Page MenuHomeFreeBSD

D37880.id114703.diff
No OneTemporary

D37880.id114703.diff

diff --git a/sys/fs/nfs/nfs_commonport.c.vnetnfsuserd b/sys/fs/nfs/nfs_commonport.c
--- a/sys/fs/nfs/nfs_commonport.c.vnetnfsuserd
+++ b/sys/fs/nfs/nfs_commonport.c
@@ -42,6 +42,7 @@
* to this BSD variant.
*/
#include <fs/nfs/nfsport.h>
+#include <sys/osd.h>
#include <sys/smp.h>
#include <sys/sysctl.h>
#include <sys/taskqueue.h>
@@ -56,8 +57,6 @@
#include <vm/uma.h>
extern int nfscl_ticks;
-extern nfsuserd_state nfsrv_nfsuserd;
-extern struct nfssockreq nfsrv_nfsuserdsock;
extern void (*nfsd_call_recall)(struct vnode *, int, struct ucred *,
struct thread *);
extern int nfsrv_useacl;
@@ -75,6 +74,14 @@
vop_reclaim_t *nfs_reclaim_p = NULL;
uint32_t nfs_srvmaxio = NFS_SRVMAXIO;
+NFSD_VNET_DECLARE(struct nfsrv_lughash *, nfsuserhash);
+NFSD_VNET_DECLARE(struct nfsrv_lughash *, nfsusernamehash);
+NFSD_VNET_DECLARE(struct nfsrv_lughash *, nfsgrouphash);
+NFSD_VNET_DECLARE(struct nfsrv_lughash *, nfsgroupnamehash);
+NFSD_VNET_DECLARE(u_char *, nfsrv_dnsname);
+NFSD_VNET_DECLARE(struct nfssockreq, nfsrv_nfsuserdsock);
+NFSD_VNET_DECLARE(nfsuserd_state, nfsrv_nfsuserd);
+
NFSDSTATSDEFINE(nfsstatsv1);
int nfs_pnfsio(task_fn_t *, void *);
@@ -150,6 +157,7 @@
/* local functions */
static int nfssvc_call(struct thread *, struct nfssvc_args *, struct ucred *);
+static void nfsrv_cleanusergroup(struct prison *);
#ifdef __NO_STRICT_ALIGNMENT
/*
@@ -451,10 +459,6 @@
struct nfsstatsv1 *outstats;
if (uap->flag & NFSSVC_IDNAME) {
- if (jailed(p->td_ucred)) {
- error = EPERM;
- goto out;
- }
if ((uap->flag & NFSSVC_NEWSTRUCT) != 0)
error = copyin(uap->argp, &nid, sizeof(nid));
else {
@@ -754,10 +758,6 @@
u_short sockport;
struct nfsuserd_args nargs;
- if (jailed(p->td_ucred)) {
- error = EPERM;
- goto out;
- }
if ((uap->flag & NFSSVC_NEWSTRUCT) == 0) {
error = copyin(uap->argp, (caddr_t)&sockport,
sizeof (u_short));
@@ -775,10 +775,6 @@
if (!error)
error = nfsrv_nfsuserdport(&nargs, p);
} else if (uap->flag & NFSSVC_NFSUSERDDELPORT) {
- if (jailed(p->td_ucred)) {
- error = EPERM;
- goto out;
- }
nfsrv_nfsuserddelport();
error = 0;
}
@@ -872,6 +868,87 @@
return (ret);
}
+/*
+ * Free up all the allocations related to the name<-->id cache.
+ * This function should only be called when the nfsuserd daemon isn't
+ * running, since it doesn't do any locking.
+ * This function is meant to be called when a vnet jail is destroyed.
+ */
+static void
+nfsrv_cleanusergroup(struct prison *pr)
+{
+ struct nfsrv_lughash *hp, *hp2;
+ struct nfsusrgrp *nusrp, *usrp;
+ int i;
+
+ NFSD_CURVNET_SET(pr->pr_vnet);
+ mtx_destroy(&NFSD_VNET(nfsrv_nfsuserdsock).nr_mtx);
+ if (NFSD_VNET(nfsuserhash) == NULL) {
+ NFSD_CURVNET_RESTORE();
+ return;
+ }
+
+ for (i = 0; i < nfsrv_lughashsize; i++) {
+ hp = &NFSD_VNET(nfsuserhash)[i];
+ TAILQ_FOREACH_SAFE(usrp, &hp->lughead, lug_numhash, nusrp) {
+ TAILQ_REMOVE(&hp->lughead, usrp, lug_numhash);
+ hp2 = NFSUSERNAMEHASH(usrp->lug_name,
+ usrp->lug_namelen);
+ TAILQ_REMOVE(&hp2->lughead, usrp, lug_namehash);
+ if (usrp->lug_cred != NULL)
+ crfree(usrp->lug_cred);
+ free(usrp, M_NFSUSERGROUP);
+ }
+ hp = &NFSD_VNET(nfsgrouphash)[i];
+ TAILQ_FOREACH_SAFE(usrp, &hp->lughead, lug_numhash, nusrp) {
+ TAILQ_REMOVE(&hp->lughead, usrp, lug_numhash);
+ hp2 = NFSGROUPNAMEHASH(usrp->lug_name,
+ usrp->lug_namelen);
+ TAILQ_REMOVE(&hp2->lughead, usrp, lug_namehash);
+ if (usrp->lug_cred != NULL)
+ crfree(usrp->lug_cred);
+ free(usrp, M_NFSUSERGROUP);
+ }
+ mtx_destroy(&NFSD_VNET(nfsuserhash)[i].mtx);
+ mtx_destroy(&NFSD_VNET(nfsusernamehash)[i].mtx);
+ mtx_destroy(&NFSD_VNET(nfsgroupnamehash)[i].mtx);
+ mtx_destroy(&NFSD_VNET(nfsgrouphash)[i].mtx);
+ }
+ free(NFSD_VNET(nfsuserhash), M_NFSUSERGROUP);
+ free(NFSD_VNET(nfsusernamehash), M_NFSUSERGROUP);
+ free(NFSD_VNET(nfsgrouphash), M_NFSUSERGROUP);
+ free(NFSD_VNET(nfsgroupnamehash), M_NFSUSERGROUP);
+ free(NFSD_VNET(nfsrv_dnsname), M_NFSSTRING);
+ NFSD_CURVNET_RESTORE();
+}
+
+#ifdef VNET_NFSD
+/*
+ * Initialize everything that needs to be initialized for a vnet.
