fs/nfsd/nfs4xdr.c at master

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / fs / nfsd / nfs4xdr.c
at master 6405 lines 174 kB view raw
wrap content
   1/*
   2 *  Server-side XDR for NFSv4
   3 *
   4 *  Copyright (c) 2002 The Regents of the University of Michigan.
   5 *  All rights reserved.
   6 *
   7 *  Kendrick Smith <kmsmith@umich.edu>
   8 *  Andy Adamson   <andros@umich.edu>
   9 *
  10 *  Redistribution and use in source and binary forms, with or without
  11 *  modification, are permitted provided that the following conditions
  12 *  are met:
  13 *
  14 *  1. Redistributions of source code must retain the above copyright
  15 *     notice, this list of conditions and the following disclaimer.
  16 *  2. Redistributions in binary form must reproduce the above copyright
  17 *     notice, this list of conditions and the following disclaimer in the
  18 *     documentation and/or other materials provided with the distribution.
  19 *  3. Neither the name of the University nor the names of its
  20 *     contributors may be used to endorse or promote products derived
  21 *     from this software without specific prior written permission.
  22 *
  23 *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  24 *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  25 *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  26 *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  27 *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  28 *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  29 *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  30 *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  31 *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  32 *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  33 *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  34 */
  35
  36#include <linux/file.h>
  37#include <linux/slab.h>
  38#include <linux/namei.h>
  39#include <linux/statfs.h>
  40#include <linux/utsname.h>
  41#include <linux/pagemap.h>
  42#include <linux/sunrpc/svcauth_gss.h>
  43#include <linux/sunrpc/addr.h>
  44#include <linux/xattr.h>
  45#include <linux/vmalloc.h>
  46#include <linux/nfsacl.h>
  47
  48#include <uapi/linux/xattr.h>
  49
  50#include "idmap.h"
  51#include "acl.h"
  52#include "xdr4.h"
  53#include "vfs.h"
  54#include "state.h"
  55#include "cache.h"
  56#include "netns.h"
  57#include "pnfs.h"
  58#include "filecache.h"
  59#include "nfs4xdr_gen.h"
  60
  61#include "trace.h"
  62
  63#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
  64#include <linux/security.h>
  65#endif
  66
  67
  68#define NFSDDBG_FACILITY		NFSDDBG_XDR
  69
  70const u32 nfsd_suppattrs[3][3] = {
  71	{NFSD4_SUPPORTED_ATTRS_WORD0,
  72	 NFSD4_SUPPORTED_ATTRS_WORD1,
  73	 NFSD4_SUPPORTED_ATTRS_WORD2},
  74
  75	{NFSD4_1_SUPPORTED_ATTRS_WORD0,
  76	 NFSD4_1_SUPPORTED_ATTRS_WORD1,
  77	 NFSD4_1_SUPPORTED_ATTRS_WORD2},
  78
  79	{NFSD4_1_SUPPORTED_ATTRS_WORD0,
  80	 NFSD4_1_SUPPORTED_ATTRS_WORD1,
  81	 NFSD4_2_SUPPORTED_ATTRS_WORD2},
  82};
  83
  84/*
  85 * As per referral draft, the fsid for a referral MUST be different from the fsid of the containing
  86 * directory in order to indicate to the client that a filesystem boundary is present
  87 * We use a fixed fsid for a referral
  88 */
  89#define NFS4_REFERRAL_FSID_MAJOR	0x8000000ULL
  90#define NFS4_REFERRAL_FSID_MINOR	0x8000000ULL
  91
  92static __be32
  93check_filename(char *str, int len)
  94{
  95	int i;
  96
  97	if (len == 0)
  98		return nfserr_inval;
  99	if (len > NFS4_MAXNAMLEN)
 100		return nfserr_nametoolong;
 101	if (isdotent(str, len))
 102		return nfserr_badname;
 103	for (i = 0; i < len; i++)
 104		if (str[i] == '/')
 105			return nfserr_badname;
 106	return 0;
 107}
 108
 109static int zero_clientid(clientid_t *clid)
 110{
 111	return (clid->cl_boot == 0) && (clid->cl_id == 0);
 112}
 113
 114/**
 115 * svcxdr_tmpalloc - allocate memory to be freed after compound processing
 116 * @argp: NFSv4 compound argument structure
 117 * @len: length of buffer to allocate
 118 *
 119 * Allocates a buffer of size @len to be freed when processing the compound
 120 * operation described in @argp finishes.
 121 */
 122static void *
 123svcxdr_tmpalloc(struct nfsd4_compoundargs *argp, size_t len)
 124{
 125	struct svcxdr_tmpbuf *tb;
 126
 127	tb = kmalloc_flex(*tb, buf, len);
 128	if (!tb)
 129		return NULL;
 130	tb->next = argp->to_free;
 131	argp->to_free = tb;
 132	return tb->buf;
 133}
 134
 135/*
 136 * For xdr strings that need to be passed to other kernel api's
 137 * as null-terminated strings.
 138 *
 139 * Note null-terminating in place usually isn't safe since the
 140 * buffer might end on a page boundary.
 141 */
 142static char *
 143svcxdr_dupstr(struct nfsd4_compoundargs *argp, void *buf, size_t len)
 144{
 145	char *p = svcxdr_tmpalloc(argp, size_add(len, 1));
 146
 147	if (!p)
 148		return NULL;
 149	memcpy(p, buf, len);
 150	p[len] = '\0';
 151	return p;
 152}
 153
 154static void *
 155svcxdr_savemem(struct nfsd4_compoundargs *argp, __be32 *p, size_t len)
 156{
 157	__be32 *tmp;
 158
 159	/*
 160	 * The location of the decoded data item is stable,
 161	 * so @p is OK to use. This is the common case.
 162	 */
 163	if (p != argp->xdr->scratch.iov_base)
 164		return p;
 165
 166	tmp = svcxdr_tmpalloc(argp, len);
 167	if (!tmp)
 168		return NULL;
 169	memcpy(tmp, p, len);
 170	return tmp;
 171}
 172
 173/*
 174 * NFSv4 basic data type decoders
 175 */
 176
 177/*
 178 * This helper handles variable-length opaques which belong to protocol
 179 * elements that this implementation does not support.
 180 */
 181static __be32
 182nfsd4_decode_ignored_string(struct nfsd4_compoundargs *argp, u32 maxlen)
 183{
 184	u32 len;
 185
 186	if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 187		return nfserr_bad_xdr;
 188	if (maxlen && len > maxlen)
 189		return nfserr_bad_xdr;
 190	if (!xdr_inline_decode(argp->xdr, len))
 191		return nfserr_bad_xdr;
 192
 193	return nfs_ok;
 194}
 195
 196static __be32
 197nfsd4_decode_opaque(struct nfsd4_compoundargs *argp, struct xdr_netobj *o)
 198{
 199	__be32 *p;
 200	u32 len;
 201
 202	if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 203		return nfserr_bad_xdr;
 204	if (len == 0 || len > NFS4_OPAQUE_LIMIT)
 205		return nfserr_bad_xdr;
 206	p = xdr_inline_decode(argp->xdr, len);
 207	if (!p)
 208		return nfserr_bad_xdr;
 209	o->data = svcxdr_savemem(argp, p, len);
 210	if (!o->data)
 211		return nfserr_jukebox;
 212	o->len = len;
 213
 214	return nfs_ok;
 215}
 216
 217static __be32
 218nfsd4_decode_component4(struct nfsd4_compoundargs *argp, char **namp, u32 *lenp)
 219{
 220	__be32 *p, status;
 221
 222	if (xdr_stream_decode_u32(argp->xdr, lenp) < 0)
 223		return nfserr_bad_xdr;
 224	p = xdr_inline_decode(argp->xdr, *lenp);
 225	if (!p)
 226		return nfserr_bad_xdr;
 227	status = check_filename((char *)p, *lenp);
 228	if (status)
 229		return status;
 230	*namp = svcxdr_savemem(argp, p, *lenp);
 231	if (!*namp)
 232		return nfserr_jukebox;
 233
 234	return nfs_ok;
 235}
 236
 237static __be32
 238nfsd4_decode_nfstime4(struct nfsd4_compoundargs *argp, struct timespec64 *tv)
 239{
 240	__be32 *p;
 241
 242	p = xdr_inline_decode(argp->xdr, XDR_UNIT * 3);
 243	if (!p)
 244		return nfserr_bad_xdr;
 245	p = xdr_decode_hyper(p, &tv->tv_sec);
 246	tv->tv_nsec = be32_to_cpup(p++);
 247	if (tv->tv_nsec >= (u32)1000000000)
 248		return nfserr_inval;
 249	return nfs_ok;
 250}
 251
 252static __be32
 253nfsd4_decode_verifier4(struct nfsd4_compoundargs *argp, nfs4_verifier *verf)
 254{
 255	__be32 *p;
 256
 257	p = xdr_inline_decode(argp->xdr, NFS4_VERIFIER_SIZE);
 258	if (!p)
 259		return nfserr_bad_xdr;
 260	memcpy(verf->data, p, sizeof(verf->data));
 261	return nfs_ok;
 262}
 263
 264/**
 265 * nfsd4_decode_bitmap4 - Decode an NFSv4 bitmap4
 266 * @argp: NFSv4 compound argument structure
 267 * @bmval: pointer to an array of u32's to decode into
 268 * @bmlen: size of the @bmval array
 269 *
 270 * The server needs to return nfs_ok rather than nfserr_bad_xdr when
 271 * encountering bitmaps containing bits it does not recognize. This
 272 * includes bits in bitmap words past WORDn, where WORDn is the last
 273 * bitmap WORD the implementation currently supports. Thus we are
 274 * careful here to simply ignore bits in bitmap words that this
 275 * implementation has yet to support explicitly.
 276 *
 277 * Return values:
 278 *   %nfs_ok: @bmval populated successfully
 279 *   %nfserr_bad_xdr: the encoded bitmap was invalid
 280 */
 281static __be32
 282nfsd4_decode_bitmap4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen)
 283{
 284	ssize_t status;
 285
 286	status = xdr_stream_decode_uint32_array(argp->xdr, bmval, bmlen);
 287	return status == -EBADMSG ? nfserr_bad_xdr : nfs_ok;
 288}
 289
 290static __be32
 291nfsd4_decode_nfsace4(struct nfsd4_compoundargs *argp, struct nfs4_ace *ace)
 292{
 293	__be32 *p, status;
 294	u32 length;
 295
 296	if (xdr_stream_decode_u32(argp->xdr, &ace->type) < 0)
 297		return nfserr_bad_xdr;
 298	if (xdr_stream_decode_u32(argp->xdr, &ace->flag) < 0)
 299		return nfserr_bad_xdr;
 300	if (xdr_stream_decode_u32(argp->xdr, &ace->access_mask) < 0)
 301		return nfserr_bad_xdr;
 302
 303	if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 304		return nfserr_bad_xdr;
 305	p = xdr_inline_decode(argp->xdr, length);
 306	if (!p)
 307		return nfserr_bad_xdr;
 308	ace->whotype = nfs4_acl_get_whotype((char *)p, length);
 309	if (ace->whotype != NFS4_ACL_WHO_NAMED)
 310		status = nfs_ok;
 311	else if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
 312		status = nfsd_map_name_to_gid(argp->rqstp,
 313				(char *)p, length, &ace->who_gid);
 314	else
 315		status = nfsd_map_name_to_uid(argp->rqstp,
 316				(char *)p, length, &ace->who_uid);
 317
 318	return status;
 319}
 320
 321/* A counted array of nfsace4's */
 322static noinline __be32
 323nfsd4_decode_acl(struct nfsd4_compoundargs *argp, struct nfs4_acl **acl)
 324{
 325	struct nfs4_ace *ace;
 326	__be32 status;
 327	u32 count;
 328
 329	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
 330		return nfserr_bad_xdr;
 331
 332	if (count > xdr_stream_remaining(argp->xdr) / 20)
 333		/*
 334		 * Even with 4-byte names there wouldn't be
 335		 * space for that many aces; something fishy is
 336		 * going on:
 337		 */
 338		return nfserr_fbig;
 339
 340	*acl = svcxdr_tmpalloc(argp, nfs4_acl_bytes(count));
 341	if (*acl == NULL)
 342		return nfserr_jukebox;
 343
 344	(*acl)->naces = count;
 345	for (ace = (*acl)->aces; ace < (*acl)->aces + count; ace++) {
 346		status = nfsd4_decode_nfsace4(argp, ace);
 347		if (status)
 348			return status;
 349	}
 350
 351	return nfs_ok;
 352}
 353
 354static noinline __be32
 355nfsd4_decode_security_label(struct nfsd4_compoundargs *argp,
 356			    struct xdr_netobj *label)
 357{
 358	u32 lfs, pi, length;
 359	__be32 *p;
 360
 361	if (xdr_stream_decode_u32(argp->xdr, &lfs) < 0)
 362		return nfserr_bad_xdr;
 363	if (xdr_stream_decode_u32(argp->xdr, &pi) < 0)
 364		return nfserr_bad_xdr;
 365
 366	if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 367		return nfserr_bad_xdr;
 368	if (length > NFS4_MAXLABELLEN)
 369		return nfserr_badlabel;
 370	p = xdr_inline_decode(argp->xdr, length);
 371	if (!p)
 372		return nfserr_bad_xdr;
 373	label->len = length;
 374	label->data = svcxdr_dupstr(argp, p, length);
 375	if (!label->data)
 376		return nfserr_jukebox;
 377
 378	return nfs_ok;
 379}
 380
 381#ifdef CONFIG_NFSD_V4_POSIX_ACLS
 382
 383static short nfsd4_posixacetag4_to_tag(posixacetag4 tag)
 384{
 385	switch (tag) {
 386	case POSIXACE4_TAG_USER_OBJ:	return ACL_USER_OBJ;
 387	case POSIXACE4_TAG_GROUP_OBJ:	return ACL_GROUP_OBJ;
 388	case POSIXACE4_TAG_USER:	return ACL_USER;
 389	case POSIXACE4_TAG_GROUP:	return ACL_GROUP;
 390	case POSIXACE4_TAG_MASK:	return ACL_MASK;
 391	case POSIXACE4_TAG_OTHER:	return ACL_OTHER;
 392	}
 393	return ACL_OTHER;
 394}
 395
 396static __be32
 397nfsd4_decode_posixace4(struct nfsd4_compoundargs *argp,
 398		       struct posix_acl_entry *ace)
 399{
 400	posixaceperm4 perm;
 401	__be32 *p, status;
 402	posixacetag4 tag;
 403	u32 len;
 404
 405	if (!xdrgen_decode_posixacetag4(argp->xdr, &tag))
 406		return nfserr_bad_xdr;
 407	ace->e_tag = nfsd4_posixacetag4_to_tag(tag);
 408
 409	if (!xdrgen_decode_posixaceperm4(argp->xdr, &perm))
 410		return nfserr_bad_xdr;
 411	if (perm & ~S_IRWXO)
 412		return nfserr_bad_xdr;
 413	ace->e_perm = perm;
 414
 415	if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 416		return nfserr_bad_xdr;
 417	p = xdr_inline_decode(argp->xdr, len);
 418	if (!p)
 419		return nfserr_bad_xdr;
 420	switch (tag) {
 421	case POSIXACE4_TAG_USER:
 422		if (len > 0)
 423			status = nfsd_map_name_to_uid(argp->rqstp,
 424					(char *)p, len, &ace->e_uid);
 425		else
 426			status = nfserr_bad_xdr;
 427		break;
 428	case POSIXACE4_TAG_GROUP:
 429		if (len > 0)
 430			status = nfsd_map_name_to_gid(argp->rqstp,
 431					(char *)p, len, &ace->e_gid);
 432		else
 433			status = nfserr_bad_xdr;
 434		break;
 435	default:
 436		status = nfs_ok;
 437	}
 438
 439	return status;
 440}
 441
 442static noinline __be32
 443nfsd4_decode_posixacl(struct nfsd4_compoundargs *argp, struct posix_acl **acl)
 444{
 445	struct posix_acl_entry *ace;
 446	__be32 status;
 447	u32 count;
 448
 449	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
 450		return nfserr_bad_xdr;
 451
 452	*acl = posix_acl_alloc(count, GFP_KERNEL);
 453	if (*acl == NULL)
 454		return nfserr_resource;
 455
 456	(*acl)->a_count = count;
 457	for (ace = (*acl)->a_entries; ace < (*acl)->a_entries + count; ace++) {
 458		status = nfsd4_decode_posixace4(argp, ace);
 459		if (status) {
 460			posix_acl_release(*acl);
 461			*acl = NULL;
 462			return status;
 463		}
 464	}
 465
 466	/*
 467	 * posix_acl_valid() requires the ACEs to be sorted.
 468	 * If they are already sorted, sort_pacl_range() will return
 469	 * after one pass through the ACEs, since it implements bubble sort.
 470	 * Note that a count == 0 is used to delete a POSIX ACL and a count
 471	 * of 1 or 2 will always be found invalid by posix_acl_valid().
 472	 */
 473	if (count >= 3)
 474		sort_pacl_range(*acl, 0, count - 1);
 475
 476	return nfs_ok;
 477}
 478
 479#endif /* CONFIG_NFSD_V4_POSIX_ACLS */
 480
 481static __be32
 482nfsd4_decode_fattr4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen,
 483		    struct iattr *iattr, struct nfs4_acl **acl,
 484		    struct xdr_netobj *label, int *umask,
 485		    struct posix_acl **dpaclp, struct posix_acl **paclp)
 486{
 487	unsigned int starting_pos;
 488	u32 attrlist4_count;
 489	__be32 *p, status;
 490
 491	iattr->ia_valid = 0;
 492	status = nfsd4_decode_bitmap4(argp, bmval, bmlen);
 493	if (status)
 494		return nfserr_bad_xdr;
 495
 496	if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0
 497	    || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1
 498	    || bmval[2] & ~NFSD_WRITEABLE_ATTRS_WORD2) {
 499		if (nfsd_attrs_supported(argp->minorversion, bmval))
 500			return nfserr_inval;
 501		return nfserr_attrnotsupp;
 502	}
 503
 504	if (xdr_stream_decode_u32(argp->xdr, &attrlist4_count) < 0)
 505		return nfserr_bad_xdr;
 506	starting_pos = xdr_stream_pos(argp->xdr);
 507
 508	if (bmval[0] & FATTR4_WORD0_SIZE) {
 509		u64 size;
 510
 511		if (xdr_stream_decode_u64(argp->xdr, &size) < 0)
 512			return nfserr_bad_xdr;
 513		iattr->ia_size = size;
 514		iattr->ia_valid |= ATTR_SIZE;
 515	}
 516	if (bmval[0] & FATTR4_WORD0_ACL) {
 517		status = nfsd4_decode_acl(argp, acl);
 518		if (status)
 519			return status;
 520	} else
 521		*acl = NULL;
 522	if (bmval[1] & FATTR4_WORD1_MODE) {
 523		u32 mode;
 524
 525		if (xdr_stream_decode_u32(argp->xdr, &mode) < 0)
 526			return nfserr_bad_xdr;
 527		iattr->ia_mode = mode;
 528		iattr->ia_mode &= (S_IFMT | S_IALLUGO);
 529		iattr->ia_valid |= ATTR_MODE;
 530	}
 531	if (bmval[1] & FATTR4_WORD1_OWNER) {
 532		u32 length;
 533
 534		if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 535			return nfserr_bad_xdr;
 536		p = xdr_inline_decode(argp->xdr, length);
 537		if (!p)
 538			return nfserr_bad_xdr;
 539		status = nfsd_map_name_to_uid(argp->rqstp, (char *)p, length,
 540					      &iattr->ia_uid);
 541		if (status)
 542			return status;
 543		iattr->ia_valid |= ATTR_UID;
 544	}
 545	if (bmval[1] & FATTR4_WORD1_OWNER_GROUP) {
 546		u32 length;
 547
 548		if (xdr_stream_decode_u32(argp->xdr, &length) < 0)
 549			return nfserr_bad_xdr;
 550		p = xdr_inline_decode(argp->xdr, length);
 551		if (!p)
 552			return nfserr_bad_xdr;
 553		status = nfsd_map_name_to_gid(argp->rqstp, (char *)p, length,
 554					      &iattr->ia_gid);
 555		if (status)
 556			return status;
 557		iattr->ia_valid |= ATTR_GID;
 558	}
 559	if (bmval[1] & FATTR4_WORD1_TIME_ACCESS_SET) {
 560		u32 set_it;
 561
 562		if (xdr_stream_decode_u32(argp->xdr, &set_it) < 0)
 563			return nfserr_bad_xdr;
 564		switch (set_it) {
 565		case NFS4_SET_TO_CLIENT_TIME:
 566			status = nfsd4_decode_nfstime4(argp, &iattr->ia_atime);
 567			if (status)
 568				return status;
 569			iattr->ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);
 570			break;
 571		case NFS4_SET_TO_SERVER_TIME:
 572			iattr->ia_valid |= ATTR_ATIME;
 573			break;
 574		default:
 575			return nfserr_bad_xdr;
 576		}
 577	}
 578	if (bmval[1] & FATTR4_WORD1_TIME_CREATE) {
 579		struct timespec64 ts;
 580
 581		/* No Linux filesystem supports setting this attribute. */
 582		bmval[1] &= ~FATTR4_WORD1_TIME_CREATE;
 583		status = nfsd4_decode_nfstime4(argp, &ts);
 584		if (status)
 585			return status;
 586	}
 587	if (bmval[1] & FATTR4_WORD1_TIME_MODIFY_SET) {
 588		u32 set_it;
 589
 590		if (xdr_stream_decode_u32(argp->xdr, &set_it) < 0)
 591			return nfserr_bad_xdr;
 592		switch (set_it) {
 593		case NFS4_SET_TO_CLIENT_TIME:
 594			status = nfsd4_decode_nfstime4(argp, &iattr->ia_mtime);
 595			if (status)
 596				return status;
 597			iattr->ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET);
 598			break;
 599		case NFS4_SET_TO_SERVER_TIME:
 600			iattr->ia_valid |= ATTR_MTIME;
 601			break;
 602		default:
 603			return nfserr_bad_xdr;
 604		}
 605	}
 606	label->len = 0;
 607	if (IS_ENABLED(CONFIG_NFSD_V4_SECURITY_LABEL) &&
 608	    bmval[2] & FATTR4_WORD2_SECURITY_LABEL) {
 609		status = nfsd4_decode_security_label(argp, label);
 610		if (status)
 611			return status;
 612	}
 613	if (bmval[2] & FATTR4_WORD2_MODE_UMASK) {
 614		u32 mode, mask;
 615
 616		if (!umask)
 617			return nfserr_bad_xdr;
 618		if (xdr_stream_decode_u32(argp->xdr, &mode) < 0)
 619			return nfserr_bad_xdr;
 620		iattr->ia_mode = mode & (S_IFMT | S_IALLUGO);
 621		if (xdr_stream_decode_u32(argp->xdr, &mask) < 0)
 622			return nfserr_bad_xdr;
 623		*umask = mask & S_IRWXUGO;
 624		iattr->ia_valid |= ATTR_MODE;
 625	}
 626	if (bmval[2] & FATTR4_WORD2_TIME_DELEG_ACCESS) {
 627		fattr4_time_deleg_access access;
 628
 629		if (!xdrgen_decode_fattr4_time_deleg_access(argp->xdr, &access))
 630			return nfserr_bad_xdr;
 631		iattr->ia_atime.tv_sec = access.seconds;
 632		iattr->ia_atime.tv_nsec = access.nseconds;
 633		iattr->ia_valid |= ATTR_ATIME | ATTR_ATIME_SET | ATTR_DELEG;
 634	}
 635	if (bmval[2] & FATTR4_WORD2_TIME_DELEG_MODIFY) {
 636		fattr4_time_deleg_modify modify;
 637
 638		if (!xdrgen_decode_fattr4_time_deleg_modify(argp->xdr, &modify))
 639			return nfserr_bad_xdr;
 640		iattr->ia_mtime.tv_sec = modify.seconds;
 641		iattr->ia_mtime.tv_nsec = modify.nseconds;
 642		iattr->ia_ctime.tv_sec = modify.seconds;
 643		iattr->ia_ctime.tv_nsec = modify.nseconds;
 644		iattr->ia_valid |= ATTR_CTIME | ATTR_CTIME_SET |
 645				   ATTR_MTIME | ATTR_MTIME_SET | ATTR_DELEG;
 646	}
 647
 648	*dpaclp = NULL;
 649	*paclp = NULL;
 650#ifdef CONFIG_NFSD_V4_POSIX_ACLS
 651	if (bmval[2] & FATTR4_WORD2_POSIX_DEFAULT_ACL) {
 652		struct posix_acl *dpacl;
 653
 654		status = nfsd4_decode_posixacl(argp, &dpacl);
 655		if (status)
 656			return status;
 657		*dpaclp = dpacl;
 658	}
 659	if (bmval[2] & FATTR4_WORD2_POSIX_ACCESS_ACL) {
 660		struct posix_acl *pacl;
 661
 662		status = nfsd4_decode_posixacl(argp, &pacl);
 663		if (status) {
 664			posix_acl_release(*dpaclp);
 665			*dpaclp = NULL;
 666			return status;
 667		}
 668		*paclp = pacl;
 669	}
 670#endif /* CONFIG_NFSD_V4_POSIX_ACLS */
 671
 672	/* request sanity: did attrlist4 contain the expected number of words? */
 673	if (attrlist4_count != xdr_stream_pos(argp->xdr) - starting_pos) {
 674#ifdef CONFIG_NFSD_V4_POSIX_ACLS
 675		posix_acl_release(*dpaclp);
 676		posix_acl_release(*paclp);
 677		*dpaclp = NULL;
 678		*paclp = NULL;
 679#endif
 680		return nfserr_bad_xdr;
 681	}
 682
 683	return nfs_ok;
 684}
 685
 686static __be32
 687nfsd4_decode_stateid4(struct nfsd4_compoundargs *argp, stateid_t *sid)
 688{
 689	__be32 *p;
 690
 691	p = xdr_inline_decode(argp->xdr, NFS4_STATEID_SIZE);
 692	if (!p)
 693		return nfserr_bad_xdr;
 694	sid->si_generation = be32_to_cpup(p++);
 695	memcpy(&sid->si_opaque, p, sizeof(sid->si_opaque));
 696	return nfs_ok;
 697}
 698
 699static __be32
 700nfsd4_decode_clientid4(struct nfsd4_compoundargs *argp, clientid_t *clientid)
 701{
 702	__be32 *p;
 703
 704	p = xdr_inline_decode(argp->xdr, sizeof(__be64));
 705	if (!p)
 706		return nfserr_bad_xdr;
 707	memcpy(clientid, p, sizeof(*clientid));
 708	return nfs_ok;
 709}
 710
 711static __be32
 712nfsd4_decode_state_owner4(struct nfsd4_compoundargs *argp,
 713			  clientid_t *clientid, struct xdr_netobj *owner)
 714{
 715	__be32 status;
 716
 717	status = nfsd4_decode_clientid4(argp, clientid);
 718	if (status)
 719		return status;
 720	return nfsd4_decode_opaque(argp, owner);
 721}
 722
 723#ifdef CONFIG_NFSD_PNFS
 724
 725static __be32
 726nfsd4_decode_layoutupdate4(struct nfsd4_compoundargs *argp,
 727			   struct nfsd4_layoutcommit *lcp)
 728{
 729	u32 len;
 730
 731	if (xdr_stream_decode_u32(argp->xdr, &lcp->lc_layout_type) < 0)
 732		return nfserr_bad_xdr;
 733	if (lcp->lc_layout_type < LAYOUT_NFSV4_1_FILES)
 734		return nfserr_bad_xdr;
 735	if (lcp->lc_layout_type >= LAYOUT_TYPE_MAX)
 736		return nfserr_bad_xdr;
 737
 738	if (xdr_stream_decode_u32(argp->xdr, &len) < 0)
 739		return nfserr_bad_xdr;
 740	if (!xdr_stream_subsegment(argp->xdr, &lcp->lc_up_layout, len))
 741		return nfserr_bad_xdr;
 742
 743	return nfs_ok;
 744}
 745
 746static __be32
 747nfsd4_decode_layoutreturn4(struct nfsd4_compoundargs *argp,
 748			   struct nfsd4_layoutreturn *lrp)
 749{
 750	__be32 status;
 751
 752	if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_return_type) < 0)
 753		return nfserr_bad_xdr;
 754	switch (lrp->lr_return_type) {
 755	case RETURN_FILE:
 756		if (xdr_stream_decode_u64(argp->xdr, &lrp->lr_seg.offset) < 0)
 757			return nfserr_bad_xdr;
 758		if (xdr_stream_decode_u64(argp->xdr, &lrp->lr_seg.length) < 0)
 759			return nfserr_bad_xdr;
 760		status = nfsd4_decode_stateid4(argp, &lrp->lr_sid);
 761		if (status)
 762			return status;
 763		if (xdr_stream_decode_u32(argp->xdr, &lrp->lrf_body_len) < 0)
 764			return nfserr_bad_xdr;
 765		if (lrp->lrf_body_len > 0) {
 766			lrp->lrf_body = xdr_inline_decode(argp->xdr, lrp->lrf_body_len);
 767			if (!lrp->lrf_body)
 768				return nfserr_bad_xdr;
 769		}
 770		break;
 771	case RETURN_FSID:
 772	case RETURN_ALL:
 773		lrp->lr_seg.offset = 0;
 774		lrp->lr_seg.length = NFS4_MAX_UINT64;
 775		break;
 776	default:
 777		return nfserr_bad_xdr;
 778	}
 779
 780	return nfs_ok;
 781}
 782
 783#endif /* CONFIG_NFSD_PNFS */
 784
 785static __be32
 786nfsd4_decode_sessionid4(struct nfsd4_compoundargs *argp,
 787			struct nfs4_sessionid *sessionid)
 788{
 789	__be32 *p;
 790
 791	p = xdr_inline_decode(argp->xdr, NFS4_MAX_SESSIONID_LEN);
 792	if (!p)
 793		return nfserr_bad_xdr;
 794	memcpy(sessionid->data, p, sizeof(sessionid->data));
 795	return nfs_ok;
 796}
 797
 798/* Defined in Appendix A of RFC 5531 */
 799static __be32
 800nfsd4_decode_authsys_parms(struct nfsd4_compoundargs *argp,
 801			   struct nfsd4_cb_sec *cbs)
 802{
 803	u32 stamp, gidcount, uid, gid;
 804	__be32 *p, status;
 805
 806	if (xdr_stream_decode_u32(argp->xdr, &stamp) < 0)
 807		return nfserr_bad_xdr;
 808	/* machine name */
 809	status = nfsd4_decode_ignored_string(argp, 255);
 810	if (status)
 811		return status;
 812	if (xdr_stream_decode_u32(argp->xdr, &uid) < 0)
 813		return nfserr_bad_xdr;
 814	if (xdr_stream_decode_u32(argp->xdr, &gid) < 0)
 815		return nfserr_bad_xdr;
 816	if (xdr_stream_decode_u32(argp->xdr, &gidcount) < 0)
 817		return nfserr_bad_xdr;
 818	if (gidcount > 16)
 819		return nfserr_bad_xdr;
 820	p = xdr_inline_decode(argp->xdr, gidcount << 2);
 821	if (!p)
 822		return nfserr_bad_xdr;
 823	if (cbs->flavor == (u32)(-1)) {
 824		struct user_namespace *userns = nfsd_user_namespace(argp->rqstp);
 825
 826		kuid_t kuid = make_kuid(userns, uid);
 827		kgid_t kgid = make_kgid(userns, gid);
 828		if (uid_valid(kuid) && gid_valid(kgid)) {
 829			cbs->uid = kuid;
 830			cbs->gid = kgid;
 831			cbs->flavor = RPC_AUTH_UNIX;
 832		} else {
 833			dprintk("RPC_AUTH_UNIX with invalid uid or gid, ignoring!\n");
 834		}
 835	}
 836
 837	return nfs_ok;
 838}
 839
 840static __be32
 841nfsd4_decode_gss_cb_handles4(struct nfsd4_compoundargs *argp,
 842			     struct nfsd4_cb_sec *cbs)
 843{
 844	__be32 status;
 845	u32 service;
 846
 847	dprintk("RPC_AUTH_GSS callback secflavor not supported!\n");
 848
 849	if (xdr_stream_decode_u32(argp->xdr, &service) < 0)
 850		return nfserr_bad_xdr;
 851	if (service < RPC_GSS_SVC_NONE || service > RPC_GSS_SVC_PRIVACY)
 852		return nfserr_bad_xdr;
 853	/* gcbp_handle_from_server */
 854	status = nfsd4_decode_ignored_string(argp, 0);
 855	if (status)
 856		return status;
