+1 -1

fs/nfsd/acl.h

reviewed

··· 47 47 #define NFS4_ACL_MAX ((PAGE_SIZE - sizeof(struct nfs4_acl)) \ 48 48 / sizeof(struct nfs4_ace)) 49 49 50 50 - struct nfs4_acl *nfs4_acl_new(int); 50 50 + int nfs4_acl_bytes(int entries); 51 51 int nfs4_acl_get_whotype(char *, u32); 52 52 __be32 nfs4_acl_write_who(struct xdr_stream *xdr, int who); 53 53

+1 -1

fs/nfsd/auth.c

reviewed

··· 28 28 validate_process_creds(); 29 29 30 30 /* discard any old override before preparing the new set */ 31 31 - revert_creds(get_cred(current->real_cred)); 31 31 + revert_creds(get_cred(current_real_cred())); 32 32 new = prepare_creds(); 33 33 if (!new) 34 34 return -ENOMEM;

+3 -3

fs/nfsd/export.c

reviewed

··· 698 698 699 699 kref_get(&item->ex_client->ref); 700 700 new->ex_client = item->ex_client; 701 701 - new->ex_path.dentry = dget(item->ex_path.dentry); 702 702 - new->ex_path.mnt = mntget(item->ex_path.mnt); 701 701 + new->ex_path = item->ex_path; 702 702 + path_get(&item->ex_path); 703 703 new->ex_fslocs.locations = NULL; 704 704 new->ex_fslocs.locations_count = 0; 705 705 new->ex_fslocs.migrated = 0; ··· 1253 1253 return 0; 1254 1254 } 1255 1255 1256 1256 - cache_get(&exp->h); 1256 1256 + exp_get(exp); 1257 1257 if (cache_check(cd, &exp->h, NULL)) 1258 1258 return 0; 1259 1259 exp_put(exp);

+2 -1

fs/nfsd/export.h

reviewed

··· 101 101 cache_put(&exp->h, exp->cd); 102 102 } 103 103 104 104 - static inline void exp_get(struct svc_export *exp) 104 104 + static inline struct svc_export *exp_get(struct svc_export *exp) 105 105 { 106 106 cache_get(&exp->h); 107 107 + return exp; 107 108 } 108 109 struct svc_export * rqst_exp_find(struct svc_rqst *, int, u32 *); 109 110

+62 -76

fs/nfsd/fault_inject.c

reviewed

··· 17 17 18 18 struct nfsd_fault_inject_op { 19 19 char *file; 20 20 - u64 (*forget)(struct nfs4_client *, u64); 21 21 - u64 (*print)(struct nfs4_client *, u64); 20 20 + u64 (*get)(void); 21 21 + u64 (*set_val)(u64); 22 22 + u64 (*set_clnt)(struct sockaddr_storage *, size_t); 22 23 }; 23 24 24 24 - static struct nfsd_fault_inject_op inject_ops[] = { 25 25 - { 26 26 - .file = "forget_clients", 27 27 - .forget = nfsd_forget_client, 28 28 - .print = nfsd_print_client, 29 29 - }, 30 30 - { 31 31 - .file = "forget_locks", 32 32 - .forget = nfsd_forget_client_locks, 33 33 - .print = nfsd_print_client_locks, 34 34 - }, 35 35 - { 36 36 - .file = "forget_openowners", 37 37 - .forget = nfsd_forget_client_openowners, 38 38 - .print = nfsd_print_client_openowners, 39 39 - }, 40 40 - { 41 41 - .file = "forget_delegations", 42 42 - .forget = nfsd_forget_client_delegations, 43 43 - .print = nfsd_print_client_delegations, 44 44 - }, 45 45 - { 46 46 - .file = "recall_delegations", 47 47 - .forget = nfsd_recall_client_delegations, 48 48 - .print = nfsd_print_client_delegations, 49 49 - }, 50 50 - }; 51 51 - 52 52 - static long int NUM_INJECT_OPS = sizeof(inject_ops) / sizeof(struct nfsd_fault_inject_op); 53 25 static struct dentry *debug_dir; 54 54 - 55 55 - static void nfsd_inject_set(struct nfsd_fault_inject_op *op, u64 val) 56 56 - { 57 57 - u64 count = 0; 58 58 - 59 59 - if (val == 0) 60 60 - printk(KERN_INFO "NFSD Fault Injection: %s (all)", op->file); 61 61 - else 62 62 - printk(KERN_INFO "NFSD Fault Injection: %s (n = %llu)", op->file, val); 63 63 - 64 64 - nfs4_lock_state(); 65 65 - count = nfsd_for_n_state(val, op->forget); 66 66 - nfs4_unlock_state(); 67 67 - printk(KERN_INFO "NFSD: %s: found %llu", op->file, count); 68 68 - } 69 69 - 70 70 - static void nfsd_inject_set_client(struct nfsd_fault_inject_op *op, 71 71 - struct sockaddr_storage *addr, 72 72 - size_t addr_size) 73 73 - { 74 74 - char buf[INET6_ADDRSTRLEN]; 75 75 - struct nfs4_client *clp; 76 76 - u64 count; 77 77 - 78 78 - nfs4_lock_state(); 79 79 - clp = nfsd_find_client(addr, addr_size); 80 80 - if (clp) { 81 81 - count = op->forget(clp, 0); 82 82 - rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 83 83 - printk(KERN_INFO "NFSD [%s]: Client %s had %llu state object(s)\n", op->file, buf, count); 84 84 - } 85 85 - nfs4_unlock_state(); 86 86 - } 87 87 - 88 88 - static void nfsd_inject_get(struct nfsd_fault_inject_op *op, u64 *val) 89 89 - { 90 90 - nfs4_lock_state(); 91 91 - *val = nfsd_for_n_state(0, op->print); 92 92 - nfs4_unlock_state(); 93 93 - } 94 26 95 27 static ssize_t fault_inject_read(struct file *file, char __user *buf, 96 28 size_t len, loff_t *ppos) ··· 31 99 char read_buf[25]; 32 100 size_t size; 33 101 loff_t pos = *ppos; 102 102 + struct nfsd_fault_inject_op *op = file_inode(file)->i_private; 34 103 35 104 if (!pos) 36 36 - nfsd_inject_get(file_inode(file)->i_private, &val); 105 105 + val = op->get(); 37 106 size = scnprintf(read_buf, sizeof(read_buf), "%llu\n", val); 38 107 39 108 return simple_read_from_buffer(buf, len, ppos, read_buf, size); ··· 47 114 size_t size = min(sizeof(write_buf) - 1, len); 48 115 struct net *net = current->nsproxy->net_ns; 49 116 struct sockaddr_storage sa; 117 117 + struct nfsd_fault_inject_op *op = file_inode(file)->i_private; 50 118 u64 val; 119 119 + char *nl; 51 120 52 121 if (copy_from_user(write_buf, buf, size)) 53 122 return -EFAULT; 54 123 write_buf[size] = '\0'; 55 124 125 125 + /* Deal with any embedded newlines in the string */ 126 126 + nl = strchr(write_buf, '\n'); 127 127 + if (nl) { 128 128 + size = nl - write_buf; 129 129 + *nl = '\0'; 130 130 + } 131 131 + 56 132 size = rpc_pton(net, write_buf, size, (struct sockaddr *)&sa, sizeof(sa)); 57 57 - if (size > 0) 58 58 - nfsd_inject_set_client(file_inode(file)->i_private, &sa, size); 59 59 - else { 133 133 + if (size > 0) { 134 134 + val = op->set_clnt(&sa, size); 135 135 + if (val) 136 136 + pr_info("NFSD [%s]: Client %s had %llu state object(s)\n", 137 137 + op->file, write_buf, val); 138 138 + } else { 60 139 val = simple_strtoll(write_buf, NULL, 0); 61 61 - nfsd_inject_set(file_inode(file)->i_private, val); 140 140 + if (val == 0) 141 141 + pr_info("NFSD Fault Injection: %s (all)", op->file); 142 142 + else 143 143 + pr_info("NFSD Fault Injection: %s (n = %llu)", 144 144 + op->file, val); 145 145 + val = op->set_val(val); 146 146 + pr_info("NFSD: %s: found %llu", op->file, val); 62 147 } 63 148 return len; /* on success, claim we got the whole input */ 64 149 } ··· 91 140 { 92 141 debugfs_remove_recursive(debug_dir); 93 142 } 143 143 + 144 144 + static struct nfsd_fault_inject_op inject_ops[] = { 145 145 + { 146 146 + .file = "forget_clients", 147 147 + .get = nfsd_inject_print_clients, 148 148 + .set_val = nfsd_inject_forget_clients, 149 149 + .set_clnt = nfsd_inject_forget_client, 150 150 + }, 151 151 + { 152 152 + .file = "forget_locks", 153 153 + .get = nfsd_inject_print_locks, 154 154 + .set_val = nfsd_inject_forget_locks, 155 155 + .set_clnt = nfsd_inject_forget_client_locks, 156 156 + }, 157 157 + { 158 158 + .file = "forget_openowners", 159 159 + .get = nfsd_inject_print_openowners, 160 160 + .set_val = nfsd_inject_forget_openowners, 161 161 + .set_clnt = nfsd_inject_forget_client_openowners, 162 162 + }, 163 163 + { 164 164 + .file = "forget_delegations", 165 165 + .get = nfsd_inject_print_delegations, 166 166 + .set_val = nfsd_inject_forget_delegations, 167 167 + .set_clnt = nfsd_inject_forget_client_delegations, 168 168 + }, 169 169 + { 170 170 + .file = "recall_delegations", 171 171 + .get = nfsd_inject_print_delegations, 172 172 + .set_val = nfsd_inject_recall_delegations, 173 173 + .set_clnt = nfsd_inject_recall_client_delegations, 174 174 + }, 175 175 + }; 176 176 + 177 177 + #define NUM_INJECT_OPS (sizeof(inject_ops)/sizeof(struct nfsd_fault_inject_op)) 94 178 95 179 int nfsd_fault_inject_init(void) 96 180 {

+17 -8

fs/nfsd/netns.h

reviewed

··· 29 29 #define CLIENT_HASH_SIZE (1 << CLIENT_HASH_BITS) 30 30 #define CLIENT_HASH_MASK (CLIENT_HASH_SIZE - 1) 31 31 32 32 - #define LOCKOWNER_INO_HASH_BITS 8 33 33 - #define LOCKOWNER_INO_HASH_SIZE (1 << LOCKOWNER_INO_HASH_BITS) 34 34 - 35 32 #define SESSION_HASH_SIZE 512 36 33 37 34 struct cld_net; 38 35 struct nfsd4_client_tracking_ops; 39 36 37 37 + /* 38 38 + * Represents a nfsd "container". With respect to nfsv4 state tracking, the 39 39 + * fields of interest are the *_id_hashtbls and the *_name_tree. These track 40 40 + * the nfs4_client objects by either short or long form clientid. 41 41 + * 42 42 + * Each nfsd_net runs a nfs4_laundromat workqueue job when necessary to clean 43 43 + * up expired clients and delegations within the container. 44 44 + */ 40 45 struct nfsd_net { 41 46 struct cld_net *cld_net; 42 47 ··· 71 66 struct rb_root conf_name_tree; 72 67 struct list_head *unconf_id_hashtbl; 73 68 struct rb_root unconf_name_tree; 74 74 - struct list_head *ownerstr_hashtbl; 75 75 - struct list_head *lockowner_ino_hashtbl; 76 69 struct list_head *sessionid_hashtbl; 77 70 /* 78 71 * client_lru holds client queue ordered by nfs4_client.cl_time ··· 100 97 bool nfsd_net_up; 101 98 bool lockd_up; 102 99 103 103 - /* 104 104 - * Time of server startup 105 105 - */ 100 100 + /* Time of server startup */ 106 101 struct timeval nfssvc_boot; 102 102 + 103 103 + /* 104 104 + * Max number of connections this nfsd container will allow. Defaults 105 105 + * to '0' which is means that it bases this on the number of threads. 106 106 + */ 107 107 + unsigned int max_connections; 108 108 + 109 109 + u32 clientid_counter; 107 110 108 111 struct svc_serv *nfsd_serv; 109 112 };

+4 -4

fs/nfsd/nfs2acl.c

reviewed

··· 54 54 55 55 if (resp->mask & (NFS_ACL|NFS_ACLCNT)) { 56 56 acl = get_acl(inode, ACL_TYPE_ACCESS); 57 57 - if (IS_ERR(acl)) { 58 58 - nfserr = nfserrno(PTR_ERR(acl)); 59 59 - goto fail; 60 60 - } 61 57 if (acl == NULL) { 62 58 /* Solaris returns the inode's minimum ACL. */ 63 59 acl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); 60 60 + } 61 61 + if (IS_ERR(acl)) { 62 62 + nfserr = nfserrno(PTR_ERR(acl)); 63 63 + goto fail; 64 64 } 65 65 resp->acl_access = acl; 66 66 }

+4 -4

fs/nfsd/nfs3acl.c

reviewed

··· 47 47 48 48 if (resp->mask & (NFS_ACL|NFS_ACLCNT)) { 49 49 acl = get_acl(inode, ACL_TYPE_ACCESS); 50 50 - if (IS_ERR(acl)) { 51 51 - nfserr = nfserrno(PTR_ERR(acl)); 52 52 - goto fail; 53 53 - } 54 50 if (acl == NULL) { 55 51 /* Solaris returns the inode's minimum ACL. */ 56 52 acl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); 53 53 + } 54 54 + if (IS_ERR(acl)) { 55 55 + nfserr = nfserrno(PTR_ERR(acl)); 56 56 + goto fail; 57 57 } 58 58 resp->acl_access = acl; 59 59 }

+2 -7

fs/nfsd/nfs3proc.c

reviewed

··· 157 157 * 1 (status) + 22 (post_op_attr) + 1 (count) + 1 (eof) 158 158 * + 1 (xdr opaque byte count) = 26 159 159 */ 160 160 - 161 161 - resp->count = argp->count; 162 162 - if (max_blocksize < resp->count) 163 163 - resp->count = max_blocksize; 164 164 - 160 160 + resp->count = min(argp->count, max_blocksize); 165 161 svc_reserve_auth(rqstp, ((1 + NFS3_POST_OP_ATTR_WORDS + 3)<<2) + resp->count +4); 166 162 167 163 fh_copy(&resp->fh, &argp->fh); ··· 282 286 fh_copy(&resp->dirfh, &argp->ffh); 283 287 fh_init(&resp->fh, NFS3_FHSIZE); 284 288 nfserr = nfsd_symlink(rqstp, &resp->dirfh, argp->fname, argp->flen, 285 285 - argp->tname, argp->tlen, 286 286 - &resp->fh, &argp->attrs); 289 289 + argp->tname, &resp->fh); 287 290 RETURN_STATUS(nfserr); 288 291 } 289 292

+8 -22

fs/nfsd/nfs3xdr.c

reviewed

··· 120 120 121 121 iap->ia_valid |= ATTR_SIZE; 122 122 p = xdr_decode_hyper(p, &newsize); 123 123 - if (newsize <= NFS_OFFSET_MAX) 124 124 - iap->ia_size = newsize; 125 125 - else 126 126 - iap->ia_size = NFS_OFFSET_MAX; 123 123 + iap->ia_size = min_t(u64, newsize, NFS_OFFSET_MAX); 127 124 } 128 125 if ((tmp = ntohl(*p++)) == 1) { /* set to server time */ 129 126 iap->ia_valid |= ATTR_ATIME; ··· 335 338 return 0; 336 339 p = xdr_decode_hyper(p, &args->offset); 337 340 338 338 - len = args->count = ntohl(*p++); 339 339 - 340 340 - if (len > max_blocksize) 341 341 - len = max_blocksize; 341 341 + args->count = ntohl(*p++); 342 342 + len = min(args->count, max_blocksize); 342 343 343 344 /* set up the kvec */ 344 345 v=0; ··· 344 349 struct page *p = *(rqstp->rq_next_page++); 345 350 346 351 rqstp->rq_vec[v].iov_base = page_address(p); 347 347 - rqstp->rq_vec[v].iov_len = len < PAGE_SIZE? len : PAGE_SIZE; 352 352 + rqstp->rq_vec[v].iov_len = min_t(unsigned int, len, PAGE_SIZE); 348 353 len -= rqstp->rq_vec[v].iov_len; 349 354 v++; 350 355 } ··· 479 484 } 480 485 /* now copy next page if there is one */ 481 486 if (len && !avail && rqstp->rq_arg.page_len) { 482 482 - avail = rqstp->rq_arg.page_len; 483 483 - if (avail > PAGE_SIZE) 484 484 - avail = PAGE_SIZE; 487 487 + avail = min_t(unsigned int, rqstp->rq_arg.page_len, PAGE_SIZE); 485 488 old = page_address(rqstp->rq_arg.pages[0]); 486 489 } 487 490 while (len && avail && *old) { ··· 564 571 args->verf = p; p += 2; 565 572 args->dircount = ~0; 566 573 args->count = ntohl(*p++); 567 567 - 568 568 - if (args->count > PAGE_SIZE) 569 569 - args->count = PAGE_SIZE; 570 570 - 574 574 + args->count = min_t(u32, args->count, PAGE_SIZE); 571 575 args->buffer = page_address(*(rqstp->rq_next_page++)); 572 576 573 577 return xdr_argsize_check(rqstp, p); ··· 585 595 args->dircount = ntohl(*p++); 586 596 args->count = ntohl(*p++); 587 597 588 588 - len = (args->count > max_blocksize) ? max_blocksize : 589 589 - args->count; 590 590 - args->count = len; 591 591 - 598 598 + len = args->count = min(args->count, max_blocksize); 592 599 while (len > 0) { 593 600 struct page *p = *(rqstp->rq_next_page++); 594 601 if (!args->buffer) ··· 900 913 */ 901 914 902 915 /* truncate filename if too long */ 903 903 - if (namlen > NFS3_MAXNAMLEN) 904 904 - namlen = NFS3_MAXNAMLEN; 916 916 + namlen = min(namlen, NFS3_MAXNAMLEN); 905 917 906 918 slen = XDR_QUADLEN(namlen); 907 919 elen = slen + NFS3_ENTRY_BAGGAGE

+22 -17

fs/nfsd/nfs4acl.c

reviewed

··· 146 146 int size = 0; 147 147 148 148 pacl = get_acl(inode, ACL_TYPE_ACCESS); 149 149 - if (!pacl) { 149 149 + if (!pacl) 150 150 pacl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); 151 151 - if (IS_ERR(pacl)) 152 152 - return PTR_ERR(pacl); 153 153 - } 151 151 + 152 152 + if (IS_ERR(pacl)) 153 153 + return PTR_ERR(pacl); 154 154 + 154 155 /* allocate for worst case: one (deny, allow) pair each: */ 155 156 size += 2 * pacl->a_count; 156 157 157 158 if (S_ISDIR(inode->i_mode)) { 158 159 flags = NFS4_ACL_DIR; 159 160 dpacl = get_acl(inode, ACL_TYPE_DEFAULT); 161 161 + if (IS_ERR(dpacl)) { 162 162 + error = PTR_ERR(dpacl); 163 163 + goto rel_pacl; 164 164 + } 165 165 + 160 166 if (dpacl) 161 167 size += 2 * dpacl->a_count; 162 168 } 163 169 164 164 - *acl = nfs4_acl_new(size); 170 170 + *acl = kmalloc(nfs4_acl_bytes(size), GFP_KERNEL); 165 171 if (*acl == NULL) { 166 172 error = -ENOMEM; 167 173 goto out; 168 174 } 175 175 + (*acl)->naces = 0; 169 176 170 177 _posix_to_nfsv4_one(pacl, *acl, flags & ~NFS4_ACL_TYPE_DEFAULT); 171 178 172 179 if (dpacl) 173 180 _posix_to_nfsv4_one(dpacl, *acl, flags | NFS4_ACL_TYPE_DEFAULT); 174 181 175 175 - out: 176 176 - posix_acl_release(pacl); 182 182 + out: 177 183 posix_acl_release(dpacl); 184 184 + rel_pacl: 185 185 + posix_acl_release(pacl); 178 186 return error; 179 187 } 180 188 ··· 880 872 return -1; 881 873 } 882 874 883 883 - struct nfs4_acl * 884 884 - nfs4_acl_new(int n) 875 875 + /* 876 876 + * return the size of the struct nfs4_acl required to represent an acl 877 877 + * with @entries entries. 878 878 + */ 879 879 + int nfs4_acl_bytes(int entries) 885 880 { 886 886 - struct nfs4_acl *acl; 887 887 - 888 888 - acl = kmalloc(sizeof(*acl) + n*sizeof(struct nfs4_ace), GFP_KERNEL); 889 889 - if (acl == NULL) 890 890 - return NULL; 891 891 - acl->naces = 0; 892 892 - return acl; 881 881 + return sizeof(struct nfs4_acl) + entries * sizeof(struct nfs4_ace); 893 882 } 894 883 895 884 static struct { ··· 940 935 return 0; 941 936 } 942 937 WARN_ON_ONCE(1); 943 943 - return -1; 938 938 + return nfserr_serverfault; 944 939 }

+23 -9

fs/nfsd/nfs4callback.c

reviewed

··· 337 337 p = xdr_reserve_space(xdr, 4); 338 338 *p++ = xdr_zero; /* truncate */ 339 339 340 340 - encode_nfs_fh4(xdr, &dp->dl_fh); 340 340 + encode_nfs_fh4(xdr, &dp->dl_stid.sc_file->fi_fhandle); 341 341 342 342 hdr->nops++; 343 343 } ··· 678 678 (clp->cl_cred.cr_flavor >= RPC_AUTH_GSS_KRB5)) 679 679 return -EINVAL; 680 680 args.client_name = clp->cl_cred.cr_principal; 681 681 - args.prognumber = conn->cb_prog, 681 681 + args.prognumber = conn->cb_prog; 682 682 args.protocol = XPRT_TRANSPORT_TCP; 683 683 args.authflavor = clp->cl_cred.cr_flavor; 684 684 clp->cl_cb_ident = conn->cb_ident; ··· 689 689 clp->cl_cb_session = ses; 690 690 args.bc_xprt = conn->cb_xprt; 691 691 args.prognumber = clp->cl_cb_session->se_cb_prog; 692 692 - args.protocol = XPRT_TRANSPORT_BC_TCP; 692 692 + args.protocol = conn->cb_xprt->xpt_class->xcl_ident | 693 693 + XPRT_TRANSPORT_BC; 693 694 args.authflavor = ses->se_cb_sec.flavor; 694 695 } 695 696 /* Create RPC client */ ··· 905 904 spin_lock(&clp->cl_lock); 906 905 list_del(&cb->cb_per_client); 907 906 spin_unlock(&clp->cl_lock); 908 908 - nfs4_put_delegation(dp); 907 907 + nfs4_put_stid(&dp->dl_stid); 909 908 } 910 909 } 911 910 ··· 934 933 set_bit(NFSD4_CLIENT_CB_KILL, &clp->cl_flags); 935 934 /* 936 935 * Note this won't actually result in a null callback; 937 937 - * instead, nfsd4_do_callback_rpc() will detect the killed 936 936 + * instead, nfsd4_run_cb_null() will detect the killed 938 937 * client, destroy the rpc client, and stop: 939 938 */ 940 939 do_probe_callback(clp); ··· 1012 1011 run_nfsd4_cb(cb); 1013 1012 } 1014 1013 1015 1015 - static void nfsd4_do_callback_rpc(struct work_struct *w) 1014 1014 + static void 1015 1015 + nfsd4_run_callback_rpc(struct nfsd4_callback *cb) 1016 1016 { 1017 1017 - struct nfsd4_callback *cb = container_of(w, struct nfsd4_callback, cb_work); 1018 1017 struct nfs4_client *clp = cb->cb_clp; 1019 1018 struct rpc_clnt *clnt; 1020 1019 ··· 1032 1031 cb->cb_ops, cb); 1033 1032 } 1034 1033 1035 1035 - void nfsd4_init_callback(struct nfsd4_callback *cb) 1034 1034 + void 1035 1035 + nfsd4_run_cb_null(struct work_struct *w) 1036 1036 { 1037 1037 - INIT_WORK(&cb->cb_work, nfsd4_do_callback_rpc); 1037 1037 + struct nfsd4_callback *cb = container_of(w, struct nfsd4_callback, 1038 1038 + cb_work); 1039 1039 + nfsd4_run_callback_rpc(cb); 1040 1040 + } 1041 1041 + 1042 1042 + void 1043 1043 + nfsd4_run_cb_recall(struct work_struct *w) 1044 1044 + { 1045 1045 + struct nfsd4_callback *cb = container_of(w, struct nfsd4_callback, 1046 1046 + cb_work); 1047 1047 + 1048 1048 + nfsd4_prepare_cb_recall(cb->cb_op); 1049 1049 + nfsd4_run_callback_rpc(cb); 1038 1050 } 1039 1051 1040 1052 void nfsd4_cb_recall(struct nfs4_delegation *dp)

+22 -31

fs/nfsd/nfs4proc.c

reviewed

··· 177 177 fh_put(dst); 178 178 dget(src->fh_dentry); 179 179 if (src->fh_export) 180 180 - cache_get(&src->fh_export->h); 180 180 + exp_get(src->fh_export); 181 181 *dst = *src; 182 182 } 183 183 ··· 385 385 if (nfsd4_has_session(cstate)) 386 386 copy_clientid(&open->op_clientid, cstate->session); 387 387 388 388 - nfs4_lock_state(); 389 389 - 390 388 /* check seqid for replay. set nfs4_owner */ 391 389 resp = rqstp->rq_resp; 392 390 status = nfsd4_process_open1(&resp->cstate, open, nn); ··· 429 431 break; 430 432 case NFS4_OPEN_CLAIM_PREVIOUS: 431 433 status = nfs4_check_open_reclaim(&open->op_clientid, 432 432 - cstate->minorversion, 433 433 - nn); 434 434 + cstate, nn); 434 435 if (status) 435 436 goto out; 436 437 open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; ··· 458 461 * set, (2) sets open->op_stateid, (3) sets open->op_delegation. 459 462 */ 460 463 status = nfsd4_process_open2(rqstp, resfh, open); 461 461 - WARN_ON(status && open->op_created); 464 464 + WARN(status && open->op_created, 465 465 + "nfsd4_process_open2 failed to open newly-created file! status=%u\n", 466 466 + be32_to_cpu(status)); 462 467 out: 463 468 if (resfh && resfh != &cstate->current_fh) { 464 469 fh_dup2(&cstate->current_fh, resfh); 465 470 fh_put(resfh); 466 471 kfree(resfh); 467 472 } 468 468 - nfsd4_cleanup_open_state(open, status); 469 469 - if (open->op_openowner && !nfsd4_has_session(cstate)) 470 470 - cstate->replay_owner = &open->op_openowner->oo_owner; 473 473 + nfsd4_cleanup_open_state(cstate, open, status); 471 474 nfsd4_bump_seqid(cstate, status); 472 472 - if (!cstate->replay_owner) 473 473 - nfs4_unlock_state(); 474 475 return status; 475 476 } 476 477 ··· 576 581 __be32 verf[2]; 577 582 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 578 583 579 579 - verf[0] = (__be32)nn->nfssvc_boot.tv_sec; 580 580 - verf[1] = (__be32)nn->nfssvc_boot.tv_usec; 584 584 + /* 585 585 + * This is opaque to client, so no need to byte-swap. Use 586 586 + * __force to keep sparse happy 587 587 + */ 588 588 + verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec; 589 589 + verf[1] = (__force __be32)nn->nfssvc_boot.tv_usec; 581 590 memcpy(verifier->data, verf, sizeof(verifier->data)); 582 591 } 583 592 ··· 618 619 case NF4LNK: 619 620 status = nfsd_symlink(rqstp, &cstate->current_fh, 620 621 create->cr_name, create->cr_namelen, 621 621 - create->cr_linkname, create->cr_linklen, 622 622 - &resfh, &create->cr_iattr); 622 622 + create->cr_data, &resfh); 623 623 break; 624 624 625 625 case NF4BLK: ··· 907 909 default: 908 910 return nfserr_inval; 909 911 } 910 910 - exp_get(cstate->current_fh.fh_export); 911 911 - sin->sin_exp = cstate->current_fh.fh_export; 912 912 + 913 913 + sin->sin_exp = exp_get(cstate->current_fh.fh_export); 912 914 fh_put(&cstate->current_fh); 913 915 return nfs_ok; 914 916 } ··· 1287 1289 * Don't use the deferral mechanism for NFSv4; compounds make it 1288 1290 * too hard to avoid non-idempotency problems. 1289 1291 */ 1290 1290 - rqstp->rq_usedeferral = 0; 1292 1292 + rqstp->rq_usedeferral = false; 1291 1293 1292 1294 /* 1293 1295 * According to RFC3010, this takes precedence over all other errors. ··· 1389 1391 args->ops, args->opcnt, resp->opcnt, op->opnum, 1390 1392 be32_to_cpu(status)); 1391 1393 1392 1392 - if (cstate->replay_owner) { 1393 1393 - nfs4_unlock_state(); 1394 1394 - cstate->replay_owner = NULL; 1395 1395 - } 1394 1394 + nfsd4_cstate_clear_replay(cstate); 1396 1395 /* XXX Ugh, we need to get rid of this kind of special case: */ 1397 1396 if (op->opnum == OP_READ && op->u.read.rd_filp) 1398 1397 fput(op->u.read.rd_filp); ··· 1403 1408 BUG_ON(cstate->replay_owner); 1404 1409 out: 1405 1410 /* Reset deferral mechanism for RPC deferrals */ 1406 1406 - rqstp->rq_usedeferral = 1; 1411 1411 + rqstp->rq_usedeferral = true; 1407 1412 dprintk("nfsv4 compound returned %d\n", ntohl(status)); 1408 1413 return status; 1409 1414 } ··· 1515 1520 u32 maxcount = 0, rlen = 0; 1516 1521 1517 1522 maxcount = svc_max_payload(rqstp); 1518 1518 - rlen = op->u.read.rd_length; 1519 1519 - 1520 1520 - if (rlen > maxcount) 1521 1521 - rlen = maxcount; 1523 1523 + rlen = min(op->u.read.rd_length, maxcount); 1522 1524 1523 1525 return (op_encode_hdr_size + 2 + XDR_QUADLEN(rlen)) * sizeof(__be32); 1524 1526 } 1525 1527 1526 1528 static inline u32 nfsd4_readdir_rsize(struct svc_rqst *rqstp, struct nfsd4_op *op) 1527 1529 { 1528 1528 - u32 maxcount = svc_max_payload(rqstp); 1529 1529 - u32 rlen = op->u.readdir.rd_maxcount; 1530 1530 + u32 maxcount = 0, rlen = 0; 1530 1531 1531 1531 - if (rlen > maxcount) 1532 1532 - rlen = maxcount; 1532 1532 + maxcount = svc_max_payload(rqstp); 1533 1533 + rlen = min(op->u.readdir.rd_maxcount, maxcount); 1533 1534 1534 1535 return (op_encode_hdr_size + op_encode_verifier_maxsz + 1535 1536 XDR_QUADLEN(rlen)) * sizeof(__be32);

