ocfs2: Add missing permission checks
[linux-2.6] / fs / nfs / nfs4namespace.c
1 /*
2  * linux/fs/nfs/nfs4namespace.c
3  *
4  * Copyright (C) 2005 Trond Myklebust <Trond.Myklebust@netapp.com>
5  * - Modified by David Howells <dhowells@redhat.com>
6  *
7  * NFSv4 namespace
8  */
9
10 #include <linux/dcache.h>
11 #include <linux/mount.h>
12 #include <linux/namei.h>
13 #include <linux/nfs_fs.h>
14 #include <linux/string.h>
15 #include <linux/sunrpc/clnt.h>
16 #include <linux/vfs.h>
17 #include <linux/inet.h>
18 #include "internal.h"
19 #include "nfs4_fs.h"
20
21 #define NFSDBG_FACILITY         NFSDBG_VFS
22
23 /*
24  * Check if fs_root is valid
25  */
26 static inline char *nfs4_pathname_string(const struct nfs4_pathname *pathname,
27                                          char *buffer, ssize_t buflen)
28 {
29         char *end = buffer + buflen;
30         int n;
31
32         *--end = '\0';
33         buflen--;
34
35         n = pathname->ncomponents;
36         while (--n >= 0) {
37                 const struct nfs4_string *component = &pathname->components[n];
38                 buflen -= component->len + 1;
39                 if (buflen < 0)
40                         goto Elong;
41                 end -= component->len;
42                 memcpy(end, component->data, component->len);
43                 *--end = '/';
44         }
45         return end;
46 Elong:
47         return ERR_PTR(-ENAMETOOLONG);
48 }
49
50 /*
51  * Determine the mount path as a string
52  */
53 static char *nfs4_path(const struct vfsmount *mnt_parent,
54                        const struct dentry *dentry,
55                        char *buffer, ssize_t buflen)
56 {
57         const char *srvpath;
58
59         srvpath = strchr(mnt_parent->mnt_devname, ':');
60         if (srvpath)
61                 srvpath++;
62         else
63                 srvpath = mnt_parent->mnt_devname;
64
65         return nfs_path(srvpath, mnt_parent->mnt_root, dentry, buffer, buflen);
66 }
67
68 /*
69  * Check that fs_locations::fs_root [RFC3530 6.3] is a prefix for what we
70  * believe to be the server path to this dentry
71  */
72 static int nfs4_validate_fspath(const struct vfsmount *mnt_parent,
73                                 const struct dentry *dentry,
74                                 const struct nfs4_fs_locations *locations,
75                                 char *page, char *page2)
76 {
77         const char *path, *fs_path;
78
79         path = nfs4_path(mnt_parent, dentry, page, PAGE_SIZE);
80         if (IS_ERR(path))
81                 return PTR_ERR(path);
82
83         fs_path = nfs4_pathname_string(&locations->fs_path, page2, PAGE_SIZE);
84         if (IS_ERR(fs_path))
85                 return PTR_ERR(fs_path);
86
87         if (strncmp(path, fs_path, strlen(fs_path)) != 0) {
88                 dprintk("%s: path %s does not begin with fsroot %s\n",
89                         __FUNCTION__, path, fs_path);
90                 return -ENOENT;
91         }
92
93         return 0;
94 }
95
96 /*
97  * Check if the string represents a "valid" IPv4 address
98  */
99 static inline int valid_ipaddr4(const char *buf)
100 {
101         int rc, count, in[4];
102
103         rc = sscanf(buf, "%d.%d.%d.%d", &in[0], &in[1], &in[2], &in[3]);
104         if (rc != 4)
105                 return -EINVAL;
106         for (count = 0; count < 4; count++) {
107                 if (in[count] > 255)
108                         return -EINVAL;
109         }
110         return 0;
111 }
112
113 /**
114  * nfs_follow_referral - set up mountpoint when hitting a referral on moved error
115  * @mnt_parent - mountpoint of parent directory
116  * @dentry - parent directory
117  * @fspath - fs path returned in fs_locations
118  * @mntpath - mount path to new server
119  * @hostname - hostname of new server
120  * @addr - host addr of new server
121  *
122  */
123 static struct vfsmount *nfs_follow_referral(const struct vfsmount *mnt_parent,
124                                             const struct dentry *dentry,
125                                             const struct nfs4_fs_locations *locations)
126 {
127         struct vfsmount *mnt = ERR_PTR(-ENOENT);
128         struct nfs_clone_mount mountdata = {
129                 .sb = mnt_parent->mnt_sb,
130                 .dentry = dentry,
131                 .authflavor = NFS_SB(mnt_parent->mnt_sb)->client->cl_auth->au_flavor,
132         };
133         char *page = NULL, *page2 = NULL;
134         int loc, s, error;
135
