search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
NET: wimax, fix use after free
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / lockd / svc4proc.c
blob031c6569a134aa7efcfc776d1cab5ef03bc742b8
1 /*
2 * linux/fs/lockd/svc4proc.c
3 *
4 * Lockd server procedures. We don't implement the NLM_*_RES
5 * procedures because we don't use the async procedures.
6 *
7 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
8 */
9
10 #include <linux/types.h>
11 #include <linux/time.h>
12 #include <linux/smp_lock.h>
13 #include <linux/lockd/lockd.h>
14 #include <linux/lockd/share.h>
15
16 #define NLMDBG_FACILITY NLMDBG_CLIENT
17
18 /*
19 * Obtain client and file from arguments
20 */
21 static __be32
22 nlm4svc_retrieve_args(struct svc_rqst *rqstp, struct nlm_args *argp,
23 struct nlm_host **hostp, struct nlm_file **filp)
24 {
25 struct nlm_host *host = NULL;
26 struct nlm_file *file = NULL;
27 struct nlm_lock *lock = &argp->lock;
28 __be32 error = 0;
29
30 /* nfsd callbacks must have been installed for this procedure */
31 if (!nlmsvc_ops)
32 return nlm_lck_denied_nolocks;
33
34 /* Obtain host handle */
35 if (!(host = nlmsvc_lookup_host(rqstp, lock->caller, lock->len))
36 || (argp->monitor && nsm_monitor(host) < 0))
37 goto no_locks;
38 *hostp = host;
39
40 /* Obtain file pointer. Not used by FREE_ALL call. */
41 if (filp != NULL) {
42 if ((error = nlm_lookup_file(rqstp, &file, &lock->fh)) != 0)
43 goto no_locks;
44 *filp = file;
45
46 /* Set up the missing parts of the file_lock structure */
47 lock->fl.fl_file = file->f_file;
48 lock->fl.fl_owner = (fl_owner_t) host;
49 lock->fl.fl_lmops = &nlmsvc_lock_operations;
50 }
51
52 return 0;
53
54 no_locks:
55 nlm_release_host(host);
56 if (error)
57 return error;
58 return nlm_lck_denied_nolocks;
59 }
60
61 /*
62 * NULL: Test for presence of service
63 */
64 static __be32
65 nlm4svc_proc_null(struct svc_rqst *rqstp, void *argp, void *resp)
66 {
67 dprintk("lockd: NULL called\n");
68 return rpc_success;
69 }
70
71 /*
72 * TEST: Check for conflicting lock
73 */
74 static __be32
75 nlm4svc_proc_test(struct svc_rqst *rqstp, struct nlm_args *argp,
76 struct nlm_res *resp)
77 {
78 struct nlm_host *host;
79 struct nlm_file *file;
80 __be32 rc = rpc_success;
81
82 dprintk("lockd: TEST4 called\n");
83 resp->cookie = argp->cookie;
84
85 /* Obtain client and file */
86 if ((resp->status = nlm4svc_retrieve_args(rqstp, argp, &host, &file)))
87 return resp->status == nlm_drop_reply ? rpc_drop_reply :rpc_success;
88
89 /* Now check for conflicting locks */
90 resp->status = nlmsvc_testlock(rqstp, file, host, &argp->lock, &resp->lock, &resp->cookie);
91 if (resp->status == nlm_drop_reply)
92 rc = rpc_drop_reply;
93 else
94 dprintk("lockd: TEST4 status %d\n", ntohl(resp->status));
95
96 nlm_release_host(host);
97 nlm_release_file(file);
98 return rc;
99 }
100
101 static __be32
102 nlm4svc_proc_lock(struct svc_rqst *rqstp, struct nlm_args *argp,
103 struct nlm_res *resp)
104 {
105 struct nlm_host *host;
106 struct nlm_file *file;
107 __be32 rc = rpc_success;
108
109 dprintk("lockd: LOCK called\n");
110
111 resp->cookie = argp->cookie;
112
113 /* Obtain client and file */
114 if ((resp->status = nlm4svc_retrieve_args(rqstp, argp, &host, &file)))
115 return resp->status == nlm_drop_reply ? rpc_drop_reply :rpc_success;
116
117 #if 0
118 /* If supplied state doesn't match current state, we assume it's
119 * an old request that time-warped somehow. Any error return would
120 * do in this case because it's irrelevant anyway.