+2222 -1078

fs/nfsd/nfs4state.c

reviewed

··· 70 70 #define CURRENT_STATEID(stateid) (!memcmp((stateid), &currentstateid, sizeof(stateid_t))) 71 71 72 72 /* forward declarations */ 73 73 - static int check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner); 73 73 + static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); 74 74 + static void nfs4_free_ol_stateid(struct nfs4_stid *stid); 74 75 75 76 /* Locking: */ 76 76 - 77 77 - /* Currently used for almost all code touching nfsv4 state: */ 78 78 - static DEFINE_MUTEX(client_mutex); 79 77 80 78 /* 81 79 * Currently used for the del_recall_lru and file hash table. In an ··· 82 84 */ 83 85 static DEFINE_SPINLOCK(state_lock); 84 86 87 87 + /* 88 88 + * A waitqueue for all in-progress 4.0 CLOSE operations that are waiting for 89 89 + * the refcount on the open stateid to drop. 90 90 + */ 91 91 + static DECLARE_WAIT_QUEUE_HEAD(close_wq); 92 92 + 85 93 static struct kmem_cache *openowner_slab; 86 94 static struct kmem_cache *lockowner_slab; 87 95 static struct kmem_cache *file_slab; 88 96 static struct kmem_cache *stateid_slab; 89 97 static struct kmem_cache *deleg_slab; 90 98 91 91 - void 92 92 - nfs4_lock_state(void) 93 93 - { 94 94 - mutex_lock(&client_mutex); 95 95 - } 96 96 - 97 99 static void free_session(struct nfsd4_session *); 98 100 99 101 static bool is_session_dead(struct nfsd4_session *ses) 100 102 { 101 103 return ses->se_flags & NFS4_SESSION_DEAD; 102 102 - } 103 103 - 104 104 - void nfsd4_put_session(struct nfsd4_session *ses) 105 105 - { 106 106 - if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 107 107 - free_session(ses); 108 104 } 109 105 110 106 static __be32 mark_session_dead_locked(struct nfsd4_session *ses, int ref_held_by_me) ··· 109 117 return nfs_ok; 110 118 } 111 119 112 112 - static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 113 113 - { 114 114 - if (is_session_dead(ses)) 115 115 - return nfserr_badsession; 116 116 - atomic_inc(&ses->se_ref); 117 117 - return nfs_ok; 118 118 - } 119 119 - 120 120 - void 121 121 - nfs4_unlock_state(void) 122 122 - { 123 123 - mutex_unlock(&client_mutex); 124 124 - } 125 125 - 126 120 static bool is_client_expired(struct nfs4_client *clp) 127 121 { 128 122 return clp->cl_time == 0; 129 123 } 130 124 131 131 - static __be32 mark_client_expired_locked(struct nfs4_client *clp) 132 132 - { 133 133 - if (atomic_read(&clp->cl_refcount)) 134 134 - return nfserr_jukebox; 135 135 - clp->cl_time = 0; 136 136 - return nfs_ok; 137 137 - } 138 138 - 139 139 - static __be32 mark_client_expired(struct nfs4_client *clp) 140 140 - { 141 141 - struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 142 142 - __be32 ret; 143 143 - 144 144 - spin_lock(&nn->client_lock); 145 145 - ret = mark_client_expired_locked(clp); 146 146 - spin_unlock(&nn->client_lock); 147 147 - return ret; 148 148 - } 149 149 - 150 125 static __be32 get_client_locked(struct nfs4_client *clp) 151 126 { 127 127 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 128 128 + 129 129 + lockdep_assert_held(&nn->client_lock); 130 130 + 152 131 if (is_client_expired(clp)) 153 132 return nfserr_expired; 154 133 atomic_inc(&clp->cl_refcount); ··· 160 197 161 198 static void put_client_renew_locked(struct nfs4_client *clp) 162 199 { 200 200 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 201 201 + 202 202 + lockdep_assert_held(&nn->client_lock); 203 203 + 163 204 if (!atomic_dec_and_test(&clp->cl_refcount)) 164 205 return; 165 206 if (!is_client_expired(clp)) 166 207 renew_client_locked(clp); 167 208 } 168 209 169 169 - void put_client_renew(struct nfs4_client *clp) 210 210 + static void put_client_renew(struct nfs4_client *clp) 170 211 { 171 212 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 172 213 ··· 181 214 spin_unlock(&nn->client_lock); 182 215 } 183 216 217 217 + static __be32 nfsd4_get_session_locked(struct nfsd4_session *ses) 218 218 + { 219 219 + __be32 status; 220 220 + 221 221 + if (is_session_dead(ses)) 222 222 + return nfserr_badsession; 223 223 + status = get_client_locked(ses->se_client); 224 224 + if (status) 225 225 + return status; 226 226 + atomic_inc(&ses->se_ref); 227 227 + return nfs_ok; 228 228 + } 229 229 + 230 230 + static void nfsd4_put_session_locked(struct nfsd4_session *ses) 231 231 + { 232 232 + struct nfs4_client *clp = ses->se_client; 233 233 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 234 234 + 235 235 + lockdep_assert_held(&nn->client_lock); 236 236 + 237 237 + if (atomic_dec_and_test(&ses->se_ref) && is_session_dead(ses)) 238 238 + free_session(ses); 239 239 + put_client_renew_locked(clp); 240 240 + } 241 241 + 242 242 + static void nfsd4_put_session(struct nfsd4_session *ses) 243 243 + { 244 244 + struct nfs4_client *clp = ses->se_client; 245 245 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 246 246 + 247 247 + spin_lock(&nn->client_lock); 248 248 + nfsd4_put_session_locked(ses); 249 249 + spin_unlock(&nn->client_lock); 250 250 + } 251 251 + 252 252 + static int 253 253 + same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner) 254 254 + { 255 255 + return (sop->so_owner.len == owner->len) && 256 256 + 0 == memcmp(sop->so_owner.data, owner->data, owner->len); 257 257 + } 258 258 + 259 259 + static struct nfs4_openowner * 260 260 + find_openstateowner_str_locked(unsigned int hashval, struct nfsd4_open *open, 261 261 + struct nfs4_client *clp) 262 262 + { 263 263 + struct nfs4_stateowner *so; 264 264 + 265 265 + lockdep_assert_held(&clp->cl_lock); 266 266 + 267 267 + list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[hashval], 268 268 + so_strhash) { 269 269 + if (!so->so_is_open_owner) 270 270 + continue; 271 271 + if (same_owner_str(so, &open->op_owner)) { 272 272 + atomic_inc(&so->so_count); 273 273 + return openowner(so); 274 274 + } 275 275 + } 276 276 + return NULL; 277 277 + } 278 278 + 279 279 + static struct nfs4_openowner * 280 280 + find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 281 281 + struct nfs4_client *clp) 282 282 + { 283 283 + struct nfs4_openowner *oo; 284 284 + 285 285 + spin_lock(&clp->cl_lock); 286 286 + oo = find_openstateowner_str_locked(hashval, open, clp); 287 287 + spin_unlock(&clp->cl_lock); 288 288 + return oo; 289 289 + } 184 290 185 291 static inline u32 186 292 opaque_hashval(const void *ptr, int nbytes) ··· 276 236 static inline void 277 237 put_nfs4_file(struct nfs4_file *fi) 278 238 { 239 239 + might_lock(&state_lock); 240 240 + 279 241 if (atomic_dec_and_lock(&fi->fi_ref, &state_lock)) { 280 242 hlist_del(&fi->fi_hash); 281 243 spin_unlock(&state_lock); 282 282 - iput(fi->fi_inode); 283 244 nfsd4_free_file(fi); 284 245 } 285 246 } ··· 291 250 atomic_inc(&fi->fi_ref); 292 251 } 293 252 294 294 - static int num_delegations; 253 253 + static struct file * 254 254 + __nfs4_get_fd(struct nfs4_file *f, int oflag) 255 255 + { 256 256 + if (f->fi_fds[oflag]) 257 257 + return get_file(f->fi_fds[oflag]); 258 258 + return NULL; 259 259 + } 260 260 + 261 261 + static struct file * 262 262 + find_writeable_file_locked(struct nfs4_file *f) 263 263 + { 264 264 + struct file *ret; 265 265 + 266 266 + lockdep_assert_held(&f->fi_lock); 267 267 + 268 268 + ret = __nfs4_get_fd(f, O_WRONLY); 269 269 + if (!ret) 270 270 + ret = __nfs4_get_fd(f, O_RDWR); 271 271 + return ret; 272 272 + } 273 273 + 274 274 + static struct file * 275 275 + find_writeable_file(struct nfs4_file *f) 276 276 + { 277 277 + struct file *ret; 278 278 + 279 279 + spin_lock(&f->fi_lock); 280 280 + ret = find_writeable_file_locked(f); 281 281 + spin_unlock(&f->fi_lock); 282 282 + 283 283 + return ret; 284 284 + } 285 285 + 286 286 + static struct file *find_readable_file_locked(struct nfs4_file *f) 287 287 + { 288 288 + struct file *ret; 289 289 + 290 290 + lockdep_assert_held(&f->fi_lock); 291 291 + 292 292 + ret = __nfs4_get_fd(f, O_RDONLY); 293 293 + if (!ret) 294 294 + ret = __nfs4_get_fd(f, O_RDWR); 295 295 + return ret; 296 296 + } 297 297 + 298 298 + static struct file * 299 299 + find_readable_file(struct nfs4_file *f) 300 300 + { 301 301 + struct file *ret; 302 302 + 303 303 + spin_lock(&f->fi_lock); 304 304 + ret = find_readable_file_locked(f); 305 305 + spin_unlock(&f->fi_lock); 306 306 + 307 307 + return ret; 308 308 + } 309 309 + 310 310 + static struct file * 311 311 + find_any_file(struct nfs4_file *f) 312 312 + { 313 313 + struct file *ret; 314 314 + 315 315 + spin_lock(&f->fi_lock); 316 316 + ret = __nfs4_get_fd(f, O_RDWR); 317 317 + if (!ret) { 318 318 + ret = __nfs4_get_fd(f, O_WRONLY); 319 319 + if (!ret) 320 320 + ret = __nfs4_get_fd(f, O_RDONLY); 321 321 + } 322 322 + spin_unlock(&f->fi_lock); 323 323 + return ret; 324 324 + } 325 325 + 326 326 + static atomic_long_t num_delegations; 295 327 unsigned long max_delegations; 296 328 297 329 /* ··· 376 262 #define OWNER_HASH_SIZE (1 << OWNER_HASH_BITS) 377 263 #define OWNER_HASH_MASK (OWNER_HASH_SIZE - 1) 378 264 379 379 - static unsigned int ownerstr_hashval(u32 clientid, struct xdr_netobj *ownername) 265 265 + static unsigned int ownerstr_hashval(struct xdr_netobj *ownername) 380 266 { 381 267 unsigned int ret; 382 268 383 269 ret = opaque_hashval(ownername->data, ownername->len); 384 384 - ret += clientid; 385 270 return ret & OWNER_HASH_MASK; 386 271 } 387 272 ··· 388 275 #define FILE_HASH_BITS 8 389 276 #define FILE_HASH_SIZE (1 << FILE_HASH_BITS) 390 277 391 391 - static unsigned int file_hashval(struct inode *ino) 278 278 + static unsigned int nfsd_fh_hashval(struct knfsd_fh *fh) 392 279 { 393 393 - /* XXX: why are we hashing on inode pointer, anyway? */ 394 394 - return hash_ptr(ino, FILE_HASH_BITS); 280 280 + return jhash2(fh->fh_base.fh_pad, XDR_QUADLEN(fh->fh_size), 0); 281 281 + } 282 282 + 283 283 + static unsigned int file_hashval(struct knfsd_fh *fh) 284 284 + { 285 285 + return nfsd_fh_hashval(fh) & (FILE_HASH_SIZE - 1); 286 286 + } 287 287 + 288 288 + static bool nfsd_fh_match(struct knfsd_fh *fh1, struct knfsd_fh *fh2) 289 289 + { 290 290 + return fh1->fh_size == fh2->fh_size && 291 291 + !memcmp(fh1->fh_base.fh_pad, 292 292 + fh2->fh_base.fh_pad, 293 293 + fh1->fh_size); 395 294 } 396 295 397 296 static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; 398 297 399 399 - static void __nfs4_file_get_access(struct nfs4_file *fp, int oflag) 298 298 + static void 299 299 + __nfs4_file_get_access(struct nfs4_file *fp, u32 access) 400 300 { 401 401 - WARN_ON_ONCE(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR])); 402 402 - atomic_inc(&fp->fi_access[oflag]); 301 301 + lockdep_assert_held(&fp->fi_lock); 302 302 + 303 303 + if (access & NFS4_SHARE_ACCESS_WRITE) 304 304 + atomic_inc(&fp->fi_access[O_WRONLY]); 305 305 + if (access & NFS4_SHARE_ACCESS_READ) 306 306 + atomic_inc(&fp->fi_access[O_RDONLY]); 403 307 } 404 308 405 405 - static void nfs4_file_get_access(struct nfs4_file *fp, int oflag) 309 309 + static __be32 310 310 + nfs4_file_get_access(struct nfs4_file *fp, u32 access) 406 311 { 407 407 - if (oflag == O_RDWR) { 408 408 - __nfs4_file_get_access(fp, O_RDONLY); 409 409 - __nfs4_file_get_access(fp, O_WRONLY); 410 410 - } else 411 411 - __nfs4_file_get_access(fp, oflag); 312 312 + lockdep_assert_held(&fp->fi_lock); 313 313 + 314 314 + /* Does this access mode make sense? */ 315 315 + if (access & ~NFS4_SHARE_ACCESS_BOTH) 316 316 + return nfserr_inval; 317 317 + 318 318 + /* Does it conflict with a deny mode already set? */ 319 319 + if ((access & fp->fi_share_deny) != 0) 320 320 + return nfserr_share_denied; 321 321 + 322 322 + __nfs4_file_get_access(fp, access); 323 323 + return nfs_ok; 412 324 } 413 325 414 414 - static void nfs4_file_put_fd(struct nfs4_file *fp, int oflag) 326 326 + static __be32 nfs4_file_check_deny(struct nfs4_file *fp, u32 deny) 415 327 { 416 416 - if (fp->fi_fds[oflag]) { 417 417 - fput(fp->fi_fds[oflag]); 418 418 - fp->fi_fds[oflag] = NULL; 328 328 + /* Common case is that there is no deny mode. */ 329 329 + if (deny) { 330 330 + /* Does this deny mode make sense? */ 331 331 + if (deny & ~NFS4_SHARE_DENY_BOTH) 332 332 + return nfserr_inval; 333 333 + 334 334 + if ((deny & NFS4_SHARE_DENY_READ) && 335 335 + atomic_read(&fp->fi_access[O_RDONLY])) 336 336 + return nfserr_share_denied; 337 337 + 338 338 + if ((deny & NFS4_SHARE_DENY_WRITE) && 339 339 + atomic_read(&fp->fi_access[O_WRONLY])) 340 340 + return nfserr_share_denied; 419 341 } 342 342 + return nfs_ok; 420 343 } 421 344 422 345 static void __nfs4_file_put_access(struct nfs4_file *fp, int oflag) 423 346 { 424 424 - if (atomic_dec_and_test(&fp->fi_access[oflag])) { 425 425 - nfs4_file_put_fd(fp, oflag); 347 347 + might_lock(&fp->fi_lock); 348 348 + 349 349 + if (atomic_dec_and_lock(&fp->fi_access[oflag], &fp->fi_lock)) { 350 350 + struct file *f1 = NULL; 351 351 + struct file *f2 = NULL; 352 352 + 353 353 + swap(f1, fp->fi_fds[oflag]); 426 354 if (atomic_read(&fp->fi_access[1 - oflag]) == 0) 427 427 - nfs4_file_put_fd(fp, O_RDWR); 355 355 + swap(f2, fp->fi_fds[O_RDWR]); 356 356 + spin_unlock(&fp->fi_lock); 357 357 + if (f1) 358 358 + fput(f1); 359 359 + if (f2) 360 360 + fput(f2); 428 361 } 429 362 } 430 363 431 431 - static void nfs4_file_put_access(struct nfs4_file *fp, int oflag) 364 364 + static void nfs4_file_put_access(struct nfs4_file *fp, u32 access) 432 365 { 433 433 - if (oflag == O_RDWR) { 434 434 - __nfs4_file_put_access(fp, O_RDONLY); 366 366 + WARN_ON_ONCE(access & ~NFS4_SHARE_ACCESS_BOTH); 367 367 + 368 368 + if (access & NFS4_SHARE_ACCESS_WRITE) 435 369 __nfs4_file_put_access(fp, O_WRONLY); 436 436 - } else 437 437 - __nfs4_file_put_access(fp, oflag); 370 370 + if (access & NFS4_SHARE_ACCESS_READ) 371 371 + __nfs4_file_put_access(fp, O_RDONLY); 438 372 } 439 373 440 440 - static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, struct 441 441 - kmem_cache *slab) 374 374 + static struct nfs4_stid *nfs4_alloc_stid(struct nfs4_client *cl, 375 375 + struct kmem_cache *slab) 442 376 { 443 443 - struct idr *stateids = &cl->cl_stateids; 444 377 struct nfs4_stid *stid; 445 378 int new_id; 446 379 447 447 - stid = kmem_cache_alloc(slab, GFP_KERNEL); 380 380 + stid = kmem_cache_zalloc(slab, GFP_KERNEL); 448 381 if (!stid) 449 382 return NULL; 450 383 451 451 - new_id = idr_alloc_cyclic(stateids, stid, 0, 0, GFP_KERNEL); 384 384 + idr_preload(GFP_KERNEL); 385 385 + spin_lock(&cl->cl_lock); 386 386 + new_id = idr_alloc_cyclic(&cl->cl_stateids, stid, 0, 0, GFP_NOWAIT); 387 387 + spin_unlock(&cl->cl_lock); 388 388 + idr_preload_end(); 452 389 if (new_id < 0) 453 390 goto out_free; 454 391 stid->sc_client = cl; 455 455 - stid->sc_type = 0; 456 392 stid->sc_stateid.si_opaque.so_id = new_id; 457 393 stid->sc_stateid.si_opaque.so_clid = cl->cl_clientid; 458 394 /* Will be incremented before return to client: */ 459 459 - stid->sc_stateid.si_generation = 0; 395 395 + atomic_set(&stid->sc_count, 1); 460 396 461 397 /* 462 398 * It shouldn't be a problem to reuse an opaque stateid value. ··· 522 360 return NULL; 523 361 } 524 362 525 525 - static struct nfs4_ol_stateid * nfs4_alloc_stateid(struct nfs4_client *clp) 363 363 + static struct nfs4_ol_stateid * nfs4_alloc_open_stateid(struct nfs4_client *clp) 526 364 { 527 527 - return openlockstateid(nfs4_alloc_stid(clp, stateid_slab)); 365 365 + struct nfs4_stid *stid; 366 366 + struct nfs4_ol_stateid *stp; 367 367 + 368 368 + stid = nfs4_alloc_stid(clp, stateid_slab); 369 369 + if (!stid) 370 370 + return NULL; 371 371 + 372 372 + stp = openlockstateid(stid); 373 373 + stp->st_stid.sc_free = nfs4_free_ol_stateid; 374 374 + return stp; 375 375 + } 376 376 + 377 377 + static void nfs4_free_deleg(struct nfs4_stid *stid) 378 378 + { 379 379 + kmem_cache_free(deleg_slab, stid); 380 380 + atomic_long_dec(&num_delegations); 528 381 } 529 382 530 383 /* ··· 556 379 * Each filter is 256 bits. We hash the filehandle to 32bit and use the 557 380 * low 3 bytes as hash-table indices. 558 381 * 559 559 - * 'state_lock', which is always held when block_delegations() is called, 382 382 + * 'blocked_delegations_lock', which is always taken in block_delegations(), 560 383 * is used to manage concurrent access. Testing does not need the lock 561 384 * except when swapping the two filters. 562 385 */ 386 386 + static DEFINE_SPINLOCK(blocked_delegations_lock); 563 387 static struct bloom_pair { 564 388 int entries, old_entries; 565 389 time_t swap_time; ··· 576 398 if (bd->entries == 0) 577 399 return 0; 578 400 if (seconds_since_boot() - bd->swap_time > 30) { 579 579 - spin_lock(&state_lock); 401 401 + spin_lock(&blocked_delegations_lock); 580 402 if (seconds_since_boot() - bd->swap_time > 30) { 581 403 bd->entries -= bd->old_entries; 582 404 bd->old_entries = bd->entries; ··· 585 407 bd->new = 1-bd->new; 586 408 bd->swap_time = seconds_since_boot(); 587 409 } 588 588 - spin_unlock(&state_lock); 410 410 + spin_unlock(&blocked_delegations_lock); 589 411 } 590 412 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0); 591 413 if (test_bit(hash&255, bd->set[0]) && ··· 608 430 609 431 hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0); 610 432 433 433 + spin_lock(&blocked_delegations_lock); 611 434 __set_bit(hash&255, bd->set[bd->new]); 612 435 __set_bit((hash>>8)&255, bd->set[bd->new]); 613 436 __set_bit((hash>>16)&255, bd->set[bd->new]); 614 437 if (bd->entries == 0) 615 438 bd->swap_time = seconds_since_boot(); 616 439 bd->entries += 1; 440 440 + spin_unlock(&blocked_delegations_lock); 617 441 } 618 442 619 443 static struct nfs4_delegation * 620 620 - alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh) 444 444 + alloc_init_deleg(struct nfs4_client *clp, struct svc_fh *current_fh) 621 445 { 622 446 struct nfs4_delegation *dp; 447 447 + long n; 623 448 624 449 dprintk("NFSD alloc_init_deleg\n"); 625 625 - if (num_delegations > max_delegations) 626 626 - return NULL; 450 450 + n = atomic_long_inc_return(&num_delegations); 451 451 + if (n < 0 || n > max_delegations) 452 452 + goto out_dec; 627 453 if (delegation_blocked(&current_fh->fh_handle)) 628 628 - return NULL; 454 454 + goto out_dec; 629 455 dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab)); 630 456 if (dp == NULL) 631 631 - return dp; 457 457 + goto out_dec; 458 458 + 459 459 + dp->dl_stid.sc_free = nfs4_free_deleg; 632 460 /* 633 461 * delegation seqid's are never incremented. The 4.1 special 634 462 * meaning of seqid 0 isn't meaningful, really, but let's avoid 635 463 * 0 anyway just for consistency and use 1: 636 464 */ 637 465 dp->dl_stid.sc_stateid.si_generation = 1; 638 638 - num_delegations++; 639 466 INIT_LIST_HEAD(&dp->dl_perfile); 640 467 INIT_LIST_HEAD(&dp->dl_perclnt); 641 468 INIT_LIST_HEAD(&dp->dl_recall_lru); 642 642 - dp->dl_file = NULL; 643 469 dp->dl_type = NFS4_OPEN_DELEGATE_READ; 644 644 - fh_copy_shallow(&dp->dl_fh, &current_fh->fh_handle); 645 645 - dp->dl_time = 0; 646 646 - atomic_set(&dp->dl_count, 1); 647 647 - nfsd4_init_callback(&dp->dl_recall); 470 470 + INIT_WORK(&dp->dl_recall.cb_work, nfsd4_run_cb_recall); 648 471 return dp; 649 649 - } 650 650 - 651 651 - static void remove_stid(struct nfs4_stid *s) 652 652 - { 653 653 - struct idr *stateids = &s->sc_client->cl_stateids; 654 654 - 655 655 - idr_remove(stateids, s->sc_stateid.si_opaque.so_id); 656 656 - } 657 657 - 658 658 - static void nfs4_free_stid(struct kmem_cache *slab, struct nfs4_stid *s) 659 659 - { 660 660 - kmem_cache_free(slab, s); 472 472 + out_dec: 473 473 + atomic_long_dec(&num_delegations); 474 474 + return NULL; 661 475 } 662 476 663 477 void 664 664 - nfs4_put_delegation(struct nfs4_delegation *dp) 478 478 + nfs4_put_stid(struct nfs4_stid *s) 665 479 { 666 666 - if (atomic_dec_and_test(&dp->dl_count)) { 667 667 - nfs4_free_stid(deleg_slab, &dp->dl_stid); 668 668 - num_delegations--; 480 480 + struct nfs4_file *fp = s->sc_file; 481 481 + struct nfs4_client *clp = s->sc_client; 482 482 + 483 483 + might_lock(&clp->cl_lock); 484 484 + 485 485 + if (!atomic_dec_and_lock(&s->sc_count, &clp->cl_lock)) { 486 486 + wake_up_all(&close_wq); 487 487 + return; 669 488 } 489 489 + idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 490 490 + spin_unlock(&clp->cl_lock); 491 491 + s->sc_free(s); 492 492 + if (fp) 493 493 + put_nfs4_file(fp); 670 494 } 671 495 672 496 static void nfs4_put_deleg_lease(struct nfs4_file *fp) 673 497 { 498 498 + lockdep_assert_held(&state_lock); 499 499 + 674 500 if (!fp->fi_lease) 675 501 return; 676 502 if (atomic_dec_and_test(&fp->fi_delegees)) { ··· 694 512 hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) 695 513 { 696 514 lockdep_assert_held(&state_lock); 515 515 + lockdep_assert_held(&fp->fi_lock); 697 516 517 517 + atomic_inc(&dp->dl_stid.sc_count); 698 518 dp->dl_stid.sc_type = NFS4_DELEG_STID; 699 519 list_add(&dp->dl_perfile, &fp->fi_delegations); 700 520 list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations); 701 521 } 702 522 703 703 - /* Called under the state lock. */ 704 523 static void 705 705 - unhash_delegation(struct nfs4_delegation *dp) 524 524 + unhash_delegation_locked(struct nfs4_delegation *dp) 706 525 { 707 707 - spin_lock(&state_lock); 526 526 + struct nfs4_file *fp = dp->dl_stid.sc_file; 527 527 + 528 528 + lockdep_assert_held(&state_lock); 529 529 + 530 530 + dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; 531 531 + /* Ensure that deleg break won't try to requeue it */ 532 532 + ++dp->dl_time; 533 533 + spin_lock(&fp->fi_lock); 708 534 list_del_init(&dp->dl_perclnt); 535 535 + list_del_init(&dp->dl_recall_lru); 709 536 list_del_init(&dp->dl_perfile); 710 710 - list_del_init(&dp->dl_recall_lru); 711 711 - spin_unlock(&state_lock); 712 712 - if (dp->dl_file) { 713 713 - nfs4_put_deleg_lease(dp->dl_file); 714 714 - put_nfs4_file(dp->dl_file); 715 715 - dp->dl_file = NULL; 716 716 - } 717 717 - } 718 718 - 719 719 - 720 720 - 721 721 - static void destroy_revoked_delegation(struct nfs4_delegation *dp) 722 722 - { 723 723 - list_del_init(&dp->dl_recall_lru); 724 724 - remove_stid(&dp->dl_stid); 725 725 - nfs4_put_delegation(dp); 537 537 + spin_unlock(&fp->fi_lock); 538 538 + if (fp) 539 539 + nfs4_put_deleg_lease(fp); 726 540 } 727 541 728 542 static void destroy_delegation(struct nfs4_delegation *dp) 729 543 { 730 730 - unhash_delegation(dp); 731 731 - remove_stid(&dp->dl_stid); 732 732 - nfs4_put_delegation(dp); 544 544 + spin_lock(&state_lock); 545 545 + unhash_delegation_locked(dp); 546 546 + spin_unlock(&state_lock); 547 547 + nfs4_put_stid(&dp->dl_stid); 733 548 } 734 549 735 550 static void revoke_delegation(struct nfs4_delegation *dp) 736 551 { 737 552 struct nfs4_client *clp = dp->dl_stid.sc_client; 738 553 554 554 + WARN_ON(!list_empty(&dp->dl_recall_lru)); 555 555 + 739 556 if (clp->cl_minorversion == 0) 740 740 - destroy_delegation(dp); 557 557 + nfs4_put_stid(&dp->dl_stid); 741 558 else { 742 742 - unhash_delegation(dp); 743 559 dp->dl_stid.sc_type = NFS4_REVOKED_DELEG_STID; 560 560 + spin_lock(&clp->cl_lock); 744 561 list_add(&dp->dl_recall_lru, &clp->cl_revoked); 562 562 + spin_unlock(&clp->cl_lock); 745 563 } 746 564 } 747 565 ··· 789 607 return access; 790 608 } 791 609 792 792 - static bool 793 793 - test_share(struct nfs4_ol_stateid *stp, struct nfsd4_open *open) { 794 794 - unsigned int access, deny; 795 795 - 796 796 - access = bmap_to_share_mode(stp->st_access_bmap); 797 797 - deny = bmap_to_share_mode(stp->st_deny_bmap); 798 798 - if ((access & open->op_share_deny) || (deny & open->op_share_access)) 799 799 - return false; 800 800 - return true; 801 801 - } 802 802 - 803 610 /* set share access for a given stateid */ 804 611 static inline void 805 612 set_access(u32 access, struct nfs4_ol_stateid *stp) 806 613 { 807 807 - __set_bit(access, &stp->st_access_bmap); 614 614 + unsigned char mask = 1 << access; 615 615 + 616 616 + WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 617 617 + stp->st_access_bmap |= mask; 808 618 } 809 619 810 620 /* clear share access for a given stateid */ 811 621 static inline void 812 622 clear_access(u32 access, struct nfs4_ol_stateid *stp) 813 623 { 814 814 - __clear_bit(access, &stp->st_access_bmap); 624 624 + unsigned char mask = 1 << access; 625 625 + 626 626 + WARN_ON_ONCE(access > NFS4_SHARE_ACCESS_BOTH); 627 627 + stp->st_access_bmap &= ~mask; 815 628 } 816 629 817 630 /* test whether a given stateid has access */ 818 631 static inline bool 819 632 test_access(u32 access, struct nfs4_ol_stateid *stp) 820 633 { 821 821 - return test_bit(access, &stp->st_access_bmap); 634 634 + unsigned char mask = 1 << access; 635 635 + 636 636 + return (bool)(stp->st_access_bmap & mask); 822 637 } 823 638 824 639 /* set share deny for a given stateid */ 825 640 static inline void 826 826 - set_deny(u32 access, struct nfs4_ol_stateid *stp) 641 641 + set_deny(u32 deny, struct nfs4_ol_stateid *stp) 827 642 { 828 828 - __set_bit(access, &stp->st_deny_bmap); 643 643 + unsigned char mask = 1 << deny; 644 644 + 645 645 + WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 646 646 + stp->st_deny_bmap |= mask; 829 647 } 830 648 831 649 /* clear share deny for a given stateid */ 832 650 static inline void 833 833 - clear_deny(u32 access, struct nfs4_ol_stateid *stp) 651 651 + clear_deny(u32 deny, struct nfs4_ol_stateid *stp) 834 652 { 835 835 - __clear_bit(access, &stp->st_deny_bmap); 653 653 + unsigned char mask = 1 << deny; 654 654 + 655 655 + WARN_ON_ONCE(deny > NFS4_SHARE_DENY_BOTH); 656 656 + stp->st_deny_bmap &= ~mask; 836 657 } 837 658 838 659 /* test whether a given stateid is denying specific access */ 839 660 static inline bool 840 840 - test_deny(u32 access, struct nfs4_ol_stateid *stp) 661 661 + test_deny(u32 deny, struct nfs4_ol_stateid *stp) 841 662 { 842 842 - return test_bit(access, &stp->st_deny_bmap); 663 663 + unsigned char mask = 1 << deny; 664 664 + 665 665 + return (bool)(stp->st_deny_bmap & mask); 843 666 } 844 667 845 668 static int nfs4_access_to_omode(u32 access) ··· 861 674 return O_RDONLY; 862 675 } 863 676 677 677 + /* 678 678 + * A stateid that had a deny mode associated with it is being released 679 679 + * or downgraded. Recalculate the deny mode on the file. 680 680 + */ 681 681 + static void 682 682 + recalculate_deny_mode(struct nfs4_file *fp) 683 683 + { 684 684 + struct nfs4_ol_stateid *stp; 685 685 + 686 686 + spin_lock(&fp->fi_lock); 687 687 + fp->fi_share_deny = 0; 688 688 + list_for_each_entry(stp, &fp->fi_stateids, st_perfile) 689 689 + fp->fi_share_deny |= bmap_to_share_mode(stp->st_deny_bmap); 690 690 + spin_unlock(&fp->fi_lock); 691 691 + } 692 692 + 693 693 + static void 694 694 + reset_union_bmap_deny(u32 deny, struct nfs4_ol_stateid *stp) 695 695 + { 696 696 + int i; 697 697 + bool change = false; 698 698 + 699 699 + for (i = 1; i < 4; i++) { 700 700 + if ((i & deny) != i) { 701 701 + change = true; 702 702 + clear_deny(i, stp); 703 703 + } 704 704 + } 705 705 + 706 706 + /* Recalculate per-file deny mode if there was a change */ 707 707 + if (change) 708 708 + recalculate_deny_mode(stp->st_stid.sc_file); 709 709 + } 710 710 + 864 711 /* release all access and file references for a given stateid */ 865 712 static void 866 713 release_all_access(struct nfs4_ol_stateid *stp) 867 714 { 868 715 int i; 716 716 + struct nfs4_file *fp = stp->st_stid.sc_file; 717 717 + 718 718 + if (fp && stp->st_deny_bmap != 0) 719 719 + recalculate_deny_mode(fp); 869 720 870 721 for (i = 1; i < 4; i++) { 871 722 if (test_access(i, stp)) 872 872 - nfs4_file_put_access(stp->st_file, 873 873 - nfs4_access_to_omode(i)); 723 723 + nfs4_file_put_access(stp->st_stid.sc_file, i); 874 724 clear_access(i, stp); 875 725 } 876 726 } 877 727 878 878 - static void unhash_generic_stateid(struct nfs4_ol_stateid *stp) 728 728 + static void nfs4_put_stateowner(struct nfs4_stateowner *sop) 879 729 { 730 730 + struct nfs4_client *clp = sop->so_client; 731 731 + 732 732 + might_lock(&clp->cl_lock); 733 733 + 734 734 + if (!atomic_dec_and_lock(&sop->so_count, &clp->cl_lock)) 735 735 + return; 736 736 + sop->so_ops->so_unhash(sop); 737 737 + spin_unlock(&clp->cl_lock); 738 738 + kfree(sop->so_owner.data); 739 739 + sop->so_ops->so_free(sop); 740 740 + } 741 741 + 742 742 + static void unhash_ol_stateid(struct nfs4_ol_stateid *stp) 743 743 + { 744 744 + struct nfs4_file *fp = stp->st_stid.sc_file; 745 745 + 746 746 + lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); 747 747 + 748 748 + spin_lock(&fp->fi_lock); 880 749 list_del(&stp->st_perfile); 750 750 + spin_unlock(&fp->fi_lock); 881 751 list_del(&stp->st_perstateowner); 882 752 } 883 753 884 884 - static void close_generic_stateid(struct nfs4_ol_stateid *stp) 754 754 + static void nfs4_free_ol_stateid(struct nfs4_stid *stid) 885 755 { 756 756 + struct nfs4_ol_stateid *stp = openlockstateid(stid); 757 757 + 886 758 release_all_access(stp); 887 887 - put_nfs4_file(stp->st_file); 888 888 - stp->st_file = NULL; 759 759 + if (stp->st_stateowner) 760 760 + nfs4_put_stateowner(stp->st_stateowner); 761 761 + kmem_cache_free(stateid_slab, stid); 889 762 } 890 763 891 891 - static void free_generic_stateid(struct nfs4_ol_stateid *stp) 764 764 + static void nfs4_free_lock_stateid(struct nfs4_stid *stid) 892 765 { 893 893 - remove_stid(&stp->st_stid); 894 894 - nfs4_free_stid(stateid_slab, &stp->st_stid); 766 766 + struct nfs4_ol_stateid *stp = openlockstateid(stid); 767 767 + struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 768 768 + struct file *file; 769 769 + 770 770 + file = find_any_file(stp->st_stid.sc_file); 771 771 + if (file) 772 772 + filp_close(file, (fl_owner_t)lo); 773 773 + nfs4_free_ol_stateid(stid); 774 774 + } 775 775 + 776 776 + /* 777 777 + * Put the persistent reference to an already unhashed generic stateid, while 778 778 + * holding the cl_lock. If it's the last reference, then put it onto the 779 779 + * reaplist for later destruction. 780 780 + */ 781 781 + static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, 782 782 + struct list_head *reaplist) 783 783 + { 784 784 + struct nfs4_stid *s = &stp->st_stid; 785 785 + struct nfs4_client *clp = s->sc_client; 786 786 + 787 787 + lockdep_assert_held(&clp->cl_lock); 788 788 + 789 789 + WARN_ON_ONCE(!list_empty(&stp->st_locks)); 790 790 + 791 791 + if (!atomic_dec_and_test(&s->sc_count)) { 792 792 + wake_up_all(&close_wq); 793 793 + return; 794 794 + } 795 795 + 796 796 + idr_remove(&clp->cl_stateids, s->sc_stateid.si_opaque.so_id); 797 797 + list_add(&stp->st_locks, reaplist); 798 798 + } 799 799 + 800 800 + static void unhash_lock_stateid(struct nfs4_ol_stateid *stp) 801 801 + { 802 802 + struct nfs4_openowner *oo = openowner(stp->st_openstp->st_stateowner); 803 803 + 804 804 + lockdep_assert_held(&oo->oo_owner.so_client->cl_lock); 805 805 + 806 806 + list_del_init(&stp->st_locks); 807 807 + unhash_ol_stateid(stp); 808 808 + unhash_stid(&stp->st_stid); 895 809 } 896 810 897 811 static void release_lock_stateid(struct nfs4_ol_stateid *stp) 898 812 { 899 899 - struct file *file; 813 813 + struct nfs4_openowner *oo = openowner(stp->st_openstp->st_stateowner); 900 814 901 901 - unhash_generic_stateid(stp); 902 902 - unhash_stid(&stp->st_stid); 903 903 - file = find_any_file(stp->st_file); 904 904 - if (file) 905 905 - locks_remove_posix(file, (fl_owner_t)lockowner(stp->st_stateowner)); 906 906 - close_generic_stateid(stp); 907 907 - free_generic_stateid(stp); 815 815 + spin_lock(&oo->oo_owner.so_client->cl_lock); 816 816 + unhash_lock_stateid(stp); 817 817 + spin_unlock(&oo->oo_owner.so_client->cl_lock); 818 818 + nfs4_put_stid(&stp->st_stid); 908 819 } 909 820 910 910 - static void unhash_lockowner(struct nfs4_lockowner *lo) 821 821 + static void unhash_lockowner_locked(struct nfs4_lockowner *lo) 822 822 + { 823 823 + struct nfs4_client *clp = lo->lo_owner.so_client; 824 824 + 825 825 + lockdep_assert_held(&clp->cl_lock); 826 826 + 827 827 + list_del_init(&lo->lo_owner.so_strhash); 828 828 + } 829 829 + 830 830 + /* 831 831 + * Free a list of generic stateids that were collected earlier after being 832 832 + * fully unhashed. 