1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 *
25 * Copyright (c) 1983,1984,1985,1986,1987,1988,1989 AT&T.
26 * All rights reserved.
27 */
28
29 #include <sys/types.h>
30 #include <rpc/types.h>
31 #include <sys/systm.h>
32 #include <sys/vfs.h>
33 #include <sys/errno.h>
34 #include <sys/cred.h>
35 #include <sys/policy.h>
36 #include <sys/siginfo.h>
37 #include <sys/proc.h> /* for exit() declaration */
38 #include <sys/kmem.h>
39 #include <nfs/nfs4.h>
40 #include <nfs/nfssys.h>
41 #include <sys/thread.h>
42 #include <rpc/auth.h>
43 #include <rpc/rpcsys.h>
44 #include <rpc/svc.h>
45
46 /*
47 * This is filled in with an appropriate address for the
48 * function that will traverse the rfs4_client_t table
63 * based on values read by lockd from /etc/default/nfs. Since nfssrv depends on
64 * klmmod, the declarations need to be here (in nfs, on which both depend) so
65 * that nfssrv can see the klmmod changes.
66 * When the dependency of NFSv4 on NLM/lockd is removed, this will need to
67 * be adjusted.
68 */
69 #define RFS4_LEASETIME 90 /* seconds */
70 time_t rfs4_lease_time = RFS4_LEASETIME;
71 time_t rfs4_grace_period = RFS4_LEASETIME;
72
73 /* DSS: distributed stable storage */
74 size_t nfs4_dss_buflen = 0;
75 /* This filled in by nfssrv:_init() */
76 int (*nfs_srv_dss_func)(char *, size_t) = NULL;
77
78 int
79 nfs_export(void *arg)
80 {
81 STRUCT_DECL(exportfs_args, ea);
82
83 if (!INGLOBALZONE(curproc))
84 return (set_errno(EPERM));
85 STRUCT_INIT(ea, get_udatamodel());
86 if (copyin(arg, STRUCT_BUF(ea), STRUCT_SIZE(ea)))
87 return (set_errno(EFAULT));
88
89 return (exportfs(STRUCT_BUF(ea), get_udatamodel(), CRED()));
90 }
91
92 int
93 nfssys(enum nfssys_op opcode, void *arg)
94 {
95 int error = 0;
96
97 if (!(opcode == NFS_REVAUTH || opcode == NFS4_SVC) &&
98 secpolicy_nfs(CRED()) != 0)
99 return (set_errno(EPERM));
100
101 switch (opcode) {
102 case NFS4_CLR_STATE: { /* Clear NFS4 client state */
103 struct nfs4clrst_args clr;
104 STRUCT_DECL(nfs4clrst_args, u_clr);
105
106 /*
107 * If the server is not loaded then no point in
108 * clearing nothing :-)
109 */
110 if (rfs4_client_clrst == NULL) {
111 break;
112 }
113
114 if (!INGLOBALZONE(curproc))
115 return (set_errno(EPERM));
116
117 STRUCT_INIT(u_clr, get_udatamodel());
118
119 if (copyin(arg, STRUCT_BUF(u_clr), STRUCT_SIZE(u_clr)))
120 return (set_errno(EFAULT));
121
122 clr.vers = STRUCT_FGET(u_clr, vers);
123
124 if (clr.vers != NFS4_CLRST_VERSION)
125 return (set_errno(EINVAL));
126
127 clr.addr_type = STRUCT_FGET(u_clr, addr_type);
128 clr.ap = STRUCT_FGETP(u_clr, ap);
129 rfs4_client_clrst(&clr);
130 break;
131 }
132
133 case SVCPOOL_CREATE: { /* setup an RPC server thread pool */
134 struct svcpool_args p;
135
136 if (copyin(arg, &p, sizeof (p)))
147 return (set_errno(EFAULT));
148
149 error = svc_wait(id);
150 break;
151 }
152
153 case SVCPOOL_RUN: { /* give work to a runnable thread */
154 int id;
155
156 if (copyin(arg, &id, sizeof (id)))
157 return (set_errno(EFAULT));
158
159 error = svc_do_run(id);
160 break;
161 }
162
163 case RDMA_SVC_INIT: {