 857	/* gcbp_handle_from_client */
 858	status = nfsd4_decode_ignored_string(argp, 0);
 859	if (status)
 860		return status;
 861
 862	return nfs_ok;
 863}
 864
 865/* a counted array of callback_sec_parms4 items */
 866static __be32
 867nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs)
 868{
 869	u32 i, secflavor, nr_secflavs;
 870	__be32 status;
 871
 872	/* callback_sec_params4 */
 873	if (xdr_stream_decode_u32(argp->xdr, &nr_secflavs) < 0)
 874		return nfserr_bad_xdr;
 875	if (nr_secflavs)
 876		cbs->flavor = (u32)(-1);
 877	else
 878		/* Is this legal? Be generous, take it to mean AUTH_NONE: */
 879		cbs->flavor = 0;
 880
 881	for (i = 0; i < nr_secflavs; ++i) {
 882		if (xdr_stream_decode_u32(argp->xdr, &secflavor) < 0)
 883			return nfserr_bad_xdr;
 884		switch (secflavor) {
 885		case RPC_AUTH_NULL:
 886			/* void */
 887			if (cbs->flavor == (u32)(-1))
 888				cbs->flavor = RPC_AUTH_NULL;
 889			break;
 890		case RPC_AUTH_UNIX:
 891			status = nfsd4_decode_authsys_parms(argp, cbs);
 892			if (status)
 893				return status;
 894			break;
 895		case RPC_AUTH_GSS:
 896			status = nfsd4_decode_gss_cb_handles4(argp, cbs);
 897			if (status)
 898				return status;
 899			break;
 900		default:
 901			return nfserr_inval;
 902		}
 903	}
 904
 905	return nfs_ok;
 906}
 907
 908
 909/*
 910 * NFSv4 operation argument decoders
 911 */
 912
 913static __be32
 914nfsd4_decode_access(struct nfsd4_compoundargs *argp,
 915		    union nfsd4_op_u *u)
 916{
 917	struct nfsd4_access *access = &u->access;
 918	if (xdr_stream_decode_u32(argp->xdr, &access->ac_req_access) < 0)
 919		return nfserr_bad_xdr;
 920	return nfs_ok;
 921}
 922
 923static __be32
 924nfsd4_decode_close(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
 925{
 926	struct nfsd4_close *close = &u->close;
 927	if (xdr_stream_decode_u32(argp->xdr, &close->cl_seqid) < 0)
 928		return nfserr_bad_xdr;
 929	return nfsd4_decode_stateid4(argp, &close->cl_stateid);
 930}
 931
 932
 933static __be32
 934nfsd4_decode_commit(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
 935{
 936	struct nfsd4_commit *commit = &u->commit;
 937	if (xdr_stream_decode_u64(argp->xdr, &commit->co_offset) < 0)
 938		return nfserr_bad_xdr;
 939	if (xdr_stream_decode_u32(argp->xdr, &commit->co_count) < 0)
 940		return nfserr_bad_xdr;
 941	memset(&commit->co_verf, 0, sizeof(commit->co_verf));
 942	return nfs_ok;
 943}
 944
 945static __be32
 946nfsd4_decode_create(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
 947{
 948	struct nfsd4_create *create = &u->create;
 949	__be32 *p, status;
 950
 951	memset(create, 0, sizeof(*create));
 952	if (xdr_stream_decode_u32(argp->xdr, &create->cr_type) < 0)
 953		return nfserr_bad_xdr;
 954	switch (create->cr_type) {
 955	case NF4LNK:
 956		if (xdr_stream_decode_u32(argp->xdr, &create->cr_datalen) < 0)
 957			return nfserr_bad_xdr;
 958		p = xdr_inline_decode(argp->xdr, create->cr_datalen);
 959		if (!p)
 960			return nfserr_bad_xdr;
 961		create->cr_data = svcxdr_dupstr(argp, p, create->cr_datalen);
 962		if (!create->cr_data)
 963			return nfserr_jukebox;
 964		break;
 965	case NF4BLK:
 966	case NF4CHR:
 967		if (xdr_stream_decode_u32(argp->xdr, &create->cr_specdata1) < 0)
 968			return nfserr_bad_xdr;
 969		if (xdr_stream_decode_u32(argp->xdr, &create->cr_specdata2) < 0)
 970			return nfserr_bad_xdr;
 971		break;
 972	case NF4SOCK:
 973	case NF4FIFO:
 974	case NF4DIR:
 975	default:
 976		break;
 977	}
 978	status = nfsd4_decode_component4(argp, &create->cr_name,
 979					 &create->cr_namelen);
 980	if (status)
 981		return status;
 982	status = nfsd4_decode_fattr4(argp, create->cr_bmval,
 983				    ARRAY_SIZE(create->cr_bmval),
 984				    &create->cr_iattr, &create->cr_acl,
 985				    &create->cr_label, &create->cr_umask,
 986				    &create->cr_dpacl, &create->cr_pacl);
 987	if (status)
 988		return status;
 989
 990	return nfs_ok;
 991}
 992
 993static inline __be32
 994nfsd4_decode_delegreturn(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
 995{
 996	struct nfsd4_delegreturn *dr = &u->delegreturn;
 997	return nfsd4_decode_stateid4(argp, &dr->dr_stateid);
 998}
 999
1000static inline __be32
1001nfsd4_decode_getattr(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1002{
1003	struct nfsd4_getattr *getattr = &u->getattr;
1004	memset(getattr, 0, sizeof(*getattr));
1005	return nfsd4_decode_bitmap4(argp, getattr->ga_bmval,
1006				    ARRAY_SIZE(getattr->ga_bmval));
1007}
1008
1009static __be32
1010nfsd4_decode_link(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1011{
1012	struct nfsd4_link *link = &u->link;
1013	memset(link, 0, sizeof(*link));
1014	return nfsd4_decode_component4(argp, &link->li_name, &link->li_namelen);
1015}
1016
1017static __be32
1018nfsd4_decode_open_to_lock_owner4(struct nfsd4_compoundargs *argp,
1019				 struct nfsd4_lock *lock)
1020{
1021	__be32 status;
1022
1023	if (xdr_stream_decode_u32(argp->xdr, &lock->lk_new_open_seqid) < 0)
1024		return nfserr_bad_xdr;
1025	status = nfsd4_decode_stateid4(argp, &lock->lk_new_open_stateid);
1026	if (status)
1027		return status;
1028	if (xdr_stream_decode_u32(argp->xdr, &lock->lk_new_lock_seqid) < 0)
1029		return nfserr_bad_xdr;
1030	return nfsd4_decode_state_owner4(argp, &lock->lk_new_clientid,
1031					 &lock->lk_new_owner);
1032}
1033
1034static __be32
1035nfsd4_decode_exist_lock_owner4(struct nfsd4_compoundargs *argp,
1036			       struct nfsd4_lock *lock)
1037{
1038	__be32 status;
1039
1040	status = nfsd4_decode_stateid4(argp, &lock->lk_old_lock_stateid);
1041	if (status)
1042		return status;
1043	if (xdr_stream_decode_u32(argp->xdr, &lock->lk_old_lock_seqid) < 0)
1044		return nfserr_bad_xdr;
1045
1046	return nfs_ok;
1047}
1048
1049static __be32
1050nfsd4_decode_locker4(struct nfsd4_compoundargs *argp, struct nfsd4_lock *lock)
1051{
1052	if (xdr_stream_decode_bool(argp->xdr, &lock->lk_is_new) < 0)
1053		return nfserr_bad_xdr;
1054	if (lock->lk_is_new)
1055		return nfsd4_decode_open_to_lock_owner4(argp, lock);
1056	return nfsd4_decode_exist_lock_owner4(argp, lock);
1057}
1058
1059static __be32
1060nfsd4_decode_lock(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1061{
1062	struct nfsd4_lock *lock = &u->lock;
1063	memset(lock, 0, sizeof(*lock));
1064	if (xdr_stream_decode_u32(argp->xdr, &lock->lk_type) < 0)
1065		return nfserr_bad_xdr;
1066	if ((lock->lk_type < NFS4_READ_LT) || (lock->lk_type > NFS4_WRITEW_LT))
1067		return nfserr_bad_xdr;
1068	if (xdr_stream_decode_bool(argp->xdr, &lock->lk_reclaim) < 0)
1069		return nfserr_bad_xdr;
1070	if (xdr_stream_decode_u64(argp->xdr, &lock->lk_offset) < 0)
1071		return nfserr_bad_xdr;
1072	if (xdr_stream_decode_u64(argp->xdr, &lock->lk_length) < 0)
1073		return nfserr_bad_xdr;
1074	return nfsd4_decode_locker4(argp, lock);
1075}
1076
1077static __be32
1078nfsd4_decode_lockt(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1079{
1080	struct nfsd4_lockt *lockt = &u->lockt;
1081	memset(lockt, 0, sizeof(*lockt));
1082	if (xdr_stream_decode_u32(argp->xdr, &lockt->lt_type) < 0)
1083		return nfserr_bad_xdr;
1084	if ((lockt->lt_type < NFS4_READ_LT) || (lockt->lt_type > NFS4_WRITEW_LT))
1085		return nfserr_bad_xdr;
1086	if (xdr_stream_decode_u64(argp->xdr, &lockt->lt_offset) < 0)
1087		return nfserr_bad_xdr;
1088	if (xdr_stream_decode_u64(argp->xdr, &lockt->lt_length) < 0)
1089		return nfserr_bad_xdr;
1090	return nfsd4_decode_state_owner4(argp, &lockt->lt_clientid,
1091					 &lockt->lt_owner);
1092}
1093
1094static __be32
1095nfsd4_decode_locku(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1096{
1097	struct nfsd4_locku *locku = &u->locku;
1098	__be32 status;
1099
1100	if (xdr_stream_decode_u32(argp->xdr, &locku->lu_type) < 0)
1101		return nfserr_bad_xdr;
1102	if ((locku->lu_type < NFS4_READ_LT) || (locku->lu_type > NFS4_WRITEW_LT))
1103		return nfserr_bad_xdr;
1104	if (xdr_stream_decode_u32(argp->xdr, &locku->lu_seqid) < 0)
1105		return nfserr_bad_xdr;
1106	status = nfsd4_decode_stateid4(argp, &locku->lu_stateid);
1107	if (status)
1108		return status;
1109	if (xdr_stream_decode_u64(argp->xdr, &locku->lu_offset) < 0)
1110		return nfserr_bad_xdr;
1111	if (xdr_stream_decode_u64(argp->xdr, &locku->lu_length) < 0)
1112		return nfserr_bad_xdr;
1113
1114	return nfs_ok;
1115}
1116
1117static __be32
1118nfsd4_decode_lookup(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1119{
1120	struct nfsd4_lookup *lookup = &u->lookup;
1121	return nfsd4_decode_component4(argp, &lookup->lo_name, &lookup->lo_len);
1122}
1123
1124static __be32
1125nfsd4_decode_createhow4(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
1126{
1127	__be32 status;
1128
1129	if (xdr_stream_decode_u32(argp->xdr, &open->op_createmode) < 0)
1130		return nfserr_bad_xdr;
1131	switch (open->op_createmode) {
1132	case NFS4_CREATE_UNCHECKED:
1133	case NFS4_CREATE_GUARDED:
1134		status = nfsd4_decode_fattr4(argp, open->op_bmval,
1135					     ARRAY_SIZE(open->op_bmval),
1136					     &open->op_iattr, &open->op_acl,
1137					     &open->op_label, &open->op_umask,
1138					     &open->op_dpacl, &open->op_pacl);
1139		if (status)
1140			return status;
1141		break;
1142	case NFS4_CREATE_EXCLUSIVE:
1143		status = nfsd4_decode_verifier4(argp, &open->op_verf);
1144		if (status)
1145			return status;
1146		break;
1147	case NFS4_CREATE_EXCLUSIVE4_1:
1148		if (argp->minorversion < 1)
1149			return nfserr_bad_xdr;
1150		status = nfsd4_decode_verifier4(argp, &open->op_verf);
1151		if (status)
1152			return status;
1153		status = nfsd4_decode_fattr4(argp, open->op_bmval,
1154					     ARRAY_SIZE(open->op_bmval),
1155					     &open->op_iattr, &open->op_acl,
1156					     &open->op_label, &open->op_umask,
1157					     &open->op_dpacl, &open->op_pacl);
1158		if (status)
1159			return status;
1160		break;
1161	default:
1162		return nfserr_bad_xdr;
1163	}
1164
1165	return nfs_ok;
1166}
1167
1168static __be32
1169nfsd4_decode_openflag4(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
1170{
1171	__be32 status;
1172
1173	if (xdr_stream_decode_u32(argp->xdr, &open->op_create) < 0)
1174		return nfserr_bad_xdr;
1175	switch (open->op_create) {
1176	case NFS4_OPEN_NOCREATE:
1177		break;
1178	case NFS4_OPEN_CREATE:
1179		status = nfsd4_decode_createhow4(argp, open);
1180		if (status)
1181			return status;
1182		break;
1183	default:
1184		return nfserr_bad_xdr;
1185	}
1186
1187	return nfs_ok;
1188}
1189
1190static __be32 nfsd4_decode_share_access(struct nfsd4_compoundargs *argp, u32 *share_access, u32 *deleg_want, u32 *deleg_when)
1191{
1192	u32 w;
1193
1194	if (xdr_stream_decode_u32(argp->xdr, &w) < 0)
1195		return nfserr_bad_xdr;
1196	*share_access = w & NFS4_SHARE_ACCESS_MASK;
1197	*deleg_want = w & NFS4_SHARE_WANT_MASK;
1198	if (deleg_when)
1199		*deleg_when = w & NFS4_SHARE_WHEN_MASK;
1200
1201	switch (w & NFS4_SHARE_ACCESS_MASK) {
1202	case NFS4_SHARE_ACCESS_READ:
1203	case NFS4_SHARE_ACCESS_WRITE:
1204	case NFS4_SHARE_ACCESS_BOTH:
1205		break;
1206	default:
1207		return nfserr_bad_xdr;
1208	}
1209	w &= ~NFS4_SHARE_ACCESS_MASK;
1210	if (!w)
1211		return nfs_ok;
1212	if (!argp->minorversion)
1213		return nfserr_bad_xdr;
1214	switch (w & NFS4_SHARE_WANT_TYPE_MASK) {
1215	case OPEN4_SHARE_ACCESS_WANT_NO_PREFERENCE:
1216	case OPEN4_SHARE_ACCESS_WANT_READ_DELEG:
1217	case OPEN4_SHARE_ACCESS_WANT_WRITE_DELEG:
1218	case OPEN4_SHARE_ACCESS_WANT_ANY_DELEG:
1219	case OPEN4_SHARE_ACCESS_WANT_NO_DELEG:
1220	case OPEN4_SHARE_ACCESS_WANT_CANCEL:
1221		break;
1222	default:
1223		return nfserr_bad_xdr;
1224	}
1225	w &= ~NFS4_SHARE_WANT_MASK;
1226	if (!w)
1227		return nfs_ok;
1228
1229	if (!deleg_when)	/* open_downgrade */
1230		return nfserr_inval;
1231	switch (w) {
1232	case NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL:
1233	case NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED:
1234	case (NFS4_SHARE_SIGNAL_DELEG_WHEN_RESRC_AVAIL |
1235	      NFS4_SHARE_PUSH_DELEG_WHEN_UNCONTENDED):
1236		return nfs_ok;
1237	}
1238	return nfserr_bad_xdr;
1239}
1240
1241static __be32 nfsd4_decode_share_deny(struct nfsd4_compoundargs *argp, u32 *x)
1242{
1243	if (xdr_stream_decode_u32(argp->xdr, x) < 0)
1244		return nfserr_bad_xdr;
1245	/* Note: unlike access bits, deny bits may be zero. */
1246	if (*x & ~NFS4_SHARE_DENY_BOTH)
1247		return nfserr_bad_xdr;
1248
1249	return nfs_ok;
1250}
1251
1252static __be32
1253nfsd4_decode_open_claim4(struct nfsd4_compoundargs *argp,
1254			 struct nfsd4_open *open)
1255{
1256	__be32 status;
1257
1258	if (xdr_stream_decode_u32(argp->xdr, &open->op_claim_type) < 0)
1259		return nfserr_bad_xdr;
1260	switch (open->op_claim_type) {
1261	case NFS4_OPEN_CLAIM_NULL:
1262	case NFS4_OPEN_CLAIM_DELEGATE_PREV:
1263		status = nfsd4_decode_component4(argp, &open->op_fname,
1264						 &open->op_fnamelen);
1265		if (status)
1266			return status;
1267		break;
1268	case NFS4_OPEN_CLAIM_PREVIOUS:
1269		if (xdr_stream_decode_u32(argp->xdr, &open->op_delegate_type) < 0)
1270			return nfserr_bad_xdr;
1271		break;
1272	case NFS4_OPEN_CLAIM_DELEGATE_CUR:
1273		status = nfsd4_decode_stateid4(argp, &open->op_delegate_stateid);
1274		if (status)
1275			return status;
1276		status = nfsd4_decode_component4(argp, &open->op_fname,
1277						 &open->op_fnamelen);
1278		if (status)
1279			return status;
1280		break;
1281	case NFS4_OPEN_CLAIM_FH:
1282	case NFS4_OPEN_CLAIM_DELEG_PREV_FH:
1283		if (argp->minorversion < 1)
1284			return nfserr_bad_xdr;
1285		/* void */
1286		break;
1287	case NFS4_OPEN_CLAIM_DELEG_CUR_FH:
1288		if (argp->minorversion < 1)
1289			return nfserr_bad_xdr;
1290		status = nfsd4_decode_stateid4(argp, &open->op_delegate_stateid);
1291		if (status)
1292			return status;
1293		break;
1294	default:
1295		return nfserr_bad_xdr;
1296	}
1297
1298	return nfs_ok;
1299}
1300
1301static __be32
1302nfsd4_decode_open(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1303{
1304	struct nfsd4_open *open = &u->open;
1305	__be32 status;
1306	u32 dummy;
1307
1308	memset(open, 0, sizeof(*open));
1309
1310	if (xdr_stream_decode_u32(argp->xdr, &open->op_seqid) < 0)
1311		return nfserr_bad_xdr;
1312	/* deleg_want is ignored */
1313	status = nfsd4_decode_share_access(argp, &open->op_share_access,
1314					   &open->op_deleg_want, &dummy);
1315	if (status)
1316		return status;
1317	status = nfsd4_decode_share_deny(argp, &open->op_share_deny);
1318	if (status)
1319		return status;
1320	status = nfsd4_decode_state_owner4(argp, &open->op_clientid,
1321					   &open->op_owner);
1322	if (status)
1323		return status;
1324	status = nfsd4_decode_openflag4(argp, open);
1325	if (status)
1326		return status;
1327	return nfsd4_decode_open_claim4(argp, open);
1328}
1329
1330static __be32
1331nfsd4_decode_open_confirm(struct nfsd4_compoundargs *argp,
1332			  union nfsd4_op_u *u)
1333{
1334	struct nfsd4_open_confirm *open_conf = &u->open_confirm;
1335	__be32 status;
1336
1337	if (argp->minorversion >= 1)
1338		return nfserr_notsupp;
1339
1340	status = nfsd4_decode_stateid4(argp, &open_conf->oc_req_stateid);
1341	if (status)
1342		return status;
1343	if (xdr_stream_decode_u32(argp->xdr, &open_conf->oc_seqid) < 0)
1344		return nfserr_bad_xdr;
1345
1346	memset(&open_conf->oc_resp_stateid, 0,
1347	       sizeof(open_conf->oc_resp_stateid));
1348	return nfs_ok;
1349}
1350
1351static __be32
1352nfsd4_decode_open_downgrade(struct nfsd4_compoundargs *argp,
1353			    union nfsd4_op_u *u)
1354{
1355	struct nfsd4_open_downgrade *open_down = &u->open_downgrade;
1356	__be32 status;
1357
1358	memset(open_down, 0, sizeof(*open_down));
1359	status = nfsd4_decode_stateid4(argp, &open_down->od_stateid);
1360	if (status)
1361		return status;
1362	if (xdr_stream_decode_u32(argp->xdr, &open_down->od_seqid) < 0)
1363		return nfserr_bad_xdr;
1364	/* deleg_want is ignored */
1365	status = nfsd4_decode_share_access(argp, &open_down->od_share_access,
1366					   &open_down->od_deleg_want, NULL);
1367	if (status)
1368		return status;
1369	return nfsd4_decode_share_deny(argp, &open_down->od_share_deny);
1370}
1371
1372static __be32
1373nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1374{
1375	struct nfsd4_putfh *putfh = &u->putfh;
1376	__be32 *p;
1377
1378	if (xdr_stream_decode_u32(argp->xdr, &putfh->pf_fhlen) < 0)
1379		return nfserr_bad_xdr;
1380	if (putfh->pf_fhlen > NFS4_FHSIZE)
1381		return nfserr_bad_xdr;
1382	p = xdr_inline_decode(argp->xdr, putfh->pf_fhlen);
1383	if (!p)
1384		return nfserr_bad_xdr;
1385	putfh->pf_fhval = svcxdr_savemem(argp, p, putfh->pf_fhlen);
1386	if (!putfh->pf_fhval)
1387		return nfserr_jukebox;
1388
1389	putfh->no_verify = false;
1390	return nfs_ok;
1391}
1392
1393static __be32
1394nfsd4_decode_read(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1395{
1396	struct nfsd4_read *read = &u->read;
1397	__be32 status;
1398
1399	memset(read, 0, sizeof(*read));
1400	status = nfsd4_decode_stateid4(argp, &read->rd_stateid);
1401	if (status)
1402		return status;
1403	if (xdr_stream_decode_u64(argp->xdr, &read->rd_offset) < 0)
1404		return nfserr_bad_xdr;
1405	if (xdr_stream_decode_u32(argp->xdr, &read->rd_length) < 0)
1406		return nfserr_bad_xdr;
1407
1408	return nfs_ok;
1409}
1410
1411static __be32
1412nfsd4_decode_readdir(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1413{
1414	struct nfsd4_readdir *readdir = &u->readdir;
1415	__be32 status;
1416
1417	memset(readdir, 0, sizeof(*readdir));
1418	if (xdr_stream_decode_u64(argp->xdr, &readdir->rd_cookie) < 0)
1419		return nfserr_bad_xdr;
1420	status = nfsd4_decode_verifier4(argp, &readdir->rd_verf);
1421	if (status)
1422		return status;
1423	if (xdr_stream_decode_u32(argp->xdr, &readdir->rd_dircount) < 0)
1424		return nfserr_bad_xdr;
1425	if (xdr_stream_decode_u32(argp->xdr, &readdir->rd_maxcount) < 0)
1426		return nfserr_bad_xdr;
1427	if (xdr_stream_decode_uint32_array(argp->xdr, readdir->rd_bmval,
1428					   ARRAY_SIZE(readdir->rd_bmval)) < 0)
1429		return nfserr_bad_xdr;
1430
1431	return nfs_ok;
1432}
1433
1434static __be32
1435nfsd4_decode_remove(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1436{
1437	struct nfsd4_remove *remove = &u->remove;
1438	memset(&remove->rm_cinfo, 0, sizeof(remove->rm_cinfo));
1439	return nfsd4_decode_component4(argp, &remove->rm_name, &remove->rm_namelen);
1440}
1441
1442static __be32
1443nfsd4_decode_rename(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1444{
1445	struct nfsd4_rename *rename = &u->rename;
1446	__be32 status;
1447
1448	memset(rename, 0, sizeof(*rename));
1449	status = nfsd4_decode_component4(argp, &rename->rn_sname, &rename->rn_snamelen);
1450	if (status)
1451		return status;
1452	return nfsd4_decode_component4(argp, &rename->rn_tname, &rename->rn_tnamelen);
1453}
1454
1455static __be32
1456nfsd4_decode_renew(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1457{
1458	clientid_t *clientid = &u->renew;
1459	return nfsd4_decode_clientid4(argp, clientid);
1460}
1461
1462static __be32
1463nfsd4_decode_secinfo(struct nfsd4_compoundargs *argp,
1464		     union nfsd4_op_u *u)
1465{
1466	struct nfsd4_secinfo *secinfo = &u->secinfo;
1467	secinfo->si_exp = NULL;
1468	return nfsd4_decode_component4(argp, &secinfo->si_name, &secinfo->si_namelen);
1469}
1470
1471static __be32
1472nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1473{
1474	struct nfsd4_setattr *setattr = &u->setattr;
1475	__be32 status;
1476
1477	memset(setattr, 0, sizeof(*setattr));
1478	status = nfsd4_decode_stateid4(argp, &setattr->sa_stateid);
1479	if (status)
1480		return status;
1481	return nfsd4_decode_fattr4(argp, setattr->sa_bmval,
1482				   ARRAY_SIZE(setattr->sa_bmval),
1483				   &setattr->sa_iattr, &setattr->sa_acl,
1484				   &setattr->sa_label, NULL, &setattr->sa_dpacl,
1485				   &setattr->sa_pacl);
1486}
1487
1488static __be32
1489nfsd4_decode_setclientid(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1490{
1491	struct nfsd4_setclientid *setclientid = &u->setclientid;
1492	__be32 *p, status;
1493
1494	memset(setclientid, 0, sizeof(*setclientid));
1495
1496	if (argp->minorversion >= 1)
1497		return nfserr_notsupp;
1498
1499	status = nfsd4_decode_verifier4(argp, &setclientid->se_verf);
1500	if (status)
1501		return status;
1502	status = nfsd4_decode_opaque(argp, &setclientid->se_name);
1503	if (status)
1504		return status;
1505	if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_prog) < 0)
1506		return nfserr_bad_xdr;
1507	if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_netid_len) < 0)
1508		return nfserr_bad_xdr;
1509	p = xdr_inline_decode(argp->xdr, setclientid->se_callback_netid_len);
1510	if (!p)
1511		return nfserr_bad_xdr;
1512	setclientid->se_callback_netid_val = svcxdr_savemem(argp, p,
1513						setclientid->se_callback_netid_len);
1514	if (!setclientid->se_callback_netid_val)
1515		return nfserr_jukebox;
1516
1517	if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_addr_len) < 0)
1518		return nfserr_bad_xdr;
1519	p = xdr_inline_decode(argp->xdr, setclientid->se_callback_addr_len);
1520	if (!p)
1521		return nfserr_bad_xdr;
1522	setclientid->se_callback_addr_val = svcxdr_savemem(argp, p,
1523						setclientid->se_callback_addr_len);
1524	if (!setclientid->se_callback_addr_val)
1525		return nfserr_jukebox;
1526	if (xdr_stream_decode_u32(argp->xdr, &setclientid->se_callback_ident) < 0)
1527		return nfserr_bad_xdr;
1528
1529	return nfs_ok;
1530}
1531
1532static __be32
1533nfsd4_decode_setclientid_confirm(struct nfsd4_compoundargs *argp,
1534				 union nfsd4_op_u *u)
1535{
1536	struct nfsd4_setclientid_confirm *scd_c = &u->setclientid_confirm;
1537	__be32 status;
1538
1539	if (argp->minorversion >= 1)
1540		return nfserr_notsupp;
1541
1542	status = nfsd4_decode_clientid4(argp, &scd_c->sc_clientid);
1543	if (status)
1544		return status;
1545	return nfsd4_decode_verifier4(argp, &scd_c->sc_confirm);
1546}
1547
1548/* Also used for NVERIFY */
1549static __be32
1550nfsd4_decode_verify(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1551{
1552	struct nfsd4_verify *verify = &u->verify;
1553	__be32 *p, status;
1554
1555	memset(verify, 0, sizeof(*verify));
1556
1557	status = nfsd4_decode_bitmap4(argp, verify->ve_bmval,
1558				      ARRAY_SIZE(verify->ve_bmval));
1559	if (status)
1560		return status;
1561
1562	/* For convenience's sake, we compare raw xdr'd attributes in
1563	 * nfsd4_proc_verify */
1564
1565	if (xdr_stream_decode_u32(argp->xdr, &verify->ve_attrlen) < 0)
1566		return nfserr_bad_xdr;
1567	p = xdr_inline_decode(argp->xdr, verify->ve_attrlen);
1568	if (!p)
1569		return nfserr_bad_xdr;
1570	verify->ve_attrval = svcxdr_savemem(argp, p, verify->ve_attrlen);
1571	if (!verify->ve_attrval)
1572		return nfserr_jukebox;
1573
1574	return nfs_ok;
1575}
1576
1577static __be32
1578nfsd4_decode_write(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
1579{
1580	struct nfsd4_write *write = &u->write;
1581	__be32 status;
1582
1583	status = nfsd4_decode_stateid4(argp, &write->wr_stateid);
1584	if (status)
1585		return status;
1586	if (xdr_stream_decode_u64(argp->xdr, &write->wr_offset) < 0)
1587		return nfserr_bad_xdr;
1588	if (xdr_stream_decode_u32(argp->xdr, &write->wr_stable_how) < 0)
1589		return nfserr_bad_xdr;
1590	if (write->wr_stable_how > NFS_FILE_SYNC)
1591		return nfserr_bad_xdr;
1592	if (xdr_stream_decode_u32(argp->xdr, &write->wr_buflen) < 0)
1593		return nfserr_bad_xdr;
1594	if (!xdr_stream_subsegment(argp->xdr, &write->wr_payload, write->wr_buflen))
1595		return nfserr_bad_xdr;
1596
1597	write->wr_bytes_written = 0;
1598	write->wr_how_written = 0;
1599	memset(&write->wr_verifier, 0, sizeof(write->wr_verifier));
1600	return nfs_ok;
1601}
1602
1603static __be32
1604nfsd4_decode_release_lockowner(struct nfsd4_compoundargs *argp,
1605			       union nfsd4_op_u *u)
1606{
1607	struct nfsd4_release_lockowner *rlockowner = &u->release_lockowner;
1608	__be32 status;
1609
1610	if (argp->minorversion >= 1)
1611		return nfserr_notsupp;
1612
1613	status = nfsd4_decode_state_owner4(argp, &rlockowner->rl_clientid,
1614					   &rlockowner->rl_owner);
1615	if (status)
1616		return status;
1617
1618	if (argp->minorversion && !zero_clientid(&rlockowner->rl_clientid))
1619		return nfserr_inval;
1620
1621	return nfs_ok;
1622}
1623
1624static __be32 nfsd4_decode_backchannel_ctl(struct nfsd4_compoundargs *argp,
1625					   union nfsd4_op_u *u)
1626{
1627	struct nfsd4_backchannel_ctl *bc = &u->backchannel_ctl;
1628	memset(bc, 0, sizeof(*bc));
1629	if (xdr_stream_decode_u32(argp->xdr, &bc->bc_cb_program) < 0)
1630		return nfserr_bad_xdr;
1631	return nfsd4_decode_cb_sec(argp, &bc->bc_cb_sec);
1632}
1633
1634static __be32 nfsd4_decode_bind_conn_to_session(struct nfsd4_compoundargs *argp,
1635						union nfsd4_op_u *u)
1636{
1637	struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session;
1638	u32 use_conn_in_rdma_mode;
1639	__be32 status;
1640
1641	memset(bcts, 0, sizeof(*bcts));
1642	status = nfsd4_decode_sessionid4(argp, &bcts->sessionid);
1643	if (status)
1644		return status;
1645	if (xdr_stream_decode_u32(argp->xdr, &bcts->dir) < 0)
1646		return nfserr_bad_xdr;
1647	if (xdr_stream_decode_u32(argp->xdr, &use_conn_in_rdma_mode) < 0)
1648		return nfserr_bad_xdr;
1649
1650	return nfs_ok;
1651}
1652
1653static __be32
1654nfsd4_decode_state_protect_ops(struct nfsd4_compoundargs *argp,
1655			       struct nfsd4_exchange_id *exid)
1656{
1657	__be32 status;
1658
1659	status = nfsd4_decode_bitmap4(argp, exid->spo_must_enforce,
1660				      ARRAY_SIZE(exid->spo_must_enforce));
1661	if (status)
1662		return nfserr_bad_xdr;
1663	status = nfsd4_decode_bitmap4(argp, exid->spo_must_allow,
1664				      ARRAY_SIZE(exid->spo_must_allow));
1665	if (status)
1666		return nfserr_bad_xdr;
1667
1668	return nfs_ok;
1669}
1670
1671/*
1672 * This implementation currently does not support SP4_SSV.
1673 * This decoder simply skips over these arguments.