833 833 + */ 834 834 + static void 835 835 + free_ol_stateid_reaplist(struct list_head *reaplist) 911 836 { 912 837 struct nfs4_ol_stateid *stp; 838 838 + struct nfs4_file *fp; 913 839 914 914 - list_del(&lo->lo_owner.so_strhash); 915 915 - list_del(&lo->lo_perstateid); 916 916 - list_del(&lo->lo_owner_ino_hash); 917 917 - while (!list_empty(&lo->lo_owner.so_stateids)) { 918 918 - stp = list_first_entry(&lo->lo_owner.so_stateids, 919 919 - struct nfs4_ol_stateid, st_perstateowner); 920 920 - release_lock_stateid(stp); 840 840 + might_sleep(); 841 841 + 842 842 + while (!list_empty(reaplist)) { 843 843 + stp = list_first_entry(reaplist, struct nfs4_ol_stateid, 844 844 + st_locks); 845 845 + list_del(&stp->st_locks); 846 846 + fp = stp->st_stid.sc_file; 847 847 + stp->st_stid.sc_free(&stp->st_stid); 848 848 + if (fp) 849 849 + put_nfs4_file(fp); 921 850 } 922 922 - } 923 923 - 924 924 - static void nfs4_free_lockowner(struct nfs4_lockowner *lo) 925 925 - { 926 926 - kfree(lo->lo_owner.so_owner.data); 927 927 - kmem_cache_free(lockowner_slab, lo); 928 851 } 929 852 930 853 static void release_lockowner(struct nfs4_lockowner *lo) 931 854 { 932 932 - unhash_lockowner(lo); 933 933 - nfs4_free_lockowner(lo); 855 855 + struct nfs4_client *clp = lo->lo_owner.so_client; 856 856 + struct nfs4_ol_stateid *stp; 857 857 + struct list_head reaplist; 858 858 + 859 859 + INIT_LIST_HEAD(&reaplist); 860 860 + 861 861 + spin_lock(&clp->cl_lock); 862 862 + unhash_lockowner_locked(lo); 863 863 + while (!list_empty(&lo->lo_owner.so_stateids)) { 864 864 + stp = list_first_entry(&lo->lo_owner.so_stateids, 865 865 + struct nfs4_ol_stateid, st_perstateowner); 866 866 + unhash_lock_stateid(stp); 867 867 + put_ol_stateid_locked(stp, &reaplist); 868 868 + } 869 869 + spin_unlock(&clp->cl_lock); 870 870 + free_ol_stateid_reaplist(&reaplist); 871 871 + nfs4_put_stateowner(&lo->lo_owner); 934 872 } 935 873 936 936 - static void 937 937 - release_stateid_lockowners(struct nfs4_ol_stateid *open_stp) 874 874 + static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, 875 875 + struct list_head *reaplist) 938 876 { 939 939 - struct nfs4_lockowner *lo; 877 877 + struct nfs4_ol_stateid *stp; 940 878 941 941 - while (!list_empty(&open_stp->st_lockowners)) { 942 942 - lo = list_entry(open_stp->st_lockowners.next, 943 943 - struct nfs4_lockowner, lo_perstateid); 944 944 - release_lockowner(lo); 879 879 + while (!list_empty(&open_stp->st_locks)) { 880 880 + stp = list_entry(open_stp->st_locks.next, 881 881 + struct nfs4_ol_stateid, st_locks); 882 882 + unhash_lock_stateid(stp); 883 883 + put_ol_stateid_locked(stp, reaplist); 945 884 } 946 885 } 947 886 948 948 - static void unhash_open_stateid(struct nfs4_ol_stateid *stp) 887 887 + static void unhash_open_stateid(struct nfs4_ol_stateid *stp, 888 888 + struct list_head *reaplist) 949 889 { 950 950 - unhash_generic_stateid(stp); 951 951 - release_stateid_lockowners(stp); 952 952 - close_generic_stateid(stp); 890 890 + lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); 891 891 + 892 892 + unhash_ol_stateid(stp); 893 893 + release_open_stateid_locks(stp, reaplist); 953 894 } 954 895 955 896 static void release_open_stateid(struct nfs4_ol_stateid *stp) 956 897 { 957 957 - unhash_open_stateid(stp); 958 958 - free_generic_stateid(stp); 898 898 + LIST_HEAD(reaplist); 899 899 + 900 900 + spin_lock(&stp->st_stid.sc_client->cl_lock); 901 901 + unhash_open_stateid(stp, &reaplist); 902 902 + put_ol_stateid_locked(stp, &reaplist); 903 903 + spin_unlock(&stp->st_stid.sc_client->cl_lock); 904 904 + free_ol_stateid_reaplist(&reaplist); 959 905 } 960 906 961 961 - static void unhash_openowner(struct nfs4_openowner *oo) 907 907 + static void unhash_openowner_locked(struct nfs4_openowner *oo) 962 908 { 963 963 - struct nfs4_ol_stateid *stp; 909 909 + struct nfs4_client *clp = oo->oo_owner.so_client; 964 910 965 965 - list_del(&oo->oo_owner.so_strhash); 966 966 - list_del(&oo->oo_perclient); 967 967 - while (!list_empty(&oo->oo_owner.so_stateids)) { 968 968 - stp = list_first_entry(&oo->oo_owner.so_stateids, 969 969 - struct nfs4_ol_stateid, st_perstateowner); 970 970 - release_open_stateid(stp); 971 971 - } 911 911 + lockdep_assert_held(&clp->cl_lock); 912 912 + 913 913 + list_del_init(&oo->oo_owner.so_strhash); 914 914 + list_del_init(&oo->oo_perclient); 972 915 } 973 916 974 917 static void release_last_closed_stateid(struct nfs4_openowner *oo) 975 918 { 976 976 - struct nfs4_ol_stateid *s = oo->oo_last_closed_stid; 919 919 + struct nfsd_net *nn = net_generic(oo->oo_owner.so_client->net, 920 920 + nfsd_net_id); 921 921 + struct nfs4_ol_stateid *s; 977 922 923 923 + spin_lock(&nn->client_lock); 924 924 + s = oo->oo_last_closed_stid; 978 925 if (s) { 979 979 - free_generic_stateid(s); 926 926 + list_del_init(&oo->oo_close_lru); 980 927 oo->oo_last_closed_stid = NULL; 981 928 } 982 982 - } 983 983 - 984 984 - static void nfs4_free_openowner(struct nfs4_openowner *oo) 985 985 - { 986 986 - kfree(oo->oo_owner.so_owner.data); 987 987 - kmem_cache_free(openowner_slab, oo); 929 929 + spin_unlock(&nn->client_lock); 930 930 + if (s) 931 931 + nfs4_put_stid(&s->st_stid); 988 932 } 989 933 990 934 static void release_openowner(struct nfs4_openowner *oo) 991 935 { 992 992 - unhash_openowner(oo); 993 993 - list_del(&oo->oo_close_lru); 936 936 + struct nfs4_ol_stateid *stp; 937 937 + struct nfs4_client *clp = oo->oo_owner.so_client; 938 938 + struct list_head reaplist; 939 939 + 940 940 + INIT_LIST_HEAD(&reaplist); 941 941 + 942 942 + spin_lock(&clp->cl_lock); 943 943 + unhash_openowner_locked(oo); 944 944 + while (!list_empty(&oo->oo_owner.so_stateids)) { 945 945 + stp = list_first_entry(&oo->oo_owner.so_stateids, 946 946 + struct nfs4_ol_stateid, st_perstateowner); 947 947 + unhash_open_stateid(stp, &reaplist); 948 948 + put_ol_stateid_locked(stp, &reaplist); 949 949 + } 950 950 + spin_unlock(&clp->cl_lock); 951 951 + free_ol_stateid_reaplist(&reaplist); 994 952 release_last_closed_stateid(oo); 995 995 - nfs4_free_openowner(oo); 953 953 + nfs4_put_stateowner(&oo->oo_owner); 996 954 } 997 955 998 956 static inline int ··· 1174 842 return; 1175 843 1176 844 if (!seqid_mutating_err(ntohl(nfserr))) { 1177 1177 - cstate->replay_owner = NULL; 845 845 + nfsd4_cstate_clear_replay(cstate); 1178 846 return; 1179 847 } 1180 848 if (!so) ··· 1362 1030 if (ret) 1363 1031 /* oops; xprt is already down: */ 1364 1032 nfsd4_conn_lost(&conn->cn_xpt_user); 1365 1365 - if (conn->cn_flags & NFS4_CDFC4_BACK) { 1366 1366 - /* callback channel may be back up */ 1367 1367 - nfsd4_probe_callback(ses->se_client); 1368 1368 - } 1033 1033 + /* We may have gained or lost a callback channel: */ 1034 1034 + nfsd4_probe_callback_sync(ses->se_client); 1369 1035 } 1370 1036 1371 1037 static struct nfsd4_conn *alloc_conn_from_crses(struct svc_rqst *rqstp, struct nfsd4_create_session *cses) ··· 1403 1073 1404 1074 static void free_session(struct nfsd4_session *ses) 1405 1075 { 1406 1406 - struct nfsd_net *nn = net_generic(ses->se_client->net, nfsd_net_id); 1407 1407 - 1408 1408 - lockdep_assert_held(&nn->client_lock); 1409 1076 nfsd4_del_conns(ses); 1410 1077 nfsd4_put_drc_mem(&ses->se_fchannel); 1411 1078 __free_session(ses); ··· 1424 1097 new->se_cb_sec = cses->cb_sec; 1425 1098 atomic_set(&new->se_ref, 0); 1426 1099 idx = hash_sessionid(&new->se_sessionid); 1427 1427 - spin_lock(&nn->client_lock); 1428 1100 list_add(&new->se_hash, &nn->sessionid_hashtbl[idx]); 1429 1101 spin_lock(&clp->cl_lock); 1430 1102 list_add(&new->se_perclnt, &clp->cl_sessions); 1431 1103 spin_unlock(&clp->cl_lock); 1432 1432 - spin_unlock(&nn->client_lock); 1433 1104 1434 1105 if (cses->flags & SESSION4_BACK_CHAN) { 1435 1106 struct sockaddr *sa = svc_addr(rqstp); ··· 1445 1120 1446 1121 /* caller must hold client_lock */ 1447 1122 static struct nfsd4_session * 1448 1448 - find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1123 1123 + __find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net) 1449 1124 { 1450 1125 struct nfsd4_session *elem; 1451 1126 int idx; 1452 1127 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1128 1128 + 1129 1129 + lockdep_assert_held(&nn->client_lock); 1453 1130 1454 1131 dump_sessionid(__func__, sessionid); 1455 1132 idx = hash_sessionid(sessionid); ··· 1467 1140 return NULL; 1468 1141 } 1469 1142 1143 1143 + static struct nfsd4_session * 1144 1144 + find_in_sessionid_hashtbl(struct nfs4_sessionid *sessionid, struct net *net, 1145 1145 + __be32 *ret) 1146 1146 + { 1147 1147 + struct nfsd4_session *session; 1148 1148 + __be32 status = nfserr_badsession; 1149 1149 + 1150 1150 + session = __find_in_sessionid_hashtbl(sessionid, net); 1151 1151 + if (!session) 1152 1152 + goto out; 1153 1153 + status = nfsd4_get_session_locked(session); 1154 1154 + if (status) 1155 1155 + session = NULL; 1156 1156 + out: 1157 1157 + *ret = status; 1158 1158 + return session; 1159 1159 + } 1160 1160 + 1470 1161 /* caller must hold client_lock */ 1471 1162 static void 1472 1163 unhash_session(struct nfsd4_session *ses) 1473 1164 { 1165 1165 + struct nfs4_client *clp = ses->se_client; 1166 1166 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1167 1167 + 1168 1168 + lockdep_assert_held(&nn->client_lock); 1169 1169 + 1474 1170 list_del(&ses->se_hash); 1475 1171 spin_lock(&ses->se_client->cl_lock); 1476 1172 list_del(&ses->se_perclnt); ··· 1519 1169 static struct nfs4_client *alloc_client(struct xdr_netobj name) 1520 1170 { 1521 1171 struct nfs4_client *clp; 1172 1172 + int i; 1522 1173 1523 1174 clp = kzalloc(sizeof(struct nfs4_client), GFP_KERNEL); 1524 1175 if (clp == NULL) 1525 1176 return NULL; 1526 1177 clp->cl_name.data = kmemdup(name.data, name.len, GFP_KERNEL); 1527 1527 - if (clp->cl_name.data == NULL) { 1528 1528 - kfree(clp); 1529 1529 - return NULL; 1530 1530 - } 1178 1178 + if (clp->cl_name.data == NULL) 1179 1179 + goto err_no_name; 1180 1180 + clp->cl_ownerstr_hashtbl = kmalloc(sizeof(struct list_head) * 1181 1181 + OWNER_HASH_SIZE, GFP_KERNEL); 1182 1182 + if (!clp->cl_ownerstr_hashtbl) 1183 1183 + goto err_no_hashtbl; 1184 1184 + for (i = 0; i < OWNER_HASH_SIZE; i++) 1185 1185 + INIT_LIST_HEAD(&clp->cl_ownerstr_hashtbl[i]); 1531 1186 clp->cl_name.len = name.len; 1532 1187 INIT_LIST_HEAD(&clp->cl_sessions); 1533 1188 idr_init(&clp->cl_stateids); ··· 1547 1192 spin_lock_init(&clp->cl_lock); 1548 1193 rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table"); 1549 1194 return clp; 1195 1195 + err_no_hashtbl: 1196 1196 + kfree(clp->cl_name.data); 1197 1197 + err_no_name: 1198 1198 + kfree(clp); 1199 1199 + return NULL; 1550 1200 } 1551 1201 1552 1202 static void 1553 1203 free_client(struct nfs4_client *clp) 1554 1204 { 1555 1555 - struct nfsd_net __maybe_unused *nn = net_generic(clp->net, nfsd_net_id); 1556 1556 - 1557 1557 - lockdep_assert_held(&nn->client_lock); 1558 1205 while (!list_empty(&clp->cl_sessions)) { 1559 1206 struct nfsd4_session *ses; 1560 1207 ses = list_entry(clp->cl_sessions.next, struct nfsd4_session, ··· 1567 1210 } 1568 1211 rpc_destroy_wait_queue(&clp->cl_cb_waitq); 1569 1212 free_svc_cred(&clp->cl_cred); 1213 1213 + kfree(clp->cl_ownerstr_hashtbl); 1570 1214 kfree(clp->cl_name.data); 1571 1215 idr_destroy(&clp->cl_stateids); 1572 1216 kfree(clp); 1573 1217 } 1574 1218 1575 1219 /* must be called under the client_lock */ 1576 1576 - static inline void 1220 1220 + static void 1577 1221 unhash_client_locked(struct nfs4_client *clp) 1578 1222 { 1223 1223 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1579 1224 struct nfsd4_session *ses; 1580 1225 1581 1581 - list_del(&clp->cl_lru); 1226 1226 + lockdep_assert_held(&nn->client_lock); 1227 1227 + 1228 1228 + /* Mark the client as expired! */ 1229 1229 + clp->cl_time = 0; 1230 1230 + /* Make it invisible */ 1231 1231 + if (!list_empty(&clp->cl_idhash)) { 1232 1232 + list_del_init(&clp->cl_idhash); 1233 1233 + if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1234 1234 + rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1235 1235 + else 1236 1236 + rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1237 1237 + } 1238 1238 + list_del_init(&clp->cl_lru); 1582 1239 spin_lock(&clp->cl_lock); 1583 1240 list_for_each_entry(ses, &clp->cl_sessions, se_perclnt) 1584 1241 list_del_init(&ses->se_hash); ··· 1600 1229 } 1601 1230 1602 1231 static void 1603 1603 - destroy_client(struct nfs4_client *clp) 1232 1232 + unhash_client(struct nfs4_client *clp) 1233 1233 + { 1234 1234 + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1235 1235 + 1236 1236 + spin_lock(&nn->client_lock); 1237 1237 + unhash_client_locked(clp); 1238 1238 + spin_unlock(&nn->client_lock); 1239 1239 + } 1240 1240 + 1241 1241 + static __be32 mark_client_expired_locked(struct nfs4_client *clp) 1242 1242 + { 1243 1243 + if (atomic_read(&clp->cl_refcount)) 1244 1244 + return nfserr_jukebox; 1245 1245 + unhash_client_locked(clp); 1246 1246 + return nfs_ok; 1247 1247 + } 1248 1248 + 1249 1249 + static void 1250 1250 + __destroy_client(struct nfs4_client *clp) 1604 1251 { 1605 1252 struct nfs4_openowner *oo; 1606 1253 struct nfs4_delegation *dp; 1607 1254 struct list_head reaplist; 1608 1608 - struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1609 1255 1610 1256 INIT_LIST_HEAD(&reaplist); 1611 1257 spin_lock(&state_lock); 1612 1258 while (!list_empty(&clp->cl_delegations)) { 1613 1259 dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); 1614 1614 - list_del_init(&dp->dl_perclnt); 1615 1615 - list_move(&dp->dl_recall_lru, &reaplist); 1260 1260 + unhash_delegation_locked(dp); 1261 1261 + list_add(&dp->dl_recall_lru, &reaplist); 1616 1262 } 1617 1263 spin_unlock(&state_lock); 1618 1264 while (!list_empty(&reaplist)) { 1619 1265 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1620 1620 - destroy_delegation(dp); 1266 1266 + list_del_init(&dp->dl_recall_lru); 1267 1267 + nfs4_put_stid(&dp->dl_stid); 1621 1268 } 1622 1622 - list_splice_init(&clp->cl_revoked, &reaplist); 1623 1623 - while (!list_empty(&reaplist)) { 1269 1269 + while (!list_empty(&clp->cl_revoked)) { 1624 1270 dp = list_entry(reaplist.next, struct nfs4_delegation, dl_recall_lru); 1625 1625 - destroy_revoked_delegation(dp); 1271 1271 + list_del_init(&dp->dl_recall_lru); 1272 1272 + nfs4_put_stid(&dp->dl_stid); 1626 1273 } 1627 1274 while (!list_empty(&clp->cl_openowners)) { 1628 1275 oo = list_entry(clp->cl_openowners.next, struct nfs4_openowner, oo_perclient); 1276 1276 + atomic_inc(&oo->oo_owner.so_count); 1629 1277 release_openowner(oo); 1630 1278 } 1631 1279 nfsd4_shutdown_callback(clp); 1632 1280 if (clp->cl_cb_conn.cb_xprt) 1633 1281 svc_xprt_put(clp->cl_cb_conn.cb_xprt); 1634 1634 - list_del(&clp->cl_idhash); 1635 1635 - if (test_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags)) 1636 1636 - rb_erase(&clp->cl_namenode, &nn->conf_name_tree); 1637 1637 - else 1638 1638 - rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1639 1639 - spin_lock(&nn->client_lock); 1640 1640 - unhash_client_locked(clp); 1641 1641 - WARN_ON_ONCE(atomic_read(&clp->cl_refcount)); 1642 1282 free_client(clp); 1643 1643 - spin_unlock(&nn->client_lock); 1283 1283 + } 1284 1284 + 1285 1285 + static void 1286 1286 + destroy_client(struct nfs4_client *clp) 1287 1287 + { 1288 1288 + unhash_client(clp); 1289 1289 + __destroy_client(clp); 1644 1290 } 1645 1291 1646 1292 static void expire_client(struct nfs4_client *clp) 1647 1293 { 1294 1294 + unhash_client(clp); 1648 1295 nfsd4_client_record_remove(clp); 1649 1649 - destroy_client(clp); 1296 1296 + __destroy_client(clp); 1650 1297 } 1651 1298 1652 1299 static void copy_verf(struct nfs4_client *target, nfs4_verifier *source) ··· 1797 1408 return 0 == strcmp(cl->cl_cred.cr_principal, cr->cr_principal); 1798 1409 } 1799 1410 1800 1800 - static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 1801 1801 - { 1802 1802 - static u32 current_clientid = 1; 1803 1803 - 1804 1804 - clp->cl_clientid.cl_boot = nn->boot_time; 1805 1805 - clp->cl_clientid.cl_id = current_clientid++; 1806 1806 - } 1807 1807 - 1808 1808 - static void gen_confirm(struct nfs4_client *clp) 1411 1411 + static void gen_confirm(struct nfs4_client *clp, struct nfsd_net *nn) 1809 1412 { 1810 1413 __be32 verf[2]; 1811 1811 - static u32 i; 1812 1414 1813 1813 - verf[0] = (__be32)get_seconds(); 1814 1814 - verf[1] = (__be32)i++; 1415 1415 + /* 1416 1416 + * This is opaque to client, so no need to byte-swap. Use 1417 1417 + * __force to keep sparse happy 1418 1418 + */ 1419 1419 + verf[0] = (__force __be32)get_seconds(); 1420 1420 + verf[1] = (__force __be32)nn->clientid_counter; 1815 1421 memcpy(clp->cl_confirm.data, verf, sizeof(clp->cl_confirm.data)); 1816 1422 } 1817 1423 1818 1818 - static struct nfs4_stid *find_stateid(struct nfs4_client *cl, stateid_t *t) 1424 1424 + static void gen_clid(struct nfs4_client *clp, struct nfsd_net *nn) 1425 1425 + { 1426 1426 + clp->cl_clientid.cl_boot = nn->boot_time; 1427 1427 + clp->cl_clientid.cl_id = nn->clientid_counter++; 1428 1428 + gen_confirm(clp, nn); 1429 1429 + } 1430 1430 + 1431 1431 + static struct nfs4_stid * 1432 1432 + find_stateid_locked(struct nfs4_client *cl, stateid_t *t) 1819 1433 { 1820 1434 struct nfs4_stid *ret; 1821 1435 ··· 1828 1436 return ret; 1829 1437 } 1830 1438 1831 1831 - static struct nfs4_stid *find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 1439 1439 + static struct nfs4_stid * 1440 1440 + find_stateid_by_type(struct nfs4_client *cl, stateid_t *t, char typemask) 1832 1441 { 1833 1442 struct nfs4_stid *s; 1834 1443 1835 1835 - s = find_stateid(cl, t); 1836 1836 - if (!s) 1837 1837 - return NULL; 1838 1838 - if (typemask & s->sc_type) 1839 1839 - return s; 1840 1840 - return NULL; 1444 1444 + spin_lock(&cl->cl_lock); 1445 1445 + s = find_stateid_locked(cl, t); 1446 1446 + if (s != NULL) { 1447 1447 + if (typemask & s->sc_type) 1448 1448 + atomic_inc(&s->sc_count); 1449 1449 + else 1450 1450 + s = NULL; 1451 1451 + } 1452 1452 + spin_unlock(&cl->cl_lock); 1453 1453 + return s; 1841 1454 } 1842 1455 1843 1456 static struct nfs4_client *create_client(struct xdr_netobj name, ··· 1852 1455 struct sockaddr *sa = svc_addr(rqstp); 1853 1456 int ret; 1854 1457 struct net *net = SVC_NET(rqstp); 1855 1855 - struct nfsd_net *nn = net_generic(net, nfsd_net_id); 1856 1458 1857 1459 clp = alloc_client(name); 1858 1460 if (clp == NULL) ··· 1859 1463 1860 1464 ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 1861 1465 if (ret) { 1862 1862 - spin_lock(&nn->client_lock); 1863 1466 free_client(clp); 1864 1864 - spin_unlock(&nn->client_lock); 1865 1467 return NULL; 1866 1468 } 1867 1867 - nfsd4_init_callback(&clp->cl_cb_null); 1469 1469 + INIT_WORK(&clp->cl_cb_null.cb_work, nfsd4_run_cb_null); 1868 1470 clp->cl_time = get_seconds(); 1869 1471 clear_bit(0, &clp->cl_cb_slot_busy); 1870 1472 copy_verf(clp, verf); 1871 1473 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 1872 1872 - gen_confirm(clp); 1873 1474 clp->cl_cb_session = NULL; 1874 1475 clp->net = net; 1875 1476 return clp; ··· 1918 1525 unsigned int idhashval; 1919 1526 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1920 1527 1528 1528 + lockdep_assert_held(&nn->client_lock); 1529 1529 + 1921 1530 clear_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 1922 1531 add_clp_to_name_tree(clp, &nn->unconf_name_tree); 1923 1532 idhashval = clientid_hashval(clp->cl_clientid.cl_id); 1924 1533 list_add(&clp->cl_idhash, &nn->unconf_id_hashtbl[idhashval]); 1925 1925 - renew_client(clp); 1534 1534 + renew_client_locked(clp); 1926 1535 } 1927 1536 1928 1537 static void ··· 1933 1538 unsigned int idhashval = clientid_hashval(clp->cl_clientid.cl_id); 1934 1539 struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 1935 1540 1541 1541 + lockdep_assert_held(&nn->client_lock); 1542 1542 + 1936 1543 dprintk("NFSD: move_to_confirm nfs4_client %p\n", clp); 1937 1544 list_move(&clp->cl_idhash, &nn->conf_id_hashtbl[idhashval]); 1938 1545 rb_erase(&clp->cl_namenode, &nn->unconf_name_tree); 1939 1546 add_clp_to_name_tree(clp, &nn->conf_name_tree); 1940 1547 set_bit(NFSD4_CLIENT_CONFIRMED, &clp->cl_flags); 1941 1941 - renew_client(clp); 1548 1548 + renew_client_locked(clp); 1942 1549 } 1943 1550 1944 1551 static struct nfs4_client * ··· 1953 1556 if (same_clid(&clp->cl_clientid, clid)) { 1954 1557 if ((bool)clp->cl_minorversion != sessions) 1955 1558 return NULL; 1956 1956 - renew_client(clp); 1559 1559 + renew_client_locked(clp); 1957 1560 return clp; 1958 1561 } 1959 1562 } ··· 1965 1568 { 1966 1569 struct list_head *tbl = nn->conf_id_hashtbl; 1967 1570 1571 1571 + lockdep_assert_held(&nn->client_lock); 1968 1572 return find_client_in_id_table(tbl, clid, sessions); 1969 1573 } 1970 1574 ··· 1974 1576 { 1975 1577 struct list_head *tbl = nn->unconf_id_hashtbl; 1976 1578 1579 1579 + lockdep_assert_held(&nn->client_lock); 1977 1580 return find_client_in_id_table(tbl, clid, sessions); 1978 1581 } 1979 1582 ··· 1986 1587 static struct nfs4_client * 1987 1588 find_confirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 1988 1589 { 1590 1590 + lockdep_assert_held(&nn->client_lock); 1989 1591 return find_clp_in_name_tree(name, &nn->conf_name_tree); 1990 1592 } 1991 1593 1992 1594 static struct nfs4_client * 1993 1595 find_unconfirmed_client_by_name(struct xdr_netobj *name, struct nfsd_net *nn) 1994 1596 { 1597 1597 + lockdep_assert_held(&nn->client_lock); 1995 1598 return find_clp_in_name_tree(name, &nn->unconf_name_tree); 1996 1599 } 1997 1600 ··· 2043 1642 /* 2044 1643 * Cache a reply. nfsd4_check_resp_size() has bounded the cache size. 2045 1644 */ 2046 2046 - void 1645 1645 + static void 2047 1646 nfsd4_store_cache_entry(struct nfsd4_compoundres *resp) 2048 1647 { 2049 1648 struct xdr_buf *buf = resp->xdr.buf; ··· 2159 1758 struct nfsd4_compound_state *cstate, 2160 1759 struct nfsd4_exchange_id *exid) 2161 1760 { 2162 2162 - struct nfs4_client *unconf, *conf, *new; 1761 1761 + struct nfs4_client *conf, *new; 1762 1762 + struct nfs4_client *unconf = NULL; 2163 1763 __be32 status; 2164 1764 char addr_str[INET6_ADDRSTRLEN]; 2165 1765 nfs4_verifier verf = exid->verifier; ··· 2189 1787 return nfserr_encr_alg_unsupp; 2190 1788 } 2191 1789 1790 1790 + new = create_client(exid->clname, rqstp, &verf); 1791 1791 + if (new == NULL) 1792 1792 + return nfserr_jukebox; 1793 1793 + 2192 1794 /* Cases below refer to rfc 5661 section 18.35.4: */ 2193 2193 - nfs4_lock_state(); 1795 1795 + spin_lock(&nn->client_lock); 2194 1796 conf = find_confirmed_client_by_name(&exid->clname, nn); 2195 1797 if (conf) { 2196 1798 bool creds_match = same_creds(&conf->cl_cred, &rqstp->rq_cred); ··· 2219 1813 } 2220 1814 /* case 6 */ 2221 1815 exid->flags |= EXCHGID4_FLAG_CONFIRMED_R; 2222 2222 - new = conf; 2223 1816 goto out_copy; 2224 1817 } 2225 1818 if (!creds_match) { /* case 3 */ ··· 2226 1821 status = nfserr_clid_inuse; 2227 1822 goto out; 2228 1823 } 2229 2229 - expire_client(conf); 2230 1824 goto out_new; 2231 1825 } 2232 1826 if (verfs_match) { /* case 2 */ 2233 1827 conf->cl_exchange_flags |= EXCHGID4_FLAG_CONFIRMED_R; 2234 2234 - new = conf; 2235 1828 goto out_copy; 2236 1829 } 2237 1830 /* case 5, client reboot */ 1831 1831 + conf = NULL; 2238 1832 goto out_new; 2239 1833 } 2240 1834 ··· 2244 1840 2245 1841 unconf = find_unconfirmed_client_by_name(&exid->clname, nn); 2246 1842 if (unconf) /* case 4, possible retry or client restart */ 2247 2247 - expire_client(unconf); 1843 1843 + unhash_client_locked(unconf); 2248 1844 2249 1845 /* case 1 (normal case) */ 2250 1846 out_new: 2251 2251 - new = create_client(exid->clname, rqstp, &verf); 2252 2252 - if (new == NULL) { 2253 2253 - status = nfserr_jukebox; 2254 2254 - goto out; 1847 1847 + if (conf) { 1848 1848 + status = mark_client_expired_locked(conf); 1849 1849 + if (status) 1850 1850 + goto out; 2255 1851 } 2256 1852 new->cl_minorversion = cstate->minorversion; 2257 1853 new->cl_mach_cred = (exid->spa_how == SP4_MACH_CRED); 2258 1854 2259 1855 gen_clid(new, nn); 2260 1856 add_to_unconfirmed(new); 1857 1857 + swap(new, conf); 2261 1858 out_copy: 2262 2262 - exid->clientid.cl_boot = new->cl_clientid.cl_boot; 2263 2263 - exid->clientid.cl_id = new->cl_clientid.cl_id; 1859 1859 + exid->clientid.cl_boot = conf->cl_clientid.cl_boot; 1860 1860 + exid->clientid.cl_id = conf->cl_clientid.cl_id; 2264 1861 2265 2265 - exid->seqid = new->cl_cs_slot.sl_seqid + 1; 2266 2266 - nfsd4_set_ex_flags(new, exid); 1862 1862 + exid->seqid = conf->cl_cs_slot.sl_seqid + 1; 1863 1863 + nfsd4_set_ex_flags(conf, exid); 2267 1864 2268 1865 dprintk("nfsd4_exchange_id seqid %d flags %x\n", 2269 2269 - new->cl_cs_slot.sl_seqid, new->cl_exchange_flags); 1866 1866 + conf->cl_cs_slot.sl_seqid, conf->cl_exchange_flags); 2270 1867 status = nfs_ok; 2271 1868 2272 1869 out: 2273 2273 - nfs4_unlock_state(); 1870 1870 + spin_unlock(&nn->client_lock); 1871 1871 + if (new) 1872 1872 + expire_client(new); 1873 1873 + if (unconf) 1874 1874 + expire_client(unconf); 2274 1875 return status; 2275 1876 } 2276 1877 ··· 2419 2010 { 2420 2011 struct sockaddr *sa = svc_addr(rqstp); 2421 2012 struct nfs4_client *conf, *unconf; 2013 2013 + struct nfs4_client *old = NULL; 2422 2014 struct nfsd4_session *new; 2423 2015 struct nfsd4_conn *conn; 2424 2016 struct nfsd4_clid_slot *cs_slot = NULL; ··· 2445 2035 if (!conn) 2446 2036 goto out_free_session; 2447 2037 2448 2448 - nfs4_lock_state(); 2038 2038 + spin_lock(&nn->client_lock); 2449 2039 unconf = find_unconfirmed_client(&cr_ses->clientid, true, nn); 2450 2040 conf = find_confirmed_client(&cr_ses->clientid, true, nn); 2451 2041 WARN_ON_ONCE(conf && unconf); ··· 2464 2054 goto out_free_conn; 2465 2055 } 2466 2056 } else if (unconf) { 2467 2467 - struct nfs4_client *old; 2468 2057 if (!same_creds(&unconf->cl_cred, &rqstp->rq_cred) || 2469 2058 !rpc_cmp_addr(sa, (struct sockaddr *) &unconf->cl_addr)) { 2470 2059 status = nfserr_clid_inuse; ··· 2481 2072 } 2482 2073 old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2483 2074 if (old) { 2484 2484 - status = mark_client_expired(old); 2485 2485 - if (status) 2075 2075 + status = mark_client_expired_locked(old); 2076 2076 + if (status) { 2077 2077 + old = NULL; 2486 2078 goto out_free_conn; 2487 2487 - expire_client(old); 2079 2079 + } 2488 2080 } 2489 2081 move_to_confirmed(unconf); 2490 2082 conf = unconf; ··· 2501 2091 cr_ses->flags &= ~SESSION4_RDMA; 2502 2092 2503 2093 init_session(rqstp, new, conf, cr_ses); 2504 2504 - nfsd4_init_conn(rqstp, conn, new); 2094 2094 + nfsd4_get_session_locked(new); 2505 2095 2506 2096 memcpy(cr_ses->sessionid.data, new->se_sessionid.data, 2507 2097 NFS4_MAX_SESSIONID_LEN); 2508 2098 cs_slot->sl_seqid++; 2509 2099 cr_ses->seqid = cs_slot->sl_seqid; 2510 2100 2511 2511 - /* cache solo and embedded create sessions under the state lock */ 2101 2101 + /* cache solo and embedded create sessions under the client_lock */ 2512 2102 nfsd4_cache_create_session(cr_ses, cs_slot, status); 2513 2513 - nfs4_unlock_state(); 2103 2103 + spin_unlock(&nn->client_lock); 2104 2104 + /* init connection and backchannel */ 2105 2105 + nfsd4_init_conn(rqstp, conn, new); 2106 2106 + nfsd4_put_session(new); 2107 2107 + if (old) 2108 2108 + expire_client(old); 2514 2109 return status; 2515 2110 out_free_conn: 2516 2516 - nfs4_unlock_state(); 2111 2111 + spin_unlock(&nn->client_lock); 2517 2112 free_conn(conn); 2113 2113 + if (old) 2114 2114 + expire_client(old); 2518 2115 out_free_session: 2519 2116 __free_session(new); 2520 2117 out_release_drc_mem: ··· 2569 2152 __be32 status; 2570 2153 struct nfsd4_conn *conn; 2571 2154 struct nfsd4_session *session; 2572 2572 - struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2155 2155 + struct net *net = SVC_NET(rqstp); 2156 2156 + struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2573 2157 2574 2158 if (!nfsd4_last_compound_op(rqstp)) 2575 2159 return nfserr_not_only_op; 2576 2576 - nfs4_lock_state(); 2577 2160 spin_lock(&nn->client_lock); 2578 2578 - session = find_in_sessionid_hashtbl(&bcts->sessionid, SVC_NET(rqstp)); 2161 2161 + session = find_in_sessionid_hashtbl(&bcts->sessionid, net, &status); 2579 2162 spin_unlock(&nn->client_lock); 2580 2580 - status = nfserr_badsession; 2581 2163 if (!session) 2582 2582 - goto out; 2164 2164 + goto out_no_session; 2583 2165 status = nfserr_wrong_cred; 2584 2166 if (!mach_creds_match(session->se_client, rqstp)) 2585 2167 goto out; ··· 2592 2176 nfsd4_init_conn(rqstp, conn, session); 2593 2177 status = nfs_ok; 2594 2178 out: 2595 2595 - nfs4_unlock_state(); 2179 2179 + nfsd4_put_session(session); 2180 2180 + out_no_session: 2596 2181 return status; 2597 2182 } 2598 2183 ··· 2612 2195 struct nfsd4_session *ses; 2613 2196 __be32 status; 2614 2197 int ref_held_by_me = 0; 2615 2615 - struct nfsd_net *nn = net_generic(SVC_NET(r), nfsd_net_id); 2198 2198 + struct net *net = SVC_NET(r); 2199 2199 + struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2616 2200 2617 2617 - nfs4_lock_state(); 2618 2201 status = nfserr_not_only_op; 2619 2202 if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) { 2620 2203 if (!nfsd4_last_compound_op(r)) ··· 2623 2206 } 2624 2207 dump_sessionid(__func__, &sessionid->sessionid); 2625 2208 spin_lock(&nn->client_lock); 2626 2626 - ses = find_in_sessionid_hashtbl(&sessionid->sessionid, SVC_NET(r)); 2627 2627 - status = nfserr_badsession; 2209 2209 + ses = find_in_sessionid_hashtbl(&sessionid->sessionid, net, &status); 2628 2210 if (!ses) 2629 2211 goto out_client_lock; 2630 2212 status = nfserr_wrong_cred; 2631 2213 if (!mach_creds_match(ses->se_client, r)) 2632 2632 - goto out_client_lock; 2633 2633 - nfsd4_get_session_locked(ses); 2214 2214 + goto out_put_session; 2634 2215 status = mark_session_dead_locked(ses, 1 + ref_held_by_me); 2635 2216 if (status) 2636 2217 goto out_put_session; ··· 2640 2225 spin_lock(&nn->client_lock); 2641 2226 status = nfs_ok; 2642 2227 out_put_session: 2643 2643 - nfsd4_put_session(ses); 2228 2228 + nfsd4_put_session_locked(ses); 2644 2229 out_client_lock: 2645 2230 spin_unlock(&nn->client_lock); 2646 2231 out: 2647 2647 - nfs4_unlock_state(); 2648 2232 return status; 2649 2233 } 2650 2234 ··· 2714 2300 struct nfsd4_conn *conn; 2715 2301 __be32 status; 2716 2302 int buflen; 2717 2717 - struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2303 2303 + struct net *net = SVC_NET(rqstp); 2304 2304 + struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2718 2305 2719 2306 if (resp->opcnt != 1) 2720 2307 return nfserr_sequence_pos; ··· 2729 2314 return nfserr_jukebox; 2730 2315 2731 2316 spin_lock(&nn->client_lock); 2732 2732 - status = nfserr_badsession; 2733 2733 - session = find_in_sessionid_hashtbl(&seq->sessionid, SVC_NET(rqstp)); 2317 2317 + session = find_in_sessionid_hashtbl(&seq->sessionid, net, &status); 2734 2318 if (!session) 2735 2319 goto out_no_session; 2736 2320 clp = session->se_client; 2737 2737 - status = get_client_locked(clp); 2738 2738 - if (status) 2739 2739 - goto out_no_session; 2740 2740 - status = nfsd4_get_session_locked(session); 2741 2741 - if (status) 2742 2742 - goto out_put_client; 2743 2321 2744 2322 status = nfserr_too_many_ops; 2745 2323 if (nfsd4_session_too_many_ops(rqstp, session)) ··· 2762 2354 goto out_put_session; 2763 2355 cstate->slot = slot; 2764 2356 cstate->session = session; 2357 2357 + cstate->clp = clp; 2765 2358 /* Return the cached reply status and set cstate->status 2766 2359 * for nfsd4_proc_compound processing */ 2767 2360 status = nfsd4_replay_cache_entry(resp, seq); ··· 2797 2388 2798 2389 cstate->slot = slot; 2799 2390 cstate->session = session; 2391 2391 + cstate->clp = clp; 2800 2392 2801 2393 out: 2802 2394 switch (clp->cl_cb_state) { ··· 2818 2408 spin_unlock(&nn->client_lock); 2819 2409 return status; 2820 2410 out_put_session: 2821 2821 - nfsd4_put_session(session); 2822 2822 - out_put_client: 2823 2823 - put_client_renew_locked(clp); 2411 2411 + nfsd4_put_session_locked(session); 2824 2412 goto out_no_session; 2413 2413 + } 2414 2414 + 2415 2415 + void 2416 2416 + nfsd4_sequence_done(struct nfsd4_compoundres *resp) 2417 2417 + { 2418 2418 + struct nfsd4_compound_state *cs = &resp->cstate; 2419 2419 + 2420 2420 + if (nfsd4_has_session(cs)) { 2421 2421 + if (cs->status != nfserr_replay_cache) { 2422 2422 + nfsd4_store_cache_entry(resp); 2423 2423 + cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 2424 2424 + } 2425 2425 + /* Drop session reference that was taken in nfsd4_sequence() */ 2426 2426 + nfsd4_put_session(cs->session); 2427 2427 + } else if (cs->clp) 2428 2428 + put_client_renew(cs->clp); 2825 2429 } 2826 2430 2827 2431 __be32 2828 2432 nfsd4_destroy_clientid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, struct nfsd4_destroy_clientid *dc) 2829 2433 { 2830 2830 - struct nfs4_client *conf, *unconf, *clp; 2434 2434 + struct nfs4_client *conf, *unconf; 2435 2435 + struct nfs4_client *clp = NULL; 2831 2436 __be32 status = 0; 2832 2437 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2833 2438 2834 2834 - nfs4_lock_state(); 2439 2439 + spin_lock(&nn->client_lock); 2835 2440 unconf = find_unconfirmed_client(&dc->clientid, true, nn); 2836 2441 conf = find_confirmed_client(&dc->clientid, true, nn); 2837 2442 WARN_ON_ONCE(conf && unconf); 2838 2443 2839 2444 if (conf) { 2840 2840 - clp = conf; 2841 2841 - 2842 2445 if (client_has_state(conf)) { 2843 2446 status = nfserr_clientid_busy; 2844 2447 goto out; 2845 2448 } 2449 2449 + status = mark_client_expired_locked(conf); 2450 2450 + if (status) 2451 2451 + goto out; 2452 2452 + clp = conf; 2846 2453 } else if (unconf) 2847 2454 clp = unconf; 2848 2455 else { ··· 2867 2440 goto out; 2868 2441 } 2869 2442 if (!mach_creds_match(clp, rqstp)) { 2443 2443 + clp = NULL; 2870 2444 status = nfserr_wrong_cred; 2871 2445 goto out; 2872 2446 } 2873 2873 - expire_client(clp); 2447 2447 + unhash_client_locked(clp); 2874 2448 out: 2875 2875 - nfs4_unlock_state(); 2449 2449 + spin_unlock(&nn->client_lock); 2450 2450 + if (clp) 2451 2451 + expire_client(clp); 2876 2452 return status; 2877 2453 } 2878 2454 ··· 2894 2464 return nfs_ok; 2895 2465 } 2896 2466 2897 2897 - nfs4_lock_state(); 2898 2467 status = nfserr_complete_already; 2899 2468 if (test_and_set_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, 2900 2469 &cstate->session->se_client->cl_flags)) ··· 2913 2484 status = nfs_ok; 2914 2485 nfsd4_client_record_create(cstate->session->se_client); 2915 2486 out: 2916 2916 - nfs4_unlock_state(); 2917 2487 return status; 2918 2488 } 2919 2489 ··· 2922 2494 { 2923 2495 struct xdr_netobj clname = setclid->se_name; 2924 2496 nfs4_verifier clverifier = setclid->se_verf; 2925 2925 - struct nfs4_client *conf, *unconf, *new; 2497 2497 + struct nfs4_client *conf, *new; 2498 2498 + struct nfs4_client *unconf = NULL; 2926 2499 __be32 status; 2927 2500 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 2928 2501 2502 2502 + new = create_client(clname, rqstp, &clverifier); 2503 2503 + if (new == NULL) 2504 2504 + return nfserr_jukebox; 2929 2505 /* Cases below refer to rfc 3530 section 14.2.33: */ 2930 2930 - nfs4_lock_state(); 2506 2506 + spin_lock(&nn->client_lock); 2931 2507 conf = find_confirmed_client_by_name(&clname, nn); 2932 2508 if (conf) { 2933 2509 /* case 0: */ ··· 2949 2517 } 2950 2518 unconf = find_unconfirmed_client_by_name(&clname, nn); 2951 2519 if (unconf) 2952 2952 - expire_client(unconf); 2953 2953 - status = nfserr_jukebox; 2954 2954 - new = create_client(clname, rqstp, &clverifier); 2955 2955 - if (new == NULL) 2956 2956 - goto out; 2520 2520 + unhash_client_locked(unconf); 2957 2521 if (conf && same_verf(&conf->cl_verifier, &clverifier)) 2958 2522 /* case 1: probable callback update */ 2959 2523 copy_clid(new, conf); ··· 2961 2533 setclid->se_clientid.cl_boot = new->cl_clientid.cl_boot; 2962 2534 setclid->se_clientid.cl_id = new->cl_clientid.cl_id; 2963 2535 memcpy(setclid->se_confirm.data, new->cl_confirm.data, sizeof(setclid->se_confirm.data)); 2536 2536 + new = NULL; 2964 2537 status = nfs_ok; 2965 2538 out: 2966 2966 - nfs4_unlock_state(); 2539 2539 + spin_unlock(&nn->client_lock); 2540 2540 + if (new) 2541 2541 + free_client(new); 2542 2542 + if (unconf) 2543 2543 + expire_client(unconf); 2967 2544 return status; 2968 2545 } 2969 2546 ··· 2979 2546 struct nfsd4_setclientid_confirm *setclientid_confirm) 2980 2547 { 2981 2548 struct nfs4_client *conf, *unconf; 2549 2549 + struct nfs4_client *old = NULL; 2982 2550 nfs4_verifier confirm = setclientid_confirm->sc_confirm; 2983 2551 clientid_t * clid = &setclientid_confirm->sc_clientid; 2984 2552 __be32 status; ··· 2987 2553 2988 2554 if (STALE_CLIENTID(clid, nn)) 2989 2555 return nfserr_stale_clientid; 2990 2990 - nfs4_lock_state(); 2991 2556 2557 2557 + spin_lock(&nn->client_lock); 2992 2558 conf = find_confirmed_client(clid, false, nn); 2993 2559 unconf = find_unconfirmed_client(clid, false, nn); 2994 2560 /* ··· 3012 2578 } 3013 2579 status = nfs_ok; 3014 2580 if (conf) { /* case 1: callback update */ 2581 2581 + old = unconf; 2582 2582 + unhash_client_locked(old); 3015 2583 nfsd4_change_callback(conf, &unconf->cl_cb_conn); 3016 3016 - nfsd4_probe_callback(conf); 3017 3017 - expire_client(unconf); 3018 2584 } else { /* case 3: normal case; new or rebooted client */ 3019 3019 - conf = find_confirmed_client_by_name(&unconf->cl_name, nn); 3020 3020 - if (conf) { 3021 3021 - status = mark_client_expired(conf); 3022 3022 - if (status) 2585 2585 + old = find_confirmed_client_by_name(&unconf->cl_name, nn); 2586 2586 + if (old) { 2587 2587 + status = mark_client_expired_locked(old); 2588 2588 + if (status) { 2589 2589 + old = NULL; 3023 2590 goto out; 3024 3024 - expire_client(conf); 2591 2591 + } 3025 2592 } 3026 2593 move_to_confirmed(unconf); 3027 3027 - nfsd4_probe_callback(unconf); 2594 2594 + conf = unconf; 3028 2595 } 2596 2596 + get_client_locked(conf); 2597 2597 + spin_unlock(&nn->client_lock); 2598 2598 + nfsd4_probe_callback(conf); 2599 2599 + spin_lock(&nn->client_lock); 2600 2600 + put_client_renew_locked(conf); 3029 2601 out: 3030 3030 - nfs4_unlock_state(); 2602 2602 + spin_unlock(&nn->client_lock); 2603 2603 + if (old) 2604 2604 + expire_client(old); 3031 2605 return status; 3032 2606 } 3033 2607 ··· 3045 2603 } 3046 2604 3047 2605 /* OPEN Share state helper functions */ 3048 3048 - static void nfsd4_init_file(struct nfs4_file *fp, struct inode *ino) 2606 2606 + static void nfsd4_init_file(struct nfs4_file *fp, struct knfsd_fh *fh) 3049 2607 { 3050 3050 - unsigned int hashval = file_hashval(ino); 2608 2608 + unsigned int hashval = file_hashval(fh); 2609 2609 + 2610 2610 + lockdep_assert_held(&state_lock); 3051 2611 3052 2612 atomic_set(&fp->fi_ref, 1); 2613 2613 + spin_lock_init(&fp->fi_lock); 3053 2614 INIT_LIST_HEAD(&fp->fi_stateids); 3054 2615 INIT_LIST_HEAD(&fp->fi_delegations); 3055 3055 - fp->fi_inode = igrab(ino); 2616 2616 + fh_copy_shallow(&fp->fi_fhandle, fh); 3056 2617 fp->fi_had_conflict = false; 3057 2618 fp->fi_lease = NULL; 2619 2619 + fp->fi_share_deny = 0; 3058 2620 memset(fp->fi_fds, 0, sizeof(fp->fi_fds)); 3059 2621 memset(fp->fi_access, 0, sizeof(fp->fi_access)); 3060 3060 - spin_lock(&state_lock); 3061 2622 hlist_add_head(&fp->fi_hash, &file_hashtbl[hashval]); 3062 3062 - spin_unlock(&state_lock); 3063 2623 } 3064 2624 3065 2625 void ··· 3117 2673 rp->rp_status = nfserr_serverfault; 3118 2674 rp->rp_buflen = 0; 3119 2675 rp->rp_buf = rp->rp_ibuf; 2676 2676 + mutex_init(&rp->rp_mutex); 2677 2677 + } 2678 2678 + 2679 2679 + static void nfsd4_cstate_assign_replay(struct nfsd4_compound_state *cstate, 2680 2680 + struct nfs4_stateowner *so) 2681 2681 + { 2682 2682 + if (!nfsd4_has_session(cstate)) { 2683 2683 + mutex_lock(&so->so_replay.rp_mutex); 2684 2684 + cstate->replay_owner = so; 2685 2685 + atomic_inc(&so->so_count); 2686 2686 + } 2687 2687 + } 2688 2688 + 2689 2689 + void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate) 2690 2690 + { 2691 2691 + struct nfs4_stateowner *so = cstate->replay_owner; 2692 2692 + 2693 2693 + if (so != NULL) { 2694 2694 + cstate->replay_owner = NULL; 2695 2695 + mutex_unlock(&so->so_replay.rp_mutex); 2696 2696 + nfs4_put_stateowner(so); 2697 2697 + } 3120 2698 } 3121 2699 3122 2700 static inline void *alloc_stateowner(struct kmem_cache *slab, struct xdr_netobj *owner, struct nfs4_client *clp) ··· 3159 2693 INIT_LIST_HEAD(&sop->so_stateids); 3160 2694 sop->so_client = clp; 3161 2695 init_nfs4_replay(&sop->so_replay); 2696 2696 + atomic_set(&sop->so_count, 1); 3162 2697 return sop; 3163 2698 } 3164 2699 3165 2700 static void hash_openowner(struct nfs4_openowner *oo, struct nfs4_client *clp, unsigned int strhashval) 3166 2701 { 3167 3167 - struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 2702 2702 + lockdep_assert_held(&clp->cl_lock); 3168 2703 3169 3169 - list_add(&oo->oo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]); 2704 2704 + list_add(&oo->oo_owner.so_strhash, 2705 2705 + &clp->cl_ownerstr_hashtbl[strhashval]); 3170 2706 list_add(&oo->oo_perclient, &clp->cl_openowners); 3171 2707 } 3172 2708 2709 2709 + static void nfs4_unhash_openowner(struct nfs4_stateowner *so) 2710 2710 + { 2711 2711 + unhash_openowner_locked(openowner(so)); 2712 2712 + } 2713 2713 + 2714 2714 + static void nfs4_free_openowner(struct nfs4_stateowner *so) 2715 2715 + { 2716 2716 + struct nfs4_openowner *oo = openowner(so); 2717 2717 + 2718 2718 + kmem_cache_free(openowner_slab, oo); 2719 2719 + } 2720 2720 + 2721 2721 + static const struct nfs4_stateowner_operations openowner_ops = { 2722 2722 + .so_unhash = nfs4_unhash_openowner, 2723 2723 + .so_free = nfs4_free_openowner, 2724 2724 + }; 2725 2725 + 3173 2726 static struct nfs4_openowner * 3174 3174 - alloc_init_open_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfsd4_open *open) { 3175 3175 - struct nfs4_openowner *oo; 2727 2727 + alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open, 2728 2728 + struct nfsd4_compound_state *cstate) 2729 2729 + { 2730 2730 + struct nfs4_client *clp = cstate->clp; 2731 2731 + struct nfs4_openowner *oo, *ret; 3176 2732 3177 2733 oo = alloc_stateowner(openowner_slab, &open->op_owner, clp); 3178 2734 if (!oo) 3179 2735 return NULL; 2736 2736 + oo->oo_owner.so_ops = &openowner_ops; 3180 2737 oo->oo_owner.so_is_open_owner = 1; 3181 2738 oo->oo_owner.so_seqid = open->op_seqid; 3182 3182 - oo->oo_flags = NFS4_OO_NEW; 2739 2739 + oo->oo_flags = 0; 2740 2740 + if (nfsd4_has_session(cstate)) 2741 2741 + oo->oo_flags |= NFS4_OO_CONFIRMED; 3183 2742 oo->oo_time = 0; 3184 2743 oo->oo_last_closed_stid = NULL; 3185 2744 INIT_LIST_HEAD(&oo->oo_close_lru); 3186 3186 - hash_openowner(oo, clp, strhashval); 2745 2745 + spin_lock(&clp->cl_lock); 2746 2746 + ret = find_openstateowner_str_locked(strhashval, open, clp); 2747 2747 + if (ret == NULL) { 2748 2748 + hash_openowner(oo, clp, strhashval); 2749 2749 + ret = oo; 2750 2750 + } else 2751 2751 + nfs4_free_openowner(&oo->oo_owner); 2752 2752 + spin_unlock(&clp->cl_lock); 3187 2753 return oo; 3188 2754 } 3189 2755 3190 2756 static void init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp, struct nfsd4_open *open) { 3191 2757 struct nfs4_openowner *oo = open->op_openowner; 3192 2758 2759 2759 + atomic_inc(&stp->st_stid.sc_count); 3193 2760 stp->st_stid.sc_type = NFS4_OPEN_STID; 3194 3194 - INIT_LIST_HEAD(&stp->st_lockowners); 3195 3195 - list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 3196 3196 - list_add(&stp->st_perfile, &fp->fi_stateids); 2761 2761 + INIT_LIST_HEAD(&stp->st_locks); 3197 2762 stp->st_stateowner = &oo->oo_owner; 2763 2763 + atomic_inc(&stp->st_stateowner->so_count); 3198 2764 get_nfs4_file(fp); 3199 3199 - stp->st_file = fp; 2765 2765 + stp->st_stid.sc_file = fp; 3200 2766 stp->st_access_bmap = 0; 3201 2767 stp->st_deny_bmap = 0; 3202 3202 - set_access(open->op_share_access, stp); 3203 3203 - set_deny(open->op_share_deny, stp); 3204 2768 stp->st_openstp = NULL; 2769 2769 + spin_lock(&oo->oo_owner.so_client->cl_lock); 2770 2770 + list_add(&stp->st_perstateowner, &oo->oo_owner.so_stateids); 2771 2771 + spin_lock(&fp->fi_lock); 2772 2772 + list_add(&stp->st_perfile, &fp->fi_stateids); 2773 2773 + spin_unlock(&fp->fi_lock); 2774 2774 + spin_unlock(&oo->oo_owner.so_client->cl_lock); 3205 2775 } 3206 2776 2777 2777 + /* 2778 2778 + * In the 4.0 case we need to keep the owners around a little while to handle 2779 2779 + * CLOSE replay. We still do need to release any file access that is held by 2780 2780 + * them before returning however. 