+ */
+static void
+nfs_vnetinit(const void *unused __unused)
+{
+
+ mtx_init(&NFSD_VNET(nfsrv_nfsuserdsock).nr_mtx, "nfsuserd",
+ NULL, MTX_DEF);
+}
+VNET_SYSINIT(nfs_vnetinit, SI_SUB_VNET_DONE, SI_ORDER_ANY,
+ nfs_vnetinit, NULL);
+
+/* Osd entry for nfsrv_cleanup. */
+static int
+nfs_prison_cleanup(void *obj, void *data __unused)
+{
+ struct prison *pr = obj;
+
+ if ((pr->pr_flags & PR_VNET) == 0)
+ return (0);
+ nfsrv_cleanusergroup(pr);
+ return (0);
+}
+#endif /* VNET_NFSD */
+
extern int (*nfsd_call_nfscommon)(struct thread *, struct nfssvc_args *);
/*
@@ -881,6 +958,11 @@
nfscommon_modevent(module_t mod, int type, void *data)
{
int error = 0;
+#ifdef VNET_NFSD
+ osd_method_t methods[PR_MAXMETHOD] = {
+ [PR_METHOD_REMOVE] = nfs_prison_cleanup,
+ };
+#endif
static int loaded = 0;
switch (type) {
@@ -892,8 +974,13 @@
mtx_init(&nfs_sockl_mutex, "nfs_sockl_mutex", NULL, MTX_DEF);
mtx_init(&nfs_slock_mutex, "nfs_slock_mutex", NULL, MTX_DEF);
mtx_init(&nfs_req_mutex, "nfs_req_mutex", NULL, MTX_DEF);
- mtx_init(&nfsrv_nfsuserdsock.nr_mtx, "nfsuserd", NULL,
- MTX_DEF);
+#ifdef VNET_NFSD
+ /* XXX-BZ OSD to VNET? */
+ osd_jail_register(NULL, methods);
+#else
+ mtx_init(&NFSD_VNET(nfsrv_nfsuserdsock).nr_mtx, "nfsuserd",
+ NULL, MTX_DEF);
+#endif
mtx_init(&nfsrv_dslock_mtx, "nfs4ds", NULL, MTX_DEF);
TAILQ_INIT(&nfsrv_devidhead);
newnfs_init();
@@ -902,7 +989,8 @@
break;
case MOD_UNLOAD:
- if (newnfs_numnfsd != 0 || nfsrv_nfsuserd != NOTRUNNING ||
+ if (newnfs_numnfsd != 0 ||
+ NFSD_VNET(nfsrv_nfsuserd) != NOTRUNNING ||
nfs_numnfscbd != 0) {
error = EBUSY;
break;
@@ -910,7 +998,7 @@
nfsd_call_nfscommon = NULL;
/* Clean out the name<-->id cache. */
- nfsrv_cleanusergroup();
+ nfsrv_cleanusergroup(&prison0);
/* and get rid of the mutexes */
mtx_destroy(&nfs_nameid_mutex);
mtx_destroy(&newnfsd_mtx);
@@ -919,7 +1007,6 @@
mtx_destroy(&nfs_sockl_mutex);
mtx_destroy(&nfs_slock_mutex);
mtx_destroy(&nfs_req_mutex);
- mtx_destroy(&nfsrv_nfsuserdsock.nr_mtx);
mtx_destroy(&nfsrv_dslock_mtx);
loaded = 0;
break;
diff --git a/sys/fs/nfs/nfs_commonsubs.c.vnetnfsuserd b/sys/fs/nfs/nfs_commonsubs.c
--- a/sys/fs/nfs/nfs_commonsubs.c.vnetnfsuserd
+++ b/sys/fs/nfs/nfs_commonsubs.c
@@ -66,17 +66,10 @@
struct timeval nfsboottime; /* Copy boottime once, so it never changes */
int nfscl_ticks;
int nfsrv_useacl = 1;
-struct nfssockreq nfsrv_nfsuserdsock;
-nfsuserd_state nfsrv_nfsuserd = NOTRUNNING;
-static int nfsrv_userdupcalls = 0;
struct nfsreqhead nfsd_reqq;
-uid_t nfsrv_defaultuid = UID_NOBODY;
-gid_t nfsrv_defaultgid = GID_NOGROUP;
int nfsrv_lease = NFSRV_LEASE;
int ncl_mbuf_mlen = MLEN;
-int nfsd_enable_stringtouid = 0;
int nfsrv_doflexfile = 0;
-static int nfs_enable_uidtostring = 0;
NFSNAMEIDMUTEX;
NFSSOCKMUTEX;
extern int nfsrv_lughashsize;
@@ -87,10 +80,21 @@
extern struct nfsstatsv1 nfsstatsv1;
extern uint32_t nfs_srvmaxio;
+NFSD_VNET_DEFINE(int, nfsd_enable_stringtouid) = 0;
+NFSD_VNET_DEFINE(struct nfssockreq, nfsrv_nfsuserdsock);
+NFSD_VNET_DEFINE(nfsuserd_state, nfsrv_nfsuserd) = NOTRUNNING;
+NFSD_VNET_DEFINE(uid_t, nfsrv_defaultuid) = UID_NOBODY;
+NFSD_VNET_DEFINE(gid_t, nfsrv_defaultgid) = GID_NOGROUP;
+
+NFSD_VNET_DEFINE_STATIC(int, nfsrv_userdupcalls) = 0;
+
SYSCTL_DECL(_vfs_nfs);
-SYSCTL_INT(_vfs_nfs, OID_AUTO, enable_uidtostring, CTLFLAG_RW,
- &nfs_enable_uidtostring, 0, "Make nfs always send numeric owner_names");
+NFSD_VNET_DEFINE_STATIC(int, nfs_enable_uidtostring) = 0;
+SYSCTL_INT(_vfs_nfs, OID_AUTO, enable_uidtostring,
+ CTLFLAG_NFSD_VNET | CTLFLAG_RW, &NFSD_VNET_NAME(nfs_enable_uidtostring), 0,
+ "Make nfs always send numeric owner_names");
+
int nfsrv_maxpnfsmirror = 1;
SYSCTL_INT(_vfs_nfs, OID_AUTO, pnfsmirror, CTLFLAG_RD,
&nfsrv_maxpnfsmirror, 0, "Mirror level for pNFS service");
@@ -192,19 +196,16 @@
};
static int ncl_mbuf_mhlen = MHLEN;
-static int nfsrv_usercnt = 0;
-static int nfsrv_dnsnamelen;
-static u_char *nfsrv_dnsname = NULL;
-static int nfsrv_usermax = 999999999;