1674 */
1675static noinline __be32
1676nfsd4_decode_ssv_sp_parms(struct nfsd4_compoundargs *argp,
1677			  struct nfsd4_exchange_id *exid)
1678{
1679	u32 count, window, num_gss_handles;
1680	__be32 status;
1681
1682	/* ssp_ops */
1683	status = nfsd4_decode_state_protect_ops(argp, exid);
1684	if (status)
1685		return status;
1686
1687	/* ssp_hash_algs<> */
1688	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1689		return nfserr_bad_xdr;
1690	while (count--) {
1691		status = nfsd4_decode_ignored_string(argp, 0);
1692		if (status)
1693			return status;
1694	}
1695
1696	/* ssp_encr_algs<> */
1697	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1698		return nfserr_bad_xdr;
1699	while (count--) {
1700		status = nfsd4_decode_ignored_string(argp, 0);
1701		if (status)
1702			return status;
1703	}
1704
1705	if (xdr_stream_decode_u32(argp->xdr, &window) < 0)
1706		return nfserr_bad_xdr;
1707	if (xdr_stream_decode_u32(argp->xdr, &num_gss_handles) < 0)
1708		return nfserr_bad_xdr;
1709
1710	return nfs_ok;
1711}
1712
1713static __be32
1714nfsd4_decode_state_protect4_a(struct nfsd4_compoundargs *argp,
1715			      struct nfsd4_exchange_id *exid)
1716{
1717	__be32 status;
1718
1719	if (xdr_stream_decode_u32(argp->xdr, &exid->spa_how) < 0)
1720		return nfserr_bad_xdr;
1721	switch (exid->spa_how) {
1722	case SP4_NONE:
1723		break;
1724	case SP4_MACH_CRED:
1725		status = nfsd4_decode_state_protect_ops(argp, exid);
1726		if (status)
1727			return status;
1728		break;
1729	case SP4_SSV:
1730		status = nfsd4_decode_ssv_sp_parms(argp, exid);
1731		if (status)
1732			return status;
1733		break;
1734	default:
1735		return nfserr_bad_xdr;
1736	}
1737
1738	return nfs_ok;
1739}
1740
1741static __be32
1742nfsd4_decode_nfs_impl_id4(struct nfsd4_compoundargs *argp,
1743			  struct nfsd4_exchange_id *exid)
1744{
1745	__be32 status;
1746	u32 count;
1747
1748	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
1749		return nfserr_bad_xdr;
1750	switch (count) {
1751	case 0:
1752		break;
1753	case 1:
1754		/* Note that RFC 8881 places no length limit on
1755		 * nii_domain, but this implementation permits no
1756		 * more than NFS4_OPAQUE_LIMIT bytes */
1757		status = nfsd4_decode_opaque(argp, &exid->nii_domain);
1758		if (status)
1759			return status;
1760		/* Note that RFC 8881 places no length limit on
1761		 * nii_name, but this implementation permits no
1762		 * more than NFS4_OPAQUE_LIMIT bytes */
1763		status = nfsd4_decode_opaque(argp, &exid->nii_name);
1764		if (status)
1765			return status;
1766		status = nfsd4_decode_nfstime4(argp, &exid->nii_time);
1767		if (status)
1768			return status;
1769		break;
1770	default:
1771		return nfserr_bad_xdr;
1772	}
1773
1774	return nfs_ok;
1775}
1776
1777static __be32
1778nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp,
1779			 union nfsd4_op_u *u)
1780{
1781	struct nfsd4_exchange_id *exid = &u->exchange_id;
1782	__be32 status;
1783
1784	memset(exid, 0, sizeof(*exid));
1785	status = nfsd4_decode_verifier4(argp, &exid->verifier);
1786	if (status)
1787		return status;
1788	status = nfsd4_decode_opaque(argp, &exid->clname);
1789	if (status)
1790		return status;
1791	if (xdr_stream_decode_u32(argp->xdr, &exid->flags) < 0)
1792		return nfserr_bad_xdr;
1793	status = nfsd4_decode_state_protect4_a(argp, exid);
1794	if (status)
1795		return status;
1796	return nfsd4_decode_nfs_impl_id4(argp, exid);
1797}
1798
1799static __be32
1800nfsd4_decode_channel_attrs4(struct nfsd4_compoundargs *argp,
1801			    struct nfsd4_channel_attrs *ca)
1802{
1803	__be32 *p;
1804
1805	p = xdr_inline_decode(argp->xdr, XDR_UNIT * 7);
1806	if (!p)
1807		return nfserr_bad_xdr;
1808
1809	/* headerpadsz is ignored */
1810	p++;
1811	ca->maxreq_sz = be32_to_cpup(p++);
1812	ca->maxresp_sz = be32_to_cpup(p++);
1813	ca->maxresp_cached = be32_to_cpup(p++);
1814	ca->maxops = be32_to_cpup(p++);
1815	ca->maxreqs = be32_to_cpup(p++);
1816	ca->nr_rdma_attrs = be32_to_cpup(p);
1817	switch (ca->nr_rdma_attrs) {
1818	case 0:
1819		break;
1820	case 1:
1821		if (xdr_stream_decode_u32(argp->xdr, &ca->rdma_attrs) < 0)
1822			return nfserr_bad_xdr;
1823		break;
1824	default:
1825		return nfserr_bad_xdr;
1826	}
1827
1828	return nfs_ok;
1829}
1830
1831static __be32
1832nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
1833			    union nfsd4_op_u *u)
1834{
1835	struct nfsd4_create_session *sess = &u->create_session;
1836	__be32 status;
1837
1838	memset(sess, 0, sizeof(*sess));
1839	status = nfsd4_decode_clientid4(argp, &sess->clientid);
1840	if (status)
1841		return status;
1842	if (xdr_stream_decode_u32(argp->xdr, &sess->seqid) < 0)
1843		return nfserr_bad_xdr;
1844	if (xdr_stream_decode_u32(argp->xdr, &sess->flags) < 0)
1845		return nfserr_bad_xdr;
1846	status = nfsd4_decode_channel_attrs4(argp, &sess->fore_channel);
1847	if (status)
1848		return status;
1849	status = nfsd4_decode_channel_attrs4(argp, &sess->back_channel);
1850	if (status)
1851		return status;
1852	if (xdr_stream_decode_u32(argp->xdr, &sess->callback_prog) < 0)
1853		return nfserr_bad_xdr;
1854	return nfsd4_decode_cb_sec(argp, &sess->cb_sec);
1855}
1856
1857static __be32
1858nfsd4_decode_destroy_session(struct nfsd4_compoundargs *argp,
1859			     union nfsd4_op_u *u)
1860{
1861	struct nfsd4_destroy_session *destroy_session = &u->destroy_session;
1862	return nfsd4_decode_sessionid4(argp, &destroy_session->sessionid);
1863}
1864
1865static __be32
1866nfsd4_decode_free_stateid(struct nfsd4_compoundargs *argp,
1867			  union nfsd4_op_u *u)
1868{
1869	struct nfsd4_free_stateid *free_stateid = &u->free_stateid;
1870	return nfsd4_decode_stateid4(argp, &free_stateid->fr_stateid);
1871}
1872
1873static __be32
1874nfsd4_decode_get_dir_delegation(struct nfsd4_compoundargs *argp,
1875		union nfsd4_op_u *u)
1876{
1877	struct nfsd4_get_dir_delegation *gdd = &u->get_dir_delegation;
1878	__be32 status;
1879
1880	memset(gdd, 0, sizeof(*gdd));
1881
1882	if (xdr_stream_decode_bool(argp->xdr, &gdd->gdda_signal_deleg_avail) < 0)
1883		return nfserr_bad_xdr;
1884	status = nfsd4_decode_bitmap4(argp, gdd->gdda_notification_types,
1885				      ARRAY_SIZE(gdd->gdda_notification_types));
1886	if (status)
1887		return status;
1888	status = nfsd4_decode_nfstime4(argp, &gdd->gdda_child_attr_delay);
1889	if (status)
1890		return status;
1891	status = nfsd4_decode_nfstime4(argp, &gdd->gdda_dir_attr_delay);
1892	if (status)
1893		return status;
1894	status = nfsd4_decode_bitmap4(argp, gdd->gdda_child_attributes,
1895					ARRAY_SIZE(gdd->gdda_child_attributes));
1896	if (status)
1897		return status;
1898	return nfsd4_decode_bitmap4(argp, gdd->gdda_dir_attributes,
1899					ARRAY_SIZE(gdd->gdda_dir_attributes));
1900}
1901
1902#ifdef CONFIG_NFSD_PNFS
1903static __be32
1904nfsd4_decode_getdeviceinfo(struct nfsd4_compoundargs *argp,
1905		union nfsd4_op_u *u)
1906{
1907	struct nfsd4_getdeviceinfo *gdev = &u->getdeviceinfo;
1908	__be32 status;
1909
1910	memset(gdev, 0, sizeof(*gdev));
1911	status = nfsd4_decode_deviceid4(argp->xdr, &gdev->gd_devid);
1912	if (status)
1913		return status;
1914	if (xdr_stream_decode_u32(argp->xdr, &gdev->gd_layout_type) < 0)
1915		return nfserr_bad_xdr;
1916	if (xdr_stream_decode_u32(argp->xdr, &gdev->gd_maxcount) < 0)
1917		return nfserr_bad_xdr;
1918	if (xdr_stream_decode_uint32_array(argp->xdr,
1919					   &gdev->gd_notify_types, 1) < 0)
1920		return nfserr_bad_xdr;
1921
1922	return nfs_ok;
1923}
1924
1925static __be32
1926nfsd4_decode_layoutcommit(struct nfsd4_compoundargs *argp,
1927			  union nfsd4_op_u *u)
1928{
1929	struct nfsd4_layoutcommit *lcp = &u->layoutcommit;
1930	__be32 *p, status;
1931
1932	memset(lcp, 0, sizeof(*lcp));
1933	if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_seg.offset) < 0)
1934		return nfserr_bad_xdr;
1935	if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_seg.length) < 0)
1936		return nfserr_bad_xdr;
1937	if (xdr_stream_decode_bool(argp->xdr, &lcp->lc_reclaim) < 0)
1938		return nfserr_bad_xdr;
1939	status = nfsd4_decode_stateid4(argp, &lcp->lc_sid);
1940	if (status)
1941		return status;
1942	if (xdr_stream_decode_bool(argp->xdr, &lcp->lc_newoffset) < 0)
1943		return nfserr_bad_xdr;
1944	if (lcp->lc_newoffset) {
1945		if (xdr_stream_decode_u64(argp->xdr, &lcp->lc_last_wr) < 0)
1946			return nfserr_bad_xdr;
1947	} else
1948		lcp->lc_last_wr = 0;
1949	p = xdr_inline_decode(argp->xdr, XDR_UNIT);
1950	if (!p)
1951		return nfserr_bad_xdr;
1952	if (xdr_item_is_present(p)) {
1953		status = nfsd4_decode_nfstime4(argp, &lcp->lc_mtime);
1954		if (status)
1955			return status;
1956	} else {
1957		lcp->lc_mtime.tv_nsec = UTIME_NOW;
1958	}
1959	return nfsd4_decode_layoutupdate4(argp, lcp);
1960}
1961
1962static __be32
1963nfsd4_decode_layoutget(struct nfsd4_compoundargs *argp,
1964		union nfsd4_op_u *u)
1965{
1966	struct nfsd4_layoutget *lgp = &u->layoutget;
1967	__be32 status;
1968
1969	memset(lgp, 0, sizeof(*lgp));
1970	if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_signal) < 0)
1971		return nfserr_bad_xdr;
1972	if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_layout_type) < 0)
1973		return nfserr_bad_xdr;
1974	if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_seg.iomode) < 0)
1975		return nfserr_bad_xdr;
1976	if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_seg.offset) < 0)
1977		return nfserr_bad_xdr;
1978	if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_seg.length) < 0)
1979		return nfserr_bad_xdr;
1980	if (xdr_stream_decode_u64(argp->xdr, &lgp->lg_minlength) < 0)
1981		return nfserr_bad_xdr;
1982	status = nfsd4_decode_stateid4(argp, &lgp->lg_sid);
1983	if (status)
1984		return status;
1985	if (xdr_stream_decode_u32(argp->xdr, &lgp->lg_maxcount) < 0)
1986		return nfserr_bad_xdr;
1987
1988	return nfs_ok;
1989}
1990
1991static __be32
1992nfsd4_decode_layoutreturn(struct nfsd4_compoundargs *argp,
1993		union nfsd4_op_u *u)
1994{
1995	struct nfsd4_layoutreturn *lrp = &u->layoutreturn;
1996	memset(lrp, 0, sizeof(*lrp));
1997	if (xdr_stream_decode_bool(argp->xdr, &lrp->lr_reclaim) < 0)
1998		return nfserr_bad_xdr;
1999	if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_layout_type) < 0)
2000		return nfserr_bad_xdr;
2001	if (xdr_stream_decode_u32(argp->xdr, &lrp->lr_seg.iomode) < 0)
2002		return nfserr_bad_xdr;
2003	return nfsd4_decode_layoutreturn4(argp, lrp);
2004}
2005#endif /* CONFIG_NFSD_PNFS */
2006
2007static __be32 nfsd4_decode_secinfo_no_name(struct nfsd4_compoundargs *argp,
2008					   union nfsd4_op_u *u)
2009{
2010	struct nfsd4_secinfo_no_name *sin = &u->secinfo_no_name;
2011	if (xdr_stream_decode_u32(argp->xdr, &sin->sin_style) < 0)
2012		return nfserr_bad_xdr;
2013
2014	sin->sin_exp = NULL;
2015	return nfs_ok;
2016}
2017
2018static __be32
2019nfsd4_decode_sequence(struct nfsd4_compoundargs *argp,
2020		      union nfsd4_op_u *u)
2021{
2022	struct nfsd4_sequence *seq = &u->sequence;
2023	__be32 *p, status;
2024
2025	status = nfsd4_decode_sessionid4(argp, &seq->sessionid);
2026	if (status)
2027		return status;
2028	p = xdr_inline_decode(argp->xdr, XDR_UNIT * 4);
2029	if (!p)
2030		return nfserr_bad_xdr;
2031	seq->seqid = be32_to_cpup(p++);
2032	seq->slotid = be32_to_cpup(p++);
2033	/* sa_highest_slotid counts from 0 but maxslots  counts from 1 ... */
2034	seq->maxslots = be32_to_cpup(p++) + 1;
2035	seq->cachethis = be32_to_cpup(p);
2036
2037	seq->status_flags = 0;
2038	return nfs_ok;
2039}
2040
2041static __be32
2042nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp,
2043			  union nfsd4_op_u *u)
2044{
2045	struct nfsd4_test_stateid *test_stateid = &u->test_stateid;
2046	struct nfsd4_test_stateid_id *stateid;
2047	__be32 status;
2048	u32 i;
2049
2050	memset(test_stateid, 0, sizeof(*test_stateid));
2051	if (xdr_stream_decode_u32(argp->xdr, &test_stateid->ts_num_ids) < 0)
2052		return nfserr_bad_xdr;
2053
2054	INIT_LIST_HEAD(&test_stateid->ts_stateid_list);
2055	for (i = 0; i < test_stateid->ts_num_ids; i++) {
2056		stateid = svcxdr_tmpalloc(argp, sizeof(*stateid));
2057		if (!stateid)
2058			return nfserr_jukebox;
2059		INIT_LIST_HEAD(&stateid->ts_id_list);
2060		list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list);
2061		status = nfsd4_decode_stateid4(argp, &stateid->ts_id_stateid);
2062		if (status)
2063			return status;
2064	}
2065
2066	return nfs_ok;
2067}
2068
2069static __be32 nfsd4_decode_destroy_clientid(struct nfsd4_compoundargs *argp,
2070					    union nfsd4_op_u *u)
2071{
2072	struct nfsd4_destroy_clientid *dc = &u->destroy_clientid;
2073	return nfsd4_decode_clientid4(argp, &dc->clientid);
2074}
2075
2076static __be32 nfsd4_decode_reclaim_complete(struct nfsd4_compoundargs *argp,
2077					    union nfsd4_op_u *u)
2078{
2079	struct nfsd4_reclaim_complete *rc = &u->reclaim_complete;
2080	if (xdr_stream_decode_bool(argp->xdr, &rc->rca_one_fs) < 0)
2081		return nfserr_bad_xdr;
2082	return nfs_ok;
2083}
2084
2085static __be32
2086nfsd4_decode_fallocate(struct nfsd4_compoundargs *argp,
2087		       union nfsd4_op_u *u)
2088{
2089	struct nfsd4_fallocate *fallocate = &u->allocate;
2090	__be32 status;
2091
2092	status = nfsd4_decode_stateid4(argp, &fallocate->falloc_stateid);
2093	if (status)
2094		return status;
2095	if (xdr_stream_decode_u64(argp->xdr, &fallocate->falloc_offset) < 0)
2096		return nfserr_bad_xdr;
2097	if (xdr_stream_decode_u64(argp->xdr, &fallocate->falloc_length) < 0)
2098		return nfserr_bad_xdr;
2099
2100	return nfs_ok;
2101}
2102
2103static __be32 nfsd4_decode_nl4_server(struct nfsd4_compoundargs *argp,
2104				      struct nl4_server *ns)
2105{
2106	struct nfs42_netaddr *naddr;
2107	__be32 *p;
2108
2109	if (xdr_stream_decode_u32(argp->xdr, &ns->nl4_type) < 0)
2110		return nfserr_bad_xdr;
2111
2112	/* currently support for 1 inter-server source server */
2113	switch (ns->nl4_type) {
2114	case NL4_NETADDR:
2115		naddr = &ns->u.nl4_addr;
2116
2117		if (xdr_stream_decode_u32(argp->xdr, &naddr->netid_len) < 0)
2118			return nfserr_bad_xdr;
2119		if (naddr->netid_len > RPCBIND_MAXNETIDLEN)
2120			return nfserr_bad_xdr;
2121
2122		p = xdr_inline_decode(argp->xdr, naddr->netid_len);
2123		if (!p)
2124			return nfserr_bad_xdr;
2125		memcpy(naddr->netid, p, naddr->netid_len);
2126
2127		if (xdr_stream_decode_u32(argp->xdr, &naddr->addr_len) < 0)
2128			return nfserr_bad_xdr;
2129		if (naddr->addr_len > RPCBIND_MAXUADDRLEN)
2130			return nfserr_bad_xdr;
2131
2132		p = xdr_inline_decode(argp->xdr, naddr->addr_len);
2133		if (!p)
2134			return nfserr_bad_xdr;
2135		memcpy(naddr->addr, p, naddr->addr_len);
2136		break;
2137	default:
2138		return nfserr_bad_xdr;
2139	}
2140
2141	return nfs_ok;
2142}
2143
2144static __be32
2145nfsd4_decode_copy(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
2146{
2147	struct nfsd4_copy *copy = &u->copy;
2148	u32 consecutive, i, count, sync;
2149	struct nl4_server *ns_dummy;
2150	__be32 status;
2151
2152	memset(copy, 0, sizeof(*copy));
2153	status = nfsd4_decode_stateid4(argp, &copy->cp_src_stateid);
2154	if (status)
2155		return status;
2156	status = nfsd4_decode_stateid4(argp, &copy->cp_dst_stateid);
2157	if (status)
2158		return status;
2159	if (xdr_stream_decode_u64(argp->xdr, &copy->cp_src_pos) < 0)
2160		return nfserr_bad_xdr;
2161	if (xdr_stream_decode_u64(argp->xdr, &copy->cp_dst_pos) < 0)
2162		return nfserr_bad_xdr;
2163	if (xdr_stream_decode_u64(argp->xdr, &copy->cp_count) < 0)
2164		return nfserr_bad_xdr;
2165	/* ca_consecutive: we always do consecutive copies */
2166	if (xdr_stream_decode_u32(argp->xdr, &consecutive) < 0)
2167		return nfserr_bad_xdr;
2168	if (xdr_stream_decode_bool(argp->xdr, &sync) < 0)
2169		return nfserr_bad_xdr;
2170	nfsd4_copy_set_sync(copy, sync);
2171
2172	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
2173		return nfserr_bad_xdr;
2174	copy->cp_src = svcxdr_tmpalloc(argp, sizeof(*copy->cp_src));
2175	if (copy->cp_src == NULL)
2176		return nfserr_jukebox;
2177	if (count == 0) { /* intra-server copy */
2178		__set_bit(NFSD4_COPY_F_INTRA, &copy->cp_flags);
2179		return nfs_ok;
2180	}
2181
2182	/* decode all the supplied server addresses but use only the first */
2183	status = nfsd4_decode_nl4_server(argp, copy->cp_src);
2184	if (status)
2185		return status;
2186
2187	ns_dummy = kmalloc_obj(struct nl4_server);
2188	if (ns_dummy == NULL)
2189		return nfserr_jukebox;
2190	for (i = 0; i < count - 1; i++) {
2191		status = nfsd4_decode_nl4_server(argp, ns_dummy);
2192		if (status) {
2193			kfree(ns_dummy);
2194			return status;
2195		}
2196	}
2197	kfree(ns_dummy);
2198
2199	return nfs_ok;
2200}
2201
2202static __be32
2203nfsd4_decode_copy_notify(struct nfsd4_compoundargs *argp,
2204			 union nfsd4_op_u *u)
2205{
2206	struct nfsd4_copy_notify *cn = &u->copy_notify;
2207	__be32 status;
2208
2209	memset(cn, 0, sizeof(*cn));
2210	cn->cpn_src = svcxdr_tmpalloc(argp, sizeof(*cn->cpn_src));
2211	if (cn->cpn_src == NULL)
2212		return nfserr_jukebox;
2213	cn->cpn_dst = svcxdr_tmpalloc(argp, sizeof(*cn->cpn_dst));
2214	if (cn->cpn_dst == NULL)
2215		return nfserr_jukebox;
2216
2217	status = nfsd4_decode_stateid4(argp, &cn->cpn_src_stateid);
2218	if (status)
2219		return status;
2220	return nfsd4_decode_nl4_server(argp, cn->cpn_dst);
2221}
2222
2223static __be32
2224nfsd4_decode_offload_status(struct nfsd4_compoundargs *argp,
2225			    union nfsd4_op_u *u)
2226{
2227	struct nfsd4_offload_status *os = &u->offload_status;
2228	os->count = 0;
2229	os->status = 0;
2230	return nfsd4_decode_stateid4(argp, &os->stateid);
2231}
2232
2233static __be32
2234nfsd4_decode_seek(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
2235{
2236	struct nfsd4_seek *seek = &u->seek;
2237	__be32 status;
2238
2239	status = nfsd4_decode_stateid4(argp, &seek->seek_stateid);
2240	if (status)
2241		return status;
2242	if (xdr_stream_decode_u64(argp->xdr, &seek->seek_offset) < 0)
2243		return nfserr_bad_xdr;
2244	if (xdr_stream_decode_u32(argp->xdr, &seek->seek_whence) < 0)
2245		return nfserr_bad_xdr;
2246
2247	seek->seek_eof = 0;
2248	seek->seek_pos = 0;
2249	return nfs_ok;
2250}
2251
2252static __be32
2253nfsd4_decode_clone(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u)
2254{
2255	struct nfsd4_clone *clone = &u->clone;
2256	__be32 status;
2257
2258	status = nfsd4_decode_stateid4(argp, &clone->cl_src_stateid);
2259	if (status)
2260		return status;
2261	status = nfsd4_decode_stateid4(argp, &clone->cl_dst_stateid);
2262	if (status)
2263		return status;
2264	if (xdr_stream_decode_u64(argp->xdr, &clone->cl_src_pos) < 0)
2265		return nfserr_bad_xdr;
2266	if (xdr_stream_decode_u64(argp->xdr, &clone->cl_dst_pos) < 0)
2267		return nfserr_bad_xdr;
2268	if (xdr_stream_decode_u64(argp->xdr, &clone->cl_count) < 0)
2269		return nfserr_bad_xdr;
2270
2271	return nfs_ok;
2272}
2273
2274/*
2275 * XDR data that is more than PAGE_SIZE in size is normally part of a
2276 * read or write. However, the size of extended attributes is limited
2277 * by the maximum request size, and then further limited by the underlying
2278 * filesystem limits. This can exceed PAGE_SIZE (currently, XATTR_SIZE_MAX
2279 * is 64k). Since there is no kvec- or page-based interface to xattrs,
2280 * and we're not dealing with contiguous pages, we need to do some copying.
2281 */
2282
2283/*
2284 * Decode data into buffer.
2285 */
2286static __be32
2287nfsd4_vbuf_from_vector(struct nfsd4_compoundargs *argp, struct xdr_buf *xdr,
2288		       char **bufp, size_t buflen)
2289{
2290	struct page **pages = xdr->pages;
2291	struct kvec *head = xdr->head;
2292	char *tmp, *dp;
2293	u32 len;
2294
2295	if (buflen <= head->iov_len) {
2296		/*
2297		 * We're in luck, the head has enough space. Just return
2298		 * the head, no need for copying.
2299		 */
2300		*bufp = head->iov_base;
2301		return 0;
2302	}
2303
2304	tmp = svcxdr_tmpalloc(argp, buflen);
2305	if (tmp == NULL)
2306		return nfserr_jukebox;
2307
2308	dp = tmp;
2309	memcpy(dp, head->iov_base, head->iov_len);
2310	buflen -= head->iov_len;
2311	dp += head->iov_len;
2312
2313	while (buflen > 0) {
2314		len = min_t(u32, buflen, PAGE_SIZE);
2315		memcpy(dp, page_address(*pages), len);
2316
2317		buflen -= len;
2318		dp += len;
2319		pages++;
2320	}
2321
2322	*bufp = tmp;
2323	return 0;
2324}
2325
2326/*
2327 * Get a user extended attribute name from the XDR buffer.
2328 * It will not have the "user." prefix, so prepend it.
2329 * Lastly, check for nul characters in the name.
2330 */
2331static __be32
2332nfsd4_decode_xattr_name(struct nfsd4_compoundargs *argp, char **namep)
2333{
2334	char *name, *sp, *dp;
2335	u32 namelen, cnt;
2336	__be32 *p;
2337
2338	if (xdr_stream_decode_u32(argp->xdr, &namelen) < 0)
2339		return nfserr_bad_xdr;
2340	if (namelen > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN))
2341		return nfserr_nametoolong;
2342	if (namelen == 0)
2343		return nfserr_bad_xdr;
2344	p = xdr_inline_decode(argp->xdr, namelen);
2345	if (!p)
2346		return nfserr_bad_xdr;
2347	name = svcxdr_tmpalloc(argp, namelen + XATTR_USER_PREFIX_LEN + 1);
2348	if (!name)
2349		return nfserr_jukebox;
2350	memcpy(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN);
2351
2352	/*
2353	 * Copy the extended attribute name over while checking for 0
2354	 * characters.
2355	 */
2356	sp = (char *)p;
2357	dp = name + XATTR_USER_PREFIX_LEN;
2358	cnt = namelen;
2359
2360	while (cnt-- > 0) {
2361		if (*sp == '\0')
2362			return nfserr_bad_xdr;
2363		*dp++ = *sp++;
2364	}
2365	*dp = '\0';
2366
2367	*namep = name;
2368
2369	return nfs_ok;
2370}
2371
2372/*
2373 * A GETXATTR op request comes without a length specifier. We just set the
2374 * maximum length for the reply based on XATTR_SIZE_MAX and the maximum
2375 * channel reply size. nfsd_getxattr will probe the length of the xattr,
2376 * check it against getxa_len, and allocate + return the value.
2377 */
2378static __be32
2379nfsd4_decode_getxattr(struct nfsd4_compoundargs *argp,
2380		      union nfsd4_op_u *u)
2381{
2382	struct nfsd4_getxattr *getxattr = &u->getxattr;
2383	__be32 status;
2384	u32 maxcount;
2385
2386	memset(getxattr, 0, sizeof(*getxattr));
2387	status = nfsd4_decode_xattr_name(argp, &getxattr->getxa_name);
2388	if (status)
2389		return status;
2390
2391	maxcount = svc_max_payload(argp->rqstp);
2392	maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount);
2393
2394	getxattr->getxa_len = maxcount;
2395	return nfs_ok;
2396}
2397
2398static __be32
2399nfsd4_decode_setxattr(struct nfsd4_compoundargs *argp,
2400		      union nfsd4_op_u *u)
2401{
2402	struct nfsd4_setxattr *setxattr = &u->setxattr;
2403	u32 flags, maxcount, size;
2404	__be32 status;
2405
2406	memset(setxattr, 0, sizeof(*setxattr));
2407
2408	if (xdr_stream_decode_u32(argp->xdr, &flags) < 0)
2409		return nfserr_bad_xdr;
2410
2411	if (flags > SETXATTR4_REPLACE)
2412		return nfserr_inval;
2413	setxattr->setxa_flags = flags;
2414
2415	status = nfsd4_decode_xattr_name(argp, &setxattr->setxa_name);
2416	if (status)
2417		return status;
2418
2419	maxcount = svc_max_payload(argp->rqstp);
2420	maxcount = min_t(u32, XATTR_SIZE_MAX, maxcount);
2421
2422	if (xdr_stream_decode_u32(argp->xdr, &size) < 0)
2423		return nfserr_bad_xdr;
2424	if (size > maxcount)
2425		return nfserr_xattr2big;
2426
2427	setxattr->setxa_len = size;
2428	if (size > 0) {
2429		struct xdr_buf payload;
2430
2431		if (!xdr_stream_subsegment(argp->xdr, &payload, size))
2432			return nfserr_bad_xdr;
2433		status = nfsd4_vbuf_from_vector(argp, &payload,
2434						&setxattr->setxa_buf, size);
2435	}
2436
2437	return nfs_ok;
2438}
2439
2440static __be32
2441nfsd4_decode_listxattrs(struct nfsd4_compoundargs *argp,
2442			union nfsd4_op_u *u)
2443{
2444	struct nfsd4_listxattrs *listxattrs = &u->listxattrs;
2445	u32 maxcount;
2446
2447	memset(listxattrs, 0, sizeof(*listxattrs));
2448
2449	if (xdr_stream_decode_u64(argp->xdr, &listxattrs->lsxa_cookie) < 0)
2450		return nfserr_bad_xdr;
2451
2452	/*
2453	 * If the cookie  is too large to have even one user.x attribute
2454	 * plus trailing '\0' left in a maximum size buffer, it's invalid.
