1 | #include <machine/rtems-bsd-kernel-space.h> |
---|
2 | |
---|
3 | /*- |
---|
4 | * SPDX-License-Identifier: BSD-3-Clause |
---|
5 | * |
---|
6 | * Copyright (c) 1989, 1993 |
---|
7 | * The Regents of the University of California. All rights reserved. |
---|
8 | * (c) UNIX System Laboratories, Inc. |
---|
9 | * All or some portions of this file are derived from material licensed |
---|
10 | * to the University of California by American Telephone and Telegraph |
---|
11 | * Co. or Unix System Laboratories, Inc. and are reproduced herein with |
---|
12 | * the permission of UNIX System Laboratories, Inc. |
---|
13 | * |
---|
14 | * Redistribution and use in source and binary forms, with or without |
---|
15 | * modification, are permitted provided that the following conditions |
---|
16 | * are met: |
---|
17 | * 1. Redistributions of source code must retain the above copyright |
---|
18 | * notice, this list of conditions and the following disclaimer. |
---|
19 | * 2. Redistributions in binary form must reproduce the above copyright |
---|
20 | * notice, this list of conditions and the following disclaimer in the |
---|
21 | * documentation and/or other materials provided with the distribution. |
---|
22 | * 3. Neither the name of the University nor the names of its contributors |
---|
23 | * may be used to endorse or promote products derived from this software |
---|
24 | * without specific prior written permission. |
---|
25 | * |
---|
26 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
---|
27 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
---|
28 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
---|
29 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
---|
30 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
---|
31 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
---|
32 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
---|
33 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
---|
34 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
---|
35 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
---|
36 | * SUCH DAMAGE. |
---|
37 | * |
---|
38 | * @(#)vfs_subr.c 8.31 (Berkeley) 5/26/95 |
---|
39 | */ |
---|
40 | |
---|
41 | #include <sys/cdefs.h> |
---|
42 | __FBSDID("$FreeBSD$"); |
---|
43 | |
---|
44 | #include <rtems/bsd/local/opt_inet.h> |
---|
45 | #include <rtems/bsd/local/opt_inet6.h> |
---|
46 | |
---|
47 | #include <sys/param.h> |
---|
48 | #include <sys/systm.h> |
---|
49 | #include <sys/dirent.h> |
---|
50 | #include <sys/jail.h> |
---|
51 | #include <sys/kernel.h> |
---|
52 | #include <sys/lock.h> |
---|
53 | #include <sys/malloc.h> |
---|
54 | #include <sys/mbuf.h> |
---|
55 | #include <sys/mount.h> |
---|
56 | #include <sys/mutex.h> |
---|
57 | #include <sys/rmlock.h> |
---|
58 | #include <sys/refcount.h> |
---|
59 | #include <sys/signalvar.h> |
---|
60 | #include <sys/socket.h> |
---|
61 | #include <sys/vnode.h> |
---|
62 | |
---|
