Merge tag 'nfs-for-6.5-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs

+6

fs/lockd/clntlock.c

··· 93 93 block->b_status = nlm_lck_blocked; 94 94 } 95 95 96 + struct rpc_clnt *nlmclnt_rpc_clnt(struct nlm_host *host) 97 + { 98 + return host->h_rpcclnt; 99 + } 100 + EXPORT_SYMBOL_GPL(nlmclnt_rpc_clnt); 101 + 96 102 /* 97 103 * Queue up a lock for blocking so that the GRANTED request can see it 98 104 */

+32

fs/nfs/client.c

··· 184 184 clp->cl_net = get_net(cl_init->net); 185 185 186 186 clp->cl_principal = "*"; 187 + clp->cl_xprtsec = cl_init->xprtsec; 187 188 return clp; 188 189 189 190 error_cleanup: ··· 327 326 sap)) 328 327 continue; 329 328 329 + /* Match the xprt security policy */ 330 + if (clp->cl_xprtsec.policy != data->xprtsec.policy) 331 + continue; 332 + 330 333 refcount_inc(&clp->cl_count); 331 334 return clp; 332 335 } ··· 463 458 464 459 switch (proto) { 465 460 case XPRT_TRANSPORT_TCP: 461 + case XPRT_TRANSPORT_TCP_TLS: 466 462 case XPRT_TRANSPORT_RDMA: 467 463 if (retrans == NFS_UNSPEC_RETRANS) 468 464 to->to_retries = NFS_DEF_TCP_RETRANS; ··· 516 510 .version = clp->rpc_ops->version, 517 511 .authflavor = flavor, 518 512 .cred = cl_init->cred, 513 + .xprtsec = cl_init->xprtsec, 519 514 }; 520 515 521 516 if (test_bit(NFS_CS_DISCRTRY, &clp->cl_flags)) ··· 599 592 600 593 server->nlm_host = host; 601 594 server->destroy = nfs_destroy_server; 595 + nfs_sysfs_link_rpc_client(server, nlmclnt_rpc_clnt(host), NULL); 602 596 return 0; 603 597 } 604 598 ··· 629 621 if (server->flags & NFS_MOUNT_SOFT) 630 622 server->client->cl_softrtry = 1; 631 623 624 + nfs_sysfs_link_rpc_client(server, server->client, NULL); 632 625 return 0; 633 626 } 634 627 EXPORT_SYMBOL_GPL(nfs_init_server_rpcclient); ··· 684 675 .cred = server->cred, 685 676 .nconnect = ctx->nfs_server.nconnect, 686 677 .init_flags = (1UL << NFS_CS_REUSEPORT), 678 + .xprtsec = ctx->xprtsec, 687 679 }; 688 680 struct nfs_client *clp; 689 681 int error; ··· 700 690 return PTR_ERR(clp); 701 691 702 692 server->nfs_client = clp; 693 + nfs_sysfs_add_server(server); 694 + nfs_sysfs_link_rpc_client(server, clp->cl_rpcclient, "_state"); 703 695 704 696 /* Initialise the client representation from the mount data */ 705 697 server->flags = ctx->flags; ··· 956 944 } 957 945 EXPORT_SYMBOL_GPL(nfs_server_remove_lists); 958 946 947 + static DEFINE_IDA(s_sysfs_ids); 948 + 959 949 /* 960 950 * Allocate and initialise a server record 961 951 */ ··· 968 954 server = kzalloc(sizeof(struct nfs_server), GFP_KERNEL); 969 955 if (!server) 970 956 return NULL; 957 + 958 + server->s_sysfs_id = ida_alloc(&s_sysfs_ids, GFP_KERNEL); 959 + if (server->s_sysfs_id < 0) { 960 + kfree(server); 961 + return NULL; 962 + } 971 963 972 964 server->client = server->client_acl = ERR_PTR(-EINVAL); 973 965 ··· 1020 1000 rpc_shutdown_client(server->client); 1021 1001 1022 1002 nfs_put_client(server->nfs_client); 1003 + 1004 + if (server->kobj.state_initialized) { 1005 + nfs_sysfs_remove_server(server); 1006 + kobject_put(&server->kobj); 1007 + } 1008 + ida_free(&s_sysfs_ids, server->s_sysfs_id); 1023 1009 1024 1010 ida_destroy(&server->lockowner_id); 1025 1011 ida_destroy(&server->openowner_id); ··· 1127 1101 nfs_server_copy_userdata(server, source); 1128 1102 1129 1103 server->fsid = fattr->fsid; 1104 + 1105 + nfs_sysfs_add_server(server); 1106 + 1107 + nfs_sysfs_link_rpc_client(server, 1108 + server->nfs_client->cl_rpcclient, "_state"); 1130 1109 1131 1110 error = nfs_init_server_rpcclient(server, 1132 1111 source->client->cl_timeout, ··· 1416 1385 void nfs_fs_proc_exit(void) 1417 1386 { 1418 1387 remove_proc_subtree("fs/nfsfs", NULL); 1388 + ida_destroy(&s_sysfs_ids); 1419 1389 } 1420 1390 1421 1391 #endif /* CONFIG_PROC_FS */

+67

fs/nfs/fs_context.c

··· 18 18 #include <linux/nfs_fs.h> 19 19 #include <linux/nfs_mount.h> 20 20 #include <linux/nfs4_mount.h> 21 + 22 + #include <net/handshake.h> 23 + 21 24 #include "nfs.h" 22 25 #include "internal.h" 23 26 ··· 91 88 Opt_vers, 92 89 Opt_wsize, 93 90 Opt_write, 91 + Opt_xprtsec, 94 92 }; 95 93 96 94 enum { ··· 198 194 fsparam_string("vers", Opt_vers), 199 195 fsparam_enum ("write", Opt_write, nfs_param_enums_write), 200 196 fsparam_u32 ("wsize", Opt_wsize), 197 + fsparam_string("xprtsec", Opt_xprtsec), 201 198 {} 202 199 }; 203 200 ··· 272 267 {} 273 268 }; 274 269 270 + enum { 271 + Opt_xprtsec_none, 272 + Opt_xprtsec_tls, 273 + Opt_xprtsec_mtls, 274 + nr__Opt_xprtsec 275 + }; 276 + 277 + static const struct constant_table nfs_xprtsec_policies[] = { 278 + { "none", Opt_xprtsec_none }, 279 + { "tls", Opt_xprtsec_tls }, 280 + { "mtls", Opt_xprtsec_mtls }, 281 + {} 282 + }; 283 + 275 284 /* 276 285 * Sanity-check a server address provided by the mount command. 277 286 * ··· 339 320 default: 340 321 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 341 322 } 323 + 324 + if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE) 325 + switch (ctx->nfs_server.protocol) { 326 + case XPRT_TRANSPORT_TCP: 327 + ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS; 328 + break; 329 + default: 330 + goto out_invalid_xprtsec_policy; 331 + } 332 + 342 333 return 0; 343 334 out_invalid_transport_udp: 344 335 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp"); 336 + out_invalid_xprtsec_policy: 337 + return nfs_invalf(fc, "NFS: Transport does not support xprtsec"); 345 338 } 346 339 347 340 /* ··· 458 427 return ret; 459 428 } 460 429 430 + return 0; 431 + } 432 + 433 + static int nfs_parse_xprtsec_policy(struct fs_context *fc, 434 + struct fs_parameter *param) 435 + { 436 + struct nfs_fs_context *ctx = nfs_fc2context(fc); 437 + 438 + trace_nfs_mount_assign(param->key, param->string); 439 + 440 + switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) { 441 + case Opt_xprtsec_none: 442 + ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 443 + break; 444 + case Opt_xprtsec_tls: 445 + ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON; 446 + break; 447 + case Opt_xprtsec_mtls: 448 + ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509; 449 + break; 450 + default: 451 + return nfs_invalf(fc, "NFS: Unrecognized transport security policy"); 452 + } 461 453 return 0; 462 454 } 463 455 ··· 750 696 if (ret < 0) 751 697 return ret; 752 698 break; 699 + case Opt_xprtsec: 700 + ret = nfs_parse_xprtsec_policy(fc, param); 701 + if (ret < 0) 702 + return ret; 703 + break; 753 704 754 705 case Opt_proto: 755 706 if (!param->string) ··· 850 791 ctx->mount_server.addrlen = len; 851 792 break; 852 793 case Opt_nconnect: 794 + trace_nfs_mount_assign(param->key, param->string); 853 795 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS) 854 796 goto out_of_bounds; 855 797 ctx->nfs_server.nconnect = result.uint_32; 856 798 break; 857 799 case Opt_max_connect: 800 + trace_nfs_mount_assign(param->key, param->string); 858 801 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS) 859 802 goto out_of_bounds; 860 803 ctx->nfs_server.max_connect = result.uint_32; 861 804 break; 862 805 case Opt_lookupcache: 806 + trace_nfs_mount_assign(param->key, param->string); 863 807 switch (result.uint_32) { 864 808 case Opt_lookupcache_all: 865 809 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE); ··· 879 817 } 880 818 break; 881 819 case Opt_local_lock: 820 + trace_nfs_mount_assign(param->key, param->string); 882 821 switch (result.uint_32) { 883 822 case Opt_local_lock_all: 884 823 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | ··· 900 837 } 901 838 break; 902 839 case Opt_write: 840 + trace_nfs_mount_assign(param->key, param->string); 903 841 switch (result.uint_32) { 904 842 case Opt_write_lazy: 905 843 ctx->flags &= ··· 1633 1569 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR; 1634 1570 ctx->minorversion = 0; 1635 1571 ctx->need_mount = true; 1572 + ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 1573 + ctx->xprtsec.cert_serial = TLS_NO_CERT; 1574 + ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY; 1636 1575 1637 1576 fc->s_iflags |= SB_I_STABLE_WRITES; 1638 1577 }

+1 -1

fs/nfs/inode.c

··· 845 845 846 846 request_mask &= STATX_TYPE | STATX_MODE | STATX_NLINK | STATX_UID | 847 847 STATX_GID | STATX_ATIME | STATX_MTIME | STATX_CTIME | 848 - STATX_INO | STATX_SIZE | STATX_BLOCKS | STATX_BTIME | 848 + STATX_INO | STATX_SIZE | STATX_BLOCKS | 849 849 STATX_CHANGE_COOKIE; 850 850 851 851 if ((query_flags & AT_STATX_DONT_SYNC) && !force_sync) {

+2

fs/nfs/internal.h

··· 81 81 struct net *net; 82 82 const struct rpc_timeout *timeparms; 83 83 const struct cred *cred; 84 + struct xprtsec_parms xprtsec; 84 85 }; 85 86 86 87 /* ··· 102 101 unsigned int bsize; 103 102 struct nfs_auth_info auth_info; 104 103 rpc_authflavor_t selected_flavor; 104 + struct xprtsec_parms xprtsec; 105 105 char *client_address; 106 106 unsigned int version; 107 107 unsigned int minorversion;

+11 -2

fs/nfs/nfs3client.c

··· 4 4 #include <linux/sunrpc/addr.h> 5 5 #include "internal.h" 6 6 #include "nfs3_fs.h" 7 + #include "netns.h" 8 + #include "sysfs.h" 7 9 8 10 #ifdef CONFIG_NFS_V3_ACL 9 11 static struct rpc_stat nfsacl_rpcstat = { &nfsacl_program }; ··· 32 30 server->client_acl = rpc_bind_new_program(server->client, &nfsacl_program, 3); 33 31 if (IS_ERR(server->client_acl)) 34 32 goto out_noacl; 33 + 34 + nfs_sysfs_link_rpc_client(server, server->client_acl, NULL); 35 35 36 36 /* No errors! Assume that Sun nfsacls are supported */ 37 37 server->caps |= NFS_CAP_ACLS; ··· 97 93 .net = mds_clp->cl_net, 98 94 .timeparms = &ds_timeout, 99 95 .cred = mds_srv->cred, 96 + .xprtsec = mds_clp->cl_xprtsec, 100 97 }; 101 98 struct nfs_client *clp; 102 99 char buf[INET6_ADDRSTRLEN + 1]; ··· 107 102 return ERR_PTR(-EINVAL); 108 103 cl_init.hostname = buf; 109 104 110 - if (mds_clp->cl_nconnect > 1 && ds_proto == XPRT_TRANSPORT_TCP) 111 - cl_init.nconnect = mds_clp->cl_nconnect; 105 + switch (ds_proto) { 106 + case XPRT_TRANSPORT_TCP: 107 + case XPRT_TRANSPORT_TCP_TLS: 108 + if (mds_clp->cl_nconnect > 1) 109 + cl_init.nconnect = mds_clp->cl_nconnect; 110 + } 112 111 113 112 if (mds_srv->flags & NFS_MOUNT_NORESVPORT) 114 113 __set_bit(NFS_CS_NORESVPORT, &cl_init.init_flags);

+21 -4

fs/nfs/nfs42proc.c

··· 1190 1190 const void *buf, size_t buflen, int flags) 1191 1191 { 1192 1192 struct nfs_server *server = NFS_SERVER(inode); 1193 + __u32 bitmask[NFS_BITMASK_SZ]; 1193 1194 struct page *pages[NFS4XATTR_MAXPAGES]; 1194 1195 struct nfs42_setxattrargs arg = { 1195 1196 .fh = NFS_FH(inode), 1197 + .bitmask = bitmask, 1196 1198 .xattr_pages = pages, 1197 1199 .xattr_len = buflen, 1198 1200 .xattr_name = name, 1199 1201 .xattr_flags = flags, 1200 1202 }; 1201 - struct nfs42_setxattrres res; 1203 + struct nfs42_setxattrres res = { 1204 + .server = server, 1205 + }; 1202 1206 struct rpc_message msg = { 1203 1207 .rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_SETXATTR], 1204 1208 .rpc_argp = &arg, ··· 1214 1210 if (buflen > server->sxasize) 1215 1211 return -ERANGE; 1216 1212 1213 + res.fattr = nfs_alloc_fattr(); 1214 + if (!res.fattr) 1215 + return -ENOMEM; 1216 + 1217 1217 if (buflen > 0) { 1218 1218 np = nfs4_buf_to_pages_noslab(buf, buflen, arg.xattr_pages); 1219 - if (np < 0) 1220 - return np; 1219 + if (np < 0) { 1220 + ret = np; 1221 + goto out; 1222 + } 1221 1223 } else 1222 1224 np = 0; 1225 + 1226 + nfs4_bitmask_set(bitmask, server->cache_consistency_bitmask, 1227 + inode, NFS_INO_INVALID_CHANGE); 1223 1228 1224 1229 ret = nfs4_call_sync(server->client, server, &msg, &arg.seq_args, 1225 1230 &res.seq_res, 1); ··· 1237 1224 for (; np > 0; np--) 1238 1225 put_page(pages[np - 1]); 1239 1226 1240 - if (!ret) 1227 + if (!ret) { 1241 1228 nfs4_update_changeattr(inode, &res.cinfo, timestamp, 0); 1229 + ret = nfs_post_op_update_inode(inode, res.fattr); 1230 + } 1242 1231 1232 + out: 1233 + kfree(res.fattr); 1243 1234 return ret; 1244 1235 } 1245 1236

