6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 1995, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2015 by Delphix. All rights reserved.
26 */
27
28 #include <sys/param.h>
29 #include <sys/errno.h>
30 #include <sys/vfs.h>
31 #include <sys/vnode.h>
32 #include <sys/cred.h>
33 #include <sys/cmn_err.h>
34 #include <sys/systm.h>
35 #include <sys/kmem.h>
36 #include <sys/pathname.h>
37 #include <sys/utsname.h>
38 #include <sys/debug.h>
39 #include <sys/door.h>
40 #include <sys/sdt.h>
41 #include <sys/thread.h>
42 #include <sys/avl.h>
43
44 #include <rpc/types.h>
45 #include <rpc/auth.h>
544 * No door errors encountered; setup the XDR stream for decoding
545 * the results. If we fail to decode the results, we've got no
546 * other recourse than to fail the request.
547 */
548 xdrmem_create(&xdrs, da.rbuf, da.rsize, XDR_DECODE);
549 if (!xdr_nfsauth_res(&xdrs, &res)) {
550 xdr_free(xdr_nfsauth_res, (char *)&res);
551 XDR_DESTROY(&xdrs);
552 kmem_free(da.rbuf, da.rsize);
553 goto fail;
554 }
555 XDR_DESTROY(&xdrs);
556 kmem_free(da.rbuf, da.rsize);
557
558 DTRACE_PROBE1(nfsserv__func__nfsauth__results, nfsauth_res_t *, &res);
559 switch (res.stat) {
560 case NFSAUTH_DR_OKAY:
561 *access = res.ares.auth_perm;
562 *srv_uid = res.ares.auth_srv_uid;
563 *srv_gid = res.ares.auth_srv_gid;
564 *srv_gids_cnt = res.ares.auth_srv_gids.len;
565 *srv_gids = kmem_alloc(*srv_gids_cnt * sizeof (gid_t),
566 KM_SLEEP);
567 bcopy(res.ares.auth_srv_gids.val, *srv_gids,
568 *srv_gids_cnt * sizeof (gid_t));
569 break;
570
571 case NFSAUTH_DR_EFAIL:
572 case NFSAUTH_DR_DECERR:
573 case NFSAUTH_DR_BADCMD:
574 default:
575 xdr_free(xdr_nfsauth_res, (char *)&res);
576 fail:
577 *access = NFSAUTH_DENIED;
578 kmem_free(abuf, absz);
579 return (FALSE);
580 /* NOTREACHED */
581 }
582
583 xdr_free(xdr_nfsauth_res, (char *)&res);
584 kmem_free(abuf, absz);
585
586 return (TRUE);
587 }
588
1037 /*
1038 * Set the auth_state and notify waiters.
1039 */
1040 mutex_enter(&p->auth_lock);
1041 p->auth_state = state;
1042 cv_broadcast(&p->auth_cv);
1043 mutex_exit(&p->auth_lock);
1044 } else {
1045 uint_t nach;
1046 time_t refresh;
1047
1048 refresh = gethrestime_sec() - p->auth_freshness;
1049
1050 p->auth_time = gethrestime_sec();
1051
1052 if (uid != NULL)
1053 *uid = p->auth_srv_uid;
1054 if (gid != NULL)
1055 *gid = p->auth_srv_gid;
1056 if (ngids != NULL && gids != NULL) {
1057 *ngids = p->auth_srv_ngids;
1058 *gids = kmem_alloc(*ngids * sizeof (gid_t), KM_SLEEP);
1059 bcopy(p->auth_srv_gids, *gids, *ngids * sizeof (gid_t));
1060 }
1061
1062 access = p->auth_access;
1063
1064 if ((refresh > NFSAUTH_CACHE_REFRESH) &&
1065 p->auth_state == NFS_AUTH_FRESH) {
1066 refreshq_auth_node_t *ran;
1067 uint_t nacr;
1068
1069 p->auth_state = NFS_AUTH_STALE;
1070 mutex_exit(&p->auth_lock);
1071
1072 nacr = atomic_inc_uint_nv(&nfsauth_cache_refresh);
1073 DTRACE_PROBE3(nfsauth__debug__cache__stale,
1074 struct exportinfo *, exi,
1075 struct auth_cache *, p,
1076 uint_t, nacr);
1077
1078 ran = kmem_alloc(sizeof (refreshq_auth_node_t),
1079 KM_SLEEP);
1080 ran->ran_auth = p;
|
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 1995, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2015 by Delphix. All rights reserved.
26 * Copyright (c) 2015 Joyent, Inc. All rights reserved.