2455	 */
2456	if (listxattrs->lsxa_cookie >=
2457	    (XATTR_LIST_MAX / (XATTR_USER_PREFIX_LEN + 2)))
2458		return nfserr_badcookie;
2459
2460	if (xdr_stream_decode_u32(argp->xdr, &maxcount) < 0)
2461		return nfserr_bad_xdr;
2462	if (maxcount < 8)
2463		/* Always need at least 2 words (length and one character) */
2464		return nfserr_inval;
2465
2466	maxcount = min(maxcount, svc_max_payload(argp->rqstp));
2467	listxattrs->lsxa_maxcount = maxcount;
2468
2469	return nfs_ok;
2470}
2471
2472static __be32
2473nfsd4_decode_removexattr(struct nfsd4_compoundargs *argp,
2474			 union nfsd4_op_u *u)
2475{
2476	struct nfsd4_removexattr *removexattr = &u->removexattr;
2477	memset(removexattr, 0, sizeof(*removexattr));
2478	return nfsd4_decode_xattr_name(argp, &removexattr->rmxa_name);
2479}
2480
2481static __be32
2482nfsd4_decode_noop(struct nfsd4_compoundargs *argp, union nfsd4_op_u *p)
2483{
2484	return nfs_ok;
2485}
2486
2487static __be32
2488nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, union nfsd4_op_u *p)
2489{
2490	return nfserr_notsupp;
2491}
2492
2493typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, union nfsd4_op_u *u);
2494
2495static const nfsd4_dec nfsd4_dec_ops[] = {
2496	[OP_ACCESS]		= nfsd4_decode_access,
2497	[OP_CLOSE]		= nfsd4_decode_close,
2498	[OP_COMMIT]		= nfsd4_decode_commit,
2499	[OP_CREATE]		= nfsd4_decode_create,
2500	[OP_DELEGPURGE]		= nfsd4_decode_notsupp,
2501	[OP_DELEGRETURN]	= nfsd4_decode_delegreturn,
2502	[OP_GETATTR]		= nfsd4_decode_getattr,
2503	[OP_GETFH]		= nfsd4_decode_noop,
2504	[OP_LINK]		= nfsd4_decode_link,
2505	[OP_LOCK]		= nfsd4_decode_lock,
2506	[OP_LOCKT]		= nfsd4_decode_lockt,
2507	[OP_LOCKU]		= nfsd4_decode_locku,
2508	[OP_LOOKUP]		= nfsd4_decode_lookup,
2509	[OP_LOOKUPP]		= nfsd4_decode_noop,
2510	[OP_NVERIFY]		= nfsd4_decode_verify,
2511	[OP_OPEN]		= nfsd4_decode_open,
2512	[OP_OPENATTR]		= nfsd4_decode_notsupp,
2513	[OP_OPEN_CONFIRM]	= nfsd4_decode_open_confirm,
2514	[OP_OPEN_DOWNGRADE]	= nfsd4_decode_open_downgrade,
2515	[OP_PUTFH]		= nfsd4_decode_putfh,
2516	[OP_PUTPUBFH]		= nfsd4_decode_noop,
2517	[OP_PUTROOTFH]		= nfsd4_decode_noop,
2518	[OP_READ]		= nfsd4_decode_read,
2519	[OP_READDIR]		= nfsd4_decode_readdir,
2520	[OP_READLINK]		= nfsd4_decode_noop,
2521	[OP_REMOVE]		= nfsd4_decode_remove,
2522	[OP_RENAME]		= nfsd4_decode_rename,
2523	[OP_RENEW]		= nfsd4_decode_renew,
2524	[OP_RESTOREFH]		= nfsd4_decode_noop,
2525	[OP_SAVEFH]		= nfsd4_decode_noop,
2526	[OP_SECINFO]		= nfsd4_decode_secinfo,
2527	[OP_SETATTR]		= nfsd4_decode_setattr,
2528	[OP_SETCLIENTID]	= nfsd4_decode_setclientid,
2529	[OP_SETCLIENTID_CONFIRM] = nfsd4_decode_setclientid_confirm,
2530	[OP_VERIFY]		= nfsd4_decode_verify,
2531	[OP_WRITE]		= nfsd4_decode_write,
2532	[OP_RELEASE_LOCKOWNER]	= nfsd4_decode_release_lockowner,
2533
2534	/* new operations for NFSv4.1 */
2535	[OP_BACKCHANNEL_CTL]	= nfsd4_decode_backchannel_ctl,
2536	[OP_BIND_CONN_TO_SESSION] = nfsd4_decode_bind_conn_to_session,
2537	[OP_EXCHANGE_ID]	= nfsd4_decode_exchange_id,
2538	[OP_CREATE_SESSION]	= nfsd4_decode_create_session,
2539	[OP_DESTROY_SESSION]	= nfsd4_decode_destroy_session,
2540	[OP_FREE_STATEID]	= nfsd4_decode_free_stateid,
2541	[OP_GET_DIR_DELEGATION]	= nfsd4_decode_get_dir_delegation,
2542#ifdef CONFIG_NFSD_PNFS
2543	[OP_GETDEVICEINFO]	= nfsd4_decode_getdeviceinfo,
2544	[OP_GETDEVICELIST]	= nfsd4_decode_notsupp,
2545	[OP_LAYOUTCOMMIT]	= nfsd4_decode_layoutcommit,
2546	[OP_LAYOUTGET]		= nfsd4_decode_layoutget,
2547	[OP_LAYOUTRETURN]	= nfsd4_decode_layoutreturn,
2548#else
2549	[OP_GETDEVICEINFO]	= nfsd4_decode_notsupp,
2550	[OP_GETDEVICELIST]	= nfsd4_decode_notsupp,
2551	[OP_LAYOUTCOMMIT]	= nfsd4_decode_notsupp,
2552	[OP_LAYOUTGET]		= nfsd4_decode_notsupp,
2553	[OP_LAYOUTRETURN]	= nfsd4_decode_notsupp,
2554#endif
2555	[OP_SECINFO_NO_NAME]	= nfsd4_decode_secinfo_no_name,
2556	[OP_SEQUENCE]		= nfsd4_decode_sequence,
2557	[OP_SET_SSV]		= nfsd4_decode_notsupp,
2558	[OP_TEST_STATEID]	= nfsd4_decode_test_stateid,
2559	[OP_WANT_DELEGATION]	= nfsd4_decode_notsupp,
2560	[OP_DESTROY_CLIENTID]	= nfsd4_decode_destroy_clientid,
2561	[OP_RECLAIM_COMPLETE]	= nfsd4_decode_reclaim_complete,
2562
2563	/* new operations for NFSv4.2 */
2564	[OP_ALLOCATE]		= nfsd4_decode_fallocate,
2565	[OP_COPY]		= nfsd4_decode_copy,
2566	[OP_COPY_NOTIFY]	= nfsd4_decode_copy_notify,
2567	[OP_DEALLOCATE]		= nfsd4_decode_fallocate,
2568	[OP_IO_ADVISE]		= nfsd4_decode_notsupp,
2569	[OP_LAYOUTERROR]	= nfsd4_decode_notsupp,
2570	[OP_LAYOUTSTATS]	= nfsd4_decode_notsupp,
2571	[OP_OFFLOAD_CANCEL]	= nfsd4_decode_offload_status,
2572	[OP_OFFLOAD_STATUS]	= nfsd4_decode_offload_status,
2573	[OP_READ_PLUS]		= nfsd4_decode_read,
2574	[OP_SEEK]		= nfsd4_decode_seek,
2575	[OP_WRITE_SAME]		= nfsd4_decode_notsupp,
2576	[OP_CLONE]		= nfsd4_decode_clone,
2577	/* RFC 8276 extended atributes operations */
2578	[OP_GETXATTR]		= nfsd4_decode_getxattr,
2579	[OP_SETXATTR]		= nfsd4_decode_setxattr,
2580	[OP_LISTXATTRS]		= nfsd4_decode_listxattrs,
2581	[OP_REMOVEXATTR]	= nfsd4_decode_removexattr,
2582};
2583
2584static inline bool
2585nfsd4_opnum_in_range(struct nfsd4_compoundargs *argp, struct nfsd4_op *op)
2586{
2587	if (op->opnum < FIRST_NFS4_OP)
2588		return false;
2589	else if (argp->minorversion == 0 && op->opnum > LAST_NFS40_OP)
2590		return false;
2591	else if (argp->minorversion == 1 && op->opnum > LAST_NFS41_OP)
2592		return false;
2593	else if (argp->minorversion == 2 && op->opnum > LAST_NFS42_OP)
2594		return false;
2595	return true;
2596}
2597
2598static bool
2599nfsd4_decode_compound(struct nfsd4_compoundargs *argp)
2600{
2601	struct nfsd_thread_local_info *ntli = argp->rqstp->rq_private;
2602	struct nfsd4_op *op;
2603	bool cachethis = false;
2604	int auth_slack= argp->rqstp->rq_auth_slack;
2605	int max_reply = auth_slack + 8; /* opcnt, status */
2606	int readcount = 0;
2607	int readbytes = 0;
2608	__be32 *p;
2609	int i;
2610
2611	if (xdr_stream_decode_u32(argp->xdr, &argp->taglen) < 0)
2612		return false;
2613	max_reply += XDR_UNIT;
2614	argp->tag = NULL;
2615	if (unlikely(argp->taglen)) {
2616		if (argp->taglen > NFSD4_MAX_TAGLEN)
2617			return false;
2618		p = xdr_inline_decode(argp->xdr, argp->taglen);
2619		if (!p)
2620			return false;
2621		argp->tag = svcxdr_savemem(argp, p, argp->taglen);
2622		if (!argp->tag)
2623			return false;
2624		max_reply += xdr_align_size(argp->taglen);
2625	}
2626
2627	if (xdr_stream_decode_u32(argp->xdr, &argp->minorversion) < 0)
2628		return false;
2629	if (xdr_stream_decode_u32(argp->xdr, &argp->client_opcnt) < 0)
2630		return false;
2631	argp->opcnt = min_t(u32, argp->client_opcnt,
2632			    NFSD_MAX_OPS_PER_COMPOUND);
2633
2634	if (argp->opcnt > ARRAY_SIZE(argp->iops)) {
2635		argp->ops = vcalloc(argp->opcnt, sizeof(*argp->ops));
2636		if (!argp->ops) {
2637			argp->ops = argp->iops;
2638			return false;
2639		}
2640	}
2641
2642	if (argp->minorversion > NFSD_SUPPORTED_MINOR_VERSION)
2643		argp->opcnt = 0;
2644
2645	for (i = 0; i < argp->opcnt; i++) {
2646		op = &argp->ops[i];
2647		op->replay = NULL;
2648		op->opdesc = NULL;
2649
2650		if (xdr_stream_decode_u32(argp->xdr, &op->opnum) < 0)
2651			return false;
2652		if (nfsd4_opnum_in_range(argp, op)) {
2653			op->opdesc = OPDESC(op);
2654			op->status = nfsd4_dec_ops[op->opnum](argp, &op->u);
2655			if (op->status != nfs_ok)
2656				trace_nfsd_compound_decode_err(argp->rqstp,
2657							       argp->opcnt, i,
2658							       op->opnum,
2659							       op->status);
2660		} else {
2661			op->opnum = OP_ILLEGAL;
2662			op->status = nfserr_op_illegal;
2663		}
2664
2665		/*
2666		 * We'll try to cache the result in the DRC if any one
2667		 * op in the compound wants to be cached:
2668		 */
2669		cachethis |= nfsd4_cache_this_op(op);
2670
2671		if (op->opnum == OP_READ || op->opnum == OP_READ_PLUS) {
2672			readcount++;
2673			readbytes += nfsd4_max_reply(argp->rqstp, op);
2674		} else
2675			max_reply += nfsd4_max_reply(argp->rqstp, op);
2676		/*
2677		 * OP_LOCK and OP_LOCKT may return a conflicting lock.
2678		 * (Special case because it will just skip encoding this
2679		 * if it runs out of xdr buffer space, and it is the only
2680		 * operation that behaves this way.)
2681		 */
2682		if (op->opnum == OP_LOCK || op->opnum == OP_LOCKT)
2683			max_reply += NFS4_OPAQUE_LIMIT;
2684
2685		if (op->status) {
2686			argp->opcnt = i+1;
2687			break;
2688		}
2689	}
2690	/* Sessions make the DRC unnecessary: */
2691	if (argp->minorversion)
2692		cachethis = false;
2693	svc_reserve_auth(argp->rqstp, max_reply + readbytes);
2694	ntli->ntli_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE;
2695
2696	argp->splice_ok = nfsd_read_splice_ok(argp->rqstp);
2697	if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack)
2698		argp->splice_ok = false;
2699
2700	return true;
2701}
2702
2703static __be32 nfsd4_encode_nfs_fh4(struct xdr_stream *xdr,
2704				   struct knfsd_fh *fh_handle)
2705{
2706	return nfsd4_encode_opaque(xdr, fh_handle->fh_raw, fh_handle->fh_size);
2707}
2708
2709/* This is a frequently-encoded type; open-coded for speed */
2710static __be32 nfsd4_encode_nfstime4(struct xdr_stream *xdr,
2711				    const struct timespec64 *tv)
2712{
2713	__be32 *p;
2714
2715	p = xdr_reserve_space(xdr, XDR_UNIT * 3);
2716	if (!p)
2717		return nfserr_resource;
2718	p = xdr_encode_hyper(p, tv->tv_sec);
2719	*p = cpu_to_be32(tv->tv_nsec);
2720	return nfs_ok;
2721}
2722
2723static __be32 nfsd4_encode_specdata4(struct xdr_stream *xdr,
2724				     unsigned int major, unsigned int minor)
2725{
2726	__be32 status;
2727
2728	status = nfsd4_encode_uint32_t(xdr, major);
2729	if (status != nfs_ok)
2730		return status;
2731	return nfsd4_encode_uint32_t(xdr, minor);
2732}
2733
2734static __be32
2735nfsd4_encode_change_info4(struct xdr_stream *xdr, const struct nfsd4_change_info *c)
2736{
2737	__be32 status;
2738
2739	status = nfsd4_encode_bool(xdr, c->atomic);
2740	if (status != nfs_ok)
2741		return status;
2742	status = nfsd4_encode_changeid4(xdr, c->before_change);
2743	if (status != nfs_ok)
2744		return status;
2745	return nfsd4_encode_changeid4(xdr, c->after_change);
2746}
2747
2748static __be32 nfsd4_encode_netaddr4(struct xdr_stream *xdr,
2749				    const struct nfs42_netaddr *addr)
2750{
2751	__be32 status;
2752
2753	/* na_r_netid */
2754	status = nfsd4_encode_opaque(xdr, addr->netid, addr->netid_len);
2755	if (status != nfs_ok)
2756		return status;
2757	/* na_r_addr */
2758	return nfsd4_encode_opaque(xdr, addr->addr, addr->addr_len);
2759}
2760
2761/* Encode as an array of strings the string given with components
2762 * separated @sep, escaped with esc_enter and esc_exit.
2763 */
2764static __be32 nfsd4_encode_components_esc(struct xdr_stream *xdr, char sep,
2765					  char *components, char esc_enter,
2766					  char esc_exit)
2767{
2768	__be32 *p;
2769	__be32 pathlen;
2770	int pathlen_offset;
2771	char *str, *end, *next;
2772	int count = 0;
2773
2774	pathlen_offset = xdr->buf->len;
2775	p = xdr_reserve_space(xdr, 4);
2776	if (!p)
2777		return nfserr_resource;
2778	p++; /* We will fill this in with @count later */
2779
2780	end = str = components;
2781	while (*end) {
2782		bool found_esc = false;
2783
2784		/* try to parse as esc_start, ..., esc_end, sep */
2785		if (*str == esc_enter) {
2786			for (; *end && (*end != esc_exit); end++)
2787				/* find esc_exit or end of string */;
2788			next = end + 1;
2789			if (*end && (!*next || *next == sep)) {
2790				str++;
2791				found_esc = true;
2792			}
2793		}
2794
2795		if (!found_esc)
2796			for (; *end && (*end != sep); end++)
2797				/* find sep or end of string */;
2798
2799		if (end > str) {
2800			if (xdr_stream_encode_opaque(xdr, str, end - str) < 0)
2801				return nfserr_resource;
2802			count++;
2803		} else
2804			end++;
2805		if (found_esc)
2806			end = next;
2807
2808		str = end;
2809	}
2810	pathlen = htonl(count);
2811	write_bytes_to_xdr_buf(xdr->buf, pathlen_offset, &pathlen, 4);
2812	return 0;
2813}
2814
2815/* Encode as an array of strings the string given with components
2816 * separated @sep.
2817 */
2818static __be32 nfsd4_encode_components(struct xdr_stream *xdr, char sep,
2819				      char *components)
2820{
2821	return nfsd4_encode_components_esc(xdr, sep, components, 0, 0);
2822}
2823
2824static __be32 nfsd4_encode_fs_location4(struct xdr_stream *xdr,
2825					struct nfsd4_fs_location *location)
2826{
2827	__be32 status;
2828
2829	status = nfsd4_encode_components_esc(xdr, ':', location->hosts,
2830						'[', ']');
2831	if (status)
2832		return status;
2833	status = nfsd4_encode_components(xdr, '/', location->path);
2834	if (status)
2835		return status;
2836	return nfs_ok;
2837}
2838
2839static __be32 nfsd4_encode_pathname4(struct xdr_stream *xdr,
2840				     const struct path *root,
2841				     const struct path *path)
2842{
2843	struct path cur = *path;
2844	struct dentry **components = NULL;
2845	unsigned int ncomponents = 0;
2846	__be32 err = nfserr_jukebox;
2847
2848	dprintk("nfsd4_encode_components(");
2849
2850	path_get(&cur);
2851	/* First walk the path up to the nfsd root, and store the
2852	 * dentries/path components in an array.
2853	 */
2854	for (;;) {
2855		if (path_equal(&cur, root))
2856			break;
2857		if (cur.dentry == cur.mnt->mnt_root) {
2858			if (follow_up(&cur))
2859				continue;
2860			goto out_free;
2861		}
2862		if ((ncomponents & 15) == 0) {
2863			struct dentry **new;
2864			new = krealloc(components,
2865					sizeof(*new) * (ncomponents + 16),
2866					GFP_KERNEL);
2867			if (!new)
2868				goto out_free;
2869			components = new;
2870		}
2871		components[ncomponents++] = cur.dentry;
2872		cur.dentry = dget_parent(cur.dentry);
2873	}
2874
2875	err = nfserr_resource;
2876	if (xdr_stream_encode_u32(xdr, ncomponents) != XDR_UNIT)
2877		goto out_free;
2878	while (ncomponents) {
2879		struct dentry *dentry = components[ncomponents - 1];
2880
2881		spin_lock(&dentry->d_lock);
2882		if (xdr_stream_encode_opaque(xdr, dentry->d_name.name,
2883					     dentry->d_name.len) < 0) {
2884			spin_unlock(&dentry->d_lock);
2885			goto out_free;
2886		}
2887		dprintk("/%pd", dentry);
2888		spin_unlock(&dentry->d_lock);
2889		dput(dentry);
2890		ncomponents--;
2891	}
2892
2893	err = 0;
2894out_free:
2895	dprintk(")\n");
2896	while (ncomponents)
2897		dput(components[--ncomponents]);
2898	kfree(components);
2899	path_put(&cur);
2900	return err;
2901}
2902
2903static __be32 nfsd4_encode_fs_locations4(struct xdr_stream *xdr,
2904					 struct svc_rqst *rqstp,
2905					 struct svc_export *exp)
2906{
2907	struct nfsd4_fs_locations *fslocs = &exp->ex_fslocs;
2908	struct svc_export *exp_ps;
2909	unsigned int i;
2910	__be32 status;
2911
2912	/* fs_root */
2913	exp_ps = rqst_find_fsidzero_export(rqstp);
2914	if (IS_ERR(exp_ps))
2915		return nfserrno(PTR_ERR(exp_ps));
2916	status = nfsd4_encode_pathname4(xdr, &exp_ps->ex_path, &exp->ex_path);
2917	exp_put(exp_ps);
2918	if (status != nfs_ok)
2919		return status;
2920
2921	/* locations<> */
2922	if (xdr_stream_encode_u32(xdr, fslocs->locations_count) != XDR_UNIT)
2923		return nfserr_resource;
2924	for (i = 0; i < fslocs->locations_count; i++) {
2925		status = nfsd4_encode_fs_location4(xdr, &fslocs->locations[i]);
2926		if (status != nfs_ok)
2927			return status;
2928	}
2929
2930	return nfs_ok;
2931}
2932
2933static __be32 nfsd4_encode_nfsace4(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2934				   struct nfs4_ace *ace)
2935{
2936	__be32 status;
2937
2938	/* type */
2939	status = nfsd4_encode_acetype4(xdr, ace->type);
2940	if (status != nfs_ok)
2941		return nfserr_resource;
2942	/* flag */
2943	status = nfsd4_encode_aceflag4(xdr, ace->flag);
2944	if (status != nfs_ok)
2945		return nfserr_resource;
2946	/* access mask */
2947	status = nfsd4_encode_acemask4(xdr, ace->access_mask & NFS4_ACE_MASK_ALL);
2948	if (status != nfs_ok)
2949		return nfserr_resource;
2950	/* who */
2951	if (ace->whotype != NFS4_ACL_WHO_NAMED)
2952		return nfs4_acl_write_who(xdr, ace->whotype);
2953	if (ace->flag & NFS4_ACE_IDENTIFIER_GROUP)
2954		return nfsd4_encode_group(xdr, rqstp, ace->who_gid);
2955	return nfsd4_encode_user(xdr, rqstp, ace->who_uid);
2956}
2957
2958#define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \
2959			      FATTR4_WORD0_RDATTR_ERROR)
2960#define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID
2961#define WORD2_ABSENT_FS_ATTRS 0
2962
2963#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
2964static inline __be32
2965nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2966			    const struct lsm_context *context)
2967{
2968	__be32 *p;
2969
2970	p = xdr_reserve_space(xdr, context->len + 4 + 4 + 4);
2971	if (!p)
2972		return nfserr_resource;
2973
2974	/*
2975	 * For now we use a 0 here to indicate the null translation; in
2976	 * the future we may place a call to translation code here.
2977	 */
2978	*p++ = cpu_to_be32(0); /* lfs */
2979	*p++ = cpu_to_be32(0); /* pi */
2980	p = xdr_encode_opaque(p, context->context, context->len);
2981	return 0;
2982}
2983#else
2984static inline __be32
2985nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp,
2986			    struct lsm_context *context)
2987{ return 0; }
2988#endif
2989
2990#ifdef CONFIG_NFSD_V4_POSIX_ACLS
2991
2992static int nfsd4_posix_tagtotype(short tag)
2993{
2994	switch (tag) {
2995	case ACL_USER_OBJ:	return POSIXACE4_TAG_USER_OBJ;
2996	case ACL_GROUP_OBJ:	return POSIXACE4_TAG_GROUP_OBJ;
2997	case ACL_USER:		return POSIXACE4_TAG_USER;
2998	case ACL_GROUP:		return POSIXACE4_TAG_GROUP;
2999	case ACL_MASK:		return POSIXACE4_TAG_MASK;
3000	case ACL_OTHER:		return POSIXACE4_TAG_OTHER;
3001	default:		return -EINVAL;
3002	}
3003}
3004
3005static __be32
3006nfsd4_encode_posixace4(struct xdr_stream *xdr, struct svc_rqst *rqstp,
3007		       struct posix_acl_entry *acep)
3008{
3009	__be32 status;
3010	int type;
3011
3012	type = nfsd4_posix_tagtotype(acep->e_tag);
3013	if (type < 0)
3014		return nfserr_resource;
3015	if (!xdrgen_encode_posixacetag4(xdr, type))
3016		return nfserr_resource;
3017	if (!xdrgen_encode_posixaceperm4(xdr, acep->e_perm))
3018		return nfserr_resource;
3019
3020	/* who */
3021	switch (acep->e_tag) {
3022	case ACL_USER_OBJ:
3023	case ACL_GROUP_OBJ:
3024	case ACL_MASK:
3025	case ACL_OTHER:
3026		if (xdr_stream_encode_u32(xdr, 0) != XDR_UNIT)
3027			return nfserr_resource;
3028		break;
3029	case ACL_USER:
3030		status = nfsd4_encode_user(xdr, rqstp, acep->e_uid);
3031		if (status != nfs_ok)
3032			return status;
3033		break;
3034	case ACL_GROUP:
3035		status = nfsd4_encode_group(xdr, rqstp, acep->e_gid);
3036		if (status != nfs_ok)
3037			return status;
3038		break;
3039	default:
3040		return nfserr_resource;
3041	}
3042	return nfs_ok;
3043}
3044
3045static __be32
3046nfsd4_encode_posixacl(struct xdr_stream *xdr, struct svc_rqst *rqstp,
3047		      struct posix_acl *acl)
3048{
3049	__be32 status;
3050	int i;
3051
3052	if (!acl) {
3053		if (xdr_stream_encode_u32(xdr, 0) != XDR_UNIT)
3054			return nfserr_resource;
3055		return nfs_ok;
3056	}
3057
3058	if (acl->a_count > NFS_ACL_MAX_ENTRIES)
3059		return nfserr_resource;
3060	if (xdr_stream_encode_u32(xdr, acl->a_count) != XDR_UNIT)
3061		return nfserr_resource;
3062	for (i = 0; i < acl->a_count; i++) {
3063		status = nfsd4_encode_posixace4(xdr, rqstp, &acl->a_entries[i]);
3064		if (status != nfs_ok)
3065			return status;
3066	}
3067
3068	return nfs_ok;
3069}
3070
3071#endif /* CONFIG_NFSD_V4_POSIX_ACL */
3072
3073static __be32 fattr_handle_absent_fs(u32 *bmval0, u32 *bmval1, u32 *bmval2, u32 *rdattr_err)
3074{
3075	/* As per referral draft:  */
3076	if (*bmval0 & ~WORD0_ABSENT_FS_ATTRS ||
3077	    *bmval1 & ~WORD1_ABSENT_FS_ATTRS) {
3078		if (*bmval0 & FATTR4_WORD0_RDATTR_ERROR ||
3079	            *bmval0 & FATTR4_WORD0_FS_LOCATIONS)
3080			*rdattr_err = NFSERR_MOVED;
3081		else
3082			return nfserr_moved;
3083	}
3084	*bmval0 &= WORD0_ABSENT_FS_ATTRS;
3085	*bmval1 &= WORD1_ABSENT_FS_ATTRS;
3086	*bmval2 &= WORD2_ABSENT_FS_ATTRS;
3087	return 0;
3088}
3089
3090
3091static int nfsd4_get_mounted_on_ino(struct svc_export *exp, u64 *pino)
3092{
3093	struct path path = exp->ex_path;
3094	struct kstat stat;
3095	int err;
3096
3097	path_get(&path);
3098	while (follow_up(&path)) {
3099		if (path.dentry != path.mnt->mnt_root)
3100			break;
3101	}
3102	err = vfs_getattr(&path, &stat, STATX_INO, AT_STATX_SYNC_AS_STAT);
3103	path_put(&path);
3104	if (!err)
3105		*pino = stat.ino;
3106	return err;
3107}
3108
3109static __be32
3110nfsd4_encode_bitmap4(struct xdr_stream *xdr, u32 bmval0, u32 bmval1, u32 bmval2)
3111{
3112	__be32 *p;
3113
3114	if (bmval2) {
3115		p = xdr_reserve_space(xdr, XDR_UNIT * 4);
3116		if (!p)
3117			goto out_resource;
3118		*p++ = cpu_to_be32(3);
3119		*p++ = cpu_to_be32(bmval0);
3120		*p++ = cpu_to_be32(bmval1);
3121		*p++ = cpu_to_be32(bmval2);
3122	} else if (bmval1) {
3123		p = xdr_reserve_space(xdr, XDR_UNIT * 3);
3124		if (!p)
3125			goto out_resource;
3126		*p++ = cpu_to_be32(2);
3127		*p++ = cpu_to_be32(bmval0);
3128		*p++ = cpu_to_be32(bmval1);
3129	} else {
3130		p = xdr_reserve_space(xdr, XDR_UNIT * 2);
3131		if (!p)
3132			goto out_resource;
3133		*p++ = cpu_to_be32(1);
3134		*p++ = cpu_to_be32(bmval0);
3135	}
3136
3137	return nfs_ok;
3138out_resource:
3139	return nfserr_resource;
3140}
3141
3142struct nfsd4_fattr_args {
3143	struct svc_rqst		*rqstp;
3144	struct svc_fh		*fhp;
3145	struct svc_export	*exp;
3146	struct dentry		*dentry;
3147	struct kstat		stat;
3148	struct kstatfs		statfs;
3149	struct nfs4_acl		*acl;
3150	u64			change_attr;
3151#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3152	struct lsm_context	context;
3153#endif
3154#ifdef CONFIG_NFSD_V4_POSIX_ACLS
3155	struct posix_acl	*dpacl;
3156	struct posix_acl	*pacl;
3157#endif
3158	u32			rdattr_err;
3159	bool			contextsupport;
3160	bool			ignore_crossmnt;
3161};
3162
3163typedef __be32(*nfsd4_enc_attr)(struct xdr_stream *xdr,
3164				const struct nfsd4_fattr_args *args);
3165
3166static __be32 nfsd4_encode_fattr4__inval(struct xdr_stream *xdr,
3167					 const struct nfsd4_fattr_args *args)
3168{
3169	return nfserr_inval;
3170}
3171
3172static __be32 nfsd4_encode_fattr4__noop(struct xdr_stream *xdr,
3173					const struct nfsd4_fattr_args *args)
3174{
3175	return nfs_ok;
3176}
3177
3178static __be32 nfsd4_encode_fattr4__true(struct xdr_stream *xdr,
3179					const struct nfsd4_fattr_args *args)
3180{
3181	return nfsd4_encode_bool(xdr, true);
3182}
3183
3184static __be32 nfsd4_encode_fattr4__false(struct xdr_stream *xdr,
3185					 const struct nfsd4_fattr_args *args)
3186{
3187	return nfsd4_encode_bool(xdr, false);
3188}
3189
3190static __be32 nfsd4_encode_fattr4_supported_attrs(struct xdr_stream *xdr,
3191						  const struct nfsd4_fattr_args *args)
3192{
3193	struct nfsd4_compoundres *resp = args->rqstp->rq_resp;
3194	u32 minorversion = resp->cstate.minorversion;
3195	u32 supp[3];
3196
3197	memcpy(supp, nfsd_suppattrs[minorversion], sizeof(supp));
3198	if (!IS_POSIXACL(d_inode(args->dentry)))
3199		supp[0] &= ~FATTR4_WORD0_ACL;
3200	if (!args->contextsupport)
3201		supp[2] &= ~FATTR4_WORD2_SECURITY_LABEL;
3202
3203	return nfsd4_encode_bitmap4(xdr, supp[0], supp[1], supp[2]);
3204}
3205
3206static __be32 nfsd4_encode_fattr4_type(struct xdr_stream *xdr,
3207				       const struct nfsd4_fattr_args *args)
3208{
3209	__be32 *p;
3210
3211	p = xdr_reserve_space(xdr, XDR_UNIT);
3212	if (!p)
3213		return nfserr_resource;
3214
3215	switch (args->stat.mode & S_IFMT) {
3216	case S_IFIFO:
3217		*p = cpu_to_be32(NF4FIFO);
3218		break;
3219	case S_IFCHR:
3220		*p = cpu_to_be32(NF4CHR);
3221		break;
3222	case S_IFDIR:
3223		*p = cpu_to_be32(NF4DIR);
3224		break;
3225	case S_IFBLK:
3226		*p = cpu_to_be32(NF4BLK);
3227		break;
3228	case S_IFLNK:
3229		*p = cpu_to_be32(NF4LNK);
3230		break;
3231	case S_IFREG:
3232		*p = cpu_to_be32(NF4REG);
3233		break;
3234	case S_IFSOCK:
3235		*p = cpu_to_be32(NF4SOCK);
3236		break;
3237	default:
3238		return nfserr_serverfault;
3239	}
3240
3241	return nfs_ok;
3242}
3243
3244static __be32 nfsd4_encode_fattr4_fh_expire_type(struct xdr_stream *xdr,
3245						 const struct nfsd4_fattr_args *args)
3246{
3247	u32 mask;
3248
3249	mask = NFS4_FH_PERSISTENT;
3250	if (!(args->exp->ex_flags & NFSEXP_NOSUBTREECHECK))
3251		mask |= NFS4_FH_VOL_RENAME;
3252	return nfsd4_encode_uint32_t(xdr, mask);
3253}
3254
3255static __be32 nfsd4_encode_fattr4_change(struct xdr_stream *xdr,
3256					 const struct nfsd4_fattr_args *args)
3257{
3258	const struct svc_export *exp = args->exp;
3259
3260	if (unlikely(exp->ex_flags & NFSEXP_V4ROOT)) {
3261		u32 flush_time = convert_to_wallclock(exp->cd->flush_time);
3262
3263		if (xdr_stream_encode_u32(xdr, flush_time) != XDR_UNIT)
3264			return nfserr_resource;
3265		if (xdr_stream_encode_u32(xdr, 0) != XDR_UNIT)
3266			return nfserr_resource;
3267		return nfs_ok;
3268	}
3269	return nfsd4_encode_changeid4(xdr, args->change_attr);
3270}
3271
3272static __be32 nfsd4_encode_fattr4_size(struct xdr_stream *xdr,
3273				       const struct nfsd4_fattr_args *args)
3274{
3275	return nfsd4_encode_uint64_t(xdr, args->stat.size);
3276}
3277
3278static __be32 nfsd4_encode_fattr4_fsid(struct xdr_stream *xdr,
3279				       const struct nfsd4_fattr_args *args)
3280{
3281	__be32 *p;
3282
3283	p = xdr_reserve_space(xdr, XDR_UNIT * 2 + XDR_UNIT * 2);
3284	if (!p)
3285		return nfserr_resource;
3286
3287	if (unlikely(args->exp->ex_fslocs.migrated)) {
3288		p = xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MAJOR);
3289		xdr_encode_hyper(p, NFS4_REFERRAL_FSID_MINOR);
3290		return nfs_ok;
3291	}
3292	switch (fsid_source(args->fhp)) {
3293	case FSIDSOURCE_FSID:
3294		p = xdr_encode_hyper(p, (u64)args->exp->ex_fsid);
3295		xdr_encode_hyper(p, (u64)0);
3296		break;
3297	case FSIDSOURCE_DEV:
3298		*p++ = xdr_zero;
3299		*p++ = cpu_to_be32(MAJOR(args->stat.dev));
3300		*p++ = xdr_zero;
3301		*p   = cpu_to_be32(MINOR(args->stat.dev));
3302		break;
3303	case FSIDSOURCE_UUID:
3304		xdr_encode_opaque_fixed(p, args->exp->ex_uuid, EX_UUID_LEN);
3305		break;
3306	}
3307
3308	return nfs_ok;
3309}
3310
3311static __be32 nfsd4_encode_fattr4_lease_time(struct xdr_stream *xdr,
3312					     const struct nfsd4_fattr_args *args)
3313{
3314	struct nfsd_net *nn = net_generic(SVC_NET(args->rqstp), nfsd_net_id);
3315
3316	return nfsd4_encode_nfs_lease4(xdr, nn->nfsd4_lease);
3317}
3318
3319static __be32 nfsd4_encode_fattr4_rdattr_error(struct xdr_stream *xdr,
3320					       const struct nfsd4_fattr_args *args)
3321{
3322	return nfsd4_encode_uint32_t(xdr, args->rdattr_err);
3323}
3324
3325static __be32 nfsd4_encode_fattr4_aclsupport(struct xdr_stream *xdr,
3326					     const struct nfsd4_fattr_args *args)
3327{
3328	u32 mask;
3329
3330	mask = 0;
3331	if (IS_POSIXACL(d_inode(args->dentry)))
3332		mask = ACL4_SUPPORT_ALLOW_ACL | ACL4_SUPPORT_DENY_ACL;
3333	return nfsd4_encode_uint32_t(xdr, mask);
3334}
3335
3336static __be32 nfsd4_encode_fattr4_acl(struct xdr_stream *xdr,
3337				      const struct nfsd4_fattr_args *args)
3338{
3339	struct nfs4_acl *acl = args->acl;
3340	struct nfs4_ace *ace;
3341	__be32 status;
3342
3343	/* nfsace4<> */
3344	if (!acl) {
3345		if (xdr_stream_encode_u32(xdr, 0) != XDR_UNIT)
3346			return nfserr_resource;
3347	} else {
3348		if (xdr_stream_encode_u32(xdr, acl->naces) != XDR_UNIT)
3349			return nfserr_resource;
3350		for (ace = acl->aces; ace < acl->aces + acl->naces; ace++) {
3351			status = nfsd4_encode_nfsace4(xdr, args->rqstp, ace);
3352			if (status != nfs_ok)
3353				return status;
3354		}
3355	}
3356	return nfs_ok;
3357}
3358
3359static __be32 nfsd4_encode_fattr4_filehandle(struct xdr_stream *xdr,
3360					     const struct nfsd4_fattr_args *args)
3361{
3362	return nfsd4_encode_nfs_fh4(xdr, &args->fhp->fh_handle);
3363}
3364
3365static __be32 nfsd4_encode_fattr4_fileid(struct xdr_stream *xdr,
3366					 const struct nfsd4_fattr_args *args)
3367{
3368	return nfsd4_encode_uint64_t(xdr, args->stat.ino);
3369}
3370
3371static __be32 nfsd4_encode_fattr4_files_avail(struct xdr_stream *xdr,
3372					      const struct nfsd4_fattr_args *args)
3373{
3374	return nfsd4_encode_uint64_t(xdr, args->statfs.f_ffree);
3375}
3376
3377static __be32 nfsd4_encode_fattr4_files_free(struct xdr_stream *xdr,
3378					     const struct nfsd4_fattr_args *args)
3379{
3380	return nfsd4_encode_uint64_t(xdr, args->statfs.f_ffree);
3381}
3382
3383static __be32 nfsd4_encode_fattr4_files_total(struct xdr_stream *xdr,
3384					      const struct nfsd4_fattr_args *args)
3385{
3386	return nfsd4_encode_uint64_t(xdr, args->statfs.f_files);
3387}
3388
3389static __be32 nfsd4_encode_fattr4_fs_locations(struct xdr_stream *xdr,
3390					       const struct nfsd4_fattr_args *args)
3391{
3392	return nfsd4_encode_fs_locations4(xdr, args->rqstp, args->exp);
3393}
3394
3395static __be32 nfsd4_encode_fattr4_maxfilesize(struct xdr_stream *xdr,
3396					      const struct nfsd4_fattr_args *args)
3397{
3398	struct super_block *sb = args->exp->ex_path.mnt->mnt_sb;
3399
3400	return nfsd4_encode_uint64_t(xdr, sb->s_maxbytes);
3401}
3402
3403static __be32 nfsd4_encode_fattr4_maxlink(struct xdr_stream *xdr,
3404					  const struct nfsd4_fattr_args *args)
3405{
3406	return nfsd4_encode_uint32_t(xdr, 255);
3407}
3408
3409static __be32 nfsd4_encode_fattr4_maxname(struct xdr_stream *xdr,
3410					  const struct nfsd4_fattr_args *args)
3411{
3412	return nfsd4_encode_uint32_t(xdr, args->statfs.f_namelen);
3413}
3414
3415static __be32 nfsd4_encode_fattr4_maxread(struct xdr_stream *xdr,
3416					  const struct nfsd4_fattr_args *args)
3417{
3418	return nfsd4_encode_uint64_t(xdr, svc_max_payload(args->rqstp));
3419}
3420
3421static __be32 nfsd4_encode_fattr4_maxwrite(struct xdr_stream *xdr,
3422					   const struct nfsd4_fattr_args *args)
3423{
3424	return nfsd4_encode_uint64_t(xdr, svc_max_payload(args->rqstp));
3425}
3426
3427static __be32 nfsd4_encode_fattr4_mode(struct xdr_stream *xdr,
3428				       const struct nfsd4_fattr_args *args)
3429{
3430	return nfsd4_encode_mode4(xdr, args->stat.mode & S_IALLUGO);
3431}
3432
3433static __be32 nfsd4_encode_fattr4_numlinks(struct xdr_stream *xdr,
3434					   const struct nfsd4_fattr_args *args)
3435{
3436	return nfsd4_encode_uint32_t(xdr, args->stat.nlink);
3437}
3438
3439static __be32 nfsd4_encode_fattr4_owner(struct xdr_stream *xdr,
3440					const struct nfsd4_fattr_args *args)
3441{
3442	return nfsd4_encode_user(xdr, args->rqstp, args->stat.uid);
3443}
3444
3445static __be32 nfsd4_encode_fattr4_owner_group(struct xdr_stream *xdr,
3446					      const struct nfsd4_fattr_args *args)
3447{
3448	return nfsd4_encode_group(xdr, args->rqstp, args->stat.gid);
3449}
3450
3451static __be32 nfsd4_encode_fattr4_rawdev(struct xdr_stream *xdr,
3452					 const struct nfsd4_fattr_args *args)
3453{
3454	return nfsd4_encode_specdata4(xdr, MAJOR(args->stat.rdev),
3455				      MINOR(args->stat.rdev));
3456}
3457
3458static __be32 nfsd4_encode_fattr4_space_avail(struct xdr_stream *xdr,
3459					      const struct nfsd4_fattr_args *args)
3460{
3461	u64 avail = (u64)args->statfs.f_bavail * (u64)args->statfs.f_bsize;
3462
3463	return nfsd4_encode_uint64_t(xdr, avail);
3464}
3465
3466static __be32 nfsd4_encode_fattr4_space_free(struct xdr_stream *xdr,
3467					     const struct nfsd4_fattr_args *args)
3468{
3469	u64 free = (u64)args->statfs.f_bfree * (u64)args->statfs.f_bsize;
3470
3471	return nfsd4_encode_uint64_t(xdr, free);
3472}
3473
3474static __be32 nfsd4_encode_fattr4_space_total(struct xdr_stream *xdr,
3475					      const struct nfsd4_fattr_args *args)
3476{
3477	u64 total = (u64)args->statfs.f_blocks * (u64)args->statfs.f_bsize;
3478
3479	return nfsd4_encode_uint64_t(xdr, total);
3480}
3481
3482static __be32 nfsd4_encode_fattr4_space_used(struct xdr_stream *xdr,
3483					     const struct nfsd4_fattr_args *args)
3484{
3485	return nfsd4_encode_uint64_t(xdr, (u64)args->stat.blocks << 9);
3486}
3487
3488static __be32 nfsd4_encode_fattr4_time_access(struct xdr_stream *xdr,
3489					      const struct nfsd4_fattr_args *args)
3490{
3491	return nfsd4_encode_nfstime4(xdr, &args->stat.atime);
3492}
3493
3494static __be32 nfsd4_encode_fattr4_time_create(struct xdr_stream *xdr,
3495					      const struct nfsd4_fattr_args *args)
3496{
3497	return nfsd4_encode_nfstime4(xdr, &args->stat.btime);
3498}
3499
3500/*
3501 * ctime (in NFSv4, time_metadata) is not writeable, and the client
3502 * doesn't really care what resolution could theoretically be stored by
3503 * the filesystem.
