3d8986c758
With the v4root option now enforced everywhere it should be, it is safe to advertise support for it to mountd. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
163 lines
4.5 KiB
C
163 lines
4.5 KiB
C
/*
|
|
* include/linux/nfsd/export.h
|
|
*
|
|
* Public declarations for NFS exports. The definitions for the
|
|
* syscall interface are in nfsctl.h
|
|
*
|
|
* Copyright (C) 1995-1997 Olaf Kirch <okir@monad.swb.de>
|
|
*/
|
|
|
|
#ifndef NFSD_EXPORT_H
|
|
#define NFSD_EXPORT_H
|
|
|
|
# include <linux/types.h>
|
|
#ifdef __KERNEL__
|
|
# include <linux/nfsd/nfsfh.h>
|
|
#endif
|
|
|
|
/*
|
|
* Important limits for the exports stuff.
|
|
*/
|
|
#define NFSCLNT_IDMAX 1024
|
|
#define NFSCLNT_ADDRMAX 16
|
|
#define NFSCLNT_KEYMAX 32
|
|
|
|
/*
|
|
* Export flags.
|
|
*/
|
|
#define NFSEXP_READONLY 0x0001
|
|
#define NFSEXP_INSECURE_PORT 0x0002
|
|
#define NFSEXP_ROOTSQUASH 0x0004
|
|
#define NFSEXP_ALLSQUASH 0x0008
|
|
#define NFSEXP_ASYNC 0x0010
|
|
#define NFSEXP_GATHERED_WRITES 0x0020
|
|
/* 40 80 100 currently unused */
|
|
#define NFSEXP_NOHIDE 0x0200
|
|
#define NFSEXP_NOSUBTREECHECK 0x0400
|
|
#define NFSEXP_NOAUTHNLM 0x0800 /* Don't authenticate NLM requests - just trust */
|
|
#define NFSEXP_MSNFS 0x1000 /* do silly things that MS clients expect */
|
|
#define NFSEXP_FSID 0x2000
|
|
#define NFSEXP_CROSSMOUNT 0x4000
|
|
#define NFSEXP_NOACL 0x8000 /* reserved for possible ACL related use */
|
|
/*
|
|
* The NFSEXP_V4ROOT flag causes the kernel to give access only to NFSv4
|
|
* clients, and only to the single directory that is the root of the
|
|
* export; further lookup and readdir operations are treated as if every
|
|
* subdirectory was a mountpoint, and ignored if they are not themselves
|
|
* exported. This is used by nfsd and mountd to construct the NFSv4
|
|
* pseudofilesystem, which provides access only to paths leading to each
|
|
* exported filesystem.
|
|
*/
|
|
#define NFSEXP_V4ROOT 0x10000
|
|
/* All flags that we claim to support. (Note we don't support NOACL.) */
|
|
#define NFSEXP_ALLFLAGS 0x17E3F
|
|
|
|
/* The flags that may vary depending on security flavor: */
|
|
#define NFSEXP_SECINFO_FLAGS (NFSEXP_READONLY | NFSEXP_ROOTSQUASH \
|
|
| NFSEXP_ALLSQUASH \
|
|
| NFSEXP_INSECURE_PORT)
|
|
|
|
#ifdef __KERNEL__
|
|
|
|
/*
|
|
* FS Locations
|
|
*/
|
|
|
|
#define MAX_FS_LOCATIONS 128
|
|
|
|
struct nfsd4_fs_location {
|
|
char *hosts; /* colon separated list of hosts */
|
|
char *path; /* slash separated list of path components */
|
|
};
|
|
|
|
struct nfsd4_fs_locations {
|
|
uint32_t locations_count;
|
|
struct nfsd4_fs_location *locations;
|
|
/* If we're not actually serving this data ourselves (only providing a
|
|
* list of replicas that do serve it) then we set "migrated": */
|
|
int migrated;
|
|
};
|
|
|
|
/*
|
|
* We keep an array of pseudoflavors with the export, in order from most
|
|
* to least preferred. For the forseeable future, we don't expect more
|
|
* than the eight pseudoflavors null, unix, krb5, krb5i, krb5p, skpm3,
|
|
* spkm3i, and spkm3p (and using all 8 at once should be rare).
|
|
*/
|
|
#define MAX_SECINFO_LIST 8
|
|
|
|
struct exp_flavor_info {
|
|
u32 pseudoflavor;
|
|
u32 flags;
|
|
};
|
|
|
|
struct svc_export {
|
|
struct cache_head h;
|
|
struct auth_domain * ex_client;
|
|
int ex_flags;
|
|
struct path ex_path;
|
|
char *ex_pathname;
|
|
uid_t ex_anon_uid;
|
|
gid_t ex_anon_gid;
|
|
int ex_fsid;
|
|
unsigned char * ex_uuid; /* 16 byte fsid */
|
|
struct nfsd4_fs_locations ex_fslocs;
|
|
int ex_nflavors;
|
|
struct exp_flavor_info ex_flavors[MAX_SECINFO_LIST];
|
|
};
|
|
|
|
/* an "export key" (expkey) maps a filehandlefragement to an
|
|
* svc_export for a given client. There can be several per export,
|
|
* for the different fsid types.
|
|
*/
|
|
struct svc_expkey {
|
|
struct cache_head h;
|
|
|
|
struct auth_domain * ek_client;
|
|
int ek_fsidtype;
|
|
u32 ek_fsid[6];
|
|
|
|
struct path ek_path;
|
|
};
|
|
|
|
#define EX_ISSYNC(exp) (!((exp)->ex_flags & NFSEXP_ASYNC))
|
|
#define EX_NOHIDE(exp) ((exp)->ex_flags & NFSEXP_NOHIDE)
|
|
#define EX_WGATHER(exp) ((exp)->ex_flags & NFSEXP_GATHERED_WRITES)
|
|
|
|
int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp);
|
|
__be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp);
|
|
|
|
/*
|
|
* Function declarations
|
|
*/
|
|
int nfsd_export_init(void);
|
|
void nfsd_export_shutdown(void);
|
|
void nfsd_export_flush(void);
|
|
void exp_readlock(void);
|
|
void exp_readunlock(void);
|
|
struct svc_export * rqst_exp_get_by_name(struct svc_rqst *,
|
|
struct path *);
|
|
struct svc_export * rqst_exp_parent(struct svc_rqst *,
|
|
struct path *);
|
|
int exp_rootfh(struct auth_domain *,
|
|
char *path, struct knfsd_fh *, int maxsize);
|
|
__be32 exp_pseudoroot(struct svc_rqst *, struct svc_fh *);
|
|
__be32 nfserrno(int errno);
|
|
|
|
extern struct cache_detail svc_export_cache;
|
|
|
|
static inline void exp_put(struct svc_export *exp)
|
|
{
|
|
cache_put(&exp->h, &svc_export_cache);
|
|
}
|
|
|
|
static inline void exp_get(struct svc_export *exp)
|
|
{
|
|
cache_get(&exp->h);
|
|
}
|
|
struct svc_export * rqst_exp_find(struct svc_rqst *, int, u32 *);
|
|
|
|
#endif /* __KERNEL__ */
|
|
|
|
#endif /* NFSD_EXPORT_H */
|
|
|