2781 2781 + */ 3207 2782 static void 3208 3208 - move_to_close_lru(struct nfs4_openowner *oo, struct net *net) 2783 2783 + move_to_close_lru(struct nfs4_ol_stateid *s, struct net *net) 3209 2784 { 3210 3210 - struct nfsd_net *nn = net_generic(net, nfsd_net_id); 2785 2785 + struct nfs4_ol_stateid *last; 2786 2786 + struct nfs4_openowner *oo = openowner(s->st_stateowner); 2787 2787 + struct nfsd_net *nn = net_generic(s->st_stid.sc_client->net, 2788 2788 + nfsd_net_id); 3211 2789 3212 2790 dprintk("NFSD: move_to_close_lru nfs4_openowner %p\n", oo); 3213 2791 2792 2792 + /* 2793 2793 + * We know that we hold one reference via nfsd4_close, and another 2794 2794 + * "persistent" reference for the client. If the refcount is higher 2795 2795 + * than 2, then there are still calls in progress that are using this 2796 2796 + * stateid. We can't put the sc_file reference until they are finished. 2797 2797 + * Wait for the refcount to drop to 2. Since it has been unhashed, 2798 2798 + * there should be no danger of the refcount going back up again at 2799 2799 + * this point. 2800 2800 + */ 2801 2801 + wait_event(close_wq, atomic_read(&s->st_stid.sc_count) == 2); 2802 2802 + 2803 2803 + release_all_access(s); 2804 2804 + if (s->st_stid.sc_file) { 2805 2805 + put_nfs4_file(s->st_stid.sc_file); 2806 2806 + s->st_stid.sc_file = NULL; 2807 2807 + } 2808 2808 + 2809 2809 + spin_lock(&nn->client_lock); 2810 2810 + last = oo->oo_last_closed_stid; 2811 2811 + oo->oo_last_closed_stid = s; 3214 2812 list_move_tail(&oo->oo_close_lru, &nn->close_lru); 3215 2813 oo->oo_time = get_seconds(); 3216 3216 - } 3217 3217 - 3218 3218 - static int 3219 3219 - same_owner_str(struct nfs4_stateowner *sop, struct xdr_netobj *owner, 3220 3220 - clientid_t *clid) 3221 3221 - { 3222 3222 - return (sop->so_owner.len == owner->len) && 3223 3223 - 0 == memcmp(sop->so_owner.data, owner->data, owner->len) && 3224 3224 - (sop->so_client->cl_clientid.cl_id == clid->cl_id); 3225 3225 - } 3226 3226 - 3227 3227 - static struct nfs4_openowner * 3228 3228 - find_openstateowner_str(unsigned int hashval, struct nfsd4_open *open, 3229 3229 - bool sessions, struct nfsd_net *nn) 3230 3230 - { 3231 3231 - struct nfs4_stateowner *so; 3232 3232 - struct nfs4_openowner *oo; 3233 3233 - struct nfs4_client *clp; 3234 3234 - 3235 3235 - list_for_each_entry(so, &nn->ownerstr_hashtbl[hashval], so_strhash) { 3236 3236 - if (!so->so_is_open_owner) 3237 3237 - continue; 3238 3238 - if (same_owner_str(so, &open->op_owner, &open->op_clientid)) { 3239 3239 - oo = openowner(so); 3240 3240 - clp = oo->oo_owner.so_client; 3241 3241 - if ((bool)clp->cl_minorversion != sessions) 3242 3242 - return NULL; 3243 3243 - renew_client(oo->oo_owner.so_client); 3244 3244 - return oo; 3245 3245 - } 3246 3246 - } 3247 3247 - return NULL; 2814 2814 + spin_unlock(&nn->client_lock); 2815 2815 + if (last) 2816 2816 + nfs4_put_stid(&last->st_stid); 3248 2817 } 3249 2818 3250 2819 /* search file_hashtbl[] for file */ 3251 2820 static struct nfs4_file * 3252 3252 - find_file(struct inode *ino) 2821 2821 + find_file_locked(struct knfsd_fh *fh) 3253 2822 { 3254 3254 - unsigned int hashval = file_hashval(ino); 2823 2823 + unsigned int hashval = file_hashval(fh); 3255 2824 struct nfs4_file *fp; 3256 2825 3257 3257 - spin_lock(&state_lock); 2826 2826 + lockdep_assert_held(&state_lock); 2827 2827 + 3258 2828 hlist_for_each_entry(fp, &file_hashtbl[hashval], fi_hash) { 3259 3259 - if (fp->fi_inode == ino) { 2829 2829 + if (nfsd_fh_match(&fp->fi_fhandle, fh)) { 3260 2830 get_nfs4_file(fp); 3261 3261 - spin_unlock(&state_lock); 3262 2831 return fp; 3263 2832 } 3264 2833 } 3265 3265 - spin_unlock(&state_lock); 3266 2834 return NULL; 2835 2835 + } 2836 2836 + 2837 2837 + static struct nfs4_file * 2838 2838 + find_file(struct knfsd_fh *fh) 2839 2839 + { 2840 2840 + struct nfs4_file *fp; 2841 2841 + 2842 2842 + spin_lock(&state_lock); 2843 2843 + fp = find_file_locked(fh); 2844 2844 + spin_unlock(&state_lock); 2845 2845 + return fp; 2846 2846 + } 2847 2847 + 2848 2848 + static struct nfs4_file * 2849 2849 + find_or_add_file(struct nfs4_file *new, struct knfsd_fh *fh) 2850 2850 + { 2851 2851 + struct nfs4_file *fp; 2852 2852 + 2853 2853 + spin_lock(&state_lock); 2854 2854 + fp = find_file_locked(fh); 2855 2855 + if (fp == NULL) { 2856 2856 + nfsd4_init_file(new, fh); 2857 2857 + fp = new; 2858 2858 + } 2859 2859 + spin_unlock(&state_lock); 2860 2860 + 2861 2861 + return fp; 3267 2862 } 3268 2863 3269 2864 /* ··· 3334 2807 static __be32 3335 2808 nfs4_share_conflict(struct svc_fh *current_fh, unsigned int deny_type) 3336 2809 { 3337 3337 - struct inode *ino = current_fh->fh_dentry->d_inode; 3338 2810 struct nfs4_file *fp; 3339 3339 - struct nfs4_ol_stateid *stp; 3340 3340 - __be32 ret; 2811 2811 + __be32 ret = nfs_ok; 3341 2812 3342 3342 - fp = find_file(ino); 2813 2813 + fp = find_file(&current_fh->fh_handle); 3343 2814 if (!fp) 3344 3344 - return nfs_ok; 3345 3345 - ret = nfserr_locked; 3346 3346 - /* Search for conflicting share reservations */ 3347 3347 - list_for_each_entry(stp, &fp->fi_stateids, st_perfile) { 3348 3348 - if (test_deny(deny_type, stp) || 3349 3349 - test_deny(NFS4_SHARE_DENY_BOTH, stp)) 3350 3350 - goto out; 3351 3351 - } 3352 3352 - ret = nfs_ok; 3353 3353 - out: 2815 2815 + return ret; 2816 2816 + /* Check for conflicting share reservations */ 2817 2817 + spin_lock(&fp->fi_lock); 2818 2818 + if (fp->fi_share_deny & deny_type) 2819 2819 + ret = nfserr_locked; 2820 2820 + spin_unlock(&fp->fi_lock); 3354 2821 put_nfs4_file(fp); 3355 2822 return ret; 3356 2823 } 3357 2824 2825 2825 + void nfsd4_prepare_cb_recall(struct nfs4_delegation *dp) 2826 2826 + { 2827 2827 + struct nfsd_net *nn = net_generic(dp->dl_stid.sc_client->net, 2828 2828 + nfsd_net_id); 2829 2829 + 2830 2830 + block_delegations(&dp->dl_stid.sc_file->fi_fhandle); 2831 2831 + 2832 2832 + /* 2833 2833 + * We can't do this in nfsd_break_deleg_cb because it is 2834 2834 + * already holding inode->i_lock. 2835 2835 + * 2836 2836 + * If the dl_time != 0, then we know that it has already been 2837 2837 + * queued for a lease break. Don't queue it again. 2838 2838 + */ 2839 2839 + spin_lock(&state_lock); 2840 2840 + if (dp->dl_time == 0) { 2841 2841 + dp->dl_time = get_seconds(); 2842 2842 + list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 2843 2843 + } 2844 2844 + spin_unlock(&state_lock); 2845 2845 + } 2846 2846 + 3358 2847 static void nfsd_break_one_deleg(struct nfs4_delegation *dp) 3359 2848 { 3360 3360 - struct nfs4_client *clp = dp->dl_stid.sc_client; 3361 3361 - struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 3362 3362 - 3363 3363 - lockdep_assert_held(&state_lock); 3364 3364 - /* We're assuming the state code never drops its reference 2849 2849 + /* 2850 2850 + * We're assuming the state code never drops its reference 3365 2851 * without first removing the lease. Since we're in this lease 3366 2852 * callback (and since the lease code is serialized by the kernel 3367 2853 * lock) we know the server hasn't removed the lease yet, we know 3368 3368 - * it's safe to take a reference: */ 3369 3369 - atomic_inc(&dp->dl_count); 3370 3370 - 3371 3371 - list_add_tail(&dp->dl_recall_lru, &nn->del_recall_lru); 3372 3372 - 3373 3373 - /* Only place dl_time is set; protected by i_lock: */ 3374 3374 - dp->dl_time = get_seconds(); 3375 3375 - 3376 3376 - block_delegations(&dp->dl_fh); 3377 3377 - 2854 2854 + * it's safe to take a reference. 2855 2855 + */ 2856 2856 + atomic_inc(&dp->dl_stid.sc_count); 3378 2857 nfsd4_cb_recall(dp); 3379 2858 } 3380 2859 ··· 3405 2872 */ 3406 2873 fl->fl_break_time = 0; 3407 2874 3408 3408 - spin_lock(&state_lock); 2875 2875 + spin_lock(&fp->fi_lock); 3409 2876 fp->fi_had_conflict = true; 3410 3410 - list_for_each_entry(dp, &fp->fi_delegations, dl_perfile) 3411 3411 - nfsd_break_one_deleg(dp); 3412 3412 - spin_unlock(&state_lock); 2877 2877 + /* 2878 2878 + * If there are no delegations on the list, then we can't count on this 2879 2879 + * lease ever being cleaned up. Set the fl_break_time to jiffies so that 2880 2880 + * time_out_leases will do it ASAP. The fact that fi_had_conflict is now 2881 2881 + * true should keep any new delegations from being hashed. 2882 2882 + */ 2883 2883 + if (list_empty(&fp->fi_delegations)) 2884 2884 + fl->fl_break_time = jiffies; 2885 2885 + else 2886 2886 + list_for_each_entry(dp, &fp->fi_delegations, dl_perfile) 2887 2887 + nfsd_break_one_deleg(dp); 2888 2888 + spin_unlock(&fp->fi_lock); 3413 2889 } 3414 2890 3415 2891 static ··· 3446 2904 return nfserr_bad_seqid; 3447 2905 } 3448 2906 2907 2907 + static __be32 lookup_clientid(clientid_t *clid, 2908 2908 + struct nfsd4_compound_state *cstate, 2909 2909 + struct nfsd_net *nn) 2910 2910 + { 2911 2911 + struct nfs4_client *found; 2912 2912 + 2913 2913 + if (cstate->clp) { 2914 2914 + found = cstate->clp; 2915 2915 + if (!same_clid(&found->cl_clientid, clid)) 2916 2916 + return nfserr_stale_clientid; 2917 2917 + return nfs_ok; 2918 2918 + } 2919 2919 + 2920 2920 + if (STALE_CLIENTID(clid, nn)) 2921 2921 + return nfserr_stale_clientid; 2922 2922 + 2923 2923 + /* 2924 2924 + * For v4.1+ we get the client in the SEQUENCE op. If we don't have one 2925 2925 + * cached already then we know this is for is for v4.0 and "sessions" 2926 2926 + * will be false. 2927 2927 + */ 2928 2928 + WARN_ON_ONCE(cstate->session); 2929 2929 + spin_lock(&nn->client_lock); 2930 2930 + found = find_confirmed_client(clid, false, nn); 2931 2931 + if (!found) { 2932 2932 + spin_unlock(&nn->client_lock); 2933 2933 + return nfserr_expired; 2934 2934 + } 2935 2935 + atomic_inc(&found->cl_refcount); 2936 2936 + spin_unlock(&nn->client_lock); 2937 2937 + 2938 2938 + /* Cache the nfs4_client in cstate! */ 2939 2939 + cstate->clp = found; 2940 2940 + return nfs_ok; 2941 2941 + } 2942 2942 + 3449 2943 __be32 3450 2944 nfsd4_process_open1(struct nfsd4_compound_state *cstate, 3451 2945 struct nfsd4_open *open, struct nfsd_net *nn) ··· 3502 2924 if (open->op_file == NULL) 3503 2925 return nfserr_jukebox; 3504 2926 3505 3505 - strhashval = ownerstr_hashval(clientid->cl_id, &open->op_owner); 3506 3506 - oo = find_openstateowner_str(strhashval, open, cstate->minorversion, nn); 2927 2927 + status = lookup_clientid(clientid, cstate, nn); 2928 2928 + if (status) 2929 2929 + return status; 2930 2930 + clp = cstate->clp; 2931 2931 + 2932 2932 + strhashval = ownerstr_hashval(&open->op_owner); 2933 2933 + oo = find_openstateowner_str(strhashval, open, clp); 3507 2934 open->op_openowner = oo; 3508 2935 if (!oo) { 3509 3509 - clp = find_confirmed_client(clientid, cstate->minorversion, 3510 3510 - nn); 3511 3511 - if (clp == NULL) 3512 3512 - return nfserr_expired; 3513 2936 goto new_owner; 3514 2937 } 3515 2938 if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 3516 2939 /* Replace unconfirmed owners without checking for replay. */ 3517 3517 - clp = oo->oo_owner.so_client; 3518 2940 release_openowner(oo); 3519 2941 open->op_openowner = NULL; 3520 2942 goto new_owner; ··· 3522 2944 status = nfsd4_check_seqid(cstate, &oo->oo_owner, open->op_seqid); 3523 2945 if (status) 3524 2946 return status; 3525 3525 - clp = oo->oo_owner.so_client; 3526 2947 goto alloc_stateid; 3527 2948 new_owner: 3528 3528 - oo = alloc_init_open_stateowner(strhashval, clp, open); 2949 2949 + oo = alloc_init_open_stateowner(strhashval, open, cstate); 3529 2950 if (oo == NULL) 3530 2951 return nfserr_jukebox; 3531 2952 open->op_openowner = oo; 3532 2953 alloc_stateid: 3533 3533 - open->op_stp = nfs4_alloc_stateid(clp); 2954 2954 + open->op_stp = nfs4_alloc_open_stateid(clp); 3534 2955 if (!open->op_stp) 3535 2956 return nfserr_jukebox; 3536 2957 return nfs_ok; ··· 3571 2994 { 3572 2995 int flags; 3573 2996 __be32 status = nfserr_bad_stateid; 2997 2997 + struct nfs4_delegation *deleg; 3574 2998 3575 3575 - *dp = find_deleg_stateid(cl, &open->op_delegate_stateid); 3576 3576 - if (*dp == NULL) 2999 2999 + deleg = find_deleg_stateid(cl, &open->op_delegate_stateid); 3000 3000 + if (deleg == NULL) 3577 3001 goto out; 3578 3002 flags = share_access_to_flags(open->op_share_access); 3579 3579 - status = nfs4_check_delegmode(*dp, flags); 3580 3580 - if (status) 3581 3581 - *dp = NULL; 3003 3003 + status = nfs4_check_delegmode(deleg, flags); 3004 3004 + if (status) { 3005 3005 + nfs4_put_stid(&deleg->dl_stid); 3006 3006 + goto out; 3007 3007 + } 3008 3008 + *dp = deleg; 3582 3009 out: 3583 3010 if (!nfsd4_is_deleg_cur(open)) 3584 3011 return nfs_ok; ··· 3592 3011 return nfs_ok; 3593 3012 } 3594 3013 3595 3595 - static __be32 3596 3596 - nfs4_check_open(struct nfs4_file *fp, struct nfsd4_open *open, struct nfs4_ol_stateid **stpp) 3014 3014 + static struct nfs4_ol_stateid * 3015 3015 + nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open) 3597 3016 { 3598 3598 - struct nfs4_ol_stateid *local; 3017 3017 + struct nfs4_ol_stateid *local, *ret = NULL; 3599 3018 struct nfs4_openowner *oo = open->op_openowner; 3600 3019 3020 3020 + spin_lock(&fp->fi_lock); 3601 3021 list_for_each_entry(local, &fp->fi_stateids, st_perfile) { 3602 3022 /* ignore lock owners */ 3603 3023 if (local->st_stateowner->so_is_open_owner == 0) 3604 3024 continue; 3605 3605 - /* remember if we have seen this open owner */ 3606 3606 - if (local->st_stateowner == &oo->oo_owner) 3607 3607 - *stpp = local; 3608 3608 - /* check for conflicting share reservations */ 3609 3609 - if (!test_share(local, open)) 3610 3610 - return nfserr_share_denied; 3025 3025 + if (local->st_stateowner == &oo->oo_owner) { 3026 3026 + ret = local; 3027 3027 + atomic_inc(&ret->st_stid.sc_count); 3028 3028 + break; 3029 3029 + } 3611 3030 } 3612 3612 - return nfs_ok; 3031 3031 + spin_unlock(&fp->fi_lock); 3032 3032 + return ret; 3613 3033 } 3614 3034 3615 3035 static inline int nfs4_access_to_access(u32 nfs4_access) ··· 3622 3040 if (nfs4_access & NFS4_SHARE_ACCESS_WRITE) 3623 3041 flags |= NFSD_MAY_WRITE; 3624 3042 return flags; 3625 3625 - } 3626 3626 - 3627 3627 - static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 3628 3628 - struct svc_fh *cur_fh, struct nfsd4_open *open) 3629 3629 - { 3630 3630 - __be32 status; 3631 3631 - int oflag = nfs4_access_to_omode(open->op_share_access); 3632 3632 - int access = nfs4_access_to_access(open->op_share_access); 3633 3633 - 3634 3634 - if (!fp->fi_fds[oflag]) { 3635 3635 - status = nfsd_open(rqstp, cur_fh, S_IFREG, access, 3636 3636 - &fp->fi_fds[oflag]); 3637 3637 - if (status) 3638 3638 - return status; 3639 3639 - } 3640 3640 - nfs4_file_get_access(fp, oflag); 3641 3641 - 3642 3642 - return nfs_ok; 3643 3043 } 3644 3044 3645 3045 static inline __be32 ··· 3639 3075 return nfsd_setattr(rqstp, fh, &iattr, 0, (time_t)0); 3640 3076 } 3641 3077 3078 3078 + static __be32 nfs4_get_vfs_file(struct svc_rqst *rqstp, struct nfs4_file *fp, 3079 3079 + struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, 3080 3080 + struct nfsd4_open *open) 3081 3081 + { 3082 3082 + struct file *filp = NULL; 3083 3083 + __be32 status; 3084 3084 + int oflag = nfs4_access_to_omode(open->op_share_access); 3085 3085 + int access = nfs4_access_to_access(open->op_share_access); 3086 3086 + unsigned char old_access_bmap, old_deny_bmap; 3087 3087 + 3088 3088 + spin_lock(&fp->fi_lock); 3089 3089 + 3090 3090 + /* 3091 3091 + * Are we trying to set a deny mode that would conflict with 3092 3092 + * current access? 3093 3093 + */ 3094 3094 + status = nfs4_file_check_deny(fp, open->op_share_deny); 3095 3095 + if (status != nfs_ok) { 3096 3096 + spin_unlock(&fp->fi_lock); 3097 3097 + goto out; 3098 3098 + } 3099 3099 + 3100 3100 + /* set access to the file */ 3101 3101 + status = nfs4_file_get_access(fp, open->op_share_access); 3102 3102 + if (status != nfs_ok) { 3103 3103 + spin_unlock(&fp->fi_lock); 3104 3104 + goto out; 3105 3105 + } 3106 3106 + 3107 3107 + /* Set access bits in stateid */ 3108 3108 + old_access_bmap = stp->st_access_bmap; 3109 3109 + set_access(open->op_share_access, stp); 3110 3110 + 3111 3111 + /* Set new deny mask */ 3112 3112 + old_deny_bmap = stp->st_deny_bmap; 3113 3113 + set_deny(open->op_share_deny, stp); 3114 3114 + fp->fi_share_deny |= (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 3115 3115 + 3116 3116 + if (!fp->fi_fds[oflag]) { 3117 3117 + spin_unlock(&fp->fi_lock); 3118 3118 + status = nfsd_open(rqstp, cur_fh, S_IFREG, access, &filp); 3119 3119 + if (status) 3120 3120 + goto out_put_access; 3121 3121 + spin_lock(&fp->fi_lock); 3122 3122 + if (!fp->fi_fds[oflag]) { 3123 3123 + fp->fi_fds[oflag] = filp; 3124 3124 + filp = NULL; 3125 3125 + } 3126 3126 + } 3127 3127 + spin_unlock(&fp->fi_lock); 3128 3128 + if (filp) 3129 3129 + fput(filp); 3130 3130 + 3131 3131 + status = nfsd4_truncate(rqstp, cur_fh, open); 3132 3132 + if (status) 3133 3133 + goto out_put_access; 3134 3134 + out: 3135 3135 + return status; 3136 3136 + out_put_access: 3137 3137 + stp->st_access_bmap = old_access_bmap; 3138 3138 + nfs4_file_put_access(fp, open->op_share_access); 3139 3139 + reset_union_bmap_deny(bmap_to_share_mode(old_deny_bmap), stp); 3140 3140 + goto out; 3141 3141 + } 3142 3142 + 3642 3143 static __be32 3643 3144 nfs4_upgrade_open(struct svc_rqst *rqstp, struct nfs4_file *fp, struct svc_fh *cur_fh, struct nfs4_ol_stateid *stp, struct nfsd4_open *open) 3644 3145 { 3645 3645 - u32 op_share_access = open->op_share_access; 3646 3646 - bool new_access; 3647 3146 __be32 status; 3147 3147 + unsigned char old_deny_bmap; 3648 3148 3649 3649 - new_access = !test_access(op_share_access, stp); 3650 3650 - if (new_access) { 3651 3651 - status = nfs4_get_vfs_file(rqstp, fp, cur_fh, open); 3652 3652 - if (status) 3653 3653 - return status; 3149 3149 + if (!test_access(open->op_share_access, stp)) 3150 3150 + return nfs4_get_vfs_file(rqstp, fp, cur_fh, stp, open); 3151 3151 + 3152 3152 + /* test and set deny mode */ 3153 3153 + spin_lock(&fp->fi_lock); 3154 3154 + status = nfs4_file_check_deny(fp, open->op_share_deny); 3155 3155 + if (status == nfs_ok) { 3156 3156 + old_deny_bmap = stp->st_deny_bmap; 3157 3157 + set_deny(open->op_share_deny, stp); 3158 3158 + fp->fi_share_deny |= 3159 3159 + (open->op_share_deny & NFS4_SHARE_DENY_BOTH); 3654 3160 } 3655 3655 - status = nfsd4_truncate(rqstp, cur_fh, open); 3656 3656 - if (status) { 3657 3657 - if (new_access) { 3658 3658 - int oflag = nfs4_access_to_omode(op_share_access); 3659 3659 - nfs4_file_put_access(fp, oflag); 3660 3660 - } 3161 3161 + spin_unlock(&fp->fi_lock); 3162 3162 + 3163 3163 + if (status != nfs_ok) 3661 3164 return status; 3662 3662 - } 3663 3663 - /* remember the open */ 3664 3664 - set_access(op_share_access, stp); 3665 3665 - set_deny(open->op_share_deny, stp); 3666 3165 3667 3667 - return nfs_ok; 3166 3166 + status = nfsd4_truncate(rqstp, cur_fh, open); 3167 3167 + if (status != nfs_ok) 3168 3168 + reset_union_bmap_deny(old_deny_bmap, stp); 3169 3169 + return status; 3668 3170 } 3669 3669 - 3670 3171 3671 3172 static void 3672 3173 nfs4_set_claim_prev(struct nfsd4_open *open, bool has_session) ··· 3752 3123 return clp->cl_minorversion && clp->cl_cb_state == NFSD4_CB_UNKNOWN; 3753 3124 } 3754 3125 3755 3755 - static struct file_lock *nfs4_alloc_init_lease(struct nfs4_delegation *dp, int flag) 3126 3126 + static struct file_lock *nfs4_alloc_init_lease(struct nfs4_file *fp, int flag) 3756 3127 { 3757 3128 struct file_lock *fl; 3758 3129 ··· 3764 3135 fl->fl_flags = FL_DELEG; 3765 3136 fl->fl_type = flag == NFS4_OPEN_DELEGATE_READ? F_RDLCK: F_WRLCK; 3766 3137 fl->fl_end = OFFSET_MAX; 3767 3767 - fl->fl_owner = (fl_owner_t)(dp->dl_file); 3138 3138 + fl->fl_owner = (fl_owner_t)fp; 3768 3139 fl->fl_pid = current->tgid; 3769 3140 return fl; 3770 3141 } 3771 3142 3772 3143 static int nfs4_setlease(struct nfs4_delegation *dp) 3773 3144 { 3774 3774 - struct nfs4_file *fp = dp->dl_file; 3145 3145 + struct nfs4_file *fp = dp->dl_stid.sc_file; 3775 3146 struct file_lock *fl; 3776 3776 - int status; 3147 3147 + struct file *filp; 3148 3148 + int status = 0; 3777 3149 3778 3778 - fl = nfs4_alloc_init_lease(dp, NFS4_OPEN_DELEGATE_READ); 3150 3150 + fl = nfs4_alloc_init_lease(fp, NFS4_OPEN_DELEGATE_READ); 3779 3151 if (!fl) 3780 3152 return -ENOMEM; 3781 3781 - fl->fl_file = find_readable_file(fp); 3782 3782 - status = vfs_setlease(fl->fl_file, fl->fl_type, &fl); 3783 3783 - if (status) 3784 3784 - goto out_free; 3785 3785 - fp->fi_lease = fl; 3786 3786 - fp->fi_deleg_file = get_file(fl->fl_file); 3787 3787 - atomic_set(&fp->fi_delegees, 1); 3153 3153 + filp = find_readable_file(fp); 3154 3154 + if (!filp) { 3155 3155 + /* We should always have a readable file here */ 3156 3156 + WARN_ON_ONCE(1); 3157 3157 + return -EBADF; 3158 3158 + } 3159 3159 + fl->fl_file = filp; 3160 3160 + status = vfs_setlease(filp, fl->fl_type, &fl); 3161 3161 + if (status) { 3162 3162 + locks_free_lock(fl); 3163 3163 + goto out_fput; 3164 3164 + } 3788 3165 spin_lock(&state_lock); 3166 3166 + spin_lock(&fp->fi_lock); 3167 3167 + /* Did the lease get broken before we took the lock? */ 3168 3168 + status = -EAGAIN; 3169 3169 + if (fp->fi_had_conflict) 3170 3170 + goto out_unlock; 3171 3171 + /* Race breaker */ 3172 3172 + if (fp->fi_lease) { 3173 3173 + status = 0; 3174 3174 + atomic_inc(&fp->fi_delegees); 3175 3175 + hash_delegation_locked(dp, fp); 3176 3176 + goto out_unlock; 3177 3177 + } 3178 3178 + fp->fi_lease = fl; 3179 3179 + fp->fi_deleg_file = filp; 3180 3180 + atomic_set(&fp->fi_delegees, 1); 3789 3181 hash_delegation_locked(dp, fp); 3182 3182 + spin_unlock(&fp->fi_lock); 3790 3183 spin_unlock(&state_lock); 3791 3184 return 0; 3792 3792 - out_free: 3793 3793 - locks_free_lock(fl); 3185 3185 + out_unlock: 3186 3186 + spin_unlock(&fp->fi_lock); 3187 3187 + spin_unlock(&state_lock); 3188 3188 + out_fput: 3189 3189 + fput(filp); 3794 3190 return status; 3795 3191 } 3796 3192 3797 3797 - static int nfs4_set_delegation(struct nfs4_delegation *dp, struct nfs4_file *fp) 3193 3193 + static struct nfs4_delegation * 3194 3194 + nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, 3195 3195 + struct nfs4_file *fp) 3798 3196 { 3197 3197 + int status; 3198 3198 + struct nfs4_delegation *dp; 3199 3199 + 3799 3200 if (fp->fi_had_conflict) 3800 3800 - return -EAGAIN; 3201 3201 + return ERR_PTR(-EAGAIN); 3202 3202 + 3203 3203 + dp = alloc_init_deleg(clp, fh); 3204 3204 + if (!dp) 3205 3205 + return ERR_PTR(-ENOMEM); 3206 3206 + 3801 3207 get_nfs4_file(fp); 3802 3802 - dp->dl_file = fp; 3803 3803 - if (!fp->fi_lease) 3804 3804 - return nfs4_setlease(dp); 3805 3208 spin_lock(&state_lock); 3209 3209 + spin_lock(&fp->fi_lock); 3210 3210 + dp->dl_stid.sc_file = fp; 3211 3211 + if (!fp->fi_lease) { 3212 3212 + spin_unlock(&fp->fi_lock); 3213 3213 + spin_unlock(&state_lock); 3214 3214 + status = nfs4_setlease(dp); 3215 3215 + goto out; 3216 3216 + } 3806 3217 atomic_inc(&fp->fi_delegees); 3807 3218 if (fp->fi_had_conflict) { 3808 3808 - spin_unlock(&state_lock); 3809 3809 - return -EAGAIN; 3219 3219 + status = -EAGAIN; 3220 3220 + goto out_unlock; 3810 3221 } 3811 3222 hash_delegation_locked(dp, fp); 3223 3223 + status = 0; 3224 3224 + out_unlock: 3225 3225 + spin_unlock(&fp->fi_lock); 3812 3226 spin_unlock(&state_lock); 3813 3813 - return 0; 3227 3227 + out: 3228 3228 + if (status) { 3229 3229 + nfs4_put_stid(&dp->dl_stid); 3230 3230 + return ERR_PTR(status); 3231 3231 + } 3232 3232 + return dp; 3814 3233 } 3815 3234 3816 3235 static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) ··· 3889 3212 * proper support for them. 3890 3213 */ 3891 3214 static void 3892 3892 - nfs4_open_delegation(struct net *net, struct svc_fh *fh, 3893 3893 - struct nfsd4_open *open, struct nfs4_ol_stateid *stp) 3215 3215 + nfs4_open_delegation(struct svc_fh *fh, struct nfsd4_open *open, 3216 3216 + struct nfs4_ol_stateid *stp) 3894 3217 { 3895 3218 struct nfs4_delegation *dp; 3896 3896 - struct nfs4_openowner *oo = container_of(stp->st_stateowner, struct nfs4_openowner, oo_owner); 3219 3219 + struct nfs4_openowner *oo = openowner(stp->st_stateowner); 3220 3220 + struct nfs4_client *clp = stp->st_stid.sc_client; 3897 3221 int cb_up; 3898 3222 int status = 0; 3899 3223 ··· 3913 3235 * Let's not give out any delegations till everyone's 3914 3236 * had the chance to reclaim theirs.... 3915 3237 */ 3916 3916 - if (locks_in_grace(net)) 3238 3238 + if (locks_in_grace(clp->net)) 3917 3239 goto out_no_deleg; 3918 3240 if (!cb_up || !(oo->oo_flags & NFS4_OO_CONFIRMED)) 3919 3241 goto out_no_deleg; ··· 3932 3254 default: 3933 3255 goto out_no_deleg; 3934 3256 } 3935 3935 - dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh); 3936 3936 - if (dp == NULL) 3257 3257 + dp = nfs4_set_delegation(clp, fh, stp->st_stid.sc_file); 3258 3258 + if (IS_ERR(dp)) 3937 3259 goto out_no_deleg; 3938 3938 - status = nfs4_set_delegation(dp, stp->st_file); 3939 3939 - if (status) 3940 3940 - goto out_free; 3941 3260 3942 3261 memcpy(&open->op_delegate_stateid, &dp->dl_stid.sc_stateid, sizeof(dp->dl_stid.sc_stateid)); 3943 3262 3944 3263 dprintk("NFSD: delegation stateid=" STATEID_FMT "\n", 3945 3264 STATEID_VAL(&dp->dl_stid.sc_stateid)); 3946 3265 open->op_delegate_type = NFS4_OPEN_DELEGATE_READ; 3266 3266 + nfs4_put_stid(&dp->dl_stid); 3947 3267 return; 3948 3948 - out_free: 3949 3949 - destroy_delegation(dp); 3950 3268 out_no_deleg: 3951 3269 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE; 3952 3270 if (open->op_claim_type == NFS4_OPEN_CLAIM_PREVIOUS && ··· 3975 3301 */ 3976 3302 } 3977 3303 3978 3978 - /* 3979 3979 - * called with nfs4_lock_state() held. 3980 3980 - */ 3981 3304 __be32 3982 3305 nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) 3983 3306 { 3984 3307 struct nfsd4_compoundres *resp = rqstp->rq_resp; 3985 3308 struct nfs4_client *cl = open->op_openowner->oo_owner.so_client; 3986 3309 struct nfs4_file *fp = NULL; 3987 3987 - struct inode *ino = current_fh->fh_dentry->d_inode; 3988 3310 struct nfs4_ol_stateid *stp = NULL; 3989 3311 struct nfs4_delegation *dp = NULL; 3990 3312 __be32 status; ··· 3990 3320 * and check for delegations in the process of being recalled. 3991 3321 * If not found, create the nfs4_file struct 3992 3322 */ 3993 3993 - fp = find_file(ino); 3994 3994 - if (fp) { 3995 3995 - if ((status = nfs4_check_open(fp, open, &stp))) 3996 3996 - goto out; 3323 3323 + fp = find_or_add_file(open->op_file, &current_fh->fh_handle); 3324 3324 + if (fp != open->op_file) { 3997 3325 status = nfs4_check_deleg(cl, open, &dp); 3998 3326 if (status) 3999 3327 goto out; 3328 3328 + stp = nfsd4_find_existing_open(fp, open); 4000 3329 } else { 3330 3330 + open->op_file = NULL; 4001 3331 status = nfserr_bad_stateid; 4002 3332 if (nfsd4_is_deleg_cur(open)) 4003 3333 goto out; 4004 3334 status = nfserr_jukebox; 4005 4005 - fp = open->op_file; 4006 4006 - open->op_file = NULL; 4007 4007 - nfsd4_init_file(fp, ino); 4008 3335 } 4009 3336 4010 3337 /* ··· 4014 3347 if (status) 4015 3348 goto out; 4016 3349 } else { 4017 4017 - status = nfs4_get_vfs_file(rqstp, fp, current_fh, open); 4018 4018 - if (status) 4019 4019 - goto out; 4020 4020 - status = nfsd4_truncate(rqstp, current_fh, open); 4021 4021 - if (status) 4022 4022 - goto out; 4023 3350 stp = open->op_stp; 4024 3351 open->op_stp = NULL; 4025 3352 init_open_stateid(stp, fp, open); 3353 3353 + status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open); 3354 3354 + if (status) { 3355 3355 + release_open_stateid(stp); 3356 3356 + goto out; 3357 3357 + } 4026 3358 } 4027 3359 update_stateid(&stp->st_stid.sc_stateid); 4028 3360 memcpy(&open->op_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 4029 3361 4030 3362 if (nfsd4_has_session(&resp->cstate)) { 4031 4031 - open->op_openowner->oo_flags |= NFS4_OO_CONFIRMED; 4032 4032 - 4033 3363 if (open->op_deleg_want & NFS4_SHARE_WANT_NO_DELEG) { 4034 3364 open->op_delegate_type = NFS4_OPEN_DELEGATE_NONE_EXT; 4035 3365 open->op_why_no_deleg = WND4_NOT_WANTED; ··· 4038 3374 * Attempt to hand out a delegation. No error return, because the 4039 3375 * OPEN succeeds even if we fail. 4040 3376 */ 4041 4041 - nfs4_open_delegation(SVC_NET(rqstp), current_fh, open, stp); 3377 3377 + nfs4_open_delegation(current_fh, open, stp); 4042 3378 nodeleg: 4043 3379 status = nfs_ok; 4044 3380 ··· 4061 3397 if (!