63 | #include <netinet/in.h> |
---|
64 | #include <net/radix.h> |
---|
65 | |
---|
66 | #ifndef __rtems__ |
---|
67 | static MALLOC_DEFINE(M_NETADDR, "export_host", "Export host address structure"); |
---|
68 | #else /* __rtems__ */ |
---|
69 | static MALLOC_DEFINE(M_NETADDR_e, "export_host", "Export host address structure"); |
---|
70 | #define M_NETADDR M_NETADDR_e |
---|
71 | #endif /* __rtems__ */ |
---|
72 | |
---|
73 | #if defined(INET) || defined(INET6) |
---|
74 | static struct radix_node_head *vfs_create_addrlist_af( |
---|
75 | struct radix_node_head **prnh, int off); |
---|
76 | #endif |
---|
77 | static void vfs_free_addrlist(struct netexport *nep); |
---|
78 | static int vfs_free_netcred(struct radix_node *rn, void *w); |
---|
79 | static void vfs_free_addrlist_af(struct radix_node_head **prnh); |
---|
80 | static int vfs_hang_addrlist(struct mount *mp, struct netexport *nep, |
---|
81 | struct export_args *argp); |
---|
82 | static struct netcred *vfs_export_lookup(struct mount *, struct sockaddr *); |
---|
83 | |
---|
84 | /* |
---|
85 | * Network address lookup element |
---|
86 | */ |
---|
87 | struct netcred { |
---|
88 | struct radix_node netc_rnodes[2]; |
---|
89 | int netc_exflags; |
---|
90 | struct ucred *netc_anon; |
---|
91 | int netc_numsecflavors; |
---|
92 | int netc_secflavors[MAXSECFLAVORS]; |
---|
93 | }; |
---|
94 | |
---|
95 | /* |
---|
96 | * Network export information |
---|
97 | */ |
---|
98 | struct netexport { |
---|
99 | struct netcred ne_defexported; /* Default export */ |
---|
100 | struct radix_node_head *ne4; |
---|
101 | struct radix_node_head *ne6; |
---|
102 | }; |
---|
103 | |
---|
104 | /* |
---|
105 | * Build hash lists of net addresses and hang them off the mount point. |
---|
106 | * Called by vfs_export() to set up the lists of export addresses. |
---|
107 | */ |
---|
108 | static int |
---|
109 | vfs_hang_addrlist(struct mount *mp, struct netexport *nep, |
---|
110 | struct export_args *argp) |
---|
111 | { |
---|
112 | struct netcred *np; |
---|
113 | struct radix_node_head *rnh; |
---|
114 | int i; |
---|
115 | struct radix_node *rn; |
---|
116 | struct sockaddr *saddr, *smask = NULL; |
---|
117 | #if defined(INET6) || defined(INET) |
---|
118 | int off; |
---|
119 | #endif |
---|
120 | int error; |
---|
121 | |
---|
122 | /* |
---|
123 | * XXX: This routine converts from a `struct xucred' |
---|
124 | * (argp->ex_anon) to a `struct ucred' (np->netc_anon). This |
---|
125 | * operation is questionable; for example, what should be done |
---|
126 | * with fields like cr_uidinfo and cr_prison? Currently, this |
---|
127 | * routine does not touch them (leaves them as NULL). |
---|
128 | */ |
---|
129 | #ifndef __rtems__ |
---|
130 | if (argp->ex_anon.cr_version != XUCRED_VERSION) { |
---|
131 | vfs_mount_error(mp, "ex_anon.cr_version: %d != %d", |
---|
132 | argp->ex_anon.cr_version, XUCRED_VERSION); |
---|
133 | return (EINVAL); |
---|
134 | } |
---|
