FreeBSD kernel kern code
vfs_export.c
Go to the documentation of this file.
1/*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
6 * (c) UNIX System Laboratories, Inc.
7 * All or some portions of this file are derived from material licensed
8 * to the University of California by American Telephone and Telegraph
9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
10 * the permission of UNIX System Laboratories, Inc.
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * SUCH DAMAGE.
35 *
36 * @(#)vfs_subr.c 8.31 (Berkeley) 5/26/95
37 */
38
39#include <sys/cdefs.h>
40__FBSDID("$FreeBSD$");
41
42#include "opt_inet.h"
43#include "opt_inet6.h"
44
45#include <sys/param.h>
46#include <sys/systm.h>
47#include <sys/dirent.h>
48#include <sys/jail.h>
49#include <sys/kernel.h>
50#include <sys/lock.h>
51#include <sys/malloc.h>
52#include <sys/mbuf.h>
53#include <sys/mount.h>
54#include <sys/mutex.h>
55#include <sys/rmlock.h>
56#include <sys/refcount.h>
57#include <sys/signalvar.h>
58#include <sys/socket.h>
59#include <sys/vnode.h>
60
61#include <netinet/in.h>
62#include <net/radix.h>
63
64#include <rpc/types.h>
65#include <rpc/auth.h>
66
67static MALLOC_DEFINE(M_NETADDR, "export_host", "Export host address structure");
68
69#if defined(INET) || defined(INET6)
70static struct radix_node_head *vfs_create_addrlist_af(
71 struct radix_node_head **prnh, int off);
72#endif
73static void vfs_free_addrlist(struct netexport *nep);
74static int vfs_free_netcred(struct radix_node *rn, void *w);
75static void vfs_free_addrlist_af(struct radix_node_head **prnh);
76static int vfs_hang_addrlist(struct mount *mp, struct netexport *nep,
77 struct export_args *argp);
78static struct netcred *vfs_export_lookup(struct mount *, struct sockaddr *);
79
80/*
81 * Network address lookup element
82 */
83struct netcred {
84 struct radix_node netc_rnodes[2];
85 uint64_t netc_exflags;
86 struct ucred *netc_anon;
87 int netc_numsecflavors;
88 int netc_secflavors[MAXSECFLAVORS];
89};
90
91/*
92 * Network export information
93 */
94struct netexport {
95 struct netcred ne_defexported; /* Default export */
96 struct radix_node_head *ne4;
97 struct radix_node_head *ne6;
98};
99
100/*
101 * Build hash lists of net addresses and hang them off the mount point.
102 * Called by vfs_export() to set up the lists of export addresses.
103 */
104static int
105vfs_hang_addrlist(struct mount *mp, struct netexport *nep,
106 struct export_args *argp)
107{
108 struct netcred *np;
109 struct radix_node_head *rnh;
110 int i;
111 struct radix_node *rn;
112 struct sockaddr *saddr, *smask = NULL;
113#if defined(INET6) || defined(INET)
114 int off;
115#endif
116 int error;
117
118 KASSERT(argp->ex_numsecflavors > 0,
119 ("%s: numsecflavors <= 0", __func__));
120 KASSERT(argp->ex_numsecflavors < MAXSECFLAVORS,
121 ("%s: numsecflavors >= MAXSECFLAVORS", __func__));
122
123 /*
124 * XXX: This routine converts from a uid plus gid list
125 * to a `struct ucred' (np->netc_anon). This
126 * operation is questionable; for example, what should be done
127 * with fields like cr_uidinfo and cr_prison? Currently, this
128 * routine does not touch them (leaves them as NULL).