(open->op_openowner->oo_flags & NFS4_OO_CONFIRMED) && 4062 3398 !nfsd4_has_session(&resp->cstate)) 4063 3399 open->op_rflags |= NFS4_OPEN_RESULT_CONFIRM; 3400 3400 + if (dp) 3401 3401 + nfs4_put_stid(&dp->dl_stid); 3402 3402 + if (stp) 3403 3403 + nfs4_put_stid(&stp->st_stid); 4064 3404 4065 3405 return status; 4066 3406 } 4067 3407 4068 4068 - void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status) 3408 3408 + void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 3409 3409 + struct nfsd4_open *open, __be32 status) 4069 3410 { 4070 3411 if (open->op_openowner) { 4071 4071 - struct nfs4_openowner *oo = open->op_openowner; 3412 3412 + struct nfs4_stateowner *so = &open->op_openowner->oo_owner; 4072 3413 4073 4073 - if (!list_empty(&oo->oo_owner.so_stateids)) 4074 4074 - list_del_init(&oo->oo_close_lru); 4075 4075 - if (oo->oo_flags & NFS4_OO_NEW) { 4076 4076 - if (status) { 4077 4077 - release_openowner(oo); 4078 4078 - open->op_openowner = NULL; 4079 4079 - } else 4080 4080 - oo->oo_flags &= ~NFS4_OO_NEW; 4081 4081 - } 3414 3414 + nfsd4_cstate_assign_replay(cstate, so); 3415 3415 + nfs4_put_stateowner(so); 4082 3416 } 4083 3417 if (open->op_file) 4084 3418 nfsd4_free_file(open->op_file); 4085 3419 if (open->op_stp) 4086 4086 - free_generic_stateid(open->op_stp); 4087 4087 - } 4088 4088 - 4089 4089 - static __be32 lookup_clientid(clientid_t *clid, bool session, struct nfsd_net *nn, struct nfs4_client **clp) 4090 4090 - { 4091 4091 - struct nfs4_client *found; 4092 4092 - 4093 4093 - if (STALE_CLIENTID(clid, nn)) 4094 4094 - return nfserr_stale_clientid; 4095 4095 - found = find_confirmed_client(clid, session, nn); 4096 4096 - if (clp) 4097 4097 - *clp = found; 4098 4098 - return found ? nfs_ok : nfserr_expired; 3420 3420 + nfs4_put_stid(&open->op_stp->st_stid); 4099 3421 } 4100 3422 4101 3423 __be32 ··· 4092 3442 __be32 status; 4093 3443 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4094 3444 4095 4095 - nfs4_lock_state(); 4096 3445 dprintk("process_renew(%08x/%08x): starting\n", 4097 3446 clid->cl_boot, clid->cl_id); 4098 4098 - status = lookup_clientid(clid, cstate->minorversion, nn, &clp); 3447 3447 + status = lookup_clientid(clid, cstate, nn); 4099 3448 if (status) 4100 3449 goto out; 3450 3450 + clp = cstate->clp; 4101 3451 status = nfserr_cb_path_down; 4102 3452 if (!list_empty(&clp->cl_delegations) 4103 3453 && clp->cl_cb_state != NFSD4_CB_UP) 4104 3454 goto out; 4105 3455 status = nfs_ok; 4106 3456 out: 4107 4107 - nfs4_unlock_state(); 4108 3457 return status; 4109 3458 } 4110 3459 ··· 4132 3483 struct nfs4_client *clp; 4133 3484 struct nfs4_openowner *oo; 4134 3485 struct nfs4_delegation *dp; 3486 3486 + struct nfs4_ol_stateid *stp; 4135 3487 struct list_head *pos, *next, reaplist; 4136 3488 time_t cutoff = get_seconds() - nn->nfsd4_lease; 4137 3489 time_t t, new_timeo = nn->nfsd4_lease; 4138 4138 - 4139 4139 - nfs4_lock_state(); 4140 3490 4141 3491 dprintk("NFSD: laundromat service - starting\n"); 4142 3492 nfsd4_end_grace(nn); ··· 4153 3505 clp->cl_clientid.cl_id); 4154 3506 continue; 4155 3507 } 4156 4156 - list_move(&clp->cl_lru, &reaplist); 3508 3508 + list_add(&clp->cl_lru, &reaplist); 4157 3509 } 4158 3510 spin_unlock(&nn->client_lock); 4159 3511 list_for_each_safe(pos, next, &reaplist) { 4160 3512 clp = list_entry(pos, struct nfs4_client, cl_lru); 4161 3513 dprintk("NFSD: purging unused client (clientid %08x)\n", 4162 3514 clp->cl_clientid.cl_id); 3515 3515 + list_del_init(&clp->cl_lru); 4163 3516 expire_client(clp); 4164 3517 } 4165 3518 spin_lock(&state_lock); ··· 4173 3524 new_timeo = min(new_timeo, t); 4174 3525 break; 4175 3526 } 4176 4176 - list_move(&dp->dl_recall_lru, &reaplist); 3527 3527 + unhash_delegation_locked(dp); 3528 3528 + list_add(&dp->dl_recall_lru, &reaplist); 4177 3529 } 4178 3530 spin_unlock(&state_lock); 4179 4179 - list_for_each_safe(pos, next, &reaplist) { 4180 4180 - dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 3531 3531 + while (!list_empty(&reaplist)) { 3532 3532 + dp = list_first_entry(&reaplist, struct nfs4_delegation, 3533 3533 + dl_recall_lru); 3534 3534 + list_del_init(&dp->dl_recall_lru); 4181 3535 revoke_delegation(dp); 4182 3536 } 4183 4183 - list_for_each_safe(pos, next, &nn->close_lru) { 4184 4184 - oo = container_of(pos, struct nfs4_openowner, oo_close_lru); 4185 4185 - if (time_after((unsigned long)oo->oo_time, (unsigned long)cutoff)) { 3537 3537 + 3538 3538 + spin_lock(&nn->client_lock); 3539 3539 + while (!list_empty(&nn->close_lru)) { 3540 3540 + oo = list_first_entry(&nn->close_lru, struct nfs4_openowner, 3541 3541 + oo_close_lru); 3542 3542 + if (time_after((unsigned long)oo->oo_time, 3543 3543 + (unsigned long)cutoff)) { 4186 3544 t = oo->oo_time - cutoff; 4187 3545 new_timeo = min(new_timeo, t); 4188 3546 break; 4189 3547 } 4190 4190 - release_openowner(oo); 3548 3548 + list_del_init(&oo->oo_close_lru); 3549 3549 + stp = oo->oo_last_closed_stid; 3550 3550 + oo->oo_last_closed_stid = NULL; 3551 3551 + spin_unlock(&nn->client_lock); 3552 3552 + nfs4_put_stid(&stp->st_stid); 3553 3553 + spin_lock(&nn->client_lock); 4191 3554 } 3555 3555 + spin_unlock(&nn->client_lock); 3556 3556 + 4192 3557 new_timeo = max_t(time_t, new_timeo, NFSD_LAUNDROMAT_MINTIMEOUT); 4193 4193 - nfs4_unlock_state(); 4194 3558 return new_timeo; 4195 3559 } 4196 3560 ··· 4226 3564 4227 3565 static inline __be32 nfs4_check_fh(struct svc_fh *fhp, struct nfs4_ol_stateid *stp) 4228 3566 { 4229 4229 - if (fhp->fh_dentry->d_inode != stp->st_file->fi_inode) 3567 3567 + if (!nfsd_fh_match(&fhp->fh_handle, &stp->st_stid.sc_file->fi_fhandle)) 4230 3568 return nfserr_bad_stateid; 4231 3569 return nfs_ok; 4232 3570 } ··· 4328 3666 { 4329 3667 struct nfs4_stid *s; 4330 3668 struct nfs4_ol_stateid *ols; 4331 4331 - __be32 status; 3669 3669 + __be32 status = nfserr_bad_stateid; 4332 3670 4333 3671 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 4334 4334 - return nfserr_bad_stateid; 3672 3672 + return status; 4335 3673 /* Client debugging aid. */ 4336 3674 if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { 4337 3675 char addr_str[INET6_ADDRSTRLEN]; ··· 4339 3677 sizeof(addr_str)); 4340 3678 pr_warn_ratelimited("NFSD: client %s testing state ID " 4341 3679 "with incorrect client ID\n", addr_str); 4342 4342 - return nfserr_bad_stateid; 3680 3680 + return status; 4343 3681 } 4344 4344 - s = find_stateid(cl, stateid); 3682 3682 + spin_lock(&cl->cl_lock); 3683 3683 + s = find_stateid_locked(cl, stateid); 4345 3684 if (!s) 4346 4346 - return nfserr_bad_stateid; 3685 3685 + goto out_unlock; 4347 3686 status = check_stateid_generation(stateid, &s->sc_stateid, 1); 4348 3687 if (status) 4349 4349 - return status; 3688 3688 + goto out_unlock; 4350 3689 switch (s->sc_type) { 4351 3690 case NFS4_DELEG_STID: 4352 4352 - return nfs_ok; 3691 3691 + status = nfs_ok; 3692 3692 + break; 4353 3693 case NFS4_REVOKED_DELEG_STID: 4354 4354 - return nfserr_deleg_revoked; 3694 3694 + status = nfserr_deleg_revoked; 3695 3695 + break; 4355 3696 case NFS4_OPEN_STID: 4356 3697 case NFS4_LOCK_STID: 4357 3698 ols = openlockstateid(s); 4358 3699 if (ols->st_stateowner->so_is_open_owner 4359 3700 && !(openowner(ols->st_stateowner)->oo_flags 4360 3701 & NFS4_OO_CONFIRMED)) 4361 4361 - return nfserr_bad_stateid; 4362 4362 - return nfs_ok; 3702 3702 + status = nfserr_bad_stateid; 3703 3703 + else 3704 3704 + status = nfs_ok; 3705 3705 + break; 4363 3706 default: 4364 3707 printk("unknown stateid type %x\n", s->sc_type); 3708 3708 + /* Fallthrough */ 4365 3709 case NFS4_CLOSED_STID: 4366 4366 - return nfserr_bad_stateid; 3710 3710 + case NFS4_CLOSED_DELEG_STID: 3711 3711 + status = nfserr_bad_stateid; 4367 3712 } 3713 3713 + out_unlock: 3714 3714 + spin_unlock(&cl->cl_lock); 3715 3715 + return status; 4368 3716 } 4369 3717 4370 4370 - static __be32 nfsd4_lookup_stateid(stateid_t *stateid, unsigned char typemask, 4371 4371 - struct nfs4_stid **s, bool sessions, 4372 4372 - struct nfsd_net *nn) 3718 3718 + static __be32 3719 3719 + nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, 3720 3720 + stateid_t *stateid, unsigned char typemask, 3721 3721 + struct nfs4_stid **s, struct nfsd_net *nn) 4373 3722 { 4374 4374 - struct nfs4_client *cl; 4375 3723 __be32 status; 4376 3724 4377 3725 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 4378 3726 return nfserr_bad_stateid; 4379 4379 - status = lookup_clientid(&stateid->si_opaque.so_clid, sessions, 4380 4380 - nn, &cl); 3727 3727 + status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); 4381 3728 if (status == nfserr_stale_clientid) { 4382 4382 - if (sessions) 3729 3729 + if (cstate->session) 4383 3730 return nfserr_bad_stateid; 4384 3731 return nfserr_stale_stateid; 4385 3732 } 4386 3733 if (status) 4387 3734 return status; 4388 4388 - *s = find_stateid_by_type(cl, stateid, typemask); 3735 3735 + *s = find_stateid_by_type(cstate->clp, stateid, typemask); 4389 3736 if (!*s) 4390 3737 return nfserr_bad_stateid; 4391 3738 return nfs_ok; ··· 4425 3754 if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) 4426 3755 return check_special_stateids(net, current_fh, stateid, flags); 4427 3756 4428 4428 - nfs4_lock_state(); 4429 4429 - 4430 4430 - status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 4431 4431 - &s, cstate->minorversion, nn); 3757 3757 + status = nfsd4_lookup_stateid(cstate, stateid, 3758 3758 + NFS4_DELEG_STID|NFS4_OPEN_STID|NFS4_LOCK_STID, 3759 3759 + &s, nn); 4432 3760 if (status) 4433 4433 - goto out; 3761 3761 + return status; 4434 3762 status = check_stateid_generation(stateid, &s->sc_stateid, nfsd4_has_session(cstate)); 4435 3763 if (status) 4436 3764 goto out; ··· 4440 3770 if (status) 4441 3771 goto out; 4442 3772 if (filpp) { 4443 4443 - file = dp->dl_file->fi_deleg_file; 3773 3773 + file = dp->dl_stid.sc_file->fi_deleg_file; 4444 3774 if (!file) { 4445 3775 WARN_ON_ONCE(1); 4446 3776 status = nfserr_serverfault; 4447 3777 goto out; 4448 3778 } 3779 3779 + get_file(file); 4449 3780 } 4450 3781 break; 4451 3782 case NFS4_OPEN_STID: ··· 4462 3791 if (status) 4463 3792 goto out; 4464 3793 if (filpp) { 3794 3794 + struct nfs4_file *fp = stp->st_stid.sc_file; 3795 3795 + 4465 3796 if (flags & RD_STATE) 4466 4466 - file = find_readable_file(stp->st_file); 3797 3797 + file = find_readable_file(fp); 4467 3798 else 4468 4468 - file = find_writeable_file(stp->st_file); 3799 3799 + file = find_writeable_file(fp); 4469 3800 } 4470 3801 break; 4471 3802 default: ··· 4476 3803 } 4477 3804 status = nfs_ok; 4478 3805 if (file) 4479 4479 - *filpp = get_file(file); 3806 3806 + *filpp = file; 4480 3807 out: 4481 4481 - nfs4_unlock_state(); 3808 3808 + nfs4_put_stid(s); 4482 3809 return status; 4483 4483 - } 4484 4484 - 4485 4485 - static __be32 4486 4486 - nfsd4_free_lock_stateid(struct nfs4_ol_stateid *stp) 4487 4487 - { 4488 4488 - struct nfs4_lockowner *lo = lockowner(stp->st_stateowner); 4489 4489 - 4490 4490 - if (check_for_locks(stp->st_file, lo)) 4491 4491 - return nfserr_locks_held; 4492 4492 - /* 4493 4493 - * Currently there's a 1-1 lock stateid<->lockowner 4494 4494 - * correspondance, and we have to delete the lockowner when we 4495 4495 - * delete the lock stateid: 4496 4496 - */ 4497 4497 - release_lockowner(lo); 4498 4498 - return nfs_ok; 4499 3810 } 4500 3811 4501 3812 /* ··· 4492 3835 struct nfsd4_test_stateid_id *stateid; 4493 3836 struct nfs4_client *cl = cstate->session->se_client; 4494 3837 4495 4495 - nfs4_lock_state(); 4496 3838 list_for_each_entry(stateid, &test_stateid->ts_stateid_list, ts_id_list) 4497 3839 stateid->ts_id_status = 4498 3840 nfsd4_validate_stateid(cl, &stateid->ts_id_stateid); 4499 4499 - nfs4_unlock_state(); 4500 3841 4501 3842 return nfs_ok; 4502 3843 } ··· 4506 3851 stateid_t *stateid = &free_stateid->fr_stateid; 4507 3852 struct nfs4_stid *s; 4508 3853 struct nfs4_delegation *dp; 3854 3854 + struct nfs4_ol_stateid *stp; 4509 3855 struct nfs4_client *cl = cstate->session->se_client; 4510 3856 __be32 ret = nfserr_bad_stateid; 4511 3857 4512 4512 - nfs4_lock_state(); 4513 4513 - s = find_stateid(cl, stateid); 3858 3858 + spin_lock(&cl->cl_lock); 3859 3859 + s = find_stateid_locked(cl, stateid); 4514 3860 if (!s) 4515 4515 - goto out; 3861 3861 + goto out_unlock; 4516 3862 switch (s->sc_type) { 4517 3863 case NFS4_DELEG_STID: 4518 3864 ret = nfserr_locks_held; 4519 4519 - goto out; 3865 3865 + break; 4520 3866 case NFS4_OPEN_STID: 3867 3867 + ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 3868 3868 + if (ret) 3869 3869 + break; 3870 3870 + ret = nfserr_locks_held; 3871 3871 + break; 4521 3872 case NFS4_LOCK_STID: 4522 3873 ret = check_stateid_generation(stateid, &s->sc_stateid, 1); 4523 3874 if (ret) 4524 4524 - goto out; 4525 4525 - if (s->sc_type == NFS4_LOCK_STID) 4526 4526 - ret = nfsd4_free_lock_stateid(openlockstateid(s)); 4527 4527 - else 4528 4528 - ret = nfserr_locks_held; 4529 4529 - break; 3875 3875 + break; 3876 3876 + stp = openlockstateid(s); 3877 3877 + ret = nfserr_locks_held; 3878 3878 + if (check_for_locks(stp->st_stid.sc_file, 3879 3879 + lockowner(stp->st_stateowner))) 3880 3880 + break; 3881 3881 + unhash_lock_stateid(stp); 3882 3882 + spin_unlock(&cl->cl_lock); 3883 3883 + nfs4_put_stid(s); 3884 3884 + ret = nfs_ok; 3885 3885 + goto out; 4530 3886 case NFS4_REVOKED_DELEG_STID: 4531 3887 dp = delegstateid(s); 4532 4532 - destroy_revoked_delegation(dp); 3888 3888 + list_del_init(&dp->dl_recall_lru); 3889 3889 + spin_unlock(&cl->cl_lock); 3890 3890 + nfs4_put_stid(s); 4533 3891 ret = nfs_ok; 4534 4534 - break; 4535 4535 - default: 4536 4536 - ret = nfserr_bad_stateid; 3892 3892 + goto out; 3893 3893 + /* Default falls through and returns nfserr_bad_stateid */ 4537 3894 } 3895 3895 + out_unlock: 3896 3896 + spin_unlock(&cl->cl_lock); 4538 3897 out: 4539 4539 - nfs4_unlock_state(); 4540 3898 return ret; 4541 3899 } 4542 3900 ··· 4594 3926 { 4595 3927 __be32 status; 4596 3928 struct nfs4_stid *s; 3929 3929 + struct nfs4_ol_stateid *stp = NULL; 4597 3930 4598 3931 dprintk("NFSD: %s: seqid=%d stateid = " STATEID_FMT "\n", __func__, 4599 3932 seqid, STATEID_VAL(stateid)); 4600 3933 4601 3934 *stpp = NULL; 4602 4602 - status = nfsd4_lookup_stateid(stateid, typemask, &s, 4603 4603 - cstate->minorversion, nn); 3935 3935 + status = nfsd4_lookup_stateid(cstate, stateid, typemask, &s, nn); 4604 3936 if (status) 4605 3937 return status; 4606 4606 - *stpp = openlockstateid(s); 4607 4607 - if (!nfsd4_has_session(cstate)) 4608 4608 - cstate->replay_owner = (*stpp)->st_stateowner; 3938 3938 + stp = openlockstateid(s); 3939 3939 + nfsd4_cstate_assign_replay(cstate, stp->st_stateowner); 4609 3940 4610 4610 - return nfs4_seqid_op_checks(cstate, stateid, seqid, *stpp); 3941 3941 + status = nfs4_seqid_op_checks(cstate, stateid, seqid, stp); 3942 3942 + if (!status) 3943 3943 + *stpp = stp; 3944 3944 + else 3945 3945 + nfs4_put_stid(&stp->st_stid); 3946 3946 + return status; 4611 3947 } 4612 3948 4613 3949 static __be32 nfs4_preprocess_confirmed_seqid_op(struct nfsd4_compound_state *cstate, u32 seqid, ··· 4619 3947 { 4620 3948 __be32 status; 4621 3949 struct nfs4_openowner *oo; 3950 3950 + struct nfs4_ol_stateid *stp; 4622 3951 4623 3952 status = nfs4_preprocess_seqid_op(cstate, seqid, stateid, 4624 4624 - NFS4_OPEN_STID, stpp, nn); 3953 3953 + NFS4_OPEN_STID, &stp, nn); 4625 3954 if (status) 4626 3955 return status; 4627 4627 - oo = openowner((*stpp)->st_stateowner); 4628 4628 - if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) 3956 3956 + oo = openowner(stp->st_stateowner); 3957 3957 + if (!(oo->oo_flags & NFS4_OO_CONFIRMED)) { 3958 3958 + nfs4_put_stid(&stp->st_stid); 4629 3959 return nfserr_bad_stateid; 3960 3960 + } 3961 3961 + *stpp = stp; 4630 3962 return nfs_ok; 4631 3963 } 4632 3964 ··· 4650 3974 if (status) 4651 3975 return status; 4652 3976 4653 4653 - nfs4_lock_state(); 4654 4654 - 4655 3977 status = nfs4_preprocess_seqid_op(cstate, 4656 3978 oc->oc_seqid, &oc->oc_req_stateid, 4657 3979 NFS4_OPEN_STID, &stp, nn); ··· 4658 3984 oo = openowner(stp->st_stateowner); 4659 3985 status = nfserr_bad_stateid; 4660 3986 if (oo->oo_flags & NFS4_OO_CONFIRMED) 4661 4661 - goto out; 3987 3987 + goto put_stateid; 4662 3988 oo->oo_flags |= NFS4_OO_CONFIRMED; 4663 3989 update_stateid(&stp->st_stid.sc_stateid); 4664 3990 memcpy(&oc->oc_resp_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); ··· 4667 3993 4668 3994 nfsd4_client_record_create(oo->oo_owner.so_client); 4669 3995 status = nfs_ok; 3996 3996 + put_stateid: 3997 3997 + nfs4_put_stid(&stp->st_stid); 4670 3998 out: 4671 3999 nfsd4_bump_seqid(cstate, status); 4672 4672 - if (!cstate->replay_owner) 4673 4673 - nfs4_unlock_state(); 4674 4000 return status; 4675 4001 } 4676 4002 ··· 4678 4004 { 4679 4005 if (!test_access(access, stp)) 4680 4006 return; 4681 4681 - nfs4_file_put_access(stp->st_file, nfs4_access_to_omode(access)); 4007 4007 + nfs4_file_put_access(stp->st_stid.sc_file, access); 4682 4008 clear_access(access, stp); 4683 4009 } 4684 4010 ··· 4700 4026 } 4701 4027 } 4702 4028 4703 4703 - static void 4704 4704 - reset_union_bmap_deny(unsigned long deny, struct nfs4_ol_stateid *stp) 4705 4705 - { 4706 4706 - int i; 4707 4707 - for (i = 0; i < 4; i++) { 4708 4708 - if ((i & deny) != i) 4709 4709 - clear_deny(i, stp); 4710 4710 - } 4711 4711 - } 4712 4712 - 4713 4029 __be32 4714 4030 nfsd4_open_downgrade(struct svc_rqst *rqstp, 4715 4031 struct nfsd4_compound_state *cstate, ··· 4717 4053 dprintk("NFSD: %s: od_deleg_want=0x%x ignored\n", __func__, 4718 4054 od->od_deleg_want); 4719 4055 4720 4720 - nfs4_lock_state(); 4721 4056 status = nfs4_preprocess_confirmed_seqid_op(cstate, od->od_seqid, 4722 4057 &od->od_stateid, &stp, nn); 4723 4058 if (status) 4724 4059 goto out; 4725 4060 status = nfserr_inval; 4726 4061 if (!test_access(od->od_share_access, stp)) { 4727 4727 - dprintk("NFSD: access not a subset current bitmap: 0x%lx, input access=%08x\n", 4062 4062 + dprintk("NFSD: access not a subset of current bitmap: 0x%hhx, input access=%08x\n", 4728 4063 stp->st_access_bmap, od->od_share_access); 4729 4729 - goto out; 4064 4064 + goto put_stateid; 4730 4065 } 4731 4066 if (!test_deny(od->od_share_deny, stp)) { 4732 4732 - dprintk("NFSD:deny not a subset current bitmap: 0x%lx, input deny=%08x\n", 4067 4067 + dprintk("NFSD: deny not a subset of current bitmap: 0x%hhx, input deny=%08x\n", 4733 4068 stp->st_deny_bmap, od->od_share_deny); 4734 4734 - goto out; 4069 4069 + goto put_stateid; 4735 4070 } 4736 4071 nfs4_stateid_downgrade(stp, od->od_share_access); 4737 4072 ··· 4739 4076 update_stateid(&stp->st_stid.sc_stateid); 4740 4077 memcpy(&od->od_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 4741 4078 status = nfs_ok; 4079 4079 + put_stateid: 4080 4080 + nfs4_put_stid(&stp->st_stid); 4742 4081 out: 4743 4082 nfsd4_bump_seqid(cstate, status); 4744 4744 - if (!cstate->replay_owner) 4745 4745 - nfs4_unlock_state(); 4746 4083 return status; 4747 4084 } 4748 4085 4749 4086 static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) 4750 4087 { 4751 4751 - unhash_open_stateid(s); 4088 4088 + struct nfs4_client *clp = s->st_stid.sc_client; 4089 4089 + LIST_HEAD(reaplist); 4090 4090 + 4752 4091 s->st_stid.sc_type = NFS4_CLOSED_STID; 4092 4092 + spin_lock(&clp->cl_lock); 4093 4093 + unhash_open_stateid(s, &reaplist); 4094 4094 + 4095 4095 + if (clp->cl_minorversion) { 4096 4096 + put_ol_stateid_locked(s, &reaplist); 4097 4097 + spin_unlock(&clp->cl_lock); 4098 4098 + free_ol_stateid_reaplist(&reaplist); 4099 4099 + } else { 4100 4100 + spin_unlock(&clp->cl_lock); 4101 4101 + free_ol_stateid_reaplist(&reaplist); 4102 4102 + move_to_close_lru(s, clp->net); 4103 4103 + } 4753 4104 } 4754 4105 4755 4106 /* ··· 4774 4097 struct nfsd4_close *close) 4775 4098 { 4776 4099 __be32 status; 4777 4777 - struct nfs4_openowner *oo; 4778 4100 struct nfs4_ol_stateid *stp; 4779 4101 struct net *net = SVC_NET(rqstp); 4780 4102 struct nfsd_net *nn = net_generic(net, nfsd_net_id); ··· 4781 4105 dprintk("NFSD: nfsd4_close on file %pd\n", 4782 4106 cstate->current_fh.fh_dentry); 4783 4107 4784 4784 - nfs4_lock_state(); 4785 4108 status = nfs4_preprocess_seqid_op(cstate, close->cl_seqid, 4786 4109 &close->cl_stateid, 4787 4110 NFS4_OPEN_STID|NFS4_CLOSED_STID, ··· 4788 4113 nfsd4_bump_seqid(cstate, status); 4789 4114 if (status) 4790 4115 goto out; 4791 4791 - oo = openowner(stp->st_stateowner); 4792 4116 update_stateid(&stp->st_stid.sc_stateid); 4793 4117 memcpy(&close->cl_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 4794 4118 4795 4119 nfsd4_close_open_stateid(stp); 4796 4120 4797 4797 - if (cstate->minorversion) 4798 4798 - free_generic_stateid(stp); 4799 4799 - else 4800 4800 - oo->oo_last_closed_stid = stp; 4801 4801 - 4802 4802 - if (list_empty(&oo->oo_owner.so_stateids)) { 4803 4803 - if (cstate->minorversion) 4804 4804 - release_openowner(oo); 4805 4805 - else { 4806 4806 - /* 4807 4807 - * In the 4.0 case we need to keep the owners around a 4808 4808 - * little while to handle CLOSE replay. 4809 4809 - */ 4810 4810 - move_to_close_lru(oo, SVC_NET(rqstp)); 4811 4811 - } 4812 4812 - } 4121 4121 + /* put reference from nfs4_preprocess_seqid_op */ 4122 4122 + nfs4_put_stid(&stp->st_stid); 4813 4123 out: 4814 4814 - if (!cstate->replay_owner) 4815 4815 - nfs4_unlock_state(); 4816 4124 return status; 4817 4125 } 4818 4126 ··· 4812 4154 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 4813 4155 return status; 4814 4156 4815 4815 - nfs4_lock_state(); 4816 4816 - status = nfsd4_lookup_stateid(stateid, NFS4_DELEG_STID, &s, 4817 4817 - cstate->minorversion, nn); 4157 4157 + status = nfsd4_lookup_stateid(cstate, stateid, NFS4_DELEG_STID, &s, nn); 4818 4158 if (status) 4819 4159 goto out; 4820 4160 dp = delegstateid(s); 4821 4161 status = check_stateid_generation(stateid, &dp->dl_stid.sc_stateid, nfsd4_has_session(cstate)); 4822 4162 if (status) 4823 4823 - goto out; 4163 4163 + goto put_stateid; 4824 4164 4825 4165 destroy_delegation(dp); 4166 4166 + put_stateid: 4167 4167 + nfs4_put_stid(&dp->dl_stid); 4826 4168 out: 4827 4827 - nfs4_unlock_state(); 4828 4828 - 4829 4169 return status; 4830 4170 } 4831 4171 4832 4172 4833 4173 #define LOFF_OVERFLOW(start, len) ((u64)(len) > ~(u64)(start)) 4834 4834 - 4835 4835 - #define LOCKOWNER_INO_HASH_MASK (LOCKOWNER_INO_HASH_SIZE - 1) 4836 4174 4837 4175 static inline u64 4838 4176 end_offset(u64 start, u64 len) ··· 4848 4194 WARN_ON_ONCE(!len); 4849 4195 end = start + len; 4850 4196 return end > start ? end - 1: NFS4_MAX_UINT64; 4851 4851 - } 4852 4852 - 4853 4853 - static unsigned int lockowner_ino_hashval(struct inode *inode, u32 cl_id, struct xdr_netobj *ownername) 4854 4854 - { 4855 4855 - return (file_hashval(inode) + cl_id 4856 4856 - + opaque_hashval(ownername->data, ownername->len)) 4857 4857 - & LOCKOWNER_INO_HASH_MASK; 4858 4197 } 4859 4198 4860 4199 /* ··· 4902 4255 deny->ld_type = NFS4_WRITE_LT; 4903 4256 } 4904 4257 4905 4905 - static bool same_lockowner_ino(struct nfs4_lockowner *lo, struct inode *inode, clientid_t *clid, struct xdr_netobj *owner) 4906 4906 - { 4907 4907 - struct nfs4_ol_stateid *lst; 4908 4908 - 4909 4909 - if (!same_owner_str(&lo->lo_owner, owner, clid)) 4910 4910 - return false; 4911 4911 - if (list_empty(&lo->lo_owner.so_stateids)) { 4912 4912 - WARN_ON_ONCE(1); 4913 4913 - return false; 4914 4914 - } 4915 4915 - lst = list_first_entry(&lo->lo_owner.so_stateids, 4916 4916 - struct nfs4_ol_stateid, st_perstateowner); 4917 4917 - return lst->st_file->fi_inode == inode; 4918 4918 - } 4919 4919 - 4920 4258 static struct nfs4_lockowner * 4921 4921 - find_lockowner_str(struct inode *inode, clientid_t *clid, 4922 4922 - struct xdr_netobj *owner, struct nfsd_net *nn) 4259 4259 + find_lockowner_str_locked(clientid_t *clid, struct xdr_netobj *owner, 4260 4260 + struct nfs4_client *clp) 4923 4261 { 4924 4924 - unsigned int hashval = lockowner_ino_hashval(inode, clid->cl_id, owner); 4925 4925 - struct nfs4_lockowner *lo; 4262 4262 + unsigned int strhashval = ownerstr_hashval(owner); 4263 4263 + struct nfs4_stateowner *so; 4926 4264 4927 4927 - list_for_each_entry(lo, &nn->lockowner_ino_hashtbl[hashval], lo_owner_ino_hash) { 4928 4928 - if (same_lockowner_ino(lo, inode, clid, owner)) 4929 4929 - return lo; 4265 4265 + lockdep_assert_held(&clp->cl_lock); 4266 4266 + 4267 4267 + list_for_each_entry(so, &clp->cl_ownerstr_hashtbl[strhashval], 4268 4268 + so_strhash) { 4269 4269 + if (so->so_is_open_owner) 4270 4270 + continue; 4271 4271 + if (!same_owner_str(so, owner)) 4272 4272 + continue; 4273 4273 + atomic_inc(&so->so_count); 4274 4274 + return lockowner(so); 4930 4275 } 4931 4276 return NULL; 4932 4277 } 4933 4278 4934 4934 - static void hash_lockowner(struct nfs4_lockowner *lo, unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp) 4279 4279 + static struct nfs4_lockowner * 4280 4280 + find_lockowner_str(clientid_t *clid, struct xdr_netobj *owner, 4281 4281 + struct nfs4_client *clp) 4935 4282 { 4936 4936 - struct inode *inode = open_stp->st_file->fi_inode; 4937 4937 - unsigned int inohash = lockowner_ino_hashval(inode, 4938 4938 - clp->cl_clientid.cl_id, &lo->lo_owner.so_owner); 4939 4939 - struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); 4283 4283 + struct nfs4_lockowner *lo; 4940 4284 4941 4941 - list_add(&lo->lo_owner.so_strhash, &nn->ownerstr_hashtbl[strhashval]); 4942 4942 - list_add(&lo->lo_owner_ino_hash, &nn->lockowner_ino_hashtbl[inohash]); 4943 4943 - list_add(&lo->lo_perstateid, &open_stp->st_lockowners); 4285 4285 + spin_lock(&clp->cl_lock); 4286 4286 + lo = find_lockowner_str_locked(clid, owner, clp); 4287 4287 + spin_unlock(&clp->cl_lock); 4288 4288 + return lo; 4944 4289 } 4290 4290 + 4291 4291 + static void nfs4_unhash_lockowner(struct nfs4_stateowner *sop) 4292 4292 + { 4293 4293 + unhash_lockowner_locked(lockowner(sop)); 4294 4294 + } 4295 4295 + 4296 4296 + static void nfs4_free_lockowner(struct nfs4_stateowner *sop) 4297 4297 + { 4298 4298 + struct nfs4_lockowner *lo = lockowner(sop); 4299 4299 + 4300 4300 + kmem_cache_free(lockowner_slab, lo); 4301 4301 + } 4302 4302 + 4303 4303 + static const struct nfs4_stateowner_operations lockowner_ops = { 4304 4304 + .so_unhash = nfs4_unhash_lockowner, 4305 4305 + .so_free = nfs4_free_lockowner, 4306 4306 + }; 4945 4307 4946 4308 /* 4947 4309 * Alloc a lock owner structure. ··· 4959 4303 * 4960 4304 * strhashval = ownerstr_hashval 4961 4305 */ 4962 4962 - 4963 4306 static struct nfs4_lockowner * 4964 4964 - alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, struct nfs4_ol_stateid *open_stp, struct nfsd4_lock *lock) { 4965 4965 - struct nfs4_lockowner *lo; 4307 4307 + alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, 4308 4308 + struct nfs4_ol_stateid *open_stp, 4309 4309 + struct nfsd4_lock *lock) 4310 4310 + { 4311 4311 + struct nfs4_lockowner *lo, *ret; 4966 4312 4967 4313 lo = alloc_stateowner(lockowner_slab, &lock->lk_new_owner, clp); 4968 4314 if (!lo) 4969 4315 return NULL; 4970 4316 INIT_LIST_HEAD(&lo->lo_owner.so_stateids); 4971 4317 lo->lo_owner.so_is_open_owner = 0; 4972 4972 - /* It is the openowner seqid that will be incremented in encode in the 4973 4973 - * case of new lockowners; so increment the lock seqid manually: */ 4974 4974 - lo->lo_owner.so_seqid = lock->lk_new_lock_seqid + 1; 4975 4975 - hash_lockowner(lo, strhashval, clp, open_stp); 4318 4318 + lo->lo_owner.so_seqid = lock->lk_new_lock_seqid; 4319 4319 + lo->lo_owner.so_ops = &lockowner_ops; 4320 4320 + spin_lock(&clp->cl_lock); 4321 4321 + ret = find_lockowner_str_locked(&clp->cl_clientid, 4322 4322 + &lock->lk_new_owner, clp); 4323 4323 + if (ret == NULL) { 4324 4324 + list_add(&lo->lo_owner.so_strhash, 4325 4325 + &clp->cl_ownerstr_hashtbl[strhashval]); 4326 4326 + ret = lo; 4327 4327 + } else 4328 4328 + nfs4_free_lockowner(&lo->lo_owner); 4329 4329 + spin_unlock(&clp->cl_lock); 4976 4330 return lo; 4977 4331 } 4978 4332 4979 4979 - static struct nfs4_ol_stateid * 4980 4980 - alloc_init_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp, struct nfs4_ol_stateid *open_stp) 4333 4333 + static void 4334 4334 + init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, 4335 4335 + struct nfs4_file *fp, struct inode *inode, 4336 4336 + struct nfs4_ol_stateid *open_stp) 4981 4337 { 4982 4982 - struct nfs4_ol_stateid *stp; 4983 4338 struct nfs4_client *clp = lo->lo_owner.so_client; 4984 4339 4985 4985 - stp = nfs4_alloc_stateid(clp); 4986 4986 - if (stp == NULL) 4987 4987 - return NULL; 4340 4340 + lockdep_assert_held(&clp->cl_lock); 4341 4341 + 4342 4342 + atomic_inc(&stp->st_stid.sc_count); 4988 4343 stp->st_stid.sc_type = NFS4_LOCK_STID; 4989 4989 - list_add(&stp->st_perfile, &fp->fi_stateids); 4990 4990 - list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 4991 4344 stp->st_stateowner = &lo->lo_owner; 4345 4345 + atomic_inc(&lo->lo_owner.so_count); 4992 4346 get_nfs4_file(fp); 4993 4993 - stp->st_file = fp; 4347 4347 + stp->st_stid.sc_file = fp; 4348 4348 + stp->st_stid.sc_free = nfs4_free_lock_stateid; 4994 4349 stp->st_access_bmap = 0; 4995 4350 stp->st_deny_bmap = open_stp->st_deny_bmap; 4996 4351 stp->st_openstp = open_stp; 4997 4997 - return stp; 4352 4352 + list_add(&stp->st_locks, &open_stp->st_locks); 4353 4353 + list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); 4354 4354 + spin_lock(&fp->fi_lock); 4355 4355 + list_add(&stp->st_perfile, &fp->fi_stateids); 4356 4356 + spin_unlock(&fp->fi_lock); 4357 4357 + } 4358 4358 + 4359 4359 + static struct nfs4_ol_stateid * 4360 4360 + find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) 4361 4361 + { 4362 4362 + struct nfs4_ol_stateid *lst; 4363 4363 + struct nfs4_client *clp = lo->lo_owner.so_client; 4364 4364 + 4365 4365 + lockdep_assert_held(&clp->cl_lock); 4366 4366 + 4367 4367 + list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { 4368 4368 + if (lst->st_stid.sc_file == fp) { 4369 4369 + atomic_inc(&lst->st_stid.sc_count); 4370 4370 + return lst; 4371 4371 + } 4372 4372 + } 4373 4373 + return NULL; 4374 4374 + } 4375 4375 + 4376 4376 + static struct nfs4_ol_stateid * 4377 4377 + find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, 4378 4378 + struct inode *inode, struct nfs4_ol_stateid *ost, 4379 4379 + bool *new) 4380 4380 + { 4381 4381 + struct nfs4_stid *ns = NULL; 4382 4382 + struct nfs4_ol_stateid *lst; 4383 4383 + struct nfs4_openowner *oo = openowner(ost->st_stateowner); 4384 4384 + struct nfs4_client *clp = oo->oo_owner.so_client; 4385 4385 + 4386 4386 + spin_lock(&clp->cl_lock); 4387 4387 + lst = find_lock_stateid(lo, fi); 4388 4388 + if (lst == NULL) { 4389 4389 + spin_unlock(&clp->cl_lock); 4390 4390 + ns = nfs4_alloc_stid(clp, stateid_slab); 4391 4391 + if (ns == NULL) 4392 4392 + return NULL; 4393 4393 + 4394 4394 + spin_lock(&clp->cl_lock); 4395 4395 + lst = find_lock_stateid(lo, fi); 4396 4396 + if (likely(!lst)) { 4397 4397 + lst = openlockstateid(ns); 4398 4398 + init_lock_stateid(lst, lo, fi, inode, ost); 4399 4399 + ns = NULL; 4400 4400 + *new = true; 4401 4401 + } 4402 4402 + } 4403 4403 + spin_unlock(&clp->cl_lock); 4404 4404 + if (ns) 4405 4405 + nfs4_put_stid(ns); 4406 4406 + return lst; 4998 4407 } 4999 4408 5000 4409 static int ··· 5071 4350 5072 4351 static void get_lock_access(struct nfs4_ol_stateid *lock_stp, u32 access) 5073 4352 { 5074 5074 - struct nfs4_file *fp = lock_stp->st_file; 5075 5075 - int oflag = nfs4_access_to_omode(access); 4353 4353 + struct nfs4_file *fp = lock_stp->st_stid.sc_file; 4354 4354 + 4355 4355 + lockdep_assert_held(&fp->fi_lock); 5076 4356 5077 4357 if (test_access(access, lock_stp)) 5078 4358 return; 5079 5079 - nfs4_file_get_access(fp, oflag); 4359 4359 + __nfs4_file_get_access(fp, access); 5080 4360 set_access(access, lock_stp); 5081 4361 } 5082 4362 5083 5083 - static __be32 lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, struct nfs4_ol_stateid *ost, struct nfsd4_lock *lock, struct nfs4_ol_stateid **lst, bool *new) 4363 4363 + static __be32 4364 4364 + lookup_or_create_lock_state(struct nfsd4_compound_state *cstate, 4365 4365 + struct nfs4_ol_stateid *ost, 4366 4366 + struct nfsd4_lock *lock, 4367 4367 + struct nfs4_ol_stateid **lst, bool *new) 5084 4368 { 5085 5085 - struct nfs4_file *fi = ost->st_file; 4369 4369 + __be32 status; 4370 4370 + struct nfs4_file *fi = ost->st_stid.sc_file; 5086 4371 struct nfs4_openowner *oo = openowner(ost->st_stateowner); 5087 4372 struct nfs4_client *cl = oo->oo_owner.so_client; 4373 4373 + struct inode *inode = cstate->current_fh.fh_dentry->d_inode; 5088 4374 struct nfs4_lockowner *lo; 5089 4375 unsigned int strhashval; 5090 5090 - struct nfsd_net *nn = net_generic(cl->net, nfsd_net_id); 5091 4376 5092 5092 - lo = find_lockowner_str(fi->fi_inode, &cl->cl_clientid, 5093 5093 - &lock->v.new.owner, nn); 5094 5094 - if (lo) { 5095 5095 - if (!cstate->minorversion) 5096 5096 - return nfserr_bad_seqid; 5097 5097 - /* XXX: a lockowner always has exactly one stateid: */ 5098 5098 - *lst = list_first_entry(&lo->lo_owner.so_stateids, 5099 5099 - struct nfs4_ol_stateid, st_perstateowner); 5100 5100 - return nfs_ok; 4377 4377 + lo = find_lockowner_str(&cl->cl_clientid, &lock->v.new.owner, cl); 4378 4378 + if (!lo) { 4379 4379 + strhashval = ownerstr_hashval(&lock->v.new.owner); 4380 4380 + lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 4381 4381 + if (lo == NULL) 4382 4382 + return nfserr_jukebox; 4383 4383 + } else { 4384 4384 + /* with an existing lockowner, seqids must be the same */ 4385 4385 + status = nfserr_bad_seqid; 4386 4386 + if (!cstate->minorversion && 4387 4387 + lock->lk_new_lock_seqid != lo->lo_owner.so_seqid) 4388 4388 + goto out; 5101 4389 } 5102 5102 - strhashval = ownerstr_hashval(cl->cl_clientid.cl_id, 5103 5103 - &lock->v.new.owner); 5104 5104 - lo = alloc_init_lock_stateowner(strhashval, cl, ost, lock); 5105 5105 - if (lo == NULL) 5106 5106 - return nfserr_jukebox; 5107 5107 - *lst = alloc_init_lock_stateid(lo, fi, ost); 4390 4390 + 4391 4391 + *lst = find_or_create_lock_stateid(lo, fi, inode, ost, new); 5108 4392 if (*lst == NULL) { 5109 5109 - release_lockowner(lo); 5110 5110 - return nfserr_jukebox; 4393 4393 + status = nfserr_jukebox; 4394 4394 + goto out; 5111 4395 } 5112 5112 - *new = true; 5113 5113 - return nfs_ok; 4396 4396 + status = nfs_ok; 4397 4397 + out: 4398 4398 + nfs4_put_stateowner(&lo->lo_owner); 4399 4399 + return status; 5114 4400 } 5115 4401 5116 4402 /* ··· 5129 4401 { 5130 4402 struct nfs4_openowner *open_sop = NULL; 5131 4403 struct nfs4_lockowner *lock_sop = NULL; 5132 5132 - struct nfs4_ol_stateid *lock_stp; 4404 4404 + struct nfs4_ol_stateid *lock_stp = NULL; 4405 4405 + struct nfs4_ol_stateid *open_stp = NULL; 4406 4406 + struct nfs4_file *fp; 5133 4407 struct file *filp = NULL; 5134 4408 struct file_lock *file_lock = NULL; 5135 4409 struct file_lock *conflock = NULL; 5136 4410 __be32 status = 0; 5137 5137 - bool new_state = false; 5138 4411 int lkflg; 5139 4412 int err; 4413 4413 + bool new = false; 5140 4414 struct net *net = SVC_NET(rqstp); 5141 4415 struct nfsd_net *nn = net_generic(net, nfsd_net_id); 5142 4416 ··· 5155 4425 return status; 5156 4426 } 5157 4427 5158 5158 - nfs4_lock_state(); 5159 5159 - 5160 4428 if (lock->lk_is_new) { 5161 5161 - struct nfs4_ol_stateid *open_stp = NULL; 5162 5162 - 5163 4429 if (nfsd4_has_session(cstate)) 5164 4430 /* See rfc 5661 18.10.3: given clientid is ignored: */ 5165 4431 memcpy(&lock->v.new.clientid, ··· 5179 4453 &lock->v.new.clientid)) 5180 4454 goto out; 5181 4455 status = lookup_or_create_lock_state(cstate, open_stp, lock, 5182 5182 - &lock_stp, &new_state); 5183 5183 - } else 4456 4456 + &lock_stp, &new); 4457 4457 + } else { 5184 4458 status = nfs4_preprocess_seqid_op(cstate, 5185 4459 lock->lk_old_lock_seqid, 5186 4460 &lock->lk_old_lock_stateid, 5187 4461 NFS4_LOCK_STID, &lock_stp, nn); 4462 4462 + } 5188 4463 if (status) 5189 4464 goto out; 5190 4465 lock_sop = lockowner(lock_stp->st_stateowner); ··· 5209 4482 goto out; 5210 4483 } 5211 4484 4485 4485 + fp = lock_stp->st_stid.sc_file; 5212 4486 locks_init_lock(file_lock); 5213 4487 switch (lock->lk_type) { 5214 4488 case NFS4_READ_LT: 5215 4489 case NFS4_READW_LT: 5216 5216 - filp = find_readable_file(lock_stp->st_file); 4490 4490 + spin_lock(&fp->fi_lock); 4491 4491 + filp = find_readable_file_locked(fp); 5217 4492 if (filp) 5218 4493 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_READ); 4494 4494 + spin_unlock(&fp->fi_lock); 5219 4495 file_lock->fl_type = F_RDLCK; 5220 4496 break; 5221 4497 case NFS4_WRITE_LT: 5222 4498 case NFS4_WRITEW_LT: 5223 5223 - filp = find_writeable_file(lock_stp->st_file); 4499 4499 + spin_lock(&fp->fi_lock); 4500 4500 + filp = find_writeable_file_locked(fp); 5224 4501 if (filp) 5225 4502 get_lock_access(lock_stp, NFS4_SHARE_ACCESS_WRITE); 4503 4503 + spin_unlock(&fp->fi_lock); 5226 4504 file_lock->fl_type = F_WRLCK; 5227 4505 break; 5228 4506 default: ··· 5276 4544 break; 5277 4545 } 5278 4546 out: 5279 5279 - if (status && new_state) 5280 5280 - release_lockowner(lock_sop); 4547 4547 + if (filp) 4548 4548 + fput(filp); 4549 4549 + if (lock_stp) { 4550 4550 + /* Bump seqid manually if the 4.0 replay owner is openowner */ 4551 4551 + if (cstate->replay_owner && 4552 4552 + cstate->replay_owner != &lock_sop->lo_owner && 4553 4553 + seqid_mutating_err(ntohl(status))) 4554 4554 + lock_sop->lo_owner.so_seqid++; 4555 4555 + 4556 4556 + /* 4557 4557 + * If this is a new, never-before-used stateid, and we are 4558 4558 + * returning an error, then just go ahead and release it. 4559 4559 + */ 4560 4560 + if (status && new) 4561 4561 + release_lock_stateid(lock_stp); 4562 4562 + 4563 4563 + nfs4_put_stid(&lock_stp->st_stid); 4564 4564 + } 4565 4565 + if (open_stp) 4566 4566 + nfs4_put_stid(&open_stp->st_stid); 5281 4567 nfsd4_bump_seqid(cstate, status); 5282 5282 - if (!cstate->replay_owner) 5283 5283 - nfs4_unlock_state(); 5284 4568 if (file_lock) 5285 4569 locks_free_lock(file_lock); 5286 4570 if (conflock) ··· 5328 4580 nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, 5329 4581 struct nfsd4_lockt *lockt) 5330 4582 { 5331 5331 - struct inode *inode; 5332 4583 struct file_lock *file_lock = NULL; 5333 5333 - struct nfs4_lockowner *lo; 4584 4584 + struct nfs4_lockowner *lo = NULL; 5334 4585 __be32 status; 5335 4586 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 5336 4587 ··· 5339 4592 if (check_lock_length(lockt->lt_offset, lockt->lt_length)) 5340 4593 return nfserr_inval; 5341 4594 5342 5342 - nfs4_lock_state(); 5343 5343 - 5344 4595 if (!nfsd4_has_session(cstate)) { 5345 5345 - status = lookup_clientid(&lockt->lt_clientid, false, nn, NULL); 4596 4596 + status = lookup_clientid(&lockt->lt_clientid, cstate, nn); 5346 4597 if (status) 5347 4598 goto out; 5348 4599 } ··· 5348 4603 if ((status = fh_verify(rqstp, &cstate->current_fh, S_IFREG, 0))) 5349 4604 goto out; 5350 4605 5351 5351 - inode = cstate->current_fh.fh_dentry->d_inode; 5352 4606 file_lock = locks_alloc_lock(); 5353 4607 if (!file_lock) { 5354 4608 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); ··· 5370 4626 goto out; 5371 4627 } 5372 4628 5373 5373 - lo = find_lockowner_str(inode, &lockt->lt_clientid, &lockt->lt_owner, nn); 4629 4629 + lo = find_lockowner_str(&lockt->lt_clientid, &lockt->lt_owner, 4630 4630 + cstate->clp); 5374 4631 if (lo) 5375 4632 file_lock->fl_owner = (fl_owner_t)lo; 5376 4633 file_lock->fl_pid = current->tgid; ··· 5391 4646 nfs4_set_lock_denied(file_lock, &lockt->lt_denied); 5392 4647 } 5393 4648 out: 5394 5394 - nfs4_unlock_state(); 4649 4649 + if (lo) 4650 4650 + nfs4_put_stateowner(&lo->lo_owner); 5395 4651 if (file_lock) 5396 4652 locks_free_lock(file_lock); 5397 4653 return status; ··· 5416 4670 if (check_lock_length(locku->lu_offset, locku->lu_length)) 5417 4671 return nfserr_inval; 5418 4672 5419 5419 - nfs4_lock_state(); 5420 5420 - 5421 4673 status = nfs4_preprocess_seqid_op(cstate, locku->lu_seqid, 5422 4674 &locku->lu_stateid, NFS4_LOCK_STID, 5423 4675 &stp, nn); 5424 4676 if (status) 5425 4677 goto out; 5426 5426 - filp = find_any_file(stp->st_file); 4678 4678 + filp = find_any_file(stp->st_stid.sc_file); 5427 4679 if (!filp) { 5428 4680 status = nfserr_lock_range; 5429 5429 - goto out; 4681 4681 + goto put_stateid; 5430 4682 } 5431 4683 file_lock = locks_alloc_lock(); 5432 4684 if (!file_lock) { 5433 4685 dprintk("NFSD: %s: unable to allocate lock!