135 | #endif /* __rtems__ */ |
---|
136 | |
---|
137 | if (argp->ex_addrlen == 0) { |
---|
138 | if (mp->mnt_flag & MNT_DEFEXPORTED) { |
---|
139 | vfs_mount_error(mp, |
---|
140 | "MNT_DEFEXPORTED already set for mount %p", mp); |
---|
141 | return (EPERM); |
---|
142 | } |
---|
143 | np = &nep->ne_defexported; |
---|
144 | np->netc_exflags = argp->ex_flags; |
---|
145 | np->netc_anon = crget(); |
---|
146 | #ifndef __rtems__ |
---|
147 | np->netc_anon->cr_uid = argp->ex_anon.cr_uid; |
---|
148 | crsetgroups(np->netc_anon, argp->ex_anon.cr_ngroups, |
---|
149 | argp->ex_anon.cr_groups); |
---|
150 | np->netc_anon->cr_prison = &prison0; |
---|
151 | prison_hold(np->netc_anon->cr_prison); |
---|
152 | #endif /* __rtems__ */ |
---|
153 | np->netc_numsecflavors = argp->ex_numsecflavors; |
---|
154 | bcopy(argp->ex_secflavors, np->netc_secflavors, |
---|
155 | sizeof(np->netc_secflavors)); |
---|
156 | MNT_ILOCK(mp); |
---|
157 | mp->mnt_flag |= MNT_DEFEXPORTED; |
---|
158 | MNT_IUNLOCK(mp); |
---|
159 | return (0); |
---|
160 | } |
---|
161 | |
---|
162 | #if MSIZE <= 256 |
---|
163 | if (argp->ex_addrlen > MLEN) { |
---|
164 | vfs_mount_error(mp, "ex_addrlen %d is greater than %d", |
---|
165 | argp->ex_addrlen, MLEN); |
---|
166 | return (EINVAL); |
---|
167 | } |
---|
168 | #endif |
---|
169 | |
---|
170 | i = sizeof(struct netcred) + argp->ex_addrlen + argp->ex_masklen; |
---|
171 | np = (struct netcred *) malloc(i, M_NETADDR, M_WAITOK | M_ZERO); |
---|
172 | saddr = (struct sockaddr *) (np + 1); |
---|
173 | if ((error = copyin(argp->ex_addr, saddr, argp->ex_addrlen))) |
---|
174 | goto out; |
---|
175 | if (saddr->sa_family == AF_UNSPEC || saddr->sa_family > AF_MAX) { |
---|
176 | error = EINVAL; |
---|
177 | vfs_mount_error(mp, "Invalid saddr->sa_family: %d"); |
---|
178 | goto out; |
---|
179 | } |
---|
180 | if (saddr->sa_len > argp->ex_addrlen) |
---|
181 | saddr->sa_len = argp->ex_addrlen; |
---|
182 | if (argp->ex_masklen) { |
---|
183 | smask = (struct sockaddr *)((caddr_t)saddr + argp->ex_addrlen); |
---|
184 | error = copyin(argp->ex_mask, smask, argp->ex_masklen); |
---|
185 | if (error) |
---|
186 | goto out; |
---|
187 | if (smask->sa_len > argp->ex_masklen) |
---|
188 | smask->sa_len = argp->ex_masklen; |
---|
189 | } |
---|
190 | rnh = NULL; |
---|
191 | switch (saddr->sa_family) { |
---|
192 | #ifdef INET |
---|
193 | case AF_INET: |
---|
194 | if ((rnh = nep->ne4) == NULL) { |
---|
195 | off = offsetof(struct sockaddr_in, sin_addr) << 3; |
---|
196 | rnh = vfs_create_addrlist_af(&nep->ne4, off); |
---|
197 | } |
---|
198 | break; |
---|
199 | #endif |
---|
200 | #ifdef INET6 |
---|
201 | case AF_INET6: |
---|
202 | if ((rnh = nep->ne6) == NULL) { |
---|
203 | off = offsetof(struct sockaddr_in6, sin6_addr) << 3; |
---|
204 | rnh = vfs_create_addrlist_af(&nep->ne6, off); |
---|
205 | } |
---|
206 | break; |
---|
207 | #endif |
---|
208 | } |
---|
209 | if (rnh == NULL) { |
---|