3504 *
3505 * The client cares how close together changes can be while still
3506 * guaranteeing ctime changes.  For most filesystems (which have
3507 * timestamps with nanosecond fields) that is limited by the resolution
3508 * of the time returned from current_time() (which I'm assuming to be
3509 * 1/HZ).
3510 */
3511static __be32 nfsd4_encode_fattr4_time_delta(struct xdr_stream *xdr,
3512					     const struct nfsd4_fattr_args *args)
3513{
3514	const struct inode *inode = d_inode(args->dentry);
3515	u32 ns = max_t(u32, NSEC_PER_SEC/HZ, inode->i_sb->s_time_gran);
3516	struct timespec64 ts = ns_to_timespec64(ns);
3517
3518	return nfsd4_encode_nfstime4(xdr, &ts);
3519}
3520
3521static __be32 nfsd4_encode_fattr4_time_metadata(struct xdr_stream *xdr,
3522						const struct nfsd4_fattr_args *args)
3523{
3524	return nfsd4_encode_nfstime4(xdr, &args->stat.ctime);
3525}
3526
3527static __be32 nfsd4_encode_fattr4_time_modify(struct xdr_stream *xdr,
3528					      const struct nfsd4_fattr_args *args)
3529{
3530	return nfsd4_encode_nfstime4(xdr, &args->stat.mtime);
3531}
3532
3533static __be32 nfsd4_encode_fattr4_mounted_on_fileid(struct xdr_stream *xdr,
3534						    const struct nfsd4_fattr_args *args)
3535{
3536	u64 ino;
3537	int err;
3538
3539	if (!args->ignore_crossmnt &&
3540	    args->dentry == args->exp->ex_path.mnt->mnt_root) {
3541		err = nfsd4_get_mounted_on_ino(args->exp, &ino);
3542		if (err)
3543			return nfserrno(err);
3544	} else
3545		ino = args->stat.ino;
3546
3547	return nfsd4_encode_uint64_t(xdr, ino);
3548}
3549
3550#ifdef CONFIG_NFSD_PNFS
3551
3552static __be32 nfsd4_encode_fattr4_fs_layout_types(struct xdr_stream *xdr,
3553						  const struct nfsd4_fattr_args *args)
3554{
3555	unsigned long mask = args->exp->ex_layout_types;
3556	int i;
3557
3558	/* Hamming weight of @mask is the number of layout types to return */
3559	if (xdr_stream_encode_u32(xdr, hweight_long(mask)) != XDR_UNIT)
3560		return nfserr_resource;
3561	for (i = LAYOUT_NFSV4_1_FILES; i < LAYOUT_TYPE_MAX; ++i)
3562		if (mask & BIT(i)) {
3563			/* layouttype4 */
3564			if (xdr_stream_encode_u32(xdr, i) != XDR_UNIT)
3565				return nfserr_resource;
3566		}
3567	return nfs_ok;
3568}
3569
3570static __be32 nfsd4_encode_fattr4_layout_types(struct xdr_stream *xdr,
3571					       const struct nfsd4_fattr_args *args)
3572{
3573	unsigned long mask = args->exp->ex_layout_types;
3574	int i;
3575
3576	/* Hamming weight of @mask is the number of layout types to return */
3577	if (xdr_stream_encode_u32(xdr, hweight_long(mask)) != XDR_UNIT)
3578		return nfserr_resource;
3579	for (i = LAYOUT_NFSV4_1_FILES; i < LAYOUT_TYPE_MAX; ++i)
3580		if (mask & BIT(i)) {
3581			/* layouttype4 */
3582			if (xdr_stream_encode_u32(xdr, i) != XDR_UNIT)
3583				return nfserr_resource;
3584		}
3585	return nfs_ok;
3586}
3587
3588static __be32 nfsd4_encode_fattr4_layout_blksize(struct xdr_stream *xdr,
3589						 const struct nfsd4_fattr_args *args)
3590{
3591	return nfsd4_encode_uint32_t(xdr, args->stat.blksize);
3592}
3593
3594#endif
3595
3596static __be32 nfsd4_encode_fattr4_suppattr_exclcreat(struct xdr_stream *xdr,
3597						     const struct nfsd4_fattr_args *args)
3598{
3599	struct nfsd4_compoundres *resp = args->rqstp->rq_resp;
3600	u32 supp[3];
3601
3602	memcpy(supp, nfsd_suppattrs[resp->cstate.minorversion], sizeof(supp));
3603	if (!IS_POSIXACL(d_inode(args->dentry)))
3604		supp[0] &= ~FATTR4_WORD0_ACL;
3605	if (!args->contextsupport)
3606		supp[2] &= ~FATTR4_WORD2_SECURITY_LABEL;
3607
3608	supp[0] &= NFSD_SUPPATTR_EXCLCREAT_WORD0;
3609	supp[1] &= NFSD_SUPPATTR_EXCLCREAT_WORD1;
3610	supp[2] &= NFSD_SUPPATTR_EXCLCREAT_WORD2;
3611
3612	return nfsd4_encode_bitmap4(xdr, supp[0], supp[1], supp[2]);
3613}
3614
3615/*
3616 * Copied from generic_remap_checks/generic_remap_file_range_prep.
3617 *
3618 * These generic functions use the file system's s_blocksize, but
3619 * individual file systems aren't required to use
3620 * generic_remap_file_range_prep. Until there is a mechanism for
3621 * determining a particular file system's (or file's) clone block
3622 * size, this is the best NFSD can do.
3623 */
3624static __be32 nfsd4_encode_fattr4_clone_blksize(struct xdr_stream *xdr,
3625						const struct nfsd4_fattr_args *args)
3626{
3627	struct inode *inode = d_inode(args->dentry);
3628
3629	return nfsd4_encode_uint32_t(xdr, inode->i_sb->s_blocksize);
3630}
3631
3632#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3633static __be32 nfsd4_encode_fattr4_sec_label(struct xdr_stream *xdr,
3634					    const struct nfsd4_fattr_args *args)
3635{
3636	return nfsd4_encode_security_label(xdr, args->rqstp, &args->context);
3637}
3638#endif
3639
3640static __be32 nfsd4_encode_fattr4_xattr_support(struct xdr_stream *xdr,
3641						const struct nfsd4_fattr_args *args)
3642{
3643	int err = xattr_supports_user_prefix(d_inode(args->dentry));
3644
3645	return nfsd4_encode_bool(xdr, err == 0);
3646}
3647
3648#define NFSD_OA_SHARE_ACCESS	(BIT(OPEN_ARGS_SHARE_ACCESS_READ)	| \
3649				 BIT(OPEN_ARGS_SHARE_ACCESS_WRITE)	| \
3650				 BIT(OPEN_ARGS_SHARE_ACCESS_BOTH))
3651
3652#define NFSD_OA_SHARE_DENY	(BIT(OPEN_ARGS_SHARE_DENY_NONE)		| \
3653				 BIT(OPEN_ARGS_SHARE_DENY_READ)		| \
3654				 BIT(OPEN_ARGS_SHARE_DENY_WRITE)	| \
3655				 BIT(OPEN_ARGS_SHARE_DENY_BOTH))
3656
3657#define NFSD_OA_SHARE_ACCESS_WANT	(BIT(OPEN_ARGS_SHARE_ACCESS_WANT_ANY_DELEG)		| \
3658					 BIT(OPEN_ARGS_SHARE_ACCESS_WANT_NO_DELEG)		| \
3659					 BIT(OPEN_ARGS_SHARE_ACCESS_WANT_CANCEL)		| \
3660					 BIT(OPEN_ARGS_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS)	| \
3661					 BIT(OPEN_ARGS_SHARE_ACCESS_WANT_OPEN_XOR_DELEGATION))
3662
3663#define NFSD_OA_OPEN_CLAIM	(BIT(OPEN_ARGS_OPEN_CLAIM_NULL)		| \
3664				 BIT(OPEN_ARGS_OPEN_CLAIM_PREVIOUS)	| \
3665				 BIT(OPEN_ARGS_OPEN_CLAIM_DELEGATE_CUR)	| \
3666				 BIT(OPEN_ARGS_OPEN_CLAIM_DELEGATE_PREV)| \
3667				 BIT(OPEN_ARGS_OPEN_CLAIM_FH)		| \
3668				 BIT(OPEN_ARGS_OPEN_CLAIM_DELEG_CUR_FH)	| \
3669				 BIT(OPEN_ARGS_OPEN_CLAIM_DELEG_PREV_FH))
3670
3671#define NFSD_OA_CREATE_MODE	(BIT(OPEN_ARGS_CREATEMODE_UNCHECKED4)	| \
3672				 BIT(OPEN_ARGS_CREATE_MODE_GUARDED)	| \
3673				 BIT(OPEN_ARGS_CREATEMODE_EXCLUSIVE4)	| \
3674				 BIT(OPEN_ARGS_CREATE_MODE_EXCLUSIVE4_1))
3675
3676static uint32_t oa_share_access = NFSD_OA_SHARE_ACCESS;
3677static uint32_t oa_share_deny = NFSD_OA_SHARE_DENY;
3678static uint32_t oa_share_access_want = NFSD_OA_SHARE_ACCESS_WANT;
3679static uint32_t oa_open_claim = NFSD_OA_OPEN_CLAIM;
3680static uint32_t oa_create_mode = NFSD_OA_CREATE_MODE;
3681
3682static const struct open_arguments4 nfsd_open_arguments = {
3683	.oa_share_access = { .count = 1, .element = &oa_share_access },
3684	.oa_share_deny = { .count = 1, .element = &oa_share_deny },
3685	.oa_share_access_want = { .count = 1, .element = &oa_share_access_want },
3686	.oa_open_claim = { .count = 1, .element = &oa_open_claim },
3687	.oa_create_mode = { .count = 1, .element = &oa_create_mode },
3688};
3689
3690static __be32 nfsd4_encode_fattr4_open_arguments(struct xdr_stream *xdr,
3691						 const struct nfsd4_fattr_args *args)
3692{
3693	if (!xdrgen_encode_fattr4_open_arguments(xdr, &nfsd_open_arguments))
3694		return nfserr_resource;
3695	return nfs_ok;
3696}
3697
3698#ifdef CONFIG_NFSD_V4_POSIX_ACLS
3699
3700static __be32 nfsd4_encode_fattr4_acl_trueform(struct xdr_stream *xdr,
3701					       const struct nfsd4_fattr_args *args)
3702{
3703	aclmodel4 trueform = ACL_MODEL_NONE;
3704
3705	if (IS_POSIXACL(d_inode(args->dentry)))
3706		trueform = ACL_MODEL_POSIX_DRAFT;
3707	if (!xdrgen_encode_aclmodel4(xdr, trueform))
3708		return nfserr_resource;
3709	return nfs_ok;
3710}
3711
3712static __be32 nfsd4_encode_fattr4_acl_trueform_scope(struct xdr_stream *xdr,
3713						     const struct nfsd4_fattr_args *args)
3714{
3715	if (!xdrgen_encode_aclscope4(xdr, ACL_SCOPE_FILE_SYSTEM))
3716		return nfserr_resource;
3717	return nfs_ok;
3718}
3719
3720static __be32 nfsd4_encode_fattr4_posix_default_acl(struct xdr_stream *xdr,
3721						    const struct nfsd4_fattr_args *args)
3722{
3723	return nfsd4_encode_posixacl(xdr, args->rqstp, args->dpacl);
3724}
3725
3726static __be32 nfsd4_encode_fattr4_posix_access_acl(struct xdr_stream *xdr,
3727						   const struct nfsd4_fattr_args *args)
3728{
3729	return nfsd4_encode_posixacl(xdr, args->rqstp, args->pacl);
3730}
3731
3732#endif /* CONFIG_NFSD_V4_POSIX_ACLS */
3733
3734static const nfsd4_enc_attr nfsd4_enc_fattr4_encode_ops[] = {
3735	[FATTR4_SUPPORTED_ATTRS]	= nfsd4_encode_fattr4_supported_attrs,
3736	[FATTR4_TYPE]			= nfsd4_encode_fattr4_type,
3737	[FATTR4_FH_EXPIRE_TYPE]		= nfsd4_encode_fattr4_fh_expire_type,
3738	[FATTR4_CHANGE]			= nfsd4_encode_fattr4_change,
3739	[FATTR4_SIZE]			= nfsd4_encode_fattr4_size,
3740	[FATTR4_LINK_SUPPORT]		= nfsd4_encode_fattr4__true,
3741	[FATTR4_SYMLINK_SUPPORT]	= nfsd4_encode_fattr4__true,
3742	[FATTR4_NAMED_ATTR]		= nfsd4_encode_fattr4__false,
3743	[FATTR4_FSID]			= nfsd4_encode_fattr4_fsid,
3744	[FATTR4_UNIQUE_HANDLES]		= nfsd4_encode_fattr4__true,
3745	[FATTR4_LEASE_TIME]		= nfsd4_encode_fattr4_lease_time,
3746	[FATTR4_RDATTR_ERROR]		= nfsd4_encode_fattr4_rdattr_error,
3747	[FATTR4_ACL]			= nfsd4_encode_fattr4_acl,
3748	[FATTR4_ACLSUPPORT]		= nfsd4_encode_fattr4_aclsupport,
3749	[FATTR4_ARCHIVE]		= nfsd4_encode_fattr4__noop,
3750	[FATTR4_CANSETTIME]		= nfsd4_encode_fattr4__true,
3751	[FATTR4_CASE_INSENSITIVE]	= nfsd4_encode_fattr4__false,
3752	[FATTR4_CASE_PRESERVING]	= nfsd4_encode_fattr4__true,
3753	[FATTR4_CHOWN_RESTRICTED]	= nfsd4_encode_fattr4__true,
3754	[FATTR4_FILEHANDLE]		= nfsd4_encode_fattr4_filehandle,
3755	[FATTR4_FILEID]			= nfsd4_encode_fattr4_fileid,
3756	[FATTR4_FILES_AVAIL]		= nfsd4_encode_fattr4_files_avail,
3757	[FATTR4_FILES_FREE]		= nfsd4_encode_fattr4_files_free,
3758	[FATTR4_FILES_TOTAL]		= nfsd4_encode_fattr4_files_total,
3759	[FATTR4_FS_LOCATIONS]		= nfsd4_encode_fattr4_fs_locations,
3760	[FATTR4_HIDDEN]			= nfsd4_encode_fattr4__noop,
3761	[FATTR4_HOMOGENEOUS]		= nfsd4_encode_fattr4__true,
3762	[FATTR4_MAXFILESIZE]		= nfsd4_encode_fattr4_maxfilesize,
3763	[FATTR4_MAXLINK]		= nfsd4_encode_fattr4_maxlink,
3764	[FATTR4_MAXNAME]		= nfsd4_encode_fattr4_maxname,
3765	[FATTR4_MAXREAD]		= nfsd4_encode_fattr4_maxread,
3766	[FATTR4_MAXWRITE]		= nfsd4_encode_fattr4_maxwrite,
3767	[FATTR4_MIMETYPE]		= nfsd4_encode_fattr4__noop,
3768	[FATTR4_MODE]			= nfsd4_encode_fattr4_mode,
3769	[FATTR4_NO_TRUNC]		= nfsd4_encode_fattr4__true,
3770	[FATTR4_NUMLINKS]		= nfsd4_encode_fattr4_numlinks,
3771	[FATTR4_OWNER]			= nfsd4_encode_fattr4_owner,
3772	[FATTR4_OWNER_GROUP]		= nfsd4_encode_fattr4_owner_group,
3773	[FATTR4_QUOTA_AVAIL_HARD]	= nfsd4_encode_fattr4__noop,
3774	[FATTR4_QUOTA_AVAIL_SOFT]	= nfsd4_encode_fattr4__noop,
3775	[FATTR4_QUOTA_USED]		= nfsd4_encode_fattr4__noop,
3776	[FATTR4_RAWDEV]			= nfsd4_encode_fattr4_rawdev,
3777	[FATTR4_SPACE_AVAIL]		= nfsd4_encode_fattr4_space_avail,
3778	[FATTR4_SPACE_FREE]		= nfsd4_encode_fattr4_space_free,
3779	[FATTR4_SPACE_TOTAL]		= nfsd4_encode_fattr4_space_total,
3780	[FATTR4_SPACE_USED]		= nfsd4_encode_fattr4_space_used,
3781	[FATTR4_SYSTEM]			= nfsd4_encode_fattr4__noop,
3782	[FATTR4_TIME_ACCESS]		= nfsd4_encode_fattr4_time_access,
3783	[FATTR4_TIME_ACCESS_SET]	= nfsd4_encode_fattr4__noop,
3784	[FATTR4_TIME_BACKUP]		= nfsd4_encode_fattr4__noop,
3785	[FATTR4_TIME_CREATE]		= nfsd4_encode_fattr4_time_create,
3786	[FATTR4_TIME_DELTA]		= nfsd4_encode_fattr4_time_delta,
3787	[FATTR4_TIME_METADATA]		= nfsd4_encode_fattr4_time_metadata,
3788	[FATTR4_TIME_MODIFY]		= nfsd4_encode_fattr4_time_modify,
3789	[FATTR4_TIME_MODIFY_SET]	= nfsd4_encode_fattr4__noop,
3790	[FATTR4_MOUNTED_ON_FILEID]	= nfsd4_encode_fattr4_mounted_on_fileid,
3791	[FATTR4_DIR_NOTIF_DELAY]	= nfsd4_encode_fattr4__noop,
3792	[FATTR4_DIRENT_NOTIF_DELAY]	= nfsd4_encode_fattr4__noop,
3793	[FATTR4_DACL]			= nfsd4_encode_fattr4__noop,
3794	[FATTR4_SACL]			= nfsd4_encode_fattr4__noop,
3795	[FATTR4_CHANGE_POLICY]		= nfsd4_encode_fattr4__noop,
3796	[FATTR4_FS_STATUS]		= nfsd4_encode_fattr4__noop,
3797
3798#ifdef CONFIG_NFSD_PNFS
3799	[FATTR4_FS_LAYOUT_TYPES]	= nfsd4_encode_fattr4_fs_layout_types,
3800	[FATTR4_LAYOUT_HINT]		= nfsd4_encode_fattr4__noop,
3801	[FATTR4_LAYOUT_TYPES]		= nfsd4_encode_fattr4_layout_types,
3802	[FATTR4_LAYOUT_BLKSIZE]		= nfsd4_encode_fattr4_layout_blksize,
3803	[FATTR4_LAYOUT_ALIGNMENT]	= nfsd4_encode_fattr4__noop,
3804#else
3805	[FATTR4_FS_LAYOUT_TYPES]	= nfsd4_encode_fattr4__noop,
3806	[FATTR4_LAYOUT_HINT]		= nfsd4_encode_fattr4__noop,
3807	[FATTR4_LAYOUT_TYPES]		= nfsd4_encode_fattr4__noop,
3808	[FATTR4_LAYOUT_BLKSIZE]		= nfsd4_encode_fattr4__noop,
3809	[FATTR4_LAYOUT_ALIGNMENT]	= nfsd4_encode_fattr4__noop,
3810#endif
3811
3812	[FATTR4_FS_LOCATIONS_INFO]	= nfsd4_encode_fattr4__noop,
3813	[FATTR4_MDSTHRESHOLD]		= nfsd4_encode_fattr4__noop,
3814	[FATTR4_RETENTION_GET]		= nfsd4_encode_fattr4__noop,
3815	[FATTR4_RETENTION_SET]		= nfsd4_encode_fattr4__noop,
3816	[FATTR4_RETENTEVT_GET]		= nfsd4_encode_fattr4__noop,
3817	[FATTR4_RETENTEVT_SET]		= nfsd4_encode_fattr4__noop,
3818	[FATTR4_RETENTION_HOLD]		= nfsd4_encode_fattr4__noop,
3819	[FATTR4_MODE_SET_MASKED]	= nfsd4_encode_fattr4__noop,
3820	[FATTR4_SUPPATTR_EXCLCREAT]	= nfsd4_encode_fattr4_suppattr_exclcreat,
3821	[FATTR4_FS_CHARSET_CAP]		= nfsd4_encode_fattr4__noop,
3822	[FATTR4_CLONE_BLKSIZE]		= nfsd4_encode_fattr4_clone_blksize,
3823	[FATTR4_SPACE_FREED]		= nfsd4_encode_fattr4__noop,
3824	[FATTR4_CHANGE_ATTR_TYPE]	= nfsd4_encode_fattr4__noop,
3825
3826#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3827	[FATTR4_SEC_LABEL]		= nfsd4_encode_fattr4_sec_label,
3828#else
3829	[FATTR4_SEC_LABEL]		= nfsd4_encode_fattr4__noop,
3830#endif
3831
3832	[FATTR4_MODE_UMASK]		= nfsd4_encode_fattr4__noop,
3833	[FATTR4_XATTR_SUPPORT]		= nfsd4_encode_fattr4_xattr_support,
3834	[FATTR4_TIME_DELEG_ACCESS]	= nfsd4_encode_fattr4__inval,
3835	[FATTR4_TIME_DELEG_MODIFY]	= nfsd4_encode_fattr4__inval,
3836	[FATTR4_OPEN_ARGUMENTS]		= nfsd4_encode_fattr4_open_arguments,
3837
3838	/* Reserved */
3839	[87]				= nfsd4_encode_fattr4__inval,
3840	[88]				= nfsd4_encode_fattr4__inval,
3841
3842#ifdef CONFIG_NFSD_V4_POSIX_ACLS
3843	[FATTR4_ACL_TRUEFORM]		= nfsd4_encode_fattr4_acl_trueform,
3844	[FATTR4_ACL_TRUEFORM_SCOPE]	= nfsd4_encode_fattr4_acl_trueform_scope,
3845	[FATTR4_POSIX_DEFAULT_ACL]	= nfsd4_encode_fattr4_posix_default_acl,
3846	[FATTR4_POSIX_ACCESS_ACL]	= nfsd4_encode_fattr4_posix_access_acl,
3847#else
3848	[FATTR4_ACL_TRUEFORM]		= nfsd4_encode_fattr4__noop,
3849	[FATTR4_ACL_TRUEFORM_SCOPE]	= nfsd4_encode_fattr4__noop,
3850	[FATTR4_POSIX_DEFAULT_ACL]	= nfsd4_encode_fattr4__noop,
3851	[FATTR4_POSIX_ACCESS_ACL]	= nfsd4_encode_fattr4__noop,
3852#endif
3853};
3854
3855/*
3856 * Note: @fhp can be NULL; in this case, we might have to compose the filehandle
3857 * ourselves.
3858 */
3859static __be32
3860nfsd4_encode_fattr4(struct svc_rqst *rqstp, struct xdr_stream *xdr,
3861		    struct svc_fh *fhp, struct svc_export *exp,
3862		    struct dentry *dentry, const u32 *bmval,
3863		    int ignore_crossmnt)
3864{
3865	DECLARE_BITMAP(attr_bitmap, ARRAY_SIZE(nfsd4_enc_fattr4_encode_ops));
3866	struct nfs4_delegation *dp = NULL;
3867	struct nfsd4_fattr_args args;
3868	struct svc_fh *tempfh = NULL;
3869	int starting_len = xdr->buf->len;
3870	unsigned int attrlen_offset;
3871	__be32 attrlen, status;
3872	u32 attrmask[3];
3873	int err;
3874	struct nfsd4_compoundres *resp = rqstp->rq_resp;
3875	u32 minorversion = resp->cstate.minorversion;
3876	struct path path = {
3877		.mnt	= exp->ex_path.mnt,
3878		.dentry	= dentry,
3879	};
3880	unsigned long bit;
3881
3882	WARN_ON_ONCE(bmval[1] & NFSD_WRITEONLY_ATTRS_WORD1);
3883	WARN_ON_ONCE(!nfsd_attrs_supported(minorversion, bmval));
3884
3885	args.rqstp = rqstp;
3886	args.exp = exp;
3887	args.dentry = dentry;
3888	args.ignore_crossmnt = (ignore_crossmnt != 0);
3889	args.acl = NULL;
3890#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3891	args.context.context = NULL;
3892#endif
3893#ifdef CONFIG_NFSD_V4_POSIX_ACLS
3894	args.dpacl = NULL;
3895	args.pacl = NULL;
3896#endif
3897
3898	/*
3899	 * Make a local copy of the attribute bitmap that can be modified.