-struct nfsrv_lughash {
- struct mtx mtx;
- struct nfsuserhashhead lughead;
-};
-static struct nfsrv_lughash *nfsuserhash;
-static struct nfsrv_lughash *nfsusernamehash;
-static struct nfsrv_lughash *nfsgrouphash;
-static struct nfsrv_lughash *nfsgroupnamehash;
+NFSD_VNET_DEFINE_STATIC(int, nfsrv_usercnt) = 0;
+NFSD_VNET_DEFINE_STATIC(int, nfsrv_dnsnamelen) = 0;
+NFSD_VNET_DEFINE_STATIC(int, nfsrv_usermax) = 999999999;
+NFSD_VNET_DEFINE(struct nfsrv_lughash *, nfsuserhash) = NULL;
+NFSD_VNET_DEFINE(struct nfsrv_lughash *, nfsusernamehash) = NULL;
+NFSD_VNET_DEFINE(struct nfsrv_lughash *, nfsgrouphash) = NULL;
+NFSD_VNET_DEFINE(struct nfsrv_lughash *, nfsgroupnamehash) = NULL;
+NFSD_VNET_DEFINE(u_char *, nfsrv_dnsname) = NULL;
+
/*
* This static array indicates whether or not the RPC generates a large
* reply. This is used by nfs_reply() to decide whether or not an mbuf
@@ -1245,6 +1246,7 @@
#endif
CTASSERT(sizeof(ino_t) == sizeof(uint64_t));
+ NFSD_CURVNET_SET_QUIET(NFSD_TD_TO_VNET(curthread));
if (compare) {
retnotsup = 0;
error = nfsrv_getattrbits(nd, &attrbits, NULL, &retnotsup);
@@ -1870,7 +1872,8 @@
}
} else if (nap != NULL) {
if (nfsv4_strtouid(nd, cp, j, &uid))
- nap->na_uid = nfsrv_defaultuid;
+ nap->na_uid =
+ NFSD_VNET(nfsrv_defaultuid);
else
nap->na_uid = uid;
}
@@ -1903,7 +1906,8 @@
}
} else if (nap != NULL) {
if (nfsv4_strtogid(nd, cp, j, &gid))
- nap->na_gid = nfsrv_defaultgid;
+ nap->na_gid =
+ NFSD_VNET(nfsrv_defaultgid);
else
nap->na_gid = gid;
}
@@ -2266,6 +2270,7 @@
error = nfsm_advance(nd, attrsize - attrsum, -1);
}
nfsmout:
+ NFSD_CURVNET_RESTORE();
NFSEXITCODE2(error, nd);
return (error);
}
@@ -3142,14 +3147,16 @@
int cnt, hasampersand, len = NFSV4_SMALLSTR, ret;
struct nfsrv_lughash *hp;
+ NFSD_CURVNET_SET_QUIET(NFSD_TD_TO_VNET(curthread));
cnt = 0;
tryagain:
- if (nfsrv_dnsnamelen > 0 && !nfs_enable_uidtostring) {
+ if (NFSD_VNET(nfsrv_dnsnamelen) > 0 &&
+ !NFSD_VNET(nfs_enable_uidtostring)) {
/*
* Always map nfsrv_defaultuid to "nobody".
*/
- if (uid == nfsrv_defaultuid) {
- i = nfsrv_dnsnamelen + 7;
+ if (uid == NFSD_VNET(nfsrv_defaultuid)) {
+ i = NFSD_VNET(nfsrv_dnsnamelen) + 7;
if (i > len) {
if (len > NFSV4_SMALLSTR)
free(cp, M_NFSSTRING);
@@ -3161,7 +3168,9 @@
*retlenp = i;
NFSBCOPY("nobody@", cp, 7);
cp += 7;
- NFSBCOPY(nfsrv_dnsname, cp, nfsrv_dnsnamelen);
+ NFSBCOPY(NFSD_VNET(nfsrv_dnsname), cp,
+ NFSD_VNET(nfsrv_dnsnamelen));
+ NFSD_CURVNET_RESTORE();
return;
}
hasampersand = 0;
@@ -3185,7 +3194,7 @@
i = usrp->lug_namelen;
else
i = usrp->lug_namelen +
- nfsrv_dnsnamelen + 1;
+ NFSD_VNET(nfsrv_dnsnamelen) + 1;
if (i > len) {
mtx_unlock(&hp->mtx);
if (len > NFSV4_SMALLSTR)
@@ -3200,12 +3209,14 @@
if (!hasampersand) {
cp += usrp->lug_namelen;
*cp++ = '@';
- NFSBCOPY(nfsrv_dnsname, cp, nfsrv_dnsnamelen);
+ NFSBCOPY(NFSD_VNET(nfsrv_dnsname), cp,
+ NFSD_VNET(nfsrv_dnsnamelen));
}
TAILQ_REMOVE(&hp->lughead, usrp, lug_numhash);
TAILQ_INSERT_TAIL(&hp->lughead, usrp,
lug_numhash);
mtx_unlock(&hp->mtx);
+ NFSD_CURVNET_RESTORE();
return;
}
}
@@ -3233,6 +3244,7 @@
*cp-- = '0' + (tmp % 10);
tmp /= 10;
}
+ NFSD_CURVNET_RESTORE();
return;
}
@@ -3253,7 +3265,7 @@
cnt = 0;
uid = oldcred->cr_uid;
tryagain:
- if (nfsrv_dnsnamelen > 0) {
+ if (NFSD_VNET(nfsrv_dnsnamelen) > 0) {
hp = NFSUSERHASH(uid);
mtx_lock(&hp->mtx);
TAILQ_FOREACH(usrp, &hp->lughead, lug_numhash) {
@@ -3300,6 +3312,7 @@
uid_t tuid;
struct nfsrv_lughash *hp, *hp2;
+ NFSD_CURVNET_SET_QUIET(NFSD_TD_TO_VNET(curthread));
if (len == 0) {
error = NFSERR_BADOWNER;
goto out;
@@ -3311,7 +3324,7 @@
/* A numeric string. */
if ((nd->nd_flag & ND_KERBV) == 0 &&
((nd->nd_flag & ND_NFSCL) != 0 ||
- nfsd_enable_stringtouid != 0))
+ NFSD_VNET(nfsd_enable_stringtouid) != 0))
*uidp = tuid;
else
error = NFSERR_BADOWNER;
@@ -3328,7 +3341,7 @@
cnt = 0;
tryagain:
- if (nfsrv_dnsnamelen > 0) {
+ if (NFSD_VNET(nfsrv_dnsnamelen) > 0) {
/*
* If an '@' is found and the domain name matches, search for
* the name with dns stripped off.