210 | error = ENOBUFS; |
---|
211 | vfs_mount_error(mp, "%s %s %d", |
---|
212 | "Unable to initialize radix node head ", |
---|
213 | "for address family", saddr->sa_family); |
---|
214 | goto out; |
---|
215 | } |
---|
216 | RADIX_NODE_HEAD_LOCK(rnh); |
---|
217 | rn = (*rnh->rnh_addaddr)(saddr, smask, &rnh->rh, np->netc_rnodes); |
---|
218 | RADIX_NODE_HEAD_UNLOCK(rnh); |
---|
219 | if (rn == NULL || np != (struct netcred *)rn) { /* already exists */ |
---|
220 | error = EPERM; |
---|
221 | vfs_mount_error(mp, |
---|
222 | "netcred already exists for given addr/mask"); |
---|
223 | goto out; |
---|
224 | } |
---|
225 | np->netc_exflags = argp->ex_flags; |
---|
226 | np->netc_anon = crget(); |
---|
227 | #ifndef __rtems__ |
---|
228 | np->netc_anon->cr_uid = argp->ex_anon.cr_uid; |
---|
229 | crsetgroups(np->netc_anon, argp->ex_anon.cr_ngroups, |
---|
230 | argp->ex_anon.cr_groups); |
---|
231 | np->netc_anon->cr_prison = &prison0; |
---|
232 | prison_hold(np->netc_anon->cr_prison); |
---|
233 | #endif /* __rtems__ */ |
---|
234 | np->netc_numsecflavors = argp->ex_numsecflavors; |
---|
235 | bcopy(argp->ex_secflavors, np->netc_secflavors, |
---|
236 | sizeof(np->netc_secflavors)); |
---|
237 | return (0); |
---|
238 | out: |
---|
239 | free(np, M_NETADDR); |
---|
240 | return (error); |
---|
241 | } |
---|
242 | |
---|
243 | /* Helper for vfs_free_addrlist. */ |
---|
244 | /* ARGSUSED */ |
---|
245 | static int |
---|
246 | vfs_free_netcred(struct radix_node *rn, void *w) |
---|
247 | { |
---|
248 | struct radix_node_head *rnh = (struct radix_node_head *) w; |
---|
249 | struct ucred *cred; |
---|
250 | |
---|
251 | (*rnh->rnh_deladdr) (rn->rn_key, rn->rn_mask, &rnh->rh); |
---|
252 | cred = ((struct netcred *)rn)->netc_anon; |
---|
253 | if (cred != NULL) |
---|
254 | crfree(cred); |
---|
255 | free(rn, M_NETADDR); |
---|
256 | return (0); |
---|
257 | } |
---|
258 | |
---|
259 | #if defined(INET) || defined(INET6) |
---|
260 | static struct radix_node_head * |
---|
261 | vfs_create_addrlist_af(struct radix_node_head **prnh, int off) |
---|
262 | { |
---|
263 | |
---|
264 | if (rn_inithead((void **)prnh, off) == 0) |
---|
265 | return (NULL); |
---|
266 | RADIX_NODE_HEAD_LOCK_INIT(*prnh); |
---|
267 | return (*prnh); |
---|
268 | } |
---|
269 | #endif |
---|
270 | |
---|
271 | static void |
---|
272 | vfs_free_addrlist_af(struct radix_node_head **prnh) |
---|
273 | { |
---|
274 | struct radix_node_head *rnh; |
---|
275 | |
---|
276 | rnh = *prnh; |
---|
277 | RADIX_NODE_HEAD_LOCK(rnh); |
---|
278 | (*rnh->rnh_walktree)(&rnh->rh, vfs_free_netcred, rnh); |
---|
279 | RADIX_NODE_HEAD_UNLOCK(rnh); |
---|
280 | RADIX_NODE_HEAD_DESTROY(rnh); |
---|
281 | rn_detachhead((void **)prnh); |
---|
282 | prnh = NULL; |
---|
283 | } |
---|
284 | |
---|
285 | /* |
---|
286 | * Free the net address hash lists that are hanging off the mount points. |
---|
287 | */ |
---|
288 | static void |
---|
289 | vfs_free_addrlist(struct netexport *nep) |