3900	 */
3901	attrmask[0] = bmval[0];
3902	attrmask[1] = bmval[1];
3903	attrmask[2] = bmval[2];
3904
3905	args.rdattr_err = 0;
3906	if (exp->ex_fslocs.migrated) {
3907		status = fattr_handle_absent_fs(&attrmask[0], &attrmask[1],
3908						&attrmask[2], &args.rdattr_err);
3909		if (status)
3910			goto out;
3911	}
3912	if ((attrmask[0] & (FATTR4_WORD0_CHANGE |
3913			    FATTR4_WORD0_SIZE)) ||
3914	    (attrmask[1] & (FATTR4_WORD1_TIME_ACCESS |
3915			    FATTR4_WORD1_TIME_MODIFY |
3916			    FATTR4_WORD1_TIME_METADATA))) {
3917		status = nfsd4_deleg_getattr_conflict(rqstp, dentry, &dp);
3918		if (status)
3919			goto out;
3920	}
3921
3922	err = vfs_getattr(&path, &args.stat,
3923			  STATX_BASIC_STATS | STATX_BTIME | STATX_CHANGE_COOKIE,
3924			  AT_STATX_SYNC_AS_STAT);
3925	if (dp) {
3926		struct nfs4_cb_fattr *ncf = &dp->dl_cb_fattr;
3927
3928		if (ncf->ncf_file_modified) {
3929			++ncf->ncf_initial_cinfo;
3930			args.stat.size = ncf->ncf_cur_fsize;
3931			if (!timespec64_is_epoch(&ncf->ncf_cb_mtime))
3932				args.stat.mtime = ncf->ncf_cb_mtime;
3933		}
3934		args.change_attr = ncf->ncf_initial_cinfo;
3935
3936		if (!timespec64_is_epoch(&ncf->ncf_cb_atime))
3937			args.stat.atime = ncf->ncf_cb_atime;
3938
3939		nfs4_put_stid(&dp->dl_stid);
3940	} else {
3941		args.change_attr = nfsd4_change_attribute(&args.stat);
3942	}
3943
3944	if (err)
3945		goto out_nfserr;
3946
3947	if (!(args.stat.result_mask & STATX_BTIME))
3948		/* underlying FS does not offer btime so we can't share it */
3949		attrmask[1] &= ~FATTR4_WORD1_TIME_CREATE;
3950	if ((attrmask[0] & (FATTR4_WORD0_FILES_AVAIL | FATTR4_WORD0_FILES_FREE |
3951			FATTR4_WORD0_FILES_TOTAL | FATTR4_WORD0_MAXNAME)) ||
3952	    (attrmask[1] & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE |
3953		       FATTR4_WORD1_SPACE_TOTAL))) {
3954		err = vfs_statfs(&path, &args.statfs);
3955		if (err)
3956			goto out_nfserr;
3957	}
3958	if ((attrmask[0] & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) &&
3959	    !fhp) {
3960		tempfh = kmalloc_obj(struct svc_fh);
3961		status = nfserr_jukebox;
3962		if (!tempfh)
3963			goto out;
3964		fh_init(tempfh, NFS4_FHSIZE);
3965		status = fh_compose(tempfh, exp, dentry, NULL);
3966		if (status)
3967			goto out;
3968		args.fhp = tempfh;
3969	} else
3970		args.fhp = fhp;
3971
3972	if (attrmask[0] & FATTR4_WORD0_ACL) {
3973		err = nfsd4_get_nfs4_acl(rqstp, dentry, &args.acl);
3974		if (err == -EOPNOTSUPP)
3975			attrmask[0] &= ~FATTR4_WORD0_ACL;
3976		else if (err == -EINVAL) {
3977			status = nfserr_attrnotsupp;
3978			goto out;
3979		} else if (err != 0)
3980			goto out_nfserr;
3981	}
3982
3983	args.contextsupport = false;
3984
3985#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
3986	if ((attrmask[2] & FATTR4_WORD2_SECURITY_LABEL) ||
3987	     attrmask[0] & FATTR4_WORD0_SUPPORTED_ATTRS) {
3988		if (exp->ex_flags & NFSEXP_SECURITY_LABEL)
3989			err = security_inode_getsecctx(d_inode(dentry),
3990						&args.context);
3991		else
3992			err = -EOPNOTSUPP;
3993		args.contextsupport = (err == 0);
3994		if (attrmask[2] & FATTR4_WORD2_SECURITY_LABEL) {
3995			if (err == -EOPNOTSUPP)
3996				attrmask[2] &= ~FATTR4_WORD2_SECURITY_LABEL;
3997			else if (err)
3998				goto out_nfserr;
3999		}
4000	}
4001#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
4002
4003#ifdef CONFIG_NFSD_V4_POSIX_ACLS
4004	if (attrmask[2] & FATTR4_WORD2_POSIX_DEFAULT_ACL) {
4005		struct inode *inode = d_inode(dentry);
4006		struct posix_acl *dpacl;
4007
4008		if (S_ISDIR(inode->i_mode)) {
4009			dpacl = get_inode_acl(inode, ACL_TYPE_DEFAULT);
4010			if (IS_ERR(dpacl)) {
4011				switch (PTR_ERR(dpacl)) {
4012				case -EOPNOTSUPP:
4013					attrmask[2] &= ~FATTR4_WORD2_POSIX_DEFAULT_ACL;
4014					break;
4015				case -EINVAL:
4016					status = nfserr_attrnotsupp;
4017					goto out;
4018				default:
4019					err = PTR_ERR(dpacl);
4020					goto out_nfserr;
4021				}
4022			} else {
4023				args.dpacl = dpacl;
4024			}
4025		}
4026	}
4027	if (attrmask[2] & FATTR4_WORD2_POSIX_ACCESS_ACL) {
4028		struct inode *inode = d_inode(dentry);
4029		struct posix_acl *pacl;
4030
4031		pacl = get_inode_acl(inode, ACL_TYPE_ACCESS);
4032		if (!pacl)
4033			pacl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL);
4034		if (IS_ERR(pacl)) {
4035			switch (PTR_ERR(pacl)) {
4036			case -EOPNOTSUPP:
4037				attrmask[2] &= ~FATTR4_WORD2_POSIX_ACCESS_ACL;
4038				break;
4039			case -EINVAL:
4040				status = nfserr_attrnotsupp;
4041				goto out;
4042			default:
4043				err = PTR_ERR(pacl);
4044				goto out_nfserr;
4045			}
4046		} else {
4047			args.pacl = pacl;
4048		}
4049	}
4050#endif /* CONFIG_NFSD_V4_POSIX_ACLS */
4051
4052	/* attrmask */
4053	status = nfsd4_encode_bitmap4(xdr, attrmask[0], attrmask[1],
4054				      attrmask[2]);
4055	if (status)
4056		goto out;
4057
4058	/* attr_vals */
4059	attrlen_offset = xdr->buf->len;
4060	if (unlikely(!xdr_reserve_space(xdr, XDR_UNIT)))
4061		goto out_resource;
4062	bitmap_from_arr32(attr_bitmap, attrmask,
4063			  ARRAY_SIZE(nfsd4_enc_fattr4_encode_ops));
4064	for_each_set_bit(bit, attr_bitmap,
4065			 ARRAY_SIZE(nfsd4_enc_fattr4_encode_ops)) {
4066		status = nfsd4_enc_fattr4_encode_ops[bit](xdr, &args);
4067		if (status != nfs_ok)
4068			goto out;
4069	}
4070	attrlen = cpu_to_be32(xdr->buf->len - attrlen_offset - XDR_UNIT);
4071	write_bytes_to_xdr_buf(xdr->buf, attrlen_offset, &attrlen, XDR_UNIT);
4072	status = nfs_ok;
4073
4074out:
4075#ifdef CONFIG_NFSD_V4_POSIX_ACLS
4076	if (args.dpacl)
4077		posix_acl_release(args.dpacl);
4078	if (args.pacl)
4079		posix_acl_release(args.pacl);
4080#endif /* CONFIG_NFSD_V4_POSIX_ACLS */
4081#ifdef CONFIG_NFSD_V4_SECURITY_LABEL
4082	if (args.context.context)
4083		security_release_secctx(&args.context);
4084#endif /* CONFIG_NFSD_V4_SECURITY_LABEL */
4085	kfree(args.acl);
4086	if (tempfh) {
4087		fh_put(tempfh);
4088		kfree(tempfh);
4089	}
4090	if (status)
4091		xdr_truncate_encode(xdr, starting_len);
4092	return status;
4093out_nfserr:
4094	status = nfserrno(err);
4095	goto out;
4096out_resource:
4097	status = nfserr_resource;
4098	goto out;
4099}
4100
4101static void svcxdr_init_encode_from_buffer(struct xdr_stream *xdr,
4102				struct xdr_buf *buf, __be32 *p, int bytes)
4103{
4104	xdr->scratch.iov_len = 0;
4105	memset(buf, 0, sizeof(struct xdr_buf));
4106	buf->head[0].iov_base = p;
4107	buf->head[0].iov_len = 0;
4108	buf->len = 0;
4109	xdr->buf = buf;
4110	xdr->iov = buf->head;
4111	xdr->p = p;
4112	xdr->end = (void *)p + bytes;
4113	buf->buflen = bytes;
4114}
4115
4116__be32 nfsd4_encode_fattr_to_buf(__be32 **p, int words,
4117			struct svc_fh *fhp, struct svc_export *exp,
4118			struct dentry *dentry, u32 *bmval,
4119			struct svc_rqst *rqstp, int ignore_crossmnt)
4120{
4121	struct xdr_buf dummy;
4122	struct xdr_stream xdr;
4123	__be32 ret;
4124
4125	svcxdr_init_encode_from_buffer(&xdr, &dummy, *p, words << 2);
4126	ret = nfsd4_encode_fattr4(rqstp, &xdr, fhp, exp, dentry, bmval,
4127				  ignore_crossmnt);
4128	*p = xdr.p;
4129	return ret;
4130}
4131
4132/*
4133 * The buffer space for this field was reserved during a previous
4134 * call to nfsd4_encode_entry4().
4135 */
4136static void nfsd4_encode_entry4_nfs_cookie4(const struct nfsd4_readdir *readdir,
4137					    u64 offset)
4138{
4139	__be64 cookie = cpu_to_be64(offset);
4140	struct xdr_stream *xdr = readdir->xdr;
4141
4142	if (!readdir->cookie_offset)
4143		return;
4144	write_bytes_to_xdr_buf(xdr->buf, readdir->cookie_offset, &cookie,
4145			       sizeof(cookie));
4146}
4147
4148static inline int attributes_need_mount(u32 *bmval)
4149{
4150	if (bmval[0] & ~(FATTR4_WORD0_RDATTR_ERROR | FATTR4_WORD0_LEASE_TIME))
4151		return 1;
4152	if (bmval[1] & ~FATTR4_WORD1_MOUNTED_ON_FILEID)
4153		return 1;
4154	return 0;
4155}
4156
4157static __be32
4158nfsd4_encode_entry4_fattr(struct nfsd4_readdir *cd, const char *name,
4159			  int namlen)
4160{
4161	struct svc_export *exp = cd->rd_fhp->fh_export;
4162	struct dentry *dentry;
4163	__be32 nfserr;
4164	int ignore_crossmnt = 0;
4165
4166	dentry = lookup_one_positive_unlocked(&nop_mnt_idmap,
4167					      &QSTR_LEN(name, namlen),
4168					      cd->rd_fhp->fh_dentry);
4169	if (IS_ERR(dentry))
4170		return nfserrno(PTR_ERR(dentry));
4171
4172	exp_get(exp);
4173	/*
4174	 * In the case of a mountpoint, the client may be asking for
4175	 * attributes that are only properties of the underlying filesystem
4176	 * as opposed to the cross-mounted file system. In such a case,
4177	 * we will not follow the cross mount and will fill the attribtutes
4178	 * directly from the mountpoint dentry.
4179	 */
4180	if (nfsd_mountpoint(dentry, exp)) {
4181		int err;
4182
4183		if (!(exp->ex_flags & NFSEXP_V4ROOT)
4184				&& !attributes_need_mount(cd->rd_bmval)) {
4185			ignore_crossmnt = 1;
4186			goto out_encode;
4187		}
4188		/*
4189		 * Why the heck aren't we just using nfsd_lookup??
4190		 * Different "."/".." handling?  Something else?
4191		 * At least, add a comment here to explain....
4192		 */
4193		err = nfsd_cross_mnt(cd->rd_rqstp, &dentry, &exp);
4194		if (err) {
4195			nfserr = nfserrno(err);
4196			goto out_put;
4197		}
4198		nfserr = check_nfsd_access(exp, cd->rd_rqstp, false);
4199		if (nfserr)
4200			goto out_put;
4201
4202	}
4203out_encode:
4204	nfserr = nfsd4_encode_fattr4(cd->rd_rqstp, cd->xdr, NULL, exp, dentry,
4205				     cd->rd_bmval, ignore_crossmnt);
4206out_put:
4207	dput(dentry);
4208	exp_put(exp);
4209	return nfserr;
4210}
4211
4212static __be32
4213nfsd4_encode_entry4_rdattr_error(struct xdr_stream *xdr, __be32 nfserr)
4214{
4215	__be32 status;
4216
4217	/* attrmask */
4218	status = nfsd4_encode_bitmap4(xdr, FATTR4_WORD0_RDATTR_ERROR, 0, 0);
4219	if (status != nfs_ok)
4220		return status;
4221	/* attr_vals */
4222	if (xdr_stream_encode_u32(xdr, XDR_UNIT) != XDR_UNIT)
4223		return nfserr_resource;
4224	/* rdattr_error */
4225	if (xdr_stream_encode_be32(xdr, nfserr) != XDR_UNIT)
4226		return nfserr_resource;
4227	return nfs_ok;
4228}
4229
4230static int
4231nfsd4_encode_entry4(void *ccdv, const char *name, int namlen,
4232		    loff_t offset, u64 ino, unsigned int d_type)
4233{
4234	struct readdir_cd *ccd = ccdv;
4235	struct nfsd4_readdir *cd = container_of(ccd, struct nfsd4_readdir, common);
4236	struct xdr_stream *xdr = cd->xdr;
4237	int start_offset = xdr->buf->len;
4238	int cookie_offset;
4239	u32 name_and_cookie;
4240	int entry_bytes;
4241	__be32 nfserr = nfserr_toosmall;
4242
4243	/* In nfsv4, "." and ".." never make it onto the wire.. */
4244	if (name && isdotent(name, namlen)) {
4245		cd->common.err = nfs_ok;
4246		return 0;
4247	}
4248
4249	/* Encode the previous entry's cookie value */
4250	nfsd4_encode_entry4_nfs_cookie4(cd, offset);
4251
4252	if (xdr_stream_encode_item_present(xdr) != XDR_UNIT)
4253		goto fail;
4254
4255	/* Reserve send buffer space for this entry's cookie value. */
4256	cookie_offset = xdr->buf->len;
4257	if (nfsd4_encode_nfs_cookie4(xdr, OFFSET_MAX) != nfs_ok)
4258		goto fail;
4259	if (nfsd4_encode_component4(xdr, name, namlen) != nfs_ok)
4260		goto fail;
4261	nfserr = nfsd4_encode_entry4_fattr(cd, name, namlen);
4262	switch (nfserr) {
4263	case nfs_ok:
4264		break;
4265	case nfserr_resource:
4266		nfserr = nfserr_toosmall;
4267		goto fail;
4268	case nfserr_noent:
4269		xdr_truncate_encode(xdr, start_offset);
4270		goto skip_entry;
4271	case nfserr_jukebox:
4272		/*
4273		 * The pseudoroot should only display dentries that lead to
4274		 * exports. If we get EJUKEBOX here, then we can't tell whether
4275		 * this entry should be included. Just fail the whole READDIR
4276		 * with NFS4ERR_DELAY in that case, and hope that the situation
4277		 * will resolve itself by the client's next attempt.
4278		 */
4279		if (cd->rd_fhp->fh_export->ex_flags & NFSEXP_V4ROOT)
4280			goto fail;
4281		fallthrough;
4282	default:
4283		/*
4284		 * If the client requested the RDATTR_ERROR attribute,
4285		 * we stuff the error code into this attribute
4286		 * and continue.  If this attribute was not requested,
4287		 * then in accordance with the spec, we fail the
4288		 * entire READDIR operation(!)
4289		 */
4290		if (!(cd->rd_bmval[0] & FATTR4_WORD0_RDATTR_ERROR))
4291			goto fail;
4292		if (nfsd4_encode_entry4_rdattr_error(xdr, nfserr)) {
4293			nfserr = nfserr_toosmall;
4294			goto fail;
4295		}
4296	}
4297	nfserr = nfserr_toosmall;
4298	entry_bytes = xdr->buf->len - start_offset;
4299	if (entry_bytes > cd->rd_maxcount)
4300		goto fail;
4301	cd->rd_maxcount -= entry_bytes;
4302	/*
4303	 * RFC 3530 14.2.24 describes rd_dircount as only a "hint", and
4304	 * notes that it could be zero. If it is zero, then the server
4305	 * should enforce only the rd_maxcount value.
4306	 */
4307	if (cd->rd_dircount) {
4308		name_and_cookie = 4 + 4 * XDR_QUADLEN(namlen) + 8;
4309		if (name_and_cookie > cd->rd_dircount && cd->cookie_offset)
4310			goto fail;
4311		cd->rd_dircount -= min(cd->rd_dircount, name_and_cookie);
4312		if (!cd->rd_dircount)
4313			cd->rd_maxcount = 0;
4314	}
4315
4316	cd->cookie_offset = cookie_offset;
4317skip_entry:
4318	cd->common.err = nfs_ok;
4319	return 0;
4320fail:
4321	xdr_truncate_encode(xdr, start_offset);
4322	cd->common.err = nfserr;
4323	return -EINVAL;
4324}
4325
4326static __be32
4327nfsd4_encode_verifier4(struct xdr_stream *xdr, const nfs4_verifier *verf)
4328{
4329	__be32 *p;
4330
4331	p = xdr_reserve_space(xdr, NFS4_VERIFIER_SIZE);
4332	if (!p)
4333		return nfserr_resource;
4334	memcpy(p, verf->data, sizeof(verf->data));
4335	return nfs_ok;
4336}
4337
4338static __be32
4339nfsd4_encode_clientid4(struct xdr_stream *xdr, const clientid_t *clientid)
4340{
4341	__be32 *p;
4342
4343	p = xdr_reserve_space(xdr, sizeof(__be64));
4344	if (!p)
4345		return nfserr_resource;
4346	memcpy(p, clientid, sizeof(*clientid));
4347	return nfs_ok;
4348}
4349
4350/* This is a frequently-encoded item; open-coded for speed */
4351static __be32
4352nfsd4_encode_stateid4(struct xdr_stream *xdr, const stateid_t *sid)
4353{
4354	__be32 *p;
4355
4356	p = xdr_reserve_space(xdr, NFS4_STATEID_SIZE);
4357	if (!p)
4358		return nfserr_resource;
4359	*p++ = cpu_to_be32(sid->si_generation);
4360	memcpy(p, &sid->si_opaque, sizeof(sid->si_opaque));
4361	return nfs_ok;
4362}
4363
4364static __be32
4365nfsd4_encode_sessionid4(struct xdr_stream *xdr,
4366			const struct nfs4_sessionid *sessionid)
4367{
4368	return nfsd4_encode_opaque_fixed(xdr, sessionid->data,
4369					 NFS4_MAX_SESSIONID_LEN);
4370}
4371
4372static __be32
4373nfsd4_encode_access(struct nfsd4_compoundres *resp, __be32 nfserr,
4374		    union nfsd4_op_u *u)
4375{
4376	struct nfsd4_access *access = &u->access;
4377	struct xdr_stream *xdr = resp->xdr;
4378	__be32 status;
4379
4380	/* supported */
4381	status = nfsd4_encode_uint32_t(xdr, access->ac_supported);
4382	if (status != nfs_ok)
4383		return status;
4384	/* access */
4385	return nfsd4_encode_uint32_t(xdr, access->ac_resp_access);
4386}
4387
4388static __be32 nfsd4_encode_bind_conn_to_session(struct nfsd4_compoundres *resp, __be32 nfserr,
4389						union nfsd4_op_u *u)
4390{
4391	struct nfsd4_bind_conn_to_session *bcts = &u->bind_conn_to_session;
4392	struct xdr_stream *xdr = resp->xdr;
4393
4394	/* bctsr_sessid */
4395	nfserr = nfsd4_encode_sessionid4(xdr, &bcts->sessionid);
4396	if (nfserr != nfs_ok)
4397		return nfserr;
4398	/* bctsr_dir */
4399	if (xdr_stream_encode_u32(xdr, bcts->dir) != XDR_UNIT)
4400		return nfserr_resource;
4401	/* bctsr_use_conn_in_rdma_mode */
4402	return nfsd4_encode_bool(xdr, false);
4403}
4404
4405static __be32
4406nfsd4_encode_close(struct nfsd4_compoundres *resp, __be32 nfserr,
4407		   union nfsd4_op_u *u)
4408{
4409	struct nfsd4_close *close = &u->close;
4410	struct xdr_stream *xdr = resp->xdr;
4411
4412	/* open_stateid */
4413	return nfsd4_encode_stateid4(xdr, &close->cl_stateid);
4414}
4415
4416
4417static __be32
4418nfsd4_encode_commit(struct nfsd4_compoundres *resp, __be32 nfserr,
4419		    union nfsd4_op_u *u)
4420{
4421	struct nfsd4_commit *commit = &u->commit;
4422
4423	return nfsd4_encode_verifier4(resp->xdr, &commit->co_verf);
4424}
4425
4426static __be32
4427nfsd4_encode_create(struct nfsd4_compoundres *resp, __be32 nfserr,
4428		    union nfsd4_op_u *u)
4429{
4430	struct nfsd4_create *create = &u->create;
4431	struct xdr_stream *xdr = resp->xdr;
4432
4433	/* cinfo */
4434	nfserr = nfsd4_encode_change_info4(xdr, &create->cr_cinfo);
4435	if (nfserr)
4436		return nfserr;
4437	/* attrset */
4438	return nfsd4_encode_bitmap4(xdr, create->cr_bmval[0],
4439				    create->cr_bmval[1], create->cr_bmval[2]);
4440}
4441
4442static __be32
4443nfsd4_encode_getattr(struct nfsd4_compoundres *resp, __be32 nfserr,
4444		     union nfsd4_op_u *u)
4445{
4446	struct nfsd4_getattr *getattr = &u->getattr;
4447	struct svc_fh *fhp = getattr->ga_fhp;
4448	struct xdr_stream *xdr = resp->xdr;
4449
4450	/* obj_attributes */
4451	return nfsd4_encode_fattr4(resp->rqstp, xdr, fhp, fhp->fh_export,
4452				   fhp->fh_dentry, getattr->ga_bmval, 0);
4453}
4454
4455static __be32
4456nfsd4_encode_getfh(struct nfsd4_compoundres *resp, __be32 nfserr,
4457		   union nfsd4_op_u *u)
4458{
4459	struct xdr_stream *xdr = resp->xdr;
4460	struct svc_fh *fhp = u->getfh;
4461
4462	/* object */
4463	return nfsd4_encode_nfs_fh4(xdr, &fhp->fh_handle);
4464}
4465
4466static __be32
4467nfsd4_encode_lock_owner4(struct xdr_stream *xdr, const clientid_t *clientid,
4468			 const struct xdr_netobj *owner)
4469{
4470	__be32 status;
4471
4472	/* clientid */
4473	status = nfsd4_encode_clientid4(xdr, clientid);
4474	if (status != nfs_ok)
4475		return status;
4476	/* owner */
4477	return nfsd4_encode_opaque(xdr, owner->data, owner->len);
4478}
4479
4480static __be32
4481nfsd4_encode_lock4denied(struct xdr_stream *xdr,
4482			 const struct nfsd4_lock_denied *ld)
4483{
4484	__be32 status;
4485
4486	/* offset */
4487	status = nfsd4_encode_offset4(xdr, ld->ld_start);
4488	if (status != nfs_ok)
4489		return status;
4490	/* length */
4491	status = nfsd4_encode_length4(xdr, ld->ld_length);
4492	if (status != nfs_ok)
4493		return status;
4494	/* locktype */
4495	if (xdr_stream_encode_u32(xdr, ld->ld_type) != XDR_UNIT)
4496		return nfserr_resource;
4497	/* owner */
4498	return nfsd4_encode_lock_owner4(xdr, &ld->ld_clientid,
4499					&ld->ld_owner);
4500}
4501
4502static __be32
4503nfsd4_encode_lock(struct nfsd4_compoundres *resp, __be32 nfserr,
4504		  union nfsd4_op_u *u)
4505{
4506	struct nfsd4_lock *lock = &u->lock;
4507	struct xdr_stream *xdr = resp->xdr;
4508	__be32 status;
4509
4510	switch (nfserr) {
4511	case nfs_ok:
4512		/* resok4 */
4513		status = nfsd4_encode_stateid4(xdr, &lock->lk_resp_stateid);
4514		break;
4515	case nfserr_denied:
4516		/* denied */
4517		status = nfsd4_encode_lock4denied(xdr, &lock->lk_denied);
4518		break;
4519	default:
4520		return nfserr;
4521	}
4522	return status != nfs_ok ? status : nfserr;
4523}
4524
4525static __be32
4526nfsd4_encode_lockt(struct nfsd4_compoundres *resp, __be32 nfserr,
4527		   union nfsd4_op_u *u)
4528{
4529	struct nfsd4_lockt *lockt = &u->lockt;
4530	struct xdr_stream *xdr = resp->xdr;
4531	__be32 status;
4532
4533	if (nfserr == nfserr_denied) {
4534		/* denied */
4535		status = nfsd4_encode_lock4denied(xdr, &lockt->lt_denied);
4536		if (status != nfs_ok)
4537			return status;
4538	}
4539	return nfserr;
4540}
4541
4542static __be32
4543nfsd4_encode_locku(struct nfsd4_compoundres *resp, __be32 nfserr,
4544		   union nfsd4_op_u *u)
4545{
4546	struct nfsd4_locku *locku = &u->locku;
4547	struct xdr_stream *xdr = resp->xdr;
4548
4549	/* lock_stateid */
4550	return nfsd4_encode_stateid4(xdr, &locku->lu_stateid);
4551}
4552
4553
4554static __be32
4555nfsd4_encode_link(struct nfsd4_compoundres *resp, __be32 nfserr,
4556		  union nfsd4_op_u *u)
4557{
4558	struct nfsd4_link *link = &u->link;
4559	struct xdr_stream *xdr = resp->xdr;
4560
4561	return nfsd4_encode_change_info4(xdr, &link->li_cinfo);
4562}
4563
4564/*
4565 * This implementation does not yet support returning an ACE in an
4566 * OPEN that offers a delegation.
4567 */
4568static __be32
4569nfsd4_encode_open_nfsace4(struct xdr_stream *xdr)
4570{
4571	__be32 status;
4572
4573	/* type */
4574	status = nfsd4_encode_acetype4(xdr, NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE);
4575	if (status != nfs_ok)
4576		return nfserr_resource;
4577	/* flag */
4578	status = nfsd4_encode_aceflag4(xdr, 0);
4579	if (status != nfs_ok)
4580		return nfserr_resource;
4581	/* access mask */
4582	status = nfsd4_encode_acemask4(xdr, 0);
4583	if (status != nfs_ok)
4584		return nfserr_resource;
4585	/* who - empty for now */
4586	if (xdr_stream_encode_u32(xdr, 0) != XDR_UNIT)
4587		return nfserr_resource;
4588	return nfs_ok;
4589}
4590
4591static __be32
4592nfsd4_encode_open_read_delegation4(struct xdr_stream *xdr, struct nfsd4_open *open)
4593{
4594	__be32 status;
4595
4596	/* stateid */
4597	status = nfsd4_encode_stateid4(xdr, &open->op_delegate_stateid);
4598	if (status != nfs_ok)
4599		return status;
4600	/* recall */
4601	status = nfsd4_encode_bool(xdr, open->op_recall);
4602	if (status != nfs_ok)
4603		return status;
4604	/* permissions */
4605	return nfsd4_encode_open_nfsace4(xdr);
4606}
4607
4608static __be32
4609nfsd4_encode_nfs_space_limit4(struct xdr_stream *xdr, u64 filesize)
4610{
4611	/* limitby */
4612	if (xdr_stream_encode_u32(xdr, NFS4_LIMIT_SIZE) != XDR_UNIT)
4613		return nfserr_resource;
4614	/* filesize */
4615	return nfsd4_encode_uint64_t(xdr, filesize);
4616}
4617
4618static __be32
4619nfsd4_encode_open_write_delegation4(struct xdr_stream *xdr,
4620				    struct nfsd4_open *open)
4621{
4622	__be32 status;
4623
4624	/* stateid */
4625	status = nfsd4_encode_stateid4(xdr, &open->op_delegate_stateid);
4626	if (status != nfs_ok)
4627		return status;
4628	/* recall */
4629	status = nfsd4_encode_bool(xdr, open->op_recall);
4630	if (status != nfs_ok)
4631		return status;
4632	/* space_limit */
4633	status = nfsd4_encode_nfs_space_limit4(xdr, 0);
4634	if (status != nfs_ok)
4635		return status;
4636	return nfsd4_encode_open_nfsace4(xdr);
4637}
4638
4639static __be32
4640nfsd4_encode_open_none_delegation4(struct xdr_stream *xdr,
4641				   struct nfsd4_open *open)
4642{
4643	__be32 status = nfs_ok;
4644
4645	/* ond_why */
4646	if (xdr_stream_encode_u32(xdr, open->op_why_no_deleg) != XDR_UNIT)
4647		return nfserr_resource;
4648	switch (open->op_why_no_deleg) {
4649	case WND4_CONTENTION:
4650		/* ond_server_will_push_deleg */
4651		status = nfsd4_encode_bool(xdr, false);
4652		break;
4653	case WND4_RESOURCE:
4654		/* ond_server_will_signal_avail */
4655		status = nfsd4_encode_bool(xdr, false);
4656	}
4657	return status;
4658}
4659
4660static __be32
4661nfsd4_encode_open_delegation4(struct xdr_stream *xdr, struct nfsd4_open *open)
4662{
4663	__be32 status;
4664
4665	/* delegation_type */
4666	if (xdr_stream_encode_u32(xdr, open->op_delegate_type) != XDR_UNIT)
4667		return nfserr_resource;
4668	switch (open->op_delegate_type) {
4669	case OPEN_DELEGATE_NONE:
4670		status = nfs_ok;
4671		break;
4672	case OPEN_DELEGATE_READ:
4673	case OPEN_DELEGATE_READ_ATTRS_DELEG:
4674		/* read */
4675		status = nfsd4_encode_open_read_delegation4(xdr, open);
4676		break;
4677	case OPEN_DELEGATE_WRITE:
4678	case OPEN_DELEGATE_WRITE_ATTRS_DELEG:
4679		/* write */
4680		status = nfsd4_encode_open_write_delegation4(xdr, open);
4681		break;
4682	case OPEN_DELEGATE_NONE_EXT:
4683		/* od_whynone */
4684		status = nfsd4_encode_open_none_delegation4(xdr, open);
4685		break;
4686	default:
4687		status = nfserr_serverfault;
4688	}
4689
4690	return status;
4691}
4692
4693static __be32
4694nfsd4_encode_open(struct nfsd4_compoundres *resp, __be32 nfserr,
4695		  union nfsd4_op_u *u)
4696{
4697	struct nfsd4_open *open = &u->open;
4698	struct xdr_stream *xdr = resp->xdr;
4699
4700	/* stateid */
4701	nfserr = nfsd4_encode_stateid4(xdr, &open->op_stateid);
4702	if (nfserr != nfs_ok)
4703		return nfserr;
4704	/* cinfo */
4705	nfserr = nfsd4_encode_change_info4(xdr, &open->op_cinfo);
4706	if (nfserr != nfs_ok)
4707		return nfserr;
4708	/* rflags */
4709	nfserr = nfsd4_encode_uint32_t(xdr, open->op_rflags);
4710	if (nfserr != nfs_ok)
4711		return nfserr;
4712	/* attrset */
4713	nfserr = nfsd4_encode_bitmap4(xdr, open->op_bmval[0],
4714				      open->op_bmval[1], open->op_bmval[2]);
4715	if (nfserr != nfs_ok)
4716		return nfserr;
4717	/* delegation */
4718	return nfsd4_encode_open_delegation4(xdr, open);
4719}
4720
4721static __be32
4722nfsd4_encode_open_confirm(struct nfsd4_compoundres *resp, __be32 nfserr,
4723			  union nfsd4_op_u *u)
4724{
4725	struct nfsd4_open_confirm *oc = &u->open_confirm;
4726	struct xdr_stream *xdr = resp->xdr;
4727
4728	/* open_stateid */
4729	return nfsd4_encode_stateid4(xdr, &oc->oc_resp_stateid);
4730}
4731
4732static __be32
4733nfsd4_encode_open_downgrade(struct nfsd4_compoundres *resp, __be32 nfserr,
4734			    union nfsd4_op_u *u)
4735{
4736	struct nfsd4_open_downgrade *od = &u->open_downgrade;
4737	struct xdr_stream *xdr = resp->xdr;
4738
4739	/* open_stateid */
4740	return nfsd4_encode_stateid4(xdr, &od->od_stateid);
4741}
4742
4743/*
4744 * The operation of this function assumes that this is the only
4745 * READ operation in the COMPOUND. If there are multiple READs,
4746 * we use nfsd4_encode_readv().
4747 */
4748static __be32 nfsd4_encode_splice_read(
4749				struct nfsd4_compoundres *resp,
4750				struct nfsd4_read *read,
4751				struct file *file, unsigned long maxcount)
4752{
4753	struct xdr_stream *xdr = resp->xdr;
4754	struct xdr_buf *buf = xdr->buf;
4755	int status, space_left;
4756	__be32 nfserr;
4757
4758	/*
4759	 * Splice read doesn't work if encoding has already wandered
4760	 * into the XDR buf's page array.
4761	 */
4762	if (unlikely(xdr->buf->page_len)) {
4763		WARN_ON_ONCE(1);
4764		return nfserr_serverfault;
4765	}
4766
4767	/*
4768	 * Make sure there is room at the end of buf->head for
4769	 * svcxdr_encode_opaque_pages() to create a tail buffer
4770	 * to XDR-pad the payload.
4771	 */
4772	if (xdr->iov != xdr->buf->head || xdr->end - xdr->p < 1)
4773		return nfserr_resource;
4774
4775	nfserr = nfsd_splice_read(read->rd_rqstp, read->rd_fhp,
4776				  file, read->rd_offset, &maxcount,
4777				  &read->rd_eof);
4778	read->rd_length = maxcount;
4779	if (nfserr)
4780		goto out_err;
4781	svcxdr_encode_opaque_pages(read->rd_rqstp, xdr, buf->pages,
4782				   buf->page_base, maxcount);
4783	status = svc_encode_result_payload(read->rd_rqstp,
4784					   buf->head[0].iov_len, maxcount);
4785	if (status) {
4786		nfserr = nfserrno(status);
4787		goto out_err;
4788	}
4789
4790	/*
4791	 * Prepare to encode subsequent operations.
4792	 *
4793	 * xdr_truncate_encode() is not safe to use after a successful
4794	 * splice read has been done, so the following stream
4795	 * manipulations are open-coded.
4796	 */
4797	space_left = min_t(int, (void *)xdr->end - (void *)xdr->p,
4798				buf->buflen - buf->len);
4799	buf->buflen = buf->len + space_left;
4800	xdr->end = (__be32 *)((void *)xdr->end + space_left);
4801
4802	return nfs_ok;
4803
4804out_err:
4805	/*
4806	 * nfsd_splice_actor may have already messed with the
4807	 * page length; reset it so as not to confuse
4808	 * xdr_truncate_encode in our caller.