+44 -35

fs/nfs/nfs42xattr.c

··· 991 991 INIT_LIST_HEAD(&cache->dispose); 992 992 } 993 993 994 + static int nfs4_xattr_shrinker_init(struct shrinker *shrinker, 995 + struct list_lru *lru, const char *name) 996 + { 997 + int ret = 0; 998 + 999 + ret = register_shrinker(shrinker, name); 1000 + if (ret) 1001 + return ret; 1002 + 1003 + ret = list_lru_init_memcg(lru, shrinker); 1004 + if (ret) 1005 + unregister_shrinker(shrinker); 1006 + 1007 + return ret; 1008 + } 1009 + 1010 + static void nfs4_xattr_shrinker_destroy(struct shrinker *shrinker, 1011 + struct list_lru *lru) 1012 + { 1013 + unregister_shrinker(shrinker); 1014 + list_lru_destroy(lru); 1015 + } 1016 + 994 1017 int __init nfs4_xattr_cache_init(void) 995 1018 { 996 1019 int ret = 0; ··· 1025 1002 if (nfs4_xattr_cache_cachep == NULL) 1026 1003 return -ENOMEM; 1027 1004 1028 - ret = list_lru_init_memcg(&nfs4_xattr_large_entry_lru, 1029 - &nfs4_xattr_large_entry_shrinker); 1030 - if (ret) 1031 - goto out4; 1032 - 1033 - ret = list_lru_init_memcg(&nfs4_xattr_entry_lru, 1034 - &nfs4_xattr_entry_shrinker); 1035 - if (ret) 1036 - goto out3; 1037 - 1038 - ret = list_lru_init_memcg(&nfs4_xattr_cache_lru, 1039 - &nfs4_xattr_cache_shrinker); 1040 - if (ret) 1041 - goto out2; 1042 - 1043 - ret = register_shrinker(&nfs4_xattr_cache_shrinker, "nfs-xattr_cache"); 1005 + ret = nfs4_xattr_shrinker_init(&nfs4_xattr_cache_shrinker, 1006 + &nfs4_xattr_cache_lru, 1007 + "nfs-xattr_cache"); 1044 1008 if (ret) 1045 1009 goto out1; 1046 1010 1047 - ret = register_shrinker(&nfs4_xattr_entry_shrinker, "nfs-xattr_entry"); 1011 + ret = nfs4_xattr_shrinker_init(&nfs4_xattr_entry_shrinker, 1012 + &nfs4_xattr_entry_lru, 1013 + "nfs-xattr_entry"); 1048 1014 if (ret) 1049 - goto out; 1015 + goto out2; 1050 1016 1051 - ret = register_shrinker(&nfs4_xattr_large_entry_shrinker, 1052 - "nfs-xattr_large_entry"); 1017 + ret = nfs4_xattr_shrinker_init(&nfs4_xattr_large_entry_shrinker, 1018 + &nfs4_xattr_large_entry_lru, 1019 + "nfs-xattr_large_entry"); 1053 1020 if (!ret) 1054 1021 return 0; 1055 1022 1056 - unregister_shrinker(&nfs4_xattr_entry_shrinker); 1057 - out: 1058 - unregister_shrinker(&nfs4_xattr_cache_shrinker); 1059 - out1: 1060 - list_lru_destroy(&nfs4_xattr_cache_lru); 1023 + nfs4_xattr_shrinker_destroy(&nfs4_xattr_entry_shrinker, 1024 + &nfs4_xattr_entry_lru); 1061 1025 out2: 1062 - list_lru_destroy(&nfs4_xattr_entry_lru); 1063 - out3: 1064 - list_lru_destroy(&nfs4_xattr_large_entry_lru); 1065 - out4: 1026 + nfs4_xattr_shrinker_destroy(&nfs4_xattr_cache_shrinker, 1027 + &nfs4_xattr_cache_lru); 1028 + out1: 1066 1029 kmem_cache_destroy(nfs4_xattr_cache_cachep); 1067 1030 1068 1031 return ret; ··· 1056 1047 1057 1048 void nfs4_xattr_cache_exit(void) 1058 1049 { 1059 - unregister_shrinker(&nfs4_xattr_large_entry_shrinker); 1060 - unregister_shrinker(&nfs4_xattr_entry_shrinker); 1061 - unregister_shrinker(&nfs4_xattr_cache_shrinker); 1062 - list_lru_destroy(&nfs4_xattr_large_entry_lru); 1063 - list_lru_destroy(&nfs4_xattr_entry_lru); 1064 - list_lru_destroy(&nfs4_xattr_cache_lru); 1050 + nfs4_xattr_shrinker_destroy(&nfs4_xattr_large_entry_shrinker, 1051 + &nfs4_xattr_large_entry_lru); 1052 + nfs4_xattr_shrinker_destroy(&nfs4_xattr_entry_shrinker, 1053 + &nfs4_xattr_entry_lru); 1054 + nfs4_xattr_shrinker_destroy(&nfs4_xattr_cache_shrinker, 1055 + &nfs4_xattr_cache_lru); 1065 1056 kmem_cache_destroy(nfs4_xattr_cache_cachep); 1066 1057 }