---|
290 | { |
---|
291 | struct ucred *cred; |
---|
292 | |
---|
293 | if (nep->ne4 != NULL) |
---|
294 | vfs_free_addrlist_af(&nep->ne4); |
---|
295 | if (nep->ne6 != NULL) |
---|
296 | vfs_free_addrlist_af(&nep->ne6); |
---|
297 | |
---|
298 | cred = nep->ne_defexported.netc_anon; |
---|
299 | if (cred != NULL) |
---|
300 | crfree(cred); |
---|
301 | |
---|
302 | } |
---|
303 | |
---|
304 | /* |
---|
305 | * High level function to manipulate export options on a mount point |
---|
306 | * and the passed in netexport. |
---|
307 | * Struct export_args *argp is the variable used to twiddle options, |
---|
308 | * the structure is described in sys/mount.h |
---|
309 | */ |
---|
310 | int |
---|
311 | vfs_export(struct mount *mp, struct export_args *argp) |
---|
312 | { |
---|
313 | struct netexport *nep; |
---|
314 | int error; |
---|
315 | |
---|
316 | if (argp->ex_numsecflavors < 0 |
---|
317 | || argp->ex_numsecflavors >= MAXSECFLAVORS) |
---|
318 | return (EINVAL); |
---|
319 | |
---|
320 | error = 0; |
---|
321 | lockmgr(&mp->mnt_explock, LK_EXCLUSIVE, NULL); |
---|
322 | nep = mp->mnt_export; |
---|
323 | if (argp->ex_flags & MNT_DELEXPORT) { |
---|
324 | if (nep == NULL) { |
---|
325 | error = ENOENT; |
---|
326 | goto out; |
---|
327 | } |
---|
328 | if (mp->mnt_flag & MNT_EXPUBLIC) { |
---|
329 | vfs_setpublicfs(NULL, NULL, NULL); |
---|
330 | MNT_ILOCK(mp); |
---|
331 | mp->mnt_flag &= ~MNT_EXPUBLIC; |
---|
332 | MNT_IUNLOCK(mp); |
---|
333 | } |
---|
334 | vfs_free_addrlist(nep); |
---|
335 | mp->mnt_export = NULL; |
---|
336 | free(nep, M_MOUNT); |
---|
337 | nep = NULL; |
---|
338 | MNT_ILOCK(mp); |
---|
339 | mp->mnt_flag &= ~(MNT_EXPORTED | MNT_DEFEXPORTED); |
---|
340 | MNT_IUNLOCK(mp); |
---|
341 | } |
---|
342 | if (argp->ex_flags & MNT_EXPORTED) { |
---|
343 | if (nep == NULL) { |
---|
344 | nep = malloc(sizeof(struct netexport), M_MOUNT, M_WAITOK | M_ZERO); |
---|
345 | mp->mnt_export = nep; |
---|
346 | } |
---|
347 | if (argp->ex_flags & MNT_EXPUBLIC) { |
---|
348 | if ((error = vfs_setpublicfs(mp, nep, argp)) != 0) |
---|
349 | goto out; |
---|
350 | MNT_ILOCK(mp); |
---|
351 | mp->mnt_flag |= MNT_EXPUBLIC; |
---|
352 | MNT_IUNLOCK(mp); |
---|
353 | } |
---|
354 | if ((error = vfs_hang_addrlist(mp, nep, argp))) |
---|
355 | goto out; |
---|
356 | MNT_ILOCK(mp); |
---|
357 | mp->mnt_flag |= MNT_EXPORTED; |
---|
358 | MNT_IUNLOCK(mp); |
---|
359 | } |
---|
360 | |
---|
361 | out: |
---|
362 | lockmgr(&mp->mnt_explock, LK_RELEASE, NULL); |
---|
363 | /* |
---|
364 | * Once we have executed the vfs_export() command, we do |
---|
365 | * not want to keep the "export" option around in the |
---|
366 | * options list, since that will cause subsequent MNT_UPDATE |
---|
367 | * calls to fail. The export information is saved in |
---|
368 | * mp->mnt_export, so we can safely delete the "export" mount option |
---|
369 | * here. |
---|
370 | */ |
---|