4809	 */
4810	buf->page_len = 0;
4811	return nfserr;
4812}
4813
4814static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp,
4815				 struct nfsd4_read *read,
4816				 unsigned long maxcount)
4817{
4818	struct xdr_stream *xdr = resp->xdr;
4819	unsigned int base = xdr->buf->page_len & ~PAGE_MASK;
4820	unsigned int starting_len = xdr->buf->len;
4821	__be32 zero = xdr_zero;
4822	__be32 nfserr;
4823
4824	nfserr = nfsd_iter_read(resp->rqstp, read->rd_fhp, read->rd_nf,
4825				read->rd_offset, &maxcount, base,
4826				&read->rd_eof);
4827	read->rd_length = maxcount;
4828	if (nfserr)
4829		return nfserr;
4830
4831	/*
4832	 * svcxdr_encode_opaque_pages() is not used here because
4833	 * we don't want to encode subsequent results in this
4834	 * COMPOUND into the xdr->buf's tail, but rather those
4835	 * results should follow the NFS READ payload in the
4836	 * buf's pages.
4837	 */
4838	if (xdr_reserve_space_vec(xdr, maxcount) < 0)
4839		return nfserr_resource;
4840
4841	/*
4842	 * Mark the buffer location of the NFS READ payload so that
4843	 * direct placement-capable transports send only the
4844	 * payload bytes out-of-band.
4845	 */
4846	if (svc_encode_result_payload(resp->rqstp, starting_len, maxcount))
4847		return nfserr_io;
4848
4849	write_bytes_to_xdr_buf(xdr->buf, starting_len + maxcount, &zero,
4850			       xdr_pad_size(maxcount));
4851	return nfs_ok;
4852}
4853
4854static __be32
4855nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr,
4856		  union nfsd4_op_u *u)
4857{
4858	struct nfsd4_compoundargs *argp = resp->rqstp->rq_argp;
4859	struct nfsd4_read *read = &u->read;
4860	struct xdr_stream *xdr = resp->xdr;
4861	bool splice_ok = argp->splice_ok;
4862	unsigned int eof_offset;
4863	unsigned long maxcount;
4864	__be32 wire_data[2];
4865	struct file *file;
4866
4867	if (nfserr)
4868		return nfserr;
4869
4870	eof_offset = xdr->buf->len;
4871	file = read->rd_nf->nf_file;
4872
4873	/* Reserve space for the eof flag and byte count */
4874	if (unlikely(!xdr_reserve_space(xdr, XDR_UNIT * 2))) {
4875		WARN_ON_ONCE(splice_ok);
4876		return nfserr_resource;
4877	}
4878	xdr_commit_encode(xdr);
4879
4880	maxcount = min_t(unsigned long, read->rd_length,
4881			 (xdr->buf->buflen - xdr->buf->len));
4882
4883	if (file->f_op->splice_read && splice_ok)
4884		nfserr = nfsd4_encode_splice_read(resp, read, file, maxcount);
4885	else
4886		nfserr = nfsd4_encode_readv(resp, read, maxcount);
4887	if (nfserr) {
4888		xdr_truncate_encode(xdr, eof_offset);
4889		return nfserr;
4890	}
4891
4892	wire_data[0] = read->rd_eof ? xdr_one : xdr_zero;
4893	wire_data[1] = cpu_to_be32(read->rd_length);
4894	write_bytes_to_xdr_buf(xdr->buf, eof_offset, &wire_data, XDR_UNIT * 2);
4895	return nfs_ok;
4896}
4897
4898static __be32
4899nfsd4_encode_readlink(struct nfsd4_compoundres *resp, __be32 nfserr,
4900		      union nfsd4_op_u *u)
4901{
4902	struct nfsd4_readlink *readlink = &u->readlink;
4903	__be32 *p, wire_count, zero = xdr_zero;
4904	struct xdr_stream *xdr = resp->xdr;
4905	unsigned int length_offset;
4906	int maxcount, status;
4907
4908	/* linktext4.count */
4909	length_offset = xdr->buf->len;
4910	if (unlikely(!xdr_reserve_space(xdr, XDR_UNIT)))
4911		return nfserr_resource;
4912
4913	/* linktext4.data */
4914	maxcount = PAGE_SIZE;
4915	p = xdr_reserve_space(xdr, maxcount);
4916	if (!p)
4917		return nfserr_resource;
4918	nfserr = nfsd_readlink(readlink->rl_rqstp, readlink->rl_fhp,
4919						(char *)p, &maxcount);
4920	if (nfserr == nfserr_isdir)
4921		nfserr = nfserr_inval;
4922	if (nfserr)
4923		goto out_err;
4924	status = svc_encode_result_payload(readlink->rl_rqstp, length_offset,
4925					   maxcount);
4926	if (status) {
4927		nfserr = nfserrno(status);
4928		goto out_err;
4929	}
4930
4931	wire_count = cpu_to_be32(maxcount);
4932	write_bytes_to_xdr_buf(xdr->buf, length_offset, &wire_count, XDR_UNIT);
4933	xdr_truncate_encode(xdr, length_offset + 4 + xdr_align_size(maxcount));
4934	write_bytes_to_xdr_buf(xdr->buf, length_offset + 4 + maxcount, &zero,
4935			       xdr_pad_size(maxcount));
4936	return nfs_ok;
4937
4938out_err:
4939	xdr_truncate_encode(xdr, length_offset);
4940	return nfserr;
4941}
4942
4943static __be32 nfsd4_encode_dirlist4(struct xdr_stream *xdr,
4944				    struct nfsd4_readdir *readdir,
4945				    u32 max_payload)
4946{
4947	int bytes_left, maxcount, starting_len = xdr->buf->len;
4948	loff_t offset;
4949	__be32 status;
4950
4951	/*
4952	 * Number of bytes left for directory entries allowing for the
4953	 * final 8 bytes of the readdir and a following failed op.
4954	 */
4955	bytes_left = xdr->buf->buflen - xdr->buf->len -
4956		COMPOUND_ERR_SLACK_SPACE - XDR_UNIT * 2;
4957	if (bytes_left < 0)
4958		return nfserr_resource;
4959	maxcount = min_t(u32, readdir->rd_maxcount, max_payload);
4960
4961	/*
4962	 * The RFC defines rd_maxcount as the size of the
4963	 * READDIR4resok structure, which includes the verifier
4964	 * and the 8 bytes encoded at the end of this function.
4965	 */
4966	if (maxcount < XDR_UNIT * 4)
4967		return nfserr_toosmall;
4968	maxcount = min_t(int, maxcount - XDR_UNIT * 4, bytes_left);
4969
4970	/* RFC 3530 14.2.24 allows us to ignore dircount when it's 0 */
4971	if (!readdir->rd_dircount)
4972		readdir->rd_dircount = max_payload;
4973
4974	/* *entries */
4975	readdir->xdr = xdr;
4976	readdir->rd_maxcount = maxcount;
4977	readdir->common.err = 0;
4978	readdir->cookie_offset = 0;
4979	offset = readdir->rd_cookie;
4980	status = nfsd_readdir(readdir->rd_rqstp, readdir->rd_fhp, &offset,
4981			      &readdir->common, nfsd4_encode_entry4);
4982	if (status)
4983		return status;
4984	if (readdir->common.err == nfserr_toosmall &&
4985	    xdr->buf->len == starting_len) {
4986		/* No entries were encoded. Which limit did we hit? */
4987		if (maxcount - XDR_UNIT * 4 < bytes_left)
4988			/* It was the fault of rd_maxcount */
4989			return nfserr_toosmall;
4990		/* We ran out of buffer space */
4991		return nfserr_resource;
4992	}
4993	/* Encode the final entry's cookie value */
4994	nfsd4_encode_entry4_nfs_cookie4(readdir, offset);
4995	/* No entries follow */
4996	if (xdr_stream_encode_item_absent(xdr) != XDR_UNIT)
4997		return nfserr_resource;
4998
4999	/* eof */
5000	return nfsd4_encode_bool(xdr, readdir->common.err == nfserr_eof);
5001}
5002
5003static __be32
5004nfsd4_encode_readdir(struct nfsd4_compoundres *resp, __be32 nfserr,
5005		     union nfsd4_op_u *u)
5006{
5007	struct nfsd4_readdir *readdir = &u->readdir;
5008	struct xdr_stream *xdr = resp->xdr;
5009	int starting_len = xdr->buf->len;
5010
5011	/* cookieverf */
5012	nfserr = nfsd4_encode_verifier4(xdr, &readdir->rd_verf);
5013	if (nfserr != nfs_ok)
5014		return nfserr;
5015
5016	/* reply */
5017	nfserr = nfsd4_encode_dirlist4(xdr, readdir, svc_max_payload(resp->rqstp));
5018	if (nfserr != nfs_ok)
5019		xdr_truncate_encode(xdr, starting_len);
5020	return nfserr;
5021}
5022
5023static __be32
5024nfsd4_encode_remove(struct nfsd4_compoundres *resp, __be32 nfserr,
5025		    union nfsd4_op_u *u)
5026{
5027	struct nfsd4_remove *remove = &u->remove;
5028	struct xdr_stream *xdr = resp->xdr;
5029
5030	return nfsd4_encode_change_info4(xdr, &remove->rm_cinfo);
5031}
5032
5033static __be32
5034nfsd4_encode_rename(struct nfsd4_compoundres *resp, __be32 nfserr,
5035		    union nfsd4_op_u *u)
5036{
5037	struct nfsd4_rename *rename = &u->rename;
5038	struct xdr_stream *xdr = resp->xdr;
5039
5040	nfserr = nfsd4_encode_change_info4(xdr, &rename->rn_sinfo);
5041	if (nfserr)
5042		return nfserr;
5043	return nfsd4_encode_change_info4(xdr, &rename->rn_tinfo);
5044}
5045
5046static __be32
5047nfsd4_encode_rpcsec_gss_info(struct xdr_stream *xdr,
5048			     struct rpcsec_gss_info *info)
5049{
5050	__be32 status;
5051
5052	/* oid */
5053	if (xdr_stream_encode_opaque(xdr, info->oid.data, info->oid.len) < 0)
5054		return nfserr_resource;
5055	/* qop */
5056	status = nfsd4_encode_qop4(xdr, info->qop);
5057	if (status != nfs_ok)
5058		return status;
5059	/* service */
5060	if (xdr_stream_encode_u32(xdr, info->service) != XDR_UNIT)
5061		return nfserr_resource;
5062
5063	return nfs_ok;
5064}
5065
5066static __be32
5067nfsd4_encode_secinfo4(struct xdr_stream *xdr, rpc_authflavor_t pf,
5068		      u32 *supported)
5069{
5070	struct rpcsec_gss_info info;
5071	__be32 status;
5072
5073	if (rpcauth_get_gssinfo(pf, &info) == 0) {
5074		(*supported)++;
5075
5076		/* flavor */
5077		status = nfsd4_encode_uint32_t(xdr, RPC_AUTH_GSS);
5078		if (status != nfs_ok)
5079			return status;
5080		/* flavor_info */
5081		status = nfsd4_encode_rpcsec_gss_info(xdr, &info);
5082		if (status != nfs_ok)
5083			return status;
5084	} else if (pf < RPC_AUTH_MAXFLAVOR) {
5085		(*supported)++;
5086
5087		/* flavor */
5088		status = nfsd4_encode_uint32_t(xdr, pf);
5089		if (status != nfs_ok)
5090			return status;
5091	}
5092	return nfs_ok;
5093}
5094
5095static __be32
5096nfsd4_encode_SECINFO4resok(struct xdr_stream *xdr, struct svc_export *exp)
5097{
5098	u32 i, nflavs, supported;
5099	struct exp_flavor_info *flavs;
5100	struct exp_flavor_info def_flavs[2];
5101	unsigned int count_offset;
5102	__be32 status, wire_count;
5103
5104	if (exp->ex_nflavors) {
5105		flavs = exp->ex_flavors;
5106		nflavs = exp->ex_nflavors;
5107	} else { /* Handling of some defaults in absence of real secinfo: */
5108		flavs = def_flavs;
5109		if (exp->ex_client->flavour->flavour == RPC_AUTH_UNIX) {
5110			nflavs = 2;
5111			flavs[0].pseudoflavor = RPC_AUTH_UNIX;
5112			flavs[1].pseudoflavor = RPC_AUTH_NULL;
5113		} else if (exp->ex_client->flavour->flavour == RPC_AUTH_GSS) {
5114			nflavs = 1;
5115			flavs[0].pseudoflavor
5116					= svcauth_gss_flavor(exp->ex_client);
5117		} else {
5118			nflavs = 1;
5119			flavs[0].pseudoflavor
5120					= exp->ex_client->flavour->flavour;
5121		}
5122	}
5123
5124	count_offset = xdr->buf->len;
5125	if (unlikely(!xdr_reserve_space(xdr, XDR_UNIT)))
5126		return nfserr_resource;
5127
5128	for (i = 0, supported = 0; i < nflavs; i++) {
5129		status = nfsd4_encode_secinfo4(xdr, flavs[i].pseudoflavor,
5130					       &supported);
5131		if (status != nfs_ok)
5132			return status;
5133	}
5134
5135	wire_count = cpu_to_be32(supported);
5136	write_bytes_to_xdr_buf(xdr->buf, count_offset, &wire_count,
5137			       XDR_UNIT);
5138	return 0;
5139}
5140
5141static __be32
5142nfsd4_encode_secinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
5143		     union nfsd4_op_u *u)
5144{
5145	struct nfsd4_secinfo *secinfo = &u->secinfo;
5146	struct xdr_stream *xdr = resp->xdr;
5147
5148	return nfsd4_encode_SECINFO4resok(xdr, secinfo->si_exp);
5149}
5150
5151static __be32
5152nfsd4_encode_secinfo_no_name(struct nfsd4_compoundres *resp, __be32 nfserr,
5153		     union nfsd4_op_u *u)
5154{
5155	struct nfsd4_secinfo_no_name *secinfo = &u->secinfo_no_name;
5156	struct xdr_stream *xdr = resp->xdr;
5157
5158	return nfsd4_encode_SECINFO4resok(xdr, secinfo->sin_exp);
5159}
5160
5161static __be32
5162nfsd4_encode_setattr(struct nfsd4_compoundres *resp, __be32 nfserr,
5163		     union nfsd4_op_u *u)
5164{
5165	struct nfsd4_setattr *setattr = &u->setattr;
5166	__be32 status;
5167
5168	switch (nfserr) {
5169	case nfs_ok:
5170		/* attrsset */
5171		status = nfsd4_encode_bitmap4(resp->xdr, setattr->sa_bmval[0],
5172					      setattr->sa_bmval[1],
5173					      setattr->sa_bmval[2]);
5174		break;
5175	default:
5176		/* attrsset */
5177		status = nfsd4_encode_bitmap4(resp->xdr, 0, 0, 0);
5178	}
5179	return status != nfs_ok ? status : nfserr;
5180}
5181
5182static __be32
5183nfsd4_encode_setclientid(struct nfsd4_compoundres *resp, __be32 nfserr,
5184			 union nfsd4_op_u *u)
5185{
5186	struct nfsd4_setclientid *scd = &u->setclientid;
5187	struct xdr_stream *xdr = resp->xdr;
5188
5189	if (!nfserr) {
5190		nfserr = nfsd4_encode_clientid4(xdr, &scd->se_clientid);
5191		if (nfserr != nfs_ok)
5192			goto out;
5193		nfserr = nfsd4_encode_verifier4(xdr, &scd->se_confirm);
5194	} else if (nfserr == nfserr_clid_inuse) {
5195		/* empty network id */
5196		if (xdr_stream_encode_u32(xdr, 0) < 0) {
5197			nfserr = nfserr_resource;
5198			goto out;
5199		}
5200		/* empty universal address */
5201		if (xdr_stream_encode_u32(xdr, 0) < 0) {
5202			nfserr = nfserr_resource;
5203			goto out;
5204		}
5205	}
5206out:
5207	return nfserr;
5208}
5209
5210static __be32
5211nfsd4_encode_write(struct nfsd4_compoundres *resp, __be32 nfserr,
5212		   union nfsd4_op_u *u)
5213{
5214	struct nfsd4_write *write = &u->write;
5215	struct xdr_stream *xdr = resp->xdr;
5216
5217	/* count */
5218	nfserr = nfsd4_encode_count4(xdr, write->wr_bytes_written);
5219	if (nfserr)
5220		return nfserr;
5221	/* committed */
5222	if (xdr_stream_encode_u32(xdr, write->wr_how_written) != XDR_UNIT)
5223		return nfserr_resource;
5224	/* writeverf */
5225	return nfsd4_encode_verifier4(xdr, &write->wr_verifier);
5226}
5227
5228static __be32
5229nfsd4_encode_state_protect_ops4(struct xdr_stream *xdr,
5230				struct nfsd4_exchange_id *exid)
5231{
5232	__be32 status;
5233
5234	/* spo_must_enforce */
5235	status = nfsd4_encode_bitmap4(xdr, exid->spo_must_enforce[0],
5236				      exid->spo_must_enforce[1],
5237				      exid->spo_must_enforce[2]);
5238	if (status != nfs_ok)
5239		return status;
5240	/* spo_must_allow */
5241	return nfsd4_encode_bitmap4(xdr, exid->spo_must_allow[0],
5242				    exid->spo_must_allow[1],
5243				    exid->spo_must_allow[2]);
5244}
5245
5246static __be32
5247nfsd4_encode_state_protect4_r(struct xdr_stream *xdr, struct nfsd4_exchange_id *exid)
5248{
5249	__be32 status;
5250
5251	if (xdr_stream_encode_u32(xdr, exid->spa_how) != XDR_UNIT)
5252		return nfserr_resource;
5253	switch (exid->spa_how) {
5254	case SP4_NONE:
5255		status = nfs_ok;
5256		break;
5257	case SP4_MACH_CRED:
5258		/* spr_mach_ops */
5259		status = nfsd4_encode_state_protect_ops4(xdr, exid);
5260		break;
5261	default:
5262		status = nfserr_serverfault;
5263	}
5264	return status;
5265}
5266
5267static __be32
5268nfsd4_encode_server_owner4(struct xdr_stream *xdr, struct svc_rqst *rqstp)
5269{
5270	struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
5271	__be32 status;
5272
5273	/* so_minor_id */
5274	status = nfsd4_encode_uint64_t(xdr, 0);
5275	if (status != nfs_ok)
5276		return status;
5277	/* so_major_id */
5278	return nfsd4_encode_opaque(xdr, nn->nfsd_name, strlen(nn->nfsd_name));
5279}
5280
5281static __be32
5282nfsd4_encode_nfs_impl_id4(struct xdr_stream *xdr, struct nfsd4_exchange_id *exid)
5283{
5284	__be32 status;
5285
5286	/* nii_domain */
5287	status = nfsd4_encode_opaque(xdr, exid->nii_domain.data,
5288				     exid->nii_domain.len);
5289	if (status != nfs_ok)
5290		return status;
5291	/* nii_name */
5292	status = nfsd4_encode_opaque(xdr, exid->nii_name.data,
5293				     exid->nii_name.len);
5294	if (status != nfs_ok)
5295		return status;
5296	/* nii_time */
5297	return nfsd4_encode_nfstime4(xdr, &exid->nii_time);
5298}
5299
5300static __be32
5301nfsd4_encode_exchange_id(struct nfsd4_compoundres *resp, __be32 nfserr,
5302			 union nfsd4_op_u *u)
5303{
5304	struct nfsd_net *nn = net_generic(SVC_NET(resp->rqstp), nfsd_net_id);
5305	struct nfsd4_exchange_id *exid = &u->exchange_id;
5306	struct xdr_stream *xdr = resp->xdr;
5307
5308	/* eir_clientid */
5309	nfserr = nfsd4_encode_clientid4(xdr, &exid->clientid);
5310	if (nfserr != nfs_ok)
5311		return nfserr;
5312	/* eir_sequenceid */
5313	nfserr = nfsd4_encode_sequenceid4(xdr, exid->seqid);
5314	if (nfserr != nfs_ok)
5315		return nfserr;
5316	/* eir_flags */
5317	nfserr = nfsd4_encode_uint32_t(xdr, exid->flags);
5318	if (nfserr != nfs_ok)
5319		return nfserr;
5320	/* eir_state_protect */
5321	nfserr = nfsd4_encode_state_protect4_r(xdr, exid);
5322	if (nfserr != nfs_ok)
5323		return nfserr;
5324	/* eir_server_owner */
5325	nfserr = nfsd4_encode_server_owner4(xdr, resp->rqstp);
5326	if (nfserr != nfs_ok)
5327		return nfserr;
5328	/* eir_server_scope */
5329	nfserr = nfsd4_encode_opaque(xdr, nn->nfsd_name,
5330				     strlen(nn->nfsd_name));
5331	if (nfserr != nfs_ok)
5332		return nfserr;
5333	/* eir_server_impl_id<1> */
5334	if (xdr_stream_encode_u32(xdr, 1) != XDR_UNIT)
5335		return nfserr_resource;
5336	nfserr = nfsd4_encode_nfs_impl_id4(xdr, exid);
5337	if (nfserr != nfs_ok)
5338		return nfserr;
5339
5340	return nfs_ok;
5341}
5342
5343static __be32
5344nfsd4_encode_channel_attrs4(struct xdr_stream *xdr,
5345			    const struct nfsd4_channel_attrs *attrs)
5346{
5347	__be32 status;
5348
5349	/* ca_headerpadsize */
5350	status = nfsd4_encode_count4(xdr, 0);
5351	if (status != nfs_ok)
5352		return status;
5353	/* ca_maxrequestsize */
5354	status = nfsd4_encode_count4(xdr, attrs->maxreq_sz);
5355	if (status != nfs_ok)
5356		return status;
5357	/* ca_maxresponsesize */
5358	status = nfsd4_encode_count4(xdr, attrs->maxresp_sz);
5359	if (status != nfs_ok)
5360		return status;
5361	/* ca_maxresponsesize_cached */
5362	status = nfsd4_encode_count4(xdr, attrs->maxresp_cached);
5363	if (status != nfs_ok)
5364		return status;
5365	/* ca_maxoperations */
5366	status = nfsd4_encode_count4(xdr, attrs->maxops);
5367	if (status != nfs_ok)
5368		return status;
5369	/* ca_maxrequests */
5370	status = nfsd4_encode_count4(xdr, attrs->maxreqs);
5371	if (status != nfs_ok)
5372		return status;
5373	/* ca_rdma_ird<1> */
5374	if (xdr_stream_encode_u32(xdr, attrs->nr_rdma_attrs) != XDR_UNIT)
5375		return nfserr_resource;
5376	if (attrs->nr_rdma_attrs)
5377		return nfsd4_encode_uint32_t(xdr, attrs->rdma_attrs);
5378	return nfs_ok;
5379}
5380
5381static __be32
5382nfsd4_encode_create_session(struct nfsd4_compoundres *resp, __be32 nfserr,
5383			    union nfsd4_op_u *u)
5384{
5385	struct nfsd4_create_session *sess = &u->create_session;
5386	struct xdr_stream *xdr = resp->xdr;
5387
5388	/* csr_sessionid */
5389	nfserr = nfsd4_encode_sessionid4(xdr, &sess->sessionid);
5390	if (nfserr != nfs_ok)
5391		return nfserr;
5392	/* csr_sequence */
5393	nfserr = nfsd4_encode_sequenceid4(xdr, sess->seqid);
5394	if (nfserr != nfs_ok)
5395		return nfserr;
5396	/* csr_flags */
5397	nfserr = nfsd4_encode_uint32_t(xdr, sess->flags);
5398	if (nfserr != nfs_ok)
5399		return nfserr;
5400	/* csr_fore_chan_attrs */
5401	nfserr = nfsd4_encode_channel_attrs4(xdr, &sess->fore_channel);
5402	if (nfserr != nfs_ok)
5403		return nfserr;
5404	/* csr_back_chan_attrs */
5405	return nfsd4_encode_channel_attrs4(xdr, &sess->back_channel);
5406}
5407
5408static __be32
5409nfsd4_encode_sequence(struct nfsd4_compoundres *resp, __be32 nfserr,
5410		      union nfsd4_op_u *u)
5411{
5412	struct nfsd4_sequence *seq = &u->sequence;
5413	struct xdr_stream *xdr = resp->xdr;
5414
5415	/* sr_sessionid */
5416	nfserr = nfsd4_encode_sessionid4(xdr, &seq->sessionid);
5417	if (nfserr != nfs_ok)
5418		return nfserr;
5419	/* sr_sequenceid */
5420	nfserr = nfsd4_encode_sequenceid4(xdr, seq->seqid);
5421	if (nfserr != nfs_ok)
5422		return nfserr;
5423	/* sr_slotid */
5424	nfserr = nfsd4_encode_slotid4(xdr, seq->slotid);
5425	if (nfserr != nfs_ok)
5426		return nfserr;
5427	/* Note slotid's are numbered from zero: */
5428	/* sr_highest_slotid */
5429	nfserr = nfsd4_encode_slotid4(xdr, seq->maxslots_response - 1);
5430	if (nfserr != nfs_ok)
5431		return nfserr;
5432	/* sr_target_highest_slotid */
5433	nfserr = nfsd4_encode_slotid4(xdr, seq->target_maxslots - 1);
5434	if (nfserr != nfs_ok)
5435		return nfserr;
5436	/* sr_status_flags */
5437	nfserr = nfsd4_encode_uint32_t(xdr, seq->status_flags);
5438	if (nfserr != nfs_ok)
5439		return nfserr;
5440
5441	resp->cstate.data_offset = xdr->buf->len; /* DRC cache data pointer */
5442	return nfs_ok;
5443}
5444
5445static __be32
5446nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, __be32 nfserr,
5447			  union nfsd4_op_u *u)
5448{
5449	struct nfsd4_test_stateid *test_stateid = &u->test_stateid;
5450	struct nfsd4_test_stateid_id *stateid, *next;
5451	struct xdr_stream *xdr = resp->xdr;
5452
5453	/* tsr_status_codes<> */
5454	if (xdr_stream_encode_u32(xdr, test_stateid->ts_num_ids) != XDR_UNIT)
5455		return nfserr_resource;
5456	list_for_each_entry_safe(stateid, next,
5457				 &test_stateid->ts_stateid_list, ts_id_list) {
5458		if (xdr_stream_encode_be32(xdr, stateid->ts_id_status) != XDR_UNIT)
5459			return nfserr_resource;
5460	}
5461	return nfs_ok;
5462}
5463
5464static __be32
5465nfsd4_encode_get_dir_delegation(struct nfsd4_compoundres *resp, __be32 nfserr,
5466				union nfsd4_op_u *u)
5467{
5468	struct nfsd4_get_dir_delegation *gdd = &u->get_dir_delegation;
5469	struct xdr_stream *xdr = resp->xdr;
5470	__be32 status = nfserr_resource;
5471
5472	switch(gdd->gddrnf_status) {
5473	case GDD4_OK:
5474		if (xdr_stream_encode_u32(xdr, GDD4_OK) != XDR_UNIT)
5475			break;
5476		status = nfsd4_encode_verifier4(xdr, &gdd->gddr_cookieverf);
5477		if (status)
5478			break;
5479		status = nfsd4_encode_stateid4(xdr, &gdd->gddr_stateid);
5480		if (status)
5481			break;
5482		status = nfsd4_encode_bitmap4(xdr, gdd->gddr_notification[0], 0, 0);
5483		if (status)
5484			break;
5485		status = nfsd4_encode_bitmap4(xdr, gdd->gddr_child_attributes[0],
5486						   gdd->gddr_child_attributes[1],
5487						   gdd->gddr_child_attributes[2]);
5488		if (status)
5489			break;
5490		status = nfsd4_encode_bitmap4(xdr, gdd->gddr_dir_attributes[0],
5491						   gdd->gddr_dir_attributes[1],
5492						   gdd->gddr_dir_attributes[2]);
5493		break;
5494	default:
5495		pr_warn("nfsd: bad gddrnf_status (%u)\n", gdd->gddrnf_status);
5496		gdd->gddrnf_will_signal_deleg_avail = 0;
5497		fallthrough;
5498	case GDD4_UNAVAIL:
5499		if (xdr_stream_encode_u32(xdr, GDD4_UNAVAIL) != XDR_UNIT)
5500			break;
5501		status = nfsd4_encode_bool(xdr, gdd->gddrnf_will_signal_deleg_avail);
5502		break;
5503	}
5504	return status;
5505}
5506
5507#ifdef CONFIG_NFSD_PNFS
5508static __be32
5509nfsd4_encode_device_addr4(struct xdr_stream *xdr,
5510			  const struct nfsd4_getdeviceinfo *gdev)
5511{
5512	u32 needed_len, starting_len = xdr->buf->len;
5513	const struct nfsd4_layout_ops *ops;
5514	__be32 status;
5515
5516	/* da_layout_type */
5517	if (xdr_stream_encode_u32(xdr, gdev->gd_layout_type) != XDR_UNIT)
5518		return nfserr_resource;
5519	/* da_addr_body */
5520	ops = nfsd4_layout_ops[gdev->gd_layout_type];
5521	status = ops->encode_getdeviceinfo(xdr, gdev);
5522	if (status != nfs_ok) {
5523		/*
5524		 * Don't burden the layout drivers with enforcing
5525		 * gd_maxcount. Just tell the client to come back
5526		 * with a bigger buffer if it's not enough.