+322 -299

fs/nfs/nfs42xdr.c

··· 7 7 8 8 #include "nfs42.h" 9 9 10 + /* Not limited by NFS itself, limited by the generic xattr code */ 11 + #define nfs4_xattr_name_maxsz XDR_QUADLEN(XATTR_NAME_MAX) 12 + 10 13 #define encode_fallocate_maxsz (encode_stateid_maxsz + \ 11 14 2 /* offset */ + \ 12 15 2 /* length */) ··· 92 89 2 /* dst offset */ + \ 93 90 2 /* count */) 94 91 #define decode_clone_maxsz (op_decode_hdr_maxsz) 92 + #define encode_getxattr_maxsz (op_encode_hdr_maxsz + 1 + \ 93 + nfs4_xattr_name_maxsz) 94 + #define decode_getxattr_maxsz (op_decode_hdr_maxsz + 1 + pagepad_maxsz) 95 + #define encode_setxattr_maxsz (op_encode_hdr_maxsz + \ 96 + 1 + nfs4_xattr_name_maxsz + 1) 97 + #define decode_setxattr_maxsz (op_decode_hdr_maxsz + decode_change_info_maxsz) 98 + #define encode_listxattrs_maxsz (op_encode_hdr_maxsz + 2 + 1) 99 + #define decode_listxattrs_maxsz (op_decode_hdr_maxsz + 2 + 1 + 1 + 1) 100 + #define encode_removexattr_maxsz (op_encode_hdr_maxsz + 1 + \ 101 + nfs4_xattr_name_maxsz) 102 + #define decode_removexattr_maxsz (op_decode_hdr_maxsz + \ 103 + decode_change_info_maxsz) 95 104 96 105 #define NFS4_enc_allocate_sz (compound_encode_hdr_maxsz + \ 97 106 encode_sequence_maxsz + \ ··· 201 186 decode_putfh_maxsz + \ 202 187 decode_clone_maxsz + \ 203 188 decode_getattr_maxsz) 204 - 205 - /* Not limited by NFS itself, limited by the generic xattr code */ 206 - #define nfs4_xattr_name_maxsz XDR_QUADLEN(XATTR_NAME_MAX) 207 - 208 - #define encode_getxattr_maxsz (op_encode_hdr_maxsz + 1 + \ 209 - nfs4_xattr_name_maxsz) 210 - #define decode_getxattr_maxsz (op_decode_hdr_maxsz + 1 + pagepad_maxsz) 211 - #define encode_setxattr_maxsz (op_encode_hdr_maxsz + \ 212 - 1 + nfs4_xattr_name_maxsz + 1) 213 - #define decode_setxattr_maxsz (op_decode_hdr_maxsz + decode_change_info_maxsz) 214 - #define encode_listxattrs_maxsz (op_encode_hdr_maxsz + 2 + 1) 215 - #define decode_listxattrs_maxsz (op_decode_hdr_maxsz + 2 + 1 + 1 + 1) 216 - #define encode_removexattr_maxsz (op_encode_hdr_maxsz + 1 + \ 217 - nfs4_xattr_name_maxsz) 218 - #define decode_removexattr_maxsz (op_decode_hdr_maxsz + \ 219 - decode_change_info_maxsz) 220 - 221 - #define NFS4_enc_getxattr_sz (compound_encode_hdr_maxsz + \ 222 - encode_sequence_maxsz + \ 223 - encode_putfh_maxsz + \ 224 - encode_getxattr_maxsz) 225 - #define NFS4_dec_getxattr_sz (compound_decode_hdr_maxsz + \ 226 - decode_sequence_maxsz + \ 227 - decode_putfh_maxsz + \ 228 - decode_getxattr_maxsz) 229 - #define NFS4_enc_setxattr_sz (compound_encode_hdr_maxsz + \ 230 - encode_sequence_maxsz + \ 231 - encode_putfh_maxsz + \ 232 - encode_setxattr_maxsz) 233 - #define NFS4_dec_setxattr_sz (compound_decode_hdr_maxsz + \ 234 - decode_sequence_maxsz + \ 235 - decode_putfh_maxsz + \ 236 - decode_setxattr_maxsz) 237 - #define NFS4_enc_listxattrs_sz (compound_encode_hdr_maxsz + \ 238 - encode_sequence_maxsz + \ 239 - encode_putfh_maxsz + \ 240 - encode_listxattrs_maxsz) 241 - #define NFS4_dec_listxattrs_sz (compound_decode_hdr_maxsz + \ 242 - decode_sequence_maxsz + \ 243 - decode_putfh_maxsz + \ 244 - decode_listxattrs_maxsz) 245 - #define NFS4_enc_removexattr_sz (compound_encode_hdr_maxsz + \ 246 - encode_sequence_maxsz + \ 247 - encode_putfh_maxsz + \ 248 - encode_removexattr_maxsz) 249 - #define NFS4_dec_removexattr_sz (compound_decode_hdr_maxsz + \ 250 - decode_sequence_maxsz + \ 251 - decode_putfh_maxsz + \ 252 - decode_removexattr_maxsz) 189 + #define NFS4_enc_getxattr_sz (compound_encode_hdr_maxsz + \ 190 + encode_sequence_maxsz + \ 191 + encode_putfh_maxsz + \ 192 + encode_getxattr_maxsz) 193 + #define NFS4_dec_getxattr_sz (compound_decode_hdr_maxsz + \ 194 + decode_sequence_maxsz + \ 195 + decode_putfh_maxsz + \ 196 + decode_getxattr_maxsz) 197 + #define NFS4_enc_setxattr_sz (compound_encode_hdr_maxsz + \ 198 + encode_sequence_maxsz + \ 199 + encode_putfh_maxsz + \ 200 + encode_setxattr_maxsz + \ 201 + encode_getattr_maxsz) 202 + #define NFS4_dec_setxattr_sz (compound_decode_hdr_maxsz + \ 203 + decode_sequence_maxsz + \ 204 + decode_putfh_maxsz + \ 205 + decode_setxattr_maxsz + \ 206 + decode_getattr_maxsz) 207 + #define NFS4_enc_listxattrs_sz (compound_encode_hdr_maxsz + \ 208 + encode_sequence_maxsz + \ 209 + encode_putfh_maxsz + \ 210 + encode_listxattrs_maxsz) 211 + #define NFS4_dec_listxattrs_sz (compound_decode_hdr_maxsz + \ 212 + decode_sequence_maxsz + \ 213 + decode_putfh_maxsz + \ 214 + decode_listxattrs_maxsz) 215 + #define NFS4_enc_removexattr_sz (compound_encode_hdr_maxsz + \ 216 + encode_sequence_maxsz + \ 217 + encode_putfh_maxsz + \ 218 + encode_removexattr_maxsz) 219 + #define NFS4_dec_removexattr_sz (compound_decode_hdr_maxsz + \ 220 + decode_sequence_maxsz + \ 221 + decode_putfh_maxsz + \ 222 + decode_removexattr_maxsz) 253 223 254 224 /* 255 225 * These values specify the maximum amount of data that is not ··· 315 315 } 316 316 encode_uint32(xdr, 1); /* supporting 1 server */ 317 317 encode_nl4_server(xdr, args->cp_src); 318 + } 319 + 320 + static void encode_copy_commit(struct xdr_stream *xdr, 321 + const struct nfs42_copy_args *args, 322 + struct compound_hdr *hdr) 323 + { 324 + __be32 *p; 325 + 326 + encode_op_hdr(xdr, OP_COMMIT, decode_commit_maxsz, hdr); 327 + p = reserve_space(xdr, 12); 328 + p = xdr_encode_hyper(p, args->dst_pos); 329 + *p = cpu_to_be32(args->count); 318 330 } 319 331 320 332 static void encode_offload_cancel(struct xdr_stream *xdr, ··· 464 452 xdr_write_pages(xdr, arg->xattr_pages, 0, arg->xattr_len); 465 453 } 466 454 467 - static int decode_setxattr(struct xdr_stream *xdr, 468 - struct nfs4_change_info *cinfo) 469 - { 470 - int status; 471 - 472 - status = decode_op_hdr(xdr, OP_SETXATTR); 473 - if (status) 474 - goto out; 475 - status = decode_change_info(xdr, cinfo); 476 - out: 477 - return status; 478 - } 479 - 480 - 481 455 static void encode_getxattr(struct xdr_stream *xdr, const char *name, 482 456 struct compound_hdr *hdr) 483 457 { ··· 471 473 encode_string(xdr, strlen(name), name); 472 474 } 473 475 474 - static int decode_getxattr(struct xdr_stream *xdr, 475 - struct nfs42_getxattrres *res, 476 - struct rpc_rqst *req) 477 - { 478 - int status; 479 - __be32 *p; 480 - u32 len, rdlen; 481 - 482 - status = decode_op_hdr(xdr, OP_GETXATTR); 483 - if (status) 484 - return status; 485 - 486 - p = xdr_inline_decode(xdr, 4); 487 - if (unlikely(!p)) 488 - return -EIO; 489 - 490 - len = be32_to_cpup(p); 491 - 492 - /* 493 - * Only check against the page length here. The actual 494 - * requested length may be smaller, but that is only 495 - * checked against after possibly caching a valid reply. 496 - */ 497 - if (len > req->rq_rcv_buf.page_len) 498 - return -ERANGE; 499 - 500 - res->xattr_len = len; 501 - 502 - if (len > 0) { 503 - rdlen = xdr_read_pages(xdr, len); 504 - if (rdlen < len) 505 - return -EIO; 506 - } 507 - 508 - return 0; 509 - } 510 - 511 476 static void encode_removexattr(struct xdr_stream *xdr, const char *name, 512 477 struct compound_hdr *hdr) 513 478 { 514 479 encode_op_hdr(xdr, OP_REMOVEXATTR, decode_removexattr_maxsz, hdr); 515 480 encode_string(xdr, strlen(name), name); 516 - } 517 - 518 - 519 - static int decode_removexattr(struct xdr_stream *xdr, 520 - struct nfs4_change_info *cinfo) 521 - { 522 - int status; 523 - 524 - status = decode_op_hdr(xdr, OP_REMOVEXATTR); 525 - if (status) 526 - goto out; 527 - 528 - status = decode_change_info(xdr, cinfo); 529 - out: 530 - return status; 531 481 } 532 482 533 483 static void encode_listxattrs(struct xdr_stream *xdr, ··· 499 553 *p = cpu_to_be32(arg->count + 8 + 4); 500 554 } 501 555 502 - static int decode_listxattrs(struct xdr_stream *xdr, 503 - struct nfs42_listxattrsres *res) 504 - { 505 - int status; 506 - __be32 *p; 507 - u32 count, len, ulen; 508 - size_t left, copied; 509 - char *buf; 510 - 511 - status = decode_op_hdr(xdr, OP_LISTXATTRS); 512 - if (status) { 513 - /* 514 - * Special case: for LISTXATTRS, NFS4ERR_TOOSMALL 515 - * should be translated to ERANGE. 516 - */ 517 - if (status == -ETOOSMALL) 518 - status = -ERANGE; 519 - /* 520 - * Special case: for LISTXATTRS, NFS4ERR_NOXATTR 521 - * should be translated to success with zero-length reply. 522 - */ 523 - if (status == -ENODATA) { 524 - res->eof = true; 525 - status = 0; 526 - } 527 - goto out; 528 - } 529 - 530 - p = xdr_inline_decode(xdr, 8); 531 - if (unlikely(!p)) 532 - return -EIO; 533 - 534 - xdr_decode_hyper(p, &res->cookie); 535 - 536 - p = xdr_inline_decode(xdr, 4); 537 - if (unlikely(!p)) 538 - return -EIO; 539 - 540 - left = res->xattr_len; 541 - buf = res->xattr_buf; 542 - 543 - count = be32_to_cpup(p); 544 - copied = 0; 545 - 546 - /* 547 - * We have asked for enough room to encode the maximum number 548 - * of possible attribute names, so everything should fit. 549 - * 550 - * But, don't rely on that assumption. Just decode entries 551 - * until they don't fit anymore, just in case the server did 552 - * something odd. 553 - */ 554 - while (count--) { 555 - p = xdr_inline_decode(xdr, 4); 556 - if (unlikely(!p)) 557 - return -EIO; 558 - 559 - len = be32_to_cpup(p); 560 - if (len > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) { 561 - status = -ERANGE; 562 - goto out; 563 - } 564 - 565 - p = xdr_inline_decode(xdr, len); 566 - if (unlikely(!p)) 567 - return -EIO; 568 - 569 - ulen = len + XATTR_USER_PREFIX_LEN + 1; 570 - if (buf) { 571 - if (ulen > left) { 572 - status = -ERANGE; 573 - goto out; 574 - } 575 - 576 - memcpy(buf, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN); 577 - memcpy(buf + XATTR_USER_PREFIX_LEN, p, len); 578 - 579 - buf[ulen - 1] = 0; 580 - buf += ulen; 581 - left -= ulen; 582 - } 583 - copied += ulen; 584 - } 585 - 586 - p = xdr_inline_decode(xdr, 4); 587 - if (unlikely(!p)) 588 - return -EIO; 589 - 590 - res->eof = be32_to_cpup(p); 591 - res->copied = copied; 592 - 593 - out: 594 - if (status == -ERANGE && res->xattr_len == XATTR_LIST_MAX) 595 - status = -E2BIG; 596 - 597 - return status; 598 - } 599 - 600 556 /* 601 557 * Encode ALLOCATE request 602 558 */ ··· 517 669 encode_allocate(xdr, args, &hdr); 518 670 encode_getfattr(xdr, args->falloc_bitmask, &hdr); 519 671 encode_nops(&hdr); 520 - } 521 - 522 - static void encode_copy_commit(struct xdr_stream *xdr, 523 - const struct nfs42_copy_args *args, 524 - struct compound_hdr *hdr) 525 - { 526 - __be32 *p; 527 - 528 - encode_op_hdr(xdr, OP_COMMIT, decode_commit_maxsz, hdr); 529 - p = reserve_space(xdr, 12); 530 - p = xdr_encode_hyper(p, args->dst_pos); 531 - *p = cpu_to_be32(args->count); 532 672 } 533 673 534 674 /* ··· 704 868 encode_putfh(xdr, NFS_FH(args->inode), &hdr); 705 869 for (i = 0; i < args->num_errors; i++) 706 870 encode_layouterror(xdr, &args->errors[i], &hdr); 871 + encode_nops(&hdr); 872 + } 873 + 874 + /* 875 + * Encode SETXATTR request 876 + */ 877 + static void nfs4_xdr_enc_setxattr(struct rpc_rqst *req, struct xdr_stream *xdr, 878 + const void *data) 879 + { 880 + const struct nfs42_setxattrargs *args = data; 881 + struct compound_hdr hdr = { 882 + .minorversion = nfs4_xdr_minorversion(&args->seq_args), 883 + }; 884 + 885 + encode_compound_hdr(xdr, req, &hdr); 886 + encode_sequence(xdr, &args->seq_args, &hdr); 887 + encode_putfh(xdr, args->fh, &hdr); 888 + encode_setxattr(xdr, args, &hdr); 889 + encode_getfattr(xdr, args->bitmask, &hdr); 890 + encode_nops(&hdr); 891 + } 892 + 893 + /* 894 + * Encode GETXATTR request 895 + */ 896 + static void nfs4_xdr_enc_getxattr(struct rpc_rqst *req, struct xdr_stream *xdr, 897 + const void *data) 898 + { 899 + const struct nfs42_getxattrargs *args = data; 900 + struct compound_hdr hdr = { 901 + .minorversion = nfs4_xdr_minorversion(&args->seq_args), 902 + }; 903 + uint32_t replen; 904 + 905 + encode_compound_hdr(xdr, req, &hdr); 906 + encode_sequence(xdr, &args->seq_args, &hdr); 907 + encode_putfh(xdr, args->fh, &hdr); 908 + replen = hdr.replen + op_decode_hdr_maxsz + 1; 909 + encode_getxattr(xdr, args->xattr_name, &hdr); 910 + 911 + rpc_prepare_reply_pages(req, args->xattr_pages, 0, args->xattr_len, 912 + replen); 913 + 914 + encode_nops(&hdr); 915 + } 916 + 917 + /* 918 + * Encode LISTXATTR request 919 + */ 920 + static void nfs4_xdr_enc_listxattrs(struct rpc_rqst *req, 921 + struct xdr_stream *xdr, const void *data) 922 + { 923 + const struct nfs42_listxattrsargs *args = data; 924 + struct compound_hdr hdr = { 925 + .minorversion = nfs4_xdr_minorversion(&args->seq_args), 926 + }; 927 + uint32_t replen; 928 + 929 + encode_compound_hdr(xdr, req, &hdr); 930 + encode_sequence(xdr, &args->seq_args, &hdr); 931 + encode_putfh(xdr, args->fh, &hdr); 932 + replen = hdr.replen + op_decode_hdr_maxsz + 2 + 1; 933 + encode_listxattrs(xdr, args, &hdr); 934 + 935 + rpc_prepare_reply_pages(req, args->xattr_pages, 0, args->count, replen); 936 + 937 + encode_nops(&hdr); 938 + } 939 + 940 + /* 941 + * Encode REMOVEXATTR request 942 + */ 943 + static void nfs4_xdr_enc_removexattr(struct rpc_rqst *req, 944 + struct xdr_stream *xdr, const void *data) 945 + { 946 + const struct nfs42_removexattrargs *args = data; 947 + struct compound_hdr hdr = { 948 + .minorversion = nfs4_xdr_minorversion(&args->seq_args), 949 + }; 950 + 951 + encode_compound_hdr(xdr, req, &hdr); 952 + encode_sequence(xdr, &args->seq_args, &hdr); 953 + encode_putfh(xdr, args->fh, &hdr); 954 + encode_removexattr(xdr, args->xattr_name, &hdr); 707 955 encode_nops(&hdr); 708 956 } 709 957 ··· 1112 1192 return decode_op_hdr(xdr, OP_LAYOUTERROR); 1113 1193 } 1114 1194 1195 + static int decode_setxattr(struct xdr_stream *xdr, 1196 + struct nfs4_change_info *cinfo) 1197 + { 1198 + int status; 1199 + 1200 + status = decode_op_hdr(xdr, OP_SETXATTR); 1201 + if (status) 1202 + goto out; 1203 + status = decode_change_info(xdr, cinfo); 1204 + out: 1205 + return status; 1206 + } 1207 + 1208 + static int decode_getxattr(struct xdr_stream *xdr, 1209 + struct nfs42_getxattrres *res, 1210 + struct rpc_rqst *req) 1211 + { 1212 + int status; 1213 + __be32 *p; 1214 + u32 len, rdlen; 1215 + 1216 + status = decode_op_hdr(xdr, OP_GETXATTR); 1217 + if (status) 1218 + return status; 1219 + 1220 + p = xdr_inline_decode(xdr, 4); 1221 + if (unlikely(!p)) 1222 + return -EIO; 1223 + 1224 + len = be32_to_cpup(p); 1225 + 1226 + /* 1227 + * Only check against the page length here. The actual 1228 + * requested length may be smaller, but that is only 1229 + * checked against after possibly caching a valid reply. 1230 + */ 1231 + if (len > req->rq_rcv_buf.page_len) 1232 + return -ERANGE; 1233 + 1234 + res->xattr_len = len; 1235 + 1236 + if (len > 0) { 1237 + rdlen = xdr_read_pages(xdr, len); 1238 + if (rdlen < len) 1239 + return -EIO; 1240 + } 1241 + 1242 + return 0; 1243 + } 1244 + 1245 + static int decode_removexattr(struct xdr_stream *xdr, 1246 + struct nfs4_change_info *cinfo) 1247 + { 1248 + int status; 1249 + 1250 + status = decode_op_hdr(xdr, OP_REMOVEXATTR); 1251 + if (status) 1252 + goto out; 1253 + 1254 + status = decode_change_info(xdr, cinfo); 1255 + out: 1256 + return status; 1257 + } 1258 + 1259 + static int decode_listxattrs(struct xdr_stream *xdr, 1260 + struct nfs42_listxattrsres *res) 1261 + { 1262 + int status; 1263 + __be32 *p; 1264 + u32 count, len, ulen; 1265 + size_t left, copied; 1266 + char *buf; 1267 + 1268 + status = decode_op_hdr(xdr, OP_LISTXATTRS); 1269 + if (status) { 1270 + /* 1271 + * Special case: for LISTXATTRS, NFS4ERR_TOOSMALL 1272 + * should be translated to ERANGE. 1273 + */ 1274 + if (status == -ETOOSMALL) 1275 + status = -ERANGE; 1276 + /* 1277 + * Special case: for LISTXATTRS, NFS4ERR_NOXATTR 1278 + * should be translated to success with zero-length reply. 1279 + */ 1280 + if (status == -ENODATA) { 1281 + res->eof = true; 1282 + status = 0; 1283 + } 1284 + goto out; 1285 + } 1286 + 1287 + p = xdr_inline_decode(xdr, 8); 1288 + if (unlikely(!p)) 1289 + return -EIO; 1290 + 1291 + xdr_decode_hyper(p, &res->cookie); 1292 + 1293 + p = xdr_inline_decode(xdr, 4); 1294 + if (unlikely(!p)) 1295 + return -EIO; 1296 + 1297 + left = res->xattr_len; 1298 + buf = res->xattr_buf; 1299 + 1300 + count = be32_to_cpup(p); 1301 + copied = 0; 1302 + 1303 + /* 1304 + * We have asked for enough room to encode the maximum number 1305 + * of possible attribute names, so everything should fit. 1306 + * 1307 + * But, don't rely on that assumption. Just decode entries 1308 + * until they don't fit anymore, just in case the server did 1309 + * something odd. 1310 + */ 1311 + while (count--) { 1312 + p = xdr_inline_decode(xdr, 4); 1313 + if (unlikely(!p)) 1314 + return -EIO; 1315 + 1316 + len = be32_to_cpup(p); 1317 + if (len > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) { 1318 + status = -ERANGE; 1319 + goto out; 1320 + } 1321 + 1322 + p = xdr_inline_decode(xdr, len); 1323 + if (unlikely(!p)) 1324 + return -EIO; 1325 + 1326 + ulen = len + XATTR_USER_PREFIX_LEN + 1; 1327 + if (buf) { 1328 + if (ulen > left) { 1329 + status = -ERANGE; 1330 + goto out; 1331 + } 1332 + 1333 + memcpy(buf, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN); 1334 + memcpy(buf + XATTR_USER_PREFIX_LEN, p, len); 1335 + 1336 + buf[ulen - 1] = 0; 1337 + buf += ulen; 1338 + left -= ulen; 1339 + } 1340 + copied += ulen; 1341 + } 1342 + 1343 + p = xdr_inline_decode(xdr, 4); 1344 + if (unlikely(!p)) 1345 + return -EIO; 1346 + 1347 + res->eof = be32_to_cpup(p); 1348 + res->copied = copied; 1349 + 1350 + out: 1351 + if (status == -ERANGE && res->xattr_len == XATTR_LIST_MAX) 1352 + status = -E2BIG; 1353 + 1354 + return status; 1355 + } 1356 + 1115 1357 /* 1116 1358 * Decode ALLOCATE request 1117 1359 */ ··· 1563 1481 return status; 1564 1482 } 1565 1483 1566 - #ifdef CONFIG_NFS_V4_2 1567 - static void nfs4_xdr_enc_setxattr(struct rpc_rqst *req, struct xdr_stream *xdr, 1568 - const void *data) 1569 - { 1570 - const struct nfs42_setxattrargs *args = data; 1571 - struct compound_hdr hdr = { 1572 - .minorversion = nfs4_xdr_minorversion(&args->seq_args), 1573 - }; 1574 - 1575 - encode_compound_hdr(xdr, req, &hdr); 1576 - encode_sequence(xdr, &args->seq_args, &hdr); 1577 - encode_putfh(xdr, args->fh, &hdr); 1578 - encode_setxattr(xdr, args, &hdr); 1579 - encode_nops(&hdr); 1580 - } 1581 - 1484 + /* 1485 + * Decode SETXATTR request 1486 + */ 1582 1487 static int nfs4_xdr_dec_setxattr(struct rpc_rqst *req, struct xdr_stream *xdr, 1583 1488 void *data) 1584 1489 { ··· 1582 1513 status = decode_putfh(xdr); 1583 1514 if (status) 1584 1515 goto out; 1585 - 1586 1516 status = decode_setxattr(xdr, &res->cinfo); 1517 + if (status) 1518 + goto out; 1519 + status = decode_getfattr(xdr, res->fattr, res->server); 1587 1520 out: 1588 1521 return status; 1589 1522 } 1590 1523 1591 - static void nfs4_xdr_enc_getxattr(struct rpc_rqst *req, struct xdr_stream *xdr, 1592 - const void *data) 1593 - { 1594 - const struct nfs42_getxattrargs *args = data; 1595 - struct compound_hdr hdr = { 1596 - .minorversion = nfs4_xdr_minorversion(&args->seq_args), 1597 - }; 1598 - uint32_t replen; 1599 - 1600 - encode_compound_hdr(xdr, req, &hdr); 1601 - encode_sequence(xdr, &args->seq_args, &hdr); 1602 - encode_putfh(xdr, args->fh, &hdr); 1603 - replen = hdr.replen + op_decode_hdr_maxsz + 1; 1604 - encode_getxattr(xdr, args->xattr_name, &hdr); 1605 - 1606 - rpc_prepare_reply_pages(req, args->xattr_pages, 0, args->xattr_len, 1607 - replen); 1608 - 1609 - encode_nops(&hdr); 1610 - } 1611 - 1524 + /* 1525 + * Decode GETXATTR request 1526 + */ 1612 1527 static int nfs4_xdr_dec_getxattr(struct rpc_rqst *rqstp, 1613 1528 struct xdr_stream *xdr, void *data) 1614 1529 { ··· 1614 1561 return status; 1615 1562 } 1616 1563 1617 - static void nfs4_xdr_enc_listxattrs(struct rpc_rqst *req, 1618 - struct xdr_stream *xdr, const void *data) 1619 - { 1620 - const struct nfs42_listxattrsargs *args = data; 1621 - struct compound_hdr hdr = { 1622 - .minorversion = nfs4_xdr_minorversion(&args->seq_args), 1623 - }; 1624 - uint32_t replen; 1625 - 1626 - encode_compound_hdr(xdr, req, &hdr); 1627 - encode_sequence(xdr, &args->seq_args, &hdr); 1628 - encode_putfh(xdr, args->fh, &hdr); 1629 - replen = hdr.replen + op_decode_hdr_maxsz + 2 + 1; 1630 - encode_listxattrs(xdr, args, &hdr); 1631 - 1632 - rpc_prepare_reply_pages(req, args->xattr_pages, 0, args->count, replen); 1633 - 1634 - encode_nops(&hdr); 1635 - } 1636 - 1564 + /* 1565 + * Decode LISTXATTR request 1566 + */ 1637 1567 static int nfs4_xdr_dec_listxattrs(struct rpc_rqst *rqstp, 1638 1568 struct xdr_stream *xdr, void *data) 1639 1569 { ··· 1640 1604 return status; 1641 1605 } 1642 1606 1643 - static void nfs4_xdr_enc_removexattr(struct rpc_rqst *req, 1644 - struct xdr_stream *xdr, const void *data) 1645 - { 1646 - const struct nfs42_removexattrargs *args = data; 1647 - struct compound_hdr hdr = { 1648 - .minorversion = nfs4_xdr_minorversion(&args->seq_args), 1649 - }; 1650 - 1651 - encode_compound_hdr(xdr, req, &hdr); 1652 - encode_sequence(xdr, &args->seq_args, &hdr); 1653 - encode_putfh(xdr, args->fh, &hdr); 1654 - encode_removexattr(xdr, args->xattr_name, &hdr); 1655 - encode_nops(&hdr); 1656 - } 1657 - 1607 + /* 1608 + * Decode REMOVEXATTR request 1609 + */ 1658 1610 static int nfs4_xdr_dec_removexattr(struct rpc_rqst *req, 1659 1611 struct xdr_stream *xdr, void *data) 1660 1612 { ··· 1664 1640 out: 1665 1641 return status; 1666 1642 } 1667 - #endif 1668 1643 #endif /* __LINUX_FS_NFS_NFS4_2XDR_H */