27 */
28
29 #include <sys/param.h>
30 #include <sys/errno.h>
31 #include <sys/vfs.h>
32 #include <sys/vnode.h>
33 #include <sys/cred.h>
34 #include <sys/cmn_err.h>
35 #include <sys/systm.h>
36 #include <sys/kmem.h>
37 #include <sys/pathname.h>
38 #include <sys/utsname.h>
39 #include <sys/debug.h>
40 #include <sys/door.h>
41 #include <sys/sdt.h>
42 #include <sys/thread.h>
43 #include <sys/avl.h>
44
45 #include <rpc/types.h>
46 #include <rpc/auth.h>
545 * No door errors encountered; setup the XDR stream for decoding
546 * the results. If we fail to decode the results, we've got no
547 * other recourse than to fail the request.
548 */
549 xdrmem_create(&xdrs, da.rbuf, da.rsize, XDR_DECODE);
550 if (!xdr_nfsauth_res(&xdrs, &res)) {
551 xdr_free(xdr_nfsauth_res, (char *)&res);
552 XDR_DESTROY(&xdrs);
553 kmem_free(da.rbuf, da.rsize);
554 goto fail;
555 }
556 XDR_DESTROY(&xdrs);
557 kmem_free(da.rbuf, da.rsize);
558
559 DTRACE_PROBE1(nfsserv__func__nfsauth__results, nfsauth_res_t *, &res);
560 switch (res.stat) {
561 case NFSAUTH_DR_OKAY:
562 *access = res.ares.auth_perm;
563 *srv_uid = res.ares.auth_srv_uid;
564 *srv_gid = res.ares.auth_srv_gid;
565
566 if ((*srv_gids_cnt = res.ares.auth_srv_gids.len) != 0) {
567 *srv_gids = kmem_alloc(*srv_gids_cnt *
568 sizeof (gid_t), KM_SLEEP);
569 bcopy(res.ares.auth_srv_gids.val, *srv_gids,
570 *srv_gids_cnt * sizeof (gid_t));
571 } else {
572 *srv_gids = NULL;
573 }
574
575 break;
576
577 case NFSAUTH_DR_EFAIL:
578 case NFSAUTH_DR_DECERR:
579 case NFSAUTH_DR_BADCMD:
580 default:
581 xdr_free(xdr_nfsauth_res, (char *)&res);
582 fail:
583 *access = NFSAUTH_DENIED;
584 kmem_free(abuf, absz);
585 return (FALSE);
586 /* NOTREACHED */
587 }
588
589 xdr_free(xdr_nfsauth_res, (char *)&res);
590 kmem_free(abuf, absz);
591
592 return (TRUE);
593 }
594
1043 /*
1044 * Set the auth_state and notify waiters.
1045 */
1046 mutex_enter(&p->auth_lock);
1047 p->auth_state = state;
1048 cv_broadcast(&p->auth_cv);
1049 mutex_exit(&p->auth_lock);
1050 } else {
1051 uint_t nach;
1052 time_t refresh;
1053
1054 refresh = gethrestime_sec() - p->auth_freshness;
1055
1056 p->auth_time = gethrestime_sec();
1057
1058 if (uid != NULL)
1059 *uid = p->auth_srv_uid;
1060 if (gid != NULL)
1061 *gid = p->auth_srv_gid;
1062 if (ngids != NULL && gids != NULL) {
1063 if ((*ngids = p->auth_srv_ngids) != 0) {
1064 size_t sz = *ngids * sizeof (gid_t);
1065 *gids = kmem_alloc(sz, KM_SLEEP);
1066 bcopy(p->auth_srv_gids, *gids, sz);
1067 } else {
1068 *gids = NULL;
1069 }
1070 }
1071
1072 access = p->auth_access;
1073
1074 if ((refresh > NFSAUTH_CACHE_REFRESH) &&
1075 p->auth_state == NFS_AUTH_FRESH) {
1076 refreshq_auth_node_t *ran;
1077 uint_t nacr;
1078
1079 p->auth_state = NFS_AUTH_STALE;
1080 mutex_exit(&p->auth_lock);
1081
1082 nacr = atomic_inc_uint_nv(&nfsauth_cache_refresh);
1083 DTRACE_PROBE3(nfsauth__debug__cache__stale,
1084 struct exportinfo *, exi,
1085 struct auth_cache *, p,
1086 uint_t, nacr);
1087
1088 ran = kmem_alloc(sizeof (refreshq_auth_node_t),
1089 KM_SLEEP);
1090 ran->ran_auth = p;
|