\n", __func__); 5434 4686 status = nfserr_jukebox; 5435 5435 - goto out; 4687 4687 + goto fput; 5436 4688 } 5437 4689 locks_init_lock(file_lock); 5438 4690 file_lock->fl_type = F_UNLCK; ··· 5452 4708 } 5453 4709 update_stateid(&stp->st_stid.sc_stateid); 5454 4710 memcpy(&locku->lu_stateid, &stp->st_stid.sc_stateid, sizeof(stateid_t)); 5455 5455 - 4711 4711 + fput: 4712 4712 + fput(filp); 4713 4713 + put_stateid: 4714 4714 + nfs4_put_stid(&stp->st_stid); 5456 4715 out: 5457 4716 nfsd4_bump_seqid(cstate, status); 5458 5458 - if (!cstate->replay_owner) 5459 5459 - nfs4_unlock_state(); 5460 4717 if (file_lock) 5461 4718 locks_free_lock(file_lock); 5462 4719 return status; 5463 4720 5464 4721 out_nfserr: 5465 4722 status = nfserrno(err); 5466 5466 - goto out; 4723 4723 + goto fput; 5467 4724 } 5468 4725 5469 4726 /* 5470 4727 * returns 5471 5471 - * 1: locks held by lockowner 5472 5472 - * 0: no locks held by lockowner 4728 4728 + * true: locks held by lockowner 4729 4729 + * false: no locks held by lockowner 5473 4730 */ 5474 5474 - static int 5475 5475 - check_for_locks(struct nfs4_file *filp, struct nfs4_lockowner *lowner) 4731 4731 + static bool 4732 4732 + check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner) 5476 4733 { 5477 4734 struct file_lock **flpp; 5478 5478 - struct inode *inode = filp->fi_inode; 5479 5479 - int status = 0; 4735 4735 + int status = false; 4736 4736 + struct file *filp = find_any_file(fp); 4737 4737 + struct inode *inode; 4738 4738 + 4739 4739 + if (!filp) { 4740 4740 + /* Any valid lock stateid should have some sort of access */ 4741 4741 + WARN_ON_ONCE(1); 4742 4742 + return status; 4743 4743 + } 4744 4744 + 4745 4745 + inode = file_inode(filp); 5480 4746 5481 4747 spin_lock(&inode->i_lock); 5482 4748 for (flpp = &inode->i_flock; *flpp != NULL; flpp = &(*flpp)->fl_next) { 5483 4749 if ((*flpp)->fl_owner == (fl_owner_t)lowner) { 5484 5484 - status = 1; 5485 5485 - goto out; 4750 4750 + status = true; 4751 4751 + break; 5486 4752 } 5487 4753 } 5488 5488 - out: 5489 4754 spin_unlock(&inode->i_lock); 4755 4755 + fput(filp); 5490 4756 return status; 5491 4757 } 5492 4758 ··· 5507 4753 { 5508 4754 clientid_t *clid = &rlockowner->rl_clientid; 5509 4755 struct nfs4_stateowner *sop; 5510 5510 - struct nfs4_lockowner *lo; 4756 4756 + struct nfs4_lockowner *lo = NULL; 5511 4757 struct nfs4_ol_stateid *stp; 5512 4758 struct xdr_netobj *owner = &rlockowner->rl_owner; 5513 5513 - struct list_head matches; 5514 5514 - unsigned int hashval = ownerstr_hashval(clid->cl_id, owner); 4759 4759 + unsigned int hashval = ownerstr_hashval(owner); 5515 4760 __be32 status; 5516 4761 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4762 4762 + struct nfs4_client *clp; 5517 4763 5518 4764 dprintk("nfsd4_release_lockowner clientid: (%08x/%08x):\n", 5519 4765 clid->cl_boot, clid->cl_id); 5520 4766 5521 5521 - nfs4_lock_state(); 5522 5522 - 5523 5523 - status = lookup_clientid(clid, cstate->minorversion, nn, NULL); 4767 4767 + status = lookup_clientid(clid, cstate, nn); 5524 4768 if (status) 5525 5525 - goto out; 4769 4769 + return status; 5526 4770 5527 5527 - status = nfserr_locks_held; 5528 5528 - INIT_LIST_HEAD(&matches); 4771 4771 + clp = cstate->clp; 4772 4772 + /* Find the matching lock stateowner */ 4773 4773 + spin_lock(&clp->cl_lock); 4774 4774 + list_for_each_entry(sop, &clp->cl_ownerstr_hashtbl[hashval], 4775 4775 + so_strhash) { 5529 4776 5530 5530 - list_for_each_entry(sop, &nn->ownerstr_hashtbl[hashval], so_strhash) { 5531 5531 - if (sop->so_is_open_owner) 4777 4777 + if (sop->so_is_open_owner || !same_owner_str(sop, owner)) 5532 4778 continue; 5533 5533 - if (!same_owner_str(sop, owner, clid)) 5534 5534 - continue; 5535 5535 - list_for_each_entry(stp, &sop->so_stateids, 5536 5536 - st_perstateowner) { 5537 5537 - lo = lockowner(sop); 5538 5538 - if (check_for_locks(stp->st_file, lo)) 5539 5539 - goto out; 5540 5540 - list_add(&lo->lo_list, &matches); 4779 4779 + 4780 4780 + /* see if there are still any locks associated with it */ 4781 4781 + lo = lockowner(sop); 4782 4782 + list_for_each_entry(stp, &sop->so_stateids, st_perstateowner) { 4783 4783 + if (check_for_locks(stp->st_stid.sc_file, lo)) { 4784 4784 + status = nfserr_locks_held; 4785 4785 + spin_unlock(&clp->cl_lock); 4786 4786 + return status; 4787 4787 + } 5541 4788 } 4789 4789 + 4790 4790 + atomic_inc(&sop->so_count); 4791 4791 + break; 5542 4792 } 5543 5543 - /* Clients probably won't expect us to return with some (but not all) 5544 5544 - * of the lockowner state released; so don't release any until all 5545 5545 - * have been checked. */ 5546 5546 - status = nfs_ok; 5547 5547 - while (!list_empty(&matches)) { 5548 5548 - lo = list_entry(matches.next, struct nfs4_lockowner, 5549 5549 - lo_list); 5550 5550 - /* unhash_stateowner deletes so_perclient only 5551 5551 - * for openowners. */ 5552 5552 - list_del(&lo->lo_list); 4793 4793 + spin_unlock(&clp->cl_lock); 4794 4794 + if (lo) 5553 4795 release_lockowner(lo); 5554 5554 - } 5555 5555 - out: 5556 5556 - nfs4_unlock_state(); 5557 4796 return status; 5558 4797 } 5559 4798 ··· 5634 4887 * Called from OPEN. Look for clientid in reclaim list. 5635 4888 */ 5636 4889 __be32 5637 5637 - nfs4_check_open_reclaim(clientid_t *clid, bool sessions, struct nfsd_net *nn) 4890 4890 + nfs4_check_open_reclaim(clientid_t *clid, 4891 4891 + struct nfsd4_compound_state *cstate, 4892 4892 + struct nfsd_net *nn) 5638 4893 { 5639 5639 - struct nfs4_client *clp; 4894 4894 + __be32 status; 5640 4895 5641 4896 /* find clientid in conf_id_hashtbl */ 5642 5642 - clp = find_confirmed_client(clid, sessions, nn); 5643 5643 - if (clp == NULL) 4897 4897 + status = lookup_clientid(clid, cstate, nn); 4898 4898 + if (status) 5644 4899 return nfserr_reclaim_bad; 5645 4900 5646 5646 - return nfsd4_client_record_check(clp) ? nfserr_reclaim_bad : nfs_ok; 4901 4901 + if (nfsd4_client_record_check(cstate->clp)) 4902 4902 + return nfserr_reclaim_bad; 4903 4903 + 4904 4904 + return nfs_ok; 5647 4905 } 5648 4906 5649 4907 #ifdef CONFIG_NFSD_FAULT_INJECTION 5650 5650 - 5651 5651 - u64 nfsd_forget_client(struct nfs4_client *clp, u64 max) 4908 4908 + static inline void 4909 4909 + put_client(struct nfs4_client *clp) 5652 4910 { 5653 5653 - if (mark_client_expired(clp)) 5654 5654 - return 0; 5655 5655 - expire_client(clp); 5656 5656 - return 1; 4911 4911 + atomic_dec(&clp->cl_refcount); 5657 4912 } 5658 4913 5659 5659 - u64 nfsd_print_client(struct nfs4_client *clp, u64 num) 5660 5660 - { 5661 5661 - char buf[INET6_ADDRSTRLEN]; 5662 5662 - rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 5663 5663 - printk(KERN_INFO "NFS Client: %s\n", buf); 5664 5664 - return 1; 5665 5665 - } 5666 5666 - 5667 5667 - static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 5668 5668 - const char *type) 5669 5669 - { 5670 5670 - char buf[INET6_ADDRSTRLEN]; 5671 5671 - rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 5672 5672 - printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 5673 5673 - } 5674 5674 - 5675 5675 - static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_lockowner *)) 5676 5676 - { 5677 5677 - struct nfs4_openowner *oop; 5678 5678 - struct nfs4_lockowner *lop, *lo_next; 5679 5679 - struct nfs4_ol_stateid *stp, *st_next; 5680 5680 - u64 count = 0; 5681 5681 - 5682 5682 - list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 5683 5683 - list_for_each_entry_safe(stp, st_next, &oop->oo_owner.so_stateids, st_perstateowner) { 5684 5684 - list_for_each_entry_safe(lop, lo_next, &stp->st_lockowners, lo_perstateid) { 5685 5685 - if (func) 5686 5686 - func(lop); 5687 5687 - if (++count == max) 5688 5688 - return count; 5689 5689 - } 5690 5690 - } 5691 5691 - } 5692 5692 - 5693 5693 - return count; 5694 5694 - } 5695 5695 - 5696 5696 - u64 nfsd_forget_client_locks(struct nfs4_client *clp, u64 max) 5697 5697 - { 5698 5698 - return nfsd_foreach_client_lock(clp, max, release_lockowner); 5699 5699 - } 5700 5700 - 5701 5701 - u64 nfsd_print_client_locks(struct nfs4_client *clp, u64 max) 5702 5702 - { 5703 5703 - u64 count = nfsd_foreach_client_lock(clp, max, NULL); 5704 5704 - nfsd_print_count(clp, count, "locked files"); 5705 5705 - return count; 5706 5706 - } 5707 5707 - 5708 5708 - static u64 nfsd_foreach_client_open(struct nfs4_client *clp, u64 max, void (*func)(struct nfs4_openowner *)) 5709 5709 - { 5710 5710 - struct nfs4_openowner *oop, *next; 5711 5711 - u64 count = 0; 5712 5712 - 5713 5713 - list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 5714 5714 - if (func) 5715 5715 - func(oop); 5716 5716 - if (++count == max) 5717 5717 - break; 5718 5718 - } 5719 5719 - 5720 5720 - return count; 5721 5721 - } 5722 5722 - 5723 5723 - u64 nfsd_forget_client_openowners(struct nfs4_client *clp, u64 max) 5724 5724 - { 5725 5725 - return nfsd_foreach_client_open(clp, max, release_openowner); 5726 5726 - } 5727 5727 - 5728 5728 - u64 nfsd_print_client_openowners(struct nfs4_client *clp, u64 max) 5729 5729 - { 5730 5730 - u64 count = nfsd_foreach_client_open(clp, max, NULL); 5731 5731 - nfsd_print_count(clp, count, "open files"); 5732 5732 - return count; 5733 5733 - } 5734 5734 - 5735 5735 - static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 5736 5736 - struct list_head *victims) 5737 5737 - { 5738 5738 - struct nfs4_delegation *dp, *next; 5739 5739 - u64 count = 0; 5740 5740 - 5741 5741 - lockdep_assert_held(&state_lock); 5742 5742 - list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 5743 5743 - if (victims) 5744 5744 - list_move(&dp->dl_recall_lru, victims); 5745 5745 - if (++count == max) 5746 5746 - break; 5747 5747 - } 5748 5748 - return count; 5749 5749 - } 5750 5750 - 5751 5751 - u64 nfsd_forget_client_delegations(struct nfs4_client *clp, u64 max) 5752 5752 - { 5753 5753 - struct nfs4_delegation *dp, *next; 5754 5754 - LIST_HEAD(victims); 5755 5755 - u64 count; 5756 5756 - 5757 5757 - spin_lock(&state_lock); 5758 5758 - count = nfsd_find_all_delegations(clp, max, &victims); 5759 5759 - spin_unlock(&state_lock); 5760 5760 - 5761 5761 - list_for_each_entry_safe(dp, next, &victims, dl_recall_lru) 5762 5762 - revoke_delegation(dp); 5763 5763 - 5764 5764 - return count; 5765 5765 - } 5766 5766 - 5767 5767 - u64 nfsd_recall_client_delegations(struct nfs4_client *clp, u64 max) 5768 5768 - { 5769 5769 - struct nfs4_delegation *dp, *next; 5770 5770 - LIST_HEAD(victims); 5771 5771 - u64 count; 5772 5772 - 5773 5773 - spin_lock(&state_lock); 5774 5774 - count = nfsd_find_all_delegations(clp, max, &victims); 5775 5775 - list_for_each_entry_safe(dp, next, &victims, dl_recall_lru) 5776 5776 - nfsd_break_one_deleg(dp); 5777 5777 - spin_unlock(&state_lock); 5778 5778 - 5779 5779 - return count; 5780 5780 - } 5781 5781 - 5782 5782 - u64 nfsd_print_client_delegations(struct nfs4_client *clp, u64 max) 5783 5783 - { 5784 5784 - u64 count = 0; 5785 5785 - 5786 5786 - spin_lock(&state_lock); 5787 5787 - count = nfsd_find_all_delegations(clp, max, NULL); 5788 5788 - spin_unlock(&state_lock); 5789 5789 - 5790 5790 - nfsd_print_count(clp, count, "delegations"); 5791 5791 - return count; 5792 5792 - } 5793 5793 - 5794 5794 - u64 nfsd_for_n_state(u64 max, u64 (*func)(struct nfs4_client *, u64)) 5795 5795 - { 5796 5796 - struct nfs4_client *clp, *next; 5797 5797 - u64 count = 0; 5798 5798 - struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id); 5799 5799 - 5800 5800 - if (!nfsd_netns_ready(nn)) 5801 5801 - return 0; 5802 5802 - 5803 5803 - list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 5804 5804 - count += func(clp, max - count); 5805 5805 - if ((max != 0) && (count >= max)) 5806 5806 - break; 5807 5807 - } 5808 5808 - 5809 5809 - return count; 5810 5810 - } 5811 5811 - 5812 5812 - struct nfs4_client *nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 4914 4914 + static struct nfs4_client * 4915 4915 + nfsd_find_client(struct sockaddr_storage *addr, size_t addr_size) 5813 4916 { 5814 4917 struct nfs4_client *clp; 5815 5815 - struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id); 4918 4918 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 4919 4919 + nfsd_net_id); 5816 4920 5817 4921 if (!nfsd_netns_ready(nn)) 5818 4922 return NULL; ··· 5675 5077 return NULL; 5676 5078 } 5677 5079 5080 5080 + u64 5081 5081 + nfsd_inject_print_clients(void) 5082 5082 + { 5083 5083 + struct nfs4_client *clp; 5084 5084 + u64 count = 0; 5085 5085 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5086 5086 + nfsd_net_id); 5087 5087 + char buf[INET6_ADDRSTRLEN]; 5088 5088 + 5089 5089 + if (!nfsd_netns_ready(nn)) 5090 5090 + return 0; 5091 5091 + 5092 5092 + spin_lock(&nn->client_lock); 5093 5093 + list_for_each_entry(clp, &nn->client_lru, cl_lru) { 5094 5094 + rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 5095 5095 + pr_info("NFS Client: %s\n", buf); 5096 5096 + ++count; 5097 5097 + } 5098 5098 + spin_unlock(&nn->client_lock); 5099 5099 + 5100 5100 + return count; 5101 5101 + } 5102 5102 + 5103 5103 + u64 5104 5104 + nfsd_inject_forget_client(struct sockaddr_storage *addr, size_t addr_size) 5105 5105 + { 5106 5106 + u64 count = 0; 5107 5107 + struct nfs4_client *clp; 5108 5108 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5109 5109 + nfsd_net_id); 5110 5110 + 5111 5111 + if (!nfsd_netns_ready(nn)) 5112 5112 + return count; 5113 5113 + 5114 5114 + spin_lock(&nn->client_lock); 5115 5115 + clp = nfsd_find_client(addr, addr_size); 5116 5116 + if (clp) { 5117 5117 + if (mark_client_expired_locked(clp) == nfs_ok) 5118 5118 + ++count; 5119 5119 + else 5120 5120 + clp = NULL; 5121 5121 + } 5122 5122 + spin_unlock(&nn->client_lock); 5123 5123 + 5124 5124 + if (clp) 5125 5125 + expire_client(clp); 5126 5126 + 5127 5127 + return count; 5128 5128 + } 5129 5129 + 5130 5130 + u64 5131 5131 + nfsd_inject_forget_clients(u64 max) 5132 5132 + { 5133 5133 + u64 count = 0; 5134 5134 + struct nfs4_client *clp, *next; 5135 5135 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5136 5136 + nfsd_net_id); 5137 5137 + LIST_HEAD(reaplist); 5138 5138 + 5139 5139 + if (!nfsd_netns_ready(nn)) 5140 5140 + return count; 5141 5141 + 5142 5142 + spin_lock(&nn->client_lock); 5143 5143 + list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 5144 5144 + if (mark_client_expired_locked(clp) == nfs_ok) { 5145 5145 + list_add(&clp->cl_lru, &reaplist); 5146 5146 + if (max != 0 && ++count >= max) 5147 5147 + break; 5148 5148 + } 5149 5149 + } 5150 5150 + spin_unlock(&nn->client_lock); 5151 5151 + 5152 5152 + list_for_each_entry_safe(clp, next, &reaplist, cl_lru) 5153 5153 + expire_client(clp); 5154 5154 + 5155 5155 + return count; 5156 5156 + } 5157 5157 + 5158 5158 + static void nfsd_print_count(struct nfs4_client *clp, unsigned int count, 5159 5159 + const char *type) 5160 5160 + { 5161 5161 + char buf[INET6_ADDRSTRLEN]; 5162 5162 + rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf)); 5163 5163 + printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type); 5164 5164 + } 5165 5165 + 5166 5166 + static void 5167 5167 + nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, 5168 5168 + struct list_head *collect) 5169 5169 + { 5170 5170 + struct nfs4_client *clp = lst->st_stid.sc_client; 5171 5171 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5172 5172 + nfsd_net_id); 5173 5173 + 5174 5174 + if (!collect) 5175 5175 + return; 5176 5176 + 5177 5177 + lockdep_assert_held(&nn->client_lock); 5178 5178 + atomic_inc(&clp->cl_refcount); 5179 5179 + list_add(&lst->st_locks, collect); 5180 5180 + } 5181 5181 + 5182 5182 + static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, 5183 5183 + struct list_head *collect, 5184 5184 + void (*func)(struct nfs4_ol_stateid *)) 5185 5185 + { 5186 5186 + struct nfs4_openowner *oop; 5187 5187 + struct nfs4_ol_stateid *stp, *st_next; 5188 5188 + struct nfs4_ol_stateid *lst, *lst_next; 5189 5189 + u64 count = 0; 5190 5190 + 5191 5191 + spin_lock(&clp->cl_lock); 5192 5192 + list_for_each_entry(oop, &clp->cl_openowners, oo_perclient) { 5193 5193 + list_for_each_entry_safe(stp, st_next, 5194 5194 + &oop->oo_owner.so_stateids, st_perstateowner) { 5195 5195 + list_for_each_entry_safe(lst, lst_next, 5196 5196 + &stp->st_locks, st_locks) { 5197 5197 + if (func) { 5198 5198 + func(lst); 5199 5199 + nfsd_inject_add_lock_to_list(lst, 5200 5200 + collect); 5201 5201 + } 5202 5202 + ++count; 5203 5203 + /* 5204 5204 + * Despite the fact that these functions deal 5205 5205 + * with 64-bit integers for "count", we must 5206 5206 + * ensure that it doesn't blow up the 5207 5207 + * clp->cl_refcount. Throw a warning if we 5208 5208 + * start to approach INT_MAX here. 5209 5209 + */ 5210 5210 + WARN_ON_ONCE(count == (INT_MAX / 2)); 5211 5211 + if (count == max) 5212 5212 + goto out; 5213 5213 + } 5214 5214 + } 5215 5215 + } 5216 5216 + out: 5217 5217 + spin_unlock(&clp->cl_lock); 5218 5218 + 5219 5219 + return count; 5220 5220 + } 5221 5221 + 5222 5222 + static u64 5223 5223 + nfsd_collect_client_locks(struct nfs4_client *clp, struct list_head *collect, 5224 5224 + u64 max) 5225 5225 + { 5226 5226 + return nfsd_foreach_client_lock(clp, max, collect, unhash_lock_stateid); 5227 5227 + } 5228 5228 + 5229 5229 + static u64 5230 5230 + nfsd_print_client_locks(struct nfs4_client *clp) 5231 5231 + { 5232 5232 + u64 count = nfsd_foreach_client_lock(clp, 0, NULL, NULL); 5233 5233 + nfsd_print_count(clp, count, "locked files"); 5234 5234 + return count; 5235 5235 + } 5236 5236 + 5237 5237 + u64 5238 5238 + nfsd_inject_print_locks(void) 5239 5239 + { 5240 5240 + struct nfs4_client *clp; 5241 5241 + u64 count = 0; 5242 5242 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5243 5243 + nfsd_net_id); 5244 5244 + 5245 5245 + if (!nfsd_netns_ready(nn)) 5246 5246 + return 0; 5247 5247 + 5248 5248 + spin_lock(&nn->client_lock); 5249 5249 + list_for_each_entry(clp, &nn->client_lru, cl_lru) 5250 5250 + count += nfsd_print_client_locks(clp); 5251 5251 + spin_unlock(&nn->client_lock); 5252 5252 + 5253 5253 + return count; 5254 5254 + } 5255 5255 + 5256 5256 + static void 5257 5257 + nfsd_reap_locks(struct list_head *reaplist) 5258 5258 + { 5259 5259 + struct nfs4_client *clp; 5260 5260 + struct nfs4_ol_stateid *stp, *next; 5261 5261 + 5262 5262 + list_for_each_entry_safe(stp, next, reaplist, st_locks) { 5263 5263 + list_del_init(&stp->st_locks); 5264 5264 + clp = stp->st_stid.sc_client; 5265 5265 + nfs4_put_stid(&stp->st_stid); 5266 5266 + put_client(clp); 5267 5267 + } 5268 5268 + } 5269 5269 + 5270 5270 + u64 5271 5271 + nfsd_inject_forget_client_locks(struct sockaddr_storage *addr, size_t addr_size) 5272 5272 + { 5273 5273 + unsigned int count = 0; 5274 5274 + struct nfs4_client *clp; 5275 5275 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5276 5276 + nfsd_net_id); 5277 5277 + LIST_HEAD(reaplist); 5278 5278 + 5279 5279 + if (!nfsd_netns_ready(nn)) 5280 5280 + return count; 5281 5281 + 5282 5282 + spin_lock(&nn->client_lock); 5283 5283 + clp = nfsd_find_client(addr, addr_size); 5284 5284 + if (clp) 5285 5285 + count = nfsd_collect_client_locks(clp, &reaplist, 0); 5286 5286 + spin_unlock(&nn->client_lock); 5287 5287 + nfsd_reap_locks(&reaplist); 5288 5288 + return count; 5289 5289 + } 5290 5290 + 5291 5291 + u64 5292 5292 + nfsd_inject_forget_locks(u64 max) 5293 5293 + { 5294 5294 + u64 count = 0; 5295 5295 + struct nfs4_client *clp; 5296 5296 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5297 5297 + nfsd_net_id); 5298 5298 + LIST_HEAD(reaplist); 5299 5299 + 5300 5300 + if (!nfsd_netns_ready(nn)) 5301 5301 + return count; 5302 5302 + 5303 5303 + spin_lock(&nn->client_lock); 5304 5304 + list_for_each_entry(clp, &nn->client_lru, cl_lru) { 5305 5305 + count += nfsd_collect_client_locks(clp, &reaplist, max - count); 5306 5306 + if (max != 0 && count >= max) 5307 5307 + break; 5308 5308 + } 5309 5309 + spin_unlock(&nn->client_lock); 5310 5310 + nfsd_reap_locks(&reaplist); 5311 5311 + return count; 5312 5312 + } 5313 5313 + 5314 5314 + static u64 5315 5315 + nfsd_foreach_client_openowner(struct nfs4_client *clp, u64 max, 5316 5316 + struct list_head *collect, 5317 5317 + void (*func)(struct nfs4_openowner *)) 5318 5318 + { 5319 5319 + struct nfs4_openowner *oop, *next; 5320 5320 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5321 5321 + nfsd_net_id); 5322 5322 + u64 count = 0; 5323 5323 + 5324 5324 + lockdep_assert_held(&nn->client_lock); 5325 5325 + 5326 5326 + spin_lock(&clp->cl_lock); 5327 5327 + list_for_each_entry_safe(oop, next, &clp->cl_openowners, oo_perclient) { 5328 5328 + if (func) { 5329 5329 + func(oop); 5330 5330 + if (collect) { 5331 5331 + atomic_inc(&clp->cl_refcount); 5332 5332 + list_add(&oop->oo_perclient, collect); 5333 5333 + } 5334 5334 + } 5335 5335 + ++count; 5336 5336 + /* 5337 5337 + * Despite the fact that these functions deal with 5338 5338 + * 64-bit integers for "count", we must ensure that 5339 5339 + * it doesn't blow up the clp->cl_refcount. Throw a 5340 5340 + * warning if we start to approach INT_MAX here. 5341 5341 + */ 5342 5342 + WARN_ON_ONCE(count == (INT_MAX / 2)); 5343 5343 + if (count == max) 5344 5344 + break; 5345 5345 + } 5346 5346 + spin_unlock(&clp->cl_lock); 5347 5347 + 5348 5348 + return count; 5349 5349 + } 5350 5350 + 5351 5351 + static u64 5352 5352 + nfsd_print_client_openowners(struct nfs4_client *clp) 5353 5353 + { 5354 5354 + u64 count = nfsd_foreach_client_openowner(clp, 0, NULL, NULL); 5355 5355 + 5356 5356 + nfsd_print_count(clp, count, "openowners"); 5357 5357 + return count; 5358 5358 + } 5359 5359 + 5360 5360 + static u64 5361 5361 + nfsd_collect_client_openowners(struct nfs4_client *clp, 5362 5362 + struct list_head *collect, u64 max) 5363 5363 + { 5364 5364 + return nfsd_foreach_client_openowner(clp, max, collect, 5365 5365 + unhash_openowner_locked); 5366 5366 + } 5367 5367 + 5368 5368 + u64 5369 5369 + nfsd_inject_print_openowners(void) 5370 5370 + { 5371 5371 + struct nfs4_client *clp; 5372 5372 + u64 count = 0; 5373 5373 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5374 5374 + nfsd_net_id); 5375 5375 + 5376 5376 + if (!nfsd_netns_ready(nn)) 5377 5377 + return 0; 5378 5378 + 5379 5379 + spin_lock(&nn->client_lock); 5380 5380 + list_for_each_entry(clp, &nn->client_lru, cl_lru) 5381 5381 + count += nfsd_print_client_openowners(clp); 5382 5382 + spin_unlock(&nn->client_lock); 5383 5383 + 5384 5384 + return count; 5385 5385 + } 5386 5386 + 5387 5387 + static void 5388 5388 + nfsd_reap_openowners(struct list_head *reaplist) 5389 5389 + { 5390 5390 + struct nfs4_client *clp; 5391 5391 + struct nfs4_openowner *oop, *next; 5392 5392 + 5393 5393 + list_for_each_entry_safe(oop, next, reaplist, oo_perclient) { 5394 5394 + list_del_init(&oop->oo_perclient); 5395 5395 + clp = oop->oo_owner.so_client; 5396 5396 + release_openowner(oop); 5397 5397 + put_client(clp); 5398 5398 + } 5399 5399 + } 5400 5400 + 5401 5401 + u64 5402 5402 + nfsd_inject_forget_client_openowners(struct sockaddr_storage *addr, 5403 5403 + size_t addr_size) 5404 5404 + { 5405 5405 + unsigned int count = 0; 5406 5406 + struct nfs4_client *clp; 5407 5407 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5408 5408 + nfsd_net_id); 5409 5409 + LIST_HEAD(reaplist); 5410 5410 + 5411 5411 + if (!nfsd_netns_ready(nn)) 5412 5412 + return count; 5413 5413 + 5414 5414 + spin_lock(&nn->client_lock); 5415 5415 + clp = nfsd_find_client(addr, addr_size); 5416 5416 + if (clp) 5417 5417 + count = nfsd_collect_client_openowners(clp, &reaplist, 0); 5418 5418 + spin_unlock(&nn->client_lock); 5419 5419 + nfsd_reap_openowners(&reaplist); 5420 5420 + return count; 5421 5421 + } 5422 5422 + 5423 5423 + u64 5424 5424 + nfsd_inject_forget_openowners(u64 max) 5425 5425 + { 5426 5426 + u64 count = 0; 5427 5427 + struct nfs4_client *clp; 5428 5428 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5429 5429 + nfsd_net_id); 5430 5430 + LIST_HEAD(reaplist); 5431 5431 + 5432 5432 + if (!nfsd_netns_ready(nn)) 5433 5433 + return count; 5434 5434 + 5435 5435 + spin_lock(&nn->client_lock); 5436 5436 + list_for_each_entry(clp, &nn->client_lru, cl_lru) { 5437 5437 + count += nfsd_collect_client_openowners(clp, &reaplist, 5438 5438 + max - count); 5439 5439 + if (max != 0 && count >= max) 5440 5440 + break; 5441 5441 + } 5442 5442 + spin_unlock(&nn->client_lock); 5443 5443 + nfsd_reap_openowners(&reaplist); 5444 5444 + return count; 5445 5445 + } 5446 5446 + 5447 5447 + static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, 5448 5448 + struct list_head *victims) 5449 5449 + { 5450 5450 + struct nfs4_delegation *dp, *next; 5451 5451 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5452 5452 + nfsd_net_id); 5453 5453 + u64 count = 0; 5454 5454 + 5455 5455 + lockdep_assert_held(&nn->client_lock); 5456 5456 + 5457 5457 + spin_lock(&state_lock); 5458 5458 + list_for_each_entry_safe(dp, next, &clp->cl_delegations, dl_perclnt) { 5459 5459 + if (victims) { 5460 5460 + /* 5461 5461 + * It's not safe to mess with delegations that have a 5462 5462 + * non-zero dl_time. They might have already been broken 5463 5463 + * and could be processed by the laundromat outside of 5464 5464 + * the state_lock. Just leave them be. 5465 5465 + */ 5466 5466 + if (dp->dl_time != 0) 5467 5467 + continue; 5468 5468 + 5469 5469 + atomic_inc(&clp->cl_refcount); 5470 5470 + unhash_delegation_locked(dp); 5471 5471 + list_add(&dp->dl_recall_lru, victims); 5472 5472 + } 5473 5473 + ++count; 5474 5474 + /* 5475 5475 + * Despite the fact that these functions deal with 5476 5476 + * 64-bit integers for "count", we must ensure that 5477 5477 + * it doesn't blow up the clp->cl_refcount. Throw a 5478 5478 + * warning if we start to approach INT_MAX here. 5479 5479 + */ 5480 5480 + WARN_ON_ONCE(count == (INT_MAX / 2)); 5481 5481 + if (count == max) 5482 5482 + break; 5483 5483 + } 5484 5484 + spin_unlock(&state_lock); 5485 5485 + return count; 5486 5486 + } 5487 5487 + 5488 5488 + static u64 5489 5489 + nfsd_print_client_delegations(struct nfs4_client *clp) 5490 5490 + { 5491 5491 + u64 count = nfsd_find_all_delegations(clp, 0, NULL); 5492 5492 + 5493 5493 + nfsd_print_count(clp, count, "delegations"); 5494 5494 + return count; 5495 5495 + } 5496 5496 + 5497 5497 + u64 5498 5498 + nfsd_inject_print_delegations(void) 5499 5499 + { 5500 5500 + struct nfs4_client *clp; 5501 5501 + u64 count = 0; 5502 5502 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5503 5503 + nfsd_net_id); 5504 5504 + 5505 5505 + if (!nfsd_netns_ready(nn)) 5506 5506 + return 0; 5507 5507 + 5508 5508 + spin_lock(&nn->client_lock); 5509 5509 + list_for_each_entry(clp, &nn->client_lru, cl_lru) 5510 5510 + count += nfsd_print_client_delegations(clp); 5511 5511 + spin_unlock(&nn->client_lock); 5512 5512 + 5513 5513 + return count; 5514 5514 + } 5515 5515 + 5516 5516 + static void 5517 5517 + nfsd_forget_delegations(struct list_head *reaplist) 5518 5518 + { 5519 5519 + struct nfs4_client *clp; 5520 5520 + struct nfs4_delegation *dp, *next; 5521 5521 + 5522 5522 + list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 5523 5523 + list_del_init(&dp->dl_recall_lru); 5524 5524 + clp = dp->dl_stid.sc_client; 5525 5525 + revoke_delegation(dp); 5526 5526 + put_client(clp); 5527 5527 + } 5528 5528 + } 5529 5529 + 5530 5530 + u64 5531 5531 + nfsd_inject_forget_client_delegations(struct sockaddr_storage *addr, 5532 5532 + size_t addr_size) 5533 5533 + { 5534 5534 + u64 count = 0; 5535 5535 + struct nfs4_client *clp; 5536 5536 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5537 5537 + nfsd_net_id); 5538 5538 + LIST_HEAD(reaplist); 5539 5539 + 5540 5540 + if (!nfsd_netns_ready(nn)) 5541 5541 + return count; 5542 5542 + 5543 5543 + spin_lock(&nn->client_lock); 5544 5544 + clp = nfsd_find_client(addr, addr_size); 5545 5545 + if (clp) 5546 5546 + count = nfsd_find_all_delegations(clp, 0, &reaplist); 5547 5547 + spin_unlock(&nn->client_lock); 5548 5548 + 5549 5549 + nfsd_forget_delegations(&reaplist); 5550 5550 + return count; 5551 5551 + } 5552 5552 + 5553 5553 + u64 5554 5554 + nfsd_inject_forget_delegations(u64 max) 5555 5555 + { 5556 5556 + u64 count = 0; 5557 5557 + struct nfs4_client *clp; 5558 5558 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5559 5559 + nfsd_net_id); 5560 5560 + LIST_HEAD(reaplist); 5561 5561 + 5562 5562 + if (!nfsd_netns_ready(nn)) 5563 5563 + return count; 5564 5564 + 5565 5565 + spin_lock(&nn->client_lock); 5566 5566 + list_for_each_entry(clp, &nn->client_lru, cl_lru) { 5567 5567 + count += nfsd_find_all_delegations(clp, max - count, &reaplist); 5568 5568 + if (max != 0 && count >= max) 5569 5569 + break; 5570 5570 + } 5571 5571 + spin_unlock(&nn->client_lock); 5572 5572 + nfsd_forget_delegations(&reaplist); 5573 5573 + return count; 5574 5574 + } 5575 5575 + 5576 5576 + static void 5577 5577 + nfsd_recall_delegations(struct list_head *reaplist) 5578 5578 + { 5579 5579 + struct nfs4_client *clp; 5580 5580 + struct nfs4_delegation *dp, *next; 5581 5581 + 5582 5582 + list_for_each_entry_safe(dp, next, reaplist, dl_recall_lru) { 5583 5583 + list_del_init(&dp->dl_recall_lru); 5584 5584 + clp = dp->dl_stid.sc_client; 5585 5585 + /* 5586 5586 + * We skipped all entries that had a zero dl_time before, 5587 5587 + * so we can now reset the dl_time back to 0. If a delegation 5588 5588 + * break comes in now, then it won't make any difference since 5589 5589 + * we're recalling it either way. 5590 5590 + */ 5591 5591 + spin_lock(&state_lock); 5592 5592 + dp->dl_time = 0; 5593 5593 + spin_unlock(&state_lock); 5594 5594 + nfsd_break_one_deleg(dp); 5595 5595 + put_client(clp); 5596 5596 + } 5597 5597 + } 5598 5598 + 5599 5599 + u64 5600 5600 + nfsd_inject_recall_client_delegations(struct sockaddr_storage *addr, 5601 5601 + size_t addr_size) 5602 5602 + { 5603 5603 + u64 count = 0; 5604 5604 + struct nfs4_client *clp; 5605 5605 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5606 5606 + nfsd_net_id); 5607 5607 + LIST_HEAD(reaplist); 5608 5608 + 5609 5609 + if (!nfsd_netns_ready(nn)) 5610 5610 + return count; 5611 5611 + 5612 5612 + spin_lock(&nn->client_lock); 5613 5613 + clp = nfsd_find_client(addr, addr_size); 5614 5614 + if (clp) 5615 5615 + count = nfsd_find_all_delegations(clp, 0, &reaplist); 5616 5616 + spin_unlock(&nn->client_lock); 5617 5617 + 5618 5618 + nfsd_recall_delegations(&reaplist); 5619 5619 + return count; 5620 5620 + } 5621 5621 + 5622 5622 + u64 5623 5623 + nfsd_inject_recall_delegations(u64 max) 5624 5624 + { 5625 5625 + u64 count = 0; 5626 5626 + struct nfs4_client *clp, *next; 5627 5627 + struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, 5628 5628 + nfsd_net_id); 5629 5629 + LIST_HEAD(reaplist); 5630 5630 + 5631 5631 + if (!nfsd_netns_ready(nn)) 5632 5632 + return count; 5633 5633 + 5634 5634 + spin_lock(&nn->client_lock); 5635 5635 + list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) { 5636 5636 + count += nfsd_find_all_delegations(clp, max - count, &reaplist); 5637 5637 + if (max != 0 && ++count >= max) 5638 5638 + break; 5639 5639 + } 5640 5640 + spin_unlock(&nn->client_lock); 5641 5641 + nfsd_recall_delegations(&reaplist); 5642 5642 + return count; 5643 5643 + } 5678 5644 #endif /* CONFIG_NFSD_FAULT_INJECTION */ 5679 5645 5680 5646 /* ··· 6275 5113 CLIENT_HASH_SIZE, GFP_KERNEL); 6276 5114 if (!nn->unconf_id_hashtbl) 6277 5115 goto err_unconf_id; 6278 6278 - nn->ownerstr_hashtbl = kmalloc(sizeof(struct list_head) * 6279 6279 - OWNER_HASH_SIZE, GFP_KERNEL); 6280 6280 - if (!nn->ownerstr_hashtbl) 6281 6281 - goto err_ownerstr; 6282 6282 - nn->lockowner_ino_hashtbl = kmalloc(sizeof(struct list_head) * 6283 6283 - LOCKOWNER_INO_HASH_SIZE, GFP_KERNEL); 6284 6284 - if (!nn->lockowner_ino_hashtbl) 6285 6285 - goto err_lockowner_ino; 6286 5116 nn->sessionid_hashtbl = kmalloc(sizeof(struct list_head) * 6287 5117 SESSION_HASH_SIZE, GFP_KERNEL); 6288 5118 if (!nn->sessionid_hashtbl) ··· 6284 5130 INIT_LIST_HEAD(&nn->conf_id_hashtbl[i]); 6285 5131 INIT_LIST_HEAD(&nn->unconf_id_hashtbl[i]); 6286 5132 } 6287 6287 - for (i = 0; i < OWNER_HASH_SIZE; i++) 6288 6288 - INIT_LIST_HEAD(&nn->ownerstr_hashtbl[i]); 6289 6289 - for (i = 0; i < LOCKOWNER_INO_HASH_SIZE; i++) 6290 6290 - INIT_LIST_HEAD(&nn->lockowner_ino_hashtbl[i]); 6291 5133 for (i = 0; i < SESSION_HASH_SIZE; i++) 6292 5134 INIT_LIST_HEAD(&nn->sessionid_hashtbl[i]); 6293 5135 nn->conf_name_tree = RB_ROOT; ··· 6299 5149 return 0; 6300 5150 6301 5151 err_sessionid: 6302 6302 - kfree(nn->lockowner_ino_hashtbl); 6303 6303 - err_lockowner_ino: 6304 6304 - kfree(nn->ownerstr_hashtbl); 6305 6305 - err_ownerstr: 6306 5152 kfree(nn->unconf_id_hashtbl); 6307 5153 err_unconf_id: 6308 5154 kfree(nn->conf_id_hashtbl); ··· 6328 5182 } 6329 5183 6330 5184 kfree(nn->sessionid_hashtbl); 6331 6331 - kfree(nn->lockowner_ino_hashtbl); 6332 6332 - kfree(nn->ownerstr_hashtbl); 6333 5185 kfree(nn->unconf_id_hashtbl); 6334 5186 kfree(nn->conf_id_hashtbl); 6335 5187 put_net(net); ··· 6391 5247 cancel_delayed_work_sync(&nn->laundromat_work); 6392 5248 locks_end_grace(&nn->nfsd4_manager); 6393 5249 6394 6394 - nfs4_lock_state(); 6395 5250 INIT_LIST_HEAD(&reaplist); 6396 5251 spin_lock(&state_lock); 6397 5252 list_for_each_safe(pos, next, &nn->del_recall_lru) { 6398 5253 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 6399 6399 - list_move(&dp->dl_recall_lru, &reaplist); 5254 5254 + unhash_delegation_locked(dp); 5255 5255 + list_add(&dp->dl_recall_lru, &reaplist); 6400 5256 } 6401 5257 spin_unlock(&state_lock); 6402 5258 list_for_each_safe(pos, next, &reaplist) { 6403 5259 dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); 6404 6404 - destroy_delegation(dp); 5260 5260 + list_del_init(&dp->dl_recall_lru); 5261 5261 + nfs4_put_stid(&dp->dl_stid); 6405 5262 } 6406 5263 6407 5264 nfsd4_client_tracking_exit(net); 6408 5265 nfs4_state_destroy_net(net); 6409 6409 - nfs4_unlock_state(); 6410 5266 } 6411 5267 6412 5268 void