121 *
122 * NB: We don't retrieve the remote host's state yet.
123 */
124 if (host->h_nsmstate && host->h_nsmstate != argp->state) {
125 resp->status = nlm_lck_denied_nolocks;
126 } else
127 #endif
128
129 /* Now try to lock the file */
130 resp->status = nlmsvc_lock(rqstp, file, host, &argp->lock,
131 argp->block, &argp->cookie,
132 argp->reclaim);
133 if (resp->status == nlm_drop_reply)
134 rc = rpc_drop_reply;
135 else
136 dprintk("lockd: LOCK status %d\n", ntohl(resp->status));
137
138 nlm_release_host(host);
139 nlm_release_file(file);
140 return rc;
141 }
142
143 static __be32
144 nlm4svc_proc_cancel(struct svc_rqst *rqstp, struct nlm_args *argp,
145 struct nlm_res *resp)
146 {
147 struct nlm_host *host;
148 struct nlm_file *file;
149
150 dprintk("lockd: CANCEL called\n");
151
152 resp->cookie = argp->cookie;
153
154 /* Don't accept requests during grace period */
155 if (locks_in_grace()) {
156 resp->status = nlm_lck_denied_grace_period;
157 return rpc_success;
158 }
159
160 /* Obtain client and file */
161 if ((resp->status = nlm4svc_retrieve_args(rqstp, argp, &host, &file)))
162 return resp->status == nlm_drop_reply ? rpc_drop_reply :rpc_success;
163
164 /* Try to cancel request. */
165 resp->status = nlmsvc_cancel_blocked(file, &argp->lock);
166
167 dprintk("lockd: CANCEL status %d\n", ntohl(resp->status));
168 nlm_release_host(host);
169 nlm_release_file(file);
170 return rpc_success;
171 }
172
173 /*
174 * UNLOCK: release a lock
175 */
176 static __be32
177 nlm4svc_proc_unlock(struct svc_rqst *rqstp, struct nlm_args *argp,
178 struct nlm_res *resp)
179 {
180 struct nlm_host *host;
181 struct nlm_file *file;
182
183 dprintk("lockd: UNLOCK called\n");
184
185 resp->cookie = argp->cookie;
186
187 /* Don't accept new lock requests during grace period */
188 if (locks_in_grace()) {
189 resp->status = nlm_lck_denied_grace_period;
190 return rpc_success;
191 }
192
193 /* Obtain client and file */
194 if ((resp->status = nlm4svc_retrieve_args(rqstp, argp, &host, &file)))
195 return resp->status == nlm_drop_reply ? rpc_drop_reply :rpc_success;
196
197 /* Now try to remove the lock */
198 resp->status = nlmsvc_unlock(file, &argp->lock);
199
200 dprintk("lockd: UNLOCK status %d\n", ntohl(resp->status));
201 nlm_release_host(host);
202 nlm_release_file(file);
203 return rpc_success;
204 }
205
206 /*
207 * GRANTED: A server calls us to tell that a process' lock request
208 * was granted
209 */
210 static __be32
211 nlm4svc_proc_granted(struct svc_rqst *rqstp, struct nlm_args *argp,
212 struct nlm_res *resp)
213 {
214 resp->cookie = argp->cookie;
215
216 dprintk("lockd: GRANTED called\n");
217 resp->status = nlmclnt_grant(svc_addr(rqstp), &argp->lock);
218 dprintk("lockd: GRANTED status %d\n", ntohl(resp->status));
219 return rpc_success;
220 }
221
222 /*
223 * This is the generic lockd callback for async RPC calls
224 */
225 static void nlm4svc_callback_exit(struct rpc_task *task, void *data)
226 {
227 dprintk("lockd: %5u callback returned %d\n", task->tk_pid,
228 -task->tk_status);
229 }
230
231 static void nlm4svc_callback_release(void *data)
232 {
233 lock_kernel();
234 nlm_release_call(data);
235 unlock_kernel();
236 }
237
238 static const struct rpc_call_ops nlm4svc_callback_ops = {
239 .rpc_call_done = nlm4svc_callback_exit,
240 .rpc_release = nlm4svc_callback_release,
241 };
242
243 /*
244 * `Async' versions of the above service routines. They aren't really,
245 * because we send the callback before the reply proper. I hope this
246 * doesn't break any clients.
