/* * Finalization routine for nfsauth. It is important to call this routine * before destroying the exported_lock. */ void nfsauth_fini(void) { refreshq_exi_node_t *ren; /* * Prevent the nfsauth_refresh_thread from getting new * work. */ mutex_enter(&refreshq_lock); if (refreshq_thread_state != REFRESHQ_THREAD_HALTED) { refreshq_thread_state = REFRESHQ_THREAD_FINI_REQ; cv_broadcast(&refreshq_cv); /* * Also, wait for nfsauth_refresh_thread() to exit. */ while (refreshq_thread_state != REFRESHQ_THREAD_HALTED) { cv_wait(&refreshq_cv, &refreshq_lock); } } mutex_exit(&refreshq_lock); /* * Walk the exi_list and in turn, walk the auth_lists and free all * lists. In addition, free INVALID auth_cache entries. */ while ((ren = list_remove_head(&refreshq_queue))) { refreshq_auth_node_t *ran; while ((ran = list_remove_head(&ren->ren_authlist)) != NULL) { struct auth_cache *p = ran->ran_auth; if (p->auth_state == NFS_AUTH_INVALID) nfsauth_free_node(p); strfree(ran->ran_netid); kmem_free(ran, sizeof (refreshq_auth_node_t)); } list_destroy(&ren->ren_authlist); exi_rele(ren->ren_exi); kmem_free(ren, sizeof (refreshq_exi_node_t)); } list_destroy(&refreshq_queue); cv_destroy(&refreshq_cv); mutex_destroy(&refreshq_lock); mutex_destroy(&mountd_lock); /* * Deallocate nfsauth cache handle */ kmem_cache_destroy(exi_cache_handle); }
/* * Walk up the tree and: * 1. release pseudo exportinfo if it has no child * 2. release visible in parent's exportinfo * 3. delete non-exported leaf nodes from tree * * Deleting of nodes will start only if the unshared * node was a leaf node. * Deleting of nodes will finish when we reach a node which * has children or is a real export, then we might still need * to continue releasing visibles, until we reach VROOT node. */ void treeclimb_unexport(struct exportinfo *exip) { treenode_t *tnode, *old_nd; treenode_t *connect_point = NULL; ASSERT(RW_WRITE_HELD(&exported_lock)); tnode = exip->exi_tree; /* * The unshared exportinfo was unlinked in unexport(). * Zeroing tree_exi ensures that we will skip it. */ tnode->tree_exi = NULL; if (tnode->tree_vis != NULL) /* system root has tree_vis == NULL */ tnode->tree_vis->vis_exported = 0; while (tnode != NULL) { /* Stop at VROOT node which is exported or has child */ if (TREE_ROOT(tnode) && (TREE_EXPORTED(tnode) || tnode->tree_child_first != NULL)) break; /* Release pseudo export if it has no child */ if (TREE_ROOT(tnode) && !TREE_EXPORTED(tnode) && tnode->tree_child_first == NULL) { export_unlink(tnode->tree_exi); exi_rele(tnode->tree_exi); } /* Release visible in parent's exportinfo */ if (tnode->tree_vis != NULL) less_visible(vis2exi(tnode), tnode->tree_vis); /* Continue with parent */ old_nd = tnode; tnode = tnode->tree_parent; /* Remove itself, if this is a leaf and non-exported node */ if (old_nd->tree_child_first == NULL && !TREE_EXPORTED(old_nd)) { tree_remove_node(old_nd); connect_point = tnode; } } /* Update the change timestamp */ if (connect_point != NULL) tree_update_change(connect_point, NULL); }
/* * This function checks the path to a new export to * check whether all the pathname components are * exported. It works by climbing the file tree one * component at a time via "..", crossing mountpoints * if necessary until an export entry is found, or the * system root is reached. * * If an unexported mountpoint is found, then * a new pseudo export is added and the pathname from * the mountpoint down to the export is added to the * visible list for the new pseudo export. If an existing * pseudo export is found, then the pathname is added * to its visible list. * * Note that there's some tests for exportdir. * The exportinfo entry that's passed as a parameter * is that of the real export and exportdir is set * for this case. * * Here is an example of a possible setup: * * () - a new fs; fs mount point * EXPORT - a real exported node * PSEUDO - a pseudo node * vis - visible list * f# - security flavor# * (f#) - security flavor# propagated from its descendents * "" - covered vnode * * * / * | * (a) PSEUDO (f1,f2) * | vis: b,b,"c","n" * | * b * ---------|------------------ * | | * (c) EXPORT,f1(f2) (n) PSEUDO (f1,f2) * | vis: "e","d" | vis: m,m,,p,q,"o" * | | * ------------------ ------------------- * | | | | | * (d) (e) f m EXPORT,f1(f2) p * EXPORT EXPORT | | * f1 f2 | | * | | | * j (o) EXPORT,f2 q EXPORT f2 * */ int treeclimb_export(struct exportinfo *exip) { vnode_t *dvp, *vp; fid_t fid; int error; int exportdir; struct exportinfo *exi = NULL; struct exportinfo *new_exi = exip; struct exp_visible *visp; struct exp_visible *vis_head = NULL; struct vattr va; treenode_t *tree_head = NULL; ASSERT(RW_WRITE_HELD(&exported_lock)); vp = exip->exi_vp; VN_HOLD(vp); exportdir = 1; for (;;) { bzero(&fid, sizeof (fid)); fid.fid_len = MAXFIDSZ; error = vop_fid_pseudo(vp, &fid); if (error) break; if (! exportdir) { /* * Check if this exportroot is a VROOT dir. If so, * then attach the pseudonodes. If not, then * continue .. traversal until we hit a VROOT * export (pseudo or real). */ exi = checkexport4(&vp->v_vfsp->vfs_fsid, &fid, vp); if (exi != NULL && vp->v_flag & VROOT) { /* * Found an export info * * Extend the list of visible * directories whether it's a pseudo * or a real export. */ more_visible(exi, tree_head); break; /* and climb no further */ } } /* * If at the root of the filesystem, need * to traverse across the mountpoint * and continue the climb on the mounted-on * filesystem. */ if (vp->v_flag & VROOT) { if (! exportdir) { /* * Found the root directory of a filesystem * that isn't exported. Need to export * this as a pseudo export so that an NFS v4 * client can do lookups in it. */ new_exi = pseudo_exportfs(vp, &fid, vis_head, NULL); vis_head = NULL; } if (VN_CMP(vp, rootdir)) { /* at system root */ /* * If sharing "/", new_exi is shared exportinfo * (exip). Otherwise, new_exi is exportinfo * created in pseudo_exportfs() above. */ ns_root = tree_prepend_node(tree_head, 0, new_exi); break; } vp = untraverse(vp); exportdir = 0; continue; } /* * Do a getattr to obtain the nodeid (inode num) * for this vnode. */ va.va_mask = AT_NODEID; error = VOP_GETATTR(vp, &va, 0, CRED(), NULL); if (error) break; /* * Add this directory fid to visible list */ visp = kmem_alloc(sizeof (*visp), KM_SLEEP); VN_HOLD(vp); visp->vis_vp = vp; visp->vis_fid = fid; /* structure copy */ visp->vis_ino = va.va_nodeid; visp->vis_count = 1; visp->vis_exported = exportdir; visp->vis_secinfo = NULL; visp->vis_seccnt = 0; visp->vis_next = vis_head; vis_head = visp; /* * Will set treenode's pointer to exportinfo to * 1. shared exportinfo (exip) - if first visit here * 2. freshly allocated pseudo export (if any) * 3. null otherwise */ tree_head = tree_prepend_node(tree_head, visp, new_exi); new_exi = NULL; /* * Now, do a ".." to find parent dir of vp. */ error = VOP_LOOKUP(vp, "..", &dvp, NULL, 0, NULL, CRED(), NULL, NULL, NULL); if (error == ENOTDIR && exportdir) { dvp = exip->exi_dvp; ASSERT(dvp != NULL); VN_HOLD(dvp); error = 0; } if (error) break; exportdir = 0; VN_RELE(vp); vp = dvp; } VN_RELE(vp); /* * We can have set error due to error in: * 1. vop_fid_pseudo() * 2. VOP_GETATTR() * 3. VOP_LOOKUP() * We must free pseudo exportinfos, visibles and treenodes. * Visibles are referenced from treenode_t::tree_vis and * exportinfo_t::exi_visible. To avoid double freeing, only * exi_visible pointer is used, via exi_rele(), for the clean-up. */ if (error) { /* Free unconnected visibles, if there are any. */ if (vis_head) free_visible(vis_head); /* Connect unconnected exportinfo, if there is any. */ if (new_exi && new_exi != exip) tree_head = tree_prepend_node(tree_head, 0, new_exi); while (tree_head) { treenode_t *t2 = tree_head; exportinfo_t *e = tree_head->tree_exi; /* exip will be freed in exportfs() */ if (e && e != exip) { exp_kstats_delete(e->exi_kstats); avl_remove(&exi_id_tree, e); export_unlink(e); exi_rele(e); } tree_head = tree_head->tree_child_first; kmem_free(t2, sizeof (*t2)); } } return (error); }