371 | vfs_deleteopt(mp->mnt_optnew, "export"); |
---|
372 | vfs_deleteopt(mp->mnt_opt, "export"); |
---|
373 | return (error); |
---|
374 | } |
---|
375 | |
---|
376 | /* |
---|
377 | * Set the publicly exported filesystem (WebNFS). Currently, only |
---|
378 | * one public filesystem is possible in the spec (RFC 2054 and 2055) |
---|
379 | */ |
---|
380 | int |
---|
381 | vfs_setpublicfs(struct mount *mp, struct netexport *nep, |
---|
382 | struct export_args *argp) |
---|
383 | { |
---|
384 | int error; |
---|
385 | struct vnode *rvp; |
---|
386 | char *cp; |
---|
387 | |
---|
388 | /* |
---|
389 | * mp == NULL -> invalidate the current info, the FS is |
---|
390 | * no longer exported. May be called from either vfs_export |
---|
391 | * or unmount, so check if it hasn't already been done. |
---|
392 | */ |
---|
393 | if (mp == NULL) { |
---|
394 | if (nfs_pub.np_valid) { |
---|
395 | nfs_pub.np_valid = 0; |
---|
396 | if (nfs_pub.np_index != NULL) { |
---|
397 | free(nfs_pub.np_index, M_TEMP); |
---|
398 | nfs_pub.np_index = NULL; |
---|
399 | } |
---|
400 | } |
---|
401 | return (0); |
---|
402 | } |
---|
403 | |
---|
404 | /* |
---|
405 | * Only one allowed at a time. |
---|
406 | */ |
---|
407 | if (nfs_pub.np_valid != 0 && mp != nfs_pub.np_mount) |
---|
408 | return (EBUSY); |
---|
409 | |
---|
410 | /* |
---|
411 | * Get real filehandle for root of exported FS. |
---|
412 | */ |
---|
413 | bzero(&nfs_pub.np_handle, sizeof(nfs_pub.np_handle)); |
---|
414 | nfs_pub.np_handle.fh_fsid = mp->mnt_stat.f_fsid; |
---|
415 | |
---|
416 | if ((error = VFS_ROOT(mp, LK_EXCLUSIVE, &rvp))) |
---|
417 | return (error); |
---|
418 | |
---|
419 | if ((error = VOP_VPTOFH(rvp, &nfs_pub.np_handle.fh_fid))) |
---|
420 | return (error); |
---|
421 | |
---|
422 | vput(rvp); |
---|
423 | |
---|
424 | /* |
---|
425 | * If an indexfile was specified, pull it in. |
---|
426 | */ |
---|
427 | if (argp->ex_indexfile != NULL) { |
---|
428 | if (nfs_pub.np_index == NULL) |
---|
429 | nfs_pub.np_index = malloc(MAXNAMLEN + 1, M_TEMP, |
---|
430 | M_WAITOK); |
---|
431 | error = copyinstr(argp->ex_indexfile, nfs_pub.np_index, |
---|
432 | MAXNAMLEN, (size_t *)0); |
---|
433 | if (!error) { |
---|
434 | /* |
---|
435 | * Check for illegal filenames. |
---|
436 | */ |
---|
437 | for (cp = nfs_pub.np_index; *cp; cp++) { |
---|
438 | if (*cp == '/') { |
---|
439 | error = EINVAL; |
---|
440 | break; |
---|
441 | } |
---|
442 | } |
---|
443 | } |
---|
444 | if (error) { |
---|
445 | free(nfs_pub.np_index, M_TEMP); |
---|
446 | nfs_pub.np_index = NULL; |
---|
447 | return (error); |
---|
448 | } |
---|
449 | } |
---|
450 | |
---|
451 | nfs_pub.np_mount = mp; |
---|
452 | nfs_pub.np_valid = 1; |
---|
453 | return (0); |
---|
454 | } |
---|
455 | |
---|
456 | /* |
---|
457 | * Used by the filesystems to determine if a given network address |
---|
458 | * (passed in 'nam') is present in their exports list, returns a pointer |
---|