+33 -11

fs/nfs/nfs4client.c

··· 18 18 #include "nfs4idmap.h" 19 19 #include "pnfs.h" 20 20 #include "netns.h" 21 + #include "sysfs.h" 21 22 22 23 #define NFSDBG_FACILITY NFSDBG_CLIENT 23 24 ··· 897 896 int proto, const struct rpc_timeout *timeparms, 898 897 u32 minorversion, unsigned int nconnect, 899 898 unsigned int max_connect, 900 - struct net *net) 899 + struct net *net, 900 + struct xprtsec_parms *xprtsec) 901 901 { 902 902 struct nfs_client_initdata cl_init = { 903 903 .hostname = hostname, ··· 911 909 .net = net, 912 910 .timeparms = timeparms, 913 911 .cred = server->cred, 912 + .xprtsec = *xprtsec, 914 913 }; 915 914 struct nfs_client *clp; 916 915 ··· 919 916 __set_bit(NFS_CS_REUSEPORT, &cl_init.init_flags); 920 917 else 921 918 cl_init.max_connect = max_connect; 922 - if (proto == XPRT_TRANSPORT_TCP) 919 + switch (proto) { 920 + case XPRT_TRANSPORT_TCP: 921 + case XPRT_TRANSPORT_TCP_TLS: 923 922 cl_init.nconnect = nconnect; 923 + } 924 924 925 925 if (server->flags & NFS_MOUNT_NORESVPORT) 926 926 __set_bit(NFS_CS_NORESVPORT, &cl_init.init_flags); ··· 953 947 set_bit(NFS_CS_CHECK_LEASE_TIME, &clp->cl_res_state); 954 948 955 949 server->nfs_client = clp; 950 + nfs_sysfs_add_server(server); 951 + nfs_sysfs_link_rpc_client(server, clp->cl_rpcclient, "_state"); 952 + 956 953 return 0; 957 954 } 958 955 ··· 987 978 .net = mds_clp->cl_net, 988 979 .timeparms = &ds_timeout, 989 980 .cred = mds_srv->cred, 981 + .xprtsec = mds_srv->nfs_client->cl_xprtsec, 990 982 }; 991 983 char buf[INET6_ADDRSTRLEN + 1]; 992 984 ··· 995 985 return ERR_PTR(-EINVAL); 996 986 cl_init.hostname = buf; 997 987 998 - if (mds_clp->cl_nconnect > 1 && ds_proto == XPRT_TRANSPORT_TCP) { 999 - cl_init.nconnect = mds_clp->cl_nconnect; 1000 - cl_init.max_connect = NFS_MAX_TRANSPORTS; 988 + switch (ds_proto) { 989 + case XPRT_TRANSPORT_TCP: 990 + case XPRT_TRANSPORT_TCP_TLS: 991 + if (mds_clp->cl_nconnect > 1) { 992 + cl_init.nconnect = mds_clp->cl_nconnect; 993 + cl_init.max_connect = NFS_MAX_TRANSPORTS; 994 + } 1001 995 } 1002 996 1003 997 if (mds_srv->flags & NFS_MOUNT_NORESVPORT) ··· 1171 1157 ctx->minorversion, 1172 1158 ctx->nfs_server.nconnect, 1173 1159 ctx->nfs_server.max_connect, 1174 - fc->net_ns); 1160 + fc->net_ns, 1161 + &ctx->xprtsec); 1175 1162 if (error < 0) 1176 1163 return error; 1177 1164 ··· 1234 1219 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1235 1220 struct nfs_client *parent_client; 1236 1221 struct nfs_server *server, *parent_server; 1222 + int proto, error; 1237 1223 bool auth_probe; 1238 - int error; 1239 1224 1240 1225 server = nfs_alloc_server(); 1241 1226 if (!server) ··· 1262 1247 parent_client->cl_mvops->minor_version, 1263 1248 parent_client->cl_nconnect, 1264 1249 parent_client->cl_max_connect, 1265 - parent_client->cl_net); 1250 + parent_client->cl_net, 1251 + &parent_client->cl_xprtsec); 1266 1252 if (!error) 1267 1253 goto init_server; 1268 1254 #endif /* IS_ENABLED(CONFIG_SUNRPC_XPRT_RDMA) */ 1269 1255 1256 + proto = XPRT_TRANSPORT_TCP; 1257 + if (parent_client->cl_xprtsec.policy != RPC_XPRTSEC_NONE) 1258 + proto = XPRT_TRANSPORT_TCP_TLS; 1270 1259 rpc_set_port(&ctx->nfs_server.address, NFS_PORT); 1271 1260 error = nfs4_set_client(server, 1272 1261 ctx->nfs_server.hostname, 1273 1262 &ctx->nfs_server._address, 1274 1263 ctx->nfs_server.addrlen, 1275 1264 parent_client->cl_ipaddr, 1276 - XPRT_TRANSPORT_TCP, 1265 + proto, 1277 1266 parent_server->client->cl_timeout, 1278 1267 parent_client->cl_mvops->minor_version, 1279 1268 parent_client->cl_nconnect, 1280 1269 parent_client->cl_max_connect, 1281 - parent_client->cl_net); 1270 + parent_client->cl_net, 1271 + &parent_client->cl_xprtsec); 1282 1272 if (error < 0) 1283 1273 goto error; 1284 1274 ··· 1334 1314 .dstaddr = (struct sockaddr *)sap, 1335 1315 .addrlen = salen, 1336 1316 .servername = hostname, 1317 + /* cel: bleh. We might need to pass TLS parameters here */ 1337 1318 }; 1338 1319 char buf[INET6_ADDRSTRLEN + 1]; 1339 1320 struct sockaddr_storage address; ··· 1357 1336 error = nfs4_set_client(server, hostname, sap, salen, buf, 1358 1337 clp->cl_proto, clnt->cl_timeout, 1359 1338 clp->cl_minorversion, 1360 - clp->cl_nconnect, clp->cl_max_connect, net); 1339 + clp->cl_nconnect, clp->cl_max_connect, 1340 + net, &clp->cl_xprtsec); 1361 1341 clear_bit(NFS_MIG_TSM_POSSIBLE, &server->mig_status); 1362 1342 if (error != 0) { 1363 1343 nfs_server_insert_lists(server);

+4 -5

fs/nfs/nfs4proc.c

··· 921 921 out_noaction: 922 922 return ret; 923 923 session_recover: 924 + set_bit(NFS4_SLOT_TBL_DRAINING, &session->fc_slot_table.slot_tbl_state); 924 925 nfs4_schedule_session_recovery(session, status); 925 926 dprintk("%s ERROR: %d Reset session\n", __func__, status); 926 927 nfs41_sequence_free_slot(res); ··· 7160 7159 { 7161 7160 struct nfs4_lockdata *data = calldata; 7162 7161 struct nfs4_lock_state *lsp = data->lsp; 7163 - struct nfs_server *server = NFS_SERVER(d_inode(data->ctx->dentry)); 7164 7162 7165 7163 if (!nfs4_sequence_done(task, &data->res.seq_res)) 7166 7164 return; ··· 7167 7167 data->rpc_status = task->tk_status; 7168 7168 switch (task->tk_status) { 7169 7169 case 0: 7170 - renew_lease(server, data->timestamp); 7170 + renew_lease(NFS_SERVER(d_inode(data->ctx->dentry)), 7171 + data->timestamp); 7171 7172 if (data->arg.new_lock && !data->cancelled) { 7172 7173 data->fl.fl_flags &= ~(FL_SLEEP | FL_ACCESS); 7173 7174 if (locks_lock_inode_wait(lsp->ls_state->inode, &data->fl) < 0) ··· 7188 7187 if (data->arg.new_lock_owner != 0) { 7189 7188 if (!nfs4_stateid_match(&data->arg.open_stateid, 7190 7189 &lsp->ls_state->open_stateid)) 7191 - goto out_restart; 7192 - else if (nfs4_async_handle_error(task, server, lsp->ls_state, NULL) == -EAGAIN) 7193 7190 goto out_restart; 7194 7191 } else if (!nfs4_stateid_match(&data->arg.lock_stateid, 7195 7192 &lsp->ls_stateid)) ··· 9370 9371 return; 9371 9372 9372 9373 trace_nfs4_sequence(clp, task->tk_status); 9373 - if (task->tk_status < 0) { 9374 + if (task->tk_status < 0 && !task->tk_client->cl_shutdown) { 9374 9375 dprintk("%s ERROR %d\n", __func__, task->tk_status); 9375 9376 if (refcount_read(&clp->cl_count) == 1) 9376 9377 return;

+3

fs/nfs/nfs4state.c

··· 1210 1210 struct task_struct *task; 1211 1211 char buf[INET6_ADDRSTRLEN + sizeof("-manager") + 1]; 1212 1212 1213 + if (clp->cl_rpcclient->cl_shutdown) 1214 + return; 1215 + 1213 1216 set_bit(NFS4CLNT_RUN_MANAGER, &clp->cl_state); 1214 1217 if (test_and_set_bit(NFS4CLNT_MANAGER_AVAILABLE, &clp->cl_state) != 0) { 1215 1218 wake_up_var(&clp->cl_state);

+17 -1

fs/nfs/super.c

··· 59 59 #include <linux/uaccess.h> 60 60 #include <linux/nfs_ssc.h> 61 61 62 + #include <uapi/linux/tls.h> 63 + 62 64 #include "nfs4_fs.h" 63 65 #include "callback.h" 64 66 #include "delegation.h" ··· 70 68 #include "nfs4session.h" 71 69 #include "pnfs.h" 72 70 #include "nfs.h" 71 + #include "netns.h" 72 + #include "sysfs.h" 73 73 74 74 #define NFSDBG_FACILITY NFSDBG_VFS 75 75 ··· 495 491 seq_printf(m, ",timeo=%lu", 10U * nfss->client->cl_timeout->to_initval / HZ); 496 492 seq_printf(m, ",retrans=%u", nfss->client->cl_timeout->to_retries); 497 493 seq_printf(m, ",sec=%s", nfs_pseudoflavour_to_name(nfss->client->cl_auth->au_flavor)); 494 + switch (clp->cl_xprtsec.policy) { 495 + case RPC_XPRTSEC_TLS_ANON: 496 + seq_puts(m, ",xprtsec=tls"); 497 + break; 498 + case RPC_XPRTSEC_TLS_X509: 499 + seq_puts(m, ",xprtsec=mtls"); 500 + break; 501 + default: 502 + break; 503 + } 498 504 499 505 if (version != 4) 500 506 nfs_show_mountd_options(m, nfss, showdefaults); ··· 1091 1077 &sb->s_blocksize_bits); 1092 1078 1093 1079 nfs_super_set_maxbytes(sb, server->maxfilesize); 1080 + nfs_sysfs_move_server_to_sb(sb); 1094 1081 server->has_sec_mnt_opts = ctx->has_sec_mnt_opts; 1095 1082 } 1096 1083 ··· 1334 1319 } 1335 1320 1336 1321 /* 1337 - * Destroy an NFS2/3 superblock 1322 + * Destroy an NFS superblock 1338 1323 */ 1339 1324 void nfs_kill_super(struct super_block *s) 1340 1325 { 1341 1326 struct nfs_server *server = NFS_SB(s); 1342 1327 dev_t dev = s->s_dev; 1343 1328 1329 + nfs_sysfs_move_sb_to_server(server); 1344 1330 generic_shutdown_super(s); 1345 1331 1346 1332 nfs_fscache_release_super_cookie(s);