+50 -78

fs/nfsd/nfs4xdr.c

reviewed

··· 181 181 } 182 182 183 183 /** 184 184 - * defer_free - mark an allocation as deferred freed 185 185 - * @argp: NFSv4 compound argument structure to be freed with 186 186 - * @release: release callback to free @p, typically kfree() 187 187 - * @p: pointer to be freed 184 184 + * svcxdr_tmpalloc - allocate memory to be freed after compound processing 185 185 + * @argp: NFSv4 compound argument structure 186 186 + * @p: pointer to be freed (with kfree()) 188 187 * 189 188 * Marks @p to be freed when processing the compound operation 190 189 * described in @argp finishes. 191 190 */ 192 192 - static int 193 193 - defer_free(struct nfsd4_compoundargs *argp, 194 194 - void (*release)(const void *), void *p) 191 191 + static void * 192 192 + svcxdr_tmpalloc(struct nfsd4_compoundargs *argp, u32 len) 195 193 { 196 196 - struct tmpbuf *tb; 194 194 + struct svcxdr_tmpbuf *tb; 197 195 198 198 - tb = kmalloc(sizeof(*tb), GFP_KERNEL); 196 196 + tb = kmalloc(sizeof(*tb) + len, GFP_KERNEL); 199 197 if (!tb) 200 200 - return -ENOMEM; 201 201 - tb->buf = p; 202 202 - tb->release = release; 198 198 + return NULL; 203 199 tb->next = argp->to_free; 204 200 argp->to_free = tb; 205 205 - return 0; 201 201 + return tb->buf; 202 202 + } 203 203 + 204 204 + /* 205 205 + * For xdr strings that need to be passed to other kernel api's 206 206 + * as null-terminated strings. 207 207 + * 208 208 + * Note null-terminating in place usually isn't safe since the 209 209 + * buffer might end on a page boundary. 210 210 + */ 211 211 + static char * 212 212 + svcxdr_dupstr(struct nfsd4_compoundargs *argp, void *buf, u32 len) 213 213 + { 214 214 + char *p = svcxdr_tmpalloc(argp, len + 1); 215 215 + 216 216 + if (!p) 217 217 + return NULL; 218 218 + memcpy(p, buf, len); 219 219 + p[len] = '\0'; 220 220 + return p; 206 221 } 207 222 208 223 /** ··· 232 217 */ 233 218 static char *savemem(struct nfsd4_compoundargs *argp, __be32 *p, int nbytes) 234 219 { 235 235 - if (p == argp->tmp) { 236 236 - p = kmemdup(argp->tmp, nbytes, GFP_KERNEL); 237 237 - if (!p) 238 238 - return NULL; 239 239 - } else { 240 240 - BUG_ON(p != argp->tmpp); 241 241 - argp->tmpp = NULL; 242 242 - } 243 243 - if (defer_free(argp, kfree, p)) { 244 244 - kfree(p); 220 220 + void *ret; 221 221 + 222 222 + ret = svcxdr_tmpalloc(argp, nbytes); 223 223 + if (!ret) 245 224 return NULL; 246 246 - } else 247 247 - return (char *)p; 225 225 + memcpy(ret, p, nbytes); 226 226 + return ret; 248 227 } 249 228 250 229 static __be32 ··· 301 292 if (nace > NFS4_ACL_MAX) 302 293 return nfserr_fbig; 303 294 304 304 - *acl = nfs4_acl_new(nace); 295 295 + *acl = svcxdr_tmpalloc(argp, nfs4_acl_bytes(nace)); 305 296 if (*acl == NULL) 306 297 return nfserr_jukebox; 307 307 - 308 308 - defer_free(argp, kfree, *acl); 309 298 310 299 (*acl)->naces = nace; 311 300 for (ace = (*acl)->aces; ace < (*acl)->aces + nace; ace++) { ··· 425 418 return nfserr_badlabel; 426 419 len += (XDR_QUADLEN(dummy32) << 2); 427 420 READMEM(buf, dummy32); 428 428 - label->data = kzalloc(dummy32 + 1, GFP_KERNEL); 421 421 + label->len = dummy32; 422 422 + label->data = svcxdr_dupstr(argp, buf, dummy32); 429 423 if (!label->data) 430 424 return nfserr_jukebox; 431 431 - label->len = dummy32; 432 432 - defer_free(argp, kfree, label->data); 433 433 - memcpy(label->data, buf, dummy32); 434 425 } 435 426 #endif 436 427 ··· 603 598 switch (create->cr_type) { 604 599 case NF4LNK: 605 600 READ_BUF(4); 606 606 - create->cr_linklen = be32_to_cpup(p++); 607 607 - READ_BUF(create->cr_linklen); 608 608 - /* 609 609 - * The VFS will want a null-terminated string, and 610 610 - * null-terminating in place isn't safe since this might 611 611 - * end on a page boundary: 612 612 - */ 613 613 - create->cr_linkname = 614 614 - kmalloc(create->cr_linklen + 1, GFP_KERNEL); 615 615 - if (!create->cr_linkname) 601 601 + create->cr_datalen = be32_to_cpup(p++); 602 602 + READ_BUF(create->cr_datalen); 603 603 + create->cr_data = svcxdr_dupstr(argp, p, create->cr_datalen); 604 604 + if (!create->cr_data) 616 605 return nfserr_jukebox; 617 617 - memcpy(create->cr_linkname, p, create->cr_linklen); 618 618 - create->cr_linkname[create->cr_linklen] = '\0'; 619 619 - defer_free(argp, kfree, create->cr_linkname); 620 606 break; 621 607 case NF4BLK: 622 608 case NF4CHR: ··· 1477 1481 INIT_LIST_HEAD(&test_stateid->ts_stateid_list); 1478 1482 1479 1483 for (i = 0; i < test_stateid->ts_num_ids; i++) { 1480 1480 - stateid = kmalloc(sizeof(struct nfsd4_test_stateid_id), GFP_KERNEL); 1484 1484 + stateid = svcxdr_tmpalloc(argp, sizeof(*stateid)); 1481 1485 if (!stateid) { 1482 1486 status = nfserrno(-ENOMEM); 1483 1487 goto out; 1484 1488 } 1485 1489 1486 1486 - defer_free(argp, kfree, stateid); 1487 1490 INIT_LIST_HEAD(&stateid->ts_id_list); 1488 1491 list_add_tail(&stateid->ts_id_list, &test_stateid->ts_stateid_list); 1489 1492 ··· 1635 1640 goto xdr_error; 1636 1641 1637 1642 if (argp->opcnt > ARRAY_SIZE(argp->iops)) { 1638 1638 - argp->ops = kmalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL); 1643 1643 + argp->ops = kzalloc(argp->opcnt * sizeof(*argp->ops), GFP_KERNEL); 1639 1644 if (!argp->ops) { 1640 1645 argp->ops = argp->iops; 1641 1646 dprintk("nfsd: couldn't allocate room for COMPOUND\n"); ··· 3072 3077 __be32 nfserr; 3073 3078 __be32 *p = xdr->p - 2; 3074 3079 3075 3075 - /* 3076 3076 - * Don't inline pages unless we know there's room for eof, 3077 3077 - * count, and possible padding: 3078 3078 - */ 3079 3079 - if (xdr->end - xdr->p < 3) 3080 3080 + /* Make sure there will be room for padding if needed */ 3081 3081 + if (xdr->end - xdr->p < 1) 3080 3082 return nfserr_resource; 3081 3083 3082 3084 nfserr = nfsd_splice_read(read->rd_rqstp, file, ··· 3139 3147 len = maxcount; 3140 3148 v = 0; 3141 3149 3142 3142 - thislen = (void *)xdr->end - (void *)xdr->p; 3143 3143 - if (len < thislen) 3144 3144 - thislen = len; 3150 3150 + thislen = min_t(long, len, ((void *)xdr->end - (void *)xdr->p)); 3145 3151 p = xdr_reserve_space(xdr, (thislen+3)&~3); 3146 3152 WARN_ON_ONCE(!p); 3147 3153 resp->rqstp->rq_vec[v].iov_base = p; ··· 3206 3216 xdr_commit_encode(xdr); 3207 3217 3208 3218 maxcount = svc_max_payload(resp->rqstp); 3209 3209 - if (maxcount > xdr->buf->buflen - xdr->buf->len) 3210 3210 - maxcount = xdr->buf->buflen - xdr->buf->len; 3211 3211 - if (maxcount > read->rd_length) 3212 3212 - maxcount = read->rd_length; 3219 3219 + maxcount = min_t(unsigned long, maxcount, (xdr->buf->buflen - xdr->buf->len)); 3220 3220 + maxcount = min_t(unsigned long, maxcount, read->rd_length); 3213 3221 3214 3222 if (!read->rd_filp) { 3215 3223 err = nfsd_get_tmp_read_open(resp->rqstp, read->rd_fhp, ··· 3925 3937 * 3926 3938 * XDR note: do not encode rp->rp_buflen: the buffer contains the 3927 3939 * previously sent already encoded operation. 3928 3928 - * 3929 3929 - * called with nfs4_lock_state() held 3930 3940 */ 3931 3941 void 3932 3942 nfsd4_encode_replay(struct xdr_stream *xdr, struct nfsd4_op *op) ··· 3963 3977 kfree(args->tmpp); 3964 3978 args->tmpp = NULL; 3965 3979 while (args->to_free) { 3966 3966 - struct tmpbuf *tb = args->to_free; 3980 3980 + struct svcxdr_tmpbuf *tb = args->to_free; 3967 3981 args->to_free = tb->next; 3968 3968 - tb->release(tb->buf); 3969 3982 kfree(tb); 3970 3983 } 3971 3984 return 1; ··· 3997 4012 /* 3998 4013 * All that remains is to write the tag and operation count... 3999 4014 */ 4000 4000 - struct nfsd4_compound_state *cs = &resp->cstate; 4001 4015 struct xdr_buf *buf = resp->xdr.buf; 4002 4016 4003 4017 WARN_ON_ONCE(buf->len != buf->head[0].iov_len + buf->page_len + ··· 4010 4026 p += XDR_QUADLEN(resp->taglen); 4011 4027 *p++ = htonl(resp->opcnt); 4012 4028 4013 4013 - if (nfsd4_has_session(cs)) { 4014 4014 - struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id); 4015 4015 - struct nfs4_client *clp = cs->session->se_client; 4016 4016 - if (cs->status != nfserr_replay_cache) { 4017 4017 - nfsd4_store_cache_entry(resp); 4018 4018 - cs->slot->sl_flags &= ~NFSD4_SLOT_INUSE; 4019 4019 - } 4020 4020 - /* Renew the clientid on success and on replay */ 4021 4021 - spin_lock(&nn->client_lock); 4022 4022 - nfsd4_put_session(cs->session); 4023 4023 - spin_unlock(&nn->client_lock); 4024 4024 - put_client_renew(clp); 4025 4025 - } 4029 4029 + nfsd4_sequence_done(resp); 4026 4030 return 1; 4027 4031 } 4028 4032

+11 -2

fs/nfsd/nfscache.c

reviewed

··· 221 221 hash_refile(struct svc_cacherep *rp) 222 222 { 223 223 hlist_del_init(&rp->c_hash); 224 224 - hlist_add_head(&rp->c_hash, cache_hash + hash_32(rp->c_xid, maskbits)); 224 224 + /* 225 225 + * No point in byte swapping c_xid since we're just using it to pick 226 226 + * a hash bucket. 227 227 + */ 228 228 + hlist_add_head(&rp->c_hash, cache_hash + 229 229 + hash_32((__force u32)rp->c_xid, maskbits)); 225 230 } 226 231 227 232 /* ··· 361 356 struct hlist_head *rh; 362 357 unsigned int entries = 0; 363 358 364 364 - rh = &cache_hash[hash_32(rqstp->rq_xid, maskbits)]; 359 359 + /* 360 360 + * No point in byte swapping rq_xid since we're just using it to pick 361 361 + * a hash bucket. 362 362 + */ 363 363 + rh = &cache_hash[hash_32((__force u32)rqstp->rq_xid, maskbits)]; 365 364 hlist_for_each_entry(rp, rh, c_hash) { 366 365 ++entries; 367 366 if (nfsd_cache_match(rqstp, csum, rp)) {

+45 -6

fs/nfsd/nfsctl.c

reviewed

··· 39 39 NFSD_Versions, 40 40 NFSD_Ports, 41 41 NFSD_MaxBlkSize, 42 42 + NFSD_MaxConnections, 42 43 NFSD_SupportedEnctypes, 43 44 /* 44 45 * The below MUST come last. Otherwise we leave a hole in nfsd_files[] ··· 63 62 static ssize_t write_versions(struct file *file, char *buf, size_t size); 64 63 static ssize_t write_ports(struct file *file, char *buf, size_t size); 65 64 static ssize_t write_maxblksize(struct file *file, char *buf, size_t size); 65 65 + static ssize_t write_maxconn(struct file *file, char *buf, size_t size); 66 66 #ifdef CONFIG_NFSD_V4 67 67 static ssize_t write_leasetime(struct file *file, char *buf, size_t size); 68 68 static ssize_t write_gracetime(struct file *file, char *buf, size_t size); ··· 79 77 [NFSD_Versions] = write_versions, 80 78 [NFSD_Ports] = write_ports, 81 79 [NFSD_MaxBlkSize] = write_maxblksize, 80 80 + [NFSD_MaxConnections] = write_maxconn, 82 81 #ifdef CONFIG_NFSD_V4 83 82 [NFSD_Leasetime] = write_leasetime, 84 83 [NFSD_Gracetime] = write_gracetime, ··· 372 369 373 370 if (maxsize < NFS_FHSIZE) 374 371 return -EINVAL; 375 375 - if (maxsize > NFS3_FHSIZE) 376 376 - maxsize = NFS3_FHSIZE; 372 372 + maxsize = min(maxsize, NFS3_FHSIZE); 377 373 378 374 if (qword_get(&mesg, mesg, size)>0) 379 375 return -EINVAL; ··· 873 871 /* force bsize into allowed range and 874 872 * required alignment. 875 873 */ 876 876 - if (bsize < 1024) 877 877 - bsize = 1024; 878 878 - if (bsize > NFSSVC_MAXBLKSIZE) 879 879 - bsize = NFSSVC_MAXBLKSIZE; 874 874 + bsize = max_t(int, bsize, 1024); 875 875 + bsize = min_t(int, bsize, NFSSVC_MAXBLKSIZE); 880 876 bsize &= ~(1024-1); 881 877 mutex_lock(&nfsd_mutex); 882 878 if (nn->nfsd_serv) { ··· 887 887 888 888 return scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, "%d\n", 889 889 nfsd_max_blksize); 890 890 + } 891 891 + 892 892 + /** 893 893 + * write_maxconn - Set or report the current max number of connections 894 894 + * 895 895 + * Input: 896 896 + * buf: ignored 897 897 + * size: zero 898 898 + * OR 899 899 + * 900 900 + * Input: 901 901 + * buf: C string containing an unsigned 902 902 + * integer value representing the new 903 903 + * number of max connections 904 904 + * size: non-zero length of C string in @buf 905 905 + * Output: 906 906 + * On success: passed-in buffer filled with '\n'-terminated C string 907 907 + * containing numeric value of max_connections setting 908 908 + * for this net namespace; 909 909 + * return code is the size in bytes of the string 910 910 + * On error: return code is zero or a negative errno value 911 911 + */ 912 912 + static ssize_t write_maxconn(struct file *file, char *buf, size_t size) 913 913 + { 914 914 + char *mesg = buf; 915 915 + struct net *net = file->f_dentry->d_sb->s_fs_info; 916 916 + struct nfsd_net *nn = net_generic(net, nfsd_net_id); 917 917 + unsigned int maxconn = nn->max_connections; 918 918 + 919 919 + if (size > 0) { 920 920 + int rv = get_uint(&mesg, &maxconn); 921 921 + 922 922 + if (rv) 923 923 + return rv; 924 924 + nn->max_connections = maxconn; 925 925 + } 926 926 + 927 927 + return scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, "%u\n", maxconn); 890 928 } 891 929 892 930 #ifdef CONFIG_NFSD_V4 ··· 1102 1064 [NFSD_Versions] = {"versions", &transaction_ops, S_IWUSR|S_IRUSR}, 1103 1065 [NFSD_Ports] = {"portlist", &transaction_ops, S_IWUSR|S_IRUGO}, 1104 1066 [NFSD_MaxBlkSize] = {"max_block_size", &transaction_ops, S_IWUSR|S_IRUGO}, 1067 1067 + [NFSD_MaxConnections] = {"max_connections", &transaction_ops, S_IWUSR|S_IRUGO}, 1105 1068 #if defined(CONFIG_SUNRPC_GSS) || defined(CONFIG_SUNRPC_GSS_MODULE) 1106 1069 [NFSD_SupportedEnctypes] = {"supported_krb5_enctypes", &supported_enctypes_ops, S_IRUGO}, 1107 1070 #endif /* CONFIG_SUNRPC_GSS or CONFIG_SUNRPC_GSS_MODULE */

+9 -3

fs/nfsd/nfsfh.c

reviewed

··· 162 162 /* deprecated, convert to type 3 */ 163 163 len = key_len(FSID_ENCODE_DEV)/4; 164 164 fh->fh_fsid_type = FSID_ENCODE_DEV; 165 165 - fh->fh_fsid[0] = new_encode_dev(MKDEV(ntohl(fh->fh_fsid[0]), ntohl(fh->fh_fsid[1]))); 165 165 + /* 166 166 + * struct knfsd_fh uses host-endian fields, which are 167 167 + * sometimes used to hold net-endian values. This 168 168 + * confuses sparse, so we must use __force here to 169 169 + * keep it from complaining. 170 170 + */ 171 171 + fh->fh_fsid[0] = new_encode_dev(MKDEV(ntohl((__force __be32)fh->fh_fsid[0]), 172 172 + ntohl((__force __be32)fh->fh_fsid[1]))); 166 173 fh->fh_fsid[1] = fh->fh_fsid[2]; 167 174 } 168 175 data_left -= len; ··· 546 539 dentry); 547 540 548 541 fhp->fh_dentry = dget(dentry); /* our internal copy */ 549 549 - fhp->fh_export = exp; 550 550 - cache_get(&exp->h); 542 542 + fhp->fh_export = exp_get(exp); 551 543 552 544 if (fhp->fh_handle.fh_version == 0xca) { 553 545 /* old style filehandle please */

+11 -4

fs/nfsd/nfsfh.h

reviewed

··· 73 73 extern enum fsid_source fsid_source(struct svc_fh *fhp); 74 74 75 75 76 76 - /* This might look a little large to "inline" but in all calls except 76 76 + /* 77 77 + * This might look a little large to "inline" but in all calls except 77 78 * one, 'vers' is constant so moste of the function disappears. 79 79 + * 80 80 + * In some cases the values are considered to be host endian and in 81 81 + * others, net endian. fsidv is always considered to be u32 as the 82 82 + * callers don't know which it will be. So we must use __force to keep 83 83 + * sparse from complaining. Since these values are opaque to the 84 84 + * client, that shouldn't be a problem. 78 85 */ 79 86 static inline void mk_fsid(int vers, u32 *fsidv, dev_t dev, ino_t ino, 80 87 u32 fsid, unsigned char *uuid) ··· 89 82 u32 *up; 90 83 switch(vers) { 91 84 case FSID_DEV: 92 92 - fsidv[0] = htonl((MAJOR(dev)<<16) | 85 85 + fsidv[0] = (__force __u32)htonl((MAJOR(dev)<<16) | 93 86 MINOR(dev)); 94 87 fsidv[1] = ino_t_to_u32(ino); 95 88 break; ··· 97 90 fsidv[0] = fsid; 98 91 break; 99 92 case FSID_MAJOR_MINOR: 100 100 - fsidv[0] = htonl(MAJOR(dev)); 101 101 - fsidv[1] = htonl(MINOR(dev)); 93 93 + fsidv[0] = (__force __u32)htonl(MAJOR(dev)); 94 94 + fsidv[1] = (__force __u32)htonl(MINOR(dev)); 102 95 fsidv[2] = ino_t_to_u32(ino); 103 96 break; 104 97

+8 -5

fs/nfsd/nfsproc.c

reviewed

··· 403 403 404 404 fh_init(&newfh, NFS_FHSIZE); 405 405 /* 406 406 - * Create the link, look up new file and set attrs. 406 406 + * Crazy hack: the request fits in a page, and already-decoded 407 407 + * attributes follow argp->tname, so it's safe to just write a 408 408 + * null to ensure it's null-terminated: 407 409 */ 410 410 + argp->tname[argp->tlen] = '\0'; 408 411 nfserr = nfsd_symlink(rqstp, &argp->ffh, argp->fname, argp->flen, 409 409 - argp->tname, argp->tlen, 410 410 - &newfh, &argp->attrs); 411 411 - 412 412 + argp->tname, &newfh); 412 413 413 414 fh_put(&argp->ffh); 414 415 fh_put(&newfh); ··· 717 716 { nfserr_noent, -ENOENT }, 718 717 { nfserr_io, -EIO }, 719 718 { nfserr_nxio, -ENXIO }, 719 719 + { nfserr_fbig, -E2BIG }, 720 720 { nfserr_acces, -EACCES }, 721 721 { nfserr_exist, -EEXIST }, 722 722 { nfserr_xdev, -EXDEV }, ··· 745 743 { nfserr_notsupp, -EOPNOTSUPP }, 746 744 { nfserr_toosmall, -ETOOSMALL }, 747 745 { nfserr_serverfault, -ESERVERFAULT }, 746 746 + { nfserr_serverfault, -ENFILE }, 748 747 }; 749 748 int i; 750 749 ··· 753 750 if (nfs_errtbl[i].syserr == errno) 754 751 return nfs_errtbl[i].nfserr; 755 752 } 756 756 - printk (KERN_INFO "nfsd: non-standard errno: %d\n", errno); 753 753 + WARN(1, "nfsd: non-standard errno: %d\n", errno); 757 754 return nfserr_io; 758 755 } 759 756

+14 -7

fs/nfsd/nfssvc.c

reviewed

··· 221 221 */ 222 222 ret = nfsd_racache_init(2*nrservs); 223 223 if (ret) 224 224 - return ret; 224 224 + goto dec_users; 225 225 + 225 226 ret = nfs4_state_start(); 226 227 if (ret) 227 228 goto out_racache; ··· 230 229 231 230 out_racache: 232 231 nfsd_racache_shutdown(); 232 232 + dec_users: 233 233 + nfsd_users--; 233 234 return ret; 234 235 } 235 236 ··· 408 405 if (nn->nfsd_serv == NULL) 409 406 return -ENOMEM; 410 407 408 408 + nn->nfsd_serv->sv_maxconn = nn->max_connections; 411 409 error = svc_bind(nn->nfsd_serv, net); 412 410 if (error < 0) { 413 411 svc_destroy(nn->nfsd_serv); ··· 473 469 /* enforce a global maximum number of threads */ 474 470 tot = 0; 475 471 for (i = 0; i < n; i++) { 476 476 - if (nthreads[i] > NFSD_MAXSERVS) 477 477 - nthreads[i] = NFSD_MAXSERVS; 472 472 + nthreads[i] = min(nthreads[i], NFSD_MAXSERVS); 478 473 tot += nthreads[i]; 479 474 } 480 475 if (tot > NFSD_MAXSERVS) { ··· 522 519 523 520 mutex_lock(&nfsd_mutex); 524 521 dprintk("nfsd: creating service\n"); 525 525 - if (nrservs <= 0) 526 526 - nrservs = 0; 527 527 - if (nrservs > NFSD_MAXSERVS) 528 528 - nrservs = NFSD_MAXSERVS; 522 522 + 523 523 + nrservs = max(nrservs, 0); 524 524 + nrservs = min(nrservs, NFSD_MAXSERVS); 529 525 error = 0; 526 526 + 530 527 if (nrservs == 0 && nn->nfsd_serv == NULL) 531 528 goto out; 532 529 ··· 567 564 struct svc_rqst *rqstp = (struct svc_rqst *) vrqstp; 568 565 struct svc_xprt *perm_sock = list_entry(rqstp->rq_server->sv_permsocks.next, typeof(struct svc_xprt), xpt_list); 569 566 struct net *net = perm_sock->xpt_net; 567 567 + struct nfsd_net *nn = net_generic(net, nfsd_net_id); 570 568 int err; 571 569 572 570 /* Lock module and set up kernel thread */ ··· 601 597 * The main request loop 602 598 */ 603 599 for (;;) { 600 600 + /* Update sv_maxconn if it has changed */ 601 601 + rqstp->rq_server->sv_maxconn = nn->max_connections; 602 602 + 604 603 /* 605 604 * Find a socket with data available and call its 606 605 * recvfrom routine.

+6 -8

fs/nfsd/nfsxdr.c

reviewed

··· 257 257 len = args->count = ntohl(*p++); 258 258 p++; /* totalcount - unused */ 259 259 260 260 - if (len > NFSSVC_MAXBLKSIZE_V2) 261 261 - len = NFSSVC_MAXBLKSIZE_V2; 260 260 + len = min_t(unsigned int, len, NFSSVC_MAXBLKSIZE_V2); 262 261 263 262 /* set up somewhere to store response. 264 263 * We take pages, put them on reslist and include in iovec ··· 267 268 struct page *p = *(rqstp->rq_next_page++); 268 269 269 270 rqstp->rq_vec[v].iov_base = page_address(p); 270 270 - rqstp->rq_vec[v].iov_len = len < PAGE_SIZE?len:PAGE_SIZE; 271 271 + rqstp->rq_vec[v].iov_len = min_t(unsigned int, len, PAGE_SIZE); 271 272 len -= rqstp->rq_vec[v].iov_len; 272 273 v++; 273 274 } ··· 399 400 return 0; 400 401 args->cookie = ntohl(*p++); 401 402 args->count = ntohl(*p++); 402 402 - if (args->count > PAGE_SIZE) 403 403 - args->count = PAGE_SIZE; 404 404 - 403 403 + args->count = min_t(u32, args->count, PAGE_SIZE); 405 404 args->buffer = page_address(*(rqstp->rq_next_page++)); 406 405 407 406 return xdr_argsize_check(rqstp, p); ··· 513 516 } 514 517 if (cd->offset) 515 518 *cd->offset = htonl(offset); 516 516 - if (namlen > NFS2_MAXNAMLEN) 517 517 - namlen = NFS2_MAXNAMLEN;/* truncate filename */ 518 519 520 520 + /* truncate filename */ 521 521 + namlen = min(namlen, NFS2_MAXNAMLEN); 519 522 slen = XDR_QUADLEN(namlen); 523 523 + 520 524 if ((buflen = cd->buflen - slen - 4) < 0) { 521 525 cd->common.err = nfserr_toosmall; 522 526 return -EINVAL;