@@ -3336,9 +3349,10 @@
* all upper case will not.
*/
if (cnt == 0 && i < len && i > 0 &&
- (len - 1 - i) == nfsrv_dnsnamelen &&
- !nfsrv_cmpmixedcase(cp, nfsrv_dnsname, nfsrv_dnsnamelen)) {
- len -= (nfsrv_dnsnamelen + 1);
+ (len - 1 - i) == NFSD_VNET(nfsrv_dnsnamelen) &&
+ !nfsrv_cmpmixedcase(cp,
+ NFSD_VNET(nfsrv_dnsname), NFSD_VNET(nfsrv_dnsnamelen))) {
+ len -= (NFSD_VNET(nfsrv_dnsnamelen) + 1);
*(cp - 1) = '\0';
}
@@ -3346,7 +3360,7 @@
* Check for the special case of "nobody".
*/
if (len == 6 && !NFSBCMP(str, "nobody", 6)) {
- *uidp = nfsrv_defaultuid;
+ *uidp = NFSD_VNET(nfsrv_defaultuid);
error = 0;
goto out;
}
@@ -3380,6 +3394,7 @@
error = NFSERR_BADOWNER;
out:
+ NFSD_CURVNET_RESTORE();
NFSEXITCODE(error);
return (error);
}
@@ -3401,14 +3416,16 @@
int cnt, hasampersand, len = NFSV4_SMALLSTR, ret;
struct nfsrv_lughash *hp;
+ NFSD_CURVNET_SET_QUIET(NFSD_TD_TO_VNET(curthread));
cnt = 0;
tryagain:
- if (nfsrv_dnsnamelen > 0 && !nfs_enable_uidtostring) {
+ if (NFSD_VNET(nfsrv_dnsnamelen) > 0 &&
+ !NFSD_VNET(nfs_enable_uidtostring)) {
/*
* Always map nfsrv_defaultgid to "nogroup".
*/
- if (gid == nfsrv_defaultgid) {
- i = nfsrv_dnsnamelen + 8;
+ if (gid == NFSD_VNET(nfsrv_defaultgid)) {
+ i = NFSD_VNET(nfsrv_dnsnamelen) + 8;
if (i > len) {
if (len > NFSV4_SMALLSTR)
free(cp, M_NFSSTRING);
@@ -3420,7 +3437,9 @@
*retlenp = i;
NFSBCOPY("nogroup@", cp, 8);
cp += 8;
- NFSBCOPY(nfsrv_dnsname, cp, nfsrv_dnsnamelen);
+ NFSBCOPY(NFSD_VNET(nfsrv_dnsname), cp,
+ NFSD_VNET(nfsrv_dnsnamelen));
+ NFSD_CURVNET_RESTORE();
return;
}
hasampersand = 0;
@@ -3444,7 +3463,7 @@
i = usrp->lug_namelen;
else
i = usrp->lug_namelen +
- nfsrv_dnsnamelen + 1;
+ NFSD_VNET(nfsrv_dnsnamelen) + 1;
if (i > len) {
mtx_unlock(&hp->mtx);
if (len > NFSV4_SMALLSTR)
@@ -3459,12 +3478,14 @@
if (!hasampersand) {
cp += usrp->lug_namelen;
*cp++ = '@';
- NFSBCOPY(nfsrv_dnsname, cp, nfsrv_dnsnamelen);
+ NFSBCOPY(NFSD_VNET(nfsrv_dnsname), cp,
+ NFSD_VNET(nfsrv_dnsnamelen));
}
TAILQ_REMOVE(&hp->lughead, usrp, lug_numhash);
TAILQ_INSERT_TAIL(&hp->lughead, usrp,
lug_numhash);
mtx_unlock(&hp->mtx);
+ NFSD_CURVNET_RESTORE();
return;
}
}
@@ -3492,6 +3513,7 @@
*cp-- = '0' + (tmp % 10);
tmp /= 10;
}
+ NFSD_CURVNET_RESTORE();
return;
}
@@ -3514,6 +3536,7 @@
gid_t tgid;
struct nfsrv_lughash *hp, *hp2;
+ NFSD_CURVNET_SET_QUIET(NFSD_TD_TO_VNET(curthread));
if (len == 0) {
error = NFSERR_BADOWNER;
goto out;
@@ -3525,7 +3548,7 @@
/* A numeric string. */
if ((nd->nd_flag & ND_KERBV) == 0 &&
((nd->nd_flag & ND_NFSCL) != 0 ||
- nfsd_enable_stringtouid != 0))
+ NFSD_VNET(nfsd_enable_stringtouid) != 0))
*gidp = tgid;
else
error = NFSERR_BADOWNER;
@@ -3542,15 +3565,16 @@
cnt = 0;
tryagain:
- if (nfsrv_dnsnamelen > 0) {
+ if (NFSD_VNET(nfsrv_dnsnamelen) > 0) {
/*
* If an '@' is found and the dns name matches, search for the
* name with the dns stripped off.
*/
if (cnt == 0 && i < len && i > 0 &&
- (len - 1 - i) == nfsrv_dnsnamelen &&
- !nfsrv_cmpmixedcase(cp, nfsrv_dnsname, nfsrv_dnsnamelen)) {
- len -= (nfsrv_dnsnamelen + 1);
+ (len - 1 - i) == NFSD_VNET(nfsrv_dnsnamelen) &&
+ !nfsrv_cmpmixedcase(cp,
+ NFSD_VNET(nfsrv_dnsname), NFSD_VNET(nfsrv_dnsnamelen))) {
+ len -= (NFSD_VNET(nfsrv_dnsnamelen) + 1);
*(cp - 1) = '\0';
}
@@ -3558,7 +3582,7 @@
* Check for the special case of "nogroup".
*/
if (len == 7 && !NFSBCMP(str, "nogroup", 7)) {
- *gidp = nfsrv_defaultgid;
+ *gidp = NFSD_VNET(nfsrv_defaultgid);
error = 0;
goto out;
}
@@ -3592,6 +3616,7 @@
error = NFSERR_BADOWNER;
out:
+ NFSD_CURVNET_RESTORE();
NFSEXITCODE(error);
return (error);
}
@@ -3642,12 +3667,12 @@
int error;
NFSLOCKNAMEID();
- if (nfsrv_nfsuserd != NOTRUNNING) {
+ if (NFSD_VNET(nfsrv_nfsuserd) != NOTRUNNING) {
NFSUNLOCKNAMEID();
error = EPERM;
goto out;
}
- nfsrv_nfsuserd = STARTSTOP;
+ NFSD_VNET(nfsrv_nfsuserd) = STARTSTOP;
/*
* Set up the socket record and connect.