129 */
130 if (argp->ex_addrlen == 0) {
131 if (mp->mnt_flag & MNT_DEFEXPORTED) {
132 vfs_mount_error(mp,
133 "MNT_DEFEXPORTED already set for mount %p", mp);
134 return (EPERM);
135 }
136 np = &nep->ne_defexported;
137 np->netc_exflags = argp->ex_flags;
138 np->netc_anon = crget();
139 np->netc_anon->cr_uid = argp->ex_uid;
140 crsetgroups(np->netc_anon, argp->ex_ngroups,
141 argp->ex_groups);
142 np->netc_anon->cr_prison = &prison0;
143 prison_hold(np->netc_anon->cr_prison);
144 np->netc_numsecflavors = argp->ex_numsecflavors;
145 bcopy(argp->ex_secflavors, np->netc_secflavors,
146 sizeof(np->netc_secflavors));
147 MNT_ILOCK(mp);
148 mp->mnt_flag |= MNT_DEFEXPORTED;
149 MNT_IUNLOCK(mp);
150 return (0);
151 }
152
153#if MSIZE <= 256
154 if (argp->ex_addrlen > MLEN) {
155 vfs_mount_error(mp, "ex_addrlen %d is greater than %d",
156 argp->ex_addrlen, MLEN);
157 return (EINVAL);
158 }
159#endif
160
161 i = sizeof(struct netcred) + argp->ex_addrlen + argp->ex_masklen;
162 np = (struct netcred *) malloc(i, M_NETADDR, M_WAITOK | M_ZERO);
163 saddr = (struct sockaddr *) (np + 1);
164 if ((error = copyin(argp->ex_addr, saddr, argp->ex_addrlen)))
165 goto out;
166 if (saddr->sa_family == AF_UNSPEC || saddr->sa_family > AF_MAX) {
167 error = EINVAL;
168 vfs_mount_error(mp, "Invalid saddr->sa_family: %d");
169 goto out;
170 }
171 if (saddr->sa_len > argp->ex_addrlen)
172 saddr->sa_len = argp->ex_addrlen;
173 if (argp->ex_masklen) {
174 smask = (struct sockaddr *)((caddr_t)saddr + argp->ex_addrlen);
175 error = copyin(argp->ex_mask, smask, argp->ex_masklen);
176 if (error)
177 goto out;
178 if (smask->sa_len > argp->ex_masklen)
179 smask->sa_len = argp->ex_masklen;
180 }
181 rnh = NULL;
182 switch (saddr->sa_family) {
183#ifdef INET
184 case AF_INET:
185 if ((rnh = nep->ne4) == NULL) {
186 off = offsetof(struct sockaddr_in, sin_addr) << 3;
187 rnh = vfs_create_addrlist_af(&nep->ne4, off);
188 }
189 break;
190#endif
191#ifdef INET6
192 case AF_INET6:
193 if ((rnh = nep->ne6) == NULL) {
194 off = offsetof(struct sockaddr_in6, sin6_addr) << 3;
195 rnh = vfs_create_addrlist_af(&nep->ne6, off);
196 }
197 break;
198#endif
199 }
200 if (rnh == NULL) {
201 error = ENOBUFS;
202 vfs_mount_error(mp, "%s %s %d",
203 "Unable to initialize radix node head ",
204 "for address family", saddr->sa_family);
205 goto out;
206 }
207 RADIX_NODE_HEAD_LOCK(rnh);
208 rn = (*rnh->rnh_addaddr)(saddr, smask, &rnh->rh, np->netc_rnodes);
209 RADIX_NODE_HEAD_UNLOCK(rnh);
210 if (rn == NULL || np != (struct netcred *)rn) { /* already exists */
211 error = EPERM;
212 vfs_mount_error(mp,
213 "netcred already exists for given addr/mask");
214 goto out;
215 }
216 np->netc_exflags = argp->ex_flags;
217 np->netc_anon = crget();
218 np->netc_anon->cr_uid = argp->ex_uid;
219 crsetgroups(np->netc_anon, argp->ex_ngroups,
220 argp->ex_groups);
221 np->netc_anon->cr_prison = &prison0;
222 prison_hold(np->netc_anon->cr_prison);
223 np->netc_numsecflavors = argp->ex_numsecflavors;
224 bcopy(argp->ex_secflavors, np->netc_secflavors,
225 sizeof(np->netc_secflavors));
226 return (0);
227out:
228 free(np, M_NETADDR);
229 return (error);
230}
231
232/* Helper for vfs_free_addrlist. */
233/* ARGSUSED */
234static int
235vfs_free_netcred(struct radix_node *rn, void *w)
236{
237 struct radix_node_head *rnh = (struct radix_node_head *) w;
238 struct ucred *cred;
239
240 (*rnh->rnh_deladdr) (rn->rn_key, rn->rn_mask, &rnh->rh);
241 cred = ((struct netcred *)rn)->netc_anon;
242 if (cred != NULL)
243 crfree(cred);
244 free(rn, M_NETADDR);
245 return (0);
246}
247
248#if defined(INET) || defined(INET6)
249static struct radix_node_head *
250vfs_create_addrlist_af(struct radix_node_head **prnh, int off)
251{
252
253 if (rn_inithead((void **)prnh, off) == 0)
254 return (NULL);
255 RADIX_NODE_HEAD_LOCK_INIT(*prnh);
256 return (*prnh);
257}
258#endif
259
260static void
261vfs_free_addrlist_af(struct radix_node_head **prnh)
262{
263 struct radix_node_head *rnh;
264
265 rnh = *prnh;
266 RADIX_NODE_HEAD_LOCK(rnh);
267 (*rnh->rnh_walktree)(&rnh->rh, vfs_free_netcred, rnh);
268 RADIX_NODE_HEAD_UNLOCK(rnh);
269 RADIX_NODE_HEAD_DESTROY(rnh);
270 rn_detachhead((void **)prnh);
271 prnh = NULL;
272}
273
274/*
275 * Free the net address hash lists that are hanging off the mount points.