+146 -74

fs/nfsd/state.h

reviewed

··· 72 72 bool cb_done; 73 73 }; 74 74 75 75 + /* 76 76 + * A core object that represents a "common" stateid. These are generally 77 77 + * embedded within the different (more specific) stateid objects and contain 78 78 + * fields that are of general use to any stateid. 79 79 + */ 75 80 struct nfs4_stid { 81 81 + atomic_t sc_count; 76 82 #define NFS4_OPEN_STID 1 77 83 #define NFS4_LOCK_STID 2 78 84 #define NFS4_DELEG_STID 4 ··· 86 80 #define NFS4_CLOSED_STID 8 87 81 /* For a deleg stateid kept around only to process free_stateid's: */ 88 82 #define NFS4_REVOKED_DELEG_STID 16 83 83 + #define NFS4_CLOSED_DELEG_STID 32 89 84 unsigned char sc_type; 90 85 stateid_t sc_stateid; 91 86 struct nfs4_client *sc_client; 87 87 + struct nfs4_file *sc_file; 88 88 + void (*sc_free)(struct nfs4_stid *); 92 89 }; 93 90 91 91 + /* 92 92 + * Represents a delegation stateid. The nfs4_client holds references to these 93 93 + * and they are put when it is being destroyed or when the delegation is 94 94 + * returned by the client: 95 95 + * 96 96 + * o 1 reference as long as a delegation is still in force (taken when it's 97 97 + * alloc'd, put when it's returned or revoked) 98 98 + * 99 99 + * o 1 reference as long as a recall rpc is in progress (taken when the lease 100 100 + * is broken, put when the rpc exits) 101 101 + * 102 102 + * o 1 more ephemeral reference for each nfsd thread currently doing something 103 103 + * with that delegation without holding the cl_lock 104 104 + * 105 105 + * If the server attempts to recall a delegation and the client doesn't do so 106 106 + * before a timeout, the server may also revoke the delegation. In that case, 107 107 + * the object will either be destroyed (v4.0) or moved to a per-client list of 108 108 + * revoked delegations (v4.1+). 109 109 + * 110 110 + * This object is a superset of the nfs4_stid. 111 111 + */ 94 112 struct nfs4_delegation { 95 113 struct nfs4_stid dl_stid; /* must be first field */ 96 114 struct list_head dl_perfile; 97 115 struct list_head dl_perclnt; 98 116 struct list_head dl_recall_lru; /* delegation recalled */ 99 99 - atomic_t dl_count; /* ref count */ 100 100 - struct nfs4_file *dl_file; 101 117 u32 dl_type; 102 118 time_t dl_time; 103 119 /* For recall: */ 104 104 - struct knfsd_fh dl_fh; 105 120 int dl_retries; 106 121 struct nfsd4_callback dl_recall; 107 122 }; ··· 221 194 unsigned char cn_flags; 222 195 }; 223 196 197 197 + /* 198 198 + * Representation of a v4.1+ session. These are refcounted in a similar fashion 199 199 + * to the nfs4_client. References are only taken when the server is actively 200 200 + * working on the object (primarily during the processing of compounds). 201 201 + */ 224 202 struct nfsd4_session { 225 203 atomic_t se_ref; 226 204 struct list_head se_hash; /* hash by sessionid */ ··· 244 212 struct nfsd4_slot *se_slots[]; /* forward channel slots */ 245 213 }; 246 214 247 247 - extern void nfsd4_put_session(struct nfsd4_session *ses); 248 248 - 249 215 /* formatted contents of nfs4_sessionid */ 250 216 struct nfsd4_sessionid { 251 217 clientid_t clientid; ··· 255 225 256 226 /* 257 227 * struct nfs4_client - one per client. Clientids live here. 258 258 - * o Each nfs4_client is hashed by clientid. 259 228 * 260 260 - * o Each nfs4_clients is also hashed by name 261 261 - * (the opaque quantity initially sent by the client to identify itself). 229 229 + * The initial object created by an NFS client using SETCLIENTID (for NFSv4.0) 230 230 + * or EXCHANGE_ID (for NFSv4.1+). These objects are refcounted and timestamped. 231 231 + * Each nfsd_net_ns object contains a set of these and they are tracked via 232 232 + * short and long form clientid. They are hashed and searched for under the 233 233 + * per-nfsd_net client_lock spinlock. 234 234 + * 235 235 + * References to it are only held during the processing of compounds, and in 236 236 + * certain other operations. In their "resting state" they have a refcount of 237 237 + * 0. If they are not renewed within a lease period, they become eligible for 238 238 + * destruction by the laundromat. 239 239 + * 240 240 + * These objects can also be destroyed prematurely by the fault injection code, 241 241 + * or if the client sends certain forms of SETCLIENTID or EXCHANGE_ID updates. 242 242 + * Care is taken *not* to do this however when the objects have an elevated 243 243 + * refcount. 244 244 + * 245 245 + * o Each nfs4_client is hashed by clientid 246 246 + * 247 247 + * o Each nfs4_clients is also hashed by name (the opaque quantity initially 248 248 + * sent by the client to identify itself). 262 249 * 263 263 - * o cl_perclient list is used to ensure no dangling stateowner references 264 264 - * when we expire the nfs4_client 250 250 + * o cl_perclient list is used to ensure no dangling stateowner references 251 251 + * when we expire the nfs4_client 265 252 */ 266 253 struct nfs4_client { 267 254 struct list_head cl_idhash; /* hash by cl_clientid.id */ 268 255 struct rb_node cl_namenode; /* link into by-name trees */ 256 256 + struct list_head *cl_ownerstr_hashtbl; 269 257 struct list_head cl_openowners; 270 258 struct idr cl_stateids; /* stateid lookup */ 271 259 struct list_head cl_delegations; ··· 377 329 unsigned int rp_buflen; 378 330 char *rp_buf; 379 331 struct knfsd_fh rp_openfh; 332 332 + struct mutex rp_mutex; 380 333 char rp_ibuf[NFSD4_REPLAY_ISIZE]; 381 334 }; 382 335 383 383 - struct nfs4_stateowner { 384 384 - struct list_head so_strhash; /* hash by op_name */ 385 385 - struct list_head so_stateids; 386 386 - struct nfs4_client * so_client; 387 387 - /* after increment in ENCODE_SEQID_OP_TAIL, represents the next 388 388 - * sequence id expected from the client: */ 389 389 - u32 so_seqid; 390 390 - struct xdr_netobj so_owner; /* open owner name */ 391 391 - struct nfs4_replay so_replay; 392 392 - bool so_is_open_owner; 336 336 + struct nfs4_stateowner; 337 337 + 338 338 + struct nfs4_stateowner_operations { 339 339 + void (*so_unhash)(struct nfs4_stateowner *); 340 340 + void (*so_free)(struct nfs4_stateowner *); 393 341 }; 394 342 343 343 + /* 344 344 + * A core object that represents either an open or lock owner. The object and 345 345 + * lock owner objects have one of these embedded within them. Refcounts and 346 346 + * other fields common to both owner types are contained within these 347 347 + * structures. 348 348 + */ 349 349 + struct nfs4_stateowner { 350 350 + struct list_head so_strhash; 351 351 + struct list_head so_stateids; 352 352 + struct nfs4_client *so_client; 353 353 + const struct nfs4_stateowner_operations *so_ops; 354 354 + /* after increment in nfsd4_bump_seqid, represents the next 355 355 + * sequence id expected from the client: */ 356 356 + atomic_t so_count; 357 357 + u32 so_seqid; 358 358 + struct xdr_netobj so_owner; /* open owner name */ 359 359 + struct nfs4_replay so_replay; 360 360 + bool so_is_open_owner; 361 361 + }; 362 362 + 363 363 + /* 364 364 + * When a file is opened, the client provides an open state owner opaque string 365 365 + * that indicates the "owner" of that open. These objects are refcounted. 366 366 + * References to it are held by each open state associated with it. This object 367 367 + * is a superset of the nfs4_stateowner struct. 368 368 + */ 395 369 struct nfs4_openowner { 396 370 struct nfs4_stateowner oo_owner; /* must be first field */ 397 371 struct list_head oo_perclient; ··· 428 358 struct nfs4_ol_stateid *oo_last_closed_stid; 429 359 time_t oo_time; /* time of placement on so_close_lru */ 430 360 #define NFS4_OO_CONFIRMED 1 431 431 - #define NFS4_OO_NEW 4 432 361 unsigned char oo_flags; 433 362 }; 434 363 364 364 + /* 365 365 + * Represents a generic "lockowner". Similar to an openowner. References to it 366 366 + * are held by the lock stateids that are created on its behalf. This object is 367 367 + * a superset of the nfs4_stateowner struct (or would be if it needed any extra 368 368 + * fields). 369 369 + */ 435 370 struct nfs4_lockowner { 436 371 struct nfs4_stateowner lo_owner; /* must be first element */ 437 437 - struct list_head lo_owner_ino_hash; /* hash by owner,file */ 438 438 - struct list_head lo_perstateid; 439 439 - struct list_head lo_list; /* for temporary uses */ 440 372 }; 441 373 442 374 static inline struct nfs4_openowner * openowner(struct nfs4_stateowner *so) ··· 451 379 return container_of(so, struct nfs4_lockowner, lo_owner); 452 380 } 453 381 454 454 - /* nfs4_file: a file opened by some number of (open) nfs4_stateowners. */ 382 382 + /* 383 383 + * nfs4_file: a file opened by some number of (open) nfs4_stateowners. 384 384 + * 385 385 + * These objects are global. nfsd only keeps one instance of a nfs4_file per 386 386 + * inode (though it may keep multiple file descriptors open per inode). These 387 387 + * are tracked in the file_hashtbl which is protected by the state_lock 388 388 + * spinlock. 389 389 + */ 455 390 struct nfs4_file { 456 391 atomic_t fi_ref; 392 392 + spinlock_t fi_lock; 457 393 struct hlist_node fi_hash; /* hash by "struct inode *" */ 458 394 struct list_head fi_stateids; 459 395 struct list_head fi_delegations; ··· 475 395 * + 1 to both of the above if NFS4_SHARE_ACCESS_BOTH is set. 476 396 */ 477 397 atomic_t fi_access[2]; 398 398 + u32 fi_share_deny; 478 399 struct file *fi_deleg_file; 479 400 struct file_lock *fi_lease; 480 401 atomic_t fi_delegees; 481 481 - struct inode *fi_inode; 402 402 + struct knfsd_fh fi_fhandle; 482 403 bool fi_had_conflict; 483 404 }; 484 405 485 485 - /* XXX: for first cut may fall back on returning file that doesn't work 486 486 - * at all? */ 487 487 - static inline struct file *find_writeable_file(struct nfs4_file *f) 488 488 - { 489 489 - if (f->fi_fds[O_WRONLY]) 490 490 - return f->fi_fds[O_WRONLY]; 491 491 - return f->fi_fds[O_RDWR]; 492 492 - } 493 493 - 494 494 - static inline struct file *find_readable_file(struct nfs4_file *f) 495 495 - { 496 496 - if (f->fi_fds[O_RDONLY]) 497 497 - return f->fi_fds[O_RDONLY]; 498 498 - return f->fi_fds[O_RDWR]; 499 499 - } 500 500 - 501 501 - static inline struct file *find_any_file(struct nfs4_file *f) 502 502 - { 503 503 - if (f->fi_fds[O_RDWR]) 504 504 - return f->fi_fds[O_RDWR]; 505 505 - else if (f->fi_fds[O_WRONLY]) 506 506 - return f->fi_fds[O_WRONLY]; 507 507 - else 508 508 - return f->fi_fds[O_RDONLY]; 509 509 - } 510 510 - 511 511 - /* "ol" stands for "Open or Lock". Better suggestions welcome. */ 406 406 + /* 407 407 + * A generic struct representing either a open or lock stateid. The nfs4_client 408 408 + * holds a reference to each of these objects, and they in turn hold a 409 409 + * reference to their respective stateowners. The client's reference is 410 410 + * released in response to a close or unlock (depending on whether it's an open 411 411 + * or lock stateid) or when the client is being destroyed. 412 412 + * 413 413 + * In the case of v4.0 open stateids, these objects are preserved for a little 414 414 + * while after close in order to handle CLOSE replays. Those are eventually 415 415 + * reclaimed via a LRU scheme by the laundromat. 416 416 + * 417 417 + * This object is a superset of the nfs4_stid. "ol" stands for "Open or Lock". 418 418 + * Better suggestions welcome. 419 419 + */ 512 420 struct nfs4_ol_stateid { 513 421 struct nfs4_stid st_stid; /* must be first field */ 514 422 struct list_head st_perfile; 515 423 struct list_head st_perstateowner; 516 516 - struct list_head st_lockowners; 424 424 + struct list_head st_locks; 517 425 struct nfs4_stateowner * st_stateowner; 518 518 - struct nfs4_file * st_file; 519 519 - unsigned long st_access_bmap; 520 520 - unsigned long st_deny_bmap; 426 426 + unsigned char st_access_bmap; 427 427 + unsigned char st_deny_bmap; 521 428 struct nfs4_ol_stateid * st_openstp; 522 429 }; 523 430 ··· 523 456 extern __be32 nfs4_preprocess_stateid_op(struct net *net, 524 457 struct nfsd4_compound_state *cstate, 525 458 stateid_t *stateid, int flags, struct file **filp); 526 526 - extern void nfs4_lock_state(void); 527 527 - extern void nfs4_unlock_state(void); 459 459 + void nfs4_put_stid(struct nfs4_stid *s); 528 460 void nfs4_remove_reclaim_record(struct nfs4_client_reclaim *, struct nfsd_net *); 529 461 extern void nfs4_release_reclaim(struct nfsd_net *); 530 462 extern struct nfs4_client_reclaim *nfsd4_find_reclaim_client(const char *recdir, 531 463 struct nfsd_net *nn); 532 532 - extern __be32 nfs4_check_open_reclaim(clientid_t *clid, bool sessions, struct nfsd_net *nn); 464 464 + extern __be32 nfs4_check_open_reclaim(clientid_t *clid, 465 465 + struct nfsd4_compound_state *cstate, struct nfsd_net *nn); 533 466 extern int set_callback_cred(void); 534 534 - extern void nfsd4_init_callback(struct nfsd4_callback *); 467 467 + void nfsd4_run_cb_null(struct work_struct *w); 468 468 + void nfsd4_run_cb_recall(struct work_struct *w); 535 469 extern void nfsd4_probe_callback(struct nfs4_client *clp); 536 470 extern void nfsd4_probe_callback_sync(struct nfs4_client *clp); 537 471 extern void nfsd4_change_callback(struct nfs4_client *clp, struct nfs4_cb_conn *); ··· 540 472 extern int nfsd4_create_callback_queue(void); 541 473 extern void nfsd4_destroy_callback_queue(void); 542 474 extern void nfsd4_shutdown_callback(struct nfs4_client *); 543 543 - extern void nfs4_put_delegation(struct nfs4_delegation *dp); 475 475 + extern void nfsd4_prepare_cb_recall(struct nfs4_delegation *dp); 544 476 extern struct nfs4_client_reclaim *nfs4_client_to_reclaim(const char *name, 545 477 struct nfsd_net *nn); 546 478 extern bool nfs4_has_reclaimed_state(const char *name, struct nfsd_net *nn); 547 547 - extern void put_client_renew(struct nfs4_client *clp); 548 479 549 480 /* nfs4recover operations */ 550 481 extern int nfsd4_client_tracking_init(struct net *net); ··· 557 490 #ifdef CONFIG_NFSD_FAULT_INJECTION 558 491 int nfsd_fault_inject_init(void); 559 492 void nfsd_fault_inject_cleanup(void); 560 560 - u64 nfsd_for_n_state(u64, u64 (*)(struct nfs4_client *, u64)); 561 561 - struct nfs4_client *nfsd_find_client(struct sockaddr_storage *, size_t); 562 493 563 563 - u64 nfsd_forget_client(struct nfs4_client *, u64); 564 564 - u64 nfsd_forget_client_locks(struct nfs4_client*, u64); 565 565 - u64 nfsd_forget_client_openowners(struct nfs4_client *, u64); 566 566 - u64 nfsd_forget_client_delegations(struct nfs4_client *, u64); 567 567 - u64 nfsd_recall_client_delegations(struct nfs4_client *, u64); 494 494 + u64 nfsd_inject_print_clients(void); 495 495 + u64 nfsd_inject_forget_client(struct sockaddr_storage *, size_t); 496 496 + u64 nfsd_inject_forget_clients(u64); 568 497 569 569 - u64 nfsd_print_client(struct nfs4_client *, u64); 570 570 - u64 nfsd_print_client_locks(struct nfs4_client *, u64); 571 571 - u64 nfsd_print_client_openowners(struct nfs4_client *, u64); 572 572 - u64 nfsd_print_client_delegations(struct nfs4_client *, u64); 498 498 + u64 nfsd_inject_print_locks(void); 499 499 + u64 nfsd_inject_forget_client_locks(struct sockaddr_storage *, size_t); 500 500 + u64 nfsd_inject_forget_locks(u64); 501 501 + 502 502 + u64 nfsd_inject_print_openowners(void); 503 503 + u64 nfsd_inject_forget_client_openowners(struct sockaddr_storage *, size_t); 504 504 + u64 nfsd_inject_forget_openowners(u64); 505 505 + 506 506 + u64 nfsd_inject_print_delegations(void); 507 507 + u64 nfsd_inject_forget_client_delegations(struct sockaddr_storage *, size_t); 508 508 + u64 nfsd_inject_forget_delegations(u64); 509 509 + u64 nfsd_inject_recall_client_delegations(struct sockaddr_storage *, size_t); 510 510 + u64 nfsd_inject_recall_delegations(u64); 573 511 #else /* CONFIG_NFSD_FAULT_INJECTION */ 574 512 static inline int nfsd_fault_inject_init(void) { return 0; } 575 513 static inline void nfsd_fault_inject_cleanup(void) {}

+19 -29

fs/nfsd/vfs.c

reviewed

··· 189 189 dprintk("nfsd: nfsd_lookup(fh %s, %.*s)\n", SVCFH_fmt(fhp), len,name); 190 190 191 191 dparent = fhp->fh_dentry; 192 192 - exp = fhp->fh_export; 193 193 - exp_get(exp); 192 192 + exp = exp_get(fhp->fh_export); 194 193 195 194 /* Lookup the name, but don't follow links */ 196 195 if (isdotent(name, len)) { ··· 463 464 if (size_change) 464 465 put_write_access(inode); 465 466 if (!err) 466 466 - commit_metadata(fhp); 467 467 + err = nfserrno(commit_metadata(fhp)); 467 468 out: 468 469 return err; 469 470 } ··· 819 820 return __splice_from_pipe(pipe, sd, nfsd_splice_actor); 820 821 } 821 822 822 822 - __be32 nfsd_finish_read(struct file *file, unsigned long *count, int host_err) 823 823 + static __be32 824 824 + nfsd_finish_read(struct file *file, unsigned long *count, int host_err) 823 825 { 824 826 if (host_err >= 0) { 825 827 nfsdstats.io_read += host_err; ··· 831 831 return nfserrno(host_err); 832 832 } 833 833 834 834 - int nfsd_splice_read(struct svc_rqst *rqstp, 834 834 + __be32 nfsd_splice_read(struct svc_rqst *rqstp, 835 835 struct file *file, loff_t offset, unsigned long *count) 836 836 { 837 837 struct splice_desc sd = { ··· 847 847 return nfsd_finish_read(file, count, host_err); 848 848 } 849 849 850 850 - int nfsd_readv(struct file *file, loff_t offset, struct kvec *vec, int vlen, 850 850 + __be32 nfsd_readv(struct file *file, loff_t offset, struct kvec *vec, int vlen, 851 851 unsigned long *count) 852 852 { 853 853 mm_segment_t oldfs; ··· 1121 1121 iap->ia_valid &= ~(ATTR_UID|ATTR_GID); 1122 1122 if (iap->ia_valid) 1123 1123 return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0); 1124 1124 - return 0; 1124 1124 + /* Callers expect file metadata to be committed here */ 1125 1125 + return nfserrno(commit_metadata(resfhp)); 1125 1126 } 1126 1127 1127 1128 /* HPUX client sometimes creates a file in mode 000, and sets size to 0. ··· 1254 1253 err = nfsd_create_setattr(rqstp, resfhp, iap); 1255 1254 1256 1255 /* 1257 1257 - * nfsd_setattr already committed the child. Transactional filesystems 1258 1258 - * had a chance to commit changes for both parent and child 1259 1259 - * simultaneously making the following commit_metadata a noop. 1256 1256 + * nfsd_create_setattr already committed the child. Transactional 1257 1257 + * filesystems had a chance to commit changes for both parent and 1258 1258 + * child * simultaneously making the following commit_metadata a 1259 1259 + * noop. 1260 1260 */ 1261 1261 err2 = nfserrno(commit_metadata(fhp)); 1262 1262 if (err2) ··· 1428 1426 err = nfsd_create_setattr(rqstp, resfhp, iap); 1429 1427 1430 1428 /* 1431 1431 - * nfsd_setattr already committed the child (and possibly also the parent). 1429 1429 + * nfsd_create_setattr already committed the child 1430 1430 + * (and possibly also the parent). 1432 1431 */ 1433 1432 if (!err) 1434 1433 err = nfserrno(commit_metadata(fhp)); ··· 1507 1504 __be32 1508 1505 nfsd_symlink(struct svc_rqst *rqstp, struct svc_fh *fhp, 1509 1506 char *fname, int flen, 1510 1510 - char *path, int plen, 1511 1511 - struct svc_fh *resfhp, 1512 1512 - struct iattr *iap) 1507 1507 + char *path, 1508 1508 + struct svc_fh *resfhp) 1513 1509 { 1514 1510 struct dentry *dentry, *dnew; 1515 1511 __be32 err, cerr; 1516 1512 int host_err; 1517 1513 1518 1514 err = nfserr_noent; 1519 1519 - if (!flen || !plen) 1515 1515 + if (!flen || path[0] == '\0') 1520 1516 goto out; 1521 1517 err = nfserr_exist; 1522 1518 if (isdotent(fname, flen)) ··· 1536 1534 if (IS_ERR(dnew)) 1537 1535 goto out_nfserr; 1538 1536 1539 1539 - if (unlikely(path[plen] != 0)) { 1540 1540 - char *path_alloced = kmalloc(plen+1, GFP_KERNEL); 1541 1541 - if (path_alloced == NULL) 1542 1542 - host_err = -ENOMEM; 1543 1543 - else { 1544 1544 - strncpy(path_alloced, path, plen); 1545 1545 - path_alloced[plen] = 0; 1546 1546 - host_err = vfs_symlink(dentry->d_inode, dnew, path_alloced); 1547 1547 - kfree(path_alloced); 1548 1548 - } 1549 1549 - } else 1550 1550 - host_err = vfs_symlink(dentry->d_inode, dnew, path); 1537 1537 + host_err = vfs_symlink(dentry->d_inode, dnew, path); 1551 1538 err = nfserrno(host_err); 1552 1539 if (!err) 1553 1540 err = nfserrno(commit_metadata(fhp)); ··· 2084 2093 if (raparm_hash[0].pb_head) 2085 2094 return 0; 2086 2095 nperbucket = DIV_ROUND_UP(cache_size, RAPARM_HASH_SIZE); 2087 2087 - if (nperbucket < 2) 2088 2088 - nperbucket = 2; 2096 2096 + nperbucket = max(2, nperbucket); 2089 2097 cache_size = nperbucket * RAPARM_HASH_SIZE; 2090 2098 2091 2099 dprintk("nfsd: allocating %d readahead buffers.\n", cache_size);

+4 -4

fs/nfsd/vfs.h

reviewed

··· 74 74 __be32 nfsd_get_tmp_read_open(struct svc_rqst *, struct svc_fh *, 75 75 struct file **, struct raparms **); 76 76 void nfsd_put_tmp_read_open(struct file *, struct raparms *); 77 77 - int nfsd_splice_read(struct svc_rqst *, 77 77 + __be32 nfsd_splice_read(struct svc_rqst *, 78 78 struct file *, loff_t, unsigned long *); 79 79 - int nfsd_readv(struct file *, loff_t, struct kvec *, int, 79 79 + __be32 nfsd_readv(struct file *, loff_t, struct kvec *, int, 80 80 unsigned long *); 81 81 __be32 nfsd_read(struct svc_rqst *, struct svc_fh *, 82 82 loff_t, struct kvec *, int, unsigned long *); ··· 85 85 __be32 nfsd_readlink(struct svc_rqst *, struct svc_fh *, 86 86 char *, int *); 87 87 __be32 nfsd_symlink(struct svc_rqst *, struct svc_fh *, 88 88 - char *name, int len, char *path, int plen, 89 89 - struct svc_fh *res, struct iattr *); 88 88 + char *name, int len, char *path, 89 89 + struct svc_fh *res); 90 90 __be32 nfsd_link(struct svc_rqst *, struct svc_fh *, 91 91 char *, int, struct svc_fh *); 92 92 __be32 nfsd_rename(struct svc_rqst *,

+19 -11

fs/nfsd/xdr4.h

reviewed

··· 55 55 struct svc_fh current_fh; 56 56 struct svc_fh save_fh; 57 57 struct nfs4_stateowner *replay_owner; 58 58 + struct nfs4_client *clp; 58 59 /* For sessions DRC */ 59 60 struct nfsd4_session *session; 60 61 struct nfsd4_slot *slot; ··· 108 107 u32 cr_type; /* request */ 109 108 union { /* request */ 110 109 struct { 111 111 - u32 namelen; 112 112 - char *name; 110 110 + u32 datalen; 111 111 + char *data; 113 112 } link; /* NF4LNK */ 114 113 struct { 115 114 u32 specdata1; ··· 122 121 struct nfs4_acl *cr_acl; 123 122 struct xdr_netobj cr_label; 124 123 }; 125 125 - #define cr_linklen u.link.namelen 126 126 - #define cr_linkname u.link.name 124 124 + #define cr_datalen u.link.datalen 125 125 + #define cr_data u.link.data 127 126 #define cr_specdata1 u.dev.specdata1 128 127 #define cr_specdata2 u.dev.specdata2 129 128 ··· 479 478 480 479 bool nfsd4_cache_this_op(struct nfsd4_op *); 481 480 481 481 + /* 482 482 + * Memory needed just for the duration of processing one compound: 483 483 + */ 484 484 + struct svcxdr_tmpbuf { 485 485 + struct svcxdr_tmpbuf *next; 486 486 + char buf[]; 487 487 + }; 488 488 + 482 489 struct nfsd4_compoundargs { 483 490 /* scratch variables for XDR decode */ 484 491 __be32 * p; ··· 495 486 int pagelen; 496 487 __be32 tmp[8]; 497 488 __be32 * tmpp; 498 498 - struct tmpbuf { 499 499 - struct tmpbuf *next; 500 500 - void (*release)(const void *); 501 501 - void *buf; 502 502 - } *to_free; 489 489 + struct svcxdr_tmpbuf *to_free; 503 490 504 491 struct svc_rqst *rqstp; 505 492 ··· 579 574 extern __be32 nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 580 575 struct nfsd4_compound_state *, 581 576 struct nfsd4_setclientid_confirm *setclientid_confirm); 582 582 - extern void nfsd4_store_cache_entry(struct nfsd4_compoundres *resp); 583 577 extern __be32 nfsd4_exchange_id(struct svc_rqst *rqstp, 584 578 struct nfsd4_compound_state *, struct nfsd4_exchange_id *); 585 579 extern __be32 nfsd4_backchannel_ctl(struct svc_rqst *, struct nfsd4_compound_state *, struct nfsd4_backchannel_ctl *); ··· 589 585 extern __be32 nfsd4_sequence(struct svc_rqst *, 590 586 struct nfsd4_compound_state *, 591 587 struct nfsd4_sequence *); 588 588 + extern void nfsd4_sequence_done(struct nfsd4_compoundres *resp); 592 589 extern __be32 nfsd4_destroy_session(struct svc_rqst *, 593 590 struct nfsd4_compound_state *, 594 591 struct nfsd4_destroy_session *); ··· 599 594 struct nfsd4_open *open, struct nfsd_net *nn); 600 595 extern __be32 nfsd4_process_open2(struct svc_rqst *rqstp, 601 596 struct svc_fh *current_fh, struct nfsd4_open *open); 602 602 - extern void nfsd4_cleanup_open_state(struct nfsd4_open *open, __be32 status); 597 597 + extern void nfsd4_cstate_clear_replay(struct nfsd4_compound_state *cstate); 598 598 + extern void nfsd4_cleanup_open_state(struct nfsd4_compound_state *cstate, 599 599 + struct nfsd4_open *open, __be32 status); 603 600 extern __be32 nfsd4_open_confirm(struct svc_rqst *rqstp, 604 601 struct nfsd4_compound_state *, struct nfsd4_open_confirm *oc); 605 602 extern __be32 nfsd4_close(struct svc_rqst *rqstp, ··· 632 625 extern __be32 nfsd4_free_stateid(struct svc_rqst *rqstp, 633 626 struct nfsd4_compound_state *, struct nfsd4_free_stateid *free_stateid); 634 627 extern void nfsd4_bump_seqid(struct nfsd4_compound_state *, __be32 nfserr); 628 628 + 635 629 #endif 636 630 637 631 /*

+9

include/linux/cred.h

reviewed

··· 259 259 rcu_dereference_protected(current->cred, 1) 260 260 261 261 /** 262 262 + * current_real_cred - Access the current task's objective credentials 263 263 + * 264 264 + * Access the objective credentials of the current task. RCU-safe, 265 265 + * since nobody else can modify it. 266 266 + */ 267 267 + #define current_real_cred() \ 268 268 + rcu_dereference_protected(current->real_cred, 1) 269 269 + 270 270 + /** 262 271 * __task_cred - Access a task's objective credentials 263 272 * @task: The task to query 264 273 *

+2 -2

include/linux/sunrpc/svc.h

reviewed

··· 236 236 struct svc_cred rq_cred; /* auth info */ 237 237 void * rq_xprt_ctxt; /* transport specific context ptr */ 238 238 struct svc_deferred_req*rq_deferred; /* deferred request we are replaying */ 239 239 - int rq_usedeferral; /* use deferral */ 239 239 + bool rq_usedeferral; /* use deferral */ 240 240 241 241 size_t rq_xprt_hlen; /* xprt header len */ 242 242 struct xdr_buf rq_arg; ··· 277 277 struct auth_domain * rq_gssclient; /* "gss/"-style peer info */ 278 278 int rq_cachetype; 279 279 struct svc_cacherep * rq_cacherep; /* cache info */ 280 280 - int rq_splice_ok; /* turned off in gss privacy 280 280 + bool rq_splice_ok; /* turned off in gss privacy 281 281 * to prevent encrypting page 282 282 * cache pages */ 283 283 wait_queue_head_t rq_wait; /* synchronization */

+1 -2

include/linux/sunrpc/svc_rdma.h

reviewed

··· 174 174 * page size of 4k, or 32k * 2 ops / 4k = 16 outstanding RDMA_READ. */ 175 175 #define RPCRDMA_ORD (64/4) 176 176 #define RPCRDMA_SQ_DEPTH_MULT 8 177 177 - #define RPCRDMA_MAX_THREADS 16 178 178 - #define RPCRDMA_MAX_REQUESTS 16 177 177 + #define RPCRDMA_MAX_REQUESTS 32 179 178 #define RPCRDMA_MAX_REQ_SIZE 4096 180 179 181 180 /* svc_rdma_marshal.c */

+2

include/linux/sunrpc/svc_xprt.h

reviewed

··· 25 25 void (*xpo_detach)(struct svc_xprt *); 26 26 void (*xpo_free)(struct svc_xprt *); 27 27 int (*xpo_secure_port)(struct svc_rqst *); 28 28 + void (*xpo_adjust_wspace)(struct svc_xprt *); 28 29 }; 29 30 30 31 struct svc_xprt_class { ··· 34 33 struct svc_xprt_ops *xcl_ops; 35 34 struct list_head xcl_list; 36 35 u32 xcl_max_payload; 36 36 + int xcl_ident; 37 37 }; 38 38 39 39 /*

+1 -1

net/sunrpc/auth_gss/svcauth_gss.c

reviewed

··· 886 886 u32 priv_len, maj_stat; 887 887 int pad, saved_len, remaining_len, offset; 888 888 889 889 - rqstp->rq_splice_ok = 0; 889 889 + rqstp->rq_splice_ok = false; 890 890 891 891 priv_len = svc_getnl(&buf->head[0]); 892 892 if (rqstp->rq_deferred) {

+2 -2

net/sunrpc/svc.c

reviewed

··· 1086 1086 goto err_short_len; 1087 1087 1088 1088 /* Will be turned off only in gss privacy case: */ 1089 1089 - rqstp->rq_splice_ok = 1; 1089 1089 + rqstp->rq_splice_ok = true; 1090 1090 /* Will be turned off only when NFSv4 Sessions are used */ 1091 1091 - rqstp->rq_usedeferral = 1; 1091 1091 + rqstp->rq_usedeferral = true; 1092 1092 rqstp->rq_dropme = false; 1093 1093 1094 1094 /* Setup reply header */

+19 -8

net/sunrpc/svc_xprt.c

reviewed

··· 23 23 static struct cache_deferred_req *svc_defer(struct cache_req *req); 24 24 static void svc_age_temp_xprts(unsigned long closure); 25 25 static void svc_delete_xprt(struct svc_xprt *xprt); 26 26 + static void svc_xprt_do_enqueue(struct svc_xprt *xprt); 26 27 27 28 /* apparently the "standard" is that clients close 28 29 * idle connections after 5 minutes, servers after ··· 223 222 if (!test_bit(XPT_BUSY, &xprt->xpt_flags)) 224 223 return; 225 224 /* As soon as we clear busy, the xprt could be closed and 226 226 - * 'put', so we need a reference to call svc_xprt_enqueue with: 225 225 + * 'put', so we need a reference to call svc_xprt_do_enqueue with: 227 226 */ 228 227 svc_xprt_get(xprt); 228 228 + smp_mb__before_atomic(); 229 229 clear_bit(XPT_BUSY, &xprt->xpt_flags); 230 230 - svc_xprt_enqueue(xprt); 230 230 + svc_xprt_do_enqueue(xprt); 231 231 svc_xprt_put(xprt); 232 232 } 233 233 ··· 337 335 return false; 338 336 } 339 337 340 340 - /* 341 341 - * Queue up a transport with data pending. If there are idle nfsd 342 342 - * processes, wake 'em up. 343 343 - * 344 344 - */ 345 345 - void svc_xprt_enqueue(struct svc_xprt *xprt) 338 338 + static void svc_xprt_do_enqueue(struct svc_xprt *xprt) 346 339 { 347 340 struct svc_pool *pool; 348 341 struct svc_rqst *rqstp; ··· 395 398 out_unlock: 396 399 spin_unlock_bh(&pool->sp_lock); 397 400 } 401 401 + 402 402 + /* 403 403 + * Queue up a transport with data pending. If there are idle nfsd 404 404 + * processes, wake 'em up. 405 405 + * 406 406 + */ 407 407 + void svc_xprt_enqueue(struct svc_xprt *xprt) 408 408 + { 409 409 + if (test_bit(XPT_BUSY, &xprt->xpt_flags)) 410 410 + return; 411 411 + svc_xprt_do_enqueue(xprt); 412 412 + } 398 413 EXPORT_SYMBOL_GPL(svc_xprt_enqueue); 399 414 400 415 /* ··· 448 439 atomic_sub((rqstp->rq_reserved - space), &xprt->xpt_reserved); 449 440 rqstp->rq_reserved = space; 450 441 442 442 + if (xprt->xpt_ops->xpo_adjust_wspace) 443 443 + xprt->xpt_ops->xpo_adjust_wspace(xprt); 451 444 svc_xprt_enqueue(xprt); 452 445 } 453 446 }

+32 -18

net/sunrpc/svcsock.c

reviewed

··· 446 446 } 447 447 } 448 448 449 449 + static int svc_tcp_has_wspace(struct svc_xprt *xprt) 450 450 + { 451 451 + struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt); 452 452 + struct svc_serv *serv = svsk->sk_xprt.xpt_server; 453 453 + int required; 454 454 + 455 455 + if (test_bit(XPT_LISTENER, &xprt->xpt_flags)) 456 456 + return 1; 457 457 + required = atomic_read(&xprt->xpt_reserved) + serv->sv_max_mesg; 458 458 + if (sk_stream_wspace(svsk->sk_sk) >= required || 459 459 + (sk_stream_min_wspace(svsk->sk_sk) == 0 && 460 460 + atomic_read(&xprt->xpt_reserved) == 0)) 461 461 + return 1; 462 462 + set_bit(SOCK_NOSPACE, &svsk->sk_sock->flags); 463 463 + return 0; 464 464 + } 465 465 + 449 466 static void svc_tcp_write_space(struct sock *sk) 450 467 { 468 468 + struct svc_sock *svsk = (struct svc_sock *)(sk->sk_user_data); 451 469 struct socket *sock = sk->sk_socket; 452 470 453 453 - if (sk_stream_is_writeable(sk) && sock) 471 471 + if (!sk_stream_is_writeable(sk) || !sock) 472 472 + return; 473 473 + if (!svsk || svc_tcp_has_wspace(&svsk->sk_xprt)) 454 474 clear_bit(SOCK_NOSPACE, &sock->flags); 455 475 svc_write_space(sk); 476 476 + } 477 477 + 478 478 + static void svc_tcp_adjust_wspace(struct svc_xprt *xprt) 479 479 + { 480 480 + struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt); 481 481 + 482 482 + if (svc_tcp_has_wspace(xprt)) 483 483 + clear_bit(SOCK_NOSPACE, &svsk->sk_sock->flags); 456 484 } 457 485 458 486 /* ··· 720 692 .xcl_owner = THIS_MODULE, 721 693 .xcl_ops = &svc_udp_ops, 722 694 .xcl_max_payload = RPCSVC_MAXPAYLOAD_UDP, 695 695 + .xcl_ident = XPRT_TRANSPORT_UDP, 723 696 }; 724 697 725 698 static void svc_udp_init(struct svc_sock *svsk, struct svc_serv *serv) ··· 1226 1197 svc_putnl(resv, 0); 1227 1198 } 1228 1199 1229 1229 - static int svc_tcp_has_wspace(struct svc_xprt *xprt) 1230 1230 - { 1231 1231 - struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt); 1232 1232 - struct svc_serv *serv = svsk->sk_xprt.xpt_server; 1233 1233 - int required; 1234 1234 - 1235 1235 - if (test_bit(XPT_LISTENER, &xprt->xpt_flags)) 1236 1236 - return 1; 1237 1237 - required = atomic_read(&xprt->xpt_reserved) + serv->sv_max_mesg; 1238 1238 - if (sk_stream_wspace(svsk->sk_sk) >= required || 1239 1239 - (sk_stream_min_wspace(svsk->sk_sk) == 0 && 1240 1240 - atomic_read(&xprt->xpt_reserved) == 0)) 1241 1241 - return 1; 1242 1242 - set_bit(SOCK_NOSPACE, &svsk->sk_sock->flags); 1243 1243 - return 0; 1244 1244 - } 1245 1245 - 1246 1200 static struct svc_xprt *svc_tcp_create(struct svc_serv *serv, 1247 1201 struct net *net, 1248 1202 struct sockaddr *sa, int salen, ··· 1297 1285 .xpo_has_wspace = svc_tcp_has_wspace, 1298 1286 .xpo_accept = svc_tcp_accept, 1299 1287 .xpo_secure_port = svc_sock_secure_port, 1288 1288 + .xpo_adjust_wspace = svc_tcp_adjust_wspace, 1300 1289 }; 1301 1290 1302 1291 static struct svc_xprt_class svc_tcp_class = { ··· 1305 1292 .xcl_owner = THIS_MODULE, 1306 1293 .xcl_ops = &svc_tcp_ops, 1307 1294 .xcl_max_payload = RPCSVC_MAXPAYLOAD_TCP, 1295 1295 + .xcl_ident = XPRT_TRANSPORT_TCP, 1308 1296 }; 1309 1297 1310 1298 void svc_init_xprt_sock(void)

+2 -1

net/sunrpc/xdr.c

reviewed

··· 509 509 } 510 510 EXPORT_SYMBOL_GPL(xdr_commit_encode); 511 511 512 512 - __be32 *xdr_get_next_encode_buffer(struct xdr_stream *xdr, size_t nbytes) 512 512 + static __be32 *xdr_get_next_encode_buffer(struct xdr_stream *xdr, 513 513 + size_t nbytes) 513 514 { 514 515 static __be32 *p; 515 516 int space_left;

+1 -1

net/sunrpc/xprt.c

reviewed

··· 1306 1306 } 1307 1307 } 1308 1308 spin_unlock(&xprt_list_lock); 1309 1309 - printk(KERN_ERR "RPC: transport (%d) not supported\n", args->ident); 1309 1309 + dprintk("RPC: transport (%d) not supported\n", args->ident); 1310 1310 return ERR_PTR(-EIO); 1311 1311 1312 1312 found:

+28

net/sunrpc/xprtrdma/svc_rdma_recvfrom.c

reviewed

··· 43 43 #include <linux/sunrpc/debug.h> 44 44 #include <linux/sunrpc/rpc_rdma.h> 45 45 #include <linux/spinlock.h> 46 46 + #include <linux/highmem.h> 46 47 #include <asm/unaligned.h> 47 48 #include <rdma/ib_verbs.h> 48 49 #include <rdma/rdma_cm.h> ··· 436 435 return ret; 437 436 } 438 437 438 438 + /* 439 439 + * To avoid a separate RDMA READ just for a handful of zero bytes, 440 440 + * RFC 5666 section 3.7 allows the client to omit the XDR zero pad 441 441 + * in chunk lists. 442 442 + */ 443 443 + static void 444 444 + rdma_fix_xdr_pad(struct xdr_buf *buf) 445 445 + { 446 446 + unsigned int page_len = buf->page_len; 447 447 + unsigned int size = (XDR_QUADLEN(page_len) << 2) - page_len; 448 448 + unsigned int offset, pg_no; 449 449 + char *p; 450 450 + 451 451 + if (size == 0) 452 452 + return; 453 453 + 454 454 + pg_no = page_len >> PAGE_SHIFT; 455 455 + offset = page_len & ~PAGE_MASK; 456 456 + p = page_address(buf->pages[pg_no]); 457 457 + memset(p + offset, 0, size); 458 458 + 459 459 + buf->page_len += size; 460 460 + buf->buflen += size; 461 461 + buf->len += size; 462 462 + } 463 463 + 439 464 static int rdma_read_complete(struct svc_rqst *rqstp, 440 465 struct svc_rdma_op_ctxt *head) 441 466 { ··· 476 449 rqstp->rq_pages[page_no] = head->pages[page_no]; 477 450 } 478 451 /* Point rq_arg.pages past header */ 452 452 + rdma_fix_xdr_pad(&head->arg); 479 453 rqstp->rq_arg.pages = &rqstp->rq_pages[head->hdr_count]; 480 454 rqstp->rq_arg.page_len = head->arg.page_len; 481 455 rqstp->rq_arg.page_base = head->arg.page_base;

+15 -24

net/sunrpc/xprtrdma/svc_rdma_sendto.c

reviewed

··· 192 192 xdr_sge_no++; 193 193 BUG_ON(xdr_sge_no > vec->count); 194 194 bc -= sge_bytes; 195 195 + if (sge_no == xprt->sc_max_sge) 196 196 + break; 195 197 } 196 198 197 199 /* Prepare WRITE WR */ ··· 211 209 atomic_inc(&rdma_stat_write); 212 210 if (svc_rdma_send(xprt, &write_wr)) 213 211 goto err; 214 214 - return 0; 212 212 + return write_len - bc; 215 213 err: 216 214 svc_rdma_unmap_dma(ctxt); 217 215 svc_rdma_put_context(ctxt, 0); ··· 227 225 { 228 226 u32 xfer_len = rqstp->rq_res.page_len + rqstp->rq_res.tail[0].iov_len; 229 227 int write_len; 230 230 - int max_write; 231 228 u32 xdr_off; 232 229 int chunk_off; 233 230 int chunk_no; ··· 239 238 return 0; 240 239 res_ary = (struct rpcrdma_write_array *) 241 240 &rdma_resp->rm_body.rm_chunks[1]; 242 242 - 243 243 - max_write = xprt->sc_max_sge * PAGE_SIZE; 244 241 245 242 /* Write chunks start at the pagelist */ 246 243 for (xdr_off = rqstp->rq_res.head[0].iov_len, chunk_no = 0; ··· 259 260 write_len); 260 261 chunk_off = 0; 261 262 while (write_len) { 262 262 - int this_write; 263 263 - this_write = min(write_len, max_write); 264 263 ret = send_write(xprt, rqstp, 265 264 ntohl(arg_ch->rs_handle), 266 265 rs_offset + chunk_off, 267 266 xdr_off, 268 268 - this_write, 267 267 + write_len, 269 268 vec); 270 270 - if (ret) { 269 269 + if (ret <= 0) { 271 270 dprintk("svcrdma: RDMA_WRITE failed, ret=%d\n", 272 271 ret); 273 272 return -EIO; 274 273 } 275 275 - chunk_off += this_write; 276 276 - xdr_off += this_write; 277 277 - xfer_len -= this_write; 278 278 - write_len -= this_write; 274 274 + chunk_off += ret; 275 275 + xdr_off += ret; 276 276 + xfer_len -= ret; 277 277 + write_len -= ret; 279 278 } 280 279 } 281 280 /* Update the req with the number of chunks actually used */ ··· 290 293 { 291 294 u32 xfer_len = rqstp->rq_res.len; 292 295 int write_len; 293 293 - int max_write; 294 296 u32 xdr_off; 295 297 int chunk_no; 296 298 int chunk_off; ··· 306 310 * write-list */ 307 311 res_ary = (struct rpcrdma_write_array *) 308 312 &rdma_resp->rm_body.rm_chunks[2]; 309 309 - 310 310 - max_write = xprt->sc_max_sge * PAGE_SIZE; 311 313 312 314 /* xdr offset starts at RPC message */ 313 315 nchunks = ntohl(arg_ary->wc_nchunks); ··· 324 330 write_len); 325 331 chunk_off = 0; 326 332 while (write_len) { 327 327 - int this_write; 328 328 - 329 329 - this_write = min(write_len, max_write); 330 333 ret = send_write(xprt, rqstp, 331 334 ntohl(ch->rs_handle), 332 335 rs_offset + chunk_off, 333 336 xdr_off, 334 334 - this_write, 337 337 + write_len, 335 338 vec); 336 336 - if (ret) { 339 339 + if (ret <= 0) { 337 340 dprintk("svcrdma: RDMA_WRITE failed, ret=%d\n", 338 341 ret); 339 342 return -EIO; 340 343 } 341 341 - chunk_off += this_write; 342 342 - xdr_off += this_write; 343 343 - xfer_len -= this_write; 344 344 - write_len -= this_write; 344 344 + chunk_off += ret; 345 345 + xdr_off += ret; 346 346 + xfer_len -= ret; 347 347 + write_len -= ret; 345 348 } 346 349 } 347 350 /* Update the req with the number of chunks actually used */

+3 -17

net/sunrpc/xprtrdma/svc_rdma_transport.c

reviewed

··· 92 92 .xcl_owner = THIS_MODULE, 93 93 .xcl_ops = &svc_rdma_ops, 94 94 .xcl_max_payload = RPCSVC_MAXPAYLOAD_TCP, 95 95 + .xcl_ident = XPRT_TRANSPORT_RDMA, 95 96 }; 96 97 97 98 struct svc_rdma_op_ctxt *svc_rdma_get_context(struct svcxprt_rdma *xprt) ··· 943 942 944 943 ret = rdma_create_qp(newxprt->sc_cm_id, newxprt->sc_pd, &qp_attr); 945 944 if (ret) { 946 946 - /* 947 947 - * XXX: This is a hack. We need a xx_request_qp interface 948 948 - * that will adjust the qp_attr's with a best-effort 949 949 - * number 950 950 - */ 951 951 - qp_attr.cap.max_send_sge -= 2; 952 952 - qp_attr.cap.max_recv_sge -= 2; 953 953 - ret = rdma_create_qp(newxprt->sc_cm_id, newxprt->sc_pd, 954 954 - &qp_attr); 955 955 - if (ret) { 956 956 - dprintk("svcrdma: failed to create QP, ret=%d\n", ret); 957 957 - goto errout; 958 958 - } 959 959 - newxprt->sc_max_sge = qp_attr.cap.max_send_sge; 960 960 - newxprt->sc_max_sge = qp_attr.cap.max_recv_sge; 961 961 - newxprt->sc_sq_depth = qp_attr.cap.max_send_wr; 962 962 - newxprt->sc_max_requests = qp_attr.cap.max_recv_wr; 945 945 + dprintk("svcrdma: failed to create QP, ret=%d\n", ret); 946 946 + goto errout; 963 947 } 964 948 newxprt->sc_qp = newxprt->sc_cm_id->qp; 965 949