459 | * to struct netcred so that the filesystem can examine it for |
---|
460 | * access rights (read/write/etc). |
---|
461 | */ |
---|
462 | static struct netcred * |
---|
463 | vfs_export_lookup(struct mount *mp, struct sockaddr *nam) |
---|
464 | { |
---|
465 | RADIX_NODE_HEAD_RLOCK_TRACKER; |
---|
466 | struct netexport *nep; |
---|
467 | struct netcred *np = NULL; |
---|
468 | struct radix_node_head *rnh; |
---|
469 | struct sockaddr *saddr; |
---|
470 | |
---|
471 | nep = mp->mnt_export; |
---|
472 | if (nep == NULL) |
---|
473 | return (NULL); |
---|
474 | if ((mp->mnt_flag & MNT_EXPORTED) == 0) |
---|
475 | return (NULL); |
---|
476 | |
---|
477 | /* |
---|
478 | * Lookup in the export list |
---|
479 | */ |
---|
480 | if (nam != NULL) { |
---|
481 | saddr = nam; |
---|
482 | rnh = NULL; |
---|
483 | switch (saddr->sa_family) { |
---|
484 | case AF_INET: |
---|
485 | rnh = nep->ne4; |
---|
486 | break; |
---|
487 | case AF_INET6: |
---|
488 | rnh = nep->ne6; |
---|
489 | break; |
---|
490 | } |
---|
491 | if (rnh != NULL) { |
---|
492 | RADIX_NODE_HEAD_RLOCK(rnh); |
---|
493 | np = (struct netcred *) (*rnh->rnh_matchaddr)(saddr, &rnh->rh); |
---|
494 | RADIX_NODE_HEAD_RUNLOCK(rnh); |
---|
495 | if (np != NULL && (np->netc_rnodes->rn_flags & RNF_ROOT) != 0) |
---|
496 | return (NULL); |
---|
497 | } |
---|
498 | } |
---|
499 | |
---|
500 | /* |
---|
501 | * If no address match, use the default if it exists. |
---|
502 | */ |
---|
503 | if (np == NULL && (mp->mnt_flag & MNT_DEFEXPORTED) != 0) |
---|
504 | return (&nep->ne_defexported); |
---|
505 | |
---|
506 | return (np); |
---|
507 | } |
---|
508 | |
---|
509 | /* |
---|
510 | * XXX: This comment comes from the deprecated ufs_check_export() |
---|
511 | * XXX: and may not entirely apply, but lacking something better: |
---|
512 | * This is the generic part of fhtovp called after the underlying |
---|
513 | * filesystem has validated the file handle. |
---|
514 | * |
---|
515 | * Verify that a host should have access to a filesystem. |
---|
516 | */ |
---|
517 | |
---|
518 | int |
---|
519 | vfs_stdcheckexp(struct mount *mp, struct sockaddr *nam, int *extflagsp, |
---|
520 | struct ucred **credanonp, int *numsecflavors, int **secflavors) |
---|
521 | { |
---|
522 | struct netcred *np; |
---|
523 | |
---|
524 | lockmgr(&mp->mnt_explock, LK_SHARED, NULL); |
---|
525 | np = vfs_export_lookup(mp, nam); |
---|
526 | if (np == NULL) { |
---|
527 | lockmgr(&mp->mnt_explock, LK_RELEASE, NULL); |
---|
528 | *credanonp = NULL; |
---|
529 | return (EACCES); |
---|
530 | } |
---|
531 | *extflagsp = np->netc_exflags; |
---|
532 | if ((*credanonp = np->netc_anon) != NULL) |
---|
533 | crhold(*credanonp); |
---|
534 | if (numsecflavors) |
---|
535 | *numsecflavors = np->netc_numsecflavors; |
---|
536 | if (secflavors) |
---|
537 | *secflavors = np->netc_secflavors; |
---|
538 | lockmgr(&mp->mnt_explock, LK_RELEASE, NULL); |
---|
539 | return (0); |
---|
540 | } |
---|
541 | |
---|