164 struct rdma_svc_args rsa;
165 char netstore[20] = "tcp";
166
167 if (!INGLOBALZONE(curproc))
168 return (set_errno(EPERM));
169 if (get_udatamodel() != DATAMODEL_NATIVE) {
170 STRUCT_DECL(rdma_svc_args, ursa);
171
172 STRUCT_INIT(ursa, get_udatamodel());
173 if (copyin(arg, STRUCT_BUF(ursa), STRUCT_SIZE(ursa)))
174 return (set_errno(EFAULT));
175
176 rsa.poolid = STRUCT_FGET(ursa, poolid);
177 rsa.nfs_versmin = STRUCT_FGET(ursa, nfs_versmin);
178 rsa.nfs_versmax = STRUCT_FGET(ursa, nfs_versmax);
179 rsa.delegation = STRUCT_FGET(ursa, delegation);
180 } else {
181 if (copyin(arg, &rsa, sizeof (rsa)))
182 return (set_errno(EFAULT));
183 }
184 rsa.netid = netstore;
185
186 error = rdma_start(&rsa);
187 break;
188 }
189
190 case NFS_SVC: { /* NFS server daemon */
191 STRUCT_DECL(nfs_svc_args, nsa);
192
193 if (!INGLOBALZONE(curproc))
194 return (set_errno(EPERM));
195 STRUCT_INIT(nsa, get_udatamodel());
196
197 if (copyin(arg, STRUCT_BUF(nsa), STRUCT_SIZE(nsa)))
198 return (set_errno(EFAULT));
199
200 error = nfs_svc(STRUCT_BUF(nsa), get_udatamodel());
201 break;
202 }
203
204 case EXPORTFS: { /* export a file system */
205 error = nfs_export(arg);
206 break;
207 }
208
209 case NFS_GETFH: { /* get a file handle */
210 STRUCT_DECL(nfs_getfh_args, nga);
211
212 if (!INGLOBALZONE(curproc))
213 return (set_errno(EPERM));
214 STRUCT_INIT(nga, get_udatamodel());
215 if (copyin(arg, STRUCT_BUF(nga), STRUCT_SIZE(nga)))
216 return (set_errno(EFAULT));
217
218 error = nfs_getfh(STRUCT_BUF(nga), get_udatamodel(), CRED());
219 break;
220 }
221
222 case NFS_REVAUTH: { /* revoke the cached credentials for the uid */
223 STRUCT_DECL(nfs_revauth_args, nra);
224
225 STRUCT_INIT(nra, get_udatamodel());
226 if (copyin(arg, STRUCT_BUF(nra), STRUCT_SIZE(nra)))
227 return (set_errno(EFAULT));
228
229 /* This call performs its own privilege checking */
230 error = sec_clnt_revoke(STRUCT_FGET(nra, authtype),
231 STRUCT_FGET(nra, uid), CRED(), NULL, get_udatamodel());
232 break;
233 }
|
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * Copyright (c) 1983,1984,1985,1986,1987,1988,1989 AT&T.
29 * All rights reserved.
30 */
31
32 /*
33 * Copyright 2018 Nexenta Systems, Inc.
34 */
35
36 #include <sys/types.h>
37 #include <rpc/types.h>
38 #include <sys/systm.h>
39 #include <sys/vfs.h>
40 #include <sys/errno.h>
41 #include <sys/cred.h>
42 #include <sys/policy.h>
43 #include <sys/siginfo.h>
44 #include <sys/proc.h> /* for exit() declaration */
45 #include <sys/kmem.h>
46 #include <nfs/nfs4.h>
47 #include <nfs/nfssys.h>
48 #include <sys/thread.h>
49 #include <rpc/auth.h>
50 #include <rpc/rpcsys.h>
51 #include <rpc/svc.h>
52
53 /*
54 * This is filled in with an appropriate address for the
55 * function that will traverse the rfs4_client_t table
70 * based on values read by lockd from /etc/default/nfs. Since nfssrv depends on
71 * klmmod, the declarations need to be here (in nfs, on which both depend) so
72 * that nfssrv can see the klmmod changes.
73 * When the dependency of NFSv4 on NLM/lockd is removed, this will need to
74 * be adjusted.