* Set nr_client NULL before unlocking, just to ensure that no other
@@ -3655,7 +3680,7 @@
* occur if the use of the nameid lock to protect nfsrv_nfsuserd is
* broken.
*/
- rp = &nfsrv_nfsuserdsock;
+ rp = &NFSD_VNET(nfsrv_nfsuserdsock);
rp->nr_client = NULL;
NFSUNLOCKNAMEID();
rp->nr_sotype = SOCK_DGRAM;
@@ -3696,12 +3721,12 @@
&rp->nr_client);
if (error == 0) {
NFSLOCKNAMEID();
- nfsrv_nfsuserd = RUNNING;
+ NFSD_VNET(nfsrv_nfsuserd) = RUNNING;
NFSUNLOCKNAMEID();
} else {
free(rp->nr_nam, M_SONAME);
NFSLOCKNAMEID();
- nfsrv_nfsuserd = NOTRUNNING;
+ NFSD_VNET(nfsrv_nfsuserd) = NOTRUNNING;
NFSUNLOCKNAMEID();
}
out:
@@ -3717,20 +3742,20 @@
{
NFSLOCKNAMEID();
- if (nfsrv_nfsuserd != RUNNING) {
+ if (NFSD_VNET(nfsrv_nfsuserd) != RUNNING) {
NFSUNLOCKNAMEID();
return;
}
- nfsrv_nfsuserd = STARTSTOP;
+ NFSD_VNET(nfsrv_nfsuserd) = STARTSTOP;
/* Wait for all upcalls to complete. */
- while (nfsrv_userdupcalls > 0)
- msleep(&nfsrv_userdupcalls, NFSNAMEIDMUTEXPTR, PVFS,
+ while (NFSD_VNET(nfsrv_userdupcalls) > 0)
+ msleep(&NFSD_VNET(nfsrv_userdupcalls), NFSNAMEIDMUTEXPTR, PVFS,
"nfsupcalls", 0);
NFSUNLOCKNAMEID();
- newnfs_disconnect(NULL, &nfsrv_nfsuserdsock);
- free(nfsrv_nfsuserdsock.nr_nam, M_SONAME);
+ newnfs_disconnect(NULL, &NFSD_VNET(nfsrv_nfsuserdsock));
+ free(NFSD_VNET(nfsrv_nfsuserdsock).nr_nam, M_SONAME);
NFSLOCKNAMEID();
- nfsrv_nfsuserd = NOTRUNNING;
+ NFSD_VNET(nfsrv_nfsuserd) = NOTRUNNING;
NFSUNLOCKNAMEID();
}
@@ -3750,7 +3775,7 @@
int error;
NFSLOCKNAMEID();
- if (nfsrv_nfsuserd != RUNNING) {
+ if (NFSD_VNET(nfsrv_nfsuserd) != RUNNING) {
NFSUNLOCKNAMEID();
error = EPERM;
goto out;
@@ -3759,9 +3784,9 @@
* Maintain a count of upcalls in progress, so that nfsrv_X()
* can wait until no upcalls are in progress.
*/
- nfsrv_userdupcalls++;
+ NFSD_VNET(nfsrv_userdupcalls)++;
NFSUNLOCKNAMEID();
- KASSERT(nfsrv_userdupcalls > 0,
+ KASSERT(NFSD_VNET(nfsrv_userdupcalls) > 0,
("nfsrv_getuser: non-positive upcalls"));
nd = &nfsd;
cred = newnfs_getcred();
@@ -3779,11 +3804,13 @@
len = strlen(name);
(void) nfsm_strtom(nd, name, len);
}
- error = newnfs_request(nd, NULL, NULL, &nfsrv_nfsuserdsock, NULL, NULL,
- cred, RPCPROG_NFSUSERD, RPCNFSUSERD_VERS, NULL, 0, NULL, NULL);
+ error = newnfs_request(nd, NULL, NULL, &NFSD_VNET(nfsrv_nfsuserdsock),
+ NULL, NULL, cred, RPCPROG_NFSUSERD, RPCNFSUSERD_VERS, NULL, 0,
+ NULL, NULL);
NFSLOCKNAMEID();
- if (--nfsrv_userdupcalls == 0 && nfsrv_nfsuserd == STARTSTOP)
- wakeup(&nfsrv_userdupcalls);
+ if (--NFSD_VNET(nfsrv_userdupcalls) == 0 &&
+ NFSD_VNET(nfsrv_nfsuserd) == STARTSTOP)
+ wakeup(&NFSD_VNET(nfsrv_userdupcalls));
NFSUNLOCKNAMEID();
NFSFREECRED(cred);
if (!error) {
@@ -3823,7 +3850,8 @@
free(cp, M_NFSSTRING);
goto out;
}
- if (atomic_cmpset_acq_int(&nfsrv_dnsnamelen, 0, 0) == 0) {
+ if (atomic_cmpset_acq_int(&NFSD_VNET(nfsrv_dnsnamelen), 0, 0) ==
+ 0) {
/*
* Free up all the old stuff and reinitialize hash
* lists. All mutexes for both lists must be locked,
@@ -3831,80 +3859,81 @@
* ones, to avoid a LOR.