276 */
277static void
278vfs_free_addrlist(struct netexport *nep)
279{
280 struct ucred *cred;
281
282 if (nep->ne4 != NULL)
283 vfs_free_addrlist_af(&nep->ne4);
284 if (nep->ne6 != NULL)
285 vfs_free_addrlist_af(&nep->ne6);
286
287 cred = nep->ne_defexported.netc_anon;
288 if (cred != NULL)
289 crfree(cred);
290
291}
292
293/*
294 * High level function to manipulate export options on a mount point
295 * and the passed in netexport.
296 * Struct export_args *argp is the variable used to twiddle options,
297 * the structure is described in sys/mount.h
298 */
299int
300vfs_export(struct mount *mp, struct export_args *argp)
301{
302 struct netexport *nep;
303 int error;
304
305 if ((argp->ex_flags & (MNT_DELEXPORT | MNT_EXPORTED)) == 0)
306 return (EINVAL);
307
308 if ((argp->ex_flags & MNT_EXPORTED) != 0 &&
309 (argp->ex_numsecflavors < 0
310 || argp->ex_numsecflavors >= MAXSECFLAVORS))
311 return (EINVAL);
312
313 error = 0;
314 lockmgr(&mp->mnt_explock, LK_EXCLUSIVE, NULL);
315 nep = mp->mnt_export;
316 if (argp->ex_flags & MNT_DELEXPORT) {
317 if (nep == NULL) {
318 error = ENOENT;
319 goto out;
320 }
321 if (mp->mnt_flag & MNT_EXPUBLIC) {
322 vfs_setpublicfs(NULL, NULL, NULL);
323 MNT_ILOCK(mp);
324 mp->mnt_flag &= ~MNT_EXPUBLIC;
325 MNT_IUNLOCK(mp);
326 }
327 vfs_free_addrlist(nep);
328 mp->mnt_export = NULL;
329 free(nep, M_MOUNT);
330 nep = NULL;
331 MNT_ILOCK(mp);
332 mp->mnt_flag &= ~(MNT_EXPORTED | MNT_DEFEXPORTED);
333 MNT_IUNLOCK(mp);
334 }
335 if (argp->ex_flags & MNT_EXPORTED) {
336 if (nep == NULL) {
337 nep = malloc(sizeof(struct netexport), M_MOUNT, M_WAITOK | M_ZERO);
338 mp->mnt_export = nep;
339 }
340 if (argp->ex_flags & MNT_EXPUBLIC) {
341 if ((error = vfs_setpublicfs(mp, nep, argp)) != 0)
342 goto out;
343 MNT_ILOCK(mp);
344 mp->mnt_flag |= MNT_EXPUBLIC;
345 MNT_IUNLOCK(mp);
346 }
347 if (argp->ex_numsecflavors == 0) {
348 argp->ex_numsecflavors = 1;
349 argp->ex_secflavors[0] = AUTH_SYS;
350 }
351 if ((error = vfs_hang_addrlist(mp, nep, argp)))
352 goto out;
353 MNT_ILOCK(mp);
354 mp->mnt_flag |= MNT_EXPORTED;
355 MNT_IUNLOCK(mp);
356 }
357
358out:
359 lockmgr(&mp->mnt_explock, LK_RELEASE, NULL);
360 /*
361 * Once we have executed the vfs_export() command, we do
362 * not want to keep the "export" option around in the
363 * options list, since that will cause subsequent MNT_UPDATE
364 * calls to fail. The export information is saved in
365 * mp->mnt_export, so we can safely delete the "export" mount option
366 * here.
367 */
368 vfs_deleteopt(mp->mnt_optnew, "export");
369 vfs_deleteopt(mp->mnt_opt, "export");
370 return (error);
371}
372
373/*
374 * Set the publicly exported filesystem (WebNFS). Currently, only
375 * one public filesystem is possible in the spec (RFC 2054 and 2055)
376 */
377int
378vfs_setpublicfs(struct mount *mp, struct netexport *nep,
379 struct export_args *argp)
380{
381 int error;
382 struct vnode *rvp;
383 char *cp;
384
385 /*
386 * mp == NULL -> invalidate the current info, the FS is
387 * no longer exported. May be called from either vfs_export
388 * or unmount, so check if it hasn't already been done.
