Skip to content
Navigation Menu
Toggle navigation
Sign in
In this repository
All GitHub Enterprise
↵
Jump to
↵
No suggested jump to results
In this repository
All GitHub Enterprise
↵
Jump to
↵
In this organization
All GitHub Enterprise
↵
Jump to
↵
In this repository
All GitHub Enterprise
↵
Jump to
↵
Sign in
Reseting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
mariux64
/
linux
Public
Notifications
You must be signed in to change notification settings
Fork
0
Star
0
Code
Issues
2
Pull requests
0
Actions
Projects
0
Wiki
Security
Insights
Additional navigation options
Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights
Files
bd1d421
Documentation
arch
block
crypto
drivers
firmware
fs
9p
adfs
affs
afs
autofs4
befs
bfs
btrfs
cachefiles
ceph
cifs
coda
configfs
cramfs
debugfs
devpts
dlm
ecryptfs
efs
exofs
exportfs
ext2
ext3
ext4
f2fs
fat
freevxfs
fscache
fuse
gfs2
hfs
hfsplus
hostfs
hpfs
hppfs
hugetlbfs
isofs
jbd
jbd2
jffs2
jfs
lockd
logfs
minix
ncpfs
nfs
blocklayout
objlayout
Kconfig
Makefile
cache_lib.c
cache_lib.h
callback.c
callback.h
callback_proc.c
callback_xdr.c
client.c
delegation.c
delegation.h
dir.c
direct.c
dns_resolve.c
dns_resolve.h
file.c
fscache-index.c
fscache.c
fscache.h
getroot.c
idmap.c
inode.c
internal.h
iostat.h
mount_clnt.c
namespace.c
netns.h
nfs.h
nfs2super.c
nfs2xdr.c
nfs3acl.c
nfs3client.c
nfs3proc.c
nfs3super.c
nfs3xdr.c
nfs4_fs.h
nfs4client.c
nfs4file.c
nfs4filelayout.c
nfs4filelayout.h
nfs4filelayoutdev.c
nfs4getroot.c
nfs4namespace.c
nfs4proc.c
nfs4renewd.c
nfs4session.c
nfs4session.h
nfs4state.c
nfs4super.c
nfs4sysctl.c
nfs4xdr.c
nfsroot.c
pagelist.c
pnfs.c
pnfs.h
pnfs_dev.c
proc.c
read.c
super.c
symlink.c
sysctl.c
unlink.c
write.c
nfs_common
nfsd
nilfs2
nls
notify
ntfs
ocfs2
omfs
openpromfs
proc
pstore
qnx4
qnx6
quota
ramfs
reiserfs
romfs
squashfs
sysfs
sysv
ubifs
udf
ufs
xfs
Kconfig
Kconfig.binfmt
Makefile
aio.c
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf.c
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
binfmt_som.c
bio-integrity.c
bio.c
block_dev.c
buffer.c
char_dev.c
compat.c
compat_binfmt_elf.c
compat_ioctl.c
coredump.c
coredump.h
dcache.c
dcookies.c
direct-io.c
drop_caches.c
eventfd.c
eventpoll.c
exec.c
fcntl.c
fhandle.c
fifo.c
file.c
file_table.c
filesystems.c
fs-writeback.c
fs_struct.c
generic_acl.c
inode.c
internal.h
ioctl.c
ioprio.c
libfs.c
locks.c
mbcache.c
mount.h
mpage.c
namei.c
namespace.c
no-block.c
open.c
pipe.c
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
read_write.h
readdir.c
select.c
seq_file.c
signalfd.c
splice.c
stack.c
stat.c
statfs.c
super.c
sync.c
timerfd.c
utimes.c
xattr.c
xattr_acl.c
include
init
ipc
kernel
lib
mm
net
samples
scripts
security
sound
tools
usr
virt
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile
README
REPORTING-BUGS
Breadcrumbs
linux
/
fs
/
nfs
/
nfs4namespace.c
Blame
Blame
Latest commit
History
History
389 lines (329 loc) · 9.44 KB
Breadcrumbs
linux
/
fs
/
nfs
/
nfs4namespace.c
Top
File metadata and controls
Code
Blame
389 lines (329 loc) · 9.44 KB
Raw
/* * linux/fs/nfs/nfs4namespace.c * * Copyright (C) 2005 Trond Myklebust <Trond.Myklebust@netapp.com> * - Modified by David Howells <dhowells@redhat.com> * * NFSv4 namespace */ #include <linux/dcache.h> #include <linux/mount.h> #include <linux/namei.h> #include <linux/nfs_fs.h> #include <linux/slab.h> #include <linux/string.h> #include <linux/sunrpc/clnt.h> #include <linux/sunrpc/addr.h> #include <linux/vfs.h> #include <linux/inet.h> #include "internal.h" #include "nfs4_fs.h" #include "dns_resolve.h" #define NFSDBG_FACILITY NFSDBG_VFS /* * Convert the NFSv4 pathname components into a standard posix path. * * Note that the resulting string will be placed at the end of the buffer */ static inline char *nfs4_pathname_string(const struct nfs4_pathname *pathname, char *buffer, ssize_t buflen) { char *end = buffer + buflen; int n; *--end = '\0'; buflen--; n = pathname->ncomponents; while (--n >= 0) { const struct nfs4_string *component = &pathname->components[n]; buflen -= component->len + 1; if (buflen < 0) goto Elong; end -= component->len; memcpy(end, component->data, component->len); *--end = '/'; } return end; Elong: return ERR_PTR(-ENAMETOOLONG); } /* * return the path component of "<server>:<path>" * nfspath - the "<server>:<path>" string * end - one past the last char that could contain "<server>:" * returns NULL on failure */ static char *nfs_path_component(const char *nfspath, const char *end) { char *p; if (*nfspath == '[') { /* parse [] escaped IPv6 addrs */ p = strchr(nfspath, ']'); if (p != NULL && ++p < end && *p == ':') return p + 1; } else { /* otherwise split on first colon */ p = strchr(nfspath, ':'); if (p != NULL && p < end) return p + 1; } return NULL; } /* * Determine the mount path as a string */ static char *nfs4_path(struct dentry *dentry, char *buffer, ssize_t buflen) { char *limit; char *path = nfs_path(&limit, dentry, buffer, buflen, NFS_PATH_CANONICAL); if (!IS_ERR(path)) { char *path_component = nfs_path_component(path, limit); if (path_component) return path_component; } return path; } /* * Check that fs_locations::fs_root [RFC3530 6.3] is a prefix for what we * believe to be the server path to this dentry */ static int nfs4_validate_fspath(struct dentry *dentry, const struct nfs4_fs_locations *locations, char *page, char *page2) { const char *path, *fs_path; path = nfs4_path(dentry, page, PAGE_SIZE); if (IS_ERR(path)) return PTR_ERR(path); fs_path = nfs4_pathname_string(&locations->fs_path, page2, PAGE_SIZE); if (IS_ERR(fs_path)) return PTR_ERR(fs_path); if (strncmp(path, fs_path, strlen(fs_path)) != 0) { dprintk("%s: path %s does not begin with fsroot %s\n", __func__, path, fs_path); return -ENOENT; } return 0; } static size_t nfs_parse_server_name(char *string, size_t len, struct sockaddr *sa, size_t salen, struct nfs_server *server) { struct net *net = rpc_net_ns(server->client); ssize_t ret; ret = rpc_pton(net, string, len, sa, salen); if (ret == 0) { ret = nfs_dns_resolve_name(net, string, len, sa, salen); if (ret < 0) ret = 0; } return ret; } /** * nfs_find_best_sec - Find a security mechanism supported locally * @flavors: List of security tuples returned by SECINFO procedure * * Return the pseudoflavor of the first security mechanism in * "flavors" that is locally supported. Return RPC_AUTH_UNIX if * no matching flavor is found in the array. The "flavors" array * is searched in the order returned from the server, per RFC 3530 * recommendation. */ rpc_authflavor_t nfs_find_best_sec(struct nfs4_secinfo_flavors *flavors) { rpc_authflavor_t pseudoflavor; struct nfs4_secinfo4 *secinfo; unsigned int i; for (i = 0; i < flavors->num_flavors; i++) { secinfo = &flavors->flavors[i]; switch (secinfo->flavor) { case RPC_AUTH_NULL: case RPC_AUTH_UNIX: case RPC_AUTH_GSS: pseudoflavor = rpcauth_get_pseudoflavor(secinfo->flavor, &secinfo->flavor_info); if (pseudoflavor != RPC_AUTH_MAXFLAVOR) return pseudoflavor; break; } } return RPC_AUTH_UNIX; } static rpc_authflavor_t nfs4_negotiate_security(struct inode *inode, struct qstr *name) { struct page *page; struct nfs4_secinfo_flavors *flavors; rpc_authflavor_t flavor; int err; page = alloc_page(GFP_KERNEL); if (!page) return -ENOMEM; flavors = page_address(page); err = nfs4_proc_secinfo(inode, name, flavors); if (err < 0) { flavor = err; goto out; } flavor = nfs_find_best_sec(flavors); out: put_page(page); return flavor; } /* * Please call rpc_shutdown_client() when you are done with this client. */ struct rpc_clnt *nfs4_create_sec_client(struct rpc_clnt *clnt, struct inode *inode, struct qstr *name) { rpc_authflavor_t flavor; flavor = nfs4_negotiate_security(inode, name); if ((int)flavor < 0) return ERR_PTR((int)flavor); return rpc_clone_client_set_auth(clnt, flavor); } static struct vfsmount *try_location(struct nfs_clone_mount *mountdata, char *page, char *page2, const struct nfs4_fs_location *location) { const size_t addr_bufsize = sizeof(struct sockaddr_storage); struct vfsmount *mnt = ERR_PTR(-ENOENT); char *mnt_path; unsigned int maxbuflen; unsigned int s; mnt_path = nfs4_pathname_string(&location->rootpath, page2, PAGE_SIZE); if (IS_ERR(mnt_path)) return ERR_CAST(mnt_path); mountdata->mnt_path = mnt_path; maxbuflen = mnt_path - 1 - page2; mountdata->addr = kmalloc(addr_bufsize, GFP_KERNEL); if (mountdata->addr == NULL) return ERR_PTR(-ENOMEM); for (s = 0; s < location->nservers; s++) { const struct nfs4_string *buf = &location->servers[s]; if (buf->len <= 0 || buf->len >= maxbuflen) continue; if (memchr(buf->data, IPV6_SCOPE_DELIMITER, buf->len)) continue; mountdata->addrlen = nfs_parse_server_name(buf->data, buf->len, mountdata->addr, addr_bufsize, NFS_SB(mountdata->sb)); if (mountdata->addrlen == 0) continue; rpc_set_port(mountdata->addr, NFS_PORT); memcpy(page2, buf->data, buf->len); page2[buf->len] = '\0'; mountdata->hostname = page2; snprintf(page, PAGE_SIZE, "%s:%s", mountdata->hostname, mountdata->mnt_path); mnt = vfs_kern_mount(&nfs4_referral_fs_type, 0, page, mountdata); if (!IS_ERR(mnt)) break; } kfree(mountdata->addr); return mnt; } /** * nfs_follow_referral - set up mountpoint when hitting a referral on moved error * @dentry - parent directory * @locations - array of NFSv4 server location information * */ static struct vfsmount *nfs_follow_referral(struct dentry *dentry, const struct nfs4_fs_locations *locations) { struct vfsmount *mnt = ERR_PTR(-ENOENT); struct nfs_clone_mount mountdata = { .sb = dentry->d_sb, .dentry = dentry, .authflavor = NFS_SB(dentry->d_sb)->client->cl_auth->au_flavor, }; char *page = NULL, *page2 = NULL; int loc, error; if (locations == NULL || locations->nlocations <= 0) goto out; dprintk("%s: referral at %s/%s\n", __func__, dentry->d_parent->d_name.name, dentry->d_name.name); page = (char *) __get_free_page(GFP_USER); if (!page) goto out; page2 = (char *) __get_free_page(GFP_USER); if (!page2) goto out; /* Ensure fs path is a prefix of current dentry path */ error = nfs4_validate_fspath(dentry, locations, page, page2); if (error < 0) { mnt = ERR_PTR(error); goto out; } for (loc = 0; loc < locations->nlocations; loc++) { const struct nfs4_fs_location *location = &locations->locations[loc]; if (location == NULL || location->nservers <= 0 || location->rootpath.ncomponents == 0) continue; mnt = try_location(&mountdata, page, page2, location); if (!IS_ERR(mnt)) break; } out: free_page((unsigned long) page); free_page((unsigned long) page2); dprintk("%s: done\n", __func__); return mnt; } /* * nfs_do_refmount - handle crossing a referral on server * @dentry - dentry of referral * */ static struct vfsmount *nfs_do_refmount(struct rpc_clnt *client, struct dentry *dentry) { struct vfsmount *mnt = ERR_PTR(-ENOMEM); struct dentry *parent; struct nfs4_fs_locations *fs_locations = NULL; struct page *page; int err; /* BUG_ON(IS_ROOT(dentry)); */ dprintk("%s: enter\n", __func__); page = alloc_page(GFP_KERNEL); if (page == NULL) goto out; fs_locations = kmalloc(sizeof(struct nfs4_fs_locations), GFP_KERNEL); if (fs_locations == NULL) goto out_free; /* Get locations */ mnt = ERR_PTR(-ENOENT); parent = dget_parent(dentry); dprintk("%s: getting locations for %s/%s\n", __func__, parent->d_name.name, dentry->d_name.name); err = nfs4_proc_fs_locations(client, parent->d_inode, &dentry->d_name, fs_locations, page); dput(parent); if (err != 0 || fs_locations->nlocations <= 0 || fs_locations->fs_path.ncomponents <= 0) goto out_free; mnt = nfs_follow_referral(dentry, fs_locations); out_free: __free_page(page); kfree(fs_locations); out: dprintk("%s: done\n", __func__); return mnt; } struct vfsmount *nfs4_submount(struct nfs_server *server, struct dentry *dentry, struct nfs_fh *fh, struct nfs_fattr *fattr) { struct dentry *parent = dget_parent(dentry); struct rpc_clnt *client; struct vfsmount *mnt; /* Look it up again to get its attributes and sec flavor */ client = nfs4_proc_lookup_mountpoint(parent->d_inode, &dentry->d_name, fh, fattr); dput(parent); if (IS_ERR(client)) return ERR_CAST(client); if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL) mnt = nfs_do_refmount(client, dentry); else mnt = nfs_do_submount(dentry, fh, fattr, client->cl_auth->au_flavor); rpc_shutdown_client(client); return mnt; }
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
You can’t perform that action at this time.