136         if (locations == NULL || locations->nlocations <= 0)
137                 goto out;
138
139         dprintk("%s: referral at %s/%s\n", __FUNCTION__,
140                 dentry->d_parent->d_name.name, dentry->d_name.name);
141
142         page = (char *) __get_free_page(GFP_USER);
143         if (!page)
144                 goto out;
145
146         page2 = (char *) __get_free_page(GFP_USER);
147         if (!page2)
148                 goto out;
149
150         /* Ensure fs path is a prefix of current dentry path */
151         error = nfs4_validate_fspath(mnt_parent, dentry, locations, page, page2);
152         if (error < 0) {
153                 mnt = ERR_PTR(error);
154                 goto out;
155         }
156
157         loc = 0;
158         while (loc < locations->nlocations && IS_ERR(mnt)) {
159                 const struct nfs4_fs_location *location = &locations->locations[loc];
160                 char *mnt_path;
161
162                 if (location == NULL || location->nservers <= 0 ||
163                     location->rootpath.ncomponents == 0) {
164                         loc++;
165                         continue;
166                 }
167
168                 mnt_path = nfs4_pathname_string(&location->rootpath, page2, PAGE_SIZE);
169                 if (IS_ERR(mnt_path)) {
170                         loc++;
171                         continue;
172                 }
173                 mountdata.mnt_path = mnt_path;
174
175                 s = 0;
176                 while (s < location->nservers) {
177                         struct sockaddr_in addr = {};
178
179                         if (location->servers[s].len <= 0 ||
180                             valid_ipaddr4(location->servers[s].data) < 0) {
181                                 s++;
182                                 continue;
183                         }
184
185                         mountdata.hostname = location->servers[s].data;
186                         addr.sin_addr.s_addr = in_aton(mountdata.hostname);
187                         addr.sin_family = AF_INET;
188                         addr.sin_port = htons(NFS_PORT);
189                         mountdata.addr = &addr;
190
191                         snprintf(page, PAGE_SIZE, "%s:%s",
192                                         mountdata.hostname,
193                                         mountdata.mnt_path);
194
195                         mnt = vfs_kern_mount(&nfs4_referral_fs_type, 0, page, &mountdata);
196                         if (!IS_ERR(mnt)) {
197                                 break;
198                         }
199                         s++;
200                 }
201                 loc++;
202         }
203
204 out:
205         free_page((unsigned long) page);
206         free_page((unsigned long) page2);
207         dprintk("%s: done\n", __FUNCTION__);
208         return mnt;
209 }
210
211 /*
212  * nfs_do_refmount - handle crossing a referral on server
213  * @dentry - dentry of referral
214  * @nd - nameidata info
215  *
216  */
217 struct vfsmount *nfs_do_refmount(const struct vfsmount *mnt_parent, struct dentry *dentry)
218 {
219         struct vfsmount *mnt = ERR_PTR(-ENOMEM);
220         struct dentry *parent;
221         struct nfs4_fs_locations *fs_locations = NULL;
222         struct page *page;
223         int err;
224
225         /* BUG_ON(IS_ROOT(dentry)); */
226         dprintk("%s: enter\n", __FUNCTION__);
227
228         page = alloc_page(GFP_KERNEL);
229         if (page == NULL)
230                 goto out;
231
232         fs_locations = kmalloc(sizeof(struct nfs4_fs_locations), GFP_KERNEL);
233         if (fs_locations == NULL)
234                 goto out_free;
235
236         /* Get locations */
237         mnt = ERR_PTR(-ENOENT);
238
239         parent = dget_parent(dentry);
240         dprintk("%s: getting locations for %s/%s\n",
241                 __FUNCTION__, parent->d_name.name, dentry->d_name.name);
242
243         err = nfs4_proc_fs_locations(parent->d_inode, &dentry->d_name, fs_locations, page);
244         dput(parent);
245         if (err != 0 ||
246             fs_locations->nlocations <= 0 ||
247             fs_locations->fs_path.ncomponents <= 0)
248                 goto out_free;
249
250         mnt = nfs_follow_referral(mnt_parent, dentry, fs_locations);
251 out_free:
252         __free_page(page);
253         kfree(fs_locations);
254 out:
255         dprintk("%s: done\n", __FUNCTION__);
256         return mnt;
257 }