389 */
390 if (mp == NULL) {
391 if (nfs_pub.np_valid) {
392 nfs_pub.np_valid = 0;
393 if (nfs_pub.np_index != NULL) {
394 free(nfs_pub.np_index, M_TEMP);
395 nfs_pub.np_index = NULL;
396 }
397 }
398 return (0);
399 }
400
401 /*
402 * Only one allowed at a time.
403 */
404 if (nfs_pub.np_valid != 0 && mp != nfs_pub.np_mount)
405 return (EBUSY);
406
407 /*
408 * Get real filehandle for root of exported FS.
409 */
410 bzero(&nfs_pub.np_handle, sizeof(nfs_pub.np_handle));
411 nfs_pub.np_handle.fh_fsid = mp->mnt_stat.f_fsid;
412
413 if ((error = VFS_ROOT(mp, LK_EXCLUSIVE, &rvp)))
414 return (error);
415
416 if ((error = VOP_VPTOFH(rvp, &nfs_pub.np_handle.fh_fid)))
417 return (error);
418
419 vput(rvp);
420
421 /*
422 * If an indexfile was specified, pull it in.
423 */
424 if (argp->ex_indexfile != NULL) {
425 if (nfs_pub.np_index == NULL)
426 nfs_pub.np_index = malloc(MAXNAMLEN + 1, M_TEMP,
427 M_WAITOK);
428 error = copyinstr(argp->ex_indexfile, nfs_pub.np_index,
429 MAXNAMLEN, (size_t *)0);
430 if (!error) {
431 /*
432 * Check for illegal filenames.
433 */
434 for (cp = nfs_pub.np_index; *cp; cp++) {
435 if (*cp == '/') {
436 error = EINVAL;
437 break;
438 }
439 }
440 }
441 if (error) {
442 free(nfs_pub.np_index, M_TEMP);
443 nfs_pub.np_index = NULL;
444 return (error);
445 }
446 }
447
448 nfs_pub.np_mount = mp;
449 nfs_pub.np_valid = 1;
450 return (0);
451}
452
453/*
454 * Used by the filesystems to determine if a given network address
455 * (passed in 'nam') is present in their exports list, returns a pointer
456 * to struct netcred so that the filesystem can examine it for
457 * access rights (read/write/etc).
458 */
459static struct netcred *
460vfs_export_lookup(struct mount *mp, struct sockaddr *nam)
461{
462 RADIX_NODE_HEAD_RLOCK_TRACKER;
463 struct netexport *nep;
464 struct netcred *np = NULL;
465 struct radix_node_head *rnh;
466 struct sockaddr *saddr;
467
468 nep = mp->mnt_export;
469 if (nep == NULL)
470 return (NULL);
471 if ((mp->mnt_flag & MNT_EXPORTED) == 0)
472 return (NULL);
473
474 /*
475 * Lookup in the export list
476 */
477 if (nam != NULL) {
478 saddr = nam;
479 rnh = NULL;
480 switch (saddr->sa_family) {
481 case AF_INET:
482 rnh = nep->ne4;
483 break;
484 case AF_INET6:
485 rnh = nep->ne6;
486 break;
487 }
488 if (rnh != NULL) {
489 RADIX_NODE_HEAD_RLOCK(rnh);
490 np = (struct netcred *) (*rnh->rnh_matchaddr)(saddr, &rnh->rh);
491 RADIX_NODE_HEAD_RUNLOCK(rnh);
492 if (np != NULL && (np->netc_rnodes->rn_flags & RNF_ROOT) != 0)
493 return (NULL);
494 }
495 }
496
497 /*
498 * If no address match, use the default if it exists.
499 */
500 if (np == NULL && (mp->mnt_flag & MNT_DEFEXPORTED) != 0)
501 return (&nep->ne_defexported);
502
503 return (np);
504}
505
506/*
507 * XXX: This comment comes from the deprecated ufs_check_export()
508 * XXX: and may not entirely apply, but lacking something better:
509 * This is the generic part of fhtovp called after the underlying
510 * filesystem has validated the file handle.
511 *
512 * Verify that a host should have access to a filesystem.