+202 -35

fs/nfs/sysfs.c

··· 12 12 #include <linux/string.h> 13 13 #include <linux/nfs_fs.h> 14 14 #include <linux/rcupdate.h> 15 + #include <linux/lockd/lockd.h> 15 16 16 17 #include "nfs4_fs.h" 17 18 #include "netns.h" 18 19 #include "sysfs.h" 19 20 20 - struct kobject *nfs_client_kobj; 21 - static struct kset *nfs_client_kset; 21 + static struct kset *nfs_kset; 22 22 23 - static void nfs_netns_object_release(struct kobject *kobj) 23 + static void nfs_kset_release(struct kobject *kobj) 24 24 { 25 - kfree(kobj); 25 + struct kset *kset = container_of(kobj, struct kset, kobj); 26 + kfree(kset); 26 27 } 27 28 28 29 static const struct kobj_ns_type_operations *nfs_netns_object_child_ns_type( ··· 32 31 return &net_ns_type_operations; 33 32 } 34 33 35 - static struct kobj_type nfs_netns_object_type = { 36 - .release = nfs_netns_object_release, 34 + static struct kobj_type nfs_kset_type = { 35 + .release = nfs_kset_release, 37 36 .sysfs_ops = &kobj_sysfs_ops, 38 37 .child_ns_type = nfs_netns_object_child_ns_type, 39 38 }; 40 39 41 - static struct kobject *nfs_netns_object_alloc(const char *name, 42 - struct kset *kset, struct kobject *parent) 43 - { 44 - struct kobject *kobj; 45 - 46 - kobj = kzalloc(sizeof(*kobj), GFP_KERNEL); 47 - if (kobj) { 48 - kobj->kset = kset; 49 - if (kobject_init_and_add(kobj, &nfs_netns_object_type, 50 - parent, "%s", name) == 0) 51 - return kobj; 52 - kobject_put(kobj); 53 - } 54 - return NULL; 55 - } 56 - 57 40 int nfs_sysfs_init(void) 58 41 { 59 - nfs_client_kset = kset_create_and_add("nfs", NULL, fs_kobj); 60 - if (!nfs_client_kset) 42 + int ret; 43 + 44 + nfs_kset = kzalloc(sizeof(*nfs_kset), GFP_KERNEL); 45 + if (!nfs_kset) 61 46 return -ENOMEM; 62 - nfs_client_kobj = nfs_netns_object_alloc("net", nfs_client_kset, NULL); 63 - if (!nfs_client_kobj) { 64 - kset_unregister(nfs_client_kset); 65 - nfs_client_kset = NULL; 66 - return -ENOMEM; 47 + 48 + ret = kobject_set_name(&nfs_kset->kobj, "nfs"); 49 + if (ret) { 50 + kfree(nfs_kset); 51 + return ret; 67 52 } 53 + 54 + nfs_kset->kobj.parent = fs_kobj; 55 + nfs_kset->kobj.ktype = &nfs_kset_type; 56 + nfs_kset->kobj.kset = NULL; 57 + 58 + ret = kset_register(nfs_kset); 59 + if (ret) { 60 + kfree(nfs_kset); 61 + return ret; 62 + } 63 + 68 64 return 0; 69 65 } 70 66 71 67 void nfs_sysfs_exit(void) 72 68 { 73 - kobject_put(nfs_client_kobj); 74 - kset_unregister(nfs_client_kset); 69 + kset_unregister(nfs_kset); 75 70 } 76 71 77 72 static ssize_t nfs_netns_identifier_show(struct kobject *kobj, ··· 124 127 kobject); 125 128 126 129 kfree(rcu_dereference_raw(c->identifier)); 127 - kfree(c); 128 130 } 129 131 130 132 static const void *nfs_netns_client_namespace(const struct kobject *kobj) ··· 147 151 .namespace = nfs_netns_client_namespace, 148 152 }; 149 153 154 + static void nfs_netns_object_release(struct kobject *kobj) 155 + { 156 + struct nfs_netns_client *c = container_of(kobj, 157 + struct nfs_netns_client, 158 + nfs_net_kobj); 159 + kfree(c); 160 + } 161 + 162 + static const void *nfs_netns_namespace(const struct kobject *kobj) 163 + { 164 + return container_of(kobj, struct nfs_netns_client, nfs_net_kobj)->net; 165 + } 166 + 167 + static struct kobj_type nfs_netns_object_type = { 168 + .release = nfs_netns_object_release, 169 + .sysfs_ops = &kobj_sysfs_ops, 170 + .namespace = nfs_netns_namespace, 171 + }; 172 + 150 173 static struct nfs_netns_client *nfs_netns_client_alloc(struct kobject *parent, 151 174 struct net *net) 152 175 { ··· 174 159 p = kzalloc(sizeof(*p), GFP_KERNEL); 175 160 if (p) { 176 161 p->net = net; 177 - p->kobject.kset = nfs_client_kset; 162 + p->kobject.kset = nfs_kset; 163 + p->nfs_net_kobj.kset = nfs_kset; 164 + 165 + if (kobject_init_and_add(&p->nfs_net_kobj, &nfs_netns_object_type, 166 + parent, "net") != 0) { 167 + kobject_put(&p->nfs_net_kobj); 168 + return NULL; 169 + } 170 + 178 171 if (kobject_init_and_add(&p->kobject, &nfs_netns_client_type, 179 - parent, "nfs_client") == 0) 172 + &p->nfs_net_kobj, "nfs_client") == 0) 180 173 return p; 174 + 181 175 kobject_put(&p->kobject); 182 176 } 183 177 return NULL; ··· 196 172 { 197 173 struct nfs_netns_client *clp; 198 174 199 - clp = nfs_netns_client_alloc(nfs_client_kobj, net); 175 + clp = nfs_netns_client_alloc(&nfs_kset->kobj, net); 200 176 if (clp) { 201 177 netns->nfs_client = clp; 202 178 kobject_uevent(&clp->kobject, KOBJ_ADD); ··· 211 187 kobject_uevent(&clp->kobject, KOBJ_REMOVE); 212 188 kobject_del(&clp->kobject); 213 189 kobject_put(&clp->kobject); 190 + kobject_del(&clp->nfs_net_kobj); 191 + kobject_put(&clp->nfs_net_kobj); 214 192 netns->nfs_client = NULL; 215 193 } 194 + } 195 + 196 + static bool shutdown_match_client(const struct rpc_task *task, const void *data) 197 + { 198 + return true; 199 + } 200 + 201 + static void shutdown_client(struct rpc_clnt *clnt) 202 + { 203 + clnt->cl_shutdown = 1; 204 + rpc_cancel_tasks(clnt, -EIO, shutdown_match_client, NULL); 205 + } 206 + 207 + static ssize_t 208 + shutdown_show(struct kobject *kobj, struct kobj_attribute *attr, 209 + char *buf) 210 + { 211 + struct nfs_server *server = container_of(kobj, struct nfs_server, kobj); 212 + bool shutdown = server->flags & NFS_MOUNT_SHUTDOWN; 213 + return sysfs_emit(buf, "%d\n", shutdown); 214 + } 215 + 216 + static ssize_t 217 + shutdown_store(struct kobject *kobj, struct kobj_attribute *attr, 218 + const char *buf, size_t count) 219 + { 220 + struct nfs_server *server; 221 + int ret, val; 222 + 223 + server = container_of(kobj, struct nfs_server, kobj); 224 + 225 + ret = kstrtoint(buf, 0, &val); 226 + if (ret) 227 + return ret; 228 + 229 + if (val != 1) 230 + return -EINVAL; 231 + 232 + /* already shut down? */ 233 + if (server->flags & NFS_MOUNT_SHUTDOWN) 234 + goto out; 235 + 236 + server->flags |= NFS_MOUNT_SHUTDOWN; 237 + shutdown_client(server->client); 238 + shutdown_client(server->nfs_client->cl_rpcclient); 239 + 240 + if (!IS_ERR(server->client_acl)) 241 + shutdown_client(server->client_acl); 242 + 243 + if (server->nlm_host) 244 + shutdown_client(server->nlm_host->h_rpcclnt); 245 + out: 246 + return count; 247 + } 248 + 249 + static struct kobj_attribute nfs_sysfs_attr_shutdown = __ATTR_RW(shutdown); 250 + 251 + #define RPC_CLIENT_NAME_SIZE 64 252 + 253 + void nfs_sysfs_link_rpc_client(struct nfs_server *server, 254 + struct rpc_clnt *clnt, const char *uniq) 255 + { 256 + char name[RPC_CLIENT_NAME_SIZE]; 257 + int ret; 258 + 259 + strcpy(name, clnt->cl_program->name); 260 + strcat(name, uniq ? uniq : ""); 261 + strcat(name, "_client"); 262 + 263 + ret = sysfs_create_link_nowarn(&server->kobj, 264 + &clnt->cl_sysfs->kobject, name); 265 + if (ret < 0) 266 + pr_warn("NFS: can't create link to %s in sysfs (%d)\n", 267 + name, ret); 268 + } 269 + EXPORT_SYMBOL_GPL(nfs_sysfs_link_rpc_client); 270 + 271 + static void nfs_sysfs_sb_release(struct kobject *kobj) 272 + { 273 + /* no-op: why? see lib/kobject.c kobject_cleanup() */ 274 + } 275 + 276 + static const void *nfs_netns_server_namespace(const struct kobject *kobj) 277 + { 278 + return container_of(kobj, struct nfs_server, kobj)->nfs_client->cl_net; 279 + } 280 + 281 + static struct kobj_type nfs_sb_ktype = { 282 + .release = nfs_sysfs_sb_release, 283 + .sysfs_ops = &kobj_sysfs_ops, 284 + .namespace = nfs_netns_server_namespace, 285 + .child_ns_type = nfs_netns_object_child_ns_type, 286 + }; 287 + 288 + void nfs_sysfs_add_server(struct nfs_server *server) 289 + { 290 + int ret; 291 + 292 + ret = kobject_init_and_add(&server->kobj, &nfs_sb_ktype, 293 + &nfs_kset->kobj, "server-%d", server->s_sysfs_id); 294 + if (ret < 0) { 295 + pr_warn("NFS: nfs sysfs add server-%d failed (%d)\n", 296 + server->s_sysfs_id, ret); 297 + return; 298 + } 299 + ret = sysfs_create_file_ns(&server->kobj, &nfs_sysfs_attr_shutdown.attr, 300 + nfs_netns_server_namespace(&server->kobj)); 301 + if (ret < 0) 302 + pr_warn("NFS: sysfs_create_file_ns for server-%d failed (%d)\n", 303 + server->s_sysfs_id, ret); 304 + } 305 + EXPORT_SYMBOL_GPL(nfs_sysfs_add_server); 306 + 307 + void nfs_sysfs_move_server_to_sb(struct super_block *s) 308 + { 309 + struct nfs_server *server = s->s_fs_info; 310 + int ret; 311 + 312 + ret = kobject_rename(&server->kobj, s->s_id); 313 + if (ret < 0) 314 + pr_warn("NFS: rename sysfs %s failed (%d)\n", 315 + server->kobj.name, ret); 316 + } 317 + 318 + void nfs_sysfs_move_sb_to_server(struct nfs_server *server) 319 + { 320 + const char *s; 321 + int ret = -ENOMEM; 322 + 323 + s = kasprintf(GFP_KERNEL, "server-%d", server->s_sysfs_id); 324 + if (s) 325 + ret = kobject_rename(&server->kobj, s); 326 + if (ret < 0) 327 + pr_warn("NFS: rename sysfs %s failed (%d)\n", 328 + server->kobj.name, ret); 329 + } 330 + 331 + /* unlink, not dec-ref */ 332 + void nfs_sysfs_remove_server(struct nfs_server *server) 333 + { 334 + kobject_del(&server->kobj); 216 335 }

+9 -1

fs/nfs/sysfs.h

··· 10 10 11 11 struct nfs_netns_client { 12 12 struct kobject kobject; 13 + struct kobject nfs_net_kobj; 13 14 struct net *net; 14 15 const char __rcu *identifier; 15 16 }; 16 17 17 - extern struct kobject *nfs_client_kobj; 18 + extern struct kobject *nfs_net_kobj; 18 19 19 20 extern int nfs_sysfs_init(void); 20 21 extern void nfs_sysfs_exit(void); 21 22 22 23 void nfs_netns_sysfs_setup(struct nfs_net *netns, struct net *net); 23 24 void nfs_netns_sysfs_destroy(struct nfs_net *netns); 25 + 26 + void nfs_sysfs_link_rpc_client(struct nfs_server *server, 27 + struct rpc_clnt *clnt, const char *sysfs_prefix); 28 + void nfs_sysfs_add_server(struct nfs_server *s); 29 + void nfs_sysfs_move_server_to_sb(struct super_block *s); 30 + void nfs_sysfs_move_sb_to_server(struct nfs_server *s); 31 + void nfs_sysfs_remove_server(struct nfs_server *s); 24 32 25 33 #endif

+2

include/linux/lockd/bind.h

··· 20 20 /* Dummy declarations */ 21 21 struct svc_rqst; 22 22 struct rpc_task; 23 + struct rpc_clnt; 23 24 24 25 /* 25 26 * This is the set of functions for lockd->nfsd communication ··· 57 56 58 57 extern struct nlm_host *nlmclnt_init(const struct nlmclnt_initdata *nlm_init); 59 58 extern void nlmclnt_done(struct nlm_host *host); 59 + extern struct rpc_clnt *nlmclnt_rpc_clnt(struct nlm_host *host); 60 60 61 61 /* 62 62 * NLM client operations provide a means to modify RPC processing of NLM

+5 -1

include/linux/nfs_fs_sb.h

··· 63 63 u32 cl_minorversion;/* NFSv4 minorversion */ 64 64 unsigned int cl_nconnect; /* Number of connections */ 65 65 unsigned int cl_max_connect; /* max number of xprts allowed */ 66 - const char * cl_principal; /* used for machine cred */ 66 + const char * cl_principal; /* used for machine cred */ 67 + struct xprtsec_parms cl_xprtsec; /* xprt security policy */ 67 68 68 69 #if IS_ENABLED(CONFIG_NFS_V4) 69 70 struct list_head cl_ds_clients; /* auth flavor data servers */ ··· 154 153 #define NFS_MOUNT_WRITE_EAGER 0x01000000 155 154 #define NFS_MOUNT_WRITE_WAIT 0x02000000 156 155 #define NFS_MOUNT_TRUNK_DISCOVERY 0x04000000 156 + #define NFS_MOUNT_SHUTDOWN 0x08000000 157 157 158 158 unsigned int fattr_valid; /* Valid attributes */ 159 159 unsigned int caps; /* server capabilities */ ··· 185 183 change_attr_type;/* Description of change attribute */ 186 184 187 185 struct nfs_fsid fsid; 186 + int s_sysfs_id; /* sysfs dentry index */ 188 187 __u64 maxfilesize; /* maximum file size */ 189 188 struct timespec64 time_delta; /* smallest time granularity */ 190 189 unsigned long mount_time; /* when this fs was mounted */ ··· 262 259 /* User namespace info */ 263 260 const struct cred *cred; 264 261 bool has_sec_mnt_opts; 262 + struct kobject kobj; 265 263 }; 266 264 267 265 /* Server capabilities */

+3

include/linux/nfs_xdr.h

··· 1528 1528 struct nfs42_setxattrargs { 1529 1529 struct nfs4_sequence_args seq_args; 1530 1530 struct nfs_fh *fh; 1531 + const u32 *bitmask; 1531 1532 const char *xattr_name; 1532 1533 u32 xattr_flags; 1533 1534 size_t xattr_len; ··· 1538 1537 struct nfs42_setxattrres { 1539 1538 struct nfs4_sequence_res seq_res; 1540 1539 struct nfs4_change_info cinfo; 1540 + struct nfs_fattr *fattr; 1541 + const struct nfs_server *server; 1541 1542 }; 1542 1543 1543 1544 struct nfs42_getxattrargs {

+2

include/linux/sunrpc/auth.h

··· 120 120 struct rpcsec_gss_info *); 121 121 int (*key_timeout)(struct rpc_auth *, 122 122 struct rpc_cred *); 123 + int (*ping)(struct rpc_clnt *clnt); 123 124 }; 124 125 125 126 struct rpc_credops { ··· 145 144 146 145 extern const struct rpc_authops authunix_ops; 147 146 extern const struct rpc_authops authnull_ops; 147 + extern const struct rpc_authops authtls_ops; 148 148 149 149 int __init rpc_init_authunix(void); 150 150 int __init rpcauth_init_module(void);

+11 -2

include/linux/sunrpc/clnt.h

··· 30 30 #include <linux/sunrpc/xprtmultipath.h> 31 31 32 32 struct rpc_inode; 33 - struct rpc_sysfs_client; 33 + struct rpc_sysfs_client { 34 + struct kobject kobject; 35 + struct net *net; 36 + struct rpc_clnt *clnt; 37 + struct rpc_xprt_switch *xprt_switch; 38 + }; 39 + 34 40 35 41 /* 36 42 * The high-level client handle ··· 63 57 cl_discrtry : 1,/* disconnect before retry */ 64 58 cl_noretranstimeo: 1,/* No retransmit timeouts */ 65 59 cl_autobind : 1,/* use getport() */ 66 - cl_chatty : 1;/* be verbose */ 60 + cl_chatty : 1,/* be verbose */ 61 + cl_shutdown : 1;/* rpc immediate -EIO */ 62 + struct xprtsec_parms cl_xprtsec; /* transport security policy */ 67 63 68 64 struct rpc_rtt * cl_rtt; /* RTO estimator data */ 69 65 const struct rpc_timeout *cl_timeout; /* Timeout strategy */ ··· 147 139 struct svc_xprt *bc_xprt; /* NFSv4.1 backchannel */ 148 140 const struct cred *cred; 149 141 unsigned int max_connect; 142 + struct xprtsec_parms xprtsec; 150 143 }; 151 144 152 145 struct rpc_add_xprt_test {

