file is missing, which isn't the case. 149 * Note that we use proc0's cred, so the fifo is opened as root. 150 * 151 * XXX: Note that this behavior is relative to the root directory 152 * of the current process, and this may result in a variety of 153 * {functional, security} problems in chroot() environments. 154 */ 155 NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, _PATH_LCKFIFO, td); 156 157 fmode = FFLAGS(O_WRONLY); 158 error = vn_open_cred(&nd, &fmode, 0, thread0.td_ucred); 159 if (error != 0) { 160 return (error == ENOENT ? EOPNOTSUPP : error); 161 } 162 wvp = nd.ni_vp; 163 VOP_UNLOCK(wvp, 0, td); /* vn_open leaves it locked */ 164 165 166 ioflg = IO_UNIT | IO_NOMACCHECK; 167 for (;;) { 168 VOP_LEASE(wvp, td, thread0.td_ucred, LEASE_WRITE); 169 170 error = vn_rdwr(UIO_WRITE, wvp, (caddr_t)&msg, sizeof(msg), 0, 171 UIO_SYSSPACE, ioflg, thread0.td_ucred, NULL, td); 172 173 if (error && (((ioflg & IO_NDELAY) == 0) || error != EAGAIN)) { 174 break; 175 } 176 /* 177 * If we're locking a file, wait for an answer. Unlocks succeed 178 * immediately. 179 */ 180 if (fl->l_type == F_UNLCK) 181 /* 182 * XXX this isn't exactly correct. The client side 183 * needs to continue sending it's unlock until 184 * it gets a responce back. 185 */ 186 break; 187 188 /* 189 * retry after 20 seconds if we haven't gotten a responce yet. 190 * This number was picked out of thin air... but is longer 191 * then even a reasonably loaded system should take (at least 192 * on a local network). XXX Probably should use a back-off 193 * scheme. 194 */ 195 if ((error = tsleep((void *)p->p_nlminfo, 196 PCATCH | PUSER, "lockd", 20*hz)) != 0) { 197 if (error == EWOULDBLOCK) { 198 /* 199 * We timed out, so we rewrite the request 200 * to the fifo, but only if it isn't already 201 * full. 202 */ 203 ioflg |= IO_NDELAY; 204 continue; 205 } 206 207 break; 208 } 209 210 if (msg.lm_getlk && p->p_nlminfo->retcode == 0) { 211 if (p->p_nlminfo->set_getlk_pid) { 212 fl->l_pid = p->p_nlminfo->getlk_pid; 213 } else { 214 fl->l_type = F_UNLCK; 215 } 216 } 217 error = p->p_nlminfo->retcode; 218 break; 219 } 220 221 if ((error1 = vn_close(wvp, FWRITE, thread0.td_ucred, td)) && error == 0) 222 return (error1); 223 224 return (error); 225} 226 227/* 228 * nfslockdans -- 229 * NFS advisory byte-level locks answer from the lock daemon. 230 */ 231int 232nfslockdans(struct thread *td, struct lockd_ans *ansp) 233{ 234 struct proc *targetp; 235 int error; 236 237 /* Let root, or someone who once was root (lockd generally 238 * switches to the daemon uid once it is done setting up) make 239 * this call. 240 * 241 * XXX This authorization check is probably not right. 242 */ 243 if ((error = suser(td)) != 0 && 244 td->td_ucred->cr_svuid != 0) 245 return (error); 246 247 /* the version should match, or we're out of sync */ 248 if (ansp->la_vers != LOCKD_ANS_VERSION) 249 return (EINVAL); 250 251 /* Find the process, set its return errno and wake it up. */ 252 if ((targetp = pfind(ansp->la_msg_ident.pid)) == NULL) 253 return (ESRCH); 254 255 /* verify the pid hasn't been reused (if we can), and it isn't waiting 256 * for an answer from a more recent request. We return an EPIPE if 257 * the match fails, because we've already used ESRCH above, and this 258 * is sort of like writing on a pipe after the reader has closed it. 259 */ 260 if (targetp->p_nlminfo == NULL || 261 ((ansp->la_msg_ident.msg_seq != -1) && 262 (timevalcmp(&targetp->p_nlminfo->pid_start, 263 &ansp->la_msg_ident.pid_start, !=) || 264 targetp->p_nlminfo->msg_seq != ansp->la_msg_ident.msg_seq))) { 265 PROC_UNLOCK(targetp); 266 return (EPIPE); 267 } 268 269 targetp->p_nlminfo->retcode = ansp->la_errno; 270 targetp->p_nlminfo->set_getlk_pid = ansp->la_set_getlk_pid; 271 targetp->p_nlminfo->getlk_pid = ansp->la_getlk_pid; 272 273 (void)wakeup((void *)targetp->p_nlminfo); 274 275 PROC_UNLOCK(targetp); 276 return (0); 277} 278