513 */
514
515int
516vfs_stdcheckexp(struct mount *mp, struct sockaddr *nam, uint64_t *extflagsp,
517 struct ucred **credanonp, int *numsecflavors, int *secflavors)
518{
519 struct netcred *np;
520
521 lockmgr(&mp->mnt_explock, LK_SHARED, NULL);
522 np = vfs_export_lookup(mp, nam);
523 if (np == NULL) {
524 lockmgr(&mp->mnt_explock, LK_RELEASE, NULL);
525 *credanonp = NULL;
526 return (EACCES);
527 }
528 *extflagsp = np->netc_exflags;
529 if ((*credanonp = np->netc_anon) != NULL)
530 crhold(*credanonp);
531 if (numsecflavors) {
532 *numsecflavors = np->netc_numsecflavors;
533 KASSERT(*numsecflavors > 0,
534 ("%s: numsecflavors <= 0", __func__));
535 KASSERT(*numsecflavors < MAXSECFLAVORS,
536 ("%s: numsecflavors >= MAXSECFLAVORS", __func__));
537 }
538 if (secflavors && np->netc_numsecflavors > 0)
539 memcpy(secflavors, np->netc_secflavors, np->netc_numsecflavors *
540 sizeof(int));
541 lockmgr(&mp->mnt_explock, LK_RELEASE, NULL);
542 return (0);
543}
prison_hold
void prison_hold(struct prison *pr)
Definition: kern_jail.c:2783
prison0
struct prison prison0
Definition: kern_jail.c:101
malloc
void *() malloc(size_t size, struct malloc_type *mtp, int flags)
Definition: kern_malloc.c:632
free
void free(void *addr, struct malloc_type *mtp)
Definition: kern_malloc.c:907
crget
struct ucred * crget(void)
Definition: kern_prot.c:1991
crhold
struct ucred * crhold(struct ucred *cr)
Definition: kern_prot.c:2014
crfree
void crfree(struct ucred *cr)
Definition: kern_prot.c:2035
crsetgroups
void crsetgroups(struct ucred *cr, int ngrp, gid_t *groups)
Definition: kern_prot.c:2319
netcred::netc_secflavors
int netc_secflavors[MAXSECFLAVORS]
Definition: vfs_export.c:88
netcred::netc_numsecflavors
int netc_numsecflavors
Definition: vfs_export.c:87
netcred::netc_exflags
uint64_t netc_exflags
Definition: vfs_export.c:85
netcred::netc_rnodes
struct radix_node netc_rnodes[2]
Definition: vfs_export.c:84
netcred::netc_anon
struct ucred * netc_anon
Definition: vfs_export.c:86
netexport::ne6
struct radix_node_head * ne6
Definition: vfs_export.c:97
netexport::ne_defexported
struct netcred ne_defexported
Definition: vfs_export.c:95
netexport::ne4
struct radix_node_head * ne4
Definition: vfs_export.c:96
vfs_free_netcred
static int vfs_free_netcred(struct radix_node *rn, void *w)
Definition: vfs_export.c:235
vfs_export
int vfs_export(struct mount *mp, struct export_args *argp)
Definition: vfs_export.c:300
MALLOC_DEFINE
static MALLOC_DEFINE(M_NETADDR, "export_host", "Export host address structure")
__FBSDID
__FBSDID("$FreeBSD$")
vfs_setpublicfs
int vfs_setpublicfs(struct mount *mp, struct netexport *nep, struct export_args *argp)
Definition: vfs_export.c:378
vfs_hang_addrlist
static int vfs_hang_addrlist(struct mount *mp, struct netexport *nep, struct export_args *argp)
Definition: vfs_export.c:105
vfs_stdcheckexp
int vfs_stdcheckexp(struct mount *mp, struct sockaddr *nam, uint64_t *extflagsp, struct ucred **credanonp, int *numsecflavors, int *secflavors)
Definition: vfs_export.c:516
vfs_export_lookup
static struct netcred * vfs_export_lookup(struct mount *, struct sockaddr *)
Definition: vfs_export.c:460
vfs_free_addrlist
static void vfs_free_addrlist(struct netexport *nep)
Definition: vfs_export.c:278
vfs_free_addrlist_af
static void vfs_free_addrlist_af(struct radix_node_head **prnh)
Definition: vfs_export.c:261
vfs_mount_error
void vfs_mount_error(struct mount *mp, const char *fmt,...)
Definition: vfs_mount.c:2282
vfs_deleteopt
void vfs_deleteopt(struct vfsoptlist *opts, const char *name)
Definition: vfs_mount.c:225
vput
void vput(struct vnode *vp)
Definition: vfs_subr.c:3348