+18

include/linux/sunrpc/xprt.h

··· 129 129 #define rq_svec rq_snd_buf.head 130 130 #define rq_slen rq_snd_buf.len 131 131 132 + /* RPC transport layer security policies */ 133 + enum xprtsec_policies { 134 + RPC_XPRTSEC_NONE = 0, 135 + RPC_XPRTSEC_TLS_ANON, 136 + RPC_XPRTSEC_TLS_X509, 137 + }; 138 + 139 + struct xprtsec_parms { 140 + enum xprtsec_policies policy; 141 + 142 + /* authentication material */ 143 + key_serial_t cert_serial; 144 + key_serial_t privkey_serial; 145 + }; 146 + 132 147 struct rpc_xprt_ops { 133 148 void (*set_buffer_size)(struct rpc_xprt *xprt, size_t sndsize, size_t rcvsize); 134 149 int (*reserve_xprt)(struct rpc_xprt *xprt, struct rpc_task *task); ··· 200 185 XPRT_TRANSPORT_RDMA = 256, 201 186 XPRT_TRANSPORT_BC_RDMA = XPRT_TRANSPORT_RDMA | XPRT_TRANSPORT_BC, 202 187 XPRT_TRANSPORT_LOCAL = 257, 188 + XPRT_TRANSPORT_TCP_TLS = 258, 203 189 }; 204 190 205 191 struct rpc_sysfs_xprt; ··· 245 229 */ 246 230 unsigned long bind_timeout, 247 231 reestablish_timeout; 232 + struct xprtsec_parms xprtsec; 248 233 unsigned int connect_cookie; /* A cookie that gets bumped 249 234 every time the transport 250 235 is reconnected */ ··· 350 333 struct svc_xprt *bc_xprt; /* NFSv4.1 backchannel */ 351 334 struct rpc_xprt_switch *bc_xps; 352 335 unsigned int flags; 336 + struct xprtsec_parms xprtsec; 353 337 }; 354 338 355 339 struct xprt_class {

+3

include/linux/sunrpc/xprtsock.h

··· 57 57 struct work_struct error_worker; 58 58 struct work_struct recv_worker; 59 59 struct mutex recv_mutex; 60 + struct completion handshake_done; 60 61 struct sockaddr_storage srcaddr; 61 62 unsigned short srcport; 62 63 int xprt_err; 64 + struct rpc_clnt *clnt; 63 65 64 66 /* 65 67 * UDP socket buffer size parameters ··· 92 90 #define XPRT_SOCK_WAKE_DISCONNECT (7) 93 91 #define XPRT_SOCK_CONNECT_SENT (8) 94 92 #define XPRT_SOCK_NOSPACE (9) 93 + #define XPRT_SOCK_IGNORE_RECV (10) 95 94 96 95 #endif /* _LINUX_SUNRPC_XPRTSOCK_H */

+86 -10

include/trace/events/sunrpc.h

··· 139 139 DEFINE_RPC_CLNT_EVENT(replace_xprt); 140 140 DEFINE_RPC_CLNT_EVENT(replace_xprt_err); 141 141 142 + TRACE_DEFINE_ENUM(RPC_XPRTSEC_NONE); 143 + TRACE_DEFINE_ENUM(RPC_XPRTSEC_TLS_X509); 144 + 145 + #define rpc_show_xprtsec_policy(policy) \ 146 + __print_symbolic(policy, \ 147 + { RPC_XPRTSEC_NONE, "none" }, \ 148 + { RPC_XPRTSEC_TLS_ANON, "tls-anon" }, \ 149 + { RPC_XPRTSEC_TLS_X509, "tls-x509" }) 150 + 151 + #define rpc_show_create_flags(flags) \ 152 + __print_flags(flags, "|", \ 153 + { RPC_CLNT_CREATE_HARDRTRY, "HARDRTRY" }, \ 154 + { RPC_CLNT_CREATE_AUTOBIND, "AUTOBIND" }, \ 155 + { RPC_CLNT_CREATE_NONPRIVPORT, "NONPRIVPORT" }, \ 156 + { RPC_CLNT_CREATE_NOPING, "NOPING" }, \ 157 + { RPC_CLNT_CREATE_DISCRTRY, "DISCRTRY" }, \ 158 + { RPC_CLNT_CREATE_QUIET, "QUIET" }, \ 159 + { RPC_CLNT_CREATE_INFINITE_SLOTS, \ 160 + "INFINITE_SLOTS" }, \ 161 + { RPC_CLNT_CREATE_NO_IDLE_TIMEOUT, \ 162 + "NO_IDLE_TIMEOUT" }, \ 163 + { RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT, \ 164 + "NO_RETRANS_TIMEOUT" }, \ 165 + { RPC_CLNT_CREATE_SOFTERR, "SOFTERR" }, \ 166 + { RPC_CLNT_CREATE_REUSEPORT, "REUSEPORT" }) 167 + 142 168 TRACE_EVENT(rpc_clnt_new, 143 169 TP_PROTO( 144 170 const struct rpc_clnt *clnt, 145 171 const struct rpc_xprt *xprt, 146 - const char *program, 147 - const char *server 172 + const struct rpc_create_args *args 148 173 ), 149 174 150 - TP_ARGS(clnt, xprt, program, server), 175 + TP_ARGS(clnt, xprt, args), 151 176 152 177 TP_STRUCT__entry( 153 178 __field(unsigned int, client_id) 179 + __field(unsigned long, xprtsec) 180 + __field(unsigned long, flags) 181 + __string(program, clnt->cl_program->name) 182 + __string(server, xprt->servername) 154 183 __string(addr, xprt->address_strings[RPC_DISPLAY_ADDR]) 155 184 __string(port, xprt->address_strings[RPC_DISPLAY_PORT]) 156 - __string(program, program) 157 - __string(server, server) 158 185 ), 159 186 160 187 TP_fast_assign( 161 188 __entry->client_id = clnt->cl_clid; 189 + __entry->xprtsec = args->xprtsec.policy; 190 + __entry->flags = args->flags; 191 + __assign_str(program, clnt->cl_program->name); 192 + __assign_str(server, xprt->servername); 162 193 __assign_str(addr, xprt->address_strings[RPC_DISPLAY_ADDR]); 163 194 __assign_str(port, xprt->address_strings[RPC_DISPLAY_PORT]); 164 - __assign_str(program, program); 165 - __assign_str(server, server); 166 195 ), 167 196 168 - TP_printk("client=" SUNRPC_TRACE_CLID_SPECIFIER 169 - " peer=[%s]:%s program=%s server=%s", 197 + TP_printk("client=" SUNRPC_TRACE_CLID_SPECIFIER " peer=[%s]:%s" 198 + " program=%s server=%s xprtsec=%s flags=%s", 170 199 __entry->client_id, __get_str(addr), __get_str(port), 171 - __get_str(program), __get_str(server)) 200 + __get_str(program), __get_str(server), 201 + rpc_show_xprtsec_policy(__entry->xprtsec), 202 + rpc_show_create_flags(__entry->flags) 203 + ) 172 204 ); 173 205 174 206 TRACE_EVENT(rpc_clnt_new_err, ··· 1524 1492 __entry->program, __entry->version, __get_str(netid) 1525 1493 ) 1526 1494 ); 1495 + 1496 + /** 1497 + ** RPC-over-TLS tracepoints 1498 + **/ 1499 + 1500 + DECLARE_EVENT_CLASS(rpc_tls_class, 1501 + TP_PROTO( 1502 + const struct rpc_clnt *clnt, 1503 + const struct rpc_xprt *xprt 1504 + ), 1505 + 1506 + TP_ARGS(clnt, xprt), 1507 + 1508 + TP_STRUCT__entry( 1509 + __field(unsigned long, requested_policy) 1510 + __field(u32, version) 1511 + __string(servername, xprt->servername) 1512 + __string(progname, clnt->cl_program->name) 1513 + ), 1514 + 1515 + TP_fast_assign( 1516 + __entry->requested_policy = clnt->cl_xprtsec.policy; 1517 + __entry->version = clnt->cl_vers; 1518 + __assign_str(servername, xprt->servername); 1519 + __assign_str(progname, clnt->cl_program->name) 1520 + ), 1521 + 1522 + TP_printk("server=%s %sv%u requested_policy=%s", 1523 + __get_str(servername), __get_str(progname), __entry->version, 1524 + rpc_show_xprtsec_policy(__entry->requested_policy) 1525 + ) 1526 + ); 1527 + 1528 + #define DEFINE_RPC_TLS_EVENT(name) \ 1529 + DEFINE_EVENT(rpc_tls_class, rpc_tls_##name, \ 1530 + TP_PROTO( \ 1531 + const struct rpc_clnt *clnt, \ 1532 + const struct rpc_xprt *xprt \ 1533 + ), \ 1534 + TP_ARGS(clnt, xprt)) 1535 + 1536 + DEFINE_RPC_TLS_EVENT(unavailable); 1537 + DEFINE_RPC_TLS_EVENT(not_started); 1538 + 1527 1539 1528 1540 /* Record an xdr_buf containing a fully-formed RPC message */ 1529 1541 DECLARE_EVENT_CLASS(svc_xdr_msg_class,

+1 -1

net/sunrpc/Makefile

··· 9 9 obj-$(CONFIG_SUNRPC_XPRT_RDMA) += xprtrdma/ 10 10 11 11 sunrpc-y := clnt.o xprt.o socklib.o xprtsock.o sched.o \ 12 - auth.o auth_null.o auth_unix.o \ 12 + auth.o auth_null.o auth_tls.o auth_unix.o \ 13 13 svc.o svcsock.o svcauth.o svcauth_unix.o \ 14 14 addr.o rpcb_clnt.o timer.o xdr.o \ 15 15 sunrpc_syms.o cache.o rpc_pipe.o sysfs.o \

+1 -1

net/sunrpc/auth.c

··· 32 32 static const struct rpc_authops __rcu *auth_flavors[RPC_AUTH_MAXFLAVOR] = { 33 33 [RPC_AUTH_NULL] = (const struct rpc_authops __force __rcu *)&authnull_ops, 34 34 [RPC_AUTH_UNIX] = (const struct rpc_authops __force __rcu *)&authunix_ops, 35 - NULL, /* others can be loadable modules */ 35 + [RPC_AUTH_TLS] = (const struct rpc_authops __force __rcu *)&authtls_ops, 36 36 }; 37 37 38 38 static LIST_HEAD(cred_unused);

+175

net/sunrpc/auth_tls.c

··· 1 + // SPDX-License-Identifier: GPL-2.0-only 2 + /* 3 + * Copyright (c) 2021, 2022 Oracle. All rights reserved. 4 + * 5 + * The AUTH_TLS credential is used only to probe a remote peer 6 + * for RPC-over-TLS support. 7 + */ 8 + 9 + #include <linux/types.h> 10 + #include <linux/module.h> 11 + #include <linux/sunrpc/clnt.h> 12 + 13 + static const char *starttls_token = "STARTTLS"; 14 + static const size_t starttls_len = 8; 15 + 16 + static struct rpc_auth tls_auth; 17 + static struct rpc_cred tls_cred; 18 + 19 + static void tls_encode_probe(struct rpc_rqst *rqstp, struct xdr_stream *xdr, 20 + const void *obj) 21 + { 22 + } 23 + 24 + static int tls_decode_probe(struct rpc_rqst *rqstp, struct xdr_stream *xdr, 25 + void *obj) 26 + { 27 + return 0; 28 + } 29 + 30 + static const struct rpc_procinfo rpcproc_tls_probe = { 31 + .p_encode = tls_encode_probe, 32 + .p_decode = tls_decode_probe, 33 + }; 34 + 35 + static void rpc_tls_probe_call_prepare(struct rpc_task *task, void *data) 36 + { 37 + task->tk_flags &= ~RPC_TASK_NO_RETRANS_TIMEOUT; 38 + rpc_call_start(task); 39 + } 40 + 41 + static void rpc_tls_probe_call_done(struct rpc_task *task, void *data) 42 + { 43 + } 44 + 45 + static const struct rpc_call_ops rpc_tls_probe_ops = { 46 + .rpc_call_prepare = rpc_tls_probe_call_prepare, 47 + .rpc_call_done = rpc_tls_probe_call_done, 48 + }; 49 + 50 + static int tls_probe(struct rpc_clnt *clnt) 51 + { 52 + struct rpc_message msg = { 53 + .rpc_proc = &rpcproc_tls_probe, 54 + }; 55 + struct rpc_task_setup task_setup_data = { 56 + .rpc_client = clnt, 57 + .rpc_message = &msg, 58 + .rpc_op_cred = &tls_cred, 59 + .callback_ops = &rpc_tls_probe_ops, 60 + .flags = RPC_TASK_SOFT | RPC_TASK_SOFTCONN, 61 + }; 62 + struct rpc_task *task; 63 + int status; 64 + 65 + task = rpc_run_task(&task_setup_data); 66 + if (IS_ERR(task)) 67 + return PTR_ERR(task); 68 + status = task->tk_status; 69 + rpc_put_task(task); 70 + return status; 71 + } 72 + 73 + static struct rpc_auth *tls_create(const struct rpc_auth_create_args *args, 74 + struct rpc_clnt *clnt) 75 + { 76 + refcount_inc(&tls_auth.au_count); 77 + return &tls_auth; 78 + } 79 + 80 + static void tls_destroy(struct rpc_auth *auth) 81 + { 82 + } 83 + 84 + static struct rpc_cred *tls_lookup_cred(struct rpc_auth *auth, 85 + struct auth_cred *acred, int flags) 86 + { 87 + return get_rpccred(&tls_cred); 88 + } 89 + 90 + static void tls_destroy_cred(struct rpc_cred *cred) 91 + { 92 + } 93 + 94 + static int tls_match(struct auth_cred *acred, struct rpc_cred *cred, int taskflags) 95 + { 96 + return 1; 97 + } 98 + 99 + static int tls_marshal(struct rpc_task *task, struct xdr_stream *xdr) 100 + { 101 + __be32 *p; 102 + 103 + p = xdr_reserve_space(xdr, 4 * XDR_UNIT); 104 + if (!p) 105 + return -EMSGSIZE; 106 + /* Credential */ 107 + *p++ = rpc_auth_tls; 108 + *p++ = xdr_zero; 109 + /* Verifier */ 110 + *p++ = rpc_auth_null; 111 + *p = xdr_zero; 112 + return 0; 113 + } 114 + 115 + static int tls_refresh(struct rpc_task *task) 116 + { 117 + set_bit(RPCAUTH_CRED_UPTODATE, &task->tk_rqstp->rq_cred->cr_flags); 118 + return 0; 119 + } 120 + 121 + static int tls_validate(struct rpc_task *task, struct xdr_stream *xdr) 122 + { 123 + __be32 *p; 124 + void *str; 125 + 126 + p = xdr_inline_decode(xdr, XDR_UNIT); 127 + if (!p) 128 + return -EIO; 129 + if (*p != rpc_auth_null) 130 + return -EIO; 131 + if (xdr_stream_decode_opaque_inline(xdr, &str, starttls_len) != starttls_len) 132 + return -EIO; 133 + if (memcmp(str, starttls_token, starttls_len)) 134 + return -EIO; 135 + return 0; 136 + } 137 + 138 + const struct rpc_authops authtls_ops = { 139 + .owner = THIS_MODULE, 140 + .au_flavor = RPC_AUTH_TLS, 141 + .au_name = "NULL", 142 + .create = tls_create, 143 + .destroy = tls_destroy, 144 + .lookup_cred = tls_lookup_cred, 145 + .ping = tls_probe, 146 + }; 147 + 148 + static struct rpc_auth tls_auth = { 149 + .au_cslack = NUL_CALLSLACK, 150 + .au_rslack = NUL_REPLYSLACK, 151 + .au_verfsize = NUL_REPLYSLACK, 152 + .au_ralign = NUL_REPLYSLACK, 153 + .au_ops = &authtls_ops, 154 + .au_flavor = RPC_AUTH_TLS, 155 + .au_count = REFCOUNT_INIT(1), 156 + }; 157 + 158 + static const struct rpc_credops tls_credops = { 159 + .cr_name = "AUTH_TLS", 160 + .crdestroy = tls_destroy_cred, 161 + .crmatch = tls_match, 162 + .crmarshal = tls_marshal, 163 + .crwrap_req = rpcauth_wrap_req_encode, 164 + .crrefresh = tls_refresh, 165 + .crvalidate = tls_validate, 166 + .crunwrap_resp = rpcauth_unwrap_resp_decode, 167 + }; 168 + 169 + static struct rpc_cred tls_cred = { 170 + .cr_lru = LIST_HEAD_INIT(tls_cred.cr_lru), 171 + .cr_auth = &tls_auth, 172 + .cr_ops = &tls_credops, 173 + .cr_count = REFCOUNT_INIT(2), 174 + .cr_flags = 1UL << RPCAUTH_CRED_UPTODATE, 175 + };