*/
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsusernamehash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsusernamehash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsuserhash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsuserhash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
TAILQ_FOREACH_SAFE(usrp,
- &nfsuserhash[i].lughead, lug_numhash, nusrp)
+ &NFSD_VNET(nfsuserhash)[i].lughead, lug_numhash, nusrp)
nfsrv_removeuser(usrp, 1);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsuserhash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsuserhash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsusernamehash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsusernamehash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsgroupnamehash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsgroupnamehash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsgrouphash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsgrouphash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
TAILQ_FOREACH_SAFE(usrp,
- &nfsgrouphash[i].lughead, lug_numhash,
+ &NFSD_VNET(nfsgrouphash)[i].lughead, lug_numhash,
nusrp)
nfsrv_removeuser(usrp, 0);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsgrouphash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsgrouphash)[i].mtx);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsgroupnamehash[i].mtx);
- free(nfsrv_dnsname, M_NFSSTRING);
- nfsrv_dnsname = NULL;
+ mtx_unlock(&NFSD_VNET(nfsgroupnamehash)[i].mtx);
+ free(NFSD_VNET(nfsrv_dnsname), M_NFSSTRING);
+ NFSD_VNET(nfsrv_dnsname) = NULL;
}
- if (nfsuserhash == NULL) {
+ if (NFSD_VNET(nfsuserhash) == NULL) {
/* Allocate the hash tables. */
- nfsuserhash = malloc(sizeof(struct nfsrv_lughash) *
+ NFSD_VNET(nfsuserhash) = malloc(sizeof(struct nfsrv_lughash) *
nfsrv_lughashsize, M_NFSUSERGROUP, M_WAITOK |
M_ZERO);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_init(&nfsuserhash[i].mtx, "nfsuidhash",
+ mtx_init(&NFSD_VNET(nfsuserhash)[i].mtx, "nfsuidhash",
NULL, MTX_DEF | MTX_DUPOK);
- nfsusernamehash = malloc(sizeof(struct nfsrv_lughash) *
+ NFSD_VNET(nfsusernamehash) = malloc(sizeof(struct nfsrv_lughash) *
nfsrv_lughashsize, M_NFSUSERGROUP, M_WAITOK |
M_ZERO);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_init(&nfsusernamehash[i].mtx,
+ mtx_init(&NFSD_VNET(nfsusernamehash)[i].mtx,
"nfsusrhash", NULL, MTX_DEF |
MTX_DUPOK);
- nfsgrouphash = malloc(sizeof(struct nfsrv_lughash) *
+ NFSD_VNET(nfsgrouphash) = malloc(sizeof(struct nfsrv_lughash) *
nfsrv_lughashsize, M_NFSUSERGROUP, M_WAITOK |
M_ZERO);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_init(&nfsgrouphash[i].mtx, "nfsgidhash",
+ mtx_init(&NFSD_VNET(nfsgrouphash)[i].mtx, "nfsgidhash",
NULL, MTX_DEF | MTX_DUPOK);
- nfsgroupnamehash = malloc(sizeof(struct nfsrv_lughash) *
+ NFSD_VNET(nfsgroupnamehash) = malloc(sizeof(struct nfsrv_lughash) *
nfsrv_lughashsize, M_NFSUSERGROUP, M_WAITOK |
M_ZERO);
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_init(&nfsgroupnamehash[i].mtx,
+ mtx_init(&NFSD_VNET(nfsgroupnamehash)[i].mtx,
"nfsgrphash", NULL, MTX_DEF | MTX_DUPOK);
}
/* (Re)initialize the list heads. */
for (i = 0; i < nfsrv_lughashsize; i++)
- TAILQ_INIT(&nfsuserhash[i].lughead);
+ TAILQ_INIT(&NFSD_VNET(nfsuserhash)[i].lughead);
for (i = 0; i < nfsrv_lughashsize; i++)
- TAILQ_INIT(&nfsusernamehash[i].lughead);
+ TAILQ_INIT(&NFSD_VNET(nfsusernamehash)[i].lughead);
for (i = 0; i < nfsrv_lughashsize; i++)
- TAILQ_INIT(&nfsgrouphash[i].lughead);
+ TAILQ_INIT(&NFSD_VNET(nfsgrouphash)[i].lughead);
for (i = 0; i < nfsrv_lughashsize; i++)
- TAILQ_INIT(&nfsgroupnamehash[i].lughead);
+ TAILQ_INIT(&NFSD_VNET(nfsgroupnamehash)[i].lughead);
/*
* Put name in "DNS" string.
*/
- nfsrv_dnsname = cp;
- nfsrv_defaultuid = nidp->nid_uid;
- nfsrv_defaultgid = nidp->nid_gid;
- nfsrv_usercnt = 0;
- nfsrv_usermax = nidp->nid_usermax;
- atomic_store_rel_int(&nfsrv_dnsnamelen, nidp->nid_namelen);
+ NFSD_VNET(nfsrv_dnsname) = cp;
+ NFSD_VNET(nfsrv_defaultuid) = nidp->nid_uid;
+ NFSD_VNET(nfsrv_defaultgid) = nidp->nid_gid;
+ NFSD_VNET(nfsrv_usercnt) = 0;
+ NFSD_VNET(nfsrv_usermax) = nidp->nid_usermax;
+ atomic_store_rel_int(&NFSD_VNET(nfsrv_dnsnamelen),
+ nidp->nid_namelen);
goto out;
}
@@ -3968,7 +3997,7 @@
if (nidp->nid_flag & (NFSID_DELUID | NFSID_ADDUID)) {
/* Must lock all username hash lists first, to avoid a LOR. */
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsusernamehash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsusernamehash)[i].mtx);
username_locked = 1;
hp_idnum = NFSUSERHASH(nidp->nid_uid);
mtx_lock(&hp_idnum->mtx);
@@ -3997,7 +4026,7 @@
} else if (nidp->nid_flag & (NFSID_DELGID | NFSID_ADDGID)) {
/* Must lock all groupname hash lists first, to avoid a LOR. */
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsgroupnamehash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsgroupnamehash)[i].mtx);
groupname_locked = 1;
hp_idnum = NFSGROUPHASH(nidp->nid_gid);
mtx_lock(&hp_idnum->mtx);
@@ -4040,7 +4069,7 @@
thp = NFSUSERNAMEHASH(newusrp->lug_name, newusrp->lug_namelen);
mtx_assert(&thp->mtx, MA_OWNED);
TAILQ_INSERT_TAIL(&thp->lughead, newusrp, lug_namehash);
- atomic_add_int(&nfsrv_usercnt, 1);
+ atomic_add_int(&NFSD_VNET(nfsrv_usercnt), 1);
} else if (nidp->nid_flag & (NFSID_ADDGID | NFSID_ADDGROUPNAME)) {
newusrp->lug_gid = nidp->nid_gid;
thp = NFSGROUPHASH(newusrp->lug_gid);
@@ -4049,7 +4078,7 @@
thp = NFSGROUPNAMEHASH(newusrp->lug_name, newusrp->lug_namelen);
mtx_assert(&thp->mtx, MA_OWNED);
TAILQ_INSERT_TAIL(&thp->lughead, newusrp, lug_namehash);
- atomic_add_int(&nfsrv_usercnt, 1);
+ atomic_add_int(&NFSD_VNET(nfsrv_usercnt), 1);
} else {
if (newusrp->lug_cred != NULL)
crfree(newusrp->lug_cred);
@@ -4078,17 +4107,17 @@
NFSID_DELUSERNAME | NFSID_ADDUSERNAME)) != 0) {
if (username_locked == 0) {
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsusernamehash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsusernamehash)[i].mtx);
username_locked = 1;
}
KASSERT(user_locked == 0,
("nfssvc_idname: user_locked"));
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsuserhash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsuserhash)[i].mtx);
user_locked = 1;
for (i = 0; i < nfsrv_lughashsize; i++) {
TAILQ_FOREACH_SAFE(usrp,
- &nfsuserhash[i].lughead, lug_numhash,
+ &NFSD_VNET(nfsuserhash)[i].lughead, lug_numhash,
nusrp)
if (usrp->lug_expiry < NFSD_MONOSEC)
nfsrv_removeuser(usrp, 1);
@@ -4099,26 +4128,26 @@
* algorithm. This code deletes the least
* recently used entry on each hash list.