247 */
248 static __be32 nlm4svc_callback(struct svc_rqst *rqstp, u32 proc, struct nlm_args *argp,
249 __be32 (*func)(struct svc_rqst *, struct nlm_args *, struct nlm_res *))
250 {
251 struct nlm_host *host;
252 struct nlm_rqst *call;
253 __be32 stat;
254
255 host = nlmsvc_lookup_host(rqstp,
256 argp->lock.caller,
257 argp->lock.len);
258 if (host == NULL)
259 return rpc_system_err;
260
261 call = nlm_alloc_call(host);
262 if (call == NULL)
263 return rpc_system_err;
264
265 stat = func(rqstp, argp, &call->a_res);
266 if (stat != 0) {
267 nlm_release_call(call);
268 return stat;
269 }
270
271 call->a_flags = RPC_TASK_ASYNC;
272 if (nlm_async_reply(call, proc, &nlm4svc_callback_ops) < 0)
273 return rpc_system_err;
274 return rpc_success;
275 }
276
277 static __be32 nlm4svc_proc_test_msg(struct svc_rqst *rqstp, struct nlm_args *argp,
278 void *resp)
279 {
280 dprintk("lockd: TEST_MSG called\n");
281 return nlm4svc_callback(rqstp, NLMPROC_TEST_RES, argp, nlm4svc_proc_test);
282 }
283
284 static __be32 nlm4svc_proc_lock_msg(struct svc_rqst *rqstp, struct nlm_args *argp,
285 void *resp)
286 {
287 dprintk("lockd: LOCK_MSG called\n");
288 return nlm4svc_callback(rqstp, NLMPROC_LOCK_RES, argp, nlm4svc_proc_lock);
289 }
290
291 static __be32 nlm4svc_proc_cancel_msg(struct svc_rqst *rqstp, struct nlm_args *argp,
292 void *resp)
293 {
294 dprintk("lockd: CANCEL_MSG called\n");
295 return nlm4svc_callback(rqstp, NLMPROC_CANCEL_RES, argp, nlm4svc_proc_cancel);
296 }
297
298 static __be32 nlm4svc_proc_unlock_msg(struct svc_rqst *rqstp, struct nlm_args *argp,
299 void *resp)
300 {
301 dprintk("lockd: UNLOCK_MSG called\n");
302 return nlm4svc_callback(rqstp, NLMPROC_UNLOCK_RES, argp, nlm4svc_proc_unlock);
303 }
304
305 static __be32 nlm4svc_proc_granted_msg(struct svc_rqst *rqstp, struct nlm_args *argp,
306 void *resp)
307 {
308 dprintk("lockd: GRANTED_MSG called\n");
309 return nlm4svc_callback(rqstp, NLMPROC_GRANTED_RES, argp, nlm4svc_proc_granted);
310 }
311
312 /*
313 * SHARE: create a DOS share or alter existing share.