75 */
76 #define RFS4_LEASETIME 90 /* seconds */
77 time_t rfs4_lease_time = RFS4_LEASETIME;
78 time_t rfs4_grace_period = RFS4_LEASETIME;
79
80 /* DSS: distributed stable storage */
81 size_t nfs4_dss_buflen = 0;
82 /* This filled in by nfssrv:_init() */
83 int (*nfs_srv_dss_func)(char *, size_t) = NULL;
84
85 int
86 nfs_export(void *arg)
87 {
88 STRUCT_DECL(exportfs_args, ea);
89
90 STRUCT_INIT(ea, get_udatamodel());
91 if (copyin(arg, STRUCT_BUF(ea), STRUCT_SIZE(ea)))
92 return (set_errno(EFAULT));
93
94 return (exportfs(STRUCT_BUF(ea), get_udatamodel(), CRED()));
95 }
96
97 int
98 nfssys(enum nfssys_op opcode, void *arg)
99 {
100 int error = 0;
101
102 if (!(opcode == NFS_REVAUTH || opcode == NFS4_SVC) &&
103 secpolicy_nfs(CRED()) != 0)
104 return (set_errno(EPERM));
105
106 switch (opcode) {
107 case NFS4_CLR_STATE: { /* Clear NFS4 client state */
108 struct nfs4clrst_args clr;
109 STRUCT_DECL(nfs4clrst_args, u_clr);
110
111 /*
112 * If the server is not loaded then no point in
113 * clearing nothing :-)
114 */
115 if (rfs4_client_clrst == NULL) {
116 break;
117 }
118
119 STRUCT_INIT(u_clr, get_udatamodel());
120
121 if (copyin(arg, STRUCT_BUF(u_clr), STRUCT_SIZE(u_clr)))
122 return (set_errno(EFAULT));
123
124 clr.vers = STRUCT_FGET(u_clr, vers);
125
126 if (clr.vers != NFS4_CLRST_VERSION)
127 return (set_errno(EINVAL));
128
129 clr.addr_type = STRUCT_FGET(u_clr, addr_type);
130 clr.ap = STRUCT_FGETP(u_clr, ap);
131 rfs4_client_clrst(&clr);
132 break;
133 }
134
135 case SVCPOOL_CREATE: { /* setup an RPC server thread pool */
136 struct svcpool_args p;
137
138 if (copyin(arg, &p, sizeof (p)))
149 return (set_errno(EFAULT));
150
151 error = svc_wait(id);
152 break;
153 }
154
155 case SVCPOOL_RUN: { /* give work to a runnable thread */
156 int id;
157
158 if (copyin(arg, &id, sizeof (id)))
159 return (set_errno(EFAULT));
160
161 error = svc_do_run(id);
162 break;
163 }
164
165 case RDMA_SVC_INIT: {
166 struct rdma_svc_args rsa;
167 char netstore[20] = "tcp";
168
169 if (get_udatamodel() != DATAMODEL_NATIVE) {
170 STRUCT_DECL(rdma_svc_args, ursa);
171
172 STRUCT_INIT(ursa, get_udatamodel());
173 if (copyin(arg, STRUCT_BUF(ursa), STRUCT_SIZE(ursa)))
174 return (set_errno(EFAULT));
175
176 rsa.poolid = STRUCT_FGET(ursa, poolid);
177 rsa.nfs_versmin = STRUCT_FGET(ursa, nfs_versmin);
178 rsa.nfs_versmax = STRUCT_FGET(ursa, nfs_versmax);
179 rsa.delegation = STRUCT_FGET(ursa, delegation);
180 } else {
181 if (copyin(arg, &rsa, sizeof (rsa)))
182 return (set_errno(EFAULT));
183 }
184 rsa.netid = netstore;
185
186 error = rdma_start(&rsa);
187 break;
188 }
189
190 case NFS_SVC: { /* NFS server daemon */
191 STRUCT_DECL(nfs_svc_args, nsa);
192 STRUCT_INIT(nsa, get_udatamodel());
193
194 if (copyin(arg, STRUCT_BUF(nsa), STRUCT_SIZE(nsa)))
195 return (set_errno(EFAULT));
196
197 error = nfs_svc(STRUCT_BUF(nsa), get_udatamodel());
198 break;
199 }
200
201 case EXPORTFS: { /* export a file system */
202 error = nfs_export(arg);
203 break;
204 }
205
206 case NFS_GETFH: { /* get a file handle */
207 STRUCT_DECL(nfs_getfh_args, nga);
208
209 STRUCT_INIT(nga, get_udatamodel());
210 if (copyin(arg, STRUCT_BUF(nga), STRUCT_SIZE(nga)))
211 return (set_errno(EFAULT));
212
213 error = nfs_getfh(STRUCT_BUF(nga), get_udatamodel(), CRED());
214 break;
215 }
216
217 case NFS_REVAUTH: { /* revoke the cached credentials for the uid */
218 STRUCT_DECL(nfs_revauth_args, nra);
219
220 STRUCT_INIT(nra, get_udatamodel());
221 if (copyin(arg, STRUCT_BUF(nra), STRUCT_SIZE(nra)))
222 return (set_errno(EFAULT));
223
224 /* This call performs its own privilege checking */
225 error = sec_clnt_revoke(STRUCT_FGET(nra, authtype),
226 STRUCT_FGET(nra, uid), CRED(), NULL, get_udatamodel());
227 break;
228 }
|