*/
- if (nfsrv_usercnt <= nfsrv_usermax)
+ if (NFSD_VNET(nfsrv_usercnt) <= NFSD_VNET(nfsrv_usermax))
break;
- usrp = TAILQ_FIRST(&nfsuserhash[i].lughead);
+ usrp = TAILQ_FIRST(&NFSD_VNET(nfsuserhash)[i].lughead);
if (usrp != NULL)
nfsrv_removeuser(usrp, 1);
}
} else {
if (groupname_locked == 0) {
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsgroupnamehash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsgroupnamehash)[i].mtx);
groupname_locked = 1;
}
KASSERT(group_locked == 0,
("nfssvc_idname: group_locked"));
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_lock(&nfsgrouphash[i].mtx);
+ mtx_lock(&NFSD_VNET(nfsgrouphash)[i].mtx);
group_locked = 1;
for (i = 0; i < nfsrv_lughashsize; i++) {
TAILQ_FOREACH_SAFE(usrp,
- &nfsgrouphash[i].lughead, lug_numhash,
+ &NFSD_VNET(nfsgrouphash)[i].lughead, lug_numhash,
nusrp)
if (usrp->lug_expiry < NFSD_MONOSEC)
nfsrv_removeuser(usrp, 0);
@@ -4129,9 +4158,9 @@
* algorithm. This code deletes the least
* recently user entry on each hash list.
*/
- if (nfsrv_usercnt <= nfsrv_usermax)
+ if (NFSD_VNET(nfsrv_usercnt) <= NFSD_VNET(nfsrv_usermax))
break;
- usrp = TAILQ_FIRST(&nfsgrouphash[i].lughead);
+ usrp = TAILQ_FIRST(&NFSD_VNET(nfsgrouphash)[i].lughead);
if (usrp != NULL)
nfsrv_removeuser(usrp, 0);
}
@@ -4147,16 +4176,16 @@
mtx_unlock(&hp_name->mtx);
if (user_locked != 0)
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsuserhash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsuserhash)[i].mtx);
if (username_locked != 0)
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsusernamehash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsusernamehash)[i].mtx);
if (group_locked != 0)
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsgrouphash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsgrouphash)[i].mtx);
if (groupname_locked != 0)
for (i = 0; i < nfsrv_lughashsize; i++)
- mtx_unlock(&nfsgroupnamehash[i].mtx);
+ mtx_unlock(&NFSD_VNET(nfsgroupnamehash)[i].mtx);
out:
NFSEXITCODE(error);
return (error);
@@ -4185,59 +4214,10 @@
mtx_assert(&hp->mtx, MA_OWNED);
TAILQ_REMOVE(&hp->lughead, usrp, lug_namehash);
}
- atomic_add_int(&nfsrv_usercnt, -1);
+ atomic_add_int(&NFSD_VNET(nfsrv_usercnt), -1);
if (usrp->lug_cred != NULL)
crfree(usrp->lug_cred);
free(usrp, M_NFSUSERGROUP);
-}
-
-/*
- * Free up all the allocations related to the name<-->id cache.
- * This function should only be called when the nfsuserd daemon isn't
- * running, since it doesn't do any locking.
- * This function is meant to be used when the nfscommon module is unloaded.
- */
-void
-nfsrv_cleanusergroup(void)
-{
- struct nfsrv_lughash *hp, *hp2;
- struct nfsusrgrp *nusrp, *usrp;
- int i;
-
- if (nfsuserhash == NULL)
- return;
-
- for (i = 0; i < nfsrv_lughashsize; i++) {
- hp = &nfsuserhash[i];
- TAILQ_FOREACH_SAFE(usrp, &hp->lughead, lug_numhash, nusrp) {
- TAILQ_REMOVE(&hp->lughead, usrp, lug_numhash);
- hp2 = NFSUSERNAMEHASH(usrp->lug_name,
- usrp->lug_namelen);
- TAILQ_REMOVE(&hp2->lughead, usrp, lug_namehash);
- if (usrp->lug_cred != NULL)
- crfree(usrp->lug_cred);
- free(usrp, M_NFSUSERGROUP);
- }
- hp = &nfsgrouphash[i];
- TAILQ_FOREACH_SAFE(usrp, &hp->lughead, lug_numhash, nusrp) {
- TAILQ_REMOVE(&hp->lughead, usrp, lug_numhash);
- hp2 = NFSGROUPNAMEHASH(usrp->lug_name,
- usrp->lug_namelen);
- TAILQ_REMOVE(&hp2->lughead, usrp, lug_namehash);
- if (usrp->lug_cred != NULL)
- crfree(usrp->lug_cred);
- free(usrp, M_NFSUSERGROUP);
- }
- mtx_destroy(&nfsuserhash[i].mtx);
- mtx_destroy(&nfsusernamehash[i].mtx);
- mtx_destroy(&nfsgroupnamehash[i].mtx);
- mtx_destroy(&nfsgrouphash[i].mtx);
- }
- free(nfsuserhash, M_NFSUSERGROUP);
- free(nfsusernamehash, M_NFSUSERGROUP);
- free(nfsgrouphash, M_NFSUSERGROUP);
- free(nfsgroupnamehash, M_NFSUSERGROUP);
- free(nfsrv_dnsname, M_NFSSTRING);
}
/*
diff --git a/sys/fs/nfs/nfs_var.h.vnetnfsuserd b/sys/fs/nfs/nfs_var.h
--- a/sys/fs/nfs/nfs_var.h.vnetnfsuserd
+++ b/sys/fs/nfs/nfs_var.h
@@ -348,7 +348,6 @@
int nfsv4_getref_nonblock(struct nfsv4lock *);
int nfsv4_testlock(struct nfsv4lock *);
int nfsrv_mtostr(struct nfsrv_descript *, char *, int);
-void nfsrv_cleanusergroup(void);
int nfsrv_checkutf8(u_int8_t *, int);
int newnfs_sndlock(int *);
void newnfs_sndunlock(int *);
diff --git a/sys/fs/nfs/nfsport.h.vnetnfsuserd b/sys/fs/nfs/nfsport.h
--- a/sys/fs/nfs/nfsport.h.vnetnfsuserd
+++ b/sys/fs/nfs/nfsport.h
@@ -1280,6 +1280,12 @@
#define NFS_MAXBSIZE (maxbcachebuf)
#endif
+/* User/group hash structure for nfsuserhash and friends. */
+struct nfsrv_lughash {
+ struct mtx mtx;
+ struct nfsuserhashhead lughead;
+};
+
/*
* This macro checks to see if issuing of delegations is allowed for this
* vnode.