314 */
315 static __be32
316 nlm4svc_proc_share(struct svc_rqst *rqstp, struct nlm_args *argp,
317 struct nlm_res *resp)
318 {
319 struct nlm_host *host;
320 struct nlm_file *file;
321
322 dprintk("lockd: SHARE called\n");
323
324 resp->cookie = argp->cookie;
325
326 /* Don't accept new lock requests during grace period */
327 if (locks_in_grace() && !argp->reclaim) {
328 resp->status = nlm_lck_denied_grace_period;
329 return rpc_success;
330 }
331
332 /* Obtain client and file */
333 if ((resp->status = nlm4svc_retrieve_args(rqstp, argp, &host, &file)))
334 return resp->status == nlm_drop_reply ? rpc_drop_reply :rpc_success;
335
336 /* Now try to create the share */
337 resp->status = nlmsvc_share_file(host, file, argp);
338
339 dprintk("lockd: SHARE status %d\n", ntohl(resp->status));
340 nlm_release_host(host);
341 nlm_release_file(file);
342 return rpc_success;
343 }
344
345 /*
346 * UNSHARE: Release a DOS share.
347 */
348 static __be32
349 nlm4svc_proc_unshare(struct svc_rqst *rqstp, struct nlm_args *argp,
350 struct nlm_res *resp)
351 {
352 struct nlm_host *host;
353 struct nlm_file *file;
354
355 dprintk("lockd: UNSHARE called\n");
356
357 resp->cookie = argp->cookie;
358
359 /* Don't accept requests during grace period */
360 if (locks_in_grace()) {
361 resp->status = nlm_lck_denied_grace_period;
362 return rpc_success;
363 }
364
365 /* Obtain client and file */
366 if ((resp->status = nlm4svc_retrieve_args(rqstp, argp, &host, &file)))
367 return resp->status == nlm_drop_reply ? rpc_drop_reply :rpc_success;
368
369 /* Now try to lock the file */
370 resp->status = nlmsvc_unshare_file(host, file, argp);
371
372 dprintk("lockd: UNSHARE status %d\n", ntohl(resp->status));
373 nlm_release_host(host);
374 nlm_release_file(file);
375 return rpc_success;
376 }
377
378 /*
379 * NM_LOCK: Create an unmonitored lock
380 */
381 static __be32
382 nlm4svc_proc_nm_lock(struct svc_rqst *rqstp, struct nlm_args *argp,
383 struct nlm_res *resp)
384 {
385 dprintk("lockd: NM_LOCK called\n");
386
387 argp->monitor = 0; /* just clean the monitor flag */
388 return nlm4svc_proc_lock(rqstp, argp, resp);
389 }
390
391 /*
392 * FREE_ALL: Release all locks and shares held by client
393 */
394 static __be32
395 nlm4svc_proc_free_all(struct svc_rqst *rqstp, struct nlm_args *argp,
396 void *resp)
397 {
398 struct nlm_host *host;
399
400 /* Obtain client */
401 if (nlm4svc_retrieve_args(rqstp, argp, &host, NULL))
402 return rpc_success;
403
404 nlmsvc_free_host_resources(host);
405 nlm_release_host(host);
406 return rpc_success;
407 }
408
409 /*
410 * SM_NOTIFY: private callback from statd (not part of official NLM proto)
411 */
412 static __be32
413 nlm4svc_proc_sm_notify(struct svc_rqst *rqstp, struct nlm_reboot *argp,
414 void *resp)
415 {
416 dprintk("lockd: SM_NOTIFY called\n");
417
418 if (!nlm_privileged_requester(rqstp)) {
419 char buf[RPC_MAX_ADDRBUFLEN];
420 printk(KERN_WARNING "lockd: rejected NSM callback from %s\n",
421 svc_print_addr(rqstp, buf, sizeof(buf)));
422 return rpc_system_err;
423 }
424
425 nlm_host_rebooted(argp);
426 return rpc_success;
427 }
428
429 /*
430 * client sent a GRANTED_RES, let's remove the associated block
431 */
432 static __be32
433 nlm4svc_proc_granted_res(struct svc_rqst *rqstp, struct nlm_res *argp,
434 void *resp)
435 {
436 if (!nlmsvc_ops)
437 return rpc_success;
438
439 dprintk("lockd: GRANTED_RES called\n");
440
441 nlmsvc_grant_reply(&argp->cookie, argp->status);
442 return rpc_success;
443 }
444
445
446 /*
447 * NLM Server procedures.