+19 -3

net/sunrpc/clnt.c

··· 385 385 if (!clnt) 386 386 goto out_err; 387 387 clnt->cl_parent = parent ? : clnt; 388 + clnt->cl_xprtsec = args->xprtsec; 388 389 389 390 err = rpc_alloc_clid(clnt); 390 391 if (err) ··· 435 434 if (parent) 436 435 refcount_inc(&parent->cl_count); 437 436 438 - trace_rpc_clnt_new(clnt, xprt, program->name, args->servername); 437 + trace_rpc_clnt_new(clnt, xprt, args); 439 438 return clnt; 440 439 441 440 out_no_path: ··· 533 532 .addrlen = args->addrsize, 534 533 .servername = args->servername, 535 534 .bc_xprt = args->bc_xprt, 535 + .xprtsec = args->xprtsec, 536 536 }; 537 537 char servername[48]; 538 538 struct rpc_clnt *clnt; ··· 567 565 servername[0] = '\0'; 568 566 switch (args->address->sa_family) { 569 567 case AF_LOCAL: 570 - snprintf(servername, sizeof(servername), "%s", 571 - sun->sun_path); 568 + if (sun->sun_path[0]) 569 + snprintf(servername, sizeof(servername), "%s", 570 + sun->sun_path); 571 + else 572 + snprintf(servername, sizeof(servername), "@%s", 573 + sun->sun_path+1); 572 574 break; 573 575 case AF_INET: 574 576 snprintf(servername, sizeof(servername), "%pI4", ··· 733 727 struct rpc_clnt *parent; 734 728 int err; 735 729 730 + args->xprtsec = clnt->cl_xprtsec; 736 731 xprt = xprt_create_transport(args); 737 732 if (IS_ERR(xprt)) 738 733 return PTR_ERR(xprt); ··· 1723 1716 int idx = task->tk_msg.rpc_proc->p_statidx; 1724 1717 1725 1718 trace_rpc_request(task); 1719 + 1720 + if (task->tk_client->cl_shutdown) { 1721 + rpc_call_rpcerror(task, -EIO); 1722 + return; 1723 + } 1726 1724 1727 1725 /* Increment call count (version might not be valid for ping) */ 1728 1726 if (clnt->cl_program->version[clnt->cl_vers]) ··· 2838 2826 struct rpc_task *task; 2839 2827 int status; 2840 2828 2829 + if (clnt->cl_auth->au_ops->ping) 2830 + return clnt->cl_auth->au_ops->ping(clnt); 2831 + 2841 2832 task = rpc_call_null_helper(clnt, NULL, NULL, 0, NULL, NULL); 2842 2833 if (IS_ERR(task)) 2843 2834 return PTR_ERR(task); ··· 3061 3046 3062 3047 if (!xprtargs->ident) 3063 3048 xprtargs->ident = ident; 3049 + xprtargs->xprtsec = clnt->cl_xprtsec; 3064 3050 xprt = xprt_create_transport(xprtargs); 3065 3051 if (IS_ERR(xprt)) { 3066 3052 ret = PTR_ERR(xprt);

+31 -8

net/sunrpc/rpcb_clnt.c

··· 36 36 #include "netns.h" 37 37 38 38 #define RPCBIND_SOCK_PATHNAME "/var/run/rpcbind.sock" 39 + #define RPCBIND_SOCK_ABSTRACT_NAME "\0/run/rpcbind.sock" 39 40 40 41 #define RPCBIND_PROGRAM (100000u) 41 42 #define RPCBIND_PORT (111u) ··· 217 216 sn->rpcb_users = 1; 218 217 } 219 218 219 + /* Evaluate to actual length of the `sockaddr_un' structure. */ 220 + # define SUN_LEN(ptr) (offsetof(struct sockaddr_un, sun_path) \ 221 + + 1 + strlen((ptr)->sun_path + 1)) 222 + 220 223 /* 221 224 * Returns zero on success, otherwise a negative errno value 222 225 * is returned. 223 226 */ 224 - static int rpcb_create_local_unix(struct net *net) 227 + static int rpcb_create_af_local(struct net *net, 228 + const struct sockaddr_un *addr) 225 229 { 226 - static const struct sockaddr_un rpcb_localaddr_rpcbind = { 227 - .sun_family = AF_LOCAL, 228 - .sun_path = RPCBIND_SOCK_PATHNAME, 229 - }; 230 230 struct rpc_create_args args = { 231 231 .net = net, 232 232 .protocol = XPRT_TRANSPORT_LOCAL, 233 - .address = (struct sockaddr *)&rpcb_localaddr_rpcbind, 234 - .addrsize = sizeof(rpcb_localaddr_rpcbind), 233 + .address = (struct sockaddr *)addr, 234 + .addrsize = SUN_LEN(addr), 235 235 .servername = "localhost", 236 236 .program = &rpcb_program, 237 237 .version = RPCBVERS_2, ··· 269 267 270 268 out: 271 269 return result; 270 + } 271 + 272 + static int rpcb_create_local_abstract(struct net *net) 273 + { 274 + static const struct sockaddr_un rpcb_localaddr_abstract = { 275 + .sun_family = AF_LOCAL, 276 + .sun_path = RPCBIND_SOCK_ABSTRACT_NAME, 277 + }; 278 + 279 + return rpcb_create_af_local(net, &rpcb_localaddr_abstract); 280 + } 281 + 282 + static int rpcb_create_local_unix(struct net *net) 283 + { 284 + static const struct sockaddr_un rpcb_localaddr_unix = { 285 + .sun_family = AF_LOCAL, 286 + .sun_path = RPCBIND_SOCK_PATHNAME, 287 + }; 288 + 289 + return rpcb_create_af_local(net, &rpcb_localaddr_unix); 272 290 } 273 291 274 292 /* ··· 354 332 if (rpcb_get_local(net)) 355 333 goto out; 356 334 357 - if (rpcb_create_local_unix(net) != 0) 335 + if (rpcb_create_local_abstract(net) != 0 && 336 + rpcb_create_local_unix(net) != 0) 358 337 result = rpcb_create_local_net(net); 359 338 360 339 out:

+1

net/sunrpc/sysfs.c

··· 239 239 if (!xprt) 240 240 return 0; 241 241 if (!(xprt->xprt_class->ident == XPRT_TRANSPORT_TCP || 242 + xprt->xprt_class->ident == XPRT_TRANSPORT_TCP_TLS || 242 243 xprt->xprt_class->ident == XPRT_TRANSPORT_RDMA)) { 243 244 xprt_put(xprt); 244 245 return -EOPNOTSUPP;

-7

net/sunrpc/sysfs.h

··· 5 5 #ifndef __SUNRPC_SYSFS_H 6 6 #define __SUNRPC_SYSFS_H 7 7 8 - struct rpc_sysfs_client { 9 - struct kobject kobject; 10 - struct net *net; 11 - struct rpc_clnt *clnt; 12 - struct rpc_xprt_switch *xprt_switch; 13 - }; 14 - 15 8 struct rpc_sysfs_xprt_switch { 16 9 struct kobject kobject; 17 10 struct net *net;