diff --git a/sys/fs/nfs/nfsrvstate.h.vnetnfsuserd b/sys/fs/nfs/nfsrvstate.h
--- a/sys/fs/nfs/nfsrvstate.h.vnetnfsuserd
+++ b/sys/fs/nfs/nfsrvstate.h
@@ -62,14 +62,14 @@
#define NFSSTATEHASH(clp, id) \
(&((clp)->lc_stateid[(id).other[2] % nfsrv_statehashsize]))
#define NFSUSERHASH(id) \
- (&nfsuserhash[(id) % nfsrv_lughashsize])
+ (&NFSD_VNET(nfsuserhash)[(id) % nfsrv_lughashsize])
#define NFSUSERNAMEHASH(p, l) \
- (&nfsusernamehash[((l)>=4?(*(p)+*((p)+1)+*((p)+2)+*((p)+3)):*(p)) \
+ (&NFSD_VNET(nfsusernamehash)[((l)>=4?(*(p)+*((p)+1)+*((p)+2)+*((p)+3)):*(p)) \
% nfsrv_lughashsize])
#define NFSGROUPHASH(id) \
- (&nfsgrouphash[(id) % nfsrv_lughashsize])
+ (&NFSD_VNET(nfsgrouphash)[(id) % nfsrv_lughashsize])
#define NFSGROUPNAMEHASH(p, l) \
- (&nfsgroupnamehash[((l)>=4?(*(p)+*((p)+1)+*((p)+2)+*((p)+3)):*(p)) \
+ (&NFSD_VNET(nfsgroupnamehash)[((l)>=4?(*(p)+*((p)+1)+*((p)+2)+*((p)+3)):*(p)) \
% nfsrv_lughashsize])
struct nfssessionhash {
diff --git a/sys/fs/nfsserver/nfs_nfsdport.c.vnetnfsuserd b/sys/fs/nfsserver/nfs_nfsdport.c
--- a/sys/fs/nfsserver/nfs_nfsdport.c.vnetnfsuserd
+++ b/sys/fs/nfsserver/nfs_nfsdport.c
@@ -124,7 +124,6 @@
static int nfs_commit_miss;
extern int nfsrv_issuedelegs;
extern int nfsrv_dolocallocks;
-extern int nfsd_enable_stringtouid;
extern struct nfsdevicehead nfsrv_devidhead;
static int nfsrv_createiovec(int, struct mbuf **, struct mbuf **,
@@ -186,8 +185,10 @@
&nfsrv_dolocallocks, 0, "Enable nfsd to acquire local locks on files");
SYSCTL_INT(_vfs_nfsd, OID_AUTO, debuglevel, CTLFLAG_RW, &nfsd_debuglevel,
0, "Debug level for NFS server");
-SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_stringtouid, CTLFLAG_RW,
- &nfsd_enable_stringtouid, 0, "Enable nfsd to accept numeric owner_names");
+NFSD_VNET_DECLARE(int, nfsd_enable_stringtouid);
+SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_stringtouid,
+ CTLFLAG_NFSD_VNET | CTLFLAG_RW, &NFSD_VNET_NAME(nfsd_enable_stringtouid),
+ 0, "Enable nfsd to accept numeric owner_names");
static int nfsrv_pnfsgetdsattr = 1;
SYSCTL_INT(_vfs_nfsd, OID_AUTO, pnfsgetdsattr, CTLFLAG_RW,
&nfsrv_pnfsgetdsattr, 0, "When set getattr gets DS attributes via RPC");
diff --git a/sys/fs/nfsserver/nfs_nfsdsubs.c.vnetnfsuserd b/sys/fs/nfsserver/nfs_nfsdsubs.c
--- a/sys/fs/nfsserver/nfs_nfsdsubs.c.vnetnfsuserd
+++ b/sys/fs/nfsserver/nfs_nfsdsubs.c
@@ -56,6 +56,8 @@
NFSD_VNET_DECLARE(struct nfslockhashhead *, nfslockhash);
NFSD_VNET_DECLARE(struct nfssessionhash *, nfssessionhash);
NFSD_VNET_DECLARE(int, nfs_rootfhset);
+NFSD_VNET_DECLARE(uid_t, nfsrv_defaultuid);
+NFSD_VNET_DECLARE(gid_t, nfsrv_defaultgid);
NFSD_VNET_DEFINE(struct nfsdontlisthead, nfsrv_dontlisthead);
@@ -1611,10 +1613,12 @@
*/
if (NFSVNO_NOTSETUID(nvap) && NFSVNO_NOTSETGID(nvap))
goto out;
- if ((NFSVNO_ISSETUID(nvap) && nvap->na_uid == nfsrv_defaultuid &&
- enable_nobodycheck == 1)
- || (NFSVNO_ISSETGID(nvap) && nvap->na_gid == nfsrv_defaultgid &&
- enable_nogroupcheck == 1)) {
+ if ((NFSVNO_ISSETUID(nvap) &&
+ nvap->na_uid == NFSD_VNET(nfsrv_defaultuid) &&
+ enable_nobodycheck == 1) ||
+ (NFSVNO_ISSETGID(nvap) &&
+ nvap->na_gid == NFSD_VNET(nfsrv_defaultgid) &&
+ enable_nogroupcheck == 1)) {
error = NFSERR_BADOWNER;
goto out;
}

File Metadata

Mime Type
text/plain
Expires
Sat, Jan 11, 5:00 AM (10 h, 16 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15750438
Default Alt Text
D37880.id114703.diff (34 KB)

Event Timeline