5527		 */
5528		if (xdr->buf->len + XDR_UNIT > gdev->gd_maxcount)
5529			goto toosmall;
5530		return status;
5531	}
5532
5533	return nfs_ok;
5534
5535toosmall:
5536	needed_len = xdr->buf->len + XDR_UNIT;	/* notifications */
5537	xdr_truncate_encode(xdr, starting_len);
5538
5539	status = nfsd4_encode_count4(xdr, needed_len);
5540	if (status != nfs_ok)
5541		return status;
5542	return nfserr_toosmall;
5543}
5544
5545static __be32
5546nfsd4_encode_getdeviceinfo(struct nfsd4_compoundres *resp, __be32 nfserr,
5547		union nfsd4_op_u *u)
5548{
5549	struct nfsd4_getdeviceinfo *gdev = &u->getdeviceinfo;
5550	struct xdr_stream *xdr = resp->xdr;
5551
5552	/* gdir_device_addr */
5553	nfserr = nfsd4_encode_device_addr4(xdr, gdev);
5554	if (nfserr)
5555		return nfserr;
5556	/* gdir_notification */
5557	return nfsd4_encode_bitmap4(xdr, gdev->gd_notify_types, 0, 0);
5558}
5559
5560static __be32
5561nfsd4_encode_layout4(struct xdr_stream *xdr, const struct nfsd4_layoutget *lgp)
5562{
5563	const struct nfsd4_layout_ops *ops = nfsd4_layout_ops[lgp->lg_layout_type];
5564	__be32 status;
5565
5566	/* lo_offset */
5567	status = nfsd4_encode_offset4(xdr, lgp->lg_seg.offset);
5568	if (status != nfs_ok)
5569		return status;
5570	/* lo_length */
5571	status = nfsd4_encode_length4(xdr, lgp->lg_seg.length);
5572	if (status != nfs_ok)
5573		return status;
5574	/* lo_iomode */
5575	if (xdr_stream_encode_u32(xdr, lgp->lg_seg.iomode) != XDR_UNIT)
5576		return nfserr_resource;
5577	/* lo_content */
5578	if (xdr_stream_encode_u32(xdr, lgp->lg_layout_type) != XDR_UNIT)
5579		return nfserr_resource;
5580	return ops->encode_layoutget(xdr, lgp);
5581}
5582
5583static __be32
5584nfsd4_encode_layoutget(struct nfsd4_compoundres *resp, __be32 nfserr,
5585		union nfsd4_op_u *u)
5586{
5587	struct nfsd4_layoutget *lgp = &u->layoutget;
5588	struct xdr_stream *xdr = resp->xdr;
5589
5590	/* logr_return_on_close */
5591	nfserr = nfsd4_encode_bool(xdr, true);
5592	if (nfserr != nfs_ok)
5593		return nfserr;
5594	/* logr_stateid */
5595	nfserr = nfsd4_encode_stateid4(xdr, &lgp->lg_sid);
5596	if (nfserr != nfs_ok)
5597		return nfserr;
5598	/* logr_layout<> */
5599	if (xdr_stream_encode_u32(xdr, 1) != XDR_UNIT)
5600		return nfserr_resource;
5601	return nfsd4_encode_layout4(xdr, lgp);
5602}
5603
5604static __be32
5605nfsd4_encode_layoutcommit(struct nfsd4_compoundres *resp, __be32 nfserr,
5606			  union nfsd4_op_u *u)
5607{
5608	struct nfsd4_layoutcommit *lcp = &u->layoutcommit;
5609	struct xdr_stream *xdr = resp->xdr;
5610
5611	/* ns_sizechanged */
5612	nfserr = nfsd4_encode_bool(xdr, lcp->lc_size_chg);
5613	if (nfserr != nfs_ok)
5614		return nfserr;
5615	if (lcp->lc_size_chg)
5616		/* ns_size */
5617		return nfsd4_encode_length4(xdr, lcp->lc_newsize);
5618	return nfs_ok;
5619}
5620
5621static __be32
5622nfsd4_encode_layoutreturn(struct nfsd4_compoundres *resp, __be32 nfserr,
5623		union nfsd4_op_u *u)
5624{
5625	struct nfsd4_layoutreturn *lrp = &u->layoutreturn;
5626	struct xdr_stream *xdr = resp->xdr;
5627
5628	/* lrs_present */
5629	nfserr = nfsd4_encode_bool(xdr, lrp->lrs_present);
5630	if (nfserr != nfs_ok)
5631		return nfserr;
5632	if (lrp->lrs_present)
5633		/* lrs_stateid */
5634		return nfsd4_encode_stateid4(xdr, &lrp->lr_sid);
5635	return nfs_ok;
5636}
5637#endif /* CONFIG_NFSD_PNFS */
5638
5639static __be32
5640nfsd4_encode_write_response4(struct xdr_stream *xdr,
5641			     const struct nfsd4_copy *copy)
5642{
5643	const struct nfsd42_write_res *write = &copy->cp_res;
5644	u32 count = nfsd4_copy_is_sync(copy) ? 0 : 1;
5645	__be32 status;
5646
5647	/* wr_callback_id<1> */
5648	if (xdr_stream_encode_u32(xdr, count) != XDR_UNIT)
5649		return nfserr_resource;
5650	if (count) {
5651		status = nfsd4_encode_stateid4(xdr, &write->cb_stateid);
5652		if (status != nfs_ok)
5653			return status;
5654	}
5655
5656	/* wr_count */
5657	status = nfsd4_encode_length4(xdr, write->wr_bytes_written);
5658	if (status != nfs_ok)
5659		return status;
5660	/* wr_committed */
5661	if (xdr_stream_encode_u32(xdr, write->wr_stable_how) != XDR_UNIT)
5662		return nfserr_resource;
5663	/* wr_writeverf */
5664	return nfsd4_encode_verifier4(xdr, &write->wr_verifier);
5665}
5666
5667static __be32 nfsd4_encode_copy_requirements4(struct xdr_stream *xdr,
5668					      const struct nfsd4_copy *copy)
5669{
5670	__be32 status;
5671
5672	/* cr_consecutive */
5673	status = nfsd4_encode_bool(xdr, true);
5674	if (status != nfs_ok)
5675		return status;
5676	/* cr_synchronous */
5677	return nfsd4_encode_bool(xdr, nfsd4_copy_is_sync(copy));
5678}
5679
5680static __be32
5681nfsd4_encode_copy(struct nfsd4_compoundres *resp, __be32 nfserr,
5682		  union nfsd4_op_u *u)
5683{
5684	struct nfsd4_copy *copy = &u->copy;
5685
5686	nfserr = nfsd4_encode_write_response4(resp->xdr, copy);
5687	if (nfserr != nfs_ok)
5688		return nfserr;
5689	return nfsd4_encode_copy_requirements4(resp->xdr, copy);
5690}
5691
5692static __be32
5693nfsd4_encode_netloc4(struct xdr_stream *xdr, const struct nl4_server *ns)
5694{
5695	__be32 status;
5696
5697	if (xdr_stream_encode_u32(xdr, ns->nl4_type) != XDR_UNIT)
5698		return nfserr_resource;
5699	switch (ns->nl4_type) {
5700	case NL4_NETADDR:
5701		/* nl_addr */
5702		status = nfsd4_encode_netaddr4(xdr, &ns->u.nl4_addr);
5703		break;
5704	default:
5705		status = nfserr_serverfault;
5706	}
5707	return status;
5708}
5709
5710static __be32
5711nfsd4_encode_copy_notify(struct nfsd4_compoundres *resp, __be32 nfserr,
5712			 union nfsd4_op_u *u)
5713{
5714	struct nfsd4_copy_notify *cn = &u->copy_notify;
5715	struct xdr_stream *xdr = resp->xdr;
5716
5717	/* cnr_lease_time */
5718	nfserr = nfsd4_encode_nfstime4(xdr, &cn->cpn_lease_time);
5719	if (nfserr)
5720		return nfserr;
5721	/* cnr_stateid */
5722	nfserr = nfsd4_encode_stateid4(xdr, &cn->cpn_cnr_stateid);
5723	if (nfserr)
5724		return nfserr;
5725	/* cnr_source_server<> */
5726	if (xdr_stream_encode_u32(xdr, 1) != XDR_UNIT)
5727		return nfserr_resource;
5728	return nfsd4_encode_netloc4(xdr, cn->cpn_src);
5729}
5730
5731static __be32
5732nfsd4_encode_offload_status(struct nfsd4_compoundres *resp, __be32 nfserr,
5733			    union nfsd4_op_u *u)
5734{
5735	struct nfsd4_offload_status *os = &u->offload_status;
5736	struct xdr_stream *xdr = resp->xdr;
5737
5738	/* osr_count */
5739	nfserr = nfsd4_encode_length4(xdr, os->count);
5740	if (nfserr != nfs_ok)
5741		return nfserr;
5742	/* osr_complete<1> */
5743	if (os->completed) {
5744		if (xdr_stream_encode_u32(xdr, 1) != XDR_UNIT)
5745			return nfserr_resource;
5746		if (xdr_stream_encode_be32(xdr, os->status) != XDR_UNIT)
5747			return nfserr_resource;
5748	} else if (xdr_stream_encode_u32(xdr, 0) != XDR_UNIT)
5749		return nfserr_resource;
5750	return nfs_ok;
5751}
5752
5753static __be32
5754nfsd4_encode_read_plus_data(struct nfsd4_compoundres *resp,
5755			    struct nfsd4_read *read)
5756{
5757	struct nfsd4_compoundargs *argp = resp->rqstp->rq_argp;
5758	struct file *file = read->rd_nf->nf_file;
5759	struct xdr_stream *xdr = resp->xdr;
5760	bool splice_ok = argp->splice_ok;
5761	unsigned int offset_offset;
5762	__be32 nfserr, wire_count;
5763	unsigned long maxcount;
5764	__be64 wire_offset;
5765
5766	if (xdr_stream_encode_u32(xdr, NFS4_CONTENT_DATA) != XDR_UNIT)
5767		return nfserr_io;
5768
5769	offset_offset = xdr->buf->len;
5770
5771	/* Reserve space for the byte offset and count */
5772	if (unlikely(!xdr_reserve_space(xdr, XDR_UNIT * 3)))
5773		return nfserr_io;
5774	xdr_commit_encode(xdr);
5775
5776	maxcount = min_t(unsigned long, read->rd_length,
5777			 (xdr->buf->buflen - xdr->buf->len));
5778
5779	if (file->f_op->splice_read && splice_ok)
5780		nfserr = nfsd4_encode_splice_read(resp, read, file, maxcount);
5781	else
5782		nfserr = nfsd4_encode_readv(resp, read, maxcount);
5783	if (nfserr)
5784		return nfserr;
5785
5786	wire_offset = cpu_to_be64(read->rd_offset);
5787	write_bytes_to_xdr_buf(xdr->buf, offset_offset, &wire_offset,
5788			       XDR_UNIT * 2);
5789	wire_count = cpu_to_be32(read->rd_length);
5790	write_bytes_to_xdr_buf(xdr->buf, offset_offset + XDR_UNIT * 2,
5791			       &wire_count, XDR_UNIT);
5792	return nfs_ok;
5793}
5794
5795static __be32
5796nfsd4_encode_read_plus(struct nfsd4_compoundres *resp, __be32 nfserr,
5797		       union nfsd4_op_u *u)
5798{
5799	struct nfsd4_read *read = &u->read;
5800	struct file *file = read->rd_nf->nf_file;
5801	struct xdr_stream *xdr = resp->xdr;
5802	unsigned int eof_offset;
5803	__be32 wire_data[2];
5804	u32 segments = 0;
5805
5806	if (nfserr)
5807		return nfserr;
5808
5809	eof_offset = xdr->buf->len;
5810
5811	/* Reserve space for the eof flag and segment count */
5812	if (unlikely(!xdr_reserve_space(xdr, XDR_UNIT * 2)))
5813		return nfserr_io;
5814	xdr_commit_encode(xdr);
5815
5816	read->rd_eof = read->rd_offset >= i_size_read(file_inode(file));
5817	if (read->rd_eof)
5818		goto out;
5819
5820	nfserr = nfsd4_encode_read_plus_data(resp, read);
5821	if (nfserr) {
5822		xdr_truncate_encode(xdr, eof_offset);
5823		return nfserr;
5824	}
5825
5826	segments++;
5827
5828out:
5829	wire_data[0] = read->rd_eof ? xdr_one : xdr_zero;
5830	wire_data[1] = cpu_to_be32(segments);
5831	write_bytes_to_xdr_buf(xdr->buf, eof_offset, &wire_data, XDR_UNIT * 2);
5832	return nfserr;
5833}
5834
5835static __be32
5836nfsd4_encode_seek(struct nfsd4_compoundres *resp, __be32 nfserr,
5837		  union nfsd4_op_u *u)
5838{
5839	struct nfsd4_seek *seek = &u->seek;
5840	struct xdr_stream *xdr = resp->xdr;
5841
5842	/* sr_eof */
5843	nfserr = nfsd4_encode_bool(xdr, seek->seek_eof);
5844	if (nfserr != nfs_ok)
5845		return nfserr;
5846	/* sr_offset */
5847	return nfsd4_encode_offset4(xdr, seek->seek_pos);
5848}
5849
5850static __be32
5851nfsd4_encode_noop(struct nfsd4_compoundres *resp, __be32 nfserr,
5852		  union nfsd4_op_u *p)
5853{
5854	return nfserr;
5855}
5856
5857/*
5858 * Encode kmalloc-ed buffer in to XDR stream.
5859 */
5860static __be32
5861nfsd4_vbuf_to_stream(struct xdr_stream *xdr, char *buf, u32 buflen)
5862{
5863	u32 cplen;
5864	__be32 *p;
5865
5866	cplen = min_t(unsigned long, buflen,
5867		      ((void *)xdr->end - (void *)xdr->p));
5868	p = xdr_reserve_space(xdr, cplen);
5869	if (!p)
5870		return nfserr_resource;
5871
5872	memcpy(p, buf, cplen);
5873	buf += cplen;
5874	buflen -= cplen;
5875
5876	while (buflen) {
5877		cplen = min_t(u32, buflen, PAGE_SIZE);
5878		p = xdr_reserve_space(xdr, cplen);
5879		if (!p)
5880			return nfserr_resource;
5881
5882		memcpy(p, buf, cplen);
5883
5884		if (cplen < PAGE_SIZE) {
5885			/*
5886			 * We're done, with a length that wasn't page
5887			 * aligned, so possibly not word aligned. Pad
5888			 * any trailing bytes with 0.
5889			 */
5890			xdr_encode_opaque_fixed(p, NULL, cplen);
5891			break;
5892		}
5893
5894		buflen -= PAGE_SIZE;
5895		buf += PAGE_SIZE;
5896	}
5897
5898	return 0;
5899}
5900
5901static __be32
5902nfsd4_encode_getxattr(struct nfsd4_compoundres *resp, __be32 nfserr,
5903		      union nfsd4_op_u *u)
5904{
5905	struct nfsd4_getxattr *getxattr = &u->getxattr;
5906	struct xdr_stream *xdr = resp->xdr;
5907	__be32 *p, err;
5908
5909	p = xdr_reserve_space(xdr, 4);
5910	if (!p)
5911		return nfserr_resource;
5912
5913	*p = cpu_to_be32(getxattr->getxa_len);
5914
5915	if (getxattr->getxa_len == 0)
5916		return 0;
5917
5918	err = nfsd4_vbuf_to_stream(xdr, getxattr->getxa_buf,
5919				    getxattr->getxa_len);
5920
5921	kvfree(getxattr->getxa_buf);
5922
5923	return err;
5924}
5925
5926static __be32
5927nfsd4_encode_setxattr(struct nfsd4_compoundres *resp, __be32 nfserr,
5928		      union nfsd4_op_u *u)
5929{
5930	struct nfsd4_setxattr *setxattr = &u->setxattr;
5931	struct xdr_stream *xdr = resp->xdr;
5932
5933	return nfsd4_encode_change_info4(xdr, &setxattr->setxa_cinfo);
5934}
5935
5936/*
5937 * See if there are cookie values that can be rejected outright.
5938 */
5939static __be32
5940nfsd4_listxattr_validate_cookie(struct nfsd4_listxattrs *listxattrs,
5941				u32 *offsetp)
5942{
5943	u64 cookie = listxattrs->lsxa_cookie;
5944
5945	/*
5946	 * If the cookie is larger than the maximum number we can fit
5947	 * in the buffer we just got back from vfs_listxattr, it's invalid.
5948	 */
5949	if (cookie > (listxattrs->lsxa_len) / (XATTR_USER_PREFIX_LEN + 2))
5950		return nfserr_badcookie;
5951
5952	*offsetp = (u32)cookie;
5953	return 0;
5954}
5955
5956static __be32
5957nfsd4_encode_listxattrs(struct nfsd4_compoundres *resp, __be32 nfserr,
5958			union nfsd4_op_u *u)
5959{
5960	struct nfsd4_listxattrs *listxattrs = &u->listxattrs;
5961	struct xdr_stream *xdr = resp->xdr;
5962	u32 cookie_offset, count_offset, eof;
5963	u32 left, xdrleft, slen, count;
5964	u32 xdrlen, offset;
5965	u64 cookie;
5966	char *sp;
5967	__be32 status, tmp;
5968	__be64 wire_cookie;
5969	__be32 *p;
5970	u32 nuser;
5971
5972	eof = 1;
5973
5974	status = nfsd4_listxattr_validate_cookie(listxattrs, &offset);
5975	if (status)
5976		goto out;
5977
5978	/*
5979	 * Reserve space for the cookie and the name array count. Record
5980	 * the offsets to save them later.
5981	 */
5982	cookie_offset = xdr->buf->len;
5983	count_offset = cookie_offset + 8;
5984	p = xdr_reserve_space(xdr, XDR_UNIT * 3);
5985	if (!p) {
5986		status = nfserr_resource;
5987		goto out;
5988	}
5989
5990	count = 0;
5991	left = listxattrs->lsxa_len;
5992	sp = listxattrs->lsxa_buf;
5993	nuser = 0;
5994
5995	/* Bytes left is maxcount - 8 (cookie) - 4 (array count) */
5996	xdrleft = listxattrs->lsxa_maxcount - XDR_UNIT * 3;
5997
5998	while (left > 0 && xdrleft > 0) {
5999		slen = strlen(sp);
6000
6001		/*
6002		 * Check if this is a "user." attribute, skip it if not.
6003		 */
6004		if (strncmp(sp, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
6005			goto contloop;
6006
6007		slen -= XATTR_USER_PREFIX_LEN;
6008		xdrlen = 4 + ((slen + 3) & ~3);
6009		/* Check if both entry and eof can fit in the XDR buffer */
6010		if (xdrlen + XDR_UNIT > xdrleft) {
6011			if (count == 0) {
6012				/*
6013				 * Can't even fit the first attribute name.
6014				 */
6015				status = nfserr_toosmall;
6016				goto out;
6017			}
6018			eof = 0;
6019			goto wreof;
6020		}
6021
6022		left -= XATTR_USER_PREFIX_LEN;
6023		sp += XATTR_USER_PREFIX_LEN;
6024		if (nuser++ < offset)
6025			goto contloop;
6026
6027
6028		p = xdr_reserve_space(xdr, xdrlen);
6029		if (!p) {
6030			status = nfserr_resource;
6031			goto out;
6032		}
6033
6034		xdr_encode_opaque(p, sp, slen);
6035
6036		xdrleft -= xdrlen;
6037		count++;
6038contloop:
6039		sp += slen + 1;
6040		left -= slen + 1;
6041	}
6042
6043	/*
6044	 * If there were user attributes to copy, but we didn't copy
6045	 * any, the offset was too large (e.g. the cookie was invalid).
6046	 */
6047	if (nuser > 0 && count == 0) {
6048		status = nfserr_badcookie;
6049		goto out;
6050	}
6051
6052wreof:
6053	p = xdr_reserve_space(xdr, 4);
6054	if (!p) {
6055		status = nfserr_resource;
6056		goto out;
6057	}
6058	*p = cpu_to_be32(eof);
6059
6060	cookie = offset + count;
6061
6062	wire_cookie = cpu_to_be64(cookie);
6063	write_bytes_to_xdr_buf(xdr->buf, cookie_offset, &wire_cookie, 8);
6064	tmp = cpu_to_be32(count);
6065	write_bytes_to_xdr_buf(xdr->buf, count_offset, &tmp, 4);
6066out:
6067	if (listxattrs->lsxa_len)
6068		kvfree(listxattrs->lsxa_buf);
6069	return status;
6070}
6071
6072static __be32
6073nfsd4_encode_removexattr(struct nfsd4_compoundres *resp, __be32 nfserr,
6074			 union nfsd4_op_u *u)
6075{
6076	struct nfsd4_removexattr *removexattr = &u->removexattr;
6077	struct xdr_stream *xdr = resp->xdr;
6078
6079	return nfsd4_encode_change_info4(xdr, &removexattr->rmxa_cinfo);
6080}
6081
6082typedef __be32(*nfsd4_enc)(struct nfsd4_compoundres *, __be32, union nfsd4_op_u *u);
6083
6084/*
6085 * Note: nfsd4_enc_ops vector is shared for v4.0 and v4.1
6086 * since we don't need to filter out obsolete ops as this is
6087 * done in the decoding phase.
6088 */
6089static const nfsd4_enc nfsd4_enc_ops[] = {
6090	[OP_ACCESS]		= nfsd4_encode_access,
6091	[OP_CLOSE]		= nfsd4_encode_close,
6092	[OP_COMMIT]		= nfsd4_encode_commit,
6093	[OP_CREATE]		= nfsd4_encode_create,
6094	[OP_DELEGPURGE]		= nfsd4_encode_noop,
6095	[OP_DELEGRETURN]	= nfsd4_encode_noop,
6096	[OP_GETATTR]		= nfsd4_encode_getattr,
6097	[OP_GETFH]		= nfsd4_encode_getfh,
6098	[OP_LINK]		= nfsd4_encode_link,
6099	[OP_LOCK]		= nfsd4_encode_lock,
6100	[OP_LOCKT]		= nfsd4_encode_lockt,
6101	[OP_LOCKU]		= nfsd4_encode_locku,
6102	[OP_LOOKUP]		= nfsd4_encode_noop,
6103	[OP_LOOKUPP]		= nfsd4_encode_noop,
6104	[OP_NVERIFY]		= nfsd4_encode_noop,
6105	[OP_OPEN]		= nfsd4_encode_open,
6106	[OP_OPENATTR]		= nfsd4_encode_noop,
6107	[OP_OPEN_CONFIRM]	= nfsd4_encode_open_confirm,
6108	[OP_OPEN_DOWNGRADE]	= nfsd4_encode_open_downgrade,
6109	[OP_PUTFH]		= nfsd4_encode_noop,
6110	[OP_PUTPUBFH]		= nfsd4_encode_noop,
6111	[OP_PUTROOTFH]		= nfsd4_encode_noop,
6112	[OP_READ]		= nfsd4_encode_read,
6113	[OP_READDIR]		= nfsd4_encode_readdir,
6114	[OP_READLINK]		= nfsd4_encode_readlink,
6115	[OP_REMOVE]		= nfsd4_encode_remove,
6116	[OP_RENAME]		= nfsd4_encode_rename,
6117	[OP_RENEW]		= nfsd4_encode_noop,
6118	[OP_RESTOREFH]		= nfsd4_encode_noop,
6119	[OP_SAVEFH]		= nfsd4_encode_noop,
6120	[OP_SECINFO]		= nfsd4_encode_secinfo,
6121	[OP_SETATTR]		= nfsd4_encode_setattr,
6122	[OP_SETCLIENTID]	= nfsd4_encode_setclientid,
6123	[OP_SETCLIENTID_CONFIRM] = nfsd4_encode_noop,
6124	[OP_VERIFY]		= nfsd4_encode_noop,
6125	[OP_WRITE]		= nfsd4_encode_write,
6126	[OP_RELEASE_LOCKOWNER]	= nfsd4_encode_noop,
6127
6128	/* NFSv4.1 operations */
6129	[OP_BACKCHANNEL_CTL]	= nfsd4_encode_noop,
6130	[OP_BIND_CONN_TO_SESSION] = nfsd4_encode_bind_conn_to_session,
6131	[OP_EXCHANGE_ID]	= nfsd4_encode_exchange_id,
6132	[OP_CREATE_SESSION]	= nfsd4_encode_create_session,
6133	[OP_DESTROY_SESSION]	= nfsd4_encode_noop,
6134	[OP_FREE_STATEID]	= nfsd4_encode_noop,
6135	[OP_GET_DIR_DELEGATION]	= nfsd4_encode_get_dir_delegation,
6136#ifdef CONFIG_NFSD_PNFS
6137	[OP_GETDEVICEINFO]	= nfsd4_encode_getdeviceinfo,
6138	[OP_GETDEVICELIST]	= nfsd4_encode_noop,
6139	[OP_LAYOUTCOMMIT]	= nfsd4_encode_layoutcommit,
6140	[OP_LAYOUTGET]		= nfsd4_encode_layoutget,
6141	[OP_LAYOUTRETURN]	= nfsd4_encode_layoutreturn,
6142#else
6143	[OP_GETDEVICEINFO]	= nfsd4_encode_noop,
6144	[OP_GETDEVICELIST]	= nfsd4_encode_noop,
6145	[OP_LAYOUTCOMMIT]	= nfsd4_encode_noop,
6146	[OP_LAYOUTGET]		= nfsd4_encode_noop,
6147	[OP_LAYOUTRETURN]	= nfsd4_encode_noop,
6148#endif
6149	[OP_SECINFO_NO_NAME]	= nfsd4_encode_secinfo_no_name,
6150	[OP_SEQUENCE]		= nfsd4_encode_sequence,
6151	[OP_SET_SSV]		= nfsd4_encode_noop,
6152	[OP_TEST_STATEID]	= nfsd4_encode_test_stateid,
6153	[OP_WANT_DELEGATION]	= nfsd4_encode_noop,
6154	[OP_DESTROY_CLIENTID]	= nfsd4_encode_noop,
6155	[OP_RECLAIM_COMPLETE]	= nfsd4_encode_noop,
6156
6157	/* NFSv4.2 operations */
6158	[OP_ALLOCATE]		= nfsd4_encode_noop,
6159	[OP_COPY]		= nfsd4_encode_copy,
6160	[OP_COPY_NOTIFY]	= nfsd4_encode_copy_notify,
6161	[OP_DEALLOCATE]		= nfsd4_encode_noop,
6162	[OP_IO_ADVISE]		= nfsd4_encode_noop,
6163	[OP_LAYOUTERROR]	= nfsd4_encode_noop,
6164	[OP_LAYOUTSTATS]	= nfsd4_encode_noop,
6165	[OP_OFFLOAD_CANCEL]	= nfsd4_encode_noop,
6166	[OP_OFFLOAD_STATUS]	= nfsd4_encode_offload_status,
6167	[OP_READ_PLUS]		= nfsd4_encode_read_plus,
6168	[OP_SEEK]		= nfsd4_encode_seek,
6169	[OP_WRITE_SAME]		= nfsd4_encode_noop,
6170	[OP_CLONE]		= nfsd4_encode_noop,
6171
6172	/* RFC 8276 extended atributes operations */
6173	[OP_GETXATTR]		= nfsd4_encode_getxattr,
6174	[OP_SETXATTR]		= nfsd4_encode_setxattr,
6175	[OP_LISTXATTRS]		= nfsd4_encode_listxattrs,
6176	[OP_REMOVEXATTR]	= nfsd4_encode_removexattr,
6177};
6178
6179/*
6180 * Calculate whether we still have space to encode repsize bytes.
6181 * There are two considerations:
6182 *     - For NFS versions >=4.1, the size of the reply must stay within
6183 *       session limits
6184 *     - For all NFS versions, we must stay within limited preallocated
6185 *       buffer space.
6186 *
6187 * This is called before the operation is processed, so can only provide
6188 * an upper estimate.  For some nonidempotent operations (such as
6189 * getattr), it's not necessarily a problem if that estimate is wrong,
6190 * as we can fail it after processing without significant side effects.
6191 */
6192__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 respsize)
6193{
6194	struct xdr_buf *buf = &resp->rqstp->rq_res;
6195	struct nfsd4_slot *slot = resp->cstate.slot;
6196
6197	if (buf->len + respsize <= buf->buflen)
6198		return nfs_ok;
6199	if (!nfsd4_has_session(&resp->cstate))
6200		return nfserr_resource;
6201	if (slot->sl_flags & NFSD4_SLOT_CACHETHIS) {
6202		WARN_ON_ONCE(1);
6203		return nfserr_rep_too_big_to_cache;
6204	}
6205	return nfserr_rep_too_big;
6206}
6207
6208static __be32 nfsd4_map_status(__be32 status, u32 minor)
6209{
6210	switch (status) {
6211	case nfs_ok:
6212		break;
6213	case nfserr_wrong_type:
6214		/* RFC 8881 - 15.1.2.9 */
6215		if (minor == 0)
6216			status = nfserr_inval;
6217		break;
6218	case nfserr_symlink_not_dir:
6219		status = nfserr_symlink;
6220		break;
6221	}
6222	return status;
6223}
6224
6225void
6226nfsd4_encode_operation(struct nfsd4_compoundres *resp, struct nfsd4_op *op)
6227{
6228	struct xdr_stream *xdr = resp->xdr;
6229	struct nfs4_stateowner *so = resp->cstate.replay_owner;
6230	struct svc_rqst *rqstp = resp->rqstp;
6231	const struct nfsd4_operation *opdesc = op->opdesc;
6232	unsigned int op_status_offset;
6233	nfsd4_enc encoder;
6234
6235	if (xdr_stream_encode_u32(xdr, op->opnum) != XDR_UNIT)
6236		goto release;
6237	op_status_offset = xdr->buf->len;
6238	if (!xdr_reserve_space(xdr, XDR_UNIT))
6239		goto release;
6240
6241	if (op->opnum == OP_ILLEGAL)
6242		goto status;
6243	if (op->status && opdesc &&
6244			!(opdesc->op_flags & OP_NONTRIVIAL_ERROR_ENCODE))
6245		goto status;
6246	BUG_ON(op->opnum >= ARRAY_SIZE(nfsd4_enc_ops) ||
6247	       !nfsd4_enc_ops[op->opnum]);
6248	encoder = nfsd4_enc_ops[op->opnum];
6249	op->status = encoder(resp, op->status, &op->u);
6250	if (op->status)
6251		trace_nfsd_compound_encode_err(rqstp, op->opnum, op->status);
6252	xdr_commit_encode(xdr);
6253
6254	/* nfsd4_check_resp_size guarantees enough room for error status */
6255	if (!op->status) {
6256		int space_needed = 0;
6257		if (!nfsd4_last_compound_op(rqstp))
6258			space_needed = COMPOUND_ERR_SLACK_SPACE;
6259		op->status = nfsd4_check_resp_size(resp, space_needed);
6260	}
6261	if (op->status == nfserr_resource && nfsd4_has_session(&resp->cstate)) {
6262		struct nfsd4_slot *slot = resp->cstate.slot;
6263
6264		if (slot->sl_flags & NFSD4_SLOT_CACHETHIS)
6265			op->status = nfserr_rep_too_big_to_cache;
6266		else
6267			op->status = nfserr_rep_too_big;
6268	}
6269	if (op->status == nfserr_resource ||
6270	    op->status == nfserr_rep_too_big ||
6271	    op->status == nfserr_rep_too_big_to_cache) {
6272		/*
6273		 * The operation may have already been encoded or
6274		 * partially encoded.  No op returns anything additional
6275		 * in the case of one of these three errors, so we can
6276		 * just truncate back to after the status.  But it's a
6277		 * bug if we had to do this on a non-idempotent op:
6278		 */
6279		warn_on_nonidempotent_op(op);
6280		xdr_truncate_encode(xdr, op_status_offset + XDR_UNIT);
6281	} else if (so) {
6282		int len = xdr->buf->len - (op_status_offset + XDR_UNIT);
6283
6284		so->so_replay.rp_status = op->status;
6285		if (len > NFSD4_REPLAY_ISIZE) {
6286			char *buf = kmalloc(len, GFP_KERNEL);
6287
6288			nfs4_replay_free_cache(&so->so_replay);
6289			if (buf) {
6290				so->so_replay.rp_buf = buf;
6291			} else {
6292				/* rp_buflen already zeroed; skip caching */
6293				goto status;
6294			}
6295		} else if (so->so_replay.rp_buf != so->so_replay.rp_ibuf) {
6296			nfs4_replay_free_cache(&so->so_replay);
6297		}
6298		so->so_replay.rp_buflen = len;
6299		read_bytes_from_xdr_buf(xdr->buf,
6300					op_status_offset + XDR_UNIT,
6301					so->so_replay.rp_buf, len);
6302	}
6303status:
6304	op->status = nfsd4_map_status(op->status,
6305				      resp->cstate.minorversion);
6306	write_bytes_to_xdr_buf(xdr->buf, op_status_offset,
6307			       &op->status, XDR_UNIT);
6308release:
6309	if (opdesc && opdesc->op_release)
6310		opdesc->op_release(&op->u);
6311
6312	/*
6313	 * Account for pages consumed while encoding this operation.
6314	 * The xdr_stream primitives don't manage rq_next_page.
6315	 */
6316	rqstp->rq_next_page = xdr->page_ptr + 1;
6317}
6318
6319/**
6320 * nfsd4_encode_replay - encode a result stored in the stateowner reply cache
6321 * @xdr: send buffer's XDR stream
6322 * @op: operation being replayed
6323 *
6324 * @op->replay->rp_buf contains the previously-sent already-encoded result.
6325 */
6326void nfsd4_encode_replay(struct xdr_stream *xdr, struct nfsd4_op *op)
6327{
6328	struct nfs4_replay *rp = op->replay;
6329
6330	trace_nfsd_stateowner_replay(op->opnum, rp);
6331
6332	if (xdr_stream_encode_u32(xdr, op->opnum) != XDR_UNIT)
6333		return;
6334	if (xdr_stream_encode_be32(xdr, rp->rp_status) != XDR_UNIT)
6335		return;
6336	xdr_stream_encode_opaque_fixed(xdr, rp->rp_buf, rp->rp_buflen);
6337}
6338
6339void nfsd4_release_compoundargs(struct svc_rqst *rqstp)
6340{
6341	struct nfsd4_compoundargs *args = rqstp->rq_argp;
6342
6343	if (args->ops != args->iops) {
6344		vfree(args->ops);
6345		args->ops = args->iops;
6346	}
6347	while (args->to_free) {
6348		struct svcxdr_tmpbuf *tb = args->to_free;
6349		args->to_free = tb->next;
6350		kfree(tb);
6351	}
6352}
6353
6354bool
6355nfs4svc_decode_compoundargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
6356{
6357	struct nfsd4_compoundargs *args = rqstp->rq_argp;
6358
6359	/* svcxdr_tmp_alloc */
6360	args->to_free = NULL;
6361
6362	args->xdr = xdr;
6363	args->ops = args->iops;
6364	args->rqstp = rqstp;
6365
6366	/*
6367	 * NFSv4 operation decoders can invoke svc cache lookups
6368	 * that trigger svc_defer() when RQ_USEDEFERRAL is set,
6369	 * setting RQ_DROPME. This creates two problems:
6370	 *
6371	 * 1. Non-idempotency: Compounds make it too hard to avoid
6372	 *    problems if a request is deferred and replayed.
6373	 *
6374	 * 2. Session slot leakage (NFSv4.1+): If RQ_DROPME is set
6375	 *    during decode but SEQUENCE executes successfully, the
6376	 *    session slot will be marked INUSE. The request is then
6377	 *    dropped before encoding, so the slot is never released,
6378	 *    rendering it permanently unusable by the client.
6379	 */
6380	clear_bit(RQ_USEDEFERRAL, &rqstp->rq_flags);
6381
6382	return nfsd4_decode_compound(args);
6383}
6384
6385bool
6386nfs4svc_encode_compoundres(struct svc_rqst *rqstp, struct xdr_stream *xdr)
6387{
6388	struct nfsd4_compoundres *resp = rqstp->rq_resp;
6389	__be32 *p;
6390
6391	/*
6392	 * Send buffer space for the following items is reserved
6393	 * at the top of nfsd4_proc_compound().
6394	 */
6395	p = resp->statusp;
6396
6397	*p++ = resp->cstate.status;
6398	*p++ = htonl(resp->taglen);
6399	memcpy(p, resp->tag, resp->taglen);
6400	p += XDR_QUADLEN(resp->taglen);
6401	*p++ = htonl(resp->opcnt);
6402
6403	nfsd4_sequence_done(resp);
6404	return true;
6405}
Configure Feed

Configure Feed