+430 -4

net/sunrpc/xprtsock.c

··· 47 47 #include <net/checksum.h> 48 48 #include <net/udp.h> 49 49 #include <net/tcp.h> 50 + #include <net/tls.h> 51 + #include <net/handshake.h> 52 + 50 53 #include <linux/bvec.h> 51 54 #include <linux/highmem.h> 52 55 #include <linux/uio.h> ··· 99 96 static struct xprt_class xs_local_transport; 100 97 static struct xprt_class xs_udp_transport; 101 98 static struct xprt_class xs_tcp_transport; 99 + static struct xprt_class xs_tcp_tls_transport; 102 100 static struct xprt_class xs_bc_tcp_transport; 103 101 104 102 /* ··· 191 187 */ 192 188 #define XS_IDLE_DISC_TO (5U * 60 * HZ) 193 189 190 + /* 191 + * TLS handshake timeout. 192 + */ 193 + #define XS_TLS_HANDSHAKE_TO (10U * HZ) 194 + 194 195 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) 195 196 # undef RPC_DEBUG_DATA 196 197 # define RPCDBG_FACILITY RPCDBG_TRANS ··· 262 253 switch (sap->sa_family) { 263 254 case AF_LOCAL: 264 255 sun = xs_addr_un(xprt); 265 - strscpy(buf, sun->sun_path, sizeof(buf)); 256 + if (sun->sun_path[0]) { 257 + strscpy(buf, sun->sun_path, sizeof(buf)); 258 + } else { 259 + buf[0] = '@'; 260 + strscpy(buf+1, sun->sun_path+1, sizeof(buf)-1); 261 + } 266 262 xprt->address_strings[RPC_DISPLAY_ADDR] = 267 263 kstrdup(buf, GFP_KERNEL); 268 264 break; ··· 356 342 return want; 357 343 } 358 344 345 + static int 346 + xs_sock_process_cmsg(struct socket *sock, struct msghdr *msg, 347 + struct cmsghdr *cmsg, int ret) 348 + { 349 + if (cmsg->cmsg_level == SOL_TLS && 350 + cmsg->cmsg_type == TLS_GET_RECORD_TYPE) { 351 + u8 content_type = *((u8 *)CMSG_DATA(cmsg)); 352 + 353 + switch (content_type) { 354 + case TLS_RECORD_TYPE_DATA: 355 + /* TLS sets EOR at the end of each application data 356 + * record, even though there might be more frames 357 + * waiting to be decrypted. 358 + */ 359 + msg->msg_flags &= ~MSG_EOR; 360 + break; 361 + case TLS_RECORD_TYPE_ALERT: 362 + ret = -ENOTCONN; 363 + break; 364 + default: 365 + ret = -EAGAIN; 366 + } 367 + } 368 + return ret; 369 + } 370 + 371 + static int 372 + xs_sock_recv_cmsg(struct socket *sock, struct msghdr *msg, int flags) 373 + { 374 + union { 375 + struct cmsghdr cmsg; 376 + u8 buf[CMSG_SPACE(sizeof(u8))]; 377 + } u; 378 + int ret; 379 + 380 + msg->msg_control = &u; 381 + msg->msg_controllen = sizeof(u); 382 + ret = sock_recvmsg(sock, msg, flags); 383 + if (msg->msg_controllen != sizeof(u)) 384 + ret = xs_sock_process_cmsg(sock, msg, &u.cmsg, ret); 385 + return ret; 386 + } 387 + 359 388 static ssize_t 360 389 xs_sock_recvmsg(struct socket *sock, struct msghdr *msg, int flags, size_t seek) 361 390 { 362 391 ssize_t ret; 363 392 if (seek != 0) 364 393 iov_iter_advance(&msg->msg_iter, seek); 365 - ret = sock_recvmsg(sock, msg, flags); 394 + ret = xs_sock_recv_cmsg(sock, msg, flags); 366 395 return ret > 0 ? ret + seek : ret; 367 396 } 368 397 ··· 431 374 size_t count) 432 375 { 433 376 iov_iter_discard(&msg->msg_iter, ITER_DEST, count); 434 - return sock_recvmsg(sock, msg, flags); 377 + return xs_sock_recv_cmsg(sock, msg, flags); 435 378 } 436 379 437 380 #if ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE ··· 752 695 { 753 696 754 697 clear_bit(XPRT_SOCK_DATA_READY, &transport->sock_state); 698 + if (test_bit(XPRT_SOCK_IGNORE_RECV, &transport->sock_state)) 699 + return; 755 700 if (!xs_poll_socket_readable(transport)) 756 701 return; 757 702 if (!test_and_set_bit(XPRT_SOCK_DATA_READY, &transport->sock_state)) ··· 1250 1191 if (atomic_read(&transport->xprt.swapper)) 1251 1192 sk_clear_memalloc(sk); 1252 1193 1194 + tls_handshake_cancel(sk); 1195 + 1253 1196 kernel_sock_shutdown(sock, SHUT_RDWR); 1254 1197 1255 1198 mutex_lock(&transport->recv_mutex); ··· 1441 1380 trace_xs_data_ready(xprt); 1442 1381 1443 1382 transport->old_data_ready(sk); 1383 + 1384 + if (test_bit(XPRT_SOCK_IGNORE_RECV, &transport->sock_state)) 1385 + return; 1386 + 1444 1387 /* Any data means we had a useful conversation, so 1445 1388 * then we don't need to delay the next reconnect 1446 1389 */ ··· 2425 2360 current_restore_flags(pflags, PF_MEMALLOC); 2426 2361 } 2427 2362 2363 + /* 2364 + * Transfer the connected socket to @upper_transport, then mark that 2365 + * xprt CONNECTED. 2366 + */ 2367 + static int xs_tcp_tls_finish_connecting(struct rpc_xprt *lower_xprt, 2368 + struct sock_xprt *upper_transport) 2369 + { 2370 + struct sock_xprt *lower_transport = 2371 + container_of(lower_xprt, struct sock_xprt, xprt); 2372 + struct rpc_xprt *upper_xprt = &upper_transport->xprt; 2373 + 2374 + if (!upper_transport->inet) { 2375 + struct socket *sock = lower_transport->sock; 2376 + struct sock *sk = sock->sk; 2377 + 2378 + /* Avoid temporary address, they are bad for long-lived 2379 + * connections such as NFS mounts. 2380 + * RFC4941, section 3.6 suggests that: 2381 + * Individual applications, which have specific 2382 + * knowledge about the normal duration of connections, 2383 + * MAY override this as appropriate. 2384 + */ 2385 + if (xs_addr(upper_xprt)->sa_family == PF_INET6) 2386 + ip6_sock_set_addr_preferences(sk, IPV6_PREFER_SRC_PUBLIC); 2387 + 2388 + xs_tcp_set_socket_timeouts(upper_xprt, sock); 2389 + tcp_sock_set_nodelay(sk); 2390 + 2391 + lock_sock(sk); 2392 + 2393 + /* @sk is already connected, so it now has the RPC callbacks. 2394 + * Reach into @lower_transport to save the original ones. 2395 + */ 2396 + upper_transport->old_data_ready = lower_transport->old_data_ready; 2397 + upper_transport->old_state_change = lower_transport->old_state_change; 2398 + upper_transport->old_write_space = lower_transport->old_write_space; 2399 + upper_transport->old_error_report = lower_transport->old_error_report; 2400 + sk->sk_user_data = upper_xprt; 2401 + 2402 + /* socket options */ 2403 + sock_reset_flag(sk, SOCK_LINGER); 2404 + 2405 + xprt_clear_connected(upper_xprt); 2406 + 2407 + upper_transport->sock = sock; 2408 + upper_transport->inet = sk; 2409 + upper_transport->file = lower_transport->file; 2410 + 2411 + release_sock(sk); 2412 + 2413 + /* Reset lower_transport before shutting down its clnt */ 2414 + mutex_lock(&lower_transport->recv_mutex); 2415 + lower_transport->inet = NULL; 2416 + lower_transport->sock = NULL; 2417 + lower_transport->file = NULL; 2418 + 2419 + xprt_clear_connected(lower_xprt); 2420 + xs_sock_reset_connection_flags(lower_xprt); 2421 + xs_stream_reset_connect(lower_transport); 2422 + mutex_unlock(&lower_transport->recv_mutex); 2423 + } 2424 + 2425 + if (!xprt_bound(upper_xprt)) 2426 + return -ENOTCONN; 2427 + 2428 + xs_set_memalloc(upper_xprt); 2429 + 2430 + if (!xprt_test_and_set_connected(upper_xprt)) { 2431 + upper_xprt->connect_cookie++; 2432 + clear_bit(XPRT_SOCK_CONNECTING, &upper_transport->sock_state); 2433 + xprt_clear_connecting(upper_xprt); 2434 + 2435 + upper_xprt->stat.connect_count++; 2436 + upper_xprt->stat.connect_time += (long)jiffies - 2437 + upper_xprt->stat.connect_start; 2438 + xs_run_error_worker(upper_transport, XPRT_SOCK_WAKE_PENDING); 2439 + } 2440 + return 0; 2441 + } 2442 + 2443 + /** 2444 + * xs_tls_handshake_done - TLS handshake completion handler 2445 + * @data: address of xprt to wake 2446 + * @status: status of handshake 2447 + * @peerid: serial number of key containing the remote's identity 2448 + * 2449 + */ 2450 + static void xs_tls_handshake_done(void *data, int status, key_serial_t peerid) 2451 + { 2452 + struct rpc_xprt *lower_xprt = data; 2453 + struct sock_xprt *lower_transport = 2454 + container_of(lower_xprt, struct sock_xprt, xprt); 2455 + 2456 + lower_transport->xprt_err = status ? -EACCES : 0; 2457 + complete(&lower_transport->handshake_done); 2458 + xprt_put(lower_xprt); 2459 + } 2460 + 2461 + static int xs_tls_handshake_sync(struct rpc_xprt *lower_xprt, struct xprtsec_parms *xprtsec) 2462 + { 2463 + struct sock_xprt *lower_transport = 2464 + container_of(lower_xprt, struct sock_xprt, xprt); 2465 + struct tls_handshake_args args = { 2466 + .ta_sock = lower_transport->sock, 2467 + .ta_done = xs_tls_handshake_done, 2468 + .ta_data = xprt_get(lower_xprt), 2469 + .ta_peername = lower_xprt->servername, 2470 + }; 2471 + struct sock *sk = lower_transport->inet; 2472 + int rc; 2473 + 2474 + init_completion(&lower_transport->handshake_done); 2475 + set_bit(XPRT_SOCK_IGNORE_RECV, &lower_transport->sock_state); 2476 + lower_transport->xprt_err = -ETIMEDOUT; 2477 + switch (xprtsec->policy) { 2478 + case RPC_XPRTSEC_TLS_ANON: 2479 + rc = tls_client_hello_anon(&args, GFP_KERNEL); 2480 + if (rc) 2481 + goto out_put_xprt; 2482 + break; 2483 + case RPC_XPRTSEC_TLS_X509: 2484 + args.ta_my_cert = xprtsec->cert_serial; 2485 + args.ta_my_privkey = xprtsec->privkey_serial; 2486 + rc = tls_client_hello_x509(&args, GFP_KERNEL); 2487 + if (rc) 2488 + goto out_put_xprt; 2489 + break; 2490 + default: 2491 + rc = -EACCES; 2492 + goto out_put_xprt; 2493 + } 2494 + 2495 + rc = wait_for_completion_interruptible_timeout(&lower_transport->handshake_done, 2496 + XS_TLS_HANDSHAKE_TO); 2497 + if (rc <= 0) { 2498 + if (!tls_handshake_cancel(sk)) { 2499 + if (rc == 0) 2500 + rc = -ETIMEDOUT; 2501 + goto out_put_xprt; 2502 + } 2503 + } 2504 + 2505 + rc = lower_transport->xprt_err; 2506 + 2507 + out: 2508 + xs_stream_reset_connect(lower_transport); 2509 + clear_bit(XPRT_SOCK_IGNORE_RECV, &lower_transport->sock_state); 2510 + return rc; 2511 + 2512 + out_put_xprt: 2513 + xprt_put(lower_xprt); 2514 + goto out; 2515 + } 2516 + 2517 + /** 2518 + * xs_tcp_tls_setup_socket - establish a TLS session on a TCP socket 2519 + * @work: queued work item 2520 + * 2521 + * Invoked by a work queue tasklet. 2522 + * 2523 + * For RPC-with-TLS, there is a two-stage connection process. 2524 + * 2525 + * The "upper-layer xprt" is visible to the RPC consumer. Once it has 2526 + * been marked connected, the consumer knows that a TCP connection and 2527 + * a TLS session have been established. 2528 + * 2529 + * A "lower-layer xprt", created in this function, handles the mechanics 2530 + * of connecting the TCP socket, performing the RPC_AUTH_TLS probe, and 2531 + * then driving the TLS handshake. Once all that is complete, the upper 2532 + * layer xprt is marked connected. 2533 + */ 2534 + static void xs_tcp_tls_setup_socket(struct work_struct *work) 2535 + { 2536 + struct sock_xprt *upper_transport = 2537 + container_of(work, struct sock_xprt, connect_worker.work); 2538 + struct rpc_clnt *upper_clnt = upper_transport->clnt; 2539 + struct rpc_xprt *upper_xprt = &upper_transport->xprt; 2540 + struct rpc_create_args args = { 2541 + .net = upper_xprt->xprt_net, 2542 + .protocol = upper_xprt->prot, 2543 + .address = (struct sockaddr *)&upper_xprt->addr, 2544 + .addrsize = upper_xprt->addrlen, 2545 + .timeout = upper_clnt->cl_timeout, 2546 + .servername = upper_xprt->servername, 2547 + .program = upper_clnt->cl_program, 2548 + .prognumber = upper_clnt->cl_prog, 2549 + .version = upper_clnt->cl_vers, 2550 + .authflavor = RPC_AUTH_TLS, 2551 + .cred = upper_clnt->cl_cred, 2552 + .xprtsec = { 2553 + .policy = RPC_XPRTSEC_NONE, 2554 + }, 2555 + }; 2556 + unsigned int pflags = current->flags; 2557 + struct rpc_clnt *lower_clnt; 2558 + struct rpc_xprt *lower_xprt; 2559 + int status; 2560 + 2561 + if (atomic_read(&upper_xprt->swapper)) 2562 + current->flags |= PF_MEMALLOC; 2563 + 2564 + xs_stream_start_connect(upper_transport); 2565 + 2566 + /* This implicitly sends an RPC_AUTH_TLS probe */ 2567 + lower_clnt = rpc_create(&args); 2568 + if (IS_ERR(lower_clnt)) { 2569 + trace_rpc_tls_unavailable(upper_clnt, upper_xprt); 2570 + clear_bit(XPRT_SOCK_CONNECTING, &upper_transport->sock_state); 2571 + xprt_clear_connecting(upper_xprt); 2572 + xprt_wake_pending_tasks(upper_xprt, PTR_ERR(lower_clnt)); 2573 + xs_run_error_worker(upper_transport, XPRT_SOCK_WAKE_PENDING); 2574 + goto out_unlock; 2575 + } 2576 + 2577 + /* RPC_AUTH_TLS probe was successful. Try a TLS handshake on 2578 + * the lower xprt. 2579 + */ 2580 + rcu_read_lock(); 2581 + lower_xprt = rcu_dereference(lower_clnt->cl_xprt); 2582 + rcu_read_unlock(); 2583 + status = xs_tls_handshake_sync(lower_xprt, &upper_xprt->xprtsec); 2584 + if (status) { 2585 + trace_rpc_tls_not_started(upper_clnt, upper_xprt); 2586 + goto out_close; 2587 + } 2588 + 2589 + status = xs_tcp_tls_finish_connecting(lower_xprt, upper_transport); 2590 + if (status) 2591 + goto out_close; 2592 + 2593 + trace_rpc_socket_connect(upper_xprt, upper_transport->sock, 0); 2594 + if (!xprt_test_and_set_connected(upper_xprt)) { 2595 + upper_xprt->connect_cookie++; 2596 + clear_bit(XPRT_SOCK_CONNECTING, &upper_transport->sock_state); 2597 + xprt_clear_connecting(upper_xprt); 2598 + 2599 + upper_xprt->stat.connect_count++; 2600 + upper_xprt->stat.connect_time += (long)jiffies - 2601 + upper_xprt->stat.connect_start; 2602 + xs_run_error_worker(upper_transport, XPRT_SOCK_WAKE_PENDING); 2603 + } 2604 + rpc_shutdown_client(lower_clnt); 2605 + 2606 + out_unlock: 2607 + current_restore_flags(pflags, PF_MEMALLOC); 2608 + upper_transport->clnt = NULL; 2609 + xprt_unlock_connect(upper_xprt, upper_transport); 2610 + return; 2611 + 2612 + out_close: 2613 + rpc_shutdown_client(lower_clnt); 2614 + 2615 + /* xprt_force_disconnect() wakes tasks with a fixed tk_status code. 2616 + * Wake them first here to ensure they get our tk_status code. 2617 + */ 2618 + xprt_wake_pending_tasks(upper_xprt, status); 2619 + xs_tcp_force_close(upper_xprt); 2620 + xprt_clear_connecting(upper_xprt); 2621 + goto out_unlock; 2622 + } 2623 + 2428 2624 /** 2429 2625 * xs_connect - connect a socket to a remote endpoint 2430 2626 * @xprt: pointer to transport structure ··· 2717 2391 } else 2718 2392 dprintk("RPC: xs_connect scheduled xprt %p\n", xprt); 2719 2393 2394 + transport->clnt = task->tk_client; 2720 2395 queue_delayed_work(xprtiod_workqueue, 2721 2396 &transport->connect_worker, 2722 2397 delay); ··· 3185 2858 3186 2859 switch (sun->sun_family) { 3187 2860 case AF_LOCAL: 3188 - if (sun->sun_path[0] != '/') { 2861 + if (sun->sun_path[0] != '/' && sun->sun_path[0] != '\0') { 3189 2862 dprintk("RPC: bad AF_LOCAL address: %s\n", 3190 2863 sun->sun_path); 3191 2864 ret = ERR_PTR(-EINVAL); ··· 3372 3045 } 3373 3046 3374 3047 /** 3048 + * xs_setup_tcp_tls - Set up transport to use a TCP with TLS 3049 + * @args: rpc transport creation arguments 3050 + * 3051 + */ 3052 + static struct rpc_xprt *xs_setup_tcp_tls(struct xprt_create *args) 3053 + { 3054 + struct sockaddr *addr = args->dstaddr; 3055 + struct rpc_xprt *xprt; 3056 + struct sock_xprt *transport; 3057 + struct rpc_xprt *ret; 3058 + unsigned int max_slot_table_size = xprt_max_tcp_slot_table_entries; 3059 + 3060 + if (args->flags & XPRT_CREATE_INFINITE_SLOTS) 3061 + max_slot_table_size = RPC_MAX_SLOT_TABLE_LIMIT; 3062 + 3063 + xprt = xs_setup_xprt(args, xprt_tcp_slot_table_entries, 3064 + max_slot_table_size); 3065 + if (IS_ERR(xprt)) 3066 + return xprt; 3067 + transport = container_of(xprt, struct sock_xprt, xprt); 3068 + 3069 + xprt->prot = IPPROTO_TCP; 3070 + xprt->xprt_class = &xs_tcp_transport; 3071 + xprt->max_payload = RPC_MAX_FRAGMENT_SIZE; 3072 + 3073 + xprt->bind_timeout = XS_BIND_TO; 3074 + xprt->reestablish_timeout = XS_TCP_INIT_REEST_TO; 3075 + xprt->idle_timeout = XS_IDLE_DISC_TO; 3076 + 3077 + xprt->ops = &xs_tcp_ops; 3078 + xprt->timeout = &xs_tcp_default_timeout; 3079 + 3080 + xprt->max_reconnect_timeout = xprt->timeout->to_maxval; 3081 + xprt->connect_timeout = xprt->timeout->to_initval * 3082 + (xprt->timeout->to_retries + 1); 3083 + 3084 + INIT_WORK(&transport->recv_worker, xs_stream_data_receive_workfn); 3085 + INIT_WORK(&transport->error_worker, xs_error_handle); 3086 + 3087 + switch (args->xprtsec.policy) { 3088 + case RPC_XPRTSEC_TLS_ANON: 3089 + case RPC_XPRTSEC_TLS_X509: 3090 + xprt->xprtsec = args->xprtsec; 3091 + INIT_DELAYED_WORK(&transport->connect_worker, 3092 + xs_tcp_tls_setup_socket); 3093 + break; 3094 + default: 3095 + ret = ERR_PTR(-EACCES); 3096 + goto out_err; 3097 + } 3098 + 3099 + switch (addr->sa_family) { 3100 + case AF_INET: 3101 + if (((struct sockaddr_in *)addr)->sin_port != htons(0)) 3102 + xprt_set_bound(xprt); 3103 + 3104 + xs_format_peer_addresses(xprt, "tcp", RPCBIND_NETID_TCP); 3105 + break; 3106 + case AF_INET6: 3107 + if (((struct sockaddr_in6 *)addr)->sin6_port != htons(0)) 3108 + xprt_set_bound(xprt); 3109 + 3110 + xs_format_peer_addresses(xprt, "tcp", RPCBIND_NETID_TCP6); 3111 + break; 3112 + default: 3113 + ret = ERR_PTR(-EAFNOSUPPORT); 3114 + goto out_err; 3115 + } 3116 + 3117 + if (xprt_bound(xprt)) 3118 + dprintk("RPC: set up xprt to %s (port %s) via %s\n", 3119 + xprt->address_strings[RPC_DISPLAY_ADDR], 3120 + xprt->address_strings[RPC_DISPLAY_PORT], 3121 + xprt->address_strings[RPC_DISPLAY_PROTO]); 3122 + else 3123 + dprintk("RPC: set up xprt to %s (autobind) via %s\n", 3124 + xprt->address_strings[RPC_DISPLAY_ADDR], 3125 + xprt->address_strings[RPC_DISPLAY_PROTO]); 3126 + 3127 + if (try_module_get(THIS_MODULE)) 3128 + return xprt; 3129 + ret = ERR_PTR(-EINVAL); 3130 + out_err: 3131 + xs_xprt_free(xprt); 3132 + return ret; 3133 + } 3134 + 3135 + /** 3375 3136 * xs_setup_bc_tcp - Set up transport to use a TCP backchannel socket 3376 3137 * @args: rpc transport creation arguments 3377 3138 * ··· 3568 3153 .netid = { "tcp", "tcp6", "" }, 3569 3154 }; 3570 3155 3156 + static struct xprt_class xs_tcp_tls_transport = { 3157 + .list = LIST_HEAD_INIT(xs_tcp_tls_transport.list), 3158 + .name = "tcp-with-tls", 3159 + .owner = THIS_MODULE, 3160 + .ident = XPRT_TRANSPORT_TCP_TLS, 3161 + .setup = xs_setup_tcp_tls, 3162 + .netid = { "tcp", "tcp6", "" }, 3163 + }; 3164 + 3571 3165 static struct xprt_class xs_bc_tcp_transport = { 3572 3166 .list = LIST_HEAD_INIT(xs_bc_tcp_transport.list), 3573 3167 .name = "tcp NFSv4.1 backchannel", ··· 3598 3174 xprt_register_transport(&xs_local_transport); 3599 3175 xprt_register_transport(&xs_udp_transport); 3600 3176 xprt_register_transport(&xs_tcp_transport); 3177 + xprt_register_transport(&xs_tcp_tls_transport); 3601 3178 xprt_register_transport(&xs_bc_tcp_transport); 3602 3179 3603 3180 return 0; ··· 3618 3193 xprt_unregister_transport(&xs_local_transport); 3619 3194 xprt_unregister_transport(&xs_udp_transport); 3620 3195 xprt_unregister_transport(&xs_tcp_transport); 3196 + xprt_unregister_transport(&xs_tcp_tls_transport); 3621 3197 xprt_unregister_transport(&xs_bc_tcp_transport); 3622 3198 } 3623 3199