448 */
449
450 #define nlm4svc_encode_norep nlm4svc_encode_void
451 #define nlm4svc_decode_norep nlm4svc_decode_void
452 #define nlm4svc_decode_testres nlm4svc_decode_void
453 #define nlm4svc_decode_lockres nlm4svc_decode_void
454 #define nlm4svc_decode_unlockres nlm4svc_decode_void
455 #define nlm4svc_decode_cancelres nlm4svc_decode_void
456 #define nlm4svc_decode_grantedres nlm4svc_decode_void
457
458 #define nlm4svc_proc_none nlm4svc_proc_null
459 #define nlm4svc_proc_test_res nlm4svc_proc_null
460 #define nlm4svc_proc_lock_res nlm4svc_proc_null
461 #define nlm4svc_proc_cancel_res nlm4svc_proc_null
462 #define nlm4svc_proc_unlock_res nlm4svc_proc_null
463
464 struct nlm_void { int dummy; };
465
466 #define PROC(name, xargt, xrest, argt, rest, respsize) \
467 { .pc_func = (svc_procfunc) nlm4svc_proc_##name, \
468 .pc_decode = (kxdrproc_t) nlm4svc_decode_##xargt, \
469 .pc_encode = (kxdrproc_t) nlm4svc_encode_##xrest, \
470 .pc_release = NULL, \
471 .pc_argsize = sizeof(struct nlm_##argt), \
472 .pc_ressize = sizeof(struct nlm_##rest), \
473 .pc_xdrressize = respsize, \
474 }
475 #define Ck (1+XDR_QUADLEN(NLM_MAXCOOKIELEN)) /* cookie */
476 #define No (1+1024/4) /* netobj */
477 #define St 1 /* status */
478 #define Rg 4 /* range (offset + length) */
479 struct svc_procedure nlmsvc_procedures4[] = {
480 PROC(null, void, void, void, void, 1),
481 PROC(test, testargs, testres, args, res, Ck+St+2+No+Rg),
482 PROC(lock, lockargs, res, args, res, Ck+St),
483 PROC(cancel, cancargs, res, args, res, Ck+St),
484 PROC(unlock, unlockargs, res, args, res, Ck+St),
485 PROC(granted, testargs, res, args, res, Ck+St),
486 PROC(test_msg, testargs, norep, args, void, 1),
487 PROC(lock_msg, lockargs, norep, args, void, 1),
488 PROC(cancel_msg, cancargs, norep, args, void, 1),
489 PROC(unlock_msg, unlockargs, norep, args, void, 1),
490 PROC(granted_msg, testargs, norep, args, void, 1),
491 PROC(test_res, testres, norep, res, void, 1),
492 PROC(lock_res, lockres, norep, res, void, 1),
493 PROC(cancel_res, cancelres, norep, res, void, 1),
494 PROC(unlock_res, unlockres, norep, res, void, 1),
495 PROC(granted_res, res, norep, res, void, 1),
496 /* statd callback */
497 PROC(sm_notify, reboot, void, reboot, void, 1),
498 PROC(none, void, void, void, void, 0),
499 PROC(none, void, void, void, void, 0),
500 PROC(none, void, void, void, void, 0),
501 PROC(share, shareargs, shareres, args, res, Ck+St+1),
502 PROC(unshare, shareargs, shareres, args, res, Ck+St+1),
503 PROC(nm_lock, lockargs, res, args, res, Ck+St),
504 PROC(free_all, notify, void, args, void, 1),
505
506 };
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree